diff --git a/samtranslator/schema/schema.json b/samtranslator/schema/schema.json index b14753eca7..fbb92f69be 100644 --- a/samtranslator/schema/schema.json +++ b/samtranslator/schema/schema.json @@ -676,11 +676,21 @@ "markdownDescription": "Configures the default behavior of the CRL Distribution Point extension for certificates issued by your CA. If this field is not provided, then the CRL Distribution Point extension will be present and contain the default CRL URL.", "title": "CrlDistributionPointExtensionConfiguration" }, + "CrlType": { + "markdownDescription": "Specifies the type of CRL. This setting determines the maximum number of certificates that the certificate authority can issue and revoke. For more information, see [AWS Private CA quotas](https://docs.aws.amazon.com/general/latest/gr/pca.html#limits_pca) .\n\n- `COMPLETE` - The default setting. AWS Private CA maintains a single CRL file for all unexpired certificates issued by a CA that have been revoked for any reason. Each certificate that AWS Private CA issues is bound to a specific CRL through the CRL distribution point (CDP) defined in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280) .\n- `PARTITIONED` - Compared to complete CRLs, partitioned CRLs dramatically increase the number of certificates your private CA can issue.\n\n> When using partitioned CRLs, you must validate that the CRL's associated issuing distribution point (IDP) URI matches the certi\ufb01cate's CDP URI to ensure the right CRL has been fetched. AWS Private CA marks the IDP extension as critical, which your client must be able to process.", + "title": "CrlType", + "type": "string" + }, "CustomCname": { "markdownDescription": "Name inserted into the certificate *CRL Distribution Points* extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.\n\n> The content of a Canonical Name (CNAME) record must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as \"http://\" or \"https://\".", "title": "CustomCname", "type": "string" }, + "CustomPath": { + "markdownDescription": "Designates a custom file path in S3 for CRL(s). For example, `http:////.crl` .", + "title": "CustomPath", + "type": "string" + }, "Enabled": { "markdownDescription": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the `CreateCertificateAuthority` operation or for an existing CA when you call the `UpdateCertificateAuthority` operation.", "title": "Enabled", @@ -702,6 +712,9 @@ "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.CrlDistributionPointExtensionConfiguration": { @@ -772,7 +785,6 @@ } }, "required": [ - "NameAssigner", "PartyName" ], "type": "object" @@ -888,6 +900,9 @@ "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.OtherName": { @@ -1180,7 +1195,7 @@ ], "type": "object" }, - "AWS::APS::RuleGroupsNamespace": { + "AWS::AIOps::InvestigationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -1215,132 +1230,77 @@ "Properties": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", - "title": "Data", + "ChatbotNotificationChannels": { + "items": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.ChatbotNotificationChannel" + }, + "markdownDescription": "Use this property to integrate CloudWatch investigations with chat applications. This property is an array. For the first string, specify the ARN of an Amazon SNS topic. For the array of strings, specify the ARNs of one or more chat applications configurations that you want to associate with that topic. For more information about these configuration ARNs, see [Getting started with Amazon Q in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html) and [Resource type defined by AWS Chatbot](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html#awschatbot-resources-for-iam-policies) .", + "title": "ChatbotNotificationChannels", + "type": "array" + }, + "CrossAccountConfigurations": { + "items": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.CrossAccountConfiguration" + }, + "markdownDescription": "List of `sourceRoleArn` values that have been configured for cross-account access.", + "title": "CrossAccountConfigurations", + "type": "array" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.EncryptionConfigMap", + "markdownDescription": "Specifies the customer managed AWS KMS key that the investigation group uses to encrypt data, if there is one. If not, the investigation group uses an AWS key to encrypt the data.", + "title": "EncryptionConfig" + }, + "InvestigationGroupPolicy": { + "markdownDescription": "Returns the JSON of the IAM resource policy associated with the specified investigation group in a string. For example, `{\\\"Version\\\":\\\"2012-10-17\\\",\\\"Statement\\\":[{\\\"Effect\\\":\\\"Allow\\\",\\\"Principal\\\":{\\\"Service\\\":\\\"aiops.alarms.cloudwatch.amazonaws.com\\\"},\\\"Action\\\":[\\\"aiops:CreateInvestigation\\\",\\\"aiops:CreateInvestigationEvent\\\"],\\\"Resource\\\":\\\"*\\\",\\\"Condition\\\":{\\\"StringEquals\\\":{\\\"aws:SourceAccount\\\":\\\"111122223333\\\"},\\\"ArnLike\\\":{\\\"aws:SourceArn\\\":\\\"arn:aws:cloudwatch:us-east-1:111122223333:alarm:*\\\"}}}]}` .", + "title": "InvestigationGroupPolicy", "type": "string" }, + "IsCloudTrailEventHistoryEnabled": { + "markdownDescription": "Specify `true` to enable CloudWatch investigations to have access to change events that are recorded by CloudTrail. The default is `true` .", + "title": "IsCloudTrailEventHistoryEnabled", + "type": "boolean" + }, "Name": { - "markdownDescription": "The name of the rule groups namespace.", + "markdownDescription": "Specify either the name or the ARN of the investigation group that you want to view. This is used to set the name of the investigation group.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tag keys and values that are associated with the rule groups namespace.", - "title": "Tags", - "type": "array" + "RetentionInDays": { + "markdownDescription": "Specifies how long that investigation data is kept.", + "title": "RetentionInDays", + "type": "number" }, - "Workspace": { - "markdownDescription": "The ID of the workspace to add the rule groups namespace.", - "title": "Workspace", - "type": "string" - } - }, - "required": [ - "Data", - "Name", - "Workspace" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::APS::RuleGroupsNamespace" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::APS::Scraper": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that the investigation group uses for permissions to gather data.", + "title": "RoleArn", "type": "string" }, - { + "TagKeyBoundaries": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "Displays the custom tag keys for custom applications in your system that you have specified in the investigation group. Resource tags help CloudWatch investigations narrow the search space when it is unable to discover definite relationships between resources.", + "title": "TagKeyBoundaries", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Alias": { - "markdownDescription": "An optional user-assigned scraper alias.", - "title": "Alias", - "type": "string" - }, - "Destination": { - "$ref": "#/definitions/AWS::APS::Scraper.Destination", - "markdownDescription": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to.", - "title": "Destination" - }, - "ScrapeConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.ScrapeConfiguration", - "markdownDescription": "The configuration in use by the scraper.", - "title": "ScrapeConfiguration" - }, - "Source": { - "$ref": "#/definitions/AWS::APS::Scraper.Source", - "markdownDescription": "The Amazon EKS cluster from which the scraper collects metrics.", - "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "(Optional) The list of tag keys and values associated with the scraper.", + "markdownDescription": "The list of key-value pairs to associate with the resource.", "title": "Tags", "type": "array" } }, "required": [ - "Destination", - "ScrapeConfiguration", - "Source" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::APS::Scraper" + "AWS::AIOps::InvestigationGroup" ], "type": "string" }, @@ -1359,191 +1319,652 @@ ], "type": "object" }, - "AWS::APS::Scraper.AmpConfiguration": { - "additionalProperties": false, - "properties": { - "WorkspaceArn": { - "markdownDescription": "ARN of the Amazon Managed Service for Prometheus workspace.", - "title": "WorkspaceArn", - "type": "string" - } - }, - "required": [ - "WorkspaceArn" - ], - "type": "object" - }, - "AWS::APS::Scraper.Destination": { + "AWS::AIOps::InvestigationGroup.ChatbotNotificationChannel": { "additionalProperties": false, "properties": { - "AmpConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.AmpConfiguration", - "markdownDescription": "The Amazon Managed Service for Prometheus workspace to send metrics to.", - "title": "AmpConfiguration" - } - }, - "required": [ - "AmpConfiguration" - ], - "type": "object" - }, - "AWS::APS::Scraper.EksConfiguration": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "ARN of the Amazon EKS cluster.", - "title": "ClusterArn", - "type": "string" - }, - "SecurityGroupIds": { + "ChatConfigurationArns": { "items": { "type": "string" }, - "markdownDescription": "A list of the security group IDs for the Amazon EKS cluster VPC configuration.", - "title": "SecurityGroupIds", + "markdownDescription": "Returns the Amazon Resource Name (ARN) of any third-party chat integrations configured for the account.", + "title": "ChatConfigurationArns", "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs for the Amazon EKS cluster VPC configuration.", - "title": "SubnetIds", - "type": "array" - } - }, - "required": [ - "ClusterArn", - "SubnetIds" - ], - "type": "object" - }, - "AWS::APS::Scraper.ScrapeConfiguration": { - "additionalProperties": false, - "properties": { - "ConfigurationBlob": { - "markdownDescription": "The base 64 encoded scrape configuration file.", - "title": "ConfigurationBlob", + "SNSTopicArn": { + "markdownDescription": "Returns the ARN of an Amazon SNS topic used for third-party chat integrations.", + "title": "SNSTopicArn", "type": "string" } }, - "required": [ - "ConfigurationBlob" - ], "type": "object" }, - "AWS::APS::Scraper.Source": { + "AWS::AIOps::InvestigationGroup.CrossAccountConfiguration": { "additionalProperties": false, "properties": { - "EksConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.EksConfiguration", - "markdownDescription": "The Amazon EKS cluster from which a scraper collects metrics.", - "title": "EksConfiguration" + "SourceRoleArn": { + "markdownDescription": "The ARN of an existing role which will be used to do investigations on your behalf.", + "title": "SourceRoleArn", + "type": "string" } }, - "required": [ - "EksConfiguration" - ], "type": "object" }, - "AWS::APS::Workspace": { + "AWS::AIOps::InvestigationGroup.EncryptionConfigMap": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlertManagerDefinition": { - "markdownDescription": "The alert manager definition, a YAML configuration for the alert manager in your Amazon Managed Service for Prometheus workspace.\n\nFor details about the alert manager definition, see [Creating an alert manager configuration files](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alertmanager-config.html) in the *Amazon Managed Service for Prometheus User Guide* .\n\nThe following example shows part of a CloudFormation YAML file with an embedded alert manager definition (following the `- |-` ).\n\n`Workspace: Type: AWS::APS::Workspace .... Properties: .... AlertManagerDefinition: Fn::Sub: - |- alertmanager_config: | templates: - 'default_template' route: receiver: example-sns receivers: - name: example-sns sns_configs: - topic_arn: 'arn:aws:sns:${AWS::Region}:${AWS::AccountId}:${TopicName}' -`", - "title": "AlertManagerDefinition", - "type": "string" - }, - "Alias": { - "markdownDescription": "The alias that is assigned to this workspace to help identify it. It does not need to be unique.", - "title": "Alias", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "(optional) The ARN for a customer managed AWS KMS key to use for encrypting data within your workspace. For more information about using your own key in your workspace, see [Encryption at rest](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html) in the *Amazon Managed Service for Prometheus User Guide* .", - "title": "KmsKeyArn", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::APS::Workspace.LoggingConfiguration", - "markdownDescription": "Contains information about the current rules and alerting logging configuration for the workspace.\n\n> These logging configurations are only for rules and alerting logs.", - "title": "LoggingConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tag keys and values that are associated with the workspace.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::APS::Workspace" - ], + "EncryptionConfigurationType": { + "markdownDescription": "Displays whether investigation data is encrypted by a customer managed key or an AWS owned key.", + "title": "EncryptionConfigurationType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::APS::Workspace.LoggingConfiguration": { - "additionalProperties": false, - "properties": { - "LogGroupArn": { - "markdownDescription": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist prior to calling this operation.", - "title": "LogGroupArn", + "KmsKeyId": { + "markdownDescription": "If the investigation group uses a customer managed key for encryption, this field displays the ID of that key.", + "title": "KmsKeyId", "type": "string" } }, "type": "object" }, - "AWS::ARCZonalShift::ZonalAutoshiftConfiguration": { + "AWS::APS::RuleGroupsNamespace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", + "title": "Data", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the rule groups namespace.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tag keys and values that are associated with the rule groups namespace.", + "title": "Tags", + "type": "array" + }, + "Workspace": { + "markdownDescription": "The ID of the workspace to add the rule groups namespace.", + "title": "Workspace", + "type": "string" + } + }, + "required": [ + "Data", + "Name", + "Workspace" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::RuleGroupsNamespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::APS::Scraper": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "An optional user-assigned scraper alias.", + "title": "Alias", + "type": "string" + }, + "Destination": { + "$ref": "#/definitions/AWS::APS::Scraper.Destination", + "markdownDescription": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to.", + "title": "Destination" + }, + "RoleConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.RoleConfiguration", + "markdownDescription": "The role configuration in an Amazon Managed Service for Prometheus scraper.", + "title": "RoleConfiguration" + }, + "ScrapeConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.ScrapeConfiguration", + "markdownDescription": "The configuration in use by the scraper.", + "title": "ScrapeConfiguration" + }, + "Source": { + "$ref": "#/definitions/AWS::APS::Scraper.Source", + "markdownDescription": "The Amazon EKS cluster from which the scraper collects metrics.", + "title": "Source" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "(Optional) The list of tag keys and values associated with the scraper.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Destination", + "ScrapeConfiguration", + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::Scraper" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::APS::Scraper.AmpConfiguration": { + "additionalProperties": false, + "properties": { + "WorkspaceArn": { + "markdownDescription": "ARN of the Amazon Managed Service for Prometheus workspace.", + "title": "WorkspaceArn", + "type": "string" + } + }, + "required": [ + "WorkspaceArn" + ], + "type": "object" + }, + "AWS::APS::Scraper.Destination": { + "additionalProperties": false, + "properties": { + "AmpConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.AmpConfiguration", + "markdownDescription": "The Amazon Managed Service for Prometheus workspace to send metrics to.", + "title": "AmpConfiguration" + } + }, + "required": [ + "AmpConfiguration" + ], + "type": "object" + }, + "AWS::APS::Scraper.EksConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "ARN of the Amazon EKS cluster.", + "title": "ClusterArn", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the security group IDs for the Amazon EKS cluster VPC configuration.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs for the Amazon EKS cluster VPC configuration.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "ClusterArn", + "SubnetIds" + ], + "type": "object" + }, + "AWS::APS::Scraper.RoleConfiguration": { + "additionalProperties": false, + "properties": { + "SourceRoleArn": { + "markdownDescription": "The ARN of the source role.", + "title": "SourceRoleArn", + "type": "string" + }, + "TargetRoleArn": { + "markdownDescription": "The ARN of the target role.", + "title": "TargetRoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::APS::Scraper.ScrapeConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationBlob": { + "markdownDescription": "The base 64 encoded scrape configuration file.", + "title": "ConfigurationBlob", + "type": "string" + } + }, + "required": [ + "ConfigurationBlob" + ], + "type": "object" + }, + "AWS::APS::Scraper.Source": { + "additionalProperties": false, + "properties": { + "EksConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.EksConfiguration", + "markdownDescription": "The Amazon EKS cluster from which a scraper collects metrics.", + "title": "EksConfiguration" + } + }, + "required": [ + "EksConfiguration" + ], + "type": "object" + }, + "AWS::APS::Workspace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AlertManagerDefinition": { + "markdownDescription": "The alert manager definition, a YAML configuration for the alert manager in your Amazon Managed Service for Prometheus workspace.\n\nFor details about the alert manager definition, see [Creating an alert manager configuration files](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alertmanager-config.html) in the *Amazon Managed Service for Prometheus User Guide* .\n\nThe following example shows part of a CloudFormation YAML file with an embedded alert manager definition (following the `- |-` ).\n\n`Workspace: Type: AWS::APS::Workspace .... Properties: .... AlertManagerDefinition: Fn::Sub: - |- alertmanager_config: | templates: - 'default_template' route: receiver: example-sns receivers: - name: example-sns sns_configs: - topic_arn: 'arn:aws:sns:${AWS::Region}:${AWS::AccountId}:${TopicName}' -`", + "title": "AlertManagerDefinition", + "type": "string" + }, + "Alias": { + "markdownDescription": "The alias that is assigned to this workspace to help identify it. It does not need to be unique.", + "title": "Alias", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "(optional) The ARN for a customer managed AWS KMS key to use for encrypting data within your workspace. For more information about using your own key in your workspace, see [Encryption at rest](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html) in the *Amazon Managed Service for Prometheus User Guide* .", + "title": "KmsKeyArn", + "type": "string" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingConfiguration", + "markdownDescription": "Contains information about the current rules and alerting logging configuration for the workspace.\n\n> These logging configurations are only for rules and alerting logs.", + "title": "LoggingConfiguration" + }, + "QueryLoggingConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.QueryLoggingConfiguration", + "markdownDescription": "The definition of logging configuration in an Amazon Managed Service for Prometheus workspace.", + "title": "QueryLoggingConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tag keys and values that are associated with the workspace.", + "title": "Tags", + "type": "array" + }, + "WorkspaceConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.WorkspaceConfiguration", + "markdownDescription": "Use this structure to define label sets and the ingestion limits for time series that match label sets, and to specify the retention period of the workspace.", + "title": "WorkspaceConfiguration" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::Workspace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::APS::Workspace.CloudWatchLogDestination": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch log group.", + "title": "LogGroupArn", + "type": "string" + } + }, + "required": [ + "LogGroupArn" + ], + "type": "object" + }, + "AWS::APS::Workspace.Label": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name for this label.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for this label.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::APS::Workspace.LimitsPerLabelSet": { + "additionalProperties": false, + "properties": { + "LabelSet": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.Label" + }, + "markdownDescription": "This defines one label set that will have an enforced ingestion limit. You can set ingestion limits on time series that match defined label sets, to help prevent a workspace from being overwhelmed with unexpected spikes in time series ingestion.\n\nLabel values accept all UTF-8 characters with one exception. If the label name is metric name label `__ *name* __` , then the *metric* part of the name must conform to the following pattern: `[a-zA-Z_:][a-zA-Z0-9_:]*`", + "title": "LabelSet", + "type": "array" + }, + "Limits": { + "$ref": "#/definitions/AWS::APS::Workspace.LimitsPerLabelSetEntry", + "markdownDescription": "This structure contains the information about the limits that apply to time series that match this label set.", + "title": "Limits" + } + }, + "required": [ + "LabelSet", + "Limits" + ], + "type": "object" + }, + "AWS::APS::Workspace.LimitsPerLabelSetEntry": { + "additionalProperties": false, + "properties": { + "MaxSeries": { + "markdownDescription": "The maximum number of active series that can be ingested that match this label set.\n\nSetting this to 0 causes no label set limit to be enforced, but it does cause Amazon Managed Service for Prometheus to vend label set metrics to CloudWatch", + "title": "MaxSeries", + "type": "number" + } + }, + "type": "object" + }, + "AWS::APS::Workspace.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist prior to calling this operation.", + "title": "LogGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::APS::Workspace.LoggingDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::APS::Workspace.CloudWatchLogDestination", + "markdownDescription": "Configuration details for logging to CloudWatch Logs.", + "title": "CloudWatchLogs" + }, + "Filters": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingFilter", + "markdownDescription": "Filtering criteria that determine which queries are logged.", + "title": "Filters" + } + }, + "required": [ + "CloudWatchLogs", + "Filters" + ], + "type": "object" + }, + "AWS::APS::Workspace.LoggingFilter": { + "additionalProperties": false, + "properties": { + "QspThreshold": { + "markdownDescription": "", + "title": "QspThreshold", + "type": "number" + } + }, + "required": [ + "QspThreshold" + ], + "type": "object" + }, + "AWS::APS::Workspace.QueryLoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingDestination" + }, + "markdownDescription": "Defines a destination and its associated filtering criteria for query logging.", + "title": "Destinations", + "type": "array" + } + }, + "required": [ + "Destinations" + ], + "type": "object" + }, + "AWS::APS::Workspace.WorkspaceConfiguration": { + "additionalProperties": false, + "properties": { + "LimitsPerLabelSets": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.LimitsPerLabelSet" + }, + "markdownDescription": "This is an array of structures, where each structure defines a label set for the workspace, and defines the ingestion limit for active time series for each of those label sets. Each label name in a label set must be unique.", + "title": "LimitsPerLabelSets", + "type": "array" + }, + "RetentionPeriodInDays": { + "markdownDescription": "Specifies how many days that metrics will be retained in the workspace.", + "title": "RetentionPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ARCZonalShift::ZonalAutoshiftConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -1774,9 +2195,47 @@ ], "type": "object" }, + "AWS::AccessAnalyzer::Analyzer.AnalysisRule": { + "additionalProperties": false, + "properties": { + "Exclusions": { + "items": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.AnalysisRuleCriteria" + }, + "markdownDescription": "A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.", + "title": "Exclusions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.AnalysisRuleCriteria": { + "additionalProperties": false, + "properties": { + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers. The list cannot include more than 2,000 account IDs.", + "title": "AccountIds", + "type": "array" + }, + "ResourceTags": { + "markdownDescription": "An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with `aws:` .\n\nFor the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.", + "title": "ResourceTags", + "type": "object" + } + }, + "type": "object" + }, "AWS::AccessAnalyzer::Analyzer.AnalyzerConfiguration": { "additionalProperties": false, "properties": { + "InternalAccessConfiguration": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessConfiguration", + "markdownDescription": "Specifies the configuration of an internal access analyzer for an AWS organization or account. This configuration determines how the analyzer evaluates access within your AWS environment.", + "title": "InternalAccessConfiguration" + }, "UnusedAccessConfiguration": { "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.UnusedAccessConfiguration", "markdownDescription": "Specifies the configuration of an unused access analyzer for an AWS organization or account.", @@ -1851,9 +2310,69 @@ ], "type": "object" }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRule": { + "additionalProperties": false, + "properties": { + "Inclusions": { + "items": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRuleCriteria" + }, + "markdownDescription": "A list of rules for the internal access analyzer containing criteria to include in analysis. Only resources that meet the rule criteria will generate findings.", + "title": "Inclusions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRuleCriteria": { + "additionalProperties": false, + "properties": { + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS account IDs to apply to the internal access analysis rule criteria. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.", + "title": "AccountIds", + "type": "array" + }, + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of resource ARNs to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources that match these ARNs.", + "title": "ResourceArns", + "type": "array" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of resource types to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources of these types. These resource types are currently supported for internal access analyzers:\n\n- `AWS::S3::Bucket`\n- `AWS::RDS::DBSnapshot`\n- `AWS::RDS::DBClusterSnapshot`\n- `AWS::S3Express::DirectoryBucket`\n- `AWS::DynamoDB::Table`\n- `AWS::DynamoDB::Stream`", + "title": "ResourceTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessConfiguration": { + "additionalProperties": false, + "properties": { + "InternalAccessAnalysisRule": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRule", + "markdownDescription": "Contains information about analysis rules for the internal access analyzer. These rules determine which resources and access patterns will be analyzed.", + "title": "InternalAccessAnalysisRule" + } + }, + "type": "object" + }, "AWS::AccessAnalyzer::Analyzer.UnusedAccessConfiguration": { "additionalProperties": false, "properties": { + "AnalysisRule": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.AnalysisRule", + "markdownDescription": "Contains information about analysis rules for the analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule.", + "title": "AnalysisRule" + }, "UnusedAccessAge": { "markdownDescription": "The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.", "title": "UnusedAccessAge", @@ -2011,11 +2530,9 @@ } }, "required": [ - "AutoMinorVersionUpgrade", "BrokerName", "DeploymentMode", "EngineType", - "EngineVersion", "HostInstanceType", "PubliclyAccessible", "Users" @@ -2330,9 +2847,7 @@ } }, "required": [ - "Data", "EngineType", - "EngineVersion", "Name" ], "type": "object" @@ -2526,6 +3041,16 @@ "title": "BuildSpec", "type": "string" }, + "CacheConfig": { + "$ref": "#/definitions/AWS::Amplify::App.CacheConfig", + "markdownDescription": "The cache configuration for the Amplify app. If you don't specify the cache configuration `type` , Amplify uses the default `AMPLIFY_MANAGED` setting.", + "title": "CacheConfig" + }, + "ComputeRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for an SSR app. The Compute role allows the Amplify Hosting compute service to securely access specific AWS resources based on the role's permissions. For more information about the SSR Compute role, see [Adding an SSR Compute role](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-SSR-compute-role.html) in the *Amplify User Guide* .", + "title": "ComputeRoleArn", + "type": "string" + }, "CustomHeaders": { "markdownDescription": "The custom HTTP headers for an Amplify app.", "title": "CustomHeaders", @@ -2562,6 +3087,11 @@ "title": "IAMServiceRole", "type": "string" }, + "JobConfig": { + "$ref": "#/definitions/AWS::Amplify::App.JobConfig", + "markdownDescription": "The configuration details that apply to the jobs for an Amplify app.", + "title": "JobConfig" + }, "Name": { "markdownDescription": "The name of the Amplify app.", "title": "Name", @@ -2705,6 +3235,17 @@ }, "type": "object" }, + "AWS::Amplify::App.CacheConfig": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of cache configuration to use for an Amplify app.\n\nThe `AMPLIFY_MANAGED` cache configuration automatically applies an optimized cache configuration for your app based on its platform, routing rules, and rewrite rules.\n\nThe `AMPLIFY_MANAGED_NO_COOKIES` cache configuration type is the same as `AMPLIFY_MANAGED` , except that it excludes all cookies from the cache key. This is the default setting.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, "AWS::Amplify::App.CustomRule": { "additionalProperties": false, "properties": { @@ -2755,6 +3296,20 @@ ], "type": "object" }, + "AWS::Amplify::App.JobConfig": { + "additionalProperties": false, + "properties": { + "BuildComputeType": { + "markdownDescription": "Specifies the size of the build instance. Amplify supports three instance sizes: `STANDARD_8GB` , `LARGE_16GB` , and `XLARGE_72GB` . If you don't specify a value, Amplify uses the `STANDARD_8GB` default.\n\nThe following list describes the CPU, memory, and storage capacity for each build instance type:\n\n- **STANDARD_8GB** - - vCPUs: 4\n- Memory: 8 GiB\n- Disk space: 128 GB\n- **LARGE_16GB** - - vCPUs: 8\n- Memory: 16 GiB\n- Disk space: 128 GB\n- **XLARGE_72GB** - - vCPUs: 36\n- Memory: 72 GiB\n- Disk space: 256 GB", + "title": "BuildComputeType", + "type": "string" + } + }, + "required": [ + "BuildComputeType" + ], + "type": "object" + }, "AWS::Amplify::Branch": { "additionalProperties": false, "properties": { @@ -2815,6 +3370,11 @@ "title": "BuildSpec", "type": "string" }, + "ComputeRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to assign to a branch of an SSR app. The SSR Compute role allows the Amplify Hosting compute service to securely access specific AWS resources based on the role's permissions. For more information about the SSR Compute role, see [Adding an SSR Compute role](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-SSR-compute-role.html) in the *Amplify User Guide* .", + "title": "ComputeRoleArn", + "type": "string" + }, "Description": { "markdownDescription": "The description for the branch that is part of an Amplify app.", "title": "Description", @@ -2835,6 +3395,11 @@ "title": "EnablePullRequestPreview", "type": "boolean" }, + "EnableSkewProtection": { + "markdownDescription": "Specifies whether the skew protection feature is enabled for the branch.\n\nDeployment skew protection is available to Amplify applications to eliminate version skew issues between client and servers in web applications. When you apply skew protection to a branch, you can ensure that your clients always interact with the correct version of server-side assets, regardless of when a deployment occurs. For more information about skew protection, see [Skew protection for Amplify deployments](https://docs.aws.amazon.com/amplify/latest/userguide/skew-protection.html) in the *Amplify User Guide* .", + "title": "EnableSkewProtection", + "type": "boolean" + }, "EnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::Amplify::Branch.EnvironmentVariable" @@ -4933,6 +5498,89 @@ ], "type": "object" }, + "AWS::ApiGateway::BasePathMappingV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BasePath": { + "markdownDescription": "The base path name that callers of the private API must provide as part of the URL after the domain name.", + "title": "BasePath", + "type": "string" + }, + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name for the BasePathMappingV2 resource to be described.", + "title": "DomainNameArn", + "type": "string" + }, + "RestApiId": { + "markdownDescription": "The private API's identifier. This identifier is unique across all of your APIs in API Gateway.", + "title": "RestApiId", + "type": "string" + }, + "Stage": { + "markdownDescription": "Represents a unique identifier for a version of a deployed private RestApi that is callable by users. The Stage must depend on the `RestApi` 's stage. To create a dependency, add a DependsOn attribute to the BasePathMappingV2 resource.", + "title": "Stage", + "type": "string" + } + }, + "required": [ + "DomainNameArn", + "RestApiId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::BasePathMappingV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::ApiGateway::ClientCertificate": { "additionalProperties": false, "properties": { @@ -5583,6 +6231,11 @@ "title": "RegionalCertificateArn", "type": "string" }, + "RoutingMode": { + "markdownDescription": "The routing mode for this domain name. The routing mode determines how API Gateway sends traffic from your custom domain name to your public APIs.", + "title": "RoutingMode", + "type": "string" + }, "SecurityPolicy": { "markdownDescription": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are `TLS_1_0` and `TLS_1_2` .", "title": "SecurityPolicy", @@ -5622,6 +6275,11 @@ "AWS::ApiGateway::DomainName.EndpointConfiguration": { "additionalProperties": false, "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke this DomainName. Use `ipv4` to allow only IPv4 addresses to invoke this DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke this DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, "Types": { "items": { "type": "string" @@ -5649,6 +6307,208 @@ }, "type": "object" }, + "AWS::ApiGateway::DomainNameAccessAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessAssociationSource": { + "markdownDescription": "The identifier of the domain name access association source. For a `VPCE` , the value is the VPC endpoint ID.", + "title": "AccessAssociationSource", + "type": "string" + }, + "AccessAssociationSourceType": { + "markdownDescription": "The type of the domain name access association source. Only `VPCE` is currently supported.", + "title": "AccessAssociationSourceType", + "type": "string" + }, + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name.", + "title": "DomainNameArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccessAssociationSource", + "AccessAssociationSourceType", + "DomainNameArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::DomainNameAccessAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApiGateway::DomainNameV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The reference to an AWS -managed certificate that will be used by the private endpoint for this domain name. AWS Certificate Manager is the only supported source.", + "title": "CertificateArn", + "type": "string" + }, + "DomainName": { + "markdownDescription": "Represents a custom domain name as a user-friendly host name of an API (RestApi).", + "title": "DomainName", + "type": "string" + }, + "EndpointConfiguration": { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameV2.EndpointConfiguration", + "markdownDescription": "The endpoint configuration to indicate the types of endpoints an API (RestApi) or its custom domain name (DomainName) has and the IP address types that can invoke it.", + "title": "EndpointConfiguration" + }, + "Policy": { + "markdownDescription": "A stringified JSON policy document that applies to the `execute-api` service for this DomainName regardless of the caller and Method configuration. You can use `Fn::ToJsonString` to enter your `policy` . For more information, see [Fn::ToJsonString](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ToJsonString.html) .", + "title": "Policy", + "type": "object" + }, + "RoutingMode": { + "markdownDescription": "The routing mode for this domain name. The routing mode determines how API Gateway sends traffic from your custom domain name to your private APIs.", + "title": "RoutingMode", + "type": "string" + }, + "SecurityPolicy": { + "markdownDescription": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. Only `TLS_1_2` is supported.", + "title": "SecurityPolicy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::DomainNameV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ApiGateway::DomainNameV2.EndpointConfiguration": { + "additionalProperties": false, + "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke an API (RestApi) or a DomainName. Use `ipv4` to allow only IPv4 addresses to invoke an API or DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API or a DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `\"EDGE\"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` .", + "title": "Types", + "type": "array" + } + }, + "type": "object" + }, "AWS::ApiGateway::GatewayResponse": { "additionalProperties": false, "properties": { @@ -6478,6 +7338,11 @@ "AWS::ApiGateway::RestApi.EndpointConfiguration": { "additionalProperties": false, "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke an API (RestApi). Use `ipv4` to allow only IPv4 addresses to invoke an API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, "Types": { "items": { "type": "string" @@ -7189,6 +8054,11 @@ "title": "FailOnWarnings", "type": "boolean" }, + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke the API. Use `ipv4` to allow only IPv4 addresses to invoke your API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your API.\n\nDon\u2019t use IP address type for an HTTP API based on an OpenAPI specification. Instead, specify the IP address type in the OpenAPI specification.", + "title": "IpAddressType", + "type": "string" + }, "Name": { "markdownDescription": "The name of the API. Required unless you specify an OpenAPI definition for `Body` or `S3BodyLocation` .", "title": "Name", @@ -7907,6 +8777,11 @@ "markdownDescription": "The mutual TLS authentication configuration for a custom domain name.", "title": "MutualTlsAuthentication" }, + "RoutingMode": { + "markdownDescription": "The routing mode API Gateway uses to route traffic to your APIs.", + "title": "RoutingMode", + "type": "string" + }, "Tags": { "additionalProperties": true, "markdownDescription": "The collection of tags associated with a domain name.", @@ -7963,6 +8838,11 @@ "title": "EndpointType", "type": "string" }, + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke the domain name. Use `ipv4` to allow only IPv4 addresses to invoke your domain name, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your domain name.", + "title": "IpAddressType", + "type": "string" + }, "OwnershipVerificationCertificateArn": { "markdownDescription": "The Amazon resource name (ARN) for the public certificate issued by AWS Certificate Manager . This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn.", "title": "OwnershipVerificationCertificateArn", @@ -8088,17 +8968,35 @@ "type": "string" }, "RequestParameters": { + "additionalProperties": true, "markdownDescription": "For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of `method.request. {location} . {name}` , where `{location}` is `querystring` , `path` , or `header` ; and `{name}` must be a valid and unique method request parameter name.\n\nFor HTTP API integrations with a specified `integrationSubtype` , request parameters are a key-value map specifying parameters that are passed to `AWS_PROXY` integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Working with AWS service integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services.html) .\n\nFor HTTP API integrations without a specified `integrationSubtype` request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern :. where action can be `append` , `overwrite` or `remove` . For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "RequestParameters", "type": "object" }, "RequestTemplates": { + "additionalProperties": true, "markdownDescription": "Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "RequestTemplates", "type": "object" }, "ResponseParameters": { + "additionalProperties": false, "markdownDescription": "Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. The value is of type [`ResponseParameterList`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameterlist.html) . To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameterMap" + } + }, "title": "ResponseParameters", "type": "object" }, @@ -8159,19 +9057,17 @@ "type": "string" } }, - "required": [ - "Destination", - "Source" - ], "type": "object" }, - "AWS::ApiGatewayV2::Integration.ResponseParameterList": { + "AWS::ApiGatewayV2::Integration.ResponseParameterMap": { "additionalProperties": false, "properties": { "ResponseParameters": { "items": { "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameter" }, + "markdownDescription": "", + "title": "ResponseParameters", "type": "array" } }, @@ -8616,7 +9512,7 @@ ], "type": "object" }, - "AWS::ApiGatewayV2::Stage": { + "AWS::ApiGatewayV2::RoutingRule": { "additionalProperties": false, "properties": { "Condition": { @@ -8651,76 +9547,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessLogSettings": { - "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.AccessLogSettings", - "markdownDescription": "Settings for logging access in this stage.", - "title": "AccessLogSettings" - }, - "AccessPolicyId": { - "markdownDescription": "This parameter is not currently supported.", - "title": "AccessPolicyId", - "type": "string" - }, - "ApiId": { - "markdownDescription": "The API identifier.", - "title": "ApiId", - "type": "string" - }, - "AutoDeploy": { - "markdownDescription": "Specifies whether updates to an API automatically trigger a new deployment. The default value is `false` .", - "title": "AutoDeploy", - "type": "boolean" - }, - "ClientCertificateId": { - "markdownDescription": "The identifier of a client certificate for a `Stage` . Supported only for WebSocket APIs.", - "title": "ClientCertificateId", - "type": "string" - }, - "DefaultRouteSettings": { - "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.RouteSettings", - "markdownDescription": "The default route settings for the stage.", - "title": "DefaultRouteSettings" - }, - "DeploymentId": { - "markdownDescription": "The deployment identifier for the API stage. Can't be updated if `autoDeploy` is enabled.", - "title": "DeploymentId", - "type": "string" - }, - "Description": { - "markdownDescription": "The description for the API stage.", - "title": "Description", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.Action" + }, + "markdownDescription": "The resulting action based on matching a routing rules condition. Only InvokeApi is supported.", + "title": "Actions", + "type": "array" }, - "RouteSettings": { - "markdownDescription": "Route settings for the stage.", - "title": "RouteSettings", - "type": "object" + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.Condition" + }, + "markdownDescription": "The conditions of the routing rule.", + "title": "Conditions", + "type": "array" }, - "StageName": { - "markdownDescription": "The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be `$default` . Maximum length is 128 characters.", - "title": "StageName", + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name.", + "title": "DomainNameArn", "type": "string" }, - "StageVariables": { - "markdownDescription": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.", - "title": "StageVariables", - "type": "object" - }, - "Tags": { - "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", - "title": "Tags", - "type": "object" + "Priority": { + "markdownDescription": "The order in which API Gateway evaluates a rule. Priority is evaluated from the lowest value to the highest value. Rules can't have the same priority. Priority values 1-1,000,000 are supported.", + "title": "Priority", + "type": "number" } }, "required": [ - "ApiId", - "StageName" + "Actions", + "Conditions", + "DomainNameArn", + "Priority" ], "type": "object" }, "Type": { "enum": [ - "AWS::ApiGatewayV2::Stage" + "AWS::ApiGatewayV2::RoutingRule" ], "type": "string" }, @@ -8739,149 +9603,381 @@ ], "type": "object" }, - "AWS::ApiGatewayV2::Stage.AccessLogSettings": { + "AWS::ApiGatewayV2::RoutingRule.Action": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The ARN of the CloudWatch Logs log group to receive access logs. This parameter is required to enable access logging.", - "title": "DestinationArn", - "type": "string" - }, - "Format": { - "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId. This parameter is required to enable access logging.", - "title": "Format", - "type": "string" + "InvokeApi": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.ActionInvokeApi", + "markdownDescription": "Represents an InvokeApi action.", + "title": "InvokeApi" } }, + "required": [ + "InvokeApi" + ], "type": "object" }, - "AWS::ApiGatewayV2::Stage.RouteSettings": { + "AWS::ApiGatewayV2::RoutingRule.ActionInvokeApi": { "additionalProperties": false, "properties": { - "DataTraceEnabled": { - "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", - "title": "DataTraceEnabled", - "type": "boolean" - }, - "DetailedMetricsEnabled": { - "markdownDescription": "Specifies whether detailed metrics are enabled.", - "title": "DetailedMetricsEnabled", - "type": "boolean" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", - "title": "LoggingLevel", + "ApiId": { + "markdownDescription": "The API identifier of the target API.", + "title": "ApiId", "type": "string" }, - "ThrottlingBurstLimit": { - "markdownDescription": "Specifies the throttling burst limit.", - "title": "ThrottlingBurstLimit", - "type": "number" + "Stage": { + "markdownDescription": "The name of the target stage.", + "title": "Stage", + "type": "string" }, - "ThrottlingRateLimit": { - "markdownDescription": "Specifies the throttling rate limit.", - "title": "ThrottlingRateLimit", - "type": "number" + "StripBasePath": { + "markdownDescription": "The strip base path setting. When true, API Gateway strips the incoming matched base path when forwarding the request to the target API.", + "title": "StripBasePath", + "type": "boolean" } }, + "required": [ + "ApiId", + "Stage" + ], "type": "object" }, - "AWS::ApiGatewayV2::VpcLink": { + "AWS::ApiGatewayV2::RoutingRule.Condition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "MatchBasePaths": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchBasePaths", + "markdownDescription": "The base path to be matched.", + "title": "MatchBasePaths" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the VPC link.", - "title": "Name", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs for the VPC link.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs to include in the VPC link.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "MatchHeaders": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchHeaders", + "markdownDescription": "The headers to be matched.", + "title": "MatchHeaders" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::RoutingRule.MatchBasePaths": { + "additionalProperties": false, + "properties": { + "AnyOf": { + "items": { + "type": "string" }, - "required": [ - "Name", - "SubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ApiGatewayV2::VpcLink" - ], + "markdownDescription": "The string of the case sensitive base path to be matched.", + "title": "AnyOf", + "type": "array" + } + }, + "required": [ + "AnyOf" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::RoutingRule.MatchHeaderValue": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "The case insensitive header name to be matched. The header name must be less than 40 characters and the only allowed characters are `a-z` , `A-Z` , `0-9` , and the following special characters: `*?-!#$%&'.^_`|~.` .", + "title": "Header", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValueGlob": { + "markdownDescription": "The case sensitive header glob value to be matched against entire header value. The header glob value must be less than 128 characters and the only allowed characters are `a-z` , `A-Z` , `0-9` , and the following special characters: `*?-!#$%&'.^_`|~` . Wildcard matching is supported for header glob values but must be for `*prefix-match` , `suffix-match*` , or `*infix*-match` .", + "title": "ValueGlob", "type": "string" } }, "required": [ - "Type", - "Properties" + "Header", + "ValueGlob" ], "type": "object" }, - "AWS::AppConfig::Application": { + "AWS::ApiGatewayV2::RoutingRule.MatchHeaders": { + "additionalProperties": false, + "properties": { + "AnyOf": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchHeaderValue" + }, + "markdownDescription": "The header name and header value glob to be matched. The matchHeaders condition is matched if any of the header name and header value globs are matched.", + "title": "AnyOf", + "type": "array" + } + }, + "required": [ + "AnyOf" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::Stage": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLogSettings": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.AccessLogSettings", + "markdownDescription": "Settings for logging access in this stage.", + "title": "AccessLogSettings" + }, + "AccessPolicyId": { + "markdownDescription": "This parameter is not currently supported.", + "title": "AccessPolicyId", + "type": "string" + }, + "ApiId": { + "markdownDescription": "The API identifier.", + "title": "ApiId", + "type": "string" + }, + "AutoDeploy": { + "markdownDescription": "Specifies whether updates to an API automatically trigger a new deployment. The default value is `false` .", + "title": "AutoDeploy", + "type": "boolean" + }, + "ClientCertificateId": { + "markdownDescription": "The identifier of a client certificate for a `Stage` . Supported only for WebSocket APIs.", + "title": "ClientCertificateId", + "type": "string" + }, + "DefaultRouteSettings": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.RouteSettings", + "markdownDescription": "The default route settings for the stage.", + "title": "DefaultRouteSettings" + }, + "DeploymentId": { + "markdownDescription": "The deployment identifier for the API stage. Can't be updated if `autoDeploy` is enabled.", + "title": "DeploymentId", + "type": "string" + }, + "Description": { + "markdownDescription": "The description for the API stage.", + "title": "Description", + "type": "string" + }, + "RouteSettings": { + "markdownDescription": "Route settings for the stage.", + "title": "RouteSettings", + "type": "object" + }, + "StageName": { + "markdownDescription": "The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be `$default` . Maximum length is 128 characters.", + "title": "StageName", + "type": "string" + }, + "StageVariables": { + "markdownDescription": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.", + "title": "StageVariables", + "type": "object" + }, + "Tags": { + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ApiId", + "StageName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGatewayV2::Stage" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::Stage.AccessLogSettings": { + "additionalProperties": false, + "properties": { + "DestinationArn": { + "markdownDescription": "The ARN of the CloudWatch Logs log group to receive access logs. This parameter is required to enable access logging.", + "title": "DestinationArn", + "type": "string" + }, + "Format": { + "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId. This parameter is required to enable access logging.", + "title": "Format", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::Stage.RouteSettings": { + "additionalProperties": false, + "properties": { + "DataTraceEnabled": { + "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", + "title": "DataTraceEnabled", + "type": "boolean" + }, + "DetailedMetricsEnabled": { + "markdownDescription": "Specifies whether detailed metrics are enabled.", + "title": "DetailedMetricsEnabled", + "type": "boolean" + }, + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", + "title": "LoggingLevel", + "type": "string" + }, + "ThrottlingBurstLimit": { + "markdownDescription": "Specifies the throttling burst limit.", + "title": "ThrottlingBurstLimit", + "type": "number" + }, + "ThrottlingRateLimit": { + "markdownDescription": "Specifies the throttling rate limit.", + "title": "ThrottlingRateLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::VpcLink": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the VPC link.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs for the VPC link.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs to include in the VPC link.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGatewayV2::VpcLink" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppConfig::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -9021,6 +10117,11 @@ "title": "ApplicationId", "type": "string" }, + "DeletionProtectionCheck": { + "markdownDescription": "A parameter to configure deletion protection. Deletion protection prevents a user from deleting a configuration profile if your application has called either [GetLatestConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html) or [GetConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html) for the configuration profile during the specified interval.\n\nThis parameter supports the following values:\n\n- `BYPASS` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it.\n- `APPLY` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. `APPLY` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks.\n- `ACCOUNT_DEFAULT` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the `UpdateAccountSettings` API.", + "title": "DeletionProtectionCheck", + "type": "string" + }, "Description": { "markdownDescription": "A description of the configuration profile.", "title": "Description", @@ -9208,7 +10309,7 @@ }, "Tags": { "items": { - "$ref": "#/definitions/AWS::AppConfig::Deployment.Tags" + "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata to assign to the deployment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", @@ -9266,18 +10367,6 @@ }, "type": "object" }, - "AWS::AppConfig::Deployment.Tags": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, "AWS::AppConfig::DeploymentStrategy": { "additionalProperties": false, "properties": { @@ -9350,7 +10439,7 @@ }, "Tags": { "items": { - "$ref": "#/definitions/AWS::AppConfig::DeploymentStrategy.Tags" + "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns metadata to an AWS AppConfig resource. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. You can specify a maximum of 50 tags for a resource.", "title": "Tags", @@ -9386,18 +10475,6 @@ ], "type": "object" }, - "AWS::AppConfig::DeploymentStrategy.Tags": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, "AWS::AppConfig::Environment": { "additionalProperties": false, "properties": { @@ -9438,6 +10515,11 @@ "title": "ApplicationId", "type": "string" }, + "DeletionProtectionCheck": { + "markdownDescription": "A parameter to configure deletion protection. Deletion protection prevents a user from deleting an environment if your application called either [GetLatestConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html) or [GetConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html) in the environment during the specified interval.\n\nThis parameter supports the following values:\n\n- `BYPASS` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it.\n- `APPLY` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. `APPLY` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks.\n- `ACCOUNT_DEFAULT` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the `UpdateAccountSettings` API.", + "title": "DeletionProtectionCheck", + "type": "string" + }, "Description": { "markdownDescription": "A description of the environment.", "title": "Description", @@ -12654,7 +13736,8 @@ "required": [ "ApplicationSourceConfig", "Description", - "Name" + "Name", + "Namespace" ], "type": "object" }, @@ -18100,7 +19183,7 @@ "type": "string" }, "InstanceType": { - "markdownDescription": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", + "markdownDescription": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", "title": "InstanceType", "type": "string" }, @@ -18346,7 +19429,7 @@ "type": "string" }, "InstanceType": { - "markdownDescription": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge", + "markdownDescription": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge", "title": "InstanceType", "type": "string" }, @@ -18947,6 +20030,294 @@ ], "type": "object" }, + "AWS::AppSync::Api": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EventConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.EventConfig", + "markdownDescription": "Describes the authorization configuration for connections, message publishing, message subscriptions, and logging for an Event API.", + "title": "EventConfig" + }, + "Name": { + "markdownDescription": "The name of the `Api` .", + "title": "Name", + "type": "string" + }, + "OwnerContact": { + "markdownDescription": "The owner contact information for an API resource.\n\nThis field accepts any string input with a length of 0 - 256 characters.", + "title": "OwnerContact", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this API.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AppSync::Api" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppSync::Api.AuthMode": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::Api.AuthProvider": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + }, + "CognitoConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.CognitoConfig", + "markdownDescription": "Describes an Amazon Cognito user pool configuration.", + "title": "CognitoConfig" + }, + "LambdaAuthorizerConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.LambdaAuthorizerConfig", + "markdownDescription": "A `LambdaAuthorizerConfig` specifies how to authorize AWS AppSync API access when using the `AWS_LAMBDA` authorizer mode. Be aware that an AWS AppSync API can have only one AWS Lambda authorizer configured at a time.", + "title": "LambdaAuthorizerConfig" + }, + "OpenIDConnectConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.OpenIDConnectConfig", + "markdownDescription": "Describes an OpenID Connect (OIDC) configuration.", + "title": "OpenIDConnectConfig" + } + }, + "required": [ + "AuthType" + ], + "type": "object" + }, + "AWS::AppSync::Api.CognitoConfig": { + "additionalProperties": false, + "properties": { + "AppIdClientRegex": { + "markdownDescription": "A regular expression for validating the incoming Amazon Cognito user pool app client ID. If this value isn't set, no filtering is applied.", + "title": "AppIdClientRegex", + "type": "string" + }, + "AwsRegion": { + "markdownDescription": "The AWS Region in which the user pool was created.", + "title": "AwsRegion", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The user pool ID.", + "title": "UserPoolId", + "type": "string" + } + }, + "required": [ + "AwsRegion", + "UserPoolId" + ], + "type": "object" + }, + "AWS::AppSync::Api.DnsMap": { + "additionalProperties": false, + "properties": { + "Http": { + "markdownDescription": "The domain name of the Api's HTTP endpoint.", + "title": "Http", + "type": "string" + }, + "Realtime": { + "markdownDescription": "The domain name of the Api's real-time endpoint.", + "title": "Realtime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::Api.EventConfig": { + "additionalProperties": false, + "properties": { + "AuthProviders": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthProvider" + }, + "markdownDescription": "A list of authorization providers.", + "title": "AuthProviders", + "type": "array" + }, + "ConnectionAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API connections.", + "title": "ConnectionAuthModes", + "type": "array" + }, + "DefaultPublishAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API publishing.", + "title": "DefaultPublishAuthModes", + "type": "array" + }, + "DefaultSubscribeAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API subscriptions.", + "title": "DefaultSubscribeAuthModes", + "type": "array" + }, + "LogConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.EventLogConfig", + "markdownDescription": "The CloudWatch Logs configuration for the Event API.", + "title": "LogConfig" + } + }, + "required": [ + "AuthProviders", + "ConnectionAuthModes", + "DefaultPublishAuthModes", + "DefaultSubscribeAuthModes" + ], + "type": "object" + }, + "AWS::AppSync::Api.EventLogConfig": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsRoleArn": { + "markdownDescription": "The IAM service role that AWS AppSync assumes to publish CloudWatch Logs in your account.", + "title": "CloudWatchLogsRoleArn", + "type": "string" + }, + "LogLevel": { + "markdownDescription": "The type of information to log for the Event API.", + "title": "LogLevel", + "type": "string" + } + }, + "required": [ + "CloudWatchLogsRoleArn", + "LogLevel" + ], + "type": "object" + }, + "AWS::AppSync::Api.LambdaAuthorizerConfig": { + "additionalProperties": false, + "properties": { + "AuthorizerResultTtlInSeconds": { + "markdownDescription": "The number of seconds a response should be cached for. The default is 0 seconds, which disables caching. If you don't specify a value for `authorizerResultTtlInSeconds` , the default value is used. The maximum value is one hour (3600 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response.", + "title": "AuthorizerResultTtlInSeconds", + "type": "number" + }, + "AuthorizerUri": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN ( `.../v3` ), or an alias ARN.\n\n*Note* : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the AWS Command Line Interface ( AWS CLI ), run the following:\n\n`aws lambda add-permission --function-name \"arn:aws:lambda:us-east-2:111122223333:function:my-function\" --statement-id \"appsync\" --principal appsync.amazonaws.com --action lambda:InvokeFunction`", + "title": "AuthorizerUri", + "type": "string" + }, + "IdentityValidationExpression": { + "markdownDescription": "A regular expression for validation of tokens before the Lambda function is called.", + "title": "IdentityValidationExpression", + "type": "string" + } + }, + "required": [ + "AuthorizerUri" + ], + "type": "object" + }, + "AWS::AppSync::Api.OpenIDConnectConfig": { + "additionalProperties": false, + "properties": { + "AuthTTL": { + "markdownDescription": "The number of milliseconds that a token is valid after being authenticated.", + "title": "AuthTTL", + "type": "number" + }, + "ClientId": { + "markdownDescription": "The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AWS AppSync can validate against multiple client identifiers at a time.", + "title": "ClientId", + "type": "string" + }, + "IatTTL": { + "markdownDescription": "The number of milliseconds that a token is valid after it's issued to a user.", + "title": "IatTTL", + "type": "number" + }, + "Issuer": { + "markdownDescription": "The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of `iss` in the ID token.", + "title": "Issuer", + "type": "string" + } + }, + "required": [ + "Issuer" + ], + "type": "object" + }, "AWS::AppSync::ApiCache": { "additionalProperties": false, "properties": { @@ -19127,6 +20498,198 @@ ], "type": "object" }, + "AWS::AppSync::ChannelNamespace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiId": { + "markdownDescription": "The `Api` ID.", + "title": "ApiId", + "type": "string" + }, + "CodeHandlers": { + "markdownDescription": "The event handler functions that run custom business logic to process published events and subscribe requests.", + "title": "CodeHandlers", + "type": "string" + }, + "CodeS3Location": { + "markdownDescription": "The Amazon S3 endpoint where the code is located.", + "title": "CodeS3Location", + "type": "string" + }, + "HandlerConfigs": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfigs", + "markdownDescription": "The configuration for the `OnPublish` and `OnSubscribe` handlers.", + "title": "HandlerConfigs" + }, + "Name": { + "markdownDescription": "The name of the channel namespace. This name must be unique within the `Api` .", + "title": "Name", + "type": "string" + }, + "PublishAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.AuthMode" + }, + "markdownDescription": "The authorization mode to use for publishing messages on the channel namespace. This configuration overrides the default `Api` authorization configuration.", + "title": "PublishAuthModes", + "type": "array" + }, + "SubscribeAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.AuthMode" + }, + "markdownDescription": "The authorization mode to use for subscribing to messages on the channel namespace. This configuration overrides the default `Api` authorization configuration.", + "title": "SubscribeAuthModes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this channel namespace.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ApiId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AppSync::ChannelNamespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.AuthMode": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.HandlerConfig": { + "additionalProperties": false, + "properties": { + "Behavior": { + "markdownDescription": "The behavior for the handler.", + "title": "Behavior", + "type": "string" + }, + "Integration": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.Integration", + "markdownDescription": "The integration data source configuration for the handler.", + "title": "Integration" + } + }, + "required": [ + "Behavior", + "Integration" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.HandlerConfigs": { + "additionalProperties": false, + "properties": { + "OnPublish": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfig", + "markdownDescription": "The configuration for the `OnPublish` handler.", + "title": "OnPublish" + }, + "OnSubscribe": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfig", + "markdownDescription": "The configuration for the `OnSubscribe` handler.", + "title": "OnSubscribe" + } + }, + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.Integration": { + "additionalProperties": false, + "properties": { + "DataSourceName": { + "markdownDescription": "The unique name of the data source that has been configured on the API.", + "title": "DataSourceName", + "type": "string" + }, + "LambdaConfig": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.LambdaConfig", + "markdownDescription": "The configuration for a Lambda data source.", + "title": "LambdaConfig" + } + }, + "required": [ + "DataSourceName" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.LambdaConfig": { + "additionalProperties": false, + "properties": { + "InvokeType": { + "markdownDescription": "The invocation type for a Lambda data source.", + "title": "InvokeType", + "type": "string" + } + }, + "required": [ + "InvokeType" + ], + "type": "object" + }, "AWS::AppSync::DataSource": { "additionalProperties": false, "properties": { @@ -19544,6 +21107,14 @@ "markdownDescription": "The domain name.", "title": "DomainName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this domain name.", + "title": "Tags", + "type": "array" } }, "required": [ @@ -20577,7 +22148,7 @@ }, "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget": { + "AWS::AppTest::TestCase": { "additionalProperties": false, "properties": { "Condition": { @@ -20612,62 +22183,45 @@ "Properties": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand.", - "title": "MinCapacity", - "type": "number" - }, - "ResourceId": { - "markdownDescription": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", - "title": "ResourceId", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide* .\n\nTo automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide* . Look for the ARN in the table at the bottom of the page.", - "title": "RoleARN", + "Description": { + "markdownDescription": "The description of the test case.", + "title": "Description", "type": "string" }, - "ScalableDimension": { - "markdownDescription": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n\n- `ecs:service:DesiredCount` - The task count of an ECS service.\n- `elasticmapreduce:instancegroup:InstanceCount` - The instance count of an EMR Instance Group.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet.\n- `appstream:fleet:DesiredCapacity` - The capacity of an AppStream 2.0 fleet.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n- `sagemaker:variant:DesiredInstanceCount` - The number of EC2 instances for a SageMaker model endpoint variant.\n- `custom-resource:ResourceType:Property` - The scalable dimension for a custom resource provided by your own application or service.\n- `comprehend:document-classifier-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend document classification endpoint.\n- `comprehend:entity-recognizer-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n- `lambda:function:ProvisionedConcurrency` - The provisioned concurrency for a Lambda function.\n- `cassandra:table:ReadCapacityUnits` - The provisioned read capacity for an Amazon Keyspaces table.\n- `cassandra:table:WriteCapacityUnits` - The provisioned write capacity for an Amazon Keyspaces table.\n- `kafka:broker-storage:VolumeSize` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n- `elasticache:cache-cluster:Nodes` - The number of nodes for an Amazon ElastiCache cache cluster.\n- `elasticache:replication-group:NodeGroups` - The number of node groups for an Amazon ElastiCache replication group.\n- `elasticache:replication-group:Replicas` - The number of replicas per node group for an Amazon ElastiCache replication group.\n- `neptune:cluster:ReadReplicaCount` - The count of read replicas in an Amazon Neptune DB cluster.\n- `sagemaker:variant:DesiredProvisionedConcurrency` - The provisioned concurrency for a SageMaker serverless endpoint.\n- `sagemaker:inference-component:DesiredCopyCount` - The number of copies across an endpoint for a SageMaker inference component.\n- `workspaces:workspacespool:DesiredUserSessions` - The number of user sessions for the WorkSpaces in the pool.", - "title": "ScalableDimension", + "Name": { + "markdownDescription": "The name of the test case.", + "title": "Name", "type": "string" }, - "ScheduledActions": { + "Steps": { "items": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction" + "$ref": "#/definitions/AWS::AppTest::TestCase.Step" }, - "markdownDescription": "The scheduled actions for the scalable target. Duplicates aren't allowed.", - "title": "ScheduledActions", + "markdownDescription": "The steps in the test case.", + "title": "Steps", "type": "array" }, - "ServiceNamespace": { - "markdownDescription": "The namespace of the AWS service that provides the resource, or a `custom-resource` .", - "title": "ServiceNamespace", - "type": "string" - }, - "SuspendedState": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState", - "markdownDescription": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to `true` suspends the specified scaling activities. Setting it to `false` (default) resumes the specified scaling activities.\n\n*Suspension Outcomes*\n\n- For `DynamicScalingInSuspended` , while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n- For `DynamicScalingOutSuspended` , while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n- For `ScheduledScalingSuspended` , while a suspension is in effect, all scaling activities that involve scheduled actions are suspended.", - "title": "SuspendedState" + "Tags": { + "additionalProperties": true, + "markdownDescription": "The specified tags of the test case.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "MaxCapacity", - "MinCapacity", - "ResourceId", - "ScalableDimension", - "ServiceNamespace" + "Name", + "Steps" ], "type": "object" }, "Type": { "enum": [ - "AWS::ApplicationAutoScaling::ScalableTarget" + "AWS::AppTest::TestCase" ], "type": "string" }, @@ -20686,84 +22240,688 @@ ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { + "AWS::AppTest::TestCase.Batch": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum capacity.", - "title": "MaxCapacity", - "type": "number" + "BatchJobName": { + "markdownDescription": "The job name of the batch.", + "title": "BatchJobName", + "type": "string" }, - "MinCapacity": { - "markdownDescription": "The minimum capacity.", - "title": "MinCapacity", - "type": "number" + "BatchJobParameters": { + "additionalProperties": true, + "markdownDescription": "The batch job parameters of the batch.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "BatchJobParameters", + "type": "object" + }, + "ExportDataSetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The export data set names of the batch.", + "title": "ExportDataSetNames", + "type": "array" } }, + "required": [ + "BatchJobName" + ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction": { + "AWS::AppTest::TestCase.CloudFormationAction": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The date and time that the action is scheduled to end, in UTC.", - "title": "EndTime", + "ActionType": { + "markdownDescription": "The action type of the CloudFormation action.", + "title": "ActionType", "type": "string" }, - "ScalableTargetAction": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction", - "markdownDescription": "The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.", - "title": "ScalableTargetAction" + "Resource": { + "markdownDescription": "The resource of the CloudFormation action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.CompareAction": { + "additionalProperties": false, + "properties": { + "Input": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Input", + "markdownDescription": "The input of the compare action.", + "title": "Input" }, - "Schedule": { - "markdownDescription": "The schedule for this action. The following formats are supported:\n\n- At expressions - \" `at( *yyyy* - *mm* - *dd* T *hh* : *mm* : *ss* )` \"\n- Rate expressions - \" `rate( *value* *unit* )` \"\n- Cron expressions - \" `cron( *fields* )` \"\n\nAt expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.\n\nAt and cron expressions use Universal Coordinated Time (UTC) by default.\n\nThe cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].\n\nFor rate expressions, *value* is a positive integer and *unit* is `minute` | `minutes` | `hour` | `hours` | `day` | `days` .", - "title": "Schedule", + "Output": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Output", + "markdownDescription": "The output of the compare action.", + "title": "Output" + } + }, + "required": [ + "Input" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.DataSet": { + "additionalProperties": false, + "properties": { + "Ccsid": { + "markdownDescription": "The CCSID of the data set.", + "title": "Ccsid", "type": "string" }, - "ScheduledActionName": { - "markdownDescription": "The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target.", - "title": "ScheduledActionName", + "Format": { + "markdownDescription": "The format of the data set.", + "title": "Format", "type": "string" }, - "StartTime": { - "markdownDescription": "The date and time that the action is scheduled to begin, in UTC.", - "title": "StartTime", + "Length": { + "markdownDescription": "The length of the data set.", + "title": "Length", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the data set.", + "title": "Name", "type": "string" }, - "Timezone": { - "markdownDescription": "The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression.", - "title": "Timezone", + "Type": { + "markdownDescription": "The type of the data set.", + "title": "Type", "type": "string" } }, "required": [ - "Schedule", - "ScheduledActionName" + "Ccsid", + "Format", + "Length", + "Name", + "Type" ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState": { + "AWS::AppTest::TestCase.DatabaseCDC": { "additionalProperties": false, "properties": { - "DynamicScalingInSuspended": { - "markdownDescription": "Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is `false` .", - "title": "DynamicScalingInSuspended", - "type": "boolean" + "SourceMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.SourceDatabaseMetadata", + "markdownDescription": "The source metadata of the database CDC.", + "title": "SourceMetadata" }, - "DynamicScalingOutSuspended": { - "markdownDescription": "Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is `false` .", - "title": "DynamicScalingOutSuspended", - "type": "boolean" + "TargetMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.TargetDatabaseMetadata", + "markdownDescription": "The target metadata of the database CDC.", + "title": "TargetMetadata" + } + }, + "required": [ + "SourceMetadata", + "TargetMetadata" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.FileMetadata": { + "additionalProperties": false, + "properties": { + "DataSets": { + "items": { + "$ref": "#/definitions/AWS::AppTest::TestCase.DataSet" + }, + "markdownDescription": "The data sets of the file metadata.", + "title": "DataSets", + "type": "array" }, - "ScheduledScalingSuspended": { - "markdownDescription": "Whether scheduled scaling is suspended. Set the value to `true` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is `false` .", - "title": "ScheduledScalingSuspended", + "DatabaseCDC": { + "$ref": "#/definitions/AWS::AppTest::TestCase.DatabaseCDC", + "markdownDescription": "The database CDC of the file metadata.", + "title": "DatabaseCDC" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Input": { + "additionalProperties": false, + "properties": { + "File": { + "$ref": "#/definitions/AWS::AppTest::TestCase.InputFile", + "markdownDescription": "The file in the input.", + "title": "File" + } + }, + "required": [ + "File" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.InputFile": { + "additionalProperties": false, + "properties": { + "FileMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.FileMetadata", + "markdownDescription": "The file metadata of the input file.", + "title": "FileMetadata" + }, + "SourceLocation": { + "markdownDescription": "The source location of the input file.", + "title": "SourceLocation", + "type": "string" + }, + "TargetLocation": { + "markdownDescription": "The target location of the input file.", + "title": "TargetLocation", + "type": "string" + } + }, + "required": [ + "FileMetadata", + "SourceLocation", + "TargetLocation" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.M2ManagedActionProperties": { + "additionalProperties": false, + "properties": { + "ForceStop": { + "markdownDescription": "Force stops the Mainframe Modernization managed action properties.", + "title": "ForceStop", "type": "boolean" + }, + "ImportDataSetLocation": { + "markdownDescription": "The import data set location of the Mainframe Modernization managed action properties.", + "title": "ImportDataSetLocation", + "type": "string" } }, "type": "object" }, - "AWS::ApplicationAutoScaling::ScalingPolicy": { + "AWS::AppTest::TestCase.M2ManagedApplicationAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "markdownDescription": "The action type of the Mainframe Modernization managed application action.", + "title": "ActionType", + "type": "string" + }, + "Properties": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2ManagedActionProperties", + "markdownDescription": "The properties of the Mainframe Modernization managed application action.", + "title": "Properties" + }, + "Resource": { + "markdownDescription": "The resource of the Mainframe Modernization managed application action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.M2NonManagedApplicationAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "markdownDescription": "The action type of the Mainframe Modernization non-managed application action.", + "title": "ActionType", + "type": "string" + }, + "Resource": { + "markdownDescription": "The resource of the Mainframe Modernization non-managed application action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeActionType", + "markdownDescription": "The action type of the mainframe action.", + "title": "ActionType" + }, + "Properties": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeActionProperties", + "markdownDescription": "The properties of the mainframe action.", + "title": "Properties" + }, + "Resource": { + "markdownDescription": "The resource of the mainframe action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeActionProperties": { + "additionalProperties": false, + "properties": { + "DmsTaskArn": { + "markdownDescription": "The DMS task ARN of the mainframe action properties.", + "title": "DmsTaskArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeActionType": { + "additionalProperties": false, + "properties": { + "Batch": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Batch", + "markdownDescription": "The batch of the mainframe action type.", + "title": "Batch" + }, + "Tn3270": { + "$ref": "#/definitions/AWS::AppTest::TestCase.TN3270", + "markdownDescription": "The tn3270 port of the mainframe action type.", + "title": "Tn3270" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Output": { + "additionalProperties": false, + "properties": { + "File": { + "$ref": "#/definitions/AWS::AppTest::TestCase.OutputFile", + "markdownDescription": "The file of the output.", + "title": "File" + } + }, + "required": [ + "File" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.OutputFile": { + "additionalProperties": false, + "properties": { + "FileLocation": { + "markdownDescription": "The file location of the output file.", + "title": "FileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.ResourceAction": { + "additionalProperties": false, + "properties": { + "CloudFormationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.CloudFormationAction", + "markdownDescription": "The CloudFormation action of the resource action.", + "title": "CloudFormationAction" + }, + "M2ManagedApplicationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2ManagedApplicationAction", + "markdownDescription": "The Mainframe Modernization managed application action of the resource action.", + "title": "M2ManagedApplicationAction" + }, + "M2NonManagedApplicationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2NonManagedApplicationAction", + "markdownDescription": "The Mainframe Modernization non-managed application action of the resource action.", + "title": "M2NonManagedApplicationAction" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Script": { + "additionalProperties": false, + "properties": { + "ScriptLocation": { + "markdownDescription": "The script location of the scripts.", + "title": "ScriptLocation", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the scripts.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ScriptLocation", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.SourceDatabaseMetadata": { + "additionalProperties": false, + "properties": { + "CaptureTool": { + "markdownDescription": "The capture tool of the source database metadata.", + "title": "CaptureTool", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the source database metadata.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "CaptureTool", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.Step": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::AppTest::TestCase.StepAction", + "markdownDescription": "The action of the step.", + "title": "Action" + }, + "Description": { + "markdownDescription": "The description of the step.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the step.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Action", + "Name" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.StepAction": { + "additionalProperties": false, + "properties": { + "CompareAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.CompareAction", + "markdownDescription": "The compare action of the step action.", + "title": "CompareAction" + }, + "MainframeAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeAction", + "markdownDescription": "The mainframe action of the step action.", + "title": "MainframeAction" + }, + "ResourceAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.ResourceAction", + "markdownDescription": "The resource action of the step action.", + "title": "ResourceAction" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.TN3270": { + "additionalProperties": false, + "properties": { + "ExportDataSetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The data set names of the TN3270 protocol.", + "title": "ExportDataSetNames", + "type": "array" + }, + "Script": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Script", + "markdownDescription": "The script of the TN3270 protocol.", + "title": "Script" + } + }, + "required": [ + "Script" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.TargetDatabaseMetadata": { + "additionalProperties": false, + "properties": { + "CaptureTool": { + "markdownDescription": "The capture tool of the target database metadata.", + "title": "CaptureTool", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the target database metadata.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "CaptureTool", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.TestCaseLatestVersion": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of the test case latest version.", + "title": "Status", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the test case latest version.", + "title": "Version", + "type": "number" + } + }, + "required": [ + "Status", + "Version" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand.", + "title": "MinCapacity", + "type": "number" + }, + "ResourceId": { + "markdownDescription": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", + "title": "ResourceId", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide* .\n\nTo automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide* . Look for the ARN in the table at the bottom of the page.", + "title": "RoleARN", + "type": "string" + }, + "ScalableDimension": { + "markdownDescription": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n\n- `ecs:service:DesiredCount` - The task count of an ECS service.\n- `elasticmapreduce:instancegroup:InstanceCount` - The instance count of an EMR Instance Group.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet.\n- `appstream:fleet:DesiredCapacity` - The capacity of an AppStream 2.0 fleet.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n- `sagemaker:variant:DesiredInstanceCount` - The number of EC2 instances for a SageMaker model endpoint variant.\n- `custom-resource:ResourceType:Property` - The scalable dimension for a custom resource provided by your own application or service.\n- `comprehend:document-classifier-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend document classification endpoint.\n- `comprehend:entity-recognizer-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n- `lambda:function:ProvisionedConcurrency` - The provisioned concurrency for a Lambda function.\n- `cassandra:table:ReadCapacityUnits` - The provisioned read capacity for an Amazon Keyspaces table.\n- `cassandra:table:WriteCapacityUnits` - The provisioned write capacity for an Amazon Keyspaces table.\n- `kafka:broker-storage:VolumeSize` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n- `elasticache:cache-cluster:Nodes` - The number of nodes for an Amazon ElastiCache cache cluster.\n- `elasticache:replication-group:NodeGroups` - The number of node groups for an Amazon ElastiCache replication group.\n- `elasticache:replication-group:Replicas` - The number of replicas per node group for an Amazon ElastiCache replication group.\n- `neptune:cluster:ReadReplicaCount` - The count of read replicas in an Amazon Neptune DB cluster.\n- `sagemaker:variant:DesiredProvisionedConcurrency` - The provisioned concurrency for a SageMaker serverless endpoint.\n- `sagemaker:inference-component:DesiredCopyCount` - The number of copies across an endpoint for a SageMaker inference component.\n- `workspaces:workspacespool:DesiredUserSessions` - The number of user sessions for the WorkSpaces in the pool.", + "title": "ScalableDimension", + "type": "string" + }, + "ScheduledActions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction" + }, + "markdownDescription": "The scheduled actions for the scalable target. Duplicates aren't allowed.", + "title": "ScheduledActions", + "type": "array" + }, + "ServiceNamespace": { + "markdownDescription": "The namespace of the AWS service that provides the resource, or a `custom-resource` .", + "title": "ServiceNamespace", + "type": "string" + }, + "SuspendedState": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState", + "markdownDescription": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to `true` suspends the specified scaling activities. Setting it to `false` (default) resumes the specified scaling activities.\n\n*Suspension Outcomes*\n\n- For `DynamicScalingInSuspended` , while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n- For `DynamicScalingOutSuspended` , while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n- For `ScheduledScalingSuspended` , while a suspension is in effect, all scaling activities that involve scheduled actions are suspended.", + "title": "SuspendedState" + } + }, + "required": [ + "MaxCapacity", + "MinCapacity", + "ResourceId", + "ScalableDimension", + "ServiceNamespace" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationAutoScaling::ScalableTarget" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum capacity.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum capacity.", + "title": "MinCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The date and time that the action is scheduled to end, in UTC.", + "title": "EndTime", + "type": "string" + }, + "ScalableTargetAction": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction", + "markdownDescription": "The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.", + "title": "ScalableTargetAction" + }, + "Schedule": { + "markdownDescription": "The schedule for this action. The following formats are supported:\n\n- At expressions - \" `at( *yyyy* - *mm* - *dd* T *hh* : *mm* : *ss* )` \"\n- Rate expressions - \" `rate( *value* *unit* )` \"\n- Cron expressions - \" `cron( *fields* )` \"\n\nAt expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.\n\nAt and cron expressions use Universal Coordinated Time (UTC) by default.\n\nThe cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].\n\nFor rate expressions, *value* is a positive integer and *unit* is `minute` | `minutes` | `hour` | `hours` | `day` | `days` .", + "title": "Schedule", + "type": "string" + }, + "ScheduledActionName": { + "markdownDescription": "The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target.", + "title": "ScheduledActionName", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time that the action is scheduled to begin, in UTC.", + "title": "StartTime", + "type": "string" + }, + "Timezone": { + "markdownDescription": "The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression.", + "title": "Timezone", + "type": "string" + } + }, + "required": [ + "Schedule", + "ScheduledActionName" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState": { + "additionalProperties": false, + "properties": { + "DynamicScalingInSuspended": { + "markdownDescription": "Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is `false` .", + "title": "DynamicScalingInSuspended", + "type": "boolean" + }, + "DynamicScalingOutSuspended": { + "markdownDescription": "Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is `false` .", + "title": "DynamicScalingOutSuspended", + "type": "boolean" + }, + "ScheduledScalingSuspended": { + "markdownDescription": "Whether scheduled scaling is suspended. Set the value to `true` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is `false` .", + "title": "ScheduledScalingSuspended", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -20808,6 +22966,11 @@ "title": "PolicyType", "type": "string" }, + "PredictiveScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPolicyConfiguration", + "markdownDescription": "The predictive scaling policy configuration.", + "title": "PredictiveScalingPolicyConfiguration" + }, "ResourceId": { "markdownDescription": "The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", "title": "ResourceId", @@ -20947,6 +23110,287 @@ ], "type": "object" }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedCapacityMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "One or more metric data queries to provide data points for a metric specification.", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedLoadMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedScalingMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "One or more metric data queries to provide data points for a metric specification.", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetric": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDimension" + }, + "markdownDescription": "Describes the dimensions of the metric.", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name that identifies the object's results in the response. This name must be unique among all `MetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.", + "title": "Label", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricStat", + "markdownDescription": "Information about the metric data to return.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "MetricStat" + }, + "ReturnData": { + "markdownDescription": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ).", + "title": "ReturnData", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the dimension.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricSpecification": { + "additionalProperties": false, + "properties": { + "CustomizedCapacityMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedCapacityMetric", + "markdownDescription": "The customized capacity metric specification.", + "title": "CustomizedCapacityMetricSpecification" + }, + "CustomizedLoadMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedLoadMetric", + "markdownDescription": "The customized load metric specification.", + "title": "CustomizedLoadMetricSpecification" + }, + "CustomizedScalingMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedScalingMetric", + "markdownDescription": "The customized scaling metric specification.", + "title": "CustomizedScalingMetricSpecification" + }, + "PredefinedLoadMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedLoadMetric", + "markdownDescription": "The predefined load metric specification.", + "title": "PredefinedLoadMetricSpecification" + }, + "PredefinedMetricPairSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedMetricPair", + "markdownDescription": "The predefined metric pair specification that determines the appropriate scaling metric and load metric to use.", + "title": "PredefinedMetricPairSpecification" + }, + "PredefinedScalingMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedScalingMetric", + "markdownDescription": "The predefined scaling metric specification.", + "title": "PredefinedScalingMetricSpecification" + }, + "TargetValue": { + "markdownDescription": "Specifies the target utilization.", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricStat": { + "additionalProperties": false, + "properties": { + "Metric": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetric", + "markdownDescription": "The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) .", + "title": "Metric" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metrics for predictive scaling are `Average` and `Sum` .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", + "title": "Unit", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacityBreachBehavior": { + "markdownDescription": "Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity. Defaults to `HonorMaxCapacity` if not specified.", + "title": "MaxCapacityBreachBehavior", + "type": "string" + }, + "MaxCapacityBuffer": { + "markdownDescription": "The size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. The value is specified as a percentage relative to the forecast capacity. For example, if the buffer is 10, this means a 10 percent buffer, such that if the forecast capacity is 50, and the maximum capacity is 40, then the effective maximum capacity is 55.\n\nRequired if the `MaxCapacityBreachBehavior` property is set to `IncreaseMaxCapacity` , and cannot be used otherwise.", + "title": "MaxCapacityBuffer", + "type": "number" + }, + "MetricSpecifications": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricSpecification" + }, + "markdownDescription": "This structure includes the metrics and target utilization to use for predictive scaling.\n\nThis is an array, but we currently only support a single metric specification. That is, you can specify a target value and a single metric pair, or a target value and one scaling metric and one load metric.", + "title": "MetricSpecifications", + "type": "array" + }, + "Mode": { + "markdownDescription": "The predictive scaling mode. Defaults to `ForecastOnly` if not specified.", + "title": "Mode", + "type": "string" + }, + "SchedulingBufferTime": { + "markdownDescription": "The amount of time, in seconds, that the start time can be advanced.\n\nThe value must be less than the forecast interval duration of 3600 seconds (60 minutes). Defaults to 300 seconds if not specified.", + "title": "SchedulingBufferTime", + "type": "number" + } + }, + "required": [ + "MetricSpecifications" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedLoadMetric": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "The metric type.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a target group.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedMetricPair": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "Indicates which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a specific target group from which to determine the total and average request count.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedScalingMetric": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "The metric type.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a specific target group from which to determine the average request count.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, "AWS::ApplicationAutoScaling::ScalingPolicy.StepAdjustment": { "additionalProperties": false, "properties": { @@ -21230,6 +23674,11 @@ "title": "ResourceGroupName", "type": "string" }, + "SNSNotificationArn": { + "markdownDescription": "The SNS topic ARN that is associated with SNS notifications for updates or issues.", + "title": "SNSNotificationArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -21766,6 +24215,636 @@ ], "type": "object" }, + "AWS::ApplicationSignals::Discovery": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationSignals::Discovery" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BurnRateConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.BurnRateConfiguration" + }, + "markdownDescription": "Each object in this array defines the length of the look-back window used to calculate one burn rate metric for this SLO. The burn rate measures how fast the service is consuming the error budget, relative to the attainment goal of the SLO.", + "title": "BurnRateConfigurations", + "type": "array" + }, + "Description": { + "markdownDescription": "An optional description for this SLO.", + "title": "Description", + "type": "string" + }, + "ExclusionWindows": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.ExclusionWindow" + }, + "markdownDescription": "The time window to be excluded from the SLO performance metrics.", + "title": "ExclusionWindows", + "type": "array" + }, + "Goal": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Goal", + "markdownDescription": "This structure contains the attributes that determine the goal of an SLO. This includes the time period for evaluation and the attainment threshold.", + "title": "Goal" + }, + "Name": { + "markdownDescription": "A name for this SLO.", + "title": "Name", + "type": "string" + }, + "RequestBasedSli": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSli", + "markdownDescription": "A structure containing information about the performance metric that this SLO monitors, if this is a request-based SLO.", + "title": "RequestBasedSli" + }, + "Sli": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Sli", + "markdownDescription": "A structure containing information about the performance metric that this SLO monitors, if this is a period-based SLO.", + "title": "Sli" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to associate with the SLO. You can associate as many as 50 tags with an SLO. To be able to associate tags with the SLO when you create the SLO, you must have the cloudwatch:TagResource permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationSignals::ServiceLevelObjective" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.BurnRateConfiguration": { + "additionalProperties": false, + "properties": { + "LookBackWindowMinutes": { + "markdownDescription": "The number of minutes to use as the look-back window.", + "title": "LookBackWindowMinutes", + "type": "number" + } + }, + "required": [ + "LookBackWindowMinutes" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.CalendarInterval": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "Specifies the duration of each calendar interval. For example, if `Duration` is `1` and `DurationUnit` is `MONTH` , each interval is one month, aligned with the calendar.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "Specifies the calendar interval unit.", + "title": "DurationUnit", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time when you want the first interval to start. Be sure to choose a time that configures the intervals the way that you want. For example, if you want weekly intervals starting on Mondays at 6 a.m., be sure to specify a start time that is a Monday at 6 a.m.\n\nWhen used in a raw HTTP Query API, it is formatted as be epoch time in seconds. For example: `1698778057`\n\nAs soon as one calendar interval ends, another automatically begins.", + "title": "StartTime", + "type": "number" + } + }, + "required": [ + "Duration", + "DurationUnit", + "StartTime" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig": { + "additionalProperties": false, + "properties": { + "DependencyKeyAttributes": { + "additionalProperties": true, + "markdownDescription": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which dependency the SLO metric is related to.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DependencyKeyAttributes", + "type": "object" + }, + "DependencyOperationName": { + "markdownDescription": "When the SLO monitors a specific operation of the dependency, this field specifies the name of that operation in the dependency.", + "title": "DependencyOperationName", + "type": "string" + } + }, + "required": [ + "DependencyKeyAttributes", + "DependencyOperationName" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Dimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon ( `:` ). ASCII control characters are not supported as part of dimension names.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.ExclusionWindow": { + "additionalProperties": false, + "properties": { + "Reason": { + "markdownDescription": "The reason for the time exclusion windows. For example, maintenance.", + "title": "Reason", + "type": "string" + }, + "RecurrenceRule": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RecurrenceRule", + "markdownDescription": "The recurrence rule for the time exclusion window.", + "title": "RecurrenceRule" + }, + "StartTime": { + "markdownDescription": "The start time of the time exclusion window.", + "title": "StartTime", + "type": "string" + }, + "Window": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Window", + "markdownDescription": "The time exclusion window.", + "title": "Window" + } + }, + "required": [ + "Window" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Goal": { + "additionalProperties": false, + "properties": { + "AttainmentGoal": { + "markdownDescription": "The threshold that determines if the goal is being met.\n\nIf this is a period-based SLO, the attainment goal is the percentage of good periods that meet the threshold requirements to the total periods within the interval. For example, an attainment goal of 99.9% means that within your interval, you are targeting 99.9% of the periods to be in healthy state.\n\nIf this is a request-based SLO, the attainment goal is the percentage of requests that must be successful to meet the attainment goal.\n\nIf you omit this parameter, 99 is used to represent 99% as the attainment goal.", + "title": "AttainmentGoal", + "type": "number" + }, + "Interval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Interval", + "markdownDescription": "The time period used to evaluate the SLO. It can be either a calendar interval or rolling interval.\n\nIf you omit this parameter, a rolling interval of 7 days is used.", + "title": "Interval" + }, + "WarningThreshold": { + "markdownDescription": "The percentage of remaining budget over total budget that you want to get warnings for. If you omit this parameter, the default of 50.0 is used.", + "title": "WarningThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Interval": { + "additionalProperties": false, + "properties": { + "CalendarInterval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.CalendarInterval", + "markdownDescription": "If the interval is a calendar interval, this structure contains the interval specifications.", + "title": "CalendarInterval" + }, + "RollingInterval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RollingInterval", + "markdownDescription": "If the interval is a rolling interval, this structure contains the interval specifications.", + "title": "RollingInterval" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Metric": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Dimension" + }, + "markdownDescription": "An array of one or more dimensions to use to define the metric that you want to use. For more information, see [Dimensions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Dimension) .", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric to use.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account where this metric is located. If you are performing this operation in a monitoring account, use this to specify which source account to retrieve this metric from.", + "title": "AccountId", + "type": "string" + }, + "Expression": { + "markdownDescription": "This field can contain a metric math expression to be performed on the other metrics that you are retrieving within this `MetricDataQueries` structure.\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This `Id` must be unique within a `MetricDataQueries` array. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the metric math expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricStat", + "markdownDescription": "A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO.\n\nWithin one `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "ReturnData": { + "markdownDescription": "Use this only if you are using a metric math expression for the SLO. Specify `true` for `ReturnData` for only the one expression result to use as the alarm. For all other metrics and expressions in the same `CreateServiceLevelObjective` operation, specify `ReturnData` as `false` .", + "title": "ReturnData", + "type": "boolean" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MetricStat": { + "additionalProperties": false, + "properties": { + "Metric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Metric", + "markdownDescription": "The metric to use as the service level indicator, including the metric name, namespace, and dimensions.", + "title": "Metric" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, to be used for the metric. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. For more information about statistics, see [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "If you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Metric", + "Period", + "Stat" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MonitoredRequestCountMetric": { + "additionalProperties": false, + "properties": { + "BadCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If you want to count \"bad requests\" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as \"bad requests\" in this structure.", + "title": "BadCountMetric", + "type": "array" + }, + "GoodCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If you want to count \"good requests\" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as \"good requests\" in this structure.", + "title": "GoodCountMetric", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RecurrenceRule": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The following two rules are supported:\n\n- rate(value unit) - The value must be a positive integer and the unit can be hour|day|month.\n- cron - An expression which consists of six fields separated by white spaces: (minutes hours day_of_month month day_of_week year).", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSli": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation used when comparing the specified metric to the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "MetricThreshold": { + "markdownDescription": "This value is the threshold that the observed metric values of the SLI metric are compared to.", + "title": "MetricThreshold", + "type": "number" + }, + "RequestBasedSliMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSliMetric", + "markdownDescription": "A structure that contains information about the metric that the SLO monitors.", + "title": "RequestBasedSliMetric" + } + }, + "required": [ + "RequestBasedSliMetric" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSliMetric": { + "additionalProperties": false, + "properties": { + "DependencyConfig": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig", + "markdownDescription": "Identifies the dependency using the `DependencyKeyAttributes` and `DependencyOperationName` .", + "title": "DependencyConfig" + }, + "KeyAttributes": { + "additionalProperties": true, + "markdownDescription": "This is a string-to-string map that contains information about the type of object that this SLO is related to. It can include the following fields.\n\n- `Type` designates the type of object that this SLO is related to.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.\n- `AwsAccountId` allows you to create an SLO for an object that exists in another account.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KeyAttributes", + "type": "object" + }, + "MetricType": { + "markdownDescription": "If the SLO monitors either the `LATENCY` or `AVAILABILITY` metric that Application Signals collects, this field displays which of those metrics is used.", + "title": "MetricType", + "type": "string" + }, + "MonitoredRequestCountMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MonitoredRequestCountMetric", + "markdownDescription": "Use this structure to define the metric that you want to use as the \"good request\" or \"bad request\" value for a request-based SLO. This value observed for the metric defined in `TotalRequestCountMetric` will be divided by the number found for `MonitoredRequestCountMetric` to determine the percentage of successful requests that this SLO tracks.", + "title": "MonitoredRequestCountMetric" + }, + "OperationName": { + "markdownDescription": "If the SLO monitors a specific operation of the service, this field displays that operation name.", + "title": "OperationName", + "type": "string" + }, + "TotalRequestCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "This structure defines the metric that is used as the \"total requests\" number for a request-based SLO. The number observed for this metric is divided by the number of \"good requests\" or \"bad requests\" that is observed for the metric defined in `MonitoredRequestCountMetric` .", + "title": "TotalRequestCountMetric", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RollingInterval": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "Specifies the duration of each rolling interval. For example, if `Duration` is `7` and `DurationUnit` is `DAY` , each rolling interval is seven days.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "Specifies the rolling interval unit.", + "title": "DurationUnit", + "type": "string" + } + }, + "required": [ + "Duration", + "DurationUnit" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Sli": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified metric to the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "MetricThreshold": { + "markdownDescription": "The value that the SLI metric is compared to.", + "title": "MetricThreshold", + "type": "number" + }, + "SliMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.SliMetric", + "markdownDescription": "Use this structure to specify the metric to be used for the SLO.", + "title": "SliMetric" + } + }, + "required": [ + "ComparisonOperator", + "MetricThreshold", + "SliMetric" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.SliMetric": { + "additionalProperties": false, + "properties": { + "DependencyConfig": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig", + "markdownDescription": "Identifies the dependency using the `DependencyKeyAttributes` and `DependencyOperationName` .", + "title": "DependencyConfig" + }, + "KeyAttributes": { + "additionalProperties": true, + "markdownDescription": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which service the SLO metric is related to. To do so, you must specify at least the `Type` , `Name` , and `Environment` attributes.\n\nThis is a string-to-string map. It can include the following fields.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KeyAttributes", + "type": "object" + }, + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, use this structure to specify that metric or expression.", + "title": "MetricDataQueries", + "type": "array" + }, + "MetricType": { + "markdownDescription": "If the SLO is to monitor either the `LATENCY` or `AVAILABILITY` metric that Application Signals collects, use this field to specify which of those metrics is used.", + "title": "MetricType", + "type": "string" + }, + "OperationName": { + "markdownDescription": "If the SLO is to monitor a specific operation of the service, use this field to specify the name of that operation.", + "title": "OperationName", + "type": "string" + }, + "PeriodSeconds": { + "markdownDescription": "The number of seconds to use as the period for SLO evaluation. Your application's performance is compared to the SLI during each period. For each period, the application is determined to have either achieved or not achieved the necessary performance.", + "title": "PeriodSeconds", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. For more information about statistics, see [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) .", + "title": "Statistic", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Window": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "The start and end time of the time exclusion window.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "The unit of measurement to use during the time window exclusion.", + "title": "DurationUnit", + "type": "string" + } + }, + "required": [ + "Duration", + "DurationUnit" + ], + "type": "object" + }, "AWS::Athena::CapacityReservation": { "additionalProperties": false, "properties": { @@ -21921,11 +25000,21 @@ "Properties": { "additionalProperties": false, "properties": { + "ConnectionType": { + "markdownDescription": "The type of connection for a `FEDERATED` data catalog (for example, `REDSHIFT` , `MYSQL` , or `SQLSERVER` ). For information about individual connectors, see [Available data source connectors](https://docs.aws.amazon.com/athena/latest/ug/connectors-available.html) .", + "title": "ConnectionType", + "type": "string" + }, "Description": { "markdownDescription": "A description of the data catalog.", "title": "Description", "type": "string" }, + "Error": { + "markdownDescription": "Text of the error that occurred during data catalog creation or deletion.", + "title": "Error", + "type": "string" + }, "Name": { "markdownDescription": "The name of the data catalog. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters.", "title": "Name", @@ -21942,6 +25031,11 @@ "title": "Parameters", "type": "object" }, + "Status": { + "markdownDescription": "The status of the creation or deletion of the data catalog.\n\n- The `LAMBDA` , `GLUE` , and `HIVE` data catalog types are created synchronously. Their status is either `CREATE_COMPLETE` or `CREATE_FAILED` .\n- The `FEDERATED` data catalog type is created asynchronously.\n\nData catalog creation status:\n\n- `CREATE_IN_PROGRESS` : Federated data catalog creation in progress.\n- `CREATE_COMPLETE` : Data catalog creation complete.\n- `CREATE_FAILED` : Data catalog could not be created.\n- `CREATE_FAILED_CLEANUP_IN_PROGRESS` : Federated data catalog creation failed and is being removed.\n- `CREATE_FAILED_CLEANUP_COMPLETE` : Federated data catalog creation failed and was removed.\n- `CREATE_FAILED_CLEANUP_FAILED` : Federated data catalog creation failed but could not be removed.\n\nData catalog deletion status:\n\n- `DELETE_IN_PROGRESS` : Federated data catalog deletion in progress.\n- `DELETE_COMPLETE` : Federated data catalog deleted.\n- `DELETE_FAILED` : Federated data catalog could not be deleted.", + "title": "Status", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -22313,6 +25407,33 @@ }, "type": "object" }, + "AWS::Athena::WorkGroup.ManagedQueryResultsConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If set to true, allows you to store query results in Athena owned storage. If set to false, workgroup member stores query results in location specified under `ResultConfiguration$OutputLocation` . The default is false. A workgroup cannot have the `ResultConfiguration$OutputLocation` parameter when you set this field to true.", + "title": "Enabled", + "type": "boolean" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::Athena::WorkGroup.ManagedStorageEncryptionConfiguration", + "markdownDescription": "If you encrypt query and calculation results in Athena owned storage, this field indicates the encryption option (for example, SSE_KMS or CSE_KMS) and key information.", + "title": "EncryptionConfiguration" + } + }, + "type": "object" + }, + "AWS::Athena::WorkGroup.ManagedStorageEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKey": { + "markdownDescription": "", + "title": "KmsKey", + "type": "string" + } + }, + "type": "object" + }, "AWS::Athena::WorkGroup.ResultConfiguration": { "additionalProperties": false, "properties": { @@ -22372,6 +25493,11 @@ "title": "ExecutionRole", "type": "string" }, + "ManagedQueryResultsConfiguration": { + "$ref": "#/definitions/AWS::Athena::WorkGroup.ManagedQueryResultsConfiguration", + "markdownDescription": "The configuration for storing results in Athena owned storage, which includes whether this feature is enabled; whether encryption configuration, if any, is used for encrypting query results.", + "title": "ManagedQueryResultsConfiguration" + }, "PublishCloudWatchMetricsEnabled": { "markdownDescription": "Indicates that the Amazon CloudWatch metrics are enabled for the workgroup.", "title": "PublishCloudWatchMetricsEnabled", @@ -22697,6 +25823,16 @@ "title": "AutoScalingGroupName", "type": "string" }, + "AvailabilityZoneDistribution": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneDistribution", + "markdownDescription": "The instance capacity distribution across Availability Zones.", + "title": "AvailabilityZoneDistribution" + }, + "AvailabilityZoneImpairmentPolicy": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneImpairmentPolicy", + "markdownDescription": "The Availability Zone impairment policy.", + "title": "AvailabilityZoneImpairmentPolicy" + }, "AvailabilityZones": { "items": { "type": "string" @@ -22710,6 +25846,11 @@ "title": "CapacityRebalance", "type": "boolean" }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CapacityReservationSpecification", + "markdownDescription": "The capacity reservation specification.", + "title": "CapacityReservationSpecification" + }, "Context": { "markdownDescription": "Reserved.", "title": "Context", @@ -22832,6 +25973,11 @@ "title": "ServiceLinkedRoleARN", "type": "string" }, + "SkipZonalShiftValidation": { + "markdownDescription": "", + "title": "SkipZonalShiftValidation", + "type": "boolean" + }, "Tags": { "items": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.TagProperty" @@ -22856,6 +26002,14 @@ "title": "TerminationPolicies", "type": "array" }, + "TrafficSources": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.TrafficSourceIdentifier" + }, + "markdownDescription": "The traffic sources associated with this Auto Scaling group.", + "title": "TrafficSources", + "type": "array" + }, "VPCZoneIdentifier": { "items": { "type": "string" @@ -22927,6 +26081,37 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneDistribution": { + "additionalProperties": false, + "properties": { + "CapacityDistributionStrategy": { + "markdownDescription": "If launches fail in an Availability Zone, the following strategies are available. The default is `balanced-best-effort` .\n\n- `balanced-only` - If launches fail in an Availability Zone, Auto Scaling will continue to attempt to launch in the unhealthy zone to preserve a balanced distribution.\n- `balanced-best-effort` - If launches fail in an Availability Zone, Auto Scaling will attempt to launch in another healthy Availability Zone instead.", + "title": "CapacityDistributionStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneImpairmentPolicy": { + "additionalProperties": false, + "properties": { + "ImpairedZoneHealthCheckBehavior": { + "markdownDescription": "Specifies the health check behavior for the impaired Availability Zone in an active zonal shift. If you select `Replace unhealthy` , instances that appear unhealthy will be replaced in all Availability Zones. If you select `Ignore unhealthy` , instances will not be replaced in the Availability Zone with the active zonal shift. For more information, see [Auto Scaling group zonal shift](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-zonal-shift.html) in the *Amazon EC2 Auto Scaling User Guide* .", + "title": "ImpairedZoneHealthCheckBehavior", + "type": "string" + }, + "ZonalShiftEnabled": { + "markdownDescription": "If `true` , enable zonal shift for your Auto Scaling group.", + "title": "ZonalShiftEnabled", + "type": "boolean" + } + }, + "required": [ + "ImpairedZoneHealthCheckBehavior", + "ZonalShiftEnabled" + ], + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.BaselineEbsBandwidthMbpsRequest": { "additionalProperties": false, "properties": { @@ -22943,6 +26128,72 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.BaselinePerformanceFactorsRequest": { + "additionalProperties": false, + "properties": { + "Cpu": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CapacityReservationSpecification": { + "additionalProperties": false, + "properties": { + "CapacityReservationPreference": { + "markdownDescription": "The capacity reservation preference. The following options are available:\n\n- `capacity-reservations-only` - Auto Scaling will only launch instances into a Capacity Reservation or Capacity Reservation resource group. If capacity isn't available, instances will fail to launch.\n- `capacity-reservations-first` - Auto Scaling will try to launch instances into a Capacity Reservation or Capacity Reservation resource group first. If capacity isn't available, instances will run in On-Demand capacity.\n- `none` - Auto Scaling will not launch instances into a Capacity Reservation. Instances will run in On-Demand capacity.\n- `default` - Auto Scaling uses the Capacity Reservation preference from your launch template or an open Capacity Reservation.", + "title": "CapacityReservationPreference", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CapacityReservationTarget", + "markdownDescription": "Describes a target Capacity Reservation or Capacity Reservation resource group.", + "title": "CapacityReservationTarget" + } + }, + "required": [ + "CapacityReservationPreference" + ], + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CapacityReservationTarget": { + "additionalProperties": false, + "properties": { + "CapacityReservationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Capacity Reservation IDs to launch instances into.", + "title": "CapacityReservationIds", + "type": "array" + }, + "CapacityReservationResourceGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The resource group ARNs of the Capacity Reservation to launch instances into.", + "title": "CapacityReservationResourceGroupArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CpuPerformanceFactorRequest": { + "additionalProperties": false, + "properties": { + "References": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.PerformanceFactorReferenceRequest" + }, + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently only one instance family can be specified in the list.", + "title": "References", + "type": "array" + } + }, + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.InstanceMaintenancePolicy": { "additionalProperties": false, "properties": { @@ -23014,6 +26265,11 @@ "markdownDescription": "The minimum and maximum baseline bandwidth performance for an instance type, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", "title": "BaselineEbsBandwidthMbps" }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance factors for the instance requirements.", + "title": "BaselinePerformanceFactors" + }, "BurstablePerformance": { "markdownDescription": "Indicates whether burstable performance instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `excluded`", "title": "BurstablePerformance", @@ -23396,6 +26652,17 @@ ], "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.PerformanceFactorReferenceRequest": { + "additionalProperties": false, + "properties": { + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Make sure that you specify the correct value for the instance family. The instance family is everything before the period (.) in the instance type name. For example, in the instance `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance types are *not supported* for performance protection.\n\n- `c1`\n- `g3| g3s`\n- `hpc7g`\n- `m1| m2`\n- `mac1 | mac2 | mac2-m1ultra | mac2-m2 | mac2-m2pro`\n- `p3dn | p4d | p5`\n- `t1`\n- `u-12tb1 | u-18tb1 | u-24tb1 | u-3tb1 | u-6tb1 | u-9tb1 | u7i-12tb | u7in-16tb | u7in-24tb | u7in-32tb`\n\nIf you performance protection by specifying a supported instance family, the returned instance types will exclude the preceding unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response.", + "title": "InstanceFamily", + "type": "string" + } + }, + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.TagProperty": { "additionalProperties": false, "properties": { @@ -23438,6 +26705,26 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.TrafficSourceIdentifier": { + "additionalProperties": false, + "properties": { + "Identifier": { + "markdownDescription": "Identifies the traffic source.\n\nFor Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region.\n\nFor example:\n\n- Application Load Balancer ARN: `arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-targets/1234567890123456`\n- Classic Load Balancer name: `my-classic-load-balancer`\n- VPC Lattice ARN: `arn:aws:vpc-lattice:us-west-2:123456789012:targetgroup/tg-1234567890123456`\n\nTo get the ARN of a target group for a Application Load Balancer, Gateway Load Balancer, or Network Load Balancer, or the name of a Classic Load Balancer, use the Elastic Load Balancing [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) and [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operations.\n\nTo get the ARN of a target group for VPC Lattice, use the VPC Lattice [GetTargetGroup](https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetTargetGroup.html) API operation.", + "title": "Identifier", + "type": "string" + }, + "Type": { + "markdownDescription": "Provides additional context for the value of `Identifier` .\n\nThe following lists the valid values:\n\n- `elb` if `Identifier` is the name of a Classic Load Balancer.\n- `elbv2` if `Identifier` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group.\n- `vpc-lattice` if `Identifier` is the ARN of a VPC Lattice target group.\n\nRequired if the identifier is the name of a Classic Load Balancer.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Identifier", + "Type" + ], + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.VCpuCountRequest": { "additionalProperties": false, "properties": { @@ -23951,11 +27238,24 @@ "title": "MetricName", "type": "string" }, + "Metrics": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery" + }, + "markdownDescription": "The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions.", + "title": "Metrics", + "type": "array" + }, "Namespace": { "markdownDescription": "The namespace of the metric.", "title": "Namespace", "type": "string" }, + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" + }, "Statistic": { "markdownDescription": "The statistic of the metric.", "title": "Statistic", @@ -23967,11 +27267,6 @@ "type": "string" } }, - "required": [ - "MetricName", - "Namespace", - "Statistic" - ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.Metric": { @@ -24342,207 +27637,276 @@ ], "type": "object" }, - "AWS::AutoScaling::ScheduledAction": { + "AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery": { "additionalProperties": false, "properties": { - "Condition": { + "Expression": { + "markdownDescription": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "Expression", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "A short name that identifies the object's results in the response. This name must be unique among all `TargetTrackingMetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.", + "title": "Label", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupName": { - "markdownDescription": "The name of the Auto Scaling group.", - "title": "AutoScalingGroupName", - "type": "string" - }, - "DesiredCapacity": { - "markdownDescription": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. It can scale beyond this capacity if you add more scaling conditions.\n\n> You must specify at least one of the following properties: `MaxSize` , `MinSize` , or `DesiredCapacity` .", - "title": "DesiredCapacity", - "type": "number" - }, - "EndTime": { - "markdownDescription": "The date and time for the recurring schedule to end, in UTC. For example, `\"2021-06-01T00:00:00Z\"` .", - "title": "EndTime", - "type": "string" - }, - "MaxSize": { - "markdownDescription": "The maximum size of the Auto Scaling group.", - "title": "MaxSize", - "type": "number" - }, - "MinSize": { - "markdownDescription": "The minimum size of the Auto Scaling group.", - "title": "MinSize", - "type": "number" - }, - "Recurrence": { - "markdownDescription": "The recurring schedule for this action. This format consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, `\"30 0 1 1,6,12 *\"` ). For more information about this format, see [Crontab](https://docs.aws.amazon.com/http://crontab.org) .\n\nWhen `StartTime` and `EndTime` are specified with `Recurrence` , they form the boundaries of when the recurring action starts and stops.\n\nCron expressions use Universal Coordinated Time (UTC) by default.", - "title": "Recurrence", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format in UTC/GMT only and in quotes (for example, `\"2021-06-01T00:00:00Z\"` ).\n\nIf you specify `Recurrence` and `StartTime` , Amazon EC2 Auto Scaling performs the action at this time, and then performs the action based on the specified recurrence.", - "title": "StartTime", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "Specifies the time zone for a cron expression. If a time zone is not provided, UTC is used by default.\n\nValid values are the canonical names of the IANA time zones, derived from the IANA Time Zone Database (such as `Etc/GMT+9` or `Pacific/Tahiti` ). For more information, see [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) .", - "title": "TimeZone", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupName" - ], - "type": "object" + "MetricStat": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricStat", + "markdownDescription": "Information about the metric data to return.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "MetricStat" }, - "Type": { - "enum": [ - "AWS::AutoScaling::ScheduledAction" - ], - "type": "string" + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ReturnData": { + "markdownDescription": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ).", + "title": "ReturnData", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Id" ], "type": "object" }, - "AWS::AutoScaling::WarmPool": { + "AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricStat": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Metric": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.Metric", + "markdownDescription": "The metric to use.", + "title": "Metric" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupName": { - "markdownDescription": "The name of the Auto Scaling group.", - "title": "AutoScalingGroupName", - "type": "string" - }, - "InstanceReusePolicy": { - "$ref": "#/definitions/AWS::AutoScaling::WarmPool.InstanceReusePolicy", - "markdownDescription": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.", - "title": "InstanceReusePolicy" - }, - "MaxGroupPreparedCapacity": { - "markdownDescription": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n> If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n> \n> The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value.", - "title": "MaxGroupPreparedCapacity", - "type": "number" - }, - "MinSize": { - "markdownDescription": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified.", - "title": "MinSize", - "type": "number" - }, - "PoolState": { - "markdownDescription": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` .", - "title": "PoolState", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupName" - ], - "type": "object" + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" }, - "Type": { - "enum": [ - "AWS::AutoScaling::WarmPool" - ], + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metric for scaling is `Average` .", + "title": "Stat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Unit": { + "markdownDescription": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "Metric", + "Stat" ], "type": "object" }, - "AWS::AutoScaling::WarmPool.InstanceReusePolicy": { - "additionalProperties": false, - "properties": { - "ReuseOnScaleIn": { - "markdownDescription": "Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in.", - "title": "ReuseOnScaleIn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::AutoScalingPlans::ScalingPlan": { + "AWS::AutoScaling::ScheduledAction": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoScalingGroupName": { + "markdownDescription": "The name of the Auto Scaling group.", + "title": "AutoScalingGroupName", + "type": "string" + }, + "DesiredCapacity": { + "markdownDescription": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. It can scale beyond this capacity if you add more scaling conditions.\n\n> You must specify at least one of the following properties: `MaxSize` , `MinSize` , or `DesiredCapacity` .", + "title": "DesiredCapacity", + "type": "number" + }, + "EndTime": { + "markdownDescription": "The date and time for the recurring schedule to end, in UTC. For example, `\"2021-06-01T00:00:00Z\"` .", + "title": "EndTime", + "type": "string" + }, + "MaxSize": { + "markdownDescription": "The maximum size of the Auto Scaling group.", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "The minimum size of the Auto Scaling group.", + "title": "MinSize", + "type": "number" + }, + "Recurrence": { + "markdownDescription": "The recurring schedule for this action. This format consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, `\"30 0 1 1,6,12 *\"` ). For more information about this format, see [Crontab](https://docs.aws.amazon.com/http://crontab.org) .\n\nWhen `StartTime` and `EndTime` are specified with `Recurrence` , they form the boundaries of when the recurring action starts and stops.\n\nCron expressions use Universal Coordinated Time (UTC) by default.", + "title": "Recurrence", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format in UTC/GMT only and in quotes (for example, `\"2021-06-01T00:00:00Z\"` ).\n\nIf you specify `Recurrence` and `StartTime` , Amazon EC2 Auto Scaling performs the action at this time, and then performs the action based on the specified recurrence.", + "title": "StartTime", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "Specifies the time zone for a cron expression. If a time zone is not provided, UTC is used by default.\n\nValid values are the canonical names of the IANA time zones, derived from the IANA Time Zone Database (such as `Etc/GMT+9` or `Pacific/Tahiti` ). For more information, see [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) .", + "title": "TimeZone", + "type": "string" + } + }, + "required": [ + "AutoScalingGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AutoScaling::ScheduledAction" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AutoScaling::WarmPool": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoScalingGroupName": { + "markdownDescription": "The name of the Auto Scaling group.", + "title": "AutoScalingGroupName", + "type": "string" + }, + "InstanceReusePolicy": { + "$ref": "#/definitions/AWS::AutoScaling::WarmPool.InstanceReusePolicy", + "markdownDescription": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.", + "title": "InstanceReusePolicy" + }, + "MaxGroupPreparedCapacity": { + "markdownDescription": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n> If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n> \n> The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value.", + "title": "MaxGroupPreparedCapacity", + "type": "number" + }, + "MinSize": { + "markdownDescription": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified.", + "title": "MinSize", + "type": "number" + }, + "PoolState": { + "markdownDescription": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` .", + "title": "PoolState", + "type": "string" + } + }, + "required": [ + "AutoScalingGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AutoScaling::WarmPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AutoScaling::WarmPool.InstanceReusePolicy": { + "additionalProperties": false, + "properties": { + "ReuseOnScaleIn": { + "markdownDescription": "Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in.", + "title": "ReuseOnScaleIn", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::AutoScalingPlans::ScalingPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -25038,6 +28402,11 @@ "AWS::B2BI::Capability.EdiConfiguration": { "additionalProperties": false, "properties": { + "CapabilityDirection": { + "markdownDescription": "Specifies whether this is capability is for inbound or outbound transformations.", + "title": "CapabilityDirection", + "type": "string" + }, "InputLocation": { "$ref": "#/definitions/AWS::B2BI::Capability.S3Location", "markdownDescription": "Contains the Amazon S3 bucket and prefix for the location of the input file, which is contained in an `S3Location` object.", @@ -25156,6 +28525,11 @@ "title": "Capabilities", "type": "array" }, + "CapabilityOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.CapabilityOptions", + "markdownDescription": "Contains the details for an Outbound EDI capability.", + "title": "CapabilityOptions" + }, "Email": { "markdownDescription": "Specifies the email address associated with this trading partner.", "title": "Email", @@ -25186,6 +28560,7 @@ } }, "required": [ + "Capabilities", "Email", "Name", "ProfileId" @@ -25213,6 +28588,255 @@ ], "type": "object" }, + "AWS::B2BI::Partnership.CapabilityOptions": { + "additionalProperties": false, + "properties": { + "InboundEdi": { + "$ref": "#/definitions/AWS::B2BI::Partnership.InboundEdiOptions", + "markdownDescription": "A structure that contains the inbound EDI options for the capability.", + "title": "InboundEdi" + }, + "OutboundEdi": { + "$ref": "#/definitions/AWS::B2BI::Partnership.OutboundEdiOptions", + "markdownDescription": "A structure that contains the outbound EDI options.", + "title": "OutboundEdi" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.InboundEdiOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12InboundEdiOptions", + "markdownDescription": "A structure that contains X12-specific options for processing inbound X12 EDI files.", + "title": "X12" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.OutboundEdiOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12Envelope", + "markdownDescription": "A structure that contains an X12 envelope structure.", + "title": "X12" + } + }, + "required": [ + "X12" + ], + "type": "object" + }, + "AWS::B2BI::Partnership.WrapOptions": { + "additionalProperties": false, + "properties": { + "LineLength": { + "markdownDescription": "", + "title": "LineLength", + "type": "number" + }, + "LineTerminator": { + "markdownDescription": "", + "title": "LineTerminator", + "type": "string" + }, + "WrapBy": { + "markdownDescription": "", + "title": "WrapBy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12AcknowledgmentOptions": { + "additionalProperties": false, + "properties": { + "FunctionalAcknowledgment": { + "markdownDescription": "", + "title": "FunctionalAcknowledgment", + "type": "string" + }, + "TechnicalAcknowledgment": { + "markdownDescription": "", + "title": "TechnicalAcknowledgment", + "type": "string" + } + }, + "required": [ + "FunctionalAcknowledgment", + "TechnicalAcknowledgment" + ], + "type": "object" + }, + "AWS::B2BI::Partnership.X12ControlNumbers": { + "additionalProperties": false, + "properties": { + "StartingFunctionalGroupControlNumber": { + "markdownDescription": "", + "title": "StartingFunctionalGroupControlNumber", + "type": "number" + }, + "StartingInterchangeControlNumber": { + "markdownDescription": "", + "title": "StartingInterchangeControlNumber", + "type": "number" + }, + "StartingTransactionSetControlNumber": { + "markdownDescription": "", + "title": "StartingTransactionSetControlNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12Delimiters": { + "additionalProperties": false, + "properties": { + "ComponentSeparator": { + "markdownDescription": "", + "title": "ComponentSeparator", + "type": "string" + }, + "DataElementSeparator": { + "markdownDescription": "", + "title": "DataElementSeparator", + "type": "string" + }, + "SegmentTerminator": { + "markdownDescription": "", + "title": "SegmentTerminator", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12Envelope": { + "additionalProperties": false, + "properties": { + "Common": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12OutboundEdiHeaders", + "markdownDescription": "A container for the X12 outbound EDI headers.", + "title": "Common" + }, + "WrapOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.WrapOptions", + "markdownDescription": "", + "title": "WrapOptions" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12FunctionalGroupHeaders": { + "additionalProperties": false, + "properties": { + "ApplicationReceiverCode": { + "markdownDescription": "", + "title": "ApplicationReceiverCode", + "type": "string" + }, + "ApplicationSenderCode": { + "markdownDescription": "", + "title": "ApplicationSenderCode", + "type": "string" + }, + "ResponsibleAgencyCode": { + "markdownDescription": "", + "title": "ResponsibleAgencyCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12InboundEdiOptions": { + "additionalProperties": false, + "properties": { + "AcknowledgmentOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12AcknowledgmentOptions", + "markdownDescription": "Specifies acknowledgment options for inbound X12 EDI files. These options control how functional and technical acknowledgments are handled.", + "title": "AcknowledgmentOptions" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12InterchangeControlHeaders": { + "additionalProperties": false, + "properties": { + "AcknowledgmentRequestedCode": { + "markdownDescription": "", + "title": "AcknowledgmentRequestedCode", + "type": "string" + }, + "ReceiverId": { + "markdownDescription": "", + "title": "ReceiverId", + "type": "string" + }, + "ReceiverIdQualifier": { + "markdownDescription": "", + "title": "ReceiverIdQualifier", + "type": "string" + }, + "RepetitionSeparator": { + "markdownDescription": "", + "title": "RepetitionSeparator", + "type": "string" + }, + "SenderId": { + "markdownDescription": "", + "title": "SenderId", + "type": "string" + }, + "SenderIdQualifier": { + "markdownDescription": "", + "title": "SenderIdQualifier", + "type": "string" + }, + "UsageIndicatorCode": { + "markdownDescription": "", + "title": "UsageIndicatorCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12OutboundEdiHeaders": { + "additionalProperties": false, + "properties": { + "ControlNumbers": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12ControlNumbers", + "markdownDescription": "Specifies control number configuration for outbound X12 EDI headers. These settings determine the starting values for interchange, functional group, and transaction set control numbers.", + "title": "ControlNumbers" + }, + "Delimiters": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12Delimiters", + "markdownDescription": "The delimiters, for example semicolon ( `;` ), that separates sections of the headers for the X12 object.", + "title": "Delimiters" + }, + "FunctionalGroupHeaders": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12FunctionalGroupHeaders", + "markdownDescription": "The functional group headers for the X12 object.", + "title": "FunctionalGroupHeaders" + }, + "Gs05TimeFormat": { + "markdownDescription": "", + "title": "Gs05TimeFormat", + "type": "string" + }, + "InterchangeControlHeaders": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12InterchangeControlHeaders", + "markdownDescription": "In X12 EDI messages, delimiters are used to mark the end of segments or elements, and are defined in the interchange control header.", + "title": "InterchangeControlHeaders" + }, + "ValidateEdi": { + "markdownDescription": "Specifies whether or not to validate the EDI for this X12 object: `TRUE` or `FALSE` .", + "title": "ValidateEdi", + "type": "boolean" + } + }, + "type": "object" + }, "AWS::B2BI::Profile": { "additionalProperties": false, "properties": { @@ -25346,22 +28970,30 @@ "Properties": { "additionalProperties": false, "properties": { - "EdiType": { - "$ref": "#/definitions/AWS::B2BI::Transformer.EdiType" + "InputConversion": { + "$ref": "#/definitions/AWS::B2BI::Transformer.InputConversion", + "markdownDescription": "Returns a structure that contains the format options for the transformation.", + "title": "InputConversion" }, - "FileFormat": { - "type": "string" - }, - "MappingTemplate": { - "type": "string" + "Mapping": { + "$ref": "#/definitions/AWS::B2BI::Transformer.Mapping", + "markdownDescription": "Returns the structure that contains the mapping template and its language (either XSLT or JSONATA).", + "title": "Mapping" }, "Name": { "markdownDescription": "Returns the descriptive name for the transformer.", "title": "Name", "type": "string" }, - "SampleDocument": { - "type": "string" + "OutputConversion": { + "$ref": "#/definitions/AWS::B2BI::Transformer.OutputConversion", + "markdownDescription": "Returns the `OutputConversion` object, which contains the format options for the outbound transformation.", + "title": "OutputConversion" + }, + "SampleDocuments": { + "$ref": "#/definitions/AWS::B2BI::Transformer.SampleDocuments", + "markdownDescription": "Returns a structure that contains the Amazon S3 bucket and an array of the corresponding keys used to identify the location for your sample documents.", + "title": "SampleDocuments" }, "Status": { "markdownDescription": "Returns the state of the newly created transformer. The transformer can be either `active` or `inactive` . For the transformer to be used in a capability, its status must `active` .", @@ -25378,9 +29010,6 @@ } }, "required": [ - "EdiType", - "FileFormat", - "MappingTemplate", "Name", "Status" ], @@ -25407,18 +29036,143 @@ ], "type": "object" }, - "AWS::B2BI::Transformer.EdiType": { + "AWS::B2BI::Transformer.AdvancedOptions": { "additionalProperties": false, "properties": { - "X12Details": { - "$ref": "#/definitions/AWS::B2BI::Transformer.X12Details" + "X12": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12AdvancedOptions", + "markdownDescription": "", + "title": "X12" + } + }, + "type": "object" + }, + "AWS::B2BI::Transformer.FormatOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12Details", + "markdownDescription": "", + "title": "X12" } }, "required": [ - "X12Details" + "X12" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.InputConversion": { + "additionalProperties": false, + "properties": { + "AdvancedOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.AdvancedOptions", + "markdownDescription": "", + "title": "AdvancedOptions" + }, + "FormatOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.FormatOptions", + "markdownDescription": "", + "title": "FormatOptions" + }, + "FromFormat": { + "markdownDescription": "", + "title": "FromFormat", + "type": "string" + } + }, + "required": [ + "FromFormat" ], "type": "object" }, + "AWS::B2BI::Transformer.Mapping": { + "additionalProperties": false, + "properties": { + "Template": { + "markdownDescription": "", + "title": "Template", + "type": "string" + }, + "TemplateLanguage": { + "markdownDescription": "", + "title": "TemplateLanguage", + "type": "string" + } + }, + "required": [ + "TemplateLanguage" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.OutputConversion": { + "additionalProperties": false, + "properties": { + "FormatOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.FormatOptions", + "markdownDescription": "", + "title": "FormatOptions" + }, + "ToFormat": { + "markdownDescription": "", + "title": "ToFormat", + "type": "string" + } + }, + "required": [ + "ToFormat" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.SampleDocumentKeys": { + "additionalProperties": false, + "properties": { + "Input": { + "markdownDescription": "", + "title": "Input", + "type": "string" + }, + "Output": { + "markdownDescription": "", + "title": "Output", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Transformer.SampleDocuments": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "", + "title": "BucketName", + "type": "string" + }, + "Keys": { + "items": { + "$ref": "#/definitions/AWS::B2BI::Transformer.SampleDocumentKeys" + }, + "markdownDescription": "", + "title": "Keys", + "type": "array" + } + }, + "required": [ + "BucketName", + "Keys" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.X12AdvancedOptions": { + "additionalProperties": false, + "properties": { + "SplitOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12SplitOptions", + "markdownDescription": "", + "title": "SplitOptions" + } + }, + "type": "object" + }, "AWS::B2BI::Transformer.X12Details": { "additionalProperties": false, "properties": { @@ -25435,6 +29189,17 @@ }, "type": "object" }, + "AWS::B2BI::Transformer.X12SplitOptions": { + "additionalProperties": false, + "properties": { + "SplitBy": { + "markdownDescription": "", + "title": "SplitBy", + "type": "string" + } + }, + "type": "object" + }, "AWS::BCMDataExports::Export": { "additionalProperties": false, "properties": { @@ -25833,6 +29598,14 @@ "title": "EnableContinuousBackup", "type": "boolean" }, + "IndexActions": { + "items": { + "$ref": "#/definitions/AWS::Backup::BackupPlan.IndexActionsResourceType" + }, + "markdownDescription": "There can up to one IndexAction in each BackupRule, as each backup can have 0 or 1 backup index associated with it.\n\nWithin the array is ResourceTypes. Only 1 resource type will be accepted for each BackupRule. Valid values:\n\n- `EBS` for Amazon Elastic Block Store\n- `S3` for Amazon Simple Storage Service (Amazon S3)", + "title": "IndexActions", + "type": "array" + }, "Lifecycle": { "$ref": "#/definitions/AWS::Backup::BackupPlan.LifecycleResourceType", "markdownDescription": "The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define.", @@ -25900,6 +29673,20 @@ ], "type": "object" }, + "AWS::Backup::BackupPlan.IndexActionsResourceType": { + "additionalProperties": false, + "properties": { + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "0 or 1 index action will be accepted for each BackupRule.\n\nValid values:\n\n- `EBS` for Amazon Elastic Block Store\n- `S3` for Amazon Simple Storage Service (Amazon S3)", + "title": "ResourceTypes", + "type": "array" + } + }, + "type": "object" + }, "AWS::Backup::BackupPlan.LifecycleResourceType": { "additionalProperties": false, "properties": { @@ -26433,6 +30220,129 @@ ], "type": "object" }, + "AWS::Backup::LogicallyAirGappedBackupVault": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPolicy": { + "markdownDescription": "The backup vault access policy document in JSON format.", + "title": "AccessPolicy", + "type": "object" + }, + "BackupVaultName": { + "markdownDescription": "The name of a logical container where backups are stored. Logically air-gapped backup vaults are identified by names that are unique to the account used to create them and the Region where they are created.", + "title": "BackupVaultName", + "type": "string" + }, + "BackupVaultTags": { + "additionalProperties": true, + "markdownDescription": "The tags to assign to the vault.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "BackupVaultTags", + "type": "object" + }, + "MaxRetentionDays": { + "markdownDescription": "The maximum retention period that the vault retains its recovery points.", + "title": "MaxRetentionDays", + "type": "number" + }, + "MinRetentionDays": { + "markdownDescription": "This setting specifies the minimum retention period that the vault retains its recovery points.\n\nThe minimum value accepted is 7 days.", + "title": "MinRetentionDays", + "type": "number" + }, + "Notifications": { + "$ref": "#/definitions/AWS::Backup::LogicallyAirGappedBackupVault.NotificationObjectType", + "markdownDescription": "Returns event notifications for the specified backup vault.", + "title": "Notifications" + } + }, + "required": [ + "BackupVaultName", + "MaxRetentionDays", + "MinRetentionDays" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Backup::LogicallyAirGappedBackupVault" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Backup::LogicallyAirGappedBackupVault.NotificationObjectType": { + "additionalProperties": false, + "properties": { + "BackupVaultEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of events that indicate the status of jobs to back up resources to the backup vault.", + "title": "BackupVaultEvents", + "type": "array" + }, + "SNSTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that specifies the topic for a backup vault\u2019s events; for example, `arn:aws:sns:us-west-2:111122223333:MyVaultTopic` .", + "title": "SNSTopicArn", + "type": "string" + } + }, + "required": [ + "BackupVaultEvents", + "SNSTopicArn" + ], + "type": "object" + }, "AWS::Backup::ReportPlan": { "additionalProperties": false, "properties": { @@ -27036,6 +30946,11 @@ "markdownDescription": "The ComputeResources property type specifies details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. For more information, see [Compute Environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the ** .", "title": "ComputeResources" }, + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", + "type": "string" + }, "EksConfiguration": { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.EksConfiguration", "markdownDescription": "The details for the Amazon EKS cluster that supports the compute environment.", @@ -27285,6 +31200,53 @@ "title": "LaunchTemplateName", "type": "string" }, + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.LaunchTemplateSpecificationOverride" + }, + "markdownDescription": "A launch template to use in place of the default launch template. You must specify either the launch template ID or launch template name in the request, but not both.\n\nYou can specify up to ten (10) launch template overrides that are associated to unique instance types or families for each compute environment.\n\n> To unset all override templates for a compute environment, you can pass an empty array to the [UpdateComputeEnvironment.overrides](https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateComputeEnvironment.html) parameter, or not include the `overrides` parameter when submitting the `UpdateComputeEnvironment` API operation.", + "title": "Overrides", + "type": "array" + }, + "UserdataType": { + "markdownDescription": "The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` .", + "title": "UserdataType", + "type": "string" + }, + "Version": { + "markdownDescription": "The version number of the launch template, `$Default` , or `$Latest` .\n\nIf the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default`\n\nLatest: `$Latest`", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::ComputeEnvironment.LaunchTemplateSpecificationOverride": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\n*Note:* If you specify the `launchTemplateId` you can't specify the `launchTemplateName` as well.", + "title": "LaunchTemplateId", + "type": "string" + }, + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\n*Note:* If you specify the `launchTemplateName` you can't specify the `launchTemplateId` as well.", + "title": "LaunchTemplateName", + "type": "string" + }, + "TargetInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance type or family that this override launch template should be applied to.\n\nThis parameter is required when defining a launch template override.\n\nInformation included in this parameter must meet the following requirements:\n\n- Must be a valid Amazon EC2 instance type or family.\n- `optimal` isn't allowed.\n- `targetInstanceTypes` can target only instance types and families that are included within the [`ComputeResource.instanceTypes`](https://docs.aws.amazon.com/batch/latest/APIReference/API_ComputeResource.html#Batch-Type-ComputeResource-instanceTypes) set. `targetInstanceTypes` doesn't need to include all of the instances from the `instanceType` set, but at least a subset. For example, if `ComputeResource.instanceTypes` includes `[m5, g5]` , `targetInstanceTypes` can include `[m5.2xlarge]` and `[m5.large]` but not `[c5.large]` .\n- `targetInstanceTypes` included within the same launch template override or across launch template overrides can't overlap for the same compute environment. For example, you can't define one launch template override to target an instance family and another define an instance type within this same family.", + "title": "TargetInstanceTypes", + "type": "array" + }, + "UserdataType": { + "markdownDescription": "The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` .", + "title": "UserdataType", + "type": "string" + }, "Version": { "markdownDescription": "The version number of the launch template, `$Default` , or `$Latest` .\n\nIf the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default`\n\nLatest: `$Latest`", "title": "Version", @@ -27309,7 +31271,7 @@ }, "type": "object" }, - "AWS::Batch::JobDefinition": { + "AWS::Batch::ConsumableResource": { "additionalProperties": false, "properties": { "Condition": { @@ -27344,6 +31306,100 @@ "Properties": { "additionalProperties": false, "properties": { + "ConsumableResourceName": { + "markdownDescription": "The name of the consumable resource.", + "title": "ConsumableResourceName", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "Indicates whether the resource is available to be re-used after a job completes. Can be one of:\n\n- `REPLENISHABLE`\n- `NON_REPLENISHABLE`", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags that you apply to the consumable resource to help you categorize and organize your resources. Each tag consists of a key and an optional value. For more information, see [Tagging your AWS Batch resources](https://docs.aws.amazon.com/batch/latest/userguide/using-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TotalQuantity": { + "markdownDescription": "The total amount of the consumable resource that is available.", + "title": "TotalQuantity", + "type": "number" + } + }, + "required": [ + "ResourceType", + "TotalQuantity" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Batch::ConsumableResource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConsumableResourceProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceProperties", + "markdownDescription": "Contains a list of consumable resources required by the job.", + "title": "ConsumableResourceProperties" + }, "ContainerProperties": { "$ref": "#/definitions/AWS::Batch::JobDefinition.ContainerProperties", "markdownDescription": "An object with properties specific to Amazon ECS-based jobs. When `containerProperties` is used in the job definition, it can't be used in addition to `eksProperties` , `ecsProperties` , or `nodeProperties` .", @@ -27370,7 +31426,13 @@ "title": "NodeProperties" }, "Parameters": { + "additionalProperties": true, "markdownDescription": "Default parameters or parameter substitution placeholders that are set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a `SubmitJob` request override any corresponding parameter defaults from the job definition. For more information about specifying parameters, see [Job definition parameters](https://docs.aws.amazon.com/batch/latest/userguide/job_definition_parameters.html) in the *AWS Batch User Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Parameters", "type": "object" }, @@ -27398,12 +31460,18 @@ "type": "number" }, "Tags": { + "additionalProperties": true, "markdownDescription": "The tags that are applied to the job definition.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Tags", "type": "object" }, "Timeout": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Timeout", + "$ref": "#/definitions/AWS::Batch::JobDefinition.JobTimeout", "markdownDescription": "The timeout time for jobs that are submitted with this job definition. After the amount of time you specify passes, AWS Batch terminates your jobs if they aren't finished.", "title": "Timeout" }, @@ -27439,16 +31507,41 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.AuthorizationConfig": { + "AWS::Batch::JobDefinition.ConsumableResourceProperties": { "additionalProperties": false, "properties": { - "AccessPointId": { + "ConsumableResourceList": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceRequirement" + }, + "markdownDescription": "The list of consumable resources required by a job.", + "title": "ConsumableResourceList", + "type": "array" + } + }, + "required": [ + "ConsumableResourceList" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.ConsumableResourceRequirement": { + "additionalProperties": false, + "properties": { + "ConsumableResource": { + "markdownDescription": "The name or ARN of the consumable resource.", + "title": "ConsumableResource", "type": "string" }, - "Iam": { - "type": "string" + "Quantity": { + "markdownDescription": "The quantity of the consumable resource that is needed.", + "title": "Quantity", + "type": "number" } }, + "required": [ + "ConsumableResource", + "Quantity" + ], "type": "object" }, "AWS::Batch::JobDefinition.ContainerProperties": { @@ -27462,6 +31555,11 @@ "title": "Command", "type": "array" }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, "Environment": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Environment" @@ -27490,9 +31588,6 @@ "title": "Image", "type": "string" }, - "InstanceType": { - "type": "string" - }, "JobRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "JobRoleArn", @@ -27515,7 +31610,7 @@ }, "MountPoints": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoints" + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" }, "markdownDescription": "The mount points for data volumes in your container. This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--volume` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .", "title": "MountPoints", @@ -27582,7 +31677,7 @@ }, "Volumes": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Volumes" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" }, "markdownDescription": "A list of data volumes used in a job.", "title": "Volumes", @@ -27618,6 +31713,56 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.EFSAuthorizationConfig": { + "additionalProperties": false, + "properties": { + "AccessPointId": { + "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", + "title": "AccessPointId", + "type": "string" + }, + "Iam": { + "markdownDescription": "Whether or not to use the AWS Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html#efs-volume-accesspoints) in the *AWS Batch User Guide* . EFS IAM authorization requires that `TransitEncryption` be `ENABLED` and that a `JobRoleArn` is specified.", + "title": "Iam", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::JobDefinition.EFSVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EFSAuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", + "title": "AuthorizationConfig" + }, + "FileSystemId": { + "markdownDescription": "The Amazon EFS file system ID to use.", + "title": "FileSystemId", + "type": "string" + }, + "RootDirectory": { + "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying `/` has the same effect as omitting this parameter. The maximum length is 4,096 characters.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` , which enforces the path set on the Amazon EFS access point.", + "title": "RootDirectory", + "type": "string" + }, + "TransitEncryption": { + "markdownDescription": "Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryption", + "type": "string" + }, + "TransitEncryptionPort": { + "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don't specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryptionPort", + "type": "number" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, "AWS::Batch::JobDefinition.EcsProperties": { "additionalProperties": false, "properties": { @@ -27646,6 +31791,11 @@ "title": "Containers", "type": "array" }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, "EphemeralStorage": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EphemeralStorage", "markdownDescription": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .", @@ -27688,7 +31838,7 @@ }, "Volumes": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Volumes" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" }, "markdownDescription": "A list of volumes that are associated with the job.", "title": "Volumes", @@ -27697,30 +31847,6 @@ }, "type": "object" }, - "AWS::Batch::JobDefinition.EfsVolumeConfiguration": { - "additionalProperties": false, - "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.AuthorizationConfig" - }, - "FileSystemId": { - "type": "string" - }, - "RootDirectory": { - "type": "string" - }, - "TransitEncryption": { - "type": "string" - }, - "TransitEncryptionPort": { - "type": "number" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, "AWS::Batch::JobDefinition.EksContainer": { "additionalProperties": false, "properties": { @@ -27810,12 +31936,24 @@ "additionalProperties": false, "properties": { "Limits": { + "additionalProperties": true, "markdownDescription": "The type and quantity of the resources to reserve for the container. The values vary based on the `name` that's specified. Resources can be requested using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n> To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that's reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both places, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that's reserved for the container. Values must be a whole integer. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Limits", "type": "object" }, "Requests": { + "additionalProperties": true, "markdownDescription": "The type and quantity of the resources to request for the container. The values vary based on the `name` that's specified. Resources can be requested by using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that are reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that are reserved for the container. Values must be a whole integer. `nvidia.com/gpu` can be specified in `limits` , `requests` , or both. If `nvidia.com/gpu` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Requests", "type": "object" } @@ -27875,6 +32013,11 @@ "markdownDescription": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` .", "title": "ReadOnly", "type": "boolean" + }, + "SubPath": { + "markdownDescription": "A sub-path inside the referenced volume instead of its root.", + "title": "SubPath", + "type": "string" } }, "type": "object" @@ -27906,11 +32049,126 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.EksMetadata": { + "additionalProperties": false, + "properties": { + "Annotations": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs used to attach arbitrary, non-identifying metadata to Kubernetes objects. Valid annotation keys have two segments: an optional prefix and a name, separated by a slash (/).\n\n- The prefix is optional and must be 253 characters or less. If specified, the prefix must be a DNS subdomain\u2212 a series of DNS labels separated by dots (.), and it must end with a slash (/).\n- The name segment is required and must be 63 characters or less. It can include alphanumeric characters ([a-z0-9A-Z]), dashes (-), underscores (_), and dots (.), but must begin and end with an alphanumeric character.\n\n> Annotation values must be 255 characters or less. \n\nAnnotations can be added or modified at any time. Each resource can have multiple annotations.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Annotations", + "type": "object" + }, + "Labels": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Labels", + "type": "object" + }, + "Namespace": { + "markdownDescription": "The namespace of the Amazon EKS cluster. In Kubernetes, namespaces provide a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. AWS Batch places Batch Job pods in this namespace. If this field is provided, the value can't be empty or null. It must meet the following requirements:\n\n- 1-63 characters long\n- Can't be set to default\n- Can't start with `kube`\n- Must match the following regular expression: `^[a-z0-9]([-a-z0-9]*[a-z0-9])?$`\n\nFor more information, see [Namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) in the *Kubernetes documentation* . This namespace can be different from the `kubernetesNamespace` set in the compute environment's `EksConfiguration` , but must have identical role-based access control (RBAC) roles as the compute environment's `kubernetesNamespace` . For multi-node parallel jobs, the same value must be provided across all the node ranges.", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::JobDefinition.EksPersistentVolumeClaim": { + "additionalProperties": false, + "properties": { + "ClaimName": { + "markdownDescription": "The name of the `persistentVolumeClaim` bounded to a `persistentVolume` . For more information, see [Persistent Volume Claims](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) in the *Kubernetes documentation* .", + "title": "ClaimName", + "type": "string" + }, + "ReadOnly": { + "markdownDescription": "An optional boolean value indicating if the mount is read only. Default is false. For more information, see [Read Only Mounts](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#read-only-mounts) in the *Kubernetes documentation* .", + "title": "ReadOnly", + "type": "boolean" + } + }, + "required": [ + "ClaimName" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.EksPodProperties": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" + }, + "markdownDescription": "The properties of the container that's used on the Amazon EKS pod.\n\n> This object is limited to 10 elements.", + "title": "Containers", + "type": "array" + }, + "DnsPolicy": { + "markdownDescription": "The DNS policy for the pod. The default value is `ClusterFirst` . If the `hostNetwork` parameter is not specified, the default is `ClusterFirstWithHostNet` . `ClusterFirst` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see [Pod's DNS policy](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) in the *Kubernetes documentation* .\n\nValid values: `Default` | `ClusterFirst` | `ClusterFirstWithHostNet`", + "title": "DnsPolicy", + "type": "string" + }, + "HostNetwork": { + "markdownDescription": "Indicates if the pod uses the hosts' network IP address. The default value is `true` . Setting this to `false` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. For more information, see [Host namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#host-namespaces) and [Pod networking](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/#pod-networking) in the *Kubernetes documentation* .", + "title": "HostNetwork", + "type": "boolean" + }, + "ImagePullSecrets": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ImagePullSecret" + }, + "markdownDescription": "References a Kubernetes secret resource. It holds a list of secrets. These secrets help to gain access to pull an images from a private registry.\n\n`ImagePullSecret$name` is required when this object is used.", + "title": "ImagePullSecrets", + "type": "array" + }, + "InitContainers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" + }, + "markdownDescription": "These containers run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. For more information, see [Init Containers](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) in the *Kubernetes documentation* .\n\n> This object is limited to 10 elements.", + "title": "InitContainers", + "type": "array" + }, + "Metadata": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksMetadata", + "markdownDescription": "Metadata about the Kubernetes pod. For more information, see [Understanding Kubernetes Objects](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) in the *Kubernetes documentation* .", + "title": "Metadata" + }, + "ServiceAccountName": { + "markdownDescription": "The name of the service account that's used to run the pod. For more information, see [Kubernetes service accounts](https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html) and [Configure a Kubernetes service account to assume an IAM role](https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html) in the *Amazon EKS User Guide* and [Configure service accounts for pods](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) in the *Kubernetes documentation* .", + "title": "ServiceAccountName", + "type": "string" + }, + "ShareProcessNamespace": { + "markdownDescription": "Indicates if the processes in a container are shared, or visible, to other containers in the same pod. For more information, see [Share Process Namespace between Containers in a Pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) .", + "title": "ShareProcessNamespace", + "type": "boolean" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksVolume" + }, + "markdownDescription": "Specifies the volumes for a job definition that uses Amazon EKS resources.", + "title": "Volumes", + "type": "array" + } + }, + "type": "object" + }, "AWS::Batch::JobDefinition.EksProperties": { "additionalProperties": false, "properties": { "PodProperties": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.PodProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksPodProperties", "markdownDescription": "The properties for the Kubernetes pod resources of a job.", "title": "PodProperties" } @@ -27954,6 +32212,11 @@ "title": "Name", "type": "string" }, + "PersistentVolumeClaim": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksPersistentVolumeClaim", + "markdownDescription": "Specifies the configuration of a Kubernetes `persistentVolumeClaim` bounded to a `persistentVolume` . For more information, see [Persistent Volume Claims](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) in the *Kubernetes documentation* .", + "title": "PersistentVolumeClaim" + }, "Secret": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksSecret", "markdownDescription": "Specifies the configuration of a Kubernetes `secret` volume. For more information, see [secret](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#secret) in the *Kubernetes documentation* .", @@ -28035,6 +32298,42 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.FirelensConfiguration": { + "additionalProperties": false, + "properties": { + "Options": { + "additionalProperties": true, + "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is `\"options\":{\"enable-ecs-log-metadata\":\"true|false\",\"config-file-type:\"s3|file\",\"config-file-value\":\"arn:aws:s3:::mybucket/fluent.conf|filepath\"}` . For more information, see [Creating a task definition that uses a FireLens configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html#firelens-taskdef) in the *Amazon Elastic Container Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" + }, + "Type": { + "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.Host": { + "additionalProperties": false, + "properties": { + "SourcePath": { + "markdownDescription": "The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\n> This parameter isn't applicable to jobs that run on Fargate resources. Don't provide this for these jobs.", + "title": "SourcePath", + "type": "string" + } + }, + "type": "object" + }, "AWS::Batch::JobDefinition.ImagePullSecret": { "additionalProperties": false, "properties": { @@ -28044,9 +32343,17 @@ "type": "string" } }, - "required": [ - "Name" - ], + "type": "object" + }, + "AWS::Batch::JobDefinition.JobTimeout": { + "additionalProperties": false, + "properties": { + "AttemptDurationSeconds": { + "markdownDescription": "The job timeout time (in seconds) that's measured from the job attempt's `startedAt` timestamp. After this time passes, AWS Batch terminates your jobs if they aren't finished. The minimum value for the timeout is 60 seconds.\n\nFor array jobs, the timeout applies to the child jobs, not to the parent array job.\n\nFor multi-node parallel (MNP) jobs, the timeout applies to the whole job, not to the individual nodes.", + "title": "AttemptDurationSeconds", + "type": "number" + } + }, "type": "object" }, "AWS::Batch::JobDefinition.LinuxParameters": { @@ -28100,7 +32407,13 @@ "type": "string" }, "Options": { + "additionalProperties": true, "markdownDescription": "The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Options", "type": "object" }, @@ -28118,26 +32431,227 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Metadata": { + "AWS::Batch::JobDefinition.MountPoint": { "additionalProperties": false, "properties": { - "Labels": { - "type": "object" + "ContainerPath": { + "markdownDescription": "The path on the container where the host volume is mounted.", + "title": "ContainerPath", + "type": "string" + }, + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" + }, + "SourceVolume": { + "markdownDescription": "The name of the volume to mount.", + "title": "SourceVolume", + "type": "string" } }, "type": "object" }, - "AWS::Batch::JobDefinition.MountPoints": { + "AWS::Batch::JobDefinition.MultiNodeContainerProperties": { "additionalProperties": false, "properties": { - "ContainerPath": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) .", + "title": "Command", + "type": "array" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Environment" + }, + "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> We don't recommend using plaintext environment variables for sensitive information, such as credential data. > Environment variables cannot start with \" `AWS_BATCH` \". This naming convention is reserved for variables that AWS Batch sets.", + "title": "Environment", + "type": "array" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EphemeralStorage", + "markdownDescription": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .", + "title": "EphemeralStorage" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* .", + "title": "ExecutionRoleArn", "type": "string" }, - "ReadOnly": { + "Image": { + "markdownDescription": "Required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `*repository-url* / *image* : *tag*` . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `IMAGE` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources. \n\n- Images in Amazon ECR Public repositories use the full `registry/repository[:tag]` or `registry/repository[@digest]` naming conventions. For example, `public.ecr.aws/ *registry_alias* / *my-web-app* : *latest*` .\n- Images in Amazon ECR repositories use the full registry and repository URI (for example, `123456789012.dkr.ecr..amazonaws.com/` ).\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", + "title": "Image", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", + "title": "InstanceType", + "type": "string" + }, + "JobRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "JobRoleArn", + "type": "string" + }, + "LinuxParameters": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.LinuxParameters", + "markdownDescription": "Linux-specific modifications that are applied to the container, such as details for device mappings.", + "title": "LinuxParameters" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.LogConfiguration", + "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-containerproperties-logconfiguration.html) data type). \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LogConfiguration" + }, + "Memory": { + "markdownDescription": "This parameter is deprecated, use `resourceRequirements` to specify the memory requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it's terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.", + "title": "Memory", + "type": "number" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" + }, + "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", + "title": "MountPoints", + "type": "array" + }, + "Privileged": { + "markdownDescription": "When this parameter is true, the container is given elevated permissions on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The default value is false.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided, or specified as false.", + "title": "Privileged", "type": "boolean" }, - "SourceVolume": { + "ReadonlyRootFilesystem": { + "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--read-only` option to `docker run` .", + "title": "ReadonlyRootFilesystem", + "type": "boolean" + }, + "RepositoryCredentials": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.RepositoryCredentials", + "markdownDescription": "The private repository authentication credentials to use.", + "title": "RepositoryCredentials" + }, + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ResourceRequirement" + }, + "markdownDescription": "The type and amount of resources to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "ResourceRequirements", + "type": "array" + }, + "RuntimePlatform": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.RuntimePlatform", + "markdownDescription": "An object that represents the compute environment architecture for AWS Batch jobs on Fargate.", + "title": "RuntimePlatform" + }, + "Secrets": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Secret" + }, + "markdownDescription": "The secrets for the container. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* .", + "title": "Secrets", + "type": "array" + }, + "Ulimits": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Ulimit" + }, + "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.", + "title": "Ulimits", + "type": "array" + }, + "User": { + "markdownDescription": "The user name to use inside the container. This parameter maps to `User` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--user` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .", + "title": "User", + "type": "string" + }, + "Vcpus": { + "markdownDescription": "This parameter is deprecated, use `resourceRequirements` to specify the vCPU requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job.\n\nEach vCPU is equivalent to 1,024 CPU shares. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node.", + "title": "Vcpus", + "type": "number" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" + }, + "markdownDescription": "A list of data volumes used in a job.", + "title": "Volumes", + "type": "array" + } + }, + "required": [ + "Image" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.MultiNodeEcsProperties": { + "additionalProperties": false, + "properties": { + "TaskProperties": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeEcsTaskProperties" + }, + "markdownDescription": "An object that contains the properties for the Amazon ECS task definition of a job.\n\n> This object is currently limited to one task element. However, the task element can run up to 10 containers.", + "title": "TaskProperties", + "type": "array" + } + }, + "required": [ + "TaskProperties" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.MultiNodeEcsTaskProperties": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.TaskContainerProperties" + }, + "markdownDescription": "This object is a list of containers.", + "title": "Containers", + "type": "array" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* .", + "title": "ExecutionRoleArn", + "type": "string" + }, + "IpcMode": { + "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` .\n\nIf `host` is specified, all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified `task` share the same IPC resources.\n\nIf `none` is specified, the IPC resources within the containers of a task are private, and are not shared with other containers in a task or on the container instance.\n\nIf no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the Docker run reference.", + "title": "IpcMode", + "type": "string" + }, + "PidMode": { + "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the Docker run reference.", + "title": "PidMode", "type": "string" + }, + "TaskRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that's associated with the Amazon ECS task.\n\n> This is object is comparable to [ContainerProperties:jobRoleArn](https://docs.aws.amazon.com/batch/latest/APIReference/API_ContainerProperties.html) .", + "title": "TaskRoleArn", + "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" + }, + "markdownDescription": "A list of volumes that are associated with the job.", + "title": "Volumes", + "type": "array" } }, "type": "object" @@ -28185,16 +32699,26 @@ "AWS::Batch::JobDefinition.NodeRangeProperty": { "additionalProperties": false, "properties": { + "ConsumableResourceProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceProperties", + "markdownDescription": "Contains a list of consumable resources required by a job.", + "title": "ConsumableResourceProperties" + }, "Container": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.ContainerProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeContainerProperties", "markdownDescription": "The container details for the node range.", "title": "Container" }, "EcsProperties": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EcsProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeEcsProperties", "markdownDescription": "This is an object that represents the properties of the node range for a multi-node parallel job.", "title": "EcsProperties" }, + "EksProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksProperties", + "markdownDescription": "This is an object that represents the properties of the node range for a multi-node parallel job.", + "title": "EksProperties" + }, "InstanceTypes": { "items": { "type": "string" @@ -28214,51 +32738,6 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.PodProperties": { - "additionalProperties": false, - "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" - }, - "type": "array" - }, - "DnsPolicy": { - "type": "string" - }, - "HostNetwork": { - "type": "boolean" - }, - "ImagePullSecrets": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.ImagePullSecret" - }, - "type": "array" - }, - "InitContainers": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" - }, - "type": "array" - }, - "Metadata": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Metadata" - }, - "ServiceAccountName": { - "type": "string" - }, - "ShareProcessNamespace": { - "type": "boolean" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksVolume" - }, - "type": "array" - } - }, - "type": "object" - }, "AWS::Batch::JobDefinition.RepositoryCredentials": { "additionalProperties": false, "properties": { @@ -28396,6 +32875,11 @@ "title": "Essential", "type": "boolean" }, + "FirelensConfiguration": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.FirelensConfiguration", + "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom log](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) routing in the *Amazon Elastic Container Service Developer Guide* .", + "title": "FirelensConfiguration" + }, "Image": { "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `repository-url/image:tag` or `repository-url/image@digest` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `IMAGE` parameter of the [*docker run*](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "Image", @@ -28413,7 +32897,7 @@ }, "MountPoints": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoints" + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" }, "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", "title": "MountPoints", @@ -28474,15 +32958,6 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Timeout": { - "additionalProperties": false, - "properties": { - "AttemptDurationSeconds": { - "type": "number" - } - }, - "type": "object" - }, "AWS::Batch::JobDefinition.Tmpfs": { "additionalProperties": false, "properties": { @@ -28537,25 +33012,22 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Volumes": { + "AWS::Batch::JobDefinition.Volume": { "additionalProperties": false, "properties": { "EfsVolumeConfiguration": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EfsVolumeConfiguration" + "$ref": "#/definitions/AWS::Batch::JobDefinition.EFSVolumeConfiguration", + "markdownDescription": "This parameter is specified when you're using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a `platformVersion` of at least `1.4.0` .", + "title": "EfsVolumeConfiguration" }, "Host": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.VolumesHost" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Host", + "markdownDescription": "The contents of the `host` parameter determine whether your data volume persists on the host container instance and where it's stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.", + "title": "Host" }, "Name": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::Batch::JobDefinition.VolumesHost": { - "additionalProperties": false, - "properties": { - "SourcePath": { + "markdownDescription": "The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the `sourceVolume` parameter of container definition `mountPoints` .", + "title": "Name", "type": "string" } }, @@ -28885,6 +33357,19 @@ "title": "ActionGroups", "type": "array" }, + "AgentCollaboration": { + "markdownDescription": "The agent's collaboration settings.", + "title": "AgentCollaboration", + "type": "string" + }, + "AgentCollaborators": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Agent.AgentCollaborator" + }, + "markdownDescription": "", + "title": "AgentCollaborators", + "type": "array" + }, "AgentName": { "markdownDescription": "The name of the agent.", "title": "AgentName", @@ -28900,6 +33385,11 @@ "title": "AutoPrepare", "type": "boolean" }, + "CustomOrchestration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.CustomOrchestration", + "markdownDescription": "Contains custom orchestration configurations for the agent.", + "title": "CustomOrchestration" + }, "CustomerEncryptionKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that encrypts the agent.", "title": "CustomerEncryptionKeyArn", @@ -28915,6 +33405,11 @@ "title": "FoundationModel", "type": "string" }, + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.GuardrailConfiguration", + "markdownDescription": "Details about the guardrail associated with the agent.", + "title": "GuardrailConfiguration" + }, "IdleSessionTTLInSeconds": { "markdownDescription": "The number of seconds for which Amazon Bedrock keeps information about a user's conversation with the agent.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Bedrock deletes any data provided before the timeout.", "title": "IdleSessionTTLInSeconds", @@ -28933,6 +33428,16 @@ "title": "KnowledgeBases", "type": "array" }, + "MemoryConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.MemoryConfiguration", + "markdownDescription": "Contains memory configuration for the agent.", + "title": "MemoryConfiguration" + }, + "OrchestrationType": { + "markdownDescription": "Specifies the orchestration strategy for the agent.", + "title": "OrchestrationType", + "type": "string" + }, "PromptOverrideConfiguration": { "$ref": "#/definitions/AWS::Bedrock::Agent.PromptOverrideConfiguration", "markdownDescription": "Contains configurations to override prompt templates in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html) .", @@ -29011,15 +33516,17 @@ "AWS::Bedrock::Agent.ActionGroupExecutor": { "additionalProperties": false, "properties": { + "CustomControl": { + "markdownDescription": "To return the action group invocation results directly in the `InvokeInlineAgent` response, specify `RETURN_CONTROL` .", + "title": "CustomControl", + "type": "string" + }, "Lambda": { "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action.", "title": "Lambda", "type": "string" } }, - "required": [ - "Lambda" - ], "type": "object" }, "AWS::Bedrock::Agent.AgentActionGroup": { @@ -29050,6 +33557,11 @@ "title": "Description", "type": "string" }, + "FunctionSchema": { + "$ref": "#/definitions/AWS::Bedrock::Agent.FunctionSchema", + "markdownDescription": "Contains details about the function schema for the action group or the JSON or YAML-formatted payload defining the schema.", + "title": "FunctionSchema" + }, "ParentActionGroupSignature": { "markdownDescription": "If this field is set as `AMAZON.UserInput` , the agent can request the user for additional information when trying to complete a task. The `description` , `apiSchema` , and `actionGroupExecutor` fields must be blank for this action group.\n\nDuring orchestration, if the agent determines that it needs to invoke an API in an action group, but doesn't have enough information to complete the API request, it will invoke this action group instead and return an [Observation](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_Observation.html) reprompting the user for more information.", "title": "ParentActionGroupSignature", @@ -29066,6 +33578,48 @@ ], "type": "object" }, + "AWS::Bedrock::Agent.AgentCollaborator": { + "additionalProperties": false, + "properties": { + "AgentDescriptor": { + "$ref": "#/definitions/AWS::Bedrock::Agent.AgentDescriptor", + "markdownDescription": "The collaborator's agent descriptor.", + "title": "AgentDescriptor" + }, + "CollaborationInstruction": { + "markdownDescription": "The collaborator's instructions.", + "title": "CollaborationInstruction", + "type": "string" + }, + "CollaboratorName": { + "markdownDescription": "The collaborator's collaborator name.", + "title": "CollaboratorName", + "type": "string" + }, + "RelayConversationHistory": { + "markdownDescription": "The collaborator's relay conversation history.", + "title": "RelayConversationHistory", + "type": "string" + } + }, + "required": [ + "AgentDescriptor", + "CollaborationInstruction", + "CollaboratorName" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.AgentDescriptor": { + "additionalProperties": false, + "properties": { + "AliasArn": { + "markdownDescription": "The agent's alias ARN.", + "title": "AliasArn", + "type": "string" + } + }, + "type": "object" + }, "AWS::Bedrock::Agent.AgentKnowledgeBase": { "additionalProperties": false, "properties": { @@ -29091,6 +33645,85 @@ ], "type": "object" }, + "AWS::Bedrock::Agent.CustomOrchestration": { + "additionalProperties": false, + "properties": { + "Executor": { + "$ref": "#/definitions/AWS::Bedrock::Agent.OrchestrationExecutor", + "markdownDescription": "The structure of the executor invoking the actions in custom orchestration.", + "title": "Executor" + } + }, + "type": "object" + }, + "AWS::Bedrock::Agent.Function": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the function and its purpose.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the function.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "additionalProperties": false, + "markdownDescription": "The parameters that the agent elicits from the user to fulfill the function.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Bedrock::Agent.ParameterDetail" + } + }, + "title": "Parameters", + "type": "object" + }, + "RequireConfirmation": { + "markdownDescription": "Contains information if user confirmation is required to invoke the function.", + "title": "RequireConfirmation", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.FunctionSchema": { + "additionalProperties": false, + "properties": { + "Functions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Agent.Function" + }, + "markdownDescription": "A list of functions that each define an action in the action group.", + "title": "Functions", + "type": "array" + } + }, + "required": [ + "Functions" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", + "type": "string" + }, + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, "AWS::Bedrock::Agent.InferenceConfiguration": { "additionalProperties": false, "properties": { @@ -29125,14 +33758,86 @@ }, "type": "object" }, + "AWS::Bedrock::Agent.MemoryConfiguration": { + "additionalProperties": false, + "properties": { + "EnabledMemoryTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of memory that is stored.", + "title": "EnabledMemoryTypes", + "type": "array" + }, + "SessionSummaryConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.SessionSummaryConfiguration", + "markdownDescription": "Contains the configuration for SESSION_SUMMARY memory type enabled for the agent.", + "title": "SessionSummaryConfiguration" + }, + "StorageDays": { + "markdownDescription": "The number of days the agent is configured to retain the conversational context.", + "title": "StorageDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::Agent.OrchestrationExecutor": { + "additionalProperties": false, + "properties": { + "Lambda": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action.", + "title": "Lambda", + "type": "string" + } + }, + "required": [ + "Lambda" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.ParameterDetail": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the parameter. Helps the foundation model determine how to elicit the parameters from the user.", + "title": "Description", + "type": "string" + }, + "Required": { + "markdownDescription": "Whether the parameter is required for the agent to complete the function for action group invocation.", + "title": "Required", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The data type of the parameter.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::Bedrock::Agent.PromptConfiguration": { "additionalProperties": false, "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "If the Converse or ConverseStream operations support the model, `additionalModelRequestFields` contains additional inference parameters, beyond the base set of inference parameters in the `inferenceConfiguration` field.\n\nFor more information, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", + "type": "object" + }, "BasePromptTemplate": { "markdownDescription": "Defines the prompt template with which to replace the default prompt template. You can use placeholder variables in the base prompt template to customize the prompt. For more information, see [Prompt template placeholder variables](https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-placeholders.html) . For more information, see [Configure the prompt templates](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts-configure.html) .", "title": "BasePromptTemplate", "type": "string" }, + "FoundationModel": { + "markdownDescription": "The agent's foundation model.", + "title": "FoundationModel", + "type": "string" + }, "InferenceConfiguration": { "$ref": "#/definitions/AWS::Bedrock::Agent.InferenceConfiguration", "markdownDescription": "Contains inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the `promptType` . For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", @@ -29199,6 +33904,17 @@ }, "type": "object" }, + "AWS::Bedrock::Agent.SessionSummaryConfiguration": { + "additionalProperties": false, + "properties": { + "MaxRecentSessions": { + "markdownDescription": "Maximum number of recent session summaries to include in the agent's prompt context.", + "title": "MaxRecentSessions", + "type": "number" + } + }, + "type": "object" + }, "AWS::Bedrock::AgentAlias": { "additionalProperties": false, "properties": { @@ -29334,7 +34050,7 @@ ], "type": "object" }, - "AWS::Bedrock::DataSource": { + "AWS::Bedrock::ApplicationInferenceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -29369,47 +34085,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.DataSourceConfiguration", - "markdownDescription": "The connection configuration for the data source.", - "title": "DataSourceConfiguration" - }, "Description": { - "markdownDescription": "The description of the data source.", + "markdownDescription": "The description of the inference profile.", "title": "Description", "type": "string" }, - "KnowledgeBaseId": { - "markdownDescription": "The unique identifier of the knowledge base to which the data source belongs.", - "title": "KnowledgeBaseId", + "InferenceProfileName": { + "markdownDescription": "The name of the inference profile.", + "title": "InferenceProfileName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the data source.", - "title": "Name", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration", - "markdownDescription": "Contains details about the configuration of the server-side encryption.", - "title": "ServerSideEncryptionConfiguration" + "ModelSource": { + "$ref": "#/definitions/AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModelSource", + "markdownDescription": "Contains configurations for the inference profile to copy as the resource.", + "title": "ModelSource" }, - "VectorIngestionConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.VectorIngestionConfiguration", - "markdownDescription": "Contains details about how to ingest the documents in the data source.", - "title": "VectorIngestionConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags associated with the inference profile.", + "title": "Tags", + "type": "array" } }, "required": [ - "DataSourceConfiguration", - "KnowledgeBaseId", - "Name" + "InferenceProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Bedrock::DataSource" + "AWS::Bedrock::ApplicationInferenceProfile" ], "type": "string" }, @@ -29428,110 +34135,32 @@ ], "type": "object" }, - "AWS::Bedrock::DataSource.ChunkingConfiguration": { - "additionalProperties": false, - "properties": { - "ChunkingStrategy": { - "markdownDescription": "Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.\n\n- `FIXED_SIZE` \u2013 Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` .\n- `HIERARCHICAL` \u2013 Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.\n- `SEMANTIC` \u2013 Split documents into chunks based on groups of similar content derived with natural language processing.\n- `NONE` \u2013 Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files.", - "title": "ChunkingStrategy", - "type": "string" - }, - "FixedSizeChunkingConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration", - "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", - "title": "FixedSizeChunkingConfiguration" - } - }, - "required": [ - "ChunkingStrategy" - ], - "type": "object" - }, - "AWS::Bedrock::DataSource.DataSourceConfiguration": { + "AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModel": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.S3DataSourceConfiguration", - "markdownDescription": "The configuration information to connect to Amazon S3 as your data source.", - "title": "S3Configuration" - }, - "Type": { - "markdownDescription": "The type of data source.", - "title": "Type", + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model.", + "title": "ModelArn", "type": "string" } }, - "required": [ - "S3Configuration", - "Type" - ], - "type": "object" - }, - "AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration": { - "additionalProperties": false, - "properties": { - "MaxTokens": { - "markdownDescription": "The maximum number of tokens to include in a chunk.", - "title": "MaxTokens", - "type": "number" - }, - "OverlapPercentage": { - "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", - "title": "OverlapPercentage", - "type": "number" - } - }, - "required": [ - "MaxTokens", - "OverlapPercentage" - ], "type": "object" }, - "AWS::Bedrock::DataSource.S3DataSourceConfiguration": { + "AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModelSource": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket that contains your data.", - "title": "BucketArn", + "CopyFrom": { + "markdownDescription": "The ARN of the model or system-defined inference profile that is the source for the inference profile.", + "title": "CopyFrom", "type": "string" - }, - "InclusionPrefixes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of S3 prefixes to include certain files or content. This field is an array with a maximum of one item, which can contain a string that has a maximum length of 300 characters. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) .", - "title": "InclusionPrefixes", - "type": "array" } }, "required": [ - "BucketArn" + "CopyFrom" ], "type": "object" }, - "AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key used to encrypt the resource.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Bedrock::DataSource.VectorIngestionConfiguration": { - "additionalProperties": false, - "properties": { - "ChunkingConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.ChunkingConfiguration", - "markdownDescription": "Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", - "title": "ChunkingConfiguration" - } - }, - "type": "object" - }, - "AWS::Bedrock::Guardrail": { + "AWS::Bedrock::Blueprint": { "additionalProperties": false, "properties": { "Condition": { @@ -29566,70 +34195,56 @@ "Properties": { "additionalProperties": false, "properties": { - "BlockedInputMessaging": { - "markdownDescription": "The message to return when the guardrail blocks a prompt.", - "title": "BlockedInputMessaging", - "type": "string" - }, - "BlockedOutputsMessaging": { - "markdownDescription": "The message to return when the guardrail blocks a model response.", - "title": "BlockedOutputsMessaging", - "type": "string" - }, - "ContentPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentPolicyConfig", - "markdownDescription": "The content filter policies to configure for the guardrail.", - "title": "ContentPolicyConfig" - }, - "Description": { - "markdownDescription": "A description of the guardrail.", - "title": "Description", + "BlueprintName": { + "markdownDescription": "The blueprint's name.", + "title": "BlueprintName", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", - "title": "KmsKeyArn", - "type": "string" + "KmsEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "Name-value pairs to include as an encryption context.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KmsEncryptionContext", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the guardrail.", - "title": "Name", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key to use for encryption.", + "title": "KmsKeyId", "type": "string" }, - "SensitiveInformationPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig", - "markdownDescription": "The sensitive information policy to configure for the guardrail.", - "title": "SensitiveInformationPolicyConfig" + "Schema": { + "markdownDescription": "The blueprint's schema.", + "title": "Schema", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags that you want to attach to the guardrail.", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "TopicPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicPolicyConfig", - "markdownDescription": "The topic policies to configure for the guardrail.", - "title": "TopicPolicyConfig" - }, - "WordPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordPolicyConfig", - "markdownDescription": "The word policy you configure for the guardrail.", - "title": "WordPolicyConfig" + "Type": { + "markdownDescription": "The blueprint's type.", + "title": "Type", + "type": "string" } }, "required": [ - "BlockedInputMessaging", - "BlockedOutputsMessaging", - "Name" + "BlueprintName", + "Schema", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Bedrock::Guardrail" + "AWS::Bedrock::Blueprint" ], "type": "string" }, @@ -29648,561 +34263,703 @@ ], "type": "object" }, - "AWS::Bedrock::Guardrail.ContentFilterConfig": { + "AWS::Bedrock::DataAutomationProject": { "additionalProperties": false, "properties": { - "InputStrength": { - "markdownDescription": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", - "title": "InputStrength", + "Condition": { "type": "string" }, - "OutputStrength": { - "markdownDescription": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", - "title": "OutputStrength", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CustomOutputConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.CustomOutputConfiguration", + "markdownDescription": "Blueprints to apply to objects processed by the project.", + "title": "CustomOutputConfiguration" + }, + "KmsEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The AWS KMS encryption context to use for encryption.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KmsEncryptionContext", + "type": "object" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key to use for encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "OverrideConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.OverrideConfiguration", + "markdownDescription": "Additional settings for the project.", + "title": "OverrideConfiguration" + }, + "ProjectDescription": { + "markdownDescription": "The project's description.", + "title": "ProjectDescription", + "type": "string" + }, + "ProjectName": { + "markdownDescription": "The project's name.", + "title": "ProjectName", + "type": "string" + }, + "StandardOutputConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.StandardOutputConfiguration", + "markdownDescription": "The project's standard output configuration.", + "title": "StandardOutputConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ProjectName" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The harmful category that the content filter is applied to.", - "title": "Type", + "enum": [ + "AWS::Bedrock::DataAutomationProject" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InputStrength", - "OutputStrength", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Bedrock::Guardrail.ContentPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.AudioExtractionCategory": { "additionalProperties": false, "properties": { - "FiltersConfig": { + "State": { + "markdownDescription": "Whether generating categorical data from audio is enabled.", + "title": "State", + "type": "string" + }, + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFilterConfig" + "type": "string" }, - "markdownDescription": "Contains the type of the content filter and how strongly it should apply to prompts and model responses.", - "title": "FiltersConfig", + "markdownDescription": "The types of data to generate.", + "title": "Types", "type": "array" } }, "required": [ - "FiltersConfig" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.ManagedWordsConfig": { + "AWS::Bedrock::DataAutomationProject.AudioOverrideConfiguration": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The managed word type to configure for the guardrail.", - "title": "Type", - "type": "string" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for audio files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.AudioStandardExtraction": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioExtractionCategory", + "markdownDescription": "Settings for generating data from audio.", + "title": "Category" } }, "required": [ - "Type" + "Category" ], "type": "object" }, - "AWS::Bedrock::Guardrail.PiiEntityConfig": { + "AWS::Bedrock::DataAutomationProject.AudioStandardGenerativeField": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Configure guardrail action when the PII entity is detected.", - "title": "Action", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for audio.", + "title": "State", "type": "string" }, - "Type": { - "markdownDescription": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guardrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *CREDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc..", - "title": "Type", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of description to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "Action", - "Type" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.RegexConfig": { + "AWS::Bedrock::DataAutomationProject.AudioStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The guardrail action to configure when matching regular expression is detected.", - "title": "Action", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the audio.", + "title": "Extraction" }, - "Description": { - "markdownDescription": "The description of the regular expression to configure for the guardrail.", - "title": "Description", + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the data.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.BlueprintItem": { + "additionalProperties": false, + "properties": { + "BlueprintArn": { + "markdownDescription": "The blueprint's ARN.", + "title": "BlueprintArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the regular expression to configure for the guardrail.", - "title": "Name", + "BlueprintStage": { + "markdownDescription": "The blueprint's stage.", + "title": "BlueprintStage", "type": "string" }, - "Pattern": { - "markdownDescription": "The regular expression pattern to configure for the guardrail.", - "title": "Pattern", + "BlueprintVersion": { + "markdownDescription": "The blueprint's version.", + "title": "BlueprintVersion", "type": "string" } }, "required": [ - "Action", - "Name", - "Pattern" + "BlueprintArn" ], "type": "object" }, - "AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.CustomOutputConfiguration": { "additionalProperties": false, "properties": { - "PiiEntitiesConfig": { - "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.PiiEntityConfig" - }, - "markdownDescription": "A list of PII entities to configure to the guardrail.", - "title": "PiiEntitiesConfig", - "type": "array" - }, - "RegexesConfig": { + "Blueprints": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.RegexConfig" + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.BlueprintItem" }, - "markdownDescription": "A list of regular expressions to configure to the guardrail.", - "title": "RegexesConfig", + "markdownDescription": "A list of blueprints.", + "title": "Blueprints", "type": "array" } }, "type": "object" }, - "AWS::Bedrock::Guardrail.TopicConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentBoundingBox": { "additionalProperties": false, "properties": { - "Definition": { - "markdownDescription": "A definition of the topic to deny.", - "title": "Definition", - "type": "string" - }, - "Examples": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", - "title": "Examples", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the topic to deny.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies to deny the topic.", - "title": "Type", + "State": { + "markdownDescription": "Whether bounding boxes are enabled for documents.", + "title": "State", "type": "string" } }, "required": [ - "Definition", - "Name", - "Type" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.TopicPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentExtractionGranularity": { "additionalProperties": false, "properties": { - "TopicsConfig": { + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicConfig" + "type": "string" }, - "markdownDescription": "A list of policies related to topics that the guardrail should deny.", - "title": "TopicsConfig", + "markdownDescription": "Granularity settings for documents.", + "title": "Types", "type": "array" } }, - "required": [ - "TopicsConfig" - ], "type": "object" }, - "AWS::Bedrock::Guardrail.WordConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentOutputAdditionalFileFormat": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "Text of the word configured for the guardrail to block.", - "title": "Text", + "State": { + "markdownDescription": "Whether additional file formats are enabled for a project.", + "title": "State", "type": "string" } }, "required": [ - "Text" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.WordPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentOutputFormat": { "additionalProperties": false, "properties": { - "ManagedWordListsConfig": { - "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ManagedWordsConfig" - }, - "markdownDescription": "A list of managed words to configure for the guardrail.", - "title": "ManagedWordListsConfig", - "type": "array" + "AdditionalFileFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputAdditionalFileFormat", + "markdownDescription": "Output settings for additional file formats.", + "title": "AdditionalFileFormat" }, - "WordsConfig": { + "TextFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputTextFormat", + "markdownDescription": "An output text format.", + "title": "TextFormat" + } + }, + "required": [ + "AdditionalFileFormat", + "TextFormat" + ], + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.DocumentOutputTextFormat": { + "additionalProperties": false, + "properties": { + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordConfig" + "type": "string" }, - "markdownDescription": "A list of words to configure for the guardrail.", - "title": "WordsConfig", + "markdownDescription": "The types of output text to generate.", + "title": "Types", "type": "array" } }, "type": "object" }, - "AWS::Bedrock::KnowledgeBase": { + "AWS::Bedrock::DataAutomationProject.DocumentOverrideConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the knowledge base associated with the inline agent.", - "title": "Description", - "type": "string" - }, - "KnowledgeBaseConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration", - "markdownDescription": "Contains details about the embeddings configuration of the knowledge base.", - "title": "KnowledgeBaseConfiguration" - }, - "Name": { - "markdownDescription": "The name of the knowledge base.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the knowledge base.", - "title": "RoleArn", - "type": "string" - }, - "StorageConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.StorageConfiguration", - "markdownDescription": "Contains details about the storage configuration of the knowledge base.", - "title": "StorageConfiguration" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "KnowledgeBaseConfiguration", - "Name", - "RoleArn", - "StorageConfiguration" - ], - "type": "object" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for document files. All modalities are enabled by default.", + "title": "ModalityProcessing" }, - "Type": { - "enum": [ - "AWS::Bedrock::KnowledgeBase" - ], - "type": "string" + "Splitter": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.SplitterConfiguration", + "markdownDescription": "Whether document splitter is enabled for a project.", + "title": "Splitter" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.DocumentStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentBoundingBox", + "markdownDescription": "Whether to generate bounding boxes.", + "title": "BoundingBox" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Granularity": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentExtractionGranularity", + "markdownDescription": "Which granularities to generate data for.", + "title": "Granularity" } }, "required": [ - "Type", - "Properties" + "BoundingBox", + "Granularity" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration": { + "AWS::Bedrock::DataAutomationProject.DocumentStandardGenerativeField": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of data that the data source is converted into for the knowledge base.", - "title": "Type", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for documents.", + "title": "State", "type": "string" - }, - "VectorKnowledgeBaseConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration", - "markdownDescription": "Contains details about the model that's used to convert the data source into vector embeddings.", - "title": "VectorKnowledgeBaseConfiguration" } }, "required": [ - "Type", - "VectorKnowledgeBaseConfiguration" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration": { + "AWS::Bedrock::DataAutomationProject.DocumentStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "CollectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch Service vector store.", - "title": "CollectionArn", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the document.", + "title": "Extraction" }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions.", + "title": "GenerativeField" }, - "VectorIndexName": { - "markdownDescription": "The name of the vector store.", - "title": "VectorIndexName", + "OutputFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputFormat", + "markdownDescription": "The output format to generate.", + "title": "OutputFormat" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ImageBoundingBox": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Bounding box settings for a project.", + "title": "State", "type": "string" } }, "required": [ - "CollectionArn", - "FieldMapping", - "VectorIndexName" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping": { + "AWS::Bedrock::DataAutomationProject.ImageExtractionCategory": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", - "type": "string" - }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", + "State": { + "markdownDescription": "Whether generating categorical data from images is enabled.", + "title": "State", "type": "string" }, - "VectorField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", - "title": "VectorField", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of data to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "MetadataField", - "TextField", - "VectorField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.PineconeConfiguration": { + "AWS::Bedrock::DataAutomationProject.ImageOverrideConfiguration": { "additionalProperties": false, "properties": { - "ConnectionString": { - "markdownDescription": "The endpoint URL for your index management page.", - "title": "ConnectionString", - "type": "string" - }, - "CredentialsSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key.", - "title": "CredentialsSecretArn", - "type": "string" - }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for image files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ImageStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageBoundingBox", + "markdownDescription": "Settings for generating bounding boxes.", + "title": "BoundingBox" }, - "Namespace": { - "markdownDescription": "The namespace to be used to write new data to your database.", - "title": "Namespace", - "type": "string" + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageExtractionCategory", + "markdownDescription": "Settings for generating categorical data.", + "title": "Category" } }, "required": [ - "ConnectionString", - "CredentialsSecretArn", - "FieldMapping" + "BoundingBox", + "Category" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.PineconeFieldMapping": { + "AWS::Bedrock::DataAutomationProject.ImageStandardGenerativeField": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for images.", + "title": "State", "type": "string" }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "Settings for generating descriptions of images.", + "title": "Types", + "type": "array" } }, "required": [ - "MetadataField", - "TextField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.RdsConfiguration": { + "AWS::Bedrock::DataAutomationProject.ImageStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "CredentialsSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database.", - "title": "CredentialsSecretArn", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the image.", + "title": "Extraction" }, - "DatabaseName": { - "markdownDescription": "The name of your Amazon RDS database.", - "title": "DatabaseName", + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the data.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Stores the state of the modality for your project, set to either enabled or disabled", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ModalityRoutingConfiguration": { + "additionalProperties": false, + "properties": { + "jpeg": { + "markdownDescription": "Sets whether JPEG files are routed to document or image processing.", + "title": "jpeg", "type": "string" }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "mov": { + "markdownDescription": "Sets whether MOV files are routed to audio or video processing.", + "title": "mov", + "type": "string" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the vector store.", - "title": "ResourceArn", + "mp4": { + "markdownDescription": "Sets whether MP4 files are routed to audio or video processing.", + "title": "mp4", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table in the database.", - "title": "TableName", + "png": { + "markdownDescription": "Sets whether PNG files are routed to document or image processing.", + "title": "png", "type": "string" } }, - "required": [ - "CredentialsSecretArn", - "DatabaseName", - "FieldMapping", - "ResourceArn", - "TableName" - ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.RdsFieldMapping": { + "AWS::Bedrock::DataAutomationProject.OverrideConfiguration": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", - "type": "string" + "Audio": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process audio files.", + "title": "Audio" }, - "PrimaryKeyField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the ID for each entry.", - "title": "PrimaryKeyField", - "type": "string" + "Document": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOverrideConfiguration", + "markdownDescription": "Additional settings for a project.", + "title": "Document" }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", + "Image": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process image files.", + "title": "Image" + }, + "ModalityRouting": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityRoutingConfiguration", + "markdownDescription": "Lets you set which modalities certain file types are processed as.", + "title": "ModalityRouting" + }, + "Video": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process video files.", + "title": "Video" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.SplitterConfiguration": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Whether document splitter is enabled for a project.", + "title": "State", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.StandardOutputConfiguration": { + "additionalProperties": false, + "properties": { + "Audio": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardOutputConfiguration", + "markdownDescription": "Settings for processing audio.", + "title": "Audio" }, - "VectorField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", - "title": "VectorField", + "Document": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardOutputConfiguration", + "markdownDescription": "Settings for processing documents.", + "title": "Document" + }, + "Image": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardOutputConfiguration", + "markdownDescription": "Settings for processing images.", + "title": "Image" + }, + "Video": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardOutputConfiguration", + "markdownDescription": "Settings for processing video.", + "title": "Video" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoBoundingBox": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Whether bounding boxes are enabled for video.", + "title": "State", "type": "string" } }, "required": [ - "MetadataField", - "PrimaryKeyField", - "TextField", - "VectorField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.StorageConfiguration": { + "AWS::Bedrock::DataAutomationProject.VideoExtractionCategory": { "additionalProperties": false, "properties": { - "OpensearchServerlessConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration", - "markdownDescription": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.", - "title": "OpensearchServerlessConfiguration" - }, - "PineconeConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeConfiguration", - "markdownDescription": "Contains the storage configuration of the knowledge base in Pinecone.", - "title": "PineconeConfiguration" + "State": { + "markdownDescription": "Whether generating categorical data from video is enabled.", + "title": "State", + "type": "string" }, - "RdsConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsConfiguration", - "markdownDescription": "Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) .", - "title": "RdsConfiguration" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of data to generate.", + "title": "Types", + "type": "array" + } + }, + "required": [ + "State" + ], + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoOverrideConfiguration": { + "additionalProperties": false, + "properties": { + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for video files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoBoundingBox", + "markdownDescription": "Settings for generating bounding boxes.", + "title": "BoundingBox" }, - "Type": { - "markdownDescription": "The vector store service in which the knowledge base is stored.", - "title": "Type", - "type": "string" + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoExtractionCategory", + "markdownDescription": "Settings for generating categorical data.", + "title": "Category" } }, "required": [ - "Type" + "BoundingBox", + "Category" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration": { + "AWS::Bedrock::DataAutomationProject.VideoStandardGenerativeField": { "additionalProperties": false, "properties": { - "EmbeddingModelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", - "title": "EmbeddingModelArn", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for video.", + "title": "State", "type": "string" + }, + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of description to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "EmbeddingModelArn" + "State" ], "type": "object" }, - "AWS::BillingConductor::BillingGroup": { + "AWS::Bedrock::DataAutomationProject.VideoStandardOutputConfiguration": { + "additionalProperties": false, + "properties": { + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the video.", + "title": "Extraction" + }, + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the video.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -30237,51 +34994,52 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountGrouping": { - "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.AccountGrouping", - "markdownDescription": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", - "title": "AccountGrouping" + "DataDeletionPolicy": { + "markdownDescription": "The data deletion policy for the data source.", + "title": "DataDeletionPolicy", + "type": "string" }, - "ComputationPreference": { - "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.ComputationPreference", - "markdownDescription": "The preferences and settings that will be used to compute the AWS charges for a billing group.", - "title": "ComputationPreference" + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.DataSourceConfiguration", + "markdownDescription": "The connection configuration for the data source.", + "title": "DataSourceConfiguration" }, "Description": { - "markdownDescription": "The description of the billing group.", + "markdownDescription": "The description of the data source.", "title": "Description", "type": "string" }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to which the data source belongs.", + "title": "KnowledgeBaseId", + "type": "string" + }, "Name": { - "markdownDescription": "The billing group's name.", + "markdownDescription": "The name of the data source.", "title": "Name", "type": "string" }, - "PrimaryAccountId": { - "markdownDescription": "The account ID that serves as the main account in a billing group.", - "title": "PrimaryAccountId", - "type": "string" + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration", + "markdownDescription": "Contains details about the configuration of the server-side encryption.", + "title": "ServerSideEncryptionConfiguration" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a billing group.", - "title": "Tags", - "type": "array" + "VectorIngestionConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.VectorIngestionConfiguration", + "markdownDescription": "Contains details about how to ingest the documents in the data source.", + "title": "VectorIngestionConfiguration" } }, "required": [ - "AccountGrouping", - "ComputationPreference", - "Name", - "PrimaryAccountId" + "DataSourceConfiguration", + "KnowledgeBaseId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::BillingConductor::BillingGroup" + "AWS::Bedrock::DataSource" ], "type": "string" }, @@ -30300,184 +35058,245 @@ ], "type": "object" }, - "AWS::BillingConductor::BillingGroup.AccountGrouping": { + "AWS::Bedrock::DataSource.BedrockDataAutomationConfiguration": { "additionalProperties": false, "properties": { - "AutoAssociate": { - "markdownDescription": "Specifies if this billing group will automatically associate newly added AWS accounts that join your consolidated billing family.", - "title": "AutoAssociate", - "type": "boolean" + "ParsingModality": { + "markdownDescription": "Specifies whether to enable parsing of multimodal data, including both text and/or images.", + "title": "ParsingModality", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.BedrockFoundationModelConfiguration": { + "additionalProperties": false, + "properties": { + "ModelArn": { + "markdownDescription": "The ARN of the foundation model to use for parsing.", + "title": "ModelArn", + "type": "string" }, - "LinkedAccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The account IDs that make up the billing group. Account IDs must be a part of the consolidated billing family, and not associated with another billing group.", - "title": "LinkedAccountIds", - "type": "array" + "ParsingModality": { + "markdownDescription": "Specifies whether to enable parsing of multimodal data, including both text and/or images.", + "title": "ParsingModality", + "type": "string" + }, + "ParsingPrompt": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ParsingPrompt", + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPrompt" } }, "required": [ - "LinkedAccountIds" + "ModelArn" ], "type": "object" }, - "AWS::BillingConductor::BillingGroup.ComputationPreference": { + "AWS::Bedrock::DataSource.BedrockFoundationModelContextEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "PricingPlanArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the pricing plan used to compute the AWS charges for a billing group.", - "title": "PricingPlanArn", + "EnrichmentStrategyConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.EnrichmentStrategyConfiguration", + "markdownDescription": "The enrichment stategy used to provide additional context. For example, Neptune GraphRAG uses Amazon Bedrock foundation models to perform chunk entity extraction.", + "title": "EnrichmentStrategyConfiguration" + }, + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", + "title": "ModelArn", "type": "string" } }, "required": [ - "PricingPlanArn" + "EnrichmentStrategyConfiguration", + "ModelArn" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem": { + "AWS::Bedrock::DataSource.ChunkingConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ChunkingStrategy": { + "markdownDescription": "Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.\n\n- `FIXED_SIZE` \u2013 Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` .\n- `HIERARCHICAL` \u2013 Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.\n- `SEMANTIC` \u2013 Split documents into chunks based on groups of similar content derived with natural language processing.\n- `NONE` \u2013 Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files.", + "title": "ChunkingStrategy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FixedSizeChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration", + "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", + "title": "FixedSizeChunkingConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "HierarchicalChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.HierarchicalChunkingConfiguration", + "markdownDescription": "Settings for hierarchical document chunking for a data source. Hierarchical chunking splits documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.", + "title": "HierarchicalChunkingConfiguration" }, - "Metadata": { - "type": "object" + "SemanticChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SemanticChunkingConfiguration", + "markdownDescription": "Settings for semantic document chunking for a data source. Semantic chunking splits a document into into smaller documents based on groups of similar content derived from the text with natural language processing.", + "title": "SemanticChunkingConfiguration" + } + }, + "required": [ + "ChunkingStrategy" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceCrawlerConfiguration": { + "additionalProperties": false, + "properties": { + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the Confluence content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceCrawlerConfiguration", + "markdownDescription": "The configuration of the Confluence content. For example, configuring specific types of Confluence content.", + "title": "CrawlerConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The AWS account in which this custom line item will be applied to.", - "title": "AccountId", - "type": "string" - }, - "BillingGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that references the billing group where the custom line item applies to.", - "title": "BillingGroupArn", - "type": "string" - }, - "BillingPeriodRange": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.BillingPeriodRange", - "markdownDescription": "A time range for which the custom line item is effective.", - "title": "BillingPeriodRange" - }, - "CustomLineItemChargeDetails": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails", - "markdownDescription": "The charge details of a custom line item. It should contain only one of `Flat` or `Percentage` .", - "title": "CustomLineItemChargeDetails" - }, - "Description": { - "markdownDescription": "The custom line item's description. This is shown on the Bills page in association with the charge value.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The custom line item's name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a custom line item.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "BillingGroupArn", - "Name" - ], - "type": "object" + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your Confluence data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your Confluence instance.", + "title": "AuthType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::BillingConductor::CustomLineItem" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [Confluence connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/confluence-data-source-connector.html#configuration-confluence-connector) .", + "title": "CredentialsSecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostType": { + "markdownDescription": "The supported host type, whether online/cloud or server/on-premises.", + "title": "HostType", + "type": "string" + }, + "HostUrl": { + "markdownDescription": "The Confluence host URL or instance URL.", + "title": "HostUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AuthType", + "CredentialsSecretArn", + "HostType", + "HostUrl" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.BillingPeriodRange": { + "AWS::Bedrock::DataSource.ContextEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "ExclusiveEndBillingPeriod": { - "markdownDescription": "The exclusive end billing period that defines a billing period range where a custom line is applied.", - "title": "ExclusiveEndBillingPeriod", + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockFoundationModelContextEnrichmentConfiguration", + "markdownDescription": "The configuration of the Amazon Bedrock foundation model used for context enrichment.", + "title": "BedrockFoundationModelConfiguration" + }, + "Type": { + "markdownDescription": "The method used for context enrichment. It must be Amazon Bedrock foundation models.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.CrawlFilterConfiguration": { + "additionalProperties": false, + "properties": { + "PatternObjectFilter": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.PatternObjectFilterConfiguration", + "markdownDescription": "The configuration of filtering certain objects or content types of the data source.", + "title": "PatternObjectFilter" }, - "InclusiveStartBillingPeriod": { - "markdownDescription": "The inclusive start billing period that defines a billing period range where a custom line is applied.", - "title": "InclusiveStartBillingPeriod", + "Type": { + "markdownDescription": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the `PATTERN` type is regular expression patterns you can apply to filter your content.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails": { + "AWS::Bedrock::DataSource.CustomTransformationConfiguration": { "additionalProperties": false, "properties": { - "Flat": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails", - "markdownDescription": "A `CustomLineItemFlatChargeDetails` that describes the charge details of a flat custom line item.", - "title": "Flat" + "IntermediateStorage": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.IntermediateStorage", + "markdownDescription": "An S3 bucket path for input and output objects.", + "title": "IntermediateStorage" }, - "LineItemFilters": { + "Transformations": { "items": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.LineItemFilter" + "$ref": "#/definitions/AWS::Bedrock::DataSource.Transformation" }, - "markdownDescription": "A representation of the line item filter.", - "title": "LineItemFilters", + "markdownDescription": "A Lambda function that processes documents.", + "title": "Transformations", "type": "array" + } + }, + "required": [ + "IntermediateStorage", + "Transformations" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "ConfluenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Confluence as your data source.\n\n> Confluence data source connector is in preview release and is subject to change.", + "title": "ConfluenceConfiguration" }, - "Percentage": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails", - "markdownDescription": "A `CustomLineItemPercentageChargeDetails` that describes the charge details of a percentage custom line item.", - "title": "Percentage" + "S3Configuration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.S3DataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Amazon S3 as your data source.", + "title": "S3Configuration" + }, + "SalesforceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Salesforce as your data source.\n\n> Salesforce data source connector is in preview release and is subject to change.", + "title": "SalesforceConfiguration" + }, + "SharePointConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to SharePoint as your data source.\n\n> SharePoint data source connector is in preview release and is subject to change.", + "title": "SharePointConfiguration" }, "Type": { - "markdownDescription": "The type of the custom line item that indicates whether the charge is a fee or credit.", + "markdownDescription": "The type of data source.", "title": "Type", "type": "string" + }, + "WebConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebDataSourceConfiguration", + "markdownDescription": "The configuration of web URLs to crawl for your data source. You should be authorized to crawl the URLs.\n\n> Crawling web URLs as your data source is in preview release and is subject to change.", + "title": "WebConfiguration" } }, "required": [ @@ -30485,641 +35304,583 @@ ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails": { + "AWS::Bedrock::DataSource.EnrichmentStrategyConfiguration": { "additionalProperties": false, "properties": { - "ChargeValue": { - "markdownDescription": "The custom line item's fixed charge value in USD.", - "title": "ChargeValue", + "Method": { + "markdownDescription": "The method used for the context enrichment strategy.", + "title": "Method", + "type": "string" + } + }, + "required": [ + "Method" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to include in a chunk.", + "title": "MaxTokens", + "type": "number" + }, + "OverlapPercentage": { + "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", + "title": "OverlapPercentage", "type": "number" } }, "required": [ - "ChargeValue" + "MaxTokens", + "OverlapPercentage" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails": { + "AWS::Bedrock::DataSource.HierarchicalChunkingConfiguration": { "additionalProperties": false, "properties": { - "ChildAssociatedResources": { + "LevelConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::DataSource.HierarchicalChunkingLevelConfiguration" }, - "markdownDescription": "A list of resource ARNs to associate to the percentage custom line item.", - "title": "ChildAssociatedResources", + "markdownDescription": "Token settings for each layer.", + "title": "LevelConfigurations", "type": "array" }, - "PercentageValue": { - "markdownDescription": "The custom line item's percentage value. This will be multiplied against the combined value of its associated resources to determine its charge value.", - "title": "PercentageValue", + "OverlapTokens": { + "markdownDescription": "The number of tokens to repeat across chunks in the same layer.", + "title": "OverlapTokens", "type": "number" } }, "required": [ - "PercentageValue" + "LevelConfigurations", + "OverlapTokens" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.LineItemFilter": { + "AWS::Bedrock::DataSource.HierarchicalChunkingLevelConfiguration": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The attribute of the line item filter. This specifies what attribute that you can filter on.", - "title": "Attribute", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain in this layer.", + "title": "MaxTokens", + "type": "number" + } + }, + "required": [ + "MaxTokens" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.IntermediateStorage": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.S3Location", + "markdownDescription": "An S3 bucket path.", + "title": "S3Location" + } + }, + "required": [ + "S3Location" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ParsingConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockDataAutomationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockDataAutomationConfiguration", + "markdownDescription": "If you specify `BEDROCK_DATA_AUTOMATION` as the parsing strategy for ingesting your data source, use this object to modify configurations for using the Amazon Bedrock Data Automation parser.", + "title": "BedrockDataAutomationConfiguration" }, - "MatchOption": { - "markdownDescription": "The match criteria of the line item filter. This parameter specifies whether not to include the resource value from the billing group total cost.", - "title": "MatchOption", - "type": "string" + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockFoundationModelConfiguration", + "markdownDescription": "If you specify `BEDROCK_FOUNDATION_MODEL` as the parsing strategy for ingesting your data source, use this object to modify configurations for using a foundation model to parse documents.", + "title": "BedrockFoundationModelConfiguration" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values of the line item filter. This specifies the values to filter on. Currently, you can only exclude Savings Plan discounts.", - "title": "Values", - "type": "array" + "ParsingStrategy": { + "markdownDescription": "The parsing strategy for the data source.", + "title": "ParsingStrategy", + "type": "string" } }, "required": [ - "Attribute", - "MatchOption", - "Values" + "ParsingStrategy" ], "type": "object" }, - "AWS::BillingConductor::PricingPlan": { + "AWS::Bedrock::DataSource.ParsingPrompt": { "additionalProperties": false, "properties": { - "Condition": { + "ParsingPromptText": { + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPromptText", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The pricing plan description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a pricing plan.", - "title": "Name", - "type": "string" - }, - "PricingRuleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The `PricingRuleArns` that are associated with the Pricing Plan.", - "title": "PricingRuleArns", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing plan.", - "title": "Tags", - "type": "array" - } + } + }, + "required": [ + "ParsingPromptText" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.PatternObjectFilter": { + "additionalProperties": false, + "properties": { + "ExclusionFilters": { + "items": { + "type": "string" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn\u2019t crawled.", + "title": "ExclusionFilters", + "type": "array" }, - "Type": { - "enum": [ - "AWS::BillingConductor::PricingPlan" - ], - "type": "string" + "InclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn\u2019t crawled.", + "title": "InclusionFilters", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectType": { + "markdownDescription": "The supported object type or content type of the data source.", + "title": "ObjectType", "type": "string" } }, "required": [ - "Type", - "Properties" + "ObjectType" ], "type": "object" }, - "AWS::BillingConductor::PricingRule": { + "AWS::Bedrock::DataSource.PatternObjectFilterConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Filters": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.PatternObjectFilter" + }, + "markdownDescription": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.", + "title": "Filters", + "type": "array" + } + }, + "required": [ + "Filters" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.S3DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket that contains your data.", + "title": "BucketArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BucketOwnerAccountId": { + "markdownDescription": "The account ID for the owner of the S3 bucket.", + "title": "BucketOwnerAccountId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BillingEntity": { - "markdownDescription": "The seller of services provided by AWS , their affiliates, or third-party providers selling services via AWS Marketplace .", - "title": "BillingEntity", - "type": "string" - }, - "Description": { - "markdownDescription": "The pricing rule description.", - "title": "Description", - "type": "string" - }, - "ModifierPercentage": { - "markdownDescription": "A percentage modifier applied on the public pricing rates.", - "title": "ModifierPercentage", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a pricing rule.", - "title": "Name", - "type": "string" - }, - "Operation": { - "markdownDescription": "Operation is the specific AWS action covered by this line item. This describes the specific usage of the line item.\n\nIf the `Scope` attribute is set to `SKU` , this attribute indicates which operation the `PricingRule` is modifying. For example, a value of `RunInstances:0202` indicates the operation of running an Amazon EC2 instance.", - "title": "Operation", - "type": "string" - }, - "Scope": { - "markdownDescription": "The scope of pricing rule that indicates if it's globally applicable or service-specific.", - "title": "Scope", - "type": "string" - }, - "Service": { - "markdownDescription": "If the `Scope` attribute is `SERVICE` , this attribute indicates which service the `PricingRule` is applicable for.", - "title": "Service", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing rule.", - "title": "Tags", - "type": "array" - }, - "Tiering": { - "$ref": "#/definitions/AWS::BillingConductor::PricingRule.Tiering", - "markdownDescription": "The set of tiering configurations for the pricing rule.", - "title": "Tiering" - }, - "Type": { - "markdownDescription": "The type of pricing rule.", - "title": "Type", - "type": "string" - }, - "UsageType": { - "markdownDescription": "Usage Type is the unit that each service uses to measure the usage of a specific type of resource.", - "title": "UsageType", - "type": "string" - } + "InclusionPrefixes": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Scope", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::BillingConductor::PricingRule" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of S3 prefixes to include certain files or content. This field is an array with a maximum of one item, which can contain a string that has a maximum length of 300 characters. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) .", + "title": "InclusionPrefixes", + "type": "array" } }, "required": [ - "Type", - "Properties" + "BucketArn" ], "type": "object" }, - "AWS::BillingConductor::PricingRule.FreeTier": { + "AWS::Bedrock::DataSource.S3Location": { "additionalProperties": false, "properties": { - "Activated": { - "markdownDescription": "Activate or deactivate AWS Free Tier.", - "title": "Activated", - "type": "boolean" + "URI": { + "markdownDescription": "An object URI starting with `s3://` .", + "title": "URI", + "type": "string" } }, "required": [ - "Activated" + "URI" ], "type": "object" }, - "AWS::BillingConductor::PricingRule.Tiering": { + "AWS::Bedrock::DataSource.SalesforceCrawlerConfiguration": { "additionalProperties": false, "properties": { - "FreeTier": { - "$ref": "#/definitions/AWS::BillingConductor::PricingRule.FreeTier", - "markdownDescription": "The possible AWS Free Tier configurations.", - "title": "FreeTier" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" } }, "type": "object" }, - "AWS::Budgets::Budget": { + "AWS::Bedrock::DataSource.SalesforceDataSourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceCrawlerConfiguration", + "markdownDescription": "The configuration of the Salesforce content. For example, configuring specific types of Salesforce content.", + "title": "CrawlerConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your Salesforce data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.SalesforceSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your Salesforce instance.", + "title": "AuthType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Budget": { - "$ref": "#/definitions/AWS::Budgets::Budget.BudgetData", - "markdownDescription": "The budget object that you want to create.", - "title": "Budget" - }, - "NotificationsWithSubscribers": { - "items": { - "$ref": "#/definitions/AWS::Budgets::Budget.NotificationWithSubscribers" - }, - "markdownDescription": "A notification that you want to associate with a budget. A budget can have up to five notifications, and each notification can have one SNS subscriber and up to 10 email subscribers. If you include notifications and subscribers in your `CreateBudget` call, AWS creates the notifications and subscribers for you.", - "title": "NotificationsWithSubscribers", - "type": "array" - } - }, - "required": [ - "Budget" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Budgets::Budget" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [Salesforce connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/salesforce-data-source-connector.html#configuration-salesforce-connector) .", + "title": "CredentialsSecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostUrl": { + "markdownDescription": "The Salesforce host URL or instance URL.", + "title": "HostUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AuthType", + "CredentialsSecretArn", + "HostUrl" ], "type": "object" }, - "AWS::Budgets::Budget.AutoAdjustData": { + "AWS::Bedrock::DataSource.SeedUrl": { "additionalProperties": false, "properties": { - "AutoAdjustType": { - "markdownDescription": "The string that defines whether your budget auto-adjusts based on historical or forecasted data.", - "title": "AutoAdjustType", + "Url": { + "markdownDescription": "A seed or starting point URL.", + "title": "Url", "type": "string" - }, - "HistoricalOptions": { - "$ref": "#/definitions/AWS::Budgets::Budget.HistoricalOptions", - "markdownDescription": "The parameters that define or describe the historical data that your auto-adjusting budget is based on.", - "title": "HistoricalOptions" } }, "required": [ - "AutoAdjustType" + "Url" ], "type": "object" }, - "AWS::Budgets::Budget.BudgetData": { + "AWS::Bedrock::DataSource.SemanticChunkingConfiguration": { "additionalProperties": false, "properties": { - "AutoAdjustData": { - "$ref": "#/definitions/AWS::Budgets::Budget.AutoAdjustData", - "markdownDescription": "Determine the budget amount for an auto-adjusting budget.", - "title": "AutoAdjustData" + "BreakpointPercentileThreshold": { + "markdownDescription": "The dissimilarity threshold for splitting chunks.", + "title": "BreakpointPercentileThreshold", + "type": "number" }, - "BudgetLimit": { - "$ref": "#/definitions/AWS::Budgets::Budget.Spend", - "markdownDescription": "The total amount of cost, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage that you want to track with your budget.\n\n`BudgetLimit` is required for cost or usage budgets, but optional for RI or Savings Plans utilization or coverage budgets. RI and Savings Plans utilization or coverage budgets default to `100` . This is the only valid value for RI or Savings Plans utilization or coverage budgets. You can't use `BudgetLimit` with `PlannedBudgetLimits` for `CreateBudget` and `UpdateBudget` actions.", - "title": "BudgetLimit" + "BufferSize": { + "markdownDescription": "The buffer size.", + "title": "BufferSize", + "type": "number" }, - "BudgetName": { - "markdownDescription": "The name of a budget. The value must be unique within an account. `BudgetName` can't include `:` and `\\` characters. If you don't include value for `BudgetName` in the template, Billing and Cost Management assigns your budget a randomly generated name.", - "title": "BudgetName", + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain.", + "title": "MaxTokens", + "type": "number" + } + }, + "required": [ + "BreakpointPercentileThreshold", + "BufferSize", + "MaxTokens" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key used to encrypt the resource.", + "title": "KmsKeyArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointCrawlerConfiguration": { + "additionalProperties": false, + "properties": { + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the SharePoint content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointCrawlerConfiguration", + "markdownDescription": "The configuration of the SharePoint content. For example, configuring specific types of SharePoint content.", + "title": "CrawlerConfiguration" }, - "BudgetType": { - "markdownDescription": "Specifies whether this budget tracks costs, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage.", - "title": "BudgetType", + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your SharePoint data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your SharePoint site/sites.", + "title": "AuthType", "type": "string" }, - "CostFilters": { - "markdownDescription": "The cost filters, such as `Region` , `Service` , `LinkedAccount` , `Tag` , or `CostCategory` , that are applied to a budget.\n\nAWS Budgets supports the following services as a `Service` filter for RI budgets:\n\n- Amazon EC2\n- Amazon Redshift\n- Amazon Relational Database Service\n- Amazon ElastiCache\n- Amazon OpenSearch Service", - "title": "CostFilters", - "type": "object" + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [SharePoint connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/sharepoint-data-source-connector.html#configuration-sharepoint-connector) .", + "title": "CredentialsSecretArn", + "type": "string" }, - "CostTypes": { - "$ref": "#/definitions/AWS::Budgets::Budget.CostTypes", - "markdownDescription": "The types of costs that are included in this `COST` budget.\n\n`USAGE` , `RI_UTILIZATION` , `RI_COVERAGE` , `SAVINGS_PLANS_UTILIZATION` , and `SAVINGS_PLANS_COVERAGE` budgets do not have `CostTypes` .", - "title": "CostTypes" + "Domain": { + "markdownDescription": "The domain of your SharePoint instance or site URL/URLs.", + "title": "Domain", + "type": "string" }, - "PlannedBudgetLimits": { - "markdownDescription": "A map containing multiple `BudgetLimit` , including current or future limits.\n\n`PlannedBudgetLimits` is available for cost or usage budget and supports both monthly and quarterly `TimeUnit` .\n\nFor monthly budgets, provide 12 months of `PlannedBudgetLimits` values. This must start from the current month and include the next 11 months. The `key` is the start of the month, `UTC` in epoch seconds.\n\nFor quarterly budgets, provide four quarters of `PlannedBudgetLimits` value entries in standard calendar quarter increments. This must start from the current quarter and include the next three quarters. The `key` is the start of the quarter, `UTC` in epoch seconds.\n\nIf the planned budget expires before 12 months for monthly or four quarters for quarterly, provide the `PlannedBudgetLimits` values only for the remaining periods.\n\nIf the budget begins at a date in the future, provide `PlannedBudgetLimits` values from the start date of the budget.\n\nAfter all of the `BudgetLimit` values in `PlannedBudgetLimits` are used, the budget continues to use the last limit as the `BudgetLimit` . At that point, the planned budget provides the same experience as a fixed budget.\n\n`DescribeBudget` and `DescribeBudgets` response along with `PlannedBudgetLimits` also contain `BudgetLimit` representing the current month or quarter limit present in `PlannedBudgetLimits` . This only applies to budgets that are created with `PlannedBudgetLimits` . Budgets that are created without `PlannedBudgetLimits` only contain `BudgetLimit` . They don't contain `PlannedBudgetLimits` .", - "title": "PlannedBudgetLimits", - "type": "object" + "HostType": { + "markdownDescription": "The supported host type, whether online/cloud or server/on-premises.", + "title": "HostType", + "type": "string" }, - "TimePeriod": { - "$ref": "#/definitions/AWS::Budgets::Budget.TimePeriod", - "markdownDescription": "The period of time that is covered by a budget. The period has a start date and an end date. The start date must come before the end date. There are no restrictions on the end date.\n\nThe start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nAfter the end date, AWS deletes the budget and all associated notifications and subscribers.", - "title": "TimePeriod" + "SiteUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more SharePoint site URLs.", + "title": "SiteUrls", + "type": "array" }, - "TimeUnit": { - "markdownDescription": "The length of time until a budget resets the actual and forecasted spend. `DAILY` is available only for `RI_UTILIZATION` and `RI_COVERAGE` budgets.", - "title": "TimeUnit", + "TenantId": { + "markdownDescription": "The identifier of your Microsoft 365 tenant.", + "title": "TenantId", "type": "string" } }, "required": [ - "BudgetType", - "TimeUnit" + "AuthType", + "CredentialsSecretArn", + "Domain", + "HostType", + "SiteUrls" ], "type": "object" }, - "AWS::Budgets::Budget.CostTypes": { + "AWS::Bedrock::DataSource.Transformation": { "additionalProperties": false, "properties": { - "IncludeCredit": { - "markdownDescription": "Specifies whether a budget includes credits.\n\nThe default value is `true` .", - "title": "IncludeCredit", - "type": "boolean" - }, - "IncludeDiscount": { - "markdownDescription": "Specifies whether a budget includes discounts.\n\nThe default value is `true` .", - "title": "IncludeDiscount", - "type": "boolean" - }, - "IncludeOtherSubscription": { - "markdownDescription": "Specifies whether a budget includes non-RI subscription costs.\n\nThe default value is `true` .", - "title": "IncludeOtherSubscription", - "type": "boolean" - }, - "IncludeRecurring": { - "markdownDescription": "Specifies whether a budget includes recurring fees such as monthly RI fees.\n\nThe default value is `true` .", - "title": "IncludeRecurring", - "type": "boolean" - }, - "IncludeRefund": { - "markdownDescription": "Specifies whether a budget includes refunds.\n\nThe default value is `true` .", - "title": "IncludeRefund", - "type": "boolean" - }, - "IncludeSubscription": { - "markdownDescription": "Specifies whether a budget includes subscriptions.\n\nThe default value is `true` .", - "title": "IncludeSubscription", - "type": "boolean" - }, - "IncludeSupport": { - "markdownDescription": "Specifies whether a budget includes support subscription fees.\n\nThe default value is `true` .", - "title": "IncludeSupport", - "type": "boolean" - }, - "IncludeTax": { - "markdownDescription": "Specifies whether a budget includes taxes.\n\nThe default value is `true` .", - "title": "IncludeTax", - "type": "boolean" - }, - "IncludeUpfront": { - "markdownDescription": "Specifies whether a budget includes upfront RI costs.\n\nThe default value is `true` .", - "title": "IncludeUpfront", - "type": "boolean" - }, - "UseAmortized": { - "markdownDescription": "Specifies whether a budget uses the amortized rate.\n\nThe default value is `false` .", - "title": "UseAmortized", - "type": "boolean" + "StepToApply": { + "markdownDescription": "When the service applies the transformation.", + "title": "StepToApply", + "type": "string" }, - "UseBlended": { - "markdownDescription": "Specifies whether a budget uses a blended rate.\n\nThe default value is `false` .", - "title": "UseBlended", - "type": "boolean" + "TransformationFunction": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.TransformationFunction", + "markdownDescription": "A Lambda function that processes documents.", + "title": "TransformationFunction" } }, + "required": [ + "StepToApply", + "TransformationFunction" + ], "type": "object" }, - "AWS::Budgets::Budget.HistoricalOptions": { + "AWS::Bedrock::DataSource.TransformationFunction": { "additionalProperties": false, "properties": { - "BudgetAdjustmentPeriod": { - "markdownDescription": "The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount. The maximum value depends on the `TimeUnit` granularity of the budget:\n\n- For the `DAILY` granularity, the maximum value is `60` .\n- For the `MONTHLY` granularity, the maximum value is `12` .\n- For the `QUARTERLY` granularity, the maximum value is `4` .\n- For the `ANNUALLY` granularity, the maximum value is `1` .", - "title": "BudgetAdjustmentPeriod", - "type": "number" + "TransformationLambdaConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.TransformationLambdaConfiguration", + "markdownDescription": "The Lambda function.", + "title": "TransformationLambdaConfiguration" } }, "required": [ - "BudgetAdjustmentPeriod" + "TransformationLambdaConfiguration" ], "type": "object" }, - "AWS::Budgets::Budget.Notification": { + "AWS::Bedrock::DataSource.TransformationLambdaConfiguration": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The comparison that's used for this notification.", - "title": "ComparisonOperator", - "type": "string" - }, - "NotificationType": { - "markdownDescription": "Specifies whether the notification is for how much you have spent ( `ACTUAL` ) or for how much that you're forecasted to spend ( `FORECASTED` ).", - "title": "NotificationType", - "type": "string" - }, - "Threshold": { - "markdownDescription": "The threshold that's associated with a notification. Thresholds are always a percentage, and many customers find value being alerted between 50% - 200% of the budgeted amount. The maximum limit for your threshold is 1,000,000% above the budgeted amount.", - "title": "Threshold", - "type": "number" - }, - "ThresholdType": { - "markdownDescription": "The type of threshold for a notification. For `ABSOLUTE_VALUE` thresholds, AWS notifies you when you go over or are forecasted to go over your total cost threshold. For `PERCENTAGE` thresholds, AWS notifies you when you go over or are forecasted to go over a certain percentage of your forecasted spend. For example, if you have a budget for 200 dollars and you have a `PERCENTAGE` threshold of 80%, AWS notifies you when you go over 160 dollars.", - "title": "ThresholdType", + "LambdaArn": { + "markdownDescription": "The function's ARN identifier.", + "title": "LambdaArn", "type": "string" } }, "required": [ - "ComparisonOperator", - "NotificationType", - "Threshold" + "LambdaArn" ], "type": "object" }, - "AWS::Budgets::Budget.NotificationWithSubscribers": { + "AWS::Bedrock::DataSource.UrlConfiguration": { "additionalProperties": false, "properties": { - "Notification": { - "$ref": "#/definitions/AWS::Budgets::Budget.Notification", - "markdownDescription": "The notification that's associated with a budget.", - "title": "Notification" - }, - "Subscribers": { + "SeedUrls": { "items": { - "$ref": "#/definitions/AWS::Budgets::Budget.Subscriber" + "$ref": "#/definitions/AWS::Bedrock::DataSource.SeedUrl" }, - "markdownDescription": "A list of subscribers who are subscribed to this notification.", - "title": "Subscribers", + "markdownDescription": "One or more seed or starting point URLs.", + "title": "SeedUrls", "type": "array" } }, "required": [ - "Notification", - "Subscribers" + "SeedUrls" ], "type": "object" }, - "AWS::Budgets::Budget.Spend": { + "AWS::Bedrock::DataSource.VectorIngestionConfiguration": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold.", - "title": "Amount", - "type": "number" + "ChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ChunkingConfiguration", + "markdownDescription": "Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", + "title": "ChunkingConfiguration" }, - "Unit": { - "markdownDescription": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold.", - "title": "Unit", - "type": "string" + "ContextEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ContextEnrichmentConfiguration", + "markdownDescription": "The context enrichment configuration used for ingestion of the data into the vector store.", + "title": "ContextEnrichmentConfiguration" + }, + "CustomTransformationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CustomTransformationConfiguration", + "markdownDescription": "A custom document transformer for parsed data source documents.", + "title": "CustomTransformationConfiguration" + }, + "ParsingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ParsingConfiguration", + "markdownDescription": "Configurations for a parser to use for parsing documents in your data source. If you exclude this field, the default parser will be used.", + "title": "ParsingConfiguration" } }, - "required": [ - "Amount", - "Unit" - ], "type": "object" }, - "AWS::Budgets::Budget.Subscriber": { + "AWS::Bedrock::DataSource.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", - "title": "Address", + "CrawlerLimits": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebCrawlerLimits", + "markdownDescription": "The configuration of crawl limits for the web URLs.", + "title": "CrawlerLimits" + }, + "ExclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "ExclusionFilters", + "type": "array" + }, + "InclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "InclusionFilters", + "type": "array" + }, + "Scope": { + "markdownDescription": "The scope of what is crawled for your URLs.\n\nYou can choose to crawl only web pages that belong to the same host or primary domain. For example, only web pages that contain the seed URL \"https://docs.aws.amazon.com/bedrock/latest/userguide/\" and no other domains. You can choose to include sub domains in addition to the host or primary domain. For example, web pages that contain \"aws.amazon.com\" can also include sub domain \"docs.aws.amazon.com\".", + "title": "Scope", "type": "string" }, - "SubscriptionType": { - "markdownDescription": "The type of notification that AWS sends to a subscriber.", - "title": "SubscriptionType", + "UserAgent": { + "markdownDescription": "Returns the user agent suffix for your web crawler.", + "title": "UserAgent", + "type": "string" + }, + "UserAgentHeader": { + "markdownDescription": "A string used for identifying the crawler or bot when it accesses a web server. The user agent header value consists of the `bedrockbot` , UUID, and a user agent suffix for your crawler (if one is provided). By default, it is set to `bedrockbot_UUID` . You can optionally append a custom suffix to `bedrockbot_UUID` to allowlist a specific user agent permitted to access your source URLs.", + "title": "UserAgentHeader", "type": "string" } }, + "type": "object" + }, + "AWS::Bedrock::DataSource.WebCrawlerLimits": { + "additionalProperties": false, + "properties": { + "MaxPages": { + "markdownDescription": "The max number of web pages crawled from your source URLs, up to 25,000 pages. If the web pages exceed this limit, the data source sync will fail and no web pages will be ingested.", + "title": "MaxPages", + "type": "number" + }, + "RateLimit": { + "markdownDescription": "The max rate at which pages are crawled, up to 300 per minute per host.", + "title": "RateLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.WebDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebCrawlerConfiguration", + "markdownDescription": "The Web Crawler configuration details for the web data source.", + "title": "CrawlerConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebSourceConfiguration", + "markdownDescription": "The source configuration details for the web data source.", + "title": "SourceConfiguration" + } + }, "required": [ - "Address", - "SubscriptionType" + "SourceConfiguration" ], "type": "object" }, - "AWS::Budgets::Budget.TimePeriod": { + "AWS::Bedrock::DataSource.WebSourceConfiguration": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "The end date for a budget. If you didn't specify an end date, AWS set your end date to `06/15/87 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nAfter the end date, AWS deletes the budget and all the associated notifications and subscribers. You can change your end date with the `UpdateBudget` operation.", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "The start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nValid values depend on the value of `BudgetType` :\n\n- If `BudgetType` is `COST` or `USAGE` : Valid values are `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .\n- If `BudgetType` is `RI_UTILIZATION` or `RI_COVERAGE` : Valid values are `DAILY` , `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .", - "title": "Start", - "type": "string" + "UrlConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.UrlConfiguration", + "markdownDescription": "The configuration of the URL/URLs.", + "title": "UrlConfiguration" } }, + "required": [ + "UrlConfiguration" + ], "type": "object" }, - "AWS::Budgets::BudgetsAction": { + "AWS::Bedrock::Flow": { "additionalProperties": false, "properties": { "Condition": { @@ -31154,64 +35915,84 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionThreshold": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ActionThreshold", - "markdownDescription": "The trigger threshold of the action.", - "title": "ActionThreshold" - }, - "ActionType": { - "markdownDescription": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition.", - "title": "ActionType", + "CustomerEncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that the flow is encrypted with.", + "title": "CustomerEncryptionKeyArn", "type": "string" }, - "ApprovalModel": { - "markdownDescription": "This specifies if the action needs manual or automatic approval.", - "title": "ApprovalModel", - "type": "string" + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDefinition", + "markdownDescription": "The definition of the nodes and connections between the nodes in the flow.", + "title": "Definition" }, - "BudgetName": { - "markdownDescription": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed.", - "title": "BudgetName", + "DefinitionS3Location": { + "$ref": "#/definitions/AWS::Bedrock::Flow.S3Location", + "markdownDescription": "The Amazon S3 location of the flow definition.", + "title": "DefinitionS3Location" + }, + "DefinitionString": { + "markdownDescription": "The definition of the flow as a JSON-formatted string. The string must match the format in [FlowDefinition](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-flow-flowdefinition.html) .", + "title": "DefinitionString", "type": "string" }, - "Definition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Definition", - "markdownDescription": "Specifies all of the type-specific parameters.", - "title": "Definition" + "DefinitionSubstitutions": { + "additionalProperties": true, + "markdownDescription": "A map that specifies the mappings for placeholder variables in the prompt flow definition. This enables the customer to inject values obtained at runtime. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map. Only supported with the `DefinitionString` and `DefinitionS3Location` fields.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "DefinitionSubstitutions", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the flow.", + "title": "Description", + "type": "string" }, "ExecutionRoleArn": { - "markdownDescription": "The role passed for action execution and reversion. Roles and actions must be in the same account.", + "markdownDescription": "The Amazon Resource Name (ARN) of the service role with permissions to create a flow. For more information, see [Create a service row for flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-permissions.html) in the Amazon Bedrock User Guide.", "title": "ExecutionRoleArn", "type": "string" }, - "NotificationType": { - "markdownDescription": "The type of a notification.", - "title": "NotificationType", + "Name": { + "markdownDescription": "The name of the flow.", + "title": "Name", "type": "string" }, - "Subscribers": { - "items": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Subscriber" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of subscribers.", - "title": "Subscribers", - "type": "array" + "title": "Tags", + "type": "object" + }, + "TestAliasTags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TestAliasTags", + "type": "object" } }, "required": [ - "ActionThreshold", - "ActionType", - "BudgetName", - "Definition", "ExecutionRoleArn", - "NotificationType", - "Subscribers" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Budgets::BudgetsAction" + "AWS::Bedrock::Flow" ], "type": "string" }, @@ -31230,1167 +36011,951 @@ ], "type": "object" }, - "AWS::Budgets::BudgetsAction.ActionThreshold": { + "AWS::Bedrock::Flow.AgentFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of threshold for a notification.", - "title": "Type", + "AgentAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias of the agent to invoke.", + "title": "AgentAliasArn", "type": "string" - }, - "Value": { - "markdownDescription": "The threshold of a notification.", - "title": "Value", - "type": "number" } }, "required": [ - "Type", - "Value" + "AgentAliasArn" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.Definition": { + "AWS::Bedrock::Flow.ConditionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "IamActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.IamActionDefinition", - "markdownDescription": "The AWS Identity and Access Management ( IAM ) action definition details.", - "title": "IamActionDefinition" - }, - "ScpActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ScpActionDefinition", - "markdownDescription": "The service control policies (SCP) action definition details.", - "title": "ScpActionDefinition" + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowCondition" + }, + "markdownDescription": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition.", + "title": "Conditions", + "type": "array" + } + }, + "required": [ + "Conditions" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FieldForReranking": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the metadata field to be used during the reranking process.", + "title": "FieldName", + "type": "string" + } + }, + "required": [ + "FieldName" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FlowCondition": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", + "title": "Expression", + "type": "string" }, - "SsmActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.SsmActionDefinition", - "markdownDescription": "The Amazon EC2 Systems Manager ( SSM ) action definition details.", - "title": "SsmActionDefinition" + "Name": { + "markdownDescription": "A name for the condition that you can reference.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Budgets::BudgetsAction.IamActionDefinition": { + "AWS::Bedrock::Flow.FlowConditionalConnectionConfiguration": { "additionalProperties": false, "properties": { - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of groups to be attached. There must be at least one group.", - "title": "Groups", - "type": "array" + "Condition": { + "markdownDescription": "The condition that triggers this connection. For more information about how to write conditions, see the *Condition* node type in the [Node types](https://docs.aws.amazon.com/bedrock/latest/userguide/node-types.html) topic in the Amazon Bedrock User Guide.", + "title": "Condition", + "type": "string" + } + }, + "required": [ + "Condition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FlowConnection": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConnectionConfiguration", + "markdownDescription": "The configuration of the connection.", + "title": "Configuration" }, - "PolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the policy to be attached.", - "title": "PolicyArn", + "Name": { + "markdownDescription": "A name for the connection that you can reference.", + "title": "Name", "type": "string" }, - "Roles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of roles to be attached. There must be at least one role.", - "title": "Roles", - "type": "array" + "Source": { + "markdownDescription": "The node that the connection starts at.", + "title": "Source", + "type": "string" }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of users to be attached. There must be at least one user.", - "title": "Users", - "type": "array" + "Target": { + "markdownDescription": "The node that the connection ends at.", + "title": "Target", + "type": "string" + }, + "Type": { + "markdownDescription": "Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` ).", + "title": "Type", + "type": "string" } }, "required": [ - "PolicyArn" + "Name", + "Source", + "Target", + "Type" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.ScpActionDefinition": { + "AWS::Bedrock::Flow.FlowConnectionConfiguration": { "additionalProperties": false, "properties": { - "PolicyId": { - "markdownDescription": "The policy ID attached.", - "title": "PolicyId", + "Conditional": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConditionalConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a Condition node.", + "title": "Conditional" + }, + "Data": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDataConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a node that isn't a Condition node.", + "title": "Data" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.FlowDataConnectionConfiguration": { + "additionalProperties": false, + "properties": { + "SourceOutput": { + "markdownDescription": "The name of the output in the source node that the connection begins from.", + "title": "SourceOutput", "type": "string" }, - "TargetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of target IDs.", - "title": "TargetIds", - "type": "array" + "TargetInput": { + "markdownDescription": "The name of the input in the target node that the connection ends at.", + "title": "TargetInput", + "type": "string" } }, "required": [ - "PolicyId", - "TargetIds" + "SourceOutput", + "TargetInput" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.SsmActionDefinition": { + "AWS::Bedrock::Flow.FlowDefinition": { "additionalProperties": false, "properties": { - "InstanceIds": { + "Connections": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConnection" }, - "markdownDescription": "The EC2 and RDS instance IDs.", - "title": "InstanceIds", + "markdownDescription": "An array of connection definitions in the flow.", + "title": "Connections", "type": "array" }, - "Region": { - "markdownDescription": "The Region to run the ( SSM ) document.", - "title": "Region", - "type": "string" - }, - "Subtype": { - "markdownDescription": "The action subType.", - "title": "Subtype", - "type": "string" + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNode" + }, + "markdownDescription": "An array of node definitions in the flow.", + "title": "Nodes", + "type": "array" } }, - "required": [ - "InstanceIds", - "Region", - "Subtype" - ], "type": "object" }, - "AWS::Budgets::BudgetsAction.Subscriber": { + "AWS::Bedrock::Flow.FlowNode": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", - "title": "Address", + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeConfiguration", + "markdownDescription": "Contains configurations for the node.", + "title": "Configuration" + }, + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeInput" + }, + "markdownDescription": "An array of objects, each of which contains information about an input into the node.", + "title": "Inputs", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the node.", + "title": "Name", "type": "string" }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeOutput" + }, + "markdownDescription": "A list of objects, each of which contains information about an output from the node.", + "title": "Outputs", + "type": "array" + }, "Type": { - "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "markdownDescription": "The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field.", "title": "Type", "type": "string" } }, "required": [ - "Address", + "Name", "Type" ], "type": "object" }, - "AWS::CE::AnomalyMonitor": { + "AWS::Bedrock::Flow.FlowNodeConfiguration": { "additionalProperties": false, "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::Flow.AgentFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an agent node in your flow. Invokes an alias of an agent and returns the response.", + "title": "Agent" + }, + "Collector": { + "markdownDescription": "Contains configurations for a collector node in your flow. Collects an iteration of inputs and consolidates them into an array of outputs.", + "title": "Collector", + "type": "object" + }, "Condition": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Flow.ConditionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a condition node in your flow. Defines conditions that lead to different branches of the flow.", + "title": "Condition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "InlineCode": { + "$ref": "#/definitions/AWS::Bedrock::Flow.InlineCodeFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an inline code node in your flow. Inline code nodes let you write and execute code directly within your flow, enabling data transformations, custom logic, and integrations without needing an external Lambda function.", + "title": "InlineCode" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Input": { + "markdownDescription": "Contains configurations for an input flow node in your flow. The first node in the flow. `inputs` can't be specified for this node.", + "title": "Input", + "type": "object" }, - "Metadata": { + "Iterator": { + "markdownDescription": "Contains configurations for an iterator node in your flow. Takes an input that is an array and iteratively sends each item of the array as an output to the following node. The size of the array is also returned in the output.\n\nThe output flow node at the end of the flow iteration will return a response for each member of the array. To return only one response, you can include a collector node downstream from the iterator node.", + "title": "Iterator", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MonitorDimension": { - "markdownDescription": "The dimensions to evaluate.", - "title": "MonitorDimension", - "type": "string" - }, - "MonitorName": { - "markdownDescription": "The name of the monitor.", - "title": "MonitorName", - "type": "string" - }, - "MonitorSpecification": { - "markdownDescription": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page.", - "title": "MonitorSpecification", - "type": "string" - }, - "MonitorType": { - "markdownDescription": "The possible type values.", - "title": "MonitorType", - "type": "string" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalyMonitor.ResourceTag" - }, - "markdownDescription": "", - "title": "ResourceTags", - "type": "array" - } - }, - "required": [ - "MonitorName", - "MonitorType" - ], + "KnowledgeBase": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBaseFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a knowledge base node in your flow. Queries a knowledge base and returns the retrieved results or generated response.", + "title": "KnowledgeBase" + }, + "LambdaFunction": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LambdaFunctionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lambda function node in your flow. Invokes an AWS Lambda function.", + "title": "LambdaFunction" + }, + "Lex": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LexFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lex node in your flow. Invokes an Amazon Lex bot to identify the intent of the input and return the intent as the output.", + "title": "Lex" + }, + "Loop": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LoopFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a DoWhile loop in your flow.", + "title": "Loop" + }, + "LoopController": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LoopControllerFlowNodeConfiguration", + "markdownDescription": "Contains controller node configurations for a DoWhile loop in your flow.", + "title": "LoopController" + }, + "LoopInput": { + "markdownDescription": "Contains input node configurations for a DoWhile loop in your flow.", + "title": "LoopInput", "type": "object" }, - "Type": { - "enum": [ - "AWS::CE::AnomalyMonitor" - ], + "Output": { + "markdownDescription": "Contains configurations for an output flow node in your flow. The last node in the flow. `outputs` can't be specified for this node.", + "title": "Output", + "type": "object" + }, + "Prompt": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a prompt node in your flow. Runs a prompt and generates the model response as the output. You can use a prompt from Prompt management or you can configure one in this node.", + "title": "Prompt" + }, + "Retrieval": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a retrieval node in your flow. Retrieves data from an Amazon S3 location and returns it as the output.", + "title": "Retrieval" + }, + "Storage": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a storage node in your flow. Stores an input in an Amazon S3 location.", + "title": "Storage" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.FlowNodeInput": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "Specifies how input data flows between iterations in a DoWhile loop.\n\n- `LoopCondition` - Controls whether the loop continues by evaluating condition expressions against the input data. Use this category to define the condition that determines if the loop should continue.\n- `ReturnValueToLoopStart` - Defines data to pass back to the start of the loop's next iteration. Use this category for variables that you want to update for each loop iteration.\n- `ExitLoop` - Defines the value that's available once the loop ends. Use this category to expose loop results to nodes outside the loop.", + "title": "Category", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expression": { + "markdownDescription": "An expression that formats the input for the node. For an explanation of how to create expressions, see [Expressions in Prompt flows in Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-expressions.html) .", + "title": "Expression", + "type": "string" + }, + "Name": { + "markdownDescription": "Specifies a name for the input that you can reference.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expression", + "Name", + "Type" ], "type": "object" }, - "AWS::CE::AnomalyMonitor.ResourceTag": { + "AWS::Bedrock::Flow.FlowNodeOutput": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that's associated with the tag.", - "title": "Key", + "Name": { + "markdownDescription": "A name for the output that you can reference.", + "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "The value that's associated with the tag.", - "title": "Value", + "Type": { + "markdownDescription": "The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Key", - "Value" + "Name", + "Type" ], "type": "object" }, - "AWS::CE::AnomalySubscription": { + "AWS::Bedrock::Flow.FlowValidation": { "additionalProperties": false, "properties": { - "Condition": { + "Message": { + "markdownDescription": "A message describing the validation error.", + "title": "Message", + "type": "string" + } + }, + "required": [ + "Message" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.InlineCodeFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The code that's executed in your inline code node. The code can access input data from previous nodes in the flow, perform operations on that data, and produce output that can be used by other nodes in your flow.\n\nThe code must be valid in the programming `language` that you specify.", + "title": "Code", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Frequency": { - "markdownDescription": "The frequency that anomaly notifications are sent. Notifications are sent either over email (for DAILY and WEEKLY frequencies) or SNS (for IMMEDIATE frequency). For more information, see [Creating an Amazon SNS topic for anomaly notifications](https://docs.aws.amazon.com/cost-management/latest/userguide/ad-SNS.html) .", - "title": "Frequency", - "type": "string" - }, - "MonitorArnList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cost anomaly monitors.", - "title": "MonitorArnList", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalySubscription.ResourceTag" - }, - "markdownDescription": "", - "title": "ResourceTags", - "type": "array" - }, - "Subscribers": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalySubscription.Subscriber" - }, - "markdownDescription": "A list of subscribers to notify.", - "title": "Subscribers", - "type": "array" - }, - "SubscriptionName": { - "markdownDescription": "The name for the subscription.", - "title": "SubscriptionName", - "type": "string" - }, - "Threshold": { - "markdownDescription": "(deprecated)\n\nAn absolute dollar value that must be exceeded by the anomaly's total impact (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details) for an anomaly notification to be generated.\n\nThis field has been deprecated. To specify a threshold, use ThresholdExpression. Continued use of Threshold will be treated as shorthand syntax for a ThresholdExpression.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.", - "title": "Threshold", - "type": "number" - }, - "ThresholdExpression": { - "markdownDescription": "An [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object in JSON string format used to specify the anomalies that you want to generate alerts for. This supports dimensions and nested expressions. The supported dimensions are `ANOMALY_TOTAL_IMPACT_ABSOLUTE` and `ANOMALY_TOTAL_IMPACT_PERCENTAGE` , corresponding to an anomaly\u2019s TotalImpact and TotalImpactPercentage, respectively (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details). The supported nested expression types are `AND` and `OR` . The match option `GREATER_THAN_OR_EQUAL` is required. Values must be numbers between 0 and 10,000,000,000 in string format.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.\n\nFor further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalysubscription.html#aws-resource-ce-anomalysubscription--examples) section of this page.", - "title": "ThresholdExpression", - "type": "string" - } - }, - "required": [ - "Frequency", - "MonitorArnList", - "Subscribers", - "SubscriptionName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CE::AnomalySubscription" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Language": { + "markdownDescription": "The programming language used by your inline code node.\n\nThe code must be valid in the programming `language` that you specify. Currently, only Python 3 ( `Python_3` ) is supported.", + "title": "Language", "type": "string" } }, "required": [ - "Type", - "Properties" + "Code", + "Language" ], "type": "object" }, - "AWS::CE::AnomalySubscription.ResourceTag": { + "AWS::Bedrock::Flow.KnowledgeBaseFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that's associated with the tag.", - "title": "Key", + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply during query and response generation for the knowledge base in this configuration.", + "title": "GuardrailConfiguration" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to query.", + "title": "KnowledgeBaseId", "type": "string" }, - "Value": { - "markdownDescription": "The value that's associated with the tag.", - "title": "Value", + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to use to generate a response from the query results. Omit this field if you want to return the retrieved results as an array.", + "title": "ModelId", "type": "string" + }, + "NumberOfResults": { + "markdownDescription": "The number of results to retrieve from the knowledge base.", + "title": "NumberOfResults", + "type": "number" + }, + "OrchestrationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBaseOrchestrationConfiguration", + "markdownDescription": "The configuration for orchestrating the retrieval and generation process in the knowledge base node.", + "title": "OrchestrationConfiguration" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template to use with the knowledge base for generating responses.", + "title": "PromptTemplate" + }, + "RerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchRerankingConfiguration", + "markdownDescription": "The configuration for reranking the retrieved results from the knowledge base to improve relevance.", + "title": "RerankingConfiguration" } }, "required": [ - "Key", - "Value" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::CE::AnomalySubscription.Subscriber": { + "AWS::Bedrock::Flow.KnowledgeBaseOrchestrationConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` .", - "title": "Address", - "type": "string" + "AdditionalModelRequestFields": { + "markdownDescription": "The additional model-specific request parameters as key-value pairs to be included in the request to the foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" }, - "Status": { - "markdownDescription": "Indicates if the subscriber accepts the notifications.", - "title": "Status", - "type": "string" + "InferenceConfig": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfig" }, - "Type": { - "markdownDescription": "The notification delivery channel.", - "title": "Type", + "PerformanceConfig": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PerformanceConfiguration", + "markdownDescription": "The performance configuration options for the knowledge base retrieval and generation process.", + "title": "PerformanceConfig" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template for orchestrating the retrieval and generation process.", + "title": "PromptTemplate" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.KnowledgeBasePromptTemplate": { + "additionalProperties": false, + "properties": { + "TextPromptTemplate": { + "markdownDescription": "The text of the prompt template.", + "title": "TextPromptTemplate", "type": "string" } }, "required": [ - "Address", - "Type" + "TextPromptTemplate" ], "type": "object" }, - "AWS::CE::CostCategory": { + "AWS::Bedrock::Flow.LambdaFunctionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to invoke.", + "title": "LambdaArn", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value for the cost category.", - "title": "DefaultValue", - "type": "string" - }, - "Name": { - "markdownDescription": "The unique name of the Cost Category.", - "title": "Name", - "type": "string" - }, - "RuleVersion": { - "markdownDescription": "The rule schema version in this particular Cost Category.", - "title": "RuleVersion", - "type": "string" - }, - "Rules": { - "markdownDescription": "The array of CostCategoryRule in JSON array format.\n\n> Rules are processed in order. If there are multiple rules that match the line item, then the first rule to match is used to determine that Cost Category value.", - "title": "Rules", - "type": "string" - }, - "SplitChargeRules": { - "markdownDescription": "The split charge rules that are used to allocate your charges between your Cost Category values.", - "title": "SplitChargeRules", - "type": "string" - } - }, - "required": [ - "Name", - "RuleVersion", - "Rules" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CE::CostCategory" - ], + } + }, + "required": [ + "LambdaArn" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.LexFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "BotAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Lex bot alias to invoke.", + "title": "BotAliasArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocaleId": { + "markdownDescription": "The Region to invoke the Amazon Lex bot in.", + "title": "LocaleId", "type": "string" } }, "required": [ - "Type", - "Properties" + "BotAliasArn", + "LocaleId" ], "type": "object" }, - "AWS::CUR::ReportDefinition": { + "AWS::Bedrock::Flow.LoopControllerFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ContinueCondition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowCondition", + "markdownDescription": "Specifies the condition that determines when the flow exits the DoWhile loop. The loop executes until this condition evaluates to true.", + "title": "ContinueCondition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MaxIterations": { + "markdownDescription": "Specifies the maximum number of times the DoWhile loop can iterate before the flow exits the loop.", + "title": "MaxIterations", + "type": "number" + } + }, + "required": [ + "ContinueCondition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.LoopFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDefinition", + "markdownDescription": "The definition of the DoWhile loop nodes and connections between nodes in the flow.", + "title": "Definition" + } + }, + "required": [ + "Definition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.MetadataConfigurationForReranking": { + "additionalProperties": false, + "properties": { + "SelectionMode": { + "markdownDescription": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "title": "SelectionMode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalArtifacts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of manifests that you want AWS to create for this report.", - "title": "AdditionalArtifacts", - "type": "array" - }, - "AdditionalSchemaElements": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of strings that indicate additional content that AWS includes in the report, such as individual resource IDs.", - "title": "AdditionalSchemaElements", - "type": "array" - }, - "BillingViewArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the billing view. You can get this value by using the billing view service public APIs.", - "title": "BillingViewArn", - "type": "string" - }, - "Compression": { - "markdownDescription": "The compression format that Amazon Web Services uses for the report.", - "title": "Compression", - "type": "string" - }, - "Format": { - "markdownDescription": "The format that Amazon Web Services saves the report in.", - "title": "Format", - "type": "string" - }, - "RefreshClosedReports": { - "markdownDescription": "Whether you want AWS to update your reports after they have been finalized if AWS detects charges related to previous months. These charges can include refunds, credits, or support fees.", - "title": "RefreshClosedReports", - "type": "boolean" - }, - "ReportName": { - "markdownDescription": "The name of the report that you want to create. The name must be unique, is case sensitive, and can't include spaces.", - "title": "ReportName", - "type": "string" - }, - "ReportVersioning": { - "markdownDescription": "Whether you want AWS to overwrite the previous version of each report or to deliver the report in addition to the previous versions.", - "title": "ReportVersioning", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The S3 bucket where Amazon Web Services delivers the report.", - "title": "S3Bucket", - "type": "string" - }, - "S3Prefix": { - "markdownDescription": "The prefix that Amazon Web Services adds to the report name when Amazon Web Services delivers the report. Your prefix can't include spaces.", - "title": "S3Prefix", - "type": "string" - }, - "S3Region": { - "markdownDescription": "The Region of the S3 bucket that Amazon Web Services delivers the report into.", - "title": "S3Region", - "type": "string" - }, - "TimeUnit": { - "markdownDescription": "The granularity of the line items in the report.", - "title": "TimeUnit", - "type": "string" - } - }, - "required": [ - "Compression", - "Format", - "RefreshClosedReports", - "ReportName", - "ReportVersioning", - "S3Bucket", - "S3Prefix", - "S3Region", - "TimeUnit" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CUR::ReportDefinition" - ], + "SelectiveModeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RerankingMetadataSelectiveModeConfiguration", + "markdownDescription": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE.", + "title": "SelectiveModeConfiguration" + } + }, + "required": [ + "SelectionMode" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.PerformanceConfiguration": { + "additionalProperties": false, + "properties": { + "Latency": { + "markdownDescription": "To use a latency-optimized version of the model, set to `optimized` .", + "title": "Latency", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply to the prompt in this node and the response generated from it.", + "title": "GuardrailConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeSourceConfiguration", + "markdownDescription": "Specifies whether the prompt is from Prompt management or defined inline.", + "title": "SourceConfiguration" } }, "required": [ - "Type", - "Properties" + "SourceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Keyspace": { + "AWS::Bedrock::Flow.PromptFlowNodeInlineConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to run inference with.", + "title": "ModelId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "KeyspaceName": { - "markdownDescription": "The name of the keyspace to be created. The keyspace name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the keyspace name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n*Length constraints:* Minimum length of 1. Maximum length of 48.", - "title": "KeyspaceName", - "type": "string" - }, - "ReplicationSpecification": { - "$ref": "#/definitions/AWS::Cassandra::Keyspace.ReplicationSpecification", - "markdownDescription": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in.", - "title": "ReplicationSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cassandra::Keyspace" - ], - "type": "string" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptTemplateConfiguration", + "markdownDescription": "Contains a prompt and variables in the prompt that can be replaced with values at runtime.", + "title": "TemplateConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TemplateType": { + "markdownDescription": "The type of prompt template.", + "title": "TemplateType", "type": "string" } }, "required": [ - "Type" + "ModelId", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::Cassandra::Keyspace.ReplicationSpecification": { + "AWS::Bedrock::Flow.PromptFlowNodeResourceConfiguration": { "additionalProperties": false, "properties": { - "RegionList": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", - "title": "RegionList", - "type": "array" - }, - "ReplicationStrategy": { - "markdownDescription": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required.", - "title": "ReplicationStrategy", + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the prompt from Prompt management.", + "title": "PromptArn", "type": "string" } }, + "required": [ + "PromptArn" + ], "type": "object" }, - "AWS::Cassandra::Table": { + "AWS::Bedrock::Flow.PromptFlowNodeSourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingSpecifications": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSpecification", - "markdownDescription": "The optional auto scaling capacity settings for a table in provisioned capacity mode.", - "title": "AutoScalingSpecifications" - }, - "BillingMode": { - "$ref": "#/definitions/AWS::Cassandra::Table.BillingMode", - "markdownDescription": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode.", - "title": "BillingMode" - }, - "ClientSideTimestampsEnabled": { - "markdownDescription": "Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option:\n\n- `status: \"enabled\"`\n\nAfter client-side timestamps are enabled for a table, you can't disable this setting.", - "title": "ClientSideTimestampsEnabled", - "type": "boolean" - }, - "ClusteringKeyColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.ClusteringKeyColumn" - }, - "markdownDescription": "One or more columns that determine how the table data is sorted.", - "title": "ClusteringKeyColumns", - "type": "array" - }, - "DefaultTimeToLive": { - "markdownDescription": "The default Time To Live (TTL) value for all rows in a table in seconds. The maximum configurable value is 630,720,000 seconds, which is the equivalent of 20 years. By default, the TTL value for a table is 0, which means data does not expire.\n\nFor more information, see [Setting the default TTL value for a table](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl) in the *Amazon Keyspaces Developer Guide* .", - "title": "DefaultTimeToLive", - "type": "number" - }, - "EncryptionSpecification": { - "$ref": "#/definitions/AWS::Cassandra::Table.EncryptionSpecification", - "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n> If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "EncryptionSpecification" - }, - "KeyspaceName": { - "markdownDescription": "The name of the keyspace to create the table in. The keyspace must already exist.", - "title": "KeyspaceName", - "type": "string" - }, - "PartitionKeyColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column" - }, - "markdownDescription": "One or more columns that uniquely identify every row in the table. Every table must have a partition key.", - "title": "PartitionKeyColumns", - "type": "array" - }, - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Specifies if point-in-time recovery is enabled or disabled for the table. The options are `PointInTimeRecoveryEnabled=true` and `PointInTimeRecoveryEnabled=false` . If not specified, the default is `PointInTimeRecoveryEnabled=false` .", - "title": "PointInTimeRecoveryEnabled", - "type": "boolean" - }, - "RegularColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column" - }, - "markdownDescription": "One or more columns that are not part of the primary key - that is, columns that are *not* defined as partition key columns or clustering key columns.\n\nYou can add regular columns to existing tables by adding them to the template.", - "title": "RegularColumns", - "type": "array" - }, - "ReplicaSpecifications": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.ReplicaSpecification" - }, - "markdownDescription": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)", - "title": "ReplicaSpecifications", - "type": "array" - }, - "TableName": { - "markdownDescription": "The name of the table to be created. The table name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacing this resource. You can perform updates that require no interruption or some interruption. If you must replace the resource, specify a new name. \n\n*Length constraints:* Minimum length of 3. Maximum length of 255.\n\n*Pattern:* `^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$`", - "title": "TableName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "KeyspaceName", - "PartitionKeyColumns" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cassandra::Table" - ], - "type": "string" + "Inline": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeInlineConfiguration", + "markdownDescription": "Contains configurations for a prompt that is defined inline", + "title": "Inline" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Resource": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeResourceConfiguration", + "markdownDescription": "Contains configurations for a prompt from Prompt management.", + "title": "Resource" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" } }, "required": [ - "Type", - "Properties" + "Text" ], "type": "object" }, - "AWS::Cassandra::Table.AutoScalingSetting": { + "AWS::Bedrock::Flow.PromptInputVariable": { "additionalProperties": false, "properties": { - "AutoScalingDisabled": { - "markdownDescription": "This optional parameter enables auto scaling for the table if set to `false` .", - "title": "AutoScalingDisabled", - "type": "boolean" - }, - "MaximumUnits": { - "markdownDescription": "Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", - "title": "MaximumUnits", + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", "type": "number" }, - "MinimumUnits": { - "markdownDescription": "The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", - "title": "MinimumUnits", + "StopSequences": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" + }, + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", "type": "number" }, - "ScalingPolicy": { - "$ref": "#/definitions/AWS::Cassandra::Table.ScalingPolicy", - "markdownDescription": "Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90.", - "title": "ScalingPolicy" + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" } }, "type": "object" }, - "AWS::Cassandra::Table.AutoScalingSpecification": { + "AWS::Bedrock::Flow.PromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "ReadCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The auto scaling settings for the table's read capacity.", - "title": "ReadCapacityAutoScaling" - }, - "WriteCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The auto scaling settings for the table's write capacity.", - "title": "WriteCapacityAutoScaling" + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Flow.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" } }, + "required": [ + "Text" + ], "type": "object" }, - "AWS::Cassandra::Table.BillingMode": { + "AWS::Bedrock::Flow.RerankingMetadataSelectiveModeConfiguration": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n> If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`", - "title": "Mode", - "type": "string" + "FieldsToExclude": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FieldForReranking" + }, + "markdownDescription": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "title": "FieldsToExclude", + "type": "array" }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::Cassandra::Table.ProvisionedThroughput", - "markdownDescription": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* .", - "title": "ProvisionedThroughput" + "FieldsToInclude": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FieldForReranking" + }, + "markdownDescription": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude.", + "title": "FieldsToInclude", + "type": "array" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::Cassandra::Table.ClusteringKeyColumn": { + "AWS::Bedrock::Flow.RetrievalFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column", - "markdownDescription": "The name and data type of this clustering key column.", - "title": "Column" - }, - "OrderBy": { - "markdownDescription": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order.", - "title": "OrderBy", - "type": "string" + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for retrieving data to return as the output from the node.", + "title": "ServiceConfiguration" } }, "required": [ - "Column" + "ServiceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Table.Column": { + "AWS::Bedrock::Flow.RetrievalFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* .", - "title": "ColumnName", - "type": "string" - }, - "ColumnType": { - "markdownDescription": "The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* .", - "title": "ColumnType", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket from which to retrieve data.", + "title": "BucketName", "type": "string" } }, "required": [ - "ColumnName", - "ColumnType" + "BucketName" ], "type": "object" }, - "AWS::Cassandra::Table.EncryptionSpecification": { + "AWS::Bedrock::Flow.RetrievalFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - `AWS_OWNED_KMS_KEY`\n- *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY`\n\n> If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required.\n\nValid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` .", - "title": "EncryptionType", + "S3": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location from which to retrieve data to return as the output from the node.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket containing the flow definition.", + "title": "Bucket", "type": "string" }, - "KmsKeyIdentifier": { - "markdownDescription": "Requires a `kms_key_identifier` in the format of a key ARN.", - "title": "KmsKeyIdentifier", + "Key": { + "markdownDescription": "The object key for the S3 location containing the definition.", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "The Amazon S3 location from which to retrieve data for an S3 retrieve node or to which to store data for an S3 storage node.", + "title": "Version", "type": "string" } }, "required": [ - "EncryptionType" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Cassandra::Table.ProvisionedThroughput": { + "AWS::Bedrock::Flow.StorageFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "ReadCapacityUnits": { - "markdownDescription": "The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "ReadCapacityUnits", - "type": "number" - }, - "WriteCapacityUnits": { - "markdownDescription": "The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "WriteCapacityUnits", - "type": "number" + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for storing the input into the node.", + "title": "ServiceConfiguration" } }, "required": [ - "ReadCapacityUnits", - "WriteCapacityUnits" + "ServiceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Table.ReplicaSpecification": { + "AWS::Bedrock::Flow.StorageFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "ReadCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The read capacity auto scaling settings for the multi-Region table in the specified AWS Region.", - "title": "ReadCapacityAutoScaling" - }, - "ReadCapacityUnits": { - "markdownDescription": "The provisioned read capacity units for the multi-Region table in the specified AWS Region.", - "title": "ReadCapacityUnits", - "type": "number" - }, - "Region": { - "markdownDescription": "The AWS Region.", - "title": "Region", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket in which to store the input into the node.", + "title": "BucketName", "type": "string" } }, "required": [ - "Region" + "BucketName" ], "type": "object" }, - "AWS::Cassandra::Table.ScalingPolicy": { + "AWS::Bedrock::Flow.StorageFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "TargetTrackingScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration", - "markdownDescription": "The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity.", - "title": "TargetTrackingScalingPolicyConfiguration" + "S3": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location in which to store the input into the node.", + "title": "S3" } }, "type": "object" }, - "AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration": { + "AWS::Bedrock::Flow.TextPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "DisableScaleIn": { - "markdownDescription": "Specifies if `scale-in` is enabled.\n\nWhen auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity.", - "title": "DisableScaleIn", - "type": "boolean" + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" }, - "ScaleInCooldown": { - "markdownDescription": "Specifies a `scale-in` cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", - "title": "ScaleInCooldown", - "type": "number" + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.VectorSearchBedrockRerankingConfiguration": { + "additionalProperties": false, + "properties": { + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.MetadataConfigurationForReranking", + "markdownDescription": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "title": "MetadataConfiguration" }, - "ScaleOutCooldown": { - "markdownDescription": "Specifies a scale out cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", - "title": "ScaleOutCooldown", - "type": "number" + "ModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchBedrockRerankingModelConfiguration", + "markdownDescription": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "title": "ModelConfiguration" }, - "TargetValue": { - "markdownDescription": "Specifies the target value for the target tracking auto scaling policy.\n\nAmazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90.", - "title": "TargetValue", + "NumberOfRerankedResults": { + "markdownDescription": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results.", + "title": "NumberOfRerankedResults", "type": "number" } }, "required": [ - "TargetValue" + "ModelConfiguration" ], "type": "object" }, - "AWS::CertificateManager::Account": { + "AWS::Bedrock::Flow.VectorSearchBedrockRerankingModelConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExpiryEventsConfiguration": { - "$ref": "#/definitions/AWS::CertificateManager::Account.ExpiryEventsConfiguration", - "markdownDescription": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.", - "title": "ExpiryEventsConfiguration" - } - }, - "required": [ - "ExpiryEventsConfiguration" - ], + "AdditionalModelRequestFields": { + "markdownDescription": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "title": "AdditionalModelRequestFields", "type": "object" }, - "Type": { - "enum": [ - "AWS::CertificateManager::Account" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering.", + "title": "ModelArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ModelArn" ], "type": "object" }, - "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { + "AWS::Bedrock::Flow.VectorSearchRerankingConfiguration": { "additionalProperties": false, "properties": { - "DaysBeforeExpiry": { - "markdownDescription": "This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration.", - "title": "DaysBeforeExpiry", - "type": "number" + "BedrockRerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchBedrockRerankingConfiguration", + "markdownDescription": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "title": "BedrockRerankingConfiguration" + }, + "Type": { + "markdownDescription": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CertificateManager::Certificate": { + "AWS::Bedrock::FlowAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -32425,64 +36990,56 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", - "title": "CertificateAuthorityArn", - "type": "string" + "ConcurrencyConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowAlias.FlowAliasConcurrencyConfiguration", + "markdownDescription": "The configuration that specifies how nodes in the flow are executed concurrently.", + "title": "ConcurrencyConfiguration" }, - "CertificateTransparencyLoggingPreference": { - "markdownDescription": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", - "title": "CertificateTransparencyLoggingPreference", + "Description": { + "markdownDescription": "A description of the alias.", + "title": "Description", "type": "string" }, - "DomainName": { - "markdownDescription": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", - "title": "DomainName", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias.", + "title": "FlowArn", "type": "string" }, - "DomainValidationOptions": { - "items": { - "$ref": "#/definitions/AWS::CertificateManager::Certificate.DomainValidationOption" - }, - "markdownDescription": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", - "title": "DomainValidationOptions", - "type": "array" - }, - "KeyAlgorithm": { - "markdownDescription": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", - "title": "KeyAlgorithm", + "Name": { + "markdownDescription": "The name of the alias.", + "title": "Name", "type": "string" }, - "SubjectAlternativeNames": { + "RoutingConfiguration": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowAlias.FlowAliasRoutingConfigurationListItem" }, - "markdownDescription": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", - "title": "SubjectAlternativeNames", + "markdownDescription": "A list of configurations about the versions that the alias maps to. Currently, you can only specify one.", + "title": "RoutingConfiguration", "type": "array" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Key-value pairs that can identify the certificate.", "title": "Tags", - "type": "array" - }, - "ValidationMethod": { - "markdownDescription": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation.", - "title": "ValidationMethod", - "type": "string" + "type": "object" } }, "required": [ - "DomainName" + "FlowArn", + "Name", + "RoutingConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::CertificateManager::Certificate" + "AWS::Bedrock::FlowAlias" ], "type": "string" }, @@ -32501,31 +37058,37 @@ ], "type": "object" }, - "AWS::CertificateManager::Certificate.DomainValidationOption": { + "AWS::Bedrock::FlowAlias.FlowAliasConcurrencyConfiguration": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "A fully qualified domain name (FQDN) in the certificate request.", - "title": "DomainName", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The `HostedZoneId` option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record. Your list of `DomainValidationOptions` must contain one and only one of the domain-validation options, and the `HostedZoneId` can be used only when `DNS` is specified as your validation method.\n\nUse the Route 53 `ListHostedZones` API to discover IDs for available hosted zones.\n\nThis option is required for publicly trusted certificates.\n\n> The `ListHostedZones` API returns IDs in the format \"/hostedzone/Z111111QQQQQQQ\", but CloudFormation requires the IDs to be in the format \"Z111111QQQQQQQ\". \n\nWhen you change your `DomainValidationOptions` , a new resource is created.", - "title": "HostedZoneId", - "type": "string" + "MaxConcurrency": { + "markdownDescription": "The maximum number of nodes that can be executed concurrently in the flow.", + "title": "MaxConcurrency", + "type": "number" }, - "ValidationDomain": { - "markdownDescription": "The domain name to which you want ACM to send validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `DomainName` value or a superdomain of the `DomainName` value. For example, if you request a certificate for `testing.example.com` , you can specify `example.com` as this value. In that case, ACM sends domain validation emails to the following five addresses:\n\n- admin@example.com\n- administrator@example.com\n- hostmaster@example.com\n- postmaster@example.com\n- webmaster@example.com", - "title": "ValidationDomain", + "Type": { + "markdownDescription": "The type of concurrency to use for parallel node execution. Specify one of the following options:\n\n- `Automatic` - Amazon Bedrock determines which nodes can be executed in parallel based on the flow definition and its dependencies.\n- `Manual` - You specify which nodes can be executed in parallel.", + "title": "Type", "type": "string" } }, "required": [ - "DomainName" + "Type" ], "type": "object" }, - "AWS::Chatbot::MicrosoftTeamsChannelConfiguration": { + "AWS::Bedrock::FlowAlias.FlowAliasRoutingConfigurationListItem": { + "additionalProperties": false, + "properties": { + "FlowVersion": { + "markdownDescription": "The version that the alias maps to.", + "title": "FlowVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -32560,70 +37123,25 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigurationName": { - "markdownDescription": "The name of the configuration.", - "title": "ConfigurationName", - "type": "string" - }, - "GuardrailPolicies": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", - "title": "GuardrailPolicies", - "type": "array" - }, - "IamRoleArn": { - "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", - "title": "IamRoleArn", - "type": "string" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", - "title": "LoggingLevel", - "type": "string" - }, - "SnsTopicArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", - "title": "SnsTopicArns", - "type": "array" - }, - "TeamId": { - "markdownDescription": "The ID of the Microsoft Team authorized with .\n\nTo get the team ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the team ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", - "title": "TeamId", - "type": "string" - }, - "TeamsChannelId": { - "markdownDescription": "The ID of the Microsoft Teams channel.\n\nTo get the channel ID, open Microsoft Teams, right click on the channel name in the left pane, then choose *Copy* . An example of the channel ID syntax is: `19%3ab6ef35dc342d56ba5654e6fc6d25a071%40thread.tacv2` .", - "title": "TeamsChannelId", + "Description": { + "markdownDescription": "The description of the flow version.", + "title": "Description", "type": "string" }, - "TeamsTenantId": { - "markdownDescription": "The ID of the Microsoft Teams tenant.\n\nTo get the tenant ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the tenant ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", - "title": "TeamsTenantId", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow that the version belongs to.", + "title": "FlowArn", "type": "string" - }, - "UserRoleRequired": { - "markdownDescription": "Enables use of a user role requirement in your chat configuration.", - "title": "UserRoleRequired", - "type": "boolean" } }, "required": [ - "ConfigurationName", - "IamRoleArn", - "TeamId", - "TeamsChannelId", - "TeamsTenantId" + "FlowArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Chatbot::MicrosoftTeamsChannelConfiguration" + "AWS::Bedrock::FlowVersion" ], "type": "string" }, @@ -32642,903 +37160,907 @@ ], "type": "object" }, - "AWS::Chatbot::SlackChannelConfiguration": { + "AWS::Bedrock::FlowVersion.AgentFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AgentAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias of the agent to invoke.", + "title": "AgentAliasArn", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationName": { - "markdownDescription": "The name of the configuration.", - "title": "ConfigurationName", - "type": "string" - }, - "GuardrailPolicies": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", - "title": "GuardrailPolicies", - "type": "array" - }, - "IamRoleArn": { - "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", - "title": "IamRoleArn", - "type": "string" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", - "title": "LoggingLevel", - "type": "string" - }, - "SlackChannelId": { - "markdownDescription": "The ID of the Slack channel.\n\nTo get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the character string at the end of the URL. For example, `ABCBBLZZZ` .", - "title": "SlackChannelId", - "type": "string" - }, - "SlackWorkspaceId": { - "markdownDescription": "The ID of the Slack workspace authorized with .\n\nTo get the workspace ID, you must perform the initial authorization flow with Slack in the in chat applications console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Slack](https://docs.aws.amazon.com/chatbot/latest/adminguide/slack-setup.html#slack-client-setup) in the *in chat applications User Guide* .", - "title": "SlackWorkspaceId", - "type": "string" - }, - "SnsTopicArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", - "title": "SnsTopicArns", - "type": "array" - }, - "UserRoleRequired": { - "markdownDescription": "Enables use of a user role requirement in your chat configuration.", - "title": "UserRoleRequired", - "type": "boolean" - } + } + }, + "required": [ + "AgentAliasArn" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.ConditionFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowCondition" }, - "required": [ - "ConfigurationName", - "IamRoleArn", - "SlackChannelId", - "SlackWorkspaceId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Chatbot::SlackChannelConfiguration" - ], + "markdownDescription": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition.", + "title": "Conditions", + "type": "array" + } + }, + "required": [ + "Conditions" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FieldForReranking": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the metadata field to be used during the reranking process.", + "title": "FieldName", + "type": "string" + } + }, + "required": [ + "FieldName" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowCondition": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A name for the condition that you can reference.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate": { + "AWS::Bedrock::FlowVersion.FlowConditionalConnectionConfiguration": { "additionalProperties": false, "properties": { "Condition": { + "markdownDescription": "The condition that triggers this connection. For more information about how to write conditions, see the *Condition* node type in the [Node types](https://docs.aws.amazon.com/bedrock/latest/userguide/node-types.html) topic in the Amazon Bedrock User Guide.", + "title": "Condition", "type": "string" + } + }, + "required": [ + "Condition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowConnection": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConnectionConfiguration", + "markdownDescription": "The configuration of the connection.", + "title": "Configuration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A name for the connection that you can reference.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnalysisParameters": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisParameter" - }, - "markdownDescription": "The parameters of the analysis template.", - "title": "AnalysisParameters", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the analysis template.", - "title": "Description", - "type": "string" - }, - "Format": { - "markdownDescription": "The format of the analysis template.", - "title": "Format", - "type": "string" - }, - "MembershipIdentifier": { - "markdownDescription": "The identifier for a membership resource.", - "title": "MembershipIdentifier", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the analysis template.", - "title": "Name", - "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSource", - "markdownDescription": "The source of the analysis template.", - "title": "Source" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Format", - "MembershipIdentifier", - "Name", - "Source" - ], - "type": "object" + "Source": { + "markdownDescription": "The node that the connection starts at.", + "title": "Source", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CleanRooms::AnalysisTemplate" - ], + "Target": { + "markdownDescription": "The node that the connection ends at.", + "title": "Target", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` ).", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "Source", + "Target", + "Type" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisParameter": { + "AWS::Bedrock::FlowVersion.FlowConnectionConfiguration": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor.", - "title": "DefaultValue", - "type": "string" + "Conditional": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConditionalConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a Condition node.", + "title": "Conditional" }, - "Name": { - "markdownDescription": "The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen.", - "title": "Name", + "Data": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowDataConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a node that isn't a Condition node.", + "title": "Data" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowDataConnectionConfiguration": { + "additionalProperties": false, + "properties": { + "SourceOutput": { + "markdownDescription": "The name of the output in the source node that the connection begins from.", + "title": "SourceOutput", "type": "string" }, - "Type": { - "markdownDescription": "The type of parameter.", - "title": "Type", + "TargetInput": { + "markdownDescription": "The name of the input in the target node that the connection ends at.", + "title": "TargetInput", "type": "string" } }, "required": [ - "Name", - "Type" + "SourceOutput", + "TargetInput" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisSchema": { + "AWS::Bedrock::FlowVersion.FlowDefinition": { "additionalProperties": false, "properties": { - "ReferencedTables": { + "Connections": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConnection" }, - "markdownDescription": "The tables referenced in the analysis schema.", - "title": "ReferencedTables", + "markdownDescription": "An array of connection definitions in the flow.", + "title": "Connections", + "type": "array" + }, + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNode" + }, + "markdownDescription": "An array of node definitions in the flow.", + "title": "Nodes", "type": "array" } }, - "required": [ - "ReferencedTables" - ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisSource": { + "AWS::Bedrock::FlowVersion.FlowNode": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The query text.", - "title": "Text", + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeConfiguration", + "markdownDescription": "Contains configurations for the node.", + "title": "Configuration" + }, + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeInput" + }, + "markdownDescription": "An array of objects, each of which contains information about an input into the node.", + "title": "Inputs", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the node.", + "title": "Name", + "type": "string" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeOutput" + }, + "markdownDescription": "A list of objects, each of which contains information about an output from the node.", + "title": "Outputs", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field.", + "title": "Type", "type": "string" } }, "required": [ - "Text" + "Name", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Collaboration": { + "AWS::Bedrock::FlowVersion.FlowNodeConfiguration": { "additionalProperties": false, "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.AgentFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an agent node in your flow. Invokes an alias of an agent and returns the response.", + "title": "Agent" + }, + "Collector": { + "markdownDescription": "Contains configurations for a collector node in your flow. Collects an iteration of inputs and consolidates them into an array of outputs.", + "title": "Collector", + "type": "object" + }, "Condition": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.ConditionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a condition node in your flow. Defines conditions that lead to different branches of the flow.", + "title": "Condition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "InlineCode": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.InlineCodeFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an inline code node in your flow. Inline code nodes let you write and execute code directly within your flow, enabling data transformations, custom logic, and integrations without needing an external Lambda function.", + "title": "InlineCode" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Input": { + "markdownDescription": "Contains configurations for an input flow node in your flow. The first node in the flow. `inputs` can't be specified for this node.", + "title": "Input", + "type": "object" }, - "Metadata": { + "Iterator": { + "markdownDescription": "Contains configurations for an iterator node in your flow. Takes an input that is an array and iteratively sends each item of the array as an output to the following node. The size of the array is also returned in the output.\n\nThe output flow node at the end of the flow iteration will return a response for each member of the array. To return only one response, you can include a collector node downstream from the iterator node.", + "title": "Iterator", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreatorDisplayName": { - "markdownDescription": "A display name of the collaboration creator.", - "title": "CreatorDisplayName", - "type": "string" - }, - "CreatorMemberAbilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS` | `CAN_RUN_JOB`", - "title": "CreatorMemberAbilities", - "type": "array" - }, - "CreatorPaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", - "markdownDescription": "An object representing the collaboration member's payment responsibilities set by the collaboration creator.", - "title": "CreatorPaymentConfiguration" - }, - "DataEncryptionMetadata": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.DataEncryptionMetadata", - "markdownDescription": "The settings for client-side encryption for cryptographic computing.", - "title": "DataEncryptionMetadata" - }, - "Description": { - "markdownDescription": "A description of the collaboration provided by the collaboration owner.", - "title": "Description", - "type": "string" - }, - "Members": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MemberSpecification" - }, - "markdownDescription": "A list of initial members, not including the creator. This list is immutable.", - "title": "Members", - "type": "array" - }, - "Name": { - "markdownDescription": "A human-readable identifier provided by the collaboration owner. Display names are not unique.", - "title": "Name", - "type": "string" - }, - "QueryLogStatus": { - "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", - "title": "QueryLogStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CreatorDisplayName", - "CreatorMemberAbilities", - "Description", - "Members", - "Name", - "QueryLogStatus" - ], + "KnowledgeBase": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBaseFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a knowledge base node in your flow. Queries a knowledge base and returns the retrieved results or generated response.", + "title": "KnowledgeBase" + }, + "LambdaFunction": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LambdaFunctionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lambda function node in your flow. Invokes an AWS Lambda function.", + "title": "LambdaFunction" + }, + "Lex": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LexFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lex node in your flow. Invokes an Amazon Lex bot to identify the intent of the input and return the intent as the output.", + "title": "Lex" + }, + "Loop": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LoopFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a DoWhile loop in your flow.", + "title": "Loop" + }, + "LoopController": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LoopControllerFlowNodeConfiguration", + "markdownDescription": "Contains controller node configurations for a DoWhile loop in your flow.", + "title": "LoopController" + }, + "LoopInput": { + "markdownDescription": "Contains input node configurations for a DoWhile loop in your flow.", + "title": "LoopInput", "type": "object" }, - "Type": { - "enum": [ - "AWS::CleanRooms::Collaboration" - ], + "Output": { + "markdownDescription": "Contains configurations for an output flow node in your flow. The last node in the flow. `outputs` can't be specified for this node.", + "title": "Output", + "type": "object" + }, + "Prompt": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a prompt node in your flow. Runs a prompt and generates the model response as the output. You can use a prompt from Prompt management or you can configure one in this node.", + "title": "Prompt" + }, + "Retrieval": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a retrieval node in your flow. Retrieves data from an Amazon S3 location and returns it as the output.", + "title": "Retrieval" + }, + "Storage": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a storage node in your flow. Stores an input in an Amazon S3 location.", + "title": "Storage" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowNodeInput": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "An expression that formats the input for the node. For an explanation of how to create expressions, see [Expressions in Prompt flows in Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-expressions.html) .", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "Specifies a name for the input that you can reference.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expression", + "Name", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.DataEncryptionMetadata": { + "AWS::Bedrock::FlowVersion.FlowNodeOutput": { "additionalProperties": false, "properties": { - "AllowCleartext": { - "markdownDescription": "Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` ).", - "title": "AllowCleartext", - "type": "boolean" + "Name": { + "markdownDescription": "A name for the output that you can reference.", + "title": "Name", + "type": "string" }, - "AllowDuplicates": { - "markdownDescription": "Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` ).", - "title": "AllowDuplicates", - "type": "boolean" + "Type": { + "markdownDescription": "The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", + "type": "string" }, - "AllowJoinsOnColumnsWithDifferentNames": { - "markdownDescription": "Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` ).", - "title": "AllowJoinsOnColumnsWithDifferentNames", - "type": "boolean" + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.InlineCodeFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The code that's executed in your inline code node. The code can access input data from previous nodes in the flow, perform operations on that data, and produce output that can be used by other nodes in your flow.\n\nThe code must be valid in the programming `language` that you specify.", + "title": "Code", + "type": "string" }, - "PreserveNulls": { - "markdownDescription": "Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` ).", - "title": "PreserveNulls", - "type": "boolean" + "Language": { + "markdownDescription": "The programming language used by your inline code node.\n\nThe code must be valid in the programming `language` that you specify. Currently, only Python 3 ( `Python_3` ) is supported.", + "title": "Language", + "type": "string" } }, "required": [ - "AllowCleartext", - "AllowDuplicates", - "AllowJoinsOnColumnsWithDifferentNames", - "PreserveNulls" + "Code", + "Language" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.MemberSpecification": { + "AWS::Bedrock::FlowVersion.KnowledgeBaseFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The identifier used to reference members of the collaboration. Currently only supports AWS account ID.", - "title": "AccountId", + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply during query and response generation for the knowledge base in this configuration.", + "title": "GuardrailConfiguration" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to query.", + "title": "KnowledgeBaseId", "type": "string" }, - "DisplayName": { - "markdownDescription": "The member's display name.", - "title": "DisplayName", + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to use to generate a response from the query results. Omit this field if you want to return the retrieved results as an array.", + "title": "ModelId", "type": "string" }, - "MemberAbilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The abilities granted to the collaboration member.\n\n*Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", - "title": "MemberAbilities", - "type": "array" + "NumberOfResults": { + "markdownDescription": "The number of results to retrieve from the knowledge base.", + "title": "NumberOfResults", + "type": "number" }, - "PaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", - "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator.\n\nIf the collaboration creator hasn't speci\ufb01ed anyone as the member paying for query compute costs, then the member who can query is the default payer.", - "title": "PaymentConfiguration" + "OrchestrationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBaseOrchestrationConfiguration", + "markdownDescription": "The configuration for orchestrating the retrieval and generation process in the knowledge base node.", + "title": "OrchestrationConfiguration" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template to use with the knowledge base for generating responses.", + "title": "PromptTemplate" + }, + "RerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchRerankingConfiguration", + "markdownDescription": "The configuration for reranking the retrieved results from the knowledge base to improve relevance.", + "title": "RerankingConfiguration" } }, "required": [ - "AccountId", - "DisplayName", - "MemberAbilities" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.PaymentConfiguration": { + "AWS::Bedrock::FlowVersion.KnowledgeBaseOrchestrationConfiguration": { "additionalProperties": false, "properties": { - "QueryCompute": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.QueryComputePaymentConfig", - "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator for query compute costs.", - "title": "QueryCompute" + "AdditionalModelRequestFields": { + "markdownDescription": "The additional model-specific request parameters as key-value pairs to be included in the request to the foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" + }, + "InferenceConfig": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfig" + }, + "PerformanceConfig": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PerformanceConfiguration", + "markdownDescription": "The performance configuration options for the knowledge base retrieval and generation process.", + "title": "PerformanceConfig" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template for orchestrating the retrieval and generation process.", + "title": "PromptTemplate" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate": { + "additionalProperties": false, + "properties": { + "TextPromptTemplate": { + "markdownDescription": "The text of the prompt template.", + "title": "TextPromptTemplate", + "type": "string" } }, "required": [ - "QueryCompute" + "TextPromptTemplate" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.QueryComputePaymentConfig": { + "AWS::Bedrock::FlowVersion.LambdaFunctionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "IsResponsible": { - "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", - "title": "IsResponsible", - "type": "boolean" + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to invoke.", + "title": "LambdaArn", + "type": "string" } }, "required": [ - "IsResponsible" + "LambdaArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable": { + "AWS::Bedrock::FlowVersion.LexFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "BotAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Lex bot alias to invoke.", + "title": "BotAliasArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocaleId": { + "markdownDescription": "The Region to invoke the Amazon Lex bot in.", + "title": "LocaleId", "type": "string" + } + }, + "required": [ + "BotAliasArn", + "LocaleId" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.LoopControllerFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ContinueCondition": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowCondition", + "markdownDescription": "Specifies the condition that determines when the flow exits the DoWhile loop. The loop executes until this condition evaluates to true.", + "title": "ContinueCondition" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The columns within the underlying AWS Glue table that can be utilized within collaborations.", - "title": "AllowedColumns", - "type": "array" - }, - "AnalysisMethod": { - "markdownDescription": "The analysis method for the configured table.\n\n`DIRECT_QUERY` allows SQL queries to be run directly on this table.\n\n`DIRECT_JOB` allows PySpark jobs to be run directly on this table.\n\n`MULTIPLE` allows both SQL queries and PySpark jobs to be run directly on this table.", - "title": "AnalysisMethod", - "type": "string" - }, - "AnalysisRules": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRule" - }, - "markdownDescription": "The analysis rule that was created for the configured table.", - "title": "AnalysisRules", - "type": "array" - }, - "Description": { - "markdownDescription": "A description for the configured table.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the configured table.", - "title": "Name", - "type": "string" - }, - "TableReference": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.TableReference", - "markdownDescription": "The table that this configured table represents.", - "title": "TableReference" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AllowedColumns", - "AnalysisMethod", - "Name", - "TableReference" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CleanRooms::ConfiguredTable" - ], + "MaxIterations": { + "markdownDescription": "Specifies the maximum number of times the DoWhile loop can iterate before the flow exits the loop.", + "title": "MaxIterations", + "type": "number" + } + }, + "required": [ + "ContinueCondition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.LoopFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowDefinition", + "markdownDescription": "The definition of the DoWhile loop nodes and connections between nodes in the flow.", + "title": "Definition" + } + }, + "required": [ + "Definition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.MetadataConfigurationForReranking": { + "additionalProperties": false, + "properties": { + "SelectionMode": { + "markdownDescription": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "title": "SelectionMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SelectiveModeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RerankingMetadataSelectiveModeConfiguration", + "markdownDescription": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE.", + "title": "SelectiveModeConfiguration" } }, "required": [ - "Type", - "Properties" + "SelectionMode" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AggregateColumn": { + "AWS::Bedrock::FlowVersion.PerformanceConfiguration": { "additionalProperties": false, "properties": { - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Column names in configured table of aggregate columns.", - "title": "ColumnNames", - "type": "array" - }, - "Function": { - "markdownDescription": "Aggregation function that can be applied to aggregate column in query.", - "title": "Function", + "Latency": { + "markdownDescription": "To use a latency-optimized version of the model, set to `optimized` .", + "title": "Latency", "type": "string" } }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply to the prompt in this node and the response generated from it.", + "title": "GuardrailConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeSourceConfiguration", + "markdownDescription": "Specifies whether the prompt is from Prompt management or defined inline.", + "title": "SourceConfiguration" + } + }, "required": [ - "ColumnNames", - "Function" + "SourceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AggregationConstraint": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeInlineConfiguration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "Column in aggregation constraint for which there must be a minimum number of distinct values in an output row for it to be in the query output.", - "title": "ColumnName", + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to run inference with.", + "title": "ModelId", "type": "string" }, - "Minimum": { - "markdownDescription": "The minimum number of distinct values that an output row must be an aggregation of. Minimum threshold of distinct values for a specified column that must exist in an output row for it to be in the query output.", - "title": "Minimum", - "type": "number" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptTemplateConfiguration", + "markdownDescription": "Contains a prompt and variables in the prompt that can be replaced with values at runtime.", + "title": "TemplateConfiguration" }, - "Type": { - "markdownDescription": "The type of aggregation the constraint allows. The only valid value is currently `COUNT_DISTINCT`.", - "title": "Type", + "TemplateType": { + "markdownDescription": "The type of prompt template.", + "title": "TemplateType", "type": "string" } }, "required": [ - "ColumnName", - "Minimum", - "Type" + "ModelId", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRule": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeResourceConfiguration": { "additionalProperties": false, "properties": { - "Policy": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy", - "markdownDescription": "A policy that describes the associated data usage limitations.", - "title": "Policy" - }, - "Type": { - "markdownDescription": "The type of analysis rule.", - "title": "Type", + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the prompt from Prompt management.", + "title": "PromptArn", "type": "string" } }, "required": [ - "Policy", - "Type" + "PromptArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeSourceConfiguration": { "additionalProperties": false, "properties": { - "AggregateColumns": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregateColumn" - }, - "markdownDescription": "The columns that query runners are allowed to use in aggregation queries.", - "title": "AggregateColumns", - "type": "array" - }, - "AllowedJoinOperators": { - "items": { - "type": "string" - }, - "markdownDescription": "Which logical operators (if any) are to be used in an INNER JOIN match condition. Default is `AND` .", - "title": "AllowedJoinOperators", - "type": "array" + "Inline": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeInlineConfiguration", + "markdownDescription": "Contains configurations for a prompt that is defined inline", + "title": "Inline" }, - "DimensionColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The columns that query runners are allowed to select, group by, or filter by.", - "title": "DimensionColumns", - "type": "array" + "Resource": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeResourceConfiguration", + "markdownDescription": "Contains configurations for a prompt from Prompt management.", + "title": "Resource" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptInputVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" }, - "JoinColumns": { + "StopSequences": { "items": { "type": "string" }, - "markdownDescription": "Columns in configured table that can be used in join statements and/or as aggregate columns. They can never be outputted directly.", - "title": "JoinColumns", + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", "type": "array" }, - "JoinRequired": { - "markdownDescription": "Control that requires member who runs query to do a join with their configured table and/or other configured table in query.", - "title": "JoinRequired", - "type": "string" - }, - "OutputConstraints": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregationConstraint" - }, - "markdownDescription": "Columns that must meet a specific threshold value (after an aggregation function is applied to it) for each output row to be returned.", - "title": "OutputConstraints", - "type": "array" + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" }, - "ScalarFunctions": { - "items": { - "type": "string" - }, - "markdownDescription": "Set of scalar functions that are allowed to be used on dimension columns and the output of aggregation of metrics.", - "title": "ScalarFunctions", - "type": "array" + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" } }, "required": [ - "AggregateColumns", - "DimensionColumns", - "JoinColumns", - "OutputConstraints", - "ScalarFunctions" + "Text" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom": { + "AWS::Bedrock::FlowVersion.RerankingMetadataSelectiveModeConfiguration": { "additionalProperties": false, "properties": { - "AllowedAnalyses": { + "FieldsToExclude": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FieldForReranking" }, - "markdownDescription": "The ARN of the analysis templates that are allowed by the custom analysis rule.", - "title": "AllowedAnalyses", + "markdownDescription": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "title": "FieldsToExclude", "type": "array" }, - "AllowedAnalysisProviders": { + "FieldsToInclude": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FieldForReranking" }, - "markdownDescription": "The IDs of the AWS accounts that are allowed to query by the custom analysis rule. Required when `allowedAnalyses` is `ANY_QUERY` .", - "title": "AllowedAnalysisProviders", + "markdownDescription": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude.", + "title": "FieldsToInclude", "type": "array" - }, - "DifferentialPrivacy": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy", - "markdownDescription": "The differential privacy configuration.", - "title": "DifferentialPrivacy" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for retrieving data to return as the output from the node.", + "title": "ServiceConfiguration" } }, "required": [ - "AllowedAnalyses" + "ServiceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleList": { + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "AllowedJoinOperators": { - "items": { - "type": "string" - }, - "markdownDescription": "The logical operators (if any) that are to be used in an INNER JOIN match condition. Default is `AND` .", - "title": "AllowedJoinOperators", - "type": "array" - }, - "JoinColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "Columns that can be used to join a configured table with the table of the member who can query and other members' configured tables.", - "title": "JoinColumns", - "type": "array" - }, - "ListColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "Columns that can be listed in the output.", - "title": "ListColumns", - "type": "array" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket from which to retrieve data.", + "title": "BucketName", + "type": "string" } }, "required": [ - "JoinColumns", - "ListColumns" + "BucketName" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy": { + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "V1": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1", - "markdownDescription": "Controls on the query specifications that can be run on a configured table.", - "title": "V1" + "S3": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location from which to retrieve data to return as the output from the node.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.StorageFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for storing the input into the node.", + "title": "ServiceConfiguration" } }, "required": [ - "V1" + "ServiceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1": { + "AWS::Bedrock::FlowVersion.StorageFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation", - "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", - "title": "Aggregation" - }, - "Custom": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom", - "markdownDescription": "Analysis rule type that enables custom SQL queries on a configured table.", - "title": "Custom" - }, - "List": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleList", - "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", - "title": "List" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket in which to store the input into the node.", + "title": "BucketName", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.StorageFlowNodeServiceConfiguration": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location in which to store the input into the node.", + "title": "S3" } }, "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy": { + "AWS::Bedrock::FlowVersion.TextPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "Columns": { + "InputVariables": { "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInputVariable" }, - "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", - "title": "Columns", + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", "type": "array" + }, + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" } }, "required": [ - "Columns" + "Text" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn": { + "AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", - "title": "Name", - "type": "string" + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.MetadataConfigurationForReranking", + "markdownDescription": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "title": "MetadataConfiguration" + }, + "ModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingModelConfiguration", + "markdownDescription": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "title": "ModelConfiguration" + }, + "NumberOfRerankedResults": { + "markdownDescription": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results.", + "title": "NumberOfRerankedResults", + "type": "number" } }, "required": [ - "Name" + "ModelConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.GlueTableReference": { + "AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingModelConfiguration": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database the AWS Glue table belongs to.", - "title": "DatabaseName", - "type": "string" + "AdditionalModelRequestFields": { + "markdownDescription": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" }, - "TableName": { - "markdownDescription": "The name of the AWS Glue table.", - "title": "TableName", + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering.", + "title": "ModelArn", "type": "string" } }, "required": [ - "DatabaseName", - "TableName" + "ModelArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.TableReference": { + "AWS::Bedrock::FlowVersion.VectorSearchRerankingConfiguration": { "additionalProperties": false, "properties": { - "Glue": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.GlueTableReference", - "markdownDescription": "If present, a reference to the AWS Glue table referred to by this table reference.", - "title": "Glue" + "BedrockRerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingConfiguration", + "markdownDescription": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "title": "BedrockRerankingConfiguration" + }, + "Type": { + "markdownDescription": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking.", + "title": "Type", + "type": "string" } }, "required": [ - "Glue" + "Type" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTableAssociation": { + "AWS::Bedrock::Guardrail": { "additionalProperties": false, "properties": { "Condition": { @@ -33573,51 +38095,80 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfiguredTableIdentifier": { - "markdownDescription": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.", - "title": "ConfiguredTableIdentifier", + "BlockedInputMessaging": { + "markdownDescription": "The message to return when the guardrail blocks a prompt.", + "title": "BlockedInputMessaging", + "type": "string" + }, + "BlockedOutputsMessaging": { + "markdownDescription": "The message to return when the guardrail blocks a model response.", + "title": "BlockedOutputsMessaging", "type": "string" }, + "ContentPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentPolicyConfig", + "markdownDescription": "The content filter policies to configure for the guardrail.", + "title": "ContentPolicyConfig" + }, + "ContextualGroundingPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContextualGroundingPolicyConfig", + "markdownDescription": "", + "title": "ContextualGroundingPolicyConfig" + }, + "CrossRegionConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.GuardrailCrossRegionConfig", + "markdownDescription": "The system-defined guardrail profile that you're using with your guardrail. Guardrail profiles define the destination AWS Regions where guardrail inference requests can be automatically routed. Using guardrail profiles helps maintain guardrail performance and reliability when demand increases.\n\nFor more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "CrossRegionConfig" + }, "Description": { - "markdownDescription": "A description of the configured table association.", + "markdownDescription": "A description of the guardrail.", "title": "Description", "type": "string" }, - "MembershipIdentifier": { - "markdownDescription": "The unique ID for the membership this configured table association belongs to.", - "title": "MembershipIdentifier", + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", + "title": "KmsKeyArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.", + "markdownDescription": "The name of the guardrail.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The service will assume this role to access catalog metadata and query the table.", - "title": "RoleArn", - "type": "string" + "SensitiveInformationPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig", + "markdownDescription": "The sensitive information policy to configure for the guardrail.", + "title": "SensitiveInformationPolicyConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "markdownDescription": "The tags that you want to attach to the guardrail.", "title": "Tags", "type": "array" + }, + "TopicPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicPolicyConfig", + "markdownDescription": "The topic policies to configure for the guardrail.", + "title": "TopicPolicyConfig" + }, + "WordPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordPolicyConfig", + "markdownDescription": "The word policy you configure for the guardrail.", + "title": "WordPolicyConfig" } }, "required": [ - "ConfiguredTableIdentifier", - "MembershipIdentifier", - "Name", - "RoleArn" + "BlockedInputMessaging", + "BlockedOutputsMessaging", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CleanRooms::ConfiguredTableAssociation" + "AWS::Bedrock::Guardrail" ], "type": "string" }, @@ -33636,636 +38187,459 @@ ], "type": "object" }, - "AWS::CleanRooms::Membership": { + "AWS::Bedrock::Guardrail.ContentFilterConfig": { "additionalProperties": false, "properties": { - "Condition": { + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "InputModalities": { + "items": { + "type": "string" + }, + "markdownDescription": "The input modalities selected for the guardrail content filter configuration.", + "title": "InputModalities", + "type": "array" + }, + "InputStrength": { + "markdownDescription": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", + "title": "InputStrength", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" }, - "Metadata": { - "type": "object" + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CollaborationIdentifier": { - "markdownDescription": "The unique ID for the associated collaboration.", - "title": "CollaborationIdentifier", - "type": "string" - }, - "DefaultResultConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration", - "markdownDescription": "The default protected query result configuration as specified by the member who can receive results.", - "title": "DefaultResultConfiguration" - }, - "PaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipPaymentConfiguration", - "markdownDescription": "The payment responsibilities accepted by the collaboration member.", - "title": "PaymentConfiguration" - }, - "QueryLogStatus": { - "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the membership.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", - "title": "QueryLogStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } + "OutputModalities": { + "items": { + "type": "string" }, - "required": [ - "CollaborationIdentifier", - "QueryLogStatus" - ], - "type": "object" + "markdownDescription": "The output modalities selected for the guardrail content filter configuration.", + "title": "OutputModalities", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CleanRooms::Membership" - ], + "OutputStrength": { + "markdownDescription": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", + "title": "OutputStrength", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The harmful category that the content filter is applied to.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "InputStrength", + "OutputStrength", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipPaymentConfiguration": { + "AWS::Bedrock::Guardrail.ContentFiltersTierConfig": { "additionalProperties": false, "properties": { - "QueryCompute": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig", - "markdownDescription": "The payment responsibilities accepted by the collaboration member for query compute costs.", - "title": "QueryCompute" + "TierName": { + "markdownDescription": "The tier that your guardrail uses for content filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "TierName", + "type": "string" } }, "required": [ - "QueryCompute" + "TierName" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration": { + "AWS::Bedrock::Guardrail.ContentPolicyConfig": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration", - "markdownDescription": "Required configuration for a protected query with an `s3` output type.", - "title": "S3" + "ContentFiltersTierConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFiltersTierConfig", + "markdownDescription": "The tier that your guardrail uses for content filters. Consider using a tier that balances performance, accuracy, and compatibility with your existing generative AI workflows.", + "title": "ContentFiltersTierConfig" + }, + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFilterConfig" + }, + "markdownDescription": "Contains the type of the content filter and how strongly it should apply to prompts and model responses.", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "S3" + "FiltersConfig" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration": { + "AWS::Bedrock::Guardrail.ContextualGroundingFilterConfig": { "additionalProperties": false, "properties": { - "OutputConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration", - "markdownDescription": "Configuration for protected query results.", - "title": "OutputConfiguration" + "Action": { + "markdownDescription": "Specifies the action to take when content fails the contextual grounding evaluation. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "Action", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results.", - "title": "RoleArn", + "Enabled": { + "markdownDescription": "Specifies whether to enable contextual grounding evaluation. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "Enabled", + "type": "boolean" + }, + "Threshold": { + "markdownDescription": "The threshold details for the guardrails contextual grounding filter.", + "title": "Threshold", + "type": "number" + }, + "Type": { + "markdownDescription": "The filter details for the guardrails contextual grounding filter.", + "title": "Type", "type": "string" } }, "required": [ - "OutputConfiguration" + "Threshold", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig": { + "AWS::Bedrock::Guardrail.ContextualGroundingPolicyConfig": { "additionalProperties": false, "properties": { - "IsResponsible": { - "markdownDescription": "Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query compute costs.", - "title": "IsResponsible", - "type": "boolean" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContextualGroundingFilterConfig" + }, + "markdownDescription": "", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "IsResponsible" + "FiltersConfig" ], "type": "object" }, - "AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration": { + "AWS::Bedrock::Guardrail.GuardrailCrossRegionConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The S3 bucket to unload the protected query results.", - "title": "Bucket", - "type": "string" - }, - "KeyPrefix": { - "markdownDescription": "The S3 prefix to unload the protected query results.", - "title": "KeyPrefix", - "type": "string" - }, - "ResultFormat": { - "markdownDescription": "Intended file format of the result.", - "title": "ResultFormat", + "GuardrailProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the guardrail profile that your guardrail is using. Guardrail profile availability depends on your current AWS Region . For more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region-support.html) .", + "title": "GuardrailProfileArn", "type": "string" } }, "required": [ - "Bucket", - "ResultFormat" + "GuardrailProfileArn" ], "type": "object" }, - "AWS::CleanRooms::PrivacyBudgetTemplate": { + "AWS::Bedrock::Guardrail.ManagedWordsConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Metadata": { - "type": "object" + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoRefresh": { - "markdownDescription": "How often the privacy budget refreshes.\n\n> If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes.", - "title": "AutoRefresh", - "type": "string" - }, - "MembershipIdentifier": { - "markdownDescription": "The identifier for a membership resource.", - "title": "MembershipIdentifier", - "type": "string" - }, - "Parameters": { - "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate.Parameters", - "markdownDescription": "Specifies the epsilon and noise parameters for the privacy budget template.", - "title": "Parameters" - }, - "PrivacyBudgetType": { - "markdownDescription": "Specifies the type of the privacy budget template.", - "title": "PrivacyBudgetType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AutoRefresh", - "MembershipIdentifier", - "Parameters", - "PrivacyBudgetType" - ], - "type": "object" + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, "Type": { - "enum": [ - "AWS::CleanRooms::PrivacyBudgetTemplate" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The managed word type to configure for the guardrail.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CleanRooms::PrivacyBudgetTemplate.Parameters": { + "AWS::Bedrock::Guardrail.PiiEntityConfig": { "additionalProperties": false, "properties": { - "Epsilon": { - "markdownDescription": "The epsilon value that you want to use.", - "title": "Epsilon", - "type": "number" + "Action": { + "markdownDescription": "Configure guardrail action when the PII entity is detected.", + "title": "Action", + "type": "string" }, - "UsersNoisePerQuery": { - "markdownDescription": "Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted.", - "title": "UsersNoisePerQuery", - "type": "number" + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" + }, + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" + }, + "OutputEnabled": { + "markdownDescription": "Indicates whether guardrail evaluation is enabled on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Type": { + "markdownDescription": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guardrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *CREDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc..", + "title": "Type", + "type": "string" } }, "required": [ - "Epsilon", - "UsersNoisePerQuery" + "Action", + "Type" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset": { + "AWS::Bedrock::Guardrail.RegexConfig": { "additionalProperties": false, "properties": { - "Condition": { + "Action": { + "markdownDescription": "The guardrail action to configure when matching regular expression is detected.", + "title": "Action", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "The description of the regular expression to configure for the guardrail.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" }, - "Metadata": { - "type": "object" + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the training dataset.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the training dataset.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - }, - "TrainingData": { - "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" - }, - "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", - "title": "TrainingData", - "type": "array" - } - }, - "required": [ - "Name", - "RoleArn", - "TrainingData" - ], - "type": "object" + "Name": { + "markdownDescription": "The name of the regular expression to configure for the guardrail.", + "title": "Name", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CleanRoomsML::TrainingDataset" - ], + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Pattern": { + "markdownDescription": "The regular expression pattern to configure for the guardrail.", + "title": "Pattern", "type": "string" } }, "required": [ - "Type", - "Properties" + "Action", + "Name", + "Pattern" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { + "AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of a column.", - "title": "ColumnName", - "type": "string" + "PiiEntitiesConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.PiiEntityConfig" + }, + "markdownDescription": "A list of PII entities to configure to the guardrail.", + "title": "PiiEntitiesConfig", + "type": "array" }, - "ColumnTypes": { + "RegexesConfig": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Guardrail.RegexConfig" }, - "markdownDescription": "The data type of column.", - "title": "ColumnTypes", + "markdownDescription": "A list of regular expressions to configure to the guardrail.", + "title": "RegexesConfig", "type": "array" } }, - "required": [ - "ColumnName", - "ColumnTypes" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.DataSource": { - "additionalProperties": false, - "properties": { - "GlueDataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", - "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", - "title": "GlueDataSource" - } - }, - "required": [ - "GlueDataSource" - ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.Dataset": { + "AWS::Bedrock::Guardrail.TopicConfig": { "additionalProperties": false, "properties": { - "InputConfig": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", - "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", - "title": "InputConfig" + "Definition": { + "markdownDescription": "A definition of the topic to deny.", + "title": "Definition", + "type": "string" + }, + "Examples": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", + "title": "Examples", + "type": "array" + }, + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" + }, + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the topic to deny.", + "title": "Name", + "type": "string" + }, + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" + }, + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, "Type": { - "markdownDescription": "What type of information is found in the dataset.", + "markdownDescription": "Specifies to deny the topic.", "title": "Type", "type": "string" } }, "required": [ - "InputConfig", + "Definition", + "Name", "Type" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { + "AWS::Bedrock::Guardrail.TopicPolicyConfig": { "additionalProperties": false, "properties": { - "DataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", - "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", - "title": "DataSource" - }, - "Schema": { + "TopicsConfig": { "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicConfig" }, - "markdownDescription": "The schema information for the training data.", - "title": "Schema", + "markdownDescription": "A list of policies related to topics that the guardrail should deny.", + "title": "TopicsConfig", "type": "array" + }, + "TopicsTierConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicsTierConfig", + "markdownDescription": "The tier that your guardrail uses for denied topic filters.", + "title": "TopicsTierConfig" } }, "required": [ - "DataSource", - "Schema" + "TopicsConfig" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { + "AWS::Bedrock::Guardrail.TopicsTierConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The Glue catalog that contains the training data.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The Glue database that contains the training data.", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "The Glue table that contains the training data.", - "title": "TableName", + "TierName": { + "markdownDescription": "The tier that your guardrail uses for denied topic filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "TierName", "type": "string" } }, "required": [ - "DatabaseName", - "TableName" + "TierName" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2": { + "AWS::Bedrock::Guardrail.WordConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutomaticStopTimeMinutes": { - "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", - "title": "AutomaticStopTimeMinutes", - "type": "number" - }, - "ConnectionType": { - "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", - "title": "ConnectionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the environment to create.", - "title": "Description", - "type": "string" - }, - "ImageId": { - "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", - "title": "ImageId", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", - "title": "InstanceType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment.", - "title": "Name", - "type": "string" - }, - "OwnerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", - "title": "OwnerArn", - "type": "string" - }, - "Repositories": { - "items": { - "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" - }, - "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", - "title": "Repositories", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", - "title": "SubnetId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ImageId", - "InstanceType" - ], - "type": "object" + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the intput. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::Cloud9::EnvironmentEC2" - ], + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Text": { + "markdownDescription": "Text of the word configured for the guardrail to block.", + "title": "Text", "type": "string" } }, "required": [ - "Type", - "Properties" + "Text" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2.Repository": { + "AWS::Bedrock::Guardrail.WordPolicyConfig": { "additionalProperties": false, "properties": { - "PathComponent": { - "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", - "title": "PathComponent", - "type": "string" + "ManagedWordListsConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ManagedWordsConfig" + }, + "markdownDescription": "A list of managed words to configure for the guardrail.", + "title": "ManagedWordListsConfig", + "type": "array" }, - "RepositoryUrl": { - "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", - "title": "RepositoryUrl", - "type": "string" + "WordsConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordConfig" + }, + "markdownDescription": "A list of words to configure for the guardrail.", + "title": "WordsConfig", + "type": "array" } }, - "required": [ - "PathComponent", - "RepositoryUrl" - ], "type": "object" }, - "AWS::CloudFormation::CustomResource": { + "AWS::Bedrock::GuardrailVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -34300,20 +38674,25 @@ "Properties": { "additionalProperties": false, "properties": { - "ServiceToken": { - "markdownDescription": "The service token, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same Region as the stack.\n\nUpdates aren't supported.", - "title": "ServiceToken", + "Description": { + "markdownDescription": "A description of the guardrail version.", + "title": "Description", + "type": "string" + }, + "GuardrailIdentifier": { + "markdownDescription": "The unique identifier of the guardrail. This can be an ID or the ARN.", + "title": "GuardrailIdentifier", "type": "string" } }, "required": [ - "ServiceToken" + "GuardrailIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::CustomResource" + "AWS::Bedrock::GuardrailVersion" ], "type": "string" }, @@ -34332,7 +38711,7 @@ ], "type": "object" }, - "AWS::CloudFormation::HookDefaultVersion": { + "AWS::Bedrock::IntelligentPromptRouter": { "additionalProperties": false, "properties": { "Condition": { @@ -34367,108 +38746,54 @@ "Properties": { "additionalProperties": false, "properties": { - "TypeName": { - "markdownDescription": "The name of the Hook.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeName", - "type": "string" - }, - "TypeVersionArn": { - "markdownDescription": "The version ID of the type configuration.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeVersionArn", + "Description": { + "markdownDescription": "An optional description of the prompt router to help identify its purpose.", + "title": "Description", "type": "string" }, - "VersionId": { - "markdownDescription": "The version ID of the type specified.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudFormation::HookDefaultVersion" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudFormation::HookTypeConfig": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "FallbackModel": { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel", + "markdownDescription": "The default model to use when the routing criteria is not met.", + "title": "FallbackModel" }, - { + "Models": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel" }, + "markdownDescription": "A list of foundation models that the prompt router can route requests to. At least one model must be specified.", + "title": "Models", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Configuration": { - "markdownDescription": "Specifies the activated Hook type configuration, in this AWS account and AWS Region .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "Configuration", - "type": "string" }, - "ConfigurationAlias": { - "markdownDescription": "An alias by which to refer to this configuration data.\n\nDefaults to `default` alias. Hook types currently support default configuration alias.", - "title": "ConfigurationAlias", + "PromptRouterName": { + "markdownDescription": "The name of the prompt router. The name must be unique within your AWS account in the current region.", + "title": "PromptRouterName", "type": "string" }, - "TypeArn": { - "markdownDescription": "The Amazon Resource Number (ARN) for the Hook to set `Configuration` for.\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "TypeArn", - "type": "string" + "RoutingCriteria": { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.RoutingCriteria", + "markdownDescription": "Routing criteria for a prompt router.", + "title": "RoutingCriteria" }, - "TypeName": { - "markdownDescription": "The unique name for your Hook. Specifies a three-part namespace for your Hook, with a recommended pattern of `Organization::Service::Hook` .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "TypeName", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource as tags. You can use tags to categorize and manage your AWS resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "Configuration" + "FallbackModel", + "Models", + "PromptRouterName", + "RoutingCriteria" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::HookTypeConfig" + "AWS::Bedrock::IntelligentPromptRouter" ], "type": "string" }, @@ -34487,7 +38812,35 @@ ], "type": "object" }, - "AWS::CloudFormation::HookVersion": { + "AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel": { + "additionalProperties": false, + "properties": { + "ModelArn": { + "markdownDescription": "The target model's ARN.", + "title": "ModelArn", + "type": "string" + } + }, + "required": [ + "ModelArn" + ], + "type": "object" + }, + "AWS::Bedrock::IntelligentPromptRouter.RoutingCriteria": { + "additionalProperties": false, + "properties": { + "ResponseQualityDifference": { + "markdownDescription": "The criteria's response quality difference.", + "title": "ResponseQualityDifference", + "type": "number" + } + }, + "required": [ + "ResponseQualityDifference" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase": { "additionalProperties": false, "properties": { "Condition": { @@ -34522,36 +38875,53 @@ "Properties": { "additionalProperties": false, "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.", - "title": "ExecutionRoleArn", + "Description": { + "markdownDescription": "The description of the knowledge base associated with the inline agent.", + "title": "Description", "type": "string" }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::HookVersion.LoggingConfig", - "markdownDescription": "Contains logging configuration information for an extension.", - "title": "LoggingConfig" + "KnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration", + "markdownDescription": "Contains details about the embeddings configuration of the knowledge base.", + "title": "KnowledgeBaseConfiguration" }, - "SchemaHandlerPackage": { - "markdownDescription": "A URL to the Amazon S3 bucket for the Hook project package that contains the necessary files for the Hook you want to register.\n\nFor information on generating a schema handler package, see [Modeling custom CloudFormation Hooks](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html) in the *AWS CloudFormation Hooks User Guide* .\n\n> To register the Hook, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "SchemaHandlerPackage", + "Name": { + "markdownDescription": "The name of the knowledge base.", + "title": "Name", "type": "string" }, - "TypeName": { - "markdownDescription": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\n> The following organization namespaces are reserved and can't be used in your hook type names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `ASK`\n> - `AWS`\n> - `Custom`\n> - `Dev`", - "title": "TypeName", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the knowledge base.", + "title": "RoleArn", "type": "string" + }, + "StorageConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.StorageConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base.", + "title": "StorageConfiguration" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "SchemaHandlerPackage", - "TypeName" + "KnowledgeBaseConfiguration", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::HookVersion" + "AWS::Bedrock::KnowledgeBase" ], "type": "string" }, @@ -34570,476 +38940,587 @@ ], "type": "object" }, - "AWS::CloudFormation::HookVersion.LoggingConfig": { + "AWS::Bedrock::KnowledgeBase.BedrockEmbeddingModelConfiguration": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", - "title": "LogGroupName", - "type": "string" + "Dimensions": { + "markdownDescription": "The dimensions details for the vector configuration used on the Bedrock embeddings model.", + "title": "Dimensions", + "type": "number" }, - "LogRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", - "title": "LogRoleArn", + "EmbeddingDataType": { + "markdownDescription": "The data type for the vectors when using a model to convert text into vector embeddings. The model must support the specified data type for vector embeddings. Floating-point (float32) is the default data type, and is supported by most models for vector embeddings. See [Supported embeddings models](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-supported.html) for information on the available models and their vector data types.", + "title": "EmbeddingDataType", "type": "string" } }, "type": "object" }, - "AWS::CloudFormation::Macro": { + "AWS::Bedrock::KnowledgeBase.CuratedQuery": { "additionalProperties": false, "properties": { - "Condition": { + "NaturalLanguage": { + "markdownDescription": "An example natural language query.", + "title": "NaturalLanguage", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Sql": { + "markdownDescription": "The SQL equivalent of the natural language query.", + "title": "Sql", "type": "string" + } + }, + "required": [ + "NaturalLanguage", + "Sql" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.EmbeddingModelConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockEmbeddingModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.BedrockEmbeddingModelConfiguration", + "markdownDescription": "The vector configuration details on the Bedrock embeddings model.", + "title": "BedrockEmbeddingModelConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.KendraKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "KendraIndexArn": { + "markdownDescription": "The ARN of the Amazon Kendra index.", + "title": "KendraIndexArn", + "type": "string" + } + }, + "required": [ + "KendraIndexArn" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "KendraKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KendraKnowledgeBaseConfiguration", + "markdownDescription": "Settings for an Amazon Kendra knowledge base.", + "title": "KendraKnowledgeBaseConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the macro.", - "title": "Description", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.", - "title": "FunctionName", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.\n\nThis will be an existing CloudWatch Logs LogGroup. Neither CloudFormation or Lambda will create the group.", - "title": "LogGroupName", - "type": "string" - }, - "LogRoleARN": { - "markdownDescription": "The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .", - "title": "LogRoleARN", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the macro. The name of the macro must be unique across all macros in the account.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "FunctionName", - "Name" - ], - "type": "object" + "SqlKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SqlKnowledgeBaseConfiguration", + "markdownDescription": "Specifies configurations for a knowledge base connected to an SQL database.", + "title": "SqlKnowledgeBaseConfiguration" }, "Type": { - "enum": [ - "AWS::CloudFormation::Macro" - ], + "markdownDescription": "The type of data that the data source is converted into for the knowledge base.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VectorKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration", + "markdownDescription": "Contains details about the model that's used to convert the data source into vector embeddings.", + "title": "VectorKnowledgeBaseConfiguration" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFormation::ModuleDefaultVersion": { + "AWS::Bedrock::KnowledgeBase.MongoDbAtlasConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "CollectionName": { + "markdownDescription": "The collection name of the knowledge base in MongoDB Atlas.", + "title": "CollectionName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that contains user credentials for your MongoDB Atlas cluster.", + "title": "CredentialsSecretArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseName": { + "markdownDescription": "The database name in your MongoDB Atlas cluster for your knowledge base.", + "title": "DatabaseName", + "type": "string" }, - "Metadata": { - "type": "object" + "Endpoint": { + "markdownDescription": "The endpoint URL of your MongoDB Atlas cluster for your knowledge base.", + "title": "Endpoint", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the module version to set as the default version.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "Arn", - "type": "string" - }, - "ModuleName": { - "markdownDescription": "The name of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "ModuleName", - "type": "string" - }, - "VersionId": { - "markdownDescription": "The ID for the specific version of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" + "EndpointServiceName": { + "markdownDescription": "The name of the VPC endpoint service in your account that is connected to your MongoDB Atlas cluster.", + "title": "EndpointServiceName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::ModuleDefaultVersion" - ], + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.MongoDbAtlasFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" + }, + "TextIndexName": { + "markdownDescription": "The name of the text search index in the MongoDB collection. This is required for using the hybrid search feature.", + "title": "TextIndexName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VectorIndexName": { + "markdownDescription": "The name of the MongoDB Atlas vector search index.", + "title": "VectorIndexName", "type": "string" } }, "required": [ - "Type" + "CollectionName", + "CredentialsSecretArn", + "DatabaseName", + "Endpoint", + "FieldMapping", + "VectorIndexName" ], "type": "object" }, - "AWS::CloudFormation::ModuleVersion": { + "AWS::Bedrock::KnowledgeBase.MongoDbAtlasFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField", + "VectorField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsConfiguration": { + "additionalProperties": false, + "properties": { + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Metadata": { - "type": "object" + "GraphArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Neptune Analytics vector store.", + "title": "GraphArn", + "type": "string" + } + }, + "required": [ + "FieldMapping", + "GraphArn" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsFieldMapping": { + "additionalProperties": false, + "properties": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ModuleName": { - "markdownDescription": "The name of the module being registered.", - "title": "ModuleName", - "type": "string" - }, - "ModulePackage": { - "markdownDescription": "A URL to the S3 bucket for the package that contains the template fragment and schema files for the module version to register.\n\nFor more information, see [Module structure and requirements](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the module version, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "ModulePackage", - "type": "string" - } - }, - "required": [ - "ModuleName", - "ModulePackage" - ], - "type": "object" + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterConfiguration": { + "additionalProperties": false, + "properties": { + "DomainArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch domain.", + "title": "DomainArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::ModuleVersion" - ], + "DomainEndpoint": { + "markdownDescription": "The endpoint URL the OpenSearch domain.", + "title": "DomainEndpoint", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" + }, + "VectorIndexName": { + "markdownDescription": "The name of the vector store.", + "title": "VectorIndexName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DomainArn", + "DomainEndpoint", + "FieldMapping", + "VectorIndexName" ], "type": "object" }, - "AWS::CloudFormation::PublicTypeVersion": { + "AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField", + "VectorField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration": { + "additionalProperties": false, + "properties": { + "CollectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch Service vector store.", + "title": "CollectionArn", + "type": "string" }, - "Metadata": { - "type": "object" + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the extension.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "Arn", - "type": "string" - }, - "LogDeliveryBucket": { - "markdownDescription": "The S3 bucket to which CloudFormation delivers the contract test execution logs.\n\nCloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of `PASSED` or `FAILED` .\n\nThe user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions:\n\n- s3:GetObject\n- s3:PutObject", - "title": "LogDeliveryBucket", - "type": "string" - }, - "PublicVersionNumber": { - "markdownDescription": "The version number to assign to this version of the extension.\n\nUse the following format, and adhere to semantic versioning when assigning a version number to your extension:\n\n`MAJOR.MINOR.PATCH`\n\nFor more information, see [Semantic Versioning 2.0.0](https://docs.aws.amazon.com/https://semver.org/) .\n\nIf you don't specify a version number, CloudFormation increments the version number by one minor version release.\n\nYou cannot specify a version number the first time you publish a type. CloudFormation automatically sets the first version number to be `1.0.0` .", - "title": "PublicVersionNumber", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "Type", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The name of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "TypeName", - "type": "string" - } - }, - "type": "object" + "VectorIndexName": { + "markdownDescription": "The name of the vector store.", + "title": "VectorIndexName", + "type": "string" + } + }, + "required": [ + "CollectionArn", + "FieldMapping", + "VectorIndexName" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping": { + "additionalProperties": false, + "properties": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::PublicTypeVersion" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", "type": "string" } }, "required": [ - "Type" + "MetadataField", + "TextField", + "VectorField" ], "type": "object" }, - "AWS::CloudFormation::Publisher": { + "AWS::Bedrock::KnowledgeBase.PineconeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ConnectionString": { + "markdownDescription": "The endpoint URL for your index management page.", + "title": "ConnectionString", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key.", + "title": "CredentialsSecretArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Metadata": { - "type": "object" + "Namespace": { + "markdownDescription": "The namespace to be used to write new data to your database.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "ConnectionString", + "CredentialsSecretArn", + "FieldMapping" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.PineconeFieldMapping": { + "additionalProperties": false, + "properties": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AcceptTermsAndConditions": { - "markdownDescription": "Whether you accept the [Terms and Conditions](https://docs.aws.amazon.com/https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf) for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to register to publish public extensions to the CloudFormation registry.\n\nThe default is `false` .", - "title": "AcceptTermsAndConditions", - "type": "boolean" - }, - "ConnectionArn": { - "markdownDescription": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.\n\nFor more information, see [Prerequisite: Registering your account to publish CloudFormation extensions](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .", - "title": "ConnectionArn", - "type": "string" - } + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationColumn": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the column that helps the query engine understand the contents of the column.", + "title": "Description", + "type": "string" + }, + "Inclusion": { + "markdownDescription": "Specifies whether to include or exclude the column during query generation. If you specify `EXCLUDE` , the column will be ignored. If you specify `INCLUDE` , all other columns in the table will be ignored.", + "title": "Inclusion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the column for which the other fields in this object apply.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationConfiguration": { + "additionalProperties": false, + "properties": { + "ExecutionTimeoutSeconds": { + "markdownDescription": "The time after which query generation will time out.", + "title": "ExecutionTimeoutSeconds", + "type": "number" + }, + "GenerationContext": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationContext", + "markdownDescription": "Specifies configurations for context to use during query generation.", + "title": "GenerationContext" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationContext": { + "additionalProperties": false, + "properties": { + "CuratedQueries": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.CuratedQuery" }, - "required": [ - "AcceptTermsAndConditions" - ], - "type": "object" + "markdownDescription": "An array of objects, each of which defines information about example queries to help the query engine generate appropriate SQL queries.", + "title": "CuratedQueries", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CloudFormation::Publisher" - ], + "Tables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationTable" + }, + "markdownDescription": "An array of objects, each of which defines information about a table in the database.", + "title": "Tables", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationTable": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationColumn" + }, + "markdownDescription": "An array of objects, each of which defines information about a column in the table.", + "title": "Columns", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the table that helps the query engine understand the contents of the table.", + "title": "Description", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Inclusion": { + "markdownDescription": "Specifies whether to include or exclude the table during query generation. If you specify `EXCLUDE` , the table will be ignored. If you specify `INCLUDE` , all other tables will be ignored.", + "title": "Inclusion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table for which the other fields in this object apply.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::CloudFormation::ResourceDefaultVersion": { + "AWS::Bedrock::KnowledgeBase.RdsConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database.", + "title": "CredentialsSecretArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "The name of your Amazon RDS database.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Metadata": { - "type": "object" + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the vector store.", + "title": "ResourceArn", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "TypeName": { - "markdownDescription": "The name of the resource.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeName", - "type": "string" - }, - "TypeVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource version.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeVersionArn", - "type": "string" - }, - "VersionId": { - "markdownDescription": "The ID of a specific version of the resource. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the resource version when it's registered.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } + "TableName": { + "markdownDescription": "The name of the table in the database.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "CredentialsSecretArn", + "DatabaseName", + "FieldMapping", + "ResourceArn", + "TableName" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RdsFieldMapping": { + "additionalProperties": false, + "properties": { + "CustomMetadataField": { + "markdownDescription": "Provide a name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.", + "title": "CustomMetadataField", + "type": "string" + }, + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", + "type": "string" + }, + "PrimaryKeyField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the ID for each entry.", + "title": "PrimaryKeyField", + "type": "string" + }, + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", + "type": "string" + }, + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "PrimaryKeyField", + "TextField", + "VectorField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftConfiguration": { + "additionalProperties": false, + "properties": { + "QueryEngineConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineConfiguration", + "markdownDescription": "Specifies configurations for an Amazon Redshift query engine.", + "title": "QueryEngineConfiguration" + }, + "QueryGenerationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationConfiguration", + "markdownDescription": "Specifies configurations for generating queries.", + "title": "QueryGenerationConfiguration" + }, + "StorageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineStorageConfiguration" }, - "type": "object" + "markdownDescription": "Specifies configurations for Amazon Redshift database storage.", + "title": "StorageConfigurations", + "type": "array" + } + }, + "required": [ + "QueryEngineConfiguration", + "StorageConfigurations" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftProvisionedAuthConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseUser": { + "markdownDescription": "The database username for authentication to an Amazon Redshift provisioned data warehouse.", + "title": "DatabaseUser", + "type": "string" }, "Type": { - "enum": [ - "AWS::CloudFormation::ResourceDefaultVersion" - ], + "markdownDescription": "The type of authentication to use.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UsernamePasswordSecretArn": { + "markdownDescription": "The ARN of an Secrets Manager secret for authentication.", + "title": "UsernamePasswordSecretArn", "type": "string" } }, @@ -35048,205 +39529,282 @@ ], "type": "object" }, - "AWS::CloudFormation::ResourceVersion": { + "AWS::Bedrock::KnowledgeBase.RedshiftProvisionedConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AuthConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftProvisionedAuthConfiguration", + "markdownDescription": "Specifies configurations for authentication to Amazon Redshift.", + "title": "AuthConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ClusterIdentifier": { + "markdownDescription": "The ID of the Amazon Redshift cluster.", + "title": "ClusterIdentifier", "type": "string" + } + }, + "required": [ + "AuthConfiguration", + "ClusterIdentifier" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineAwsDataCatalogStorageConfiguration": { + "additionalProperties": false, + "properties": { + "TableNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of names of the tables to use.", + "title": "TableNames", + "type": "array" + } + }, + "required": [ + "TableNames" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineConfiguration": { + "additionalProperties": false, + "properties": { + "ProvisionedConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftProvisionedConfiguration", + "markdownDescription": "Specifies configurations for a provisioned Amazon Redshift query engine.", + "title": "ProvisionedConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ServerlessConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftServerlessConfiguration", + "markdownDescription": "Specifies configurations for a serverless Amazon Redshift query engine.", + "title": "ServerlessConfiguration" }, - "Metadata": { - "type": "object" + "Type": { + "markdownDescription": "The type of query engine.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineRedshiftStorageConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of the Amazon Redshift database.", + "title": "DatabaseName", + "type": "string" + } + }, + "required": [ + "DatabaseName" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineStorageConfiguration": { + "additionalProperties": false, + "properties": { + "AwsDataCatalogConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineAwsDataCatalogStorageConfiguration", + "markdownDescription": "Specifies configurations for storage in AWS Glue Data Catalog.", + "title": "AwsDataCatalogConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.", - "title": "ExecutionRoleArn", - "type": "string" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::ResourceVersion.LoggingConfig", - "markdownDescription": "Logging configuration information for a resource.", - "title": "LoggingConfig" - }, - "SchemaHandlerPackage": { - "markdownDescription": "A URL to the S3 bucket for the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package, see [Modeling resource types to use with AWS CloudFormation](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the resource version, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "SchemaHandlerPackage", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The name of the resource being registered.\n\nWe recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* .\n\n> The following organization namespaces are reserved and can't be used in your resource names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `AWS`\n> - `Custom`\n> - `Dev`", - "title": "TypeName", - "type": "string" - } - }, - "required": [ - "SchemaHandlerPackage", - "TypeName" - ], - "type": "object" + "RedshiftConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineRedshiftStorageConfiguration", + "markdownDescription": "Specifies configurations for storage in Amazon Redshift.", + "title": "RedshiftConfiguration" }, "Type": { - "enum": [ - "AWS::CloudFormation::ResourceVersion" - ], + "markdownDescription": "The data storage service to use.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftServerlessAuthConfiguration": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of authentication to use.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UsernamePasswordSecretArn": { + "markdownDescription": "The ARN of an Secrets Manager secret for authentication.", + "title": "UsernamePasswordSecretArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFormation::ResourceVersion.LoggingConfig": { + "AWS::Bedrock::KnowledgeBase.RedshiftServerlessConfiguration": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch logs group to which CloudFormation sends error logging information when invoking the type's handlers.", - "title": "LogGroupName", - "type": "string" + "AuthConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftServerlessAuthConfiguration", + "markdownDescription": "Specifies configurations for authentication to an Amazon Redshift provisioned data warehouse.", + "title": "AuthConfiguration" }, - "LogRoleArn": { - "markdownDescription": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs.", - "title": "LogRoleArn", + "WorkgroupArn": { + "markdownDescription": "The ARN of the Amazon Redshift workgroup.", + "title": "WorkgroupArn", "type": "string" } }, + "required": [ + "AuthConfiguration", + "WorkgroupArn" + ], "type": "object" }, - "AWS::CloudFormation::Stack": { + "AWS::Bedrock::KnowledgeBase.S3Location": { "additionalProperties": false, "properties": { - "Condition": { + "URI": { + "markdownDescription": "An object URI starting with `s3://` .", + "title": "URI", "type": "string" + } + }, + "required": [ + "URI" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.SqlKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "RedshiftConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftConfiguration", + "markdownDescription": "Specifies configurations for a knowledge base connected to an Amazon Redshift database.", + "title": "RedshiftConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of SQL database to connect to the knowledge base.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.StorageConfiguration": { + "additionalProperties": false, + "properties": { + "MongoDbAtlasConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.MongoDbAtlasConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in MongoDB Atlas.", + "title": "MongoDbAtlasConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NeptuneAnalyticsConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsConfiguration", + "markdownDescription": "Contains details about the Neptune Analytics configuration of the knowledge base in Amazon Neptune. For more information, see [Create a vector index in Amazon Neptune Analytics.](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-neptune.html) .", + "title": "NeptuneAnalyticsConfiguration" }, - "Metadata": { - "type": "object" + "OpensearchManagedClusterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base in OpenSearch Managed Cluster. For more information, see [Create a vector index in Amazon OpenSearch Service](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-osm.html) .", + "title": "OpensearchManagedClusterConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "NotificationARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).", - "title": "NotificationARNs", - "type": "array" - }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n> If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nRequired if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.", - "title": "Tags", - "type": "array" - }, - "TemplateURL": { - "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with `https://` .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", - "title": "TemplateURL", - "type": "string" - }, - "TimeoutInMinutes": { - "markdownDescription": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported.", - "title": "TimeoutInMinutes", - "type": "number" - } - }, - "required": [ - "TemplateURL" - ], - "type": "object" + "OpensearchServerlessConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.", + "title": "OpensearchServerlessConfiguration" + }, + "PineconeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in Pinecone.", + "title": "PineconeConfiguration" + }, + "RdsConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) .", + "title": "RdsConfiguration" }, "Type": { - "enum": [ - "AWS::CloudFormation::Stack" - ], + "markdownDescription": "The vector store service in which the knowledge base is stored.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.SupplementalDataStorageConfiguration": { + "additionalProperties": false, + "properties": { + "SupplementalDataStorageLocations": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SupplementalDataStorageLocation" + }, + "markdownDescription": "", + "title": "SupplementalDataStorageLocations", + "type": "array" + } + }, + "required": [ + "SupplementalDataStorageLocations" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.SupplementalDataStorageLocation": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.S3Location", + "markdownDescription": "Contains information about the Amazon S3 location for the extracted images.", + "title": "S3Location" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SupplementalDataStorageLocationType": { + "markdownDescription": "", + "title": "SupplementalDataStorageLocationType", "type": "string" } }, "required": [ - "Type", - "Properties" + "SupplementalDataStorageLocationType" ], "type": "object" }, - "AWS::CloudFormation::StackSet": { + "AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "EmbeddingModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", + "title": "EmbeddingModelArn", + "type": "string" + }, + "EmbeddingModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.EmbeddingModelConfiguration", + "markdownDescription": "The embeddings model configuration details for the vector model used in Knowledge Base.", + "title": "EmbeddingModelConfiguration" + }, + "SupplementalDataStorageConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SupplementalDataStorageConfiguration", + "markdownDescription": "If you include multimodal data from your data source, use this object to specify configurations for the storage location of the images extracted from your documents. These images can be retrieved and returned to the end user. They can also be used in generation when using [RetrieveAndGenerate](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_RetrieveAndGenerate.html) .", + "title": "SupplementalDataStorageConfiguration" + } + }, + "required": [ + "EmbeddingModelArn" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt": { "additionalProperties": false, "properties": { "Condition": { @@ -35281,103 +39839,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AdministrationRoleARN": { - "markdownDescription": "The Amazon Resource Number (ARN) of the IAM role to use to create this StackSet. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n\nValid only if the permissions model is `SELF_MANAGED` .", - "title": "AdministrationRoleARN", + "CustomerEncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that the prompt is encrypted with.", + "title": "CustomerEncryptionKeyArn", "type": "string" }, - "AutoDeployment": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.AutoDeployment", - "markdownDescription": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU). For more information, see [Enable or disable automatic deployments for StackSets in AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-manage-auto-deployment.html) in the *AWS CloudFormation User Guide* .\n\nRequired if the permissions model is `SERVICE_MANAGED` . (Not used with self-managed permissions.)", - "title": "AutoDeployment" - }, - "CallAs": { - "markdownDescription": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for StackSets with self-managed permissions.\n\n- To create a StackSet with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a StackSet with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStackSets with service-managed permissions are created in the management account, including StackSets that are created by delegated administrators.\n\nValid only if the permissions model is `SERVICE_MANAGED` .", - "title": "CallAs", + "DefaultVariant": { + "markdownDescription": "The name of the default variant for the prompt. This value must match the `name` field in the relevant [PromptVariant](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_PromptVariant.html) object.", + "title": "DefaultVariant", "type": "string" }, - "Capabilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The capabilities that are allowed in the StackSet. Some StackSet templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new IAM users. For more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .", - "title": "Capabilities", - "type": "array" - }, "Description": { - "markdownDescription": "A description of the StackSet.", + "markdownDescription": "The description of the prompt.", "title": "Description", "type": "string" }, - "ExecutionRoleName": { - "markdownDescription": "The name of the IAM execution role to use to create the StackSet. If you don't specify an execution role, CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the StackSet operation.\n\nValid only if the permissions model is `SELF_MANAGED` .\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", - "title": "ExecutionRoleName", - "type": "string" - }, - "ManagedExecution": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.ManagedExecution", - "markdownDescription": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", - "title": "ManagedExecution" - }, - "OperationPreferences": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.OperationPreferences", - "markdownDescription": "The user-specified preferences for how CloudFormation performs a StackSet operation.", - "title": "OperationPreferences" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" - }, - "markdownDescription": "The input parameters for the StackSet template.", - "title": "Parameters", - "type": "array" - }, - "PermissionModel": { - "markdownDescription": "Describes how the IAM roles required for StackSet operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see [Activate trusted access for StackSets with AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html) in the *AWS CloudFormation User Guide* .", - "title": "PermissionModel", + "Name": { + "markdownDescription": "The name of the prompt.", + "title": "Name", "type": "string" }, - "StackInstancesGroup": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.StackInstances" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A group of stack instances with parameters in some specific accounts and Regions.", - "title": "StackInstancesGroup", - "type": "array" - }, - "StackSetName": { - "markdownDescription": "The name to associate with the StackSet. The name must be unique in the Region where you create your StackSet.", - "title": "StackSetName", - "type": "string" + "title": "Tags", + "type": "object" }, - "Tags": { + "Variants": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptVariant" }, - "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.\n\nIf you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.", - "title": "Tags", + "markdownDescription": "A list of objects, each containing details about a variant of the prompt.", + "title": "Variants", "type": "array" - }, - "TemplateBody": { - "markdownDescription": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates that contain dynamic references through `TemplateUrl` instead.", - "title": "TemplateBody", - "type": "string" - }, - "TemplateURL": { - "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with `https://` .\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` .", - "title": "TemplateURL", - "type": "string" } }, "required": [ - "PermissionModel", - "StackSetName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::StackSet" + "AWS::Bedrock::Prompt" ], "type": "string" }, @@ -35396,413 +39905,452 @@ ], "type": "object" }, - "AWS::CloudFormation::StackSet.AutoDeployment": { + "AWS::Bedrock::Prompt.CachePointBlock": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "If set to `true` , StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.", - "title": "Enabled", - "type": "boolean" - }, - "RetainStacksOnAccountRemoval": { - "markdownDescription": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` .", - "title": "RetainStacksOnAccountRemoval", - "type": "boolean" + "Type": { + "markdownDescription": "Specifies the type of cache point within the CachePointBlock.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.DeploymentTargets": { + "AWS::Bedrock::Prompt.ChatPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "AccountFilterType": { - "markdownDescription": "Limit deployment targets to individual accounts or include additional accounts with provided OUs.\n\nThe following is a list of possible values for the `AccountFilterType` operation.\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` parameter.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` parameter.\n- `UNION` StackSet deploys to the OU, and the accounts specified in the `Accounts` parameter. `UNION` is not supported for create operations when using StackSet as a resource.", - "title": "AccountFilterType", - "type": "string" - }, - "Accounts": { + "InputVariables": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInputVariable" }, - "markdownDescription": "The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the `AccountsUrl` property instead.\n\n*Pattern* : `^[0-9]{12}$`", - "title": "Accounts", + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", "type": "array" }, - "AccountsUrl": { - "markdownDescription": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).", - "title": "AccountsUrl", - "type": "string" + "Messages": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.Message" + }, + "markdownDescription": "Contains messages in the chat for the prompt.", + "title": "Messages", + "type": "array" }, - "OrganizationalUnitIds": { + "System": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Prompt.SystemContentBlock" }, - "markdownDescription": "The organization root ID or organizational unit (OU) IDs.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`", - "title": "OrganizationalUnitIds", + "markdownDescription": "Contains system prompts to provide context to the model or to describe how it should behave.", + "title": "System", "type": "array" + }, + "ToolConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolConfiguration", + "markdownDescription": "Configuration information for the tools that the model can use when generating a response.", + "title": "ToolConfiguration" } }, + "required": [ + "Messages" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.ManagedExecution": { + "AWS::Bedrock::Prompt.ContentBlock": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "When `true` , StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen `false` (default), StackSets performs one operation at a time in request order.", - "title": "Active", - "type": "boolean" + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the message.", + "title": "CachePoint" + }, + "Text": { + "markdownDescription": "Text to include in the message.", + "title": "Text", + "type": "string" } }, "type": "object" }, - "AWS::CloudFormation::StackSet.OperationPreferences": { + "AWS::Bedrock::Prompt.Message": { "additionalProperties": false, "properties": { - "FailureToleranceCount": { - "markdownDescription": "The number of accounts per Region this operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", - "title": "FailureToleranceCount", - "type": "number" - }, - "FailureTolerancePercentage": { - "markdownDescription": "The percentage of accounts per Region this stack operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", - "title": "FailureTolerancePercentage", - "type": "number" - }, - "MaxConcurrentCount": { - "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", - "title": "MaxConcurrentCount", - "type": "number" - }, - "MaxConcurrentPercentage": { - "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", - "title": "MaxConcurrentPercentage", - "type": "number" - }, - "RegionConcurrencyType": { - "markdownDescription": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.", - "title": "RegionConcurrencyType", - "type": "string" - }, - "RegionOrder": { + "Content": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Prompt.ContentBlock" }, - "markdownDescription": "The order of the Regions where you want to perform the stack operation.", - "title": "RegionOrder", + "markdownDescription": "The message content. Note the following restrictions:\n\n- You can include up to 20 images. Each image's size, height, and width must be no more than 3.75 MB, 8000 px, and 8000 px, respectively.\n- You can include up to five documents. Each document's size must be no more than 4.5 MB.\n- If you include a `ContentBlock` with a `document` field in the array, you must also include a `ContentBlock` with a `text` field.\n- You can only include images and documents if the `role` is `user` .", + "title": "Content", "type": "array" + }, + "Role": { + "markdownDescription": "The role that the message plays in the message.", + "title": "Role", + "type": "string" } }, + "required": [ + "Content", + "Role" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.Parameter": { + "AWS::Bedrock::Prompt.PromptAgentResource": { "additionalProperties": false, "properties": { - "ParameterKey": { - "markdownDescription": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.", - "title": "ParameterKey", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "The input value associated with the parameter.", - "title": "ParameterValue", + "AgentIdentifier": { + "markdownDescription": "The ARN of the agent with which to use the prompt.", + "title": "AgentIdentifier", "type": "string" } }, "required": [ - "ParameterKey", - "ParameterValue" + "AgentIdentifier" ], "type": "object" }, - "AWS::CloudFormation::StackSet.StackInstances": { + "AWS::Bedrock::Prompt.PromptGenAiResource": { "additionalProperties": false, "properties": { - "DeploymentTargets": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.DeploymentTargets", - "markdownDescription": "The AWS `OrganizationalUnitIds` or `Accounts` for which to create stack instances in the specified Regions.", - "title": "DeploymentTargets" - }, - "ParameterOverrides": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" - }, - "markdownDescription": "A list of StackSet parameters whose values you want to override in the selected stack instances.", - "title": "ParameterOverrides", - "type": "array" - }, - "Regions": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts .", - "title": "Regions", - "type": "array" + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptAgentResource", + "markdownDescription": "Specifies an Amazon Bedrock agent with which to use the prompt.", + "title": "Agent" } }, "required": [ - "DeploymentTargets", - "Regions" + "Agent" ], "type": "object" }, - "AWS::CloudFormation::TypeActivation": { + "AWS::Bedrock::Prompt.PromptInferenceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptInputVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptMetadataEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a metadata tag for a prompt variant.", + "title": "Key", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Value": { + "markdownDescription": "The value of a metadata tag for a prompt variant.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" }, - "Metadata": { + "StopSequences": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" + }, + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" + }, + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Chat": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ChatPromptTemplateConfiguration", + "markdownDescription": "Contains configurations to use the prompt in a conversational format.", + "title": "Chat" + }, + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptVariant": { + "additionalProperties": false, + "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoUpdate": { - "markdownDescription": "Whether to automatically update the extension in this account and Region when a new *minor* version is published by the extension publisher. Major versions released by the publisher must be manually updated.\n\nThe default is `true` .", - "title": "AutoUpdate", - "type": "boolean" - }, - "ExecutionRoleArn": { - "markdownDescription": "The name of the IAM execution role to use to activate the extension.", - "title": "ExecutionRoleArn", - "type": "string" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::TypeActivation.LoggingConfig", - "markdownDescription": "Specifies logging configuration information for an extension.", - "title": "LoggingConfig" - }, - "MajorVersion": { - "markdownDescription": "The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available *minor* version of the major version selected.\n\nYou can specify `MajorVersion` or `VersionBump` , but not both.", - "title": "MajorVersion", - "type": "string" - }, - "PublicTypeArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the public extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "PublicTypeArn", - "type": "string" - }, - "PublisherId": { - "markdownDescription": "The ID of the extension publisher.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "PublisherId", - "type": "string" - }, - "Type": { - "markdownDescription": "The extension type.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "Type", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The name of the extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "TypeName", - "type": "string" - }, - "TypeNameAlias": { - "markdownDescription": "An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.\n\nAn extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.", - "title": "TypeNameAlias", - "type": "string" - }, - "VersionBump": { - "markdownDescription": "Manually updates a previously-activated type to a new major or minor version, if available. You can also use this parameter to update the value of `AutoUpdate` .\n\n- `MAJOR` : CloudFormation updates the extension to the newest major version, if one is available.\n- `MINOR` : CloudFormation updates the extension to the newest minor version, if one is available.", - "title": "VersionBump", - "type": "string" - } + "GenAiResource": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptGenAiResource", + "markdownDescription": "Specifies a generative AI resource with which to use the prompt.", + "title": "GenAiResource" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt variant.", + "title": "InferenceConfiguration" + }, + "Metadata": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptMetadataEntry" }, - "type": "object" + "markdownDescription": "An array of objects, each containing a key-value pair that defines a metadata tag and value to attach to a prompt variant.", + "title": "Metadata", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CloudFormation::TypeActivation" - ], + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) with which to run inference on the prompt.", + "title": "ModelId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the prompt variant.", + "title": "Name", + "type": "string" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the prompt template.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of prompt template to use.", + "title": "TemplateType", "type": "string" } }, "required": [ - "Type" + "Name", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::CloudFormation::TypeActivation.LoggingConfig": { + "AWS::Bedrock::Prompt.SpecificToolChoice": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", - "title": "LogGroupName", + "Name": { + "markdownDescription": "The name of the tool that the model must request.", + "title": "Name", "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.SystemContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the system prompt.", + "title": "CachePoint" }, - "LogRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", - "title": "LogRoleArn", + "Text": { + "markdownDescription": "A system prompt for the model.", + "title": "Text", "type": "string" } }, "type": "object" }, - "AWS::CloudFormation::WaitCondition": { + "AWS::Bedrock::Prompt.TextPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "A cache checkpoint within a template configuration.", + "title": "CachePoint" }, - "CreationPolicy": { - "type": "object" + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back.\n\nUpdates aren't supported.", - "title": "Count", - "type": "number" - }, - "Handle": { - "markdownDescription": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [AWS::CloudFormation::WaitConditionHandle](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-cloudformation-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", - "title": "Handle", - "type": "string" - }, - "Timeout": { - "markdownDescription": "The length of time (in seconds) to wait for the number of signals that the `Count` property specifies. `Timeout` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).\n\nUpdates aren't supported.", - "title": "Timeout", - "type": "string" - } - }, - "type": "object" + "TextS3Location": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.TextS3Location", + "markdownDescription": "The Amazon S3 location of the prompt text.", + "title": "TextS3Location" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.TextS3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket containing the prompt text.", + "title": "Bucket", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::WaitCondition" - ], + "Key": { + "markdownDescription": "The object key for the Amazon S3 location.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Version": { + "markdownDescription": "The version of the Amazon S3 location to use.", + "title": "Version", "type": "string" } }, "required": [ - "Type" + "Bucket", + "Key" ], "type": "object" }, - "AWS::CloudFormation::WaitConditionHandle": { + "AWS::Bedrock::Prompt.Tool": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the tool configuration.", + "title": "CachePoint" }, - "Metadata": { + "ToolSpec": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolSpecification", + "markdownDescription": "The specfication for the tool.", + "title": "ToolSpec" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolChoice": { + "additionalProperties": false, + "properties": { + "Any": { + "markdownDescription": "The model must request at least one tool (no text is generated).", + "title": "Any", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": {}, + "Auto": { + "markdownDescription": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", + "title": "Auto", "type": "object" }, - "Type": { - "enum": [ - "AWS::CloudFormation::WaitConditionHandle" - ], + "Tool": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.SpecificToolChoice", + "markdownDescription": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models.", + "title": "Tool" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolConfiguration": { + "additionalProperties": false, + "properties": { + "ToolChoice": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolChoice", + "markdownDescription": "If supported by model, forces the model to request a tool.", + "title": "ToolChoice" + }, + "Tools": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.Tool" + }, + "markdownDescription": "An array of tools that you want to pass to a model.", + "title": "Tools", + "type": "array" + } + }, + "required": [ + "Tools" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolInputSchema": { + "additionalProperties": false, + "properties": { + "Json": { + "markdownDescription": "The JSON schema for the tool. For more information, see [JSON Schema Reference](https://docs.aws.amazon.com/https://json-schema.org/understanding-json-schema/reference) .", + "title": "Json", + "type": "object" + } + }, + "required": [ + "Json" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolSpecification": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description for the tool.", + "title": "Description", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputSchema": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolInputSchema", + "markdownDescription": "The input schema for the tool in JSON format.", + "title": "InputSchema" + }, + "Name": { + "markdownDescription": "The name for the tool.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "InputSchema", + "Name" ], "type": "object" }, - "AWS::CloudFront::CachePolicy": { + "AWS::Bedrock::PromptVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -35837,20 +40385,36 @@ "Properties": { "additionalProperties": false, "properties": { - "CachePolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CachePolicyConfig", - "markdownDescription": "The cache policy configuration.", - "title": "CachePolicyConfig" + "Description": { + "markdownDescription": "The description of the prompt version.", + "title": "Description", + "type": "string" + }, + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the version of the prompt.", + "title": "PromptArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map of tags attached to the prompt version and their values.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "CachePolicyConfig" + "PromptArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::CachePolicy" + "AWS::Bedrock::PromptVersion" ], "type": "string" }, @@ -35869,153 +40433,425 @@ ], "type": "object" }, - "AWS::CloudFront::CachePolicy.CachePolicyConfig": { + "AWS::Bedrock::PromptVersion.CachePointBlock": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the cache policy. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Type": { + "markdownDescription": "Specifies the type of cache point within the CachePointBlock.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ChatPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" }, - "DefaultTTL": { - "markdownDescription": "The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 86400 seconds (one day). If the value of `MinTTL` is more than 86400 seconds, then the default value for this field is the same as the value of `MinTTL` .", - "title": "DefaultTTL", - "type": "number" + "Messages": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.Message" + }, + "markdownDescription": "Contains messages in the chat for the prompt.", + "title": "Messages", + "type": "array" }, - "MaxTTL": { - "markdownDescription": "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 31536000 seconds (one year). If the value of `MinTTL` or `DefaultTTL` is more than 31536000 seconds, then the default value for this field is the same as the value of `DefaultTTL` .", - "title": "MaxTTL", - "type": "number" + "System": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.SystemContentBlock" + }, + "markdownDescription": "Contains system prompts to provide context to the model or to describe how it should behave.", + "title": "System", + "type": "array" }, - "MinTTL": { - "markdownDescription": "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MinTTL", - "type": "number" + "ToolConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolConfiguration", + "markdownDescription": "Configuration information for the tools that the model can use when generating a response.", + "title": "ToolConfiguration" + } + }, + "required": [ + "Messages" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the message.", + "title": "CachePoint" + }, + "Text": { + "markdownDescription": "Text to include in the message.", + "title": "Text", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.Message": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ContentBlock" + }, + "markdownDescription": "The message content. Note the following restrictions:\n\n- You can include up to 20 images. Each image's size, height, and width must be no more than 3.75 MB, 8000 px, and 8000 px, respectively.\n- You can include up to five documents. Each document's size must be no more than 4.5 MB.\n- If you include a `ContentBlock` with a `document` field in the array, you must also include a `ContentBlock` with a `text` field.\n- You can only include images and documents if the `role` is `user` .", + "title": "Content", + "type": "array" }, + "Role": { + "markdownDescription": "The role that the message plays in the message.", + "title": "Role", + "type": "string" + } + }, + "required": [ + "Content", + "Role" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptAgentResource": { + "additionalProperties": false, + "properties": { + "AgentIdentifier": { + "markdownDescription": "The ARN of the agent with which to use the prompt.", + "title": "AgentIdentifier", + "type": "string" + } + }, + "required": [ + "AgentIdentifier" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptGenAiResource": { + "additionalProperties": false, + "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptAgentResource", + "markdownDescription": "Specifies an Amazon Bedrock agent with which to use the prompt.", + "title": "Agent" + } + }, + "required": [ + "Agent" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptInputVariable": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "A unique name to identify the cache policy.", + "markdownDescription": "The name of the variable.", "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptMetadataEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a metadata tag for a prompt variant.", + "title": "Key", + "type": "string" }, - "ParametersInCacheKeyAndForwardedToOrigin": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin", - "markdownDescription": "The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.", - "title": "ParametersInCacheKeyAndForwardedToOrigin" + "Value": { + "markdownDescription": "The value of a metadata tag for a prompt variant.", + "title": "Value", + "type": "string" } }, "required": [ - "DefaultTTL", - "MaxTTL", - "MinTTL", - "Name", - "ParametersInCacheKeyAndForwardedToOrigin" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.CookiesConfig": { + "AWS::Bedrock::PromptVersion.PromptModelInferenceConfiguration": { "additionalProperties": false, "properties": { - "CookieBehavior": { - "markdownDescription": "Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** for those that are listed in the `CookieNames` type, which are not included.\n- `all` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "CookieBehavior", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" }, - "Cookies": { + "StopSequences": { "items": { "type": "string" }, - "markdownDescription": "Contains a list of cookie names.", - "title": "Cookies", + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" + }, + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" + }, + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Chat": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ChatPromptTemplateConfiguration", + "markdownDescription": "Contains configurations to use the prompt in a conversational format.", + "title": "Chat" + }, + "Text": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptVariant": { + "additionalProperties": false, + "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", + "type": "object" + }, + "GenAiResource": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptGenAiResource", + "markdownDescription": "Specifies a generative AI resource with which to use the prompt.", + "title": "GenAiResource" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt variant.", + "title": "InferenceConfiguration" + }, + "Metadata": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptMetadataEntry" + }, + "markdownDescription": "An array of objects, each containing a key-value pair that defines a metadata tag and value to attach to a prompt variant.", + "title": "Metadata", "type": "array" + }, + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) with which to run inference on the prompt.", + "title": "ModelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the prompt variant.", + "title": "Name", + "type": "string" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the prompt template.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of prompt template to use.", + "title": "TemplateType", + "type": "string" } }, "required": [ - "CookieBehavior" + "Name", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.HeadersConfig": { + "AWS::Bedrock::PromptVersion.SpecificToolChoice": { "additionalProperties": false, "properties": { - "HeaderBehavior": { - "markdownDescription": "Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "HeaderBehavior", + "Name": { + "markdownDescription": "The name of the tool that the model must request.", + "title": "Name", "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.SystemContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the system prompt.", + "title": "CachePoint" }, - "Headers": { + "Text": { + "markdownDescription": "A system prompt for the model.", + "title": "Text", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.TextPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "A cache checkpoint within a template configuration.", + "title": "CachePoint" + }, + "InputVariables": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInputVariable" }, - "markdownDescription": "Contains a list of HTTP header names.", - "title": "Headers", + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", "type": "array" + }, + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" } }, "required": [ - "HeaderBehavior" + "Text" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin": { + "AWS::Bedrock::PromptVersion.Tool": { "additionalProperties": false, "properties": { - "CookiesConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CookiesConfig", - "markdownDescription": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "CookiesConfig" + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the tool configuration.", + "title": "CachePoint" }, - "EnableAcceptEncodingBrotli": { - "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingGzip` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", - "title": "EnableAcceptEncodingBrotli", - "type": "boolean" + "ToolSpec": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolSpecification", + "markdownDescription": "The specfication for the tool.", + "title": "ToolSpec" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolChoice": { + "additionalProperties": false, + "properties": { + "Any": { + "markdownDescription": "The model must request at least one tool (no text is generated).", + "title": "Any", + "type": "object" }, - "EnableAcceptEncodingGzip": { - "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingBrotli` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", - "title": "EnableAcceptEncodingGzip", - "type": "boolean" + "Auto": { + "markdownDescription": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", + "title": "Auto", + "type": "object" }, - "HeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.HeadersConfig", - "markdownDescription": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "HeadersConfig" + "Tool": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.SpecificToolChoice", + "markdownDescription": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models.", + "title": "Tool" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolConfiguration": { + "additionalProperties": false, + "properties": { + "ToolChoice": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolChoice", + "markdownDescription": "If supported by model, forces the model to request a tool.", + "title": "ToolChoice" }, - "QueryStringsConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.QueryStringsConfig", - "markdownDescription": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "QueryStringsConfig" + "Tools": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.Tool" + }, + "markdownDescription": "An array of tools that you want to pass to a model.", + "title": "Tools", + "type": "array" } }, "required": [ - "CookiesConfig", - "EnableAcceptEncodingGzip", - "HeadersConfig", - "QueryStringsConfig" + "Tools" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.QueryStringsConfig": { + "AWS::Bedrock::PromptVersion.ToolInputSchema": { "additionalProperties": false, "properties": { - "QueryStringBehavior": { - "markdownDescription": "Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** those that are listed in the `QueryStringNames` type, which are not included.\n- `all` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "QueryStringBehavior", + "Json": { + "markdownDescription": "The JSON schema for the tool. For more information, see [JSON Schema Reference](https://docs.aws.amazon.com/https://json-schema.org/understanding-json-schema/reference) .", + "title": "Json", + "type": "object" + } + }, + "required": [ + "Json" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolSpecification": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description for the tool.", + "title": "Description", "type": "string" }, - "QueryStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of query string names.", - "title": "QueryStrings", - "type": "array" + "InputSchema": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolInputSchema", + "markdownDescription": "The input schema for the tool in JSON format.", + "title": "InputSchema" + }, + "Name": { + "markdownDescription": "The name for the tool.", + "title": "Name", + "type": "string" } }, "required": [ - "QueryStringBehavior" + "InputSchema", + "Name" ], "type": "object" }, - "AWS::CloudFront::CloudFrontOriginAccessIdentity": { + "AWS::Billing::BillingView": { "additionalProperties": false, "properties": { "Condition": { @@ -36050,20 +40886,47 @@ "Properties": { "additionalProperties": false, "properties": { - "CloudFrontOriginAccessIdentityConfig": { - "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig", - "markdownDescription": "The current configuration information for the identity.", - "title": "CloudFrontOriginAccessIdentityConfig" + "DataFilterExpression": { + "$ref": "#/definitions/AWS::Billing::BillingView.DataFilterExpression", + "markdownDescription": "See [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_billing_Expression.html) . Billing view only supports `LINKED_ACCOUNT` and `Tags` .", + "title": "DataFilterExpression" + }, + "Description": { + "markdownDescription": "The description of the billing view.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the billing view.", + "title": "Name", + "type": "string" + }, + "SourceViews": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of billing views used as the data source for the custom billing view.", + "title": "SourceViews", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key value map specifying tags associated to the billing view being created.", + "title": "Tags", + "type": "array" } }, "required": [ - "CloudFrontOriginAccessIdentityConfig" + "Name", + "SourceViews" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::CloudFrontOriginAccessIdentity" + "AWS::Billing::BillingView" ], "type": "string" }, @@ -36082,21 +40945,61 @@ ], "type": "object" }, - "AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig": { + "AWS::Billing::BillingView.DataFilterExpression": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the origin access identity. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Dimensions": { + "$ref": "#/definitions/AWS::Billing::BillingView.Dimensions", + "markdownDescription": "The specific `Dimension` to use for `Expression` .", + "title": "Dimensions" + }, + "Tags": { + "$ref": "#/definitions/AWS::Billing::BillingView.Tags", + "markdownDescription": "The specific `Tag` to use for `Expression` .", + "title": "Tags" + } + }, + "type": "object" + }, + "AWS::Billing::BillingView.Dimensions": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The metadata that you can use to filter and group your results.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Billing::BillingView.Tags": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A list of tag key value pairs that are associated with the resource.", + "title": "Key", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The metadata values that you can use to filter and group your results.", + "title": "Values", + "type": "array" } }, - "required": [ - "Comment" - ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy": { + "AWS::BillingConductor::BillingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -36131,20 +41034,51 @@ "Properties": { "additionalProperties": false, "properties": { - "ContinuousDeploymentPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig", - "markdownDescription": "Contains the configuration for a continuous deployment policy.", - "title": "ContinuousDeploymentPolicyConfig" + "AccountGrouping": { + "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.AccountGrouping", + "markdownDescription": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", + "title": "AccountGrouping" + }, + "ComputationPreference": { + "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.ComputationPreference", + "markdownDescription": "The preferences and settings that will be used to compute the AWS charges for a billing group.", + "title": "ComputationPreference" + }, + "Description": { + "markdownDescription": "The description of the billing group.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The billing group's name.", + "title": "Name", + "type": "string" + }, + "PrimaryAccountId": { + "markdownDescription": "The account ID that serves as the main account in a billing group.", + "title": "PrimaryAccountId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a billing group.", + "title": "Tags", + "type": "array" } }, "required": [ - "ContinuousDeploymentPolicyConfig" + "AccountGrouping", + "ComputationPreference", + "Name", + "PrimaryAccountId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::ContinuousDeploymentPolicy" + "AWS::BillingConductor::BillingGroup" ], "type": "string" }, @@ -36163,172 +41097,43 @@ ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig": { + "AWS::BillingConductor::BillingGroup.AccountGrouping": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is `true` , this policy is enabled and in effect. When this value is `false` , this policy is not enabled and has no effect.", - "title": "Enabled", + "AutoAssociate": { + "markdownDescription": "Specifies if this billing group will automatically associate newly added AWS accounts that join your consolidated billing family.", + "title": "AutoAssociate", "type": "boolean" }, - "SingleHeaderPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig", - "markdownDescription": "This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.", - "title": "SingleHeaderPolicyConfig" - }, - "SingleWeightPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig", - "markdownDescription": "This configuration determines the percentage of HTTP requests that are sent to the staging distribution.", - "title": "SingleWeightPolicyConfig" - }, - "StagingDistributionDnsNames": { + "LinkedAccountIds": { "items": { "type": "string" }, - "markdownDescription": "The CloudFront domain name of the staging distribution. For example: `d111111abcdef8.cloudfront.net` .", - "title": "StagingDistributionDnsNames", + "markdownDescription": "The account IDs that make up the billing group. Account IDs must be a part of the consolidated billing family, and not associated with another billing group.", + "title": "LinkedAccountIds", "type": "array" - }, - "TrafficConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig", - "markdownDescription": "Contains the parameters for routing production traffic from your primary to staging distributions.", - "title": "TrafficConfig" - }, - "Type": { - "markdownDescription": "The type of traffic configuration.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Enabled", - "StagingDistributionDnsNames" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig": { - "additionalProperties": false, - "properties": { - "IdleTTL": { - "markdownDescription": "The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", - "title": "IdleTTL", - "type": "number" - }, - "MaximumTTL": { - "markdownDescription": "The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", - "title": "MaximumTTL", - "type": "number" - } - }, - "required": [ - "IdleTTL", - "MaximumTTL" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix `aws-cf-cd-` .", - "title": "Header", - "type": "string" - }, - "Value": { - "markdownDescription": "The request header value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The name of the HTTP header that CloudFront uses to configure for the single header policy.", - "title": "Header", - "type": "string" - }, - "Value": { - "markdownDescription": "Specifies the value to assign to the header for a single header policy.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig": { - "additionalProperties": false, - "properties": { - "SessionStickinessConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", - "markdownDescription": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.", - "title": "SessionStickinessConfig" - }, - "Weight": { - "markdownDescription": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution.", - "title": "Weight", - "type": "number" - } - }, - "required": [ - "Weight" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig": { - "additionalProperties": false, - "properties": { - "SessionStickinessConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", - "markdownDescription": "Enable session stickiness for the associated origin or cache settings.", - "title": "SessionStickinessConfig" - }, - "Weight": { - "markdownDescription": "The percentage of requests that CloudFront will use to send to an associated origin or cache settings.", - "title": "Weight", - "type": "number" } }, "required": [ - "Weight" + "LinkedAccountIds" ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig": { + "AWS::BillingConductor::BillingGroup.ComputationPreference": { "additionalProperties": false, "properties": { - "SingleHeaderConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig", - "markdownDescription": "Determines which HTTP requests are sent to the staging distribution.", - "title": "SingleHeaderConfig" - }, - "SingleWeightConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig", - "markdownDescription": "Contains the percentage of traffic to send to the staging distribution.", - "title": "SingleWeightConfig" - }, - "Type": { - "markdownDescription": "The type of traffic configuration.", - "title": "Type", + "PricingPlanArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the pricing plan used to compute the AWS charges for a billing group.", + "title": "PricingPlanArn", "type": "string" } }, "required": [ - "Type" + "PricingPlanArn" ], "type": "object" }, - "AWS::CloudFront::Distribution": { + "AWS::BillingConductor::CustomLineItem": { "additionalProperties": false, "properties": { "Condition": { @@ -36363,28 +41168,54 @@ "Properties": { "additionalProperties": false, "properties": { - "DistributionConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.DistributionConfig", - "markdownDescription": "The distribution's configuration.", - "title": "DistributionConfig" + "AccountId": { + "markdownDescription": "The AWS account in which this custom line item will be applied to.", + "title": "AccountId", + "type": "string" + }, + "BillingGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that references the billing group where the custom line item applies to.", + "title": "BillingGroupArn", + "type": "string" + }, + "BillingPeriodRange": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.BillingPeriodRange", + "markdownDescription": "A time range for which the custom line item is effective.", + "title": "BillingPeriodRange" + }, + "CustomLineItemChargeDetails": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails", + "markdownDescription": "The charge details of a custom line item. It should contain only one of `Flat` or `Percentage` .", + "title": "CustomLineItemChargeDetails" + }, + "Description": { + "markdownDescription": "The custom line item's description. This is shown on the Bills page in association with the charge value.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The custom line item's name.", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "markdownDescription": "A map that contains tag keys and tag values that are attached to a custom line item.", "title": "Tags", "type": "array" } }, "required": [ - "DistributionConfig" + "BillingGroupArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::Distribution" + "AWS::BillingConductor::CustomLineItem" ], "type": "string" }, @@ -36403,935 +41234,1142 @@ ], "type": "object" }, - "AWS::CloudFront::Distribution.CacheBehavior": { + "AWS::BillingConductor::CustomLineItem.BillingPeriodRange": { "additionalProperties": false, "properties": { - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", - "title": "AllowedMethods", - "type": "array" + "ExclusiveEndBillingPeriod": { + "markdownDescription": "The exclusive end billing period that defines a billing period range where a custom line is applied.", + "title": "ExclusiveEndBillingPeriod", + "type": "string" }, - "CachePolicyId": { - "markdownDescription": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", - "title": "CachePolicyId", + "InclusiveStartBillingPeriod": { + "markdownDescription": "The inclusive start billing period that defines a billing period range where a custom line is applied.", + "title": "InclusiveStartBillingPeriod", "type": "string" + } + }, + "type": "object" + }, + "AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails": { + "additionalProperties": false, + "properties": { + "Flat": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails", + "markdownDescription": "A `CustomLineItemFlatChargeDetails` that describes the charge details of a flat custom line item.", + "title": "Flat" }, - "CachedMethods": { + "LineItemFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.LineItemFilter" }, - "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", - "title": "CachedMethods", + "markdownDescription": "A representation of the line item filter.", + "title": "LineItemFilters", "type": "array" }, - "Compress": { - "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Compress", - "type": "boolean" - }, - "DefaultTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultTTL", - "type": "number" + "Percentage": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails", + "markdownDescription": "A `CustomLineItemPercentageChargeDetails` that describes the charge details of a percentage custom line item.", + "title": "Percentage" }, - "FieldLevelEncryptionId": { - "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.", - "title": "FieldLevelEncryptionId", + "Type": { + "markdownDescription": "The type of the custom line item that indicates whether the charge is a fee or credit.", + "title": "Type", "type": "string" - }, - "ForwardedValues": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", - "title": "ForwardedValues" - }, - "FunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" - }, - "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the `LIVE` stage to associate them with a cache behavior.", - "title": "FunctionAssociations", - "type": "array" - }, - "LambdaFunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" - }, - "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", - "title": "LambdaFunctionAssociations", - "type": "array" - }, - "MaxTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MaxTTL", - "type": "number" - }, - "MinTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", - "title": "MinTTL", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails": { + "additionalProperties": false, + "properties": { + "ChargeValue": { + "markdownDescription": "The custom line item's fixed charge value in USD.", + "title": "ChargeValue", "type": "number" - }, - "OriginRequestPolicyId": { - "markdownDescription": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginRequestPolicyId", - "type": "string" - }, - "PathPattern": { - "markdownDescription": "The pattern (for example, `images/*.jpg` ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n\n> You can optionally include a slash ( `/` ) at the beginning of the path pattern. For example, `/images/*.jpg` . CloudFront behavior is the same with or without the leading `/` . \n\nThe path pattern for the default cache behavior is `*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n\nFor more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide* .", - "title": "PathPattern", - "type": "string" - }, - "RealtimeLogConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "RealtimeLogConfigArn", - "type": "string" - }, - "ResponseHeadersPolicyId": { - "markdownDescription": "The identifier for a response headers policy.", - "title": "ResponseHeadersPolicyId", - "type": "string" - }, - "SmoothStreaming": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", - "title": "SmoothStreaming", - "type": "boolean" - }, - "TargetOriginId": { - "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.", - "title": "TargetOriginId", - "type": "string" - }, - "TrustedKeyGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedKeyGroups", - "type": "array" - }, - "TrustedSigners": { + } + }, + "required": [ + "ChargeValue" + ], + "type": "object" + }, + "AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails": { + "additionalProperties": false, + "properties": { + "ChildAssociatedResources": { "items": { "type": "string" }, - "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners", + "markdownDescription": "A list of resource ARNs to associate to the percentage custom line item.", + "title": "ChildAssociatedResources", "type": "array" }, - "ViewerProtocolPolicy": { - "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ViewerProtocolPolicy", - "type": "string" + "PercentageValue": { + "markdownDescription": "The custom line item's percentage value. This will be multiplied against the combined value of its associated resources to determine its charge value.", + "title": "PercentageValue", + "type": "number" } }, "required": [ - "PathPattern", - "TargetOriginId", - "ViewerProtocolPolicy" + "PercentageValue" ], "type": "object" }, - "AWS::CloudFront::Distribution.Cookies": { + "AWS::BillingConductor::CustomLineItem.LineItemFilter": { "additionalProperties": false, "properties": { - "Forward": { - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nSpecifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the `WhitelistedNames` complex type.\n\nAmazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the `Forward` element.", - "title": "Forward", + "Attribute": { + "markdownDescription": "The attribute of the line item filter. This specifies what attribute that you can filter on.", + "title": "Attribute", "type": "string" }, - "WhitelistedNames": { + "MatchOption": { + "markdownDescription": "The match criteria of the line item filter. This parameter specifies whether not to include the resource value from the billing group total cost.", + "title": "MatchOption", + "type": "string" + }, + "Values": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nRequired if you specify `whitelist` for the value of `Forward` . A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.\n\nIf you specify `all` or `none` for the value of `Forward` , omit `WhitelistedNames` . If you change the value of `Forward` from `whitelist` to `all` or `none` and you don't delete the `WhitelistedNames` element and its child elements, CloudFront deletes them automatically.\n\nFor the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *AWS General Reference* .", - "title": "WhitelistedNames", + "markdownDescription": "The values of the line item filter. This specifies the values to filter on. Currently, you can only exclude Savings Plan discounts.", + "title": "Values", "type": "array" } }, "required": [ - "Forward" + "Attribute", + "MatchOption", + "Values" ], "type": "object" }, - "AWS::CloudFront::Distribution.CustomErrorResponse": { + "AWS::BillingConductor::PricingPlan": { "additionalProperties": false, "properties": { - "ErrorCachingMinTTL": { - "markdownDescription": "The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in `ErrorCode` . When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.\n\nFor more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ErrorCachingMinTTL", - "type": "number" + "Condition": { + "type": "string" }, - "ErrorCode": { - "markdownDescription": "The HTTP status code for which you want to specify a custom error page and/or a caching duration.", - "title": "ErrorCode", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ResponseCode": { - "markdownDescription": "The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:\n\n- Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute `200` , the response typically won't be intercepted.\n- If you don't care about distinguishing among different client errors or server errors, you can specify `400` or `500` as the `ResponseCode` for all 4xx or 5xx errors.\n- You might want to return a `200` status code (OK) and static website so your customers don't know that your website is down.\n\nIf you specify a value for `ResponseCode` , you must also specify a value for `ResponsePagePath` .", - "title": "ResponseCode", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ResponsePagePath": { - "markdownDescription": "The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by `ErrorCode` , for example, `/4xx-errors/403-forbidden.html` . If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:\n\n- The value of `PathPattern` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named `/4xx-errors` . Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, `/4xx-errors/*` .\n- The value of `TargetOriginId` specifies the value of the `ID` element for the origin that contains your custom error pages.\n\nIf you specify a value for `ResponsePagePath` , you must also specify a value for `ResponseCode` .\n\nWe recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.", - "title": "ResponsePagePath", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The pricing plan description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a pricing plan.", + "title": "Name", + "type": "string" + }, + "PricingRuleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The `PricingRuleArns` that are associated with the Pricing Plan.", + "title": "PricingRuleArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing plan.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BillingConductor::PricingPlan" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ErrorCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::Distribution.CustomOriginConfig": { + "AWS::BillingConductor::PricingRule": { "additionalProperties": false, "properties": { - "HTTPPort": { - "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", - "title": "HTTPPort", - "type": "number" - }, - "HTTPSPort": { - "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", - "title": "HTTPSPort", - "type": "number" - }, - "OriginKeepaliveTimeout": { - "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginKeepaliveTimeout", - "type": "number" + "Condition": { + "type": "string" }, - "OriginProtocolPolicy": { - "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n\n- `http-only` \u2013 CloudFront always uses HTTP to connect to the origin.\n- `match-viewer` \u2013 CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n- `https-only` \u2013 CloudFront always uses HTTPS to connect to the origin.", - "title": "OriginProtocolPolicy", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "OriginReadTimeout": { - "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginReadTimeout", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "OriginSSLProtocols": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BillingEntity": { + "markdownDescription": "The seller of services provided by AWS , their affiliates, or third-party providers selling services via AWS Marketplace .", + "title": "BillingEntity", + "type": "string" + }, + "Description": { + "markdownDescription": "The pricing rule description.", + "title": "Description", + "type": "string" + }, + "ModifierPercentage": { + "markdownDescription": "A percentage modifier applied on the public pricing rates.", + "title": "ModifierPercentage", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a pricing rule.", + "title": "Name", + "type": "string" + }, + "Operation": { + "markdownDescription": "Operation is the specific AWS action covered by this line item. This describes the specific usage of the line item.\n\nIf the `Scope` attribute is set to `SKU` , this attribute indicates which operation the `PricingRule` is modifying. For example, a value of `RunInstances:0202` indicates the operation of running an Amazon EC2 instance.", + "title": "Operation", + "type": "string" + }, + "Scope": { + "markdownDescription": "The scope of pricing rule that indicates if it's globally applicable or service-specific.", + "title": "Scope", + "type": "string" + }, + "Service": { + "markdownDescription": "If the `Scope` attribute is `SERVICE` , this attribute indicates which service the `PricingRule` is applicable for.", + "title": "Service", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing rule.", + "title": "Tags", + "type": "array" + }, + "Tiering": { + "$ref": "#/definitions/AWS::BillingConductor::PricingRule.Tiering", + "markdownDescription": "The set of tiering configurations for the pricing rule.", + "title": "Tiering" + }, + "Type": { + "markdownDescription": "The type of pricing rule.", + "title": "Type", + "type": "string" + }, + "UsageType": { + "markdownDescription": "Usage Type is the unit that each service uses to measure the usage of a specific type of resource.", + "title": "UsageType", + "type": "string" + } }, - "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginSSLProtocols", - "type": "array" + "required": [ + "Name", + "Scope", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BillingConductor::PricingRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "OriginProtocolPolicy" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::Distribution.DefaultCacheBehavior": { + "AWS::BillingConductor::PricingRule.FreeTier": { "additionalProperties": false, "properties": { - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", - "title": "AllowedMethods", - "type": "array" + "Activated": { + "markdownDescription": "Activate or deactivate AWS Free Tier.", + "title": "Activated", + "type": "boolean" + } + }, + "required": [ + "Activated" + ], + "type": "object" + }, + "AWS::BillingConductor::PricingRule.Tiering": { + "additionalProperties": false, + "properties": { + "FreeTier": { + "$ref": "#/definitions/AWS::BillingConductor::PricingRule.FreeTier", + "markdownDescription": "The possible AWS Free Tier configurations.", + "title": "FreeTier" + } + }, + "type": "object" + }, + "AWS::Budgets::Budget": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "CachePolicyId": { - "markdownDescription": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", - "title": "CachePolicyId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CachedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", - "title": "CachedMethods", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Compress": { - "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify `true` ; if not, specify `false` . For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Compress", - "type": "boolean" + "Metadata": { + "type": "object" }, - "DefaultTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultTTL", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Budget": { + "$ref": "#/definitions/AWS::Budgets::Budget.BudgetData", + "markdownDescription": "The budget object that you want to create.", + "title": "Budget" + }, + "NotificationsWithSubscribers": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.NotificationWithSubscribers" + }, + "markdownDescription": "A notification that you want to associate with a budget. A budget can have up to five notifications, and each notification can have one SNS subscriber and up to 10 email subscribers. If you include notifications and subscribers in your `CreateBudget` call, AWS creates the notifications and subscribers for you.", + "title": "NotificationsWithSubscribers", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.ResourceTag" + }, + "markdownDescription": "An optional list of tags to associate with the specified budget. Each tag consists of a key and a value, and each key must be unique for the resource.", + "title": "ResourceTags", + "type": "array" + } + }, + "required": [ + "Budget" + ], + "type": "object" }, - "FieldLevelEncryptionId": { - "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior.", - "title": "FieldLevelEncryptionId", + "Type": { + "enum": [ + "AWS::Budgets::Budget" + ], "type": "string" }, - "ForwardedValues": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", - "title": "ForwardedValues" - }, - "FunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" - }, - "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the `LIVE` stage to associate them with a cache behavior.", - "title": "FunctionAssociations", - "type": "array" - }, - "LambdaFunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" - }, - "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", - "title": "LambdaFunctionAssociations", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Budgets::Budget.AutoAdjustData": { + "additionalProperties": false, + "properties": { + "AutoAdjustType": { + "markdownDescription": "The string that defines whether your budget auto-adjusts based on historical or forecasted data.", + "title": "AutoAdjustType", + "type": "string" }, - "MaxTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MaxTTL", - "type": "number" + "HistoricalOptions": { + "$ref": "#/definitions/AWS::Budgets::Budget.HistoricalOptions", + "markdownDescription": "The parameters that define or describe the historical data that your auto-adjusting budget is based on.", + "title": "HistoricalOptions" + } + }, + "required": [ + "AutoAdjustType" + ], + "type": "object" + }, + "AWS::Budgets::Budget.BudgetData": { + "additionalProperties": false, + "properties": { + "AutoAdjustData": { + "$ref": "#/definitions/AWS::Budgets::Budget.AutoAdjustData", + "markdownDescription": "Determine the budget amount for an auto-adjusting budget.", + "title": "AutoAdjustData" }, - "MinTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", - "title": "MinTTL", - "type": "number" + "BudgetLimit": { + "$ref": "#/definitions/AWS::Budgets::Budget.Spend", + "markdownDescription": "The total amount of cost, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage that you want to track with your budget.\n\n`BudgetLimit` is required for cost or usage budgets, but optional for RI or Savings Plans utilization or coverage budgets. RI and Savings Plans utilization or coverage budgets default to `100` . This is the only valid value for RI or Savings Plans utilization or coverage budgets. You can't use `BudgetLimit` with `PlannedBudgetLimits` for `CreateBudget` and `UpdateBudget` actions.", + "title": "BudgetLimit" }, - "OriginRequestPolicyId": { - "markdownDescription": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginRequestPolicyId", + "BudgetName": { + "markdownDescription": "The name of a budget. The value must be unique within an account. `BudgetName` can't include `:` and `\\` characters. If you don't include value for `BudgetName` in the template, Billing and Cost Management assigns your budget a randomly generated name.", + "title": "BudgetName", "type": "string" }, - "RealtimeLogConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "RealtimeLogConfigArn", + "BudgetType": { + "markdownDescription": "Specifies whether this budget tracks costs, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage.", + "title": "BudgetType", "type": "string" }, - "ResponseHeadersPolicyId": { - "markdownDescription": "The identifier for a response headers policy.", - "title": "ResponseHeadersPolicyId", - "type": "string" + "CostFilters": { + "markdownDescription": "The cost filters, such as `Region` , `Service` , `LinkedAccount` , `Tag` , or `CostCategory` , that are applied to a budget.\n\nAWS Budgets supports the following services as a `Service` filter for RI budgets:\n\n- Amazon EC2\n- Amazon Redshift\n- Amazon Relational Database Service\n- Amazon ElastiCache\n- Amazon OpenSearch Service", + "title": "CostFilters", + "type": "object" }, - "SmoothStreaming": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", - "title": "SmoothStreaming", - "type": "boolean" + "CostTypes": { + "$ref": "#/definitions/AWS::Budgets::Budget.CostTypes", + "markdownDescription": "The types of costs that are included in this `COST` budget.\n\n`USAGE` , `RI_UTILIZATION` , `RI_COVERAGE` , `SAVINGS_PLANS_UTILIZATION` , and `SAVINGS_PLANS_COVERAGE` budgets do not have `CostTypes` .", + "title": "CostTypes" }, - "TargetOriginId": { - "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they use the default cache behavior.", - "title": "TargetOriginId", - "type": "string" + "FilterExpression": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression", + "markdownDescription": "", + "title": "FilterExpression" }, - "TrustedKeyGroups": { + "Metrics": { "items": { "type": "string" }, - "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedKeyGroups", + "markdownDescription": "", + "title": "Metrics", "type": "array" }, - "TrustedSigners": { - "items": { - "type": "string" - }, - "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners", - "type": "array" + "PlannedBudgetLimits": { + "markdownDescription": "A map containing multiple `BudgetLimit` , including current or future limits.\n\n`PlannedBudgetLimits` is available for cost or usage budget and supports both monthly and quarterly `TimeUnit` .\n\nFor monthly budgets, provide 12 months of `PlannedBudgetLimits` values. This must start from the current month and include the next 11 months. The `key` is the start of the month, `UTC` in epoch seconds.\n\nFor quarterly budgets, provide four quarters of `PlannedBudgetLimits` value entries in standard calendar quarter increments. This must start from the current quarter and include the next three quarters. The `key` is the start of the quarter, `UTC` in epoch seconds.\n\nIf the planned budget expires before 12 months for monthly or four quarters for quarterly, provide the `PlannedBudgetLimits` values only for the remaining periods.\n\nIf the budget begins at a date in the future, provide `PlannedBudgetLimits` values from the start date of the budget.\n\nAfter all of the `BudgetLimit` values in `PlannedBudgetLimits` are used, the budget continues to use the last limit as the `BudgetLimit` . At that point, the planned budget provides the same experience as a fixed budget.\n\n`DescribeBudget` and `DescribeBudgets` response along with `PlannedBudgetLimits` also contain `BudgetLimit` representing the current month or quarter limit present in `PlannedBudgetLimits` . This only applies to budgets that are created with `PlannedBudgetLimits` . Budgets that are created without `PlannedBudgetLimits` only contain `BudgetLimit` . They don't contain `PlannedBudgetLimits` .", + "title": "PlannedBudgetLimits", + "type": "object" }, - "ViewerProtocolPolicy": { - "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ViewerProtocolPolicy", + "TimePeriod": { + "$ref": "#/definitions/AWS::Budgets::Budget.TimePeriod", + "markdownDescription": "The period of time that is covered by a budget. The period has a start date and an end date. The start date must come before the end date. There are no restrictions on the end date.\n\nThe start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nAfter the end date, AWS deletes the budget and all associated notifications and subscribers.", + "title": "TimePeriod" + }, + "TimeUnit": { + "markdownDescription": "The length of time until a budget resets the actual and forecasted spend. `DAILY` is available only for `RI_UTILIZATION` and `RI_COVERAGE` budgets.", + "title": "TimeUnit", "type": "string" } }, "required": [ - "TargetOriginId", - "ViewerProtocolPolicy" + "BudgetType", + "TimeUnit" ], "type": "object" }, - "AWS::CloudFront::Distribution.DistributionConfig": { + "AWS::Budgets::Budget.CostCategoryValues": { "additionalProperties": false, "properties": { - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", - "title": "Aliases", - "type": "array" + "Key": { + "markdownDescription": "The unique name of the cost category.", + "title": "Key", + "type": "string" }, - "CNAMEs": { + "MatchOptions": { "items": { "type": "string" }, - "markdownDescription": "An alias for the CloudFront distribution's domain name.\n\n> This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead.", - "title": "CNAMEs", + "markdownDescription": "The match options that you can use to filter your results.", + "title": "MatchOptions", "type": "array" }, - "CacheBehaviors": { + "Values": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CacheBehavior" + "type": "string" }, - "markdownDescription": "A complex type that contains zero or more `CacheBehavior` elements.", - "title": "CacheBehaviors", + "markdownDescription": "The specific value of the cost category.", + "title": "Values", "type": "array" + } + }, + "type": "object" + }, + "AWS::Budgets::Budget.CostTypes": { + "additionalProperties": false, + "properties": { + "IncludeCredit": { + "markdownDescription": "Specifies whether a budget includes credits.\n\nThe default value is `true` .", + "title": "IncludeCredit", + "type": "boolean" }, - "Comment": { - "markdownDescription": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - }, - "ContinuousDeploymentPolicyId": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", - "title": "ContinuousDeploymentPolicyId", - "type": "string" - }, - "CustomErrorResponses": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomErrorResponse" - }, - "markdownDescription": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", - "title": "CustomErrorResponses", - "type": "array" + "IncludeDiscount": { + "markdownDescription": "Specifies whether a budget includes discounts.\n\nThe default value is `true` .", + "title": "IncludeDiscount", + "type": "boolean" }, - "CustomOrigin": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyCustomOrigin", - "markdownDescription": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", - "title": "CustomOrigin" + "IncludeOtherSubscription": { + "markdownDescription": "Specifies whether a budget includes non-RI subscription costs.\n\nThe default value is `true` .", + "title": "IncludeOtherSubscription", + "type": "boolean" }, - "DefaultCacheBehavior": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.DefaultCacheBehavior", - "markdownDescription": "A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.", - "title": "DefaultCacheBehavior" + "IncludeRecurring": { + "markdownDescription": "Specifies whether a budget includes recurring fees such as monthly RI fees.\n\nThe default value is `true` .", + "title": "IncludeRecurring", + "type": "boolean" }, - "DefaultRootObject": { - "markdownDescription": "When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. For example, if your root URL is `https://www.example.com` , you can specify CloudFront to return the `index.html` file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, `https://www.example.com/product-description.html` ). A default root object avoids exposing the contents of your distribution.\n\nYou can specify the object name or a path to the object name (for example, `index.html` or `exampleFolderName/index.html` ). Your string can't begin with a forward slash ( `/` ). Only specify the object name or the path to the object.\n\nIf you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element.\n\nTo delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element.\n\nTo replace the default root object, update the distribution configuration and specify the new object.\n\nFor more information about the default root object, see [Specify a default root object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultRootObject", - "type": "string" + "IncludeRefund": { + "markdownDescription": "Specifies whether a budget includes refunds.\n\nThe default value is `true` .", + "title": "IncludeRefund", + "type": "boolean" }, - "Enabled": { - "markdownDescription": "From this field, you can enable or disable the selected distribution.", - "title": "Enabled", + "IncludeSubscription": { + "markdownDescription": "Specifies whether a budget includes subscriptions.\n\nThe default value is `true` .", + "title": "IncludeSubscription", "type": "boolean" }, - "HttpVersion": { - "markdownDescription": "(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . The default value for new distributions is `http1.1` .\n\nFor viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n\nFor viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) .", - "title": "HttpVersion", - "type": "string" + "IncludeSupport": { + "markdownDescription": "Specifies whether a budget includes support subscription fees.\n\nThe default value is `true` .", + "title": "IncludeSupport", + "type": "boolean" }, - "IPV6Enabled": { - "markdownDescription": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nIf you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", - "title": "IPV6Enabled", + "IncludeTax": { + "markdownDescription": "Specifies whether a budget includes taxes.\n\nThe default value is `true` .", + "title": "IncludeTax", "type": "boolean" }, - "Logging": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Logging", - "markdownDescription": "A complex type that controls whether access logs are written for the distribution.\n\nFor more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Logging" + "IncludeUpfront": { + "markdownDescription": "Specifies whether a budget includes upfront RI costs.\n\nThe default value is `true` .", + "title": "IncludeUpfront", + "type": "boolean" }, - "OriginGroups": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroups", - "markdownDescription": "A complex type that contains information about origin groups for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", - "title": "OriginGroups" + "UseAmortized": { + "markdownDescription": "Specifies whether a budget uses the amortized rate.\n\nThe default value is `false` .", + "title": "UseAmortized", + "type": "boolean" }, - "Origins": { + "UseBlended": { + "markdownDescription": "Specifies whether a budget uses a blended rate.\n\nThe default value is `false` .", + "title": "UseBlended", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Budgets::Budget.Expression": { + "additionalProperties": false, + "properties": { + "And": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Origin" + "$ref": "#/definitions/AWS::Budgets::Budget.Expression" }, - "markdownDescription": "A complex type that contains information about origins for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", - "title": "Origins", + "markdownDescription": "Return results that match both Dimension objects.", + "title": "And", "type": "array" }, - "PriceClass": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", - "title": "PriceClass", - "type": "string" - }, - "Restrictions": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Restrictions", - "markdownDescription": "A complex type that identifies ways in which you want to restrict distribution of your content.", - "title": "Restrictions" + "CostCategories": { + "$ref": "#/definitions/AWS::Budgets::Budget.CostCategoryValues", + "markdownDescription": "The filter that's based on CostCategoryValues.", + "title": "CostCategories" }, - "S3Origin": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyS3Origin", - "markdownDescription": "The origin as an Amazon S3 bucket.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", - "title": "S3Origin" + "Dimensions": { + "$ref": "#/definitions/AWS::Budgets::Budget.ExpressionDimensionValues", + "markdownDescription": "The specific Dimension to use for Expression.", + "title": "Dimensions" }, - "Staging": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", - "title": "Staging", - "type": "boolean" + "Not": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression", + "markdownDescription": "Return results that don't match a Dimension object.", + "title": "Not" }, - "ViewerCertificate": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ViewerCertificate", - "markdownDescription": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.", - "title": "ViewerCertificate" + "Or": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression" + }, + "markdownDescription": "Return results that match either Dimension object.", + "title": "Or", + "type": "array" }, - "WebACLId": { - "markdownDescription": "> Multi-tenant distributions only support AWS WAF V2 web ACLs. \n\nA unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) .", - "title": "WebACLId", - "type": "string" + "Tags": { + "$ref": "#/definitions/AWS::Budgets::Budget.TagValues", + "markdownDescription": "The specific Tag to use for Expression.", + "title": "Tags" } }, - "required": [ - "DefaultCacheBehavior", - "Enabled" - ], "type": "object" }, - "AWS::CloudFront::Distribution.ForwardedValues": { + "AWS::Budgets::Budget.ExpressionDimensionValues": { "additionalProperties": false, "properties": { - "Cookies": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Cookies", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Cookies" + "Key": { + "markdownDescription": "The name of the dimension that you want to filter on.", + "title": "Key", + "type": "string" }, - "Headers": { + "MatchOptions": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies the `Headers` , if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.\n\nFor more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Headers", + "markdownDescription": "The match options that you can use to filter your results. You can specify only one of these values in the array.", + "title": "MatchOptions", "type": "array" }, - "QueryString": { - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nIndicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of `QueryString` and on the values that you specify for `QueryStringCacheKeys` , if any:\n\nIf you specify true for `QueryString` and you don't specify any values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.\n\nIf you specify true for `QueryString` and you specify one or more values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.\n\nIf you specify false for `QueryString` , CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.\n\nFor more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide* .", - "title": "QueryString", - "type": "boolean" - }, - "QueryStringCacheKeys": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.", - "title": "QueryStringCacheKeys", + "markdownDescription": "The metadata values you can specify to filter upon, so that the results all match at least one of the specified values.", + "title": "Values", "type": "array" } }, + "type": "object" + }, + "AWS::Budgets::Budget.HistoricalOptions": { + "additionalProperties": false, + "properties": { + "BudgetAdjustmentPeriod": { + "markdownDescription": "The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount. The maximum value depends on the `TimeUnit` granularity of the budget:\n\n- For the `DAILY` granularity, the maximum value is `60` .\n- For the `MONTHLY` granularity, the maximum value is `12` .\n- For the `QUARTERLY` granularity, the maximum value is `4` .\n- For the `ANNUALLY` granularity, the maximum value is `1` .", + "title": "BudgetAdjustmentPeriod", + "type": "number" + } + }, "required": [ - "QueryString" + "BudgetAdjustmentPeriod" ], "type": "object" }, - "AWS::CloudFront::Distribution.FunctionAssociation": { + "AWS::Budgets::Budget.Notification": { "additionalProperties": false, "properties": { - "EventType": { - "markdownDescription": "The event type of the function, either `viewer-request` or `viewer-response` . You cannot use origin-facing event types ( `origin-request` and `origin-response` ) with a CloudFront function.", - "title": "EventType", + "ComparisonOperator": { + "markdownDescription": "The comparison that's used for this notification.", + "title": "ComparisonOperator", "type": "string" }, - "FunctionARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function.", - "title": "FunctionARN", + "NotificationType": { + "markdownDescription": "Specifies whether the notification is for how much you have spent ( `ACTUAL` ) or for how much that you're forecasted to spend ( `FORECASTED` ).", + "title": "NotificationType", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The threshold that's associated with a notification. Thresholds are always a percentage, and many customers find value being alerted between 50% - 200% of the budgeted amount. The maximum limit for your threshold is 1,000,000% above the budgeted amount.", + "title": "Threshold", + "type": "number" + }, + "ThresholdType": { + "markdownDescription": "The type of threshold for a notification. For `ABSOLUTE_VALUE` thresholds, AWS notifies you when you go over or are forecasted to go over your total cost threshold. For `PERCENTAGE` thresholds, AWS notifies you when you go over or are forecasted to go over a certain percentage of your forecasted spend. For example, if you have a budget for 200 dollars and you have a `PERCENTAGE` threshold of 80%, AWS notifies you when you go over 160 dollars.", + "title": "ThresholdType", "type": "string" } }, + "required": [ + "ComparisonOperator", + "NotificationType", + "Threshold" + ], "type": "object" }, - "AWS::CloudFront::Distribution.GeoRestriction": { + "AWS::Budgets::Budget.NotificationWithSubscribers": { "additionalProperties": false, "properties": { - "Locations": { + "Notification": { + "$ref": "#/definitions/AWS::Budgets::Budget.Notification", + "markdownDescription": "The notification that's associated with a budget.", + "title": "Notification" + }, + "Subscribers": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Budgets::Budget.Subscriber" }, - "markdownDescription": "A complex type that contains a `Location` element for each country in which you want CloudFront either to distribute your content ( `whitelist` ) or not distribute your content ( `blacklist` ).\n\nThe `Location` element is a two-letter, uppercase country code for a country that you want to include in your `blacklist` or `whitelist` . Include one `Location` element for each country.\n\nCloudFront and `MaxMind` both use `ISO 3166` country codes. For the current list of countries and the corresponding codes, see `ISO 3166-1-alpha-2` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.", - "title": "Locations", + "markdownDescription": "A list of subscribers who are subscribed to this notification.", + "title": "Subscribers", "type": "array" - }, - "RestrictionType": { - "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geo restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", - "title": "RestrictionType", - "type": "string" } }, "required": [ - "RestrictionType" + "Notification", + "Subscribers" ], "type": "object" }, - "AWS::CloudFront::Distribution.LambdaFunctionAssociation": { + "AWS::Budgets::Budget.ResourceTag": { "additionalProperties": false, "properties": { - "EventType": { - "markdownDescription": "Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values:\n\n- `viewer-request` : The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache.\n- `origin-request` : The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute.\n- `origin-response` : The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.\n- `viewer-response` : The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.\n\nIf the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.", - "title": "EventType", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "IncludeBody": { - "markdownDescription": "A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide.", - "title": "IncludeBody", - "type": "boolean" - }, - "LambdaFunctionARN": { - "markdownDescription": "The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST.", - "title": "LambdaFunctionARN", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, + "required": [ + "Key" + ], "type": "object" }, - "AWS::CloudFront::Distribution.LegacyCustomOrigin": { + "AWS::Budgets::Budget.Spend": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "The domain name assigned to your CloudFront distribution.", - "title": "DNSName", - "type": "string" - }, - "HTTPPort": { - "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", - "title": "HTTPPort", - "type": "number" - }, - "HTTPSPort": { - "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", - "title": "HTTPSPort", + "Amount": { + "markdownDescription": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold.", + "title": "Amount", "type": "number" }, - "OriginProtocolPolicy": { - "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin.", - "title": "OriginProtocolPolicy", + "Unit": { + "markdownDescription": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold.", + "title": "Unit", "type": "string" - }, - "OriginSSLProtocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The minimum SSL/TLS protocol version that CloudFront uses when communicating with your origin server over HTTPs.\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginSSLProtocols", - "type": "array" } }, "required": [ - "DNSName", - "OriginProtocolPolicy", - "OriginSSLProtocols" + "Amount", + "Unit" ], "type": "object" }, - "AWS::CloudFront::Distribution.LegacyS3Origin": { + "AWS::Budgets::Budget.Subscriber": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "The domain name assigned to your CloudFront distribution.", - "title": "DNSName", + "Address": { + "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", + "title": "Address", "type": "string" }, - "OriginAccessIdentity": { - "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 through CloudFront .\n\n> This property is legacy. We recommend that you use [OriginAccessControl](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html) instead.", - "title": "OriginAccessIdentity", + "SubscriptionType": { + "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "title": "SubscriptionType", "type": "string" } }, "required": [ - "DNSName" + "Address", + "SubscriptionType" ], "type": "object" }, - "AWS::CloudFront::Distribution.Logging": { + "AWS::Budgets::Budget.TagValues": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", - "title": "Bucket", + "Key": { + "markdownDescription": "The key for the tag.", + "title": "Key", "type": "string" }, - "IncludeCookies": { - "markdownDescription": "Specifies whether you want CloudFront to include cookies in access logs, specify `true` for `IncludeCookies` . If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify `false` for `IncludeCookies` .", - "title": "IncludeCookies", - "type": "boolean" + "MatchOptions": { + "items": { + "type": "string" + }, + "markdownDescription": "The match options that you can use to filter your results.", + "title": "MatchOptions", + "type": "array" }, - "Prefix": { - "markdownDescription": "An optional string that you want CloudFront to prefix to the access log `filenames` for this distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", - "title": "Prefix", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific value of the tag.", + "title": "Values", + "type": "array" } }, - "required": [ - "Bucket" - ], "type": "object" }, - "AWS::CloudFront::Distribution.Origin": { + "AWS::Budgets::Budget.TimePeriod": { "additionalProperties": false, "properties": { - "ConnectionAttempts": { - "markdownDescription": "The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3.\n\nFor a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) .\n\nFor more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide* .", - "title": "ConnectionAttempts", - "type": "number" - }, - "ConnectionTimeout": { - "markdownDescription": "The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds.\n\nFor more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide* .", - "title": "ConnectionTimeout", - "type": "number" - }, - "CustomOriginConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomOriginConfig", - "markdownDescription": "Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the `S3OriginConfig` type instead.", - "title": "CustomOriginConfig" - }, - "DomainName": { - "markdownDescription": "The domain name for the origin.\n\nFor more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide* .", - "title": "DomainName", + "End": { + "markdownDescription": "The end date for a budget. If you didn't specify an end date, AWS set your end date to `06/15/87 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nAfter the end date, AWS deletes the budget and all the associated notifications and subscribers. You can change your end date with the `UpdateBudget` operation.", + "title": "End", "type": "string" }, - "Id": { - "markdownDescription": "A unique identifier for the origin. This value must be unique within the distribution.\n\nUse this value to specify the `TargetOriginId` in a `CacheBehavior` or `DefaultCacheBehavior` .", - "title": "Id", + "Start": { + "markdownDescription": "The start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nValid values depend on the value of `BudgetType` :\n\n- If `BudgetType` is `COST` or `USAGE` : Valid values are `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .\n- If `BudgetType` is `RI_UTILIZATION` or `RI_COVERAGE` : Valid values are `DAILY` , `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .", + "title": "Start", "type": "string" - }, - "OriginAccessControlId": { - "markdownDescription": "The unique identifier of an origin access control for this origin.\n\nFor more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessControlId", + } + }, + "type": "object" + }, + "AWS::Budgets::BudgetsAction": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "OriginCustomHeaders": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginCustomHeader" - }, - "markdownDescription": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n\nFor more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginCustomHeaders", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "OriginPath": { - "markdownDescription": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n\nFor more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginPath", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "OriginShield": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginShield", - "markdownDescription": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n\nFor more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginShield" + "Metadata": { + "type": "object" }, - "S3OriginConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.S3OriginConfig", - "markdownDescription": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the `CustomOriginConfig` type instead.", - "title": "S3OriginConfig" - } - }, - "required": [ - "DomainName", - "Id" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.OriginCustomHeader": { - "additionalProperties": false, - "properties": { - "HeaderName": { - "markdownDescription": "The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", - "title": "HeaderName", + "Properties": { + "additionalProperties": false, + "properties": { + "ActionThreshold": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ActionThreshold", + "markdownDescription": "The trigger threshold of the action.", + "title": "ActionThreshold" + }, + "ActionType": { + "markdownDescription": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition.", + "title": "ActionType", + "type": "string" + }, + "ApprovalModel": { + "markdownDescription": "This specifies if the action needs manual or automatic approval.", + "title": "ApprovalModel", + "type": "string" + }, + "BudgetName": { + "markdownDescription": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed.", + "title": "BudgetName", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Definition", + "markdownDescription": "Specifies all of the type-specific parameters.", + "title": "Definition" + }, + "ExecutionRoleArn": { + "markdownDescription": "The role passed for action execution and reversion. Roles and actions must be in the same account.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "NotificationType": { + "markdownDescription": "The type of a notification.", + "title": "NotificationType", + "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ResourceTag" + }, + "markdownDescription": "An optional list of tags to associate with the specified budget action. Each tag consists of a key and a value, and each key must be unique for the resource.", + "title": "ResourceTags", + "type": "array" + }, + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Subscriber" + }, + "markdownDescription": "A list of subscribers.", + "title": "Subscribers", + "type": "array" + } + }, + "required": [ + "ActionThreshold", + "ActionType", + "BudgetName", + "Definition", + "ExecutionRoleArn", + "NotificationType", + "Subscribers" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Budgets::BudgetsAction" + ], "type": "string" }, - "HeaderValue": { - "markdownDescription": "The value for the header that you specified in the `HeaderName` field.", - "title": "HeaderValue", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HeaderName", - "HeaderValue" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroup": { + "AWS::Budgets::BudgetsAction.ActionThreshold": { "additionalProperties": false, "properties": { - "FailoverCriteria": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupFailoverCriteria", - "markdownDescription": "A complex type that contains information about the failover criteria for an origin group.", - "title": "FailoverCriteria" - }, - "Id": { - "markdownDescription": "The origin group's ID.", - "title": "Id", + "Type": { + "markdownDescription": "The type of threshold for a notification.", + "title": "Type", "type": "string" }, - "Members": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMembers", - "markdownDescription": "A complex type that contains information about the origins in an origin group.", - "title": "Members" - } - }, - "required": [ - "FailoverCriteria", - "Id", - "Members" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.OriginGroupFailoverCriteria": { - "additionalProperties": false, - "properties": { - "StatusCodes": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.StatusCodes", - "markdownDescription": "The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin.", - "title": "StatusCodes" + "Value": { + "markdownDescription": "The threshold of a notification.", + "title": "Value", + "type": "number" } }, "required": [ - "StatusCodes" + "Type", + "Value" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroupMember": { + "AWS::Budgets::BudgetsAction.Definition": { "additionalProperties": false, "properties": { - "OriginId": { - "markdownDescription": "The ID for an origin in an origin group.", - "title": "OriginId", - "type": "string" + "IamActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.IamActionDefinition", + "markdownDescription": "The AWS Identity and Access Management ( IAM ) action definition details.", + "title": "IamActionDefinition" + }, + "ScpActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ScpActionDefinition", + "markdownDescription": "The service control policies (SCP) action definition details.", + "title": "ScpActionDefinition" + }, + "SsmActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.SsmActionDefinition", + "markdownDescription": "The Amazon EC2 Systems Manager ( SSM ) action definition details.", + "title": "SsmActionDefinition" } }, - "required": [ - "OriginId" - ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroupMembers": { + "AWS::Budgets::BudgetsAction.IamActionDefinition": { "additionalProperties": false, "properties": { - "Items": { + "Groups": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMember" + "type": "string" }, - "markdownDescription": "Items (origins) in an origin group.", - "title": "Items", + "markdownDescription": "A list of groups to be attached. There must be at least one group.", + "title": "Groups", "type": "array" }, - "Quantity": { - "markdownDescription": "The number of origins in an origin group.", - "title": "Quantity", - "type": "number" - } - }, - "required": [ - "Items", - "Quantity" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.OriginGroups": { - "additionalProperties": false, - "properties": { - "Items": { + "PolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the policy to be attached.", + "title": "PolicyArn", + "type": "string" + }, + "Roles": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroup" + "type": "string" }, - "markdownDescription": "The items (origin groups) in a distribution.", - "title": "Items", + "markdownDescription": "A list of roles to be attached. There must be at least one role.", + "title": "Roles", "type": "array" }, - "Quantity": { - "markdownDescription": "The number of origin groups.", - "title": "Quantity", - "type": "number" + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of users to be attached. There must be at least one user.", + "title": "Users", + "type": "array" } }, "required": [ - "Quantity" + "PolicyArn" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginShield": { + "AWS::Budgets::BudgetsAction.ResourceTag": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "A flag that specifies whether Origin Shield is enabled.\n\nWhen it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches.", - "title": "Enabled", - "type": "boolean" + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", + "type": "string" }, - "OriginShieldRegion": { - "markdownDescription": "The AWS Region for Origin Shield.\n\nSpecify the AWS Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2` .\n\nWhen you enable CloudFront Origin Shield, you must specify the AWS Region for Origin Shield. For the list of AWS Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the AWS Region for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginShieldRegion", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, - "type": "object" - }, - "AWS::CloudFront::Distribution.Restrictions": { - "additionalProperties": false, - "properties": { - "GeoRestriction": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.GeoRestriction", - "markdownDescription": "A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using `MaxMind` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template.", - "title": "GeoRestriction" - } - }, "required": [ - "GeoRestriction" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::Distribution.S3OriginConfig": { + "AWS::Budgets::BudgetsAction.ScpActionDefinition": { "additionalProperties": false, "properties": { - "OriginAccessIdentity": { - "markdownDescription": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessIdentity", + "PolicyId": { + "markdownDescription": "The policy ID attached.", + "title": "PolicyId", "type": "string" + }, + "TargetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of target IDs.", + "title": "TargetIds", + "type": "array" } }, + "required": [ + "PolicyId", + "TargetIds" + ], "type": "object" }, - "AWS::CloudFront::Distribution.StatusCodes": { + "AWS::Budgets::BudgetsAction.SsmActionDefinition": { "additionalProperties": false, "properties": { - "Items": { + "InstanceIds": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "The items (status codes) for an origin group.", - "title": "Items", + "markdownDescription": "The EC2 and RDS instance IDs.", + "title": "InstanceIds", "type": "array" }, - "Quantity": { - "markdownDescription": "The number of status codes.", - "title": "Quantity", - "type": "number" + "Region": { + "markdownDescription": "The Region to run the ( SSM ) document.", + "title": "Region", + "type": "string" + }, + "Subtype": { + "markdownDescription": "The action subType.", + "title": "Subtype", + "type": "string" } }, "required": [ - "Items", - "Quantity" + "InstanceIds", + "Region", + "Subtype" ], "type": "object" }, - "AWS::CloudFront::Distribution.ViewerCertificate": { + "AWS::Budgets::BudgetsAction.Subscriber": { "additionalProperties": false, "properties": { - "AcmCertificateArn": { - "markdownDescription": "> In CloudFormation, this field name is `AcmCertificateArn` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate Manager (ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) , provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region ( `us-east-1` ).\n\nIf you specify an ACM certificate ARN, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", - "title": "AcmCertificateArn", - "type": "string" - }, - "CloudFrontDefaultCertificate": { - "markdownDescription": "If the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , set this field to `true` .\n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n\n- `AcmCertificateArn` or `IamCertificateId` (specify a value for one, not both)\n- `MinimumProtocolVersion`\n- `SslSupportMethod`", - "title": "CloudFrontDefaultCertificate", - "type": "boolean" - }, - "IamCertificateId": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . > In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", - "title": "IamCertificateId", - "type": "string" - }, - "MinimumProtocolVersion": { - "markdownDescription": "If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n\n- The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n- The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n\nFor more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide* .\n\n> On the CloudFront console, this setting is called *Security Policy* . \n\nWhen you're using SNI only (you set `SSLSupportMethod` to `sni-only` ), you must specify `TLSv1` or higher. (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` (you set `CloudFrontDefaultCertificate` to `true` ), CloudFront automatically sets the security policy to `TLSv1` regardless of the value that you set here.", - "title": "MinimumProtocolVersion", + "Address": { + "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", + "title": "Address", "type": "string" }, - "SslSupportMethod": { - "markdownDescription": "> In CloudFormation, this field name is `SslSupportMethod` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n\n- `sni-only` \u2013 The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) . This is recommended. Most browsers and clients support SNI.\n- `vip` \u2013 The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n- `static-ip` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Support Center](https://docs.aws.amazon.com/support/home) .\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , don't set a value for this field.", - "title": "SslSupportMethod", + "Type": { + "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "title": "Type", "type": "string" } }, + "required": [ + "Address", + "Type" + ], "type": "object" }, - "AWS::CloudFront::Function": { + "AWS::CE::AnomalyMonitor": { "additionalProperties": false, "properties": { "Condition": { @@ -37366,42 +42404,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoPublish": { - "markdownDescription": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it\u2019s created. To automatically publish to the `LIVE` stage, set this property to `true` .", - "title": "AutoPublish", - "type": "boolean" - }, - "FunctionCode": { - "markdownDescription": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .", - "title": "FunctionCode", + "MonitorDimension": { + "markdownDescription": "The dimensions to evaluate.", + "title": "MonitorDimension", "type": "string" }, - "FunctionConfig": { - "$ref": "#/definitions/AWS::CloudFront::Function.FunctionConfig", - "markdownDescription": "Contains configuration information about a CloudFront function.", - "title": "FunctionConfig" + "MonitorName": { + "markdownDescription": "The name of the monitor.", + "title": "MonitorName", + "type": "string" }, - "FunctionMetadata": { - "$ref": "#/definitions/AWS::CloudFront::Function.FunctionMetadata", - "markdownDescription": "Contains metadata about a CloudFront function.", - "title": "FunctionMetadata" + "MonitorSpecification": { + "markdownDescription": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page.", + "title": "MonitorSpecification", + "type": "string" }, - "Name": { - "markdownDescription": "A name to identify the function.", - "title": "Name", + "MonitorType": { + "markdownDescription": "The possible type values.", + "title": "MonitorType", "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalyMonitor.ResourceTag" + }, + "markdownDescription": "", + "title": "ResourceTags", + "type": "array" } }, "required": [ - "FunctionCode", - "FunctionConfig", - "Name" + "MonitorName", + "MonitorType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::Function" + "AWS::CE::AnomalyMonitor" ], "type": "string" }, @@ -37420,60 +42460,27 @@ ], "type": "object" }, - "AWS::CloudFront::Function.FunctionConfig": { + "AWS::CE::AnomalyMonitor.ResourceTag": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the function.", - "title": "Comment", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "KeyValueStoreAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Function.KeyValueStoreAssociation" - }, - "markdownDescription": "The configuration for the key value store associations.", - "title": "KeyValueStoreAssociations", - "type": "array" - }, - "Runtime": { - "markdownDescription": "The function's runtime environment version.", - "title": "Runtime", - "type": "string" - } - }, - "required": [ - "Comment", - "Runtime" - ], - "type": "object" - }, - "AWS::CloudFront::Function.FunctionMetadata": { - "additionalProperties": false, - "properties": { - "FunctionARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function.", - "title": "FunctionARN", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudFront::Function.KeyValueStoreAssociation": { - "additionalProperties": false, - "properties": { - "KeyValueStoreARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the key value store association.", - "title": "KeyValueStoreARN", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, "required": [ - "KeyValueStoreARN" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::KeyGroup": { + "AWS::CE::AnomalySubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -37508,20 +42515,62 @@ "Properties": { "additionalProperties": false, "properties": { - "KeyGroupConfig": { - "$ref": "#/definitions/AWS::CloudFront::KeyGroup.KeyGroupConfig", - "markdownDescription": "The key group configuration.", - "title": "KeyGroupConfig" + "Frequency": { + "markdownDescription": "The frequency that anomaly notifications are sent. Notifications are sent either over email (for DAILY and WEEKLY frequencies) or SNS (for IMMEDIATE frequency). For more information, see [Creating an Amazon SNS topic for anomaly notifications](https://docs.aws.amazon.com/cost-management/latest/userguide/ad-SNS.html) .", + "title": "Frequency", + "type": "string" + }, + "MonitorArnList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of cost anomaly monitors.", + "title": "MonitorArnList", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalySubscription.ResourceTag" + }, + "markdownDescription": "", + "title": "ResourceTags", + "type": "array" + }, + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalySubscription.Subscriber" + }, + "markdownDescription": "A list of subscribers to notify.", + "title": "Subscribers", + "type": "array" + }, + "SubscriptionName": { + "markdownDescription": "The name for the subscription.", + "title": "SubscriptionName", + "type": "string" + }, + "Threshold": { + "markdownDescription": "(deprecated)\n\nAn absolute dollar value that must be exceeded by the anomaly's total impact (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details) for an anomaly notification to be generated.\n\nThis field has been deprecated. To specify a threshold, use ThresholdExpression. Continued use of Threshold will be treated as shorthand syntax for a ThresholdExpression.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.", + "title": "Threshold", + "type": "number" + }, + "ThresholdExpression": { + "markdownDescription": "An [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object in JSON string format used to specify the anomalies that you want to generate alerts for. This supports dimensions and nested expressions. The supported dimensions are `ANOMALY_TOTAL_IMPACT_ABSOLUTE` and `ANOMALY_TOTAL_IMPACT_PERCENTAGE` , corresponding to an anomaly\u2019s TotalImpact and TotalImpactPercentage, respectively (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details). The supported nested expression types are `AND` and `OR` . The match option `GREATER_THAN_OR_EQUAL` is required. Values must be numbers between 0 and 10,000,000,000 in string format.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.\n\nFor further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalysubscription.html#aws-resource-ce-anomalysubscription--examples) section of this page.", + "title": "ThresholdExpression", + "type": "string" } }, "required": [ - "KeyGroupConfig" + "Frequency", + "MonitorArnList", + "Subscribers", + "SubscriptionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::KeyGroup" + "AWS::CE::AnomalySubscription" ], "type": "string" }, @@ -37540,35 +42589,52 @@ ], "type": "object" }, - "AWS::CloudFront::KeyGroup.KeyGroupConfig": { + "AWS::CE::AnomalySubscription.ResourceTag": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the key group. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the identifiers of the public keys in the key group.", - "title": "Items", - "type": "array" + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::CE::AnomalySubscription.Subscriber": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` .", + "title": "Address", + "type": "string" }, - "Name": { - "markdownDescription": "A name to identify the key group.", - "title": "Name", + "Status": { + "markdownDescription": "Indicates if the subscriber accepts the notifications.", + "title": "Status", + "type": "string" + }, + "Type": { + "markdownDescription": "The notification delivery channel.", + "title": "Type", "type": "string" } }, "required": [ - "Items", - "Name" + "Address", + "Type" ], "type": "object" }, - "AWS::CloudFront::KeyValueStore": { + "AWS::CE::CostCategory": { "additionalProperties": false, "properties": { "Condition": { @@ -37603,30 +42669,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment for the key value store.", - "title": "Comment", + "DefaultValue": { + "markdownDescription": "The default value for the cost category.", + "title": "DefaultValue", "type": "string" }, - "ImportSource": { - "$ref": "#/definitions/AWS::CloudFront::KeyValueStore.ImportSource", - "markdownDescription": "The import source for the key value store.", - "title": "ImportSource" - }, "Name": { - "markdownDescription": "The name of the key value store.", + "markdownDescription": "The unique name of the Cost Category.", "title": "Name", "type": "string" + }, + "RuleVersion": { + "markdownDescription": "The rule schema version in this particular Cost Category.", + "title": "RuleVersion", + "type": "string" + }, + "Rules": { + "markdownDescription": "The array of CostCategoryRule in JSON array format.\n\n> Rules are processed in order. If there are multiple rules that match the line item, then the first rule to match is used to determine that Cost Category value.", + "title": "Rules", + "type": "string" + }, + "SplitChargeRules": { + "markdownDescription": "The split charge rules that are used to allocate your charges between your Cost Category values.", + "title": "SplitChargeRules", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::CE::CostCategory.ResourceTag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "Name", + "RuleVersion", + "Rules" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::KeyValueStore" + "AWS::CE::CostCategory" ], "type": "string" }, @@ -37645,27 +42731,27 @@ ], "type": "object" }, - "AWS::CloudFront::KeyValueStore.ImportSource": { + "AWS::CE::CostCategory.ResourceTag": { "additionalProperties": false, "properties": { - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the import source for the key value store.", - "title": "SourceArn", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "SourceType": { - "markdownDescription": "The source type of the import source for the key value store.", - "title": "SourceType", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, "required": [ - "SourceArn", - "SourceType" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::MonitoringSubscription": { + "AWS::CUR::ReportDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -37700,26 +42786,89 @@ "Properties": { "additionalProperties": false, "properties": { - "DistributionId": { - "markdownDescription": "The ID of the distribution that you are enabling metrics for.", - "title": "DistributionId", + "AdditionalArtifacts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of manifests that you want AWS to create for this report.", + "title": "AdditionalArtifacts", + "type": "array" + }, + "AdditionalSchemaElements": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that indicate additional content that AWS includes in the report, such as individual resource IDs.", + "title": "AdditionalSchemaElements", + "type": "array" + }, + "BillingViewArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the billing view. You can get this value by using the billing view service public APIs.", + "title": "BillingViewArn", "type": "string" }, - "MonitoringSubscription": { - "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.MonitoringSubscription", - "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", - "title": "MonitoringSubscription" + "Compression": { + "markdownDescription": "The compression format that Amazon Web Services uses for the report.", + "title": "Compression", + "type": "string" + }, + "Format": { + "markdownDescription": "The format that Amazon Web Services saves the report in.", + "title": "Format", + "type": "string" + }, + "RefreshClosedReports": { + "markdownDescription": "Whether you want AWS to update your reports after they have been finalized if AWS detects charges related to previous months. These charges can include refunds, credits, or support fees.", + "title": "RefreshClosedReports", + "type": "boolean" + }, + "ReportName": { + "markdownDescription": "The name of the report that you want to create. The name must be unique, is case sensitive, and can't include spaces.", + "title": "ReportName", + "type": "string" + }, + "ReportVersioning": { + "markdownDescription": "Whether you want AWS to overwrite the previous version of each report or to deliver the report in addition to the previous versions.", + "title": "ReportVersioning", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "The S3 bucket where Amazon Web Services delivers the report.", + "title": "S3Bucket", + "type": "string" + }, + "S3Prefix": { + "markdownDescription": "The prefix that Amazon Web Services adds to the report name when Amazon Web Services delivers the report. Your prefix can't include spaces.", + "title": "S3Prefix", + "type": "string" + }, + "S3Region": { + "markdownDescription": "The Region of the S3 bucket that Amazon Web Services delivers the report into.", + "title": "S3Region", + "type": "string" + }, + "TimeUnit": { + "markdownDescription": "The granularity of the line items in the report.", + "title": "TimeUnit", + "type": "string" } }, "required": [ - "DistributionId", - "MonitoringSubscription" + "Compression", + "Format", + "RefreshClosedReports", + "ReportName", + "ReportVersioning", + "S3Bucket", + "S3Prefix", + "S3Region", + "TimeUnit" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::MonitoringSubscription" + "AWS::CUR::ReportDefinition" ], "type": "string" }, @@ -37738,32 +42887,7 @@ ], "type": "object" }, - "AWS::CloudFront::MonitoringSubscription.MonitoringSubscription": { - "additionalProperties": false, - "properties": { - "RealtimeMetricsSubscriptionConfig": { - "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig", - "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", - "title": "RealtimeMetricsSubscriptionConfig" - } - }, - "type": "object" - }, - "AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig": { - "additionalProperties": false, - "properties": { - "RealtimeMetricsSubscriptionStatus": { - "markdownDescription": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution.", - "title": "RealtimeMetricsSubscriptionStatus", - "type": "string" - } - }, - "required": [ - "RealtimeMetricsSubscriptionStatus" - ], - "type": "object" - }, - "AWS::CloudFront::OriginAccessControl": { + "AWS::Cassandra::Keyspace": { "additionalProperties": false, "properties": { "Condition": { @@ -37798,20 +42922,35 @@ "Properties": { "additionalProperties": false, "properties": { - "OriginAccessControlConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig", - "markdownDescription": "The origin access control.", - "title": "OriginAccessControlConfig" + "ClientSideTimestampsEnabled": { + "markdownDescription": "Indicates whether client-side timestamps are enabled (true) or disabled (false) for all tables in the keyspace. To add a Region to a single-Region keyspace with at least one table, the value must be set to true. After you've enabled client-side timestamps for a table, you can\u2019t disable it again.", + "title": "ClientSideTimestampsEnabled", + "type": "boolean" + }, + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to be created. The keyspace name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the keyspace name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n*Length constraints:* Minimum length of 1. Maximum length of 48.", + "title": "KeyspaceName", + "type": "string" + }, + "ReplicationSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Keyspace.ReplicationSpecification", + "markdownDescription": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in.", + "title": "ReplicationSpecification" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "OriginAccessControlConfig" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::OriginAccessControl" + "AWS::Cassandra::Keyspace" ], "type": "string" }, @@ -37825,49 +42964,30 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig": { + "AWS::Cassandra::Keyspace.ReplicationSpecification": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the origin access control.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name to identify the origin access control. You can specify up to 64 characters.", - "title": "Name", - "type": "string" - }, - "OriginAccessControlOriginType": { - "markdownDescription": "The type of origin that this origin access control is for.", - "title": "OriginAccessControlOriginType", - "type": "string" - }, - "SigningBehavior": { - "markdownDescription": "Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .\n\nThis field can have one of the following values:\n\n- `always` \u2013 CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.\n- `never` \u2013 CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.\n- `no-override` \u2013 If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*", - "title": "SigningBehavior", - "type": "string" + "RegionList": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", + "title": "RegionList", + "type": "array" }, - "SigningProtocol": { - "markdownDescription": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .", - "title": "SigningProtocol", + "ReplicationStrategy": { + "markdownDescription": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required.", + "title": "ReplicationStrategy", "type": "string" } }, - "required": [ - "Name", - "OriginAccessControlOriginType", - "SigningBehavior", - "SigningProtocol" - ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy": { + "AWS::Cassandra::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -37902,20 +43022,101 @@ "Properties": { "additionalProperties": false, "properties": { - "OriginRequestPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig", - "markdownDescription": "The origin request policy configuration.", - "title": "OriginRequestPolicyConfig" + "AutoScalingSpecifications": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSpecification", + "markdownDescription": "The optional auto scaling capacity settings for a table in provisioned capacity mode.", + "title": "AutoScalingSpecifications" + }, + "BillingMode": { + "$ref": "#/definitions/AWS::Cassandra::Table.BillingMode", + "markdownDescription": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode.", + "title": "BillingMode" + }, + "CdcSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Table.CdcSpecification", + "markdownDescription": "The settings for the CDC stream of a table. For more information about CDC streams, see [Working with change data capture (CDC) streams in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/cdc.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "CdcSpecification" + }, + "ClientSideTimestampsEnabled": { + "markdownDescription": "Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option:\n\n- `status: \"enabled\"`\n\nAfter client-side timestamps are enabled for a table, you can't disable this setting.", + "title": "ClientSideTimestampsEnabled", + "type": "boolean" + }, + "ClusteringKeyColumns": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.ClusteringKeyColumn" + }, + "markdownDescription": "One or more columns that determine how the table data is sorted.", + "title": "ClusteringKeyColumns", + "type": "array" + }, + "DefaultTimeToLive": { + "markdownDescription": "The default Time To Live (TTL) value for all rows in a table in seconds. The maximum configurable value is 630,720,000 seconds, which is the equivalent of 20 years. By default, the TTL value for a table is 0, which means data does not expire.\n\nFor more information, see [Setting the default TTL value for a table](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl) in the *Amazon Keyspaces Developer Guide* .", + "title": "DefaultTimeToLive", + "type": "number" + }, + "EncryptionSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Table.EncryptionSpecification", + "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n> If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "EncryptionSpecification" + }, + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to create the table in. The keyspace must already exist.", + "title": "KeyspaceName", + "type": "string" + }, + "PartitionKeyColumns": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column" + }, + "markdownDescription": "One or more columns that uniquely identify every row in the table. Every table must have a partition key.", + "title": "PartitionKeyColumns", + "type": "array" + }, + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Specifies if point-in-time recovery is enabled or disabled for the table. The options are `PointInTimeRecoveryEnabled=true` and `PointInTimeRecoveryEnabled=false` . If not specified, the default is `PointInTimeRecoveryEnabled=false` .", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" + }, + "RegularColumns": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column" + }, + "markdownDescription": "One or more columns that are not part of the primary key - that is, columns that are *not* defined as partition key columns or clustering key columns.\n\nYou can add regular columns to existing tables by adding them to the template.", + "title": "RegularColumns", + "type": "array" + }, + "ReplicaSpecifications": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.ReplicaSpecification" + }, + "markdownDescription": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)", + "title": "ReplicaSpecifications", + "type": "array" + }, + "TableName": { + "markdownDescription": "The name of the table to be created. The table name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacing this resource. You can perform updates that require no interruption or some interruption. If you must replace the resource, specify a new name. \n\n*Length constraints:* Minimum length of 3. Maximum length of 255.\n\n*Pattern:* `^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$`", + "title": "TableName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "OriginRequestPolicyConfig" + "KeyspaceName", + "PartitionKeyColumns" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::OriginRequestPolicy" + "AWS::Cassandra::Table" ], "type": "string" }, @@ -37934,118 +43135,245 @@ ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.CookiesConfig": { + "AWS::Cassandra::Table.AutoScalingSetting": { "additionalProperties": false, "properties": { - "CookieBehavior": { - "markdownDescription": "Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `CookieNames` type, which are not included.", - "title": "CookieBehavior", - "type": "string" + "AutoScalingDisabled": { + "markdownDescription": "This optional parameter enables auto scaling for the table if set to `false` .", + "title": "AutoScalingDisabled", + "type": "boolean" }, - "Cookies": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of cookie names.", - "title": "Cookies", - "type": "array" + "MaximumUnits": { + "markdownDescription": "Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", + "title": "MaximumUnits", + "type": "number" + }, + "MinimumUnits": { + "markdownDescription": "The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", + "title": "MinimumUnits", + "type": "number" + }, + "ScalingPolicy": { + "$ref": "#/definitions/AWS::Cassandra::Table.ScalingPolicy", + "markdownDescription": "Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90.", + "title": "ScalingPolicy" } }, - "required": [ - "CookieBehavior" - ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.HeadersConfig": { + "AWS::Cassandra::Table.AutoScalingSpecification": { "additionalProperties": false, "properties": { - "HeaderBehavior": { - "markdownDescription": "Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin.\n- `allViewer` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin.\n- `allViewerAndWhitelistCloudFront` \u2013 All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront.\n- `allExcept` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `Headers` type, which are not included.", - "title": "HeaderBehavior", + "ReadCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The auto scaling settings for the table's read capacity.", + "title": "ReadCapacityAutoScaling" + }, + "WriteCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The auto scaling settings for the table's write capacity.", + "title": "WriteCapacityAutoScaling" + } + }, + "type": "object" + }, + "AWS::Cassandra::Table.BillingMode": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n> If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`", + "title": "Mode", "type": "string" }, - "Headers": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of HTTP header names.", - "title": "Headers", - "type": "array" + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::Cassandra::Table.ProvisionedThroughput", + "markdownDescription": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* .", + "title": "ProvisionedThroughput" } }, "required": [ - "HeaderBehavior" + "Mode" ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig": { + "AWS::Cassandra::Table.CdcSpecification": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the origin request policy. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Status": { + "markdownDescription": "The status of the CDC stream. You can enable or disable a stream for a table.", + "title": "Status", "type": "string" }, - "CookiesConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.CookiesConfig", - "markdownDescription": "The cookies from viewer requests to include in origin requests.", - "title": "CookiesConfig" - }, - "HeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.HeadersConfig", - "markdownDescription": "The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront.", - "title": "HeadersConfig" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags (key-value pairs) that you want to apply to the stream.", + "title": "Tags", + "type": "array" }, - "Name": { - "markdownDescription": "A unique name to identify the origin request policy.", - "title": "Name", + "ViewType": { + "markdownDescription": "The view type specifies the changes Amazon Keyspaces records for each changed row in the stream. After you create the stream, you can't make changes to this selection.\n\nThe options are:\n\n- `NEW_AND_OLD_IMAGES` - both versions of the row, before and after the change. This is the default.\n- `NEW_IMAGE` - the version of the row after the change.\n- `OLD_IMAGE` - the version of the row before the change.\n- `KEYS_ONLY` - the partition and clustering keys of the row that was changed.", + "title": "ViewType", "type": "string" - }, - "QueryStringsConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig", - "markdownDescription": "The URL query strings from viewer requests to include in origin requests.", - "title": "QueryStringsConfig" } }, "required": [ - "CookiesConfig", - "HeadersConfig", - "Name", - "QueryStringsConfig" + "Status" ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig": { + "AWS::Cassandra::Table.ClusteringKeyColumn": { "additionalProperties": false, "properties": { - "QueryStringBehavior": { - "markdownDescription": "Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `QueryStringNames` type, which are not included.", - "title": "QueryStringBehavior", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column", + "markdownDescription": "The name and data type of this clustering key column.", + "title": "Column" }, - "QueryStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of query string names.", - "title": "QueryStrings", - "type": "array" + "OrderBy": { + "markdownDescription": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order.", + "title": "OrderBy", + "type": "string" } }, "required": [ - "QueryStringBehavior" + "Column" ], "type": "object" }, - "AWS::CloudFront::PublicKey": { + "AWS::Cassandra::Table.Column": { "additionalProperties": false, "properties": { - "Condition": { + "ColumnName": { + "markdownDescription": "The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* .", + "title": "ColumnName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", + "ColumnType": { + "markdownDescription": "The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* .", + "title": "ColumnType", + "type": "string" + } + }, + "required": [ + "ColumnName", + "ColumnType" + ], + "type": "object" + }, + "AWS::Cassandra::Table.EncryptionSpecification": { + "additionalProperties": false, + "properties": { + "EncryptionType": { + "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - `AWS_OWNED_KMS_KEY`\n- *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY`\n\n> If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required.\n\nValid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` .", + "title": "EncryptionType", + "type": "string" + }, + "KmsKeyIdentifier": { + "markdownDescription": "Requires a `kms_key_identifier` in the format of a key ARN.", + "title": "KmsKeyIdentifier", + "type": "string" + } + }, + "required": [ + "EncryptionType" + ], + "type": "object" + }, + "AWS::Cassandra::Table.ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "markdownDescription": "The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "ReadCapacityUnits", + "type": "number" + }, + "WriteCapacityUnits": { + "markdownDescription": "The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "WriteCapacityUnits", + "type": "number" + } + }, + "required": [ + "ReadCapacityUnits", + "WriteCapacityUnits" + ], + "type": "object" + }, + "AWS::Cassandra::Table.ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The read capacity auto scaling settings for the multi-Region table in the specified AWS Region.", + "title": "ReadCapacityAutoScaling" + }, + "ReadCapacityUnits": { + "markdownDescription": "The provisioned read capacity units for the multi-Region table in the specified AWS Region.", + "title": "ReadCapacityUnits", + "type": "number" + }, + "Region": { + "markdownDescription": "The AWS Region.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "AWS::Cassandra::Table.ScalingPolicy": { + "additionalProperties": false, + "properties": { + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration", + "markdownDescription": "The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity.", + "title": "TargetTrackingScalingPolicyConfiguration" + } + }, + "type": "object" + }, + "AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "markdownDescription": "Specifies if `scale-in` is enabled.\n\nWhen auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity.", + "title": "DisableScaleIn", + "type": "boolean" + }, + "ScaleInCooldown": { + "markdownDescription": "Specifies a `scale-in` cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", + "title": "ScaleInCooldown", + "type": "number" + }, + "ScaleOutCooldown": { + "markdownDescription": "Specifies a scale out cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", + "title": "ScaleOutCooldown", + "type": "number" + }, + "TargetValue": { + "markdownDescription": "Specifies the target value for the target tracking auto scaling policy.\n\nAmazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90.", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::Cassandra::Type": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", "Retain", "Snapshot" ], @@ -38072,20 +43400,35 @@ "Properties": { "additionalProperties": false, "properties": { - "PublicKeyConfig": { - "$ref": "#/definitions/AWS::CloudFront::PublicKey.PublicKeyConfig", - "markdownDescription": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", - "title": "PublicKeyConfig" + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Type.Field" + }, + "markdownDescription": "A list of fields that define this type.", + "title": "Fields", + "type": "array" + }, + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to create the type in. The keyspace must already exist.", + "title": "KeyspaceName", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the user-defined type. UDT names must contain 48 characters or less, must begin with an alphabetic character, and can only contain alpha-numeric characters and underscores. Amazon Keyspaces converts upper case characters automatically into lower case characters. For more information, see [Create a user-defined type (UDT) in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/keyspaces-create-udt.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "TypeName", + "type": "string" } }, "required": [ - "PublicKeyConfig" + "Fields", + "KeyspaceName", + "TypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::PublicKey" + "AWS::Cassandra::Type" ], "type": "string" }, @@ -38104,38 +43447,27 @@ ], "type": "object" }, - "AWS::CloudFront::PublicKey.PublicKeyConfig": { + "AWS::Cassandra::Type.Field": { "additionalProperties": false, "properties": { - "CallerReference": { - "markdownDescription": "A string included in the request to help make sure that the request can't be replayed.", - "title": "CallerReference", - "type": "string" - }, - "Comment": { - "markdownDescription": "A comment to describe the public key. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - }, - "EncodedKey": { - "markdownDescription": "The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", - "title": "EncodedKey", + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", "type": "string" }, - "Name": { - "markdownDescription": "A name to help identify the public key.", - "title": "Name", + "FieldType": { + "markdownDescription": "The data type of the field. This can be any Cassandra data type or another user-defined type.", + "title": "FieldType", "type": "string" } }, "required": [ - "CallerReference", - "EncodedKey", - "Name" + "FieldName", + "FieldType" ], "type": "object" }, - "AWS::CloudFront::RealtimeLogConfig": { + "AWS::CertificateManager::Account": { "additionalProperties": false, "properties": { "Condition": { @@ -38170,44 +43502,20 @@ "Properties": { "additionalProperties": false, "properties": { - "EndPoints": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.EndPoint" - }, - "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.", - "title": "EndPoints", - "type": "array" - }, - "Fields": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .", - "title": "Fields", - "type": "array" - }, - "Name": { - "markdownDescription": "The unique name of this real-time log configuration.", - "title": "Name", - "type": "string" - }, - "SamplingRate": { - "markdownDescription": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.", - "title": "SamplingRate", - "type": "number" + "ExpiryEventsConfiguration": { + "$ref": "#/definitions/AWS::CertificateManager::Account.ExpiryEventsConfiguration", + "markdownDescription": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.", + "title": "ExpiryEventsConfiguration" } }, "required": [ - "EndPoints", - "Fields", - "Name", - "SamplingRate" + "ExpiryEventsConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::RealtimeLogConfig" + "AWS::CertificateManager::Account" ], "type": "string" }, @@ -38226,47 +43534,18 @@ ], "type": "object" }, - "AWS::CloudFront::RealtimeLogConfig.EndPoint": { - "additionalProperties": false, - "properties": { - "KinesisStreamConfig": { - "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig", - "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration.", - "title": "KinesisStreamConfig" - }, - "StreamType": { - "markdownDescription": "The type of data stream where you are sending real-time log data. The only valid value is `Kinesis` .", - "title": "StreamType", - "type": "string" - } - }, - "required": [ - "KinesisStreamConfig", - "StreamType" - ], - "type": "object" - }, - "AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig": { + "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream.\n\nFor more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide* .", - "title": "RoleArn", - "type": "string" - }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data.", - "title": "StreamArn", - "type": "string" + "DaysBeforeExpiry": { + "markdownDescription": "This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration.", + "title": "DaysBeforeExpiry", + "type": "number" } }, - "required": [ - "RoleArn", - "StreamArn" - ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy": { + "AWS::CertificateManager::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -38301,20 +43580,69 @@ "Properties": { "additionalProperties": false, "properties": { - "ResponseHeadersPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig", - "markdownDescription": "A response headers policy configuration.", - "title": "ResponseHeadersPolicyConfig" + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "CertificateExport": { + "markdownDescription": "You can opt out of allowing export of your certificate by specifying the `DISABLED` option. Allow export of your certificate by specifying the `ENABLED` option.\n\nIf you do not specify an export preference in a new CloudFormation template, it is the same as explicitly denying export of your certificate.", + "title": "CertificateExport", + "type": "string" + }, + "CertificateTransparencyLoggingPreference": { + "markdownDescription": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", + "title": "CertificateTransparencyLoggingPreference", + "type": "string" + }, + "DomainName": { + "markdownDescription": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", + "title": "DomainName", + "type": "string" + }, + "DomainValidationOptions": { + "items": { + "$ref": "#/definitions/AWS::CertificateManager::Certificate.DomainValidationOption" + }, + "markdownDescription": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", + "title": "DomainValidationOptions", + "type": "array" + }, + "KeyAlgorithm": { + "markdownDescription": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate-characteristics.html#algorithms-term) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", + "title": "KeyAlgorithm", + "type": "string" + }, + "SubjectAlternativeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", + "title": "SubjectAlternativeNames", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can identify the certificate.", + "title": "Tags", + "type": "array" + }, + "ValidationMethod": { + "markdownDescription": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation.", + "title": "ValidationMethod", + "type": "string" } }, "required": [ - "ResponseHeadersPolicyConfig" + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::ResponseHeadersPolicy" + "AWS::CertificateManager::Certificate" ], "type": "string" }, @@ -38333,430 +43661,31 @@ ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP header names. You can specify `*` to allow all headers.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP methods. Valid values are:\n\n- `GET`\n- `DELETE`\n- `HEAD`\n- `OPTIONS`\n- `PATCH`\n- `POST`\n- `PUT`\n- `ALL`\n\n`ALL` is a special value that includes all of the listed HTTP methods.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of origins (domain names). You can specify `*` to allow all origins.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP headers. You can specify `*` to expose all headers.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy": { - "additionalProperties": false, - "properties": { - "ContentSecurityPolicy": { - "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.", - "title": "ContentSecurityPolicy", - "type": "string" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "ContentSecurityPolicy", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions": { - "additionalProperties": false, - "properties": { - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.CorsConfig": { - "additionalProperties": false, - "properties": { - "AccessControlAllowCredentials": { - "markdownDescription": "A Boolean that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Credentials` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs.", - "title": "AccessControlAllowCredentials", - "type": "boolean" - }, - "AccessControlAllowHeaders": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders", - "markdownDescription": "A list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Headers` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs.", - "title": "AccessControlAllowHeaders" - }, - "AccessControlAllowMethods": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods", - "markdownDescription": "A list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Methods` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs.", - "title": "AccessControlAllowMethods" - }, - "AccessControlAllowOrigins": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins", - "markdownDescription": "A list of origins (domain names) that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Origin` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs.", - "title": "AccessControlAllowOrigins" - }, - "AccessControlExposeHeaders": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders", - "markdownDescription": "A list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Expose-Headers` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs.", - "title": "AccessControlExposeHeaders" - }, - "AccessControlMaxAgeSec": { - "markdownDescription": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n\nFor more information about the `Access-Control-Max-Age` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs.", - "title": "AccessControlMaxAgeSec", - "type": "number" - }, - "OriginOverride": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.", - "title": "OriginOverride", - "type": "boolean" - } - }, - "required": [ - "AccessControlAllowCredentials", - "AccessControlAllowHeaders", - "AccessControlAllowMethods", - "AccessControlAllowOrigins", - "OriginOverride" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.CustomHeader": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The HTTP response header name.", - "title": "Header", - "type": "string" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.", - "title": "Override", - "type": "boolean" - }, - "Value": { - "markdownDescription": "The value for the HTTP response header.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Override", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeader" - }, - "markdownDescription": "The list of HTTP response headers and their values.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.FrameOptions": { - "additionalProperties": false, - "properties": { - "FrameOption": { - "markdownDescription": "The value of the `X-Frame-Options` HTTP response header. Valid values are `DENY` and `SAMEORIGIN` .\n\nFor more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", - "title": "FrameOption", - "type": "string" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "FrameOption", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy": { - "additionalProperties": false, - "properties": { - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - }, - "ReferrerPolicy": { - "markdownDescription": "The value of the `Referrer-Policy` HTTP response header. Valid values are:\n\n- `no-referrer`\n- `no-referrer-when-downgrade`\n- `origin`\n- `origin-when-cross-origin`\n- `same-origin`\n- `strict-origin`\n- `strict-origin-when-cross-origin`\n- `unsafe-url`\n\nFor more information about these values, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", - "title": "ReferrerPolicy", - "type": "string" - } - }, - "required": [ - "Override", - "ReferrerPolicy" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The HTTP header name.", - "title": "Header", - "type": "string" - } - }, - "required": [ - "Header" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader" - }, - "markdownDescription": "The list of HTTP header names.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig": { + "AWS::CertificateManager::Certificate.DomainValidationOption": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the response headers policy.\n\nThe comment cannot be longer than 128 characters.", - "title": "Comment", + "DomainName": { + "markdownDescription": "A fully qualified domain name (FQDN) in the certificate request.", + "title": "DomainName", "type": "string" }, - "CorsConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CorsConfig", - "markdownDescription": "A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).", - "title": "CorsConfig" - }, - "CustomHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig", - "markdownDescription": "A configuration for a set of custom HTTP response headers.", - "title": "CustomHeadersConfig" - }, - "Name": { - "markdownDescription": "A name to identify the response headers policy.\n\nThe name must be unique for response headers policies in this AWS account .", - "title": "Name", + "HostedZoneId": { + "markdownDescription": "The `HostedZoneId` option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record. Your list of `DomainValidationOptions` must contain one and only one of the domain-validation options, and the `HostedZoneId` can be used only when `DNS` is specified as your validation method.\n\nUse the Route 53 `ListHostedZones` API to discover IDs for available hosted zones.\n\nThis option is required for publicly trusted certificates.\n\n> The `ListHostedZones` API returns IDs in the format \"/hostedzone/Z111111QQQQQQQ\", but CloudFormation requires the IDs to be in the format \"Z111111QQQQQQQ\". \n\nWhen you change your `DomainValidationOptions` , a new resource is created.", + "title": "HostedZoneId", "type": "string" }, - "RemoveHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig", - "markdownDescription": "A configuration for a set of HTTP headers to remove from the HTTP response.", - "title": "RemoveHeadersConfig" - }, - "SecurityHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig", - "markdownDescription": "A configuration for a set of security-related HTTP response headers.", - "title": "SecurityHeadersConfig" - }, - "ServerTimingHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig", - "markdownDescription": "A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront.", - "title": "ServerTimingHeadersConfig" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig": { - "additionalProperties": false, - "properties": { - "ContentSecurityPolicy": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy", - "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n\nFor more information about the `Content-Security-Policy` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs.", - "title": "ContentSecurityPolicy" - }, - "ContentTypeOptions": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions", - "markdownDescription": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff` .\n\nFor more information about the `X-Content-Type-Options` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs.", - "title": "ContentTypeOptions" - }, - "FrameOptions": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.FrameOptions", - "markdownDescription": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value.\n\nFor more information about the `X-Frame-Options` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", - "title": "FrameOptions" - }, - "ReferrerPolicy": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy", - "markdownDescription": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value.\n\nFor more information about the `Referrer-Policy` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", - "title": "ReferrerPolicy" - }, - "StrictTransportSecurity": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity", - "markdownDescription": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value.\n\nFor more information about the `Strict-Transport-Security` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs.", - "title": "StrictTransportSecurity" - }, - "XSSProtection": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.XSSProtection", - "markdownDescription": "Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value.\n\nFor more information about the `X-XSS-Protection` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "XSSProtection" - } - }, - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A Boolean that determines whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.", - "title": "Enabled", - "type": "boolean" - }, - "SamplingRate": { - "markdownDescription": "A number 0\u2013100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the `Server-Timing` header to. When you set the sampling rate to 100, CloudFront adds the `Server-Timing` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0\u2013100 with up to four decimal places.", - "title": "SamplingRate", - "type": "number" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity": { - "additionalProperties": false, - "properties": { - "AccessControlMaxAgeSec": { - "markdownDescription": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "AccessControlMaxAgeSec", - "type": "number" - }, - "IncludeSubdomains": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "IncludeSubdomains", - "type": "boolean" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - }, - "Preload": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "Preload", - "type": "boolean" - } - }, - "required": [ - "AccessControlMaxAgeSec", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.XSSProtection": { - "additionalProperties": false, - "properties": { - "ModeBlock": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n\nFor more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "ModeBlock", - "type": "boolean" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - }, - "Protection": { - "markdownDescription": "A Boolean that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true` , the value of the `X-XSS-Protection` header is `1` . When this setting is `false` , the value of the `X-XSS-Protection` header is `0` .\n\nFor more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "Protection", - "type": "boolean" - }, - "ReportUri": { - "markdownDescription": "A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.\n\nYou cannot specify a `ReportUri` when `ModeBlock` is `true` .\n\nFor more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "ReportUri", + "ValidationDomain": { + "markdownDescription": "The domain name to which you want ACM to send validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `DomainName` value or a superdomain of the `DomainName` value. For example, if you request a certificate for `testing.example.com` , you can specify `example.com` as this value. In that case, ACM sends domain validation emails to the following five addresses:\n\n- admin@example.com\n- administrator@example.com\n- hostmaster@example.com\n- postmaster@example.com\n- webmaster@example.com", + "title": "ValidationDomain", "type": "string" } }, "required": [ - "Override", - "Protection" + "DomainName" ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution": { + "AWS::Chatbot::CustomAction": { "additionalProperties": false, "properties": { "Condition": { @@ -38791,29 +43720,47 @@ "Properties": { "additionalProperties": false, "properties": { - "StreamingDistributionConfig": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig", - "markdownDescription": "The current configuration information for the RTMP distribution.", - "title": "StreamingDistributionConfig" + "ActionName": { + "markdownDescription": "The name of the custom action. This name is included in the Amazon Resource Name (ARN).", + "title": "ActionName", + "type": "string" + }, + "AliasName": { + "markdownDescription": "The name used to invoke this action in a chat channel. For example, `@Amazon Q run my-alias` .", + "title": "AliasName", + "type": "string" + }, + "Attachments": { + "items": { + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionAttachment" + }, + "markdownDescription": "Defines when this custom action button should be attached to a notification.", + "title": "Attachments", + "type": "array" + }, + "Definition": { + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionDefinition", + "markdownDescription": "The definition of the command to run when invoked as an alias or as an action button.", + "title": "Definition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" } }, "required": [ - "StreamingDistributionConfig", - "Tags" + "ActionName", + "Definition" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::StreamingDistribution" + "AWS::Chatbot::CustomAction" ], "type": "string" }, @@ -38832,125 +43779,81 @@ ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.Logging": { + "AWS::Chatbot::CustomAction.CustomActionAttachment": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", - "title": "Bucket", + "ButtonText": { + "markdownDescription": "The text of the button that appears on the notification.", + "title": "ButtonText", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a streaming distribution or if you want to disable logging for an existing streaming distribution, specify `false` for `Enabled` , and specify `empty Bucket` and `Prefix` elements. If you specify `false` for `Enabled` but you specify values for `Bucket` and `Prefix` , the values are automatically deleted.", - "title": "Enabled", - "type": "boolean" + "Criteria": { + "items": { + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionAttachmentCriteria" + }, + "markdownDescription": "The criteria for when a button should be shown based on values in the notification.", + "title": "Criteria", + "type": "array" }, - "Prefix": { - "markdownDescription": "An optional string that you want CloudFront to prefix to the access log filenames for this streaming distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "Bucket", - "Enabled", - "Prefix" - ], - "type": "object" - }, - "AWS::CloudFront::StreamingDistribution.S3Origin": { - "additionalProperties": false, - "properties": { - "DomainName": { - "markdownDescription": "The DNS name of the Amazon S3 origin.", - "title": "DomainName", + "NotificationType": { + "markdownDescription": "The type of notification that the custom action should be attached to.", + "title": "NotificationType", "type": "string" }, - "OriginAccessIdentity": { - "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 bucket through CloudFront.\n\nIf you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information, see [Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessIdentity", - "type": "string" + "Variables": { + "additionalProperties": true, + "markdownDescription": "The variables to extract from the notification.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Variables", + "type": "object" } }, - "required": [ - "DomainName", - "OriginAccessIdentity" - ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig": { + "AWS::Chatbot::CustomAction.CustomActionAttachmentCriteria": { "additionalProperties": false, "properties": { - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution.", - "title": "Aliases", - "type": "array" - }, - "Comment": { - "markdownDescription": "Any comments you want to include about the streaming distribution.", - "title": "Comment", + "Operator": { + "markdownDescription": "The operation to perform on the named variable.", + "title": "Operator", "type": "string" }, - "Enabled": { - "markdownDescription": "Whether the streaming distribution is enabled to accept user requests for content.", - "title": "Enabled", - "type": "boolean" - }, - "Logging": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.Logging", - "markdownDescription": "A complex type that controls whether access logs are written for the streaming distribution.", - "title": "Logging" - }, - "PriceClass": { - "markdownDescription": "A complex type that contains information about price class for this streaming distribution.", - "title": "PriceClass", + "Value": { + "markdownDescription": "A value that is compared with the actual value of the variable based on the behavior of the operator.", + "title": "Value", "type": "string" }, - "S3Origin": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.S3Origin", - "markdownDescription": "A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.", - "title": "S3Origin" - }, - "TrustedSigners": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.TrustedSigners", - "markdownDescription": "A complex type that specifies any AWS accounts that you want to permit to create signed URLs for private content. If you want the distribution to use signed URLs, include this element; if you want the distribution to use public URLs, remove this element. For more information, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners" + "VariableName": { + "markdownDescription": "The name of the variable to operate on.", + "title": "VariableName", + "type": "string" } }, "required": [ - "Comment", - "Enabled", - "S3Origin", - "TrustedSigners" + "Operator", + "VariableName" ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.TrustedSigners": { + "AWS::Chatbot::CustomAction.CustomActionDefinition": { "additionalProperties": false, "properties": { - "AwsAccountNumbers": { - "items": { - "type": "string" - }, - "markdownDescription": "An AWS account number that contains active CloudFront key pairs that CloudFront can use to verify the signatures of signed URLs and signed cookies. If the AWS account that owns the key pairs is the same account that owns the CloudFront distribution, the value of this field is `self` .", - "title": "AwsAccountNumbers", - "type": "array" - }, - "Enabled": { - "markdownDescription": "This field is `true` if any of the AWS accounts in the list are configured as trusted signers. If not, this field is `false` .", - "title": "Enabled", - "type": "boolean" + "CommandText": { + "markdownDescription": "The command string to run which may include variables by prefixing with a dollar sign ($).", + "title": "CommandText", + "type": "string" } }, "required": [ - "Enabled" + "CommandText" ], "type": "object" }, - "AWS::CloudTrail::Channel": { + "AWS::Chatbot::MicrosoftTeamsChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -38985,38 +43888,91 @@ "Properties": { "additionalProperties": false, "properties": { - "Destinations": { + "ConfigurationName": { + "markdownDescription": "The name of the configuration.", + "title": "ConfigurationName", + "type": "string" + }, + "CustomizationResourceArns": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Channel.Destination" + "type": "string" }, - "markdownDescription": "One or more event data stores to which events arriving through a channel will be logged.", - "title": "Destinations", + "markdownDescription": "Links a list of resource ARNs (for example, custom action ARNs) to a Microsoft Teams channel configuration for .", + "title": "CustomizationResourceArns", "type": "array" }, - "Name": { - "markdownDescription": "The name of the channel.", - "title": "Name", + "GuardrailPolicies": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", + "title": "GuardrailPolicies", + "type": "array" + }, + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", + "title": "IamRoleArn", "type": "string" }, - "Source": { - "markdownDescription": "The name of the partner or external event source. You cannot change this name after you create the channel. A maximum of one channel is allowed per source.\n\nA source can be either `Custom` for all valid non- AWS events, or the name of a partner event source. For information about the source names for available partners, see [Additional information about integration partners](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-integration.html#cloudtrail-lake-partner-information) in the CloudTrail User Guide.", - "title": "Source", + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", + "title": "LoggingLevel", "type": "string" }, + "SnsTopicArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", + "title": "SnsTopicArns", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" + }, + "TeamId": { + "markdownDescription": "The ID of the Microsoft Team authorized with .\n\nTo get the team ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the team ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", + "title": "TeamId", + "type": "string" + }, + "TeamsChannelId": { + "markdownDescription": "The ID of the Microsoft Teams channel.\n\nTo get the channel ID, open Microsoft Teams, right click on the channel name in the left pane, then choose *Copy* . An example of the channel ID syntax is: `19%3ab6ef35dc342d56ba5654e6fc6d25a071%40thread.tacv2` .", + "title": "TeamsChannelId", + "type": "string" + }, + "TeamsChannelName": { + "markdownDescription": "", + "title": "TeamsChannelName", + "type": "string" + }, + "TeamsTenantId": { + "markdownDescription": "The ID of the Microsoft Teams tenant.\n\nTo get the tenant ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the tenant ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", + "title": "TeamsTenantId", + "type": "string" + }, + "UserRoleRequired": { + "markdownDescription": "Enables use of a user role requirement in your chat configuration.", + "title": "UserRoleRequired", + "type": "boolean" } }, + "required": [ + "ConfigurationName", + "IamRoleArn", + "TeamId", + "TeamsChannelId", + "TeamsTenantId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::Channel" + "AWS::Chatbot::MicrosoftTeamsChannelConfiguration" ], "type": "string" }, @@ -39030,31 +43986,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudTrail::Channel.Destination": { - "additionalProperties": false, - "properties": { - "Location": { - "markdownDescription": "For channels used for a CloudTrail Lake integration, the location is the ARN of an event data store that receives events from a channel. For service-linked channels, the location is the name of the AWS service.", - "title": "Location", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of destination for events arriving from a channel. For channels used for a CloudTrail Lake integration, the value is `EVENT_DATA_STORE` . For service-linked channels, the value is `AWS_SERVICE` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Location", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudTrail::EventDataStore": { + "AWS::Chatbot::SlackChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -39089,258 +44026,80 @@ "Properties": { "additionalProperties": false, "properties": { - "AdvancedEventSelectors": { + "ConfigurationName": { + "markdownDescription": "The name of the configuration.", + "title": "ConfigurationName", + "type": "string" + }, + "CustomizationResourceArns": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedEventSelector" + "type": "string" }, - "markdownDescription": "The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.\n\nFor more information about how to use advanced event selectors to log CloudTrail events, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see [Create an event data store for AWS Config configuration items](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see [Create an integration to log events from outside AWS](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration) in the CloudTrail User Guide.", - "title": "AdvancedEventSelectors", + "markdownDescription": "Links a list of resource ARNs (for example, custom action ARNs) to a Slack channel configuration for .", + "title": "CustomizationResourceArns", "type": "array" }, - "BillingMode": { - "markdownDescription": "The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.\n\nThe following are the possible values:\n\n- `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days.\n- `FIXED_RETENTION_PRICING` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.\n\nThe default value is `EXTENDABLE_RETENTION_PRICING` .\n\nFor more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) and [Managing CloudTrail Lake costs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html) .", - "title": "BillingMode", - "type": "string" - }, - "FederationEnabled": { - "markdownDescription": "Indicates if [Lake query federation](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html) is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.", - "title": "FederationEnabled", - "type": "boolean" - }, - "FederationRoleArn": { - "markdownDescription": "If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.\n\nThe federation role must exist in your account and provide the [required minimum permissions](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role) .", - "title": "FederationRoleArn", - "type": "string" - }, - "IngestionEnabled": { - "markdownDescription": "Specifies whether the event data store should start ingesting live events. The default is true.", - "title": "IngestionEnabled", - "type": "boolean" - }, - "InsightSelectors": { + "GuardrailPolicies": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.InsightSelector" + "type": "string" }, - "markdownDescription": "A JSON string that contains the Insights types you want to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightSelectors", + "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", + "title": "GuardrailPolicies", "type": "array" }, - "InsightsDestination": { - "markdownDescription": "The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. For more information, see [Create an event data store for CloudTrail Insights events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-insights.html) .", - "title": "InsightsDestination", + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", + "title": "IamRoleArn", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by `alias/` , a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\n> Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store. \n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- `alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`\n- `12345678-1234-1234-1234-123456789012`", - "title": "KmsKeyId", + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", + "title": "LoggingLevel", "type": "string" }, - "MultiRegionEnabled": { - "markdownDescription": "Specifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.", - "title": "MultiRegionEnabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the event data store.", - "title": "Name", + "SlackChannelId": { + "markdownDescription": "The ID of the Slack channel.\n\nTo get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the character string at the end of the URL. For example, `ABCBBLZZZ` .", + "title": "SlackChannelId", "type": "string" }, - "OrganizationEnabled": { - "markdownDescription": "Specifies whether an event data store collects events logged for an organization in AWS Organizations .", - "title": "OrganizationEnabled", - "type": "boolean" + "SlackWorkspaceId": { + "markdownDescription": "The ID of the Slack workspace authorized with .\n\nTo get the workspace ID, you must perform the initial authorization flow with Slack in the in chat applications console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Slack](https://docs.aws.amazon.com/chatbot/latest/adminguide/slack-setup.html#slack-client-setup) in the *in chat applications User Guide* .", + "title": "SlackWorkspaceId", + "type": "string" }, - "RetentionPeriod": { - "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", - "title": "RetentionPeriod", - "type": "number" + "SnsTopicArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", + "title": "SnsTopicArns", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" }, - "TerminationProtectionEnabled": { - "markdownDescription": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.", - "title": "TerminationProtectionEnabled", + "UserRoleRequired": { + "markdownDescription": "Enables use of a user role requirement in your chat configuration.", + "title": "UserRoleRequired", "type": "boolean" } }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudTrail::EventDataStore" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { - "additionalProperties": false, - "properties": { - "FieldSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedFieldSelector" - }, - "markdownDescription": "Contains all selector statements in an advanced event selector.", - "title": "FieldSelectors", - "type": "array" - }, - "Name": { - "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", - "title": "Name", - "type": "string" - } - }, - "required": [ - "FieldSelectors" - ], - "type": "object" - }, - "AWS::CloudTrail::EventDataStore.AdvancedFieldSelector": { - "additionalProperties": false, - "properties": { - "EndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "EndsWith", - "type": "array" - }, - "Equals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", - "title": "Equals", - "type": "array" - }, - "Field": { - "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", - "title": "Field", - "type": "string" - }, - "NotEndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "NotEndsWith", - "type": "array" - }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", - "title": "NotEquals", - "type": "array" - }, - "NotStartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "NotStartsWith", - "type": "array" - }, - "StartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "StartsWith", - "type": "array" - } - }, - "required": [ - "Field" - ], - "type": "object" - }, - "AWS::CloudTrail::EventDataStore.InsightSelector": { - "additionalProperties": false, - "properties": { - "InsightType": { - "markdownDescription": "The type of Insights events to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudTrail::ResourcePolicy": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudTrail event data store, dashboard, or channel attached to the resource-based policy.\n\nExample event data store ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`\n\nExample dashboard ARN format: `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`\n\nExample channel ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`", - "title": "ResourceArn", - "type": "string" - }, - "ResourcePolicy": { - "markdownDescription": "A JSON-formatted string for an AWS resource-based policy.\n\nFor example resource-based policies, see [CloudTrail resource-based policy examples](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html) in the *CloudTrail User Guide* .", - "title": "ResourcePolicy", - "type": "object" - } - }, "required": [ - "ResourceArn", - "ResourcePolicy" + "ConfigurationName", + "IamRoleArn", + "SlackChannelId", + "SlackWorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::ResourcePolicy" + "AWS::Chatbot::SlackChannelConfiguration" ], "type": "string" }, @@ -39359,7 +44118,7 @@ ], "type": "object" }, - "AWS::CloudTrail::Trail": { + "AWS::CleanRooms::AnalysisTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -39394,108 +44153,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AdvancedEventSelectors": { + "AnalysisParameters": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedEventSelector" + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisParameter" }, - "markdownDescription": "Specifies the settings for advanced event selectors. You can use advanced event selectors to log management events, data events for all resource types, and network activity events.\n\nYou can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either `AdvancedEventSelectors` or `EventSelectors` , but not both. If you apply `AdvancedEventSelectors` to a trail, any existing `EventSelectors` are overwritten. For more information about advanced event selectors, see [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .", - "title": "AdvancedEventSelectors", + "markdownDescription": "The parameters of the analysis template.", + "title": "AnalysisParameters", "type": "array" }, - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", - "title": "CloudWatchLogsLogGroupArn", + "Description": { + "markdownDescription": "The description of the analysis template.", + "title": "Description", "type": "string" }, - "CloudWatchLogsRoleArn": { - "markdownDescription": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", - "title": "CloudWatchLogsRoleArn", + "Format": { + "markdownDescription": "The format of the analysis template.", + "title": "Format", "type": "string" }, - "EnableLogFileValidation": { - "markdownDescription": "Specifies whether log file validation is enabled. The default is false.\n\n> When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.", - "title": "EnableLogFileValidation", - "type": "boolean" - }, - "EventSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.EventSelector" - }, - "markdownDescription": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.\n\nYou can configure up to five event selectors for a trail.\n\nYou cannot apply both event selectors and advanced event selectors to a trail.", - "title": "EventSelectors", - "type": "array" - }, - "IncludeGlobalServiceEvents": { - "markdownDescription": "Specifies whether the trail is publishing events from global services such as IAM to the log files.", - "title": "IncludeGlobalServiceEvents", - "type": "boolean" - }, - "InsightSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.InsightSelector" - }, - "markdownDescription": "A JSON string that contains the Insights types you want to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightSelectors", - "type": "array" - }, - "IsLogging": { - "markdownDescription": "Whether the CloudTrail trail is currently logging AWS API calls.", - "title": "IsLogging", - "type": "boolean" - }, - "IsMultiRegionTrail": { - "markdownDescription": "Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.", - "title": "IsMultiRegionTrail", - "type": "boolean" - }, - "IsOrganizationTrail": { - "markdownDescription": "Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to `true` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to `false` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization.\n\n> Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.", - "title": "IsOrganizationTrail", - "type": "boolean" - }, - "KMSKeyId": { - "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the logs and digest files delivered by CloudTrail. The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n- 12345678-1234-1234-1234-123456789012", - "title": "KMSKeyId", + "MembershipIdentifier": { + "markdownDescription": "The identifier for a membership resource.", + "title": "MembershipIdentifier", "type": "string" }, - "S3BucketName": { - "markdownDescription": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See [Amazon S3 Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .", - "title": "S3BucketName", + "Name": { + "markdownDescription": "The name of the analysis template.", + "title": "Name", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see [Finding Your CloudTrail Log Files](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files) . The maximum length is 200 characters.", - "title": "S3KeyPrefix", - "type": "string" + "Schema": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSchema", + "markdownDescription": "The entire schema object.", + "title": "Schema" }, - "SnsTopicName": { - "markdownDescription": "Specifies the name or ARN of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.", - "title": "SnsTopicName", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSource", + "markdownDescription": "The source of the analysis template.", + "title": "Source" + }, + "SourceMetadata": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSourceMetadata", + "markdownDescription": "The source metadata for the analysis template.", + "title": "SourceMetadata" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A custom set of tags (key-value pairs) for this trail.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" - }, - "TrailName": { - "markdownDescription": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)", - "title": "TrailName", - "type": "string" } }, "required": [ - "IsLogging", - "S3BucketName" + "Format", + "MembershipIdentifier", + "Name", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::Trail" + "AWS::CleanRooms::AnalysisTemplate" ], "type": "string" }, @@ -39514,156 +44234,174 @@ ], "type": "object" }, - "AWS::CloudTrail::Trail.AdvancedEventSelector": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisParameter": { "additionalProperties": false, "properties": { - "FieldSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedFieldSelector" - }, - "markdownDescription": "Contains all selector statements in an advanced event selector.", - "title": "FieldSelectors", - "type": "array" + "DefaultValue": { + "markdownDescription": "Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor.", + "title": "DefaultValue", + "type": "string" }, "Name": { - "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", + "markdownDescription": "The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen.", "title": "Name", "type": "string" + }, + "Type": { + "markdownDescription": "The type of parameter.", + "title": "Type", + "type": "string" } }, "required": [ - "FieldSelectors" + "Name", + "Type" ], "type": "object" }, - "AWS::CloudTrail::Trail.AdvancedFieldSelector": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisSchema": { "additionalProperties": false, "properties": { - "EndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "EndsWith", - "type": "array" - }, - "Equals": { + "ReferencedTables": { "items": { "type": "string" }, - "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", - "title": "Equals", + "markdownDescription": "The tables referenced in the analysis schema.", + "title": "ReferencedTables", "type": "array" + } + }, + "required": [ + "ReferencedTables" + ], + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisSource": { + "additionalProperties": false, + "properties": { + "Artifacts": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifacts", + "markdownDescription": "The artifacts of the analysis source.", + "title": "Artifacts" }, - "Field": { - "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", - "title": "Field", + "Text": { + "markdownDescription": "The query text.", + "title": "Text", "type": "string" - }, - "NotEndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "NotEndsWith", - "type": "array" - }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", - "title": "NotEquals", - "type": "array" - }, - "NotStartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "NotStartsWith", - "type": "array" - }, - "StartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "StartsWith", - "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisSourceMetadata": { + "additionalProperties": false, + "properties": { + "Artifacts": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifactMetadata", + "markdownDescription": "The artifacts of the analysis source metadata.", + "title": "Artifacts" } }, "required": [ - "Field" + "Artifacts" ], "type": "object" }, - "AWS::CloudTrail::Trail.DataResource": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The resource type in which you want to log data events. You can specify the following *basic* event selector resource types:\n\n- `AWS::DynamoDB::Table`\n- `AWS::Lambda::Function`\n- `AWS::S3::Object`\n\nAdditional resource types are available through *advanced* event selectors. For more information, see [AdvancedEventSelector](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) .", - "title": "Type", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified resource type.\n\n- To log data events for all objects in all S3 buckets in your AWS account , specify the prefix as `arn:aws:s3` .\n\n> This also enables logging of data event activity performed by any user or role in your AWS account , even if that activity is performed on a bucket that belongs to another AWS account .\n- To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/` . The trail logs data events for all objects in this S3 bucket.\n- To log data events for specific objects, specify the S3 bucket and object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/example-images` . The trail logs data events for objects in this S3 bucket that match the prefix.\n- To log data events for all Lambda functions in your AWS account , specify the prefix as `arn:aws:lambda` .\n\n> This also enables logging of `Invoke` activity performed by any user or role in your AWS account , even if that activity is performed on a function that belongs to another AWS account .\n- To log data events for a specific Lambda function, specify the function ARN.\n\n> Lambda function ARNs are exact. For example, if you specify a function ARN *arn:aws:lambda:us-west-2:111111111111:function:helloworld* , data events will only be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld* . They will not be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld2* .\n- To log data events for all DynamoDB tables in your AWS account , specify the prefix as `arn:aws:dynamodb` .", - "title": "Values", - "type": "array" + "Location": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.S3Location", + "markdownDescription": "The artifact location.", + "title": "Location" } }, "required": [ - "Type" + "Location" ], "type": "object" }, - "AWS::CloudTrail::Trail.EventSelector": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifactMetadata": { "additionalProperties": false, "properties": { - "DataResources": { + "AdditionalArtifactHashes": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.DataResource" + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.Hash" }, - "markdownDescription": "CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events.\n\nFor more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* .\n\n> To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field.", - "title": "DataResources", + "markdownDescription": "Additional artifact hashes for the analysis template.", + "title": "AdditionalArtifactHashes", "type": "array" }, - "ExcludeManagementEventSources": { + "EntryPointHash": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.Hash", + "markdownDescription": "The hash of the entry point for the analysis template artifact metadata.", + "title": "EntryPointHash" + } + }, + "required": [ + "EntryPointHash" + ], + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifacts": { + "additionalProperties": false, + "properties": { + "AdditionalArtifacts": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact" }, - "markdownDescription": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service or Amazon RDS Data API events by containing `kms.amazonaws.com` or `rdsdata.amazonaws.com` . By default, `ExcludeManagementEventSources` is empty, and AWS KMS and Amazon RDS Data API events are logged to your trail. You can exclude management event sources only in Regions that support the event source.", - "title": "ExcludeManagementEventSources", + "markdownDescription": "Additional artifacts for the analysis template.", + "title": "AdditionalArtifacts", "type": "array" }, - "IncludeManagementEvents": { - "markdownDescription": "Specify if you want your event selector to include management events for your trail.\n\nFor more information, see [Management Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n\nBy default, the value is `true` .\n\nThe first copy of management events is free. You are charged for additional copies of management events that you are logging on any subsequent trail in the same Region. For more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) .", - "title": "IncludeManagementEvents", - "type": "boolean" + "EntryPoint": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact", + "markdownDescription": "The entry point for the analysis template artifacts.", + "title": "EntryPoint" }, - "ReadWriteType": { - "markdownDescription": "Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 `GetConsoleOutput` is a read-only API operation and `RunInstances` is a write-only API operation.\n\nBy default, the value is `All` .", - "title": "ReadWriteType", + "RoleArn": { + "markdownDescription": "The role ARN for the analysis template artifacts.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "EntryPoint", + "RoleArn" + ], "type": "object" }, - "AWS::CloudTrail::Trail.InsightSelector": { + "AWS::CleanRooms::AnalysisTemplate.Hash": { "additionalProperties": false, "properties": { - "InsightType": { - "markdownDescription": "The type of Insights events to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightType", + "Sha256": { + "markdownDescription": "The SHA-256 hash value.", + "title": "Sha256", "type": "string" } }, "type": "object" }, - "AWS::CloudWatch::Alarm": { + "AWS::CleanRooms::AnalysisTemplate.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The bucket name.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The object key.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration": { "additionalProperties": false, "properties": { "Condition": { @@ -39698,144 +44436,87 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionsEnabled": { - "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE.", - "title": "ActionsEnabled", - "type": "boolean" - }, - "AlarmActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmActions", - "type": "array" - }, - "AlarmDescription": { - "markdownDescription": "The description of the alarm.", - "title": "AlarmDescription", - "type": "string" - }, - "AlarmName": { - "markdownDescription": "The name of the alarm. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the alarm name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "AlarmName", + "AnalyticsEngine": { + "markdownDescription": "The analytics engine for the collaboration.\n\n> After July 16, 2025, the `CLEAN_ROOMS_SQL` parameter will no longer be available.", + "title": "AnalyticsEngine", "type": "string" }, - "ComparisonOperator": { - "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand.", - "title": "ComparisonOperator", + "CreatorDisplayName": { + "markdownDescription": "A display name of the collaboration creator.", + "title": "CreatorDisplayName", "type": "string" }, - "DatapointsToAlarm": { - "markdownDescription": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for `EvaluationPeriods` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, CloudWatch uses the same value here that you set for `EvaluationPeriods` , and the alarm goes to alarm state if that many consecutive periods are breaching.", - "title": "DatapointsToAlarm", - "type": "number" + "CreatorMLMemberAbilities": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLMemberAbilities", + "markdownDescription": "The ML member abilities for a collaboration member.", + "title": "CreatorMLMemberAbilities" }, - "Dimensions": { + "CreatorMemberAbilities": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" + "type": "string" }, - "markdownDescription": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify `Dimensions` . Instead, you use `Metrics` .", - "title": "Dimensions", + "markdownDescription": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS` | `CAN_RUN_JOB`", + "title": "CreatorMemberAbilities", "type": "array" }, - "EvaluateLowSampleCountPercentile": { - "markdownDescription": "Used only for alarms based on percentiles. If `ignore` , the alarm state does not change during periods with too few data points to be statistically significant. If `evaluate` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available.", - "title": "EvaluateLowSampleCountPercentile", - "type": "string" + "CreatorPaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", + "markdownDescription": "An object representing the collaboration member's payment responsibilities set by the collaboration creator.", + "title": "CreatorPaymentConfiguration" }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and `DatapointsToAlarm` is the M.\n\nFor more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .", - "title": "EvaluationPeriods", - "type": "number" + "DataEncryptionMetadata": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.DataEncryptionMetadata", + "markdownDescription": "The settings for client-side encryption for cryptographic computing.", + "title": "DataEncryptionMetadata" }, - "ExtendedStatistic": { - "markdownDescription": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `ExtendedStatistic` . Instead, you use `Metrics` .", - "title": "ExtendedStatistic", + "Description": { + "markdownDescription": "A description of the collaboration provided by the collaboration owner.", + "title": "Description", "type": "string" }, - "InsufficientDataActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", - "title": "InsufficientDataActions", - "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use `Metrics` instead and you can't specify `MetricName` .", - "title": "MetricName", + "JobLogStatus": { + "markdownDescription": "An indicator as to whether job logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about jobs run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "JobLogStatus", "type": "string" }, - "Metrics": { + "Members": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricDataQuery" + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MemberSpecification" }, - "markdownDescription": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n\nIf you specify the `Metrics` parameter, you cannot specify `MetricName` , `Dimensions` , `Period` , `Namespace` , `Statistic` , `ExtendedStatistic` , or `Unit` .", - "title": "Metrics", + "markdownDescription": "A list of initial members, not including the creator. This list is immutable.", + "title": "Members", "type": "array" }, - "Namespace": { - "markdownDescription": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify `Namespace` and you use `Metrics` instead.\n\nFor a list of namespaces for metrics from AWS services, see [AWS Services That Publish CloudWatch Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)", - "title": "Namespace", + "Name": { + "markdownDescription": "A human-readable identifier provided by the collaboration owner. Display names are not unique.", + "title": "Name", "type": "string" }, - "OKActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the `OK` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", - "title": "OKActions", - "type": "array" - }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 20, 30, 60, and any multiple of 60.\n\nFor an alarm based on a math expression, you can't specify `Period` , and instead you use the `Metrics` parameter.\n\n*Minimum:* 10", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use `ExtendedStatistic` .\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `Statistic` . Instead, you use `Metrics` .", - "title": "Statistic", + "QueryLogStatus": { + "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "QueryLogStatus", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" - }, - "Threshold": { - "markdownDescription": "The value to compare with the specified statistic.", - "title": "Threshold", - "type": "number" - }, - "ThresholdMetricId": { - "markdownDescription": "In an alarm based on an anomaly detection model, this is the ID of the `ANOMALY_DETECTION_BAND` function used as the threshold for the alarm.", - "title": "ThresholdMetricId", - "type": "string" - }, - "TreatMissingData": { - "markdownDescription": "Sets how this alarm is to handle missing data points. Valid values are `breaching` , `notBreaching` , `ignore` , and `missing` . For more information, see [Configuring How CloudWatch Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, the default behavior of `missing` is used.", - "title": "TreatMissingData", - "type": "string" - }, - "Unit": { - "markdownDescription": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a `Metrics` array.\n\nYou can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", - "title": "Unit", - "type": "string" } }, "required": [ - "ComparisonOperator", - "EvaluationPeriods" + "CreatorDisplayName", + "Description", + "Name", + "QueryLogStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::Alarm" + "AWS::CleanRooms::Collaboration" ], "type": "string" }, @@ -39854,126 +44535,190 @@ ], "type": "object" }, - "AWS::CloudWatch::Alarm.Dimension": { + "AWS::CleanRooms::Collaboration.DataEncryptionMetadata": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the dimension, from 1\u2013255 characters in length. This dimension name must have been included when the metric was published.", - "title": "Name", - "type": "string" + "AllowCleartext": { + "markdownDescription": "Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` ).", + "title": "AllowCleartext", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value for the dimension, from 1\u2013255 characters in length.", - "title": "Value", - "type": "string" + "AllowDuplicates": { + "markdownDescription": "Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` ).", + "title": "AllowDuplicates", + "type": "boolean" + }, + "AllowJoinsOnColumnsWithDifferentNames": { + "markdownDescription": "Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` ).", + "title": "AllowJoinsOnColumnsWithDifferentNames", + "type": "boolean" + }, + "PreserveNulls": { + "markdownDescription": "Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` ).", + "title": "PreserveNulls", + "type": "boolean" } }, "required": [ - "Name", - "Value" + "AllowCleartext", + "AllowDuplicates", + "AllowJoinsOnColumnsWithDifferentNames", + "PreserveNulls" ], "type": "object" }, - "AWS::CloudWatch::Alarm.Metric": { + "AWS::CleanRooms::Collaboration.JobComputePaymentConfig": { "additionalProperties": false, "properties": { - "Dimensions": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query and job compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query and job compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query and job compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nAn error is returned if the collaboration creator sets a `FALSE` value for the member who can run queries and jobs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.MLMemberAbilities": { + "additionalProperties": false, + "properties": { + "CustomMLMemberAbilities": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" + "type": "string" }, - "markdownDescription": "The metric dimensions that you want to be used for the metric that the alarm will watch.", - "title": "Dimensions", + "markdownDescription": "The custom ML member abilities for a collaboration member.", + "title": "CustomMLMemberAbilities", "type": "array" + } + }, + "required": [ + "CustomMLMemberAbilities" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.MLPaymentConfig": { + "additionalProperties": false, + "properties": { + "ModelInference": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.ModelInferencePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model inference.", + "title": "ModelInference" }, - "MetricName": { - "markdownDescription": "The name of the metric that you want the alarm to watch. This is a required field.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace of the metric that the alarm will watch.", - "title": "Namespace", - "type": "string" + "ModelTraining": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.ModelTrainingPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model training.", + "title": "ModelTraining" } }, "type": "object" }, - "AWS::CloudWatch::Alarm.MetricDataQuery": { + "AWS::CleanRooms::Collaboration.MemberSpecification": { "additionalProperties": false, "properties": { "AccountId": { - "markdownDescription": "The ID of the account where the metrics are located, if this is a cross-account alarm.", + "markdownDescription": "The identifier used to reference members of the collaboration. Currently only supports AWS account ID.", "title": "AccountId", "type": "string" }, - "Expression": { - "markdownDescription": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "Expression", - "type": "string" - }, - "Id": { - "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", - "title": "Id", - "type": "string" - }, - "Label": { - "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If `Label` is omitted, CloudWatch generates a default.", - "title": "Label", + "DisplayName": { + "markdownDescription": "The member's display name.", + "title": "DisplayName", "type": "string" }, - "MetricStat": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricStat", - "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "MetricStat" + "MLMemberAbilities": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLMemberAbilities", + "markdownDescription": "The ML abilities granted to the collaboration member.", + "title": "MLMemberAbilities" }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", - "title": "Period", - "type": "number" + "MemberAbilities": { + "items": { + "type": "string" + }, + "markdownDescription": "The abilities granted to the collaboration member.\n\n*Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", + "title": "MemberAbilities", + "type": "array" }, - "ReturnData": { - "markdownDescription": "This option indicates whether to return the timestamps and raw data values of this metric.\n\nWhen you create an alarm based on a metric math expression, specify `True` for this value for only the one math expression that the alarm is based on. You must specify `False` for `ReturnData` for all the other metrics and expressions used in the alarm.\n\nThis field is required.", - "title": "ReturnData", + "PaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", + "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator.\n\nIf the collaboration creator hasn't speci\ufb01ed anyone as the member paying for query compute costs, then the member who can query is the default payer.", + "title": "PaymentConfiguration" + } + }, + "required": [ + "AccountId", + "DisplayName" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.ModelInferencePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for model inference costs ( `TRUE` ) or has not configured the collaboration member to pay for model inference costs ( `FALSE` ).\n\nExactly one member can be configured to pay for model inference costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for model inference costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", "type": "boolean" } }, "required": [ - "Id" + "IsResponsible" ], "type": "object" }, - "AWS::CloudWatch::Alarm.MetricStat": { + "AWS::CleanRooms::Collaboration.ModelTrainingPaymentConfig": { "additionalProperties": false, "properties": { - "Metric": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Metric", - "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", - "title": "Metric" - }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", - "title": "Period", - "type": "number" + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for model training costs ( `TRUE` ) or has not configured the collaboration member to pay for model training costs ( `FALSE` ).\n\nExactly one member can be configured to pay for model training costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for model training costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Collaboration.PaymentConfiguration": { + "additionalProperties": false, + "properties": { + "JobCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.JobComputePaymentConfig", + "markdownDescription": "The compute configuration for the job.", + "title": "JobCompute" }, - "Stat": { - "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .", - "title": "Stat", - "type": "string" + "MachineLearning": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLPaymentConfig", + "markdownDescription": "An object representing the collaboration member's machine learning payment responsibilities set by the collaboration creator.", + "title": "MachineLearning" }, - "Unit": { - "markdownDescription": "The unit to use for the returned data points.\n\nValid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", - "title": "Unit", - "type": "string" + "QueryCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.QueryComputePaymentConfig", + "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator for query compute costs.", + "title": "QueryCompute" } }, "required": [ - "Metric", - "Period", - "Stat" + "QueryCompute" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector": { + "AWS::CleanRooms::Collaboration.QueryComputePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable": { "additionalProperties": false, "properties": { "Condition": { @@ -40008,55 +44753,70 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Configuration", - "markdownDescription": "Specifies details about how the anomaly detection model is to be trained, including time ranges to exclude when training and updating the model. The configuration can also include the time zone to use for the metric.", - "title": "Configuration" - }, - "Dimensions": { + "AllowedColumns": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + "type": "string" }, - "markdownDescription": "The dimensions of the metric associated with the anomaly detection band.", - "title": "Dimensions", + "markdownDescription": "The columns within the underlying AWS Glue table that can be utilized within collaborations.", + "title": "AllowedColumns", "type": "array" }, - "MetricCharacteristics": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricCharacteristics", - "markdownDescription": "Use this object to include parameters to provide information about your metric to CloudWatch to help it build more accurate anomaly detection models. Currently, it includes the `PeriodicSpikes` parameter.", - "title": "MetricCharacteristics" + "AnalysisMethod": { + "markdownDescription": "The analysis method for the configured table.\n\n`DIRECT_QUERY` allows SQL queries to be run directly on this table.\n\n`DIRECT_JOB` allows PySpark jobs to be run directly on this table.\n\n`MULTIPLE` allows both SQL queries and PySpark jobs to be run directly on this table.", + "title": "AnalysisMethod", + "type": "string" }, - "MetricMathAnomalyDetector": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector", - "markdownDescription": "The CloudWatch metric math expression for this anomaly detector.", - "title": "MetricMathAnomalyDetector" + "AnalysisRules": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRule" + }, + "markdownDescription": "The analysis rule that was created for the configured table.", + "title": "AnalysisRules", + "type": "array" }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the anomaly detection band.", - "title": "MetricName", + "Description": { + "markdownDescription": "A description for the configured table.", + "title": "Description", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace of the metric associated with the anomaly detection band.", - "title": "Namespace", + "Name": { + "markdownDescription": "A name for the configured table.", + "title": "Name", "type": "string" }, - "SingleMetricAnomalyDetector": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector", - "markdownDescription": "The CloudWatch metric and statistic for this anomaly detector.", - "title": "SingleMetricAnomalyDetector" + "SelectedAnalysisMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected analysis methods for the configured table.", + "title": "SelectedAnalysisMethods", + "type": "array" }, - "Stat": { - "markdownDescription": "The statistic of the metric associated with the anomaly detection band.", - "title": "Stat", - "type": "string" + "TableReference": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.TableReference", + "markdownDescription": "The table that this configured table represents.", + "title": "TableReference" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "title": "Tags", + "type": "array" } }, + "required": [ + "AllowedColumns", + "AnalysisMethod", + "Name", + "TableReference" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::AnomalyDetector" + "AWS::CleanRooms::ConfiguredTable" ], "type": "string" }, @@ -40070,237 +44830,453 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Configuration": { + "AWS::CleanRooms::ConfiguredTable.AggregateColumn": { "additionalProperties": false, "properties": { - "ExcludedTimeRanges": { + "ColumnNames": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Range" + "type": "string" }, - "markdownDescription": "Specifies an array of time ranges to exclude from use when the anomaly detection model is trained and updated. Use this to make sure that events that could cause unusual values for the metric, such as deployments, aren't used when CloudWatch creates or updates the model.", - "title": "ExcludedTimeRanges", + "markdownDescription": "Column names in configured table of aggregate columns.", + "title": "ColumnNames", "type": "array" }, - "MetricTimeZone": { - "markdownDescription": "The time zone to use for the metric. This is useful to enable the model to automatically account for daylight savings time changes if the metric is sensitive to such time changes.\n\nTo specify a time zone, use the name of the time zone as specified in the standard tz database. For more information, see [tz database](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Tz_database) .", - "title": "MetricTimeZone", + "Function": { + "markdownDescription": "Aggregation function that can be applied to aggregate column in query.", + "title": "Function", "type": "string" } }, + "required": [ + "ColumnNames", + "Function" + ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Dimension": { + "AWS::CleanRooms::ConfiguredTable.AggregationConstraint": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the dimension.", - "title": "Name", + "ColumnName": { + "markdownDescription": "Column in aggregation constraint for which there must be a minimum number of distinct values in an output row for it to be in the query output.", + "title": "ColumnName", "type": "string" }, - "Value": { - "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", - "title": "Value", + "Minimum": { + "markdownDescription": "The minimum number of distinct values that an output row must be an aggregation of. Minimum threshold of distinct values for a specified column that must exist in an output row for it to be in the query output.", + "title": "Minimum", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of aggregation the constraint allows. The only valid value is currently `COUNT_DISTINCT`.", + "title": "Type", "type": "string" } }, "required": [ - "Name", - "Value" + "ColumnName", + "Minimum", + "Type" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Metric": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRule": { "additionalProperties": false, "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" - }, - "markdownDescription": "The dimensions for the metric.", - "title": "Dimensions", - "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the metric. This is a required field.", - "title": "MetricName", - "type": "string" + "Policy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy", + "markdownDescription": "A policy that describes the associated data usage limitations.", + "title": "Policy" }, - "Namespace": { - "markdownDescription": "The namespace of the metric.", - "title": "Namespace", + "Type": { + "markdownDescription": "The type of analysis rule.", + "title": "Type", "type": "string" } }, "required": [ - "MetricName", - "Namespace" + "Policy", + "Type" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricCharacteristics": { - "additionalProperties": false, - "properties": { - "PeriodicSpikes": { - "markdownDescription": "Set this parameter to true if values for this metric consistently include spikes that should not be considered to be anomalies. With this set to true, CloudWatch will expect to see spikes that occurred consistently during the model training period, and won't flag future similar spikes as anomalies.", - "title": "PeriodicSpikes", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::CloudWatch::AnomalyDetector.MetricDataQueries": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::CloudWatch::AnomalyDetector.MetricDataQuery": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account where the metrics are located.\n\nIf you are performing a `GetMetricData` operation in a monitoring account, use this to specify which account to retrieve this metric from.\n\nIf you are performing a `PutMetricAlarm` operation, use this to specify which account contains the metric that the alarm is watching.", - "title": "AccountId", + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.\n\nThe `additionalAnalyses` parameter is currently supported for the list analysis rule ( `AnalysisRuleList` ) and the custom analysis rule ( `AnalysisRuleCustom` ).", + "title": "AdditionalAnalyses", "type": "string" }, - "Expression": { - "markdownDescription": "This field can contain either a Metrics Insights query, or a metric math expression to be performed on the returned data. For more information about Metrics Insights queries, see [Metrics Insights query components and syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-insights-querylanguage) in the *Amazon CloudWatch User Guide* .\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "Expression", - "type": "string" + "AggregateColumns": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregateColumn" + }, + "markdownDescription": "The columns that query runners are allowed to use in aggregation queries.", + "title": "AggregateColumns", + "type": "array" }, - "Id": { - "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", - "title": "Id", - "type": "string" + "AllowedJoinOperators": { + "items": { + "type": "string" + }, + "markdownDescription": "Which logical operators (if any) are to be used in an INNER JOIN match condition. Default is `AND` .", + "title": "AllowedJoinOperators", + "type": "array" }, - "Label": { - "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If Label is omitted, CloudWatch generates a default.\n\nYou can put dynamic expressions into a label, so that it is more descriptive. For more information, see [Using Dynamic Labels](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/graph-dynamic-labels.html) .", - "title": "Label", - "type": "string" + "DimensionColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "The columns that query runners are allowed to select, group by, or filter by.", + "title": "DimensionColumns", + "type": "array" }, - "MetricStat": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricStat", - "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "MetricStat" + "JoinColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns in configured table that can be used in join statements and/or as aggregate columns. They can never be outputted directly.", + "title": "JoinColumns", + "type": "array" }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", - "title": "Period", - "type": "number" + "JoinRequired": { + "markdownDescription": "Control that requires member who runs query to do a join with their configured table and/or other configured table in query.", + "title": "JoinRequired", + "type": "string" }, - "ReturnData": { - "markdownDescription": "When used in `GetMetricData` , this option indicates whether to return the timestamps and raw data values of this metric. If you are performing this call just to do math expressions and do not also need the raw data returned, you can specify `false` . If you omit this, the default of `true` is used.\n\nWhen used in `PutMetricAlarm` , specify `true` for the one expression result to use as the alarm. For all other metrics and expressions in the same `PutMetricAlarm` operation, specify `ReturnData` as False.", - "title": "ReturnData", - "type": "boolean" + "OutputConstraints": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregationConstraint" + }, + "markdownDescription": "Columns that must meet a specific threshold value (after an aggregation function is applied to it) for each output row to be returned.", + "title": "OutputConstraints", + "type": "array" + }, + "ScalarFunctions": { + "items": { + "type": "string" + }, + "markdownDescription": "Set of scalar functions that are allowed to be used on dimension columns and the output of aggregation of metrics.", + "title": "ScalarFunctions", + "type": "array" } }, "required": [ - "Id" + "AggregateColumns", + "DimensionColumns", + "JoinColumns", + "OutputConstraints", + "ScalarFunctions" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom": { "additionalProperties": false, "properties": { - "MetricDataQueries": { + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.", + "title": "AdditionalAnalyses", + "type": "string" + }, + "AllowedAnalyses": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricDataQuery" + "type": "string" }, - "markdownDescription": "An array of metric data query structures that enables you to create an anomaly detector based on the result of a metric math expression. Each item in `MetricDataQueries` gets a metric or performs a math expression. One item in `MetricDataQueries` is the expression that provides the time series that the anomaly detector uses as input. Designate the expression by setting `ReturnData` to `true` for this object in the array. For all other expressions and metrics, set `ReturnData` to `false` . The designated expression must return a single time series.", - "title": "MetricDataQueries", + "markdownDescription": "The ARN of the analysis templates that are allowed by the custom analysis rule.", + "title": "AllowedAnalyses", + "type": "array" + }, + "AllowedAnalysisProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the AWS accounts that are allowed to query by the custom analysis rule. Required when `allowedAnalyses` is `ANY_QUERY` .", + "title": "AllowedAnalysisProviders", + "type": "array" + }, + "DifferentialPrivacy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy", + "markdownDescription": "The differential privacy configuration.", + "title": "DifferentialPrivacy" + }, + "DisallowedOutputColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns that aren't allowed to be shown in the query output.", + "title": "DisallowedOutputColumns", "type": "array" } }, + "required": [ + "AllowedAnalyses" + ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricStat": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleList": { "additionalProperties": false, "properties": { - "Metric": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Metric", - "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", - "title": "Metric" + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.", + "title": "AdditionalAnalyses", + "type": "string" }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", - "title": "Period", - "type": "number" + "AllowedJoinOperators": { + "items": { + "type": "string" + }, + "markdownDescription": "The logical operators (if any) that are to be used in an INNER JOIN match condition. Default is `AND` .", + "title": "AllowedJoinOperators", + "type": "array" }, - "Stat": { - "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic.", - "title": "Stat", + "JoinColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns that can be used to join a configured table with the table of the member who can query and other members' configured tables.", + "title": "JoinColumns", + "type": "array" + }, + "ListColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns that can be listed in the output.", + "title": "ListColumns", + "type": "array" + } + }, + "required": [ + "JoinColumns", + "ListColumns" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.AthenaTableReference": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The database name.", + "title": "DatabaseName", "type": "string" }, - "Unit": { - "markdownDescription": "When you are using a `Put` operation, this defines what unit you want to use when storing the metric.\n\nIn a `Get` operation, if you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", - "title": "Unit", + "OutputLocation": { + "markdownDescription": "The output location for the Athena table.", + "title": "OutputLocation", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table reference.", + "title": "TableName", + "type": "string" + }, + "WorkGroup": { + "markdownDescription": "The workgroup of the Athena table reference.", + "title": "WorkGroup", "type": "string" } }, "required": [ - "Metric", - "Period", - "Stat" + "DatabaseName", + "TableName", + "WorkGroup" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Range": { + "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The end time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", - "title": "EndTime", + "V1": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1", + "markdownDescription": "Controls on the query specifications that can be run on a configured table.", + "title": "V1" + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation", + "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", + "title": "Aggregation" + }, + "Custom": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom", + "markdownDescription": "Analysis rule type that enables custom SQL queries on a configured table.", + "title": "Custom" + }, + "List": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleList", + "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", + "title": "List" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn" + }, + "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", + "title": "Columns", + "type": "array" + } + }, + "required": [ + "Columns" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.GlueTableReference": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of the database the AWS Glue table belongs to.", + "title": "DatabaseName", "type": "string" }, - "StartTime": { - "markdownDescription": "The start time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", - "title": "StartTime", + "TableName": { + "markdownDescription": "The name of the AWS Glue table.", + "title": "TableName", "type": "string" } }, "required": [ - "EndTime", - "StartTime" + "DatabaseName", + "TableName" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector": { + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableReference": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here. If you omit this parameter, the current account is used.", - "title": "AccountId", + "AccountIdentifier": { + "markdownDescription": "The account identifier for the Snowflake table reference.", + "title": "AccountIdentifier", "type": "string" }, - "Dimensions": { + "DatabaseName": { + "markdownDescription": "The name of the database the Snowflake table belongs to.", + "title": "DatabaseName", + "type": "string" + }, + "SchemaName": { + "markdownDescription": "The schema name of the Snowflake table reference.", + "title": "SchemaName", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The secret ARN of the Snowflake table reference.", + "title": "SecretArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the Snowflake table.", + "title": "TableName", + "type": "string" + }, + "TableSchema": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchema", + "markdownDescription": "The schema of the Snowflake table.", + "title": "TableSchema" + } + }, + "required": [ + "AccountIdentifier", + "DatabaseName", + "SchemaName", + "SecretArn", + "TableName", + "TableSchema" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchema": { + "additionalProperties": false, + "properties": { + "V1": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchemaV1" }, - "markdownDescription": "The metric dimensions to create the anomaly detection model for.", - "title": "Dimensions", + "markdownDescription": "The schema of a Snowflake table.", + "title": "V1", "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the metric to create the anomaly detection model for.", - "title": "MetricName", + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchemaV1": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The column name.", + "title": "ColumnName", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace of the metric to create the anomaly detection model for.", - "title": "Namespace", + "ColumnType": { + "markdownDescription": "The column's data type. Supported data types: `ARRAY` , `BIGINT` , `BOOLEAN` , `CHAR` , `DATE` , `DECIMAL` , `DOUBLE` , `DOUBLE PRECISION` , `FLOAT` , `FLOAT4` , `INT` , `INTEGER` , `MAP` , `NUMERIC` , `NUMBER` , `REAL` , `SMALLINT` , `STRING` , `TIMESTAMP` , `TIMESTAMP_LTZ` , `TIMESTAMP_NTZ` , `DATETIME` , `TINYINT` , `VARCHAR` , `TEXT` , `CHARACTER` .", + "title": "ColumnType", "type": "string" + } + }, + "required": [ + "ColumnName", + "ColumnType" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.TableReference": { + "additionalProperties": false, + "properties": { + "Athena": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AthenaTableReference", + "markdownDescription": "If present, a reference to the Athena table referred to by this table reference.", + "title": "Athena" }, - "Stat": { - "markdownDescription": "The statistic to use for the metric and anomaly detection model.", - "title": "Stat", - "type": "string" + "Glue": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.GlueTableReference", + "markdownDescription": "If present, a reference to the AWS Glue table referred to by this table reference.", + "title": "Glue" + }, + "Snowflake": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableReference", + "markdownDescription": "If present, a reference to the Snowflake table referred to by this table reference.", + "title": "Snowflake" } }, "type": "object" }, - "AWS::CloudWatch::CompositeAlarm": { + "AWS::CleanRooms::ConfiguredTableAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -40335,82 +45311,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionsEnabled": { - "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. The default is TRUE.", - "title": "ActionsEnabled", - "type": "boolean" - }, - "ActionsSuppressor": { - "markdownDescription": "Actions will be suppressed if the suppressor alarm is in the `ALARM` state. `ActionsSuppressor` can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm.", - "title": "ActionsSuppressor", - "type": "string" - }, - "ActionsSuppressorExtensionPeriod": { - "markdownDescription": "The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `ExtensionPeriod` is required only when `ActionsSuppressor` is specified.", - "title": "ActionsSuppressorExtensionPeriod", - "type": "number" - }, - "ActionsSuppressorWaitPeriod": { - "markdownDescription": "The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `WaitPeriod` is required only when `ActionsSuppressor` is specified.", - "title": "ActionsSuppressorWaitPeriod", - "type": "number" - }, - "AlarmActions": { + "ConfiguredTableAssociationAnalysisRules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRule" }, - "markdownDescription": "The actions to execute when this alarm transitions to the ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmActions", + "markdownDescription": "An analysis rule for a configured table association. This analysis rule specifies how data from the table can be used within its associated collaboration. In the console, the `ConfiguredTableAssociationAnalysisRule` is referred to as the *collaboration analysis rule* .", + "title": "ConfiguredTableAssociationAnalysisRules", "type": "array" }, - "AlarmDescription": { - "markdownDescription": "The description for the composite alarm.", - "title": "AlarmDescription", + "ConfiguredTableIdentifier": { + "markdownDescription": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.", + "title": "ConfiguredTableIdentifier", "type": "string" }, - "AlarmName": { - "markdownDescription": "The name for the composite alarm. This name must be unique within your AWS account.", - "title": "AlarmName", + "Description": { + "markdownDescription": "A description of the configured table association.", + "title": "Description", "type": "string" }, - "AlarmRule": { - "markdownDescription": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For each alarm that you reference, you designate a function that specifies whether that alarm needs to be in ALARM state, OK state, or INSUFFICIENT_DATA state. You can use operators (AND, OR and NOT) to combine multiple functions in a single expression. You can use parenthesis to logically group the functions in your expression.\n\nYou can use either alarm names or ARNs to reference the other alarms that are to be evaluated.\n\nFunctions can include the following:\n\n- ALARM(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in ALARM state.\n- OK(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in OK state.\n- INSUFFICIENT_DATA(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in INSUFFICIENT_DATA state.\n- TRUE always evaluates to TRUE.\n- FALSE always evaluates to FALSE.\n\nTRUE and FALSE are useful for testing a complex AlarmRule structure, and for testing your alarm actions.\n\nFor more information about `AlarmRule` syntax, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmRule", + "MembershipIdentifier": { + "markdownDescription": "The unique ID for the membership this configured table association belongs to.", + "title": "MembershipIdentifier", "type": "string" }, - "InsufficientDataActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "InsufficientDataActions", - "type": "array" + "Name": { + "markdownDescription": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.", + "title": "Name", + "type": "string" }, - "OKActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "OKActions", - "type": "array" + "RoleArn": { + "markdownDescription": "The service will assume this role to access catalog metadata and query the table.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "AlarmRule" + "ConfiguredTableIdentifier", + "MembershipIdentifier", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::CompositeAlarm" + "AWS::CleanRooms::ConfiguredTableAssociation" ], "type": "string" }, @@ -40429,7 +45382,128 @@ ], "type": "object" }, - "AWS::CloudWatch::Dashboard": { + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRule": { + "additionalProperties": false, + "properties": { + "Policy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicy", + "markdownDescription": "The policy of the configured table association analysis rule.", + "title": "Policy" + }, + "Type": { + "markdownDescription": "The type of the configured table association analysis rule.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Policy", + "Type" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleAggregation": { + "additionalProperties": false, + "properties": { + "AllowedAdditionalAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.\n\nThe `allowedAdditionalAnalyses` parameter is currently supported for the list analysis rule ( `AnalysisRuleList` ) and the custom analysis rule ( `AnalysisRuleCustom` ).", + "title": "AllowedAdditionalAnalyses", + "type": "array" + }, + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleCustom": { + "additionalProperties": false, + "properties": { + "AllowedAdditionalAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.", + "title": "AllowedAdditionalAnalyses", + "type": "array" + }, + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleList": { + "additionalProperties": false, + "properties": { + "AllowedAdditionalAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.", + "title": "AllowedAdditionalAnalyses", + "type": "array" + }, + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicy": { + "additionalProperties": false, + "properties": { + "V1": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicyV1", + "markdownDescription": "The policy for the configured table association analysis rule.", + "title": "V1" + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicyV1": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleAggregation", + "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", + "title": "Aggregation" + }, + "Custom": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleCustom", + "markdownDescription": "Analysis rule type that enables the table owner to approve custom SQL queries on their configured tables. It supports differential privacy.", + "title": "Custom" + }, + "List": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleList", + "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", + "title": "List" + } + }, + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable": { "additionalProperties": false, "properties": { "Condition": { @@ -40464,25 +45538,50 @@ "Properties": { "additionalProperties": false, "properties": { - "DashboardBody": { - "markdownDescription": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard. This parameter is required.\n\nFor more information about the syntax, see [Dashboard Body Structure and Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html) .", - "title": "DashboardBody", + "Description": { + "markdownDescription": "The description of the ID mapping table.", + "title": "Description", "type": "string" }, - "DashboardName": { - "markdownDescription": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically.", - "title": "DashboardName", + "InputReferenceConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceConfig", + "markdownDescription": "The input reference configuration for the ID mapping table.", + "title": "InputReferenceConfig" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key.", + "title": "KmsKeyArn", + "type": "string" + }, + "MembershipIdentifier": { + "markdownDescription": "The unique identifier of the membership resource for the ID mapping table.", + "title": "MembershipIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the ID mapping table.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "DashboardBody" + "InputReferenceConfig", + "MembershipIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::Dashboard" + "AWS::CleanRooms::IdMappingTable" ], "type": "string" }, @@ -40501,7 +45600,64 @@ ], "type": "object" }, - "AWS::CloudWatch::InsightRule": { + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceConfig": { + "additionalProperties": false, + "properties": { + "InputReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the referenced resource in AWS Entity Resolution . Valid values are ID mapping workflow ARNs.", + "title": "InputReferenceArn", + "type": "string" + }, + "ManageResourcePolicies": { + "markdownDescription": "When `TRUE` , AWS Clean Rooms manages permissions for the ID mapping table resource.\n\nWhen `FALSE` , the resource owner manages permissions for the ID mapping table resource.", + "title": "ManageResourcePolicies", + "type": "boolean" + } + }, + "required": [ + "InputReferenceArn", + "ManageResourcePolicies" + ], + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceProperties": { + "additionalProperties": false, + "properties": { + "IdMappingTableInputSource": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable.IdMappingTableInputSource" + }, + "markdownDescription": "The input source of the ID mapping table.", + "title": "IdMappingTableInputSource", + "type": "array" + } + }, + "required": [ + "IdMappingTableInputSource" + ], + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputSource": { + "additionalProperties": false, + "properties": { + "IdNamespaceAssociationId": { + "markdownDescription": "The unique identifier of the ID namespace association.", + "title": "IdNamespaceAssociationId", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the input source of the ID mapping table.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "IdNamespaceAssociationId", + "Type" + ], + "type": "object" + }, + "AWS::CleanRooms::IdNamespaceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -40536,37 +45692,50 @@ "Properties": { "additionalProperties": false, "properties": { - "RuleBody": { - "markdownDescription": "The definition of the rule, as a JSON object. For details about the syntax, see [Contributor Insights Rule Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights-RuleSyntax.html) in the *Amazon CloudWatch User Guide* .", - "title": "RuleBody", + "Description": { + "markdownDescription": "The description of the ID namespace association.", + "title": "Description", "type": "string" }, - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", + "IdMappingConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation.IdMappingConfig", + "markdownDescription": "The configuration settings for the ID mapping table.", + "title": "IdMappingConfig" + }, + "InputReferenceConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceConfig", + "markdownDescription": "The input reference configuration for the ID namespace association.", + "title": "InputReferenceConfig" + }, + "MembershipIdentifier": { + "markdownDescription": "The unique identifier of the membership that contains the ID namespace association.", + "title": "MembershipIdentifier", "type": "string" }, - "RuleState": { - "markdownDescription": "The current state of the rule. Valid values are `ENABLED` and `DISABLED` .", - "title": "RuleState", + "Name": { + "markdownDescription": "The name of this ID namespace association.", + "title": "Name", "type": "string" }, "Tags": { - "$ref": "#/definitions/AWS::CloudWatch::InsightRule.Tags", - "markdownDescription": "A list of key-value pairs to associate with the Contributor Insights rule. You can associate as many as 50 tags with a rule.\n\nTags can help you organize and categorize your resources. For more information, see [Tagging Your Amazon CloudWatch Resources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Tagging.html) .\n\nTo be able to associate tags with a rule, you must have the `cloudwatch:TagResource` permission in addition to the `cloudwatch:PutInsightRule` permission.", - "title": "Tags" + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "RuleBody", - "RuleName", - "RuleState" + "InputReferenceConfig", + "MembershipIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::InsightRule" + "AWS::CleanRooms::IdNamespaceAssociation" ], "type": "string" }, @@ -40585,12 +45754,60 @@ ], "type": "object" }, - "AWS::CloudWatch::InsightRule.Tags": { + "AWS::CleanRooms::IdNamespaceAssociation.IdMappingConfig": { "additionalProperties": false, - "properties": {}, + "properties": { + "AllowUseAsDimensionColumn": { + "markdownDescription": "An indicator as to whether you can use your column as a dimension column in the ID mapping table ( `TRUE` ) or not ( `FALSE` ).\n\nDefault is `FALSE` .", + "title": "AllowUseAsDimensionColumn", + "type": "boolean" + } + }, + "required": [ + "AllowUseAsDimensionColumn" + ], "type": "object" }, - "AWS::CloudWatch::MetricStream": { + "AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceConfig": { + "additionalProperties": false, + "properties": { + "InputReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Entity Resolution resource that is being associated to the collaboration. Valid resource ARNs are from the ID namespaces that you own.", + "title": "InputReferenceArn", + "type": "string" + }, + "ManageResourcePolicies": { + "markdownDescription": "When `TRUE` , AWS Clean Rooms manages permissions for the ID namespace association resource.\n\nWhen `FALSE` , the resource owner manages permissions for the ID namespace association resource.", + "title": "ManageResourcePolicies", + "type": "boolean" + } + }, + "required": [ + "InputReferenceArn", + "ManageResourcePolicies" + ], + "type": "object" + }, + "AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceProperties": { + "additionalProperties": false, + "properties": { + "IdMappingWorkflowsSupported": { + "items": { + "type": "object" + }, + "markdownDescription": "Defines how ID mapping workflows are supported for this ID namespace association.", + "title": "IdMappingWorkflowsSupported", + "type": "array" + }, + "IdNamespaceType": { + "markdownDescription": "The ID namespace type for this ID namespace association.", + "title": "IdNamespaceType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CleanRooms::Membership": { "additionalProperties": false, "properties": { "Condition": { @@ -40625,74 +45842,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ExcludeFilters": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" - }, - "markdownDescription": "If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", - "title": "ExcludeFilters", - "type": "array" - }, - "FirehoseArn": { - "markdownDescription": "The ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream. This Amazon Kinesis Firehose delivery stream must already exist and must be in the same account as the metric stream.", - "title": "FirehoseArn", + "CollaborationIdentifier": { + "markdownDescription": "The unique ID for the associated collaboration.", + "title": "CollaborationIdentifier", "type": "string" }, - "IncludeFilters": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" - }, - "markdownDescription": "If you specify this parameter, the stream sends only the metrics from the metric namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", - "title": "IncludeFilters", - "type": "array" + "DefaultJobResultConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedJobResultConfiguration", + "markdownDescription": "The default job result configuration for the membership.", + "title": "DefaultJobResultConfiguration" }, - "IncludeLinkedAccountsMetrics": { - "markdownDescription": "If you are creating a metric stream in a monitoring account, specify `true` to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is `false` .\n\nFor more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html)", - "title": "IncludeLinkedAccountsMetrics", - "type": "boolean" + "DefaultResultConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration", + "markdownDescription": "The default protected query result configuration as specified by the member who can receive results.", + "title": "DefaultResultConfiguration" }, - "Name": { - "markdownDescription": "If you are creating a new metric stream, this is the name for the new stream. The name must be different than the names of other metric streams in this account and Region.\n\nIf you are updating a metric stream, specify the name of that stream here.", - "title": "Name", + "JobLogStatus": { + "markdownDescription": "An indicator as to whether job logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about jobs run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "JobLogStatus", "type": "string" }, - "OutputFormat": { - "markdownDescription": "The output format for the stream. Valid values are `json` , `opentelemetry1.0` and `opentelemetry0.7` For more information about metric stream output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html) .\n\nThis parameter is required.", - "title": "OutputFormat", - "type": "string" + "PaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipPaymentConfiguration", + "markdownDescription": "The payment responsibilities accepted by the collaboration member.", + "title": "PaymentConfiguration" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. This IAM role must already exist and must be in the same account as the metric stream. This IAM role must include the `firehose:PutRecord` and `firehose:PutRecordBatch` permissions.", - "title": "RoleArn", + "QueryLogStatus": { + "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the membership.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "QueryLogStatus", "type": "string" }, - "StatisticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration" - }, - "markdownDescription": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members.\n\nFor each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `OutputFormat` . If the `OutputFormat` is `json` , you can stream any additional statistic that is supported by CloudWatch , listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) . If the `OutputFormat` is OpenTelemetry, you can stream percentile statistics.", - "title": "StatisticsConfigurations", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the metric stream.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "FirehoseArn", - "OutputFormat", - "RoleArn" + "CollaborationIdentifier", + "QueryLogStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::MetricStream" + "AWS::CleanRooms::Membership" ], "type": "string" }, @@ -40711,75 +45908,219 @@ ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamFilter": { + "AWS::CleanRooms::Membership.MembershipJobComputePaymentConfig": { "additionalProperties": false, "properties": { - "MetricNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the metrics to either include or exclude from the metric stream.\n\nIf you omit this parameter, all metrics in the namespace are included or excluded, depending on whether this filter is specified as an exclude filter or an include filter.\n\nEach metric name can contain only ASCII printable characters (ASCII range 32 through 126). Each metric name must contain at least one non-whitespace character.", - "title": "MetricNames", - "type": "array" + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for job compute costs ( `TRUE` ) or has not accepted to pay for query and job compute costs ( `FALSE` ).\n\nThere is only one member who pays for queries and jobs.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query and job compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query and job compute costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipMLPaymentConfig": { + "additionalProperties": false, + "properties": { + "ModelInference": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipModelInferencePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model inference.", + "title": "ModelInference" }, - "Namespace": { - "markdownDescription": "The name of the metric namespace in the filter.\n\nThe namespace can contain only ASCII printable characters (ASCII range 32 through 126). It must contain at least one non-whitespace character.", - "title": "Namespace", + "ModelTraining": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipModelTrainingPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model training.", + "title": "ModelTraining" + } + }, + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipModelInferencePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for model inference costs ( `TRUE` ) or has not accepted to pay for model inference costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for model inference costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for model inference costs.\n- If you set the value to `TRUE` but you are not responsible to pay for model inference costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipModelTrainingPaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for model training costs ( `TRUE` ) or has not accepted to pay for model training costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for model training costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for model training costs.\n- If you set the value to `TRUE` but you are not responsible to pay for model training costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipPaymentConfiguration": { + "additionalProperties": false, + "properties": { + "JobCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipJobComputePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for job compute costs.", + "title": "JobCompute" + }, + "MachineLearning": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipMLPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for machine learning costs.", + "title": "MachineLearning" + }, + "QueryCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for query compute costs.", + "title": "QueryCompute" + } + }, + "required": [ + "QueryCompute" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedJobOutputConfiguration": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedJobS3OutputConfigurationInput", + "markdownDescription": "Contains the configuration to write the job results to S3.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedJobResultConfiguration": { + "additionalProperties": false, + "properties": { + "OutputConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedJobOutputConfiguration", + "markdownDescription": "The output configuration for a protected job result.", + "title": "OutputConfiguration" + }, + "RoleArn": { + "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected job results to the result location, given by the member who can receive results.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Namespace" + "OutputConfiguration", + "RoleArn" ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration": { + "AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration": { "additionalProperties": false, "properties": { - "AdditionalStatistics": { - "items": { - "type": "string" - }, - "markdownDescription": "The additional statistics to stream for the metrics listed in `IncludeMetrics` .", - "title": "AdditionalStatistics", - "type": "array" + "S3": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration", + "markdownDescription": "Required configuration for a protected query with an `s3` output type.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration": { + "additionalProperties": false, + "properties": { + "OutputConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration", + "markdownDescription": "Configuration for protected query results.", + "title": "OutputConfiguration" }, - "IncludeMetrics": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric" - }, - "markdownDescription": "An array that defines the metrics that are to have additional statistics streamed.", - "title": "IncludeMetrics", - "type": "array" + "RoleArn": { + "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "AdditionalStatistics", - "IncludeMetrics" + "OutputConfiguration" ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric": { + "AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query compute costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.ProtectedJobS3OutputConfigurationInput": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket for job output.", + "title": "Bucket", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace of the metric.", - "title": "Namespace", + "KeyPrefix": { + "markdownDescription": "The S3 prefix to unload the protected job results.", + "title": "KeyPrefix", "type": "string" } }, "required": [ - "MetricName", - "Namespace" + "Bucket" ], "type": "object" }, - "AWS::CodeArtifact::Domain": { + "AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket to unload the protected query results.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "The S3 prefix to unload the protected query results.", + "title": "KeyPrefix", + "type": "string" + }, + "ResultFormat": { + "markdownDescription": "Intended file format of the result.", + "title": "ResultFormat", + "type": "string" + }, + "SingleFileOutput": { + "markdownDescription": "Indicates whether files should be output as a single file ( `TRUE` ) or output as multiple files ( `FALSE` ). This parameter is only supported for analyses with the Spark analytics engine.", + "title": "SingleFileOutput", + "type": "boolean" + } + }, + "required": [ + "Bucket", + "ResultFormat" + ], + "type": "object" + }, + "AWS::CleanRooms::PrivacyBudgetTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -40814,38 +46155,46 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "A string that specifies the name of the requested domain.", - "title": "DomainName", + "AutoRefresh": { + "markdownDescription": "How often the privacy budget refreshes.\n\n> If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes.", + "title": "AutoRefresh", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The key used to encrypt the domain.", - "title": "EncryptionKey", + "MembershipIdentifier": { + "markdownDescription": "The identifier for a membership resource.", + "title": "MembershipIdentifier", "type": "string" }, - "PermissionsPolicyDocument": { - "markdownDescription": "The document that defines the resource policy that is set on a domain.", - "title": "PermissionsPolicyDocument", - "type": "object" + "Parameters": { + "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate.Parameters", + "markdownDescription": "Specifies the epsilon and noise parameters for the privacy budget template.", + "title": "Parameters" + }, + "PrivacyBudgetType": { + "markdownDescription": "Specifies the type of the privacy budget template.", + "title": "PrivacyBudgetType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be applied to the domain.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "DomainName" + "AutoRefresh", + "MembershipIdentifier", + "Parameters", + "PrivacyBudgetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::Domain" + "AWS::CleanRooms::PrivacyBudgetTemplate" ], "type": "string" }, @@ -40864,7 +46213,27 @@ ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup": { + "AWS::CleanRooms::PrivacyBudgetTemplate.Parameters": { + "additionalProperties": false, + "properties": { + "Epsilon": { + "markdownDescription": "The epsilon value that you want to use.", + "title": "Epsilon", + "type": "number" + }, + "UsersNoisePerQuery": { + "markdownDescription": "Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted.", + "title": "UsersNoisePerQuery", + "type": "number" + } + }, + "required": [ + "Epsilon", + "UsersNoisePerQuery" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset": { "additionalProperties": false, "properties": { "Condition": { @@ -40899,54 +46268,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactInfo": { - "markdownDescription": "The contact information of the package group.", - "title": "ContactInfo", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the package group.", + "markdownDescription": "The description of the training dataset.", "title": "Description", "type": "string" }, - "DomainName": { - "markdownDescription": "The domain that contains the package group.", - "title": "DomainName", - "type": "string" - }, - "DomainOwner": { - "markdownDescription": "The 12-digit account number of the AWS account that owns the domain. It does not include dashes or spaces.", - "title": "DomainOwner", + "Name": { + "markdownDescription": "The name of the training dataset.", + "title": "Name", "type": "string" }, - "OriginConfiguration": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.OriginConfiguration", - "markdownDescription": "Details about the package origin configuration of a package group.", - "title": "OriginConfiguration" - }, - "Pattern": { - "markdownDescription": "The pattern of the package group. The pattern determines which packages are associated with the package group.", - "title": "Pattern", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TrainingData": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" + }, + "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", + "title": "TrainingData", + "type": "array" } }, "required": [ - "DomainName", - "Pattern" + "Name", + "RoleArn", + "TrainingData" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::PackageGroup" + "AWS::CleanRoomsML::TrainingDataset" ], "type": "string" }, @@ -40965,64 +46328,112 @@ ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.OriginConfiguration": { + "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { "additionalProperties": false, "properties": { - "Restrictions": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.Restrictions", - "markdownDescription": "", - "title": "Restrictions" + "ColumnName": { + "markdownDescription": "The name of a column.", + "title": "ColumnName", + "type": "string" + }, + "ColumnTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The data type of column.", + "title": "ColumnTypes", + "type": "array" } }, "required": [ - "Restrictions" + "ColumnName", + "ColumnTypes" ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.RestrictionType": { + "AWS::CleanRoomsML::TrainingDataset.DataSource": { "additionalProperties": false, "properties": { - "Repositories": { + "GlueDataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", + "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", + "title": "GlueDataSource" + } + }, + "required": [ + "GlueDataSource" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.Dataset": { + "additionalProperties": false, + "properties": { + "InputConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", + "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", + "title": "InputConfig" + }, + "Type": { + "markdownDescription": "What type of information is found in the dataset.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "InputConfig", + "Type" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { + "additionalProperties": false, + "properties": { + "DataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", + "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", + "title": "DataSource" + }, + "Schema": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" }, - "markdownDescription": "", - "title": "Repositories", + "markdownDescription": "The schema information for the training data.", + "title": "Schema", "type": "array" - }, - "RestrictionMode": { - "markdownDescription": "", - "title": "RestrictionMode", - "type": "string" } }, "required": [ - "RestrictionMode" + "DataSource", + "Schema" ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.Restrictions": { + "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { "additionalProperties": false, "properties": { - "ExternalUpstream": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "ExternalUpstream" + "CatalogId": { + "markdownDescription": "The Glue catalog that contains the training data.", + "title": "CatalogId", + "type": "string" }, - "InternalUpstream": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "InternalUpstream" + "DatabaseName": { + "markdownDescription": "The Glue database that contains the training data.", + "title": "DatabaseName", + "type": "string" }, - "Publish": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "Publish" + "TableName": { + "markdownDescription": "The Glue table that contains the training data.", + "title": "TableName", + "type": "string" } }, + "required": [ + "DatabaseName", + "TableName" + ], "type": "object" }, - "AWS::CodeArtifact::Repository": { + "AWS::Cloud9::EnvironmentEC2": { "additionalProperties": false, "properties": { "Condition": { @@ -41057,65 +46468,72 @@ "Properties": { "additionalProperties": false, "properties": { + "AutomaticStopTimeMinutes": { + "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", + "title": "AutomaticStopTimeMinutes", + "type": "number" + }, + "ConnectionType": { + "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", + "title": "ConnectionType", + "type": "string" + }, "Description": { - "markdownDescription": "A text description of the repository.", + "markdownDescription": "The description of the environment to create.", "title": "Description", "type": "string" }, - "DomainName": { - "markdownDescription": "The name of the domain that contains the repository.", - "title": "DomainName", + "ImageId": { + "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", + "title": "ImageId", "type": "string" }, - "DomainOwner": { - "markdownDescription": "The 12-digit account number of the AWS account that owns the domain that contains the repository. It does not include dashes or spaces.", - "title": "DomainOwner", + "InstanceType": { + "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", + "title": "InstanceType", "type": "string" }, - "ExternalConnections": { + "Name": { + "markdownDescription": "The name of the environment.", + "title": "Name", + "type": "string" + }, + "OwnerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", + "title": "OwnerArn", + "type": "string" + }, + "Repositories": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" }, - "markdownDescription": "An array of external connections associated with the repository. For more information, see [Supported external connection repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/external-connection.html#supported-public-repositories) in the *CodeArtifact user guide* .", - "title": "ExternalConnections", + "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", + "title": "Repositories", "type": "array" }, - "PermissionsPolicyDocument": { - "markdownDescription": "The document that defines the resource policy that is set on a repository.", - "title": "PermissionsPolicyDocument", - "type": "object" - }, - "RepositoryName": { - "markdownDescription": "The name of an upstream repository.", - "title": "RepositoryName", + "SubnetId": { + "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", + "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be applied to the repository.", + "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", "title": "Tags", "type": "array" - }, - "Upstreams": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. For more information, see [Working with upstream repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html) .", - "title": "Upstreams", - "type": "array" } }, "required": [ - "DomainName", - "RepositoryName" + "ImageId", + "InstanceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::Repository" + "AWS::Cloud9::EnvironmentEC2" ], "type": "string" }, @@ -41134,7 +46552,27 @@ ], "type": "object" }, - "AWS::CodeBuild::Fleet": { + "AWS::Cloud9::EnvironmentEC2.Repository": { + "additionalProperties": false, + "properties": { + "PathComponent": { + "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", + "title": "PathComponent", + "type": "string" + }, + "RepositoryUrl": { + "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", + "title": "RepositoryUrl", + "type": "string" + } + }, + "required": [ + "PathComponent", + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::CloudFormation::CustomResource": { "additionalProperties": false, "properties": { "Condition": { @@ -41169,40 +46607,25 @@ "Properties": { "additionalProperties": false, "properties": { - "BaseCapacity": { - "markdownDescription": "The initial number of machines allocated to the compute \ufb02eet, which de\ufb01nes the number of builds that can run in parallel.", - "title": "BaseCapacity", + "ServiceTimeout": { + "markdownDescription": "The maximum time, in seconds, that can elapse before a custom resource operation times out.\n\nThe value must be an integer from 1 to 3600. The default value is 3600 seconds (1 hour).", + "title": "ServiceTimeout", "type": "number" }, - "ComputeType": { - "markdownDescription": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", - "title": "ComputeType", - "type": "string" - }, - "EnvironmentType": { - "markdownDescription": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (S\u00e3o Paulo).\n- The environment type `ARM_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `MAC_ARM` is available only in regions US East (Ohio), US East (N. Virginia), US West (Oregon), Europe (Frankfurt), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (S\u00e3o Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", - "title": "EnvironmentType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the compute fleet.", - "title": "Name", + "ServiceToken": { + "markdownDescription": "The service token, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same Region as the stack.\n\nUpdates aren't supported.", + "title": "ServiceToken", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.", - "title": "Tags", - "type": "array" } }, + "required": [ + "ServiceToken" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::Fleet" + "AWS::CloudFormation::CustomResource" ], "type": "string" }, @@ -41216,11 +46639,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeBuild::Project": { + "AWS::CloudFormation::GuardHook": { "additionalProperties": false, "properties": { "Condition": { @@ -41255,153 +46679,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Artifacts": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts", - "markdownDescription": "`Artifacts` is a property of the [AWS::CodeBuild::Project](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html) resource that specifies output settings for artifacts generated by an AWS CodeBuild build.", - "title": "Artifacts" - }, - "BadgeEnabled": { - "markdownDescription": "Indicates whether AWS CodeBuild generates a publicly accessible URL for your project's build badge. For more information, see [Build Badges Sample](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-build-badges.html) in the *AWS CodeBuild User Guide* .\n\n> Including build badges with your project is currently not supported if the source type is CodePipeline. If you specify `CODEPIPELINE` for the `Source` property, do not specify the `BadgeEnabled` property.", - "title": "BadgeEnabled", - "type": "boolean" - }, - "BuildBatchConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectBuildBatchConfig", - "markdownDescription": "A `ProjectBuildBatchConfig` object that defines the batch build options for the project.", - "title": "BuildBatchConfig" - }, - "Cache": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectCache", - "markdownDescription": "Settings that AWS CodeBuild uses to store and reuse build dependencies.", - "title": "Cache" - }, - "ConcurrentBuildLimit": { - "markdownDescription": "The maximum number of concurrent builds that are allowed for this project.\n\nNew builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.", - "title": "ConcurrentBuildLimit", - "type": "number" - }, - "Description": { - "markdownDescription": "A description that makes the build project easy to identify.", - "title": "Description", + "Alias": { + "markdownDescription": "The type name alias for the Hook. This alias must be unique per account and Region.\n\nThe alias must be in the form `Name1::Name2::Name3` and must not begin with `AWS` . For example, `Private::Guard::MyTestHook` .", + "title": "Alias", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The AWS Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.\n\n> You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. \n\nYou can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format `alias/` ). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).", - "title": "EncryptionKey", + "ExecutionRole": { + "markdownDescription": "The IAM role that the Hook assumes to retrieve your Guard rules from S3 and optionally write a detailed Guard output report back.", + "title": "ExecutionRole", "type": "string" }, - "Environment": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Environment", - "markdownDescription": "The build environment settings for the project, such as the environment type or the environment variables to use for the build environment.", - "title": "Environment" - }, - "FileSystemLocations": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFileSystemLocation" - }, - "markdownDescription": "An array of `ProjectFileSystemLocation` objects for a CodeBuild build project. A `ProjectFileSystemLocation` object specifies the `identifier` , `location` , `mountOptions` , `mountPoint` , and `type` of a file system created using Amazon Elastic File System.", - "title": "FileSystemLocations", - "type": "array" - }, - "LogsConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.LogsConfig", - "markdownDescription": "Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.", - "title": "LogsConfig" - }, - "Name": { - "markdownDescription": "The name of the build project. The name must be unique across all of the projects in your AWS account .", - "title": "Name", + "FailureMode": { + "markdownDescription": "Specifies how the Hook responds when rules fail their evaluation.\n\n- `FAIL` : Prevents the action from proceeding. This is helpful for enforcing strict compliance or security policies.\n- `WARN` : Issues warnings to users but allows actions to continue. This is useful for non-critical validations or informational checks.", + "title": "FailureMode", "type": "string" }, - "QueuedTimeoutInMinutes": { - "markdownDescription": "The number of minutes a build is allowed to be queued before it times out.", - "title": "QueuedTimeoutInMinutes", - "type": "number" - }, - "ResourceAccessRole": { - "markdownDescription": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.", - "title": "ResourceAccessRole", + "HookStatus": { + "markdownDescription": "Specifies if the Hook is `ENABLED` or `DISABLED` .", + "title": "HookStatus", "type": "string" }, - "SecondaryArtifacts": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts" - }, - "markdownDescription": "A list of `Artifacts` objects. Each artifacts object specifies output settings that the project generates during a build.", - "title": "SecondaryArtifacts", - "type": "array" - }, - "SecondarySourceVersions": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectSourceVersion" - }, - "markdownDescription": "An array of `ProjectSourceVersion` objects. If `secondarySourceVersions` is specified at the build level, then they take over these `secondarySourceVersions` (at the project level).", - "title": "SecondarySourceVersions", - "type": "array" + "LogBucket": { + "markdownDescription": "Specifies the name of an S3 bucket to store the Guard output report. This report contains the results of your Guard rule validations.", + "title": "LogBucket", + "type": "string" }, - "SecondarySources": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Source" - }, - "markdownDescription": "An array of `ProjectSource` objects.", - "title": "SecondarySources", - "type": "array" + "Options": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.Options", + "markdownDescription": "Specifies the S3 location of your input parameters.", + "title": "Options" }, - "ServiceRole": { - "markdownDescription": "The ARN of the IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.", - "title": "ServiceRole", - "type": "string" + "RuleLocation": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.S3Location", + "markdownDescription": "Specifies the S3 location of your Guard rules.", + "title": "RuleLocation" }, - "Source": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Source", - "markdownDescription": "The source code settings for the project, such as the source code's repository type and location.", - "title": "Source" + "StackFilters": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackFilters", + "markdownDescription": "Specifies the stack level filters for the Hook.\n\nExample stack level filter in JSON:\n\n`\"StackFilters\": {\"FilteringCriteria\": \"ALL\", \"StackNames\": {\"Exclude\": [ \"stack-1\", \"stack-2\"]}}` \n\nExample stack level filter in YAML:\n\n`StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2`", + "title": "StackFilters" }, - "SourceVersion": { - "markdownDescription": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nIf `sourceVersion` is specified at the build level, then that version takes precedence over this `sourceVersion` (at the project level).\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", - "title": "SourceVersion", - "type": "string" + "TargetFilters": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.TargetFilters", + "markdownDescription": "Specifies the target filters for the Hook.\n\nExample target filter in JSON:\n\n`\"TargetFilters\": {\"Actions\": [ \"Create\", \"Update\", \"Delete\" ]}` \n\nExample target filter in YAML:\n\n`TargetFilters: Actions: - CREATE - UPDATE - DELETE`", + "title": "TargetFilters" }, - "Tags": { + "TargetOperations": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the AWS CodeBuild project.\n\nThese tags are available for use by AWS services that support AWS CodeBuild build project tags.", - "title": "Tags", + "markdownDescription": "Specifies the list of operations the Hook is run against. For more information, see [Hook targets](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target) in the *AWS CloudFormation Hooks User Guide* .\n\nValid values: `STACK` | `RESOURCE` | `CHANGE_SET` | `CLOUD_CONTROL`", + "title": "TargetOperations", "type": "array" - }, - "TimeoutInMinutes": { - "markdownDescription": "How long, in minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.", - "title": "TimeoutInMinutes", - "type": "number" - }, - "Triggers": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectTriggers", - "markdownDescription": "For an existing AWS CodeBuild build project that has its source code stored in a GitHub repository, enables AWS CodeBuild to begin automatically rebuilding the source code every time a code change is pushed to the repository.", - "title": "Triggers" - }, - "Visibility": { - "markdownDescription": "Specifies the visibility of the project's builds. Possible values are:\n\n- **PUBLIC_READ** - The project builds are visible to the public.\n- **PRIVATE** - The project builds are not visible to the public.", - "title": "Visibility", - "type": "string" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.VpcConfig", - "markdownDescription": "`VpcConfig` specifies settings that enable AWS CodeBuild to access resources in an Amazon VPC. For more information, see [Use AWS CodeBuild with Amazon Virtual Private Cloud](https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html) in the *AWS CodeBuild User Guide* .", - "title": "VpcConfig" } }, "required": [ - "Artifacts", - "Environment", - "ServiceRole", - "Source" + "Alias", + "ExecutionRole", + "FailureMode", + "HookStatus", + "RuleLocation", + "TargetOperations" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::Project" + "AWS::CloudFormation::GuardHook" ], "type": "string" }, @@ -41420,560 +46764,228 @@ ], "type": "object" }, - "AWS::CodeBuild::Project.Artifacts": { + "AWS::CloudFormation::GuardHook.HookTarget": { "additionalProperties": false, "properties": { - "ArtifactIdentifier": { - "markdownDescription": "An identifier for this artifact definition.", - "title": "ArtifactIdentifier", - "type": "string" - }, - "EncryptionDisabled": { - "markdownDescription": "Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon Simple Storage Service (Amazon S3). If this is set with another artifacts type, an `invalidInputException` is thrown.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "Location": { - "markdownDescription": "Information about the build output artifact location:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output bucket.\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", - "title": "Location", - "type": "string" - }, - "Name": { - "markdownDescription": "Along with `path` and `namespaceType` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.\n\nFor example:\n\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , then the output artifact is stored in `MyArtifacts/ *build-ID* /MyArtifact.zip` .\n- If `path` is empty, `namespaceType` is set to `NONE` , and `name` is set to \" `/` \", the output artifact is stored in the root of the output bucket.\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to \" `/` \", the output artifact is stored in `MyArtifacts/ *build-ID*` .\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", - "title": "Name", - "type": "string" - }, - "NamespaceType": { - "markdownDescription": "Along with `path` and `name` , the pattern that AWS CodeBuild uses to determine the name and location to store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `BUILD_ID` : Include the build ID in the location of the build output artifact.\n- `NONE` : Do not include the build ID. This is the default if `namespaceType` is not specified.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in `MyArtifacts//MyArtifact.zip` .", - "title": "NamespaceType", - "type": "string" - }, - "OverrideArtifactName": { - "markdownDescription": "If set to true a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell command language. For example, you can append a date and time to your artifact name so that it is always unique.", - "title": "OverrideArtifactName", - "type": "boolean" - }, - "Packaging": { - "markdownDescription": "The type of build output artifact to create:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `NONE` : AWS CodeBuild creates in the output bucket a folder that contains the build output. This is the default if `packaging` is not specified.\n- `ZIP` : AWS CodeBuild creates in the output bucket a ZIP file that contains the build output.", - "title": "Packaging", + "Action": { "type": "string" }, - "Path": { - "markdownDescription": "Along with `namespaceType` and `name` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the path to the output artifact. If `path` is not specified, `path` is not used.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `NONE` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in the output bucket at `MyArtifacts/MyArtifact.zip` .", - "title": "Path", + "InvocationPoint": { "type": "string" }, - "Type": { - "markdownDescription": "The type of build output artifact. Valid values include:\n\n- `CODEPIPELINE` : The build project has build output generated through CodePipeline.\n\n> The `CODEPIPELINE` type is not supported for `secondaryArtifacts` .\n- `NO_ARTIFACTS` : The build project does not produce any build output.\n- `S3` : The build project stores build output in Amazon S3.", - "title": "Type", + "TargetName": { "type": "string" } }, "required": [ - "Type" + "Action", + "InvocationPoint", + "TargetName" ], "type": "object" }, - "AWS::CodeBuild::Project.BatchRestrictions": { + "AWS::CloudFormation::GuardHook.Options": { "additionalProperties": false, "properties": { - "ComputeTypesAllowed": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide* for these values.", - "title": "ComputeTypesAllowed", - "type": "array" - }, - "MaximumBuildsAllowed": { - "markdownDescription": "Specifies the maximum number of builds allowed.", - "title": "MaximumBuildsAllowed", - "type": "number" + "InputParams": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.S3Location", + "markdownDescription": "Specifies the S3 location where your input parameters are located.", + "title": "InputParams" } }, "type": "object" }, - "AWS::CodeBuild::Project.BuildStatusConfig": { + "AWS::CloudFormation::GuardHook.S3Location": { "additionalProperties": false, "properties": { - "Context": { - "markdownDescription": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `name` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `context` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", - "title": "Context", + "Uri": { + "markdownDescription": "Specifies the S3 path to the file that contains your Guard rules or input parameters (in the form `s3:///` ).\n\nFor Guard rules, the object stored in S3 must have one of the following file extensions: `.guard` , `.zip` , or `.tar.gz` .\n\nFor input parameters, the object stored in S3 must have one of the following file extensions: `.yaml` , `.json` , `.zip` , or `.tar.gz` .", + "title": "Uri", "type": "string" }, - "TargetUrl": { - "markdownDescription": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `url` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `target_url` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", - "title": "TargetUrl", + "VersionId": { + "markdownDescription": "For S3 buckets with versioning enabled, specifies the unique ID of the S3 object version to download your Guard rules or input parameters from.\n\nThe Guard Hook downloads files from S3 every time the Hook is invoked. To prevent accidental changes or deletions, we recommend using a version when configuring your Guard Hook.", + "title": "VersionId", "type": "string" } }, + "required": [ + "Uri" + ], "type": "object" }, - "AWS::CodeBuild::Project.CloudWatchLogsConfig": { + "AWS::CloudFormation::GuardHook.StackFilters": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The group name of the logs in CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", - "title": "GroupName", + "FilteringCriteria": { + "markdownDescription": "The filtering criteria.\n\n- All stack names and stack roles ( `All` ): The Hook will only be invoked when all specified filters match.\n- Any stack names and stack roles ( `Any` ): The Hook will be invoked if at least one of the specified filters match.", + "title": "FilteringCriteria", "type": "string" }, - "Status": { - "markdownDescription": "The current status of the logs in CloudWatch Logs for a build project. Valid values are:\n\n- `ENABLED` : CloudWatch Logs are enabled for this build project.\n- `DISABLED` : CloudWatch Logs are not enabled for this build project.", - "title": "Status", - "type": "string" + "StackNames": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackNames", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations.", + "title": "StackNames" }, - "StreamName": { - "markdownDescription": "The prefix of the stream name of the CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", - "title": "StreamName", - "type": "string" + "StackRoles": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackRoles", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations based on their associated IAM roles.", + "title": "StackRoles" } }, "required": [ - "Status" + "FilteringCriteria" ], "type": "object" }, - "AWS::CodeBuild::Project.Environment": { + "AWS::CloudFormation::GuardHook.StackNames": { "additionalProperties": false, "properties": { - "Certificate": { - "markdownDescription": "The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see [certificate](https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.environment.certificate) in the *AWS CodeBuild User Guide* .", - "title": "Certificate", - "type": "string" - }, - "ComputeType": { - "markdownDescription": "The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", - "title": "ComputeType", - "type": "string" - }, - "EnvironmentVariables": { + "Exclude": { "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.EnvironmentVariable" + "type": "string" }, - "markdownDescription": "A set of environment variables to make available to builds for this build project.", - "title": "EnvironmentVariables", + "markdownDescription": "The stack names to exclude. All stacks except those listed here will invoke the Hook.", + "title": "Exclude", "type": "array" }, - "Fleet": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFleet" - }, - "Image": { - "markdownDescription": "The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:\n\n- For an image tag: `/:` . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be `aws/codebuild/standard:4.0` .\n- For an image digest: `/@` . For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use `/@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf` .\n\nFor more information, see [Docker images provided by CodeBuild](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-available.html) in the *AWS CodeBuild user guide* .", - "title": "Image", - "type": "string" - }, - "ImagePullCredentialsType": { - "markdownDescription": "The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:\n\n- `CODEBUILD` specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild service principal.\n- `SERVICE_ROLE` specifies that AWS CodeBuild uses your build project's service role.\n\nWhen you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.", - "title": "ImagePullCredentialsType", - "type": "string" - }, - "PrivilegedMode": { - "markdownDescription": "Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is `false` .\n\nYou can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:\n\nIf the operating system's base image is Ubuntu Linux:\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout 15 sh -c \"until docker info; do echo .; sleep 1; done\"`\n\nIf the operating system's base image is Alpine Linux and the previous command does not work, add the `-t` argument to `timeout` :\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout -t 15 sh -c \"until docker info; do echo .; sleep 1; done\"`", - "title": "PrivilegedMode", - "type": "boolean" - }, - "RegistryCredential": { - "$ref": "#/definitions/AWS::CodeBuild::Project.RegistryCredential", - "markdownDescription": "`RegistryCredential` is a property of the [AWS::CodeBuild::Project Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html#cfn-codebuild-project-environment) property that specifies information about credentials that provide access to a private Docker registry. When this is set:\n\n- `imagePullCredentialsType` must be set to `SERVICE_ROLE` .\n- images cannot be curated or an Amazon ECR image.", - "title": "RegistryCredential" - }, - "Type": { - "markdownDescription": "The type of build environment to use for related builds.\n\n> If you're using compute fleets during project creation, `type` will be ignored. \n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ComputeType", - "Image", - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.EnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name or key of the environment variable.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of environment variable. Valid values include:\n\n- `PARAMETER_STORE` : An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the `value` of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see [env/parameter-store](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store) in the *AWS CodeBuild User Guide* .\n- `PLAINTEXT` : An environment variable in plain text format. This is the default value.\n- `SECRETS_MANAGER` : An environment variable stored in AWS Secrets Manager . For environment variables of this type, specify the name of the secret as the `value` of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define AWS Secrets Manager environment variables in the buildspec. To learn how to do so, see [env/secrets-manager](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager) in the *AWS CodeBuild User Guide* .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` .", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.FilterGroup": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::CodeBuild::Project.GitSubmodulesConfig": { - "additionalProperties": false, - "properties": { - "FetchSubmodules": { - "markdownDescription": "Set to true to fetch Git submodules for your AWS CodeBuild build project.", - "title": "FetchSubmodules", - "type": "boolean" - } - }, - "required": [ - "FetchSubmodules" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.LogsConfig": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::CodeBuild::Project.CloudWatchLogsConfig", - "markdownDescription": "Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.", - "title": "CloudWatchLogs" - }, - "S3Logs": { - "$ref": "#/definitions/AWS::CodeBuild::Project.S3LogsConfig", - "markdownDescription": "Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.", - "title": "S3Logs" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectBuildBatchConfig": { - "additionalProperties": false, - "properties": { - "BatchReportMode": { - "markdownDescription": "Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.\n\n- **REPORT_AGGREGATED_BATCH** - (Default) Aggregate all of the build statuses into a single status report.\n- **REPORT_INDIVIDUAL_BUILDS** - Send a separate status report for each individual build.", - "title": "BatchReportMode", - "type": "string" - }, - "CombineArtifacts": { - "markdownDescription": "Specifies if the build artifacts for the batch build should be combined into a single artifact location.", - "title": "CombineArtifacts", - "type": "boolean" - }, - "Restrictions": { - "$ref": "#/definitions/AWS::CodeBuild::Project.BatchRestrictions", - "markdownDescription": "A `BatchRestrictions` object that specifies the restrictions for the batch build.", - "title": "Restrictions" - }, - "ServiceRole": { - "markdownDescription": "Specifies the service role ARN for the batch build project.", - "title": "ServiceRole", - "type": "string" - }, - "TimeoutInMins": { - "markdownDescription": "Specifies the maximum amount of time, in minutes, that the batch build must be completed in.", - "title": "TimeoutInMins", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectCache": { - "additionalProperties": false, - "properties": { - "Location": { - "markdownDescription": "Information about the cache location:\n\n- `NO_CACHE` or `LOCAL` : This value is ignored.\n- `S3` : This is the S3 bucket name/prefix.", - "title": "Location", - "type": "string" - }, - "Modes": { + "Include": { "items": { "type": "string" }, - "markdownDescription": "An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for `LOCAL` cache types.\n\nPossible values are:\n\n- **LOCAL_SOURCE_CACHE** - Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.\n- **LOCAL_DOCKER_LAYER_CACHE** - Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.\n\n> - You can use a Docker layer cache in the Linux environment only.\n> - The `privileged` flag must be set so that your project has the required Docker permissions.\n> - You should consider the security implications before you use a Docker layer cache.\n- **LOCAL_CUSTOM_CACHE** - Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:\n\n- Only directories can be specified for caching. You cannot specify individual files.\n- Symlinks are used to reference cached directories.\n- Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.", - "title": "Modes", + "markdownDescription": "The stack names to include. Only the stacks specified in this list will invoke the Hook.", + "title": "Include", "type": "array" - }, - "Type": { - "markdownDescription": "The type of cache used by the build project. Valid values include:\n\n- `NO_CACHE` : The build project does not use any cache.\n- `S3` : The build project reads and writes from and to S3.\n- `LOCAL` : The build project stores a cache locally on a build host that is only available to that build host.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectFileSystemLocation": { - "additionalProperties": false, - "properties": { - "Identifier": { - "markdownDescription": "The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the `identifier` in all capital letters to `CODEBUILD_` . For example, if you specify `my_efs` for `identifier` , a new environment variable is create named `CODEBUILD_MY_EFS` .\n\nThe `identifier` is used to mount your file system.", - "title": "Identifier", - "type": "string" - }, - "Location": { - "markdownDescription": "A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path` . You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is `fs-abcd1234.efs.us-west-2.amazonaws.com` , and its mount directory is `my-efs-mount-directory` , then the `location` is `fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory` .\n\nThe directory path in the format `efs-dns-name:/directory-path` is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.", - "title": "Location", - "type": "string" - }, - "MountOptions": { - "markdownDescription": "The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are `nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2` . For more information, see [Recommended NFS Mount Options](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-nfs-mount-settings.html) .", - "title": "MountOptions", - "type": "string" - }, - "MountPoint": { - "markdownDescription": "The location in the container where you mount the file system.", - "title": "MountPoint", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the file system. The one supported type is `EFS` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Identifier", - "Location", - "MountPoint", - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectFleet": { - "additionalProperties": false, - "properties": { - "FleetArn": { - "markdownDescription": "Specifies the compute fleet ARN for the build project.", - "title": "FleetArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectSourceVersion": { - "additionalProperties": false, - "properties": { - "SourceIdentifier": { - "markdownDescription": "An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", - "title": "SourceIdentifier", - "type": "string" - }, - "SourceVersion": { - "markdownDescription": "The source version for the corresponding source identifier. If specified, must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example, `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", - "title": "SourceVersion", - "type": "string" } }, - "required": [ - "SourceIdentifier" - ], "type": "object" }, - "AWS::CodeBuild::Project.ProjectTriggers": { + "AWS::CloudFormation::GuardHook.StackRoles": { "additionalProperties": false, "properties": { - "BuildType": { - "markdownDescription": "Specifies the type of build this webhook will trigger. Allowed values are:\n\n- **BUILD** - A single build\n- **BUILD_BATCH** - A batch build", - "title": "BuildType", - "type": "string" - }, - "FilterGroups": { + "Exclude": { "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.FilterGroup" + "type": "string" }, - "markdownDescription": "A list of lists of `WebhookFilter` objects used to determine which webhook events are triggered. At least one `WebhookFilter` in the array must specify `EVENT` as its type.", - "title": "FilterGroups", + "markdownDescription": "The IAM role ARNs for stacks you want to exclude. The Hook will be invoked on all stacks except those initiated by the specified roles.", + "title": "Exclude", "type": "array" }, - "Webhook": { - "markdownDescription": "Specifies whether or not to begin automatically rebuilding the source code every time a code change is pushed to the repository.", - "title": "Webhook", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.RegistryCredential": { - "additionalProperties": false, - "properties": { - "Credential": { - "markdownDescription": "The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager .\n\n> The `credential` can use the name of the credentials only if they exist in your current AWS Region .", - "title": "Credential", - "type": "string" - }, - "CredentialProvider": { - "markdownDescription": "The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager .", - "title": "CredentialProvider", - "type": "string" - } - }, - "required": [ - "Credential", - "CredentialProvider" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.S3LogsConfig": { - "additionalProperties": false, - "properties": { - "EncryptionDisabled": { - "markdownDescription": "Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "Location": { - "markdownDescription": "The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is `my-bucket` , and your path prefix is `build-log` , then acceptable formats are `my-bucket/build-log` or `arn:aws:s3:::my-bucket/build-log` .", - "title": "Location", - "type": "string" - }, - "Status": { - "markdownDescription": "The current status of the S3 build logs. Valid values are:\n\n- `ENABLED` : S3 build logs are enabled for this build project.\n- `DISABLED` : S3 build logs are not enabled for this build project.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.Source": { - "additionalProperties": false, - "properties": { - "Auth": { - "$ref": "#/definitions/AWS::CodeBuild::Project.SourceAuth", - "markdownDescription": "Information about the authorization settings for AWS CodeBuild to access the source code to be built.", - "title": "Auth" - }, - "BuildSpec": { - "markdownDescription": "The build specification for the project. If this value is not provided, then the source code must contain a buildspec file named `buildspec.yml` at the root level. If this value is provided, it can be either a single string containing the entire build specification, or the path to an alternate buildspec file relative to the value of the built-in environment variable `CODEBUILD_SRC_DIR` . The alternate buildspec file can have a name other than `buildspec.yml` , for example `myspec.yml` or `build_spec_qa.yml` or similar. For more information, see the [Build Spec Reference](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-example) in the *AWS CodeBuild User Guide* .", - "title": "BuildSpec", - "type": "string" - }, - "BuildStatusConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.BuildStatusConfig", - "markdownDescription": "Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB` , `GITHUB_ENTERPRISE` , or `BITBUCKET` .", - "title": "BuildStatusConfig" - }, - "GitCloneDepth": { - "markdownDescription": "The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.", - "title": "GitCloneDepth", - "type": "number" - }, - "GitSubmodulesConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.GitSubmodulesConfig", - "markdownDescription": "Information about the Git submodules configuration for the build project.", - "title": "GitSubmodulesConfig" - }, - "InsecureSsl": { - "markdownDescription": "This is used with GitHub Enterprise only. Set to true to ignore SSL warnings while connecting to your GitHub Enterprise project repository. The default value is `false` . `InsecureSsl` should be used for testing purposes only. It should not be used in a production environment.", - "title": "InsecureSsl", - "type": "boolean" - }, - "Location": { - "markdownDescription": "Information about the location of the source code to be built. Valid values include:\n\n- For source code settings that are specified in the source action of a pipeline in CodePipeline, `location` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.\n- For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, `https://git-codecommit..amazonaws.com/v1/repos/` ).\n- For source code in an Amazon S3 input bucket, one of the following.\n\n- The path to the ZIP file that contains the source code (for example, `//.zip` ).\n- The path to the folder that contains the source code (for example, `///` ).\n- For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n- For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the `auth` object's `type` value to `CODECONNECTIONS` in the `source` object.\n- For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n\nIf you specify `CODEPIPELINE` for the `Type` property, don't specify this property. For all of the other types, you must specify `Location` .", - "title": "Location", - "type": "string" - }, - "ReportBuildStatus": { - "markdownDescription": "Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an `invalidInputException` is thrown.", - "title": "ReportBuildStatus", - "type": "boolean" - }, - "SourceIdentifier": { - "markdownDescription": "An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", - "title": "SourceIdentifier", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of repository that contains the source code to be built. Valid values include:\n\n- `BITBUCKET` : The source code is in a Bitbucket repository.\n- `CODECOMMIT` : The source code is in an CodeCommit repository.\n- `CODEPIPELINE` : The source code settings are specified in the source action of a pipeline in CodePipeline.\n- `GITHUB` : The source code is in a GitHub repository.\n- `GITHUB_ENTERPRISE` : The source code is in a GitHub Enterprise Server repository.\n- `GITLAB` : The source code is in a GitLab repository.\n- `GITLAB_SELF_MANAGED` : The source code is in a self-managed GitLab repository.\n- `NO_SOURCE` : The project does not have input source code.\n- `S3` : The source code is in an Amazon S3 bucket.", - "title": "Type", - "type": "string" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs to target stacks associated with these roles. Only stack operations initiated by these roles will invoke the Hook.", + "title": "Include", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::CodeBuild::Project.SourceAuth": { + "AWS::CloudFormation::GuardHook.TargetFilters": { "additionalProperties": false, "properties": { - "Resource": { - "markdownDescription": "The resource value that applies to the specified authorization type.", - "title": "Resource", - "type": "string" + "Actions": { + "items": { + "type": "string" + }, + "type": "array" }, - "Type": { - "markdownDescription": "The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.VpcConfig": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { + "InvocationPoints": { "items": { "type": "string" }, - "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC. The maximum count is 5.", - "title": "SecurityGroupIds", "type": "array" }, - "Subnets": { + "TargetNames": { "items": { "type": "string" }, - "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC. The maximum count is 16.", - "title": "Subnets", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the Amazon VPC.", - "title": "VpcId", - "type": "string" + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.HookTarget" + }, + "type": "array" } }, "type": "object" }, - "AWS::CodeBuild::Project.WebhookFilter": { + "AWS::CloudFormation::HookDefaultVersion": { "additionalProperties": false, "properties": { - "ExcludeMatchedPattern": { - "markdownDescription": "Used to indicate that the `pattern` determines which webhook events do not trigger a build. If true, then a webhook event that does not match the `pattern` triggers a build. If false, then a webhook event that matches the `pattern` triggers a build.", - "title": "ExcludeMatchedPattern", - "type": "boolean" + "Condition": { + "type": "string" }, - "Pattern": { - "markdownDescription": "For a `WebHookFilter` that uses `EVENT` type, a comma-separated string that specifies one or more events. For example, the webhook filter `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` allows all push, pull request created, and pull request updated events to trigger a build.\n\nFor a `WebHookFilter` that uses any of the other filter types, a regular expression pattern. For example, a `WebHookFilter` that uses `HEAD_REF` for its `type` and the pattern `^refs/heads/` triggers a build when the head reference is a branch with a reference name `refs/heads/branch-name` .", - "title": "Pattern", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "TypeName": { + "markdownDescription": "The name of the Hook.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeName", + "type": "string" + }, + "TypeVersionArn": { + "markdownDescription": "The version ID of the type configuration.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeVersionArn", + "type": "string" + }, + "VersionId": { + "markdownDescription": "The version ID of the type specified.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "VersionId", + "type": "string" + } + }, + "type": "object" + }, "Type": { - "markdownDescription": "The type of webhook filter. There are 11 webhook filter types: `EVENT` , `ACTOR_ACCOUNT_ID` , `HEAD_REF` , `BASE_REF` , `FILE_PATH` , `COMMIT_MESSAGE` , `TAG_NAME` , `RELEASE_NAME` , `REPOSITORY_NAME` , `ORGANIZATION_NAME` , and `WORKFLOW_NAME` .\n\n- EVENT\n\n- A webhook event triggers a build when the provided `pattern` matches one of nine event types: `PUSH` , `PULL_REQUEST_CREATED` , `PULL_REQUEST_UPDATED` , `PULL_REQUEST_CLOSED` , `PULL_REQUEST_REOPENED` , `PULL_REQUEST_MERGED` , `RELEASED` , `PRERELEASED` , and `WORKFLOW_JOB_QUEUED` . The `EVENT` patterns are specified as a comma-separated string. For example, `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` filters all push, pull request created, and pull request updated events.\n\n> Types `PULL_REQUEST_REOPENED` and `WORKFLOW_JOB_QUEUED` work with GitHub and GitHub Enterprise only. Types `RELEASED` and `PRERELEASED` work with GitHub only.\n- ACTOR_ACCOUNT_ID\n\n- A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression `pattern` .\n- HEAD_REF\n\n- A webhook event triggers a build when the head reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` and `refs/tags/tag-name` .\n\n> Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.\n- BASE_REF\n\n- A webhook event triggers a build when the base reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` .\n\n> Works with pull request events only.\n- FILE_PATH\n\n- A webhook triggers a build when the path of a changed file matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- COMMIT_MESSAGE\n\n- A webhook triggers a build when the head commit message matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- TAG_NAME\n\n- A webhook triggers a build when the tag name of the release matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- RELEASE_NAME\n\n- A webhook triggers a build when the release name matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- REPOSITORY_NAME\n\n- A webhook triggers a build when the repository name matches the regular expression `pattern` .\n\n> Works with GitHub global or organization webhooks only.\n- ORGANIZATION_NAME\n\n- A webhook triggers a build when the organization name matches the regular expression `pattern` .\n\n> Works with GitHub global webhooks only.\n- WORKFLOW_NAME\n\n- A webhook triggers a build when the workflow name matches the regular expression `pattern` .\n\n> Works with `WORKFLOW_JOB_QUEUED` events only. > For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name.", - "title": "Type", + "enum": [ + "AWS::CloudFormation::HookDefaultVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Pattern", "Type" ], "type": "object" }, - "AWS::CodeBuild::ReportGroup": { + "AWS::CloudFormation::HookTypeConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -42008,44 +47020,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteReports": { - "markdownDescription": "When deleting a report group, specifies if reports within the report group should be deleted.\n\n- **true** - Deletes any reports that belong to the report group before deleting the report group.\n- **false** - You must delete any reports in the report group. This is the default value. If you delete a report group that contains one or more reports, an exception is thrown.", - "title": "DeleteReports", - "type": "boolean" - }, - "ExportConfig": { - "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.ReportExportConfig", - "markdownDescription": "Information about the destination where the raw data of this `ReportGroup` is exported.", - "title": "ExportConfig" + "Configuration": { + "markdownDescription": "Specifies the activated Hook type configuration, in this AWS account and AWS Region .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "Configuration", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the `ReportGroup` .", - "title": "Name", + "ConfigurationAlias": { + "markdownDescription": "An alias by which to refer to this configuration data.\n\nDefaults to `default` alias. Hook types currently support default configuration alias.", + "title": "ConfigurationAlias", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag key and value pairs associated with this report group.\n\nThese tags are available for use by AWS services that support AWS CodeBuild report group tags.", - "title": "Tags", - "type": "array" + "TypeArn": { + "markdownDescription": "The Amazon Resource Number (ARN) for the Hook to set `Configuration` for.\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "TypeArn", + "type": "string" }, - "Type": { - "markdownDescription": "The type of the `ReportGroup` . This can be one of the following values:\n\n- **CODE_COVERAGE** - The report group contains code coverage reports.\n- **TEST** - The report group contains test reports.", - "title": "Type", + "TypeName": { + "markdownDescription": "The unique name for your Hook. Specifies a three-part namespace for your Hook, with a recommended pattern of `Organization::Service::Hook` .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "TypeName", "type": "string" } }, "required": [ - "ExportConfig", - "Type" + "Configuration" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::ReportGroup" + "AWS::CloudFormation::HookTypeConfig" ], "type": "string" }, @@ -42064,65 +47067,7 @@ ], "type": "object" }, - "AWS::CodeBuild::ReportGroup.ReportExportConfig": { - "additionalProperties": false, - "properties": { - "ExportConfigType": { - "markdownDescription": "The export configuration type. Valid values are:\n\n- `S3` : The report results are exported to an S3 bucket.\n- `NO_EXPORT` : The report results are not exported.", - "title": "ExportConfigType", - "type": "string" - }, - "S3Destination": { - "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.S3ReportExportConfig", - "markdownDescription": "A `S3ReportExportConfig` object that contains information about the S3 bucket where the run of a report is exported.", - "title": "S3Destination" - } - }, - "required": [ - "ExportConfigType" - ], - "type": "object" - }, - "AWS::CodeBuild::ReportGroup.S3ReportExportConfig": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket where the raw data of a report are exported.", - "title": "Bucket", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.", - "title": "BucketOwner", - "type": "string" - }, - "EncryptionDisabled": { - "markdownDescription": "A boolean value that specifies if the results of a report are encrypted.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "EncryptionKey": { - "markdownDescription": "The encryption key for the report's encrypted raw data.", - "title": "EncryptionKey", - "type": "string" - }, - "Packaging": { - "markdownDescription": "The type of build output artifact to create. Valid values include:\n\n- `NONE` : CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.\n- `ZIP` : CodeBuild creates a ZIP file with the raw data in the output bucket.", - "title": "Packaging", - "type": "string" - }, - "Path": { - "markdownDescription": "The path to the exported report's raw data results.", - "title": "Path", - "type": "string" - } - }, - "required": [ - "Bucket" - ], - "type": "object" - }, - "AWS::CodeBuild::SourceCredential": { + "AWS::CloudFormation::HookVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -42157,37 +47102,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, CODECONNECTIONS, or SECRETS_MANAGER.", - "title": "AuthType", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.", + "title": "ExecutionRoleArn", "type": "string" }, - "ServerType": { - "markdownDescription": "The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.", - "title": "ServerType", - "type": "string" + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::HookVersion.LoggingConfig", + "markdownDescription": "Contains logging configuration information for an extension.", + "title": "LoggingConfig" }, - "Token": { - "markdownDescription": "For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the `authType` CODECONNECTIONS, this is the `connectionArn` . For the `authType` SECRETS_MANAGER, this is the `secretArn` .", - "title": "Token", + "SchemaHandlerPackage": { + "markdownDescription": "A URL to the Amazon S3 bucket for the Hook project package that contains the necessary files for the Hook you want to register.\n\nFor information on generating a schema handler package, see [Modeling custom CloudFormation Hooks](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html) in the *AWS CloudFormation Hooks User Guide* .\n\n> To register the Hook, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "SchemaHandlerPackage", "type": "string" }, - "Username": { - "markdownDescription": "The Bitbucket username when the `authType` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.", - "title": "Username", + "TypeName": { + "markdownDescription": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\n> The following organization namespaces are reserved and can't be used in your hook type names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `ASK`\n> - `AWS`\n> - `Custom`\n> - `Dev`", + "title": "TypeName", "type": "string" } }, "required": [ - "AuthType", - "ServerType", - "Token" + "SchemaHandlerPackage", + "TypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::SourceCredential" + "AWS::CloudFormation::HookVersion" ], "type": "string" }, @@ -42206,7 +47150,23 @@ ], "type": "object" }, - "AWS::CodeCommit::Repository": { + "AWS::CloudFormation::HookVersion.LoggingConfig": { + "additionalProperties": false, + "properties": { + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", + "title": "LogGroupName", + "type": "string" + }, + "LogRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", + "title": "LogRoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFormation::LambdaHook": { "additionalProperties": false, "properties": { "Condition": { @@ -42241,51 +47201,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Code": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.Code", - "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack. Information about code is only used in resource creation. Updates to a stack will not reflect changes made to code properties after initial resource creation.\n\n> You can only use this property to add code when creating a repository with a AWS CloudFormation template at creation time. This property cannot be used for updating code to an existing repository.", - "title": "Code" + "Alias": { + "markdownDescription": "The type name alias for the Hook. This alias must be unique per account and Region.\n\nThe alias must be in the form `Name1::Name2::Name3` and must not begin with `AWS` . For example, `Private::Lambda::MyTestHook` .", + "title": "Alias", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service encryption key used to encrypt and decrypt the repository.\n\n> The input can be the full ARN, the key ID, or the key alias. For more information, see [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html) .", - "title": "KmsKeyId", + "ExecutionRole": { + "markdownDescription": "The IAM role that the Hook assumes to invoke your Lambda function.", + "title": "ExecutionRole", "type": "string" }, - "RepositoryDescription": { - "markdownDescription": "A comment or description about the new repository.\n\n> The description field for a repository accepts all HTML characters and all valid Unicode characters. Applications that do not HTML-encode the description and display it in a webpage can expose users to potentially malicious code. Make sure that you HTML-encode the description field in any application that uses this API to display the repository description on a webpage.", - "title": "RepositoryDescription", + "FailureMode": { + "markdownDescription": "Specifies how the Hook responds when the Lambda function invoked by the Hook returns a `FAILED` response.\n\n- `FAIL` : Prevents the action from proceeding. This is helpful for enforcing strict compliance or security policies.\n- `WARN` : Issues warnings to users but allows actions to continue. This is useful for non-critical validations or informational checks.", + "title": "FailureMode", "type": "string" }, - "RepositoryName": { - "markdownDescription": "The name of the new repository to be created.\n\n> The repository name must be unique across the calling AWS account . Repository names are limited to 100 alphanumeric, dash, and underscore characters, and cannot include certain characters. For more information about the limits on repository names, see [Quotas](https://docs.aws.amazon.com/codecommit/latest/userguide/limits.html) in the *AWS CodeCommit User Guide* . The suffix .git is prohibited.", - "title": "RepositoryName", + "HookStatus": { + "markdownDescription": "Specifies if the Hook is `ENABLED` or `DISABLED` .", + "title": "HookStatus", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more tag key-value pairs to use when tagging this repository.", - "title": "Tags", - "type": "array" + "LambdaFunction": { + "markdownDescription": "Specifies the Lambda function for the Hook. You can use:\n\n- The full Amazon Resource Name (ARN) without a suffix.\n- A qualified ARN with a version or alias suffix.", + "title": "LambdaFunction", + "type": "string" }, - "Triggers": { + "StackFilters": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackFilters", + "markdownDescription": "Specifies the stack level filters for the Hook.\n\nExample stack level filter in JSON:\n\n`\"StackFilters\": {\"FilteringCriteria\": \"ALL\", \"StackNames\": {\"Exclude\": [ \"stack-1\", \"stack-2\"]}}` \n\nExample stack level filter in YAML:\n\n`StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2`", + "title": "StackFilters" + }, + "TargetFilters": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.TargetFilters", + "markdownDescription": "Specifies the target filters for the Hook.\n\nExample target filter in JSON:\n\n`\"TargetFilters\": {\"Actions\": [ \"Create\", \"Update\", \"Delete\" ]}` \n\nExample target filter in YAML:\n\n`TargetFilters: Actions: - CREATE - UPDATE - DELETE`", + "title": "TargetFilters" + }, + "TargetOperations": { "items": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.RepositoryTrigger" + "type": "string" }, - "markdownDescription": "The JSON block of configuration information for each trigger.", - "title": "Triggers", + "markdownDescription": "Specifies the list of operations the Hook is run against. For more information, see [Hook targets](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target) in the *AWS CloudFormation Hooks User Guide* .\n\nValid values: `STACK` | `RESOURCE` | `CHANGE_SET` | `CLOUD_CONTROL`", + "title": "TargetOperations", "type": "array" } }, "required": [ - "RepositoryName" + "Alias", + "ExecutionRole", + "FailureMode", + "HookStatus", + "LambdaFunction", + "TargetOperations" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeCommit::Repository" + "AWS::CloudFormation::LambdaHook" ], "type": "string" }, @@ -42304,93 +47276,125 @@ ], "type": "object" }, - "AWS::CodeCommit::Repository.Code": { + "AWS::CloudFormation::LambdaHook.HookTarget": { "additionalProperties": false, "properties": { - "BranchName": { - "markdownDescription": "Optional. Specifies a branch name to be used as the default branch when importing code into a repository on initial creation. If this property is not set, the name *main* will be used for the default branch for the repository. Changes to this property are ignored after initial resource creation. We recommend using this parameter to set the name to *main* to align with the default behavior of CodeCommit unless another name is needed.", - "title": "BranchName", + "Action": { "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.S3", - "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository. Changes to this property are ignored after initial resource creation.", - "title": "S3" + "InvocationPoint": { + "type": "string" + }, + "TargetName": { + "type": "string" } }, "required": [ - "S3" + "Action", + "InvocationPoint", + "TargetName" ], "type": "object" }, - "AWS::CodeCommit::Repository.RepositoryTrigger": { + "AWS::CloudFormation::LambdaHook.StackFilters": { "additionalProperties": false, "properties": { - "Branches": { - "items": { - "type": "string" - }, - "markdownDescription": "The branches to be included in the trigger configuration. If you specify an empty array, the trigger applies to all branches.\n\n> Although no content is required in the array, you must include the array itself.", - "title": "Branches", - "type": "array" - }, - "CustomData": { - "markdownDescription": "Any custom data associated with the trigger to be included in the information sent to the target of the trigger.", - "title": "CustomData", + "FilteringCriteria": { + "markdownDescription": "The filtering criteria.\n\n- All stack names and stack roles ( `All` ): The Hook will only be invoked when all specified filters match.\n- Any stack names and stack roles ( `Any` ): The Hook will be invoked if at least one of the specified filters match.", + "title": "FilteringCriteria", "type": "string" }, - "DestinationArn": { - "markdownDescription": "The ARN of the resource that is the target for a trigger (for example, the ARN of a topic in Amazon SNS).", - "title": "DestinationArn", - "type": "string" + "StackNames": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackNames", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations.", + "title": "StackNames" }, - "Events": { + "StackRoles": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackRoles", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations based on their associated IAM roles.", + "title": "StackRoles" + } + }, + "required": [ + "FilteringCriteria" + ], + "type": "object" + }, + "AWS::CloudFormation::LambdaHook.StackNames": { + "additionalProperties": false, + "properties": { + "Exclude": { "items": { "type": "string" }, - "markdownDescription": "The repository events that cause the trigger to run actions in another service, such as sending a notification through Amazon SNS.\n\n> The valid value \"all\" cannot be used with any other values.", - "title": "Events", + "markdownDescription": "The stack names to exclude. All stacks except those listed here will invoke the Hook.", + "title": "Exclude", "type": "array" }, - "Name": { - "markdownDescription": "The name of the trigger.", - "title": "Name", - "type": "string" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "The stack names to include. Only the stacks specified in this list will invoke the Hook.", + "title": "Include", + "type": "array" } }, - "required": [ - "DestinationArn", - "Events", - "Name" - ], "type": "object" }, - "AWS::CodeCommit::Repository.S3": { + "AWS::CloudFormation::LambdaHook.StackRoles": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content that will be committed to the new repository. This can be specified using the name of the bucket in the AWS account . Changes to this property are ignored after initial resource creation.", - "title": "Bucket", - "type": "string" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs for stacks you want to exclude. The Hook will be invoked on all stacks except those initiated by the specified roles.", + "title": "Exclude", + "type": "array" }, - "Key": { - "markdownDescription": "The key to use for accessing the Amazon S3 bucket. Changes to this property are ignored after initial resource creation. For more information, see [Creating object key names](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) and [Uploading objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/upload-objects.html) in the Amazon S3 User Guide.", - "title": "Key", - "type": "string" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs to target stacks associated with these roles. Only stack operations initiated by these roles will invoke the Hook.", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFormation::LambdaHook.TargetFilters": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "type": "array" }, - "ObjectVersion": { - "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket. Changes to this property are ignored after initial resource creation.", - "title": "ObjectVersion", - "type": "string" + "InvocationPoints": { + "items": { + "type": "string" + }, + "type": "array" + }, + "TargetNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.HookTarget" + }, + "type": "array" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::CodeConnections::Connection": { + "AWS::CloudFormation::Macro": { "additionalProperties": false, "properties": { "Condition": { @@ -42425,38 +47429,41 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", - "title": "ConnectionName", + "Description": { + "markdownDescription": "A description of the macro.", + "title": "Description", "type": "string" }, - "HostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", - "title": "HostArn", + "FunctionName": { + "markdownDescription": "The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.", + "title": "FunctionName", "type": "string" }, - "ProviderType": { - "markdownDescription": "The name of the external provider where your third-party code repository is configured.", - "title": "ProviderType", + "LogGroupName": { + "markdownDescription": "The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.\n\nThis will be an existing CloudWatch Logs LogGroup. Neither CloudFormation or Lambda will create the group.", + "title": "LogGroupName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "LogRoleARN": { + "markdownDescription": "The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .", + "title": "LogRoleARN", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the macro. The name of the macro must be unique across all macros in the account.", + "title": "Name", + "type": "string" } }, "required": [ - "ConnectionName" + "FunctionName", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeConnections::Connection" + "AWS::CloudFormation::Macro" ], "type": "string" }, @@ -42475,7 +47482,7 @@ ], "type": "object" }, - "AWS::CodeDeploy::Application": { + "AWS::CloudFormation::ModuleDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -42510,30 +47517,27 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> Updates to `ApplicationName` are not supported.", - "title": "ApplicationName", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the module version to set as the default version.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "Arn", "type": "string" }, - "ComputePlatform": { - "markdownDescription": "The compute platform that CodeDeploy deploys the application to.", - "title": "ComputePlatform", + "ModuleName": { + "markdownDescription": "The name of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "ModuleName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", - "title": "Tags", - "type": "array" + "VersionId": { + "markdownDescription": "The ID for the specific version of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "VersionId", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::Application" + "AWS::CloudFormation::ModuleDefaultVersion" ], "type": "string" }, @@ -42551,7 +47555,7 @@ ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig": { + "AWS::CloudFormation::ModuleVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -42586,37 +47590,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ComputePlatform": { - "markdownDescription": "The destination platform type for the deployment ( `Lambda` , `Server` , or `ECS` ).", - "title": "ComputePlatform", + "ModuleName": { + "markdownDescription": "The name of the module being registered.", + "title": "ModuleName", "type": "string" }, - "DeploymentConfigName": { - "markdownDescription": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DeploymentConfigName", + "ModulePackage": { + "markdownDescription": "A URL to the S3 bucket for the package that contains the template fragment and schema files for the module version to register.\n\nFor more information, see [Module structure and requirements](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the module version, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "ModulePackage", "type": "string" - }, - "MinimumHealthyHosts": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts", - "markdownDescription": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.\n\nThe type parameter takes either of the following values:\n\n- HOST_COUNT: The value parameter represents the minimum number of healthy instances as an absolute value.\n- FLEET_PERCENT: The value parameter represents the minimum number of healthy instances as a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\n\nThe value parameter takes an integer.\n\nFor example, to set a minimum of 95% healthy instance, specify a type of FLEET_PERCENT and a value of 95.\n\nFor more information about instance health, see [CodeDeploy Instance Health](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-health.html) in the AWS CodeDeploy User Guide.", - "title": "MinimumHealthyHosts" - }, - "TrafficRoutingConfig": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig", - "markdownDescription": "The configuration that specifies how the deployment traffic is routed.", - "title": "TrafficRoutingConfig" - }, - "ZonalConfig": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.ZonalConfig", - "markdownDescription": "Configure the `ZonalConfig` object if you want AWS CodeDeploy to deploy your application to one [Availability Zone](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones) at a time, within an AWS Region.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "ZonalConfig" } }, + "required": [ + "ModuleName", + "ModulePackage" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::DeploymentConfig" + "AWS::CloudFormation::ModuleVersion" ], "type": "string" }, @@ -42630,136 +47623,438 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { + "AWS::CloudFormation::PublicTypeVersion": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the extension.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "Arn", + "type": "string" + }, + "LogDeliveryBucket": { + "markdownDescription": "The S3 bucket to which CloudFormation delivers the contract test execution logs.\n\nCloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of `PASSED` or `FAILED` .\n\nThe user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions:\n\n- s3:GetObject\n- s3:PutObject", + "title": "LogDeliveryBucket", + "type": "string" + }, + "PublicVersionNumber": { + "markdownDescription": "The version number to assign to this version of the extension.\n\nUse the following format, and adhere to semantic versioning when assigning a version number to your extension:\n\n`MAJOR.MINOR.PATCH`\n\nFor more information, see [Semantic Versioning 2.0.0](https://docs.aws.amazon.com/https://semver.org/) .\n\nIf you don't specify a version number, CloudFormation increments the version number by one minor version release.\n\nYou cannot specify a version number the first time you publish a type. CloudFormation automatically sets the first version number to be `1.0.0` .", + "title": "PublicVersionNumber", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "Type", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "TypeName", + "type": "string" + } + }, + "type": "object" + }, "Type": { - "markdownDescription": "The minimum healthy instance type:\n\n- HOST_COUNT: The minimum number of healthy instance as an absolute value.\n- FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment.\n\nIn an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails.\n\n> In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. \n\nFor more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* .", - "title": "Type", + "enum": [ + "AWS::CloudFormation::PublicTypeVersion" + ], "type": "string" }, - "Value": { - "markdownDescription": "The minimum healthy instance value.", - "title": "Value", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Type", - "Value" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone": { + "AWS::CloudFormation::Publisher": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptTermsAndConditions": { + "markdownDescription": "Whether you accept the [Terms and Conditions](https://docs.aws.amazon.com/https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf) for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to register to publish public extensions to the CloudFormation registry.\n\nThe default is `false` .", + "title": "AcceptTermsAndConditions", + "type": "boolean" + }, + "ConnectionArn": { + "markdownDescription": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.\n\nFor more information, see [Prerequisite: Registering your account to publish CloudFormation extensions](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .", + "title": "ConnectionArn", + "type": "string" + } + }, + "required": [ + "AcceptTermsAndConditions" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The `type` associated with the `MinimumHealthyHostsPerZone` option.", - "title": "Type", + "enum": [ + "AWS::CloudFormation::Publisher" + ], "type": "string" }, - "Value": { - "markdownDescription": "The `value` associated with the `MinimumHealthyHostsPerZone` option.", - "title": "Value", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ "Type", - "Value" + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary": { + "AWS::CloudFormation::ResourceDefaultVersion": { "additionalProperties": false, "properties": { - "CanaryInterval": { - "markdownDescription": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.", - "title": "CanaryInterval", - "type": "number" + "Condition": { + "type": "string" }, - "CanaryPercentage": { - "markdownDescription": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.", - "title": "CanaryPercentage", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "TypeName": { + "markdownDescription": "The name of the resource.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeName", + "type": "string" + }, + "TypeVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource version.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeVersionArn", + "type": "string" + }, + "VersionId": { + "markdownDescription": "The ID of a specific version of the resource. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the resource version when it's registered.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "VersionId", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::ResourceDefaultVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "CanaryInterval", - "CanaryPercentage" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear": { + "AWS::CloudFormation::ResourceVersion": { "additionalProperties": false, "properties": { - "LinearInterval": { - "markdownDescription": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.", - "title": "LinearInterval", - "type": "number" + "Condition": { + "type": "string" }, - "LinearPercentage": { - "markdownDescription": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.", - "title": "LinearPercentage", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::ResourceVersion.LoggingConfig", + "markdownDescription": "Logging configuration information for a resource.", + "title": "LoggingConfig" + }, + "SchemaHandlerPackage": { + "markdownDescription": "A URL to the S3 bucket for the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package, see [Modeling resource types to use with AWS CloudFormation](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the resource version, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "SchemaHandlerPackage", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the resource being registered.\n\nWe recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* .\n\n> The following organization namespaces are reserved and can't be used in your resource names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `AWS`\n> - `Custom`\n> - `Dev`", + "title": "TypeName", + "type": "string" + } + }, + "required": [ + "SchemaHandlerPackage", + "TypeName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::ResourceVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "LinearInterval", - "LinearPercentage" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig": { + "AWS::CloudFormation::ResourceVersion.LoggingConfig": { "additionalProperties": false, "properties": { - "TimeBasedCanary": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary", - "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file.", - "title": "TimeBasedCanary" - }, - "TimeBasedLinear": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear", - "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file.", - "title": "TimeBasedLinear" + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch logs group to which CloudFormation sends error logging information when invoking the type's handlers.", + "title": "LogGroupName", + "type": "string" }, - "Type": { - "markdownDescription": "The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration.", - "title": "Type", + "LogRoleArn": { + "markdownDescription": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs.", + "title": "LogRoleArn", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.ZonalConfig": { + "AWS::CloudFormation::Stack": { "additionalProperties": false, "properties": { - "FirstZoneMonitorDurationInSeconds": { - "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "FirstZoneMonitorDurationInSeconds", - "type": "number" + "Condition": { + "type": "string" }, - "MinimumHealthyHostsPerZone": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone", - "markdownDescription": "The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* .\n\nIf you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "MinimumHealthyHostsPerZone" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MonitorDurationInSeconds": { - "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "MonitorDurationInSeconds", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "NotificationARNs": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).", + "title": "NotificationARNs", + "type": "array" + }, + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n> If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nRequired if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.", + "title": "Tags", + "type": "array" + }, + "TemplateURL": { + "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with `https://` .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", + "title": "TemplateURL", + "type": "string" + }, + "TimeoutInMinutes": { + "markdownDescription": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported.", + "title": "TimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "TemplateURL" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::Stack" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup": { + "AWS::CloudFormation::StackSet": { "additionalProperties": false, "properties": { "Condition": { @@ -42794,134 +48089,103 @@ "Properties": { "additionalProperties": false, "properties": { - "AlarmConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration", - "markdownDescription": "Information about the Amazon CloudWatch alarms that are associated with the deployment group.", - "title": "AlarmConfiguration" - }, - "ApplicationName": { - "markdownDescription": "The name of an existing CodeDeploy application to associate this deployment group with.", - "title": "ApplicationName", + "AdministrationRoleARN": { + "markdownDescription": "The Amazon Resource Number (ARN) of the IAM role to use to create this StackSet. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n\nValid only if the permissions model is `SELF_MANAGED` .", + "title": "AdministrationRoleARN", "type": "string" }, - "AutoRollbackConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration", - "markdownDescription": "Information about the automatic rollback configuration that is associated with the deployment group. If you specify this property, don't specify the `Deployment` property.", - "title": "AutoRollbackConfiguration" + "AutoDeployment": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.AutoDeployment", + "markdownDescription": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU). For more information, see [Enable or disable automatic deployments for StackSets in AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-manage-auto-deployment.html) in the *AWS CloudFormation User Guide* .\n\nRequired if the permissions model is `SERVICE_MANAGED` . (Not used with self-managed permissions.)", + "title": "AutoDeployment" }, - "AutoScalingGroups": { + "CallAs": { + "markdownDescription": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for StackSets with self-managed permissions.\n\n- To create a StackSet with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a StackSet with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStackSets with service-managed permissions are created in the management account, including StackSets that are created by delegated administrators.\n\nValid only if the permissions model is `SERVICE_MANAGED` .", + "title": "CallAs", + "type": "string" + }, + "Capabilities": { "items": { "type": "string" }, - "markdownDescription": "A list of associated Auto Scaling groups that CodeDeploy automatically deploys revisions to when new instances are created. Duplicates are not allowed.", - "title": "AutoScalingGroups", + "markdownDescription": "The capabilities that are allowed in the StackSet. Some StackSet templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new IAM users. For more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .", + "title": "Capabilities", "type": "array" }, - "BlueGreenDeploymentConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration", - "markdownDescription": "Information about blue/green deployment options for a deployment group.", - "title": "BlueGreenDeploymentConfiguration" - }, - "Deployment": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Deployment", - "markdownDescription": "The application revision to deploy to this deployment group. If you specify this property, your target application revision is deployed as soon as the provisioning process is complete. If you specify this property, don't specify the `AutoRollbackConfiguration` property.", - "title": "Deployment" - }, - "DeploymentConfigName": { - "markdownDescription": "A deployment configuration name or a predefined configuration name. With predefined configurations, you can deploy application revisions to one instance at a time ( `CodeDeployDefault.OneAtATime` ), half of the instances at a time ( `CodeDeployDefault.HalfAtATime` ), or all the instances at once ( `CodeDeployDefault.AllAtOnce` ). For more information and valid values, see [Working with Deployment Configurations](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) in the *AWS CodeDeploy User Guide* .", - "title": "DeploymentConfigName", + "Description": { + "markdownDescription": "A description of the StackSet.", + "title": "Description", "type": "string" }, - "DeploymentGroupName": { - "markdownDescription": "A name for the deployment group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment group name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DeploymentGroupName", + "ExecutionRoleName": { + "markdownDescription": "The name of the IAM execution role to use to create the StackSet. If you don't specify an execution role, CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the StackSet operation.\n\nValid only if the permissions model is `SELF_MANAGED` .\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", + "title": "ExecutionRoleName", "type": "string" }, - "DeploymentStyle": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentStyle", - "markdownDescription": "Attributes that determine the type of deployment to run and whether to route deployment traffic behind a load balancer.\n\nIf you specify this property with a blue/green deployment type, don't specify the `AutoScalingGroups` , `LoadBalancerInfo` , or `Deployment` properties.\n\n> For blue/green deployments, AWS CloudFormation supports deployments on Lambda compute platforms only. You can perform Amazon ECS blue/green deployments using `AWS::CodeDeploy::BlueGreen` hook. See [Perform Amazon ECS blue/green deployments through CodeDeploy using AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/blue-green.html) for more information.", - "title": "DeploymentStyle" + "ManagedExecution": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.ManagedExecution", + "markdownDescription": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", + "title": "ManagedExecution" }, - "ECSServices": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ECSService" - }, - "markdownDescription": "The target Amazon ECS services in the deployment group. This applies only to deployment groups that use the Amazon ECS compute platform. A target Amazon ECS service is specified as an Amazon ECS cluster and service name pair using the format `:` .", - "title": "ECSServices", - "type": "array" + "OperationPreferences": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.OperationPreferences", + "markdownDescription": "The user-specified preferences for how CloudFormation performs a StackSet operation.", + "title": "OperationPreferences" }, - "Ec2TagFilters": { + "Parameters": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" + "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" }, - "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group. Duplicates are not allowed.\n\nYou can specify `EC2TagFilters` or `Ec2TagSet` , but not both.", - "title": "Ec2TagFilters", + "markdownDescription": "The input parameters for the StackSet template.", + "title": "Parameters", "type": "array" }, - "Ec2TagSet": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSet", - "markdownDescription": "Information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same call as `ec2TagFilter` .", - "title": "Ec2TagSet" - }, - "LoadBalancerInfo": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo", - "markdownDescription": "Information about the load balancer to use in a deployment. For more information, see [Integrating CodeDeploy with Elastic Load Balancing](https://docs.aws.amazon.com/codedeploy/latest/userguide/integrations-aws-elastic-load-balancing.html) in the *AWS CodeDeploy User Guide* .", - "title": "LoadBalancerInfo" + "PermissionModel": { + "markdownDescription": "Describes how the IAM roles required for StackSet operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see [Activate trusted access for StackSets with AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html) in the *AWS CloudFormation User Guide* .", + "title": "PermissionModel", + "type": "string" }, - "OnPremisesInstanceTagFilters": { + "StackInstancesGroup": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + "$ref": "#/definitions/AWS::CloudFormation::StackSet.StackInstances" }, - "markdownDescription": "The on-premises instance tags already applied to on-premises instances that you want to include in the deployment group. CodeDeploy includes all on-premises instances identified by any of the tags you specify in this deployment group. To register on-premises instances with CodeDeploy , see [Working with On-Premises Instances for CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-on-premises.html) in the *AWS CodeDeploy User Guide* . Duplicates are not allowed.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", - "title": "OnPremisesInstanceTagFilters", + "markdownDescription": "A group of stack instances with parameters in some specific accounts and Regions.", + "title": "StackInstancesGroup", "type": "array" }, - "OnPremisesTagSet": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet", - "markdownDescription": "Information about groups of tags applied to on-premises instances. The deployment group includes only on-premises instances identified by all the tag groups.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", - "title": "OnPremisesTagSet" - }, - "OutdatedInstancesStrategy": { - "markdownDescription": "Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision.\n\nIf this option is set to `UPDATE` or is unspecified, CodeDeploy initiates one or more 'auto-update outdated instances' deployments to apply the deployed application revision to the new Amazon EC2 instances.\n\nIf this option is set to `IGNORE` , CodeDeploy does not initiate a deployment to update the new Amazon EC2 instances. This may result in instances having different revisions.", - "title": "OutdatedInstancesStrategy", - "type": "string" - }, - "ServiceRoleArn": { - "markdownDescription": "A service role Amazon Resource Name (ARN) that grants CodeDeploy permission to make calls to AWS services on your behalf. For more information, see [Create a Service Role for AWS CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-service-role.html) in the *AWS CodeDeploy User Guide* .\n\n> In some cases, you might need to add a dependency on the service role's policy. For more information, see IAM role policy in [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", - "title": "ServiceRoleArn", + "StackSetName": { + "markdownDescription": "The name to associate with the StackSet. The name must be unique in the Region where you create your StackSet.", + "title": "StackSetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to CodeDeploy deployment groups to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", + "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.\n\nIf you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.", "title": "Tags", "type": "array" }, - "TerminationHookEnabled": { - "markdownDescription": "Indicates whether the deployment group was configured to have CodeDeploy install a termination hook into an Auto Scaling group.\n\nFor more information about the termination hook, see [How Amazon EC2 Auto Scaling works with CodeDeploy](https://docs.aws.amazon.com//codedeploy/latest/userguide/integrations-aws-auto-scaling.html#integrations-aws-auto-scaling-behaviors) in the *AWS CodeDeploy User Guide* .", - "title": "TerminationHookEnabled", - "type": "boolean" + "TemplateBody": { + "markdownDescription": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates that contain dynamic references through `TemplateUrl` instead.", + "title": "TemplateBody", + "type": "string" }, - "TriggerConfigurations": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TriggerConfig" - }, - "markdownDescription": "Information about triggers associated with the deployment group. Duplicates are not allowed", - "title": "TriggerConfigurations", - "type": "array" + "TemplateURL": { + "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with `https://` .\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` .", + "title": "TemplateURL", + "type": "string" } }, "required": [ - "ApplicationName", - "ServiceRoleArn" + "PermissionModel", + "StackSetName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::DeploymentGroup" + "AWS::CloudFormation::StackSet" ], "type": "string" }, @@ -42940,473 +48204,776 @@ ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.Alarm": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the alarm. Maximum length is 255 characters. Each alarm name can be used only once in a list of alarms.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration": { + "AWS::CloudFormation::StackSet.AutoDeployment": { "additionalProperties": false, "properties": { - "Alarms": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Alarm" - }, - "markdownDescription": "A list of alarms configured for the deployment or deployment group. A maximum of 10 alarms can be added.", - "title": "Alarms", - "type": "array" - }, "Enabled": { - "markdownDescription": "Indicates whether the alarm configuration is enabled.", + "markdownDescription": "If set to `true` , StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.", "title": "Enabled", "type": "boolean" }, - "IgnorePollAlarmFailure": { - "markdownDescription": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from Amazon CloudWatch . The default value is `false` .\n\n- `true` : The deployment proceeds even if alarm status information can't be retrieved from CloudWatch .\n- `false` : The deployment stops if alarm status information can't be retrieved from CloudWatch .", - "title": "IgnorePollAlarmFailure", + "RetainStacksOnAccountRemoval": { + "markdownDescription": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` .", + "title": "RetainStacksOnAccountRemoval", "type": "boolean" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration": { + "AWS::CloudFormation::StackSet.DeploymentTargets": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether a defined automatic rollback configuration is currently enabled.", - "title": "Enabled", - "type": "boolean" + "AccountFilterType": { + "markdownDescription": "Refines which accounts to deploy stacks to by specifying how to use the `Accounts` and `OrganizationalUnitIds` properties together.\n\nThe following values determine how CloudFormation selects target accounts:\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` property.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` property.\n- `UNION` : StackSet deploys to the OU, and the accounts specified in the `Accounts` property. `UNION` is not supported for create operations when using StackSet as a resource or the `CreateStackInstances` API.", + "title": "AccountFilterType", + "type": "string" }, - "Events": { + "Accounts": { "items": { "type": "string" }, - "markdownDescription": "The event type or types that trigger a rollback. Valid values are `DEPLOYMENT_FAILURE` , `DEPLOYMENT_STOP_ON_ALARM` , or `DEPLOYMENT_STOP_ON_REQUEST` .", - "title": "Events", + "markdownDescription": "The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the `AccountsUrl` property instead.\n\n*Pattern* : `^[0-9]{12}$`", + "title": "Accounts", "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration": { - "additionalProperties": false, - "properties": { - "DeploymentReadyOption": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption", - "markdownDescription": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment.", - "title": "DeploymentReadyOption" - }, - "GreenFleetProvisioningOption": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption", - "markdownDescription": "Information about how instances are provisioned for a replacement environment in a blue/green deployment.", - "title": "GreenFleetProvisioningOption" }, - "TerminateBlueInstancesOnDeploymentSuccess": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption", - "markdownDescription": "Information about whether to terminate instances in the original fleet during a blue/green deployment.", - "title": "TerminateBlueInstancesOnDeploymentSuccess" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The action to take on instances in the original environment after a successful blue/green deployment.\n\n- `TERMINATE` : Instances are terminated after a specified wait time.\n- `KEEP_ALIVE` : Instances are left running after they are deregistered from the load balancer and removed from the deployment group.", - "title": "Action", + "AccountsUrl": { + "markdownDescription": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).\n\nThis property serves the same purpose as `Accounts` but allows you to specify a large number of accounts.", + "title": "AccountsUrl", "type": "string" }, - "TerminationWaitTimeInMinutes": { - "markdownDescription": "For an Amazon EC2 deployment, the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n\nFor an Amazon ECS deployment, the number of minutes before deleting the original (blue) task set. During an Amazon ECS deployment, CodeDeploy shifts traffic from the original (blue) task set to a replacement (green) task set.\n\nThe maximum setting is 2880 minutes (2 days).", - "title": "TerminationWaitTimeInMinutes", - "type": "number" + "OrganizationalUnitIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The organization root ID or organizational unit (OU) IDs.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`", + "title": "OrganizationalUnitIds", + "type": "array" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.Deployment": { + "AWS::CloudFormation::StackSet.ManagedExecution": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A comment about the deployment.", - "title": "Description", - "type": "string" - }, - "IgnoreApplicationStopFailures": { - "markdownDescription": "If true, then if an `ApplicationStop` , `BeforeBlockTraffic` , or `AfterBlockTraffic` deployment lifecycle event to an instance fails, then the deployment continues to the next deployment lifecycle event. For example, if `ApplicationStop` fails, the deployment continues with DownloadBundle. If `BeforeBlockTraffic` fails, the deployment continues with `BlockTraffic` . If `AfterBlockTraffic` fails, the deployment continues with `ApplicationStop` .\n\nIf false or not specified, then if a lifecycle event fails during a deployment to an instance, that deployment fails. If deployment to that instance is part of an overall deployment and the number of healthy hosts is not less than the minimum number of healthy hosts, then a deployment to the next instance is attempted.\n\nDuring a deployment, the AWS CodeDeploy agent runs the scripts specified for `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` in the AppSpec file from the previous successful deployment. (All other scripts are run from the AppSpec file in the current deployment.) If one of these scripts contains an error and does not run successfully, the deployment can fail.\n\nIf the cause of the failure is a script from the last successful deployment that will never run successfully, create a new deployment and use `ignoreApplicationStopFailures` to specify that the `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` failures should be ignored.", - "title": "IgnoreApplicationStopFailures", + "Active": { + "markdownDescription": "When `true` , CloudFormation performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, CloudFormation starts queued operations in request order.\n\n> If there are already running or queued operations, CloudFormation queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen `false` (default), StackSets performs one operation at a time in request order.", + "title": "Active", "type": "boolean" - }, - "Revision": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.RevisionLocation", - "markdownDescription": "Information about the location of stored application artifacts and the service from which to retrieve them.", - "title": "Revision" } }, - "required": [ - "Revision" - ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption": { + "AWS::CloudFormation::StackSet.OperationPreferences": { "additionalProperties": false, "properties": { - "ActionOnTimeout": { - "markdownDescription": "Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n\n- CONTINUE_DEPLOYMENT: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n- STOP_DEPLOYMENT: Do not register new instances with a load balancer unless traffic rerouting is started using [ContinueDeployment](https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html) . If traffic rerouting is not started before the end of the specified wait period, the deployment status is changed to Stopped.", - "title": "ActionOnTimeout", + "ConcurrencyMode": { + "markdownDescription": "Specifies how the concurrency level behaves during the operation execution.\n\n- `STRICT_FAILURE_TOLERANCE` : This option dynamically lowers the concurrency level to ensure the number of failed accounts never exceeds the value of `FailureToleranceCount` +1. The initial actual concurrency is set to the lower of either the value of the `MaxConcurrentCount` , or the value of `FailureToleranceCount` +1. The actual concurrency is then reduced proportionally by the number of failures. This is the default behavior.\n\nIf failure tolerance or Maximum concurrent accounts are set to percentages, the behavior is similar.\n- `SOFT_FAILURE_TOLERANCE` : This option decouples `FailureToleranceCount` from the actual concurrency. This allows StackSet operations to run at the concurrency level set by the `MaxConcurrentCount` value, or `MaxConcurrentPercentage` , regardless of the number of failures.", + "title": "ConcurrencyMode", "type": "string" }, - "WaitTimeInMinutes": { - "markdownDescription": "The number of minutes to wait before the status of a blue/green deployment is changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout` .", - "title": "WaitTimeInMinutes", + "FailureToleranceCount": { + "markdownDescription": "The number of accounts per Region this operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", + "title": "FailureToleranceCount", "type": "number" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.DeploymentStyle": { - "additionalProperties": false, - "properties": { - "DeploymentOption": { - "markdownDescription": "Indicates whether to route deployment traffic behind a load balancer.\n\n> An Amazon EC2 Application Load Balancer or Network Load Balancer is required for an Amazon ECS deployment.", - "title": "DeploymentOption", - "type": "string" }, - "DeploymentType": { - "markdownDescription": "Indicates whether to run an in-place or blue/green deployment.", - "title": "DeploymentType", + "FailureTolerancePercentage": { + "markdownDescription": "The percentage of accounts per Region this stack operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", + "title": "FailureTolerancePercentage", + "type": "number" + }, + "MaxConcurrentCount": { + "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", + "title": "MaxConcurrentCount", + "type": "number" + }, + "MaxConcurrentPercentage": { + "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", + "title": "MaxConcurrentPercentage", + "type": "number" + }, + "RegionConcurrencyType": { + "markdownDescription": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.", + "title": "RegionConcurrencyType", "type": "string" + }, + "RegionOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the Regions where you want to perform the stack operation.", + "title": "RegionOrder", + "type": "array" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagFilter": { + "AWS::CloudFormation::StackSet.Parameter": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag filter key.", - "title": "Key", - "type": "string" - }, - "Type": { - "markdownDescription": "The tag filter type:\n\n- `KEY_ONLY` : Key only.\n- `VALUE_ONLY` : Value only.\n- `KEY_AND_VALUE` : Key and value.", - "title": "Type", + "ParameterKey": { + "markdownDescription": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.", + "title": "ParameterKey", "type": "string" }, - "Value": { - "markdownDescription": "The tag filter value.", - "title": "Value", + "ParameterValue": { + "markdownDescription": "The input value associated with the parameter.", + "title": "ParameterValue", "type": "string" } }, + "required": [ + "ParameterKey", + "ParameterValue" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagSet": { + "AWS::CloudFormation::StackSet.StackInstances": { "additionalProperties": false, "properties": { - "Ec2TagSetList": { + "DeploymentTargets": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.DeploymentTargets", + "markdownDescription": "The AWS Organizations accounts or AWS accounts to deploy stacks to in the specified Regions.", + "title": "DeploymentTargets" + }, + "ParameterOverrides": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject" + "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" }, - "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group.\n\nDuplicates are not allowed.", - "title": "Ec2TagSetList", + "markdownDescription": "A list of StackSet parameters whose values you want to override in the selected stack instances.", + "title": "ParameterOverrides", "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject": { - "additionalProperties": false, - "properties": { - "Ec2TagGroup": { + }, + "Regions": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" + "type": "string" }, - "markdownDescription": "A list that contains other lists of Amazon EC2 instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.", - "title": "Ec2TagGroup", + "markdownDescription": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts .", + "title": "Regions", "type": "array" } }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.ECSService": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of the cluster that the Amazon ECS service is associated with.", - "title": "ClusterName", - "type": "string" - }, - "ServiceName": { - "markdownDescription": "The name of the target Amazon ECS service.", - "title": "ServiceName", - "type": "string" - } - }, "required": [ - "ClusterName", - "ServiceName" + "DeploymentTargets", + "Regions" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.ELBInfo": { + "AWS::CloudFormation::TypeActivation": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "For blue/green deployments, the name of the load balancer that is used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment is complete.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only.", - "title": "Name", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.GitHubLocation": { - "additionalProperties": false, - "properties": { - "CommitId": { - "markdownDescription": "The SHA1 commit ID of the GitHub commit that represents the bundled artifacts for the application revision.", - "title": "CommitId", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Repository": { - "markdownDescription": "The GitHub account and repository pair that stores a reference to the commit that represents the bundled artifacts for the application revision.\n\nSpecify the value as `account/repository` .", - "title": "Repository", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoUpdate": { + "markdownDescription": "Whether to automatically update the extension in this account and Region when a new *minor* version is published by the extension publisher. Major versions released by the publisher must be manually updated.\n\nThe default is `true` .", + "title": "AutoUpdate", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The name of the IAM execution role to use to activate the extension.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::TypeActivation.LoggingConfig", + "markdownDescription": "Specifies logging configuration information for an extension.", + "title": "LoggingConfig" + }, + "MajorVersion": { + "markdownDescription": "The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available *minor* version of the major version selected.\n\nYou can specify `MajorVersion` or `VersionBump` , but not both.", + "title": "MajorVersion", + "type": "string" + }, + "PublicTypeArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the public extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "PublicTypeArn", + "type": "string" + }, + "PublisherId": { + "markdownDescription": "The ID of the extension publisher.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "PublisherId", + "type": "string" + }, + "Type": { + "markdownDescription": "The extension type.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "Type", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "TypeName", + "type": "string" + }, + "TypeNameAlias": { + "markdownDescription": "An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.\n\nAn extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.", + "title": "TypeNameAlias", + "type": "string" + }, + "VersionBump": { + "markdownDescription": "Manually updates a previously-activated type to a new major or minor version, if available. You can also use this parameter to update the value of `AutoUpdate` .\n\n- `MAJOR` : CloudFormation updates the extension to the newest major version, if one is available.\n- `MINOR` : CloudFormation updates the extension to the newest minor version, if one is available.", + "title": "VersionBump", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::TypeActivation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CommitId", - "Repository" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption": { + "AWS::CloudFormation::TypeActivation.LoggingConfig": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The method used to add instances to a replacement environment.\n\n- `DISCOVER_EXISTING` : Use instances that already exist or will be created manually.\n- `COPY_AUTO_SCALING_GROUP` : Use settings from a specified Auto Scaling group to define and create instances in a new Auto Scaling group.", - "title": "Action", + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", + "title": "LogGroupName", + "type": "string" + }, + "LogRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", + "title": "LogRoleArn", "type": "string" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo": { + "AWS::CloudFormation::WaitCondition": { "additionalProperties": false, "properties": { - "ElbInfoList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ELBInfo" - }, - "markdownDescription": "An array that contains information about the load balancers to use for load balancing in a deployment. If you're using Classic Load Balancers, specify those load balancers in this array.\n\n> You can add up to 10 load balancers to the array. > If you're using Application Load Balancers or Network Load Balancers, use the `targetGroupInfoList` array instead of this one.", - "title": "ElbInfoList", - "type": "array" + "Condition": { + "type": "string" }, - "TargetGroupInfoList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" - }, - "markdownDescription": "An array that contains information about the target groups to use for load balancing in a deployment. If you're using Application Load Balancers and Network Load Balancers, specify their associated target groups in this array.\n\n> You can add up to 10 target groups to the array. > If you're using Classic Load Balancers, use the `elbInfoList` array instead of this one.", - "title": "TargetGroupInfoList", - "type": "array" + "CreationPolicy": { + "type": "object" }, - "TargetGroupPairInfoList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back.\n\nUpdates aren't supported.", + "title": "Count", + "type": "number" + }, + "Handle": { + "markdownDescription": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [AWS::CloudFormation::WaitConditionHandle](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-cloudformation-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", + "title": "Handle", + "type": "string" + }, + "Timeout": { + "markdownDescription": "The length of time (in seconds) to wait for the number of signals that the `Count` property specifies. `Timeout` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).\n\nUpdates aren't supported.", + "title": "Timeout", + "type": "string" + } }, - "markdownDescription": "The target group pair information. This is an array of `TargeGroupPairInfo` objects with a maximum size of one.", - "title": "TargetGroupPairInfoList", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::WaitCondition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet": { + "AWS::CloudFormation::WaitConditionHandle": { "additionalProperties": false, "properties": { - "OnPremisesTagSetList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject" - }, - "markdownDescription": "A list that contains other lists of on-premises instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.\n\nDuplicates are not allowed.", - "title": "OnPremisesTagSetList", - "type": "array" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::WaitConditionHandle" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject": { + "AWS::CloudFront::AnycastIpList": { "additionalProperties": false, "properties": { - "OnPremisesTagGroup": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IpCount": { + "markdownDescription": "The number of IP addresses in the Anycast static IP list.", + "title": "IpCount", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the Anycast static IP list.", + "title": "Name", + "type": "string" + }, + "Tags": { + "$ref": "#/definitions/AWS::CloudFront::AnycastIpList.Tags", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags" + } }, - "markdownDescription": "Information about groups of on-premises instance tags.", - "title": "OnPremisesTagGroup", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.RevisionLocation": { - "additionalProperties": false, - "properties": { - "GitHubLocation": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GitHubLocation", - "markdownDescription": "Information about the location of application artifacts stored in GitHub.", - "title": "GitHubLocation" + "required": [ + "IpCount", + "Name" + ], + "type": "object" }, - "RevisionType": { - "markdownDescription": "The type of application revision:\n\n- S3: An application revision stored in Amazon S3.\n- GitHub: An application revision stored in GitHub (EC2/On-premises deployments only).\n- String: A YAML-formatted or JSON-formatted string ( AWS Lambda deployments only).\n- AppSpecContent: An `AppSpecContent` object that contains the contents of an AppSpec file for an AWS Lambda or Amazon ECS deployment. The content is formatted as JSON or YAML stored as a RawString.", - "title": "RevisionType", + "Type": { + "enum": [ + "AWS::CloudFront::AnycastIpList" + ], "type": "string" }, - "S3Location": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.S3Location", - "markdownDescription": "Information about the location of a revision stored in Amazon S3.", - "title": "S3Location" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.S3Location": { + "AWS::CloudFront::AnycastIpList.AnycastIpList": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where the application revision is stored.", - "title": "Bucket", + "AnycastIps": { + "items": { + "type": "string" + }, + "markdownDescription": "The static IP addresses that are allocated to the Anycast static IP list.", + "title": "AnycastIps", + "type": "array" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Anycast static IP list.", + "title": "Arn", "type": "string" }, - "BundleType": { - "markdownDescription": "The file type of the application revision. Must be one of the following:\n\n- JSON\n- tar: A tar archive file.\n- tgz: A compressed tar archive file.\n- YAML\n- zip: A zip archive file.", - "title": "BundleType", + "Id": { + "markdownDescription": "The ID of the Anycast static IP list.", + "title": "Id", "type": "string" }, - "ETag": { - "markdownDescription": "The ETag of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the ETag is not specified as an input parameter, ETag validation of the object is skipped.", - "title": "ETag", + "IpCount": { + "markdownDescription": "The number of IP addresses in the Anycast static IP list.", + "title": "IpCount", + "type": "number" + }, + "LastModifiedTime": { + "markdownDescription": "The last time the Anycast static IP list was modified.", + "title": "LastModifiedTime", "type": "string" }, - "Key": { - "markdownDescription": "The name of the Amazon S3 object that represents the bundled artifacts for the application revision.", - "title": "Key", + "Name": { + "markdownDescription": "The name of the Anycast static IP list.", + "title": "Name", "type": "string" }, - "Version": { - "markdownDescription": "A specific version of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the version is not specified, the system uses the most recent version by default.", - "title": "Version", + "Status": { + "markdownDescription": "The status of the Anycast static IP list. Valid values: `Deployed` , `Deploying` , or `Failed` .", + "title": "Status", "type": "string" } }, "required": [ - "Bucket", - "Key" + "AnycastIps", + "Arn", + "Id", + "IpCount", + "LastModifiedTime", + "Name", + "Status" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TagFilter": { + "AWS::CloudFront::AnycastIpList.Tags": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The on-premises instance tag filter key.", - "title": "Key", + "Items": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A complex type that contains `Tag` elements.", + "title": "Items", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFront::CachePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CachePolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CachePolicyConfig", + "markdownDescription": "The cache policy configuration.", + "title": "CachePolicyConfig" + } + }, + "required": [ + "CachePolicyConfig" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The on-premises instance tag filter type:\n\n- KEY_ONLY: Key only.\n- VALUE_ONLY: Value only.\n- KEY_AND_VALUE: Key and value.", - "title": "Type", + "enum": [ + "AWS::CloudFront::CachePolicy" + ], "type": "string" }, - "Value": { - "markdownDescription": "The on-premises instance tag filter value.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo": { + "AWS::CloudFront::CachePolicy.CachePolicyConfig": { "additionalProperties": false, "properties": { + "Comment": { + "markdownDescription": "A comment to describe the cache policy. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "DefaultTTL": { + "markdownDescription": "The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 86400 seconds (one day). If the value of `MinTTL` is more than 86400 seconds, then the default value for this field is the same as the value of `MinTTL` .", + "title": "DefaultTTL", + "type": "number" + }, + "MaxTTL": { + "markdownDescription": "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 31536000 seconds (one year). If the value of `MinTTL` or `DefaultTTL` is more than 31536000 seconds, then the default value for this field is the same as the value of `DefaultTTL` .", + "title": "MaxTTL", + "type": "number" + }, + "MinTTL": { + "markdownDescription": "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MinTTL", + "type": "number" + }, "Name": { - "markdownDescription": "For blue/green deployments, the name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. No duplicates allowed.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only. \n\nThis value cannot exceed 32 characters, so you should use the `Name` property of the target group, or the `TargetGroupName` attribute with the `Fn::GetAtt` intrinsic function, as shown in the following example. Don't use the group's Amazon Resource Name (ARN) or `TargetGroupFullName` attribute.", + "markdownDescription": "A unique name to identify the cache policy.", "title": "Name", "type": "string" + }, + "ParametersInCacheKeyAndForwardedToOrigin": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin", + "markdownDescription": "The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.", + "title": "ParametersInCacheKeyAndForwardedToOrigin" } }, + "required": [ + "DefaultTTL", + "MaxTTL", + "MinTTL", + "Name", + "ParametersInCacheKeyAndForwardedToOrigin" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo": { + "AWS::CloudFront::CachePolicy.CookiesConfig": { "additionalProperties": false, "properties": { - "ProdTrafficRoute": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", - "markdownDescription": "The path used by a load balancer to route production traffic when an Amazon ECS deployment is complete.", - "title": "ProdTrafficRoute" + "CookieBehavior": { + "markdownDescription": "Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** for those that are listed in the `CookieNames` type, which are not included.\n- `all` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "CookieBehavior", + "type": "string" }, - "TargetGroups": { + "Cookies": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" + "type": "string" }, - "markdownDescription": "One pair of target groups. One is associated with the original task set. The second is associated with the task set that serves traffic after the deployment is complete.", - "title": "TargetGroups", + "markdownDescription": "Contains a list of cookie names.", + "title": "Cookies", "type": "array" - }, - "TestTrafficRoute": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", - "markdownDescription": "An optional path used by a load balancer to route test traffic after an Amazon ECS deployment. Validation can occur while test traffic is served during a deployment.", - "title": "TestTrafficRoute" } }, + "required": [ + "CookieBehavior" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TrafficRoute": { + "AWS::CloudFront::CachePolicy.HeadersConfig": { "additionalProperties": false, "properties": { - "ListenerArns": { + "HeaderBehavior": { + "markdownDescription": "Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "HeaderBehavior", + "type": "string" + }, + "Headers": { "items": { "type": "string" }, - "markdownDescription": "The Amazon Resource Name (ARN) of one listener. The listener identifies the route between a target group and a load balancer. This is an array of strings with a maximum size of one.", - "title": "ListenerArns", + "markdownDescription": "Contains a list of HTTP header names.", + "title": "Headers", "type": "array" } }, + "required": [ + "HeaderBehavior" + ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.TriggerConfig": { + "AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin": { "additionalProperties": false, "properties": { - "TriggerEvents": { + "CookiesConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CookiesConfig", + "markdownDescription": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "CookiesConfig" + }, + "EnableAcceptEncodingBrotli": { + "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingGzip` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", + "title": "EnableAcceptEncodingBrotli", + "type": "boolean" + }, + "EnableAcceptEncodingGzip": { + "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingBrotli` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", + "title": "EnableAcceptEncodingGzip", + "type": "boolean" + }, + "HeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.HeadersConfig", + "markdownDescription": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "HeadersConfig" + }, + "QueryStringsConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.QueryStringsConfig", + "markdownDescription": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "QueryStringsConfig" + } + }, + "required": [ + "CookiesConfig", + "EnableAcceptEncodingGzip", + "HeadersConfig", + "QueryStringsConfig" + ], + "type": "object" + }, + "AWS::CloudFront::CachePolicy.QueryStringsConfig": { + "additionalProperties": false, + "properties": { + "QueryStringBehavior": { + "markdownDescription": "Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** those that are listed in the `QueryStringNames` type, which are not included.\n- `all` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "QueryStringBehavior", + "type": "string" + }, + "QueryStrings": { "items": { "type": "string" }, - "markdownDescription": "The event type or types that trigger notifications.", - "title": "TriggerEvents", + "markdownDescription": "Contains a list of query string names.", + "title": "QueryStrings", "type": "array" - }, - "TriggerName": { - "markdownDescription": "The name of the notification trigger.", - "title": "TriggerName", - "type": "string" - }, - "TriggerTargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic through which notifications about deployment or instance events are sent.", - "title": "TriggerTargetArn", - "type": "string" } }, + "required": [ + "QueryStringBehavior" + ], "type": "object" }, - "AWS::CodeGuruProfiler::ProfilingGroup": { + "AWS::CloudFront::CloudFrontOriginAccessIdentity": { "additionalProperties": false, "properties": { "Condition": { @@ -43441,46 +49008,20 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentPermissions": { - "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions", - "markdownDescription": "The agent permissions attached to this profiling group. This action group grants `ConfigureAgent` and `PostAgentProfile` permissions to perform actions required by the profiling agent. The Json consists of key `Principals` .\n\n*Principals* : A list of string ARNs for the roles and users you want to grant access to the profiling group. Wildcards are not supported in the ARNs. You are allowed to provide up to 50 ARNs. An empty list is not permitted. This is a required key.\n\nFor more information, see [Resource-based policies in CodeGuru Profiler](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/resource-based-policies.html) in the *Amazon CodeGuru Profiler user guide* , [ConfigureAgent](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html) , and [PostAgentProfile](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html) .", - "title": "AgentPermissions" - }, - "AnomalyDetectionNotificationConfiguration": { - "items": { - "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.Channel" - }, - "markdownDescription": "Adds anomaly notifications for a profiling group.", - "title": "AnomalyDetectionNotificationConfiguration", - "type": "array" - }, - "ComputePlatform": { - "markdownDescription": "The compute platform of the profiling group. Use `AWSLambda` if your application runs on AWS Lambda. Use `Default` if your application runs on a compute platform that is not AWS Lambda , such an Amazon EC2 instance, an on-premises server, or a different platform. If not specified, `Default` is used. This property is immutable.", - "title": "ComputePlatform", - "type": "string" - }, - "ProfilingGroupName": { - "markdownDescription": "The name of the profiling group.", - "title": "ProfilingGroupName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to add to the created profiling group.", - "title": "Tags", - "type": "array" + "CloudFrontOriginAccessIdentityConfig": { + "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig", + "markdownDescription": "The current configuration information for the identity.", + "title": "CloudFrontOriginAccessIdentityConfig" } }, "required": [ - "ProfilingGroupName" + "CloudFrontOriginAccessIdentityConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeGuruProfiler::ProfilingGroup" + "AWS::CloudFront::CloudFrontOriginAccessIdentity" ], "type": "string" }, @@ -43499,43 +49040,21 @@ ], "type": "object" }, - "AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions": { - "additionalProperties": false, - "properties": { - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Principals", - "type": "array" - } - }, - "required": [ - "Principals" - ], - "type": "object" - }, - "AWS::CodeGuruProfiler::ProfilingGroup.Channel": { + "AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig": { "additionalProperties": false, "properties": { - "channelId": { - "markdownDescription": "The channel ID.", - "title": "channelId", - "type": "string" - }, - "channelUri": { - "markdownDescription": "The channel URI.", - "title": "channelUri", + "Comment": { + "markdownDescription": "A comment to describe the origin access identity. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" } }, "required": [ - "channelUri" + "Comment" ], "type": "object" }, - "AWS::CodeGuruReviewer::RepositoryAssociation": { + "AWS::CloudFront::ConnectionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -43570,49 +49089,43 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the bucket. This is required for your S3Bucket repository. The name must start with the prefix `codeguru-reviewer-*` .", - "title": "BucketName", + "AnycastIpListId": { + "markdownDescription": "The ID of the Anycast static IP list.", + "title": "AnycastIpListId", "type": "string" }, - "ConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. Its format is `arn:aws:codestar-connections:region-id:aws-account_id:connection/connection-id` . For more information, see [Connection](https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_Connection.html) in the *AWS CodeStar Connections API Reference* .\n\n`ConnectionArn` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", - "title": "ConnectionArn", - "type": "string" + "Enabled": { + "markdownDescription": "Whether the connection group is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Ipv6Enabled": { + "markdownDescription": "IPv6 is enabled for the connection group.", + "title": "Ipv6Enabled", + "type": "boolean" }, "Name": { - "markdownDescription": "The name of the repository.", + "markdownDescription": "The name of the connection group.", "title": "Name", "type": "string" }, - "Owner": { - "markdownDescription": "The owner of the repository. For a GitHub Enterprise Server or Bitbucket repository, this is the username for the account that owns the repository.\n\n`Owner` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", - "title": "Owner", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs used to tag an associated repository. A tag is a custom attribute label with two parts:\n\n- A *tag key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag keys are case sensitive.\n- An optional field known as a *tag value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag value is the same as using an empty string. Like tag keys, tag values are case sensitive.", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of repository that contains the source code to be reviewed. The valid values are:\n\n- `CodeCommit`\n- `Bitbucket`\n- `GitHubEnterpriseServer`\n- `S3Bucket`", - "title": "Type", - "type": "string" } }, "required": [ - "Name", - "Type" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeGuruReviewer::RepositoryAssociation" + "AWS::CloudFront::ConnectionGroup" ], "type": "string" }, @@ -43631,7 +49144,7 @@ ], "type": "object" }, - "AWS::CodePipeline::CustomActionType": { + "AWS::CloudFront::ContinuousDeploymentPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -43666,65 +49179,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Category": { - "markdownDescription": "The category of the custom action, such as a build action or a test action.", - "title": "Category", - "type": "string" - }, - "ConfigurationProperties": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ConfigurationProperties" - }, - "markdownDescription": "The configuration properties for the custom action.\n\n> You can refer to a name in the configuration properties of the custom action within the URL templates by following the format of {Config:name}, as long as the configuration property is both required and not secret. For more information, see [Create a Custom Action for a Pipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-create-custom-action.html) .", - "title": "ConfigurationProperties", - "type": "array" - }, - "InputArtifactDetails": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", - "markdownDescription": "The details of the input artifact for the action, such as its commit ID.", - "title": "InputArtifactDetails" - }, - "OutputArtifactDetails": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", - "markdownDescription": "The details of the output artifact of the action, such as its commit ID.", - "title": "OutputArtifactDetails" - }, - "Provider": { - "markdownDescription": "The provider of the service used in the custom action, such as CodeDeploy.", - "title": "Provider", - "type": "string" - }, - "Settings": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.Settings", - "markdownDescription": "URLs that provide users information about this custom action.", - "title": "Settings" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the custom action.", - "title": "Tags", - "type": "array" - }, - "Version": { - "markdownDescription": "The version identifier of the custom action.", - "title": "Version", - "type": "string" + "ContinuousDeploymentPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig", + "markdownDescription": "Contains the configuration for a continuous deployment policy.", + "title": "ContinuousDeploymentPolicyConfig" } }, "required": [ - "Category", - "InputArtifactDetails", - "OutputArtifactDetails", - "Provider", - "Version" + "ContinuousDeploymentPolicyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodePipeline::CustomActionType" + "AWS::CloudFront::ContinuousDeploymentPolicy" ], "type": "string" }, @@ -43743,100 +49211,172 @@ ], "type": "object" }, - "AWS::CodePipeline::CustomActionType.ArtifactDetails": { + "AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig": { "additionalProperties": false, "properties": { - "MaximumCount": { - "markdownDescription": "The maximum number of artifacts allowed for the action type.", - "title": "MaximumCount", + "Enabled": { + "markdownDescription": "A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is `true` , this policy is enabled and in effect. When this value is `false` , this policy is not enabled and has no effect.", + "title": "Enabled", + "type": "boolean" + }, + "SingleHeaderPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig", + "markdownDescription": "This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.", + "title": "SingleHeaderPolicyConfig" + }, + "SingleWeightPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig", + "markdownDescription": "This configuration determines the percentage of HTTP requests that are sent to the staging distribution.", + "title": "SingleWeightPolicyConfig" + }, + "StagingDistributionDnsNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The CloudFront domain name of the staging distribution. For example: `d111111abcdef8.cloudfront.net` .", + "title": "StagingDistributionDnsNames", + "type": "array" + }, + "TrafficConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig", + "markdownDescription": "Contains the parameters for routing production traffic from your primary to staging distributions.", + "title": "TrafficConfig" + }, + "Type": { + "markdownDescription": "The type of traffic configuration.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Enabled", + "StagingDistributionDnsNames" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig": { + "additionalProperties": false, + "properties": { + "IdleTTL": { + "markdownDescription": "The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", + "title": "IdleTTL", "type": "number" }, - "MinimumCount": { - "markdownDescription": "The minimum number of artifacts allowed for the action type.", - "title": "MinimumCount", + "MaximumTTL": { + "markdownDescription": "The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", + "title": "MaximumTTL", "type": "number" } }, "required": [ - "MaximumCount", - "MinimumCount" + "IdleTTL", + "MaximumTTL" ], "type": "object" }, - "AWS::CodePipeline::CustomActionType.ConfigurationProperties": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the action configuration property that is displayed to users.", - "title": "Description", - "type": "string" - }, - "Key": { - "markdownDescription": "Whether the configuration property is a key.", - "title": "Key", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the action configuration property.", - "title": "Name", + "Header": { + "markdownDescription": "The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix `aws-cf-cd-` .", + "title": "Header", "type": "string" }, - "Queryable": { - "markdownDescription": "Indicates that the property is used with `PollForJobs` . When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.\n\nIf you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens.", - "title": "Queryable", - "type": "boolean" - }, - "Required": { - "markdownDescription": "Whether the configuration property is a required value.", - "title": "Required", - "type": "boolean" - }, - "Secret": { - "markdownDescription": "Whether the configuration property is secret. Secrets are hidden from all calls except for `GetJobDetails` , `GetThirdPartyJobDetails` , `PollForJobs` , and `PollForThirdPartyJobs` .\n\nWhen updating a pipeline, passing * * * * * without changing any other values of the action preserves the previous value of the secret.", - "title": "Secret", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of the configuration property.", - "title": "Type", + "Value": { + "markdownDescription": "The request header value.", + "title": "Value", "type": "string" } }, "required": [ - "Key", - "Name", - "Required", - "Secret" + "Header", + "Value" ], "type": "object" }, - "AWS::CodePipeline::CustomActionType.Settings": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig": { "additionalProperties": false, "properties": { - "EntityUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for a CodeDeploy deployment group. This link is provided as part of the action display in the pipeline.", - "title": "EntityUrlTemplate", + "Header": { + "markdownDescription": "The name of the HTTP header that CloudFront uses to configure for the single header policy.", + "title": "Header", "type": "string" }, - "ExecutionUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for CodeDeploy. This link is shown on the pipeline view page in the CodePipeline console and provides a link to the execution entity of the external action.", - "title": "ExecutionUrlTemplate", + "Value": { + "markdownDescription": "Specifies the value to assign to the header for a single header policy.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Header", + "Value" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig": { + "additionalProperties": false, + "properties": { + "SessionStickinessConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", + "markdownDescription": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.", + "title": "SessionStickinessConfig" }, - "RevisionUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action.", - "title": "RevisionUrlTemplate", - "type": "string" + "Weight": { + "markdownDescription": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Weight" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig": { + "additionalProperties": false, + "properties": { + "SessionStickinessConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", + "markdownDescription": "Enable session stickiness for the associated origin or cache settings.", + "title": "SessionStickinessConfig" }, - "ThirdPartyConfigurationUrl": { - "markdownDescription": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service.", - "title": "ThirdPartyConfigurationUrl", + "Weight": { + "markdownDescription": "The percentage of requests that CloudFront will use to send to an associated origin or cache settings.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Weight" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig": { + "additionalProperties": false, + "properties": { + "SingleHeaderConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig", + "markdownDescription": "Determines which HTTP requests are sent to the staging distribution.", + "title": "SingleHeaderConfig" + }, + "SingleWeightConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig", + "markdownDescription": "Contains the percentage of traffic to send to the staging distribution.", + "title": "SingleWeightConfig" + }, + "Type": { + "markdownDescription": "The type of traffic configuration.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CodePipeline::Pipeline": { + "AWS::CloudFront::Distribution": { "additionalProperties": false, "properties": { "Condition": { @@ -43871,94 +49411,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ArtifactStore": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", - "markdownDescription": "The S3 bucket where artifacts for the pipeline are stored.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStore" - }, - "ArtifactStores": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStoreMap" - }, - "markdownDescription": "A mapping of `artifactStore` objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStores", - "type": "array" - }, - "DisableInboundStageTransitions": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageTransition" - }, - "markdownDescription": "Represents the input of a `DisableStageTransition` action.", - "title": "DisableInboundStageTransitions", - "type": "array" - }, - "ExecutionMode": { - "markdownDescription": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED.", - "title": "ExecutionMode", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the pipeline.", - "title": "Name", - "type": "string" - }, - "PipelineType": { - "markdownDescription": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications.\n\n- V1 type pipelines have a JSON structure that contains standard pipeline, stage, and action-level parameters.\n- V2 type pipelines have the same structure as a V1 type, along with additional parameters for release safety and trigger configuration.\n\n> Including V2 parameters, such as triggers on Git tags, in the pipeline JSON when creating or updating a pipeline will result in the pipeline having the V2 type of pipeline and the associated costs. \n\nFor information about pricing for CodePipeline, see [Pricing](https://docs.aws.amazon.com/codepipeline/pricing/) .\n\nFor information about which type of pipeline to choose, see [What type of pipeline is right for me?](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html) .", - "title": "PipelineType", - "type": "string" - }, - "RestartExecutionOnUpdate": { - "markdownDescription": "Indicates whether to rerun the CodePipeline pipeline after you update it.", - "title": "RestartExecutionOnUpdate", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no `actionRoleArn` , or to use to assume roles for actions with an `actionRoleArn` .", - "title": "RoleArn", - "type": "string" - }, - "Stages": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageDeclaration" - }, - "markdownDescription": "Represents information about a stage and its definition.", - "title": "Stages", - "type": "array" + "DistributionConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.DistributionConfig", + "markdownDescription": "The distribution's configuration.", + "title": "DistributionConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the tags applied to the pipeline.", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", "title": "Tags", "type": "array" - }, - "Triggers": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration" - }, - "markdownDescription": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline.\n\n> When a trigger configuration is specified, default change detection for repository and branch commits is disabled.", - "title": "Triggers", - "type": "array" - }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.VariableDeclaration" - }, - "markdownDescription": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match `[A-Za-z0-9@\\-_]+` .", - "title": "Variables", - "type": "array" } }, "required": [ - "RoleArn", - "Stages" + "DistributionConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodePipeline::Pipeline" + "AWS::CloudFront::Distribution" ], "type": "string" }, @@ -43977,740 +49451,1084 @@ ], "type": "object" }, - "AWS::CodePipeline::Pipeline.ActionDeclaration": { + "AWS::CloudFront::Distribution.CacheBehavior": { "additionalProperties": false, "properties": { - "ActionTypeId": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionTypeId", - "markdownDescription": "Specifies the action type and the provider of the action.", - "title": "ActionTypeId" + "AllowedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", + "title": "AllowedMethods", + "type": "array" }, - "Configuration": { - "markdownDescription": "The action's configuration. These are key-value pairs that specify input values for an action. For more information, see [Action Structure Requirements in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) . For the list of configuration properties for the AWS CloudFormation action type in CodePipeline, see [Configuration Properties Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-action-reference.html) in the *AWS CloudFormation User Guide* . For template snippets with examples, see [Using Parameter Override Functions with CodePipeline Pipelines](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-parameter-override-functions.html) in the *AWS CloudFormation User Guide* .\n\nThe values can be represented in either JSON or YAML format. For example, the JSON configuration item format is as follows:\n\n*JSON:*\n\n`\"Configuration\" : { Key : Value },`", - "title": "Configuration", - "type": "object" + "CachePolicyId": { + "markdownDescription": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", + "title": "CachePolicyId", + "type": "string" }, - "InputArtifacts": { + "CachedMethods": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" + "type": "string" }, - "markdownDescription": "The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .\n\n> For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* .", - "title": "InputArtifacts", + "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", + "title": "CachedMethods", "type": "array" }, - "Name": { - "markdownDescription": "The action declaration's name.", - "title": "Name", - "type": "string" + "Compress": { + "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Compress", + "type": "boolean" }, - "Namespace": { - "markdownDescription": "The variable namespace associated with the action. All variables produced as output by this action fall under this namespace.", - "title": "Namespace", + "DefaultTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultTTL", + "type": "number" + }, + "FieldLevelEncryptionId": { + "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.", + "title": "FieldLevelEncryptionId", "type": "string" }, - "OutputArtifacts": { + "ForwardedValues": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", + "title": "ForwardedValues" + }, + "FunctionAssociations": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.OutputArtifact" + "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" }, - "markdownDescription": "The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .", - "title": "OutputArtifacts", + "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the `LIVE` stage to associate them with a cache behavior.", + "title": "FunctionAssociations", "type": "array" }, - "Region": { - "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", - "title": "Region", - "type": "string" + "GrpcConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GrpcConfig", + "markdownDescription": "The gRPC configuration for your cache behavior.", + "title": "GrpcConfig" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline.", - "title": "RoleArn", - "type": "string" + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" + }, + "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", + "title": "LambdaFunctionAssociations", + "type": "array" }, - "RunOrder": { - "markdownDescription": "The order in which actions are run.", - "title": "RunOrder", + "MaxTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MaxTTL", "type": "number" }, - "TimeoutInMinutes": { - "markdownDescription": "A timeout duration in minutes that can be applied against the ActionType\u2019s default timeout value specified in [Quotas for AWS CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/limits.html) . This attribute is available only to the manual approval ActionType.", - "title": "TimeoutInMinutes", + "MinTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", + "title": "MinTTL", "type": "number" - } - }, - "required": [ - "ActionTypeId", - "Name" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.ActionTypeId": { - "additionalProperties": false, - "properties": { - "Category": { - "markdownDescription": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below.\n\n- `Source`\n- `Build`\n- `Test`\n- `Deploy`\n- `Invoke`\n- `Approval`\n- `Compute`", - "title": "Category", + }, + "OriginRequestPolicyId": { + "markdownDescription": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginRequestPolicyId", "type": "string" }, - "Owner": { - "markdownDescription": "The creator of the action being called. There are three valid values for the `Owner` field in the action category section within your pipeline structure: `AWS` , `ThirdParty` , and `Custom` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", - "title": "Owner", + "PathPattern": { + "markdownDescription": "The pattern (for example, `images/*.jpg` ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n\n> You can optionally include a slash ( `/` ) at the beginning of the path pattern. For example, `/images/*.jpg` . CloudFront behavior is the same with or without the leading `/` . \n\nThe path pattern for the default cache behavior is `*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n\nFor more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide* .", + "title": "PathPattern", "type": "string" }, - "Provider": { - "markdownDescription": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as `CodeDeploy` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", - "title": "Provider", + "RealtimeLogConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "RealtimeLogConfigArn", "type": "string" }, - "Version": { - "markdownDescription": "A string that describes the action version.", - "title": "Version", + "ResponseHeadersPolicyId": { + "markdownDescription": "The identifier for a response headers policy.", + "title": "ResponseHeadersPolicyId", "type": "string" - } - }, - "required": [ - "Category", - "Owner", - "Provider", - "Version" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.ArtifactStore": { - "additionalProperties": false, - "properties": { - "EncryptionKey": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EncryptionKey", - "markdownDescription": "The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) .", - "title": "EncryptionKey" }, - "Location": { - "markdownDescription": "The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts.", - "title": "Location", + "SmoothStreaming": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", + "title": "SmoothStreaming", + "type": "boolean" + }, + "TargetOriginId": { + "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.", + "title": "TargetOriginId", "type": "string" }, - "Type": { - "markdownDescription": "The type of the artifact store, such as S3.", - "title": "Type", + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedKeyGroups", + "type": "array" + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners", + "type": "array" + }, + "ViewerProtocolPolicy": { + "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ViewerProtocolPolicy", "type": "string" } }, "required": [ - "Location", - "Type" + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.ArtifactStoreMap": { + "AWS::CloudFront::Distribution.Cookies": { "additionalProperties": false, "properties": { - "ArtifactStore": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", - "markdownDescription": "Represents information about the S3 bucket where artifacts are stored for the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStore" - }, - "Region": { - "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", - "title": "Region", + "Forward": { + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nSpecifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the `WhitelistedNames` complex type.\n\nAmazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the `Forward` element.", + "title": "Forward", "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nRequired if you specify `whitelist` for the value of `Forward` . A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.\n\nIf you specify `all` or `none` for the value of `Forward` , omit `WhitelistedNames` . If you change the value of `Forward` from `whitelist` to `all` or `none` and you don't delete the `WhitelistedNames` element and its child elements, CloudFront deletes them automatically.\n\nFor the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *AWS General Reference* .", + "title": "WhitelistedNames", + "type": "array" } }, "required": [ - "ArtifactStore", - "Region" + "Forward" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.BlockerDeclaration": { + "AWS::CloudFront::Distribution.CustomErrorResponse": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Reserved for future use.", - "title": "Name", - "type": "string" + "ErrorCachingMinTTL": { + "markdownDescription": "The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in `ErrorCode` . When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.\n\nFor more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ErrorCachingMinTTL", + "type": "number" }, - "Type": { - "markdownDescription": "Reserved for future use.", - "title": "Type", + "ErrorCode": { + "markdownDescription": "The HTTP status code for which you want to specify a custom error page and/or a caching duration.", + "title": "ErrorCode", + "type": "number" + }, + "ResponseCode": { + "markdownDescription": "The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:\n\n- Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute `200` , the response typically won't be intercepted.\n- If you don't care about distinguishing among different client errors or server errors, you can specify `400` or `500` as the `ResponseCode` for all 4xx or 5xx errors.\n- You might want to return a `200` status code (OK) and static website so your customers don't know that your website is down.\n\nIf you specify a value for `ResponseCode` , you must also specify a value for `ResponsePagePath` .", + "title": "ResponseCode", + "type": "number" + }, + "ResponsePagePath": { + "markdownDescription": "The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by `ErrorCode` , for example, `/4xx-errors/403-forbidden.html` . If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:\n\n- The value of `PathPattern` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named `/4xx-errors` . Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, `/4xx-errors/*` .\n- The value of `TargetOriginId` specifies the value of the `ID` element for the origin that contains your custom error pages.\n\nIf you specify a value for `ResponsePagePath` , you must also specify a value for `ResponseCode` .\n\nWe recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.", + "title": "ResponsePagePath", "type": "string" } }, "required": [ - "Name", - "Type" + "ErrorCode" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.EncryptionKey": { + "AWS::CloudFront::Distribution.CustomOriginConfig": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN.\n\n> Aliases are recognized only in the account that created the AWS KMS key. For cross-account actions, you can only use the key ID or key ARN to identify the key. Cross-account actions involve using the role from the other account (AccountB), so specifying the key ID will use the key from the other account (AccountB).", - "title": "Id", - "type": "string" + "HTTPPort": { + "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", + "title": "HTTPPort", + "type": "number" }, - "Type": { - "markdownDescription": "The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'.", - "title": "Type", + "HTTPSPort": { + "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", + "title": "HTTPSPort", + "type": "number" + }, + "OriginKeepaliveTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginKeepaliveTimeout", + "type": "number" + }, + "OriginProtocolPolicy": { + "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n\n- `http-only` \u2013 CloudFront always uses HTTP to connect to the origin.\n- `match-viewer` \u2013 CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n- `https-only` \u2013 CloudFront always uses HTTPS to connect to the origin.", + "title": "OriginProtocolPolicy", "type": "string" + }, + "OriginReadTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginReadTimeout", + "type": "number" + }, + "OriginSSLProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", + "type": "array" } }, "required": [ - "Id", - "Type" + "OriginProtocolPolicy" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitBranchFilterCriteria": { + "AWS::CloudFront::Distribution.DefaultCacheBehavior": { "additionalProperties": false, "properties": { - "Excludes": { + "AllowedMethods": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", + "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", + "title": "AllowedMethods", "type": "array" }, - "Includes": { + "CachePolicyId": { + "markdownDescription": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", + "title": "CachePolicyId", + "type": "string" + }, + "CachedMethods": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", + "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", + "title": "CachedMethods", "type": "array" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.GitConfiguration": { - "additionalProperties": false, - "properties": { - "PullRequest": { + }, + "Compress": { + "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify `true` ; if not, specify `false` . For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Compress", + "type": "boolean" + }, + "DefaultTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultTTL", + "type": "number" + }, + "FieldLevelEncryptionId": { + "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior.", + "title": "FieldLevelEncryptionId", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", + "title": "ForwardedValues" + }, + "FunctionAssociations": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPullRequestFilter" + "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" }, - "markdownDescription": "The field where the repository event that will start the pipeline is specified as pull requests.", - "title": "PullRequest", + "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the `LIVE` stage to associate them with a cache behavior.", + "title": "FunctionAssociations", "type": "array" }, - "Push": { + "GrpcConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GrpcConfig", + "markdownDescription": "The gRPC configuration for your cache behavior.", + "title": "GrpcConfig" + }, + "LambdaFunctionAssociations": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPushFilter" + "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" }, - "markdownDescription": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details.", - "title": "Push", + "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", + "title": "LambdaFunctionAssociations", "type": "array" }, - "SourceActionName": { - "markdownDescription": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only.\n\n> You can only specify one trigger configuration per source action.", - "title": "SourceActionName", + "MaxTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MaxTTL", + "type": "number" + }, + "MinTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", + "title": "MinTTL", + "type": "number" + }, + "OriginRequestPolicyId": { + "markdownDescription": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginRequestPolicyId", + "type": "string" + }, + "RealtimeLogConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "RealtimeLogConfigArn", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "markdownDescription": "The identifier for a response headers policy.", + "title": "ResponseHeadersPolicyId", + "type": "string" + }, + "SmoothStreaming": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", + "title": "SmoothStreaming", + "type": "boolean" + }, + "TargetOriginId": { + "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they use the default cache behavior.", + "title": "TargetOriginId", + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedKeyGroups", + "type": "array" + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners", + "type": "array" + }, + "ViewerProtocolPolicy": { + "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ViewerProtocolPolicy", "type": "string" } }, "required": [ - "SourceActionName" + "TargetOriginId", + "ViewerProtocolPolicy" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria": { + "AWS::CloudFront::Distribution.Definition": { "additionalProperties": false, "properties": { - "Excludes": { + "StringSchema": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.StringSchema", + "markdownDescription": "", + "title": "StringSchema" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", + "title": "Aliases", "type": "array" }, - "Includes": { + "AnycastIpListId": { + "markdownDescription": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nID of the Anycast static IP list that is associated with the distribution.", + "title": "AnycastIpListId", + "type": "string" + }, + "CNAMEs": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", + "markdownDescription": "An alias for the CloudFront distribution's domain name.\n\n> This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead.", + "title": "CNAMEs", + "type": "array" + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CacheBehavior" + }, + "markdownDescription": "A complex type that contains zero or more `CacheBehavior` elements.", + "title": "CacheBehaviors", + "type": "array" + }, + "Comment": { + "markdownDescription": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "ConnectionMode": { + "markdownDescription": "This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants (tenant-only).", + "title": "ConnectionMode", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", + "title": "ContinuousDeploymentPolicyId", + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomErrorResponse" + }, + "markdownDescription": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", + "title": "CustomErrorResponses", + "type": "array" + }, + "CustomOrigin": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyCustomOrigin", + "markdownDescription": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", + "title": "CustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.DefaultCacheBehavior", + "markdownDescription": "A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.", + "title": "DefaultCacheBehavior" + }, + "DefaultRootObject": { + "markdownDescription": "When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. For example, if your root URL is `https://www.example.com` , you can specify CloudFront to return the `index.html` file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, `https://www.example.com/product-description.html` ). A default root object avoids exposing the contents of your distribution.\n\nYou can specify the object name or a path to the object name (for example, `index.html` or `exampleFolderName/index.html` ). Your string can't begin with a forward slash ( `/` ). Only specify the object name or the path to the object.\n\nIf you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element.\n\nTo delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element.\n\nTo replace the default root object, update the distribution configuration and specify the new object.\n\nFor more information about the default root object, see [Specify a default root object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultRootObject", + "type": "string" + }, + "Enabled": { + "markdownDescription": "From this field, you can enable or disable the selected distribution.", + "title": "Enabled", + "type": "boolean" + }, + "HttpVersion": { + "markdownDescription": "(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . The default value for new distributions is `http1.1` .\n\nFor viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n\nFor viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) .", + "title": "HttpVersion", + "type": "string" + }, + "IPV6Enabled": { + "markdownDescription": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nIf you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", + "title": "IPV6Enabled", + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Logging", + "markdownDescription": "A complex type that controls whether access logs are written for the distribution.\n\nFor more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroups", + "markdownDescription": "A complex type that contains information about origin groups for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", + "title": "OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Origin" + }, + "markdownDescription": "A complex type that contains information about origins for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", + "title": "Origins", "type": "array" + }, + "PriceClass": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", + "title": "PriceClass", + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Restrictions", + "markdownDescription": "A complex type that identifies ways in which you want to restrict distribution of your content.", + "title": "Restrictions" + }, + "S3Origin": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyS3Origin", + "markdownDescription": "The origin as an Amazon S3 bucket.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", + "title": "S3Origin" + }, + "Staging": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", + "title": "Staging", + "type": "boolean" + }, + "TenantConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.TenantConfig", + "markdownDescription": "> This field only supports multi-tenant distributions. You can't specify this field for standard distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA distribution tenant configuration.", + "title": "TenantConfig" + }, + "ViewerCertificate": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ViewerCertificate", + "markdownDescription": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.", + "title": "ViewerCertificate" + }, + "WebACLId": { + "markdownDescription": "> Multi-tenant distributions only support AWS WAF V2 web ACLs. \n\nA unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) .", + "title": "WebACLId", + "type": "string" } }, + "required": [ + "DefaultCacheBehavior", + "Enabled" + ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitPullRequestFilter": { + "AWS::CloudFront::Distribution.ForwardedValues": { "additionalProperties": false, "properties": { - "Branches": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", - "markdownDescription": "The field that specifies to filter on branches for the pull request trigger configuration.", - "title": "Branches" + "Cookies": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Cookies", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Cookies" }, - "Events": { + "Headers": { "items": { "type": "string" }, - "markdownDescription": "The field that specifies which pull request events to filter on (OPEN, UPDATED, CLOSED) for the trigger configuration.", - "title": "Events", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies the `Headers` , if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.\n\nFor more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Headers", "type": "array" }, - "FilePaths": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", - "markdownDescription": "The field that specifies to filter on file paths for the pull request trigger configuration.", - "title": "FilePaths" + "QueryString": { + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nIndicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of `QueryString` and on the values that you specify for `QueryStringCacheKeys` , if any:\n\nIf you specify true for `QueryString` and you don't specify any values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.\n\nIf you specify true for `QueryString` and you specify one or more values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.\n\nIf you specify false for `QueryString` , CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.\n\nFor more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide* .", + "title": "QueryString", + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.", + "title": "QueryStringCacheKeys", + "type": "array" } }, + "required": [ + "QueryString" + ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitPushFilter": { + "AWS::CloudFront::Distribution.FunctionAssociation": { "additionalProperties": false, "properties": { - "Branches": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", - "markdownDescription": "The field that specifies to filter on branches for the push trigger configuration.", - "title": "Branches" - }, - "FilePaths": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", - "markdownDescription": "The field that specifies to filter on file paths for the push trigger configuration.", - "title": "FilePaths" + "EventType": { + "markdownDescription": "The event type of the function, either `viewer-request` or `viewer-response` . You cannot use origin-facing event types ( `origin-request` and `origin-response` ) with a CloudFront function.", + "title": "EventType", + "type": "string" }, - "Tags": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitTagFilterCriteria", - "markdownDescription": "The field that contains the details for the Git tags trigger configuration.", - "title": "Tags" + "FunctionARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function.", + "title": "FunctionARN", + "type": "string" } }, "type": "object" }, - "AWS::CodePipeline::Pipeline.GitTagFilterCriteria": { + "AWS::CloudFront::Distribution.GeoRestriction": { "additionalProperties": false, "properties": { - "Excludes": { + "Locations": { "items": { "type": "string" }, - "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", + "markdownDescription": "A complex type that contains a `Location` element for each country in which you want CloudFront either to distribute your content ( `whitelist` ) or not distribute your content ( `blacklist` ).\n\nThe `Location` element is a two-letter, uppercase country code for a country that you want to include in your `blacklist` or `whitelist` . Include one `Location` element for each country.\n\nCloudFront and `MaxMind` both use `ISO 3166` country codes. For the current list of countries and the corresponding codes, see `ISO 3166-1-alpha-2` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.", + "title": "Locations", "type": "array" }, - "Includes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.InputArtifact": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the artifact to be worked on (for example, \"My App\").\n\nArtifacts are the files that are worked on by actions in the pipeline. See the action configuration for each action for details about artifact parameters. For example, the S3 source action input artifact is a file name (or file path), and the files are generally provided as a ZIP file. Example artifact name: SampleApp_Windows.zip\n\nThe input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.", - "title": "Name", + "RestrictionType": { + "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geo restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", + "title": "RestrictionType", "type": "string" } }, "required": [ - "Name" + "RestrictionType" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.OutputArtifact": { + "AWS::CloudFront::Distribution.GrpcConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the output of an artifact, such as \"My App\".\n\nThe output artifact name must exactly match the input artifact declared for a downstream action. However, the downstream action's input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.\n\nOutput artifact names must be unique within a pipeline.", - "title": "Name", - "type": "string" + "Enabled": { + "markdownDescription": "Enables your CloudFront distribution to receive gRPC requests and to proxy them directly to your origins.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Name" + "Enabled" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration": { + "AWS::CloudFront::Distribution.LambdaFunctionAssociation": { "additionalProperties": false, "properties": { - "GitConfiguration": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitConfiguration", - "markdownDescription": "Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags.", - "title": "GitConfiguration" + "EventType": { + "markdownDescription": "Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values:\n\n- `viewer-request` : The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache.\n- `origin-request` : The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute.\n- `origin-response` : The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.\n- `viewer-response` : The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.\n\nIf the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.", + "title": "EventType", + "type": "string" }, - "ProviderType": { - "markdownDescription": "The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration.", - "title": "ProviderType", + "IncludeBody": { + "markdownDescription": "A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide.", + "title": "IncludeBody", + "type": "boolean" + }, + "LambdaFunctionARN": { + "markdownDescription": "The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST.", + "title": "LambdaFunctionARN", "type": "string" } }, - "required": [ - "ProviderType" - ], "type": "object" }, - "AWS::CodePipeline::Pipeline.StageDeclaration": { + "AWS::CloudFront::Distribution.LegacyCustomOrigin": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionDeclaration" - }, - "markdownDescription": "The actions included in a stage.", - "title": "Actions", - "type": "array" + "DNSName": { + "markdownDescription": "The domain name assigned to your CloudFront distribution.", + "title": "DNSName", + "type": "string" }, - "Blockers": { + "HTTPPort": { + "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", + "title": "HTTPPort", + "type": "number" + }, + "HTTPSPort": { + "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", + "title": "HTTPSPort", + "type": "number" + }, + "OriginProtocolPolicy": { + "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin.", + "title": "OriginProtocolPolicy", + "type": "string" + }, + "OriginSSLProtocols": { "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BlockerDeclaration" + "type": "string" }, - "markdownDescription": "Reserved for future use.", - "title": "Blockers", + "markdownDescription": "The minimum SSL/TLS protocol version that CloudFront uses when communicating with your origin server over HTTPs.\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", "type": "array" - }, - "Name": { - "markdownDescription": "The name of the stage.", - "title": "Name", - "type": "string" } }, "required": [ - "Actions", - "Name" + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.StageTransition": { + "AWS::CloudFront::Distribution.LegacyS3Origin": { "additionalProperties": false, "properties": { - "Reason": { - "markdownDescription": "The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI.", - "title": "Reason", + "DNSName": { + "markdownDescription": "The domain name assigned to your CloudFront distribution.", + "title": "DNSName", "type": "string" }, - "StageName": { - "markdownDescription": "The name of the stage where you want to disable the inbound or outbound transition of artifacts.", - "title": "StageName", + "OriginAccessIdentity": { + "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 through CloudFront .\n\n> This property is legacy. We recommend that you use [OriginAccessControl](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html) instead.", + "title": "OriginAccessIdentity", "type": "string" } }, "required": [ - "Reason", - "StageName" + "DNSName" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.VariableDeclaration": { + "AWS::CloudFront::Distribution.Logging": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "The value of a pipeline-level variable.", - "title": "DefaultValue", + "Bucket": { + "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", + "title": "Bucket", "type": "string" }, - "Description": { - "markdownDescription": "The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes.", - "title": "Description", - "type": "string" + "IncludeCookies": { + "markdownDescription": "Specifies whether you want CloudFront to include cookies in access logs, specify `true` for `IncludeCookies` . If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify `false` for `IncludeCookies` .", + "title": "IncludeCookies", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of a pipeline-level variable.", - "title": "Name", + "Prefix": { + "markdownDescription": "An optional string that you want CloudFront to prefix to the access log `filenames` for this distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", + "title": "Prefix", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::CodePipeline::Webhook": { + "AWS::CloudFront::Distribution.Origin": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ConnectionAttempts": { + "markdownDescription": "The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3.\n\nFor a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) .\n\nFor more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide* .", + "title": "ConnectionAttempts", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ConnectionTimeout": { + "markdownDescription": "The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds.\n\nFor more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide* .", + "title": "ConnectionTimeout", + "type": "number" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomOriginConfig", + "markdownDescription": "Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the `S3OriginConfig` type instead.", + "title": "CustomOriginConfig" + }, + "DomainName": { + "markdownDescription": "The domain name for the origin.\n\nFor more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide* .", + "title": "DomainName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Id": { + "markdownDescription": "A unique identifier for the origin. This value must be unique within the distribution.\n\nUse this value to specify the `TargetOriginId` in a `CacheBehavior` or `DefaultCacheBehavior` .", + "title": "Id", + "type": "string" }, - "Metadata": { - "type": "object" + "OriginAccessControlId": { + "markdownDescription": "The unique identifier of an origin access control for this origin.\n\nFor more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessControlId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Authentication": { - "markdownDescription": "Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response. \n\n- For information about the authentication scheme implemented by GITHUB_HMAC, see [Securing your webhooks](https://docs.aws.amazon.com/https://developer.github.com/webhooks/securing/) on the GitHub Developer website.\n- IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.\n- UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.", - "title": "Authentication", - "type": "string" - }, - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookAuthConfiguration", - "markdownDescription": "Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the `SecretToken` property must be set. For IP, only the `AllowedIPRange` property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.", - "title": "AuthenticationConfiguration" - }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookFilterRule" - }, - "markdownDescription": "A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.", - "title": "Filters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the webhook.", - "title": "Name", - "type": "string" - }, - "RegisterWithThirdParty": { - "markdownDescription": "Configures a connection between the webhook that was created and the external tool with events to be detected.", - "title": "RegisterWithThirdParty", - "type": "boolean" - }, - "TargetAction": { - "markdownDescription": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.", - "title": "TargetAction", - "type": "string" - }, - "TargetPipeline": { - "markdownDescription": "The name of the pipeline you want to connect to the webhook.", - "title": "TargetPipeline", - "type": "string" - }, - "TargetPipelineVersion": { - "markdownDescription": "The version number of the pipeline to be connected to the trigger request.\n\nRequired: Yes\n\nType: Integer\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", - "title": "TargetPipelineVersion", - "type": "number" - } + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginCustomHeader" }, - "required": [ - "Authentication", - "AuthenticationConfiguration", - "Filters", - "TargetAction", - "TargetPipeline", - "TargetPipelineVersion" - ], - "type": "object" + "markdownDescription": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n\nFor more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginCustomHeaders", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CodePipeline::Webhook" - ], + "OriginPath": { + "markdownDescription": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n\nFor more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginPath", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "OriginShield": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginShield", + "markdownDescription": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n\nFor more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginShield" + }, + "ResponseCompletionTimeout": { + "markdownDescription": "", + "title": "ResponseCompletionTimeout", + "type": "number" + }, + "S3OriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.S3OriginConfig", + "markdownDescription": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the `CustomOriginConfig` type instead.", + "title": "S3OriginConfig" + }, + "VpcOriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.VpcOriginConfig", + "markdownDescription": "The VPC origin configuration.", + "title": "VpcOriginConfig" } }, "required": [ - "Type", - "Properties" + "DomainName", + "Id" ], "type": "object" }, - "AWS::CodePipeline::Webhook.WebhookAuthConfiguration": { + "AWS::CloudFront::Distribution.OriginCustomHeader": { "additionalProperties": false, "properties": { - "AllowedIPRange": { - "markdownDescription": "The property used to configure acceptance of webhooks in an IP address range. For IP, only the `AllowedIPRange` property must be set. This property must be set to a valid CIDR range.", - "title": "AllowedIPRange", + "HeaderName": { + "markdownDescription": "The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", + "title": "HeaderName", "type": "string" }, - "SecretToken": { - "markdownDescription": "The property used to configure GitHub authentication. For GITHUB_HMAC, only the `SecretToken` property must be set.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response.", - "title": "SecretToken", + "HeaderValue": { + "markdownDescription": "The value for the header that you specified in the `HeaderName` field.", + "title": "HeaderValue", "type": "string" } }, + "required": [ + "HeaderName", + "HeaderValue" + ], "type": "object" }, - "AWS::CodePipeline::Webhook.WebhookFilterRule": { + "AWS::CloudFront::Distribution.OriginGroup": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "A JsonPath expression that is applied to the body/payload of the webhook. The value selected by the JsonPath expression must match the value specified in the `MatchEquals` field. Otherwise, the request is ignored. For more information, see [Java JsonPath implementation](https://docs.aws.amazon.com/https://github.com/json-path/JsonPath) in GitHub.", - "title": "JsonPath", + "FailoverCriteria": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupFailoverCriteria", + "markdownDescription": "A complex type that contains information about the failover criteria for an origin group.", + "title": "FailoverCriteria" + }, + "Id": { + "markdownDescription": "The origin group's ID.", + "title": "Id", "type": "string" }, - "MatchEquals": { - "markdownDescription": "The value selected by the `JsonPath` expression must match what is supplied in the `MatchEquals` field. Otherwise, the request is ignored. Properties from the target action configuration can be included as placeholders in this value by surrounding the action configuration key with curly brackets. For example, if the value supplied here is \"refs/heads/{Branch}\" and the target action has an action configuration property called \"Branch\" with a value of \"main\", the `MatchEquals` value is evaluated as \"refs/heads/main\". For a list of action configuration properties for built-in action types, see [Pipeline Structure Reference Action Requirements](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) .", - "title": "MatchEquals", + "Members": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMembers", + "markdownDescription": "A complex type that contains information about the origins in an origin group.", + "title": "Members" + }, + "SelectionCriteria": { + "markdownDescription": "The selection criteria for the origin group. For more information, see [Create an origin group](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html#concept_origin_groups.creating) in the *Amazon CloudFront Developer Guide* .", + "title": "SelectionCriteria", "type": "string" } }, "required": [ - "JsonPath" + "FailoverCriteria", + "Id", + "Members" ], "type": "object" }, - "AWS::CodeStar::GitHubRepository": { + "AWS::CloudFront::Distribution.OriginGroupFailoverCriteria": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StatusCodes": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.StatusCodes", + "markdownDescription": "The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin.", + "title": "StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "markdownDescription": "The ID for an origin in an origin group.", + "title": "OriginId", "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMember" + }, + "markdownDescription": "Items (origins) in an origin group.", + "title": "Items", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Quantity": { + "markdownDescription": "The number of origins in an origin group.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Items", + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroup" + }, + "markdownDescription": "The items (origin groups) in a distribution.", + "title": "Items", + "type": "array" }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Code": { - "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.Code", - "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack.", - "title": "Code" - }, - "ConnectionArn": { - "markdownDescription": "", - "title": "ConnectionArn", - "type": "string" - }, - "EnableIssues": { - "markdownDescription": "Indicates whether to enable issues for the GitHub repository. You can use GitHub issues to track information and bugs for your repository.", - "title": "EnableIssues", - "type": "boolean" - }, - "IsPrivate": { - "markdownDescription": "Indicates whether the GitHub repository is a private repository. If so, you choose who can see and commit to this repository.", - "title": "IsPrivate", - "type": "boolean" - }, - "RepositoryAccessToken": { - "markdownDescription": "The GitHub user's personal access token for the GitHub repository.", - "title": "RepositoryAccessToken", - "type": "string" - }, - "RepositoryDescription": { - "markdownDescription": "A comment or description about the new repository. This description is displayed in GitHub after the repository is created.", - "title": "RepositoryDescription", - "type": "string" - }, - "RepositoryName": { - "markdownDescription": "The name of the repository you want to create in GitHub with AWS CloudFormation stack creation.", - "title": "RepositoryName", - "type": "string" - }, - "RepositoryOwner": { - "markdownDescription": "The GitHub user name for the owner of the GitHub repository to be created. If this repository should be owned by a GitHub organization, provide its name.", - "title": "RepositoryOwner", - "type": "string" - } - }, - "required": [ - "RepositoryName", - "RepositoryOwner" - ], - "type": "object" + "Quantity": { + "markdownDescription": "The number of origin groups.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A flag that specifies whether Origin Shield is enabled.\n\nWhen it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches.", + "title": "Enabled", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::CodeStar::GitHubRepository" - ], + "OriginShieldRegion": { + "markdownDescription": "The AWS Region for Origin Shield.\n\nSpecify the AWS Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2` .\n\nWhen you enable CloudFront Origin Shield, you must specify the AWS Region for Origin Shield. For the list of AWS Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the AWS Region for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginShieldRegion", "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.ParameterDefinition": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Definition", + "markdownDescription": "The value that you assigned to the parameter.", + "title": "Definition" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the parameter.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Definition", + "Name" ], "type": "object" }, - "AWS::CodeStar::GitHubRepository.Code": { + "AWS::CloudFront::Distribution.Restrictions": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.S3", - "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository.", - "title": "S3" + "GeoRestriction": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GeoRestriction", + "markdownDescription": "A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using `MaxMind` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template.", + "title": "GeoRestriction" } }, "required": [ - "S3" + "GeoRestriction" ], "type": "object" }, - "AWS::CodeStar::GitHubRepository.S3": { + "AWS::CloudFront::Distribution.S3OriginConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content to be committed to the new repository.", - "title": "Bucket", + "OriginAccessIdentity": { + "markdownDescription": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessIdentity", "type": "string" }, - "Key": { - "markdownDescription": "The S3 object key or file name for the ZIP file.", - "title": "Key", + "OriginReadTimeout": { + "markdownDescription": "", + "title": "OriginReadTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "number" + }, + "markdownDescription": "The items (status codes) for an origin group.", + "title": "Items", + "type": "array" + }, + "Quantity": { + "markdownDescription": "The number of status codes.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Items", + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.StringSchema": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "", + "title": "Comment", "type": "string" }, - "ObjectVersion": { - "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket.", - "title": "ObjectVersion", + "DefaultValue": { + "markdownDescription": "", + "title": "DefaultValue", "type": "string" + }, + "Required": { + "markdownDescription": "", + "title": "Required", + "type": "boolean" } }, "required": [ - "Bucket", - "Key" + "Required" ], "type": "object" }, - "AWS::CodeStarConnections::Connection": { + "AWS::CloudFront::Distribution.TenantConfig": { + "additionalProperties": false, + "properties": { + "ParameterDefinitions": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ParameterDefinition" + }, + "markdownDescription": "The parameters that you specify for a distribution tenant.", + "title": "ParameterDefinitions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.ViewerCertificate": { + "additionalProperties": false, + "properties": { + "AcmCertificateArn": { + "markdownDescription": "> In CloudFormation, this field name is `AcmCertificateArn` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate Manager (ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) , provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region ( `us-east-1` ).\n\nIf you specify an ACM certificate ARN, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", + "title": "AcmCertificateArn", + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "markdownDescription": "If the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , set this field to `true` .\n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n\n- `AcmCertificateArn` or `IamCertificateId` (specify a value for one, not both)\n- `MinimumProtocolVersion`\n- `SslSupportMethod`", + "title": "CloudFrontDefaultCertificate", + "type": "boolean" + }, + "IamCertificateId": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . > In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", + "title": "IamCertificateId", + "type": "string" + }, + "MinimumProtocolVersion": { + "markdownDescription": "If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n\n- The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n- The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n\nFor more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide* .\n\n> On the CloudFront console, this setting is called *Security Policy* . \n\nWhen you're using SNI only (you set `SSLSupportMethod` to `sni-only` ), you must specify `TLSv1` or higher. (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` (you set `CloudFrontDefaultCertificate` to `true` ), CloudFront automatically sets the security policy to `TLSv1` regardless of the value that you set here.", + "title": "MinimumProtocolVersion", + "type": "string" + }, + "SslSupportMethod": { + "markdownDescription": "> In CloudFormation, this field name is `SslSupportMethod` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n\n- `sni-only` \u2013 The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) . This is recommended. Most browsers and clients support SNI.\n- `vip` \u2013 The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n- `static-ip` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Support Center](https://docs.aws.amazon.com/support/home) .\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , don't set a value for this field.", + "title": "SslSupportMethod", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.VpcOriginConfig": { + "additionalProperties": false, + "properties": { + "OriginKeepaliveTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginKeepaliveTimeout", + "type": "number" + }, + "OriginReadTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginReadTimeout", + "type": "number" + }, + "VpcOriginId": { + "markdownDescription": "The VPC origin ID.", + "title": "VpcOriginId", + "type": "string" + } + }, + "required": [ + "VpcOriginId" + ], + "type": "object" + }, + "AWS::CloudFront::DistributionTenant": { "additionalProperties": false, "properties": { "Condition": { @@ -44745,38 +50563,71 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", - "title": "ConnectionName", + "ConnectionGroupId": { + "markdownDescription": "The ID of the connection group for the distribution tenant. If you don't specify a connection group, CloudFront uses the default connection group.", + "title": "ConnectionGroupId", "type": "string" }, - "HostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", - "title": "HostArn", + "Customizations": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Customizations", + "markdownDescription": "Customizations for the distribution tenant. For each distribution tenant, you can specify the geographic restrictions, and the Amazon Resource Names (ARNs) for the ACM certificate and AWS WAF web ACL. These are specific values that you can override or disable from the multi-tenant distribution that was used to create the distribution tenant.", + "title": "Customizations" + }, + "DistributionId": { + "markdownDescription": "The ID of the multi-tenant distribution.", + "title": "DistributionId", "type": "string" }, - "ProviderType": { - "markdownDescription": "The name of the external provider where your third-party code repository is configured.", - "title": "ProviderType", + "Domains": { + "items": { + "type": "string" + }, + "markdownDescription": "The domains associated with the distribution tenant.", + "title": "Domains", + "type": "array" + }, + "Enabled": { + "markdownDescription": "Indicates whether the distribution tenant is in an enabled state. If disabled, the distribution tenant won't serve traffic.", + "title": "Enabled", + "type": "boolean" + }, + "ManagedCertificateRequest": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.ManagedCertificateRequest", + "markdownDescription": "An object that represents the request for the Amazon CloudFront managed ACM certificate.", + "title": "ManagedCertificateRequest" + }, + "Name": { + "markdownDescription": "The name of the distribution tenant.", + "title": "Name", "type": "string" }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Parameter" + }, + "markdownDescription": "A list of parameter values to add to the resource. A parameter is specified as a key-value pair. A valid parameter value must exist for any parameter that is marked as required in the multi-tenant distribution.", + "title": "Parameters", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the tags applied to the resource.", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", "title": "Tags", "type": "array" } }, "required": [ - "ConnectionName" + "DistributionId", + "Domains", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::Connection" + "AWS::CloudFront::DistributionTenant" ], "type": "string" }, @@ -44795,7 +50646,127 @@ ], "type": "object" }, - "AWS::CodeStarConnections::RepositoryLink": { + "AWS::CloudFront::DistributionTenant.Certificate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the ACM certificate.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.Customizations": { + "additionalProperties": false, + "properties": { + "Certificate": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Certificate", + "markdownDescription": "The AWS Certificate Manager (ACM) certificate.", + "title": "Certificate" + }, + "GeoRestrictions": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.GeoRestrictionCustomization", + "markdownDescription": "The geographic restrictions.", + "title": "GeoRestrictions" + }, + "WebAcl": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.WebAclCustomization", + "markdownDescription": "The AWS WAF web ACL.", + "title": "WebAcl" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.DomainResult": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The specified domain.", + "title": "Domain", + "type": "string" + }, + "Status": { + "markdownDescription": "Whether the domain is active or inactive.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.GeoRestrictionCustomization": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "type": "string" + }, + "markdownDescription": "The locations for geographic restrictions.", + "title": "Locations", + "type": "array" + }, + "RestrictionType": { + "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geographic restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", + "title": "RestrictionType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.ManagedCertificateRequest": { + "additionalProperties": false, + "properties": { + "CertificateTransparencyLoggingPreference": { + "markdownDescription": "You can opt out of certificate transparency logging by specifying the `disabled` option. Opt in by specifying `enabled` . For more information, see [Certificate Transparency Logging](https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateTransparencyLoggingPreference", + "type": "string" + }, + "PrimaryDomainName": { + "markdownDescription": "The primary domain name associated with the CloudFront managed ACM certificate.", + "title": "PrimaryDomainName", + "type": "string" + }, + "ValidationTokenHost": { + "markdownDescription": "Specify how the HTTP validation token will be served when requesting the CloudFront managed ACM certificate.\n\n- For `cloudfront` , CloudFront will automatically serve the validation token. Choose this mode if you can point the domain's DNS to CloudFront immediately.\n- For `self-hosted` , you serve the validation token from your existing infrastructure. Choose this mode when you need to maintain current traffic flow while your certificate is being issued. You can place the validation token at the well-known path on your existing web server, wait for ACM to validate and issue the certificate, and then update your DNS to point to CloudFront.", + "title": "ValidationTokenHost", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.Parameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The parameter name.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The parameter value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.WebAclCustomization": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action for the AWS WAF web ACL customization. You can specify `override` to specify a separate AWS WAF web ACL for the distribution tenant. If you specify `disable` , the distribution tenant won't have AWS WAF web ACL protections and won't inherit from the multi-tenant distribution.", + "title": "Action", + "type": "string" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS WAF web ACL.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Function": { "additionalProperties": false, "properties": { "Condition": { @@ -44830,45 +50801,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connection associated with the repository link.", - "title": "ConnectionArn", - "type": "string" + "AutoPublish": { + "markdownDescription": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it\u2019s created. To automatically publish to the `LIVE` stage, set this property to `true` .", + "title": "AutoPublish", + "type": "boolean" }, - "EncryptionKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the encryption key for the repository associated with the repository link.", - "title": "EncryptionKeyArn", + "FunctionCode": { + "markdownDescription": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .", + "title": "FunctionCode", "type": "string" }, - "OwnerId": { - "markdownDescription": "The owner ID for the repository associated with the repository link, such as the owner ID in GitHub.", - "title": "OwnerId", - "type": "string" + "FunctionConfig": { + "$ref": "#/definitions/AWS::CloudFront::Function.FunctionConfig", + "markdownDescription": "Contains configuration information about a CloudFront function.", + "title": "FunctionConfig" }, - "RepositoryName": { - "markdownDescription": "The name of the repository associated with the repository link.", - "title": "RepositoryName", - "type": "string" + "FunctionMetadata": { + "$ref": "#/definitions/AWS::CloudFront::Function.FunctionMetadata", + "markdownDescription": "Contains metadata about a CloudFront function.", + "title": "FunctionMetadata" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the repository to be associated with the repository link.", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "A name to identify the function.", + "title": "Name", + "type": "string" } }, "required": [ - "ConnectionArn", - "OwnerId", - "RepositoryName" + "FunctionCode", + "FunctionConfig", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::RepositoryLink" + "AWS::CloudFront::Function" ], "type": "string" }, @@ -44887,7 +50855,60 @@ ], "type": "object" }, - "AWS::CodeStarConnections::SyncConfiguration": { + "AWS::CloudFront::Function.FunctionConfig": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "A comment to describe the function.", + "title": "Comment", + "type": "string" + }, + "KeyValueStoreAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Function.KeyValueStoreAssociation" + }, + "markdownDescription": "The configuration for the key value store associations.", + "title": "KeyValueStoreAssociations", + "type": "array" + }, + "Runtime": { + "markdownDescription": "The function's runtime environment version.", + "title": "Runtime", + "type": "string" + } + }, + "required": [ + "Comment", + "Runtime" + ], + "type": "object" + }, + "AWS::CloudFront::Function.FunctionMetadata": { + "additionalProperties": false, + "properties": { + "FunctionARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function.", + "title": "FunctionARN", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Function.KeyValueStoreAssociation": { + "additionalProperties": false, + "properties": { + "KeyValueStoreARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the key value store association.", + "title": "KeyValueStoreARN", + "type": "string" + } + }, + "required": [ + "KeyValueStoreARN" + ], + "type": "object" + }, + "AWS::CloudFront::KeyGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -44922,60 +50943,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Branch": { - "markdownDescription": "The branch associated with a specific sync configuration.", - "title": "Branch", - "type": "string" - }, - "ConfigFile": { - "markdownDescription": "The file path to the configuration file associated with a specific sync configuration. The path should point to an actual file in the sync configurations linked repository.", - "title": "ConfigFile", - "type": "string" - }, - "PublishDeploymentStatus": { - "markdownDescription": "Whether to enable or disable publishing of deployment status to source providers.", - "title": "PublishDeploymentStatus", - "type": "string" - }, - "RepositoryLinkId": { - "markdownDescription": "The ID of the repository link associated with a specific sync configuration.", - "title": "RepositoryLinkId", - "type": "string" - }, - "ResourceName": { - "markdownDescription": "The name of the connection resource associated with a specific sync configuration.", - "title": "ResourceName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role associated with a specific sync configuration.", - "title": "RoleArn", - "type": "string" - }, - "SyncType": { - "markdownDescription": "The type of sync for a specific sync configuration.", - "title": "SyncType", - "type": "string" - }, - "TriggerResourceUpdateOn": { - "markdownDescription": "When to trigger Git sync to begin the stack update.", - "title": "TriggerResourceUpdateOn", - "type": "string" + "KeyGroupConfig": { + "$ref": "#/definitions/AWS::CloudFront::KeyGroup.KeyGroupConfig", + "markdownDescription": "The key group configuration.", + "title": "KeyGroupConfig" } }, "required": [ - "Branch", - "ConfigFile", - "RepositoryLinkId", - "ResourceName", - "RoleArn", - "SyncType" + "KeyGroupConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::SyncConfiguration" + "AWS::CloudFront::KeyGroup" ], "type": "string" }, @@ -44994,7 +50975,35 @@ ], "type": "object" }, - "AWS::CodeStarNotifications::NotificationRule": { + "AWS::CloudFront::KeyGroup.KeyGroupConfig": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "A comment to describe the key group. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the identifiers of the public keys in the key group.", + "title": "Items", + "type": "array" + }, + "Name": { + "markdownDescription": "A name to identify the key group.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Items", + "Name" + ], + "type": "object" + }, + "AWS::CloudFront::KeyValueStore": { "additionalProperties": false, "properties": { "Condition": { @@ -45029,81 +51038,30 @@ "Properties": { "additionalProperties": false, "properties": { - "CreatedBy": { - "markdownDescription": "The name or email alias of the person who created the notification rule.", - "title": "CreatedBy", - "type": "string" - }, - "DetailType": { - "markdownDescription": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created.", - "title": "DetailType", - "type": "string" - }, - "EventTypeId": { - "markdownDescription": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", - "title": "EventTypeId", + "Comment": { + "markdownDescription": "A comment for the key value store.", + "title": "Comment", "type": "string" }, - "EventTypeIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", - "title": "EventTypeIds", - "type": "array" + "ImportSource": { + "$ref": "#/definitions/AWS::CloudFront::KeyValueStore.ImportSource", + "markdownDescription": "The import source for the key value store.", + "title": "ImportSource" }, "Name": { - "markdownDescription": "The name for the notification rule. Notification rule names must be unique in your AWS account .", + "markdownDescription": "The name of the key value store.", "title": "Name", "type": "string" - }, - "Resource": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild .", - "title": "Resource", - "type": "string" - }, - "Status": { - "markdownDescription": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule.", - "title": "Status", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \".", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "TargetAddress": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic or client.", - "title": "TargetAddress", - "type": "string" - }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::CodeStarNotifications::NotificationRule.Target" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and clients to associate with the notification rule.", - "title": "Targets", - "type": "array" } }, "required": [ - "DetailType", - "EventTypeIds", - "Name", - "Resource", - "Targets" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarNotifications::NotificationRule" + "AWS::CloudFront::KeyValueStore" ], "type": "string" }, @@ -45122,27 +51080,27 @@ ], "type": "object" }, - "AWS::CodeStarNotifications::NotificationRule.Target": { + "AWS::CloudFront::KeyValueStore.ImportSource": { "additionalProperties": false, "properties": { - "TargetAddress": { - "markdownDescription": "The Amazon Resource Name (ARN) of the topic or client.", - "title": "TargetAddress", + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the import source for the key value store.", + "title": "SourceArn", "type": "string" }, - "TargetType": { - "markdownDescription": "The target type. Can be an Amazon Simple Notification Service topic or client.\n\n- Amazon Simple Notification Service topics are specified as `SNS` .\n- clients are specified as `AWSChatbotSlack` .\n- clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .", - "title": "TargetType", + "SourceType": { + "markdownDescription": "The source type of the import source for the key value store.", + "title": "SourceType", "type": "string" } }, "required": [ - "TargetAddress", - "TargetType" + "SourceArn", + "SourceType" ], "type": "object" }, - "AWS::Cognito::IdentityPool": { + "AWS::CloudFront::MonitoringSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -45177,79 +51135,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowClassicFlow": { - "markdownDescription": "Enables the Basic (Classic) authentication flow.", - "title": "AllowClassicFlow", - "type": "boolean" - }, - "AllowUnauthenticatedIdentities": { - "markdownDescription": "Specifies whether the identity pool supports unauthenticated logins.", - "title": "AllowUnauthenticatedIdentities", - "type": "boolean" - }, - "CognitoEvents": { - "markdownDescription": "The events to configure.", - "title": "CognitoEvents", - "type": "object" - }, - "CognitoIdentityProviders": { - "items": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoIdentityProvider" - }, - "markdownDescription": "The Amazon Cognito user pools and their client IDs.", - "title": "CognitoIdentityProviders", - "type": "array" - }, - "CognitoStreams": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoStreams", - "markdownDescription": "Configuration options for configuring Amazon Cognito streams.", - "title": "CognitoStreams" - }, - "DeveloperProviderName": { - "markdownDescription": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100", - "title": "DeveloperProviderName", - "type": "string" - }, - "IdentityPoolName": { - "markdownDescription": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`", - "title": "IdentityPoolName", + "DistributionId": { + "markdownDescription": "The ID of the distribution that you are enabling metrics for.", + "title": "DistributionId", "type": "string" }, - "OpenIdConnectProviderARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the OpenID connect providers.", - "title": "OpenIdConnectProviderARNs", - "type": "array" - }, - "PushSync": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.PushSync", - "markdownDescription": "The configuration options to be applied to the identity pool.", - "title": "PushSync" - }, - "SamlProviderARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.", - "title": "SamlProviderARNs", - "type": "array" - }, - "SupportedLoginProviders": { - "markdownDescription": "Key-value pairs that map provider names to provider app IDs.", - "title": "SupportedLoginProviders", - "type": "object" + "MonitoringSubscription": { + "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.MonitoringSubscription", + "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", + "title": "MonitoringSubscription" } }, "required": [ - "AllowUnauthenticatedIdentities" + "DistributionId", + "MonitoringSubscription" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPool" + "AWS::CloudFront::MonitoringSubscription" ], "type": "string" }, @@ -45268,72 +51173,32 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { - "additionalProperties": false, - "properties": { - "ClientId": { - "markdownDescription": "The client ID for the Amazon Cognito user pool.", - "title": "ClientId", - "type": "string" - }, - "ProviderName": { - "markdownDescription": "The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` .", - "title": "ProviderName", - "type": "string" - }, - "ServerSideTokenCheck": { - "markdownDescription": "TRUE if server-side token validation is enabled for the identity provider\u2019s token.\n\nAfter you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.\n\nIf the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.", - "title": "ServerSideTokenCheck", - "type": "boolean" - } - }, - "required": [ - "ClientId", - "ProviderName" - ], - "type": "object" - }, - "AWS::Cognito::IdentityPool.CognitoStreams": { + "AWS::CloudFront::MonitoringSubscription.MonitoringSubscription": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream.", - "title": "RoleArn", - "type": "string" - }, - "StreamName": { - "markdownDescription": "The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool.", - "title": "StreamName", - "type": "string" - }, - "StreamingStatus": { - "markdownDescription": "Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` .", - "title": "StreamingStatus", - "type": "string" + "RealtimeMetricsSubscriptionConfig": { + "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig", + "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", + "title": "RealtimeMetricsSubscriptionConfig" } }, "type": "object" }, - "AWS::Cognito::IdentityPool.PushSync": { + "AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig": { "additionalProperties": false, "properties": { - "ApplicationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the Amazon SNS platform applications that could be used by clients.", - "title": "ApplicationArns", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.", - "title": "RoleArn", + "RealtimeMetricsSubscriptionStatus": { + "markdownDescription": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution.", + "title": "RealtimeMetricsSubscriptionStatus", "type": "string" } }, + "required": [ + "RealtimeMetricsSubscriptionStatus" + ], "type": "object" }, - "AWS::Cognito::IdentityPoolPrincipalTag": { + "AWS::CloudFront::OriginAccessControl": { "additionalProperties": false, "properties": { "Condition": { @@ -45368,36 +51233,20 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityPoolId": { - "markdownDescription": "The identity pool that you want to associate with this principal tag map.", - "title": "IdentityPoolId", - "type": "string" - }, - "IdentityProviderName": { - "markdownDescription": "The identity pool identity provider (IdP) that you want to associate with this principal tag map.", - "title": "IdentityProviderName", - "type": "string" - }, - "PrincipalTags": { - "markdownDescription": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.", - "title": "PrincipalTags", - "type": "object" - }, - "UseDefaults": { - "markdownDescription": "Use a default set of mappings between claims and tags for this provider, instead of a custom map.", - "title": "UseDefaults", - "type": "boolean" + "OriginAccessControlConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig", + "markdownDescription": "The origin access control.", + "title": "OriginAccessControlConfig" } }, "required": [ - "IdentityPoolId", - "IdentityProviderName" + "OriginAccessControlConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPoolPrincipalTag" + "AWS::CloudFront::OriginAccessControl" ], "type": "string" }, @@ -45416,7 +51265,44 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment": { + "AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the origin access control.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name to identify the origin access control. You can specify up to 64 characters.", + "title": "Name", + "type": "string" + }, + "OriginAccessControlOriginType": { + "markdownDescription": "The type of origin that this origin access control is for.", + "title": "OriginAccessControlOriginType", + "type": "string" + }, + "SigningBehavior": { + "markdownDescription": "Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .\n\nThis field can have one of the following values:\n\n- `always` \u2013 CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.\n- `never` \u2013 CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.\n- `no-override` \u2013 If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*", + "title": "SigningBehavior", + "type": "string" + }, + "SigningProtocol": { + "markdownDescription": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .", + "title": "SigningProtocol", + "type": "string" + } + }, + "required": [ + "Name", + "OriginAccessControlOriginType", + "SigningBehavior", + "SigningProtocol" + ], + "type": "object" + }, + "AWS::CloudFront::OriginRequestPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -45451,42 +51337,20 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityPoolId": { - "markdownDescription": "An identity pool ID in the format `REGION:GUID` .", - "title": "IdentityPoolId", - "type": "string" - }, - "RoleMappings": { - "additionalProperties": false, - "markdownDescription": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping" - } - }, - "title": "RoleMappings", - "type": "object" - }, - "Roles": { - "additionalProperties": true, - "markdownDescription": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Roles", - "type": "object" + "OriginRequestPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig", + "markdownDescription": "The origin request policy configuration.", + "title": "OriginRequestPolicyConfig" } }, "required": [ - "IdentityPoolId" + "OriginRequestPolicyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPoolRoleAttachment" + "AWS::CloudFront::OriginRequestPolicy" ], "type": "string" }, @@ -45505,85 +51369,110 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.MappingRule": { + "AWS::CloudFront::OriginRequestPolicy.CookiesConfig": { "additionalProperties": false, "properties": { - "Claim": { - "markdownDescription": "The claim name that must be present in the token. For example: \"isAdmin\" or \"paid\".", - "title": "Claim", - "type": "string" - }, - "MatchType": { - "markdownDescription": "The match condition that specifies how closely the claim value in the IdP token must match `Value` .\n\nValid values are: `Equals` , `Contains` , `StartsWith` , and `NotEqual` .", - "title": "MatchType", + "CookieBehavior": { + "markdownDescription": "Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `CookieNames` type, which are not included.", + "title": "CookieBehavior", "type": "string" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role.", - "title": "RoleARN", + "Cookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of cookie names.", + "title": "Cookies", + "type": "array" + } + }, + "required": [ + "CookieBehavior" + ], + "type": "object" + }, + "AWS::CloudFront::OriginRequestPolicy.HeadersConfig": { + "additionalProperties": false, + "properties": { + "HeaderBehavior": { + "markdownDescription": "Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin.\n- `allViewer` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin.\n- `allViewerAndWhitelistCloudFront` \u2013 All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront.\n- `allExcept` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `Headers` type, which are not included.", + "title": "HeaderBehavior", "type": "string" }, - "Value": { - "markdownDescription": "A brief string that the claim must match. For example, \"paid\" or \"yes\".", - "title": "Value", - "type": "string" + "Headers": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of HTTP header names.", + "title": "Headers", + "type": "array" } }, "required": [ - "Claim", - "MatchType", - "RoleARN", - "Value" + "HeaderBehavior" ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping": { + "AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig": { "additionalProperties": false, "properties": { - "AmbiguousRoleResolution": { - "markdownDescription": "If you specify Token or Rules as the `Type` , `AmbiguousRoleResolution` is required.\n\nSpecifies the action to be taken if either no rules match the claim value for the `Rules` type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the `Token` type.", - "title": "AmbiguousRoleResolution", + "Comment": { + "markdownDescription": "A comment to describe the origin request policy. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" }, - "IdentityProvider": { - "markdownDescription": "Identifier for the identity provider for which the role is mapped. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)` . This is the identity provider that is used by the user for authentication.\n\nIf the identity provider property isn't provided, the key of the entry in the `RoleMappings` map is used as the identity provider.", - "title": "IdentityProvider", - "type": "string" + "CookiesConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.CookiesConfig", + "markdownDescription": "The cookies from viewer requests to include in origin requests.", + "title": "CookiesConfig" }, - "RulesConfiguration": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType", - "markdownDescription": "The rules to be used for mapping users to roles. If you specify \"Rules\" as the role-mapping type, RulesConfiguration is required.", - "title": "RulesConfiguration" + "HeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.HeadersConfig", + "markdownDescription": "The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront.", + "title": "HeadersConfig" }, - "Type": { - "markdownDescription": "The role mapping type. Token will use `cognito:roles` and `cognito:preferred_role` claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.", - "title": "Type", + "Name": { + "markdownDescription": "A unique name to identify the origin request policy.", + "title": "Name", "type": "string" + }, + "QueryStringsConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig", + "markdownDescription": "The URL query strings from viewer requests to include in origin requests.", + "title": "QueryStringsConfig" } }, "required": [ - "Type" + "CookiesConfig", + "HeadersConfig", + "Name", + "QueryStringsConfig" ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType": { + "AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig": { "additionalProperties": false, "properties": { - "Rules": { + "QueryStringBehavior": { + "markdownDescription": "Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `QueryStringNames` type, which are not included.", + "title": "QueryStringBehavior", + "type": "string" + }, + "QueryStrings": { "items": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.MappingRule" + "type": "string" }, - "markdownDescription": "The rules. You can specify up to 25 rules per identity provider.", - "title": "Rules", + "markdownDescription": "Contains a list of query string names.", + "title": "QueryStrings", "type": "array" } }, "required": [ - "Rules" + "QueryStringBehavior" ], "type": "object" }, - "AWS::Cognito::LogDeliveryConfiguration": { + "AWS::CloudFront::PublicKey": { "additionalProperties": false, "properties": { "Condition": { @@ -45618,28 +51507,20 @@ "Properties": { "additionalProperties": false, "properties": { - "LogConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.LogConfiguration" - }, - "markdownDescription": "A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs.", - "title": "LogConfigurations", - "type": "array" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you configured logging.", - "title": "UserPoolId", - "type": "string" + "PublicKeyConfig": { + "$ref": "#/definitions/AWS::CloudFront::PublicKey.PublicKeyConfig", + "markdownDescription": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", + "title": "PublicKeyConfig" } }, "required": [ - "UserPoolId" + "PublicKeyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::LogDeliveryConfiguration" + "AWS::CloudFront::PublicKey" ], "type": "string" }, @@ -45658,39 +51539,38 @@ ], "type": "object" }, - "AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration": { + "AWS::CloudFront::PublicKey.PublicKeyConfig": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with AWS Key Management Service and must be in the same AWS account as your user pool.\n\nTo send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with `/aws/vendedlogs` . For more information, see [Enabling logging from certain AWS services](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) .", - "title": "LogGroupArn", + "CallerReference": { + "markdownDescription": "A string included in the request to help make sure that the request can't be replayed.", + "title": "CallerReference", "type": "string" - } - }, - "type": "object" - }, - "AWS::Cognito::LogDeliveryConfiguration.LogConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration", - "markdownDescription": "Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.", - "title": "CloudWatchLogsConfiguration" }, - "EventSource": { - "markdownDescription": "The source of events that your user pool sends for logging. To send error-level logs about user notification activity, set to `userNotification` . To send info-level logs about threat-protection user activity in user pools with the Plus feature plan, set to `userAuthEvents` .", - "title": "EventSource", + "Comment": { + "markdownDescription": "A comment to describe the public key. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" }, - "LogLevel": { - "markdownDescription": "The `errorlevel` selection of logs that a user pool sends for detailed activity logging. To send `userNotification` activity with [information about message delivery](https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html) , choose `ERROR` with `CloudWatchLogsConfiguration` . To send `userAuthEvents` activity with user logs from threat protection with the Plus feature plan, choose `INFO` with one of `CloudWatchLogsConfiguration` , `FirehoseConfiguration` , or `S3Configuration` .", - "title": "LogLevel", + "EncodedKey": { + "markdownDescription": "The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", + "title": "EncodedKey", + "type": "string" + }, + "Name": { + "markdownDescription": "A name to help identify the public key.", + "title": "Name", "type": "string" } }, + "required": [ + "CallerReference", + "EncodedKey", + "Name" + ], "type": "object" }, - "AWS::Cognito::UserPool": { + "AWS::CloudFront::RealtimeLogConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -45725,153 +51605,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountRecoverySetting": { - "$ref": "#/definitions/AWS::Cognito::UserPool.AccountRecoverySetting", - "markdownDescription": "The available verified method a user can use to recover their password when they call `ForgotPassword` . You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.", - "title": "AccountRecoverySetting" - }, - "AdminCreateUserConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.AdminCreateUserConfig", - "markdownDescription": "The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.", - "title": "AdminCreateUserConfig" - }, - "AliasAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Attributes supported as an alias for this user pool. For more information about alias attributes, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", - "title": "AliasAttributes", - "type": "array" - }, - "AutoVerifiedAttributes": { + "EndPoints": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.EndPoint" }, - "markdownDescription": "The attributes that you want your user pool to automatically verify. For more information, see [Verifying contact information at sign-up](https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#allowing-users-to-sign-up-and-confirm-themselves) .", - "title": "AutoVerifiedAttributes", + "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.", + "title": "EndPoints", "type": "array" }, - "DeletionProtection": { - "markdownDescription": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request.", - "title": "DeletionProtection", - "type": "string" - }, - "DeviceConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.DeviceConfiguration", - "markdownDescription": "The device-remembering configuration for a user pool. Device remembering or device tracking is a \"Remember me on this device\" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see [Working with user devices in your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) . A null value indicates that you have deactivated device remembering in your user pool.\n\n> When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature. For more information, see [Working with devices](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) .", - "title": "DeviceConfiguration" - }, - "EmailConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.EmailConfiguration", - "markdownDescription": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.", - "title": "EmailConfiguration" - }, - "EmailVerificationMessage": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "EmailVerificationMessage", - "type": "string" - }, - "EmailVerificationSubject": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "EmailVerificationSubject", - "type": "string" - }, - "EnabledMfas": { + "Fields": { "items": { "type": "string" }, - "markdownDescription": "Set enabled MFA options on a specified user pool. To disable all MFAs after it has been enabled, set `MfaConfiguration` to `OFF` and remove EnabledMfas. MFAs can only be all disabled if `MfaConfiguration` is `OFF` . After you enable `SMS_MFA` , you can only disable it by setting `MfaConfiguration` to `OFF` . Can be one of the following values:\n\n- `SMS_MFA` - Enables MFA with SMS for the user pool. To select this option, you must also provide values for `SmsConfiguration` .\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n- `EMAIL_OTP` - Enables MFA with email for the user pool. To select this option, you must provide values for `EmailConfiguration` and within those, set `EmailSendingAccount` to `DEVELOPER` .\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA` | `EMAIL_OTP`", - "title": "EnabledMfas", - "type": "array" - }, - "LambdaConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.LambdaConfig", - "markdownDescription": "A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.", - "title": "LambdaConfig" - }, - "MfaConfiguration": { - "markdownDescription": "Displays the state of multi-factor authentication (MFA) as on, off, or optional. When `ON` , all users must set up MFA before they can sign in. When `OPTIONAL` , your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose `OPTIONAL` .\n\nWhen `MfaConfiguration` is `OPTIONAL` , managed login doesn't automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.", - "title": "MfaConfiguration", - "type": "string" - }, - "Policies": { - "$ref": "#/definitions/AWS::Cognito::UserPool.Policies", - "markdownDescription": "A list of user pool policies. Contains the policy that sets password-complexity requirements.", - "title": "Policies" - }, - "Schema": { - "items": { - "$ref": "#/definitions/AWS::Cognito::UserPool.SchemaAttribute" - }, - "markdownDescription": "An array of attributes for the new user pool. You can add custom attributes and modify the properties of default attributes. The specifications in this parameter set the required attributes in your user pool. For more information, see [Working with user attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) .", - "title": "Schema", + "markdownDescription": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .", + "title": "Fields", "type": "array" }, - "SmsAuthenticationMessage": { - "markdownDescription": "The contents of the SMS authentication message.", - "title": "SmsAuthenticationMessage", - "type": "string" - }, - "SmsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.SmsConfiguration", - "markdownDescription": "The settings for your Amazon Cognito user pool to send SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . For more information see [SMS message settings](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", - "title": "SmsConfiguration" - }, - "SmsVerificationMessage": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "SmsVerificationMessage", - "type": "string" - }, - "UserAttributeUpdateSettings": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UserAttributeUpdateSettings", - "markdownDescription": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) .", - "title": "UserAttributeUpdateSettings" - }, - "UserPoolAddOns": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UserPoolAddOns", - "markdownDescription": "Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to potentially unwanted traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .", - "title": "UserPoolAddOns" - }, - "UserPoolName": { - "markdownDescription": "A friendly name for your user pool.", - "title": "UserPoolName", + "Name": { + "markdownDescription": "The unique name of this real-time log configuration.", + "title": "Name", "type": "string" }, - "UserPoolTags": { - "additionalProperties": true, - "markdownDescription": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "UserPoolTags", - "type": "object" - }, - "UsernameAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies whether a user can use an email address or phone number as a username when they sign up.", - "title": "UsernameAttributes", - "type": "array" - }, - "UsernameConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UsernameConfiguration", - "markdownDescription": "Sets the case sensitivity option for sign-in usernames. When `CaseSensitive` is `false` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `false` as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.\n\nWhen `CaseSensitive` is `true` (case sensitive), Amazon Cognito interprets `USERNAME` and `UserName` as distinct users.\n\nThis configuration is immutable after you set it.", - "title": "UsernameConfiguration" - }, - "VerificationMessageTemplate": { - "$ref": "#/definitions/AWS::Cognito::UserPool.VerificationMessageTemplate", - "markdownDescription": "The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.\n\nSet the email message type that corresponds to your `DefaultEmailOption` selection. For `CONFIRM_WITH_LINK` , specify an `EmailMessageByLink` and leave `EmailMessage` blank. For `CONFIRM_WITH_CODE` , specify an `EmailMessage` and leave `EmailMessageByLink` blank. When you supply both parameters with either choice, Amazon Cognito returns an error.", - "title": "VerificationMessageTemplate" + "SamplingRate": { + "markdownDescription": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.", + "title": "SamplingRate", + "type": "number" } }, + "required": [ + "EndPoints", + "Fields", + "Name", + "SamplingRate" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPool" + "AWS::CloudFront::RealtimeLogConfig" ], "type": "string" }, @@ -45885,470 +51656,542 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Cognito::UserPool.AccountRecoverySetting": { + "AWS::CloudFront::RealtimeLogConfig.EndPoint": { "additionalProperties": false, "properties": { - "RecoveryMechanisms": { - "items": { - "$ref": "#/definitions/AWS::Cognito::UserPool.RecoveryOption" - }, - "markdownDescription": "The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators.", - "title": "RecoveryMechanisms", - "type": "array" + "KinesisStreamConfig": { + "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig", + "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration.", + "title": "KinesisStreamConfig" + }, + "StreamType": { + "markdownDescription": "The type of data stream where you are sending real-time log data. The only valid value is `Kinesis` .", + "title": "StreamType", + "type": "string" } }, + "required": [ + "KinesisStreamConfig", + "StreamType" + ], "type": "object" }, - "AWS::Cognito::UserPool.AdminCreateUserConfig": { + "AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig": { "additionalProperties": false, "properties": { - "AllowAdminCreateUserOnly": { - "markdownDescription": "The setting for allowing self-service sign-up. When `true` , only administrators can create new user profiles. When `false` , users can register themselves and create a new user profile with the `SignUp` operation.", - "title": "AllowAdminCreateUserOnly", - "type": "boolean" - }, - "InviteMessageTemplate": { - "$ref": "#/definitions/AWS::Cognito::UserPool.InviteMessageTemplate", - "markdownDescription": "The template for the welcome message to new users. This template must include the `{####}` temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder.\n\nSee also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .", - "title": "InviteMessageTemplate" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream.\n\nFor more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide* .", + "title": "RoleArn", + "type": "string" }, - "UnusedAccountValidityDays": { - "markdownDescription": "This parameter is no longer in use.\n\nThe password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `RESEND` for the `MessageAction` parameter.\n\nThe default value for this parameter is 7.", - "title": "UnusedAccountValidityDays", - "type": "number" + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data.", + "title": "StreamArn", + "type": "string" } }, + "required": [ + "RoleArn", + "StreamArn" + ], "type": "object" }, - "AWS::Cognito::UserPool.CustomEmailSender": { + "AWS::CloudFront::ResponseHeadersPolicy": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", - "title": "LambdaArn", + "Condition": { "type": "string" }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", - "title": "LambdaVersion", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResponseHeadersPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig", + "markdownDescription": "A response headers policy configuration.", + "title": "ResponseHeadersPolicyConfig" + } + }, + "required": [ + "ResponseHeadersPolicyConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFront::ResponseHeadersPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Cognito::UserPool.CustomSMSSender": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", - "title": "LambdaArn", - "type": "string" - }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", - "title": "LambdaVersion", - "type": "string" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP header names. You can specify `*` to allow all headers.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.DeviceConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods": { "additionalProperties": false, "properties": { - "ChallengeRequiredOnNewDevice": { - "markdownDescription": "When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).\n\n> Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.", - "title": "ChallengeRequiredOnNewDevice", - "type": "boolean" - }, - "DeviceOnlyRememberedOnUserPrompt": { - "markdownDescription": "When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a `ConfirmDevice` API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an `UpdateDeviceStatus` API request.\n\nWhen `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request.", - "title": "DeviceOnlyRememberedOnUserPrompt", - "type": "boolean" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP methods. Valid values are:\n\n- `GET`\n- `DELETE`\n- `HEAD`\n- `OPTIONS`\n- `PATCH`\n- `POST`\n- `PUT`\n- `ALL`\n\n`ALL` is a special value that includes all of the listed HTTP methods.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.EmailConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins": { "additionalProperties": false, "properties": { - "ConfigurationSet": { - "markdownDescription": "The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:\n\n- **Event publishing** - Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as and Amazon CloudWatch\n- **IP pool management** - When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.", - "title": "ConfigurationSet", - "type": "string" - }, - "EmailSendingAccount": { - "markdownDescription": "Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:\n\n- **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.\n\nTo look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* .\n\nThe default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.\n- **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .\n\nIf you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.\n\nBefore Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* .", - "title": "EmailSendingAccount", - "type": "string" - }, - "From": { - "markdownDescription": "Either the sender\u2019s email address or the sender\u2019s name with their email address. For example, `testuser@example.com` or `Test User ` . This address appears before the body of the email.", - "title": "From", - "type": "string" - }, - "ReplyToEmailAddress": { - "markdownDescription": "The destination to which the receiver of the email should reply.", - "title": "ReplyToEmailAddress", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:\n\n- If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.\n- If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.\n\nThe Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) .", - "title": "SourceArn", - "type": "string" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of origins (domain names). You can specify `*` to allow all origins.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.InviteMessageTemplate": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders": { "additionalProperties": false, "properties": { - "EmailMessage": { - "markdownDescription": "The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", - "title": "EmailMessage", - "type": "string" - }, - "EmailSubject": { - "markdownDescription": "The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", - "title": "EmailSubject", - "type": "string" - }, - "SMSMessage": { - "markdownDescription": "The message template for SMS messages.", - "title": "SMSMessage", - "type": "string" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP headers. You can specify `*` to expose all headers.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.LambdaConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy": { "additionalProperties": false, "properties": { - "CreateAuthChallenge": { - "markdownDescription": "The configuration of a create auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "CreateAuthChallenge", - "type": "string" - }, - "CustomEmailSender": { - "$ref": "#/definitions/AWS::Cognito::UserPool.CustomEmailSender", - "markdownDescription": "The configuration of a custom email sender Lambda trigger. This trigger routes all email notifications from a user pool to a Lambda function that delivers the message using custom logic.", - "title": "CustomEmailSender" - }, - "CustomMessage": { - "markdownDescription": "A custom message Lambda trigger. This trigger is an opportunity to customize all SMS and email messages from your user pool. When a custom message trigger is active, your user pool routes all messages to a Lambda function that returns a runtime-customized message subject and body for your user pool to deliver to a user.", - "title": "CustomMessage", - "type": "string" - }, - "CustomSMSSender": { - "$ref": "#/definitions/AWS::Cognito::UserPool.CustomSMSSender", - "markdownDescription": "The configuration of a custom SMS sender Lambda trigger. This trigger routes all SMS notifications from a user pool to a Lambda function that delivers the message using custom logic.", - "title": "CustomSMSSender" - }, - "DefineAuthChallenge": { - "markdownDescription": "The configuration of a define auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "DefineAuthChallenge", - "type": "string" - }, - "KMSKeyID": { - "markdownDescription": "The ARN of an [KMS key](https://docs.aws.amazon.com//kms/latest/developerguide/concepts.html#master_keys) . Amazon Cognito uses the key to encrypt codes and temporary passwords sent to custom sender Lambda triggers.", - "title": "KMSKeyID", - "type": "string" - }, - "PostAuthentication": { - "markdownDescription": "The configuration of a [post authentication Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html) in a user pool. This trigger can take custom actions after a user signs in.", - "title": "PostAuthentication", - "type": "string" - }, - "PostConfirmation": { - "markdownDescription": "The configuration of a [post confirmation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html) in a user pool. This trigger can take custom actions after a user confirms their user account and their email address or phone number.", - "title": "PostConfirmation", - "type": "string" - }, - "PreAuthentication": { - "markdownDescription": "The configuration of a [pre authentication trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html) in a user pool. This trigger can evaluate and modify user sign-in events.", - "title": "PreAuthentication", - "type": "string" - }, - "PreSignUp": { - "markdownDescription": "The configuration of a [pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) in a user pool. This trigger evaluates new users and can bypass confirmation, [link a federated user profile](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html) , or block sign-up requests.", - "title": "PreSignUp", - "type": "string" - }, - "PreTokenGeneration": { - "markdownDescription": "The legacy configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool.\n\nSet this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` .", - "title": "PreTokenGeneration", - "type": "string" - }, - "PreTokenGenerationConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.PreTokenGenerationConfig", - "markdownDescription": "The detailed configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` .", - "title": "PreTokenGenerationConfig" - }, - "UserMigration": { - "markdownDescription": "The configuration of a [migrate user Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html) in a user pool. This trigger can create user profiles when users sign in or attempt to reset their password with credentials that don't exist yet.", - "title": "UserMigration", + "ContentSecurityPolicy": { + "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.", + "title": "ContentSecurityPolicy", "type": "string" }, - "VerifyAuthChallengeResponse": { - "markdownDescription": "The configuration of a verify auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "VerifyAuthChallengeResponse", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" } }, + "required": [ + "ContentSecurityPolicy", + "Override" + ], "type": "object" }, - "AWS::Cognito::UserPool.NumberAttributeConstraints": { + "AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions": { "additionalProperties": false, "properties": { - "MaxValue": { - "markdownDescription": "The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", - "title": "MaxValue", - "type": "string" - }, - "MinValue": { - "markdownDescription": "The minimum value of an attribute that is of the number data type.", - "title": "MinValue", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" } }, + "required": [ + "Override" + ], "type": "object" }, - "AWS::Cognito::UserPool.PasswordPolicy": { + "AWS::CloudFront::ResponseHeadersPolicy.CorsConfig": { "additionalProperties": false, "properties": { - "MinimumLength": { - "markdownDescription": "The minimum length of the password in the policy that you have set. This value can't be less than 6.", - "title": "MinimumLength", - "type": "number" - }, - "RequireLowercase": { - "markdownDescription": "The requirement in a password policy that users must include at least one lowercase letter in their password.", - "title": "RequireLowercase", + "AccessControlAllowCredentials": { + "markdownDescription": "A Boolean that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Credentials` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs.", + "title": "AccessControlAllowCredentials", "type": "boolean" }, - "RequireNumbers": { - "markdownDescription": "The requirement in a password policy that users must include at least one number in their password.", - "title": "RequireNumbers", - "type": "boolean" + "AccessControlAllowHeaders": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders", + "markdownDescription": "A list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Headers` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs.", + "title": "AccessControlAllowHeaders" }, - "RequireSymbols": { - "markdownDescription": "The requirement in a password policy that users must include at least one symbol in their password.", - "title": "RequireSymbols", - "type": "boolean" + "AccessControlAllowMethods": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods", + "markdownDescription": "A list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Methods` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs.", + "title": "AccessControlAllowMethods" }, - "RequireUppercase": { - "markdownDescription": "The requirement in a password policy that users must include at least one uppercase letter in their password.", - "title": "RequireUppercase", - "type": "boolean" + "AccessControlAllowOrigins": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins", + "markdownDescription": "A list of origins (domain names) that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Origin` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs.", + "title": "AccessControlAllowOrigins" }, - "TemporaryPasswordValidityDays": { - "markdownDescription": "The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value.\n\n> When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool.", - "title": "TemporaryPasswordValidityDays", + "AccessControlExposeHeaders": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders", + "markdownDescription": "A list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Expose-Headers` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs.", + "title": "AccessControlExposeHeaders" + }, + "AccessControlMaxAgeSec": { + "markdownDescription": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n\nFor more information about the `Access-Control-Max-Age` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs.", + "title": "AccessControlMaxAgeSec", "type": "number" + }, + "OriginOverride": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.", + "title": "OriginOverride", + "type": "boolean" } }, + "required": [ + "AccessControlAllowCredentials", + "AccessControlAllowHeaders", + "AccessControlAllowMethods", + "AccessControlAllowOrigins", + "OriginOverride" + ], "type": "object" }, - "AWS::Cognito::UserPool.Policies": { - "additionalProperties": false, - "properties": { - "PasswordPolicy": { - "$ref": "#/definitions/AWS::Cognito::UserPool.PasswordPolicy", - "markdownDescription": "The password policy settings for a user pool, including complexity, history, and length requirements.", - "title": "PasswordPolicy" - } - }, - "type": "object" - }, - "AWS::Cognito::UserPool.PreTokenGenerationConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.CustomHeader": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nThis parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` .", - "title": "LambdaArn", + "Header": { + "markdownDescription": "The HTTP response header name.", + "title": "Header", "type": "string" }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.", - "title": "LambdaVersion", + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.", + "title": "Override", + "type": "boolean" + }, + "Value": { + "markdownDescription": "The value for the HTTP response header.", + "title": "Value", "type": "string" } }, + "required": [ + "Header", + "Override", + "Value" + ], "type": "object" }, - "AWS::Cognito::UserPool.RecoveryOption": { + "AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The recovery method that this object sets a recovery option for.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "Your priority preference for using the specified attribute in account recovery. The highest priority is `1` .", - "title": "Priority", - "type": "number" + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeader" + }, + "markdownDescription": "The list of HTTP response headers and their values.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Cognito::UserPool.SchemaAttribute": { + "AWS::CloudFront::ResponseHeadersPolicy.FrameOptions": { "additionalProperties": false, "properties": { - "AttributeDataType": { - "markdownDescription": "The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `\"custom:isMember\" : \"true\"` or `\"custom:YearsAsMember\" : \"12\"` .", - "title": "AttributeDataType", - "type": "string" - }, - "DeveloperOnlyAttribute": { - "markdownDescription": "> You should use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . \n\nSpecifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access token. For example, `DeveloperOnlyAttribute` can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.", - "title": "DeveloperOnlyAttribute", - "type": "boolean" - }, - "Mutable": { - "markdownDescription": "Specifies whether the value of the attribute can be changed.\n\nAny user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", - "title": "Mutable", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes..", - "title": "Name", + "FrameOption": { + "markdownDescription": "The value of the `X-Frame-Options` HTTP response header. Valid values are `DENY` and `SAMEORIGIN` .\n\nFor more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", + "title": "FrameOption", "type": "string" }, - "NumberAttributeConstraints": { - "$ref": "#/definitions/AWS::Cognito::UserPool.NumberAttributeConstraints", - "markdownDescription": "Specifies the constraints for an attribute of the number type.", - "title": "NumberAttributeConstraints" - }, - "Required": { - "markdownDescription": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.", - "title": "Required", + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", "type": "boolean" - }, - "StringAttributeConstraints": { - "$ref": "#/definitions/AWS::Cognito::UserPool.StringAttributeConstraints", - "markdownDescription": "Specifies the constraints for an attribute of the string type.", - "title": "StringAttributeConstraints" } }, + "required": [ + "FrameOption", + "Override" + ], "type": "object" }, - "AWS::Cognito::UserPool.SmsConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy": { "additionalProperties": false, "properties": { - "ExternalId": { - "markdownDescription": "The external ID provides additional security for your IAM role. You can use an `ExternalId` with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the `ExternalID` . If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the `ExternalId` .\n\nFor more information about the `ExternalId` of a role, see [How to use an external ID when granting access to your AWS resources to a third party](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) .", - "title": "ExternalId", - "type": "string" - }, - "SnsCallerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) .", - "title": "SnsCallerArn", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" }, - "SnsRegion": { - "markdownDescription": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* .\n\nAmazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", - "title": "SnsRegion", + "ReferrerPolicy": { + "markdownDescription": "The value of the `Referrer-Policy` HTTP response header. Valid values are:\n\n- `no-referrer`\n- `no-referrer-when-downgrade`\n- `origin`\n- `origin-when-cross-origin`\n- `same-origin`\n- `strict-origin`\n- `strict-origin-when-cross-origin`\n- `unsafe-url`\n\nFor more information about these values, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", + "title": "ReferrerPolicy", "type": "string" } }, + "required": [ + "Override", + "ReferrerPolicy" + ], "type": "object" }, - "AWS::Cognito::UserPool.StringAttributeConstraints": { + "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader": { "additionalProperties": false, "properties": { - "MaxLength": { - "markdownDescription": "The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", - "title": "MaxLength", - "type": "string" - }, - "MinLength": { - "markdownDescription": "The minimum length of a string attribute value.", - "title": "MinLength", + "Header": { + "markdownDescription": "The HTTP header name.", + "title": "Header", "type": "string" } }, + "required": [ + "Header" + ], "type": "object" }, - "AWS::Cognito::UserPool.UserAttributeUpdateSettings": { + "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig": { "additionalProperties": false, "properties": { - "AttributesRequireVerificationBeforeUpdate": { + "Items": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader" }, - "markdownDescription": "Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn\u2019t change the value of the attribute until your user responds to the verification message and confirms the new value.\n\nWhen `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user\u2019s `email` or `phone_number` attribute.", - "title": "AttributesRequireVerificationBeforeUpdate", + "markdownDescription": "The list of HTTP header names.", + "title": "Items", "type": "array" } }, "required": [ - "AttributesRequireVerificationBeforeUpdate" + "Items" ], "type": "object" }, - "AWS::Cognito::UserPool.UserPoolAddOns": { + "AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig": { "additionalProperties": false, "properties": { - "AdvancedSecurityMode": { - "markdownDescription": "The operating mode of threat protection for standard authentication types in your user pool, including username-password and secure remote password (SRP) authentication.", - "title": "AdvancedSecurityMode", + "Comment": { + "markdownDescription": "A comment to describe the response headers policy.\n\nThe comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "CorsConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CorsConfig", + "markdownDescription": "A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).", + "title": "CorsConfig" + }, + "CustomHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig", + "markdownDescription": "A configuration for a set of custom HTTP response headers.", + "title": "CustomHeadersConfig" + }, + "Name": { + "markdownDescription": "A name to identify the response headers policy.\n\nThe name must be unique for response headers policies in this AWS account .", + "title": "Name", "type": "string" + }, + "RemoveHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig", + "markdownDescription": "A configuration for a set of HTTP headers to remove from the HTTP response.", + "title": "RemoveHeadersConfig" + }, + "SecurityHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig", + "markdownDescription": "A configuration for a set of security-related HTTP response headers.", + "title": "SecurityHeadersConfig" + }, + "ServerTimingHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig", + "markdownDescription": "A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront.", + "title": "ServerTimingHeadersConfig" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Cognito::UserPool.UsernameConfiguration": { + "AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig": { "additionalProperties": false, "properties": { - "CaseSensitive": { - "markdownDescription": "Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.\n\nValid values include:\n\n- **true** - Enables case sensitivity for all username input. When this option is set to `true` , users must sign in using the exact capitalization of their given username, such as \u201cUserName\u201d. This is the default value.\n- **false** - Enables case insensitivity for all username input. For example, when this option is set to `false` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute.", - "title": "CaseSensitive", + "ContentSecurityPolicy": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy", + "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n\nFor more information about the `Content-Security-Policy` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs.", + "title": "ContentSecurityPolicy" + }, + "ContentTypeOptions": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions", + "markdownDescription": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff` .\n\nFor more information about the `X-Content-Type-Options` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs.", + "title": "ContentTypeOptions" + }, + "FrameOptions": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.FrameOptions", + "markdownDescription": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value.\n\nFor more information about the `X-Frame-Options` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", + "title": "FrameOptions" + }, + "ReferrerPolicy": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy", + "markdownDescription": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value.\n\nFor more information about the `Referrer-Policy` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", + "title": "ReferrerPolicy" + }, + "StrictTransportSecurity": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity", + "markdownDescription": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value.\n\nFor more information about the `Strict-Transport-Security` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs.", + "title": "StrictTransportSecurity" + }, + "XSSProtection": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.XSSProtection", + "markdownDescription": "Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value.\n\nFor more information about the `X-XSS-Protection` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "XSSProtection" + } + }, + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A Boolean that determines whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.", + "title": "Enabled", "type": "boolean" + }, + "SamplingRate": { + "markdownDescription": "A number 0\u2013100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the `Server-Timing` header to. When you set the sampling rate to 100, CloudFront adds the `Server-Timing` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0\u2013100 with up to four decimal places.", + "title": "SamplingRate", + "type": "number" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::Cognito::UserPool.VerificationMessageTemplate": { + "AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity": { "additionalProperties": false, "properties": { - "DefaultEmailOption": { - "markdownDescription": "The configuration of verification emails to contain a clickable link or a verification code.\n\nFor link, your template body must contain link text in the format `{##Click here##}` . \"Click here\" in the example is a customizable string. For code, your template body must contain a code placeholder in the format `{####}` .", - "title": "DefaultEmailOption", - "type": "string" + "AccessControlMaxAgeSec": { + "markdownDescription": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "AccessControlMaxAgeSec", + "type": "number" }, - "EmailMessage": { - "markdownDescription": "The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailMessage", - "type": "string" + "IncludeSubdomains": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "IncludeSubdomains", + "type": "boolean" }, - "EmailMessageByLink": { - "markdownDescription": "The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailMessageByLink", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" }, - "EmailSubject": { - "markdownDescription": "The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailSubject", - "type": "string" + "Preload": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "Preload", + "type": "boolean" + } + }, + "required": [ + "AccessControlMaxAgeSec", + "Override" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.XSSProtection": { + "additionalProperties": false, + "properties": { + "ModeBlock": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n\nFor more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "ModeBlock", + "type": "boolean" }, - "EmailSubjectByLink": { - "markdownDescription": "The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailSubjectByLink", - "type": "string" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" }, - "SmsMessage": { - "markdownDescription": "The template for SMS messages that Amazon Cognito sends to your users.", - "title": "SmsMessage", + "Protection": { + "markdownDescription": "A Boolean that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true` , the value of the `X-XSS-Protection` header is `1` . When this setting is `false` , the value of the `X-XSS-Protection` header is `0` .\n\nFor more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "Protection", + "type": "boolean" + }, + "ReportUri": { + "markdownDescription": "A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.\n\nYou cannot specify a `ReportUri` when `ModeBlock` is `true` .\n\nFor more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "ReportUri", "type": "string" } }, + "required": [ + "Override", + "Protection" + ], "type": "object" }, - "AWS::Cognito::UserPoolClient": { + "AWS::CloudFront::StreamingDistribution": { "additionalProperties": false, "properties": { "Condition": { @@ -46383,149 +52226,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessTokenValidity": { - "markdownDescription": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with\ntheir access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your access\ntokens are valid for one hour.", - "title": "AccessTokenValidity", - "type": "number" - }, - "AllowedOAuthFlows": { - "items": { - "type": "string" - }, - "markdownDescription": "The OAuth grant types that you want your app client to generate for clients in managed login authentication. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token, and the ID token when scopes like `openid` and `profile` are requested, directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user, authorized by a combination of the client ID and client secret.", - "title": "AllowedOAuthFlows", - "type": "array" - }, - "AllowedOAuthFlowsUserPoolClient": { - "markdownDescription": "Set to `true` to use OAuth 2.0 authorization server features in your app client.\n\nThis parameter must have a value of `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use authorization server features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` . When `false` , only SDK-based API sign-in is permitted.", - "title": "AllowedOAuthFlowsUserPoolClient", - "type": "boolean" - }, - "AllowedOAuthScopes": { - "items": { - "type": "string" - }, - "markdownDescription": "The OAuth, OpenID Connect (OIDC), and custom scopes that you want to permit your app client to authorize access with. Scopes govern access control to user pool self-service API operations, user data from the `userInfo` endpoint, and third-party APIs. Scope values include `phone` , `email` , `openid` , and `profile` . The `aws.cognito.signin.user.admin` scope authorizes user self-service operations. Custom scopes with resource servers authorize access to external APIs.", - "title": "AllowedOAuthScopes", - "type": "array" - }, - "AnalyticsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolClient.AnalyticsConfiguration", - "markdownDescription": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\nIn AWS Regions where Amazon Pinpoint isn't available, user pools might not have access to analytics or might be configurable with campaigns in the US East (N. Virginia) Region. For more information, see [Using Amazon Pinpoint analytics](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html) .", - "title": "AnalyticsConfiguration" - }, - "AuthSessionValidity": { - "markdownDescription": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.", - "title": "AuthSessionValidity", - "type": "number" - }, - "CallbackURLs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed redirect, or callback, URLs for managed login authentication. These URLs are the paths where you want to send your users' browsers after they complete authentication with managed login or a third-party IdP. Typically, callback URLs are the home of an application that uses OAuth or OIDC libraries to process authentication outcomes.\n\nA redirect URI must meet the following requirements:\n\n- Be an absolute URI.\n- Be registered with the authorization server. Amazon Cognito doesn't accept authorization requests with `redirect_uri` values that aren't in the list of `CallbackURLs` that you provide in this parameter.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported.", - "title": "CallbackURLs", - "type": "array" - }, - "ClientName": { - "markdownDescription": "A friendly name for the app client that you want to create.", - "title": "ClientName", - "type": "string" - }, - "DefaultRedirectURI": { - "markdownDescription": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.", - "title": "DefaultRedirectURI", - "type": "string" - }, - "EnablePropagateAdditionalUserContextData": { - "markdownDescription": "When `true` , your application can include additional `UserContextData` in authentication requests. This data includes the IP address, and contributes to analysis by threat protection features. For more information about propagation of user context data, see [Adding session data to API requests](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint) . If you don\u2019t include this parameter, you can't send the source IP address to Amazon Cognito threat protection features. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret.", - "title": "EnablePropagateAdditionalUserContextData", - "type": "boolean" - }, - "EnableTokenRevocation": { - "markdownDescription": "Activates or deactivates token revocation.\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.", - "title": "EnableTokenRevocation", - "type": "boolean" - }, - "ExplicitAuthFlows": { - "items": { - "type": "string" - }, - "markdownDescription": "The [authentication flows](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html) that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n> If you don't specify a value for `ExplicitAuthFlows` , your app client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nThe values for authentication flow options include the following.\n\n- `ALLOW_USER_AUTH` : Enable selection-based sign-in with `USER_AUTH` . This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other `ExplicitAuthFlows` permitting them. For example users can complete an SRP challenge through `USER_AUTH` without the flow `USER_SRP_AUTH` being active for the app client. This flow doesn't include `CUSTOM_AUTH` .\n\nTo activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` .", - "title": "ExplicitAuthFlows", - "type": "array" - }, - "GenerateSecret": { - "markdownDescription": "When `true` , generates a client secret for the app client. Client secrets are used with server-side and machine-to-machine applications. Client secrets are automatically generated; you can't specify a secret value. For more information, see [App client types](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#user-pool-settings-client-app-client-types) .", - "title": "GenerateSecret", - "type": "boolean" - }, - "IdTokenValidity": { - "markdownDescription": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your ID\ntokens are valid for one hour.", - "title": "IdTokenValidity", - "type": "number" - }, - "LogoutURLs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed logout URLs for managed login authentication. When you pass `logout_uri` and `client_id` parameters to `/logout` , Amazon Cognito signs out your user and redirects them to the logout URL. This parameter describes the URLs that you want to be the permitted targets of `logout_uri` . A typical use of these URLs is when a user selects \"Sign out\" and you redirect them to your public homepage. For more information, see [Logout endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html) .", - "title": "LogoutURLs", - "type": "array" - }, - "PreventUserExistenceErrors": { - "markdownDescription": "Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to `ENABLED` and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs return a `UserNotFoundException` exception if the user doesn't exist in the user pool.\n\nValid values include:\n\n- `ENABLED` - This prevents user existence-related errors.\n- `LEGACY` - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.\n\nDefaults to `LEGACY` when you don't provide a value.", - "title": "PreventUserExistenceErrors", - "type": "string" - }, - "ReadAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of user attributes that you want your app client to have read access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool app client has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes.", - "title": "ReadAttributes", - "type": "array" - }, - "RefreshTokenValidity": { - "markdownDescription": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session\nand retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your refresh\ntokens are valid for 30 days.", - "title": "RefreshTokenValidity", - "type": "number" - }, - "SupportedIdentityProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` .\n\nThis parameter sets the IdPs that [managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) will display on the login page for your app client. The removal of `COGNITO` from this list doesn't prevent authentication operations for local users with the user pools API in an AWS SDK. The only way to prevent SDK-based authentication is to block access with a [AWS WAF rule](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html) .", - "title": "SupportedIdentityProviders", - "type": "array" - }, - "TokenValidityUnits": { - "$ref": "#/definitions/AWS::Cognito::UserPoolClient.TokenValidityUnits", - "markdownDescription": "The units that validity times are represented in. The default unit for refresh tokens is days, and the default for ID and access tokens are hours.", - "title": "TokenValidityUnits" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create an app client.", - "title": "UserPoolId", - "type": "string" + "StreamingDistributionConfig": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig", + "markdownDescription": "The current configuration information for the RTMP distribution.", + "title": "StreamingDistributionConfig" }, - "WriteAttributes": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", - "title": "WriteAttributes", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", "type": "array" } }, "required": [ - "UserPoolId" + "StreamingDistributionConfig", + "Tags" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolClient" + "AWS::CloudFront::StreamingDistribution" ], "type": "string" }, @@ -46544,148 +52267,125 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolClient.AnalyticsConfiguration": { + "AWS::CloudFront::StreamingDistribution.Logging": { "additionalProperties": false, "properties": { - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project that you want to connect to your user pool app client. Amazon Cognito publishes events to the Amazon Pinpoint project that `ApplicationArn` declares. You can also configure your application to pass an endpoint ID in the `AnalyticsMetadata` parameter of sign-in operations. The endpoint ID is information about the destination for push notifications", - "title": "ApplicationArn", + "Bucket": { + "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", + "title": "Bucket", "type": "string" }, - "ApplicationId": { - "markdownDescription": "Your Amazon Pinpoint project ID.", - "title": "ApplicationId", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) of the role that Amazon Cognito assumes to send analytics data to Amazon Pinpoint.", - "title": "ExternalId", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a streaming distribution or if you want to disable logging for an existing streaming distribution, specify `false` for `Enabled` , and specify `empty Bucket` and `Prefix` elements. If you specify `false` for `Enabled` but you specify values for `Bucket` and `Prefix` , the values are automatically deleted.", + "title": "Enabled", + "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The ARN of an AWS Identity and Access Management role that has the permissions required for Amazon Cognito to publish events to Amazon Pinpoint analytics.", - "title": "RoleArn", + "Prefix": { + "markdownDescription": "An optional string that you want CloudFront to prefix to the access log filenames for this streaming distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", + "title": "Prefix", "type": "string" - }, - "UserDataShared": { - "markdownDescription": "If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics.", - "title": "UserDataShared", - "type": "boolean" } }, + "required": [ + "Bucket", + "Enabled", + "Prefix" + ], "type": "object" }, - "AWS::Cognito::UserPoolClient.TokenValidityUnits": { + "AWS::CloudFront::StreamingDistribution.S3Origin": { "additionalProperties": false, "properties": { - "AccessToken": { - "markdownDescription": "A time unit for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is `hours` . `AccessTokenValidity` duration can range from five minutes to one day.", - "title": "AccessToken", - "type": "string" - }, - "IdToken": { - "markdownDescription": "A time unit for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is `hours` . `IdTokenValidity` duration can range from five minutes to one day.", - "title": "IdToken", + "DomainName": { + "markdownDescription": "The DNS name of the Amazon S3 origin.", + "title": "DomainName", "type": "string" }, - "RefreshToken": { - "markdownDescription": "A time unit for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is `days` . `RefreshTokenValidity` duration can range from 60 minutes to 10 years.", - "title": "RefreshToken", + "OriginAccessIdentity": { + "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 bucket through CloudFront.\n\nIf you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information, see [Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessIdentity", "type": "string" } }, + "required": [ + "DomainName", + "OriginAccessIdentity" + ], "type": "object" }, - "AWS::Cognito::UserPoolDomain": { + "AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Aliases": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution.", + "title": "Aliases", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Comment": { + "markdownDescription": "Any comments you want to include about the streaming distribution.", + "title": "Comment", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Enabled": { + "markdownDescription": "Whether the streaming distribution is enabled to accept user requests for content.", + "title": "Enabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CustomDomainConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPoolDomain.CustomDomainConfigType", - "markdownDescription": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.\n\nWhen you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain.", - "title": "CustomDomainConfig" - }, - "Domain": { - "markdownDescription": "The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` .", - "title": "Domain", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that is associated with the domain you're updating.", - "title": "UserPoolId", - "type": "string" - } - }, - "required": [ - "Domain", - "UserPoolId" - ], - "type": "object" + "Logging": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.Logging", + "markdownDescription": "A complex type that controls whether access logs are written for the streaming distribution.", + "title": "Logging" }, - "Type": { - "enum": [ - "AWS::Cognito::UserPoolDomain" - ], + "PriceClass": { + "markdownDescription": "A complex type that contains information about price class for this streaming distribution.", + "title": "PriceClass", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "S3Origin": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.S3Origin", + "markdownDescription": "A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.", + "title": "S3Origin" + }, + "TrustedSigners": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.TrustedSigners", + "markdownDescription": "A complex type that specifies any AWS accounts that you want to permit to create signed URLs for private content. If you want the distribution to use signed URLs, include this element; if you want the distribution to use public URLs, remove this element. For more information, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners" } }, "required": [ - "Type", - "Properties" + "Comment", + "Enabled", + "S3Origin", + "TrustedSigners" ], "type": "object" }, - "AWS::Cognito::UserPoolDomain.CustomDomainConfigType": { + "AWS::CloudFront::StreamingDistribution.TrustedSigners": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.", - "title": "CertificateArn", - "type": "string" + "AwsAccountNumbers": { + "items": { + "type": "string" + }, + "markdownDescription": "An AWS account number that contains active CloudFront key pairs that CloudFront can use to verify the signatures of signed URLs and signed cookies. If the AWS account that owns the key pairs is the same account that owns the CloudFront distribution, the value of this field is `self` .", + "title": "AwsAccountNumbers", + "type": "array" + }, + "Enabled": { + "markdownDescription": "This field is `true` if any of the AWS accounts in the list are configured as trusted signers. If not, this field is `false` .", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::Cognito::UserPoolGroup": { + "AWS::CloudFront::VpcOrigin": { "additionalProperties": false, "properties": { "Condition": { @@ -46720,40 +52420,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the group that you're creating.", - "title": "Description", - "type": "string" - }, - "GroupName": { - "markdownDescription": "A name for the group. This name must be unique in your user pool.", - "title": "GroupName", - "type": "string" - }, - "Precedence": { - "markdownDescription": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` .", - "title": "Precedence", - "type": "number" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a `cognito:preferred_role` claim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain a `cognito:groups` claim that list all the groups that a user is a member of.", - "title": "RoleArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", + "type": "array" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a user group.", - "title": "UserPoolId", - "type": "string" + "VpcOriginEndpointConfig": { + "$ref": "#/definitions/AWS::CloudFront::VpcOrigin.VpcOriginEndpointConfig", + "markdownDescription": "The VPC origin endpoint configuration.", + "title": "VpcOriginEndpointConfig" } }, "required": [ - "UserPoolId" + "VpcOriginEndpointConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolGroup" + "AWS::CloudFront::VpcOrigin" ], "type": "string" }, @@ -46772,7 +52460,50 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolIdentityProvider": { + "AWS::CloudFront::VpcOrigin.VpcOriginEndpointConfig": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the CloudFront VPC origin endpoint configuration.", + "title": "Arn", + "type": "string" + }, + "HTTPPort": { + "markdownDescription": "The HTTP port for the CloudFront VPC origin endpoint configuration. The default value is `80` .", + "title": "HTTPPort", + "type": "number" + }, + "HTTPSPort": { + "markdownDescription": "The HTTPS port of the CloudFront VPC origin endpoint configuration. The default value is `443` .", + "title": "HTTPSPort", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the CloudFront VPC origin endpoint configuration.", + "title": "Name", + "type": "string" + }, + "OriginProtocolPolicy": { + "markdownDescription": "The origin protocol policy for the CloudFront VPC origin endpoint configuration.", + "title": "OriginProtocolPolicy", + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", + "type": "array" + } + }, + "required": [ + "Arn", + "Name" + ], + "type": "object" + }, + "AWS::CloudTrail::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -46807,50 +52538,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeMapping": { - "markdownDescription": "A mapping of IdP attributes to standard and custom user pool attributes. Specify a user pool attribute as the key of the key-value pair, and the IdP attribute claim name as the value.", - "title": "AttributeMapping", - "type": "object" - }, - "IdpIdentifiers": { + "Destinations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudTrail::Channel.Destination" }, - "markdownDescription": "An array of IdP identifiers, for example `\"IdPIdentifiers\": [ \"MyIdP\", \"MyIdP2\" ]` . Identifiers are friendly names that you can pass in the `idp_identifier` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP. Identifiers in a domain format also enable the use of [email-address matching with SAML providers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managing-saml-idp-naming.html) .", - "title": "IdpIdentifiers", + "markdownDescription": "One or more event data stores to which events arriving through a channel will be logged.", + "title": "Destinations", "type": "array" }, - "ProviderDetails": { - "markdownDescription": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`", - "title": "ProviderDetails", - "type": "object" - }, - "ProviderName": { - "markdownDescription": "The name that you want to assign to the IdP. You can pass the identity provider name in the `identity_provider` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP.", - "title": "ProviderName", + "Name": { + "markdownDescription": "The name of the channel.", + "title": "Name", "type": "string" }, - "ProviderType": { - "markdownDescription": "The type of IdP that you want to add. Amazon Cognito supports OIDC, SAML 2.0, Login With Amazon, Sign In With Apple, Google, and Facebook IdPs.", - "title": "ProviderType", + "Source": { + "markdownDescription": "The name of the partner or external event source. You cannot change this name after you create the channel. A maximum of one channel is allowed per source.\n\nA source can be either `Custom` for all valid non- AWS events, or the name of a partner event source. For information about the source names for available partners, see [Additional information about integration partners](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-integration.html#cloudtrail-lake-partner-information) in the CloudTrail User Guide.", + "title": "Source", "type": "string" }, - "UserPoolId": { - "markdownDescription": "The Id of the user pool where you want to create an IdP.", - "title": "UserPoolId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ProviderName", - "ProviderType", - "UserPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolIdentityProvider" + "AWS::CloudTrail::Channel" ], "type": "string" }, @@ -46864,12 +52583,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolResourceServer": { + "AWS::CloudTrail::Channel.Destination": { + "additionalProperties": false, + "properties": { + "Location": { + "markdownDescription": "For channels used for a CloudTrail Lake integration, the location is the ARN of an event data store that receives events from a channel. For service-linked channels, the location is the name of the AWS service.", + "title": "Location", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of destination for events arriving from a channel. For channels used for a CloudTrail Lake integration, the value is `EVENT_DATA_STORE` . For service-linked channels, the value is `AWS_SERVICE` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Location", + "Type" + ], + "type": "object" + }, + "AWS::CloudTrail::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -46904,40 +52642,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Identifier": { - "markdownDescription": "A unique resource server identifier for the resource server. The identifier can be an API friendly name like `solar-system-data` . You can also set an API URL like `https://solar-system-data-api.example.com` as your identifier.\n\nAmazon Cognito represents scopes in the access token in the format `$resource-server-identifier/$scope` . Longer scope-identifier strings increase the size of your access tokens.", - "title": "Identifier", - "type": "string" - }, "Name": { - "markdownDescription": "A friendly name for the resource server.", + "markdownDescription": "The name of the dashboard. The name must be unique to your account.\n\nTo create the Highlights dashboard, the name must be `AWSCloudTrail-Highlights` .", "title": "Name", "type": "string" }, - "Scopes": { + "RefreshSchedule": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.RefreshSchedule", + "markdownDescription": "The schedule for a dashboard refresh.", + "title": "RefreshSchedule" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` .", - "title": "Scopes", + "markdownDescription": "A list of tags.", + "title": "Tags", "type": "array" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a resource server.", - "title": "UserPoolId", - "type": "string" + "TerminationProtectionEnabled": { + "markdownDescription": "Specifies whether termination protection is enabled for the dashboard. If termination protection is enabled, you cannot delete the dashboard until termination protection is disabled.", + "title": "TerminationProtectionEnabled", + "type": "boolean" + }, + "Widgets": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.Widget" + }, + "markdownDescription": "An array of widgets for a custom dashboard. A custom dashboard can have a maximum of ten widgets.\n\nYou do not need to specify widgets for the Highlights dashboard.", + "title": "Widgets", + "type": "array" } }, - "required": [ - "Identifier", - "Name", - "UserPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolResourceServer" + "AWS::CloudTrail::Dashboard" ], "type": "string" }, @@ -46951,32 +52692,85 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType": { + "AWS::CloudTrail::Dashboard.Frequency": { "additionalProperties": false, "properties": { - "ScopeDescription": { - "markdownDescription": "A friendly description of a custom scope.", - "title": "ScopeDescription", + "Unit": { + "markdownDescription": "The unit to use for the refresh.\n\nFor custom dashboards, the unit can be `HOURS` or `DAYS` .\n\nFor the Highlights dashboard, the `Unit` must be `HOURS` .", + "title": "Unit", "type": "string" }, - "ScopeName": { - "markdownDescription": "The name of the scope. Amazon Cognito renders custom scopes in the format `resourceServerIdentifier/ScopeName` . For example, if this parameter is `exampleScope` in the resource server with the identifier `exampleResourceServer` , you request and receive the scope `exampleResourceServer/exampleScope` .", - "title": "ScopeName", + "Value": { + "markdownDescription": "The value for the refresh schedule.\n\nFor custom dashboards, the following values are valid when the unit is `HOURS` : `1` , `6` , `12` , `24`\n\nFor custom dashboards, the only valid value when the unit is `DAYS` is `1` .\n\nFor the Highlights dashboard, the `Value` must be `6` .", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::CloudTrail::Dashboard.RefreshSchedule": { + "additionalProperties": false, + "properties": { + "Frequency": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.Frequency", + "markdownDescription": "The frequency at which you want the dashboard refreshed.", + "title": "Frequency" + }, + "Status": { + "markdownDescription": "Specifies whether the refresh schedule is enabled. Set the value to `ENABLED` to enable the refresh schedule, or to `DISABLED` to turn off the refresh schedule.", + "title": "Status", + "type": "string" + }, + "TimeOfDay": { + "markdownDescription": "The time of day in UTC to run the schedule; for hourly only refer to minutes; default is 00:00.", + "title": "TimeOfDay", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudTrail::Dashboard.Widget": { + "additionalProperties": false, + "properties": { + "QueryParameters": { + "items": { + "type": "string" + }, + "markdownDescription": "The optional query parameters. The following query parameters are valid: `$StartTime$` , `$EndTime$` , and `$Period$` .", + "title": "QueryParameters", + "type": "array" + }, + "QueryStatement": { + "markdownDescription": "The query statement for the widget. For custom dashboard widgets, you can query across multiple event data stores as long as all event data stores exist in your account.\n\n> When a query uses `?` with `eventTime` , `?` must be surrounded by single quotes as follows: `'?'` .", + "title": "QueryStatement", "type": "string" + }, + "ViewProperties": { + "additionalProperties": true, + "markdownDescription": "The view properties for the widget. For more information about view properties, see [View properties for widgets](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-widget-properties.html) in the *AWS CloudTrail User Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ViewProperties", + "type": "object" } }, "required": [ - "ScopeDescription", - "ScopeName" + "QueryStatement" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment": { + "AWS::CloudTrail::EventDataStore": { "additionalProperties": false, "properties": { "Condition": { @@ -47011,41 +52805,104 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountTakeoverRiskConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType", - "markdownDescription": "The settings for automated responses and notification templates for adaptive authentication with threat protection.", - "title": "AccountTakeoverRiskConfiguration" + "AdvancedEventSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedEventSelector" + }, + "markdownDescription": "The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.\n\nFor more information about how to use advanced event selectors to log CloudTrail events, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see [Create an event data store for AWS Config configuration items](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see [Create an integration to log events from outside AWS](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration) in the CloudTrail User Guide.", + "title": "AdvancedEventSelectors", + "type": "array" }, - "ClientId": { - "markdownDescription": "The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.", - "title": "ClientId", + "BillingMode": { + "markdownDescription": "The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.\n\nThe following are the possible values:\n\n- `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days.\n- `FIXED_RETENTION_PRICING` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.\n\nThe default value is `EXTENDABLE_RETENTION_PRICING` .\n\nFor more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) and [Managing CloudTrail Lake costs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html) .", + "title": "BillingMode", "type": "string" }, - "CompromisedCredentialsRiskConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType", - "markdownDescription": "Settings for compromised-credentials actions and authentication types with threat protection in full-function `ENFORCED` mode.", - "title": "CompromisedCredentialsRiskConfiguration" + "ContextKeySelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.ContextKeySelector" + }, + "markdownDescription": "The list of context key selectors that are configured for the event data store.", + "title": "ContextKeySelectors", + "type": "array" }, - "RiskExceptionConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType", - "markdownDescription": "Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.", - "title": "RiskExceptionConfiguration" + "FederationEnabled": { + "markdownDescription": "Indicates if [Lake query federation](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html) is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.", + "title": "FederationEnabled", + "type": "boolean" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that has the risk configuration applied.", - "title": "UserPoolId", + "FederationRoleArn": { + "markdownDescription": "If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.\n\nThe federation role must exist in your account and provide the [required minimum permissions](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role) .", + "title": "FederationRoleArn", + "type": "string" + }, + "IngestionEnabled": { + "markdownDescription": "Specifies whether the event data store should start ingesting live events. The default is true.", + "title": "IngestionEnabled", + "type": "boolean" + }, + "InsightSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.InsightSelector" + }, + "markdownDescription": "A JSON string that contains the Insights types you want to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightSelectors", + "type": "array" + }, + "InsightsDestination": { + "markdownDescription": "The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. For more information, see [Create an event data store for CloudTrail Insights events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-insights.html) .", + "title": "InsightsDestination", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by `alias/` , a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\n> Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store. \n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- `alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`\n- `12345678-1234-1234-1234-123456789012`", + "title": "KmsKeyId", + "type": "string" + }, + "MaxEventSize": { + "markdownDescription": "The maximum allowed size for events to be stored in the specified event data store. If you are using context key selectors, MaxEventSize must be set to Large.", + "title": "MaxEventSize", + "type": "string" + }, + "MultiRegionEnabled": { + "markdownDescription": "Specifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.", + "title": "MultiRegionEnabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the event data store.", + "title": "Name", "type": "string" + }, + "OrganizationEnabled": { + "markdownDescription": "Specifies whether an event data store collects events logged for an organization in AWS Organizations .", + "title": "OrganizationEnabled", + "type": "boolean" + }, + "RetentionPeriod": { + "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", + "title": "RetentionPeriod", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags.", + "title": "Tags", + "type": "array" + }, + "TerminationProtectionEnabled": { + "markdownDescription": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.", + "title": "TerminationProtectionEnabled", + "type": "boolean" } }, - "required": [ - "ClientId", - "UserPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolRiskConfigurationAttachment" + "AWS::CloudTrail::EventDataStore" ], "type": "string" }, @@ -47059,193 +52916,129 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType": { - "additionalProperties": false, - "properties": { - "EventAction": { - "markdownDescription": "The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:\n\n- `BLOCK` : Block the request.\n- `MFA_IF_CONFIGURED` : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.\n- `MFA_REQUIRED` : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.\n- `NO_ACTION` : Take no action. Permit sign-in.", - "title": "EventAction", - "type": "string" - }, - "Notify": { - "markdownDescription": "Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.", - "title": "Notify", - "type": "boolean" - } - }, - "required": [ - "EventAction", - "Notify" + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType": { - "additionalProperties": false, - "properties": { - "HighAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a high-risk assessment by threat protection.", - "title": "HighAction" - }, - "LowAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a low-risk assessment by threat protection.", - "title": "LowAction" - }, - "MediumAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a medium-risk assessment by threat protection.", - "title": "MediumAction" - } - }, - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType": { + "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { "additionalProperties": false, "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType", - "markdownDescription": "A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.", - "title": "Actions" + "FieldSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedFieldSelector" + }, + "markdownDescription": "Contains all selector statements in an advanced event selector.", + "title": "FieldSelectors", + "type": "array" }, - "NotifyConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType", - "markdownDescription": "The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in `AccountTakeoverRiskConfiguration` , Amazon Cognito sends an email message using the method and template that you set with this data type.", - "title": "NotifyConfiguration" - } - }, - "required": [ - "Actions" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType": { - "additionalProperties": false, - "properties": { - "EventAction": { - "markdownDescription": "The action that Amazon Cognito takes when it detects compromised credentials.", - "title": "EventAction", + "Name": { + "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", + "title": "Name", "type": "string" } }, "required": [ - "EventAction" + "FieldSelectors" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType": { + "AWS::CloudTrail::EventDataStore.AdvancedFieldSelector": { "additionalProperties": false, "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType", - "markdownDescription": "Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.", - "title": "Actions" + "EndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "EndsWith", + "type": "array" }, - "EventFilter": { + "Equals": { "items": { "type": "string" }, - "markdownDescription": "Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.", - "title": "EventFilter", + "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", + "title": "Equals", "type": "array" - } - }, - "required": [ - "Actions" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType": { - "additionalProperties": false, - "properties": { - "BlockEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when a detected risk event is blocked.", - "title": "BlockEmail" }, - "From": { - "markdownDescription": "The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.", - "title": "From", + "Field": { + "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", + "title": "Field", "type": "string" }, - "MfaEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.", - "title": "MfaEmail" + "NotEndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "NotEndsWith", + "type": "array" }, - "NoActionEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when no action is taken in response to a detected risk.", - "title": "NoActionEmail" + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", + "title": "NotEquals", + "type": "array" }, - "ReplyTo": { - "markdownDescription": "The reply-to email address of an email template.", - "title": "ReplyTo", - "type": "string" + "NotStartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "NotStartsWith", + "type": "array" }, - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter.", - "title": "SourceArn", - "type": "string" + "StartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "StartsWith", + "type": "array" } }, "required": [ - "SourceArn" + "Field" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType": { + "AWS::CloudTrail::EventDataStore.ContextKeySelector": { "additionalProperties": false, "properties": { - "HtmlBody": { - "markdownDescription": "The body of an email notification formatted in HTML. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", - "title": "HtmlBody", - "type": "string" - }, - "Subject": { - "markdownDescription": "The subject of the threat protection email notification.", - "title": "Subject", - "type": "string" + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of keys defined by Type to be included in CloudTrail enriched events.", + "title": "Equals", + "type": "array" }, - "TextBody": { - "markdownDescription": "The body of an email notification formatted in plaintext. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", - "title": "TextBody", + "Type": { + "markdownDescription": "Specifies the type of the event record field in ContextKeySelector. Valid values include RequestContext, TagContext.", + "title": "Type", "type": "string" } }, "required": [ - "Subject" + "Equals", + "Type" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType": { + "AWS::CloudTrail::EventDataStore.InsightSelector": { "additionalProperties": false, "properties": { - "BlockedIPRangeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.", - "title": "BlockedIPRangeList", - "type": "array" - }, - "SkippedIPRangeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.", - "title": "SkippedIPRangeList", - "type": "array" + "InsightType": { + "markdownDescription": "The type of Insights events to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightType", + "type": "string" } }, "type": "object" }, - "AWS::Cognito::UserPoolUICustomizationAttachment": { + "AWS::CloudTrail::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -47280,31 +53073,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CSS": { - "markdownDescription": "A plaintext CSS file that contains the custom fields that you want to apply to your user pool or app client. To download a template, go to the Amazon Cognito console. Navigate to your user pool *App clients* tab, select *Login pages* , edit *Hosted UI (classic) style* , and select the link to `CSS template.css` .", - "title": "CSS", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The app client ID for your UI customization. When this value isn't present, the customization applies to all user pool app clients that don't have client-level settings..", - "title": "ClientId", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudTrail event data store, dashboard, or channel attached to the resource-based policy.\n\nExample event data store ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`\n\nExample dashboard ARN format: `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`\n\nExample channel ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`", + "title": "ResourceArn", "type": "string" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to apply branding to the classic hosted UI.", - "title": "UserPoolId", - "type": "string" + "ResourcePolicy": { + "markdownDescription": "A JSON-formatted string for an AWS resource-based policy.\n\nFor example resource-based policies, see [CloudTrail resource-based policy examples](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html) in the *CloudTrail User Guide* .", + "title": "ResourcePolicy", + "type": "object" } }, "required": [ - "ClientId", - "UserPoolId" + "ResourceArn", + "ResourcePolicy" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolUICustomizationAttachment" + "AWS::CloudTrail::ResourcePolicy" ], "type": "string" }, @@ -47323,7 +53111,7 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolUser": { + "AWS::CloudTrail::Trail": { "additionalProperties": false, "properties": { "Condition": { @@ -47358,70 +53146,108 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientMetadata": { - "additionalProperties": true, - "markdownDescription": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `ClientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Using Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n> When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:\n> \n> - Store the `ClientMetadata` value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata` parameter serves no purpose.\n> - Validate the `ClientMetadata` value.\n> - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "AdvancedEventSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedEventSelector" }, - "title": "ClientMetadata", - "type": "object" + "markdownDescription": "Specifies the settings for advanced event selectors. You can use advanced event selectors to log management events, data events for all resource types, and network activity events.\n\nYou can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either `AdvancedEventSelectors` or `EventSelectors` , but not both. If you apply `AdvancedEventSelectors` to a trail, any existing `EventSelectors` are overwritten. For more information about advanced event selectors, see [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .", + "title": "AdvancedEventSelectors", + "type": "array" }, - "DesiredDeliveryMediums": { + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", + "title": "CloudWatchLogsLogGroupArn", + "type": "string" + }, + "CloudWatchLogsRoleArn": { + "markdownDescription": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", + "title": "CloudWatchLogsRoleArn", + "type": "string" + }, + "EnableLogFileValidation": { + "markdownDescription": "Specifies whether log file validation is enabled. The default is false.\n\n> When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.", + "title": "EnableLogFileValidation", + "type": "boolean" + }, + "EventSelectors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudTrail::Trail.EventSelector" }, - "markdownDescription": "Specify `EMAIL` if email will be used to send the welcome message. Specify `SMS` if the phone number will be used. The default value is `SMS` . You can specify more than one value.", - "title": "DesiredDeliveryMediums", + "markdownDescription": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.\n\nYou can configure up to five event selectors for a trail.\n\nYou cannot apply both event selectors and advanced event selectors to a trail.", + "title": "EventSelectors", "type": "array" }, - "ForceAliasCreation": { - "markdownDescription": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the `UserAttributes` parameter already exists as an alias with a different user, this request migrates the alias from the previous user to the newly-created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .", - "title": "ForceAliasCreation", + "IncludeGlobalServiceEvents": { + "markdownDescription": "Specifies whether the trail is publishing events from global services such as IAM to the log files.", + "title": "IncludeGlobalServiceEvents", "type": "boolean" }, - "MessageAction": { - "markdownDescription": "Set to `RESEND` to resend the invitation message to a user that already exists, and to reset the temporary-password duration with a new temporary password. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.", - "title": "MessageAction", - "type": "string" - }, - "UserAttributes": { + "InsightSelectors": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + "$ref": "#/definitions/AWS::CloudTrail::Trail.InsightSelector" }, - "markdownDescription": "An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than `Username` . However, any attributes that you specify as required (when creating a user pool or in the *Attributes* tab of the console) either you should supply (in your call to `AdminCreateUser` ) or the user should supply (when they sign up in response to your welcome message).\n\nFor custom attributes, you must prepend the `custom:` prefix to the attribute name.\n\nTo send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the *Users* tab of the Amazon Cognito console for managing your user pools.\n\nYou must also provide an email address or phone number when you expect the user to do passwordless sign-in with an email or SMS OTP. These attributes must be provided when passwordless options are the only available, or when you don't submit a `TemporaryPassword` .\n\nIn your call to `AdminCreateUser` , you can set the `email_verified` attribute to `True` , and you can set the `phone_number_verified` attribute to `True` .\n\n- *email* : The email address of the user to whom the message that contains the code and username will be sent. Required if the `email_verified` attribute is set to `True` , or if `\"EMAIL\"` is specified in the `DesiredDeliveryMediums` parameter.\n- *phone_number* : The phone number of the user to whom the message that contains the code and username will be sent. Required if the `phone_number_verified` attribute is set to `True` , or if `\"SMS\"` is specified in the `DesiredDeliveryMediums` parameter.", - "title": "UserAttributes", + "markdownDescription": "A JSON string that contains the Insights types you want to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightSelectors", "type": "array" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a user.", - "title": "UserPoolId", + "IsLogging": { + "markdownDescription": "Whether the CloudTrail trail is currently logging AWS API calls.", + "title": "IsLogging", + "type": "boolean" + }, + "IsMultiRegionTrail": { + "markdownDescription": "Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.", + "title": "IsMultiRegionTrail", + "type": "boolean" + }, + "IsOrganizationTrail": { + "markdownDescription": "Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to `true` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to `false` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization.\n\n> Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.", + "title": "IsOrganizationTrail", + "type": "boolean" + }, + "KMSKeyId": { + "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the logs and digest files delivered by CloudTrail. The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n- 12345678-1234-1234-1234-123456789012", + "title": "KMSKeyId", "type": "string" }, - "Username": { - "markdownDescription": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", - "title": "Username", + "S3BucketName": { + "markdownDescription": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See [Amazon S3 Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .", + "title": "S3BucketName", "type": "string" }, - "ValidationData": { + "S3KeyPrefix": { + "markdownDescription": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see [Finding Your CloudTrail Log Files](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files) . The maximum length is 200 characters.", + "title": "S3KeyPrefix", + "type": "string" + }, + "SnsTopicName": { + "markdownDescription": "Specifies the name or ARN of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.", + "title": "SnsTopicName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function can automatically confirm and verify select users or perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) .", - "title": "ValidationData", + "markdownDescription": "A custom set of tags (key-value pairs) for this trail.", + "title": "Tags", "type": "array" + }, + "TrailName": { + "markdownDescription": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)", + "title": "TrailName", + "type": "string" } }, "required": [ - "UserPoolId" + "IsLogging", + "S3BucketName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolUser" + "AWS::CloudTrail::Trail" ], "type": "string" }, @@ -47440,23 +53266,156 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolUser.AttributeType": { + "AWS::CloudTrail::Trail.AdvancedEventSelector": { "additionalProperties": false, "properties": { + "FieldSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedFieldSelector" + }, + "markdownDescription": "Contains all selector statements in an advanced event selector.", + "title": "FieldSelectors", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the attribute.", + "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", "title": "Name", "type": "string" + } + }, + "required": [ + "FieldSelectors" + ], + "type": "object" + }, + "AWS::CloudTrail::Trail.AdvancedFieldSelector": { + "additionalProperties": false, + "properties": { + "EndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "EndsWith", + "type": "array" }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", + "title": "Equals", + "type": "array" + }, + "Field": { + "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", + "title": "Field", + "type": "string" + }, + "NotEndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "NotEndsWith", + "type": "array" + }, + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", + "title": "NotEquals", + "type": "array" + }, + "NotStartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "NotStartsWith", + "type": "array" + }, + "StartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "StartsWith", + "type": "array" + } + }, + "required": [ + "Field" + ], + "type": "object" + }, + "AWS::CloudTrail::Trail.DataResource": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The resource type in which you want to log data events. You can specify the following *basic* event selector resource types:\n\n- `AWS::DynamoDB::Table`\n- `AWS::Lambda::Function`\n- `AWS::S3::Object`\n\nAdditional resource types are available through *advanced* event selectors. For more information, see [AdvancedEventSelector](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) .", + "title": "Type", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified resource type.\n\n- To log data events for all objects in all S3 buckets in your AWS account , specify the prefix as `arn:aws:s3` .\n\n> This also enables logging of data event activity performed by any user or role in your AWS account , even if that activity is performed on a bucket that belongs to another AWS account .\n- To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/` . The trail logs data events for all objects in this S3 bucket.\n- To log data events for specific objects, specify the S3 bucket and object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/example-images` . The trail logs data events for objects in this S3 bucket that match the prefix.\n- To log data events for all Lambda functions in your AWS account , specify the prefix as `arn:aws:lambda` .\n\n> This also enables logging of `Invoke` activity performed by any user or role in your AWS account , even if that activity is performed on a function that belongs to another AWS account .\n- To log data events for a specific Lambda function, specify the function ARN.\n\n> Lambda function ARNs are exact. For example, if you specify a function ARN *arn:aws:lambda:us-west-2:111111111111:function:helloworld* , data events will only be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld* . They will not be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld2* .\n- To log data events for all DynamoDB tables in your AWS account , specify the prefix as `arn:aws:dynamodb` .", + "title": "Values", + "type": "array" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Cognito::UserPoolUserToGroupAttachment": { + "AWS::CloudTrail::Trail.EventSelector": { + "additionalProperties": false, + "properties": { + "DataResources": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.DataResource" + }, + "markdownDescription": "CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events.\n\nFor more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* .\n\n> To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field.", + "title": "DataResources", + "type": "array" + }, + "ExcludeManagementEventSources": { + "items": { + "type": "string" + }, + "markdownDescription": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service or Amazon RDS Data API events by containing `kms.amazonaws.com` or `rdsdata.amazonaws.com` . By default, `ExcludeManagementEventSources` is empty, and AWS KMS and Amazon RDS Data API events are logged to your trail. You can exclude management event sources only in Regions that support the event source.", + "title": "ExcludeManagementEventSources", + "type": "array" + }, + "IncludeManagementEvents": { + "markdownDescription": "Specify if you want your event selector to include management events for your trail.\n\nFor more information, see [Management Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n\nBy default, the value is `true` .\n\nThe first copy of management events is free. You are charged for additional copies of management events that you are logging on any subsequent trail in the same Region. For more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) .", + "title": "IncludeManagementEvents", + "type": "boolean" + }, + "ReadWriteType": { + "markdownDescription": "Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 `GetConsoleOutput` is a read-only API operation and `RunInstances` is a write-only API operation.\n\nBy default, the value is `All` .", + "title": "ReadWriteType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudTrail::Trail.InsightSelector": { + "additionalProperties": false, + "properties": { + "InsightType": { + "markdownDescription": "The type of Insights events to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudWatch::Alarm": { "additionalProperties": false, "properties": { "Condition": { @@ -47491,160 +53450,144 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the group that you want to add your user to.", - "title": "GroupName", - "type": "string" + "ActionsEnabled": { + "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE.", + "title": "ActionsEnabled", + "type": "boolean" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that contains the group that you want to add the user to.", - "title": "UserPoolId", - "type": "string" + "AlarmActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmActions", + "type": "array" }, - "Username": { - "markdownDescription": "The user's username.", - "title": "Username", + "AlarmDescription": { + "markdownDescription": "The description of the alarm.", + "title": "AlarmDescription", "type": "string" - } - }, - "required": [ - "GroupName", - "UserPoolId", - "Username" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cognito::UserPoolUserToGroupAttachment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "AlarmName": { + "markdownDescription": "The name of the alarm. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the alarm name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "AlarmName", "type": "string" }, - { + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand.", + "title": "ComparisonOperator", + "type": "string" + }, + "DatapointsToAlarm": { + "markdownDescription": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for `EvaluationPeriods` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, CloudWatch uses the same value here that you set for `EvaluationPeriods` , and the alarm goes to alarm state if that many consecutive periods are breaching.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "Dimensions": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" }, + "markdownDescription": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify `Dimensions` . Instead, you use `Metrics` .", + "title": "Dimensions", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data.", - "title": "DataAccessRoleArn", - "type": "string" }, - "DocumentClassifierName": { - "markdownDescription": "The name of the document classifier.", - "title": "DocumentClassifierName", + "EvaluateLowSampleCountPercentile": { + "markdownDescription": "Used only for alarms based on percentiles. If `ignore` , the alarm state does not change during periods with too few data points to be statistically significant. If `evaluate` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available.", + "title": "EvaluateLowSampleCountPercentile", "type": "string" }, - "InputDataConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig", - "markdownDescription": "Specifies the format and location of the input data for the job.", - "title": "InputDataConfig" + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and `DatapointsToAlarm` is the M.\n\nFor more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .", + "title": "EvaluationPeriods", + "type": "number" }, - "LanguageCode": { - "markdownDescription": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language.", - "title": "LanguageCode", + "ExtendedStatistic": { + "markdownDescription": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `ExtendedStatistic` . Instead, you use `Metrics` .", + "title": "ExtendedStatistic", "type": "string" }, - "Mode": { - "markdownDescription": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|).", - "title": "Mode", - "type": "string" + "InsufficientDataActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", + "title": "InsufficientDataActions", + "type": "array" }, - "ModelKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "ModelKmsKeyId", + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use `Metrics` instead and you can't specify `MetricName` .", + "title": "MetricName", "type": "string" }, - "ModelPolicy": { - "markdownDescription": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`", - "title": "ModelPolicy", + "Metrics": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricDataQuery" + }, + "markdownDescription": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n\nIf you specify the `Metrics` parameter, you cannot specify `MetricName` , `Dimensions` , `Period` , `Namespace` , `Statistic` , `ExtendedStatistic` , or `Unit` .", + "title": "Metrics", + "type": "array" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify `Namespace` and you use `Metrics` instead.\n\nFor a list of namespaces for metrics from AWS services, see [AWS Services That Publish CloudWatch Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)", + "title": "Namespace", "type": "string" }, - "OutputDataConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig", - "markdownDescription": "Provides output results configuration parameters for custom classifier jobs.", - "title": "OutputDataConfig" + "OKActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the `OK` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", + "title": "OKActions", + "type": "array" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 20, 30, 60, and any multiple of 60.\n\nFor an alarm based on a math expression, you can't specify `Period` , and instead you use the `Metrics` parameter.\n\n*Minimum:* 10", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use `ExtendedStatistic` .\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `Statistic` . Instead, you use `Metrics` .", + "title": "Statistic", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department.", + "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", "title": "Tags", "type": "array" }, - "VersionName": { - "markdownDescription": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region .", - "title": "VersionName", + "Threshold": { + "markdownDescription": "The value to compare with the specified statistic.", + "title": "Threshold", + "type": "number" + }, + "ThresholdMetricId": { + "markdownDescription": "In an alarm based on an anomaly detection model, this is the ID of the `ANOMALY_DETECTION_BAND` function used as the threshold for the alarm.", + "title": "ThresholdMetricId", "type": "string" }, - "VolumeKmsKeyId": { - "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "VolumeKmsKeyId", + "TreatMissingData": { + "markdownDescription": "Sets how this alarm is to handle missing data points. Valid values are `breaching` , `notBreaching` , `ignore` , and `missing` . For more information, see [Configuring How CloudWatch Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, the default behavior of `missing` is used.", + "title": "TreatMissingData", "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.VpcConfig", - "markdownDescription": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", - "title": "VpcConfig" + "Unit": { + "markdownDescription": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a `Metrics` array.\n\nYou can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", + "title": "Unit", + "type": "string" } }, "required": [ - "DataAccessRoleArn", - "DocumentClassifierName", - "InputDataConfig", - "LanguageCode" + "ComparisonOperator", + "EvaluationPeriods" ], "type": "object" }, "Type": { "enum": [ - "AWS::Comprehend::DocumentClassifier" + "AWS::CloudWatch::Alarm" ], "type": "string" }, @@ -47663,172 +53606,126 @@ ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem": { - "additionalProperties": false, - "properties": { - "AttributeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job.\n\nIf your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth.\n\nIf your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job.", - "title": "AttributeNames", - "type": "array" - }, - "S3Uri": { - "markdownDescription": "The Amazon S3 location of the augmented manifest file.", - "title": "S3Uri", - "type": "string" - }, - "Split": { - "markdownDescription": "The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train.\n\nTRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing.\n\nTEST - all of the documents in the manifest will be used for testing.", - "title": "Split", - "type": "string" - } - }, - "required": [ - "AttributeNames", - "S3Uri" - ], - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments": { + "AWS::CloudWatch::Alarm.Dimension": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The S3 URI location of the training documents specified in the S3Uri CSV file.", - "title": "S3Uri", + "Name": { + "markdownDescription": "The name of the dimension, from 1\u2013255 characters in length. This dimension name must have been included when the metric was published.", + "title": "Name", "type": "string" }, - "TestS3Uri": { - "markdownDescription": "The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file.", - "title": "TestS3Uri", + "Value": { + "markdownDescription": "The value for the dimension, from 1\u2013255 characters in length.", + "title": "Value", "type": "string" } }, "required": [ - "S3Uri" + "Name", + "Value" ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig": { + "AWS::CloudWatch::Alarm.Metric": { "additionalProperties": false, "properties": { - "AugmentedManifests": { + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem" + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" }, - "markdownDescription": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` .", - "title": "AugmentedManifests", + "markdownDescription": "The metric dimensions that you want to be used for the metric that the alarm will watch.", + "title": "Dimensions", "type": "array" }, - "DataFormat": { - "markdownDescription": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default.", - "title": "DataFormat", - "type": "string" - }, - "DocumentReaderConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentReaderConfig", - "markdownDescription": "", - "title": "DocumentReaderConfig" - }, - "DocumentType": { - "markdownDescription": "The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model.", - "title": "DocumentType", - "type": "string" - }, - "Documents": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments", - "markdownDescription": "The S3 location of the training documents. This parameter is required in a request to create a native document model.", - "title": "Documents" - }, - "LabelDelimiter": { - "markdownDescription": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL.", - "title": "LabelDelimiter", - "type": "string" - }, - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` .", - "title": "S3Uri", + "MetricName": { + "markdownDescription": "The name of the metric that you want the alarm to watch. This is a required field.", + "title": "MetricName", "type": "string" }, - "TestS3Uri": { - "markdownDescription": "This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling.", - "title": "TestS3Uri", + "Namespace": { + "markdownDescription": "The namespace of the metric that the alarm will watch.", + "title": "Namespace", "type": "string" } }, "type": "object" }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig": { + "AWS::CloudWatch::Alarm.MetricDataQuery": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- KMS Key Alias: `\"alias/ExampleAlias\"`\n- ARN of a KMS Key Alias: `\"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\"`", - "title": "KmsKeyId", + "AccountId": { + "markdownDescription": "The ID of the account where the metrics are located, if this is a cross-account alarm.", + "title": "AccountId", "type": "string" }, - "S3Uri": { - "markdownDescription": "When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file.\n\nWhen the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix.", - "title": "S3Uri", + "Expression": { + "markdownDescription": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", "type": "string" - } - }, - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier.DocumentReaderConfig": { - "additionalProperties": false, - "properties": { - "DocumentReadAction": { - "markdownDescription": "This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values:\n\n- `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation.\n- `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation.", - "title": "DocumentReadAction", + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", "type": "string" }, - "DocumentReadMode": { - "markdownDescription": "Determines the text extraction actions for PDF files. Enter one of the following values:\n\n- `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files.\n- `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files.", - "title": "DocumentReadMode", + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If `Label` is omitted, CloudWatch generates a default.", + "title": "Label", "type": "string" }, - "FeatureTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values:\n\n- `TABLES` - Returns additional information about any tables that are detected in the input document.\n- `FORMS` - Returns additional information about any forms that are detected in the input document.", - "title": "FeatureTypes", - "type": "array" + "MetricStat": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricStat", + "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", + "title": "Period", + "type": "number" + }, + "ReturnData": { + "markdownDescription": "This option indicates whether to return the timestamps and raw data values of this metric.\n\nWhen you create an alarm based on a metric math expression, specify `True` for this value for only the one math expression that the alarm is based on. You must specify `False` for `ReturnData` for all the other metrics and expressions used in the alarm.\n\nThis field is required.", + "title": "ReturnData", + "type": "boolean" } }, "required": [ - "DocumentReadAction" + "Id" ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.VpcConfig": { + "AWS::CloudWatch::Alarm.MetricStat": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", - "title": "SecurityGroupIds", - "type": "array" + "Metric": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Metric", + "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", + "title": "Metric" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", - "title": "Subnets", - "type": "array" + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit to use for the returned data points.\n\nValid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", + "title": "Unit", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "Metric", + "Period", + "Stat" ], "type": "object" }, - "AWS::Comprehend::Flywheel": { + "AWS::CloudWatch::AnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -47863,60 +53760,55 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveModelArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the active model version.", - "title": "ActiveModelArn", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Configuration", + "markdownDescription": "Specifies details about how the anomaly detection model is to be trained, including time ranges to exclude when training and updating the model. The configuration can also include the time zone to use for the metric.", + "title": "Configuration" }, - "DataAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data.", - "title": "DataAccessRoleArn", - "type": "string" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + }, + "markdownDescription": "The dimensions of the metric associated with the anomaly detection band.", + "title": "Dimensions", + "type": "array" }, - "DataLakeS3Uri": { - "markdownDescription": "Amazon S3 URI of the data lake location.", - "title": "DataLakeS3Uri", - "type": "string" + "MetricCharacteristics": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricCharacteristics", + "markdownDescription": "Use this object to include parameters to provide information about your metric to CloudWatch to help it build more accurate anomaly detection models. Currently, it includes the `PeriodicSpikes` parameter.", + "title": "MetricCharacteristics" }, - "DataSecurityConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.DataSecurityConfig", - "markdownDescription": "Data security configuration.", - "title": "DataSecurityConfig" + "MetricMathAnomalyDetector": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector", + "markdownDescription": "The CloudWatch metric math expression for this anomaly detector.", + "title": "MetricMathAnomalyDetector" }, - "FlywheelName": { - "markdownDescription": "Name for the flywheel.", - "title": "FlywheelName", + "MetricName": { + "markdownDescription": "The name of the metric associated with the anomaly detection band.", + "title": "MetricName", "type": "string" }, - "ModelType": { - "markdownDescription": "Model type of the flywheel's model.", - "title": "ModelType", + "Namespace": { + "markdownDescription": "The namespace of the metric associated with the anomaly detection band.", + "title": "Namespace", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department.", - "title": "Tags", - "type": "array" + "SingleMetricAnomalyDetector": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector", + "markdownDescription": "The CloudWatch metric and statistic for this anomaly detector.", + "title": "SingleMetricAnomalyDetector" }, - "TaskConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.TaskConfig", - "markdownDescription": "Configuration about the model associated with a flywheel.", - "title": "TaskConfig" + "Stat": { + "markdownDescription": "The statistic of the metric associated with the anomaly detection band.", + "title": "Stat", + "type": "string" } }, - "required": [ - "DataAccessRoleArn", - "DataLakeS3Uri", - "FlywheelName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Comprehend::Flywheel" + "AWS::CloudWatch::AnomalyDetector" ], "type": "string" }, @@ -47930,138 +53822,237 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Comprehend::Flywheel.DataSecurityConfig": { + "AWS::CloudWatch::AnomalyDetector.Configuration": { "additionalProperties": false, "properties": { - "DataLakeKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the data in the data lake.", - "title": "DataLakeKmsKeyId", - "type": "string" + "ExcludedTimeRanges": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Range" + }, + "markdownDescription": "Specifies an array of time ranges to exclude from use when the anomaly detection model is trained and updated. Use this to make sure that events that could cause unusual values for the metric, such as deployments, aren't used when CloudWatch creates or updates the model.", + "title": "ExcludedTimeRanges", + "type": "array" }, - "ModelKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "ModelKmsKeyId", + "MetricTimeZone": { + "markdownDescription": "The time zone to use for the metric. This is useful to enable the model to automatically account for daylight savings time changes if the metric is sensitive to such time changes.\n\nTo specify a time zone, use the name of the time zone as specified in the standard tz database. For more information, see [tz database](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Tz_database) .", + "title": "MetricTimeZone", "type": "string" - }, - "VolumeKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the volume.", - "title": "VolumeKmsKeyId", + } + }, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.Dimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension.", + "title": "Name", "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.VpcConfig", - "markdownDescription": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", - "title": "VpcConfig" + "Value": { + "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", + "title": "Value", + "type": "string" } }, + "required": [ + "Name", + "Value" + ], "type": "object" }, - "AWS::Comprehend::Flywheel.DocumentClassificationConfig": { + "AWS::CloudWatch::AnomalyDetector.Metric": { "additionalProperties": false, "properties": { - "Labels": { + "Dimensions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" }, - "markdownDescription": "One or more labels to associate with the custom classifier.", - "title": "Labels", + "markdownDescription": "The dimensions for the metric.", + "title": "Dimensions", "type": "array" }, - "Mode": { - "markdownDescription": "Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` .", - "title": "Mode", + "MetricName": { + "markdownDescription": "The name of the metric. This is a required field.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", "type": "string" } }, "required": [ - "Mode" + "MetricName", + "Namespace" ], "type": "object" }, - "AWS::Comprehend::Flywheel.EntityRecognitionConfig": { + "AWS::CloudWatch::AnomalyDetector.MetricCharacteristics": { "additionalProperties": false, "properties": { - "EntityTypes": { + "PeriodicSpikes": { + "markdownDescription": "Set this parameter to true if values for this metric consistently include spikes that should not be considered to be anomalies. With this set to true, CloudWatch will expect to see spikes that occurred consistently during the model training period, and won't flag future similar spikes as anomalies.", + "title": "PeriodicSpikes", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricDataQueries": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricDataQuery": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account where the metrics are located.\n\nIf you are performing a `GetMetricData` operation in a monitoring account, use this to specify which account to retrieve this metric from.\n\nIf you are performing a `PutMetricAlarm` operation, use this to specify which account contains the metric that the alarm is watching.", + "title": "AccountId", + "type": "string" + }, + "Expression": { + "markdownDescription": "This field can contain either a Metrics Insights query, or a metric math expression to be performed on the returned data. For more information about Metrics Insights queries, see [Metrics Insights query components and syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-insights-querylanguage) in the *Amazon CloudWatch User Guide* .\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If Label is omitted, CloudWatch generates a default.\n\nYou can put dynamic expressions into a label, so that it is more descriptive. For more information, see [Using Dynamic Labels](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/graph-dynamic-labels.html) .", + "title": "Label", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricStat", + "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", + "title": "Period", + "type": "number" + }, + "ReturnData": { + "markdownDescription": "When used in `GetMetricData` , this option indicates whether to return the timestamps and raw data values of this metric. If you are performing this call just to do math expressions and do not also need the raw data returned, you can specify `false` . If you omit this, the default of `true` is used.\n\nWhen used in `PutMetricAlarm` , specify `true` for the one expression result to use as the alarm. For all other metrics and expressions in the same `PutMetricAlarm` operation, specify `ReturnData` as False.", + "title": "ReturnData", + "type": "boolean" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { "items": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityTypesListItem" + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricDataQuery" }, - "markdownDescription": "Up to 25 entity types that the model is trained to recognize.", - "title": "EntityTypes", + "markdownDescription": "An array of metric data query structures that enables you to create an anomaly detector based on the result of a metric math expression. Each item in `MetricDataQueries` gets a metric or performs a math expression. One item in `MetricDataQueries` is the expression that provides the time series that the anomaly detector uses as input. Designate the expression by setting `ReturnData` to `true` for this object in the array. For all other expressions and metrics, set `ReturnData` to `false` . The designated expression must return a single time series.", + "title": "MetricDataQueries", "type": "array" } }, "type": "object" }, - "AWS::Comprehend::Flywheel.EntityTypesListItem": { + "AWS::CloudWatch::AnomalyDetector.MetricStat": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer.\n\nEntity types must not contain the following invalid characters: \\n (line break), \\\\n (escaped line break, \\r (carriage return), \\\\r (escaped carriage return), \\t (tab), \\\\t (escaped tab), and , (comma).", - "title": "Type", + "Metric": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Metric", + "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", + "title": "Metric" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic.", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "When you are using a `Put` operation, this defines what unit you want to use when storing the metric.\n\nIn a `Get` operation, if you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", + "title": "Unit", "type": "string" } }, "required": [ - "Type" + "Metric", + "Period", + "Stat" ], "type": "object" }, - "AWS::Comprehend::Flywheel.TaskConfig": { + "AWS::CloudWatch::AnomalyDetector.Range": { "additionalProperties": false, "properties": { - "DocumentClassificationConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.DocumentClassificationConfig", - "markdownDescription": "Configuration required for a document classification model.", - "title": "DocumentClassificationConfig" - }, - "EntityRecognitionConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityRecognitionConfig", - "markdownDescription": "Configuration required for an entity recognition model.", - "title": "EntityRecognitionConfig" + "EndTime": { + "markdownDescription": "The end time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", + "title": "EndTime", + "type": "string" }, - "LanguageCode": { - "markdownDescription": "Language code for the language that the model supports.", - "title": "LanguageCode", + "StartTime": { + "markdownDescription": "The start time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", + "title": "StartTime", "type": "string" } }, "required": [ - "LanguageCode" + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::Comprehend::Flywheel.VpcConfig": { + "AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", - "title": "SecurityGroupIds", - "type": "array" + "AccountId": { + "markdownDescription": "If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here. If you omit this parameter, the current account is used.", + "title": "AccountId", + "type": "string" }, - "Subnets": { + "Dimensions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" }, - "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", - "title": "Subnets", + "markdownDescription": "The metric dimensions to create the anomaly detection model for.", + "title": "Dimensions", "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric to create the anomaly detection model for.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric to create the anomaly detection model for.", + "title": "Namespace", + "type": "string" + }, + "Stat": { + "markdownDescription": "The statistic to use for the metric and anomaly detection model.", + "title": "Stat", + "type": "string" } }, - "required": [ - "SecurityGroupIds", - "Subnets" - ], "type": "object" }, - "AWS::Config::AggregationAuthorization": { + "AWS::CloudWatch::CompositeAlarm": { "additionalProperties": false, "properties": { "Condition": { @@ -48096,34 +54087,82 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizedAccountId": { - "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", - "title": "AuthorizedAccountId", + "ActionsEnabled": { + "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. The default is TRUE.", + "title": "ActionsEnabled", + "type": "boolean" + }, + "ActionsSuppressor": { + "markdownDescription": "Actions will be suppressed if the suppressor alarm is in the `ALARM` state. `ActionsSuppressor` can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm.", + "title": "ActionsSuppressor", "type": "string" }, - "AuthorizedAwsRegion": { - "markdownDescription": "The region authorized to collect aggregated data.", - "title": "AuthorizedAwsRegion", + "ActionsSuppressorExtensionPeriod": { + "markdownDescription": "The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `ExtensionPeriod` is required only when `ActionsSuppressor` is specified.", + "title": "ActionsSuppressorExtensionPeriod", + "type": "number" + }, + "ActionsSuppressorWaitPeriod": { + "markdownDescription": "The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `WaitPeriod` is required only when `ActionsSuppressor` is specified.", + "title": "ActionsSuppressorWaitPeriod", + "type": "number" + }, + "AlarmActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmActions", + "type": "array" + }, + "AlarmDescription": { + "markdownDescription": "The description for the composite alarm.", + "title": "AlarmDescription", + "type": "string" + }, + "AlarmName": { + "markdownDescription": "The name for the composite alarm. This name must be unique within your AWS account.", + "title": "AlarmName", + "type": "string" + }, + "AlarmRule": { + "markdownDescription": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For each alarm that you reference, you designate a function that specifies whether that alarm needs to be in ALARM state, OK state, or INSUFFICIENT_DATA state. You can use operators (AND, OR and NOT) to combine multiple functions in a single expression. You can use parenthesis to logically group the functions in your expression.\n\nYou can use either alarm names or ARNs to reference the other alarms that are to be evaluated.\n\nFunctions can include the following:\n\n- ALARM(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in ALARM state.\n- OK(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in OK state.\n- INSUFFICIENT_DATA(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in INSUFFICIENT_DATA state.\n- TRUE always evaluates to TRUE.\n- FALSE always evaluates to FALSE.\n\nTRUE and FALSE are useful for testing a complex AlarmRule structure, and for testing your alarm actions.\n\nFor more information about `AlarmRule` syntax, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmRule", "type": "string" }, + "InsufficientDataActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "InsufficientDataActions", + "type": "array" + }, + "OKActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "OKActions", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of tag object.", + "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", "title": "Tags", "type": "array" } }, "required": [ - "AuthorizedAccountId", - "AuthorizedAwsRegion" + "AlarmRule" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::AggregationAuthorization" + "AWS::CloudWatch::CompositeAlarm" ], "type": "string" }, @@ -48142,7 +54181,7 @@ ], "type": "object" }, - "AWS::Config::ConfigRule": { + "AWS::CloudWatch::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -48177,58 +54216,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Compliance": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", - "title": "Compliance" - }, - "ConfigRuleName": { - "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", - "title": "ConfigRuleName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description that you provide for the AWS Config rule.", - "title": "Description", + "DashboardBody": { + "markdownDescription": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard. This parameter is required.\n\nFor more information about the syntax, see [Dashboard Body Structure and Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html) .", + "title": "DashboardBody", "type": "string" }, - "EvaluationModes": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" - }, - "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", - "title": "EvaluationModes", - "type": "array" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "object" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", + "DashboardName": { + "markdownDescription": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically.", + "title": "DashboardName", "type": "string" - }, - "Scope": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", - "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", - "title": "Scope" - }, - "Source": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Source", - "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", - "title": "Source" } }, "required": [ - "Source" + "DashboardBody" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigRule" + "AWS::CloudWatch::Dashboard" ], "type": "string" }, @@ -48247,136 +54253,7 @@ ], "type": "object" }, - "AWS::Config::ConfigRule.Compliance": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.CustomPolicyDetails": { - "additionalProperties": false, - "properties": { - "EnableDebugLogDelivery": { - "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", - "title": "EnableDebugLogDelivery", - "type": "boolean" - }, - "PolicyRuntime": { - "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", - "title": "PolicyRuntime", - "type": "string" - }, - "PolicyText": { - "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", - "title": "PolicyText", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.EvaluationModeConfiguration": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", - "title": "Mode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.Scope": { - "additionalProperties": false, - "properties": { - "ComplianceResourceId": { - "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", - "title": "ComplianceResourceId", - "type": "string" - }, - "ComplianceResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", - "title": "ComplianceResourceTypes", - "type": "array" - }, - "TagKey": { - "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", - "title": "TagKey", - "type": "string" - }, - "TagValue": { - "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", - "title": "TagValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.Source": { - "additionalProperties": false, - "properties": { - "CustomPolicyDetails": { - "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", - "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", - "title": "CustomPolicyDetails" - }, - "Owner": { - "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", - "title": "Owner", - "type": "string" - }, - "SourceDetails": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" - }, - "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", - "title": "SourceDetails", - "type": "array" - }, - "SourceIdentifier": { - "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", - "title": "SourceIdentifier", - "type": "string" - } - }, - "required": [ - "Owner" - ], - "type": "object" - }, - "AWS::Config::ConfigRule.SourceDetail": { - "additionalProperties": false, - "properties": { - "EventSource": { - "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", - "title": "EventSource", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "MessageType": { - "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", - "title": "MessageType", - "type": "string" - } - }, - "required": [ - "EventSource", - "MessageType" - ], - "type": "object" - }, - "AWS::Config::ConfigurationAggregator": { + "AWS::CloudWatch::InsightRule": { "additionalProperties": false, "properties": { "Condition": { @@ -48411,38 +54288,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.AccountAggregationSource" - }, - "markdownDescription": "Provides a list of source accounts and regions to be aggregated.", - "title": "AccountAggregationSources", - "type": "array" + "ApplyOnTransformedLogs": { + "markdownDescription": "Determines whether the rules is evaluated on transformed versions of logs. Valid values are `TRUE` and `FALSE` .", + "title": "ApplyOnTransformedLogs", + "type": "boolean" }, - "ConfigurationAggregatorName": { - "markdownDescription": "The name of the aggregator.", - "title": "ConfigurationAggregatorName", + "RuleBody": { + "markdownDescription": "The definition of the rule, as a JSON object. For details about the syntax, see [Contributor Insights Rule Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights-RuleSyntax.html) in the *Amazon CloudWatch User Guide* .", + "title": "RuleBody", "type": "string" }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.OrganizationAggregationSource", - "markdownDescription": "Provides an organization and list of regions to be aggregated.", - "title": "OrganizationAggregationSource" + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", + "type": "string" + }, + "RuleState": { + "markdownDescription": "The current state of the rule. Valid values are `ENABLED` and `DISABLED` .", + "title": "RuleState", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of tag object.", - "title": "Tags", - "type": "array" + "$ref": "#/definitions/AWS::CloudWatch::InsightRule.Tags", + "markdownDescription": "A list of key-value pairs to associate with the Contributor Insights rule. You can associate as many as 50 tags with a rule.\n\nTags can help you organize and categorize your resources. For more information, see [Tagging Your Amazon CloudWatch Resources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Tagging.html) .\n\nTo be able to associate tags with a rule, you must have the `cloudwatch:TagResource` permission in addition to the `cloudwatch:PutInsightRule` permission.", + "title": "Tags" } }, + "required": [ + "RuleBody", + "RuleName", + "RuleState" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigurationAggregator" + "AWS::CloudWatch::InsightRule" ], "type": "string" }, @@ -48456,72 +54337,21 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Config::ConfigurationAggregator.AccountAggregationSource": { + "AWS::CloudWatch::InsightRule.Tags": { "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The 12-digit account ID of the account being aggregated.", - "title": "AccountIds", - "type": "array" - }, - "AllAwsRegions": { - "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", - "title": "AllAwsRegions", - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The source regions being aggregated.", - "title": "AwsRegions", - "type": "array" - } - }, - "required": [ - "AccountIds" - ], + "properties": {}, "type": "object" }, - "AWS::Config::ConfigurationAggregator.OrganizationAggregationSource": { + "AWS::CloudWatch::MetricStream": { "additionalProperties": false, "properties": { - "AllAwsRegions": { - "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", - "title": "AllAwsRegions", - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The source regions being aggregated.", - "title": "AwsRegions", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "AWS::Config::ConfigurationRecorder": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "Condition": { + "type": "string" }, "DeletionPolicy": { "enum": [ @@ -48552,35 +54382,74 @@ "Properties": { "additionalProperties": false, "properties": { + "ExcludeFilters": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" + }, + "markdownDescription": "If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", + "title": "ExcludeFilters", + "type": "array" + }, + "FirehoseArn": { + "markdownDescription": "The ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream. This Amazon Kinesis Firehose delivery stream must already exist and must be in the same account as the metric stream.", + "title": "FirehoseArn", + "type": "string" + }, + "IncludeFilters": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" + }, + "markdownDescription": "If you specify this parameter, the stream sends only the metrics from the metric namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", + "title": "IncludeFilters", + "type": "array" + }, + "IncludeLinkedAccountsMetrics": { + "markdownDescription": "If you are creating a metric stream in a monitoring account, specify `true` to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is `false` .\n\nFor more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html)", + "title": "IncludeLinkedAccountsMetrics", + "type": "boolean" + }, "Name": { - "markdownDescription": "The name of the configuration recorder. AWS Config automatically assigns the name of \"default\" when creating the configuration recorder.\n\nYou cannot change the name of the configuration recorder after it has been created. To change the configuration recorder name, you must delete it and create a new configuration recorder with a new name.", + "markdownDescription": "If you are creating a new metric stream, this is the name for the new stream. The name must be different than the names of other metric streams in this account and Region.\n\nIf you are updating a metric stream, specify the name of that stream here.", "title": "Name", "type": "string" }, - "RecordingGroup": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingGroup", - "markdownDescription": "Specifies which resource types AWS Config records for configuration changes.\n\n> *High Number of AWS Config Evaluations*\n> \n> You may notice increased activity in your account during your initial month recording with AWS Config when compared to subsequent months. During the initial bootstrapping process, AWS Config runs evaluations on all the resources in your account that you have selected for AWS Config to record.\n> \n> If you are running ephemeral workloads, you may see increased activity from AWS Config as it records configuration changes associated with creating and deleting these temporary resources. An *ephemeral workload* is a temporary use of computing resources that are loaded and run when needed. Examples include Amazon Elastic Compute Cloud ( Amazon EC2 ) Spot Instances, Amazon EMR jobs, and AWS Auto Scaling . If you want to avoid the increased activity from running ephemeral workloads, you can run these types of workloads in a separate account with AWS Config turned off to avoid increased configuration recording and rule evaluations.", - "title": "RecordingGroup" - }, - "RecordingMode": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingMode", - "markdownDescription": "Specifies the default recording frequency for the configuration recorder. AWS Config supports *Continuous recording* and *Daily recording* .\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> *Some resource types require continuous recording*\n> \n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous. \n\nYou can also override the recording frequency for specific resource types.", - "title": "RecordingMode" + "OutputFormat": { + "markdownDescription": "The output format for the stream. Valid values are `json` , `opentelemetry1.0` and `opentelemetry0.7` For more information about metric stream output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html) .\n\nThis parameter is required.", + "title": "OutputFormat", + "type": "string" }, - "RoleARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder. For more information, see [Permissions for the IAM Role Assigned](https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) to AWS Config in the AWS Config Developer Guide.\n\n> *Pre-existing AWS Config role*\n> \n> If you have used an AWS service that uses AWS Config , such as AWS Security Hub or AWS Control Tower , and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.\n> \n> For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service ( Amazon S3 ) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config . Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config , see [*Identity and Access Management for AWS Config*](https://docs.aws.amazon.com/config/latest/developerguide/security-iam.html) in the *AWS Config Developer Guide* .", - "title": "RoleARN", + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. This IAM role must already exist and must be in the same account as the metric stream. This IAM role must include the `firehose:PutRecord` and `firehose:PutRecordBatch` permissions.", + "title": "RoleArn", "type": "string" + }, + "StatisticsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration" + }, + "markdownDescription": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members.\n\nFor each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `OutputFormat` . If the `OutputFormat` is `json` , you can stream any additional statistic that is supported by CloudWatch , listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) . If the `OutputFormat` is OpenTelemetry, you can stream percentile statistics.", + "title": "StatisticsConfigurations", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the metric stream.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "RoleARN" + "FirehoseArn", + "OutputFormat", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigurationRecorder" + "AWS::CloudWatch::MetricStream" ], "type": "string" }, @@ -48599,122 +54468,75 @@ ], "type": "object" }, - "AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes": { + "AWS::CloudWatch::MetricStream.MetricStreamFilter": { "additionalProperties": false, "properties": { - "ResourceTypes": { + "MetricNames": { "items": { "type": "string" }, - "markdownDescription": "A comma-separated list of resource types to exclude from recording by the configuration recorder.", - "title": "ResourceTypes", + "markdownDescription": "The names of the metrics to either include or exclude from the metric stream.\n\nIf you omit this parameter, all metrics in the namespace are included or excluded, depending on whether this filter is specified as an exclude filter or an include filter.\n\nEach metric name can contain only ASCII printable characters (ASCII range 32 through 126). Each metric name must contain at least one non-whitespace character.", + "title": "MetricNames", "type": "array" + }, + "Namespace": { + "markdownDescription": "The name of the metric namespace in the filter.\n\nThe namespace can contain only ASCII printable characters (ASCII range 32 through 126). It must contain at least one non-whitespace character.", + "title": "Namespace", + "type": "string" } }, "required": [ - "ResourceTypes" + "Namespace" ], "type": "object" }, - "AWS::Config::ConfigurationRecorder.RecordingGroup": { + "AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration": { "additionalProperties": false, "properties": { - "AllSupported": { - "markdownDescription": "Specifies whether AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types.\n\nIf you set this field to `true` , when AWS Config adds support for a new resource type, AWS Config starts recording resources of that type automatically.\n\nIf you set this field to `true` , you cannot enumerate specific resource types to record in the `resourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , or to exclude in the `resourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Region availability*\n> \n> Check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if a resource type is supported in the AWS Region where you set up AWS Config .", - "title": "AllSupported", - "type": "boolean" - }, - "ExclusionByResourceTypes": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes", - "markdownDescription": "An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.\n\nTo use this option, you must set the `useOnly` field of [AWS::Config::ConfigurationRecorder RecordingStrategy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configurationrecorder-recordingstrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` .", - "title": "ExclusionByResourceTypes" - }, - "IncludeGlobalResourceTypes": { - "markdownDescription": "This option is a bundle which only applies to the global IAM resource types: IAM users, groups, roles, and customer managed policies. These global IAM resource types can only be recorded by AWS Config in Regions where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n\n- Asia Pacific (Hyderabad)\n- Asia Pacific (Melbourne)\n- Canada West (Calgary)\n- Europe (Spain)\n- Europe (Zurich)\n- Israel (Tel Aviv)\n- Middle East (UAE)\n\n> *Aurora global clusters are recorded in all enabled Regions*\n> \n> The `AWS::RDS::GlobalCluster` resource type will be recorded in all supported AWS Config Regions where the configuration recorder is enabled, even if `IncludeGlobalResourceTypes` is set to `false` . The `IncludeGlobalResourceTypes` option is a bundle which only applies to IAM users, groups, roles, and customer managed policies.\n> \n> If you do not want to record `AWS::RDS::GlobalCluster` in all enabled Regions, use one of the following recording strategies:\n> \n> - *Record all current and future resource types with exclusions* ( `EXCLUSION_BY_RESOURCE_TYPES` ), or\n> - *Record specific resource types* ( `INCLUSION_BY_RESOURCE_TYPES` ).\n> \n> For more information, see [Selecting Which Resources are Recorded](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-all) in the *AWS Config developer guide* . > *IncludeGlobalResourceTypes and the exclusion recording strategy*\n> \n> The `IncludeGlobalResourceTypes` field has no impact on the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy. This means that the global IAM resource types ( IAM users, groups, roles, and customer managed policies) will not be automatically added as exclusions for `ExclusionByResourceTypes` when `IncludeGlobalResourceTypes` is set to `false` .\n> \n> The `IncludeGlobalResourceTypes` field should only be used to modify the `AllSupported` field, as the default for the `AllSupported` field is to record configuration changes for all supported resource types excluding the global IAM resource types. To include the global IAM resource types when `AllSupported` is set to `true` , make sure to set `IncludeGlobalResourceTypes` to `true` .\n> \n> To exclude the global IAM resource types for the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, you need to manually add them to the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Required and optional fields*\n> \n> Before you set this field to `true` , set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` . > *Overriding fields*\n> \n> If you set this field to `false` but list global IAM resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , AWS Config will still record configuration changes for those specified resource types *regardless* of if you set the `IncludeGlobalResourceTypes` field to false.\n> \n> If you do not want to record configuration changes to the global IAM resource types (IAM users, groups, roles, and customer managed policies), make sure to not list them in the `ResourceTypes` field in addition to setting the `IncludeGlobalResourceTypes` field to false.", - "title": "IncludeGlobalResourceTypes", - "type": "boolean" - }, - "RecordingStrategy": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingStrategy", - "markdownDescription": "An object that specifies the recording strategy for the configuration recorder.\n\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type.\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resources types and the resource exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", - "title": "RecordingStrategy" - }, - "ResourceTypes": { + "AdditionalStatistics": { "items": { "type": "string" }, - "markdownDescription": "A comma-separated list that specifies which resource types AWS Config records.\n\nFor a list of valid `ResourceTypes` values, see the *Resource Type Value* column in [Supported AWS resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n\n> *Required and optional fields*\n> \n> Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` .\n> \n> To record all configuration changes, set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` , and either omit this field or don't specify any resource types in this field. If you set the `AllSupported` field to `false` and specify values for `ResourceTypes` , when AWS Config adds support for a new type of resource, it will not record resources of that type unless you manually add that type to your recording group. > *Region availability*\n> \n> Before specifying a resource type for AWS Config to track, check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if the resource type is supported in the AWS Region where you set up AWS Config . If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config , even if the specified resource type is not supported in the AWS Region where you set up AWS Config .", - "title": "ResourceTypes", + "markdownDescription": "The additional statistics to stream for the metrics listed in `IncludeMetrics` .", + "title": "AdditionalStatistics", "type": "array" - } - }, - "type": "object" - }, - "AWS::Config::ConfigurationRecorder.RecordingMode": { - "additionalProperties": false, - "properties": { - "RecordingFrequency": { - "markdownDescription": "The default recording frequency that AWS Config uses to record configuration changes.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`\n> \n> For the *allSupported* ( `ALL_SUPPORTED_RESOURCE_TYPES` ) recording strategy, these resource types will be set to Continuous recording.", - "title": "RecordingFrequency", - "type": "string" }, - "RecordingModeOverrides": { + "IncludeMetrics": { "items": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingModeOverride" + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric" }, - "markdownDescription": "An array of `recordingModeOverride` objects for you to specify your overrides for the recording mode. The `recordingModeOverride` object in the `recordingModeOverrides` array consists of three fields: a `description` , the new `recordingFrequency` , and an array of `resourceTypes` to override.", - "title": "RecordingModeOverrides", + "markdownDescription": "An array that defines the metrics that are to have additional statistics streamed.", + "title": "IncludeMetrics", "type": "array" } }, "required": [ - "RecordingFrequency" + "AdditionalStatistics", + "IncludeMetrics" ], "type": "object" }, - "AWS::Config::ConfigurationRecorder.RecordingModeOverride": { + "AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description that you provide for the override.", - "title": "Description", - "type": "string" - }, - "RecordingFrequency": { - "markdownDescription": "The recording frequency that will be applied to all the resource types specified in the override.\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous.", - "title": "RecordingFrequency", + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", "type": "string" }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A comma-separated list that specifies which resource types AWS Config includes in the override.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`", - "title": "ResourceTypes", - "type": "array" - } - }, - "required": [ - "RecordingFrequency", - "ResourceTypes" - ], - "type": "object" - }, - "AWS::Config::ConfigurationRecorder.RecordingStrategy": { - "additionalProperties": false, - "properties": { - "UseOnly": { - "markdownDescription": "The recording strategy for the configuration recorder.\n\n- If you set this option to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type. For a list of supported resource types, see [Supported Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n- If you set this option to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types that you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set this option to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resource types and the exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", - "title": "UseOnly", + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", "type": "string" } }, "required": [ - "UseOnly" + "MetricName", + "Namespace" ], "type": "object" }, - "AWS::Config::ConformancePack": { + "AWS::CodeArtifact::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -48749,53 +54571,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ConformancePackInputParameters": { - "items": { - "$ref": "#/definitions/AWS::Config::ConformancePack.ConformancePackInputParameter" - }, - "markdownDescription": "A list of ConformancePackInputParameter objects.", - "title": "ConformancePackInputParameters", - "type": "array" - }, - "ConformancePackName": { - "markdownDescription": "Name of the conformance pack you want to create.", - "title": "ConformancePackName", - "type": "string" - }, - "DeliveryS3Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.", - "title": "DeliveryS3Bucket", - "type": "string" - }, - "DeliveryS3KeyPrefix": { - "markdownDescription": "The prefix for the Amazon S3 bucket.", - "title": "DeliveryS3KeyPrefix", + "DomainName": { + "markdownDescription": "A string that specifies the name of the requested domain.", + "title": "DomainName", "type": "string" }, - "TemplateBody": { - "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\n> You can only use a YAML template with two resource types: config rule ( `AWS::Config::ConfigRule` ) and a remediation action ( `AWS::Config::RemediationConfiguration` ).", - "title": "TemplateBody", + "EncryptionKey": { + "markdownDescription": "The key used to encrypt the domain.", + "title": "EncryptionKey", "type": "string" }, - "TemplateS3Uri": { - "markdownDescription": "Location of file containing the template body (s3://bucketname/prefix). The uri must point to the conformance pack template (max size: 300 KB) that is located in an Amazon S3 bucket.\n\n> You must have access to read Amazon S3 bucket.", - "title": "TemplateS3Uri", - "type": "string" + "PermissionsPolicyDocument": { + "markdownDescription": "The document that defines the resource policy that is set on a domain.", + "title": "PermissionsPolicyDocument", + "type": "object" }, - "TemplateSSMDocumentDetails": { - "$ref": "#/definitions/AWS::Config::ConformancePack.TemplateSSMDocumentDetails", - "markdownDescription": "An object that contains the name or Amazon Resource Name (ARN) of the AWS Systems Manager document (SSM document) and the version of the SSM document that is used to create a conformance pack.", - "title": "TemplateSSMDocumentDetails" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the domain.", + "title": "Tags", + "type": "array" } }, "required": [ - "ConformancePackName" + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConformancePack" + "AWS::CodeArtifact::Domain" ], "type": "string" }, @@ -48814,43 +54621,7 @@ ], "type": "object" }, - "AWS::Config::ConformancePack.ConformancePackInputParameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "Another part of the key-value pair.", - "title": "ParameterValue", - "type": "string" - } - }, - "required": [ - "ParameterName", - "ParameterValue" - ], - "type": "object" - }, - "AWS::Config::ConformancePack.TemplateSSMDocumentDetails": { - "additionalProperties": false, - "properties": { - "DocumentName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document.", - "title": "DocumentName", - "type": "string" - }, - "DocumentVersion": { - "markdownDescription": "The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version.\n\n> This field is optional.", - "title": "DocumentVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::DeliveryChannel": { + "AWS::CodeArtifact::PackageGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -48885,146 +54656,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigSnapshotDeliveryProperties": { - "$ref": "#/definitions/AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties", - "markdownDescription": "The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.", - "title": "ConfigSnapshotDeliveryProperties" - }, - "Name": { - "markdownDescription": "A name for the delivery channel. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nUpdates are not supported. To change the name, you must run two separate updates. In the first update, delete this resource, and then recreate it with a new name in the second update.", - "title": "Name", + "ContactInfo": { + "markdownDescription": "The contact information of the package group.", + "title": "ContactInfo", "type": "string" }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.\n\nIf you specify a bucket that belongs to another AWS account , that bucket must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon S3 Bucket](https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html) in the *AWS Config Developer Guide* .", - "title": "S3BucketName", + "Description": { + "markdownDescription": "The description of the package group.", + "title": "Description", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "The prefix for the specified Amazon S3 bucket.", - "title": "S3KeyPrefix", + "DomainName": { + "markdownDescription": "The domain that contains the package group.", + "title": "DomainName", "type": "string" }, - "S3KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service ( AWS KMS ) AWS KMS key (KMS key) used to encrypt objects delivered by AWS Config . Must belong to the same Region as the destination S3 bucket.", - "title": "S3KmsKeyArn", + "DomainOwner": { + "markdownDescription": "The 12-digit account number of the AWS account that owns the domain. It does not include dashes or spaces.", + "title": "DomainOwner", "type": "string" }, - "SnsTopicARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.\n\nIf you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon SNS Topic](https://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html) in the *AWS Config Developer Guide* .", - "title": "SnsTopicARN", - "type": "string" - } - }, - "required": [ - "S3BucketName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Config::DeliveryChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties": { - "additionalProperties": false, - "properties": { - "DeliveryFrequency": { - "markdownDescription": "The frequency with which AWS Config delivers configuration snapshots.", - "title": "DeliveryFrequency", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::OrganizationConfigRule": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "OriginConfiguration": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.OriginConfiguration", + "markdownDescription": "Details about the package origin configuration of a package group.", + "title": "OriginConfiguration" + }, + "Pattern": { + "markdownDescription": "The pattern of the package group. The pattern determines which packages are associated with the package group.", + "title": "Pattern", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExcludedAccounts": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A comma-separated list of accounts excluded from organization AWS Config rule.", - "title": "ExcludedAccounts", + "markdownDescription": "", + "title": "Tags", "type": "array" - }, - "OrganizationConfigRuleName": { - "markdownDescription": "The name that you assign to organization AWS Config rule.", - "title": "OrganizationConfigRuleName", - "type": "string" - }, - "OrganizationCustomPolicyRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata", - "markdownDescription": "An object that specifies metadata for your organization's AWS Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.", - "title": "OrganizationCustomPolicyRuleMetadata" - }, - "OrganizationCustomRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata", - "markdownDescription": "An `OrganizationCustomRuleMetadata` object.", - "title": "OrganizationCustomRuleMetadata" - }, - "OrganizationManagedRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata", - "markdownDescription": "An `OrganizationManagedRuleMetadata` object.", - "title": "OrganizationManagedRuleMetadata" } }, "required": [ - "OrganizationConfigRuleName" + "DomainName", + "Pattern" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::OrganizationConfigRule" + "AWS::CodeArtifact::PackageGroup" ], "type": "string" }, @@ -49043,194 +54722,64 @@ ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata": { + "AWS::CodeArtifact::PackageGroup.OriginConfiguration": { "additionalProperties": false, "properties": { - "DebugLogDeliveryAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of accounts that you can enable debug logging for your organization AWS Config Custom Policy rule. List is null when debug logging is enabled for all accounts.", - "title": "DebugLogDeliveryAccounts", - "type": "array" - }, - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config Custom Policy rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config Custom Policy rule.", - "title": "InputParameters", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your AWS Config Custom Policy rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "OrganizationConfigRuleTriggerTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of notification that initiates AWS Config to run an evaluation for a rule. For AWS Config Custom Policy rules, AWS Config supports change-initiated notification types:\n\n- `ConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.", - "title": "OrganizationConfigRuleTriggerTypes", - "type": "array" - }, - "PolicyText": { - "markdownDescription": "The policy definition containing the logic for your organization AWS Config Custom Policy rule.", - "title": "PolicyText", - "type": "string" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", - "type": "array" - }, - "Runtime": { - "markdownDescription": "The runtime system for your organization AWS Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", - "title": "Runtime", - "type": "string" - }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" - }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", - "type": "string" + "Restrictions": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.Restrictions", + "markdownDescription": "", + "title": "Restrictions" } }, "required": [ - "PolicyText", - "Runtime" + "Restrictions" ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata": { + "AWS::CodeArtifact::PackageGroup.RestrictionType": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "string" - }, - "LambdaFunctionArn": { - "markdownDescription": "The lambda function ARN.", - "title": "LambdaFunctionArn", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "OrganizationConfigRuleTriggerTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .", - "title": "OrganizationConfigRuleTriggerTypes", - "type": "array" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { + "Repositories": { "items": { "type": "string" }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", + "markdownDescription": "", + "title": "Repositories", "type": "array" }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" - }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", + "RestrictionMode": { + "markdownDescription": "", + "title": "RestrictionMode", "type": "string" } }, "required": [ - "LambdaFunctionArn", - "OrganizationConfigRuleTriggerTypes" + "RestrictionMode" ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata": { + "AWS::CodeArtifact::PackageGroup.Restrictions": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. This is for an AWS Config managed rule that is triggered at a periodic frequency.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", - "type": "array" - }, - "RuleIdentifier": { - "markdownDescription": "For organization config managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .", - "title": "RuleIdentifier", - "type": "string" + "ExternalUpstream": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "ExternalUpstream" }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" + "InternalUpstream": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "InternalUpstream" }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", - "type": "string" + "Publish": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "Publish" } }, - "required": [ - "RuleIdentifier" - ], "type": "object" }, - "AWS::Config::OrganizationConformancePack": { + "AWS::CodeArtifact::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -49265,56 +54814,65 @@ "Properties": { "additionalProperties": false, "properties": { - "ConformancePackInputParameters": { - "items": { - "$ref": "#/definitions/AWS::Config::OrganizationConformancePack.ConformancePackInputParameter" - }, - "markdownDescription": "A list of `ConformancePackInputParameter` objects.", - "title": "ConformancePackInputParameters", - "type": "array" + "Description": { + "markdownDescription": "A text description of the repository.", + "title": "Description", + "type": "string" }, - "DeliveryS3Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.\n\n> This field is optional.", - "title": "DeliveryS3Bucket", + "DomainName": { + "markdownDescription": "The name of the domain that contains the repository.", + "title": "DomainName", "type": "string" }, - "DeliveryS3KeyPrefix": { - "markdownDescription": "Any folder structure you want to add to an Amazon S3 bucket.\n\n> This field is optional.", - "title": "DeliveryS3KeyPrefix", + "DomainOwner": { + "markdownDescription": "The 12-digit account number of the AWS account that owns the domain that contains the repository. It does not include dashes or spaces.", + "title": "DomainOwner", "type": "string" }, - "ExcludedAccounts": { + "ExternalConnections": { "items": { "type": "string" }, - "markdownDescription": "A comma-separated list of accounts excluded from organization conformance pack.", - "title": "ExcludedAccounts", + "markdownDescription": "An array of external connections associated with the repository. For more information, see [Supported external connection repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/external-connection.html#supported-public-repositories) in the *CodeArtifact user guide* .", + "title": "ExternalConnections", "type": "array" }, - "OrganizationConformancePackName": { - "markdownDescription": "The name you assign to an organization conformance pack.", - "title": "OrganizationConformancePackName", - "type": "string" + "PermissionsPolicyDocument": { + "markdownDescription": "The document that defines the resource policy that is set on a repository.", + "title": "PermissionsPolicyDocument", + "type": "object" }, - "TemplateBody": { - "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.", - "title": "TemplateBody", + "RepositoryName": { + "markdownDescription": "The name of an upstream repository.", + "title": "RepositoryName", "type": "string" }, - "TemplateS3Uri": { - "markdownDescription": "Location of file containing the template body. The uri must point to the conformance pack template (max size: 300 KB).", - "title": "TemplateS3Uri", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the repository.", + "title": "Tags", + "type": "array" + }, + "Upstreams": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. For more information, see [Working with upstream repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html) .", + "title": "Upstreams", + "type": "array" } }, "required": [ - "OrganizationConformancePackName" + "DomainName", + "RepositoryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::OrganizationConformancePack" + "AWS::CodeArtifact::Repository" ], "type": "string" }, @@ -49333,27 +54891,7 @@ ], "type": "object" }, - "AWS::Config::OrganizationConformancePack.ConformancePackInputParameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterValue", - "type": "string" - } - }, - "required": [ - "ParameterName", - "ParameterValue" - ], - "type": "object" - }, - "AWS::Config::RemediationConfiguration": { + "AWS::CodeBuild::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -49388,67 +54926,75 @@ "Properties": { "additionalProperties": false, "properties": { - "Automatic": { - "markdownDescription": "The remediation is triggered automatically.", - "title": "Automatic", - "type": "boolean" + "BaseCapacity": { + "markdownDescription": "The initial number of machines allocated to the compute \ufb02eet, which de\ufb01nes the number of builds that can run in parallel.", + "title": "BaseCapacity", + "type": "number" }, - "ConfigRuleName": { - "markdownDescription": "The name of the AWS Config rule.", - "title": "ConfigRuleName", - "type": "string" + "ComputeConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ComputeConfiguration", + "markdownDescription": "The compute configuration of the compute fleet. This is only required if `computeType` is set to `ATTRIBUTE_BASED_COMPUTE` or `CUSTOM_INSTANCE_TYPE` .", + "title": "ComputeConfiguration" }, - "ExecutionControls": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ExecutionControls", - "markdownDescription": "An ExecutionControls object.", - "title": "ExecutionControls" + "ComputeType": { + "markdownDescription": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", + "title": "ComputeType", + "type": "string" }, - "MaximumAutomaticAttempts": { - "markdownDescription": "The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n\nFor example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.", - "title": "MaximumAutomaticAttempts", - "type": "number" + "EnvironmentType": { + "markdownDescription": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (S\u00e3o Paulo).\n- The environment type `ARM_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `MAC_ARM` is available only in regions US East (Ohio), US East (N. Virginia), US West (Oregon), Europe (Frankfurt), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (S\u00e3o Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", + "title": "EnvironmentType", + "type": "string" }, - "Parameters": { - "markdownDescription": "An object of the RemediationParameterValue. For more information, see [RemediationParameterValue](https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationParameterValue.html) .\n\n> The type is a map of strings to RemediationParameterValue.", - "title": "Parameters", - "type": "object" + "FleetProxyConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ProxyConfiguration", + "markdownDescription": "Information about the proxy configurations that apply network access control to your reserved capacity instances.", + "title": "FleetProxyConfiguration" }, - "ResourceType": { - "markdownDescription": "The type of a resource.", - "title": "ResourceType", + "FleetServiceRole": { + "markdownDescription": "The service role associated with the compute fleet. For more information, see [Allow a user to add a permission policy for a fleet service role](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html) in the *AWS CodeBuild User Guide* .", + "title": "FleetServiceRole", "type": "string" }, - "RetryAttemptSeconds": { - "markdownDescription": "Time window to determine whether or not to add a remediation exception to prevent infinite remediation attempts. If `MaximumAutomaticAttempts` remediation attempts have been made under `RetryAttemptSeconds` , a remediation exception will be added to the resource. If you do not select a number, the default is 60 seconds.\n\nFor example, if you specify `RetryAttemptSeconds` as 50 seconds and `MaximumAutomaticAttempts` as 5, AWS Config will run auto-remediations 5 times within 50 seconds before adding a remediation exception to the resource.", - "title": "RetryAttemptSeconds", - "type": "number" + "FleetVpcConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.VpcConfig", + "markdownDescription": "Information about the VPC configuration that AWS CodeBuild accesses.", + "title": "FleetVpcConfig" }, - "TargetId": { - "markdownDescription": "Target ID is the name of the SSM document.", - "title": "TargetId", + "ImageId": { + "markdownDescription": "The Amazon Machine Image (AMI) of the compute fleet.", + "title": "ImageId", "type": "string" }, - "TargetType": { - "markdownDescription": "The type of the target. Target executes remediation. For example, SSM document.", - "title": "TargetType", + "Name": { + "markdownDescription": "The name of the compute fleet.", + "title": "Name", "type": "string" }, - "TargetVersion": { - "markdownDescription": "Version of the target. For example, version of the SSM document.\n\n> If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.", - "title": "TargetVersion", + "OverflowBehavior": { + "markdownDescription": "The compute fleet overflow behavior.\n\n- For overflow behavior `QUEUE` , your overflow builds need to wait on the existing fleet instance to become available.\n- For overflow behavior `ON_DEMAND` , your overflow builds run on CodeBuild on-demand.\n\n> If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see [Example policy statement to allow CodeBuild access to AWS services required to create a VPC network interface](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface) .", + "title": "OverflowBehavior", "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ScalingConfigurationInput", + "markdownDescription": "The scaling configuration of the compute fleet.", + "title": "ScalingConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ConfigRuleName", - "TargetId", - "TargetType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::RemediationConfiguration" + "AWS::CodeBuild::Fleet" ], "type": "string" }, @@ -49462,76 +55008,152 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Config::RemediationConfiguration.ExecutionControls": { + "AWS::CodeBuild::Fleet.ComputeConfiguration": { "additionalProperties": false, "properties": { - "SsmControls": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.SsmControls", - "markdownDescription": "A SsmControls object.", - "title": "SsmControls" + "disk": { + "markdownDescription": "The amount of disk space of the instance type included in your fleet.", + "title": "disk", + "type": "number" + }, + "instanceType": { + "markdownDescription": "The EC2 instance type to be launched in your fleet.", + "title": "instanceType", + "type": "string" + }, + "machineType": { + "markdownDescription": "The machine type of the instance type included in your fleet.", + "title": "machineType", + "type": "string" + }, + "memory": { + "markdownDescription": "The amount of memory of the instance type included in your fleet.", + "title": "memory", + "type": "number" + }, + "vCpu": { + "markdownDescription": "The number of vCPUs of the instance type included in your fleet.", + "title": "vCpu", + "type": "number" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.RemediationParameterValue": { + "AWS::CodeBuild::Fleet.FleetProxyRule": { "additionalProperties": false, "properties": { - "ResourceValue": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ResourceValue", - "markdownDescription": "The value is dynamic and changes at run-time.", - "title": "ResourceValue" + "Effect": { + "markdownDescription": "The behavior of the proxy rule.", + "title": "Effect", + "type": "string" }, - "StaticValue": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.StaticValue", - "markdownDescription": "The value is static and does not change at run-time.", - "title": "StaticValue" + "Entities": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination of the proxy rule.", + "title": "Entities", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of proxy rule.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.ResourceValue": { + "AWS::CodeBuild::Fleet.ProxyConfiguration": { "additionalProperties": false, "properties": { - "Value": { + "DefaultBehavior": { + "markdownDescription": "The default behavior of outgoing traffic.", + "title": "DefaultBehavior", "type": "string" + }, + "OrderedProxyRules": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.FleetProxyRule" + }, + "markdownDescription": "An array of `FleetProxyRule` objects that represent the specified destination domains or IPs to allow or deny network access control to.", + "title": "OrderedProxyRules", + "type": "array" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.SsmControls": { + "AWS::CodeBuild::Fleet.ScalingConfigurationInput": { "additionalProperties": false, "properties": { - "ConcurrentExecutionRatePercentage": { - "markdownDescription": "The maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. You can specify a percentage, such as 10%. The default value is 10.", - "title": "ConcurrentExecutionRatePercentage", + "MaxCapacity": { + "markdownDescription": "The maximum number of instances in the \ufb02eet when auto-scaling.", + "title": "MaxCapacity", "type": "number" }, - "ErrorPercentage": { - "markdownDescription": "The percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. You can specify a percentage of errors, for example 10%. If you do not specifiy a percentage, the default is 50%. For example, if you set the ErrorPercentage to 40% for 10 non-compliant resources, then SSM stops running the automations when the fifth error is received.", - "title": "ErrorPercentage", + "ScalingType": { + "markdownDescription": "The scaling type for a compute fleet.", + "title": "ScalingType", + "type": "string" + }, + "TargetTrackingScalingConfigs": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.TargetTrackingScalingConfiguration" + }, + "markdownDescription": "A list of `TargetTrackingScalingConfiguration` objects.", + "title": "TargetTrackingScalingConfigs", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Fleet.TargetTrackingScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MetricType": { + "markdownDescription": "The metric type to determine auto-scaling.", + "title": "MetricType", + "type": "string" + }, + "TargetValue": { + "markdownDescription": "The value of `metricType` when to start scaling.", + "title": "TargetValue", "type": "number" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.StaticValue": { + "AWS::CodeBuild::Fleet.VpcConfig": { "additionalProperties": false, "properties": { - "Values": { + "SecurityGroupIds": { "items": { "type": "string" }, + "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC.", + "title": "Subnets", "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon VPC.", + "title": "VpcId", + "type": "string" } }, "type": "object" }, - "AWS::Config::StoredQuery": { + "AWS::CodeBuild::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -49566,39 +55188,156 @@ "Properties": { "additionalProperties": false, "properties": { - "QueryDescription": { - "markdownDescription": "A unique description for the query.", - "title": "QueryDescription", + "Artifacts": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts", + "markdownDescription": "`Artifacts` is a property of the [AWS::CodeBuild::Project](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html) resource that specifies output settings for artifacts generated by an AWS CodeBuild build.", + "title": "Artifacts" + }, + "AutoRetryLimit": { + "type": "number" + }, + "BadgeEnabled": { + "markdownDescription": "Indicates whether AWS CodeBuild generates a publicly accessible URL for your project's build badge. For more information, see [Build Badges Sample](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-build-badges.html) in the *AWS CodeBuild User Guide* .\n\n> Including build badges with your project is currently not supported if the source type is CodePipeline. If you specify `CODEPIPELINE` for the `Source` property, do not specify the `BadgeEnabled` property.", + "title": "BadgeEnabled", + "type": "boolean" + }, + "BuildBatchConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectBuildBatchConfig", + "markdownDescription": "A `ProjectBuildBatchConfig` object that defines the batch build options for the project.", + "title": "BuildBatchConfig" + }, + "Cache": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectCache", + "markdownDescription": "Settings that AWS CodeBuild uses to store and reuse build dependencies.", + "title": "Cache" + }, + "ConcurrentBuildLimit": { + "markdownDescription": "The maximum number of concurrent builds that are allowed for this project.\n\nNew builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.", + "title": "ConcurrentBuildLimit", + "type": "number" + }, + "Description": { + "markdownDescription": "A description that makes the build project easy to identify.", + "title": "Description", "type": "string" }, - "QueryExpression": { - "markdownDescription": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`", - "title": "QueryExpression", + "EncryptionKey": { + "markdownDescription": "The AWS Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.\n\n> You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. \n\nYou can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format `alias/` ). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).", + "title": "EncryptionKey", "type": "string" }, - "QueryName": { - "markdownDescription": "The name of the query.", - "title": "QueryName", + "Environment": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Environment", + "markdownDescription": "The build environment settings for the project, such as the environment type or the environment variables to use for the build environment.", + "title": "Environment" + }, + "FileSystemLocations": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFileSystemLocation" + }, + "markdownDescription": "An array of `ProjectFileSystemLocation` objects for a CodeBuild build project. A `ProjectFileSystemLocation` object specifies the `identifier` , `location` , `mountOptions` , `mountPoint` , and `type` of a file system created using Amazon Elastic File System.", + "title": "FileSystemLocations", + "type": "array" + }, + "LogsConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.LogsConfig", + "markdownDescription": "Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.", + "title": "LogsConfig" + }, + "Name": { + "markdownDescription": "The name of the build project. The name must be unique across all of the projects in your AWS account .", + "title": "Name", + "type": "string" + }, + "QueuedTimeoutInMinutes": { + "markdownDescription": "The number of minutes a build is allowed to be queued before it times out.", + "title": "QueuedTimeoutInMinutes", + "type": "number" + }, + "ResourceAccessRole": { + "markdownDescription": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.", + "title": "ResourceAccessRole", + "type": "string" + }, + "SecondaryArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts" + }, + "markdownDescription": "A list of `Artifacts` objects. Each artifacts object specifies output settings that the project generates during a build.", + "title": "SecondaryArtifacts", + "type": "array" + }, + "SecondarySourceVersions": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectSourceVersion" + }, + "markdownDescription": "An array of `ProjectSourceVersion` objects. If `secondarySourceVersions` is specified at the build level, then they take over these `secondarySourceVersions` (at the project level).", + "title": "SecondarySourceVersions", + "type": "array" + }, + "SecondarySources": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Source" + }, + "markdownDescription": "An array of `ProjectSource` objects.", + "title": "SecondarySources", + "type": "array" + }, + "ServiceRole": { + "markdownDescription": "The ARN of the IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.", + "title": "ServiceRole", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Source", + "markdownDescription": "The source code settings for the project, such as the source code's repository type and location.", + "title": "Source" + }, + "SourceVersion": { + "markdownDescription": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nIf `sourceVersion` is specified at the build level, then that version takes precedence over this `sourceVersion` (at the project level).\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", + "title": "SourceVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the AWS CodeBuild project.\n\nThese tags are available for use by AWS services that support AWS CodeBuild build project tags.", "title": "Tags", "type": "array" + }, + "TimeoutInMinutes": { + "markdownDescription": "How long, in minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.", + "title": "TimeoutInMinutes", + "type": "number" + }, + "Triggers": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectTriggers", + "markdownDescription": "For an existing AWS CodeBuild build project that has its source code stored in a GitHub repository, enables AWS CodeBuild to begin automatically rebuilding the source code every time a code change is pushed to the repository.", + "title": "Triggers" + }, + "Visibility": { + "markdownDescription": "Specifies the visibility of the project's builds. Possible values are:\n\n- **PUBLIC_READ** - The project builds are visible to the public.\n- **PRIVATE** - The project builds are not visible to the public.", + "title": "Visibility", + "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.VpcConfig", + "markdownDescription": "`VpcConfig` specifies settings that enable AWS CodeBuild to access resources in an Amazon VPC. For more information, see [Use AWS CodeBuild with Amazon Virtual Private Cloud](https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html) in the *AWS CodeBuild User Guide* .", + "title": "VpcConfig" } }, "required": [ - "QueryExpression", - "QueryName" + "Artifacts", + "Environment", + "ServiceRole", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::StoredQuery" + "AWS::CodeBuild::Project" ], "type": "string" }, @@ -49617,746 +55356,615 @@ ], "type": "object" }, - "AWS::Connect::ApprovedOrigin": { + "AWS::CodeBuild::Project.Artifacts": { "additionalProperties": false, "properties": { - "Condition": { + "ArtifactIdentifier": { + "markdownDescription": "An identifier for this artifact definition.", + "title": "ArtifactIdentifier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EncryptionDisabled": { + "markdownDescription": "Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon Simple Storage Service (Amazon S3). If this is set with another artifacts type, an `invalidInputException` is thrown.", + "title": "EncryptionDisabled", + "type": "boolean" + }, + "Location": { + "markdownDescription": "Information about the build output artifact location:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output bucket.\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", + "title": "Location", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "Along with `path` and `namespaceType` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.\n\nFor example:\n\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , then the output artifact is stored in `MyArtifacts/ *build-ID* /MyArtifact.zip` .\n- If `path` is empty, `namespaceType` is set to `NONE` , and `name` is set to \" `/` \", the output artifact is stored in the root of the output bucket.\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to \" `/` \", the output artifact is stored in `MyArtifacts/ *build-ID*` .\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", + "title": "Name", + "type": "string" }, - "Metadata": { - "type": "object" + "NamespaceType": { + "markdownDescription": "Along with `path` and `name` , the pattern that AWS CodeBuild uses to determine the name and location to store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `BUILD_ID` : Include the build ID in the location of the build output artifact.\n- `NONE` : Do not include the build ID. This is the default if `namespaceType` is not specified.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in `MyArtifacts//MyArtifact.zip` .", + "title": "NamespaceType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", - "type": "string" - }, - "Origin": { - "markdownDescription": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`", - "title": "Origin", - "type": "string" - } - }, - "required": [ - "InstanceId", - "Origin" - ], - "type": "object" + "OverrideArtifactName": { + "markdownDescription": "If set to true a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell command language. For example, you can append a date and time to your artifact name so that it is always unique.", + "title": "OverrideArtifactName", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::Connect::ApprovedOrigin" - ], + "Packaging": { + "markdownDescription": "The type of build output artifact to create:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `NONE` : AWS CodeBuild creates in the output bucket a folder that contains the build output. This is the default if `packaging` is not specified.\n- `ZIP` : AWS CodeBuild creates in the output bucket a ZIP file that contains the build output.", + "title": "Packaging", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Path": { + "markdownDescription": "Along with `namespaceType` and `name` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the path to the output artifact. If `path` is not specified, `path` is not used.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `NONE` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in the output bucket at `MyArtifacts/MyArtifact.zip` .", + "title": "Path", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of build output artifact. Valid values include:\n\n- `CODEPIPELINE` : The build project has build output generated through CodePipeline.\n\n> The `CODEPIPELINE` type is not supported for `secondaryArtifacts` .\n- `NO_ARTIFACTS` : The build project does not produce any build output.\n- `S3` : The build project stores build output in Amazon S3.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::ContactFlow": { + "AWS::CodeBuild::Project.BatchRestrictions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ComputeTypesAllowed": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide* for these values.", + "title": "ComputeTypesAllowed", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MaximumBuildsAllowed": { + "markdownDescription": "Specifies the maximum number of builds allowed.", + "title": "MaximumBuildsAllowed", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.BuildStatusConfig": { + "additionalProperties": false, + "properties": { + "Context": { + "markdownDescription": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `name` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `context` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", + "title": "Context", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "markdownDescription": "The content of the flow.\n\nFor more information, see [Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html) in the *Amazon Connect Administrator Guide* .", - "title": "Content", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the flow.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the flow.", - "title": "Name", - "type": "string" - }, - "State": { - "markdownDescription": "The state of the flow.", - "title": "State", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the flow. For descriptions of the available types, see [Choose a flow type](https://docs.aws.amazon.com/connect/latest/adminguide/create-contact-flow.html#contact-flow-types) in the *Amazon Connect Administrator Guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Content", - "InstanceArn", - "Name", - "Type" - ], - "type": "object" + "TargetUrl": { + "markdownDescription": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `url` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `target_url` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", + "title": "TargetUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.CloudWatchLogsConfig": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The group name of the logs in CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", + "title": "GroupName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Connect::ContactFlow" - ], + "Status": { + "markdownDescription": "The current status of the logs in CloudWatch Logs for a build project. Valid values are:\n\n- `ENABLED` : CloudWatch Logs are enabled for this build project.\n- `DISABLED` : CloudWatch Logs are not enabled for this build project.", + "title": "Status", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamName": { + "markdownDescription": "The prefix of the stream name of the CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", + "title": "StreamName", "type": "string" } }, "required": [ - "Type", - "Properties" + "Status" ], "type": "object" }, - "AWS::Connect::ContactFlowModule": { + "AWS::CodeBuild::Project.DockerServer": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ComputeType": { "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "markdownDescription": "The content of the flow module.", - "title": "Content", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the flow module.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the flow module.", - "title": "Name", - "type": "string" - }, - "State": { - "markdownDescription": "The state of the flow module.", - "title": "State", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "SecurityGroupIds": { + "items": { + "type": "string" }, - "required": [ - "Content", - "InstanceArn", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Connect::ContactFlowModule" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "type": "array" } }, "required": [ - "Type", - "Properties" + "ComputeType" ], "type": "object" }, - "AWS::Connect::EvaluationForm": { + "AWS::CodeBuild::Project.Environment": { "additionalProperties": false, "properties": { - "Condition": { + "Certificate": { + "markdownDescription": "The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see [certificate](https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.environment.certificate) in the *AWS CodeBuild User Guide* .", + "title": "Certificate", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ComputeType": { + "markdownDescription": "The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", + "title": "ComputeType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "DockerServer": { + "$ref": "#/definitions/AWS::CodeBuild::Project.DockerServer" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the evaluation form.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Items": { - "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormBaseItem" - }, - "markdownDescription": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n\n*Minimum size* : 1\n\n*Maximum size* : 100", - "title": "Items", - "type": "array" - }, - "ScoringStrategy": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.ScoringStrategy", - "markdownDescription": "A scoring strategy of the evaluation form.", - "title": "ScoringStrategy" - }, - "Status": { - "markdownDescription": "The status of the evaluation form.\n\n*Allowed values* : `DRAFT` | `ACTIVE`", - "title": "Status", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" - }, - "Title": { - "markdownDescription": "A title of the evaluation form.", - "title": "Title", - "type": "string" - } + "EnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.EnvironmentVariable" }, - "required": [ - "InstanceArn", - "Items", - "Status", - "Title" - ], - "type": "object" + "markdownDescription": "A set of environment variables to make available to builds for this build project.", + "title": "EnvironmentVariables", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Connect::EvaluationForm" - ], + "Fleet": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFleet" + }, + "Image": { + "markdownDescription": "The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:\n\n- For an image tag: `/:` . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be `aws/codebuild/standard:4.0` .\n- For an image digest: `/@` . For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use `/@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf` .\n\nFor more information, see [Docker images provided by CodeBuild](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-available.html) in the *AWS CodeBuild user guide* .", + "title": "Image", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ImagePullCredentialsType": { + "markdownDescription": "The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:\n\n- `CODEBUILD` specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild service principal.\n- `SERVICE_ROLE` specifies that AWS CodeBuild uses your build project's service role.\n\nWhen you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.", + "title": "ImagePullCredentialsType", + "type": "string" + }, + "PrivilegedMode": { + "markdownDescription": "Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is `false` .\n\nYou can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:\n\nIf the operating system's base image is Ubuntu Linux:\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout 15 sh -c \"until docker info; do echo .; sleep 1; done\"`\n\nIf the operating system's base image is Alpine Linux and the previous command does not work, add the `-t` argument to `timeout` :\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout -t 15 sh -c \"until docker info; do echo .; sleep 1; done\"`", + "title": "PrivilegedMode", + "type": "boolean" + }, + "RegistryCredential": { + "$ref": "#/definitions/AWS::CodeBuild::Project.RegistryCredential", + "markdownDescription": "`RegistryCredential` is a property of the [AWS::CodeBuild::Project Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html#cfn-codebuild-project-environment) property that specifies information about credentials that provide access to a private Docker registry. When this is set:\n\n- `imagePullCredentialsType` must be set to `SERVICE_ROLE` .\n- images cannot be curated or an Amazon ECR image.", + "title": "RegistryCredential" + }, + "Type": { + "markdownDescription": "The type of build environment to use for related builds.\n\n> If you're using compute fleets during project creation, `type` will be ignored. \n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "ComputeType", + "Image", + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormBaseItem": { + "AWS::CodeBuild::Project.EnvironmentVariable": { "additionalProperties": false, "properties": { - "Section": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", - "markdownDescription": "A subsection or inner section of an item.", - "title": "Section" + "Name": { + "markdownDescription": "The name or key of the environment variable.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of environment variable. Valid values include:\n\n- `PARAMETER_STORE` : An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the `value` of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see [env/parameter-store](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store) in the *AWS CodeBuild User Guide* .\n- `PLAINTEXT` : An environment variable in plain text format. This is the default value.\n- `SECRETS_MANAGER` : An environment variable stored in AWS Secrets Manager . For environment variables of this type, specify the name of the secret as the `value` of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define AWS Secrets Manager environment variables in the buildspec. To learn how to do so, see [env/secrets-manager](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager) in the *AWS CodeBuild User Guide* .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` .", + "title": "Value", + "type": "string" } }, "required": [ - "Section" + "Name", + "Value" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormItem": { + "AWS::CodeBuild::Project.FilterGroup": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CodeBuild::Project.GitSubmodulesConfig": { "additionalProperties": false, "properties": { - "Question": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestion", - "markdownDescription": "The information of the question.", - "title": "Question" - }, - "Section": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", - "markdownDescription": "The information of the section.", - "title": "Section" + "FetchSubmodules": { + "markdownDescription": "Set to true to fetch Git submodules for your AWS CodeBuild build project.", + "title": "FetchSubmodules", + "type": "boolean" } }, + "required": [ + "FetchSubmodules" + ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation": { + "AWS::CodeBuild::Project.LogsConfig": { "additionalProperties": false, "properties": { - "PropertyValue": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation", - "markdownDescription": "The property value of the automation.", - "title": "PropertyValue" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::CodeBuild::Project.CloudWatchLogsConfig", + "markdownDescription": "Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.", + "title": "CloudWatchLogs" + }, + "S3Logs": { + "$ref": "#/definitions/AWS::CodeBuild::Project.S3LogsConfig", + "markdownDescription": "Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.", + "title": "S3Logs" } }, - "required": [ - "PropertyValue" - ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption": { + "AWS::CodeBuild::Project.ProjectBuildBatchConfig": { "additionalProperties": false, "properties": { - "AutomaticFail": { - "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", - "title": "AutomaticFail", + "BatchReportMode": { + "markdownDescription": "Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.\n\n- **REPORT_AGGREGATED_BATCH** - (Default) Aggregate all of the build statuses into a single status report.\n- **REPORT_INDIVIDUAL_BUILDS** - Send a separate status report for each individual build.", + "title": "BatchReportMode", + "type": "string" + }, + "CombineArtifacts": { + "markdownDescription": "Specifies if the build artifacts for the batch build should be combined into a single artifact location.", + "title": "CombineArtifacts", "type": "boolean" }, - "MaxValue": { - "markdownDescription": "The maximum answer value of the range option.", - "title": "MaxValue", - "type": "number" + "Restrictions": { + "$ref": "#/definitions/AWS::CodeBuild::Project.BatchRestrictions", + "markdownDescription": "A `BatchRestrictions` object that specifies the restrictions for the batch build.", + "title": "Restrictions" }, - "MinValue": { - "markdownDescription": "The minimum answer value of the range option.", - "title": "MinValue", - "type": "number" + "ServiceRole": { + "markdownDescription": "Specifies the service role ARN for the batch build project.", + "title": "ServiceRole", + "type": "string" }, - "Score": { - "markdownDescription": "The score assigned to answer values within the range option.\n\n*Minimum* : 0\n\n*Maximum* : 10", - "title": "Score", + "TimeoutInMins": { + "markdownDescription": "Specifies the maximum amount of time, in minutes, that the batch build must be completed in.", + "title": "TimeoutInMins", "type": "number" } }, - "required": [ - "MaxValue", - "MinValue" - ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties": { + "AWS::CodeBuild::Project.ProjectCache": { "additionalProperties": false, "properties": { - "Automation": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation", - "markdownDescription": "The automation properties of the numeric question.", - "title": "Automation" - }, - "MaxValue": { - "markdownDescription": "The maximum answer value.", - "title": "MaxValue", - "type": "number" + "CacheNamespace": { + "markdownDescription": "Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see [Cache sharing between projects](https://docs.aws.amazon.com/codebuild/latest/userguide/caching-s3.html#caching-s3-sharing) in the *AWS CodeBuild User Guide* .", + "title": "CacheNamespace", + "type": "string" }, - "MinValue": { - "markdownDescription": "The minimum answer value.", - "title": "MinValue", - "type": "number" + "Location": { + "markdownDescription": "Information about the cache location:\n\n- `NO_CACHE` or `LOCAL` : This value is ignored.\n- `S3` : This is the S3 bucket name/prefix.", + "title": "Location", + "type": "string" }, - "Options": { + "Modes": { "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption" + "type": "string" }, - "markdownDescription": "The scoring options of the numeric question.", - "title": "Options", + "markdownDescription": "An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for `LOCAL` cache types.\n\nPossible values are:\n\n- **LOCAL_SOURCE_CACHE** - Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.\n- **LOCAL_DOCKER_LAYER_CACHE** - Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.\n\n> - You can use a Docker layer cache in the Linux environment only.\n> - The `privileged` flag must be set so that your project has the required Docker permissions.\n> - You should consider the security implications before you use a Docker layer cache.\n- **LOCAL_CUSTOM_CACHE** - Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:\n\n- Only directories can be specified for caching. You cannot specify individual files.\n- Symlinks are used to reference cached directories.\n- Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.", + "title": "Modes", "type": "array" + }, + "Type": { + "markdownDescription": "The type of cache used by the build project. Valid values include:\n\n- `NO_CACHE` : The build project does not use any cache.\n- `S3` : The build project reads and writes from and to S3.\n- `LOCAL` : The build project stores a cache locally on a build host that is only available to that build host.", + "title": "Type", + "type": "string" } }, "required": [ - "MaxValue", - "MinValue" + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormQuestion": { + "AWS::CodeBuild::Project.ProjectFileSystemLocation": { "additionalProperties": false, "properties": { - "Instructions": { - "markdownDescription": "The instructions of the section.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", - "title": "Instructions", + "Identifier": { + "markdownDescription": "The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the `identifier` in all capital letters to `CODEBUILD_` . For example, if you specify `my_efs` for `identifier` , a new environment variable is create named `CODEBUILD_MY_EFS` .\n\nThe `identifier` is used to mount your file system.", + "title": "Identifier", "type": "string" }, - "NotApplicableEnabled": { - "markdownDescription": "The flag to enable not applicable answers to the question.", - "title": "NotApplicableEnabled", - "type": "boolean" - }, - "QuestionType": { - "markdownDescription": "The type of the question.\n\n*Allowed values* : `NUMERIC` | `SINGLESELECT` | `TEXT`", - "title": "QuestionType", + "Location": { + "markdownDescription": "A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path` . You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is `fs-abcd1234.efs.us-west-2.amazonaws.com` , and its mount directory is `my-efs-mount-directory` , then the `location` is `fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory` .\n\nThe directory path in the format `efs-dns-name:/directory-path` is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.", + "title": "Location", "type": "string" }, - "QuestionTypeProperties": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties", - "markdownDescription": "The properties of the type of question. Text questions do not have to define question type properties.", - "title": "QuestionTypeProperties" - }, - "RefId": { - "markdownDescription": "The identifier of the question. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", + "MountOptions": { + "markdownDescription": "The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are `nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2` . For more information, see [Recommended NFS Mount Options](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-nfs-mount-settings.html) .", + "title": "MountOptions", "type": "string" }, - "Title": { - "markdownDescription": "The title of the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 350.", - "title": "Title", + "MountPoint": { + "markdownDescription": "The location in the container where you mount the file system.", + "title": "MountPoint", "type": "string" }, - "Weight": { - "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", - "title": "Weight", - "type": "number" + "Type": { + "markdownDescription": "The type of the file system. The one supported type is `EFS` .", + "title": "Type", + "type": "string" } }, "required": [ - "QuestionType", - "RefId", - "Title" + "Identifier", + "Location", + "MountPoint", + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties": { + "AWS::CodeBuild::Project.ProjectFleet": { "additionalProperties": false, "properties": { - "Numeric": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties", - "markdownDescription": "The properties of the numeric question.", - "title": "Numeric" - }, - "SingleSelect": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties", - "markdownDescription": "The properties of the numeric question.", - "title": "SingleSelect" + "FleetArn": { + "markdownDescription": "Specifies the compute fleet ARN for the build project.", + "title": "FleetArn", + "type": "string" } }, "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSection": { + "AWS::CodeBuild::Project.ProjectSourceVersion": { "additionalProperties": false, "properties": { - "Instructions": { - "markdownDescription": "The instructions of the section.", - "title": "Instructions", - "type": "string" - }, - "Items": { - "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormItem" - }, - "markdownDescription": "The items of the section.\n\n*Minimum* : 1", - "title": "Items", - "type": "array" - }, - "RefId": { - "markdownDescription": "The identifier of the section. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", + "SourceIdentifier": { + "markdownDescription": "An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", + "title": "SourceIdentifier", "type": "string" }, - "Title": { - "markdownDescription": "The title of the section.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", - "title": "Title", + "SourceVersion": { + "markdownDescription": "The source version for the corresponding source identifier. If specified, must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example, `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", + "title": "SourceVersion", "type": "string" - }, - "Weight": { - "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", - "title": "Weight", - "type": "number" } }, "required": [ - "RefId", - "Title" + "SourceIdentifier" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation": { + "AWS::CodeBuild::Project.ProjectTriggers": { "additionalProperties": false, "properties": { - "DefaultOptionRefId": { - "markdownDescription": "The identifier of the default answer option, when none of the automation options match the criteria.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "DefaultOptionRefId", + "BuildType": { + "markdownDescription": "Specifies the type of build this webhook will trigger. Allowed values are:\n\n- **BUILD** - A single build\n- **BUILD_BATCH** - A batch build", + "title": "BuildType", "type": "string" }, - "Options": { + "FilterGroups": { "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption" + "$ref": "#/definitions/AWS::CodeBuild::Project.FilterGroup" }, - "markdownDescription": "The automation options of the single select question.\n\n*Minimum* : 1\n\n*Maximum* : 20", - "title": "Options", + "markdownDescription": "A list of lists of `WebhookFilter` objects used to determine which webhook events are triggered. At least one `WebhookFilter` in the array must specify `EVENT` as its type.", + "title": "FilterGroups", "type": "array" + }, + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ScopeConfiguration", + "markdownDescription": "Contains configuration information about the scope for a webhook.", + "title": "ScopeConfiguration" + }, + "Webhook": { + "markdownDescription": "Specifies whether or not to begin automatically rebuilding the source code every time a code change is pushed to the repository.", + "title": "Webhook", + "type": "boolean" } }, - "required": [ - "Options" - ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption": { + "AWS::CodeBuild::Project.RegistryCredential": { "additionalProperties": false, "properties": { - "RuleCategory": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation", - "markdownDescription": "The automation option based on a rule category for the single select question.", - "title": "RuleCategory" + "Credential": { + "markdownDescription": "The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager .\n\n> The `credential` can use the name of the credentials only if they exist in your current AWS Region .", + "title": "Credential", + "type": "string" + }, + "CredentialProvider": { + "markdownDescription": "The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager .", + "title": "CredentialProvider", + "type": "string" } }, "required": [ - "RuleCategory" + "Credential", + "CredentialProvider" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption": { + "AWS::CodeBuild::Project.S3LogsConfig": { "additionalProperties": false, "properties": { - "AutomaticFail": { - "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", - "title": "AutomaticFail", + "EncryptionDisabled": { + "markdownDescription": "Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.", + "title": "EncryptionDisabled", "type": "boolean" }, - "RefId": { - "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", + "Location": { + "markdownDescription": "The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is `my-bucket` , and your path prefix is `build-log` , then acceptable formats are `my-bucket/build-log` or `arn:aws:s3:::my-bucket/build-log` .", + "title": "Location", "type": "string" }, - "Score": { - "markdownDescription": "The score assigned to the answer option.\n\n*Minimum* : 0\n\n*Maximum* : 10", - "title": "Score", - "type": "number" - }, - "Text": { - "markdownDescription": "The title of the answer option.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", - "title": "Text", + "Status": { + "markdownDescription": "The current status of the S3 build logs. Valid values are:\n\n- `ENABLED` : S3 build logs are enabled for this build project.\n- `DISABLED` : S3 build logs are not enabled for this build project.", + "title": "Status", "type": "string" } }, "required": [ - "RefId", - "Text" + "Status" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties": { + "AWS::CodeBuild::Project.ScopeConfiguration": { "additionalProperties": false, "properties": { - "Automation": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation", - "markdownDescription": "The display mode of the single select question.", - "title": "Automation" + "Domain": { + "markdownDescription": "The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED.", + "title": "Domain", + "type": "string" }, - "DisplayAs": { - "markdownDescription": "The display mode of the single select question.\n\n*Allowed values* : `DROPDOWN` | `RADIO`", - "title": "DisplayAs", + "Name": { + "markdownDescription": "The name of either the enterprise or organization that will send webhook events to CodeBuild , depending on if the webhook is a global or organization webhook respectively.", + "title": "Name", "type": "string" }, - "Options": { - "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption" - }, - "markdownDescription": "The answer options of the single select question.\n\n*Minimum* : 2\n\n*Maximum* : 256", - "title": "Options", - "type": "array" + "Scope": { + "markdownDescription": "The type of scope for a GitHub or GitLab webhook. The scope default is GITHUB_ORGANIZATION.", + "title": "Scope", + "type": "string" } }, "required": [ - "Options" + "Name" ], "type": "object" }, - "AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation": { + "AWS::CodeBuild::Project.Source": { "additionalProperties": false, "properties": { - "Label": { - "markdownDescription": "The property label of the automation.", - "title": "Label", + "Auth": { + "$ref": "#/definitions/AWS::CodeBuild::Project.SourceAuth", + "markdownDescription": "Information about the authorization settings for AWS CodeBuild to access the source code to be built.", + "title": "Auth" + }, + "BuildSpec": { + "markdownDescription": "The build specification for the project. If this value is not provided, then the source code must contain a buildspec file named `buildspec.yml` at the root level. If this value is provided, it can be either a single string containing the entire build specification, or the path to an alternate buildspec file relative to the value of the built-in environment variable `CODEBUILD_SRC_DIR` . The alternate buildspec file can have a name other than `buildspec.yml` , for example `myspec.yml` or `build_spec_qa.yml` or similar. For more information, see the [Build Spec Reference](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-example) in the *AWS CodeBuild User Guide* .", + "title": "BuildSpec", + "type": "string" + }, + "BuildStatusConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.BuildStatusConfig", + "markdownDescription": "Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB` , `GITHUB_ENTERPRISE` , or `BITBUCKET` .", + "title": "BuildStatusConfig" + }, + "GitCloneDepth": { + "markdownDescription": "The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.", + "title": "GitCloneDepth", + "type": "number" + }, + "GitSubmodulesConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.GitSubmodulesConfig", + "markdownDescription": "Information about the Git submodules configuration for the build project.", + "title": "GitSubmodulesConfig" + }, + "InsecureSsl": { + "markdownDescription": "This is used with GitHub Enterprise only. Set to true to ignore SSL warnings while connecting to your GitHub Enterprise project repository. The default value is `false` . `InsecureSsl` should be used for testing purposes only. It should not be used in a production environment.", + "title": "InsecureSsl", + "type": "boolean" + }, + "Location": { + "markdownDescription": "Information about the location of the source code to be built. Valid values include:\n\n- For source code settings that are specified in the source action of a pipeline in CodePipeline, `location` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.\n- For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, `https://git-codecommit..amazonaws.com/v1/repos/` ).\n- For source code in an Amazon S3 input bucket, one of the following.\n\n- The path to the ZIP file that contains the source code (for example, `//.zip` ).\n- The path to the folder that contains the source code (for example, `///` ).\n- For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n- For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the `auth` object's `type` value to `CODECONNECTIONS` in the `source` object.\n- For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n\nIf you specify `CODEPIPELINE` for the `Type` property, don't specify this property. For all of the other types, you must specify `Location` .", + "title": "Location", + "type": "string" + }, + "ReportBuildStatus": { + "markdownDescription": "Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an `invalidInputException` is thrown.", + "title": "ReportBuildStatus", + "type": "boolean" + }, + "SourceIdentifier": { + "markdownDescription": "An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", + "title": "SourceIdentifier", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of repository that contains the source code to be built. Valid values include:\n\n- `BITBUCKET` : The source code is in a Bitbucket repository.\n- `CODECOMMIT` : The source code is in an CodeCommit repository.\n- `CODEPIPELINE` : The source code settings are specified in the source action of a pipeline in CodePipeline.\n- `GITHUB` : The source code is in a GitHub repository.\n- `GITHUB_ENTERPRISE` : The source code is in a GitHub Enterprise Server repository.\n- `GITLAB` : The source code is in a GitLab repository.\n- `GITLAB_SELF_MANAGED` : The source code is in a self-managed GitLab repository.\n- `NO_SOURCE` : The project does not have input source code.\n- `S3` : The source code is in an Amazon S3 bucket.", + "title": "Type", "type": "string" } }, "required": [ - "Label" + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.ScoringStrategy": { + "AWS::CodeBuild::Project.SourceAuth": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The scoring mode of the evaluation form.\n\n*Allowed values* : `QUESTION_ONLY` | `SECTION_ONLY`", - "title": "Mode", + "Resource": { + "markdownDescription": "The resource value that applies to the specified authorization type.", + "title": "Resource", "type": "string" }, - "Status": { - "markdownDescription": "The scoring status of the evaluation form.\n\n*Allowed values* : `ENABLED` | `DISABLED`", - "title": "Status", + "Type": { + "markdownDescription": "The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.", + "title": "Type", "type": "string" } }, "required": [ - "Mode", - "Status" + "Type" ], "type": "object" }, - "AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation": { + "AWS::CodeBuild::Project.VpcConfig": { "additionalProperties": false, "properties": { - "Category": { - "markdownDescription": "The category name, as defined in Rules.\n\n*Minimum* : 1\n\n*Maximum* : 50", - "title": "Category", + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC. The maximum count is 5.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC. The maximum count is 16.", + "title": "Subnets", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon VPC.", + "title": "VpcId", "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.WebhookFilter": { + "additionalProperties": false, + "properties": { + "ExcludeMatchedPattern": { + "markdownDescription": "Used to indicate that the `pattern` determines which webhook events do not trigger a build. If true, then a webhook event that does not match the `pattern` triggers a build. If false, then a webhook event that matches the `pattern` triggers a build.", + "title": "ExcludeMatchedPattern", + "type": "boolean" }, - "Condition": { - "markdownDescription": "The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category.\n\n*Allowed values* : `PRESENT` | `NOT_PRESENT`\n\n*Maximum* : 50", - "title": "Condition", + "Pattern": { + "markdownDescription": "For a `WebHookFilter` that uses `EVENT` type, a comma-separated string that specifies one or more events. For example, the webhook filter `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` allows all push, pull request created, and pull request updated events to trigger a build.\n\nFor a `WebHookFilter` that uses any of the other filter types, a regular expression pattern. For example, a `WebHookFilter` that uses `HEAD_REF` for its `type` and the pattern `^refs/heads/` triggers a build when the head reference is a branch with a reference name `refs/heads/branch-name` .", + "title": "Pattern", "type": "string" }, - "OptionRefId": { - "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "OptionRefId", + "Type": { + "markdownDescription": "The type of webhook filter. There are 11 webhook filter types: `EVENT` , `ACTOR_ACCOUNT_ID` , `HEAD_REF` , `BASE_REF` , `FILE_PATH` , `COMMIT_MESSAGE` , `TAG_NAME` , `RELEASE_NAME` , `REPOSITORY_NAME` , `ORGANIZATION_NAME` , and `WORKFLOW_NAME` .\n\n- EVENT\n\n- A webhook event triggers a build when the provided `pattern` matches one of nine event types: `PUSH` , `PULL_REQUEST_CREATED` , `PULL_REQUEST_UPDATED` , `PULL_REQUEST_CLOSED` , `PULL_REQUEST_REOPENED` , `PULL_REQUEST_MERGED` , `RELEASED` , `PRERELEASED` , and `WORKFLOW_JOB_QUEUED` . The `EVENT` patterns are specified as a comma-separated string. For example, `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` filters all push, pull request created, and pull request updated events.\n\n> Types `PULL_REQUEST_REOPENED` and `WORKFLOW_JOB_QUEUED` work with GitHub and GitHub Enterprise only. Types `RELEASED` and `PRERELEASED` work with GitHub only.\n- ACTOR_ACCOUNT_ID\n\n- A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression `pattern` .\n- HEAD_REF\n\n- A webhook event triggers a build when the head reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` and `refs/tags/tag-name` .\n\n> Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.\n- BASE_REF\n\n- A webhook event triggers a build when the base reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` .\n\n> Works with pull request events only.\n- FILE_PATH\n\n- A webhook triggers a build when the path of a changed file matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- COMMIT_MESSAGE\n\n- A webhook triggers a build when the head commit message matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- TAG_NAME\n\n- A webhook triggers a build when the tag name of the release matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- RELEASE_NAME\n\n- A webhook triggers a build when the release name matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- REPOSITORY_NAME\n\n- A webhook triggers a build when the repository name matches the regular expression `pattern` .\n\n> Works with GitHub global or organization webhooks only.\n- ORGANIZATION_NAME\n\n- A webhook triggers a build when the organization name matches the regular expression `pattern` .\n\n> Works with GitHub global webhooks only.\n- WORKFLOW_NAME\n\n- A webhook triggers a build when the workflow name matches the regular expression `pattern` .\n\n> Works with `WORKFLOW_JOB_QUEUED` events only. > For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name.", + "title": "Type", "type": "string" } }, "required": [ - "Category", - "Condition", - "OptionRefId" + "Pattern", + "Type" ], "type": "object" }, - "AWS::Connect::HoursOfOperation": { + "AWS::CodeBuild::ReportGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -50391,26 +55999,18 @@ "Properties": { "additionalProperties": false, "properties": { - "Config": { - "items": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationConfig" - }, - "markdownDescription": "Configuration information for the hours of operation.", - "title": "Config", - "type": "array" - }, - "Description": { - "markdownDescription": "The description for the hours of operation.", - "title": "Description", - "type": "string" + "DeleteReports": { + "markdownDescription": "When deleting a report group, specifies if reports within the report group should be deleted.\n\n- **true** - Deletes any reports that belong to the report group before deleting the report group.\n- **false** - You must delete any reports in the report group. This is the default value. If you delete a report group that contains one or more reports, an exception is thrown.", + "title": "DeleteReports", + "type": "boolean" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" + "ExportConfig": { + "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.ReportExportConfig", + "markdownDescription": "Information about the destination where the raw data of this `ReportGroup` is exported.", + "title": "ExportConfig" }, "Name": { - "markdownDescription": "The name for the hours of operation.", + "markdownDescription": "The name of the `ReportGroup` .", "title": "Name", "type": "string" }, @@ -50418,27 +56018,25 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "A list of tag key and value pairs associated with this report group.\n\nThese tags are available for use by AWS services that support AWS CodeBuild report group tags.", "title": "Tags", "type": "array" }, - "TimeZone": { - "markdownDescription": "The time zone for the hours of operation.", - "title": "TimeZone", + "Type": { + "markdownDescription": "The type of the `ReportGroup` . This can be one of the following values:\n\n- **CODE_COVERAGE** - The report group contains code coverage reports.\n- **TEST** - The report group contains test reports.", + "title": "Type", "type": "string" } }, "required": [ - "Config", - "InstanceArn", - "Name", - "TimeZone" + "ExportConfig", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::HoursOfOperation" + "AWS::CodeBuild::ReportGroup" ], "type": "string" }, @@ -50457,53 +56055,65 @@ ], "type": "object" }, - "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { + "AWS::CodeBuild::ReportGroup.ReportExportConfig": { "additionalProperties": false, "properties": { - "Day": { - "markdownDescription": "The day that the hours of operation applies to.", - "title": "Day", + "ExportConfigType": { + "markdownDescription": "The export configuration type. Valid values are:\n\n- `S3` : The report results are exported to an S3 bucket.\n- `NO_EXPORT` : The report results are not exported.", + "title": "ExportConfigType", "type": "string" }, - "EndTime": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", - "markdownDescription": "The end time that your contact center closes.", - "title": "EndTime" - }, - "StartTime": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", - "markdownDescription": "The start time that your contact center opens.", - "title": "StartTime" + "S3Destination": { + "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.S3ReportExportConfig", + "markdownDescription": "A `S3ReportExportConfig` object that contains information about the S3 bucket where the run of a report is exported.", + "title": "S3Destination" } }, "required": [ - "Day", - "EndTime", - "StartTime" + "ExportConfigType" ], "type": "object" }, - "AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice": { + "AWS::CodeBuild::ReportGroup.S3ReportExportConfig": { "additionalProperties": false, "properties": { - "Hours": { - "markdownDescription": "The hours.", - "title": "Hours", - "type": "number" + "Bucket": { + "markdownDescription": "The name of the S3 bucket where the raw data of a report are exported.", + "title": "Bucket", + "type": "string" }, - "Minutes": { - "markdownDescription": "The minutes.", - "title": "Minutes", - "type": "number" + "BucketOwner": { + "markdownDescription": "The AWS account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.", + "title": "BucketOwner", + "type": "string" + }, + "EncryptionDisabled": { + "markdownDescription": "A boolean value that specifies if the results of a report are encrypted.", + "title": "EncryptionDisabled", + "type": "boolean" + }, + "EncryptionKey": { + "markdownDescription": "The encryption key for the report's encrypted raw data.", + "title": "EncryptionKey", + "type": "string" + }, + "Packaging": { + "markdownDescription": "The type of build output artifact to create. Valid values include:\n\n- `NONE` : CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.\n- `ZIP` : CodeBuild creates a ZIP file with the raw data in the output bucket.", + "title": "Packaging", + "type": "string" + }, + "Path": { + "markdownDescription": "The path to the exported report's raw data results.", + "title": "Path", + "type": "string" } }, "required": [ - "Hours", - "Minutes" + "Bucket" ], "type": "object" }, - "AWS::Connect::Instance": { + "AWS::CodeBuild::SourceCredential": { "additionalProperties": false, "properties": { "Condition": { @@ -50538,44 +56148,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "$ref": "#/definitions/AWS::Connect::Instance.Attributes", - "markdownDescription": "A toggle for an individual feature at the instance level.", - "title": "Attributes" - }, - "DirectoryId": { - "markdownDescription": "The identifier for the directory.", - "title": "DirectoryId", + "AuthType": { + "markdownDescription": "The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, CODECONNECTIONS, or SECRETS_MANAGER.", + "title": "AuthType", "type": "string" }, - "IdentityManagementType": { - "markdownDescription": "The identity management type.", - "title": "IdentityManagementType", + "ServerType": { + "markdownDescription": "The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.", + "title": "ServerType", "type": "string" }, - "InstanceAlias": { - "markdownDescription": "The alias of instance. `InstanceAlias` is only required when `IdentityManagementType` is `CONNECT_MANAGED` or `SAML` . `InstanceAlias` is not required when `IdentityManagementType` is `EXISTING_DIRECTORY` .", - "title": "InstanceAlias", + "Token": { + "markdownDescription": "For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the `authType` CODECONNECTIONS, this is the `connectionArn` . For the `authType` SECRETS_MANAGER, this is the `secretArn` .", + "title": "Token", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" + "Username": { + "markdownDescription": "The Bitbucket username when the `authType` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.", + "title": "Username", + "type": "string" } }, "required": [ - "Attributes", - "IdentityManagementType" + "AuthType", + "ServerType", + "Token" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Instance" + "AWS::CodeBuild::SourceCredential" ], "type": "string" }, @@ -50594,52 +56197,7 @@ ], "type": "object" }, - "AWS::Connect::Instance.Attributes": { - "additionalProperties": false, - "properties": { - "AutoResolveBestVoices": { - "markdownDescription": "", - "title": "AutoResolveBestVoices", - "type": "boolean" - }, - "ContactLens": { - "markdownDescription": "", - "title": "ContactLens", - "type": "boolean" - }, - "ContactflowLogs": { - "markdownDescription": "", - "title": "ContactflowLogs", - "type": "boolean" - }, - "EarlyMedia": { - "markdownDescription": "", - "title": "EarlyMedia", - "type": "boolean" - }, - "InboundCalls": { - "markdownDescription": "", - "title": "InboundCalls", - "type": "boolean" - }, - "OutboundCalls": { - "markdownDescription": "", - "title": "OutboundCalls", - "type": "boolean" - }, - "UseCustomTTSVoices": { - "markdownDescription": "", - "title": "UseCustomTTSVoices", - "type": "boolean" - } - }, - "required": [ - "InboundCalls", - "OutboundCalls" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig": { + "AWS::CodeCommit::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -50674,52 +56232,51 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "KinesisFirehoseConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig", - "markdownDescription": "The configuration of the Kinesis Firehose delivery stream.", - "title": "KinesisFirehoseConfig" + "Code": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.Code", + "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack. Information about code is only used in resource creation. Updates to a stack will not reflect changes made to code properties after initial resource creation.\n\n> You can only use this property to add code when creating a repository with a AWS CloudFormation template at creation time. This property cannot be used for updating code to an existing repository.", + "title": "Code" }, - "KinesisStreamConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisStreamConfig", - "markdownDescription": "The configuration of the Kinesis data stream.", - "title": "KinesisStreamConfig" + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service encryption key used to encrypt and decrypt the repository.\n\n> The input can be the full ARN, the key ID, or the key alias. For more information, see [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html) .", + "title": "KmsKeyId", + "type": "string" }, - "KinesisVideoStreamConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig", - "markdownDescription": "The configuration of the Kinesis video stream.", - "title": "KinesisVideoStreamConfig" + "RepositoryDescription": { + "markdownDescription": "A comment or description about the new repository.\n\n> The description field for a repository accepts all HTML characters and all valid Unicode characters. Applications that do not HTML-encode the description and display it in a webpage can expose users to potentially malicious code. Make sure that you HTML-encode the description field in any application that uses this API to display the repository description on a webpage.", + "title": "RepositoryDescription", + "type": "string" }, - "ResourceType": { - "markdownDescription": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`", - "title": "ResourceType", + "RepositoryName": { + "markdownDescription": "The name of the new repository to be created.\n\n> The repository name must be unique across the calling AWS account . Repository names are limited to 100 alphanumeric, dash, and underscore characters, and cannot include certain characters. For more information about the limits on repository names, see [Quotas](https://docs.aws.amazon.com/codecommit/latest/userguide/limits.html) in the *AWS CodeCommit User Guide* . The suffix .git is prohibited.", + "title": "RepositoryName", "type": "string" }, - "S3Config": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.S3Config", - "markdownDescription": "The S3 bucket configuration.", - "title": "S3Config" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tag key-value pairs to use when tagging this repository.", + "title": "Tags", + "type": "array" }, - "StorageType": { - "markdownDescription": "A valid storage type.", - "title": "StorageType", - "type": "string" + "Triggers": { + "items": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.RepositoryTrigger" + }, + "markdownDescription": "The JSON block of configuration information for each trigger.", + "title": "Triggers", + "type": "array" } }, "required": [ - "InstanceArn", - "ResourceType", - "StorageType" + "RepositoryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::InstanceStorageConfig" + "AWS::CodeCommit::Repository" ], "type": "string" }, @@ -50738,185 +56295,93 @@ ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.EncryptionConfig": { + "AWS::CodeCommit::Repository.Code": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The type of encryption.", - "title": "EncryptionType", + "BranchName": { + "markdownDescription": "Optional. Specifies a branch name to be used as the default branch when importing code into a repository on initial creation. If this property is not set, the name *main* will be used for the default branch for the repository. Changes to this property are ignored after initial resource creation. We recommend using this parameter to set the name to *main* to align with the default behavior of CodeCommit unless another name is needed.", + "title": "BranchName", "type": "string" }, - "KeyId": { - "markdownDescription": "The full ARN of the encryption key.\n\n> Be sure to provide the full ARN of the encryption key, not just the ID.\n> \n> Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) .", - "title": "KeyId", - "type": "string" - } - }, - "required": [ - "EncryptionType", - "KeyId" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig": { - "additionalProperties": false, - "properties": { - "FirehoseArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", - "title": "FirehoseArn", - "type": "string" - } - }, - "required": [ - "FirehoseArn" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig.KinesisStreamConfig": { - "additionalProperties": false, - "properties": { - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data stream.", - "title": "StreamArn", - "type": "string" + "S3": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.S3", + "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository. Changes to this property are ignored after initial resource creation.", + "title": "S3" } }, "required": [ - "StreamArn" + "S3" ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig": { + "AWS::CodeCommit::Repository.RepositoryTrigger": { "additionalProperties": false, "properties": { - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", - "markdownDescription": "The encryption configuration.", - "title": "EncryptionConfig" + "Branches": { + "items": { + "type": "string" + }, + "markdownDescription": "The branches to be included in the trigger configuration. If you specify an empty array, the trigger applies to all branches.\n\n> Although no content is required in the array, you must include the array itself.", + "title": "Branches", + "type": "array" }, - "Prefix": { - "markdownDescription": "The prefix of the video stream.", - "title": "Prefix", + "CustomData": { + "markdownDescription": "Any custom data associated with the trigger to be included in the information sent to the target of the trigger.", + "title": "CustomData", "type": "string" }, - "RetentionPeriodHours": { - "markdownDescription": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream.\n\nThe default value is 0, indicating that the stream does not persist data.", - "title": "RetentionPeriodHours", - "type": "number" - } - }, - "required": [ - "EncryptionConfig", - "Prefix", - "RetentionPeriodHours" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig.S3Config": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The S3 bucket name.", - "title": "BucketName", + "DestinationArn": { + "markdownDescription": "The ARN of the resource that is the target for a trigger (for example, the ARN of a topic in Amazon SNS).", + "title": "DestinationArn", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "The S3 bucket prefix.", - "title": "BucketPrefix", - "type": "string" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The repository events that cause the trigger to run actions in another service, such as sending a notification through Amazon SNS.\n\n> The valid value \"all\" cannot be used with any other values.", + "title": "Events", + "type": "array" }, - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", - "markdownDescription": "The Amazon S3 encryption configuration.", - "title": "EncryptionConfig" + "Name": { + "markdownDescription": "The name of the trigger.", + "title": "Name", + "type": "string" } }, "required": [ - "BucketName", - "BucketPrefix" + "DestinationArn", + "Events", + "Name" ], "type": "object" }, - "AWS::Connect::IntegrationAssociation": { + "AWS::CodeCommit::Repository.S3": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content that will be committed to the new repository. This can be specified using the name of the bucket in the AWS account . Changes to this property are ignored after initial resource creation.", + "title": "Bucket", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", - "type": "string" - }, - "IntegrationArn": { - "markdownDescription": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`", - "title": "IntegrationArn", - "type": "string" - }, - "IntegrationType": { - "markdownDescription": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`", - "title": "IntegrationType", - "type": "string" - } - }, - "required": [ - "InstanceId", - "IntegrationArn", - "IntegrationType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Connect::IntegrationAssociation" - ], + "Key": { + "markdownDescription": "The key to use for accessing the Amazon S3 bucket. Changes to this property are ignored after initial resource creation. For more information, see [Creating object key names](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) and [Uploading objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/upload-objects.html) in the Amazon S3 User Guide.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectVersion": { + "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket. Changes to this property are ignored after initial resource creation.", + "title": "ObjectVersion", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Connect::PhoneNumber": { + "AWS::CodeConnections::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -50951,132 +56416,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CountryCode": { - "markdownDescription": "The ISO country code.", - "title": "CountryCode", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the phone number.", - "title": "Description", + "ConnectionName": { + "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", + "title": "ConnectionName", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix of the phone number. If provided, it must contain `+` as part of the country code.\n\n*Pattern* : `^\\\\+[0-9]{1,15}`", - "title": "Prefix", + "HostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", + "title": "HostArn", "type": "string" }, - "SourcePhoneNumberArn": { - "markdownDescription": "The claimed phone number ARN that was previously imported from the external service, such as AWS End User Messaging. If it is from AWS End User Messaging, it looks like the ARN of the phone number that was imported from AWS End User Messaging.", - "title": "SourcePhoneNumberArn", + "ProviderType": { + "markdownDescription": "The name of the external provider where your third-party code repository is configured.", + "title": "ProviderType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for Amazon Connect instances or traffic distribution group that phone numbers are claimed to.", - "title": "TargetArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of phone number.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "TargetArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Connect::PhoneNumber" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Connect::PredefinedAttribute": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the predefined attribute.", - "title": "Name", - "type": "string" - }, - "Values": { - "$ref": "#/definitions/AWS::Connect::PredefinedAttribute.Values", - "markdownDescription": "The values of a predefined attribute.", - "title": "Values" } }, "required": [ - "InstanceArn", - "Name", - "Values" + "ConnectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::PredefinedAttribute" + "AWS::CodeConnections::Connection" ], "type": "string" }, @@ -51095,21 +56466,7 @@ ], "type": "object" }, - "AWS::Connect::PredefinedAttribute.Values": { - "additionalProperties": false, - "properties": { - "StringList": { - "items": { - "type": "string" - }, - "markdownDescription": "Predefined attribute values of type string list.", - "title": "StringList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Connect::Prompt": { + "AWS::CodeDeploy::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -51144,44 +56501,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the prompt.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the prompt.", - "title": "Name", + "ApplicationName": { + "markdownDescription": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> Updates to `ApplicationName` are not supported.", + "title": "ApplicationName", "type": "string" }, - "S3Uri": { - "markdownDescription": "The URI for the S3 bucket where the prompt is stored. This property is required when you create a prompt.", - "title": "S3Uri", + "ComputePlatform": { + "markdownDescription": "The compute platform that CodeDeploy deploys the application to.", + "title": "ComputePlatform", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" } }, - "required": [ - "InstanceArn", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Prompt" + "AWS::CodeDeploy::Application" ], "type": "string" }, @@ -51195,12 +56538,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::Queue": { + "AWS::CodeDeploy::DeploymentConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -51235,68 +56577,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the queue.", - "title": "Description", - "type": "string" - }, - "HoursOfOperationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the hours of operation.", - "title": "HoursOfOperationArn", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "ComputePlatform": { + "markdownDescription": "The destination platform type for the deployment ( `Lambda` , `Server` , or `ECS` ).", + "title": "ComputePlatform", "type": "string" }, - "MaxContacts": { - "markdownDescription": "The maximum number of contacts that can be in the queue before it is considered full.", - "title": "MaxContacts", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the queue.", - "title": "Name", + "DeploymentConfigName": { + "markdownDescription": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DeploymentConfigName", "type": "string" }, - "OutboundCallerConfig": { - "$ref": "#/definitions/AWS::Connect::Queue.OutboundCallerConfig", - "markdownDescription": "The outbound caller ID name, number, and outbound whisper flow.", - "title": "OutboundCallerConfig" - }, - "QuickConnectArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARN) of the of the quick connects available to agents who are working the queue.", - "title": "QuickConnectArns", - "type": "array" + "MinimumHealthyHosts": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts", + "markdownDescription": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.\n\nThe type parameter takes either of the following values:\n\n- HOST_COUNT: The value parameter represents the minimum number of healthy instances as an absolute value.\n- FLEET_PERCENT: The value parameter represents the minimum number of healthy instances as a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\n\nThe value parameter takes an integer.\n\nFor example, to set a minimum of 95% healthy instance, specify a type of FLEET_PERCENT and a value of 95.\n\nFor more information about instance health, see [CodeDeploy Instance Health](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-health.html) in the AWS CodeDeploy User Guide.", + "title": "MinimumHealthyHosts" }, - "Status": { - "markdownDescription": "The status of the queue.", - "title": "Status", - "type": "string" + "TrafficRoutingConfig": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig", + "markdownDescription": "The configuration that specifies how the deployment traffic is routed.", + "title": "TrafficRoutingConfig" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" + "ZonalConfig": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.ZonalConfig", + "markdownDescription": "Configure the `ZonalConfig` object if you want AWS CodeDeploy to deploy your application to one [Availability Zone](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones) at a time, within an AWS Region.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "ZonalConfig" } }, - "required": [ - "HoursOfOperationArn", - "InstanceArn", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Queue" + "AWS::CodeDeploy::DeploymentConfig" ], "type": "string" }, @@ -51310,208 +56621,136 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::Queue.OutboundCallerConfig": { + "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { "additionalProperties": false, "properties": { - "OutboundCallerIdName": { - "markdownDescription": "The caller ID name.", - "title": "OutboundCallerIdName", - "type": "string" - }, - "OutboundCallerIdNumberArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the outbound caller ID number.\n\n> Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API.", - "title": "OutboundCallerIdNumberArn", + "Type": { + "markdownDescription": "The minimum healthy instance type:\n\n- HOST_COUNT: The minimum number of healthy instance as an absolute value.\n- FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment.\n\nIn an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails.\n\n> In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. \n\nFor more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* .", + "title": "Type", "type": "string" }, - "OutboundFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the outbound flow.", - "title": "OutboundFlowArn", - "type": "string" + "Value": { + "markdownDescription": "The minimum healthy instance value.", + "title": "Value", + "type": "number" } }, + "required": [ + "Type", + "Value" + ], "type": "object" }, - "AWS::Connect::QuickConnect": { + "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the quick connect.", - "title": "Description", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the quick connect.", - "title": "Name", - "type": "string" - }, - "QuickConnectConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.QuickConnectConfig", - "markdownDescription": "Contains information about the quick connect.", - "title": "QuickConnectConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "InstanceArn", - "Name", - "QuickConnectConfig" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::Connect::QuickConnect" - ], + "markdownDescription": "The `type` associated with the `MinimumHealthyHostsPerZone` option.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "markdownDescription": "The `value` associated with the `MinimumHealthyHostsPerZone` option.", + "title": "Value", + "type": "number" } }, "required": [ "Type", - "Properties" + "Value" ], "type": "object" }, - "AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary": { "additionalProperties": false, "properties": { - "PhoneNumber": { - "markdownDescription": "The phone number in E.164 format.", - "title": "PhoneNumber", - "type": "string" + "CanaryInterval": { + "markdownDescription": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.", + "title": "CanaryInterval", + "type": "number" + }, + "CanaryPercentage": { + "markdownDescription": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.", + "title": "CanaryPercentage", + "type": "number" } }, "required": [ - "PhoneNumber" + "CanaryInterval", + "CanaryPercentage" ], "type": "object" }, - "AWS::Connect::QuickConnect.QueueQuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", - "type": "string" + "LinearInterval": { + "markdownDescription": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.", + "title": "LinearInterval", + "type": "number" }, - "QueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "QueueArn", - "type": "string" + "LinearPercentage": { + "markdownDescription": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.", + "title": "LinearPercentage", + "type": "number" } }, "required": [ - "ContactFlowArn", - "QueueArn" + "LinearInterval", + "LinearPercentage" ], "type": "object" }, - "AWS::Connect::QuickConnect.QuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig": { "additionalProperties": false, "properties": { - "PhoneConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig", - "markdownDescription": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER.", - "title": "PhoneConfig" + "TimeBasedCanary": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary", + "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file.", + "title": "TimeBasedCanary" }, - "QueueConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.QueueQuickConnectConfig", - "markdownDescription": "The queue configuration. This is required only if QuickConnectType is QUEUE.", - "title": "QueueConfig" + "TimeBasedLinear": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear", + "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file.", + "title": "TimeBasedLinear" }, - "QuickConnectType": { - "markdownDescription": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", - "title": "QuickConnectType", + "Type": { + "markdownDescription": "The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration.", + "title": "Type", "type": "string" - }, - "UserConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.UserQuickConnectConfig", - "markdownDescription": "The user configuration. This is required only if QuickConnectType is USER.", - "title": "UserConfig" } }, "required": [ - "QuickConnectType" + "Type" ], "type": "object" }, - "AWS::Connect::QuickConnect.UserQuickConnectConfig": { + "AWS::CodeDeploy::DeploymentConfig.ZonalConfig": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", - "type": "string" + "FirstZoneMonitorDurationInSeconds": { + "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "FirstZoneMonitorDurationInSeconds", + "type": "number" }, - "UserArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user.", - "title": "UserArn", - "type": "string" + "MinimumHealthyHostsPerZone": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone", + "markdownDescription": "The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* .\n\nIf you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "MinimumHealthyHostsPerZone" + }, + "MonitorDurationInSeconds": { + "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "MonitorDurationInSeconds", + "type": "number" } }, - "required": [ - "ContactFlowArn", - "UserArn" - ], "type": "object" }, - "AWS::Connect::RoutingProfile": { + "AWS::CodeDeploy::DeploymentGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -51546,68 +56785,134 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentAvailabilityTimer": { - "markdownDescription": "Whether agents with this routing profile will have their routing order calculated based on *time since their last inbound contact* or *longest idle time* .", - "title": "AgentAvailabilityTimer", - "type": "string" + "AlarmConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration", + "markdownDescription": "Information about the Amazon CloudWatch alarms that are associated with the deployment group.", + "title": "AlarmConfiguration" }, - "DefaultOutboundQueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the default outbound queue for the routing profile.", - "title": "DefaultOutboundQueueArn", + "ApplicationName": { + "markdownDescription": "The name of an existing CodeDeploy application to associate this deployment group with.", + "title": "ApplicationName", "type": "string" }, - "Description": { - "markdownDescription": "The description of the routing profile.", - "title": "Description", + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration", + "markdownDescription": "Information about the automatic rollback configuration that is associated with the deployment group. If you specify this property, don't specify the `Deployment` property.", + "title": "AutoRollbackConfiguration" + }, + "AutoScalingGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of associated Auto Scaling groups that CodeDeploy automatically deploys revisions to when new instances are created. Duplicates are not allowed.", + "title": "AutoScalingGroups", + "type": "array" + }, + "BlueGreenDeploymentConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration", + "markdownDescription": "Information about blue/green deployment options for a deployment group.", + "title": "BlueGreenDeploymentConfiguration" + }, + "Deployment": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Deployment", + "markdownDescription": "The application revision to deploy to this deployment group. If you specify this property, your target application revision is deployed as soon as the provisioning process is complete. If you specify this property, don't specify the `AutoRollbackConfiguration` property.", + "title": "Deployment" + }, + "DeploymentConfigName": { + "markdownDescription": "A deployment configuration name or a predefined configuration name. With predefined configurations, you can deploy application revisions to one instance at a time ( `CodeDeployDefault.OneAtATime` ), half of the instances at a time ( `CodeDeployDefault.HalfAtATime` ), or all the instances at once ( `CodeDeployDefault.AllAtOnce` ). For more information and valid values, see [Working with Deployment Configurations](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) in the *AWS CodeDeploy User Guide* .", + "title": "DeploymentConfigName", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "DeploymentGroupName": { + "markdownDescription": "A name for the deployment group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment group name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DeploymentGroupName", "type": "string" }, - "MediaConcurrencies": { + "DeploymentStyle": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentStyle", + "markdownDescription": "Attributes that determine the type of deployment to run and whether to route deployment traffic behind a load balancer.\n\nIf you specify this property with a blue/green deployment type, don't specify the `AutoScalingGroups` , `LoadBalancerInfo` , or `Deployment` properties.\n\n> For blue/green deployments, AWS CloudFormation supports deployments on Lambda compute platforms only. You can perform Amazon ECS blue/green deployments using `AWS::CodeDeploy::BlueGreen` hook. See [Perform Amazon ECS blue/green deployments through CodeDeploy using AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/blue-green.html) for more information.", + "title": "DeploymentStyle" + }, + "ECSServices": { "items": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.MediaConcurrency" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ECSService" }, - "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", - "title": "MediaConcurrencies", + "markdownDescription": "The target Amazon ECS services in the deployment group. This applies only to deployment groups that use the Amazon ECS compute platform. A target Amazon ECS service is specified as an Amazon ECS cluster and service name pair using the format `:` .", + "title": "ECSServices", "type": "array" }, - "Name": { - "markdownDescription": "The name of the routing profile.", - "title": "Name", - "type": "string" + "Ec2TagFilters": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" + }, + "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group. Duplicates are not allowed.\n\nYou can specify `EC2TagFilters` or `Ec2TagSet` , but not both.", + "title": "Ec2TagFilters", + "type": "array" }, - "QueueConfigs": { + "Ec2TagSet": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSet", + "markdownDescription": "Information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same call as `ec2TagFilter` .", + "title": "Ec2TagSet" + }, + "LoadBalancerInfo": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo", + "markdownDescription": "Information about the load balancer to use in a deployment. For more information, see [Integrating CodeDeploy with Elastic Load Balancing](https://docs.aws.amazon.com/codedeploy/latest/userguide/integrations-aws-elastic-load-balancing.html) in the *AWS CodeDeploy User Guide* .", + "title": "LoadBalancerInfo" + }, + "OnPremisesInstanceTagFilters": { "items": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueConfig" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" }, - "markdownDescription": "The inbound queues associated with the routing profile. If no queue is added, the agent can make only outbound calls.", - "title": "QueueConfigs", + "markdownDescription": "The on-premises instance tags already applied to on-premises instances that you want to include in the deployment group. CodeDeploy includes all on-premises instances identified by any of the tags you specify in this deployment group. To register on-premises instances with CodeDeploy , see [Working with On-Premises Instances for CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-on-premises.html) in the *AWS CodeDeploy User Guide* . Duplicates are not allowed.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", + "title": "OnPremisesInstanceTagFilters", "type": "array" }, + "OnPremisesTagSet": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet", + "markdownDescription": "Information about groups of tags applied to on-premises instances. The deployment group includes only on-premises instances identified by all the tag groups.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", + "title": "OnPremisesTagSet" + }, + "OutdatedInstancesStrategy": { + "markdownDescription": "Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision.\n\nIf this option is set to `UPDATE` or is unspecified, CodeDeploy initiates one or more 'auto-update outdated instances' deployments to apply the deployed application revision to the new Amazon EC2 instances.\n\nIf this option is set to `IGNORE` , CodeDeploy does not initiate a deployment to update the new Amazon EC2 instances. This may result in instances having different revisions.", + "title": "OutdatedInstancesStrategy", + "type": "string" + }, + "ServiceRoleArn": { + "markdownDescription": "A service role Amazon Resource Name (ARN) that grants CodeDeploy permission to make calls to AWS services on your behalf. For more information, see [Create a Service Role for AWS CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-service-role.html) in the *AWS CodeDeploy User Guide* .\n\n> In some cases, you might need to add a dependency on the service role's policy. For more information, see IAM role policy in [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", + "title": "ServiceRoleArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The metadata that you apply to CodeDeploy deployment groups to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" + }, + "TerminationHookEnabled": { + "markdownDescription": "Indicates whether the deployment group was configured to have CodeDeploy install a termination hook into an Auto Scaling group.\n\nFor more information about the termination hook, see [How Amazon EC2 Auto Scaling works with CodeDeploy](https://docs.aws.amazon.com//codedeploy/latest/userguide/integrations-aws-auto-scaling.html#integrations-aws-auto-scaling-behaviors) in the *AWS CodeDeploy User Guide* .", + "title": "TerminationHookEnabled", + "type": "boolean" + }, + "TriggerConfigurations": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TriggerConfig" + }, + "markdownDescription": "Information about triggers associated with the deployment group. Duplicates are not allowed", + "title": "TriggerConfigurations", + "type": "array" } }, "required": [ - "DefaultOutboundQueueArn", - "Description", - "InstanceArn", - "MediaConcurrencies", - "Name" + "ApplicationName", + "ServiceRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::RoutingProfile" + "AWS::CodeDeploy::DeploymentGroup" ], "type": "string" }, @@ -51626,496 +56931,473 @@ ], "type": "object" }, - "AWS::Connect::RoutingProfile.CrossChannelBehavior": { + "AWS::CodeDeploy::DeploymentGroup.Alarm": { "additionalProperties": false, "properties": { - "BehaviorType": { - "markdownDescription": "Specifies the other channels that can be routed to an agent handling their current channel.", - "title": "BehaviorType", + "Name": { + "markdownDescription": "The name of the alarm. Maximum length is 255 characters. Each alarm name can be used only once in a list of alarms.", + "title": "Name", "type": "string" } }, - "required": [ - "BehaviorType" - ], "type": "object" }, - "AWS::Connect::RoutingProfile.MediaConcurrency": { + "AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The channels that agents can handle in the Contact Control Panel (CCP).", - "title": "Channel", - "type": "string" + "Alarms": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Alarm" + }, + "markdownDescription": "A list of alarms configured for the deployment or deployment group. A maximum of 10 alarms can be added.", + "title": "Alarms", + "type": "array" }, - "Concurrency": { - "markdownDescription": "The number of contacts an agent can have on a channel simultaneously.\n\nValid Range for `VOICE` : Minimum value of 1. Maximum value of 1.\n\nValid Range for `CHAT` : Minimum value of 1. Maximum value of 10.\n\nValid Range for `TASK` : Minimum value of 1. Maximum value of 10.", - "title": "Concurrency", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether the alarm configuration is enabled.", + "title": "Enabled", + "type": "boolean" }, - "CrossChannelBehavior": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.CrossChannelBehavior", - "markdownDescription": "Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel.", - "title": "CrossChannelBehavior" + "IgnorePollAlarmFailure": { + "markdownDescription": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from Amazon CloudWatch . The default value is `false` .\n\n- `true` : The deployment proceeds even if alarm status information can't be retrieved from CloudWatch .\n- `false` : The deployment stops if alarm status information can't be retrieved from CloudWatch .", + "title": "IgnorePollAlarmFailure", + "type": "boolean" } }, - "required": [ - "Channel", - "Concurrency" - ], "type": "object" }, - "AWS::Connect::RoutingProfile.RoutingProfileQueueConfig": { + "AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration": { "additionalProperties": false, "properties": { - "Delay": { - "markdownDescription": "The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* .", - "title": "Delay", - "type": "number" - }, - "Priority": { - "markdownDescription": "The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) .", - "title": "Priority", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether a defined automatic rollback configuration is currently enabled.", + "title": "Enabled", + "type": "boolean" }, - "QueueReference": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueReference", - "markdownDescription": "Contains information about a queue resource.", - "title": "QueueReference" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The event type or types that trigger a rollback. Valid values are `DEPLOYMENT_FAILURE` , `DEPLOYMENT_STOP_ON_ALARM` , or `DEPLOYMENT_STOP_ON_REQUEST` .", + "title": "Events", + "type": "array" } }, - "required": [ - "Delay", - "Priority", - "QueueReference" - ], "type": "object" }, - "AWS::Connect::RoutingProfile.RoutingProfileQueueReference": { + "AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", - "title": "Channel", - "type": "string" + "DeploymentReadyOption": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption", + "markdownDescription": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment.", + "title": "DeploymentReadyOption" }, - "QueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "QueueArn", - "type": "string" + "GreenFleetProvisioningOption": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption", + "markdownDescription": "Information about how instances are provisioned for a replacement environment in a blue/green deployment.", + "title": "GreenFleetProvisioningOption" + }, + "TerminateBlueInstancesOnDeploymentSuccess": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption", + "markdownDescription": "Information about whether to terminate instances in the original fleet during a blue/green deployment.", + "title": "TerminateBlueInstancesOnDeploymentSuccess" } }, - "required": [ - "Channel", - "QueueArn" - ], "type": "object" }, - "AWS::Connect::Rule": { + "AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption": { "additionalProperties": false, "properties": { - "Condition": { + "Action": { + "markdownDescription": "The action to take on instances in the original environment after a successful blue/green deployment.\n\n- `TERMINATE` : Instances are terminated after a specified wait time.\n- `KEEP_ALIVE` : Instances are left running after they are deregistered from the load balancer and removed from the deployment group.", + "title": "Action", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TerminationWaitTimeInMinutes": { + "markdownDescription": "For an Amazon EC2 deployment, the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n\nFor an Amazon ECS deployment, the number of minutes before deleting the original (blue) task set. During an Amazon ECS deployment, CodeDeploy shifts traffic from the original (blue) task set to a replacement (green) task set.\n\nThe maximum setting is 2880 minutes (2 days).", + "title": "TerminationWaitTimeInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.Deployment": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A comment about the deployment.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Connect::Rule.Actions", - "markdownDescription": "A list of actions to be run when the rule is triggered.", - "title": "Actions" - }, - "Function": { - "markdownDescription": "The conditions of the rule.", - "title": "Function", - "type": "string" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the rule.", - "title": "Name", - "type": "string" - }, - "PublishStatus": { - "markdownDescription": "The publish status of the rule.\n\n*Allowed values* : `DRAFT` | `PUBLISHED`", - "title": "PublishStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" - }, - "TriggerEventSource": { - "$ref": "#/definitions/AWS::Connect::Rule.RuleTriggerEventSource", - "markdownDescription": "The event source to trigger the rule.", - "title": "TriggerEventSource" - } - }, - "required": [ - "Actions", - "Function", - "InstanceArn", - "Name", - "PublishStatus", - "TriggerEventSource" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Connect::Rule" - ], - "type": "string" + "IgnoreApplicationStopFailures": { + "markdownDescription": "If true, then if an `ApplicationStop` , `BeforeBlockTraffic` , or `AfterBlockTraffic` deployment lifecycle event to an instance fails, then the deployment continues to the next deployment lifecycle event. For example, if `ApplicationStop` fails, the deployment continues with DownloadBundle. If `BeforeBlockTraffic` fails, the deployment continues with `BlockTraffic` . If `AfterBlockTraffic` fails, the deployment continues with `ApplicationStop` .\n\nIf false or not specified, then if a lifecycle event fails during a deployment to an instance, that deployment fails. If deployment to that instance is part of an overall deployment and the number of healthy hosts is not less than the minimum number of healthy hosts, then a deployment to the next instance is attempted.\n\nDuring a deployment, the AWS CodeDeploy agent runs the scripts specified for `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` in the AppSpec file from the previous successful deployment. (All other scripts are run from the AppSpec file in the current deployment.) If one of these scripts contains an error and does not run successfully, the deployment can fail.\n\nIf the cause of the failure is a script from the last successful deployment that will never run successfully, create a new deployment and use `ignoreApplicationStopFailures` to specify that the `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` failures should be ignored.", + "title": "IgnoreApplicationStopFailures", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Revision": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.RevisionLocation", + "markdownDescription": "Information about the location of stored application artifacts and the service from which to retrieve them.", + "title": "Revision" } }, "required": [ - "Type", - "Properties" + "Revision" ], "type": "object" }, - "AWS::Connect::Rule.Actions": { + "AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption": { "additionalProperties": false, "properties": { - "AssignContactCategoryActions": { - "items": { - "type": "object" - }, - "markdownDescription": "Information about the contact category action. The syntax can be empty, for example, `{}` .", - "title": "AssignContactCategoryActions", - "type": "array" - }, - "CreateCaseActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.CreateCaseAction" - }, - "markdownDescription": "", - "title": "CreateCaseActions", - "type": "array" - }, - "EndAssociatedTasksActions": { - "items": { - "type": "object" - }, - "markdownDescription": "", - "title": "EndAssociatedTasksActions", - "type": "array" + "ActionOnTimeout": { + "markdownDescription": "Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n\n- CONTINUE_DEPLOYMENT: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n- STOP_DEPLOYMENT: Do not register new instances with a load balancer unless traffic rerouting is started using [ContinueDeployment](https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html) . If traffic rerouting is not started before the end of the specified wait period, the deployment status is changed to Stopped.", + "title": "ActionOnTimeout", + "type": "string" }, - "EventBridgeActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.EventBridgeAction" - }, - "markdownDescription": "Information about the EventBridge action.", - "title": "EventBridgeActions", - "type": "array" + "WaitTimeInMinutes": { + "markdownDescription": "The number of minutes to wait before the status of a blue/green deployment is changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout` .", + "title": "WaitTimeInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.DeploymentStyle": { + "additionalProperties": false, + "properties": { + "DeploymentOption": { + "markdownDescription": "Indicates whether to route deployment traffic behind a load balancer.\n\n> An Amazon EC2 Application Load Balancer or Network Load Balancer is required for an Amazon ECS deployment.", + "title": "DeploymentOption", + "type": "string" }, - "SendNotificationActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.SendNotificationAction" - }, - "markdownDescription": "Information about the send notification action.", - "title": "SendNotificationActions", - "type": "array" + "DeploymentType": { + "markdownDescription": "Indicates whether to run an in-place or blue/green deployment.", + "title": "DeploymentType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.EC2TagFilter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag filter key.", + "title": "Key", + "type": "string" }, - "TaskActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.TaskAction" - }, - "markdownDescription": "Information about the task action. This field is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", - "title": "TaskActions", - "type": "array" + "Type": { + "markdownDescription": "The tag filter type:\n\n- `KEY_ONLY` : Key only.\n- `VALUE_ONLY` : Value only.\n- `KEY_AND_VALUE` : Key and value.", + "title": "Type", + "type": "string" }, - "UpdateCaseActions": { + "Value": { + "markdownDescription": "The tag filter value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.EC2TagSet": { + "additionalProperties": false, + "properties": { + "Ec2TagSetList": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.UpdateCaseAction" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject" }, - "markdownDescription": "", - "title": "UpdateCaseActions", + "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group.\n\nDuplicates are not allowed.", + "title": "Ec2TagSetList", "type": "array" } }, "type": "object" }, - "AWS::Connect::Rule.CreateCaseAction": { + "AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject": { "additionalProperties": false, "properties": { - "Fields": { + "Ec2TagGroup": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.Field" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" }, - "markdownDescription": "", - "title": "Fields", + "markdownDescription": "A list that contains other lists of Amazon EC2 instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.", + "title": "Ec2TagGroup", "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.ECSService": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The name of the cluster that the Amazon ECS service is associated with.", + "title": "ClusterName", + "type": "string" }, - "TemplateId": { - "markdownDescription": "", - "title": "TemplateId", + "ServiceName": { + "markdownDescription": "The name of the target Amazon ECS service.", + "title": "ServiceName", "type": "string" } }, "required": [ - "Fields", - "TemplateId" + "ClusterName", + "ServiceName" ], "type": "object" }, - "AWS::Connect::Rule.EventBridgeAction": { + "AWS::CodeDeploy::DeploymentGroup.ELBInfo": { "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "The name.", + "markdownDescription": "For blue/green deployments, the name of the load balancer that is used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment is complete.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only.", "title": "Name", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::Connect::Rule.Field": { + "AWS::CodeDeploy::DeploymentGroup.GitHubLocation": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "", - "title": "Id", + "CommitId": { + "markdownDescription": "The SHA1 commit ID of the GitHub commit that represents the bundled artifacts for the application revision.", + "title": "CommitId", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::Connect::Rule.FieldValue", - "markdownDescription": "", - "title": "Value" + "Repository": { + "markdownDescription": "The GitHub account and repository pair that stores a reference to the commit that represents the bundled artifacts for the application revision.\n\nSpecify the value as `account/repository` .", + "title": "Repository", + "type": "string" } }, "required": [ - "Id", - "Value" + "CommitId", + "Repository" ], "type": "object" }, - "AWS::Connect::Rule.FieldValue": { + "AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "", - "title": "DoubleValue", - "type": "number" - }, - "EmptyValue": { - "markdownDescription": "", - "title": "EmptyValue", - "type": "object" - }, - "StringValue": { - "markdownDescription": "", - "title": "StringValue", + "Action": { + "markdownDescription": "The method used to add instances to a replacement environment.\n\n- `DISCOVER_EXISTING` : Use instances that already exist or will be created manually.\n- `COPY_AUTO_SCALING_GROUP` : Use settings from a specified Auto Scaling group to define and create instances in a new Auto Scaling group.", + "title": "Action", "type": "string" } }, "type": "object" }, - "AWS::Connect::Rule.NotificationRecipientType": { + "AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo": { "additionalProperties": false, "properties": { - "UserArns": { + "ElbInfoList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ELBInfo" }, - "markdownDescription": "The Amazon Resource Name (ARN) of the user account.", - "title": "UserArns", + "markdownDescription": "An array that contains information about the load balancers to use for load balancing in a deployment. If you're using Classic Load Balancers, specify those load balancers in this array.\n\n> You can add up to 10 load balancers to the array. > If you're using Application Load Balancers or Network Load Balancers, use the `targetGroupInfoList` array instead of this one.", + "title": "ElbInfoList", "type": "array" }, - "UserTags": { - "additionalProperties": true, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }. Amazon Connect users with the specified tags will be notified.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "TargetGroupInfoList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" }, - "title": "UserTags", - "type": "object" + "markdownDescription": "An array that contains information about the target groups to use for load balancing in a deployment. If you're using Application Load Balancers and Network Load Balancers, specify their associated target groups in this array.\n\n> You can add up to 10 target groups to the array. > If you're using Classic Load Balancers, use the `elbInfoList` array instead of this one.", + "title": "TargetGroupInfoList", + "type": "array" + }, + "TargetGroupPairInfoList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo" + }, + "markdownDescription": "The target group pair information. This is an array of `TargeGroupPairInfo` objects with a maximum size of one.", + "title": "TargetGroupPairInfoList", + "type": "array" } }, "type": "object" }, - "AWS::Connect::Rule.Reference": { + "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of the reference. `DATE` must be of type Epoch timestamp.\n\n*Allowed values* : `URL` | `ATTACHMENT` | `NUMBER` | `STRING` | `DATE` | `EMAIL`", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).", - "title": "Value", - "type": "string" + "OnPremisesTagSetList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject" + }, + "markdownDescription": "A list that contains other lists of on-premises instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.\n\nDuplicates are not allowed.", + "title": "OnPremisesTagSetList", + "type": "array" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::Connect::Rule.RuleTriggerEventSource": { + "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject": { "additionalProperties": false, "properties": { - "EventSourceName": { - "markdownDescription": "The name of the event source.", - "title": "EventSourceName", - "type": "string" + "OnPremisesTagGroup": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + }, + "markdownDescription": "Information about groups of on-premises instance tags.", + "title": "OnPremisesTagGroup", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.RevisionLocation": { + "additionalProperties": false, + "properties": { + "GitHubLocation": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GitHubLocation", + "markdownDescription": "Information about the location of application artifacts stored in GitHub.", + "title": "GitHubLocation" }, - "IntegrationAssociationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the integration association. `IntegrationAssociationArn` is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", - "title": "IntegrationAssociationArn", + "RevisionType": { + "markdownDescription": "The type of application revision:\n\n- S3: An application revision stored in Amazon S3.\n- GitHub: An application revision stored in GitHub (EC2/On-premises deployments only).\n- String: A YAML-formatted or JSON-formatted string ( AWS Lambda deployments only).\n- AppSpecContent: An `AppSpecContent` object that contains the contents of an AppSpec file for an AWS Lambda or Amazon ECS deployment. The content is formatted as JSON or YAML stored as a RawString.", + "title": "RevisionType", "type": "string" + }, + "S3Location": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.S3Location", + "markdownDescription": "Information about the location of a revision stored in Amazon S3.", + "title": "S3Location" } }, - "required": [ - "EventSourceName" - ], "type": "object" }, - "AWS::Connect::Rule.SendNotificationAction": { + "AWS::CodeDeploy::DeploymentGroup.S3Location": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "Notification content. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Content", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where the application revision is stored.", + "title": "Bucket", "type": "string" }, - "ContentType": { - "markdownDescription": "Content type format.\n\n*Allowed value* : `PLAIN_TEXT`", - "title": "ContentType", + "BundleType": { + "markdownDescription": "The file type of the application revision. Must be one of the following:\n\n- JSON\n- tar: A tar archive file.\n- tgz: A compressed tar archive file.\n- YAML\n- zip: A zip archive file.", + "title": "BundleType", "type": "string" }, - "DeliveryMethod": { - "markdownDescription": "Notification delivery method.\n\n*Allowed value* : `EMAIL`", - "title": "DeliveryMethod", + "ETag": { + "markdownDescription": "The ETag of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the ETag is not specified as an input parameter, ETag validation of the object is skipped.", + "title": "ETag", "type": "string" }, - "Recipient": { - "$ref": "#/definitions/AWS::Connect::Rule.NotificationRecipientType", - "markdownDescription": "Notification recipient.", - "title": "Recipient" + "Key": { + "markdownDescription": "The name of the Amazon S3 object that represents the bundled artifacts for the application revision.", + "title": "Key", + "type": "string" }, - "Subject": { - "markdownDescription": "The subject of the email if the delivery method is `EMAIL` . Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Subject", + "Version": { + "markdownDescription": "A specific version of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the version is not specified, the system uses the most recent version by default.", + "title": "Version", "type": "string" } }, "required": [ - "Content", - "ContentType", - "DeliveryMethod", - "Recipient" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Connect::Rule.TaskAction": { + "AWS::CodeDeploy::DeploymentGroup.TagFilter": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", + "Key": { + "markdownDescription": "The on-premises instance tag filter key.", + "title": "Key", "type": "string" }, - "Description": { - "markdownDescription": "The description. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Description", + "Type": { + "markdownDescription": "The on-premises instance tag filter type:\n\n- KEY_ONLY: Key only.\n- VALUE_ONLY: Value only.\n- KEY_AND_VALUE: Key and value.", + "title": "Type", "type": "string" }, + "Value": { + "markdownDescription": "The on-premises instance tag filter value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The name. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "markdownDescription": "For blue/green deployments, the name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. No duplicates allowed.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only. \n\nThis value cannot exceed 32 characters, so you should use the `Name` property of the target group, or the `TargetGroupName` attribute with the `Fn::GetAtt` intrinsic function, as shown in the following example. Don't use the group's Amazon Resource Name (ARN) or `TargetGroupFullName` attribute.", "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo": { + "additionalProperties": false, + "properties": { + "ProdTrafficRoute": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", + "markdownDescription": "The path used by a load balancer to route production traffic when an Amazon ECS deployment is complete.", + "title": "ProdTrafficRoute" }, - "References": { - "additionalProperties": false, - "markdownDescription": "Information about the reference when the `referenceType` is `URL` . Otherwise, null. `URL` is the only accepted type. (Supports variable injection in the `Value` field.)", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Connect::Rule.Reference" - } + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" }, - "title": "References", - "type": "object" + "markdownDescription": "One pair of target groups. One is associated with the original task set. The second is associated with the task set that serves traffic after the deployment is complete.", + "title": "TargetGroups", + "type": "array" + }, + "TestTrafficRoute": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", + "markdownDescription": "An optional path used by a load balancer to route test traffic after an Amazon ECS deployment. Validation can occur while test traffic is served during a deployment.", + "title": "TestTrafficRoute" } }, - "required": [ - "ContactFlowArn", - "Name" - ], "type": "object" }, - "AWS::Connect::Rule.UpdateCaseAction": { + "AWS::CodeDeploy::DeploymentGroup.TrafficRoute": { "additionalProperties": false, "properties": { - "Fields": { + "ListenerArns": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.Field" + "type": "string" }, - "markdownDescription": "", - "title": "Fields", + "markdownDescription": "The Amazon Resource Name (ARN) of one listener. The listener identifies the route between a target group and a load balancer. This is an array of strings with a maximum size of one.", + "title": "ListenerArns", "type": "array" } }, - "required": [ - "Fields" - ], "type": "object" }, - "AWS::Connect::SecurityKey": { + "AWS::CodeDeploy::DeploymentGroup.TriggerConfig": { + "additionalProperties": false, + "properties": { + "TriggerEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "The event type or types that trigger notifications.", + "title": "TriggerEvents", + "type": "array" + }, + "TriggerName": { + "markdownDescription": "The name of the notification trigger.", + "title": "TriggerName", + "type": "string" + }, + "TriggerTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic through which notifications about deployment or instance events are sent.", + "title": "TriggerTargetArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeGuruProfiler::ProfilingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -52150,26 +57432,46 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", + "AgentPermissions": { + "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions", + "markdownDescription": "The agent permissions attached to this profiling group. This action group grants `ConfigureAgent` and `PostAgentProfile` permissions to perform actions required by the profiling agent. The Json consists of key `Principals` .\n\n*Principals* : A list of string ARNs for the roles and users you want to grant access to the profiling group. Wildcards are not supported in the ARNs. You are allowed to provide up to 50 ARNs. An empty list is not permitted. This is a required key.\n\nFor more information, see [Resource-based policies in CodeGuru Profiler](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/resource-based-policies.html) in the *Amazon CodeGuru Profiler user guide* , [ConfigureAgent](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html) , and [PostAgentProfile](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html) .", + "title": "AgentPermissions" + }, + "AnomalyDetectionNotificationConfiguration": { + "items": { + "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.Channel" + }, + "markdownDescription": "Adds anomaly notifications for a profiling group.", + "title": "AnomalyDetectionNotificationConfiguration", + "type": "array" + }, + "ComputePlatform": { + "markdownDescription": "The compute platform of the profiling group. Use `AWSLambda` if your application runs on AWS Lambda. Use `Default` if your application runs on a compute platform that is not AWS Lambda , such an Amazon EC2 instance, an on-premises server, or a different platform. If not specified, `Default` is used. This property is immutable.", + "title": "ComputePlatform", "type": "string" }, - "Key": { - "markdownDescription": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", - "title": "Key", + "ProfilingGroupName": { + "markdownDescription": "The name of the profiling group.", + "title": "ProfilingGroupName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the created profiling group.", + "title": "Tags", + "type": "array" } }, "required": [ - "InstanceId", - "Key" + "ProfilingGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::SecurityKey" + "AWS::CodeGuruProfiler::ProfilingGroup" ], "type": "string" }, @@ -52188,7 +57490,43 @@ ], "type": "object" }, - "AWS::Connect::SecurityProfile": { + "AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions": { + "additionalProperties": false, + "properties": { + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Principals", + "type": "array" + } + }, + "required": [ + "Principals" + ], + "type": "object" + }, + "AWS::CodeGuruProfiler::ProfilingGroup.Channel": { + "additionalProperties": false, + "properties": { + "channelId": { + "markdownDescription": "The channel ID.", + "title": "channelId", + "type": "string" + }, + "channelUri": { + "markdownDescription": "The channel URI.", + "title": "channelUri", + "type": "string" + } + }, + "required": [ + "channelUri" + ], + "type": "object" + }, + "AWS::CodeGuruReviewer::RepositoryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -52223,84 +57561,49 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedAccessControlHierarchyGroupId": { - "markdownDescription": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.", - "title": "AllowedAccessControlHierarchyGroupId", + "BucketName": { + "markdownDescription": "The name of the bucket. This is required for your S3Bucket repository. The name must start with the prefix `codeguru-reviewer-*` .", + "title": "BucketName", "type": "string" }, - "AllowedAccessControlTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect.", - "title": "AllowedAccessControlTags", - "type": "array" - }, - "Applications": { - "items": { - "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" - }, - "markdownDescription": "", - "title": "Applications", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the security profile.", - "title": "Description", + "ConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. Its format is `arn:aws:codestar-connections:region-id:aws-account_id:connection/connection-id` . For more information, see [Connection](https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_Connection.html) in the *AWS CodeStar Connections API Reference* .\n\n`ConnectionArn` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", + "title": "ConnectionArn", "type": "string" }, - "HierarchyRestrictedResources": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: `User` .", - "title": "HierarchyRestrictedResources", - "type": "array" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "Name": { + "markdownDescription": "The name of the repository.", + "title": "Name", "type": "string" }, - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "Permissions assigned to the security profile. For a list of valid permissions, see [List of security profile permissions](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html) .", - "title": "Permissions", - "type": "array" - }, - "SecurityProfileName": { - "markdownDescription": "The name for the security profile.", - "title": "SecurityProfileName", + "Owner": { + "markdownDescription": "The owner of the repository. For a GitHub Enterprise Server or Bitbucket repository, this is the username for the account that owns the repository.\n\n`Owner` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", + "title": "Owner", "type": "string" }, - "TagRestrictedResources": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of resources that a security profile applies tag restrictions to in Amazon Connect.", - "title": "TagRestrictedResources", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "An array of key-value pairs used to tag an associated repository. A tag is a custom attribute label with two parts:\n\n- A *tag key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag keys are case sensitive.\n- An optional field known as a *tag value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag value is the same as using an empty string. Like tag keys, tag values are case sensitive.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of repository that contains the source code to be reviewed. The valid values are:\n\n- `CodeCommit`\n- `Bitbucket`\n- `GitHubEnterpriseServer`\n- `S3Bucket`", + "title": "Type", + "type": "string" } }, "required": [ - "InstanceArn", - "SecurityProfileName" + "Name", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::SecurityProfile" + "AWS::CodeGuruReviewer::RepositoryAssociation" ], "type": "string" }, @@ -52319,30 +57622,7 @@ ], "type": "object" }, - "AWS::Connect::SecurityProfile.Application": { - "additionalProperties": false, - "properties": { - "ApplicationPermissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions that the agent is granted on the application. Only the `ACCESS` permission is supported.", - "title": "ApplicationPermissions", - "type": "array" - }, - "Namespace": { - "markdownDescription": "Namespace of the application that you want to give access to.", - "title": "Namespace", - "type": "string" - } - }, - "required": [ - "ApplicationPermissions", - "Namespace" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate": { + "AWS::CodePipeline::CustomActionType": { "additionalProperties": false, "properties": { "Condition": { @@ -52377,74 +57657,65 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", - "title": "ClientToken", - "type": "string" - }, - "Constraints": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.Constraints", - "markdownDescription": "Constraints that are applicable to the fields listed.\n\nThe values can be represented in either JSON or YAML format. For an example of the JSON configuration, see *Examples* at the bottom of this page.", - "title": "Constraints" - }, - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow that runs by default when a task is created by referencing this template. `ContactFlowArn` is not required when there is a field with `fieldType` = `QUICK_CONNECT` .", - "title": "ContactFlowArn", + "Category": { + "markdownDescription": "The category of the custom action, such as a build action or a test action.", + "title": "Category", "type": "string" }, - "Defaults": { + "ConfigurationProperties": { "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.DefaultFieldValue" + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ConfigurationProperties" }, - "markdownDescription": "The default values for fields when a task is created by referencing this template.", - "title": "Defaults", + "markdownDescription": "The configuration properties for the custom action.\n\n> You can refer to a name in the configuration properties of the custom action within the URL templates by following the format of {Config:name}, as long as the configuration property is both required and not secret. For more information, see [Create a Custom Action for a Pipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-create-custom-action.html) .", + "title": "ConfigurationProperties", "type": "array" }, - "Description": { - "markdownDescription": "The description of the task template.", - "title": "Description", - "type": "string" - }, - "Fields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.Field" - }, - "markdownDescription": "Fields that are part of the template. A template requires at least one field that has type `Name` .", - "title": "Fields", - "type": "array" + "InputArtifactDetails": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", + "markdownDescription": "The details of the input artifact for the action, such as its commit ID.", + "title": "InputArtifactDetails" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" + "OutputArtifactDetails": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", + "markdownDescription": "The details of the output artifact of the action, such as its commit ID.", + "title": "OutputArtifactDetails" }, - "Name": { - "markdownDescription": "The name of the task template.", - "title": "Name", + "Provider": { + "markdownDescription": "The provider of the service used in the custom action, such as CodeDeploy.", + "title": "Provider", "type": "string" }, - "Status": { - "markdownDescription": "The status of the task template.", - "title": "Status", - "type": "string" + "Settings": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.Settings", + "markdownDescription": "URLs that provide users information about this custom action.", + "title": "Settings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags for the custom action.", "title": "Tags", "type": "array" + }, + "Version": { + "markdownDescription": "The version identifier of the custom action.", + "title": "Version", + "type": "string" } }, "required": [ - "InstanceArn" + "Category", + "InputArtifactDetails", + "OutputArtifactDetails", + "Provider", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::TaskTemplate" + "AWS::CodePipeline::CustomActionType" ], "type": "string" }, @@ -52463,146 +57734,100 @@ ], "type": "object" }, - "AWS::Connect::TaskTemplate.Constraints": { - "additionalProperties": false, - "properties": { - "InvisibleFields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.InvisibleFieldInfo" - }, - "markdownDescription": "Lists the fields that are invisible to agents.", - "title": "InvisibleFields", - "type": "array" - }, - "ReadOnlyFields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.ReadOnlyFieldInfo" - }, - "markdownDescription": "Lists the fields that are read-only to agents, and cannot be edited.", - "title": "ReadOnlyFields", - "type": "array" - }, - "RequiredFields": { - "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.RequiredFieldInfo" - }, - "markdownDescription": "Lists the fields that are required to be filled by agents.", - "title": "RequiredFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Connect::TaskTemplate.DefaultFieldValue": { + "AWS::CodePipeline::CustomActionType.ArtifactDetails": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "Default value for the field.", - "title": "DefaultValue", - "type": "string" + "MaximumCount": { + "markdownDescription": "The maximum number of artifacts allowed for the action type.", + "title": "MaximumCount", + "type": "number" }, - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of a field.", - "title": "Id" + "MinimumCount": { + "markdownDescription": "The minimum number of artifacts allowed for the action type.", + "title": "MinimumCount", + "type": "number" } }, "required": [ - "DefaultValue", - "Id" + "MaximumCount", + "MinimumCount" ], "type": "object" }, - "AWS::Connect::TaskTemplate.Field": { + "AWS::CodePipeline::CustomActionType.ConfigurationProperties": { "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the field.", + "markdownDescription": "The description of the action configuration property that is displayed to users.", "title": "Description", "type": "string" }, - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "The unique identifier for the field.", - "title": "Id" + "Key": { + "markdownDescription": "Whether the configuration property is a key.", + "title": "Key", + "type": "boolean" }, - "SingleSelectOptions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of options for a single select field.", - "title": "SingleSelectOptions", - "type": "array" + "Name": { + "markdownDescription": "The name of the action configuration property.", + "title": "Name", + "type": "string" + }, + "Queryable": { + "markdownDescription": "Indicates that the property is used with `PollForJobs` . When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.\n\nIf you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens.", + "title": "Queryable", + "type": "boolean" + }, + "Required": { + "markdownDescription": "Whether the configuration property is a required value.", + "title": "Required", + "type": "boolean" + }, + "Secret": { + "markdownDescription": "Whether the configuration property is secret. Secrets are hidden from all calls except for `GetJobDetails` , `GetThirdPartyJobDetails` , `PollForJobs` , and `PollForThirdPartyJobs` .\n\nWhen updating a pipeline, passing * * * * * without changing any other values of the action preserves the previous value of the secret.", + "title": "Secret", + "type": "boolean" }, "Type": { - "markdownDescription": "Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL`", + "markdownDescription": "The type of the configuration property.", "title": "Type", "type": "string" } }, "required": [ - "Id", - "Type" + "Key", + "Name", + "Required", + "Secret" ], "type": "object" }, - "AWS::Connect::TaskTemplate.FieldIdentifier": { + "AWS::CodePipeline::CustomActionType.Settings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the task template field.", - "title": "Name", + "EntityUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for a CodeDeploy deployment group. This link is provided as part of the action display in the pipeline.", + "title": "EntityUrlTemplate", + "type": "string" + }, + "ExecutionUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for CodeDeploy. This link is shown on the pipeline view page in the CodePipeline console and provides a link to the execution entity of the external action.", + "title": "ExecutionUrlTemplate", + "type": "string" + }, + "RevisionUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action.", + "title": "RevisionUrlTemplate", + "type": "string" + }, + "ThirdPartyConfigurationUrl": { + "markdownDescription": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service.", + "title": "ThirdPartyConfigurationUrl", "type": "string" } }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate.InvisibleFieldInfo": { - "additionalProperties": false, - "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of the invisible field.", - "title": "Id" - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate.ReadOnlyFieldInfo": { - "additionalProperties": false, - "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of the read-only field.", - "title": "Id" - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "AWS::Connect::TaskTemplate.RequiredFieldInfo": { - "additionalProperties": false, - "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "The unique identifier for the field.", - "title": "Id" - } - }, - "required": [ - "Id" - ], "type": "object" }, - "AWS::Connect::TrafficDistributionGroup": { + "AWS::CodePipeline::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -52637,39 +57862,94 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the traffic distribution group.", - "title": "Description", - "type": "string" + "ArtifactStore": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", + "markdownDescription": "The S3 bucket where artifacts for the pipeline are stored.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStore" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN).", - "title": "InstanceArn", + "ArtifactStores": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStoreMap" + }, + "markdownDescription": "A mapping of `artifactStore` objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStores", + "type": "array" + }, + "DisableInboundStageTransitions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageTransition" + }, + "markdownDescription": "Represents the input of a `DisableStageTransition` action.", + "title": "DisableInboundStageTransitions", + "type": "array" + }, + "ExecutionMode": { + "markdownDescription": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED.", + "title": "ExecutionMode", "type": "string" }, "Name": { - "markdownDescription": "The name of the traffic distribution group.", + "markdownDescription": "The name of the pipeline.", "title": "Name", "type": "string" }, + "PipelineType": { + "markdownDescription": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications.\n\n- V1 type pipelines have a JSON structure that contains standard pipeline, stage, and action-level parameters.\n- V2 type pipelines have the same structure as a V1 type, along with additional parameters for release safety and trigger configuration.\n\n> Including V2 parameters, such as triggers on Git tags, in the pipeline JSON when creating or updating a pipeline will result in the pipeline having the V2 type of pipeline and the associated costs. \n\nFor information about pricing for CodePipeline, see [Pricing](https://docs.aws.amazon.com/codepipeline/pricing/) .\n\nFor information about which type of pipeline to choose, see [What type of pipeline is right for me?](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html) .", + "title": "PipelineType", + "type": "string" + }, + "RestartExecutionOnUpdate": { + "markdownDescription": "Indicates whether to rerun the CodePipeline pipeline after you update it.", + "title": "RestartExecutionOnUpdate", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no `actionRoleArn` , or to use to assume roles for actions with an `actionRoleArn` .", + "title": "RoleArn", + "type": "string" + }, + "Stages": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageDeclaration" + }, + "markdownDescription": "Represents information about a stage and its definition.", + "title": "Stages", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, {\"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "Specifies the tags applied to the pipeline.", "title": "Tags", "type": "array" + }, + "Triggers": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration" + }, + "markdownDescription": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline.\n\n> When a trigger configuration is specified, default change detection for repository and branch commits is disabled.", + "title": "Triggers", + "type": "array" + }, + "Variables": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.VariableDeclaration" + }, + "markdownDescription": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match `[A-Za-z0-9@\\-_]+` .", + "title": "Variables", + "type": "array" } }, "required": [ - "InstanceArn", - "Name" - ], + "RoleArn", + "Stages" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::TrafficDistributionGroup" + "AWS::CodePipeline::Pipeline" ], "type": "string" }, @@ -52688,223 +57968,680 @@ ], "type": "object" }, - "AWS::Connect::User": { + "AWS::CodePipeline::Pipeline.ActionDeclaration": { "additionalProperties": false, "properties": { - "Condition": { + "ActionTypeId": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionTypeId", + "markdownDescription": "Specifies the action type and the provider of the action.", + "title": "ActionTypeId" + }, + "Commands": { + "items": { + "type": "string" + }, + "markdownDescription": "The shell commands to run with your compute action in CodePipeline. All commands are supported except multi-line formats. While CodeBuild logs and permissions are used, you do not need to create any resources in CodeBuild.\n\n> Using compute time for this action will incur separate charges in AWS CodeBuild .", + "title": "Commands", + "type": "array" + }, + "Configuration": { + "markdownDescription": "The action's configuration. These are key-value pairs that specify input values for an action. For more information, see [Action Structure Requirements in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) . For the list of configuration properties for the AWS CloudFormation action type in CodePipeline, see [Configuration Properties Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-action-reference.html) in the *AWS CloudFormation User Guide* . For template snippets with examples, see [Using Parameter Override Functions with CodePipeline Pipelines](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-parameter-override-functions.html) in the *AWS CloudFormation User Guide* .\n\nThe values can be represented in either JSON or YAML format. For example, the JSON configuration item format is as follows:\n\n*JSON:*\n\n`\"Configuration\" : { Key : Value },`", + "title": "Configuration", + "type": "object" + }, + "EnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EnvironmentVariable" + }, + "markdownDescription": "The environment variables for the action.", + "title": "EnvironmentVariables", + "type": "array" + }, + "InputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" + }, + "markdownDescription": "The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .\n\n> For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* .", + "title": "InputArtifacts", + "type": "array" + }, + "Name": { + "markdownDescription": "The action declaration's name.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Namespace": { + "markdownDescription": "The variable namespace associated with the action. All variables produced as output by this action fall under this namespace.", + "title": "Namespace", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "OutputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.OutputArtifact" + }, + "markdownDescription": "The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .", + "title": "OutputArtifacts", + "type": "array" }, - "Metadata": { - "type": "object" + "OutputVariables": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of variables that are to be exported from the compute action. This is specifically CodeBuild environment variables as used for that action.", + "title": "OutputVariables", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DirectoryUserId": { - "markdownDescription": "The identifier of the user account in the directory used for identity management.", - "title": "DirectoryUserId", - "type": "string" - }, - "HierarchyGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's hierarchy group.", - "title": "HierarchyGroupArn", - "type": "string" - }, - "IdentityInfo": { - "$ref": "#/definitions/AWS::Connect::User.UserIdentityInfo", - "markdownDescription": "Information about the user identity.", - "title": "IdentityInfo" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Password": { - "markdownDescription": "The user's password.", - "title": "Password", - "type": "string" - }, - "PhoneConfig": { - "$ref": "#/definitions/AWS::Connect::User.UserPhoneConfig", - "markdownDescription": "Information about the phone configuration for the user.", - "title": "PhoneConfig" - }, - "RoutingProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's routing profile.", - "title": "RoutingProfileArn", - "type": "string" - }, - "SecurityProfileArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the user's security profile.", - "title": "SecurityProfileArns", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - }, - "UserProficiencies": { - "items": { - "$ref": "#/definitions/AWS::Connect::User.UserProficiency" - }, - "markdownDescription": "One or more predefined attributes assigned to a user, with a numeric value that indicates how their level of skill in a specified area.", - "title": "UserProficiencies", - "type": "array" - }, - "Username": { - "markdownDescription": "The user name assigned to the user account.", - "title": "Username", - "type": "string" - } + "Region": { + "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", + "title": "Region", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline.", + "title": "RoleArn", + "type": "string" + }, + "RunOrder": { + "markdownDescription": "The order in which actions are run.", + "title": "RunOrder", + "type": "number" + }, + "TimeoutInMinutes": { + "markdownDescription": "A timeout duration in minutes that can be applied against the ActionType\u2019s default timeout value specified in [Quotas for AWS CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/limits.html) . This attribute is available only to the manual approval ActionType.", + "title": "TimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "ActionTypeId", + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.ActionTypeId": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below.\n\n- `Source`\n- `Build`\n- `Test`\n- `Deploy`\n- `Invoke`\n- `Approval`\n- `Compute`", + "title": "Category", + "type": "string" + }, + "Owner": { + "markdownDescription": "The creator of the action being called. There are three valid values for the `Owner` field in the action category section within your pipeline structure: `AWS` , `ThirdParty` , and `Custom` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", + "title": "Owner", + "type": "string" + }, + "Provider": { + "markdownDescription": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as `CodeDeploy` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", + "title": "Provider", + "type": "string" + }, + "Version": { + "markdownDescription": "A string that describes the action version.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Category", + "Owner", + "Provider", + "Version" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.ArtifactStore": { + "additionalProperties": false, + "properties": { + "EncryptionKey": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EncryptionKey", + "markdownDescription": "The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) .", + "title": "EncryptionKey" + }, + "Location": { + "markdownDescription": "The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts.", + "title": "Location", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the artifact store, such as S3.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Location", + "Type" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.ArtifactStoreMap": { + "additionalProperties": false, + "properties": { + "ArtifactStore": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", + "markdownDescription": "Represents information about the S3 bucket where artifacts are stored for the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStore" + }, + "Region": { + "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "ArtifactStore", + "Region" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.BeforeEntryConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" }, - "required": [ - "InstanceArn", - "PhoneConfig", - "RoutingProfileArn", - "SecurityProfileArns", - "Username" - ], - "type": "object" + "markdownDescription": "The conditions that are configured as entry conditions.", + "title": "Conditions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.BlockerDeclaration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Reserved for future use.", + "title": "Name", + "type": "string" }, "Type": { - "enum": [ - "AWS::Connect::User" - ], + "markdownDescription": "Reserved for future use.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.Condition": { + "additionalProperties": false, + "properties": { + "Result": { + "markdownDescription": "The action to be done when the condition is met. For example, rolling back an execution for a failure condition.", + "title": "Result", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Rules": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RuleDeclaration" + }, + "markdownDescription": "The rules that make up the condition.", + "title": "Rules", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.EncryptionKey": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN.\n\n> Aliases are recognized only in the account that created the AWS KMS key. For cross-account actions, you can only use the key ID or key ARN to identify the key. Cross-account actions involve using the role from the other account (AccountB), so specifying the key ID will use the key from the other account (AccountB).", + "title": "Id", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Id", + "Type" ], "type": "object" }, - "AWS::Connect::User.UserIdentityInfo": { + "AWS::CodePipeline::Pipeline.EnvironmentVariable": { "additionalProperties": false, "properties": { - "Email": { - "markdownDescription": "The email address. If you are using SAML for identity management and include this parameter, an error is returned.", - "title": "Email", + "Name": { + "markdownDescription": "The environment variable name in the key-value pair.", + "title": "Name", "type": "string" }, - "FirstName": { - "markdownDescription": "The first name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", - "title": "FirstName", + "Type": { + "markdownDescription": "Specifies the type of use for the environment variable value. The value can be either `PLAINTEXT` or `SECRETS_MANAGER` . If the value is `SECRETS_MANAGER` , provide the Secrets reference in the EnvironmentVariable value.", + "title": "Type", "type": "string" }, - "LastName": { - "markdownDescription": "The last name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", - "title": "LastName", + "Value": { + "markdownDescription": "The environment variable value in the key-value pair.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.FailureConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" + }, + "markdownDescription": "The conditions that are configured as failure conditions. For more information about conditions, see [Stage conditions](https://docs.aws.amazon.com/codepipeline/latest/userguide/stage-conditions.html) and [How do stage conditions work?](https://docs.aws.amazon.com/codepipeline/latest/userguide/concepts-how-it-works-conditions.html) .", + "title": "Conditions", + "type": "array" }, - "Mobile": { - "markdownDescription": "The user's mobile number.", - "title": "Mobile", + "Result": { + "markdownDescription": "The specified result for when the failure conditions are met, such as rolling back the stage.", + "title": "Result", "type": "string" }, - "SecondaryEmail": { - "markdownDescription": "The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.\n\n*Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}`", - "title": "SecondaryEmail", + "RetryConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RetryConfiguration", + "markdownDescription": "The retry configuration specifies automatic retry for a failed stage, along with the configured retry mode.", + "title": "RetryConfiguration" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitBranchFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitConfiguration": { + "additionalProperties": false, + "properties": { + "PullRequest": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPullRequestFilter" + }, + "markdownDescription": "The field where the repository event that will start the pipeline is specified as pull requests.", + "title": "PullRequest", + "type": "array" + }, + "Push": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPushFilter" + }, + "markdownDescription": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details.", + "title": "Push", + "type": "array" + }, + "SourceActionName": { + "markdownDescription": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only.\n\n> You can only specify one trigger configuration per source action.", + "title": "SourceActionName", "type": "string" } }, + "required": [ + "SourceActionName" + ], "type": "object" }, - "AWS::Connect::User.UserPhoneConfig": { + "AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria": { "additionalProperties": false, "properties": { - "AfterContactWorkTimeLimit": { - "markdownDescription": "The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.\n\n> When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds.", - "title": "AfterContactWorkTimeLimit", - "type": "number" + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" }, - "AutoAccept": { - "markdownDescription": "The Auto accept setting.", - "title": "AutoAccept", - "type": "boolean" + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitPullRequestFilter": { + "additionalProperties": false, + "properties": { + "Branches": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", + "markdownDescription": "The field that specifies to filter on branches for the pull request trigger configuration.", + "title": "Branches" }, - "DeskPhoneNumber": { - "markdownDescription": "The phone number for the user's desk phone.", - "title": "DeskPhoneNumber", + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The field that specifies which pull request events to filter on (OPEN, UPDATED, CLOSED) for the trigger configuration.", + "title": "Events", + "type": "array" + }, + "FilePaths": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", + "markdownDescription": "The field that specifies to filter on file paths for the pull request trigger configuration.", + "title": "FilePaths" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitPushFilter": { + "additionalProperties": false, + "properties": { + "Branches": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", + "markdownDescription": "The field that specifies to filter on branches for the push trigger configuration.", + "title": "Branches" + }, + "FilePaths": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", + "markdownDescription": "The field that specifies to filter on file paths for the push trigger configuration.", + "title": "FilePaths" + }, + "Tags": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitTagFilterCriteria", + "markdownDescription": "The field that contains the details for the Git tags trigger configuration.", + "title": "Tags" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitTagFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.InputArtifact": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the artifact to be worked on (for example, \"My App\").\n\nArtifacts are the files that are worked on by actions in the pipeline. See the action configuration for each action for details about artifact parameters. For example, the S3 source action input artifact is a file name (or file path), and the files are generally provided as a ZIP file. Example artifact name: SampleApp_Windows.zip\n\nThe input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.OutputArtifact": { + "additionalProperties": false, + "properties": { + "Files": { + "items": { + "type": "string" + }, + "markdownDescription": "The files that you want to associate with the output artifact that will be exported from the compute action.", + "title": "Files", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the output of an artifact, such as \"My App\".\n\nThe output artifact name must exactly match the input artifact declared for a downstream action. However, the downstream action's input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.\n\nOutput artifact names must be unique within a pipeline.", + "title": "Name", "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration": { + "additionalProperties": false, + "properties": { + "GitConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitConfiguration", + "markdownDescription": "Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags.", + "title": "GitConfiguration" }, - "PhoneType": { - "markdownDescription": "The phone type.", - "title": "PhoneType", + "ProviderType": { + "markdownDescription": "The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration.", + "title": "ProviderType", "type": "string" } }, "required": [ - "PhoneType" + "ProviderType" ], "type": "object" }, - "AWS::Connect::User.UserProficiency": { + "AWS::CodePipeline::Pipeline.RetryConfiguration": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of user\u2019s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance.", - "title": "AttributeName", + "RetryMode": { + "markdownDescription": "The method that you want to configure for automatic stage retry on stage failure. You can specify to retry only failed action in the stage or all actions in the stage.", + "title": "RetryMode", "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.RuleDeclaration": { + "additionalProperties": false, + "properties": { + "Commands": { + "items": { + "type": "string" + }, + "markdownDescription": "The shell commands to run with your commands rule in CodePipeline. All commands are supported except multi-line formats. While CodeBuild logs and permissions are used, you do not need to create any resources in CodeBuild.\n\n> Using compute time for this action will incur separate charges in AWS CodeBuild .", + "title": "Commands", + "type": "array" }, - "AttributeValue": { - "markdownDescription": "The value of user\u2019s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance.", - "title": "AttributeValue", + "Configuration": { + "markdownDescription": "The action configuration fields for the rule.", + "title": "Configuration", + "type": "object" + }, + "InputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" + }, + "markdownDescription": "The input artifacts fields for the rule, such as specifying an input file for the rule.", + "title": "InputArtifacts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the rule that is created for the condition, such as `VariableCheck` .", + "title": "Name", "type": "string" }, - "Level": { - "markdownDescription": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5.", - "title": "Level", - "type": "number" + "Region": { + "markdownDescription": "The Region for the condition associated with the rule.", + "title": "Region", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The pipeline role ARN associated with the rule.", + "title": "RoleArn", + "type": "string" + }, + "RuleTypeId": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RuleTypeId", + "markdownDescription": "The ID for the rule type, which is made up of the combined values for category, owner, provider, and version.", + "title": "RuleTypeId" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.RuleTypeId": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "A category defines what kind of rule can be run in the stage, and constrains the provider type for the rule. The valid category is `Rule` .", + "title": "Category", + "type": "string" + }, + "Owner": { + "markdownDescription": "The creator of the rule being called. The valid value for the `Owner` field in the rule category is `AWS` .", + "title": "Owner", + "type": "string" + }, + "Provider": { + "markdownDescription": "The rule provider, such as the `DeploymentWindow` rule. For a list of rule provider names, see the rules listed in the [AWS CodePipeline rule reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/rule-reference.html) .", + "title": "Provider", + "type": "string" + }, + "Version": { + "markdownDescription": "A string that describes the rule version.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.StageDeclaration": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionDeclaration" + }, + "markdownDescription": "The actions included in a stage.", + "title": "Actions", + "type": "array" + }, + "BeforeEntry": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BeforeEntryConditions", + "markdownDescription": "The method to use when a stage allows entry. For example, configuring this field for conditions will allow entry to the stage when the conditions are met.", + "title": "BeforeEntry" + }, + "Blockers": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BlockerDeclaration" + }, + "markdownDescription": "Reserved for future use.", + "title": "Blockers", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the stage.", + "title": "Name", + "type": "string" + }, + "OnFailure": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.FailureConditions", + "markdownDescription": "The method to use when a stage has not completed successfully. For example, configuring this field for rollback will roll back a failed stage automatically to the last successful pipeline execution in the stage.", + "title": "OnFailure" + }, + "OnSuccess": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.SuccessConditions", + "markdownDescription": "The method to use when a stage has succeeded. For example, configuring this field for conditions will allow the stage to succeed when the conditions are met.", + "title": "OnSuccess" } }, "required": [ - "AttributeName", - "AttributeValue", - "Level" + "Actions", + "Name" ], "type": "object" }, - "AWS::Connect::UserHierarchyGroup": { + "AWS::CodePipeline::Pipeline.StageTransition": { + "additionalProperties": false, + "properties": { + "Reason": { + "markdownDescription": "The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI.", + "title": "Reason", + "type": "string" + }, + "StageName": { + "markdownDescription": "The name of the stage where you want to disable the inbound or outbound transition of artifacts.", + "title": "StageName", + "type": "string" + } + }, + "required": [ + "Reason", + "StageName" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.SuccessConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" + }, + "markdownDescription": "The conditions that are success conditions.", + "title": "Conditions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.VariableDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "The value of a pipeline-level variable.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a pipeline-level variable.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Webhook": { "additionalProperties": false, "properties": { "Condition": { @@ -52939,39 +58676,63 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user hierarchy group.", - "title": "InstanceArn", + "Authentication": { + "markdownDescription": "Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response. \n\n- For information about the authentication scheme implemented by GITHUB_HMAC, see [Securing your webhooks](https://docs.aws.amazon.com/https://developer.github.com/webhooks/securing/) on the GitHub Developer website.\n- IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.\n- UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.", + "title": "Authentication", "type": "string" }, + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookAuthConfiguration", + "markdownDescription": "Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the `SecretToken` property must be set. For IP, only the `AllowedIPRange` property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.", + "title": "AuthenticationConfiguration" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookFilterRule" + }, + "markdownDescription": "A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.", + "title": "Filters", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the user hierarchy group.", + "markdownDescription": "The name of the webhook.", "title": "Name", "type": "string" }, - "ParentGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the parent group.", - "title": "ParentGroupArn", + "RegisterWithThirdParty": { + "markdownDescription": "Configures a connection between the webhook that was created and the external tool with events to be detected.", + "title": "RegisterWithThirdParty", + "type": "boolean" + }, + "TargetAction": { + "markdownDescription": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.", + "title": "TargetAction", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" + "TargetPipeline": { + "markdownDescription": "The name of the pipeline you want to connect to the webhook.", + "title": "TargetPipeline", + "type": "string" + }, + "TargetPipelineVersion": { + "markdownDescription": "The version number of the pipeline to be connected to the trigger request.\n\nRequired: Yes\n\nType: Integer\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", + "title": "TargetPipelineVersion", + "type": "number" } }, "required": [ - "InstanceArn", - "Name" + "Authentication", + "AuthenticationConfiguration", + "Filters", + "TargetAction", + "TargetPipeline", + "TargetPipelineVersion" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::UserHierarchyGroup" + "AWS::CodePipeline::Webhook" ], "type": "string" }, @@ -52990,7 +58751,42 @@ ], "type": "object" }, - "AWS::Connect::View": { + "AWS::CodePipeline::Webhook.WebhookAuthConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedIPRange": { + "markdownDescription": "The property used to configure acceptance of webhooks in an IP address range. For IP, only the `AllowedIPRange` property must be set. This property must be set to a valid CIDR range.", + "title": "AllowedIPRange", + "type": "string" + }, + "SecretToken": { + "markdownDescription": "The property used to configure GitHub authentication. For GITHUB_HMAC, only the `SecretToken` property must be set.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response.", + "title": "SecretToken", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Webhook.WebhookFilterRule": { + "additionalProperties": false, + "properties": { + "JsonPath": { + "markdownDescription": "A JsonPath expression that is applied to the body/payload of the webhook. The value selected by the JsonPath expression must match the value specified in the `MatchEquals` field. Otherwise, the request is ignored. For more information, see [Java JsonPath implementation](https://docs.aws.amazon.com/https://github.com/json-path/JsonPath) in GitHub.", + "title": "JsonPath", + "type": "string" + }, + "MatchEquals": { + "markdownDescription": "The value selected by the `JsonPath` expression must match what is supplied in the `MatchEquals` field. Otherwise, the request is ignored. Properties from the target action configuration can be included as placeholders in this value by surrounding the action configuration key with curly brackets. For example, if the value supplied here is \"refs/heads/{Branch}\" and the target action has an action configuration property called \"Branch\" with a value of \"main\", the `MatchEquals` value is evaluated as \"refs/heads/main\". For a list of action configuration properties for built-in action types, see [Pipeline Structure Reference Action Requirements](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) .", + "title": "MatchEquals", + "type": "string" + } + }, + "required": [ + "JsonPath" + ], + "type": "object" + }, + "AWS::CodeStar::GitHubRepository": { "additionalProperties": false, "properties": { "Condition": { @@ -53025,54 +58821,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of actions possible from the view.", - "title": "Actions", - "type": "array" + "Code": { + "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.Code", + "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack.", + "title": "Code" }, - "Description": { - "markdownDescription": "The description of the view.", - "title": "Description", + "ConnectionArn": { + "markdownDescription": "", + "title": "ConnectionArn", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", + "EnableIssues": { + "markdownDescription": "Indicates whether to enable issues for the GitHub repository. You can use GitHub issues to track information and bugs for your repository.", + "title": "EnableIssues", + "type": "boolean" + }, + "IsPrivate": { + "markdownDescription": "Indicates whether the GitHub repository is a private repository. If so, you choose who can see and commit to this repository.", + "title": "IsPrivate", + "type": "boolean" + }, + "RepositoryAccessToken": { + "markdownDescription": "The GitHub user's personal access token for the GitHub repository.", + "title": "RepositoryAccessToken", "type": "string" }, - "Name": { - "markdownDescription": "The name of the view.", - "title": "Name", + "RepositoryDescription": { + "markdownDescription": "A comment or description about the new repository. This description is displayed in GitHub after the repository is created.", + "title": "RepositoryDescription", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the view resource (not specific to view version).", - "title": "Tags", - "type": "array" + "RepositoryName": { + "markdownDescription": "The name of the repository you want to create in GitHub with AWS CloudFormation stack creation.", + "title": "RepositoryName", + "type": "string" }, - "Template": { - "markdownDescription": "The view template representing the structure of the view.", - "title": "Template", - "type": "object" + "RepositoryOwner": { + "markdownDescription": "The GitHub user name for the owner of the GitHub repository to be created. If this repository should be owned by a GitHub organization, provide its name.", + "title": "RepositoryOwner", + "type": "string" } }, "required": [ - "Actions", - "InstanceArn", - "Name", - "Template" + "RepositoryName", + "RepositoryOwner" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::View" + "AWS::CodeStar::GitHubRepository" ], "type": "string" }, @@ -53091,7 +58889,46 @@ ], "type": "object" }, - "AWS::Connect::ViewVersion": { + "AWS::CodeStar::GitHubRepository.Code": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.S3", + "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CodeStar::GitHubRepository.S3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content to be committed to the new repository.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The S3 object key or file name for the ZIP file.", + "title": "Key", + "type": "string" + }, + "ObjectVersion": { + "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket.", + "title": "ObjectVersion", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::CodeStarConnections::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -53126,30 +58963,38 @@ "Properties": { "additionalProperties": false, "properties": { - "VersionDescription": { - "markdownDescription": "The description of the view version.", - "title": "VersionDescription", + "ConnectionName": { + "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", + "title": "ConnectionName", "type": "string" }, - "ViewArn": { - "markdownDescription": "The unqualified Amazon Resource Name (ARN) of the view.\n\nFor example:\n\n`arn::connect:::instance/00000000-0000-0000-0000-000000000000/view/00000000-0000-0000-0000-000000000000`", - "title": "ViewArn", + "HostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", + "title": "HostArn", "type": "string" }, - "ViewContentSha256": { - "markdownDescription": "Indicates the checksum value of the latest published view content.", - "title": "ViewContentSha256", + "ProviderType": { + "markdownDescription": "The name of the external provider where your third-party code repository is configured.", + "title": "ProviderType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the tags applied to the resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "ViewArn" + "ConnectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::ViewVersion" + "AWS::CodeStarConnections::Connection" ], "type": "string" }, @@ -53168,7 +59013,7 @@ ], "type": "object" }, - "AWS::ConnectCampaigns::Campaign": { + "AWS::CodeStarConnections::RepositoryLink": { "additionalProperties": false, "properties": { "Condition": { @@ -53203,46 +59048,45 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectInstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "ConnectInstanceArn", + "ConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connection associated with the repository link.", + "title": "ConnectionArn", "type": "string" }, - "DialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.DialerConfig", - "markdownDescription": "Contains information about the dialer configuration.", - "title": "DialerConfig" + "EncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the encryption key for the repository associated with the repository link.", + "title": "EncryptionKeyArn", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the campaign.", - "title": "Name", + "OwnerId": { + "markdownDescription": "The owner ID for the repository associated with the repository link, such as the owner ID in GitHub.", + "title": "OwnerId", "type": "string" }, - "OutboundCallConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.OutboundCallConfig", - "markdownDescription": "Contains information about the outbound call configuration.", - "title": "OutboundCallConfig" + "RepositoryName": { + "markdownDescription": "The name of the repository associated with the repository link.", + "title": "RepositoryName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The tags for the repository to be associated with the repository link.", "title": "Tags", "type": "array" } }, "required": [ - "ConnectInstanceArn", - "DialerConfig", - "Name", - "OutboundCallConfig" + "ConnectionArn", + "OwnerId", + "RepositoryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::ConnectCampaigns::Campaign" + "AWS::CodeStarConnections::RepositoryLink" ], "type": "string" }, @@ -53261,125 +59105,114 @@ ], "type": "object" }, - "AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig": { - "additionalProperties": false, - "properties": { - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig": { - "additionalProperties": false, - "properties": { - "AwaitAnswerMachinePrompt": { - "markdownDescription": "Whether waiting for answer machine prompt is enabled.", - "title": "AwaitAnswerMachinePrompt", - "type": "boolean" - }, - "EnableAnswerMachineDetection": { - "markdownDescription": "Whether answering machine detection is enabled.", - "title": "EnableAnswerMachineDetection", - "type": "boolean" - } - }, - "required": [ - "EnableAnswerMachineDetection" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.DialerConfig": { + "AWS::CodeStarConnections::SyncConfiguration": { "additionalProperties": false, "properties": { - "AgentlessDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig", - "markdownDescription": "The configuration of the agentless dialer.", - "title": "AgentlessDialerConfig" + "Condition": { + "type": "string" }, - "PredictiveDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig", - "markdownDescription": "The configuration of the predictive dialer.", - "title": "PredictiveDialerConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ProgressiveDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig", - "markdownDescription": "The configuration of the progressive dialer.", - "title": "ProgressiveDialerConfig" - } - }, - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.OutboundCallConfig": { - "additionalProperties": false, - "properties": { - "AnswerMachineDetectionConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig", - "markdownDescription": "Whether answering machine detection has been enabled.", - "title": "AnswerMachineDetectionConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConnectContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ConnectContactFlowArn", - "type": "string" + "Metadata": { + "type": "object" }, - "ConnectQueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "ConnectQueueArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Branch": { + "markdownDescription": "The branch associated with a specific sync configuration.", + "title": "Branch", + "type": "string" + }, + "ConfigFile": { + "markdownDescription": "The file path to the configuration file associated with a specific sync configuration. The path should point to an actual file in the sync configurations linked repository.", + "title": "ConfigFile", + "type": "string" + }, + "PublishDeploymentStatus": { + "markdownDescription": "Whether to enable or disable publishing of deployment status to source providers.", + "title": "PublishDeploymentStatus", + "type": "string" + }, + "RepositoryLinkId": { + "markdownDescription": "The ID of the repository link associated with a specific sync configuration.", + "title": "RepositoryLinkId", + "type": "string" + }, + "ResourceName": { + "markdownDescription": "The name of the connection resource associated with a specific sync configuration.", + "title": "ResourceName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role associated with a specific sync configuration.", + "title": "RoleArn", + "type": "string" + }, + "SyncType": { + "markdownDescription": "The type of sync for a specific sync configuration.", + "title": "SyncType", + "type": "string" + }, + "TriggerResourceUpdateOn": { + "markdownDescription": "When to trigger Git sync to begin the stack update.", + "title": "TriggerResourceUpdateOn", + "type": "string" + } + }, + "required": [ + "Branch", + "ConfigFile", + "RepositoryLinkId", + "ResourceName", + "RoleArn", + "SyncType" + ], + "type": "object" }, - "ConnectSourcePhoneNumber": { - "markdownDescription": "The phone number associated with the outbound call. This is the caller ID that is displayed to customers when an agent calls them.", - "title": "ConnectSourcePhoneNumber", + "Type": { + "enum": [ + "AWS::CodeStarConnections::SyncConfiguration" + ], "type": "string" - } - }, - "required": [ - "ConnectContactFlowArn" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig": { - "additionalProperties": false, - "properties": { - "BandwidthAllocation": { - "markdownDescription": "Bandwidth allocation for the predictive dialer.", - "title": "BandwidthAllocation", - "type": "number" - }, - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "required": [ - "BandwidthAllocation" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig": { - "additionalProperties": false, - "properties": { - "BandwidthAllocation": { - "markdownDescription": "Bandwidth allocation for the progressive dialer.", - "title": "BandwidthAllocation", - "type": "number" }, - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "BandwidthAllocation" + "Type", + "Properties" ], "type": "object" }, - "AWS::ControlTower::EnabledBaseline": { + "AWS::CodeStarNotifications::NotificationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -53414,48 +59247,81 @@ "Properties": { "additionalProperties": false, "properties": { - "BaselineIdentifier": { - "markdownDescription": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource.", - "title": "BaselineIdentifier", + "CreatedBy": { + "markdownDescription": "The name or email alias of the person who created the notification rule.", + "title": "CreatedBy", "type": "string" }, - "BaselineVersion": { - "markdownDescription": "The enabled version of the `Baseline` .", - "title": "BaselineVersion", + "DetailType": { + "markdownDescription": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created.", + "title": "DetailType", "type": "string" }, - "Parameters": { + "EventTypeId": { + "markdownDescription": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", + "title": "EventTypeId", + "type": "string" + }, + "EventTypeIds": { "items": { - "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline.Parameter" + "type": "string" }, - "markdownDescription": "Shows the parameters that are applied when enabling this `Baseline` .", - "title": "Parameters", + "markdownDescription": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", + "title": "EventTypeIds", "type": "array" }, + "Name": { + "markdownDescription": "The name for the notification rule. Notification rule names must be unique in your AWS account .", + "title": "Name", + "type": "string" + }, + "Resource": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild .", + "title": "Resource", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule.", + "title": "Status", + "type": "string" + }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \".", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "", "title": "Tags", - "type": "array" + "type": "object" }, - "TargetIdentifier": { - "markdownDescription": "The target on which to enable the `Baseline` .", - "title": "TargetIdentifier", + "TargetAddress": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic or client.", + "title": "TargetAddress", "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CodeStarNotifications::NotificationRule.Target" + }, + "markdownDescription": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and clients to associate with the notification rule.", + "title": "Targets", + "type": "array" } }, "required": [ - "BaselineIdentifier", - "BaselineVersion", - "TargetIdentifier" + "DetailType", + "EventTypeIds", + "Name", + "Resource", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::EnabledBaseline" + "AWS::CodeStarNotifications::NotificationRule" ], "type": "string" }, @@ -53474,23 +59340,27 @@ ], "type": "object" }, - "AWS::ControlTower::EnabledBaseline.Parameter": { + "AWS::CodeStarNotifications::NotificationRule.Target": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "TargetAddress": { + "markdownDescription": "The Amazon Resource Name (ARN) of the topic or client.", + "title": "TargetAddress", "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "object" + "TargetType": { + "markdownDescription": "The target type. Can be an Amazon Simple Notification Service topic or client.\n\n- Amazon Simple Notification Service topics are specified as `SNS` .\n- clients are specified as `AWSChatbotSlack` .\n- clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .", + "title": "TargetType", + "type": "string" } }, + "required": [ + "TargetAddress", + "TargetType" + ], "type": "object" }, - "AWS::ControlTower::EnabledControl": { + "AWS::Cognito::IdentityPool": { "additionalProperties": false, "properties": { "Condition": { @@ -53525,42 +59395,87 @@ "Properties": { "additionalProperties": false, "properties": { - "ControlIdentifier": { - "markdownDescription": "The ARN of the control. Only *Strongly recommended* and *Elective* controls are permitted, with the exception of the *Region deny* control. For information on how to find the `controlIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", - "title": "ControlIdentifier", - "type": "string" + "AllowClassicFlow": { + "markdownDescription": "Enables the Basic (Classic) authentication flow.", + "title": "AllowClassicFlow", + "type": "boolean" }, - "Parameters": { + "AllowUnauthenticatedIdentities": { + "markdownDescription": "Specifies whether the identity pool supports unauthenticated logins.", + "title": "AllowUnauthenticatedIdentities", + "type": "boolean" + }, + "CognitoEvents": { + "markdownDescription": "The events to configure.", + "title": "CognitoEvents", + "type": "object" + }, + "CognitoIdentityProviders": { "items": { - "$ref": "#/definitions/AWS::ControlTower::EnabledControl.EnabledControlParameter" + "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoIdentityProvider" }, - "markdownDescription": "Array of `EnabledControlParameter` objects.", - "title": "Parameters", + "markdownDescription": "The Amazon Cognito user pools and their client IDs.", + "title": "CognitoIdentityProviders", "type": "array" }, - "Tags": { + "CognitoStreams": { + "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoStreams", + "markdownDescription": "Configuration options for configuring Amazon Cognito streams.", + "title": "CognitoStreams" + }, + "DeveloperProviderName": { + "markdownDescription": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100", + "title": "DeveloperProviderName", + "type": "string" + }, + "IdentityPoolName": { + "markdownDescription": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`", + "title": "IdentityPoolName", + "type": "string" + }, + "IdentityPoolTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "Tags to assign to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.", + "title": "IdentityPoolTags", "type": "array" }, - "TargetIdentifier": { - "markdownDescription": "The ARN of the organizational unit. For information on how to find the `targetIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", - "title": "TargetIdentifier", - "type": "string" + "OpenIdConnectProviderARNs": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the OpenID connect providers.", + "title": "OpenIdConnectProviderARNs", + "type": "array" + }, + "PushSync": { + "$ref": "#/definitions/AWS::Cognito::IdentityPool.PushSync", + "markdownDescription": "The configuration options to be applied to the identity pool.", + "title": "PushSync" + }, + "SamlProviderARNs": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.", + "title": "SamlProviderARNs", + "type": "array" + }, + "SupportedLoginProviders": { + "markdownDescription": "Key-value pairs that map provider names to provider app IDs.", + "title": "SupportedLoginProviders", + "type": "object" } }, "required": [ - "ControlIdentifier", - "TargetIdentifier" + "AllowUnauthenticatedIdentities" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::EnabledControl" + "AWS::Cognito::IdentityPool" ], "type": "string" }, @@ -53579,27 +59494,72 @@ ], "type": "object" }, - "AWS::ControlTower::EnabledControl.EnabledControlParameter": { + "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key/value pair. It is of type `string` .", - "title": "Key", + "ClientId": { + "markdownDescription": "The client ID for the Amazon Cognito user pool.", + "title": "ClientId", "type": "string" }, - "Value": { - "markdownDescription": "The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.]", - "title": "Value", - "type": "object" + "ProviderName": { + "markdownDescription": "The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` .", + "title": "ProviderName", + "type": "string" + }, + "ServerSideTokenCheck": { + "markdownDescription": "TRUE if server-side token validation is enabled for the identity provider\u2019s token.\n\nAfter you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.\n\nIf the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.", + "title": "ServerSideTokenCheck", + "type": "boolean" } }, "required": [ - "Key", - "Value" + "ClientId", + "ProviderName" ], "type": "object" }, - "AWS::ControlTower::LandingZone": { + "AWS::Cognito::IdentityPool.CognitoStreams": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream.", + "title": "RoleArn", + "type": "string" + }, + "StreamName": { + "markdownDescription": "The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool.", + "title": "StreamName", + "type": "string" + }, + "StreamingStatus": { + "markdownDescription": "Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` .", + "title": "StreamingStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::IdentityPool.PushSync": { + "additionalProperties": false, + "properties": { + "ApplicationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the Amazon SNS platform applications that could be used by clients.", + "title": "ApplicationArns", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::IdentityPoolPrincipalTag": { "additionalProperties": false, "properties": { "Condition": { @@ -53634,34 +59594,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Manifest": { - "markdownDescription": "The landing zone manifest JSON text file that specifies the landing zone configurations.", - "title": "Manifest", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to be applied to the landing zone.", - "title": "Tags", - "type": "array" + "IdentityPoolId": { + "markdownDescription": "The identity pool that you want to associate with this principal tag map.", + "title": "IdentityPoolId", + "type": "string" }, - "Version": { - "markdownDescription": "The landing zone's current deployed version.", - "title": "Version", + "IdentityProviderName": { + "markdownDescription": "The identity pool identity provider (IdP) that you want to associate with this principal tag map.", + "title": "IdentityProviderName", "type": "string" + }, + "PrincipalTags": { + "markdownDescription": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.", + "title": "PrincipalTags", + "type": "object" + }, + "UseDefaults": { + "markdownDescription": "Use a default set of mappings between claims and tags for this provider, instead of a custom map.", + "title": "UseDefaults", + "type": "boolean" } }, "required": [ - "Manifest", - "Version" + "IdentityPoolId", + "IdentityProviderName" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::LandingZone" + "AWS::Cognito::IdentityPoolPrincipalTag" ], "type": "string" }, @@ -53680,7 +59642,7 @@ ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition": { + "AWS::Cognito::IdentityPoolRoleAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -53715,61 +59677,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeDetails": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails", - "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", - "title": "AttributeDetails" - }, - "CalculatedAttributeName": { - "markdownDescription": "The name of an attribute defined in a profile object type.", - "title": "CalculatedAttributeName", - "type": "string" - }, - "Conditions": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions", - "markdownDescription": "The conditions including range, object count, and threshold for the calculated attribute.", - "title": "Conditions" - }, - "Description": { - "markdownDescription": "The description of the calculated attribute.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The display name of the calculated attribute.", - "title": "DisplayName", - "type": "string" - }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", + "IdentityPoolId": { + "markdownDescription": "An identity pool ID in the format `REGION:GUID` .", + "title": "IdentityPoolId", "type": "string" }, - "Statistic": { - "markdownDescription": "The aggregation operation to perform for the calculated attribute.", - "title": "Statistic", - "type": "string" + "RoleMappings": { + "additionalProperties": false, + "markdownDescription": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping" + } + }, + "title": "RoleMappings", + "type": "object" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "Roles": { + "additionalProperties": true, + "markdownDescription": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" + "title": "Roles", + "type": "object" } }, "required": [ - "AttributeDetails", - "CalculatedAttributeName", - "DomainName", - "Statistic" + "IdentityPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::CalculatedAttributeDefinition" + "AWS::Cognito::IdentityPoolRoleAttachment" ], "type": "string" }, @@ -53788,105 +59731,85 @@ ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails": { + "AWS::Cognito::IdentityPoolRoleAttachment.MappingRule": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem" - }, - "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", - "title": "Attributes", - "type": "array" + "Claim": { + "markdownDescription": "The claim name that must be present in the token. For example: \"isAdmin\" or \"paid\".", + "title": "Claim", + "type": "string" }, - "Expression": { - "markdownDescription": "Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \\\"{ObjectTypeName.AttributeName}\\\".", - "title": "Expression", + "MatchType": { + "markdownDescription": "The match condition that specifies how closely the claim value in the IdP token must match `Value` .\n\nValid values are: `Equals` , `Contains` , `StartsWith` , and `NotEqual` .", + "title": "MatchType", "type": "string" - } - }, - "required": [ - "Attributes", - "Expression" - ], - "type": "object" - }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The unique name of the calculated attribute.", - "title": "Name", + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role.", + "title": "RoleARN", + "type": "string" + }, + "Value": { + "markdownDescription": "A brief string that the claim must match. For example, \"paid\" or \"yes\".", + "title": "Value", "type": "string" } }, "required": [ - "Name" + "Claim", + "MatchType", + "RoleARN", + "Value" ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions": { + "AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping": { "additionalProperties": false, "properties": { - "ObjectCount": { - "markdownDescription": "The number of profile objects used for the calculated attribute.", - "title": "ObjectCount", - "type": "number" - }, - "Range": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Range", - "markdownDescription": "The relative time period over which data is included in the aggregation.", - "title": "Range" + "AmbiguousRoleResolution": { + "markdownDescription": "If you specify Token or Rules as the `Type` , `AmbiguousRoleResolution` is required.\n\nSpecifies the action to be taken if either no rules match the claim value for the `Rules` type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the `Token` type.", + "title": "AmbiguousRoleResolution", + "type": "string" }, - "Threshold": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold", - "markdownDescription": "The threshold for the calculated attribute.", - "title": "Threshold" - } - }, - "type": "object" - }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Range": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The unit of time.", - "title": "Unit", + "IdentityProvider": { + "markdownDescription": "Identifier for the identity provider for which the role is mapped. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)` . This is the identity provider that is used by the user for authentication.\n\nIf the identity provider property isn't provided, the key of the entry in the `RoleMappings` map is used as the identity provider.", + "title": "IdentityProvider", "type": "string" }, - "Value": { - "markdownDescription": "The amount of time of the specified unit.", - "title": "Value", - "type": "number" + "RulesConfiguration": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType", + "markdownDescription": "The rules to be used for mapping users to roles. If you specify \"Rules\" as the role-mapping type, RulesConfiguration is required.", + "title": "RulesConfiguration" + }, + "Type": { + "markdownDescription": "The role mapping type. Token will use `cognito:roles` and `cognito:preferred_role` claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.", + "title": "Type", + "type": "string" } }, "required": [ - "Unit", - "Value" + "Type" ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold": { + "AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType": { "additionalProperties": false, "properties": { - "Operator": { - "markdownDescription": "The operator of the threshold.", - "title": "Operator", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the threshold.", - "title": "Value", - "type": "string" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.MappingRule" + }, + "markdownDescription": "The rules. You can specify up to 25 rules per identity provider.", + "title": "Rules", + "type": "array" } }, "required": [ - "Operator", - "Value" + "Rules" ], "type": "object" }, - "AWS::CustomerProfiles::Domain": { + "AWS::Cognito::LogDeliveryConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -53921,54 +59844,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DeadLetterQueueUrl": { - "markdownDescription": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", - "title": "DeadLetterQueueUrl", - "type": "string" - }, - "DefaultEncryptionKey": { - "markdownDescription": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.", - "title": "DefaultEncryptionKey", - "type": "string" - }, - "DefaultExpirationDays": { - "markdownDescription": "The default number of days until the data within the domain expires.", - "title": "DefaultExpirationDays", - "type": "number" - }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" - }, - "Matching": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Matching", - "markdownDescription": "The process of matching duplicate profiles.", - "title": "Matching" - }, - "RuleBasedMatching": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.RuleBasedMatching", - "markdownDescription": "The process of matching duplicate profiles using Rule-Based matching.", - "title": "RuleBasedMatching" - }, - "Tags": { + "LogConfigurations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.LogConfiguration" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs.", + "title": "LogConfigurations", "type": "array" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you configured logging.", + "title": "UserPoolId", + "type": "string" } }, "required": [ - "DefaultExpirationDays", - "DomainName" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::Domain" + "AWS::Cognito::LogDeliveryConfiguration" ], "type": "string" }, @@ -53987,281 +59884,71 @@ ], "type": "object" }, - "AWS::CustomerProfiles::Domain.AttributeTypesSelector": { + "AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "items": { - "type": "string" - }, - "markdownDescription": "The `Address` type. You can choose from `Address` , `BusinessAddress` , `MaillingAddress` , and `ShippingAddress` . You only can use the `Address` type in the `MatchingRule` . For example, if you want to match a profile based on `BusinessAddress.City` or `MaillingAddress.City` , you can choose the `BusinessAddress` and the `MaillingAddress` to represent the `Address` type and specify the `Address.City` on the matching rule.", - "title": "Address", - "type": "array" - }, - "AttributeMatchingModel": { - "markdownDescription": "Configures the `AttributeMatchingModel` , you can either choose `ONE_TO_ONE` or `MANY_TO_MANY` .", - "title": "AttributeMatchingModel", + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with AWS Key Management Service and must be in the same AWS account as your user pool.\n\nTo send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with `/aws/vendedlogs` . For more information, see [Enabling logging from certain AWS services](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) .", + "title": "LogGroupArn", "type": "string" - }, - "EmailAddress": { - "items": { - "type": "string" - }, - "markdownDescription": "The Email type. You can choose from `EmailAddress` , `BusinessEmailAddress` and `PersonalEmailAddress` . You only can use the `EmailAddress` type in the `MatchingRule` . For example, if you want to match profile based on `PersonalEmailAddress` or `BusinessEmailAddress` , you can choose the `PersonalEmailAddress` and the `BusinessEmailAddress` to represent the `EmailAddress` type and only specify the `EmailAddress` on the matching rule.", - "title": "EmailAddress", - "type": "array" - }, - "PhoneNumber": { - "items": { - "type": "string" - }, - "markdownDescription": "The `PhoneNumber` type. You can choose from `PhoneNumber` , `HomePhoneNumber` , and `MobilePhoneNumber` . You only can use the `PhoneNumber` type in the `MatchingRule` . For example, if you want to match a profile based on `Phone` or `HomePhone` , you can choose the `Phone` and the `HomePhone` to represent the `PhoneNumber` type and only specify the `PhoneNumber` on the matching rule.", - "title": "PhoneNumber", - "type": "array" - } - }, - "required": [ - "AttributeMatchingModel" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.AutoMerging": { - "additionalProperties": false, - "properties": { - "ConflictResolution": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", - "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", - "title": "ConflictResolution" - }, - "Consolidation": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Consolidation", - "markdownDescription": "A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged.", - "title": "Consolidation" - }, - "Enabled": { - "markdownDescription": "The flag that enables the auto-merging of duplicate profiles.", - "title": "Enabled", - "type": "boolean" - }, - "MinAllowedConfidenceScoreForMerging": { - "markdownDescription": "A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means that a higher similarity is required to merge profiles.", - "title": "MinAllowedConfidenceScoreForMerging", - "type": "number" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.ConflictResolution": { + "AWS::Cognito::LogDeliveryConfiguration.FirehoseConfiguration": { "additionalProperties": false, "properties": { - "ConflictResolvingModel": { - "markdownDescription": "How the auto-merging process should resolve conflicts between different profiles.", - "title": "ConflictResolvingModel", - "type": "string" - }, - "SourceName": { - "markdownDescription": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel` .", - "title": "SourceName", + "StreamArn": { + "markdownDescription": "The ARN of an Amazon Data Firehose stream that's the destination for threat protection log export.", + "title": "StreamArn", "type": "string" } }, - "required": [ - "ConflictResolvingModel" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.Consolidation": { - "additionalProperties": false, - "properties": { - "MatchingAttributesList": { - "markdownDescription": "A list of matching criteria.", - "title": "MatchingAttributesList", - "type": "object" - } - }, - "required": [ - "MatchingAttributesList" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.DomainStats": { - "additionalProperties": false, - "properties": { - "MeteringProfileCount": { - "markdownDescription": "The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on.", - "title": "MeteringProfileCount", - "type": "number" - }, - "ObjectCount": { - "markdownDescription": "The total number of objects in domain.", - "title": "ObjectCount", - "type": "number" - }, - "ProfileCount": { - "markdownDescription": "The total number of profiles currently in the domain.", - "title": "ProfileCount", - "type": "number" - }, - "TotalSize": { - "markdownDescription": "The total size, in bytes, of all objects in the domain.", - "title": "TotalSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CustomerProfiles::Domain.ExportingConfig": { - "additionalProperties": false, - "properties": { - "S3Exporting": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.S3ExportingConfig", - "markdownDescription": "", - "title": "S3Exporting" - } - }, "type": "object" }, - "AWS::CustomerProfiles::Domain.JobSchedule": { + "AWS::Cognito::LogDeliveryConfiguration.LogConfiguration": { "additionalProperties": false, "properties": { - "DayOfTheWeek": { - "markdownDescription": "The day when the Identity Resolution Job should run every week.", - "title": "DayOfTheWeek", - "type": "string" + "CloudWatchLogsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration", + "markdownDescription": "Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.", + "title": "CloudWatchLogsConfiguration" }, - "Time": { - "markdownDescription": "The time when the Identity Resolution Job should run every week.", - "title": "Time", + "EventSource": { + "markdownDescription": "The source of events that your user pool sends for logging. To send error-level logs about user notification activity, set to `userNotification` . To send info-level logs about threat-protection user activity in user pools with the Plus feature plan, set to `userAuthEvents` .", + "title": "EventSource", "type": "string" - } - }, - "required": [ - "DayOfTheWeek", - "Time" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.Matching": { - "additionalProperties": false, - "properties": { - "AutoMerging": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AutoMerging", - "markdownDescription": "Configuration information about the auto-merging process.", - "title": "AutoMerging" - }, - "Enabled": { - "markdownDescription": "The flag that enables the matching process of duplicate profiles.", - "title": "Enabled", - "type": "boolean" - }, - "ExportingConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", - "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", - "title": "ExportingConfig" - }, - "JobSchedule": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.JobSchedule", - "markdownDescription": "The day and time when do you want to start the Identity Resolution Job every week.", - "title": "JobSchedule" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.MatchingRule": { - "additionalProperties": false, - "properties": { - "Rule": { - "items": { - "type": "string" - }, - "markdownDescription": "A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles.", - "title": "Rule", - "type": "array" - } - }, - "required": [ - "Rule" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Domain.RuleBasedMatching": { - "additionalProperties": false, - "properties": { - "AttributeTypesSelector": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AttributeTypesSelector", - "markdownDescription": "Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles.", - "title": "AttributeTypesSelector" - }, - "ConflictResolution": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", - "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", - "title": "ConflictResolution" - }, - "Enabled": { - "markdownDescription": "The flag that enables the matching process of duplicate profiles.", - "title": "Enabled", - "type": "boolean" - }, - "ExportingConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", - "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", - "title": "ExportingConfig" - }, - "MatchingRules": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.MatchingRule" - }, - "markdownDescription": "Configures how the rule-based matching process should match profiles. You can have up to 15 `MatchingRule` in the `MatchingRules` .", - "title": "MatchingRules", - "type": "array" - }, - "MaxAllowedRuleLevelForMatching": { - "markdownDescription": "Indicates the maximum allowed rule level for matching.", - "title": "MaxAllowedRuleLevelForMatching", - "type": "number" }, - "MaxAllowedRuleLevelForMerging": { - "markdownDescription": "Indicates the maximum allowed rule level for merging.", - "title": "MaxAllowedRuleLevelForMerging", - "type": "number" + "FirehoseConfiguration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.FirehoseConfiguration", + "markdownDescription": "Configuration for the Amazon Data Firehose stream destination of user activity log export with threat protection.", + "title": "FirehoseConfiguration" }, - "Status": { - "markdownDescription": "The status of rule-based matching rule.", - "title": "Status", + "LogLevel": { + "markdownDescription": "The `errorlevel` selection of logs that a user pool sends for detailed activity logging. To send `userNotification` activity with [information about message delivery](https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html) , choose `ERROR` with `CloudWatchLogsConfiguration` . To send `userAuthEvents` activity with user logs from threat protection with the Plus feature plan, choose `INFO` with one of `CloudWatchLogsConfiguration` , `FirehoseConfiguration` , or `S3Configuration` .", + "title": "LogLevel", "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.S3Configuration", + "markdownDescription": "Configuration for the Amazon S3 bucket destination of user activity log export with threat protection.", + "title": "S3Configuration" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.S3ExportingConfig": { + "AWS::Cognito::LogDeliveryConfiguration.S3Configuration": { "additionalProperties": false, "properties": { - "S3BucketName": { - "markdownDescription": "The name of the S3 bucket where Identity Resolution Jobs write result files.", - "title": "S3BucketName", - "type": "string" - }, - "S3KeyName": { - "markdownDescription": "The S3 key name of the location where Identity Resolution Jobs write result files.", - "title": "S3KeyName", + "BucketArn": { + "markdownDescription": "The ARN of an Amazon S3 bucket that's the destination for threat protection log export.", + "title": "BucketArn", "type": "string" } }, - "required": [ - "S3BucketName" - ], "type": "object" }, - "AWS::CustomerProfiles::EventStream": { + "AWS::Cognito::ManagedLoginBranding": { "additionalProperties": false, "properties": { "Condition": { @@ -54296,40 +59983,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" - }, - "EventStreamName": { - "markdownDescription": "The name of the event stream.", - "title": "EventStreamName", - "type": "string" - }, - "Tags": { + "Assets": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::ManagedLoginBranding.AssetType" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "An array of image files that you want to apply to roles like backgrounds, logos, and icons. Each object must also indicate whether it is for dark mode, light mode, or browser-adaptive mode.", + "title": "Assets", "type": "array" }, - "Uri": { - "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", - "title": "Uri", + "ClientId": { + "markdownDescription": "The app client that you want to assign the branding style to. Each style is linked to an app client until you delete it.", + "title": "ClientId", + "type": "string" + }, + "ReturnMergedResources": { + "markdownDescription": "When `true` , returns values for branding options that are unchanged from Amazon Cognito defaults. When `false` or when you omit this parameter, returns only values that you customized in your branding style.", + "title": "ReturnMergedResources", + "type": "boolean" + }, + "Settings": { + "markdownDescription": "A JSON file, encoded as a `Document` type, with the the settings that you want to apply to your style.", + "title": "Settings", + "type": "object" + }, + "UseCognitoProvidedValues": { + "markdownDescription": "When true, applies the default branding style options. This option reverts to default style options that are managed by Amazon Cognito. You can modify them later in the branding editor.\n\nWhen you specify `true` for this option, you must also omit values for `Settings` and `Assets` in the request.", + "title": "UseCognitoProvidedValues", + "type": "boolean" + }, + "UserPoolId": { + "markdownDescription": "The user pool where the branding style is assigned.", + "title": "UserPoolId", "type": "string" } }, "required": [ - "DomainName", - "EventStreamName", - "Uri" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::EventStream" + "AWS::Cognito::ManagedLoginBranding" ], "type": "string" }, @@ -54348,27 +60043,43 @@ ], "type": "object" }, - "AWS::CustomerProfiles::EventStream.DestinationDetails": { + "AWS::Cognito::ManagedLoginBranding.AssetType": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of enabling the Kinesis stream as a destination for export.", - "title": "Status", + "Bytes": { + "markdownDescription": "The image file, in Base64-encoded binary.", + "title": "Bytes", "type": "string" }, - "Uri": { - "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", - "title": "Uri", + "Category": { + "markdownDescription": "The category that the image corresponds to in your managed login configuration. Managed login has asset categories for different types of logos, backgrounds, and icons.", + "title": "Category", + "type": "string" + }, + "ColorMode": { + "markdownDescription": "The display-mode target of the asset: light, dark, or browser-adaptive. For example, Amazon Cognito displays a dark-mode image only when the browser or application is in dark mode, but displays a browser-adaptive file in all contexts.", + "title": "ColorMode", + "type": "string" + }, + "Extension": { + "markdownDescription": "The file type of the image file.", + "title": "Extension", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the asset.", + "title": "ResourceId", "type": "string" } }, "required": [ - "Status", - "Uri" + "Category", + "ColorMode", + "Extension" ], "type": "object" }, - "AWS::CustomerProfiles::Integration": { + "AWS::Cognito::UserPool": { "additionalProperties": false, "properties": { "Condition": { @@ -54403,51 +60114,178 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" - }, - "FlowDefinition": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.FlowDefinition", - "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", - "title": "FlowDefinition" + "AccountRecoverySetting": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AccountRecoverySetting", + "markdownDescription": "The available verified method a user can use to recover their password when they call `ForgotPassword` . You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.", + "title": "AccountRecoverySetting" }, - "ObjectTypeName": { - "markdownDescription": "The name of the profile object type mapping to use.", - "title": "ObjectTypeName", - "type": "string" + "AdminCreateUserConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AdminCreateUserConfig", + "markdownDescription": "The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.", + "title": "AdminCreateUserConfig" }, - "ObjectTypeNames": { + "AliasAttributes": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ObjectTypeMapping" + "type": "string" }, - "markdownDescription": "The object type mapping.", - "title": "ObjectTypeNames", + "markdownDescription": "Attributes supported as an alias for this user pool. For more information about alias attributes, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", + "title": "AliasAttributes", "type": "array" }, - "Tags": { + "AutoVerifiedAttributes": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "The attributes that you want your user pool to automatically verify. For more information, see [Verifying contact information at sign-up](https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#allowing-users-to-sign-up-and-confirm-themselves) .", + "title": "AutoVerifiedAttributes", "type": "array" }, - "Uri": { - "markdownDescription": "The URI of the S3 bucket or any other type of data source.", - "title": "Uri", + "DeletionProtection": { + "markdownDescription": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request.", + "title": "DeletionProtection", + "type": "string" + }, + "DeviceConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.DeviceConfiguration", + "markdownDescription": "The device-remembering configuration for a user pool. Device remembering or device tracking is a \"Remember me on this device\" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see [Working with user devices in your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) . A null value indicates that you have deactivated device remembering in your user pool.\n\n> When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature. For more information, see [Working with devices](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) .", + "title": "DeviceConfiguration" + }, + "EmailAuthenticationMessage": { + "markdownDescription": "", + "title": "EmailAuthenticationMessage", + "type": "string" + }, + "EmailAuthenticationSubject": { + "markdownDescription": "", + "title": "EmailAuthenticationSubject", + "type": "string" + }, + "EmailConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.EmailConfiguration", + "markdownDescription": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.", + "title": "EmailConfiguration" + }, + "EmailVerificationMessage": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "EmailVerificationMessage", + "type": "string" + }, + "EmailVerificationSubject": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "EmailVerificationSubject", + "type": "string" + }, + "EnabledMfas": { + "items": { + "type": "string" + }, + "markdownDescription": "Set enabled MFA options on a specified user pool. To disable all MFAs after it has been enabled, set `MfaConfiguration` to `OFF` and remove EnabledMfas. MFAs can only be all disabled if `MfaConfiguration` is `OFF` . After you enable `SMS_MFA` , you can only disable it by setting `MfaConfiguration` to `OFF` . Can be one of the following values:\n\n- `SMS_MFA` - Enables MFA with SMS for the user pool. To select this option, you must also provide values for `SmsConfiguration` .\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n- `EMAIL_OTP` - Enables MFA with email for the user pool. To select this option, you must provide values for `EmailConfiguration` and within those, set `EmailSendingAccount` to `DEVELOPER` .\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA` | `EMAIL_OTP`", + "title": "EnabledMfas", + "type": "array" + }, + "LambdaConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.LambdaConfig", + "markdownDescription": "A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.", + "title": "LambdaConfig" + }, + "MfaConfiguration": { + "markdownDescription": "Displays the state of multi-factor authentication (MFA) as on, off, or optional. When `ON` , all users must set up MFA before they can sign in. When `OPTIONAL` , your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose `OPTIONAL` .\n\nWhen `MfaConfiguration` is `OPTIONAL` , managed login doesn't automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.", + "title": "MfaConfiguration", + "type": "string" + }, + "Policies": { + "$ref": "#/definitions/AWS::Cognito::UserPool.Policies", + "markdownDescription": "A list of user pool policies. Contains the policy that sets password-complexity requirements.", + "title": "Policies" + }, + "Schema": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPool.SchemaAttribute" + }, + "markdownDescription": "An array of attributes for the new user pool. You can add custom attributes and modify the properties of default attributes. The specifications in this parameter set the required attributes in your user pool. For more information, see [Working with user attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) .", + "title": "Schema", + "type": "array" + }, + "SmsAuthenticationMessage": { + "markdownDescription": "The contents of the SMS authentication message.", + "title": "SmsAuthenticationMessage", + "type": "string" + }, + "SmsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.SmsConfiguration", + "markdownDescription": "The settings for your Amazon Cognito user pool to send SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . For more information see [SMS message settings](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", + "title": "SmsConfiguration" + }, + "SmsVerificationMessage": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "SmsVerificationMessage", + "type": "string" + }, + "UserAttributeUpdateSettings": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UserAttributeUpdateSettings", + "markdownDescription": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) .", + "title": "UserAttributeUpdateSettings" + }, + "UserPoolAddOns": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UserPoolAddOns", + "markdownDescription": "Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to potentially unwanted traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .", + "title": "UserPoolAddOns" + }, + "UserPoolName": { + "markdownDescription": "A friendly name for your user pool.", + "title": "UserPoolName", + "type": "string" + }, + "UserPoolTags": { + "additionalProperties": true, + "markdownDescription": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserPoolTags", + "type": "object" + }, + "UserPoolTier": { + "markdownDescription": "The user pool [feature plan](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-sign-in-feature-plans.html) , or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to `ESSENTIALS` .", + "title": "UserPoolTier", + "type": "string" + }, + "UsernameAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies whether a user can use an email address or phone number as a username when they sign up.", + "title": "UsernameAttributes", + "type": "array" + }, + "UsernameConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UsernameConfiguration", + "markdownDescription": "Sets the case sensitivity option for sign-in usernames. When `CaseSensitive` is `false` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `false` as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.\n\nWhen `CaseSensitive` is `true` (case sensitive), Amazon Cognito interprets `USERNAME` and `UserName` as distinct users.\n\nThis configuration is immutable after you set it.", + "title": "UsernameConfiguration" + }, + "VerificationMessageTemplate": { + "$ref": "#/definitions/AWS::Cognito::UserPool.VerificationMessageTemplate", + "markdownDescription": "The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.\n\nSet the email message type that corresponds to your `DefaultEmailOption` selection. For `CONFIRM_WITH_LINK` , specify an `EmailMessageByLink` and leave `EmailMessage` blank. For `CONFIRM_WITH_CODE` , specify an `EmailMessage` and leave `EmailMessageByLink` blank. When you supply both parameters with either choice, Amazon Cognito returns an error.", + "title": "VerificationMessageTemplate" + }, + "WebAuthnRelyingPartyID": { + "markdownDescription": "Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.\n\nUnder the following conditions, the passkey relying party ID must be the fully-qualified domain name of your custom domain:\n\n- The user pool is configured for passkey authentication.\n- The user pool has a custom domain, whether or not it also has a prefix domain.\n- Your application performs authentication with managed login or the classic hosted UI.", + "title": "WebAuthnRelyingPartyID", + "type": "string" + }, + "WebAuthnUserVerification": { + "markdownDescription": "When `required` , users can only register and sign in users with passkeys that are capable of [user verification](https://docs.aws.amazon.com/https://www.w3.org/TR/webauthn-2/#enum-userVerificationRequirement) . When `preferred` , your user pool doesn't require the use of authenticators with user verification but encourages it.", + "title": "WebAuthnUserVerification", "type": "string" } }, - "required": [ - "DomainName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::Integration" + "AWS::Cognito::UserPool" ], "type": "string" }, @@ -54461,401 +60299,510 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ConnectorOperator": { + "AWS::Cognito::UserPool.AccountRecoverySetting": { "additionalProperties": false, "properties": { - "Marketo": { - "markdownDescription": "The operation to be performed on the provided Marketo source fields.", - "title": "Marketo", - "type": "string" - }, - "S3": { - "markdownDescription": "The operation to be performed on the provided Amazon S3 source fields.", - "title": "S3", - "type": "string" - }, - "Salesforce": { - "markdownDescription": "The operation to be performed on the provided Salesforce source fields.", - "title": "Salesforce", - "type": "string" - }, - "ServiceNow": { - "markdownDescription": "The operation to be performed on the provided ServiceNow source fields.", - "title": "ServiceNow", - "type": "string" - }, - "Zendesk": { - "markdownDescription": "The operation to be performed on the provided Zendesk source fields.", - "title": "Zendesk", - "type": "string" + "RecoveryMechanisms": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPool.RecoveryOption" + }, + "markdownDescription": "The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators.", + "title": "RecoveryMechanisms", + "type": "array" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.FlowDefinition": { + "AWS::Cognito::UserPool.AdminCreateUserConfig": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the flow you want to create.", - "title": "Description", - "type": "string" - }, - "FlowName": { - "markdownDescription": "The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed.", - "title": "FlowName", - "type": "string" - }, - "KmsArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption.", - "title": "KmsArn", - "type": "string" - }, - "SourceFlowConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceFlowConfig", - "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", - "title": "SourceFlowConfig" + "AllowAdminCreateUserOnly": { + "markdownDescription": "The setting for allowing self-service sign-up. When `true` , only administrators can create new user profiles. When `false` , users can register themselves and create a new user profile with the `SignUp` operation.", + "title": "AllowAdminCreateUserOnly", + "type": "boolean" }, - "Tasks": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.Task" - }, - "markdownDescription": "A list of tasks that Customer Profiles performs while transferring the data in the flow run.", - "title": "Tasks", - "type": "array" + "InviteMessageTemplate": { + "$ref": "#/definitions/AWS::Cognito::UserPool.InviteMessageTemplate", + "markdownDescription": "The template for the welcome message to new users. This template must include the `{####}` temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder.\n\nSee also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .", + "title": "InviteMessageTemplate" }, - "TriggerConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerConfig", - "markdownDescription": "The trigger settings that determine how and when the flow runs.", - "title": "TriggerConfig" + "UnusedAccountValidityDays": { + "markdownDescription": "This parameter is no longer in use.\n\nThe password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `RESEND` for the `MessageAction` parameter.\n\nThe default value for this parameter is 7.", + "title": "UnusedAccountValidityDays", + "type": "number" } }, - "required": [ - "FlowName", - "KmsArn", - "SourceFlowConfig", - "Tasks", - "TriggerConfig" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.IncrementalPullConfig": { + "AWS::Cognito::UserPool.AdvancedSecurityAdditionalFlows": { "additionalProperties": false, "properties": { - "DatetimeTypeFieldName": { - "markdownDescription": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.", - "title": "DatetimeTypeFieldName", + "CustomAuthMode": { + "markdownDescription": "The operating mode of threat protection in custom authentication with [Custom authentication challenge Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "CustomAuthMode", "type": "string" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.MarketoSourceProperties": { + "AWS::Cognito::UserPool.CustomEmailSender": { "additionalProperties": false, "properties": { - "Object": { - "markdownDescription": "The object specified in the Marketo flow source.", - "title": "Object", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", + "title": "LambdaArn", + "type": "string" + }, + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", + "title": "LambdaVersion", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ObjectTypeMapping": { + "AWS::Cognito::UserPool.CustomSMSSender": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key.", - "title": "Key", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", + "title": "LambdaArn", "type": "string" }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", + "title": "LambdaVersion", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.S3SourceProperties": { + "AWS::Cognito::UserPool.DeviceConfiguration": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket name where the source files are stored.", - "title": "BucketName", + "ChallengeRequiredOnNewDevice": { + "markdownDescription": "When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).\n\n> Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.", + "title": "ChallengeRequiredOnNewDevice", + "type": "boolean" + }, + "DeviceOnlyRememberedOnUserPrompt": { + "markdownDescription": "When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a `ConfirmDevice` API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an `UpdateDeviceStatus` API request.\n\nWhen `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request.", + "title": "DeviceOnlyRememberedOnUserPrompt", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.EmailConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationSet": { + "markdownDescription": "The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:\n\n- **Event publishing** - Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as and Amazon CloudWatch\n- **IP pool management** - When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.", + "title": "ConfigurationSet", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "The object key for the Amazon S3 bucket in which the source files are stored.", - "title": "BucketPrefix", + "EmailSendingAccount": { + "markdownDescription": "Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:\n\n- **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.\n\nTo look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* .\n\nThe default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.\n- **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .\n\nIf you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.\n\nBefore Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* .", + "title": "EmailSendingAccount", + "type": "string" + }, + "From": { + "markdownDescription": "Either the sender\u2019s email address or the sender\u2019s name with their email address. For example, `testuser@example.com` or `Test User ` . This address appears before the body of the email.", + "title": "From", + "type": "string" + }, + "ReplyToEmailAddress": { + "markdownDescription": "The destination to which the receiver of the email should reply.", + "title": "ReplyToEmailAddress", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:\n\n- If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.\n- If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.\n\nThe Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) .", + "title": "SourceArn", "type": "string" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.SalesforceSourceProperties": { + "AWS::Cognito::UserPool.InviteMessageTemplate": { "additionalProperties": false, "properties": { - "EnableDynamicFieldUpdate": { - "markdownDescription": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.", - "title": "EnableDynamicFieldUpdate", - "type": "boolean" + "EmailMessage": { + "markdownDescription": "The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", + "title": "EmailMessage", + "type": "string" }, - "IncludeDeletedRecords": { - "markdownDescription": "Indicates whether Amazon AppFlow includes deleted files in the flow run.", - "title": "IncludeDeletedRecords", - "type": "boolean" + "EmailSubject": { + "markdownDescription": "The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", + "title": "EmailSubject", + "type": "string" }, - "Object": { - "markdownDescription": "The object specified in the Salesforce flow source.", - "title": "Object", + "SMSMessage": { + "markdownDescription": "The message template for SMS messages.", + "title": "SMSMessage", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ScheduledTriggerProperties": { + "AWS::Cognito::UserPool.LambdaConfig": { "additionalProperties": false, "properties": { - "DataPullMode": { - "markdownDescription": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.", - "title": "DataPullMode", + "CreateAuthChallenge": { + "markdownDescription": "The configuration of a create auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "CreateAuthChallenge", "type": "string" }, - "FirstExecutionFrom": { - "markdownDescription": "Specifies the date range for the records to import from the connector in the first flow run.", - "title": "FirstExecutionFrom", - "type": "number" + "CustomEmailSender": { + "$ref": "#/definitions/AWS::Cognito::UserPool.CustomEmailSender", + "markdownDescription": "The configuration of a custom email sender Lambda trigger. This trigger routes all email notifications from a user pool to a Lambda function that delivers the message using custom logic.", + "title": "CustomEmailSender" }, - "ScheduleEndTime": { - "markdownDescription": "Specifies the scheduled end time for a scheduled-trigger flow.", - "title": "ScheduleEndTime", - "type": "number" + "CustomMessage": { + "markdownDescription": "A custom message Lambda trigger. This trigger is an opportunity to customize all SMS and email messages from your user pool. When a custom message trigger is active, your user pool routes all messages to a Lambda function that returns a runtime-customized message subject and body for your user pool to deliver to a user.", + "title": "CustomMessage", + "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes).", - "title": "ScheduleExpression", + "CustomSMSSender": { + "$ref": "#/definitions/AWS::Cognito::UserPool.CustomSMSSender", + "markdownDescription": "The configuration of a custom SMS sender Lambda trigger. This trigger routes all SMS notifications from a user pool to a Lambda function that delivers the message using custom logic.", + "title": "CustomSMSSender" + }, + "DefineAuthChallenge": { + "markdownDescription": "The configuration of a define auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "DefineAuthChallenge", "type": "string" }, - "ScheduleOffset": { - "markdownDescription": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow.", - "title": "ScheduleOffset", - "type": "number" + "KMSKeyID": { + "markdownDescription": "The ARN of an [KMS key](https://docs.aws.amazon.com//kms/latest/developerguide/concepts.html#master_keys) . Amazon Cognito uses the key to encrypt codes and temporary passwords sent to custom sender Lambda triggers.", + "title": "KMSKeyID", + "type": "string" }, - "ScheduleStartTime": { - "markdownDescription": "Specifies the scheduled start time for a scheduled-trigger flow. The value must be a date/time value in EPOCH format.", - "title": "ScheduleStartTime", - "type": "number" + "PostAuthentication": { + "markdownDescription": "The configuration of a [post authentication Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html) in a user pool. This trigger can take custom actions after a user signs in.", + "title": "PostAuthentication", + "type": "string" }, - "Timezone": { - "markdownDescription": "Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York.", - "title": "Timezone", + "PostConfirmation": { + "markdownDescription": "The configuration of a [post confirmation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html) in a user pool. This trigger can take custom actions after a user confirms their user account and their email address or phone number.", + "title": "PostConfirmation", + "type": "string" + }, + "PreAuthentication": { + "markdownDescription": "The configuration of a [pre authentication trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html) in a user pool. This trigger can evaluate and modify user sign-in events.", + "title": "PreAuthentication", + "type": "string" + }, + "PreSignUp": { + "markdownDescription": "The configuration of a [pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) in a user pool. This trigger evaluates new users and can bypass confirmation, [link a federated user profile](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html) , or block sign-up requests.", + "title": "PreSignUp", + "type": "string" + }, + "PreTokenGeneration": { + "markdownDescription": "The legacy configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool.\n\nSet this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` .", + "title": "PreTokenGeneration", + "type": "string" + }, + "PreTokenGenerationConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.PreTokenGenerationConfig", + "markdownDescription": "The detailed configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` .", + "title": "PreTokenGenerationConfig" + }, + "UserMigration": { + "markdownDescription": "The configuration of a [migrate user Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html) in a user pool. This trigger can create user profiles when users sign in or attempt to reset their password with credentials that don't exist yet.", + "title": "UserMigration", + "type": "string" + }, + "VerifyAuthChallengeResponse": { + "markdownDescription": "The configuration of a verify auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "VerifyAuthChallengeResponse", "type": "string" } }, - "required": [ - "ScheduleExpression" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ServiceNowSourceProperties": { + "AWS::Cognito::UserPool.NumberAttributeConstraints": { "additionalProperties": false, "properties": { - "Object": { - "markdownDescription": "The object specified in the ServiceNow flow source.", - "title": "Object", + "MaxValue": { + "markdownDescription": "The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", + "title": "MaxValue", + "type": "string" + }, + "MinValue": { + "markdownDescription": "The minimum value of an attribute that is of the number data type.", + "title": "MinValue", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.SourceConnectorProperties": { + "AWS::Cognito::UserPool.PasswordPolicy": { "additionalProperties": false, "properties": { - "Marketo": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.MarketoSourceProperties", - "markdownDescription": "The properties that are applied when Marketo is being used as a source.", - "title": "Marketo" + "MinimumLength": { + "markdownDescription": "The minimum length of the password in the policy that you have set. This value can't be less than 6.", + "title": "MinimumLength", + "type": "number" }, - "S3": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.S3SourceProperties", - "markdownDescription": "The properties that are applied when Amazon S3 is being used as the flow source.", - "title": "S3" + "PasswordHistorySize": { + "markdownDescription": "The number of previous passwords that you want Amazon Cognito to restrict each user from reusing. Users can't set a password that matches any of `n` previous passwords, where `n` is the value of `PasswordHistorySize` .", + "title": "PasswordHistorySize", + "type": "number" }, - "Salesforce": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SalesforceSourceProperties", - "markdownDescription": "The properties that are applied when Salesforce is being used as a source.", - "title": "Salesforce" + "RequireLowercase": { + "markdownDescription": "The requirement in a password policy that users must include at least one lowercase letter in their password.", + "title": "RequireLowercase", + "type": "boolean" }, - "ServiceNow": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ServiceNowSourceProperties", - "markdownDescription": "The properties that are applied when ServiceNow is being used as a source.", - "title": "ServiceNow" + "RequireNumbers": { + "markdownDescription": "The requirement in a password policy that users must include at least one number in their password.", + "title": "RequireNumbers", + "type": "boolean" }, - "Zendesk": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ZendeskSourceProperties", - "markdownDescription": "The properties that are applied when using Zendesk as a flow source.", - "title": "Zendesk" + "RequireSymbols": { + "markdownDescription": "The requirement in a password policy that users must include at least one symbol in their password.", + "title": "RequireSymbols", + "type": "boolean" + }, + "RequireUppercase": { + "markdownDescription": "The requirement in a password policy that users must include at least one uppercase letter in their password.", + "title": "RequireUppercase", + "type": "boolean" + }, + "TemporaryPasswordValidityDays": { + "markdownDescription": "The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value.\n\n> When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool.", + "title": "TemporaryPasswordValidityDays", + "type": "number" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.SourceFlowConfig": { + "AWS::Cognito::UserPool.Policies": { "additionalProperties": false, "properties": { - "ConnectorProfileName": { - "markdownDescription": "The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account .", - "title": "ConnectorProfileName", - "type": "string" + "PasswordPolicy": { + "$ref": "#/definitions/AWS::Cognito::UserPool.PasswordPolicy", + "markdownDescription": "The password policy settings for a user pool, including complexity, history, and length requirements.", + "title": "PasswordPolicy" }, - "ConnectorType": { - "markdownDescription": "The type of connector, such as Salesforce, Marketo, and so on.", - "title": "ConnectorType", + "SignInPolicy": { + "$ref": "#/definitions/AWS::Cognito::UserPool.SignInPolicy", + "markdownDescription": "The policy for allowed types of authentication in a user pool. To activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.", + "title": "SignInPolicy" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.PreTokenGenerationConfig": { + "additionalProperties": false, + "properties": { + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nThis parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` .", + "title": "LambdaArn", "type": "string" }, - "IncrementalPullConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.IncrementalPullConfig", - "markdownDescription": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.", - "title": "IncrementalPullConfig" + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.", + "title": "LambdaVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.RecoveryOption": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The recovery method that this object sets a recovery option for.", + "title": "Name", + "type": "string" }, - "SourceConnectorProperties": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceConnectorProperties", - "markdownDescription": "Specifies the information that is required to query a particular source connector.", - "title": "SourceConnectorProperties" + "Priority": { + "markdownDescription": "Your priority preference for using the specified attribute in account recovery. The highest priority is `1` .", + "title": "Priority", + "type": "number" } }, - "required": [ - "ConnectorType", - "SourceConnectorProperties" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.Task": { + "AWS::Cognito::UserPool.SchemaAttribute": { "additionalProperties": false, "properties": { - "ConnectorOperator": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ConnectorOperator", - "markdownDescription": "The operation to be performed on the provided source fields.", - "title": "ConnectorOperator" + "AttributeDataType": { + "markdownDescription": "The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `\"custom:isMember\" : \"true\"` or `\"custom:YearsAsMember\" : \"12\"` .", + "title": "AttributeDataType", + "type": "string" }, - "DestinationField": { - "markdownDescription": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.", - "title": "DestinationField", + "DeveloperOnlyAttribute": { + "markdownDescription": "> You should use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . \n\nSpecifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access token. For example, `DeveloperOnlyAttribute` can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.", + "title": "DeveloperOnlyAttribute", + "type": "boolean" + }, + "Mutable": { + "markdownDescription": "Specifies whether the value of the attribute can be changed.\n\nAny user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", + "title": "Mutable", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes..", + "title": "Name", "type": "string" }, - "SourceFields": { + "NumberAttributeConstraints": { + "$ref": "#/definitions/AWS::Cognito::UserPool.NumberAttributeConstraints", + "markdownDescription": "Specifies the constraints for an attribute of the number type.", + "title": "NumberAttributeConstraints" + }, + "Required": { + "markdownDescription": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.", + "title": "Required", + "type": "boolean" + }, + "StringAttributeConstraints": { + "$ref": "#/definitions/AWS::Cognito::UserPool.StringAttributeConstraints", + "markdownDescription": "Specifies the constraints for an attribute of the string type.", + "title": "StringAttributeConstraints" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.SignInPolicy": { + "additionalProperties": false, + "properties": { + "AllowedFirstAuthFactors": { "items": { "type": "string" }, - "markdownDescription": "The source fields to which a particular task is applied.", - "title": "SourceFields", + "markdownDescription": "The sign-in methods that a user pool supports as the first factor. You can permit users to start authentication with a standard username and password, or with other one-time password and hardware factors.\n\nSupports values of `EMAIL_OTP` , `SMS_OTP` , `WEB_AUTHN` and `PASSWORD` ,", + "title": "AllowedFirstAuthFactors", "type": "array" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.SmsConfiguration": { + "additionalProperties": false, + "properties": { + "ExternalId": { + "markdownDescription": "The external ID provides additional security for your IAM role. You can use an `ExternalId` with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the `ExternalID` . If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the `ExternalId` .\n\nFor more information about the `ExternalId` of a role, see [How to use an external ID when granting access to your AWS resources to a third party](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) .", + "title": "ExternalId", + "type": "string" }, - "TaskProperties": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TaskPropertiesMap" - }, - "markdownDescription": "A map used to store task-related information. The service looks for particular information based on the TaskType.", - "title": "TaskProperties", - "type": "array" + "SnsCallerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) .", + "title": "SnsCallerArn", + "type": "string" }, - "TaskType": { - "markdownDescription": "Specifies the particular task implementation that Amazon AppFlow performs.", - "title": "TaskType", + "SnsRegion": { + "markdownDescription": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* .\n\nAmazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", + "title": "SnsRegion", "type": "string" } }, - "required": [ - "SourceFields", - "TaskType" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.TaskPropertiesMap": { + "AWS::Cognito::UserPool.StringAttributeConstraints": { "additionalProperties": false, "properties": { - "OperatorPropertyKey": { - "markdownDescription": "The task property key.", - "title": "OperatorPropertyKey", + "MaxLength": { + "markdownDescription": "The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", + "title": "MaxLength", "type": "string" }, - "Property": { - "markdownDescription": "The task property value.", - "title": "Property", + "MinLength": { + "markdownDescription": "The minimum length of a string attribute value.", + "title": "MinLength", "type": "string" } }, + "type": "object" + }, + "AWS::Cognito::UserPool.UserAttributeUpdateSettings": { + "additionalProperties": false, + "properties": { + "AttributesRequireVerificationBeforeUpdate": { + "items": { + "type": "string" + }, + "markdownDescription": "Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn\u2019t change the value of the attribute until your user responds to the verification message and confirms the new value.\n\nWhen `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user\u2019s `email` or `phone_number` attribute.", + "title": "AttributesRequireVerificationBeforeUpdate", + "type": "array" + } + }, "required": [ - "OperatorPropertyKey", - "Property" + "AttributesRequireVerificationBeforeUpdate" ], "type": "object" }, - "AWS::CustomerProfiles::Integration.TriggerConfig": { + "AWS::Cognito::UserPool.UserPoolAddOns": { "additionalProperties": false, "properties": { - "TriggerProperties": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerProperties", - "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type.", - "title": "TriggerProperties" + "AdvancedSecurityAdditionalFlows": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AdvancedSecurityAdditionalFlows", + "markdownDescription": "Threat protection configuration options for additional authentication types in your user pool, including custom authentication.", + "title": "AdvancedSecurityAdditionalFlows" }, - "TriggerType": { - "markdownDescription": "Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event.", - "title": "TriggerType", + "AdvancedSecurityMode": { + "markdownDescription": "The operating mode of threat protection for standard authentication types in your user pool, including username-password and secure remote password (SRP) authentication.", + "title": "AdvancedSecurityMode", "type": "string" } }, - "required": [ - "TriggerType" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration.TriggerProperties": { + "AWS::Cognito::UserPool.UsernameConfiguration": { "additionalProperties": false, "properties": { - "Scheduled": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ScheduledTriggerProperties", - "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define.", - "title": "Scheduled" + "CaseSensitive": { + "markdownDescription": "Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.\n\nValid values include:\n\n- **true** - Enables case sensitivity for all username input. When this option is set to `true` , users must sign in using the exact capitalization of their given username, such as \u201cUserName\u201d. This is the default value.\n- **false** - Enables case insensitivity for all username input. For example, when this option is set to `false` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute.", + "title": "CaseSensitive", + "type": "boolean" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.ZendeskSourceProperties": { + "AWS::Cognito::UserPool.VerificationMessageTemplate": { "additionalProperties": false, "properties": { - "Object": { - "markdownDescription": "The object specified in the Zendesk flow source.", - "title": "Object", + "DefaultEmailOption": { + "markdownDescription": "The configuration of verification emails to contain a clickable link or a verification code.\n\nFor link, your template body must contain link text in the format `{##Click here##}` . \"Click here\" in the example is a customizable string. For code, your template body must contain a code placeholder in the format `{####}` .", + "title": "DefaultEmailOption", + "type": "string" + }, + "EmailMessage": { + "markdownDescription": "The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailMessage", + "type": "string" + }, + "EmailMessageByLink": { + "markdownDescription": "The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailMessageByLink", + "type": "string" + }, + "EmailSubject": { + "markdownDescription": "The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailSubject", + "type": "string" + }, + "EmailSubjectByLink": { + "markdownDescription": "The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailSubjectByLink", + "type": "string" + }, + "SmsMessage": { + "markdownDescription": "The template for SMS messages that Amazon Cognito sends to your users.", + "title": "SmsMessage", "type": "string" } }, - "required": [ - "Object" - ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType": { + "AWS::Cognito::UserPoolClient": { "additionalProperties": false, "properties": { "Condition": { @@ -54890,81 +60837,154 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowProfileCreation": { - "markdownDescription": "Indicates whether a profile should be created when data is received if one doesn\u2019t exist for an object of this type. The default is `FALSE` . If the AllowProfileCreation flag is set to `FALSE` , then the service tries to fetch a standard profile and associate this object with the profile. If it is set to `TRUE` , and if no match is found, then the service creates a new standard profile.", - "title": "AllowProfileCreation", + "AccessTokenValidity": { + "markdownDescription": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with\ntheir access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your access\ntokens are valid for one hour.", + "title": "AccessTokenValidity", + "type": "number" + }, + "AllowedOAuthFlows": { + "items": { + "type": "string" + }, + "markdownDescription": "The OAuth grant types that you want your app client to generate for clients in managed login authentication. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token, and the ID token when scopes like `openid` and `profile` are requested, directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user, authorized by a combination of the client ID and client secret.", + "title": "AllowedOAuthFlows", + "type": "array" + }, + "AllowedOAuthFlowsUserPoolClient": { + "markdownDescription": "Set to `true` to use OAuth 2.0 authorization server features in your app client.\n\nThis parameter must have a value of `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use authorization server features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` . When `false` , only SDK-based API sign-in is permitted.", + "title": "AllowedOAuthFlowsUserPoolClient", "type": "boolean" }, - "Description": { - "markdownDescription": "The description of the profile object type mapping.", - "title": "Description", - "type": "string" + "AllowedOAuthScopes": { + "items": { + "type": "string" + }, + "markdownDescription": "The OAuth, OpenID Connect (OIDC), and custom scopes that you want to permit your app client to authorize access with. Scopes govern access control to user pool self-service API operations, user data from the `userInfo` endpoint, and third-party APIs. Scope values include `phone` , `email` , `openid` , and `profile` . The `aws.cognito.signin.user.admin` scope authorizes user self-service operations. Custom scopes with resource servers authorize access to external APIs.", + "title": "AllowedOAuthScopes", + "type": "array" }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", + "AnalyticsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.AnalyticsConfiguration", + "markdownDescription": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\nIn AWS Regions where Amazon Pinpoint isn't available, user pools might not have access to analytics or might be configurable with campaigns in the US East (N. Virginia) Region. For more information, see [Using Amazon Pinpoint analytics](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html) .", + "title": "AnalyticsConfiguration" + }, + "AuthSessionValidity": { + "markdownDescription": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.", + "title": "AuthSessionValidity", + "type": "number" + }, + "CallbackURLs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed redirect, or callback, URLs for managed login authentication. These URLs are the paths where you want to send your users' browsers after they complete authentication with managed login or a third-party IdP. Typically, callback URLs are the home of an application that uses OAuth or OIDC libraries to process authentication outcomes.\n\nA redirect URI must meet the following requirements:\n\n- Be an absolute URI.\n- Be registered with the authorization server. Amazon Cognito doesn't accept authorization requests with `redirect_uri` values that aren't in the list of `CallbackURLs` that you provide in this parameter.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported.", + "title": "CallbackURLs", + "type": "array" + }, + "ClientName": { + "markdownDescription": "A friendly name for the app client that you want to create.", + "title": "ClientName", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The customer-provided key to encrypt the profile object that will be created in this profile object type mapping. If not specified the system will use the encryption key of the domain.", - "title": "EncryptionKey", + "DefaultRedirectURI": { + "markdownDescription": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.", + "title": "DefaultRedirectURI", "type": "string" }, - "ExpirationDays": { - "markdownDescription": "The number of days until the data of this type expires.", - "title": "ExpirationDays", - "type": "number" + "EnablePropagateAdditionalUserContextData": { + "markdownDescription": "When `true` , your application can include additional `UserContextData` in authentication requests. This data includes the IP address, and contributes to analysis by threat protection features. For more information about propagation of user context data, see [Adding session data to API requests](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint) . If you don\u2019t include this parameter, you can't send the source IP address to Amazon Cognito threat protection features. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret.", + "title": "EnablePropagateAdditionalUserContextData", + "type": "boolean" }, - "Fields": { + "EnableTokenRevocation": { + "markdownDescription": "Activates or deactivates token revocation.\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.", + "title": "EnableTokenRevocation", + "type": "boolean" + }, + "ExplicitAuthFlows": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.FieldMap" + "type": "string" }, - "markdownDescription": "A list of field definitions for the object type mapping.", - "title": "Fields", + "markdownDescription": "The [authentication flows](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html) that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n> If you don't specify a value for `ExplicitAuthFlows` , your app client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nThe values for authentication flow options include the following.\n\n- `ALLOW_USER_AUTH` : Enable selection-based sign-in with `USER_AUTH` . This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other `ExplicitAuthFlows` permitting them. For example users can complete an SRP challenge through `USER_AUTH` without the flow `USER_SRP_AUTH` being active for the app client. This flow doesn't include `CUSTOM_AUTH` .\n\nTo activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` .", + "title": "ExplicitAuthFlows", "type": "array" }, - "Keys": { + "GenerateSecret": { + "markdownDescription": "When `true` , generates a client secret for the app client. Client secrets are used with server-side and machine-to-machine applications. Client secrets are automatically generated; you can't specify a secret value. For more information, see [App client types](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#user-pool-settings-client-app-client-types) .", + "title": "GenerateSecret", + "type": "boolean" + }, + "IdTokenValidity": { + "markdownDescription": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your ID\ntokens are valid for one hour.", + "title": "IdTokenValidity", + "type": "number" + }, + "LogoutURLs": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.KeyMap" + "type": "string" }, - "markdownDescription": "A list of keys that can be used to map data to the profile or search for the profile.", - "title": "Keys", + "markdownDescription": "A list of allowed logout URLs for managed login authentication. When you pass `logout_uri` and `client_id` parameters to `/logout` , Amazon Cognito signs out your user and redirects them to the logout URL. This parameter describes the URLs that you want to be the permitted targets of `logout_uri` . A typical use of these URLs is when a user selects \"Sign out\" and you redirect them to your public homepage. For more information, see [Logout endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html) .", + "title": "LogoutURLs", "type": "array" }, - "ObjectTypeName": { - "markdownDescription": "The name of the profile object type.", - "title": "ObjectTypeName", + "PreventUserExistenceErrors": { + "markdownDescription": "Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to `ENABLED` and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs return a `UserNotFoundException` exception if the user doesn't exist in the user pool.\n\nValid values include:\n\n- `ENABLED` - This prevents user existence-related errors.\n- `LEGACY` - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.\n\nDefaults to `LEGACY` when you don't provide a value.", + "title": "PreventUserExistenceErrors", "type": "string" }, - "SourceLastUpdatedTimestampFormat": { - "markdownDescription": "The format of your sourceLastUpdatedTimestamp that was previously set up.", - "title": "SourceLastUpdatedTimestampFormat", - "type": "string" + "ReadAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user attributes that you want your app client to have read access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool app client has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes.", + "title": "ReadAttributes", + "type": "array" }, - "Tags": { + "RefreshTokenRotation": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.RefreshTokenRotation", + "markdownDescription": "The configuration of your app client for refresh token rotation. When enabled, your app client issues new ID, access, and refresh tokens when users renew their sessions with refresh tokens. When disabled, token refresh issues only ID and access tokens.", + "title": "RefreshTokenRotation" + }, + "RefreshTokenValidity": { + "markdownDescription": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session\nand retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your refresh\ntokens are valid for 30 days.", + "title": "RefreshTokenValidity", + "type": "number" + }, + "SupportedIdentityProviders": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` .\n\nThis parameter sets the IdPs that [managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) will display on the login page for your app client. The removal of `COGNITO` from this list doesn't prevent authentication operations for local users with the user pools API in an AWS SDK. The only way to prevent SDK-based authentication is to block access with a [AWS WAF rule](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html) .", + "title": "SupportedIdentityProviders", "type": "array" }, - "TemplateId": { - "markdownDescription": "A unique identifier for the template mapping. This can be used instead of specifying the Keys and Fields properties directly.", - "title": "TemplateId", + "TokenValidityUnits": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.TokenValidityUnits", + "markdownDescription": "The units that validity times are represented in. The default unit for refresh tokens is days, and the default for ID and access tokens are hours.", + "title": "TokenValidityUnits" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create an app client.", + "title": "UserPoolId", "type": "string" + }, + "WriteAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", + "title": "WriteAttributes", + "type": "array" } }, "required": [ - "Description", - "DomainName", - "ObjectTypeName" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::ObjectType" + "AWS::Cognito::UserPoolClient" ], "type": "string" }, @@ -54983,85 +61003,75 @@ ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType.FieldMap": { + "AWS::Cognito::UserPoolClient.AnalyticsConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the field.", - "title": "Name", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project that you want to connect to your user pool app client. Amazon Cognito publishes events to the Amazon Pinpoint project that `ApplicationArn` declares. You can also configure your application to pass an endpoint ID in the `AnalyticsMetadata` parameter of sign-in operations. The endpoint ID is information about the destination for push notifications", + "title": "ApplicationArn", "type": "string" }, - "ObjectTypeField": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeField", - "markdownDescription": "Represents a field in a ProfileObjectType.", - "title": "ObjectTypeField" + "ApplicationId": { + "markdownDescription": "Your Amazon Pinpoint project ID.", + "title": "ApplicationId", + "type": "string" + }, + "ExternalId": { + "markdownDescription": "The [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) of the role that Amazon Cognito assumes to send analytics data to Amazon Pinpoint.", + "title": "ExternalId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an AWS Identity and Access Management role that has the permissions required for Amazon Cognito to publish events to Amazon Pinpoint analytics.", + "title": "RoleArn", + "type": "string" + }, + "UserDataShared": { + "markdownDescription": "If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics.", + "title": "UserDataShared", + "type": "boolean" } }, "type": "object" }, - "AWS::CustomerProfiles::ObjectType.KeyMap": { + "AWS::Cognito::UserPoolClient.RefreshTokenRotation": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the key.", - "title": "Name", + "Feature": { + "markdownDescription": "The state of refresh token rotation for the current app client.", + "title": "Feature", "type": "string" }, - "ObjectTypeKeyList": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeKey" - }, - "markdownDescription": "A list of ObjectTypeKey.", - "title": "ObjectTypeKeyList", - "type": "array" + "RetryGracePeriodSeconds": { + "markdownDescription": "When you request a token refresh with `GetTokensFromRefreshToken` , the original refresh token that you're rotating out can remain valid for a period of time of up to 60 seconds. This allows for client-side retries. When `RetryGracePeriodSeconds` is `0` , the grace period is disabled and a successful request immediately invalidates the submitted refresh token.", + "title": "RetryGracePeriodSeconds", + "type": "number" } }, "type": "object" }, - "AWS::CustomerProfiles::ObjectType.ObjectTypeField": { + "AWS::Cognito::UserPoolClient.TokenValidityUnits": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the field. Used for determining equality when searching.", - "title": "ContentType", + "AccessToken": { + "markdownDescription": "A time unit for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is `hours` . `AccessTokenValidity` duration can range from five minutes to one day.", + "title": "AccessToken", "type": "string" }, - "Source": { - "markdownDescription": "A field of a ProfileObject. For example: _source.FirstName, where \u201c_source\u201d is a ProfileObjectType of a Zendesk user and \u201cFirstName\u201d is a field in that ObjectType.", - "title": "Source", + "IdToken": { + "markdownDescription": "A time unit for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is `hours` . `IdTokenValidity` duration can range from five minutes to one day.", + "title": "IdToken", "type": "string" }, - "Target": { - "markdownDescription": "The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode.", - "title": "Target", + "RefreshToken": { + "markdownDescription": "A time unit for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is `days` . `RefreshTokenValidity` duration can range from 60 minutes to 10 years.", + "title": "RefreshToken", "type": "string" } }, "type": "object" }, - "AWS::CustomerProfiles::ObjectType.ObjectTypeKey": { - "additionalProperties": false, - "properties": { - "FieldNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The reference for the key name of the fields map.", - "title": "FieldNames", - "type": "array" - }, - "StandardIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles.", - "title": "StandardIdentifiers", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DAX::Cluster": { + "AWS::Cognito::UserPoolDomain": { "additionalProperties": false, "properties": { "Condition": { @@ -55096,93 +61106,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones (AZs) in which the cluster nodes will reside after the cluster has been created or updated. If provided, the length of this list must equal the `ReplicationFactor` parameter. If you omit this parameter, DAX will spread the nodes across Availability Zones for the highest availability.", - "title": "AvailabilityZones", - "type": "array" - }, - "ClusterEndpointEncryptionType": { - "markdownDescription": "The encryption type of the cluster's endpoint. Available values are:\n\n- `NONE` - The cluster's endpoint will be unencrypted.\n- `TLS` - The cluster's endpoint will be encrypted with Transport Layer Security, and will provide an x509 certificate for authentication.\n\nThe default value is `NONE` .", - "title": "ClusterEndpointEncryptionType", - "type": "string" - }, - "ClusterName": { - "markdownDescription": "The name of the DAX cluster.", - "title": "ClusterName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the cluster.", - "title": "Description", - "type": "string" - }, - "IAMRoleARN": { - "markdownDescription": "A valid Amazon Resource Name (ARN) that identifies an IAM role. At runtime, DAX will assume this role and use the role's permissions to access DynamoDB on your behalf.", - "title": "IAMRoleARN", - "type": "string" - }, - "NodeType": { - "markdownDescription": "The node type for the nodes in the cluster. (All nodes in a DAX cluster are of the same type.)", - "title": "NodeType", - "type": "string" - }, - "NotificationTopicARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which notifications will be sent.\n\n> The Amazon SNS topic owner must be same as the DAX cluster owner.", - "title": "NotificationTopicARN", - "type": "string" - }, - "ParameterGroupName": { - "markdownDescription": "The parameter group to be associated with the DAX cluster.", - "title": "ParameterGroupName", - "type": "string" + "CustomDomainConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPoolDomain.CustomDomainConfigType", + "markdownDescription": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.\n\nWhen you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain.", + "title": "CustomDomainConfig" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "A range of time when maintenance of DAX cluster software will be performed. For example: `sun:01:00-sun:09:00` . Cluster maintenance normally takes less than 30 minutes, and is performed automatically within the maintenance window.", - "title": "PreferredMaintenanceWindow", + "Domain": { + "markdownDescription": "The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` .", + "title": "Domain", "type": "string" }, - "ReplicationFactor": { - "markdownDescription": "The number of nodes in the DAX cluster. A replication factor of 1 will create a single-node cluster, without any read replicas. For additional fault tolerance, you can create a multiple node cluster with one or more read replicas. To do this, set `ReplicationFactor` to a number between 3 (one primary and two read replicas) and 10 (one primary and nine read replicas). `If the AvailabilityZones` parameter is provided, its length must equal the `ReplicationFactor` .\n\n> AWS recommends that you have at least two read replicas per cluster.", - "title": "ReplicationFactor", + "ManagedLoginVersion": { + "markdownDescription": "A version number that indicates the state of managed login for your domain. Version `1` is hosted UI (classic). Version `2` is the newer managed login with the branding editor. For more information, see [Managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) .", + "title": "ManagedLoginVersion", "type": "number" }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DAX::Cluster.SSESpecification", - "markdownDescription": "Represents the settings used to enable server-side encryption on the cluster.", - "title": "SSESpecification" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to be assigned to each node in the DAX cluster. (Each of the security group ID is system-generated.)\n\nIf this parameter is not specified, DAX assigns the default VPC security group to each node.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the replication group.\n\n> DAX clusters can only run in an Amazon VPC environment. All of the subnets that you specify in a subnet group must exist in the same VPC.", - "title": "SubnetGroupName", + "UserPoolId": { + "markdownDescription": "The ID of the user pool that is associated with the domain you're updating.", + "title": "UserPoolId", "type": "string" - }, - "Tags": { - "markdownDescription": "A set of tags to associate with the DAX cluster.", - "title": "Tags", - "type": "object" } }, "required": [ - "IAMRoleARN", - "NodeType", - "ReplicationFactor" + "Domain", + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::Cluster" + "AWS::Cognito::UserPoolDomain" ], "type": "string" }, @@ -55201,18 +61154,18 @@ ], "type": "object" }, - "AWS::DAX::Cluster.SSESpecification": { + "AWS::Cognito::UserPoolDomain.CustomDomainConfigType": { "additionalProperties": false, "properties": { - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is enabled (true) or disabled (false) on the cluster.", - "title": "SSEEnabled", - "type": "boolean" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.", + "title": "CertificateArn", + "type": "string" } }, "type": "object" }, - "AWS::DAX::ParameterGroup": { + "AWS::Cognito::UserPoolGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -55248,26 +61201,39 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description of the parameter group.", + "markdownDescription": "A description of the group that you're creating.", "title": "Description", "type": "string" }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group.", - "title": "ParameterGroupName", + "GroupName": { + "markdownDescription": "A name for the group. This name must be unique in your user pool.", + "title": "GroupName", "type": "string" }, - "ParameterNameValues": { - "markdownDescription": "An array of name-value pairs for the parameters in the group. Each element in the array represents a single parameter.\n\n> `record-ttl-millis` and `query-ttl-millis` are the only supported parameter names. For more details, see [Configuring TTL Settings](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl) .", - "title": "ParameterNameValues", - "type": "object" + "Precedence": { + "markdownDescription": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` .", + "title": "Precedence", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a `cognito:preferred_role` claim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain a `cognito:groups` claim that list all the groups that a user is a member of.", + "title": "RoleArn", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a user group.", + "title": "UserPoolId", + "type": "string" } }, + "required": [ + "UserPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::ParameterGroup" + "AWS::Cognito::UserPoolGroup" ], "type": "string" }, @@ -55281,11 +61247,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DAX::SubnetGroup": { + "AWS::Cognito::UserPoolIdentityProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -55320,33 +61287,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the subnet group.", - "title": "Description", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group.", - "title": "SubnetGroupName", - "type": "string" + "AttributeMapping": { + "additionalProperties": true, + "markdownDescription": "A mapping of IdP attributes to standard and custom user pool attributes. Specify a user pool attribute as the key of the key-value pair, and the IdP attribute claim name as the value.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AttributeMapping", + "type": "object" }, - "SubnetIds": { + "IdpIdentifiers": { "items": { "type": "string" }, - "markdownDescription": "A list of VPC subnet IDs for the subnet group.", - "title": "SubnetIds", + "markdownDescription": "An array of IdP identifiers, for example `\"IdPIdentifiers\": [ \"MyIdP\", \"MyIdP2\" ]` . Identifiers are friendly names that you can pass in the `idp_identifier` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP. Identifiers in a domain format also enable the use of [email-address matching with SAML providers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managing-saml-idp-naming.html) .", + "title": "IdpIdentifiers", "type": "array" + }, + "ProviderDetails": { + "additionalProperties": true, + "markdownDescription": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ProviderDetails", + "type": "object" + }, + "ProviderName": { + "markdownDescription": "The name that you want to assign to the IdP. You can pass the identity provider name in the `identity_provider` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP.", + "title": "ProviderName", + "type": "string" + }, + "ProviderType": { + "markdownDescription": "The type of IdP that you want to add. Amazon Cognito supports OIDC, SAML 2.0, Login With Amazon, Sign In With Apple, Google, and Facebook IdPs.", + "title": "ProviderType", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The Id of the user pool where you want to create an IdP.", + "title": "UserPoolId", + "type": "string" } }, "required": [ - "SubnetIds" + "ProviderDetails", + "ProviderName", + "ProviderType", + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::SubnetGroup" + "AWS::Cognito::UserPoolIdentityProvider" ], "type": "string" }, @@ -55365,7 +61362,7 @@ ], "type": "object" }, - "AWS::DLM::LifecyclePolicy": { + "AWS::Cognito::UserPoolResourceServer": { "additionalProperties": false, "properties": { "Condition": { @@ -55400,75 +61397,40 @@ "Properties": { "additionalProperties": false, "properties": { - "CopyTags": { - "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "CopyTags", - "type": "boolean" - }, - "CreateInterval": { - "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", - "title": "CreateInterval", - "type": "number" - }, - "CrossRegionCopyTargets": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", - "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", - "title": "CrossRegionCopyTargets" - }, - "DefaultPolicy": { - "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", - "title": "DefaultPolicy", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the lifecycle policy. The characters ^[0-9A-Za-z _-]+$ are supported.", - "title": "Description", - "type": "string" - }, - "Exclusions": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", - "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", - "title": "Exclusions" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to run the operations specified by the lifecycle policy.", - "title": "ExecutionRoleArn", + "Identifier": { + "markdownDescription": "A unique resource server identifier for the resource server. The identifier can be an API friendly name like `solar-system-data` . You can also set an API URL like `https://solar-system-data-api.example.com` as your identifier.\n\nAmazon Cognito represents scopes in the access token in the format `$resource-server-identifier/$scope` . Longer scope-identifier strings increase the size of your access tokens.", + "title": "Identifier", "type": "string" }, - "ExtendDeletion": { - "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "ExtendDeletion", - "type": "boolean" - }, - "PolicyDetails": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.PolicyDetails", - "markdownDescription": "The configuration details of the lifecycle policy.\n\n> If you create a default policy, you can specify the request parameters either in the request body, or in the PolicyDetails request structure, but not both.", - "title": "PolicyDetails" - }, - "RetainInterval": { - "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", - "title": "RetainInterval", - "type": "number" - }, - "State": { - "markdownDescription": "The activation state of the lifecycle policy.", - "title": "State", + "Name": { + "markdownDescription": "A friendly name for the resource server.", + "title": "Name", "type": "string" }, - "Tags": { + "Scopes": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType" }, - "markdownDescription": "The tags to apply to the lifecycle policy during creation.", - "title": "Tags", + "markdownDescription": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` .", + "title": "Scopes", "type": "array" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a resource server.", + "title": "UserPoolId", + "type": "string" } }, + "required": [ + "Identifier", + "Name", + "UserPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DLM::LifecyclePolicy" + "AWS::Cognito::UserPoolResourceServer" ], "type": "string" }, @@ -55482,682 +61444,301 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.Action": { + "AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType": { "additionalProperties": false, "properties": { - "CrossRegionCopy": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyAction" - }, - "markdownDescription": "The rule for copying shared snapshots across Regions.", - "title": "CrossRegionCopy", - "type": "array" + "ScopeDescription": { + "markdownDescription": "A friendly description of a custom scope.", + "title": "ScopeDescription", + "type": "string" }, - "Name": { - "markdownDescription": "A descriptive name for the action.", - "title": "Name", + "ScopeName": { + "markdownDescription": "The name of the scope. Amazon Cognito renders custom scopes in the format `resourceServerIdentifier/ScopeName` . For example, if this parameter is `exampleScope` in the resource server with the identifier `exampleResourceServer` , you request and receive the scope `exampleResourceServer/exampleScope` .", + "title": "ScopeName", "type": "string" } }, "required": [ - "CrossRegionCopy", - "Name" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ArchiveRetainRule": { - "additionalProperties": false, - "properties": { - "RetentionArchiveTier": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetentionArchiveTier", - "markdownDescription": "Information about retention period in the Amazon EBS Snapshots Archive. For more information, see [Archive Amazon EBS snapshots](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/snapshot-archive.html) .", - "title": "RetentionArchiveTier" - } - }, - "required": [ - "RetentionArchiveTier" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ArchiveRule": { - "additionalProperties": false, - "properties": { - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRetainRule", - "markdownDescription": "Information about the retention period for the snapshot archiving rule.", - "title": "RetainRule" - } - }, - "required": [ - "RetainRule" + "ScopeDescription", + "ScopeName" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CreateRule": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment": { "additionalProperties": false, "properties": { - "CronExpression": { - "markdownDescription": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. For more information, see the [Cron and rate expressions](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) in the *Amazon EventBridge User Guide* .", - "title": "CronExpression", + "Condition": { "type": "string" }, - "Interval": { - "markdownDescription": "The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The interval unit.", - "title": "IntervalUnit", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Location": { - "markdownDescription": "*[Custom snapshot policies only]* Specifies the destination for snapshots created by the policy. The allowed destinations depend on the location of the targeted resources.\n\n- If the policy targets resources in a Region, then you must create snapshots in the same Region as the source resource.\n- If the policy targets resources in a Local Zone, you can create snapshots in the same Local Zone or in its parent Region.\n- If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost or in its parent Region.\n\nSpecify one of the following values:\n\n- To create snapshots in the same Region as the source resource, specify `CLOUD` .\n- To create snapshots in the same Local Zone as the source resource, specify `LOCAL_ZONE` .\n- To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL` .\n\nDefault: `CLOUD`", - "title": "Location", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Scripts": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" - }, - "markdownDescription": "*[Custom snapshot policies that target instances only]* Specifies pre and/or post scripts for a snapshot lifecycle policy that targets instances. This is useful for creating application-consistent snapshots, or for performing specific administrative tasks before or after Amazon Data Lifecycle Manager initiates snapshot creation.\n\nFor more information, see [Automating application-consistent snapshots with pre and post scripts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/automate-app-consistent-backups.html) .", - "title": "Scripts", - "type": "array" + "Metadata": { + "type": "object" }, - "Times": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AccountTakeoverRiskConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType", + "markdownDescription": "The settings for automated responses and notification templates for adaptive authentication with threat protection.", + "title": "AccountTakeoverRiskConfiguration" + }, + "ClientId": { + "markdownDescription": "The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.", + "title": "ClientId", + "type": "string" + }, + "CompromisedCredentialsRiskConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType", + "markdownDescription": "Settings for compromised-credentials actions and authentication types with threat protection in full-function `ENFORCED` mode.", + "title": "CompromisedCredentialsRiskConfiguration" + }, + "RiskExceptionConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType", + "markdownDescription": "Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.", + "title": "RiskExceptionConfiguration" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool that has the risk configuration applied.", + "title": "UserPoolId", + "type": "string" + } }, - "markdownDescription": "The time, in UTC, to start the operation. The supported format is hh:mm.\n\nThe operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon Data Lifecycle Manager selects a time within the next 24 hours.", - "title": "Times", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyAction": { - "additionalProperties": false, - "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EncryptionConfiguration", - "markdownDescription": "The encryption settings for the copied snapshot.", - "title": "EncryptionConfiguration" - }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", - "markdownDescription": "Specifies a retention rule for cross-Region snapshot copies created by snapshot or event-based policies, or cross-Region AMI copies created by AMI policies. After the retention period expires, the cross-Region copy is deleted.", - "title": "RetainRule" - }, - "Target": { - "markdownDescription": "The target Region.", - "title": "Target", - "type": "string" - } - }, - "required": [ - "EncryptionConfiguration", - "Target" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The period after which to deprecate the cross-Region AMI copies. The period must be less than or equal to the cross-Region AMI copy retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", - "title": "Interval", - "type": "number" + "required": [ + "ClientId", + "UserPoolId" + ], + "type": "object" }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to deprecate a cross-Region AMI copy after 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "Type": { + "enum": [ + "AWS::Cognito::UserPoolRiskConfigurationAttachment" + ], "type": "string" - } - }, - "required": [ - "Interval", - "IntervalUnit" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The amount of time to retain a cross-Region snapshot or AMI copy. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" }, - "IntervalUnit": { - "markdownDescription": "The unit of time for time-based retention. For example, to retain a cross-Region copy for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Interval", - "IntervalUnit" + "Type", + "Properties" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyRule": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType": { "additionalProperties": false, "properties": { - "CmkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", - "title": "CmkArn", + "EventAction": { + "markdownDescription": "The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:\n\n- `BLOCK` : Block the request.\n- `MFA_IF_CONFIGURED` : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.\n- `MFA_REQUIRED` : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.\n- `NO_ACTION` : Take no action. Permit sign-in.", + "title": "EventAction", "type": "string" }, - "CopyTags": { - "markdownDescription": "Indicates whether to copy all user-defined tags from the source snapshot or AMI to the cross-Region copy.", - "title": "CopyTags", - "type": "boolean" - }, - "DeprecateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule", - "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for cross-Region AMI copies created by the rule.", - "title": "DeprecateRule" - }, - "Encrypted": { - "markdownDescription": "To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.", - "title": "Encrypted", + "Notify": { + "markdownDescription": "Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.", + "title": "Notify", "type": "boolean" - }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", - "markdownDescription": "The retention rule that indicates how long the cross-Region snapshot or AMI copies are to be retained in the destination Region.", - "title": "RetainRule" - }, - "Target": { - "markdownDescription": "> Use this parameter for snapshot policies only. For AMI policies, use *TargetRegion* instead. \n\n*[Custom snapshot policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", - "title": "Target", - "type": "string" - }, - "TargetRegion": { - "markdownDescription": "> Use this parameter for AMI policies only. For snapshot policies, use *Target* instead. For snapshot policies created before the *Target* parameter was introduced, this parameter indicates the target Region for snapshot copies. \n\n*[Custom AMI policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", - "title": "TargetRegion", - "type": "string" } }, "required": [ - "Encrypted" + "EventAction", + "Notify" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyTarget": { - "additionalProperties": false, - "properties": { - "TargetRegion": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.DeprecateRule": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "If the schedule has a count-based retention rule, this parameter specifies the number of oldest AMIs to deprecate. The count must be less than or equal to the schedule's retention count, and it can't be greater than 1000.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "If the schedule has an age-based retention rule, this parameter specifies the period after which to deprecate AMIs created by the schedule. The period must be less than or equal to the schedule's retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", - "title": "Interval", - "type": "number" + "HighAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a high-risk assessment by threat protection.", + "title": "HighAction" }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* .", - "title": "IntervalUnit", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "CmkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", - "title": "CmkArn", - "type": "string" + "LowAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a low-risk assessment by threat protection.", + "title": "LowAction" }, - "Encrypted": { - "markdownDescription": "To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled.", - "title": "Encrypted", - "type": "boolean" + "MediumAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a medium-risk assessment by threat protection.", + "title": "MediumAction" } }, - "required": [ - "Encrypted" - ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.EventParameters": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType": { "additionalProperties": false, "properties": { - "DescriptionRegex": { - "markdownDescription": "The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.\n\nFor example, specifying `^.*Created for policy: policy-1234567890abcdef0.*$` configures the policy to run only if snapshots created by policy `policy-1234567890abcdef0` are shared with your account.", - "title": "DescriptionRegex", - "type": "string" - }, - "EventType": { - "markdownDescription": "The type of event. Currently, only snapshot sharing events are supported.", - "title": "EventType", - "type": "string" + "Actions": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType", + "markdownDescription": "A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.", + "title": "Actions" }, - "SnapshotOwner": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.", - "title": "SnapshotOwner", - "type": "array" + "NotifyConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType", + "markdownDescription": "The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in `AccountTakeoverRiskConfiguration` , Amazon Cognito sends an email message using the method and template that you set with this data type.", + "title": "NotifyConfiguration" } }, "required": [ - "EventType", - "SnapshotOwner" + "Actions" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.EventSource": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType": { "additionalProperties": false, "properties": { - "Parameters": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventParameters", - "markdownDescription": "Information about the event.", - "title": "Parameters" - }, - "Type": { - "markdownDescription": "The source of the event. Currently only managed Amazon EventBridge (formerly known as Amazon CloudWatch) events are supported.", - "title": "Type", + "EventAction": { + "markdownDescription": "The action that Amazon Cognito takes when it detects compromised credentials.", + "title": "EventAction", "type": "string" } }, "required": [ - "Type" + "EventAction" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.ExcludeTags": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Exclusions": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType": { "additionalProperties": false, "properties": { - "ExcludeBootVolumes": { - "markdownDescription": "*[Default policies for EBS snapshots only]* Indicates whether to exclude volumes that are attached to instances as the boot volume. If you exclude boot volumes, only volumes attached as data (non-boot) volumes will be backed up by the policy. To exclude boot volumes, specify `true` .", - "title": "ExcludeBootVolumes", - "type": "boolean" - }, - "ExcludeTags": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeTags", - "markdownDescription": "*[Default policies for EBS-backed AMIs only]* Specifies whether to exclude volumes that have specific tags.", - "title": "ExcludeTags" + "Actions": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType", + "markdownDescription": "Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.", + "title": "Actions" }, - "ExcludeVolumeTypes": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList", - "markdownDescription": "*[Default policies for EBS snapshots only]* Specifies the volume types to exclude. Volumes of the specified types will not be targeted by the policy.", - "title": "ExcludeVolumeTypes" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.FastRestoreRule": { - "additionalProperties": false, - "properties": { - "AvailabilityZones": { + "EventFilter": { "items": { "type": "string" }, - "markdownDescription": "The Availability Zones in which to enable fast snapshot restore.", - "title": "AvailabilityZones", - "type": "array" - }, - "Count": { - "markdownDescription": "The number of snapshots to be enabled with fast snapshot restore.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "The amount of time to enable fast snapshot restore. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time for enabling fast snapshot restore.", - "title": "IntervalUnit", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Parameters": { - "additionalProperties": false, - "properties": { - "ExcludeBootVolume": { - "markdownDescription": "*[Custom snapshot policies that target instances only]* Indicates whether to exclude the root volume from multi-volume snapshot sets. The default is `false` . If you specify `true` , then the root volumes attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", - "title": "ExcludeBootVolume", - "type": "boolean" - }, - "ExcludeDataVolumeTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[Custom snapshot policies that target instances only]* The tags used to identify data (non-root) volumes to exclude from multi-volume snapshot sets.\n\nIf you create a snapshot lifecycle policy that targets instances and you specify tags for this parameter, then data volumes with the specified tags that are attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", - "title": "ExcludeDataVolumeTags", + "markdownDescription": "Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.", + "title": "EventFilter", "type": "array" - }, - "NoReboot": { - "markdownDescription": "*[Custom AMI policies only]* Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).", - "title": "NoReboot", - "type": "boolean" } }, + "required": [ + "Actions" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.PolicyDetails": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Action" - }, - "markdownDescription": "*[Event-based policies only]* The actions to be performed when the event-based policy is activated. You can specify only one action per policy.", - "title": "Actions", - "type": "array" - }, - "CopyTags": { - "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "CopyTags", - "type": "boolean" - }, - "CreateInterval": { - "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", - "title": "CreateInterval", - "type": "number" - }, - "CrossRegionCopyTargets": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", - "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", - "title": "CrossRegionCopyTargets" - }, - "EventSource": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventSource", - "markdownDescription": "*[Event-based policies only]* The event that activates the event-based policy.", - "title": "EventSource" - }, - "Exclusions": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", - "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", - "title": "Exclusions" - }, - "ExtendDeletion": { - "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "ExtendDeletion", - "type": "boolean" - }, - "Parameters": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Parameters", - "markdownDescription": "*[Custom snapshot and AMI policies only]* A set of optional parameters for snapshot and AMI lifecycle policies.\n\n> If you are modifying a policy that was created or previously modified using the Amazon Data Lifecycle Manager console, then you must include this parameter and specify either the default values or the new values that you require. You can't omit this parameter or set its values to null.", - "title": "Parameters" + "BlockEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when a detected risk event is blocked.", + "title": "BlockEmail" }, - "PolicyLanguage": { - "markdownDescription": "The type of policy to create. Specify one of the following:\n\n- `SIMPLIFIED` To create a default policy.\n- `STANDARD` To create a custom policy.", - "title": "PolicyLanguage", + "From": { + "markdownDescription": "The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.", + "title": "From", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of policy. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account .\n\nThe default is `EBS_SNAPSHOT_MANAGEMENT` .", - "title": "PolicyType", - "type": "string" + "MfaEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.", + "title": "MfaEmail" }, - "ResourceLocations": { - "items": { - "type": "string" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The location of the resources to backup.\n\n- If the source resources are located in a Region, specify `CLOUD` . In this case, the policy targets all resources of the specified type with matching target tags across all Availability Zones in the Region.\n- *[Custom snapshot policies only]* If the source resources are located in a Local Zone, specify `LOCAL_ZONE` . In this case, the policy targets all resources of the specified type with matching target tags across all Local Zones in the Region.\n- If the source resources are located on an Outpost in your account, specify `OUTPOST` . In this case, the policy targets all resources of the specified type with matching target tags across all of the Outposts in your account.", - "title": "ResourceLocations", - "type": "array" + "NoActionEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when no action is taken in response to a detected risk.", + "title": "NoActionEmail" }, - "ResourceType": { - "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", - "title": "ResourceType", + "ReplyTo": { + "markdownDescription": "The reply-to email address of an email template.", + "title": "ReplyTo", "type": "string" }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "*[Custom snapshot policies only]* The target resource type for snapshot and AMI lifecycle policies. Use `VOLUME` to create snapshots of individual volumes or use `INSTANCE` to create multi-volume snapshots from the volumes for an instance.", - "title": "ResourceTypes", - "type": "array" - }, - "RetainInterval": { - "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", - "title": "RetainInterval", - "type": "number" - }, - "Schedules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Schedule" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The schedules of policy-defined actions for snapshot and AMI lifecycle policies. A policy can have up to four schedules\u2014one mandatory schedule and up to three optional schedules.", - "title": "Schedules", - "type": "array" - }, - "TargetTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The single tag that identifies targeted resources for this policy.", - "title": "TargetTags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.RetainRule": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of snapshots to retain for each volume, up to a maximum of 1000. For example if you want to retain a maximum of three snapshots, specify `3` . When the fourth snapshot is created, the oldest retained snapshot is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time for time-based retention. For example, to retain snapshots for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` . Once the snapshot has been retained for 3 months, it is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", - "title": "IntervalUnit", + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter.", + "title": "SourceArn", "type": "string" } }, + "required": [ + "SourceArn" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.RetentionArchiveTier": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The maximum number of snapshots to retain in the archive storage tier for each volume. The count must ensure that each snapshot remains in the archive tier for at least 90 days. For example, if the schedule creates snapshots every 30 days, you must specify a count of 3 or more to ensure that each snapshot is archived for at least 90 days.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "Specifies the period of time to retain snapshots in the archive tier. After this period expires, the snapshot is permanently deleted.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to retain a snapshots in the archive tier for 6 months, specify `Interval=6` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "HtmlBody": { + "markdownDescription": "The body of an email notification formatted in HTML. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", + "title": "HtmlBody", "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Schedule": { - "additionalProperties": false, - "properties": { - "ArchiveRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRule", - "markdownDescription": "*[Custom snapshot policies that target volumes only]* The snapshot archiving rule for the schedule. When you specify an archiving rule, snapshots are automatically moved from the standard tier to the archive tier once the schedule's retention threshold is met. Snapshots are then retained in the archive tier for the archive retention period that you specify.\n\nFor more information about using snapshot archiving, see [Considerations for snapshot lifecycle policies](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-ami-policy.html#dlm-archive) .", - "title": "ArchiveRule" - }, - "CopyTags": { - "markdownDescription": "Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.", - "title": "CopyTags", - "type": "boolean" - }, - "CreateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CreateRule", - "markdownDescription": "The creation rule.", - "title": "CreateRule" - }, - "CrossRegionCopyRules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRule" - }, - "markdownDescription": "Specifies a rule for copying snapshots or AMIs across Regions.\n\n> You can't specify cross-Region copy rules for policies that create snapshots on an Outpost or in a Local Zone. If the policy creates snapshots in a Region, then snapshots can be copied to up to three Regions or Outposts.", - "title": "CrossRegionCopyRules", - "type": "array" - }, - "DeprecateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.DeprecateRule", - "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for the schedule.", - "title": "DeprecateRule" - }, - "FastRestoreRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.FastRestoreRule", - "markdownDescription": "*[Custom snapshot policies only]* The rule for enabling fast snapshot restore.", - "title": "FastRestoreRule" }, - "Name": { - "markdownDescription": "The name of the schedule.", - "title": "Name", + "Subject": { + "markdownDescription": "The subject of the threat protection email notification.", + "title": "Subject", "type": "string" }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetainRule", - "markdownDescription": "The retention rule for snapshots or AMIs created by the policy.", - "title": "RetainRule" - }, - "ShareRules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ShareRule" - }, - "markdownDescription": "*[Custom snapshot policies only]* The rule for sharing snapshots with other AWS accounts .", - "title": "ShareRules", - "type": "array" - }, - "TagsToAdd": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS -added lifecycle tags.", - "title": "TagsToAdd", - "type": "array" - }, - "VariableTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[AMI policies and snapshot policies that target instances only]* A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: `$(instance-id)` or `$(timestamp)` . Variable tags are only valid for EBS Snapshot Management \u2013 Instance policies.", - "title": "VariableTags", - "type": "array" + "TextBody": { + "markdownDescription": "The body of an email notification formatted in plaintext. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", + "title": "TextBody", + "type": "string" } }, + "required": [ + "Subject" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.Script": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType": { "additionalProperties": false, "properties": { - "ExecuteOperationOnScriptFailure": { - "markdownDescription": "Indicates whether Amazon Data Lifecycle Manager should default to crash-consistent snapshots if the pre script fails.\n\n- To default to crash consistent snapshot if the pre script fails, specify `true` .\n- To skip the instance for snapshot creation if the pre script fails, specify `false` .\n\nThis parameter is supported only if you run a pre script. If you run a post script only, omit this parameter.\n\nDefault: true", - "title": "ExecuteOperationOnScriptFailure", - "type": "boolean" - }, - "ExecutionHandler": { - "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", - "title": "ExecutionHandler", - "type": "string" - }, - "ExecutionHandlerService": { - "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", - "title": "ExecutionHandlerService", - "type": "string" - }, - "ExecutionTimeout": { - "markdownDescription": "Specifies a timeout period, in seconds, after which Amazon Data Lifecycle Manager fails the script run attempt if it has not completed. If a script does not complete within its timeout period, Amazon Data Lifecycle Manager fails the attempt. The timeout period applies to the pre and post scripts individually.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: 10", - "title": "ExecutionTimeout", - "type": "number" - }, - "MaximumRetryCount": { - "markdownDescription": "Specifies the number of times Amazon Data Lifecycle Manager should retry scripts that fail.\n\n- If the pre script fails, Amazon Data Lifecycle Manager retries the entire snapshot creation process, including running the pre and post scripts.\n- If the post script fails, Amazon Data Lifecycle Manager retries the post script only; in this case, the pre script will have completed and the snapshot might have been created.\n\nIf you do not want Amazon Data Lifecycle Manager to retry failed scripts, specify `0` .\n\nDefault: 0", - "title": "MaximumRetryCount", - "type": "number" - }, - "Stages": { + "BlockedIPRangeList": { "items": { "type": "string" }, - "markdownDescription": "Indicate which scripts Amazon Data Lifecycle Manager should run on target instances. Pre scripts run before Amazon Data Lifecycle Manager initiates snapshot creation. Post scripts run after Amazon Data Lifecycle Manager initiates snapshot creation.\n\n- To run a pre script only, specify `PRE` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation.\n- To run a post script only, specify `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `post-script` parameter after initiating snapshot creation.\n- To run both pre and post scripts, specify both `PRE` and `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation, and then it calls the SSM document again with the `post-script` parameter after initiating snapshot creation.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: PRE and POST", - "title": "Stages", + "markdownDescription": "An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.", + "title": "BlockedIPRangeList", "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ShareRule": { - "additionalProperties": false, - "properties": { - "TargetAccounts": { + }, + "SkippedIPRangeList": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the AWS accounts with which to share the snapshots.", - "title": "TargetAccounts", + "markdownDescription": "An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.", + "title": "SkippedIPRangeList", "type": "array" - }, - "UnshareInterval": { - "markdownDescription": "The period after which snapshots that are shared with other AWS accounts are automatically unshared.", - "title": "UnshareInterval", - "type": "number" - }, - "UnshareIntervalUnit": { - "markdownDescription": "The unit of time for the automatic unsharing interval.", - "title": "UnshareIntervalUnit", - "type": "string" } }, "type": "object" }, - "AWS::DLM::LifecyclePolicy.VolumeTypeValues": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DMS::Certificate": { + "AWS::Cognito::UserPoolUICustomizationAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -56192,27 +61773,31 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateIdentifier": { - "markdownDescription": "A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.", - "title": "CertificateIdentifier", + "CSS": { + "markdownDescription": "A plaintext CSS file that contains the custom fields that you want to apply to your user pool or app client. To download a template, go to the Amazon Cognito console. Navigate to your user pool *App clients* tab, select *Login pages* , edit *Hosted UI (classic) style* , and select the link to `CSS template.css` .", + "title": "CSS", "type": "string" }, - "CertificatePem": { - "markdownDescription": "The contents of a `.pem` file, which contains an X.509 certificate.", - "title": "CertificatePem", + "ClientId": { + "markdownDescription": "The app client ID for your UI customization. When this value isn't present, the customization applies to all user pool app clients that don't have client-level settings..", + "title": "ClientId", "type": "string" }, - "CertificateWallet": { - "markdownDescription": "The location of an imported Oracle Wallet certificate for use with SSL. An example is: `filebase64(\"${path.root}/rds-ca-2019-root.sso\")`", - "title": "CertificateWallet", + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to apply branding to the classic hosted UI.", + "title": "UserPoolId", "type": "string" } }, + "required": [ + "ClientId", + "UserPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::Certificate" + "AWS::Cognito::UserPoolUICustomizationAttachment" ], "type": "string" }, @@ -56226,11 +61811,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::DataProvider": { + "AWS::Cognito::UserPoolUser": { "additionalProperties": false, "properties": { "Condition": { @@ -56265,53 +61851,70 @@ "Properties": { "additionalProperties": false, "properties": { - "DataProviderIdentifier": { - "markdownDescription": "The identifier of the data provider. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "DataProviderIdentifier", - "type": "string" + "ClientMetadata": { + "additionalProperties": true, + "markdownDescription": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `ClientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Using Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n> When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:\n> \n> - Store the `ClientMetadata` value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata` parameter serves no purpose.\n> - Validate the `ClientMetadata` value.\n> - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ClientMetadata", + "type": "object" }, - "DataProviderName": { - "markdownDescription": "The name of the data provider.", - "title": "DataProviderName", - "type": "string" + "DesiredDeliveryMediums": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify `EMAIL` if email will be used to send the welcome message. Specify `SMS` if the phone number will be used. The default value is `SMS` . You can specify more than one value.", + "title": "DesiredDeliveryMediums", + "type": "array" }, - "Description": { - "markdownDescription": "A description of the data provider. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", - "title": "Description", - "type": "string" + "ForceAliasCreation": { + "markdownDescription": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the `UserAttributes` parameter already exists as an alias with a different user, this request migrates the alias from the previous user to the newly-created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .", + "title": "ForceAliasCreation", + "type": "boolean" }, - "Engine": { - "markdownDescription": "The type of database engine for the data provider. Valid values include `\"aurora\"` , `\"aurora-postgresql\"` , `\"mysql\"` , `\"oracle\"` , `\"postgres\"` , `\"sqlserver\"` , `redshift` , `mariadb` , `mongodb` , `db2` , `db2-zos` and `docdb` . A value of `\"aurora\"` represents Amazon Aurora MySQL-Compatible Edition.", - "title": "Engine", + "MessageAction": { + "markdownDescription": "Set to `RESEND` to resend the invitation message to a user that already exists, and to reset the temporary-password duration with a new temporary password. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.", + "title": "MessageAction", "type": "string" }, - "ExactSettings": { - "markdownDescription": "", - "title": "ExactSettings", - "type": "boolean" - }, - "Settings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.Settings", - "markdownDescription": "The settings in JSON format for a data provider.", - "title": "Settings" + "UserAttributes": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + }, + "markdownDescription": "An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than `Username` . However, any attributes that you specify as required (when creating a user pool or in the *Attributes* tab of the console) either you should supply (in your call to `AdminCreateUser` ) or the user should supply (when they sign up in response to your welcome message).\n\nFor custom attributes, you must prepend the `custom:` prefix to the attribute name.\n\nTo send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the *Users* tab of the Amazon Cognito console for managing your user pools.\n\nYou must also provide an email address or phone number when you expect the user to do passwordless sign-in with an email or SMS OTP. These attributes must be provided when passwordless options are the only available, or when you don't submit a `TemporaryPassword` .\n\nIn your call to `AdminCreateUser` , you can set the `email_verified` attribute to `True` , and you can set the `phone_number_verified` attribute to `True` .\n\n- *email* : The email address of the user to whom the message that contains the code and username will be sent. Required if the `email_verified` attribute is set to `True` , or if `\"EMAIL\"` is specified in the `DesiredDeliveryMediums` parameter.\n- *phone_number* : The phone number of the user to whom the message that contains the code and username will be sent. Required if the `phone_number_verified` attribute is set to `True` , or if `\"SMS\"` is specified in the `DesiredDeliveryMediums` parameter.", + "title": "UserAttributes", + "type": "array" }, - "Tags": { + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a user.", + "title": "UserPoolId", + "type": "string" + }, + "Username": { + "markdownDescription": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", + "title": "Username", + "type": "string" + }, + "ValidationData": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function can automatically confirm and verify select users or perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) .", + "title": "ValidationData", "type": "array" } }, "required": [ - "Engine" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::DataProvider" + "AWS::Cognito::UserPoolUser" ], "type": "string" }, @@ -56330,200 +61933,395 @@ ], "type": "object" }, - "AWS::DMS::DataProvider.MicrosoftSqlServerSettings": { + "AWS::Cognito::UserPoolUser.AttributeType": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "Name": { + "markdownDescription": "The name of the attribute.", + "title": "Name", "type": "string" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPoolUserToGroupAttachment": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the group that you want to add your user to.", + "title": "GroupName", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool that contains the group that you want to add the user to.", + "title": "UserPoolId", + "type": "string" + }, + "Username": { + "markdownDescription": "The user's username.", + "title": "Username", + "type": "string" + } + }, + "required": [ + "GroupName", + "UserPoolId", + "Username" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Cognito::UserPoolUserToGroupAttachment" + ], "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::DataProvider.MySqlSettings": { + "AWS::Comprehend::DocumentClassifier": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "Condition": { "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ServerName": { - "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS MySQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora MySQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", - "title": "ServerName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DataAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data.", + "title": "DataAccessRoleArn", + "type": "string" + }, + "DocumentClassifierName": { + "markdownDescription": "The name of the document classifier.", + "title": "DocumentClassifierName", + "type": "string" + }, + "InputDataConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig", + "markdownDescription": "Specifies the format and location of the input data for the job.", + "title": "InputDataConfig" + }, + "LanguageCode": { + "markdownDescription": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language.", + "title": "LanguageCode", + "type": "string" + }, + "Mode": { + "markdownDescription": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|).", + "title": "Mode", + "type": "string" + }, + "ModelKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "ModelKmsKeyId", + "type": "string" + }, + "ModelPolicy": { + "markdownDescription": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`", + "title": "ModelPolicy", + "type": "string" + }, + "OutputDataConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig", + "markdownDescription": "Provides output results configuration parameters for custom classifier jobs.", + "title": "OutputDataConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department.", + "title": "Tags", + "type": "array" + }, + "VersionName": { + "markdownDescription": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region .", + "title": "VersionName", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.VpcConfig", + "markdownDescription": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", + "title": "VpcConfig" + } + }, + "required": [ + "DataAccessRoleArn", + "DocumentClassifierName", + "InputDataConfig", + "LanguageCode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Comprehend::DocumentClassifier" + ], "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Port", - "ServerName", - "SslMode" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::DataProvider.OracleSettings": { + "AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem": { "additionalProperties": false, "properties": { - "AsmServer": { - "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmServer", - "type": "string" + "AttributeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job.\n\nIf your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth.\n\nIf your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job.", + "title": "AttributeNames", + "type": "array" }, - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "S3Uri": { + "markdownDescription": "The Amazon S3 location of the augmented manifest file.", + "title": "S3Uri", "type": "string" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "Split": { + "markdownDescription": "The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train.\n\nTRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing.\n\nTEST - all of the documents in the manifest will be used for testing.", + "title": "Split", + "type": "string" + } + }, + "required": [ + "AttributeNames", + "S3Uri" + ], + "type": "object" + }, + "AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The S3 URI location of the training documents specified in the S3Uri CSV file.", + "title": "S3Uri", "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" - }, - "SecretsManagerOracleAsmAccessRoleArn": { - "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both. For more information on creating this `SecretsManagerOracleAsmSecret` and the `SecretsManagerOracleAsmAccessRoleArn` and `SecretsManagerOracleAsmSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerOracleAsmAccessRoleArn", + "TestS3Uri": { + "markdownDescription": "The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file.", + "title": "TestS3Uri", "type": "string" + } + }, + "required": [ + "S3Uri" + ], + "type": "object" + }, + "AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig": { + "additionalProperties": false, + "properties": { + "AugmentedManifests": { + "items": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem" + }, + "markdownDescription": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` .", + "title": "AugmentedManifests", + "type": "array" }, - "SecretsManagerOracleAsmSecretId": { - "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN, partial ARN, or friendly name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", - "title": "SecretsManagerOracleAsmSecretId", + "DataFormat": { + "markdownDescription": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default.", + "title": "DataFormat", "type": "string" }, - "SecretsManagerSecurityDbEncryptionAccessRoleArn": { + "DocumentReaderConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentReaderConfig", "markdownDescription": "", - "title": "SecretsManagerSecurityDbEncryptionAccessRoleArn", + "title": "DocumentReaderConfig" + }, + "DocumentType": { + "markdownDescription": "The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model.", + "title": "DocumentType", "type": "string" }, - "SecretsManagerSecurityDbEncryptionSecretId": { - "markdownDescription": "", - "title": "SecretsManagerSecurityDbEncryptionSecretId", + "Documents": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments", + "markdownDescription": "The S3 location of the training documents. This parameter is required in a request to create a native document model.", + "title": "Documents" + }, + "LabelDelimiter": { + "markdownDescription": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL.", + "title": "LabelDelimiter", "type": "string" }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint.\n\nFor an Amazon RDS Oracle instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` .", + "title": "S3Uri", "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "TestS3Uri": { + "markdownDescription": "This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling.", + "title": "TestS3Uri", "type": "string" } }, - "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" - ], "type": "object" }, - "AWS::DMS::DataProvider.PostgreSqlSettings": { + "AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "KmsKeyId": { + "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- KMS Key Alias: `\"alias/ExampleAlias\"`\n- ARN of a KMS Key Alias: `\"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\"`", + "title": "KmsKeyId", "type": "string" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "S3Uri": { + "markdownDescription": "When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file.\n\nWhen the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix.", + "title": "S3Uri", "type": "string" - }, - "Port": { - "markdownDescription": "Endpoint TCP port. The default is 5432.", - "title": "Port", - "type": "number" - }, - "ServerName": { - "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS PostgreSQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora PostgreSQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", - "title": "ServerName", + } + }, + "type": "object" + }, + "AWS::Comprehend::DocumentClassifier.DocumentReaderConfig": { + "additionalProperties": false, + "properties": { + "DocumentReadAction": { + "markdownDescription": "This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values:\n\n- `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation.\n- `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation.", + "title": "DocumentReadAction", "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "DocumentReadMode": { + "markdownDescription": "Determines the text extraction actions for PDF files. Enter one of the following values:\n\n- `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files.\n- `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files.", + "title": "DocumentReadMode", "type": "string" + }, + "FeatureTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values:\n\n- `TABLES` - Returns additional information about any tables that are detected in the input document.\n- `FORMS` - Returns additional information about any forms that are detected in the input document.", + "title": "FeatureTypes", + "type": "array" } }, "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" + "DocumentReadAction" ], "type": "object" }, - "AWS::DMS::DataProvider.Settings": { + "AWS::Comprehend::DocumentClassifier.VpcConfig": { "additionalProperties": false, "properties": { - "MicrosoftSqlServerSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.MicrosoftSqlServerSettings", - "markdownDescription": "", - "title": "MicrosoftSqlServerSettings" - }, - "MySqlSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.MySqlSettings", - "markdownDescription": "", - "title": "MySqlSettings" - }, - "OracleSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.OracleSettings", - "markdownDescription": "", - "title": "OracleSettings" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", + "title": "SecurityGroupIds", + "type": "array" }, - "PostgreSqlSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.PostgreSqlSettings", - "markdownDescription": "", - "title": "PostgreSqlSettings" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", + "title": "Subnets", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], "type": "object" }, - "AWS::DMS::Endpoint": { + "AWS::Comprehend::Flywheel": { "additionalProperties": false, "properties": { "Condition": { @@ -56558,174 +62356,60 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate.", - "title": "CertificateArn", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the endpoint database. For a MySQL source or target endpoint, don't specify `DatabaseName` . To migrate to a specific database, use this setting and `targetDbType` .", - "title": "DatabaseName", - "type": "string" - }, - "DocDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.DocDbSettings", - "markdownDescription": "Settings in JSON format for the source and target DocumentDB endpoint. For more information about other available settings, see [Using extra connections attributes with Amazon DocumentDB as a source](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DocumentDB.html#CHAP_Source.DocumentDB.ECAs) and [Using Amazon DocumentDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DocumentDB.html) in the *AWS Database Migration Service User Guide* .", - "title": "DocDbSettings" - }, - "DynamoDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.DynamoDbSettings", - "markdownDescription": "Settings in JSON format for the target Amazon DynamoDB endpoint. For information about other available settings, see [Using object mapping to migrate data to DynamoDB](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DynamoDB.html#CHAP_Target.DynamoDB.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "DynamoDbSettings" - }, - "ElasticsearchSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.ElasticsearchSettings", - "markdownDescription": "Settings in JSON format for the target OpenSearch endpoint. For more information about the available settings, see [Extra connection attributes when using OpenSearch as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Elasticsearch.html#CHAP_Target.Elasticsearch.Configuration) in the *AWS Database Migration Service User Guide* .", - "title": "ElasticsearchSettings" - }, - "EndpointIdentifier": { - "markdownDescription": "The database endpoint identifier. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "EndpointIdentifier", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The type of endpoint. Valid values are `source` and `target` .", - "title": "EndpointType", - "type": "string" - }, - "EngineName": { - "markdownDescription": "The type of engine for the endpoint, depending on the `EndpointType` value.\n\n*Valid values* : `mysql` | `oracle` | `postgres` | `mariadb` | `aurora` | `aurora-postgresql` | `opensearch` | `redshift` | `redshift-serverless` | `s3` | `db2` | `azuredb` | `sybase` | `dynamodb` | `mongodb` | `kinesis` | `kafka` | `elasticsearch` | `docdb` | `sqlserver` | `neptune`", - "title": "EngineName", - "type": "string" - }, - "ExtraConnectionAttributes": { - "markdownDescription": "Additional attributes associated with the connection. Each attribute is specified as a name-value pair associated by an equal sign (=). Multiple attributes are separated by a semicolon (;) with no additional white space. For information on the attributes available for connecting your source or target endpoint, see [Working with AWS DMS Endpoints](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Endpoints.html) in the *AWS Database Migration Service User Guide* .", - "title": "ExtraConnectionAttributes", - "type": "string" - }, - "GcpMySQLSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.GcpMySQLSettings", - "markdownDescription": "Settings in JSON format for the source GCP MySQL endpoint. These settings are much the same as the settings for any MySQL-compatible endpoint. For more information, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "GcpMySQLSettings" - }, - "IbmDb2Settings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.IbmDb2Settings", - "markdownDescription": "Settings in JSON format for the source IBM Db2 LUW endpoint. For information about other available settings, see [Extra connection attributes when using Db2 LUW as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DB2.html#CHAP_Source.DB2.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "IbmDb2Settings" - }, - "KafkaSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.KafkaSettings", - "markdownDescription": "Settings in JSON format for the target Apache Kafka endpoint. For more information about other available settings, see [Using object mapping to migrate data to a Kafka topic](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html#CHAP_Target.Kafka.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "KafkaSettings" - }, - "KinesisSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.KinesisSettings", - "markdownDescription": "Settings in JSON format for the target endpoint for Amazon Kinesis Data Streams. For more information about other available settings, see [Using object mapping to migrate data to a Kinesis data stream](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kinesis.html#CHAP_Target.Kinesis.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "KinesisSettings" - }, - "KmsKeyId": { - "markdownDescription": "An AWS KMS key identifier that is used to encrypt the connection parameters for the endpoint.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", + "ActiveModelArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the active model version.", + "title": "ActiveModelArn", "type": "string" }, - "MicrosoftSqlServerSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MicrosoftSqlServerSettings", - "markdownDescription": "Settings in JSON format for the source and target Microsoft SQL Server endpoint. For information about other available settings, see [Extra connection attributes when using SQL Server as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SQLServer.html#CHAP_Source.SQLServer.ConnectionAttrib) and [Extra connection attributes when using SQL Server as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SQLServer.html#CHAP_Target.SQLServer.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "MicrosoftSqlServerSettings" - }, - "MongoDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MongoDbSettings", - "markdownDescription": "Settings in JSON format for the source MongoDB endpoint. For more information about the available settings, see [Using MongoDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MongoDB.html#CHAP_Source.MongoDB.Configuration) in the *AWS Database Migration Service User Guide* .", - "title": "MongoDbSettings" - }, - "MySqlSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MySqlSettings", - "markdownDescription": "Settings in JSON format for the source and target MySQL endpoint. For information about other available settings, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) and [Extra connection attributes when using a MySQL-compatible database as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.MySQL.html#CHAP_Target.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "MySqlSettings" - }, - "NeptuneSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.NeptuneSettings", - "markdownDescription": "Settings in JSON format for the target Amazon Neptune endpoint. For more information about the available settings, see [Specifying endpoint settings for Amazon Neptune as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.EndpointSettings) in the *AWS Database Migration Service User Guide* .", - "title": "NeptuneSettings" - }, - "OracleSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.OracleSettings", - "markdownDescription": "Settings in JSON format for the source and target Oracle endpoint. For information about other available settings, see [Extra connection attributes when using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.ConnectionAttrib) and [Extra connection attributes when using Oracle as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Oracle.html#CHAP_Target.Oracle.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "OracleSettings" - }, - "Password": { - "markdownDescription": "The password to be used to log in to the endpoint database.", - "title": "Password", + "DataAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data.", + "title": "DataAccessRoleArn", "type": "string" }, - "Port": { - "markdownDescription": "The port used by the endpoint database.", - "title": "Port", - "type": "number" - }, - "PostgreSqlSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.PostgreSqlSettings", - "markdownDescription": "Settings in JSON format for the source and target PostgreSQL endpoint.\n\nFor information about other available settings, see [Extra connection attributes when using PostgreSQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) and [Extra connection attributes when using PostgreSQL as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.PostgreSQL.html#CHAP_Target.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "PostgreSqlSettings" - }, - "RedisSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.RedisSettings", - "markdownDescription": "Settings in JSON format for the target Redis endpoint. For information about other available settings, see [Specifying endpoint settings for Redis as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redis.html#CHAP_Target.Redis.EndpointSettings) in the *AWS Database Migration Service User Guide* .", - "title": "RedisSettings" - }, - "RedshiftSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.RedshiftSettings", - "markdownDescription": "Settings in JSON format for the Amazon Redshift endpoint.\n\nFor more information about other available settings, see [Extra connection attributes when using Amazon Redshift as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redshift.html#CHAP_Target.Redshift.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "RedshiftSettings" - }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", + "DataLakeS3Uri": { + "markdownDescription": "Amazon S3 URI of the data lake location.", + "title": "DataLakeS3Uri", "type": "string" }, - "S3Settings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.S3Settings", - "markdownDescription": "Settings in JSON format for the source and target Amazon S3 endpoint. For more information about other available settings, see [Extra connection attributes when using Amazon S3 as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.S3.html#CHAP_Source.S3.Configuring) and [Extra connection attributes when using Amazon S3 as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring) in the *AWS Database Migration Service User Guide* .", - "title": "S3Settings" + "DataSecurityConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.DataSecurityConfig", + "markdownDescription": "Data security configuration.", + "title": "DataSecurityConfig" }, - "ServerName": { - "markdownDescription": "The name of the server where the endpoint database resides.", - "title": "ServerName", + "FlywheelName": { + "markdownDescription": "Name for the flywheel.", + "title": "FlywheelName", "type": "string" }, - "SslMode": { - "markdownDescription": "The Secure Sockets Layer (SSL) mode to use for the SSL connection. The default is `none` .\n\n> When `engine_name` is set to S3, the only allowed value is `none` .", - "title": "SslMode", + "ModelType": { + "markdownDescription": "Model type of the flywheel's model.", + "title": "ModelType", "type": "string" }, - "SybaseSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.SybaseSettings", - "markdownDescription": "Settings in JSON format for the source and target SAP ASE endpoint. For information about other available settings, see [Extra connection attributes when using SAP ASE as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SAP.html#CHAP_Source.SAP.ConnectionAttrib) and [Extra connection attributes when using SAP ASE as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SAP.html#CHAP_Target.SAP.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "SybaseSettings" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the endpoint.", + "markdownDescription": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department.", "title": "Tags", "type": "array" }, - "Username": { - "markdownDescription": "The user name to be used to log in to the endpoint database.", - "title": "Username", - "type": "string" + "TaskConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.TaskConfig", + "markdownDescription": "Configuration about the model associated with a flywheel.", + "title": "TaskConfig" } }, "required": [ - "EndpointType", - "EngineName" + "DataAccessRoleArn", + "DataLakeS3Uri", + "FlywheelName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::Endpoint" + "AWS::Comprehend::Flywheel" ], "type": "string" }, @@ -56744,1277 +62428,1302 @@ ], "type": "object" }, - "AWS::DMS::Endpoint.DocDbSettings": { + "AWS::Comprehend::Flywheel.DataSecurityConfig": { "additionalProperties": false, "properties": { - "DocsToInvestigate": { - "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", - "title": "DocsToInvestigate", - "type": "number" - }, - "ExtractDocId": { - "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", - "title": "ExtractDocId", - "type": "boolean" - }, - "NestingLevel": { - "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", - "title": "NestingLevel", + "DataLakeKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the data in the data lake.", + "title": "DataLakeKmsKeyId", "type": "string" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the DocumentDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "ModelKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "ModelKmsKeyId", "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the DocumentDB endpoint connection details.", - "title": "SecretsManagerSecretId", + "VolumeKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the volume.", + "title": "VolumeKmsKeyId", "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.VpcConfig", + "markdownDescription": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", + "title": "VpcConfig" } }, "type": "object" }, - "AWS::DMS::Endpoint.DynamoDbSettings": { + "AWS::Comprehend::Flywheel.DocumentClassificationConfig": { "additionalProperties": false, "properties": { - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", + "Labels": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more labels to associate with the custom classifier.", + "title": "Labels", + "type": "array" + }, + "Mode": { + "markdownDescription": "Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` .", + "title": "Mode", "type": "string" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::DMS::Endpoint.ElasticsearchSettings": { + "AWS::Comprehend::Flywheel.EntityRecognitionConfig": { "additionalProperties": false, "properties": { - "EndpointUri": { - "markdownDescription": "The endpoint for the OpenSearch cluster. AWS DMS uses HTTPS if a transport protocol (either HTTP or HTTPS) isn't specified.", - "title": "EndpointUri", + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityTypesListItem" + }, + "markdownDescription": "Up to 25 entity types that the model is trained to recognize.", + "title": "EntityTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Comprehend::Flywheel.EntityTypesListItem": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer.\n\nEntity types must not contain the following invalid characters: \\n (line break), \\\\n (escaped line break, \\r (carriage return), \\\\r (escaped carriage return), \\t (tab), \\\\t (escaped tab), and , (comma).", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Comprehend::Flywheel.TaskConfig": { + "additionalProperties": false, + "properties": { + "DocumentClassificationConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.DocumentClassificationConfig", + "markdownDescription": "Configuration required for a document classification model.", + "title": "DocumentClassificationConfig" }, - "ErrorRetryDuration": { - "markdownDescription": "The maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster.", - "title": "ErrorRetryDuration", - "type": "number" - }, - "FullLoadErrorPercentage": { - "markdownDescription": "The maximum percentage of records that can fail to be written before a full load operation stops.\n\nTo avoid early failure, this counter is only effective after 1,000 records are transferred. OpenSearch also has the concept of error monitoring during the last 10 minutes of an Observation Window. If transfer of all records fail in the last 10 minutes, the full load operation stops.", - "title": "FullLoadErrorPercentage", - "type": "number" + "EntityRecognitionConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityRecognitionConfig", + "markdownDescription": "Configuration required for an entity recognition model.", + "title": "EntityRecognitionConfig" }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", + "LanguageCode": { + "markdownDescription": "Language code for the language that the model supports.", + "title": "LanguageCode", "type": "string" } }, + "required": [ + "LanguageCode" + ], "type": "object" }, - "AWS::DMS::Endpoint.GcpMySQLSettings": { + "AWS::Comprehend::Flywheel.VpcConfig": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", - "title": "AfterConnectScript", - "type": "string" - }, - "CleanSourceMetadataOnMismatch": { - "markdownDescription": "Adjusts the behavior of AWS DMS when migrating from an SQL Server source database that is hosted as part of an Always On availability group cluster. If you need AWS DMS to poll all the nodes in the Always On cluster for transaction backups, set this attribute to `false` .", - "title": "CleanSourceMetadataOnMismatch", - "type": "boolean" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", + "title": "SecurityGroupIds", + "type": "array" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint. For a MySQL source or target endpoint, don't explicitly specify the database using the `DatabaseName` request parameter on either the `CreateEndpoint` or `ModifyEndpoint` API call. Specifying `DatabaseName` when you create or modify a MySQL endpoint replicates all the task tables to this single database. For MySQL endpoints, you specify the database only when you specify the schema in the table-mapping rules of the AWS DMS task.", - "title": "DatabaseName", + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::Config::AggregationAuthorization": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "EventsPollInterval": { - "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", - "title": "EventsPollInterval", - "type": "number" - }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" - }, - "ParallelLoadThreads": { - "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", - "title": "ParallelLoadThreads", - "type": "number" - }, - "Password": { - "markdownDescription": "Endpoint connection password.", - "title": "Password", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port used by the endpoint database.", - "title": "Port", - "type": "number" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret.` The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "Metadata": { + "type": "object" }, - "ServerName": { - "markdownDescription": "The MySQL host name.", - "title": "ServerName", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AuthorizedAccountId": { + "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", + "title": "AuthorizedAccountId", + "type": "string" + }, + "AuthorizedAwsRegion": { + "markdownDescription": "The region authorized to collect aggregated data.", + "title": "AuthorizedAwsRegion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tag object.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AuthorizedAccountId", + "AuthorizedAwsRegion" + ], + "type": "object" }, - "ServerTimezone": { - "markdownDescription": "Specifies the time zone for the source MySQL database. Don't enclose time zones in single quotation marks.\n\nExample: `serverTimezone=US/Pacific;`", - "title": "ServerTimezone", + "Type": { + "enum": [ + "AWS::Config::AggregationAuthorization" + ], "type": "string" }, - "Username": { - "markdownDescription": "Endpoint connection user name.", - "title": "Username", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.IbmDb2Settings": { + "AWS::Config::ConfigRule": { "additionalProperties": false, "properties": { - "CurrentLsn": { - "markdownDescription": "For ongoing replication (CDC), use CurrentLSN to specify a log sequence number (LSN) where you want the replication to start.", - "title": "CurrentLsn", + "Condition": { "type": "string" }, - "KeepCsvFiles": { - "markdownDescription": "If true, AWS DMS saves any .csv files to the Db2 LUW target that were used to replicate data. DMS uses these files for analysis and troubleshooting.\n\nThe default value is false.", - "title": "KeepCsvFiles", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "LoadTimeout": { - "markdownDescription": "The amount of time (in milliseconds) before AWS DMS times out operations performed by DMS on the Db2 target. The default value is 1200 (20 minutes).", - "title": "LoadTimeout", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of .csv files used to transfer data to Db2 LUW.", - "title": "MaxFileSize", - "type": "number" + "Metadata": { + "type": "object" }, - "MaxKBytesPerRead": { - "markdownDescription": "Maximum number of bytes per read, as a NUMBER value. The default is 64 KB.", - "title": "MaxKBytesPerRead", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Compliance": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", + "title": "Compliance" + }, + "ConfigRuleName": { + "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", + "title": "ConfigRuleName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description that you provide for the AWS Config rule.", + "title": "Description", + "type": "string" + }, + "EvaluationModes": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" + }, + "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", + "title": "EvaluationModes", + "type": "array" + }, + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", + "title": "InputParameters", + "type": "object" + }, + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", + "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", + "title": "Scope" + }, + "Source": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Source", + "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", + "title": "Source" + } + }, + "required": [ + "Source" + ], + "type": "object" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value ofthe AWS Secrets Manager secret that allows access to the Db2 LUW endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "Type": { + "enum": [ + "AWS::Config::ConfigRule" + ], "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the IBMDB2 endpoint connection details.", - "title": "SecretsManagerSecretId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SetDataCaptureChanges": { - "markdownDescription": "Enables ongoing replication (CDC) as a BOOLEAN value. The default is true.", - "title": "SetDataCaptureChanges", - "type": "boolean" - }, - "WriteBufferSize": { - "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk on the DMS replication instance. The default value is 1024 (1 MB).", - "title": "WriteBufferSize", - "type": "number" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.KafkaSettings": { + "AWS::Config::ConfigRule.Compliance": { "additionalProperties": false, "properties": { - "Broker": { - "markdownDescription": "A comma-separated list of one or more broker locations in your Kafka cluster that host your Kafka instance. Specify each broker location in the form `*broker-hostname-or-ip* : *port*` . For example, `\"ec2-12-345-678-901.compute-1.amazonaws.com:2345\"` . For more information and examples of specifying a list of broker locations, see [Using Apache Kafka as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html) in the *AWS Database Migration Service User Guide* .", - "title": "Broker", - "type": "string" - }, - "IncludeControlDetails": { - "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. The default is `false` .", - "title": "IncludeControlDetails", - "type": "boolean" - }, - "IncludeNullAndEmpty": { - "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", - "title": "IncludeNullAndEmpty", - "type": "boolean" - }, - "IncludePartitionValue": { - "markdownDescription": "Shows the partition value within the Kafka message output unless the partition type is `schema-table-type` . The default is `false` .", - "title": "IncludePartitionValue", - "type": "boolean" - }, - "IncludeTableAlterOperations": { - "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", - "title": "IncludeTableAlterOperations", - "type": "boolean" - }, - "IncludeTransactionDetails": { - "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", - "title": "IncludeTransactionDetails", + "Type": { + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.CustomPolicyDetails": { + "additionalProperties": false, + "properties": { + "EnableDebugLogDelivery": { + "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", + "title": "EnableDebugLogDelivery", "type": "boolean" }, - "MessageFormat": { - "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", - "title": "MessageFormat", + "PolicyRuntime": { + "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", + "title": "PolicyRuntime", "type": "string" }, - "MessageMaxBytes": { - "markdownDescription": "The maximum size in bytes for records created on the endpoint The default is 1,000,000.", - "title": "MessageMaxBytes", - "type": "number" - }, - "NoHexPrefix": { - "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", - "title": "NoHexPrefix", - "type": "boolean" + "PolicyText": { + "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", + "title": "PolicyText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.EvaluationModeConfiguration": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", + "title": "Mode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Scope": { + "additionalProperties": false, + "properties": { + "ComplianceResourceId": { + "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", + "title": "ComplianceResourceId", + "type": "string" }, - "PartitionIncludeSchemaTable": { - "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. The default is `false` .", - "title": "PartitionIncludeSchemaTable", - "type": "boolean" + "ComplianceResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", + "title": "ComplianceResourceTypes", + "type": "array" }, - "SaslPassword": { - "markdownDescription": "The secure password that you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", - "title": "SaslPassword", + "TagKey": { + "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", + "title": "TagKey", "type": "string" }, - "SaslUserName": { - "markdownDescription": "The secure user name you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", - "title": "SaslUserName", + "TagValue": { + "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", + "title": "TagValue", "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Source": { + "additionalProperties": false, + "properties": { + "CustomPolicyDetails": { + "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", + "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", + "title": "CustomPolicyDetails" }, - "SecurityProtocol": { - "markdownDescription": "Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption` , `ssl-authentication` , and `sasl-ssl` . `sasl-ssl` requires `SaslUsername` and `SaslPassword` .", - "title": "SecurityProtocol", + "Owner": { + "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", + "title": "Owner", "type": "string" }, - "SslCaCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint.", - "title": "SslCaCertificateArn", - "type": "string" + "SourceDetails": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" + }, + "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", + "title": "SourceDetails", + "type": "array" }, - "SslClientCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the client certificate used to securely connect to a Kafka target endpoint.", - "title": "SslClientCertificateArn", + "SourceIdentifier": { + "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", + "title": "SourceIdentifier", "type": "string" - }, - "SslClientKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the client private key used to securely connect to a Kafka target endpoint.", - "title": "SslClientKeyArn", + } + }, + "required": [ + "Owner" + ], + "type": "object" + }, + "AWS::Config::ConfigRule.SourceDetail": { + "additionalProperties": false, + "properties": { + "EventSource": { + "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", + "title": "EventSource", "type": "string" }, - "SslClientKeyPassword": { - "markdownDescription": "The password for the client private key used to securely connect to a Kafka target endpoint.", - "title": "SslClientKeyPassword", + "MaximumExecutionFrequency": { + "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", + "title": "MaximumExecutionFrequency", "type": "string" }, - "Topic": { - "markdownDescription": "The topic to which you migrate the data. If you don't specify a topic, AWS DMS specifies `\"kafka-default-topic\"` as the migration topic.", - "title": "Topic", + "MessageType": { + "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", + "title": "MessageType", "type": "string" } }, + "required": [ + "EventSource", + "MessageType" + ], "type": "object" }, - "AWS::DMS::Endpoint.KinesisSettings": { + "AWS::Config::ConfigurationAggregator": { "additionalProperties": false, "properties": { - "IncludeControlDetails": { - "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. The default is `false` .", - "title": "IncludeControlDetails", - "type": "boolean" + "Condition": { + "type": "string" }, - "IncludeNullAndEmpty": { - "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", - "title": "IncludeNullAndEmpty", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "IncludePartitionValue": { - "markdownDescription": "Shows the partition value within the Kinesis message output, unless the partition type is `schema-table-type` . The default is `false` .", - "title": "IncludePartitionValue", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeTableAlterOperations": { - "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", - "title": "IncludeTableAlterOperations", - "type": "boolean" + "Metadata": { + "type": "object" }, - "IncludeTransactionDetails": { - "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", - "title": "IncludeTransactionDetails", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "AccountAggregationSources": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.AccountAggregationSource" + }, + "markdownDescription": "Provides a list of source accounts and regions to be aggregated.", + "title": "AccountAggregationSources", + "type": "array" + }, + "ConfigurationAggregatorName": { + "markdownDescription": "The name of the aggregator.", + "title": "ConfigurationAggregatorName", + "type": "string" + }, + "OrganizationAggregationSource": { + "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.OrganizationAggregationSource", + "markdownDescription": "Provides an organization and list of regions to be aggregated.", + "title": "OrganizationAggregationSource" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tag object.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "MessageFormat": { - "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", - "title": "MessageFormat", + "Type": { + "enum": [ + "AWS::Config::ConfigurationAggregator" + ], "type": "string" }, - "NoHexPrefix": { - "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to an Amazon Kinesis target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", - "title": "NoHexPrefix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Config::ConfigurationAggregator.AccountAggregationSource": { + "additionalProperties": false, + "properties": { + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The 12-digit account ID of the account being aggregated.", + "title": "AccountIds", + "type": "array" + }, + "AllAwsRegions": { + "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", + "title": "AllAwsRegions", "type": "boolean" }, - "PartitionIncludeSchemaTable": { - "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kinesis shards. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same shard, which causes throttling. The default is `false` .", - "title": "PartitionIncludeSchemaTable", + "AwsRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The source regions being aggregated.", + "title": "AwsRegions", + "type": "array" + } + }, + "required": [ + "AccountIds" + ], + "type": "object" + }, + "AWS::Config::ConfigurationAggregator.OrganizationAggregationSource": { + "additionalProperties": false, + "properties": { + "AllAwsRegions": { + "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", + "title": "AllAwsRegions", "type": "boolean" }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that AWS DMS uses to write to the Kinesis data stream. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", - "type": "string" + "AwsRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The source regions being aggregated.", + "title": "AwsRegions", + "type": "array" }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Kinesis Data Streams endpoint.", - "title": "StreamArn", + "RoleArn": { + "markdownDescription": "ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::DMS::Endpoint.MicrosoftSqlServerSettings": { + "AWS::Config::ConfigurationRecorder": { "additionalProperties": false, "properties": { - "BcpPacketSize": { - "markdownDescription": "The maximum size of the packets (in bytes) used to transfer data using BCP.", - "title": "BcpPacketSize", - "type": "number" - }, - "ControlTablesFileGroup": { - "markdownDescription": "Specifies a file group for the AWS DMS internal tables. When the replication task starts, all the internal AWS DMS control tables (awsdms_ apply_exception, awsdms_apply, awsdms_changes) are created for the specified file group.", - "title": "ControlTablesFileGroup", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "Condition": { "type": "string" }, - "ForceLobLookup": { - "markdownDescription": "Forces LOB lookup on inline LOB.", - "title": "ForceLobLookup", - "type": "boolean" - }, - "Password": { - "markdownDescription": "Endpoint connection password.", - "title": "Password", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" - }, - "QuerySingleAlwaysOnNode": { - "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. An example is a situation where running an alter DDL statement on a table might result in different information about the table cached in the replication instance.", - "title": "QuerySingleAlwaysOnNode", - "type": "boolean" - }, - "ReadBackupOnly": { - "markdownDescription": "When this attribute is set to `Y` , AWS DMS only reads changes from transaction log backups and doesn't read from the active transaction log file during ongoing replication. Setting this parameter to `Y` enables you to control active transaction log file growth during full load and ongoing replication tasks. However, it can add some source latency to ongoing replication.", - "title": "ReadBackupOnly", - "type": "boolean" - }, - "SafeguardPolicy": { - "markdownDescription": "Use this attribute to minimize the need to access the backup log and enable AWS DMS to prevent truncation using one of the following two methods.\n\n*Start transactions in the database:* This is the default method. When this method is used, AWS DMS prevents TLOG truncation by mimicking a transaction in the database. As long as such a transaction is open, changes that appear after the transaction started aren't truncated. If you need Microsoft Replication to be enabled in your database, then you must choose this method.\n\n*Exclusively use sp_repldone within a single task* : When this method is used, AWS DMS reads the changes and then uses sp_repldone to mark the TLOG transactions as ready for truncation. Although this method doesn't involve any transactional activities, it can only be used when Microsoft Replication isn't running. Also, when using this method, only one AWS DMS task can access the database at any given time. Therefore, if you need to run parallel AWS DMS tasks against the same database, use the default method.", - "title": "SafeguardPolicy", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SQL Server endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "Metadata": { + "type": "object" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MicrosoftSQLServer endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the configuration recorder. AWS Config automatically assigns the name of \"default\" when creating the configuration recorder.\n\nYou cannot change the name of the configuration recorder after it has been created. To change the configuration recorder name, you must delete it and create a new configuration recorder with a new name.", + "title": "Name", + "type": "string" + }, + "RecordingGroup": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingGroup", + "markdownDescription": "Specifies which resource types AWS Config records for configuration changes.\n\n> *High Number of AWS Config Evaluations*\n> \n> You may notice increased activity in your account during your initial month recording with AWS Config when compared to subsequent months. During the initial bootstrapping process, AWS Config runs evaluations on all the resources in your account that you have selected for AWS Config to record.\n> \n> If you are running ephemeral workloads, you may see increased activity from AWS Config as it records configuration changes associated with creating and deleting these temporary resources. An *ephemeral workload* is a temporary use of computing resources that are loaded and run when needed. Examples include Amazon Elastic Compute Cloud ( Amazon EC2 ) Spot Instances, Amazon EMR jobs, and AWS Auto Scaling . If you want to avoid the increased activity from running ephemeral workloads, you can run these types of workloads in a separate account with AWS Config turned off to avoid increased configuration recording and rule evaluations.", + "title": "RecordingGroup" + }, + "RecordingMode": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingMode", + "markdownDescription": "Specifies the default recording frequency for the configuration recorder. AWS Config supports *Continuous recording* and *Daily recording* .\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> *Some resource types require continuous recording*\n> \n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous. \n\nYou can also override the recording frequency for specific resource types.", + "title": "RecordingMode" + }, + "RoleARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder. For more information, see [Permissions for the IAM Role Assigned](https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) to AWS Config in the AWS Config Developer Guide.\n\n> *Pre-existing AWS Config role*\n> \n> If you have used an AWS service that uses AWS Config , such as AWS Security Hub or AWS Control Tower , and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.\n> \n> For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service ( Amazon S3 ) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config . Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config , see [*Identity and Access Management for AWS Config*](https://docs.aws.amazon.com/config/latest/developerguide/security-iam.html) in the *AWS Config Developer Guide* .", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "RoleARN" + ], + "type": "object" }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", + "Type": { + "enum": [ + "AWS::Config::ConfigurationRecorder" + ], "type": "string" }, - "TlogAccessMode": { - "markdownDescription": "Indicates the mode used to fetch CDC data.", - "title": "TlogAccessMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "TrimSpaceInChar": { - "markdownDescription": "Use the `TrimSpaceInChar` source endpoint setting to right-trim data on CHAR and NCHAR data types during migration. Setting `TrimSpaceInChar` does not left-trim data. The default value is `true` .", - "title": "TrimSpaceInChar", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes": { + "additionalProperties": false, + "properties": { + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list of resource types to exclude from recording by the configuration recorder.", + "title": "ResourceTypes", + "type": "array" + } + }, + "required": [ + "ResourceTypes" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.RecordingGroup": { + "additionalProperties": false, + "properties": { + "AllSupported": { + "markdownDescription": "Specifies whether AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types.\n\nIf you set this field to `true` , when AWS Config adds support for a new resource type, AWS Config starts recording resources of that type automatically.\n\nIf you set this field to `true` , you cannot enumerate specific resource types to record in the `resourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , or to exclude in the `resourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Region availability*\n> \n> Check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if a resource type is supported in the AWS Region where you set up AWS Config .", + "title": "AllSupported", "type": "boolean" }, - "UseBcpFullLoad": { - "markdownDescription": "Use this to attribute to transfer data for full-load operations using BCP. When the target table contains an identity column that does not exist in the source table, you must disable the use BCP for loading table option.", - "title": "UseBcpFullLoad", - "type": "boolean" + "ExclusionByResourceTypes": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes", + "markdownDescription": "An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.\n\nTo use this option, you must set the `useOnly` field of [AWS::Config::ConfigurationRecorder RecordingStrategy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configurationrecorder-recordingstrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` .", + "title": "ExclusionByResourceTypes" }, - "UseThirdPartyBackupDevice": { - "markdownDescription": "When this attribute is set to `Y` , DMS processes third-party transaction log backups if they are created in native format.", - "title": "UseThirdPartyBackupDevice", + "IncludeGlobalResourceTypes": { + "markdownDescription": "This option is a bundle which only applies to the global IAM resource types: IAM users, groups, roles, and customer managed policies. These global IAM resource types can only be recorded by AWS Config in Regions where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n\n- Asia Pacific (Hyderabad)\n- Asia Pacific (Melbourne)\n- Canada West (Calgary)\n- Europe (Spain)\n- Europe (Zurich)\n- Israel (Tel Aviv)\n- Middle East (UAE)\n\n> *Aurora global clusters are recorded in all enabled Regions*\n> \n> The `AWS::RDS::GlobalCluster` resource type will be recorded in all supported AWS Config Regions where the configuration recorder is enabled, even if `IncludeGlobalResourceTypes` is set to `false` . The `IncludeGlobalResourceTypes` option is a bundle which only applies to IAM users, groups, roles, and customer managed policies.\n> \n> If you do not want to record `AWS::RDS::GlobalCluster` in all enabled Regions, use one of the following recording strategies:\n> \n> - *Record all current and future resource types with exclusions* ( `EXCLUSION_BY_RESOURCE_TYPES` ), or\n> - *Record specific resource types* ( `INCLUSION_BY_RESOURCE_TYPES` ).\n> \n> For more information, see [Selecting Which Resources are Recorded](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-all) in the *AWS Config developer guide* . > *IncludeGlobalResourceTypes and the exclusion recording strategy*\n> \n> The `IncludeGlobalResourceTypes` field has no impact on the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy. This means that the global IAM resource types ( IAM users, groups, roles, and customer managed policies) will not be automatically added as exclusions for `ExclusionByResourceTypes` when `IncludeGlobalResourceTypes` is set to `false` .\n> \n> The `IncludeGlobalResourceTypes` field should only be used to modify the `AllSupported` field, as the default for the `AllSupported` field is to record configuration changes for all supported resource types excluding the global IAM resource types. To include the global IAM resource types when `AllSupported` is set to `true` , make sure to set `IncludeGlobalResourceTypes` to `true` .\n> \n> To exclude the global IAM resource types for the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, you need to manually add them to the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Required and optional fields*\n> \n> Before you set this field to `true` , set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` . > *Overriding fields*\n> \n> If you set this field to `false` but list global IAM resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , AWS Config will still record configuration changes for those specified resource types *regardless* of if you set the `IncludeGlobalResourceTypes` field to false.\n> \n> If you do not want to record configuration changes to the global IAM resource types (IAM users, groups, roles, and customer managed policies), make sure to not list them in the `ResourceTypes` field in addition to setting the `IncludeGlobalResourceTypes` field to false.", + "title": "IncludeGlobalResourceTypes", "type": "boolean" }, - "Username": { - "markdownDescription": "Endpoint connection user name.", - "title": "Username", - "type": "string" + "RecordingStrategy": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingStrategy", + "markdownDescription": "An object that specifies the recording strategy for the configuration recorder.\n\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type.\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resources types and the resource exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", + "title": "RecordingStrategy" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list that specifies which resource types AWS Config records.\n\nFor a list of valid `ResourceTypes` values, see the *Resource Type Value* column in [Supported AWS resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n\n> *Required and optional fields*\n> \n> Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` .\n> \n> To record all configuration changes, set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` , and either omit this field or don't specify any resource types in this field. If you set the `AllSupported` field to `false` and specify values for `ResourceTypes` , when AWS Config adds support for a new type of resource, it will not record resources of that type unless you manually add that type to your recording group. > *Region availability*\n> \n> Before specifying a resource type for AWS Config to track, check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if the resource type is supported in the AWS Region where you set up AWS Config . If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config , even if the specified resource type is not supported in the AWS Region where you set up AWS Config .", + "title": "ResourceTypes", + "type": "array" } }, "type": "object" }, - "AWS::DMS::Endpoint.MongoDbSettings": { + "AWS::Config::ConfigurationRecorder.RecordingMode": { "additionalProperties": false, "properties": { - "AuthMechanism": { - "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", - "title": "AuthMechanism", + "RecordingFrequency": { + "markdownDescription": "The default recording frequency that AWS Config uses to record configuration changes.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`\n> \n> For the *allSupported* ( `ALL_SUPPORTED_RESOURCE_TYPES` ) recording strategy, these resource types will be set to Continuous recording.", + "title": "RecordingFrequency", "type": "string" }, - "AuthSource": { - "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", - "title": "AuthSource", + "RecordingModeOverrides": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingModeOverride" + }, + "markdownDescription": "An array of `recordingModeOverride` objects for you to specify your overrides for the recording mode. The `recordingModeOverride` object in the `recordingModeOverrides` array consists of three fields: a `description` , the new `recordingFrequency` , and an array of `resourceTypes` to override.", + "title": "RecordingModeOverrides", + "type": "array" + } + }, + "required": [ + "RecordingFrequency" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.RecordingModeOverride": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description that you provide for the override.", + "title": "Description", "type": "string" }, - "AuthType": { - "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen set to `\"no\"` , user name and password parameters are not used and can be empty.", - "title": "AuthType", + "RecordingFrequency": { + "markdownDescription": "The recording frequency that will be applied to all the resource types specified in the override.\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous.", + "title": "RecordingFrequency", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The database name on the MongoDB source endpoint.", - "title": "DatabaseName", + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list that specifies which resource types AWS Config includes in the override.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`", + "title": "ResourceTypes", + "type": "array" + } + }, + "required": [ + "RecordingFrequency", + "ResourceTypes" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.RecordingStrategy": { + "additionalProperties": false, + "properties": { + "UseOnly": { + "markdownDescription": "The recording strategy for the configuration recorder.\n\n- If you set this option to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type. For a list of supported resource types, see [Supported Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n- If you set this option to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types that you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set this option to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resource types and the exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", + "title": "UseOnly", "type": "string" - }, - "DocsToInvestigate": { - "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", - "title": "DocsToInvestigate", + } + }, + "required": [ + "UseOnly" + ], + "type": "object" + }, + "AWS::Config::ConformancePack": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "ExtractDocId": { - "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", - "title": "ExtractDocId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NestingLevel": { - "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", - "title": "NestingLevel", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Password": { - "markdownDescription": "The password for the user account you use to access the MongoDB source endpoint.", - "title": "Password", - "type": "string" + "Metadata": { + "type": "object" }, - "Port": { - "markdownDescription": "The port value for the MongoDB source endpoint.", - "title": "Port", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ConformancePackInputParameters": { + "items": { + "$ref": "#/definitions/AWS::Config::ConformancePack.ConformancePackInputParameter" + }, + "markdownDescription": "A list of ConformancePackInputParameter objects.", + "title": "ConformancePackInputParameters", + "type": "array" + }, + "ConformancePackName": { + "markdownDescription": "Name of the conformance pack you want to create.", + "title": "ConformancePackName", + "type": "string" + }, + "DeliveryS3Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.", + "title": "DeliveryS3Bucket", + "type": "string" + }, + "DeliveryS3KeyPrefix": { + "markdownDescription": "The prefix for the Amazon S3 bucket.", + "title": "DeliveryS3KeyPrefix", + "type": "string" + }, + "TemplateBody": { + "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\n> You can only use a YAML template with two resource types: config rule ( `AWS::Config::ConfigRule` ) and a remediation action ( `AWS::Config::RemediationConfiguration` ).", + "title": "TemplateBody", + "type": "string" + }, + "TemplateS3Uri": { + "markdownDescription": "Location of file containing the template body (s3://bucketname/prefix). The uri must point to the conformance pack template (max size: 300 KB) that is located in an Amazon S3 bucket.\n\n> You must have access to read Amazon S3 bucket.", + "title": "TemplateS3Uri", + "type": "string" + }, + "TemplateSSMDocumentDetails": { + "$ref": "#/definitions/AWS::Config::ConformancePack.TemplateSSMDocumentDetails", + "markdownDescription": "An object that contains the name or Amazon Resource Name (ARN) of the AWS Systems Manager document (SSM document) and the version of the SSM document that is used to create a conformance pack.", + "title": "TemplateSSMDocumentDetails" + } + }, + "required": [ + "ConformancePackName" + ], + "type": "object" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MongoDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "Type": { + "enum": [ + "AWS::Config::ConformancePack" + ], "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MongoDB endpoint connection details.", - "title": "SecretsManagerSecretId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ServerName": { - "markdownDescription": "The name of the server on the MongoDB source endpoint.", - "title": "ServerName", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::ConformancePack.ConformancePackInputParameter": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterName", "type": "string" }, - "Username": { - "markdownDescription": "The user name you use to access the MongoDB source endpoint.", - "title": "Username", + "ParameterValue": { + "markdownDescription": "Another part of the key-value pair.", + "title": "ParameterValue", "type": "string" } }, + "required": [ + "ParameterName", + "ParameterValue" + ], "type": "object" }, - "AWS::DMS::Endpoint.MySqlSettings": { + "AWS::Config::ConformancePack.TemplateSSMDocumentDetails": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", - "title": "AfterConnectScript", + "DocumentName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document.", + "title": "DocumentName", "type": "string" }, - "CleanSourceMetadataOnMismatch": { - "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. For example, in a situation where running an alter DDL on the table could result in different information about the table cached in the replication instance.", - "title": "CleanSourceMetadataOnMismatch", - "type": "boolean" + "DocumentVersion": { + "markdownDescription": "The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version.\n\n> This field is optional.", + "title": "DocumentVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::DeliveryChannel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "EventsPollInterval": { - "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", - "title": "EventsPollInterval", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParallelLoadThreads": { - "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", - "title": "ParallelLoadThreads", - "type": "number" + "Metadata": { + "type": "object" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigSnapshotDeliveryProperties": { + "$ref": "#/definitions/AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties", + "markdownDescription": "The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.", + "title": "ConfigSnapshotDeliveryProperties" + }, + "Name": { + "markdownDescription": "A name for the delivery channel. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nUpdates are not supported. To change the name, you must run two separate updates. In the first update, delete this resource, and then recreate it with a new name in the second update.", + "title": "Name", + "type": "string" + }, + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.\n\nIf you specify a bucket that belongs to another AWS account , that bucket must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon S3 Bucket](https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html) in the *AWS Config Developer Guide* .", + "title": "S3BucketName", + "type": "string" + }, + "S3KeyPrefix": { + "markdownDescription": "The prefix for the specified Amazon S3 bucket.", + "title": "S3KeyPrefix", + "type": "string" + }, + "S3KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service ( AWS KMS ) AWS KMS key (KMS key) used to encrypt objects delivered by AWS Config . Must belong to the same Region as the destination S3 bucket.", + "title": "S3KmsKeyArn", + "type": "string" + }, + "SnsTopicARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.\n\nIf you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon SNS Topic](https://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html) in the *AWS Config Developer Guide* .", + "title": "SnsTopicARN", + "type": "string" + } + }, + "required": [ + "S3BucketName" + ], + "type": "object" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", - "title": "SecretsManagerSecretId", + "Type": { + "enum": [ + "AWS::Config::DeliveryChannel" + ], "type": "string" }, - "ServerTimezone": { - "markdownDescription": "Specifies the time zone for the source MySQL database.\n\nExample: `serverTimezone=US/Pacific;`\n\nNote: Do not enclose time zones in single quotes.", - "title": "ServerTimezone", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "TargetDbType": { - "markdownDescription": "Specifies where to migrate source tables on the target, either to a single database or multiple databases. If you specify `SPECIFIC_DATABASE` , specify the database name using the `DatabaseName` parameter of the `Endpoint` object.\n\nExample: `targetDbType=MULTIPLE_DATABASES`", - "title": "TargetDbType", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties": { + "additionalProperties": false, + "properties": { + "DeliveryFrequency": { + "markdownDescription": "The frequency with which AWS Config delivers configuration snapshots.", + "title": "DeliveryFrequency", "type": "string" } }, "type": "object" }, - "AWS::DMS::Endpoint.NeptuneSettings": { + "AWS::Config::OrganizationConfigRule": { "additionalProperties": false, "properties": { - "ErrorRetryDuration": { - "markdownDescription": "The number of milliseconds for AWS DMS to wait to retry a bulk-load of migrated graph data to the Neptune target database before raising an error. The default is 250.", - "title": "ErrorRetryDuration", - "type": "number" + "Condition": { + "type": "string" }, - "IamAuthEnabled": { - "markdownDescription": "If you want IAM authorization enabled for this endpoint, set this parameter to `true` . Then attach the appropriate IAM policy document to your service role specified by `ServiceAccessRoleArn` . The default is `false` .", - "title": "IamAuthEnabled", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MaxFileSize": { - "markdownDescription": "The maximum size in kilobytes of migrated graph data stored in a .csv file before AWS DMS bulk-loads the data to the Neptune target database. The default is 1,048,576 KB. If the bulk load is successful, AWS DMS clears the bucket, ready to store the next batch of migrated graph data.", - "title": "MaxFileSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MaxRetryCount": { - "markdownDescription": "The number of times for AWS DMS to retry a bulk load of migrated graph data to the Neptune target database before raising an error. The default is 5.", - "title": "MaxRetryCount", - "type": "number" + "Metadata": { + "type": "object" }, - "S3BucketFolder": { - "markdownDescription": "A folder path where you want AWS DMS to store migrated graph data in the S3 bucket specified by `S3BucketName`", - "title": "S3BucketFolder", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ExcludedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list of accounts excluded from organization AWS Config rule.", + "title": "ExcludedAccounts", + "type": "array" + }, + "OrganizationConfigRuleName": { + "markdownDescription": "The name that you assign to organization AWS Config rule.", + "title": "OrganizationConfigRuleName", + "type": "string" + }, + "OrganizationCustomPolicyRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata", + "markdownDescription": "An object that specifies metadata for your organization's AWS Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.", + "title": "OrganizationCustomPolicyRuleMetadata" + }, + "OrganizationCustomRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata", + "markdownDescription": "An `OrganizationCustomRuleMetadata` object.", + "title": "OrganizationCustomRuleMetadata" + }, + "OrganizationManagedRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata", + "markdownDescription": "An `OrganizationManagedRuleMetadata` object.", + "title": "OrganizationManagedRuleMetadata" + } + }, + "required": [ + "OrganizationConfigRuleName" + ], + "type": "object" }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS DMS can temporarily store migrated graph data in .csv files before bulk-loading it to the Neptune target database. AWS DMS maps the SQL source data to graph data before storing it in these .csv files.", - "title": "S3BucketName", + "Type": { + "enum": [ + "AWS::Config::OrganizationConfigRule" + ], "type": "string" }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service role that you created for the Neptune target endpoint. The role must allow the `iam:PassRole` action.\n\nFor more information, see [Creating an IAM Service Role for Accessing Amazon Neptune as a Target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.ServiceRole) in the *AWS Database Migration Service User Guide* .", - "title": "ServiceAccessRoleArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.OracleSettings": { + "AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata": { "additionalProperties": false, "properties": { - "AccessAlternateDirectly": { - "markdownDescription": "Set this attribute to `false` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to not access redo logs through any specified path prefix replacement using direct file access.", - "title": "AccessAlternateDirectly", - "type": "boolean" - }, - "AddSupplementalLogging": { - "markdownDescription": "Set this attribute to set up table-level supplemental logging for the Oracle database. This attribute enables PRIMARY KEY supplemental logging on all tables selected for a migration task.\n\nIf you use this option, you still need to enable database-level supplemental logging.", - "title": "AddSupplementalLogging", - "type": "boolean" - }, - "AdditionalArchivedLogDestId": { - "markdownDescription": "Set this attribute with `ArchivedLogDestId` in a primary/ standby setup. This attribute is useful in the case of a switchover. In this case, AWS DMS needs to know which destination to get archive redo logs from to read changes. This need arises because the previous primary instance is now a standby instance after switchover.\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless necessary. For additional information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", - "title": "AdditionalArchivedLogDestId", - "type": "number" - }, - "AllowSelectNestedTables": { - "markdownDescription": "Set this attribute to `true` to enable replication of Oracle tables containing columns that are nested tables or defined types.", - "title": "AllowSelectNestedTables", - "type": "boolean" - }, - "ArchivedLogDestId": { - "markdownDescription": "Specifies the ID of the destination for the archived redo logs. This value should be the same as a number in the dest_id column of the v$archived_log view. If you work with an additional redo log destination, use the `AdditionalArchivedLogDestId` option to specify the additional destination ID. Doing this improves performance by ensuring that the correct logs are accessed from the outset.", - "title": "ArchivedLogDestId", - "type": "number" - }, - "ArchivedLogsOnly": { - "markdownDescription": "When this field is set to `True` , AWS DMS only accesses the archived redo logs. If the archived redo logs are stored on Automatic Storage Management (ASM) only, the AWS DMS user account needs to be granted ASM privileges.", - "title": "ArchivedLogsOnly", - "type": "boolean" + "DebugLogDeliveryAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of accounts that you can enable debug logging for your organization AWS Config Custom Policy rule. List is null when debug logging is enabled for all accounts.", + "title": "DebugLogDeliveryAccounts", + "type": "array" }, - "AsmPassword": { - "markdownDescription": "For an Oracle source endpoint, your Oracle Automatic Storage Management (ASM) password. You can set this value from the `*asm_user_password*` value. You set this value as part of the comma-separated value that you set to the `Password` request parameter when you create the endpoint to access transaction logs using Binary Reader. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmPassword", + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config Custom Policy rule.", + "title": "Description", "type": "string" }, - "AsmServer": { - "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmServer", + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config Custom Policy rule.", + "title": "InputParameters", "type": "string" }, - "AsmUser": { - "markdownDescription": "For an Oracle source endpoint, your ASM user name. You can set this value from the `asm_user` value. You set `asm_user` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmUser", + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your AWS Config Custom Policy rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .", + "title": "MaximumExecutionFrequency", "type": "string" }, - "CharLengthSemantics": { - "markdownDescription": "Specifies whether the length of a character column is in bytes or in characters. To indicate that the character column length is in characters, set this attribute to `CHAR` . Otherwise, the character column length is in bytes.\n\nExample: `charLengthSemantics=CHAR;`", - "title": "CharLengthSemantics", + "OrganizationConfigRuleTriggerTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of notification that initiates AWS Config to run an evaluation for a rule. For AWS Config Custom Policy rules, AWS Config supports change-initiated notification types:\n\n- `ConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.", + "title": "OrganizationConfigRuleTriggerTypes", + "type": "array" + }, + "PolicyText": { + "markdownDescription": "The policy definition containing the logic for your organization AWS Config Custom Policy rule.", + "title": "PolicyText", "type": "string" }, - "DirectPathNoLog": { - "markdownDescription": "When set to `true` , this attribute helps to increase the commit rate on the Oracle target database by writing directly to tables and not writing a trail to database logs.", - "title": "DirectPathNoLog", - "type": "boolean" - }, - "DirectPathParallelLoad": { - "markdownDescription": "When set to `true` , this attribute specifies a parallel load when `useDirectPathFullLoad` is set to `Y` . This attribute also only applies when you use the AWS DMS parallel load feature. Note that the target table cannot have any constraints or indexes.", - "title": "DirectPathParallelLoad", - "type": "boolean" - }, - "EnableHomogenousTablespace": { - "markdownDescription": "Set this attribute to enable homogenous tablespace replication and create existing tables or indexes under the same tablespace on the target.", - "title": "EnableHomogenousTablespace", - "type": "boolean" + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", + "type": "string" }, - "ExtraArchivedLogDestIds": { + "ResourceTypesScope": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Specifies the IDs of one more destinations for one or more archived redo logs. These IDs are the values of the `dest_id` column in the `v$archived_log` view. Use this setting with the `archivedLogDestId` extra connection attribute in a primary-to-single setup or a primary-to-multiple-standby setup.\n\nThis setting is useful in a switchover when you use an Oracle Data Guard database as a source. In this case, AWS DMS needs information about what destination to get archive redo logs from to read changes. AWS DMS needs this because after the switchover the previous primary is a standby instance. For example, in a primary-to-single standby setup you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2]`\n\nIn a primary-to-multiple-standby setup, you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2,3,4]`\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless it's necessary. For more information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", - "title": "ExtraArchivedLogDestIds", + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", "type": "array" }, - "FailTasksOnLobTruncation": { - "markdownDescription": "When set to `true` , this attribute causes a task to fail if the actual size of an LOB column is greater than the specified `LobMaxSize` .\n\nIf a task is set to limited LOB mode and this option is set to `true` , the task fails instead of truncating the LOB data.", - "title": "FailTasksOnLobTruncation", - "type": "boolean" - }, - "NumberDatatypeScale": { - "markdownDescription": "Specifies the number scale. You can select a scale up to 38, or you can select FLOAT. By default, the NUMBER data type is converted to precision 38, scale 10.\n\nExample: `numberDataTypeScale=12`", - "title": "NumberDatatypeScale", - "type": "number" - }, - "OraclePathPrefix": { - "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the default Oracle root used to access the redo logs.", - "title": "OraclePathPrefix", - "type": "string" - }, - "ParallelAsmReadThreads": { - "markdownDescription": "Set this attribute to change the number of threads that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 2 (the default) and 8 (the maximum). Use this attribute together with the `readAheadBlocks` attribute.", - "title": "ParallelAsmReadThreads", - "type": "number" - }, - "ReadAheadBlocks": { - "markdownDescription": "Set this attribute to change the number of read-ahead blocks that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 1000 (the default) and 200,000 (the maximum).", - "title": "ReadAheadBlocks", - "type": "number" - }, - "ReadTableSpaceName": { - "markdownDescription": "When set to `true` , this attribute supports tablespace replication.", - "title": "ReadTableSpaceName", - "type": "boolean" - }, - "ReplacePathPrefix": { - "markdownDescription": "Set this attribute to true in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This setting tells DMS instance to replace the default Oracle root with the specified `usePathPrefix` setting to access the redo logs.", - "title": "ReplacePathPrefix", - "type": "boolean" - }, - "RetryInterval": { - "markdownDescription": "Specifies the number of seconds that the system waits before resending a query.\n\nExample: `retryInterval=6;`", - "title": "RetryInterval", - "type": "number" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Oracle endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerOracleAsmAccessRoleArn": { - "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerOracleAsmSecret` , the corresponding `SecretsManagerOracleAsmAccessRoleArn` , and the `SecretsManagerOracleAsmSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerOracleAsmAccessRoleArn", - "type": "string" - }, - "SecretsManagerOracleAsmSecretId": { - "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN, partial ARN, or display name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", - "title": "SecretsManagerOracleAsmSecretId", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Oracle endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" - }, - "SecurityDbEncryption": { - "markdownDescription": "For an Oracle source endpoint, the transparent data encryption (TDE) password required by AWM DMS to access Oracle redo logs encrypted by TDE using Binary Reader. It is also the `*TDE_Password*` part of the comma-separated value you set to the `Password` request parameter when you create the endpoint. The `SecurityDbEncryptian` setting is related to this `SecurityDbEncryptionName` setting. For more information, see [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", - "title": "SecurityDbEncryption", - "type": "string" - }, - "SecurityDbEncryptionName": { - "markdownDescription": "For an Oracle source endpoint, the name of a key used for the transparent data encryption (TDE) of the columns and tablespaces in an Oracle source database that is encrypted using TDE. The key value is the value of the `SecurityDbEncryption` setting. For more information on setting the key name value of `SecurityDbEncryptionName` , see the information and example for setting the `securityDbEncryptionName` extra connection attribute in [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", - "title": "SecurityDbEncryptionName", - "type": "string" - }, - "SpatialDataOptionToGeoJsonFunctionName": { - "markdownDescription": "Use this attribute to convert `SDO_GEOMETRY` to `GEOJSON` format. By default, DMS calls the `SDO2GEOJSON` custom function if present and accessible. Or you can create your own custom function that mimics the operation of `SDOGEOJSON` and set `SpatialDataOptionToGeoJsonFunctionName` to call it instead.", - "title": "SpatialDataOptionToGeoJsonFunctionName", - "type": "string" - }, - "StandbyDelayTime": { - "markdownDescription": "Use this attribute to specify a time in minutes for the delay in standby sync. If the source is an Oracle Active Data Guard standby database, use this attribute to specify the time lag between primary and standby databases.\n\nIn AWS DMS , you can create an Oracle CDC task that uses an Active Data Guard standby instance as a source for replicating ongoing changes. Doing this eliminates the need to connect to an active database that might be in production.", - "title": "StandbyDelayTime", - "type": "number" - }, - "UseAlternateFolderForOnline": { - "markdownDescription": "Set this attribute to `true` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to use any specified prefix replacement to access all online redo logs.", - "title": "UseAlternateFolderForOnline", - "type": "boolean" - }, - "UseBFile": { - "markdownDescription": "Set this attribute to True to capture change data using the Binary Reader utility. Set `UseLogminerReader` to False to set this attribute to True. To use Binary Reader with Amazon RDS for Oracle as the source, you set additional attributes. For more information about using this setting with Oracle Automatic Storage Management (ASM), see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) .", - "title": "UseBFile", - "type": "boolean" - }, - "UseDirectPathFullLoad": { - "markdownDescription": "Set this attribute to True to have AWS DMS use a direct path full load. Specify this value to use the direct path protocol in the Oracle Call Interface (OCI). By using this OCI protocol, you can bulk-load Oracle target tables during a full load.", - "title": "UseDirectPathFullLoad", - "type": "boolean" - }, - "UseLogminerReader": { - "markdownDescription": "Set this attribute to True to capture change data using the Oracle LogMiner utility (the default). Set this attribute to False if you want to access the redo logs as a binary file. When you set `UseLogminerReader` to False, also set `UseBfile` to True. For more information on this setting and using Oracle ASM, see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) in the *AWS DMS User Guide* .", - "title": "UseLogminerReader", - "type": "boolean" - }, - "UsePathPrefix": { - "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the path prefix used to replace the default Oracle root to access the redo logs.", - "title": "UsePathPrefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::Endpoint.PostgreSqlSettings": { - "additionalProperties": false, - "properties": { - "AfterConnectScript": { - "markdownDescription": "For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data.\n\nExample: `afterConnectScript=SET session_replication_role='replica'`", - "title": "AfterConnectScript", - "type": "string" - }, - "BabelfishDatabaseName": { - "markdownDescription": "The Babelfish for Aurora PostgreSQL database name for the endpoint.", - "title": "BabelfishDatabaseName", - "type": "string" - }, - "CaptureDdls": { - "markdownDescription": "To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts. You can later remove these artifacts.\n\nIf this value is set to `True` , you don't have to create tables or triggers on the source database.", - "title": "CaptureDdls", - "type": "boolean" - }, - "DatabaseMode": { - "markdownDescription": "Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints.", - "title": "DatabaseMode", - "type": "string" - }, - "DdlArtifactsSchema": { - "markdownDescription": "The schema in which the operational DDL database artifacts are created.\n\nThe default value is `public` .\n\nExample: `ddlArtifactsSchema=xyzddlschema;`", - "title": "DdlArtifactsSchema", - "type": "string" - }, - "ExecuteTimeout": { - "markdownDescription": "Sets the client statement timeout for the PostgreSQL instance, in seconds. The default value is 60 seconds.\n\nExample: `executeTimeout=100;`", - "title": "ExecuteTimeout", - "type": "number" - }, - "FailTasksOnLobTruncation": { - "markdownDescription": "When set to `true` , this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize` .\n\nThe default value is `false` .\n\nIf task is set to Limited LOB mode and this option is set to true, the task fails instead of truncating the LOB data.", - "title": "FailTasksOnLobTruncation", - "type": "boolean" - }, - "HeartbeatEnable": { - "markdownDescription": "The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source. This heartbeat keeps `restart_lsn` moving and prevents storage full scenarios.\n\nThe default value is `false` .", - "title": "HeartbeatEnable", - "type": "boolean" - }, - "HeartbeatFrequency": { - "markdownDescription": "Sets the WAL heartbeat frequency (in minutes).\n\nThe default value is 5 minutes.", - "title": "HeartbeatFrequency", - "type": "number" - }, - "HeartbeatSchema": { - "markdownDescription": "Sets the schema in which the heartbeat artifacts are created.\n\nThe default value is `public` .", - "title": "HeartbeatSchema", - "type": "string" - }, - "MapBooleanAsBoolean": { - "markdownDescription": "When true, lets PostgreSQL migrate the boolean type as boolean. By default, PostgreSQL migrates booleans as `varchar(5)` . You must set this setting on both the source and target endpoints for it to take effect.\n\nThe default value is `false` .", - "title": "MapBooleanAsBoolean", - "type": "boolean" - }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL.\n\nThe default value is 32,768 KB (32 MB).\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" - }, - "PluginName": { - "markdownDescription": "Specifies the plugin to use to create a replication slot.\n\nThe default value is `pglogical` .", - "title": "PluginName", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the PostgreSQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the PostgreSQL endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" - }, - "SlotName": { - "markdownDescription": "Sets the name of a previously created logical replication slot for a change data capture (CDC) load of the PostgreSQL source instance.\n\nWhen used with the `CdcStartPosition` request parameter for the AWS DMS API , this attribute also makes it possible to use native CDC start points. DMS verifies that the specified logical replication slot exists before starting the CDC load task. It also verifies that the task was created with a valid setting of `CdcStartPosition` . If the specified slot doesn't exist or the task doesn't have a valid `CdcStartPosition` setting, DMS raises an error.\n\nFor more information about setting the `CdcStartPosition` request parameter, see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native) in the *AWS Database Migration Service User Guide* . For more information about using `CdcStartPosition` , see [CreateReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html) , [StartReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html) , and [ModifyReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html) .", - "title": "SlotName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::Endpoint.RedisSettings": { - "additionalProperties": false, - "properties": { - "AuthPassword": { - "markdownDescription": "The password provided with the `auth-role` and `auth-token` options of the `AuthType` setting for a Redis target endpoint.", - "title": "AuthPassword", - "type": "string" - }, - "AuthType": { - "markdownDescription": "The type of authentication to perform when connecting to a Redis target. Options include `none` , `auth-token` , and `auth-role` . The `auth-token` option requires an `AuthPassword` value to be provided. The `auth-role` option requires `AuthUserName` and `AuthPassword` values to be provided.", - "title": "AuthType", - "type": "string" - }, - "AuthUserName": { - "markdownDescription": "The user name provided with the `auth-role` option of the `AuthType` setting for a Redis target endpoint.", - "title": "AuthUserName", - "type": "string" - }, - "Port": { - "markdownDescription": "Transmission Control Protocol (TCP) port for the endpoint.", - "title": "Port", - "type": "number" - }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint.", - "title": "ServerName", + "Runtime": { + "markdownDescription": "The runtime system for your organization AWS Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", + "title": "Runtime", "type": "string" }, - "SslCaCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint.", - "title": "SslCaCertificateArn", + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", "type": "string" }, - "SslSecurityProtocol": { - "markdownDescription": "The connection to a Redis target endpoint using Transport Layer Security (TLS). Valid values include `plaintext` and `ssl-encryption` . The default is `ssl-encryption` . The `ssl-encryption` option makes an encrypted connection. Optionally, you can identify an Amazon Resource Name (ARN) for an SSL certificate authority (CA) using the `SslCaCertificateArn` setting. If an ARN isn't given for a CA, DMS uses the Amazon root CA.\n\nThe `plaintext` option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database.", - "title": "SslSecurityProtocol", + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", "type": "string" } }, + "required": [ + "PolicyText", + "Runtime" + ], "type": "object" }, - "AWS::DMS::Endpoint.RedshiftSettings": { + "AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata": { "additionalProperties": false, "properties": { - "AcceptAnyDate": { - "markdownDescription": "A value that indicates to allow any date format, including invalid formats such as 00/00/00 00:00:00, to be loaded without generating an error. You can choose `true` or `false` (the default).\n\nThis parameter applies only to TIMESTAMP and DATE columns. Always use ACCEPTANYDATE with the DATEFORMAT parameter. If the date format for the data doesn't match the DATEFORMAT specification, Amazon Redshift inserts a NULL value into that field.", - "title": "AcceptAnyDate", - "type": "boolean" - }, - "AfterConnectScript": { - "markdownDescription": "Code to run after connecting. This parameter should contain the code itself, not the name of a file containing the code.", - "title": "AfterConnectScript", - "type": "string" - }, - "BucketFolder": { - "markdownDescription": "An S3 folder where the comma-separated-value (.csv) files are stored before being uploaded to the target Redshift cluster.\n\nFor full load mode, AWS DMS converts source records into .csv files and loads them to the *BucketFolder/TableID* path. AWS DMS uses the Redshift `COPY` command to upload the .csv files to the target table. The files are deleted once the `COPY` operation has finished. For more information, see [COPY](https://docs.aws.amazon.com/redshift/latest/dg/r_COPY.html) in the *Amazon Redshift Database Developer Guide* .\n\nFor change-data-capture (CDC) mode, AWS DMS creates a *NetChanges* table, and loads the .csv files to this *BucketFolder/NetChangesTableID* path.", - "title": "BucketFolder", - "type": "string" - }, - "BucketName": { - "markdownDescription": "The name of the intermediate S3 bucket used to store .csv files before uploading data to Redshift.", - "title": "BucketName", - "type": "string" - }, - "CaseSensitiveNames": { - "markdownDescription": "If Amazon Redshift is configured to support case sensitive schema names, set `CaseSensitiveNames` to `true` . The default is `false` .", - "title": "CaseSensitiveNames", - "type": "boolean" - }, - "CompUpdate": { - "markdownDescription": "If you set `CompUpdate` to `true` Amazon Redshift applies automatic compression if the table is empty. This applies even if the table columns already have encodings other than `RAW` . If you set `CompUpdate` to `false` , automatic compression is disabled and existing column encodings aren't changed. The default is `true` .", - "title": "CompUpdate", - "type": "boolean" - }, - "ConnectionTimeout": { - "markdownDescription": "A value that sets the amount of time to wait (in milliseconds) before timing out, beginning from when you initially establish a connection.", - "title": "ConnectionTimeout", - "type": "number" - }, - "DateFormat": { - "markdownDescription": "The date format that you are using. Valid values are `auto` (case-sensitive), your date format string enclosed in quotes, or NULL. If this parameter is left unset (NULL), it defaults to a format of 'YYYY-MM-DD'. Using `auto` recognizes most strings, even some that aren't supported when you use a date format string.\n\nIf your date and time values use formats different from each other, set this to `auto` .", - "title": "DateFormat", + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config rule.", + "title": "Description", "type": "string" }, - "EmptyAsNull": { - "markdownDescription": "A value that specifies whether AWS DMS should migrate empty CHAR and VARCHAR fields as NULL. A value of `true` sets empty CHAR and VARCHAR fields to null. The default is `false` .", - "title": "EmptyAsNull", - "type": "boolean" - }, - "EncryptionMode": { - "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , create an AWS Identity and Access Management (IAM) role with a policy that allows `\"arn:aws:s3:::*\"` to use the following actions: `\"s3:PutObject\", \"s3:ListBucket\"`", - "title": "EncryptionMode", + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", + "title": "InputParameters", "type": "string" }, - "ExplicitIds": { - "markdownDescription": "This setting is only valid for a full-load migration task. Set `ExplicitIds` to `true` to have tables with `IDENTITY` columns override their auto-generated values with explicit values loaded from the source data files used to populate the tables. The default is `false` .", - "title": "ExplicitIds", - "type": "boolean" - }, - "FileTransferUploadStreams": { - "markdownDescription": "The number of threads used to upload a single file. This parameter accepts a value from 1 through 64. It defaults to 10.\n\nThe number of parallel streams used to upload a single .csv file to an S3 bucket using S3 Multipart Upload. For more information, see [Multipart upload overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) .\n\n`FileTransferUploadStreams` accepts a value from 1 through 64. It defaults to 10.", - "title": "FileTransferUploadStreams", - "type": "number" - }, - "LoadTimeout": { - "markdownDescription": "The amount of time to wait (in milliseconds) before timing out of operations performed by AWS DMS on a Redshift cluster, such as Redshift COPY, INSERT, DELETE, and UPDATE.", - "title": "LoadTimeout", - "type": "number" - }, - "MapBooleanAsBoolean": { - "markdownDescription": "When true, lets Redshift migrate the boolean type as boolean. By default, Redshift migrates booleans as `varchar(1)` . You must set this setting on both the source and target endpoints for it to take effect.", - "title": "MapBooleanAsBoolean", - "type": "boolean" - }, - "MaxFileSize": { - "markdownDescription": "The maximum size (in KB) of any .csv file used to load data on an S3 bucket and transfer data to Amazon Redshift. It defaults to 1048576KB (1 GB).", - "title": "MaxFileSize", - "type": "number" - }, - "RemoveQuotes": { - "markdownDescription": "A value that specifies to remove surrounding quotation marks from strings in the incoming data. All characters within the quotation marks, including delimiters, are retained. Choose `true` to remove quotation marks. The default is `false` .", - "title": "RemoveQuotes", - "type": "boolean" - }, - "ReplaceChars": { - "markdownDescription": "A value that specifies to replaces the invalid characters specified in `ReplaceInvalidChars` , substituting the specified characters instead. The default is `\"?\"` .", - "title": "ReplaceChars", + "LambdaFunctionArn": { + "markdownDescription": "The lambda function ARN.", + "title": "LambdaFunctionArn", "type": "string" }, - "ReplaceInvalidChars": { - "markdownDescription": "A list of characters that you want to replace. Use with `ReplaceChars` .", - "title": "ReplaceInvalidChars", + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", "type": "string" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Amazon Redshift endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "OrganizationConfigRuleTriggerTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .", + "title": "OrganizationConfigRuleTriggerTypes", + "type": "array" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Amazon Redshift endpoint connection details.", - "title": "SecretsManagerSecretId", + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", "type": "string" }, - "ServerSideEncryptionKmsKeyId": { - "markdownDescription": "The AWS KMS key ID. If you are using `SSE_KMS` for the `EncryptionMode` , provide this key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.", - "title": "ServerSideEncryptionKmsKeyId", - "type": "string" + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that has access to the Amazon Redshift service. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", "type": "string" }, - "TimeFormat": { - "markdownDescription": "The time format that you want to use. Valid values are `auto` (case-sensitive), `'timeformat_string'` , `'epochsecs'` , or `'epochmillisecs'` . It defaults to 10. Using `auto` recognizes most strings, even some that aren't supported when you use a time format string.\n\nIf your date and time values use formats different from each other, set this parameter to `auto` .", - "title": "TimeFormat", + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", "type": "string" - }, - "TrimBlanks": { - "markdownDescription": "A value that specifies to remove the trailing white space characters from a VARCHAR string. This parameter applies only to columns with a VARCHAR data type. Choose `true` to remove unneeded white space. The default is `false` .", - "title": "TrimBlanks", - "type": "boolean" - }, - "TruncateColumns": { - "markdownDescription": "A value that specifies to truncate data in columns to the appropriate number of characters, so that the data fits in the column. This parameter applies only to columns with a VARCHAR or CHAR data type, and rows with a size of 4 MB or less. Choose `true` to truncate data. The default is `false` .", - "title": "TruncateColumns", - "type": "boolean" - }, - "WriteBufferSize": { - "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk at the DMS replication instance. The default value is 1000 (buffer size is 1000KB).", - "title": "WriteBufferSize", - "type": "number" } }, + "required": [ + "LambdaFunctionArn", + "OrganizationConfigRuleTriggerTypes" + ], "type": "object" }, - "AWS::DMS::Endpoint.S3Settings": { + "AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata": { "additionalProperties": false, "properties": { - "AddColumnName": { - "markdownDescription": "An optional parameter that, when set to `true` or `y` , you can use to add column name information to the .csv output file.\n\nThe default value is `false` . Valid values are `true` , `false` , `y` , and `n` .", - "title": "AddColumnName", - "type": "boolean" - }, - "AddTrailingPaddingCharacter": { - "markdownDescription": "Use the S3 target endpoint setting `AddTrailingPaddingCharacter` to add padding on string data. The default value is `false` .", - "title": "AddTrailingPaddingCharacter", - "type": "boolean" - }, - "BucketFolder": { - "markdownDescription": "An optional parameter to set a folder name in the S3 bucket. If provided, tables are created in the path `*bucketFolder* / *schema_name* / *table_name* /` . If this parameter isn't specified, the path used is `*schema_name* / *table_name* /` .", - "title": "BucketFolder", - "type": "string" - }, - "BucketName": { - "markdownDescription": "The name of the S3 bucket.", - "title": "BucketName", - "type": "string" - }, - "CannedAclForObjects": { - "markdownDescription": "A value that enables AWS DMS to specify a predefined (canned) access control list (ACL) for objects created in an Amazon S3 bucket as .csv or .parquet files. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 Developer Guide* .\n\nThe default value is NONE. Valid values include NONE, PRIVATE, PUBLIC_READ, PUBLIC_READ_WRITE, AUTHENTICATED_READ, AWS_EXEC_READ, BUCKET_OWNER_READ, and BUCKET_OWNER_FULL_CONTROL.", - "title": "CannedAclForObjects", - "type": "string" - }, - "CdcInsertsAndUpdates": { - "markdownDescription": "A value that enables a change data capture (CDC) load to write INSERT and UPDATE operations to .csv or .parquet (columnar storage) output files. The default setting is `false` , but when `CdcInsertsAndUpdates` is set to `true` or `y` , only INSERTs and UPDATEs from the source database are migrated to the .csv or .parquet file.\n\nFor .csv file format only, how these INSERTs and UPDATEs are recorded depends on the value of the `IncludeOpForFullLoad` parameter. If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to either `I` or `U` to indicate INSERT and UPDATE operations at the source. But if `IncludeOpForFullLoad` is set to `false` , CDC records are written without an indication of INSERT or UPDATE operations at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the use of the `CdcInsertsAndUpdates` parameter in versions 3.3.1 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", - "title": "CdcInsertsAndUpdates", - "type": "boolean" - }, - "CdcInsertsOnly": { - "markdownDescription": "A value that enables a change data capture (CDC) load to write only INSERT operations to .csv or columnar storage (.parquet) output files. By default (the `false` setting), the first field in a .csv or .parquet record contains the letter I (INSERT), U (UPDATE), or D (DELETE). These values indicate whether the row was inserted, updated, or deleted at the source database for a CDC load to the target.\n\nIf `CdcInsertsOnly` is set to `true` or `y` , only INSERTs from the source database are migrated to the .csv or .parquet file. For .csv format only, how these INSERTs are recorded depends on the value of `IncludeOpForFullLoad` . If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to I to indicate the INSERT operation at the source. If `IncludeOpForFullLoad` is set to `false` , every CDC record is written without a first field to indicate the INSERT operation at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the interaction described preceding between the `CdcInsertsOnly` and `IncludeOpForFullLoad` parameters in versions 3.1.4 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", - "title": "CdcInsertsOnly", - "type": "boolean" - }, - "CdcMaxBatchInterval": { - "markdownDescription": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3.\n\nWhen `CdcMaxBatchInterval` and `CdcMinFileSize` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 60 seconds.", - "title": "CdcMaxBatchInterval", - "type": "number" - }, - "CdcMinFileSize": { - "markdownDescription": "Minimum file size, defined in kilobytes, to reach for a file output to Amazon S3.\n\nWhen `CdcMinFileSize` and `CdcMaxBatchInterval` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 32 MB.", - "title": "CdcMinFileSize", - "type": "number" - }, - "CdcPath": { - "markdownDescription": "Specifies the folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `CdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. For an S3 target if you set [`PreserveTransactions`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-PreserveTransactions) to `true` , AWS DMS verifies that you have set this parameter to a folder path on your S3 target where AWS DMS can save the transaction order for the CDC load. AWS DMS creates this CDC folder path in either your S3 target working directory or the S3 target location specified by [`BucketFolder`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketFolder) and [`BucketName`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketName) .\n\nFor example, if you specify `CdcPath` as `MyChangedData` , and you specify `BucketName` as `MyTargetBucket` but do not specify `BucketFolder` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyChangedData` .\n\nIf you specify the same `CdcPath` , and you specify `BucketName` as `MyTargetBucket` and `BucketFolder` as `MyTargetData` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyTargetData/MyChangedData` .\n\nFor more information on CDC including transaction order on an S3 target, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", - "title": "CdcPath", - "type": "string" - }, - "CompressionType": { - "markdownDescription": "An optional parameter. When set to GZIP it enables the service to compress the target files. To allow the service to write the target files uncompressed, either set this parameter to NONE (the default) or don't specify the parameter at all. This parameter applies to both .csv and .parquet file formats.", - "title": "CompressionType", - "type": "string" - }, - "CsvDelimiter": { - "markdownDescription": "The delimiter used to separate columns in the .csv file for both source and target. The default is a comma.", - "title": "CsvDelimiter", - "type": "string" - }, - "CsvNoSupValue": { - "markdownDescription": "This setting only applies if your Amazon S3 output files during a change data capture (CDC) load are written in .csv format. If [`UseCsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-UseCsvNoSupValue) is set to true, specify a string value that you want AWS DMS to use for all columns not included in the supplemental log. If you do not specify a string value, AWS DMS uses the null value for these columns regardless of the `UseCsvNoSupValue` setting.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", - "title": "CsvNoSupValue", - "type": "string" - }, - "CsvNullValue": { - "markdownDescription": "An optional parameter that specifies how AWS DMS treats null values. While handling the null value, you can use this parameter to pass a user-defined string as null when writing to the target. For example, when target columns are not nullable, you can use this option to differentiate between the empty string value and the null value. So, if you set this parameter value to the empty string (\"\" or ''), AWS DMS treats the empty string as the null value instead of `NULL` .\n\nThe default value is `NULL` . Valid values include any valid string.", - "title": "CsvNullValue", - "type": "string" - }, - "CsvRowDelimiter": { - "markdownDescription": "The delimiter used to separate rows in the .csv file for both source and target.\n\nThe default is a carriage return ( `\\n` ).", - "title": "CsvRowDelimiter", - "type": "string" - }, - "DataFormat": { - "markdownDescription": "The format of the data that you want to use for output. You can choose one of the following:\n\n- `csv` : This is a row-based file format with comma-separated values (.csv).\n- `parquet` : Apache Parquet (.parquet) is a columnar storage file format that features efficient compression and provides faster query response.", - "title": "DataFormat", - "type": "string" - }, - "DataPageSize": { - "markdownDescription": "The size of one data page in bytes. This parameter defaults to 1024 * 1024 bytes (1 MiB). This number is used for .parquet file format only.", - "title": "DataPageSize", - "type": "number" - }, - "DatePartitionDelimiter": { - "markdownDescription": "Specifies a date separating delimiter to use during folder partitioning. The default value is `SLASH` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", - "title": "DatePartitionDelimiter", - "type": "string" - }, - "DatePartitionEnabled": { - "markdownDescription": "When set to `true` , this parameter partitions S3 bucket folders based on transaction commit dates. The default value is `false` . For more information about date-based folder partitioning, see [Using date-based folder partitioning](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.DatePartitioning) .", - "title": "DatePartitionEnabled", - "type": "boolean" - }, - "DatePartitionSequence": { - "markdownDescription": "Identifies the sequence of the date format to use during folder partitioning. The default value is `YYYYMMDD` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", - "title": "DatePartitionSequence", - "type": "string" - }, - "DatePartitionTimezone": { - "markdownDescription": "When creating an S3 target endpoint, set `DatePartitionTimezone` to convert the current UTC time into a specified time zone. The conversion occurs when a date partition folder is created and a change data capture (CDC) file name is generated. The time zone format is Area/Location. Use this parameter when `DatePartitionedEnabled` is set to `true` , as shown in the following example.\n\n`s3-settings='{\"DatePartitionEnabled\": true, \"DatePartitionSequence\": \"YYYYMMDDHH\", \"DatePartitionDelimiter\": \"SLASH\", \"DatePartitionTimezone\":\" *Asia/Seoul* \", \"BucketName\": \"dms-nattarat-test\"}'`", - "title": "DatePartitionTimezone", - "type": "string" - }, - "DictPageSizeLimit": { - "markdownDescription": "The maximum size of an encoded dictionary page of a column. If the dictionary page exceeds this, this column is stored using an encoding type of `PLAIN` . This parameter defaults to 1024 * 1024 bytes (1 MiB), the maximum size of a dictionary page before it reverts to `PLAIN` encoding. This size is used for .parquet file format only.", - "title": "DictPageSizeLimit", - "type": "number" - }, - "EnableStatistics": { - "markdownDescription": "A value that enables statistics for Parquet pages and row groups. Choose `true` to enable statistics, `false` to disable. Statistics include `NULL` , `DISTINCT` , `MAX` , and `MIN` values. This parameter defaults to `true` . This value is used for .parquet file format only.", - "title": "EnableStatistics", - "type": "boolean" - }, - "EncodingType": { - "markdownDescription": "The type of encoding that you're using:\n\n- `RLE_DICTIONARY` uses a combination of bit-packing and run-length encoding to store repeated values more efficiently. This is the default.\n- `PLAIN` doesn't use encoding at all. Values are stored as they are.\n- `PLAIN_DICTIONARY` builds a dictionary of the values encountered in a given column. The dictionary is stored in a dictionary page for each column chunk.", - "title": "EncodingType", - "type": "string" - }, - "EncryptionMode": { - "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , you need an IAM role with permission to allow `\"arn:aws:s3:::dms-*\"` to use the following actions:\n\n- `s3:CreateBucket`\n- `s3:ListBucket`\n- `s3:DeleteBucket`\n- `s3:GetBucketLocation`\n- `s3:GetObject`\n- `s3:PutObject`\n- `s3:DeleteObject`\n- `s3:GetObjectVersion`\n- `s3:GetBucketPolicy`\n- `s3:PutBucketPolicy`\n- `s3:DeleteBucketPolicy`", - "title": "EncryptionMode", - "type": "string" - }, - "ExpectedBucketOwner": { - "markdownDescription": "To specify a bucket owner and prevent sniping, you can use the `ExpectedBucketOwner` endpoint setting.\n\nExample: `--s3-settings='{\"ExpectedBucketOwner\": \" *AWS_Account_ID* \"}'`\n\nWhen you make a request to test a connection or perform a migration, S3 checks the account ID of the bucket owner against the specified parameter.", - "title": "ExpectedBucketOwner", + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config rule.", + "title": "Description", "type": "string" }, - "ExternalTableDefinition": { - "markdownDescription": "The external table definition.\n\nConditional: If `S3` is used as a source then `ExternalTableDefinition` is required.", - "title": "ExternalTableDefinition", + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", + "title": "InputParameters", "type": "string" }, - "GlueCatalogGeneration": { - "markdownDescription": "When true, allows AWS Glue to catalog your S3 bucket. Creating an AWS Glue catalog lets you use Athena to query your data.", - "title": "GlueCatalogGeneration", - "type": "boolean" - }, - "IgnoreHeaderRows": { - "markdownDescription": "When this value is set to 1, AWS DMS ignores the first row header in a .csv file. A value of 1 turns on the feature; a value of 0 turns off the feature.\n\nThe default is 0.", - "title": "IgnoreHeaderRows", - "type": "number" - }, - "IncludeOpForFullLoad": { - "markdownDescription": "A value that enables a full load to write INSERT operations to the comma-separated value (.csv) output files only to indicate how the rows were added to the source database.\n\n> AWS DMS supports the `IncludeOpForFullLoad` parameter in versions 3.1.4 and later. \n\nFor full load, records can only be inserted. By default (the `false` setting), no information is recorded in these output files for a full load to indicate that the rows were inserted at the source database. If `IncludeOpForFullLoad` is set to `true` or `y` , the INSERT is recorded as an I annotation in the first field of the .csv file. This allows the format of your target records from a full load to be consistent with the target records from a CDC load.\n\n> This setting works together with the `CdcInsertsOnly` and the `CdcInsertsAndUpdates` parameters for output to .csv files only. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .", - "title": "IncludeOpForFullLoad", - "type": "boolean" - }, - "MaxFileSize": { - "markdownDescription": "A value that specifies the maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load.\n\nThe default value is 1,048,576 KB (1 GB). Valid values include 1 to 1,048,576.", - "title": "MaxFileSize", - "type": "number" - }, - "ParquetTimestampInMillisecond": { - "markdownDescription": "A value that specifies the precision of any `TIMESTAMP` column values that are written to an Amazon S3 object file in .parquet format.\n\n> AWS DMS supports the `ParquetTimestampInMillisecond` parameter in versions 3.1.4 and later. \n\nWhen `ParquetTimestampInMillisecond` is set to `true` or `y` , AWS DMS writes all `TIMESTAMP` columns in a .parquet formatted file with millisecond precision. Otherwise, DMS writes them with microsecond precision.\n\nCurrently, Amazon Athena and AWS Glue can handle only millisecond precision for `TIMESTAMP` values. Set this parameter to `true` for S3 endpoint object files that are .parquet formatted only if you plan to query or process the data with Athena or AWS Glue .\n\n> AWS DMS writes any `TIMESTAMP` column values written to an S3 file in .csv format with microsecond precision.\n> \n> Setting `ParquetTimestampInMillisecond` has no effect on the string format of the timestamp column value that is inserted by setting the `TimestampColumnName` parameter.", - "title": "ParquetTimestampInMillisecond", - "type": "boolean" - }, - "ParquetVersion": { - "markdownDescription": "The version of the Apache Parquet format that you want to use: `parquet_1_0` (the default) or `parquet_2_0` .", - "title": "ParquetVersion", + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. This is for an AWS Config managed rule that is triggered at a periodic frequency.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", "type": "string" }, - "PreserveTransactions": { - "markdownDescription": "If this setting is set to `true` , AWS DMS saves the transaction order for a change data capture (CDC) load on the Amazon S3 target specified by [`CdcPath`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CdcPath) . For more information, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", - "title": "PreserveTransactions", - "type": "boolean" - }, - "Rfc4180": { - "markdownDescription": "For an S3 source, when this value is set to `true` or `y` , each leading double quotation mark has to be followed by an ending double quotation mark. This formatting complies with RFC 4180. When this value is set to `false` or `n` , string literals are copied to the target as is. In this case, a delimiter (row or column) signals the end of the field. Thus, you can't use a delimiter as part of the string, because it signals the end of the value.\n\nFor an S3 target, an optional parameter used to set behavior to comply with RFC 4180 for data migrated to Amazon S3 using .csv file format only. When this value is set to `true` or `y` using Amazon S3 as a target, if the data has quotation marks or newline characters in it, AWS DMS encloses the entire column with an additional pair of double quotation marks (\"). Every quotation mark within the data is repeated twice.\n\nThe default value is `true` . Valid values include `true` , `false` , `y` , and `n` .", - "title": "Rfc4180", - "type": "boolean" - }, - "RowGroupLength": { - "markdownDescription": "The number of rows in a row group. A smaller row group size provides faster reads. But as the number of row groups grows, the slower writes become. This parameter defaults to 10,000 rows. This number is used for .parquet file format only.\n\nIf you choose a value larger than the maximum, `RowGroupLength` is set to the max row group length in bytes (64 * 1024 * 1024).", - "title": "RowGroupLength", - "type": "number" - }, - "ServerSideEncryptionKmsKeyId": { - "markdownDescription": "If you are using `SSE_KMS` for the `EncryptionMode` , provide the AWS KMS key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.\n\nHere is a CLI example: `aws dms create-endpoint --endpoint-identifier *value* --endpoint-type target --engine-name s3 --s3-settings ServiceAccessRoleArn= *value* ,BucketFolder= *value* ,BucketName= *value* ,EncryptionMode=SSE_KMS,ServerSideEncryptionKmsKeyId= *value*`", - "title": "ServerSideEncryptionKmsKeyId", + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", "type": "string" }, - "ServiceAccessRoleArn": { - "markdownDescription": "A required parameter that specifies the Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action. It enables AWS DMS to read and write objects from an S3 bucket.", - "title": "ServiceAccessRoleArn", - "type": "string" + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" }, - "TimestampColumnName": { - "markdownDescription": "A value that when nonblank causes AWS DMS to add a column with timestamp information to the endpoint data for an Amazon S3 target.\n\n> AWS DMS supports the `TimestampColumnName` parameter in versions 3.1.4 and later. \n\nAWS DMS includes an additional `STRING` column in the .csv or .parquet object files of your migrated data when you set `TimestampColumnName` to a nonblank value.\n\nFor a full load, each row of this timestamp column contains a timestamp for when the data was transferred from the source to the target by DMS.\n\nFor a change data capture (CDC) load, each row of the timestamp column contains the timestamp for the commit of that row in the source database.\n\nThe string format for this timestamp column value is `yyyy-MM-dd HH:mm:ss.SSSSSS` . By default, the precision of this value is in microseconds. For a CDC load, the rounding of the precision depends on the commit timestamp supported by DMS for the source database.\n\nWhen the `AddColumnName` parameter is set to `true` , DMS also includes a name for the timestamp column that you set with `TimestampColumnName` .", - "title": "TimestampColumnName", + "RuleIdentifier": { + "markdownDescription": "For organization config managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .", + "title": "RuleIdentifier", "type": "string" }, - "UseCsvNoSupValue": { - "markdownDescription": "This setting applies if the S3 output files during a change data capture (CDC) load are written in .csv format. If this setting is set to `true` for columns not included in the supplemental log, AWS DMS uses the value specified by [`CsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CsvNoSupValue) . If this setting isn't set or is set to `false` , AWS DMS uses the null value for these columns.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", - "title": "UseCsvNoSupValue", - "type": "boolean" - }, - "UseTaskStartTimeForFullLoadTimestamp": { - "markdownDescription": "When set to true, this parameter uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when `useTaskStartTimeForFullLoadTimestamp` is set to `true` , each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.\n\nWhen `useTaskStartTimeForFullLoadTimestamp` is set to `false` , the full load timestamp in the timestamp column increments with the time data arrives at the target.", - "title": "UseTaskStartTimeForFullLoadTimestamp", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DMS::Endpoint.SybaseSettings": { - "additionalProperties": false, - "properties": { - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SAP ASE endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the SAP SAE endpoint connection details.", - "title": "SecretsManagerSecretId", + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", "type": "string" } }, + "required": [ + "RuleIdentifier" + ], "type": "object" }, - "AWS::DMS::EventSubscription": { + "AWS::Config::OrganizationConformancePack": { "additionalProperties": false, "properties": { "Condition": { @@ -58049,59 +63758,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether to activate the subscription. If you don't specify this property, AWS CloudFormation activates the subscription.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { + "ConformancePackInputParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Config::OrganizationConformancePack.ConformancePackInputParameter" }, - "markdownDescription": "A list of event categories for a source type that you want to subscribe to. If you don't specify this property, you are notified about all event categories. For more information, see [Working with Events and Notifications](https://docs.aws.amazon.com//dms/latest/userguide/CHAP_Events.html) in the *AWS DMS User Guide* .", - "title": "EventCategories", + "markdownDescription": "A list of `ConformancePackInputParameter` objects.", + "title": "ConformancePackInputParameters", "type": "array" }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", - "title": "SnsTopicArn", + "DeliveryS3Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.\n\n> This field is optional.", + "title": "DeliveryS3Bucket", "type": "string" }, - "SourceIds": { + "DeliveryS3KeyPrefix": { + "markdownDescription": "Any folder structure you want to add to an Amazon S3 bucket.\n\n> This field is optional.", + "title": "DeliveryS3KeyPrefix", + "type": "string" + }, + "ExcludedAccounts": { "items": { "type": "string" }, - "markdownDescription": "A list of identifiers for which AWS DMS provides notification events.\n\nIf you don't specify a value, notifications are provided for all sources.\n\nIf you specify multiple values, they must be of the same type. For example, if you specify a database instance ID, then all of the other values must be database instance IDs.", - "title": "SourceIds", + "markdownDescription": "A comma-separated list of accounts excluded from organization conformance pack.", + "title": "ExcludedAccounts", "type": "array" }, - "SourceType": { - "markdownDescription": "The type of AWS DMS resource that generates the events. For example, if you want to be notified of events generated by a replication instance, you set this parameter to `replication-instance` . If this value isn't specified, all events are returned.\n\n*Valid values* : `replication-instance` | `replication-task`", - "title": "SourceType", + "OrganizationConformancePackName": { + "markdownDescription": "The name you assign to an organization conformance pack.", + "title": "OrganizationConformancePackName", "type": "string" }, - "SubscriptionName": { - "markdownDescription": "The name of the AWS DMS event notification subscription. This name must be less than 255 characters.", - "title": "SubscriptionName", + "TemplateBody": { + "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.", + "title": "TemplateBody", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more tags to be assigned to the event subscription.", - "title": "Tags", - "type": "array" + "TemplateS3Uri": { + "markdownDescription": "Location of file containing the template body. The uri must point to the conformance pack template (max size: 300 KB).", + "title": "TemplateS3Uri", + "type": "string" } }, "required": [ - "SnsTopicArn" + "OrganizationConformancePackName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::EventSubscription" + "AWS::Config::OrganizationConformancePack" ], "type": "string" }, @@ -58120,7 +63826,27 @@ ], "type": "object" }, - "AWS::DMS::InstanceProfile": { + "AWS::Config::OrganizationConformancePack.ConformancePackInputParameter": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterValue", + "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::Config::RemediationConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -58155,68 +63881,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the instance profile runs.", - "title": "AvailabilityZone", - "type": "string" + "Automatic": { + "markdownDescription": "The remediation is triggered automatically.", + "title": "Automatic", + "type": "boolean" }, - "Description": { - "markdownDescription": "A description of the instance profile. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", - "title": "Description", + "ConfigRuleName": { + "markdownDescription": "The name of the AWS Config rule.", + "title": "ConfigRuleName", "type": "string" }, - "InstanceProfileIdentifier": { - "markdownDescription": "The identifier of the instance profile. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "InstanceProfileIdentifier", - "type": "string" + "ExecutionControls": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ExecutionControls", + "markdownDescription": "An ExecutionControls object.", + "title": "ExecutionControls" }, - "InstanceProfileName": { - "markdownDescription": "The user-friendly name for the instance profile.", - "title": "InstanceProfileName", - "type": "string" + "MaximumAutomaticAttempts": { + "markdownDescription": "The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n\nFor example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.", + "title": "MaximumAutomaticAttempts", + "type": "number" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.\n\nIf you don't specify a value for the `KmsKeyArn` parameter, then AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyArn", - "type": "string" + "Parameters": { + "markdownDescription": "An object of the RemediationParameterValue. For more information, see [RemediationParameterValue](https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationParameterValue.html) .\n\n> The type is a map of strings to RemediationParameterValue.", + "title": "Parameters", + "type": "object" }, - "NetworkType": { - "markdownDescription": "Specifies the network type for the instance profile. A value of `IPV4` represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of `IPV6` represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of `DUAL` represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.", - "title": "NetworkType", + "ResourceType": { + "markdownDescription": "The type of a resource.", + "title": "ResourceType", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Specifies the accessibility options for the instance profile. A value of `true` represents an instance profile with a public IP address. A value of `false` represents an instance profile with a private IP address. The default value is `true` .", - "title": "PubliclyAccessible", - "type": "boolean" + "RetryAttemptSeconds": { + "markdownDescription": "Time window to determine whether or not to add a remediation exception to prevent infinite remediation attempts. If `MaximumAutomaticAttempts` remediation attempts have been made under `RetryAttemptSeconds` , a remediation exception will be added to the resource. If you do not select a number, the default is 60 seconds.\n\nFor example, if you specify `RetryAttemptSeconds` as 50 seconds and `MaximumAutomaticAttempts` as 5, AWS Config will run auto-remediations 5 times within 50 seconds before adding a remediation exception to the resource.", + "title": "RetryAttemptSeconds", + "type": "number" }, - "SubnetGroupIdentifier": { - "markdownDescription": "The identifier of the subnet group that is associated with the instance profile.", - "title": "SubnetGroupIdentifier", + "TargetId": { + "markdownDescription": "Target ID is the name of the SSM document.", + "title": "TargetId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "TargetType": { + "markdownDescription": "The type of the target. Target executes remediation. For example, SSM document.", + "title": "TargetType", + "type": "string" }, - "VpcSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security groups that are used with the instance profile. The VPC security group must work with the VPC containing the instance profile.", - "title": "VpcSecurityGroups", - "type": "array" + "TargetVersion": { + "markdownDescription": "Version of the target. For example, version of the SSM document.\n\n> If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.", + "title": "TargetVersion", + "type": "string" } }, + "required": [ + "ConfigRuleName", + "TargetId", + "TargetType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::InstanceProfile" + "AWS::Config::RemediationConfiguration" ], "type": "string" }, @@ -58230,11 +63955,76 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::MigrationProject": { + "AWS::Config::RemediationConfiguration.ExecutionControls": { + "additionalProperties": false, + "properties": { + "SsmControls": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.SsmControls", + "markdownDescription": "A SsmControls object.", + "title": "SsmControls" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.RemediationParameterValue": { + "additionalProperties": false, + "properties": { + "ResourceValue": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ResourceValue", + "markdownDescription": "The value is dynamic and changes at run-time.", + "title": "ResourceValue" + }, + "StaticValue": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.StaticValue", + "markdownDescription": "The value is static and does not change at run-time.", + "title": "StaticValue" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.ResourceValue": { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.SsmControls": { + "additionalProperties": false, + "properties": { + "ConcurrentExecutionRatePercentage": { + "markdownDescription": "The maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. You can specify a percentage, such as 10%. The default value is 10.", + "title": "ConcurrentExecutionRatePercentage", + "type": "number" + }, + "ErrorPercentage": { + "markdownDescription": "The percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. You can specify a percentage of errors, for example 10%. If you do not specifiy a percentage, the default is 50%. For example, if you set the ErrorPercentage to 40% for 10 non-compliant resources, then SSM stops running the automations when the fifth error is received.", + "title": "ErrorPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.StaticValue": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::Config::StoredQuery": { "additionalProperties": false, "properties": { "Condition": { @@ -58269,76 +64059,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A user-friendly description of the migration project.", - "title": "Description", - "type": "string" - }, - "InstanceProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile for your migration project.", - "title": "InstanceProfileArn", - "type": "string" - }, - "InstanceProfileIdentifier": { - "markdownDescription": "The identifier of the instance profile for your migration project.", - "title": "InstanceProfileIdentifier", - "type": "string" - }, - "InstanceProfileName": { - "markdownDescription": "The name of the associated instance profile.", - "title": "InstanceProfileName", + "QueryDescription": { + "markdownDescription": "A unique description for the query.", + "title": "QueryDescription", "type": "string" }, - "MigrationProjectIdentifier": { - "markdownDescription": "The identifier of the migration project. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "MigrationProjectIdentifier", + "QueryExpression": { + "markdownDescription": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`", + "title": "QueryExpression", "type": "string" }, - "MigrationProjectName": { - "markdownDescription": "The name of the migration project.", - "title": "MigrationProjectName", + "QueryName": { + "markdownDescription": "The name of the query.", + "title": "QueryName", "type": "string" }, - "SchemaConversionApplicationAttributes": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes", - "markdownDescription": "The schema conversion application attributes, including the Amazon S3 bucket name and Amazon S3 role ARN.", - "title": "SchemaConversionApplicationAttributes" - }, - "SourceDataProviderDescriptors": { - "items": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" - }, - "markdownDescription": "Information about the source data provider, including the name or ARN, and AWS Secrets Manager parameters.", - "title": "SourceDataProviderDescriptors", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" - }, - "TargetDataProviderDescriptors": { - "items": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" - }, - "markdownDescription": "Information about the target data provider, including the name or ARN, and AWS Secrets Manager parameters.", - "title": "TargetDataProviderDescriptors", - "type": "array" - }, - "TransformationRules": { - "markdownDescription": "The settings in JSON format for migration rules. Migration rules make it possible for you to change the object names according to the rules that you specify. For example, you can change an object name to lowercase or uppercase, add or remove a prefix or suffix, or rename objects.", - "title": "TransformationRules", - "type": "string" } }, + "required": [ + "QueryExpression", + "QueryName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::MigrationProject" + "AWS::Config::StoredQuery" ], "type": "string" }, @@ -58352,58 +64105,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::MigrationProject.DataProviderDescriptor": { - "additionalProperties": false, - "properties": { - "DataProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data provider.", - "title": "DataProviderArn", - "type": "string" - }, - "DataProviderIdentifier": { - "markdownDescription": "", - "title": "DataProviderIdentifier", - "type": "string" - }, - "DataProviderName": { - "markdownDescription": "The user-friendly name of the data provider.", - "title": "DataProviderName", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The ARN of the role used to access AWS Secrets Manager.", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider.", - "title": "SecretsManagerSecretId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes": { - "additionalProperties": false, - "properties": { - "S3BucketPath": { - "markdownDescription": "", - "title": "S3BucketPath", - "type": "string" - }, - "S3BucketRoleArn": { - "markdownDescription": "", - "title": "S3BucketRoleArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::ReplicationConfig": { + "AWS::Connect::AgentStatus": { "additionalProperties": false, "properties": { "Condition": { @@ -58438,68 +64145,60 @@ "Properties": { "additionalProperties": false, "properties": { - "ComputeConfig": { - "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig", - "markdownDescription": "Configuration parameters for provisioning an AWS DMS Serverless replication.", - "title": "ComputeConfig" - }, - "ReplicationConfigArn": { + "Description": { + "markdownDescription": "The description of the agent status.", + "title": "Description", "type": "string" }, - "ReplicationConfigIdentifier": { - "markdownDescription": "A unique identifier that you want to use to create a `ReplicationConfigArn` that is returned as part of the output from this action. You can then pass this output `ReplicationConfigArn` as the value of the `ReplicationConfigArn` option for other actions to identify both AWS DMS Serverless replications and replication configurations that you want those actions to operate on. For some actions, you can also use either this unique identifier or a corresponding ARN in action filters to identify the specific replication and replication configuration to operate on.", - "title": "ReplicationConfigIdentifier", - "type": "string" + "DisplayOrder": { + "markdownDescription": "The display order of the agent status.", + "title": "DisplayOrder", + "type": "number" }, - "ReplicationSettings": { - "markdownDescription": "Optional JSON settings for AWS DMS Serverless replications that are provisioned using this replication configuration. For example, see [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html) .", - "title": "ReplicationSettings", - "type": "object" - }, - "ReplicationType": { - "markdownDescription": "The type of AWS DMS Serverless replication to provision using this replication configuration.\n\nPossible values:\n\n- `\"full-load\"`\n- `\"cdc\"`\n- `\"full-load-and-cdc\"`", - "title": "ReplicationType", - "type": "string" - }, - "ResourceIdentifier": { - "markdownDescription": "Optional unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess) .", - "title": "ResourceIdentifier", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "SourceEndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration.", - "title": "SourceEndpointArn", + "Name": { + "markdownDescription": "The name of the agent status.", + "title": "Name", "type": "string" }, - "SupplementalSettings": { - "markdownDescription": "Optional JSON settings for specifying supplemental data. For more information, see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) .", - "title": "SupplementalSettings", - "type": "object" + "ResetOrderNumber": { + "markdownDescription": "A number indicating the reset order of the agent status.", + "title": "ResetOrderNumber", + "type": "boolean" }, - "TableMappings": { - "markdownDescription": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration. For more information, see [Specifying table selection and transformations rules using JSON](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.SelectionTransformation.html) .", - "title": "TableMappings", - "type": "object" + "State": { + "markdownDescription": "The state of the agent status.", + "title": "State", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more optional tags associated with resources used by the AWS DMS Serverless replication. For more information, see [Tagging resources in AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tagging.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, - "TargetEndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS serverless replication configuration.", - "title": "TargetEndpointArn", + "Type": { + "markdownDescription": "The type of agent status.", + "title": "Type", "type": "string" } }, + "required": [ + "InstanceArn", + "Name", + "State" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationConfig" + "AWS::Connect::AgentStatus" ], "type": "string" }, @@ -58513,68 +64212,85 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::ReplicationConfig.ComputeConfig": { + "AWS::Connect::ApprovedOrigin": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `\"us-west-2\"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` .", - "title": "AvailabilityZone", - "type": "string" - }, - "DnsNameServers": { - "markdownDescription": "A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", - "title": "DnsNameServers", + "Condition": { "type": "string" }, - "KmsKeyId": { - "markdownDescription": "An AWS Key Management Service ( AWS KMS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MaxCapacityUnits": { - "markdownDescription": "Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify.", - "title": "MaxCapacityUnits", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MinCapacityUnits": { - "markdownDescription": "Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` .", - "title": "MinCapacityUnits", - "type": "number" + "Metadata": { + "type": "object" }, - "MultiAZ": { - "markdownDescription": "Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` .", - "title": "MultiAZ", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", + "type": "string" + }, + "Origin": { + "markdownDescription": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`", + "title": "Origin", + "type": "string" + } + }, + "required": [ + "InstanceId", + "Origin" + ], + "type": "object" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` .\n\nThe default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` .\n\nConstraints include a minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", + "Type": { + "enum": [ + "AWS::Connect::ApprovedOrigin" + ], "type": "string" }, - "ReplicationSubnetGroupId": { - "markdownDescription": "Specifies a subnet group identifier to associate with the AWS DMS Serverless replication.", - "title": "ReplicationSubnetGroupId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "required": [ - "MaxCapacityUnits" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::ReplicationInstance": { + "AWS::Connect::ContactFlow": { "additionalProperties": false, "properties": { "Condition": { @@ -58609,96 +64325,56 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.", - "title": "AllocatedStorage", - "type": "number" - }, - "AllowMajorVersionUpgrade": { - "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage, and the change is asynchronously applied as soon as possible.\n\nThis parameter must be set to `true` when specifying a value for the `EngineVersion` parameter that is a different major version than the replication instance's current version.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the replication instance during the maintenance window. This parameter defaults to `true` .\n\nDefault: `true`", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone that the replication instance will be created in.\n\nThe default value is a random, system-chosen Availability Zone in the endpoint's AWS Region , for example `us-east-1d` .", - "title": "AvailabilityZone", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The engine version number of the replication instance.\n\nIf an engine version number is not specified when a replication instance is created, the default is the latest engine version available.", - "title": "EngineVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "An AWS KMS key identifier that is used to encrypt the data on the replication instance.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "Specifies whether the replication instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the Multi-AZ parameter is set to `true` .", - "title": "MultiAZ", - "type": "boolean" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in UTC.\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : A 30-minute window selected at random from an 8-hour block of time per AWS Region , occurring on a random day of the week.\n\n*Valid days* ( `ddd` ): `Mon` | `Tue` | `Wed` | `Thu` | `Fri` | `Sat` | `Sun`\n\n*Constraints* : Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", + "Content": { + "markdownDescription": "The content of the flow.\n\nFor more information, see [Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html) in the *Amazon Connect Administrator Guide* .", + "title": "Content", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Specifies the accessibility options for the replication instance. A value of `true` represents an instance with a public IP address. A value of `false` represents an instance with a private IP address. The default value is `true` .", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicationInstanceClass": { - "markdownDescription": "The compute and memory capacity of the replication instance as defined for the specified replication instance class. For example, to specify the instance class dms.c4.large, set this parameter to `\"dms.c4.large\"` . For more information on the settings and capacities for the available replication instance classes, see [Selecting the right AWS DMS replication instance for your migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.html#CHAP_ReplicationInstance.InDepth) in the *AWS Database Migration Service User Guide* .", - "title": "ReplicationInstanceClass", + "Description": { + "markdownDescription": "The description of the flow.", + "title": "Description", "type": "string" }, - "ReplicationInstanceIdentifier": { - "markdownDescription": "The replication instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain 1-63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `myrepinstance`", - "title": "ReplicationInstanceIdentifier", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "ReplicationSubnetGroupIdentifier": { - "markdownDescription": "A subnet group to associate with the replication instance.", - "title": "ReplicationSubnetGroupIdentifier", + "Name": { + "markdownDescription": "The name of the flow.", + "title": "Name", "type": "string" }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` . For example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", + "State": { + "markdownDescription": "The state of the flow.", + "title": "State", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the replication instance.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the virtual private cloud (VPC) security group to be used with the replication instance. The VPC security group must work with the VPC containing the replication instance.", - "title": "VpcSecurityGroupIds", - "type": "array" + "Type": { + "markdownDescription": "The type of the flow. For descriptions of the available types, see [Choose a flow type](https://docs.aws.amazon.com/connect/latest/adminguide/create-contact-flow.html#contact-flow-types) in the *Amazon Connect Administrator Guide* .", + "title": "Type", + "type": "string" } }, "required": [ - "ReplicationInstanceClass" + "Content", + "InstanceArn", + "Name", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationInstance" + "AWS::Connect::ContactFlow" ], "type": "string" }, @@ -58717,7 +64393,7 @@ ], "type": "object" }, - "AWS::DMS::ReplicationSubnetGroup": { + "AWS::Connect::ContactFlowModule": { "additionalProperties": false, "properties": { "Condition": { @@ -58752,42 +64428,50 @@ "Properties": { "additionalProperties": false, "properties": { - "ReplicationSubnetGroupDescription": { - "markdownDescription": "The description for the subnet group.", - "title": "ReplicationSubnetGroupDescription", + "Content": { + "markdownDescription": "The content of the flow module.", + "title": "Content", "type": "string" }, - "ReplicationSubnetGroupIdentifier": { - "markdownDescription": "The identifier for the replication subnet group. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the identifier.", - "title": "ReplicationSubnetGroupIdentifier", + "Description": { + "markdownDescription": "The description of the flow module.", + "title": "Description", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more subnet IDs to be assigned to the subnet group.", - "title": "SubnetIds", - "type": "array" + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the flow module.", + "title": "Name", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the flow module.", + "title": "State", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the subnet group.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "ReplicationSubnetGroupDescription", - "SubnetIds" + "Content", + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationSubnetGroup" + "AWS::Connect::ContactFlowModule" ], "type": "string" }, @@ -58806,7 +64490,7 @@ ], "type": "object" }, - "AWS::DMS::ReplicationTask": { + "AWS::Connect::ContactFlowVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -58841,87 +64525,116 @@ "Properties": { "additionalProperties": false, "properties": { - "CdcStartPosition": { - "markdownDescription": "Indicates when you want a change data capture (CDC) operation to start. Use either `CdcStartPosition` or `CdcStartTime` to specify when you want a CDC operation to start. Specifying both values results in an error.\n\nThe value can be in date, checkpoint, log sequence number (LSN), or system change number (SCN) format.\n\nHere is a date example: `--cdc-start-position \"2018-03-08T12:12:12\"`\n\nHere is a checkpoint example: `--cdc-start-position \"checkpoint:V1#27#mysql-bin-changelog.157832:1975:-1:2002:677883278264080:mysql-bin-changelog.157832:1876#0#0#*#0#93\"`\n\nHere is an LSN example: `--cdc-start-position \u201cmysql-bin-changelog.000024:373\u201d`\n\n> When you use this task setting with a source PostgreSQL database, a logical replication slot should already be created and associated with the source endpoint. You can verify this by setting the `slotName` extra connection attribute to the name of this logical replication slot. For more information, see [Extra Connection Attributes When Using PostgreSQL as a Source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "CdcStartPosition", - "type": "string" - }, - "CdcStartTime": { - "markdownDescription": "Indicates the start time for a change data capture (CDC) operation.", - "title": "CdcStartTime", - "type": "number" - }, - "CdcStopPosition": { - "markdownDescription": "Indicates when you want a change data capture (CDC) operation to stop. The value can be either server time or commit time.\n\nHere is a server time example: `--cdc-stop-position \"server_time:2018-02-09T12:12:12\"`\n\nHere is a commit time example: `--cdc-stop-position \"commit_time: 2018-02-09T12:12:12\"`", - "title": "CdcStopPosition", - "type": "string" - }, - "MigrationType": { - "markdownDescription": "The migration type. Valid values: `full-load` | `cdc` | `full-load-and-cdc`", - "title": "MigrationType", + "ContactFlowId": { + "markdownDescription": "The identifier of the flow.", + "title": "ContactFlowId", "type": "string" }, - "ReplicationInstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a replication instance.", - "title": "ReplicationInstanceArn", + "Description": { + "markdownDescription": "The description of the flow version.", + "title": "Description", "type": "string" - }, - "ReplicationTaskIdentifier": { - "markdownDescription": "An identifier for the replication task.\n\nConstraints:\n\n- Must contain 1-255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ReplicationTaskIdentifier", + } + }, + "required": [ + "ContactFlowId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::ContactFlowVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Connect::EmailAddress": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "ReplicationTaskSettings": { - "markdownDescription": "Overall settings for the task, in JSON format. For more information, see [Specifying Task Settings for AWS Database Migration Service Tasks](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html) in the *AWS Database Migration Service User Guide* .", - "title": "ReplicationTaskSettings", + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the email address.", + "title": "Description", "type": "string" }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", + "DisplayName": { + "markdownDescription": "The display name of email address.", + "title": "DisplayName", "type": "string" }, - "SourceEndpointArn": { - "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the source endpoint.", - "title": "SourceEndpointArn", + "EmailAddress": { + "markdownDescription": "The email address, including the domain.", + "title": "EmailAddress", "type": "string" }, - "TableMappings": { - "markdownDescription": "The table mappings for the task, in JSON format. For more information, see [Using Table Mapping to Specify Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html) in the *AWS Database Migration Service User Guide* .", - "title": "TableMappings", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the replication task.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" - }, - "TargetEndpointArn": { - "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the target endpoint.", - "title": "TargetEndpointArn", - "type": "string" - }, - "TaskData": { - "markdownDescription": "Supplemental information that the task requires to migrate the data for certain source and target endpoints. For more information, see [Specifying Supplemental Data for Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) in the *AWS Database Migration Service User Guide.*", - "title": "TaskData", - "type": "string" } }, "required": [ - "MigrationType", - "ReplicationInstanceArn", - "SourceEndpointArn", - "TableMappings", - "TargetEndpointArn" + "EmailAddress", + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationTask" + "AWS::Connect::EmailAddress" ], "type": "string" }, @@ -58940,7 +64653,7 @@ ], "type": "object" }, - "AWS::DataBrew::Dataset": { + "AWS::Connect::EvaluationForm": { "additionalProperties": false, "properties": { "Condition": { @@ -58975,49 +64688,64 @@ "Properties": { "additionalProperties": false, "properties": { - "Format": { - "markdownDescription": "The file format of a dataset that is created from an Amazon S3 file or folder.", - "title": "Format", + "AutoEvaluationConfiguration": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.AutoEvaluationConfiguration", + "markdownDescription": "", + "title": "AutoEvaluationConfiguration" + }, + "Description": { + "markdownDescription": "The description of the evaluation form.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", + "title": "Description", "type": "string" }, - "FormatOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FormatOptions", - "markdownDescription": "A set of options that define how DataBrew interprets the data in the dataset.", - "title": "FormatOptions" + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" }, - "Input": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.Input", - "markdownDescription": "Information on how DataBrew can find the dataset, in either the AWS Glue Data Catalog or Amazon S3 .", - "title": "Input" + "Items": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormBaseItem" + }, + "markdownDescription": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n\n*Minimum size* : 1\n\n*Maximum size* : 100", + "title": "Items", + "type": "array" }, - "Name": { - "markdownDescription": "The unique name of the dataset.", - "title": "Name", - "type": "string" + "ScoringStrategy": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.ScoringStrategy", + "markdownDescription": "A scoring strategy of the evaluation form.", + "title": "ScoringStrategy" }, - "PathOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.PathOptions", - "markdownDescription": "A set of options that defines how DataBrew interprets an Amazon S3 path of the dataset.", - "title": "PathOptions" + "Status": { + "markdownDescription": "The status of the evaluation form.\n\n*Allowed values* : `DRAFT` | `ACTIVE`", + "title": "Status", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the dataset.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "Title": { + "markdownDescription": "A title of the evaluation form.", + "title": "Title", + "type": "string" } }, "required": [ - "Input", - "Name" + "InstanceArn", + "Items", + "Status", + "Title" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Dataset" + "AWS::Connect::EvaluationForm" ], "type": "string" }, @@ -59036,363 +64764,380 @@ ], "type": "object" }, - "AWS::DataBrew::Dataset.CsvOptions": { + "AWS::Connect::EvaluationForm.AutoEvaluationConfiguration": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "A single character that specifies the delimiter being used in the CSV file.", - "title": "Delimiter", - "type": "string" - }, - "HeaderRow": { - "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", - "title": "HeaderRow", + "Enabled": { + "markdownDescription": "", + "title": "Enabled", "type": "boolean" } }, "type": "object" }, - "AWS::DataBrew::Dataset.DataCatalogInputDefinition": { + "AWS::Connect::EvaluationForm.EvaluationFormBaseItem": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", - "type": "string" + "Section": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", + "markdownDescription": "A subsection or inner section of an item.", + "title": "Section" + } + }, + "required": [ + "Section" + ], + "type": "object" + }, + "AWS::Connect::EvaluationForm.EvaluationFormItem": { + "additionalProperties": false, + "properties": { + "Question": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestion", + "markdownDescription": "The information of the question.", + "title": "Question" }, - "TableName": { - "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", - "title": "TableName", - "type": "string" + "Section": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", + "markdownDescription": "The information of the section.", + "title": "Section" + } + }, + "type": "object" + }, + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation": { + "additionalProperties": false, + "properties": { + "AnswerSource": { + "markdownDescription": "", + "title": "AnswerSource", + "type": "object" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", - "title": "TempDirectory" + "PropertyValue": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation", + "markdownDescription": "The property value of the automation.", + "title": "PropertyValue" } }, "type": "object" }, - "AWS::DataBrew::Dataset.DatabaseInputDefinition": { + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption": { "additionalProperties": false, "properties": { - "DatabaseTableName": { - "markdownDescription": "The table within the target database.", - "title": "DatabaseTableName", - "type": "string" + "AutomaticFail": { + "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", + "title": "AutomaticFail", + "type": "boolean" }, - "GlueConnectionName": { - "markdownDescription": "The AWS Glue Connection that stores the connection information for the target database.", - "title": "GlueConnectionName", - "type": "string" + "MaxValue": { + "markdownDescription": "The maximum answer value of the range option.", + "title": "MaxValue", + "type": "number" }, - "QueryString": { - "markdownDescription": "Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs.", - "title": "QueryString", - "type": "string" + "MinValue": { + "markdownDescription": "The minimum answer value of the range option.", + "title": "MinValue", + "type": "number" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", - "title": "TempDirectory" + "Score": { + "markdownDescription": "The score assigned to answer values within the range option.\n\n*Minimum* : 0\n\n*Maximum* : 10", + "title": "Score", + "type": "number" } }, "required": [ - "GlueConnectionName" + "MaxValue", + "MinValue" ], "type": "object" }, - "AWS::DataBrew::Dataset.DatasetParameter": { + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties": { "additionalProperties": false, "properties": { - "CreateColumn": { - "markdownDescription": "Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset.", - "title": "CreateColumn", - "type": "boolean" - }, - "DatetimeOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatetimeOptions", - "markdownDescription": "Additional parameter options such as a format and a timezone. Required for datetime parameters.", - "title": "DatetimeOptions" + "Automation": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation", + "markdownDescription": "The automation properties of the numeric question.", + "title": "Automation" }, - "Filter": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", - "markdownDescription": "The optional filter expression structure to apply additional matching criteria to the parameter.", - "title": "Filter" + "MaxValue": { + "markdownDescription": "The maximum answer value.", + "title": "MaxValue", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the parameter that is used in the dataset's Amazon S3 path.", - "title": "Name", - "type": "string" + "MinValue": { + "markdownDescription": "The minimum answer value.", + "title": "MinValue", + "type": "number" }, - "Type": { - "markdownDescription": "The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'.", - "title": "Type", - "type": "string" + "Options": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption" + }, + "markdownDescription": "The scoring options of the numeric question.", + "title": "Options", + "type": "array" } }, "required": [ - "Name", - "Type" + "MaxValue", + "MinValue" ], "type": "object" }, - "AWS::DataBrew::Dataset.DatetimeOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormQuestion": { "additionalProperties": false, "properties": { - "Format": { - "markdownDescription": "Required option, that defines the datetime format used for a date parameter in the Amazon S3 path. Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. \"MM.dd.yyyy-'at'-HH:mm\".", - "title": "Format", + "Instructions": { + "markdownDescription": "The instructions of the section.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", + "title": "Instructions", "type": "string" }, - "LocaleCode": { - "markdownDescription": "Optional value for a non-US locale code, needed for correct interpretation of some date formats.", - "title": "LocaleCode", + "NotApplicableEnabled": { + "markdownDescription": "The flag to enable not applicable answers to the question.", + "title": "NotApplicableEnabled", + "type": "boolean" + }, + "QuestionType": { + "markdownDescription": "The type of the question.\n\n*Allowed values* : `NUMERIC` | `SINGLESELECT` | `TEXT`", + "title": "QuestionType", "type": "string" }, - "TimezoneOffset": { - "markdownDescription": "Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path. Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed.", - "title": "TimezoneOffset", + "QuestionTypeProperties": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties", + "markdownDescription": "The properties of the type of question. Text questions do not have to define question type properties.", + "title": "QuestionTypeProperties" + }, + "RefId": { + "markdownDescription": "The identifier of the question. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 350.", + "title": "Title", "type": "string" + }, + "Weight": { + "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", + "title": "Weight", + "type": "number" } }, "required": [ - "Format" + "QuestionType", + "RefId", + "Title" ], "type": "object" }, - "AWS::DataBrew::Dataset.ExcelOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties": { "additionalProperties": false, "properties": { - "HeaderRow": { - "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", - "title": "HeaderRow", - "type": "boolean" - }, - "SheetIndexes": { - "items": { - "type": "number" - }, - "markdownDescription": "One or more sheet numbers in the Excel file that will be included in the dataset.", - "title": "SheetIndexes", - "type": "array" + "Numeric": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties", + "markdownDescription": "The properties of the numeric question.", + "title": "Numeric" }, - "SheetNames": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more named sheets in the Excel file that will be included in the dataset.", - "title": "SheetNames", - "type": "array" + "SingleSelect": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties", + "markdownDescription": "The properties of the numeric question.", + "title": "SingleSelect" } }, "type": "object" }, - "AWS::DataBrew::Dataset.FilesLimit": { + "AWS::Connect::EvaluationForm.EvaluationFormSection": { "additionalProperties": false, "properties": { - "MaxFiles": { - "markdownDescription": "The number of Amazon S3 files to select.", - "title": "MaxFiles", - "type": "number" + "Instructions": { + "markdownDescription": "The instructions of the section.", + "title": "Instructions", + "type": "string" }, - "Order": { - "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING.", - "title": "Order", + "Items": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormItem" + }, + "markdownDescription": "The items of the section.\n\n*Minimum* : 1", + "title": "Items", + "type": "array" + }, + "RefId": { + "markdownDescription": "The identifier of the section. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", "type": "string" }, - "OrderedBy": { - "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value.", - "title": "OrderedBy", + "Title": { + "markdownDescription": "The title of the section.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", + "title": "Title", "type": "string" + }, + "Weight": { + "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", + "title": "Weight", + "type": "number" } }, "required": [ - "MaxFiles" + "RefId", + "Title" ], "type": "object" }, - "AWS::DataBrew::Dataset.FilterExpression": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions. For example, \"(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)\". Substitution variables should start with ':' symbol.", - "title": "Expression", + "DefaultOptionRefId": { + "markdownDescription": "The identifier of the default answer option, when none of the automation options match the criteria.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "DefaultOptionRefId", "type": "string" }, - "ValuesMap": { + "Options": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterValue" + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption" }, - "markdownDescription": "The map of substitution variable names to their values used in this filter expression.", - "title": "ValuesMap", + "markdownDescription": "The automation options of the single select question.\n\n*Minimum* : 1\n\n*Maximum* : 20", + "title": "Options", "type": "array" } }, "required": [ - "Expression", - "ValuesMap" + "Options" ], "type": "object" }, - "AWS::DataBrew::Dataset.FilterValue": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to be associated with the substitution variable.", - "title": "Value", - "type": "string" - }, - "ValueReference": { - "markdownDescription": "The substitution variable reference.", - "title": "ValueReference", - "type": "string" + "RuleCategory": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation", + "markdownDescription": "The automation option based on a rule category for the single select question.", + "title": "RuleCategory" } }, "required": [ - "Value", - "ValueReference" + "RuleCategory" ], "type": "object" }, - "AWS::DataBrew::Dataset.FormatOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.CsvOptions", - "markdownDescription": "Options that define how CSV input is to be interpreted by DataBrew.", - "title": "Csv" + "AutomaticFail": { + "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", + "title": "AutomaticFail", + "type": "boolean" }, - "Excel": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.ExcelOptions", - "markdownDescription": "Options that define how Excel input is to be interpreted by DataBrew.", - "title": "Excel" + "RefId": { + "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", + "type": "string" }, - "Json": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.JsonOptions", - "markdownDescription": "Options that define how JSON input is to be interpreted by DataBrew.", - "title": "Json" + "Score": { + "markdownDescription": "The score assigned to the answer option.\n\n*Minimum* : 0\n\n*Maximum* : 10", + "title": "Score", + "type": "number" + }, + "Text": { + "markdownDescription": "The title of the answer option.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", + "title": "Text", + "type": "string" } }, + "required": [ + "RefId", + "Text" + ], "type": "object" }, - "AWS::DataBrew::Dataset.Input": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties": { "additionalProperties": false, "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "DatabaseInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatabaseInputDefinition", - "markdownDescription": "Connection information for dataset input files stored in a database.", - "title": "DatabaseInputDefinition" + "Automation": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation", + "markdownDescription": "The display mode of the single select question.", + "title": "Automation" }, - "Metadata": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.Metadata", - "markdownDescription": "Contains additional resource information needed for specific datasets.", - "title": "Metadata" + "DisplayAs": { + "markdownDescription": "The display mode of the single select question.\n\n*Allowed values* : `DROPDOWN` | `RADIO`", + "title": "DisplayAs", + "type": "string" }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" - } - }, - "type": "object" - }, - "AWS::DataBrew::Dataset.JsonOptions": { - "additionalProperties": false, - "properties": { - "MultiLine": { - "markdownDescription": "A value that specifies whether JSON input contains embedded new line characters.", - "title": "MultiLine", - "type": "boolean" + "Options": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption" + }, + "markdownDescription": "The answer options of the single select question.\n\n*Minimum* : 2\n\n*Maximum* : 256", + "title": "Options", + "type": "array" } }, + "required": [ + "Options" + ], "type": "object" }, - "AWS::DataBrew::Dataset.Metadata": { + "AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation": { "additionalProperties": false, "properties": { - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) associated with the dataset. Currently, DataBrew only supports ARNs from Amazon AppFlow.", - "title": "SourceArn", + "Label": { + "markdownDescription": "The property label of the automation.", + "title": "Label", "type": "string" } }, + "required": [ + "Label" + ], "type": "object" }, - "AWS::DataBrew::Dataset.PathOptions": { - "additionalProperties": false, - "properties": { - "FilesLimit": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilesLimit", - "markdownDescription": "If provided, this structure imposes a limit on a number of files that should be selected.", - "title": "FilesLimit" - }, - "LastModifiedDateCondition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", - "markdownDescription": "If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 .", - "title": "LastModifiedDateCondition" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.PathParameter" - }, - "markdownDescription": "A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions.", - "title": "Parameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DataBrew::Dataset.PathParameter": { + "AWS::Connect::EvaluationForm.ScoringStrategy": { "additionalProperties": false, "properties": { - "DatasetParameter": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatasetParameter", - "markdownDescription": "The path parameter definition.", - "title": "DatasetParameter" + "Mode": { + "markdownDescription": "The scoring mode of the evaluation form.\n\n*Allowed values* : `QUESTION_ONLY` | `SECTION_ONLY`", + "title": "Mode", + "type": "string" }, - "PathParameterName": { - "markdownDescription": "The name of the path parameter.", - "title": "PathParameterName", + "Status": { + "markdownDescription": "The scoring status of the evaluation form.\n\n*Allowed values* : `ENABLED` | `DISABLED`", + "title": "Status", "type": "string" } }, "required": [ - "DatasetParameter", - "PathParameterName" + "Mode", + "Status" ], "type": "object" }, - "AWS::DataBrew::Dataset.S3Location": { + "AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", + "Category": { + "markdownDescription": "The category name, as defined in Rules.\n\n*Minimum* : 1\n\n*Maximum* : 50", + "title": "Category", "type": "string" }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", + "Condition": { + "markdownDescription": "The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category.\n\n*Allowed values* : `PRESENT` | `NOT_PRESENT`\n\n*Maximum* : 50", + "title": "Condition", + "type": "string" + }, + "OptionRefId": { + "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "OptionRefId", "type": "string" } }, "required": [ - "Bucket" + "Category", + "Condition", + "OptionRefId" ], "type": "object" }, - "AWS::DataBrew::Job": { + "AWS::Connect::HoursOfOperation": { "additionalProperties": false, "properties": { "Condition": { @@ -59427,132 +65172,62 @@ "Properties": { "additionalProperties": false, "properties": { - "DataCatalogOutputs": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.DataCatalogOutput" - }, - "markdownDescription": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.", - "title": "DataCatalogOutputs", - "type": "array" - }, - "DatabaseOutputs": { + "Config": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseOutput" + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationConfig" }, - "markdownDescription": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.", - "title": "DatabaseOutputs", + "markdownDescription": "Configuration information for the hours of operation.", + "title": "Config", "type": "array" }, - "DatasetName": { - "markdownDescription": "A dataset that the job is to process.", - "title": "DatasetName", - "type": "string" - }, - "EncryptionKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key that is used to protect the job output. For more information, see [Encrypting data written by DataBrew jobs](https://docs.aws.amazon.com/databrew/latest/dg/encryption-security-configuration.html)", - "title": "EncryptionKeyArn", - "type": "string" - }, - "EncryptionMode": { - "markdownDescription": "The encryption mode for the job, which can be one of the following:\n\n- `SSE-KMS` - Server-side encryption with keys managed by AWS KMS .\n- `SSE-S3` - Server-side encryption with keys managed by Amazon S3.", - "title": "EncryptionMode", - "type": "string" - }, - "JobSample": { - "$ref": "#/definitions/AWS::DataBrew::Job.JobSample", - "markdownDescription": "A sample configuration for profile jobs only, which determines the number of rows on which the profile job is run. If a `JobSample` value isn't provided, the default value is used. The default value is CUSTOM_ROWS for the mode parameter and 20,000 for the size parameter.", - "title": "JobSample" - }, - "LogSubscription": { - "markdownDescription": "The current status of Amazon CloudWatch logging for the job.", - "title": "LogSubscription", - "type": "string" - }, - "MaxCapacity": { - "markdownDescription": "The maximum number of nodes that can be consumed when the job processes data.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry the job after a job run fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "The unique name of the job.", - "title": "Name", + "Description": { + "markdownDescription": "The description for the hours of operation.", + "title": "Description", "type": "string" }, - "OutputLocation": { - "$ref": "#/definitions/AWS::DataBrew::Job.OutputLocation", - "markdownDescription": "The location in Amazon S3 where the job writes its output.", - "title": "OutputLocation" - }, - "Outputs": { + "HoursOfOperationOverrides": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.Output" + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationOverride" }, - "markdownDescription": "One or more artifacts that represent output from running the job.", - "title": "Outputs", + "markdownDescription": "", + "title": "HoursOfOperationOverrides", "type": "array" }, - "ProfileConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.ProfileConfiguration", - "markdownDescription": "Configuration for profile jobs. Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.", - "title": "ProfileConfiguration" - }, - "ProjectName": { - "markdownDescription": "The name of the project that the job is associated with.", - "title": "ProjectName", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Recipe": { - "$ref": "#/definitions/AWS::DataBrew::Job.Recipe", - "markdownDescription": "A series of data transformation steps that the job runs.", - "title": "Recipe" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role to be assumed for this job.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name for the hours of operation.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the job.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, - "Timeout": { - "markdownDescription": "The job's timeout in minutes. A job that attempts to run longer than this timeout period ends with a status of `TIMEOUT` .", - "title": "Timeout", - "type": "number" - }, - "Type": { - "markdownDescription": "The job type of the job, which must be one of the following:\n\n- `PROFILE` - A job to analyze a dataset, to determine its size, data types, data distribution, and more.\n- `RECIPE` - A job to apply one or more transformations to a dataset.", - "title": "Type", - "type": "string" - }, - "ValidationConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ValidationConfiguration" - }, - "markdownDescription": "List of validation configurations that are applied to the profile job.", - "title": "ValidationConfigurations", - "type": "array" + "TimeZone": { + "markdownDescription": "The time zone for the hours of operation.", + "title": "TimeZone", + "type": "string" } }, "required": [ + "Config", + "InstanceArn", "Name", - "RoleArn", - "Type" + "TimeZone" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Job" + "AWS::Connect::HoursOfOperation" ], "type": "string" }, @@ -59571,433 +65246,582 @@ ], "type": "object" }, - "AWS::DataBrew::Job.AllowedStatistics": { - "additionalProperties": false, - "properties": { - "Statistics": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more column statistics to allow for columns that contain detected entities.", - "title": "Statistics", - "type": "array" - } - }, - "required": [ - "Statistics" - ], - "type": "object" - }, - "AWS::DataBrew::Job.ColumnSelector": { + "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a column from a dataset.", - "title": "Name", + "Day": { + "markdownDescription": "The day that the hours of operation applies to.", + "title": "Day", "type": "string" }, - "Regex": { - "markdownDescription": "A regular expression for selecting a column from a dataset.", - "title": "Regex", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.ColumnStatisticsConfiguration": { - "additionalProperties": false, - "properties": { - "Selectors": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" - }, - "markdownDescription": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.", - "title": "Selectors", - "type": "array" + "EndTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", + "markdownDescription": "The end time that your contact center closes.", + "title": "EndTime" }, - "Statistics": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", - "markdownDescription": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations.", - "title": "Statistics" + "StartTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", + "markdownDescription": "The start time that your contact center opens.", + "title": "StartTime" } }, "required": [ - "Statistics" + "Day", + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::DataBrew::Job.CsvOutputOptions": { - "additionalProperties": false, - "properties": { - "Delimiter": { - "markdownDescription": "A single character that specifies the delimiter used to create CSV job output.", - "title": "Delimiter", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.DataCatalogOutput": { + "AWS::Connect::HoursOfOperation.HoursOfOperationOverride": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", + "EffectiveFrom": { + "markdownDescription": "The date from which the hours of operation override would be effective.", + "title": "EffectiveFrom", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", + "EffectiveTill": { + "markdownDescription": "The date till which the hours of operation override would be effective.", + "title": "EffectiveTill", "type": "string" }, - "DatabaseOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", - "title": "DatabaseOptions" - }, - "Overwrite": { - "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions.", - "title": "Overwrite", - "type": "boolean" - }, - "S3Options": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3TableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.", - "title": "S3Options" - }, - "TableName": { - "markdownDescription": "The name of a table in the Data Catalog.", - "title": "TableName", + "HoursOfOperationOverrideId": { + "markdownDescription": "The identifier for the hours of operation override.", + "title": "HoursOfOperationOverrideId", "type": "string" - } - }, - "required": [ - "DatabaseName", - "TableName" - ], - "type": "object" - }, - "AWS::DataBrew::Job.DatabaseOutput": { - "additionalProperties": false, - "properties": { - "DatabaseOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", - "title": "DatabaseOptions" }, - "DatabaseOutputMode": { - "markdownDescription": "The output mode to write into the database. Currently supported option: NEW_TABLE.", - "title": "DatabaseOutputMode", + "OverrideConfig": { + "items": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationOverrideConfig" + }, + "markdownDescription": "", + "title": "OverrideConfig", + "type": "array" + }, + "OverrideDescription": { + "markdownDescription": "", + "title": "OverrideDescription", "type": "string" }, - "GlueConnectionName": { - "markdownDescription": "The AWS Glue connection that stores the connection information for the target database.", - "title": "GlueConnectionName", + "OverrideName": { + "markdownDescription": "", + "title": "OverrideName", "type": "string" } }, "required": [ - "DatabaseOptions", - "GlueConnectionName" + "EffectiveFrom", + "EffectiveTill", + "OverrideConfig", + "OverrideName" ], "type": "object" }, - "AWS::DataBrew::Job.DatabaseTableOutputOptions": { + "AWS::Connect::HoursOfOperation.HoursOfOperationOverrideConfig": { "additionalProperties": false, "properties": { - "TableName": { - "markdownDescription": "A prefix for the name of a table DataBrew will create in the database.", - "title": "TableName", + "Day": { + "markdownDescription": "The day that the hours of operation override applies to.", + "title": "Day", "type": "string" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results.", - "title": "TempDirectory" + "EndTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.OverrideTimeSlice", + "markdownDescription": "The end time that your contact center closes if overrides are applied.", + "title": "EndTime" + }, + "StartTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.OverrideTimeSlice", + "markdownDescription": "The start time when your contact center opens if overrides are applied.", + "title": "StartTime" } }, "required": [ - "TableName" + "Day", + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::DataBrew::Job.EntityDetectorConfiguration": { + "AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice": { "additionalProperties": false, "properties": { - "AllowedStatistics": { - "$ref": "#/definitions/AWS::DataBrew::Job.AllowedStatistics", - "markdownDescription": "Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities.", - "title": "AllowedStatistics" + "Hours": { + "markdownDescription": "The hours.", + "title": "Hours", + "type": "number" }, - "EntityTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Entity types to detect. Can be any of the following:\n\n- USA_SSN\n- EMAIL\n- USA_ITIN\n- USA_PASSPORT_NUMBER\n- PHONE_NUMBER\n- USA_DRIVING_LICENSE\n- BANK_ACCOUNT\n- CREDIT_CARD\n- IP_ADDRESS\n- MAC_ADDRESS\n- USA_DEA_NUMBER\n- USA_HCPCS_CODE\n- USA_NATIONAL_PROVIDER_IDENTIFIER\n- USA_NATIONAL_DRUG_CODE\n- USA_HEALTH_INSURANCE_CLAIM_NUMBER\n- USA_MEDICARE_BENEFICIARY_IDENTIFIER\n- USA_CPT_CODE\n- PERSON_NAME\n- DATE\n\nThe Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE.", - "title": "EntityTypes", - "type": "array" + "Minutes": { + "markdownDescription": "The minutes.", + "title": "Minutes", + "type": "number" } }, "required": [ - "EntityTypes" + "Hours", + "Minutes" ], "type": "object" }, - "AWS::DataBrew::Job.JobSample": { + "AWS::Connect::HoursOfOperation.OverrideTimeSlice": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following:\n\n- FULL_DATASET - The profile job is run on the entire dataset.\n- CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter.", - "title": "Mode", - "type": "string" + "Hours": { + "markdownDescription": "The hours.", + "title": "Hours", + "type": "number" }, - "Size": { - "markdownDescription": "The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.\n\nLong.MAX_VALUE = 9223372036854775807", - "title": "Size", + "Minutes": { + "markdownDescription": "The minutes.", + "title": "Minutes", "type": "number" } }, + "required": [ + "Hours", + "Minutes" + ], "type": "object" }, - "AWS::DataBrew::Job.Output": { + "AWS::Connect::Instance": { "additionalProperties": false, "properties": { - "CompressionFormat": { - "markdownDescription": "The compression algorithm used to compress the output text of the job.", - "title": "CompressionFormat", + "Condition": { "type": "string" }, - "Format": { - "markdownDescription": "The data format of the output of the job.", - "title": "Format", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.OutputFormatOptions", - "markdownDescription": "Represents options that define how DataBrew formats job output files.", - "title": "FormatOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Location": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "The location in Amazon S3 where the job writes its output.", - "title": "Location" + "Metadata": { + "type": "object" }, - "MaxOutputFiles": { - "markdownDescription": "The maximum number of files to be generated by the job and written to the output folder.", - "title": "MaxOutputFiles", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Attributes": { + "$ref": "#/definitions/AWS::Connect::Instance.Attributes", + "markdownDescription": "A toggle for an individual feature at the instance level.", + "title": "Attributes" + }, + "DirectoryId": { + "markdownDescription": "The identifier for the directory.", + "title": "DirectoryId", + "type": "string" + }, + "IdentityManagementType": { + "markdownDescription": "The identity management type.", + "title": "IdentityManagementType", + "type": "string" + }, + "InstanceAlias": { + "markdownDescription": "The alias of instance. `InstanceAlias` is only required when `IdentityManagementType` is `CONNECT_MANAGED` or `SAML` . `InstanceAlias` is not required when `IdentityManagementType` is `EXISTING_DIRECTORY` .", + "title": "InstanceAlias", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Attributes", + "IdentityManagementType" + ], + "type": "object" }, - "Overwrite": { - "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output.", - "title": "Overwrite", - "type": "boolean" + "Type": { + "enum": [ + "AWS::Connect::Instance" + ], + "type": "string" }, - "PartitionColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of one or more partition columns for the output of the job.", - "title": "PartitionColumns", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Location" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Job.OutputFormatOptions": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DataBrew::Job.CsvOutputOptions", - "markdownDescription": "Represents a set of options that define the structure of comma-separated value (CSV) job output.", - "title": "Csv" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.OutputLocation": { + "AWS::Connect::Instance.Attributes": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" + "AutoResolveBestVoices": { + "markdownDescription": "", + "title": "AutoResolveBestVoices", + "type": "boolean" }, - "BucketOwner": { + "ContactLens": { "markdownDescription": "", - "title": "BucketOwner", - "type": "string" + "title": "ContactLens", + "type": "boolean" }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", - "type": "string" + "ContactflowLogs": { + "markdownDescription": "", + "title": "ContactflowLogs", + "type": "boolean" + }, + "EarlyMedia": { + "markdownDescription": "", + "title": "EarlyMedia", + "type": "boolean" + }, + "EnhancedChatMonitoring": { + "markdownDescription": "", + "title": "EnhancedChatMonitoring", + "type": "boolean" + }, + "EnhancedContactMonitoring": { + "markdownDescription": "", + "title": "EnhancedContactMonitoring", + "type": "boolean" + }, + "HighVolumeOutBound": { + "markdownDescription": "", + "title": "HighVolumeOutBound", + "type": "boolean" + }, + "InboundCalls": { + "markdownDescription": "", + "title": "InboundCalls", + "type": "boolean" + }, + "MultiPartyChatConference": { + "markdownDescription": "", + "title": "MultiPartyChatConference", + "type": "boolean" + }, + "MultiPartyConference": { + "markdownDescription": "", + "title": "MultiPartyConference", + "type": "boolean" + }, + "OutboundCalls": { + "markdownDescription": "", + "title": "OutboundCalls", + "type": "boolean" + }, + "UseCustomTTSVoices": { + "markdownDescription": "", + "title": "UseCustomTTSVoices", + "type": "boolean" } }, "required": [ - "Bucket" + "InboundCalls", + "OutboundCalls" ], "type": "object" }, - "AWS::DataBrew::Job.ProfileConfiguration": { + "AWS::Connect::InstanceStorageConfig": { "additionalProperties": false, "properties": { - "ColumnStatisticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnStatisticsConfiguration" - }, - "markdownDescription": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.", - "title": "ColumnStatisticsConfigurations", - "type": "array" + "Condition": { + "type": "string" }, - "DatasetStatisticsConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", - "markdownDescription": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.", - "title": "DatasetStatisticsConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "EntityDetectorConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.EntityDetectorConfiguration", - "markdownDescription": "Configuration of entity detection for a profile job. When undefined, entity detection is disabled.", - "title": "EntityDetectorConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ProfileColumns": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "KinesisFirehoseConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig", + "markdownDescription": "The configuration of the Kinesis Firehose delivery stream.", + "title": "KinesisFirehoseConfig" + }, + "KinesisStreamConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisStreamConfig", + "markdownDescription": "The configuration of the Kinesis data stream.", + "title": "KinesisStreamConfig" + }, + "KinesisVideoStreamConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig", + "markdownDescription": "The configuration of the Kinesis video stream.", + "title": "KinesisVideoStreamConfig" + }, + "ResourceType": { + "markdownDescription": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`", + "title": "ResourceType", + "type": "string" + }, + "S3Config": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.S3Config", + "markdownDescription": "The S3 bucket configuration.", + "title": "S3Config" + }, + "StorageType": { + "markdownDescription": "A valid storage type.", + "title": "StorageType", + "type": "string" + } }, - "markdownDescription": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.", - "title": "ProfileColumns", - "type": "array" + "required": [ + "InstanceArn", + "ResourceType", + "StorageType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::InstanceStorageConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DataBrew::Job.Recipe": { + "AWS::Connect::InstanceStorageConfig.EncryptionConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The unique name for the recipe.", - "title": "Name", + "EncryptionType": { + "markdownDescription": "The type of encryption.", + "title": "EncryptionType", "type": "string" }, - "Version": { - "markdownDescription": "The identifier for the version for the recipe.", - "title": "Version", + "KeyId": { + "markdownDescription": "The full ARN of the encryption key.\n\n> Be sure to provide the full ARN of the encryption key, not just the ID.\n> \n> Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) .", + "title": "KeyId", "type": "string" } }, "required": [ - "Name" + "EncryptionType", + "KeyId" ], "type": "object" }, - "AWS::DataBrew::Job.S3Location": { + "AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account ID of the bucket owner.", - "title": "BucketOwner", - "type": "string" - }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", + "FirehoseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", + "title": "FirehoseArn", "type": "string" } }, "required": [ - "Bucket" + "FirehoseArn" ], "type": "object" }, - "AWS::DataBrew::Job.S3TableOutputOptions": { + "AWS::Connect::InstanceStorageConfig.KinesisStreamConfig": { "additionalProperties": false, "properties": { - "Location": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job.", - "title": "Location" + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data stream.", + "title": "StreamArn", + "type": "string" } }, "required": [ - "Location" + "StreamArn" ], "type": "object" }, - "AWS::DataBrew::Job.StatisticOverride": { + "AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig": { "additionalProperties": false, "properties": { - "Parameters": { - "additionalProperties": true, - "markdownDescription": "A map that includes overrides of an evaluation\u2019s parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", + "markdownDescription": "The encryption configuration.", + "title": "EncryptionConfig" }, - "Statistic": { - "markdownDescription": "The name of an evaluation", - "title": "Statistic", + "Prefix": { + "markdownDescription": "The prefix of the video stream.", + "title": "Prefix", "type": "string" + }, + "RetentionPeriodHours": { + "markdownDescription": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream.\n\nThe default value is 0, indicating that the stream does not persist data.", + "title": "RetentionPeriodHours", + "type": "number" } }, "required": [ - "Parameters", - "Statistic" + "EncryptionConfig", + "Prefix", + "RetentionPeriodHours" ], "type": "object" }, - "AWS::DataBrew::Job.StatisticsConfiguration": { + "AWS::Connect::InstanceStorageConfig.S3Config": { "additionalProperties": false, "properties": { - "IncludedStatistics": { - "items": { - "type": "string" - }, - "markdownDescription": "List of included evaluations. When the list is undefined, all supported evaluations will be included.", - "title": "IncludedStatistics", - "type": "array" + "BucketName": { + "markdownDescription": "The S3 bucket name.", + "title": "BucketName", + "type": "string" }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticOverride" - }, - "markdownDescription": "List of overrides for evaluations.", - "title": "Overrides", - "type": "array" + "BucketPrefix": { + "markdownDescription": "The S3 bucket prefix.", + "title": "BucketPrefix", + "type": "string" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", + "markdownDescription": "The Amazon S3 encryption configuration.", + "title": "EncryptionConfig" } }, + "required": [ + "BucketName", + "BucketPrefix" + ], "type": "object" }, - "AWS::DataBrew::Job.ValidationConfiguration": { + "AWS::Connect::IntegrationAssociation": { "additionalProperties": false, "properties": { - "RulesetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job. The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job.", - "title": "RulesetArn", + "Condition": { "type": "string" }, - "ValidationMode": { - "markdownDescription": "Mode of data quality validation. Default mode is \u201cCHECK_ALL\u201d which verifies all rules defined in the selected ruleset.", - "title": "ValidationMode", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", + "type": "string" + }, + "IntegrationArn": { + "markdownDescription": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`", + "title": "IntegrationArn", + "type": "string" + }, + "IntegrationType": { + "markdownDescription": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`", + "title": "IntegrationType", + "type": "string" + } + }, + "required": [ + "InstanceId", + "IntegrationArn", + "IntegrationType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::IntegrationAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "RulesetArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Project": { + "AWS::Connect::PhoneNumber": { "additionalProperties": false, "properties": { "Condition": { @@ -60032,51 +65856,53 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetName": { - "markdownDescription": "The dataset that the project is to act upon.", - "title": "DatasetName", + "CountryCode": { + "markdownDescription": "The ISO country code.", + "title": "CountryCode", "type": "string" }, - "Name": { - "markdownDescription": "The unique name of a project.", - "title": "Name", + "Description": { + "markdownDescription": "The description of the phone number.", + "title": "Description", "type": "string" }, - "RecipeName": { - "markdownDescription": "The name of a recipe that will be developed during a project session.", - "title": "RecipeName", + "Prefix": { + "markdownDescription": "The prefix of the phone number. If provided, it must contain `+` as part of the country code.\n\n*Pattern* : `^\\\\+[0-9]{1,15}`", + "title": "Prefix", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that will be assumed for this project.", - "title": "RoleArn", + "SourcePhoneNumberArn": { + "markdownDescription": "The claimed phone number ARN that was previously imported from the external service, such as AWS End User Messaging. If it is from AWS End User Messaging, it looks like the ARN of the phone number that was imported from AWS End User Messaging.", + "title": "SourcePhoneNumberArn", "type": "string" }, - "Sample": { - "$ref": "#/definitions/AWS::DataBrew::Project.Sample", - "markdownDescription": "The sample size and sampling type to apply to the data. If this parameter isn't specified, then the sample consists of the first 500 rows from the dataset.", - "title": "Sample" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the project.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for Amazon Connect instances or traffic distribution group that phone numbers are claimed to.", + "title": "TargetArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of phone number.", + "title": "Type", + "type": "string" } }, "required": [ - "DatasetName", - "Name", - "RecipeName", - "RoleArn" + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Project" + "AWS::Connect::PhoneNumber" ], "type": "string" }, @@ -60095,26 +65921,100 @@ ], "type": "object" }, - "AWS::DataBrew::Project.Sample": { + "AWS::Connect::PredefinedAttribute": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The number of rows in the sample.", - "title": "Size", - "type": "number" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the predefined attribute.", + "title": "Name", + "type": "string" + }, + "Values": { + "$ref": "#/definitions/AWS::Connect::PredefinedAttribute.Values", + "markdownDescription": "The values of a predefined attribute.", + "title": "Values" + } + }, + "required": [ + "InstanceArn", + "Name", + "Values" + ], + "type": "object" }, "Type": { - "markdownDescription": "The way in which DataBrew obtains rows from a dataset.", - "title": "Type", + "enum": [ + "AWS::Connect::PredefinedAttribute" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Recipe": { + "AWS::Connect::PredefinedAttribute.Values": { + "additionalProperties": false, + "properties": { + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "Predefined attribute values of type string list.", + "title": "StringList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Connect::Prompt": { "additionalProperties": false, "properties": { "Condition": { @@ -60150,41 +66050,43 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the recipe.", + "markdownDescription": "The description of the prompt.", "title": "Description", "type": "string" }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, "Name": { - "markdownDescription": "The unique name for the recipe.", + "markdownDescription": "The name of the prompt.", "title": "Name", "type": "string" }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeStep" - }, - "markdownDescription": "A list of steps that are defined by the recipe.", - "title": "Steps", - "type": "array" + "S3Uri": { + "markdownDescription": "The URI for the S3 bucket where the prompt is stored. This property is required when you create a prompt.", + "title": "S3Uri", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the recipe.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "Steps" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Recipe" + "AWS::Connect::Prompt" ], "type": "string" }, @@ -60203,670 +66105,159 @@ ], "type": "object" }, - "AWS::DataBrew::Recipe.Action": { + "AWS::Connect::Queue": { "additionalProperties": false, "properties": { - "Operation": { - "markdownDescription": "The name of a valid DataBrew transformation to be performed on the data.", - "title": "Operation", + "Condition": { "type": "string" }, - "Parameters": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeParameters", - "markdownDescription": "Contextual parameters for the transformation.", - "title": "Parameters" - } - }, - "required": [ - "Operation" - ], - "type": "object" - }, - "AWS::DataBrew::Recipe.ConditionExpression": { - "additionalProperties": false, - "properties": { - "Condition": { - "markdownDescription": "A specific condition to apply to a recipe action. For more information, see [Recipe structure](https://docs.aws.amazon.com/databrew/latest/dg/recipe-structure.html) in the *AWS Glue DataBrew Developer Guide* .", - "title": "Condition", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TargetColumn": { - "markdownDescription": "A column to apply this condition to.", - "title": "TargetColumn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the queue.", + "title": "Description", + "type": "string" + }, + "HoursOfOperationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hours of operation.", + "title": "HoursOfOperationArn", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "MaxContacts": { + "markdownDescription": "The maximum number of contacts that can be in the queue before it is considered full.", + "title": "MaxContacts", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the queue.", + "title": "Name", + "type": "string" + }, + "OutboundCallerConfig": { + "$ref": "#/definitions/AWS::Connect::Queue.OutboundCallerConfig", + "markdownDescription": "The outbound caller ID name, number, and outbound whisper flow.", + "title": "OutboundCallerConfig" + }, + "OutboundEmailConfig": { + "$ref": "#/definitions/AWS::Connect::Queue.OutboundEmailConfig", + "markdownDescription": "The outbound email address ID for a specified queue.", + "title": "OutboundEmailConfig" + }, + "QuickConnectArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the of the quick connects available to agents who are working the queue.", + "title": "QuickConnectArns", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of the queue.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HoursOfOperationArn", + "InstanceArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::Queue" + ], "type": "string" }, - "Value": { - "markdownDescription": "A value that the condition must evaluate to for the condition to succeed.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Condition", - "TargetColumn" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Recipe.DataCatalogInputDefinition": { + "AWS::Connect::Queue.OutboundCallerConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", + "OutboundCallerIdName": { + "markdownDescription": "The caller ID name.", + "title": "OutboundCallerIdName", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", + "OutboundCallerIdNumberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the outbound caller ID number.\n\n> Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API.", + "title": "OutboundCallerIdNumberArn", "type": "string" }, - "TableName": { - "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", - "title": "TableName", + "OutboundFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the outbound flow.", + "title": "OutboundFlowArn", "type": "string" - }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "Represents an Amazon location where DataBrew can store intermediate results.", - "title": "TempDirectory" } }, "type": "object" }, - "AWS::DataBrew::Recipe.Input": { + "AWS::Connect::Queue.OutboundEmailConfig": { "additionalProperties": false, "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" + "OutboundEmailAddressId": { + "markdownDescription": "The identifier of the email address.", + "title": "OutboundEmailAddressId", + "type": "string" } }, "type": "object" }, - "AWS::DataBrew::Recipe.RecipeParameters": { - "additionalProperties": false, - "properties": { - "AggregateFunction": { - "markdownDescription": "The name of an aggregation function to apply.", - "title": "AggregateFunction", - "type": "string" - }, - "Base": { - "markdownDescription": "The number of digits used in a counting system.", - "title": "Base", - "type": "string" - }, - "CaseStatement": { - "markdownDescription": "A case statement associated with a recipe.", - "title": "CaseStatement", - "type": "string" - }, - "CategoryMap": { - "markdownDescription": "A category map used for one-hot encoding.", - "title": "CategoryMap", - "type": "string" - }, - "CharsToRemove": { - "markdownDescription": "Characters to remove from a step that applies one-hot encoding or tokenization.", - "title": "CharsToRemove", - "type": "string" - }, - "CollapseConsecutiveWhitespace": { - "markdownDescription": "Remove any non-word non-punctuation character.", - "title": "CollapseConsecutiveWhitespace", - "type": "string" - }, - "ColumnDataType": { - "markdownDescription": "The data type of the column.", - "title": "ColumnDataType", - "type": "string" - }, - "ColumnRange": { - "markdownDescription": "A range of columns to which a step is applied.", - "title": "ColumnRange", - "type": "string" - }, - "Count": { - "markdownDescription": "The number of times a string needs to be repeated.", - "title": "Count", - "type": "string" - }, - "CustomCharacters": { - "markdownDescription": "One or more characters that can be substituted or removed, depending on the context.", - "title": "CustomCharacters", - "type": "string" - }, - "CustomStopWords": { - "markdownDescription": "A list of words to ignore in a step that applies word tokenization.", - "title": "CustomStopWords", - "type": "string" - }, - "CustomValue": { - "markdownDescription": "A list of custom values to use in a step that requires that you provide a value to finish the operation.", - "title": "CustomValue", - "type": "string" - }, - "DatasetsColumns": { - "markdownDescription": "A list of the dataset columns included in a project.", - "title": "DatasetsColumns", - "type": "string" - }, - "DateAddValue": { - "markdownDescription": "A value that specifies how many units of time to add or subtract for a date math operation.", - "title": "DateAddValue", - "type": "string" - }, - "DateTimeFormat": { - "markdownDescription": "A date format to apply to a date.", - "title": "DateTimeFormat", - "type": "string" - }, - "DateTimeParameters": { - "markdownDescription": "A set of parameters associated with a datetime.", - "title": "DateTimeParameters", - "type": "string" - }, - "DeleteOtherRows": { - "markdownDescription": "Determines whether unmapped rows in a categorical mapping should be deleted", - "title": "DeleteOtherRows", - "type": "string" - }, - "Delimiter": { - "markdownDescription": "The delimiter to use when parsing separated values in a text file.", - "title": "Delimiter", - "type": "string" - }, - "EndPattern": { - "markdownDescription": "The end pattern to locate.", - "title": "EndPattern", - "type": "string" - }, - "EndPosition": { - "markdownDescription": "The end position to locate.", - "title": "EndPosition", - "type": "string" - }, - "EndValue": { - "markdownDescription": "The end value to locate.", - "title": "EndValue", - "type": "string" - }, - "ExpandContractions": { - "markdownDescription": "A list of word contractions and what they expand to. For eample: *can't* ; *cannot* ; *can not* .", - "title": "ExpandContractions", - "type": "string" - }, - "Exponent": { - "markdownDescription": "The exponent to apply in an exponential operation.", - "title": "Exponent", - "type": "string" - }, - "FalseString": { - "markdownDescription": "A value that represents `FALSE` .", - "title": "FalseString", - "type": "string" - }, - "GroupByAggFunctionOptions": { - "markdownDescription": "Specifies options to apply to the `GROUP BY` used in an aggregation.", - "title": "GroupByAggFunctionOptions", - "type": "string" - }, - "GroupByColumns": { - "markdownDescription": "The columns to use in the `GROUP BY` clause.", - "title": "GroupByColumns", - "type": "string" - }, - "HiddenColumns": { - "markdownDescription": "A list of columns to hide.", - "title": "HiddenColumns", - "type": "string" - }, - "IgnoreCase": { - "markdownDescription": "Indicates that lower and upper case letters are treated equally.", - "title": "IgnoreCase", - "type": "string" - }, - "IncludeInSplit": { - "markdownDescription": "Indicates if this column is participating in a split transform.", - "title": "IncludeInSplit", - "type": "string" - }, - "Input": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.Input", - "markdownDescription": "The input location to load the dataset from - Amazon S3 or AWS Glue Data Catalog .", - "title": "Input" - }, - "Interval": { - "markdownDescription": "The number of characters to split by.", - "title": "Interval", - "type": "string" - }, - "IsText": { - "markdownDescription": "Indicates if the content is text.", - "title": "IsText", - "type": "string" - }, - "JoinKeys": { - "markdownDescription": "The keys or columns involved in a join.", - "title": "JoinKeys", - "type": "string" - }, - "JoinType": { - "markdownDescription": "The type of join to use, for example, `INNER JOIN` , `OUTER JOIN` , and so on.", - "title": "JoinType", - "type": "string" - }, - "LeftColumns": { - "markdownDescription": "The columns on the left side of the join.", - "title": "LeftColumns", - "type": "string" - }, - "Limit": { - "markdownDescription": "The number of times to perform `split` or `replaceBy` in a string", - "title": "Limit", - "type": "string" - }, - "LowerBound": { - "markdownDescription": "The lower boundary for a value.", - "title": "LowerBound", - "type": "string" - }, - "MapType": { - "markdownDescription": "The type of mappings to apply to construct a new dynamic frame.", - "title": "MapType", - "type": "string" - }, - "ModeType": { - "markdownDescription": "Determines the manner in which mode value is calculated, in case there is more than one mode value. Valid values: `NONE` | `AVERAGE` | `MINIMUM` | `MAXIMUM`", - "title": "ModeType", - "type": "string" - }, - "MultiLine": { - "markdownDescription": "Specifies whether JSON input contains embedded new line characters.", - "title": "MultiLine", - "type": "boolean" - }, - "NumRows": { - "markdownDescription": "The number of rows to consider in a window.", - "title": "NumRows", - "type": "string" - }, - "NumRowsAfter": { - "markdownDescription": "The number of rows to consider after the current row in a window", - "title": "NumRowsAfter", - "type": "string" - }, - "NumRowsBefore": { - "markdownDescription": "The number of rows to consider before the current row in a window", - "title": "NumRowsBefore", - "type": "string" - }, - "OrderByColumn": { - "markdownDescription": "A column to sort the results by.", - "title": "OrderByColumn", - "type": "string" - }, - "OrderByColumns": { - "markdownDescription": "The columns to sort the results by.", - "title": "OrderByColumns", - "type": "string" - }, - "Other": { - "markdownDescription": "The value to assign to unmapped cells, in categorical mapping", - "title": "Other", - "type": "string" - }, - "Pattern": { - "markdownDescription": "The pattern to locate.", - "title": "Pattern", - "type": "string" - }, - "PatternOption1": { - "markdownDescription": "The starting pattern to split between.", - "title": "PatternOption1", - "type": "string" - }, - "PatternOption2": { - "markdownDescription": "The ending pattern to split between.", - "title": "PatternOption2", - "type": "string" - }, - "PatternOptions": { - "markdownDescription": "For splitting by multiple delimiters: A JSON-encoded string that lists the patterns in the format. For example: `[{\\\"pattern\\\":\\\"1\\\",\\\"includeInSplit\\\":true}]`", - "title": "PatternOptions", - "type": "string" - }, - "Period": { - "markdownDescription": "The size of the rolling window.", - "title": "Period", - "type": "string" - }, - "Position": { - "markdownDescription": "The character index within a string", - "title": "Position", - "type": "string" - }, - "RemoveAllPunctuation": { - "markdownDescription": "If `true` , removes all of the following characters: `.` `.!` `.,` `.?`", - "title": "RemoveAllPunctuation", - "type": "string" - }, - "RemoveAllQuotes": { - "markdownDescription": "If `true` , removes all single quotes and double quotes.", - "title": "RemoveAllQuotes", - "type": "string" - }, - "RemoveAllWhitespace": { - "markdownDescription": "If `true` , removes all whitespaces from the value.", - "title": "RemoveAllWhitespace", - "type": "string" - }, - "RemoveCustomCharacters": { - "markdownDescription": "If `true` , removes all chraracters specified by `CustomCharacters` .", - "title": "RemoveCustomCharacters", - "type": "string" - }, - "RemoveCustomValue": { - "markdownDescription": "If `true` , removes all chraracters specified by `CustomValue` .", - "title": "RemoveCustomValue", - "type": "string" - }, - "RemoveLeadingAndTrailingPunctuation": { - "markdownDescription": "If `true` , removes the following characters if they occur at the start or end of the value: `.` `!` `,` `?`", - "title": "RemoveLeadingAndTrailingPunctuation", - "type": "string" - }, - "RemoveLeadingAndTrailingQuotes": { - "markdownDescription": "If `true` , removes single quotes and double quotes from the beginning and end of the value.", - "title": "RemoveLeadingAndTrailingQuotes", - "type": "string" - }, - "RemoveLeadingAndTrailingWhitespace": { - "markdownDescription": "If `true` , removes all whitespaces from the beginning and end of the value.", - "title": "RemoveLeadingAndTrailingWhitespace", - "type": "string" - }, - "RemoveLetters": { - "markdownDescription": "If `true` , removes all uppercase and lowercase alphabetic characters (A through Z; a through z).", - "title": "RemoveLetters", - "type": "string" - }, - "RemoveNumbers": { - "markdownDescription": "If `true` , removes all numeric characters (0 through 9).", - "title": "RemoveNumbers", - "type": "string" - }, - "RemoveSourceColumn": { - "markdownDescription": "If `true` , the source column will be removed after un-nesting that column. (Used with nested column types, such as Map, Struct, or Array.)", - "title": "RemoveSourceColumn", - "type": "string" - }, - "RemoveSpecialCharacters": { - "markdownDescription": "If `true` , removes all of the following characters: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~`", - "title": "RemoveSpecialCharacters", - "type": "string" - }, - "RightColumns": { - "markdownDescription": "The columns on the right side of a join.", - "title": "RightColumns", - "type": "string" - }, - "SampleSize": { - "markdownDescription": "The number of rows in the sample.", - "title": "SampleSize", - "type": "string" - }, - "SampleType": { - "markdownDescription": "The sampling type to apply to the dataset. Valid values: `FIRST_N` | `LAST_N` | `RANDOM`", - "title": "SampleType", - "type": "string" - }, - "SecondInput": { - "markdownDescription": "A object value to indicate the second dataset used in a join.", - "title": "SecondInput", - "type": "string" - }, - "SecondaryInputs": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.SecondaryInput" - }, - "markdownDescription": "A list of secondary inputs in a UNION transform", - "title": "SecondaryInputs", - "type": "array" - }, - "SheetIndexes": { - "items": { - "type": "number" - }, - "markdownDescription": "One or more sheet numbers in the Excel file, which will be included in a dataset.", - "title": "SheetIndexes", - "type": "array" - }, - "SheetNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Oone or more named sheets in the Excel file, which will be included in a dataset.", - "title": "SheetNames", - "type": "array" - }, - "SourceColumn": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn", - "type": "string" - }, - "SourceColumn1": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn1", - "type": "string" - }, - "SourceColumn2": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn2", - "type": "string" - }, - "SourceColumns": { - "markdownDescription": "A list of source columns needed for an operation, step, or transform.", - "title": "SourceColumns", - "type": "string" - }, - "StartColumnIndex": { - "markdownDescription": "The index number of the first column used by an operation, step, or transform.", - "title": "StartColumnIndex", - "type": "string" - }, - "StartPattern": { - "markdownDescription": "The starting pattern to locate.", - "title": "StartPattern", - "type": "string" - }, - "StartPosition": { - "markdownDescription": "The starting position to locate.", - "title": "StartPosition", - "type": "string" - }, - "StartValue": { - "markdownDescription": "The starting value to locate.", - "title": "StartValue", - "type": "string" - }, - "StemmingMode": { - "markdownDescription": "Indicates this operation uses stems and lemmas (base words) for word tokenization.", - "title": "StemmingMode", - "type": "string" - }, - "StepCount": { - "markdownDescription": "The total number of transforms in this recipe.", - "title": "StepCount", - "type": "string" - }, - "StepIndex": { - "markdownDescription": "The index ID of a step.", - "title": "StepIndex", - "type": "string" - }, - "StopWordsMode": { - "markdownDescription": "Indicates this operation uses stop words as part of word tokenization.", - "title": "StopWordsMode", - "type": "string" - }, - "Strategy": { - "markdownDescription": "The resolution strategy to apply in resolving ambiguities.", - "title": "Strategy", - "type": "string" - }, - "TargetColumn": { - "markdownDescription": "The column targeted by this operation.", - "title": "TargetColumn", - "type": "string" - }, - "TargetColumnNames": { - "markdownDescription": "The names to give columns altered by this operation.", - "title": "TargetColumnNames", - "type": "string" - }, - "TargetDateFormat": { - "markdownDescription": "The date format to convert to.", - "title": "TargetDateFormat", - "type": "string" - }, - "TargetIndex": { - "markdownDescription": "The index number of an object that is targeted by this operation.", - "title": "TargetIndex", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "The current timezone that you want to use for dates.", - "title": "TimeZone", - "type": "string" - }, - "TokenizerPattern": { - "markdownDescription": "A regex expression to use when splitting text into terms, also called words or tokens.", - "title": "TokenizerPattern", - "type": "string" - }, - "TrueString": { - "markdownDescription": "A value to use to represent `TRUE` .", - "title": "TrueString", - "type": "string" - }, - "UdfLang": { - "markdownDescription": "The language that's used in the user-defined function.", - "title": "UdfLang", - "type": "string" - }, - "Units": { - "markdownDescription": "Specifies a unit of time. For example: `MINUTES` ; `SECONDS` ; `HOURS` ; etc.", - "title": "Units", - "type": "string" - }, - "UnpivotColumn": { - "markdownDescription": "Cast columns as rows, so that each value is a different row in a single column.", - "title": "UnpivotColumn", - "type": "string" - }, - "UpperBound": { - "markdownDescription": "The upper boundary for a value.", - "title": "UpperBound", - "type": "string" - }, - "UseNewDataFrame": { - "markdownDescription": "Create a new container to hold a dataset.", - "title": "UseNewDataFrame", - "type": "string" - }, - "Value": { - "markdownDescription": "A static value that can be used in a comparison, a substitution, or in another context-specific way. A `Value` can be a number, string, or other datatype, depending on the recipe action in which it's used.", - "title": "Value", - "type": "string" - }, - "Value1": { - "markdownDescription": "A value that's used by this operation.", - "title": "Value1", - "type": "string" - }, - "Value2": { - "markdownDescription": "A value that's used by this operation.", - "title": "Value2", - "type": "string" - }, - "ValueColumn": { - "markdownDescription": "The column that is provided as a value that's used by this operation.", - "title": "ValueColumn", - "type": "string" - }, - "ViewFrame": { - "markdownDescription": "The subset of rows currently available for viewing.", - "title": "ViewFrame", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Recipe.RecipeStep": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.Action", - "markdownDescription": "The particular action to be performed in the recipe step.", - "title": "Action" - }, - "ConditionExpressions": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.ConditionExpression" - }, - "markdownDescription": "One or more conditions that must be met for the recipe step to succeed.\n\n> All of the conditions in the array must be met. In other words, all of the conditions must be combined using a logical AND operation.", - "title": "ConditionExpressions", - "type": "array" - } - }, - "required": [ - "Action" - ], - "type": "object" - }, - "AWS::DataBrew::Recipe.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", - "type": "string" - } - }, - "required": [ - "Bucket" - ], - "type": "object" - }, - "AWS::DataBrew::Recipe.SecondaryInput": { - "additionalProperties": false, - "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" - } - }, - "type": "object" - }, - "AWS::DataBrew::Ruleset": { + "AWS::Connect::QuickConnect": { "additionalProperties": false, "properties": { "Condition": { @@ -60902,47 +66293,44 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the ruleset.", + "markdownDescription": "The description of the quick connect.", "title": "Description", "type": "string" }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the ruleset.", + "markdownDescription": "The name of the quick connect.", "title": "Name", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.Rule" - }, - "markdownDescription": "Contains metadata about the ruleset.", - "title": "Rules", - "type": "array" + "QuickConnectConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.QuickConnectConfig", + "markdownDescription": "Contains information about the quick connect.", + "title": "QuickConnectConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a resource (dataset) that the ruleset is associated with.", - "title": "TargetArn", - "type": "string" } }, "required": [ + "InstanceArn", "Name", - "Rules", - "TargetArn" + "QuickConnectConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Ruleset" + "AWS::Connect::QuickConnect" ], "type": "string" }, @@ -60961,113 +66349,90 @@ ], "type": "object" }, - "AWS::DataBrew::Ruleset.ColumnSelector": { + "AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a column from a dataset.", - "title": "Name", - "type": "string" - }, - "Regex": { - "markdownDescription": "A regular expression for selecting a column from a dataset.", - "title": "Regex", + "PhoneNumber": { + "markdownDescription": "The phone number in E.164 format.", + "title": "PhoneNumber", "type": "string" } }, + "required": [ + "PhoneNumber" + ], "type": "object" }, - "AWS::DataBrew::Ruleset.Rule": { + "AWS::Connect::QuickConnect.QueueQuickConnectConfig": { "additionalProperties": false, "properties": { - "CheckExpression": { - "markdownDescription": "The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` .", - "title": "CheckExpression", + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", "type": "string" }, - "ColumnSelectors": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.ColumnSelector" - }, - "markdownDescription": "List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns.", - "title": "ColumnSelectors", - "type": "array" - }, - "Disabled": { - "markdownDescription": "A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false.", - "title": "Disabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the rule.", - "title": "Name", + "QueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "QueueArn", "type": "string" - }, - "SubstitutionMap": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.SubstitutionValue" - }, - "markdownDescription": "The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `\":col1\": \"`Column A`\".`", - "title": "SubstitutionMap", - "type": "array" - }, - "Threshold": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.Threshold", - "markdownDescription": "The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds.", - "title": "Threshold" } }, "required": [ - "CheckExpression", - "Name" + "ContactFlowArn", + "QueueArn" ], "type": "object" }, - "AWS::DataBrew::Ruleset.SubstitutionValue": { + "AWS::Connect::QuickConnect.QuickConnectConfig": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "Value or column name.", - "title": "Value", - "type": "string" + "PhoneConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig", + "markdownDescription": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER.", + "title": "PhoneConfig" }, - "ValueReference": { - "markdownDescription": "Variable name.", - "title": "ValueReference", + "QueueConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.QueueQuickConnectConfig", + "markdownDescription": "The queue configuration. This is required only if QuickConnectType is QUEUE.", + "title": "QueueConfig" + }, + "QuickConnectType": { + "markdownDescription": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", + "title": "QuickConnectType", "type": "string" + }, + "UserConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.UserQuickConnectConfig", + "markdownDescription": "The user configuration. This is required only if QuickConnectType is USER.", + "title": "UserConfig" } }, "required": [ - "Value", - "ValueReference" + "QuickConnectType" ], "type": "object" }, - "AWS::DataBrew::Ruleset.Threshold": { + "AWS::Connect::QuickConnect.UserQuickConnectConfig": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value.", - "title": "Type", + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", "type": "string" }, - "Unit": { - "markdownDescription": "Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation.", - "title": "Unit", + "UserArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user.", + "title": "UserArn", "type": "string" - }, - "Value": { - "markdownDescription": "The value of a threshold.", - "title": "Value", - "type": "number" } }, "required": [ - "Value" + "ContactFlowArn", + "UserArn" ], "type": "object" }, - "AWS::DataBrew::Schedule": { + "AWS::Connect::RoutingProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -61102,42 +66467,68 @@ "Properties": { "additionalProperties": false, "properties": { - "CronExpression": { - "markdownDescription": "The dates and times when the job is to run. For more information, see [Working with cron expressions for recipe jobs](https://docs.aws.amazon.com/databrew/latest/dg/jobs.recipe.html#jobs.cron) in the *AWS Glue DataBrew Developer Guide* .", - "title": "CronExpression", + "AgentAvailabilityTimer": { + "markdownDescription": "Whether agents with this routing profile will have their routing order calculated based on *time since their last inbound contact* or *longest idle time* .", + "title": "AgentAvailabilityTimer", "type": "string" }, - "JobNames": { + "DefaultOutboundQueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the default outbound queue for the routing profile.", + "title": "DefaultOutboundQueueArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the routing profile.", + "title": "Description", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "MediaConcurrencies": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Connect::RoutingProfile.MediaConcurrency" }, - "markdownDescription": "A list of jobs to be run, according to the schedule.", - "title": "JobNames", + "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", + "title": "MediaConcurrencies", "type": "array" }, "Name": { - "markdownDescription": "The name of the schedule.", + "markdownDescription": "The name of the routing profile.", "title": "Name", "type": "string" }, + "QueueConfigs": { + "items": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueConfig" + }, + "markdownDescription": "The inbound queues associated with the routing profile. If no queue is added, the agent can make only outbound calls.", + "title": "QueueConfigs", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the schedule.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "CronExpression", + "DefaultOutboundQueueArn", + "Description", + "InstanceArn", + "MediaConcurrencies", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Schedule" + "AWS::Connect::RoutingProfile" ], "type": "string" }, @@ -61156,7 +66547,92 @@ ], "type": "object" }, - "AWS::DataPipeline::Pipeline": { + "AWS::Connect::RoutingProfile.CrossChannelBehavior": { + "additionalProperties": false, + "properties": { + "BehaviorType": { + "markdownDescription": "Specifies the other channels that can be routed to an agent handling their current channel.", + "title": "BehaviorType", + "type": "string" + } + }, + "required": [ + "BehaviorType" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.MediaConcurrency": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The channels that agents can handle in the Contact Control Panel (CCP).", + "title": "Channel", + "type": "string" + }, + "Concurrency": { + "markdownDescription": "The number of contacts an agent can have on a channel simultaneously.\n\nValid Range for `VOICE` : Minimum value of 1. Maximum value of 1.\n\nValid Range for `CHAT` : Minimum value of 1. Maximum value of 10.\n\nValid Range for `TASK` : Minimum value of 1. Maximum value of 10.", + "title": "Concurrency", + "type": "number" + }, + "CrossChannelBehavior": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.CrossChannelBehavior", + "markdownDescription": "Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel.", + "title": "CrossChannelBehavior" + } + }, + "required": [ + "Channel", + "Concurrency" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.RoutingProfileQueueConfig": { + "additionalProperties": false, + "properties": { + "Delay": { + "markdownDescription": "The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* .", + "title": "Delay", + "type": "number" + }, + "Priority": { + "markdownDescription": "The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) .", + "title": "Priority", + "type": "number" + }, + "QueueReference": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueReference", + "markdownDescription": "Contains information about a queue resource.", + "title": "QueueReference" + } + }, + "required": [ + "Delay", + "Priority", + "QueueReference" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.RoutingProfileQueueReference": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", + "title": "Channel", + "type": "string" + }, + "QueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "QueueArn", + "type": "string" + } + }, + "required": [ + "Channel", + "QueueArn" + ], + "type": "object" + }, + "AWS::Connect::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -61191,62 +66667,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to `true` .", - "title": "Activate", - "type": "boolean" + "Actions": { + "$ref": "#/definitions/AWS::Connect::Rule.Actions", + "markdownDescription": "A list of actions to be run when the rule is triggered.", + "title": "Actions" }, - "Description": { - "markdownDescription": "A description of the pipeline.", - "title": "Description", + "Function": { + "markdownDescription": "The conditions of the rule.", + "title": "Function", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the pipeline.", + "markdownDescription": "The name of the rule.", "title": "Name", "type": "string" }, - "ParameterObjects": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterObject" - }, - "markdownDescription": "The parameter objects used with the pipeline.", - "title": "ParameterObjects", - "type": "array" - }, - "ParameterValues": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterValue" - }, - "markdownDescription": "The parameter values used with the pipeline.", - "title": "ParameterValues", - "type": "array" + "PublishStatus": { + "markdownDescription": "The publish status of the rule.\n\n*Allowed values* : `DRAFT` | `PUBLISHED`", + "title": "PublishStatus", + "type": "string" }, - "PipelineObjects": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineObject" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see [Editing Your Pipeline](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-manage-pipeline-modify-console.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "PipelineObjects", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", "type": "array" }, - "PipelineTags": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineTag" - }, - "markdownDescription": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see [Controlling Access to Pipelines and Resources](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-control-access.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "PipelineTags", - "type": "array" + "TriggerEventSource": { + "$ref": "#/definitions/AWS::Connect::Rule.RuleTriggerEventSource", + "markdownDescription": "The event source to trigger the rule.", + "title": "TriggerEventSource" } }, "required": [ - "Name" + "Actions", + "Function", + "InstanceArn", + "Name", + "PublishStatus", + "TriggerEventSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataPipeline::Pipeline" + "AWS::Connect::Rule" ], "type": "string" }, @@ -61265,143 +66737,328 @@ ], "type": "object" }, - "AWS::DataPipeline::Pipeline.Field": { + "AWS::Connect::Rule.Actions": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Specifies the name of a field for a particular object. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "Key", - "type": "string" + "AssignContactCategoryActions": { + "items": { + "type": "object" + }, + "markdownDescription": "Information about the contact category action. The syntax can be empty, for example, `{}` .", + "title": "AssignContactCategoryActions", + "type": "array" }, - "RefValue": { - "markdownDescription": "A field value that you specify as an identifier of another object in the same pipeline definition.\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", - "title": "RefValue", - "type": "string" + "CreateCaseActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.CreateCaseAction" + }, + "markdownDescription": "", + "title": "CreateCaseActions", + "type": "array" }, - "StringValue": { - "markdownDescription": "A field value that you specify as a string. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", - "title": "StringValue", - "type": "string" + "EndAssociatedTasksActions": { + "items": { + "type": "object" + }, + "markdownDescription": "", + "title": "EndAssociatedTasksActions", + "type": "array" + }, + "EventBridgeActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.EventBridgeAction" + }, + "markdownDescription": "Information about the EventBridge action.", + "title": "EventBridgeActions", + "type": "array" + }, + "SendNotificationActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.SendNotificationAction" + }, + "markdownDescription": "Information about the send notification action.", + "title": "SendNotificationActions", + "type": "array" + }, + "SubmitAutoEvaluationActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.SubmitAutoEvaluationAction" + }, + "markdownDescription": "", + "title": "SubmitAutoEvaluationActions", + "type": "array" + }, + "TaskActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.TaskAction" + }, + "markdownDescription": "Information about the task action. This field is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", + "title": "TaskActions", + "type": "array" + }, + "UpdateCaseActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.UpdateCaseAction" + }, + "markdownDescription": "", + "title": "UpdateCaseActions", + "type": "array" } }, - "required": [ - "Key" - ], "type": "object" }, - "AWS::DataPipeline::Pipeline.ParameterAttribute": { + "AWS::Connect::Rule.CreateCaseAction": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The field identifier.", - "title": "Key", - "type": "string" + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.Field" + }, + "markdownDescription": "", + "title": "Fields", + "type": "array" }, - "StringValue": { - "markdownDescription": "The field value, expressed as a String.", - "title": "StringValue", + "TemplateId": { + "markdownDescription": "", + "title": "TemplateId", "type": "string" } }, "required": [ - "Key", - "StringValue" + "Fields", + "TemplateId" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.ParameterObject": { + "AWS::Connect::Rule.EventBridgeAction": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterAttribute" - }, - "markdownDescription": "The attributes of the parameter object.", - "title": "Attributes", - "type": "array" - }, - "Id": { - "markdownDescription": "The ID of the parameter object.", - "title": "Id", + "Name": { + "markdownDescription": "The name.", + "title": "Name", "type": "string" } }, "required": [ - "Attributes", - "Id" + "Name" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.ParameterValue": { + "AWS::Connect::Rule.Field": { "additionalProperties": false, "properties": { "Id": { - "markdownDescription": "The ID of the parameter value.", + "markdownDescription": "", "title": "Id", "type": "string" }, - "StringValue": { - "markdownDescription": "The field value, expressed as a String.", - "title": "StringValue", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::Connect::Rule.FieldValue", + "markdownDescription": "", + "title": "Value" } }, "required": [ "Id", - "StringValue" + "Value" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.PipelineObject": { + "AWS::Connect::Rule.FieldValue": { "additionalProperties": false, "properties": { - "Fields": { + "BooleanValue": { + "markdownDescription": "", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "", + "title": "DoubleValue", + "type": "number" + }, + "EmptyValue": { + "markdownDescription": "", + "title": "EmptyValue", + "type": "object" + }, + "StringValue": { + "markdownDescription": "", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Connect::Rule.NotificationRecipientType": { + "additionalProperties": false, + "properties": { + "UserArns": { "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.Field" + "type": "string" }, - "markdownDescription": "Key-value pairs that define the properties of the object.", - "title": "Fields", + "markdownDescription": "The Amazon Resource Name (ARN) of the user account.", + "title": "UserArns", "type": "array" }, - "Id": { - "markdownDescription": "The ID of the object.", - "title": "Id", + "UserTags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }. Amazon Connect users with the specified tags will be notified.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserTags", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Connect::Rule.Reference": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of the reference. `DATE` must be of type Epoch timestamp.\n\n*Allowed values* : `URL` | `ATTACHMENT` | `NUMBER` | `STRING` | `DATE` | `EMAIL`", + "title": "Type", "type": "string" }, - "Name": { - "markdownDescription": "The name of the object.", - "title": "Name", + "Value": { + "markdownDescription": "A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).", + "title": "Value", "type": "string" } }, "required": [ - "Fields", - "Id", - "Name" + "Type", + "Value" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.PipelineTag": { + "AWS::Connect::Rule.RuleTriggerEventSource": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key name of a tag.", - "title": "Key", + "EventSourceName": { + "markdownDescription": "The name of the event source.", + "title": "EventSourceName", "type": "string" }, - "Value": { - "markdownDescription": "The value to associate with the key name.", - "title": "Value", + "IntegrationAssociationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the integration association. `IntegrationAssociationArn` is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", + "title": "IntegrationAssociationArn", "type": "string" } }, "required": [ - "Key", - "Value" + "EventSourceName" ], "type": "object" }, - "AWS::DataSync::Agent": { + "AWS::Connect::Rule.SendNotificationAction": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "Notification content. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Content", + "type": "string" + }, + "ContentType": { + "markdownDescription": "Content type format.\n\n*Allowed value* : `PLAIN_TEXT`", + "title": "ContentType", + "type": "string" + }, + "DeliveryMethod": { + "markdownDescription": "Notification delivery method.\n\n*Allowed value* : `EMAIL`", + "title": "DeliveryMethod", + "type": "string" + }, + "Recipient": { + "$ref": "#/definitions/AWS::Connect::Rule.NotificationRecipientType", + "markdownDescription": "Notification recipient.", + "title": "Recipient" + }, + "Subject": { + "markdownDescription": "The subject of the email if the delivery method is `EMAIL` . Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Subject", + "type": "string" + } + }, + "required": [ + "Content", + "ContentType", + "DeliveryMethod", + "Recipient" + ], + "type": "object" + }, + "AWS::Connect::Rule.SubmitAutoEvaluationAction": { + "additionalProperties": false, + "properties": { + "EvaluationFormArn": { + "markdownDescription": "", + "title": "EvaluationFormArn", + "type": "string" + } + }, + "required": [ + "EvaluationFormArn" + ], + "type": "object" + }, + "AWS::Connect::Rule.TaskAction": { + "additionalProperties": false, + "properties": { + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Name", + "type": "string" + }, + "References": { + "additionalProperties": false, + "markdownDescription": "Information about the reference when the `referenceType` is `URL` . Otherwise, null. `URL` is the only accepted type. (Supports variable injection in the `Value` field.)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Connect::Rule.Reference" + } + }, + "title": "References", + "type": "object" + } + }, + "required": [ + "ContactFlowArn", + "Name" + ], + "type": "object" + }, + "AWS::Connect::Rule.UpdateCaseAction": { + "additionalProperties": false, + "properties": { + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.Field" + }, + "markdownDescription": "", + "title": "Fields", + "type": "array" + } + }, + "required": [ + "Fields" + ], + "type": "object" + }, + "AWS::Connect::SecurityKey": { "additionalProperties": false, "properties": { "Condition": { @@ -61436,51 +67093,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ActivationKey": { - "markdownDescription": "Specifies your DataSync agent's activation key. If you don't have an activation key, see [Activating your agent](https://docs.aws.amazon.com/datasync/latest/userguide/activate-agent.html) .", - "title": "ActivationKey", - "type": "string" - }, - "AgentName": { - "markdownDescription": "Specifies a name for your agent. We recommend specifying a name that you can remember.", - "title": "AgentName", + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", "type": "string" }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. See [SecurityGroupArns](https://docs.aws.amazon.com/datasync/latest/userguide/API_Ec2Config.html#DataSync-Type-Ec2Config-SecurityGroupArns) .\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`", - "title": "SecurityGroupArns", - "type": "array" - }, - "SubnetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the ARN of the subnet where your VPC service endpoint is located. You can only specify one ARN.", - "title": "SubnetArns", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least one tag for your agent.", - "title": "Tags", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The ID of the virtual private cloud (VPC) endpoint that the agent has access to. This is the client-side VPC endpoint, powered by AWS PrivateLink . If you don't have an AWS PrivateLink VPC endpoint, see [AWS PrivateLink and VPC endpoints](https://docs.aws.amazon.com//vpc/latest/userguide/endpoint-services-overview.html) in the *Amazon VPC User Guide* .\n\nFor more information about activating your agent in a private network based on a VPC, see [Using AWS DataSync in a Virtual Private Cloud](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-in-vpc.html) in the *AWS DataSync User Guide.*\n\nA VPC endpoint ID looks like this: `vpce-01234d5aff67890e1` .", - "title": "VpcEndpointId", + "Key": { + "markdownDescription": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", + "title": "Key", "type": "string" } }, + "required": [ + "InstanceId", + "Key" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::Agent" + "AWS::Connect::SecurityKey" ], "type": "string" }, @@ -61494,11 +67126,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataSync::LocationAzureBlob": { + "AWS::Connect::SecurityProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -61533,62 +67166,84 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { + "AllowedAccessControlHierarchyGroupId": { + "markdownDescription": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.", + "title": "AllowedAccessControlHierarchyGroupId", + "type": "string" + }, + "AllowedAccessControlTags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "(Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", - "title": "AgentArns", + "markdownDescription": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect.", + "title": "AllowedAccessControlTags", "type": "array" }, - "AzureAccessTier": { - "markdownDescription": "Specifies the access tier that you want your objects or files transferred into. This only applies when using the location as a transfer destination. For more information, see [Access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) .", - "title": "AzureAccessTier", - "type": "string" + "Applications": { + "items": { + "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" + }, + "markdownDescription": "", + "title": "Applications", + "type": "array" }, - "AzureBlobAuthenticationType": { - "markdownDescription": "Specifies the authentication method DataSync uses to access your Azure Blob Storage. DataSync can access blob storage using a shared access signature (SAS).", - "title": "AzureBlobAuthenticationType", + "Description": { + "markdownDescription": "The description of the security profile.", + "title": "Description", "type": "string" }, - "AzureBlobContainerUrl": { - "markdownDescription": "Specifies the URL of the Azure Blob Storage container involved in your transfer.", - "title": "AzureBlobContainerUrl", + "HierarchyRestrictedResources": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: `User` .", + "title": "HierarchyRestrictedResources", + "type": "array" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "AzureBlobSasConfiguration": { - "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration", - "markdownDescription": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage.\n\n> If you provide an authentication token using `SasConfiguration` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's secrets manager secret.", - "title": "AzureBlobSasConfiguration" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "Permissions assigned to the security profile. For a list of valid permissions, see [List of security profile permissions](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html) .", + "title": "Permissions", + "type": "array" }, - "AzureBlobType": { - "markdownDescription": "Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Currently, DataSync only supports moving data into Azure Blob Storage as block blobs. For more information on blob types, see the [Azure Blob Storage documentation](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs) .", - "title": "AzureBlobType", + "SecurityProfileName": { + "markdownDescription": "The name for the security profile.", + "title": "SecurityProfileName", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ).", - "title": "Subdirectory", - "type": "string" + "TagRestrictedResources": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources that a security profile applies tag restrictions to in Amazon Connect.", + "title": "TagRestrictedResources", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "AgentArns", - "AzureBlobAuthenticationType" + "InstanceArn", + "SecurityProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationAzureBlob" + "AWS::Connect::SecurityProfile" ], "type": "string" }, @@ -61607,21 +67262,30 @@ ], "type": "object" }, - "AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration": { + "AWS::Connect::SecurityProfile.Application": { "additionalProperties": false, "properties": { - "AzureBlobSasToken": { - "markdownDescription": "Specifies a SAS token that provides permissions to access your Azure Blob Storage.\n\nThe token is part of the SAS URI string that comes after the storage resource URI and a question mark. A token looks something like this:\n\n`sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D`", - "title": "AzureBlobSasToken", + "ApplicationPermissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions that the agent is granted on the application. Only the `ACCESS` permission is supported.", + "title": "ApplicationPermissions", + "type": "array" + }, + "Namespace": { + "markdownDescription": "Namespace of the application that you want to give access to.", + "title": "Namespace", "type": "string" } }, "required": [ - "AzureBlobSasToken" + "ApplicationPermissions", + "Namespace" ], "type": "object" }, - "AWS::DataSync::LocationEFS": { + "AWS::Connect::TaskTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -61656,53 +67320,79 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPointArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to mount your Amazon EFS file system.\n\nFor more information, see [Accessing restricted file systems](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam) .", - "title": "AccessPointArn", + "ClientToken": { + "markdownDescription": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "title": "ClientToken", "type": "string" }, - "Ec2Config": { - "$ref": "#/definitions/AWS::DataSync::LocationEFS.Ec2Config", - "markdownDescription": "Specifies the subnet and security groups DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) .", - "title": "Ec2Config" + "Constraints": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.Constraints", + "markdownDescription": "Constraints that are applicable to the fields listed.\n\nThe values can be represented in either JSON or YAML format. For an example of the JSON configuration, see *Examples* at the bottom of this page.", + "title": "Constraints" }, - "EfsFilesystemArn": { - "markdownDescription": "Specifies the ARN for your Amazon EFS file system.", - "title": "EfsFilesystemArn", + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow that runs by default when a task is created by referencing this template. `ContactFlowArn` is not required when there is a field with `fieldType` = `QUICK_CONNECT` .", + "title": "ContactFlowArn", "type": "string" }, - "FileSystemAccessRoleArn": { - "markdownDescription": "Specifies an AWS Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system.\n\nFor information on creating this role, see [Creating a DataSync IAM role for file system access](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam-role) .", - "title": "FileSystemAccessRoleArn", + "Defaults": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.DefaultFieldValue" + }, + "markdownDescription": "The default values for fields when a task is created by referencing this template.", + "title": "Defaults", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the task template.", + "title": "Description", "type": "string" }, - "InTransitEncryption": { - "markdownDescription": "Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it transfers data to or from your Amazon EFS file system.\n\nIf you specify an access point using `AccessPointArn` or an IAM role using `FileSystemAccessRoleArn` , you must set this parameter to `TLS1_2` .", - "title": "InTransitEncryption", + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.Field" + }, + "markdownDescription": "Fields that are part of the template. A template requires at least one field that has type `Name` .", + "title": "Fields", + "type": "array" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location).\n\nBy default, DataSync uses the root directory (or [access point](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) if you provide one by using `AccessPointArn` ). You can also include subdirectories using forward slashes (for example, `/path/to/folder` ).", - "title": "Subdirectory", + "Name": { + "markdownDescription": "The name of the task template.", + "title": "Name", + "type": "string" + }, + "SelfAssignContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "SelfAssignContactFlowArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the task template.", + "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" } }, "required": [ - "Ec2Config" + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationEFS" + "AWS::Connect::TaskTemplate" ], "type": "string" }, @@ -61721,30 +67411,146 @@ ], "type": "object" }, - "AWS::DataSync::LocationEFS.Ec2Config": { + "AWS::Connect::TaskTemplate.Constraints": { "additionalProperties": false, "properties": { - "SecurityGroupArns": { + "InvisibleFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.InvisibleFieldInfo" + }, + "markdownDescription": "Lists the fields that are invisible to agents.", + "title": "InvisibleFields", + "type": "array" + }, + "ReadOnlyFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.ReadOnlyFieldInfo" + }, + "markdownDescription": "Lists the fields that are read-only to agents, and cannot be edited.", + "title": "ReadOnlyFields", + "type": "array" + }, + "RequiredFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.RequiredFieldInfo" + }, + "markdownDescription": "Lists the fields that are required to be filled by agents.", + "title": "RequiredFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Connect::TaskTemplate.DefaultFieldValue": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "Default value for the field.", + "title": "DefaultValue", + "type": "string" + }, + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of a field.", + "title": "Id" + } + }, + "required": [ + "DefaultValue", + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.Field": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the field.", + "title": "Description", + "type": "string" + }, + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "The unique identifier for the field.", + "title": "Id" + }, + "SingleSelectOptions": { "items": { "type": "string" }, - "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target.", - "title": "SecurityGroupArns", + "markdownDescription": "A list of options for a single select field.", + "title": "SingleSelectOptions", "type": "array" }, - "SubnetArn": { - "markdownDescription": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces.html) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target.", - "title": "SubnetArn", + "Type": { + "markdownDescription": "Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL`", + "title": "Type", "type": "string" } }, "required": [ - "SecurityGroupArns", - "SubnetArn" + "Id", + "Type" ], "type": "object" }, - "AWS::DataSync::LocationFSxLustre": { + "AWS::Connect::TaskTemplate.FieldIdentifier": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the task template field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.InvisibleFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of the invisible field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.ReadOnlyFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of the read-only field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.RequiredFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "The unique identifier for the field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TrafficDistributionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -61779,41 +67585,39 @@ "Properties": { "additionalProperties": false, "properties": { - "FsxFilesystemArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system.", - "title": "FsxFilesystemArn", + "Description": { + "markdownDescription": "The description of the traffic distribution group.", + "title": "Description", "type": "string" }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for Lustre file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN).", + "title": "InstanceArn", + "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories.\n\nWhen the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory ( `/` ).", - "title": "Subdirectory", + "Name": { + "markdownDescription": "The name of the traffic distribution group.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, {\"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "SecurityGroupArns" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxLustre" + "AWS::Connect::TrafficDistributionGroup" ], "type": "string" }, @@ -61832,7 +67636,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP": { + "AWS::Connect::User": { "additionalProperties": false, "properties": { "Condition": { @@ -61867,47 +67671,83 @@ "Properties": { "additionalProperties": false, "properties": { - "Protocol": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.Protocol", - "markdownDescription": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.", - "title": "Protocol" + "DirectoryUserId": { + "markdownDescription": "The identifier of the user account in the directory used for identity management.", + "title": "DirectoryUserId", + "type": "string" }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups that DataSync can use to access your FSx for ONTAP file system. You must configure the security groups to allow outbound traffic on the following ports (depending on the protocol that you're using):\n\n- *Network File System (NFS)* : TCP ports 111, 635, and 2049\n- *Server Message Block (SMB)* : TCP port 445\n\nYour file system's security groups must also allow inbound traffic on the same port.", - "title": "SecurityGroupArns", - "type": "array" + "HierarchyGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's hierarchy group.", + "title": "HierarchyGroupArn", + "type": "string" }, - "StorageVirtualMachineArn": { - "markdownDescription": "Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from.", - "title": "StorageVirtualMachineArn", + "IdentityInfo": { + "$ref": "#/definitions/AWS::Connect::User.UserIdentityInfo", + "markdownDescription": "Information about the user identity.", + "title": "IdentityInfo" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a path to the file share in the SVM where you want to transfer data to or from.\n\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be `/vol1` , `/vol1/tree1` , or `/share1` .\n\n> Don't specify a junction path in the SVM's root volume. For more information, see [Managing FSx for ONTAP storage virtual machines](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) in the *Amazon FSx for NetApp ONTAP User Guide* .", - "title": "Subdirectory", + "Password": { + "markdownDescription": "The user's password.", + "title": "Password", + "type": "string" + }, + "PhoneConfig": { + "$ref": "#/definitions/AWS::Connect::User.UserPhoneConfig", + "markdownDescription": "Information about the phone configuration for the user.", + "title": "PhoneConfig" + }, + "RoutingProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's routing profile.", + "title": "RoutingProfileArn", "type": "string" }, + "SecurityProfileArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the user's security profile.", + "title": "SecurityProfileArns", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" + }, + "UserProficiencies": { + "items": { + "$ref": "#/definitions/AWS::Connect::User.UserProficiency" + }, + "markdownDescription": "One or more predefined attributes assigned to a user, with a numeric value that indicates how their level of skill in a specified area.", + "title": "UserProficiencies", + "type": "array" + }, + "Username": { + "markdownDescription": "The user name assigned to the user account.", + "title": "Username", + "type": "string" } }, "required": [ - "SecurityGroupArns", - "StorageVirtualMachineArn" + "InstanceArn", + "PhoneConfig", + "RoutingProfileArn", + "SecurityProfileArns", + "Username" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxONTAP" + "AWS::Connect::User" ], "type": "string" }, @@ -61926,90 +67766,93 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.NFS": { - "additionalProperties": false, - "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NfsMountOptions", - "markdownDescription": "Specifies how DataSync can access a location using the NFS protocol.", - "title": "MountOptions" - } - }, - "required": [ - "MountOptions" - ], - "type": "object" - }, - "AWS::DataSync::LocationFSxONTAP.NfsMountOptions": { + "AWS::Connect::User.UserIdentityInfo": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", - "title": "Version", + "Email": { + "markdownDescription": "The email address. If you are using SAML for identity management and include this parameter, an error is returned.", + "title": "Email", "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxONTAP.Protocol": { - "additionalProperties": false, - "properties": { - "NFS": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NFS", - "markdownDescription": "Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM).", - "title": "NFS" }, - "SMB": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SMB", - "markdownDescription": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.", - "title": "SMB" + "FirstName": { + "markdownDescription": "The first name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", + "title": "FirstName", + "type": "string" + }, + "LastName": { + "markdownDescription": "The last name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", + "title": "LastName", + "type": "string" + }, + "Mobile": { + "markdownDescription": "The user's mobile number.", + "title": "Mobile", + "type": "string" + }, + "SecondaryEmail": { + "markdownDescription": "The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.\n\n*Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}`", + "title": "SecondaryEmail", + "type": "string" } }, "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.SMB": { + "AWS::Connect::User.UserPhoneConfig": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.", - "title": "Domain", - "type": "string" + "AfterContactWorkTimeLimit": { + "markdownDescription": "The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.\n\n> When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds.", + "title": "AfterContactWorkTimeLimit", + "type": "number" }, - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", - "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", - "title": "MountOptions" + "AutoAccept": { + "markdownDescription": "The Auto accept setting.", + "title": "AutoAccept", + "type": "boolean" }, - "Password": { - "markdownDescription": "Specifies the password of a user who has permission to access your SVM.", - "title": "Password", + "DeskPhoneNumber": { + "markdownDescription": "The phone number for the user's desk phone.", + "title": "DeskPhoneNumber", "type": "string" }, - "User": { - "markdownDescription": "Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM.\n\nIf you provide a user in your Active Directory, note the following:\n\n- If you're using AWS Directory Service for Microsoft Active Directory , the user must be a member of the AWS Delegated FSx Administrators group.\n- If you're using a self-managed Active Directory, the user must be a member of either the Domain Admins group or a custom group that you specified for file system administration when you created your file system.\n\nMake sure that the user has the permissions it needs to copy the data you want:\n\n- `SE_TCB_NAME` : Required to set object ownership and file metadata. With this privilege, you also can copy NTFS discretionary access lists (DACLs).\n- `SE_SECURITY_NAME` : May be needed to copy NTFS system access control lists (SACLs). This operation specifically requires the Windows privilege, which is granted to members of the Domain Admins group. If you configure your task to copy SACLs, make sure that the user has the required privileges. For information about copying SACLs, see [Ownership and permissions-related options](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html#configure-ownership-and-permissions) .", - "title": "User", + "PhoneType": { + "markdownDescription": "The phone type.", + "title": "PhoneType", "type": "string" } }, "required": [ - "MountOptions", - "Password", - "User" + "PhoneType" ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.SmbMountOptions": { + "AWS::Connect::User.UserProficiency": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", - "title": "Version", + "AttributeName": { + "markdownDescription": "The name of user\u2019s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance.", + "title": "AttributeName", + "type": "string" + }, + "AttributeValue": { + "markdownDescription": "The value of user\u2019s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance.", + "title": "AttributeValue", "type": "string" + }, + "Level": { + "markdownDescription": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5.", + "title": "Level", + "type": "number" } }, + "required": [ + "AttributeName", + "AttributeValue", + "Level" + ], "type": "object" }, - "AWS::DataSync::LocationFSxOpenZFS": { + "AWS::Connect::UserHierarchyGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -62044,47 +67887,39 @@ "Properties": { "additionalProperties": false, "properties": { - "FsxFilesystemArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the FSx for OpenZFS file system.", - "title": "FsxFilesystemArn", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user hierarchy group.", + "title": "InstanceArn", "type": "string" }, - "Protocol": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.Protocol", - "markdownDescription": "The type of protocol that AWS DataSync uses to access your file system.", - "title": "Protocol" - }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for OpenZFS file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" + "Name": { + "markdownDescription": "The name of the user hierarchy group.", + "title": "Name", + "type": "string" }, - "Subdirectory": { - "markdownDescription": "A subdirectory in the location's path that must begin with `/fsx` . DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).", - "title": "Subdirectory", + "ParentGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the parent group.", + "title": "ParentGroupArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "Protocol", - "SecurityGroupArns" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxOpenZFS" + "AWS::Connect::UserHierarchyGroup" ], "type": "string" }, @@ -62103,43 +67938,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxOpenZFS.MountOptions": { - "additionalProperties": false, - "properties": { - "Version": { - "markdownDescription": "The specific NFS version that you want DataSync to use to mount your NFS share. If the server refuses to use the version specified, the sync will fail. If you don't specify a version, DataSync defaults to `AUTOMATIC` . That is, DataSync automatically selects a version based on negotiation with the NFS server.\n\nYou can specify the following NFS versions:\n\n- *[NFSv3](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc1813)* : Stateless protocol version that allows for asynchronous writes on the server.\n- *[NFSv4.0](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3530)* : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- *[NFSv4.1](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5661)* : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. Version 4.1 also includes all features available in version 4.0.", - "title": "Version", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxOpenZFS.NFS": { - "additionalProperties": false, - "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.MountOptions", - "markdownDescription": "Represents the mount options that are available for DataSync to access an NFS location.", - "title": "MountOptions" - } - }, - "required": [ - "MountOptions" - ], - "type": "object" - }, - "AWS::DataSync::LocationFSxOpenZFS.Protocol": { - "additionalProperties": false, - "properties": { - "NFS": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.NFS", - "markdownDescription": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system.", - "title": "NFS" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxWindows": { + "AWS::Connect::UserHierarchyStructure": { "additionalProperties": false, "properties": { "Condition": { @@ -62174,57 +67973,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", - "title": "Domain", - "type": "string" - }, - "FsxFilesystemArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file system.", - "title": "FsxFilesystemArn", - "type": "string" - }, - "Password": { - "markdownDescription": "Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.", - "title": "Password", - "type": "string" - }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups that are used to configure the FSx for Windows File Server file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" - }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your file system using forward slashes. This is where DataSync reads or writes data (depending on if this is a source or destination location).", - "title": "Subdirectory", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", - "title": "Tags", - "type": "array" - }, - "User": { - "markdownDescription": "The user who has the permissions to access files and folders in the FSx for Windows File Server file system.\n\nFor information about choosing a user name that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-fsx-location.html#FSxWuser) .", - "title": "User", - "type": "string" + "UserHierarchyStructure": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.UserHierarchyStructure", + "markdownDescription": "Contains information about a hierarchy structure.", + "title": "UserHierarchyStructure" } }, "required": [ - "SecurityGroupArns", - "User" + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxWindows" + "AWS::Connect::UserHierarchyStructure" ], "type": "string" }, @@ -62243,7 +68010,158 @@ ], "type": "object" }, - "AWS::DataSync::LocationHDFS": { + "AWS::Connect::UserHierarchyStructure.LevelFive": { + "additionalProperties": false, + "properties": { + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", + "type": "string" + }, + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::UserHierarchyStructure.LevelFour": { + "additionalProperties": false, + "properties": { + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", + "type": "string" + }, + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::UserHierarchyStructure.LevelOne": { + "additionalProperties": false, + "properties": { + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", + "type": "string" + }, + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::UserHierarchyStructure.LevelThree": { + "additionalProperties": false, + "properties": { + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", + "type": "string" + }, + "HierarchyLevelId": { + "markdownDescription": "", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::UserHierarchyStructure.LevelTwo": { + "additionalProperties": false, + "properties": { + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", + "type": "string" + }, + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::UserHierarchyStructure.UserHierarchyStructure": { + "additionalProperties": false, + "properties": { + "LevelFive": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelFive", + "markdownDescription": "", + "title": "LevelFive" + }, + "LevelFour": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelFour", + "markdownDescription": "The update for level four.", + "title": "LevelFour" + }, + "LevelOne": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelOne", + "markdownDescription": "The update for level one.", + "title": "LevelOne" + }, + "LevelThree": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelThree", + "markdownDescription": "The update for level three.", + "title": "LevelThree" + }, + "LevelTwo": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelTwo", + "markdownDescription": "The update for level two.", + "title": "LevelTwo" + } + }, + "type": "object" + }, + "AWS::Connect::View": { "additionalProperties": false, "properties": { "Condition": { @@ -62278,91 +68196,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your HDFS cluster.", - "title": "AgentArns", + "markdownDescription": "A list of actions possible from the view.", + "title": "Actions", "type": "array" }, - "AuthenticationType": { - "markdownDescription": "", - "title": "AuthenticationType", - "type": "string" - }, - "BlockSize": { - "markdownDescription": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).", - "title": "BlockSize", - "type": "number" - }, - "KerberosKeytab": { - "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", - "title": "KerberosKeytab", - "type": "string" - }, - "KerberosKrb5Conf": { - "markdownDescription": "The `krb5.conf` file that contains the Kerberos configuration information. You can load the `krb5.conf` by providing a string of the file's contents or an Amazon S3 presigned URL of the file. If `KERBEROS` is specified for `AuthType` , this value is required.", - "title": "KerberosKrb5Conf", - "type": "string" - }, - "KerberosPrincipal": { - "markdownDescription": "The Kerberos principal with access to the files and folders on the HDFS cluster.\n\n> If `KERBEROS` is specified for `AuthenticationType` , this parameter is required.", - "title": "KerberosPrincipal", - "type": "string" - }, - "KmsKeyProviderUri": { - "markdownDescription": "The URI of the HDFS cluster's Key Management Server (KMS).", - "title": "KmsKeyProviderUri", + "Description": { + "markdownDescription": "The description of the view.", + "title": "Description", "type": "string" }, - "NameNodes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::LocationHDFS.NameNode" - }, - "markdownDescription": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.", - "title": "NameNodes", - "type": "array" - }, - "QopConfiguration": { - "$ref": "#/definitions/AWS::DataSync::LocationHDFS.QopConfiguration", - "markdownDescription": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value.", - "title": "QopConfiguration" - }, - "ReplicationFactor": { - "markdownDescription": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.", - "title": "ReplicationFactor", - "type": "number" - }, - "SimpleUser": { - "markdownDescription": "The user name used to identify the client on the host operating system.\n\n> If `SIMPLE` is specified for `AuthenticationType` , this parameter is required.", - "title": "SimpleUser", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to `/` .", - "title": "Subdirectory", + "Name": { + "markdownDescription": "The name of the view.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources.", + "markdownDescription": "The tags associated with the view resource (not specific to view version).", "title": "Tags", "type": "array" + }, + "Template": { + "markdownDescription": "The view template representing the structure of the view.", + "title": "Template", + "type": "object" } }, "required": [ - "AgentArns", - "AuthenticationType", - "NameNodes" + "Actions", + "InstanceArn", + "Name", + "Template" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationHDFS" + "AWS::Connect::View" ], "type": "string" }, @@ -62381,43 +68262,84 @@ ], "type": "object" }, - "AWS::DataSync::LocationHDFS.NameNode": { + "AWS::Connect::ViewVersion": { "additionalProperties": false, "properties": { - "Hostname": { - "markdownDescription": "The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.", - "title": "Hostname", + "Condition": { "type": "string" }, - "Port": { - "markdownDescription": "The port that the NameNode uses to listen to client requests.", - "title": "Port", - "type": "number" - } - }, - "required": [ - "Hostname", - "Port" - ], - "type": "object" - }, - "AWS::DataSync::LocationHDFS.QopConfiguration": { - "additionalProperties": false, - "properties": { - "DataTransferProtection": { - "markdownDescription": "The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your `dfs.data.transfer.protection` setting in the `hdfs-site.xml` file on your Hadoop cluster.", - "title": "DataTransferProtection", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RpcProtection": { - "markdownDescription": "The Remote Procedure Call (RPC) protection setting configured on the HDFS cluster. This setting corresponds to your `hadoop.rpc.protection` setting in your `core-site.xml` file on your Hadoop cluster.", - "title": "RpcProtection", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "VersionDescription": { + "markdownDescription": "The description of the view version.", + "title": "VersionDescription", + "type": "string" + }, + "ViewArn": { + "markdownDescription": "The unqualified Amazon Resource Name (ARN) of the view.\n\nFor example:\n\n`arn::connect:::instance/00000000-0000-0000-0000-000000000000/view/00000000-0000-0000-0000-000000000000`", + "title": "ViewArn", + "type": "string" + }, + "ViewContentSha256": { + "markdownDescription": "Indicates the checksum value of the latest published view content.", + "title": "ViewContentSha256", + "type": "string" + } + }, + "required": [ + "ViewArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::ViewVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DataSync::LocationNFS": { + "AWS::ConnectCampaigns::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -62452,43 +68374,46 @@ "Properties": { "additionalProperties": false, "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationNFS.MountOptions", - "markdownDescription": "Specifies the options that DataSync can use to mount your NFS file server.", - "title": "MountOptions" + "ConnectInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "ConnectInstanceArn", + "type": "string" }, - "OnPremConfig": { - "$ref": "#/definitions/AWS::DataSync::LocationNFS.OnPremConfig", - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", - "title": "OnPremConfig" + "DialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.DialerConfig", + "markdownDescription": "Contains information about the dialer configuration.", + "title": "DialerConfig" }, - "ServerHostname": { - "markdownDescription": "Specifies the DNS name or IP version 4 address of the NFS file server that your DataSync agent connects to.", - "title": "ServerHostname", + "Name": { + "markdownDescription": "The name of the campaign.", + "title": "Name", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", - "title": "Subdirectory", - "type": "string" + "OutboundCallConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.OutboundCallConfig", + "markdownDescription": "Contains information about the outbound call configuration.", + "title": "OutboundCallConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "OnPremConfig" + "ConnectInstanceArn", + "DialerConfig", + "Name", + "OutboundCallConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationNFS" + "AWS::ConnectCampaigns::Campaign" ], "type": "string" }, @@ -62507,35 +68432,125 @@ ], "type": "object" }, - "AWS::DataSync::LocationNFS.MountOptions": { + "AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", - "title": "Version", + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig": { + "additionalProperties": false, + "properties": { + "AwaitAnswerMachinePrompt": { + "markdownDescription": "Whether waiting for answer machine prompt is enabled.", + "title": "AwaitAnswerMachinePrompt", + "type": "boolean" + }, + "EnableAnswerMachineDetection": { + "markdownDescription": "Whether answering machine detection is enabled.", + "title": "EnableAnswerMachineDetection", + "type": "boolean" + } + }, + "required": [ + "EnableAnswerMachineDetection" + ], + "type": "object" + }, + "AWS::ConnectCampaigns::Campaign.DialerConfig": { + "additionalProperties": false, + "properties": { + "AgentlessDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig", + "markdownDescription": "The configuration of the agentless dialer.", + "title": "AgentlessDialerConfig" + }, + "PredictiveDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig", + "markdownDescription": "The configuration of the predictive dialer.", + "title": "PredictiveDialerConfig" + }, + "ProgressiveDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig", + "markdownDescription": "The configuration of the progressive dialer.", + "title": "ProgressiveDialerConfig" + } + }, + "type": "object" + }, + "AWS::ConnectCampaigns::Campaign.OutboundCallConfig": { + "additionalProperties": false, + "properties": { + "AnswerMachineDetectionConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig", + "markdownDescription": "Whether answering machine detection has been enabled.", + "title": "AnswerMachineDetectionConfig" + }, + "ConnectContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ConnectContactFlowArn", + "type": "string" + }, + "ConnectQueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "ConnectQueueArn", + "type": "string" + }, + "ConnectSourcePhoneNumber": { + "markdownDescription": "The phone number associated with the outbound call. This is the caller ID that is displayed to customers when an agent calls them.", + "title": "ConnectSourcePhoneNumber", "type": "string" } }, + "required": [ + "ConnectContactFlowArn" + ], "type": "object" }, - "AWS::DataSync::LocationNFS.OnPremConfig": { + "AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig": { "additionalProperties": false, "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", - "title": "AgentArns", - "type": "array" + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the predictive dialer.", + "title": "BandwidthAllocation", + "type": "number" + }, + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", + "type": "number" } }, "required": [ - "AgentArns" + "BandwidthAllocation" ], "type": "object" }, - "AWS::DataSync::LocationObjectStorage": { + "AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the progressive dialer.", + "title": "BandwidthAllocation", + "type": "number" + }, + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -62570,71 +68585,65 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessKey": { - "markdownDescription": "Specifies the access key (for example, a user name) if credentials are required to authenticate with the object storage server.", - "title": "AccessKey", - "type": "string" + "ChannelSubtypeConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.ChannelSubtypeConfig", + "markdownDescription": "Contains channel subtype configuration for an outbound campaign.", + "title": "ChannelSubtypeConfig" }, - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "(Optional) Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", - "title": "AgentArns", - "type": "array" + "CommunicationLimitsOverride": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimitsConfig", + "markdownDescription": "Communication limits configuration for an outbound campaign.", + "title": "CommunicationLimitsOverride" }, - "BucketName": { - "markdownDescription": "Specifies the name of the object storage bucket involved in the transfer.", - "title": "BucketName", - "type": "string" + "CommunicationTimeConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationTimeConfig", + "markdownDescription": "Contains communication time configuration for an outbound campaign.", + "title": "CommunicationTimeConfig" }, - "SecretKey": { - "markdownDescription": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.\n\n> If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.", - "title": "SecretKey", + "ConnectCampaignFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect campaign flow associated with the outbound campaign.", + "title": "ConnectCampaignFlowArn", "type": "string" }, - "ServerCertificate": { - "markdownDescription": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", - "title": "ServerCertificate", + "ConnectInstanceId": { + "markdownDescription": "The identifier of the Amazon Connect instance. You can find the `instanceId` in the ARN of the instance.", + "title": "ConnectInstanceId", "type": "string" }, - "ServerHostname": { - "markdownDescription": "Specifies the domain name or IP version 4 (IPv4) address of the object storage server that your DataSync agent connects to.", - "title": "ServerHostname", + "Name": { + "markdownDescription": "The name of the outbound campaign.", + "title": "Name", "type": "string" }, - "ServerPort": { - "markdownDescription": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", - "title": "ServerPort", - "type": "number" - }, - "ServerProtocol": { - "markdownDescription": "Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .", - "title": "ServerProtocol", - "type": "string" + "Schedule": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.Schedule", + "markdownDescription": "Contains the schedule configuration.", + "title": "Schedule" }, - "Subdirectory": { - "markdownDescription": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", - "title": "Subdirectory", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.Source", + "markdownDescription": "Contains source configuration.", + "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. Tags can help you manage, filter, and search for your resources. We recommend creating a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, `{ \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }` .", "title": "Tags", "type": "array" } }, "required": [ - "AgentArns" + "ChannelSubtypeConfig", + "ConnectInstanceId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationObjectStorage" + "AWS::ConnectCampaignsV2::Campaign" ], "type": "string" }, @@ -62653,7 +68662,540 @@ ], "type": "object" }, - "AWS::DataSync::LocationS3": { + "AWS::ConnectCampaignsV2::Campaign.AnswerMachineDetectionConfig": { + "additionalProperties": false, + "properties": { + "AwaitAnswerMachinePrompt": { + "markdownDescription": "Whether or not waiting for an answer machine prompt is enabled.", + "title": "AwaitAnswerMachinePrompt", + "type": "boolean" + }, + "EnableAnswerMachineDetection": { + "markdownDescription": "Enables answering machine detection.", + "title": "EnableAnswerMachineDetection", + "type": "boolean" + } + }, + "required": [ + "EnableAnswerMachineDetection" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.ChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Email": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailChannelSubtypeConfig", + "markdownDescription": "The configuration of the email channel subtype.", + "title": "Email" + }, + "Sms": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsChannelSubtypeConfig", + "markdownDescription": "The configuration of the SMS channel subtype.", + "title": "Sms" + }, + "Telephony": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyChannelSubtypeConfig", + "markdownDescription": "The configuration of the telephony channel subtype.", + "title": "Telephony" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimit": { + "additionalProperties": false, + "properties": { + "Frequency": { + "markdownDescription": "The frequency of communication limit evaluation.", + "title": "Frequency", + "type": "number" + }, + "MaxCountPerRecipient": { + "markdownDescription": "The maximum outreaching count for each recipient.", + "title": "MaxCountPerRecipient", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of communication limit evaluation.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Frequency", + "MaxCountPerRecipient", + "Unit" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimits": { + "additionalProperties": false, + "properties": { + "CommunicationLimitList": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimit" + }, + "markdownDescription": "The list of CommunicationLimits.", + "title": "CommunicationLimitList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimitsConfig": { + "additionalProperties": false, + "properties": { + "AllChannelsSubtypes": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimits", + "markdownDescription": "The CommunicationLimits that apply to all channel subtypes defined in an outbound campaign.", + "title": "AllChannelsSubtypes" + }, + "InstanceLimitsHandling": { + "markdownDescription": "Opt-in or Opt-out from instance-level limits.", + "title": "InstanceLimitsHandling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.CommunicationTimeConfig": { + "additionalProperties": false, + "properties": { + "Email": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the email channel subtype.", + "title": "Email" + }, + "LocalTimeZoneConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.LocalTimeZoneConfig", + "markdownDescription": "The local timezone configuration.", + "title": "LocalTimeZoneConfig" + }, + "Sms": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the SMS channel subtype.", + "title": "Sms" + }, + "Telephony": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the telephony channel subtype.", + "title": "Telephony" + } + }, + "required": [ + "LocalTimeZoneConfig" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.DailyHour": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key for DailyHour.", + "title": "Key", + "type": "string" + }, + "Value": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeRange" + }, + "markdownDescription": "The value for DailyHour.", + "title": "Value", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The allocation of email capacity between multiple running outbound campaigns.", + "title": "Capacity", + "type": "number" + }, + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailOutboundConfig", + "markdownDescription": "The default email outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" + }, + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailOutboundMode", + "markdownDescription": "The outbound mode for email of an outbound campaign.", + "title": "OutboundMode" + } + }, + "required": [ + "DefaultOutboundConfig", + "OutboundMode" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailOutboundConfig": { + "additionalProperties": false, + "properties": { + "ConnectSourceEmailAddress": { + "markdownDescription": "The Amazon Connect source email address.", + "title": "ConnectSourceEmailAddress", + "type": "string" + }, + "SourceEmailAddressDisplayName": { + "markdownDescription": "The display name for the Amazon Connect source email address.", + "title": "SourceEmailAddressDisplayName", + "type": "string" + }, + "WisdomTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Q in Connect template.", + "title": "WisdomTemplateArn", + "type": "string" + } + }, + "required": [ + "ConnectSourceEmailAddress", + "WisdomTemplateArn" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailOutboundMode": { + "additionalProperties": false, + "properties": { + "AgentlessConfig": { + "markdownDescription": "The agentless outbound mode configuration for email.", + "title": "AgentlessConfig", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EventTrigger": { + "additionalProperties": false, + "properties": { + "CustomerProfilesDomainArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Customer Profiles domain.", + "title": "CustomerProfilesDomainArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.LocalTimeZoneConfig": { + "additionalProperties": false, + "properties": { + "DefaultTimeZone": { + "markdownDescription": "The timezone to use for all recipients.", + "title": "DefaultTimeZone", + "type": "string" + }, + "LocalTimeZoneDetection": { + "items": { + "type": "string" + }, + "markdownDescription": "Detects methods for the recipient's timezone.", + "title": "LocalTimeZoneDetection", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.OpenHours": { + "additionalProperties": false, + "properties": { + "DailyHours": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.DailyHour" + }, + "markdownDescription": "The daily hours configuration.", + "title": "DailyHours", + "type": "array" + } + }, + "required": [ + "DailyHours" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.PredictiveConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the predictive outbound mode.", + "title": "BandwidthAllocation", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.ProgressiveConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the progressive outbound mode.", + "title": "BandwidthAllocation", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.RestrictedPeriod": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date of the restricted period.", + "title": "EndDate", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the restricted period.", + "title": "Name", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date of the restricted period.", + "title": "StartDate", + "type": "string" + } + }, + "required": [ + "EndDate", + "StartDate" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.RestrictedPeriods": { + "additionalProperties": false, + "properties": { + "RestrictedPeriodList": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.RestrictedPeriod" + }, + "markdownDescription": "The restricted period list.", + "title": "RestrictedPeriodList", + "type": "array" + } + }, + "required": [ + "RestrictedPeriodList" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.Schedule": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The end time of the schedule in UTC.", + "title": "EndTime", + "type": "string" + }, + "RefreshFrequency": { + "markdownDescription": "The refresh frequency of the campaign.", + "title": "RefreshFrequency", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time of the schedule in UTC.", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "EndTime", + "StartTime" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.SmsChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The allocation of SMS capacity between multiple running outbound campaigns.", + "title": "Capacity", + "type": "number" + }, + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsOutboundConfig", + "markdownDescription": "The default SMS outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" + }, + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsOutboundMode", + "markdownDescription": "The outbound mode of SMS for an outbound campaign.", + "title": "OutboundMode" + } + }, + "required": [ + "DefaultOutboundConfig", + "OutboundMode" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.SmsOutboundConfig": { + "additionalProperties": false, + "properties": { + "ConnectSourcePhoneNumberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect source SMS phone number.", + "title": "ConnectSourcePhoneNumberArn", + "type": "string" + }, + "WisdomTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Q in Connect template.", + "title": "WisdomTemplateArn", + "type": "string" + } + }, + "required": [ + "ConnectSourcePhoneNumberArn", + "WisdomTemplateArn" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.SmsOutboundMode": { + "additionalProperties": false, + "properties": { + "AgentlessConfig": { + "markdownDescription": "Contains agentless outbound mode configuration.", + "title": "AgentlessConfig", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.Source": { + "additionalProperties": false, + "properties": { + "CustomerProfilesSegmentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Customer Profiles segment.", + "title": "CustomerProfilesSegmentArn", + "type": "string" + }, + "EventTrigger": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EventTrigger", + "markdownDescription": "The event trigger of the campaign.", + "title": "EventTrigger" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TelephonyChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The allocation of telephony capacity between multiple running outbound campaigns.", + "title": "Capacity", + "type": "number" + }, + "ConnectQueueId": { + "markdownDescription": "The identifier of the Amazon Connect queue associated with telephony outbound requests of an outbound campaign.", + "title": "ConnectQueueId", + "type": "string" + }, + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundConfig", + "markdownDescription": "The default telephony outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" + }, + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundMode", + "markdownDescription": "The outbound mode of telephony for an outbound campaign.", + "title": "OutboundMode" + } + }, + "required": [ + "DefaultOutboundConfig", + "OutboundMode" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundConfig": { + "additionalProperties": false, + "properties": { + "AnswerMachineDetectionConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.AnswerMachineDetectionConfig", + "markdownDescription": "The answering machine detection configuration.", + "title": "AnswerMachineDetectionConfig" + }, + "ConnectContactFlowId": { + "markdownDescription": "The identifier of the published Amazon Connect contact flow.", + "title": "ConnectContactFlowId", + "type": "string" + }, + "ConnectSourcePhoneNumber": { + "markdownDescription": "The Amazon Connect source phone number.", + "title": "ConnectSourcePhoneNumber", + "type": "string" + } + }, + "required": [ + "ConnectContactFlowId" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundMode": { + "additionalProperties": false, + "properties": { + "AgentlessConfig": { + "markdownDescription": "The agentless outbound mode configuration for telephony.", + "title": "AgentlessConfig", + "type": "object" + }, + "PredictiveConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.PredictiveConfig", + "markdownDescription": "Contains predictive outbound mode configuration.", + "title": "PredictiveConfig" + }, + "ProgressiveConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.ProgressiveConfig", + "markdownDescription": "Contains progressive telephony outbound mode configuration.", + "title": "ProgressiveConfig" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TimeRange": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The end time of the time range.", + "title": "EndTime", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time of the time range.", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "EndTime", + "StartTime" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TimeWindow": { + "additionalProperties": false, + "properties": { + "OpenHours": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.OpenHours", + "markdownDescription": "The open hours configuration.", + "title": "OpenHours" + }, + "RestrictedPeriods": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.RestrictedPeriods", + "markdownDescription": "The restricted periods configuration.", + "title": "RestrictedPeriods" + } + }, + "required": [ + "OpenHours" + ], + "type": "object" + }, + "AWS::ControlTower::EnabledBaseline": { "additionalProperties": false, "properties": { "Condition": { @@ -62688,43 +69230,48 @@ "Properties": { "additionalProperties": false, "properties": { - "S3BucketArn": { - "markdownDescription": "The ARN of the Amazon S3 bucket.", - "title": "S3BucketArn", + "BaselineIdentifier": { + "markdownDescription": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource.", + "title": "BaselineIdentifier", "type": "string" }, - "S3Config": { - "$ref": "#/definitions/AWS::DataSync::LocationS3.S3Config", - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* .", - "title": "S3Config" - }, - "S3StorageClass": { - "markdownDescription": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. For buckets in AWS Regions , the storage class defaults to S3 Standard.\n\nFor more information about S3 storage classes, see [Amazon S3 Storage Classes](https://docs.aws.amazon.com/s3/storage-classes/) . Some storage classes have behaviors that can affect your S3 storage costs. For detailed information, see [Considerations When Working with Amazon S3 Storage Classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .", - "title": "S3StorageClass", + "BaselineVersion": { + "markdownDescription": "The enabled version of the `Baseline` .", + "title": "BaselineVersion", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a prefix in the S3 bucket that DataSync reads from or writes to (depending on whether the bucket is a source or destination location).\n\n> DataSync can't transfer objects with a prefix that begins with a slash ( `/` ) or includes `//` , `/./` , or `/../` patterns. For example:\n> \n> - `/photos`\n> - `photos//2006/January`\n> - `photos/./2006/February`\n> - `photos/../2006/March`", - "title": "Subdirectory", - "type": "string" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline.Parameter" + }, + "markdownDescription": "Shows the parameters that are applied when enabling this `Baseline` .", + "title": "Parameters", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", + "markdownDescription": "", "title": "Tags", "type": "array" + }, + "TargetIdentifier": { + "markdownDescription": "The target on which to enable the `Baseline` .", + "title": "TargetIdentifier", + "type": "string" } }, "required": [ - "S3Config" + "BaselineIdentifier", + "BaselineVersion", + "TargetIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationS3" + "AWS::ControlTower::EnabledBaseline" ], "type": "string" }, @@ -62743,21 +69290,23 @@ ], "type": "object" }, - "AWS::DataSync::LocationS3.S3Config": { + "AWS::ControlTower::EnabledBaseline.Parameter": { "additionalProperties": false, "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "Specifies the ARN of the IAM role that DataSync uses to access your S3 bucket.", - "title": "BucketAccessRoleArn", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "object" } }, - "required": [ - "BucketAccessRoleArn" - ], "type": "object" }, - "AWS::DataSync::LocationSMB": { + "AWS::ControlTower::EnabledControl": { "additionalProperties": false, "properties": { "Condition": { @@ -62792,62 +69341,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { + "ControlIdentifier": { + "markdownDescription": "The ARN of the control. Only *Strongly recommended* and *Elective* controls are permitted, with the exception of the *Region deny* control. For information on how to find the `controlIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", + "title": "ControlIdentifier", + "type": "string" + }, + "Parameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ControlTower::EnabledControl.EnabledControlParameter" }, - "markdownDescription": "Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).", - "title": "AgentArns", + "markdownDescription": "Array of `EnabledControlParameter` objects.", + "title": "Parameters", "type": "array" }, - "Domain": { - "markdownDescription": "Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nIf you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.", - "title": "Domain", - "type": "string" - }, - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationSMB.MountOptions", - "markdownDescription": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", - "title": "MountOptions" - }, - "Password": { - "markdownDescription": "Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if `AuthenticationType` is set to `NTLM` .", - "title": "Password", - "type": "string" - }, - "ServerHostname": { - "markdownDescription": "Specifies the domain name or IP address of the SMB file server that your DataSync agent connects to.\n\nRemember the following when configuring this parameter:\n\n- You can't specify an IP version 6 (IPv6) address.\n- If you're using Kerberos authentication, you must specify a domain name.", - "title": "ServerHostname", - "type": "string" - }, - "Subdirectory": { - "markdownDescription": "Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, `/path/to/subdirectory` ). Make sure that other SMB clients in your network can also mount this path.\n\nTo copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", - "title": "Subdirectory", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "User": { - "markdownDescription": "Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nFor information about choosing a user with the right level of access for your transfer, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", - "title": "User", + "TargetIdentifier": { + "markdownDescription": "The ARN of the organizational unit. For information on how to find the `targetIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", + "title": "TargetIdentifier", "type": "string" } }, "required": [ - "AgentArns", - "User" + "ControlIdentifier", + "TargetIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationSMB" + "AWS::ControlTower::EnabledControl" ], "type": "string" }, @@ -62866,18 +69395,27 @@ ], "type": "object" }, - "AWS::DataSync::LocationSMB.MountOptions": { + "AWS::ControlTower::EnabledControl.EnabledControlParameter": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", - "title": "Version", + "Key": { + "markdownDescription": "The key of a key/value pair. It is of type `string` .", + "title": "Key", "type": "string" + }, + "Value": { + "markdownDescription": "The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.]", + "title": "Value", + "type": "object" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::DataSync::StorageSystem": { + "AWS::ControlTower::LandingZone": { "additionalProperties": false, "properties": { "Condition": { @@ -62912,44 +69450,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "type": "array" - }, - "CloudWatchLogGroupArn": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "ServerConfiguration": { - "$ref": "#/definitions/AWS::DataSync::StorageSystem.ServerConfiguration" - }, - "ServerCredentials": { - "$ref": "#/definitions/AWS::DataSync::StorageSystem.ServerCredentials" - }, - "SystemType": { - "type": "string" + "Manifest": { + "markdownDescription": "The landing zone manifest JSON text file that specifies the landing zone configurations.", + "title": "Manifest", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, + "markdownDescription": "Tags to be applied to the landing zone.", + "title": "Tags", "type": "array" + }, + "Version": { + "markdownDescription": "The landing zone's current deployed version.", + "title": "Version", + "type": "string" } }, "required": [ - "AgentArns", - "ServerConfiguration", - "SystemType" + "Manifest", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::StorageSystem" + "AWS::ControlTower::LandingZone" ], "type": "string" }, @@ -62968,38 +69496,7 @@ ], "type": "object" }, - "AWS::DataSync::StorageSystem.ServerConfiguration": { - "additionalProperties": false, - "properties": { - "ServerHostname": { - "type": "string" - }, - "ServerPort": { - "type": "number" - } - }, - "required": [ - "ServerHostname" - ], - "type": "object" - }, - "AWS::DataSync::StorageSystem.ServerCredentials": { - "additionalProperties": false, - "properties": { - "Password": { - "type": "string" - }, - "Username": { - "type": "string" - } - }, - "required": [ - "Password", - "Username" - ], - "type": "object" - }, - "AWS::DataSync::Task": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -63034,80 +69531,66 @@ "Properties": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of an Amazon CloudWatch log group for monitoring your task.\n\nFor Enhanced mode tasks, you don't need to specify anything. DataSync automatically sends logs to a CloudWatch log group named `/aws/datasync` .\n\nFor more information, see [Monitoring data transfers with CloudWatch Logs](https://docs.aws.amazon.com/datasync/latest/userguide/configure-logging.html) .", - "title": "CloudWatchLogGroupArn", - "type": "string" + "AttributeDetails": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails", + "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", + "title": "AttributeDetails" }, - "DestinationLocationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS storage resource's location.", - "title": "DestinationLocationArn", + "CalculatedAttributeName": { + "markdownDescription": "The name of an attribute defined in a profile object type.", + "title": "CalculatedAttributeName", "type": "string" }, - "Excludes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" - }, - "markdownDescription": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", - "title": "Excludes", - "type": "array" - }, - "Includes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" - }, - "markdownDescription": "Specifies include filters that define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", - "title": "Includes", - "type": "array" - }, - "ManifestConfig": { - "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfig", - "markdownDescription": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .", - "title": "ManifestConfig" + "Conditions": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions", + "markdownDescription": "The conditions including range, object count, and threshold for the calculated attribute.", + "title": "Conditions" }, - "Name": { - "markdownDescription": "Specifies the name of your task.", - "title": "Name", + "Description": { + "markdownDescription": "The description of the calculated attribute.", + "title": "Description", "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::DataSync::Task.Options", - "markdownDescription": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options.", - "title": "Options" + "DisplayName": { + "markdownDescription": "The display name of the calculated attribute.", + "title": "DisplayName", + "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskSchedule", - "markdownDescription": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) .", - "title": "Schedule" + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", + "type": "string" }, - "SourceLocationArn": { - "markdownDescription": "Specifies the ARN of your transfer's source location.", - "title": "SourceLocationArn", + "Statistic": { + "markdownDescription": "The aggregation operation to perform for the calculated attribute.", + "title": "Statistic", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the tags that you want to apply to your task.\n\n*Tags* are key-value pairs that help you manage, filter, and search for your DataSync resources.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" }, - "TaskReportConfig": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfig", - "markdownDescription": "The configuration of your task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .", - "title": "TaskReportConfig" + "UseHistoricalData": { + "markdownDescription": "Whether historical data ingested before the Calculated Attribute was created should be included in calculations.", + "title": "UseHistoricalData", + "type": "boolean" } }, "required": [ - "DestinationLocationArn", - "SourceLocationArn" + "AttributeDetails", + "CalculatedAttributeName", + "DomainName", + "Statistic" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::Task" + "AWS::CustomerProfiles::CalculatedAttributeDefinition" ], "type": "string" }, @@ -63126,318 +69609,155 @@ ], "type": "object" }, - "AWS::DataSync::Task.Deleted": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails": { "additionalProperties": false, "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem" + }, + "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", + "title": "Attributes", + "type": "array" + }, + "Expression": { + "markdownDescription": "Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \\\"{ObjectTypeName.AttributeName}\\\".", + "title": "Expression", "type": "string" } }, + "required": [ + "Attributes", + "Expression" + ], "type": "object" }, - "AWS::DataSync::Task.Destination": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfigDestinationS3", - "markdownDescription": "", - "title": "S3" + "Name": { + "markdownDescription": "The unique name of the calculated attribute.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::DataSync::Task.FilterRule": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions": { "additionalProperties": false, "properties": { - "FilterType": { - "markdownDescription": "The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type.", - "title": "FilterType", - "type": "string" + "ObjectCount": { + "markdownDescription": "The number of profile objects used for the calculated attribute.", + "title": "ObjectCount", + "type": "number" }, - "Value": { - "markdownDescription": "A single filter string that consists of the patterns to include or exclude. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`", - "title": "Value", - "type": "string" + "Range": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Range", + "markdownDescription": "The relative time period over which data is included in the aggregation.", + "title": "Range" + }, + "Threshold": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold", + "markdownDescription": "The threshold for the calculated attribute.", + "title": "Threshold" } }, "type": "object" }, - "AWS::DataSync::Task.ManifestConfig": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Range": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies what DataSync uses the manifest for.", - "title": "Action", + "TimestampFormat": { + "markdownDescription": "The format the timestamp field in your JSON object is specified. This value should be one of EPOCHMILLI (for Unix epoch timestamps with second/millisecond level precision) or ISO_8601 (following ISO_8601 format with second/millisecond level precision, with an optional offset of Z or in the format HH:MM or HHMM.). E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"2001-07-04T12:08:56.235-0700\"}}, then TimestampFormat should be \"ISO_8601\"", + "title": "TimestampFormat", "type": "string" }, - "Format": { - "markdownDescription": "Specifies the file format of your manifest. For more information, see [Creating a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-create) .", - "title": "Format", - "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::DataSync::Task.Source", - "markdownDescription": "Specifies the manifest that you want DataSync to use and where it's hosted.\n\n> You must specify this parameter if you're configuring a new manifest on or after February 7, 2024.\n> \n> If you don't, you'll get a 400 status code and `ValidationException` error stating that you're missing the IAM role for DataSync to access the S3 bucket where you're hosting your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .", - "title": "Source" - } - }, - "required": [ - "Source" - ], - "type": "object" - }, - "AWS::DataSync::Task.ManifestConfigSourceS3": { - "additionalProperties": false, - "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "", - "title": "BucketAccessRoleArn", + "TimestampSource": { + "markdownDescription": "An expression specifying the field in your JSON object from which the date should be parsed. The expression should follow the structure of \\\"{ObjectTypeName.}\\\". E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"1737587945945\"}}, then TimestampSource should be \"{MyType.generatedAt.timestamp}\"", + "title": "TimestampSource", "type": "string" }, - "ManifestObjectPath": { - "markdownDescription": "", - "title": "ManifestObjectPath", + "Unit": { + "markdownDescription": "The unit of time.", + "title": "Unit", "type": "string" }, - "ManifestObjectVersionId": { - "markdownDescription": "", - "title": "ManifestObjectVersionId", - "type": "string" + "Value": { + "markdownDescription": "The amount of time of the specified unit.", + "title": "Value", + "type": "number" }, - "S3BucketArn": { - "markdownDescription": "", - "title": "S3BucketArn", - "type": "string" + "ValueRange": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.ValueRange", + "markdownDescription": "A structure letting customers specify a relative time window over which over which data is included in the Calculated Attribute. Use positive numbers to indicate that the endpoint is in the past, and negative numbers to indicate it is in the future. ValueRange overrides Value.", + "title": "ValueRange" } }, + "required": [ + "Unit" + ], "type": "object" }, - "AWS::DataSync::Task.Options": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Readiness": { "additionalProperties": false, "properties": { - "Atime": { - "markdownDescription": "A file metadata value that shows the last time that a file was accessed (that is, when the file was read or written to). If you set `Atime` to `BEST_EFFORT` , AWS DataSync attempts to preserve the original `Atime` attribute on all source files (that is, the version before the PREPARING phase). However, `Atime` 's behavior is not fully standard across platforms, so AWS DataSync can only do this on a best-effort basis.\n\nDefault value: `BEST_EFFORT`\n\n`BEST_EFFORT` : Attempt to preserve the per-file `Atime` value (recommended).\n\n`NONE` : Ignore `Atime` .\n\n> If `Atime` is set to `BEST_EFFORT` , `Mtime` must be set to `PRESERVE` .\n> \n> If `Atime` is set to `NONE` , `Mtime` must also be `NONE` .", - "title": "Atime", + "Message": { + "markdownDescription": "Any customer messaging.", + "title": "Message", "type": "string" }, - "BytesPerSecond": { - "markdownDescription": "A value that limits the bandwidth used by AWS DataSync . For example, if you want AWS DataSync to use a maximum of 1 MB, set this value to `1048576` (=1024*1024).", - "title": "BytesPerSecond", + "ProgressPercentage": { + "markdownDescription": "Approximately how far the Calculated Attribute creation is from completion.", + "title": "ProgressPercentage", "type": "number" - }, - "Gid": { - "markdownDescription": "The group ID (GID) of the file's owners.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the user ID (UID) and group ID (GID) (recommended).\n\n`NAME` : Currently not supported.\n\n`NONE` : Ignore the UID and GID.", - "title": "Gid", - "type": "string" - }, - "LogLevel": { - "markdownDescription": "Specifies the type of logs that DataSync publishes to a Amazon CloudWatch Logs log group. To specify the log group, see [CloudWatchLogGroupArn](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html#DataSync-CreateTask-request-CloudWatchLogGroupArn) .\n\n- `BASIC` - Publishes logs with only basic information (such as transfer errors).\n- `TRANSFER` - Publishes logs for all files or objects that your DataSync task transfers and performs data-integrity checks on.\n- `OFF` - No logs are published.", - "title": "LogLevel", - "type": "string" - }, - "Mtime": { - "markdownDescription": "A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. This option is required for cases when you need to run the same task more than one time.\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve original `Mtime` (recommended)\n\n`NONE` : Ignore `Mtime` .\n\n> If `Mtime` is set to `PRESERVE` , `Atime` must be set to `BEST_EFFORT` .\n> \n> If `Mtime` is set to `NONE` , `Atime` must also be set to `NONE` .", - "title": "Mtime", - "type": "string" - }, - "ObjectTags": { - "markdownDescription": "Specifies whether you want DataSync to `PRESERVE` object tags (default behavior) when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the `NONE` value.", - "title": "ObjectTags", - "type": "string" - }, - "OverwriteMode": { - "markdownDescription": "Specifies whether DataSync should modify or preserve data at the destination location.\n\n- `ALWAYS` (default) - DataSync modifies data in the destination location when source data (including metadata) has changed.\n\nIf DataSync overwrites objects, you might incur additional charges for certain Amazon S3 storage classes (for example, for retrieval or early deletion). For more information, see [Storage class considerations with Amazon S3 transfers](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .\n- `NEVER` - DataSync doesn't overwrite data in the destination location even if the source data has changed. You can use this option to protect against overwriting changes made to files or objects in the destination.", - "title": "OverwriteMode", - "type": "string" - }, - "PosixPermissions": { - "markdownDescription": "A value that determines which users or groups can access a file for a specific purpose, such as reading, writing, or execution of the file. This option should be set only for Network File System (NFS), Amazon EFS, and Amazon S3 locations. For more information about what metadata is copied by DataSync, see [Metadata Copied by DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html#metadata-copied) .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve POSIX-style permissions (recommended).\n\n`NONE` : Ignore permissions.\n\n> AWS DataSync can preserve extant permissions of a source location.", - "title": "PosixPermissions", - "type": "string" - }, - "PreserveDeletedFiles": { - "markdownDescription": "A value that specifies whether files in the destination that don't exist in the source file system are preserved. This option can affect your storage costs. If your task deletes objects, you might incur minimum storage duration charges for certain storage classes. For detailed information, see [Considerations when working with Amazon S3 storage classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) in the *AWS DataSync User Guide* .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Ignore destination files that aren't present in the source (recommended).\n\n`REMOVE` : Delete destination files that aren't present in the source.", - "title": "PreserveDeletedFiles", - "type": "string" - }, - "PreserveDevices": { - "markdownDescription": "A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and re-create the files with that device name and metadata on the destination. DataSync does not copy the contents of such devices, only the name and metadata.\n\n> AWS DataSync can't sync the actual contents of such devices, because they are nonterminal and don't return an end-of-file (EOF) marker. \n\nDefault value: `NONE`\n\n`NONE` : Ignore special devices (recommended).\n\n`PRESERVE` : Preserve character and block device metadata. This option isn't currently supported for Amazon EFS.", - "title": "PreserveDevices", - "type": "string" - }, - "SecurityDescriptorCopyFlags": { - "markdownDescription": "A value that determines which components of the SMB security descriptor are copied from source to destination objects.\n\nThis value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. For more information about how DataSync handles metadata, see [How DataSync Handles Metadata and Special Files](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html) .\n\nDefault value: `OWNER_DACL`\n\n`OWNER_DACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n\nWhen you use option, DataSync does NOT copy the NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\n`OWNER_DACL_SACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n- NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\nCopying SACLs requires granting additional permissions to the Windows user that DataSync uses to access your SMB location. For information about choosing a user that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#SMBuser) .\n\n`NONE` : None of the SMB security descriptor components are copied. Destination objects are owned by the user that was provided for accessing the destination location. DACLs and SACLs are set based on the destination server\u2019s configuration.", - "title": "SecurityDescriptorCopyFlags", - "type": "string" - }, - "TaskQueueing": { - "markdownDescription": "Specifies whether your transfer tasks should be put into a queue during certain scenarios when [running multiple tasks](https://docs.aws.amazon.com/datasync/latest/userguide/run-task.html#running-multiple-tasks) . This is `ENABLED` by default.", - "title": "TaskQueueing", - "type": "string" - }, - "TransferMode": { - "markdownDescription": "A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing it to the destination location.\n\n`CHANGED` : DataSync copies only data or metadata that is new or different from the source location to the destination location.\n\n`ALL` : DataSync copies all source location content to the destination, without comparing it to existing content on the destination.", - "title": "TransferMode", - "type": "string" - }, - "Uid": { - "markdownDescription": "The user ID (UID) of the file's owner.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the UID and group ID (GID) (recommended).\n\n`NAME` : Currently not supported\n\n`NONE` : Ignore the UID and GID.", - "title": "Uid", - "type": "string" - }, - "VerifyMode": { - "markdownDescription": "A value that determines whether a data integrity verification is performed at the end of a task execution after all data and metadata have been transferred. For more information, see [Configure task settings](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html) .\n\nDefault value: `POINT_IN_TIME_CONSISTENT`\n\n`ONLY_FILES_TRANSFERRED` (recommended): Perform verification only on files that were transferred.\n\n`POINT_IN_TIME_CONSISTENT` : Scan the entire source and entire destination at the end of the transfer to verify that the source and destination are fully synchronized. This option isn't supported when transferring to S3 Glacier or S3 Glacier Deep Archive storage classes.\n\n`NONE` : No additional verification is done at the end of the transfer, but all data transmissions are integrity-checked with checksum verification during the transfer.", - "title": "VerifyMode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.Overrides": { - "additionalProperties": false, - "properties": { - "Deleted": { - "$ref": "#/definitions/AWS::DataSync::Task.Deleted", - "markdownDescription": "", - "title": "Deleted" - }, - "Skipped": { - "$ref": "#/definitions/AWS::DataSync::Task.Skipped", - "markdownDescription": "", - "title": "Skipped" - }, - "Transferred": { - "$ref": "#/definitions/AWS::DataSync::Task.Transferred", - "markdownDescription": "", - "title": "Transferred" - }, - "Verified": { - "$ref": "#/definitions/AWS::DataSync::Task.Verified", - "markdownDescription": "", - "title": "Verified" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.Skipped": { - "additionalProperties": false, - "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.Source": { - "additionalProperties": false, - "properties": { - "S3": { - "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfigSourceS3", - "markdownDescription": "", - "title": "S3" } }, "type": "object" }, - "AWS::DataSync::Task.TaskReportConfig": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::DataSync::Task.Destination", - "markdownDescription": "Specifies the Amazon S3 bucket where DataSync uploads your task report. For more information, see [Task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html#task-report-access) .", - "title": "Destination" - }, - "ObjectVersionIds": { - "markdownDescription": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you [enable versioning on your bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html) . Keep in mind that setting this to `INCLUDE` can increase the duration of your task execution.", - "title": "ObjectVersionIds", - "type": "string" - }, - "OutputType": { - "markdownDescription": "Specifies the type of task report that you want:\n\n- `SUMMARY_ONLY` : Provides necessary details about your task, including the number of files, objects, and directories transferred and transfer duration.\n- `STANDARD` : Provides complete details about your task, including a full list of files, objects, and directories that were transferred, skipped, verified, and more.", - "title": "OutputType", + "Operator": { + "markdownDescription": "The operator of the threshold.", + "title": "Operator", "type": "string" }, - "Overrides": { - "$ref": "#/definitions/AWS::DataSync::Task.Overrides", - "markdownDescription": "Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that DataSync attempted to delete in your destination location.", - "title": "Overrides" - }, - "ReportLevel": { - "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to transfer, skip, verify, and delete.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to transfer, skip, verify, and delete.", - "title": "ReportLevel", + "Value": { + "markdownDescription": "The value of the threshold.", + "title": "Value", "type": "string" } }, "required": [ - "Destination", - "OutputType" + "Operator", + "Value" ], "type": "object" }, - "AWS::DataSync::Task.TaskReportConfigDestinationS3": { - "additionalProperties": false, - "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "", - "title": "BucketAccessRoleArn", - "type": "string" - }, - "S3BucketArn": { - "markdownDescription": "", - "title": "S3BucketArn", - "type": "string" - }, - "Subdirectory": { - "markdownDescription": "", - "title": "Subdirectory", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.TaskSchedule": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.ValueRange": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "Specifies your task schedule by using a cron or rate expression.\n\nUse cron expressions for task schedules that run on a specific time and day. For example, the following cron expression creates a task schedule that runs at 8 AM on the first Wednesday of every month:\n\n`cron(0 8 * * 3#1)`\n\nUse rate expressions for task schedules that run on a regular interval. For example, the following rate expression creates a task schedule that runs every 12 hours:\n\n`rate(12 hours)`\n\nFor information about cron and rate expression syntax, see the [*Amazon EventBridge User Guide*](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) .", - "title": "ScheduleExpression", - "type": "string" + "End": { + "markdownDescription": "The ending point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future.", + "title": "End", + "type": "number" }, - "Status": { - "markdownDescription": "Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to pause a recurring transfer to fix an issue with your task or perform maintenance on your storage system.\n\nDataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see [TaskScheduleDetails](https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html) .", - "title": "Status", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.Transferred": { - "additionalProperties": false, - "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.Verified": { - "additionalProperties": false, - "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", - "type": "string" + "Start": { + "markdownDescription": "The starting point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future.", + "title": "Start", + "type": "number" } }, + "required": [ + "End", + "Start" + ], "type": "object" }, - "AWS::DataZone::DataSource": { + "AWS::CustomerProfiles::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -63472,82 +69792,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetFormsInput": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.FormInput" - }, - "markdownDescription": "The metadata forms attached to the assets that the data source works with.", - "title": "AssetFormsInput", - "type": "array" - }, - "Configuration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.DataSourceConfigurationInput", - "markdownDescription": "The configuration of the data source.", - "title": "Configuration" - }, - "Description": { - "markdownDescription": "The description of the data source.", - "title": "Description", - "type": "string" - }, - "DomainIdentifier": { - "markdownDescription": "The ID of the Amazon DataZone domain where the data source is created.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnableSetting": { - "markdownDescription": "Specifies whether the data source is enabled.", - "title": "EnableSetting", + "DeadLetterQueueUrl": { + "markdownDescription": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", + "title": "DeadLetterQueueUrl", "type": "string" }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", - "title": "EnvironmentIdentifier", + "DefaultEncryptionKey": { + "markdownDescription": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.", + "title": "DefaultEncryptionKey", "type": "string" }, - "Name": { - "markdownDescription": "The name of the data source.", - "title": "Name", - "type": "string" + "DefaultExpirationDays": { + "markdownDescription": "The default number of days until the data within the domain expires.", + "title": "DefaultExpirationDays", + "type": "number" }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone project in which you want to add this data source.", - "title": "ProjectIdentifier", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "PublishOnImport": { - "markdownDescription": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog.", - "title": "PublishOnImport", - "type": "boolean" - }, - "Recommendation": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RecommendationConfiguration", - "markdownDescription": "Specifies whether the business name generation is to be enabled for this data source.", - "title": "Recommendation" + "Matching": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Matching", + "markdownDescription": "The process of matching duplicate profiles.", + "title": "Matching" }, - "Schedule": { - "$ref": "#/definitions/AWS::DataZone::DataSource.ScheduleConfiguration", - "markdownDescription": "The schedule of the data source runs.", - "title": "Schedule" + "RuleBasedMatching": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.RuleBasedMatching", + "markdownDescription": "The process of matching duplicate profiles using Rule-Based matching.", + "title": "RuleBasedMatching" }, - "Type": { - "markdownDescription": "The type of the data source. In Amazon DataZone, you can use data sources to import technical metadata of assets (data) from the source databases or data warehouses into Amazon DataZone. In the current release of Amazon DataZone, you can create and run data sources for AWS Glue and Amazon Redshift.", - "title": "Type", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "DomainIdentifier", - "EnvironmentIdentifier", - "Name", - "ProjectIdentifier", - "Type" + "DefaultExpirationDays", + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::DataSource" + "AWS::CustomerProfiles::Domain" ], "type": "string" }, @@ -63566,245 +69858,281 @@ ], "type": "object" }, - "AWS::DataZone::DataSource.DataSourceConfigurationInput": { + "AWS::CustomerProfiles::Domain.AttributeTypesSelector": { "additionalProperties": false, "properties": { - "GlueRunConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.GlueRunConfigurationInput", - "markdownDescription": "The configuration of the AWS Glue data source.", - "title": "GlueRunConfiguration" + "Address": { + "items": { + "type": "string" + }, + "markdownDescription": "The `Address` type. You can choose from `Address` , `BusinessAddress` , `MaillingAddress` , and `ShippingAddress` . You only can use the `Address` type in the `MatchingRule` . For example, if you want to match a profile based on `BusinessAddress.City` or `MaillingAddress.City` , you can choose the `BusinessAddress` and the `MaillingAddress` to represent the `Address` type and specify the `Address.City` on the matching rule.", + "title": "Address", + "type": "array" }, - "RedshiftRunConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftRunConfigurationInput", - "markdownDescription": "The configuration of the Amazon Redshift data source.", - "title": "RedshiftRunConfiguration" + "AttributeMatchingModel": { + "markdownDescription": "Configures the `AttributeMatchingModel` , you can either choose `ONE_TO_ONE` or `MANY_TO_MANY` .", + "title": "AttributeMatchingModel", + "type": "string" + }, + "EmailAddress": { + "items": { + "type": "string" + }, + "markdownDescription": "The Email type. You can choose from `EmailAddress` , `BusinessEmailAddress` and `PersonalEmailAddress` . You only can use the `EmailAddress` type in the `MatchingRule` . For example, if you want to match profile based on `PersonalEmailAddress` or `BusinessEmailAddress` , you can choose the `PersonalEmailAddress` and the `BusinessEmailAddress` to represent the `EmailAddress` type and only specify the `EmailAddress` on the matching rule.", + "title": "EmailAddress", + "type": "array" + }, + "PhoneNumber": { + "items": { + "type": "string" + }, + "markdownDescription": "The `PhoneNumber` type. You can choose from `PhoneNumber` , `HomePhoneNumber` , and `MobilePhoneNumber` . You only can use the `PhoneNumber` type in the `MatchingRule` . For example, if you want to match a profile based on `Phone` or `HomePhone` , you can choose the `Phone` and the `HomePhone` to represent the `PhoneNumber` type and only specify the `PhoneNumber` on the matching rule.", + "title": "PhoneNumber", + "type": "array" } }, + "required": [ + "AttributeMatchingModel" + ], "type": "object" }, - "AWS::DataZone::DataSource.FilterExpression": { + "AWS::CustomerProfiles::Domain.AutoMerging": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The search filter expression.", - "title": "Expression", - "type": "string" + "ConflictResolution": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", + "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", + "title": "ConflictResolution" }, - "Type": { - "markdownDescription": "The search filter explresison type.", - "title": "Type", - "type": "string" + "Consolidation": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Consolidation", + "markdownDescription": "A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged.", + "title": "Consolidation" + }, + "Enabled": { + "markdownDescription": "The flag that enables the auto-merging of duplicate profiles.", + "title": "Enabled", + "type": "boolean" + }, + "MinAllowedConfidenceScoreForMerging": { + "markdownDescription": "A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means that a higher similarity is required to merge profiles.", + "title": "MinAllowedConfidenceScoreForMerging", + "type": "number" } }, "required": [ - "Expression", - "Type" + "Enabled" ], "type": "object" }, - "AWS::DataZone::DataSource.FormInput": { + "AWS::CustomerProfiles::Domain.ConflictResolution": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "", - "title": "Content", - "type": "string" - }, - "FormName": { - "markdownDescription": "", - "title": "FormName", - "type": "string" - }, - "TypeIdentifier": { - "markdownDescription": "", - "title": "TypeIdentifier", + "ConflictResolvingModel": { + "markdownDescription": "How the auto-merging process should resolve conflicts between different profiles.", + "title": "ConflictResolvingModel", "type": "string" }, - "TypeRevision": { - "markdownDescription": "", - "title": "TypeRevision", + "SourceName": { + "markdownDescription": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel` .", + "title": "SourceName", "type": "string" } }, "required": [ - "FormName" + "ConflictResolvingModel" ], "type": "object" }, - "AWS::DataZone::DataSource.GlueRunConfigurationInput": { + "AWS::CustomerProfiles::Domain.Consolidation": { "additionalProperties": false, "properties": { - "AutoImportDataQualityResult": { - "markdownDescription": "Specifies whether to automatically import data quality metrics as part of the data source run.", - "title": "AutoImportDataQualityResult", - "type": "boolean" - }, - "DataAccessRole": { - "markdownDescription": "The data access role included in the configuration details of the AWS Glue data source.", - "title": "DataAccessRole", - "type": "string" - }, - "RelationalFilterConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" - }, - "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", - "title": "RelationalFilterConfigurations", - "type": "array" + "MatchingAttributesList": { + "markdownDescription": "A list of matching criteria.", + "title": "MatchingAttributesList", + "type": "object" } }, "required": [ - "RelationalFilterConfigurations" + "MatchingAttributesList" ], "type": "object" }, - "AWS::DataZone::DataSource.RecommendationConfiguration": { + "AWS::CustomerProfiles::Domain.DomainStats": { "additionalProperties": false, "properties": { - "EnableBusinessNameGeneration": { - "markdownDescription": "Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration.", - "title": "EnableBusinessNameGeneration", - "type": "boolean" + "MeteringProfileCount": { + "markdownDescription": "The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on.", + "title": "MeteringProfileCount", + "type": "number" + }, + "ObjectCount": { + "markdownDescription": "The total number of objects in domain.", + "title": "ObjectCount", + "type": "number" + }, + "ProfileCount": { + "markdownDescription": "The total number of profiles currently in the domain.", + "title": "ProfileCount", + "type": "number" + }, + "TotalSize": { + "markdownDescription": "The total size, in bytes, of all objects in the domain.", + "title": "TotalSize", + "type": "number" } }, "type": "object" }, - "AWS::DataZone::DataSource.RedshiftClusterStorage": { + "AWS::CustomerProfiles::Domain.ExportingConfig": { "additionalProperties": false, "properties": { - "ClusterName": { - "markdownDescription": "The name of an Amazon Redshift cluster.", - "title": "ClusterName", - "type": "string" + "S3Exporting": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.S3ExportingConfig", + "markdownDescription": "", + "title": "S3Exporting" } }, - "required": [ - "ClusterName" - ], "type": "object" }, - "AWS::DataZone::DataSource.RedshiftCredentialConfiguration": { + "AWS::CustomerProfiles::Domain.JobSchedule": { "additionalProperties": false, "properties": { - "SecretManagerArn": { - "markdownDescription": "The ARN of a secret manager for an Amazon Redshift cluster.", - "title": "SecretManagerArn", + "DayOfTheWeek": { + "markdownDescription": "The day when the Identity Resolution Job should run every week.", + "title": "DayOfTheWeek", + "type": "string" + }, + "Time": { + "markdownDescription": "The time when the Identity Resolution Job should run every week.", + "title": "Time", "type": "string" } }, "required": [ - "SecretManagerArn" + "DayOfTheWeek", + "Time" ], "type": "object" }, - "AWS::DataZone::DataSource.RedshiftRunConfigurationInput": { + "AWS::CustomerProfiles::Domain.Matching": { "additionalProperties": false, "properties": { - "DataAccessRole": { - "markdownDescription": "The data access role included in the configuration details of the Amazon Redshift data source.", - "title": "DataAccessRole", - "type": "string" + "AutoMerging": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AutoMerging", + "markdownDescription": "Configuration information about the auto-merging process.", + "title": "AutoMerging" }, - "RedshiftCredentialConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftCredentialConfiguration", - "markdownDescription": "The details of the credentials required to access an Amazon Redshift cluster.", - "title": "RedshiftCredentialConfiguration" + "Enabled": { + "markdownDescription": "The flag that enables the matching process of duplicate profiles.", + "title": "Enabled", + "type": "boolean" }, - "RedshiftStorage": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftStorage", - "markdownDescription": "The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run.", - "title": "RedshiftStorage" + "ExportingConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", + "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", + "title": "ExportingConfig" }, - "RelationalFilterConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" - }, - "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", - "title": "RelationalFilterConfigurations", - "type": "array" + "JobSchedule": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.JobSchedule", + "markdownDescription": "The day and time when do you want to start the Identity Resolution Job every week.", + "title": "JobSchedule" } }, "required": [ - "RedshiftCredentialConfiguration", - "RedshiftStorage", - "RelationalFilterConfigurations" + "Enabled" ], "type": "object" }, - "AWS::DataZone::DataSource.RedshiftServerlessStorage": { + "AWS::CustomerProfiles::Domain.MatchingRule": { "additionalProperties": false, "properties": { - "WorkgroupName": { - "markdownDescription": "The name of the Amazon Redshift Serverless workgroup.", - "title": "WorkgroupName", - "type": "string" + "Rule": { + "items": { + "type": "string" + }, + "markdownDescription": "A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles.", + "title": "Rule", + "type": "array" } }, "required": [ - "WorkgroupName" + "Rule" ], "type": "object" }, - "AWS::DataZone::DataSource.RedshiftStorage": { + "AWS::CustomerProfiles::Domain.RuleBasedMatching": { "additionalProperties": false, "properties": { - "RedshiftClusterSource": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftClusterStorage", - "markdownDescription": "The details of the Amazon Redshift cluster source.", - "title": "RedshiftClusterSource" + "AttributeTypesSelector": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AttributeTypesSelector", + "markdownDescription": "Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles.", + "title": "AttributeTypesSelector" }, - "RedshiftServerlessSource": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftServerlessStorage", - "markdownDescription": "The details of the Amazon Redshift Serverless workgroup source.", - "title": "RedshiftServerlessSource" - } - }, - "type": "object" - }, - "AWS::DataZone::DataSource.RelationalFilterConfiguration": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The database name specified in the relational filter configuration for the data source.", - "title": "DatabaseName", - "type": "string" + "ConflictResolution": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", + "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", + "title": "ConflictResolution" }, - "FilterExpressions": { + "Enabled": { + "markdownDescription": "The flag that enables the matching process of duplicate profiles.", + "title": "Enabled", + "type": "boolean" + }, + "ExportingConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", + "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", + "title": "ExportingConfig" + }, + "MatchingRules": { "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.FilterExpression" + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.MatchingRule" }, - "markdownDescription": "The filter expressions specified in the relational filter configuration for the data source.", - "title": "FilterExpressions", + "markdownDescription": "Configures how the rule-based matching process should match profiles. You can have up to 15 `MatchingRule` in the `MatchingRules` .", + "title": "MatchingRules", "type": "array" }, - "SchemaName": { - "markdownDescription": "The schema name specified in the relational filter configuration for the data source.", - "title": "SchemaName", + "MaxAllowedRuleLevelForMatching": { + "markdownDescription": "Indicates the maximum allowed rule level for matching.", + "title": "MaxAllowedRuleLevelForMatching", + "type": "number" + }, + "MaxAllowedRuleLevelForMerging": { + "markdownDescription": "Indicates the maximum allowed rule level for merging.", + "title": "MaxAllowedRuleLevelForMerging", + "type": "number" + }, + "Status": { + "markdownDescription": "The status of rule-based matching rule.", + "title": "Status", "type": "string" } }, "required": [ - "DatabaseName" + "Enabled" ], "type": "object" }, - "AWS::DataZone::DataSource.ScheduleConfiguration": { + "AWS::CustomerProfiles::Domain.S3ExportingConfig": { "additionalProperties": false, "properties": { - "Schedule": { - "markdownDescription": "The schedule of the data source runs.", - "title": "Schedule", + "S3BucketName": { + "markdownDescription": "The name of the S3 bucket where Identity Resolution Jobs write result files.", + "title": "S3BucketName", "type": "string" }, - "Timezone": { - "markdownDescription": "The timezone of the data source run.", - "title": "Timezone", + "S3KeyName": { + "markdownDescription": "The S3 key name of the location where Identity Resolution Jobs write result files.", + "title": "S3KeyName", "type": "string" } }, + "required": [ + "S3BucketName" + ], "type": "object" }, - "AWS::DataZone::Domain": { + "AWS::CustomerProfiles::EventStream": { "additionalProperties": false, "properties": { "Condition": { @@ -63839,49 +70167,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Amazon DataZone domain.", - "title": "Description", - "type": "string" - }, - "DomainExecutionRole": { - "markdownDescription": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain.", - "title": "DomainExecutionRole", - "type": "string" - }, - "KmsKeyIdentifier": { - "markdownDescription": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data.", - "title": "KmsKeyIdentifier", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the Amazon DataZone domain.", - "title": "Name", + "EventStreamName": { + "markdownDescription": "The name of the event stream.", + "title": "EventStreamName", "type": "string" }, - "SingleSignOn": { - "$ref": "#/definitions/AWS::DataZone::Domain.SingleSignOn", - "markdownDescription": "The single sign-on details in Amazon DataZone.", - "title": "SingleSignOn" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags specified for the Amazon DataZone domain.", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" + }, + "Uri": { + "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", + "title": "Uri", + "type": "string" } }, "required": [ - "DomainExecutionRole", - "Name" + "DomainName", + "EventStreamName", + "Uri" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Domain" + "AWS::CustomerProfiles::EventStream" ], "type": "string" }, @@ -63900,23 +70219,27 @@ ], "type": "object" }, - "AWS::DataZone::Domain.SingleSignOn": { + "AWS::CustomerProfiles::EventStream.DestinationDetails": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of single sign-on in Amazon DataZone.", - "title": "Type", + "Status": { + "markdownDescription": "The status of enabling the Kinesis stream as a destination for export.", + "title": "Status", "type": "string" }, - "UserAssignment": { - "markdownDescription": "The single sign-on user assignment in Amazon DataZone.", - "title": "UserAssignment", + "Uri": { + "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", + "title": "Uri", "type": "string" } }, + "required": [ + "Status", + "Uri" + ], "type": "object" }, - "AWS::DataZone::Environment": { + "AWS::CustomerProfiles::EventTrigger": { "additionalProperties": false, "properties": { "Condition": { @@ -63952,58 +70275,63 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the environment.", + "markdownDescription": "The description of the event trigger.", "title": "Description", "type": "string" }, - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment is created.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnvironmentProfileIdentifier": { - "markdownDescription": "The identifier of the environment profile that is used to create this Amazon DataZone environment.", - "title": "EnvironmentProfileIdentifier", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "GlossaryTerms": { + "EventTriggerConditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerCondition" }, - "markdownDescription": "The glossary terms that can be used in this Amazon DataZone environment.", - "title": "GlossaryTerms", + "markdownDescription": "A list of conditions that determine when an event should trigger the destination.", + "title": "EventTriggerConditions", "type": "array" }, - "Name": { - "markdownDescription": "The name of the Amazon DataZone environment.", - "title": "Name", + "EventTriggerLimits": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerLimits", + "markdownDescription": "Defines limits controlling whether an event triggers the destination, based on ingestion latency and the number of invocations per profile over specific time periods.", + "title": "EventTriggerLimits" + }, + "EventTriggerName": { + "markdownDescription": "The unique name of the event trigger.", + "title": "EventTriggerName", "type": "string" }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone project in which this environment is created.", - "title": "ProjectIdentifier", + "ObjectTypeName": { + "markdownDescription": "The unique name of the object type.", + "title": "ObjectTypeName", "type": "string" }, - "UserParameters": { + "SegmentFilter": { + "markdownDescription": "The destination is triggered only for profiles that meet the criteria of a segment definition.", + "title": "SegmentFilter", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataZone::Environment.EnvironmentParameter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The user parameters of this Amazon DataZone environment.", - "title": "UserParameters", + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", "type": "array" } }, "required": [ - "DomainIdentifier", - "EnvironmentProfileIdentifier", - "Name", - "ProjectIdentifier" + "DomainName", + "EventTriggerConditions", + "EventTriggerName", + "ObjectTypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Environment" + "AWS::CustomerProfiles::EventTrigger" ], "type": "string" }, @@ -64022,145 +70350,129 @@ ], "type": "object" }, - "AWS::DataZone::Environment.EnvironmentParameter": { + "AWS::CustomerProfiles::EventTrigger.EventTriggerCondition": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the environment parameter.", - "title": "Name", - "type": "string" + "EventTriggerDimensions": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerDimension" + }, + "markdownDescription": "A list of dimensions to be evaluated for the event.", + "title": "EventTriggerDimensions", + "type": "array" }, - "Value": { - "markdownDescription": "The value of the environment parameter.", - "title": "Value", + "LogicalOperator": { + "markdownDescription": "The operator used to combine multiple dimensions.", + "title": "LogicalOperator", "type": "string" } }, + "required": [ + "EventTriggerDimensions", + "LogicalOperator" + ], "type": "object" }, - "AWS::DataZone::EnvironmentBlueprintConfiguration": { + "AWS::CustomerProfiles::EventTrigger.EventTriggerDimension": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "ObjectAttributes": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.ObjectAttribute" + }, + "markdownDescription": "A list of object attributes to be evaluated.", + "title": "ObjectAttributes", + "type": "array" + } + }, + "required": [ + "ObjectAttributes" + ], + "type": "object" + }, + "AWS::CustomerProfiles::EventTrigger.EventTriggerLimits": { + "additionalProperties": false, + "properties": { + "EventExpiration": { + "markdownDescription": "Specifies that an event will only trigger the destination if it is processed within a certain latency period.", + "title": "EventExpiration", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which an environment blueprint exists.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnabledRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The enabled AWS Regions specified in a blueprint configuration.", - "title": "EnabledRegions", - "type": "array" - }, - "EnvironmentBlueprintIdentifier": { - "markdownDescription": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` .", - "title": "EnvironmentBlueprintIdentifier", - "type": "string" - }, - "ManageAccessRoleArn": { - "markdownDescription": "The ARN of the manage access role.", - "title": "ManageAccessRoleArn", - "type": "string" - }, - "ProvisioningRoleArn": { - "markdownDescription": "The ARN of the provisioning role.", - "title": "ProvisioningRoleArn", - "type": "string" - }, - "RegionalParameters": { - "items": { - "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter" - }, - "markdownDescription": "The regional parameters of the environment blueprint.", - "title": "RegionalParameters", - "type": "array" - } + "Periods": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.Period" }, - "required": [ - "DomainIdentifier", - "EnabledRegions", - "EnvironmentBlueprintIdentifier" - ], - "type": "object" + "markdownDescription": "A list of time periods during which the limits apply.", + "title": "Periods", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::EventTrigger.ObjectAttribute": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The operator used to compare an attribute against a list of values.", + "title": "ComparisonOperator", + "type": "string" }, - "Type": { - "enum": [ - "AWS::DataZone::EnvironmentBlueprintConfiguration" - ], + "FieldName": { + "markdownDescription": "A field defined within an object type.", + "title": "FieldName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Source": { + "markdownDescription": "An attribute contained within a source object.", + "title": "Source", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The amount of time of the specified unit.", + "title": "Values", + "type": "array" } }, "required": [ - "Type", - "Properties" + "ComparisonOperator", + "Values" ], "type": "object" }, - "AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter": { + "AWS::CustomerProfiles::EventTrigger.Period": { "additionalProperties": false, "properties": { - "Parameters": { - "additionalProperties": true, - "markdownDescription": "A string to string map containing parameters for the region.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "MaxInvocationsPerProfile": { + "markdownDescription": "The maximum allowed number of destination invocations per profile.", + "title": "MaxInvocationsPerProfile", + "type": "number" }, - "Region": { - "markdownDescription": "The region specified in the environment parameter.", - "title": "Region", + "Unit": { + "markdownDescription": "The unit of time.", + "title": "Unit", "type": "string" + }, + "Unlimited": { + "markdownDescription": "If set to true, there is no limit on the number of destination invocations per profile. The default is false.", + "title": "Unlimited", + "type": "boolean" + }, + "Value": { + "markdownDescription": "The amount of time of the specified unit.", + "title": "Value", + "type": "number" } }, + "required": [ + "Unit", + "Value" + ], "type": "object" }, - "AWS::DataZone::EnvironmentProfile": { + "AWS::CustomerProfiles::Integration": { "additionalProperties": false, "properties": { "Condition": { @@ -64195,63 +70507,59 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The identifier of an AWS account in which an environment profile exists.", - "title": "AwsAccountId", - "type": "string" - }, - "AwsAccountRegion": { - "markdownDescription": "The AWS Region in which an environment profile exists.", - "title": "AwsAccountRegion", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the environment profile.", - "title": "Description", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment profile exists.", - "title": "DomainIdentifier", - "type": "string" + "EventTriggerNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of unique names for active event triggers associated with the integration.", + "title": "EventTriggerNames", + "type": "array" }, - "EnvironmentBlueprintIdentifier": { - "markdownDescription": "The identifier of a blueprint with which an environment profile is created.", - "title": "EnvironmentBlueprintIdentifier", - "type": "string" + "FlowDefinition": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.FlowDefinition", + "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", + "title": "FlowDefinition" }, - "Name": { - "markdownDescription": "The name of the environment profile.", - "title": "Name", + "ObjectTypeName": { + "markdownDescription": "The name of the profile object type mapping to use.", + "title": "ObjectTypeName", "type": "string" }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of a project in which an environment profile exists.", - "title": "ProjectIdentifier", - "type": "string" + "ObjectTypeNames": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ObjectTypeMapping" + }, + "markdownDescription": "The object type mapping.", + "title": "ObjectTypeNames", + "type": "array" }, - "UserParameters": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile.EnvironmentParameter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The user parameters of this Amazon DataZone environment profile.", - "title": "UserParameters", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", "type": "array" + }, + "Uri": { + "markdownDescription": "The URI of the S3 bucket or any other type of data source.", + "title": "Uri", + "type": "string" } }, "required": [ - "AwsAccountId", - "AwsAccountRegion", - "DomainIdentifier", - "EnvironmentBlueprintIdentifier", - "Name", - "ProjectIdentifier" + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::EnvironmentProfile" + "AWS::CustomerProfiles::Integration" ], "type": "string" }, @@ -64270,109 +70578,396 @@ ], "type": "object" }, - "AWS::DataZone::EnvironmentProfile.EnvironmentParameter": { + "AWS::CustomerProfiles::Integration.ConnectorOperator": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name specified in the environment parameter.", - "title": "Name", + "Marketo": { + "markdownDescription": "The operation to be performed on the provided Marketo source fields.", + "title": "Marketo", "type": "string" }, - "Value": { - "markdownDescription": "The value of the environment profile.", - "title": "Value", + "S3": { + "markdownDescription": "The operation to be performed on the provided Amazon S3 source fields.", + "title": "S3", "type": "string" - } - }, + }, + "Salesforce": { + "markdownDescription": "The operation to be performed on the provided Salesforce source fields.", + "title": "Salesforce", + "type": "string" + }, + "ServiceNow": { + "markdownDescription": "The operation to be performed on the provided ServiceNow source fields.", + "title": "ServiceNow", + "type": "string" + }, + "Zendesk": { + "markdownDescription": "The operation to be performed on the provided Zendesk source fields.", + "title": "Zendesk", + "type": "string" + } + }, "type": "object" }, - "AWS::DataZone::Project": { + "AWS::CustomerProfiles::Integration.FlowDefinition": { "additionalProperties": false, "properties": { - "Condition": { + "Description": { + "markdownDescription": "A description of the flow you want to create.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FlowName": { + "markdownDescription": "The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed.", + "title": "FlowName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "KmsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption.", + "title": "KmsArn", + "type": "string" }, - "Metadata": { - "type": "object" + "SourceFlowConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceFlowConfig", + "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", + "title": "SourceFlowConfig" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of a project.", - "title": "Description", - "type": "string" - }, - "DomainIdentifier": { - "markdownDescription": "The identifier of a Amazon DataZone domain where the project exists.", - "title": "DomainIdentifier", - "type": "string" - }, - "GlossaryTerms": { - "items": { - "type": "string" - }, - "markdownDescription": "The glossary terms that can be used in this Amazon DataZone project.", - "title": "GlossaryTerms", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of a project.", - "title": "Name", - "type": "string" - } + "Tasks": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.Task" }, - "required": [ - "DomainIdentifier", - "Name" - ], - "type": "object" + "markdownDescription": "A list of tasks that Customer Profiles performs while transferring the data in the flow run.", + "title": "Tasks", + "type": "array" }, - "Type": { - "enum": [ - "AWS::DataZone::Project" - ], + "TriggerConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerConfig", + "markdownDescription": "The trigger settings that determine how and when the flow runs.", + "title": "TriggerConfig" + } + }, + "required": [ + "FlowName", + "KmsArn", + "SourceFlowConfig", + "Tasks", + "TriggerConfig" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.IncrementalPullConfig": { + "additionalProperties": false, + "properties": { + "DatetimeTypeFieldName": { + "markdownDescription": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.", + "title": "DatetimeTypeFieldName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Integration.MarketoSourceProperties": { + "additionalProperties": false, + "properties": { + "Object": { + "markdownDescription": "The object specified in the Marketo flow source.", + "title": "Object", + "type": "string" + } + }, + "required": [ + "Object" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.ObjectTypeMapping": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key", + "Value" ], "type": "object" }, - "AWS::DataZone::SubscriptionTarget": { + "AWS::CustomerProfiles::Integration.S3SourceProperties": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The Amazon S3 bucket name where the source files are stored.", + "title": "BucketName", + "type": "string" + }, + "BucketPrefix": { + "markdownDescription": "The object key for the Amazon S3 bucket in which the source files are stored.", + "title": "BucketPrefix", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.SalesforceSourceProperties": { + "additionalProperties": false, + "properties": { + "EnableDynamicFieldUpdate": { + "markdownDescription": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.", + "title": "EnableDynamicFieldUpdate", + "type": "boolean" + }, + "IncludeDeletedRecords": { + "markdownDescription": "Indicates whether Amazon AppFlow includes deleted files in the flow run.", + "title": "IncludeDeletedRecords", + "type": "boolean" + }, + "Object": { + "markdownDescription": "The object specified in the Salesforce flow source.", + "title": "Object", + "type": "string" + } + }, + "required": [ + "Object" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.ScheduledTriggerProperties": { + "additionalProperties": false, + "properties": { + "DataPullMode": { + "markdownDescription": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.", + "title": "DataPullMode", + "type": "string" + }, + "FirstExecutionFrom": { + "markdownDescription": "Specifies the date range for the records to import from the connector in the first flow run.", + "title": "FirstExecutionFrom", + "type": "number" + }, + "ScheduleEndTime": { + "markdownDescription": "Specifies the scheduled end time for a scheduled-trigger flow.", + "title": "ScheduleEndTime", + "type": "number" + }, + "ScheduleExpression": { + "markdownDescription": "The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes).", + "title": "ScheduleExpression", + "type": "string" + }, + "ScheduleOffset": { + "markdownDescription": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow.", + "title": "ScheduleOffset", + "type": "number" + }, + "ScheduleStartTime": { + "markdownDescription": "Specifies the scheduled start time for a scheduled-trigger flow. The value must be a date/time value in EPOCH format.", + "title": "ScheduleStartTime", + "type": "number" + }, + "Timezone": { + "markdownDescription": "Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York.", + "title": "Timezone", + "type": "string" + } + }, + "required": [ + "ScheduleExpression" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.ServiceNowSourceProperties": { + "additionalProperties": false, + "properties": { + "Object": { + "markdownDescription": "The object specified in the ServiceNow flow source.", + "title": "Object", + "type": "string" + } + }, + "required": [ + "Object" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.SourceConnectorProperties": { + "additionalProperties": false, + "properties": { + "Marketo": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.MarketoSourceProperties", + "markdownDescription": "The properties that are applied when Marketo is being used as a source.", + "title": "Marketo" + }, + "S3": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.S3SourceProperties", + "markdownDescription": "The properties that are applied when Amazon S3 is being used as the flow source.", + "title": "S3" + }, + "Salesforce": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SalesforceSourceProperties", + "markdownDescription": "The properties that are applied when Salesforce is being used as a source.", + "title": "Salesforce" + }, + "ServiceNow": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ServiceNowSourceProperties", + "markdownDescription": "The properties that are applied when ServiceNow is being used as a source.", + "title": "ServiceNow" + }, + "Zendesk": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ZendeskSourceProperties", + "markdownDescription": "The properties that are applied when using Zendesk as a flow source.", + "title": "Zendesk" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Integration.SourceFlowConfig": { + "additionalProperties": false, + "properties": { + "ConnectorProfileName": { + "markdownDescription": "The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account .", + "title": "ConnectorProfileName", + "type": "string" + }, + "ConnectorType": { + "markdownDescription": "The type of connector, such as Salesforce, Marketo, and so on.", + "title": "ConnectorType", + "type": "string" + }, + "IncrementalPullConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.IncrementalPullConfig", + "markdownDescription": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.", + "title": "IncrementalPullConfig" + }, + "SourceConnectorProperties": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceConnectorProperties", + "markdownDescription": "Specifies the information that is required to query a particular source connector.", + "title": "SourceConnectorProperties" + } + }, + "required": [ + "ConnectorType", + "SourceConnectorProperties" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.Task": { + "additionalProperties": false, + "properties": { + "ConnectorOperator": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ConnectorOperator", + "markdownDescription": "The operation to be performed on the provided source fields.", + "title": "ConnectorOperator" + }, + "DestinationField": { + "markdownDescription": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.", + "title": "DestinationField", + "type": "string" + }, + "SourceFields": { + "items": { + "type": "string" + }, + "markdownDescription": "The source fields to which a particular task is applied.", + "title": "SourceFields", + "type": "array" + }, + "TaskProperties": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TaskPropertiesMap" + }, + "markdownDescription": "A map used to store task-related information. The service looks for particular information based on the TaskType.", + "title": "TaskProperties", + "type": "array" + }, + "TaskType": { + "markdownDescription": "Specifies the particular task implementation that Amazon AppFlow performs.", + "title": "TaskType", + "type": "string" + } + }, + "required": [ + "SourceFields", + "TaskType" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.TaskPropertiesMap": { + "additionalProperties": false, + "properties": { + "OperatorPropertyKey": { + "markdownDescription": "The task property key.", + "title": "OperatorPropertyKey", + "type": "string" + }, + "Property": { + "markdownDescription": "The task property value.", + "title": "Property", + "type": "string" + } + }, + "required": [ + "OperatorPropertyKey", + "Property" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.TriggerConfig": { + "additionalProperties": false, + "properties": { + "TriggerProperties": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerProperties", + "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type.", + "title": "TriggerProperties" + }, + "TriggerType": { + "markdownDescription": "Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event.", + "title": "TriggerType", + "type": "string" + } + }, + "required": [ + "TriggerType" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.TriggerProperties": { + "additionalProperties": false, + "properties": { + "Scheduled": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ScheduledTriggerProperties", + "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define.", + "title": "Scheduled" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Integration.ZendeskSourceProperties": { + "additionalProperties": false, + "properties": { + "Object": { + "markdownDescription": "The object specified in the Zendesk flow source.", + "title": "Object", + "type": "string" + } + }, + "required": [ + "Object" + ], + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType": { "additionalProperties": false, "properties": { "Condition": { @@ -64407,76 +71002,86 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicableAssetTypes": { + "AllowProfileCreation": { + "markdownDescription": "Indicates whether a profile should be created when data is received if one doesn\u2019t exist for an object of this type. The default is `FALSE` . If the AllowProfileCreation flag is set to `FALSE` , then the service tries to fetch a standard profile and associate this object with the profile. If it is set to `TRUE` , and if no match is found, then the service creates a new standard profile.", + "title": "AllowProfileCreation", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the profile object type mapping.", + "title": "Description", + "type": "string" + }, + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer-provided key to encrypt the profile object that will be created in this profile object type mapping. If not specified the system will use the encryption key of the domain.", + "title": "EncryptionKey", + "type": "string" + }, + "ExpirationDays": { + "markdownDescription": "The number of days until the data of this type expires.", + "title": "ExpirationDays", + "type": "number" + }, + "Fields": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.FieldMap" }, - "markdownDescription": "The asset types included in the subscription target.", - "title": "ApplicableAssetTypes", + "markdownDescription": "A list of field definitions for the object type mapping.", + "title": "Fields", "type": "array" }, - "AuthorizedPrincipals": { + "Keys": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.KeyMap" }, - "markdownDescription": "The authorized principals included in the subscription target.", - "title": "AuthorizedPrincipals", + "markdownDescription": "A list of keys that can be used to map data to the profile or search for the profile.", + "title": "Keys", "type": "array" }, - "DomainIdentifier": { - "markdownDescription": "The ID of the Amazon DataZone domain in which subscription target is created.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The ID of the environment in which subscription target is created.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "ManageAccessRole": { - "markdownDescription": "The manage access role that is used to create the subscription target.", - "title": "ManageAccessRole", - "type": "string" + "MaxProfileObjectCount": { + "markdownDescription": "The amount of profile object max count assigned to the object type.", + "title": "MaxProfileObjectCount", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the subscription target.", - "title": "Name", + "ObjectTypeName": { + "markdownDescription": "The name of the profile object type.", + "title": "ObjectTypeName", "type": "string" }, - "Provider": { - "markdownDescription": "The provider of the subscription target.", - "title": "Provider", + "SourceLastUpdatedTimestampFormat": { + "markdownDescription": "The format of your sourceLastUpdatedTimestamp that was previously set up.", + "title": "SourceLastUpdatedTimestampFormat", "type": "string" }, - "SubscriptionTargetConfig": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The configuration of the subscription target.", - "title": "SubscriptionTargetConfig", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "The type of the subscription target.", - "title": "Type", + "TemplateId": { + "markdownDescription": "A unique identifier for the template mapping. This can be used instead of specifying the Keys and Fields properties directly.", + "title": "TemplateId", "type": "string" } }, "required": [ - "ApplicableAssetTypes", - "AuthorizedPrincipals", - "DomainIdentifier", - "EnvironmentIdentifier", - "ManageAccessRole", - "Name", - "SubscriptionTargetConfig", - "Type" + "Description", + "DomainName", + "ObjectTypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::SubscriptionTarget" + "AWS::CustomerProfiles::ObjectType" ], "type": "string" }, @@ -64495,104 +71100,85 @@ ], "type": "object" }, - "AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm": { + "AWS::CustomerProfiles::ObjectType.FieldMap": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content of the subscription target configuration.", - "title": "Content", + "Name": { + "markdownDescription": "Name of the field.", + "title": "Name", "type": "string" }, - "FormName": { - "markdownDescription": "The form name included in the subscription target configuration.", - "title": "FormName", - "type": "string" + "ObjectTypeField": { + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeField", + "markdownDescription": "Represents a field in a ProfileObjectType.", + "title": "ObjectTypeField" } }, - "required": [ - "Content", - "FormName" - ], "type": "object" }, - "AWS::Deadline::Farm": { + "AWS::CustomerProfiles::ObjectType.KeyMap": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "Name of the key.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the farm that helps identify what the farm is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The display name of the farm.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN for the KMS key.", - "title": "KmsKeyArn", - "type": "string" - } + "ObjectTypeKeyList": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeKey" }, - "required": [ - "DisplayName" - ], - "type": "object" + "markdownDescription": "A list of ObjectTypeKey.", + "title": "ObjectTypeKeyList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType.ObjectTypeField": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type of the field. Used for determining equality when searching.", + "title": "ContentType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Deadline::Farm" - ], + "Source": { + "markdownDescription": "A field of a ProfileObject. For example: _source.FirstName, where \u201c_source\u201d is a ProfileObjectType of a Zendesk user and \u201cFirstName\u201d is a field in that ObjectType.", + "title": "Source", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Target": { + "markdownDescription": "The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode.", + "title": "Target", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Deadline::Fleet": { + "AWS::CustomerProfiles::ObjectType.ObjectTypeKey": { + "additionalProperties": false, + "properties": { + "FieldNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The reference for the key name of the fields map.", + "title": "FieldNames", + "type": "array" + }, + "StandardIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles.", + "title": "StandardIdentifiers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -64627,53 +71213,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetConfiguration", - "markdownDescription": "The configuration details for the fleet.", - "title": "Configuration" - }, "Description": { - "markdownDescription": "A description that helps identify what the fleet is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "markdownDescription": "The description of the segment definition.", "title": "Description", "type": "string" }, "DisplayName": { - "markdownDescription": "The display name of the fleet summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "markdownDescription": "Display name of the segment definition.", "title": "DisplayName", "type": "string" }, - "FarmId": { - "markdownDescription": "The farm ID.", - "title": "FarmId", + "DomainName": { + "markdownDescription": "The name of the domain.", + "title": "DomainName", "type": "string" }, - "MaxWorkerCount": { - "markdownDescription": "The maximum number of workers specified in the fleet.", - "title": "MaxWorkerCount", - "type": "number" + "SegmentDefinitionName": { + "markdownDescription": "Name of the segment definition.", + "title": "SegmentDefinitionName", + "type": "string" }, - "MinWorkerCount": { - "markdownDescription": "The minimum number of workers in the fleet.", - "title": "MinWorkerCount", - "type": "number" + "SegmentGroups": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.SegmentGroup", + "markdownDescription": "Contains all groups of the segment definition.", + "title": "SegmentGroups" }, - "RoleArn": { - "markdownDescription": "The IAM role that workers in the fleet use when processing jobs.", - "title": "RoleArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags belonging to the segment definition.", + "title": "Tags", + "type": "array" } }, "required": [ - "Configuration", "DisplayName", - "MaxWorkerCount", - "RoleArn" + "DomainName", + "SegmentDefinitionName", + "SegmentGroups" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::Fleet" + "AWS::CustomerProfiles::SegmentDefinition" ], "type": "string" }, @@ -64692,387 +71276,431 @@ ], "type": "object" }, - "AWS::Deadline::Fleet.AcceleratorCountRange": { + "AWS::CustomerProfiles::SegmentDefinition.AddressDimension": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of GPU accelerators in the worker host.", - "title": "Max", - "type": "number" + "City": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The city belonging to the address.", + "title": "City" }, - "Min": { - "markdownDescription": "The minimum number of GPU accelerators in the worker host.", - "title": "Min", - "type": "number" + "Country": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The country belonging to the address.", + "title": "Country" + }, + "County": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The county belonging to the address.", + "title": "County" + }, + "PostalCode": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The postal code belonging to the address.", + "title": "PostalCode" + }, + "Province": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The province belonging to the address.", + "title": "Province" + }, + "State": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The state belonging to the address.", + "title": "State" } }, - "required": [ - "Min" - ], "type": "object" }, - "AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange": { + "AWS::CustomerProfiles::SegmentDefinition.AttributeDimension": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory to use for the accelerator, measured in MiB.", - "title": "Max", - "type": "number" + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of memory to use for the accelerator, measured in MiB.", - "title": "Min", - "type": "number" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "Min" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Fleet.CustomerManagedFleetConfiguration": { + "AWS::CustomerProfiles::SegmentDefinition.CalculatedAttributeDimension": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The AWS Auto Scaling mode for the customer managed fleet configuration.", - "title": "Mode", - "type": "string" + "ConditionOverrides": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ConditionOverrides", + "markdownDescription": "Applies the given condition over the initial Calculated Attribute's definition.", + "title": "ConditionOverrides" }, - "StorageProfileId": { - "markdownDescription": "The storage profile ID.", - "title": "StorageProfileId", + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" }, - "WorkerCapabilities": { - "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities", - "markdownDescription": "The worker capabilities for a customer managed fleet configuration.", - "title": "WorkerCapabilities" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType with.", + "title": "Values", + "type": "array" } }, "required": [ - "Mode", - "WorkerCapabilities" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities": { + "AWS::CustomerProfiles::SegmentDefinition.ConditionOverrides": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", - "markdownDescription": "The range of the accelerator.", - "title": "AcceleratorCount" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange", - "markdownDescription": "The total memory (MiB) for the customer managed worker capabilities.", - "title": "AcceleratorTotalMemoryMiB" + "Range": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.RangeOverride", + "markdownDescription": "The relative time period over which data is included in the aggregation for this override.", + "title": "Range" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.DateDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", + "type": "string" }, - "AcceleratorTypes": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "The accelerator types for the customer managed worker capabilities.", - "title": "AcceleratorTypes", + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", "type": "array" + } + }, + "required": [ + "DimensionType", + "Values" + ], + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.Dimension": { + "additionalProperties": false, + "properties": { + "CalculatedAttributes": { + "additionalProperties": false, + "markdownDescription": "Object that holds the calculated attributes to segment on.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.CalculatedAttributeDimension" + } + }, + "title": "CalculatedAttributes", + "type": "object" }, - "CpuArchitectureType": { - "markdownDescription": "The CPU architecture type for the customer managed worker capabilities.", - "title": "CpuArchitectureType", + "ProfileAttributes": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileAttributes", + "markdownDescription": "Object that holds the profile attributes to segment on.", + "title": "ProfileAttributes" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.ExtraLengthValueProfileDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" }, - "CustomAmounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "Custom requirement ranges for customer managed worker capabilities.", - "title": "CustomAmounts", - "type": "array" - }, - "CustomAttributes": { + "Values": { "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + "type": "string" }, - "markdownDescription": "Custom attributes for the customer manged worker capabilities.", - "title": "CustomAttributes", + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", "type": "array" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", - "markdownDescription": "The memory (MiB).", - "title": "MemoryMiB" - }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", - "type": "string" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", - "markdownDescription": "The vCPU count for the customer manged worker capabilities.", - "title": "VCpuCount" } }, "required": [ - "CpuArchitectureType", - "MemoryMiB", - "OsFamily", - "VCpuCount" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Fleet.Ec2EbsVolume": { + "AWS::CustomerProfiles::SegmentDefinition.Group": { "additionalProperties": false, "properties": { - "Iops": { - "markdownDescription": "The IOPS per volume.", - "title": "Iops", - "type": "number" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.Dimension" + }, + "markdownDescription": "Defines the attributes to segment on.", + "title": "Dimensions", + "type": "array" }, - "SizeGiB": { - "markdownDescription": "The EBS volume size in GiB.", - "title": "SizeGiB", - "type": "number" + "SourceSegments": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.SourceSegment" + }, + "markdownDescription": "Defines the starting source of data.", + "title": "SourceSegments", + "type": "array" }, - "ThroughputMiB": { - "markdownDescription": "The throughput per volume in MiB.", - "title": "ThroughputMiB", - "type": "number" + "SourceType": { + "markdownDescription": "Defines how to interact with the source data.", + "title": "SourceType", + "type": "string" + }, + "Type": { + "markdownDescription": "Defines how to interact with the profiles found in the current filtering.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::Deadline::Fleet.FleetAmountCapability": { + "AWS::CustomerProfiles::SegmentDefinition.ProfileAttributes": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of the fleet worker capability.", - "title": "Max", - "type": "number" + "AccountNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within account number.", + "title": "AccountNumber" }, - "Min": { - "markdownDescription": "The minimum amount of fleet worker capability.", - "title": "Min", - "type": "number" + "AdditionalInformation": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ExtraLengthValueProfileDimension", + "markdownDescription": "A field to describe values to segment on within additional information.", + "title": "AdditionalInformation" }, - "Name": { - "markdownDescription": "The name of the fleet capability.", - "title": "Name", - "type": "string" + "Address": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within address.", + "title": "Address" + }, + "Attributes": { + "additionalProperties": false, + "markdownDescription": "A field to describe values to segment on within attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AttributeDimension" + } + }, + "title": "Attributes", + "type": "object" + }, + "BillingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within billing address.", + "title": "BillingAddress" + }, + "BirthDate": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.DateDimension", + "markdownDescription": "A field to describe values to segment on within birthDate.", + "title": "BirthDate" + }, + "BusinessEmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business email address.", + "title": "BusinessEmailAddress" + }, + "BusinessName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business name.", + "title": "BusinessName" + }, + "BusinessPhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business phone number.", + "title": "BusinessPhoneNumber" + }, + "EmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within email address.", + "title": "EmailAddress" + }, + "FirstName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within first name.", + "title": "FirstName" + }, + "GenderString": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within genderString.", + "title": "GenderString" + }, + "HomePhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within home phone number.", + "title": "HomePhoneNumber" + }, + "LastName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within last name.", + "title": "LastName" + }, + "MailingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within mailing address.", + "title": "MailingAddress" + }, + "MiddleName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within middle name.", + "title": "MiddleName" + }, + "MobilePhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within mobile phone number.", + "title": "MobilePhoneNumber" + }, + "PartyTypeString": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within partyTypeString.", + "title": "PartyTypeString" + }, + "PersonalEmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within personal email address.", + "title": "PersonalEmailAddress" + }, + "PhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within phone number.", + "title": "PhoneNumber" + }, + "ProfileType": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileTypeDimension", + "markdownDescription": "The type of profile.", + "title": "ProfileType" + }, + "ShippingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within shipping address.", + "title": "ShippingAddress" } }, - "required": [ - "Min", - "Name" - ], "type": "object" }, - "AWS::Deadline::Fleet.FleetAttributeCapability": { + "AWS::CustomerProfiles::SegmentDefinition.ProfileDimension": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the fleet attribute capability for the worker.", - "title": "Name", + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", "type": "string" }, "Values": { "items": { "type": "string" }, - "markdownDescription": "The number of fleet attribute capabilities.", + "markdownDescription": "", "title": "Values", "type": "array" } }, "required": [ - "Name", + "DimensionType", "Values" ], "type": "object" }, - "AWS::Deadline::Fleet.FleetCapabilities": { + "AWS::CustomerProfiles::SegmentDefinition.ProfileTypeDimension": { "additionalProperties": false, "properties": { - "Amounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "Amount capabilities of the fleet.", - "title": "Amounts", - "type": "array" + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", + "type": "string" }, - "Attributes": { + "Values": { "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + "type": "string" }, - "markdownDescription": "Attribute capabilities of the fleet.", - "title": "Attributes", + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", "type": "array" } }, + "required": [ + "DimensionType", + "Values" + ], "type": "object" }, - "AWS::Deadline::Fleet.FleetConfiguration": { + "AWS::CustomerProfiles::SegmentDefinition.RangeOverride": { "additionalProperties": false, "properties": { - "CustomerManaged": { - "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedFleetConfiguration", - "markdownDescription": "The customer managed fleets within a fleet configuration.", - "title": "CustomerManaged" + "End": { + "markdownDescription": "The end time of when to include objects.", + "title": "End", + "type": "number" }, - "ServiceManagedEc2": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration", - "markdownDescription": "The service managed Amazon EC2 instances for a fleet configuration.", - "title": "ServiceManagedEc2" + "Start": { + "markdownDescription": "The start time of when to include objects.", + "title": "Start", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit for start and end.", + "title": "Unit", + "type": "string" } }, + "required": [ + "Start", + "Unit" + ], "type": "object" }, - "AWS::Deadline::Fleet.MemoryMiBRange": { + "AWS::CustomerProfiles::SegmentDefinition.SegmentGroup": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory (in MiB).", - "title": "Max", - "type": "number" + "Groups": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.Group" + }, + "markdownDescription": "Holds the list of groups within the segment definition.", + "title": "Groups", + "type": "array" }, - "Min": { - "markdownDescription": "The minimum amount of memory (in MiB).", - "title": "Min", - "type": "number" + "Include": { + "markdownDescription": "Defines whether to include or exclude the profiles that fit the segment criteria.", + "title": "Include", + "type": "string" } }, - "required": [ - "Min" - ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration": { + "AWS::CustomerProfiles::SegmentDefinition.SourceSegment": { "additionalProperties": false, "properties": { - "InstanceCapabilities": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities", - "markdownDescription": "The Amazon EC2 instance capabilities.", - "title": "InstanceCapabilities" - }, - "InstanceMarketOptions": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions", - "markdownDescription": "The Amazon EC2 market type.", - "title": "InstanceMarketOptions" + "SegmentDefinitionName": { + "markdownDescription": "The name of the source segment.", + "title": "SegmentDefinitionName", + "type": "string" } }, - "required": [ - "InstanceCapabilities", - "InstanceMarketOptions" - ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities": { + "AWS::DAX::Cluster": { "additionalProperties": false, "properties": { - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The allowable Amazon EC2 instance types.", - "title": "AllowedInstanceTypes", - "type": "array" - }, - "CpuArchitectureType": { - "markdownDescription": "The CPU architecture type.", - "title": "CpuArchitectureType", - "type": "string" - }, - "CustomAmounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "The custom capability amounts to require for instances in this fleet.", - "title": "CustomAmounts", - "type": "array" - }, - "CustomAttributes": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" - }, - "markdownDescription": "The custom capability attributes to require for instances in this fleet.", - "title": "CustomAttributes", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude from the fleet.", - "title": "ExcludedInstanceTypes", - "type": "array" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", - "markdownDescription": "The memory, as MiB, for the Amazon EC2 instance type.", - "title": "MemoryMiB" - }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", - "type": "string" - }, - "RootEbsVolume": { - "$ref": "#/definitions/AWS::Deadline::Fleet.Ec2EbsVolume", - "markdownDescription": "The root EBS volume.", - "title": "RootEbsVolume" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", - "markdownDescription": "The amount of vCPU to require for instances in this fleet.", - "title": "VCpuCount" - } - }, - "required": [ - "CpuArchitectureType", - "MemoryMiB", - "OsFamily", - "VCpuCount" - ], - "type": "object" - }, - "AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The Amazon EC2 instance type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Deadline::Fleet.VCpuCountRange": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of vCPU.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of vCPU.", - "title": "Min", - "type": "number" - } - }, - "required": [ - "Min" - ], - "type": "object" - }, - "AWS::Deadline::LicenseEndpoint": { - "additionalProperties": false, - "properties": { - "Condition": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -65104,228 +71732,96 @@ "Properties": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The identifier of the Amazon EC2 security group that controls access to the license endpoint.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { + "AvailabilityZones": { "items": { "type": "string" }, - "markdownDescription": "Identifies the VPC subnets that can connect to a license endpoint.", - "title": "SubnetIds", + "markdownDescription": "The Availability Zones (AZs) in which the cluster nodes will reside after the cluster has been created or updated. If provided, the length of this list must equal the `ReplicationFactor` parameter. If you omit this parameter, DAX will spread the nodes across Availability Zones for the highest availability.", + "title": "AvailabilityZones", "type": "array" }, - "VpcId": { - "markdownDescription": "The VCP(virtual private cloud) ID associated with the license endpoint.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "SecurityGroupIds", - "SubnetIds", - "VpcId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Deadline::LicenseEndpoint" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Deadline::MeteredProduct": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "ClusterEndpointEncryptionType": { + "markdownDescription": "The encryption type of the cluster's endpoint. Available values are:\n\n- `NONE` - The cluster's endpoint will be unencrypted.\n- `TLS` - The cluster's endpoint will be encrypted with Transport Layer Security, and will provide an x509 certificate for authentication.\n\nThe default value is `NONE` .", + "title": "ClusterEndpointEncryptionType", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Family": { + "ClusterName": { + "markdownDescription": "The name of the DAX cluster.", + "title": "ClusterName", "type": "string" }, - "LicenseEndpointId": { - "markdownDescription": "The Amazon EC2 identifier of the license endpoint.", - "title": "LicenseEndpointId", + "Description": { + "markdownDescription": "The description of the cluster.", + "title": "Description", "type": "string" }, - "Port": { - "type": "number" - }, - "ProductId": { - "markdownDescription": "The product ID.", - "title": "ProductId", + "IAMRoleARN": { + "markdownDescription": "A valid Amazon Resource Name (ARN) that identifies an IAM role. At runtime, DAX will assume this role and use the role's permissions to access DynamoDB on your behalf.", + "title": "IAMRoleARN", "type": "string" }, - "Vendor": { - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Deadline::MeteredProduct" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Deadline::Queue": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "NetworkType": { "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedStorageProfileIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems.", - "title": "AllowedStorageProfileIds", - "type": "array" - }, - "DefaultBudgetAction": { - "markdownDescription": "The default action taken on a queue summary if a budget wasn't configured.", - "title": "DefaultBudgetAction", + "NodeType": { + "markdownDescription": "The node type for the nodes in the cluster. (All nodes in a DAX cluster are of the same type.)", + "title": "NodeType", "type": "string" }, - "Description": { - "markdownDescription": "A description of the queue that helps identify what the queue is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "Description", + "NotificationTopicARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which notifications will be sent.\n\n> The Amazon SNS topic owner must be same as the DAX cluster owner.", + "title": "NotificationTopicARN", "type": "string" }, - "DisplayName": { - "markdownDescription": "The display name of the queue summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", + "ParameterGroupName": { + "markdownDescription": "The parameter group to be associated with the DAX cluster.", + "title": "ParameterGroupName", "type": "string" }, - "FarmId": { - "markdownDescription": "The farm ID.", - "title": "FarmId", + "PreferredMaintenanceWindow": { + "markdownDescription": "A range of time when maintenance of DAX cluster software will be performed. For example: `sun:01:00-sun:09:00` . Cluster maintenance normally takes less than 30 minutes, and is performed automatically within the maintenance window.", + "title": "PreferredMaintenanceWindow", "type": "string" }, - "JobAttachmentSettings": { - "$ref": "#/definitions/AWS::Deadline::Queue.JobAttachmentSettings", - "markdownDescription": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix.", - "title": "JobAttachmentSettings" + "ReplicationFactor": { + "markdownDescription": "The number of nodes in the DAX cluster. A replication factor of 1 will create a single-node cluster, without any read replicas. For additional fault tolerance, you can create a multiple node cluster with one or more read replicas. To do this, set `ReplicationFactor` to a number between 3 (one primary and two read replicas) and 10 (one primary and nine read replicas). `If the AvailabilityZones` parameter is provided, its length must equal the `ReplicationFactor` .\n\n> AWS recommends that you have at least two read replicas per cluster.", + "title": "ReplicationFactor", + "type": "number" }, - "JobRunAsUser": { - "$ref": "#/definitions/AWS::Deadline::Queue.JobRunAsUser", - "markdownDescription": "Identifies the user for a job.", - "title": "JobRunAsUser" + "SSESpecification": { + "$ref": "#/definitions/AWS::DAX::Cluster.SSESpecification", + "markdownDescription": "Represents the settings used to enable server-side encryption on the cluster.", + "title": "SSESpecification" }, - "RequiredFileSystemLocationNames": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "The file system location that the queue uses.", - "title": "RequiredFileSystemLocationNames", + "markdownDescription": "A list of security group IDs to be assigned to each node in the DAX cluster. (Each of the security group ID is system-generated.)\n\nIf this parameter is not specified, DAX assigns the default VPC security group to each node.", + "title": "SecurityGroupIds", "type": "array" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue.", - "title": "RoleArn", + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the replication group.\n\n> DAX clusters can only run in an Amazon VPC environment. All of the subnets that you specify in a subnet group must exist in the same VPC.", + "title": "SubnetGroupName", "type": "string" + }, + "Tags": { + "markdownDescription": "A set of tags to associate with the DAX cluster.", + "title": "Tags", + "type": "object" } }, "required": [ - "DisplayName" + "IAMRoleARN", + "NodeType", + "ReplicationFactor" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::Queue" + "AWS::DAX::Cluster" ], "type": "string" }, @@ -65344,91 +71840,18 @@ ], "type": "object" }, - "AWS::Deadline::Queue.JobAttachmentSettings": { - "additionalProperties": false, - "properties": { - "RootPrefix": { - "markdownDescription": "The root prefix.", - "title": "RootPrefix", - "type": "string" - }, - "S3BucketName": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3BucketName", - "type": "string" - } - }, - "required": [ - "RootPrefix", - "S3BucketName" - ], - "type": "object" - }, - "AWS::Deadline::Queue.JobRunAsUser": { - "additionalProperties": false, - "properties": { - "Posix": { - "$ref": "#/definitions/AWS::Deadline::Queue.PosixUser", - "markdownDescription": "The user and group that the jobs in the queue run as.", - "title": "Posix" - }, - "RunAs": { - "markdownDescription": "Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user.", - "title": "RunAs", - "type": "string" - }, - "Windows": { - "$ref": "#/definitions/AWS::Deadline::Queue.WindowsUser", - "markdownDescription": "Identifies a Microsoft Windows user.", - "title": "Windows" - } - }, - "required": [ - "RunAs" - ], - "type": "object" - }, - "AWS::Deadline::Queue.PosixUser": { - "additionalProperties": false, - "properties": { - "Group": { - "markdownDescription": "The name of the POSIX user's group.", - "title": "Group", - "type": "string" - }, - "User": { - "markdownDescription": "The name of the POSIX user.", - "title": "User", - "type": "string" - } - }, - "required": [ - "Group", - "User" - ], - "type": "object" - }, - "AWS::Deadline::Queue.WindowsUser": { + "AWS::DAX::Cluster.SSESpecification": { "additionalProperties": false, "properties": { - "PasswordArn": { - "markdownDescription": "The password ARN for the Windows user.", - "title": "PasswordArn", - "type": "string" - }, - "User": { - "markdownDescription": "The user.", - "title": "User", - "type": "string" + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is enabled (true) or disabled (false) on the cluster.", + "title": "SSEEnabled", + "type": "boolean" } }, - "required": [ - "PasswordArn", - "User" - ], "type": "object" }, - "AWS::Deadline::QueueEnvironment": { + "AWS::DAX::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -65463,44 +71886,27 @@ "Properties": { "additionalProperties": false, "properties": { - "FarmId": { - "markdownDescription": "The identifier assigned to the farm that contains the queue.", - "title": "FarmId", - "type": "string" - }, - "Priority": { - "markdownDescription": "The queue environment's priority.", - "title": "Priority", - "type": "number" - }, - "QueueId": { - "markdownDescription": "The unique identifier of the queue that contains the environment.", - "title": "QueueId", + "Description": { + "markdownDescription": "A description of the parameter group.", + "title": "Description", "type": "string" }, - "Template": { - "markdownDescription": "A JSON or YAML template that describes the processing environment for the queue.", - "title": "Template", + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group.", + "title": "ParameterGroupName", "type": "string" }, - "TemplateType": { - "markdownDescription": "Specifies whether the template for the queue environment is JSON or YAML.", - "title": "TemplateType", - "type": "string" + "ParameterNameValues": { + "markdownDescription": "An array of name-value pairs for the parameters in the group. Each element in the array represents a single parameter.\n\n> `record-ttl-millis` and `query-ttl-millis` are the only supported parameter names. For more details, see [Configuring TTL Settings](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl) .", + "title": "ParameterNameValues", + "type": "object" } }, - "required": [ - "FarmId", - "Priority", - "QueueId", - "Template", - "TemplateType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::QueueEnvironment" + "AWS::DAX::ParameterGroup" ], "type": "string" }, @@ -65514,12 +71920,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Deadline::QueueFleetAssociation": { + "AWS::DAX::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -65554,32 +71959,33 @@ "Properties": { "additionalProperties": false, "properties": { - "FarmId": { - "markdownDescription": "The identifier of the farm that contains the queue and the fleet.", - "title": "FarmId", + "Description": { + "markdownDescription": "The description of the subnet group.", + "title": "Description", "type": "string" }, - "FleetId": { - "markdownDescription": "The fleet ID.", - "title": "FleetId", + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group.", + "title": "SubnetGroupName", "type": "string" }, - "QueueId": { - "markdownDescription": "The queue ID.", - "title": "QueueId", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "FarmId", - "FleetId", - "QueueId" + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::QueueFleetAssociation" + "AWS::DAX::SubnetGroup" ], "type": "string" }, @@ -65598,7 +72004,7 @@ ], "type": "object" }, - "AWS::Deadline::StorageProfile": { + "AWS::DLM::LifecyclePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -65633,39 +72039,75 @@ "Properties": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The display name of the storage profile summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", + "CopyTags": { + "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "CopyTags", + "type": "boolean" + }, + "CreateInterval": { + "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", + "title": "CreateInterval", + "type": "number" + }, + "CrossRegionCopyTargets": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", + "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", + "title": "CrossRegionCopyTargets" + }, + "DefaultPolicy": { + "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", + "title": "DefaultPolicy", "type": "string" }, - "FarmId": { - "markdownDescription": "The unique identifier of the farm that contains the storage profile.", - "title": "FarmId", + "Description": { + "markdownDescription": "A description of the lifecycle policy. The characters ^[0-9A-Za-z _-]+$ are supported.", + "title": "Description", "type": "string" }, - "FileSystemLocations": { + "Exclusions": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", + "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", + "title": "Exclusions" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to run the operations specified by the lifecycle policy.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "ExtendDeletion": { + "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "ExtendDeletion", + "type": "boolean" + }, + "PolicyDetails": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.PolicyDetails", + "markdownDescription": "The configuration details of the lifecycle policy.\n\n> If you create a default policy, you can specify the request parameters either in the request body, or in the PolicyDetails request structure, but not both.", + "title": "PolicyDetails" + }, + "RetainInterval": { + "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", + "title": "RetainInterval", + "type": "number" + }, + "State": { + "markdownDescription": "The activation state of the lifecycle policy.", + "title": "State", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Deadline::StorageProfile.FileSystemLocation" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Operating system specific file system path to the storage location.", - "title": "FileSystemLocations", + "markdownDescription": "The tags to apply to the lifecycle policy during creation.", + "title": "Tags", "type": "array" - }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", - "type": "string" } }, - "required": [ - "DisplayName", - "OsFamily" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::StorageProfile" + "AWS::DLM::LifecyclePolicy" ], "type": "string" }, @@ -65679,806 +72121,682 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Deadline::StorageProfile.FileSystemLocation": { + "AWS::DLM::LifecyclePolicy.Action": { "additionalProperties": false, "properties": { + "CrossRegionCopy": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyAction" + }, + "markdownDescription": "The rule for copying shared snapshots across Regions.", + "title": "CrossRegionCopy", + "type": "array" + }, "Name": { - "markdownDescription": "The location name.", + "markdownDescription": "A descriptive name for the action.", "title": "Name", "type": "string" - }, - "Path": { - "markdownDescription": "The file path.", - "title": "Path", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of file.", - "title": "Type", - "type": "string" } }, "required": [ - "Name", - "Path", - "Type" + "CrossRegionCopy", + "Name" ], "type": "object" }, - "AWS::Detective::Graph": { + "AWS::DLM::LifecyclePolicy.ArchiveRetainRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoEnableMembers": { - "markdownDescription": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.\n\nBy default, this property is set to `false` . If you want to change the value of this property, you must be the Detective administrator for the organization. For more information on setting a Detective administrator account, see [AWS::Detective::OrganizationAdmin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-detective-organizationadmin.html) .", - "title": "AutoEnableMembers", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tag values to assign to the new behavior graph.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Detective::Graph" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RetentionArchiveTier": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetentionArchiveTier", + "markdownDescription": "Information about retention period in the Amazon EBS Snapshots Archive. For more information, see [Archive Amazon EBS snapshots](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/snapshot-archive.html) .", + "title": "RetentionArchiveTier" } }, "required": [ - "Type" + "RetentionArchiveTier" ], "type": "object" }, - "AWS::Detective::MemberInvitation": { + "AWS::DLM::LifecyclePolicy.ArchiveRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DisableEmailNotification": { - "markdownDescription": "Whether to send an invitation email to the member account. If set to true, the member account does not receive an invitation email.", - "title": "DisableEmailNotification", - "type": "boolean" - }, - "GraphArn": { - "markdownDescription": "The ARN of the behavior graph to invite the account to contribute data to.", - "title": "GraphArn", - "type": "string" - }, - "MemberEmailAddress": { - "markdownDescription": "The root user email address of the invited account. If the email address provided is not the root user email address for the provided account, the invitation creation fails.", - "title": "MemberEmailAddress", - "type": "string" - }, - "MemberId": { - "markdownDescription": "The AWS account identifier of the invited account", - "title": "MemberId", - "type": "string" - }, - "Message": { - "markdownDescription": "Customized text to include in the invitation email message.", - "title": "Message", - "type": "string" - } - }, - "required": [ - "GraphArn", - "MemberEmailAddress", - "MemberId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Detective::MemberInvitation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRetainRule", + "markdownDescription": "Information about the retention period for the snapshot archiving rule.", + "title": "RetainRule" } }, "required": [ - "Type", - "Properties" + "RetainRule" ], "type": "object" }, - "AWS::Detective::OrganizationAdmin": { + "AWS::DLM::LifecyclePolicy.CreateRule": { "additionalProperties": false, "properties": { - "Condition": { + "CronExpression": { + "markdownDescription": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. For more information, see the [Cron and rate expressions](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) in the *Amazon EventBridge User Guide* .", + "title": "CronExpression", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Interval": { + "markdownDescription": "The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The interval unit.", + "title": "IntervalUnit", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Location": { + "markdownDescription": "*[Custom snapshot policies only]* Specifies the destination for snapshots created by the policy. The allowed destinations depend on the location of the targeted resources.\n\n- If the policy targets resources in a Region, then you must create snapshots in the same Region as the source resource.\n- If the policy targets resources in a Local Zone, you can create snapshots in the same Local Zone or in its parent Region.\n- If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost or in its parent Region.\n\nSpecify one of the following values:\n\n- To create snapshots in the same Region as the source resource, specify `CLOUD` .\n- To create snapshots in the same Local Zone as the source resource, specify `LOCAL_ZONE` .\n- To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL` .\n\nDefault: `CLOUD`", + "title": "Location", + "type": "string" }, - "Metadata": { - "type": "object" + "Scripts": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" + }, + "markdownDescription": "*[Custom snapshot policies that target instances only]* Specifies pre and/or post scripts for a snapshot lifecycle policy that targets instances. This is useful for creating application-consistent snapshots, or for performing specific administrative tasks before or after Amazon Data Lifecycle Manager initiates snapshot creation.\n\nFor more information, see [Automating application-consistent snapshots with pre and post scripts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/automate-app-consistent-backups.html) .", + "title": "Scripts", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The AWS account identifier of the account to designate as the Detective administrator account for the organization.", - "title": "AccountId", - "type": "string" - } + "Times": { + "items": { + "type": "string" }, - "required": [ - "AccountId" - ], - "type": "object" + "markdownDescription": "The time, in UTC, to start the operation. The supported format is hh:mm.\n\nThe operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon Data Lifecycle Manager selects a time within the next 24 hours.", + "title": "Times", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.CrossRegionCopyAction": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EncryptionConfiguration", + "markdownDescription": "The encryption settings for the copied snapshot.", + "title": "EncryptionConfiguration" }, - "Type": { - "enum": [ - "AWS::Detective::OrganizationAdmin" - ], - "type": "string" + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", + "markdownDescription": "Specifies a retention rule for cross-Region snapshot copies created by snapshot or event-based policies, or cross-Region AMI copies created by AMI policies. After the retention period expires, the cross-Region copy is deleted.", + "title": "RetainRule" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Target": { + "markdownDescription": "The target Region.", + "title": "Target", "type": "string" } }, "required": [ - "Type", - "Properties" + "EncryptionConfiguration", + "Target" ], "type": "object" }, - "AWS::DevOpsGuru::LogAnomalyDetectionIntegration": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": {}, - "type": "object" + "Interval": { + "markdownDescription": "The period after which to deprecate the cross-Region AMI copies. The period must be less than or equal to the cross-Region AMI copy retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", + "title": "Interval", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::LogAnomalyDetectionIntegration" - ], + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to deprecate a cross-Region AMI copy after 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", "type": "string" + } + }, + "required": [ + "Interval", + "IntervalUnit" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule": { + "additionalProperties": false, + "properties": { + "Interval": { + "markdownDescription": "The amount of time to retain a cross-Region snapshot or AMI copy. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IntervalUnit": { + "markdownDescription": "The unit of time for time-based retention. For example, to retain a cross-Region copy for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", "type": "string" } }, "required": [ - "Type" + "Interval", + "IntervalUnit" ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyRule": { "additionalProperties": false, "properties": { - "Condition": { + "CmkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", + "title": "CmkArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CopyTags": { + "markdownDescription": "Indicates whether to copy all user-defined tags from the source snapshot or AMI to the cross-Region copy.", + "title": "CopyTags", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DeprecateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule", + "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for cross-Region AMI copies created by the rule.", + "title": "DeprecateRule" }, - "Metadata": { - "type": "object" + "Encrypted": { + "markdownDescription": "To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.", + "title": "Encrypted", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Config": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig", - "markdownDescription": "A `NotificationChannelConfig` object that contains information about configured notification channels.", - "title": "Config" - } - }, - "required": [ - "Config" - ], - "type": "object" + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", + "markdownDescription": "The retention rule that indicates how long the cross-Region snapshot or AMI copies are to be retained in the destination Region.", + "title": "RetainRule" }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::NotificationChannel" - ], + "Target": { + "markdownDescription": "> Use this parameter for snapshot policies only. For AMI policies, use *TargetRegion* instead. \n\n*[Custom snapshot policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", + "title": "Target", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetRegion": { + "markdownDescription": "> Use this parameter for AMI policies only. For snapshot policies, use *Target* instead. For snapshot policies created before the *Target* parameter was introduced, this parameter indicates the target Region for snapshot copies. \n\n*[Custom AMI policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", + "title": "TargetRegion", "type": "string" } }, "required": [ - "Type", - "Properties" + "Encrypted" ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyTarget": { "additionalProperties": false, "properties": { - "Filters": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig", - "markdownDescription": "The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity.", - "title": "Filters" - }, - "Sns": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig", - "markdownDescription": "Information about a notification channel configured in DevOps Guru to send notifications when insights are created.\n\nIf you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) .\n\nIf you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS\u2013encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) .", - "title": "Sns" + "TargetRegion": { + "type": "string" } }, "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.DeprecateRule": { "additionalProperties": false, "properties": { - "MessageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created.", - "title": "MessageTypes", - "type": "array" + "Count": { + "markdownDescription": "If the schedule has a count-based retention rule, this parameter specifies the number of oldest AMIs to deprecate. The count must be less than or equal to the schedule's retention count, and it can't be greater than 1000.", + "title": "Count", + "type": "number" }, - "Severities": { - "items": { - "type": "string" - }, - "markdownDescription": "The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) .", - "title": "Severities", - "type": "array" + "Interval": { + "markdownDescription": "If the schedule has an age-based retention rule, this parameter specifies the period after which to deprecate AMIs created by the schedule. The period must be less than or equal to the schedule's retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* .", + "title": "IntervalUnit", + "type": "string" } }, "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig": { + "AWS::DLM::LifecyclePolicy.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.", - "title": "TopicArn", + "CmkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", + "title": "CmkArn", "type": "string" + }, + "Encrypted": { + "markdownDescription": "To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled.", + "title": "Encrypted", + "type": "boolean" } }, + "required": [ + "Encrypted" + ], "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection": { + "AWS::DLM::LifecyclePolicy.EventParameters": { "additionalProperties": false, "properties": { - "Condition": { + "DescriptionRegex": { + "markdownDescription": "The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.\n\nFor example, specifying `^.*Created for policy: policy-1234567890abcdef0.*$` configures the policy to run only if snapshots created by policy `policy-1234567890abcdef0` are shared with your account.", + "title": "DescriptionRegex", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EventType": { + "markdownDescription": "The type of event. Currently, only snapshot sharing events are supported.", + "title": "EventType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceCollectionFilter": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter", - "markdownDescription": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru.", - "title": "ResourceCollectionFilter" - } + "SnapshotOwner": { + "items": { + "type": "string" }, - "required": [ - "ResourceCollectionFilter" - ], - "type": "object" + "markdownDescription": "The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.", + "title": "SnapshotOwner", + "type": "array" + } + }, + "required": [ + "EventType", + "SnapshotOwner" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.EventSource": { + "additionalProperties": false, + "properties": { + "Parameters": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventParameters", + "markdownDescription": "Information about the event.", + "title": "Parameters" }, "Type": { - "enum": [ - "AWS::DevOpsGuru::ResourceCollection" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The source of the event. Currently only managed Amazon EventBridge (formerly known as Amazon CloudWatch) events are supported.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter": { + "AWS::DLM::LifecyclePolicy.ExcludeTags": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.Exclusions": { "additionalProperties": false, "properties": { - "StackNames": { + "ExcludeBootVolumes": { + "markdownDescription": "*[Default policies for EBS snapshots only]* Indicates whether to exclude volumes that are attached to instances as the boot volume. If you exclude boot volumes, only volumes attached as data (non-boot) volumes will be backed up by the policy. To exclude boot volumes, specify `true` .", + "title": "ExcludeBootVolumes", + "type": "boolean" + }, + "ExcludeTags": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeTags", + "markdownDescription": "*[Default policies for EBS-backed AMIs only]* Specifies whether to exclude volumes that have specific tags.", + "title": "ExcludeTags" + }, + "ExcludeVolumeTypes": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList", + "markdownDescription": "*[Default policies for EBS snapshots only]* Specifies the volume types to exclude. Volumes of the specified types will not be targeted by the policy.", + "title": "ExcludeVolumeTypes" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.FastRestoreRule": { + "additionalProperties": false, + "properties": { + "AvailabilityZones": { "items": { "type": "string" }, - "markdownDescription": "An array of CloudFormation stack names.", - "title": "StackNames", + "markdownDescription": "The Availability Zones in which to enable fast snapshot restore.", + "title": "AvailabilityZones", "type": "array" + }, + "Count": { + "markdownDescription": "The number of snapshots to be enabled with fast snapshot restore.", + "title": "Count", + "type": "number" + }, + "Interval": { + "markdownDescription": "The amount of time to enable fast snapshot restore. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time for enabling fast snapshot restore.", + "title": "IntervalUnit", + "type": "string" } }, "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter": { + "AWS::DLM::LifecyclePolicy.Parameters": { "additionalProperties": false, "properties": { - "CloudFormation": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter", - "markdownDescription": "Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* .", - "title": "CloudFormation" + "ExcludeBootVolume": { + "markdownDescription": "*[Custom snapshot policies that target instances only]* Indicates whether to exclude the root volume from multi-volume snapshot sets. The default is `false` . If you specify `true` , then the root volumes attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", + "title": "ExcludeBootVolume", + "type": "boolean" }, - "Tags": { + "ExcludeDataVolumeTags": { "items": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.TagCollection" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS tags used to filter the resources in the resource collection.\n\nTags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper.\n\nEach AWS tag has two parts.\n\n- A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive.\n- A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified.\n\nTogether these are known as *key* - *value* pairs.\n\n> The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", - "title": "Tags", + "markdownDescription": "*[Custom snapshot policies that target instances only]* The tags used to identify data (non-root) volumes to exclude from multi-volume snapshot sets.\n\nIf you create a snapshot lifecycle policy that targets instances and you specify tags for this parameter, then data volumes with the specified tags that are attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", + "title": "ExcludeDataVolumeTags", "type": "array" + }, + "NoReboot": { + "markdownDescription": "*[Custom AMI policies only]* Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).", + "title": "NoReboot", + "type": "boolean" } }, "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.TagCollection": { + "AWS::DLM::LifecyclePolicy.PolicyDetails": { "additionalProperties": false, "properties": { - "AppBoundaryKey": { - "markdownDescription": "An AWS tag *key* that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this *key* make up your DevOps Guru application and analysis boundary.\n\n> When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", - "title": "AppBoundaryKey", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Action" + }, + "markdownDescription": "*[Event-based policies only]* The actions to be performed when the event-based policy is activated. You can specify only one action per policy.", + "title": "Actions", + "type": "array" + }, + "CopyTags": { + "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "CopyTags", + "type": "boolean" + }, + "CreateInterval": { + "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", + "title": "CreateInterval", + "type": "number" + }, + "CrossRegionCopyTargets": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", + "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", + "title": "CrossRegionCopyTargets" + }, + "EventSource": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventSource", + "markdownDescription": "*[Event-based policies only]* The event that activates the event-based policy.", + "title": "EventSource" + }, + "Exclusions": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", + "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", + "title": "Exclusions" + }, + "ExtendDeletion": { + "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "ExtendDeletion", + "type": "boolean" + }, + "Parameters": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Parameters", + "markdownDescription": "*[Custom snapshot and AMI policies only]* A set of optional parameters for snapshot and AMI lifecycle policies.\n\n> If you are modifying a policy that was created or previously modified using the Amazon Data Lifecycle Manager console, then you must include this parameter and specify either the default values or the new values that you require. You can't omit this parameter or set its values to null.", + "title": "Parameters" + }, + "PolicyLanguage": { + "markdownDescription": "The type of policy to create. Specify one of the following:\n\n- `SIMPLIFIED` To create a default policy.\n- `STANDARD` To create a custom policy.", + "title": "PolicyLanguage", "type": "string" }, - "TagValues": { + "PolicyType": { + "markdownDescription": "The type of policy. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account .\n\nThe default is `EBS_SNAPSHOT_MANAGEMENT` .", + "title": "PolicyType", + "type": "string" + }, + "ResourceLocations": { "items": { "type": "string" }, - "markdownDescription": "The values in an AWS tag collection.\n\nThe tag's *value* is a field used to associate a string with the tag *key* (for example, `111122223333` , `Production` , or a team name). The *key* and *value* are the tag's *key* pair. Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. You can specify a maximum of 256 characters for a tag value. The tag value is a required property when *AppBoundaryKey* is specified.", - "title": "TagValues", + "markdownDescription": "*[Custom snapshot and AMI policies only]* The location of the resources to backup.\n\n- If the source resources are located in a Region, specify `CLOUD` . In this case, the policy targets all resources of the specified type with matching target tags across all Availability Zones in the Region.\n- *[Custom snapshot policies only]* If the source resources are located in a Local Zone, specify `LOCAL_ZONE` . In this case, the policy targets all resources of the specified type with matching target tags across all Local Zones in the Region.\n- If the source resources are located on an Outpost in your account, specify `OUTPOST` . In this case, the policy targets all resources of the specified type with matching target tags across all of the Outposts in your account.", + "title": "ResourceLocations", + "type": "array" + }, + "ResourceType": { + "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", + "title": "ResourceType", + "type": "string" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "*[Custom snapshot policies only]* The target resource type for snapshot and AMI lifecycle policies. Use `VOLUME` to create snapshots of individual volumes or use `INSTANCE` to create multi-volume snapshots from the volumes for an instance.", + "title": "ResourceTypes", + "type": "array" + }, + "RetainInterval": { + "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", + "title": "RetainInterval", + "type": "number" + }, + "Schedules": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Schedule" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The schedules of policy-defined actions for snapshot and AMI lifecycle policies. A policy can have up to four schedules\u2014one mandatory schedule and up to three optional schedules.", + "title": "Schedules", + "type": "array" + }, + "TargetTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The single tag that identifies targeted resources for this policy.", + "title": "TargetTags", "type": "array" } }, "type": "object" }, - "AWS::DirectoryService::MicrosoftAD": { + "AWS::DLM::LifecyclePolicy.RetainRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Count": { + "markdownDescription": "The number of snapshots to retain for each volume, up to a maximum of 1000. For example if you want to retain a maximum of three snapshots, specify `3` . When the fourth snapshot is created, the oldest retained snapshot is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", + "title": "Count", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreateAlias": { - "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, AWS CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", - "title": "CreateAlias", - "type": "boolean" - }, - "Edition": { - "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", - "title": "Edition", - "type": "string" - }, - "EnableSso": { - "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", - "title": "EnableSso", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", - "title": "Name", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", - "title": "Password", - "type": "string" - }, - "ShortName": { - "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", - "title": "ShortName", - "type": "string" - }, - "VpcSettings": { - "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", - "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", - "title": "VpcSettings" - } - }, - "required": [ - "Name", - "Password", - "VpcSettings" - ], - "type": "object" + "Interval": { + "markdownDescription": "The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DirectoryService::MicrosoftAD" - ], + "IntervalUnit": { + "markdownDescription": "The unit of time for time-based retention. For example, to retain snapshots for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` . Once the snapshot has been retained for 3 months, it is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", + "title": "IntervalUnit", "type": "string" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.RetentionArchiveTier": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The maximum number of snapshots to retain in the archive storage tier for each volume. The count must ensure that each snapshot remains in the archive tier for at least 90 days. For example, if the schedule creates snapshots every 30 days, you must specify a count of 3 or more to ensure that each snapshot is archived for at least 90 days.", + "title": "Count", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Interval": { + "markdownDescription": "Specifies the period of time to retain snapshots in the archive tier. After this period expires, the snapshot is permanently deleted.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to retain a snapshots in the archive tier for 6 months, specify `Interval=6` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DirectoryService::MicrosoftAD.VpcSettings": { + "AWS::DLM::LifecyclePolicy.Schedule": { "additionalProperties": false, "properties": { - "SubnetIds": { + "ArchiveRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRule", + "markdownDescription": "*[Custom snapshot policies that target volumes only]* The snapshot archiving rule for the schedule. When you specify an archiving rule, snapshots are automatically moved from the standard tier to the archive tier once the schedule's retention threshold is met. Snapshots are then retained in the archive tier for the archive retention period that you specify.\n\nFor more information about using snapshot archiving, see [Considerations for snapshot lifecycle policies](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-ami-policy.html#dlm-archive) .", + "title": "ArchiveRule" + }, + "CopyTags": { + "markdownDescription": "Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.", + "title": "CopyTags", + "type": "boolean" + }, + "CreateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CreateRule", + "markdownDescription": "The creation rule.", + "title": "CreateRule" + }, + "CrossRegionCopyRules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRule" }, - "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", - "title": "SubnetIds", + "markdownDescription": "Specifies a rule for copying snapshots or AMIs across Regions.\n\n> You can't specify cross-Region copy rules for policies that create snapshots on an Outpost or in a Local Zone. If the policy creates snapshots in a Region, then snapshots can be copied to up to three Regions or Outposts.", + "title": "CrossRegionCopyRules", "type": "array" }, - "VpcId": { - "markdownDescription": "The identifier of the VPC in which to create the directory.", - "title": "VpcId", + "DeprecateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.DeprecateRule", + "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for the schedule.", + "title": "DeprecateRule" + }, + "FastRestoreRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.FastRestoreRule", + "markdownDescription": "*[Custom snapshot policies only]* The rule for enabling fast snapshot restore.", + "title": "FastRestoreRule" + }, + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", "type": "string" + }, + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetainRule", + "markdownDescription": "The retention rule for snapshots or AMIs created by the policy.", + "title": "RetainRule" + }, + "ShareRules": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ShareRule" + }, + "markdownDescription": "*[Custom snapshot policies only]* The rule for sharing snapshots with other AWS accounts .", + "title": "ShareRules", + "type": "array" + }, + "TagsToAdd": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS -added lifecycle tags.", + "title": "TagsToAdd", + "type": "array" + }, + "VariableTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "*[AMI policies and snapshot policies that target instances only]* A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: `$(instance-id)` or `$(timestamp)` . Variable tags are only valid for EBS Snapshot Management \u2013 Instance policies.", + "title": "VariableTags", + "type": "array" } }, - "required": [ - "SubnetIds", - "VpcId" - ], "type": "object" }, - "AWS::DirectoryService::SimpleAD": { + "AWS::DLM::LifecyclePolicy.Script": { "additionalProperties": false, "properties": { - "Condition": { + "ExecuteOperationOnScriptFailure": { + "markdownDescription": "Indicates whether Amazon Data Lifecycle Manager should default to crash-consistent snapshots if the pre script fails.\n\n- To default to crash consistent snapshot if the pre script fails, specify `true` .\n- To skip the instance for snapshot creation if the pre script fails, specify `false` .\n\nThis parameter is supported only if you run a pre script. If you run a post script only, omit this parameter.\n\nDefault: true", + "title": "ExecuteOperationOnScriptFailure", + "type": "boolean" + }, + "ExecutionHandler": { + "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", + "title": "ExecutionHandler", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExecutionHandlerService": { + "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", + "title": "ExecutionHandlerService", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExecutionTimeout": { + "markdownDescription": "Specifies a timeout period, in seconds, after which Amazon Data Lifecycle Manager fails the script run attempt if it has not completed. If a script does not complete within its timeout period, Amazon Data Lifecycle Manager fails the attempt. The timeout period applies to the pre and post scripts individually.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: 10", + "title": "ExecutionTimeout", + "type": "number" }, - "Metadata": { - "type": "object" + "MaximumRetryCount": { + "markdownDescription": "Specifies the number of times Amazon Data Lifecycle Manager should retry scripts that fail.\n\n- If the pre script fails, Amazon Data Lifecycle Manager retries the entire snapshot creation process, including running the pre and post scripts.\n- If the post script fails, Amazon Data Lifecycle Manager retries the post script only; in this case, the pre script will have completed and the snapshot might have been created.\n\nIf you do not want Amazon Data Lifecycle Manager to retry failed scripts, specify `0` .\n\nDefault: 0", + "title": "MaximumRetryCount", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreateAlias": { - "markdownDescription": "If set to `true` , specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, this property is set to `false` .\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", - "title": "CreateAlias", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description for the directory.", - "title": "Description", - "type": "string" - }, - "EnableSso": { - "markdownDescription": "Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", - "title": "EnableSso", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The fully qualified name for the directory, such as `corp.example.com` .", - "title": "Name", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the directory administrator. The directory creation process creates a directory administrator account with the user name `Administrator` and this password.\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", - "title": "Password", - "type": "string" - }, - "ShortName": { - "markdownDescription": "The NetBIOS name of the directory, such as `CORP` .", - "title": "ShortName", - "type": "string" - }, - "Size": { - "markdownDescription": "The size of the directory. For valid values, see [CreateDirectory](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html) in the *AWS Directory Service API Reference* .", - "title": "Size", - "type": "string" - }, - "VpcSettings": { - "$ref": "#/definitions/AWS::DirectoryService::SimpleAD.VpcSettings", - "markdownDescription": "A [DirectoryVpcSettings](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DirectoryVpcSettings.html) object that contains additional information for the operation.", - "title": "VpcSettings" - } + "Stages": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Size", - "VpcSettings" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DirectoryService::SimpleAD" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Indicate which scripts Amazon Data Lifecycle Manager should run on target instances. Pre scripts run before Amazon Data Lifecycle Manager initiates snapshot creation. Post scripts run after Amazon Data Lifecycle Manager initiates snapshot creation.\n\n- To run a pre script only, specify `PRE` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation.\n- To run a post script only, specify `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `post-script` parameter after initiating snapshot creation.\n- To run both pre and post scripts, specify both `PRE` and `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation, and then it calls the SSM document again with the `post-script` parameter after initiating snapshot creation.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: PRE and POST", + "title": "Stages", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DirectoryService::SimpleAD.VpcSettings": { + "AWS::DLM::LifecyclePolicy.ShareRule": { "additionalProperties": false, "properties": { - "SubnetIds": { + "TargetAccounts": { "items": { "type": "string" }, - "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", - "title": "SubnetIds", + "markdownDescription": "The IDs of the AWS accounts with which to share the snapshots.", + "title": "TargetAccounts", "type": "array" }, - "VpcId": { - "markdownDescription": "The identifier of the VPC in which to create the directory.", - "title": "VpcId", + "UnshareInterval": { + "markdownDescription": "The period after which snapshots that are shared with other AWS accounts are automatically unshared.", + "title": "UnshareInterval", + "type": "number" + }, + "UnshareIntervalUnit": { + "markdownDescription": "The unit of time for the automatic unsharing interval.", + "title": "UnshareIntervalUnit", "type": "string" } }, - "required": [ - "SubnetIds", - "VpcId" - ], "type": "object" }, - "AWS::DocDB::DBCluster": { + "AWS::DLM::LifecyclePolicy.VolumeTypeValues": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DMS::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -66513,144 +72831,27 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.", - "title": "AvailabilityZones", - "type": "array" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained. You must specify a minimum value of 1.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "Set to `true` to copy all tags from the source cluster snapshot to the target cluster snapshot, and otherwise `false` . The default is `false` .", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "The cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster`", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the cluster parameter group to associate with this cluster.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A subnet group to associate with this cluster.\n\nConstraints: Must match the name of an existing `DBSubnetGroup` . Must not be default.\n\nExample: `mySubnetgroup`", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DeletionProtection": { - "markdownDescription": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.\n\nIf you intend to trigger an in-place upgrade, please refer to [Amazon DocumentDB in-place major version upgrade](https://docs.aws.amazon.com/documentdb/latest/developerguide/docdb-mvu.html) . Note that for an in-place engine version upgrade, you need to remove other cluster properties changes (e.g. SecurityGroupId) from the CFN template.", - "title": "EngineVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", - "title": "KmsKeyId", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", - "title": "MasterUsername", - "type": "string" - }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", - "type": "number" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "The date and time to restore the cluster to.\n\nValid values: A time in Universal Coordinated Time (UTC) format.\n\nConstraints:\n\n- Must be before the latest restorable time for the instance.\n- Must be specified if the `UseLatestRestorableTime` parameter is not provided.\n- Cannot be specified if the `UseLatestRestorableTime` parameter is `true` .\n- Cannot be specified if the `RestoreType` parameter is `copy-on-write` .\n\nExample: `2015-03-07T23:45:00Z`", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nConstraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.", - "title": "RestoreType", - "type": "string" - }, - "SnapshotIdentifier": { - "markdownDescription": "The identifier for the snapshot or cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.\n\nConstraints:\n\n- Must match the identifier of an existing snapshot.", - "title": "SnapshotIdentifier", + "CertificateIdentifier": { + "markdownDescription": "A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.", + "title": "CertificateIdentifier", "type": "string" }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The identifier of the source cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing `DBCluster` .", - "title": "SourceDBClusterIdentifier", + "CertificatePem": { + "markdownDescription": "The contents of a `.pem` file, which contains an X.509 certificate.", + "title": "CertificatePem", "type": "string" }, - "StorageEncrypted": { - "markdownDescription": "Specifies whether the cluster is encrypted.\n\nIf you specify `SourceDBClusterIdentifier` or `SnapshotIdentifier` and don\u2019t specify `StorageEncrypted` , the encryption property is inherited from the source cluster or snapshot (unless `KMSKeyId` is specified, in which case the restored cluster will be encrypted with that KMS key). If the source is encrypted and `StorageEncrypted` is specified to be true, the restored cluster will be encrypted (if you want to use a different KMS key, specify the `KMSKeyId` property as well). If the source is unencrypted and `StorageEncrypted` is specified to be true, then the `KMSKeyId` property must be specified. If the source is encrypted, don\u2019t specify `StorageEncrypted` to be false as opting out of encryption is not allowed.", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Amazon DocumentDB clusters, see Cluster storage configurations in the *Amazon DocumentDB Developer Guide* .\n\nValid values for storage type - `standard | iopt1`\n\nDefault value is `standard`\n\n> When you create a DocumentDB DB cluster with the storage type set to `iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `standard` .", - "title": "StorageType", + "CertificateWallet": { + "markdownDescription": "The location of an imported Oracle Wallet certificate for use with SSL. An example is: `filebase64(\"${path.root}/rds-ca-2019-root.sso\")`", + "title": "CertificateWallet", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the cluster.", - "title": "Tags", - "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "A value that is set to `true` to restore the cluster to the latest restorable backup time, and `false` otherwise.\n\nDefault: `false`\n\nConstraints: Cannot be specified if the `RestoreToTime` parameter is provided.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with this cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::DocDB::DBCluster" + "AWS::DMS::Certificate" ], "type": "string" }, @@ -66668,7 +72869,7 @@ ], "type": "object" }, - "AWS::DocDB::DBClusterParameterGroup": { + "AWS::DMS::DataMigration": { "additionalProperties": false, "properties": { "Condition": { @@ -66703,45 +72904,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description for the cluster parameter group.", - "title": "Description", + "DataMigrationIdentifier": { + "markdownDescription": "", + "title": "DataMigrationIdentifier", "type": "string" }, - "Family": { - "markdownDescription": "The cluster parameter group family name.", - "title": "Family", + "DataMigrationName": { + "markdownDescription": "The user-friendly name for the data migration.", + "title": "DataMigrationName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing `DBClusterParameterGroup` .\n\n> This value is stored as a lowercase string.", - "title": "Name", + "DataMigrationSettings": { + "$ref": "#/definitions/AWS::DMS::DataMigration.DataMigrationSettings", + "markdownDescription": "Specifies CloudWatch settings and selection rules for the data migration.", + "title": "DataMigrationSettings" + }, + "DataMigrationType": { + "markdownDescription": "Specifies whether the data migration is full-load only, change data capture (CDC) only, or full-load and CDC.", + "title": "DataMigrationType", "type": "string" }, - "Parameters": { - "markdownDescription": "Provides a list of parameters for the cluster parameter group.", - "title": "Parameters", - "type": "object" + "MigrationProjectIdentifier": { + "markdownDescription": "", + "title": "MigrationProjectIdentifier", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The IAM role that the data migration uses to access AWS resources.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "SourceDataSettings": { + "items": { + "$ref": "#/definitions/AWS::DMS::DataMigration.SourceDataSettings" + }, + "markdownDescription": "Specifies information about the data migration's source data provider.", + "title": "SourceDataSettings", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be assigned to the cluster parameter group.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "Description", - "Family", - "Parameters" + "DataMigrationType", + "MigrationProjectIdentifier", + "ServiceAccessRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DocDB::DBClusterParameterGroup" + "AWS::DMS::DataMigration" ], "type": "string" }, @@ -66760,7 +72979,54 @@ ], "type": "object" }, - "AWS::DocDB::DBInstance": { + "AWS::DMS::DataMigration.DataMigrationSettings": { + "additionalProperties": false, + "properties": { + "CloudwatchLogsEnabled": { + "markdownDescription": "Whether to enable CloudWatch logging for the data migration.", + "title": "CloudwatchLogsEnabled", + "type": "boolean" + }, + "NumberOfJobs": { + "markdownDescription": "The number of parallel jobs that trigger parallel threads to unload the tables from the source, and then load them to the target.", + "title": "NumberOfJobs", + "type": "number" + }, + "SelectionRules": { + "markdownDescription": "A JSON-formatted string that defines what objects to include and exclude from the migration.", + "title": "SelectionRules", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DMS::DataMigration.SourceDataSettings": { + "additionalProperties": false, + "properties": { + "CDCStartPosition": { + "markdownDescription": "", + "title": "CDCStartPosition", + "type": "string" + }, + "CDCStartTime": { + "markdownDescription": "", + "title": "CDCStartTime", + "type": "string" + }, + "CDCStopTime": { + "markdownDescription": "", + "title": "CDCStopTime", + "type": "string" + }, + "SlotName": { + "markdownDescription": "", + "title": "SlotName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DMS::DataProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -66795,69 +73061,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoMinorVersionUpgrade": { - "markdownDescription": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set.\n\nDefault: `false`", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The Amazon EC2 Availability Zone that the instance is created in.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nExample: `us-east-1d`", - "title": "AvailabilityZone", - "type": "string" - }, - "CACertificateIdentifier": { - "markdownDescription": "The identifier of the CA certificate for this DB instance.", - "title": "CACertificateIdentifier", + "DataProviderIdentifier": { + "markdownDescription": "The identifier of the data provider. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "DataProviderIdentifier", "type": "string" }, - "CertificateRotationRestart": { - "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, see [Updating Your Amazon DocumentDB TLS Certificates](https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html) and [Encrypting Data in Transit](https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html) in the *Amazon DocumentDB Developer Guide* .", - "title": "CertificateRotationRestart", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "The identifier of the cluster that the instance will belong to.", - "title": "DBClusterIdentifier", + "DataProviderName": { + "markdownDescription": "The name of the data provider.", + "title": "DataProviderName", "type": "string" }, - "DBInstanceClass": { - "markdownDescription": "The compute and memory capacity of the instance; for example, `db.m4.large` . If you change the class of an instance there can be some interruption in the cluster's service.", - "title": "DBInstanceClass", + "Description": { + "markdownDescription": "A description of the data provider. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", + "title": "Description", "type": "string" }, - "DBInstanceIdentifier": { - "markdownDescription": "The instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `mydbinstance`", - "title": "DBInstanceIdentifier", + "Engine": { + "markdownDescription": "The type of database engine for the data provider. Valid values include `\"aurora\"` , `\"aurora-postgresql\"` , `\"mysql\"` , `\"oracle\"` , `\"postgres\"` , `\"sqlserver\"` , `redshift` , `mariadb` , `mongodb` , `db2` , `db2-zos` and `docdb` . A value of `\"aurora\"` represents Amazon Aurora MySQL-Compatible Edition.", + "title": "Engine", "type": "string" }, - "EnablePerformanceInsights": { - "markdownDescription": "A value that indicates whether to enable Performance Insights for the DB Instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) .", - "title": "EnablePerformanceInsights", + "ExactSettings": { + "markdownDescription": "", + "title": "ExactSettings", "type": "boolean" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" + "Settings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.Settings", + "markdownDescription": "The settings in JSON format for a data provider.", + "title": "Settings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be assigned to the instance. You can assign up to 10 tags to an instance.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "DBClusterIdentifier", - "DBInstanceClass" + "Engine" ], "type": "object" }, "Type": { "enum": [ - "AWS::DocDB::DBInstance" + "AWS::DMS::DataProvider" ], "type": "string" }, @@ -66876,931 +73126,452 @@ ], "type": "object" }, - "AWS::DocDB::DBSubnetGroup": { + "AWS::DMS::DataProvider.DocDbSettings": { "additionalProperties": false, "properties": { - "Condition": { + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "The database name on the DocumentDB source endpoint.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "The description for the subnet group.", - "title": "DBSubnetGroupDescription", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "The name for the subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens. Must not be default.\n\nExample: `mySubnetgroup`", - "title": "DBSubnetGroupName", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the subnet group.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the subnet group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DBSubnetGroupDescription", - "SubnetIds" - ], - "type": "object" + "Port": { + "markdownDescription": "The port value for the DocumentDB source endpoint.", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DocDB::DBSubnetGroup" - ], + "ServerName": { + "markdownDescription": "The name of the server on the DocumentDB source endpoint.", + "title": "ServerName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "DatabaseName", + "Port", + "ServerName" ], "type": "object" }, - "AWS::DocDB::EventSubscription": { + "AWS::DMS::DataProvider.IbmDb2LuwSettings": { "additionalProperties": false, "properties": { - "Condition": { + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" }, - "Metadata": { - "type": "object" + "ServerName": { + "markdownDescription": "", + "title": "ServerName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A Boolean value; set to `true` to activate the subscription, set to `false` to create the subscription but not active it.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event categories for a `SourceType` that you want to subscribe to.", - "title": "EventCategories", - "type": "array" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. Amazon SNS creates the ARN when you create a topic and subscribe to it.", - "title": "SnsTopicArn", - "type": "string" - }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are provided, `SourceType` must also be provided.\n- If the source type is an instance, a `DBInstanceIdentifier` must be provided.\n- If the source type is a security group, a `DBSecurityGroupName` must be provided.\n- If the source type is a parameter group, a `DBParameterGroupName` must be provided.\n- If the source type is a snapshot, a `DBSnapshotIdentifier` must be provided.", - "title": "SourceIds", - "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by an instance, you would set this parameter to `db-instance` . If this value is not specified, all events are returned.\n\nValid values: `db-instance` , `db-cluster` , `db-parameter-group` , `db-security-group` , `db-cluster-snapshot`", - "title": "SourceType", - "type": "string" - }, - "SubscriptionName": { - "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be fewer than 255 characters.", - "title": "SubscriptionName", - "type": "string" - } - }, - "required": [ - "SnsTopicArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DocDB::EventSubscription" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DocDBElastic::Cluster": { + "AWS::DMS::DataProvider.IbmDb2zOsSettings": { "additionalProperties": false, "properties": { - "Condition": { + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdminUserName": { - "markdownDescription": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word.", - "title": "AdminUserName", - "type": "string" - }, - "AdminUserPassword": { - "markdownDescription": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required.", - "title": "AdminUserPassword", - "type": "string" - }, - "AuthType": { - "markdownDescription": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` .", - "title": "AuthType", - "type": "string" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automatic snapshots are retained.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "ClusterName": { - "markdownDescription": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`", - "title": "ClusterName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region.", - "title": "KmsKeyId", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` .", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "ShardCapacity": { - "markdownDescription": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64.", - "title": "ShardCapacity", - "type": "number" - }, - "ShardCount": { - "markdownDescription": "The number of shards assigned to the elastic cluster. Maximum is 32.", - "title": "ShardCount", - "type": "number" - }, - "ShardInstanceCount": { - "markdownDescription": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability.", - "title": "ShardInstanceCount", - "type": "number" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the new elastic cluster.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the new elastic cluster.", - "title": "Tags", - "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with the new elastic cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" - } - }, - "required": [ - "AdminUserName", - "AuthType", - "ClusterName", - "ShardCapacity", - "ShardCount" - ], - "type": "object" + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DocDBElastic::Cluster" - ], + "ServerName": { + "markdownDescription": "", + "title": "ServerName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable": { + "AWS::DMS::DataProvider.MariaDbSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AttributeDefinitions": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.AttributeDefinition" - }, - "markdownDescription": "A list of attributes that describe the key schema for the global table and indexes.", - "title": "AttributeDefinitions", - "type": "array" - }, - "BillingMode": { - "markdownDescription": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` .", - "title": "BillingMode", - "type": "string" - }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex" - }, - "markdownDescription": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually.", - "title": "GlobalSecondaryIndexes", - "type": "array" - }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", - "title": "KeySchema", - "type": "array" - }, - "LocalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.LocalSecondaryIndex" - }, - "markdownDescription": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", - "title": "LocalSecondaryIndexes", - "type": "array" - }, - "Replicas": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSpecification" - }, - "markdownDescription": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update. For Multi-Region Strong Consistency (MRSC), you can add or remove up to 3 replicas, or 2 replicas plus a witness Region.", - "title": "Replicas", - "type": "array" - }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.SSESpecification", - "markdownDescription": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property.", - "title": "SSESpecification" - }, - "StreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.StreamSpecification", - "markdownDescription": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica. For Multi-Region Strong Consistency (MRSC), you do not need to provide a value for this property and can change the settings at any time.", - "title": "StreamSpecification" - }, - "TableName": { - "markdownDescription": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TableName", - "type": "string" - }, - "TimeToLiveSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TimeToLiveSpecification", - "markdownDescription": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas.", - "title": "TimeToLiveSpecification" - }, - "WriteProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", - "markdownDescription": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` .", - "title": "WriteProvisionedThroughputSettings" - } - }, - "required": [ - "AttributeDefinitions", - "KeySchema", - "Replicas" - ], - "type": "object" + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DynamoDB::GlobalTable" - ], + "ServerName": { + "markdownDescription": "", + "title": "ServerName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.AttributeDefinition": { + "AWS::DMS::DataProvider.MicrosoftSqlServerSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "A name for the attribute.", - "title": "AttributeName", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "AttributeType": { - "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", - "title": "AttributeType", + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", "type": "string" - } - }, - "required": [ - "AttributeName", - "AttributeType" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum provisioned capacity units for the global table.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The minimum provisioned capacity units for the global table.", - "title": "MinCapacity", - "type": "number" }, - "SeedCapacity": { - "markdownDescription": "When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent.\n\nIf you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10.\n\nYou must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` .", - "title": "SeedCapacity", + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", "type": "number" }, - "TargetTrackingScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration", - "markdownDescription": "Defines a target tracking scaling policy.", - "title": "TargetTrackingScalingPolicyConfiguration" - } - }, - "required": [ - "MaxCapacity", - "MinCapacity", - "TargetTrackingScalingPolicyConfiguration" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex": { - "additionalProperties": false, - "properties": { - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" - }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" - }, - "WriteProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", - "markdownDescription": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index.", - "title": "WriteProvisionedThroughputSettings" + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "IndexName", - "KeySchema", - "Projection" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.KeySchema": { + "AWS::DMS::DataProvider.MongoDbSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of a key attribute.", - "title": "AttributeName", + "AuthMechanism": { + "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", + "title": "AuthMechanism", "type": "string" }, - "KeyType": { - "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeyType", + "AuthSource": { + "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", + "title": "AuthSource", "type": "string" - } - }, - "required": [ - "AttributeName", - "KeyType" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.KinesisStreamSpecification": { - "additionalProperties": false, - "properties": { - "ApproximateCreationDateTimePrecision": { - "markdownDescription": "The precision for the time and date that the stream was created.", - "title": "ApproximateCreationDateTimePrecision", + }, + "AuthType": { + "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen when set to `\"no\"` , user name and password parameters are not used and can be empty.", + "title": "AuthType", "type": "string" }, - "StreamArn": { - "markdownDescription": "The ARN for a specific Kinesis data stream.", - "title": "StreamArn", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" - } - }, - "required": [ - "StreamArn" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.LocalSecondaryIndex": { - "additionalProperties": false, - "properties": { - "IndexName": { - "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + }, + "DatabaseName": { + "markdownDescription": "The database name on the MongoDB source endpoint.", + "title": "DatabaseName", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "Port": { + "markdownDescription": "The port value for the MongoDB source endpoint.", + "title": "Port", + "type": "number" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" + "ServerName": { + "markdownDescription": "The name of the server on the MongoDB source endpoint. For MongoDB Atlas, provide the server name for any of the servers in the replication set.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "IndexName", - "KeySchema", - "Projection" + "Port", + "ServerName" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification": { - "additionalProperties": false, - "properties": { - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", - "title": "PointInTimeRecoveryEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.Projection": { + "AWS::DMS::DataProvider.MySqlSettings": { "additionalProperties": false, "properties": { - "NonKeyAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", - "title": "NonKeyAttributes", - "type": "array" - }, - "ProjectionType": { - "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", - "title": "ProjectionType", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings": { - "additionalProperties": false, - "properties": { - "ReadCapacityAutoScalingSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", - "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", - "title": "ReadCapacityAutoScalingSettings" }, - "ReadCapacityUnits": { - "markdownDescription": "Specifies a fixed read capacity for the replica table or global secondary index.", - "title": "ReadCapacityUnits", + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", "type": "number" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification": { - "additionalProperties": false, - "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", - "markdownDescription": "Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table\u2019s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table.", - "title": "ContributorInsightsSpecification" }, - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "ServerName": { + "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS MySQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora MySQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", + "title": "ServerName", "type": "string" }, - "ReadProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", - "markdownDescription": "Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` .", - "title": "ReadProvisionedThroughputSettings" - } - }, - "required": [ - "IndexName" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReplicaSSESpecification": { - "additionalProperties": false, - "properties": { - "KMSMasterKeyId": { - "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", - "title": "KMSMasterKeyId", + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "KMSMasterKeyId" + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.ReplicaSpecification": { + "AWS::DMS::DataProvider.OracleSettings": { "additionalProperties": false, "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica.", - "title": "ContributorInsightsSpecification" - }, - "DeletionProtectionEnabled": { - "markdownDescription": "Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", - "title": "DeletionProtectionEnabled", - "type": "boolean" - }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification" - }, - "markdownDescription": "Defines additional settings for the global secondary indexes of this replica.", - "title": "GlobalSecondaryIndexes", - "type": "array" + "AsmServer": { + "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmServer", + "type": "string" }, - "KinesisStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KinesisStreamSpecification", - "markdownDescription": "Defines the Kinesis Data Streams configuration for the specified replica.", - "title": "KinesisStreamSpecification" + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" }, - "PointInTimeRecoverySpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification", - "markdownDescription": "The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica.", - "title": "PointInTimeRecoverySpecification" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" }, - "ReadProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", - "markdownDescription": "Defines read capacity settings for the replica table.", - "title": "ReadProvisionedThroughputSettings" + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" }, - "Region": { - "markdownDescription": "The region in which this replica exists.", - "title": "Region", + "SecretsManagerOracleAsmAccessRoleArn": { + "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both. For more information on creating this `SecretsManagerOracleAsmSecret` and the `SecretsManagerOracleAsmAccessRoleArn` and `SecretsManagerOracleAsmSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerOracleAsmAccessRoleArn", "type": "string" }, - "ReplicaStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification", - "markdownDescription": "Represents the DynamoDB Streams configuration for a global table replica.", - "title": "ReplicaStreamSpecification" - }, - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "ResourcePolicy" + "SecretsManagerOracleAsmSecretId": { + "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN, partial ARN, or friendly name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", + "title": "SecretsManagerOracleAsmSecretId", + "type": "string" }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSSESpecification", - "markdownDescription": "Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas.", - "title": "SSESpecification" + "SecretsManagerSecurityDbEncryptionAccessRoleArn": { + "markdownDescription": "", + "title": "SecretsManagerSecurityDbEncryptionAccessRoleArn", + "type": "string" }, - "TableClass": { - "markdownDescription": "The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", - "title": "TableClass", + "SecretsManagerSecurityDbEncryptionSecretId": { + "markdownDescription": "", + "title": "SecretsManagerSecurityDbEncryptionSecretId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this replica.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Region" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification": { - "additionalProperties": false, - "properties": { - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", - "markdownDescription": "A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nYou can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource.", - "title": "ResourcePolicy" - } - }, - "required": [ - "ResourcePolicy" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ResourcePolicy": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "PolicyDocument" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.SSESpecification": { - "additionalProperties": false, - "properties": { - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys.", - "title": "SSEEnabled", - "type": "boolean" + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint.\n\nFor an Amazon RDS Oracle instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", + "type": "string" }, - "SSEType": { - "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", - "title": "SSEType", + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "SSEEnabled" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.StreamSpecification": { + "AWS::DMS::DataProvider.PostgreSqlSettings": { "additionalProperties": false, "properties": { - "StreamViewType": { - "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", - "title": "StreamViewType", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" - } - }, - "required": [ - "StreamViewType" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration": { - "additionalProperties": false, - "properties": { - "DisableScaleIn": { - "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` .", - "title": "DisableScaleIn", - "type": "boolean" }, - "ScaleInCooldown": { - "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start.", - "title": "ScaleInCooldown", - "type": "number" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" }, - "ScaleOutCooldown": { - "markdownDescription": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start.", - "title": "ScaleOutCooldown", + "Port": { + "markdownDescription": "Endpoint TCP port. The default is 5432.", + "title": "Port", "type": "number" }, - "TargetValue": { - "markdownDescription": "Defines a target value for the scaling policy.", - "title": "TargetValue", - "type": "number" + "ServerName": { + "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS PostgreSQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora PostgreSQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, "required": [ - "TargetValue" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.TimeToLiveSpecification": { + "AWS::DMS::DataProvider.RedshiftSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the attribute used to store the expiration time for items in the table.\n\nCurrently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed.", - "title": "AttributeName", + "DatabaseName": { + "markdownDescription": "The name of the Amazon Redshift data warehouse (service) that you are working with.", + "title": "DatabaseName", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", - "title": "Enabled", - "type": "boolean" + "Port": { + "markdownDescription": "The port number for Amazon Redshift. The default value is 5439.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "The name of the Amazon Redshift cluster you are using.", + "title": "ServerName", + "type": "string" } }, "required": [ - "Enabled" + "DatabaseName", + "Port", + "ServerName" ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings": { + "AWS::DMS::DataProvider.Settings": { "additionalProperties": false, "properties": { - "WriteCapacityAutoScalingSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", - "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", - "title": "WriteCapacityAutoScalingSettings" + "DocDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.DocDbSettings", + "markdownDescription": "", + "title": "DocDbSettings" + }, + "IbmDb2LuwSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.IbmDb2LuwSettings", + "markdownDescription": "", + "title": "IbmDb2LuwSettings" + }, + "IbmDb2zOsSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.IbmDb2zOsSettings", + "markdownDescription": "", + "title": "IbmDb2zOsSettings" + }, + "MariaDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MariaDbSettings", + "markdownDescription": "", + "title": "MariaDbSettings" + }, + "MicrosoftSqlServerSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MicrosoftSqlServerSettings", + "markdownDescription": "", + "title": "MicrosoftSqlServerSettings" + }, + "MongoDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MongoDbSettings", + "markdownDescription": "", + "title": "MongoDbSettings" + }, + "MySqlSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MySqlSettings", + "markdownDescription": "", + "title": "MySqlSettings" + }, + "OracleSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.OracleSettings", + "markdownDescription": "", + "title": "OracleSettings" + }, + "PostgreSqlSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.PostgreSqlSettings", + "markdownDescription": "", + "title": "PostgreSqlSettings" + }, + "RedshiftSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.RedshiftSettings", + "markdownDescription": "", + "title": "RedshiftSettings" } }, "type": "object" }, - "AWS::DynamoDB::Table": { + "AWS::DMS::Endpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -67830,120 +73601,174 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeDefinitions": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.AttributeDefinition" - }, - "markdownDescription": "A list of attributes that describe the key schema for the table and indexes.\n\nThis property is required to create a DynamoDB table.\n\nUpdate requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) . Replacement if you edit an existing AttributeDefinition.", - "title": "AttributeDefinitions", - "type": "array" - }, - "BillingMode": { - "markdownDescription": "Specify how you are charged for read and write throughput and how you manage capacity.\n\nValid values include:\n\n- `PAY_PER_REQUEST` - We recommend using `PAY_PER_REQUEST` for most DynamoDB workloads. `PAY_PER_REQUEST` sets the billing mode to [On-demand capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html) .\n- `PROVISIONED` - We recommend using `PROVISIONED` for steady workloads with predictable growth where capacity requirements can be reliably forecasted. `PROVISIONED` sets the billing mode to [Provisioned capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html) .\n\nIf not specified, the default is `PROVISIONED` .", - "title": "BillingMode", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate.", + "title": "CertificateArn", "type": "string" }, - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table.", - "title": "ContributorInsightsSpecification" + "DatabaseName": { + "markdownDescription": "The name of the endpoint database. For a MySQL source or target endpoint, don't specify `DatabaseName` . To migrate to a specific database, use this setting and `targetDbType` .", + "title": "DatabaseName", + "type": "string" }, - "DeletionProtectionEnabled": { - "markdownDescription": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", - "title": "DeletionProtectionEnabled", - "type": "boolean" + "DocDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.DocDbSettings", + "markdownDescription": "Settings in JSON format for the source and target DocumentDB endpoint. For more information about other available settings, see [Using extra connections attributes with Amazon DocumentDB as a source](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DocumentDB.html#CHAP_Source.DocumentDB.ECAs) and [Using Amazon DocumentDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DocumentDB.html) in the *AWS Database Migration Service User Guide* .", + "title": "DocDbSettings" }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.GlobalSecondaryIndex" - }, - "markdownDescription": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n\n> If you update a table to include a new global secondary index, AWS CloudFormation initiates the index creation and then proceeds with the stack update. AWS CloudFormation doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is `ACTIVE` . You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n> \n> If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.\n> \n> Updates are not supported. The following are exceptions:\n> \n> - If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n> - You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.", - "title": "GlobalSecondaryIndexes", - "type": "array" + "DynamoDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.DynamoDbSettings", + "markdownDescription": "Settings in JSON format for the target Amazon DynamoDB endpoint. For information about other available settings, see [Using object mapping to migrate data to DynamoDB](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DynamoDB.html#CHAP_Target.DynamoDB.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "DynamoDbSettings" }, - "ImportSourceSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ImportSourceSpecification", - "markdownDescription": "Specifies the properties of data being imported from the S3 bucket source to the\" table.\n\n> If you specify the `ImportSourceSpecification` property, and also specify either the `StreamSpecification` , the `TableClass` property, the `DeletionProtectionEnabled` property, or the `WarmThroughput` property, the IAM entity creating/updating stack must have `UpdateTable` permission.", - "title": "ImportSourceSpecification" + "ElasticsearchSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.ElasticsearchSettings", + "markdownDescription": "Settings in JSON format for the target OpenSearch endpoint. For more information about the available settings, see [Extra connection attributes when using OpenSearch as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Elasticsearch.html#CHAP_Target.Elasticsearch.Configuration) in the *AWS Database Migration Service User Guide* .", + "title": "ElasticsearchSettings" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", - "title": "KeySchema", - "type": "array" + "EndpointIdentifier": { + "markdownDescription": "The database endpoint identifier. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "EndpointIdentifier", + "type": "string" }, - "KinesisStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KinesisStreamSpecification", - "markdownDescription": "The Kinesis Data Streams configuration for the specified table.", - "title": "KinesisStreamSpecification" + "EndpointType": { + "markdownDescription": "The type of endpoint. Valid values are `source` and `target` .", + "title": "EndpointType", + "type": "string" }, - "LocalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.LocalSecondaryIndex" - }, - "markdownDescription": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.", - "title": "LocalSecondaryIndexes", - "type": "array" + "EngineName": { + "markdownDescription": "The type of engine for the endpoint, depending on the `EndpointType` value.\n\n*Valid values* : `mysql` | `oracle` | `postgres` | `mariadb` | `aurora` | `aurora-postgresql` | `opensearch` | `redshift` | `redshift-serverless` | `s3` | `db2` | `azuredb` | `sybase` | `dynamodb` | `mongodb` | `kinesis` | `kafka` | `elasticsearch` | `docdb` | `sqlserver` | `neptune`", + "title": "EngineName", + "type": "string" }, - "PointInTimeRecoverySpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.PointInTimeRecoverySpecification", - "markdownDescription": "The settings used to enable point in time recovery.", - "title": "PointInTimeRecoverySpecification" + "ExtraConnectionAttributes": { + "markdownDescription": "Additional attributes associated with the connection. Each attribute is specified as a name-value pair associated by an equal sign (=). Multiple attributes are separated by a semicolon (;) with no additional white space. For information on the attributes available for connecting your source or target endpoint, see [Working with AWS DMS Endpoints](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Endpoints.html) in the *AWS Database Migration Service User Guide* .", + "title": "ExtraConnectionAttributes", + "type": "string" }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", - "markdownDescription": "Throughput for the specified table, which consists of values for `ReadCapacityUnits` and `WriteCapacityUnits` . For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html) .\n\nIf you set `BillingMode` as `PROVISIONED` , you must specify this property. If you set `BillingMode` as `PAY_PER_REQUEST` , you cannot specify this property.", - "title": "ProvisionedThroughput" + "GcpMySQLSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.GcpMySQLSettings", + "markdownDescription": "Settings in JSON format for the source GCP MySQL endpoint. These settings are much the same as the settings for any MySQL-compatible endpoint. For more information, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "GcpMySQLSettings" }, - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", - "markdownDescription": "An AWS resource-based policy document in JSON format that will be attached to the table.\n\nWhen you attach a resource-based policy while creating a table, the policy application is *strongly consistent* .\n\nThe maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that apply for resource-based policies, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .\n\n> You need to specify the `CreateTable` and `PutResourcePolicy` IAM actions for authorizing a user to create a table with a resource-based policy.", - "title": "ResourcePolicy" + "IbmDb2Settings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.IbmDb2Settings", + "markdownDescription": "Settings in JSON format for the source IBM Db2 LUW endpoint. For information about other available settings, see [Extra connection attributes when using Db2 LUW as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DB2.html#CHAP_Source.DB2.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "IbmDb2Settings" }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", - "markdownDescription": "Specifies the settings to enable server-side encryption.", - "title": "SSESpecification" + "KafkaSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.KafkaSettings", + "markdownDescription": "Settings in JSON format for the target Apache Kafka endpoint. For more information about other available settings, see [Using object mapping to migrate data to a Kafka topic](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html#CHAP_Target.Kafka.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "KafkaSettings" }, - "StreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.StreamSpecification", - "markdownDescription": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", - "title": "StreamSpecification" + "KinesisSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.KinesisSettings", + "markdownDescription": "Settings in JSON format for the target endpoint for Amazon Kinesis Data Streams. For more information about other available settings, see [Using object mapping to migrate data to a Kinesis data stream](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kinesis.html#CHAP_Target.Kinesis.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "KinesisSettings" }, - "TableClass": { - "markdownDescription": "The table class of the new table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", - "title": "TableClass", + "KmsKeyId": { + "markdownDescription": "An AWS KMS key identifier that is used to encrypt the connection parameters for the endpoint.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", "type": "string" }, - "TableName": { - "markdownDescription": "A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TableName", - "type": "string" + "MicrosoftSqlServerSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MicrosoftSqlServerSettings", + "markdownDescription": "Settings in JSON format for the source and target Microsoft SQL Server endpoint. For information about other available settings, see [Extra connection attributes when using SQL Server as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SQLServer.html#CHAP_Source.SQLServer.ConnectionAttrib) and [Extra connection attributes when using SQL Server as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SQLServer.html#CHAP_Target.SQLServer.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "MicrosoftSqlServerSettings" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "MongoDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MongoDbSettings", + "markdownDescription": "Settings in JSON format for the source MongoDB endpoint. For more information about the available settings, see [Using MongoDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MongoDB.html#CHAP_Source.MongoDB.Configuration) in the *AWS Database Migration Service User Guide* .", + "title": "MongoDbSettings" }, - "TimeToLiveSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.TimeToLiveSpecification", - "markdownDescription": "Specifies the Time to Live (TTL) settings for the table.\n\n> For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", - "title": "TimeToLiveSpecification" - } - }, - "required": [ - "KeySchema" + "MySqlSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MySqlSettings", + "markdownDescription": "Settings in JSON format for the source and target MySQL endpoint. For information about other available settings, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) and [Extra connection attributes when using a MySQL-compatible database as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.MySQL.html#CHAP_Target.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "MySqlSettings" + }, + "NeptuneSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.NeptuneSettings", + "markdownDescription": "Settings in JSON format for the target Amazon Neptune endpoint. For more information about the available settings, see [Specifying endpoint settings for Amazon Neptune as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.EndpointSettings) in the *AWS Database Migration Service User Guide* .", + "title": "NeptuneSettings" + }, + "OracleSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.OracleSettings", + "markdownDescription": "Settings in JSON format for the source and target Oracle endpoint. For information about other available settings, see [Extra connection attributes when using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.ConnectionAttrib) and [Extra connection attributes when using Oracle as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Oracle.html#CHAP_Target.Oracle.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "OracleSettings" + }, + "Password": { + "markdownDescription": "The password to be used to log in to the endpoint database.", + "title": "Password", + "type": "string" + }, + "Port": { + "markdownDescription": "The port used by the endpoint database.", + "title": "Port", + "type": "number" + }, + "PostgreSqlSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.PostgreSqlSettings", + "markdownDescription": "Settings in JSON format for the source and target PostgreSQL endpoint.\n\nFor information about other available settings, see [Extra connection attributes when using PostgreSQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) and [Extra connection attributes when using PostgreSQL as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.PostgreSQL.html#CHAP_Target.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "PostgreSqlSettings" + }, + "RedisSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.RedisSettings", + "markdownDescription": "Settings in JSON format for the target Redis endpoint. For information about other available settings, see [Specifying endpoint settings for Redis as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redis.html#CHAP_Target.Redis.EndpointSettings) in the *AWS Database Migration Service User Guide* .", + "title": "RedisSettings" + }, + "RedshiftSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.RedshiftSettings", + "markdownDescription": "Settings in JSON format for the Amazon Redshift endpoint.\n\nFor more information about other available settings, see [Extra connection attributes when using Amazon Redshift as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redshift.html#CHAP_Target.Redshift.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "RedshiftSettings" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", + "type": "string" + }, + "S3Settings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.S3Settings", + "markdownDescription": "Settings in JSON format for the source and target Amazon S3 endpoint. For more information about other available settings, see [Extra connection attributes when using Amazon S3 as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.S3.html#CHAP_Source.S3.Configuring) and [Extra connection attributes when using Amazon S3 as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring) in the *AWS Database Migration Service User Guide* .", + "title": "S3Settings" + }, + "ServerName": { + "markdownDescription": "The name of the server where the endpoint database resides.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "The Secure Sockets Layer (SSL) mode to use for the SSL connection. The default is `none` .\n\n> When `engine_name` is set to S3, the only allowed value is `none` .", + "title": "SslMode", + "type": "string" + }, + "SybaseSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.SybaseSettings", + "markdownDescription": "Settings in JSON format for the source and target SAP ASE endpoint. For information about other available settings, see [Extra connection attributes when using SAP ASE as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SAP.html#CHAP_Source.SAP.ConnectionAttrib) and [Extra connection attributes when using SAP ASE as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SAP.html#CHAP_Target.SAP.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "SybaseSettings" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the endpoint.", + "title": "Tags", + "type": "array" + }, + "Username": { + "markdownDescription": "The user name to be used to log in to the endpoint database.", + "title": "Username", + "type": "string" + } + }, + "required": [ + "EndpointType", + "EngineName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DynamoDB::Table" + "AWS::DMS::Endpoint" ], "type": "string" }, @@ -67962,679 +73787,1277 @@ ], "type": "object" }, - "AWS::DynamoDB::Table.AttributeDefinition": { + "AWS::DMS::Endpoint.DocDbSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "A name for the attribute.", - "title": "AttributeName", + "DocsToInvestigate": { + "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", + "title": "DocsToInvestigate", + "type": "number" + }, + "ExtractDocId": { + "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", + "title": "ExtractDocId", + "type": "boolean" + }, + "NestingLevel": { + "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", + "title": "NestingLevel", "type": "string" }, - "AttributeType": { - "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", - "title": "AttributeType", + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the DocumentDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the DocumentDB endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" } }, - "required": [ - "AttributeName", - "AttributeType" - ], "type": "object" }, - "AWS::DynamoDB::Table.ContributorInsightsSpecification": { + "AWS::DMS::Endpoint.DynamoDbSettings": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", - "title": "Enabled", - "type": "boolean" + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::DynamoDB::Table.Csv": { + "AWS::DMS::Endpoint.ElasticsearchSettings": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter used for separating items in the CSV file being imported.", - "title": "Delimiter", + "EndpointUri": { + "markdownDescription": "The endpoint for the OpenSearch cluster. AWS DMS uses HTTPS if a transport protocol (either HTTP or HTTPS) isn't specified.", + "title": "EndpointUri", "type": "string" }, - "HeaderList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header.", - "title": "HeaderList", - "type": "array" + "ErrorRetryDuration": { + "markdownDescription": "The maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster.", + "title": "ErrorRetryDuration", + "type": "number" + }, + "FullLoadErrorPercentage": { + "markdownDescription": "The maximum percentage of records that can fail to be written before a full load operation stops.\n\nTo avoid early failure, this counter is only effective after 1,000 records are transferred. OpenSearch also has the concept of error monitoring during the last 10 minutes of an Observation Window. If transfer of all records fail in the last 10 minutes, the full load operation stops.", + "title": "FullLoadErrorPercentage", + "type": "number" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" } }, "type": "object" }, - "AWS::DynamoDB::Table.GlobalSecondaryIndex": { + "AWS::DMS::Endpoint.GcpMySQLSettings": { "additionalProperties": false, "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index.", - "title": "ContributorInsightsSpecification" + "AfterConnectScript": { + "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", + "title": "AfterConnectScript", + "type": "string" }, - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "CleanSourceMetadataOnMismatch": { + "markdownDescription": "Adjusts the behavior of AWS DMS when migrating from an SQL Server source database that is hosted as part of an Always On availability group cluster. If you need AWS DMS to poll all the nodes in the Always On cluster for transaction backups, set this attribute to `false` .", + "title": "CleanSourceMetadataOnMismatch", + "type": "boolean" + }, + "DatabaseName": { + "markdownDescription": "Database name for the endpoint. For a MySQL source or target endpoint, don't explicitly specify the database using the `DatabaseName` request parameter on either the `CreateEndpoint` or `ModifyEndpoint` API call. Specifying `DatabaseName` when you create or modify a MySQL endpoint replicates all the task tables to this single database. For MySQL endpoints, you specify the database only when you specify the schema in the table-mapping rules of the AWS DMS task.", + "title": "DatabaseName", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "EventsPollInterval": { + "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", + "title": "EventsPollInterval", + "type": "number" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", - "markdownDescription": "Represents the provisioned throughput settings for the specified global secondary index. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.\n\nFor current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide* .", - "title": "ProvisionedThroughput" - } - }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.ImportSourceSpecification": { - "additionalProperties": false, - "properties": { - "InputCompressionType": { - "markdownDescription": "Type of compression to be used on the input coming from the imported table.", - "title": "InputCompressionType", + "ParallelLoadThreads": { + "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", + "title": "ParallelLoadThreads", + "type": "number" + }, + "Password": { + "markdownDescription": "Endpoint connection password.", + "title": "Password", "type": "string" }, - "InputFormat": { - "markdownDescription": "The format of the source data. Valid values for `ImportFormat` are `CSV` , `DYNAMODB_JSON` or `ION` .", - "title": "InputFormat", + "Port": { + "markdownDescription": "The port used by the endpoint database.", + "title": "Port", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret.` The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "InputFormatOptions": { - "$ref": "#/definitions/AWS::DynamoDB::Table.InputFormatOptions", - "markdownDescription": "Additional properties that specify how the input is formatted,", - "title": "InputFormatOptions" + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" }, - "S3BucketSource": { - "$ref": "#/definitions/AWS::DynamoDB::Table.S3BucketSource", - "markdownDescription": "The S3 bucket that provides the source for the import.", - "title": "S3BucketSource" - } - }, - "required": [ - "InputFormat", - "S3BucketSource" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.InputFormatOptions": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Csv", - "markdownDescription": "The options for imported source files in CSV format. The values are Delimiter and HeaderList.", - "title": "Csv" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.KeySchema": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "The name of a key attribute.", - "title": "AttributeName", + "ServerName": { + "markdownDescription": "The MySQL host name.", + "title": "ServerName", "type": "string" }, - "KeyType": { - "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeyType", + "ServerTimezone": { + "markdownDescription": "Specifies the time zone for the source MySQL database. Don't enclose time zones in single quotation marks.\n\nExample: `serverTimezone=US/Pacific;`", + "title": "ServerTimezone", + "type": "string" + }, + "Username": { + "markdownDescription": "Endpoint connection user name.", + "title": "Username", "type": "string" } }, - "required": [ - "AttributeName", - "KeyType" - ], "type": "object" }, - "AWS::DynamoDB::Table.KinesisStreamSpecification": { + "AWS::DMS::Endpoint.IbmDb2Settings": { "additionalProperties": false, "properties": { - "ApproximateCreationDateTimePrecision": { - "markdownDescription": "The precision for the time and date that the stream was created.", - "title": "ApproximateCreationDateTimePrecision", + "CurrentLsn": { + "markdownDescription": "For ongoing replication (CDC), use CurrentLSN to specify a log sequence number (LSN) where you want the replication to start.", + "title": "CurrentLsn", "type": "string" }, - "StreamArn": { - "markdownDescription": "The ARN for a specific Kinesis data stream.\n\nLength Constraints: Minimum length of 37. Maximum length of 1024.", - "title": "StreamArn", + "KeepCsvFiles": { + "markdownDescription": "If true, AWS DMS saves any .csv files to the Db2 LUW target that were used to replicate data. DMS uses these files for analysis and troubleshooting.\n\nThe default value is false.", + "title": "KeepCsvFiles", + "type": "boolean" + }, + "LoadTimeout": { + "markdownDescription": "The amount of time (in milliseconds) before AWS DMS times out operations performed by DMS on the Db2 target. The default value is 1200 (20 minutes).", + "title": "LoadTimeout", + "type": "number" + }, + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of .csv files used to transfer data to Db2 LUW.", + "title": "MaxFileSize", + "type": "number" + }, + "MaxKBytesPerRead": { + "markdownDescription": "Maximum number of bytes per read, as a NUMBER value. The default is 64 KB.", + "title": "MaxKBytesPerRead", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value ofthe AWS Secrets Manager secret that allows access to the Db2 LUW endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" - } - }, - "required": [ - "StreamArn" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.LocalSecondaryIndex": { - "additionalProperties": false, - "properties": { - "IndexName": { - "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the IBMDB2 endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "SetDataCaptureChanges": { + "markdownDescription": "Enables ongoing replication (CDC) as a BOOLEAN value. The default is true.", + "title": "SetDataCaptureChanges", + "type": "boolean" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" + "WriteBufferSize": { + "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk on the DMS replication instance. The default value is 1024 (1 MB).", + "title": "WriteBufferSize", + "type": "number" } }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], "type": "object" }, - "AWS::DynamoDB::Table.PointInTimeRecoverySpecification": { + "AWS::DMS::Endpoint.KafkaSettings": { "additionalProperties": false, "properties": { - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", - "title": "PointInTimeRecoveryEnabled", + "Broker": { + "markdownDescription": "A comma-separated list of one or more broker locations in your Kafka cluster that host your Kafka instance. Specify each broker location in the form `*broker-hostname-or-ip* : *port*` . For example, `\"ec2-12-345-678-901.compute-1.amazonaws.com:2345\"` . For more information and examples of specifying a list of broker locations, see [Using Apache Kafka as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html) in the *AWS Database Migration Service User Guide* .", + "title": "Broker", + "type": "string" + }, + "IncludeControlDetails": { + "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. The default is `false` .", + "title": "IncludeControlDetails", "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.Projection": { - "additionalProperties": false, - "properties": { - "NonKeyAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", - "title": "NonKeyAttributes", - "type": "array" }, - "ProjectionType": { - "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", - "title": "ProjectionType", + "IncludeNullAndEmpty": { + "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", + "title": "IncludeNullAndEmpty", + "type": "boolean" + }, + "IncludePartitionValue": { + "markdownDescription": "Shows the partition value within the Kafka message output unless the partition type is `schema-table-type` . The default is `false` .", + "title": "IncludePartitionValue", + "type": "boolean" + }, + "IncludeTableAlterOperations": { + "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", + "title": "IncludeTableAlterOperations", + "type": "boolean" + }, + "IncludeTransactionDetails": { + "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", + "title": "IncludeTransactionDetails", + "type": "boolean" + }, + "MessageFormat": { + "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", + "title": "MessageFormat", "type": "string" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.ProvisionedThroughput": { - "additionalProperties": false, - "properties": { - "ReadCapacityUnits": { - "markdownDescription": "The maximum number of strongly consistent reads consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", - "title": "ReadCapacityUnits", - "type": "number" }, - "WriteCapacityUnits": { - "markdownDescription": "The maximum number of writes consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", - "title": "WriteCapacityUnits", + "MessageMaxBytes": { + "markdownDescription": "The maximum size in bytes for records created on the endpoint The default is 1,000,000.", + "title": "MessageMaxBytes", "type": "number" - } - }, - "required": [ - "ReadCapacityUnits", - "WriteCapacityUnits" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.ResourcePolicy": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, index, or both. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "PolicyDocument" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.S3BucketSource": { - "additionalProperties": false, - "properties": { - "S3Bucket": { - "markdownDescription": "The S3 bucket that is being imported from.", - "title": "S3Bucket", + }, + "NoHexPrefix": { + "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", + "title": "NoHexPrefix", + "type": "boolean" + }, + "PartitionIncludeSchemaTable": { + "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. The default is `false` .", + "title": "PartitionIncludeSchemaTable", + "type": "boolean" + }, + "SaslPassword": { + "markdownDescription": "The secure password that you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", + "title": "SaslPassword", "type": "string" }, - "S3BucketOwner": { - "markdownDescription": "The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional.", - "title": "S3BucketOwner", + "SaslUserName": { + "markdownDescription": "The secure user name you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", + "title": "SaslUserName", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "The key prefix shared by all S3 Objects that are being imported.", - "title": "S3KeyPrefix", + "SecurityProtocol": { + "markdownDescription": "Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption` , `ssl-authentication` , and `sasl-ssl` . `sasl-ssl` requires `SaslUsername` and `SaslPassword` .", + "title": "SecurityProtocol", + "type": "string" + }, + "SslCaCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint.", + "title": "SslCaCertificateArn", + "type": "string" + }, + "SslClientCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the client certificate used to securely connect to a Kafka target endpoint.", + "title": "SslClientCertificateArn", + "type": "string" + }, + "SslClientKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the client private key used to securely connect to a Kafka target endpoint.", + "title": "SslClientKeyArn", + "type": "string" + }, + "SslClientKeyPassword": { + "markdownDescription": "The password for the client private key used to securely connect to a Kafka target endpoint.", + "title": "SslClientKeyPassword", + "type": "string" + }, + "Topic": { + "markdownDescription": "The topic to which you migrate the data. If you don't specify a topic, AWS DMS specifies `\"kafka-default-topic\"` as the migration topic.", + "title": "Topic", "type": "string" } }, - "required": [ - "S3Bucket" - ], "type": "object" }, - "AWS::DynamoDB::Table.SSESpecification": { + "AWS::DMS::Endpoint.KinesisSettings": { "additionalProperties": false, "properties": { - "KMSMasterKeyId": { - "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", - "title": "KMSMasterKeyId", + "IncludeControlDetails": { + "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. The default is `false` .", + "title": "IncludeControlDetails", + "type": "boolean" + }, + "IncludeNullAndEmpty": { + "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", + "title": "IncludeNullAndEmpty", + "type": "boolean" + }, + "IncludePartitionValue": { + "markdownDescription": "Shows the partition value within the Kinesis message output, unless the partition type is `schema-table-type` . The default is `false` .", + "title": "IncludePartitionValue", + "type": "boolean" + }, + "IncludeTableAlterOperations": { + "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", + "title": "IncludeTableAlterOperations", + "type": "boolean" + }, + "IncludeTransactionDetails": { + "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", + "title": "IncludeTransactionDetails", + "type": "boolean" + }, + "MessageFormat": { + "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", + "title": "MessageFormat", "type": "string" }, - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to `KMS` and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key.", - "title": "SSEEnabled", + "NoHexPrefix": { + "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to an Amazon Kinesis target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", + "title": "NoHexPrefix", "type": "boolean" }, - "SSEType": { - "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", - "title": "SSEType", + "PartitionIncludeSchemaTable": { + "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kinesis shards. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same shard, which causes throttling. The default is `false` .", + "title": "PartitionIncludeSchemaTable", + "type": "boolean" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that AWS DMS uses to write to the Kinesis data stream. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", "type": "string" - } - }, - "required": [ - "SSEEnabled" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.StreamSpecification": { - "additionalProperties": false, - "properties": { - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", - "markdownDescription": "Creates or updates a resource-based policy document that contains the permissions for DynamoDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "ResourcePolicy" }, - "StreamViewType": { - "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", - "title": "StreamViewType", + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Kinesis Data Streams endpoint.", + "title": "StreamArn", "type": "string" } }, - "required": [ - "StreamViewType" - ], "type": "object" }, - "AWS::DynamoDB::Table.TimeToLiveSpecification": { + "AWS::DMS::Endpoint.MicrosoftSqlServerSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the TTL attribute used to store the expiration time for items in the table.\n\n> - The `AttributeName` property is required when enabling the TTL, or when TTL is already enabled.\n> - To update this property, you must first disable TTL and then enable TTL with the new attribute name.", - "title": "AttributeName", + "BcpPacketSize": { + "markdownDescription": "The maximum size of the packets (in bytes) used to transfer data using BCP.", + "title": "BcpPacketSize", + "type": "number" + }, + "ControlTablesFileGroup": { + "markdownDescription": "Specifies a file group for the AWS DMS internal tables. When the replication task starts, all the internal AWS DMS control tables (awsdms_ apply_exception, awsdms_apply, awsdms_changes) are created for the specified file group.", + "title": "ControlTablesFileGroup", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", - "title": "Enabled", + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" + }, + "ForceLobLookup": { + "markdownDescription": "Forces LOB lookup on inline LOB.", + "title": "ForceLobLookup", "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::CapacityReservation": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "Password": { + "markdownDescription": "Endpoint connection password.", + "title": "Password", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" + }, + "QuerySingleAlwaysOnNode": { + "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. An example is a situation where running an alter DDL statement on a table might result in different information about the table cached in the replication instance.", + "title": "QuerySingleAlwaysOnNode", + "type": "boolean" + }, + "ReadBackupOnly": { + "markdownDescription": "When this attribute is set to `Y` , AWS DMS only reads changes from transaction log backups and doesn't read from the active transaction log file during ongoing replication. Setting this parameter to `Y` enables you to control active transaction log file growth during full load and ongoing replication tasks. However, it can add some source latency to ongoing replication.", + "title": "ReadBackupOnly", + "type": "boolean" + }, + "SafeguardPolicy": { + "markdownDescription": "Use this attribute to minimize the need to access the backup log and enable AWS DMS to prevent truncation using one of the following two methods.\n\n*Start transactions in the database:* This is the default method. When this method is used, AWS DMS prevents TLOG truncation by mimicking a transaction in the database. As long as such a transaction is open, changes that appear after the transaction started aren't truncated. If you need Microsoft Replication to be enabled in your database, then you must choose this method.\n\n*Exclusively use sp_repldone within a single task* : When this method is used, AWS DMS reads the changes and then uses sp_repldone to mark the TLOG transactions as ready for truncation. Although this method doesn't involve any transactional activities, it can only be used when Microsoft Replication isn't running. Also, when using this method, only one AWS DMS task can access the database at any given time. Therefore, if you need to run parallel AWS DMS tasks against the same database, use the default method.", + "title": "SafeguardPolicy", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SQL Server endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" }, - "Metadata": { - "type": "object" + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MicrosoftSQLServer endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to create the Capacity Reservation.", - "title": "AvailabilityZone", - "type": "string" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "EndDate": { - "markdownDescription": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.\n\nIf you are requesting a future-dated Capacity Reservation, you can't specify an end date and time that is within the commitment duration.", - "title": "EndDate", - "type": "string" - }, - "EndDateType": { - "markdownDescription": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", - "title": "EndDateType", - "type": "string" - }, - "EphemeralStorage": { - "markdownDescription": "*Deprecated.*", - "title": "EphemeralStorage", - "type": "boolean" - }, - "InstanceCount": { - "markdownDescription": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 100 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *25 * m5.xlarge = 100 vCPUs* ). \n\nValid range: 1 - 1000", - "title": "InstanceCount", - "type": "number" - }, - "InstanceMatchCriteria": { - "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\n> If you are requesting a future-dated Capacity Reservation, you must specify `targeted` . \n\nDefault: `open`", - "title": "InstanceMatchCriteria", - "type": "string" - }, - "InstancePlatform": { - "markdownDescription": "The type of operating system for which to reserve capacity.", - "title": "InstancePlatform", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, and T instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceType", - "type": "string" - }, - "OutPostArn": { - "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", - "title": "OutPostArn", - "type": "string" - }, - "PlacementGroupArn": { - "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", - "title": "PlacementGroupArn", - "type": "string" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservation.TagSpecification" - }, - "markdownDescription": "The tags to apply to the Capacity Reservation during launch.", - "title": "TagSpecifications", - "type": "array" - }, - "Tenancy": { - "markdownDescription": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account .", - "title": "Tenancy", - "type": "string" - } - }, - "required": [ - "AvailabilityZone", - "InstanceCount", - "InstancePlatform", - "InstanceType" - ], - "type": "object" + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::CapacityReservation" - ], + "TlogAccessMode": { + "markdownDescription": "Indicates the mode used to fetch CDC data.", + "title": "TlogAccessMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TrimSpaceInChar": { + "markdownDescription": "Use the `TrimSpaceInChar` source endpoint setting to right-trim data on CHAR and NCHAR data types during migration. Setting `TrimSpaceInChar` does not left-trim data. The default value is `true` .", + "title": "TrimSpaceInChar", + "type": "boolean" + }, + "UseBcpFullLoad": { + "markdownDescription": "Use this to attribute to transfer data for full-load operations using BCP. When the target table contains an identity column that does not exist in the source table, you must disable the use BCP for loading table option.", + "title": "UseBcpFullLoad", + "type": "boolean" + }, + "UseThirdPartyBackupDevice": { + "markdownDescription": "When this attribute is set to `Y` , DMS processes third-party transaction log backups if they are created in native format.", + "title": "UseThirdPartyBackupDevice", + "type": "boolean" + }, + "Username": { + "markdownDescription": "Endpoint connection user name.", + "title": "Username", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::CapacityReservation.TagSpecification": { + "AWS::DMS::Endpoint.MongoDbSettings": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. Specify `capacity-reservation` .", - "title": "ResourceType", + "AuthMechanism": { + "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", + "title": "AuthMechanism", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::CapacityReservationFleet": { - "additionalProperties": false, - "properties": { - "Condition": { + "AuthSource": { + "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", + "title": "AuthSource", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AuthType": { + "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen set to `\"no\"` , user name and password parameters are not used and can be empty.", + "title": "AuthType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseName": { + "markdownDescription": "The database name on the MongoDB source endpoint.", + "title": "DatabaseName", + "type": "string" }, - "Metadata": { - "type": "object" + "DocsToInvestigate": { + "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", + "title": "DocsToInvestigate", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`", - "title": "AllocationStrategy", - "type": "string" - }, - "EndDate": { - "markdownDescription": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` .", - "title": "EndDate", - "type": "string" - }, - "InstanceMatchCriteria": { - "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity.", - "title": "InstanceMatchCriteria", - "type": "string" - }, - "InstanceTypeSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification" - }, - "markdownDescription": "Information about the instance types for which to reserve the capacity.", - "title": "InstanceTypeSpecifications", - "type": "array" - }, - "NoRemoveEndDate": { - "markdownDescription": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter.", - "title": "NoRemoveEndDate", - "type": "boolean" - }, - "RemoveEndDate": { - "markdownDescription": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter.", - "title": "RemoveEndDate", - "type": "boolean" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.TagSpecification" - }, - "markdownDescription": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet.", - "title": "TagSpecifications", - "type": "array" - }, - "Tenancy": { - "markdownDescription": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account .", - "title": "Tenancy", - "type": "string" - }, - "TotalTargetCapacity": { - "markdownDescription": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* .", - "title": "TotalTargetCapacity", - "type": "number" - } - }, - "type": "object" + "ExtractDocId": { + "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", + "title": "ExtractDocId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::CapacityReservationFleet" - ], + "NestingLevel": { + "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", + "title": "NestingLevel", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Password": { + "markdownDescription": "The password for the user account you use to access the MongoDB source endpoint.", + "title": "Password", + "type": "string" + }, + "Port": { + "markdownDescription": "The port value for the MongoDB source endpoint.", + "title": "Port", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MongoDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MongoDB endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerName": { + "markdownDescription": "The name of the server on the MongoDB source endpoint.", + "title": "ServerName", + "type": "string" + }, + "Username": { + "markdownDescription": "The user name you use to access the MongoDB source endpoint.", + "title": "Username", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification": { + "AWS::DMS::Endpoint.MySqlSettings": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", - "title": "AvailabilityZone", - "type": "string" - }, - "AvailabilityZoneId": { - "markdownDescription": "The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", - "title": "AvailabilityZoneId", + "AfterConnectScript": { + "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", + "title": "AfterConnectScript", "type": "string" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types.", - "title": "EbsOptimized", + "CleanSourceMetadataOnMismatch": { + "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. For example, in a situation where running an alter DDL on the table could result in different information about the table cached in the replication instance.", + "title": "CleanSourceMetadataOnMismatch", "type": "boolean" }, - "InstancePlatform": { - "markdownDescription": "The type of operating system for which the Capacity Reservation Fleet reserves capacity.", - "title": "InstancePlatform", + "EventsPollInterval": { + "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", + "title": "EventsPollInterval", + "type": "number" + }, + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" + }, + "ParallelLoadThreads": { + "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", + "title": "ParallelLoadThreads", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "InstanceType": { - "markdownDescription": "The instance type for which the Capacity Reservation Fleet reserves capacity.", - "title": "InstanceType", + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" }, - "Priority": { - "markdownDescription": "The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* .", - "title": "Priority", - "type": "number" + "ServerTimezone": { + "markdownDescription": "Specifies the time zone for the source MySQL database.\n\nExample: `serverTimezone=US/Pacific;`\n\nNote: Do not enclose time zones in single quotes.", + "title": "ServerTimezone", + "type": "string" }, - "Weight": { - "markdownDescription": "The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide.\n\nValid Range: Minimum value of `0.001` . Maximum value of `99.999` .", - "title": "Weight", - "type": "number" + "TargetDbType": { + "markdownDescription": "Specifies where to migrate source tables on the target, either to a single database or multiple databases. If you specify `SPECIFIC_DATABASE` , specify the database name using the `DatabaseName` parameter of the `Endpoint` object.\n\nExample: `targetDbType=MULTIPLE_DATABASES`", + "title": "TargetDbType", + "type": "string" } }, "type": "object" }, - "AWS::EC2::CapacityReservationFleet.TagSpecification": { + "AWS::DMS::Endpoint.NeptuneSettings": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag on creation. Specify `capacity-reservation-fleet` .\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", - "title": "ResourceType", + "ErrorRetryDuration": { + "markdownDescription": "The number of milliseconds for AWS DMS to wait to retry a bulk-load of migrated graph data to the Neptune target database before raising an error. The default is 250.", + "title": "ErrorRetryDuration", + "type": "number" + }, + "IamAuthEnabled": { + "markdownDescription": "If you want IAM authorization enabled for this endpoint, set this parameter to `true` . Then attach the appropriate IAM policy document to your service role specified by `ServiceAccessRoleArn` . The default is `false` .", + "title": "IamAuthEnabled", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "The maximum size in kilobytes of migrated graph data stored in a .csv file before AWS DMS bulk-loads the data to the Neptune target database. The default is 1,048,576 KB. If the bulk load is successful, AWS DMS clears the bucket, ready to store the next batch of migrated graph data.", + "title": "MaxFileSize", + "type": "number" + }, + "MaxRetryCount": { + "markdownDescription": "The number of times for AWS DMS to retry a bulk load of migrated graph data to the Neptune target database before raising an error. The default is 5.", + "title": "MaxRetryCount", + "type": "number" + }, + "S3BucketFolder": { + "markdownDescription": "A folder path where you want AWS DMS to store migrated graph data in the S3 bucket specified by `S3BucketName`", + "title": "S3BucketFolder", "type": "string" }, - "Tags": { + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS DMS can temporarily store migrated graph data in .csv files before bulk-loading it to the Neptune target database. AWS DMS maps the SQL source data to graph data before storing it in these .csv files.", + "title": "S3BucketName", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service role that you created for the Neptune target endpoint. The role must allow the `iam:PassRole` action.\n\nFor more information, see [Creating an IAM Service Role for Accessing Amazon Neptune as a Target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.ServiceRole) in the *AWS Database Migration Service User Guide* .", + "title": "ServiceAccessRoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DMS::Endpoint.OracleSettings": { + "additionalProperties": false, + "properties": { + "AccessAlternateDirectly": { + "markdownDescription": "Set this attribute to `false` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to not access redo logs through any specified path prefix replacement using direct file access.", + "title": "AccessAlternateDirectly", + "type": "boolean" + }, + "AddSupplementalLogging": { + "markdownDescription": "Set this attribute to set up table-level supplemental logging for the Oracle database. This attribute enables PRIMARY KEY supplemental logging on all tables selected for a migration task.\n\nIf you use this option, you still need to enable database-level supplemental logging.", + "title": "AddSupplementalLogging", + "type": "boolean" + }, + "AdditionalArchivedLogDestId": { + "markdownDescription": "Set this attribute with `ArchivedLogDestId` in a primary/ standby setup. This attribute is useful in the case of a switchover. In this case, AWS DMS needs to know which destination to get archive redo logs from to read changes. This need arises because the previous primary instance is now a standby instance after switchover.\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless necessary. For additional information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", + "title": "AdditionalArchivedLogDestId", + "type": "number" + }, + "AllowSelectNestedTables": { + "markdownDescription": "Set this attribute to `true` to enable replication of Oracle tables containing columns that are nested tables or defined types.", + "title": "AllowSelectNestedTables", + "type": "boolean" + }, + "ArchivedLogDestId": { + "markdownDescription": "Specifies the ID of the destination for the archived redo logs. This value should be the same as a number in the dest_id column of the v$archived_log view. If you work with an additional redo log destination, use the `AdditionalArchivedLogDestId` option to specify the additional destination ID. Doing this improves performance by ensuring that the correct logs are accessed from the outset.", + "title": "ArchivedLogDestId", + "type": "number" + }, + "ArchivedLogsOnly": { + "markdownDescription": "When this field is set to `True` , AWS DMS only accesses the archived redo logs. If the archived redo logs are stored on Automatic Storage Management (ASM) only, the AWS DMS user account needs to be granted ASM privileges.", + "title": "ArchivedLogsOnly", + "type": "boolean" + }, + "AsmPassword": { + "markdownDescription": "For an Oracle source endpoint, your Oracle Automatic Storage Management (ASM) password. You can set this value from the `*asm_user_password*` value. You set this value as part of the comma-separated value that you set to the `Password` request parameter when you create the endpoint to access transaction logs using Binary Reader. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmPassword", + "type": "string" + }, + "AsmServer": { + "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmServer", + "type": "string" + }, + "AsmUser": { + "markdownDescription": "For an Oracle source endpoint, your ASM user name. You can set this value from the `asm_user` value. You set `asm_user` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmUser", + "type": "string" + }, + "CharLengthSemantics": { + "markdownDescription": "Specifies whether the length of a character column is in bytes or in characters. To indicate that the character column length is in characters, set this attribute to `CHAR` . Otherwise, the character column length is in bytes.\n\nExample: `charLengthSemantics=CHAR;`", + "title": "CharLengthSemantics", + "type": "string" + }, + "DirectPathNoLog": { + "markdownDescription": "When set to `true` , this attribute helps to increase the commit rate on the Oracle target database by writing directly to tables and not writing a trail to database logs.", + "title": "DirectPathNoLog", + "type": "boolean" + }, + "DirectPathParallelLoad": { + "markdownDescription": "When set to `true` , this attribute specifies a parallel load when `useDirectPathFullLoad` is set to `Y` . This attribute also only applies when you use the AWS DMS parallel load feature. Note that the target table cannot have any constraints or indexes.", + "title": "DirectPathParallelLoad", + "type": "boolean" + }, + "EnableHomogenousTablespace": { + "markdownDescription": "Set this attribute to enable homogenous tablespace replication and create existing tables or indexes under the same tablespace on the target.", + "title": "EnableHomogenousTablespace", + "type": "boolean" + }, + "ExtraArchivedLogDestIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "number" }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", + "markdownDescription": "Specifies the IDs of one more destinations for one or more archived redo logs. These IDs are the values of the `dest_id` column in the `v$archived_log` view. Use this setting with the `archivedLogDestId` extra connection attribute in a primary-to-single setup or a primary-to-multiple-standby setup.\n\nThis setting is useful in a switchover when you use an Oracle Data Guard database as a source. In this case, AWS DMS needs information about what destination to get archive redo logs from to read changes. AWS DMS needs this because after the switchover the previous primary is a standby instance. For example, in a primary-to-single standby setup you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2]`\n\nIn a primary-to-multiple-standby setup, you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2,3,4]`\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless it's necessary. For more information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", + "title": "ExtraArchivedLogDestIds", "type": "array" + }, + "FailTasksOnLobTruncation": { + "markdownDescription": "When set to `true` , this attribute causes a task to fail if the actual size of an LOB column is greater than the specified `LobMaxSize` .\n\nIf a task is set to limited LOB mode and this option is set to `true` , the task fails instead of truncating the LOB data.", + "title": "FailTasksOnLobTruncation", + "type": "boolean" + }, + "NumberDatatypeScale": { + "markdownDescription": "Specifies the number scale. You can select a scale up to 38, or you can select FLOAT. By default, the NUMBER data type is converted to precision 38, scale 10.\n\nExample: `numberDataTypeScale=12`", + "title": "NumberDatatypeScale", + "type": "number" + }, + "OraclePathPrefix": { + "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the default Oracle root used to access the redo logs.", + "title": "OraclePathPrefix", + "type": "string" + }, + "ParallelAsmReadThreads": { + "markdownDescription": "Set this attribute to change the number of threads that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 2 (the default) and 8 (the maximum). Use this attribute together with the `readAheadBlocks` attribute.", + "title": "ParallelAsmReadThreads", + "type": "number" + }, + "ReadAheadBlocks": { + "markdownDescription": "Set this attribute to change the number of read-ahead blocks that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 1000 (the default) and 200,000 (the maximum).", + "title": "ReadAheadBlocks", + "type": "number" + }, + "ReadTableSpaceName": { + "markdownDescription": "When set to `true` , this attribute supports tablespace replication.", + "title": "ReadTableSpaceName", + "type": "boolean" + }, + "ReplacePathPrefix": { + "markdownDescription": "Set this attribute to true in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This setting tells DMS instance to replace the default Oracle root with the specified `usePathPrefix` setting to access the redo logs.", + "title": "ReplacePathPrefix", + "type": "boolean" + }, + "RetryInterval": { + "markdownDescription": "Specifies the number of seconds that the system waits before resending a query.\n\nExample: `retryInterval=6;`", + "title": "RetryInterval", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Oracle endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerOracleAsmAccessRoleArn": { + "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerOracleAsmSecret` , the corresponding `SecretsManagerOracleAsmAccessRoleArn` , and the `SecretsManagerOracleAsmSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerOracleAsmAccessRoleArn", + "type": "string" + }, + "SecretsManagerOracleAsmSecretId": { + "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN, partial ARN, or display name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", + "title": "SecretsManagerOracleAsmSecretId", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Oracle endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "SecurityDbEncryption": { + "markdownDescription": "For an Oracle source endpoint, the transparent data encryption (TDE) password required by AWM DMS to access Oracle redo logs encrypted by TDE using Binary Reader. It is also the `*TDE_Password*` part of the comma-separated value you set to the `Password` request parameter when you create the endpoint. The `SecurityDbEncryptian` setting is related to this `SecurityDbEncryptionName` setting. For more information, see [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", + "title": "SecurityDbEncryption", + "type": "string" + }, + "SecurityDbEncryptionName": { + "markdownDescription": "For an Oracle source endpoint, the name of a key used for the transparent data encryption (TDE) of the columns and tablespaces in an Oracle source database that is encrypted using TDE. The key value is the value of the `SecurityDbEncryption` setting. For more information on setting the key name value of `SecurityDbEncryptionName` , see the information and example for setting the `securityDbEncryptionName` extra connection attribute in [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", + "title": "SecurityDbEncryptionName", + "type": "string" + }, + "SpatialDataOptionToGeoJsonFunctionName": { + "markdownDescription": "Use this attribute to convert `SDO_GEOMETRY` to `GEOJSON` format. By default, DMS calls the `SDO2GEOJSON` custom function if present and accessible. Or you can create your own custom function that mimics the operation of `SDOGEOJSON` and set `SpatialDataOptionToGeoJsonFunctionName` to call it instead.", + "title": "SpatialDataOptionToGeoJsonFunctionName", + "type": "string" + }, + "StandbyDelayTime": { + "markdownDescription": "Use this attribute to specify a time in minutes for the delay in standby sync. If the source is an Oracle Active Data Guard standby database, use this attribute to specify the time lag between primary and standby databases.\n\nIn AWS DMS , you can create an Oracle CDC task that uses an Active Data Guard standby instance as a source for replicating ongoing changes. Doing this eliminates the need to connect to an active database that might be in production.", + "title": "StandbyDelayTime", + "type": "number" + }, + "UseAlternateFolderForOnline": { + "markdownDescription": "Set this attribute to `true` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to use any specified prefix replacement to access all online redo logs.", + "title": "UseAlternateFolderForOnline", + "type": "boolean" + }, + "UseBFile": { + "markdownDescription": "Set this attribute to True to capture change data using the Binary Reader utility. Set `UseLogminerReader` to False to set this attribute to True. To use Binary Reader with Amazon RDS for Oracle as the source, you set additional attributes. For more information about using this setting with Oracle Automatic Storage Management (ASM), see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) .", + "title": "UseBFile", + "type": "boolean" + }, + "UseDirectPathFullLoad": { + "markdownDescription": "Set this attribute to True to have AWS DMS use a direct path full load. Specify this value to use the direct path protocol in the Oracle Call Interface (OCI). By using this OCI protocol, you can bulk-load Oracle target tables during a full load.", + "title": "UseDirectPathFullLoad", + "type": "boolean" + }, + "UseLogminerReader": { + "markdownDescription": "Set this attribute to True to capture change data using the Oracle LogMiner utility (the default). Set this attribute to False if you want to access the redo logs as a binary file. When you set `UseLogminerReader` to False, also set `UseBfile` to True. For more information on this setting and using Oracle ASM, see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) in the *AWS DMS User Guide* .", + "title": "UseLogminerReader", + "type": "boolean" + }, + "UsePathPrefix": { + "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the path prefix used to replace the default Oracle root to access the redo logs.", + "title": "UsePathPrefix", + "type": "string" } }, "type": "object" }, - "AWS::EC2::CarrierGateway": { + "AWS::DMS::Endpoint.PostgreSqlSettings": { + "additionalProperties": false, + "properties": { + "AfterConnectScript": { + "markdownDescription": "For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data.\n\nExample: `afterConnectScript=SET session_replication_role='replica'`", + "title": "AfterConnectScript", + "type": "string" + }, + "BabelfishDatabaseName": { + "markdownDescription": "The Babelfish for Aurora PostgreSQL database name for the endpoint.", + "title": "BabelfishDatabaseName", + "type": "string" + }, + "CaptureDdls": { + "markdownDescription": "To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts. You can later remove these artifacts.\n\nIf this value is set to `True` , you don't have to create tables or triggers on the source database.", + "title": "CaptureDdls", + "type": "boolean" + }, + "DatabaseMode": { + "markdownDescription": "Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints.", + "title": "DatabaseMode", + "type": "string" + }, + "DdlArtifactsSchema": { + "markdownDescription": "The schema in which the operational DDL database artifacts are created.\n\nThe default value is `public` .\n\nExample: `ddlArtifactsSchema=xyzddlschema;`", + "title": "DdlArtifactsSchema", + "type": "string" + }, + "ExecuteTimeout": { + "markdownDescription": "Sets the client statement timeout for the PostgreSQL instance, in seconds. The default value is 60 seconds.\n\nExample: `executeTimeout=100;`", + "title": "ExecuteTimeout", + "type": "number" + }, + "FailTasksOnLobTruncation": { + "markdownDescription": "When set to `true` , this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize` .\n\nThe default value is `false` .\n\nIf task is set to Limited LOB mode and this option is set to true, the task fails instead of truncating the LOB data.", + "title": "FailTasksOnLobTruncation", + "type": "boolean" + }, + "HeartbeatEnable": { + "markdownDescription": "The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source. This heartbeat keeps `restart_lsn` moving and prevents storage full scenarios.\n\nThe default value is `false` .", + "title": "HeartbeatEnable", + "type": "boolean" + }, + "HeartbeatFrequency": { + "markdownDescription": "Sets the WAL heartbeat frequency (in minutes).\n\nThe default value is 5 minutes.", + "title": "HeartbeatFrequency", + "type": "number" + }, + "HeartbeatSchema": { + "markdownDescription": "Sets the schema in which the heartbeat artifacts are created.\n\nThe default value is `public` .", + "title": "HeartbeatSchema", + "type": "string" + }, + "MapBooleanAsBoolean": { + "markdownDescription": "When true, lets PostgreSQL migrate the boolean type as boolean. By default, PostgreSQL migrates booleans as `varchar(5)` . You must set this setting on both the source and target endpoints for it to take effect.\n\nThe default value is `false` .", + "title": "MapBooleanAsBoolean", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL.\n\nThe default value is 32,768 KB (32 MB).\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" + }, + "PluginName": { + "markdownDescription": "Specifies the plugin to use to create a replication slot.\n\nThe default value is `pglogical` .", + "title": "PluginName", + "type": "string" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the PostgreSQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the PostgreSQL endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "SlotName": { + "markdownDescription": "Sets the name of a previously created logical replication slot for a change data capture (CDC) load of the PostgreSQL source instance.\n\nWhen used with the `CdcStartPosition` request parameter for the AWS DMS API , this attribute also makes it possible to use native CDC start points. DMS verifies that the specified logical replication slot exists before starting the CDC load task. It also verifies that the task was created with a valid setting of `CdcStartPosition` . If the specified slot doesn't exist or the task doesn't have a valid `CdcStartPosition` setting, DMS raises an error.\n\nFor more information about setting the `CdcStartPosition` request parameter, see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native) in the *AWS Database Migration Service User Guide* . For more information about using `CdcStartPosition` , see [CreateReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html) , [StartReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html) , and [ModifyReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html) .", + "title": "SlotName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DMS::Endpoint.RedisSettings": { + "additionalProperties": false, + "properties": { + "AuthPassword": { + "markdownDescription": "The password provided with the `auth-role` and `auth-token` options of the `AuthType` setting for a Redis target endpoint.", + "title": "AuthPassword", + "type": "string" + }, + "AuthType": { + "markdownDescription": "The type of authentication to perform when connecting to a Redis target. Options include `none` , `auth-token` , and `auth-role` . The `auth-token` option requires an `AuthPassword` value to be provided. The `auth-role` option requires `AuthUserName` and `AuthPassword` values to be provided.", + "title": "AuthType", + "type": "string" + }, + "AuthUserName": { + "markdownDescription": "The user name provided with the `auth-role` option of the `AuthType` setting for a Redis target endpoint.", + "title": "AuthUserName", + "type": "string" + }, + "Port": { + "markdownDescription": "Transmission Control Protocol (TCP) port for the endpoint.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint.", + "title": "ServerName", + "type": "string" + }, + "SslCaCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint.", + "title": "SslCaCertificateArn", + "type": "string" + }, + "SslSecurityProtocol": { + "markdownDescription": "The connection to a Redis target endpoint using Transport Layer Security (TLS). Valid values include `plaintext` and `ssl-encryption` . The default is `ssl-encryption` . The `ssl-encryption` option makes an encrypted connection. Optionally, you can identify an Amazon Resource Name (ARN) for an SSL certificate authority (CA) using the `SslCaCertificateArn` setting. If an ARN isn't given for a CA, DMS uses the Amazon root CA.\n\nThe `plaintext` option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database.", + "title": "SslSecurityProtocol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DMS::Endpoint.RedshiftSettings": { + "additionalProperties": false, + "properties": { + "AcceptAnyDate": { + "markdownDescription": "A value that indicates to allow any date format, including invalid formats such as 00/00/00 00:00:00, to be loaded without generating an error. You can choose `true` or `false` (the default).\n\nThis parameter applies only to TIMESTAMP and DATE columns. Always use ACCEPTANYDATE with the DATEFORMAT parameter. If the date format for the data doesn't match the DATEFORMAT specification, Amazon Redshift inserts a NULL value into that field.", + "title": "AcceptAnyDate", + "type": "boolean" + }, + "AfterConnectScript": { + "markdownDescription": "Code to run after connecting. This parameter should contain the code itself, not the name of a file containing the code.", + "title": "AfterConnectScript", + "type": "string" + }, + "BucketFolder": { + "markdownDescription": "An S3 folder where the comma-separated-value (.csv) files are stored before being uploaded to the target Redshift cluster.\n\nFor full load mode, AWS DMS converts source records into .csv files and loads them to the *BucketFolder/TableID* path. AWS DMS uses the Redshift `COPY` command to upload the .csv files to the target table. The files are deleted once the `COPY` operation has finished. For more information, see [COPY](https://docs.aws.amazon.com/redshift/latest/dg/r_COPY.html) in the *Amazon Redshift Database Developer Guide* .\n\nFor change-data-capture (CDC) mode, AWS DMS creates a *NetChanges* table, and loads the .csv files to this *BucketFolder/NetChangesTableID* path.", + "title": "BucketFolder", + "type": "string" + }, + "BucketName": { + "markdownDescription": "The name of the intermediate S3 bucket used to store .csv files before uploading data to Redshift.", + "title": "BucketName", + "type": "string" + }, + "CaseSensitiveNames": { + "markdownDescription": "If Amazon Redshift is configured to support case sensitive schema names, set `CaseSensitiveNames` to `true` . The default is `false` .", + "title": "CaseSensitiveNames", + "type": "boolean" + }, + "CompUpdate": { + "markdownDescription": "If you set `CompUpdate` to `true` Amazon Redshift applies automatic compression if the table is empty. This applies even if the table columns already have encodings other than `RAW` . If you set `CompUpdate` to `false` , automatic compression is disabled and existing column encodings aren't changed. The default is `true` .", + "title": "CompUpdate", + "type": "boolean" + }, + "ConnectionTimeout": { + "markdownDescription": "A value that sets the amount of time to wait (in milliseconds) before timing out, beginning from when you initially establish a connection.", + "title": "ConnectionTimeout", + "type": "number" + }, + "DateFormat": { + "markdownDescription": "The date format that you are using. Valid values are `auto` (case-sensitive), your date format string enclosed in quotes, or NULL. If this parameter is left unset (NULL), it defaults to a format of 'YYYY-MM-DD'. Using `auto` recognizes most strings, even some that aren't supported when you use a date format string.\n\nIf your date and time values use formats different from each other, set this to `auto` .", + "title": "DateFormat", + "type": "string" + }, + "EmptyAsNull": { + "markdownDescription": "A value that specifies whether AWS DMS should migrate empty CHAR and VARCHAR fields as NULL. A value of `true` sets empty CHAR and VARCHAR fields to null. The default is `false` .", + "title": "EmptyAsNull", + "type": "boolean" + }, + "EncryptionMode": { + "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , create an AWS Identity and Access Management (IAM) role with a policy that allows `\"arn:aws:s3:::*\"` to use the following actions: `\"s3:PutObject\", \"s3:ListBucket\"`", + "title": "EncryptionMode", + "type": "string" + }, + "ExplicitIds": { + "markdownDescription": "This setting is only valid for a full-load migration task. Set `ExplicitIds` to `true` to have tables with `IDENTITY` columns override their auto-generated values with explicit values loaded from the source data files used to populate the tables. The default is `false` .", + "title": "ExplicitIds", + "type": "boolean" + }, + "FileTransferUploadStreams": { + "markdownDescription": "The number of threads used to upload a single file. This parameter accepts a value from 1 through 64. It defaults to 10.\n\nThe number of parallel streams used to upload a single .csv file to an S3 bucket using S3 Multipart Upload. For more information, see [Multipart upload overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) .\n\n`FileTransferUploadStreams` accepts a value from 1 through 64. It defaults to 10.", + "title": "FileTransferUploadStreams", + "type": "number" + }, + "LoadTimeout": { + "markdownDescription": "The amount of time to wait (in milliseconds) before timing out of operations performed by AWS DMS on a Redshift cluster, such as Redshift COPY, INSERT, DELETE, and UPDATE.", + "title": "LoadTimeout", + "type": "number" + }, + "MapBooleanAsBoolean": { + "markdownDescription": "When true, lets Redshift migrate the boolean type as boolean. By default, Redshift migrates booleans as `varchar(1)` . You must set this setting on both the source and target endpoints for it to take effect.", + "title": "MapBooleanAsBoolean", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "The maximum size (in KB) of any .csv file used to load data on an S3 bucket and transfer data to Amazon Redshift. It defaults to 1048576KB (1 GB).", + "title": "MaxFileSize", + "type": "number" + }, + "RemoveQuotes": { + "markdownDescription": "A value that specifies to remove surrounding quotation marks from strings in the incoming data. All characters within the quotation marks, including delimiters, are retained. Choose `true` to remove quotation marks. The default is `false` .", + "title": "RemoveQuotes", + "type": "boolean" + }, + "ReplaceChars": { + "markdownDescription": "A value that specifies to replaces the invalid characters specified in `ReplaceInvalidChars` , substituting the specified characters instead. The default is `\"?\"` .", + "title": "ReplaceChars", + "type": "string" + }, + "ReplaceInvalidChars": { + "markdownDescription": "A list of characters that you want to replace. Use with `ReplaceChars` .", + "title": "ReplaceInvalidChars", + "type": "string" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Amazon Redshift endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Amazon Redshift endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerSideEncryptionKmsKeyId": { + "markdownDescription": "The AWS KMS key ID. If you are using `SSE_KMS` for the `EncryptionMode` , provide this key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.", + "title": "ServerSideEncryptionKmsKeyId", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that has access to the Amazon Redshift service. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "TimeFormat": { + "markdownDescription": "The time format that you want to use. Valid values are `auto` (case-sensitive), `'timeformat_string'` , `'epochsecs'` , or `'epochmillisecs'` . It defaults to 10. Using `auto` recognizes most strings, even some that aren't supported when you use a time format string.\n\nIf your date and time values use formats different from each other, set this parameter to `auto` .", + "title": "TimeFormat", + "type": "string" + }, + "TrimBlanks": { + "markdownDescription": "A value that specifies to remove the trailing white space characters from a VARCHAR string. This parameter applies only to columns with a VARCHAR data type. Choose `true` to remove unneeded white space. The default is `false` .", + "title": "TrimBlanks", + "type": "boolean" + }, + "TruncateColumns": { + "markdownDescription": "A value that specifies to truncate data in columns to the appropriate number of characters, so that the data fits in the column. This parameter applies only to columns with a VARCHAR or CHAR data type, and rows with a size of 4 MB or less. Choose `true` to truncate data. The default is `false` .", + "title": "TruncateColumns", + "type": "boolean" + }, + "WriteBufferSize": { + "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk at the DMS replication instance. The default value is 1000 (buffer size is 1000KB).", + "title": "WriteBufferSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DMS::Endpoint.S3Settings": { + "additionalProperties": false, + "properties": { + "AddColumnName": { + "markdownDescription": "An optional parameter that, when set to `true` or `y` , you can use to add column name information to the .csv output file.\n\nThe default value is `false` . Valid values are `true` , `false` , `y` , and `n` .", + "title": "AddColumnName", + "type": "boolean" + }, + "AddTrailingPaddingCharacter": { + "markdownDescription": "Use the S3 target endpoint setting `AddTrailingPaddingCharacter` to add padding on string data. The default value is `false` .", + "title": "AddTrailingPaddingCharacter", + "type": "boolean" + }, + "BucketFolder": { + "markdownDescription": "An optional parameter to set a folder name in the S3 bucket. If provided, tables are created in the path `*bucketFolder* / *schema_name* / *table_name* /` . If this parameter isn't specified, the path used is `*schema_name* / *table_name* /` .", + "title": "BucketFolder", + "type": "string" + }, + "BucketName": { + "markdownDescription": "The name of the S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "CannedAclForObjects": { + "markdownDescription": "A value that enables AWS DMS to specify a predefined (canned) access control list (ACL) for objects created in an Amazon S3 bucket as .csv or .parquet files. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 Developer Guide* .\n\nThe default value is NONE. Valid values include NONE, PRIVATE, PUBLIC_READ, PUBLIC_READ_WRITE, AUTHENTICATED_READ, AWS_EXEC_READ, BUCKET_OWNER_READ, and BUCKET_OWNER_FULL_CONTROL.", + "title": "CannedAclForObjects", + "type": "string" + }, + "CdcInsertsAndUpdates": { + "markdownDescription": "A value that enables a change data capture (CDC) load to write INSERT and UPDATE operations to .csv or .parquet (columnar storage) output files. The default setting is `false` , but when `CdcInsertsAndUpdates` is set to `true` or `y` , only INSERTs and UPDATEs from the source database are migrated to the .csv or .parquet file.\n\nFor .csv file format only, how these INSERTs and UPDATEs are recorded depends on the value of the `IncludeOpForFullLoad` parameter. If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to either `I` or `U` to indicate INSERT and UPDATE operations at the source. But if `IncludeOpForFullLoad` is set to `false` , CDC records are written without an indication of INSERT or UPDATE operations at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the use of the `CdcInsertsAndUpdates` parameter in versions 3.3.1 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", + "title": "CdcInsertsAndUpdates", + "type": "boolean" + }, + "CdcInsertsOnly": { + "markdownDescription": "A value that enables a change data capture (CDC) load to write only INSERT operations to .csv or columnar storage (.parquet) output files. By default (the `false` setting), the first field in a .csv or .parquet record contains the letter I (INSERT), U (UPDATE), or D (DELETE). These values indicate whether the row was inserted, updated, or deleted at the source database for a CDC load to the target.\n\nIf `CdcInsertsOnly` is set to `true` or `y` , only INSERTs from the source database are migrated to the .csv or .parquet file. For .csv format only, how these INSERTs are recorded depends on the value of `IncludeOpForFullLoad` . If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to I to indicate the INSERT operation at the source. If `IncludeOpForFullLoad` is set to `false` , every CDC record is written without a first field to indicate the INSERT operation at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the interaction described preceding between the `CdcInsertsOnly` and `IncludeOpForFullLoad` parameters in versions 3.1.4 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", + "title": "CdcInsertsOnly", + "type": "boolean" + }, + "CdcMaxBatchInterval": { + "markdownDescription": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3.\n\nWhen `CdcMaxBatchInterval` and `CdcMinFileSize` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 60 seconds.", + "title": "CdcMaxBatchInterval", + "type": "number" + }, + "CdcMinFileSize": { + "markdownDescription": "Minimum file size, defined in kilobytes, to reach for a file output to Amazon S3.\n\nWhen `CdcMinFileSize` and `CdcMaxBatchInterval` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 32 MB.", + "title": "CdcMinFileSize", + "type": "number" + }, + "CdcPath": { + "markdownDescription": "Specifies the folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `CdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. For an S3 target if you set [`PreserveTransactions`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-PreserveTransactions) to `true` , AWS DMS verifies that you have set this parameter to a folder path on your S3 target where AWS DMS can save the transaction order for the CDC load. AWS DMS creates this CDC folder path in either your S3 target working directory or the S3 target location specified by [`BucketFolder`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketFolder) and [`BucketName`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketName) .\n\nFor example, if you specify `CdcPath` as `MyChangedData` , and you specify `BucketName` as `MyTargetBucket` but do not specify `BucketFolder` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyChangedData` .\n\nIf you specify the same `CdcPath` , and you specify `BucketName` as `MyTargetBucket` and `BucketFolder` as `MyTargetData` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyTargetData/MyChangedData` .\n\nFor more information on CDC including transaction order on an S3 target, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", + "title": "CdcPath", + "type": "string" + }, + "CompressionType": { + "markdownDescription": "An optional parameter. When set to GZIP it enables the service to compress the target files. To allow the service to write the target files uncompressed, either set this parameter to NONE (the default) or don't specify the parameter at all. This parameter applies to both .csv and .parquet file formats.", + "title": "CompressionType", + "type": "string" + }, + "CsvDelimiter": { + "markdownDescription": "The delimiter used to separate columns in the .csv file for both source and target. The default is a comma.", + "title": "CsvDelimiter", + "type": "string" + }, + "CsvNoSupValue": { + "markdownDescription": "This setting only applies if your Amazon S3 output files during a change data capture (CDC) load are written in .csv format. If [`UseCsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-UseCsvNoSupValue) is set to true, specify a string value that you want AWS DMS to use for all columns not included in the supplemental log. If you do not specify a string value, AWS DMS uses the null value for these columns regardless of the `UseCsvNoSupValue` setting.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", + "title": "CsvNoSupValue", + "type": "string" + }, + "CsvNullValue": { + "markdownDescription": "An optional parameter that specifies how AWS DMS treats null values. While handling the null value, you can use this parameter to pass a user-defined string as null when writing to the target. For example, when target columns are not nullable, you can use this option to differentiate between the empty string value and the null value. So, if you set this parameter value to the empty string (\"\" or ''), AWS DMS treats the empty string as the null value instead of `NULL` .\n\nThe default value is `NULL` . Valid values include any valid string.", + "title": "CsvNullValue", + "type": "string" + }, + "CsvRowDelimiter": { + "markdownDescription": "The delimiter used to separate rows in the .csv file for both source and target.\n\nThe default is a carriage return ( `\\n` ).", + "title": "CsvRowDelimiter", + "type": "string" + }, + "DataFormat": { + "markdownDescription": "The format of the data that you want to use for output. You can choose one of the following:\n\n- `csv` : This is a row-based file format with comma-separated values (.csv).\n- `parquet` : Apache Parquet (.parquet) is a columnar storage file format that features efficient compression and provides faster query response.", + "title": "DataFormat", + "type": "string" + }, + "DataPageSize": { + "markdownDescription": "The size of one data page in bytes. This parameter defaults to 1024 * 1024 bytes (1 MiB). This number is used for .parquet file format only.", + "title": "DataPageSize", + "type": "number" + }, + "DatePartitionDelimiter": { + "markdownDescription": "Specifies a date separating delimiter to use during folder partitioning. The default value is `SLASH` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", + "title": "DatePartitionDelimiter", + "type": "string" + }, + "DatePartitionEnabled": { + "markdownDescription": "When set to `true` , this parameter partitions S3 bucket folders based on transaction commit dates. The default value is `false` . For more information about date-based folder partitioning, see [Using date-based folder partitioning](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.DatePartitioning) .", + "title": "DatePartitionEnabled", + "type": "boolean" + }, + "DatePartitionSequence": { + "markdownDescription": "Identifies the sequence of the date format to use during folder partitioning. The default value is `YYYYMMDD` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", + "title": "DatePartitionSequence", + "type": "string" + }, + "DatePartitionTimezone": { + "markdownDescription": "When creating an S3 target endpoint, set `DatePartitionTimezone` to convert the current UTC time into a specified time zone. The conversion occurs when a date partition folder is created and a change data capture (CDC) file name is generated. The time zone format is Area/Location. Use this parameter when `DatePartitionedEnabled` is set to `true` , as shown in the following example.\n\n`s3-settings='{\"DatePartitionEnabled\": true, \"DatePartitionSequence\": \"YYYYMMDDHH\", \"DatePartitionDelimiter\": \"SLASH\", \"DatePartitionTimezone\":\" *Asia/Seoul* \", \"BucketName\": \"dms-nattarat-test\"}'`", + "title": "DatePartitionTimezone", + "type": "string" + }, + "DictPageSizeLimit": { + "markdownDescription": "The maximum size of an encoded dictionary page of a column. If the dictionary page exceeds this, this column is stored using an encoding type of `PLAIN` . This parameter defaults to 1024 * 1024 bytes (1 MiB), the maximum size of a dictionary page before it reverts to `PLAIN` encoding. This size is used for .parquet file format only.", + "title": "DictPageSizeLimit", + "type": "number" + }, + "EnableStatistics": { + "markdownDescription": "A value that enables statistics for Parquet pages and row groups. Choose `true` to enable statistics, `false` to disable. Statistics include `NULL` , `DISTINCT` , `MAX` , and `MIN` values. This parameter defaults to `true` . This value is used for .parquet file format only.", + "title": "EnableStatistics", + "type": "boolean" + }, + "EncodingType": { + "markdownDescription": "The type of encoding that you're using:\n\n- `RLE_DICTIONARY` uses a combination of bit-packing and run-length encoding to store repeated values more efficiently. This is the default.\n- `PLAIN` doesn't use encoding at all. Values are stored as they are.\n- `PLAIN_DICTIONARY` builds a dictionary of the values encountered in a given column. The dictionary is stored in a dictionary page for each column chunk.", + "title": "EncodingType", + "type": "string" + }, + "EncryptionMode": { + "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , you need an IAM role with permission to allow `\"arn:aws:s3:::dms-*\"` to use the following actions:\n\n- `s3:CreateBucket`\n- `s3:ListBucket`\n- `s3:DeleteBucket`\n- `s3:GetBucketLocation`\n- `s3:GetObject`\n- `s3:PutObject`\n- `s3:DeleteObject`\n- `s3:GetObjectVersion`\n- `s3:GetBucketPolicy`\n- `s3:PutBucketPolicy`\n- `s3:DeleteBucketPolicy`", + "title": "EncryptionMode", + "type": "string" + }, + "ExpectedBucketOwner": { + "markdownDescription": "To specify a bucket owner and prevent sniping, you can use the `ExpectedBucketOwner` endpoint setting.\n\nExample: `--s3-settings='{\"ExpectedBucketOwner\": \" *AWS_Account_ID* \"}'`\n\nWhen you make a request to test a connection or perform a migration, S3 checks the account ID of the bucket owner against the specified parameter.", + "title": "ExpectedBucketOwner", + "type": "string" + }, + "ExternalTableDefinition": { + "markdownDescription": "The external table definition.\n\nConditional: If `S3` is used as a source then `ExternalTableDefinition` is required.", + "title": "ExternalTableDefinition", + "type": "string" + }, + "GlueCatalogGeneration": { + "markdownDescription": "When true, allows AWS Glue to catalog your S3 bucket. Creating an AWS Glue catalog lets you use Athena to query your data.", + "title": "GlueCatalogGeneration", + "type": "boolean" + }, + "IgnoreHeaderRows": { + "markdownDescription": "When this value is set to 1, AWS DMS ignores the first row header in a .csv file. A value of 1 turns on the feature; a value of 0 turns off the feature.\n\nThe default is 0.", + "title": "IgnoreHeaderRows", + "type": "number" + }, + "IncludeOpForFullLoad": { + "markdownDescription": "A value that enables a full load to write INSERT operations to the comma-separated value (.csv) output files only to indicate how the rows were added to the source database.\n\n> AWS DMS supports the `IncludeOpForFullLoad` parameter in versions 3.1.4 and later. \n\nFor full load, records can only be inserted. By default (the `false` setting), no information is recorded in these output files for a full load to indicate that the rows were inserted at the source database. If `IncludeOpForFullLoad` is set to `true` or `y` , the INSERT is recorded as an I annotation in the first field of the .csv file. This allows the format of your target records from a full load to be consistent with the target records from a CDC load.\n\n> This setting works together with the `CdcInsertsOnly` and the `CdcInsertsAndUpdates` parameters for output to .csv files only. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .", + "title": "IncludeOpForFullLoad", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "A value that specifies the maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load.\n\nThe default value is 1,048,576 KB (1 GB). Valid values include 1 to 1,048,576.", + "title": "MaxFileSize", + "type": "number" + }, + "ParquetTimestampInMillisecond": { + "markdownDescription": "A value that specifies the precision of any `TIMESTAMP` column values that are written to an Amazon S3 object file in .parquet format.\n\n> AWS DMS supports the `ParquetTimestampInMillisecond` parameter in versions 3.1.4 and later. \n\nWhen `ParquetTimestampInMillisecond` is set to `true` or `y` , AWS DMS writes all `TIMESTAMP` columns in a .parquet formatted file with millisecond precision. Otherwise, DMS writes them with microsecond precision.\n\nCurrently, Amazon Athena and AWS Glue can handle only millisecond precision for `TIMESTAMP` values. Set this parameter to `true` for S3 endpoint object files that are .parquet formatted only if you plan to query or process the data with Athena or AWS Glue .\n\n> AWS DMS writes any `TIMESTAMP` column values written to an S3 file in .csv format with microsecond precision.\n> \n> Setting `ParquetTimestampInMillisecond` has no effect on the string format of the timestamp column value that is inserted by setting the `TimestampColumnName` parameter.", + "title": "ParquetTimestampInMillisecond", + "type": "boolean" + }, + "ParquetVersion": { + "markdownDescription": "The version of the Apache Parquet format that you want to use: `parquet_1_0` (the default) or `parquet_2_0` .", + "title": "ParquetVersion", + "type": "string" + }, + "PreserveTransactions": { + "markdownDescription": "If this setting is set to `true` , AWS DMS saves the transaction order for a change data capture (CDC) load on the Amazon S3 target specified by [`CdcPath`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CdcPath) . For more information, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", + "title": "PreserveTransactions", + "type": "boolean" + }, + "Rfc4180": { + "markdownDescription": "For an S3 source, when this value is set to `true` or `y` , each leading double quotation mark has to be followed by an ending double quotation mark. This formatting complies with RFC 4180. When this value is set to `false` or `n` , string literals are copied to the target as is. In this case, a delimiter (row or column) signals the end of the field. Thus, you can't use a delimiter as part of the string, because it signals the end of the value.\n\nFor an S3 target, an optional parameter used to set behavior to comply with RFC 4180 for data migrated to Amazon S3 using .csv file format only. When this value is set to `true` or `y` using Amazon S3 as a target, if the data has quotation marks or newline characters in it, AWS DMS encloses the entire column with an additional pair of double quotation marks (\"). Every quotation mark within the data is repeated twice.\n\nThe default value is `true` . Valid values include `true` , `false` , `y` , and `n` .", + "title": "Rfc4180", + "type": "boolean" + }, + "RowGroupLength": { + "markdownDescription": "The number of rows in a row group. A smaller row group size provides faster reads. But as the number of row groups grows, the slower writes become. This parameter defaults to 10,000 rows. This number is used for .parquet file format only.\n\nIf you choose a value larger than the maximum, `RowGroupLength` is set to the max row group length in bytes (64 * 1024 * 1024).", + "title": "RowGroupLength", + "type": "number" + }, + "ServerSideEncryptionKmsKeyId": { + "markdownDescription": "If you are using `SSE_KMS` for the `EncryptionMode` , provide the AWS KMS key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.\n\nHere is a CLI example: `aws dms create-endpoint --endpoint-identifier *value* --endpoint-type target --engine-name s3 --s3-settings ServiceAccessRoleArn= *value* ,BucketFolder= *value* ,BucketName= *value* ,EncryptionMode=SSE_KMS,ServerSideEncryptionKmsKeyId= *value*`", + "title": "ServerSideEncryptionKmsKeyId", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "A required parameter that specifies the Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action. It enables AWS DMS to read and write objects from an S3 bucket.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "TimestampColumnName": { + "markdownDescription": "A value that when nonblank causes AWS DMS to add a column with timestamp information to the endpoint data for an Amazon S3 target.\n\n> AWS DMS supports the `TimestampColumnName` parameter in versions 3.1.4 and later. \n\nAWS DMS includes an additional `STRING` column in the .csv or .parquet object files of your migrated data when you set `TimestampColumnName` to a nonblank value.\n\nFor a full load, each row of this timestamp column contains a timestamp for when the data was transferred from the source to the target by DMS.\n\nFor a change data capture (CDC) load, each row of the timestamp column contains the timestamp for the commit of that row in the source database.\n\nThe string format for this timestamp column value is `yyyy-MM-dd HH:mm:ss.SSSSSS` . By default, the precision of this value is in microseconds. For a CDC load, the rounding of the precision depends on the commit timestamp supported by DMS for the source database.\n\nWhen the `AddColumnName` parameter is set to `true` , DMS also includes a name for the timestamp column that you set with `TimestampColumnName` .", + "title": "TimestampColumnName", + "type": "string" + }, + "UseCsvNoSupValue": { + "markdownDescription": "This setting applies if the S3 output files during a change data capture (CDC) load are written in .csv format. If this setting is set to `true` for columns not included in the supplemental log, AWS DMS uses the value specified by [`CsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CsvNoSupValue) . If this setting isn't set or is set to `false` , AWS DMS uses the null value for these columns.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", + "title": "UseCsvNoSupValue", + "type": "boolean" + }, + "UseTaskStartTimeForFullLoadTimestamp": { + "markdownDescription": "When set to true, this parameter uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when `useTaskStartTimeForFullLoadTimestamp` is set to `true` , each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.\n\nWhen `useTaskStartTimeForFullLoadTimestamp` is set to `false` , the full load timestamp in the timestamp column increments with the time data arrives at the target.", + "title": "UseTaskStartTimeForFullLoadTimestamp", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DMS::Endpoint.SybaseSettings": { + "additionalProperties": false, + "properties": { + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SAP ASE endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the SAP SAE endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DMS::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -68669,28 +75092,59 @@ "Properties": { "additionalProperties": false, "properties": { + "Enabled": { + "markdownDescription": "Indicates whether to activate the subscription. If you don't specify this property, AWS CloudFormation activates the subscription.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of event categories for a source type that you want to subscribe to. If you don't specify this property, you are notified about all event categories. For more information, see [Working with Events and Notifications](https://docs.aws.amazon.com//dms/latest/userguide/CHAP_Events.html) in the *AWS DMS User Guide* .", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers for which AWS DMS provides notification events.\n\nIf you don't specify a value, notifications are provided for all sources.\n\nIf you specify multiple values, they must be of the same type. For example, if you specify a database instance ID, then all of the other values must be database instance IDs.", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of AWS DMS resource that generates the events. For example, if you want to be notified of events generated by a replication instance, you set this parameter to `replication-instance` . If this value isn't specified, all events are returned.\n\n*Valid values* : `replication-instance` | `replication-task`", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the AWS DMS event notification subscription. This name must be less than 255 characters.", + "title": "SubscriptionName", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the carrier gateway.", + "markdownDescription": "One or more tags to be assigned to the event subscription.", "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC associated with the carrier gateway.", - "title": "VpcId", - "type": "string" } }, "required": [ - "VpcId" + "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::CarrierGateway" + "AWS::DMS::EventSubscription" ], "type": "string" }, @@ -68709,7 +75163,7 @@ ], "type": "object" }, - "AWS::EC2::ClientVpnAuthorizationRule": { + "AWS::DMS::InstanceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -68744,41 +75198,68 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessGroupId": { - "markdownDescription": "The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if `AuthorizeAllGroups` is `false` or not specified.", - "title": "AccessGroupId", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where the instance profile runs.", + "title": "AvailabilityZone", "type": "string" }, - "AuthorizeAllGroups": { - "markdownDescription": "Indicates whether to grant access to all clients. Specify `true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.", - "title": "AuthorizeAllGroups", - "type": "boolean" + "Description": { + "markdownDescription": "A description of the instance profile. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", + "title": "Description", + "type": "string" }, - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint.", - "title": "ClientVpnEndpointId", + "InstanceProfileIdentifier": { + "markdownDescription": "The identifier of the instance profile. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "InstanceProfileIdentifier", "type": "string" }, - "Description": { - "markdownDescription": "A brief description of the authorization rule.", - "title": "Description", + "InstanceProfileName": { + "markdownDescription": "The user-friendly name for the instance profile.", + "title": "InstanceProfileName", "type": "string" }, - "TargetNetworkCidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation, of the network for which access is being authorized.", - "title": "TargetNetworkCidr", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.\n\nIf you don't specify a value for the `KmsKeyArn` parameter, then AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyArn", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "Specifies the network type for the instance profile. A value of `IPV4` represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of `IPV6` represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of `DUAL` represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.", + "title": "NetworkType", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies the accessibility options for the instance profile. A value of `true` represents an instance profile with a public IP address. A value of `false` represents an instance profile with a private IP address. The default value is `true` .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "SubnetGroupIdentifier": { + "markdownDescription": "The identifier of the subnet group that is associated with the instance profile.", + "title": "SubnetGroupIdentifier", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security groups that are used with the instance profile. The VPC security group must work with the VPC containing the instance profile.", + "title": "VpcSecurityGroups", + "type": "array" } }, - "required": [ - "ClientVpnEndpointId", - "TargetNetworkCidr" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnAuthorizationRule" + "AWS::DMS::InstanceProfile" ], "type": "string" }, @@ -68792,12 +75273,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint": { + "AWS::DMS::MigrationProject": { "additionalProperties": false, "properties": { "Condition": { @@ -68832,110 +75312,76 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthenticationOptions": { - "items": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest" - }, - "markdownDescription": "Information about the authentication method to be used to authenticate clients.", - "title": "AuthenticationOptions", - "type": "array" + "Description": { + "markdownDescription": "A user-friendly description of the migration project.", + "title": "Description", + "type": "string" }, - "ClientCidrBlock": { - "markdownDescription": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. Client CIDR range must have a size of at least /22 and must not be greater than /12.", - "title": "ClientCidrBlock", + "InstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile for your migration project.", + "title": "InstanceProfileArn", "type": "string" }, - "ClientConnectOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientConnectOptions", - "markdownDescription": "The options for managing connection authorization for new client connections.", - "title": "ClientConnectOptions" + "InstanceProfileIdentifier": { + "markdownDescription": "The identifier of the instance profile for your migration project.", + "title": "InstanceProfileIdentifier", + "type": "string" }, - "ClientLoginBannerOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions", - "markdownDescription": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.", - "title": "ClientLoginBannerOptions" + "InstanceProfileName": { + "markdownDescription": "The name of the associated instance profile.", + "title": "InstanceProfileName", + "type": "string" }, - "ConnectionLogOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions", - "markdownDescription": "Information about the client connection logging options.\n\nIf you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:\n\n- Client connection requests\n- Client connection results (successful and unsuccessful)\n- Reasons for unsuccessful client connection requests\n- Client connection termination time", - "title": "ConnectionLogOptions" + "MigrationProjectIdentifier": { + "markdownDescription": "The identifier of the migration project. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "MigrationProjectIdentifier", + "type": "string" }, - "Description": { - "markdownDescription": "A brief description of the Client VPN endpoint.", - "title": "Description", + "MigrationProjectName": { + "markdownDescription": "The name of the migration project.", + "title": "MigrationProjectName", "type": "string" }, - "DnsServers": { + "SchemaConversionApplicationAttributes": { + "$ref": "#/definitions/AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes", + "markdownDescription": "The schema conversion application attributes, including the Amazon S3 bucket name and Amazon S3 role ARN.", + "title": "SchemaConversionApplicationAttributes" + }, + "SourceDataProviderDescriptors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" }, - "markdownDescription": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.", - "title": "DnsServers", + "markdownDescription": "Information about the source data provider, including the name or ARN, and AWS Secrets Manager parameters.", + "title": "SourceDataProviderDescriptors", "type": "array" }, - "SecurityGroupIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.", - "title": "SecurityGroupIds", + "markdownDescription": "", + "title": "Tags", "type": "array" }, - "SelfServicePortal": { - "markdownDescription": "Specify whether to enable the self-service portal for the Client VPN endpoint.\n\nDefault Value: `enabled`", - "title": "SelfServicePortal", - "type": "string" - }, - "ServerCertificateArn": { - "markdownDescription": "The ARN of the server certificate. For more information, see the [AWS Certificate Manager User Guide](https://docs.aws.amazon.com/acm/latest/userguide/) .", - "title": "ServerCertificateArn", - "type": "string" - }, - "SessionTimeoutHours": { - "markdownDescription": "The maximum VPN session duration time in hours.\n\nValid values: `8 | 10 | 12 | 24`\n\nDefault value: `24`", - "title": "SessionTimeoutHours", - "type": "number" - }, - "SplitTunnel": { - "markdownDescription": "Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.\n\nBy default, split-tunnel on a VPN endpoint is disabled.\n\nFor information about split-tunnel VPN endpoints, see [Split-tunnel AWS Client VPN endpoint](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) in the *AWS Client VPN Administrator Guide* .", - "title": "SplitTunnel", - "type": "boolean" - }, - "TagSpecifications": { + "TargetDataProviderDescriptors": { "items": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.TagSpecification" + "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" }, - "markdownDescription": "The tags to apply to the Client VPN endpoint during creation.", - "title": "TagSpecifications", + "markdownDescription": "Information about the target data provider, including the name or ARN, and AWS Secrets Manager parameters.", + "title": "TargetDataProviderDescriptors", "type": "array" }, - "TransportProtocol": { - "markdownDescription": "The transport protocol to be used by the VPN session.\n\nDefault value: `udp`", - "title": "TransportProtocol", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.", - "title": "VpcId", + "TransformationRules": { + "markdownDescription": "The settings in JSON format for migration rules. Migration rules make it possible for you to change the object names according to the rules that you specify. For example, you can change an object name to lowercase or uppercase, add or remove a prefix or suffix, or rename objects.", + "title": "TransformationRules", "type": "string" - }, - "VpnPort": { - "markdownDescription": "The port number to assign to the Client VPN endpoint for TCP and UDP traffic.\n\nValid Values: `443` | `1194`\n\nDefault Value: `443`", - "title": "VpnPort", - "type": "number" } }, - "required": [ - "AuthenticationOptions", - "ClientCidrBlock", - "ConnectionLogOptions", - "ServerCertificateArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnEndpoint" + "AWS::DMS::MigrationProject" ], "type": "string" }, @@ -68949,173 +75395,235 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest": { + "AWS::DMS::MigrationProject.DataProviderDescriptor": { "additionalProperties": false, "properties": { - "ClientRootCertificateChainArn": { - "markdownDescription": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).", - "title": "ClientRootCertificateChainArn", + "DataProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data provider.", + "title": "DataProviderArn", + "type": "string" + }, + "DataProviderIdentifier": { + "markdownDescription": "", + "title": "DataProviderIdentifier", + "type": "string" + }, + "DataProviderName": { + "markdownDescription": "The user-friendly name of the data provider.", + "title": "DataProviderName", + "type": "string" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The ARN of the role used to access AWS Secrets Manager.", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider.", + "title": "SecretsManagerSecretId", "type": "string" } }, - "required": [ - "ClientRootCertificateChainArn" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest": { + "AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes": { "additionalProperties": false, "properties": { - "ActiveDirectory": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest", - "markdownDescription": "Information about the Active Directory to be used, if applicable. You must provide this information if *Type* is `directory-service-authentication` .", - "title": "ActiveDirectory" - }, - "FederatedAuthentication": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest", - "markdownDescription": "Information about the IAM SAML identity provider, if applicable.", - "title": "FederatedAuthentication" - }, - "MutualAuthentication": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest", - "markdownDescription": "Information about the authentication certificates to be used, if applicable. You must provide this information if *Type* is `certificate-authentication` .", - "title": "MutualAuthentication" + "S3BucketPath": { + "markdownDescription": "", + "title": "S3BucketPath", + "type": "string" }, - "Type": { - "markdownDescription": "The type of client authentication to be used.", - "title": "Type", + "S3BucketRoleArn": { + "markdownDescription": "", + "title": "S3BucketRoleArn", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.ClientConnectOptions": { + "AWS::DMS::ReplicationConfig": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether client connect options are enabled. The default is `false` (not enabled).", - "title": "Enabled", - "type": "boolean" + "Condition": { + "type": "string" }, - "LambdaFunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function used for connection authorization.", - "title": "LambdaFunctionArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions": { - "additionalProperties": false, - "properties": { - "BannerText": { - "markdownDescription": "Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.", - "title": "BannerText", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig", + "markdownDescription": "Configuration parameters for provisioning an AWS DMS Serverless replication.", + "title": "ComputeConfig" + }, + "ReplicationConfigIdentifier": { + "markdownDescription": "A unique identifier that you want to use to create a `ReplicationConfigArn` that is returned as part of the output from this action. You can then pass this output `ReplicationConfigArn` as the value of the `ReplicationConfigArn` option for other actions to identify both AWS DMS Serverless replications and replication configurations that you want those actions to operate on. For some actions, you can also use either this unique identifier or a corresponding ARN in action filters to identify the specific replication and replication configuration to operate on.", + "title": "ReplicationConfigIdentifier", + "type": "string" + }, + "ReplicationSettings": { + "markdownDescription": "Optional JSON settings for AWS DMS Serverless replications that are provisioned using this replication configuration. For example, see [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html) .", + "title": "ReplicationSettings", + "type": "object" + }, + "ReplicationType": { + "markdownDescription": "The type of AWS DMS Serverless replication to provision using this replication configuration.\n\nPossible values:\n\n- `\"full-load\"`\n- `\"cdc\"`\n- `\"full-load-and-cdc\"`", + "title": "ReplicationType", + "type": "string" + }, + "ResourceIdentifier": { + "markdownDescription": "Optional unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess) .", + "title": "ResourceIdentifier", + "type": "string" + }, + "SourceEndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration.", + "title": "SourceEndpointArn", + "type": "string" + }, + "SupplementalSettings": { + "markdownDescription": "Optional JSON settings for specifying supplemental data. For more information, see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) .", + "title": "SupplementalSettings", + "type": "object" + }, + "TableMappings": { + "markdownDescription": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration. For more information, see [Specifying table selection and transformations rules using JSON](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.SelectionTransformation.html) .", + "title": "TableMappings", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more optional tags associated with resources used by the AWS DMS Serverless replication. For more information, see [Tagging resources in AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tagging.html) .", + "title": "Tags", + "type": "array" + }, + "TargetEndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS serverless replication configuration.", + "title": "TargetEndpointArn", + "type": "string" + } + }, + "required": [ + "ComputeConfig", + "ReplicationConfigIdentifier", + "ReplicationType", + "SourceEndpointArn", + "TableMappings", + "TargetEndpointArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DMS::ReplicationConfig" + ], "type": "string" }, - "Enabled": { - "markdownDescription": "Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n\nValid values: `true | false`\n\nDefault value: `false`", - "title": "Enabled", - "type": "boolean" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Enabled" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions": { + "AWS::DMS::ReplicationConfig.ComputeConfig": { "additionalProperties": false, "properties": { - "CloudwatchLogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group. Required if connection logging is enabled.", - "title": "CloudwatchLogGroup", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `\"us-west-2\"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` .", + "title": "AvailabilityZone", "type": "string" }, - "CloudwatchLogStream": { - "markdownDescription": "The name of the CloudWatch Logs log stream to which the connection data is published.", - "title": "CloudwatchLogStream", + "DnsNameServers": { + "markdownDescription": "A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", + "title": "DnsNameServers", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether connection logging is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest": { - "additionalProperties": false, - "properties": { - "DirectoryId": { - "markdownDescription": "The ID of the Active Directory to be used for authentication.", - "title": "DirectoryId", - "type": "string" - } - }, - "required": [ - "DirectoryId" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest": { - "additionalProperties": false, - "properties": { - "SAMLProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider.", - "title": "SAMLProviderArn", + "KmsKeyId": { + "markdownDescription": "An AWS Key Management Service ( AWS KMS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", "type": "string" }, - "SelfServiceSAMLProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.", - "title": "SelfServiceSAMLProviderArn", + "MaxCapacityUnits": { + "markdownDescription": "Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify.", + "title": "MaxCapacityUnits", + "type": "number" + }, + "MinCapacityUnits": { + "markdownDescription": "Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` .", + "title": "MinCapacityUnits", + "type": "number" + }, + "MultiAZ": { + "markdownDescription": "Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` .", + "title": "MultiAZ", + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` .\n\nThe default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` .\n\nConstraints include a minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" - } - }, - "required": [ - "SAMLProviderArn" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. To tag a Client VPN endpoint, `ResourceType` must be `client-vpn-endpoint` .", - "title": "ResourceType", + }, + "ReplicationSubnetGroupId": { + "markdownDescription": "Specifies a subnet group identifier to associate with the AWS DMS Serverless replication.", + "title": "ReplicationSubnetGroupId", "type": "string" }, - "Tags": { + "VpcSecurityGroupIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", + "markdownDescription": "Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication.", + "title": "VpcSecurityGroupIds", "type": "array" } }, "required": [ - "ResourceType", - "Tags" + "MaxCapacityUnits" ], "type": "object" }, - "AWS::EC2::ClientVpnRoute": { + "AWS::DMS::ReplicationInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -69150,37 +75658,106 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint to which to add the route.", - "title": "ClientVpnEndpointId", + "AllocatedStorage": { + "markdownDescription": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.", + "title": "AllocatedStorage", + "type": "number" + }, + "AllowMajorVersionUpgrade": { + "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage, and the change is asynchronously applied as soon as possible.\n\nThis parameter must be set to `true` when specifying a value for the `EngineVersion` parameter that is a different major version than the replication instance's current version.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the replication instance during the maintenance window. This parameter defaults to `true` .\n\nDefault: `true`", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone that the replication instance will be created in.\n\nThe default value is a random, system-chosen Availability Zone in the endpoint's AWS Region , for example `us-east-1d` .", + "title": "AvailabilityZone", "type": "string" }, - "Description": { - "markdownDescription": "A brief description of the route.", - "title": "Description", + "DnsNameServers": { + "markdownDescription": "A list of custom DNS name servers supported for the replication instance to access your on-premise source or target database. This list overrides the default name servers supported by the replication instance. You can specify a comma-separated list of internet addresses for up to four on-premise DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", + "title": "DnsNameServers", "type": "string" }, - "DestinationCidrBlock": { - "markdownDescription": "The IPv4 address range, in CIDR notation, of the route destination. For example:\n\n- To add a route for Internet access, enter `0.0.0.0/0`\n- To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range\n- To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range\n- To add a route for the local network, enter the client CIDR range", - "title": "DestinationCidrBlock", + "EngineVersion": { + "markdownDescription": "The engine version number of the replication instance.\n\nIf an engine version number is not specified when a replication instance is created, the default is the latest engine version available.", + "title": "EngineVersion", "type": "string" }, - "TargetVpcSubnetId": { - "markdownDescription": "The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.\n\nAlternatively, if you're adding a route for the local network, specify `local` .", - "title": "TargetVpcSubnetId", + "KmsKeyId": { + "markdownDescription": "An AWS KMS key identifier that is used to encrypt the data on the replication instance.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "Specifies whether the replication instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the Multi-AZ parameter is set to `true` .", + "title": "MultiAZ", + "type": "boolean" + }, + "NetworkType": { + "markdownDescription": "The type of IP address protocol used by a replication instance, such as IPv4 only or Dual-stack that supports both IPv4 and IPv6 addressing. IPv6 only is not yet supported.", + "title": "NetworkType", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in UTC.\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : A 30-minute window selected at random from an 8-hour block of time per AWS Region , occurring on a random day of the week.\n\n*Valid days* ( `ddd` ): `Mon` | `Tue` | `Wed` | `Thu` | `Fri` | `Sat` | `Sun`\n\n*Constraints* : Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies the accessibility options for the replication instance. A value of `true` represents an instance with a public IP address. A value of `false` represents an instance with a private IP address. The default value is `true` .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicationInstanceClass": { + "markdownDescription": "The compute and memory capacity of the replication instance as defined for the specified replication instance class. For example, to specify the instance class dms.c4.large, set this parameter to `\"dms.c4.large\"` . For more information on the settings and capacities for the available replication instance classes, see [Selecting the right AWS DMS replication instance for your migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.html#CHAP_ReplicationInstance.InDepth) in the *AWS Database Migration Service User Guide* .", + "title": "ReplicationInstanceClass", + "type": "string" + }, + "ReplicationInstanceIdentifier": { + "markdownDescription": "The replication instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain 1-63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `myrepinstance`", + "title": "ReplicationInstanceIdentifier", + "type": "string" + }, + "ReplicationSubnetGroupIdentifier": { + "markdownDescription": "A subnet group to associate with the replication instance.", + "title": "ReplicationSubnetGroupIdentifier", + "type": "string" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` . For example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the replication instance.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the virtual private cloud (VPC) security group to be used with the replication instance. The VPC security group must work with the VPC containing the replication instance.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, "required": [ - "ClientVpnEndpointId", - "DestinationCidrBlock", - "TargetVpcSubnetId" + "ReplicationInstanceClass" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnRoute" + "AWS::DMS::ReplicationInstance" ], "type": "string" }, @@ -69199,7 +75776,7 @@ ], "type": "object" }, - "AWS::EC2::ClientVpnTargetNetworkAssociation": { + "AWS::DMS::ReplicationSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -69234,26 +75811,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint.", - "title": "ClientVpnEndpointId", + "ReplicationSubnetGroupDescription": { + "markdownDescription": "The description for the subnet group.", + "title": "ReplicationSubnetGroupDescription", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to associate with the Client VPN endpoint.", - "title": "SubnetId", + "ReplicationSubnetGroupIdentifier": { + "markdownDescription": "The identifier for the replication subnet group. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the identifier.", + "title": "ReplicationSubnetGroupIdentifier", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more subnet IDs to be assigned to the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the subnet group.", + "title": "Tags", + "type": "array" } }, "required": [ - "ClientVpnEndpointId", - "SubnetId" + "ReplicationSubnetGroupDescription", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnTargetNetworkAssociation" + "AWS::DMS::ReplicationSubnetGroup" ], "type": "string" }, @@ -69272,7 +75865,7 @@ ], "type": "object" }, - "AWS::EC2::CustomerGateway": { + "AWS::DMS::ReplicationTask": { "additionalProperties": false, "properties": { "Condition": { @@ -69307,49 +75900,87 @@ "Properties": { "additionalProperties": false, "properties": { - "BgpAsn": { - "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nDefault: 65000\n\nValid values: `1` to `2,147,483,647`", - "title": "BgpAsn", + "CdcStartPosition": { + "markdownDescription": "Indicates when you want a change data capture (CDC) operation to start. Use either `CdcStartPosition` or `CdcStartTime` to specify when you want a CDC operation to start. Specifying both values results in an error.\n\nThe value can be in date, checkpoint, log sequence number (LSN), or system change number (SCN) format.\n\nHere is a date example: `--cdc-start-position \"2018-03-08T12:12:12\"`\n\nHere is a checkpoint example: `--cdc-start-position \"checkpoint:V1#27#mysql-bin-changelog.157832:1975:-1:2002:677883278264080:mysql-bin-changelog.157832:1876#0#0#*#0#93\"`\n\nHere is an LSN example: `--cdc-start-position \u201cmysql-bin-changelog.000024:373\u201d`\n\n> When you use this task setting with a source PostgreSQL database, a logical replication slot should already be created and associated with the source endpoint. You can verify this by setting the `slotName` extra connection attribute to the name of this logical replication slot. For more information, see [Extra Connection Attributes When Using PostgreSQL as a Source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "CdcStartPosition", + "type": "string" + }, + "CdcStartTime": { + "markdownDescription": "Indicates the start time for a change data capture (CDC) operation.", + "title": "CdcStartTime", "type": "number" }, - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the customer gateway certificate.", - "title": "CertificateArn", + "CdcStopPosition": { + "markdownDescription": "Indicates when you want a change data capture (CDC) operation to stop. The value can be either server time or commit time.\n\nHere is a server time example: `--cdc-stop-position \"server_time:2018-02-09T12:12:12\"`\n\nHere is a commit time example: `--cdc-stop-position \"commit_time: 2018-02-09T12:12:12\"`", + "title": "CdcStopPosition", "type": "string" }, - "DeviceName": { - "markdownDescription": "The name of customer gateway device.", - "title": "DeviceName", + "MigrationType": { + "markdownDescription": "The migration type. Valid values: `full-load` | `cdc` | `full-load-and-cdc`", + "title": "MigrationType", "type": "string" }, - "IpAddress": { - "markdownDescription": "The IP address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `Ipv6` , you can use an IPv6 address.", - "title": "IpAddress", + "ReplicationInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a replication instance.", + "title": "ReplicationInstanceArn", + "type": "string" + }, + "ReplicationTaskIdentifier": { + "markdownDescription": "An identifier for the replication task.\n\nConstraints:\n\n- Must contain 1-255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ReplicationTaskIdentifier", + "type": "string" + }, + "ReplicationTaskSettings": { + "markdownDescription": "Overall settings for the task, in JSON format. For more information, see [Specifying Task Settings for AWS Database Migration Service Tasks](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html) in the *AWS Database Migration Service User Guide* .", + "title": "ReplicationTaskSettings", + "type": "string" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", + "type": "string" + }, + "SourceEndpointArn": { + "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the source endpoint.", + "title": "SourceEndpointArn", + "type": "string" + }, + "TableMappings": { + "markdownDescription": "The table mappings for the task, in JSON format. For more information, see [Using Table Mapping to Specify Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html) in the *AWS Database Migration Service User Guide* .", + "title": "TableMappings", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags for the customer gateway.", + "markdownDescription": "One or more tags to be assigned to the replication task.", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "The type of VPN connection that this customer gateway supports ( `ipsec.1` ).", - "title": "Type", + "TargetEndpointArn": { + "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the target endpoint.", + "title": "TargetEndpointArn", + "type": "string" + }, + "TaskData": { + "markdownDescription": "Supplemental information that the task requires to migrate the data for certain source and target endpoints. For more information, see [Specifying Supplemental Data for Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) in the *AWS Database Migration Service User Guide.*", + "title": "TaskData", "type": "string" } }, "required": [ - "IpAddress", - "Type" + "MigrationType", + "ReplicationInstanceArn", + "SourceEndpointArn", + "TableMappings", + "TargetEndpointArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::CustomerGateway" + "AWS::DMS::ReplicationTask" ], "type": "string" }, @@ -69368,7 +75999,7 @@ ], "type": "object" }, - "AWS::EC2::DHCPOptions": { + "AWS::DSQL::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -69403,50 +76034,26 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "This value is used to complete unqualified DNS hostnames. If you're using AmazonProvidedDNS in `us-east-1` , specify `ec2.internal` . If you're using AmazonProvidedDNS in another Region, specify *region* . `compute.internal` (for example, `ap-northeast-1.compute.internal` ). Otherwise, specify a domain name (for example, *MyCompany.com* ).", - "title": "DomainName", - "type": "string" - }, - "DomainNameServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four domain name servers, or `AmazonProvidedDNS` . The default is `AmazonProvidedDNS` . To have your instance receive a custom DNS hostname as specified in `DomainName` , you must set this property to a custom DNS server.", - "title": "DomainNameServers", - "type": "array" - }, - "Ipv6AddressPreferredLeaseTime": { - "markdownDescription": "A value (in seconds, minutes, hours, or years) for how frequently a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 seconds (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.", - "title": "Ipv6AddressPreferredLeaseTime", - "type": "number" - }, - "NetbiosNameServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four NetBIOS name servers.", - "title": "NetbiosNameServers", - "type": "array" + "DeletionProtectionEnabled": { + "markdownDescription": "Whether deletion protection is enabled on this cluster.", + "title": "DeletionProtectionEnabled", + "type": "boolean" }, - "NetbiosNodeType": { - "markdownDescription": "The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported).", - "title": "NetbiosNodeType", - "type": "number" + "KmsEncryptionKey": { + "markdownDescription": "", + "title": "KmsEncryptionKey", + "type": "string" }, - "NtpServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers.", - "title": "NtpServers", - "type": "array" + "MultiRegionProperties": { + "$ref": "#/definitions/AWS::DSQL::Cluster.MultiRegionProperties", + "markdownDescription": "Defines the structure for multi-Region cluster configurations, containing the witness Region and peered cluster settings.", + "title": "MultiRegionProperties" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the DHCP options set.", + "markdownDescription": "A map of key and value pairs this cluster is tagged with.", "title": "Tags", "type": "array" } @@ -69455,7 +76062,7 @@ }, "Type": { "enum": [ - "AWS::EC2::DHCPOptions" + "AWS::DSQL::Cluster" ], "type": "string" }, @@ -69473,7 +76080,47 @@ ], "type": "object" }, - "AWS::EC2::EC2Fleet": { + "AWS::DSQL::Cluster.EncryptionDetails": { + "additionalProperties": false, + "properties": { + "EncryptionStatus": { + "markdownDescription": "The status of encryption for the cluster.", + "title": "EncryptionStatus", + "type": "string" + }, + "EncryptionType": { + "markdownDescription": "The type of encryption that protects the data on your cluster.", + "title": "EncryptionType", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS KMS key that encrypts data in the cluster.", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DSQL::Cluster.MultiRegionProperties": { + "additionalProperties": false, + "properties": { + "Clusters": { + "items": { + "type": "string" + }, + "markdownDescription": "The set of peered clusters that form the multi-Region cluster configuration. Each peered cluster represents a database instance in a different Region.", + "title": "Clusters", + "type": "array" + }, + "WitnessRegion": { + "markdownDescription": "The Region that serves as the witness Region for a multi-Region cluster. The witness Region helps maintain cluster consistency and quorum.", + "title": "WitnessRegion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -69508,82 +76155,54 @@ "Properties": { "additionalProperties": false, "properties": { - "Context": { - "markdownDescription": "Reserved.", - "title": "Context", + "Format": { + "markdownDescription": "The file format of a dataset that is created from an Amazon S3 file or folder.", + "title": "Format", "type": "string" }, - "ExcessCapacityTerminationPolicy": { - "markdownDescription": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` .", - "title": "ExcessCapacityTerminationPolicy", - "type": "string" + "FormatOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FormatOptions", + "markdownDescription": "A set of options that define how DataBrew interprets the data in the dataset.", + "title": "FormatOptions" }, - "LaunchTemplateConfigs": { - "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest" - }, - "markdownDescription": "The configuration for the EC2 Fleet.", - "title": "LaunchTemplateConfigs", - "type": "array" + "Input": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.Input", + "markdownDescription": "Information on how DataBrew can find the dataset, in either the AWS Glue Data Catalog or Amazon S3 .", + "title": "Input" }, - "OnDemandOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.OnDemandOptionsRequest", - "markdownDescription": "Describes the configuration of On-Demand Instances in an EC2 Fleet.", - "title": "OnDemandOptions" + "Name": { + "markdownDescription": "The unique name of the dataset.", + "title": "Name", + "type": "string" }, - "ReplaceUnhealthyInstances": { - "markdownDescription": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* .", - "title": "ReplaceUnhealthyInstances", - "type": "boolean" + "PathOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.PathOptions", + "markdownDescription": "A set of options that defines how DataBrew interprets an Amazon S3 path of the dataset.", + "title": "PathOptions" }, - "SpotOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", - "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", - "title": "SpotOptions" + "Source": { + "markdownDescription": "The location of the data for the dataset, either Amazon S3 or the AWS Glue Data Catalog .", + "title": "Source", + "type": "string" }, - "TagSpecifications": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TagSpecification" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) .", - "title": "TagSpecifications", + "markdownDescription": "Metadata tags that have been applied to the dataset.", + "title": "Tags", "type": "array" - }, - "TargetCapacitySpecification": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest", - "markdownDescription": "The number of units to request.", - "title": "TargetCapacitySpecification" - }, - "TerminateInstancesWithExpiration": { - "markdownDescription": "Indicates whether running instances should be terminated when the EC2 Fleet expires.", - "title": "TerminateInstancesWithExpiration", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* .", - "title": "Type", - "type": "string" - }, - "ValidFrom": { - "markdownDescription": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately.", - "title": "ValidFrom", - "type": "string" - }, - "ValidUntil": { - "markdownDescription": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.", - "title": "ValidUntil", - "type": "string" } }, "required": [ - "LaunchTemplateConfigs", - "TargetCapacitySpecification" + "Input", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EC2Fleet" + "AWS::DataBrew::Dataset" ], "type": "string" }, @@ -69602,609 +76221,368 @@ ], "type": "object" }, - "AWS::EC2::EC2Fleet.AcceleratorCountRequest": { + "AWS::DataBrew::Dataset.CsvOptions": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" + "Delimiter": { + "markdownDescription": "A single character that specifies the delimiter being used in the CSV file.", + "title": "Delimiter", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "HeaderRow": { + "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", + "title": "HeaderRow", + "type": "boolean" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest": { + "AWS::DataBrew::Dataset.DataCatalogInputDefinition": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.CapacityRebalance": { - "additionalProperties": false, - "properties": { - "ReplacementStrategy": { - "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", - "title": "ReplacementStrategy", + "TableName": { + "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", + "title": "TableName", "type": "string" }, - "TerminationDelay": { - "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", - "title": "TerminationDelay", - "type": "number" + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", + "title": "TempDirectory" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest": { + "AWS::DataBrew::Dataset.DatabaseInputDefinition": { "additionalProperties": false, "properties": { - "UsageStrategy": { - "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ).\n\nIf you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.", - "title": "UsageStrategy", + "DatabaseTableName": { + "markdownDescription": "The table within the target database.", + "title": "DatabaseTableName", "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest": { - "additionalProperties": false, - "properties": { - "LaunchTemplateSpecification": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest", - "markdownDescription": "The launch template to use. You must specify either the launch template ID or launch template name in the request.", - "title": "LaunchTemplateSpecification" }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest" - }, - "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.\n\nFor fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates.", - "title": "Overrides", - "type": "array" + "GlueConnectionName": { + "markdownDescription": "The AWS Glue Connection that stores the connection information for the target database.", + "title": "GlueConnectionName", + "type": "string" + }, + "QueryString": { + "markdownDescription": "Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs.", + "title": "QueryString", + "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", + "title": "TempDirectory" } }, + "required": [ + "GlueConnectionName" + ], "type": "object" }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest": { + "AWS::DataBrew::Dataset.DatasetParameter": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to launch the instances.", - "title": "AvailabilityZone", - "type": "string" + "CreateColumn": { + "markdownDescription": "Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset.", + "title": "CreateColumn", + "type": "boolean" }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.InstanceRequirementsRequest", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" + "DatetimeOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatetimeOptions", + "markdownDescription": "Additional parameter options such as a format and a timezone. Required for datetime parameters.", + "title": "DatetimeOptions" }, - "InstanceType": { - "markdownDescription": "The instance type.\n\n`mac1.metal` is not supported as a launch template override.\n\n> If you specify `InstanceType` , you can't specify `InstanceRequirements` .", - "title": "InstanceType", - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", + "markdownDescription": "The optional filter expression structure to apply additional matching criteria to the parameter.", + "title": "Filter" }, - "MaxPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.\n> \n> If you specify a maximum price, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message.", - "title": "MaxPrice", + "Name": { + "markdownDescription": "The name of the parameter that is used in the dataset's Amazon S3 path.", + "title": "Name", "type": "string" }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.Placement", - "markdownDescription": "The location where the instance launched, if applicable.", - "title": "Placement" - }, - "Priority": { - "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", - "title": "Priority", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID.", - "title": "SubnetId", + "Type": { + "markdownDescription": "The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'.", + "title": "Type", "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" } }, + "required": [ + "Name", + "Type" + ], "type": "object" }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest": { + "AWS::DataBrew::Dataset.DatetimeOptions": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", - "title": "LaunchTemplateId", + "Format": { + "markdownDescription": "Required option, that defines the datetime format used for a date parameter in the Amazon S3 path. Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. \"MM.dd.yyyy-'at'-HH:mm\".", + "title": "Format", "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", - "title": "LaunchTemplateName", + "LocaleCode": { + "markdownDescription": "Optional value for a non-US locale code, needed for correct interpretation of some date formats.", + "title": "LocaleCode", "type": "string" }, - "Version": { - "markdownDescription": "The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails.\n\nIf the value is `$Latest` , Amazon EC2 uses the latest version of the launch template.\n\nIf the value is `$Default` , Amazon EC2 uses the default version of the launch template.", - "title": "Version", + "TimezoneOffset": { + "markdownDescription": "Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path. Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed.", + "title": "TimezoneOffset", "type": "string" } }, "required": [ - "Version" + "Format" ], "type": "object" }, - "AWS::EC2::EC2Fleet.InstanceRequirementsRequest": { + "AWS::DataBrew::Dataset.ExcelOptions": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorCountRequest", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" - }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" + "HeaderRow": { + "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", + "title": "HeaderRow", + "type": "boolean" }, - "AcceleratorTypes": { + "SheetIndexes": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", + "markdownDescription": "One or more sheet numbers in the Excel file that will be included in the dataset.", + "title": "SheetIndexes", "type": "array" }, - "AllowedInstanceTypes": { + "SheetNames": { "items": { "type": "string" }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", + "markdownDescription": "One or more named sheets in the Excel file that will be included in the dataset.", + "title": "SheetNames", "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.FilesLimit": { + "additionalProperties": false, + "properties": { + "MaxFiles": { + "markdownDescription": "The number of Amazon S3 files to select.", + "title": "MaxFiles", + "type": "number" }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", - "type": "string" - }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" - }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", + "Order": { + "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING.", + "title": "Order", "type": "string" }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" - }, - "InstanceGenerations": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", - "type": "array" - }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", + "OrderedBy": { + "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value.", + "title": "OrderedBy", "type": "string" - }, - "LocalStorageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", - "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest", - "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.VCpuCountRangeRequest", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" } }, + "required": [ + "MaxFiles" + ], "type": "object" }, - "AWS::EC2::EC2Fleet.MaintenanceStrategies": { + "AWS::DataBrew::Dataset.FilterExpression": { "additionalProperties": false, "properties": { - "CapacityRebalance": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityRebalance", - "markdownDescription": "The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.", - "title": "CapacityRebalance" + "Expression": { + "markdownDescription": "The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions. For example, \"(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)\". Substitution variables should start with ':' symbol.", + "title": "Expression", + "type": "string" + }, + "ValuesMap": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterValue" + }, + "markdownDescription": "The map of substitution variable names to their values used in this filter expression.", + "title": "ValuesMap", + "type": "array" } }, + "required": [ + "Expression", + "ValuesMap" + ], "type": "object" }, - "AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest": { + "AWS::DataBrew::Dataset.FilterValue": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Value": { + "markdownDescription": "The value to be associated with the substitution variable.", + "title": "Value", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "ValueReference": { + "markdownDescription": "The substitution variable reference.", + "title": "ValueReference", + "type": "string" } }, + "required": [ + "Value", + "ValueReference" + ], "type": "object" }, - "AWS::EC2::EC2Fleet.MemoryMiBRequest": { + "AWS::DataBrew::Dataset.FormatOptions": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Csv": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.CsvOptions", + "markdownDescription": "Options that define how CSV input is to be interpreted by DataBrew.", + "title": "Csv" }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" + "Excel": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.ExcelOptions", + "markdownDescription": "Options that define how Excel input is to be interpreted by DataBrew.", + "title": "Excel" + }, + "Json": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.JsonOptions", + "markdownDescription": "Options that define how JSON input is to be interpreted by DataBrew.", + "title": "Json" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest": { + "AWS::DataBrew::Dataset.Input": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.OnDemandOptionsRequest": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity.\n\n`lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first.\n\n`prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first.\n\nDefault: `lowest-price`", - "title": "AllocationStrategy", - "type": "string" - }, - "CapacityReservationOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest", - "markdownDescription": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.\n\nSupported only for fleets of type `instant` .", - "title": "CapacityReservationOptions" - }, - "MaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "MaxTotalPrice", - "type": "string" + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" }, - "MinTargetCapacity": { - "markdownDescription": "The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", - "title": "MinTargetCapacity", - "type": "number" + "DatabaseInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatabaseInputDefinition", + "markdownDescription": "Connection information for dataset input files stored in a database.", + "title": "DatabaseInputDefinition" }, - "SingleAvailabilityZone": { - "markdownDescription": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", - "title": "SingleAvailabilityZone", - "type": "boolean" + "Metadata": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.Metadata", + "markdownDescription": "Contains additional resource information needed for specific datasets.", + "title": "Metadata" }, - "SingleInstanceType": { - "markdownDescription": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.\n\nSupported only for fleets of type `instant` .", - "title": "SingleInstanceType", - "type": "boolean" + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.Placement": { + "AWS::DataBrew::Dataset.JsonOptions": { "additionalProperties": false, "properties": { - "Affinity": { - "markdownDescription": "The affinity setting for the instance on the Dedicated Host.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupName": { - "markdownDescription": "The name of the placement group that the instance is in. If you specify `GroupName` , you can't specify `GroupId` .", - "title": "GroupName", - "type": "string" - }, - "HostId": { - "markdownDescription": "The ID of the Dedicated Host on which the instance resides.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", - "title": "HostId", - "type": "string" - }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances.\n\nIf you specify this parameter, either omit the *Tenancy* parameter or set it to `host` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "HostResourceGroupArn", - "type": "string" - }, - "PartitionNumber": { - "markdownDescription": "The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "PartitionNumber", - "type": "number" - }, - "SpreadDomain": { - "markdownDescription": "Reserved for future use.", - "title": "SpreadDomain", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option.", - "title": "Tenancy", - "type": "string" + "MultiLine": { + "markdownDescription": "A value that specifies whether JSON input contains embedded new line characters.", + "title": "MultiLine", + "type": "boolean" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.SpotOptionsRequest": { + "AWS::DataBrew::Dataset.Metadata": { "additionalProperties": false, "properties": { - "AllocationStrategy": { - "markdownDescription": "Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.\n\nIf the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.\n\nIf the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify.\n\nIf the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity.\n\n*Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized`", - "title": "AllocationStrategy", - "type": "string" - }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted.\n\nDefault: `terminate`", - "title": "InstanceInterruptionBehavior", - "type": "string" - }, - "InstancePoolsToUseCount": { - "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", - "title": "InstancePoolsToUseCount", - "type": "number" - }, - "MaintenanceStrategies": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MaintenanceStrategies", - "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", - "title": "MaintenanceStrategies" - }, - "MaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "MaxTotalPrice", + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) associated with the dataset. Currently, DataBrew only supports ARNs from Amazon AppFlow.", + "title": "SourceArn", "type": "string" - }, - "MinTargetCapacity": { - "markdownDescription": "The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", - "title": "MinTargetCapacity", - "type": "number" - }, - "SingleAvailabilityZone": { - "markdownDescription": "Indicates that the fleet launches all Spot Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", - "title": "SingleAvailabilityZone", - "type": "boolean" - }, - "SingleInstanceType": { - "markdownDescription": "Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.\n\nSupported only for fleets of type `instant` .", - "title": "SingleInstanceType", - "type": "boolean" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.TagSpecification": { + "AWS::DataBrew::Dataset.PathOptions": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag.", - "title": "ResourceType", - "type": "string" + "FilesLimit": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilesLimit", + "markdownDescription": "If provided, this structure imposes a limit on a number of files that should be selected.", + "title": "FilesLimit" }, - "Tags": { + "LastModifiedDateCondition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", + "markdownDescription": "If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 .", + "title": "LastModifiedDateCondition" + }, + "Parameters": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataBrew::Dataset.PathParameter" }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", + "markdownDescription": "A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions.", + "title": "Parameters", "type": "array" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest": { + "AWS::DataBrew::Dataset.PathParameter": { "additionalProperties": false, "properties": { - "DefaultTargetCapacityType": { - "markdownDescription": "The default target capacity type.", - "title": "DefaultTargetCapacityType", - "type": "string" - }, - "OnDemandTargetCapacity": { - "markdownDescription": "The number of On-Demand units to request.", - "title": "OnDemandTargetCapacity", - "type": "number" - }, - "SpotTargetCapacity": { - "markdownDescription": "The number of Spot units to request.", - "title": "SpotTargetCapacity", - "type": "number" + "DatasetParameter": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatasetParameter", + "markdownDescription": "The path parameter definition.", + "title": "DatasetParameter" }, - "TargetCapacityUnitType": { - "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection.\n\nDefault: `units` (the number of instances)", - "title": "TargetCapacityUnitType", + "PathParameterName": { + "markdownDescription": "The name of the path parameter.", + "title": "PathParameterName", "type": "string" - }, - "TotalTargetCapacity": { - "markdownDescription": "The number of units to request, filled using the default target capacity type.", - "title": "TotalTargetCapacity", - "type": "number" } }, "required": [ - "TotalTargetCapacity" + "DatasetParameter", + "PathParameterName" ], "type": "object" }, - "AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest": { + "AWS::DataBrew::Dataset.S3Location": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.VCpuCountRangeRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "BucketOwner": { + "markdownDescription": "The AWS account ID of the bucket owner.", + "title": "BucketOwner", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" } }, + "required": [ + "Bucket" + ], "type": "object" }, - "AWS::EC2::EIP": { + "AWS::DataBrew::Job": { "additionalProperties": false, "properties": { "Condition": { @@ -70239,45 +76617,132 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The network ( `vpc` ).\n\nIf you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource.", - "title": "Domain", + "DataCatalogOutputs": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.DataCatalogOutput" + }, + "markdownDescription": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.", + "title": "DataCatalogOutputs", + "type": "array" + }, + "DatabaseOutputs": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseOutput" + }, + "markdownDescription": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.", + "title": "DatabaseOutputs", + "type": "array" + }, + "DatasetName": { + "markdownDescription": "A dataset that the job is to process.", + "title": "DatasetName", "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of the instance.\n\n> Updates to the `InstanceId` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", - "title": "InstanceId", + "EncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key that is used to protect the job output. For more information, see [Encrypting data written by DataBrew jobs](https://docs.aws.amazon.com/databrew/latest/dg/encryption-security-configuration.html)", + "title": "EncryptionKeyArn", "type": "string" }, - "NetworkBorderGroup": { - "markdownDescription": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n\nUse [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups.", - "title": "NetworkBorderGroup", + "EncryptionMode": { + "markdownDescription": "The encryption mode for the job, which can be one of the following:\n\n- `SSE-KMS` - Server-side encryption with keys managed by AWS KMS .\n- `SSE-S3` - Server-side encryption with keys managed by Amazon S3.", + "title": "EncryptionMode", "type": "string" }, - "PublicIpv4Pool": { - "markdownDescription": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n\n> Updates to the `PublicIpv4Pool` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", - "title": "PublicIpv4Pool", + "JobSample": { + "$ref": "#/definitions/AWS::DataBrew::Job.JobSample", + "markdownDescription": "A sample configuration for profile jobs only, which determines the number of rows on which the profile job is run. If a `JobSample` value isn't provided, the default value is used. The default value is CUSTOM_ROWS for the mode parameter and 20,000 for the size parameter.", + "title": "JobSample" + }, + "LogSubscription": { + "markdownDescription": "The current status of Amazon CloudWatch logging for the job.", + "title": "LogSubscription", + "type": "string" + }, + "MaxCapacity": { + "markdownDescription": "The maximum number of nodes that can be consumed when the job processes data.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry the job after a job run fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "The unique name of the job.", + "title": "Name", + "type": "string" + }, + "OutputLocation": { + "$ref": "#/definitions/AWS::DataBrew::Job.OutputLocation", + "markdownDescription": "The location in Amazon S3 where the job writes its output.", + "title": "OutputLocation" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.Output" + }, + "markdownDescription": "One or more artifacts that represent output from running the job.", + "title": "Outputs", + "type": "array" + }, + "ProfileConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.ProfileConfiguration", + "markdownDescription": "Configuration for profile jobs. Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.", + "title": "ProfileConfiguration" + }, + "ProjectName": { + "markdownDescription": "The name of the project that the job is associated with.", + "title": "ProjectName", + "type": "string" + }, + "Recipe": { + "$ref": "#/definitions/AWS::DataBrew::Job.Recipe", + "markdownDescription": "A series of data transformation steps that the job runs.", + "title": "Recipe" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role to be assumed for this job.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the Elastic IP address.\n\n> Updates to the `Tags` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "markdownDescription": "Metadata tags that have been applied to the job.", "title": "Tags", "type": "array" }, - "TransferAddress": { - "markdownDescription": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "TransferAddress", + "Timeout": { + "markdownDescription": "The job's timeout in minutes. A job that attempts to run longer than this timeout period ends with a status of `TIMEOUT` .", + "title": "Timeout", + "type": "number" + }, + "Type": { + "markdownDescription": "The job type of the job, which must be one of the following:\n\n- `PROFILE` - A job to analyze a dataset, to determine its size, data types, data distribution, and more.\n- `RECIPE` - A job to apply one or more transformations to a dataset.", + "title": "Type", "type": "string" + }, + "ValidationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ValidationConfiguration" + }, + "markdownDescription": "List of validation configurations that are applied to the profile job.", + "title": "ValidationConfigurations", + "type": "array" } }, + "required": [ + "Name", + "RoleArn", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EIP" + "AWS::DataBrew::Job" ], "type": "string" }, @@ -70291,156 +76756,438 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::EIPAssociation": { + "AWS::DataBrew::Job.AllowedStatistics": { "additionalProperties": false, "properties": { - "Condition": { + "Statistics": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more column statistics to allow for columns that contain detected entities.", + "title": "Statistics", + "type": "array" + } + }, + "required": [ + "Statistics" + ], + "type": "object" + }, + "AWS::DataBrew::Job.ColumnSelector": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of a column from a dataset.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Regex": { + "markdownDescription": "A regular expression for selecting a column from a dataset.", + "title": "Regex", "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.ColumnStatisticsConfiguration": { + "additionalProperties": false, + "properties": { + "Selectors": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" + }, + "markdownDescription": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.", + "title": "Selectors", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Statistics": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", + "markdownDescription": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations.", + "title": "Statistics" + } + }, + "required": [ + "Statistics" + ], + "type": "object" + }, + "AWS::DataBrew::Job.CsvOutputOptions": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "A single character that specifies the delimiter used to create CSV job output.", + "title": "Delimiter", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.DataCatalogOutput": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", + "type": "string" }, - "Metadata": { - "type": "object" + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllocationId": { - "markdownDescription": "The allocation ID. This is required.", - "title": "AllocationId", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.", - "title": "InstanceId", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n\nYou can specify either the instance ID or the network interface ID, but not both.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrivateIpAddress": { - "markdownDescription": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.", - "title": "PrivateIpAddress", - "type": "string" - } + "DatabaseOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", + "title": "DatabaseOptions" + }, + "Overwrite": { + "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions.", + "title": "Overwrite", + "type": "boolean" + }, + "S3Options": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3TableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.", + "title": "S3Options" + }, + "TableName": { + "markdownDescription": "The name of a table in the Data Catalog.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "TableName" + ], + "type": "object" + }, + "AWS::DataBrew::Job.DatabaseOutput": { + "additionalProperties": false, + "properties": { + "DatabaseOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", + "title": "DatabaseOptions" + }, + "DatabaseOutputMode": { + "markdownDescription": "The output mode to write into the database. Currently supported option: NEW_TABLE.", + "title": "DatabaseOutputMode", + "type": "string" + }, + "GlueConnectionName": { + "markdownDescription": "The AWS Glue connection that stores the connection information for the target database.", + "title": "GlueConnectionName", + "type": "string" + } + }, + "required": [ + "DatabaseOptions", + "GlueConnectionName" + ], + "type": "object" + }, + "AWS::DataBrew::Job.DatabaseTableOutputOptions": { + "additionalProperties": false, + "properties": { + "TableName": { + "markdownDescription": "A prefix for the name of a table DataBrew will create in the database.", + "title": "TableName", + "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results.", + "title": "TempDirectory" + } + }, + "required": [ + "TableName" + ], + "type": "object" + }, + "AWS::DataBrew::Job.EntityDetectorConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedStatistics": { + "$ref": "#/definitions/AWS::DataBrew::Job.AllowedStatistics", + "markdownDescription": "Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities.", + "title": "AllowedStatistics" + }, + "EntityTypes": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "Entity types to detect. Can be any of the following:\n\n- USA_SSN\n- EMAIL\n- USA_ITIN\n- USA_PASSPORT_NUMBER\n- PHONE_NUMBER\n- USA_DRIVING_LICENSE\n- BANK_ACCOUNT\n- CREDIT_CARD\n- IP_ADDRESS\n- MAC_ADDRESS\n- USA_DEA_NUMBER\n- USA_HCPCS_CODE\n- USA_NATIONAL_PROVIDER_IDENTIFIER\n- USA_NATIONAL_DRUG_CODE\n- USA_HEALTH_INSURANCE_CLAIM_NUMBER\n- USA_MEDICARE_BENEFICIARY_IDENTIFIER\n- USA_CPT_CODE\n- PERSON_NAME\n- DATE\n\nThe Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE.", + "title": "EntityTypes", + "type": "array" + } + }, + "required": [ + "EntityTypes" + ], + "type": "object" + }, + "AWS::DataBrew::Job.JobSample": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following:\n\n- FULL_DATASET - The profile job is run on the entire dataset.\n- CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter.", + "title": "Mode", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::EIPAssociation" - ], + "Size": { + "markdownDescription": "The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.\n\nLong.MAX_VALUE = 9223372036854775807", + "title": "Size", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.Output": { + "additionalProperties": false, + "properties": { + "CompressionFormat": { + "markdownDescription": "The compression algorithm used to compress the output text of the job.", + "title": "CompressionFormat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Format": { + "markdownDescription": "The data format of the output of the job.", + "title": "Format", "type": "string" + }, + "FormatOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.OutputFormatOptions", + "markdownDescription": "Represents options that define how DataBrew formats job output files.", + "title": "FormatOptions" + }, + "Location": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "The location in Amazon S3 where the job writes its output.", + "title": "Location" + }, + "MaxOutputFiles": { + "markdownDescription": "The maximum number of files to be generated by the job and written to the output folder.", + "title": "MaxOutputFiles", + "type": "number" + }, + "Overwrite": { + "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output.", + "title": "Overwrite", + "type": "boolean" + }, + "PartitionColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of one or more partition columns for the output of the job.", + "title": "PartitionColumns", + "type": "array" } }, "required": [ - "Type" + "Location" ], "type": "object" }, - "AWS::EC2::EgressOnlyInternetGateway": { + "AWS::DataBrew::Job.OutputFormatOptions": { "additionalProperties": false, "properties": { - "Condition": { + "Csv": { + "$ref": "#/definitions/AWS::DataBrew::Job.CsvOutputOptions", + "markdownDescription": "Represents a set of options that define the structure of comma-separated value (CSV) job output.", + "title": "Csv" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.OutputLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BucketOwner": { + "markdownDescription": "", + "title": "BucketOwner", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::DataBrew::Job.ProfileConfiguration": { + "additionalProperties": false, + "properties": { + "ColumnStatisticsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnStatisticsConfiguration" + }, + "markdownDescription": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.", + "title": "ColumnStatisticsConfigurations", + "type": "array" }, - "Metadata": { - "type": "object" + "DatasetStatisticsConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", + "markdownDescription": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.", + "title": "DatasetStatisticsConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "VpcId": { - "markdownDescription": "The ID of the VPC for which to create the egress-only internet gateway.", - "title": "VpcId", + "EntityDetectorConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.EntityDetectorConfiguration", + "markdownDescription": "Configuration of entity detection for a profile job. When undefined, entity detection is disabled.", + "title": "EntityDetectorConfiguration" + }, + "ProfileColumns": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" + }, + "markdownDescription": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.", + "title": "ProfileColumns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.Recipe": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The unique name for the recipe.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The identifier for the version for the recipe.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::DataBrew::Job.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account ID of the bucket owner.", + "title": "BucketOwner", + "type": "string" + }, + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::DataBrew::Job.S3TableOutputOptions": { + "additionalProperties": false, + "properties": { + "Location": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job.", + "title": "Location" + } + }, + "required": [ + "Location" + ], + "type": "object" + }, + "AWS::DataBrew::Job.StatisticOverride": { + "additionalProperties": false, + "properties": { + "Parameters": { + "additionalProperties": true, + "markdownDescription": "A map that includes overrides of an evaluation\u2019s parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "VpcId" - ], + "title": "Parameters", "type": "object" }, - "Type": { - "enum": [ - "AWS::EC2::EgressOnlyInternetGateway" - ], + "Statistic": { + "markdownDescription": "The name of an evaluation", + "title": "Statistic", + "type": "string" + } + }, + "required": [ + "Parameters", + "Statistic" + ], + "type": "object" + }, + "AWS::DataBrew::Job.StatisticsConfiguration": { + "additionalProperties": false, + "properties": { + "IncludedStatistics": { + "items": { + "type": "string" + }, + "markdownDescription": "List of included evaluations. When the list is undefined, all supported evaluations will be included.", + "title": "IncludedStatistics", + "type": "array" + }, + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticOverride" + }, + "markdownDescription": "List of overrides for evaluations.", + "title": "Overrides", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.ValidationConfiguration": { + "additionalProperties": false, + "properties": { + "RulesetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job. The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job.", + "title": "RulesetArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValidationMode": { + "markdownDescription": "Mode of data quality validation. Default mode is \u201cCHECK_ALL\u201d which verifies all rules defined in the selected ruleset.", + "title": "ValidationMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "RulesetArn" ], "type": "object" }, - "AWS::EC2::EnclaveCertificateIamRoleAssociation": { + "AWS::DataBrew::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -70475,26 +77222,51 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the ACM certificate with which to associate the IAM role.", - "title": "CertificateArn", + "DatasetName": { + "markdownDescription": "The dataset that the project is to act upon.", + "title": "DatasetName", + "type": "string" + }, + "Name": { + "markdownDescription": "The unique name of a project.", + "title": "Name", + "type": "string" + }, + "RecipeName": { + "markdownDescription": "The name of a recipe that will be developed during a project session.", + "title": "RecipeName", "type": "string" }, "RoleArn": { - "markdownDescription": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.", + "markdownDescription": "The Amazon Resource Name (ARN) of the role that will be assumed for this project.", "title": "RoleArn", "type": "string" + }, + "Sample": { + "$ref": "#/definitions/AWS::DataBrew::Project.Sample", + "markdownDescription": "The sample size and sampling type to apply to the data. If this parameter isn't specified, then the sample consists of the first 500 rows from the dataset.", + "title": "Sample" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata tags that have been applied to the project.", + "title": "Tags", + "type": "array" } }, "required": [ - "CertificateArn", + "DatasetName", + "Name", + "RecipeName", "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EnclaveCertificateIamRoleAssociation" + "AWS::DataBrew::Project" ], "type": "string" }, @@ -70513,7 +77285,26 @@ ], "type": "object" }, - "AWS::EC2::FlowLog": { + "AWS::DataBrew::Project.Sample": { + "additionalProperties": false, + "properties": { + "Size": { + "markdownDescription": "The number of rows in the sample.", + "title": "Size", + "type": "number" + }, + "Type": { + "markdownDescription": "The way in which DataBrew obtains rows from a dataset.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::DataBrew::Recipe": { "additionalProperties": false, "properties": { "Condition": { @@ -70548,79 +77339,42 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliverCrossAccountRole": { - "markdownDescription": "The ARN of the IAM role that allows the service to publish flow logs across accounts.", - "title": "DeliverCrossAccountRole", - "type": "string" - }, - "DeliverLogsPermissionArn": { - "markdownDescription": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.\n\nThis parameter is required if the destination type is `cloud-watch-logs` , or if the destination type is `kinesis-data-firehose` and the delivery stream and the resources to monitor are in different accounts.", - "title": "DeliverLogsPermissionArn", - "type": "string" - }, - "DestinationOptions": { - "$ref": "#/definitions/AWS::EC2::FlowLog.DestinationOptions", - "markdownDescription": "The destination options.", - "title": "DestinationOptions" - }, - "LogDestination": { - "markdownDescription": "The destination for the flow log data. The meaning of this parameter depends on the destination type.\n\n- If the destination type is `cloud-watch-logs` , specify the ARN of a CloudWatch Logs log group. For example:\n\narn:aws:logs: *region* : *account_id* :log-group: *my_group*\n\nAlternatively, use the `LogGroupName` parameter.\n- If the destination type is `s3` , specify the ARN of an S3 bucket. For example:\n\narn:aws:s3::: *my_bucket* / *my_subfolder* /\n\nThe subfolder is optional. Note that you can't use `AWSLogs` as a subfolder name.\n- If the destination type is `kinesis-data-firehose` , specify the ARN of a Kinesis Data Firehose delivery stream. For example:\n\narn:aws:firehose: *region* : *account_id* :deliverystream: *my_stream*", - "title": "LogDestination", - "type": "string" - }, - "LogDestinationType": { - "markdownDescription": "The type of destination for the flow log data.\n\nDefault: `cloud-watch-logs`", - "title": "LogDestinationType", - "type": "string" - }, - "LogFormat": { - "markdownDescription": "The fields to include in the flow log record, in the order in which they should appear. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must include at least one field. For more information about the available fields, see [Flow log records](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) in the *Amazon VPC User Guide* or [Transit Gateway Flow Log records](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) in the *AWS Transit Gateway Guide* .\n\nSpecify the fields using the `${field-id}` format, separated by spaces.", - "title": "LogFormat", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.\n\nThis parameter is valid only if the destination type is `cloud-watch-logs` .", - "title": "LogGroupName", + "Description": { + "markdownDescription": "The description of the recipe.", + "title": "Description", "type": "string" }, - "MaxAggregationInterval": { - "markdownDescription": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. The possible values are 60 seconds (1 minute) or 600 seconds (10 minutes). This parameter must be 60 seconds for transit gateway resource types.\n\nWhen a network interface is attached to a [Nitro-based instance](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) , the aggregation interval is always 60 seconds or less, regardless of the value that you specify.\n\nDefault: 600", - "title": "MaxAggregationInterval", - "type": "number" - }, - "ResourceId": { - "markdownDescription": "The ID of the resource to monitor. For example, if the resource type is `VPC` , specify the ID of the VPC.", - "title": "ResourceId", + "Name": { + "markdownDescription": "The unique name for the recipe.", + "title": "Name", "type": "string" }, - "ResourceType": { - "markdownDescription": "The type of resource to monitor.", - "title": "ResourceType", - "type": "string" + "Steps": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeStep" + }, + "markdownDescription": "A list of steps that are defined by the recipe.", + "title": "Steps", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the flow logs.", + "markdownDescription": "Metadata tags that have been applied to the recipe.", "title": "Tags", "type": "array" - }, - "TrafficType": { - "markdownDescription": "The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). This parameter is not supported for transit gateway resource types. It is required for the other resource types.", - "title": "TrafficType", - "type": "string" } }, "required": [ - "ResourceId", - "ResourceType" + "Name", + "Steps" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::FlowLog" + "AWS::DataBrew::Recipe" ], "type": "string" }, @@ -70639,208 +77393,670 @@ ], "type": "object" }, - "AWS::EC2::FlowLog.DestinationOptions": { + "AWS::DataBrew::Recipe.Action": { "additionalProperties": false, "properties": { - "FileFormat": { - "markdownDescription": "The format for the flow log. The default is `plain-text` .", - "title": "FileFormat", + "Operation": { + "markdownDescription": "The name of a valid DataBrew transformation to be performed on the data.", + "title": "Operation", "type": "string" }, - "HiveCompatiblePartitions": { - "markdownDescription": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` .", - "title": "HiveCompatiblePartitions", - "type": "boolean" - }, - "PerHourPartition": { - "markdownDescription": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` .", - "title": "PerHourPartition", - "type": "boolean" + "Parameters": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeParameters", + "markdownDescription": "Contextual parameters for the transformation.", + "title": "Parameters" } }, "required": [ - "FileFormat", - "HiveCompatiblePartitions", - "PerHourPartition" + "Operation" ], "type": "object" }, - "AWS::EC2::GatewayRouteTableAssociation": { + "AWS::DataBrew::Recipe.ConditionExpression": { "additionalProperties": false, "properties": { "Condition": { + "markdownDescription": "A specific condition to apply to a recipe action. For more information, see [Recipe structure](https://docs.aws.amazon.com/databrew/latest/dg/recipe-structure.html) in the *AWS Glue DataBrew Developer Guide* .", + "title": "Condition", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetColumn": { + "markdownDescription": "A column to apply this condition to.", + "title": "TargetColumn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "GatewayId": { - "markdownDescription": "The ID of the gateway.", - "title": "GatewayId", - "type": "string" - }, - "RouteTableId": { - "markdownDescription": "The ID of the route table.", - "title": "RouteTableId", - "type": "string" - } - }, - "required": [ - "GatewayId", - "RouteTableId" - ], - "type": "object" + "Value": { + "markdownDescription": "A value that the condition must evaluate to for the condition to succeed.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Condition", + "TargetColumn" + ], + "type": "object" + }, + "AWS::DataBrew::Recipe.DataCatalogInputDefinition": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::GatewayRouteTableAssociation" - ], + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableName": { + "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", + "title": "TableName", "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "Represents an Amazon location where DataBrew can store intermediate results.", + "title": "TempDirectory" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::Host": { + "AWS::DataBrew::Recipe.Input": { "additionalProperties": false, "properties": { - "Condition": { + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" + }, + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" + } + }, + "type": "object" + }, + "AWS::DataBrew::Recipe.RecipeParameters": { + "additionalProperties": false, + "properties": { + "AggregateFunction": { + "markdownDescription": "The name of an aggregation function to apply.", + "title": "AggregateFunction", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Base": { + "markdownDescription": "The number of digits used in a counting system.", + "title": "Base", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CaseStatement": { + "markdownDescription": "A case statement associated with a recipe.", + "title": "CaseStatement", + "type": "string" }, - "Metadata": { - "type": "object" + "CategoryMap": { + "markdownDescription": "A category map used for one-hot encoding.", + "title": "CategoryMap", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssetId": { - "markdownDescription": "The ID of the Outpost hardware asset on which the Dedicated Host is allocated.", - "title": "AssetId", - "type": "string" - }, - "AutoPlacement": { - "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", - "title": "AutoPlacement", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to allocate the Dedicated Host.", - "title": "AvailabilityZone", - "type": "string" - }, - "HostMaintenance": { - "markdownDescription": "Indicates whether host maintenance is enabled or disabled for the Dedicated Host.", - "title": "HostMaintenance", - "type": "string" - }, - "HostRecovery": { - "markdownDescription": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see [Host recovery](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", - "title": "HostRecovery", - "type": "string" - }, - "InstanceFamily": { - "markdownDescription": "The instance family supported by the Dedicated Host. For example, `m5` .", - "title": "InstanceFamily", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.", - "title": "InstanceType", - "type": "string" - }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Outpost on which the Dedicated Host is allocated.", - "title": "OutpostArn", - "type": "string" - } + "CharsToRemove": { + "markdownDescription": "Characters to remove from a step that applies one-hot encoding or tokenization.", + "title": "CharsToRemove", + "type": "string" + }, + "CollapseConsecutiveWhitespace": { + "markdownDescription": "Remove any non-word non-punctuation character.", + "title": "CollapseConsecutiveWhitespace", + "type": "string" + }, + "ColumnDataType": { + "markdownDescription": "The data type of the column.", + "title": "ColumnDataType", + "type": "string" + }, + "ColumnRange": { + "markdownDescription": "A range of columns to which a step is applied.", + "title": "ColumnRange", + "type": "string" + }, + "Count": { + "markdownDescription": "The number of times a string needs to be repeated.", + "title": "Count", + "type": "string" + }, + "CustomCharacters": { + "markdownDescription": "One or more characters that can be substituted or removed, depending on the context.", + "title": "CustomCharacters", + "type": "string" + }, + "CustomStopWords": { + "markdownDescription": "A list of words to ignore in a step that applies word tokenization.", + "title": "CustomStopWords", + "type": "string" + }, + "CustomValue": { + "markdownDescription": "A list of custom values to use in a step that requires that you provide a value to finish the operation.", + "title": "CustomValue", + "type": "string" + }, + "DatasetsColumns": { + "markdownDescription": "A list of the dataset columns included in a project.", + "title": "DatasetsColumns", + "type": "string" + }, + "DateAddValue": { + "markdownDescription": "A value that specifies how many units of time to add or subtract for a date math operation.", + "title": "DateAddValue", + "type": "string" + }, + "DateTimeFormat": { + "markdownDescription": "A date format to apply to a date.", + "title": "DateTimeFormat", + "type": "string" + }, + "DateTimeParameters": { + "markdownDescription": "A set of parameters associated with a datetime.", + "title": "DateTimeParameters", + "type": "string" + }, + "DeleteOtherRows": { + "markdownDescription": "Determines whether unmapped rows in a categorical mapping should be deleted", + "title": "DeleteOtherRows", + "type": "string" + }, + "Delimiter": { + "markdownDescription": "The delimiter to use when parsing separated values in a text file.", + "title": "Delimiter", + "type": "string" + }, + "EndPattern": { + "markdownDescription": "The end pattern to locate.", + "title": "EndPattern", + "type": "string" + }, + "EndPosition": { + "markdownDescription": "The end position to locate.", + "title": "EndPosition", + "type": "string" + }, + "EndValue": { + "markdownDescription": "The end value to locate.", + "title": "EndValue", + "type": "string" + }, + "ExpandContractions": { + "markdownDescription": "A list of word contractions and what they expand to. For eample: *can't* ; *cannot* ; *can not* .", + "title": "ExpandContractions", + "type": "string" + }, + "Exponent": { + "markdownDescription": "The exponent to apply in an exponential operation.", + "title": "Exponent", + "type": "string" + }, + "FalseString": { + "markdownDescription": "A value that represents `FALSE` .", + "title": "FalseString", + "type": "string" + }, + "GroupByAggFunctionOptions": { + "markdownDescription": "Specifies options to apply to the `GROUP BY` used in an aggregation.", + "title": "GroupByAggFunctionOptions", + "type": "string" + }, + "GroupByColumns": { + "markdownDescription": "The columns to use in the `GROUP BY` clause.", + "title": "GroupByColumns", + "type": "string" + }, + "HiddenColumns": { + "markdownDescription": "A list of columns to hide.", + "title": "HiddenColumns", + "type": "string" + }, + "IgnoreCase": { + "markdownDescription": "Indicates that lower and upper case letters are treated equally.", + "title": "IgnoreCase", + "type": "string" + }, + "IncludeInSplit": { + "markdownDescription": "Indicates if this column is participating in a split transform.", + "title": "IncludeInSplit", + "type": "string" + }, + "Input": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.Input", + "markdownDescription": "The input location to load the dataset from - Amazon S3 or AWS Glue Data Catalog .", + "title": "Input" + }, + "Interval": { + "markdownDescription": "The number of characters to split by.", + "title": "Interval", + "type": "string" + }, + "IsText": { + "markdownDescription": "Indicates if the content is text.", + "title": "IsText", + "type": "string" + }, + "JoinKeys": { + "markdownDescription": "The keys or columns involved in a join.", + "title": "JoinKeys", + "type": "string" + }, + "JoinType": { + "markdownDescription": "The type of join to use, for example, `INNER JOIN` , `OUTER JOIN` , and so on.", + "title": "JoinType", + "type": "string" + }, + "LeftColumns": { + "markdownDescription": "The columns on the left side of the join.", + "title": "LeftColumns", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of times to perform `split` or `replaceBy` in a string", + "title": "Limit", + "type": "string" + }, + "LowerBound": { + "markdownDescription": "The lower boundary for a value.", + "title": "LowerBound", + "type": "string" + }, + "MapType": { + "markdownDescription": "The type of mappings to apply to construct a new dynamic frame.", + "title": "MapType", + "type": "string" + }, + "ModeType": { + "markdownDescription": "Determines the manner in which mode value is calculated, in case there is more than one mode value. Valid values: `NONE` | `AVERAGE` | `MINIMUM` | `MAXIMUM`", + "title": "ModeType", + "type": "string" + }, + "MultiLine": { + "markdownDescription": "Specifies whether JSON input contains embedded new line characters.", + "title": "MultiLine", + "type": "boolean" + }, + "NumRows": { + "markdownDescription": "The number of rows to consider in a window.", + "title": "NumRows", + "type": "string" + }, + "NumRowsAfter": { + "markdownDescription": "The number of rows to consider after the current row in a window", + "title": "NumRowsAfter", + "type": "string" + }, + "NumRowsBefore": { + "markdownDescription": "The number of rows to consider before the current row in a window", + "title": "NumRowsBefore", + "type": "string" + }, + "OrderByColumn": { + "markdownDescription": "A column to sort the results by.", + "title": "OrderByColumn", + "type": "string" + }, + "OrderByColumns": { + "markdownDescription": "The columns to sort the results by.", + "title": "OrderByColumns", + "type": "string" + }, + "Other": { + "markdownDescription": "The value to assign to unmapped cells, in categorical mapping", + "title": "Other", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern to locate.", + "title": "Pattern", + "type": "string" + }, + "PatternOption1": { + "markdownDescription": "The starting pattern to split between.", + "title": "PatternOption1", + "type": "string" + }, + "PatternOption2": { + "markdownDescription": "The ending pattern to split between.", + "title": "PatternOption2", + "type": "string" + }, + "PatternOptions": { + "markdownDescription": "For splitting by multiple delimiters: A JSON-encoded string that lists the patterns in the format. For example: `[{\\\"pattern\\\":\\\"1\\\",\\\"includeInSplit\\\":true}]`", + "title": "PatternOptions", + "type": "string" + }, + "Period": { + "markdownDescription": "The size of the rolling window.", + "title": "Period", + "type": "string" + }, + "Position": { + "markdownDescription": "The character index within a string", + "title": "Position", + "type": "string" + }, + "RemoveAllPunctuation": { + "markdownDescription": "If `true` , removes all of the following characters: `.` `.!` `.,` `.?`", + "title": "RemoveAllPunctuation", + "type": "string" + }, + "RemoveAllQuotes": { + "markdownDescription": "If `true` , removes all single quotes and double quotes.", + "title": "RemoveAllQuotes", + "type": "string" + }, + "RemoveAllWhitespace": { + "markdownDescription": "If `true` , removes all whitespaces from the value.", + "title": "RemoveAllWhitespace", + "type": "string" + }, + "RemoveCustomCharacters": { + "markdownDescription": "If `true` , removes all chraracters specified by `CustomCharacters` .", + "title": "RemoveCustomCharacters", + "type": "string" + }, + "RemoveCustomValue": { + "markdownDescription": "If `true` , removes all chraracters specified by `CustomValue` .", + "title": "RemoveCustomValue", + "type": "string" + }, + "RemoveLeadingAndTrailingPunctuation": { + "markdownDescription": "If `true` , removes the following characters if they occur at the start or end of the value: `.` `!` `,` `?`", + "title": "RemoveLeadingAndTrailingPunctuation", + "type": "string" + }, + "RemoveLeadingAndTrailingQuotes": { + "markdownDescription": "If `true` , removes single quotes and double quotes from the beginning and end of the value.", + "title": "RemoveLeadingAndTrailingQuotes", + "type": "string" + }, + "RemoveLeadingAndTrailingWhitespace": { + "markdownDescription": "If `true` , removes all whitespaces from the beginning and end of the value.", + "title": "RemoveLeadingAndTrailingWhitespace", + "type": "string" + }, + "RemoveLetters": { + "markdownDescription": "If `true` , removes all uppercase and lowercase alphabetic characters (A through Z; a through z).", + "title": "RemoveLetters", + "type": "string" + }, + "RemoveNumbers": { + "markdownDescription": "If `true` , removes all numeric characters (0 through 9).", + "title": "RemoveNumbers", + "type": "string" + }, + "RemoveSourceColumn": { + "markdownDescription": "If `true` , the source column will be removed after un-nesting that column. (Used with nested column types, such as Map, Struct, or Array.)", + "title": "RemoveSourceColumn", + "type": "string" + }, + "RemoveSpecialCharacters": { + "markdownDescription": "If `true` , removes all of the following characters: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~`", + "title": "RemoveSpecialCharacters", + "type": "string" + }, + "RightColumns": { + "markdownDescription": "The columns on the right side of a join.", + "title": "RightColumns", + "type": "string" + }, + "SampleSize": { + "markdownDescription": "The number of rows in the sample.", + "title": "SampleSize", + "type": "string" + }, + "SampleType": { + "markdownDescription": "The sampling type to apply to the dataset. Valid values: `FIRST_N` | `LAST_N` | `RANDOM`", + "title": "SampleType", + "type": "string" + }, + "SecondInput": { + "markdownDescription": "A object value to indicate the second dataset used in a join.", + "title": "SecondInput", + "type": "string" + }, + "SecondaryInputs": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.SecondaryInput" }, - "required": [ - "AvailabilityZone" - ], - "type": "object" + "markdownDescription": "A list of secondary inputs in a UNION transform", + "title": "SecondaryInputs", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::Host" - ], + "SheetIndexes": { + "items": { + "type": "number" + }, + "markdownDescription": "One or more sheet numbers in the Excel file, which will be included in a dataset.", + "title": "SheetIndexes", + "type": "array" + }, + "SheetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Oone or more named sheets in the Excel file, which will be included in a dataset.", + "title": "SheetNames", + "type": "array" + }, + "SourceColumn": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceColumn1": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn1", + "type": "string" + }, + "SourceColumn2": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn2", + "type": "string" + }, + "SourceColumns": { + "markdownDescription": "A list of source columns needed for an operation, step, or transform.", + "title": "SourceColumns", + "type": "string" + }, + "StartColumnIndex": { + "markdownDescription": "The index number of the first column used by an operation, step, or transform.", + "title": "StartColumnIndex", + "type": "string" + }, + "StartPattern": { + "markdownDescription": "The starting pattern to locate.", + "title": "StartPattern", + "type": "string" + }, + "StartPosition": { + "markdownDescription": "The starting position to locate.", + "title": "StartPosition", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The starting value to locate.", + "title": "StartValue", + "type": "string" + }, + "StemmingMode": { + "markdownDescription": "Indicates this operation uses stems and lemmas (base words) for word tokenization.", + "title": "StemmingMode", + "type": "string" + }, + "StepCount": { + "markdownDescription": "The total number of transforms in this recipe.", + "title": "StepCount", + "type": "string" + }, + "StepIndex": { + "markdownDescription": "The index ID of a step.", + "title": "StepIndex", + "type": "string" + }, + "StopWordsMode": { + "markdownDescription": "Indicates this operation uses stop words as part of word tokenization.", + "title": "StopWordsMode", + "type": "string" + }, + "Strategy": { + "markdownDescription": "The resolution strategy to apply in resolving ambiguities.", + "title": "Strategy", + "type": "string" + }, + "TargetColumn": { + "markdownDescription": "The column targeted by this operation.", + "title": "TargetColumn", + "type": "string" + }, + "TargetColumnNames": { + "markdownDescription": "The names to give columns altered by this operation.", + "title": "TargetColumnNames", + "type": "string" + }, + "TargetDateFormat": { + "markdownDescription": "The date format to convert to.", + "title": "TargetDateFormat", + "type": "string" + }, + "TargetIndex": { + "markdownDescription": "The index number of an object that is targeted by this operation.", + "title": "TargetIndex", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The current timezone that you want to use for dates.", + "title": "TimeZone", + "type": "string" + }, + "TokenizerPattern": { + "markdownDescription": "A regex expression to use when splitting text into terms, also called words or tokens.", + "title": "TokenizerPattern", "type": "string" + }, + "TrueString": { + "markdownDescription": "A value to use to represent `TRUE` .", + "title": "TrueString", + "type": "string" + }, + "UdfLang": { + "markdownDescription": "The language that's used in the user-defined function.", + "title": "UdfLang", + "type": "string" + }, + "Units": { + "markdownDescription": "Specifies a unit of time. For example: `MINUTES` ; `SECONDS` ; `HOURS` ; etc.", + "title": "Units", + "type": "string" + }, + "UnpivotColumn": { + "markdownDescription": "Cast columns as rows, so that each value is a different row in a single column.", + "title": "UnpivotColumn", + "type": "string" + }, + "UpperBound": { + "markdownDescription": "The upper boundary for a value.", + "title": "UpperBound", + "type": "string" + }, + "UseNewDataFrame": { + "markdownDescription": "Create a new container to hold a dataset.", + "title": "UseNewDataFrame", + "type": "string" + }, + "Value": { + "markdownDescription": "A static value that can be used in a comparison, a substitution, or in another context-specific way. A `Value` can be a number, string, or other datatype, depending on the recipe action in which it's used.", + "title": "Value", + "type": "string" + }, + "Value1": { + "markdownDescription": "A value that's used by this operation.", + "title": "Value1", + "type": "string" + }, + "Value2": { + "markdownDescription": "A value that's used by this operation.", + "title": "Value2", + "type": "string" + }, + "ValueColumn": { + "markdownDescription": "The column that is provided as a value that's used by this operation.", + "title": "ValueColumn", + "type": "string" + }, + "ViewFrame": { + "markdownDescription": "The subset of rows currently available for viewing.", + "title": "ViewFrame", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Recipe.RecipeStep": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.Action", + "markdownDescription": "The particular action to be performed in the recipe step.", + "title": "Action" + }, + "ConditionExpressions": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.ConditionExpression" + }, + "markdownDescription": "One or more conditions that must be met for the recipe step to succeed.\n\n> All of the conditions in the array must be met. In other words, all of the conditions must be combined using a logical AND operation.", + "title": "ConditionExpressions", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Action" ], "type": "object" }, - "AWS::EC2::IPAM": { + "AWS::DataBrew::Recipe.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::DataBrew::Recipe.SecondaryInput": { + "additionalProperties": false, + "properties": { + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" + }, + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" + } + }, + "type": "object" + }, + "AWS::DataBrew::Ruleset": { "additionalProperties": false, "properties": { "Condition": { @@ -70876,37 +78092,47 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description for the IPAM.", + "markdownDescription": "The description of the ruleset.", "title": "Description", "type": "string" }, - "OperatingRegions": { + "Name": { + "markdownDescription": "The name of the ruleset.", + "title": "Name", + "type": "string" + }, + "Rules": { "items": { - "$ref": "#/definitions/AWS::EC2::IPAM.IpamOperatingRegion" + "$ref": "#/definitions/AWS::DataBrew::Ruleset.Rule" }, - "markdownDescription": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "OperatingRegions", + "markdownDescription": "Contains metadata about the ruleset.", + "title": "Rules", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "Tier": { - "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", - "title": "Tier", + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a resource (dataset) that the ruleset is associated with.", + "title": "TargetArn", "type": "string" } }, + "required": [ + "Name", + "Rules", + "TargetArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAM" + "AWS::DataBrew::Ruleset" ], "type": "string" }, @@ -70920,25 +78146,118 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::IPAM.IpamOperatingRegion": { + "AWS::DataBrew::Ruleset.ColumnSelector": { "additionalProperties": false, "properties": { - "RegionName": { - "markdownDescription": "The name of the operating Region.", - "title": "RegionName", + "Name": { + "markdownDescription": "The name of a column from a dataset.", + "title": "Name", + "type": "string" + }, + "Regex": { + "markdownDescription": "A regular expression for selecting a column from a dataset.", + "title": "Regex", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Ruleset.Rule": { + "additionalProperties": false, + "properties": { + "CheckExpression": { + "markdownDescription": "The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` .", + "title": "CheckExpression", + "type": "string" + }, + "ColumnSelectors": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.ColumnSelector" + }, + "markdownDescription": "List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns.", + "title": "ColumnSelectors", + "type": "array" + }, + "Disabled": { + "markdownDescription": "A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false.", + "title": "Disabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the rule.", + "title": "Name", + "type": "string" + }, + "SubstitutionMap": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.SubstitutionValue" + }, + "markdownDescription": "The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `\":col1\": \"`Column A`\".`", + "title": "SubstitutionMap", + "type": "array" + }, + "Threshold": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.Threshold", + "markdownDescription": "The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds.", + "title": "Threshold" + } + }, + "required": [ + "CheckExpression", + "Name" + ], + "type": "object" + }, + "AWS::DataBrew::Ruleset.SubstitutionValue": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "Value or column name.", + "title": "Value", + "type": "string" + }, + "ValueReference": { + "markdownDescription": "Variable name.", + "title": "ValueReference", "type": "string" } }, "required": [ - "RegionName" + "Value", + "ValueReference" ], "type": "object" }, - "AWS::EC2::IPAMAllocation": { + "AWS::DataBrew::Ruleset.Threshold": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value.", + "title": "Type", + "type": "string" + }, + "Unit": { + "markdownDescription": "Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a threshold.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::DataBrew::Schedule": { "additionalProperties": false, "properties": { "Condition": { @@ -70973,35 +78292,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR.", - "title": "Cidr", + "CronExpression": { + "markdownDescription": "The dates and times when the job is to run. For more information, see [Working with cron expressions for recipe jobs](https://docs.aws.amazon.com/databrew/latest/dg/jobs.recipe.html#jobs.cron) in the *AWS Glue DataBrew Developer Guide* .", + "title": "CronExpression", "type": "string" }, - "Description": { - "markdownDescription": "A description for the allocation.", - "title": "Description", - "type": "string" + "JobNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of jobs to be run, according to the schedule.", + "title": "JobNames", + "type": "array" }, - "IpamPoolId": { - "markdownDescription": "The ID of the IPAM pool from which you would like to allocate a CIDR.", - "title": "IpamPoolId", + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", "type": "string" }, - "NetmaskLength": { - "markdownDescription": "The netmask length of the CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "NetmaskLength", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata tags that have been applied to the schedule.", + "title": "Tags", + "type": "array" } }, "required": [ - "IpamPoolId" + "CronExpression", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMAllocation" + "AWS::DataBrew::Schedule" ], "type": "string" }, @@ -71020,7 +78346,7 @@ ], "type": "object" }, - "AWS::EC2::IPAMPool": { + "AWS::DataPipeline::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -71055,105 +78381,62 @@ "Properties": { "additionalProperties": false, "properties": { - "AddressFamily": { - "markdownDescription": "The address family of the pool.", - "title": "AddressFamily", - "type": "string" - }, - "AllocationDefaultNetmaskLength": { - "markdownDescription": "The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.", - "title": "AllocationDefaultNetmaskLength", - "type": "number" - }, - "AllocationMaxNetmaskLength": { - "markdownDescription": "The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. The maximum netmask length must be greater than the minimum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "AllocationMaxNetmaskLength", - "type": "number" - }, - "AllocationMinNetmaskLength": { - "markdownDescription": "The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. The minimum netmask length must be less than the maximum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "AllocationMinNetmaskLength", - "type": "number" - }, - "AllocationResourceTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.", - "title": "AllocationResourceTags", - "type": "array" - }, - "AutoImport": { - "markdownDescription": "If selected, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.\n\nA locale must be set on the pool for this feature to work.", - "title": "AutoImport", + "Activate": { + "markdownDescription": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to `true` .", + "title": "Activate", "type": "boolean" }, - "AwsService": { - "markdownDescription": "Limits which service in AWS that the pool can be used in. \"ec2\", for example, allows users to use space for Elastic IP addresses and VPCs.", - "title": "AwsService", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the IPAM pool.", + "markdownDescription": "A description of the pipeline.", "title": "Description", "type": "string" }, - "IpamScopeId": { - "markdownDescription": "The ID of the scope in which you would like to create the IPAM pool.", - "title": "IpamScopeId", - "type": "string" - }, - "Locale": { - "markdownDescription": "The locale of the IPAM pool.\n\nThe locale for the pool should be one of the following:\n\n- An AWS Region where you want this IPAM pool to be available for allocations.\n- The network border group for an AWS Local Zone where you want this IPAM pool to be available for allocations ( [supported Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-zone-avail) ). This option is only available for IPAM IPv4 pools in the public scope.\n\nIf you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error.", - "title": "Locale", + "Name": { + "markdownDescription": "The name of the pipeline.", + "title": "Name", "type": "string" }, - "ProvisionedCidrs": { + "ParameterObjects": { "items": { - "$ref": "#/definitions/AWS::EC2::IPAMPool.ProvisionedCidr" + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterObject" }, - "markdownDescription": "Information about the CIDRs provisioned to an IPAM pool.", - "title": "ProvisionedCidrs", + "markdownDescription": "The parameter objects used with the pipeline.", + "title": "ParameterObjects", "type": "array" }, - "PublicIpSource": { - "markdownDescription": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `BYOIP` . For more information, see [Create IPv6 pools](https://docs.aws.amazon.com//vpc/latest/ipam/intro-create-ipv6-pools.html) in the *Amazon VPC IPAM User Guide* . By default, you can add only one Amazon-provided IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the default limit, see [Quotas for your IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/quotas-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "PublicIpSource", - "type": "string" - }, - "PubliclyAdvertisable": { - "markdownDescription": "Determines if a pool is publicly advertisable. This option is not available for pools with AddressFamily set to `ipv4` .", - "title": "PubliclyAdvertisable", - "type": "boolean" - }, - "SourceIpamPoolId": { - "markdownDescription": "The ID of the source IPAM pool. You can use this option to create an IPAM pool within an existing source pool.", - "title": "SourceIpamPoolId", - "type": "string" - }, - "SourceResource": { - "$ref": "#/definitions/AWS::EC2::IPAMPool.SourceResource", - "markdownDescription": "The resource used to provision CIDRs to a resource planning pool.", - "title": "SourceResource" - }, - "Tags": { + "ParameterValues": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterValue" }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", - "title": "Tags", + "markdownDescription": "The parameter values used with the pipeline.", + "title": "ParameterValues", "type": "array" - } - }, - "required": [ - "AddressFamily", - "IpamScopeId" + }, + "PipelineObjects": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineObject" + }, + "markdownDescription": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see [Editing Your Pipeline](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-manage-pipeline-modify-console.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "PipelineObjects", + "type": "array" + }, + "PipelineTags": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineTag" + }, + "markdownDescription": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see [Controlling Access to Pipelines and Resources](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-control-access.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "PipelineTags", + "type": "array" + } + }, + "required": [ + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMPool" + "AWS::DataPipeline::Pipeline" ], "type": "string" }, @@ -71172,53 +78455,143 @@ ], "type": "object" }, - "AWS::EC2::IPAMPool.ProvisionedCidr": { + "AWS::DataPipeline::Pipeline.Field": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", - "title": "Cidr", + "Key": { + "markdownDescription": "Specifies the name of a field for a particular object. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "Key", + "type": "string" + }, + "RefValue": { + "markdownDescription": "A field value that you specify as an identifier of another object in the same pipeline definition.\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", + "title": "RefValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "A field value that you specify as a string. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", + "title": "StringValue", "type": "string" } }, "required": [ - "Cidr" + "Key" ], "type": "object" }, - "AWS::EC2::IPAMPool.SourceResource": { + "AWS::DataPipeline::Pipeline.ParameterAttribute": { "additionalProperties": false, "properties": { - "ResourceId": { - "markdownDescription": "The source resource ID.", - "title": "ResourceId", + "Key": { + "markdownDescription": "The field identifier.", + "title": "Key", "type": "string" }, - "ResourceOwner": { - "markdownDescription": "The source resource owner.", - "title": "ResourceOwner", + "StringValue": { + "markdownDescription": "The field value, expressed as a String.", + "title": "StringValue", "type": "string" + } + }, + "required": [ + "Key", + "StringValue" + ], + "type": "object" + }, + "AWS::DataPipeline::Pipeline.ParameterObject": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterAttribute" + }, + "markdownDescription": "The attributes of the parameter object.", + "title": "Attributes", + "type": "array" }, - "ResourceRegion": { - "markdownDescription": "The source resource Region.", - "title": "ResourceRegion", + "Id": { + "markdownDescription": "The ID of the parameter object.", + "title": "Id", + "type": "string" + } + }, + "required": [ + "Attributes", + "Id" + ], + "type": "object" + }, + "AWS::DataPipeline::Pipeline.ParameterValue": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the parameter value.", + "title": "Id", "type": "string" }, - "ResourceType": { - "markdownDescription": "The source resource type.", - "title": "ResourceType", + "StringValue": { + "markdownDescription": "The field value, expressed as a String.", + "title": "StringValue", "type": "string" } }, "required": [ - "ResourceId", - "ResourceOwner", - "ResourceRegion", - "ResourceType" + "Id", + "StringValue" ], "type": "object" }, - "AWS::EC2::IPAMPoolCidr": { + "AWS::DataPipeline::Pipeline.PipelineObject": { + "additionalProperties": false, + "properties": { + "Fields": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.Field" + }, + "markdownDescription": "Key-value pairs that define the properties of the object.", + "title": "Fields", + "type": "array" + }, + "Id": { + "markdownDescription": "The ID of the object.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the object.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Fields", + "Id", + "Name" + ], + "type": "object" + }, + "AWS::DataPipeline::Pipeline.PipelineTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key name of a tag.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value to associate with the key name.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::DataSync::Agent": { "additionalProperties": false, "properties": { "Condition": { @@ -71253,30 +78626,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", - "title": "Cidr", + "ActivationKey": { + "markdownDescription": "Specifies your DataSync agent's activation key. If you don't have an activation key, see [Activating your agent](https://docs.aws.amazon.com/datasync/latest/userguide/activate-agent.html) .", + "title": "ActivationKey", "type": "string" }, - "IpamPoolId": { - "markdownDescription": "The ID of the IPAM pool.", - "title": "IpamPoolId", + "AgentName": { + "markdownDescription": "Specifies a name for your agent. We recommend specifying a name that you can remember.", + "title": "AgentName", "type": "string" }, - "NetmaskLength": { - "markdownDescription": "The netmask length of the CIDR you'd like to provision to a pool. Can be used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for provisioning CIDRs to pools with source pools. Cannot be used to provision BYOIP CIDRs to top-level pools. \"NetmaskLength\" or \"Cidr\" is required.", - "title": "NetmaskLength", - "type": "number" + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. See [SecurityGroupArns](https://docs.aws.amazon.com/datasync/latest/userguide/API_Ec2Config.html#DataSync-Type-Ec2Config-SecurityGroupArns) .\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`", + "title": "SecurityGroupArns", + "type": "array" + }, + "SubnetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the ARN of the subnet where your VPC service endpoint is located. You can only specify one ARN.", + "title": "SubnetArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least one tag for your agent.", + "title": "Tags", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The ID of the virtual private cloud (VPC) endpoint that the agent has access to. This is the client-side VPC endpoint, powered by AWS PrivateLink . If you don't have an AWS PrivateLink VPC endpoint, see [AWS PrivateLink and VPC endpoints](https://docs.aws.amazon.com//vpc/latest/userguide/endpoint-services-overview.html) in the *Amazon VPC User Guide* .\n\nFor more information about activating your agent in a private network based on a VPC, see [Using AWS DataSync in a Virtual Private Cloud](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-in-vpc.html) in the *AWS DataSync User Guide.*\n\nA VPC endpoint ID looks like this: `vpce-01234d5aff67890e1` .", + "title": "VpcEndpointId", + "type": "string" } }, - "required": [ - "IpamPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMPoolCidr" + "AWS::DataSync::Agent" ], "type": "string" }, @@ -71290,12 +78684,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscovery": { + "AWS::DataSync::LocationAzureBlob": { "additionalProperties": false, "properties": { "Condition": { @@ -71330,33 +78723,71 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The resource discovery description.", - "title": "Description", - "type": "string" - }, - "OperatingRegions": { + "AgentArns": { "items": { - "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion" + "type": "string" }, - "markdownDescription": "The operating Regions for the resource discovery. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.", - "title": "OperatingRegions", + "markdownDescription": "(Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", + "title": "AgentArns", "type": "array" }, + "AzureAccessTier": { + "markdownDescription": "Specifies the access tier that you want your objects or files transferred into. This only applies when using the location as a transfer destination. For more information, see [Access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) .", + "title": "AzureAccessTier", + "type": "string" + }, + "AzureBlobAuthenticationType": { + "markdownDescription": "Specifies the authentication method DataSync uses to access your Azure Blob Storage. DataSync can access blob storage using a shared access signature (SAS).", + "title": "AzureBlobAuthenticationType", + "type": "string" + }, + "AzureBlobContainerUrl": { + "markdownDescription": "Specifies the URL of the Azure Blob Storage container involved in your transfer.", + "title": "AzureBlobContainerUrl", + "type": "string" + }, + "AzureBlobSasConfiguration": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration", + "markdownDescription": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage.\n\n> If you provide an authentication token using `SasConfiguration` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's secrets manager secret.", + "title": "AzureBlobSasConfiguration" + }, + "AzureBlobType": { + "markdownDescription": "Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Currently, DataSync only supports moving data into Azure Blob Storage as block blobs. For more information on blob types, see the [Azure Blob Storage documentation](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs) .", + "title": "AzureBlobType", + "type": "string" + }, + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.CmkSecretConfig", + "markdownDescription": "Specifies configuration information for a DataSync-managed secret, such as an authentication token or secret key that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key .\n\n> You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.", + "title": "CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.CustomSecretConfig", + "markdownDescription": "Specifies configuration information for a customer-managed Secrets Manager secret where a storage location authentication token or secret key is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.\n\n> You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.", + "title": "CustomSecretConfig" + }, + "Subdirectory": { + "markdownDescription": "Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ).", + "title": "Subdirectory", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", "title": "Tags", "type": "array" } }, + "required": [ + "AzureBlobAuthenticationType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMResourceDiscovery" + "AWS::DataSync::LocationAzureBlob" ], "type": "string" }, @@ -71370,25 +78801,76 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion": { + "AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration": { "additionalProperties": false, "properties": { - "RegionName": { - "markdownDescription": "The name of the operating Region.", - "title": "RegionName", + "AzureBlobSasToken": { + "markdownDescription": "Specifies a SAS token that provides permissions to access your Azure Blob Storage.\n\nThe token is part of the SAS URI string that comes after the storage resource URI and a question mark. A token looks something like this:\n\n`sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D`", + "title": "AzureBlobSasToken", "type": "string" } }, "required": [ - "RegionName" + "AzureBlobSasToken" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscoveryAssociation": { + "AWS::DataSync::LocationAzureBlob.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . DataSync provides this key to AWS Secrets Manager .", + "title": "KmsKeyArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` .", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationAzureBlob.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "markdownDescription": "Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` .", + "title": "SecretAccessRoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationAzureBlob.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationEFS": { "additionalProperties": false, "properties": { "Condition": { @@ -71423,34 +78905,53 @@ "Properties": { "additionalProperties": false, "properties": { - "IpamId": { - "markdownDescription": "The IPAM ID.", - "title": "IpamId", + "AccessPointArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to mount your Amazon EFS file system.\n\nFor more information, see [Accessing restricted file systems](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam) .", + "title": "AccessPointArn", "type": "string" }, - "IpamResourceDiscoveryId": { - "markdownDescription": "The resource discovery ID.", - "title": "IpamResourceDiscoveryId", + "Ec2Config": { + "$ref": "#/definitions/AWS::DataSync::LocationEFS.Ec2Config", + "markdownDescription": "Specifies the subnet and security groups DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) .", + "title": "Ec2Config" + }, + "EfsFilesystemArn": { + "markdownDescription": "Specifies the ARN for your Amazon EFS file system.", + "title": "EfsFilesystemArn", + "type": "string" + }, + "FileSystemAccessRoleArn": { + "markdownDescription": "Specifies an AWS Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system.\n\nFor information on creating this role, see [Creating a DataSync IAM role for file system access](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam-role) .", + "title": "FileSystemAccessRoleArn", + "type": "string" + }, + "InTransitEncryption": { + "markdownDescription": "Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it transfers data to or from your Amazon EFS file system.\n\nIf you specify an access point using `AccessPointArn` or an IAM role using `FileSystemAccessRoleArn` , you must set this parameter to `TLS1_2` .", + "title": "InTransitEncryption", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location).\n\nBy default, DataSync uses the root directory (or [access point](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) if you provide one by using `AccessPointArn` ). You can also include subdirectories using forward slashes (for example, `/path/to/folder` ).", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", + "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ - "IpamId", - "IpamResourceDiscoveryId" + "Ec2Config" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMResourceDiscoveryAssociation" + "AWS::DataSync::LocationEFS" ], "type": "string" }, @@ -71469,7 +78970,30 @@ ], "type": "object" }, - "AWS::EC2::IPAMScope": { + "AWS::DataSync::LocationEFS.Ec2Config": { + "additionalProperties": false, + "properties": { + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target.", + "title": "SecurityGroupArns", + "type": "array" + }, + "SubnetArn": { + "markdownDescription": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces.html) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target.", + "title": "SubnetArn", + "type": "string" + } + }, + "required": [ + "SecurityGroupArns", + "SubnetArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxLustre": { "additionalProperties": false, "properties": { "Condition": { @@ -71504,33 +79028,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the scope.", - "title": "Description", + "FsxFilesystemArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system.", + "title": "FsxFilesystemArn", "type": "string" }, - "IpamId": { - "markdownDescription": "The ID of the IPAM for which you're creating this scope.", - "title": "IpamId", + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for Lustre file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories.\n\nWhen the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory ( `/` ).", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ - "IpamId" + "SecurityGroupArns" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMScope" + "AWS::DataSync::LocationFSxLustre" ], "type": "string" }, @@ -71549,15 +79081,12 @@ ], "type": "object" }, - "AWS::EC2::Instance": { + "AWS::DataSync::LocationFSxONTAP": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "CreationPolicy": { - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -71587,245 +79116,47 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInfo": { - "markdownDescription": "This property is reserved for internal use. If you use it, the stack fails with this error: `Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)` .", - "title": "AdditionalInfo", - "type": "string" - }, - "Affinity": { - "markdownDescription": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify `host` . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify `default` .", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", - "title": "AvailabilityZone", - "type": "string" - }, - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.BlockDeviceMapping" - }, - "markdownDescription": "The block device mapping entries that defines the block devices to attach to the instance at launch.\n\nBy default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the `DeleteOnTermination` setting.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "BlockDeviceMappings", - "type": "array" - }, - "CpuOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.CpuOptions", - "markdownDescription": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "CpuOptions" - }, - "CreditSpecification": { - "$ref": "#/definitions/AWS::EC2::Instance.CreditSpecification", - "markdownDescription": "The credit option for CPU usage of the burstable performance instance. Valid values are `standard` and `unlimited` . To change this attribute after launch, use [ModifyInstanceCreditSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html) . For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `standard` (T2 instances) or `unlimited` (T3/T3a/T4g instances)\n\nFor T3 instances with `host` tenancy, only `standard` is supported.", - "title": "CreditSpecification" - }, - "DisableApiTermination": { - "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", - "title": "DisableApiTermination", - "type": "boolean" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.\n\nDefault: `false`", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticGpuSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.ElasticGpuSpecification" - }, - "markdownDescription": "An elastic GPU to associate with the instance.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", - "title": "ElasticGpuSpecifications", - "type": "array" - }, - "ElasticInferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.ElasticInferenceAccelerator" - }, - "markdownDescription": "An elastic inference accelerator to associate with the instance.\n\n> Amazon Elastic Inference is no longer available.", - "title": "ElasticInferenceAccelerators", - "type": "array" - }, - "EnclaveOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.EnclaveOptions", - "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", - "title": "EnclaveOptions" - }, - "HibernationOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.HibernationOptions", - "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .\n\nYou can't enable hibernation and AWS Nitro Enclaves on the same instance.", - "title": "HibernationOptions" - }, - "HostId": { - "markdownDescription": "If you specify host for the `Affinity` property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.", - "title": "HostId", - "type": "string" - }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", - "title": "HostResourceGroupArn", - "type": "string" - }, - "IamInstanceProfile": { - "markdownDescription": "The name of an IAM instance profile. To create a new IAM instance profile, use the [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html) resource.", - "title": "IamInstanceProfile", - "type": "string" - }, - "ImageId": { - "markdownDescription": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", - "title": "ImageId", - "type": "string" - }, - "InstanceInitiatedShutdownBehavior": { - "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", - "title": "InstanceInitiatedShutdownBehavior", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The instance type. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nWhen you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance with an instance store volume as the root volume is always replaced. For more information, see [Change the instance type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceType", - "type": "string" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", - "title": "Ipv6Addresses", - "type": "array" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "KernelId", - "type": "string" - }, - "KeyName": { - "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", - "title": "KeyName", - "type": "string" - }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::EC2::Instance.LaunchTemplateSpecification", - "markdownDescription": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", - "title": "LaunchTemplate" - }, - "LicenseSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.LicenseSpecification" - }, - "markdownDescription": "The license configurations.", - "title": "LicenseSpecifications", - "type": "array" - }, - "Monitoring": { - "markdownDescription": "Specifies whether detailed monitoring is enabled for the instance. Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see [Enable or turn off detailed monitoring for your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) in the *Amazon EC2 User Guide* .", - "title": "Monitoring", - "type": "boolean" - }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.NetworkInterface" - }, - "markdownDescription": "The network interfaces to associate with the instance.\n\n> If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.\n> \n> If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment.", - "title": "NetworkInterfaces", - "type": "array" - }, - "PlacementGroupName": { - "markdownDescription": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).", - "title": "PlacementGroupName", - "type": "string" - }, - "PrivateDnsNameOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.PrivateDnsNameOptions", - "markdownDescription": "The options for the instance hostname.", - "title": "PrivateDnsNameOptions" - }, - "PrivateIpAddress": { - "markdownDescription": "The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same request.\n\nIf you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.", - "title": "PrivateIpAddress", - "type": "string" - }, - "PropagateTagsToVolumeOnCreation": { - "markdownDescription": "Indicates whether to assign the tags specified in the `Tags` property to the volumes specified in the `BlockDeviceMappings` property.\n\nNote that using this feature does not assign the tags to volumes that are created separately and then attached using `AWS::EC2::VolumeAttachment` .", - "title": "PropagateTagsToVolumeOnCreation", - "type": "boolean" - }, - "RamdiskId": { - "markdownDescription": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "RamdiskId", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface.", - "title": "SecurityGroupIds", - "type": "array" + "Protocol": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.Protocol", + "markdownDescription": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.", + "title": "Protocol" }, - "SecurityGroups": { + "SecurityGroupArns": { "items": { "type": "string" }, - "markdownDescription": "[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nYou cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.\n\nDefault: Amazon EC2 uses the default security group.", - "title": "SecurityGroups", + "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups that DataSync can use to access your FSx for ONTAP file system. You must configure the security groups to allow outbound traffic on the following ports (depending on the protocol that you're using):\n\n- *Network File System (NFS)* : TCP ports 111, 635, and 2049\n- *Server Message Block (SMB)* : TCP port 445\n\nYour file system's security groups must also allow inbound traffic on the same port.", + "title": "SecurityGroupArns", "type": "array" }, - "SourceDestCheck": { - "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", - "title": "SourceDestCheck", - "type": "boolean" - }, - "SsmAssociations": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.SsmAssociation" - }, - "markdownDescription": "The SSM [document](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html) and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see [Create an IAM instance profile for Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-configuring-access-role.html) in the *AWS Systems Manager User Guide* .\n\n> You can associate only one document with an instance.", - "title": "SsmAssociations", - "type": "array" + "StorageVirtualMachineArn": { + "markdownDescription": "Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from.", + "title": "StorageVirtualMachineArn", + "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", - "title": "SubnetId", + "Subdirectory": { + "markdownDescription": "Specifies a path to the file share in the SVM where you want to transfer data to or from.\n\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be `/vol1` , `/vol1/tree1` , or `/share1` .\n\n> Don't specify a junction path in the SVM's root volume. For more information, see [Managing FSx for ONTAP storage virtual machines](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) in the *Amazon FSx for NetApp ONTAP User Guide* .", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the instance. These tags are not applied to the EBS volumes, such as the root volume, unless [PropagateTagsToVolumeOnCreation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-propagatetagstovolumeoncreation) is `true` .", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.", - "title": "Tenancy", - "type": "string" - }, - "UserData": { - "markdownDescription": "The parameters or scripts to store as user data. Any scripts in user data are run when you launch the instance. User data is limited to 16 KB. You must provide base64-encoded text. For more information, see [Fn::Base64](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-base64.html) .\n\nIf the root volume is an EBS volume and you update user data, CloudFormation restarts the instance. If the root volume is an instance store volume and you update user data, the instance is replaced.", - "title": "UserData", - "type": "string" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.Volume" - }, - "markdownDescription": "The volumes to attach to the instance.", - "title": "Volumes", - "type": "array" } }, + "required": [ + "SecurityGroupArns", + "StorageVirtualMachineArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Instance" + "AWS::DataSync::LocationFSxONTAP" ], "type": "string" }, @@ -71839,404 +79170,621 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::Instance.AssociationParameter": { + "AWS::DataSync::LocationFSxONTAP.NFS": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of an input parameter that is in the associated SSM document.", - "title": "Key", - "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "The value of an input parameter.", - "title": "Value", - "type": "array" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NfsMountOptions", + "markdownDescription": "Specifies how DataSync can access a location using the NFS protocol.", + "title": "MountOptions" } }, "required": [ - "Key", - "Value" + "MountOptions" ], "type": "object" }, - "AWS::EC2::Instance.BlockDeviceMapping": { + "AWS::DataSync::LocationFSxONTAP.NfsMountOptions": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).\n\n> After the instance is running, this parameter is used to specify the device name of the block device mapping to update.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::Instance.Ebs", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) .", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NoDevice", - "type": "object" - }, - "VirtualName": { - "markdownDescription": "The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\n*Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VirtualName", + "Version": { + "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", + "title": "Version", "type": "string" } }, - "required": [ - "DeviceName" - ], "type": "object" }, - "AWS::EC2::Instance.CpuOptions": { + "AWS::DataSync::LocationFSxONTAP.Protocol": { "additionalProperties": false, "properties": { - "CoreCount": { - "markdownDescription": "The number of CPU cores for the instance.", - "title": "CoreCount", - "type": "number" + "NFS": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NFS", + "markdownDescription": "Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM).", + "title": "NFS" }, - "ThreadsPerCore": { - "markdownDescription": "The number of threads per CPU core.", - "title": "ThreadsPerCore", - "type": "number" + "SMB": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SMB", + "markdownDescription": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.", + "title": "SMB" } }, "type": "object" }, - "AWS::EC2::Instance.CreditSpecification": { + "AWS::DataSync::LocationFSxONTAP.SMB": { "additionalProperties": false, "properties": { - "CPUCredits": { - "markdownDescription": "The credit option for CPU usage of the instance.\n\nValid values: `standard` | `unlimited`\n\nT3 instances with `host` tenancy do not support the `unlimited` CPU credit option.", - "title": "CPUCredits", + "Domain": { + "markdownDescription": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.", + "title": "Domain", "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.Ebs": { - "additionalProperties": false, - "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000-16,000 IOPS\n- `io1` : 100-64,000 IOPS\n- `io2` : 100-64,000 IOPS\n\nFor `io1` and `io2` volumes, we guarantee 64,000 IOPS only for [Instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . Other instance families guarantee performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "Iops", - "type": "number" }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` . If the encrypted state is `true` but you do not specify `KmsKeyId` , your KMS key for EBS is used.\n\nYou can specify the KMS key using any of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. For example, alias/ExampleAlias.\n- Key ARN. For example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "KmsKeyId", - "type": "string" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", + "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", + "title": "MountOptions" }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.\n\nIf you specify both `SnapshotId` and `VolumeSize` , `VolumeSize` must be equal or greater than the size of the snapshot.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "SnapshotId", + "Password": { + "markdownDescription": "Specifies the password of a user who has permission to access your SVM.", + "title": "Password", "type": "string" }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` :1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide* . If the volume type is `io1` or `io2` , you must specify the IOPS that the volume supports.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VolumeType", + "User": { + "markdownDescription": "Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM.\n\nIf you provide a user in your Active Directory, note the following:\n\n- If you're using AWS Directory Service for Microsoft Active Directory , the user must be a member of the AWS Delegated FSx Administrators group.\n- If you're using a self-managed Active Directory, the user must be a member of either the Domain Admins group or a custom group that you specified for file system administration when you created your file system.\n\nMake sure that the user has the permissions it needs to copy the data you want:\n\n- `SE_TCB_NAME` : Required to set object ownership and file metadata. With this privilege, you also can copy NTFS discretionary access lists (DACLs).\n- `SE_SECURITY_NAME` : May be needed to copy NTFS system access control lists (SACLs). This operation specifically requires the Windows privilege, which is granted to members of the Domain Admins group. If you configure your task to copy SACLs, make sure that the user has the required privileges. For information about copying SACLs, see [Ownership and permissions-related options](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html#configure-ownership-and-permissions) .", + "title": "User", "type": "string" } }, + "required": [ + "MountOptions", + "Password", + "User" + ], "type": "object" }, - "AWS::EC2::Instance.ElasticGpuSpecification": { + "AWS::DataSync::LocationFSxONTAP.SmbMountOptions": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of Elastic Graphics accelerator.", - "title": "Type", + "Version": { + "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", + "title": "Version", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::EC2::Instance.ElasticInferenceAccelerator": { + "AWS::DataSync::LocationFSxOpenZFS": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The number of elastic inference accelerators to attach to the instance.", - "title": "Count", - "type": "number" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "FsxFilesystemArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the FSx for OpenZFS file system.", + "title": "FsxFilesystemArn", + "type": "string" + }, + "Protocol": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.Protocol", + "markdownDescription": "The type of protocol that AWS DataSync uses to access your file system.", + "title": "Protocol" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for OpenZFS file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "A subdirectory in the location's path that must begin with `/fsx` . DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Protocol", + "SecurityGroupArns" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of elastic inference accelerator. The possible values are `eia1.medium` , `eia1.large` , `eia1.xlarge` , `eia2.medium` , `eia2.large` , and `eia2.xlarge` .", - "title": "Type", + "enum": [ + "AWS::DataSync::LocationFSxOpenZFS" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::Instance.EnclaveOptions": { + "AWS::DataSync::LocationFSxOpenZFS.MountOptions": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", - "title": "Enabled", - "type": "boolean" + "Version": { + "markdownDescription": "The specific NFS version that you want DataSync to use to mount your NFS share. If the server refuses to use the version specified, the sync will fail. If you don't specify a version, DataSync defaults to `AUTOMATIC` . That is, DataSync automatically selects a version based on negotiation with the NFS server.\n\nYou can specify the following NFS versions:\n\n- *[NFSv3](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc1813)* : Stateless protocol version that allows for asynchronous writes on the server.\n- *[NFSv4.0](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3530)* : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- *[NFSv4.1](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5661)* : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. Version 4.1 also includes all features available in version 4.0.", + "title": "Version", + "type": "string" } }, "type": "object" }, - "AWS::EC2::Instance.HibernationOptions": { + "AWS::DataSync::LocationFSxOpenZFS.NFS": { "additionalProperties": false, "properties": { - "Configured": { - "markdownDescription": "Set to `true` to enable your instance for hibernation.\n\nFor Spot Instances, if you set `Configured` to `true` , either omit the `InstanceInterruptionBehavior` parameter (for [`SpotMarketOptions`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html) ), or set it to `hibernate` . When `Configured` is true:\n\n- If you omit `InstanceInterruptionBehavior` , it defaults to `hibernate` .\n- If you set `InstanceInterruptionBehavior` to a value other than `hibernate` , you'll get an error.\n\nDefault: `false`", - "title": "Configured", - "type": "boolean" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.MountOptions", + "markdownDescription": "Represents the mount options that are available for DataSync to access an NFS location.", + "title": "MountOptions" } }, + "required": [ + "MountOptions" + ], "type": "object" }, - "AWS::EC2::Instance.InstanceIpv6Address": { + "AWS::DataSync::LocationFSxOpenZFS.Protocol": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "The IPv6 address.", - "title": "Ipv6Address", - "type": "string" + "NFS": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.NFS", + "markdownDescription": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system.", + "title": "NFS" } }, - "required": [ - "Ipv6Address" - ], "type": "object" }, - "AWS::EC2::Instance.LaunchTemplateSpecification": { + "AWS::DataSync::LocationFSxWindows": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", - "title": "LaunchTemplateId", + "Condition": { "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", - "title": "LaunchTemplateName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version number of the launch template. You must specify this property.\n\nTo specify the default version of the template, use the `Fn::GetAtt` intrinsic function to retrieve the `DefaultVersionNumber` attribute of the launch template. To specify the latest version of the template, use `Fn::GetAtt` to retrieve the `LatestVersionNumber` attribute. For more information, see [AWS::EC2:LaunchTemplate return values for Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", - "title": "Version", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", + "title": "Domain", + "type": "string" + }, + "FsxFilesystemArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file system.", + "title": "FsxFilesystemArn", + "type": "string" + }, + "Password": { + "markdownDescription": "Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.", + "title": "Password", + "type": "string" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups that are used to configure the FSx for Windows File Server file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your file system using forward slashes. This is where DataSync reads or writes data (depending on if this is a source or destination location).", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "title": "Tags", + "type": "array" + }, + "User": { + "markdownDescription": "The user who has the permissions to access files and folders in the FSx for Windows File Server file system.\n\nFor information about choosing a user name that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-fsx-location.html#FSxWuser) .", + "title": "User", + "type": "string" + } + }, + "required": [ + "SecurityGroupArns", + "User" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataSync::LocationFSxWindows" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Version" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::Instance.LicenseSpecification": { + "AWS::DataSync::LocationHDFS": { "additionalProperties": false, "properties": { - "LicenseConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", - "title": "LicenseConfigurationArn", + "Condition": { "type": "string" - } - }, - "required": [ - "LicenseConfigurationArn" - ], - "type": "object" - }, - "AWS::EC2::Instance.NetworkInterface": { - "additionalProperties": false, - "properties": { - "AssociateCarrierIpAddress": { - "markdownDescription": "Indicates whether to assign a carrier IP address to the network interface.\n\nYou can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see [Carrier IP address](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", - "title": "AssociateCarrierIpAddress", - "type": "boolean" - }, - "AssociatePublicIpAddress": { - "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance. Applies only if creating a network interface when launching an instance. The network interface must be the primary network interface. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.", - "title": "DeleteOnTermination", - "type": "boolean" }, - "Description": { - "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Description", - "type": "string" - }, - "DeviceIndex": { - "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you create a network interface when launching an instance, you must specify the device index.", - "title": "DeviceIndex", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "GroupSet": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", - "title": "GroupSet", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Ipv6AddressCount": { - "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6AddressCount", - "type": "number" + "Metadata": { + "type": "object" }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" + "Properties": { + "additionalProperties": false, + "properties": { + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your HDFS cluster.", + "title": "AgentArns", + "type": "array" + }, + "AuthenticationType": { + "markdownDescription": "", + "title": "AuthenticationType", + "type": "string" + }, + "BlockSize": { + "markdownDescription": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).", + "title": "BlockSize", + "type": "number" + }, + "KerberosKeytab": { + "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", + "title": "KerberosKeytab", + "type": "string" + }, + "KerberosKrb5Conf": { + "markdownDescription": "The `krb5.conf` file that contains the Kerberos configuration information. You can load the `krb5.conf` by providing a string of the file's contents or an Amazon S3 presigned URL of the file. If `KERBEROS` is specified for `AuthType` , this value is required.", + "title": "KerberosKrb5Conf", + "type": "string" + }, + "KerberosPrincipal": { + "markdownDescription": "The Kerberos principal with access to the files and folders on the HDFS cluster.\n\n> If `KERBEROS` is specified for `AuthenticationType` , this parameter is required.", + "title": "KerberosPrincipal", + "type": "string" + }, + "KmsKeyProviderUri": { + "markdownDescription": "The URI of the HDFS cluster's Key Management Server (KMS).", + "title": "KmsKeyProviderUri", + "type": "string" + }, + "NameNodes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.NameNode" + }, + "markdownDescription": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.", + "title": "NameNodes", + "type": "array" + }, + "QopConfiguration": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.QopConfiguration", + "markdownDescription": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value.", + "title": "QopConfiguration" + }, + "ReplicationFactor": { + "markdownDescription": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.", + "title": "ReplicationFactor", + "type": "number" + }, + "SimpleUser": { + "markdownDescription": "The user name used to identify the client on the host operating system.\n\n> If `SIMPLE` is specified for `AuthenticationType` , this parameter is required.", + "title": "SimpleUser", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to `/` .", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6Addresses", - "type": "array" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface, when attaching an existing network interface.", - "title": "NetworkInterfaceId", - "type": "string" + "required": [ + "AgentArns", + "AuthenticationType", + "NameNodes" + ], + "type": "object" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "PrivateIpAddress", + "Type": { + "enum": [ + "AWS::DataSync::LocationHDFS" + ], "type": "string" }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.PrivateIpAddressSpecification" - }, - "markdownDescription": "One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet associated with the network interface.", - "title": "SubnetId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DeviceIndex" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::Instance.PrivateDnsNameOptions": { + "AWS::DataSync::LocationHDFS.NameNode": { "additionalProperties": false, "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" - }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" - }, - "HostnameType": { - "markdownDescription": "The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "HostnameType", + "Hostname": { + "markdownDescription": "The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.", + "title": "Hostname", "type": "string" + }, + "Port": { + "markdownDescription": "The port that the NameNode uses to listen to client requests.", + "title": "Port", + "type": "number" } }, + "required": [ + "Hostname", + "Port" + ], "type": "object" }, - "AWS::EC2::Instance.PrivateIpAddressSpecification": { + "AWS::DataSync::LocationHDFS.QopConfiguration": { "additionalProperties": false, "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" + "DataTransferProtection": { + "markdownDescription": "The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your `dfs.data.transfer.protection` setting in the `hdfs-site.xml` file on your Hadoop cluster.", + "title": "DataTransferProtection", + "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", + "RpcProtection": { + "markdownDescription": "The Remote Procedure Call (RPC) protection setting configured on the HDFS cluster. This setting corresponds to your `hadoop.rpc.protection` setting in your `core-site.xml` file on your Hadoop cluster.", + "title": "RpcProtection", "type": "string" } }, - "required": [ - "Primary", - "PrivateIpAddress" - ], "type": "object" }, - "AWS::EC2::Instance.SsmAssociation": { + "AWS::DataSync::LocationNFS": { "additionalProperties": false, "properties": { - "AssociationParameters": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.AssociationParameter" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationNFS.MountOptions", + "markdownDescription": "Specifies the options that DataSync can use to mount your NFS file server.", + "title": "MountOptions" + }, + "OnPremConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationNFS.OnPremConfig", + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", + "title": "OnPremConfig" + }, + "ServerHostname": { + "markdownDescription": "Specifies the DNS name or IP address (IPv4 or IPv6) of the NFS file server that your DataSync agent connects to.", + "title": "ServerHostname", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The input parameter values to use with the associated SSM document.", - "title": "AssociationParameters", - "type": "array" + "required": [ + "OnPremConfig" + ], + "type": "object" }, - "DocumentName": { - "markdownDescription": "The name of an SSM document to associate with the instance.", - "title": "DocumentName", + "Type": { + "enum": [ + "AWS::DataSync::LocationNFS" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DocumentName" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::Instance.Volume": { + "AWS::DataSync::LocationNFS.MountOptions": { "additionalProperties": false, "properties": { - "Device": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "Device", - "type": "string" - }, - "VolumeId": { - "markdownDescription": "The ID of the EBS volume. The volume and instance must be within the same Availability Zone.", - "title": "VolumeId", + "Version": { + "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", + "title": "Version", "type": "string" } }, + "type": "object" + }, + "AWS::DataSync::LocationNFS.OnPremConfig": { + "additionalProperties": false, + "properties": { + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", + "title": "AgentArns", + "type": "array" + } + }, "required": [ - "Device", - "VolumeId" + "AgentArns" ], "type": "object" }, - "AWS::EC2::InstanceConnectEndpoint": { + "AWS::DataSync::LocationObjectStorage": { "additionalProperties": false, "properties": { "Condition": { @@ -72271,46 +79819,78 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", - "title": "ClientToken", + "AccessKey": { + "markdownDescription": "Specifies the access key (for example, a user name) if credentials are required to authenticate with the object storage server.", + "title": "AccessKey", "type": "string" }, - "PreserveClientIp": { - "markdownDescription": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\nDefault: `false`", - "title": "PreserveClientIp", - "type": "boolean" - }, - "SecurityGroupIds": { + "AgentArns": { "items": { "type": "string" }, - "markdownDescription": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", - "title": "SecurityGroupIds", + "markdownDescription": "(Optional) Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", + "title": "AgentArns", "type": "array" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", - "title": "SubnetId", + "BucketName": { + "markdownDescription": "Specifies the name of the object storage bucket involved in the transfer.", + "title": "BucketName", + "type": "string" + }, + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationObjectStorage.CmkSecretConfig", + "markdownDescription": "Specifies configuration information for a DataSync-managed secret, which includes the `SecretKey` that DataSync uses to access a specific object storage location, with a customer-managed AWS KMS key .\n\nWhen you include this paramater as part of a `CreateLocationObjectStorage` request, you provide only the KMS key ARN. DataSync uses this KMS key together with the value you specify for the `SecretKey` parameter to create a DataSync-managed secret to store the location access credentials.\n\nMake sure the DataSync has permission to access the KMS key that you specify.\n\n> You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.", + "title": "CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationObjectStorage.CustomSecretConfig", + "markdownDescription": "Specifies configuration information for a customer-managed Secrets Manager secret where the secret key for a specific object storage location is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.\n\n> You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.", + "title": "CustomSecretConfig" + }, + "SecretKey": { + "markdownDescription": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.\n\n> If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.", + "title": "SecretKey", + "type": "string" + }, + "ServerCertificate": { + "markdownDescription": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", + "title": "ServerCertificate", + "type": "string" + }, + "ServerHostname": { + "markdownDescription": "Specifies the domain name or IP address (IPv4 or IPv6) of the object storage server that your DataSync agent connects to.", + "title": "ServerHostname", + "type": "string" + }, + "ServerPort": { + "markdownDescription": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", + "title": "ServerPort", + "type": "number" + }, + "ServerProtocol": { + "markdownDescription": "Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .", + "title": "ServerProtocol", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the EC2 Instance Connect Endpoint during creation.", + "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. Tags can help you manage, filter, and search for your resources. We recommend creating a name tag for your location.", "title": "Tags", "type": "array" } }, - "required": [ - "SubnetId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::InstanceConnectEndpoint" + "AWS::DataSync::LocationObjectStorage" ], "type": "string" }, @@ -72324,12 +79904,61 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::InternetGateway": { + "AWS::DataSync::LocationObjectStorage.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . DataSync provides this key to AWS Secrets Manager .", + "title": "KmsKeyArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` .", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationObjectStorage.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "markdownDescription": "Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` .", + "title": "SecretAccessRoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationObjectStorage.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationS3": { "additionalProperties": false, "properties": { "Condition": { @@ -72364,20 +79993,43 @@ "Properties": { "additionalProperties": false, "properties": { + "S3BucketArn": { + "markdownDescription": "The ARN of the Amazon S3 bucket.", + "title": "S3BucketArn", + "type": "string" + }, + "S3Config": { + "$ref": "#/definitions/AWS::DataSync::LocationS3.S3Config", + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* .", + "title": "S3Config" + }, + "S3StorageClass": { + "markdownDescription": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. For buckets in AWS Regions , the storage class defaults to S3 Standard.\n\nFor more information about S3 storage classes, see [Amazon S3 Storage Classes](https://docs.aws.amazon.com/s3/storage-classes/) . Some storage classes have behaviors that can affect your S3 storage costs. For detailed information, see [Considerations When Working with Amazon S3 Storage Classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .", + "title": "S3StorageClass", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies a prefix in the S3 bucket that DataSync reads from or writes to (depending on whether the bucket is a source or destination location).\n\n> DataSync can't transfer objects with a prefix that begins with a slash ( `/` ) or includes `//` , `/./` , or `/../` patterns. For example:\n> \n> - `/photos`\n> - `photos//2006/January`\n> - `photos/./2006/February`\n> - `photos/../2006/March`", + "title": "Subdirectory", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags to assign to the internet gateway.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", "title": "Tags", "type": "array" } }, + "required": [ + "S3Config" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::InternetGateway" + "AWS::DataSync::LocationS3" ], "type": "string" }, @@ -72391,11 +80043,26 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::KeyPair": { + "AWS::DataSync::LocationS3.S3Config": { + "additionalProperties": false, + "properties": { + "BucketAccessRoleArn": { + "markdownDescription": "Specifies the ARN of the IAM role that DataSync uses to access your S3 bucket.", + "title": "BucketAccessRoleArn", + "type": "string" + } + }, + "required": [ + "BucketAccessRoleArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationSMB": { "additionalProperties": false, "properties": { "Condition": { @@ -72430,43 +80097,89 @@ "Properties": { "additionalProperties": false, "properties": { - "KeyFormat": { - "markdownDescription": "The format of the key pair.\n\nDefault: `pem`", - "title": "KeyFormat", + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).", + "title": "AgentArns", + "type": "array" + }, + "AuthenticationType": { + "markdownDescription": "", + "title": "AuthenticationType", "type": "string" }, - "KeyName": { - "markdownDescription": "A unique name for the key pair.\n\nConstraints: Up to 255 ASCII characters", - "title": "KeyName", + "DnsIpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "DnsIpAddresses", + "type": "array" + }, + "Domain": { + "markdownDescription": "Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nIf you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.", + "title": "Domain", "type": "string" }, - "KeyType": { - "markdownDescription": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n\nIf the `PublicKeyMaterial` property is specified, the `KeyType` property is ignored, and the key type is inferred from the `PublicKeyMaterial` value.\n\nDefault: `rsa`", - "title": "KeyType", + "KerberosKeytab": { + "markdownDescription": "", + "title": "KerberosKeytab", "type": "string" }, - "PublicKeyMaterial": { - "markdownDescription": "The public key material. The `PublicKeyMaterial` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", - "title": "PublicKeyMaterial", + "KerberosKrb5Conf": { + "markdownDescription": "", + "title": "KerberosKrb5Conf", + "type": "string" + }, + "KerberosPrincipal": { + "markdownDescription": "", + "title": "KerberosPrincipal", + "type": "string" + }, + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationSMB.MountOptions", + "markdownDescription": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", + "title": "MountOptions" + }, + "Password": { + "markdownDescription": "Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if `AuthenticationType` is set to `NTLM` .", + "title": "Password", + "type": "string" + }, + "ServerHostname": { + "markdownDescription": "Specifies the domain name or IP address (IPv4 or IPv6) of the SMB file server that your DataSync agent connects to.\n\n> If you're using Kerberos authentication, you must specify a domain name.", + "title": "ServerHostname", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, `/path/to/subdirectory` ). Make sure that other SMB clients in your network can also mount this path.\n\nTo copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the key pair.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" + }, + "User": { + "markdownDescription": "Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nFor information about choosing a user with the right level of access for your transfer, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", + "title": "User", + "type": "string" } }, "required": [ - "KeyName" + "AgentArns" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::KeyPair" + "AWS::DataSync::LocationSMB" ], "type": "string" }, @@ -72485,7 +80198,18 @@ ], "type": "object" }, - "AWS::EC2::LaunchTemplate": { + "AWS::DataSync::LocationSMB.MountOptions": { + "additionalProperties": false, + "properties": { + "Version": { + "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::Task": { "additionalProperties": false, "properties": { "Condition": { @@ -72520,38 +80244,85 @@ "Properties": { "additionalProperties": false, "properties": { - "LaunchTemplateData": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateData", - "markdownDescription": "The information for the launch template.", - "title": "LaunchTemplateData" + "CloudWatchLogGroupArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of an Amazon CloudWatch log group for monitoring your task.\n\nFor Enhanced mode tasks, you don't need to specify anything. DataSync automatically sends logs to a CloudWatch log group named `/aws/datasync` .\n\nFor more information, see [Monitoring data transfers with CloudWatch Logs](https://docs.aws.amazon.com/datasync/latest/userguide/configure-logging.html) .", + "title": "CloudWatchLogGroupArn", + "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "A name for the launch template.", - "title": "LaunchTemplateName", + "DestinationLocationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS storage resource's location.", + "title": "DestinationLocationArn", "type": "string" }, - "TagSpecifications": { + "Excludes": { "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification" + "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" }, - "markdownDescription": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be `launch-template` .\n\nTo specify the tags for resources that are created during instance launch, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications) .", - "title": "TagSpecifications", + "markdownDescription": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", + "title": "Excludes", "type": "array" }, - "VersionDescription": { - "markdownDescription": "A description for the first version of the launch template.", - "title": "VersionDescription", + "Includes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" + }, + "markdownDescription": "Specifies include filters that define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", + "title": "Includes", + "type": "array" + }, + "ManifestConfig": { + "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfig", + "markdownDescription": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .", + "title": "ManifestConfig" + }, + "Name": { + "markdownDescription": "Specifies the name of your task.", + "title": "Name", + "type": "string" + }, + "Options": { + "$ref": "#/definitions/AWS::DataSync::Task.Options", + "markdownDescription": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options.", + "title": "Options" + }, + "Schedule": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskSchedule", + "markdownDescription": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) .", + "title": "Schedule" + }, + "SourceLocationArn": { + "markdownDescription": "Specifies the ARN of your transfer's source location.", + "title": "SourceLocationArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the tags that you want to apply to your task.\n\n*Tags* are key-value pairs that help you manage, filter, and search for your DataSync resources.", + "title": "Tags", + "type": "array" + }, + "TaskMode": { + "markdownDescription": "The task mode that you're using. For more information, see [Choosing a task mode for your data transfer](https://docs.aws.amazon.com/datasync/latest/userguide/choosing-task-mode.html) .", + "title": "TaskMode", "type": "string" + }, + "TaskReportConfig": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfig", + "markdownDescription": "The configuration of your task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .", + "title": "TaskReportConfig" } }, "required": [ - "LaunchTemplateData" + "DestinationLocationArn", + "SourceLocationArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LaunchTemplate" + "AWS::DataSync::Task" ], "type": "string" }, @@ -72570,1136 +80341,1025 @@ ], "type": "object" }, - "AWS::EC2::LaunchTemplate.AcceleratorCount": { + "AWS::DataSync::Task.Deleted": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB": { + "AWS::DataSync::Task.Destination": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "S3": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfigDestinationS3", + "markdownDescription": "", + "title": "S3" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps": { + "AWS::DataSync::Task.FilterRule": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "FilterType": { + "markdownDescription": "The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type.", + "title": "FilterType", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "Value": { + "markdownDescription": "A single filter string that consists of the patterns to include or exclude. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.BlockDeviceMapping": { + "AWS::DataSync::Task.ManifestConfig": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, /dev/sdh or xvdh).", - "title": "DeviceName", + "Action": { + "markdownDescription": "Specifies what DataSync uses the manifest for.", + "title": "Action", "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ebs", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string.", - "title": "NoDevice", + "Format": { + "markdownDescription": "Specifies the file format of your manifest. For more information, see [Creating a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-create) .", + "title": "Format", "type": "string" }, - "VirtualName": { - "markdownDescription": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.", - "title": "VirtualName", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::DataSync::Task.Source", + "markdownDescription": "Specifies the manifest that you want DataSync to use and where it's hosted.\n\n> You must specify this parameter if you're configuring a new manifest on or after February 7, 2024.\n> \n> If you don't, you'll get a 400 status code and `ValidationException` error stating that you're missing the IAM role for DataSync to access the S3 bucket where you're hosting your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .", + "title": "Source" } }, + "required": [ + "Source" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.CapacityReservationSpecification": { + "AWS::DataSync::Task.ManifestConfigSourceS3": { "additionalProperties": false, "properties": { - "CapacityReservationPreference": { - "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `capacity-reservations-only` - The instance will only run in a Capacity Reservation or Capacity Reservation group. If capacity isn't available, the instance will fail to launch.\n- `open` - The instance can run in any `open` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone, tenancy).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.", - "title": "CapacityReservationPreference", + "BucketAccessRoleArn": { + "markdownDescription": "", + "title": "BucketAccessRoleArn", "type": "string" }, - "CapacityReservationTarget": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationTarget", - "markdownDescription": "Information about the target Capacity Reservation or Capacity Reservation group.", - "title": "CapacityReservationTarget" + "ManifestObjectPath": { + "markdownDescription": "", + "title": "ManifestObjectPath", + "type": "string" + }, + "ManifestObjectVersionId": { + "markdownDescription": "", + "title": "ManifestObjectVersionId", + "type": "string" + }, + "S3BucketArn": { + "markdownDescription": "", + "title": "S3BucketArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.CapacityReservationTarget": { + "AWS::DataSync::Task.Options": { "additionalProperties": false, "properties": { - "CapacityReservationId": { - "markdownDescription": "The ID of the Capacity Reservation in which to run the instance.", - "title": "CapacityReservationId", + "Atime": { + "markdownDescription": "A file metadata value that shows the last time that a file was accessed (that is, when the file was read or written to). If you set `Atime` to `BEST_EFFORT` , AWS DataSync attempts to preserve the original `Atime` attribute on all source files (that is, the version before the PREPARING phase). However, `Atime` 's behavior is not fully standard across platforms, so AWS DataSync can only do this on a best-effort basis.\n\nDefault value: `BEST_EFFORT`\n\n`BEST_EFFORT` : Attempt to preserve the per-file `Atime` value (recommended).\n\n`NONE` : Ignore `Atime` .\n\n> If `Atime` is set to `BEST_EFFORT` , `Mtime` must be set to `PRESERVE` .\n> \n> If `Atime` is set to `NONE` , `Mtime` must also be `NONE` .", + "title": "Atime", "type": "string" }, - "CapacityReservationResourceGroupArn": { - "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", - "title": "CapacityReservationResourceGroupArn", + "BytesPerSecond": { + "markdownDescription": "A value that limits the bandwidth used by AWS DataSync . For example, if you want AWS DataSync to use a maximum of 1 MB, set this value to `1048576` (=1024*1024).", + "title": "BytesPerSecond", + "type": "number" + }, + "Gid": { + "markdownDescription": "The group ID (GID) of the file's owners.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the user ID (UID) and group ID (GID) (recommended).\n\n`NAME` : Currently not supported.\n\n`NONE` : Ignore the UID and GID.", + "title": "Gid", + "type": "string" + }, + "LogLevel": { + "markdownDescription": "Specifies the type of logs that DataSync publishes to a Amazon CloudWatch Logs log group. To specify the log group, see [CloudWatchLogGroupArn](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html#DataSync-CreateTask-request-CloudWatchLogGroupArn) .\n\n- `BASIC` - Publishes logs with only basic information (such as transfer errors).\n- `TRANSFER` - Publishes logs for all files or objects that your DataSync task transfers and performs data-integrity checks on.\n- `OFF` - No logs are published.", + "title": "LogLevel", + "type": "string" + }, + "Mtime": { + "markdownDescription": "A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. This option is required for cases when you need to run the same task more than one time.\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve original `Mtime` (recommended)\n\n`NONE` : Ignore `Mtime` .\n\n> If `Mtime` is set to `PRESERVE` , `Atime` must be set to `BEST_EFFORT` .\n> \n> If `Mtime` is set to `NONE` , `Atime` must also be set to `NONE` .", + "title": "Mtime", + "type": "string" + }, + "ObjectTags": { + "markdownDescription": "Specifies whether you want DataSync to `PRESERVE` object tags (default behavior) when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the `NONE` value.", + "title": "ObjectTags", + "type": "string" + }, + "OverwriteMode": { + "markdownDescription": "Specifies whether DataSync should modify or preserve data at the destination location.\n\n- `ALWAYS` (default) - DataSync modifies data in the destination location when source data (including metadata) has changed.\n\nIf DataSync overwrites objects, you might incur additional charges for certain Amazon S3 storage classes (for example, for retrieval or early deletion). For more information, see [Storage class considerations with Amazon S3 transfers](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .\n- `NEVER` - DataSync doesn't overwrite data in the destination location even if the source data has changed. You can use this option to protect against overwriting changes made to files or objects in the destination.", + "title": "OverwriteMode", + "type": "string" + }, + "PosixPermissions": { + "markdownDescription": "A value that determines which users or groups can access a file for a specific purpose, such as reading, writing, or execution of the file. This option should be set only for Network File System (NFS), Amazon EFS, and Amazon S3 locations. For more information about what metadata is copied by DataSync, see [Metadata Copied by DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html#metadata-copied) .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve POSIX-style permissions (recommended).\n\n`NONE` : Ignore permissions.\n\n> AWS DataSync can preserve extant permissions of a source location.", + "title": "PosixPermissions", + "type": "string" + }, + "PreserveDeletedFiles": { + "markdownDescription": "A value that specifies whether files in the destination that don't exist in the source file system are preserved. This option can affect your storage costs. If your task deletes objects, you might incur minimum storage duration charges for certain storage classes. For detailed information, see [Considerations when working with Amazon S3 storage classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) in the *AWS DataSync User Guide* .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Ignore destination files that aren't present in the source (recommended).\n\n`REMOVE` : Delete destination files that aren't present in the source.", + "title": "PreserveDeletedFiles", + "type": "string" + }, + "PreserveDevices": { + "markdownDescription": "A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and re-create the files with that device name and metadata on the destination. DataSync does not copy the contents of such devices, only the name and metadata.\n\n> AWS DataSync can't sync the actual contents of such devices, because they are nonterminal and don't return an end-of-file (EOF) marker. \n\nDefault value: `NONE`\n\n`NONE` : Ignore special devices (recommended).\n\n`PRESERVE` : Preserve character and block device metadata. This option isn't currently supported for Amazon EFS.", + "title": "PreserveDevices", + "type": "string" + }, + "SecurityDescriptorCopyFlags": { + "markdownDescription": "A value that determines which components of the SMB security descriptor are copied from source to destination objects.\n\nThis value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. For more information about how DataSync handles metadata, see [How DataSync Handles Metadata and Special Files](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html) .\n\nDefault value: `OWNER_DACL`\n\n`OWNER_DACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n\nWhen you use option, DataSync does NOT copy the NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\n`OWNER_DACL_SACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n- NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\nCopying SACLs requires granting additional permissions to the Windows user that DataSync uses to access your SMB location. For information about choosing a user that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#SMBuser) .\n\n`NONE` : None of the SMB security descriptor components are copied. Destination objects are owned by the user that was provided for accessing the destination location. DACLs and SACLs are set based on the destination server\u2019s configuration.", + "title": "SecurityDescriptorCopyFlags", + "type": "string" + }, + "TaskQueueing": { + "markdownDescription": "Specifies whether your transfer tasks should be put into a queue during certain scenarios when [running multiple tasks](https://docs.aws.amazon.com/datasync/latest/userguide/run-task.html#running-multiple-tasks) . This is `ENABLED` by default.", + "title": "TaskQueueing", + "type": "string" + }, + "TransferMode": { + "markdownDescription": "A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing it to the destination location.\n\n`CHANGED` : DataSync copies only data or metadata that is new or different from the source location to the destination location.\n\n`ALL` : DataSync copies all source location content to the destination, without comparing it to existing content on the destination.", + "title": "TransferMode", + "type": "string" + }, + "Uid": { + "markdownDescription": "The user ID (UID) of the file's owner.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the UID and group ID (GID) (recommended).\n\n`NAME` : Currently not supported\n\n`NONE` : Ignore the UID and GID.", + "title": "Uid", + "type": "string" + }, + "VerifyMode": { + "markdownDescription": "A value that determines whether a data integrity verification is performed at the end of a task execution after all data and metadata have been transferred. For more information, see [Configure task settings](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html) .\n\nDefault value: `POINT_IN_TIME_CONSISTENT`\n\n`ONLY_FILES_TRANSFERRED` (recommended): Perform verification only on files that were transferred.\n\n`POINT_IN_TIME_CONSISTENT` : Scan the entire source and entire destination at the end of the transfer to verify that the source and destination are fully synchronized. This option isn't supported when transferring to S3 Glacier or S3 Glacier Deep Archive storage classes.\n\n`NONE` : No additional verification is done at the end of the transfer, but all data transmissions are integrity-checked with checksum verification during the transfer.", + "title": "VerifyMode", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification": { + "AWS::DataSync::Task.Overrides": { "additionalProperties": false, "properties": { - "TcpEstablishedTimeout": { - "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", - "title": "TcpEstablishedTimeout", - "type": "number" + "Deleted": { + "$ref": "#/definitions/AWS::DataSync::Task.Deleted", + "markdownDescription": "", + "title": "Deleted" }, - "UdpStreamTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", - "title": "UdpStreamTimeout", - "type": "number" + "Skipped": { + "$ref": "#/definitions/AWS::DataSync::Task.Skipped", + "markdownDescription": "", + "title": "Skipped" }, - "UdpTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", - "title": "UdpTimeout", - "type": "number" + "Transferred": { + "$ref": "#/definitions/AWS::DataSync::Task.Transferred", + "markdownDescription": "", + "title": "Transferred" + }, + "Verified": { + "$ref": "#/definitions/AWS::DataSync::Task.Verified", + "markdownDescription": "", + "title": "Verified" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.CpuOptions": { + "AWS::DataSync::Task.Skipped": { "additionalProperties": false, "properties": { - "AmdSevSnp": { - "markdownDescription": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html) .", - "title": "AmdSevSnp", + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", "type": "string" - }, - "CoreCount": { - "markdownDescription": "The number of CPU cores for the instance.", - "title": "CoreCount", - "type": "number" - }, - "ThreadsPerCore": { - "markdownDescription": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of `1` . Otherwise, specify the default value of `2` .", - "title": "ThreadsPerCore", - "type": "number" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.CreditSpecification": { + "AWS::DataSync::Task.Source": { "additionalProperties": false, "properties": { - "CpuCredits": { - "markdownDescription": "The credit option for CPU usage of a T instance.\n\nValid values: `standard` | `unlimited`", - "title": "CpuCredits", - "type": "string" + "S3": { + "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfigSourceS3", + "markdownDescription": "", + "title": "S3" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Ebs": { + "AWS::DataSync::Task.TaskReportConfig": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is supported for `io1` , `io2` , and `gp3` volumes only.", - "title": "Iops", - "type": "number" + "Destination": { + "$ref": "#/definitions/AWS::DataSync::Task.Destination", + "markdownDescription": "Specifies the Amazon S3 bucket where DataSync uploads your task report. For more information, see [Task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html#task-report-access) .", + "title": "Destination" }, - "KmsKeyId": { - "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.", - "title": "KmsKeyId", + "ObjectVersionIds": { + "markdownDescription": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you [enable versioning on your bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html) . Keep in mind that setting this to `INCLUDE` can increase the duration of your task execution.", + "title": "ObjectVersionIds", "type": "string" }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.", - "title": "SnapshotId", + "OutputType": { + "markdownDescription": "Specifies the type of task report that you want:\n\n- `SUMMARY_ONLY` : Provides necessary details about your task, including the number of files, objects, and directories transferred and transfer duration.\n- `STANDARD` : Provides complete details about your task, including a full list of files, objects, and directories that were transferred, skipped, verified, and more.", + "title": "OutputType", "type": "string" }, - "Throughput": { - "markdownDescription": "The throughput to provision for a `gp3` volume, with a maximum of 1,000 MiB/s.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", - "title": "Throughput", - "type": "number" - }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "VolumeSize", - "type": "number" + "Overrides": { + "$ref": "#/definitions/AWS::DataSync::Task.Overrides", + "markdownDescription": "Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that DataSync attempted to delete in your destination location.", + "title": "Overrides" }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", - "title": "VolumeType", + "ReportLevel": { + "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to transfer, skip, verify, and delete.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to transfer, skip, verify, and delete.", + "title": "ReportLevel", "type": "string" } }, + "required": [ + "Destination", + "OutputType" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.ElasticGpuSpecification": { + "AWS::DataSync::Task.TaskReportConfigDestinationS3": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of Elastic Graphics accelerator.", - "title": "Type", + "BucketAccessRoleArn": { + "markdownDescription": "", + "title": "BucketAccessRoleArn", + "type": "string" + }, + "S3BucketArn": { + "markdownDescription": "", + "title": "S3BucketArn", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "", + "title": "Subdirectory", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.EnaSrdSpecification": { + "AWS::DataSync::Task.TaskSchedule": { "additionalProperties": false, "properties": { - "EnaSrdEnabled": { - "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", - "title": "EnaSrdEnabled", - "type": "boolean" + "ScheduleExpression": { + "markdownDescription": "Specifies your task schedule by using a cron or rate expression.\n\nUse cron expressions for task schedules that run on a specific time and day. For example, the following cron expression creates a task schedule that runs at 8 AM on the first Wednesday of every month:\n\n`cron(0 8 * * 3#1)`\n\nUse rate expressions for task schedules that run on a regular interval. For example, the following rate expression creates a task schedule that runs every 12 hours:\n\n`rate(12 hours)`\n\nFor information about cron and rate expression syntax, see the [*Amazon EventBridge User Guide*](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) .", + "title": "ScheduleExpression", + "type": "string" }, - "EnaSrdUdpSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification", - "markdownDescription": "Configures ENA Express for UDP network traffic.", - "title": "EnaSrdUdpSpecification" + "Status": { + "markdownDescription": "Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to pause a recurring transfer to fix an issue with your task or perform maintenance on your storage system.\n\nDataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see [TaskScheduleDetails](https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html) .", + "title": "Status", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification": { + "AWS::DataSync::Task.Transferred": { "additionalProperties": false, "properties": { - "EnaSrdUdpEnabled": { - "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", - "title": "EnaSrdUdpEnabled", - "type": "boolean" + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.EnclaveOptions": { + "AWS::DataSync::Task.Verified": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", - "title": "Enabled", - "type": "boolean" + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.HibernationOptions": { - "additionalProperties": false, - "properties": { - "Configured": { - "markdownDescription": "If you set this parameter to `true` , the instance is enabled for hibernation.\n\nDefault: `false`", - "title": "Configured", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.IamInstanceProfile": { + "AWS::DataZone::Connection": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", - "title": "Arn", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of the instance profile.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsLocation": { + "$ref": "#/definitions/AWS::DataZone::Connection.AwsLocation", + "markdownDescription": "The location where the connection is created.", + "title": "AwsLocation" + }, + "Description": { + "markdownDescription": "Connection description.", + "title": "Description", + "type": "string" + }, + "DomainIdentifier": { + "markdownDescription": "The ID of the domain where the connection is created.", + "title": "DomainIdentifier", + "type": "string" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The ID of the environment where the connection is created.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the connection.", + "title": "Name", + "type": "string" + }, + "Props": { + "$ref": "#/definitions/AWS::DataZone::Connection.ConnectionPropertiesInput", + "markdownDescription": "Connection props.", + "title": "Props" + } + }, + "required": [ + "DomainIdentifier", + "EnvironmentIdentifier", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataZone::Connection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.InstanceMarketOptions": { + "AWS::DataZone::Connection.AthenaPropertiesInput": { "additionalProperties": false, "properties": { - "MarketType": { - "markdownDescription": "The market type.", - "title": "MarketType", + "WorkgroupName": { + "markdownDescription": "The Amazon Athena workgroup name of a connection.", + "title": "WorkgroupName", "type": "string" - }, - "SpotOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.SpotOptions", - "markdownDescription": "The options for Spot Instances.", - "title": "SpotOptions" } }, + "required": [ + "WorkgroupName" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.InstanceRequirements": { + "AWS::DataZone::Connection.AuthenticationConfigurationInput": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorCount", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" - }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" - }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", - "type": "array" - }, - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", - "type": "array" - }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", - "type": "string" - }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" - }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", + "AuthenticationType": { + "markdownDescription": "The authentication type of a connection.", + "title": "AuthenticationType", "type": "string" }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" + "BasicAuthenticationCredentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.BasicAuthenticationCredentials", + "markdownDescription": "The basic authentication credentials of a connection.", + "title": "BasicAuthenticationCredentials" }, - "InstanceGenerations": { - "items": { - "type": "string" + "CustomAuthenticationCredentials": { + "additionalProperties": true, + "markdownDescription": "The custom authentication credentials of a connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", - "type": "array" + "title": "CustomAuthenticationCredentials", + "type": "object" }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", + "KmsKeyArn": { + "markdownDescription": "The KMS key ARN of a connection.", + "title": "KmsKeyArn", "type": "string" }, - "LocalStorageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", - "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryMiB", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkBandwidthGbps", - "markdownDescription": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterfaceCount", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo turn off price protection, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TotalLocalStorageGB", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" + "OAuth2Properties": { + "$ref": "#/definitions/AWS::DataZone::Connection.OAuth2Properties", + "markdownDescription": "The oAuth2 properties of a connection.", + "title": "OAuth2Properties" }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.VCpuCount", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" + "SecretArn": { + "markdownDescription": "The secret ARN of a connection.", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification": { + "AWS::DataZone::Connection.AuthorizationCodeProperties": { "additionalProperties": false, "properties": { - "Ipv4Prefix": { - "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", - "title": "Ipv4Prefix", + "AuthorizationCode": { + "markdownDescription": "The authorization code of a connection.", + "title": "AuthorizationCode", + "type": "string" + }, + "RedirectUri": { + "markdownDescription": "The redirect URI of a connection.", + "title": "RedirectUri", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv6Add": { + "AWS::DataZone::Connection.AwsLocation": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", - "title": "Ipv6Address", + "AccessRole": { + "markdownDescription": "The access role of a connection.", + "title": "AccessRole", + "type": "string" + }, + "AwsAccountId": { + "markdownDescription": "The account ID of a connection.", + "title": "AwsAccountId", + "type": "string" + }, + "AwsRegion": { + "markdownDescription": "The Region of a connection.", + "title": "AwsRegion", + "type": "string" + }, + "IamConnectionId": { + "markdownDescription": "The IAM connection ID of a connection.", + "title": "IamConnectionId", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification": { + "AWS::DataZone::Connection.BasicAuthenticationCredentials": { "additionalProperties": false, "properties": { - "Ipv6Prefix": { - "markdownDescription": "The IPv6 prefix.", - "title": "Ipv6Prefix", + "Password": { + "markdownDescription": "The password for a connection.", + "title": "Password", + "type": "string" + }, + "UserName": { + "markdownDescription": "The user name for the connecion.", + "title": "UserName", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateData": { + "AWS::DataZone::Connection.ConnectionPropertiesInput": { "additionalProperties": false, "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BlockDeviceMapping" - }, - "markdownDescription": "The block device mapping.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "CapacityReservationSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationSpecification", - "markdownDescription": "The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to `open` , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).", - "title": "CapacityReservationSpecification" - }, - "CpuOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CpuOptions", - "markdownDescription": "The CPU options for the instance. For more information, see [CPU options for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide* .", - "title": "CpuOptions" + "AthenaProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.AthenaPropertiesInput", + "markdownDescription": "The Amazon Athena properties of a connection.", + "title": "AthenaProperties" }, - "CreditSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CreditSpecification", - "markdownDescription": "The credit option for CPU usage of the instance. Valid only for T instances.", - "title": "CreditSpecification" + "GlueProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.GluePropertiesInput", + "markdownDescription": "The AWS Glue properties of a connection.", + "title": "GlueProperties" }, - "DisableApiStop": { - "markdownDescription": "Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide* .", - "title": "DisableApiStop", - "type": "boolean" + "HyperPodProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.HyperPodPropertiesInput", + "markdownDescription": "The hyper pod properties of a connection.", + "title": "HyperPodProperties" }, - "DisableApiTermination": { - "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", - "title": "DisableApiTermination", - "type": "boolean" + "IamProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.IamPropertiesInput", + "markdownDescription": "The IAM properties of a connection.", + "title": "IamProperties" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.", - "title": "EbsOptimized", - "type": "boolean" + "RedshiftProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftPropertiesInput", + "markdownDescription": "The Amazon Redshift properties of a connection.", + "title": "RedshiftProperties" }, - "ElasticGpuSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ElasticGpuSpecification" - }, - "markdownDescription": "Deprecated.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", - "title": "ElasticGpuSpecifications", - "type": "array" + "SparkEmrProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkEmrPropertiesInput", + "markdownDescription": "The Spark EMR properties of a connection.", + "title": "SparkEmrProperties" }, - "ElasticInferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator" + "SparkGlueProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkGluePropertiesInput", + "markdownDescription": "The Spark AWS Glue properties of a connection.", + "title": "SparkGlueProperties" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.GlueConnectionInput": { + "additionalProperties": false, + "properties": { + "AthenaProperties": { + "additionalProperties": true, + "markdownDescription": "The Amazon Athena properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "> Amazon Elastic Inference is no longer available. \n\nAn elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n\nYou cannot specify accelerators from different generations in the same request.", - "title": "ElasticInferenceAccelerators", - "type": "array" - }, - "EnclaveOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnclaveOptions", - "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *AWS Nitro Enclaves User Guide* .\n\nYou can't enable AWS Nitro Enclaves and hibernation on the same instance.", - "title": "EnclaveOptions" + "title": "AthenaProperties", + "type": "object" }, - "HibernationOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.HibernationOptions", - "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .", - "title": "HibernationOptions" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::DataZone::Connection.AuthenticationConfigurationInput", + "markdownDescription": "The authentication configuration of the AWS Glue connection.", + "title": "AuthenticationConfiguration" }, - "IamInstanceProfile": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.IamInstanceProfile", - "markdownDescription": "The name or Amazon Resource Name (ARN) of an IAM instance profile.", - "title": "IamInstanceProfile" + "ConnectionProperties": { + "additionalProperties": true, + "markdownDescription": "The connection properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConnectionProperties", + "type": "object" }, - "ImageId": { - "markdownDescription": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n\nValid formats:\n\n- `ami-0ac394d6a3example`\n- `resolve:ssm:parameter-name`\n- `resolve:ssm:parameter-name:version-number`\n- `resolve:ssm:parameter-name:label`\n\nFor more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "ImageId", + "ConnectionType": { + "markdownDescription": "The connection type of the AWS Glue connection.", + "title": "ConnectionType", "type": "string" }, - "InstanceInitiatedShutdownBehavior": { - "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", - "title": "InstanceInitiatedShutdownBehavior", + "Description": { + "markdownDescription": "The description of the AWS Glue connection.", + "title": "Description", "type": "string" }, - "InstanceMarketOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceMarketOptions", - "markdownDescription": "The market (purchasing) option for the instances.", - "title": "InstanceMarketOptions" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceRequirements", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes.\n\nYou must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default.\n\nWhen you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.\n\nTo limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request:\n\n- `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.\n- `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .\n> \n> Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) , or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) AWS CloudFormation resource, you can't specify `InstanceRequirements` . \n\nFor more information, see [Specify attributes for instance type selection for EC2 Fleet or Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nIf you specify `InstanceType` , you can't specify `InstanceRequirements` .", - "title": "InstanceType", + "MatchCriteria": { + "markdownDescription": "The match criteria of the AWS Glue connection.", + "title": "MatchCriteria", "type": "string" }, - "KernelId": { - "markdownDescription": "The ID of the kernel.\n\nWe recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "KernelId", + "Name": { + "markdownDescription": "The name of the AWS Glue connection.", + "title": "Name", "type": "string" }, - "KeyName": { - "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", - "title": "KeyName", - "type": "string" + "PhysicalConnectionRequirements": { + "$ref": "#/definitions/AWS::DataZone::Connection.PhysicalConnectionRequirements", + "markdownDescription": "The physical connection requirements for the AWS Glue connection.", + "title": "PhysicalConnectionRequirements" }, - "LicenseSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LicenseSpecification" + "PythonProperties": { + "additionalProperties": true, + "markdownDescription": "The Python properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The license configurations.", - "title": "LicenseSpecifications", - "type": "array" - }, - "MaintenanceOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MaintenanceOptions", - "markdownDescription": "The maintenance options of your instance.", - "title": "MaintenanceOptions" - }, - "MetadataOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MetadataOptions", - "markdownDescription": "The metadata options for the instance. For more information, see [Configure the Instance Metadata Service options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html) in the *Amazon EC2 User Guide* .", - "title": "MetadataOptions" - }, - "Monitoring": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Monitoring", - "markdownDescription": "The monitoring for the instance.", - "title": "Monitoring" + "title": "PythonProperties", + "type": "object" }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterface" + "SparkProperties": { + "additionalProperties": true, + "markdownDescription": "The Spark properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The network interfaces for the instance.", - "title": "NetworkInterfaces", - "type": "array" - }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Placement", - "markdownDescription": "The placement for the instance.", - "title": "Placement" - }, - "PrivateDnsNameOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateDnsNameOptions", - "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "PrivateDnsNameOptions" - }, - "RamDiskId": { - "markdownDescription": "The ID of the RAM disk.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "RamDiskId", - "type": "string" + "title": "SparkProperties", + "type": "object" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead.", - "title": "SecurityGroupIds", - "type": "array" + "ValidateCredentials": { + "markdownDescription": "Speciefies whether to validate credentials of the AWS Glue connection.", + "title": "ValidateCredentials", + "type": "boolean" }, - "SecurityGroups": { + "ValidateForComputeEnvironments": { "items": { "type": "string" }, - "markdownDescription": "The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", - "title": "SecurityGroups", - "type": "array" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TagSpecification" - }, - "markdownDescription": "The tags to apply to resources that are created during instance launch.\n\nTo tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications) .", - "title": "TagSpecifications", + "markdownDescription": "Speciefies whether to validate for compute environments of the AWS Glue connection.", + "title": "ValidateForComputeEnvironments", "type": "array" - }, - "UserData": { - "markdownDescription": "The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands when you launch an EC2 instance with user data input](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide* .\n\nIf you are creating the launch template for use with AWS Batch , the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive) . For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html#lt-user-data) in the *AWS Batch User Guide* .", - "title": "UserData", - "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator": { + "AWS::DataZone::Connection.GlueOAuth2Credentials": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The number of elastic inference accelerators to attach to the instance.\n\nDefault: 1", - "title": "Count", - "type": "number" + "AccessToken": { + "markdownDescription": "The access token of a connection.", + "title": "AccessToken", + "type": "string" }, - "Type": { - "markdownDescription": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.", - "title": "Type", + "JwtToken": { + "markdownDescription": "The jwt token of the connection.", + "title": "JwtToken", + "type": "string" + }, + "RefreshToken": { + "markdownDescription": "The refresh token of the connection.", + "title": "RefreshToken", + "type": "string" + }, + "UserManagedClientApplicationClientSecret": { + "markdownDescription": "The user managed client application client secret of the connection.", + "title": "UserManagedClientApplicationClientSecret", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification": { + "AWS::DataZone::Connection.GluePropertiesInput": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource. To tag a launch template, `ResourceType` must be `launch-template` .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the resource.", - "title": "Tags", - "type": "array" + "GlueConnectionInput": { + "$ref": "#/definitions/AWS::DataZone::Connection.GlueConnectionInput", + "markdownDescription": "The AWS Glue connection.", + "title": "GlueConnectionInput" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LicenseSpecification": { + "AWS::DataZone::Connection.HyperPodPropertiesInput": { "additionalProperties": false, "properties": { - "LicenseConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", - "title": "LicenseConfigurationArn", + "ClusterName": { + "markdownDescription": "The cluster name the hyper pod properties.", + "title": "ClusterName", "type": "string" } }, + "required": [ + "ClusterName" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.MaintenanceOptions": { + "AWS::DataZone::Connection.IamPropertiesInput": { "additionalProperties": false, "properties": { - "AutoRecovery": { - "markdownDescription": "Disables the automatic recovery behavior of your instance or sets it to default.", - "title": "AutoRecovery", - "type": "string" + "GlueLineageSyncEnabled": { + "markdownDescription": "Specifies whether AWS Glue lineage sync is enabled for a connection.", + "title": "GlueLineageSyncEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu": { + "AWS::DataZone::Connection.LineageSyncSchedule": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "Schedule": { + "markdownDescription": "The lineage sync schedule.", + "title": "Schedule", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.MemoryMiB": { + "AWS::DataZone::Connection.OAuth2ClientApplication": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "AWSManagedClientApplicationReference": { + "markdownDescription": "The AWS managed client application reference in the OAuth2Client application.", + "title": "AWSManagedClientApplicationReference", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" + "UserManagedClientApplicationClientId": { + "markdownDescription": "The user managed client application client ID in the OAuth2Client application.", + "title": "UserManagedClientApplicationClientId", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.MetadataOptions": { + "AWS::DataZone::Connection.OAuth2Properties": { "additionalProperties": false, "properties": { - "HttpEndpoint": { - "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is `enabled` .\n\n> If you specify a value of `disabled` , you will not be able to access your instance metadata.", - "title": "HttpEndpoint", - "type": "string" + "AuthorizationCodeProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.AuthorizationCodeProperties", + "markdownDescription": "The authorization code properties of the OAuth2 properties.", + "title": "AuthorizationCodeProperties" }, - "HttpProtocolIpv6": { - "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", - "title": "HttpProtocolIpv6", - "type": "string" + "OAuth2ClientApplication": { + "$ref": "#/definitions/AWS::DataZone::Connection.OAuth2ClientApplication", + "markdownDescription": "The OAuth2 client application of the OAuth2 properties.", + "title": "OAuth2ClientApplication" }, - "HttpPutResponseHopLimit": { - "markdownDescription": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n\nDefault: `1`\n\nPossible values: Integers from 1 to 64", - "title": "HttpPutResponseHopLimit", - "type": "number" + "OAuth2Credentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.GlueOAuth2Credentials", + "markdownDescription": "The OAuth2 credentials of the OAuth2 properties.", + "title": "OAuth2Credentials" }, - "HttpTokens": { - "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials.\n- `required` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.\n\nDefault: If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , the default is `required` .", - "title": "HttpTokens", + "OAuth2GrantType": { + "markdownDescription": "The OAuth2 grant type of the OAuth2 properties.", + "title": "OAuth2GrantType", "type": "string" }, - "InstanceMetadataTags": { - "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [View tags for your EC2 instances using instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/work-with-tags-in-IMDS.html) .\n\nDefault: `disabled`", - "title": "InstanceMetadataTags", + "TokenUrl": { + "markdownDescription": "The OAuth2 token URL of the OAuth2 properties.", + "title": "TokenUrl", "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.Monitoring": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.NetworkBandwidthGbps": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" }, - "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit.", - "title": "Min", - "type": "number" + "TokenUrlParametersMap": { + "additionalProperties": true, + "markdownDescription": "The OAuth2 token URL parameter map of the OAuth2 properties.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TokenUrlParametersMap", + "type": "object" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.NetworkInterface": { + "AWS::DataZone::Connection.PhysicalConnectionRequirements": { "additionalProperties": false, "properties": { - "AssociateCarrierIpAddress": { - "markdownDescription": "Associates a Carrier IP address with eth0 for a new network interface.\n\nUse this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", - "title": "AssociateCarrierIpAddress", - "type": "boolean" - }, - "AssociatePublicIpAddress": { - "markdownDescription": "Associates a public IPv4 address with eth0 for a new network interface.\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "ConnectionTrackingSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification", - "markdownDescription": "A connection tracking specification for the network interface.", - "title": "ConnectionTrackingSpecification" - }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description for the network interface.", - "title": "Description", + "AvailabilityZone": { + "markdownDescription": "The availability zone of the physical connection requirements of a connection.", + "title": "AvailabilityZone", "type": "string" }, - "DeviceIndex": { - "markdownDescription": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", - "title": "DeviceIndex", - "type": "number" - }, - "EnaSrdSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdSpecification", - "markdownDescription": "The ENA Express configuration for the network interface.", - "title": "EnaSrdSpecification" - }, - "Groups": { + "SecurityGroupIdList": { "items": { "type": "string" }, - "markdownDescription": "The IDs of one or more security groups.", - "title": "Groups", + "markdownDescription": "The group ID list of the physical connection requirements of a connection.", + "title": "SecurityGroupIdList", "type": "array" }, - "InterfaceType": { - "markdownDescription": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa` or `efa` . For more information, see [Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide* .\n\nIf you are not creating an EFA, specify `interface` or omit this parameter.\n\nIf you specify `efa-only` , do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses.\n\nValid values: `interface` | `efa` | `efa-only`", - "title": "InterfaceType", + "SubnetId": { + "markdownDescription": "The subnet ID of the physical connection requirements of a connection.", + "title": "SubnetId", "type": "string" }, - "Ipv4PrefixCount": { - "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv4Prefix` option.", - "title": "Ipv4PrefixCount", - "type": "number" - }, - "Ipv4Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification" - }, - "markdownDescription": "One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv4PrefixCount` option.", - "title": "Ipv4Prefixes", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6Add" - }, - "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", - "title": "Ipv6Addresses", - "type": "array" - }, - "Ipv6PrefixCount": { - "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv6Prefix` option.", - "title": "Ipv6PrefixCount", - "type": "number" - }, - "Ipv6Prefixes": { + "SubnetIdList": { "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification" + "type": "string" }, - "markdownDescription": "One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv6PrefixCount` option.", - "title": "Ipv6Prefixes", + "markdownDescription": "The subnet ID list of the physical connection requirements of a connection.", + "title": "SubnetIdList", "type": "array" - }, - "NetworkCardIndex": { - "markdownDescription": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.", - "title": "NetworkCardIndex", - "type": "number" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrimaryIpv6": { - "markdownDescription": "The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) .", - "title": "PrimaryIpv6", - "type": "boolean" - }, - "PrivateIpAddress": { - "markdownDescription": "The primary private IPv4 address of the network interface.", - "title": "PrivateIpAddress", + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftCredentials": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "The secret ARN of the Amazon Redshift credentials of a connection.", + "title": "SecretArn", "type": "string" }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateIpAdd" - }, - "markdownDescription": "One or more private IPv4 addresses.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet for the network interface.", - "title": "SubnetId", - "type": "string" + "UsernamePassword": { + "$ref": "#/definitions/AWS::DataZone::Connection.UsernamePassword", + "markdownDescription": "The username and password of the Amazon Redshift credentials of a connection.", + "title": "UsernamePassword" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.NetworkInterfaceCount": { + "AWS::DataZone::Connection.RedshiftLineageSyncConfigurationInput": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Enabled": { + "markdownDescription": "Specifies whether the Amaon Redshift lineage sync configuration is enabled.", + "title": "Enabled", + "type": "boolean" }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "Schedule": { + "$ref": "#/definitions/AWS::DataZone::Connection.LineageSyncSchedule", + "markdownDescription": "The schedule of the Amaon Redshift lineage sync configuration.", + "title": "Schedule" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Placement": { + "AWS::DataZone::Connection.RedshiftPropertiesInput": { "additionalProperties": false, "properties": { - "Affinity": { - "markdownDescription": "The affinity setting for an instance on a Dedicated Host.", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupId": { - "markdownDescription": "The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group.", - "title": "GroupId", - "type": "string" + "Credentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftCredentials", + "markdownDescription": "The Amaon Redshift credentials.", + "title": "Credentials" }, - "GroupName": { - "markdownDescription": "The name of the placement group for the instance.", - "title": "GroupName", + "DatabaseName": { + "markdownDescription": "The Amazon Redshift database name.", + "title": "DatabaseName", "type": "string" }, - "HostId": { - "markdownDescription": "The ID of the Dedicated Host for the instance.", - "title": "HostId", + "Host": { + "markdownDescription": "The Amazon Redshift host.", + "title": "Host", "type": "string" }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", - "title": "HostResourceGroupArn", - "type": "string" + "LineageSync": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftLineageSyncConfigurationInput", + "markdownDescription": "The lineage sync of the Amazon Redshift.", + "title": "LineageSync" }, - "PartitionNumber": { - "markdownDescription": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to `partition` .", - "title": "PartitionNumber", + "Port": { + "markdownDescription": "The Amaon Redshift port.", + "title": "Port", "type": "number" }, - "SpreadDomain": { - "markdownDescription": "Reserved for future use.", - "title": "SpreadDomain", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware.", - "title": "Tenancy", - "type": "string" + "Storage": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftStorageProperties", + "markdownDescription": "The Amazon Redshift storage.", + "title": "Storage" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.PrivateDnsNameOptions": { + "AWS::DataZone::Connection.RedshiftStorageProperties": { "additionalProperties": false, "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" - }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" + "ClusterName": { + "markdownDescription": "The cluster name in the Amazon Redshift storage properties.", + "title": "ClusterName", + "type": "string" }, - "HostnameType": { - "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "HostnameType", + "WorkgroupName": { + "markdownDescription": "The workgroup name in the Amazon Redshift storage properties.", + "title": "WorkgroupName", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.PrivateIpAdd": { + "AWS::DataZone::Connection.SparkEmrPropertiesInput": { "additionalProperties": false, "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" + "ComputeArn": { + "markdownDescription": "The compute ARN of Spark EMR.", + "title": "ComputeArn", + "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", + "InstanceProfileArn": { + "markdownDescription": "The instance profile ARN of Spark EMR.", + "title": "InstanceProfileArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.SpotOptions": { - "additionalProperties": false, - "properties": { - "BlockDurationMinutes": { - "markdownDescription": "Deprecated.", - "title": "BlockDurationMinutes", - "type": "number" }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", - "title": "InstanceInterruptionBehavior", + "JavaVirtualEnv": { + "markdownDescription": "The java virtual env of the Spark EMR.", + "title": "JavaVirtualEnv", "type": "string" }, - "MaxPrice": { - "markdownDescription": "The maximum hourly price you're willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. If you do specify this parameter, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message when the launch template is used to launch an instance.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "MaxPrice", + "LogUri": { + "markdownDescription": "The log URI of the Spark EMR.", + "title": "LogUri", "type": "string" }, - "SpotInstanceType": { - "markdownDescription": "The Spot Instance request type.\n\nIf you are using Spot Instances with an Auto Scaling group, use `one-time` requests, as the Amazon EC2 Auto Scaling service handles requesting new Spot Instances whenever the group is below its desired capacity.", - "title": "SpotInstanceType", + "PythonVirtualEnv": { + "markdownDescription": "The Python virtual env of the Spark EMR.", + "title": "PythonVirtualEnv", "type": "string" }, - "ValidUntil": { - "markdownDescription": "The end date of the request, in UTC format ( *YYYY-MM-DD* T *HH:MM:SS* Z). Supported only for persistent requests.\n\n- For a persistent request, the request remains active until the `ValidUntil` date and time is reached. Otherwise, the request remains active until you cancel it.\n- For a one-time request, `ValidUntil` is not supported. The request remains active until all instances launch or you cancel the request.\n\nDefault: 7 days from the current date", - "title": "ValidUntil", + "RuntimeRole": { + "markdownDescription": "The runtime role of the Spark EMR.", + "title": "RuntimeRole", + "type": "string" + }, + "TrustedCertificatesS3Uri": { + "markdownDescription": "The certificates S3 URI of the Spark EMR.", + "title": "TrustedCertificatesS3Uri", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.TagSpecification": { + "AWS::DataZone::Connection.SparkGlueArgs": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. You can specify tags for the following resource types only: `instance` | `volume` | `network-interface` | `spot-instances-request` . If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume.\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", - "title": "ResourceType", + "Connection": { + "markdownDescription": "The connection in the Spark AWS Glue args.", + "title": "Connection", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.TotalLocalStorageGB": { + "AWS::DataZone::Connection.SparkGluePropertiesInput": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", + "AdditionalArgs": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkGlueArgs", + "markdownDescription": "The additional args in the Spark AWS Glue properties.", + "title": "AdditionalArgs" + }, + "GlueConnectionName": { + "markdownDescription": "The AWS Glue connection name in the Spark AWS Glue properties.", + "title": "GlueConnectionName", + "type": "string" + }, + "GlueVersion": { + "markdownDescription": "The AWS Glue version in the Spark AWS Glue properties.", + "title": "GlueVersion", + "type": "string" + }, + "IdleTimeout": { + "markdownDescription": "The idle timeout in the Spark AWS Glue properties.", + "title": "IdleTimeout", "type": "number" }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", + "JavaVirtualEnv": { + "markdownDescription": "The Java virtual env in the Spark AWS Glue properties.", + "title": "JavaVirtualEnv", + "type": "string" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers in the Spark AWS Glue properties.", + "title": "NumberOfWorkers", "type": "number" + }, + "PythonVirtualEnv": { + "markdownDescription": "The Python virtual env in the Spark AWS Glue properties.", + "title": "PythonVirtualEnv", + "type": "string" + }, + "WorkerType": { + "markdownDescription": "The worker type in the Spark AWS Glue properties.", + "title": "WorkerType", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.VCpuCount": { + "AWS::DataZone::Connection.UsernamePassword": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Password": { + "markdownDescription": "The password of a connection.", + "title": "Password", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" + "Username": { + "markdownDescription": "The username of a connection.", + "title": "Username", + "type": "string" } }, + "required": [ + "Password", + "Username" + ], "type": "object" }, - "AWS::EC2::LocalGatewayRoute": { + "AWS::DataZone::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -73734,36 +81394,86 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidrBlock", + "AssetFormsInput": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.FormInput" + }, + "markdownDescription": "The metadata forms attached to the assets that the data source works with.", + "title": "AssetFormsInput", + "type": "array" + }, + "Configuration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.DataSourceConfigurationInput", + "markdownDescription": "The configuration of the data source.", + "title": "Configuration" + }, + "ConnectionIdentifier": { + "markdownDescription": "", + "title": "ConnectionIdentifier", "type": "string" }, - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "Description": { + "markdownDescription": "The description of the data source.", + "title": "Description", "type": "string" }, - "LocalGatewayVirtualInterfaceGroupId": { - "markdownDescription": "The ID of the virtual interface group.", - "title": "LocalGatewayVirtualInterfaceGroupId", + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain where the data source is created.", + "title": "DomainIdentifier", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", + "EnableSetting": { + "markdownDescription": "Specifies whether the data source is enabled.", + "title": "EnableSetting", + "type": "string" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the data source.", + "title": "Name", + "type": "string" + }, + "ProjectIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone project in which you want to add this data source.", + "title": "ProjectIdentifier", + "type": "string" + }, + "PublishOnImport": { + "markdownDescription": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog.", + "title": "PublishOnImport", + "type": "boolean" + }, + "Recommendation": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RecommendationConfiguration", + "markdownDescription": "Specifies whether the business name generation is to be enabled for this data source.", + "title": "Recommendation" + }, + "Schedule": { + "$ref": "#/definitions/AWS::DataZone::DataSource.ScheduleConfiguration", + "markdownDescription": "The schedule of the data source runs.", + "title": "Schedule" + }, + "Type": { + "markdownDescription": "The type of the data source. In Amazon DataZone, you can use data sources to import technical metadata of assets (data) from the source databases or data warehouses into Amazon DataZone. In the current release of Amazon DataZone, you can create and run data sources for AWS Glue and Amazon Redshift.", + "title": "Type", "type": "string" } }, "required": [ - "DestinationCidrBlock", - "LocalGatewayRouteTableId" + "DomainIdentifier", + "Name", + "ProjectIdentifier", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRoute" + "AWS::DataZone::DataSource" ], "type": "string" }, @@ -73782,27 +81492,287 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTable": { + "AWS::DataZone::DataSource.DataSourceConfigurationInput": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "GlueRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.GlueRunConfigurationInput", + "markdownDescription": "The configuration of the AWS Glue data source.", + "title": "GlueRunConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RedshiftRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftRunConfigurationInput", + "markdownDescription": "The configuration of the Amazon Redshift data source.", + "title": "RedshiftRunConfiguration" + }, + "SageMakerRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.SageMakerRunConfigurationInput", + "markdownDescription": "", + "title": "SageMakerRunConfiguration" + } + }, + "type": "object" + }, + "AWS::DataZone::DataSource.FilterExpression": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The search filter expression.", + "title": "Expression", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { + "Type": { + "markdownDescription": "The search filter explresison type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Expression", + "Type" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.FormInput": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "", + "title": "Content", + "type": "string" + }, + "FormName": { + "markdownDescription": "", + "title": "FormName", + "type": "string" + }, + "TypeIdentifier": { + "markdownDescription": "", + "title": "TypeIdentifier", + "type": "string" + }, + "TypeRevision": { + "markdownDescription": "", + "title": "TypeRevision", + "type": "string" + } + }, + "required": [ + "FormName" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.GlueRunConfigurationInput": { + "additionalProperties": false, + "properties": { + "AutoImportDataQualityResult": { + "markdownDescription": "Specifies whether to automatically import data quality metrics as part of the data source run.", + "title": "AutoImportDataQualityResult", + "type": "boolean" + }, + "CatalogName": { + "markdownDescription": "", + "title": "CatalogName", + "type": "string" + }, + "DataAccessRole": { + "markdownDescription": "The data access role included in the configuration details of the AWS Glue data source.", + "title": "DataAccessRole", + "type": "string" + }, + "RelationalFilterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" + }, + "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", + "title": "RelationalFilterConfigurations", + "type": "array" + } + }, + "required": [ + "RelationalFilterConfigurations" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RecommendationConfiguration": { + "additionalProperties": false, + "properties": { + "EnableBusinessNameGeneration": { + "markdownDescription": "Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration.", + "title": "EnableBusinessNameGeneration", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftClusterStorage": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The name of an Amazon Redshift cluster.", + "title": "ClusterName", + "type": "string" + } + }, + "required": [ + "ClusterName" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftCredentialConfiguration": { + "additionalProperties": false, + "properties": { + "SecretManagerArn": { + "markdownDescription": "The ARN of a secret manager for an Amazon Redshift cluster.", + "title": "SecretManagerArn", + "type": "string" + } + }, + "required": [ + "SecretManagerArn" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftRunConfigurationInput": { + "additionalProperties": false, + "properties": { + "DataAccessRole": { + "markdownDescription": "The data access role included in the configuration details of the Amazon Redshift data source.", + "title": "DataAccessRole", + "type": "string" + }, + "RedshiftCredentialConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftCredentialConfiguration", + "markdownDescription": "The details of the credentials required to access an Amazon Redshift cluster.", + "title": "RedshiftCredentialConfiguration" + }, + "RedshiftStorage": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftStorage", + "markdownDescription": "The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run.", + "title": "RedshiftStorage" + }, + "RelationalFilterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" + }, + "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", + "title": "RelationalFilterConfigurations", + "type": "array" + } + }, + "required": [ + "RelationalFilterConfigurations" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftServerlessStorage": { + "additionalProperties": false, + "properties": { + "WorkgroupName": { + "markdownDescription": "The name of the Amazon Redshift Serverless workgroup.", + "title": "WorkgroupName", + "type": "string" + } + }, + "required": [ + "WorkgroupName" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftStorage": { + "additionalProperties": false, + "properties": { + "RedshiftClusterSource": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftClusterStorage", + "markdownDescription": "The details of the Amazon Redshift cluster source.", + "title": "RedshiftClusterSource" + }, + "RedshiftServerlessSource": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftServerlessStorage", + "markdownDescription": "The details of the Amazon Redshift Serverless workgroup source.", + "title": "RedshiftServerlessSource" + } + }, + "type": "object" + }, + "AWS::DataZone::DataSource.RelationalFilterConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The database name specified in the relational filter configuration for the data source.", + "title": "DatabaseName", + "type": "string" + }, + "FilterExpressions": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.FilterExpression" + }, + "markdownDescription": "The filter expressions specified in the relational filter configuration for the data source.", + "title": "FilterExpressions", + "type": "array" + }, + "SchemaName": { + "markdownDescription": "The schema name specified in the relational filter configuration for the data source.", + "title": "SchemaName", + "type": "string" + } + }, + "required": [ + "DatabaseName" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.SageMakerRunConfigurationInput": { + "additionalProperties": false, + "properties": { + "TrackingAssets": { + "markdownDescription": "", + "title": "TrackingAssets", + "type": "object" + } + }, + "required": [ + "TrackingAssets" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.ScheduleConfiguration": { + "additionalProperties": false, + "properties": { + "Schedule": { + "markdownDescription": "The schedule of the data source runs.", + "title": "Schedule", + "type": "string" + }, + "Timezone": { + "markdownDescription": "The timezone of the data source run.", + "title": "Timezone", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Domain": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" @@ -73817,33 +81787,59 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayId": { - "markdownDescription": "The ID of the local gateway.", - "title": "LocalGatewayId", + "Description": { + "markdownDescription": "The description of the Amazon DataZone domain.", + "title": "Description", "type": "string" }, - "Mode": { - "markdownDescription": "The mode of the local gateway route table.", - "title": "Mode", + "DomainExecutionRole": { + "markdownDescription": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain.", + "title": "DomainExecutionRole", + "type": "string" + }, + "DomainVersion": { + "markdownDescription": "The domain version.", + "title": "DomainVersion", + "type": "string" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data.", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Amazon DataZone domain.", + "title": "Name", + "type": "string" + }, + "ServiceRole": { + "markdownDescription": "The service role of the domain.", + "title": "ServiceRole", "type": "string" }, + "SingleSignOn": { + "$ref": "#/definitions/AWS::DataZone::Domain.SingleSignOn", + "markdownDescription": "The single sign-on details in Amazon DataZone.", + "title": "SingleSignOn" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the local gateway route table.", + "markdownDescription": "The tags specified for the Amazon DataZone domain.", "title": "Tags", "type": "array" } }, "required": [ - "LocalGatewayId" + "DomainExecutionRole", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTable" + "AWS::DataZone::Domain" ], "type": "string" }, @@ -73862,7 +81858,28 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTableVPCAssociation": { + "AWS::DataZone::Domain.SingleSignOn": { + "additionalProperties": false, + "properties": { + "IdcInstanceArn": { + "markdownDescription": "The ARN of the IDC instance.", + "title": "IdcInstanceArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of single sign-on in Amazon DataZone.", + "title": "Type", + "type": "string" + }, + "UserAssignment": { + "markdownDescription": "The single sign-on user assignment in Amazon DataZone.", + "title": "UserAssignment", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::DomainUnit": { "additionalProperties": false, "properties": { "Condition": { @@ -73897,34 +81914,37 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "Description": { + "markdownDescription": "The description of the domain unit.", + "title": "Description", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the association.", - "title": "Tags", - "type": "array" + "DomainIdentifier": { + "markdownDescription": "The ID of the domain where you want to crate a domain unit.", + "title": "DomainIdentifier", + "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "Name": { + "markdownDescription": "The name of the domain unit.", + "title": "Name", + "type": "string" + }, + "ParentDomainUnitIdentifier": { + "markdownDescription": "The ID of the parent domain unit.", + "title": "ParentDomainUnitIdentifier", "type": "string" } }, "required": [ - "LocalGatewayRouteTableId", - "VpcId" + "DomainIdentifier", + "Name", + "ParentDomainUnitIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTableVPCAssociation" + "AWS::DataZone::DomainUnit" ], "type": "string" }, @@ -73943,7 +81963,7 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { + "AWS::DataZone::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -73978,34 +81998,73 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "Description": { + "markdownDescription": "The description of the environment.", + "title": "Description", "type": "string" }, - "LocalGatewayVirtualInterfaceGroupId": { - "markdownDescription": "The ID of the virtual interface group.", - "title": "LocalGatewayVirtualInterfaceGroupId", + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment is created.", + "title": "DomainIdentifier", "type": "string" }, - "Tags": { + "EnvironmentAccountIdentifier": { + "markdownDescription": "The identifier of the AWS account in which an environment exists.", + "title": "EnvironmentAccountIdentifier", + "type": "string" + }, + "EnvironmentAccountRegion": { + "markdownDescription": "The AWS Region in which an environment exists.", + "title": "EnvironmentAccountRegion", + "type": "string" + }, + "EnvironmentProfileIdentifier": { + "markdownDescription": "The identifier of the environment profile that is used to create this Amazon DataZone environment.", + "title": "EnvironmentProfileIdentifier", + "type": "string" + }, + "EnvironmentRoleArn": { + "markdownDescription": "The ARN of the environment role.", + "title": "EnvironmentRoleArn", + "type": "string" + }, + "GlossaryTerms": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags assigned to the association.", - "title": "Tags", + "markdownDescription": "The glossary terms that can be used in this Amazon DataZone environment.", + "title": "GlossaryTerms", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the Amazon DataZone environment.", + "title": "Name", + "type": "string" + }, + "ProjectIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone project in which this environment is created.", + "title": "ProjectIdentifier", + "type": "string" + }, + "UserParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::Environment.EnvironmentParameter" + }, + "markdownDescription": "The user parameters of this Amazon DataZone environment.", + "title": "UserParameters", "type": "array" } }, "required": [ - "LocalGatewayRouteTableId", - "LocalGatewayVirtualInterfaceGroupId" + "DomainIdentifier", + "Name", + "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation" + "AWS::DataZone::Environment" ], "type": "string" }, @@ -74024,7 +82083,23 @@ ], "type": "object" }, - "AWS::EC2::NatGateway": { + "AWS::DataZone::Environment.EnvironmentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the environment parameter.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the environment parameter.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentActions": { "additionalProperties": false, "properties": { "Condition": { @@ -74059,69 +82134,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocationId": { - "markdownDescription": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.", - "title": "AllocationId", + "Description": { + "markdownDescription": "The environment action description.", + "title": "Description", "type": "string" }, - "ConnectivityType": { - "markdownDescription": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", - "title": "ConnectivityType", + "DomainIdentifier": { + "markdownDescription": "The Amazon DataZone domain ID of the environment action.", + "title": "DomainIdentifier", "type": "string" }, - "MaxDrainDurationSeconds": { - "markdownDescription": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.", - "title": "MaxDrainDurationSeconds", - "type": "number" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.", - "title": "PrivateIpAddress", + "EnvironmentIdentifier": { + "markdownDescription": "The environment ID of the environment action.", + "title": "EnvironmentIdentifier", "type": "string" }, - "SecondaryAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-working-with.html) in the *Amazon VPC User Guide* .", - "title": "SecondaryAllocationIds", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SecondaryPrivateIpAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", - "title": "SecondaryPrivateIpAddresses", - "type": "array" + "Identifier": { + "markdownDescription": "The ID of the environment action.", + "title": "Identifier", + "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which the NAT gateway is located.", - "title": "SubnetId", + "Name": { + "markdownDescription": "The name of the environment action.", + "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the NAT gateway.", - "title": "Tags", - "type": "array" + "Parameters": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentActions.AwsConsoleLinkParameters", + "markdownDescription": "The parameters of the environment action.", + "title": "Parameters" } }, "required": [ - "SubnetId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NatGateway" + "AWS::DataZone::EnvironmentActions" ], "type": "string" }, @@ -74140,7 +82191,18 @@ ], "type": "object" }, - "AWS::EC2::NetworkAcl": { + "AWS::DataZone::EnvironmentActions.AwsConsoleLinkParameters": { + "additionalProperties": false, + "properties": { + "Uri": { + "markdownDescription": "The URI of the console link specified as part of the environment action.", + "title": "Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentBlueprintConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -74175,28 +82237,66 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which an environment blueprint exists.", + "title": "DomainIdentifier", + "type": "string" + }, + "EnabledRegions": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags for the network ACL.", - "title": "Tags", + "markdownDescription": "The enabled AWS Regions specified in a blueprint configuration.", + "title": "EnabledRegions", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC for the network ACL.", - "title": "VpcId", + "EnvironmentBlueprintIdentifier": { + "markdownDescription": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` .", + "title": "EnvironmentBlueprintIdentifier", + "type": "string" + }, + "EnvironmentRolePermissionBoundary": { + "markdownDescription": "The environment role permission boundary.", + "title": "EnvironmentRolePermissionBoundary", + "type": "string" + }, + "ManageAccessRoleArn": { + "markdownDescription": "The ARN of the manage access role.", + "title": "ManageAccessRoleArn", + "type": "string" + }, + "ProvisioningConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.ProvisioningConfiguration" + }, + "markdownDescription": "The provisioning configuration of a blueprint.", + "title": "ProvisioningConfigurations", + "type": "array" + }, + "ProvisioningRoleArn": { + "markdownDescription": "The ARN of the provisioning role.", + "title": "ProvisioningRoleArn", "type": "string" + }, + "RegionalParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter" + }, + "markdownDescription": "The regional parameters of the environment blueprint.", + "title": "RegionalParameters", + "type": "array" } }, "required": [ - "VpcId" + "DomainIdentifier", + "EnabledRegions", + "EnvironmentBlueprintIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkAcl" + "AWS::DataZone::EnvironmentBlueprintConfiguration" ], "type": "string" }, @@ -74215,7 +82315,62 @@ ], "type": "object" }, - "AWS::EC2::NetworkAclEntry": { + "AWS::DataZone::EnvironmentBlueprintConfiguration.LakeFormationConfiguration": { + "additionalProperties": false, + "properties": { + "LocationRegistrationExcludeS3Locations": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies certain Amazon S3 locations if you do not want Amazon DataZone to automatically register them in hybrid mode.", + "title": "LocationRegistrationExcludeS3Locations", + "type": "array" + }, + "LocationRegistrationRole": { + "markdownDescription": "The role that is used to manage read/write access to the chosen Amazon S3 bucket(s) for Data Lake using AWS Lake Formation hybrid access mode.", + "title": "LocationRegistrationRole", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentBlueprintConfiguration.ProvisioningConfiguration": { + "additionalProperties": false, + "properties": { + "LakeFormationConfiguration": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.LakeFormationConfiguration", + "markdownDescription": "The Lake Formation configuration of the Data Lake blueprint.", + "title": "LakeFormationConfiguration" + } + }, + "required": [ + "LakeFormationConfiguration" + ], + "type": "object" + }, + "AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter": { + "additionalProperties": false, + "properties": { + "Parameters": { + "additionalProperties": true, + "markdownDescription": "A string to string map containing parameters for the region.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" + }, + "Region": { + "markdownDescription": "The region specified in the environment parameter.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -74250,63 +82405,63 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrBlock": { - "markdownDescription": "The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.", - "title": "CidrBlock", + "AwsAccountId": { + "markdownDescription": "The identifier of an AWS account in which an environment profile exists.", + "title": "AwsAccountId", "type": "string" }, - "Egress": { - "markdownDescription": "Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ). By default, AWS CloudFormation specifies `false` .", - "title": "Egress", - "type": "boolean" - }, - "Icmp": { - "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.Icmp", - "markdownDescription": "The Internet Control Message Protocol (ICMP) code and type. Required if specifying 1 (ICMP) for the protocol parameter.", - "title": "Icmp" + "AwsAccountRegion": { + "markdownDescription": "The AWS Region in which an environment profile exists.", + "title": "AwsAccountRegion", + "type": "string" }, - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation. You must specify an IPv4 CIDR block or an IPv6 CIDR block.", - "title": "Ipv6CidrBlock", + "Description": { + "markdownDescription": "The description of the environment profile.", + "title": "Description", "type": "string" }, - "NetworkAclId": { - "markdownDescription": "The ID of the ACL for the entry.", - "title": "NetworkAclId", + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment profile exists.", + "title": "DomainIdentifier", "type": "string" }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.PortRange", - "markdownDescription": "The range of port numbers for the UDP/TCP protocol. Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "PortRange" + "EnvironmentBlueprintIdentifier": { + "markdownDescription": "The identifier of a blueprint with which an environment profile is created.", + "title": "EnvironmentBlueprintIdentifier", + "type": "string" }, - "Protocol": { - "markdownDescription": "The IP protocol that the rule applies to. You must specify -1 or a protocol number. You can specify -1 for all protocols.\n\n> If you specify -1, all ports are opened and the `PortRange` property is ignored.", - "title": "Protocol", - "type": "number" + "Name": { + "markdownDescription": "The name of the environment profile.", + "title": "Name", + "type": "string" }, - "RuleAction": { - "markdownDescription": "Whether to allow or deny traffic that matches the rule; valid values are \"allow\" or \"deny\".", - "title": "RuleAction", + "ProjectIdentifier": { + "markdownDescription": "The identifier of a project in which an environment profile exists.", + "title": "ProjectIdentifier", "type": "string" }, - "RuleNumber": { - "markdownDescription": "Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.", - "title": "RuleNumber", - "type": "number" + "UserParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile.EnvironmentParameter" + }, + "markdownDescription": "The user parameters of this Amazon DataZone environment profile.", + "title": "UserParameters", + "type": "array" } }, "required": [ - "NetworkAclId", - "Protocol", - "RuleAction", - "RuleNumber" + "AwsAccountId", + "AwsAccountRegion", + "DomainIdentifier", + "EnvironmentBlueprintIdentifier", + "Name", + "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkAclEntry" + "AWS::DataZone::EnvironmentProfile" ], "type": "string" }, @@ -74325,39 +82480,23 @@ ], "type": "object" }, - "AWS::EC2::NetworkAclEntry.Icmp": { - "additionalProperties": false, - "properties": { - "Code": { - "markdownDescription": "The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP codes for the given ICMP type. Required if you specify 1 (ICMP) for the protocol parameter.", - "title": "Code", - "type": "number" - }, - "Type": { - "markdownDescription": "The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types. Conditional requirement: Required if you specify 1 (ICMP) for the `CreateNetworkAclEntry` protocol parameter.", - "title": "Type", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkAclEntry.PortRange": { + "AWS::DataZone::EnvironmentProfile.EnvironmentParameter": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "From", - "type": "number" + "Name": { + "markdownDescription": "The name specified in the environment parameter.", + "title": "Name", + "type": "string" }, - "To": { - "markdownDescription": "The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "To", - "type": "number" + "Value": { + "markdownDescription": "The value of the environment profile.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope": { + "AWS::DataZone::GroupProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -74392,36 +82531,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ExcludePaths": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" - }, - "markdownDescription": "The paths to exclude.", - "title": "ExcludePaths", - "type": "array" + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which a group profile exists.", + "title": "DomainIdentifier", + "type": "string" }, - "MatchPaths": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" - }, - "markdownDescription": "The paths to match.", - "title": "MatchPaths", - "type": "array" + "GroupIdentifier": { + "markdownDescription": "The ID of the group of a project member.", + "title": "GroupIdentifier", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" + "Status": { + "markdownDescription": "The status of a group profile.", + "title": "Status", + "type": "string" } }, + "required": [ + "DomainIdentifier", + "GroupIdentifier" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsAccessScope" + "AWS::DataZone::GroupProfile" ], "type": "string" }, @@ -74435,146 +82569,135 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", - "markdownDescription": "The destination.", - "title": "Destination" - }, - "Source": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", - "markdownDescription": "The source.", - "title": "Source" - }, - "ThroughResources": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest" - }, - "markdownDescription": "The through resources.", - "title": "ThroughResources", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest": { + "AWS::DataZone::Owner": { "additionalProperties": false, "properties": { - "DestinationAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination addresses.", - "title": "DestinationAddresses", - "type": "array" + "Condition": { + "type": "string" }, - "DestinationPorts": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination ports.", - "title": "DestinationPorts", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DestinationPrefixLists": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination prefix lists.", - "title": "DestinationPrefixLists", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The protocols.", - "title": "Protocols", - "type": "array" + "Metadata": { + "type": "object" }, - "SourceAddresses": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DomainIdentifier": { + "markdownDescription": "The ID of the domain in which you want to add the entity owner.", + "title": "DomainIdentifier", + "type": "string" + }, + "EntityIdentifier": { + "markdownDescription": "The ID of the entity to which you want to add an owner.", + "title": "EntityIdentifier", + "type": "string" + }, + "EntityType": { + "markdownDescription": "The type of an entity.", + "title": "EntityType", + "type": "string" + }, + "Owner": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerProperties", + "markdownDescription": "The owner that you want to add to the entity.", + "title": "Owner" + } }, - "markdownDescription": "The source addresses.", - "title": "SourceAddresses", - "type": "array" + "required": [ + "DomainIdentifier", + "EntityIdentifier", + "EntityType", + "Owner" + ], + "type": "object" }, - "SourcePorts": { - "items": { - "type": "string" - }, - "markdownDescription": "The source ports.", - "title": "SourcePorts", - "type": "array" + "Type": { + "enum": [ + "AWS::DataZone::Owner" + ], + "type": "string" }, - "SourcePrefixLists": { - "items": { - "type": "string" - }, - "markdownDescription": "The source prefix lists.", - "title": "SourcePrefixLists", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest": { + "AWS::DataZone::Owner.OwnerGroupProperties": { "additionalProperties": false, "properties": { - "PacketHeaderStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest", - "markdownDescription": "The packet header statement.", - "title": "PacketHeaderStatement" - }, - "ResourceStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", - "markdownDescription": "The resource statement.", - "title": "ResourceStatement" + "GroupIdentifier": { + "markdownDescription": "The ID of the domain unit owners group.", + "title": "GroupIdentifier", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest": { + "AWS::DataZone::Owner.OwnerProperties": { "additionalProperties": false, "properties": { - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The resource types.", - "title": "ResourceTypes", - "type": "array" + "Group": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerGroupProperties", + "markdownDescription": "Specifies that the domain unit owner is a group.", + "title": "Group" }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources.", - "title": "Resources", - "type": "array" + "User": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerUserProperties", + "markdownDescription": "Specifies that the domain unit owner is a user.", + "title": "User" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest": { + "AWS::DataZone::Owner.OwnerUserProperties": { "additionalProperties": false, "properties": { - "ResourceStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", - "markdownDescription": "The resource statement.", - "title": "ResourceStatement" + "UserIdentifier": { + "markdownDescription": "The ID of the owner user.", + "title": "UserIdentifier", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScopeAnalysis": { + "AWS::DataZone::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -74609,28 +82732,62 @@ "Properties": { "additionalProperties": false, "properties": { - "NetworkInsightsAccessScopeId": { - "markdownDescription": "The ID of the Network Access Scope.", - "title": "NetworkInsightsAccessScopeId", + "Description": { + "markdownDescription": "The description of a project.", + "title": "Description", "type": "string" }, - "Tags": { + "DomainIdentifier": { + "markdownDescription": "The identifier of a Amazon DataZone domain where the project exists.", + "title": "DomainIdentifier", + "type": "string" + }, + "DomainUnitId": { + "markdownDescription": "The ID of the domain unit. This parameter is not required and if it is not specified, then the project is created at the root domain unit level.", + "title": "DomainUnitId", + "type": "string" + }, + "GlossaryTerms": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags.", - "title": "Tags", + "markdownDescription": "The glossary terms that can be used in this Amazon DataZone project.", + "title": "GlossaryTerms", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a project.", + "title": "Name", + "type": "string" + }, + "ProjectProfileId": { + "markdownDescription": "The ID of the project profile.", + "title": "ProjectProfileId", + "type": "string" + }, + "ProjectProfileVersion": { + "markdownDescription": "The project profile version to which the project should be updated. You can only specify the following string for this parameter: `latest` .", + "title": "ProjectProfileVersion", + "type": "string" + }, + "UserParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::Project.EnvironmentConfigurationUserParameter" + }, + "markdownDescription": "The user parameters of the project.", + "title": "UserParameters", "type": "array" } }, "required": [ - "NetworkInsightsAccessScopeId" + "DomainIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsAccessScopeAnalysis" + "AWS::DataZone::Project" ], "type": "string" }, @@ -74649,7 +82806,47 @@ ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis": { + "AWS::DataZone::Project.EnvironmentConfigurationUserParameter": { + "additionalProperties": false, + "properties": { + "EnvironmentConfigurationName": { + "markdownDescription": "The environment configuration name.", + "title": "EnvironmentConfigurationName", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of the environment.", + "title": "EnvironmentId", + "type": "string" + }, + "EnvironmentParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::Project.EnvironmentParameter" + }, + "markdownDescription": "The environment parameters.", + "title": "EnvironmentParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataZone::Project.EnvironmentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of an environment profile parameter.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of an environment profile parameter.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::ProjectMembership": { "additionalProperties": false, "properties": { "Condition": { @@ -74684,44 +82881,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "The member accounts that contain resources that the path can traverse.", - "title": "AdditionalAccounts", - "type": "array" - }, - "FilterInArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must traverse.", - "title": "FilterInArns", - "type": "array" + "Designation": { + "markdownDescription": "The designated role of a project member.", + "title": "Designation", + "type": "string" }, - "NetworkInsightsPathId": { - "markdownDescription": "The ID of the path.", - "title": "NetworkInsightsPathId", + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain in which project membership is created.", + "title": "DomainIdentifier", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply.", - "title": "Tags", - "type": "array" + "Member": { + "$ref": "#/definitions/AWS::DataZone::ProjectMembership.Member", + "markdownDescription": "The details about a project member.", + "title": "Member" + }, + "ProjectIdentifier": { + "markdownDescription": "The ID of the project for which this project membership was created.", + "title": "ProjectIdentifier", + "type": "string" } }, "required": [ - "NetworkInsightsPathId" + "Designation", + "DomainIdentifier", + "Member", + "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsAnalysis" + "AWS::DataZone::ProjectMembership" ], "type": "string" }, @@ -74740,722 +82931,250 @@ ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail": { + "AWS::DataZone::ProjectMembership.Member": { "additionalProperties": false, "properties": { - "AdditionalDetailType": { - "markdownDescription": "The additional detail code.", - "title": "AdditionalDetailType", + "GroupIdentifier": { + "markdownDescription": "The ID of the group of a project member.", + "title": "GroupIdentifier", "type": "string" }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The path component.", - "title": "Component" - }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" - }, - "markdownDescription": "The load balancers.", - "title": "LoadBalancers", - "type": "array" - }, - "ServiceName": { - "markdownDescription": "The name of the VPC endpoint service.", - "title": "ServiceName", + "UserIdentifier": { + "markdownDescription": "The user ID of a project member.", + "title": "UserIdentifier", "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AlternatePathHint": { + "AWS::DataZone::ProjectProfile": { "additionalProperties": false, "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", + "Condition": { "type": "string" }, - "ComponentId": { - "markdownDescription": "The ID of the component.", - "title": "ComponentId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule": { - "additionalProperties": false, - "properties": { - "Cidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation.", - "title": "Cidr", - "type": "string" - }, - "Egress": { - "markdownDescription": "Indicates whether the rule is an outbound rule.", - "title": "Egress", - "type": "boolean" - }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", - "markdownDescription": "The range of ports.", - "title": "PortRange" - }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RuleAction": { - "markdownDescription": "Indicates whether to allow or deny traffic that matches the rule.", - "title": "RuleAction", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RuleNumber": { - "markdownDescription": "The rule number.", - "title": "RuleNumber", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "Arn", - "type": "string" + "Metadata": { + "type": "object" }, - "Id": { - "markdownDescription": "The ID of the component.", - "title": "Id", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener": { - "additionalProperties": false, - "properties": { - "InstancePort": { - "markdownDescription": "[Classic Load Balancers] The back-end port for the listener.", - "title": "InstancePort", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the project profile.", + "title": "Description", + "type": "string" + }, + "DomainIdentifier": { + "markdownDescription": "A domain ID of the project profile.", + "title": "DomainIdentifier", + "type": "string" + }, + "DomainUnitIdentifier": { + "markdownDescription": "A domain unit ID of the project profile.", + "title": "DomainUnitIdentifier", + "type": "string" + }, + "EnvironmentConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfiguration" + }, + "markdownDescription": "Environment configurations of a project profile.", + "title": "EnvironmentConfigurations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a project profile.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of a project profile.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "LoadBalancerPort": { - "markdownDescription": "The port on which the load balancer is listening.", - "title": "LoadBalancerPort", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The IP address.", - "title": "Address", + "Type": { + "enum": [ + "AWS::DataZone::ProjectProfile" + ], "type": "string" }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.", - "title": "AvailabilityZone", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "Instance": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "Information about the instance.", - "title": "Instance" - }, - "Port": { - "markdownDescription": "The port on which the target is listening.", - "title": "Port", - "type": "number" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader": { + "AWS::DataZone::ProjectProfile.AwsAccount": { "additionalProperties": false, "properties": { - "DestinationAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination addresses.", - "title": "DestinationAddresses", - "type": "array" - }, - "DestinationPortRanges": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" - }, - "markdownDescription": "The destination port ranges.", - "title": "DestinationPortRanges", - "type": "array" - }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "AwsAccountId": { + "markdownDescription": "The account ID of a project.", + "title": "AwsAccountId", "type": "string" - }, - "SourceAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The source addresses.", - "title": "SourceAddresses", - "type": "array" - }, - "SourcePortRanges": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" - }, - "markdownDescription": "The source port ranges.", - "title": "SourcePortRanges", - "type": "array" } }, + "required": [ + "AwsAccountId" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute": { + "AWS::DataZone::ProjectProfile.EnvironmentConfiguration": { "additionalProperties": false, "properties": { - "NatGatewayId": { - "markdownDescription": "The ID of a NAT gateway.", - "title": "NatGatewayId", - "type": "string" + "AwsAccount": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.AwsAccount", + "markdownDescription": "The AWS account of the environment.", + "title": "AwsAccount" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of a network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "Origin": { - "markdownDescription": "Describes how the route was created. The following are the possible values:\n\n- CreateRouteTable - The route was automatically created when the route table was created.\n- CreateRoute - The route was manually added to the route table.\n- EnableVgwRoutePropagation - The route was propagated by route propagation.", - "title": "Origin", - "type": "string" - }, - "State": { - "markdownDescription": "The state. The following are the possible values:\n\n- active\n- blackhole", - "title": "State", - "type": "string" - }, - "TransitGatewayId": { - "markdownDescription": "The ID of a transit gateway.", - "title": "TransitGatewayId", - "type": "string" - }, - "VpcPeeringConnectionId": { - "markdownDescription": "The ID of a VPC peering connection.", - "title": "VpcPeeringConnectionId", - "type": "string" - }, - "destinationCidr": { - "markdownDescription": "The destination IPv4 address, in CIDR notation.", - "title": "destinationCidr", - "type": "string" - }, - "destinationPrefixListId": { - "markdownDescription": "The prefix of the AWS service.", - "title": "destinationPrefixListId", - "type": "string" + "AwsRegion": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.Region", + "markdownDescription": "The AWS Region of the environment.", + "title": "AwsRegion" }, - "egressOnlyInternetGatewayId": { - "markdownDescription": "The ID of an egress-only internet gateway.", - "title": "egressOnlyInternetGatewayId", - "type": "string" + "ConfigurationParameters": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParametersDetails", + "markdownDescription": "The configuration parameters of the environment.", + "title": "ConfigurationParameters" }, - "gatewayId": { - "markdownDescription": "The ID of the gateway, such as an internet gateway or virtual private gateway.", - "title": "gatewayId", + "DeploymentMode": { + "markdownDescription": "The deployment mode of the environment.", + "title": "DeploymentMode", "type": "string" }, - "instanceId": { - "markdownDescription": "The ID of the instance, such as a NAT instance.", - "title": "instanceId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule": { - "additionalProperties": false, - "properties": { - "Cidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation.", - "title": "Cidr", - "type": "string" + "DeploymentOrder": { + "markdownDescription": "The deployment order of the environment.", + "title": "DeploymentOrder", + "type": "number" }, - "Direction": { - "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", - "title": "Direction", + "Description": { + "markdownDescription": "The environment description.", + "title": "Description", "type": "string" }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", - "markdownDescription": "The port range.", - "title": "PortRange" - }, - "PrefixListId": { - "markdownDescription": "The prefix list ID.", - "title": "PrefixListId", + "EnvironmentBlueprintId": { + "markdownDescription": "The environment blueprint ID.", + "title": "EnvironmentBlueprintId", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol name.", - "title": "Protocol", + "Id": { + "markdownDescription": "The environment ID.", + "title": "Id", "type": "string" }, - "SecurityGroupId": { - "markdownDescription": "The security group ID.", - "title": "SecurityGroupId", + "Name": { + "markdownDescription": "The environment name.", + "title": "Name", "type": "string" } }, + "required": [ + "AwsRegion", + "EnvironmentBlueprintId", + "Name" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.Explanation": { + "AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter": { "additionalProperties": false, "properties": { - "Acl": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The network ACL.", - "title": "Acl" - }, - "AclRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", - "markdownDescription": "The network ACL rule.", - "title": "AclRule" - }, - "Address": { - "markdownDescription": "The IPv4 address, in CIDR notation.", - "title": "Address", - "type": "string" - }, - "Addresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses, in CIDR notation.", - "title": "Addresses", - "type": "array" - }, - "AttachedTo": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The resource to which the component is attached.", - "title": "AttachedTo" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones.", - "title": "AvailabilityZones", - "type": "array" - }, - "Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The CIDR ranges.", - "title": "Cidrs", - "type": "array" - }, - "ClassicLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener", - "markdownDescription": "The listener for a Classic Load Balancer.", - "title": "ClassicLoadBalancerListener" - }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component.", - "title": "Component" - }, - "ComponentAccount": { - "markdownDescription": "The AWS account for the component.", - "title": "ComponentAccount", - "type": "string" - }, - "ComponentRegion": { - "markdownDescription": "The Region for the component.", - "title": "ComponentRegion", - "type": "string" - }, - "CustomerGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The customer gateway.", - "title": "CustomerGateway" - }, - "Destination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination.", - "title": "Destination" - }, - "DestinationVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination VPC.", - "title": "DestinationVpc" - }, - "Direction": { - "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", - "title": "Direction", - "type": "string" - }, - "ElasticLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The load balancer listener.", - "title": "ElasticLoadBalancerListener" - }, - "ExplanationCode": { - "markdownDescription": "The explanation code.", - "title": "ExplanationCode", - "type": "string" - }, - "IngressRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table.", - "title": "IngressRouteTable" - }, - "InternetGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The internet gateway.", - "title": "InternetGateway" - }, - "LoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", - "title": "LoadBalancerArn", - "type": "string" - }, - "LoadBalancerListenerPort": { - "markdownDescription": "The listener port of the load balancer.", - "title": "LoadBalancerListenerPort", - "type": "number" - }, - "LoadBalancerTarget": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget", - "markdownDescription": "The target.", - "title": "LoadBalancerTarget" - }, - "LoadBalancerTargetGroup": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The target group.", - "title": "LoadBalancerTargetGroup" - }, - "LoadBalancerTargetGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" - }, - "markdownDescription": "The target groups.", - "title": "LoadBalancerTargetGroups", - "type": "array" - }, - "LoadBalancerTargetPort": { - "markdownDescription": "The target port.", - "title": "LoadBalancerTargetPort", - "type": "number" - }, - "MissingComponent": { - "markdownDescription": "The missing component.", - "title": "MissingComponent", - "type": "string" - }, - "NatGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The NAT gateway.", - "title": "NatGateway" - }, - "NetworkInterface": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The network interface.", - "title": "NetworkInterface" + "IsEditable": { + "markdownDescription": "Specifies whether the environment parameter is editable.", + "title": "IsEditable", + "type": "boolean" }, - "PacketField": { - "markdownDescription": "The packet field.", - "title": "PacketField", + "Name": { + "markdownDescription": "The name of the environment configuration parameter.", + "title": "Name", "type": "string" }, - "Port": { - "markdownDescription": "The port.", - "title": "Port", - "type": "number" - }, - "PortRanges": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" - }, - "markdownDescription": "The port ranges.", - "title": "PortRanges", - "type": "array" - }, - "PrefixList": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The prefix list.", - "title": "PrefixList" - }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The protocols.", - "title": "Protocols", - "type": "array" - }, - "RouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table.", - "title": "RouteTable" - }, - "RouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", - "markdownDescription": "The route table route.", - "title": "RouteTableRoute" - }, - "SecurityGroup": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The security group.", - "title": "SecurityGroup" - }, - "SecurityGroupRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", - "markdownDescription": "The security group rule.", - "title": "SecurityGroupRule" - }, - "SecurityGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" - }, - "markdownDescription": "The security groups.", - "title": "SecurityGroups", - "type": "array" - }, - "SourceVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The source VPC.", - "title": "SourceVpc" - }, - "State": { - "markdownDescription": "The state.", - "title": "State", + "Value": { + "markdownDescription": "The value of the environment configuration parameter.", + "title": "Value", "type": "string" - }, - "Subnet": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The subnet.", - "title": "Subnet" - }, - "SubnetRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table for the subnet.", - "title": "SubnetRouteTable" - }, - "TransitGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway.", - "title": "TransitGateway" - }, - "TransitGatewayAttachment": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway attachment.", - "title": "TransitGatewayAttachment" - }, - "TransitGatewayRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway route table.", - "title": "TransitGatewayRouteTable" - }, - "TransitGatewayRouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", - "markdownDescription": "The transit gateway route table route.", - "title": "TransitGatewayRouteTableRoute" - }, - "Vpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component VPC.", - "title": "Vpc" - }, - "VpcPeeringConnection": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPC peering connection.", - "title": "VpcPeeringConnection" - }, - "VpnConnection": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPN connection.", - "title": "VpnConnection" - }, - "VpnGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPN gateway.", - "title": "VpnGateway" - }, - "vpcEndpoint": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPC endpoint.", - "title": "vpcEndpoint" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.PathComponent": { + "AWS::DataZone::ProjectProfile.EnvironmentConfigurationParametersDetails": { "additionalProperties": false, "properties": { - "AclRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", - "markdownDescription": "The network ACL rule.", - "title": "AclRule" - }, - "AdditionalDetails": { + "ParameterOverrides": { "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail" + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter" }, - "markdownDescription": "The additional details.", - "title": "AdditionalDetails", + "markdownDescription": "The parameter overrides.", + "title": "ParameterOverrides", "type": "array" }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component.", - "title": "Component" - }, - "DestinationVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination VPC.", - "title": "DestinationVpc" - }, - "ElasticLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The load balancer listener.", - "title": "ElasticLoadBalancerListener" - }, - "Explanations": { + "ResolvedParameters": { "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.Explanation" + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter" }, - "markdownDescription": "The explanation codes.", - "title": "Explanations", + "markdownDescription": "The resolved environment configuration parameters.", + "title": "ResolvedParameters", "type": "array" }, - "InboundHeader": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", - "markdownDescription": "The inbound header.", - "title": "InboundHeader" - }, - "OutboundHeader": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", - "markdownDescription": "The outbound header.", - "title": "OutboundHeader" - }, - "RouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", - "markdownDescription": "The route table route.", - "title": "RouteTableRoute" - }, - "SecurityGroupRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", - "markdownDescription": "The security group rule.", - "title": "SecurityGroupRule" - }, - "SequenceNumber": { - "markdownDescription": "The sequence number.", - "title": "SequenceNumber", - "type": "number" - }, - "ServiceName": { - "markdownDescription": "The name of the VPC endpoint service.", - "title": "ServiceName", + "SsmPath": { + "markdownDescription": "Ssm path environment configuration parameters.", + "title": "SsmPath", "type": "string" - }, - "SourceVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The source VPC.", - "title": "SourceVpc" - }, - "Subnet": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The subnet.", - "title": "Subnet" - }, - "TransitGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway.", - "title": "TransitGateway" - }, - "TransitGatewayRouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", - "markdownDescription": "The route in a transit gateway route table.", - "title": "TransitGatewayRouteTableRoute" - }, - "Vpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component VPC.", - "title": "Vpc" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.PortRange": { - "additionalProperties": false, - "properties": { - "From": { - "markdownDescription": "The first port in the range.", - "title": "From", - "type": "number" - }, - "To": { - "markdownDescription": "The last port in the range.", - "title": "To", - "type": "number" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute": { + "AWS::DataZone::ProjectProfile.Region": { "additionalProperties": false, "properties": { - "AttachmentId": { - "markdownDescription": "The ID of the route attachment.", - "title": "AttachmentId", - "type": "string" - }, - "DestinationCidr": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidr", - "type": "string" - }, - "PrefixListId": { - "markdownDescription": "The ID of the prefix list.", - "title": "PrefixListId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the resource for the route attachment.", - "title": "ResourceId", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The resource type for the route attachment.", - "title": "ResourceType", - "type": "string" - }, - "RouteOrigin": { - "markdownDescription": "The route origin. The following are the possible values:\n\n- static\n- propagated", - "title": "RouteOrigin", - "type": "string" - }, - "State": { - "markdownDescription": "The state of the route.", - "title": "State", + "RegionName": { + "markdownDescription": "The AWS Region name.", + "title": "RegionName", "type": "string" } }, + "required": [ + "RegionName" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsPath": { + "AWS::DataZone::SubscriptionTarget": { "additionalProperties": false, "properties": { "Condition": { @@ -75490,64 +83209,75 @@ "Properties": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN.", - "title": "Destination", - "type": "string" - }, - "DestinationIp": { - "markdownDescription": "The IP address of the destination.", - "title": "DestinationIp", - "type": "string" + "ApplicableAssetTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The asset types included in the subscription target.", + "title": "ApplicableAssetTypes", + "type": "array" }, - "DestinationPort": { - "markdownDescription": "The destination port.", - "title": "DestinationPort", - "type": "number" + "AuthorizedPrincipals": { + "items": { + "type": "string" + }, + "markdownDescription": "The authorized principals included in the subscription target.", + "title": "AuthorizedPrincipals", + "type": "array" }, - "FilterAtDestination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", - "markdownDescription": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address.", - "title": "FilterAtDestination" + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain in which subscription target is created.", + "title": "DomainIdentifier", + "type": "string" }, - "FilterAtSource": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", - "markdownDescription": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port.", - "title": "FilterAtSource" + "EnvironmentIdentifier": { + "markdownDescription": "The ID of the environment in which subscription target is created.", + "title": "EnvironmentIdentifier", + "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "ManageAccessRole": { + "markdownDescription": "The manage access role that is used to create the subscription target.", + "title": "ManageAccessRole", "type": "string" }, - "Source": { - "markdownDescription": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN.", - "title": "Source", + "Name": { + "markdownDescription": "The name of the subscription target.", + "title": "Name", "type": "string" }, - "SourceIp": { - "markdownDescription": "The IP address of the source.", - "title": "SourceIp", + "Provider": { + "markdownDescription": "The provider of the subscription target.", + "title": "Provider", "type": "string" }, - "Tags": { + "SubscriptionTargetConfig": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm" }, - "markdownDescription": "The tags to add to the path.", - "title": "Tags", + "markdownDescription": "The configuration of the subscription target.", + "title": "SubscriptionTargetConfig", "type": "array" + }, + "Type": { + "markdownDescription": "The type of the subscription target.", + "title": "Type", + "type": "string" } }, "required": [ - "Protocol", - "Source" + "ApplicableAssetTypes", + "AuthorizedPrincipals", + "DomainIdentifier", + "EnvironmentIdentifier", + "Name", + "SubscriptionTargetConfig", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsPath" + "AWS::DataZone::SubscriptionTarget" ], "type": "string" }, @@ -75566,49 +83296,27 @@ ], "type": "object" }, - "AWS::EC2::NetworkInsightsPath.FilterPortRange": { - "additionalProperties": false, - "properties": { - "FromPort": { - "markdownDescription": "The first port in the range.", - "title": "FromPort", - "type": "number" - }, - "ToPort": { - "markdownDescription": "The last port in the range.", - "title": "ToPort", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsPath.PathFilter": { + "AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm": { "additionalProperties": false, "properties": { - "DestinationAddress": { - "markdownDescription": "The destination IPv4 address.", - "title": "DestinationAddress", + "Content": { + "markdownDescription": "The content of the subscription target configuration.", + "title": "Content", "type": "string" }, - "DestinationPortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", - "markdownDescription": "The destination port range.", - "title": "DestinationPortRange" - }, - "SourceAddress": { - "markdownDescription": "The source IPv4 address.", - "title": "SourceAddress", + "FormName": { + "markdownDescription": "The form name included in the subscription target configuration.", + "title": "FormName", "type": "string" - }, - "SourcePortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", - "markdownDescription": "The source port range.", - "title": "SourcePortRange" } }, + "required": [ + "Content", + "FormName" + ], "type": "object" }, - "AWS::EC2::NetworkInterface": { + "AWS::DataZone::UserProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -75643,113 +83351,36 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionTrackingSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.ConnectionTrackingSpecification", - "markdownDescription": "A connection tracking specification for the network interface.", - "title": "ConnectionTrackingSpecification" - }, - "Description": { - "markdownDescription": "A description for the network interface.", - "title": "Description", + "DomainIdentifier": { + "markdownDescription": "The identifier of a Amazon DataZone domain in which a user profile exists.", + "title": "DomainIdentifier", "type": "string" }, - "GroupSet": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with this network interface.", - "title": "GroupSet", - "type": "array" - }, - "InterfaceType": { - "markdownDescription": "The type of network interface. The default is `interface` . The supported values are `efa` and `trunk` .", - "title": "InterfaceType", + "Status": { + "markdownDescription": "The status of the user profile.", + "title": "Status", "type": "string" }, - "Ipv4PrefixCount": { - "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", - "title": "Ipv4PrefixCount", - "type": "number" - }, - "Ipv4Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv4PrefixSpecification" - }, - "markdownDescription": "The IPv4 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", - "title": "Ipv4Prefixes", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the `Ipv6Addresses` property and don't specify this property.\n\nWhen creating a network interface, you can't specify a count of IPv6 addresses if you've specified one of the following: specific IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses from the IPv6 CIDR block range of your subnet to assign to the network interface. If you're specifying a number of IPv6 addresses, use the `Ipv6AddressCount` property and don't specify this property.\n\nWhen creating a network interface, you can't specify IPv6 addresses if you've specified one of the following: a count of IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", - "title": "Ipv6Addresses", - "type": "array" - }, - "Ipv6PrefixCount": { - "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", - "title": "Ipv6PrefixCount", - "type": "number" - }, - "Ipv6Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv6PrefixSpecification" - }, - "markdownDescription": "The IPv6 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", - "title": "Ipv6Prefixes", - "type": "array" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address to assign to the network interface as the primary private IP address. If you want to specify multiple private IP addresses, use the `PrivateIpAddresses` property.", - "title": "PrivateIpAddress", + "UserIdentifier": { + "markdownDescription": "The identifier of the user for which the user profile is created.", + "title": "UserIdentifier", "type": "string" }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.PrivateIpAddressSpecification" - }, - "markdownDescription": "The private IPv4 addresses to assign to the network interface. You can specify a primary private IP address by setting the value of the `Primary` property to `true` in the `PrivateIpAddressSpecification` property. If you want EC2 to automatically assign private IP addresses, use the `SecondaryPrivateIpAddressCount` property and do not specify this property.\n\nWhen creating a network interface, you can't specify private IPv4 addresses if you've specified one of the following: a count of private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using `privateIpAddresses` .\n\nWhen creating a Network Interface, you can't specify a count of private IPv4 addresses if you've specified one of the following: specific private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SourceDestCheck": { - "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", - "title": "SourceDestCheck", - "type": "boolean" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to associate with the network interface.", - "title": "SubnetId", + "UserType": { + "markdownDescription": "The user type of the user for which the user profile is created.", + "title": "UserType", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the network interface.", - "title": "Tags", - "type": "array" } }, "required": [ - "SubnetId" + "DomainIdentifier", + "UserIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInterface" + "AWS::DataZone::UserProfile" ], "type": "string" }, @@ -75768,90 +83399,55 @@ ], "type": "object" }, - "AWS::EC2::NetworkInterface.ConnectionTrackingSpecification": { - "additionalProperties": false, - "properties": { - "TcpEstablishedTimeout": { - "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", - "title": "TcpEstablishedTimeout", - "type": "number" - }, - "UdpStreamTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", - "title": "UdpStreamTimeout", - "type": "number" - }, - "UdpTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", - "title": "UdpTimeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInterface.InstanceIpv6Address": { + "AWS::DataZone::UserProfile.IamUserProfileDetails": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "An IPv6 address to associate with the network interface.", - "title": "Ipv6Address", + "Arn": { + "markdownDescription": "The ARN of an IAM user profile in Amazon DataZone.", + "title": "Arn", "type": "string" } }, - "required": [ - "Ipv6Address" - ], "type": "object" }, - "AWS::EC2::NetworkInterface.Ipv4PrefixSpecification": { + "AWS::DataZone::UserProfile.SsoUserProfileDetails": { "additionalProperties": false, "properties": { - "Ipv4Prefix": { - "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", - "title": "Ipv4Prefix", + "FirstName": { + "markdownDescription": "The first name included in the single sign-on details of the user profile.", + "title": "FirstName", "type": "string" - } - }, - "required": [ - "Ipv4Prefix" - ], - "type": "object" - }, - "AWS::EC2::NetworkInterface.Ipv6PrefixSpecification": { - "additionalProperties": false, - "properties": { - "Ipv6Prefix": { - "markdownDescription": "The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "Ipv6Prefix", + }, + "LastName": { + "markdownDescription": "The last name included in the single sign-on details of the user profile.", + "title": "LastName", + "type": "string" + }, + "Username": { + "markdownDescription": "The username included in the single sign-on details of the user profile.", + "title": "Username", "type": "string" } }, - "required": [ - "Ipv6Prefix" - ], "type": "object" }, - "AWS::EC2::NetworkInterface.PrivateIpAddressSpecification": { + "AWS::DataZone::UserProfile.UserProfileDetails": { "additionalProperties": false, "properties": { - "Primary": { - "markdownDescription": "Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address.", - "title": "Primary", - "type": "boolean" + "Iam": { + "$ref": "#/definitions/AWS::DataZone::UserProfile.IamUserProfileDetails", + "markdownDescription": "The IAM details included in the user profile details.", + "title": "Iam" }, - "PrivateIpAddress": { - "markdownDescription": "The private IP address of the network interface.", - "title": "PrivateIpAddress", - "type": "string" + "Sso": { + "$ref": "#/definitions/AWS::DataZone::UserProfile.SsoUserProfileDetails", + "markdownDescription": "The single sign-on details included in the user profile details.", + "title": "Sso" } }, - "required": [ - "Primary", - "PrivateIpAddress" - ], "type": "object" }, - "AWS::EC2::NetworkInterfaceAttachment": { + "AWS::Deadline::Farm": { "additionalProperties": false, "properties": { "Condition": { @@ -75886,42 +83482,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Whether to delete the network interface when the instance terminates. By default, this value is set to `true` .", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "DeviceIndex": { - "markdownDescription": "The network interface's position in the attachment order. For example, the first attached network interface has a `DeviceIndex` of 0.", - "title": "DeviceIndex", + "Description": { + "markdownDescription": "A description of the farm that helps identify what the farm is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", "type": "string" }, - "EnaSrdSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification", - "markdownDescription": "Configures ENA Express for the network interface that this action attaches to the instance.", - "title": "EnaSrdSpecification" + "DisplayName": { + "markdownDescription": "The display name of the farm.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of the instance to which you will attach the ENI.", - "title": "InstanceId", + "KmsKeyArn": { + "markdownDescription": "The ARN for the KMS key.", + "title": "KmsKeyArn", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the ENI that you want to attach.", - "title": "NetworkInterfaceId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to your farm. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", + "title": "Tags", + "type": "array" } }, "required": [ - "DeviceIndex", - "InstanceId", - "NetworkInterfaceId" + "DisplayName" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInterfaceAttachment" + "AWS::Deadline::Farm" ], "type": "string" }, @@ -75940,34 +83532,7 @@ ], "type": "object" }, - "AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification": { - "additionalProperties": false, - "properties": { - "EnaSrdEnabled": { - "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", - "title": "EnaSrdEnabled", - "type": "boolean" - }, - "EnaSrdUdpSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification", - "markdownDescription": "Configures ENA Express for UDP network traffic.", - "title": "EnaSrdUdpSpecification" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification": { - "additionalProperties": false, - "properties": { - "EnaSrdUdpEnabled": { - "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", - "title": "EnaSrdUdpEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInterfacePermission": { + "AWS::Deadline::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -76002,32 +83567,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", + "Configuration": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetConfiguration", + "markdownDescription": "The configuration details for the fleet.", + "title": "Configuration" + }, + "Description": { + "markdownDescription": "A description that helps identify what the fleet is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", + "DisplayName": { + "markdownDescription": "The display name of the fleet summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", "type": "string" }, - "Permission": { - "markdownDescription": "The type of permission to grant: `INSTANCE-ATTACH` or `EIP-ASSOCIATE` .", - "title": "Permission", + "FarmId": { + "markdownDescription": "The farm ID.", + "title": "FarmId", + "type": "string" + }, + "HostConfiguration": { + "$ref": "#/definitions/AWS::Deadline::Fleet.HostConfiguration", + "markdownDescription": "Provides a script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet.\n\nTo remove a script from a fleet, use the [UpdateFleet](https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_UpdateFleet.html) operation with the `hostConfiguration` `scriptBody` parameter set to an empty string (\"\").", + "title": "HostConfiguration" + }, + "MaxWorkerCount": { + "markdownDescription": "The maximum number of workers specified in the fleet.", + "title": "MaxWorkerCount", + "type": "number" + }, + "MinWorkerCount": { + "markdownDescription": "The minimum number of workers in the fleet.", + "title": "MinWorkerCount", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The IAM role that workers in the fleet use when processing jobs.", + "title": "RoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to your fleet. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", + "title": "Tags", + "type": "array" } }, "required": [ - "AwsAccountId", - "NetworkInterfaceId", - "Permission" + "Configuration", + "DisplayName", + "FarmId", + "MaxWorkerCount", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInterfacePermission" + "AWS::Deadline::Fleet" ], "type": "string" }, @@ -76046,92 +83646,459 @@ ], "type": "object" }, - "AWS::EC2::NetworkPerformanceMetricSubscription": { + "AWS::Deadline::Fleet.AcceleratorCapabilities": { "additionalProperties": false, "properties": { - "Condition": { + "Count": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", + "markdownDescription": "The number of GPU accelerators specified for worker hosts in this fleet.", + "title": "Count" + }, + "Selections": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorSelection" + }, + "markdownDescription": "A list of accelerator capabilities requested for this fleet. Only Amazon Elastic Compute Cloud instances that provide these capabilities will be used. For example, if you specify both L4 and T4 chips, Deadline Cloud will use Amazon EC2 instances that have either the L4 or the T4 chip installed.", + "title": "Selections", + "type": "array" + } + }, + "required": [ + "Selections" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.AcceleratorCountRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of GPU accelerators in the worker host.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of GPU accelerators in the worker host.", + "title": "Min", + "type": "number" + } + }, + "required": [ + "Min" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.AcceleratorSelection": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the chip used by the GPU accelerator.\n\nIf you specify `l4` as the name of the accelerator, you must specify `latest` or `grid:r570` as the runtime.\n\nThe available GPU accelerators are:\n\n- `t4` - NVIDIA T4 Tensor Core GPU\n- `a10g` - NVIDIA A10G Tensor Core GPU\n- `l4` - NVIDIA L4 Tensor Core GPU\n- `l40s` - NVIDIA L40S Tensor Core GPU", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Runtime": { + "markdownDescription": "Specifies the runtime driver to use for the GPU accelerator. You must use the same runtime for all GPUs.\n\nYou can choose from the following runtimes:\n\n- `latest` - Use the latest runtime available for the chip. If you specify `latest` and a new version of the runtime is released, the new version of the runtime is used.\n- `grid:r570` - [NVIDIA vGPU software 18](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/18.0/index.html)\n- `grid:r535` - [NVIDIA vGPU software 16](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/16.0/index.html)\n\nIf you don't specify a runtime, Deadline Cloud uses `latest` as the default. However, if you have multiple accelerators and specify `latest` for some and leave others blank, Deadline Cloud raises an exception.", + "title": "Runtime", "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory to use for the accelerator, measured in MiB.", + "title": "Max", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Min": { + "markdownDescription": "The minimum amount of memory to use for the accelerator, measured in MiB.", + "title": "Min", + "type": "number" + } + }, + "required": [ + "Min" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.CustomerManagedFleetConfiguration": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The AWS Auto Scaling mode for the customer managed fleet configuration.", + "title": "Mode", + "type": "string" }, - "Metadata": { - "type": "object" + "StorageProfileId": { + "markdownDescription": "The storage profile ID.", + "title": "StorageProfileId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Destination": { - "markdownDescription": "The Region or Availability Zone that's the target for the subscription. For example, `eu-west-1` .", - "title": "Destination", - "type": "string" - }, - "Metric": { - "markdownDescription": "The metric used for the subscription.", - "title": "Metric", - "type": "string" - }, - "Source": { - "markdownDescription": "The Region or Availability Zone that's the source for the subscription. For example, `us-east-1` .", - "title": "Source", - "type": "string" - }, - "Statistic": { - "markdownDescription": "The statistic used for the subscription.", - "title": "Statistic", - "type": "string" - } + "TagPropagationMode": { + "markdownDescription": "Specifies whether tags associated with a fleet are attached to workers when the worker is launched.\n\nWhen the `tagPropagationMode` is set to `PROPAGATE_TAGS_TO_WORKERS_AT_LAUNCH` any tag associated with a fleet is attached to workers when they launch. If the tags for a fleet change, the tags associated with running workers *do not* change.\n\nIf you don't specify `tagPropagationMode` , the default is `NO_PROPAGATION` .", + "title": "TagPropagationMode", + "type": "string" + }, + "WorkerCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities", + "markdownDescription": "The worker capabilities for a customer managed fleet configuration.", + "title": "WorkerCapabilities" + } + }, + "required": [ + "Mode", + "WorkerCapabilities" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities": { + "additionalProperties": false, + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", + "markdownDescription": "The range of the accelerator.", + "title": "AcceleratorCount" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange", + "markdownDescription": "The total memory (MiB) for the customer managed worker capabilities.", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "items": { + "type": "string" }, - "required": [ - "Destination", - "Metric", - "Source", - "Statistic" - ], - "type": "object" + "markdownDescription": "The accelerator types for the customer managed worker capabilities.", + "title": "AcceleratorTypes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::NetworkPerformanceMetricSubscription" - ], + "CpuArchitectureType": { + "markdownDescription": "The CPU architecture type for the customer managed worker capabilities.", + "title": "CpuArchitectureType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CustomAmounts": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" + }, + "markdownDescription": "Custom requirement ranges for customer managed worker capabilities.", + "title": "CustomAmounts", + "type": "array" + }, + "CustomAttributes": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + }, + "markdownDescription": "Custom attributes for the customer manged worker capabilities.", + "title": "CustomAttributes", + "type": "array" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", + "markdownDescription": "The memory (MiB).", + "title": "MemoryMiB" + }, + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", "type": "string" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", + "markdownDescription": "The vCPU count for the customer manged worker capabilities.", + "title": "VCpuCount" } }, "required": [ - "Type", - "Properties" + "CpuArchitectureType", + "MemoryMiB", + "OsFamily", + "VCpuCount" ], "type": "object" }, - "AWS::EC2::PlacementGroup": { + "AWS::Deadline::Fleet.Ec2EbsVolume": { + "additionalProperties": false, + "properties": { + "Iops": { + "markdownDescription": "The IOPS per volume.", + "title": "Iops", + "type": "number" + }, + "SizeGiB": { + "markdownDescription": "The EBS volume size in GiB.", + "title": "SizeGiB", + "type": "number" + }, + "ThroughputMiB": { + "markdownDescription": "The throughput per volume in MiB.", + "title": "ThroughputMiB", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Deadline::Fleet.FleetAmountCapability": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of the fleet worker capability.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of fleet worker capability.", + "title": "Min", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the fleet capability.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Min", + "Name" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.FleetAttributeCapability": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the fleet attribute capability for the worker.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The number of fleet attribute capabilities.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.FleetCapabilities": { + "additionalProperties": false, + "properties": { + "Amounts": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" + }, + "markdownDescription": "Amount capabilities of the fleet.", + "title": "Amounts", + "type": "array" + }, + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + }, + "markdownDescription": "Attribute capabilities of the fleet.", + "title": "Attributes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Deadline::Fleet.FleetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomerManaged": { + "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedFleetConfiguration", + "markdownDescription": "The customer managed fleets within a fleet configuration.", + "title": "CustomerManaged" + }, + "ServiceManagedEc2": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration", + "markdownDescription": "The service managed Amazon EC2 instances for a fleet configuration.", + "title": "ServiceManagedEc2" + } + }, + "type": "object" + }, + "AWS::Deadline::Fleet.HostConfiguration": { + "additionalProperties": false, + "properties": { + "ScriptBody": { + "markdownDescription": "The text of the script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet. The script runs after a worker enters the `STARTING` state and before the worker processes tasks.\n\nFor more information about using the script, see [Run scripts as an administrator to configure workers](https://docs.aws.amazon.com/deadline-cloud/latest/developerguide/smf-admin.html) in the *Deadline Cloud Developer Guide* .\n\n> The script runs as an administrative user ( `sudo root` on Linux, as an Administrator on Windows).", + "title": "ScriptBody", + "type": "string" + }, + "ScriptTimeoutSeconds": { + "markdownDescription": "The maximum time that the host configuration can run. If the timeout expires, the worker enters the `NOT RESPONDING` state and shuts down. You are charged for the time that the worker is running the host configuration script.\n\n> You should configure your fleet for a maximum of one worker while testing your host configuration script to avoid starting additional workers. \n\nThe default is 300 seconds (5 minutes).", + "title": "ScriptTimeoutSeconds", + "type": "number" + } + }, + "required": [ + "ScriptBody" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.MemoryMiBRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory (in MiB).", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory (in MiB).", + "title": "Min", + "type": "number" + } + }, + "required": [ + "Min" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration": { + "additionalProperties": false, + "properties": { + "InstanceCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities", + "markdownDescription": "The Amazon EC2 instance capabilities.", + "title": "InstanceCapabilities" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions", + "markdownDescription": "The Amazon EC2 market type.", + "title": "InstanceMarketOptions" + }, + "StorageProfileId": { + "markdownDescription": "The storage profile ID.", + "title": "StorageProfileId", + "type": "string" + } + }, + "required": [ + "InstanceCapabilities", + "InstanceMarketOptions" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities": { + "additionalProperties": false, + "properties": { + "AcceleratorCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCapabilities", + "markdownDescription": "Describes the GPU accelerator capabilities required for worker host instances in this fleet.", + "title": "AcceleratorCapabilities" + }, + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The allowable Amazon EC2 instance types.", + "title": "AllowedInstanceTypes", + "type": "array" + }, + "CpuArchitectureType": { + "markdownDescription": "The CPU architecture type.", + "title": "CpuArchitectureType", + "type": "string" + }, + "CustomAmounts": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" + }, + "markdownDescription": "The custom capability amounts to require for instances in this fleet.", + "title": "CustomAmounts", + "type": "array" + }, + "CustomAttributes": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + }, + "markdownDescription": "The custom capability attributes to require for instances in this fleet.", + "title": "CustomAttributes", + "type": "array" + }, + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude from the fleet.", + "title": "ExcludedInstanceTypes", + "type": "array" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", + "markdownDescription": "The memory, as MiB, for the Amazon EC2 instance type.", + "title": "MemoryMiB" + }, + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", + "type": "string" + }, + "RootEbsVolume": { + "$ref": "#/definitions/AWS::Deadline::Fleet.Ec2EbsVolume", + "markdownDescription": "The root EBS volume.", + "title": "RootEbsVolume" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", + "markdownDescription": "The amount of vCPU to require for instances in this fleet.", + "title": "VCpuCount" + } + }, + "required": [ + "CpuArchitectureType", + "MemoryMiB", + "OsFamily", + "VCpuCount" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The Amazon EC2 instance type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.VCpuCountRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of vCPU.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of vCPU.", + "title": "Min", + "type": "number" + } + }, + "required": [ + "Min" + ], + "type": "object" + }, + "AWS::Deadline::LicenseEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -76166,35 +84133,46 @@ "Properties": { "additionalProperties": false, "properties": { - "PartitionCount": { - "markdownDescription": "The number of partitions. Valid only when *Strategy* is set to `partition` .", - "title": "PartitionCount", - "type": "number" - }, - "SpreadLevel": { - "markdownDescription": "Determines how placement groups spread instances.\n\n- Host \u2013 You can use `host` only with Outpost placement groups.\n- Rack \u2013 No usage restrictions.", - "title": "SpreadLevel", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifier of the Amazon EC2 security group that controls access to the license endpoint.", + "title": "SecurityGroupIds", + "type": "array" }, - "Strategy": { - "markdownDescription": "The placement strategy.", - "title": "Strategy", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Identifies the VPC subnets that can connect to a license endpoint.", + "title": "SubnetIds", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the new placement group.", + "markdownDescription": "The tags to add to your license endpoint. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", "title": "Tags", "type": "array" + }, + "VpcId": { + "markdownDescription": "The VCP(virtual private cloud) ID associated with the license endpoint.", + "title": "VpcId", + "type": "string" } }, + "required": [ + "SecurityGroupIds", + "SubnetIds", + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::PlacementGroup" + "AWS::Deadline::LicenseEndpoint" ], "type": "string" }, @@ -76208,11 +84186,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::PrefixList": { + "AWS::Deadline::Limit": { "additionalProperties": false, "properties": { "Condition": { @@ -76247,47 +84226,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AddressFamily": { - "markdownDescription": "The IP address type.\n\nValid Values: `IPv4` | `IPv6`", - "title": "AddressFamily", + "AmountRequirementName": { + "markdownDescription": "The value that you specify as the `name` in the `amounts` field of the `hostRequirements` in a step of a job template to declare the limit requirement.", + "title": "AmountRequirementName", "type": "string" }, - "Entries": { - "items": { - "$ref": "#/definitions/AWS::EC2::PrefixList.Entry" - }, - "markdownDescription": "The entries for the prefix list.", - "title": "Entries", - "type": "array" + "Description": { + "markdownDescription": "A description of the limit. A clear description helps you identify the purpose of the limit.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", + "type": "string" }, - "MaxEntries": { - "markdownDescription": "The maximum number of entries for the prefix list. You can't modify the entries and the size of a prefix list at the same time.\n\nThis property is required when you create a prefix list.", - "title": "MaxEntries", - "type": "number" + "DisplayName": { + "markdownDescription": "The name of the limit used in lists to identify the limit.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" }, - "PrefixListName": { - "markdownDescription": "A name for the prefix list.\n\nConstraints: Up to 255 characters in length. The name cannot start with `com.amazonaws` .", - "title": "PrefixListName", + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the limit.", + "title": "FarmId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the prefix list.", - "title": "Tags", - "type": "array" + "MaxCount": { + "markdownDescription": "The maximum number of resources constrained by this limit. When all of the resources are in use, steps that require the limit won't be scheduled until the resource is available.\n\nThe `maxValue` must not be 0. If the value is -1, there is no restriction on the number of resources that can be acquired for this limit.", + "title": "MaxCount", + "type": "number" } }, "required": [ - "AddressFamily", - "PrefixListName" + "AmountRequirementName", + "DisplayName", + "FarmId", + "MaxCount" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::PrefixList" + "AWS::Deadline::Limit" ], "type": "string" }, @@ -76306,26 +84281,7 @@ ], "type": "object" }, - "AWS::EC2::PrefixList.Entry": { - "additionalProperties": false, - "properties": { - "Cidr": { - "markdownDescription": "The CIDR block.", - "title": "Cidr", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the entry.\n\nConstraints: Up to 255 characters in length.", - "title": "Description", - "type": "string" - } - }, - "required": [ - "Cidr" - ], - "type": "object" - }, - "AWS::EC2::Route": { + "AWS::Deadline::MeteredProduct": { "additionalProperties": false, "properties": { "Condition": { @@ -76360,90 +84316,22 @@ "Properties": { "additionalProperties": false, "properties": { - "CarrierGatewayId": { - "markdownDescription": "The ID of the carrier gateway.\n\nYou can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone.", - "title": "CarrierGatewayId", - "type": "string" - }, - "CoreNetworkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the core network.", - "title": "CoreNetworkArn", - "type": "string" - }, - "DestinationCidrBlock": { - "markdownDescription": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .", - "title": "DestinationCidrBlock", - "type": "string" - }, - "DestinationIpv6CidrBlock": { - "markdownDescription": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.", - "title": "DestinationIpv6CidrBlock", - "type": "string" - }, - "DestinationPrefixListId": { - "markdownDescription": "The ID of a prefix list used for the destination match.", - "title": "DestinationPrefixListId", - "type": "string" - }, - "EgressOnlyInternetGatewayId": { - "markdownDescription": "[IPv6 traffic only] The ID of an egress-only internet gateway.", - "title": "EgressOnlyInternetGatewayId", - "type": "string" - }, - "GatewayId": { - "markdownDescription": "The ID of an internet gateway or virtual private gateway attached to your VPC.", - "title": "GatewayId", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.", - "title": "InstanceId", - "type": "string" - }, - "LocalGatewayId": { - "markdownDescription": "The ID of the local gateway.", - "title": "LocalGatewayId", - "type": "string" - }, - "NatGatewayId": { - "markdownDescription": "[IPv4 traffic only] The ID of a NAT gateway.", - "title": "NatGatewayId", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of a network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "RouteTableId": { - "markdownDescription": "The ID of the route table for the route.", - "title": "RouteTableId", - "type": "string" - }, - "TransitGatewayId": { - "markdownDescription": "The ID of a transit gateway.", - "title": "TransitGatewayId", - "type": "string" - }, - "VpcEndpointId": { - "markdownDescription": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.", - "title": "VpcEndpointId", + "LicenseEndpointId": { + "markdownDescription": "The Amazon EC2 identifier of the license endpoint.", + "title": "LicenseEndpointId", "type": "string" }, - "VpcPeeringConnectionId": { - "markdownDescription": "The ID of a VPC peering connection.", - "title": "VpcPeeringConnectionId", + "ProductId": { + "markdownDescription": "The product ID.", + "title": "ProductId", "type": "string" } }, - "required": [ - "RouteTableId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Route" + "AWS::Deadline::MeteredProduct" ], "type": "string" }, @@ -76457,12 +84345,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::RouteTable": { + "AWS::Deadline::Monitor": { "additionalProperties": false, "properties": { "Condition": { @@ -76497,28 +84384,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the route table.", - "title": "Tags", - "type": "array" + "DisplayName": { + "markdownDescription": "The name of the monitor that displays on the Deadline Cloud console.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "IdentityCenterInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance responsible for authenticating monitor users.", + "title": "IdentityCenterInstanceArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the monitor. Users of the monitor use this role to access Deadline Cloud resources.", + "title": "RoleArn", + "type": "string" + }, + "Subdomain": { + "markdownDescription": "The subdomain used for the monitor URL. The full URL of the monitor is subdomain.Region.deadlinecloud.amazonaws.com.", + "title": "Subdomain", "type": "string" } }, "required": [ - "VpcId" + "DisplayName", + "IdentityCenterInstanceArn", + "RoleArn", + "Subdomain" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::RouteTable" + "AWS::Deadline::Monitor" ], "type": "string" }, @@ -76537,7 +84434,7 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroup": { + "AWS::Deadline::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -76572,54 +84469,75 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupDescription": { - "markdownDescription": "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", - "title": "GroupDescription", + "AllowedStorageProfileIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems.", + "title": "AllowedStorageProfileIds", + "type": "array" + }, + "DefaultBudgetAction": { + "markdownDescription": "The default action taken on a queue summary if a budget wasn't configured.", + "title": "DefaultBudgetAction", "type": "string" }, - "GroupName": { - "markdownDescription": "The name of the security group. Names are case-insensitive and must be unique within the VPC.\n\nConstraints: Up to 255 characters in length. Can't start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", - "title": "GroupName", + "Description": { + "markdownDescription": "A description of the queue that helps identify what the queue is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", "type": "string" }, - "SecurityGroupEgress": { - "items": { - "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" - }, - "markdownDescription": "The outbound rules associated with the security group.", - "title": "SecurityGroupEgress", - "type": "array" + "DisplayName": { + "markdownDescription": "The display name of the queue summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" }, - "SecurityGroupIngress": { + "FarmId": { + "markdownDescription": "The farm ID.", + "title": "FarmId", + "type": "string" + }, + "JobAttachmentSettings": { + "$ref": "#/definitions/AWS::Deadline::Queue.JobAttachmentSettings", + "markdownDescription": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix.", + "title": "JobAttachmentSettings" + }, + "JobRunAsUser": { + "$ref": "#/definitions/AWS::Deadline::Queue.JobRunAsUser", + "markdownDescription": "Identifies the user for a job.", + "title": "JobRunAsUser" + }, + "RequiredFileSystemLocationNames": { "items": { - "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" + "type": "string" }, - "markdownDescription": "The inbound rules associated with the security group.", - "title": "SecurityGroupIngress", + "markdownDescription": "The file system location that the queue uses.", + "title": "RequiredFileSystemLocationNames", "type": "array" }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue.", + "title": "RoleArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the security group.", + "markdownDescription": "The tags to add to your queue. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.", - "title": "VpcId", - "type": "string" } }, "required": [ - "GroupDescription" + "DisplayName", + "FarmId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroup" + "AWS::Deadline::Queue" ], "type": "string" }, @@ -76638,115 +84556,91 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroup.Egress": { + "AWS::Deadline::Queue.JobAttachmentSettings": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", - "type": "string" - }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", - "type": "string" - }, - "DestinationPrefixListId": { - "markdownDescription": "The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationPrefixListId", - "type": "string" - }, - "DestinationSecurityGroupId": { - "markdownDescription": "The ID of the destination VPC security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationSecurityGroupId", + "RootPrefix": { + "markdownDescription": "The root prefix.", + "title": "RootPrefix", "type": "string" }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" - }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", + "S3BucketName": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3BucketName", "type": "string" - }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" } }, "required": [ - "IpProtocol" + "RootPrefix", + "S3BucketName" ], "type": "object" }, - "AWS::EC2::SecurityGroup.Ingress": { + "AWS::Deadline::Queue.JobRunAsUser": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", - "type": "string" - }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", - "type": "string" - }, - "Description": { - "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", - "type": "string" - }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" + "Posix": { + "$ref": "#/definitions/AWS::Deadline::Queue.PosixUser", + "markdownDescription": "The user and group that the jobs in the queue run as.", + "title": "Posix" }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", + "RunAs": { + "markdownDescription": "Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user.", + "title": "RunAs", "type": "string" }, - "SourcePrefixListId": { - "markdownDescription": "The ID of a prefix list.", - "title": "SourcePrefixListId", + "Windows": { + "$ref": "#/definitions/AWS::Deadline::Queue.WindowsUser", + "markdownDescription": "Identifies a Microsoft Windows user.", + "title": "Windows" + } + }, + "required": [ + "RunAs" + ], + "type": "object" + }, + "AWS::Deadline::Queue.PosixUser": { + "additionalProperties": false, + "properties": { + "Group": { + "markdownDescription": "The name of the POSIX user's group.", + "title": "Group", "type": "string" }, - "SourceSecurityGroupId": { - "markdownDescription": "The ID of the security group.", - "title": "SourceSecurityGroupId", + "User": { + "markdownDescription": "The name of the POSIX user.", + "title": "User", "type": "string" - }, - "SourceSecurityGroupName": { - "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", - "title": "SourceSecurityGroupName", + } + }, + "required": [ + "Group", + "User" + ], + "type": "object" + }, + "AWS::Deadline::Queue.WindowsUser": { + "additionalProperties": false, + "properties": { + "PasswordArn": { + "markdownDescription": "The password ARN for the Windows user.", + "title": "PasswordArn", "type": "string" }, - "SourceSecurityGroupOwnerId": { - "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", - "title": "SourceSecurityGroupOwnerId", + "User": { + "markdownDescription": "The user.", + "title": "User", "type": "string" - }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" } }, "required": [ - "IpProtocol" + "PasswordArn", + "User" ], "type": "object" }, - "AWS::EC2::SecurityGroupEgress": { + "AWS::Deadline::QueueEnvironment": { "additionalProperties": false, "properties": { "Condition": { @@ -76781,61 +84675,44 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", + "FarmId": { + "markdownDescription": "The identifier assigned to the farm that contains the queue.", + "title": "FarmId", "type": "string" }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", - "type": "string" + "Priority": { + "markdownDescription": "The queue environment's priority.", + "title": "Priority", + "type": "number" }, - "Description": { - "markdownDescription": "The description of an egress (outbound) security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", + "QueueId": { + "markdownDescription": "The unique identifier of the queue that contains the environment.", + "title": "QueueId", "type": "string" }, - "DestinationPrefixListId": { - "markdownDescription": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationPrefixListId", + "Template": { + "markdownDescription": "A JSON or YAML template that describes the processing environment for the queue.", + "title": "Template", "type": "string" }, - "DestinationSecurityGroupId": { - "markdownDescription": "The ID of the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationSecurityGroupId", - "type": "string" - }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" - }, - "GroupId": { - "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.", - "title": "GroupId", - "type": "string" - }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", + "TemplateType": { + "markdownDescription": "Specifies whether the template for the queue environment is JSON or YAML.", + "title": "TemplateType", "type": "string" - }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" } }, "required": [ - "GroupId", - "IpProtocol" + "FarmId", + "Priority", + "QueueId", + "Template", + "TemplateType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroupEgress" + "AWS::Deadline::QueueEnvironment" ], "type": "string" }, @@ -76854,7 +84731,7 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroupIngress": { + "AWS::Deadline::QueueFleetAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -76889,75 +84766,32 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", - "type": "string" - }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", - "type": "string" - }, - "Description": { - "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", - "type": "string" - }, - "FromPort": { - "markdownDescription": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", - "title": "FromPort", - "type": "number" - }, - "GroupId": { - "markdownDescription": "The ID of the security group.", - "title": "GroupId", - "type": "string" - }, - "GroupName": { - "markdownDescription": "[Default VPC] The name of the security group. For security groups for a default VPC you can specify either the ID or the name of the security group. For security groups for a nondefault VPC, you must specify the ID of the security group.", - "title": "GroupName", - "type": "string" - }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", - "type": "string" - }, - "SourcePrefixListId": { - "markdownDescription": "The ID of a prefix list.", - "title": "SourcePrefixListId", - "type": "string" - }, - "SourceSecurityGroupId": { - "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", - "title": "SourceSecurityGroupId", + "FarmId": { + "markdownDescription": "The identifier of the farm that contains the queue and the fleet.", + "title": "FarmId", "type": "string" }, - "SourceSecurityGroupName": { - "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", - "title": "SourceSecurityGroupName", + "FleetId": { + "markdownDescription": "The fleet ID.", + "title": "FleetId", "type": "string" }, - "SourceSecurityGroupOwnerId": { - "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", - "title": "SourceSecurityGroupOwnerId", + "QueueId": { + "markdownDescription": "The queue ID.", + "title": "QueueId", "type": "string" - }, - "ToPort": { - "markdownDescription": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", - "title": "ToPort", - "type": "number" } }, "required": [ - "IpProtocol" + "FarmId", + "FleetId", + "QueueId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroupIngress" + "AWS::Deadline::QueueFleetAssociation" ], "type": "string" }, @@ -76976,7 +84810,7 @@ ], "type": "object" }, - "AWS::EC2::SnapshotBlockPublicAccess": { + "AWS::Deadline::QueueLimitAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -77011,20 +84845,32 @@ "Properties": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The mode in which to enable block public access for snapshots for the Region. Specify one of the following values:\n\n- `block-all-sharing` - Prevents all public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. Additionally, snapshots that are already publicly shared are treated as private and they are no longer publicly available.\n\n> If you enable block public access for snapshots in `block-all-sharing` mode, it does not change the permissions for snapshots that are already publicly shared. Instead, it prevents these snapshots from be publicly visible and publicly accessible. Therefore, the attributes for these snapshots still indicate that they are publicly shared, even though they are not publicly available.\n- `block-new-sharing` - Prevents only new public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. However, snapshots that are already publicly shared, remain publicly available.", - "title": "State", + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the queue-limit association.", + "title": "FarmId", + "type": "string" + }, + "LimitId": { + "markdownDescription": "The unique identifier of the limit in the association.", + "title": "LimitId", + "type": "string" + }, + "QueueId": { + "markdownDescription": "The unique identifier of the queue in the association.", + "title": "QueueId", "type": "string" } }, "required": [ - "State" + "FarmId", + "LimitId", + "QueueId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SnapshotBlockPublicAccess" + "AWS::Deadline::QueueLimitAssociation" ], "type": "string" }, @@ -77043,7 +84889,7 @@ ], "type": "object" }, - "AWS::EC2::SpotFleet": { + "AWS::Deadline::StorageProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -77078,20 +84924,40 @@ "Properties": { "additionalProperties": false, "properties": { - "SpotFleetRequestConfigData": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetRequestConfigData", - "markdownDescription": "Describes the configuration of a Spot Fleet request.", - "title": "SpotFleetRequestConfigData" + "DisplayName": { + "markdownDescription": "The display name of the storage profile summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" + }, + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the storage profile.", + "title": "FarmId", + "type": "string" + }, + "FileSystemLocations": { + "items": { + "$ref": "#/definitions/AWS::Deadline::StorageProfile.FileSystemLocation" + }, + "markdownDescription": "Operating system specific file system path to the storage location.", + "title": "FileSystemLocations", + "type": "array" + }, + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", + "type": "string" } }, "required": [ - "SpotFleetRequestConfigData" + "DisplayName", + "FarmId", + "OsFamily" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SpotFleet" + "AWS::Deadline::StorageProfile" ], "type": "string" }, @@ -77110,979 +84976,801 @@ ], "type": "object" }, - "AWS::EC2::SpotFleet.AcceleratorCountRequest": { + "AWS::Deadline::StorageProfile.FileSystemLocation": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" + "Name": { + "markdownDescription": "The location name.", + "title": "Name", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Path": { + "markdownDescription": "The file path.", + "title": "Path", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "Type": { + "markdownDescription": "The type of file.", + "title": "Type", + "type": "string" } }, + "required": [ + "Name", + "Path", + "Type" + ], "type": "object" }, - "AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest": { + "AWS::Detective::Graph": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Condition": { + "type": "string" }, - "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.BlockDeviceMapping": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "DeviceName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.EbsBlockDevice", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", - "title": "Ebs" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", - "title": "NoDevice", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoEnableMembers": { + "markdownDescription": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.\n\nBy default, this property is set to `false` . If you want to change the value of this property, you must be the Detective administrator for the organization. For more information on setting a Detective administrator account, see [AWS::Detective::OrganizationAdmin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-detective-organizationadmin.html) .", + "title": "AutoEnableMembers", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tag values to assign to the new behavior graph.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Detective::Graph" + ], "type": "string" }, - "VirtualName": { - "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", - "title": "VirtualName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DeviceName" + "Type" ], "type": "object" }, - "AWS::EC2::SpotFleet.ClassicLoadBalancer": { + "AWS::Detective::MemberInvitation": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the load balancer.", - "title": "Name", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DisableEmailNotification": { + "markdownDescription": "Whether to send an invitation email to the member account. If set to true, the member account does not receive an invitation email.", + "title": "DisableEmailNotification", + "type": "boolean" + }, + "GraphArn": { + "markdownDescription": "The ARN of the behavior graph to invite the account to contribute data to.", + "title": "GraphArn", + "type": "string" + }, + "MemberEmailAddress": { + "markdownDescription": "The root user email address of the invited account. If the email address provided is not the root user email address for the provided account, the invitation creation fails.", + "title": "MemberEmailAddress", + "type": "string" + }, + "MemberId": { + "markdownDescription": "The AWS account identifier of the invited account", + "title": "MemberId", + "type": "string" + }, + "Message": { + "markdownDescription": "Customized text to include in the invitation email message.", + "title": "Message", + "type": "string" + } + }, + "required": [ + "GraphArn", + "MemberEmailAddress", + "MemberId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Detective::MemberInvitation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::SpotFleet.ClassicLoadBalancersConfig": { + "AWS::Detective::OrganizationAdmin": { "additionalProperties": false, "properties": { - "ClassicLoadBalancers": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancer" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The AWS account identifier of the account to designate as the Detective administrator account for the organization.", + "title": "AccountId", + "type": "string" + } }, - "markdownDescription": "One or more Classic Load Balancers.", - "title": "ClassicLoadBalancers", - "type": "array" + "required": [ + "AccountId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Detective::OrganizationAdmin" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ClassicLoadBalancers" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::SpotFleet.EbsBlockDevice": { + "AWS::DevOpsGuru::LogAnomalyDetectionIntegration": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", - "title": "DeleteOnTermination", - "type": "boolean" + "Condition": { + "type": "string" }, - "Encrypted": { - "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\nThis parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", - "title": "Encrypted", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", - "title": "Iops", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.", - "title": "SnapshotId", - "type": "string" + "Metadata": { + "type": "object" }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "VolumeSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": {}, + "type": "object" }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", - "title": "VolumeType", + "Type": { + "enum": [ + "AWS::DevOpsGuru::LogAnomalyDetectionIntegration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification": { + "AWS::DevOpsGuru::NotificationChannel": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", - "title": "LaunchTemplateId", + "Condition": { "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", - "title": "LaunchTemplateName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", - "title": "Version", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Config": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig", + "markdownDescription": "A `NotificationChannelConfig` object that contains information about configured notification channels.", + "title": "Config" + } + }, + "required": [ + "Config" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DevOpsGuru::NotificationChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Version" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::SpotFleet.GroupIdentifier": { + "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { "additionalProperties": false, "properties": { - "GroupId": { - "markdownDescription": "The ID of the security group.", - "title": "GroupId", - "type": "string" + "Filters": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig", + "markdownDescription": "The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity.", + "title": "Filters" + }, + "Sns": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig", + "markdownDescription": "Information about a notification channel configured in DevOps Guru to send notifications when insights are created.\n\nIf you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) .\n\nIf you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS\u2013encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) .", + "title": "Sns" } }, - "required": [ - "GroupId" - ], "type": "object" }, - "AWS::EC2::SpotFleet.IamInstanceProfileSpecification": { + "AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", - "title": "Arn", - "type": "string" + "MessageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created.", + "title": "MessageTypes", + "type": "array" + }, + "Severities": { + "items": { + "type": "string" + }, + "markdownDescription": "The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) .", + "title": "Severities", + "type": "array" } }, "type": "object" }, - "AWS::EC2::SpotFleet.InstanceIpv6Address": { + "AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "The IPv6 address.", - "title": "Ipv6Address", + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.", + "title": "TopicArn", "type": "string" } }, - "required": [ - "Ipv6Address" - ], "type": "object" }, - "AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification": { + "AWS::DevOpsGuru::ResourceCollection": { "additionalProperties": false, "properties": { - "AssociatePublicIpAddress": { - "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Description": { - "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Description", + "Condition": { "type": "string" }, - "DeviceIndex": { - "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you specify a network interface when launching an instance, you must specify the device index.", - "title": "DeviceIndex", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Groups", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Ipv6AddressCount": { - "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6AddressCount", - "type": "number" + "Metadata": { + "type": "object" }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceIpv6Address" + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceCollectionFilter": { + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter", + "markdownDescription": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru.", + "title": "ResourceCollectionFilter" + } }, - "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6Addresses", - "type": "array" + "required": [ + "ResourceCollectionFilter" + ], + "type": "object" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.\n\nIf you are creating a Spot Fleet, omit this parameter because you can\u2019t specify a network interface ID in a launch specification.", - "title": "NetworkInterfaceId", + "Type": { + "enum": [ + "AWS::DevOpsGuru::ResourceCollection" + ], "type": "string" }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.PrivateIpAddressSpecification" - }, - "markdownDescription": "The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses. You can\u2019t specify this parameter and also specify a secondary private IP address using the `PrivateIpAddress` parameter.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet associated with the network interface.", - "title": "SubnetId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::SpotFleet.InstanceRequirementsRequest": { + "AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorCountRequest", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" - }, - "AcceleratorNames": { + "StackNames": { "items": { "type": "string" }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", + "markdownDescription": "An array of CloudFormation stack names.", + "title": "StackNames", "type": "array" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter": { + "additionalProperties": false, + "properties": { + "CloudFormation": { + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter", + "markdownDescription": "Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* .", + "title": "CloudFormation" }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" - }, - "AcceleratorTypes": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.TagCollection" }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", + "markdownDescription": "The AWS tags used to filter the resources in the resource collection.\n\nTags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper.\n\nEach AWS tag has two parts.\n\n- A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive.\n- A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified.\n\nTogether these are known as *key* - *value* pairs.\n\n> The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", + "title": "Tags", "type": "array" + } + }, + "type": "object" + }, + "AWS::DevOpsGuru::ResourceCollection.TagCollection": { + "additionalProperties": false, + "properties": { + "AppBoundaryKey": { + "markdownDescription": "An AWS tag *key* that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this *key* make up your DevOps Guru application and analysis boundary.\n\n> When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", + "title": "AppBoundaryKey", + "type": "string" }, - "AllowedInstanceTypes": { + "TagValues": { "items": { "type": "string" }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", + "markdownDescription": "The values in an AWS tag collection.\n\nThe tag's *value* is a field used to associate a string with the tag *key* (for example, `111122223333` , `Production` , or a team name). The *key* and *value* are the tag's *key* pair. Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. You can specify a maximum of 256 characters for a tag value. The tag value is a required property when *AppBoundaryKey* is specified.", + "title": "TagValues", "type": "array" - }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", + } + }, + "type": "object" + }, + "AWS::DirectoryService::MicrosoftAD": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" - }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" + "Metadata": { + "type": "object" }, - "InstanceGenerations": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CreateAlias": { + "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, AWS CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", + "title": "CreateAlias", + "type": "boolean" + }, + "Edition": { + "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", + "title": "Edition", + "type": "string" + }, + "EnableSso": { + "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", + "title": "EnableSso", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", + "title": "Name", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", + "title": "Password", + "type": "string" + }, + "ShortName": { + "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", + "title": "ShortName", + "type": "string" + }, + "VpcSettings": { + "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", + "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", + "title": "VpcSettings" + } }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", - "type": "array" + "required": [ + "Name", + "Password", + "VpcSettings" + ], + "type": "object" }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", + "Type": { + "enum": [ + "AWS::DirectoryService::MicrosoftAD" + ], "type": "string" }, - "LocalStorageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", - "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest", - "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkInterfaceCountRequest", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TotalLocalStorageGBRequest", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.VCpuCountRangeRequest", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::SpotFleet.LaunchTemplateConfig": { + "AWS::DirectoryService::MicrosoftAD.VpcSettings": { "additionalProperties": false, "properties": { - "LaunchTemplateSpecification": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification", - "markdownDescription": "The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet.", - "title": "LaunchTemplateSpecification" - }, - "Overrides": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateOverrides" + "type": "string" }, - "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.", - "title": "Overrides", + "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", + "title": "SubnetIds", "type": "array" + }, + "VpcId": { + "markdownDescription": "The identifier of the VPC in which to create the directory.", + "title": "VpcId", + "type": "string" } }, + "required": [ + "SubnetIds", + "VpcId" + ], "type": "object" }, - "AWS::EC2::SpotFleet.LaunchTemplateOverrides": { + "AWS::DirectoryService::SimpleAD": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to launch the instances.", - "title": "AvailabilityZone", - "type": "string" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", - "markdownDescription": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type.", - "title": "InstanceType", + "Condition": { "type": "string" }, - "Priority": { - "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", - "title": "Priority", - "type": "number" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which to launch the instances.", - "title": "SubnetId", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.LoadBalancersConfig": { - "additionalProperties": false, - "properties": { - "ClassicLoadBalancersConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancersConfig", - "markdownDescription": "The Classic Load Balancers.", - "title": "ClassicLoadBalancersConfig" - }, - "TargetGroupsConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroupsConfig", - "markdownDescription": "The target groups.", - "title": "TargetGroupsConfig" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.MemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.NetworkInterfaceCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.PrivateIpAddressSpecification": { - "additionalProperties": false, - "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", - "type": "string" - } - }, - "required": [ - "PrivateIpAddress" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotCapacityRebalance": { - "additionalProperties": false, - "properties": { - "ReplacementStrategy": { - "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", - "title": "ReplacementStrategy", - "type": "string" - }, - "TerminationDelay": { - "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", - "title": "TerminationDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetLaunchSpecification": { - "additionalProperties": false, - "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.BlockDeviceMapping" - }, - "markdownDescription": "One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.\n\nDefault: `false`", - "title": "EbsOptimized", - "type": "boolean" - }, - "IamInstanceProfile": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.IamInstanceProfileSpecification", - "markdownDescription": "The IAM instance profile.", - "title": "IamInstanceProfile" - }, - "ImageId": { - "markdownDescription": "The ID of the AMI.", - "title": "ImageId", - "type": "string" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type.", - "title": "InstanceType", - "type": "string" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.", - "title": "KernelId", - "type": "string" - }, - "KeyName": { - "markdownDescription": "The name of the key pair.", - "title": "KeyName", - "type": "string" - }, - "Monitoring": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetMonitoring", - "markdownDescription": "Enable or disable monitoring for the instances.", - "title": "Monitoring" - }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification" - }, - "markdownDescription": "The network interfaces.", - "title": "NetworkInterfaces", - "type": "array" - }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotPlacement", - "markdownDescription": "The placement information.", - "title": "Placement" - }, - "RamdiskId": { - "markdownDescription": "The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.", - "title": "RamdiskId", - "type": "string" - }, - "SecurityGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.GroupIdentifier" - }, - "markdownDescription": "The security groups.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", - "title": "SecurityGroups", - "type": "array" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", - "title": "SubnetId", - "type": "string" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" - }, - "markdownDescription": "The tags to apply during creation.", - "title": "TagSpecifications", - "type": "array" - }, - "UserData": { - "markdownDescription": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.", - "title": "UserData", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "required": [ - "ImageId" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetMonitoring": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables monitoring for the instance.\n\nDefault: `false`", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetRequestConfigData": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* .\n\n- **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.\n- **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity.\n- **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify.\n- **lowestPrice (not recommended)** - > We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. \n\nSpot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates.\n\nDefault: `lowestPrice`", - "title": "AllocationStrategy", - "type": "string" - }, - "Context": { - "markdownDescription": "Reserved.", - "title": "Context", - "type": "string" - }, - "ExcessCapacityTerminationPolicy": { - "markdownDescription": "Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.\n\nSupported only for fleets of type `maintain` .", - "title": "ExcessCapacityTerminationPolicy", - "type": "string" - }, - "IamFleetRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` .", - "title": "IamFleetRole", - "type": "string" - }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", - "title": "InstanceInterruptionBehavior", - "type": "string" - }, - "InstancePoolsToUseCount": { - "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", - "title": "InstancePoolsToUseCount", - "type": "number" - }, - "LaunchSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetLaunchSpecification" - }, - "markdownDescription": "The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` .", - "title": "LaunchSpecifications", - "type": "array" - }, - "LaunchTemplateConfigs": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateConfig" - }, - "markdownDescription": "The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` .", - "title": "LaunchTemplateConfigs", - "type": "array" - }, - "LoadBalancersConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LoadBalancersConfig", - "markdownDescription": "One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.\n\nWith Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.", - "title": "LoadBalancersConfig" - }, - "OnDemandAllocationStrategy": { - "markdownDescription": "The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` .", - "title": "OnDemandAllocationStrategy", - "type": "string" - }, - "OnDemandMaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "OnDemandMaxTotalPrice", - "type": "string" - }, - "OnDemandTargetCapacity": { - "markdownDescription": "The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", - "title": "OnDemandTargetCapacity", - "type": "number" - }, - "ReplaceUnhealthyInstances": { - "markdownDescription": "Indicates whether Spot Fleet should replace unhealthy instances.", - "title": "ReplaceUnhealthyInstances", - "type": "boolean" - }, - "SpotMaintenanceStrategies": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotMaintenanceStrategies", - "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", - "title": "SpotMaintenanceStrategies" - }, - "SpotMaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "SpotMaxTotalPrice", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" + "Metadata": { + "type": "object" }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + "Properties": { + "additionalProperties": false, + "properties": { + "CreateAlias": { + "markdownDescription": "If set to `true` , specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, this property is set to `false` .\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", + "title": "CreateAlias", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description for the directory.", + "title": "Description", + "type": "string" + }, + "EnableSso": { + "markdownDescription": "Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", + "title": "EnableSso", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The fully qualified name for the directory, such as `corp.example.com` .", + "title": "Name", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the directory administrator. The directory creation process creates a directory administrator account with the user name `Administrator` and this password.\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", + "title": "Password", + "type": "string" + }, + "ShortName": { + "markdownDescription": "The NetBIOS name of the directory, such as `CORP` .", + "title": "ShortName", + "type": "string" + }, + "Size": { + "markdownDescription": "The size of the directory. For valid values, see [CreateDirectory](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html) in the *AWS Directory Service API Reference* .", + "title": "Size", + "type": "string" + }, + "VpcSettings": { + "$ref": "#/definitions/AWS::DirectoryService::SimpleAD.VpcSettings", + "markdownDescription": "A [DirectoryVpcSettings](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DirectoryVpcSettings.html) object that contains additional information for the operation.", + "title": "VpcSettings" + } }, - "markdownDescription": "The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .", - "title": "TagSpecifications", - "type": "array" - }, - "TargetCapacity": { - "markdownDescription": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", - "title": "TargetCapacity", - "type": "number" - }, - "TargetCapacityUnitType": { - "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection.\n\nDefault: `units` (the number of instances)", - "title": "TargetCapacityUnitType", - "type": "string" - }, - "TerminateInstancesWithExpiration": { - "markdownDescription": "Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.", - "title": "TerminateInstancesWithExpiration", - "type": "boolean" + "required": [ + "Name", + "Size", + "VpcSettings" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet.", - "title": "Type", - "type": "string" - }, - "ValidFrom": { - "markdownDescription": "The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately.", - "title": "ValidFrom", + "enum": [ + "AWS::DirectoryService::SimpleAD" + ], "type": "string" }, - "ValidUntil": { - "markdownDescription": "The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.", - "title": "ValidUntil", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "IamFleetRole", - "TargetCapacity" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::SpotFleet.SpotFleetTagSpecification": { + "AWS::DirectoryService::SimpleAD.VpcSettings": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { + "SubnetIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags.", - "title": "Tags", + "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", + "title": "SubnetIds", "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotMaintenanceStrategies": { - "additionalProperties": false, - "properties": { - "CapacityRebalance": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotCapacityRebalance", - "markdownDescription": "The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* .", - "title": "CapacityRebalance" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotPlacement": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.\n\nTo specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\".", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupName": { - "markdownDescription": "The name of the placement group.", - "title": "GroupName", - "type": "string" }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances.", - "title": "Tenancy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.TargetGroup": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "Arn", + "VpcId": { + "markdownDescription": "The identifier of the VPC in which to create the directory.", + "title": "VpcId", "type": "string" } }, "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.TargetGroupsConfig": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroup" - }, - "markdownDescription": "One or more target groups.", - "title": "TargetGroups", - "type": "array" - } - }, - "required": [ - "TargetGroups" + "SubnetIds", + "VpcId" ], "type": "object" }, - "AWS::EC2::SpotFleet.TotalLocalStorageGBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.VCpuCountRangeRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::Subnet": { + "AWS::DocDB::DBCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -78117,109 +85805,174 @@ "Properties": { "additionalProperties": false, "properties": { - "AssignIpv6AddressOnCreation": { - "markdownDescription": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is `false` .\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", - "title": "AssignIpv6AddressOnCreation", + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.", + "title": "AvailabilityZones", + "type": "array" + }, + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained. You must specify a minimum value of 1.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35.", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "Set to `true` to copy all tags from the source cluster snapshot to the target cluster snapshot, and otherwise `false` . The default is `false` .", + "title": "CopyTagsToSnapshot", "type": "boolean" }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the subnet.\n\nIf you update this property, you must also update the `CidrBlock` property.", - "title": "AvailabilityZone", + "DBClusterIdentifier": { + "markdownDescription": "The cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster`", + "title": "DBClusterIdentifier", "type": "string" }, - "AvailabilityZoneId": { - "markdownDescription": "The AZ ID of the subnet.", - "title": "AvailabilityZoneId", + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the cluster parameter group to associate with this cluster.", + "title": "DBClusterParameterGroupName", "type": "string" }, - "CidrBlock": { - "markdownDescription": "The IPv4 CIDR block assigned to the subnet.\n\nIf you update this property, we create a new subnet, and then delete the existing one.", - "title": "CidrBlock", + "DBSubnetGroupName": { + "markdownDescription": "A subnet group to associate with this cluster.\n\nConstraints: Must match the name of an existing `DBSubnetGroup` . Must not be default.\n\nExample: `mySubnetgroup`", + "title": "DBSubnetGroupName", "type": "string" }, - "EnableDns64": { - "markdownDescription": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.\n\n> You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a `0.0.0.0/0` route pointing to the internet gateway. For more information, see [Configure DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "EnableDns64", + "DeletionProtection": { + "markdownDescription": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", + "title": "DeletionProtection", "type": "boolean" }, - "EnableLniAtDeviceIndex": { - "markdownDescription": "Indicates the device position for local network interfaces in this subnet. For example, `1` indicates local network interfaces in this subnet are the secondary network interface (eth1).", - "title": "EnableLniAtDeviceIndex", - "type": "number" + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", + "title": "EnableCloudwatchLogsExports", + "type": "array" }, - "Ipv4IpamPoolId": { - "markdownDescription": "An IPv4 IPAM pool ID for the subnet.", - "title": "Ipv4IpamPoolId", + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.\n\nIf you intend to trigger an in-place upgrade, please refer to [Amazon DocumentDB in-place major version upgrade](https://docs.aws.amazon.com/documentdb/latest/developerguide/docdb-mvu.html) . Note that for an in-place engine version upgrade, you need to remove other cluster properties changes (e.g. SecurityGroupId) from the CFN template.", + "title": "EngineVersion", "type": "string" }, - "Ipv4NetmaskLength": { - "markdownDescription": "An IPv4 netmask length for the subnet.", - "title": "Ipv4NetmaskLength", - "type": "number" + "GlobalClusterIdentifier": { + "markdownDescription": "The cluster identifier of the new global cluster.", + "title": "GlobalClusterIdentifier", + "type": "string" }, - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 CIDR block.\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", - "title": "Ipv6CidrBlock", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", + "title": "KmsKeyId", "type": "string" }, - "Ipv6CidrBlocks": { - "items": { - "type": "string" - }, - "type": "array" + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with Amazon Web Services Secrets Manager.\n\nConstraint: You can't manage the master user password with Amazon Web Services Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" }, - "Ipv6IpamPoolId": { - "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", - "title": "Ipv6IpamPoolId", + "MasterUserPassword": { + "markdownDescription": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", + "title": "MasterUserPassword", "type": "string" }, - "Ipv6Native": { - "markdownDescription": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "Ipv6Native", - "type": "boolean" + "MasterUserSecretKmsKeyId": { + "markdownDescription": "The Amazon Web Services KMS key identifier to encrypt a secret that is automatically generated and managed in Amazon Web Services Secrets Manager. This setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the DB cluster.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.\n\nIf you don't specify `MasterUserSecretKmsKeyId` , then the `aws/secretsmanager` KMS key is used to encrypt the secret. If the secret is in a different Amazon Web Services account, then you can't use the `aws/secretsmanager` KMS key to encrypt the secret, and you must use a customer managed KMS key.\n\nThere is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.", + "title": "MasterUserSecretKmsKeyId", + "type": "string" }, - "Ipv6NetmaskLength": { - "markdownDescription": "An IPv6 netmask length for the subnet.", - "title": "Ipv6NetmaskLength", + "MasterUsername": { + "markdownDescription": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", + "title": "MasterUsername", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "", + "title": "NetworkType", + "type": "string" + }, + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", "type": "number" }, - "MapPublicIpOnLaunch": { - "markdownDescription": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is `false` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "MapPublicIpOnLaunch", + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "The date and time to restore the cluster to.\n\nValid values: A time in Universal Coordinated Time (UTC) format.\n\nConstraints:\n\n- Must be before the latest restorable time for the instance.\n- Must be specified if the `UseLatestRestorableTime` parameter is not provided.\n- Cannot be specified if the `UseLatestRestorableTime` parameter is `true` .\n- Cannot be specified if the `RestoreType` parameter is `copy-on-write` .\n\nExample: `2015-03-07T23:45:00Z`", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nConstraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.", + "title": "RestoreType", + "type": "string" + }, + "RotateMasterUserPassword": { + "markdownDescription": "Specifies whether to rotate the secret managed by Amazon Web Services Secrets Manager for the master user password.\n\nThis setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the cluster. The secret value contains the updated password.\n\nConstraint: You must apply the change immediately when rotating the master user password.", + "title": "RotateMasterUserPassword", "type": "boolean" }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", - "title": "OutpostArn", + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/AWS::DocDB::DBCluster.ServerlessV2ScalingConfiguration", + "markdownDescription": "", + "title": "ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "The identifier for the snapshot or cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.\n\nConstraints:\n\n- Must match the identifier of an existing snapshot.", + "title": "SnapshotIdentifier", "type": "string" }, - "PrivateDnsNameOptionsOnLaunch": { - "$ref": "#/definitions/AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch", - "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nAvailable options:\n\n- EnableResourceNameDnsAAAARecord (true | false)\n- EnableResourceNameDnsARecord (true | false)\n- HostnameType (ip-name | resource-name)", - "title": "PrivateDnsNameOptionsOnLaunch" + "SourceDBClusterIdentifier": { + "markdownDescription": "The identifier of the source cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing `DBCluster` .", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Specifies whether the cluster is encrypted.\n\nIf you specify `SourceDBClusterIdentifier` or `SnapshotIdentifier` and don\u2019t specify `StorageEncrypted` , the encryption property is inherited from the source cluster or snapshot (unless `KMSKeyId` is specified, in which case the restored cluster will be encrypted with that KMS key). If the source is encrypted and `StorageEncrypted` is specified to be true, the restored cluster will be encrypted (if you want to use a different KMS key, specify the `KMSKeyId` property as well). If the source is unencrypted and `StorageEncrypted` is specified to be true, then the `KMSKeyId` property must be specified. If the source is encrypted, don\u2019t specify `StorageEncrypted` to be false as opting out of encryption is not allowed.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Amazon DocumentDB clusters, see Cluster storage configurations in the *Amazon DocumentDB Developer Guide* .\n\nValid values for storage type - `standard | iopt1`\n\nDefault value is `standard`\n\n> When you create a DocumentDB DB cluster with the storage type set to `iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `standard` .", + "title": "StorageType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the subnet.", + "markdownDescription": "The tags to be assigned to the cluster.", "title": "Tags", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC the subnet is in.\n\nIf you update this property, you must also update the `CidrBlock` property.", - "title": "VpcId", - "type": "string" + "UseLatestRestorableTime": { + "markdownDescription": "A value that is set to `true` to restore the cluster to the latest restorable backup time, and `false` otherwise.\n\nDefault: `false`\n\nConstraints: Cannot be specified if the `RestoreToTime` parameter is provided.", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with this cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, - "required": [ - "VpcId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Subnet" + "AWS::DocDB::DBCluster" ], "type": "string" }, @@ -78233,33 +85986,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch": { + "AWS::DocDB::DBCluster.ServerlessV2ScalingConfiguration": { "additionalProperties": false, "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" - }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" + "MaxCapacity": { + "markdownDescription": "", + "title": "MaxCapacity", + "type": "number" }, - "HostnameType": { - "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.", - "title": "HostnameType", - "type": "string" + "MinCapacity": { + "markdownDescription": "", + "title": "MinCapacity", + "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::EC2::SubnetCidrBlock": { + "AWS::DocDB::DBClusterParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -78294,35 +86045,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 network range for the subnet, in CIDR notation.", - "title": "Ipv6CidrBlock", + "Description": { + "markdownDescription": "The description for the cluster parameter group.", + "title": "Description", "type": "string" }, - "Ipv6IpamPoolId": { - "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", - "title": "Ipv6IpamPoolId", + "Family": { + "markdownDescription": "The cluster parameter group family name.", + "title": "Family", "type": "string" }, - "Ipv6NetmaskLength": { - "markdownDescription": "An IPv6 netmask length for the subnet.", - "title": "Ipv6NetmaskLength", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "Name": { + "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing `DBClusterParameterGroup` .\n\n> This value is stored as a lowercase string.", + "title": "Name", "type": "string" + }, + "Parameters": { + "markdownDescription": "Provides a list of parameters for the cluster parameter group.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the cluster parameter group.", + "title": "Tags", + "type": "array" } }, "required": [ - "SubnetId" + "Description", + "Family", + "Parameters" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetCidrBlock" + "AWS::DocDB::DBClusterParameterGroup" ], "type": "string" }, @@ -78341,7 +86102,7 @@ ], "type": "object" }, - "AWS::EC2::SubnetNetworkAclAssociation": { + "AWS::DocDB::DBInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -78376,26 +86137,69 @@ "Properties": { "additionalProperties": false, "properties": { - "NetworkAclId": { - "markdownDescription": "The ID of the network ACL.", - "title": "NetworkAclId", + "AutoMinorVersionUpgrade": { + "markdownDescription": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set.\n\nDefault: `false`", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The Amazon EC2 Availability Zone that the instance is created in.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nExample: `us-east-1d`", + "title": "AvailabilityZone", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "CACertificateIdentifier": { + "markdownDescription": "The identifier of the CA certificate for this DB instance.", + "title": "CACertificateIdentifier", + "type": "string" + }, + "CertificateRotationRestart": { + "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, see [Updating Your Amazon DocumentDB TLS Certificates](https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html) and [Encrypting Data in Transit](https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html) in the *Amazon DocumentDB Developer Guide* .", + "title": "CertificateRotationRestart", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "The identifier of the cluster that the instance will belong to.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBInstanceClass": { + "markdownDescription": "The compute and memory capacity of the instance; for example, `db.m4.large` . If you change the class of an instance there can be some interruption in the cluster's service.", + "title": "DBInstanceClass", + "type": "string" + }, + "DBInstanceIdentifier": { + "markdownDescription": "The instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `mydbinstance`", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "EnablePerformanceInsights": { + "markdownDescription": "A value that indicates whether to enable Performance Insights for the DB Instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) .", + "title": "EnablePerformanceInsights", + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the instance. You can assign up to 10 tags to an instance.", + "title": "Tags", + "type": "array" } }, "required": [ - "NetworkAclId", - "SubnetId" + "DBClusterIdentifier", + "DBInstanceClass" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetNetworkAclAssociation" + "AWS::DocDB::DBInstance" ], "type": "string" }, @@ -78414,7 +86218,7 @@ ], "type": "object" }, - "AWS::EC2::SubnetRouteTableAssociation": { + "AWS::DocDB::DBSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -78449,26 +86253,42 @@ "Properties": { "additionalProperties": false, "properties": { - "RouteTableId": { - "markdownDescription": "The ID of the route table.\n\nThe physical ID changes when the route table ID is changed.", - "title": "RouteTableId", + "DBSubnetGroupDescription": { + "markdownDescription": "The description for the subnet group.", + "title": "DBSubnetGroupDescription", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "DBSubnetGroupName": { + "markdownDescription": "The name for the subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens. Must not be default.\n\nExample: `mySubnetgroup`", + "title": "DBSubnetGroupName", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the subnet group.", + "title": "Tags", + "type": "array" } }, "required": [ - "RouteTableId", - "SubnetId" + "DBSubnetGroupDescription", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetRouteTableAssociation" + "AWS::DocDB::DBSubnetGroup" ], "type": "string" }, @@ -78487,7 +86307,7 @@ ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilter": { + "AWS::DocDB::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -78522,33 +86342,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror filter.", - "title": "Description", - "type": "string" + "Enabled": { + "markdownDescription": "A Boolean value; set to `true` to activate the subscription, set to `false` to create the subscription but not active it.", + "title": "Enabled", + "type": "boolean" }, - "NetworkServices": { + "EventCategories": { "items": { "type": "string" }, - "markdownDescription": "The network service traffic that is associated with the Traffic Mirror filter.\n\nValid values are `amazon-dns` .", - "title": "NetworkServices", + "markdownDescription": "A list of event categories for a `SourceType` that you want to subscribe to.", + "title": "EventCategories", "type": "array" }, - "Tags": { + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. Amazon SNS creates the ARN when you create a topic and subscribe to it.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags to assign to a Traffic Mirror filter.", - "title": "Tags", + "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are provided, `SourceType` must also be provided.\n- If the source type is an instance, a `DBInstanceIdentifier` must be provided.\n- If the source type is a security group, a `DBSecurityGroupName` must be provided.\n- If the source type is a parameter group, a `DBParameterGroupName` must be provided.\n- If the source type is a snapshot, a `DBSnapshotIdentifier` must be provided.", + "title": "SourceIds", "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by an instance, you would set this parameter to `db-instance` . If this value is not specified, all events are returned.\n\nValid values: `db-instance` , `db-cluster` , `db-parameter-group` , `db-security-group` , `db-cluster-snapshot`", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be fewer than 255 characters.", + "title": "SubscriptionName", + "type": "string" } }, + "required": [ + "SnsTopicArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorFilter" + "AWS::DocDB::EventSubscription" ], "type": "string" }, @@ -78562,11 +86400,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilterRule": { + "AWS::DocDBElastic::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -78601,70 +86440,98 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror rule.", - "title": "Description", + "AdminUserName": { + "markdownDescription": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word.", + "title": "AdminUserName", "type": "string" }, - "DestinationCidrBlock": { - "markdownDescription": "The destination CIDR block to assign to the Traffic Mirror rule.", - "title": "DestinationCidrBlock", + "AdminUserPassword": { + "markdownDescription": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required.", + "title": "AdminUserPassword", "type": "string" }, - "DestinationPortRange": { - "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", - "markdownDescription": "The destination port range.", - "title": "DestinationPortRange" - }, - "Protocol": { - "markdownDescription": "The protocol, for example UDP, to assign to the Traffic Mirror rule.\n\nFor information about the protocol value, see [Protocol Numbers](https://docs.aws.amazon.com/https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.", - "title": "Protocol", - "type": "number" - }, - "RuleAction": { - "markdownDescription": "The action to take on the filtered traffic.", - "title": "RuleAction", + "AuthType": { + "markdownDescription": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` .", + "title": "AuthType", "type": "string" }, - "RuleNumber": { - "markdownDescription": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.", - "title": "RuleNumber", + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automatic snapshots are retained.", + "title": "BackupRetentionPeriod", "type": "number" }, - "SourceCidrBlock": { - "markdownDescription": "The source CIDR block to assign to the Traffic Mirror rule.", - "title": "SourceCidrBlock", + "ClusterName": { + "markdownDescription": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`", + "title": "ClusterName", "type": "string" }, - "SourcePortRange": { - "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", - "markdownDescription": "The source port range.", - "title": "SourcePortRange" + "KmsKeyId": { + "markdownDescription": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region.", + "title": "KmsKeyId", + "type": "string" }, - "TrafficDirection": { - "markdownDescription": "The type of traffic.", - "title": "TrafficDirection", + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` .", + "title": "PreferredBackupWindow", "type": "string" }, - "TrafficMirrorFilterId": { - "markdownDescription": "The ID of the filter that this rule is associated with.", - "title": "TrafficMirrorFilterId", + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" - } - }, - "required": [ - "DestinationCidrBlock", - "RuleAction", - "RuleNumber", - "SourceCidrBlock", - "TrafficDirection", - "TrafficMirrorFilterId" + }, + "ShardCapacity": { + "markdownDescription": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64.", + "title": "ShardCapacity", + "type": "number" + }, + "ShardCount": { + "markdownDescription": "The number of shards assigned to the elastic cluster. Maximum is 32.", + "title": "ShardCount", + "type": "number" + }, + "ShardInstanceCount": { + "markdownDescription": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability.", + "title": "ShardInstanceCount", + "type": "number" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the new elastic cluster.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the new elastic cluster.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with the new elastic cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "required": [ + "AdminUserName", + "AuthType", + "ClusterName", + "ShardCapacity", + "ShardCount" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorFilterRule" + "AWS::DocDBElastic::Cluster" ], "type": "string" }, @@ -78683,27 +86550,7 @@ ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange": { - "additionalProperties": false, - "properties": { - "FromPort": { - "markdownDescription": "The start of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", - "title": "FromPort", - "type": "number" - }, - "ToPort": { - "markdownDescription": "The end of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", - "title": "ToPort", - "type": "number" - } - }, - "required": [ - "FromPort", - "ToPort" - ], - "type": "object" - }, - "AWS::EC2::TrafficMirrorSession": { + "AWS::DynamoDB::GlobalTable": { "additionalProperties": false, "properties": { "Condition": { @@ -78738,61 +86585,110 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror session.", - "title": "Description", - "type": "string" + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.AttributeDefinition" + }, + "markdownDescription": "A list of attributes that describe the key schema for the global table and indexes.", + "title": "AttributeDefinitions", + "type": "array" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the source network interface.", - "title": "NetworkInterfaceId", + "BillingMode": { + "markdownDescription": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` .", + "title": "BillingMode", "type": "string" }, - "PacketLength": { - "markdownDescription": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", - "title": "PacketLength", - "type": "number" + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex" + }, + "markdownDescription": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually.", + "title": "GlobalSecondaryIndexes", + "type": "array" }, - "SessionNumber": { - "markdownDescription": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", - "title": "SessionNumber", - "type": "number" + "GlobalTableWitnesses": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalTableWitness" + }, + "markdownDescription": "The list of witnesses of the MRSC global table. Only one witness Region can be configured per MRSC global table.", + "title": "GlobalTableWitnesses", + "type": "array" }, - "Tags": { + "KeySchema": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" }, - "markdownDescription": "The tags to assign to a Traffic Mirror session.", - "title": "Tags", + "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", + "title": "KeySchema", "type": "array" }, - "TrafficMirrorFilterId": { - "markdownDescription": "The ID of the Traffic Mirror filter.", - "title": "TrafficMirrorFilterId", + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.LocalSecondaryIndex" + }, + "markdownDescription": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", + "title": "LocalSecondaryIndexes", + "type": "array" + }, + "MultiRegionConsistency": { + "markdownDescription": "Specifies the consistency mode for a new global table.\n\nYou can specify one of the following consistency modes:\n\n- `EVENTUAL` : Configures a new global table for multi-Region eventual consistency (MREC).\n- `STRONG` : Configures a new global table for multi-Region strong consistency (MRSC).\n\nIf you don't specify this field, the global table consistency mode defaults to `EVENTUAL` . For more information about global tables consistency modes, see [Consistency modes](https://docs.aws.amazon.com/V2globaltables_HowItWorks.html#V2globaltables_HowItWorks.consistency-modes) in DynamoDB developer guide.", + "title": "MultiRegionConsistency", "type": "string" }, - "TrafficMirrorTargetId": { - "markdownDescription": "The ID of the Traffic Mirror target.", - "title": "TrafficMirrorTargetId", + "Replicas": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSpecification" + }, + "markdownDescription": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update. For Multi-Region Strong Consistency (MRSC), you can add or remove up to 3 replicas, or 2 replicas plus a witness Region.", + "title": "Replicas", + "type": "array" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.SSESpecification", + "markdownDescription": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property.", + "title": "SSESpecification" + }, + "StreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.StreamSpecification", + "markdownDescription": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica. For Multi-Region Strong Consistency (MRSC), you do not need to provide a value for this property and can change the settings at any time.", + "title": "StreamSpecification" + }, + "TableName": { + "markdownDescription": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TableName", "type": "string" }, - "VirtualNetworkId": { - "markdownDescription": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see [RFC 7348](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc7348) . If you do not specify a `VirtualNetworkId` , an account-wide unique ID is chosen at random.", - "title": "VirtualNetworkId", - "type": "number" + "TimeToLiveSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TimeToLiveSpecification", + "markdownDescription": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas.", + "title": "TimeToLiveSpecification" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WarmThroughput", + "markdownDescription": "Provides visibility into the number of read and write operations your table or secondary index can instantaneously support. The settings can be modified using the `UpdateTable` operation to meet the throughput requirements of an upcoming peak event.", + "title": "WarmThroughput" + }, + "WriteOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings", + "markdownDescription": "Sets the write request settings for a global table or a global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "WriteOnDemandThroughputSettings" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", + "markdownDescription": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` .", + "title": "WriteProvisionedThroughputSettings" } }, "required": [ - "NetworkInterfaceId", - "SessionNumber", - "TrafficMirrorFilterId", - "TrafficMirrorTargetId" + "AttributeDefinitions", + "KeySchema", + "Replicas" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorSession" + "AWS::DynamoDB::GlobalTable" ], "type": "string" }, @@ -78811,343 +86707,539 @@ ], "type": "object" }, - "AWS::EC2::TrafficMirrorTarget": { + "AWS::DynamoDB::GlobalTable.AttributeDefinition": { "additionalProperties": false, "properties": { - "Condition": { + "AttributeName": { + "markdownDescription": "A name for the attribute.", + "title": "AttributeName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttributeType": { + "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", + "title": "AttributeType", "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum provisioned capacity units for the global table.", + "title": "MaxCapacity", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MinCapacity": { + "markdownDescription": "The minimum provisioned capacity units for the global table.", + "title": "MinCapacity", + "type": "number" }, - "Metadata": { - "type": "object" + "SeedCapacity": { + "markdownDescription": "When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent.\n\nIf you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10.\n\nYou must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` .", + "title": "SeedCapacity", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror target.", - "title": "Description", - "type": "string" - }, - "GatewayLoadBalancerEndpointId": { - "markdownDescription": "The ID of the Gateway Load Balancer endpoint.", - "title": "GatewayLoadBalancerEndpointId", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface ID that is associated with the target.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "NetworkLoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.", - "title": "NetworkLoadBalancerArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the Traffic Mirror target.", - "title": "Tags", - "type": "array" - } + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration", + "markdownDescription": "Defines a target tracking scaling policy.", + "title": "TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MaxCapacity", + "MinCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" }, - "type": "object" + "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::TrafficMirrorTarget" - ], + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WarmThroughput", + "markdownDescription": "Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify `ReadUnitsPerSecond` , `WriteUnitsPerSecond` , or both.", + "title": "WarmThroughput" + }, + "WriteOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings", + "markdownDescription": "Sets the write request settings for a global table or a global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "WriteOnDemandThroughputSettings" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", + "markdownDescription": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index.", + "title": "WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.GlobalTableWitness": { + "additionalProperties": false, + "properties": { + "Region": { + "markdownDescription": "The name of the AWS Region that serves as a witness for the MRSC global table.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of a key attribute.", + "title": "AttributeName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KeyType": { + "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeyType", "type": "string" } }, "required": [ - "Type" + "AttributeName", + "KeyType" ], "type": "object" }, - "AWS::EC2::TransitGateway": { + "AWS::DynamoDB::GlobalTable.KinesisStreamSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "ApproximateCreationDateTimePrecision": { + "markdownDescription": "The precision for the time and date that the stream was created.", + "title": "ApproximateCreationDateTimePrecision", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamArn": { + "markdownDescription": "The ARN for a specific Kinesis data stream.", + "title": "StreamArn", + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" + }, + "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "Metadata": { - "type": "object" + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AmazonSideAsn": { - "markdownDescription": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512.", - "title": "AmazonSideAsn", - "type": "number" - }, - "AssociationDefaultRouteTableId": { - "markdownDescription": "The ID of the default association route table.", - "title": "AssociationDefaultRouteTableId", - "type": "string" - }, - "AutoAcceptSharedAttachments": { - "markdownDescription": "Enable or disable automatic acceptance of attachment requests. Disabled by default.", - "title": "AutoAcceptSharedAttachments", - "type": "string" - }, - "DefaultRouteTableAssociation": { - "markdownDescription": "Enable or disable automatic association with the default association route table. Enabled by default. If `DefaultRouteTableAssociation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", - "title": "DefaultRouteTableAssociation", - "type": "string" - }, - "DefaultRouteTablePropagation": { - "markdownDescription": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default. If `DefaultRouteTablePropagation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", - "title": "DefaultRouteTablePropagation", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the transit gateway.", - "title": "Description", - "type": "string" - }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. Enabled by default.", - "title": "DnsSupport", - "type": "string" - }, - "MulticastSupport": { - "markdownDescription": "Indicates whether multicast is enabled on the transit gateway", - "title": "MulticastSupport", - "type": "string" - }, - "PropagationDefaultRouteTableId": { - "markdownDescription": "The ID of the default propagation route table.", - "title": "PropagationDefaultRouteTableId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the transit gateway.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The transit gateway CIDR blocks.", - "title": "TransitGatewayCidrBlocks", - "type": "array" - }, - "VpnEcmpSupport": { - "markdownDescription": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default.", - "title": "VpnEcmpSupport", - "type": "string" - } + "RecoveryPeriodInDays": { + "markdownDescription": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35.", + "title": "RecoveryPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", + "title": "NonKeyAttributes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::TransitGateway" - ], + "ProjectionType": { + "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", + "title": "ProjectionType", "type": "string" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings": { + "additionalProperties": false, + "properties": { + "MaxReadRequestUnits": { + "markdownDescription": "Maximum number of read request units for the specified replica of a global table.", + "title": "MaxReadRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", + "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", + "title": "ReadCapacityAutoScalingSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ReadCapacityUnits": { + "markdownDescription": "Specifies a fixed read capacity for the replica table or global secondary index.", + "title": "ReadCapacityUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", + "markdownDescription": "Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table\u2019s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table.", + "title": "ContributorInsightsSpecification" + }, + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" + }, + "ReadOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings", + "markdownDescription": "Sets the read request settings for a replica global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "ReadOnDemandThroughputSettings" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", + "markdownDescription": "Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` .", + "title": "ReadProvisionedThroughputSettings" } }, "required": [ - "Type" + "IndexName" ], "type": "object" }, - "AWS::EC2::TransitGatewayAttachment": { + "AWS::DynamoDB::GlobalTable.ReplicaSSESpecification": { "additionalProperties": false, "properties": { - "Condition": { + "KMSMasterKeyId": { + "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", + "title": "KMSMasterKeyId", "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica.", + "title": "ContributorInsightsSpecification" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeletionProtectionEnabled": { + "markdownDescription": "Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", + "title": "DeletionProtectionEnabled", + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification" + }, + "markdownDescription": "Defines additional settings for the global secondary indexes of this replica.", + "title": "GlobalSecondaryIndexes", + "type": "array" + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KinesisStreamSpecification", + "markdownDescription": "Defines the Kinesis Data Streams configuration for the specified replica.", + "title": "KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification", + "markdownDescription": "The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica.", + "title": "PointInTimeRecoverySpecification" + }, + "ReadOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings", + "markdownDescription": "Sets read request settings for the replica table.", + "title": "ReadOnDemandThroughputSettings" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", + "markdownDescription": "Defines read capacity settings for the replica table.", + "title": "ReadProvisionedThroughputSettings" + }, + "Region": { + "markdownDescription": "The region in which this replica exists.", + "title": "Region", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ReplicaStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification", + "markdownDescription": "Represents the DynamoDB Streams configuration for a global table replica.", + "title": "ReplicaStreamSpecification" }, - "Metadata": { - "type": "object" + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "ResourcePolicy" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayAttachment.Options", - "markdownDescription": "The VPC attachment options.", - "title": "Options" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the attachment.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "SubnetIds", - "TransitGatewayId", - "VpcId" - ], - "type": "object" + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSSESpecification", + "markdownDescription": "Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas.", + "title": "SSESpecification" }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayAttachment" - ], + "TableClass": { + "markdownDescription": "The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", + "title": "TableClass", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this replica.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification": { + "additionalProperties": false, + "properties": { + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", + "markdownDescription": "A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nYou can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource.", + "title": "ResourcePolicy" + } + }, + "required": [ + "ResourcePolicy" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ResourcePolicy": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "PolicyDocument", + "type": "object" + } + }, + "required": [ + "PolicyDocument" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys.", + "title": "SSEEnabled", + "type": "boolean" + }, + "SSEType": { + "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", + "title": "SSEType", "type": "string" } }, "required": [ - "Type", - "Properties" + "SSEEnabled" ], "type": "object" }, - "AWS::EC2::TransitGatewayAttachment.Options": { + "AWS::DynamoDB::GlobalTable.StreamSpecification": { "additionalProperties": false, "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", - "title": "ApplianceModeSupport", + "StreamViewType": { + "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", + "title": "StreamViewType", "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` .", + "title": "DisableScaleIn", + "type": "boolean" }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. The default is `disable` .", - "title": "DnsSupport", - "type": "string" + "ScaleInCooldown": { + "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start.", + "title": "ScaleInCooldown", + "type": "number" }, - "Ipv6Support": { - "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", - "title": "Ipv6Support", - "type": "string" + "ScaleOutCooldown": { + "markdownDescription": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start.", + "title": "ScaleOutCooldown", + "type": "number" }, - "SecurityGroupReferencingSupport": { - "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", - "title": "SecurityGroupReferencingSupport", + "TargetValue": { + "markdownDescription": "Defines a target value for the scaling policy.", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the attribute used to store the expiration time for items in the table.\n\nCurrently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed.", + "title": "AttributeName", "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::EC2::TransitGatewayConnect": { + "AWS::DynamoDB::GlobalTable.WarmThroughput": { + "additionalProperties": false, + "properties": { + "ReadUnitsPerSecond": { + "markdownDescription": "Represents the number of read operations your base table can instantaneously support.", + "title": "ReadUnitsPerSecond", + "type": "number" + }, + "WriteUnitsPerSecond": { + "markdownDescription": "Represents the number of write operations your base table can instantaneously support.", + "title": "WriteUnitsPerSecond", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings": { + "additionalProperties": false, + "properties": { + "MaxWriteRequestUnits": { + "markdownDescription": "Maximum number of write request settings for the specified replica of a global table.", + "title": "MaxWriteRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", + "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", + "title": "WriteCapacityAutoScalingSettings" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -79177,34 +87269,130 @@ "Properties": { "additionalProperties": false, "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions", - "markdownDescription": "The Connect attachment options.\n\n- protocol (gre)", - "title": "Options" + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.AttributeDefinition" + }, + "markdownDescription": "A list of attributes that describe the key schema for the table and indexes.\n\nThis property is required to create a DynamoDB table.\n\nUpdate requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) . Replacement if you edit an existing AttributeDefinition.", + "title": "AttributeDefinitions", + "type": "array" + }, + "BillingMode": { + "markdownDescription": "Specify how you are charged for read and write throughput and how you manage capacity.\n\nValid values include:\n\n- `PAY_PER_REQUEST` - We recommend using `PAY_PER_REQUEST` for most DynamoDB workloads. `PAY_PER_REQUEST` sets the billing mode to [On-demand capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html) .\n- `PROVISIONED` - We recommend using `PROVISIONED` for steady workloads with predictable growth where capacity requirements can be reliably forecasted. `PROVISIONED` sets the billing mode to [Provisioned capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html) .\n\nIf not specified, the default is `PROVISIONED` .", + "title": "BillingMode", + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table.", + "title": "ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "markdownDescription": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", + "title": "DeletionProtectionEnabled", + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.GlobalSecondaryIndex" + }, + "markdownDescription": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n\n> If you update a table to include a new global secondary index, AWS CloudFormation initiates the index creation and then proceeds with the stack update. AWS CloudFormation doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is `ACTIVE` . You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n> \n> If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.\n> \n> Updates are not supported. The following are exceptions:\n> \n> - If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n> - You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.", + "title": "GlobalSecondaryIndexes", + "type": "array" + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ImportSourceSpecification", + "markdownDescription": "Specifies the properties of data being imported from the S3 bucket source to the\" table.\n\n> If you specify the `ImportSourceSpecification` property, and also specify either the `StreamSpecification` , the `TableClass` property, the `DeletionProtectionEnabled` property, or the `WarmThroughput` property, the IAM entity creating/updating stack must have `UpdateTable` permission.", + "title": "ImportSourceSpecification" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" + }, + "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", + "title": "KeySchema", + "type": "array" + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KinesisStreamSpecification", + "markdownDescription": "The Kinesis Data Streams configuration for the specified table.", + "title": "KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.LocalSecondaryIndex" + }, + "markdownDescription": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.", + "title": "LocalSecondaryIndexes", + "type": "array" + }, + "OnDemandThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.OnDemandThroughput", + "markdownDescription": "Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify `MaxReadRequestUnits` , `MaxWriteRequestUnits` , or both.", + "title": "OnDemandThroughput" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.PointInTimeRecoverySpecification", + "markdownDescription": "The settings used to enable point in time recovery.", + "title": "PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", + "markdownDescription": "Throughput for the specified table, which consists of values for `ReadCapacityUnits` and `WriteCapacityUnits` . For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html) .\n\nIf you set `BillingMode` as `PROVISIONED` , you must specify this property. If you set `BillingMode` as `PAY_PER_REQUEST` , you cannot specify this property.", + "title": "ProvisionedThroughput" + }, + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", + "markdownDescription": "An AWS resource-based policy document in JSON format that will be attached to the table.\n\nWhen you attach a resource-based policy while creating a table, the policy application is *strongly consistent* .\n\nThe maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that apply for resource-based policies, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .\n\n> You need to specify the `CreateTable` and `PutResourcePolicy` IAM actions for authorizing a user to create a table with a resource-based policy.", + "title": "ResourcePolicy" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", + "markdownDescription": "Specifies the settings to enable server-side encryption.", + "title": "SSESpecification" + }, + "StreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.StreamSpecification", + "markdownDescription": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", + "title": "StreamSpecification" + }, + "TableClass": { + "markdownDescription": "The table class of the new table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", + "title": "TableClass", + "type": "string" + }, + "TableName": { + "markdownDescription": "A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TableName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the attachment.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "TransportTransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment from which the Connect attachment was created.", - "title": "TransportTransitGatewayAttachmentId", - "type": "string" + "TimeToLiveSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.TimeToLiveSpecification", + "markdownDescription": "Specifies the Time to Live (TTL) settings for the table.\n\n> For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", + "title": "TimeToLiveSpecification" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.WarmThroughput", + "markdownDescription": "Represents the warm throughput (in read units per second and write units per second) for creating a table.", + "title": "WarmThroughput" } }, "required": [ - "Options", - "TransportTransitGatewayAttachmentId" + "KeySchema" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayConnect" + "AWS::DynamoDB::Table" ], "type": "string" }, @@ -79223,29 +87411,416 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions": { + "AWS::DynamoDB::Table.AttributeDefinition": { "additionalProperties": false, "properties": { - "Protocol": { - "markdownDescription": "The tunnel protocol.", - "title": "Protocol", + "AttributeName": { + "markdownDescription": "A name for the attribute.", + "title": "AttributeName", + "type": "string" + }, + "AttributeType": { + "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", + "title": "AttributeType", "type": "string" } }, + "required": [ + "AttributeName", + "AttributeType" + ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastDomain": { + "AWS::DynamoDB::Table.ContributorInsightsSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Enabled": { + "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter used for separating items in the CSV file being imported.", + "title": "Delimiter", + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header.", + "title": "HeaderList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index.", + "title": "ContributorInsightsSpecification" + }, + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" + }, + "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" + }, + "OnDemandThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.OnDemandThroughput", + "markdownDescription": "The maximum number of read and write units for the specified global secondary index. If you use this parameter, you must specify `MaxReadRequestUnits` , `MaxWriteRequestUnits` , or both. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.", + "title": "OnDemandThroughput" + }, + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", + "markdownDescription": "Represents the provisioned throughput settings for the specified global secondary index. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.\n\nFor current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide* .", + "title": "ProvisionedThroughput" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.WarmThroughput", + "markdownDescription": "Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify `ReadUnitsPerSecond` , `WriteUnitsPerSecond` , or both.", + "title": "WarmThroughput" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "markdownDescription": "Type of compression to be used on the input coming from the imported table.", + "title": "InputCompressionType", + "type": "string" + }, + "InputFormat": { + "markdownDescription": "The format of the source data. Valid values for `ImportFormat` are `CSV` , `DYNAMODB_JSON` or `ION` .", + "title": "InputFormat", + "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/AWS::DynamoDB::Table.InputFormatOptions", + "markdownDescription": "Additional properties that specify how the input is formatted,", + "title": "InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/AWS::DynamoDB::Table.S3BucketSource", + "markdownDescription": "The S3 bucket that provides the source for the import.", + "title": "S3BucketSource" + } + }, + "required": [ + "InputFormat", + "S3BucketSource" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Csv", + "markdownDescription": "The options for imported source files in CSV format. The values are Delimiter and HeaderList.", + "title": "Csv" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of a key attribute.", + "title": "AttributeName", + "type": "string" + }, + "KeyType": { + "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeyType", + "type": "string" + } + }, + "required": [ + "AttributeName", + "KeyType" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "ApproximateCreationDateTimePrecision": { + "markdownDescription": "The precision for the time and date that the stream was created.", + "title": "ApproximateCreationDateTimePrecision", + "type": "string" + }, + "StreamArn": { + "markdownDescription": "The ARN for a specific Kinesis data stream.\n\nLength Constraints: Minimum length of 37. Maximum length of 1024.", + "title": "StreamArn", + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" + }, + "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" + }, + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.OnDemandThroughput": { + "additionalProperties": false, + "properties": { + "MaxReadRequestUnits": { + "markdownDescription": "Maximum number of read request units for the specified table.\n\nTo specify a maximum `OnDemandThroughput` on your table, set the value of `MaxReadRequestUnits` as greater than or equal to 1. To remove the maximum `OnDemandThroughput` that is currently set on your table, set the value of `MaxReadRequestUnits` to -1.", + "title": "MaxReadRequestUnits", + "type": "number" + }, + "MaxWriteRequestUnits": { + "markdownDescription": "Maximum number of write request units for the specified table.\n\nTo specify a maximum `OnDemandThroughput` on your table, set the value of `MaxWriteRequestUnits` as greater than or equal to 1. To remove the maximum `OnDemandThroughput` that is currently set on your table, set the value of `MaxWriteRequestUnits` to -1.", + "title": "MaxWriteRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" + }, + "RecoveryPeriodInDays": { + "markdownDescription": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35.", + "title": "RecoveryPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", + "title": "NonKeyAttributes", + "type": "array" + }, + "ProjectionType": { + "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", + "title": "ProjectionType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "markdownDescription": "The maximum number of strongly consistent reads consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", + "title": "ReadCapacityUnits", + "type": "number" + }, + "WriteCapacityUnits": { + "markdownDescription": "The maximum number of writes consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", + "title": "WriteCapacityUnits", + "type": "number" + } + }, + "required": [ + "ReadCapacityUnits", + "WriteCapacityUnits" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.ResourcePolicy": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, index, or both. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "PolicyDocument", + "type": "object" + } + }, + "required": [ + "PolicyDocument" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "markdownDescription": "The S3 bucket that is being imported from.", + "title": "S3Bucket", + "type": "string" + }, + "S3BucketOwner": { + "markdownDescription": "The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional.", + "title": "S3BucketOwner", + "type": "string" + }, + "S3KeyPrefix": { + "markdownDescription": "The key prefix shared by all S3 Objects that are being imported.", + "title": "S3KeyPrefix", + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", + "title": "KMSMasterKeyId", + "type": "string" + }, + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to `KMS` and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key.", + "title": "SSEEnabled", + "type": "boolean" + }, + "SSEType": { + "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", + "title": "SSEType", + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.StreamSpecification": { + "additionalProperties": false, + "properties": { + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", + "markdownDescription": "Creates or updates a resource-based policy document that contains the permissions for DynamoDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "ResourcePolicy" + }, + "StreamViewType": { + "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", + "title": "StreamViewType", + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the TTL attribute used to store the expiration time for items in the table.\n\n> - The `AttributeName` property is required when enabling the TTL, or when TTL is already enabled.\n> - To update this property, you must first disable TTL and then enable TTL with the new attribute name.", + "title": "AttributeName", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.WarmThroughput": { + "additionalProperties": false, + "properties": { + "ReadUnitsPerSecond": { + "markdownDescription": "Represents the number of read operations your base table can instantaneously support.", + "title": "ReadUnitsPerSecond", + "type": "number" + }, + "WriteUnitsPerSecond": { + "markdownDescription": "Represents the number of write operations your base table can instantaneously support.", + "title": "WriteUnitsPerSecond", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, "DependsOn": { @@ -79269,33 +87844,95 @@ "Properties": { "additionalProperties": false, "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomain.Options", - "markdownDescription": "The options for the transit gateway multicast domain.\n\n- AutoAcceptSharedAssociations (enable | disable)\n- Igmpv2Support (enable | disable)\n- StaticSourcesSupport (enable | disable)", - "title": "Options" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to create the Capacity Reservation.", + "title": "AvailabilityZone", + "type": "string" }, - "Tags": { + "AvailabilityZoneId": { + "markdownDescription": "The Availability Zone ID of the Capacity Reservation.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.", + "title": "EbsOptimized", + "type": "boolean" + }, + "EndDate": { + "markdownDescription": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.\n\nIf you are requesting a future-dated Capacity Reservation, you can't specify an end date and time that is within the commitment duration.", + "title": "EndDate", + "type": "string" + }, + "EndDateType": { + "markdownDescription": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", + "title": "EndDateType", + "type": "string" + }, + "EphemeralStorage": { + "markdownDescription": "*Deprecated.*", + "title": "EphemeralStorage", + "type": "boolean" + }, + "InstanceCount": { + "markdownDescription": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 64 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *16 * m5.xlarge = 64 vCPUs* ). \n\nValid range: 1 - 1000", + "title": "InstanceCount", + "type": "number" + }, + "InstanceMatchCriteria": { + "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\n> If you are requesting a future-dated Capacity Reservation, you must specify `targeted` . \n\nDefault: `open`", + "title": "InstanceMatchCriteria", + "type": "string" + }, + "InstancePlatform": { + "markdownDescription": "The type of operating system for which to reserve capacity.", + "title": "InstancePlatform", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, T, and G instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceType", + "type": "string" + }, + "OutPostArn": { + "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", + "title": "OutPostArn", + "type": "string" + }, + "PlacementGroupArn": { + "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", + "title": "PlacementGroupArn", + "type": "string" + }, + "TagSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::CapacityReservation.TagSpecification" }, - "markdownDescription": "The tags for the transit gateway multicast domain.", - "title": "Tags", + "markdownDescription": "The tags to apply to the Capacity Reservation during launch.", + "title": "TagSpecifications", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", + "Tenancy": { + "markdownDescription": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account .", + "title": "Tenancy", + "type": "string" + }, + "UnusedReservationBillingOwnerId": { + "markdownDescription": "The ID of the AWS account to which to assign billing of the unused capacity of the Capacity Reservation. A request will be sent to the specified account. That account must accept the request for the billing to be assigned to their account. For more information, see [Billing assignment for shared Amazon EC2 Capacity Reservations](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/assign-billing.html) .\n\nYou can assign billing only for shared Capacity Reservations. To share a Capacity Reservation, you must add it to a resource share. For more information, see [AWS::RAM::ResourceShare](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ram-resourceshare.html) .", + "title": "UnusedReservationBillingOwnerId", "type": "string" } }, "required": [ - "TransitGatewayId" + "InstanceCount", + "InstancePlatform", + "InstanceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastDomain" + "AWS::EC2::CapacityReservation" ], "type": "string" }, @@ -79314,28 +87951,58 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastDomain.Options": { + "AWS::EC2::CapacityReservation.CapacityAllocation": { "additionalProperties": false, "properties": { - "AutoAcceptSharedAssociations": { - "markdownDescription": "Indicates whether to automatically accept cross-account subnet associations that are associated with the transit gateway multicast domain.", - "title": "AutoAcceptSharedAssociations", + "AllocationType": { + "markdownDescription": "The usage type. `used` indicates that the instance capacity is in use by instances that are running in the Capacity Reservation.", + "title": "AllocationType", "type": "string" }, - "Igmpv2Support": { - "markdownDescription": "Specify whether to enable Internet Group Management Protocol (IGMP) version 2 for the transit gateway multicast domain.", - "title": "Igmpv2Support", + "Count": { + "markdownDescription": "The amount of instance capacity associated with the usage. For example a value of `4` indicates that instance capacity for 4 instances is currently in use.", + "title": "Count", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservation.CommitmentInfo": { + "additionalProperties": false, + "properties": { + "CommitmentEndDate": { + "markdownDescription": "The date and time at which the commitment duration expires, in the ISO8601 format in the UTC time zone ( `YYYY-MM-DDThh:mm:ss.sssZ` ). You can't decrease the instance count or cancel the Capacity Reservation before this date and time.", + "title": "CommitmentEndDate", "type": "string" }, - "StaticSourcesSupport": { - "markdownDescription": "Specify whether to enable support for statically configuring multicast group sources for a domain.", - "title": "StaticSourcesSupport", + "CommittedInstanceCount": { + "markdownDescription": "The instance capacity that you committed to when you requested the future-dated Capacity Reservation.", + "title": "CommittedInstanceCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservation.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag. Specify `capacity-reservation` .", + "title": "ResourceType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::EC2::TransitGatewayMulticastDomainAssociation": { + "AWS::EC2::CapacityReservationFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -79370,32 +88037,63 @@ "Properties": { "additionalProperties": false, "properties": { - "SubnetId": { - "markdownDescription": "The IDs of the subnets to associate with the transit gateway multicast domain.", - "title": "SubnetId", + "AllocationStrategy": { + "markdownDescription": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`", + "title": "AllocationStrategy", "type": "string" }, - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the transit gateway attachment.", - "title": "TransitGatewayAttachmentId", + "EndDate": { + "markdownDescription": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` .", + "title": "EndDate", "type": "string" }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", + "InstanceMatchCriteria": { + "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity.", + "title": "InstanceMatchCriteria", + "type": "string" + }, + "InstanceTypeSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification" + }, + "markdownDescription": "Information about the instance types for which to reserve the capacity.", + "title": "InstanceTypeSpecifications", + "type": "array" + }, + "NoRemoveEndDate": { + "markdownDescription": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter.", + "title": "NoRemoveEndDate", + "type": "boolean" + }, + "RemoveEndDate": { + "markdownDescription": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter.", + "title": "RemoveEndDate", + "type": "boolean" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.TagSpecification" + }, + "markdownDescription": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet.", + "title": "TagSpecifications", + "type": "array" + }, + "Tenancy": { + "markdownDescription": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account .", + "title": "Tenancy", "type": "string" + }, + "TotalTargetCapacity": { + "markdownDescription": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* .", + "title": "TotalTargetCapacity", + "type": "number" } }, - "required": [ - "SubnetId", - "TransitGatewayAttachmentId", - "TransitGatewayMulticastDomainId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastDomainAssociation" + "AWS::EC2::CapacityReservationFleet" ], "type": "string" }, @@ -79409,12 +88107,71 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastGroupMember": { + "AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types.", + "title": "EbsOptimized", + "type": "boolean" + }, + "InstancePlatform": { + "markdownDescription": "The type of operating system for which the Capacity Reservation Fleet reserves capacity.", + "title": "InstancePlatform", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type for which the Capacity Reservation Fleet reserves capacity.", + "title": "InstanceType", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* .", + "title": "Priority", + "type": "number" + }, + "Weight": { + "markdownDescription": "The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide.\n\nValid Range: Minimum value of `0.001` . Maximum value of `99.999` .", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservationFleet.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag on creation. Specify `capacity-reservation-fleet` .\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::CarrierGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -79449,32 +88206,28 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupIpAddress": { - "markdownDescription": "The IP address assigned to the transit gateway multicast group.", - "title": "GroupIpAddress", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The group members' network interface IDs to register with the transit gateway multicast group.", - "title": "NetworkInterfaceId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the carrier gateway.", + "title": "Tags", + "type": "array" }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", + "VpcId": { + "markdownDescription": "The ID of the VPC associated with the carrier gateway.", + "title": "VpcId", "type": "string" } }, "required": [ - "GroupIpAddress", - "NetworkInterfaceId", - "TransitGatewayMulticastDomainId" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastGroupMember" + "AWS::EC2::CarrierGateway" ], "type": "string" }, @@ -79493,7 +88246,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastGroupSource": { + "AWS::EC2::ClientVpnAuthorizationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -79528,32 +88281,41 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupIpAddress": { - "markdownDescription": "The IP address assigned to the transit gateway multicast group.", - "title": "GroupIpAddress", + "AccessGroupId": { + "markdownDescription": "The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if `AuthorizeAllGroups` is `false` or not specified.", + "title": "AccessGroupId", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The group sources' network interface IDs to register with the transit gateway multicast group.", - "title": "NetworkInterfaceId", + "AuthorizeAllGroups": { + "markdownDescription": "Indicates whether to grant access to all clients. Specify `true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.", + "title": "AuthorizeAllGroups", + "type": "boolean" + }, + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint.", + "title": "ClientVpnEndpointId", "type": "string" }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", + "Description": { + "markdownDescription": "A brief description of the authorization rule.", + "title": "Description", + "type": "string" + }, + "TargetNetworkCidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation, of the network for which access is being authorized.", + "title": "TargetNetworkCidr", "type": "string" } }, "required": [ - "GroupIpAddress", - "NetworkInterfaceId", - "TransitGatewayMulticastDomainId" + "ClientVpnEndpointId", + "TargetNetworkCidr" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastGroupSource" + "AWS::EC2::ClientVpnAuthorizationRule" ], "type": "string" }, @@ -79572,7 +88334,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayPeeringAttachment": { + "AWS::EC2::ClientVpnEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -79607,46 +88369,120 @@ "Properties": { "additionalProperties": false, "properties": { - "PeerAccountId": { - "markdownDescription": "The ID of the AWS account that owns the transit gateway.", - "title": "PeerAccountId", + "AuthenticationOptions": { + "items": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest" + }, + "markdownDescription": "Information about the authentication method to be used to authenticate clients.", + "title": "AuthenticationOptions", + "type": "array" + }, + "ClientCidrBlock": { + "markdownDescription": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. Client CIDR range must have a size of at least /22 and must not be greater than /12.", + "title": "ClientCidrBlock", "type": "string" }, - "PeerRegion": { - "markdownDescription": "The Region where the transit gateway that you want to create the peer for is located.", - "title": "PeerRegion", + "ClientConnectOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientConnectOptions", + "markdownDescription": "The options for managing connection authorization for new client connections.", + "title": "ClientConnectOptions" + }, + "ClientLoginBannerOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions", + "markdownDescription": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.", + "title": "ClientLoginBannerOptions" + }, + "ClientRouteEnforcementOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientRouteEnforcementOptions", + "markdownDescription": "Client route enforcement is a feature of the Client VPN service that helps enforce administrator defined routes on devices connected through the VPN. T his feature helps improve your security posture by ensuring that network traffic originating from a connected client is not inadvertently sent outside the VPN tunnel.\n\nClient route enforcement works by monitoring the route table of a connected device for routing policy changes to the VPN connection. If the feature detects any VPN routing policy modifications, it will automatically force an update to the route table, reverting it back to the expected route configurations.", + "title": "ClientRouteEnforcementOptions" + }, + "ConnectionLogOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions", + "markdownDescription": "Information about the client connection logging options.\n\nIf you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:\n\n- Client connection requests\n- Client connection results (successful and unsuccessful)\n- Reasons for unsuccessful client connection requests\n- Client connection termination time", + "title": "ConnectionLogOptions" + }, + "Description": { + "markdownDescription": "A brief description of the Client VPN endpoint.", + "title": "Description", "type": "string" }, - "PeerTransitGatewayId": { - "markdownDescription": "The ID of the transit gateway in the PeerRegion.", - "title": "PeerTransitGatewayId", + "DisconnectOnSessionTimeout": { + "markdownDescription": "Indicates whether the client VPN session is disconnected after the maximum `sessionTimeoutHours` is reached. If `true` , users are prompted to reconnect client VPN. If `false` , client VPN attempts to reconnect automatically. The default value is `true` .", + "title": "DisconnectOnSessionTimeout", + "type": "boolean" + }, + "DnsServers": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.", + "title": "DnsServers", + "type": "array" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SelfServicePortal": { + "markdownDescription": "Specify whether to enable the self-service portal for the Client VPN endpoint.\n\nDefault Value: `enabled`", + "title": "SelfServicePortal", "type": "string" }, - "Tags": { + "ServerCertificateArn": { + "markdownDescription": "The ARN of the server certificate. For more information, see the [AWS Certificate Manager User Guide](https://docs.aws.amazon.com/acm/latest/userguide/) .", + "title": "ServerCertificateArn", + "type": "string" + }, + "SessionTimeoutHours": { + "markdownDescription": "The maximum VPN session duration time in hours.\n\nValid values: `8 | 10 | 12 | 24`\n\nDefault value: `24`", + "title": "SessionTimeoutHours", + "type": "number" + }, + "SplitTunnel": { + "markdownDescription": "Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.\n\nBy default, split-tunnel on a VPN endpoint is disabled.\n\nFor information about split-tunnel VPN endpoints, see [Split-tunnel AWS Client VPN endpoint](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) in the *AWS Client VPN Administrator Guide* .", + "title": "SplitTunnel", + "type": "boolean" + }, + "TagSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.TagSpecification" }, - "markdownDescription": "The tags for the transit gateway peering attachment.", - "title": "Tags", + "markdownDescription": "The tags to apply to the Client VPN endpoint during creation.", + "title": "TagSpecifications", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway peering attachment.", - "title": "TransitGatewayId", + "TransportProtocol": { + "markdownDescription": "The transport protocol to be used by the VPN session.\n\nDefault value: `udp`", + "title": "TransportProtocol", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.", + "title": "VpcId", "type": "string" + }, + "VpnPort": { + "markdownDescription": "The port number to assign to the Client VPN endpoint for TCP and UDP traffic.\n\nValid Values: `443` | `1194`\n\nDefault Value: `443`", + "title": "VpnPort", + "type": "number" } }, "required": [ - "PeerAccountId", - "PeerRegion", - "PeerTransitGatewayId", - "TransitGatewayId" + "AuthenticationOptions", + "ClientCidrBlock", + "ConnectionLogOptions", + "ServerCertificateArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayPeeringAttachment" + "AWS::EC2::ClientVpnEndpoint" ], "type": "string" }, @@ -79665,23 +88501,179 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayPeeringAttachment.PeeringAttachmentStatus": { + "AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The status code.", - "title": "Code", + "ClientRootCertificateChainArn": { + "markdownDescription": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).", + "title": "ClientRootCertificateChainArn", "type": "string" + } + }, + "required": [ + "ClientRootCertificateChainArn" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "ActiveDirectory": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest", + "markdownDescription": "Information about the Active Directory to be used, if applicable. You must provide this information if *Type* is `directory-service-authentication` .", + "title": "ActiveDirectory" }, - "Message": { - "markdownDescription": "The status message, if applicable.", - "title": "Message", + "FederatedAuthentication": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest", + "markdownDescription": "Information about the IAM SAML identity provider, if applicable.", + "title": "FederatedAuthentication" + }, + "MutualAuthentication": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest", + "markdownDescription": "Information about the authentication certificates to be used, if applicable. You must provide this information if *Type* is `certificate-authentication` .", + "title": "MutualAuthentication" + }, + "Type": { + "markdownDescription": "The type of client authentication to be used.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::EC2::TransitGatewayRoute": { + "AWS::EC2::ClientVpnEndpoint.ClientConnectOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether client connect options are enabled. The default is `false` (not enabled).", + "title": "Enabled", + "type": "boolean" + }, + "LambdaFunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function used for connection authorization.", + "title": "LambdaFunctionArn", + "type": "string" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions": { + "additionalProperties": false, + "properties": { + "BannerText": { + "markdownDescription": "Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.", + "title": "BannerText", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n\nValid values: `true | false`\n\nDefault value: `false`", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.ClientRouteEnforcementOptions": { + "additionalProperties": false, + "properties": { + "Enforced": { + "markdownDescription": "Enable or disable Client Route Enforcement. The state can either be `true` (enabled) or `false` (disabled). The default is `false` .\n\nValid values: `true | false`\n\nDefault value: `false`", + "title": "Enforced", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions": { + "additionalProperties": false, + "properties": { + "CloudwatchLogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group. Required if connection logging is enabled.", + "title": "CloudwatchLogGroup", + "type": "string" + }, + "CloudwatchLogStream": { + "markdownDescription": "The name of the CloudWatch Logs log stream to which the connection data is published.", + "title": "CloudwatchLogStream", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether connection logging is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "DirectoryId": { + "markdownDescription": "The ID of the Active Directory to be used for authentication.", + "title": "DirectoryId", + "type": "string" + } + }, + "required": [ + "DirectoryId" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "SAMLProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider.", + "title": "SAMLProviderArn", + "type": "string" + }, + "SelfServiceSAMLProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.", + "title": "SelfServiceSAMLProviderArn", + "type": "string" + } + }, + "required": [ + "SAMLProviderArn" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag. To tag a Client VPN endpoint, `ResourceType` must be `client-vpn-endpoint` .", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ResourceType", + "Tags" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -79716,35 +88708,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Blackhole": { - "markdownDescription": "Indicates whether to drop traffic that matches this route.", - "title": "Blackhole", - "type": "boolean" + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint to which to add the route.", + "title": "ClientVpnEndpointId", + "type": "string" }, - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidrBlock", + "Description": { + "markdownDescription": "A brief description of the route.", + "title": "Description", "type": "string" }, - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", + "DestinationCidrBlock": { + "markdownDescription": "The IPv4 address range, in CIDR notation, of the route destination. For example:\n\n- To add a route for Internet access, enter `0.0.0.0/0`\n- To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range\n- To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range\n- To add a route for the local network, enter the client CIDR range", + "title": "DestinationCidrBlock", "type": "string" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the transit gateway route table.", - "title": "TransitGatewayRouteTableId", + "TargetVpcSubnetId": { + "markdownDescription": "The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.\n\nAlternatively, if you're adding a route for the local network, specify `local` .", + "title": "TargetVpcSubnetId", "type": "string" } }, "required": [ - "TransitGatewayRouteTableId" + "ClientVpnEndpointId", + "DestinationCidrBlock", + "TargetVpcSubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRoute" + "AWS::EC2::ClientVpnRoute" ], "type": "string" }, @@ -79763,7 +88757,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayRouteTable": { + "AWS::EC2::ClientVpnTargetNetworkAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -79798,28 +88792,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the route table.", - "title": "Tags", - "type": "array" + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint.", + "title": "ClientVpnEndpointId", + "type": "string" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", + "SubnetId": { + "markdownDescription": "The ID of the subnet to associate with the Client VPN endpoint.", + "title": "SubnetId", "type": "string" } }, "required": [ - "TransitGatewayId" + "ClientVpnEndpointId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRouteTable" + "AWS::EC2::ClientVpnTargetNetworkAssociation" ], "type": "string" }, @@ -79838,7 +88830,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayRouteTableAssociation": { + "AWS::EC2::CustomerGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -79873,26 +88865,54 @@ "Properties": { "additionalProperties": false, "properties": { - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", + "BgpAsn": { + "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nDefault: 65000\n\nValid values: `1` to `2,147,483,647`", + "title": "BgpAsn", + "type": "number" + }, + "BgpAsnExtended": { + "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nValid values: `2,147,483,648` to `4,294,967,295`", + "title": "BgpAsnExtended", + "type": "number" + }, + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the customer gateway certificate.", + "title": "CertificateArn", "type": "string" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the route table for the transit gateway.", - "title": "TransitGatewayRouteTableId", + "DeviceName": { + "markdownDescription": "The name of customer gateway device.", + "title": "DeviceName", "type": "string" - } - }, - "required": [ - "TransitGatewayAttachmentId", - "TransitGatewayRouteTableId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayRouteTableAssociation" + }, + "IpAddress": { + "markdownDescription": "The IP address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `Ipv6` , you can use an IPv6 address.", + "title": "IpAddress", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags for the customer gateway.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of VPN connection that this customer gateway supports ( `ipsec.1` ).", + "title": "Type", + "type": "string" + } + }, + "required": [ + "IpAddress", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::CustomerGateway" ], "type": "string" }, @@ -79911,7 +88931,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayRouteTablePropagation": { + "AWS::EC2::DHCPOptions": { "additionalProperties": false, "properties": { "Condition": { @@ -79946,26 +88966,59 @@ "Properties": { "additionalProperties": false, "properties": { - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", + "DomainName": { + "markdownDescription": "This value is used to complete unqualified DNS hostnames. If you're using AmazonProvidedDNS in `us-east-1` , specify `ec2.internal` . If you're using AmazonProvidedDNS in another Region, specify *region* . `compute.internal` (for example, `ap-northeast-1.compute.internal` ). Otherwise, specify a domain name (for example, *MyCompany.com* ).", + "title": "DomainName", "type": "string" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the propagation route table.", - "title": "TransitGatewayRouteTableId", - "type": "string" + "DomainNameServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 addresses of up to four domain name servers, or `AmazonProvidedDNS` . The default is `AmazonProvidedDNS` . To have your instance receive a custom DNS hostname as specified in `DomainName` , you must set this property to a custom DNS server.", + "title": "DomainNameServers", + "type": "array" + }, + "Ipv6AddressPreferredLeaseTime": { + "markdownDescription": "A value (in seconds, minutes, hours, or years) for how frequently a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 seconds (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.", + "title": "Ipv6AddressPreferredLeaseTime", + "type": "number" + }, + "NetbiosNameServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 addresses of up to four NetBIOS name servers.", + "title": "NetbiosNameServers", + "type": "array" + }, + "NetbiosNodeType": { + "markdownDescription": "The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported).", + "title": "NetbiosNodeType", + "type": "number" + }, + "NtpServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers.", + "title": "NtpServers", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the DHCP options set.", + "title": "Tags", + "type": "array" } }, - "required": [ - "TransitGatewayAttachmentId", - "TransitGatewayRouteTableId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRouteTablePropagation" + "AWS::EC2::DHCPOptions" ], "type": "string" }, @@ -79979,12 +89032,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::TransitGatewayVpcAttachment": { + "AWS::EC2::EC2Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -80019,64 +89071,82 @@ "Properties": { "additionalProperties": false, "properties": { - "AddSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.", - "title": "AddSubnetIds", - "type": "array" + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", + "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayVpcAttachment.Options", - "markdownDescription": "The VPC attachment options.", - "title": "Options" + "ExcessCapacityTerminationPolicy": { + "markdownDescription": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` .", + "title": "ExcessCapacityTerminationPolicy", + "type": "string" }, - "RemoveSubnetIds": { + "LaunchTemplateConfigs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest" }, - "markdownDescription": "The IDs of one or more subnets to remove.", - "title": "RemoveSubnetIds", + "markdownDescription": "The configuration for the EC2 Fleet.", + "title": "LaunchTemplateConfigs", "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets.", - "title": "SubnetIds", - "type": "array" + "OnDemandOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.OnDemandOptionsRequest", + "markdownDescription": "Describes the configuration of On-Demand Instances in an EC2 Fleet.", + "title": "OnDemandOptions" }, - "Tags": { + "ReplaceUnhealthyInstances": { + "markdownDescription": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* .", + "title": "ReplaceUnhealthyInstances", + "type": "boolean" + }, + "SpotOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", + "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", + "title": "SpotOptions" + }, + "TagSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TagSpecification" }, - "markdownDescription": "The tags for the VPC attachment.", - "title": "Tags", + "markdownDescription": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) .", + "title": "TagSpecifications", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", + "TargetCapacitySpecification": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest", + "markdownDescription": "The number of units to request.", + "title": "TargetCapacitySpecification" + }, + "TerminateInstancesWithExpiration": { + "markdownDescription": "Indicates whether running instances should be terminated when the EC2 Fleet expires.", + "title": "TerminateInstancesWithExpiration", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* .", + "title": "Type", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "ValidFrom": { + "markdownDescription": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately.", + "title": "ValidFrom", + "type": "string" + }, + "ValidUntil": { + "markdownDescription": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.", + "title": "ValidUntil", "type": "string" } }, "required": [ - "SubnetIds", - "TransitGatewayId", - "VpcId" + "LaunchTemplateConfigs", + "TargetCapacitySpecification" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayVpcAttachment" + "AWS::EC2::EC2Fleet" ], "type": "string" }, @@ -80095,28 +89165,725 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayVpcAttachment.Options": { + "AWS::EC2::EC2Fleet.AcceleratorCountRequest": { "additionalProperties": false, "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", - "title": "ApplianceModeSupport", + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.BaselinePerformanceFactorsRequest": { + "additionalProperties": false, + "properties": { + "Cpu": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.BlockDeviceMapping": { + "additionalProperties": false, + "properties": { + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "DeviceName", "type": "string" }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. The default is `disable` .", - "title": "DnsSupport", + "Ebs": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.EbsBlockDevice", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", + "title": "NoDevice", "type": "string" }, - "Ipv6Support": { - "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", - "title": "Ipv6Support", + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", + "title": "VirtualName", "type": "string" } }, "type": "object" }, - "AWS::EC2::VPC": { + "AWS::EC2::EC2Fleet.CapacityRebalance": { + "additionalProperties": false, + "properties": { + "ReplacementStrategy": { + "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", + "title": "ReplacementStrategy", + "type": "string" + }, + "TerminationDelay": { + "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", + "title": "TerminationDelay", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest": { + "additionalProperties": false, + "properties": { + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ).\n\nIf you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.CpuPerformanceFactorRequest": { + "additionalProperties": false, + "properties": { + "References": { + "items": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.PerformanceFactorReferenceRequest" + }, + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently, only one instance family can be specified in the list.", + "title": "References", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.EbsBlockDevice": { + "additionalProperties": false, + "properties": { + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Encrypted": { + "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS encryption](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) in the *Amazon EBS User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .\n\n- If you are creating a block device mapping for a *new (empty) volume* , you can include this parameter, and specify either `true` for an encrypted volume, or `false` for an unencrypted volume. If you omit this parameter, it defaults to `false` (unencrypted).\n- If you are creating a block device mapping from an *existing encrypted or unencrypted snapshot* , you must omit this parameter. If you include this parameter, the request will fail, regardless of the value that you specify.\n- If you are creating a block device mapping from an *existing unencrypted volume* , you can include this parameter, but you must specify `false` . If you specify `true` , the request will fail. In this case, we recommend that you omit the parameter.\n- If you are creating a block device mapping from an *existing encrypted volume* , you can include this parameter, and specify either `true` or `false` . However, if you specify `false` , the parameter is ignored and the block device mapping is always encrypted. In this case, we recommend that you omit the parameter.", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.\n\nThis parameter is only supported on `BlockDeviceMapping` objects called by [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , and [RequestSpotInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html) .", + "title": "KmsKeyId", + "type": "string" + }, + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", + "type": "string" + }, + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest": { + "additionalProperties": false, + "properties": { + "LaunchTemplateSpecification": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest", + "markdownDescription": "The launch template to use. You must specify either the launch template ID or launch template name in the request.", + "title": "LaunchTemplateSpecification" + }, + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest" + }, + "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.\n\nFor fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates.", + "title": "Overrides", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to launch the instances.", + "title": "AvailabilityZone", + "type": "string" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BlockDeviceMapping" + }, + "markdownDescription": "The block device mappings, which define the EBS volumes and instance store volumes to attach to the instance at launch.\n\nSupported only for fleets of type `instant` .\n\nFor more information, see [Block device mappings for volumes on Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) in the *Amazon EC2 User Guide* .", + "title": "BlockDeviceMappings", + "type": "array" + }, + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.InstanceRequirementsRequest", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type.\n\n`mac1.metal` is not supported as a launch template override.\n\n> If you specify `InstanceType` , you can't specify `InstanceRequirements` .", + "title": "InstanceType", + "type": "string" + }, + "MaxPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.\n> \n> If you specify a maximum price, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message.", + "title": "MaxPrice", + "type": "string" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.Placement", + "markdownDescription": "The location where the instance launched, if applicable.", + "title": "Placement" + }, + "Priority": { + "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", + "title": "Priority", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID.", + "title": "SubnetId", + "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", + "title": "LaunchTemplateId", + "type": "string" + }, + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", + "title": "LaunchTemplateName", + "type": "string" + }, + "Version": { + "markdownDescription": "The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails.\n\nIf the value is `$Latest` , Amazon EC2 uses the latest version of the launch template.\n\nIf the value is `$Default` , Amazon EC2 uses the default version of the launch template.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Version" + ], + "type": "object" + }, + "AWS::EC2::EC2Fleet.InstanceRequirementsRequest": { + "additionalProperties": false, + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorCountRequest", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" + }, + "AcceleratorManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", + "type": "array" + }, + "AcceleratorNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", + "type": "array" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", + "type": "array" + }, + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" + }, + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" + }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" + }, + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", + "type": "string" + }, + "CpuManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", + "type": "array" + }, + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" + }, + "InstanceGenerations": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" + }, + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", + "type": "string" + }, + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" + }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest", + "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.VCpuCountRangeRequest", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.MaintenanceStrategies": { + "additionalProperties": false, + "properties": { + "CapacityRebalance": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityRebalance", + "markdownDescription": "The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.", + "title": "CapacityRebalance" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.MemoryMiBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.OnDemandOptionsRequest": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity.\n\n`lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first.\n\n`prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first.\n\nDefault: `lowest-price`", + "title": "AllocationStrategy", + "type": "string" + }, + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest", + "markdownDescription": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.\n\nSupported only for fleets of type `instant` .", + "title": "CapacityReservationOptions" + }, + "MaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "MaxTotalPrice", + "type": "string" + }, + "MinTargetCapacity": { + "markdownDescription": "The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", + "title": "MinTargetCapacity", + "type": "number" + }, + "SingleAvailabilityZone": { + "markdownDescription": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", + "title": "SingleAvailabilityZone", + "type": "boolean" + }, + "SingleInstanceType": { + "markdownDescription": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.\n\nSupported only for fleets of type `instant` .", + "title": "SingleInstanceType", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.PerformanceFactorReferenceRequest": { + "additionalProperties": false, + "properties": { + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response response for [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) and an exception for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , [ModifyFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html) , and [ModifySpotFleetRequest](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html) .", + "title": "InstanceFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.Placement": { + "additionalProperties": false, + "properties": { + "Affinity": { + "markdownDescription": "The affinity setting for the instance on the Dedicated Host.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", + "title": "Affinity", + "type": "string" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "AvailabilityZone", + "type": "string" + }, + "GroupName": { + "markdownDescription": "The name of the placement group that the instance is in. If you specify `GroupName` , you can't specify `GroupId` .", + "title": "GroupName", + "type": "string" + }, + "HostId": { + "markdownDescription": "The ID of the Dedicated Host on which the instance resides.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", + "title": "HostId", + "type": "string" + }, + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances.\n\nIf you specify this parameter, either omit the *Tenancy* parameter or set it to `host` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "HostResourceGroupArn", + "type": "string" + }, + "PartitionNumber": { + "markdownDescription": "The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "PartitionNumber", + "type": "number" + }, + "SpreadDomain": { + "markdownDescription": "Reserved for future use.", + "title": "SpreadDomain", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option.", + "title": "Tenancy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.SpotOptionsRequest": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.\n\nIf the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.\n\nIf the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify.\n\nIf the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity.\n\n*Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized`", + "title": "AllocationStrategy", + "type": "string" + }, + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted.\n\nDefault: `terminate`", + "title": "InstanceInterruptionBehavior", + "type": "string" + }, + "InstancePoolsToUseCount": { + "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", + "title": "InstancePoolsToUseCount", + "type": "number" + }, + "MaintenanceStrategies": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MaintenanceStrategies", + "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", + "title": "MaintenanceStrategies" + }, + "MaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "MaxTotalPrice", + "type": "string" + }, + "MinTargetCapacity": { + "markdownDescription": "The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", + "title": "MinTargetCapacity", + "type": "number" + }, + "SingleAvailabilityZone": { + "markdownDescription": "Indicates that the fleet launches all Spot Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", + "title": "SingleAvailabilityZone", + "type": "boolean" + }, + "SingleInstanceType": { + "markdownDescription": "Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.\n\nSupported only for fleets of type `instant` .", + "title": "SingleInstanceType", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag.", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest": { + "additionalProperties": false, + "properties": { + "DefaultTargetCapacityType": { + "markdownDescription": "The default target capacity type.", + "title": "DefaultTargetCapacityType", + "type": "string" + }, + "OnDemandTargetCapacity": { + "markdownDescription": "The number of On-Demand units to request.", + "title": "OnDemandTargetCapacity", + "type": "number" + }, + "SpotTargetCapacity": { + "markdownDescription": "The number of Spot units to request.", + "title": "SpotTargetCapacity", + "type": "number" + }, + "TargetCapacityUnitType": { + "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection.\n\nDefault: `units` (the number of instances)", + "title": "TargetCapacityUnitType", + "type": "string" + }, + "TotalTargetCapacity": { + "markdownDescription": "The number of units to request, filled using the default target capacity type.", + "title": "TotalTargetCapacity", + "type": "number" + } + }, + "required": [ + "TotalTargetCapacity" + ], + "type": "object" + }, + "AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.VCpuCountRangeRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EIP": { "additionalProperties": false, "properties": { "Condition": { @@ -80151,50 +89918,55 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrBlock": { - "markdownDescription": "The IPv4 network range for the VPC, in CIDR notation. For example, `10.0.0.0/16` . We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", - "title": "CidrBlock", + "Address": { + "markdownDescription": "An Elastic IP address or a carrier IP address in a Wavelength Zone.", + "title": "Address", "type": "string" }, - "EnableDnsHostnames": { - "markdownDescription": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .\n\nYou can only enable DNS hostnames if you've enabled DNS support.", - "title": "EnableDnsHostnames", - "type": "boolean" + "Domain": { + "markdownDescription": "The network ( `vpc` ).\n\nIf you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource.", + "title": "Domain", + "type": "string" }, - "EnableDnsSupport": { - "markdownDescription": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .", - "title": "EnableDnsSupport", - "type": "boolean" + "InstanceId": { + "markdownDescription": "The ID of the instance.\n\n> Updates to the `InstanceId` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "title": "InstanceId", + "type": "string" }, - "InstanceTenancy": { - "markdownDescription": "The allowed tenancy of instances launched into the VPC.\n\n- `default` : An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n- `dedicated` : An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of `host` during instance launch. You cannot specify a tenancy of `default` during instance launch.\n\nUpdating `InstanceTenancy` requires no replacement only if you are updating its value from `dedicated` to `default` . Updating `InstanceTenancy` from `default` to `dedicated` requires replacement.", - "title": "InstanceTenancy", + "IpamPoolId": { + "markdownDescription": "The ID of an IPAM pool which has an Amazon-provided or BYOIP public IPv4 CIDR provisioned to it. For more information, see [Allocate sequential Elastic IP addresses from an IPAM pool](https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-eip-pool.html) in the *Amazon VPC IPAM User Guide* .", + "title": "IpamPoolId", "type": "string" }, - "Ipv4IpamPoolId": { - "markdownDescription": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", - "title": "Ipv4IpamPoolId", + "NetworkBorderGroup": { + "markdownDescription": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n\nUse [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups.", + "title": "NetworkBorderGroup", "type": "string" }, - "Ipv4NetmaskLength": { - "markdownDescription": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4NetmaskLength", - "type": "number" + "PublicIpv4Pool": { + "markdownDescription": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n\n> Updates to the `PublicIpv4Pool` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "title": "PublicIpv4Pool", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the VPC.", + "markdownDescription": "Any tags assigned to the Elastic IP address.\n\n> Updates to the `Tags` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", "title": "Tags", "type": "array" + }, + "TransferAddress": { + "markdownDescription": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "TransferAddress", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPC" + "AWS::EC2::EIP" ], "type": "string" }, @@ -80212,7 +89984,7 @@ ], "type": "object" }, - "AWS::EC2::VPCCidrBlock": { + "AWS::EC2::EIPAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -80247,60 +90019,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonProvidedIpv6CidrBlock": { - "markdownDescription": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.", - "title": "AmazonProvidedIpv6CidrBlock", - "type": "boolean" - }, - "CidrBlock": { - "markdownDescription": "An IPv4 CIDR block to associate with the VPC.", - "title": "CidrBlock", - "type": "string" - }, - "Ipv4IpamPoolId": { - "markdownDescription": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4IpamPoolId", - "type": "string" - }, - "Ipv4NetmaskLength": { - "markdownDescription": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4NetmaskLength", - "type": "number" - }, - "Ipv6CidrBlock": { - "markdownDescription": "An IPv6 CIDR block from the IPv6 address pool. You must also specify `Ipv6Pool` in the request.\n\nTo let Amazon choose the IPv6 CIDR block for you, omit this parameter.", - "title": "Ipv6CidrBlock", + "AllocationId": { + "markdownDescription": "The allocation ID. This is required.", + "title": "AllocationId", "type": "string" }, - "Ipv6IpamPoolId": { - "markdownDescription": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv6IpamPoolId", + "InstanceId": { + "markdownDescription": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.", + "title": "InstanceId", "type": "string" }, - "Ipv6NetmaskLength": { - "markdownDescription": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv6NetmaskLength", - "type": "number" - }, - "Ipv6Pool": { - "markdownDescription": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", - "title": "Ipv6Pool", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n\nYou can specify either the instance ID or the network interface ID, but not both.", + "title": "NetworkInterfaceId", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "PrivateIpAddress": { + "markdownDescription": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.", + "title": "PrivateIpAddress", "type": "string" } }, - "required": [ - "VpcId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCCidrBlock" + "AWS::EC2::EIPAssociation" ], "type": "string" }, @@ -80314,12 +90058,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::VPCDHCPOptionsAssociation": { + "AWS::EC2::EgressOnlyInternetGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -80354,26 +90097,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DhcpOptionsId": { - "markdownDescription": "The ID of the DHCP options set, or `default` to associate no DHCP options with the VPC.", - "title": "DhcpOptionsId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the egress-only internet gateway.", + "title": "Tags", + "type": "array" }, "VpcId": { - "markdownDescription": "The ID of the VPC.", + "markdownDescription": "The ID of the VPC for which to create the egress-only internet gateway.", "title": "VpcId", "type": "string" } }, "required": [ - "DhcpOptionsId", "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCDHCPOptionsAssociation" + "AWS::EC2::EgressOnlyInternetGateway" ], "type": "string" }, @@ -80392,7 +90137,7 @@ ], "type": "object" }, - "AWS::EC2::VPCEndpoint": { + "AWS::EC2::EnclaveCertificateIamRoleAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -80427,65 +90172,26 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n\nFor CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. For example, if you have a JSON policy, you can convert it to YAML before including it in the YAML template, and AWS CloudFormation converts the policy to JSON format before calling the API actions for AWS PrivateLink . Alternatively, you can include the JSON directly in the YAML, as shown in the following `Properties` section:\n\n`Properties: VpcEndpointType: 'Interface' ServiceName: !Sub 'com.amazonaws.${AWS::Region}.logs' PolicyDocument: '{ \"Version\":\"2012-10-17\", \"Statement\": [{ \"Effect\":\"Allow\", \"Principal\":\"*\", \"Action\":[\"logs:Describe*\",\"logs:Get*\",\"logs:List*\",\"logs:FilterLogEvents\"], \"Resource\":\"*\" }] }'`", - "title": "PolicyDocument", - "type": "object" - }, - "PrivateDnsEnabled": { - "markdownDescription": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, `kinesis.us-east-1.amazonaws.com` ), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to `true` : `enableDnsHostnames` and `enableDnsSupport` .\n\nThis property is supported only for interface endpoints.\n\nDefault: `false`", - "title": "PrivateDnsEnabled", - "type": "boolean" + "CertificateArn": { + "markdownDescription": "The ARN of the ACM certificate with which to associate the IAM role.", + "title": "CertificateArn", + "type": "string" }, - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the route tables. Routing is supported only for gateway endpoints.", - "title": "RouteTableIds", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints.", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServiceName": { - "markdownDescription": "The name of the endpoint service.", - "title": "ServiceName", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.", - "title": "SubnetIds", - "type": "array" - }, - "VpcEndpointType": { - "markdownDescription": "The type of endpoint.\n\nDefault: Gateway", - "title": "VpcEndpointType", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.", + "title": "RoleArn", "type": "string" } }, "required": [ - "ServiceName", - "VpcId" + "CertificateArn", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpoint" + "AWS::EC2::EnclaveCertificateIamRoleAssociation" ], "type": "string" }, @@ -80504,7 +90210,7 @@ ], "type": "object" }, - "AWS::EC2::VPCEndpointConnectionNotification": { + "AWS::EC2::FlowLog": { "additionalProperties": false, "properties": { "Condition": { @@ -80539,129 +90245,79 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionEvents": { - "items": { - "type": "string" - }, - "markdownDescription": "The endpoint events for which to receive notifications. Valid values are `Accept` , `Connect` , `Delete` , and `Reject` .", - "title": "ConnectionEvents", - "type": "array" + "DeliverCrossAccountRole": { + "markdownDescription": "The ARN of the IAM role that allows the service to publish flow logs across accounts.", + "title": "DeliverCrossAccountRole", + "type": "string" }, - "ConnectionNotificationArn": { - "markdownDescription": "The ARN of the SNS topic for the notifications.", - "title": "ConnectionNotificationArn", + "DeliverLogsPermissionArn": { + "markdownDescription": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.\n\nThis parameter is required if the destination type is `cloud-watch-logs` , or if the destination type is `kinesis-data-firehose` and the delivery stream and the resources to monitor are in different accounts.", + "title": "DeliverLogsPermissionArn", "type": "string" }, - "ServiceId": { - "markdownDescription": "The ID of the endpoint service.", - "title": "ServiceId", + "DestinationOptions": { + "$ref": "#/definitions/AWS::EC2::FlowLog.DestinationOptions", + "markdownDescription": "The destination options.", + "title": "DestinationOptions" + }, + "LogDestination": { + "markdownDescription": "The destination for the flow log data. The meaning of this parameter depends on the destination type.\n\n- If the destination type is `cloud-watch-logs` , specify the ARN of a CloudWatch Logs log group. For example:\n\narn:aws:logs: *region* : *account_id* :log-group: *my_group*\n\nAlternatively, use the `LogGroupName` parameter.\n- If the destination type is `s3` , specify the ARN of an S3 bucket. For example:\n\narn:aws:s3::: *my_bucket* / *my_subfolder* /\n\nThe subfolder is optional. Note that you can't use `AWSLogs` as a subfolder name.\n- If the destination type is `kinesis-data-firehose` , specify the ARN of a Kinesis Data Firehose delivery stream. For example:\n\narn:aws:firehose: *region* : *account_id* :deliverystream: *my_stream*", + "title": "LogDestination", "type": "string" }, - "VPCEndpointId": { - "markdownDescription": "The ID of the endpoint.", - "title": "VPCEndpointId", + "LogDestinationType": { + "markdownDescription": "The type of destination for the flow log data.\n\nDefault: `cloud-watch-logs`", + "title": "LogDestinationType", "type": "string" - } - }, - "required": [ - "ConnectionEvents", - "ConnectionNotificationArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPCEndpointConnectionNotification" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EC2::VPCEndpointService": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "LogFormat": { + "markdownDescription": "The fields to include in the flow log record, in the order in which they should appear. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must include at least one field. For more information about the available fields, see [Flow log records](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) in the *Amazon VPC User Guide* or [Transit Gateway Flow Log records](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) in the *AWS Transit Gateway Guide* .\n\nSpecify the fields using the `${field-id}` format, separated by spaces.", + "title": "LogFormat", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AcceptanceRequired": { - "markdownDescription": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted.", - "title": "AcceptanceRequired", - "type": "boolean" + "LogGroupName": { + "markdownDescription": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.\n\nThis parameter is valid only if the destination type is `cloud-watch-logs` .", + "title": "LogGroupName", + "type": "string" }, - "ContributorInsightsEnabled": { - "markdownDescription": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink .", - "title": "ContributorInsightsEnabled", - "type": "boolean" + "MaxAggregationInterval": { + "markdownDescription": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. The possible values are 60 seconds (1 minute) or 600 seconds (10 minutes). This parameter must be 60 seconds for transit gateway resource types.\n\nWhen a network interface is attached to a [Nitro-based instance](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) , the aggregation interval is always 60 seconds or less, regardless of the value that you specify.\n\nDefault: 600", + "title": "MaxAggregationInterval", + "type": "number" }, - "GatewayLoadBalancerArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers.", - "title": "GatewayLoadBalancerArns", - "type": "array" + "ResourceId": { + "markdownDescription": "The ID of the resource to monitor. For example, if the resource type is `VPC` , specify the ID of the VPC.", + "title": "ResourceId", + "type": "string" }, - "NetworkLoadBalancerArns": { + "ResourceType": { + "markdownDescription": "The type of resource to monitor.", + "title": "ResourceType", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Network Load Balancers.", - "title": "NetworkLoadBalancerArns", + "markdownDescription": "The tags to apply to the flow logs.", + "title": "Tags", "type": "array" }, - "PayerResponsibility": { - "markdownDescription": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner.", - "title": "PayerResponsibility", + "TrafficType": { + "markdownDescription": "The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). This parameter is not supported for transit gateway resource types. It is required for the other resource types.", + "title": "TrafficType", "type": "string" } }, + "required": [ + "ResourceId", + "ResourceType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpointService" + "AWS::EC2::FlowLog" ], "type": "string" }, @@ -80675,86 +90331,38 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::VPCEndpointServicePermissions": { + "AWS::EC2::FlowLog.DestinationOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FileFormat": { + "markdownDescription": "The format for the flow log. The default is `plain-text` .", + "title": "FileFormat", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedPrincipals": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked.", - "title": "AllowedPrincipals", - "type": "array" - }, - "ServiceId": { - "markdownDescription": "The ID of the service.", - "title": "ServiceId", - "type": "string" - } - }, - "required": [ - "ServiceId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPCEndpointServicePermissions" - ], - "type": "string" + "HiveCompatiblePartitions": { + "markdownDescription": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` .", + "title": "HiveCompatiblePartitions", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "PerHourPartition": { + "markdownDescription": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` .", + "title": "PerHourPartition", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "FileFormat", + "HiveCompatiblePartitions", + "PerHourPartition" ], "type": "object" }, - "AWS::EC2::VPCGatewayAttachment": { + "AWS::EC2::GatewayRouteTableAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -80789,30 +90397,26 @@ "Properties": { "additionalProperties": false, "properties": { - "InternetGatewayId": { - "markdownDescription": "The ID of the internet gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", - "title": "InternetGatewayId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "GatewayId": { + "markdownDescription": "The ID of the gateway.", + "title": "GatewayId", "type": "string" }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", - "title": "VpnGatewayId", + "RouteTableId": { + "markdownDescription": "The ID of the route table.", + "title": "RouteTableId", "type": "string" } }, "required": [ - "VpcId" + "GatewayId", + "RouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCGatewayAttachment" + "AWS::EC2::GatewayRouteTableAssociation" ], "type": "string" }, @@ -80831,7 +90435,7 @@ ], "type": "object" }, - "AWS::EC2::VPCPeeringConnection": { + "AWS::EC2::Host": { "additionalProperties": false, "properties": { "Condition": { @@ -80866,49 +90470,63 @@ "Properties": { "additionalProperties": false, "properties": { - "PeerOwnerId": { - "markdownDescription": "The AWS account ID of the owner of the accepter VPC.\n\nDefault: Your AWS account ID", - "title": "PeerOwnerId", + "AssetId": { + "markdownDescription": "The ID of the Outpost hardware asset on which the Dedicated Host is allocated.", + "title": "AssetId", "type": "string" }, - "PeerRegion": { - "markdownDescription": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.\n\nDefault: The Region in which you make the request.", - "title": "PeerRegion", + "AutoPlacement": { + "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", + "title": "AutoPlacement", "type": "string" }, - "PeerRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.\n\nThis is required when you are peering a VPC in a different AWS account.", - "title": "PeerRoleArn", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to allocate the Dedicated Host.", + "title": "AvailabilityZone", "type": "string" }, - "PeerVpcId": { - "markdownDescription": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.", - "title": "PeerVpcId", + "HostMaintenance": { + "markdownDescription": "Indicates whether host maintenance is enabled or disabled for the Dedicated Host.", + "title": "HostMaintenance", + "type": "string" + }, + "HostRecovery": { + "markdownDescription": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see [Host recovery](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", + "title": "HostRecovery", + "type": "string" + }, + "InstanceFamily": { + "markdownDescription": "The instance family supported by the Dedicated Host. For example, `m5` .", + "title": "InstanceFamily", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.", + "title": "InstanceType", + "type": "string" + }, + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Outpost on which the Dedicated Host is allocated.", + "title": "OutpostArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the resource.", + "markdownDescription": "Any tags assigned to the Dedicated Host.", "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" } }, "required": [ - "PeerVpcId", - "VpcId" + "AvailabilityZone" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCPeeringConnection" + "AWS::EC2::Host" ], "type": "string" }, @@ -80927,7 +90545,7 @@ ], "type": "object" }, - "AWS::EC2::VPNConnection": { + "AWS::EC2::IPAM": { "additionalProperties": false, "properties": { "Condition": { @@ -80962,57 +90580,56 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomerGatewayId": { - "markdownDescription": "The ID of the customer gateway at your end of the VPN connection.", - "title": "CustomerGatewayId", - "type": "string" - }, - "StaticRoutesOnly": { - "markdownDescription": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n\nIf you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .", - "title": "StaticRoutesOnly", - "type": "boolean" - }, - "Tags": { + "DefaultResourceDiscoveryOrganizationalUnitExclusions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::IPAM.IpamOrganizationalUnitExclusion" }, - "markdownDescription": "Any tags assigned to the VPN connection.", - "title": "Tags", + "markdownDescription": "If your IPAM is integrated with AWS Organizations, you can exclude an [organizational unit (OU)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#organizationalunit) from being managed by IPAM. When you exclude an OU, IPAM will not manage the IP addresses in accounts in that OU. For more information, see [Exclude organizational units from IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/exclude-ous.html) in the *Amazon Virtual Private Cloud IP Address Manager User Guide* .", + "title": "DefaultResourceDiscoveryOrganizationalUnitExclusions", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway associated with the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", - "title": "TransitGatewayId", + "Description": { + "markdownDescription": "The description for the IPAM.", + "title": "Description", "type": "string" }, - "Type": { - "markdownDescription": "The type of VPN connection.", - "title": "Type", - "type": "string" + "EnablePrivateGua": { + "markdownDescription": "Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.", + "title": "EnablePrivateGua", + "type": "boolean" }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", - "title": "VpnGatewayId", + "MeteredAccount": { + "markdownDescription": "A metered account is an AWS account that is charged for active IP addresses managed in IPAM. For more information, see [Enable cost distribution](https://docs.aws.amazon.com/vpc/latest/ipam/ipam-enable-cost-distro.html) in the *Amazon VPC IPAM User Guide* .\n\nPossible values:\n\n- `ipam-owner` (default): The AWS account which owns the IPAM is charged for all active IP addresses managed in IPAM.\n- `resource-owner` : The AWS account that owns the IP address is charged for the active IP address.", + "title": "MeteredAccount", "type": "string" }, - "VpnTunnelOptionsSpecifications": { + "OperatingRegions": { "items": { - "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification" + "$ref": "#/definitions/AWS::EC2::IPAM.IpamOperatingRegion" }, - "markdownDescription": "The tunnel options for the VPN connection.", - "title": "VpnTunnelOptionsSpecifications", + "markdownDescription": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "OperatingRegions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "title": "Tags", "type": "array" + }, + "Tier": { + "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", + "title": "Tier", + "type": "string" } }, - "required": [ - "CustomerGatewayId", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPNConnection" + "AWS::EC2::IPAM" ], "type": "string" }, @@ -81026,28 +90643,39 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification": { + "AWS::EC2::IPAM.IpamOperatingRegion": { "additionalProperties": false, "properties": { - "PreSharedKey": { - "markdownDescription": "The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.\n\nConstraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).", - "title": "PreSharedKey", + "RegionName": { + "markdownDescription": "The name of the operating Region.", + "title": "RegionName", "type": "string" - }, - "TunnelInsideCidr": { - "markdownDescription": "The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.\n\nConstraints: A size /30 CIDR block from the `169.254.0.0/16` range. The following CIDR blocks are reserved and cannot be used:\n\n- `169.254.0.0/30`\n- `169.254.1.0/30`\n- `169.254.2.0/30`\n- `169.254.3.0/30`\n- `169.254.4.0/30`\n- `169.254.5.0/30`\n- `169.254.169.252/30`", - "title": "TunnelInsideCidr", + } + }, + "required": [ + "RegionName" + ], + "type": "object" + }, + "AWS::EC2::IPAM.IpamOrganizationalUnitExclusion": { + "additionalProperties": false, + "properties": { + "OrganizationsEntityPath": { + "markdownDescription": "An AWS Organizations entity path. For more information on the entity path, see [Understand the AWS Organizations entity path](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_last-accessed-view-data-orgs.html#access_policies_access-advisor-viewing-orgs-entity-path) in the *AWS Identity and Access Management User Guide* .", + "title": "OrganizationsEntityPath", "type": "string" } }, + "required": [ + "OrganizationsEntityPath" + ], "type": "object" }, - "AWS::EC2::VPNConnectionRoute": { + "AWS::EC2::IPAMAllocation": { "additionalProperties": false, "properties": { "Condition": { @@ -81082,26 +90710,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block associated with the local subnet of the customer network.", - "title": "DestinationCidrBlock", + "Cidr": { + "markdownDescription": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR.", + "title": "Cidr", "type": "string" }, - "VpnConnectionId": { - "markdownDescription": "The ID of the VPN connection.", - "title": "VpnConnectionId", + "Description": { + "markdownDescription": "A description for the allocation.", + "title": "Description", + "type": "string" + }, + "IpamPoolId": { + "markdownDescription": "The ID of the IPAM pool from which you would like to allocate a CIDR.", + "title": "IpamPoolId", "type": "string" + }, + "NetmaskLength": { + "markdownDescription": "The netmask length of the CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "NetmaskLength", + "type": "number" } }, "required": [ - "DestinationCidrBlock", - "VpnConnectionId" + "IpamPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPNConnectionRoute" + "AWS::EC2::IPAMAllocation" ], "type": "string" }, @@ -81120,7 +90757,7 @@ ], "type": "object" }, - "AWS::EC2::VPNGateway": { + "AWS::EC2::IPAMPool": { "additionalProperties": false, "properties": { "Condition": { @@ -81155,33 +90792,105 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonSideAsn": { - "markdownDescription": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session.", - "title": "AmazonSideAsn", + "AddressFamily": { + "markdownDescription": "The address family of the pool.", + "title": "AddressFamily", + "type": "string" + }, + "AllocationDefaultNetmaskLength": { + "markdownDescription": "The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.", + "title": "AllocationDefaultNetmaskLength", "type": "number" }, - "Tags": { + "AllocationMaxNetmaskLength": { + "markdownDescription": "The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. The maximum netmask length must be greater than the minimum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "AllocationMaxNetmaskLength", + "type": "number" + }, + "AllocationMinNetmaskLength": { + "markdownDescription": "The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. The minimum netmask length must be less than the maximum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "AllocationMinNetmaskLength", + "type": "number" + }, + "AllocationResourceTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the virtual private gateway.", - "title": "Tags", + "markdownDescription": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.", + "title": "AllocationResourceTags", "type": "array" }, - "Type": { - "markdownDescription": "The type of VPN connection the virtual private gateway supports.", - "title": "Type", + "AutoImport": { + "markdownDescription": "If selected, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.\n\nA locale must be set on the pool for this feature to work.", + "title": "AutoImport", + "type": "boolean" + }, + "AwsService": { + "markdownDescription": "Limits which service in AWS that the pool can be used in. \"ec2\", for example, allows users to use space for Elastic IP addresses and VPCs.", + "title": "AwsService", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the IPAM pool.", + "title": "Description", + "type": "string" + }, + "IpamScopeId": { + "markdownDescription": "The ID of the scope in which you would like to create the IPAM pool.", + "title": "IpamScopeId", + "type": "string" + }, + "Locale": { + "markdownDescription": "The locale of the IPAM pool.\n\nThe locale for the pool should be one of the following:\n\n- An AWS Region where you want this IPAM pool to be available for allocations.\n- The network border group for an AWS Local Zone where you want this IPAM pool to be available for allocations ( [supported Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-zone-avail) ). This option is only available for IPAM IPv4 pools in the public scope.\n\nIf you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error.", + "title": "Locale", + "type": "string" + }, + "ProvisionedCidrs": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMPool.ProvisionedCidr" + }, + "markdownDescription": "Information about the CIDRs provisioned to an IPAM pool.", + "title": "ProvisionedCidrs", + "type": "array" + }, + "PublicIpSource": { + "markdownDescription": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `BYOIP` . For more information, see [Create IPv6 pools](https://docs.aws.amazon.com//vpc/latest/ipam/intro-create-ipv6-pools.html) in the *Amazon VPC IPAM User Guide* . By default, you can add only one Amazon-provided IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the default limit, see [Quotas for your IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/quotas-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "PublicIpSource", + "type": "string" + }, + "PubliclyAdvertisable": { + "markdownDescription": "Determines if a pool is publicly advertisable. This option is not available for pools with AddressFamily set to `ipv4` .", + "title": "PubliclyAdvertisable", + "type": "boolean" + }, + "SourceIpamPoolId": { + "markdownDescription": "The ID of the source IPAM pool. You can use this option to create an IPAM pool within an existing source pool.", + "title": "SourceIpamPoolId", "type": "string" + }, + "SourceResource": { + "$ref": "#/definitions/AWS::EC2::IPAMPool.SourceResource", + "markdownDescription": "The resource used to provision CIDRs to a resource planning pool.", + "title": "SourceResource" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "title": "Tags", + "type": "array" } }, "required": [ - "Type" + "AddressFamily", + "IpamScopeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPNGateway" + "AWS::EC2::IPAMPool" ], "type": "string" }, @@ -81200,7 +90909,53 @@ ], "type": "object" }, - "AWS::EC2::VPNGatewayRoutePropagation": { + "AWS::EC2::IPAMPool.ProvisionedCidr": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", + "title": "Cidr", + "type": "string" + } + }, + "required": [ + "Cidr" + ], + "type": "object" + }, + "AWS::EC2::IPAMPool.SourceResource": { + "additionalProperties": false, + "properties": { + "ResourceId": { + "markdownDescription": "The source resource ID.", + "title": "ResourceId", + "type": "string" + }, + "ResourceOwner": { + "markdownDescription": "The source resource owner.", + "title": "ResourceOwner", + "type": "string" + }, + "ResourceRegion": { + "markdownDescription": "The source resource Region.", + "title": "ResourceRegion", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The source resource type.", + "title": "ResourceType", + "type": "string" + } + }, + "required": [ + "ResourceId", + "ResourceOwner", + "ResourceRegion", + "ResourceType" + ], + "type": "object" + }, + "AWS::EC2::IPAMPoolCidr": { "additionalProperties": false, "properties": { "Condition": { @@ -81235,29 +90990,30 @@ "Properties": { "additionalProperties": false, "properties": { - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to.", - "title": "RouteTableIds", - "type": "array" + "Cidr": { + "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", + "title": "Cidr", + "type": "string" }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with.", - "title": "VpnGatewayId", + "IpamPoolId": { + "markdownDescription": "The ID of the IPAM pool.", + "title": "IpamPoolId", "type": "string" + }, + "NetmaskLength": { + "markdownDescription": "The netmask length of the CIDR you'd like to provision to a pool. Can be used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for provisioning CIDRs to pools with source pools. Cannot be used to provision BYOIP CIDRs to top-level pools. \"NetmaskLength\" or \"Cidr\" is required.", + "title": "NetmaskLength", + "type": "number" } }, "required": [ - "RouteTableIds", - "VpnGatewayId" + "IpamPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPNGatewayRoutePropagation" + "AWS::EC2::IPAMPoolCidr" ], "type": "string" }, @@ -81276,7 +91032,7 @@ ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint": { + "AWS::EC2::IPAMResourceDiscovery": { "additionalProperties": false, "properties": { "Condition": { @@ -81311,96 +91067,41 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationDomain": { - "markdownDescription": "The DNS name for users to reach your application.", - "title": "ApplicationDomain", - "type": "string" - }, - "AttachmentType": { - "markdownDescription": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", - "title": "AttachmentType", - "type": "string" - }, "Description": { - "markdownDescription": "A description for the AWS Verified Access endpoint.", + "markdownDescription": "The resource discovery description.", "title": "Description", "type": "string" }, - "DomainCertificateArn": { - "markdownDescription": "The ARN of a public TLS/SSL certificate imported into or created with ACM.", - "title": "DomainCertificateArn", - "type": "string" - }, - "EndpointDomainPrefix": { - "markdownDescription": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.", - "title": "EndpointDomainPrefix", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.", - "title": "EndpointType", - "type": "string" - }, - "LoadBalancerOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions", - "markdownDescription": "The load balancer details if creating the AWS Verified Access endpoint as `load-balancer` type.", - "title": "LoadBalancerOptions" - }, - "NetworkInterfaceOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions", - "markdownDescription": "The options for network-interface type endpoint.", - "title": "NetworkInterfaceOptions" - }, - "PolicyDocument": { - "markdownDescription": "The Verified Access policy document.", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyEnabled": { - "markdownDescription": "The status of the Verified Access policy.", - "title": "PolicyEnabled", - "type": "boolean" - }, - "SecurityGroupIds": { + "OperatingRegions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion" }, - "markdownDescription": "The IDs of the security groups for the endpoint.", - "title": "SecurityGroupIds", + "markdownDescription": "The operating Regions for the resource discovery. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.", + "title": "OperatingRegions", "type": "array" }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" + "OrganizationalUnitExclusions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamResourceDiscoveryOrganizationalUnitExclusion" + }, + "markdownDescription": "If your IPAM is integrated with AWS Organizations, you can exclude an [organizational unit (OU)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#organizationalunit) from being managed by IPAM. When you exclude an OU, IPAM will not manage the IP addresses in accounts in that OU. For more information, see [Exclude organizational units from IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/exclude-ous.html) in the *Amazon Virtual Private Cloud IP Address Manager User Guide* .", + "title": "OrganizationalUnitExclusions", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", "title": "Tags", "type": "array" - }, - "VerifiedAccessGroupId": { - "markdownDescription": "The ID of the AWS Verified Access group.", - "title": "VerifiedAccessGroupId", - "type": "string" } }, - "required": [ - "ApplicationDomain", - "AttachmentType", - "DomainCertificateArn", - "EndpointDomainPrefix", - "EndpointType", - "VerifiedAccessGroupId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VerifiedAccessEndpoint" + "AWS::EC2::IPAMResourceDiscovery" ], "type": "string" }, @@ -81414,78 +91115,39 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions": { - "additionalProperties": false, - "properties": { - "LoadBalancerArn": { - "markdownDescription": "The ARN of the load balancer.", - "title": "LoadBalancerArn", - "type": "string" - }, - "Port": { - "markdownDescription": "The IP port number.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The IP protocol.", - "title": "Protocol", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions": { + "AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion": { "additionalProperties": false, "properties": { - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "Port": { - "markdownDescription": "The IP port number.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The IP protocol.", - "title": "Protocol", + "RegionName": { + "markdownDescription": "The name of the operating Region.", + "title": "RegionName", "type": "string" } }, + "required": [ + "RegionName" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint.SseSpecification": { + "AWS::EC2::IPAMResourceDiscovery.IpamResourceDiscoveryOrganizationalUnitExclusion": { "additionalProperties": false, "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", - "type": "boolean" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", + "OrganizationsEntityPath": { + "markdownDescription": "An AWS Organizations entity path. For more information on the entity path, see [Understand the AWS Organizations entity path](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_last-accessed-view-data-orgs.html#access_policies_access-advisor-viewing-orgs-entity-path) in the *AWS Identity and Access Management User Guide* .", + "title": "OrganizationsEntityPath", "type": "string" } }, + "required": [ + "OrganizationsEntityPath" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessGroup": { + "AWS::EC2::IPAMResourceDiscoveryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -81520,48 +91182,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access group.", - "title": "Description", + "IpamId": { + "markdownDescription": "The IPAM ID.", + "title": "IpamId", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "The Verified Access policy document.", - "title": "PolicyDocument", + "IpamResourceDiscoveryId": { + "markdownDescription": "The resource discovery ID.", + "title": "IpamResourceDiscoveryId", "type": "string" }, - "PolicyEnabled": { - "markdownDescription": "The status of the Verified Access policy.", - "title": "PolicyEnabled", - "type": "boolean" - }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessGroup.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", "title": "Tags", "type": "array" - }, - "VerifiedAccessInstanceId": { - "markdownDescription": "The ID of the AWS Verified Access instance.", - "title": "VerifiedAccessInstanceId", - "type": "string" } }, "required": [ - "VerifiedAccessInstanceId" + "IpamId", + "IpamResourceDiscoveryId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VerifiedAccessGroup" + "AWS::EC2::IPAMResourceDiscoveryAssociation" ], "type": "string" }, @@ -81580,23 +91228,7 @@ ], "type": "object" }, - "AWS::EC2::VerifiedAccessGroup.SseSpecification": { - "additionalProperties": false, - "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", - "type": "boolean" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance": { + "AWS::EC2::IPAMScope": { "additionalProperties": false, "properties": { "Condition": { @@ -81632,50 +91264,32 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description for the AWS Verified Access instance.", + "markdownDescription": "The description of the scope.", "title": "Description", "type": "string" }, - "FipsEnabled": { - "markdownDescription": "Indicates whether support for Federal Information Processing Standards (FIPS) is enabled on the instance.", - "title": "FipsEnabled", - "type": "boolean" - }, - "LoggingConfigurations": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs", - "markdownDescription": "The logging configuration for the Verified Access instances.", - "title": "LoggingConfigurations" + "IpamId": { + "markdownDescription": "The ID of the IPAM for which you're creating this scope.", + "title": "IpamId", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", "title": "Tags", "type": "array" - }, - "VerifiedAccessTrustProviderIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the AWS Verified Access trust providers.", - "title": "VerifiedAccessTrustProviderIds", - "type": "array" - }, - "VerifiedAccessTrustProviders": { - "items": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider" - }, - "markdownDescription": "The IDs of the AWS Verified Access trust providers.", - "title": "VerifiedAccessTrustProviders", - "type": "array" } }, + "required": [ + "IpamId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VerifiedAccessInstance" + "AWS::EC2::IPAMScope" ], "type": "string" }, @@ -81689,136 +91303,20 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.CloudWatchLogs": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "LogGroup": { - "markdownDescription": "The ID of the CloudWatch Logs log group.", - "title": "LogGroup", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose": { - "additionalProperties": false, - "properties": { - "DeliveryStream": { - "markdownDescription": "The ID of the delivery stream.", - "title": "DeliveryStream", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance.S3": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The bucket name.", - "title": "BucketName", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account number that owns the bucket.", - "title": "BucketOwner", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Prefix": { - "markdownDescription": "The bucket prefix.", - "title": "Prefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.CloudWatchLogs", - "markdownDescription": "CloudWatch Logs logging destination.", - "title": "CloudWatchLogs" - }, - "IncludeTrustContext": { - "markdownDescription": "Indicates whether to include trust data sent by trust providers in the logs.", - "title": "IncludeTrustContext", - "type": "boolean" - }, - "KinesisDataFirehose": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose", - "markdownDescription": "Kinesis logging destination.", - "title": "KinesisDataFirehose" - }, - "LogVersion": { - "markdownDescription": "The logging version.\n\nValid values: `ocsf-0.1` | `ocsf-1.0.0-rc.2`", - "title": "LogVersion", - "type": "string" - }, - "S3": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.S3", - "markdownDescription": "Amazon S3 logging options.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access trust provider.", - "title": "Description", - "type": "string" - }, - "DeviceTrustProviderType": { - "markdownDescription": "The type of device-based trust provider.", - "title": "DeviceTrustProviderType", - "type": "string" - }, - "TrustProviderType": { - "markdownDescription": "The type of Verified Access trust provider.", - "title": "TrustProviderType", - "type": "string" - }, - "UserTrustProviderType": { - "markdownDescription": "The type of user-based trust provider.", - "title": "UserTrustProviderType", - "type": "string" - }, - "VerifiedAccessTrustProviderId": { - "markdownDescription": "The ID of the AWS Verified Access trust provider.", - "title": "VerifiedAccessTrustProviderId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessTrustProvider": { + "AWS::EC2::Instance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "CreationPolicy": { + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -81848,64 +91346,250 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access trust provider.", - "title": "Description", + "AdditionalInfo": { + "markdownDescription": "This property is reserved for internal use. If you use it, the stack fails with this error: `Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)` .", + "title": "AdditionalInfo", "type": "string" }, - "DeviceOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions", - "markdownDescription": "The options for device-identity trust provider.", - "title": "DeviceOptions" + "Affinity": { + "markdownDescription": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify `host` . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify `default` .", + "title": "Affinity", + "type": "string" }, - "DeviceTrustProviderType": { - "markdownDescription": "The type of device-based trust provider.", - "title": "DeviceTrustProviderType", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", + "title": "AvailabilityZone", "type": "string" }, - "OidcOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.OidcOptions", - "markdownDescription": "The options for an OpenID Connect-compatible user-identity trust provider.", - "title": "OidcOptions" + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.BlockDeviceMapping" + }, + "markdownDescription": "The block device mapping entries that defines the block devices to attach to the instance at launch.\n\nBy default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the `DeleteOnTermination` setting.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "BlockDeviceMappings", + "type": "array" }, - "PolicyReferenceName": { - "markdownDescription": "The identifier to be used when working with policy rules.", - "title": "PolicyReferenceName", + "CpuOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.CpuOptions", + "markdownDescription": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.CreditSpecification", + "markdownDescription": "The credit option for CPU usage of the burstable performance instance. Valid values are `standard` and `unlimited` . To change this attribute after launch, use [ModifyInstanceCreditSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html) . For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `standard` (T2 instances) or `unlimited` (T3/T3a/T4g instances)\n\nFor T3 instances with `host` tenancy, only `standard` is supported.", + "title": "CreditSpecification" + }, + "DisableApiTermination": { + "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", + "title": "DisableApiTermination", + "type": "boolean" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.\n\nDefault: `false`", + "title": "EbsOptimized", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.ElasticGpuSpecification" + }, + "markdownDescription": "An elastic GPU to associate with the instance.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", + "title": "ElasticGpuSpecifications", + "type": "array" + }, + "ElasticInferenceAccelerators": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.ElasticInferenceAccelerator" + }, + "markdownDescription": "An elastic inference accelerator to associate with the instance.\n\n> Amazon Elastic Inference is no longer available.", + "title": "ElasticInferenceAccelerators", + "type": "array" + }, + "EnclaveOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.EnclaveOptions", + "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "title": "EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.HibernationOptions", + "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .\n\nYou can't enable hibernation and AWS Nitro Enclaves on the same instance.", + "title": "HibernationOptions" + }, + "HostId": { + "markdownDescription": "If you specify host for the `Affinity` property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.", + "title": "HostId", "type": "string" }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", + "title": "HostResourceGroupArn", + "type": "string" + }, + "IamInstanceProfile": { + "markdownDescription": "The name of an IAM instance profile. To create a new IAM instance profile, use the [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html) resource.", + "title": "IamInstanceProfile", + "type": "string" + }, + "ImageId": { + "markdownDescription": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", + "title": "ImageId", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", + "title": "InstanceInitiatedShutdownBehavior", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nWhen you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance with an instance store volume as the root volume is always replaced. For more information, see [Change the instance type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceType", + "type": "string" + }, + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" + }, + "markdownDescription": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", + "title": "Ipv6Addresses", + "type": "array" + }, + "KernelId": { + "markdownDescription": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "KernelId", + "type": "string" + }, + "KeyName": { + "markdownDescription": "The name of the key pair. For more information, see [Create a key pair for your EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "title": "KeyName", + "type": "string" + }, + "LaunchTemplate": { + "$ref": "#/definitions/AWS::EC2::Instance.LaunchTemplateSpecification", + "markdownDescription": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", + "title": "LaunchTemplate" + }, + "LicenseSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.LicenseSpecification" + }, + "markdownDescription": "The license configurations.", + "title": "LicenseSpecifications", + "type": "array" + }, + "MetadataOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.MetadataOptions", + "markdownDescription": "The metadata options for the instance.", + "title": "MetadataOptions" + }, + "Monitoring": { + "markdownDescription": "Specifies whether detailed monitoring is enabled for the instance. Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see [Enable or turn off detailed monitoring for your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) in the *Amazon EC2 User Guide* .", + "title": "Monitoring", + "type": "boolean" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.NetworkInterface" + }, + "markdownDescription": "The network interfaces to associate with the instance.\n\n> If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.\n> \n> If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment.", + "title": "NetworkInterfaces", + "type": "array" + }, + "PlacementGroupName": { + "markdownDescription": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).", + "title": "PlacementGroupName", + "type": "string" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.PrivateDnsNameOptions", + "markdownDescription": "The options for the instance hostname.", + "title": "PrivateDnsNameOptions" + }, + "PrivateIpAddress": { + "markdownDescription": "The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same request.\n\nIf you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PropagateTagsToVolumeOnCreation": { + "markdownDescription": "Indicates whether to assign the tags specified in the `Tags` property to the volumes specified in the `BlockDeviceMappings` property.\n\nNote that using this feature does not assign the tags to volumes that are created separately and then attached using `AWS::EC2::VolumeAttachment` .", + "title": "PropagateTagsToVolumeOnCreation", + "type": "boolean" + }, + "RamdiskId": { + "markdownDescription": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "RamdiskId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nYou cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.\n\nDefault: Amazon EC2 uses the default security group.", + "title": "SecurityGroups", + "type": "array" + }, + "SourceDestCheck": { + "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", + "title": "SourceDestCheck", + "type": "boolean" + }, + "SsmAssociations": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.SsmAssociation" + }, + "markdownDescription": "The SSM [document](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html) and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see [Create an IAM instance profile for Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-configuring-access-role.html) in the *AWS Systems Manager User Guide* .\n\n> You can associate only one document with an instance.", + "title": "SsmAssociations", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", + "title": "SubnetId", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "The tags to add to the instance. These tags are not applied to the EBS volumes, such as the root volume, unless [PropagateTagsToVolumeOnCreation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-propagatetagstovolumeoncreation) is `true` .", "title": "Tags", "type": "array" }, - "TrustProviderType": { - "markdownDescription": "The type of Verified Access trust provider.", - "title": "TrustProviderType", + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.", + "title": "Tenancy", "type": "string" }, - "UserTrustProviderType": { - "markdownDescription": "The type of user-based trust provider.", - "title": "UserTrustProviderType", + "UserData": { + "markdownDescription": "The parameters or scripts to store as user data. Any scripts in user data are run when you launch the instance. User data is limited to 16 KB. You must provide base64-encoded text. For more information, see [Fn::Base64](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-base64.html) .\n\nIf the root volume is an EBS volume and you update user data, CloudFormation restarts the instance. If the root volume is an instance store volume and you update user data, the instance is replaced.", + "title": "UserData", "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.Volume" + }, + "markdownDescription": "The volumes to attach to the instance.", + "title": "Volumes", + "type": "array" } }, - "required": [ - "PolicyReferenceName", - "TrustProviderType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VerifiedAccessTrustProvider" + "AWS::EC2::Instance" ], "type": "string" }, @@ -81919,288 +91603,483 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions": { + "AWS::EC2::Instance.AssociationParameter": { "additionalProperties": false, "properties": { - "PublicSigningKeyUrl": { - "markdownDescription": "The URL AWS Verified Access will use to verify the authenticity of the device tokens.", - "title": "PublicSigningKeyUrl", + "Key": { + "markdownDescription": "The name of an input parameter that is in the associated SSM document.", + "title": "Key", "type": "string" }, - "TenantId": { - "markdownDescription": "The ID of the tenant application with the device-identity provider.", - "title": "TenantId", - "type": "string" + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "The value of an input parameter.", + "title": "Value", + "type": "array" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider.OidcOptions": { + "AWS::EC2::Instance.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "AuthorizationEndpoint": { - "markdownDescription": "The OIDC authorization endpoint.", - "title": "AuthorizationEndpoint", + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).\n\n> After the instance is running, this parameter is used to specify the device name of the block device mapping to update.", + "title": "DeviceName", "type": "string" }, - "ClientId": { - "markdownDescription": "The client identifier.", - "title": "ClientId", + "Ebs": { + "$ref": "#/definitions/AWS::EC2::Instance.Ebs", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) .", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NoDevice", + "type": "object" + }, + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\n*Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VirtualName", "type": "string" + } + }, + "required": [ + "DeviceName" + ], + "type": "object" + }, + "AWS::EC2::Instance.CpuOptions": { + "additionalProperties": false, + "properties": { + "CoreCount": { + "markdownDescription": "The number of CPU cores for the instance.", + "title": "CoreCount", + "type": "number" }, - "ClientSecret": { - "markdownDescription": "The client secret.", - "title": "ClientSecret", + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core.", + "title": "ThreadsPerCore", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.CreditSpecification": { + "additionalProperties": false, + "properties": { + "CPUCredits": { + "markdownDescription": "The credit option for CPU usage of the instance.\n\nValid values: `standard` | `unlimited`\n\nT3 instances with `host` tenancy do not support the `unlimited` CPU credit option.", + "title": "CPUCredits", "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.Ebs": { + "additionalProperties": false, + "properties": { + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "Issuer": { - "markdownDescription": "The OIDC issuer.", - "title": "Issuer", + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000-16,000 IOPS\n- `io1` : 100-64,000 IOPS\n- `io2` : 100-64,000 IOPS\n\nFor `io1` and `io2` volumes, we guarantee 64,000 IOPS only for [Instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . Other instance families guarantee performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` . If the encrypted state is `true` but you do not specify `KmsKeyId` , your KMS key for EBS is used.\n\nYou can specify the KMS key using any of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. For example, alias/ExampleAlias.\n- Key ARN. For example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "KmsKeyId", "type": "string" }, - "Scope": { - "markdownDescription": "The OpenID Connect (OIDC) scope specified.", - "title": "Scope", + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.\n\nIf you specify both `SnapshotId` and `VolumeSize` , `VolumeSize` must be equal or greater than the size of the snapshot.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "SnapshotId", "type": "string" }, - "TokenEndpoint": { - "markdownDescription": "The OIDC token endpoint.", - "title": "TokenEndpoint", + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` :1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide* . If the volume type is `io1` or `io2` , you must specify the IOPS that the volume supports.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VolumeType", "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.ElasticGpuSpecification": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of Elastic Graphics accelerator.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::EC2::Instance.ElasticInferenceAccelerator": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of elastic inference accelerators to attach to the instance.", + "title": "Count", + "type": "number" }, - "UserInfoEndpoint": { - "markdownDescription": "The OIDC user info endpoint.", - "title": "UserInfoEndpoint", + "Type": { + "markdownDescription": "The type of elastic inference accelerator. The possible values are `eia1.medium` , `eia1.large` , `eia1.xlarge` , `eia2.medium` , `eia2.large` , and `eia2.xlarge` .", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider.SseSpecification": { + "AWS::EC2::Instance.EnaSrdSpecification": { "additionalProperties": false, "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", "type": "boolean" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.EnaSrdUdpSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.EnclaveOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.HibernationOptions": { + "additionalProperties": false, + "properties": { + "Configured": { + "markdownDescription": "Set to `true` to enable your instance for hibernation.\n\nFor Spot Instances, if you set `Configured` to `true` , either omit the `InstanceInterruptionBehavior` parameter (for [`SpotMarketOptions`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html) ), or set it to `hibernate` . When `Configured` is true:\n\n- If you omit `InstanceInterruptionBehavior` , it defaults to `hibernate` .\n- If you set `InstanceInterruptionBehavior` to a value other than `hibernate` , you'll get an error.\n\nDefault: `false`", + "title": "Configured", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.InstanceIpv6Address": { + "additionalProperties": false, + "properties": { + "Ipv6Address": { + "markdownDescription": "The IPv6 address.", + "title": "Ipv6Address", "type": "string" } }, + "required": [ + "Ipv6Address" + ], "type": "object" }, - "AWS::EC2::Volume": { + "AWS::EC2::Instance.LaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", + "title": "LaunchTemplateId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", + "title": "LaunchTemplateName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Version": { + "markdownDescription": "The version number of the launch template. You must specify this property.\n\nTo specify the default version of the template, use the `Fn::GetAtt` intrinsic function to retrieve the `DefaultVersionNumber` attribute of the launch template. To specify the latest version of the template, use `Fn::GetAtt` to retrieve the `LatestVersionNumber` attribute. For more information, see [AWS::EC2:LaunchTemplate return values for Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Version" + ], + "type": "object" + }, + "AWS::EC2::Instance.LicenseSpecification": { + "additionalProperties": false, + "properties": { + "LicenseConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", + "title": "LicenseConfigurationArn", + "type": "string" + } + }, + "required": [ + "LicenseConfigurationArn" + ], + "type": "object" + }, + "AWS::EC2::Instance.MetadataOptions": { + "additionalProperties": false, + "properties": { + "HttpEndpoint": { + "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances.\n\nIf you specify a value of `disabled` , you cannot access your instance metadata.\n\nDefault: `enabled`", + "title": "HttpEndpoint", + "type": "string" }, - "Metadata": { - "type": "object" + "HttpProtocolIpv6": { + "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", + "title": "HttpProtocolIpv6", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoEnableIO": { - "markdownDescription": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O.", - "title": "AutoEnableIO", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The ID of the Availability Zone in which to create the volume. For example, `us-east-1a` .", - "title": "AvailabilityZone", - "type": "string" - }, - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) in the *Amazon EBS User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` .\n\nIf you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to `true` , then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the AWS managed key .\n\nAlternatively, if you want to specify a different key, you can specify one of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. Specify the alias for the key, prefixed with `alias/` . For example, for a key with the alias `my_cmk` , use `alias/my_cmk` . Or to specify the AWS managed key , use `alias/aws/ebs` .\n- Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.", - "title": "KmsKeyId", - "type": "string" - }, - "MultiAttachEnabled": { - "markdownDescription": "Indicates whether Amazon EBS Multi-Attach is enabled.\n\nAWS CloudFormation does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume.", - "title": "MultiAttachEnabled", - "type": "boolean" - }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", - "title": "OutpostArn", - "type": "string" - }, - "Size": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "Size", - "type": "number" - }, - "SnapshotId": { - "markdownDescription": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.", - "title": "SnapshotId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the volume during creation.", - "title": "Tags", - "type": "array" - }, - "Throughput": { - "markdownDescription": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n\nThis parameter is valid only for `gp3` volumes. The default value is 125.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", - "title": "Throughput", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) .\n\nDefault: `gp2`", - "title": "VolumeType", - "type": "string" - } - }, - "required": [ - "AvailabilityZone" - ], - "type": "object" + "HttpPutResponseHopLimit": { + "markdownDescription": "The maximum number of hops that the metadata token can travel.\n\nPossible values: Integers from 1 to 64", + "title": "HttpPutResponseHopLimit", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EC2::Volume" - ], + "HttpTokens": { + "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional, which means that you can use either IMDSv2 or IMDSv1.\n- `required` - IMDSv2 is required, which means that IMDSv1 is disabled, and you must use IMDSv2.\n\nDefault:\n\n- If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` and the account level default is set to `no-preference` , the default is `required` .\n- If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , but the account level default is set to `V1 or V2` , the default is `optional` .\n\nThe default value can also be affected by other combinations of parameters. For more information, see [Order of precedence for instance metadata options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html#instance-metadata-options-order-of-precedence) in the *Amazon EC2 User Guide* .", + "title": "HttpTokens", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InstanceMetadataTags": { + "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [Work with instance tags using the instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS) .\n\nDefault: `disabled`", + "title": "InstanceMetadataTags", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::VolumeAttachment": { + "AWS::EC2::Instance.NetworkInterface": { "additionalProperties": false, "properties": { - "Condition": { + "AssociateCarrierIpAddress": { + "markdownDescription": "Indicates whether to assign a carrier IP address to the network interface.\n\nYou can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see [Carrier IP address](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", + "title": "AssociateCarrierIpAddress", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance. Applies only if creating a network interface when launching an instance. The network interface must be the primary network interface. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeviceIndex": { + "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you create a network interface when launching an instance, you must specify the device index.", + "title": "DeviceIndex", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.EnaSrdSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdSpecification" }, - "Metadata": { - "type": "object" + "GroupSet": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", + "title": "GroupSet", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Device": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "Device", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "The ID of the instance to which the volume attaches. This value can be a reference to an [`AWS::EC2::Instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance.", - "title": "InstanceId", - "type": "string" - }, - "VolumeId": { - "markdownDescription": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [`AWS::EC2::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume.", - "title": "VolumeId", - "type": "string" - } + "Ipv6AddressCount": { + "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" }, - "required": [ - "InstanceId", - "VolumeId" - ], - "type": "object" + "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6Addresses", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::VolumeAttachment" - ], + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface, when attaching an existing network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.PrivateIpAddressSpecification" + }, + "markdownDescription": "One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet associated with the network interface.", + "title": "SubnetId", "type": "string" } }, "required": [ - "Type", - "Properties" + "DeviceIndex" ], "type": "object" }, - "AWS::ECR::PublicRepository": { + "AWS::EC2::Instance.PrivateDnsNameOptions": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" + }, + "HostnameType": { + "markdownDescription": "The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "HostnameType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.PrivateIpAddressSpecification": { + "additionalProperties": false, + "properties": { + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", + "type": "string" + } + }, + "required": [ + "Primary", + "PrivateIpAddress" + ], + "type": "object" + }, + "AWS::EC2::Instance.SsmAssociation": { + "additionalProperties": false, + "properties": { + "AssociationParameters": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.AssociationParameter" + }, + "markdownDescription": "The input parameter values to use with the associated SSM document.", + "title": "AssociationParameters", + "type": "array" + }, + "DocumentName": { + "markdownDescription": "The name of an SSM document to associate with the instance.", + "title": "DocumentName", + "type": "string" + } + }, + "required": [ + "DocumentName" + ], + "type": "object" + }, + "AWS::EC2::Instance.State": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The state of the instance as a 16-bit unsigned integer.\n\nThe high byte is all of the bits between 2^8 and (2^16)-1, which equals decimal values between 256 and 65,535. These numerical values are used for internal purposes and should be ignored.\n\nThe low byte is all of the bits between 2^0 and (2^8)-1, which equals decimal values between 0 and 255.\n\nThe valid values for instance-state-code will all be in the range of the low byte and they are:\n\n- `0` : `pending`\n- `16` : `running`\n- `32` : `shutting-down`\n- `48` : `terminated`\n- `64` : `stopping`\n- `80` : `stopped`\n\nYou can ignore the high byte value by zeroing out all of the bits above 2^8 or 256 in decimal.", + "title": "Code", + "type": "string" + }, + "Name": { + "markdownDescription": "The current state of the instance.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.Volume": { + "additionalProperties": false, + "properties": { + "Device": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "Device", + "type": "string" + }, + "VolumeId": { + "markdownDescription": "The ID of the EBS volume. The volume and instance must be within the same Availability Zone.", + "title": "VolumeId", + "type": "string" + } + }, + "required": [ + "Device", + "VolumeId" + ], + "type": "object" + }, + "AWS::EC2::InstanceConnectEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -82235,35 +92114,46 @@ "Properties": { "additionalProperties": false, "properties": { - "RepositoryCatalogData": { - "$ref": "#/definitions/AWS::ECR::PublicRepository.RepositoryCatalogData", - "markdownDescription": "The details about the repository that are publicly visible in the Amazon ECR Public Gallery. For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .", - "title": "RepositoryCatalogData" - }, - "RepositoryName": { - "markdownDescription": "The name to use for the public repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "RepositoryName", + "ClientToken": { + "markdownDescription": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "title": "ClientToken", "type": "string" }, - "RepositoryPolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the public repository. For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .", - "title": "RepositoryPolicyText", - "type": "object" + "PreserveClientIp": { + "markdownDescription": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\n> `PreserveClientIp` is only supported on IPv4 EC2 Instance Connect Endpoints. To use `PreserveClientIp` , the value for `IpAddressType` must be `ipv4` . \n\nDefault: `false`", + "title": "PreserveClientIp", + "type": "boolean" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", + "title": "SubnetId", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", + "markdownDescription": "The tags to apply to the EC2 Instance Connect Endpoint during creation.", "title": "Tags", "type": "array" } }, + "required": [ + "SubnetId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::PublicRepository" + "AWS::EC2::InstanceConnectEndpoint" ], "type": "string" }, @@ -82277,48 +92167,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECR::PublicRepository.RepositoryCatalogData": { - "additionalProperties": false, - "properties": { - "AboutText": { - "markdownDescription": "The longform description of the contents of the repository. This text appears in the repository details on the Amazon ECR Public Gallery.", - "title": "AboutText", - "type": "string" - }, - "Architectures": { - "items": { - "type": "string" - }, - "markdownDescription": "The architecture tags that are associated with the repository.", - "title": "Architectures", - "type": "array" - }, - "OperatingSystems": { - "items": { - "type": "string" - }, - "markdownDescription": "The operating system tags that are associated with the repository.", - "title": "OperatingSystems", - "type": "array" - }, - "RepositoryDescription": { - "markdownDescription": "The short description of the repository.", - "title": "RepositoryDescription", - "type": "string" - }, - "UsageText": { - "markdownDescription": "The longform usage details of the contents of the repository. The usage text provides context for users of the repository.", - "title": "UsageText", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECR::PullThroughCacheRule": { + "AWS::EC2::InternetGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -82353,32 +92207,20 @@ "Properties": { "additionalProperties": false, "properties": { - "CredentialArn": { - "markdownDescription": "The ARN of the Secrets Manager secret associated with the pull through cache rule.", - "title": "CredentialArn", - "type": "string" - }, - "EcrRepositoryPrefix": { - "markdownDescription": "The Amazon ECR repository prefix associated with the pull through cache rule.", - "title": "EcrRepositoryPrefix", - "type": "string" - }, - "UpstreamRegistry": { - "markdownDescription": "The name of the upstream source registry associated with the pull through cache rule.", - "title": "UpstreamRegistry", - "type": "string" - }, - "UpstreamRegistryUrl": { - "markdownDescription": "The upstream registry URL associated with the pull through cache rule.", - "title": "UpstreamRegistryUrl", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags to assign to the internet gateway.", + "title": "Tags", + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::ECR::PullThroughCacheRule" + "AWS::EC2::InternetGateway" ], "type": "string" }, @@ -82396,7 +92238,7 @@ ], "type": "object" }, - "AWS::ECR::RegistryPolicy": { + "AWS::EC2::KeyPair": { "additionalProperties": false, "properties": { "Condition": { @@ -82431,20 +92273,43 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyText": { - "markdownDescription": "The JSON policy text for your registry.", - "title": "PolicyText", - "type": "object" + "KeyFormat": { + "markdownDescription": "The format of the key pair.\n\nDefault: `pem`", + "title": "KeyFormat", + "type": "string" + }, + "KeyName": { + "markdownDescription": "A unique name for the key pair.\n\nConstraints: Up to 255 ASCII characters", + "title": "KeyName", + "type": "string" + }, + "KeyType": { + "markdownDescription": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n\nIf the `PublicKeyMaterial` property is specified, the `KeyType` property is ignored, and the key type is inferred from the `PublicKeyMaterial` value.\n\nDefault: `rsa`", + "title": "KeyType", + "type": "string" + }, + "PublicKeyMaterial": { + "markdownDescription": "The public key material. The `PublicKeyMaterial` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", + "title": "PublicKeyMaterial", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the key pair.", + "title": "Tags", + "type": "array" } }, "required": [ - "PolicyText" + "KeyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::RegistryPolicy" + "AWS::EC2::KeyPair" ], "type": "string" }, @@ -82463,7 +92328,7 @@ ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration": { + "AWS::EC2::LaunchTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -82498,20 +92363,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationConfiguration", - "markdownDescription": "The replication configuration for a registry.", - "title": "ReplicationConfiguration" + "LaunchTemplateData": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateData", + "markdownDescription": "The information for the launch template.", + "title": "LaunchTemplateData" + }, + "LaunchTemplateName": { + "markdownDescription": "A name for the launch template.", + "title": "LaunchTemplateName", + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification" + }, + "markdownDescription": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be `launch-template` .\n\nTo specify the tags for resources that are created during instance launch, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications) .", + "title": "TagSpecifications", + "type": "array" + }, + "VersionDescription": { + "markdownDescription": "A description for the first version of the launch template.", + "title": "VersionDescription", + "type": "string" } }, "required": [ - "ReplicationConfiguration" + "LaunchTemplateData" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::ReplicationConfiguration" + "AWS::EC2::LaunchTemplate" ], "type": "string" }, @@ -82530,1245 +92413,732 @@ ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.ReplicationConfiguration": { + "AWS::EC2::LaunchTemplate.AcceleratorCount": { "additionalProperties": false, "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationRule" - }, - "markdownDescription": "An array of objects representing the replication destinations and repository filters for a replication configuration.", - "title": "Rules", - "type": "array" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Rules" - ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.ReplicationDestination": { + "AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB": { "additionalProperties": false, "properties": { - "Region": { - "markdownDescription": "The Region to replicate to.", - "title": "Region", - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "RegistryId": { - "markdownDescription": "The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID.", - "title": "RegistryId", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Region", - "RegistryId" - ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.ReplicationRule": { + "AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps": { "additionalProperties": false, "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationDestination" - }, - "markdownDescription": "An array of objects representing the destination for a replication rule.", - "title": "Destinations", - "type": "array" + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "RepositoryFilters": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.RepositoryFilter" - }, - "markdownDescription": "An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.", - "title": "RepositoryFilters", - "type": "array" + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Destinations" - ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.RepositoryFilter": { + "AWS::EC2::LaunchTemplate.BaselinePerformanceFactors": { "additionalProperties": false, "properties": { - "Filter": { - "markdownDescription": "The repository filter details. When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.", - "title": "Filter", - "type": "string" - }, - "FilterType": { - "markdownDescription": "The repository filter type. The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.", - "title": "FilterType", - "type": "string" + "Cpu": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Cpu", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" } }, - "required": [ - "Filter", - "FilterType" - ], "type": "object" }, - "AWS::ECR::Repository": { + "AWS::EC2::LaunchTemplate.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeviceName": { + "markdownDescription": "The device name (for example, /dev/sdh or xvdh).", + "title": "DeviceName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "EmptyOnDelete": { - "markdownDescription": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.", - "title": "EmptyOnDelete", - "type": "boolean" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::ECR::Repository.EncryptionConfiguration", - "markdownDescription": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", - "title": "EncryptionConfiguration" - }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ECR::Repository.ImageScanningConfiguration", - "markdownDescription": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.", - "title": "ImageScanningConfiguration" - }, - "ImageTagMutability": { - "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", - "title": "ImageTagMutability", - "type": "string" - }, - "LifecyclePolicy": { - "$ref": "#/definitions/AWS::ECR::Repository.LifecyclePolicy", - "markdownDescription": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .", - "title": "LifecyclePolicy" - }, - "RepositoryName": { - "markdownDescription": "The name to use for the repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "RepositoryName", - "type": "string" - }, - "RepositoryPolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "RepositoryPolicyText", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "Ebs": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ebs", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" }, - "Type": { - "enum": [ - "AWS::ECR::Repository" - ], + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string.", + "title": "NoDevice", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VirtualName": { + "markdownDescription": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.", + "title": "VirtualName", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ECR::Repository.EncryptionConfiguration": { + "AWS::EC2::LaunchTemplate.CapacityReservationSpecification": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "EncryptionType", + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `capacity-reservations-only` - The instance will only run in a Capacity Reservation or Capacity Reservation group. If capacity isn't available, the instance will fail to launch.\n- `open` - The instance can run in any `open` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone, tenancy).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.", + "title": "CapacityReservationPreference", "type": "string" }, - "KmsKey": { - "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", - "title": "KmsKey", - "type": "string" - } - }, - "required": [ - "EncryptionType" - ], - "type": "object" - }, - "AWS::ECR::Repository.ImageScanningConfiguration": { - "additionalProperties": false, - "properties": { - "ScanOnPush": { - "markdownDescription": "The setting that determines whether images are scanned after being pushed to a repository. If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.", - "title": "ScanOnPush", - "type": "boolean" + "CapacityReservationTarget": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationTarget", + "markdownDescription": "Information about the target Capacity Reservation or Capacity Reservation group.", + "title": "CapacityReservationTarget" } }, "type": "object" }, - "AWS::ECR::Repository.LifecyclePolicy": { + "AWS::EC2::LaunchTemplate.CapacityReservationTarget": { "additionalProperties": false, "properties": { - "LifecyclePolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the repository.", - "title": "LifecyclePolicyText", + "CapacityReservationId": { + "markdownDescription": "The ID of the Capacity Reservation in which to run the instance.", + "title": "CapacityReservationId", "type": "string" }, - "RegistryId": { - "markdownDescription": "The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.", - "title": "RegistryId", + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", "type": "string" } }, "type": "object" }, - "AWS::ECR::RepositoryCreationTemplate": { + "AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppliedFor": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of enumerable Strings representing the repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION", - "title": "AppliedFor", - "type": "array" - }, - "Description": { - "markdownDescription": "The description associated with the repository creation template.", - "title": "Description", - "type": "string" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration", - "markdownDescription": "The encryption configuration associated with the repository creation template.", - "title": "EncryptionConfiguration" - }, - "ImageTagMutability": { - "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", - "title": "ImageTagMutability", - "type": "string" - }, - "LifecyclePolicy": { - "markdownDescription": "The lifecycle policy to use for repositories created using the template.", - "title": "LifecyclePolicy", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The repository namespace prefix associated with the repository creation template.", - "title": "Prefix", - "type": "string" - }, - "RepositoryPolicy": { - "markdownDescription": "The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.", - "title": "RepositoryPolicy", - "type": "string" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "ResourceTags", - "type": "array" - } - }, - "required": [ - "AppliedFor", - "Prefix" - ], - "type": "object" + "TcpEstablishedTimeout": { + "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", + "title": "TcpEstablishedTimeout", + "type": "number" }, - "Type": { - "enum": [ - "AWS::ECR::RepositoryCreationTemplate" - ], - "type": "string" + "UdpStreamTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", + "title": "UdpStreamTimeout", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "UdpTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", + "title": "UdpTimeout", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration": { + "AWS::EC2::LaunchTemplate.Cpu": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "EncryptionType", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", - "title": "KmsKey", - "type": "string" + "References": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Reference" + }, + "markdownDescription": "The instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes are compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.", + "title": "References", + "type": "array" } }, - "required": [ - "EncryptionType" - ], "type": "object" }, - "AWS::ECS::CapacityProvider": { + "AWS::EC2::LaunchTemplate.CpuOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AmdSevSnp": { + "markdownDescription": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html) .", + "title": "AmdSevSnp", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupProvider": { - "$ref": "#/definitions/AWS::ECS::CapacityProvider.AutoScalingGroupProvider", - "markdownDescription": "The Auto Scaling group settings for the capacity provider.", - "title": "AutoScalingGroupProvider" - }, - "Name": { - "markdownDescription": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AutoScalingGroupProvider" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ECS::CapacityProvider" - ], - "type": "string" + "CoreCount": { + "markdownDescription": "The number of CPU cores for the instance.", + "title": "CoreCount", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of `1` . Otherwise, specify the default value of `2` .", + "title": "ThreadsPerCore", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { + "AWS::EC2::LaunchTemplate.CreditSpecification": { "additionalProperties": false, "properties": { - "AutoScalingGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.", - "title": "AutoScalingGroupArn", - "type": "string" - }, - "ManagedDraining": { - "markdownDescription": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.", - "title": "ManagedDraining", - "type": "string" - }, - "ManagedScaling": { - "$ref": "#/definitions/AWS::ECS::CapacityProvider.ManagedScaling", - "markdownDescription": "The managed scaling settings for the Auto Scaling group capacity provider.", - "title": "ManagedScaling" - }, - "ManagedTerminationProtection": { - "markdownDescription": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off.\n\n> When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. \n\nWhen managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* .\n\nWhen managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.", - "title": "ManagedTerminationProtection", + "CpuCredits": { + "markdownDescription": "The credit option for CPU usage of a T instance.\n\nValid values: `standard` | `unlimited`", + "title": "CpuCredits", "type": "string" } }, - "required": [ - "AutoScalingGroupArn" - ], "type": "object" }, - "AWS::ECS::CapacityProvider.ManagedScaling": { + "AWS::EC2::LaunchTemplate.Ebs": { "additionalProperties": false, "properties": { - "InstanceWarmupPeriod": { - "markdownDescription": "The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used.", - "title": "InstanceWarmupPeriod", - "type": "number" + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "MaximumScalingStepSize": { - "markdownDescription": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. If this parameter is omitted, the default value of `10000` is used.", - "title": "MaximumScalingStepSize", - "type": "number" + "Encrypted": { + "markdownDescription": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "title": "Encrypted", + "type": "boolean" }, - "MinimumScalingStepSize": { - "markdownDescription": "The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used.\n\nWhen additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size.\n\nIf you use a capacity provider with an Auto Scaling group configured with more than one Amazon EC2 instance type or Availability Zone, Amazon ECS will scale up by the exact minimum scaling step size value and will ignore both the maximum scaling step size as well as the capacity demand.", - "title": "MinimumScalingStepSize", + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is supported for `io1` , `io2` , and `gp3` volumes only.", + "title": "Iops", "type": "number" }, - "Status": { - "markdownDescription": "Determines whether to use managed scaling for the capacity provider.", - "title": "Status", + "KmsKeyId": { + "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.", + "title": "KmsKeyId", "type": "string" }, - "TargetCapacity": { - "markdownDescription": "The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used.", - "title": "TargetCapacity", + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", + "type": "string" + }, + "Throughput": { + "markdownDescription": "The throughput to provision for a `gp3` volume, with a maximum of 1,000 MiB/s.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", + "title": "Throughput", + "type": "number" + }, + "VolumeInitializationRate": { + "markdownDescription": "Specifies the Amazon EBS Provisioned Rate for Volume Initialization (volume initialization rate), in MiB/s, at which to download the snapshot blocks from Amazon S3 to the volume. This is also known as *volume initialization* . Specifying a volume initialization rate ensures that the volume is initialized at a predictable and consistent rate after creation.\n\nThis parameter is supported only for volumes created from snapshots. Omit this parameter if:\n\n- You want to create the volume using fast snapshot restore. You must specify a snapshot that is enabled for fast snapshot restore. In this case, the volume is fully initialized at creation.\n\n> If you specify a snapshot that is enabled for fast snapshot restore and a volume initialization rate, the volume will be initialized at the specified rate instead of fast snapshot restore.\n- You want to create a volume that is initialized at the default rate.\n\nFor more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EC2 User Guide* .\n\nValid range: 100 - 300 MiB/s", + "title": "VolumeInitializationRate", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::ECS::Cluster": { + "AWS::EC2::LaunchTemplate.ElasticGpuSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CapacityProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n\nTo use a AWS Fargate capacity provider, specify either the `FARGATE` or `FARGATE_SPOT` capacity providers. The AWS Fargate capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n\nThe [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created.", - "title": "CapacityProviders", - "type": "array" - }, - "ClusterName": { - "markdownDescription": "A user-generated string that you use to identify your cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID for the name.", - "title": "ClusterName", - "type": "string" - }, - "ClusterSettings": { - "items": { - "$ref": "#/definitions/AWS::ECS::Cluster.ClusterSettings" - }, - "markdownDescription": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n\nContainer Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up.\n\nFor more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ClusterSettings", - "type": "array" - }, - "Configuration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ClusterConfiguration", - "markdownDescription": "The execute command and managed storage configuration for the cluster.", - "title": "Configuration" - }, - "DefaultCapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::ECS::Cluster.CapacityProviderStrategyItem" - }, - "markdownDescription": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used.", - "title": "DefaultCapacityProviderStrategy", - "type": "array" - }, - "ServiceConnectDefaults": { - "$ref": "#/definitions/AWS::ECS::Cluster.ServiceConnectDefaults", - "markdownDescription": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the `enabled` parameter to `true` in the `ServiceConnectConfiguration` . You can set the namespace of each service individually in the `ServiceConnectConfiguration` to override this default parameter.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ServiceConnectDefaults" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, "Type": { - "enum": [ - "AWS::ECS::Cluster" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The type of Elastic Graphics accelerator.", + "title": "Type", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ECS::Cluster.CapacityProviderStrategyItem": { + "AWS::EC2::LaunchTemplate.EnaSrdSpecification": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", - "type": "number" - }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", - "type": "number" + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" } }, "type": "object" }, - "AWS::ECS::Cluster.ClusterConfiguration": { + "AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification": { "additionalProperties": false, "properties": { - "ExecuteCommandConfiguration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandConfiguration", - "markdownDescription": "The details of the execute command configuration.", - "title": "ExecuteCommandConfiguration" + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::ECS::Cluster.ClusterSettings": { + "AWS::EC2::LaunchTemplate.EnclaveOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the cluster setting. The value is `containerInsights` .", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value to set for the cluster setting. The supported values are `enhanced` , `enabled` , and `disabled` .\n\nTo use Container Insights with enhanced observability, set the `containerInsights` account setting to `enhanced` .\n\nTo use Container Insights, set the `containerInsights` account setting to `enabled` .\n\nIf a cluster value is specified, it will override the `containerInsights` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html) .", - "title": "Value", - "type": "string" + "Enabled": { + "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::ECS::Cluster.ExecuteCommandConfiguration": { + "AWS::EC2::LaunchTemplate.HibernationOptions": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "Specify an AWS Key Management Service key ID to encrypt the data between the local client and the container.", - "title": "KmsKeyId", - "type": "string" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandLogConfiguration", - "markdownDescription": "The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When `logging=OVERRIDE` is specified, a `logConfiguration` must be provided.", - "title": "LogConfiguration" - }, - "Logging": { - "markdownDescription": "The log setting to use for redirecting logs for your execute command results. The following log settings are available.\n\n- `NONE` : The execute command session is not logged.\n- `DEFAULT` : The `awslogs` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no `awslogs` log driver is configured in the task definition, the output won't be logged.\n- `OVERRIDE` : Specify the logging details as a part of `logConfiguration` . If the `OVERRIDE` logging option is specified, the `logConfiguration` is required.", - "title": "Logging", - "type": "string" + "Configured": { + "markdownDescription": "If you set this parameter to `true` , the instance is enabled for hibernation.\n\nDefault: `false`", + "title": "Configured", + "type": "boolean" } }, "type": "object" }, - "AWS::ECS::Cluster.ExecuteCommandLogConfiguration": { + "AWS::EC2::LaunchTemplate.IamInstanceProfile": { "additionalProperties": false, "properties": { - "CloudWatchEncryptionEnabled": { - "markdownDescription": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off.", - "title": "CloudWatchEncryptionEnabled", - "type": "boolean" - }, - "CloudWatchLogGroupName": { - "markdownDescription": "The name of the CloudWatch log group to send logs to.\n\n> The CloudWatch log group must already be created.", - "title": "CloudWatchLogGroupName", - "type": "string" - }, - "S3BucketName": { - "markdownDescription": "The name of the S3 bucket to send logs to.\n\n> The S3 bucket must already be created.", - "title": "S3BucketName", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", + "title": "Arn", "type": "string" }, - "S3EncryptionEnabled": { - "markdownDescription": "Determines whether to use encryption on the S3 logs. If not specified, encryption is not used.", - "title": "S3EncryptionEnabled", - "type": "boolean" - }, - "S3KeyPrefix": { - "markdownDescription": "An optional folder in the S3 bucket to place logs in.", - "title": "S3KeyPrefix", + "Name": { + "markdownDescription": "The name of the instance profile.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::ECS::Cluster.ServiceConnectDefaults": { + "AWS::EC2::LaunchTemplate.InstanceMarketOptions": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include greater than (>), less than (<), double quotation marks (\"), or slash (/).\n\nIf you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region.\n\nIf you enter a new name, a AWS Cloud Map namespace will be created. Amazon ECS creates a AWS Cloud Map namespace with the \"API calls\" method of instance discovery only. This instance discovery method is the \"HTTP\" namespace type in the AWS Command Line Interface . Other types of instance discovery aren't used by Service Connect.\n\nIf you update the cluster with an empty string `\"\"` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in AWS Cloud Map and must be deleted separately.\n\nFor more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", - "title": "Namespace", + "MarketType": { + "markdownDescription": "The market type.", + "title": "MarketType", "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.SpotOptions", + "markdownDescription": "The options for Spot Instances.", + "title": "SpotOptions" } }, "type": "object" }, - "AWS::ECS::ClusterCapacityProviderAssociations": { + "AWS::EC2::LaunchTemplate.InstanceRequirements": { "additionalProperties": false, "properties": { - "Condition": { + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorCount", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" + }, + "AcceleratorManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", + "type": "array" + }, + "AcceleratorNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", + "type": "array" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", + "type": "array" + }, + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" + }, + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" + }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselinePerformanceFactors", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" + }, + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CpuManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", + "type": "array" }, - "Metadata": { - "type": "object" + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CapacityProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "The capacity providers to associate with the cluster.", - "title": "CapacityProviders", - "type": "array" - }, - "Cluster": { - "markdownDescription": "The cluster the capacity provider association is the target of.", - "title": "Cluster", - "type": "string" - }, - "DefaultCapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy" - }, - "markdownDescription": "The default capacity provider strategy to associate with the cluster.", - "title": "DefaultCapacityProviderStrategy", - "type": "array" - } + "InstanceGenerations": { + "items": { + "type": "string" }, - "required": [ - "CapacityProviders", - "Cluster", - "DefaultCapacityProviderStrategy" - ], - "type": "object" + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" }, - "Type": { - "enum": [ - "AWS::ECS::ClusterCapacityProviderAssociations" - ], + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" + }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryMiB", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkBandwidthGbps", + "markdownDescription": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterfaceCount", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo turn off price protection, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TotalLocalStorageGB", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.VCpuCount", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy": { + "AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", - "type": "number" - }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "Ipv4Prefix": { + "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", + "title": "Ipv4Prefix", "type": "string" - }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", - "type": "number" } }, - "required": [ - "CapacityProvider" - ], "type": "object" }, - "AWS::ECS::PrimaryTaskSet": { + "AWS::EC2::LaunchTemplate.Ipv6Add": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service that the task set exists in.", - "title": "Cluster", - "type": "string" - }, - "Service": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service that the task set exists in.", - "title": "Service", - "type": "string" - }, - "TaskSetId": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the task set to set as the primary task set in the deployment.", - "title": "TaskSetId", - "type": "string" - } - }, - "required": [ - "Cluster", - "Service", - "TaskSetId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ECS::PrimaryTaskSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Ipv6Address": { + "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", + "title": "Ipv6Address", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ECS::Service": { + "AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Ipv6Prefix": { + "markdownDescription": "The IPv6 prefix.", + "title": "Ipv6Prefix", "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.LaunchTemplateData": { + "additionalProperties": false, + "properties": { + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BlockDeviceMapping" + }, + "markdownDescription": "The block device mapping.", + "title": "BlockDeviceMappings", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CapacityReservationSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationSpecification", + "markdownDescription": "The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to `open` , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).", + "title": "CapacityReservationSpecification" }, - "Metadata": { - "type": "object" + "CpuOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CpuOptions", + "markdownDescription": "The CPU options for the instance. For more information, see [CPU options for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide* .", + "title": "CpuOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy can contain a maximum of 20 capacity providers.\n\n> To remove this property from your service resource, specify an empty `CapacityProviderStrategyItem` array.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", - "title": "Cluster", - "type": "string" - }, - "DeploymentConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentConfiguration", - "markdownDescription": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", - "title": "DeploymentConfiguration" - }, - "DeploymentController": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentController", - "markdownDescription": "The deployment controller to use for the service. If no deployment controller is specified, the default value of `ECS` is used.", - "title": "DeploymentController" - }, - "DesiredCount": { - "markdownDescription": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", - "title": "DesiredCount", - "type": "number" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you need to set the `propagateTags` request parameter.", - "title": "EnableECSManagedTags", - "type": "boolean" - }, - "EnableExecuteCommand": { - "markdownDescription": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", - "title": "EnableExecuteCommand", - "type": "boolean" - }, - "HealthCheckGracePeriodSeconds": { - "markdownDescription": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of `0` is used. If you don't use any of the health checks, then `healthCheckGracePeriodSeconds` is unused.\n\nIf your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", - "title": "HealthCheckGracePeriodSeconds", - "type": "number" - }, - "LaunchType": { - "markdownDescription": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", - "type": "string" - }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.LoadBalancer" - }, - "markdownDescription": "A list of load balancer objects to associate with the service. If you specify the `Role` property, `LoadBalancers` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> To remove this property from your service resource, specify an empty `LoadBalancer` array.", - "title": "LoadBalancers", - "type": "array" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.NetworkConfiguration", - "markdownDescription": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "NetworkConfiguration" - }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.\n\n> To remove this property from your service resource, specify an empty `PlacementConstraint` array.", - "title": "PlacementConstraints", - "type": "array" - }, - "PlacementStrategies": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.PlacementStrategy" - }, - "markdownDescription": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.\n\n> To remove this property from your service resource, specify an empty `PlacementStrategy` array.", - "title": "PlacementStrategies", - "type": "array" - }, - "PlatformVersion": { - "markdownDescription": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", - "type": "string" - }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n\nYou must set this to a value other than `NONE` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe default is `NONE` .", - "title": "PropagateTags", - "type": "string" - }, - "Role": { - "markdownDescription": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the `awsvpc` network mode. If you specify the `role` parameter, you must also specify a load balancer object with the `loadBalancers` parameter.\n\n> If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the `awsvpc` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nIf your specified role has a path other than `/` , then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` then you would specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", - "title": "Role", - "type": "string" - }, - "SchedulingStrategy": { - "markdownDescription": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nThere are two service scheduler strategies available:\n\n- `REPLICA` -The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the `CODE_DEPLOY` or `EXTERNAL` deployment controller types.\n- `DAEMON` -The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n\n> Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy.", - "title": "SchedulingStrategy", - "type": "string" - }, - "ServiceConnectConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectConfiguration", - "markdownDescription": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ServiceConnectConfiguration" - }, - "ServiceName": { - "markdownDescription": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n\n> The stack update fails if you change any properties that require replacement and the `ServiceName` is configured. This is because AWS CloudFormation creates the replacement service first, but each `ServiceName` must be unique in the cluster.", - "title": "ServiceName", - "type": "string" - }, - "ServiceRegistries": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceRegistry" - }, - "markdownDescription": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .\n\n> Each service may be associated with one service registry. Multiple service registries for each service isn't supported. > To remove this property from your service resource, specify an empty `ServiceRegistry` array.", - "title": "ServiceRegistries", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - }, - "TaskDefinition": { - "markdownDescription": "The `family` and `revision` ( `family:revision` ) or full ARN of the task definition to run in your service. If a `revision` isn't specified, the latest `ACTIVE` revision is used.\n\nA task definition must be specified if the service uses either the `ECS` or `CODE_DEPLOY` deployment controllers.\n\nFor more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) .", - "title": "TaskDefinition", - "type": "string" - }, - "VolumeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceVolumeConfiguration" - }, - "markdownDescription": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n\n> To remove this property from your service resource, specify an empty `ServiceVolumeConfiguration` array.", - "title": "VolumeConfigurations", - "type": "array" - } + "CreditSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CreditSpecification", + "markdownDescription": "The credit option for CPU usage of the instance. Valid only for T instances.", + "title": "CreditSpecification" + }, + "DisableApiStop": { + "markdownDescription": "Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide* .", + "title": "DisableApiStop", + "type": "boolean" + }, + "DisableApiTermination": { + "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", + "title": "DisableApiTermination", + "type": "boolean" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.", + "title": "EbsOptimized", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ElasticGpuSpecification" }, - "type": "object" + "markdownDescription": "Deprecated.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", + "title": "ElasticGpuSpecifications", + "type": "array" }, - "Type": { - "enum": [ - "AWS::ECS::Service" - ], + "ElasticInferenceAccelerators": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator" + }, + "markdownDescription": "> Amazon Elastic Inference is no longer available. \n\nAn elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n\nYou cannot specify accelerators from different generations in the same request.", + "title": "ElasticInferenceAccelerators", + "type": "array" + }, + "EnclaveOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnclaveOptions", + "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *AWS Nitro Enclaves User Guide* .\n\nYou can't enable AWS Nitro Enclaves and hibernation on the same instance.", + "title": "EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.HibernationOptions", + "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .", + "title": "HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.IamInstanceProfile", + "markdownDescription": "The name or Amazon Resource Name (ARN) of an IAM instance profile.", + "title": "IamInstanceProfile" + }, + "ImageId": { + "markdownDescription": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n\nValid formats:\n\n- `ami-0ac394d6a3example`\n- `resolve:ssm:parameter-name`\n- `resolve:ssm:parameter-name:version-number`\n- `resolve:ssm:parameter-name:label`\n\nFor more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "ImageId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InstanceInitiatedShutdownBehavior": { + "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", + "title": "InstanceInitiatedShutdownBehavior", "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ECS::Service.AwsVpcConfiguration": { - "additionalProperties": false, - "properties": { - "AssignPublicIp": { - "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", - "title": "AssignPublicIp", + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceMarketOptions", + "markdownDescription": "The market (purchasing) option for the instances.", + "title": "InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceRequirements", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes.\n\nYou must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default.\n\nWhen you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.\n\nTo limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request:\n\n- `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.\n- `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .\n> \n> Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) , or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) AWS CloudFormation resource, you can't specify `InstanceRequirements` . \n\nFor more information, see [Specify attributes for instance type selection for EC2 Fleet or Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nIf you specify `InstanceType` , you can't specify `InstanceRequirements` .", + "title": "InstanceType", "type": "string" }, - "SecurityGroups": { + "KernelId": { + "markdownDescription": "The ID of the kernel.\n\nWe recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "KernelId", + "type": "string" + }, + "KeyName": { + "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "title": "KeyName", + "type": "string" + }, + "LicenseSpecifications": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LicenseSpecification" }, - "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", - "title": "SecurityGroups", + "markdownDescription": "The license configurations.", + "title": "LicenseSpecifications", "type": "array" }, - "Subnets": { + "MaintenanceOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MaintenanceOptions", + "markdownDescription": "The maintenance options of your instance.", + "title": "MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MetadataOptions", + "markdownDescription": "The metadata options for the instance. For more information, see [Configure the Instance Metadata Service options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html) in the *Amazon EC2 User Guide* .", + "title": "MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Monitoring", + "markdownDescription": "The monitoring for the instance.", + "title": "Monitoring" + }, + "NetworkInterfaces": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterface" }, - "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", - "title": "Subnets", + "markdownDescription": "The network interfaces for the instance.", + "title": "NetworkInterfaces", "type": "array" - } - }, - "type": "object" - }, - "AWS::ECS::Service.CapacityProviderStrategyItem": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", - "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "NetworkPerformanceOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkPerformanceOptions", + "markdownDescription": "The settings for the network performance options for the instance. For more information, see [EC2 instance bandwidth weighting configuration](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configure-bandwidth-weighting.html) .", + "title": "NetworkPerformanceOptions" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Placement", + "markdownDescription": "The placement for the instance.", + "title": "Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateDnsNameOptions", + "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "PrivateDnsNameOptions" + }, + "RamDiskId": { + "markdownDescription": "The ID of the RAM disk.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "RamDiskId", "type": "string" }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::Service.DeploymentAlarms": { - "additionalProperties": false, - "properties": { - "AlarmNames": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "One or more CloudWatch alarm names. Use a \",\" to separate the alarms.", - "title": "AlarmNames", + "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead.", + "title": "SecurityGroupIds", "type": "array" }, - "Enable": { - "markdownDescription": "Determines whether to use the CloudWatch alarm option in the service deployment process.", - "title": "Enable", - "type": "boolean" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", + "title": "SecurityGroups", + "type": "array" }, - "Rollback": { - "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", - "title": "Rollback", - "type": "boolean" - } - }, - "required": [ - "AlarmNames", - "Enable", - "Rollback" - ], - "type": "object" - }, - "AWS::ECS::Service.DeploymentCircuitBreaker": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "Determines whether to use the deployment circuit breaker logic for the service.", - "title": "Enable", - "type": "boolean" + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TagSpecification" + }, + "markdownDescription": "The tags to apply to resources that are created during instance launch.\n\nTo tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications) .", + "title": "TagSpecifications", + "type": "array" }, - "Rollback": { - "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", - "title": "Rollback", - "type": "boolean" + "UserData": { + "markdownDescription": "The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands when you launch an EC2 instance with user data input](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide* .\n\nIf you are creating the launch template for use with AWS Batch , the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive) . For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html#lt-user-data) in the *AWS Batch User Guide* .", + "title": "UserData", + "type": "string" } }, - "required": [ - "Enable", - "Rollback" - ], "type": "object" }, - "AWS::ECS::Service.DeploymentConfiguration": { + "AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator": { "additionalProperties": false, "properties": { - "Alarms": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentAlarms", - "markdownDescription": "Information about the CloudWatch alarms.", - "title": "Alarms" - }, - "DeploymentCircuitBreaker": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentCircuitBreaker", - "markdownDescription": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", - "title": "DeploymentCircuitBreaker" - }, - "MaximumPercent": { - "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nThe Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `maximumPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf the service uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service.", - "title": "MaximumPercent", + "Count": { + "markdownDescription": "The number of elastic inference accelerators to attach to the instance.\n\nDefault: 1", + "title": "Count", "type": "number" }, - "MinimumHealthyPercent": { - "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", - "title": "MinimumHealthyPercent", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::Service.DeploymentController": { - "additionalProperties": false, - "properties": { "Type": { - "markdownDescription": "The deployment controller type to use. There are three deployment controller types available:\n\n- **ECS** - The rolling update ( `ECS` ) deployment type involves replacing the current running version of the container with the latest version. The number of containers Amazon ECS adds or removes from the service during a rolling update is controlled by adjusting the minimum and maximum number of healthy tasks allowed during a service deployment, as specified in the [DeploymentConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeploymentConfiguration.html) .\n- **CODE_DEPLOY** - The blue/green ( `CODE_DEPLOY` ) deployment type uses the blue/green deployment model powered by AWS CodeDeploy , which allows you to verify a new deployment of a service before sending production traffic to it.\n- **EXTERNAL** - The external ( `EXTERNAL` ) deployment type enables you to use any third-party deployment controller for full control over the deployment process for an Amazon ECS service.", + "markdownDescription": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.", "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.EBSTagSpecification": { + "AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification": { "additionalProperties": false, "properties": { - "PropagateTags": { - "markdownDescription": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", - "title": "PropagateTags", - "type": "string" - }, "ResourceType": { - "markdownDescription": "The type of volume resource.", + "markdownDescription": "The type of resource. To tag a launch template, `ResourceType` must be `launch-template` .", "title": "ResourceType", "type": "string" }, @@ -83776,393 +93146,465 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used.", + "markdownDescription": "The tags for the resource.", "title": "Tags", "type": "array" } }, - "required": [ - "ResourceType" - ], "type": "object" }, - "AWS::ECS::Service.LoadBalancer": { + "AWS::EC2::LaunchTemplate.LicenseSpecification": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", - "title": "ContainerName", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", - "title": "ContainerPort", - "type": "number" - }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", - "title": "LoadBalancerName", - "type": "string" - }, - "TargetGroupArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", - "title": "TargetGroupArn", + "LicenseConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", + "title": "LicenseConfigurationArn", "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.LogConfiguration": { + "AWS::EC2::LaunchTemplate.MaintenanceOptions": { "additionalProperties": false, "properties": { - "LogDriver": { - "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", - "title": "LogDriver", + "AutoRecovery": { + "markdownDescription": "Disables the automatic recovery behavior of your instance or sets it to default.", + "title": "AutoRecovery", "type": "string" - }, - "Options": { - "additionalProperties": true, - "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Options", - "type": "object" - }, - "SecretOptions": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.Secret" - }, - "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "SecretOptions", - "type": "array" } }, "type": "object" }, - "AWS::ECS::Service.NetworkConfiguration": { + "AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu": { "additionalProperties": false, "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.AwsVpcConfiguration", - "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", - "title": "AwsvpcConfiguration" + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.PlacementConstraint": { + "AWS::EC2::LaunchTemplate.MemoryMiB": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Expression", - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Type": { - "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", - "title": "Type", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ECS::Service.PlacementStrategy": { + "AWS::EC2::LaunchTemplate.MetadataOptions": { "additionalProperties": false, "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host` , which has the same effect), or any platform or custom attribute that's applied to a container instance, such as `attribute:ecs.availability-zone` . For the `binpack` placement strategy, valid values are `cpu` and `memory` . For the `random` placement strategy, this field is not used.", - "title": "Field", + "HttpEndpoint": { + "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is `enabled` .\n\n> If you specify a value of `disabled` , you will not be able to access your instance metadata.", + "title": "HttpEndpoint", "type": "string" }, - "Type": { - "markdownDescription": "The type of placement strategy. The `random` placement strategy randomly places tasks on available candidates. The `spread` placement strategy spreads placement across available candidates evenly based on the `field` parameter. The `binpack` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the `field` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.", - "title": "Type", + "HttpProtocolIpv6": { + "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", + "title": "HttpProtocolIpv6", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "markdownDescription": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n\nDefault: `1`\n\nPossible values: Integers from 1 to 64", + "title": "HttpPutResponseHopLimit", + "type": "number" + }, + "HttpTokens": { + "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials.\n- `required` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.\n\nDefault: If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , the default is `required` .", + "title": "HttpTokens", + "type": "string" + }, + "InstanceMetadataTags": { + "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [View tags for your EC2 instances using instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/work-with-tags-in-IMDS.html) .\n\nDefault: `disabled`", + "title": "InstanceMetadataTags", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ECS::Service.Secret": { + "AWS::EC2::LaunchTemplate.Monitoring": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the secret.", - "title": "Name", - "type": "string" - }, - "ValueFrom": { - "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", - "title": "ValueFrom", - "type": "string" + "Enabled": { + "markdownDescription": "Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled.", + "title": "Enabled", + "type": "boolean" } }, - "required": [ - "Name", - "ValueFrom" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectClientAlias": { + "AWS::EC2::LaunchTemplate.NetworkBandwidthGbps": { "additionalProperties": false, "properties": { - "DnsName": { - "markdownDescription": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "DnsName", - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Port": { - "markdownDescription": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Port", + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit.", + "title": "Min", "type": "number" } }, - "required": [ - "Port" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectConfiguration": { + "AWS::EC2::LaunchTemplate.NetworkInterface": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether to use Service Connect with this service.", - "title": "Enabled", + "AssociateCarrierIpAddress": { + "markdownDescription": "Associates a Carrier IP address with eth0 for a new network interface.\n\nUse this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", + "title": "AssociateCarrierIpAddress", "type": "boolean" }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.LogConfiguration", - "markdownDescription": "The log configuration for the container. This parameter maps to `LogConfig` in the docker container create command and the `--log-driver` option to docker run.\n\nBy default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.\n\nUnderstand the following when specifying a log configuration for your containers.\n\n- Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n- This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.\n- For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .\n- For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.", - "title": "LogConfiguration" + "AssociatePublicIpAddress": { + "markdownDescription": "Associates a public IPv4 address with eth0 for a new network interface.\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" }, - "Namespace": { - "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", - "title": "Namespace", + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification", + "markdownDescription": "A connection tracking specification for the network interface.", + "title": "ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description for the network interface.", + "title": "Description", "type": "string" }, - "Services": { + "DeviceIndex": { + "markdownDescription": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", + "title": "DeviceIndex", + "type": "number" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdSpecification", + "markdownDescription": "The ENA Express configuration for the network interface.", + "title": "EnaSrdSpecification" + }, + "Groups": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectService" + "type": "string" }, - "markdownDescription": "The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service.\n\nThis field is not required for a \"client\" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means.\n\nAn object selects a port from the task definition, assigns a name for the AWS Cloud Map service, and a list of aliases (endpoints) and ports for client applications to refer to this service.", - "title": "Services", + "markdownDescription": "The IDs of one or more security groups.", + "title": "Groups", "type": "array" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::ECS::Service.ServiceConnectService": { - "additionalProperties": false, - "properties": { - "ClientAliases": { + }, + "InterfaceType": { + "markdownDescription": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa` or `efa` . For more information, see [Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide* .\n\nIf you are not creating an EFA, specify `interface` or omit this parameter.\n\nIf you specify `efa-only` , do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses.\n\nValid values: `interface` | `efa` | `efa-only`", + "title": "InterfaceType", + "type": "string" + }, + "Ipv4PrefixCount": { + "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv4Prefix` option.", + "title": "Ipv4PrefixCount", + "type": "number" + }, + "Ipv4Prefixes": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectClientAlias" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification" }, - "markdownDescription": "The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1.\n\nEach alias (\"endpoint\") is a fully-qualified name and port number that other Amazon ECS tasks (\"clients\") can use to connect to this service.\n\nEach name and port mapping must be unique within the namespace.\n\nFor each `ServiceConnectService` , you must provide at least one `clientAlias` with one `port` .", - "title": "ClientAliases", + "markdownDescription": "One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv4PrefixCount` option.", + "title": "Ipv4Prefixes", "type": "array" }, - "DiscoveryName": { - "markdownDescription": "The `discoveryName` is the name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the AWS Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n\nIf the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .", - "title": "DiscoveryName", - "type": "string" + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.", + "title": "Ipv6AddressCount", + "type": "number" }, - "IngressPortOverride": { - "markdownDescription": "The port number for the Service Connect proxy to listen on.\n\nUse the value of this field to bypass the proxy for traffic on the port number specified in the named `portMapping` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service.\n\nIn `awsvpc` mode and Fargate, the default value is the container port number. The container port number is in the `portMapping` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy.", - "title": "IngressPortOverride", + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6Add" + }, + "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", + "title": "Ipv6Addresses", + "type": "array" + }, + "Ipv6PrefixCount": { + "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv6Prefix` option.", + "title": "Ipv6PrefixCount", "type": "number" }, - "PortName": { - "markdownDescription": "The `portName` must match the name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service.", - "title": "PortName", + "Ipv6Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification" + }, + "markdownDescription": "One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv6PrefixCount` option.", + "title": "Ipv6Prefixes", + "type": "array" + }, + "NetworkCardIndex": { + "markdownDescription": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.", + "title": "NetworkCardIndex", + "type": "number" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "Timeout": { - "$ref": "#/definitions/AWS::ECS::Service.TimeoutConfiguration", - "markdownDescription": "A reference to an object that represents the configured timeouts for Service Connect.", - "title": "Timeout" + "PrimaryIpv6": { + "markdownDescription": "The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) .", + "title": "PrimaryIpv6", + "type": "boolean" }, - "Tls": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsConfiguration", - "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) configuration.", - "title": "Tls" + "PrivateIpAddress": { + "markdownDescription": "The primary private IPv4 address of the network interface.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateIpAdd" + }, + "markdownDescription": "One or more private IPv4 addresses.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet for the network interface.", + "title": "SubnetId", + "type": "string" } }, - "required": [ - "PortName" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectTlsCertificateAuthority": { + "AWS::EC2::LaunchTemplate.NetworkInterfaceCount": { "additionalProperties": false, "properties": { - "AwsPcaAuthorityArn": { - "markdownDescription": "The ARN of the AWS Private Certificate Authority certificate.", - "title": "AwsPcaAuthorityArn", - "type": "string" + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.ServiceConnectTlsConfiguration": { + "AWS::EC2::LaunchTemplate.NetworkPerformanceOptions": { "additionalProperties": false, "properties": { - "IssuerCertificateAuthority": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsCertificateAuthority", - "markdownDescription": "The signer certificate authority.", - "title": "IssuerCertificateAuthority" - }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service key.", - "title": "KmsKey", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS.", - "title": "RoleArn", + "BandwidthWeighting": { + "markdownDescription": "Specify the bandwidth weighting option to boost the associated type of baseline bandwidth, as follows:\n\n- **default** - This option uses the standard bandwidth configuration for your instance type.\n- **vpc-1** - This option boosts your networking baseline bandwidth and reduces your EBS baseline bandwidth.\n- **ebs-1** - This option boosts your EBS baseline bandwidth and reduces your networking baseline bandwidth.", + "title": "BandwidthWeighting", "type": "string" } }, - "required": [ - "IssuerCertificateAuthority" - ], "type": "object" }, - "AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration": { + "AWS::EC2::LaunchTemplate.Placement": { "additionalProperties": false, "properties": { - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. If you turn on Region-level Amazon EBS encryption by default but set this value as `false` , the setting is overridden and the volume is encrypted with the KMS key specified for Amazon EBS encryption by default. This parameter maps 1:1 with the `Encrypted` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "Encrypted", - "type": "boolean" + "Affinity": { + "markdownDescription": "The affinity setting for an instance on a Dedicated Host.", + "title": "Affinity", + "type": "string" }, - "FilesystemType": { - "markdownDescription": "The filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the tasks will fail to start.\n\nThe available Linux filesystem types are `ext3` , `ext4` , and `xfs` . If no value is specified, the `xfs` filesystem type is used by default.\n\nThe available Windows filesystem types are `NTFS` .", - "title": "FilesystemType", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", "type": "string" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type.\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nThis parameter is required for `io1` and `io2` volume types. The default for `gp3` volumes is `3,000 IOPS` . This parameter is not supported for `st1` , `sc1` , or `standard` volume types.\n\nThis parameter maps 1:1 with the `Iops` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "Iops", - "type": "number" + "GroupId": { + "markdownDescription": "The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group.", + "title": "GroupId", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When a key is specified using this parameter, it overrides Amazon EBS default encryption or any KMS key that you specified for cluster-level managed storage encryption. This parameter maps 1:1 with the `KmsKeyId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information about encrypting Amazon EBS volumes attached to tasks, see [Encrypt data stored in Amazon EBS volumes attached to Amazon ECS tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) .\n\n> AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails.", - "title": "KmsKeyId", + "GroupName": { + "markdownDescription": "The name of the placement group for the instance.", + "title": "GroupName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed `AmazonECSInfrastructureRolePolicyForVolumes` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide* .", - "title": "RoleArn", + "HostId": { + "markdownDescription": "The ID of the Dedicated Host for the instance.", + "title": "HostId", "type": "string" }, - "SizeInGiB": { - "markdownDescription": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the `Size` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\nThe following are the supported volume size values for each volume type.\n\n- `gp2` and `gp3` : 1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024", - "title": "SizeInGiB", + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", + "title": "HostResourceGroupArn", + "type": "string" + }, + "PartitionNumber": { + "markdownDescription": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to `partition` .", + "title": "PartitionNumber", "type": "number" }, - "SnapshotId": { - "markdownDescription": "The snapshot that Amazon ECS uses to create volumes for attachment to tasks maintained by the service. You must specify either `snapshotId` or `sizeInGiB` in your volume configuration. This parameter maps 1:1 with the `SnapshotId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "SnapshotId", + "SpreadDomain": { + "markdownDescription": "Reserved for future use.", + "title": "SpreadDomain", "type": "string" }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.EBSTagSpecification" - }, - "markdownDescription": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the `TagSpecifications.N` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "TagSpecifications", - "type": "array" + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware.", + "title": "Tenancy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.PrivateDnsNameOptions": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" }, - "Throughput": { - "markdownDescription": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the `Throughput` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\n> This parameter is only supported for the `gp3` volume type.", - "title": "Throughput", - "type": "number" + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" }, - "VolumeType": { - "markdownDescription": "The volume type. This parameter maps 1:1 with the `VolumeType` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide* .\n\nThe following are the supported volume types.\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\n> The magnetic volume type is not supported on Fargate.", - "title": "VolumeType", + "HostnameType": { + "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "HostnameType", "type": "string" } }, - "required": [ - "RoleArn" - ], "type": "object" }, - "AWS::ECS::Service.ServiceRegistry": { + "AWS::EC2::LaunchTemplate.PrivateIpAdd": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerName", - "type": "string" + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" }, - "ContainerPort": { - "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerPort", + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.Reference": { + "additionalProperties": false, + "properties": { + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.", + "title": "InstanceFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.SpotOptions": { + "additionalProperties": false, + "properties": { + "BlockDurationMinutes": { + "markdownDescription": "Deprecated.", + "title": "BlockDurationMinutes", "type": "number" }, - "Port": { - "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", - "title": "Port", - "type": "number" + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", + "title": "InstanceInterruptionBehavior", + "type": "string" }, - "RegistryArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", - "title": "RegistryArn", + "MaxPrice": { + "markdownDescription": "The maximum hourly price you're willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. If you do specify this parameter, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message when the launch template is used to launch an instance.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "MaxPrice", + "type": "string" + }, + "SpotInstanceType": { + "markdownDescription": "The Spot Instance request type.\n\nIf you are using Spot Instances with an Auto Scaling group, use `one-time` requests, as the Amazon EC2 Auto Scaling service handles requesting new Spot Instances whenever the group is below its desired capacity.", + "title": "SpotInstanceType", + "type": "string" + }, + "ValidUntil": { + "markdownDescription": "The end date of the request, in UTC format ( *YYYY-MM-DD* T *HH:MM:SS* Z). Supported only for persistent requests.\n\n- For a persistent request, the request remains active until the `ValidUntil` date and time is reached. Otherwise, the request remains active until you cancel it.\n- For a one-time request, `ValidUntil` is not supported. The request remains active until all instances launch or you cancel the request.\n\nDefault: 7 days from the current date", + "title": "ValidUntil", "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.ServiceVolumeConfiguration": { + "AWS::EC2::LaunchTemplate.TagSpecification": { "additionalProperties": false, "properties": { - "ManagedEBSVolume": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration", - "markdownDescription": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created.", - "title": "ManagedEBSVolume" - }, - "Name": { - "markdownDescription": "The name of the volume. This value must match the volume name from the `Volume` object in the task definition.", - "title": "Name", + "ResourceType": { + "markdownDescription": "The type of resource to tag. You can specify tags for the following resource types only: `instance` | `volume` | `network-interface` | `spot-instances-request` . If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume.\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", + "title": "ResourceType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::ECS::Service.TimeoutConfiguration": { + "AWS::EC2::LaunchTemplate.TotalLocalStorageGB": { "additionalProperties": false, "properties": { - "IdleTimeoutSeconds": { - "markdownDescription": "The amount of time in seconds a connection will stay active while idle. A value of `0` can be set to disable `idleTimeout` .\n\nThe `idleTimeout` default for `HTTP` / `HTTP2` / `GRPC` is 5 minutes.\n\nThe `idleTimeout` default for `TCP` is 1 hour.", - "title": "IdleTimeoutSeconds", + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "PerRequestTimeoutSeconds": { - "markdownDescription": "The amount of time waiting for the upstream to respond with a complete response per request. A value of `0` can be set to disable `perRequestTimeout` . `perRequestTimeout` can only be set if Service Connect `appProtocol` isn't `TCP` . Only `idleTimeout` is allowed for `TCP` `appProtocol` .", - "title": "PerRequestTimeoutSeconds", + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::ECS::TaskDefinition": { + "AWS::EC2::LaunchTemplate.VCpuCount": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::LocalGatewayRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -84197,113 +93639,197 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerDefinitions": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDefinition" - }, - "markdownDescription": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ContainerDefinitions", - "type": "array" + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidrBlock", + "type": "string" }, - "Cpu": { - "markdownDescription": "The number of `cpu` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the `memory` parameter.\n\nIf you're using the EC2 launch type or the external launch type, this field is optional. Supported values are between `128` CPU units ( `0.125` vCPUs) and `196608` CPU units ( `192` vCPUs).\n\nThis field is required for Fargate. For information about the valid values, see [Task size](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Cpu", + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", "type": "string" }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EphemeralStorage", - "markdownDescription": "The ephemeral storage settings to use for tasks run with the task definition.", - "title": "EphemeralStorage" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ExecutionRoleArn", + "LocalGatewayVirtualInterfaceGroupId": { + "markdownDescription": "The ID of the virtual interface group.", + "title": "LocalGatewayVirtualInterfaceGroupId", "type": "string" }, - "Family": { - "markdownDescription": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n\nA family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n\n> To use revision numbers when you update a task definition, specify this property. If you don't specify a value, AWS CloudFormation generates a new task definition each time that you update it.", - "title": "Family", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + } + }, + "required": [ + "DestinationCidrBlock", + "LocalGatewayRouteTableId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRoute" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::EC2::LocalGatewayRouteTable": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "InferenceAccelerators": { + { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.InferenceAccelerator" + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, "type": "array" - }, - "IpcMode": { - "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . If `host` is specified, then all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If `task` is specified, all containers within the specified task share the same IPC resources. If `none` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance.\n\nIf the `host` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose.\n\nIf you are setting namespaced kernel parameters using `systemControls` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n- For tasks that use the `host` IPC mode, IPC namespace related `systemControls` are not supported.\n- For tasks that use the `task` IPC mode, IPC namespace related `systemControls` will apply to all containers within a task.\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", - "title": "IpcMode", - "type": "string" - }, - "Memory": { - "markdownDescription": "The amount (in MiB) of memory used by the task.\n\nIf your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) .\n\nIf your tasks runs on AWS Fargate , this field is required. You must use one of the following values. The value you choose determines your range of valid values for the `cpu` parameter.\n\n- 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256 (.25 vCPU)\n- 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available `cpu` values: 512 (.5 vCPU)\n- 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available `cpu` values: 1024 (1 vCPU)\n- Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available `cpu` values: 2048 (2 vCPU)\n- Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available `cpu` values: 4096 (4 vCPU)\n- Between 16 GB and 60 GB in 4 GB increments - Available `cpu` values: 8192 (8 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.\n- Between 32GB and 120 GB in 8 GB increments - Available `cpu` values: 16384 (16 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.", - "title": "Memory", - "type": "string" - }, - "NetworkMode": { - "markdownDescription": "The Docker networking mode to use for the containers in the task. The valid values are `none` , `bridge` , `awsvpc` , and `host` . If no network mode is specified, the default is `bridge` .\n\nFor Amazon ECS tasks on Fargate, the `awsvpc` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, `` or `awsvpc` can be used. If the network mode is set to `none` , you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The `host` and `awsvpc` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the `bridge` mode.\n\nWith the `host` and `awsvpc` network modes, exposed container ports are mapped directly to the corresponding host port (for the `host` network mode) or the attached elastic network interface port (for the `awsvpc` network mode), so you cannot take advantage of dynamic host port mappings.\n\n> When using the `host` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user. \n\nIf the network mode is `awsvpc` , the task is allocated an elastic network interface, and you must specify a [NetworkConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_NetworkConfiguration.html) value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf the network mode is `host` , you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.", - "title": "NetworkMode", + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LocalGatewayId": { + "markdownDescription": "The ID of the local gateway.", + "title": "LocalGatewayId", "type": "string" }, - "PidMode": { - "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . On Fargate for Linux containers, the only valid value is `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container.\n\nIf the `host` PID mode is used, there's a heightened risk of undesired process namespace exposure.\n\n> This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.", - "title": "PidMode", + "Mode": { + "markdownDescription": "The mode of the local gateway route table.", + "title": "Mode", "type": "string" }, - "PlacementConstraints": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of placement constraint objects to use for tasks.\n\n> This parameter isn't supported for tasks run on AWS Fargate .", - "title": "PlacementConstraints", + "markdownDescription": "The tags assigned to the local gateway route table.", + "title": "Tags", "type": "array" + } + }, + "required": [ + "LocalGatewayId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRouteTable" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::EC2::LocalGatewayRouteTableVPCAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, - "ProxyConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ProxyConfiguration", - "markdownDescription": "The configuration details for the App Mesh proxy.\n\nYour Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the `ecs-init` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version `20190301` or later, they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ProxyConfiguration" - }, - "RequiresCompatibilities": { + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "The task launch types the task definition was validated against. The valid values are `EC2` , `FARGATE` , and `EXTERNAL` . For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "RequiresCompatibilities", "type": "array" - }, - "RuntimePlatform": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.RuntimePlatform", - "markdownDescription": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.", - "title": "RuntimePlatform" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "The tags assigned to the association.", "title": "Tags", "type": "array" }, - "TaskRoleArn": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the AWS Identity and Access Management role that grants containers in the task permission to call AWS APIs on your behalf. For more information, see [Amazon ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIAM roles for tasks on Windows require that the `-EnableTaskIAMRole` option is set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some configuration code to use the feature. For more information, see [Windows IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> String validation is done on the ECS side. If an invalid string value is given for `TaskRoleArn` , it may cause the Cloudformation job to hang.", - "title": "TaskRoleArn", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Volume" - }, - "markdownDescription": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> The `host` and `sourcePath` parameters aren't supported for tasks run on AWS Fargate .", - "title": "Volumes", - "type": "array" } }, + "required": [ + "LocalGatewayRouteTableId", + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::TaskDefinition" + "AWS::EC2::LocalGatewayRouteTableVPCAssociation" ], "type": "string" }, @@ -84317,990 +93843,643 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::TaskDefinition.AuthorizationConfig": { + "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { "additionalProperties": false, "properties": { - "AccessPointId": { - "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", - "title": "AccessPointId", + "Condition": { "type": "string" }, - "IAM": { - "markdownDescription": "Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "IAM", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.ContainerDefinition": { - "additionalProperties": false, - "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the docker container create command and the `COMMAND` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.", - "title": "Command", - "type": "array" - }, - "Cpu": { - "markdownDescription": "The number of `cpu` units reserved for the container. This parameter maps to `CpuShares` in the docker container create commandand the `--cpu-shares` option to docker run.\n\nThis field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level `cpu` value.\n\n> You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. \n\nLinux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.\n\nOn Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version:\n\n- *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares.\n- *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2.\n- *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares.\n\nOn Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as `0` , which Windows interprets as 1% of one CPU.", - "title": "Cpu", - "type": "number" - }, - "CredentialSpecs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of ARNs in SSM or Amazon S3 to a credential spec ( `CredSpec` ) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the `dockerSecurityOptions` . The maximum number of ARNs is 1.\n\nThere are two formats for each ARN.\n\n- **credentialspecdomainless:MyARN** - You use `credentialspecdomainless:MyARN` to provide a `CredSpec` with an additional section for a secret in AWS Secrets Manager . You provide the login credentials to the domain in the secret.\n\nEach task that runs on any container instance can join different domains.\n\nYou can use this format without joining the container instance to a domain.\n- **credentialspec:MyARN** - You use `credentialspec:MyARN` to provide a `CredSpec` for a single domain.\n\nYou must join the container instance to the domain before you start any tasks that use this task definition.\n\nIn both formats, replace `MyARN` with the ARN in SSM or Amazon S3.\n\nIf you provide a `credentialspecdomainless:MyARN` , the `credspec` must provide a ARN in AWS Secrets Manager for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) .", - "title": "CredentialSpecs", - "type": "array" }, "DependsOn": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDependency" - }, - "markdownDescription": "The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed.\n\nFor tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nIf the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html) , the `dependsOn` parameter is not supported.", - "title": "DependsOn", - "type": "array" - }, - "DisableNetworking": { - "markdownDescription": "When this parameter is true, networking is off within the container. This parameter maps to `NetworkDisabled` in the docker container create command.\n\n> This parameter is not supported for Windows containers.", - "title": "DisableNetworking", - "type": "boolean" - }, - "DnsSearchDomains": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of DNS search domains that are presented to the container. This parameter maps to `DnsSearch` in the docker container create command and the `--dns-search` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "DnsSearchDomains", - "type": "array" + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DnsServers": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of DNS servers that are presented to the container. This parameter maps to `Dns` in the docker container create command and the `--dns` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "DnsServers", - "type": "array" + "Metadata": { + "type": "object" }, - "DockerLabels": { - "additionalProperties": true, - "markdownDescription": "A key/value map of labels to add to the container. This parameter maps to `Labels` in the docker container create command and the `--label` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", + "type": "string" + }, + "LocalGatewayVirtualInterfaceGroupId": { + "markdownDescription": "The ID of the virtual interface group.", + "title": "LocalGatewayVirtualInterfaceGroupId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the association.", + "title": "Tags", + "type": "array" } }, - "title": "DockerLabels", + "required": [ + "LocalGatewayRouteTableId", + "LocalGatewayVirtualInterfaceGroupId" + ], "type": "object" }, - "DockerSecurityOptions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type.\n\nFor Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.\n\nFor any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThis parameter maps to `SecurityOpt` in the docker container create command and the `--security-opt` option to docker run.\n\n> The Amazon ECS container agent running on a container instance must register with the `ECS_SELINUX_CAPABLE=true` or `ECS_APPARMOR_CAPABLE=true` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nValid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" | \"credentialspec:CredentialSpecFilePath\"", - "title": "DockerSecurityOptions", - "type": "array" - }, - "EntryPoint": { - "items": { - "type": "string" - }, - "markdownDescription": "> Early versions of the Amazon ECS container agent don't properly handle `entryPoint` parameters. If you have problems using `entryPoint` , update your container agent or enter your commands and arguments as `command` array items instead. \n\nThe entry point that's passed to the container. This parameter maps to `Entrypoint` in the docker container create command and the `--entrypoint` option to docker run.", - "title": "EntryPoint", - "type": "array" - }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" - }, - "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the docker container create command and the `--env` option to docker run.\n\n> We don't recommend that you use plaintext environment variables for sensitive information, such as credential data.", - "title": "Environment", - "type": "array" - }, - "EnvironmentFiles": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EnvironmentFile" - }, - "markdownDescription": "A list of files containing the environment variables to pass to a container. This parameter maps to the `--env-file` option to docker run.\n\nYou can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file contains an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored.\n\nIf there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "EnvironmentFiles", - "type": "array" - }, - "Essential": { - "markdownDescription": "If the `essential` parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as `false` , its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Essential", - "type": "boolean" - }, - "ExtraHosts": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostEntry" - }, - "markdownDescription": "A list of hostnames and IP address mappings to append to the `/etc/hosts` file on the container. This parameter maps to `ExtraHosts` in the docker container create command and the `--add-host` option to docker run.\n\n> This parameter isn't supported for Windows containers or tasks that use the `awsvpc` network mode.", - "title": "ExtraHosts", - "type": "array" - }, - "FirelensConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FirelensConfiguration", - "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "FirelensConfiguration" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HealthCheck", - "markdownDescription": "The container health check command and associated configuration parameters for the container. This parameter maps to `HealthCheck` in the docker container create command and the `HEALTHCHECK` parameter of docker run.", - "title": "HealthCheck" - }, - "Hostname": { - "markdownDescription": "The hostname to use for your container. This parameter maps to `Hostname` in the docker container create command and the `--hostname` option to docker run.\n\n> The `hostname` parameter is not supported if you're using the `awsvpc` network mode.", - "title": "Hostname", - "type": "string" - }, - "Image": { - "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . For images using tags (repository-url/image:tag), up to 255 characters total are allowed, including letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs (#). For images using digests (repository-url/image@digest), the 255 character limit applies only to the repository URL and image name (everything before the @ sign). The only supported hash function is sha256, and the hash value after sha256: must be exactly 64 characters (only letters A-F, a-f, and numbers 0-9 are allowed). This parameter maps to `Image` in the docker container create command and the `IMAGE` parameter of docker run.\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", - "title": "Image", - "type": "string" - }, - "Interactive": { - "markdownDescription": "When this parameter is `true` , you can deploy containerized applications that require `stdin` or a `tty` to be allocated. This parameter maps to `OpenStdin` in the docker container create command and the `--interactive` option to docker run.", - "title": "Interactive", - "type": "boolean" - }, - "Links": { - "items": { - "type": "string" - }, - "markdownDescription": "The `links` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is `bridge` . The `name:internalName` construct is analogous to `name:alias` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to `Links` in the docker container create command and the `--link` option to docker run.\n\n> This parameter is not supported for Windows containers. > Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.", - "title": "Links", - "type": "array" - }, - "LinuxParameters": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.LinuxParameters", - "markdownDescription": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .\n\n> This parameter is not supported for Windows containers.", - "title": "LinuxParameters" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.LogConfiguration", - "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the docker Create a container command and the `--log-driver` option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LogConfiguration" - }, - "Memory": { - "markdownDescription": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task `memory` value, if one is specified. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nIf using the Fargate launch type, this parameter is optional.\n\nIf using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level `memory` and `memoryReservation` value, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.", - "title": "Memory", - "type": "number" - }, - "MemoryReservation": { - "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the `memory` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to `MemoryReservation` in the docker container create command and the `--memory-reservation` option to docker run.\n\nIf a task-level memory value is not specified, you must specify a non-zero integer for one or both of `memory` or `memoryReservation` in a container definition. If you specify both, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nFor example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a `memoryReservation` of 128 MiB, and a `memory` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.", - "title": "MemoryReservation", - "type": "number" - }, - "MountPoints": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.MountPoint" - }, - "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the docker container create command and the `--volume` option to docker run.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", - "title": "MountPoints", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of a container. If you're linking multiple containers together in a task definition, the `name` of one container can be entered in the `links` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to `name` in the docker container create command and the `--name` option to docker run.", - "title": "Name", - "type": "string" - }, - "PortMappings": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.PortMapping" - }, - "markdownDescription": "The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.\n\nFor task definitions that use the `awsvpc` network mode, you should only specify the `containerPort` . The `hostPort` can be left blank or it must be the same value as the `containerPort` .\n\nPort mappings on Windows use the `NetNAT` gateway address rather than `localhost` . There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.\n\nThis parameter maps to `PortBindings` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--publish` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . If the network mode of a task definition is set to `none` , then you can't specify port mappings. If the network mode of a task definition is set to `host` , then host ports must either be undefined or they must match the container port in the port mapping.\n\n> After a task reaches the `RUNNING` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the `networkBindings` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses.", - "title": "PortMappings", - "type": "array" - }, - "Privileged": { - "markdownDescription": "When this parameter is true, the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the docker container create command and the `--privileged` option to docker run\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", - "title": "Privileged", - "type": "boolean" - }, - "PseudoTerminal": { - "markdownDescription": "When this parameter is `true` , a TTY is allocated. This parameter maps to `Tty` in the docker container create command and the `--tty` option to docker run.", - "title": "PseudoTerminal", - "type": "boolean" - }, - "ReadonlyRootFilesystem": { - "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the docker container create command and the `--read-only` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "ReadonlyRootFilesystem", - "type": "boolean" - }, - "RepositoryCredentials": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.RepositoryCredentials", - "markdownDescription": "The private repository authentication credentials to use.", - "title": "RepositoryCredentials" - }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ResourceRequirement" - }, - "markdownDescription": "The type and amount of a resource to assign to a container. The only supported resource is a GPU.", - "title": "ResourceRequirements", - "type": "array" - }, - "Secrets": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" - }, - "markdownDescription": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Secrets", - "type": "array" - }, - "StartTimeout": { - "markdownDescription": "Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a `COMPLETE` , `SUCCESS` , or `HEALTHY` status. If a `startTimeout` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a `STOPPED` state.\n\n> When the `ECS_CONTAINER_START_TIMEOUT` container agent configuration variable is used, it's enforced independently from this start timeout value. \n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks using the EC2 launch type, your container instances require at least version `1.26.0` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version `1.26.0-1` of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", - "title": "StartTimeout", - "type": "number" - }, - "StopTimeout": { - "markdownDescription": "Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks that use the Fargate launch type, the max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.\n\nFor tasks that use the EC2 launch type, if the `stopTimeout` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable `ECS_CONTAINER_STOP_TIMEOUT` is used. If neither the `stopTimeout` parameter or the `ECS_CONTAINER_STOP_TIMEOUT` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", - "title": "StopTimeout", - "type": "number" - }, - "SystemControls": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.SystemControl" - }, - "markdownDescription": "A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in the docker container create command and the `--sysctl` option to docker run. For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.", - "title": "SystemControls", - "type": "array" - }, - "Ulimits": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Ulimit" - }, - "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> This parameter is not supported for Windows containers.", - "title": "Ulimits", - "type": "array" - }, - "User": { - "markdownDescription": "The user to use inside the container. This parameter maps to `User` in the docker container create command and the `--user` option to docker run.\n\n> When running tasks using the `host` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gid`\n- `uid:group`\n\n> This parameter is not supported for Windows containers.", - "title": "User", + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation" + ], "type": "string" }, - "VolumesFrom": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.VolumeFrom" - }, - "markdownDescription": "Data volumes to mount from another container. This parameter maps to `VolumesFrom` in the docker container create command and the `--volumes-from` option to docker run.", - "title": "VolumesFrom", - "type": "array" - }, - "WorkingDirectory": { - "markdownDescription": "The working directory to run commands inside the container in. This parameter maps to `WorkingDir` in the docker container create command and the `--workdir` option to docker run.", - "title": "WorkingDirectory", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Image", - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::TaskDefinition.ContainerDependency": { + "AWS::EC2::NatGateway": { "additionalProperties": false, "properties": { "Condition": { - "markdownDescription": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a `zero` status. This condition can't be set on an essential container.\n- `HEALTHY` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.", - "title": "Condition", "type": "string" }, - "ContainerName": { - "markdownDescription": "The name of a container.", - "title": "ContainerName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.Device": { - "additionalProperties": false, - "properties": { - "ContainerPath": { - "markdownDescription": "The path inside the container at which to expose the host device.", - "title": "ContainerPath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "HostPath": { - "markdownDescription": "The path for the device on the host container instance.", - "title": "HostPath", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Permissions": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocationId": { + "markdownDescription": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.", + "title": "AllocationId", + "type": "string" + }, + "ConnectivityType": { + "markdownDescription": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", + "title": "ConnectivityType", + "type": "string" + }, + "MaxDrainDurationSeconds": { + "markdownDescription": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.", + "title": "MaxDrainDurationSeconds", + "type": "number" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.", + "title": "PrivateIpAddress", + "type": "string" + }, + "SecondaryAllocationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-working-with.html) in the *Amazon VPC User Guide* .", + "title": "SecondaryAllocationIds", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SecondaryPrivateIpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", + "title": "SecondaryPrivateIpAddresses", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in which the NAT gateway is located.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the NAT gateway.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device.", - "title": "Permissions", - "type": "array" + "required": [ + "SubnetId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::NatGateway" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.DockerVolumeConfiguration": { + "AWS::EC2::NetworkAcl": { "additionalProperties": false, "properties": { - "Autoprovision": { - "markdownDescription": "If this value is `true` , the Docker volume is created if it doesn't already exist.\n\n> This field is only used if the `scope` is `shared` .", - "title": "Autoprovision", - "type": "boolean" + "Condition": { + "type": "string" }, - "Driver": { - "markdownDescription": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use `docker plugin ls` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to `Driver` in the docker container create command and the `xxdriver` option to docker volume create.", - "title": "Driver", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DriverOpts": { - "additionalProperties": true, - "markdownDescription": "A map of Docker driver-specific options passed through. This parameter maps to `DriverOpts` in the docker create-volume command and the `xxopt` option to docker volume create.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "DriverOpts", + ] + }, + "Metadata": { "type": "object" }, - "Labels": { - "additionalProperties": true, - "markdownDescription": "Custom metadata to add to your Docker volume. This parameter maps to `Labels` in the docker container create command and the `xxlabel` option to docker volume create.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the network ACL.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC for the network ACL.", + "title": "VpcId", "type": "string" } }, - "title": "Labels", + "required": [ + "VpcId" + ], "type": "object" }, - "Scope": { - "markdownDescription": "The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops.", - "title": "Scope", + "Type": { + "enum": [ + "AWS::EC2::NetworkAcl" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskDefinition.EFSVolumeConfiguration": { + "AWS::EC2::NetworkAclEntry": { "additionalProperties": false, "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.AuthorizationConfig", - "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", - "title": "AuthorizationConfig" - }, - "FilesystemId": { - "markdownDescription": "The Amazon EFS file system ID to use.", - "title": "FilesystemId", + "Condition": { "type": "string" }, - "RootDirectory": { - "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying `/` will have the same effect as omitting this parameter.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` which will enforce the path set on the EFS access point.", - "title": "RootDirectory", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TransitEncryption": { - "markdownDescription": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", - "title": "TransitEncryption", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CidrBlock": { + "markdownDescription": "The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.", + "title": "CidrBlock", + "type": "string" + }, + "Egress": { + "markdownDescription": "Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ). By default, AWS CloudFormation specifies `false` .", + "title": "Egress", + "type": "boolean" + }, + "Icmp": { + "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.Icmp", + "markdownDescription": "The Internet Control Message Protocol (ICMP) code and type. Required if specifying 1 (ICMP) for the protocol parameter.", + "title": "Icmp" + }, + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation. You must specify an IPv4 CIDR block or an IPv6 CIDR block.", + "title": "Ipv6CidrBlock", + "type": "string" + }, + "NetworkAclId": { + "markdownDescription": "The ID of the ACL for the entry.", + "title": "NetworkAclId", + "type": "string" + }, + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.PortRange", + "markdownDescription": "The range of port numbers for the UDP/TCP protocol. Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "PortRange" + }, + "Protocol": { + "markdownDescription": "The IP protocol that the rule applies to. You must specify -1 or a protocol number. You can specify -1 for all protocols.\n\n> If you specify -1, all ports are opened and the `PortRange` property is ignored.", + "title": "Protocol", + "type": "number" + }, + "RuleAction": { + "markdownDescription": "Whether to allow or deny traffic that matches the rule; valid values are \"allow\" or \"deny\".", + "title": "RuleAction", + "type": "string" + }, + "RuleNumber": { + "markdownDescription": "Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.", + "title": "RuleNumber", + "type": "number" + } + }, + "required": [ + "NetworkAclId", + "Protocol", + "RuleAction", + "RuleNumber" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::NetworkAclEntry" + ], "type": "string" }, - "TransitEncryptionPort": { - "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", - "title": "TransitEncryptionPort", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FilesystemId" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::TaskDefinition.EnvironmentFile": { + "AWS::EC2::NetworkAclEntry.Icmp": { "additionalProperties": false, "properties": { + "Code": { + "markdownDescription": "The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP codes for the given ICMP type. Required if you specify 1 (ICMP) for the protocol parameter.", + "title": "Code", + "type": "number" + }, "Type": { - "markdownDescription": "The file type to use. Environment files are objects in Amazon S3. The only supported value is `s3` .", + "markdownDescription": "The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types. Conditional requirement: Required if you specify 1 (ICMP) for the `CreateNetworkAclEntry` protocol parameter.", "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", - "title": "Value", - "type": "string" + "type": "number" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.EphemeralStorage": { + "AWS::EC2::NetworkAclEntry.PortRange": { "additionalProperties": false, "properties": { - "SizeInGiB": { - "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", - "title": "SizeInGiB", + "From": { + "markdownDescription": "The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "To", "type": "number" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.FSxAuthorizationConfig": { + "AWS::EC2::NetworkInsightsAccessScope": { "additionalProperties": false, "properties": { - "CredentialsParameter": { - "markdownDescription": "The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an AWS Secrets Manager secret or SSM Parameter Store parameter. The ARN refers to the stored credentials.", - "title": "CredentialsParameter", + "Condition": { "type": "string" }, - "Domain": { - "markdownDescription": "A fully qualified domain name hosted by an [AWS Directory Service](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.", - "title": "Domain", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "CredentialsParameter", - "Domain" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration": { - "additionalProperties": false, - "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxAuthorizationConfig", - "markdownDescription": "The authorization configuration details for the Amazon FSx for Windows File Server file system.", - "title": "AuthorizationConfig" }, - "FileSystemId": { - "markdownDescription": "The Amazon FSx for Windows File Server file system ID to use.", - "title": "FileSystemId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ExcludePaths": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" + }, + "markdownDescription": "The paths to exclude.", + "title": "ExcludePaths", + "type": "array" + }, + "MatchPaths": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" + }, + "markdownDescription": "The paths to match.", + "title": "MatchPaths", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::NetworkInsightsAccessScope" + ], "type": "string" }, - "RootDirectory": { - "markdownDescription": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host.", - "title": "RootDirectory", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FileSystemId", - "RootDirectory" + "Type" ], "type": "object" }, - "AWS::ECS::TaskDefinition.FirelensConfiguration": { + "AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest": { "additionalProperties": false, "properties": { - "Options": { - "additionalProperties": true, - "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event.\n\nIf specified, valid option keys are:\n\n- `enable-ecs-log-metadata` , which can be `true` or `false`\n- `config-file-type` , which can be `s3` or `file`\n- `config-file-value` , which is either an S3 ARN or a file path", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Options", - "type": "object" + "Destination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", + "markdownDescription": "The destination.", + "title": "Destination" }, - "Type": { - "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", - "title": "Type", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", + "markdownDescription": "The source.", + "title": "Source" + }, + "ThroughResources": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest" + }, + "markdownDescription": "The through resources.", + "title": "ThroughResources", + "type": "array" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.HealthCheck": { + "AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest": { "additionalProperties": false, "properties": { - "Command": { + "DestinationAddresses": { "items": { "type": "string" }, - "markdownDescription": "A string array representing the command that the container runs to determine if it is healthy. The string array must start with `CMD` to run the command arguments directly, or `CMD-SHELL` to run the command with the container's default shell.\n\nWhen you use the AWS Management Console JSON panel, the AWS Command Line Interface , or the APIs, enclose the list of commands in double quotes and brackets.\n\n`[ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]`\n\nYou don't include the double quotes and brackets when you use the AWS Management Console.\n\n`CMD-SHELL, curl -f http://localhost/ || exit 1`\n\nAn exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see `HealthCheck` in the docker container create command.", - "title": "Command", + "markdownDescription": "The destination addresses.", + "title": "DestinationAddresses", "type": "array" }, - "Interval": { - "markdownDescription": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a `command` .", - "title": "Interval", - "type": "number" - }, - "Retries": { - "markdownDescription": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a `command` .", - "title": "Retries", - "type": "number" - }, - "StartPeriod": { - "markdownDescription": "The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the `startPeriod` is off. This value applies only when you specify a `command` .\n\n> If a health check succeeds within the `startPeriod` , then the container is considered healthy and any subsequent failures count toward the maximum number of retries.", - "title": "StartPeriod", - "type": "number" - }, - "Timeout": { - "markdownDescription": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a `command` .", - "title": "Timeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.HostEntry": { - "additionalProperties": false, - "properties": { - "Hostname": { - "markdownDescription": "The hostname to use in the `/etc/hosts` entry.", - "title": "Hostname", - "type": "string" - }, - "IpAddress": { - "markdownDescription": "The IP address to use in the `/etc/hosts` entry.", - "title": "IpAddress", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.HostVolumeProperties": { - "additionalProperties": false, - "properties": { - "SourcePath": { - "markdownDescription": "When the `host` parameter is used, specify a `sourcePath` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the `host` parameter contains a `sourcePath` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the `sourcePath` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\nIf you're using the Fargate launch type, the `sourcePath` parameter is not supported.", - "title": "SourcePath", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.InferenceAccelerator": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "type": "string" - }, - "DeviceType": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.KernelCapabilities": { - "additionalProperties": false, - "properties": { - "Add": { + "DestinationPorts": { "items": { "type": "string" }, - "markdownDescription": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to `CapAdd` in the docker container create command and the `--cap-add` option to docker run.\n\n> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE` kernel capability. \n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", - "title": "Add", + "markdownDescription": "The destination ports.", + "title": "DestinationPorts", "type": "array" }, - "Drop": { + "DestinationPrefixLists": { "items": { "type": "string" }, - "markdownDescription": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to `CapDrop` in the docker container create command and the `--cap-drop` option to docker run.\n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", - "title": "Drop", + "markdownDescription": "The destination prefix lists.", + "title": "DestinationPrefixLists", "type": "array" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.KeyValuePair": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.LinuxParameters": { - "additionalProperties": false, - "properties": { - "Capabilities": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KernelCapabilities", - "markdownDescription": "The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.\n\n> For tasks that use the Fargate launch type, `capabilities` is supported for all platform versions but the `add` parameter is only supported if using platform version 1.4.0 or later.", - "title": "Capabilities" }, - "Devices": { + "Protocols": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Device" + "type": "string" }, - "markdownDescription": "Any host devices to expose to the container. This parameter maps to `Devices` in the docker container create command and the `--device` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `devices` parameter isn't supported.", - "title": "Devices", + "markdownDescription": "The protocols.", + "title": "Protocols", "type": "array" }, - "InitProcessEnabled": { - "markdownDescription": "Run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "title": "InitProcessEnabled", - "type": "boolean" - }, - "MaxSwap": { - "markdownDescription": "The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the `--memory-swap` option to docker run where the value would be the sum of the container memory plus the `maxSwap` value.\n\nIf a `maxSwap` value of `0` is specified, the container will not use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n> If you're using tasks that use the Fargate launch type, the `maxSwap` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", - "title": "MaxSwap", - "type": "number" - }, - "SharedMemorySize": { - "markdownDescription": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to docker run.\n\n> If you are using tasks that use the Fargate launch type, the `sharedMemorySize` parameter is not supported.", - "title": "SharedMemorySize", - "type": "number" - }, - "Swappiness": { - "markdownDescription": "This allows you to tune a container's memory swappiness behavior. A `swappiness` value of `0` will cause swapping to not happen unless absolutely necessary. A `swappiness` value of `100` will cause pages to be swapped very aggressively. Accepted values are whole numbers between `0` and `100` . If the `swappiness` parameter is not specified, a default value of `60` is used. If a value is not specified for `maxSwap` then this parameter is ignored. This parameter maps to the `--memory-swappiness` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `swappiness` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", - "title": "Swappiness", - "type": "number" - }, - "Tmpfs": { + "SourceAddresses": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Tmpfs" + "type": "string" }, - "markdownDescription": "The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the `--tmpfs` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `tmpfs` parameter isn't supported.", - "title": "Tmpfs", + "markdownDescription": "The source addresses.", + "title": "SourceAddresses", "type": "array" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.LogConfiguration": { - "additionalProperties": false, - "properties": { - "LogDriver": { - "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", - "title": "LogDriver", - "type": "string" }, - "Options": { - "additionalProperties": true, - "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "SourcePorts": { + "items": { + "type": "string" }, - "title": "Options", - "type": "object" + "markdownDescription": "The source ports.", + "title": "SourcePorts", + "type": "array" }, - "SecretOptions": { + "SourcePrefixLists": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" + "type": "string" }, - "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "SecretOptions", + "markdownDescription": "The source prefix lists.", + "title": "SourcePrefixLists", "type": "array" } }, - "required": [ - "LogDriver" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.MountPoint": { - "additionalProperties": false, - "properties": { - "ContainerPath": { - "markdownDescription": "The path on the container to mount the host volume at.", - "title": "ContainerPath", - "type": "string" - }, - "ReadOnly": { - "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", - "title": "ReadOnly", - "type": "boolean" - }, - "SourceVolume": { - "markdownDescription": "The name of the volume to mount. Must be a volume name referenced in the `name` parameter of task definition `volume` .", - "title": "SourceVolume", - "type": "string" - } - }, "type": "object" }, - "AWS::ECS::TaskDefinition.PortMapping": { + "AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest": { "additionalProperties": false, "properties": { - "AppProtocol": { - "markdownDescription": "The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.\n\nIf you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP.\n\n`appProtocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "AppProtocol", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port number on the container that's bound to the user-specified or automatically assigned host port.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, specify the exposed ports using `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see `hostPort` . Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance.", - "title": "ContainerPort", - "type": "number" - }, - "ContainerPortRange": { - "markdownDescription": "The port number range on the container that's bound to the dynamically mapped host port range.\n\nThe following rules apply when you specify a `containerPortRange` :\n\n- You must use either the `bridge` network mode or the `awsvpc` network mode.\n- This parameter is available for both the EC2 and AWS Fargate launch types.\n- This parameter is available for both the Linux and Windows operating systems.\n- The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the `ecs-init` package\n- You can specify a maximum of 100 port ranges per container.\n- You do not specify a `hostPortRange` . The value of the `hostPortRange` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPortRange` is set to the same value as the `containerPortRange` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.\n- The `containerPortRange` valid values are between 1 and 65535.\n- A port can only be included in one port mapping per container.\n- You cannot specify overlapping port ranges.\n- The first port in the range must be less than last port in the range.\n- Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.\n\nFor more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website.\n\nFor information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide* .\n\nYou can call [`DescribeTasks`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the `hostPortRange` which are the host ports that are bound to the container ports.", - "title": "ContainerPortRange", - "type": "string" - }, - "HostPort": { - "markdownDescription": "The port number on the container instance to reserve for your container.\n\nIf you specify a `containerPortRange` , leave this field empty and the value of the `hostPort` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPort` is set to the same value as the `containerPort` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, the `hostPort` can either be left blank or set to the same value as the `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the `hostPort` (or set it to `0` ) while specifying a `containerPort` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version.\n\nThe default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under `/proc/sys/net/ipv4/ip_local_port_range` . If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range.\n\nThe default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the `remainingResources` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota.", - "title": "HostPort", - "type": "number" - }, - "Name": { - "markdownDescription": "The name that's used for the port mapping. This parameter is the name that you use in the `serviceConnectConfiguration` and the `vpcLatticeConfigurations` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.", - "title": "Name", - "type": "string" + "PacketHeaderStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest", + "markdownDescription": "The packet header statement.", + "title": "PacketHeaderStatement" }, - "Protocol": { - "markdownDescription": "The protocol used for the port mapping. Valid values are `tcp` and `udp` . The default is `tcp` . `protocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.", - "title": "Protocol", - "type": "string" + "ResourceStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", + "markdownDescription": "The resource statement.", + "title": "ResourceStatement" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.ProxyConfiguration": { + "AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The name of the container that will serve as the App Mesh proxy.", - "title": "ContainerName", - "type": "string" - }, - "ProxyConfigurationProperties": { + "ResourceTypes": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" + "type": "string" }, - "markdownDescription": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs.\n\n- `IgnoredUID` - (Required) The user ID (UID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredGID` is specified, this field can be empty.\n- `IgnoredGID` - (Required) The group ID (GID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredUID` is specified, this field can be empty.\n- `AppPorts` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the `ProxyIngressPort` and `ProxyEgressPort` .\n- `ProxyIngressPort` - (Required) Specifies the port that incoming traffic to the `AppPorts` is directed to.\n- `ProxyEgressPort` - (Required) Specifies the port that outgoing traffic from the `AppPorts` is directed to.\n- `EgressIgnoredPorts` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.\n- `EgressIgnoredIPs` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.", - "title": "ProxyConfigurationProperties", + "markdownDescription": "The resource types.", + "title": "ResourceTypes", "type": "array" }, - "Type": { - "markdownDescription": "The proxy type. The only supported value is `APPMESH` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ContainerName" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.RepositoryCredentials": { - "additionalProperties": false, - "properties": { - "CredentialsParameter": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.\n\n> When you use the Amazon ECS API, AWS CLI , or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret.", - "title": "CredentialsParameter", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.ResourceRequirement": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container.", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The value for the specified resource type.\n\nWhen the type is `GPU` , the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nWhen the type is `InferenceAccelerator` , the `value` matches the `deviceName` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.RuntimePlatform": { - "additionalProperties": false, - "properties": { - "CpuArchitecture": { - "markdownDescription": "The CPU architecture.\n\nYou can run your Linux tasks on an ARM-based platform by setting the value to `ARM64` . This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate.", - "title": "CpuArchitecture", - "type": "string" - }, - "OperatingSystemFamily": { - "markdownDescription": "The operating system.", - "title": "OperatingSystemFamily", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.Secret": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the secret.", - "title": "Name", - "type": "string" - }, - "ValueFrom": { - "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", - "title": "ValueFrom", - "type": "string" - } - }, - "required": [ - "Name", - "ValueFrom" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.SystemControl": { - "additionalProperties": false, - "properties": { - "Namespace": { - "markdownDescription": "The namespaced kernel parameter to set a `value` for.", - "title": "Namespace", - "type": "string" - }, - "Value": { - "markdownDescription": "The namespaced kernel parameter to set a `value` for.\n\nValid IPC namespace values: `\"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\" | \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" | \"kernel.shm_rmid_forced\"` , and `Sysctls` that start with `\"fs.mqueue.*\"`\n\nValid network namespace values: `Sysctls` that start with `\"net.*\"` . Only namespaced `Sysctls` that exist within the container starting with \"net.* are accepted.\n\nAll of these values are supported by Fargate.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Expression", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of constraint. The `MemberOf` constraint restricts selection to be from a group of valid candidates.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.Tmpfs": { - "additionalProperties": false, - "properties": { - "ContainerPath": { - "markdownDescription": "The absolute file path where the tmpfs volume is to be mounted.", - "title": "ContainerPath", - "type": "string" - }, - "MountOptions": { + "Resources": { "items": { "type": "string" }, - "markdownDescription": "The list of tmpfs volume mount options.\n\nValid values: `\"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"`", - "title": "MountOptions", + "markdownDescription": "The resources.", + "title": "Resources", "type": "array" - }, - "Size": { - "markdownDescription": "The maximum size (in MiB) of the tmpfs volume.", - "title": "Size", - "type": "number" - } - }, - "required": [ - "Size" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.Ulimit": { - "additionalProperties": false, - "properties": { - "HardLimit": { - "markdownDescription": "The hard limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", - "title": "HardLimit", - "type": "number" - }, - "Name": { - "markdownDescription": "The `type` of the `ulimit` .", - "title": "Name", - "type": "string" - }, - "SoftLimit": { - "markdownDescription": "The soft limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", - "title": "SoftLimit", - "type": "number" - } - }, - "required": [ - "HardLimit", - "Name", - "SoftLimit" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.Volume": { - "additionalProperties": false, - "properties": { - "ConfiguredAtLaunch": { - "markdownDescription": "Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n\nTo configure a volume at launch time, use this task definition revision and specify a `volumeConfigurations` object when calling the `CreateService` , `UpdateService` , `RunTask` or `StartTask` APIs.", - "title": "ConfiguredAtLaunch", - "type": "boolean" - }, - "DockerVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.DockerVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use Docker volumes.\n\nWindows containers only support the use of the `local` driver. To use bind mounts, specify the `host` parameter instead.\n\n> Docker volumes aren't supported by tasks run on AWS Fargate .", - "title": "DockerVolumeConfiguration" - }, - "EFSVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EFSVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use an Amazon Elastic File System file system for task storage.", - "title": "EFSVolumeConfiguration" - }, - "FSxWindowsFileServerVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage.", - "title": "FSxWindowsFileServerVolumeConfiguration" - }, - "Host": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostVolumeProperties", - "markdownDescription": "This parameter is specified when you use bind mount host volumes. The contents of the `host` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the `host` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount `C:\\my\\path:C:\\my\\path` and `D:\\:D:\\` , but not `D:\\my\\path:C:\\my\\path` or `D:\\:C:\\my\\path` .", - "title": "Host" - }, - "Name": { - "markdownDescription": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.\n\nWhen using a volume configured at launch, the `name` is required and must also be specified as the volume name in the `ServiceVolumeConfiguration` or `TaskVolumeConfiguration` parameter when creating your service or standalone task.\n\nFor all other types of volumes, this name is referenced in the `sourceVolume` parameter of the `mountPoints` object in the container definition.\n\nWhen a volume is using the `efsVolumeConfiguration` , the name is required.", - "title": "Name", - "type": "string" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.VolumeFrom": { + "AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest": { "additionalProperties": false, "properties": { - "ReadOnly": { - "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", - "title": "ReadOnly", - "type": "boolean" - }, - "SourceContainer": { - "markdownDescription": "The name of another container within the same task definition to mount volumes from.", - "title": "SourceContainer", - "type": "string" + "ResourceStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", + "markdownDescription": "The resource statement.", + "title": "ResourceStatement" } }, "type": "object" }, - "AWS::ECS::TaskSet": { + "AWS::EC2::NetworkInsightsAccessScopeAnalysis": { "additionalProperties": false, "properties": { "Condition": { @@ -85335,81 +94514,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", - "title": "Cluster", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the `ECS_TASK_SET_EXTERNAL_ID` AWS Cloud Map attribute set to the provided value.", - "title": "ExternalId", - "type": "string" - }, - "LaunchType": { - "markdownDescription": "The launch type that new tasks in the task set uses. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf a `launchType` is specified, the `capacityProviderStrategy` parameter must be omitted.", - "title": "LaunchType", - "type": "string" - }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskSet.LoadBalancer" - }, - "markdownDescription": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer.", - "title": "LoadBalancers", - "type": "array" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskSet.NetworkConfiguration", - "markdownDescription": "The network configuration for the task set.", - "title": "NetworkConfiguration" - }, - "PlatformVersion": { - "markdownDescription": "The platform version that the tasks in the task set uses. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used.", - "title": "PlatformVersion", - "type": "string" - }, - "Scale": { - "$ref": "#/definitions/AWS::ECS::TaskSet.Scale", - "markdownDescription": "A floating-point percentage of your desired number of tasks to place and keep running in the task set.", - "title": "Scale" - }, - "Service": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", - "title": "Service", + "NetworkInsightsAccessScopeId": { + "markdownDescription": "The ID of the Network Access Scope.", + "title": "NetworkInsightsAccessScopeId", "type": "string" }, - "ServiceRegistries": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskSet.ServiceRegistry" - }, - "markdownDescription": "The details of the service discovery registries to assign to this task set. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .", - "title": "ServiceRegistries", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" - }, - "TaskDefinition": { - "markdownDescription": "The task definition for the tasks in the task set to use. If a revision isn't specified, the latest `ACTIVE` revision is used.", - "title": "TaskDefinition", - "type": "string" } }, "required": [ - "Cluster", - "Service", - "TaskDefinition" + "NetworkInsightsAccessScopeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::TaskSet" + "AWS::EC2::NetworkInsightsAccessScopeAnalysis" ], "type": "string" }, @@ -85428,111 +94554,7 @@ ], "type": "object" }, - "AWS::ECS::TaskSet.AwsVpcConfiguration": { - "additionalProperties": false, - "properties": { - "AssignPublicIp": { - "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", - "title": "AssignPublicIp", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "AWS::ECS::TaskSet.LoadBalancer": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", - "title": "ContainerName", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", - "title": "ContainerPort", - "type": "number" - }, - "TargetGroupArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", - "title": "TargetGroupArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskSet.AwsVpcConfiguration", - "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", - "title": "AwsVpcConfiguration" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.Scale": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The unit of measure for the scale value.", - "title": "Unit", - "type": "string" - }, - "Value": { - "markdownDescription": "The value, specified as a percent total of a service's `desiredCount` , to scale the task set. Accepted values are numbers between 0 and 100.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.ServiceRegistry": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerName", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerPort", - "type": "number" - }, - "Port": { - "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", - "title": "Port", - "type": "number" - }, - "RegistryArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", - "title": "RegistryArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::AccessPoint": { + "AWS::EC2::NetworkInsightsAnalysis": { "additionalProperties": false, "properties": { "Condition": { @@ -85567,43 +94589,52 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPointTags": { + "AdditionalAccounts": { "items": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.AccessPointTag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "AccessPointTags", + "markdownDescription": "The member accounts that contain resources that the path can traverse.", + "title": "AdditionalAccounts", "type": "array" }, - "ClientToken": { - "markdownDescription": "The opaque string specified in the request to ensure idempotent creation.", - "title": "ClientToken", - "type": "string" + "FilterInArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must traverse.", + "title": "FilterInArns", + "type": "array" }, - "FileSystemId": { - "markdownDescription": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example `fs-0123456789abcedf2` .", - "title": "FileSystemId", - "type": "string" + "FilterOutArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must ignore.", + "title": "FilterOutArns", + "type": "array" }, - "PosixUser": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.PosixUser", - "markdownDescription": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.", - "title": "PosixUser" + "NetworkInsightsPathId": { + "markdownDescription": "The ID of the path.", + "title": "NetworkInsightsPathId", + "type": "string" }, - "RootDirectory": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.RootDirectory", - "markdownDescription": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.", - "title": "RootDirectory" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply.", + "title": "Tags", + "type": "array" } }, "required": [ - "FileSystemId" + "NetworkInsightsPathId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EFS::AccessPoint" + "AWS::EC2::NetworkInsightsAnalysis" ], "type": "string" }, @@ -85622,328 +94653,722 @@ ], "type": "object" }, - "AWS::EFS::AccessPoint.AccessPointTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The tag key (String). The key can't start with `aws:` .", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the tag key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::AccessPoint.CreationInfo": { + "AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail": { "additionalProperties": false, "properties": { - "OwnerGid": { - "markdownDescription": "Specifies the POSIX group ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", - "title": "OwnerGid", - "type": "string" - }, - "OwnerUid": { - "markdownDescription": "Specifies the POSIX user ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", - "title": "OwnerUid", + "AdditionalDetailType": { + "markdownDescription": "The additional detail code.", + "title": "AdditionalDetailType", "type": "string" }, - "Permissions": { - "markdownDescription": "Specifies the POSIX permissions to apply to the `RootDirectory` , in the format of an octal number representing the file's mode bits.", - "title": "Permissions", - "type": "string" - } - }, - "required": [ - "OwnerGid", - "OwnerUid", - "Permissions" - ], - "type": "object" - }, - "AWS::EFS::AccessPoint.PosixUser": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID used for all file system operations using this access point.", - "title": "Gid", - "type": "string" + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The path component.", + "title": "Component" }, - "SecondaryGids": { + "LoadBalancers": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" }, - "markdownDescription": "Secondary POSIX group IDs used for all file system operations using this access point.", - "title": "SecondaryGids", + "markdownDescription": "The load balancers.", + "title": "LoadBalancers", "type": "array" }, - "Uid": { - "markdownDescription": "The POSIX user ID used for all file system operations using this access point.", - "title": "Uid", + "ServiceName": { + "markdownDescription": "The name of the VPC endpoint service.", + "title": "ServiceName", "type": "string" } }, - "required": [ - "Gid", - "Uid" - ], "type": "object" }, - "AWS::EFS::AccessPoint.RootDirectory": { + "AWS::EC2::NetworkInsightsAnalysis.AlternatePathHint": { "additionalProperties": false, "properties": { - "CreationInfo": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.CreationInfo", - "markdownDescription": "(Optional) Specifies the POSIX IDs and permissions to apply to the access point's `RootDirectory` . If the `RootDirectory` > `Path` specified does not exist, EFS creates the root directory using the `CreationInfo` settings when a client connects to an access point. When specifying the `CreationInfo` , you must provide values for all properties.\n\n> If you do not provide `CreationInfo` and the specified `RootDirectory` > `Path` does not exist, attempts to mount the file system using the access point will fail.", - "title": "CreationInfo" + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", + "type": "string" }, - "Path": { - "markdownDescription": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the `CreationInfo` .", - "title": "Path", + "ComponentId": { + "markdownDescription": "The ID of the component.", + "title": "ComponentId", "type": "string" } }, "type": "object" }, - "AWS::EFS::FileSystem": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Cidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation.", + "title": "Cidr", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Egress": { + "markdownDescription": "Indicates whether the rule is an outbound rule.", + "title": "Egress", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZoneName": { - "markdownDescription": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide* .\n\n> One Zone file systems are not available in all Availability Zones in AWS Regions where Amazon EFS is available.", - "title": "AvailabilityZoneName", - "type": "string" - }, - "BackupPolicy": { - "$ref": "#/definitions/AWS::EFS::FileSystem.BackupPolicy", - "markdownDescription": "Use the `BackupPolicy` to turn automatic backups on or off for the file system.", - "title": "BackupPolicy" - }, - "BypassPolicyLockoutSafetyCheck": { - "markdownDescription": "(Optional) A boolean that specifies whether or not to bypass the `FileSystemPolicy` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future `PutFileSystemPolicy` requests on this file system. Set `BypassPolicyLockoutSafetyCheck` to `True` only when you intend to prevent the IAM principal that is making the request from making subsequent `PutFileSystemPolicy` requests on this file system. The default value is `False` .", - "title": "BypassPolicyLockoutSafetyCheck", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing AWS KMS key . If you don't specify a KMS key , then the default KMS key for Amazon EFS , `/aws/elasticfilesystem` , is used to protect the encrypted file system.", - "title": "Encrypted", - "type": "boolean" - }, - "FileSystemPolicy": { - "markdownDescription": "The `FileSystemPolicy` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using IAM to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide* .", - "title": "FileSystemPolicy", - "type": "object" - }, - "FileSystemProtection": { - "$ref": "#/definitions/AWS::EFS::FileSystem.FileSystemProtection", - "markdownDescription": "Describes the protection on the file system.", - "title": "FileSystemProtection" - }, - "FileSystemTags": { - "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ElasticFileSystemTag" - }, - "markdownDescription": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a `\"Key\":\"Name\",\"Value\":\"{value}\"` key-value pair. Each key must be unique. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", - "title": "FileSystemTags", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS KMS key to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault KMS key . If this parameter is not specified, the default KMS key for Amazon EFS is used. This ID can be in one of the following formats:\n\n- Key ID - A unique identifier of the key, for example `1234abcd-12ab-34cd-56ef-1234567890ab` .\n- ARN - An Amazon Resource Name (ARN) for the key, for example `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` .\n- Key alias - A previously created display name for a key, for example `alias/projectKey1` .\n- Key alias ARN - An ARN for a key alias, for example `arn:aws:kms:us-west-2:444455556666:alias/projectKey1` .\n\nIf `KmsKeyId` is specified, the `Encrypted` parameter must be set to true.", - "title": "KmsKeyId", - "type": "string" - }, - "LifecyclePolicies": { - "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.LifecyclePolicy" - }, - "markdownDescription": "An array of `LifecyclePolicy` objects that define the file system's `LifecycleConfiguration` object. A `LifecycleConfiguration` object informs Lifecycle management of the following:\n\n- When to move files in the file system from primary storage to IA storage.\n- When to move files in the file system from primary storage or IA storage to Archive storage.\n- When to move files that are in IA or Archive storage to primary storage.\n\n> Amazon EFS requires that each `LifecyclePolicy` object have only a single transition. This means that in a request body, `LifecyclePolicies` needs to be structured as an array of `LifecyclePolicy` objects, one object for each transition, `TransitionToIA` , `TransitionToArchive` `TransitionToPrimaryStorageClass` . See the example requests in the following section for more information.", - "title": "LifecyclePolicies", - "type": "array" - }, - "PerformanceMode": { - "markdownDescription": "The performance mode of the file system. We recommend `generalPurpose` performance mode for all file systems. File systems using the `maxIO` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The `maxIO` mode is not supported on One Zone file systems.\n\n> Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems. \n\nDefault is `generalPurpose` .", - "title": "PerformanceMode", - "type": "string" - }, - "ProvisionedThroughputInMibps": { - "markdownDescription": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if `ThroughputMode` is set to `provisioned` . Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact Support . For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide* .", - "title": "ProvisionedThroughputInMibps", - "type": "number" - }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationConfiguration", - "markdownDescription": "Describes the replication configuration for a specific file system.", - "title": "ReplicationConfiguration" - }, - "ThroughputMode": { - "markdownDescription": "Specifies the throughput mode for the file system. The mode can be `bursting` , `provisioned` , or `elastic` . If you set `ThroughputMode` to `provisioned` , you must also set a value for `ProvisionedThroughputInMibps` . After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide* .\n\nDefault is `bursting` .", - "title": "ThroughputMode", - "type": "string" - } - }, - "type": "object" + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", + "markdownDescription": "The range of ports.", + "title": "PortRange" }, - "Type": { - "enum": [ - "AWS::EFS::FileSystem" - ], + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EFS::FileSystem.BackupPolicy": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Set the backup policy status for the file system.\n\n- *`ENABLED`* - Turns automatic backups on for the file system.\n- *`DISABLED`* - Turns automatic backups off for the file system.", - "title": "Status", + "RuleAction": { + "markdownDescription": "Indicates whether to allow or deny traffic that matches the rule.", + "title": "RuleAction", "type": "string" + }, + "RuleNumber": { + "markdownDescription": "The rule number.", + "title": "RuleNumber", + "type": "number" } }, - "required": [ - "Status" - ], "type": "object" }, - "AWS::EFS::FileSystem.ElasticFileSystemTag": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key (String). The key can't start with `aws:` .", - "title": "Key", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "Arn", "type": "string" }, - "Value": { - "markdownDescription": "The value of the tag key.", - "title": "Value", + "Id": { + "markdownDescription": "The ID of the component.", + "title": "Id", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EFS::FileSystem.FileSystemProtection": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener": { "additionalProperties": false, "properties": { - "ReplicationOverwriteProtection": { - "markdownDescription": "The status of the file system's replication overwrite protection.\n\n- `ENABLED` \u2013 The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is `ENABLED` by default.\n- `DISABLED` \u2013 The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.\n- `REPLICATING` \u2013 The file system is being used as the destination file system in a replication configuration. The file system is read-only and is modified only by EFS replication.\n\nIf the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable.", - "title": "ReplicationOverwriteProtection", - "type": "string" + "InstancePort": { + "markdownDescription": "[Classic Load Balancers] The back-end port for the listener.", + "title": "InstancePort", + "type": "number" + }, + "LoadBalancerPort": { + "markdownDescription": "The port on which the load balancer is listening.", + "title": "LoadBalancerPort", + "type": "number" } }, "type": "object" }, - "AWS::EFS::FileSystem.LifecyclePolicy": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget": { "additionalProperties": false, "properties": { - "TransitionToArchive": { - "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToArchive", + "Address": { + "markdownDescription": "The IP address.", + "title": "Address", "type": "string" }, - "TransitionToIA": { - "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToIA", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.", + "title": "AvailabilityZone", "type": "string" }, - "TransitionToPrimaryStorageClass": { - "markdownDescription": "Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToPrimaryStorageClass", - "type": "string" + "Instance": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "Information about the instance.", + "title": "Instance" + }, + "Port": { + "markdownDescription": "The port on which the target is listening.", + "title": "Port", + "type": "number" } }, "type": "object" }, - "AWS::EFS::FileSystem.ReplicationConfiguration": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader": { "additionalProperties": false, "properties": { - "Destinations": { + "DestinationAddresses": { "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationDestination" + "type": "string" }, - "markdownDescription": "An array of destination objects. Only one destination object is supported.", - "title": "Destinations", + "markdownDescription": "The destination addresses.", + "title": "DestinationAddresses", + "type": "array" + }, + "DestinationPortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The destination port ranges.", + "title": "DestinationPortRanges", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", + "type": "string" + }, + "SourceAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The source addresses.", + "title": "SourceAddresses", + "type": "array" + }, + "SourcePortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The source port ranges.", + "title": "SourcePortRanges", "type": "array" } }, "type": "object" }, - "AWS::EFS::FileSystem.ReplicationDestination": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute": { "additionalProperties": false, "properties": { - "AvailabilityZoneName": { - "markdownDescription": "For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located.\n\nUse the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide* .\n\n> One Zone file system type is not available in all Availability Zones in AWS Regions where Amazon EFS is available.", - "title": "AvailabilityZoneName", - "type": "string" + "NatGatewayId": { + "markdownDescription": "The ID of a NAT gateway.", + "title": "NatGatewayId", + "type": "string" }, - "FileSystemId": { - "markdownDescription": "The ID of the destination Amazon EFS file system.", - "title": "FileSystemId", + "NetworkInterfaceId": { + "markdownDescription": "The ID of a network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The ID of an AWS KMS key used to protect the encrypted file system.", - "title": "KmsKeyId", + "Origin": { + "markdownDescription": "Describes how the route was created. The following are the possible values:\n\n- CreateRouteTable - The route was automatically created when the route table was created.\n- CreateRoute - The route was manually added to the route table.\n- EnableVgwRoutePropagation - The route was propagated by route propagation.", + "title": "Origin", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region in which the destination file system is located.\n\n> For One Zone file systems, the replication configuration must specify the AWS Region in which the destination file system is located.", - "title": "Region", + "State": { + "markdownDescription": "The state. The following are the possible values:\n\n- active\n- blackhole", + "title": "State", + "type": "string" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of a transit gateway.", + "title": "TransitGatewayId", + "type": "string" + }, + "VpcPeeringConnectionId": { + "markdownDescription": "The ID of a VPC peering connection.", + "title": "VpcPeeringConnectionId", + "type": "string" + }, + "destinationCidr": { + "markdownDescription": "The destination IPv4 address, in CIDR notation.", + "title": "destinationCidr", + "type": "string" + }, + "destinationPrefixListId": { + "markdownDescription": "The prefix of the AWS service.", + "title": "destinationPrefixListId", + "type": "string" + }, + "egressOnlyInternetGatewayId": { + "markdownDescription": "The ID of an egress-only internet gateway.", + "title": "egressOnlyInternetGatewayId", + "type": "string" + }, + "gatewayId": { + "markdownDescription": "The ID of the gateway, such as an internet gateway or virtual private gateway.", + "title": "gatewayId", + "type": "string" + }, + "instanceId": { + "markdownDescription": "The ID of the instance, such as a NAT instance.", + "title": "instanceId", "type": "string" } }, "type": "object" }, - "AWS::EFS::MountTarget": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation.", + "title": "Cidr", + "type": "string" + }, + "Direction": { + "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", + "title": "Direction", + "type": "string" + }, + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", + "markdownDescription": "The port range.", + "title": "PortRange" + }, + "PrefixListId": { + "markdownDescription": "The prefix list ID.", + "title": "PrefixListId", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol name.", + "title": "Protocol", + "type": "string" + }, + "SecurityGroupId": { + "markdownDescription": "The security group ID.", + "title": "SecurityGroupId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.Explanation": { + "additionalProperties": false, + "properties": { + "Acl": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The network ACL.", + "title": "Acl" + }, + "AclRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", + "markdownDescription": "The network ACL rule.", + "title": "AclRule" + }, + "Address": { + "markdownDescription": "The IPv4 address, in CIDR notation.", + "title": "Address", + "type": "string" + }, + "Addresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 addresses, in CIDR notation.", + "title": "Addresses", + "type": "array" + }, + "AttachedTo": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The resource to which the component is attached.", + "title": "AttachedTo" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones.", + "title": "AvailabilityZones", + "type": "array" + }, + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The CIDR ranges.", + "title": "Cidrs", + "type": "array" + }, + "ClassicLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener", + "markdownDescription": "The listener for a Classic Load Balancer.", + "title": "ClassicLoadBalancerListener" + }, + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component.", + "title": "Component" + }, + "ComponentAccount": { + "markdownDescription": "The AWS account for the component.", + "title": "ComponentAccount", + "type": "string" + }, + "ComponentRegion": { + "markdownDescription": "The Region for the component.", + "title": "ComponentRegion", + "type": "string" + }, + "CustomerGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The customer gateway.", + "title": "CustomerGateway" + }, + "Destination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination.", + "title": "Destination" + }, + "DestinationVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination VPC.", + "title": "DestinationVpc" + }, + "Direction": { + "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", + "title": "Direction", + "type": "string" + }, + "ElasticLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The load balancer listener.", + "title": "ElasticLoadBalancerListener" + }, + "ExplanationCode": { + "markdownDescription": "The explanation code.", + "title": "ExplanationCode", + "type": "string" + }, + "IngressRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table.", + "title": "IngressRouteTable" + }, + "InternetGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The internet gateway.", + "title": "InternetGateway" + }, + "LoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", + "title": "LoadBalancerArn", + "type": "string" + }, + "LoadBalancerListenerPort": { + "markdownDescription": "The listener port of the load balancer.", + "title": "LoadBalancerListenerPort", + "type": "number" + }, + "LoadBalancerTarget": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget", + "markdownDescription": "The target.", + "title": "LoadBalancerTarget" + }, + "LoadBalancerTargetGroup": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The target group.", + "title": "LoadBalancerTargetGroup" + }, + "LoadBalancerTargetGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + }, + "markdownDescription": "The target groups.", + "title": "LoadBalancerTargetGroups", + "type": "array" + }, + "LoadBalancerTargetPort": { + "markdownDescription": "The target port.", + "title": "LoadBalancerTargetPort", + "type": "number" + }, + "MissingComponent": { + "markdownDescription": "The missing component.", + "title": "MissingComponent", + "type": "string" + }, + "NatGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The NAT gateway.", + "title": "NatGateway" + }, + "NetworkInterface": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The network interface.", + "title": "NetworkInterface" + }, + "PacketField": { + "markdownDescription": "The packet field.", + "title": "PacketField", + "type": "string" + }, + "Port": { + "markdownDescription": "The port.", + "title": "Port", + "type": "number" + }, + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" + }, + "PrefixList": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The prefix list.", + "title": "PrefixList" + }, + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The protocols.", + "title": "Protocols", + "type": "array" + }, + "RouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table.", + "title": "RouteTable" + }, + "RouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", + "markdownDescription": "The route table route.", + "title": "RouteTableRoute" + }, + "SecurityGroup": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The security group.", + "title": "SecurityGroup" + }, + "SecurityGroupRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", + "markdownDescription": "The security group rule.", + "title": "SecurityGroupRule" + }, + "SecurityGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + }, + "markdownDescription": "The security groups.", + "title": "SecurityGroups", + "type": "array" + }, + "SourceVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The source VPC.", + "title": "SourceVpc" + }, + "State": { + "markdownDescription": "The state.", + "title": "State", + "type": "string" + }, + "Subnet": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The subnet.", + "title": "Subnet" + }, + "SubnetRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table for the subnet.", + "title": "SubnetRouteTable" + }, + "TransitGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway.", + "title": "TransitGateway" + }, + "TransitGatewayAttachment": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway attachment.", + "title": "TransitGatewayAttachment" + }, + "TransitGatewayRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway route table.", + "title": "TransitGatewayRouteTable" + }, + "TransitGatewayRouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", + "markdownDescription": "The transit gateway route table route.", + "title": "TransitGatewayRouteTableRoute" + }, + "Vpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component VPC.", + "title": "Vpc" + }, + "VpcPeeringConnection": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPC peering connection.", + "title": "VpcPeeringConnection" + }, + "VpnConnection": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPN connection.", + "title": "VpnConnection" + }, + "VpnGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPN gateway.", + "title": "VpnGateway" + }, + "vpcEndpoint": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPC endpoint.", + "title": "vpcEndpoint" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.PathComponent": { + "additionalProperties": false, + "properties": { + "AclRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", + "markdownDescription": "The network ACL rule.", + "title": "AclRule" + }, + "AdditionalDetails": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail" + }, + "markdownDescription": "The additional details.", + "title": "AdditionalDetails", + "type": "array" + }, + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component.", + "title": "Component" + }, + "DestinationVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination VPC.", + "title": "DestinationVpc" + }, + "ElasticLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The load balancer listener.", + "title": "ElasticLoadBalancerListener" + }, + "Explanations": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.Explanation" + }, + "markdownDescription": "The explanation codes.", + "title": "Explanations", + "type": "array" + }, + "InboundHeader": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", + "markdownDescription": "The inbound header.", + "title": "InboundHeader" + }, + "OutboundHeader": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", + "markdownDescription": "The outbound header.", + "title": "OutboundHeader" + }, + "RouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", + "markdownDescription": "The route table route.", + "title": "RouteTableRoute" + }, + "SecurityGroupRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", + "markdownDescription": "The security group rule.", + "title": "SecurityGroupRule" + }, + "SequenceNumber": { + "markdownDescription": "The sequence number.", + "title": "SequenceNumber", + "type": "number" + }, + "ServiceName": { + "markdownDescription": "The name of the VPC endpoint service.", + "title": "ServiceName", + "type": "string" + }, + "SourceVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The source VPC.", + "title": "SourceVpc" + }, + "Subnet": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The subnet.", + "title": "Subnet" + }, + "TransitGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway.", + "title": "TransitGateway" + }, + "TransitGatewayRouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", + "markdownDescription": "The route in a transit gateway route table.", + "title": "TransitGatewayRouteTableRoute" + }, + "Vpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component VPC.", + "title": "Vpc" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.PortRange": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The first port in the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The last port in the range.", + "title": "To", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute": { + "additionalProperties": false, + "properties": { + "AttachmentId": { + "markdownDescription": "The ID of the route attachment.", + "title": "AttachmentId", + "type": "string" + }, + "DestinationCidr": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidr", + "type": "string" + }, + "PrefixListId": { + "markdownDescription": "The ID of the prefix list.", + "title": "PrefixListId", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the resource for the route attachment.", + "title": "ResourceId", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The resource type for the route attachment.", + "title": "ResourceType", + "type": "string" + }, + "RouteOrigin": { + "markdownDescription": "The route origin. The following are the possible values:\n\n- static\n- propagated", + "title": "RouteOrigin", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the route.", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsPath": { "additionalProperties": false, "properties": { "Condition": { @@ -85978,40 +95403,64 @@ "Properties": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The ID of the file system for which to create the mount target.", - "title": "FileSystemId", + "Destination": { + "markdownDescription": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN.", + "title": "Destination", "type": "string" }, - "IpAddress": { - "markdownDescription": "If the `IpAddressType` for the mount target is IPv4 ( `IPV4_ONLY` or `DUAL_STACK` ), then specify the IPv4 address to use. If you do not specify an `IpAddress` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", - "title": "IpAddress", + "DestinationIp": { + "markdownDescription": "The IP address of the destination.", + "title": "DestinationIp", "type": "string" }, - "SecurityGroups": { + "DestinationPort": { + "markdownDescription": "The destination port.", + "title": "DestinationPort", + "type": "number" + }, + "FilterAtDestination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", + "markdownDescription": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address.", + "title": "FilterAtDestination" + }, + "FilterAtSource": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", + "markdownDescription": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port.", + "title": "FilterAtSource" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", + "type": "string" + }, + "Source": { + "markdownDescription": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN.", + "title": "Source", + "type": "string" + }, + "SourceIp": { + "markdownDescription": "The IP address of the source.", + "title": "SourceIp", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). If you don't specify a security group, then Amazon EFS uses the default security group for the subnet's VPC.", - "title": "SecurityGroups", + "markdownDescription": "The tags to add to the path.", + "title": "Tags", "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. The subnet type must be the same type as the `IpAddressType` .", - "title": "SubnetId", - "type": "string" } }, "required": [ - "FileSystemId", - "SecurityGroups", - "SubnetId" + "Protocol", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::EFS::MountTarget" + "AWS::EC2::NetworkInsightsPath" ], "type": "string" }, @@ -86030,7 +95479,49 @@ ], "type": "object" }, - "AWS::EKS::AccessEntry": { + "AWS::EC2::NetworkInsightsPath.FilterPortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The first port in the range.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The last port in the range.", + "title": "ToPort", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsPath.PathFilter": { + "additionalProperties": false, + "properties": { + "DestinationAddress": { + "markdownDescription": "The destination IPv4 address.", + "title": "DestinationAddress", + "type": "string" + }, + "DestinationPortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", + "markdownDescription": "The destination port range.", + "title": "DestinationPortRange" + }, + "SourceAddress": { + "markdownDescription": "The source IPv4 address.", + "title": "SourceAddress", + "type": "string" + }, + "SourcePortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", + "markdownDescription": "The source port range.", + "title": "SourcePortRange" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterface": { "additionalProperties": false, "properties": { "Condition": { @@ -86065,60 +95556,113 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.ConnectionTrackingSpecification", + "markdownDescription": "A connection tracking specification for the network interface.", + "title": "ConnectionTrackingSpecification" + }, + "Description": { + "markdownDescription": "A description for the network interface.", + "title": "Description", + "type": "string" + }, + "GroupSet": { "items": { - "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessPolicy" + "type": "string" }, - "markdownDescription": "The access policies to associate to the access entry.", - "title": "AccessPolicies", + "markdownDescription": "The IDs of the security groups associated with this network interface.", + "title": "GroupSet", "type": "array" }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", + "InterfaceType": { + "markdownDescription": "The type of network interface. The default is `interface` . The supported values are `efa` and `trunk` .", + "title": "InterfaceType", "type": "string" }, - "KubernetesGroups": { + "Ipv4PrefixCount": { + "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", + "title": "Ipv4PrefixCount", + "type": "number" + }, + "Ipv4Prefixes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv4PrefixSpecification" }, - "markdownDescription": "The value for `name` that you've specified for `kind: Group` as a `subject` in a Kubernetes `RoleBinding` or `ClusterRoleBinding` object. Amazon EKS doesn't confirm that the value for `name` exists in any bindings on your cluster. You can specify one or more names.\n\nKubernetes authorizes the `principalArn` of the access entry to access any cluster objects that you've specified in a Kubernetes `Role` or `ClusterRole` object that is also specified in a binding's `roleRef` . For more information about creating Kubernetes `RoleBinding` , `ClusterRoleBinding` , `Role` , or `ClusterRole` objects, see [Using RBAC Authorization in the Kubernetes documentation](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/access-authn-authz/rbac/) .\n\nIf you want Amazon EKS to authorize the `principalArn` (instead of, or in addition to Kubernetes authorizing the `principalArn` ), you can associate one or more access policies to the access entry using `AssociateAccessPolicy` . If you associate any access policies, the `principalARN` has all permissions assigned in the associated access policies and all permissions in any Kubernetes `Role` or `ClusterRole` objects that the group names are bound to.", - "title": "KubernetesGroups", + "markdownDescription": "The IPv4 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", + "title": "Ipv4Prefixes", "type": "array" }, - "PrincipalArn": { - "markdownDescription": "The ARN of the IAM principal for the `AccessEntry` . You can specify one ARN for each access entry. You can't specify the same ARN in more than one access entry. This value can't be changed after access entry creation.\n\nThe valid principals differ depending on the type of the access entry in the `type` field. For `STANDARD` access entries, you can use every IAM principal type. For nodes ( `EC2` (for EKS Auto Mode), `EC2_LINUX` , `EC2_WINDOWS` , `FARGATE_LINUX` , and `HYBRID_LINUX` ), the only valid ARN is IAM roles. You can't use the STS session principal type with access entries because this is a temporary principal for each session and not a permanent identity that can be assigned permissions.\n\n[IAM best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) recommend using IAM roles with temporary credentials, rather than IAM users with long-term credentials.", - "title": "PrincipalArn", - "type": "string" + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the `Ipv6Addresses` property and don't specify this property.\n\nWhen creating a network interface, you can't specify a count of IPv6 addresses if you've specified one of the following: specific IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", + "title": "Ipv6AddressCount", + "type": "number" }, - "Tags": { + "Ipv6Addresses": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::NetworkInterface.InstanceIpv6Address" }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", - "title": "Tags", + "markdownDescription": "The IPv6 addresses from the IPv6 CIDR block range of your subnet to assign to the network interface. If you're specifying a number of IPv6 addresses, use the `Ipv6AddressCount` property and don't specify this property.\n\nWhen creating a network interface, you can't specify IPv6 addresses if you've specified one of the following: a count of IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", + "title": "Ipv6Addresses", "type": "array" }, - "Type": { - "markdownDescription": "The type of the new access entry. Valid values are `STANDARD` , `FARGATE_LINUX` , `EC2_LINUX` , `EC2_WINDOWS` , `EC2` (for EKS Auto Mode), `HYBRID_LINUX` , and `HYPERPOD_LINUX` .\n\nIf the `principalArn` is for an IAM role that's used for self-managed Amazon EC2 nodes, specify `EC2_LINUX` or `EC2_WINDOWS` . Amazon EKS grants the necessary permissions to the node for you. If the `principalArn` is for any other purpose, specify `STANDARD` . If you don't specify a value, Amazon EKS sets the value to `STANDARD` . If you have the access mode of the cluster set to `API_AND_CONFIG_MAP` , it's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the `aws-auth` `ConfigMap` for the roles. You can't change this value once you've created the access entry.\n\nIf you set the value to `EC2_LINUX` or `EC2_WINDOWS` , you can't specify values for `kubernetesGroups` , or associate an `AccessPolicy` to the access entry.", - "title": "Type", + "Ipv6PrefixCount": { + "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", + "title": "Ipv6PrefixCount", + "type": "number" + }, + "Ipv6Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv6PrefixSpecification" + }, + "markdownDescription": "The IPv6 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", + "title": "Ipv6Prefixes", + "type": "array" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address to assign to the network interface as the primary private IP address. If you want to specify multiple private IP addresses, use the `PrivateIpAddresses` property.", + "title": "PrivateIpAddress", "type": "string" }, - "Username": { - "markdownDescription": "The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries) in the *Amazon EKS User Guide* .", - "title": "Username", + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.PrivateIpAddressSpecification" + }, + "markdownDescription": "The private IPv4 addresses to assign to the network interface. You can specify a primary private IP address by setting the value of the `Primary` property to `true` in the `PrivateIpAddressSpecification` property. If you want EC2 to automatically assign private IP addresses, use the `SecondaryPrivateIpAddressCount` property and do not specify this property.\n\nWhen creating a network interface, you can't specify private IPv4 addresses if you've specified one of the following: a count of private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using `privateIpAddresses` .\n\nWhen creating a Network Interface, you can't specify a count of private IPv4 addresses if you've specified one of the following: specific private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SourceDestCheck": { + "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", + "title": "SourceDestCheck", + "type": "boolean" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to associate with the network interface.", + "title": "SubnetId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the network interface.", + "title": "Tags", + "type": "array" } }, "required": [ - "ClusterName", - "PrincipalArn" + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::AccessEntry" + "AWS::EC2::NetworkInterface" ], "type": "string" }, @@ -86137,49 +95681,90 @@ ], "type": "object" }, - "AWS::EKS::AccessEntry.AccessPolicy": { + "AWS::EC2::NetworkInterface.ConnectionTrackingSpecification": { "additionalProperties": false, "properties": { - "AccessScope": { - "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessScope", - "markdownDescription": "The scope of an `AccessPolicy` that's associated to an `AccessEntry` .", - "title": "AccessScope" + "TcpEstablishedTimeout": { + "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", + "title": "TcpEstablishedTimeout", + "type": "number" }, - "PolicyArn": { - "markdownDescription": "The ARN of the access policy.", - "title": "PolicyArn", + "UdpStreamTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", + "title": "UdpStreamTimeout", + "type": "number" + }, + "UdpTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", + "title": "UdpTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterface.InstanceIpv6Address": { + "additionalProperties": false, + "properties": { + "Ipv6Address": { + "markdownDescription": "An IPv6 address to associate with the network interface.", + "title": "Ipv6Address", "type": "string" } }, "required": [ - "AccessScope", - "PolicyArn" + "Ipv6Address" ], "type": "object" }, - "AWS::EKS::AccessEntry.AccessScope": { + "AWS::EC2::NetworkInterface.Ipv4PrefixSpecification": { "additionalProperties": false, "properties": { - "Namespaces": { - "items": { - "type": "string" - }, - "markdownDescription": "A Kubernetes `namespace` that an access policy is scoped to. A value is required if you specified `namespace` for `Type` .", - "title": "Namespaces", - "type": "array" + "Ipv4Prefix": { + "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", + "title": "Ipv4Prefix", + "type": "string" + } + }, + "required": [ + "Ipv4Prefix" + ], + "type": "object" + }, + "AWS::EC2::NetworkInterface.Ipv6PrefixSpecification": { + "additionalProperties": false, + "properties": { + "Ipv6Prefix": { + "markdownDescription": "The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "Ipv6Prefix", + "type": "string" + } + }, + "required": [ + "Ipv6Prefix" + ], + "type": "object" + }, + "AWS::EC2::NetworkInterface.PrivateIpAddressSpecification": { + "additionalProperties": false, + "properties": { + "Primary": { + "markdownDescription": "Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address.", + "title": "Primary", + "type": "boolean" }, - "Type": { - "markdownDescription": "The scope type of an access policy.", - "title": "Type", + "PrivateIpAddress": { + "markdownDescription": "The private IP address of the network interface.", + "title": "PrivateIpAddress", "type": "string" } }, "required": [ - "Type" + "Primary", + "PrivateIpAddress" ], "type": "object" }, - "AWS::EKS::Addon": { + "AWS::EC2::NetworkInterfaceAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -86214,59 +95799,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AddonName": { - "markdownDescription": "The name of the add-on.", - "title": "AddonName", - "type": "string" - }, - "AddonVersion": { - "markdownDescription": "The version of the add-on.", - "title": "AddonVersion", - "type": "string" - }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Whether to delete the network interface when the instance terminates. By default, this value is set to `true` .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "ConfigurationValues": { - "markdownDescription": "The configuration values that you provided.", - "title": "ConfigurationValues", + "DeviceIndex": { + "markdownDescription": "The network interface's position in the attachment order. For example, the first attached network interface has a `DeviceIndex` of 0.", + "title": "DeviceIndex", "type": "string" }, - "PreserveOnDelete": { - "markdownDescription": "Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.", - "title": "PreserveOnDelete", - "type": "boolean" + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification", + "markdownDescription": "Configures ENA Express for the network interface that this action attaches to the instance.", + "title": "EnaSrdSpecification" }, - "ResolveConflicts": { - "markdownDescription": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose:\n\n- *None* \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail.\n- *Overwrite* \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value.\n- *Preserve* \u2013 This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see [`UpdateAddon`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) .\n\nIf you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", - "title": "ResolveConflicts", + "InstanceId": { + "markdownDescription": "The ID of the instance to which you will attach the ENI.", + "title": "InstanceId", "type": "string" }, - "ServiceAccountRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the *Amazon EKS User Guide* .\n\n> To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see [Enabling IAM roles for service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the *Amazon EKS User Guide* .", - "title": "ServiceAccountRoleArn", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the ENI that you want to attach.", + "title": "NetworkInterfaceId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.", - "title": "Tags", - "type": "array" } }, "required": [ - "AddonName", - "ClusterName" + "DeviceIndex", + "InstanceId", + "NetworkInterfaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::Addon" + "AWS::EC2::NetworkInterfaceAttachment" ], "type": "string" }, @@ -86285,7 +95853,34 @@ ], "type": "object" }, - "AWS::EKS::Cluster": { + "AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterfacePermission": { "additionalProperties": false, "properties": { "Condition": { @@ -86320,72 +95915,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.AccessConfig", - "markdownDescription": "The access configuration for the cluster.", - "title": "AccessConfig" - }, - "EncryptionConfig": { - "items": { - "$ref": "#/definitions/AWS::EKS::Cluster.EncryptionConfig" - }, - "markdownDescription": "The encryption configuration for the cluster.", - "title": "EncryptionConfig", - "type": "array" - }, - "KubernetesNetworkConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.KubernetesNetworkConfig", - "markdownDescription": "The Kubernetes network configuration for the cluster.", - "title": "KubernetesNetworkConfig" - }, - "Logging": { - "$ref": "#/definitions/AWS::EKS::Cluster.Logging", - "markdownDescription": "The logging configuration for your cluster.", - "title": "Logging" - }, - "Name": { - "markdownDescription": "The unique name to give to your cluster. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphanumeric character and can't be longer than 100 characters. The name must be unique within the AWS Region and AWS account that you're creating the cluster in. Note that underscores can't be used in AWS CloudFormation .", - "title": "Name", + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", "type": "string" }, - "OutpostConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.OutpostConfig", - "markdownDescription": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", - "title": "OutpostConfig" - }, - "ResourcesVpcConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.ResourcesVpcConfig", - "markdownDescription": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.", - "title": "ResourcesVpcConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see [Amazon EKS Service IAM Role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the **Amazon EKS User Guide** .", - "title": "RoleArn", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.\n\n> You must have the `eks:TagResource` and `eks:UntagResource` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", - "title": "Tags", - "type": "array" - }, - "Version": { - "markdownDescription": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used.\n\n> The default version might not be the latest version available.", - "title": "Version", + "Permission": { + "markdownDescription": "The type of permission to grant: `INSTANCE-ATTACH` or `EIP-ASSOCIATE` .", + "title": "Permission", "type": "string" } }, "required": [ - "ResourcesVpcConfig", - "RoleArn" + "AwsAccountId", + "NetworkInterfaceId", + "Permission" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::Cluster" + "AWS::EC2::NetworkInterfacePermission" ], "type": "string" }, @@ -86404,192 +95959,92 @@ ], "type": "object" }, - "AWS::EKS::Cluster.AccessConfig": { + "AWS::EC2::NetworkPerformanceMetricSubscription": { "additionalProperties": false, "properties": { - "AuthenticationMode": { - "markdownDescription": "The desired authentication mode for the cluster. If you create a cluster by using the EKS API, AWS SDKs, or AWS CloudFormation , the default is `CONFIG_MAP` . If you create the cluster by using the AWS Management Console , the default value is `API_AND_CONFIG_MAP` .", - "title": "AuthenticationMode", + "Condition": { "type": "string" }, - "BootstrapClusterCreatorAdminPermissions": { - "markdownDescription": "Specifies whether or not the cluster creator IAM principal was set as a cluster admin access entry during cluster creation time. The default value is `true` .", - "title": "BootstrapClusterCreatorAdminPermissions", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.ClusterLogging": { - "additionalProperties": false, - "properties": { - "EnabledTypes": { - "items": { - "$ref": "#/definitions/AWS::EKS::Cluster.LoggingTypeConfig" - }, - "markdownDescription": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n> When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it.", - "title": "EnabledTypes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.ControlPlanePlacement": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the placement group for the Kubernetes control plane instances. This property is only used for a local cluster on an AWS Outpost.", - "title": "GroupName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.EncryptionConfig": { - "additionalProperties": false, - "properties": { - "Provider": { - "$ref": "#/definitions/AWS::EKS::Cluster.Provider", - "markdownDescription": "The encryption provider for the cluster.", - "title": "Provider" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the resources to be encrypted. The only supported value is `secrets` .", - "title": "Resources", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.KubernetesNetworkConfig": { - "additionalProperties": false, - "properties": { - "IpFamily": { - "markdownDescription": "Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you don't specify a value, `ipv4` is used by default. You can only specify an IP family when you create a cluster and can't change this value once the cluster is created. If you specify `ipv6` , the VPC and subnets that you specify for cluster creation must have both `IPv4` and `IPv6` CIDR blocks assigned to them. You can't specify `ipv6` for clusters in China Regions.\n\nYou can only specify `ipv6` for `1.21` and later clusters that use version `1.10.1` or later of the Amazon VPC CNI add-on. If you specify `ipv6` , then ensure that your VPC meets the requirements listed in the considerations listed in [Assigning IPv6 addresses to pods and services](https://docs.aws.amazon.com/eks/latest/userguide/cni-ipv6.html) in the *Amazon EKS User Guide* . Kubernetes assigns services `IPv6` addresses from the unique local address range `(fc00::/7)` . You can't specify a custom `IPv6` CIDR block. Pod addresses are assigned from the subnet's `IPv6` CIDR.", - "title": "IpFamily", - "type": "string" - }, - "ServiceIpv4Cidr": { - "markdownDescription": "Don't specify a value if you select `ipv6` for *ipFamily* . The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the `10.100.0.0/16` or `172.20.0.0/16` CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:\n\n- Within one of the following private IP address blocks: `10.0.0.0/8` , `172.16.0.0/12` , or `192.168.0.0/16` .\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between `/24` and `/12` .\n\n> You can only specify a custom CIDR block when you create a cluster. You can't change this value after the cluster is created.", - "title": "ServiceIpv4Cidr", - "type": "string" - }, - "ServiceIpv6Cidr": { - "markdownDescription": "The CIDR block that Kubernetes pod and service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster. Kubernetes assigns service addresses from the unique local address range ( `fc00::/7` ) because you can't specify a custom IPv6 CIDR block when you create the cluster.", - "title": "ServiceIpv6Cidr", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.Logging": { - "additionalProperties": false, - "properties": { - "ClusterLogging": { - "$ref": "#/definitions/AWS::EKS::Cluster.ClusterLogging", - "markdownDescription": "The cluster control plane logging configuration for your cluster.", - "title": "ClusterLogging" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.LoggingTypeConfig": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The name of the log type.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.OutpostConfig": { - "additionalProperties": false, - "properties": { - "ControlPlaneInstanceType": { - "markdownDescription": "The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. Choose an instance type based on the number of nodes that your cluster will have. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .\n\nThe instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. The control plane is not automatically scaled by Amazon EKS.", - "title": "ControlPlaneInstanceType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ControlPlanePlacement": { - "$ref": "#/definitions/AWS::EKS::Cluster.ControlPlanePlacement", - "markdownDescription": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on an AWS Outpost. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .", - "title": "ControlPlanePlacement" - }, - "OutpostArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. Only a single Outpost ARN is supported.", - "title": "OutpostArns", - "type": "array" - } - }, - "required": [ - "ControlPlaneInstanceType", - "OutpostArns" - ], - "type": "object" - }, - "AWS::EKS::Cluster.Provider": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "markdownDescription": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric and created in the same AWS Region as the cluster. If the KMS key was created in a different account, the [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) must have access to the KMS key. For more information, see [Allowing users in other accounts to use a KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.ResourcesVpcConfig": { - "additionalProperties": false, - "properties": { - "EndpointPrivateAccess": { - "markdownDescription": "Set this value to `true` to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is `false` , which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", - "title": "EndpointPrivateAccess", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "EndpointPublicAccess": { - "markdownDescription": "Set this value to `false` to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is `true` , which enables public access for your Kubernetes API server. The endpoint domain name and IP address family depends on the value of the `ipFamily` for the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", - "title": "EndpointPublicAccess", - "type": "boolean" + "Metadata": { + "type": "object" }, - "PublicAccessCidrs": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The Region or Availability Zone that's the target for the subscription. For example, `eu-west-1` .", + "title": "Destination", + "type": "string" + }, + "Metric": { + "markdownDescription": "The metric used for the subscription.", + "title": "Metric", + "type": "string" + }, + "Source": { + "markdownDescription": "The Region or Availability Zone that's the source for the subscription. For example, `us-east-1` .", + "title": "Source", + "type": "string" + }, + "Statistic": { + "markdownDescription": "The statistic used for the subscription.", + "title": "Statistic", + "type": "string" + } }, - "markdownDescription": "The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is `0.0.0.0/0` and additionally `::/0` for dual-stack `IPv6` clusters. If you've disabled private endpoint access, make sure that you specify the necessary CIDR blocks for every node and AWS Fargate `Pod` in the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .\n\nNote that the public endpoints are dual-stack for only `IPv6` clusters that are made after October 2024. You can't add `IPv6` CIDR blocks to `IPv4` clusters or `IPv6` clusters that were made before October 2024.", - "title": "PublicAccessCidrs", - "type": "array" + "required": [ + "Destination", + "Metric", + "Source", + "Statistic" + ], + "type": "object" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see [Amazon EKS security group considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the **Amazon EKS User Guide** .", - "title": "SecurityGroupIds", - "type": "array" + "Type": { + "enum": [ + "AWS::EC2::NetworkPerformanceMetricSubscription" + ], + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.", - "title": "SubnetIds", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "SubnetIds" + "Type", + "Properties" ], "type": "object" }, - "AWS::EKS::FargateProfile": { + "AWS::EC2::PlacementGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -86624,56 +96079,35 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" + "PartitionCount": { + "markdownDescription": "The number of partitions. Valid only when *Strategy* is set to `partition` .", + "title": "PartitionCount", + "type": "number" }, - "FargateProfileName": { - "markdownDescription": "The name of the Fargate profile.", - "title": "FargateProfileName", + "SpreadLevel": { + "markdownDescription": "Determines how placement groups spread instances.\n\n- Host \u2013 You can use `host` only with Outpost placement groups.\n- Rack \u2013 No usage restrictions.", + "title": "SpreadLevel", "type": "string" }, - "PodExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `Pod` execution role to use for a `Pod` that matches the selectors in the Fargate profile. The `Pod` execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see [`Pod` execution role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) in the *Amazon EKS User Guide* .", - "title": "PodExecutionRoleArn", + "Strategy": { + "markdownDescription": "The placement strategy.", + "title": "Strategy", "type": "string" }, - "Selectors": { - "items": { - "$ref": "#/definitions/AWS::EKS::FargateProfile.Selector" - }, - "markdownDescription": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile.", - "title": "Selectors", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", - "title": "Subnets", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "markdownDescription": "The tags to apply to the new placement group.", "title": "Tags", "type": "array" } }, - "required": [ - "ClusterName", - "PodExecutionRoleArn", - "Selectors" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::FargateProfile" + "AWS::EC2::PlacementGroup" ], "type": "string" }, @@ -86687,54 +96121,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EKS::FargateProfile.Label": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "Enter a key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "Enter a value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EKS::FargateProfile.Selector": { - "additionalProperties": false, - "properties": { - "Labels": { - "items": { - "$ref": "#/definitions/AWS::EKS::FargateProfile.Label" - }, - "markdownDescription": "The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.", - "title": "Labels", - "type": "array" - }, - "Namespace": { - "markdownDescription": "The Kubernetes `namespace` that the selector should match.", - "title": "Namespace", - "type": "string" - } - }, - "required": [ - "Namespace" + "Type" ], "type": "object" }, - "AWS::EKS::IdentityProviderConfig": { + "AWS::EC2::PrefixList": { "additionalProperties": false, "properties": { "Condition": { @@ -86769,44 +96160,47 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", + "AddressFamily": { + "markdownDescription": "The IP address type.\n\nValid Values: `IPv4` | `IPv6`", + "title": "AddressFamily", "type": "string" }, - "IdentityProviderConfigName": { - "markdownDescription": "The name of the configuration.", - "title": "IdentityProviderConfigName", - "type": "string" + "Entries": { + "items": { + "$ref": "#/definitions/AWS::EC2::PrefixList.Entry" + }, + "markdownDescription": "The entries for the prefix list.", + "title": "Entries", + "type": "array" }, - "Oidc": { - "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig", - "markdownDescription": "An object representing an OpenID Connect (OIDC) identity provider configuration.", - "title": "Oidc" + "MaxEntries": { + "markdownDescription": "The maximum number of entries for the prefix list. You can't modify the entries and the size of a prefix list at the same time.\n\nThis property is required when you create a prefix list.", + "title": "MaxEntries", + "type": "number" + }, + "PrefixListName": { + "markdownDescription": "A name for the prefix list.\n\nConstraints: Up to 255 characters in length. The name cannot start with `com.amazonaws` .", + "title": "PrefixListName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "markdownDescription": "The tags for the prefix list.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the identity provider configuration. The only type available is `oidc` .", - "title": "Type", - "type": "string" } }, "required": [ - "ClusterName", - "Type" + "AddressFamily", + "PrefixListName" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::IdentityProviderConfig" + "AWS::EC2::PrefixList" ], "type": "string" }, @@ -86825,75 +96219,26 @@ ], "type": "object" }, - "AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig": { - "additionalProperties": false, - "properties": { - "ClientId": { - "markdownDescription": "This is also known as *audience* . The ID of the client application that makes authentication requests to the OIDC identity provider.", - "title": "ClientId", - "type": "string" - }, - "GroupsClaim": { - "markdownDescription": "The JSON web token (JWT) claim that the provider uses to return your groups.", - "title": "GroupsClaim", - "type": "string" - }, - "GroupsPrefix": { - "markdownDescription": "The prefix that is prepended to group claims to prevent clashes with existing names (such as `system:` groups). For example, the value `oidc:` creates group names like `oidc:engineering` and `oidc:infra` . The prefix can't contain `system:`", - "title": "GroupsPrefix", - "type": "string" - }, - "IssuerUrl": { - "markdownDescription": "The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.", - "title": "IssuerUrl", - "type": "string" - }, - "RequiredClaims": { - "items": { - "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.RequiredClaim" - }, - "markdownDescription": "The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.", - "title": "RequiredClaims", - "type": "array" - }, - "UsernameClaim": { - "markdownDescription": "The JSON Web token (JWT) claim that is used as the username.", - "title": "UsernameClaim", - "type": "string" - }, - "UsernamePrefix": { - "markdownDescription": "The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain `system:`", - "title": "UsernamePrefix", - "type": "string" - } - }, - "required": [ - "ClientId", - "IssuerUrl" - ], - "type": "object" - }, - "AWS::EKS::IdentityProviderConfig.RequiredClaim": { + "AWS::EC2::PrefixList.Entry": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key to match from the token.", - "title": "Key", + "Cidr": { + "markdownDescription": "The CIDR block.", + "title": "Cidr", "type": "string" }, - "Value": { - "markdownDescription": "The value for the key from the token.", - "title": "Value", + "Description": { + "markdownDescription": "A description for the entry.\n\nConstraints: Up to 255 characters in length.", + "title": "Description", "type": "string" } }, "required": [ - "Key", - "Value" + "Cidr" ], "type": "object" }, - "AWS::EKS::Nodegroup": { + "AWS::EC2::Route": { "additionalProperties": false, "properties": { "Condition": { @@ -86928,128 +96273,90 @@ "Properties": { "additionalProperties": false, "properties": { - "AmiType": { - "markdownDescription": "The AMI type for your node group. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `amiType` , or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add `eks:kube-proxy-windows` to your Windows nodes `rolearn` in the `aws-auth` `ConfigMap` . For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "AmiType", + "CarrierGatewayId": { + "markdownDescription": "The ID of the carrier gateway.\n\nYou can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone.", + "title": "CarrierGatewayId", "type": "string" }, - "CapacityType": { - "markdownDescription": "The capacity type of your managed node group.", - "title": "CapacityType", + "CoreNetworkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the core network.", + "title": "CoreNetworkArn", "type": "string" }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", + "DestinationCidrBlock": { + "markdownDescription": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .", + "title": "DestinationCidrBlock", "type": "string" }, - "DiskSize": { - "markdownDescription": "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify `launchTemplate` , then don't specify `diskSize` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "DiskSize", - "type": "number" - }, - "ForceUpdateEnabled": { - "markdownDescription": "Force the update if any `Pod` on the existing node group can't be drained due to a `Pod` disruption budget issue. If an update fails because all Pods can't be drained, you can force the update after it fails to terminate the old node whether or not any `Pod` is running on the node.", - "title": "ForceUpdateEnabled", - "type": "boolean" - }, - "InstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the `amiType` parameter. If you specify `launchTemplate` , then you can specify zero or one instance type in your launch template *or* you can specify 0-20 instance types for `instanceTypes` . If however, you specify an instance type in your launch template *and* specify any `instanceTypes` , the node group deployment will fail. If you don't specify an instance type in a launch template or for `instanceTypes` , then `t3.medium` is used, by default. If you specify `Spot` for `capacityType` , then we recommend specifying multiple values for `instanceTypes` . For more information, see [Managed node group capacity types](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "InstanceTypes", - "type": "array" - }, - "Labels": { - "additionalProperties": true, - "markdownDescription": "The Kubernetes `labels` applied to the nodes in the node group.\n\n> Only `labels` that are applied with the Amazon EKS API are shown here. There may be other Kubernetes `labels` applied to the nodes in this group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Labels", - "type": "object" + "DestinationIpv6CidrBlock": { + "markdownDescription": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.", + "title": "DestinationIpv6CidrBlock", + "type": "string" }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.LaunchTemplateSpecification", - "markdownDescription": "An object representing a node group's launch template specification. When using this object, don't directly specify `instanceTypes` , `diskSize` , or `remoteAccess` . You cannot later specify a different launch template ID or name than what was used to create the node group.\n\nMake sure that the launch template meets the requirements in `launchTemplateSpecification` . Also refer to [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "LaunchTemplate" + "DestinationPrefixListId": { + "markdownDescription": "The ID of a prefix list used for the destination match.", + "title": "DestinationPrefixListId", + "type": "string" }, - "NodeRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the **Amazon EKS User Guide** . If you specify `launchTemplate` , then don't specify `[IamInstanceProfile](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "NodeRole", + "EgressOnlyInternetGatewayId": { + "markdownDescription": "[IPv6 traffic only] The ID of an egress-only internet gateway.", + "title": "EgressOnlyInternetGatewayId", "type": "string" }, - "NodegroupName": { - "markdownDescription": "The unique name to give your node group.", - "title": "NodegroupName", + "GatewayId": { + "markdownDescription": "The ID of an internet gateway or virtual private gateway attached to your VPC.", + "title": "GatewayId", "type": "string" }, - "ReleaseVersion": { - "markdownDescription": "The AMI version of the Amazon EKS optimized AMI to use with your node group (for example, `1.14.7- *YYYYMMDD*` ). By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see [Amazon EKS optimized Linux AMI Versions](https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the *Amazon EKS User Guide* .\n\n> Changing this value triggers an update of the node group if one is available. You can't update other properties at the same time as updating `Release Version` .", - "title": "ReleaseVersion", + "InstanceId": { + "markdownDescription": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.", + "title": "InstanceId", "type": "string" }, - "RemoteAccess": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.RemoteAccess", - "markdownDescription": "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify `launchTemplate` , then don't specify `remoteAccess` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "RemoteAccess" + "LocalGatewayId": { + "markdownDescription": "The ID of the local gateway.", + "title": "LocalGatewayId", + "type": "string" }, - "ScalingConfig": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.ScalingConfig", - "markdownDescription": "The scaling configuration details for the Auto Scaling group that is created for your node group.", - "title": "ScalingConfig" + "NatGatewayId": { + "markdownDescription": "[IPv4 traffic only] The ID of a NAT gateway.", + "title": "NatGatewayId", + "type": "string" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnets to use for the Auto Scaling group that is created for your node group. If you specify `launchTemplate` , then don't specify `[SubnetId](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "Subnets", - "type": "array" + "NetworkInterfaceId": { + "markdownDescription": "The ID of a network interface.", + "title": "NetworkInterfaceId", + "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "RouteTableId": { + "markdownDescription": "The ID of the route table for the route.", + "title": "RouteTableId", + "type": "string" }, - "Taints": { - "items": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.Taint" - }, - "markdownDescription": "The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of `No_Schedule` , `Prefer_No_Schedule` , or `No_Execute` . Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see [Node taints on managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html) .", - "title": "Taints", - "type": "array" + "TransitGatewayId": { + "markdownDescription": "The ID of a transit gateway.", + "title": "TransitGatewayId", + "type": "string" }, - "UpdateConfig": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.UpdateConfig", - "markdownDescription": "The node group update configuration.", - "title": "UpdateConfig" + "VpcEndpointId": { + "markdownDescription": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.", + "title": "VpcEndpointId", + "type": "string" }, - "Version": { - "markdownDescription": "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `version` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Launch template support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .\n\n> You can't update other properties at the same time as updating `Version` .", - "title": "Version", + "VpcPeeringConnectionId": { + "markdownDescription": "The ID of a VPC peering connection.", + "title": "VpcPeeringConnectionId", "type": "string" } }, "required": [ - "ClusterName", - "NodeRole", - "Subnets" + "RouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::Nodegroup" + "AWS::EC2::Route" ], "type": "string" }, @@ -87068,108 +96375,170 @@ ], "type": "object" }, - "AWS::EKS::Nodegroup.LaunchTemplateSpecification": { + "AWS::EC2::RouteServer": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name in the request, but not both. After node group creation, you cannot use a different ID.", - "title": "Id", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template name or the launch template ID in the request, but not both. After node group creation, you cannot use a different name.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version number of the launch template to use. If no version is specified, then the template's default version is used. You can use a different version for node group updates.", - "title": "Version", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EKS::Nodegroup.RemoteAccess": { - "additionalProperties": false, - "properties": { - "Ec2SshKey": { - "markdownDescription": "The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* .", - "title": "Ec2SshKey", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceSecurityGroups": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmazonSideAsn": { + "markdownDescription": "The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512\u201365534 (16-bit ASN) or 4200000000\u20134294967294 (32-bit ASN) range.", + "title": "AmazonSideAsn", + "type": "number" + }, + "PersistRoutes": { + "markdownDescription": "Indicates whether routes should be persisted after all BGP sessions are terminated.", + "title": "PersistRoutes", + "type": "string" + }, + "PersistRoutesDuration": { + "markdownDescription": "The number of minutes a route server will wait after BGP is re-established to unpersist the routes in the FIB and RIB. Value must be in the range of 1-5. The default value is 1. Only valid if `persistRoutesState` is 'enabled'.\n\nIf you set the duration to 1 minute, then when your network appliance re-establishes BGP with route server, it has 1 minute to relearn it's adjacent network and advertise those routes to route server before route server resumes normal functionality. In most cases, 1 minute is probably sufficient. If, however, you have concerns that your BGP network may not be capable of fully re-establishing and re-learning everything in 1 minute, you can increase the duration up to 5 minutes.", + "title": "PersistRoutesDuration", + "type": "number" + }, + "SnsNotificationsEnabled": { + "markdownDescription": "Indicates whether SNS notifications are enabled for the route server. Enabling SNS notifications persists BGP status changes to an SNS topic provisioned by AWS .", + "title": "SnsNotificationsEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the route server.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "SourceSecurityGroups", - "type": "array" - } - }, - "required": [ - "Ec2SshKey" - ], - "type": "object" - }, - "AWS::EKS::Nodegroup.ScalingConfig": { - "additionalProperties": false, - "properties": { - "DesiredSize": { - "markdownDescription": "The current number of nodes that the managed node group should maintain.\n\n> If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. \n\nWhenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template.\n\nThis parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` .", - "title": "DesiredSize", - "type": "number" + "required": [ + "AmazonSideAsn" + ], + "type": "object" }, - "MaxSize": { - "markdownDescription": "The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* .", - "title": "MaxSize", - "type": "number" + "Type": { + "enum": [ + "AWS::EC2::RouteServer" + ], + "type": "string" }, - "MinSize": { - "markdownDescription": "The minimum number of nodes that the managed node group can scale in to.", - "title": "MinSize", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EKS::Nodegroup.Taint": { + "AWS::EC2::RouteServerAssociation": { "additionalProperties": false, "properties": { - "Effect": { - "markdownDescription": "The effect of the taint.", - "title": "Effect", + "Condition": { "type": "string" }, - "Key": { - "markdownDescription": "The key of the taint.", - "title": "Key", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Value": { - "markdownDescription": "The value of the taint.", - "title": "Value", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RouteServerId": { + "markdownDescription": "The ID of the associated route server.", + "title": "RouteServerId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the associated VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "RouteServerId", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::RouteServerAssociation" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::EKS::Nodegroup.UpdateConfig": { - "additionalProperties": false, - "properties": { - "MaxUnavailable": { - "markdownDescription": "The maximum number of nodes unavailable at once during a version update. Nodes are updated in parallel. This value or `maxUnavailablePercentage` is required to have a value.The maximum number is 100.", - "title": "MaxUnavailable", - "type": "number" }, - "MaxUnavailablePercentage": { - "markdownDescription": "The maximum percentage of nodes unavailable during a version update. This percentage of nodes are updated in parallel, up to 100 nodes at once. This value or `maxUnavailable` is required to have a value.", - "title": "MaxUnavailablePercentage", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EKS::PodIdentityAssociation": { + "AWS::EC2::RouteServerEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -87204,46 +96573,34 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterName": { - "markdownDescription": "The name of the cluster that the association is in.", - "title": "ClusterName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the Pods that use the service account must be in this namespace.", - "title": "Namespace", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", - "title": "RoleArn", + "RouteServerId": { + "markdownDescription": "The ID of the route server associated with this endpoint.", + "title": "RouteServerId", "type": "string" }, - "ServiceAccount": { - "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", - "title": "ServiceAccount", + "SubnetId": { + "markdownDescription": "The ID of the subnet to place the route server endpoint into.", + "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "Any tags assigned to the route server endpoint.", "title": "Tags", "type": "array" } }, "required": [ - "ClusterName", - "Namespace", - "RoleArn", - "ServiceAccount" + "RouteServerId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::PodIdentityAssociation" + "AWS::EC2::RouteServerEndpoint" ], "type": "string" }, @@ -87262,7 +96619,7 @@ ], "type": "object" }, - "AWS::EMR::Cluster": { + "AWS::EC2::RouteServerPeer": { "additionalProperties": false, "properties": { "Condition": { @@ -87297,171 +96654,40 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInfo": { - "markdownDescription": "A JSON string for selecting additional features.", - "title": "AdditionalInfo", - "type": "object" - }, - "Applications": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Application" - }, - "markdownDescription": "The applications to install on this cluster, for example, Spark, Flink, Oozie, Zeppelin, and so on.", - "title": "Applications", - "type": "array" - }, - "AutoScalingRole": { - "markdownDescription": "An IAM role for automatic scaling policies. The default role is `EMR_AutoScaling_DefaultRole` . The IAM role provides permissions that the automatic scaling feature requires to launch and terminate Amazon EC2 instances in an instance group.", - "title": "AutoScalingRole", - "type": "string" - }, - "AutoTerminationPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.AutoTerminationPolicy", - "markdownDescription": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see [Control cluster termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) .", - "title": "AutoTerminationPolicy" - }, - "BootstrapActions": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.BootstrapActionConfig" - }, - "markdownDescription": "A list of bootstrap actions to run before Hadoop starts on the cluster nodes.", - "title": "BootstrapActions", - "type": "array" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", - "title": "Configurations", - "type": "array" - }, - "CustomAmiId": { - "markdownDescription": "Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsRootVolumeIops": { - "markdownDescription": "The IOPS, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", - "title": "EbsRootVolumeIops", - "type": "number" - }, - "EbsRootVolumeSize": { - "markdownDescription": "The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.", - "title": "EbsRootVolumeSize", - "type": "number" - }, - "EbsRootVolumeThroughput": { - "markdownDescription": "The throughput, in MiB/s, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", - "title": "EbsRootVolumeThroughput", - "type": "number" - }, - "Instances": { - "$ref": "#/definitions/AWS::EMR::Cluster.JobFlowInstancesConfig", - "markdownDescription": "A specification of the number and type of Amazon EC2 instances.", - "title": "Instances" - }, - "JobFlowRole": { - "markdownDescription": "Also called instance profile and Amazon EC2 role. An IAM role for an Amazon EMR cluster. The Amazon EC2 instances of the cluster assume this role. The default role is `EMR_EC2_DefaultRole` . In order to use the default role, you must have already created it using the AWS CLI or console.", - "title": "JobFlowRole", - "type": "string" - }, - "KerberosAttributes": { - "$ref": "#/definitions/AWS::EMR::Cluster.KerberosAttributes", - "markdownDescription": "Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration. For more information see [Use Kerberos Authentication](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-kerberos.html) in the *Amazon EMR Management Guide* .", - "title": "KerberosAttributes" - }, - "LogEncryptionKmsKeyId": { - "markdownDescription": "The AWS KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding Amazon EMR 6.0.0.", - "title": "LogEncryptionKmsKeyId", - "type": "string" - }, - "LogUri": { - "markdownDescription": "The path to the Amazon S3 location where logs for this cluster are stored.", - "title": "LogUri", - "type": "string" - }, - "ManagedScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.ManagedScalingPolicy", - "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "ManagedScalingPolicy" - }, - "Name": { - "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", - "title": "Name", - "type": "string" - }, - "OSReleaseLabel": { - "markdownDescription": "The Amazon Linux release specified in a cluster launch RunJobFlow request. If no Amazon Linux release was specified, the default Amazon Linux release is shown in the response.", - "title": "OSReleaseLabel", - "type": "string" - }, - "PlacementGroupConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.PlacementGroupConfig" - }, - "markdownDescription": "", - "title": "PlacementGroupConfigs", - "type": "array" - }, - "ReleaseLabel": { - "markdownDescription": "The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form `emr-x.x.x` , where x.x.x is an Amazon EMR release version such as `emr-5.14.0` . For more information about Amazon EMR release versions and included application versions and features, see [](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/) . The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use `AmiVersion` .", - "title": "ReleaseLabel", - "type": "string" - }, - "ScaleDownBehavior": { - "markdownDescription": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. `TERMINATE_AT_INSTANCE_HOUR` indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. `TERMINATE_AT_TASK_COMPLETION` indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. `TERMINATE_AT_TASK_COMPLETION` is available only in Amazon EMR releases 4.1.0 and later, and is the default for versions of Amazon EMR earlier than 5.1.0.", - "title": "ScaleDownBehavior", - "type": "string" + "BgpOptions": { + "$ref": "#/definitions/AWS::EC2::RouteServerPeer.BgpOptions", + "markdownDescription": "The BGP configuration options for this peer, including ASN (Autonomous System Number) and BFD (Bidrectional Forwarding Detection) settings.", + "title": "BgpOptions" }, - "SecurityConfiguration": { - "markdownDescription": "The name of the security configuration applied to the cluster.", - "title": "SecurityConfiguration", + "PeerAddress": { + "markdownDescription": "The IPv4 address of the peer device.", + "title": "PeerAddress", "type": "string" }, - "ServiceRole": { - "markdownDescription": "The IAM role that Amazon EMR assumes in order to access AWS resources on your behalf.", - "title": "ServiceRole", + "RouteServerEndpointId": { + "markdownDescription": "The ID of the route server endpoint associated with this peer.", + "title": "RouteServerEndpointId", "type": "string" }, - "StepConcurrencyLevel": { - "markdownDescription": "Specifies the number of steps that can be executed concurrently. The default value is `1` . The maximum value is `256` .", - "title": "StepConcurrencyLevel", - "type": "number" - }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.StepConfig" - }, - "markdownDescription": "A list of steps to run.", - "title": "Steps", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags associated with a cluster.", + "markdownDescription": "Any tags assigned to the route server peer.", "title": "Tags", "type": "array" - }, - "VisibleToAllUsers": { - "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", - "title": "VisibleToAllUsers", - "type": "boolean" } }, "required": [ - "Instances", - "JobFlowRole", - "Name", - "ServiceRole" + "BgpOptions", + "PeerAddress", + "RouteServerEndpointId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::Cluster" + "AWS::EC2::RouteServerPeer" ], "type": "string" }, @@ -87480,910 +96706,380 @@ ], "type": "object" }, - "AWS::EMR::Cluster.Application": { + "AWS::EC2::RouteServerPeer.BgpOptions": { "additionalProperties": false, "properties": { - "AdditionalInfo": { - "additionalProperties": true, - "markdownDescription": "This option is for advanced users only. This is meta information about clusters and applications that are used for testing and troubleshooting.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalInfo", - "type": "object" - }, - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "Arguments for Amazon EMR to pass to the application.", - "title": "Args", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", - "type": "string" + "PeerAsn": { + "markdownDescription": "The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512\u201365534 (16-bit ASN) or 4200000000\u20134294967294 (32-bit ASN) range.", + "title": "PeerAsn", + "type": "number" }, - "Version": { - "markdownDescription": "The version of the application.", - "title": "Version", + "PeerLivenessDetection": { + "markdownDescription": "The liveness detection protocol used for the BGP peer.\n\nThe requested liveness detection protocol for the BGP peer.\n\n- `bgp-keepalive` : The standard BGP keep alive mechanism ( [RFC4271](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc4271#page-21) ) that is stable but may take longer to fail-over in cases of network impact or router failure.\n- `bfd` : An additional Bidirectional Forwarding Detection (BFD) protocol ( [RFC5880](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc5880) ) that enables fast failover by using more sensitive liveness detection.\n\nDefaults to `bgp-keepalive` .", + "title": "PeerLivenessDetection", "type": "string" } }, "type": "object" }, - "AWS::EMR::Cluster.AutoScalingPolicy": { + "AWS::EC2::RouteServerPropagation": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingConstraints", - "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", - "title": "Constraints" + "Condition": { + "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingRule" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RouteServerId": { + "markdownDescription": "The ID of the route server configured for route propagation.", + "title": "RouteServerId", + "type": "string" + }, + "RouteTableId": { + "markdownDescription": "The ID of the route table configured for route server propagation.", + "title": "RouteTableId", + "type": "string" + } }, - "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", - "title": "Rules", - "type": "array" + "required": [ + "RouteServerId", + "RouteTableId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::RouteServerPropagation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Constraints", - "Rules" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.AutoTerminationPolicy": { + "AWS::EC2::RouteTable": { "additionalProperties": false, "properties": { - "IdleTimeout": { - "markdownDescription": "Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of 60 seconds and a maximum of 604800 seconds (seven days).", - "title": "IdleTimeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.BootstrapActionConfig": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the bootstrap action.", - "title": "Name", - "type": "string" - }, - "ScriptBootstrapAction": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScriptBootstrapActionConfig", - "markdownDescription": "The script run by the bootstrap action.", - "title": "ScriptBootstrapAction" - } - }, - "required": [ - "Name", - "ScriptBootstrapAction" - ], - "type": "object" - }, - "AWS::EMR::Cluster.CloudWatchAlarmDefinition": { - "additionalProperties": false, - "properties": { - "ComparisonOperator": { - "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", - "title": "ComparisonOperator", - "type": "string" - }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.MetricDimension" - }, - "markdownDescription": "A CloudWatch metric dimension.", - "title": "Dimensions", - "type": "array" - }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", - "title": "EvaluationPeriods", - "type": "number" - }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", - "title": "Namespace", - "type": "string" - }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", - "title": "Statistic", + "Condition": { "type": "string" }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", - "type": "number" - }, - "Unit": { - "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", - "title": "Unit", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "ComparisonOperator", - "MetricName", - "Period", - "Threshold" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ComputeLimits": { - "additionalProperties": false, - "properties": { - "MaximumCapacityUnits": { - "markdownDescription": "The upper boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "MaximumCapacityUnits", - "type": "number" - }, - "MaximumCoreCapacityUnits": { - "markdownDescription": "The upper boundary of Amazon EC2 units for core node type in a cluster. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The core units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between core and task nodes.", - "title": "MaximumCoreCapacityUnits", - "type": "number" - }, - "MaximumOnDemandCapacityUnits": { - "markdownDescription": "The upper boundary of On-Demand Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The On-Demand units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between On-Demand and Spot Instances.", - "title": "MaximumOnDemandCapacityUnits", - "type": "number" }, - "MinimumCapacityUnits": { - "markdownDescription": "The lower boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "MinimumCapacityUnits", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "UnitType": { - "markdownDescription": "The unit type used for specifying a managed scaling policy.", - "title": "UnitType", - "type": "string" - } - }, - "required": [ - "MaximumCapacityUnits", - "MinimumCapacityUnits", - "UnitType" - ], - "type": "object" - }, - "AWS::EMR::Cluster.Configuration": { - "additionalProperties": false, - "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", - "type": "string" + "Metadata": { + "type": "object" }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the route table.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, - "title": "ConfigurationProperties", + "required": [ + "VpcId" + ], "type": "object" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.EbsBlockDeviceConfig": { - "additionalProperties": false, - "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" - }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", - "type": "number" - } - }, - "required": [ - "VolumeSpecification" - ], - "type": "object" - }, - "AWS::EMR::Cluster.EbsConfiguration": { - "additionalProperties": false, - "properties": { - "EbsBlockDeviceConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsBlockDeviceConfig" - }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.HadoopJarStepConfig": { - "additionalProperties": false, - "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", - "title": "Args", - "type": "array" - }, - "Jar": { - "markdownDescription": "A path to a JAR file run during the step.", - "title": "Jar", + "Type": { + "enum": [ + "AWS::EC2::RouteTable" + ], "type": "string" }, - "MainClass": { - "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", - "title": "MainClass", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "StepProperties": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.KeyValue" - }, - "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key-value pairs to your main function.", - "title": "StepProperties", - "type": "array" } }, "required": [ - "Jar" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.InstanceFleetConfig": { - "additionalProperties": false, - "properties": { - "InstanceTypeConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceTypeConfig" - }, - "markdownDescription": "The instance type configurations that define the Amazon EC2 instances in the instance fleet.", - "title": "InstanceTypeConfigs", - "type": "array" - }, - "LaunchSpecifications": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications", - "markdownDescription": "The launch specification for the instance fleet.", - "title": "LaunchSpecifications" - }, - "Name": { - "markdownDescription": "The friendly name of the instance fleet.", - "title": "Name", - "type": "string" - }, - "TargetOnDemandCapacity": { - "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetOnDemandCapacity", - "type": "number" - }, - "TargetSpotCapacity": { - "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetSpotCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications": { - "additionalProperties": false, - "properties": { - "OnDemandSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandProvisioningSpecification", - "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", - "title": "OnDemandSpecification" - }, - "SpotSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.SpotProvisioningSpecification", - "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", - "title": "SpotSpecification" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.InstanceGroupConfig": { + "AWS::EC2::SecurityGroup": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.AutoScalingPolicy", - "markdownDescription": "`AutoScalingPolicy` is a subproperty of the [InstanceGroupConfig](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-emr-cluster-jobflowinstancesconfig-instancegroupconfig.html) property type that specifies the constraints and rules of an automatic scaling policy in Amazon EMR . The automatic scaling policy defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. Only core and task instance groups can use automatic scaling policies. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) .", - "title": "AutoScalingPolicy" - }, - "BidPrice": { - "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", - "title": "BidPrice", - "type": "string" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", - "title": "Configurations", - "type": "array" - }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", - "markdownDescription": "EBS configurations that will be attached to each Amazon EC2 instance in the instance group.", - "title": "EbsConfiguration" - }, - "InstanceCount": { - "markdownDescription": "Target number of instances for the instance group.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", - "title": "InstanceType", + "Condition": { "type": "string" }, - "Market": { - "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", - "title": "Market", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Name": { - "markdownDescription": "Friendly name given to the instance group.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "InstanceCount", - "InstanceType" - ], - "type": "object" - }, - "AWS::EMR::Cluster.InstanceTypeConfig": { - "additionalProperties": false, - "properties": { - "BidPrice": { - "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPrice", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "BidPriceAsPercentageOfOnDemandPrice": { - "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPriceAsPercentageOfOnDemandPrice", - "type": "number" + "Metadata": { + "type": "object" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "Properties": { + "additionalProperties": false, + "properties": { + "GroupDescription": { + "markdownDescription": "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", + "title": "GroupDescription", + "type": "string" + }, + "GroupName": { + "markdownDescription": "The name of the security group. Names are case-insensitive and must be unique within the VPC.\n\nConstraints: Up to 255 characters in length. Can't start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", + "title": "GroupName", + "type": "string" + }, + "SecurityGroupEgress": { + "items": { + "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" + }, + "markdownDescription": "The outbound rules associated with the security group.", + "title": "SecurityGroupEgress", + "type": "array" + }, + "SecurityGroupIngress": { + "items": { + "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" + }, + "markdownDescription": "The inbound rules associated with the security group.", + "title": "SecurityGroupIngress", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the security group.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.", + "title": "VpcId", + "type": "string" + } }, - "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", - "title": "Configurations", - "type": "array" + "required": [ + "GroupDescription" + ], + "type": "object" }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the instance type.", - "title": "CustomAmiId", + "Type": { + "enum": [ + "AWS::EC2::SecurityGroup" + ], "type": "string" }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", - "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", - "title": "EbsConfiguration" - }, - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", - "title": "InstanceType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", - "title": "WeightedCapacity", - "type": "number" } }, "required": [ - "InstanceType" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.JobFlowInstancesConfig": { + "AWS::EC2::SecurityGroup.Egress": { "additionalProperties": false, "properties": { - "AdditionalMasterSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of additional Amazon EC2 security group IDs for the master node.", - "title": "AdditionalMasterSecurityGroups", - "type": "array" - }, - "AdditionalSlaveSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of additional Amazon EC2 security group IDs for the core and task nodes.", - "title": "AdditionalSlaveSecurityGroups", - "type": "array" - }, - "CoreInstanceFleet": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the core instance fleet when using clusters with the instance fleet configuration.", - "title": "CoreInstanceFleet" - }, - "CoreInstanceGroup": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for core instance groups when using clusters with the uniform instance group configuration.", - "title": "CoreInstanceGroup" - }, - "Ec2KeyName": { - "markdownDescription": "The name of the Amazon EC2 key pair that can be used to connect to the master node using SSH as the user called \"hadoop.\"", - "title": "Ec2KeyName", - "type": "string" - }, - "Ec2SubnetId": { - "markdownDescription": "Applies to clusters that use the uniform instance group configuration. To launch the cluster in Amazon Virtual Private Cloud (Amazon VPC), set this parameter to the identifier of the Amazon VPC subnet where you want the cluster to launch. If you do not specify this value and your account supports EC2-Classic, the cluster launches in EC2-Classic.", - "title": "Ec2SubnetId", - "type": "string" - }, - "Ec2SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.", - "title": "Ec2SubnetIds", - "type": "array" - }, - "EmrManagedMasterSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the master node. If you specify `EmrManagedMasterSecurityGroup` , you must also specify `EmrManagedSlaveSecurityGroup` .", - "title": "EmrManagedMasterSecurityGroup", - "type": "string" - }, - "EmrManagedSlaveSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the core and task nodes. If you specify `EmrManagedSlaveSecurityGroup` , you must also specify `EmrManagedMasterSecurityGroup` .", - "title": "EmrManagedSlaveSecurityGroup", - "type": "string" - }, - "HadoopVersion": { - "markdownDescription": "Applies only to Amazon EMR release versions earlier than 4.0. The Hadoop version for the cluster. Valid inputs are \"0.18\" (no longer maintained), \"0.20\" (no longer maintained), \"0.20.205\" (no longer maintained), \"1.0.3\", \"2.2.0\", or \"2.4.0\". If you do not set this value, the default of 0.18 is used, unless the `AmiVersion` parameter is set in the RunJobFlow call, in which case the default version of Hadoop for that AMI version is used.", - "title": "HadoopVersion", - "type": "string" - }, - "KeepJobFlowAliveWhenNoSteps": { - "markdownDescription": "Specifies whether the cluster should remain available after completing all steps. Defaults to `false` . For more information about configuring cluster termination, see [Control Cluster Termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) in the *EMR Management Guide* .", - "title": "KeepJobFlowAliveWhenNoSteps", - "type": "boolean" - }, - "MasterInstanceFleet": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance fleet when using clusters with the instance fleet configuration.", - "title": "MasterInstanceFleet" - }, - "MasterInstanceGroup": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance group when using clusters with the uniform instance group configuration.", - "title": "MasterInstanceGroup" - }, - "Placement": { - "$ref": "#/definitions/AWS::EMR::Cluster.PlacementType", - "markdownDescription": "The Availability Zone in which the cluster runs.", - "title": "Placement" - }, - "ServiceAccessSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the Amazon EMR service to access clusters in VPC private subnets.", - "title": "ServiceAccessSecurityGroup", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", "type": "string" }, - "TaskInstanceFleets": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig" - }, - "markdownDescription": "Describes the EC2 instances and instance configurations for the task instance fleets when using clusters with the instance fleet configuration. These task instance fleets are added to the cluster as part of the cluster launch. Each task instance fleet must have a unique name specified so that CloudFormation can differentiate between the task instance fleets.\n\n> You can currently specify only one task instance fleet for a cluster. After creating the cluster, you can only modify the mutable properties of `InstanceFleetConfig` , which are `TargetOnDemandCapacity` and `TargetSpotCapacity` . Modifying any other property results in cluster replacement. > To allow a maximum of 30 Amazon EC2 instance types per fleet, include `TaskInstanceFleets` when you create your cluster. If you create your cluster without `TaskInstanceFleets` , Amazon EMR uses its default allocation strategy, which allows for a maximum of five Amazon EC2 instance types.", - "title": "TaskInstanceFleets", - "type": "array" - }, - "TaskInstanceGroups": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig" - }, - "markdownDescription": "Describes the EC2 instances and instance configurations for task instance groups when using clusters with the uniform instance group configuration. These task instance groups are added to the cluster as part of the cluster launch. Each task instance group must have a unique name specified so that CloudFormation can differentiate between the task instance groups.\n\n> After creating the cluster, you can only modify the mutable properties of `InstanceGroupConfig` , which are `AutoScalingPolicy` and `InstanceCount` . Modifying any other property results in cluster replacement.", - "title": "TaskInstanceGroups", - "type": "array" - }, - "TerminationProtected": { - "markdownDescription": "Specifies whether to lock the cluster to prevent the Amazon EC2 instances from being terminated by API call, user intervention, or in the event of a job-flow error.", - "title": "TerminationProtected", - "type": "boolean" - }, - "UnhealthyNodeReplacement": { - "markdownDescription": "Indicates whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster.", - "title": "UnhealthyNodeReplacement", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.KerberosAttributes": { - "additionalProperties": false, - "properties": { - "ADDomainJoinPassword": { - "markdownDescription": "The Active Directory password for `ADDomainJoinUser` .", - "title": "ADDomainJoinPassword", + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", "type": "string" }, - "ADDomainJoinUser": { - "markdownDescription": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.", - "title": "ADDomainJoinUser", + "Description": { + "markdownDescription": "A description for the security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", "type": "string" }, - "CrossRealmTrustPrincipalPassword": { - "markdownDescription": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.", - "title": "CrossRealmTrustPrincipalPassword", + "DestinationPrefixListId": { + "markdownDescription": "The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationPrefixListId", "type": "string" }, - "KdcAdminPassword": { - "markdownDescription": "The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.", - "title": "KdcAdminPassword", + "DestinationSecurityGroupId": { + "markdownDescription": "The ID of the destination VPC security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationSecurityGroupId", "type": "string" }, - "Realm": { - "markdownDescription": "The name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL` .", - "title": "Realm", - "type": "string" - } - }, - "required": [ - "KdcAdminPassword", - "Realm" - ], - "type": "object" - }, - "AWS::EMR::Cluster.KeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The unique identifier of a key-value pair.", - "title": "Key", - "type": "string" + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", + "type": "number" }, - "Value": { - "markdownDescription": "The value part of the identified key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.ManagedScalingPolicy": { - "additionalProperties": false, - "properties": { - "ComputeLimits": { - "$ref": "#/definitions/AWS::EMR::Cluster.ComputeLimits", - "markdownDescription": "The Amazon EC2 unit limits for a managed scaling policy. The managed scaling activity of a cluster is not allowed to go above or below these limits. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "ComputeLimits" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.MetricDimension": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The dimension name.", - "title": "Key", + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" }, - "Value": { - "markdownDescription": "The dimension value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EMR::Cluster.OnDemandProvisioningSpecification": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", - "title": "AllocationStrategy", - "type": "string" + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", + "type": "number" } }, "required": [ - "AllocationStrategy" + "IpProtocol" ], "type": "object" }, - "AWS::EMR::Cluster.PlacementGroupConfig": { + "AWS::EC2::SecurityGroup.Ingress": { "additionalProperties": false, "properties": { - "InstanceRole": { - "markdownDescription": "Role of the instance in the cluster.\n\nStarting with Amazon EMR release 5.23.0, the only supported instance role is `MASTER` .", - "title": "InstanceRole", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", "type": "string" }, - "PlacementStrategy": { - "markdownDescription": "Amazon EC2 Placement Group strategy associated with instance role.\n\nStarting with Amazon EMR release 5.23.0, the only supported placement strategy is `SPREAD` for the `MASTER` instance role.", - "title": "PlacementStrategy", - "type": "string" - } - }, - "required": [ - "InstanceRole" - ], - "type": "object" - }, - "AWS::EMR::Cluster.PlacementType": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Amazon EC2 Availability Zone for the cluster. `AvailabilityZone` is used for uniform instance groups, while `AvailabilityZones` (plural) is used for instance fleets.", - "title": "AvailabilityZone", - "type": "string" - } - }, - "required": [ - "AvailabilityZone" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingAction": { - "additionalProperties": false, - "properties": { - "Market": { - "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", - "title": "Market", + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", "type": "string" }, - "SimpleScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.SimpleScalingPolicyConfiguration", - "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", - "title": "SimpleScalingPolicyConfiguration" - } - }, - "required": [ - "SimpleScalingPolicyConfiguration" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingConstraints": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", - "title": "MinCapacity", - "type": "number" - } - }, - "required": [ - "MaxCapacity", - "MinCapacity" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingRule": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingAction", - "markdownDescription": "The conditions that trigger an automatic scaling activity.", - "title": "Action" - }, "Description": { - "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", + "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", - "title": "Name", - "type": "string" - }, - "Trigger": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingTrigger", - "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", - "title": "Trigger" - } - }, - "required": [ - "Action", - "Name", - "Trigger" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingTrigger": { - "additionalProperties": false, - "properties": { - "CloudWatchAlarmDefinition": { - "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchAlarmDefinition", - "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", - "title": "CloudWatchAlarmDefinition" - } - }, - "required": [ - "CloudWatchAlarmDefinition" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScriptBootstrapActionConfig": { - "additionalProperties": false, - "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments to pass to the bootstrap action script.", - "title": "Args", - "type": "array" - }, - "Path": { - "markdownDescription": "Location in Amazon S3 of the script to run during a bootstrap action.", - "title": "Path", - "type": "string" - } - }, - "required": [ - "Path" - ], - "type": "object" - }, - "AWS::EMR::Cluster.SimpleScalingPolicyConfiguration": { - "additionalProperties": false, - "properties": { - "AdjustmentType": { - "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", - "title": "AdjustmentType", - "type": "string" - }, - "CoolDown": { - "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", - "title": "CoolDown", + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", "type": "number" }, - "ScalingAdjustment": { - "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", - "title": "ScalingAdjustment", - "type": "number" - } - }, - "required": [ - "ScalingAdjustment" - ], - "type": "object" - }, - "AWS::EMR::Cluster.SpotProvisioningSpecification": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", - "title": "AllocationStrategy", + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" }, - "BlockDurationMinutes": { - "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", - "title": "BlockDurationMinutes", - "type": "number" - }, - "TimeoutAction": { - "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", - "title": "TimeoutAction", + "SourcePrefixListId": { + "markdownDescription": "The ID of a prefix list.", + "title": "SourcePrefixListId", "type": "string" }, - "TimeoutDurationMinutes": { - "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", - "title": "TimeoutDurationMinutes", - "type": "number" - } - }, - "required": [ - "TimeoutAction", - "TimeoutDurationMinutes" - ], - "type": "object" - }, - "AWS::EMR::Cluster.StepConfig": { - "additionalProperties": false, - "properties": { - "ActionOnFailure": { - "markdownDescription": "The action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", - "title": "ActionOnFailure", + "SourceSecurityGroupId": { + "markdownDescription": "The ID of the security group.", + "title": "SourceSecurityGroupId", "type": "string" }, - "HadoopJarStep": { - "$ref": "#/definitions/AWS::EMR::Cluster.HadoopJarStepConfig", - "markdownDescription": "The JAR file used for the step.", - "title": "HadoopJarStep" - }, - "Name": { - "markdownDescription": "The name of the step.", - "title": "Name", + "SourceSecurityGroupName": { + "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", + "title": "SourceSecurityGroupName", "type": "string" - } - }, - "required": [ - "HadoopJarStep", - "Name" - ], - "type": "object" - }, - "AWS::EMR::Cluster.VolumeSpecification": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", - "type": "number" + "SourceSecurityGroupOwnerId": { + "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", + "title": "SourceSecurityGroupOwnerId", + "type": "string" }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", - "type": "string" } }, "required": [ - "SizeInGB", - "VolumeType" + "IpProtocol" ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig": { + "AWS::EC2::SecurityGroupEgress": { "additionalProperties": false, "properties": { "Condition": { @@ -88418,54 +97114,61 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterId": { - "markdownDescription": "The unique identifier of the EMR cluster.", - "title": "ClusterId", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", "type": "string" }, - "InstanceFleetType": { - "markdownDescription": "The node type that the instance fleet hosts.\n\n*Allowed Values* : TASK", - "title": "InstanceFleetType", + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", "type": "string" }, - "InstanceTypeConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceTypeConfig" - }, - "markdownDescription": "`InstanceTypeConfigs` determine the EC2 instances that Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities.\n\n> The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.", - "title": "InstanceTypeConfigs", - "type": "array" + "Description": { + "markdownDescription": "The description of an egress (outbound) security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", + "type": "string" }, - "LaunchSpecifications": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications", - "markdownDescription": "The launch specification for the instance fleet.", - "title": "LaunchSpecifications" + "DestinationPrefixListId": { + "markdownDescription": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationPrefixListId", + "type": "string" }, - "Name": { - "markdownDescription": "The friendly name of the instance fleet.", - "title": "Name", + "DestinationSecurityGroupId": { + "markdownDescription": "The ID of the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationSecurityGroupId", "type": "string" }, - "TargetOnDemandCapacity": { - "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetOnDemandCapacity", + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", "type": "number" }, - "TargetSpotCapacity": { - "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetSpotCapacity", + "GroupId": { + "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.", + "title": "GroupId", + "type": "string" + }, + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", + "type": "string" + }, + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", "type": "number" } }, "required": [ - "ClusterId", - "InstanceFleetType" + "GroupId", + "IpProtocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::InstanceFleetConfig" + "AWS::EC2::SecurityGroupEgress" ], "type": "string" }, @@ -88484,215 +97187,10 @@ ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig.Configuration": { + "AWS::EC2::SecurityGroupIngress": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", - "type": "string" - }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConfigurationProperties", - "type": "object" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" - }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig": { - "additionalProperties": false, - "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" - }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", - "type": "number" - } - }, - "required": [ - "VolumeSpecification" - ], - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.EbsConfiguration": { - "additionalProperties": false, - "properties": { - "EbsBlockDeviceConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig" - }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications": { - "additionalProperties": false, - "properties": { - "OnDemandSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification", - "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", - "title": "OnDemandSpecification" - }, - "SpotSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification", - "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", - "title": "SpotSpecification" - } - }, - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.InstanceTypeConfig": { - "additionalProperties": false, - "properties": { - "BidPrice": { - "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPrice", - "type": "string" - }, - "BidPriceAsPercentageOfOnDemandPrice": { - "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPriceAsPercentageOfOnDemandPrice", - "type": "number" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" - }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nAn optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see [Configuring Applications](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) .", - "title": "Configurations", - "type": "array" - }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the instance type.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsConfiguration", - "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", - "title": "EbsConfiguration" - }, - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", - "title": "InstanceType", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "required": [ - "InstanceType" - ], - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", - "title": "AllocationStrategy", - "type": "string" - } - }, - "required": [ - "AllocationStrategy" - ], - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", - "title": "AllocationStrategy", - "type": "string" - }, - "BlockDurationMinutes": { - "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", - "title": "BlockDurationMinutes", - "type": "number" - }, - "TimeoutAction": { - "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", - "title": "TimeoutAction", - "type": "string" - }, - "TimeoutDurationMinutes": { - "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", - "title": "TimeoutDurationMinutes", - "type": "number" - } - }, - "required": [ - "TimeoutAction", - "TimeoutDurationMinutes" - ], - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.VolumeSpecification": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" - }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", - "type": "number" - }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", - "type": "string" - } - }, - "required": [ - "SizeInGB", - "VolumeType" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig": { - "additionalProperties": false, - "properties": { - "Condition": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -88724,76 +97222,75 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.AutoScalingPolicy", - "markdownDescription": "`AutoScalingPolicy` is a subproperty of `InstanceGroupConfig` . `AutoScalingPolicy` defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) in the *Amazon EMR Management Guide* .", - "title": "AutoScalingPolicy" - }, - "BidPrice": { - "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", - "title": "BidPrice", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", "type": "string" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" - }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", - "title": "Configurations", - "type": "array" - }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", - "title": "CustomAmiId", + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", "type": "string" }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsConfiguration", - "markdownDescription": "`EbsConfiguration` determines the EBS volumes to attach to EMR cluster instances.", - "title": "EbsConfiguration" + "Description": { + "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", + "type": "string" }, - "InstanceCount": { - "markdownDescription": "Target number of instances for the instance group.", - "title": "InstanceCount", + "FromPort": { + "markdownDescription": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "title": "FromPort", "type": "number" }, - "InstanceRole": { - "markdownDescription": "The role of the instance group in the cluster.\n\n*Allowed Values* : TASK", - "title": "InstanceRole", + "GroupId": { + "markdownDescription": "The ID of the security group.", + "title": "GroupId", "type": "string" }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", - "title": "InstanceType", + "GroupName": { + "markdownDescription": "[Default VPC] The name of the security group. For security groups for a default VPC you can specify either the ID or the name of the security group. For security groups for a nondefault VPC, you must specify the ID of the security group.", + "title": "GroupName", "type": "string" }, - "JobFlowId": { - "markdownDescription": "The ID of an Amazon EMR cluster that you want to associate this instance group with.", - "title": "JobFlowId", + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" }, - "Market": { - "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", - "title": "Market", + "SourcePrefixListId": { + "markdownDescription": "The ID of a prefix list.", + "title": "SourcePrefixListId", "type": "string" }, - "Name": { - "markdownDescription": "Friendly name given to the instance group.", - "title": "Name", + "SourceSecurityGroupId": { + "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", + "title": "SourceSecurityGroupId", + "type": "string" + }, + "SourceSecurityGroupName": { + "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", + "title": "SourceSecurityGroupName", + "type": "string" + }, + "SourceSecurityGroupOwnerId": { + "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", + "title": "SourceSecurityGroupOwnerId", "type": "string" + }, + "ToPort": { + "markdownDescription": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "title": "ToPort", + "type": "number" } }, "required": [ - "InstanceCount", - "InstanceRole", - "InstanceType", - "JobFlowId" + "IpProtocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::InstanceGroupConfig" + "AWS::EC2::SecurityGroupIngress" ], "type": "string" }, @@ -88812,316 +97309,7 @@ ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.AutoScalingPolicy": { - "additionalProperties": false, - "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingConstraints", - "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", - "title": "Constraints" - }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingRule" - }, - "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "Constraints", - "Rules" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition": { - "additionalProperties": false, - "properties": { - "ComparisonOperator": { - "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", - "title": "ComparisonOperator", - "type": "string" - }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.MetricDimension" - }, - "markdownDescription": "A CloudWatch metric dimension.", - "title": "Dimensions", - "type": "array" - }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", - "title": "EvaluationPeriods", - "type": "number" - }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", - "title": "Namespace", - "type": "string" - }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", - "title": "Statistic", - "type": "string" - }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", - "type": "number" - }, - "Unit": { - "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "ComparisonOperator", - "MetricName", - "Period", - "Threshold" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.Configuration": { - "additionalProperties": false, - "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", - "type": "string" - }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConfigurationProperties", - "type": "object" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" - }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig": { - "additionalProperties": false, - "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" - }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", - "type": "number" - } - }, - "required": [ - "VolumeSpecification" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.EbsConfiguration": { - "additionalProperties": false, - "properties": { - "EbsBlockDeviceConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig" - }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.MetricDimension": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The dimension name.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The dimension value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.ScalingAction": { - "additionalProperties": false, - "properties": { - "Market": { - "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", - "title": "Market", - "type": "string" - }, - "SimpleScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration", - "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", - "title": "SimpleScalingPolicyConfiguration" - } - }, - "required": [ - "SimpleScalingPolicyConfiguration" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.ScalingConstraints": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", - "title": "MinCapacity", - "type": "number" - } - }, - "required": [ - "MaxCapacity", - "MinCapacity" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.ScalingRule": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingAction", - "markdownDescription": "The conditions that trigger an automatic scaling activity.", - "title": "Action" - }, - "Description": { - "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", - "title": "Name", - "type": "string" - }, - "Trigger": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingTrigger", - "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", - "title": "Trigger" - } - }, - "required": [ - "Action", - "Name", - "Trigger" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.ScalingTrigger": { - "additionalProperties": false, - "properties": { - "CloudWatchAlarmDefinition": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition", - "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", - "title": "CloudWatchAlarmDefinition" - } - }, - "required": [ - "CloudWatchAlarmDefinition" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration": { - "additionalProperties": false, - "properties": { - "AdjustmentType": { - "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", - "title": "AdjustmentType", - "type": "string" - }, - "CoolDown": { - "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", - "title": "CoolDown", - "type": "number" - }, - "ScalingAdjustment": { - "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", - "title": "ScalingAdjustment", - "type": "number" - } - }, - "required": [ - "ScalingAdjustment" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.VolumeSpecification": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" - }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", - "type": "number" - }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", - "type": "string" - } - }, - "required": [ - "SizeInGB", - "VolumeType" - ], - "type": "object" - }, - "AWS::EMR::SecurityConfiguration": { + "AWS::EC2::SecurityGroupVpcAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -89156,25 +97344,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the security configuration.", - "title": "Name", + "GroupId": { + "markdownDescription": "The association's security group ID.", + "title": "GroupId", "type": "string" }, - "SecurityConfiguration": { - "markdownDescription": "The security configuration details in JSON format. For JSON parameters and examples, see [Use Security Configurations to Set Up Cluster Security](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-security-configurations.html) in the *Amazon EMR Management Guide* .", - "title": "SecurityConfiguration", - "type": "object" + "VpcId": { + "markdownDescription": "The association's VPC ID.", + "title": "VpcId", + "type": "string" } }, "required": [ - "SecurityConfiguration" + "GroupId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::SecurityConfiguration" + "AWS::EC2::SecurityGroupVpcAssociation" ], "type": "string" }, @@ -89193,7 +97382,7 @@ ], "type": "object" }, - "AWS::EMR::Step": { + "AWS::EC2::SnapshotBlockPublicAccess": { "additionalProperties": false, "properties": { "Condition": { @@ -89228,38 +97417,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionOnFailure": { - "markdownDescription": "This specifies what action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", - "title": "ActionOnFailure", - "type": "string" - }, - "HadoopJarStep": { - "$ref": "#/definitions/AWS::EMR::Step.HadoopJarStepConfig", - "markdownDescription": "The `HadoopJarStepConfig` property type specifies a job flow step consisting of a JAR file whose main function will be executed. The main function submits a job for the cluster to execute as a step on the master node, and then waits for the job to finish or fail before executing subsequent steps.", - "title": "HadoopJarStep" - }, - "JobFlowId": { - "markdownDescription": "A string that uniquely identifies the cluster (job flow).", - "title": "JobFlowId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the cluster step.", - "title": "Name", + "State": { + "markdownDescription": "The mode in which to enable block public access for snapshots for the Region. Specify one of the following values:\n\n- `block-all-sharing` - Prevents all public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. Additionally, snapshots that are already publicly shared are treated as private and they are no longer publicly available.\n\n> If you enable block public access for snapshots in `block-all-sharing` mode, it does not change the permissions for snapshots that are already publicly shared. Instead, it prevents these snapshots from be publicly visible and publicly accessible. Therefore, the attributes for these snapshots still indicate that they are publicly shared, even though they are not publicly available.\n- `block-new-sharing` - Prevents only new public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. However, snapshots that are already publicly shared, remain publicly available.", + "title": "State", "type": "string" } }, "required": [ - "ActionOnFailure", - "HadoopJarStep", - "JobFlowId", - "Name" + "State" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::Step" + "AWS::EC2::SnapshotBlockPublicAccess" ], "type": "string" }, @@ -89278,58 +97449,7 @@ ], "type": "object" }, - "AWS::EMR::Step.HadoopJarStepConfig": { - "additionalProperties": false, - "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", - "title": "Args", - "type": "array" - }, - "Jar": { - "markdownDescription": "A path to a JAR file run during the step.", - "title": "Jar", - "type": "string" - }, - "MainClass": { - "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", - "title": "MainClass", - "type": "string" - }, - "StepProperties": { - "items": { - "$ref": "#/definitions/AWS::EMR::Step.KeyValue" - }, - "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.", - "title": "StepProperties", - "type": "array" - } - }, - "required": [ - "Jar" - ], - "type": "object" - }, - "AWS::EMR::Step.KeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The unique identifier of a key-value pair.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value part of the identified key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMR::Studio": { + "AWS::EC2::SpotFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -89364,113 +97484,20 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthMode": { - "markdownDescription": "Specifies whether the Studio authenticates users using IAM Identity Center or IAM.", - "title": "AuthMode", - "type": "string" - }, - "DefaultS3Location": { - "markdownDescription": "The Amazon S3 location to back up EMR Studio Workspaces and notebook files.", - "title": "DefaultS3Location", - "type": "string" - }, - "Description": { - "markdownDescription": "A detailed description of the Amazon EMR Studio.", - "title": "Description", - "type": "string" - }, - "EncryptionKeyArn": { - "markdownDescription": "The AWS KMS key identifier (ARN) used to encrypt Amazon EMR Studio workspace and notebook files when backed up to Amazon S3.", - "title": "EncryptionKeyArn", - "type": "string" - }, - "EngineSecurityGroupId": { - "markdownDescription": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `VpcId` .", - "title": "EngineSecurityGroupId", - "type": "string" - }, - "IdcInstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance the Studio application belongs to.", - "title": "IdcInstanceArn", - "type": "string" - }, - "IdcUserAssignment": { - "markdownDescription": "Indicates whether the Studio has `REQUIRED` or `OPTIONAL` IAM Identity Center user assignment. If the value is set to `REQUIRED` , users must be explicitly assigned to the Studio application to access the Studio.", - "title": "IdcUserAssignment", - "type": "string" - }, - "IdpAuthUrl": { - "markdownDescription": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.", - "title": "IdpAuthUrl", - "type": "string" - }, - "IdpRelayStateParameterName": { - "markdownDescription": "The name of your identity provider's `RelayState` parameter.", - "title": "IdpRelayStateParameterName", - "type": "string" - }, - "Name": { - "markdownDescription": "A descriptive name for the Amazon EMR Studio.", - "title": "Name", - "type": "string" - }, - "ServiceRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services.", - "title": "ServiceRole", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `VpcId` . Studio users can create a Workspace in any of the specified subnets.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "TrustedIdentityPropagationEnabled": { - "markdownDescription": "Indicates whether the Studio has Trusted identity propagation enabled. The default value is `false` .", - "title": "TrustedIdentityPropagationEnabled", - "type": "boolean" - }, - "UserRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify `UserRole` when you set `AuthMode` to `SSO` .", - "title": "UserRole", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.", - "title": "VpcId", - "type": "string" - }, - "WorkspaceSecurityGroupId": { - "markdownDescription": "The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.", - "title": "WorkspaceSecurityGroupId", - "type": "string" + "SpotFleetRequestConfigData": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetRequestConfigData", + "markdownDescription": "Describes the configuration of a Spot Fleet request.", + "title": "SpotFleetRequestConfigData" } }, "required": [ - "AuthMode", - "DefaultS3Location", - "EngineSecurityGroupId", - "Name", - "ServiceRole", - "SubnetIds", - "VpcId", - "WorkspaceSecurityGroupId" + "SpotFleetRequestConfigData" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::Studio" + "AWS::EC2::SpotFleet" ], "type": "string" }, @@ -89489,762 +97516,1032 @@ ], "type": "object" }, - "AWS::EMR::StudioSessionMapping": { + "AWS::EC2::SpotFleet.AcceleratorCountRequest": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Metadata": { - "type": "object" + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.BaselinePerformanceFactorsRequest": { + "additionalProperties": false, + "properties": { + "Cpu": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.BlockDeviceMapping": { + "additionalProperties": false, + "properties": { + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "DeviceName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "IdentityName": { - "markdownDescription": "The name of the user or group. For more information, see [UserName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) and [DisplayName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) in the *IAM Identity Center Identity Store API Reference* .", - "title": "IdentityName", - "type": "string" - }, - "IdentityType": { - "markdownDescription": "Specifies whether the identity to map to the Amazon EMR Studio is a user or a group.", - "title": "IdentityType", - "type": "string" - }, - "SessionPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles. For more information, see [Create an EMR Studio user role with session policies](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-user-role.html) in the *Amazon EMR Management Guide* .", - "title": "SessionPolicyArn", - "type": "string" - }, - "StudioId": { - "markdownDescription": "The ID of the Amazon EMR Studio to which the user or group will be mapped.", - "title": "StudioId", - "type": "string" - } - }, - "required": [ - "IdentityName", - "IdentityType", - "SessionPolicyArn", - "StudioId" - ], - "type": "object" + "Ebs": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.EbsBlockDevice", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" }, - "Type": { - "enum": [ - "AWS::EMR::StudioSessionMapping" - ], + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", + "title": "NoDevice", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", + "title": "VirtualName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DeviceName" ], "type": "object" }, - "AWS::EMR::WALWorkspace": { + "AWS::EC2::SpotFleet.ClassicLoadBalancer": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the load balancer.", + "title": "Name", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - }, - "WALWorkspaceName": { - "markdownDescription": "", - "title": "WALWorkspaceName", - "type": "string" - } + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::EC2::SpotFleet.ClassicLoadBalancersConfig": { + "additionalProperties": false, + "properties": { + "ClassicLoadBalancers": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancer" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EMR::WALWorkspace" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "One or more Classic Load Balancers.", + "title": "ClassicLoadBalancers", + "type": "array" } }, "required": [ - "Type" + "ClassicLoadBalancers" ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster": { + "AWS::EC2::SpotFleet.CpuPerformanceFactorRequest": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "References": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.PerformanceFactorReferenceRequest" + }, + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently, only one instance family can be specified in the list.", + "title": "References", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.EbsBlockDevice": { + "additionalProperties": false, + "properties": { + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Encrypted": { + "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\nThis parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", + "title": "Encrypted", + "type": "boolean" }, - "Metadata": { - "type": "object" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", + "title": "Iops", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContainerProvider": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerProvider", - "markdownDescription": "The container provider of the virtual cluster.", - "title": "ContainerProvider" - }, - "Name": { - "markdownDescription": "The name of the virtual cluster.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ContainerProvider", - "Name" - ], - "type": "object" + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EMRContainers::VirtualCluster" - ], + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", + "title": "LaunchTemplateId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", + "title": "LaunchTemplateName", + "type": "string" + }, + "Version": { + "markdownDescription": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", + "title": "Version", "type": "string" } }, "required": [ - "Type", - "Properties" + "Version" ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster.ContainerInfo": { + "AWS::EC2::SpotFleet.GroupIdentifier": { "additionalProperties": false, "properties": { - "EksInfo": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.EksInfo", - "markdownDescription": "The information about the Amazon EKS cluster.", - "title": "EksInfo" + "GroupId": { + "markdownDescription": "The ID of the security group.", + "title": "GroupId", + "type": "string" } }, "required": [ - "EksInfo" + "GroupId" ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster.ContainerProvider": { + "AWS::EC2::SpotFleet.IamInstanceProfileSpecification": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID of the container cluster.\n\n*Minimum* : 1\n\n*Maximum* : 100\n\n*Pattern* : `^[0-9A-Za-z][A-Za-z0-9\\-_]*`", - "title": "Id", - "type": "string" - }, - "Info": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerInfo", - "markdownDescription": "The information about the container cluster.", - "title": "Info" - }, - "Type": { - "markdownDescription": "The type of the container provider. Amazon EKS is the only supported type as of now.", - "title": "Type", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", + "title": "Arn", "type": "string" } }, - "required": [ - "Id", - "Info", - "Type" - ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster.EksInfo": { + "AWS::EC2::SpotFleet.InstanceIpv6Address": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "The namespaces of the EKS cluster.\n\n*Minimum* : 1\n\n*Maximum* : 63\n\n*Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?`", - "title": "Namespace", + "Ipv6Address": { + "markdownDescription": "The IPv6 address.", + "title": "Ipv6Address", "type": "string" } }, "required": [ - "Namespace" + "Ipv6Address" ], "type": "object" }, - "AWS::EMRServerless::Application": { + "AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AssociatePublicIpAddress": { + "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DeviceIndex": { + "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you specify a network interface when launching an instance, you must specify the device index.", + "title": "DeviceIndex", + "type": "number" }, - "Metadata": { - "type": "object" + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Groups", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Architecture": { - "markdownDescription": "The CPU architecture of an application.", - "title": "Architecture", - "type": "string" - }, - "AutoStartConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStartConfiguration", - "markdownDescription": "The configuration for an application to automatically start on job submission.", - "title": "AutoStartConfiguration" - }, - "AutoStopConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStopConfiguration", - "markdownDescription": "The configuration for an application to automatically stop after a certain amount of time being idle.", - "title": "AutoStopConfiguration" - }, - "ImageConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", - "markdownDescription": "The image configuration applied to all worker types.", - "title": "ImageConfiguration" - }, - "InitialCapacity": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair" - }, - "markdownDescription": "The initial capacity of the application.", - "title": "InitialCapacity", - "type": "array" - }, - "MaximumCapacity": { - "$ref": "#/definitions/AWS::EMRServerless::Application.MaximumAllowedResources", - "markdownDescription": "The maximum capacity of the application. This is cumulative across all workers at any given point in time during the lifespan of the application is created. No new resources will be created once any one of the defined limits is hit.", - "title": "MaximumCapacity" - }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", - "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", - "title": "MonitoringConfiguration" - }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", - "type": "string" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.NetworkConfiguration", - "markdownDescription": "The network configuration for customer VPC connectivity for the application.", - "title": "NetworkConfiguration" - }, - "ReleaseLabel": { - "markdownDescription": "The EMR release associated with the application.", - "title": "ReleaseLabel", - "type": "string" - }, - "RuntimeConfiguration": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" - }, - "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", - "title": "RuntimeConfiguration", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the application.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of application, such as Spark or Hive.", - "title": "Type", - "type": "string" - }, - "WorkerTypeSpecifications": { - "additionalProperties": false, - "markdownDescription": "The specification applied to each worker type.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerTypeSpecificationInput" - } - }, - "title": "WorkerTypeSpecifications", - "type": "object" - } + "Ipv6AddressCount": { + "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceIpv6Address" }, - "required": [ - "ReleaseLabel", - "Type" - ], - "type": "object" + "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6Addresses", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EMRServerless::Application" - ], + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.\n\nIf you are creating a Spot Fleet, omit this parameter because you can\u2019t specify a network interface ID in a launch specification.", + "title": "NetworkInterfaceId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.PrivateIpAddressSpecification" + }, + "markdownDescription": "The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses. You can\u2019t specify this parameter and also specify a secondary private IP address using the `PrivateIpAddress` parameter.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet associated with the network interface.", + "title": "SubnetId", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EMRServerless::Application.AutoStartConfiguration": { + "AWS::EC2::SpotFleet.InstanceRequirementsRequest": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables the application to automatically start on job submission.", - "title": "Enabled", + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorCountRequest", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" + }, + "AcceleratorManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", + "type": "array" + }, + "AcceleratorNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", + "type": "array" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", + "type": "array" + }, + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" + }, + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" + }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" + }, + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", + "type": "string" + }, + "CpuManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", + "type": "array" + }, + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" + }, + "InstanceGenerations": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" + }, + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", + "type": "string" + }, + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" + }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest", + "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkInterfaceCountRequest", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TotalLocalStorageGBRequest", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.VCpuCountRangeRequest", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" } }, "type": "object" }, - "AWS::EMRServerless::Application.AutoStopConfiguration": { + "AWS::EC2::SpotFleet.LaunchTemplateConfig": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables the application to automatically stop after a certain amount of time being idle. Defaults to true.", - "title": "Enabled", - "type": "boolean" + "LaunchTemplateSpecification": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification", + "markdownDescription": "The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet.", + "title": "LaunchTemplateSpecification" }, - "IdleTimeoutMinutes": { - "markdownDescription": "The amount of idle time in minutes after which your application will automatically stop. Defaults to 15 minutes.", - "title": "IdleTimeoutMinutes", - "type": "number" + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateOverrides" + }, + "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.", + "title": "Overrides", + "type": "array" } }, "type": "object" }, - "AWS::EMRServerless::Application.CloudWatchLoggingConfiguration": { + "AWS::EC2::SpotFleet.LaunchTemplateOverrides": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables CloudWatch logging.", - "title": "Enabled", - "type": "boolean" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to launch the instances.", + "title": "AvailabilityZone", + "type": "string" }, - "EncryptionKeyArn": { - "markdownDescription": "The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.", - "title": "EncryptionKeyArn", + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", + "markdownDescription": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type.", + "title": "InstanceType", "type": "string" }, - "LogGroupName": { - "markdownDescription": "The name of the log group in Amazon CloudWatch Logs where you want to publish your logs.", - "title": "LogGroupName", + "Priority": { + "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", + "title": "Priority", + "type": "number" + }, + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", "type": "string" }, - "LogStreamNamePrefix": { - "markdownDescription": "Prefix for the CloudWatch log stream name.", - "title": "LogStreamNamePrefix", + "SubnetId": { + "markdownDescription": "The ID of the subnet in which to launch the instances.", + "title": "SubnetId", "type": "string" }, - "LogTypeMap": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.LogTypeMapKeyValuePair" - }, - "markdownDescription": "", - "title": "LogTypeMap", - "type": "array" + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" } }, "type": "object" }, - "AWS::EMRServerless::Application.ConfigurationObject": { + "AWS::EC2::SpotFleet.LoadBalancersConfig": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", - "type": "string" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" - }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" + "ClassicLoadBalancersConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancersConfig", + "markdownDescription": "The Classic Load Balancers.", + "title": "ClassicLoadBalancersConfig" }, - "Properties": { - "additionalProperties": true, - "markdownDescription": "A set of properties specified within a configuration classification.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Properties", - "type": "object" + "TargetGroupsConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroupsConfig", + "markdownDescription": "The target groups.", + "title": "TargetGroupsConfig" } }, - "required": [ - "Classification" - ], "type": "object" }, - "AWS::EMRServerless::Application.ImageConfigurationInput": { + "AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest": { "additionalProperties": false, "properties": { - "ImageUri": { - "markdownDescription": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration.", - "title": "ImageUri", - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::EMRServerless::Application.InitialCapacityConfig": { + "AWS::EC2::SpotFleet.MemoryMiBRequest": { "additionalProperties": false, "properties": { - "WorkerConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerConfiguration", - "markdownDescription": "The resource configuration of the initial capacity configuration.", - "title": "WorkerConfiguration" + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "WorkerCount": { - "markdownDescription": "The number of workers in the initial capacity configuration.", - "title": "WorkerCount", + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", "type": "number" } }, - "required": [ - "WorkerConfiguration", - "WorkerCount" - ], "type": "object" }, - "AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair": { + "AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Value": { - "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfig", - "markdownDescription": "", - "title": "Value" + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EMRServerless::Application.LogTypeMapKeyValuePair": { + "AWS::EC2::SpotFleet.NetworkInterfaceCountRequest": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Value", - "type": "array" + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration": { + "AWS::EC2::SpotFleet.PerformanceFactorReferenceRequest": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", - "title": "Enabled", - "type": "boolean" - }, - "EncryptionKeyArn": { - "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", - "title": "EncryptionKeyArn", + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response for [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) and an exception for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , [ModifyFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html) , and [ModifySpotFleetRequest](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html) .", + "title": "InstanceFamily", "type": "string" } }, "type": "object" }, - "AWS::EMRServerless::Application.MaximumAllowedResources": { + "AWS::EC2::SpotFleet.PrivateIpAddressSpecification": { "additionalProperties": false, "properties": { - "Cpu": { - "markdownDescription": "The maximum allowed CPU for an application.", - "title": "Cpu", - "type": "string" - }, - "Disk": { - "markdownDescription": "The maximum allowed disk for an application.", - "title": "Disk", - "type": "string" + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" }, - "Memory": { - "markdownDescription": "The maximum allowed resources for an application.", - "title": "Memory", + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", "type": "string" } }, "required": [ - "Cpu", - "Memory" + "PrivateIpAddress" ], "type": "object" }, - "AWS::EMRServerless::Application.MonitoringConfiguration": { + "AWS::EC2::SpotFleet.SpotCapacityRebalance": { "additionalProperties": false, "properties": { - "CloudWatchLoggingConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.CloudWatchLoggingConfiguration", - "markdownDescription": "The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch.", - "title": "CloudWatchLoggingConfiguration" - }, - "ManagedPersistenceMonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", - "markdownDescription": "The managed log persistence configuration for a job run.", - "title": "ManagedPersistenceMonitoringConfiguration" + "ReplacementStrategy": { + "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", + "title": "ReplacementStrategy", + "type": "string" }, - "S3MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", - "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", - "title": "S3MonitoringConfiguration" + "TerminationDelay": { + "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", + "title": "TerminationDelay", + "type": "number" } }, "type": "object" }, - "AWS::EMRServerless::Application.NetworkConfiguration": { + "AWS::EC2::SpotFleet.SpotFleetLaunchSpecification": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "BlockDeviceMappings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::SpotFleet.BlockDeviceMapping" }, - "markdownDescription": "The array of security group Ids for customer VPC connectivity.", - "title": "SecurityGroupIds", + "markdownDescription": "One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.", + "title": "BlockDeviceMappings", "type": "array" }, - "SubnetIds": { + "EbsOptimized": { + "markdownDescription": "Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.\n\nDefault: `false`", + "title": "EbsOptimized", + "type": "boolean" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.IamInstanceProfileSpecification", + "markdownDescription": "The IAM instance profile.", + "title": "IamInstanceProfile" + }, + "ImageId": { + "markdownDescription": "The ID of the AMI.", + "title": "ImageId", + "type": "string" + }, + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type.", + "title": "InstanceType", + "type": "string" + }, + "KernelId": { + "markdownDescription": "The ID of the kernel.", + "title": "KernelId", + "type": "string" + }, + "KeyName": { + "markdownDescription": "The name of the key pair.", + "title": "KeyName", + "type": "string" + }, + "Monitoring": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetMonitoring", + "markdownDescription": "Enable or disable monitoring for the instances.", + "title": "Monitoring" + }, + "NetworkInterfaces": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification" }, - "markdownDescription": "The array of subnet Ids for customer VPC connectivity.", - "title": "SubnetIds", + "markdownDescription": "The network interfaces.", + "title": "NetworkInterfaces", + "type": "array" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotPlacement", + "markdownDescription": "The placement information.", + "title": "Placement" + }, + "RamdiskId": { + "markdownDescription": "The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.", + "title": "RamdiskId", + "type": "string" + }, + "SecurityGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.GroupIdentifier" + }, + "markdownDescription": "The security groups.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", + "title": "SecurityGroups", + "type": "array" + }, + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", + "title": "SubnetId", + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + }, + "markdownDescription": "The tags to apply during creation.", + "title": "TagSpecifications", "type": "array" + }, + "UserData": { + "markdownDescription": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.", + "title": "UserData", + "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" } }, + "required": [ + "ImageId" + ], "type": "object" }, - "AWS::EMRServerless::Application.S3MonitoringConfiguration": { + "AWS::EC2::SpotFleet.SpotFleetMonitoring": { "additionalProperties": false, "properties": { - "EncryptionKeyArn": { - "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", - "title": "EncryptionKeyArn", - "type": "string" - }, - "LogUri": { - "markdownDescription": "The Amazon S3 destination URI for log publishing.", - "title": "LogUri", - "type": "string" + "Enabled": { + "markdownDescription": "Enables monitoring for the instance.\n\nDefault: `false`", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::EMRServerless::Application.WorkerConfiguration": { + "AWS::EC2::SpotFleet.SpotFleetRequestConfigData": { "additionalProperties": false, "properties": { - "Cpu": { - "markdownDescription": "The CPU requirements of the worker configuration. Each worker can have 1, 2, 4, 8, or 16 vCPUs.", - "title": "Cpu", + "AllocationStrategy": { + "markdownDescription": "The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* .\n\n- **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.\n- **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity.\n- **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify.\n- **lowestPrice (not recommended)** - > We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. \n\nSpot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates.\n\nDefault: `lowestPrice`", + "title": "AllocationStrategy", "type": "string" }, - "Disk": { - "markdownDescription": "The disk requirements of the worker configuration.", - "title": "Disk", + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", "type": "string" }, - "Memory": { - "markdownDescription": "The memory requirements of the worker configuration.", - "title": "Memory", + "ExcessCapacityTerminationPolicy": { + "markdownDescription": "Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.\n\nSupported only for fleets of type `maintain` .", + "title": "ExcessCapacityTerminationPolicy", + "type": "string" + }, + "IamFleetRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` .", + "title": "IamFleetRole", + "type": "string" + }, + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", + "title": "InstanceInterruptionBehavior", + "type": "string" + }, + "InstancePoolsToUseCount": { + "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", + "title": "InstancePoolsToUseCount", + "type": "number" + }, + "LaunchSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetLaunchSpecification" + }, + "markdownDescription": "The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` .", + "title": "LaunchSpecifications", + "type": "array" + }, + "LaunchTemplateConfigs": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateConfig" + }, + "markdownDescription": "The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` .", + "title": "LaunchTemplateConfigs", + "type": "array" + }, + "LoadBalancersConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LoadBalancersConfig", + "markdownDescription": "One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.\n\nWith Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.", + "title": "LoadBalancersConfig" + }, + "OnDemandAllocationStrategy": { + "markdownDescription": "The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` .", + "title": "OnDemandAllocationStrategy", + "type": "string" + }, + "OnDemandMaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "OnDemandMaxTotalPrice", + "type": "string" + }, + "OnDemandTargetCapacity": { + "markdownDescription": "The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", + "title": "OnDemandTargetCapacity", + "type": "number" + }, + "ReplaceUnhealthyInstances": { + "markdownDescription": "Indicates whether Spot Fleet should replace unhealthy instances.", + "title": "ReplaceUnhealthyInstances", + "type": "boolean" + }, + "SpotMaintenanceStrategies": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotMaintenanceStrategies", + "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", + "title": "SpotMaintenanceStrategies" + }, + "SpotMaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "SpotMaxTotalPrice", + "type": "string" + }, + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + }, + "markdownDescription": "The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .", + "title": "TagSpecifications", + "type": "array" + }, + "TargetCapacity": { + "markdownDescription": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", + "title": "TargetCapacity", + "type": "number" + }, + "TargetCapacityUnitType": { + "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection.\n\nDefault: `units` (the number of instances)", + "title": "TargetCapacityUnitType", + "type": "string" + }, + "TerminateInstancesWithExpiration": { + "markdownDescription": "Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.", + "title": "TerminateInstancesWithExpiration", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet.", + "title": "Type", + "type": "string" + }, + "ValidFrom": { + "markdownDescription": "The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately.", + "title": "ValidFrom", + "type": "string" + }, + "ValidUntil": { + "markdownDescription": "The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.", + "title": "ValidUntil", "type": "string" } }, "required": [ - "Cpu", - "Memory" + "IamFleetRole", + "TargetCapacity" ], "type": "object" }, - "AWS::EMRServerless::Application.WorkerTypeSpecificationInput": { + "AWS::EC2::SpotFleet.SpotFleetTagSpecification": { "additionalProperties": false, "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", - "markdownDescription": "The image configuration for a worker type.", - "title": "ImageConfiguration" + "ResourceType": { + "markdownDescription": "The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` .", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::ElastiCache::CacheCluster": { + "AWS::EC2::SpotFleet.SpotMaintenanceStrategies": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CapacityRebalance": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotCapacityRebalance", + "markdownDescription": "The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* .", + "title": "CapacityRebalance" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.SpotPlacement": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.\n\nTo specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\".", + "title": "AvailabilityZone", + "type": "string" + }, + "GroupName": { + "markdownDescription": "The name of the placement group.", + "title": "GroupName", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances.", + "title": "Tenancy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.TargetGroup": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::EC2::SpotFleet.TargetGroupsConfig": { + "additionalProperties": false, + "properties": { + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroup" + }, + "markdownDescription": "One or more target groups.", + "title": "TargetGroups", + "type": "array" + } + }, + "required": [ + "TargetGroups" + ], + "type": "object" + }, + "AWS::EC2::SpotFleet.TotalLocalStorageGBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.VCpuCountRangeRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::Subnet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, "DependsOn": { "anyOf": [ @@ -90267,160 +98564,103 @@ "Properties": { "additionalProperties": false, "properties": { - "AZMode": { - "markdownDescription": "Specifies whether the nodes in this Memcached cluster are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region.\n\nThis parameter is only supported for Memcached clusters.\n\nIf the `AZMode` and `PreferredAvailabilityZones` are not specified, ElastiCache assumes `single-az` mode.", - "title": "AZMode", - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", - "title": "AutoMinorVersionUpgrade", + "AssignIpv6AddressOnCreation": { + "markdownDescription": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is `false` .\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", + "title": "AssignIpv6AddressOnCreation", "type": "boolean" }, - "CacheNodeType": { - "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. Changing the CacheNodeType of a Memcached instance is currently not supported. If you need to scale using Memcached, we recommend forcing a replacement update by changing the `LogicalResourceId` of the resource.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.8xlarge` , `cache.m6g.12xlarge` , `cache.m6g.16xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.8xlarge` , `cache.r6g.12xlarge` , `cache.r6g.16xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n\n*Additional node type info*\n\n- All current generation instance types are created in Amazon VPC by default.\n- Valkey and Redis OSS append-only files (AOF) are not supported for T1 or T2 instances.\n- Valkey and Redis OSS Multi-AZ with automatic failover is not supported on T1 instances.\n- Redis OSS configuration variables `appendonly` and `appendfsync` are not supported on Redis OSS version 2.8.22 and later.", - "title": "CacheNodeType", - "type": "string" - }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the parameter group to associate with this cluster. If this argument is omitted, the default parameter group for the specified engine is used. You cannot use any parameter group which has `cluster-enabled='yes'` when creating a cluster.", - "title": "CacheParameterGroupName", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the subnet.\n\nIf you update this property, you must also update the `CidrBlock` property.", + "title": "AvailabilityZone", "type": "string" }, - "CacheSecurityGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group names to associate with this cluster.\n\nUse this parameter only when you are creating a cluster outside of an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "CacheSecurityGroupNames", - "type": "array" - }, - "CacheSubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see `[AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .`", - "title": "CacheSubnetGroupName", + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the subnet.", + "title": "AvailabilityZoneId", "type": "string" }, - "ClusterName": { - "markdownDescription": "A name for the cache cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the cache cluster. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe name must contain 1 to 50 alphanumeric characters or hyphens. The name must start with a letter and cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ClusterName", + "CidrBlock": { + "markdownDescription": "The IPv4 CIDR block assigned to the subnet.\n\nIf you update this property, we create a new subnet, and then delete the existing one.", + "title": "CidrBlock", "type": "string" }, - "Engine": { - "markdownDescription": "The name of the cache engine to be used for this cluster.\n\nValid values for this parameter are: `memcached` | valkey | `redis`", - "title": "Engine", - "type": "string" + "EnableDns64": { + "markdownDescription": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.\n\n> You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a `0.0.0.0/0` route pointing to the internet gateway. For more information, see [Configure DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "EnableDns64", + "type": "boolean" }, - "EngineVersion": { - "markdownDescription": "The version number of the cache engine to be used for this cluster. To view the supported cache engine versions, use the DescribeCacheEngineVersions operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ), but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", - "title": "EngineVersion", - "type": "string" + "EnableLniAtDeviceIndex": { + "markdownDescription": "Indicates the device position for local network interfaces in this subnet. For example, `1` indicates local network interfaces in this subnet are the secondary network interface (eth1).", + "title": "EnableLniAtDeviceIndex", + "type": "number" }, - "IpDiscovery": { - "markdownDescription": "The network type you choose when modifying a cluster, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "IpDiscovery", + "Ipv4IpamPoolId": { + "markdownDescription": "An IPv4 IPAM pool ID for the subnet.", + "title": "Ipv4IpamPoolId", "type": "string" }, - "LogDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest" - }, - "markdownDescription": "Specifies the destination, format and type of the logs.", - "title": "LogDeliveryConfigurations", - "type": "array" + "Ipv4NetmaskLength": { + "markdownDescription": "An IPv4 netmask length for the subnet.", + "title": "Ipv4NetmaskLength", + "type": "number" }, - "NetworkType": { - "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "NetworkType", + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 CIDR block.\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", + "title": "Ipv6CidrBlock", "type": "string" }, - "NotificationTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", - "title": "NotificationTopicArn", + "Ipv6IpamPoolId": { + "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", + "title": "Ipv6IpamPoolId", "type": "string" }, - "NumCacheNodes": { - "markdownDescription": "The number of cache nodes that the cache cluster should have.\n\n> However, if the `PreferredAvailabilityZone` and `PreferredAvailabilityZones` properties were not previously specified and you don't specify any new values, an update requires [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NumCacheNodes", - "type": "number" + "Ipv6Native": { + "markdownDescription": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "Ipv6Native", + "type": "boolean" }, - "Port": { - "markdownDescription": "The port number on which each of the cache nodes accepts connections.", - "title": "Port", + "Ipv6NetmaskLength": { + "markdownDescription": "An IPv6 netmask length for the subnet.", + "title": "Ipv6NetmaskLength", "type": "number" }, - "PreferredAvailabilityZone": { - "markdownDescription": "The EC2 Availability Zone in which the cluster is created.\n\nAll nodes belonging to this cluster are placed in the preferred Availability Zone. If you want to create your nodes across multiple Availability Zones, use `PreferredAvailabilityZones` .\n\nDefault: System chosen Availability Zone.", - "title": "PreferredAvailabilityZone", - "type": "string" - }, - "PreferredAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the Availability Zones in which cache nodes are created. The order of the zones in the list is not important.\n\nThis option is only supported on Memcached.\n\n> If you are creating your cluster in an Amazon VPC (recommended) you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheNodes` . \n\nIf you want all the nodes in the same Availability Zone, use `PreferredAvailabilityZone` instead, or repeat the Availability Zone multiple times in the list.\n\nDefault: System chosen Availability Zones.", - "title": "PreferredAvailabilityZones", - "type": "array" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A single-element string list containing an Amazon Resource Name (ARN) that uniquely identifies a Valkey or Redis OSS RDB snapshot file stored in Amazon S3. The snapshot file is used to populate the node group (shard). The Amazon S3 object name in the ARN cannot contain any commas.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", - "title": "SnapshotArns", - "type": "array" + "MapPublicIpOnLaunch": { + "markdownDescription": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is `false` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "MapPublicIpOnLaunch", + "type": "boolean" }, - "SnapshotName": { - "markdownDescription": "The name of a Valkey or Redis OSS snapshot from which to restore data into the new node group (shard). The snapshot status changes to `restoring` while the new node group (shard) is being created.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", - "title": "SnapshotName", + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", + "title": "OutpostArn", "type": "string" }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot taken today is retained for 5 days before being deleted.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nDefault: 0 (i.e., automatic backups are disabled for this cache cluster).", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", - "title": "SnapshotWindow", - "type": "string" + "PrivateDnsNameOptionsOnLaunch": { + "$ref": "#/definitions/AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch", + "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nAvailable options:\n\n- EnableResourceNameDnsAAAARecord (true | false)\n- EnableResourceNameDnsARecord (true | false)\n- HostnameType (ip-name | resource-name)", + "title": "PrivateDnsNameOptionsOnLaunch" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be added to this resource.", + "markdownDescription": "Any tags assigned to the subnet.", "title": "Tags", "type": "array" }, - "TransitEncryptionEnabled": { - "markdownDescription": "A flag that enables in-transit encryption when set to true.", - "title": "TransitEncryptionEnabled", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more VPC security groups associated with the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "VpcSecurityGroupIds", - "type": "array" + "VpcId": { + "markdownDescription": "The ID of the VPC the subnet is in.\n\nIf you update this property, you must also update the `CidrBlock` property.", + "title": "VpcId", + "type": "string" } }, "required": [ - "CacheNodeType", - "Engine", - "NumCacheNodes" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::CacheCluster" + "AWS::EC2::Subnet" ], "type": "string" }, @@ -90439,83 +98679,39 @@ ], "type": "object" }, - "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { - "additionalProperties": false, - "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group.", - "title": "LogGroup", - "type": "string" - } - }, - "required": [ - "LogGroup" - ], - "type": "object" - }, - "AWS::ElastiCache::CacheCluster.DestinationDetails": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails", - "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", - "title": "CloudWatchLogsDetails" - }, - "KinesisFirehoseDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails", - "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", - "title": "KinesisFirehoseDetails" - } - }, - "type": "object" - }, - "AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails": { + "AWS::EC2::Subnet.BlockPublicAccessStates": { "additionalProperties": false, "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", - "title": "DeliveryStream", + "InternetGatewayBlockMode": { + "markdownDescription": "The mode of VPC BPA.\n\n- `off` : VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.\n- `block-bidirectional` : Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).\n- `block-ingress` : Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.", + "title": "InternetGatewayBlockMode", "type": "string" } }, - "required": [ - "DeliveryStream" - ], "type": "object" }, - "AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest": { + "AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch": { "additionalProperties": false, "properties": { - "DestinationDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.DestinationDetails", - "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", - "title": "DestinationDetails" - }, - "DestinationType": { - "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", - "title": "DestinationType", - "type": "string" + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" }, - "LogFormat": { - "markdownDescription": "Valid values are either `json` or `text` .", - "title": "LogFormat", - "type": "string" + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" }, - "LogType": { - "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", - "title": "LogType", + "HostnameType": { + "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.", + "title": "HostnameType", "type": "string" } }, - "required": [ - "DestinationDetails", - "DestinationType", - "LogFormat", - "LogType" - ], "type": "object" }, - "AWS::ElastiCache::GlobalReplicationGroup": { + "AWS::EC2::SubnetCidrBlock": { "additionalProperties": false, "properties": { "Condition": { @@ -90550,66 +98746,35 @@ "Properties": { "additionalProperties": false, "properties": { - "AutomaticFailoverEnabled": { - "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.", - "title": "AutomaticFailoverEnabled", - "type": "boolean" - }, - "CacheNodeType": { - "markdownDescription": "The cache node type of the Global datastore", - "title": "CacheNodeType", - "type": "string" - }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the cache parameter group to use with the Global datastore. It must be compatible with the major engine version used by the Global datastore.", - "title": "CacheParameterGroupName", + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range for the subnet, in CIDR notation.", + "title": "Ipv6CidrBlock", "type": "string" }, - "EngineVersion": { - "markdownDescription": "The Elasticache Valkey or Redis OSS engine version.", - "title": "EngineVersion", + "Ipv6IpamPoolId": { + "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", + "title": "Ipv6IpamPoolId", "type": "string" }, - "GlobalNodeGroupCount": { - "markdownDescription": "The number of node groups that comprise the Global Datastore.", - "title": "GlobalNodeGroupCount", + "Ipv6NetmaskLength": { + "markdownDescription": "An IPv6 netmask length for the subnet.", + "title": "Ipv6NetmaskLength", "type": "number" }, - "GlobalReplicationGroupDescription": { - "markdownDescription": "The optional description of the Global datastore", - "title": "GlobalReplicationGroupDescription", - "type": "string" - }, - "GlobalReplicationGroupIdSuffix": { - "markdownDescription": "The suffix name of a Global Datastore. The suffix guarantees uniqueness of the Global Datastore name across multiple regions.", - "title": "GlobalReplicationGroupIdSuffix", + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", "type": "string" - }, - "Members": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember" - }, - "markdownDescription": "The replication groups that comprise the Global datastore.", - "title": "Members", - "type": "array" - }, - "RegionalConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration" - }, - "markdownDescription": "The Regions that comprise the Global Datastore.", - "title": "RegionalConfigurations", - "type": "array" } }, "required": [ - "Members" + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::GlobalReplicationGroup" + "AWS::EC2::SubnetCidrBlock" ], "type": "string" }, @@ -90628,71 +98793,7 @@ ], "type": "object" }, - "AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember": { - "additionalProperties": false, - "properties": { - "ReplicationGroupId": { - "markdownDescription": "The replication group id of the Global datastore member.", - "title": "ReplicationGroupId", - "type": "string" - }, - "ReplicationGroupRegion": { - "markdownDescription": "The Amazon region of the Global datastore member.", - "title": "ReplicationGroupRegion", - "type": "string" - }, - "Role": { - "markdownDescription": "Indicates the role of the replication group, `PRIMARY` or `SECONDARY` .", - "title": "Role", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration": { - "additionalProperties": false, - "properties": { - "ReplicationGroupId": { - "markdownDescription": "The name of the secondary cluster", - "title": "ReplicationGroupId", - "type": "string" - }, - "ReplicationGroupRegion": { - "markdownDescription": "The Amazon region where the cluster is stored", - "title": "ReplicationGroupRegion", - "type": "string" - }, - "ReshardingConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration" - }, - "markdownDescription": "A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster.", - "title": "ReshardingConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration": { - "additionalProperties": false, - "properties": { - "NodeGroupId": { - "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", - "title": "NodeGroupId", - "type": "string" - }, - "PreferredAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of preferred availability zones for the nodes in this cluster.", - "title": "PreferredAvailabilityZones", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ParameterGroup": { + "AWS::EC2::SubnetNetworkAclAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -90727,45 +98828,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheParameterGroupFamily": { - "markdownDescription": "The name of the cache parameter group family that this cache parameter group is compatible with.\n\nValid values are: `valkey8` | `valkey7` | `memcached1.4` | `memcached1.5` | `memcached1.6` | `redis2.6` | `redis2.8` | `redis3.2` | `redis4.0` | `redis5.0` | `redis6.x` | `redis7`", - "title": "CacheParameterGroupFamily", + "NetworkAclId": { + "markdownDescription": "The ID of the network ACL.", + "title": "NetworkAclId", "type": "string" }, - "Description": { - "markdownDescription": "The description for this cache parameter group.", - "title": "Description", + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", "type": "string" - }, - "Properties": { - "additionalProperties": true, - "markdownDescription": "A comma-delimited list of parameter name/value pairs.\n\nFor example:\n\n```\n\"Properties\" : { \"cas_disabled\" : \"1\", \"chunk_size_growth_factor\" : \"1.02\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Properties", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag that can be added to an ElastiCache parameter group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your parameter groups. A tag with a null Value is permitted.", - "title": "Tags", - "type": "array" } }, "required": [ - "CacheParameterGroupFamily", - "Description" + "NetworkAclId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ParameterGroup" + "AWS::EC2::SubnetNetworkAclAssociation" ], "type": "string" }, @@ -90784,7 +98866,7 @@ ], "type": "object" }, - "AWS::ElastiCache::ReplicationGroup": { + "AWS::EC2::SubnetRouteTableAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -90819,234 +98901,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AtRestEncryptionEnabled": { - "markdownDescription": "A flag that enables encryption at rest when set to `true` .\n\n*Required:* Only available when creating a replication group in an Amazon VPC using Redis OSS version `3.2.6` or `4.x` onward.\n\nDefault: `false`", - "title": "AtRestEncryptionEnabled", - "type": "boolean" - }, - "AuthToken": { - "markdownDescription": "*Reserved parameter.* The password used to access a password protected server.\n\n`AuthToken` can be specified only on replication groups where `TransitEncryptionEnabled` is `true` . For more information, see [Authenticating Valkey or Redis OSS users with the AUTH Command](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/auth.html) .\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` . \n\nPassword constraints:\n\n- Must be only printable ASCII characters.\n- Must be at least 16 characters and no more than 128 characters in length.\n- Nonalphanumeric characters are restricted to (!, &, #, $, ^, <, >, -, ).\n\nFor more information, see [AUTH password](https://docs.aws.amazon.com/http://redis.io/commands/AUTH) at http://redis.io/commands/AUTH.\n\n> If ADDING the AuthToken, update requires [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "AuthToken", - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AutomaticFailoverEnabled": { - "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.\n\nDefault: false", - "title": "AutomaticFailoverEnabled", - "type": "boolean" - }, - "CacheNodeType": { - "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.12xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.12xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Amazon Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)", - "title": "CacheNodeType", - "type": "string" - }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n\nIf you are running Valkey or Redis OSS version 3.2.4 or later, only one node group (shard), and want to use a default parameter group, we recommend that you specify the parameter group by name.\n\n- To create a Valkey or Redis OSS (cluster mode disabled) replication group, use `CacheParameterGroupName=default.redis3.2` .\n- To create a Valkey or Redis OSS (cluster mode enabled) replication group, use `CacheParameterGroupName=default.redis3.2.cluster.on` .", - "title": "CacheParameterGroupName", - "type": "string" - }, - "CacheSecurityGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cache security group names to associate with this replication group.", - "title": "CacheSecurityGroupNames", - "type": "array" - }, - "CacheSubnetGroupName": { - "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", - "title": "CacheSubnetGroupName", - "type": "string" - }, - "ClusterMode": { - "markdownDescription": "The mode can be enabled or disabled. To change the cluster mode from disabled to enabled, you must first set the cluster mode to compatible. The compatible mode allows your Valkey or Redis OSS clients to connect using both cluster mode enabled and cluster mode disabled. After you migrate all Valkey or Redis OSS clients to use cluster mode enabled, you can then complete cluster mode configuration and set the cluster mode to enabled. For more information, see [Modify cluster mode](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/modify-cluster-mode.html) .", - "title": "ClusterMode", - "type": "string" - }, - "DataTieringEnabled": { - "markdownDescription": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html) .", - "title": "DataTieringEnabled", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The name of the cache engine to be used for the clusters in this replication group. The value must be set to `valkey` or `redis` .\n\n> Upgrading an existing engine from redis to valkey is done through in-place migration, and requires a parameter group.", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the cache engine to be used for the clusters in this replication group. To view the supported cache engine versions, use the `DescribeCacheEngineVersions` operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ) in the *ElastiCache User Guide* , but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", - "title": "EngineVersion", - "type": "string" - }, - "GlobalReplicationGroupId": { - "markdownDescription": "The name of the Global datastore", - "title": "GlobalReplicationGroupId", - "type": "string" - }, - "IpDiscovery": { - "markdownDescription": "The network type you choose when creating a replication group, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 or Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "IpDiscovery", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key used to encrypt the disk on the cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LogDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest" - }, - "markdownDescription": "Specifies the destination, format and type of the logs.", - "title": "LogDeliveryConfigurations", - "type": "array" - }, - "MultiAZEnabled": { - "markdownDescription": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see [Minimizing Downtime: Multi-AZ](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html) .", - "title": "MultiAZEnabled", - "type": "boolean" - }, - "NetworkType": { - "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "NetworkType", - "type": "string" - }, - "NodeGroupConfiguration": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration" - }, - "markdownDescription": "`NodeGroupConfiguration` is a property of the `AWS::ElastiCache::ReplicationGroup` resource that configures an Amazon ElastiCache (ElastiCache) Valkey or Redis OSS cluster node group.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NodeGroupConfiguration` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NodeGroupConfiguration` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NodeGroupConfiguration", - "type": "array" - }, - "NotificationTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", - "title": "NotificationTopicArn", - "type": "string" - }, - "NumCacheClusters": { - "markdownDescription": "The number of clusters this replication group initially has.\n\nThis parameter is not used if there is more than one node group (shard). You should use `ReplicasPerNodeGroup` instead.\n\nIf `AutomaticFailoverEnabled` is `true` , the value of this parameter must be at least 2. If `AutomaticFailoverEnabled` is `false` you can omit this parameter (it will default to 1), or you can explicitly set it to a value between 2 and 6.\n\nThe maximum permitted value for `NumCacheClusters` is 6 (1 primary plus 5 replicas).", - "title": "NumCacheClusters", - "type": "number" - }, - "NumNodeGroups": { - "markdownDescription": "An optional parameter that specifies the number of node groups (shards) for this Valkey or Redis OSS (cluster mode enabled) replication group. For Valkey or Redis OSS (cluster mode disabled) either omit this parameter or set it to 1.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NumNodeGroups` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NumNodeGroups` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .\n\nDefault: 1", - "title": "NumNodeGroups", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which each member of the replication group accepts connections.", - "title": "Port", - "type": "number" - }, - "PreferredCacheClusterAZs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 Availability Zones in which the replication group's clusters are created. The order of the Availability Zones in the list is the order in which clusters are allocated. The primary cluster is created in the first AZ in the list.\n\nThis parameter is not used if there is more than one node group (shard). You should use `NodeGroupConfiguration` instead.\n\n> If you are creating your replication group in an Amazon VPC (recommended), you can only locate clusters in Availability Zones associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheClusters` . \n\nDefault: system chosen Availability Zones.", - "title": "PreferredCacheClusterAZs", - "type": "array" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PrimaryClusterId": { - "markdownDescription": "The identifier of the cluster that serves as the primary for this replication group. This cluster must already exist and have a status of `available` .\n\nThis parameter is not required if `NumCacheClusters` , `NumNodeGroups` , or `ReplicasPerNodeGroup` is specified.", - "title": "PrimaryClusterId", - "type": "string" - }, - "ReplicasPerNodeGroup": { - "markdownDescription": "An optional parameter that specifies the number of replica nodes in each node group (shard). Valid values are 0 to 5.", - "title": "ReplicasPerNodeGroup", - "type": "number" - }, - "ReplicationGroupDescription": { - "markdownDescription": "A user-created description for the replication group.", - "title": "ReplicationGroupDescription", - "type": "string" - }, - "ReplicationGroupId": { - "markdownDescription": "The replication group identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- A name must contain from 1 to 40 alphanumeric characters or hyphens.\n- The first character must be a letter.\n- A name cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ReplicationGroupId", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more Amazon VPC security groups associated with this replication group.\n\nUse this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "SecurityGroupIds", - "type": "array" - }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the Valkey or Redis OSS RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new replication group. The Amazon S3 object name in the ARN cannot contain any commas. The new replication group will have the number of node groups (console: shards) specified by the parameter *NumNodeGroups* or the number of node groups configured by *NodeGroupConfiguration* regardless of the number of ARNs specified here.\n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", - "title": "SnapshotArns", - "type": "array" - }, - "SnapshotName": { - "markdownDescription": "The name of a snapshot from which to restore data into the new replication group. The snapshot status changes to `restoring` while the new replication group is being created.", - "title": "SnapshotName", - "type": "string" - }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot that was taken today is retained for 5 days before being deleted.\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster).", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.", - "title": "SnapshotWindow", - "type": "string" - }, - "SnapshottingClusterId": { - "markdownDescription": "The cluster ID that is used as the daily snapshot source for the replication group. This parameter cannot be set for Valkey or Redis OSS (cluster mode enabled) replication groups.", - "title": "SnapshottingClusterId", + "RouteTableId": { + "markdownDescription": "The ID of the route table.\n\nThe physical ID changes when the route table ID is changed.", + "title": "RouteTableId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key= `myKey` , Value= `myKeyValue` . You can include multiple tags as shown following: Key= `myKey` , Value= `myKeyValue` Key= `mySecondKey` , Value= `mySecondKeyValue` . Tags on replication groups will be replicated to all nodes.", - "title": "Tags", - "type": "array" - }, - "TransitEncryptionEnabled": { - "markdownDescription": "A flag that enables in-transit encryption when set to `true` .\n\nThis parameter is only available when creating a replication group in an Amazon VPC using Valkey version `7.2` and above, Redis OSS version `3.2.6` , or Redis OSS version `4.x` and above, and the cluster is being created in an Amazon VPC.\n\nIf you enable in-transit encryption, you must also specify a value for `CacheSubnetGroup` .\n\n> TransitEncryptionEnabled is required when creating a new valkey replication group. \n\nDefault: `false`\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` .", - "title": "TransitEncryptionEnabled", - "type": "boolean" - }, - "TransitEncryptionMode": { - "markdownDescription": "A setting that allows you to migrate your clients to use in-transit encryption, with no downtime.\n\nWhen setting `TransitEncryptionEnabled` to `true` , you can set your `TransitEncryptionMode` to `preferred` in the same request, to allow both encrypted and unencrypted connections at the same time. Once you migrate all your Valkey or Redis OSS clients to use encrypted connections you can modify the value to `required` to allow encrypted connections only.\n\nSetting `TransitEncryptionMode` to `required` is a two-step process that requires you to first set the `TransitEncryptionMode` to `preferred` , after that you can set `TransitEncryptionMode` to `required` .\n\nThis process will not trigger the replacement of the replication group.", - "title": "TransitEncryptionMode", + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", "type": "string" - }, - "UserGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of user group to associate with the replication group.", - "title": "UserGroupIds", - "type": "array" } }, "required": [ - "ReplicationGroupDescription" + "RouteTableId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ReplicationGroup" + "AWS::EC2::SubnetRouteTableAssociation" ], "type": "string" }, @@ -91065,117 +98939,7 @@ ], "type": "object" }, - "AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails": { - "additionalProperties": false, - "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group.", - "title": "LogGroup", - "type": "string" - } - }, - "required": [ - "LogGroup" - ], - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.DestinationDetails": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails", - "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", - "title": "CloudWatchLogsDetails" - }, - "KinesisFirehoseDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails", - "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", - "title": "KinesisFirehoseDetails" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { - "additionalProperties": false, - "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", - "title": "DeliveryStream", - "type": "string" - } - }, - "required": [ - "DeliveryStream" - ], - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest": { - "additionalProperties": false, - "properties": { - "DestinationDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.DestinationDetails", - "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", - "title": "DestinationDetails" - }, - "DestinationType": { - "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", - "title": "DestinationType", - "type": "string" - }, - "LogFormat": { - "markdownDescription": "Valid values are either `json` or `text` .", - "title": "LogFormat", - "type": "string" - }, - "LogType": { - "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", - "title": "LogType", - "type": "string" - } - }, - "required": [ - "DestinationDetails", - "DestinationType", - "LogFormat", - "LogType" - ], - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration": { - "additionalProperties": false, - "properties": { - "NodeGroupId": { - "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", - "title": "NodeGroupId", - "type": "string" - }, - "PrimaryAvailabilityZone": { - "markdownDescription": "The Availability Zone where the primary node of this node group (shard) is launched.", - "title": "PrimaryAvailabilityZone", - "type": "string" - }, - "ReplicaAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Availability Zones to be used for the read replicas. The number of Availability Zones in this list must match the value of `ReplicaCount` or `ReplicasPerNodeGroup` if not specified.", - "title": "ReplicaAvailabilityZones", - "type": "array" - }, - "ReplicaCount": { - "markdownDescription": "The number of read replica nodes in this node group (shard).", - "title": "ReplicaCount", - "type": "number" - }, - "Slots": { - "markdownDescription": "A string of comma-separated values where the first set of values are the slot numbers (zero based), and the second set of values are the keyspaces for each slot. The following example specifies three slots (numbered 0, 1, and 2): `0,1,2,0-4999,5000-9999,10000-16,383` .\n\nIf you don't specify a value, ElastiCache allocates keys equally among each slot.\n\nWhen you use an `UseOnlineResharding` update policy to update the number of node groups without interruption, ElastiCache evenly distributes the keyspaces between the specified number of slots. This cannot be updated later. Therefore, after updating the number of node groups in this way, you should remove the value specified for the `Slots` property of each `NodeGroupConfiguration` from the stack template, as it no longer reflects the actual values in each node group. For more information, see [UseOnlineResharding Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) .", - "title": "Slots", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElastiCache::SecurityGroup": { + "AWS::EC2::TrafficMirrorFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -91211,27 +98975,32 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description for the cache security group.", + "markdownDescription": "The description of the Traffic Mirror filter.", "title": "Description", "type": "string" }, + "NetworkServices": { + "items": { + "type": "string" + }, + "markdownDescription": "The network service traffic that is associated with the Traffic Mirror filter.\n\nValid values are `amazon-dns` .", + "title": "NetworkServices", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A tag that can be added to an ElastiCache security group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your security groups. A tag with a null Value is permitted.", + "markdownDescription": "The tags to assign to a Traffic Mirror filter.", "title": "Tags", "type": "array" } }, - "required": [ - "Description" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SecurityGroup" + "AWS::EC2::TrafficMirrorFilter" ], "type": "string" }, @@ -91245,12 +99014,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ElastiCache::SecurityGroupIngress": { + "AWS::EC2::TrafficMirrorFilterRule": { "additionalProperties": false, "properties": { "Condition": { @@ -91285,31 +99053,78 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheSecurityGroupName": { - "markdownDescription": "The name of the Cache Security Group to authorize.", - "title": "CacheSecurityGroupName", + "Description": { + "markdownDescription": "The description of the Traffic Mirror rule.", + "title": "Description", "type": "string" }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 Security Group to include in the authorization.", - "title": "EC2SecurityGroupName", + "DestinationCidrBlock": { + "markdownDescription": "The destination CIDR block to assign to the Traffic Mirror rule.", + "title": "DestinationCidrBlock", "type": "string" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "Specifies the Amazon Account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName property. The Amazon access key ID is not an acceptable value.", - "title": "EC2SecurityGroupOwnerId", + "DestinationPortRange": { + "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", + "markdownDescription": "The destination port range.", + "title": "DestinationPortRange" + }, + "Protocol": { + "markdownDescription": "The protocol, for example UDP, to assign to the Traffic Mirror rule.\n\nFor information about the protocol value, see [Protocol Numbers](https://docs.aws.amazon.com/https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.", + "title": "Protocol", + "type": "number" + }, + "RuleAction": { + "markdownDescription": "The action to take on the filtered traffic.", + "title": "RuleAction", + "type": "string" + }, + "RuleNumber": { + "markdownDescription": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.", + "title": "RuleNumber", + "type": "number" + }, + "SourceCidrBlock": { + "markdownDescription": "The source CIDR block to assign to the Traffic Mirror rule.", + "title": "SourceCidrBlock", + "type": "string" + }, + "SourcePortRange": { + "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", + "markdownDescription": "The source port range.", + "title": "SourcePortRange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags on Traffic Mirroring filter rules.", + "title": "Tags", + "type": "array" + }, + "TrafficDirection": { + "markdownDescription": "The type of traffic.", + "title": "TrafficDirection", + "type": "string" + }, + "TrafficMirrorFilterId": { + "markdownDescription": "The ID of the filter that this rule is associated with.", + "title": "TrafficMirrorFilterId", "type": "string" } }, "required": [ - "CacheSecurityGroupName", - "EC2SecurityGroupName" + "DestinationCidrBlock", + "RuleAction", + "RuleNumber", + "SourceCidrBlock", + "TrafficDirection", + "TrafficMirrorFilterId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SecurityGroupIngress" + "AWS::EC2::TrafficMirrorFilterRule" ], "type": "string" }, @@ -91328,7 +99143,27 @@ ], "type": "object" }, - "AWS::ElastiCache::ServerlessCache": { + "AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The start of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The end of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "ToPort" + ], + "type": "object" + }, + "AWS::EC2::TrafficMirrorSession": { "additionalProperties": false, "properties": { "Condition": { @@ -91363,108 +99198,66 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheUsageLimits": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.CacheUsageLimits", - "markdownDescription": "The cache usage limit for the serverless cache.", - "title": "CacheUsageLimits" - }, - "DailySnapshotTime": { - "markdownDescription": "The daily time that a cache snapshot will be created. Default is NULL, i.e. snapshots will not be created at a specific time on a daily basis. Available for Valkey, Redis OSS and Serverless Memcached only.", - "title": "DailySnapshotTime", - "type": "string" - }, "Description": { - "markdownDescription": "A description of the serverless cache.", + "markdownDescription": "The description of the Traffic Mirror session.", "title": "Description", "type": "string" }, - "Endpoint": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", - "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", - "title": "Endpoint" - }, - "Engine": { - "markdownDescription": "The engine the serverless cache is compatible with.", - "title": "Engine", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The name of the final snapshot taken of a cache before the cache is deleted.", - "title": "FinalSnapshotName", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the source network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key that is used to encrypt data at rest in the serverless cache.", - "title": "KmsKeyId", + "OwnerId": { + "markdownDescription": "The ID of the account that owns the Traffic Mirror session.", + "title": "OwnerId", "type": "string" }, - "MajorEngineVersion": { - "markdownDescription": "The version number of the engine the serverless cache is compatible with.", - "title": "MajorEngineVersion", - "type": "string" + "PacketLength": { + "markdownDescription": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", + "title": "PacketLength", + "type": "number" }, - "ReaderEndpoint": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", - "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", - "title": "ReaderEndpoint" + "SessionNumber": { + "markdownDescription": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", + "title": "SessionNumber", + "type": "number" }, - "SecurityGroupIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The IDs of the EC2 security groups associated with the serverless cache.", - "title": "SecurityGroupIds", - "type": "array" + "markdownDescription": "The tags to assign to a Traffic Mirror session.", + "title": "Tags", + "type": "array" }, - "ServerlessCacheName": { - "markdownDescription": "The unique identifier of the serverless cache.", - "title": "ServerlessCacheName", + "TrafficMirrorFilterId": { + "markdownDescription": "The ID of the Traffic Mirror filter.", + "title": "TrafficMirrorFilterId", "type": "string" }, - "SnapshotArnsToRestore": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN of the snapshot from which to restore data into the new cache.", - "title": "SnapshotArnsToRestore", - "type": "array" + "TrafficMirrorTargetId": { + "markdownDescription": "The ID of the Traffic Mirror target.", + "title": "TrafficMirrorTargetId", + "type": "string" }, - "SnapshotRetentionLimit": { - "markdownDescription": "The current setting for the number of serverless cache snapshots the system will retain. Available for Valkey, Redis OSS and Serverless Memcached only.", - "title": "SnapshotRetentionLimit", + "VirtualNetworkId": { + "markdownDescription": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see [RFC 7348](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc7348) . If you do not specify a `VirtualNetworkId` , an account-wide unique ID is chosen at random.", + "title": "VirtualNetworkId", "type": "number" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "If no subnet IDs are given and your VPC is in us-west-1, then ElastiCache will select 2 default subnets across AZs in your VPC. For all other Regions, if no subnet IDs are given then ElastiCache will select 3 default subnets across AZs in your default VPC.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to be added to this resource.", - "title": "Tags", - "type": "array" - }, - "UserGroupId": { - "markdownDescription": "The identifier of the user group associated with the serverless cache. Available for Valkey and Redis OSS only. Default is NULL.", - "title": "UserGroupId", - "type": "string" } }, "required": [ - "Engine", - "ServerlessCacheName" + "NetworkInterfaceId", + "SessionNumber", + "TrafficMirrorFilterId", + "TrafficMirrorTargetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ServerlessCache" + "AWS::EC2::TrafficMirrorSession" ], "type": "string" }, @@ -91483,79 +99276,93 @@ ], "type": "object" }, - "AWS::ElastiCache::ServerlessCache.CacheUsageLimits": { + "AWS::EC2::TrafficMirrorTarget": { "additionalProperties": false, "properties": { - "DataStorage": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.DataStorage", - "markdownDescription": "The maximum data storage limit in the cache, expressed in Gigabytes.", - "title": "DataStorage" + "Condition": { + "type": "string" }, - "ECPUPerSecond": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.ECPUPerSecond", - "markdownDescription": "The number of ElastiCache Processing Units (ECPU) the cache can consume per second.", - "title": "ECPUPerSecond" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ServerlessCache.DataStorage": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "The upper limit for data storage the cache is set to use.", - "title": "Maximum", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Minimum": { - "markdownDescription": "The lower limit for data storage the cache is set to use.", - "title": "Minimum", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Unit": { - "markdownDescription": "The unit that the storage is measured in, in GB.", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "Unit" - ], - "type": "object" - }, - "AWS::ElastiCache::ServerlessCache.ECPUPerSecond": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "The configuration for the maximum number of ECPUs the cache can consume per second.", - "title": "Maximum", - "type": "number" + "Metadata": { + "type": "object" }, - "Minimum": { - "markdownDescription": "The configuration for the minimum number of ECPUs the cache should be able consume per second.", - "title": "Minimum", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ServerlessCache.Endpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The DNS hostname of the cache node.", - "title": "Address", + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the Traffic Mirror target.", + "title": "Description", + "type": "string" + }, + "GatewayLoadBalancerEndpointId": { + "markdownDescription": "The ID of the Gateway Load Balancer endpoint.", + "title": "GatewayLoadBalancerEndpointId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The network interface ID that is associated with the target.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "NetworkLoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.", + "title": "NetworkLoadBalancerArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the Traffic Mirror target.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::TrafficMirrorTarget" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port number that the cache engine is listening on.", - "title": "Port", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::ElastiCache::SubnetGroup": { + "AWS::EC2::TransitGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -91590,42 +99397,83 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheSubnetGroupName": { - "markdownDescription": "The name for the cache subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\nExample: `mysubnetgroup`", - "title": "CacheSubnetGroupName", + "AmazonSideAsn": { + "markdownDescription": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512.", + "title": "AmazonSideAsn", + "type": "number" + }, + "AssociationDefaultRouteTableId": { + "markdownDescription": "The ID of the default association route table.", + "title": "AssociationDefaultRouteTableId", + "type": "string" + }, + "AutoAcceptSharedAttachments": { + "markdownDescription": "Enable or disable automatic acceptance of attachment requests. Disabled by default.", + "title": "AutoAcceptSharedAttachments", + "type": "string" + }, + "DefaultRouteTableAssociation": { + "markdownDescription": "Enable or disable automatic association with the default association route table. Enabled by default. If `DefaultRouteTableAssociation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", + "title": "DefaultRouteTableAssociation", + "type": "string" + }, + "DefaultRouteTablePropagation": { + "markdownDescription": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default. If `DefaultRouteTablePropagation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", + "title": "DefaultRouteTablePropagation", "type": "string" }, "Description": { - "markdownDescription": "The description for the cache subnet group.", + "markdownDescription": "The description of the transit gateway.", "title": "Description", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The EC2 subnet IDs for the cache subnet group.", - "title": "SubnetIds", - "type": "array" + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. Enabled by default.", + "title": "DnsSupport", + "type": "string" + }, + "MulticastSupport": { + "markdownDescription": "Indicates whether multicast is enabled on the transit gateway", + "title": "MulticastSupport", + "type": "string" + }, + "PropagationDefaultRouteTableId": { + "markdownDescription": "The ID of the default propagation route table.", + "title": "PropagationDefaultRouteTableId", + "type": "string" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted.", + "markdownDescription": "The tags for the transit gateway.", "title": "Tags", "type": "array" + }, + "TransitGatewayCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The transit gateway CIDR blocks.", + "title": "TransitGatewayCidrBlocks", + "type": "array" + }, + "VpnEcmpSupport": { + "markdownDescription": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default.", + "title": "VpnEcmpSupport", + "type": "string" } }, - "required": [ - "Description", - "SubnetIds" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SubnetGroup" + "AWS::EC2::TransitGateway" ], "type": "string" }, @@ -91639,12 +99487,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ElastiCache::User": { + "AWS::EC2::TransitGatewayAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -91679,63 +99526,48 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessString": { - "markdownDescription": "Access permissions string used for this user.", - "title": "AccessString", - "type": "string" - }, - "AuthenticationMode": { - "$ref": "#/definitions/AWS::ElastiCache::User.AuthenticationMode", - "markdownDescription": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```", - "title": "AuthenticationMode" - }, - "Engine": { - "markdownDescription": "The current supported values are valkey and redis.", - "title": "Engine", - "type": "string" - }, - "NoPasswordRequired": { - "markdownDescription": "Indicates a password is not required for this user.", - "title": "NoPasswordRequired", - "type": "boolean" + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayAttachment.Options", + "markdownDescription": "The VPC attachment options.", + "title": "Options" }, - "Passwords": { + "SubnetIds": { "items": { "type": "string" }, - "markdownDescription": "Passwords used for this user. You can create up to two passwords for each user.", - "title": "Passwords", + "markdownDescription": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.", + "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags.", + "markdownDescription": "The tags for the attachment.", "title": "Tags", "type": "array" }, - "UserId": { - "markdownDescription": "The ID of the user.", - "title": "UserId", + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", "type": "string" }, - "UserName": { - "markdownDescription": "The username of the user.", - "title": "UserName", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "required": [ - "Engine", - "UserId", - "UserName" + "SubnetIds", + "TransitGatewayId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::User" + "AWS::EC2::TransitGatewayAttachment" ], "type": "string" }, @@ -91754,29 +99586,33 @@ ], "type": "object" }, - "AWS::ElastiCache::User.AuthenticationMode": { + "AWS::EC2::TransitGatewayAttachment.Options": { "additionalProperties": false, "properties": { - "Passwords": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the passwords to use for authentication if `Type` is set to `password` .", - "title": "Passwords", - "type": "array" + "ApplianceModeSupport": { + "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", + "title": "ApplianceModeSupport", + "type": "string" }, - "Type": { - "markdownDescription": "Specifies the authentication type. Possible options are IAM authentication, password and no password.", - "title": "Type", + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. The default is `disable` .", + "title": "DnsSupport", + "type": "string" + }, + "Ipv6Support": { + "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", + "title": "Ipv6Support", + "type": "string" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ElastiCache::UserGroup": { + "AWS::EC2::TransitGatewayConnect": { "additionalProperties": false, "properties": { "Condition": { @@ -91811,43 +99647,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Engine": { - "markdownDescription": "The current supported values are valkey and redis.", - "title": "Engine", - "type": "string" + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions", + "markdownDescription": "The Connect attachment options.\n\n- protocol (gre)", + "title": "Options" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags.", + "markdownDescription": "The tags for the attachment.", "title": "Tags", "type": "array" }, - "UserGroupId": { - "markdownDescription": "The ID of the user group.", - "title": "UserGroupId", + "TransportTransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment from which the Connect attachment was created.", + "title": "TransportTransitGatewayAttachmentId", "type": "string" - }, - "UserIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of user IDs that belong to the user group. A user named `default` must be included.", - "title": "UserIds", - "type": "array" } }, "required": [ - "Engine", - "UserGroupId", - "UserIds" + "Options", + "TransportTransitGatewayAttachmentId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::UserGroup" + "AWS::EC2::TransitGatewayConnect" ], "type": "string" }, @@ -91866,7 +99693,18 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::Application": { + "AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions": { + "additionalProperties": false, + "properties": { + "Protocol": { + "markdownDescription": "The tunnel protocol.", + "title": "Protocol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::TransitGatewayMulticastDomain": { "additionalProperties": false, "properties": { "Condition": { @@ -91901,27 +99739,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "ApplicationName", - "type": "string" + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomain.Options", + "markdownDescription": "The options for the transit gateway multicast domain.\n\n- AutoAcceptSharedAssociations (enable | disable)\n- Igmpv2Support (enable | disable)\n- StaticSourcesSupport (enable | disable)", + "title": "Options" }, - "Description": { - "markdownDescription": "Your description of the application.", - "title": "Description", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the transit gateway multicast domain.", + "title": "Tags", + "type": "array" }, - "ResourceLifecycleConfig": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig", - "markdownDescription": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions.", - "title": "ResourceLifecycleConfig" + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", + "type": "string" } }, + "required": [ + "TransitGatewayId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::Application" + "AWS::EC2::TransitGatewayMulticastDomain" ], "type": "string" }, @@ -91935,85 +99779,33 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { + "AWS::EC2::TransitGatewayMulticastDomain.Options": { "additionalProperties": false, "properties": { - "ServiceRole": { - "markdownDescription": "The ARN of an IAM service role that Elastic Beanstalk has permission to assume.\n\nThe `ServiceRole` property is required the first time that you provide a `ResourceLifecycleConfig` for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value.", - "title": "ServiceRole", + "AutoAcceptSharedAssociations": { + "markdownDescription": "Indicates whether to automatically accept cross-account subnet associations that are associated with the transit gateway multicast domain.", + "title": "AutoAcceptSharedAssociations", "type": "string" }, - "VersionLifecycleConfig": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig", - "markdownDescription": "Defines lifecycle settings for application versions.", - "title": "VersionLifecycleConfig" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig": { - "additionalProperties": false, - "properties": { - "MaxAgeRule": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxAgeRule", - "markdownDescription": "Specify a max age rule to restrict the length of time that application versions are retained for an application.", - "title": "MaxAgeRule" - }, - "MaxCountRule": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxCountRule", - "markdownDescription": "Specify a max count rule to restrict the number of application versions that are retained for an application.", - "title": "MaxCountRule" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.MaxAgeRule": { - "additionalProperties": false, - "properties": { - "DeleteSourceFromS3": { - "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", - "title": "DeleteSourceFromS3", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", - "title": "Enabled", - "type": "boolean" - }, - "MaxAgeInDays": { - "markdownDescription": "Specify the number of days to retain an application versions.", - "title": "MaxAgeInDays", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.MaxCountRule": { - "additionalProperties": false, - "properties": { - "DeleteSourceFromS3": { - "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", - "title": "DeleteSourceFromS3", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", - "title": "Enabled", - "type": "boolean" + "Igmpv2Support": { + "markdownDescription": "Specify whether to enable Internet Group Management Protocol (IGMP) version 2 for the transit gateway multicast domain.", + "title": "Igmpv2Support", + "type": "string" }, - "MaxCount": { - "markdownDescription": "Specify the maximum number of application versions to retain.", - "title": "MaxCount", - "type": "number" + "StaticSourcesSupport": { + "markdownDescription": "Specify whether to enable support for statically configuring multicast group sources for a domain.", + "title": "StaticSourcesSupport", + "type": "string" } }, "type": "object" }, - "AWS::ElasticBeanstalk::ApplicationVersion": { + "AWS::EC2::TransitGatewayMulticastDomainAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -92048,31 +99840,32 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the Elastic Beanstalk application that is associated with this application version.", - "title": "ApplicationName", + "SubnetId": { + "markdownDescription": "The IDs of the subnets to associate with the transit gateway multicast domain.", + "title": "SubnetId", "type": "string" }, - "Description": { - "markdownDescription": "A description of this application version.", - "title": "Description", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the transit gateway attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "SourceBundle": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle", - "markdownDescription": "The Amazon S3 bucket and key that identify the location of the source bundle for this version.\n\n> The Amazon S3 bucket must be in the same region as the environment.", - "title": "SourceBundle" + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", + "type": "string" } }, "required": [ - "ApplicationName", - "SourceBundle" + "SubnetId", + "TransitGatewayAttachmentId", + "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::ApplicationVersion" + "AWS::EC2::TransitGatewayMulticastDomainAssociation" ], "type": "string" }, @@ -92091,27 +99884,7 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle": { - "additionalProperties": false, - "properties": { - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket where the data is located.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The Amazon S3 key where the data is located.", - "title": "S3Key", - "type": "string" - } - }, - "required": [ - "S3Bucket", - "S3Key" - ], - "type": "object" - }, - "AWS::ElasticBeanstalk::ConfigurationTemplate": { + "AWS::EC2::TransitGatewayMulticastGroupMember": { "additionalProperties": false, "properties": { "Condition": { @@ -92146,53 +99919,32 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the Elastic Beanstalk application to associate with this configuration template.", - "title": "ApplicationName", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description for this configuration.", - "title": "Description", - "type": "string" - }, - "EnvironmentId": { - "markdownDescription": "The ID of an environment whose settings you want to use to create the configuration template. You must specify `EnvironmentId` if you don't specify `PlatformArn` , `SolutionStackName` , or `SourceConfiguration` .", - "title": "EnvironmentId", + "GroupIpAddress": { + "markdownDescription": "The IP address assigned to the transit gateway multicast group.", + "title": "GroupIpAddress", "type": "string" }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting" - }, - "markdownDescription": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the *AWS Elastic Beanstalk Developer Guide* .", - "title": "OptionSettings", - "type": "array" - }, - "PlatformArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , then don't specify `SolutionStackName` .", - "title": "PlatformArn", + "NetworkInterfaceId": { + "markdownDescription": "The group members' network interface IDs to register with the transit gateway multicast group.", + "title": "NetworkInterfaceId", "type": "string" }, - "SolutionStackName": { - "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, `64bit Amazon Linux 2013.09 running Tomcat 7 Java 7` . A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\nYou must specify `SolutionStackName` if you don't specify `PlatformArn` , `EnvironmentId` , or `SourceConfiguration` .\n\nUse the [`ListAvailableSolutionStacks`](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html) API to obtain a list of available solution stacks.", - "title": "SolutionStackName", + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", "type": "string" - }, - "SourceConfiguration": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration", - "markdownDescription": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in `OptionSettings` override any values obtained from the `SourceConfiguration` .\n\nYou must specify `SourceConfiguration` if you don't specify `PlatformArn` , `EnvironmentId` , or `SolutionStackName` .\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name.", - "title": "SourceConfiguration" } }, "required": [ - "ApplicationName" + "GroupIpAddress", + "NetworkInterfaceId", + "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::ConfigurationTemplate" + "AWS::EC2::TransitGatewayMulticastGroupMember" ], "type": "string" }, @@ -92211,57 +99963,86 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting": { + "AWS::EC2::TransitGatewayMulticastGroupSource": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", - "title": "Namespace", + "Condition": { "type": "string" }, - "OptionName": { - "markdownDescription": "The name of the configuration option.", - "title": "OptionName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ResourceName": { - "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", - "title": "ResourceName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Value": { - "markdownDescription": "The current value for the configuration option.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Namespace", - "OptionName" - ], - "type": "object" - }, - "AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration": { - "additionalProperties": false, - "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application associated with the configuration.", - "title": "ApplicationName", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GroupIpAddress": { + "markdownDescription": "The IP address assigned to the transit gateway multicast group.", + "title": "GroupIpAddress", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The group sources' network interface IDs to register with the transit gateway multicast group.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", + "type": "string" + } + }, + "required": [ + "GroupIpAddress", + "NetworkInterfaceId", + "TransitGatewayMulticastDomainId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::TransitGatewayMulticastGroupSource" + ], "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the configuration template.", - "title": "TemplateName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ApplicationName", - "TemplateName" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticBeanstalk::Environment": { + "AWS::EC2::TransitGatewayPeeringAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -92296,81 +100077,46 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application that is associated with this environment.", - "title": "ApplicationName", - "type": "string" - }, - "CNAMEPrefix": { - "markdownDescription": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.", - "title": "CNAMEPrefix", - "type": "string" - }, - "Description": { - "markdownDescription": "Your description for this environment.", - "title": "Description", - "type": "string" - }, - "EnvironmentName": { - "markdownDescription": "A unique name for the environment.\n\nConstraint: Must be from 4 to 40 characters in length. The name can contain only letters, numbers, and hyphens. It can't start or end with a hyphen. This name must be unique within a region in your account.\n\nIf you don't specify the `CNAMEPrefix` parameter, the environment name becomes part of the CNAME, and therefore part of the visible URL for your application.\n\nIf you don't specify an environment name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "EnvironmentName", - "type": "string" - }, - "OperationsRole": { - "markdownDescription": "> The operations role feature of AWS Elastic Beanstalk is in beta release and is subject to change. \n\nThe Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. If specified, Elastic Beanstalk uses the operations role for permissions to downstream services during this call and during subsequent calls acting on this environment. To specify an operations role, you must have the `iam:PassRole` permission for the role.", - "title": "OperationsRole", + "PeerAccountId": { + "markdownDescription": "The ID of the AWS account that owns the transit gateway.", + "title": "PeerAccountId", "type": "string" }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.OptionSetting" - }, - "markdownDescription": "Key-value pairs defining configuration options for this environment, such as the instance type. These options override the values that are defined in the solution stack or the [configuration template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-beanstalk-configurationtemplate.html) . If you remove any options during a stack update, the removed options retain their current values.", - "title": "OptionSettings", - "type": "array" - }, - "PlatformArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform to use with the environment. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , don't specify `SolutionStackName` .", - "title": "PlatformArn", + "PeerRegion": { + "markdownDescription": "The Region where the transit gateway that you want to create the peer for is located.", + "title": "PeerRegion", "type": "string" }, - "SolutionStackName": { - "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. If specified, Elastic Beanstalk sets the configuration values to the default values associated with the specified solution stack. For a list of current solution stacks, see [Elastic Beanstalk Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html) in the *AWS Elastic Beanstalk Platforms* guide.\n\n> If you specify `SolutionStackName` , don't specify `PlatformArn` or `TemplateName` .", - "title": "SolutionStackName", + "PeerTransitGatewayId": { + "markdownDescription": "The ID of the transit gateway in the PeerRegion.", + "title": "PeerTransitGatewayId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the tags applied to resources in the environment.", + "markdownDescription": "The tags for the transit gateway peering attachment.", "title": "Tags", "type": "array" }, - "TemplateName": { - "markdownDescription": "The name of the Elastic Beanstalk configuration template to use with the environment.\n\n> If you specify `TemplateName` , then don't specify `SolutionStackName` .", - "title": "TemplateName", - "type": "string" - }, - "Tier": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.Tier", - "markdownDescription": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.", - "title": "Tier" - }, - "VersionLabel": { - "markdownDescription": "The name of the application version to deploy.\n\nDefault: If not specified, Elastic Beanstalk attempts to deploy the sample application.", - "title": "VersionLabel", + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway peering attachment.", + "title": "TransitGatewayId", "type": "string" } }, "required": [ - "ApplicationName" + "PeerAccountId", + "PeerRegion", + "PeerTransitGatewayId", + "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::Environment" + "AWS::EC2::TransitGatewayPeeringAttachment" ], "type": "string" }, @@ -92389,58 +100135,106 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::Environment.OptionSetting": { + "AWS::EC2::TransitGatewayPeeringAttachment.PeeringAttachmentStatus": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", - "title": "Namespace", - "type": "string" - }, - "OptionName": { - "markdownDescription": "The name of the configuration option.", - "title": "OptionName", - "type": "string" - }, - "ResourceName": { - "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", - "title": "ResourceName", + "Code": { + "markdownDescription": "The status code.", + "title": "Code", "type": "string" }, - "Value": { - "markdownDescription": "The current value for the configuration option.", - "title": "Value", + "Message": { + "markdownDescription": "The status message, if applicable.", + "title": "Message", "type": "string" } }, - "required": [ - "Namespace", - "OptionName" - ], "type": "object" }, - "AWS::ElasticBeanstalk::Environment.Tier": { + "AWS::EC2::TransitGatewayRoute": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `WebServer`\n- For *Worker tier* \u2013 `Worker`", - "title": "Name", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Blackhole": { + "markdownDescription": "Indicates whether to drop traffic that matches this route.", + "title": "Blackhole", + "type": "boolean" + }, + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidrBlock", + "type": "string" + }, + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", + "type": "string" + }, + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the transit gateway route table.", + "title": "TransitGatewayRouteTableId", + "type": "string" + } + }, + "required": [ + "DestinationCidrBlock", + "TransitGatewayRouteTableId" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The type of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `Standard`\n- For *Worker tier* \u2013 `SQS/HTTP`", - "title": "Type", + "enum": [ + "AWS::EC2::TransitGatewayRoute" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version.\n\n> This member is deprecated. Any specific version that you set may become out of date. We recommend leaving it unspecified.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer": { + "AWS::EC2::TransitGatewayRouteTable": { "additionalProperties": false, "properties": { "Condition": { @@ -92475,122 +100269,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessLoggingPolicy": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy", - "markdownDescription": "Information about where and how access logs are stored for the load balancer.", - "title": "AccessLoggingPolicy" - }, - "AppCookieStickinessPolicy": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy" - }, - "markdownDescription": "Information about a policy for application-controlled session stickiness.", - "title": "AppCookieStickinessPolicy", - "type": "array" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones for a load balancer in a default VPC. For a load balancer in a nondefault VPC, specify `Subnets` instead.\n\nUpdate requires replacement if you did not previously specify an Availability Zone or if you are removing all Availability Zones. Otherwise, update requires no interruption.", - "title": "AvailabilityZones", - "type": "array" - }, - "ConnectionDrainingPolicy": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy", - "markdownDescription": "If enabled, the load balancer allows existing requests to complete before the load balancer shifts traffic away from a deregistered or unhealthy instance.\n\nFor more information, see [Configure connection draining](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) in the *User Guide for Classic Load Balancers* .", - "title": "ConnectionDrainingPolicy" - }, - "ConnectionSettings": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings", - "markdownDescription": "If enabled, the load balancer allows the connections to remain idle (no data is sent over the connection) for the specified duration.\n\nBy default, Elastic Load Balancing maintains a 60-second idle connection timeout for both front-end and back-end connections of your load balancer. For more information, see [Configure idle connection timeout](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) in the *User Guide for Classic Load Balancers* .", - "title": "ConnectionSettings" - }, - "CrossZone": { - "markdownDescription": "If enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones.\n\nFor more information, see [Configure cross-zone load balancing](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) in the *User Guide for Classic Load Balancers* .", - "title": "CrossZone", - "type": "boolean" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck", - "markdownDescription": "The health check settings to use when evaluating the health of your EC2 instances.\n\nUpdate requires replacement if you did not previously specify health check settings or if you are removing the health check settings. Otherwise, update requires no interruption.", - "title": "HealthCheck" - }, - "Instances": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the instances for the load balancer.", - "title": "Instances", - "type": "array" - }, - "LBCookieStickinessPolicy": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy" - }, - "markdownDescription": "Information about a policy for duration-based session stickiness.", - "title": "LBCookieStickinessPolicy", - "type": "array" - }, - "Listeners": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Listeners" - }, - "markdownDescription": "The listeners for the load balancer. You can specify at most one listener per port.\n\nIf you update the properties for a listener, AWS CloudFormation deletes the existing listener and creates a new one with the specified properties. While the new listener is being created, clients cannot connect to the load balancer.", - "title": "Listeners", - "type": "array" - }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer. This name must be unique within your set of load balancers for the region.\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) . If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", - "title": "LoadBalancerName", - "type": "string" - }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Policies" - }, - "markdownDescription": "The policies defined for your Classic Load Balancer. Specify only back-end server policies.", - "title": "Policies", - "type": "array" - }, - "Scheme": { - "markdownDescription": "The type of load balancer. Valid only for load balancers in a VPC.\n\nIf `Scheme` is `internet-facing` , the load balancer has a public DNS name that resolves to a public IP address.\n\nIf `Scheme` is `internal` , the load balancer has a public DNS name that resolves to a private IP address.", - "title": "Scheme", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups for the load balancer. Valid only for load balancers in a VPC.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets for the load balancer. You can specify at most one subnet per Availability Zone.\n\nUpdate requires replacement if you did not previously specify a subnet or if you are removing all subnets. Otherwise, update requires no interruption. To update to a different subnet in the current Availability Zone, you must first update to a subnet in a different Availability Zone, then update to the new subnet in the original Availability Zone.", - "title": "Subnets", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with a load balancer.", + "markdownDescription": "Any tags assigned to the route table.", "title": "Tags", "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", + "type": "string" } }, "required": [ - "Listeners" + "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancing::LoadBalancer" + "AWS::EC2::TransitGatewayRouteTable" ], "type": "string" }, @@ -92609,233 +100309,153 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { + "AWS::EC2::TransitGatewayRouteTableAssociation": { "additionalProperties": false, "properties": { - "EmitInterval": { - "markdownDescription": "The interval for publishing the access logs. You can specify an interval of either 5 minutes or 60 minutes.\n\nDefault: 60 minutes", - "title": "EmitInterval", - "type": "number" - }, - "Enabled": { - "markdownDescription": "Specifies whether access logs are enabled for the load balancer.", - "title": "Enabled", - "type": "boolean" - }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket where the access logs are stored.", - "title": "S3BucketName", + "Condition": { "type": "string" }, - "S3BucketPrefix": { - "markdownDescription": "The logical hierarchy you created for your Amazon S3 bucket, for example `my-bucket-prefix/prod` . If the prefix is not provided, the log is placed at the root level of the bucket.", - "title": "S3BucketPrefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "Enabled", - "S3BucketName" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy": { - "additionalProperties": false, - "properties": { - "CookieName": { - "markdownDescription": "The name of the application cookie used for stickiness.", - "title": "CookieName", - "type": "string" - }, - "PolicyName": { - "markdownDescription": "The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.", - "title": "PolicyName", - "type": "string" - } - }, - "required": [ - "CookieName", - "PolicyName" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether connection draining is enabled for the load balancer.", - "title": "Enabled", - "type": "boolean" }, - "Timeout": { - "markdownDescription": "The maximum time, in seconds, to keep the existing connections open before deregistering the instances.", - "title": "Timeout", - "type": "number" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings": { - "additionalProperties": false, - "properties": { - "IdleTimeout": { - "markdownDescription": "The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.", - "title": "IdleTimeout", - "type": "number" - } - }, - "required": [ - "IdleTimeout" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck": { - "additionalProperties": false, - "properties": { - "HealthyThreshold": { - "markdownDescription": "The number of consecutive health checks successes required before moving the instance to the `Healthy` state.", - "title": "HealthyThreshold", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Interval": { - "markdownDescription": "The approximate interval, in seconds, between health checks of an individual instance.", - "title": "Interval", - "type": "string" + "Metadata": { + "type": "object" }, - "Target": { - "markdownDescription": "The instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535.\n\nTCP is the default, specified as a TCP: port pair, for example \"TCP:5000\". In this case, a health check simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy.\n\nSSL is also specified as SSL: port pair, for example, SSL:5000.\n\nFor HTTP/HTTPS, you must include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example \"HTTP:80/weather/us/wa/seattle\". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than \"200 OK\" within the timeout period is considered unhealthy.\n\nThe total length of the HTTP ping target must be 1024 16-bit Unicode characters or less.", - "title": "Target", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", + "type": "string" + }, + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the route table for the transit gateway.", + "title": "TransitGatewayRouteTableId", + "type": "string" + } + }, + "required": [ + "TransitGatewayAttachmentId", + "TransitGatewayRouteTableId" + ], + "type": "object" }, - "Timeout": { - "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check.\n\nThis value must be less than the `Interval` value.", - "title": "Timeout", + "Type": { + "enum": [ + "AWS::EC2::TransitGatewayRouteTableAssociation" + ], "type": "string" }, - "UnhealthyThreshold": { - "markdownDescription": "The number of consecutive health check failures required before moving the instance to the `Unhealthy` state.", - "title": "UnhealthyThreshold", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HealthyThreshold", - "Interval", - "Target", - "Timeout", - "UnhealthyThreshold" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy": { - "additionalProperties": false, - "properties": { - "CookieExpirationPeriod": { - "markdownDescription": "The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session.", - "title": "CookieExpirationPeriod", - "type": "string" - }, - "PolicyName": { - "markdownDescription": "The name of the policy. This name must be unique within the set of policies for this load balancer.", - "title": "PolicyName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.Listeners": { + "AWS::EC2::TransitGatewayRouteTablePropagation": { "additionalProperties": false, "properties": { - "InstancePort": { - "markdownDescription": "The port on which the instance is listening.", - "title": "InstancePort", - "type": "string" - }, - "InstanceProtocol": { - "markdownDescription": "The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL.\n\nIf the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is secure, (HTTPS or SSL), the listener's `InstanceProtocol` must also be secure.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is HTTP or TCP, the listener's `InstanceProtocol` must be HTTP or TCP.", - "title": "InstanceProtocol", - "type": "string" - }, - "LoadBalancerPort": { - "markdownDescription": "The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.", - "title": "LoadBalancerPort", + "Condition": { "type": "string" }, - "PolicyNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the policies to associate with the listener.", - "title": "PolicyNames", - "type": "array" - }, - "Protocol": { - "markdownDescription": "The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL.", - "title": "Protocol", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SSLCertificateId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the server certificate.", - "title": "SSLCertificateId", - "type": "string" - } - }, - "required": [ - "InstancePort", - "LoadBalancerPort", - "Protocol" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.Policies": { - "additionalProperties": false, - "properties": { - "Attributes": { - "items": { - "type": "object" - }, - "markdownDescription": "The policy attributes.", - "title": "Attributes", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InstancePorts": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance ports for the policy. Required only for some policy types.", - "title": "InstancePorts", - "type": "array" + "Metadata": { + "type": "object" }, - "LoadBalancerPorts": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", + "type": "string" + }, + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the propagation route table.", + "title": "TransitGatewayRouteTableId", + "type": "string" + } }, - "markdownDescription": "The load balancer ports for the policy. Required only for some policy types.", - "title": "LoadBalancerPorts", - "type": "array" + "required": [ + "TransitGatewayAttachmentId", + "TransitGatewayRouteTableId" + ], + "type": "object" }, - "PolicyName": { - "markdownDescription": "The name of the policy.", - "title": "PolicyName", + "Type": { + "enum": [ + "AWS::EC2::TransitGatewayRouteTablePropagation" + ], "type": "string" }, - "PolicyType": { - "markdownDescription": "The name of the policy type.", - "title": "PolicyType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Attributes", - "PolicyName", - "PolicyType" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener": { + "AWS::EC2::TransitGatewayVpcAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -92870,65 +100490,64 @@ "Properties": { "additionalProperties": false, "properties": { - "AlpnPolicy": { + "AddSubnetIds": { "items": { "type": "string" }, - "markdownDescription": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.", - "title": "AlpnPolicy", + "markdownDescription": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.", + "title": "AddSubnetIds", "type": "array" }, - "Certificates": { + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayVpcAttachment.Options", + "markdownDescription": "The VPC attachment options.", + "title": "Options" + }, + "RemoveSubnetIds": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Certificate" + "type": "string" }, - "markdownDescription": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nFor an HTTPS listener, update requires some interruptions. For a TLS listener, update requires no interruption.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", - "title": "Certificates", + "markdownDescription": "The IDs of one or more subnets to remove.", + "title": "RemoveSubnetIds", "type": "array" }, - "DefaultActions": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Action" + "type": "string" }, - "markdownDescription": "The actions for the default rule. You cannot define a condition for a default rule.\n\nTo create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) .", - "title": "DefaultActions", + "markdownDescription": "The IDs of the subnets.", + "title": "SubnetIds", "type": "array" }, - "LoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", - "title": "LoadBalancerArn", - "type": "string" - }, - "MutualAuthentication": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication", - "markdownDescription": "The mutual authentication configuration information.", - "title": "MutualAuthentication" - }, - "Port": { - "markdownDescription": "The port on which the load balancer is listening. You can't specify a port for a Gateway Load Balancer.", - "title": "Port", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the VPC attachment.", + "title": "Tags", + "type": "array" }, - "Protocol": { - "markdownDescription": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can\u2019t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You can't specify a protocol for a Gateway Load Balancer.", - "title": "Protocol", + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", "type": "string" }, - "SslPolicy": { - "markdownDescription": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/describe-ssl-policies.html) in the *Network Load Balancers Guide* .\n\n[HTTPS listeners] Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic. To decrease the possibility of an interruption if your load balancer is handling a high volume of traffic, create an additional load balancer or request an LCU reservation.", - "title": "SslPolicy", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "required": [ - "DefaultActions", - "LoadBalancerArn" + "SubnetIds", + "TransitGatewayId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::Listener" + "AWS::EC2::TransitGatewayVpcAttachment" ], "type": "string" }, @@ -92947,338 +100566,393 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.Action": { + "AWS::EC2::TransitGatewayVpcAttachment.Options": { "additionalProperties": false, "properties": { - "AuthenticateCognitoConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig", - "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", - "title": "AuthenticateCognitoConfig" - }, - "AuthenticateOidcConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig", - "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", - "title": "AuthenticateOidcConfig" - }, - "FixedResponseConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig", - "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", - "title": "FixedResponseConfig" - }, - "ForwardConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ForwardConfig", - "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", - "title": "ForwardConfig" - }, - "Order": { - "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", - "title": "Order", - "type": "number" + "ApplianceModeSupport": { + "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", + "title": "ApplianceModeSupport", + "type": "string" }, - "RedirectConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.RedirectConfig", - "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", - "title": "RedirectConfig" + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. The default is `disable` .", + "title": "DnsSupport", + "type": "string" }, - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", - "title": "TargetGroupArn", + "Ipv6Support": { + "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", + "title": "Ipv6Support", "type": "string" }, - "Type": { - "markdownDescription": "The type of action.", - "title": "Type", + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig": { + "AWS::EC2::VPC": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "Condition": { "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "string" + "Metadata": { + "type": "object" }, - "UserPoolArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", - "title": "UserPoolArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CidrBlock": { + "markdownDescription": "The IPv4 network range for the VPC, in CIDR notation. For example, `10.0.0.0/16` . We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", + "title": "CidrBlock", + "type": "string" + }, + "EnableDnsHostnames": { + "markdownDescription": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .\n\nYou can only enable DNS hostnames if you've enabled DNS support.", + "title": "EnableDnsHostnames", + "type": "boolean" + }, + "EnableDnsSupport": { + "markdownDescription": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .", + "title": "EnableDnsSupport", + "type": "boolean" + }, + "InstanceTenancy": { + "markdownDescription": "The allowed tenancy of instances launched into the VPC.\n\n- `default` : An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n- `dedicated` : An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of `host` during instance launch. You cannot specify a tenancy of `default` during instance launch.\n\nUpdating `InstanceTenancy` requires no replacement only if you are updating its value from `dedicated` to `default` . Updating `InstanceTenancy` from `default` to `dedicated` requires replacement.", + "title": "InstanceTenancy", + "type": "string" + }, + "Ipv4IpamPoolId": { + "markdownDescription": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", + "title": "Ipv4IpamPoolId", + "type": "string" + }, + "Ipv4NetmaskLength": { + "markdownDescription": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4NetmaskLength", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the VPC.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "UserPoolClientId": { - "markdownDescription": "The ID of the Amazon Cognito user pool client.", - "title": "UserPoolClientId", + "Type": { + "enum": [ + "AWS::EC2::VPC" + ], "type": "string" }, - "UserPoolDomain": { - "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", - "title": "UserPoolDomain", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "UserPoolArn", - "UserPoolClientId", - "UserPoolDomain" + "Type" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig": { + "AWS::EC2::VPCBlockPublicAccessExclusion": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "AuthorizationEndpoint": { - "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "AuthorizationEndpoint", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The OAuth 2.0 client identifier.", - "title": "ClientId", - "type": "string" - }, - "ClientSecret": { - "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", - "title": "ClientSecret", - "type": "string" - }, - "Issuer": { - "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "Issuer", + "Condition": { "type": "string" }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" + "Metadata": { + "type": "object" }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "InternetGatewayExclusionMode": { + "markdownDescription": "The desired VPC Block Public Access mode for a specific VPC or subnet exclusion.\n\n- `allow-bidirectional` : Allow all internet traffic to and from the excluded VPCs and subnets.\n- `allow-egress` : Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to `block-bidirectional` .", + "title": "InternetGatewayExclusionMode", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet you want to exclude. Required only if you don't specify VpcId.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC you want to exclude. Required only if you don't specify SubnetId.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "InternetGatewayExclusionMode" + ], + "type": "object" }, - "TokenEndpoint": { - "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "TokenEndpoint", + "Type": { + "enum": [ + "AWS::EC2::VPCBlockPublicAccessExclusion" + ], "type": "string" }, - "UseExistingClientSecret": { - "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", - "title": "UseExistingClientSecret", - "type": "boolean" - }, - "UserInfoEndpoint": { - "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "UserInfoEndpoint", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AuthorizationEndpoint", - "ClientId", - "Issuer", - "TokenEndpoint", - "UserInfoEndpoint" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.Certificate": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig": { + "AWS::EC2::VPCBlockPublicAccessOptions": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", - "title": "ContentType", + "Condition": { "type": "string" }, - "MessageBody": { - "markdownDescription": "The message.", - "title": "MessageBody", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", - "title": "StatusCode", - "type": "string" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::Listener.ForwardConfig": { - "additionalProperties": false, - "properties": { - "TargetGroupStickinessConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig", - "markdownDescription": "Information about the target group stickiness for a rule.", - "title": "TargetGroupStickinessConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InternetGatewayBlockMode": { + "markdownDescription": "The desired VPC Block Public Access mode for internet gateways in your account. We do not allow you to create this resource type in an \"off\" mode since off is the default value.\n\n- `block-bidirectional` : Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).\n- `block-ingress` : Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.", + "title": "InternetGatewayBlockMode", + "type": "string" + } }, - "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", - "title": "TargetGroups", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication": { - "additionalProperties": false, - "properties": { - "IgnoreClientCertificateExpiry": { - "markdownDescription": "Indicates whether expired client certificates are ignored.", - "title": "IgnoreClientCertificateExpiry", - "type": "boolean" + "required": [ + "InternetGatewayBlockMode" + ], + "type": "object" }, - "Mode": { - "markdownDescription": "The client certificate handling method. Options are `off` , `passthrough` or `verify` . The default value is `off` .", - "title": "Mode", + "Type": { + "enum": [ + "AWS::EC2::VPCBlockPublicAccessOptions" + ], "type": "string" }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.RedirectConfig": { + "AWS::EC2::VPCCidrBlock": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", - "title": "Host", + "Condition": { "type": "string" }, - "Path": { - "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", - "title": "Path", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", - "title": "Port", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Protocol": { - "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", - "title": "Protocol", - "type": "string" + "Metadata": { + "type": "object" }, - "Query": { - "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", - "title": "Query", + "Properties": { + "additionalProperties": false, + "properties": { + "AmazonProvidedIpv6CidrBlock": { + "markdownDescription": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.", + "title": "AmazonProvidedIpv6CidrBlock", + "type": "boolean" + }, + "CidrBlock": { + "markdownDescription": "An IPv4 CIDR block to associate with the VPC.", + "title": "CidrBlock", + "type": "string" + }, + "Ipv4IpamPoolId": { + "markdownDescription": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4IpamPoolId", + "type": "string" + }, + "Ipv4NetmaskLength": { + "markdownDescription": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4NetmaskLength", + "type": "number" + }, + "Ipv6CidrBlock": { + "markdownDescription": "An IPv6 CIDR block from the IPv6 address pool. You must also specify `Ipv6Pool` in the request.\n\nTo let Amazon choose the IPv6 CIDR block for you, omit this parameter.", + "title": "Ipv6CidrBlock", + "type": "string" + }, + "Ipv6CidrBlockNetworkBorderGroup": { + "markdownDescription": "The name of the location from which we advertise the IPV6 CIDR block. Use this parameter to limit the CIDR block to this location.\n\nYou must set `AmazonProvidedIpv6CidrBlock` to `true` to use this parameter.\n\nYou can have one IPv6 CIDR block association per network border group.", + "title": "Ipv6CidrBlockNetworkBorderGroup", + "type": "string" + }, + "Ipv6IpamPoolId": { + "markdownDescription": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv6IpamPoolId", + "type": "string" + }, + "Ipv6NetmaskLength": { + "markdownDescription": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv6NetmaskLength", + "type": "number" + }, + "Ipv6Pool": { + "markdownDescription": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", + "title": "Ipv6Pool", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::VPCCidrBlock" + ], "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", - "title": "StatusCode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "StatusCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig": { - "additionalProperties": false, - "properties": { - "DurationSeconds": { - "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", - "title": "DurationSeconds", - "type": "number" - }, - "Enabled": { - "markdownDescription": "Indicates whether target group stickiness is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple": { - "additionalProperties": false, - "properties": { - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "TargetGroupArn", - "type": "string" - }, - "Weight": { - "markdownDescription": "The weight. The range is 0 to 999.", - "title": "Weight", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerCertificate": { + "AWS::EC2::VPCDHCPOptionsAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -93313,29 +100987,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Certificates": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate" - }, - "markdownDescription": "The certificate. You can specify one certificate per resource.", - "title": "Certificates", - "type": "array" + "DhcpOptionsId": { + "markdownDescription": "The ID of the DHCP options set, or `default` to associate no DHCP options with the VPC.", + "title": "DhcpOptionsId", + "type": "string" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "required": [ - "Certificates", - "ListenerArn" + "DhcpOptionsId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::ListenerCertificate" + "AWS::EC2::VPCDHCPOptionsAssociation" ], "type": "string" }, @@ -93354,18 +101025,7 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule": { + "AWS::EC2::VPCEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -93400,43 +101060,97 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { + "DnsOptions": { + "$ref": "#/definitions/AWS::EC2::VPCEndpoint.DnsOptionsSpecification", + "markdownDescription": "Describes the DNS options for an endpoint.", + "title": "DnsOptions" + }, + "IpAddressType": { + "markdownDescription": "The supported IP address types.", + "title": "IpAddressType", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n\nFor CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. For example, if you have a JSON policy, you can convert it to YAML before including it in the YAML template, and AWS CloudFormation converts the policy to JSON format before calling the API actions for AWS PrivateLink . Alternatively, you can include the JSON directly in the YAML, as shown in the following `Properties` section:\n\n`Properties: VpcEndpointType: 'Interface' ServiceName: !Sub 'com.amazonaws.${AWS::Region}.logs' PolicyDocument: '{ \"Version\":\"2012-10-17\", \"Statement\": [{ \"Effect\":\"Allow\", \"Principal\":\"*\", \"Action\":[\"logs:Describe*\",\"logs:Get*\",\"logs:List*\",\"logs:FilterLogEvents\"], \"Resource\":\"*\" }] }'`", + "title": "PolicyDocument", + "type": "object" + }, + "PrivateDnsEnabled": { + "markdownDescription": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, `kinesis.us-east-1.amazonaws.com` ), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to `true` : `enableDnsHostnames` and `enableDnsSupport` .\n\nThis property is supported only for interface endpoints.\n\nDefault: `false`", + "title": "PrivateDnsEnabled", + "type": "boolean" + }, + "ResourceConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource configuration.", + "title": "ResourceConfigurationArn", + "type": "string" + }, + "RouteTableIds": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.Action" + "type": "string" }, - "markdownDescription": "The actions.\n\nThe rule must include exactly one of the following types of actions: `forward` , `fixed-response` , or `redirect` , and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.", - "title": "Actions", + "markdownDescription": "The IDs of the route tables. Routing is supported only for gateway endpoints.", + "title": "RouteTableIds", "type": "array" }, - "Conditions": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition" + "type": "string" }, - "markdownDescription": "The conditions.\n\nThe rule can optionally include up to one of each of the following conditions: `http-request-method` , `host-header` , `path-pattern` , and `source-ip` . A rule can also optionally include one or more of each of the following conditions: `http-header` and `query-string` .", - "title": "Conditions", + "markdownDescription": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints.", + "title": "SecurityGroupIds", "type": "array" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", + "ServiceName": { + "markdownDescription": "The name of the endpoint service.", + "title": "ServiceName", "type": "string" }, - "Priority": { - "markdownDescription": "The rule priority. A listener can't have multiple rules with the same priority.\n\nIf you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.", - "title": "Priority", - "type": "number" + "ServiceNetworkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service network.", + "title": "ServiceNetworkArn", + "type": "string" + }, + "ServiceRegion": { + "markdownDescription": "Describes a Region.", + "title": "ServiceRegion", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the endpoint.", + "title": "Tags", + "type": "array" + }, + "VpcEndpointType": { + "markdownDescription": "The type of endpoint.\n\nDefault: Gateway", + "title": "VpcEndpointType", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" } }, "required": [ - "Actions", - "Conditions", - "Priority" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::ListenerRule" + "AWS::EC2::VPCEndpoint" ], "type": "string" }, @@ -93455,460 +101169,109 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.Action": { + "AWS::EC2::VPCEndpoint.DnsOptionsSpecification": { "additionalProperties": false, "properties": { - "AuthenticateCognitoConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig", - "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", - "title": "AuthenticateCognitoConfig" + "DnsRecordIpType": { + "markdownDescription": "The DNS records created for the endpoint.", + "title": "DnsRecordIpType", + "type": "string" }, - "AuthenticateOidcConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig", - "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", - "title": "AuthenticateOidcConfig" + "PrivateDnsOnlyForInboundResolverEndpoint": { + "markdownDescription": "Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint.", + "title": "PrivateDnsOnlyForInboundResolverEndpoint", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VPCEndpointConnectionNotification": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "FixedResponseConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig", - "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", - "title": "FixedResponseConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ForwardConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig", - "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", - "title": "ForwardConfig" - }, - "Order": { - "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", - "title": "Order", - "type": "number" - }, - "RedirectConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig", - "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", - "title": "RedirectConfig" - }, - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", - "title": "TargetGroupArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of action.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig": { - "additionalProperties": false, - "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", - "type": "string" - }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", - "type": "string" - }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" - }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "number" - }, - "UserPoolArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", - "title": "UserPoolArn", - "type": "string" + ] }, - "UserPoolClientId": { - "markdownDescription": "The ID of the Amazon Cognito user pool client.", - "title": "UserPoolClientId", - "type": "string" + "Metadata": { + "type": "object" }, - "UserPoolDomain": { - "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", - "title": "UserPoolDomain", - "type": "string" - } - }, - "required": [ - "UserPoolArn", - "UserPoolClientId", - "UserPoolDomain" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig": { - "additionalProperties": false, - "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "The endpoint events for which to receive notifications. Valid values are `Accept` , `Connect` , `Delete` , and `Reject` .", + "title": "ConnectionEvents", + "type": "array" + }, + "ConnectionNotificationArn": { + "markdownDescription": "The ARN of the SNS topic for the notifications.", + "title": "ConnectionNotificationArn", + "type": "string" + }, + "ServiceId": { + "markdownDescription": "The ID of the endpoint service.", + "title": "ServiceId", + "type": "string" + }, + "VPCEndpointId": { + "markdownDescription": "The ID of the endpoint.", + "title": "VPCEndpointId", "type": "string" } }, - "title": "AuthenticationRequestExtraParams", + "required": [ + "ConnectionEvents", + "ConnectionNotificationArn" + ], "type": "object" }, - "AuthorizationEndpoint": { - "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "AuthorizationEndpoint", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The OAuth 2.0 client identifier.", - "title": "ClientId", - "type": "string" - }, - "ClientSecret": { - "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", - "title": "ClientSecret", - "type": "string" - }, - "Issuer": { - "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "Issuer", - "type": "string" - }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", - "type": "string" - }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", - "type": "string" - }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" - }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "number" - }, - "TokenEndpoint": { - "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "TokenEndpoint", - "type": "string" - }, - "UseExistingClientSecret": { - "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", - "title": "UseExistingClientSecret", - "type": "boolean" - }, - "UserInfoEndpoint": { - "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "UserInfoEndpoint", - "type": "string" - } - }, - "required": [ - "AuthorizationEndpoint", - "ClientId", - "Issuer", - "TokenEndpoint", - "UserInfoEndpoint" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig": { - "additionalProperties": false, - "properties": { - "ContentType": { - "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", - "title": "ContentType", - "type": "string" - }, - "MessageBody": { - "markdownDescription": "The message.", - "title": "MessageBody", - "type": "string" - }, - "StatusCode": { - "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", - "title": "StatusCode", - "type": "string" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig": { - "additionalProperties": false, - "properties": { - "TargetGroupStickinessConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig", - "markdownDescription": "Information about the target group stickiness for a rule.", - "title": "TargetGroupStickinessConfig" - }, - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple" - }, - "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", - "title": "TargetGroups", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). You must include at least one \".\" character. You can include only alphabetical characters after the final \".\" character.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the host name.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig": { - "additionalProperties": false, - "properties": { - "HttpHeaderName": { - "markdownDescription": "The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.", - "title": "HttpHeaderName", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf the same header appears multiple times in the request, we search them in order until a match is found.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue" - }, - "markdownDescription": "The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in `Values` using a '\\' character.\n\nIf you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key. You can omit the key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig": { - "additionalProperties": false, - "properties": { - "Host": { - "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", - "title": "Host", - "type": "string" - }, - "Path": { - "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", - "title": "Path", - "type": "string" - }, - "Port": { - "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", - "title": "Port", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", - "title": "Protocol", - "type": "string" - }, - "Query": { - "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", - "title": "Query", + "Type": { + "enum": [ + "AWS::EC2::VPCEndpointConnectionNotification" + ], "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", - "title": "StatusCode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "StatusCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition": { - "additionalProperties": false, - "properties": { - "Field": { - "markdownDescription": "The field in the HTTP request. The following are the possible values:\n\n- `http-header`\n- `http-request-method`\n- `host-header`\n- `path-pattern`\n- `query-string`\n- `source-ip`", - "title": "Field", - "type": "string" - }, - "HostHeaderConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig", - "markdownDescription": "Information for a host header condition. Specify only when `Field` is `host-header` .", - "title": "HostHeaderConfig" - }, - "HttpHeaderConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig", - "markdownDescription": "Information for an HTTP header condition. Specify only when `Field` is `http-header` .", - "title": "HttpHeaderConfig" - }, - "HttpRequestMethodConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig", - "markdownDescription": "Information for an HTTP method condition. Specify only when `Field` is `http-request-method` .", - "title": "HttpRequestMethodConfig" - }, - "PathPatternConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig", - "markdownDescription": "Information for a path pattern condition. Specify only when `Field` is `path-pattern` .", - "title": "PathPatternConfig" - }, - "QueryStringConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig", - "markdownDescription": "Information for a query string condition. Specify only when `Field` is `query-string` .", - "title": "QueryStringConfig" - }, - "SourceIpConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig", - "markdownDescription": "Information for a source IP condition. Specify only when `Field` is `source-ip` .", - "title": "SourceIpConfig" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The condition value. Specify only when `Field` is `host-header` or `path-pattern` . Alternatively, to specify multiple host names or multiple path patterns, use `HostHeaderConfig` or `PathPatternConfig` .\n\nIf `Field` is `host-header` and you're not using `HostHeaderConfig` , you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- - .\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)\n\nIf `Field` is `path-pattern` and you're not using `PathPatternConfig` , you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- _ - . $ / ~ \" ' @ : +\n- & (using &)\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported.\n\nIf you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig": { - "additionalProperties": false, - "properties": { - "DurationSeconds": { - "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", - "title": "DurationSeconds", - "type": "number" - }, - "Enabled": { - "markdownDescription": "Indicates whether target group stickiness is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple": { - "additionalProperties": false, - "properties": { - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "TargetGroupArn", - "type": "string" - }, - "Weight": { - "markdownDescription": "The weight. The range is 0 to 999.", - "title": "Weight", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::LoadBalancer": { + "AWS::EC2::VPCEndpointService": { "additionalProperties": false, "properties": { "Condition": { @@ -93943,77 +101306,67 @@ "Properties": { "additionalProperties": false, "properties": { - "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { - "markdownDescription": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . The default is `on` .\n\nYou can't configure this property on a Network Load Balancer unless you associated a security group with the load balancer when you created it.", - "title": "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic", - "type": "string" + "AcceptanceRequired": { + "markdownDescription": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted.", + "title": "AcceptanceRequired", + "type": "boolean" }, - "IpAddressType": { - "markdownDescription": "The IP address type. Internal load balancers must use `ipv4` .\n\n[Application Load Balancers] The possible values are `ipv4` (IPv4 addresses), `dualstack` (IPv4 and IPv6 addresses), and `dualstack-without-public-ipv4` (public IPv6 addresses and private IPv4 and IPv6 addresses).\n\nApplication Load Balancer authentication supports IPv4 addresses only when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer can't complete the authentication process, resulting in HTTP 500 errors.\n\n[Network Load Balancers and Gateway Load Balancers] The possible values are `ipv4` (IPv4 addresses) and `dualstack` (IPv4 and IPv6 addresses).", - "title": "IpAddressType", - "type": "string" + "ContributorInsightsEnabled": { + "markdownDescription": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink .", + "title": "ContributorInsightsEnabled", + "type": "boolean" }, - "LoadBalancerAttributes": { + "GatewayLoadBalancerArns": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute" + "type": "string" }, - "markdownDescription": "The load balancer attributes. Attributes that you do not modify retain their current values.", - "title": "LoadBalancerAttributes", + "markdownDescription": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers.", + "title": "GatewayLoadBalancerArns", "type": "array" }, - "Name": { - "markdownDescription": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", - "title": "Name", - "type": "string" - }, - "Scheme": { - "markdownDescription": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n\nThe nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n\nThe default is an Internet-facing load balancer.\n\nYou can't specify a scheme for a Gateway Load Balancer.", - "title": "Scheme", - "type": "string" - }, - "SecurityGroups": { + "NetworkLoadBalancerArns": { "items": { "type": "string" }, - "markdownDescription": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer.", - "title": "SecurityGroups", + "markdownDescription": "The Amazon Resource Names (ARNs) of the Network Load Balancers.", + "title": "NetworkLoadBalancerArns", "type": "array" }, - "SubnetMappings": { + "PayerResponsibility": { + "markdownDescription": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner.", + "title": "PayerResponsibility", + "type": "string" + }, + "SupportedIpAddressTypes": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping" + "type": "string" }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones. You can't specify Elastic IP addresses for your subnets.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n\n[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You can't specify Elastic IP addresses for your subnets.", - "title": "SubnetMappings", + "markdownDescription": "The supported IP address types. The possible values are `ipv4` and `ipv6` .", + "title": "SupportedIpAddressTypes", "type": "array" }, - "Subnets": { + "SupportedRegions": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers and Gateway Load Balancers] You can specify subnets from one or more Availability Zones.", - "title": "Subnets", + "markdownDescription": "The Regions from which service consumers can access the service.", + "title": "SupportedRegions", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the load balancer.", + "markdownDescription": "The tags to associate with the service.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of load balancer. The default is `application` .", - "title": "Type", - "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::LoadBalancer" + "AWS::EC2::VPCEndpointService" ], "type": "string" }, @@ -94031,52 +101384,7 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deletion_protection.enabled` - Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .\n- `load_balancing.cross_zone.enabled` - Indicates whether cross-zone load balancing is enabled. The possible values are `true` and `false` . The default for Network Load Balancers and Gateway Load Balancers is `false` . The default for Application Load Balancers is `true` , and can't be changed.\n\nThe following attributes are supported by both Application Load Balancers and Network Load Balancers:\n\n- `access_logs.s3.enabled` - Indicates whether access logs are enabled. The value is `true` or `false` . The default is `false` .\n- `access_logs.s3.bucket` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `access_logs.s3.prefix` - The prefix for the location in the S3 bucket for the access logs.\n- `ipv6.deny_all_igw_traffic` - Blocks internet gateway (IGW) access to the load balancer. It is set to `false` for internet-facing load balancers and `true` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.\n- `zonal_shift.config.enabled` - Indicates whether zonal shift is enabled. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Application Load Balancers:\n\n- `idle_timeout.timeout_seconds` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.\n- `client_keep_alive.seconds` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n- `connection_logs.s3.enabled` - Indicates whether connection logs are enabled. The value is `true` or `false` . The default is `false` .\n- `connection_logs.s3.bucket` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `connection_logs.s3.prefix` - The prefix for the location in the S3 bucket for the connection logs.\n- `routing.http.desync_mitigation_mode` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive` .\n- `routing.http.drop_invalid_header_fields.enabled` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( `true` ) or routed to targets ( `false` ). The default is `false` .\n- `routing.http.preserve_host_header.enabled` - Indicates whether the Application Load Balancer should preserve the `Host` header in the HTTP request and send it to the target without any change. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.x_amzn_tls_version_and_cipher_suite.enabled` - Indicates whether the two headers ( `x-amzn-tls-version` and `x-amzn-tls-cipher-suite` ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The `x-amzn-tls-version` header has information about the TLS protocol version negotiated with the client, and the `x-amzn-tls-cipher-suite` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are `true` and `false` . The default is `false` .\n- `routing.http.xff_client_port.enabled` - Indicates whether the `X-Forwarded-For` header should preserve the source port that the client used to connect to the load balancer. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.xff_header_processing.mode` - Enables you to modify, preserve, or remove the `X-Forwarded-For` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are `append` , `preserve` , and `remove` . The default is `append` .\n\n- If the value is `append` , the Application Load Balancer adds the client IP address (of the last hop) to the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- If the value is `preserve` the Application Load Balancer preserves the `X-Forwarded-For` header in the HTTP request, and sends it to targets without any change.\n- If the value is `remove` , the Application Load Balancer removes the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- `routing.http2.enabled` - Indicates whether HTTP/2 is enabled. The possible values are `true` and `false` . The default is `true` . Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.\n- `waf.fail_open.enabled` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Network Load Balancers:\n\n- `dns_record.client_routing_policy` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are `availability_zone_affinity` with 100 percent zonal affinity, `partial_availability_zone_affinity` with 85 percent zonal affinity, and `any_availability_zone` with 0 percent zonal affinity.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping": { - "additionalProperties": false, - "properties": { - "AllocationId": { - "markdownDescription": "[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.", - "title": "AllocationId", - "type": "string" - }, - "IPv6Address": { - "markdownDescription": "[Network Load Balancers] The IPv6 address.", - "title": "IPv6Address", - "type": "string" - }, - "PrivateIPv4Address": { - "markdownDescription": "[Network Load Balancers] The private IPv4 address for an internal load balancer.", - "title": "PrivateIPv4Address", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", - "type": "string" - } - }, - "required": [ - "SubnetId" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::TargetGroup": { + "AWS::EC2::VPCEndpointServicePermissions": { "additionalProperties": false, "properties": { "Condition": { @@ -94111,116 +101419,28 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthCheckEnabled": { - "markdownDescription": "Indicates whether health checks are enabled. If the target type is `lambda` , health checks are disabled by default but can be enabled. If the target type is `instance` , `ip` , or `alb` , health checks are always enabled and can't be disabled.", - "title": "HealthCheckEnabled", - "type": "boolean" - }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds. If the target type is `lambda` , the default is 35 seconds.", - "title": "HealthCheckIntervalSeconds", - "type": "number" - }, - "HealthCheckPath": { - "markdownDescription": "[HTTP/HTTPS health checks] The destination for health checks on the targets.\n\n[HTTP1 or HTTP2 protocol version] The ping path. The default is /.\n\n[GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is / AWS .ALB/healthcheck.", - "title": "HealthCheckPath", - "type": "string" - }, - "HealthCheckPort": { - "markdownDescription": "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port` , which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80.", - "title": "HealthCheckPort", - "type": "string" - }, - "HealthCheckProtocol": { - "markdownDescription": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.", - "title": "HealthCheckProtocol", - "type": "string" - }, - "HealthCheckTimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2\u2013120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is `lambda` , the default is 30 seconds.", - "title": "HealthCheckTimeoutSeconds", - "type": "number" - }, - "HealthyThresholdCount": { - "markdownDescription": "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 5. If the target type is `lambda` , the default is 5.", - "title": "HealthyThresholdCount", - "type": "number" - }, - "IpAddressType": { - "markdownDescription": "The IP address type. The default value is `ipv4` .", - "title": "IpAddressType", - "type": "string" - }, - "Matcher": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.Matcher", - "markdownDescription": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499. For target groups with a protocol of GENEVE, the range is 200-399.", - "title": "Matcher" - }, - "Name": { - "markdownDescription": "The name of the target group.\n\nThis name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.", - "title": "Name", - "type": "string" - }, - "Port": { - "markdownDescription": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.", - "title": "Protocol", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "[HTTP/HTTPS protocol] The protocol version. The possible values are `GRPC` , `HTTP1` , and `HTTP2` .", - "title": "ProtocolVersion", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - }, - "TargetGroupAttributes": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute" - }, - "markdownDescription": "The target group attributes. Attributes that you do not modify retain their current values.", - "title": "TargetGroupAttributes", - "type": "array" - }, - "TargetType": { - "markdownDescription": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.\n\n- `instance` - Register targets by instance ID. This is the default value.\n- `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n- `lambda` - Register a single Lambda function as a target.\n- `alb` - Register a single Application Load Balancer as a target.", - "title": "TargetType", - "type": "string" - }, - "Targets": { + "AllowedPrincipals": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription" + "type": "string" }, - "markdownDescription": "The targets.", - "title": "Targets", + "markdownDescription": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked.", + "title": "AllowedPrincipals", "type": "array" }, - "UnhealthyThresholdCount": { - "markdownDescription": "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 2. If the target type is `lambda` , the default is 5.", - "title": "UnhealthyThresholdCount", - "type": "number" - }, - "VpcId": { - "markdownDescription": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply. Otherwise, this parameter is required.", - "title": "VpcId", + "ServiceId": { + "markdownDescription": "The ID of the service.", + "title": "ServiceId", "type": "string" } }, + "required": [ + "ServiceId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TargetGroup" + "AWS::EC2::VPCEndpointServicePermissions" ], "type": "string" }, @@ -94234,67 +101454,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::TargetGroup.Matcher": { - "additionalProperties": false, - "properties": { - "GrpcCode": { - "markdownDescription": "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12.", - "title": "GrpcCode", - "type": "string" - }, - "HttpCode": { - "markdownDescription": "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Gateway Load Balancers, this must be \"200\u2013399\".\n\nNote that when using shorthand syntax, some values such as commas need to be escaped.", - "title": "HttpCode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "An Availability Zone or `all` . This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer.\n\nFor Application Load Balancer target groups, the specified Availability Zone value is only applicable when cross-zone load balancing is off. Otherwise the parameter is ignored and treated as `all` .\n\nThis parameter is not supported if the target type of the target group is `instance` or `alb` .\n\nIf the target type is `ip` and the IP address is in a subnet of the VPC for the target group, the Availability Zone is automatically detected and this parameter is optional. If the IP address is outside the VPC, this parameter is required.\n\nFor Application Load Balancer target groups with cross-zone load balancing off, if the target type is `ip` and the IP address is outside of the VPC for the target group, this should be an Availability Zone inside the VPC for the target group.\n\nIf the target type is `lambda` , this parameter is optional and the only supported value is `all` .", - "title": "AvailabilityZone", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the target. If the target type of the target group is `instance` , specify an instance ID. If the target type is `ip` , specify an IP address. If the target type is `lambda` , specify the ARN of the Lambda function. If the target type is `alb` , specify the ARN of the Application Load Balancer target.", - "title": "Id", - "type": "string" - }, - "Port": { - "markdownDescription": "The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is `alb` , the targeted Application Load Balancer must have at least one listener whose port matches the target group port. This parameter is not used if the target is a Lambda function.", - "title": "Port", - "type": "number" - } - }, - "required": [ - "Id" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deregistration_delay.timeout_seconds` - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from `draining` to `unused` . The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.\n- `stickiness.enabled` - Indicates whether target stickiness is enabled. The value is `true` or `false` . The default is `false` .\n- `stickiness.type` - Indicates the type of stickiness. The possible values are:\n\n- `lb_cookie` and `app_cookie` for Application Load Balancers.\n- `source_ip` for Network Load Balancers.\n- `source_ip_dest_ip` and `source_ip_dest_ip_proto` for Gateway Load Balancers.\n\nThe following attributes are supported by Application Load Balancers and Network Load Balancers:\n\n- `load_balancing.cross_zone.enabled` - Indicates whether cross zone load balancing is enabled. The value is `true` , `false` or `use_load_balancer_configuration` . The default is `use_load_balancer_configuration` .\n- `target_group_health.dns_failover.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to the maximum number of targets. The default is 1.\n- `target_group_health.dns_failover.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are 1 to the maximum number of targets. The default is 1.\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n\nThe following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:\n\n- `load_balancing.algorithm.type` - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is `round_robin` , `least_outstanding_requests` , or `weighted_random` . The default is `round_robin` .\n- `load_balancing.algorithm.anomaly_mitigation` - Only available when `load_balancing.algorithm.type` is `weighted_random` . Indicates whether anomaly mitigation is enabled. The value is `on` or `off` . The default is `off` .\n- `slow_start.duration_seconds` - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).\n- `stickiness.app_cookie.cookie_name` - Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: `AWSALB` , `AWSALBAPP` , and `AWSALBTG` ; they're reserved for use by the load balancer.\n- `stickiness.app_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n- `stickiness.lb_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n\nThe following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:\n\n- `lambda.multi_value_headers.enabled` - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is `true` or `false` . The default is `false` . If the value is `false` and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.\n\nThe following attributes are supported only by Network Load Balancers:\n\n- `deregistration_delay.connection_termination.enabled` - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is `true` or `false` . For new UDP/TCP_UDP target groups the default is `true` . Otherwise, the default is `false` .\n- `preserve_client_ip.enabled` - Indicates whether client IP preservation is enabled. The value is `true` or `false` . The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation can't be disabled for UDP and TCP_UDP target groups.\n- `proxy_protocol_v2.enabled` - Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` .\n- `target_health_state.unhealthy.connection_termination.enabled` - Indicates whether the load balancer terminates connections to unhealthy targets. The value is `true` or `false` . The default is `true` . This attribute can't be enabled for UDP and TCP_UDP target groups.\n- `target_health_state.unhealthy.draining_interval_seconds` - The amount of time for Elastic Load Balancing to wait before changing the state of an unhealthy target from `unhealthy.draining` to `unhealthy` . The range is 0-360000 seconds. The default value is 0 seconds.\n\nNote: This attribute can only be configured when `target_health_state.unhealthy.connection_termination.enabled` is `false` .\n\nThe following attributes are supported only by Gateway Load Balancers:\n\n- `target_failover.on_deregistration` - Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.\n- `target_failover.on_unhealthy` - Indicates how the Gateway Load Balancer handles existing flows when a target is unhealthy. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::TrustStore": { + "AWS::EC2::VPCGatewayAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -94329,40 +101494,30 @@ "Properties": { "additionalProperties": false, "properties": { - "CaCertificatesBundleS3Bucket": { - "markdownDescription": "The Amazon S3 bucket for the ca certificates bundle.", - "title": "CaCertificatesBundleS3Bucket", - "type": "string" - }, - "CaCertificatesBundleS3Key": { - "markdownDescription": "The Amazon S3 path for the ca certificates bundle.", - "title": "CaCertificatesBundleS3Key", + "InternetGatewayId": { + "markdownDescription": "The ID of the internet gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", + "title": "InternetGatewayId", "type": "string" }, - "CaCertificatesBundleS3ObjectVersion": { - "markdownDescription": "The Amazon S3 object version for the ca certificates bundle. If undefined the current version is used.", - "title": "CaCertificatesBundleS3ObjectVersion", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the trust store.", - "title": "Name", + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", + "title": "VpnGatewayId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the trust store.", - "title": "Tags", - "type": "array" } }, + "required": [ + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TrustStore" + "AWS::EC2::VPCGatewayAttachment" ], "type": "string" }, @@ -94376,11 +101531,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation": { + "AWS::EC2::VPCPeeringConnection": { "additionalProperties": false, "properties": { "Condition": { @@ -94415,25 +101571,49 @@ "Properties": { "additionalProperties": false, "properties": { - "RevocationContents": { + "PeerOwnerId": { + "markdownDescription": "The AWS account ID of the owner of the accepter VPC.\n\nDefault: Your AWS account ID", + "title": "PeerOwnerId", + "type": "string" + }, + "PeerRegion": { + "markdownDescription": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.\n\nDefault: The Region in which you make the request.", + "title": "PeerRegion", + "type": "string" + }, + "PeerRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.\n\nThis is required when you are peering a VPC in a different AWS account.", + "title": "PeerRoleArn", + "type": "string" + }, + "PeerVpcId": { + "markdownDescription": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.", + "title": "PeerVpcId", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The revocation file to add.", - "title": "RevocationContents", + "markdownDescription": "Any tags assigned to the resource.", + "title": "Tags", "type": "array" }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, + "required": [ + "PeerVpcId", + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation" + "AWS::EC2::VPCPeeringConnection" ], "type": "string" }, @@ -94447,63 +101627,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent": { - "additionalProperties": false, - "properties": { - "RevocationType": { - "markdownDescription": "The type of revocation file.", - "title": "RevocationType", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket for the revocation file.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The Amazon S3 path for the revocation file.", - "title": "S3Key", - "type": "string" - }, - "S3ObjectVersion": { - "markdownDescription": "The Amazon S3 object version of the revocation file.", - "title": "S3ObjectVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.TrustStoreRevocation": { - "additionalProperties": false, - "properties": { - "NumberOfRevokedEntries": { - "markdownDescription": "The number of revoked certificates.", - "title": "NumberOfRevokedEntries", - "type": "number" - }, - "RevocationId": { - "markdownDescription": "The revocation ID of the revocation file.", - "title": "RevocationId", - "type": "string" - }, - "RevocationType": { - "markdownDescription": "The type of revocation file.", - "title": "RevocationType", - "type": "string" - }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain": { + "AWS::EC2::VPNConnection": { "additionalProperties": false, "properties": { "Condition": { @@ -94538,102 +101667,97 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guid* e.", - "title": "AccessPolicies", - "type": "object" + "CustomerGatewayId": { + "markdownDescription": "The ID of the customer gateway at your end of the VPN connection.", + "title": "CustomerGatewayId", + "type": "string" }, - "AdvancedOptions": { - "additionalProperties": true, - "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [Advanced cluster parameters](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) in the *Amazon OpenSearch Service Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdvancedOptions", - "type": "object" + "EnableAcceleration": { + "markdownDescription": "Indicate whether to enable acceleration for the VPN connection.\n\nDefault: `false`", + "title": "EnableAcceleration", + "type": "boolean" }, - "AdvancedSecurityOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput", - "markdownDescription": "Specifies options for fine-grained access control.", - "title": "AdvancedSecurityOptions" + "LocalIpv4NetworkCidr": { + "markdownDescription": "The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.\n\nDefault: `0.0.0.0/0`", + "title": "LocalIpv4NetworkCidr", + "type": "string" }, - "CognitoOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.CognitoOptions", - "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", - "title": "CognitoOptions" + "LocalIpv6NetworkCidr": { + "markdownDescription": "The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.\n\nDefault: `::/0`", + "title": "LocalIpv6NetworkCidr", + "type": "string" }, - "DomainEndpointOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.DomainEndpointOptions", - "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", - "title": "DomainEndpointOptions" + "OutsideIpAddressType": { + "markdownDescription": "The type of IP address assigned to the outside interface of the customer gateway device.\n\nValid values: `PrivateIpv4` | `PublicIpv4` | `Ipv6`\n\nDefault: `PublicIpv4`", + "title": "OutsideIpAddressType", + "type": "string" }, - "DomainName": { - "markdownDescription": "A name for the OpenSearch Service domain. For valid values, see the [DomainName](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-datatypes-domainname) data type in the *Amazon OpenSearch Service Developer Guide* . If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DomainName", + "RemoteIpv4NetworkCidr": { + "markdownDescription": "The IPv4 CIDR on the AWS side of the VPN connection.\n\nDefault: `0.0.0.0/0`", + "title": "RemoteIpv4NetworkCidr", "type": "string" }, - "EBSOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.EBSOptions", - "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "EBSOptions" + "RemoteIpv6NetworkCidr": { + "markdownDescription": "The IPv6 CIDR on the AWS side of the VPN connection.\n\nDefault: `::/0`", + "title": "RemoteIpv6NetworkCidr", + "type": "string" }, - "ElasticsearchClusterConfig": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ElasticsearchClusterConfig", - "markdownDescription": "ElasticsearchClusterConfig is a property of the AWS::Elasticsearch::Domain resource that configures the cluster of an Amazon OpenSearch Service domain.", - "title": "ElasticsearchClusterConfig" + "StaticRoutesOnly": { + "markdownDescription": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n\nIf you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .", + "title": "StaticRoutesOnly", + "type": "boolean" }, - "ElasticsearchVersion": { - "markdownDescription": "The version of Elasticsearch to use, such as 2.3. If not specified, 1.5 is used as the default. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `ElasticsearchVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `ElasticsearchVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "ElasticsearchVersion", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the VPN connection.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway associated with the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", + "title": "TransitGatewayId", "type": "string" }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.EncryptionAtRestOptions", - "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS Key Management Service key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .", - "title": "EncryptionAtRestOptions" + "TransportTransitGatewayAttachmentId": { + "markdownDescription": "The transit gateway attachment ID to use for the VPN tunnel.\n\nRequired if `OutsideIpAddressType` is set to `PrivateIpv4` .", + "title": "TransportTransitGatewayAttachmentId", + "type": "string" }, - "LogPublishingOptions": { - "additionalProperties": false, - "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.LogPublishingOption" - } - }, - "title": "LogPublishingOptions", - "type": "object" + "TunnelInsideIpVersion": { + "markdownDescription": "Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.\n\nDefault: `ipv4`", + "title": "TunnelInsideIpVersion", + "type": "string" }, - "NodeToNodeEncryptionOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions", - "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", - "title": "NodeToNodeEncryptionOptions" + "Type": { + "markdownDescription": "The type of VPN connection.", + "title": "Type", + "type": "string" }, - "SnapshotOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.SnapshotOptions", - "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indices.", - "title": "SnapshotOptions" + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", + "title": "VpnGatewayId", + "type": "string" }, - "Tags": { + "VpnTunnelOptionsSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification" }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", - "title": "Tags", + "markdownDescription": "The tunnel options for the VPN connection.", + "title": "VpnTunnelOptionsSpecifications", "type": "array" - }, - "VPCOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.VPCOptions", - "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "VPCOptions" } }, + "required": [ + "CustomerGatewayId", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Elasticsearch::Domain" + "AWS::EC2::VPNConnection" ], "type": "string" }, @@ -94647,300 +101771,248 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { + "AWS::EC2::VPNConnection.CloudwatchLogOptionsSpecification": { "additionalProperties": false, "properties": { - "AnonymousAuthEnabled": { - "markdownDescription": "", - "title": "AnonymousAuthEnabled", + "LogEnabled": { + "markdownDescription": "Enable or disable VPN tunnel logging feature. Default value is `False` .\n\nValid values: `True` | `False`", + "title": "LogEnabled", "type": "boolean" }, - "Enabled": { - "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption.", - "title": "Enabled", - "type": "boolean" + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to.", + "title": "LogGroupArn", + "type": "string" }, - "InternalUserDatabaseEnabled": { - "markdownDescription": "True to enable the internal user database.", - "title": "InternalUserDatabaseEnabled", - "type": "boolean" - }, - "MasterUserOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.MasterUserOptions", - "markdownDescription": "Specifies information about the master user.", - "title": "MasterUserOptions" + "LogOutputFormat": { + "markdownDescription": "Set log format. Default format is `json` .\n\nValid values: `json` | `text`", + "title": "LogOutputFormat", + "type": "string" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.CognitoOptions": { + "AWS::EC2::VPNConnection.IKEVersionsRequestListValue": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", - "title": "Enabled", - "type": "boolean" - }, - "IdentityPoolId": { - "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", - "title": "IdentityPoolId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The `AmazonESCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool. Required if you enable Cognito authentication.", - "title": "RoleArn", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", - "title": "UserPoolId", + "Value": { + "markdownDescription": "The IKE version.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.ColdStorageOptions": { + "AWS::EC2::VPNConnection.Phase1DHGroupNumbersRequestListValue": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage in order to enable cold storage.", - "title": "Enabled", - "type": "boolean" + "Value": { + "markdownDescription": "The Diffie-Hellmann group number.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.DomainEndpointOptions": { + "AWS::EC2::VPNConnection.Phase1EncryptionAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "CustomEndpoint": { - "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpoint", - "type": "string" - }, - "CustomEndpointCertificateArn": { - "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpointCertificateArn", - "type": "string" - }, - "CustomEndpointEnabled": { - "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", - "title": "CustomEndpointEnabled", - "type": "boolean" - }, - "EnforceHTTPS": { - "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS.", - "title": "EnforceHTTPS", - "type": "boolean" - }, - "TLSSecurityPolicy": { - "markdownDescription": "The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:\n\n- `Policy-Min-TLS-1-0-2019-07`\n- `Policy-Min-TLS-1-2-2019-07`", - "title": "TLSSecurityPolicy", + "Value": { + "markdownDescription": "The value for the encryption algorithm.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.EBSOptions": { + "AWS::EC2::VPNConnection.Phase1IntegrityAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "EBSEnabled": { - "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", - "title": "EBSEnabled", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to provisioned IOPS EBS volume types.", - "title": "Iops", - "type": "number" - }, - "VolumeSize": { - "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain, such as standard, gp2, or io1. For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", - "title": "VolumeType", + "Value": { + "markdownDescription": "The value for the integrity algorithm.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.ElasticsearchClusterConfig": { + "AWS::EC2::VPNConnection.Phase2DHGroupNumbersRequestListValue": { "additionalProperties": false, "properties": { - "ColdStorageOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ColdStorageOptions", - "markdownDescription": "Specifies cold storage options for the domain.", - "title": "ColdStorageOptions" - }, - "DedicatedMasterCount": { - "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify true for the DedicatedMasterEnabled property.", - "title": "DedicatedMasterCount", - "type": "number" - }, - "DedicatedMasterEnabled": { - "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", - "title": "DedicatedMasterEnabled", - "type": "boolean" - }, - "DedicatedMasterType": { - "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.elasticsearch` . If you specify this property, you must specify true for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "DedicatedMasterType", - "type": "string" - }, - "InstanceCount": { - "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The instance type for your data nodes, such as `m3.medium.elasticsearch` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "InstanceType", - "type": "string" - }, - "WarmCount": { - "markdownDescription": "The number of warm nodes in the cluster. Required if you enable warm storage.", - "title": "WarmCount", + "Value": { + "markdownDescription": "The Diffie-Hellmann group number.", + "title": "Value", "type": "number" - }, - "WarmEnabled": { - "markdownDescription": "Whether to enable warm storage for the cluster.", - "title": "WarmEnabled", - "type": "boolean" - }, - "WarmType": { - "markdownDescription": "The instance type for the cluster's warm nodes. Required if you enable warm storage.", - "title": "WarmType", - "type": "string" - }, - "ZoneAwarenessConfig": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ZoneAwarenessConfig", - "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", - "title": "ZoneAwarenessConfig" - }, - "ZoneAwarenessEnabled": { - "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", - "title": "ZoneAwarenessEnabled", - "type": "boolean" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.EncryptionAtRestOptions": { + "AWS::EC2::VPNConnection.Phase2EncryptionAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable encryption at rest.", - "title": "Enabled", - "type": "boolean" - }, - "KmsKeyId": { - "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.", - "title": "KmsKeyId", + "Value": { + "markdownDescription": "The encryption algorithm.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.LogPublishingOption": { + "AWS::EC2::VPNConnection.Phase2IntegrityAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing for the domain.", - "title": "CloudWatchLogsLogGroupArn", + "Value": { + "markdownDescription": "The integrity algorithm.", + "title": "Value", "type": "string" - }, - "Enabled": { - "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", - "title": "Enabled", - "type": "boolean" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.MasterUserOptions": { + "AWS::EC2::VPNConnection.VpnTunnelLogOptionsSpecification": { "additionalProperties": false, "properties": { - "MasterUserARN": { - "markdownDescription": "ARN for the master user. Only specify if `InternalUserDatabaseEnabled` is false in `AdvancedSecurityOptions` .", - "title": "MasterUserARN", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", - "title": "MasterUserName", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", - "title": "MasterUserPassword", - "type": "string" + "CloudwatchLogOptions": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.CloudwatchLogOptionsSpecification", + "markdownDescription": "Options for sending VPN tunnel logs to CloudWatch.", + "title": "CloudwatchLogOptions" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions": { + "AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether node-to-node encryption is enabled, as a Boolean.", - "title": "Enabled", + "DPDTimeoutAction": { + "markdownDescription": "The action to take after DPD timeout occurs. Specify `restart` to restart the IKE initiation. Specify `clear` to end the IKE session.\n\nValid Values: `clear` | `none` | `restart`\n\nDefault: `clear`", + "title": "DPDTimeoutAction", + "type": "string" + }, + "DPDTimeoutSeconds": { + "markdownDescription": "The number of seconds after which a DPD timeout occurs.\n\nConstraints: A value greater than or equal to 30.\n\nDefault: `30`", + "title": "DPDTimeoutSeconds", + "type": "number" + }, + "EnableTunnelLifecycleControl": { + "markdownDescription": "Turn on or off tunnel endpoint lifecycle control feature.", + "title": "EnableTunnelLifecycleControl", "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.SnapshotOptions": { - "additionalProperties": false, - "properties": { - "AutomatedSnapshotStartHour": { - "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indices in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", - "title": "AutomatedSnapshotStartHour", + }, + "IKEVersions": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.IKEVersionsRequestListValue" + }, + "markdownDescription": "The IKE versions that are permitted for the VPN tunnel.\n\nValid values: `ikev1` | `ikev2`", + "title": "IKEVersions", + "type": "array" + }, + "LogOptions": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelLogOptionsSpecification", + "markdownDescription": "Options for logging VPN tunnel activity.", + "title": "LogOptions" + }, + "Phase1DHGroupNumbers": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1DHGroupNumbersRequestListValue" + }, + "markdownDescription": "One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `2` | `14` | `15` | `16` | `17` | `18` | `19` | `20` | `21` | `22` | `23` | `24`", + "title": "Phase1DHGroupNumbers", + "type": "array" + }, + "Phase1EncryptionAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1EncryptionAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `AES128` | `AES256` | `AES128-GCM-16` | `AES256-GCM-16`", + "title": "Phase1EncryptionAlgorithms", + "type": "array" + }, + "Phase1IntegrityAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1IntegrityAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `SHA1` | `SHA2-256` | `SHA2-384` | `SHA2-512`", + "title": "Phase1IntegrityAlgorithms", + "type": "array" + }, + "Phase1LifetimeSeconds": { + "markdownDescription": "The lifetime for phase 1 of the IKE negotiation, in seconds.\n\nConstraints: A value between 900 and 28,800.\n\nDefault: `28800`", + "title": "Phase1LifetimeSeconds", "type": "number" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.VPCOptions": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { + }, + "Phase2DHGroupNumbers": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2DHGroupNumbersRequestListValue" }, - "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", + "markdownDescription": "One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `2` | `5` | `14` | `15` | `16` | `17` | `18` | `19` | `20` | `21` | `22` | `23` | `24`", + "title": "Phase2DHGroupNumbers", "type": "array" }, - "SubnetIds": { + "Phase2EncryptionAlgorithms": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2EncryptionAlgorithmsRequestListValue" }, - "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nRequired if you're creating your domain inside a VPC.", - "title": "SubnetIds", + "markdownDescription": "One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `AES128` | `AES256` | `AES128-GCM-16` | `AES256-GCM-16`", + "title": "Phase2EncryptionAlgorithms", "type": "array" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.ZoneAwarenessConfig": { - "additionalProperties": false, - "properties": { - "AvailabilityZoneCount": { - "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", - "title": "AvailabilityZoneCount", + }, + "Phase2IntegrityAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2IntegrityAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `SHA1` | `SHA2-256` | `SHA2-384` | `SHA2-512`", + "title": "Phase2IntegrityAlgorithms", + "type": "array" + }, + "Phase2LifetimeSeconds": { + "markdownDescription": "The lifetime for phase 2 of the IKE negotiation, in seconds.\n\nConstraints: A value between 900 and 3,600. The value must be less than the value for `Phase1LifetimeSeconds` .\n\nDefault: `3600`", + "title": "Phase2LifetimeSeconds", + "type": "number" + }, + "PreSharedKey": { + "markdownDescription": "The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.\n\nConstraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).", + "title": "PreSharedKey", + "type": "string" + }, + "RekeyFuzzPercentage": { + "markdownDescription": "The percentage of the rekey window (determined by `RekeyMarginTimeSeconds` ) during which the rekey time is randomly selected.\n\nConstraints: A value between 0 and 100.\n\nDefault: `100`", + "title": "RekeyFuzzPercentage", + "type": "number" + }, + "RekeyMarginTimeSeconds": { + "markdownDescription": "The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `RekeyFuzzPercentage` .\n\nConstraints: A value between 60 and half of `Phase2LifetimeSeconds` .\n\nDefault: `270`", + "title": "RekeyMarginTimeSeconds", + "type": "number" + }, + "ReplayWindowSize": { + "markdownDescription": "The number of packets in an IKE replay window.\n\nConstraints: A value between 64 and 2048.\n\nDefault: `1024`", + "title": "ReplayWindowSize", "type": "number" + }, + "StartupAction": { + "markdownDescription": "The action to take when the establishing the tunnel for the VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify `start` for AWS to initiate the IKE negotiation.\n\nValid Values: `add` | `start`\n\nDefault: `add`", + "title": "StartupAction", + "type": "string" + }, + "TunnelInsideCidr": { + "markdownDescription": "The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.\n\nConstraints: A size /30 CIDR block from the `169.254.0.0/16` range. The following CIDR blocks are reserved and cannot be used:\n\n- `169.254.0.0/30`\n- `169.254.1.0/30`\n- `169.254.2.0/30`\n- `169.254.3.0/30`\n- `169.254.4.0/30`\n- `169.254.5.0/30`\n- `169.254.169.252/30`", + "title": "TunnelInsideCidr", + "type": "string" + }, + "TunnelInsideIpv6Cidr": { + "markdownDescription": "The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same transit gateway.\n\nConstraints: A size /126 CIDR block from the local `fd00::/8` range.", + "title": "TunnelInsideIpv6Cidr", + "type": "string" } }, "type": "object" }, - "AWS::EntityResolution::IdMappingWorkflow": { + "AWS::EC2::VPNConnectionRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -94975,62 +102047,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the workflow.", - "title": "Description", - "type": "string" - }, - "IdMappingTechniques": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques", - "markdownDescription": "An object which defines the ID mapping technique and any additional configurations.", - "title": "IdMappingTechniques" - }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" - }, - "OutputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource" - }, - "markdownDescription": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` .", - "title": "OutputSourceConfig", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", - "title": "RoleArn", + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block associated with the local subnet of the customer network.", + "title": "DestinationCidrBlock", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" - }, - "WorkflowName": { - "markdownDescription": "The name of the workflow. There can't be multiple `IdMappingWorkflows` with the same name.", - "title": "WorkflowName", + "VpnConnectionId": { + "markdownDescription": "The ID of the VPN connection.", + "title": "VpnConnectionId", "type": "string" } }, "required": [ - "IdMappingTechniques", - "InputSourceConfig", - "RoleArn", - "WorkflowName" + "DestinationCidrBlock", + "VpnConnectionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::IdMappingWorkflow" + "AWS::EC2::VPNConnectionRoute" ], "type": "string" }, @@ -95049,110 +102085,7 @@ ], "type": "object" }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques": { - "additionalProperties": false, - "properties": { - "IdMappingType": { - "markdownDescription": "The type of ID mapping.", - "title": "IdMappingType", - "type": "string" - }, - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.ProviderProperties", - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "title": "ProviderProperties" - } - }, - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource": { - "additionalProperties": false, - "properties": { - "InputSourceARN": { - "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", - "title": "InputSourceARN", - "type": "string" - }, - "SchemaArn": { - "markdownDescription": "The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` .", - "title": "SchemaArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "InputSourceARN" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource": { - "additionalProperties": false, - "properties": { - "KMSArn": { - "markdownDescription": "Customer AWS KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", - "title": "KMSArn", - "type": "string" - }, - "OutputS3Path": { - "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", - "title": "OutputS3Path", - "type": "string" - } - }, - "required": [ - "OutputS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration": { - "additionalProperties": false, - "properties": { - "IntermediateS3Path": { - "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", - "title": "IntermediateS3Path", - "type": "string" - } - }, - "required": [ - "IntermediateS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.ProviderProperties": { - "additionalProperties": false, - "properties": { - "IntermediateSourceConfiguration": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration", - "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", - "title": "IntermediateSourceConfiguration" - }, - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "The required configuration fields to use with the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" - }, - "ProviderServiceArn": { - "markdownDescription": "The ARN of the provider service.", - "title": "ProviderServiceArn", - "type": "string" - } - }, - "required": [ - "ProviderServiceArn" - ], - "type": "object" - }, - "AWS::EntityResolution::IdNamespace": { + "AWS::EC2::VPNGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -95187,60 +102120,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the ID namespace.", - "title": "Description", - "type": "string" - }, - "IdMappingWorkflowProperties": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties" - }, - "markdownDescription": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` .", - "title": "IdMappingWorkflowProperties", - "type": "array" - }, - "IdNamespaceName": { - "markdownDescription": "The name of the ID namespace.", - "title": "IdNamespaceName", - "type": "string" - }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceInputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run.", - "title": "RoleArn", - "type": "string" + "AmazonSideAsn": { + "markdownDescription": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session.", + "title": "AmazonSideAsn", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "Any tags assigned to the virtual private gateway.", "title": "Tags", "type": "array" }, "Type": { - "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", + "markdownDescription": "The type of VPN connection the virtual private gateway supports.", "title": "Type", "type": "string" } }, "required": [ - "IdNamespaceName", "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::IdNamespace" + "AWS::EC2::VPNGateway" ], "type": "string" }, @@ -95259,70 +102165,83 @@ ], "type": "object" }, - "AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties": { + "AWS::EC2::VPNGatewayRoutePropagation": { "additionalProperties": false, "properties": { - "IdMappingType": { - "markdownDescription": "The type of ID mapping.", - "title": "IdMappingType", + "Condition": { "type": "string" }, - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceProviderProperties", - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "title": "ProviderProperties" - } - }, - "required": [ - "IdMappingType" - ], - "type": "object" - }, - "AWS::EntityResolution::IdNamespace.IdNamespaceInputSource": { - "additionalProperties": false, - "properties": { - "InputSourceARN": { - "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", - "title": "InputSourceARN", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema.", - "title": "SchemaName", - "type": "string" - } - }, - "required": [ - "InputSourceARN" - ], - "type": "object" - }, - "AWS::EntityResolution::IdNamespace.NamespaceProviderProperties": { - "additionalProperties": false, - "properties": { - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to.", + "title": "RouteTableIds", + "type": "array" + }, + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with.", + "title": "VpnGatewayId", "type": "string" } }, - "title": "ProviderConfiguration", + "required": [ + "RouteTableIds", + "VpnGatewayId" + ], "type": "object" }, - "ProviderServiceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the provider service.", - "title": "ProviderServiceArn", + "Type": { + "enum": [ + "AWS::EC2::VPNGatewayRoutePropagation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ProviderServiceArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow": { + "AWS::EC2::VerifiedAccessEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -95357,63 +102276,103 @@ "Properties": { "additionalProperties": false, "properties": { + "ApplicationDomain": { + "markdownDescription": "The DNS name for users to reach your application.", + "title": "ApplicationDomain", + "type": "string" + }, + "AttachmentType": { + "markdownDescription": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", + "title": "AttachmentType", + "type": "string" + }, + "CidrOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.CidrOptions", + "markdownDescription": "The options for a CIDR endpoint.", + "title": "CidrOptions" + }, "Description": { - "markdownDescription": "A description of the workflow.", + "markdownDescription": "A description for the AWS Verified Access endpoint.", "title": "Description", "type": "string" }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.InputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" + "DomainCertificateArn": { + "markdownDescription": "The ARN of a public TLS/SSL certificate imported into or created with ACM.", + "title": "DomainCertificateArn", + "type": "string" }, - "OutputSourceConfig": { + "EndpointDomainPrefix": { + "markdownDescription": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.", + "title": "EndpointDomainPrefix", + "type": "string" + }, + "EndpointType": { + "markdownDescription": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.", + "title": "EndpointType", + "type": "string" + }, + "LoadBalancerOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions", + "markdownDescription": "The load balancer details if creating the AWS Verified Access endpoint as `load-balancer` type.", + "title": "LoadBalancerOptions" + }, + "NetworkInterfaceOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions", + "markdownDescription": "The options for network-interface type endpoint.", + "title": "NetworkInterfaceOptions" + }, + "PolicyDocument": { + "markdownDescription": "The Verified Access policy document.", + "title": "PolicyDocument", + "type": "string" + }, + "PolicyEnabled": { + "markdownDescription": "The status of the Verified Access policy.", + "title": "PolicyEnabled", + "type": "boolean" + }, + "RdsOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.RdsOptions", + "markdownDescription": "The options for an RDS endpoint.", + "title": "RdsOptions" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputSource" + "type": "string" }, - "markdownDescription": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` .", - "title": "OutputSourceConfig", + "markdownDescription": "The IDs of the security groups for the endpoint.", + "title": "SecurityGroupIds", "type": "array" }, - "ResolutionTechniques": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques", - "markdownDescription": "An object which defines the `resolutionType` and the `ruleBasedProperties` .", - "title": "ResolutionTechniques" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", - "title": "RoleArn", - "type": "string" + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, - "WorkflowName": { - "markdownDescription": "The name of the workflow. There can't be multiple `MatchingWorkflows` with the same name.", - "title": "WorkflowName", + "VerifiedAccessGroupId": { + "markdownDescription": "The ID of the AWS Verified Access group.", + "title": "VerifiedAccessGroupId", "type": "string" } }, "required": [ - "InputSourceConfig", - "OutputSourceConfig", - "ResolutionTechniques", - "RoleArn", - "WorkflowName" + "AttachmentType", + "EndpointType", + "VerifiedAccessGroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::MatchingWorkflow" + "AWS::EC2::VerifiedAccessEndpoint" ], "type": "string" }, @@ -95432,195 +102391,181 @@ ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.InputSource": { + "AWS::EC2::VerifiedAccessEndpoint.CidrOptions": { "additionalProperties": false, "properties": { - "ApplyNormalization": { - "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", - "title": "ApplyNormalization", - "type": "boolean" - }, - "InputSourceARN": { - "markdownDescription": "An object containing `InputSourceARN` , `SchemaName` , and `ApplyNormalization` .", - "title": "InputSourceARN", + "Cidr": { + "markdownDescription": "The CIDR.", + "title": "Cidr", "type": "string" }, - "SchemaArn": { - "markdownDescription": "The name of the schema.", - "title": "SchemaArn", + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets.", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "InputSourceARN", - "SchemaArn" - ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration": { + "AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions": { "additionalProperties": false, "properties": { - "IntermediateS3Path": { - "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", - "title": "IntermediateS3Path", + "LoadBalancerArn": { + "markdownDescription": "The ARN of the load balancer.", + "title": "LoadBalancerArn", "type": "string" - } - }, - "required": [ - "IntermediateS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.OutputAttribute": { - "additionalProperties": false, - "properties": { - "Hashed": { - "markdownDescription": "Enables the ability to hash the column values in the output.", - "title": "Hashed", - "type": "boolean" }, - "Name": { - "markdownDescription": "A name of a column to be written to the output. This must be an `InputField` name in the schema mapping.", - "title": "Name", + "Port": { + "markdownDescription": "The IP port number.", + "title": "Port", + "type": "number" + }, + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The IP protocol.", + "title": "Protocol", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.OutputSource": { + "AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions": { "additionalProperties": false, "properties": { - "ApplyNormalization": { - "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", - "title": "ApplyNormalization", - "type": "boolean" - }, - "KMSArn": { - "markdownDescription": "Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", - "title": "KMSArn", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "Output": { + "Port": { + "markdownDescription": "The IP port number.", + "title": "Port", + "type": "number" + }, + "PortRanges": { "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputAttribute" + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" }, - "markdownDescription": "A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed.", - "title": "Output", + "markdownDescription": "The port ranges.", + "title": "PortRanges", "type": "array" }, - "OutputS3Path": { - "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", - "title": "OutputS3Path", + "Protocol": { + "markdownDescription": "The IP protocol.", + "title": "Protocol", "type": "string" } }, - "required": [ - "Output", - "OutputS3Path" - ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.ProviderProperties": { + "AWS::EC2::VerifiedAccessEndpoint.PortRange": { "additionalProperties": false, "properties": { - "IntermediateSourceConfiguration": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration", - "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", - "title": "IntermediateSourceConfiguration" - }, - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "The required configuration fields to use with the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" + "FromPort": { + "markdownDescription": "The start of the port range.", + "title": "FromPort", + "type": "number" }, - "ProviderServiceArn": { - "markdownDescription": "The ARN of the provider service.", - "title": "ProviderServiceArn", - "type": "string" + "ToPort": { + "markdownDescription": "The end of the port range.", + "title": "ToPort", + "type": "number" } }, - "required": [ - "ProviderServiceArn" - ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques": { + "AWS::EC2::VerifiedAccessEndpoint.RdsOptions": { "additionalProperties": false, "properties": { - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ProviderProperties", - "markdownDescription": "The properties of the provider service.", - "title": "ProviderProperties" + "Port": { + "markdownDescription": "The port.", + "title": "Port", + "type": "number" }, - "ResolutionType": { - "markdownDescription": "The type of matching. There are three types of matching: `RULE_MATCHING` , `ML_MATCHING` , and `PROVIDER` .", - "title": "ResolutionType", + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" }, - "RuleBasedProperties": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties", - "markdownDescription": "An object which defines the list of matching rules to run and has a field `Rules` , which is a list of rule objects.", - "title": "RuleBasedProperties" - } - }, - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.Rule": { - "additionalProperties": false, - "properties": { - "MatchingKeys": { + "RdsDbClusterArn": { + "markdownDescription": "The ARN of the DB cluster.", + "title": "RdsDbClusterArn", + "type": "string" + }, + "RdsDbInstanceArn": { + "markdownDescription": "The ARN of the RDS instance.", + "title": "RdsDbInstanceArn", + "type": "string" + }, + "RdsDbProxyArn": { + "markdownDescription": "The ARN of the RDS proxy.", + "title": "RdsDbProxyArn", + "type": "string" + }, + "RdsEndpoint": { + "markdownDescription": "The RDS endpoint.", + "title": "RdsEndpoint", + "type": "string" + }, + "SubnetIds": { "items": { "type": "string" }, - "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", - "title": "MatchingKeys", + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", + "title": "SubnetIds", "type": "array" - }, - "RuleName": { - "markdownDescription": "A name for the matching rule.", - "title": "RuleName", - "type": "string" } }, - "required": [ - "MatchingKeys", - "RuleName" - ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties": { + "AWS::EC2::VerifiedAccessEndpoint.SseSpecification": { "additionalProperties": false, "properties": { - "AttributeMatchingModel": { - "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", - "title": "AttributeMatchingModel", - "type": "string" + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.Rule" - }, - "markdownDescription": "A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` .", - "title": "Rules", - "type": "array" + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", + "type": "string" } }, - "required": [ - "AttributeMatchingModel", - "Rules" - ], "type": "object" }, - "AWS::EntityResolution::PolicyStatement": { + "AWS::EC2::VerifiedAccessGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -95655,52 +102600,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "items": { - "type": "string" - }, - "markdownDescription": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .", - "title": "Action", - "type": "array" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.", - "title": "Arn", + "Description": { + "markdownDescription": "A description for the AWS Verified Access group.", + "title": "Description", "type": "string" }, - "Condition": { - "markdownDescription": "A set of condition keys that you can use in key policies.", - "title": "Condition", + "PolicyDocument": { + "markdownDescription": "The Verified Access policy document.", + "title": "PolicyDocument", "type": "string" }, - "Effect": { - "markdownDescription": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n> If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.", - "title": "Effect", - "type": "string" + "PolicyEnabled": { + "markdownDescription": "The status of the Verified Access policy.", + "title": "PolicyEnabled", + "type": "boolean" }, - "Principal": { + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessGroup.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS service or AWS account that can access the resource defined as ARN.", - "title": "Principal", + "markdownDescription": "The tags.", + "title": "Tags", "type": "array" }, - "StatementId": { - "markdownDescription": "A statement identifier that differentiates the statement from others in the same policy.", - "title": "StatementId", + "VerifiedAccessInstanceId": { + "markdownDescription": "The ID of the AWS Verified Access instance.", + "title": "VerifiedAccessInstanceId", "type": "string" } }, "required": [ - "Arn", - "StatementId" + "VerifiedAccessInstanceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::PolicyStatement" + "AWS::EC2::VerifiedAccessGroup" ], "type": "string" }, @@ -95719,7 +102660,23 @@ ], "type": "object" }, - "AWS::EntityResolution::SchemaMapping": { + "AWS::EC2::VerifiedAccessGroup.SseSpecification": { + "additionalProperties": false, + "properties": { + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -95754,42 +102711,56 @@ "Properties": { "additionalProperties": false, "properties": { + "CidrEndpointsCustomSubDomain": { + "markdownDescription": "The custom subdomain.", + "title": "CidrEndpointsCustomSubDomain", + "type": "string" + }, "Description": { - "markdownDescription": "A description of the schema.", + "markdownDescription": "A description for the AWS Verified Access instance.", "title": "Description", "type": "string" }, - "MappedInputFields": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::SchemaMapping.SchemaInputAttribute" - }, - "markdownDescription": "A list of `MappedInputFields` . Each `MappedInputField` corresponds to a column the source data table, and contains column name plus additional information that AWS Entity Resolution uses for matching.", - "title": "MappedInputFields", - "type": "array" + "FipsEnabled": { + "markdownDescription": "Indicates whether support for Federal Information Processing Standards (FIPS) is enabled on the instance.", + "title": "FipsEnabled", + "type": "boolean" }, - "SchemaName": { - "markdownDescription": "The name of the schema. There can't be multiple `SchemaMappings` with the same name.", - "title": "SchemaName", - "type": "string" + "LoggingConfigurations": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs", + "markdownDescription": "The logging configuration for the Verified Access instances.", + "title": "LoggingConfigurations" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" + }, + "VerifiedAccessTrustProviderIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the AWS Verified Access trust providers.", + "title": "VerifiedAccessTrustProviderIds", + "type": "array" + }, + "VerifiedAccessTrustProviders": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider" + }, + "markdownDescription": "The IDs of the AWS Verified Access trust providers.", + "title": "VerifiedAccessTrustProviders", + "type": "array" } }, - "required": [ - "MappedInputFields", - "SchemaName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::SchemaMapping" + "AWS::EC2::VerifiedAccessInstance" ], "type": "string" }, @@ -95803,47 +102774,131 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EntityResolution::SchemaMapping.SchemaInputAttribute": { + "AWS::EC2::VerifiedAccessInstance.CloudWatchLogs": { "additionalProperties": false, "properties": { - "FieldName": { - "markdownDescription": "A string containing the field name.", - "title": "FieldName", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" }, - "GroupName": { - "markdownDescription": "A string that instructs AWS Entity Resolution to combine several columns into a unified column with the identical attribute type.\n\nFor example, when working with columns such as `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , assigning them a common `groupName` will prompt AWS Entity Resolution to concatenate them into a single value.", - "title": "GroupName", + "LogGroup": { + "markdownDescription": "The ID of the CloudWatch Logs log group.", + "title": "LogGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose": { + "additionalProperties": false, + "properties": { + "DeliveryStream": { + "markdownDescription": "The ID of the delivery stream.", + "title": "DeliveryStream", "type": "string" }, - "MatchKey": { - "markdownDescription": "A key that allows grouping of multiple input attributes into a unified matching group.\n\nFor example, consider a scenario where the source table contains various addresses, such as `business_address` and `shipping_address` . By assigning a `matchKey` called `address` to both attributes, AWS Entity Resolution will match records across these fields to create a consolidated matching group.\n\nIf no `matchKey` is specified for a column, it won't be utilized for matching purposes but will still be included in the output table.", - "title": "MatchKey", + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.S3": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name.", + "title": "BucketName", "type": "string" }, - "SubType": { - "markdownDescription": "The subtype of the attribute, selected from a list of values.", - "title": "SubType", + "BucketOwner": { + "markdownDescription": "The AWS account number that owns the bucket.", + "title": "BucketOwner", "type": "string" }, - "Type": { - "markdownDescription": "The type of the attribute, selected from a list of values.\n\nLiveRamp supports: `NAME` | `NAME_FIRST` | `NAME_MIDDLE` | `NAME_LAST` | `ADDRESS` | `ADDRESS_STREET1` | `ADDRESS_STREET2` | `ADDRESS_STREET3` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `PROVIDER_ID`\n\nTransUnion supports: `NAME` | `NAME_FIRST` | `NAME_LAST` | `ADDRESS` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `IPV4` | `IPV6` | `MAID`\n\nUnified ID 2.0 supports: `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID`\n\n> Normalization is only supported for `NAME` , `ADDRESS` , `PHONE` , and `EMAIL_ADDRESS` .\n> \n> If you want to normalize `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , you must group them by assigning them to the `NAME` `groupName` .\n> \n> If you want to normalize `ADDRESS_STREET1` , `ADDRESS_STREET2` , `ADDRESS_STREET3` , `ADDRESS_CITY` , `ADDRESS_STATE` , `ADDRESS_COUNTRY` , and `ADDRESS_POSTALCODE` , you must group them by assigning them to the `ADDRESS` `groupName` .\n> \n> If you want to normalize `PHONE_NUMBER` and `PHONE_COUNTRYCODE` , you must group them by assigning them to the `PHONE` `groupName` .", - "title": "Type", + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Prefix": { + "markdownDescription": "The bucket prefix.", + "title": "Prefix", "type": "string" } }, - "required": [ - "FieldName", - "Type" - ], "type": "object" }, - "AWS::EventSchemas::Discoverer": { + "AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.CloudWatchLogs", + "markdownDescription": "CloudWatch Logs logging destination.", + "title": "CloudWatchLogs" + }, + "IncludeTrustContext": { + "markdownDescription": "Indicates whether to include trust data sent by trust providers in the logs.", + "title": "IncludeTrustContext", + "type": "boolean" + }, + "KinesisDataFirehose": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose", + "markdownDescription": "Kinesis logging destination.", + "title": "KinesisDataFirehose" + }, + "LogVersion": { + "markdownDescription": "The logging version.\n\nValid values: `ocsf-0.1` | `ocsf-1.0.0-rc.2`", + "title": "LogVersion", + "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.S3", + "markdownDescription": "Amazon S3 logging options.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the AWS Verified Access trust provider.", + "title": "Description", + "type": "string" + }, + "DeviceTrustProviderType": { + "markdownDescription": "The type of device-based trust provider.", + "title": "DeviceTrustProviderType", + "type": "string" + }, + "TrustProviderType": { + "markdownDescription": "The type of Verified Access trust provider.", + "title": "TrustProviderType", + "type": "string" + }, + "UserTrustProviderType": { + "markdownDescription": "The type of user-based trust provider.", + "title": "UserTrustProviderType", + "type": "string" + }, + "VerifiedAccessTrustProviderId": { + "markdownDescription": "The ID of the AWS Verified Access trust provider.", + "title": "VerifiedAccessTrustProviderId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessTrustProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -95878,38 +102933,69 @@ "Properties": { "additionalProperties": false, "properties": { - "CrossAccount": { - "markdownDescription": "Allows for the discovery of the event schemas that are sent to the event bus from another account.", - "title": "CrossAccount", - "type": "boolean" - }, "Description": { - "markdownDescription": "A description for the discoverer.", + "markdownDescription": "A description for the AWS Verified Access trust provider.", "title": "Description", "type": "string" }, - "SourceArn": { - "markdownDescription": "The ARN of the event bus.", - "title": "SourceArn", + "DeviceOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions", + "markdownDescription": "The options for device-identity trust provider.", + "title": "DeviceOptions" + }, + "DeviceTrustProviderType": { + "markdownDescription": "The type of device-based trust provider.", + "title": "DeviceTrustProviderType", + "type": "string" + }, + "NativeApplicationOidcOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.NativeApplicationOidcOptions", + "markdownDescription": "The OpenID Connect (OIDC) options.", + "title": "NativeApplicationOidcOptions" + }, + "OidcOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.OidcOptions", + "markdownDescription": "The options for an OpenID Connect-compatible user-identity trust provider.", + "title": "OidcOptions" + }, + "PolicyReferenceName": { + "markdownDescription": "The identifier to be used when working with policy rules.", + "title": "PolicyReferenceName", "type": "string" }, + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" + }, "Tags": { "items": { - "$ref": "#/definitions/AWS::EventSchemas::Discoverer.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags associated with the resource.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" + }, + "TrustProviderType": { + "markdownDescription": "The type of Verified Access trust provider.", + "title": "TrustProviderType", + "type": "string" + }, + "UserTrustProviderType": { + "markdownDescription": "The type of user-based trust provider.", + "title": "UserTrustProviderType", + "type": "string" } }, "required": [ - "SourceArn" + "PolicyReferenceName", + "TrustProviderType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Discoverer" + "AWS::EC2::VerifiedAccessTrustProvider" ], "type": "string" }, @@ -95928,27 +103014,126 @@ ], "type": "object" }, - "AWS::EventSchemas::Discoverer.TagsEntry": { + "AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", + "PublicSigningKeyUrl": { + "markdownDescription": "The URL AWS Verified Access will use to verify the authenticity of the device tokens.", + "title": "PublicSigningKeyUrl", "type": "string" }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", + "TenantId": { + "markdownDescription": "The ID of the tenant application with the device-identity provider.", + "title": "TenantId", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EventSchemas::Registry": { + "AWS::EC2::VerifiedAccessTrustProvider.NativeApplicationOidcOptions": { + "additionalProperties": false, + "properties": { + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP.", + "title": "AuthorizationEndpoint", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret.", + "title": "ClientSecret", + "type": "string" + }, + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP.", + "title": "Issuer", + "type": "string" + }, + "PublicSigningKeyEndpoint": { + "markdownDescription": "The public signing key endpoint.", + "title": "PublicSigningKeyEndpoint", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP.", + "title": "Scope", + "type": "string" + }, + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP.", + "title": "TokenEndpoint", + "type": "string" + }, + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP.", + "title": "UserInfoEndpoint", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessTrustProvider.OidcOptions": { + "additionalProperties": false, + "properties": { + "AuthorizationEndpoint": { + "markdownDescription": "The OIDC authorization endpoint.", + "title": "AuthorizationEndpoint", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The client identifier.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The client secret.", + "title": "ClientSecret", + "type": "string" + }, + "Issuer": { + "markdownDescription": "The OIDC issuer.", + "title": "Issuer", + "type": "string" + }, + "Scope": { + "markdownDescription": "The OpenID Connect (OIDC) scope specified.", + "title": "Scope", + "type": "string" + }, + "TokenEndpoint": { + "markdownDescription": "The OIDC token endpoint.", + "title": "TokenEndpoint", + "type": "string" + }, + "UserInfoEndpoint": { + "markdownDescription": "The OIDC user info endpoint.", + "title": "UserInfoEndpoint", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessTrustProvider.SseSpecification": { + "additionalProperties": false, + "properties": { + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Volume": { "additionalProperties": false, "properties": { "Condition": { @@ -95983,30 +103168,83 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the registry to be created.", - "title": "Description", + "AutoEnableIO": { + "markdownDescription": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O.", + "title": "AutoEnableIO", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The ID of the Availability Zone in which to create the volume. For example, `us-east-1a` .", + "title": "AvailabilityZone", "type": "string" }, - "RegistryName": { - "markdownDescription": "The name of the schema registry.", - "title": "RegistryName", + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) in the *Amazon EBS User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` .\n\nIf you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to `true` , then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the AWS managed key .\n\nAlternatively, if you want to specify a different key, you can specify one of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. Specify the alias for the key, prefixed with `alias/` . For example, for a key with the alias `my_cmk` , use `alias/my_cmk` . Or to specify the AWS managed key , use `alias/aws/ebs` .\n- Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.", + "title": "KmsKeyId", + "type": "string" + }, + "MultiAttachEnabled": { + "markdownDescription": "Indicates whether Amazon EBS Multi-Attach is enabled.\n\nAWS CloudFormation does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume.", + "title": "MultiAttachEnabled", + "type": "boolean" + }, + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", + "title": "OutpostArn", + "type": "string" + }, + "Size": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "Size", + "type": "number" + }, + "SnapshotId": { + "markdownDescription": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.", + "title": "SnapshotId", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::EventSchemas::Registry.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to associate with the registry.", + "markdownDescription": "The tags to apply to the volume during creation.", "title": "Tags", "type": "array" + }, + "Throughput": { + "markdownDescription": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n\nThis parameter is valid only for `gp3` volumes. The default value is 125.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", + "title": "Throughput", + "type": "number" + }, + "VolumeInitializationRate": { + "markdownDescription": "Specifies the Amazon EBS Provisioned Rate for Volume Initialization (volume initialization rate), in MiB/s, at which to download the snapshot blocks from Amazon S3 to the volume. This is also known as *volume initialization* . Specifying a volume initialization rate ensures that the volume is initialized at a predictable and consistent rate after creation.\n\nThis parameter is supported only for volumes created from snapshots. Omit this parameter if:\n\n- You want to create the volume using fast snapshot restore. You must specify a snapshot that is enabled for fast snapshot restore. In this case, the volume is fully initialized at creation.\n\n> If you specify a snapshot that is enabled for fast snapshot restore and a volume initialization rate, the volume will be initialized at the specified rate instead of fast snapshot restore.\n- You want to create a volume that is initialized at the default rate.\n\nFor more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EC2 User Guide* .\n\nValid range: 100 - 300 MiB/s", + "title": "VolumeInitializationRate", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) .\n\nDefault: `gp2`", + "title": "VolumeType", + "type": "string" } }, + "required": [ + "AvailabilityZone" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Registry" + "AWS::EC2::Volume" ], "type": "string" }, @@ -96020,31 +103258,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EventSchemas::Registry.TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::EventSchemas::RegistryPolicy": { + "AWS::EC2::VolumeAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -96079,31 +103298,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "A resource-based policy.", - "title": "Policy", - "type": "object" + "Device": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "Device", + "type": "string" }, - "RegistryName": { - "markdownDescription": "The name of the registry.", - "title": "RegistryName", + "InstanceId": { + "markdownDescription": "The ID of the instance to which the volume attaches. This value can be a reference to an [`AWS::EC2::Instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance.", + "title": "InstanceId", "type": "string" }, - "RevisionId": { - "markdownDescription": "The revision ID of the policy.", - "title": "RevisionId", + "VolumeId": { + "markdownDescription": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [`AWS::EC2::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume.", + "title": "VolumeId", "type": "string" } }, "required": [ - "Policy", - "RegistryName" + "InstanceId", + "VolumeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::RegistryPolicy" + "AWS::EC2::VolumeAttachment" ], "type": "string" }, @@ -96122,7 +103341,7 @@ ], "type": "object" }, - "AWS::EventSchemas::Schema": { + "AWS::ECR::PublicRepository": { "additionalProperties": false, "properties": { "Condition": { @@ -96157,50 +103376,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The source of the schema definition.", - "title": "Content", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the schema.", - "title": "Description", - "type": "string" + "RepositoryCatalogData": { + "$ref": "#/definitions/AWS::ECR::PublicRepository.RepositoryCatalogData", + "markdownDescription": "The details about the repository that are publicly visible in the Amazon ECR Public Gallery. For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .", + "title": "RepositoryCatalogData" }, - "RegistryName": { - "markdownDescription": "The name of the schema registry.", - "title": "RegistryName", + "RepositoryName": { + "markdownDescription": "The name to use for the public repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "RepositoryName", "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema.", - "title": "SchemaName", - "type": "string" + "RepositoryPolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the public repository. For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .", + "title": "RepositoryPolicyText", + "type": "object" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::EventSchemas::Schema.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags associated with the schema.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of schema.\n\nValid types include `OpenApi3` and `JSONSchemaDraft4` .", - "title": "Type", - "type": "string" } }, - "required": [ - "Content", - "RegistryName", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Schema" + "AWS::ECR::PublicRepository" ], "type": "string" }, @@ -96214,32 +103418,48 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EventSchemas::Schema.TagsEntry": { + "AWS::ECR::PublicRepository.RepositoryCatalogData": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", + "AboutText": { + "markdownDescription": "The longform description of the contents of the repository. This text appears in the repository details on the Amazon ECR Public Gallery.", + "title": "AboutText", "type": "string" }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", + "Architectures": { + "items": { + "type": "string" + }, + "markdownDescription": "The architecture tags that are associated with the repository.", + "title": "Architectures", + "type": "array" + }, + "OperatingSystems": { + "items": { + "type": "string" + }, + "markdownDescription": "The operating system tags that are associated with the repository.", + "title": "OperatingSystems", + "type": "array" + }, + "RepositoryDescription": { + "markdownDescription": "The short description of the repository.", + "title": "RepositoryDescription", + "type": "string" + }, + "UsageText": { + "markdownDescription": "The longform usage details of the contents of the repository. The usage text provides context for users of the repository.", + "title": "UsageText", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::Events::ApiDestination": { + "AWS::ECR::PullThroughCacheRule": { "additionalProperties": false, "properties": { "Condition": { @@ -96274,47 +103494,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionArn": { - "markdownDescription": "The ARN of the connection to use for the API destination. The destination endpoint must support the authorization type specified for the connection.", - "title": "ConnectionArn", + "CredentialArn": { + "markdownDescription": "The ARN of the Secrets Manager secret associated with the pull through cache rule.", + "title": "CredentialArn", "type": "string" }, - "Description": { - "markdownDescription": "A description for the API destination to create.", - "title": "Description", + "CustomRoleArn": { + "markdownDescription": "The ARN of the IAM role associated with the pull through cache rule.", + "title": "CustomRoleArn", "type": "string" }, - "HttpMethod": { - "markdownDescription": "The method to use for the request to the HTTP invocation endpoint.", - "title": "HttpMethod", + "EcrRepositoryPrefix": { + "markdownDescription": "The Amazon ECR repository prefix associated with the pull through cache rule.", + "title": "EcrRepositoryPrefix", "type": "string" }, - "InvocationEndpoint": { - "markdownDescription": "The URL to the HTTP invocation endpoint for the API destination.", - "title": "InvocationEndpoint", + "UpstreamRegistry": { + "markdownDescription": "The name of the upstream source registry associated with the pull through cache rule.", + "title": "UpstreamRegistry", "type": "string" }, - "InvocationRateLimitPerSecond": { - "markdownDescription": "The maximum number of requests per second to send to the HTTP invocation endpoint.", - "title": "InvocationRateLimitPerSecond", - "type": "number" + "UpstreamRegistryUrl": { + "markdownDescription": "The upstream registry URL associated with the pull through cache rule.", + "title": "UpstreamRegistryUrl", + "type": "string" }, - "Name": { - "markdownDescription": "The name for the API destination to create.", - "title": "Name", + "UpstreamRepositoryPrefix": { + "markdownDescription": "The upstream repository prefix associated with the pull through cache rule.", + "title": "UpstreamRepositoryPrefix", "type": "string" } }, - "required": [ - "ConnectionArn", - "HttpMethod", - "InvocationEndpoint" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::ApiDestination" + "AWS::ECR::PullThroughCacheRule" ], "type": "string" }, @@ -96328,12 +103543,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Events::Archive": { + "AWS::ECR::RegistryPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -96368,40 +103582,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ArchiveName": { - "markdownDescription": "The name for the archive to create.", - "title": "ArchiveName", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the archive.", - "title": "Description", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "An event pattern to use to filter events sent to the archive.", - "title": "EventPattern", + "PolicyText": { + "markdownDescription": "The JSON policy text for your registry.", + "title": "PolicyText", "type": "object" - }, - "RetentionDays": { - "markdownDescription": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely", - "title": "RetentionDays", - "type": "number" - }, - "SourceArn": { - "markdownDescription": "The ARN of the event bus that sends events to the archive.", - "title": "SourceArn", - "type": "string" } }, "required": [ - "SourceArn" + "PolicyText" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Archive" + "AWS::ECR::RegistryPolicy" ], "type": "string" }, @@ -96420,7 +103614,7 @@ ], "type": "object" }, - "AWS::Events::Connection": { + "AWS::ECR::RegistryScanningConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -96455,32 +103649,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.AuthParameters", - "markdownDescription": "The authorization parameters to use to authorize with the endpoint.\n\nYou must include only authorization parameters for the `AuthorizationType` you specify.", - "title": "AuthParameters" - }, - "AuthorizationType": { - "markdownDescription": "The type of authorization to use for the connection.\n\n> OAUTH tokens are refreshed when a 401 or 407 response is returned.", - "title": "AuthorizationType", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the connection to create.", - "title": "Description", - "type": "string" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration.ScanningRule" + }, + "markdownDescription": "The scanning rules associated with the registry.", + "title": "Rules", + "type": "array" }, - "Name": { - "markdownDescription": "The name for the connection to create.", - "title": "Name", + "ScanType": { + "markdownDescription": "The type of scanning configured for the registry.", + "title": "ScanType", "type": "string" } }, + "required": [ + "Rules", + "ScanType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Connection" + "AWS::ECR::RegistryScanningConfiguration" ], "type": "string" }, @@ -96494,183 +103685,55 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Events::Connection.ApiKeyAuthParameters": { - "additionalProperties": false, - "properties": { - "ApiKeyName": { - "markdownDescription": "The name of the API key to use for authorization.", - "title": "ApiKeyName", - "type": "string" - }, - "ApiKeyValue": { - "markdownDescription": "The value for the API key to use for authorization.", - "title": "ApiKeyValue", - "type": "string" - } - }, - "required": [ - "ApiKeyName", - "ApiKeyValue" - ], - "type": "object" - }, - "AWS::Events::Connection.AuthParameters": { - "additionalProperties": false, - "properties": { - "ApiKeyAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ApiKeyAuthParameters", - "markdownDescription": "The API Key parameters to use for authorization.", - "title": "ApiKeyAuthParameters" - }, - "BasicAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.BasicAuthParameters", - "markdownDescription": "The authorization parameters for Basic authorization.", - "title": "BasicAuthParameters" - }, - "InvocationHttpParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", - "markdownDescription": "Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint.", - "title": "InvocationHttpParameters" - }, - "OAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.OAuthParameters", - "markdownDescription": "The OAuth parameters to use for authorization.", - "title": "OAuthParameters" - } - }, - "type": "object" - }, - "AWS::Events::Connection.BasicAuthParameters": { - "additionalProperties": false, - "properties": { - "Password": { - "markdownDescription": "The password associated with the user name to use for Basic authorization.", - "title": "Password", - "type": "string" - }, - "Username": { - "markdownDescription": "The user name to use for Basic authorization.", - "title": "Username", - "type": "string" - } - }, - "required": [ - "Password", - "Username" + "Type", + "Properties" ], "type": "object" }, - "AWS::Events::Connection.ClientParameters": { + "AWS::ECR::RegistryScanningConfiguration.RepositoryFilter": { "additionalProperties": false, "properties": { - "ClientID": { - "markdownDescription": "The client ID to use for OAuth authorization.", - "title": "ClientID", + "Filter": { + "markdownDescription": "The filter to use when scanning.", + "title": "Filter", "type": "string" }, - "ClientSecret": { - "markdownDescription": "The client secret assciated with the client ID to use for OAuth authorization.", - "title": "ClientSecret", + "FilterType": { + "markdownDescription": "The type associated with the filter.", + "title": "FilterType", "type": "string" } }, "required": [ - "ClientID", - "ClientSecret" + "Filter", + "FilterType" ], "type": "object" }, - "AWS::Events::Connection.ConnectionHttpParameters": { + "AWS::ECR::RegistryScanningConfiguration.ScanningRule": { "additionalProperties": false, "properties": { - "BodyParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" - }, - "markdownDescription": "Any additional body string parameters for the connection.", - "title": "BodyParameters", - "type": "array" - }, - "HeaderParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" - }, - "markdownDescription": "Any additional header parameters for the connection.", - "title": "HeaderParameters", - "type": "array" - }, - "QueryStringParameters": { + "RepositoryFilters": { "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration.RepositoryFilter" }, - "markdownDescription": "Any additional query string parameters for the connection.", - "title": "QueryStringParameters", + "markdownDescription": "The details of a scanning repository filter. For more information on how to use filters, see [Using filters](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html#image-scanning-filters) in the *Amazon Elastic Container Registry User Guide* .", + "title": "RepositoryFilters", "type": "array" - } - }, - "type": "object" - }, - "AWS::Events::Connection.OAuthParameters": { - "additionalProperties": false, - "properties": { - "AuthorizationEndpoint": { - "markdownDescription": "The URL to the authorization endpoint when OAuth is specified as the authorization type.", - "title": "AuthorizationEndpoint", - "type": "string" - }, - "ClientParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ClientParameters", - "markdownDescription": "The client parameters for OAuth authorization.", - "title": "ClientParameters" - }, - "HttpMethod": { - "markdownDescription": "The method to use for the authorization request.", - "title": "HttpMethod", - "type": "string" - }, - "OAuthHttpParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", - "markdownDescription": "Details about the additional parameters to use for the connection.", - "title": "OAuthHttpParameters" - } - }, - "required": [ - "AuthorizationEndpoint", - "ClientParameters", - "HttpMethod" - ], - "type": "object" - }, - "AWS::Events::Connection.Parameter": { - "additionalProperties": false, - "properties": { - "IsValueSecret": { - "markdownDescription": "Specifies whether the value is secret.", - "title": "IsValueSecret", - "type": "boolean" - }, - "Key": { - "markdownDescription": "The key for a query string parameter.", - "title": "Key", - "type": "string" }, - "Value": { - "markdownDescription": "The value associated with the key for the query string parameter.", - "title": "Value", + "ScanFrequency": { + "markdownDescription": "The frequency that scans are performed at for a private registry. When the `ENHANCED` scan type is specified, the supported scan frequencies are `CONTINUOUS_SCAN` and `SCAN_ON_PUSH` . When the `BASIC` scan type is specified, the `SCAN_ON_PUSH` scan frequency is supported. If scan on push is not specified, then the `MANUAL` scan frequency is set by default.", + "title": "ScanFrequency", "type": "string" } }, "required": [ - "Key", - "Value" + "RepositoryFilters", + "ScanFrequency" ], "type": "object" }, - "AWS::Events::Endpoint": { + "AWS::ECR::ReplicationConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -96705,49 +103768,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the endpoint.", - "title": "Description", - "type": "string" - }, - "EventBuses": { - "items": { - "$ref": "#/definitions/AWS::Events::Endpoint.EndpointEventBus" - }, - "markdownDescription": "The event buses being used by the endpoint.\n\n*Exactly* : `2`", - "title": "EventBuses", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the endpoint.", - "title": "Name", - "type": "string" - }, - "ReplicationConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.ReplicationConfig", - "markdownDescription": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` .", - "title": "ReplicationConfig" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role used by event replication for the endpoint.", - "title": "RoleArn", - "type": "string" - }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.RoutingConfig", - "markdownDescription": "The routing configuration of the endpoint.", - "title": "RoutingConfig" + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationConfiguration", + "markdownDescription": "The replication configuration for a registry.", + "title": "ReplicationConfiguration" } }, "required": [ - "EventBuses", - "RoutingConfig" + "ReplicationConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Endpoint" + "AWS::ECR::ReplicationConfiguration" ], "type": "string" }, @@ -96766,97 +103800,89 @@ ], "type": "object" }, - "AWS::Events::Endpoint.EndpointEventBus": { - "additionalProperties": false, - "properties": { - "EventBusArn": { - "markdownDescription": "The ARN of the event bus the endpoint is associated with.", - "title": "EventBusArn", - "type": "string" - } - }, - "required": [ - "EventBusArn" - ], - "type": "object" - }, - "AWS::Events::Endpoint.FailoverConfig": { + "AWS::ECR::ReplicationConfiguration.ReplicationConfiguration": { "additionalProperties": false, "properties": { - "Primary": { - "$ref": "#/definitions/AWS::Events::Endpoint.Primary", - "markdownDescription": "The main Region of the endpoint.", - "title": "Primary" - }, - "Secondary": { - "$ref": "#/definitions/AWS::Events::Endpoint.Secondary", - "markdownDescription": "The Region that events are routed to when failover is triggered or event replication is enabled.", - "title": "Secondary" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationRule" + }, + "markdownDescription": "An array of objects representing the replication destinations and repository filters for a replication configuration.", + "title": "Rules", + "type": "array" } }, "required": [ - "Primary", - "Secondary" + "Rules" ], "type": "object" }, - "AWS::Events::Endpoint.Primary": { + "AWS::ECR::ReplicationConfiguration.ReplicationDestination": { "additionalProperties": false, "properties": { - "HealthCheck": { - "markdownDescription": "The ARN of the health check used by the endpoint to determine whether failover is triggered.", - "title": "HealthCheck", + "Region": { + "markdownDescription": "The Region to replicate to.", + "title": "Region", "type": "string" - } - }, - "required": [ - "HealthCheck" - ], - "type": "object" - }, - "AWS::Events::Endpoint.ReplicationConfig": { - "additionalProperties": false, - "properties": { - "State": { - "markdownDescription": "The state of event replication.", - "title": "State", + }, + "RegistryId": { + "markdownDescription": "The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID.", + "title": "RegistryId", "type": "string" } }, "required": [ - "State" + "Region", + "RegistryId" ], "type": "object" }, - "AWS::Events::Endpoint.RoutingConfig": { + "AWS::ECR::ReplicationConfiguration.ReplicationRule": { "additionalProperties": false, "properties": { - "FailoverConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.FailoverConfig", - "markdownDescription": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.", - "title": "FailoverConfig" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationDestination" + }, + "markdownDescription": "An array of objects representing the destination for a replication rule.", + "title": "Destinations", + "type": "array" + }, + "RepositoryFilters": { + "items": { + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.RepositoryFilter" + }, + "markdownDescription": "An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.", + "title": "RepositoryFilters", + "type": "array" } }, "required": [ - "FailoverConfig" + "Destinations" ], "type": "object" }, - "AWS::Events::Endpoint.Secondary": { + "AWS::ECR::ReplicationConfiguration.RepositoryFilter": { "additionalProperties": false, "properties": { - "Route": { - "markdownDescription": "Defines the secondary Region.", - "title": "Route", + "Filter": { + "markdownDescription": "The repository filter details. When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.", + "title": "Filter", + "type": "string" + }, + "FilterType": { + "markdownDescription": "The repository filter type. The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.", + "title": "FilterType", "type": "string" } }, "required": [ - "Route" + "Filter", + "FilterType" ], "type": "object" }, - "AWS::Events::EventBus": { + "AWS::ECR::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -96891,38 +103917,55 @@ "Properties": { "additionalProperties": false, "properties": { - "EventSourceName": { - "markdownDescription": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", - "title": "EventSourceName", + "EmptyOnDelete": { + "markdownDescription": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.", + "title": "EmptyOnDelete", + "type": "boolean" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::ECR::Repository.EncryptionConfiguration", + "markdownDescription": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", + "title": "EncryptionConfiguration" + }, + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ECR::Repository.ImageScanningConfiguration", + "markdownDescription": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.", + "title": "ImageScanningConfiguration" + }, + "ImageTagMutability": { + "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", + "title": "ImageTagMutability", "type": "string" }, - "Name": { - "markdownDescription": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", - "title": "Name", + "LifecyclePolicy": { + "$ref": "#/definitions/AWS::ECR::Repository.LifecyclePolicy", + "markdownDescription": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .", + "title": "LifecyclePolicy" + }, + "RepositoryName": { + "markdownDescription": "The name to use for the repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "RepositoryName", "type": "string" }, - "Policy": { - "markdownDescription": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", - "title": "Policy", + "RepositoryPolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "RepositoryPolicyText", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to associate with the event bus.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::EventBus" + "AWS::ECR::Repository" ], "type": "string" }, @@ -96936,12 +103979,57 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Events::EventBusPolicy": { + "AWS::ECR::Repository.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "EncryptionType": { + "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "EncryptionType", + "type": "string" + }, + "KmsKey": { + "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", + "title": "KmsKey", + "type": "string" + } + }, + "required": [ + "EncryptionType" + ], + "type": "object" + }, + "AWS::ECR::Repository.ImageScanningConfiguration": { + "additionalProperties": false, + "properties": { + "ScanOnPush": { + "markdownDescription": "The setting that determines whether images are scanned after being pushed to a repository. If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.", + "title": "ScanOnPush", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ECR::Repository.LifecyclePolicy": { + "additionalProperties": false, + "properties": { + "LifecyclePolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the repository.", + "title": "LifecyclePolicyText", + "type": "string" + }, + "RegistryId": { + "markdownDescription": "The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.", + "title": "RegistryId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECR::RepositoryCreationTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -96976,45 +104064,67 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you are enabling the other account to perform.", - "title": "Action", - "type": "string" - }, - "Condition": { - "$ref": "#/definitions/AWS::Events::EventBusPolicy.Condition", - "markdownDescription": "This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization. For more information about AWS Organizations, see [What Is AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) in the *AWS Organizations User Guide* .\n\nIf you specify `Condition` with an AWS organization ID, and specify \"*\" as the value for `Principal` , you grant permission to all the accounts in the named organization.\n\nThe `Condition` is a JSON string which must contain `Type` , `Key` , and `Value` fields.", - "title": "Condition" + "AppliedFor": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of enumerable Strings representing the repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION", + "title": "AppliedFor", + "type": "array" }, - "EventBusName": { - "markdownDescription": "The name of the event bus associated with the rule. If you omit this, the default event bus is used.", - "title": "EventBusName", + "CustomRoleArn": { + "markdownDescription": "The ARN of the role to be assumed by Amazon ECR. Amazon ECR will assume your supplied role when the customRoleArn is specified. When this field isn't specified, Amazon ECR will use the service-linked role for the repository creation template.", + "title": "CustomRoleArn", "type": "string" }, - "Principal": { - "markdownDescription": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify \"*\" to permit any account to put events to your default event bus.\n\nIf you specify \"*\" without specifying `Condition` , avoid creating rules that may match undesirable events. To create more secure rules, make sure that the event pattern for each rule contains an `account` field with a specific account ID from which to receive events. Rules with an account field do not match any events sent from other accounts.", - "title": "Principal", + "Description": { + "markdownDescription": "The description associated with the repository creation template.", + "title": "Description", "type": "string" }, - "Statement": { - "markdownDescription": "A JSON string that describes the permission policy statement. You can include a `Policy` parameter in the request instead of using the `StatementId` , `Action` , `Principal` , or `Condition` parameters.", - "title": "Statement", - "type": "object" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration", + "markdownDescription": "The encryption configuration associated with the repository creation template.", + "title": "EncryptionConfiguration" }, - "StatementId": { - "markdownDescription": "An identifier string for the external account that you are granting permissions to. If you later want to revoke the permission for this external account, specify this `StatementId` when you run [RemovePermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html) .\n\n> Each `StatementId` must be unique.", - "title": "StatementId", + "ImageTagMutability": { + "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", + "title": "ImageTagMutability", + "type": "string" + }, + "LifecyclePolicy": { + "markdownDescription": "The lifecycle policy to use for repositories created using the template.", + "title": "LifecyclePolicy", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The repository namespace prefix associated with the repository creation template.", + "title": "Prefix", + "type": "string" + }, + "RepositoryPolicy": { + "markdownDescription": "The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.", + "title": "RepositoryPolicy", "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "ResourceTags", + "type": "array" } }, "required": [ - "StatementId" + "AppliedFor", + "Prefix" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::EventBusPolicy" + "AWS::ECR::RepositoryCreationTemplate" ], "type": "string" }, @@ -97033,40 +104143,31 @@ ], "type": "object" }, - "AWS::Events::EventBusPolicy.Condition": { + "AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Specifies the key for the condition. Currently the only supported key is `aws:PrincipalOrgID` .", - "title": "Key", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies the type of condition. Currently the only supported value is `StringEquals` .", - "title": "Type", + "EncryptionType": { + "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "EncryptionType", "type": "string" }, - "Value": { - "markdownDescription": "Specifies the value for the key. Currently, this must be the ID of the organization.", - "title": "Value", + "KmsKey": { + "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", + "title": "KmsKey", "type": "string" } }, + "required": [ + "EncryptionType" + ], "type": "object" }, - "AWS::Events::Rule": { + "AWS::ECS::CapacityProvider": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -97096,47 +104197,22 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the rule.", - "title": "Description", - "type": "string" - }, - "EventBusName": { - "markdownDescription": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.", - "title": "EventBusName", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "The event pattern of the rule. For more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the **Amazon EventBridge User Guide** .", - "title": "EventPattern", - "type": "object" + "AutoScalingGroupProvider": { + "$ref": "#/definitions/AWS::ECS::CapacityProvider.AutoScalingGroupProvider", + "markdownDescription": "The Auto Scaling group settings for the capacity provider.", + "title": "AutoScalingGroupProvider" }, "Name": { - "markdownDescription": "The name of the rule.", + "markdownDescription": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", - "title": "RoleArn", - "type": "string" - }, - "ScheduleExpression": { - "markdownDescription": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", - "title": "ScheduleExpression", - "type": "string" - }, - "State": { - "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the **Amazon EventBridge User Guide** .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", - "title": "State", - "type": "string" - }, - "Targets": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::Events::Rule.Target" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the **Amazon EventBridge User Guide** .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the **Amazon EventBridge User Guide** .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code.", - "title": "Targets", + "markdownDescription": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "title": "Tags", "type": "array" } }, @@ -97144,7 +104220,7 @@ }, "Type": { "enum": [ - "AWS::Events::Rule" + "AWS::ECS::CapacityProvider" ], "type": "string" }, @@ -97162,593 +104238,304 @@ ], "type": "object" }, - "AWS::Events::Rule.AppSyncParameters": { + "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { "additionalProperties": false, "properties": { - "GraphQLOperation": { - "markdownDescription": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.\n\nFor more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* .", - "title": "GraphQLOperation", + "AutoScalingGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.", + "title": "AutoScalingGroupArn", "type": "string" - } - }, - "required": [ - "GraphQLOperation" - ], - "type": "object" - }, - "AWS::Events::Rule.AwsVpcConfiguration": { - "additionalProperties": false, - "properties": { - "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", - "title": "AssignPublicIp", + }, + "ManagedDraining": { + "markdownDescription": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.", + "title": "ManagedDraining", "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", - "title": "SecurityGroups", - "type": "array" + "ManagedScaling": { + "$ref": "#/definitions/AWS::ECS::CapacityProvider.ManagedScaling", + "markdownDescription": "The managed scaling settings for the Auto Scaling group capacity provider.", + "title": "ManagedScaling" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" + "ManagedTerminationProtection": { + "markdownDescription": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off.\n\n> When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. \n\nWhen managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* .\n\nWhen managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.", + "title": "ManagedTerminationProtection", + "type": "string" } }, "required": [ - "Subnets" + "AutoScalingGroupArn" ], "type": "object" }, - "AWS::Events::Rule.BatchArrayProperties": { + "AWS::ECS::CapacityProvider.ManagedScaling": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.", - "title": "Size", + "InstanceWarmupPeriod": { + "markdownDescription": "The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used.", + "title": "InstanceWarmupPeriod", "type": "number" - } - }, - "type": "object" - }, - "AWS::Events::Rule.BatchParameters": { - "additionalProperties": false, - "properties": { - "ArrayProperties": { - "$ref": "#/definitions/AWS::Events::Rule.BatchArrayProperties", - "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", - "title": "ArrayProperties" - }, - "JobDefinition": { - "markdownDescription": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.", - "title": "JobDefinition", - "type": "string" - }, - "JobName": { - "markdownDescription": "The name to use for this execution of the job, if the target is an AWS Batch job.", - "title": "JobName", - "type": "string" }, - "RetryStrategy": { - "$ref": "#/definitions/AWS::Events::Rule.BatchRetryStrategy", - "markdownDescription": "The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1\u201310. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition.", - "title": "RetryStrategy" - } - }, - "required": [ - "JobDefinition", - "JobName" - ], - "type": "object" - }, - "AWS::Events::Rule.BatchRetryStrategy": { - "additionalProperties": false, - "properties": { - "Attempts": { - "markdownDescription": "The number of times to attempt to retry, if the job fails. Valid values are 1\u201310.", - "title": "Attempts", + "MaximumScalingStepSize": { + "markdownDescription": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. If this parameter is omitted, the default value of `10000` is used.", + "title": "MaximumScalingStepSize", "type": "number" - } - }, - "type": "object" - }, - "AWS::Events::Rule.CapacityProviderStrategyItem": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", - "title": "Base", + }, + "MinimumScalingStepSize": { + "markdownDescription": "The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used.\n\nWhen additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size.\n\nIf you use a capacity provider with an Auto Scaling group configured with more than one Amazon EC2 instance type or Availability Zone, Amazon ECS will scale up by the exact minimum scaling step size value and will ignore both the maximum scaling step size as well as the capacity demand.", + "title": "MinimumScalingStepSize", "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "Status": { + "markdownDescription": "Determines whether to use managed scaling for the capacity provider.", + "title": "Status", "type": "string" }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", + "TargetCapacity": { + "markdownDescription": "The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used.", + "title": "TargetCapacity", "type": "number" } }, - "required": [ - "CapacityProvider" - ], - "type": "object" - }, - "AWS::Events::Rule.DeadLetterConfig": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", - "title": "Arn", - "type": "string" - } - }, "type": "object" }, - "AWS::Events::Rule.EcsParameters": { + "AWS::ECS::Cluster": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "EnableECSManagedTags", - "type": "boolean" - }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", - "type": "boolean" - }, - "Group": { - "markdownDescription": "Specifies an ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", - "type": "string" - }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", - "type": "string" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Events::Rule.NetworkConfiguration", - "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", - "title": "NetworkConfiguration" - }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", - "type": "array" - }, - "PlacementStrategies": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.PlacementStrategy" - }, - "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", - "title": "PlacementStrategies", - "type": "array" - }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", - "type": "string" - }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action.", - "title": "PropagateTags", + "Condition": { "type": "string" }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TagList": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", - "title": "TagList", - "type": "array" - }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", - "title": "TaskCount", - "type": "number" - }, - "TaskDefinitionArn": { - "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", - "type": "string" - } - }, - "required": [ - "TaskDefinitionArn" - ], - "type": "object" - }, - "AWS::Events::Rule.HttpParameters": { - "additionalProperties": false, - "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "HeaderParameters", - "type": "object" - }, - "PathParameterValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", - "type": "array" + ] }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", + "Metadata": { "type": "object" - } - }, - "type": "object" - }, - "AWS::Events::Rule.InputTransformer": { - "additionalProperties": false, - "properties": { - "InputPathsMap": { - "additionalProperties": true, - "markdownDescription": "Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target.\n\n`InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation.\n\nThe keys cannot start with \" AWS .\"", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CapacityProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n\nTo use a AWS Fargate capacity provider, specify either the `FARGATE` or `FARGATE_SPOT` capacity providers. The AWS Fargate capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n\nThe [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created.", + "title": "CapacityProviders", + "type": "array" + }, + "ClusterName": { + "markdownDescription": "A user-generated string that you use to identify your cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID for the name.", + "title": "ClusterName", "type": "string" + }, + "ClusterSettings": { + "items": { + "$ref": "#/definitions/AWS::ECS::Cluster.ClusterSettings" + }, + "markdownDescription": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n\nContainer Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up.\n\nFor more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ClusterSettings", + "type": "array" + }, + "Configuration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ClusterConfiguration", + "markdownDescription": "The execute command and managed storage configuration for the cluster.", + "title": "Configuration" + }, + "DefaultCapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::Cluster.CapacityProviderStrategyItem" + }, + "markdownDescription": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used.", + "title": "DefaultCapacityProviderStrategy", + "type": "array" + }, + "ServiceConnectDefaults": { + "$ref": "#/definitions/AWS::ECS::Cluster.ServiceConnectDefaults", + "markdownDescription": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the `enabled` parameter to `true` in the `ServiceConnectConfiguration` . You can set the namespace of each service individually in the `ServiceConnectConfiguration` to override this default parameter.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ServiceConnectDefaults" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "title": "Tags", + "type": "array" } }, - "title": "InputPathsMap", "type": "object" }, - "InputTemplate": { - "markdownDescription": "Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: < *value* >\n\nIf `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply:\n\n- The placeholder cannot be used as an object key.\n\nThe following example shows the syntax for using `InputPathsMap` and `InputTemplate` .\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \"`\n\n`}`\n\nTo have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \\\"\\\"\"`\n\n`}`\n\nThe `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": '{\"myInstance\": ,\"myStatus\": \" is in state \\\"\\\"\"}'`\n\n`}`", - "title": "InputTemplate", + "Type": { + "enum": [ + "AWS::ECS::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InputTemplate" + "Type" ], "type": "object" }, - "AWS::Events::Rule.KinesisParameters": { + "AWS::ECS::Cluster.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "PartitionKeyPath": { - "markdownDescription": "The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* .", - "title": "PartitionKeyPath", + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" + }, + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" } }, - "required": [ - "PartitionKeyPath" - ], "type": "object" }, - "AWS::Events::Rule.NetworkConfiguration": { + "AWS::ECS::Cluster.ClusterConfiguration": { "additionalProperties": false, "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AWS::Events::Rule.AwsVpcConfiguration", - "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", - "title": "AwsVpcConfiguration" + "ExecuteCommandConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandConfiguration", + "markdownDescription": "The details of the execute command configuration.", + "title": "ExecuteCommandConfiguration" + }, + "ManagedStorageConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ManagedStorageConfiguration", + "markdownDescription": "The details of the managed storage configuration.", + "title": "ManagedStorageConfiguration" } }, "type": "object" }, - "AWS::Events::Rule.PlacementConstraint": { + "AWS::ECS::Cluster.ClusterSettings": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "Expression", + "Name": { + "markdownDescription": "The name of the cluster setting. The value is `containerInsights` .", + "title": "Name", "type": "string" }, - "Type": { - "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", - "title": "Type", + "Value": { + "markdownDescription": "The value to set for the cluster setting. The supported values are `enhanced` , `enabled` , and `disabled` .\n\nTo use Container Insights with enhanced observability, set the `containerInsights` account setting to `enhanced` .\n\nTo use Container Insights, set the `containerInsights` account setting to `enabled` .\n\nIf a cluster value is specified, it will override the `containerInsights` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html) .", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.PlacementStrategy": { + "AWS::ECS::Cluster.ExecuteCommandConfiguration": { "additionalProperties": false, "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", - "title": "Field", + "KmsKeyId": { + "markdownDescription": "Specify an AWS Key Management Service key ID to encrypt the data between the local client and the container.", + "title": "KmsKeyId", "type": "string" }, - "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", - "title": "Type", + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandLogConfiguration", + "markdownDescription": "The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When `logging=OVERRIDE` is specified, a `logConfiguration` must be provided.", + "title": "LogConfiguration" + }, + "Logging": { + "markdownDescription": "The log setting to use for redirecting logs for your execute command results. The following log settings are available.\n\n- `NONE` : The execute command session is not logged.\n- `DEFAULT` : The `awslogs` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no `awslogs` log driver is configured in the task definition, the output won't be logged.\n- `OVERRIDE` : Specify the logging details as a part of `logConfiguration` . If the `OVERRIDE` logging option is specified, the `logConfiguration` is required.", + "title": "Logging", "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.RedshiftDataParameters": { + "AWS::ECS::Cluster.ExecuteCommandLogConfiguration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", - "title": "Database", - "type": "string" - }, - "DbUser": { - "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", - "title": "DbUser", - "type": "string" - }, - "SecretManagerArn": { - "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager.", - "title": "SecretManagerArn", - "type": "string" + "CloudWatchEncryptionEnabled": { + "markdownDescription": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off.", + "title": "CloudWatchEncryptionEnabled", + "type": "boolean" }, - "Sql": { - "markdownDescription": "The SQL statement text to run.", - "title": "Sql", + "CloudWatchLogGroupName": { + "markdownDescription": "The name of the CloudWatch log group to send logs to.\n\n> The CloudWatch log group must already be created.", + "title": "CloudWatchLogGroupName", "type": "string" }, - "Sqls": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back.", - "title": "Sqls", - "type": "array" - }, - "StatementName": { - "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", - "title": "StatementName", + "S3BucketName": { + "markdownDescription": "The name of the S3 bucket to send logs to.\n\n> The S3 bucket must already be created.", + "title": "S3BucketName", "type": "string" }, - "WithEvent": { - "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", - "title": "WithEvent", + "S3EncryptionEnabled": { + "markdownDescription": "Determines whether to use encryption on the S3 logs. If not specified, encryption is not used.", + "title": "S3EncryptionEnabled", "type": "boolean" - } - }, - "required": [ - "Database" - ], - "type": "object" - }, - "AWS::Events::Rule.RetryPolicy": { - "additionalProperties": false, - "properties": { - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", - "title": "MaximumEventAgeInSeconds", - "type": "number" }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met.", - "title": "MaximumRetryAttempts", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Events::Rule.RunCommandParameters": { - "additionalProperties": false, - "properties": { - "RunCommandTargets": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.RunCommandTarget" - }, - "markdownDescription": "Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag.", - "title": "RunCommandTargets", - "type": "array" - } - }, - "required": [ - "RunCommandTargets" - ], - "type": "object" - }, - "AWS::Events::Rule.RunCommandTarget": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "Can be either `tag:` *tag-key* or `InstanceIds` .", - "title": "Key", + "S3KeyPrefix": { + "markdownDescription": "An optional folder in the S3 bucket to place logs in.", + "title": "S3KeyPrefix", "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs.", - "title": "Values", - "type": "array" } }, - "required": [ - "Key", - "Values" - ], "type": "object" }, - "AWS::Events::Rule.SageMakerPipelineParameter": { + "AWS::ECS::Cluster.ManagedStorageConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Name", + "FargateEphemeralStorageKmsKeyId": { + "markdownDescription": "Specify the AWS Key Management Service key ID for Fargate ephemeral storage.\n\nWhen you specify a `fargateEphemeralStorageKmsKeyId` , AWS Fargate uses the key to encrypt data at rest in ephemeral storage. For more information about Fargate ephemeral storage encryption, see [Customer managed keys for AWS Fargate ephemeral storage for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/fargate-storage-encryption.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe key must be a single Region key.", + "title": "FargateEphemeralStorageKmsKeyId", "type": "string" }, - "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::Events::Rule.SageMakerPipelineParameters": { - "additionalProperties": false, - "properties": { - "PipelineParameterList": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameter" - }, - "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", - "title": "PipelineParameterList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Events::Rule.SqsParameters": { - "additionalProperties": false, - "properties": { - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", + "KmsKeyId": { + "markdownDescription": "Specify a AWS Key Management Service key ID to encrypt Amazon ECS managed storage.\n\nWhen you specify a `kmsKeyId` , Amazon ECS uses the key to encrypt data volumes managed by Amazon ECS that are attached to tasks in the cluster. The following data volumes are managed by Amazon ECS: Amazon EBS. For more information about encryption of Amazon EBS volumes attached to Amazon ECS tasks, see [Encrypt data stored in Amazon EBS volumes for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe key must be a single Region key.", + "title": "KmsKeyId", "type": "string" } }, - "required": [ - "MessageGroupId" - ], "type": "object" }, - "AWS::Events::Rule.Target": { + "AWS::ECS::Cluster.ServiceConnectDefaults": { "additionalProperties": false, "properties": { - "AppSyncParameters": { - "$ref": "#/definitions/AWS::Events::Rule.AppSyncParameters", - "markdownDescription": "Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API.", - "title": "AppSyncParameters" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target.", - "title": "Arn", - "type": "string" - }, - "BatchParameters": { - "$ref": "#/definitions/AWS::Events::Rule.BatchParameters", - "markdownDescription": "If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* .", - "title": "BatchParameters" - }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Events::Rule.DeadLetterConfig", - "markdownDescription": "The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" - }, - "EcsParameters": { - "$ref": "#/definitions/AWS::Events::Rule.EcsParameters", - "markdownDescription": "Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* .", - "title": "EcsParameters" - }, - "HttpParameters": { - "$ref": "#/definitions/AWS::Events::Rule.HttpParameters", - "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", - "title": "HttpParameters" - }, - "Id": { - "markdownDescription": "The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string.", - "title": "Id", - "type": "string" - }, - "Input": { - "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .", - "title": "Input", - "type": "string" - }, - "InputPath": { - "markdownDescription": "The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) .", - "title": "InputPath", - "type": "string" - }, - "InputTransformer": { - "$ref": "#/definitions/AWS::Events::Rule.InputTransformer", - "markdownDescription": "Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target.", - "title": "InputTransformer" - }, - "KinesisParameters": { - "$ref": "#/definitions/AWS::Events::Rule.KinesisParameters", - "markdownDescription": "The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key.", - "title": "KinesisParameters" - }, - "RedshiftDataParameters": { - "$ref": "#/definitions/AWS::Events::Rule.RedshiftDataParameters", - "markdownDescription": "Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster.\n\nIf you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.", - "title": "RedshiftDataParameters" - }, - "RetryPolicy": { - "$ref": "#/definitions/AWS::Events::Rule.RetryPolicy", - "markdownDescription": "The retry policy configuration to use for the dead-letter queue.", - "title": "RetryPolicy" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target.", - "title": "RoleArn", + "Namespace": { + "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include greater than (>), less than (<), double quotation marks (\"), or slash (/).\n\nIf you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region.\n\nIf you enter a new name, a AWS Cloud Map namespace will be created. Amazon ECS creates a AWS Cloud Map namespace with the \"API calls\" method of instance discovery only. This instance discovery method is the \"HTTP\" namespace type in the AWS Command Line Interface . Other types of instance discovery aren't used by Service Connect.\n\nIf you update the cluster with an empty string `\"\"` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in AWS Cloud Map and must be deleted separately.\n\nFor more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", + "title": "Namespace", "type": "string" - }, - "RunCommandParameters": { - "$ref": "#/definitions/AWS::Events::Rule.RunCommandParameters", - "markdownDescription": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command.", - "title": "RunCommandParameters" - }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameters", - "markdownDescription": "Contains the SageMaker AI Model Building Pipeline parameters to start execution of a SageMaker AI Model Building Pipeline.\n\nIf you specify a SageMaker AI Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events.", - "title": "SageMakerPipelineParameters" - }, - "SqsParameters": { - "$ref": "#/definitions/AWS::Events::Rule.SqsParameters", - "markdownDescription": "Contains the message group ID to use when the target is a FIFO queue.\n\nIf you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled.", - "title": "SqsParameters" } }, - "required": [ - "Arn", - "Id" - ], "type": "object" }, - "AWS::Evidently::Experiment": { + "AWS::ECS::ClusterCapacityProviderAssociations": { "additionalProperties": false, "properties": { "Condition": { @@ -97783,88 +104570,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description of the experiment.", - "title": "Description", - "type": "string" - }, - "MetricGoals": { + "CapacityProviders": { "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.MetricGoalObject" + "type": "string" }, - "markdownDescription": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment.", - "title": "MetricGoals", + "markdownDescription": "The capacity providers to associate with the cluster.", + "title": "CapacityProviders", "type": "array" }, - "Name": { - "markdownDescription": "A name for the new experiment.", - "title": "Name", - "type": "string" - }, - "OnlineAbConfig": { - "$ref": "#/definitions/AWS::Evidently::Experiment.OnlineAbConfigObject", - "markdownDescription": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation.", - "title": "OnlineAbConfig" - }, - "Project": { - "markdownDescription": "The name or the ARN of the project where this experiment is to be created.", - "title": "Project", - "type": "string" - }, - "RandomizationSalt": { - "markdownDescription": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` .", - "title": "RandomizationSalt", - "type": "string" - }, - "RemoveSegment": { - "markdownDescription": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running.", - "title": "RemoveSegment", - "type": "boolean" - }, - "RunningStatus": { - "$ref": "#/definitions/AWS::Evidently::Experiment.RunningStatusObject", - "markdownDescription": "A structure that you can use to start and stop the experiment.", - "title": "RunningStatus" - }, - "SamplingRate": { - "markdownDescription": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience.", - "title": "SamplingRate", - "type": "number" - }, - "Segment": { - "markdownDescription": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", - "title": "Segment", + "Cluster": { + "markdownDescription": "The cluster the capacity provider association is the target of.", + "title": "Cluster", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the experiment.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an experiment.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" - }, - "Treatments": { + "DefaultCapacityProviderStrategy": { "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentObject" + "$ref": "#/definitions/AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy" }, - "markdownDescription": "An array of structures that describe the configuration of each feature variation used in the experiment.", - "title": "Treatments", + "markdownDescription": "The default capacity provider strategy to associate with the cluster.", + "title": "DefaultCapacityProviderStrategy", "type": "array" } }, "required": [ - "MetricGoals", - "Name", - "OnlineAbConfig", - "Project", - "Treatments" + "CapacityProviders", + "Cluster", + "DefaultCapacityProviderStrategy" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Experiment" + "AWS::ECS::ClusterCapacityProviderAssociations" ], "type": "string" }, @@ -97883,148 +104620,31 @@ ], "type": "object" }, - "AWS::Evidently::Experiment.MetricGoalObject": { - "additionalProperties": false, - "properties": { - "DesiredChange": { - "markdownDescription": "`INCREASE` means that a variation with a higher number for this metric is performing better.\n\n`DECREASE` means that a variation with a lower number for this metric is performing better.", - "title": "DesiredChange", - "type": "string" - }, - "EntityIdKey": { - "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", - "title": "EntityIdKey", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", - "title": "EventPattern", - "type": "string" - }, - "MetricName": { - "markdownDescription": "A name for the metric. It can include up to 255 characters.", - "title": "MetricName", - "type": "string" - }, - "UnitLabel": { - "markdownDescription": "A label for the units that the metric is measuring.", - "title": "UnitLabel", - "type": "string" - }, - "ValueKey": { - "markdownDescription": "The JSON path to reference the numerical metric value in the event.", - "title": "ValueKey", - "type": "string" - } - }, - "required": [ - "DesiredChange", - "EntityIdKey", - "MetricName", - "ValueKey" - ], - "type": "object" - }, - "AWS::Evidently::Experiment.OnlineAbConfigObject": { - "additionalProperties": false, - "properties": { - "ControlTreatmentName": { - "markdownDescription": "The name of the variation that is to be the default variation that the other variations are compared to.", - "title": "ControlTreatmentName", - "type": "string" - }, - "TreatmentWeights": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentToWeight" - }, - "markdownDescription": "A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation.", - "title": "TreatmentWeights", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Evidently::Experiment.RunningStatusObject": { - "additionalProperties": false, - "properties": { - "AnalysisCompleteTime": { - "markdownDescription": "If you are using AWS CloudFormation to start the experiment, use this field to specify when the experiment is to end. The format is as a UNIX timestamp. For more information about this format, see [The Current Epoch Unix Timestamp](https://docs.aws.amazon.com/https://www.unixtimestamp.com/index.php) .", - "title": "AnalysisCompleteTime", - "type": "string" - }, - "DesiredState": { - "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment.", - "title": "DesiredState", - "type": "string" - }, - "Reason": { - "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, this is an optional field that you can use to record why the experiment is being stopped or cancelled.", - "title": "Reason", - "type": "string" - }, - "Status": { - "markdownDescription": "To start the experiment now, specify `START` for this parameter. If this experiment is currently running and you want to stop it now, specify `STOP` .", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::Evidently::Experiment.TreatmentObject": { + "AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the treatment.", - "title": "Description", - "type": "string" - }, - "Feature": { - "markdownDescription": "The name of the feature for this experiment.", - "title": "Feature", - "type": "string" + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" }, - "TreatmentName": { - "markdownDescription": "A name for this treatment. It can include up to 127 characters.", - "title": "TreatmentName", + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "Variation": { - "markdownDescription": "The name of the variation to use for this treatment.", - "title": "Variation", - "type": "string" - } - }, - "required": [ - "Feature", - "TreatmentName", - "Variation" - ], - "type": "object" - }, - "AWS::Evidently::Experiment.TreatmentToWeight": { - "additionalProperties": false, - "properties": { - "SplitWeight": { - "markdownDescription": "The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment.", - "title": "SplitWeight", + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", "type": "number" - }, - "Treatment": { - "markdownDescription": "The name of the treatment.", - "title": "Treatment", - "type": "string" } }, "required": [ - "SplitWeight", - "Treatment" + "CapacityProvider" ], "type": "object" }, - "AWS::Evidently::Feature": { + "AWS::ECS::PrimaryTaskSet": { "additionalProperties": false, "properties": { "Condition": { @@ -98059,66 +104679,32 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultVariation": { - "markdownDescription": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation.", - "title": "DefaultVariation", + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service that the task set exists in.", + "title": "Cluster", "type": "string" }, - "Description": { - "markdownDescription": "An optional description of the feature.", - "title": "Description", + "Service": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service that the task set exists in.", + "title": "Service", "type": "string" }, - "EntityOverrides": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Feature.EntityOverride" - }, - "markdownDescription": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.", - "title": "EntityOverrides", - "type": "array" - }, - "EvaluationStrategy": { - "markdownDescription": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.", - "title": "EvaluationStrategy", + "TaskSetId": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the task set to set as the primary task set in the deployment.", + "title": "TaskSetId", "type": "string" - }, - "Name": { - "markdownDescription": "The name for the feature. It can include up to 127 characters.", - "title": "Name", - "type": "string" - }, - "Project": { - "markdownDescription": "The name or ARN of the project that is to contain the new feature.", - "title": "Project", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" - }, - "Variations": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Feature.VariationObject" - }, - "markdownDescription": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` ).", - "title": "Variations", - "type": "array" } }, "required": [ - "Name", - "Project", - "Variations" + "Cluster", + "Service", + "TaskSetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Feature" + "AWS::ECS::PrimaryTaskSet" ], "type": "string" }, @@ -98137,57 +104723,7 @@ ], "type": "object" }, - "AWS::Evidently::Feature.EntityOverride": { - "additionalProperties": false, - "properties": { - "EntityId": { - "markdownDescription": "The entity ID to be served the variation specified in `Variation` .", - "title": "EntityId", - "type": "string" - }, - "Variation": { - "markdownDescription": "The name of the variation to serve to the user session that matches the `EntityId` .", - "title": "Variation", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Evidently::Feature.VariationObject": { - "additionalProperties": false, - "properties": { - "BooleanValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is boolean.", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a double.", - "title": "DoubleValue", - "type": "number" - }, - "LongValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a long.", - "title": "LongValue", - "type": "number" - }, - "StringValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a string.", - "title": "StringValue", - "type": "string" - }, - "VariationName": { - "markdownDescription": "A name for the variation. It can include up to 127 characters.", - "title": "VariationName", - "type": "string" - } - }, - "required": [ - "VariationName" - ], - "type": "object" - }, - "AWS::Evidently::Launch": { + "AWS::ECS::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -98222,75 +104758,161 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description for the launch.", - "title": "Description", + "AvailabilityZoneRebalancing": { + "markdownDescription": "Indicates whether to use Availability Zone rebalancing for the service.\n\nFor more information, see [Balancing an Amazon ECS service across Availability Zones](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-rebalancing.html) in the **Amazon Elastic Container Service Developer Guide** .", + "title": "AvailabilityZoneRebalancing", "type": "string" }, - "ExecutionStatus": { - "$ref": "#/definitions/AWS::Evidently::Launch.ExecutionStatusObject", - "markdownDescription": "A structure that you can use to start and stop the launch.", - "title": "ExecutionStatus" + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy can contain a maximum of 20 capacity providers.\n\n> To remove this property from your service resource, specify an empty `CapacityProviderStrategyItem` array.", + "title": "CapacityProviderStrategy", + "type": "array" }, - "Groups": { + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", + "title": "Cluster", + "type": "string" + }, + "DeploymentConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentConfiguration", + "markdownDescription": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", + "title": "DeploymentConfiguration" + }, + "DeploymentController": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentController", + "markdownDescription": "The deployment controller to use for the service.", + "title": "DeploymentController" + }, + "DesiredCount": { + "markdownDescription": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", + "title": "DesiredCount", + "type": "number" + }, + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you must set the `propagateTags` request parameter.", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "HealthCheckGracePeriodSeconds": { + "markdownDescription": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of `0` is used. If you don't use any of the health checks, then `healthCheckGracePeriodSeconds` is unused.\n\nIf your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", + "title": "HealthCheckGracePeriodSeconds", + "type": "number" + }, + "LaunchType": { + "markdownDescription": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", + "type": "string" + }, + "LoadBalancers": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.LaunchGroupObject" + "$ref": "#/definitions/AWS::ECS::Service.LoadBalancer" }, - "markdownDescription": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch.", - "title": "Groups", + "markdownDescription": "A list of load balancer objects to associate with the service. If you specify the `Role` property, `LoadBalancers` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> To remove this property from your service resource, specify an empty `LoadBalancer` array.", + "title": "LoadBalancers", "type": "array" }, - "MetricMonitors": { + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.NetworkConfiguration", + "markdownDescription": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.MetricDefinitionObject" + "$ref": "#/definitions/AWS::ECS::Service.PlacementConstraint" }, - "markdownDescription": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array.", - "title": "MetricMonitors", + "markdownDescription": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.\n\n> To remove this property from your service resource, specify an empty `PlacementConstraint` array.", + "title": "PlacementConstraints", "type": "array" }, - "Name": { - "markdownDescription": "The name for the launch. It can include up to 127 characters.", - "title": "Name", + "PlacementStrategies": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.PlacementStrategy" + }, + "markdownDescription": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.\n\n> To remove this property from your service resource, specify an empty `PlacementStrategy` array.", + "title": "PlacementStrategies", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", "type": "string" }, - "Project": { - "markdownDescription": "The name or ARN of the project that you want to create the launch in.", - "title": "Project", + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n\nYou must set this to a value other than `NONE` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe default is `NONE` .", + "title": "PropagateTags", "type": "string" }, - "RandomizationSalt": { - "markdownDescription": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` .", - "title": "RandomizationSalt", + "Role": { + "markdownDescription": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the `awsvpc` network mode. If you specify the `role` parameter, you must also specify a load balancer object with the `loadBalancers` parameter.\n\n> If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the `awsvpc` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nIf your specified role has a path other than `/` , then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` then you would specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", + "title": "Role", "type": "string" }, - "ScheduledSplitsConfig": { + "SchedulingStrategy": { + "markdownDescription": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nThere are two service scheduler strategies available:\n\n- `REPLICA` -The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the `CODE_DEPLOY` or `EXTERNAL` deployment controller types.\n- `DAEMON` -The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n\n> Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy.", + "title": "SchedulingStrategy", + "type": "string" + }, + "ServiceConnectConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectConfiguration", + "markdownDescription": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ServiceConnectConfiguration" + }, + "ServiceName": { + "markdownDescription": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n\n> The stack update fails if you change any properties that require replacement and the `ServiceName` is configured. This is because AWS CloudFormation creates the replacement service first, but each `ServiceName` must be unique in the cluster.", + "title": "ServiceName", + "type": "string" + }, + "ServiceRegistries": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.StepConfig" + "$ref": "#/definitions/AWS::ECS::Service.ServiceRegistry" }, - "markdownDescription": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch.", - "title": "ScheduledSplitsConfig", + "markdownDescription": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .\n\n> Each service may be associated with one service registry. Multiple service registries for each service isn't supported. > To remove this property from your service resource, specify an empty `ServiceRegistry` array.", + "title": "ServiceRegistries", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the launch.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a launch.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "markdownDescription": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TaskDefinition": { + "markdownDescription": "The `family` and `revision` ( `family:revision` ) or full ARN of the task definition to run in your service. If a `revision` isn't specified, the latest `ACTIVE` revision is used.\n\nA task definition must be specified if the service uses either the `ECS` or `CODE_DEPLOY` deployment controllers.\n\nFor more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) .", + "title": "TaskDefinition", + "type": "string" + }, + "VolumeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceVolumeConfiguration" + }, + "markdownDescription": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n\n> To remove this property from your service resource, specify an empty `ServiceVolumeConfiguration` array.", + "title": "VolumeConfigurations", + "type": "array" + }, + "VpcLatticeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.VpcLatticeConfiguration" + }, + "markdownDescription": "The VPC Lattice configuration for the service being created.", + "title": "VpcLatticeConfigurations", + "type": "array" } }, - "required": [ - "Groups", - "Name", - "Project", - "ScheduledSplitsConfig" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Launch" + "AWS::ECS::Service" ], "type": "string" }, @@ -98304,919 +104926,712 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Evidently::Launch.ExecutionStatusObject": { + "AWS::ECS::Service.AdvancedConfiguration": { "additionalProperties": false, "properties": { - "DesiredState": { - "markdownDescription": "If you are using AWS CloudFormation to stop this launch, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment. If you omit this parameter, the default of `COMPLETED` is used.", - "title": "DesiredState", + "AlternateTargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alternate target group for Amazon ECS blue/green deployments.", + "title": "AlternateTargetGroupArn", "type": "string" }, - "Reason": { - "markdownDescription": "If you are using AWS CloudFormation to stop this launch, this is an optional field that you can use to record why the launch is being stopped or cancelled.", - "title": "Reason", + "ProductionListenerRule": { + "markdownDescription": "The Amazon Resource Name (ARN) that that identifies the production listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing production traffic.", + "title": "ProductionListenerRule", "type": "string" }, - "Status": { - "markdownDescription": "To start the launch now, specify `START` for this parameter. If this launch is currently running and you want to stop it now, specify `STOP` .", - "title": "Status", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call the Elastic Load Balancing APIs for you.", + "title": "RoleArn", + "type": "string" + }, + "TestListenerRule": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies ) that identifies the test listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing test traffic.", + "title": "TestListenerRule", "type": "string" } }, "required": [ - "Status" + "AlternateTargetGroupArn" ], "type": "object" }, - "AWS::Evidently::Launch.GroupToWeight": { + "AWS::ECS::Service.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the launch group. It can include up to 127 characters.", - "title": "GroupName", + "AssignPublicIp": { + "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", + "title": "AssignPublicIp", "type": "string" }, - "SplitWeight": { - "markdownDescription": "The portion of launch traffic to allocate to this launch group.\n\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group.", - "title": "SplitWeight", - "type": "number" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", + "title": "Subnets", + "type": "array" } }, - "required": [ - "GroupName", - "SplitWeight" - ], "type": "object" }, - "AWS::Evidently::Launch.LaunchGroupObject": { + "AWS::ECS::Service.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the launch group.", - "title": "Description", - "type": "string" - }, - "Feature": { - "markdownDescription": "The feature that this launch is using.", - "title": "Feature", - "type": "string" + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" }, - "GroupName": { - "markdownDescription": "A name for this launch group. It can include up to 127 characters.", - "title": "GroupName", + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "Variation": { - "markdownDescription": "The feature variation to use for this launch group.", - "title": "Variation", - "type": "string" + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" } }, - "required": [ - "Feature", - "GroupName", - "Variation" - ], "type": "object" }, - "AWS::Evidently::Launch.MetricDefinitionObject": { + "AWS::ECS::Service.DeploymentAlarms": { "additionalProperties": false, "properties": { - "EntityIdKey": { - "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", - "title": "EntityIdKey", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", - "title": "EventPattern", - "type": "string" - }, - "MetricName": { - "markdownDescription": "A name for the metric. It can include up to 255 characters.", - "title": "MetricName", - "type": "string" + "AlarmNames": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more CloudWatch alarm names. Use a \",\" to separate the alarms.", + "title": "AlarmNames", + "type": "array" }, - "UnitLabel": { - "markdownDescription": "A label for the units that the metric is measuring.", - "title": "UnitLabel", - "type": "string" + "Enable": { + "markdownDescription": "Determines whether to use the CloudWatch alarm option in the service deployment process.", + "title": "Enable", + "type": "boolean" }, - "ValueKey": { - "markdownDescription": "The value that is tracked to produce the metric.", - "title": "ValueKey", - "type": "string" + "Rollback": { + "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", + "title": "Rollback", + "type": "boolean" } }, "required": [ - "EntityIdKey", - "MetricName", - "ValueKey" + "AlarmNames", + "Enable", + "Rollback" ], "type": "object" }, - "AWS::Evidently::Launch.SegmentOverride": { + "AWS::ECS::Service.DeploymentCircuitBreaker": { "additionalProperties": false, "properties": { - "EvaluationOrder": { - "markdownDescription": "A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first.", - "title": "EvaluationOrder", - "type": "number" - }, - "Segment": { - "markdownDescription": "The ARN of the segment to use for this override.", - "title": "Segment", - "type": "string" + "Enable": { + "markdownDescription": "Determines whether to use the deployment circuit breaker logic for the service.", + "title": "Enable", + "type": "boolean" }, - "Weights": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" - }, - "markdownDescription": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic.", - "title": "Weights", - "type": "array" + "Rollback": { + "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", + "title": "Rollback", + "type": "boolean" } }, "required": [ - "EvaluationOrder", - "Segment", - "Weights" + "Enable", + "Rollback" ], "type": "object" }, - "AWS::Evidently::Launch.StepConfig": { + "AWS::ECS::Service.DeploymentConfiguration": { "additionalProperties": false, "properties": { - "GroupWeights": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" - }, - "markdownDescription": "An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch.", - "title": "GroupWeights", - "type": "array" + "Alarms": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentAlarms", + "markdownDescription": "Information about the CloudWatch alarms.", + "title": "Alarms" }, - "SegmentOverrides": { + "BakeTimeInMinutes": { + "markdownDescription": "The duration when both blue and green service revisions are running simultaneously after the production traffic has shifted.\n\nThe following rules apply when you don't specify a value:\n\n- For rolling deployments, the value is set to 3 hours (180 minutes).\n- When you use an external deployment controller ( `EXTERNAL` ), or the CodeDeploy blue/green deployment controller ( `CODE_DEPLOY` ), the value is set to 3 hours (180 minutes).\n- For all other cases, the value is set to 36 hours (2160 minutes).", + "title": "BakeTimeInMinutes", + "type": "number" + }, + "DeploymentCircuitBreaker": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentCircuitBreaker", + "markdownDescription": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", + "title": "DeploymentCircuitBreaker" + }, + "LifecycleHooks": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.SegmentOverride" + "$ref": "#/definitions/AWS::ECS::Service.DeploymentLifecycleHook" }, - "markdownDescription": "An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age.\n\nFor more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) .", - "title": "SegmentOverrides", + "markdownDescription": "An array of deployment lifecycle hook objects to run custom logic at specific stages of the deployment lifecycle.", + "title": "LifecycleHooks", "type": "array" }, - "StartTime": { - "markdownDescription": "The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z`", - "title": "StartTime", + "MaximumPercent": { + "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nThe Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `maximumPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf the service uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service.", + "title": "MaximumPercent", + "type": "number" + }, + "MinimumHealthyPercent": { + "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", + "title": "MinimumHealthyPercent", + "type": "number" + }, + "Strategy": { + "markdownDescription": "The deployment strategy for the service. Choose from these valid values:\n\n- `ROLLING` - When you create a service which uses the rolling update ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n- `BLUE_GREEN` - A blue/green deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.", + "title": "Strategy", "type": "string" } }, - "required": [ - "GroupWeights", - "StartTime" - ], "type": "object" }, - "AWS::Evidently::Project": { + "AWS::ECS::Service.DeploymentController": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppConfigResource": { - "$ref": "#/definitions/AWS::Evidently::Project.AppConfigResourceObject", - "markdownDescription": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission.", - "title": "AppConfigResource" - }, - "DataDelivery": { - "$ref": "#/definitions/AWS::Evidently::Project.DataDeliveryObject", - "markdownDescription": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation.", - "title": "DataDelivery" - }, - "Description": { - "markdownDescription": "An optional description of the project.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the project. It can include up to 127 characters.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the project.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a project.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::Evidently::Project" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The deployment controller type to use.\n\nThe deployment controller is the mechanism that determines how tasks are deployed for your service. The valid options are:\n\n- ECS\n\nWhen you create a service which uses the `ECS` deployment controller, you can choose between the following deployment strategies:\n\n- `ROLLING` : When you create a service which uses the *rolling update* ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n\nRolling update deployments are best suited for the following scenarios:\n\n- Gradual service updates: You need to update your service incrementally without taking the entire service offline at once.\n- Limited resource requirements: You want to avoid the additional resource costs of running two complete environments simultaneously (as required by blue/green deployments).\n- Acceptable deployment time: Your application can tolerate a longer deployment process, as rolling updates replace tasks one by one.\n- No need for instant roll back: Your service can tolerate a rollback process that takes minutes rather than seconds.\n- Simple deployment process: You prefer a straightforward deployment approach without the complexity of managing multiple environments, target groups, and listeners.\n- No load balancer requirement: Your service doesn't use or require a load balancer, Application Load Balancer , Network Load Balancer , or Service Connect (which are required for blue/green deployments).\n- Stateful applications: Your application maintains state that makes it difficult to run two parallel environments.\n- Cost sensitivity: You want to minimize deployment costs by not running duplicate environments during deployment.\n\nRolling updates are the default deployment strategy for services and provide a balance between deployment safety and resource efficiency for many common application scenarios.\n- `BLUE_GREEN` : A *blue/green* deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.\n\nAmazon ECS blue/green deployments are best suited for the following scenarios:\n\n- Service validation: When you need to validate new service revisions before directing production traffic to them\n- Zero downtime: When your service requires zero-downtime deployments\n- Instant roll back: When you need the ability to quickly roll back if issues are detected\n- Load balancer requirement: When your service uses Application Load Balancer , Network Load Balancer , or Service Connect\n- External\n\nUse a third-party deployment controller.\n- Blue/green deployment (powered by CodeDeploy )\n\nCodeDeploy installs an updated version of the application as a new replacement task set and reroutes production traffic from the original application task set to the replacement task set. The original task set is terminated after a successful deployment. Use this deployment controller to verify a new deployment of a service before sending production traffic to it.\n\nWhen updating the deployment controller for a service, consider the following depending on the type of migration you're performing.\n\n- If you have a template that contains the `EXTERNAL` deployment controller information as well as `TaskSet` and `PrimaryTaskSet` resources, and you remove the task set resources from the template when updating from `EXTERNAL` to `ECS` , the `DescribeTaskSet` and `DeleteTaskSet` API calls will return a 400 error after the deployment controller is updated to `ECS` . This results in a delete failure on the task set resources, even though the stack transitions to `UPDATE_COMPLETE` status. For more information, see [Resource removed from stack but not deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html#troubleshooting-errors-resource-removed-not-deleted) in the AWS CloudFormation User Guide. To fix this issue, delete the task sets directly using the Amazon ECS `DeleteTaskSet` API. For more information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference.\n- If you're migrating from `CODE_DEPLOY` to `ECS` with a new task definition and AWS CloudFormation performs a rollback operation, the Amazon ECS `UpdateService` request fails with the following error:\n\nResource handler returned message: \"Invalid request provided: Unable to update task definition on services with a CODE_DEPLOY deployment controller.\n- After a successful migration from `ECS` to `EXTERNAL` deployment controller, you need to manually remove the `ACTIVE` task set, because Amazon ECS no longer manages the deployment. For information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference.", + "title": "Type", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Evidently::Project.AppConfigResourceObject": { + "AWS::ECS::Service.DeploymentLifecycleHook": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The ID of the AWS AppConfig application to use for client-side evaluation.", - "title": "ApplicationId", + "HookTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hook target. Currently, only Lambda function ARNs are supported.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "title": "HookTargetArn", "type": "string" }, - "EnvironmentId": { - "markdownDescription": "The ID of the AWS AppConfig environment to use for client-side evaluation.", - "title": "EnvironmentId", + "LifecycleStages": { + "items": { + "type": "string" + }, + "markdownDescription": "The lifecycle stages at which to run the hook. Choose from these valid values:\n\n- RECONCILE_SERVICE\n\nThe reconciliation stage that only happens when you start a new service deployment with more than 1 service revision in an ACTIVE state.\n\nYou can use a lifecycle hook for this stage.\n- PRE_SCALE_UP\n\nThe green service revision has not started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_SCALE_UP\n\nThe green service revision has started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- TEST_TRAFFIC_SHIFT\n\nThe blue and green service revisions are running. The blue service revision handles 100% of the production traffic. The green service revision is migrating from 0% to 100% of test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_TEST_TRAFFIC_SHIFT\n\nThe test traffic shift is complete. The green service revision handles 100% of the test traffic.\n\nYou can use a lifecycle hook for this stage.\n- PRODUCTION_TRAFFIC_SHIFT\n\nProduction traffic is shifting to the green service revision. The green service revision is migrating from 0% to 100% of production traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_PRODUCTION_TRAFFIC_SHIFT\n\nThe production traffic shift is complete.\n\nYou can use a lifecycle hook for this stage.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "title": "LifecycleStages", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call Lambda functions on your behalf.\n\nFor more information, see [Permissions required for Lambda functions in Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/blue-green-permissions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RoleArn", "type": "string" } }, "required": [ - "ApplicationId", - "EnvironmentId" + "HookTargetArn", + "LifecycleStages", + "RoleArn" ], "type": "object" }, - "AWS::Evidently::Project.DataDeliveryObject": { + "AWS::ECS::Service.EBSTagSpecification": { "additionalProperties": false, "properties": { - "LogGroup": { - "markdownDescription": "If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name.", - "title": "LogGroup", + "PropagateTags": { + "markdownDescription": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", + "title": "PropagateTags", "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::Evidently::Project.S3Destination", - "markdownDescription": "If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::Evidently::Project.S3Destination": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The name of the bucket in which Evidently stores evaluation events.", - "title": "BucketName", + "ResourceType": { + "markdownDescription": "The type of volume resource.", + "title": "ResourceType", "type": "string" }, - "Prefix": { - "markdownDescription": "The bucket prefix in which Evidently stores evaluation events.", - "title": "Prefix", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used.", + "title": "Tags", + "type": "array" } }, "required": [ - "BucketName" + "ResourceType" ], "type": "object" }, - "AWS::Evidently::Segment": { + "AWS::ECS::Service.LoadBalancer": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AdvancedConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.AdvancedConfiguration", + "markdownDescription": "The advanced settings for the load balancer used in blue/green deployments. Specify the alternate target group, listener rules, and IAM role required for traffic shifting during blue/green deployments.", + "title": "AdvancedConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ContainerName": { + "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", + "title": "ContainerName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "An optional description for this segment.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the segment.", - "title": "Name", - "type": "string" - }, - "Pattern": { - "markdownDescription": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", - "title": "Pattern", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "ContainerPort": { + "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", + "title": "ContainerPort", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Evidently::Segment" - ], + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", + "title": "LoadBalancerName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", + "title": "TargetGroupArn", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::FIS::ExperimentTemplate": { + "AWS::ECS::Service.LogConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LogDriver": { + "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", + "title": "LogDriver", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Actions": { - "additionalProperties": false, - "markdownDescription": "The actions for the experiment.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateAction" - } - }, - "title": "Actions", - "type": "object" - }, - "Description": { - "markdownDescription": "The description for the experiment template.", - "title": "Description", - "type": "string" - }, - "ExperimentOptions": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions", - "markdownDescription": "The experiment options for an experiment template.", - "title": "ExperimentOptions" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration", - "markdownDescription": "The configuration for experiment logging.", - "title": "LogConfiguration" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role.", - "title": "RoleArn", + "Options": { + "additionalProperties": true, + "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "StopConditions": { - "items": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition" - }, - "markdownDescription": "The stop conditions for the experiment.", - "title": "StopConditions", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags for the experiment template.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Targets": { - "additionalProperties": false, - "markdownDescription": "The targets for the experiment.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget" - } - }, - "title": "Targets", - "type": "object" } }, - "required": [ - "Description", - "RoleArn", - "StopConditions", - "Tags", - "Targets" - ], + "title": "Options", "type": "object" }, - "Type": { - "enum": [ - "AWS::FIS::ExperimentTemplate" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SecretOptions": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.Secret" + }, + "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "SecretOptions", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration": { + "AWS::ECS::Service.NetworkConfiguration": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.", - "title": "LogGroupArn", + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.AwsVpcConfiguration", + "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", + "title": "AwsvpcConfiguration" + } + }, + "type": "object" + }, + "AWS::ECS::Service.PlacementConstraint": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Expression", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", + "title": "Type", "type": "string" } }, "required": [ - "LogGroupArn" + "Type" ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { + "AWS::ECS::Service.PlacementStrategy": { "additionalProperties": false, "properties": { - "ActionId": { - "markdownDescription": "The ID of the action.", - "title": "ActionId", + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host` , which has the same effect), or any platform or custom attribute that's applied to a container instance, such as `attribute:ecs.availability-zone` . For the `binpack` placement strategy, valid values are `cpu` and `memory` . For the `random` placement strategy, this field is not used.", + "title": "Field", "type": "string" }, - "Description": { - "markdownDescription": "A description for the action.", - "title": "Description", + "Type": { + "markdownDescription": "The type of placement strategy. The `random` placement strategy randomly places tasks on available candidates. The `spread` placement strategy spreads placement across available candidates evenly based on the `field` parameter. The `binpack` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the `field` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.", + "title": "Type", "type": "string" - }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The parameters for the action.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" - }, - "StartAfter": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the action that must be completed before the current action starts.", - "title": "StartAfter", - "type": "array" - }, - "Targets": { - "additionalProperties": true, - "markdownDescription": "The targets for the action.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Targets", - "type": "object" } }, "required": [ - "ActionId" + "Type" ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions": { + "AWS::ECS::Service.Secret": { "additionalProperties": false, "properties": { - "AccountTargeting": { - "markdownDescription": "The account targeting setting for an experiment template.", - "title": "AccountTargeting", + "Name": { + "markdownDescription": "The name of the secret.", + "title": "Name", "type": "string" }, - "EmptyTargetResolutionMode": { - "markdownDescription": "The empty target resolution mode for an experiment template.", - "title": "EmptyTargetResolutionMode", + "ValueFrom": { + "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", + "title": "ValueFrom", "type": "string" } }, + "required": [ + "Name", + "ValueFrom" + ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration": { + "AWS::ECS::Service.ServiceConnectClientAlias": { "additionalProperties": false, "properties": { - "CloudWatchLogsConfiguration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration", - "markdownDescription": "The configuration for experiment logging to CloudWatch Logs .", - "title": "CloudWatchLogsConfiguration" + "DnsName": { + "markdownDescription": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "DnsName", + "type": "string" }, - "LogSchemaVersion": { - "markdownDescription": "The schema version.", - "title": "LogSchemaVersion", + "Port": { + "markdownDescription": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Port", "type": "number" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.S3Configuration", - "markdownDescription": "The configuration for experiment logging to Amazon S3 .", - "title": "S3Configuration" + "TestTrafficRules": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRules", + "markdownDescription": "The configuration for test traffic routing rules used during blue/green deployments with Amazon ECS Service Connect. This allows you to route a portion of traffic to the new service revision of your service for testing before shifting all production traffic.", + "title": "TestTrafficRules" } }, "required": [ - "LogSchemaVersion" + "Port" ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition": { + "AWS::ECS::Service.ServiceConnectConfiguration": { "additionalProperties": false, "properties": { - "Source": { - "markdownDescription": "The source for the stop condition.", - "title": "Source", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether to use Service Connect with this service.", + "title": "Enabled", + "type": "boolean" }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch alarm, if applicable.", - "title": "Value", + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.LogConfiguration", + "markdownDescription": "The log configuration for the container. This parameter maps to `LogConfig` in the docker container create command and the `--log-driver` option to docker run.\n\nBy default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.\n\nUnderstand the following when specifying a log configuration for your containers.\n\n- Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n- This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.\n- For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .\n- For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.", + "title": "LogConfiguration" + }, + "Namespace": { + "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", + "title": "Namespace", "type": "string" + }, + "Services": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectService" + }, + "markdownDescription": "The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service.\n\nThis field is not required for a \"client\" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means.\n\nAn object selects a port from the task definition, assigns a name for the AWS Cloud Map service, and a list of aliases (endpoints) and ports for client applications to refer to this service.", + "title": "Services", + "type": "array" } }, "required": [ - "Source" + "Enabled" ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget": { + "AWS::ECS::Service.ServiceConnectService": { "additionalProperties": false, "properties": { - "Filters": { + "ClientAliases": { "items": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter" + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectClientAlias" }, - "markdownDescription": "The filters to apply to identify target resources using specific attributes.", - "title": "Filters", + "markdownDescription": "The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1.\n\nEach alias (\"endpoint\") is a fully-qualified name and port number that other Amazon ECS tasks (\"clients\") can use to connect to this service.\n\nEach name and port mapping must be unique within the namespace.\n\nFor each `ServiceConnectService` , you must provide at least one `clientAlias` with one `port` .", + "title": "ClientAliases", "type": "array" }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The parameters for the resource type.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" - }, - "ResourceArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the targets.", - "title": "ResourceArns", - "type": "array" + "DiscoveryName": { + "markdownDescription": "The `discoveryName` is the name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the AWS Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n\nIf the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .", + "title": "DiscoveryName", + "type": "string" }, - "ResourceTags": { - "additionalProperties": true, - "markdownDescription": "The tags for the target resources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ResourceTags", - "type": "object" + "IngressPortOverride": { + "markdownDescription": "The port number for the Service Connect proxy to listen on.\n\nUse the value of this field to bypass the proxy for traffic on the port number specified in the named `portMapping` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service.\n\nIn `awsvpc` mode and Fargate, the default value is the container port number. The container port number is in the `portMapping` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy.", + "title": "IngressPortOverride", + "type": "number" }, - "ResourceType": { - "markdownDescription": "The resource type.", - "title": "ResourceType", + "PortName": { + "markdownDescription": "The `portName` must match the name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service.", + "title": "PortName", "type": "string" }, - "SelectionMode": { - "markdownDescription": "Scopes the identified resources to a specific count or percentage.", - "title": "SelectionMode", - "type": "string" + "Timeout": { + "$ref": "#/definitions/AWS::ECS::Service.TimeoutConfiguration", + "markdownDescription": "A reference to an object that represents the configured timeouts for Service Connect.", + "title": "Timeout" + }, + "Tls": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsConfiguration", + "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) configuration.", + "title": "Tls" } }, "required": [ - "ResourceType", - "SelectionMode" + "PortName" ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter": { + "AWS::ECS::Service.ServiceConnectTestTrafficRules": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The attribute path for the filter.", - "title": "Path", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The attribute values for the filter.", - "title": "Values", - "type": "array" + "Header": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRulesHeader", + "markdownDescription": "The HTTP header-based routing rules that determine which requests should be routed to the new service version during blue/green deployment testing. These rules provide fine-grained control over test traffic routing based on request headers.", + "title": "Header" } }, "required": [ - "Path", - "Values" + "Header" ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.S3Configuration": { + "AWS::ECS::Service.ServiceConnectTestTrafficRulesHeader": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the destination bucket.", - "title": "BucketName", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The bucket prefix.", - "title": "Prefix", + "Name": { + "markdownDescription": "", + "title": "Name", "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRulesHeaderValue", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "BucketName" + "Name" ], "type": "object" }, - "AWS::FIS::TargetAccountConfiguration": { + "AWS::ECS::Service.ServiceConnectTestTrafficRulesHeaderValue": { "additionalProperties": false, "properties": { - "Condition": { + "Exact": { + "markdownDescription": "", + "title": "Exact", + "type": "string" + } + }, + "required": [ + "Exact" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTlsCertificateAuthority": { + "additionalProperties": false, + "properties": { + "AwsPcaAuthorityArn": { + "markdownDescription": "The ARN of the AWS Private Certificate Authority certificate.", + "title": "AwsPcaAuthorityArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTlsConfiguration": { + "additionalProperties": false, + "properties": { + "IssuerCertificateAuthority": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsCertificateAuthority", + "markdownDescription": "The signer certificate authority.", + "title": "IssuerCertificateAuthority" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KmsKey": { + "markdownDescription": "The AWS Key Management Service key.", + "title": "KmsKey", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "IssuerCertificateAuthority" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. If you turn on Region-level Amazon EBS encryption by default but set this value as `false` , the setting is overridden and the volume is encrypted with the KMS key specified for Amazon EBS encryption by default. This parameter maps 1:1 with the `Encrypted` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "Encrypted", + "type": "boolean" }, - "Metadata": { - "type": "object" + "FilesystemType": { + "markdownDescription": "The filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the tasks will fail to start.\n\nThe available Linux filesystem types are `ext3` , `ext4` , and `xfs` . If no value is specified, the `xfs` filesystem type is used by default.\n\nThe available Windows filesystem types are `NTFS` .", + "title": "FilesystemType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The AWS account ID of the target account.", - "title": "AccountId", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the target account.", - "title": "Description", - "type": "string" - }, - "ExperimentTemplateId": { - "markdownDescription": "The ID of the experiment template.", - "title": "ExperimentTemplateId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role for the target account.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "AccountId", - "ExperimentTemplateId", - "RoleArn" - ], - "type": "object" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type.\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nThis parameter is required for `io1` and `io2` volume types. The default for `gp3` volumes is `3,000 IOPS` . This parameter is not supported for `st1` , `sc1` , or `standard` volume types.\n\nThis parameter maps 1:1 with the `Iops` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "Iops", + "type": "number" }, - "Type": { - "enum": [ - "AWS::FIS::TargetAccountConfiguration" - ], + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When a key is specified using this parameter, it overrides Amazon EBS default encryption or any KMS key that you specified for cluster-level managed storage encryption. This parameter maps 1:1 with the `KmsKeyId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information about encrypting Amazon EBS volumes attached to tasks, see [Encrypt data stored in Amazon EBS volumes attached to Amazon ECS tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) .\n\n> AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails.", + "title": "KmsKeyId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed `AmazonECSInfrastructureRolePolicyForVolumes` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide* .", + "title": "RoleArn", + "type": "string" + }, + "SizeInGiB": { + "markdownDescription": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the `Size` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\nThe following are the supported volume size values for each volume type.\n\n- `gp2` and `gp3` : 1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024", + "title": "SizeInGiB", + "type": "number" + }, + "SnapshotId": { + "markdownDescription": "The snapshot that Amazon ECS uses to create volumes for attachment to tasks maintained by the service. You must specify either `snapshotId` or `sizeInGiB` in your volume configuration. This parameter maps 1:1 with the `SnapshotId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "SnapshotId", + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.EBSTagSpecification" + }, + "markdownDescription": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the `TagSpecifications.N` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "TagSpecifications", + "type": "array" + }, + "Throughput": { + "markdownDescription": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the `Throughput` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\n> This parameter is only supported for the `gp3` volume type.", + "title": "Throughput", + "type": "number" + }, + "VolumeInitializationRate": { + "markdownDescription": "The rate, in MiB/s, at which data is fetched from a snapshot of an existing EBS volume to create new volumes for attachment to the tasks maintained by the service. This property can be specified only if you specify a `snapshotId` . For more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EBS User Guide* .", + "title": "VolumeInitializationRate", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. This parameter maps 1:1 with the `VolumeType` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide* .\n\nThe following are the supported volume types.\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\n> The magnetic volume type is not supported on Fargate.", + "title": "VolumeType", "type": "string" } }, "required": [ - "Type", - "Properties" + "RoleArn" ], "type": "object" }, - "AWS::FMS::NotificationChannel": { + "AWS::ECS::Service.ServiceRegistry": { "additionalProperties": false, "properties": { - "Condition": { + "ContainerName": { + "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ContainerPort": { + "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerPort", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Port": { + "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", + "title": "Port", + "type": "number" }, - "Metadata": { - "type": "object" + "RegistryArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", + "title": "RegistryArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.ServiceVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "ManagedEBSVolume": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration", + "markdownDescription": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created.", + "title": "ManagedEBSVolume" }, - "Properties": { - "additionalProperties": false, - "properties": { - "SnsRoleName": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity.", - "title": "SnsRoleName", - "type": "string" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager .", - "title": "SnsTopicArn", - "type": "string" - } - }, - "required": [ - "SnsRoleName", - "SnsTopicArn" - ], - "type": "object" + "Name": { + "markdownDescription": "The name of the volume. This value must match the volume name from the `Volume` object in the task definition.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::ECS::Service.TimeoutConfiguration": { + "additionalProperties": false, + "properties": { + "IdleTimeoutSeconds": { + "markdownDescription": "The amount of time in seconds a connection will stay active while idle. A value of `0` can be set to disable `idleTimeout` .\n\nThe `idleTimeout` default for `HTTP` / `HTTP2` / `GRPC` is 5 minutes.\n\nThe `idleTimeout` default for `TCP` is 1 hour.", + "title": "IdleTimeoutSeconds", + "type": "number" }, - "Type": { - "enum": [ - "AWS::FMS::NotificationChannel" - ], + "PerRequestTimeoutSeconds": { + "markdownDescription": "The amount of time waiting for the upstream to respond with a complete response per request. A value of `0` can be set to disable `perRequestTimeout` . `perRequestTimeout` can only be set if Service Connect `appProtocol` isn't `TCP` . Only `idleTimeout` is allowed for `TCP` `appProtocol` .", + "title": "PerRequestTimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::Service.VpcLatticeConfiguration": { + "additionalProperties": false, + "properties": { + "PortName": { + "markdownDescription": "The name of the port mapping to register in the VPC Lattice target group. This is the name of the `portMapping` you defined in your task definition.", + "title": "PortName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with this VPC Lattice configuration. This is the Amazon ECS infrastructure IAM role that is used to manage your VPC Lattice infrastructure.", + "title": "RoleArn", + "type": "string" + }, + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the target group or groups associated with the VPC Lattice configuration that the Amazon ECS tasks will be registered to.", + "title": "TargetGroupArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "PortName", + "RoleArn", + "TargetGroupArn" ], "type": "object" }, - "AWS::FMS::Policy": { + "AWS::ECS::TaskDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -99251,100 +105666,112 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteAllPolicyResources": { - "markdownDescription": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.", - "title": "DeleteAllPolicyResources", - "type": "boolean" + "ContainerDefinitions": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDefinition" + }, + "markdownDescription": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ContainerDefinitions", + "type": "array" }, - "ExcludeMap": { - "$ref": "#/definitions/AWS::FMS::Policy.IEMap", - "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", - "title": "ExcludeMap" + "Cpu": { + "markdownDescription": "The number of `cpu` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the `memory` parameter.\n\nIf you're using the EC2 launch type or the external launch type, this field is optional. Supported values are between `128` CPU units ( `0.125` vCPUs) and `196608` CPU units ( `192` vCPUs).\n\nThis field is required for Fargate. For information about the valid values, see [Task size](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Cpu", + "type": "string" }, - "ExcludeResourceTags": { - "markdownDescription": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy.", - "title": "ExcludeResourceTags", + "EnableFaultInjection": { + "markdownDescription": "Enables fault injection and allows for fault injection requests to be accepted from the task's containers. The default value is `false` .", + "title": "EnableFaultInjection", "type": "boolean" }, - "IncludeMap": { - "$ref": "#/definitions/AWS::FMS::Policy.IEMap", - "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", - "title": "IncludeMap" + "EphemeralStorage": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EphemeralStorage", + "markdownDescription": "The ephemeral storage settings to use for tasks run with the task definition.", + "title": "EphemeralStorage" }, - "PolicyDescription": { - "markdownDescription": "Your description of the AWS Firewall Manager policy.", - "title": "PolicyDescription", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ExecutionRoleArn", "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the AWS Firewall Manager policy.", - "title": "PolicyName", + "Family": { + "markdownDescription": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n\nA family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n\n> To use revision numbers when you update a task definition, specify this property. If you don't specify a value, AWS CloudFormation generates a new task definition each time that you update it.", + "title": "Family", "type": "string" }, - "RemediationEnabled": { - "markdownDescription": "Indicates if the policy should be automatically applied to new resources.", - "title": "RemediationEnabled", - "type": "boolean" + "IpcMode": { + "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . If `host` is specified, then all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If `task` is specified, all containers within the specified task share the same IPC resources. If `none` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance.\n\nIf the `host` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose.\n\nIf you are setting namespaced kernel parameters using `systemControls` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n- For tasks that use the `host` IPC mode, IPC namespace related `systemControls` are not supported.\n- For tasks that use the `task` IPC mode, IPC namespace related `systemControls` will apply to all containers within a task.\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", + "title": "IpcMode", + "type": "string" }, - "ResourceSetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique identifiers of the resource sets used by the policy.", - "title": "ResourceSetIds", - "type": "array" + "Memory": { + "markdownDescription": "The amount (in MiB) of memory used by the task.\n\nIf your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) .\n\nIf your tasks runs on AWS Fargate , this field is required. You must use one of the following values. The value you choose determines your range of valid values for the `cpu` parameter.\n\n- 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256 (.25 vCPU)\n- 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available `cpu` values: 512 (.5 vCPU)\n- 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available `cpu` values: 1024 (1 vCPU)\n- Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available `cpu` values: 2048 (2 vCPU)\n- Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available `cpu` values: 4096 (4 vCPU)\n- Between 16 GB and 60 GB in 4 GB increments - Available `cpu` values: 8192 (8 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.\n- Between 32GB and 120 GB in 8 GB increments - Available `cpu` values: 16384 (16 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.", + "title": "Memory", + "type": "string" }, - "ResourceTags": { + "NetworkMode": { + "markdownDescription": "The Docker networking mode to use for the containers in the task. The valid values are `none` , `bridge` , `awsvpc` , and `host` . If no network mode is specified, the default is `bridge` .\n\nFor Amazon ECS tasks on Fargate, the `awsvpc` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, `` or `awsvpc` can be used. If the network mode is set to `none` , you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The `host` and `awsvpc` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the `bridge` mode.\n\nWith the `host` and `awsvpc` network modes, exposed container ports are mapped directly to the corresponding host port (for the `host` network mode) or the attached elastic network interface port (for the `awsvpc` network mode), so you cannot take advantage of dynamic host port mappings.\n\n> When using the `host` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user. \n\nIf the network mode is `awsvpc` , the task is allocated an elastic network interface, and you must specify a [NetworkConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_NetworkConfiguration.html) value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf the network mode is `host` , you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.", + "title": "NetworkMode", + "type": "string" + }, + "PidMode": { + "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . On Fargate for Linux containers, the only valid value is `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container.\n\nIf the `host` PID mode is used, there's a heightened risk of undesired process namespace exposure.\n\n> This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.", + "title": "PidMode", + "type": "string" + }, + "PlacementConstraints": { "items": { - "$ref": "#/definitions/AWS::FMS::Policy.ResourceTag" + "$ref": "#/definitions/AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint" }, - "markdownDescription": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` .", - "title": "ResourceTags", + "markdownDescription": "An array of placement constraint objects to use for tasks.\n\n> This parameter isn't supported for tasks run on AWS Fargate .", + "title": "PlacementConstraints", "type": "array" }, - "ResourceType": { - "markdownDescription": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` .", - "title": "ResourceType", - "type": "string" + "ProxyConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ProxyConfiguration", + "markdownDescription": "The configuration details for the App Mesh proxy.\n\nYour Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the `ecs-init` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version `20190301` or later, they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ProxyConfiguration" }, - "ResourceTypeList": { + "RequiresCompatibilities": { "items": { "type": "string" }, - "markdownDescription": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` .", - "title": "ResourceTypeList", + "markdownDescription": "The task launch types the task definition was validated against. The valid values are `EC2` , `FARGATE` , and `EXTERNAL` . For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RequiresCompatibilities", "type": "array" }, - "ResourcesCleanUp": { - "markdownDescription": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies.", - "title": "ResourcesCleanUp", - "type": "boolean" - }, - "SecurityServicePolicyData": { - "$ref": "#/definitions/AWS::FMS::Policy.SecurityServicePolicyData", - "markdownDescription": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", - "title": "SecurityServicePolicyData" + "RuntimePlatform": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RuntimePlatform", + "markdownDescription": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.", + "title": "RuntimePlatform" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::FMS::Policy.PolicyTag" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "markdownDescription": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TaskRoleArn": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the AWS Identity and Access Management role that grants containers in the task permission to call AWS APIs on your behalf. For more information, see [Amazon ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIAM roles for tasks on Windows require that the `-EnableTaskIAMRole` option is set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some configuration code to use the feature. For more information, see [Windows IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> String validation is done on the ECS side. If an invalid string value is given for `TaskRoleArn` , it may cause the Cloudformation job to hang.", + "title": "TaskRoleArn", + "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Volume" + }, + "markdownDescription": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> The `host` and `sourcePath` parameters aren't supported for tasks run on AWS Fargate .", + "title": "Volumes", + "type": "array" } }, - "required": [ - "ExcludeResourceTags", - "PolicyName", - "RemediationEnabled", - "SecurityServicePolicyData" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FMS::Policy" + "AWS::ECS::TaskDefinition" ], "type": "string" }, @@ -99358,1074 +105785,1012 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FMS::Policy.IEMap": { + "AWS::ECS::TaskDefinition.AuthorizationConfig": { "additionalProperties": false, "properties": { - "ACCOUNT": { + "AccessPointId": { + "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", + "title": "AccessPointId", + "type": "string" + }, + "IAM": { + "markdownDescription": "Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "IAM", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.ContainerDefinition": { + "additionalProperties": false, + "properties": { + "Command": { "items": { "type": "string" }, - "markdownDescription": "The account list for the map.", - "title": "ACCOUNT", + "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the docker container create command and the `COMMAND` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.", + "title": "Command", "type": "array" }, - "ORGUNIT": { + "Cpu": { + "markdownDescription": "The number of `cpu` units reserved for the container. This parameter maps to `CpuShares` in the docker container create commandand the `--cpu-shares` option to docker run.\n\nThis field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level `cpu` value.\n\n> You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. \n\nLinux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.\n\nOn Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version:\n\n- *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares.\n- *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2.\n- *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares.\n\nOn Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as `0` , which Windows interprets as 1% of one CPU.", + "title": "Cpu", + "type": "number" + }, + "CredentialSpecs": { "items": { "type": "string" }, - "markdownDescription": "The organizational unit list for the map.", - "title": "ORGUNIT", + "markdownDescription": "A list of ARNs in SSM or Amazon S3 to a credential spec ( `CredSpec` ) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the `dockerSecurityOptions` . The maximum number of ARNs is 1.\n\nThere are two formats for each ARN.\n\n- **credentialspecdomainless:MyARN** - You use `credentialspecdomainless:MyARN` to provide a `CredSpec` with an additional section for a secret in AWS Secrets Manager . You provide the login credentials to the domain in the secret.\n\nEach task that runs on any container instance can join different domains.\n\nYou can use this format without joining the container instance to a domain.\n- **credentialspec:MyARN** - You use `credentialspec:MyARN` to provide a `CredSpec` for a single domain.\n\nYou must join the container instance to the domain before you start any tasks that use this task definition.\n\nIn both formats, replace `MyARN` with the ARN in SSM or Amazon S3.\n\nIf you provide a `credentialspecdomainless:MyARN` , the `credspec` must provide a ARN in AWS Secrets Manager for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) .", + "title": "CredentialSpecs", + "type": "array" + }, + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDependency" + }, + "markdownDescription": "The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed.\n\nFor tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nIf the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html) , the `dependsOn` parameter is not supported.", + "title": "DependsOn", + "type": "array" + }, + "DisableNetworking": { + "markdownDescription": "When this parameter is true, networking is off within the container. This parameter maps to `NetworkDisabled` in the docker container create command.\n\n> This parameter is not supported for Windows containers.", + "title": "DisableNetworking", + "type": "boolean" + }, + "DnsSearchDomains": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of DNS search domains that are presented to the container. This parameter maps to `DnsSearch` in the docker container create command and the `--dns-search` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "DnsSearchDomains", + "type": "array" + }, + "DnsServers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of DNS servers that are presented to the container. This parameter maps to `Dns` in the docker container create command and the `--dns` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "DnsServers", + "type": "array" + }, + "DockerLabels": { + "additionalProperties": true, + "markdownDescription": "A key/value map of labels to add to the container. This parameter maps to `Labels` in the docker container create command and the `--label` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DockerLabels", + "type": "object" + }, + "DockerSecurityOptions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type.\n\nFor Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.\n\nFor any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThis parameter maps to `SecurityOpt` in the docker container create command and the `--security-opt` option to docker run.\n\n> The Amazon ECS container agent running on a container instance must register with the `ECS_SELINUX_CAPABLE=true` or `ECS_APPARMOR_CAPABLE=true` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nValid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" | \"credentialspec:CredentialSpecFilePath\"", + "title": "DockerSecurityOptions", + "type": "array" + }, + "EntryPoint": { + "items": { + "type": "string" + }, + "markdownDescription": "> Early versions of the Amazon ECS container agent don't properly handle `entryPoint` parameters. If you have problems using `entryPoint` , update your container agent or enter your commands and arguments as `command` array items instead. \n\nThe entry point that's passed to the container. This parameter maps to `Entrypoint` in the docker container create command and the `--entrypoint` option to docker run.", + "title": "EntryPoint", + "type": "array" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" + }, + "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the docker container create command and the `--env` option to docker run.\n\n> We don't recommend that you use plaintext environment variables for sensitive information, such as credential data.", + "title": "Environment", + "type": "array" + }, + "EnvironmentFiles": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EnvironmentFile" + }, + "markdownDescription": "A list of files containing the environment variables to pass to a container. This parameter maps to the `--env-file` option to docker run.\n\nYou can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file contains an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored.\n\nIf there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "EnvironmentFiles", + "type": "array" + }, + "Essential": { + "markdownDescription": "If the `essential` parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as `false` , its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Essential", + "type": "boolean" + }, + "ExtraHosts": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostEntry" + }, + "markdownDescription": "A list of hostnames and IP address mappings to append to the `/etc/hosts` file on the container. This parameter maps to `ExtraHosts` in the docker container create command and the `--add-host` option to docker run.\n\n> This parameter isn't supported for Windows containers or tasks that use the `awsvpc` network mode.", + "title": "ExtraHosts", + "type": "array" + }, + "FirelensConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FirelensConfiguration", + "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "FirelensConfiguration" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HealthCheck", + "markdownDescription": "The container health check command and associated configuration parameters for the container. This parameter maps to `HealthCheck` in the docker container create command and the `HEALTHCHECK` parameter of docker run.", + "title": "HealthCheck" + }, + "Hostname": { + "markdownDescription": "The hostname to use for your container. This parameter maps to `Hostname` in the docker container create command and the `--hostname` option to docker run.\n\n> The `hostname` parameter is not supported if you're using the `awsvpc` network mode.", + "title": "Hostname", + "type": "string" + }, + "Image": { + "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . For images using tags (repository-url/image:tag), up to 255 characters total are allowed, including letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs (#). For images using digests (repository-url/image@digest), the 255 character limit applies only to the repository URL and image name (everything before the @ sign). The only supported hash function is sha256, and the hash value after sha256: must be exactly 64 characters (only letters A-F, a-f, and numbers 0-9 are allowed). This parameter maps to `Image` in the docker container create command and the `IMAGE` parameter of docker run.\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", + "title": "Image", + "type": "string" + }, + "Interactive": { + "markdownDescription": "When this parameter is `true` , you can deploy containerized applications that require `stdin` or a `tty` to be allocated. This parameter maps to `OpenStdin` in the docker container create command and the `--interactive` option to docker run.", + "title": "Interactive", + "type": "boolean" + }, + "Links": { + "items": { + "type": "string" + }, + "markdownDescription": "The `links` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is `bridge` . The `name:internalName` construct is analogous to `name:alias` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to `Links` in the docker container create command and the `--link` option to docker run.\n\n> This parameter is not supported for Windows containers. > Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.", + "title": "Links", + "type": "array" + }, + "LinuxParameters": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.LinuxParameters", + "markdownDescription": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .\n\n> This parameter is not supported for Windows containers.", + "title": "LinuxParameters" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.LogConfiguration", + "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the docker Create a container command and the `--log-driver` option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LogConfiguration" + }, + "Memory": { + "markdownDescription": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task `memory` value, if one is specified. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nIf using the Fargate launch type, this parameter is optional.\n\nIf using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level `memory` and `memoryReservation` value, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.", + "title": "Memory", + "type": "number" + }, + "MemoryReservation": { + "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the `memory` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to `MemoryReservation` in the docker container create command and the `--memory-reservation` option to docker run.\n\nIf a task-level memory value is not specified, you must specify a non-zero integer for one or both of `memory` or `memoryReservation` in a container definition. If you specify both, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nFor example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a `memoryReservation` of 128 MiB, and a `memory` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.", + "title": "MemoryReservation", + "type": "number" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.MountPoint" + }, + "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the docker container create command and the `--volume` option to docker run.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", + "title": "MountPoints", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a container. If you're linking multiple containers together in a task definition, the `name` of one container can be entered in the `links` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to `name` in the docker container create command and the `--name` option to docker run.", + "title": "Name", + "type": "string" + }, + "PortMappings": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.PortMapping" + }, + "markdownDescription": "The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.\n\nFor task definitions that use the `awsvpc` network mode, you should only specify the `containerPort` . The `hostPort` can be left blank or it must be the same value as the `containerPort` .\n\nPort mappings on Windows use the `NetNAT` gateway address rather than `localhost` . There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.\n\nThis parameter maps to `PortBindings` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--publish` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . If the network mode of a task definition is set to `none` , then you can't specify port mappings. If the network mode of a task definition is set to `host` , then host ports must either be undefined or they must match the container port in the port mapping.\n\n> After a task reaches the `RUNNING` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the `networkBindings` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses.", + "title": "PortMappings", + "type": "array" + }, + "Privileged": { + "markdownDescription": "When this parameter is true, the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the docker container create command and the `--privileged` option to docker run\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", + "title": "Privileged", + "type": "boolean" + }, + "PseudoTerminal": { + "markdownDescription": "When this parameter is `true` , a TTY is allocated. This parameter maps to `Tty` in the docker container create command and the `--tty` option to docker run.", + "title": "PseudoTerminal", + "type": "boolean" + }, + "ReadonlyRootFilesystem": { + "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the docker container create command and the `--read-only` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "ReadonlyRootFilesystem", + "type": "boolean" + }, + "RepositoryCredentials": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RepositoryCredentials", + "markdownDescription": "The private repository authentication credentials to use.", + "title": "RepositoryCredentials" + }, + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ResourceRequirement" + }, + "markdownDescription": "The type and amount of a resource to assign to a container. The only supported resource is a GPU.", + "title": "ResourceRequirements", + "type": "array" + }, + "RestartPolicy": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RestartPolicy", + "markdownDescription": "The restart policy for a container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task. For more information, see [Restart individual containers in Amazon ECS tasks with container restart policies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-restart-policy.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RestartPolicy" + }, + "Secrets": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" + }, + "markdownDescription": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Secrets", + "type": "array" + }, + "StartTimeout": { + "markdownDescription": "Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a `COMPLETE` , `SUCCESS` , or `HEALTHY` status. If a `startTimeout` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a `STOPPED` state.\n\n> When the `ECS_CONTAINER_START_TIMEOUT` container agent configuration variable is used, it's enforced independently from this start timeout value. \n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks using the EC2 launch type, your container instances require at least version `1.26.0` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version `1.26.0-1` of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", + "title": "StartTimeout", + "type": "number" + }, + "StopTimeout": { + "markdownDescription": "Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks that use the Fargate launch type, the max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.\n\nFor tasks that use the EC2 launch type, if the `stopTimeout` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable `ECS_CONTAINER_STOP_TIMEOUT` is used. If neither the `stopTimeout` parameter or the `ECS_CONTAINER_STOP_TIMEOUT` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", + "title": "StopTimeout", + "type": "number" + }, + "SystemControls": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.SystemControl" + }, + "markdownDescription": "A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in the docker container create command and the `--sysctl` option to docker run. For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.", + "title": "SystemControls", + "type": "array" + }, + "Ulimits": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Ulimit" + }, + "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> This parameter is not supported for Windows containers.", + "title": "Ulimits", + "type": "array" + }, + "User": { + "markdownDescription": "The user to use inside the container. This parameter maps to `User` in the docker container create command and the `--user` option to docker run.\n\n> When running tasks using the `host` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gid`\n- `uid:group`\n\n> This parameter is not supported for Windows containers.", + "title": "User", + "type": "string" + }, + "VersionConsistency": { + "markdownDescription": "Specifies whether Amazon ECS will resolve the container image tag provided in the container definition to an image digest. By default, the value is `enabled` . If you set the value for a container as `disabled` , Amazon ECS will not resolve the provided container image tag to a digest and will use the original image URI specified in the container definition for deployment. For more information about container image resolution, see [Container image resolution](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html#deployment-container-image-stability) in the *Amazon ECS Developer Guide* .", + "title": "VersionConsistency", + "type": "string" + }, + "VolumesFrom": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.VolumeFrom" + }, + "markdownDescription": "Data volumes to mount from another container. This parameter maps to `VolumesFrom` in the docker container create command and the `--volumes-from` option to docker run.", + "title": "VolumesFrom", "type": "array" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory to run commands inside the container in. This parameter maps to `WorkingDir` in the docker container create command and the `--workdir` option to docker run.", + "title": "WorkingDirectory", + "type": "string" } }, + "required": [ + "Image", + "Name" + ], "type": "object" }, - "AWS::FMS::Policy.NetworkFirewallPolicy": { + "AWS::ECS::TaskDefinition.ContainerDependency": { "additionalProperties": false, "properties": { - "FirewallDeploymentModel": { - "markdownDescription": "Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .", - "title": "FirewallDeploymentModel", + "Condition": { + "markdownDescription": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a `zero` status. This condition can't be set on an essential container.\n- `HEALTHY` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.", + "title": "Condition", + "type": "string" + }, + "ContainerName": { + "markdownDescription": "The name of a container.", + "title": "ContainerName", "type": "string" } }, - "required": [ - "FirewallDeploymentModel" - ], "type": "object" }, - "AWS::FMS::Policy.PolicyOption": { + "AWS::ECS::TaskDefinition.Device": { "additionalProperties": false, "properties": { - "NetworkFirewallPolicy": { - "$ref": "#/definitions/AWS::FMS::Policy.NetworkFirewallPolicy", - "markdownDescription": "Defines the deployment model to use for the firewall policy.", - "title": "NetworkFirewallPolicy" + "ContainerPath": { + "markdownDescription": "The path inside the container at which to expose the host device.", + "title": "ContainerPath", + "type": "string" }, - "ThirdPartyFirewallPolicy": { - "$ref": "#/definitions/AWS::FMS::Policy.ThirdPartyFirewallPolicy", - "markdownDescription": "Defines the policy options for a third-party firewall policy.", - "title": "ThirdPartyFirewallPolicy" + "HostPath": { + "markdownDescription": "The path for the device on the host container instance.", + "title": "HostPath", + "type": "string" + }, + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device.", + "title": "Permissions", + "type": "array" } }, "type": "object" }, - "AWS::FMS::Policy.PolicyTag": { + "AWS::ECS::TaskDefinition.DockerVolumeConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive.", - "title": "Key", + "Autoprovision": { + "markdownDescription": "If this value is `true` , the Docker volume is created if it doesn't already exist.\n\n> This field is only used if the `scope` is `shared` .", + "title": "Autoprovision", + "type": "boolean" + }, + "Driver": { + "markdownDescription": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use `docker plugin ls` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to `Driver` in the docker container create command and the `xxdriver` option to docker volume create.", + "title": "Driver", "type": "string" }, - "Value": { - "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive.", - "title": "Value", + "DriverOpts": { + "additionalProperties": true, + "markdownDescription": "A map of Docker driver-specific options passed through. This parameter maps to `DriverOpts` in the docker create-volume command and the `xxopt` option to docker volume create.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DriverOpts", + "type": "object" + }, + "Labels": { + "additionalProperties": true, + "markdownDescription": "Custom metadata to add to your Docker volume. This parameter maps to `Labels` in the docker container create command and the `xxlabel` option to docker volume create.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Labels", + "type": "object" + }, + "Scope": { + "markdownDescription": "The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops.", + "title": "Scope", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.EFSVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.AuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", + "title": "AuthorizationConfig" + }, + "FilesystemId": { + "markdownDescription": "The Amazon EFS file system ID to use.", + "title": "FilesystemId", + "type": "string" + }, + "RootDirectory": { + "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying `/` will have the same effect as omitting this parameter.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` which will enforce the path set on the EFS access point.", + "title": "RootDirectory", + "type": "string" + }, + "TransitEncryption": { + "markdownDescription": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryption", "type": "string" + }, + "TransitEncryptionPort": { + "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryptionPort", + "type": "number" } }, "required": [ - "Key", - "Value" + "FilesystemId" ], "type": "object" }, - "AWS::FMS::Policy.ResourceTag": { + "AWS::ECS::TaskDefinition.EnvironmentFile": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The resource tag key.", - "title": "Key", + "Type": { + "markdownDescription": "The file type to use. Environment files are objects in Amazon S3. The only supported value is `s3` .", + "title": "Type", "type": "string" }, "Value": { - "markdownDescription": "The resource tag value.", + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", "title": "Value", "type": "string" } }, - "required": [ - "Key" - ], "type": "object" }, - "AWS::FMS::Policy.SecurityServicePolicyData": { + "AWS::ECS::TaskDefinition.EphemeralStorage": { "additionalProperties": false, "properties": { - "ManagedServiceData": { - "markdownDescription": "Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", - "title": "ManagedServiceData", + "SizeInGiB": { + "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", + "title": "SizeInGiB", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.FSxAuthorizationConfig": { + "additionalProperties": false, + "properties": { + "CredentialsParameter": { + "markdownDescription": "The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an AWS Secrets Manager secret or SSM Parameter Store parameter. The ARN refers to the stored credentials.", + "title": "CredentialsParameter", "type": "string" }, - "PolicyOption": { - "$ref": "#/definitions/AWS::FMS::Policy.PolicyOption", - "markdownDescription": "Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy.", - "title": "PolicyOption" - }, - "Type": { - "markdownDescription": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong .", - "title": "Type", + "Domain": { + "markdownDescription": "A fully qualified domain name hosted by an [AWS Directory Service](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.", + "title": "Domain", "type": "string" } }, "required": [ - "Type" + "CredentialsParameter", + "Domain" ], "type": "object" }, - "AWS::FMS::Policy.ThirdPartyFirewallPolicy": { + "AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration": { "additionalProperties": false, "properties": { - "FirewallDeploymentModel": { - "markdownDescription": "Defines the deployment model to use for the third-party firewall policy.", - "title": "FirewallDeploymentModel", + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxAuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon FSx for Windows File Server file system.", + "title": "AuthorizationConfig" + }, + "FileSystemId": { + "markdownDescription": "The Amazon FSx for Windows File Server file system ID to use.", + "title": "FileSystemId", + "type": "string" + }, + "RootDirectory": { + "markdownDescription": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host.", + "title": "RootDirectory", "type": "string" } }, "required": [ - "FirewallDeploymentModel" + "FileSystemId", + "RootDirectory" ], "type": "object" }, - "AWS::FMS::ResourceSet": { + "AWS::ECS::TaskDefinition.FirelensConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the resource set.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The descriptive name of the resource set. You can't change the name of a resource set after you create it.", - "title": "Name", + "Options": { + "additionalProperties": true, + "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event.\n\nIf specified, valid option keys are:\n\n- `enable-ecs-log-metadata` , which can be `true` or `false`\n- `config-file-type` , which can be `s3` or `file`\n- `config-file-value` , which is either an S3 ARN or a file path", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "ResourceTypeList": { - "items": { - "type": "string" - }, - "markdownDescription": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list.", - "title": "ResourceTypeList", - "type": "array" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Resources", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" } }, - "required": [ - "Name", - "ResourceTypeList" - ], + "title": "Options", "type": "object" }, "Type": { - "enum": [ - "AWS::FMS::ResourceSet" - ], + "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", + "title": "Type", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.HealthCheck": { + "additionalProperties": false, + "properties": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "A string array representing the command that the container runs to determine if it is healthy. The string array must start with `CMD` to run the command arguments directly, or `CMD-SHELL` to run the command with the container's default shell.\n\nWhen you use the AWS Management Console JSON panel, the AWS Command Line Interface , or the APIs, enclose the list of commands in double quotes and brackets.\n\n`[ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]`\n\nYou don't include the double quotes and brackets when you use the AWS Management Console.\n\n`CMD-SHELL, curl -f http://localhost/ || exit 1`\n\nAn exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see `HealthCheck` in the docker container create command.", + "title": "Command", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Interval": { + "markdownDescription": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a `command` .", + "title": "Interval", + "type": "number" + }, + "Retries": { + "markdownDescription": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a `command` .", + "title": "Retries", + "type": "number" + }, + "StartPeriod": { + "markdownDescription": "The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the `startPeriod` is off. This value applies only when you specify a `command` .\n\n> If a health check succeeds within the `startPeriod` , then the container is considered healthy and any subsequent failures count toward the maximum number of retries.", + "title": "StartPeriod", + "type": "number" + }, + "Timeout": { + "markdownDescription": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a `command` .", + "title": "Timeout", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation": { + "AWS::ECS::TaskDefinition.HostEntry": { "additionalProperties": false, "properties": { - "Condition": { + "Hostname": { + "markdownDescription": "The hostname to use in the `/etc/hosts` entry.", + "title": "Hostname", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BatchImportMetaDataOnCreate": { - "markdownDescription": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to `true` .", - "title": "BatchImportMetaDataOnCreate", - "type": "boolean" - }, - "DataRepositoryPath": { - "markdownDescription": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format `s3://myBucket/myPrefix/` . This path specifies where in the S3 data repository files will be imported from or exported to.", - "title": "DataRepositoryPath", - "type": "string" - }, - "FileSystemId": { - "markdownDescription": "The ID of the file system on which the data repository association is configured.", - "title": "FileSystemId", - "type": "string" - }, - "FileSystemPath": { - "markdownDescription": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as `/ns1/` ) or subdirectory (such as `/ns1/subdir/` ) that will be mapped 1-1 with `DataRepositoryPath` . The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/` , then you cannot link another data repository with file system path `/ns1/ns2` .\n\nThis path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n\n> If you specify only a forward slash ( `/` ) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system.", - "title": "FileSystemPath", - "type": "string" - }, - "ImportedFileChunkSize": { - "markdownDescription": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.", - "title": "ImportedFileChunkSize", - "type": "number" - }, - "S3": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.S3", - "markdownDescription": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.", - "title": "S3" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DataRepositoryPath", - "FileSystemId", - "FileSystemPath" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::FSx::DataRepositoryAssociation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IpAddress": { + "markdownDescription": "The IP address to use in the `/etc/hosts` entry.", + "title": "IpAddress", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation.AutoExportPolicy": { + "AWS::ECS::TaskDefinition.HostVolumeProperties": { "additionalProperties": false, "properties": { - "Events": { - "items": { - "type": "string" - }, - "markdownDescription": "The `AutoExportPolicy` can have the following event values:\n\n- `NEW` - New files and directories are automatically exported to the data repository as they are added to the file system.\n- `CHANGED` - Changes to files and directories on the file system are automatically exported to the data repository.\n- `DELETED` - Files and directories are automatically deleted on the data repository when they are deleted on the file system.\n\nYou can define any combination of event types for your `AutoExportPolicy` .", - "title": "Events", - "type": "array" + "SourcePath": { + "markdownDescription": "When the `host` parameter is used, specify a `sourcePath` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the `host` parameter contains a `sourcePath` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the `sourcePath` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\nIf you're using the Fargate launch type, the `sourcePath` parameter is not supported.", + "title": "SourcePath", + "type": "string" } }, - "required": [ - "Events" - ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation.AutoImportPolicy": { + "AWS::ECS::TaskDefinition.KernelCapabilities": { "additionalProperties": false, "properties": { - "Events": { + "Add": { "items": { "type": "string" }, - "markdownDescription": "The `AutoImportPolicy` can have the following event values:\n\n- `NEW` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `CHANGED` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository.\n- `DELETED` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository.\n\nYou can define any combination of event types for your `AutoImportPolicy` .", - "title": "Events", + "markdownDescription": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to `CapAdd` in the docker container create command and the `--cap-add` option to docker run.\n\n> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE` kernel capability. \n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", + "title": "Add", + "type": "array" + }, + "Drop": { + "items": { + "type": "string" + }, + "markdownDescription": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to `CapDrop` in the docker container create command and the `--cap-drop` option to docker run.\n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", + "title": "Drop", "type": "array" } }, - "required": [ - "Events" - ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation.S3": { + "AWS::ECS::TaskDefinition.KeyValuePair": { "additionalProperties": false, "properties": { - "AutoExportPolicy": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoExportPolicy", - "markdownDescription": "Describes a data repository association's automatic export policy. The `AutoExportPolicy` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file.\n\nThe `AutoExportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", - "title": "AutoExportPolicy" + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", + "type": "string" }, - "AutoImportPolicy": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoImportPolicy", - "markdownDescription": "Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket.\n\nThe `AutoImportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", - "title": "AutoImportPolicy" + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::FSx::FileSystem": { + "AWS::ECS::TaskDefinition.LinuxParameters": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Capabilities": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KernelCapabilities", + "markdownDescription": "The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.\n\n> For tasks that use the Fargate launch type, `capabilities` is supported for all platform versions but the `add` parameter is only supported if using platform version 1.4.0 or later.", + "title": "Capabilities" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Devices": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Device" + }, + "markdownDescription": "Any host devices to expose to the container. This parameter maps to `Devices` in the docker container create command and the `--device` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `devices` parameter isn't supported.", + "title": "Devices", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InitProcessEnabled": { + "markdownDescription": "Run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "title": "InitProcessEnabled", + "type": "boolean" }, - "Metadata": { - "type": "object" + "MaxSwap": { + "markdownDescription": "The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the `--memory-swap` option to docker run where the value would be the sum of the container memory plus the `maxSwap` value.\n\nIf a `maxSwap` value of `0` is specified, the container will not use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n> If you're using tasks that use the Fargate launch type, the `maxSwap` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", + "title": "MaxSwap", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BackupId": { - "markdownDescription": "The ID of the file system backup that you are using to create a file system. For more information, see [CreateFileSystemFromBackup](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html) .", - "title": "BackupId", - "type": "string" - }, - "FileSystemType": { - "markdownDescription": "The type of Amazon FSx file system, which can be `LUSTRE` , `WINDOWS` , `ONTAP` , or `OPENZFS` .", - "title": "FileSystemType", - "type": "string" - }, - "FileSystemTypeVersion": { - "markdownDescription": "For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are `2.10` , `2.12` , and `2.15` :\n\n- `2.10` is supported by the Scratch and Persistent_1 Lustre deployment types.\n- `2.12` is supported by all Lustre deployment types, except for `PERSISTENT_2` with a metadata configuration mode.\n- `2.15` is supported by all Lustre deployment types and is recommended for all new file systems.\n\nDefault value is `2.10` , except for the following deployments:\n\n- Default value is `2.12` when `DeploymentType` is set to `PERSISTENT_2` without a metadata configuration mode.\n- Default value is `2.15` when `DeploymentType` is set to `PERSISTENT_2` with a metadata configuration mode.", - "title": "FileSystemTypeVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server\n\nIf this ID isn't specified, the Amazon FSx-managed key for your account is used. For more information, see [Encrypt](https://docs.aws.amazon.com//kms/latest/APIReference/API_Encrypt.html) in the *AWS Key Management Service API Reference* .", - "title": "KmsKeyId", - "type": "string" - }, - "LustreConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.LustreConfiguration", - "markdownDescription": "The Lustre configuration for the file system being created. This configuration is required if the `FileSystemType` is set to `LUSTRE` .\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", - "title": "LustreConfiguration" - }, - "OntapConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.OntapConfiguration", - "markdownDescription": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating. This configuration is required if the `FileSystemType` is set to `ONTAP` .", - "title": "OntapConfiguration" - }, - "OpenZFSConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.OpenZFSConfiguration", - "markdownDescription": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating. This configuration is required if the `FileSystemType` is set to `OPENZFS` .", - "title": "OpenZFSConfiguration" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", - "title": "SecurityGroupIds", - "type": "array" - }, - "StorageCapacity": { - "markdownDescription": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", - "title": "StorageCapacity", - "type": "number" - }, - "StorageType": { - "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type and for Lustre file systems with the Persistent_2 deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [FSx for Lustre storage classes](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html#lustre-storage-classes) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageType", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "Tags", - "type": "array" - }, - "WindowsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.WindowsConfiguration", - "markdownDescription": "The configuration object for the Microsoft Windows file system you are creating. This configuration is required if `FileSystemType` is set to `WINDOWS` .", - "title": "WindowsConfiguration" - } - }, - "required": [ - "FileSystemType", - "SubnetIds" - ], - "type": "object" + "SharedMemorySize": { + "markdownDescription": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to docker run.\n\n> If you are using tasks that use the Fargate launch type, the `sharedMemorySize` parameter is not supported.", + "title": "SharedMemorySize", + "type": "number" }, - "Type": { - "enum": [ - "AWS::FSx::FileSystem" - ], - "type": "string" + "Swappiness": { + "markdownDescription": "This allows you to tune a container's memory swappiness behavior. A `swappiness` value of `0` will cause swapping to not happen unless absolutely necessary. A `swappiness` value of `100` will cause pages to be swapped very aggressively. Accepted values are whole numbers between `0` and `100` . If the `swappiness` parameter is not specified, a default value of `60` is used. If a value is not specified for `maxSwap` then this parameter is ignored. This parameter maps to the `--memory-swappiness` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `swappiness` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", + "title": "Swappiness", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Tmpfs": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Tmpfs" + }, + "markdownDescription": "The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the `--tmpfs` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `tmpfs` parameter isn't supported.", + "title": "Tmpfs", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::FSx::FileSystem.AuditLogConfiguration": { + "AWS::ECS::TaskDefinition.LogConfiguration": { "additionalProperties": false, "properties": { - "AuditLogDestination": { - "markdownDescription": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN.\n\nThe name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehose delivery stream must begin with the `aws-fsx` prefix.\n\nThe destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose delivery stream) must be in the same AWS partition, AWS Region , and AWS account as your Amazon FSx file system.", - "title": "AuditLogDestination", + "LogDriver": { + "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", + "title": "LogDriver", "type": "string" }, - "FileAccessAuditLogLevel": { - "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file and folder accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access files or folders are logged.\n- `FAILURE_ONLY` - only failed attempts to access files or folders are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access files or folders are logged.\n- `DISABLED` - access auditing of files and folders is turned off.", - "title": "FileAccessAuditLogLevel", - "type": "string" + "Options": { + "additionalProperties": true, + "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" }, - "FileShareAccessAuditLogLevel": { - "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file share accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access file shares are logged.\n- `FAILURE_ONLY` - only failed attempts to access file shares are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access file shares are logged.\n- `DISABLED` - access auditing of file shares is turned off.", - "title": "FileShareAccessAuditLogLevel", - "type": "string" + "SecretOptions": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" + }, + "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "SecretOptions", + "type": "array" } }, "required": [ - "FileAccessAuditLogLevel", - "FileShareAccessAuditLogLevel" + "LogDriver" ], "type": "object" }, - "AWS::FSx::FileSystem.ClientConfigurations": { + "AWS::ECS::TaskDefinition.MountPoint": { "additionalProperties": false, "properties": { - "Clients": { - "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", - "title": "Clients", + "ContainerPath": { + "markdownDescription": "The path on the container to mount the host volume at.", + "title": "ContainerPath", "type": "string" }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", - "title": "Options", - "type": "array" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.DiskIopsConfiguration": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The total number of SSD IOPS provisioned for the file system.\n\nThe minimum and maximum values for this property depend on the value of `HAPairs` and `StorageCapacity` . The minimum value is calculated as `StorageCapacity` * 3 * `HAPairs` (3 IOPS per GB of `StorageCapacity` ). The maximum value is calculated as 200,000 * `HAPairs` .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) if the value of `Iops` is outside of the minimum or maximum values.", - "title": "Iops", - "type": "number" + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" }, - "Mode": { - "markdownDescription": "Specifies whether the file system is using the `AUTOMATIC` setting of SSD IOPS of 3 IOPS per GB of storage capacity, or if it using a `USER_PROVISIONED` value.", - "title": "Mode", + "SourceVolume": { + "markdownDescription": "The name of the volume to mount. Must be a volume name referenced in the `name` parameter of task definition `volume` .", + "title": "SourceVolume", "type": "string" } }, "type": "object" }, - "AWS::FSx::FileSystem.LustreConfiguration": { + "AWS::ECS::TaskDefinition.PortMapping": { "additionalProperties": false, "properties": { - "AutoImportPolicy": { - "markdownDescription": "(Optional) When you create your file system, your existing S3 objects appear as file and directory listings. Use this property to choose how Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. `AutoImportPolicy` can have the following values:\n\n- `NONE` - (Default) AutoImport is off. Amazon FSx only updates file and directory listings from the linked S3 bucket when the file system is created. FSx does not update file and directory listings for any new or changed objects after choosing this option.\n- `NEW` - AutoImport is on. Amazon FSx automatically imports directory listings of any new objects added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `NEW_CHANGED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket and any existing objects that are changed in the S3 bucket after you choose this option.\n- `NEW_CHANGED_DELETED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket, any existing objects that are changed in the S3 bucket, and any objects that were deleted in the S3 bucket.\n\nFor more information, see [Automatically import updates from your S3 bucket](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) .\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "AutoImportPolicy", + "AppProtocol": { + "markdownDescription": "The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.\n\nIf you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP.\n\n`appProtocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "AppProtocol", "type": "string" }, - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `0` .", - "title": "AutomaticBackupRetentionDays", + "ContainerPort": { + "markdownDescription": "The port number on the container that's bound to the user-specified or automatically assigned host port.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, specify the exposed ports using `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see `hostPort` . Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance.", + "title": "ContainerPort", "type": "number" }, - "CopyTagsToBackups": { - "markdownDescription": "(Optional) Not available for use with file systems that are linked to a data repository. A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. If `CopyTagsToBackups` is set to true, all file system tags are copied to all automatic and user-initiated backups when the user doesn't specify any backup-specific tags. If `CopyTagsToBackups` is set to true and you specify one or more backup tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.\n\n(Default = `false` )\n\nFor more information, see [Working with backups](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-backups-fsx.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DataCompressionType": { - "markdownDescription": "Sets the data compression configuration for the file system. `DataCompressionType` can have the following values:\n\n- `NONE` - (Default) Data compression is turned off when the file system is created.\n- `LZ4` - Data compression is turned on with the LZ4 algorithm.\n\nFor more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "DataCompressionType", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "(Optional) Choose `SCRATCH_1` and `SCRATCH_2` deployment types when you need temporary storage and shorter-term processing of data. The `SCRATCH_2` deployment type provides in-transit encryption of data and higher burst throughput capacity than `SCRATCH_1` .\n\nChoose `PERSISTENT_1` for longer-term storage and for throughput-focused workloads that aren\u2019t latency-sensitive. `PERSISTENT_1` supports encryption of data in transit, and is available in all AWS Regions in which FSx for Lustre is available.\n\nChoose `PERSISTENT_2` for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. `PERSISTENT_2` supports the SSD and Intelligent-Tiering storage classes. You can optionally specify a metadata configuration mode for `PERSISTENT_2` which supports increasing metadata performance. `PERSISTENT_2` is available in a limited number of AWS Regions . For more information, and an up-to-date list of AWS Regions in which `PERSISTENT_2` is available, see [Deployment and storage class options for FSx for Lustre file systems](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html) in the *Amazon FSx for Lustre User Guide* .\n\n> If you choose `PERSISTENT_2` , and you set `FileSystemTypeVersion` to `2.10` , the `CreateFileSystem` operation fails. \n\nEncryption of data in transit is automatically turned on when you access `SCRATCH_2` , `PERSISTENT_1` , and `PERSISTENT_2` file systems from Amazon EC2 instances that support automatic encryption in the AWS Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see [Encrypting data in transit](https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) in the *Amazon FSx for Lustre User Guide* .\n\n(Default = `SCRATCH_1` )", - "title": "DeploymentType", - "type": "string" - }, - "DriveCacheType": { - "markdownDescription": "The type of drive cache used by `PERSISTENT_1` file systems that are provisioned with HDD storage devices. This parameter is required when storage type is HDD. Set this property to `READ` to improve the performance for frequently accessed files by caching up to 20% of the total storage capacity of the file system.\n\nThis parameter is required when `StorageType` is set to `HDD` and `DeploymentType` is `PERSISTENT_1` .", - "title": "DriveCacheType", - "type": "string" - }, - "ExportPath": { - "markdownDescription": "(Optional) Specifies the path in the Amazon S3 bucket where the root of your Amazon FSx file system is exported. The path must use the same Amazon S3 bucket as specified in ImportPath. You can provide an optional prefix to which new and changed data is to be exported from your Amazon FSx for Lustre file system. If an `ExportPath` value is not provided, Amazon FSx sets a default export path, `s3://import-bucket/FSxLustre[creation-timestamp]` . The timestamp is in UTC format, for example `s3://import-bucket/FSxLustre20181105T222312Z` .\n\nThe Amazon S3 export bucket must be the same as the import bucket specified by `ImportPath` . If you specify only a bucket name, such as `s3://import-bucket` , you get a 1:1 mapping of file system objects to S3 bucket objects. This mapping means that the input data in S3 is overwritten on export. If you provide a custom prefix in the export path, such as `s3://import-bucket/[custom-optional-prefix]` , Amazon FSx exports the contents of your file system to that export prefix in the Amazon S3 bucket.\n\n> This parameter is not supported for file systems with a data repository association.", - "title": "ExportPath", - "type": "string" - }, - "ImportPath": { - "markdownDescription": "(Optional) The path to the Amazon S3 bucket (including the optional prefix) that you're using as the data repository for your Amazon FSx for Lustre file system. The root of your FSx for Lustre file system will be mapped to the root of the Amazon S3 bucket you select. An example is `s3://import-bucket/optional-prefix` . If you specify a prefix after the Amazon S3 bucket name, only object keys with that prefix are loaded into the file system.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "ImportPath", + "ContainerPortRange": { + "markdownDescription": "The port number range on the container that's bound to the dynamically mapped host port range.\n\nThe following rules apply when you specify a `containerPortRange` :\n\n- You must use either the `bridge` network mode or the `awsvpc` network mode.\n- This parameter is available for both the EC2 and AWS Fargate launch types.\n- This parameter is available for both the Linux and Windows operating systems.\n- The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the `ecs-init` package\n- You can specify a maximum of 100 port ranges per container.\n- You do not specify a `hostPortRange` . The value of the `hostPortRange` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPortRange` is set to the same value as the `containerPortRange` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.\n- The `containerPortRange` valid values are between 1 and 65535.\n- A port can only be included in one port mapping per container.\n- You cannot specify overlapping port ranges.\n- The first port in the range must be less than last port in the range.\n- Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.\n\nFor more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website.\n\nFor information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide* .\n\nYou can call [`DescribeTasks`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the `hostPortRange` which are the host ports that are bound to the container ports.", + "title": "ContainerPortRange", "type": "string" }, - "ImportedFileChunkSize": { - "markdownDescription": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "ImportedFileChunkSize", + "HostPort": { + "markdownDescription": "The port number on the container instance to reserve for your container.\n\nIf you specify a `containerPortRange` , leave this field empty and the value of the `hostPort` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPort` is set to the same value as the `containerPort` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, the `hostPort` can either be left blank or set to the same value as the `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the `hostPort` (or set it to `0` ) while specifying a `containerPort` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version.\n\nThe default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under `/proc/sys/net/ipv4/ip_local_port_range` . If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range.\n\nThe default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the `remainingResources` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota.", + "title": "HostPort", "type": "number" }, - "PerUnitStorageThroughput": { - "markdownDescription": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", - "title": "PerUnitStorageThroughput", - "type": "number" + "Name": { + "markdownDescription": "The name that's used for the port mapping. This parameter is the name that you use in the `serviceConnectConfiguration` and the `vpcLatticeConfigurations` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.", + "title": "Name", + "type": "string" }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", + "Protocol": { + "markdownDescription": "The protocol used for the port mapping. Valid values are `tcp` and `udp` . The default is `tcp` . `protocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.", + "title": "Protocol", "type": "string" } }, "type": "object" }, - "AWS::FSx::FileSystem.NfsExports": { - "additionalProperties": false, - "properties": { - "ClientConfigurations": { - "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.ClientConfigurations" - }, - "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", - "title": "ClientConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.OntapConfiguration": { + "AWS::ECS::TaskDefinition.ProxyConfiguration": { "additionalProperties": false, "properties": { - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the FSx for ONTAP file system deployment type to use in creating the file system.\n\n- `MULTI_AZ_1` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. This is a first-generation FSx for ONTAP file system.\n- `MULTI_AZ_2` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary AZ unavailability. This is a second-generation FSx for ONTAP file system.\n- `SINGLE_AZ_1` - A file system configured for Single-AZ redundancy. This is a first-generation FSx for ONTAP file system.\n- `SINGLE_AZ_2` - A file system configured with multiple high-availability (HA) pairs for Single-AZ redundancy. This is a second-generation FSx for ONTAP file system.\n\nFor information about the use cases for Multi-AZ and Single-AZ deployments, refer to [Choosing a file system deployment type](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-AZ.html) .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS configuration for the FSx for ONTAP file system.", - "title": "DiskIopsConfiguration" - }, - "EndpointIpAddressRange": { - "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API, Amazon FSx selects an unused IP address range for you from the 198.19.* range. By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses from the VPC\u2019s primary CIDR range to use as the endpoint IP address range for the file system. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", - "title": "EndpointIpAddressRange", - "type": "string" - }, - "FsxAdminPassword": { - "markdownDescription": "The ONTAP administrative password for the `fsxadmin` user with which you administer your file system using the NetApp ONTAP CLI and REST API.", - "title": "FsxAdminPassword", - "type": "string" - }, - "HAPairs": { - "markdownDescription": "Specifies how many high-availability (HA) pairs of file servers will power your file system. First-generation file systems are powered by 1 HA pair. Second-generation multi-AZ file systems are powered by 1 HA pair. Second generation single-AZ file systems are powered by up to 12 HA pairs. The default value is 1. The value of this property affects the values of `StorageCapacity` , `Iops` , and `ThroughputCapacity` . For more information, see [High-availability (HA) pairs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/administering-file-systems.html#HA-pairs) in the FSx for ONTAP user guide. Block storage protocol support (iSCSI and NVMe over TCP) is disabled on file systems with more than 6 HA pairs. For more information, see [Using block storage protocols](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/supported-fsx-clients.html#using-block-storage) .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `HAPairs` is less than 1 or greater than 12.\n- The value of `HAPairs` is greater than 1 and the value of `DeploymentType` is `SINGLE_AZ_1` , `MULTI_AZ_1` , or `MULTI_AZ_2` .", - "title": "HAPairs", - "type": "number" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` or `MULTI_AZ_2` . This specifies the subnet in which you want the preferred file server to be located.", - "title": "PreferredSubnetId", + "ContainerName": { + "markdownDescription": "The name of the container that will serve as the App Mesh proxy.", + "title": "ContainerName", "type": "string" }, - "RouteTableIds": { + "ProxyConfigurationProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" }, - "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n\n> Amazon FSx manages these route tables for Multi-AZ file systems using tag-based authentication. These route tables are tagged with `Key: AmazonFSx; Value: ManagedByAmazonFSx` . When creating FSx for ONTAP Multi-AZ file systems using AWS CloudFormation we recommend that you add the `Key: AmazonFSx; Value: ManagedByAmazonFSx` tag manually.", - "title": "RouteTableIds", + "markdownDescription": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs.\n\n- `IgnoredUID` - (Required) The user ID (UID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredGID` is specified, this field can be empty.\n- `IgnoredGID` - (Required) The group ID (GID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredUID` is specified, this field can be empty.\n- `AppPorts` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the `ProxyIngressPort` and `ProxyEgressPort` .\n- `ProxyIngressPort` - (Required) Specifies the port that incoming traffic to the `AppPorts` is directed to.\n- `ProxyEgressPort` - (Required) Specifies the port that outgoing traffic from the `AppPorts` is directed to.\n- `EgressIgnoredPorts` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.\n- `EgressIgnoredIPs` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.", + "title": "ProxyConfigurationProperties", "type": "array" }, - "ThroughputCapacity": { - "markdownDescription": "Sets the throughput capacity for the file system that you're creating in megabytes per second (MBps). For more information, see [Managing throughput capacity](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) in the FSx for ONTAP User Guide.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value.\n- The value of `ThroughputCapacity` when divided by the value of `HAPairs` is outside of the valid range for `ThroughputCapacity` .", - "title": "ThroughputCapacity", - "type": "number" - }, - "ThroughputCapacityPerHAPair": { - "markdownDescription": "Use to choose the throughput capacity per HA pair, rather than the total throughput for the file system.\n\nYou can define either the `ThroughputCapacityPerHAPair` or the `ThroughputCapacity` when creating a file system, but not both.\n\nThis field and `ThroughputCapacity` are the same for file systems powered by one HA pair.\n\n- For `SINGLE_AZ_1` and `MULTI_AZ_1` file systems, valid values are 128, 256, 512, 1024, 2048, or 4096 MBps.\n- For `SINGLE_AZ_2` , valid values are 1536, 3072, or 6144 MBps.\n- For `MULTI_AZ_2` , valid values are 384, 768, 1536, 3072, or 6144 MBps.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value for file systems with one HA pair.\n- The value of deployment type is `SINGLE_AZ_2` and `ThroughputCapacity` / `ThroughputCapacityPerHAPair` is not a valid HA pair (a value between 1 and 12).\n- The value of `ThroughputCapacityPerHAPair` is not a valid value.", - "title": "ThroughputCapacityPerHAPair", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", + "Type": { + "markdownDescription": "The proxy type. The only supported value is `APPMESH` .", + "title": "Type", "type": "string" } }, "required": [ - "DeploymentType" + "ContainerName" ], "type": "object" }, - "AWS::FSx::FileSystem.OpenZFSConfiguration": { + "AWS::ECS::TaskDefinition.RepositoryCredentials": { "additionalProperties": false, "properties": { - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "CopyTagsToBackups": { - "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to backups. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "CopyTagsToVolumes": { - "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to volumes. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to volumes where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to volumes. If you specify one or more tags when creating the volume, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToVolumes", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the file system deployment type. Valid values are the following:\n\n- `MULTI_AZ_1` - Creates file systems with high availability and durability by replicating your data and supporting failover across multiple Availability Zones in the same AWS Region .\n- `SINGLE_AZ_HA_2` - Creates file systems with high availability and throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_HA_1` - Creates file systems with high availability and throughput capacities of 64 - 4,096 MB/s by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_2` - Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache that automatically recover within a single Availability Zone.\n- `SINGLE_AZ_1` - Creates file systems with throughput capacities of 64 - 4,096 MBs that automatically recover within a single Availability Zone.\n\nFor a list of which AWS Regions each deployment type is available in, see [Deployment type availability](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) . For more information on the differences in performance between deployment types, see [File system performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS file system. By default, Amazon FSx automatically provisions 3 IOPS per GB of storage capacity. You can provision additional IOPS per GB of storage. The configuration consists of the total number of provisioned SSD IOPS and how it is was provisioned, or the mode (by the customer or by Amazon FSx).", - "title": "DiskIopsConfiguration" - }, - "EndpointIpAddressRange": { - "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API and Amazon FSx console, Amazon FSx selects an available /28 IP address range for you from one of the VPC's CIDR ranges. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", - "title": "EndpointIpAddressRange", + "CredentialsParameter": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.\n\n> When you use the Amazon ECS API, AWS CLI , or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret.", + "title": "CredentialsParameter", "type": "string" - }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "To delete a file system if there are child volumes present below the root volume, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` . If your file system has child volumes and you don't use this option, the delete request will fail.", - "title": "Options", - "type": "array" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located.", - "title": "PreferredSubnetId", + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.ResourceRequirement": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of resource to assign to a container.", + "title": "Type", "type": "string" }, - "RootVolumeConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.RootVolumeConfiguration", - "markdownDescription": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", - "title": "RootVolumeConfiguration" - }, - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", - "title": "RouteTableIds", - "type": "array" - }, - "ThroughputCapacity": { - "markdownDescription": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Required if you are creating a new file system.\n\nValid values depend on the `DeploymentType` that you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", - "title": "ThroughputCapacity", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", + "Value": { + "markdownDescription": "The value for the specified resource type.\n\nWhen the type is `GPU` , the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nWhen the type is `InferenceAccelerator` , the `value` matches the `deviceName` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition.", + "title": "Value", "type": "string" } }, "required": [ - "DeploymentType" + "Type", + "Value" ], "type": "object" }, - "AWS::FSx::FileSystem.RootVolumeConfiguration": { + "AWS::ECS::TaskDefinition.RestartPolicy": { "additionalProperties": false, "properties": { - "CopyTagsToSnapshots": { - "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots of the volume. This value defaults to `false` . If it's set to `true` , all tags for the volume are copied to snapshots where the user doesn't specify tags. If this value is `true` and you specify one or more tags, only the specified tags are copied to snapshots. If you specify one or more tags when creating the snapshot, no tags are copied from the volume, regardless of this value.", - "title": "CopyTagsToSnapshots", + "Enabled": { + "markdownDescription": "Specifies whether a restart policy is enabled for the container.", + "title": "Enabled", "type": "boolean" }, - "DataCompressionType": { - "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", - "title": "DataCompressionType", - "type": "string" - }, - "NfsExports": { + "IgnoredExitCodes": { "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.NfsExports" + "type": "number" }, - "markdownDescription": "The configuration object for mounting a file system.", - "title": "NfsExports", + "markdownDescription": "A list of exit codes that Amazon ECS will ignore and not attempt a restart on. You can specify a maximum of 50 container exit codes. By default, Amazon ECS does not ignore any exit codes.", + "title": "IgnoredExitCodes", "type": "array" }, - "ReadOnly": { - "markdownDescription": "A Boolean value indicating whether the volume is read-only. Setting this value to `true` can be useful after you have completed changes to a volume and no longer want changes to occur.", - "title": "ReadOnly", - "type": "boolean" - }, - "RecordSizeKiB": { - "markdownDescription": "Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB. The default is 128 KiB. Most workloads should use the default record size. Database workflows can benefit from a smaller record size, while streaming workflows can benefit from a larger record size. For additional guidance on setting a custom record size, see [Tips for maximizing performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#performance-tips-zfs) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "RecordSizeKiB", + "RestartAttemptPeriod": { + "markdownDescription": "A period of time (in seconds) that the container must run for before a restart can be attempted. A container can be restarted only once every `restartAttemptPeriod` seconds. If a container isn't able to run for this time period and exits early, it will not be restarted. You can set a minimum `restartAttemptPeriod` of 60 seconds and a maximum `restartAttemptPeriod` of 1800 seconds. By default, a container must run for 300 seconds before it can be restarted.", + "title": "RestartAttemptPeriod", "type": "number" - }, - "UserAndGroupQuotas": { - "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.UserAndGroupQuotas" - }, - "markdownDescription": "An object specifying how much storage users or groups can use on the volume.", - "title": "UserAndGroupQuotas", - "type": "array" } }, "type": "object" }, - "AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration": { + "AWS::ECS::TaskDefinition.RuntimePlatform": { "additionalProperties": false, "properties": { - "DnsIps": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", - "title": "DnsIps", - "type": "array" - }, - "DomainName": { - "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", - "title": "DomainName", + "CpuArchitecture": { + "markdownDescription": "The CPU architecture.\n\nYou can run your Linux tasks on an ARM-based platform by setting the value to `ARM64` . This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate.", + "title": "CpuArchitecture", "type": "string" }, - "FileSystemAdministratorsGroup": { - "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", - "title": "FileSystemAdministratorsGroup", + "OperatingSystemFamily": { + "markdownDescription": "The operating system.", + "title": "OperatingSystemFamily", "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", - "title": "OrganizationalUnitDistinguishedName", + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.Secret": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the secret.", + "title": "Name", "type": "string" }, - "Password": { - "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", - "title": "Password", + "ValueFrom": { + "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", + "title": "ValueFrom", + "type": "string" + } + }, + "required": [ + "Name", + "ValueFrom" + ], + "type": "object" + }, + "AWS::ECS::TaskDefinition.SystemControl": { + "additionalProperties": false, + "properties": { + "Namespace": { + "markdownDescription": "The namespaced kernel parameter to set a `value` for.", + "title": "Namespace", "type": "string" }, - "UserName": { - "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", - "title": "UserName", + "Value": { + "markdownDescription": "The namespaced kernel parameter to set a `value` for.\n\nValid IPC namespace values: `\"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\" | \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" | \"kernel.shm_rmid_forced\"` , and `Sysctls` that start with `\"fs.mqueue.*\"`\n\nValid network namespace values: `Sysctls` that start with `\"net.*\"` . Only namespaced `Sysctls` that exist within the container starting with \"net.* are accepted.\n\nAll of these values are supported by Fargate.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::FSx::FileSystem.UserAndGroupQuotas": { + "AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID of the user or group that the quota applies to.", - "title": "Id", - "type": "number" - }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", - "title": "StorageCapacityQuotaGiB", - "type": "number" + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Expression", + "type": "string" }, "Type": { - "markdownDescription": "Specifies whether the quota applies to a user or group.", + "markdownDescription": "The type of constraint. The `MemberOf` constraint restricts selection to be from a group of valid candidates.", "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::FSx::FileSystem.WindowsConfiguration": { + "AWS::ECS::TaskDefinition.Tmpfs": { "additionalProperties": false, "properties": { - "ActiveDirectoryId": { - "markdownDescription": "The ID for an existing AWS Managed Microsoft Active Directory (AD) instance that the file system should join when it's created. Required if you are joining the file system to an existing AWS Managed Microsoft AD.", - "title": "ActiveDirectoryId", + "ContainerPath": { + "markdownDescription": "The absolute file path where the tmpfs volume is to be mounted.", + "title": "ContainerPath", "type": "string" }, - "Aliases": { + "MountOptions": { "items": { "type": "string" }, - "markdownDescription": "An array of one or more DNS alias names that you want to associate with the Amazon FSx file system. Aliases allow you to use existing DNS names to access the data in your Amazon FSx file system. You can associate up to 50 aliases with a file system at any time.\n\nFor more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) and [Walkthrough 5: Using DNS aliases to access your file system](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/walkthrough05-file-system-custom-CNAME.html) , including additional steps you must take to be able to access your file system using a DNS alias.\n\nAn alias name has to meet the following requirements:\n\n- Formatted as a fully-qualified domain name (FQDN), `hostname.domain` , for example, `accounting.example.com` .\n- Can contain alphanumeric characters, the underscore (_), and the hyphen (-).\n- Cannot start or end with a hyphen.\n- Can start with a numeric.\n\nFor DNS alias names, Amazon FSx stores alphabetical characters as lowercase letters (a-z), regardless of how you specify them: as uppercase letters, lowercase letters, or the corresponding letters in escape codes.", - "title": "Aliases", + "markdownDescription": "The list of tmpfs volume mount options.\n\nValid values: `\"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"`", + "title": "MountOptions", "type": "array" }, - "AuditLogConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.AuditLogConfiguration", - "markdownDescription": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system.", - "title": "AuditLogConfiguration" - }, - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", + "Size": { + "markdownDescription": "The maximum size (in MiB) of the tmpfs volume.", + "title": "Size", + "type": "number" + } + }, + "required": [ + "Size" + ], + "type": "object" + }, + "AWS::ECS::TaskDefinition.Ulimit": { + "additionalProperties": false, + "properties": { + "HardLimit": { + "markdownDescription": "The hard limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", + "title": "HardLimit", "type": "number" }, - "CopyTagsToBackups": { - "markdownDescription": "A boolean flag indicating whether tags for the file system should be copied to backups. This value defaults to false. If it's set to true, all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the file system deployment type, valid values are the following:\n\n- `MULTI_AZ_1` - Deploys a high availability file system that is configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. You can only deploy a Multi-AZ file system in AWS Regions that have a minimum of three Availability Zones. Also supports HDD storage type\n- `SINGLE_AZ_1` - (Default) Choose to deploy a file system that is configured for single AZ redundancy.\n- `SINGLE_AZ_2` - The latest generation Single AZ file system. Specifies a file system that is configured for single AZ redundancy and supports HDD storage type.\n\nFor more information, see [Availability and Durability: Single-AZ and Multi-AZ File Systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", - "title": "DiskIopsConfiguration" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", - "title": "PreferredSubnetId", + "Name": { + "markdownDescription": "The `type` of the `ulimit` .", + "title": "Name", "type": "string" }, - "SelfManagedActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration", - "markdownDescription": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [Using Amazon FSx for Windows with your self-managed Microsoft Active Directory](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) or [Managing FSx for ONTAP SVMs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) .", - "title": "SelfManagedActiveDirectoryConfiguration" - }, - "ThroughputCapacity": { - "markdownDescription": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", - "title": "ThroughputCapacity", + "SoftLimit": { + "markdownDescription": "The soft limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", + "title": "SoftLimit", "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.", - "title": "WeeklyMaintenanceStartTime", - "type": "string" } }, "required": [ - "ThroughputCapacity" + "HardLimit", + "Name", + "SoftLimit" ], "type": "object" }, - "AWS::FSx::Snapshot": { + "AWS::ECS::TaskDefinition.Volume": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ConfiguredAtLaunch": { + "markdownDescription": "Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n\nTo configure a volume at launch time, use this task definition revision and specify a `volumeConfigurations` object when calling the `CreateService` , `UpdateService` , `RunTask` or `StartTask` APIs.", + "title": "ConfiguredAtLaunch", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DockerVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.DockerVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use Docker volumes.\n\nWindows containers only support the use of the `local` driver. To use bind mounts, specify the `host` parameter instead.\n\n> Docker volumes aren't supported by tasks run on AWS Fargate .", + "title": "DockerVolumeConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EFSVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EFSVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use an Amazon Elastic File System file system for task storage.", + "title": "EFSVolumeConfiguration" }, - "Metadata": { - "type": "object" + "FSxWindowsFileServerVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage.", + "title": "FSxWindowsFileServerVolumeConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the snapshot.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", - "title": "Tags", - "type": "array" - }, - "VolumeId": { - "markdownDescription": "The ID of the volume that the snapshot is of.", - "title": "VolumeId", - "type": "string" - } - }, - "required": [ - "Name", - "VolumeId" - ], - "type": "object" + "Host": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostVolumeProperties", + "markdownDescription": "This parameter is specified when you use bind mount host volumes. The contents of the `host` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the `host` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount `C:\\my\\path:C:\\my\\path` and `D:\\:D:\\` , but not `D:\\my\\path:C:\\my\\path` or `D:\\:C:\\my\\path` .", + "title": "Host" }, - "Type": { - "enum": [ - "AWS::FSx::Snapshot" - ], + "Name": { + "markdownDescription": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.\n\nWhen using a volume configured at launch, the `name` is required and must also be specified as the volume name in the `ServiceVolumeConfiguration` or `TaskVolumeConfiguration` parameter when creating your service or standalone task.\n\nFor all other types of volumes, this name is referenced in the `sourceVolume` parameter of the `mountPoints` object in the container definition.\n\nWhen a volume is using the `efsVolumeConfiguration` , the name is required.", + "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.VolumeFrom": { + "additionalProperties": false, + "properties": { + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceContainer": { + "markdownDescription": "The name of another container within the same task definition to mount volumes from.", + "title": "SourceContainer", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::FSx::StorageVirtualMachine": { + "AWS::ECS::TaskSet": { "additionalProperties": false, "properties": { "Condition": { @@ -100460,49 +106825,89 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration", - "markdownDescription": "Describes the Microsoft Active Directory configuration to which the SVM is joined, if applicable.", - "title": "ActiveDirectoryConfiguration" + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskSet.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy that are associated with the task set.", + "title": "CapacityProviderStrategy", + "type": "array" }, - "FileSystemId": { - "markdownDescription": "Specifies the FSx for ONTAP file system on which to create the SVM.", - "title": "FileSystemId", + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", + "title": "Cluster", "type": "string" }, - "Name": { - "markdownDescription": "The name of the SVM.", - "title": "Name", + "ExternalId": { + "markdownDescription": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the `ECS_TASK_SET_EXTERNAL_ID` AWS Cloud Map attribute set to the provided value.", + "title": "ExternalId", "type": "string" }, - "RootVolumeSecurityStyle": { - "markdownDescription": "The security style of the root volume of the SVM. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Microsoft Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Microsoft Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style.html) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "RootVolumeSecurityStyle", + "LaunchType": { + "markdownDescription": "The launch type that new tasks in the task set uses. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf a `launchType` is specified, the `capacityProviderStrategy` parameter must be omitted.", + "title": "LaunchType", "type": "string" }, - "SvmAdminPassword": { - "markdownDescription": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's `fsxadmin` user to manage the SVM. For more information, see [Managing SVMs using the NetApp ONTAP CLI](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-resources-ontap-apps.html#vsadmin-ontap-cli) in the *FSx for ONTAP User Guide* .", - "title": "SvmAdminPassword", + "LoadBalancers": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskSet.LoadBalancer" + }, + "markdownDescription": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer.", + "title": "LoadBalancers", + "type": "array" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskSet.NetworkConfiguration", + "markdownDescription": "The network configuration for the task set.", + "title": "NetworkConfiguration" + }, + "PlatformVersion": { + "markdownDescription": "The platform version that the tasks in the task set uses. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used.", + "title": "PlatformVersion", + "type": "string" + }, + "Scale": { + "$ref": "#/definitions/AWS::ECS::TaskSet.Scale", + "markdownDescription": "A floating-point percentage of your desired number of tasks to place and keep running in the task set.", + "title": "Scale" + }, + "Service": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", + "title": "Service", "type": "string" }, + "ServiceRegistries": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskSet.ServiceRegistry" + }, + "markdownDescription": "The details of the service discovery registries to assign to this task set. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .", + "title": "ServiceRegistries", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "markdownDescription": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TaskDefinition": { + "markdownDescription": "The task definition for the tasks in the task set to use. If a revision isn't specified, the latest `ACTIVE` revision is used.", + "title": "TaskDefinition", + "type": "string" } }, "required": [ - "FileSystemId", - "Name" + "Cluster", + "Service", + "TaskDefinition" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::StorageVirtualMachine" + "AWS::ECS::TaskSet" ], "type": "string" }, @@ -100521,62 +106926,132 @@ ], "type": "object" }, - "AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration": { + "AWS::ECS::TaskSet.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "NetBiosName": { - "markdownDescription": "The NetBIOS name of the Active Directory computer object that will be created for your SVM.", - "title": "NetBiosName", + "AssignPublicIp": { + "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", + "title": "AssignPublicIp", "type": "string" }, - "SelfManagedActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration", - "markdownDescription": "The configuration that Amazon FSx uses to join the ONTAP storage virtual machine (SVM) to your self-managed (including on-premises) Microsoft Active Directory directory.", - "title": "SelfManagedActiveDirectoryConfiguration" - } - }, - "type": "object" - }, - "AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration": { - "additionalProperties": false, - "properties": { - "DnsIps": { + "SecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", - "title": "DnsIps", + "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", + "title": "SecurityGroups", "type": "array" }, - "DomainName": { - "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", - "title": "DomainName", + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "Subnets" + ], + "type": "object" + }, + "AWS::ECS::TaskSet.CapacityProviderStrategyItem": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "FileSystemAdministratorsGroup": { - "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", - "title": "FileSystemAdministratorsGroup", + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::TaskSet.LoadBalancer": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", + "title": "ContainerName", "type": "string" }, - "OrganizationalUnitDistinguishedName": { - "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", - "title": "OrganizationalUnitDistinguishedName", + "ContainerPort": { + "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", + "title": "ContainerPort", + "type": "number" + }, + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", + "title": "TargetGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskSet.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "AwsVpcConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskSet.AwsVpcConfiguration", + "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", + "title": "AwsVpcConfiguration" + } + }, + "type": "object" + }, + "AWS::ECS::TaskSet.Scale": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The unit of measure for the scale value.", + "title": "Unit", "type": "string" }, - "Password": { - "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", - "title": "Password", + "Value": { + "markdownDescription": "The value, specified as a percent total of a service's `desiredCount` , to scale the task set. Accepted values are numbers between 0 and 100.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::TaskSet.ServiceRegistry": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerName", "type": "string" }, - "UserName": { - "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", - "title": "UserName", + "ContainerPort": { + "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerPort", + "type": "number" + }, + "Port": { + "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", + "title": "Port", + "type": "number" + }, + "RegistryArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", + "title": "RegistryArn", "type": "string" } }, "type": "object" }, - "AWS::FSx::Volume": { + "AWS::EFS::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -100611,48 +107086,43 @@ "Properties": { "additionalProperties": false, "properties": { - "BackupId": { - "markdownDescription": "Specifies the ID of the volume backup to use to create a new volume.", - "title": "BackupId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the volume.", - "title": "Name", - "type": "string" - }, - "OntapConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.OntapConfiguration", - "markdownDescription": "The configuration of an Amazon FSx for NetApp ONTAP volume.", - "title": "OntapConfiguration" - }, - "OpenZFSConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.OpenZFSConfiguration", - "markdownDescription": "The configuration of an Amazon FSx for OpenZFS volume.", - "title": "OpenZFSConfiguration" - }, - "Tags": { + "AccessPointTags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EFS::AccessPoint.AccessPointTag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "title": "AccessPointTags", "type": "array" }, - "VolumeType": { - "markdownDescription": "The type of the volume.", - "title": "VolumeType", + "ClientToken": { + "markdownDescription": "The opaque string specified in the request to ensure idempotent creation.", + "title": "ClientToken", + "type": "string" + }, + "FileSystemId": { + "markdownDescription": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example `fs-0123456789abcedf2` .", + "title": "FileSystemId", "type": "string" + }, + "PosixUser": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.PosixUser", + "markdownDescription": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.", + "title": "PosixUser" + }, + "RootDirectory": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.RootDirectory", + "markdownDescription": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.", + "title": "RootDirectory" } }, "required": [ - "Name" + "FileSystemId" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::Volume" + "AWS::EFS::AccessPoint" ], "type": "string" }, @@ -100671,378 +107141,343 @@ ], "type": "object" }, - "AWS::FSx::Volume.AggregateConfiguration": { + "AWS::EFS::AccessPoint.AccessPointTag": { "additionalProperties": false, "properties": { - "Aggregates": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregates that this volume resides on. Aggregates are storage pools which make up your primary storage tier. Each high-availability (HA) pair has one aggregate. The names of the aggregates map to the names of the aggregates in the ONTAP CLI and REST API. For FlexVols, there will always be a single entry.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The strings in the value of `Aggregates` are not are not formatted as `aggrX` , where X is a number between 1 and 12.\n- The value of `Aggregates` contains aggregates that are not present.\n- One or more of the aggregates supplied are too close to the volume limit to support adding more volumes.", - "title": "Aggregates", - "type": "array" + "Key": { + "markdownDescription": "The tag key (String). The key can't start with `aws:` .", + "title": "Key", + "type": "string" }, - "ConstituentsPerAggregate": { - "markdownDescription": "Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. This field is optional when creating a FlexGroup volume. If unspecified, the default value will be 8. This field cannot be provided when creating a FlexVol volume.", - "title": "ConstituentsPerAggregate", - "type": "number" + "Value": { + "markdownDescription": "The value of the tag key.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::FSx::Volume.AutocommitPeriod": { + "AWS::EFS::AccessPoint.CreationInfo": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Defines the type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. The default value is `NONE` .", - "title": "Type", + "OwnerGid": { + "markdownDescription": "Specifies the POSIX group ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", + "title": "OwnerGid", "type": "string" }, - "Value": { - "markdownDescription": "Defines the amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. The following ranges are valid:\n\n- `Minutes` : 5 - 65,535\n- `Hours` : 1 - 65,535\n- `Days` : 1 - 3,650\n- `Months` : 1 - 120\n- `Years` : 1 - 10", - "title": "Value", - "type": "number" + "OwnerUid": { + "markdownDescription": "Specifies the POSIX user ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", + "title": "OwnerUid", + "type": "string" + }, + "Permissions": { + "markdownDescription": "Specifies the POSIX permissions to apply to the `RootDirectory` , in the format of an octal number representing the file's mode bits.", + "title": "Permissions", + "type": "string" } }, "required": [ - "Type" + "OwnerGid", + "OwnerUid", + "Permissions" ], "type": "object" }, - "AWS::FSx::Volume.ClientConfigurations": { + "AWS::EFS::AccessPoint.PosixUser": { "additionalProperties": false, "properties": { - "Clients": { - "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", - "title": "Clients", + "Gid": { + "markdownDescription": "The POSIX group ID used for all file system operations using this access point.", + "title": "Gid", "type": "string" }, - "Options": { + "SecondaryGids": { "items": { "type": "string" }, - "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", - "title": "Options", + "markdownDescription": "Secondary POSIX group IDs used for all file system operations using this access point.", + "title": "SecondaryGids", "type": "array" + }, + "Uid": { + "markdownDescription": "The POSIX user ID used for all file system operations using this access point.", + "title": "Uid", + "type": "string" } }, "required": [ - "Clients", - "Options" + "Gid", + "Uid" ], "type": "object" }, - "AWS::FSx::Volume.NfsExports": { + "AWS::EFS::AccessPoint.RootDirectory": { "additionalProperties": false, "properties": { - "ClientConfigurations": { - "items": { - "$ref": "#/definitions/AWS::FSx::Volume.ClientConfigurations" - }, - "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", - "title": "ClientConfigurations", - "type": "array" + "CreationInfo": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.CreationInfo", + "markdownDescription": "(Optional) Specifies the POSIX IDs and permissions to apply to the access point's `RootDirectory` . If the `RootDirectory` > `Path` specified does not exist, EFS creates the root directory using the `CreationInfo` settings when a client connects to an access point. When specifying the `CreationInfo` , you must provide values for all properties.\n\n> If you do not provide `CreationInfo` and the specified `RootDirectory` > `Path` does not exist, attempts to mount the file system using the access point will fail.", + "title": "CreationInfo" + }, + "Path": { + "markdownDescription": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the `CreationInfo` .", + "title": "Path", + "type": "string" } }, - "required": [ - "ClientConfigurations" - ], "type": "object" }, - "AWS::FSx::Volume.OntapConfiguration": { + "AWS::EFS::FileSystem": { "additionalProperties": false, "properties": { - "AggregateConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.AggregateConfiguration", - "markdownDescription": "Used to specify the configuration options for an FSx for ONTAP volume's storage aggregate or aggregates.", - "title": "AggregateConfiguration" - }, - "CopyTagsToBackups": { - "markdownDescription": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to false. If it's set to true, all tags for the volume are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the volume, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "string" - }, - "JunctionPath": { - "markdownDescription": "Specifies the location in the SVM's namespace where the volume is mounted. This parameter is required. The `JunctionPath` must have a leading forward slash, such as `/vol3` .", - "title": "JunctionPath", - "type": "string" - }, - "OntapVolumeType": { - "markdownDescription": "Specifies the type of volume you are creating. Valid values are the following:\n\n- `RW` specifies a read/write volume. `RW` is the default.\n- `DP` specifies a data-protection volume. A `DP` volume is read-only and can be used as the destination of a NetApp SnapMirror relationship.\n\nFor more information, see [Volume types](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-types) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "OntapVolumeType", - "type": "string" - }, - "SecurityStyle": { - "markdownDescription": "Specifies the security style for the volume. If a volume's security style is not specified, it is automatically set to the root volume's security style. The security style determines the type of permissions that FSx for ONTAP uses to control data access. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see the topic [What the security styles and their effects are](https://docs.aws.amazon.com/https://docs.netapp.com/us-en/ontap/nfs-admin/security-styles-their-effects-concept.html) in the NetApp Documentation Center.\n\nFor more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-security-style) in the FSx for ONTAP User Guide.", - "title": "SecurityStyle", - "type": "string" - }, - "SizeInBytes": { - "markdownDescription": "Specifies the configured size of the volume, in bytes.", - "title": "SizeInBytes", + "Condition": { "type": "string" }, - "SizeInMegabytes": { - "markdownDescription": "Use `SizeInBytes` instead. Specifies the size of the volume, in megabytes (MB), that you are creating.", - "title": "SizeInMegabytes", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SnaplockConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.SnaplockConfiguration", - "markdownDescription": "The SnapLock configuration object for an FSx for ONTAP SnapLock volume.", - "title": "SnaplockConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SnapshotPolicy": { - "markdownDescription": "Specifies the snapshot policy for the volume. There are three built-in snapshot policies:\n\n- `default` : This is the default policy. A maximum of six hourly snapshots taken five minutes past the hour. A maximum of two daily snapshots taken Monday through Saturday at 10 minutes after midnight. A maximum of two weekly snapshots taken every Sunday at 15 minutes after midnight.\n- `default-1weekly` : This policy is the same as the `default` policy except that it only retains one snapshot from the weekly schedule.\n- `none` : This policy does not take any snapshots. This policy can be assigned to volumes to prevent automatic snapshots from being taken.\n\nYou can also provide the name of a custom policy that you created with the ONTAP CLI or REST API.\n\nFor more information, see [Snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "SnapshotPolicy", - "type": "string" + "Metadata": { + "type": "object" }, - "StorageEfficiencyEnabled": { - "markdownDescription": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume, or set to false to disable them.\n\n`StorageEfficiencyEnabled` is required when creating a `RW` volume ( `OntapVolumeType` set to `RW` ).", - "title": "StorageEfficiencyEnabled", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZoneName": { + "markdownDescription": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide* .\n\n> One Zone file systems are not available in all Availability Zones in AWS Regions where Amazon EFS is available.", + "title": "AvailabilityZoneName", + "type": "string" + }, + "BackupPolicy": { + "$ref": "#/definitions/AWS::EFS::FileSystem.BackupPolicy", + "markdownDescription": "Use the `BackupPolicy` to turn automatic backups on or off for the file system.", + "title": "BackupPolicy" + }, + "BypassPolicyLockoutSafetyCheck": { + "markdownDescription": "(Optional) A boolean that specifies whether or not to bypass the `FileSystemPolicy` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future `PutFileSystemPolicy` requests on this file system. Set `BypassPolicyLockoutSafetyCheck` to `True` only when you intend to prevent the IAM principal that is making the request from making subsequent `PutFileSystemPolicy` requests on this file system. The default value is `False` .", + "title": "BypassPolicyLockoutSafetyCheck", + "type": "boolean" + }, + "Encrypted": { + "markdownDescription": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing AWS KMS key . If you don't specify a KMS key , then the default KMS key for Amazon EFS , `/aws/elasticfilesystem` , is used to protect the encrypted file system.", + "title": "Encrypted", + "type": "boolean" + }, + "FileSystemPolicy": { + "markdownDescription": "The `FileSystemPolicy` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using IAM to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide* .", + "title": "FileSystemPolicy", + "type": "object" + }, + "FileSystemProtection": { + "$ref": "#/definitions/AWS::EFS::FileSystem.FileSystemProtection", + "markdownDescription": "Describes the protection on the file system.", + "title": "FileSystemProtection" + }, + "FileSystemTags": { + "items": { + "$ref": "#/definitions/AWS::EFS::FileSystem.ElasticFileSystemTag" + }, + "markdownDescription": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a `\"Key\":\"Name\",\"Value\":\"{value}\"` key-value pair. Each key must be unique. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", + "title": "FileSystemTags", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS KMS key to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault KMS key . If this parameter is not specified, the default KMS key for Amazon EFS is used. This ID can be in one of the following formats:\n\n- Key ID - A unique identifier of the key, for example `1234abcd-12ab-34cd-56ef-1234567890ab` .\n- ARN - An Amazon Resource Name (ARN) for the key, for example `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` .\n- Key alias - A previously created display name for a key, for example `alias/projectKey1` .\n- Key alias ARN - An ARN for a key alias, for example `arn:aws:kms:us-west-2:444455556666:alias/projectKey1` .\n\nIf `KmsKeyId` is specified, the `Encrypted` parameter must be set to true.", + "title": "KmsKeyId", + "type": "string" + }, + "LifecyclePolicies": { + "items": { + "$ref": "#/definitions/AWS::EFS::FileSystem.LifecyclePolicy" + }, + "markdownDescription": "An array of `LifecyclePolicy` objects that define the file system's `LifecycleConfiguration` object. A `LifecycleConfiguration` object informs Lifecycle management of the following:\n\n- When to move files in the file system from primary storage to IA storage.\n- When to move files in the file system from primary storage or IA storage to Archive storage.\n- When to move files that are in IA or Archive storage to primary storage.\n\n> Amazon EFS requires that each `LifecyclePolicy` object have only a single transition. This means that in a request body, `LifecyclePolicies` needs to be structured as an array of `LifecyclePolicy` objects, one object for each transition, `TransitionToIA` , `TransitionToArchive` `TransitionToPrimaryStorageClass` . See the example requests in the following section for more information.", + "title": "LifecyclePolicies", + "type": "array" + }, + "PerformanceMode": { + "markdownDescription": "The performance mode of the file system. We recommend `generalPurpose` performance mode for all file systems. File systems using the `maxIO` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The `maxIO` mode is not supported on One Zone file systems.\n\n> Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems. \n\nDefault is `generalPurpose` .", + "title": "PerformanceMode", + "type": "string" + }, + "ProvisionedThroughputInMibps": { + "markdownDescription": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if `ThroughputMode` is set to `provisioned` . Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact Support . For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide* .", + "title": "ProvisionedThroughputInMibps", + "type": "number" + }, + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationConfiguration", + "markdownDescription": "Describes the replication configuration for a specific file system.", + "title": "ReplicationConfiguration" + }, + "ThroughputMode": { + "markdownDescription": "Specifies the throughput mode for the file system. The mode can be `bursting` , `provisioned` , or `elastic` . If you set `ThroughputMode` to `provisioned` , you must also set a value for `ProvisionedThroughputInMibps` . After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide* .\n\nDefault is `bursting` .", + "title": "ThroughputMode", + "type": "string" + } + }, + "type": "object" }, - "StorageVirtualMachineId": { - "markdownDescription": "Specifies the ONTAP SVM in which to create the volume.", - "title": "StorageVirtualMachineId", + "Type": { + "enum": [ + "AWS::EFS::FileSystem" + ], "type": "string" }, - "TieringPolicy": { - "$ref": "#/definitions/AWS::FSx::Volume.TieringPolicy", - "markdownDescription": "Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent tiering automatically transitions a volume's data between the file system's primary storage and capacity pool storage based on your access patterns.\n\nValid tiering policies are the following:\n\n- `SNAPSHOT_ONLY` - (Default value) moves cold snapshots to the capacity pool storage tier.\n\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", - "title": "TieringPolicy" - }, - "VolumeStyle": { - "markdownDescription": "Use to specify the style of an ONTAP volume. FSx for ONTAP offers two styles of volumes that you can use for different purposes, FlexVol and FlexGroup volumes. For more information, see [Volume styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-styles) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "VolumeStyle", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "StorageVirtualMachineId" + "Type" ], "type": "object" }, - "AWS::FSx::Volume.OpenZFSConfiguration": { + "AWS::EFS::FileSystem.BackupPolicy": { "additionalProperties": false, "properties": { - "CopyTagsToSnapshots": { - "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots. This value defaults to `false` . If this value is set to `true` , and you do not specify any tags, all tags for the original volume are copied over to snapshots. If this value is\u00a0set to `true` , and you do specify one or more tags, only the specified tags for the original volume are copied over to snapshots. If you specify one or more tags when creating a new snapshot, no tags are copied over from the original volume, regardless of this value.", - "title": "CopyTagsToSnapshots", - "type": "boolean" - }, - "DataCompressionType": { - "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", - "title": "DataCompressionType", - "type": "string" - }, - "NfsExports": { - "items": { - "$ref": "#/definitions/AWS::FSx::Volume.NfsExports" - }, - "markdownDescription": "The configuration object for mounting a Network File System (NFS) file system.", - "title": "NfsExports", - "type": "array" - }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "To delete the volume's child volumes, snapshots, and clones, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` .", - "title": "Options", - "type": "array" - }, - "OriginSnapshot": { - "$ref": "#/definitions/AWS::FSx::Volume.OriginSnapshot", - "markdownDescription": "The configuration object that specifies the snapshot to use as the origin of the data for the volume.", - "title": "OriginSnapshot" - }, - "ParentVolumeId": { - "markdownDescription": "The ID of the volume to use as the parent volume of the volume that you are creating.", - "title": "ParentVolumeId", + "Status": { + "markdownDescription": "Set the backup policy status for the file system.\n\n- *`ENABLED`* - Turns automatic backups on for the file system.\n- *`DISABLED`* - Turns automatic backups off for the file system.", + "title": "Status", "type": "string" - }, - "ReadOnly": { - "markdownDescription": "A Boolean value indicating whether the volume is read-only.", - "title": "ReadOnly", - "type": "boolean" - }, - "RecordSizeKiB": { - "markdownDescription": "Specifies the suggested block size for a volume in a ZFS dataset, in kibibytes (KiB). For file systems using the Intelligent-Tiering storage class, valid values are 128, 256, 512, 1024, 2048, or 4096 KiB, with a default of 1024 KiB. For all other file systems, valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB, with a default of 128 KiB. We recommend using the default setting for the majority of use cases. Generally, workloads that write in fixed small or large record sizes may benefit from setting a custom record size, like database workloads (small record size) or media streaming workloads (large record size). For additional guidance on when to set a custom record size, see [ZFS Record size](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#record-size-performance) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "RecordSizeKiB", - "type": "number" - }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "Sets the maximum storage size in gibibytes (GiB) for the volume. You can specify a quota that is larger than the storage on the parent volume. A volume quota limits the amount of storage that the volume can consume to the configured amount, but does not guarantee the space will be available on the parent volume. To guarantee quota space, you must also set `StorageCapacityReservationGiB` . To *not* specify a storage capacity quota, set this to `-1` .\n\nFor more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageCapacityQuotaGiB", - "type": "number" - }, - "StorageCapacityReservationGiB": { - "markdownDescription": "Specifies the amount of storage in gibibytes (GiB) to reserve from the parent volume. Setting `StorageCapacityReservationGiB` guarantees that the specified amount of storage space on the parent volume will always be available for the volume. You can't reserve more storage than the parent volume has. To *not* specify a storage capacity reservation, set this to `0` or `-1` . For more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageCapacityReservationGiB", - "type": "number" - }, - "UserAndGroupQuotas": { - "items": { - "$ref": "#/definitions/AWS::FSx::Volume.UserAndGroupQuotas" - }, - "markdownDescription": "Configures how much storage users and groups can use on the volume.", - "title": "UserAndGroupQuotas", - "type": "array" } }, "required": [ - "ParentVolumeId" + "Status" ], "type": "object" }, - "AWS::FSx::Volume.OriginSnapshot": { + "AWS::EFS::FileSystem.ElasticFileSystemTag": { "additionalProperties": false, "properties": { - "CopyStrategy": { - "markdownDescription": "Specifies the strategy used when copying data from the snapshot to the new volume.\n\n- `CLONE` - The new volume references the data in the origin snapshot. Cloning a snapshot is faster than copying data from the snapshot to a new volume and doesn't consume disk throughput. However, the origin snapshot can't be deleted if there is a volume using its copied data.\n- `FULL_COPY` - Copies all data from the snapshot to the new volume.\n\nSpecify this option to create the volume from a snapshot on another FSx for OpenZFS file system.\n\n> The `INCREMENTAL_COPY` option is only for updating an existing volume by using a snapshot from another FSx for OpenZFS file system. For more information, see [CopySnapshotAndUpdateVolume](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html) .", - "title": "CopyStrategy", + "Key": { + "markdownDescription": "The tag key (String). The key can't start with `aws:` .", + "title": "Key", "type": "string" }, - "SnapshotARN": { - "markdownDescription": "Specifies the snapshot to use when creating an OpenZFS volume from a snapshot.", - "title": "SnapshotARN", + "Value": { + "markdownDescription": "The value of the tag key.", + "title": "Value", "type": "string" } }, "required": [ - "CopyStrategy", - "SnapshotARN" + "Key", + "Value" ], "type": "object" }, - "AWS::FSx::Volume.RetentionPeriod": { + "AWS::EFS::FileSystem.FileSystemProtection": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Defines the type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE` , the files are retained forever. If you set it to `UNSPECIFIED` , the files are retained until you set an explicit retention period.", - "title": "Type", + "ReplicationOverwriteProtection": { + "markdownDescription": "The status of the file system's replication overwrite protection.\n\n- `ENABLED` \u2013 The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is `ENABLED` by default.\n- `DISABLED` \u2013 The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.\n- `REPLICATING` \u2013 The file system is being used as the destination file system in a replication configuration. The file system is read-only and is modified only by EFS replication.\n\nIf the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable.", + "title": "ReplicationOverwriteProtection", "type": "string" - }, - "Value": { - "markdownDescription": "Defines the amount of time for the retention period of an FSx for ONTAP SnapLock volume. You can't set a value for `INFINITE` or `UNSPECIFIED` . For all other options, the following ranges are valid:\n\n- `Seconds` : 0 - 65,535\n- `Minutes` : 0 - 65,535\n- `Hours` : 0 - 24\n- `Days` : 0 - 365\n- `Months` : 0 - 12\n- `Years` : 0 - 100", - "title": "Value", - "type": "number" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::FSx::Volume.SnaplockConfiguration": { + "AWS::EFS::FileSystem.LifecyclePolicy": { "additionalProperties": false, "properties": { - "AuditLogVolume": { - "markdownDescription": "Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false` . If you set `AuditLogVolume` to `true` , the SnapLock volume is created as an audit log volume. The minimum retention period for an audit log volume is six months.\n\nFor more information, see [SnapLock audit log volumes](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume) .", - "title": "AuditLogVolume", - "type": "string" - }, - "AutocommitPeriod": { - "$ref": "#/definitions/AWS::FSx::Volume.AutocommitPeriod", - "markdownDescription": "The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume.", - "title": "AutocommitPeriod" - }, - "PrivilegedDelete": { - "markdownDescription": "Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock administrators to delete write once, read many (WORM) files even if they have active retention periods. `PERMANENTLY_DISABLED` is a terminal state. If privileged delete is permanently disabled on a SnapLock volume, you can't re-enable it. The default value is `DISABLED` .\n\nFor more information, see [Privileged delete](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete) .", - "title": "PrivilegedDelete", + "TransitionToArchive": { + "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToArchive", "type": "string" }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::FSx::Volume.SnaplockRetentionPeriod", - "markdownDescription": "Specifies the retention period of an FSx for ONTAP SnapLock volume.", - "title": "RetentionPeriod" - }, - "SnaplockType": { - "markdownDescription": "Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. You can choose one of the following retention modes:\n\n- `COMPLIANCE` : Files transitioned to write once, read many (WORM) on a Compliance volume can't be deleted until their retention periods expire. This retention mode is used to address government or industry-specific mandates or to protect against ransomware attacks. For more information, see [SnapLock Compliance](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html) .\n- `ENTERPRISE` : Files transitioned to WORM on an Enterprise volume can be deleted by authorized users before their retention periods expire using privileged delete. This retention mode is used to advance an organization's data integrity and internal compliance or to test retention settings before using SnapLock Compliance. For more information, see [SnapLock Enterprise](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html) .", - "title": "SnaplockType", + "TransitionToIA": { + "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToIA", "type": "string" }, - "VolumeAppendModeEnabled": { - "markdownDescription": "Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. Volume-append mode allows you to create WORM-appendable files and write data to them incrementally. The default value is `false` .\n\nFor more information, see [Volume-append mode](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append) .", - "title": "VolumeAppendModeEnabled", + "TransitionToPrimaryStorageClass": { + "markdownDescription": "Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToPrimaryStorageClass", "type": "string" } }, - "required": [ - "SnaplockType" - ], "type": "object" }, - "AWS::FSx::Volume.SnaplockRetentionPeriod": { + "AWS::EFS::FileSystem.ReplicationConfiguration": { "additionalProperties": false, "properties": { - "DefaultRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period.", - "title": "DefaultRetention" - }, - "MaximumRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", - "title": "MaximumRetention" - }, - "MinimumRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", - "title": "MinimumRetention" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationDestination" + }, + "markdownDescription": "An array of destination objects. Only one destination object is supported.", + "title": "Destinations", + "type": "array" } }, - "required": [ - "DefaultRetention", - "MaximumRetention", - "MinimumRetention" - ], "type": "object" }, - "AWS::FSx::Volume.TieringPolicy": { + "AWS::EFS::FileSystem.ReplicationDestination": { "additionalProperties": false, "properties": { - "CoolingPeriod": { - "markdownDescription": "Specifies the number of days that user data in a volume must remain inactive before it is considered \"cold\" and moved to the capacity pool. Used with the `AUTO` and `SNAPSHOT_ONLY` tiering policies. Enter a whole number between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY` .", - "title": "CoolingPeriod", - "type": "number" + "AvailabilityZoneName": { + "markdownDescription": "For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located.\n\nUse the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide* .\n\n> One Zone file system type is not available in all Availability Zones in AWS Regions where Amazon EFS is available.", + "title": "AvailabilityZoneName", + "type": "string" }, - "Name": { - "markdownDescription": "Specifies the tiering policy used to transition data. Default value is `SNAPSHOT_ONLY` .\n\n- `SNAPSHOT_ONLY` - moves cold snapshots to the capacity pool storage tier.\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", - "title": "Name", + "FileSystemId": { + "markdownDescription": "The ID of the destination Amazon EFS file system.", + "title": "FileSystemId", "type": "string" - } - }, - "type": "object" - }, - "AWS::FSx::Volume.UserAndGroupQuotas": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the user or group that the quota applies to.", - "title": "Id", - "type": "number" }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", - "title": "StorageCapacityQuotaGiB", - "type": "number" + "KmsKeyId": { + "markdownDescription": "The ID of an AWS KMS key used to protect the encrypted file system.", + "title": "KmsKeyId", + "type": "string" }, - "Type": { - "markdownDescription": "Specifies whether the quota applies to a user or group.", - "title": "Type", + "Region": { + "markdownDescription": "The AWS Region in which the destination file system is located.\n\n> For One Zone file systems, the replication configuration must specify the AWS Region in which the destination file system is located.", + "title": "Region", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the current source file system in the replication configuration.", + "title": "RoleArn", + "type": "string" + }, + "Status": { + "markdownDescription": "Describes the status of the replication configuration. For more information about replication status, see [Viewing replication details](https://docs.aws.amazon.com//efs/latest/ug/awsbackup.html#restoring-backup-efsmonitoring-replication-status.html) in the *Amazon EFS User Guide* .", + "title": "Status", + "type": "string" + }, + "StatusMessage": { + "markdownDescription": "Message that provides details about the `PAUSED` or `ERRROR` state of the replication destination configuration. For more information about replication status messages, see [Viewing replication details](https://docs.aws.amazon.com//efs/latest/ug/awsbackup.html#restoring-backup-efsmonitoring-replication-status.html) in the *Amazon EFS User Guide* .", + "title": "StatusMessage", "type": "string" } }, - "required": [ - "Id", - "StorageCapacityQuotaGiB", - "Type" - ], "type": "object" }, - "AWS::FinSpace::Environment": { + "AWS::EFS::MountTarget": { "additionalProperties": false, "properties": { "Condition": { @@ -101077,53 +107512,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the FinSpace environment.", - "title": "Description", + "FileSystemId": { + "markdownDescription": "The ID of the file system for which to create the mount target.", + "title": "FileSystemId", "type": "string" }, - "FederationMode": { - "markdownDescription": "The authentication mode for the environment.", - "title": "FederationMode", + "IpAddress": { + "markdownDescription": "If the `IpAddressType` for the mount target is IPv4 ( `IPV4_ONLY` or `DUAL_STACK` ), then specify the IPv4 address to use. If you do not specify an `IpAddress` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", + "title": "IpAddress", "type": "string" }, - "FederationParameters": { - "$ref": "#/definitions/AWS::FinSpace::Environment.FederationParameters", - "markdownDescription": "Configuration information when authentication mode is FEDERATED.", - "title": "FederationParameters" - }, - "KmsKeyId": { - "markdownDescription": "The KMS key id used to encrypt in the FinSpace environment.", - "title": "KmsKeyId", + "IpAddressType": { + "markdownDescription": "The IP address type for the mount target. The possible values are `IPV4_ONLY` (only IPv4 addresses), `IPV6_ONLY` (only IPv6 addresses), and `DUAL_STACK` (dual-stack, both IPv4 and IPv6 addresses). If you don\u2019t specify an `IpAddressType` , then `IPV4_ONLY` is used.\n\n> The `IPAddressType` must match the IP type of the subnet. Additionally, the `IPAddressType` parameter overrides the value set as the default IP address for the subnet in the VPC. For example, if the `IPAddressType` is `IPV4_ONLY` and `AssignIpv6AddressOnCreation` is `true` , then IPv4 is used for the mount target. For more information, see [Modify the IP addressing attributes of your subnet](https://docs.aws.amazon.com/vpc/latest/userguide/subnet-public-ip.html) .", + "title": "IpAddressType", "type": "string" }, - "Name": { - "markdownDescription": "The name of the FinSpace environment.", - "title": "Name", + "Ipv6Address": { + "markdownDescription": "If the `IPAddressType` for the mount target is IPv6 ( `IPV6_ONLY` or `DUAL_STACK` ), then specify the IPv6 address to use. If you do not specify an `Ipv6Address` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", + "title": "Ipv6Address", "type": "string" }, - "SuperuserParameters": { - "$ref": "#/definitions/AWS::FinSpace::Environment.SuperuserParameters", - "markdownDescription": "Configuration information for the superuser.", - "title": "SuperuserParameters" - }, - "Tags": { + "SecurityGroups": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). If you don't specify a security group, then Amazon EFS uses the default security group for the subnet's VPC.", + "title": "SecurityGroups", "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. The subnet type must be the same type as the `IpAddressType` .", + "title": "SubnetId", + "type": "string" } }, "required": [ - "Name" + "FileSystemId", + "SecurityGroups", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::FinSpace::Environment" + "AWS::EFS::MountTarget" ], "type": "string" }, @@ -101142,83 +107574,7 @@ ], "type": "object" }, - "AWS::FinSpace::Environment.AttributeMapItems": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::FinSpace::Environment.FederationParameters": { - "additionalProperties": false, - "properties": { - "ApplicationCallBackURL": { - "markdownDescription": "The redirect or sign-in URL that should be entered into the SAML 2.0 compliant identity provider configuration (IdP).", - "title": "ApplicationCallBackURL", - "type": "string" - }, - "AttributeMap": { - "items": { - "$ref": "#/definitions/AWS::FinSpace::Environment.AttributeMapItems" - }, - "markdownDescription": "SAML attribute name and value. The name must always be `Email` and the value should be set to the attribute definition in which user email is set. For example, name would be `Email` and value `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` . Please check your SAML 2.0 compliant identity provider (IdP) documentation for details.", - "title": "AttributeMap", - "type": "array" - }, - "FederationProviderName": { - "markdownDescription": "Name of the identity provider (IdP).", - "title": "FederationProviderName", - "type": "string" - }, - "FederationURN": { - "markdownDescription": "The Uniform Resource Name (URN). Also referred as Service Provider URN or Audience URI or Service Provider Entity ID.", - "title": "FederationURN", - "type": "string" - }, - "SamlMetadataDocument": { - "markdownDescription": "SAML 2.0 Metadata document from identity provider (IdP).", - "title": "SamlMetadataDocument", - "type": "string" - }, - "SamlMetadataURL": { - "markdownDescription": "Provide the metadata URL from your SAML 2.0 compliant identity provider (IdP).", - "title": "SamlMetadataURL", - "type": "string" - } - }, - "type": "object" - }, - "AWS::FinSpace::Environment.SuperuserParameters": { - "additionalProperties": false, - "properties": { - "EmailAddress": { - "markdownDescription": "The email address of the superuser.", - "title": "EmailAddress", - "type": "string" - }, - "FirstName": { - "markdownDescription": "The first name of the superuser.", - "title": "FirstName", - "type": "string" - }, - "LastName": { - "markdownDescription": "The last name of the superuser.", - "title": "LastName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Forecast::Dataset": { + "AWS::EKS::AccessEntry": { "additionalProperties": false, "properties": { "Condition": { @@ -101253,56 +107609,60 @@ "Properties": { "additionalProperties": false, "properties": { - "DataFrequency": { - "markdownDescription": "The frequency of data collection. This parameter is required for RELATED_TIME_SERIES datasets.\n\nValid intervals are an integer followed by Y (Year), M (Month), W (Week), D (Day), H (Hour), and min (Minute). For example, \"1D\" indicates every day and \"15min\" indicates every 15 minutes. You cannot specify a value that would overlap with the next larger frequency. That means, for example, you cannot specify a frequency of 60 minutes, because that is equivalent to 1 hour. The valid values for each frequency are the following:\n\n- Minute - 1-59\n- Hour - 1-23\n- Day - 1-6\n- Week - 1-4\n- Month - 1-11\n- Year - 1\n\nThus, if you want every other week forecasts, specify \"2W\". Or, if you want quarterly forecasts, you specify \"3M\".", - "title": "DataFrequency", - "type": "string" + "AccessPolicies": { + "items": { + "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessPolicy" + }, + "markdownDescription": "The access policies to associate to the access entry.", + "title": "AccessPolicies", + "type": "array" }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "DatasetType": { - "markdownDescription": "The dataset type.", - "title": "DatasetType", - "type": "string" + "KubernetesGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for `name` that you've specified for `kind: Group` as a `subject` in a Kubernetes `RoleBinding` or `ClusterRoleBinding` object. Amazon EKS doesn't confirm that the value for `name` exists in any bindings on your cluster. You can specify one or more names.\n\nKubernetes authorizes the `principalArn` of the access entry to access any cluster objects that you've specified in a Kubernetes `Role` or `ClusterRole` object that is also specified in a binding's `roleRef` . For more information about creating Kubernetes `RoleBinding` , `ClusterRoleBinding` , `Role` , or `ClusterRole` objects, see [Using RBAC Authorization in the Kubernetes documentation](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/access-authn-authz/rbac/) .\n\nIf you want Amazon EKS to authorize the `principalArn` (instead of, or in addition to Kubernetes authorizing the `principalArn` ), you can associate one or more access policies to the access entry using `AssociateAccessPolicy` . If you associate any access policies, the `principalARN` has all permissions assigned in the associated access policies and all permissions in any Kubernetes `Role` or `ClusterRole` objects that the group names are bound to.", + "title": "KubernetesGroups", + "type": "array" }, - "Domain": { - "markdownDescription": "The domain associated with the dataset.", - "title": "Domain", + "PrincipalArn": { + "markdownDescription": "The ARN of the IAM principal for the `AccessEntry` . You can specify one ARN for each access entry. You can't specify the same ARN in more than one access entry. This value can't be changed after access entry creation.\n\nThe valid principals differ depending on the type of the access entry in the `type` field. For `STANDARD` access entries, you can use every IAM principal type. For nodes ( `EC2` (for EKS Auto Mode), `EC2_LINUX` , `EC2_WINDOWS` , `FARGATE_LINUX` , and `HYBRID_LINUX` ), the only valid ARN is IAM roles. You can't use the STS session principal type with access entries because this is a temporary principal for each session and not a permanent identity that can be assigned permissions.\n\n[IAM best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) recommend using IAM roles with temporary credentials, rather than IAM users with long-term credentials.", + "title": "PrincipalArn", "type": "string" }, - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Forecast::Dataset.EncryptionConfig", - "markdownDescription": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key.", - "title": "EncryptionConfig" - }, - "Schema": { - "$ref": "#/definitions/AWS::Forecast::Dataset.Schema", - "markdownDescription": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) .", - "title": "Schema" - }, "Tags": { "items": { - "$ref": "#/definitions/AWS::Forecast::Dataset.TagsItems" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of the new access entry. Valid values are `STANDARD` , `FARGATE_LINUX` , `EC2_LINUX` , `EC2_WINDOWS` , `EC2` (for EKS Auto Mode), `HYBRID_LINUX` , and `HYPERPOD_LINUX` .\n\nIf the `principalArn` is for an IAM role that's used for self-managed Amazon EC2 nodes, specify `EC2_LINUX` or `EC2_WINDOWS` . Amazon EKS grants the necessary permissions to the node for you. If the `principalArn` is for any other purpose, specify `STANDARD` . If you don't specify a value, Amazon EKS sets the value to `STANDARD` . If you have the access mode of the cluster set to `API_AND_CONFIG_MAP` , it's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the `aws-auth` `ConfigMap` for the roles. You can't change this value once you've created the access entry.\n\nIf you set the value to `EC2_LINUX` or `EC2_WINDOWS` , you can't specify values for `kubernetesGroups` , or associate an `AccessPolicy` to the access entry.", + "title": "Type", + "type": "string" + }, + "Username": { + "markdownDescription": "The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries) in the *Amazon EKS User Guide* .", + "title": "Username", + "type": "string" } }, "required": [ - "DatasetName", - "DatasetType", - "Domain", - "Schema" + "ClusterName", + "PrincipalArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Forecast::Dataset" + "AWS::EKS::AccessEntry" ], "type": "string" }, @@ -101321,73 +107681,49 @@ ], "type": "object" }, - "AWS::Forecast::Dataset.AttributesItems": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "", - "title": "AttributeName", - "type": "string" - }, - "AttributeType": { - "markdownDescription": "", - "title": "AttributeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Forecast::Dataset.EncryptionConfig": { + "AWS::EKS::AccessEntry.AccessPolicy": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key.", - "title": "KmsKeyArn", - "type": "string" + "AccessScope": { + "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessScope", + "markdownDescription": "The scope of an `AccessPolicy` that's associated to an `AccessEntry` .", + "title": "AccessScope" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.\n\nPassing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error.", - "title": "RoleArn", + "PolicyArn": { + "markdownDescription": "The ARN of the access policy.", + "title": "PolicyArn", "type": "string" } }, + "required": [ + "AccessScope", + "PolicyArn" + ], "type": "object" }, - "AWS::Forecast::Dataset.Schema": { + "AWS::EKS::AccessEntry.AccessScope": { "additionalProperties": false, "properties": { - "Attributes": { + "Namespaces": { "items": { - "$ref": "#/definitions/AWS::Forecast::Dataset.AttributesItems" + "type": "string" }, - "markdownDescription": "An array of attributes specifying the name and type of each field in a dataset.", - "title": "Attributes", + "markdownDescription": "A Kubernetes `namespace` that an access policy is scoped to. A value is required if you specified `namespace` for `Type` .", + "title": "Namespaces", "type": "array" - } - }, - "type": "object" - }, - "AWS::Forecast::Dataset.TagsItems": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", + "Type": { + "markdownDescription": "The scope type of an access policy.", + "title": "Type", "type": "string" } }, "required": [ - "Key", - "Value" + "Type" ], "type": "object" }, - "AWS::Forecast::DatasetGroup": { + "AWS::EKS::Addon": { "additionalProperties": false, "properties": { "Condition": { @@ -101422,42 +107758,67 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetArns": { + "AddonName": { + "markdownDescription": "The name of the add-on.", + "title": "AddonName", + "type": "string" + }, + "AddonVersion": { + "markdownDescription": "The version of the add-on.", + "title": "AddonVersion", + "type": "string" + }, + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", + "type": "string" + }, + "ConfigurationValues": { + "markdownDescription": "The configuration values that you provided.", + "title": "ConfigurationValues", + "type": "string" + }, + "PodIdentityAssociations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EKS::Addon.PodIdentityAssociation" }, - "markdownDescription": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group.", - "title": "DatasetArns", + "markdownDescription": "An array of EKS Pod Identity associations owned by the add-on. Each association maps a role to a service account in a namespace in the cluster.\n\nFor more information, see [Attach an IAM Role to an Amazon EKS add-on using EKS Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/add-ons-iam.html) in the *Amazon EKS User Guide* .", + "title": "PodIdentityAssociations", "type": "array" }, - "DatasetGroupName": { - "markdownDescription": "The name of the dataset group.", - "title": "DatasetGroupName", + "PreserveOnDelete": { + "markdownDescription": "Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.", + "title": "PreserveOnDelete", + "type": "boolean" + }, + "ResolveConflicts": { + "markdownDescription": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose:\n\n- *None* \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail.\n- *Overwrite* \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value.\n- *Preserve* \u2013 This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see [`UpdateAddon`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) .\n\nIf you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", + "title": "ResolveConflicts", "type": "string" }, - "Domain": { - "markdownDescription": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the `Domain` parameter of the [CreateDataset](https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html) operation must match.\n\nThe `Domain` and `DatasetType` that you choose determine the fields that must be present in training data that you import to a dataset. For example, if you choose the `RETAIL` domain and `TARGET_TIME_SERIES` as the `DatasetType` , Amazon Forecast requires that `item_id` , `timestamp` , and `demand` fields are present in your data. For more information, see [Dataset groups](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-datasets-groups.html) .", - "title": "Domain", + "ServiceAccountRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the *Amazon EKS User Guide* .\n\n> To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see [Enabling IAM roles for service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the *Amazon EKS User Guide* .", + "title": "ServiceAccountRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.", "title": "Tags", "type": "array" } }, "required": [ - "DatasetGroupName", - "Domain" + "AddonName", + "ClusterName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Forecast::DatasetGroup" + "AWS::EKS::Addon" ], "type": "string" }, @@ -101476,7 +107837,27 @@ ], "type": "object" }, - "AWS::FraudDetector::Detector": { + "AWS::EKS::Addon.PodIdentityAssociation": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", + "title": "RoleArn", + "type": "string" + }, + "ServiceAccount": { + "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", + "title": "ServiceAccount", + "type": "string" + } + }, + "required": [ + "RoleArn", + "ServiceAccount" + ], + "type": "object" + }, + "AWS::EKS::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -101511,66 +107892,107 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociatedModels": { + "AccessConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.AccessConfig", + "markdownDescription": "The access configuration for the cluster.", + "title": "AccessConfig" + }, + "BootstrapSelfManagedAddons": { + "markdownDescription": "If you set this value to `False` when creating a cluster, the default networking add-ons will not be installed.\n\nThe default networking add-ons include `vpc-cni` , `coredns` , and `kube-proxy` .\n\nUse this option when you plan to install third-party alternative add-ons or self-manage the default networking add-ons.", + "title": "BootstrapSelfManagedAddons", + "type": "boolean" + }, + "ComputeConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ComputeConfig", + "markdownDescription": "Indicates the current configuration of the compute capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your AWS account. For more information, see EKS Auto Mode compute capability in the *Amazon EKS User Guide* .", + "title": "ComputeConfig" + }, + "EncryptionConfig": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Model" + "$ref": "#/definitions/AWS::EKS::Cluster.EncryptionConfig" }, - "markdownDescription": "The models to associate with this detector. You must provide the ARNs of all the models you want to associate.", - "title": "AssociatedModels", + "markdownDescription": "The encryption configuration for the cluster.", + "title": "EncryptionConfig", "type": "array" }, - "Description": { - "markdownDescription": "The detector description.", - "title": "Description", - "type": "string" + "Force": { + "markdownDescription": "Set this value to `true` to override upgrade-blocking readiness checks when updating a cluster.", + "title": "Force", + "type": "boolean" }, - "DetectorId": { - "markdownDescription": "The name of the detector.", - "title": "DetectorId", - "type": "string" + "KubernetesNetworkConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.KubernetesNetworkConfig", + "markdownDescription": "The Kubernetes network configuration for the cluster.", + "title": "KubernetesNetworkConfig" }, - "DetectorVersionStatus": { - "markdownDescription": "The status of the detector version. If a value is not provided for this property, AWS CloudFormation assumes `DRAFT` status.\n\nValid values: `ACTIVE | DRAFT`", - "title": "DetectorVersionStatus", + "Logging": { + "$ref": "#/definitions/AWS::EKS::Cluster.Logging", + "markdownDescription": "The logging configuration for your cluster.", + "title": "Logging" + }, + "Name": { + "markdownDescription": "The unique name to give to your cluster. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphanumeric character and can't be longer than 100 characters. The name must be unique within the AWS Region and AWS account that you're creating the cluster in. Note that underscores can't be used in AWS CloudFormation .", + "title": "Name", "type": "string" }, - "EventType": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EventType", - "markdownDescription": "The event type associated with this detector.", - "title": "EventType" + "OutpostConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.OutpostConfig", + "markdownDescription": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", + "title": "OutpostConfig" }, - "RuleExecutionMode": { - "markdownDescription": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules.", - "title": "RuleExecutionMode", + "RemoteNetworkConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemoteNetworkConfig", + "markdownDescription": "The configuration in the cluster for EKS Hybrid Nodes. You can add, change, or remove this configuration after the cluster is created.", + "title": "RemoteNetworkConfig" + }, + "ResourcesVpcConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ResourcesVpcConfig", + "markdownDescription": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.", + "title": "ResourcesVpcConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see [Amazon EKS Service IAM Role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the **Amazon EKS User Guide** .", + "title": "RoleArn", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Rule" - }, - "markdownDescription": "The rules to include in the detector version.", - "title": "Rules", - "type": "array" + "StorageConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.StorageConfig", + "markdownDescription": "Indicates the current configuration of the block storage capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your AWS account. For more information, see EKS Auto Mode block storage capability in the *Amazon EKS User Guide* .", + "title": "StorageConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.\n\n> You must have the `eks:TagResource` and `eks:UntagResource` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "title": "Tags", "type": "array" + }, + "UpgradePolicy": { + "$ref": "#/definitions/AWS::EKS::Cluster.UpgradePolicy", + "markdownDescription": "This value indicates if extended support is enabled or disabled for the cluster.\n\n[Learn more about EKS Extended Support in the *Amazon EKS User Guide* .](https://docs.aws.amazon.com/eks/latest/userguide/extended-support-control.html)", + "title": "UpgradePolicy" + }, + "Version": { + "markdownDescription": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used.\n\n> The default version might not be the latest version available.", + "title": "Version", + "type": "string" + }, + "ZonalShiftConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ZonalShiftConfig", + "markdownDescription": "The configuration for zonal shift for the cluster.", + "title": "ZonalShiftConfig" } }, "required": [ - "DetectorId", - "EventType", - "Rules" + "ResourcesVpcConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::Detector" + "AWS::EKS::Cluster" ], "type": "string" }, @@ -101589,349 +108011,335 @@ ], "type": "object" }, - "AWS::FraudDetector::Detector.EntityType": { + "AWS::EKS::Cluster.AccessConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the entity type was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", + "AuthenticationMode": { + "markdownDescription": "The desired authentication mode for the cluster. If you create a cluster by using the EKS API, AWS SDKs, or AWS CloudFormation , the default is `CONFIG_MAP` . If you create the cluster by using the AWS Management Console , the default value is `API_AND_CONFIG_MAP` .", + "title": "AuthenticationMode", "type": "string" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", + "BootstrapClusterCreatorAdminPermissions": { + "markdownDescription": "Specifies whether or not the cluster creator IAM principal was set as a cluster admin access entry during cluster creation time. The default value is `true` .", + "title": "BootstrapClusterCreatorAdminPermissions", "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the entity type was last updated.", - "title": "LastUpdatedTime", - "type": "string" - }, - "Name": { - "markdownDescription": "The entity type name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::FraudDetector::Detector.EventType": { + "AWS::EKS::Cluster.BlockStorage": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The event type description.", - "title": "Description", - "type": "string" - }, - "EntityTypes": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EntityType" - }, - "markdownDescription": "The event type entity types.", - "title": "EntityTypes", - "type": "array" - }, - "EventVariables": { + "Enabled": { + "markdownDescription": "Indicates if the block storage capability is enabled on your EKS Auto Mode cluster. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your AWS account.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ClusterLogging": { + "additionalProperties": false, + "properties": { + "EnabledTypes": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EventVariable" + "$ref": "#/definitions/AWS::EKS::Cluster.LoggingTypeConfig" }, - "markdownDescription": "The event type event variables.", - "title": "EventVariables", + "markdownDescription": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n> When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it.", + "title": "EnabledTypes", "type": "array" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ComputeConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Request to enable or disable the compute capability on your EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your AWS account.", + "title": "Enabled", "type": "boolean" }, - "Labels": { + "NodePools": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Label" + "type": "string" }, - "markdownDescription": "The event type labels.", - "title": "Labels", + "markdownDescription": "Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. For more information, see EKS Auto Mode Node Pools in the *Amazon EKS User Guide* .", + "title": "NodePools", "type": "array" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the event type was last updated.", - "title": "LastUpdatedTime", + "NodeRoleArn": { + "markdownDescription": "The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled. For more information, see the IAM Reference in the *Amazon EKS User Guide* .", + "title": "NodeRoleArn", "type": "string" - }, - "Name": { - "markdownDescription": "The event type name.", - "title": "Name", + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ControlPlanePlacement": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The name of the placement group for the Kubernetes control plane instances. This property is only used for a local cluster on an AWS Outpost.", + "title": "GroupName", "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ElasticLoadBalancing": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates if the load balancing capability is enabled on your EKS Auto Mode cluster. If the load balancing capability is enabled, EKS Auto Mode will create and delete load balancers in your AWS account.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.EncryptionConfig": { + "additionalProperties": false, + "properties": { + "Provider": { + "$ref": "#/definitions/AWS::EKS::Cluster.Provider", + "markdownDescription": "The encryption provider for the cluster.", + "title": "Provider" }, - "Tags": { + "Resources": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "Specifies the resources to be encrypted. The only supported value is `secrets` .", + "title": "Resources", "type": "array" } }, "type": "object" }, - "AWS::FraudDetector::Detector.EventVariable": { + "AWS::EKS::Cluster.KubernetesNetworkConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The event variable ARN.", - "title": "Arn", - "type": "string" + "ElasticLoadBalancing": { + "$ref": "#/definitions/AWS::EKS::Cluster.ElasticLoadBalancing", + "markdownDescription": "Request to enable or disable the load balancing capability on your EKS Auto Mode cluster. For more information, see EKS Auto Mode load balancing capability in the *Amazon EKS User Guide* .", + "title": "ElasticLoadBalancing" }, - "CreatedTime": { - "markdownDescription": "Timestamp for when the event variable was created.", - "title": "CreatedTime", - "type": "string" - }, - "DataSource": { - "markdownDescription": "The data source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", + "IpFamily": { + "markdownDescription": "Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you don't specify a value, `ipv4` is used by default. You can only specify an IP family when you create a cluster and can't change this value once the cluster is created. If you specify `ipv6` , the VPC and subnets that you specify for cluster creation must have both `IPv4` and `IPv6` CIDR blocks assigned to them. You can't specify `ipv6` for clusters in China Regions.\n\nYou can only specify `ipv6` for `1.21` and later clusters that use version `1.10.1` or later of the Amazon VPC CNI add-on. If you specify `ipv6` , then ensure that your VPC meets the requirements listed in the considerations listed in [Assigning IPv6 addresses to pods and services](https://docs.aws.amazon.com/eks/latest/userguide/cni-ipv6.html) in the *Amazon EKS User Guide* . Kubernetes assigns services `IPv6` addresses from the unique local address range `(fc00::/7)` . You can't specify a custom `IPv6` CIDR block. Pod addresses are assigned from the subnet's `IPv6` CIDR.", + "title": "IpFamily", "type": "string" }, - "DataType": { - "markdownDescription": "The data type of the event variable.\n\nValid values: `STRING | INTEGER | BOOLEAN | FLOAT`", - "title": "DataType", + "ServiceIpv4Cidr": { + "markdownDescription": "Don't specify a value if you select `ipv6` for *ipFamily* . The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the `10.100.0.0/16` or `172.20.0.0/16` CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:\n\n- Within one of the following private IP address blocks: `10.0.0.0/8` , `172.16.0.0/12` , or `192.168.0.0/16` .\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between `/24` and `/12` .\n\n> You can only specify a custom CIDR block when you create a cluster. You can't change this value after the cluster is created.", + "title": "ServiceIpv4Cidr", "type": "string" }, - "DefaultValue": { - "markdownDescription": "The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN.", - "title": "DefaultValue", + "ServiceIpv6Cidr": { + "markdownDescription": "The CIDR block that Kubernetes pod and service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster. Kubernetes assigns service addresses from the unique local address range ( `fc00::/7` ) because you can't specify a custom IPv6 CIDR block when you create the cluster.", + "title": "ServiceIpv6Cidr", "type": "string" - }, - "Description": { - "markdownDescription": "The description of the event variable.", - "title": "Description", + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.Logging": { + "additionalProperties": false, + "properties": { + "ClusterLogging": { + "$ref": "#/definitions/AWS::EKS::Cluster.ClusterLogging", + "markdownDescription": "The cluster control plane logging configuration for your cluster.", + "title": "ClusterLogging" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.LoggingTypeConfig": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The name of the log type.", + "title": "Type", "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the event variable was last updated.", - "title": "LastUpdatedTime", + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.OutpostConfig": { + "additionalProperties": false, + "properties": { + "ControlPlaneInstanceType": { + "markdownDescription": "The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. Choose an instance type based on the number of nodes that your cluster will have. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .\n\nThe instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. The control plane is not automatically scaled by Amazon EKS.", + "title": "ControlPlaneInstanceType", "type": "string" }, - "Name": { - "markdownDescription": "The name of the event variable.", - "title": "Name", - "type": "string" + "ControlPlanePlacement": { + "$ref": "#/definitions/AWS::EKS::Cluster.ControlPlanePlacement", + "markdownDescription": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on an AWS Outpost. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .", + "title": "ControlPlanePlacement" }, - "Tags": { + "OutpostArns": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. Only a single Outpost ARN is supported.", + "title": "OutpostArns", "type": "array" - }, - "VariableType": { - "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .", - "title": "VariableType", - "type": "string" } }, + "required": [ + "ControlPlaneInstanceType", + "OutpostArns" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Label": { + "AWS::EKS::Cluster.Provider": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The label ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The label description.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the label was last updated.", - "title": "LastUpdatedTime", - "type": "string" - }, - "Name": { - "markdownDescription": "The label name.", - "title": "Name", + "KeyArn": { + "markdownDescription": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric and created in the same AWS Region as the cluster. If the KMS key was created in a different account, the [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) must have access to the KMS key. For more information, see [Allowing users in other accounts to use a KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KeyArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.RemoteNetworkConfig": { + "additionalProperties": false, + "properties": { + "RemoteNodeNetworks": { + "items": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemoteNodeNetwork" + }, + "markdownDescription": "The list of network CIDRs that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names.", + "title": "RemoteNodeNetworks", + "type": "array" }, - "Tags": { + "RemotePodNetworks": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EKS::Cluster.RemotePodNetwork" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The list of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.", + "title": "RemotePodNetworks", "type": "array" } }, + "required": [ + "RemoteNodeNetworks" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Model": { + "AWS::EKS::Cluster.RemoteNodeNetwork": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the model.", - "title": "Arn", - "type": "string" + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "A network CIDR that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names.", + "title": "Cidrs", + "type": "array" } }, + "required": [ + "Cidrs" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Outcome": { + "AWS::EKS::Cluster.RemotePodNetwork": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The outcome ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "The timestamp when the outcome was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The outcome description.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "The timestamp when the outcome was last updated.", - "title": "LastUpdatedTime", - "type": "string" - }, - "Name": { - "markdownDescription": "The outcome name.", - "title": "Name", - "type": "string" - }, - "Tags": { + "Cidrs": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "A network CIDR that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.", + "title": "Cidrs", "type": "array" } }, + "required": [ + "Cidrs" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Rule": { + "AWS::EKS::Cluster.ResourcesVpcConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The rule ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp for when the rule was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The rule description.", - "title": "Description", - "type": "string" - }, - "DetectorId": { - "markdownDescription": "The detector for which the rule is associated.", - "title": "DetectorId", - "type": "string" - }, - "Expression": { - "markdownDescription": "The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) .", - "title": "Expression", - "type": "string" - }, - "Language": { - "markdownDescription": "The rule language.\n\nValid Value: DETECTORPL", - "title": "Language", - "type": "string" + "EndpointPrivateAccess": { + "markdownDescription": "Set this value to `true` to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is `false` , which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", + "title": "EndpointPrivateAccess", + "type": "boolean" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the rule was last updated.", - "title": "LastUpdatedTime", - "type": "string" + "EndpointPublicAccess": { + "markdownDescription": "Set this value to `false` to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is `true` , which enables public access for your Kubernetes API server. The endpoint domain name and IP address family depends on the value of the `ipFamily` for the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", + "title": "EndpointPublicAccess", + "type": "boolean" }, - "Outcomes": { + "PublicAccessCidrs": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Outcome" + "type": "string" }, - "markdownDescription": "The rule outcome.", - "title": "Outcomes", + "markdownDescription": "The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is `0.0.0.0/0` and additionally `::/0` for dual-stack `IPv6` clusters. If you've disabled private endpoint access, make sure that you specify the necessary CIDR blocks for every node and AWS Fargate `Pod` in the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .\n\nNote that the public endpoints are dual-stack for only `IPv6` clusters that are made after October 2024. You can't add `IPv6` CIDR blocks to `IPv4` clusters or `IPv6` clusters that were made before October 2024.", + "title": "PublicAccessCidrs", "type": "array" }, - "RuleId": { - "markdownDescription": "The rule ID.", - "title": "RuleId", - "type": "string" - }, - "RuleVersion": { - "markdownDescription": "The rule version.", - "title": "RuleVersion", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see [Amazon EKS security group considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the **Amazon EKS User Guide** .", + "title": "SecurityGroupIds", + "type": "array" }, - "Tags": { + "SubnetIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.", + "title": "SubnetIds", "type": "array" } }, + "required": [ + "SubnetIds" + ], "type": "object" }, - "AWS::FraudDetector::EntityType": { + "AWS::EKS::Cluster.StorageConfig": { + "additionalProperties": false, + "properties": { + "BlockStorage": { + "$ref": "#/definitions/AWS::EKS::Cluster.BlockStorage", + "markdownDescription": "Request to configure EBS Block Storage settings for your EKS Auto Mode cluster.", + "title": "BlockStorage" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.UpgradePolicy": { + "additionalProperties": false, + "properties": { + "SupportType": { + "markdownDescription": "If the cluster is set to `EXTENDED` , it will enter extended support at the end of standard support. If the cluster is set to `STANDARD` , it will be automatically upgraded at the end of standard support.\n\n[Learn more about EKS Extended Support in the *Amazon EKS User Guide* .](https://docs.aws.amazon.com/eks/latest/userguide/extended-support-control.html)", + "title": "SupportType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ZonalShiftConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If zonal shift is enabled, AWS configures zonal autoshift for the cluster.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::FargateProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -101966,33 +108374,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "Name": { - "markdownDescription": "The entity type name.\n\nPattern: `^[0-9a-z_-]+$`", - "title": "Name", + "FargateProfileName": { + "markdownDescription": "The name of the Fargate profile.", + "title": "FargateProfileName", + "type": "string" + }, + "PodExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Pod` execution role to use for a `Pod` that matches the selectors in the Fargate profile. The `Pod` execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see [`Pod` execution role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) in the *Amazon EKS User Guide* .", + "title": "PodExecutionRoleArn", "type": "string" }, + "Selectors": { + "items": { + "$ref": "#/definitions/AWS::EKS::FargateProfile.Selector" + }, + "markdownDescription": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile.", + "title": "Selectors", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", + "title": "Subnets", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A key and value pair.", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "ClusterName", + "PodExecutionRoleArn", + "Selectors" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::EntityType" + "AWS::EKS::FargateProfile" ], "type": "string" }, @@ -102011,7 +108442,49 @@ ], "type": "object" }, - "AWS::FraudDetector::EventType": { + "AWS::EKS::FargateProfile.Label": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "Enter a key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "Enter a value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EKS::FargateProfile.Selector": { + "additionalProperties": false, + "properties": { + "Labels": { + "items": { + "$ref": "#/definitions/AWS::EKS::FargateProfile.Label" + }, + "markdownDescription": "The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.", + "title": "Labels", + "type": "array" + }, + "Namespace": { + "markdownDescription": "The Kubernetes `namespace` that the selector should match.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "AWS::EKS::IdentityProviderConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -102046,60 +108519,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The event type description.", - "title": "Description", + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "EntityTypes": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.EntityType" - }, - "markdownDescription": "The event type entity types.", - "title": "EntityTypes", - "type": "array" - }, - "EventVariables": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.EventVariable" - }, - "markdownDescription": "The event type event variables.", - "title": "EventVariables", - "type": "array" - }, - "Labels": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.Label" - }, - "markdownDescription": "The event type labels.", - "title": "Labels", - "type": "array" - }, - "Name": { - "markdownDescription": "The event type name.\n\nPattern : `^[0-9a-z_-]+$`", - "title": "Name", + "IdentityProviderConfigName": { + "markdownDescription": "The name of the configuration.", + "title": "IdentityProviderConfigName", "type": "string" }, + "Oidc": { + "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig", + "markdownDescription": "An object representing an OpenID Connect (OIDC) identity provider configuration.", + "title": "Oidc" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of the identity provider configuration. The only type available is `oidc` .", + "title": "Type", + "type": "string" } }, "required": [ - "EntityTypes", - "EventVariables", - "Labels", - "Name" + "ClusterName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::EventType" + "AWS::EKS::IdentityProviderConfig" ], "type": "string" }, @@ -102118,159 +108575,75 @@ ], "type": "object" }, - "AWS::FraudDetector::EventType.EntityType": { + "AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the entity type was created.", - "title": "CreatedTime", + "ClientId": { + "markdownDescription": "This is also known as *audience* . The ID of the client application that makes authentication requests to the OIDC identity provider.", + "title": "ClientId", "type": "string" }, - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", + "GroupsClaim": { + "markdownDescription": "The JSON web token (JWT) claim that the provider uses to return your groups.", + "title": "GroupsClaim", "type": "string" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the entity type was last updated.", - "title": "LastUpdatedTime", + "GroupsPrefix": { + "markdownDescription": "The prefix that is prepended to group claims to prevent clashes with existing names (such as `system:` groups). For example, the value `oidc:` creates group names like `oidc:engineering` and `oidc:infra` . The prefix can't contain `system:`", + "title": "GroupsPrefix", "type": "string" }, - "Name": { - "markdownDescription": "The entity type name.\n\n`^[0-9a-z_-]+$`", - "title": "Name", + "IssuerUrl": { + "markdownDescription": "The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.", + "title": "IssuerUrl", "type": "string" }, - "Tags": { + "RequiredClaims": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.RequiredClaim" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.", + "title": "RequiredClaims", "type": "array" - } - }, - "type": "object" - }, - "AWS::FraudDetector::EventType.EventVariable": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The event variable ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp for when event variable was created.", - "title": "CreatedTime", - "type": "string" - }, - "DataSource": { - "markdownDescription": "The source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", - "type": "string" - }, - "DataType": { - "markdownDescription": "The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) .", - "title": "DataType", - "type": "string" - }, - "DefaultValue": { - "markdownDescription": "The default value of the event variable", - "title": "DefaultValue", - "type": "string" - }, - "Description": { - "markdownDescription": "The event variable description.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the event variable was last updated.", - "title": "LastUpdatedTime", - "type": "string" }, - "Name": { - "markdownDescription": "The name of the event variable.", - "title": "Name", + "UsernameClaim": { + "markdownDescription": "The JSON Web token (JWT) claim that is used as the username.", + "title": "UsernameClaim", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "VariableType": { - "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) .", - "title": "VariableType", + "UsernamePrefix": { + "markdownDescription": "The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain `system:`", + "title": "UsernamePrefix", "type": "string" } }, + "required": [ + "ClientId", + "IssuerUrl" + ], "type": "object" }, - "AWS::FraudDetector::EventType.Label": { + "AWS::EKS::IdentityProviderConfig.RequiredClaim": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The label ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The label description.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the label was last updated.", - "title": "LastUpdatedTime", + "Key": { + "markdownDescription": "The key to match from the token.", + "title": "Key", "type": "string" }, - "Name": { - "markdownDescription": "The label name.", - "title": "Name", + "Value": { + "markdownDescription": "The value for the key from the token.", + "title": "Value", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::FraudDetector::Label": { + "AWS::EKS::Nodegroup": { "additionalProperties": false, "properties": { "Condition": { @@ -102305,33 +108678,133 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The label description.", - "title": "Description", + "AmiType": { + "markdownDescription": "The AMI type for your node group. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `amiType` , or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add `eks:kube-proxy-windows` to your Windows nodes `rolearn` in the `aws-auth` `ConfigMap` . For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "AmiType", "type": "string" }, - "Name": { - "markdownDescription": "The label name.\n\nPattern: `^[0-9a-z_-]+$`", - "title": "Name", + "CapacityType": { + "markdownDescription": "The capacity type of your managed node group.", + "title": "CapacityType", "type": "string" }, - "Tags": { + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", + "type": "string" + }, + "DiskSize": { + "markdownDescription": "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify `launchTemplate` , then don't specify `diskSize` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "DiskSize", + "type": "number" + }, + "ForceUpdateEnabled": { + "markdownDescription": "Force the update if any `Pod` on the existing node group can't be drained due to a `Pod` disruption budget issue. If an update fails because all Pods can't be drained, you can force the update after it fails to terminate the old node whether or not any `Pod` is running on the node.", + "title": "ForceUpdateEnabled", + "type": "boolean" + }, + "InstanceTypes": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" + }, + "markdownDescription": "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the `amiType` parameter. If you specify `launchTemplate` , then you can specify zero or one instance type in your launch template *or* you can specify 0-20 instance types for `instanceTypes` . If however, you specify an instance type in your launch template *and* specify any `instanceTypes` , the node group deployment will fail. If you don't specify an instance type in a launch template or for `instanceTypes` , then `t3.medium` is used, by default. If you specify `Spot` for `capacityType` , then we recommend specifying multiple values for `instanceTypes` . For more information, see [Managed node group capacity types](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "InstanceTypes", + "type": "array" + }, + "Labels": { + "additionalProperties": true, + "markdownDescription": "The Kubernetes `labels` applied to the nodes in the node group.\n\n> Only `labels` that are applied with the Amazon EKS API are shown here. There may be other Kubernetes `labels` applied to the nodes in this group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Labels", + "type": "object" + }, + "LaunchTemplate": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.LaunchTemplateSpecification", + "markdownDescription": "An object representing a node group's launch template specification. When using this object, don't directly specify `instanceTypes` , `diskSize` , or `remoteAccess` . You cannot later specify a different launch template ID or name than what was used to create the node group.\n\nMake sure that the launch template meets the requirements in `launchTemplateSpecification` . Also refer to [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "LaunchTemplate" + }, + "NodeRepairConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.NodeRepairConfig", + "markdownDescription": "The node auto repair configuration for the node group.", + "title": "NodeRepairConfig" + }, + "NodeRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the **Amazon EKS User Guide** . If you specify `launchTemplate` , then don't specify `[IamInstanceProfile](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "NodeRole", + "type": "string" + }, + "NodegroupName": { + "markdownDescription": "The unique name to give your node group.", + "title": "NodegroupName", + "type": "string" + }, + "ReleaseVersion": { + "markdownDescription": "The AMI version of the Amazon EKS optimized AMI to use with your node group (for example, `1.14.7- *YYYYMMDD*` ). By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see [Amazon EKS optimized Linux AMI Versions](https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the *Amazon EKS User Guide* .\n\n> Changing this value triggers an update of the node group if one is available. You can't update other properties at the same time as updating `Release Version` .", + "title": "ReleaseVersion", + "type": "string" + }, + "RemoteAccess": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.RemoteAccess", + "markdownDescription": "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify `launchTemplate` , then don't specify `remoteAccess` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "RemoteAccess" + }, + "ScalingConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.ScalingConfig", + "markdownDescription": "The scaling configuration details for the Auto Scaling group that is created for your node group.", + "title": "ScalingConfig" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnets to use for the Auto Scaling group that is created for your node group. If you specify `launchTemplate` , then don't specify `[SubnetId](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "Subnets", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", + "type": "object" + }, + "Taints": { + "items": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.Taint" + }, + "markdownDescription": "The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of `No_Schedule` , `Prefer_No_Schedule` , or `No_Execute` . Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see [Node taints on managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html) .", + "title": "Taints", "type": "array" + }, + "UpdateConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.UpdateConfig", + "markdownDescription": "The node group update configuration.", + "title": "UpdateConfig" + }, + "Version": { + "markdownDescription": "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `version` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Launch template support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .\n\n> You can't update other properties at the same time as updating `Version` .", + "title": "Version", + "type": "string" } }, "required": [ - "Name" + "ClusterName", + "NodeRole", + "Subnets" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::Label" + "AWS::EKS::Nodegroup" ], "type": "string" }, @@ -102350,7 +108823,124 @@ ], "type": "object" }, - "AWS::FraudDetector::List": { + "AWS::EKS::Nodegroup.LaunchTemplateSpecification": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name in the request, but not both. After node group creation, you cannot use a different ID.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template name or the launch template ID in the request, but not both. After node group creation, you cannot use a different name.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The version number of the launch template to use. If no version is specified, then the template's default version is used. You can use a different version for node group updates.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Nodegroup.NodeRepairConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether to enable node auto repair for the node group. Node auto repair is disabled by default.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Nodegroup.RemoteAccess": { + "additionalProperties": false, + "properties": { + "Ec2SshKey": { + "markdownDescription": "The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* .", + "title": "Ec2SshKey", + "type": "string" + }, + "SourceSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "SourceSecurityGroups", + "type": "array" + } + }, + "required": [ + "Ec2SshKey" + ], + "type": "object" + }, + "AWS::EKS::Nodegroup.ScalingConfig": { + "additionalProperties": false, + "properties": { + "DesiredSize": { + "markdownDescription": "The current number of nodes that the managed node group should maintain.\n\n> If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. \n\nWhenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template.\n\nThis parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` .", + "title": "DesiredSize", + "type": "number" + }, + "MaxSize": { + "markdownDescription": "The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* .", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "The minimum number of nodes that the managed node group can scale in to.", + "title": "MinSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EKS::Nodegroup.Taint": { + "additionalProperties": false, + "properties": { + "Effect": { + "markdownDescription": "The effect of the taint.", + "title": "Effect", + "type": "string" + }, + "Key": { + "markdownDescription": "The key of the taint.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the taint.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Nodegroup.UpdateConfig": { + "additionalProperties": false, + "properties": { + "MaxUnavailable": { + "markdownDescription": "The maximum number of nodes unavailable at once during a version update. Nodes are updated in parallel. This value or `maxUnavailablePercentage` is required to have a value.The maximum number is 100.", + "title": "MaxUnavailable", + "type": "number" + }, + "MaxUnavailablePercentage": { + "markdownDescription": "The maximum percentage of nodes unavailable during a version update. This percentage of nodes are updated in parallel, up to 100 nodes at once. This value or `maxUnavailable` is required to have a value.", + "title": "MaxUnavailablePercentage", + "type": "number" + }, + "UpdateStrategy": { + "markdownDescription": "The configuration for the behavior to follow during a node group version update of this managed node group. You choose between two possible strategies for replacing nodes during an [`UpdateNodegroupVersion`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateNodegroupVersion.html) action.\n\nAn Amazon EKS managed node group updates by replacing nodes with new nodes of newer AMI versions in parallel. The *update strategy* changes the managed node update behavior of the managed node group for each quantity. The *default* strategy has guardrails to protect you from misconfiguration and launches the new instances first, before terminating the old instances. The *minimal* strategy removes the guardrails and terminates the old instances before launching the new instances. This minimal strategy is useful in scenarios where you are constrained to resources or costs (for example, with hardware accelerators such as GPUs).", + "title": "UpdateStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::PodIdentityAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -102385,46 +108975,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the list.", - "title": "Description", + "ClusterName": { + "markdownDescription": "The name of the cluster that the association is in.", + "title": "ClusterName", "type": "string" }, - "Elements": { - "items": { - "type": "string" - }, - "markdownDescription": "The elements in the list.", - "title": "Elements", - "type": "array" + "DisableSessionTags": { + "markdownDescription": "The state of the automatic sessions tags. The value of *true* disables these tags.\n\nEKS Pod Identity adds a pre-defined set of session tags when it assumes the role. You can use these tags to author a single role that can work across resources by allowing access to AWS resources based on matching tags. By default, EKS Pod Identity attaches six tags, including tags for cluster name, namespace, and service account name. For the list of tags added by EKS Pod Identity, see [List of session tags added by EKS Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-id-abac.html#pod-id-abac-tags) in the *Amazon EKS User Guide* .", + "title": "DisableSessionTags", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the list.", - "title": "Name", + "Namespace": { + "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the Pods that use the service account must be in this namespace.", + "title": "Namespace", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", + "title": "RoleArn", + "type": "string" + }, + "ServiceAccount": { + "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", + "title": "ServiceAccount", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" }, - "VariableType": { - "markdownDescription": "The variable type of the list. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types)", - "title": "VariableType", + "TargetRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target IAM role to associate with the service account. This role is assumed by using the EKS Pod Identity association role, then the credentials for this role are injected into the Pod.", + "title": "TargetRoleArn", "type": "string" } }, "required": [ - "Name" + "ClusterName", + "Namespace", + "RoleArn", + "ServiceAccount" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::List" + "AWS::EKS::PodIdentityAssociation" ], "type": "string" }, @@ -102443,7 +109043,7 @@ ], "type": "object" }, - "AWS::FraudDetector::Outcome": { + "AWS::EMR::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -102478,136 +109078,171 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The outcome description.", - "title": "Description", - "type": "string" + "AdditionalInfo": { + "markdownDescription": "A JSON string for selecting additional features.", + "title": "AdditionalInfo", + "type": "object" }, - "Name": { - "markdownDescription": "The outcome name.", - "title": "Name", + "Applications": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Application" + }, + "markdownDescription": "The applications to install on this cluster, for example, Spark, Flink, Oozie, Zeppelin, and so on.", + "title": "Applications", + "type": "array" + }, + "AutoScalingRole": { + "markdownDescription": "An IAM role for automatic scaling policies. The default role is `EMR_AutoScaling_DefaultRole` . The IAM role provides permissions that the automatic scaling feature requires to launch and terminate Amazon EC2 instances in an instance group.", + "title": "AutoScalingRole", "type": "string" }, - "Tags": { + "AutoTerminationPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.AutoTerminationPolicy", + "markdownDescription": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see [Control cluster termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) .", + "title": "AutoTerminationPolicy" + }, + "BootstrapActions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EMR::Cluster.BootstrapActionConfig" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "A list of bootstrap actions to run before Hadoop starts on the cluster nodes.", + "title": "BootstrapActions", "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::FraudDetector::Outcome" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::FraudDetector::Variable": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" }, - { + "Configurations": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, + "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", + "title": "Configurations", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataSource": { - "markdownDescription": "The data source of the variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", + }, + "CustomAmiId": { + "markdownDescription": "Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.", + "title": "CustomAmiId", "type": "string" }, - "DataType": { - "markdownDescription": "The data type of the variable.\n\nValid data types: `STRING | INTEGER | BOOLEAN | FLOAT`", - "title": "DataType", + "EbsRootVolumeIops": { + "markdownDescription": "The IOPS, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", + "title": "EbsRootVolumeIops", + "type": "number" + }, + "EbsRootVolumeSize": { + "markdownDescription": "The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.", + "title": "EbsRootVolumeSize", + "type": "number" + }, + "EbsRootVolumeThroughput": { + "markdownDescription": "The throughput, in MiB/s, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", + "title": "EbsRootVolumeThroughput", + "type": "number" + }, + "Instances": { + "$ref": "#/definitions/AWS::EMR::Cluster.JobFlowInstancesConfig", + "markdownDescription": "A specification of the number and type of Amazon EC2 instances.", + "title": "Instances" + }, + "JobFlowRole": { + "markdownDescription": "Also called instance profile and Amazon EC2 role. An IAM role for an Amazon EMR cluster. The Amazon EC2 instances of the cluster assume this role. The default role is `EMR_EC2_DefaultRole` . In order to use the default role, you must have already created it using the AWS CLI or console.", + "title": "JobFlowRole", "type": "string" }, - "DefaultValue": { - "markdownDescription": "The default value of the variable.", - "title": "DefaultValue", + "KerberosAttributes": { + "$ref": "#/definitions/AWS::EMR::Cluster.KerberosAttributes", + "markdownDescription": "Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration. For more information see [Use Kerberos Authentication](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-kerberos.html) in the *Amazon EMR Management Guide* .", + "title": "KerberosAttributes" + }, + "LogEncryptionKmsKeyId": { + "markdownDescription": "The AWS KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding Amazon EMR 6.0.0.", + "title": "LogEncryptionKmsKeyId", "type": "string" }, - "Description": { - "markdownDescription": "The description of the variable.", - "title": "Description", + "LogUri": { + "markdownDescription": "The path to the Amazon S3 location where logs for this cluster are stored.", + "title": "LogUri", "type": "string" }, + "ManagedScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.ManagedScalingPolicy", + "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "ManagedScalingPolicy" + }, "Name": { - "markdownDescription": "The name of the variable.\n\nPattern: `^[0-9a-z_-]+$`", + "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", "title": "Name", "type": "string" }, + "OSReleaseLabel": { + "markdownDescription": "The Amazon Linux release specified in a cluster launch RunJobFlow request. If no Amazon Linux release was specified, the default Amazon Linux release is shown in the response.", + "title": "OSReleaseLabel", + "type": "string" + }, + "PlacementGroupConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.PlacementGroupConfig" + }, + "markdownDescription": "", + "title": "PlacementGroupConfigs", + "type": "array" + }, + "ReleaseLabel": { + "markdownDescription": "The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form `emr-x.x.x` , where x.x.x is an Amazon EMR release version such as `emr-5.14.0` . For more information about Amazon EMR release versions and included application versions and features, see [](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/) . The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use `AmiVersion` .", + "title": "ReleaseLabel", + "type": "string" + }, + "ScaleDownBehavior": { + "markdownDescription": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. `TERMINATE_AT_INSTANCE_HOUR` indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. `TERMINATE_AT_TASK_COMPLETION` indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. `TERMINATE_AT_TASK_COMPLETION` is available only in Amazon EMR releases 4.1.0 and later, and is the default for versions of Amazon EMR earlier than 5.1.0.", + "title": "ScaleDownBehavior", + "type": "string" + }, + "SecurityConfiguration": { + "markdownDescription": "The name of the security configuration applied to the cluster.", + "title": "SecurityConfiguration", + "type": "string" + }, + "ServiceRole": { + "markdownDescription": "The IAM role that Amazon EMR assumes in order to access AWS resources on your behalf.", + "title": "ServiceRole", + "type": "string" + }, + "StepConcurrencyLevel": { + "markdownDescription": "Specifies the number of steps that can be executed concurrently. The default value is `1` . The maximum value is `256` .", + "title": "StepConcurrencyLevel", + "type": "number" + }, + "Steps": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.StepConfig" + }, + "markdownDescription": "A list of steps to run.", + "title": "Steps", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of tags associated with a cluster.", "title": "Tags", "type": "array" }, - "VariableType": { - "markdownDescription": "The type of the variable. For more information see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .\n\nValid Values: `AUTH_CODE | AVS | BILLING_ADDRESS_L1 | BILLING_ADDRESS_L2 | BILLING_CITY | BILLING_COUNTRY | BILLING_NAME | BILLING_PHONE | BILLING_STATE | BILLING_ZIP | CARD_BIN | CATEGORICAL | CURRENCY_CODE | EMAIL_ADDRESS | FINGERPRINT | FRAUD_LABEL | FREE_FORM_TEXT | IP_ADDRESS | NUMERIC | ORDER_ID | PAYMENT_TYPE | PHONE_NUMBER | PRICE | PRODUCT_CATEGORY | SHIPPING_ADDRESS_L1 | SHIPPING_ADDRESS_L2 | SHIPPING_CITY | SHIPPING_COUNTRY | SHIPPING_NAME | SHIPPING_PHONE | SHIPPING_STATE | SHIPPING_ZIP | USERAGENT`", - "title": "VariableType", - "type": "string" + "VisibleToAllUsers": { + "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", + "title": "VisibleToAllUsers", + "type": "boolean" } }, "required": [ - "DataSource", - "DataType", - "DefaultValue", - "Name" + "Instances", + "JobFlowRole", + "Name", + "ServiceRole" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::Variable" + "AWS::EMR::Cluster" ], "type": "string" }, @@ -102626,1010 +109261,1009 @@ ], "type": "object" }, - "AWS::GameLift::Alias": { + "AWS::EMR::Cluster.Application": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "AdditionalInfo": { + "additionalProperties": true, + "markdownDescription": "This option is for advanced users only. This is meta information about clusters and applications that are used for testing and troubleshooting.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "AdditionalInfo", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A human-readable description of the alias.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with an alias. Alias names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "RoutingStrategy": { - "$ref": "#/definitions/AWS::GameLift::Alias.RoutingStrategy", - "markdownDescription": "The routing configuration, including routing type and fleet target, for the alias.", - "title": "RoutingStrategy" - } + "Args": { + "items": { + "type": "string" }, - "required": [ - "Name", - "RoutingStrategy" - ], - "type": "object" + "markdownDescription": "Arguments for Amazon EMR to pass to the application.", + "title": "Args", + "type": "array" }, - "Type": { - "enum": [ - "AWS::GameLift::Alias" - ], + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Version": { + "markdownDescription": "The version of the application.", + "title": "Version", "type": "string" } }, + "type": "object" + }, + "AWS::EMR::Cluster.AutoScalingPolicy": { + "additionalProperties": false, + "properties": { + "Constraints": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingConstraints", + "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", + "title": "Constraints" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingRule" + }, + "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", + "title": "Rules", + "type": "array" + } + }, "required": [ - "Type", - "Properties" + "Constraints", + "Rules" ], "type": "object" }, - "AWS::GameLift::Alias.RoutingStrategy": { + "AWS::EMR::Cluster.AutoTerminationPolicy": { "additionalProperties": false, "properties": { - "FleetId": { - "markdownDescription": "A unique identifier for a fleet that the alias points to. If you specify `SIMPLE` for the `Type` property, you must specify this property.", - "title": "FleetId", - "type": "string" - }, - "Message": { - "markdownDescription": "The message text to be used with a terminal routing strategy. If you specify `TERMINAL` for the `Type` property, you must specify this property.", - "title": "Message", + "IdleTimeout": { + "markdownDescription": "Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of 60 seconds and a maximum of 604800 seconds (seven days).", + "title": "IdleTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.BootstrapActionConfig": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the bootstrap action.", + "title": "Name", "type": "string" }, - "Type": { - "markdownDescription": "A type of routing strategy.\n\nPossible routing types include the following:\n\n- *SIMPLE* - The alias resolves to one specific fleet. Use this type when routing to active fleets.\n- *TERMINAL* - The alias does not resolve to a fleet but instead can be used to display a message to the user. A terminal alias throws a `TerminalRoutingStrategyException` with the message that you specified in the `Message` property.", - "title": "Type", - "type": "string" + "ScriptBootstrapAction": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScriptBootstrapActionConfig", + "markdownDescription": "The script run by the bootstrap action.", + "title": "ScriptBootstrapAction" } }, "required": [ - "Type" + "Name", + "ScriptBootstrapAction" ], "type": "object" }, - "AWS::GameLift::Build": { + "AWS::EMR::Cluster.CloudWatchAlarmDefinition": { "additionalProperties": false, "properties": { - "Condition": { + "ComparisonOperator": { + "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", + "title": "ComparisonOperator", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.MetricDimension" + }, + "markdownDescription": "A CloudWatch metric dimension.", + "title": "Dimensions", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EvaluationPeriods": { + "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", + "title": "EvaluationPeriods", + "type": "number" }, - "Metadata": { - "type": "object" + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", + "title": "MetricName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A descriptive label that is associated with a build. Build names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "OperatingSystem": { - "markdownDescription": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", - "title": "OperatingSystem", - "type": "string" - }, - "ServerSdkVersion": { - "markdownDescription": "A server SDK version you used when integrating your game server build with Amazon GameLift Servers. For more information see [Integrate games with custom game servers](https://docs.aws.amazon.com/gamelift/latest/developerguide/integration-custom-intro.html) . By default Amazon GameLift Servers sets this value to `4.0.2` .", - "title": "ServerSdkVersion", - "type": "string" - }, - "StorageLocation": { - "$ref": "#/definitions/AWS::GameLift::Build.StorageLocation", - "markdownDescription": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift Servers to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift Servers will report a `SizeOnDisk` of 0.", - "title": "StorageLocation" - }, - "Version": { - "markdownDescription": "Version information that is associated with this build. Version strings do not need to be unique.", - "title": "Version", - "type": "string" - } - }, - "type": "object" + "Namespace": { + "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", + "title": "Namespace", + "type": "string" }, - "Type": { - "enum": [ - "AWS::GameLift::Build" - ], + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", + "title": "Statistic", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", + "title": "Unit", "type": "string" } }, "required": [ - "Type" + "ComparisonOperator", + "MetricName", + "Period", + "Threshold" ], "type": "object" }, - "AWS::GameLift::Build.StorageLocation": { + "AWS::EMR::Cluster.ComputeLimits": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "An Amazon S3 bucket identifier. The name of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", - "title": "Bucket", - "type": "string" + "MaximumCapacityUnits": { + "markdownDescription": "The upper boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "MaximumCapacityUnits", + "type": "number" }, - "Key": { - "markdownDescription": "The name of the zip file that contains the build files or script files.", - "title": "Key", - "type": "string" + "MaximumCoreCapacityUnits": { + "markdownDescription": "The upper boundary of Amazon EC2 units for core node type in a cluster. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The core units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between core and task nodes.", + "title": "MaximumCoreCapacityUnits", + "type": "number" }, - "ObjectVersion": { - "markdownDescription": "A version of a stored file to retrieve, if the object versioning feature is turned on for the S3 bucket. Use this parameter to specify a specific version. If this parameter isn't set, Amazon GameLift Servers retrieves the latest version of the file.", - "title": "ObjectVersion", - "type": "string" + "MaximumOnDemandCapacityUnits": { + "markdownDescription": "The upper boundary of On-Demand Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The On-Demand units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between On-Demand and Spot Instances.", + "title": "MaximumOnDemandCapacityUnits", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The ARNfor an IAM role that allows Amazon GameLift to access the S3 bucket.", - "title": "RoleArn", + "MinimumCapacityUnits": { + "markdownDescription": "The lower boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "MinimumCapacityUnits", + "type": "number" + }, + "UnitType": { + "markdownDescription": "The unit type used for specifying a managed scaling policy.", + "title": "UnitType", "type": "string" } }, "required": [ - "Bucket", - "Key", - "RoleArn" + "MaximumCapacityUnits", + "MinimumCapacityUnits", + "UnitType" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition": { + "AWS::EMR::Cluster.Configuration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContainerDefinitions": { - "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDefinition" - }, - "type": "array" - }, - "Name": { - "markdownDescription": "A descriptive identifier for the container group definition. The name value is unique in an AWS Region.", - "title": "Name", - "type": "string" - }, - "OperatingSystem": { - "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", - "title": "OperatingSystem", - "type": "string" - }, - "SchedulingStrategy": { + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - }, - "TotalCpuLimit": { - "type": "number" - }, - "TotalMemoryLimit": { - "type": "number" } }, - "required": [ - "ContainerDefinitions", - "Name", - "OperatingSystem", - "TotalCpuLimit", - "TotalMemoryLimit" - ], + "title": "ConfigurationProperties", "type": "object" }, - "Type": { - "enum": [ - "AWS::GameLift::ContainerGroupDefinition" - ], - "type": "string" + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + }, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.EbsBlockDeviceConfig": { + "additionalProperties": false, + "properties": { + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" } }, "required": [ - "Type", - "Properties" + "VolumeSpecification" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerDefinition": { + "AWS::EMR::Cluster.EbsConfiguration": { "additionalProperties": false, "properties": { - "Command": { + "EbsBlockDeviceConfigs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.EbsBlockDeviceConfig" }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", "type": "array" }, - "ContainerName": { - "type": "string" - }, - "Cpu": { - "type": "number" - }, - "DependsOn": { + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.HadoopJarStepConfig": { + "additionalProperties": false, + "properties": { + "Args": { "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" + "type": "string" }, + "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", + "title": "Args", "type": "array" }, - "EntryPoint": { + "Jar": { + "markdownDescription": "A path to a JAR file run during the step.", + "title": "Jar", + "type": "string" + }, + "MainClass": { + "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", + "title": "MainClass", + "type": "string" + }, + "StepProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.KeyValue" }, + "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key-value pairs to your main function.", + "title": "StepProperties", "type": "array" - }, - "Environment": { + } + }, + "required": [ + "Jar" + ], + "type": "object" + }, + "AWS::EMR::Cluster.InstanceFleetConfig": { + "additionalProperties": false, + "properties": { + "InstanceTypeConfigs": { "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceTypeConfig" }, + "markdownDescription": "The instance type configurations that define the Amazon EC2 instances in the instance fleet.", + "title": "InstanceTypeConfigs", "type": "array" }, - "Essential": { - "type": "boolean" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck" + "LaunchSpecifications": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications", + "markdownDescription": "The launch specification for the instance fleet.", + "title": "LaunchSpecifications" }, - "ImageUri": { + "Name": { + "markdownDescription": "The friendly name of the instance fleet.", + "title": "Name", "type": "string" }, - "MemoryLimits": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.MemoryLimits" - }, - "PortConfiguration": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration" + "ResizeSpecifications": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetResizingSpecifications", + "markdownDescription": "The resize specification for the instance fleet.", + "title": "ResizeSpecifications" }, - "ResolvedImageDigest": { - "type": "string" + "TargetOnDemandCapacity": { + "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetOnDemandCapacity", + "type": "number" }, - "WorkingDirectory": { - "type": "string" + "TargetSpotCapacity": { + "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetSpotCapacity", + "type": "number" } }, - "required": [ - "ContainerName", - "ImageUri" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerDependency": { + "AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "The condition that the dependency container must reach before the dependent container can start. Valid conditions include:\n\n- START - The dependency container must have started.\n- COMPLETE - The dependency container has run to completion (exits). Use this condition with nonessential containers, such as those that run a script and then exit. The dependency container can't be an essential container.\n- SUCCESS - The dependency container has run to completion and exited with a zero status. The dependency container can't be an essential container.\n- HEALTHY - The dependency container has passed its Docker health check. Use this condition with dependency containers that have health checks configured. This condition is confirmed at container group startup only.", - "title": "Condition", - "type": "string" + "OnDemandSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandProvisioningSpecification", + "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", + "title": "OnDemandSpecification" }, - "ContainerName": { - "markdownDescription": "A descriptive label for the container definition that this container depends on.", - "title": "ContainerName", - "type": "string" + "SpotSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.SpotProvisioningSpecification", + "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", + "title": "SpotSpecification" } }, - "required": [ - "Condition", - "ContainerName" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment": { + "AWS::EMR::Cluster.InstanceFleetResizingSpecifications": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The environment variable name.", - "title": "Name", - "type": "string" + "OnDemandResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandResizingSpecification", + "markdownDescription": "The resize specification for On-Demand Instances in the instance fleet, which contains the allocation strategy, capacity reservation options, and the resize timeout period.", + "title": "OnDemandResizeSpecification" }, - "Value": { - "markdownDescription": "The environment variable value.", - "title": "Value", - "type": "string" + "SpotResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.SpotResizingSpecification", + "markdownDescription": "The resize specification for Spot Instances in the instance fleet, which contains the allocation strategy and the resize timeout period.", + "title": "SpotResizeSpecification" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck": { + "AWS::EMR::Cluster.InstanceGroupConfig": { "additionalProperties": false, "properties": { - "Command": { + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.AutoScalingPolicy", + "markdownDescription": "`AutoScalingPolicy` is a subproperty of the [InstanceGroupConfig](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-emr-cluster-jobflowinstancesconfig-instancegroupconfig.html) property type that specifies the constraints and rules of an automatic scaling policy in Amazon EMR . The automatic scaling policy defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. Only core and task instance groups can use automatic scaling policies. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) .", + "title": "AutoScalingPolicy" + }, + "BidPrice": { + "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", + "title": "BidPrice", + "type": "string" + }, + "Configurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, - "markdownDescription": "A string array that specifies the command that the container runs to determine if it's healthy.", - "title": "Command", + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", + "title": "Configurations", "type": "array" }, - "Interval": { - "markdownDescription": "The time period (in seconds) between each health check.", - "title": "Interval", - "type": "number" + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", + "title": "CustomAmiId", + "type": "string" }, - "Retries": { - "markdownDescription": "The number of times to retry a failed health check before flagging the container unhealthy. The first run of the command does not count as a retry.", - "title": "Retries", - "type": "number" + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", + "markdownDescription": "EBS configurations that will be attached to each Amazon EC2 instance in the instance group.", + "title": "EbsConfiguration" }, - "StartPeriod": { - "markdownDescription": "The optional grace period (in seconds) to give a container time to bootstrap before the first failed health check counts toward the number of retries.", - "title": "StartPeriod", + "InstanceCount": { + "markdownDescription": "Target number of instances for the instance group.", + "title": "InstanceCount", "type": "number" }, - "Timeout": { - "markdownDescription": "The time period (in seconds) to wait for a health check to succeed before counting a failed health check.", - "title": "Timeout", - "type": "number" + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", + "title": "InstanceType", + "type": "string" + }, + "Market": { + "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", + "title": "Market", + "type": "string" + }, + "Name": { + "markdownDescription": "Friendly name given to the instance group.", + "title": "Name", + "type": "string" } }, "required": [ - "Command" + "InstanceCount", + "InstanceType" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerPortRange": { + "AWS::EMR::Cluster.InstanceTypeConfig": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "A starting value for the range of allowed port numbers.", - "title": "FromPort", + "BidPrice": { + "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPrice", + "type": "string" + }, + "BidPriceAsPercentageOfOnDemandPrice": { + "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPriceAsPercentageOfOnDemandPrice", "type": "number" }, - "Protocol": { - "markdownDescription": "The network protocol that these ports support.", - "title": "Protocol", + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + }, + "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", + "title": "Configurations", + "type": "array" + }, + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the instance type.", + "title": "CustomAmiId", "type": "string" }, - "ToPort": { - "markdownDescription": "An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", - "title": "ToPort", + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", + "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", + "title": "EbsConfiguration" + }, + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", + "title": "InstanceType", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority at which Amazon EMR launches the Amazon EC2 instances with this instance type. Priority starts at 0, which is the highest priority. Amazon EMR considers the highest priority first.", + "title": "Priority", + "type": "number" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", + "title": "WeightedCapacity", "type": "number" } }, "required": [ - "FromPort", - "Protocol", - "ToPort" + "InstanceType" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.MemoryLimits": { + "AWS::EMR::Cluster.JobFlowInstancesConfig": { "additionalProperties": false, "properties": { - "HardLimit": { - "type": "number" + "AdditionalMasterSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of additional Amazon EC2 security group IDs for the master node.", + "title": "AdditionalMasterSecurityGroups", + "type": "array" }, - "SoftLimit": { - "type": "number" - } - }, - "type": "object" - }, - "AWS::GameLift::ContainerGroupDefinition.PortConfiguration": { - "additionalProperties": false, - "properties": { - "ContainerPortRanges": { + "AdditionalSlaveSecurityGroups": { "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerPortRange" + "type": "string" }, - "markdownDescription": "", - "title": "ContainerPortRanges", + "markdownDescription": "A list of additional Amazon EC2 security group IDs for the core and task nodes.", + "title": "AdditionalSlaveSecurityGroups", "type": "array" - } - }, - "required": [ - "ContainerPortRanges" - ], - "type": "object" - }, - "AWS::GameLift::Fleet": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "CoreInstanceFleet": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the core instance fleet when using clusters with the instance fleet configuration.", + "title": "CoreInstanceFleet" + }, + "CoreInstanceGroup": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for core instance groups when using clusters with the uniform instance group configuration.", + "title": "CoreInstanceGroup" + }, + "Ec2KeyName": { + "markdownDescription": "The name of the Amazon EC2 key pair that can be used to connect to the master node using SSH as the user called \"hadoop.\"", + "title": "Ec2KeyName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Ec2SubnetId": { + "markdownDescription": "Applies to clusters that use the uniform instance group configuration. To launch the cluster in Amazon Virtual Private Cloud (Amazon VPC), set this parameter to the identifier of the Amazon VPC subnet where you want the cluster to launch. If you do not specify this value and your account supports EC2-Classic, the cluster launches in EC2-Classic.", + "title": "Ec2SubnetId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Ec2SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.", + "title": "Ec2SubnetIds", + "type": "array" }, - "Metadata": { - "type": "object" + "EmrManagedMasterSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the master node. If you specify `EmrManagedMasterSecurityGroup` , you must also specify `EmrManagedSlaveSecurityGroup` .", + "title": "EmrManagedMasterSecurityGroup", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnywhereConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.AnywhereConfiguration", - "markdownDescription": "Amazon GameLift Servers Anywhere configuration options.", - "title": "AnywhereConfiguration" - }, - "ApplyCapacity": { - "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", - "title": "ApplyCapacity", - "type": "string" - }, - "BuildId": { - "markdownDescription": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a `READY` status. This fleet setting cannot be changed once the fleet is created.", - "title": "BuildId", - "type": "string" - }, - "CertificateConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.CertificateConfiguration", - "markdownDescription": "Prompts Amazon GameLift Servers to generate a TLS/SSL certificate for the fleet. Amazon GameLift Servers uses the certificates to encrypt traffic between game clients and the game servers running on Amazon GameLift Servers. By default, the `CertificateConfiguration` is `DISABLED` . You can't change this property after you create the fleet.\n\nAWS Certificate Manager (ACM) certificates expire after 13 months. Certificate expiration can cause fleets to fail, preventing players from connecting to instances in the fleet. We recommend you replace fleets before 13 months, consider using fleet aliases for a smooth transition.\n\n> ACM isn't available in all AWS regions. A fleet creation request with certificate generation enabled in an unsupported Region, fails with a 4xx error. For more information about the supported Regions, see [Supported Regions](https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html) in the *AWS Certificate Manager User Guide* .", - "title": "CertificateConfiguration" - }, - "ComputeType": { - "markdownDescription": "The type of compute resource used to host your game servers.\n\n- `EC2` \u2013 The game server build is deployed to Amazon EC2 instances for cloud hosting. This is the default setting.\n- `ANYWHERE` \u2013 Game servers and supporting software are deployed to compute resources that you provide and manage. With this compute type, you can also set the `AnywhereConfiguration` parameter.", - "title": "ComputeType", - "type": "string" - }, - "ContainerGroupsConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ContainerGroupsConfiguration" - }, - "Description": { - "markdownDescription": "A description for the fleet.", - "title": "Description", - "type": "string" - }, - "DesiredEC2Instances": { - "type": "number" - }, - "EC2InboundPermissions": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.IpPermission" - }, - "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet. Set this parameter for managed EC2 fleets. You can leave this parameter empty when creating the fleet, but you must call [](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings) to set it before players can connect to game sessions. As a best practice, we recommend opening ports for remote access only when you need them and closing them when you're finished. For Amazon GameLift Servers Realtime fleets, Amazon GameLift Servers automatically sets TCP and UDP ranges.", - "title": "EC2InboundPermissions", - "type": "array" - }, - "EC2InstanceType": { - "markdownDescription": "The Amazon GameLift Servers-supported Amazon EC2 instance type to use with managed EC2 fleets. Instance type determines the computing resources that will be used to host your game servers, including CPU, memory, storage, and networking capacity. See [Amazon Elastic Compute Cloud Instance Types](https://docs.aws.amazon.com/ec2/instance-types/) for detailed descriptions of Amazon EC2 instance types.", - "title": "EC2InstanceType", - "type": "string" - }, - "FleetType": { - "markdownDescription": "Indicates whether to use On-Demand or Spot instances for this fleet. By default, this property is set to `ON_DEMAND` . Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . This fleet property can't be changed after the fleet is created.", - "title": "FleetType", - "type": "string" - }, - "InstanceRoleARN": { - "markdownDescription": "A unique identifier for an IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN by using the [IAM dashboard](https://docs.aws.amazon.com/iam/) in the AWS Management Console . Learn more about using on-box credentials for your game servers at [Access external resources from a game server](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", - "title": "InstanceRoleARN", - "type": "string" - }, - "InstanceRoleCredentialsProvider": { - "markdownDescription": "Indicates that fleet instances maintain a shared credentials file for the IAM role defined in `InstanceRoleArn` . Shared credentials allow applications that are deployed with the game server executable to communicate with other AWS resources. This property is used only when the game server is integrated with the server SDK version 5.x. For more information about using shared credentials, see [Communicate with other AWS resources from your fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", - "title": "InstanceRoleCredentialsProvider", - "type": "string" - }, - "Locations": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.LocationConfiguration" - }, - "markdownDescription": "A set of remote locations to deploy additional instances to and manage as a multi-location fleet. Use this parameter when creating a fleet in AWS Regions that support multiple locations. You can add any AWS Region or Local Zone that's supported by Amazon GameLift Servers. Provide a list of one or more AWS Region codes, such as `us-west-2` , or Local Zone names. When using this parameter, Amazon GameLift Servers requires you to include your home location in the request. For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", - "title": "Locations", - "type": "array" - }, - "MaxSize": { - "type": "number" - }, - "MetricGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. A metric group is used to aggregate the metrics for multiple fleets. You can specify an existing metric group name or set a new name to create a new metric group. A fleet can be included in only one metric group at a time.", - "title": "MetricGroups", - "type": "array" - }, - "MinSize": { - "type": "number" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "NewGameSessionProtectionPolicy": { - "markdownDescription": "The status of termination protection for active game sessions on the fleet. By default, this property is set to `NoProtection` .\n\n- *NoProtection* - Game sessions can be terminated during active gameplay as a result of a scale-down event.\n- *FullProtection* - Game sessions in `ACTIVE` status cannot be terminated during a scale-down event.", - "title": "NewGameSessionProtectionPolicy", - "type": "string" - }, - "PeerVpcAwsAccountId": { - "markdownDescription": "Used when peering your Amazon GameLift Servers fleet with a VPC, the unique identifier for the AWS account that owns the VPC. You can find your account ID in the AWS Management Console under account settings.", - "title": "PeerVpcAwsAccountId", - "type": "string" - }, - "PeerVpcId": { - "markdownDescription": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift Servers fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the [VPC Dashboard](https://docs.aws.amazon.com/vpc/) in the AWS Management Console . Learn more about VPC peering in [VPC Peering with Amazon GameLift Servers Fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/vpc-peering.html) .", - "title": "PeerVpcId", - "type": "string" - }, - "ResourceCreationLimitPolicy": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", - "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", - "title": "ResourceCreationLimitPolicy" - }, - "RuntimeConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.RuntimeConfiguration", - "markdownDescription": "Instructions for how to launch and maintain server processes on instances in the fleet. The runtime configuration defines one or more server process configurations, each identifying a build executable or Realtime script file and the number of processes of that type to run concurrently.\n\n> The `RuntimeConfiguration` parameter is required unless the fleet is being configured using the older parameters `ServerLaunchPath` and `ServerLaunchParameters` , which are still supported for backward compatibility.", - "title": "RuntimeConfiguration" - }, - "ScalingPolicies": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ScalingPolicy" - }, - "markdownDescription": "Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.", - "title": "ScalingPolicies", - "type": "array" - }, - "ScriptId": { - "markdownDescription": "The unique identifier for a Realtime configuration script to be deployed on fleet instances. You can use either the script ID or ARN. Scripts must be uploaded to Amazon GameLift Servers prior to creating the fleet. This fleet property cannot be changed later.\n\n> You can't use the `!Ref` command to reference a script created with a CloudFormation template for the fleet property `ScriptId` . Instead, use `Fn::GetAtt Script.Arn` or `Fn::GetAtt Script.Id` to retrieve either of these properties as input for `ScriptId` . Alternatively, enter a `ScriptId` string manually.", - "title": "ScriptId", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" + "EmrManagedSlaveSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the core and task nodes. If you specify `EmrManagedSlaveSecurityGroup` , you must also specify `EmrManagedMasterSecurityGroup` .", + "title": "EmrManagedSlaveSecurityGroup", + "type": "string" }, - "Type": { - "enum": [ - "AWS::GameLift::Fleet" - ], + "HadoopVersion": { + "markdownDescription": "Applies only to Amazon EMR release versions earlier than 4.0. The Hadoop version for the cluster. Valid inputs are \"0.18\" (no longer maintained), \"0.20\" (no longer maintained), \"0.20.205\" (no longer maintained), \"1.0.3\", \"2.2.0\", or \"2.4.0\". If you do not set this value, the default of 0.18 is used, unless the `AmiVersion` parameter is set in the RunJobFlow call, in which case the default version of Hadoop for that AMI version is used.", + "title": "HadoopVersion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KeepJobFlowAliveWhenNoSteps": { + "markdownDescription": "Specifies whether the cluster should remain available after completing all steps. Defaults to `false` . For more information about configuring cluster termination, see [Control Cluster Termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) in the *EMR Management Guide* .", + "title": "KeepJobFlowAliveWhenNoSteps", + "type": "boolean" + }, + "MasterInstanceFleet": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance fleet when using clusters with the instance fleet configuration.", + "title": "MasterInstanceFleet" + }, + "MasterInstanceGroup": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance group when using clusters with the uniform instance group configuration.", + "title": "MasterInstanceGroup" + }, + "Placement": { + "$ref": "#/definitions/AWS::EMR::Cluster.PlacementType", + "markdownDescription": "The Availability Zone in which the cluster runs.", + "title": "Placement" + }, + "ServiceAccessSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the Amazon EMR service to access clusters in VPC private subnets.", + "title": "ServiceAccessSecurityGroup", "type": "string" + }, + "TaskInstanceFleets": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig" + }, + "markdownDescription": "Describes the EC2 instances and instance configurations for the task instance fleets when using clusters with the instance fleet configuration. These task instance fleets are added to the cluster as part of the cluster launch. Each task instance fleet must have a unique name specified so that CloudFormation can differentiate between the task instance fleets.\n\n> You can currently specify only one task instance fleet for a cluster. After creating the cluster, you can only modify the mutable properties of `InstanceFleetConfig` , which are `TargetOnDemandCapacity` and `TargetSpotCapacity` . Modifying any other property results in cluster replacement. > To allow a maximum of 30 Amazon EC2 instance types per fleet, include `TaskInstanceFleets` when you create your cluster. If you create your cluster without `TaskInstanceFleets` , Amazon EMR uses its default allocation strategy, which allows for a maximum of five Amazon EC2 instance types.", + "title": "TaskInstanceFleets", + "type": "array" + }, + "TaskInstanceGroups": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig" + }, + "markdownDescription": "Describes the EC2 instances and instance configurations for task instance groups when using clusters with the uniform instance group configuration. These task instance groups are added to the cluster as part of the cluster launch. Each task instance group must have a unique name specified so that CloudFormation can differentiate between the task instance groups.\n\n> After creating the cluster, you can only modify the mutable properties of `InstanceGroupConfig` , which are `AutoScalingPolicy` and `InstanceCount` . Modifying any other property results in cluster replacement.", + "title": "TaskInstanceGroups", + "type": "array" + }, + "TerminationProtected": { + "markdownDescription": "Specifies whether to lock the cluster to prevent the Amazon EC2 instances from being terminated by API call, user intervention, or in the event of a job-flow error.", + "title": "TerminationProtected", + "type": "boolean" + }, + "UnhealthyNodeReplacement": { + "markdownDescription": "Indicates whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster.", + "title": "UnhealthyNodeReplacement", + "type": "boolean" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::GameLift::Fleet.AnywhereConfiguration": { + "AWS::EMR::Cluster.KerberosAttributes": { "additionalProperties": false, "properties": { - "Cost": { - "markdownDescription": "The cost to run your fleet per hour. Amazon GameLift Servers uses the provided cost of your fleet to balance usage in queues. For more information about queues, see [Setting up queues](https://docs.aws.amazon.com/gamelift/latest/developerguide/queues-intro.html) in the *Amazon GameLift Servers Developer Guide* .", - "title": "Cost", + "ADDomainJoinPassword": { + "markdownDescription": "The Active Directory password for `ADDomainJoinUser` .", + "title": "ADDomainJoinPassword", + "type": "string" + }, + "ADDomainJoinUser": { + "markdownDescription": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.", + "title": "ADDomainJoinUser", + "type": "string" + }, + "CrossRealmTrustPrincipalPassword": { + "markdownDescription": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.", + "title": "CrossRealmTrustPrincipalPassword", + "type": "string" + }, + "KdcAdminPassword": { + "markdownDescription": "The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.", + "title": "KdcAdminPassword", + "type": "string" + }, + "Realm": { + "markdownDescription": "The name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL` .", + "title": "Realm", "type": "string" } }, "required": [ - "Cost" + "KdcAdminPassword", + "Realm" ], "type": "object" }, - "AWS::GameLift::Fleet.CertificateConfiguration": { + "AWS::EMR::Cluster.KeyValue": { "additionalProperties": false, "properties": { - "CertificateType": { - "markdownDescription": "Indicates whether a TLS/SSL certificate is generated for a fleet.\n\nValid values include:\n\n- *GENERATED* - Generate a TLS/SSL certificate for this fleet.\n- *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet.", - "title": "CertificateType", + "Key": { + "markdownDescription": "The unique identifier of a key-value pair.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value part of the identified key.", + "title": "Value", "type": "string" } }, - "required": [ - "CertificateType" - ], "type": "object" }, - "AWS::GameLift::Fleet.ConnectionPortRange": { + "AWS::EMR::Cluster.ManagedScalingPolicy": { "additionalProperties": false, "properties": { - "FromPort": { - "type": "number" + "ComputeLimits": { + "$ref": "#/definitions/AWS::EMR::Cluster.ComputeLimits", + "markdownDescription": "The Amazon EC2 unit limits for a managed scaling policy. The managed scaling activity of a cluster is not allowed to go above or below these limits. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "ComputeLimits" }, - "ToPort": { + "ScalingStrategy": { + "markdownDescription": "Determines whether a custom scaling utilization performance index can be set. Possible values include *ADVANCED* or *DEFAULT* .", + "title": "ScalingStrategy", + "type": "string" + }, + "UtilizationPerformanceIndex": { + "markdownDescription": "An integer value that represents an advanced scaling strategy. Setting a higher value optimizes for performance. Setting a lower value optimizes for resource conservation. Setting the value to 50 balances performance and resource conservation. Possible values are 1, 25, 50, 75, and 100.", + "title": "UtilizationPerformanceIndex", "type": "number" } }, + "type": "object" + }, + "AWS::EMR::Cluster.MetricDimension": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The dimension name.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The dimension value.", + "title": "Value", + "type": "string" + } + }, "required": [ - "FromPort", - "ToPort" + "Key", + "Value" ], "type": "object" }, - "AWS::GameLift::Fleet.ContainerGroupsConfiguration": { + "AWS::EMR::Cluster.OnDemandCapacityReservationOptions": { "additionalProperties": false, "properties": { - "ConnectionPortRange": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ConnectionPortRange" + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `open` - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs as an On-Demand Instance.", + "title": "CapacityReservationPreference", + "type": "string" }, - "ContainerGroupDefinitionNames": { - "items": { - "type": "string" - }, - "type": "array" + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", + "type": "string" + }, + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` ).\n\nIf you do not specify a value, the fleet fulfills the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.OnDemandProvisioningSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", + "title": "AllocationStrategy", + "type": "string" }, - "ContainerGroupsPerInstance": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ContainerGroupsPerInstance" + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandCapacityReservationOptions", + "markdownDescription": "The launch specification for On-Demand instances in the instance fleet, which determines the allocation strategy.", + "title": "CapacityReservationOptions" } }, "required": [ - "ConnectionPortRange", - "ContainerGroupDefinitionNames" + "AllocationStrategy" ], "type": "object" }, - "AWS::GameLift::Fleet.ContainerGroupsPerInstance": { + "AWS::EMR::Cluster.OnDemandResizingSpecification": { "additionalProperties": false, "properties": { - "DesiredReplicaContainerGroupsPerInstance": { - "type": "number" + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch On-Demand instances during a resize. The default is `lowest-price` .", + "title": "AllocationStrategy", + "type": "string" + }, + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandCapacityReservationOptions", + "markdownDescription": "", + "title": "CapacityReservationOptions" }, - "MaxReplicaContainerGroupsPerInstance": { + "TimeoutDurationMinutes": { + "markdownDescription": "On-Demand resize timeout in minutes. If On-Demand Instances are not provisioned within this time, the resize workflow stops. The minimum value is 5 minutes, and the maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", "type": "number" } }, "type": "object" }, - "AWS::GameLift::Fleet.IpPermission": { + "AWS::EMR::Cluster.PlacementGroupConfig": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", - "title": "FromPort", - "type": "number" - }, - "IpRange": { - "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", - "title": "IpRange", + "InstanceRole": { + "markdownDescription": "Role of the instance in the cluster.\n\nStarting with Amazon EMR release 5.23.0, the only supported instance role is `MASTER` .", + "title": "InstanceRole", "type": "string" }, - "Protocol": { - "markdownDescription": "The network communication protocol used by the fleet.", - "title": "Protocol", + "PlacementStrategy": { + "markdownDescription": "Amazon EC2 Placement Group strategy associated with instance role.\n\nStarting with Amazon EMR release 5.23.0, the only supported placement strategy is `SPREAD` for the `MASTER` instance role.", + "title": "PlacementStrategy", "type": "string" - }, - "ToPort": { - "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", - "title": "ToPort", - "type": "number" } }, "required": [ - "FromPort", - "IpRange", - "Protocol", - "ToPort" + "InstanceRole" ], "type": "object" }, - "AWS::GameLift::Fleet.LocationCapacity": { + "AWS::EMR::Cluster.PlacementType": { "additionalProperties": false, "properties": { - "DesiredEC2Instances": { - "markdownDescription": "The number of Amazon EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. Changes in desired instance value can take up to 1 minute to be reflected when viewing the fleet's capacity settings.", - "title": "DesiredEC2Instances", - "type": "number" - }, - "MaxSize": { - "markdownDescription": "The maximum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 1.", - "title": "MaxSize", - "type": "number" - }, - "MinSize": { - "markdownDescription": "The minimum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 0.", - "title": "MinSize", - "type": "number" + "AvailabilityZone": { + "markdownDescription": "The Amazon EC2 Availability Zone for the cluster. `AvailabilityZone` is used for uniform instance groups, while `AvailabilityZones` (plural) is used for instance fleets.", + "title": "AvailabilityZone", + "type": "string" } }, "required": [ - "DesiredEC2Instances", - "MaxSize", - "MinSize" + "AvailabilityZone" ], "type": "object" }, - "AWS::GameLift::Fleet.LocationConfiguration": { + "AWS::EMR::Cluster.ScalingAction": { "additionalProperties": false, "properties": { - "Location": { - "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", - "title": "Location", + "Market": { + "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", + "title": "Market", "type": "string" }, - "LocationCapacity": { - "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", - "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", - "title": "LocationCapacity" + "SimpleScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.SimpleScalingPolicyConfiguration", + "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", + "title": "SimpleScalingPolicyConfiguration" } }, "required": [ - "Location" + "SimpleScalingPolicyConfiguration" ], "type": "object" }, - "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { + "AWS::EMR::Cluster.ScalingConstraints": { "additionalProperties": false, "properties": { - "NewGameSessionsPerCreator": { - "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy is evaluated when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", - "title": "NewGameSessionsPerCreator", + "MaxCapacity": { + "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", + "title": "MaxCapacity", "type": "number" }, - "PolicyPeriodInMinutes": { - "markdownDescription": "The time span used in evaluating the resource creation limit policy.", - "title": "PolicyPeriodInMinutes", + "MinCapacity": { + "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", + "title": "MinCapacity", "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::GameLift::Fleet.RuntimeConfiguration": { + "AWS::EMR::Cluster.ScalingRule": { "additionalProperties": false, "properties": { - "GameSessionActivationTimeoutSeconds": { - "markdownDescription": "The maximum amount of time (in seconds) allowed to launch a new game session and have it report ready to host players. During this time, the game session is in status `ACTIVATING` . If the game session does not become active before the timeout, it is ended and the game session status is changed to `TERMINATED` .", - "title": "GameSessionActivationTimeoutSeconds", - "type": "number" + "Action": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingAction", + "markdownDescription": "The conditions that trigger an automatic scaling activity.", + "title": "Action" }, - "MaxConcurrentGameSessionActivations": { - "markdownDescription": "The number of game sessions in status `ACTIVATING` to allow on an instance or compute. This setting limits the instance resources that can be used for new game activations at any one time.", - "title": "MaxConcurrentGameSessionActivations", - "type": "number" + "Description": { + "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", + "title": "Description", + "type": "string" }, - "ServerProcesses": { + "Name": { + "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", + "title": "Name", + "type": "string" + }, + "Trigger": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingTrigger", + "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", + "title": "Trigger" + } + }, + "required": [ + "Action", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::EMR::Cluster.ScalingTrigger": { + "additionalProperties": false, + "properties": { + "CloudWatchAlarmDefinition": { + "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchAlarmDefinition", + "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", + "title": "CloudWatchAlarmDefinition" + } + }, + "required": [ + "CloudWatchAlarmDefinition" + ], + "type": "object" + }, + "AWS::EMR::Cluster.ScriptBootstrapActionConfig": { + "additionalProperties": false, + "properties": { + "Args": { "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ServerProcess" + "type": "string" }, - "markdownDescription": "A collection of server process configurations that identify what server processes to run on fleet computes.", - "title": "ServerProcesses", + "markdownDescription": "A list of command line arguments to pass to the bootstrap action script.", + "title": "Args", "type": "array" + }, + "Path": { + "markdownDescription": "Location in Amazon S3 of the script to run during a bootstrap action.", + "title": "Path", + "type": "string" } }, + "required": [ + "Path" + ], "type": "object" }, - "AWS::GameLift::Fleet.ScalingPolicy": { + "AWS::EMR::Cluster.SimpleScalingPolicyConfiguration": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", - "title": "ComparisonOperator", + "AdjustmentType": { + "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", + "title": "AdjustmentType", "type": "string" }, - "EvaluationPeriods": { - "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", - "title": "EvaluationPeriods", + "CoolDown": { + "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", + "title": "CoolDown", "type": "number" }, - "Location": { - "markdownDescription": "The fleet location.", - "title": "Location", - "type": "string" - }, - "MetricName": { - "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "PolicyType": { - "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", - "title": "PolicyType", - "type": "string" - }, "ScalingAdjustment": { - "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", + "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", "title": "ScalingAdjustment", "type": "number" - }, - "ScalingAdjustmentType": { - "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", - "title": "ScalingAdjustmentType", - "type": "string" - }, - "Status": { - "markdownDescription": "Current status of the scaling policy. The scaling policy can be in force only when in an `ACTIVE` status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.\n\n- *ACTIVE* -- The scaling policy can be used for auto-scaling a fleet.\n- *UPDATE_REQUESTED* -- A request to update the scaling policy has been received.\n- *UPDATING* -- A change is being made to the scaling policy.\n- *DELETE_REQUESTED* -- A request to delete the scaling policy has been received.\n- *DELETING* -- The scaling policy is being deleted.\n- *DELETED* -- The scaling policy has been deleted.\n- *ERROR* -- An error occurred in creating the policy. It should be removed and recreated.", - "title": "Status", + } + }, + "required": [ + "ScalingAdjustment" + ], + "type": "object" + }, + "AWS::EMR::Cluster.SpotProvisioningSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", + "title": "AllocationStrategy", "type": "string" }, - "TargetConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.TargetConfiguration", - "markdownDescription": "An object that contains settings for a target-based scaling policy.", - "title": "TargetConfiguration" - }, - "Threshold": { - "markdownDescription": "Metric value used to trigger a scaling event.", - "title": "Threshold", + "BlockDurationMinutes": { + "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", + "title": "BlockDurationMinutes", "type": "number" }, - "UpdateStatus": { - "markdownDescription": "The current status of the fleet's scaling policies in a requested fleet location. The status `PENDING_UPDATE` indicates that an update was requested for the fleet but has not yet been completed for the location.", - "title": "UpdateStatus", + "TimeoutAction": { + "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", + "title": "TimeoutAction", "type": "string" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "required": [ - "MetricName", - "Name" + "TimeoutAction", + "TimeoutDurationMinutes" ], "type": "object" }, - "AWS::GameLift::Fleet.ServerProcess": { + "AWS::EMR::Cluster.SpotResizingSpecification": { "additionalProperties": false, "properties": { - "ConcurrentExecutions": { - "markdownDescription": "The number of server processes using this configuration that run concurrently on each instance or compute.", - "title": "ConcurrentExecutions", - "type": "number" + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch Spot instances during a resize. If you run Amazon EMR releases 6.9.0 or higher, the default is `price-capacity-optimized` . If you run Amazon EMR releases 6.8.0 or lower, the default is `capacity-optimized` .", + "title": "AllocationStrategy", + "type": "string" }, - "LaunchPath": { - "markdownDescription": "The location of a game build executable or Realtime script. Game builds and Realtime scripts are installed on instances at the root:\n\n- Windows (custom game builds only): `C:\\game` . Example: \" `C:\\game\\MyGame\\server.exe` \"\n- Linux: `/local/game` . Examples: \" `/local/game/MyGame/server.exe` \" or \" `/local/game/MyRealtimeScript.js` \"\n\n> Amazon GameLift Servers doesn't support the use of setup scripts that launch the game executable. For custom game builds, this parameter must indicate the executable that calls the server SDK operations `initSDK()` and `ProcessReady()` .", - "title": "LaunchPath", + "TimeoutDurationMinutes": { + "markdownDescription": "Spot resize timeout in minutes. If Spot Instances are not provisioned within this time, the resize workflow will stop provisioning of Spot instances. Minimum value is 5 minutes and maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.StepConfig": { + "additionalProperties": false, + "properties": { + "ActionOnFailure": { + "markdownDescription": "The action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", + "title": "ActionOnFailure", "type": "string" }, - "Parameters": { - "markdownDescription": "An optional list of parameters to pass to the server executable or Realtime script on launch.\n\nLength Constraints: Minimum length of 1. Maximum length of 1024.\n\nPattern: [A-Za-z0-9_:.+\\/\\\\\\- =@{},?'\\[\\]\"]+", - "title": "Parameters", + "HadoopJarStep": { + "$ref": "#/definitions/AWS::EMR::Cluster.HadoopJarStepConfig", + "markdownDescription": "The JAR file used for the step.", + "title": "HadoopJarStep" + }, + "Name": { + "markdownDescription": "The name of the step.", + "title": "Name", "type": "string" } }, "required": [ - "ConcurrentExecutions", - "LaunchPath" + "HadoopJarStep", + "Name" ], "type": "object" }, - "AWS::GameLift::Fleet.TargetConfiguration": { + "AWS::EMR::Cluster.VolumeSpecification": { "additionalProperties": false, "properties": { - "TargetValue": { - "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", - "title": "TargetValue", + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" + }, + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" + }, + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", + "type": "string" } }, "required": [ - "TargetValue" + "SizeInGB", + "VolumeType" ], "type": "object" }, - "AWS::GameLift::GameServerGroup": { + "AWS::EMR::InstanceFleetConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -103664,86 +110298,59 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.AutoScalingPolicy", - "markdownDescription": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. The scaling policy uses the metric `\"PercentUtilizedGameServers\"` to maintain a buffer of idle game servers that can immediately accommodate new games and players. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "AutoScalingPolicy" - }, - "BalancingStrategy": { - "markdownDescription": "Indicates how Amazon GameLift Servers FleetIQ balances the use of Spot Instances and On-Demand Instances in the game server group. Method options include the following:\n\n- `SPOT_ONLY` - Only Spot Instances are used in the game server group. If Spot Instances are unavailable or not viable for game hosting, the game server group provides no hosting capacity until Spot Instances can again be used. Until then, no new instances are started, and the existing nonviable Spot Instances are terminated (after current gameplay ends) and are not replaced.\n- `SPOT_PREFERRED` - (default value) Spot Instances are used whenever available in the game server group. If Spot Instances are unavailable, the game server group continues to provide hosting capacity by falling back to On-Demand Instances. Existing nonviable Spot Instances are terminated (after current gameplay ends) and are replaced with new On-Demand Instances.\n- `ON_DEMAND_ONLY` - Only On-Demand Instances are used in the game server group. No Spot Instances are used, even when available, while this balancing strategy is in force.", - "title": "BalancingStrategy", - "type": "string" - }, - "DeleteOption": { - "markdownDescription": "The type of delete to perform. To delete a game server group, specify the `DeleteOption` . Options include the following:\n\n- `SAFE_DELETE` \u2013 (default) Terminates the game server group and Amazon EC2 Auto Scaling group only when it has no game servers that are in `UTILIZED` status.\n- `FORCE_DELETE` \u2013 Terminates the game server group, including all active game servers regardless of their utilization status, and the Amazon EC2 Auto Scaling group.\n- `RETAIN` \u2013 Does a safe delete of the game server group but retains the Amazon EC2 Auto Scaling group as is.", - "title": "DeleteOption", - "type": "string" - }, - "GameServerGroupName": { - "markdownDescription": "A developer-defined identifier for the game server group. The name is unique for each Region in each AWS account.", - "title": "GameServerGroupName", + "ClusterId": { + "markdownDescription": "The unique identifier of the EMR cluster.", + "title": "ClusterId", "type": "string" }, - "GameServerProtectionPolicy": { - "markdownDescription": "A flag that indicates whether instances in the game server group are protected from early termination. Unprotected instances that have active game servers running might be terminated during a scale-down event, causing players to be dropped from the game. Protected instances cannot be terminated while there are active game servers running except in the event of a forced game server group deletion (see ). An exception to this is with Spot Instances, which can be terminated by AWS regardless of protection status.", - "title": "GameServerProtectionPolicy", + "InstanceFleetType": { + "markdownDescription": "The node type that the instance fleet hosts.\n\n*Allowed Values* : TASK", + "title": "InstanceFleetType", "type": "string" }, - "InstanceDefinitions": { + "InstanceTypeConfigs": { "items": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.InstanceDefinition" + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceTypeConfig" }, - "markdownDescription": "The set of Amazon EC2 instance types that Amazon GameLift Servers FleetIQ can use when balancing and automatically scaling instances in the corresponding Auto Scaling group.", - "title": "InstanceDefinitions", + "markdownDescription": "`InstanceTypeConfigs` determine the EC2 instances that Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities.\n\n> The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.", + "title": "InstanceTypeConfigs", "type": "array" }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.LaunchTemplate", - "markdownDescription": "The Amazon EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. You can specify the template using either the template name or ID. For help with creating a launch template, see [Creating a Launch Template for an Auto Scaling Group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.\n\n> If you specify network interfaces in your launch template, you must explicitly set the property `AssociatePublicIpAddress` to \"true\". If no network interface is specified in the launch template, Amazon GameLift Servers FleetIQ uses your account's default VPC.", - "title": "LaunchTemplate" - }, - "MaxSize": { - "markdownDescription": "The maximum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and EC2 do not scale up the group above this maximum. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "MaxSize", - "type": "number" - }, - "MinSize": { - "markdownDescription": "The minimum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and Amazon EC2 do not scale down the group below this minimum. In production, this value should be set to at least 1. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "MinSize", - "type": "number" + "LaunchSpecifications": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications", + "markdownDescription": "The launch specification for the instance fleet.", + "title": "LaunchSpecifications" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access your Amazon EC2 Auto Scaling groups.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The friendly name of the instance fleet.", + "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of labels to assign to the new game server group resource. Tags are developer-defined key-value pairs. Tagging AWS resources is useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags, respectively. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", - "type": "array" + "ResizeSpecifications": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetResizingSpecifications", + "markdownDescription": "The resize specification for the instance fleet.", + "title": "ResizeSpecifications" }, - "VpcSubnets": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. By default, all Amazon GameLift Servers FleetIQ-supported Availability Zones are used. You can use this parameter to specify VPCs that you've set up. This property cannot be updated after the game server group is created, and the corresponding Auto Scaling group will always use the property value that is set with this request, even if the Auto Scaling group is updated directly.", - "title": "VpcSubnets", - "type": "array" + "TargetOnDemandCapacity": { + "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetOnDemandCapacity", + "type": "number" + }, + "TargetSpotCapacity": { + "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetSpotCapacity", + "type": "number" } }, "required": [ - "GameServerGroupName", - "InstanceDefinitions", - "RoleArn" + "ClusterId", + "InstanceFleetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::GameServerGroup" + "AWS::EMR::InstanceFleetConfig" ], "type": "string" }, @@ -103762,37 +110369,151 @@ ], "type": "object" }, - "AWS::GameLift::GameServerGroup.AutoScalingPolicy": { + "AWS::EMR::InstanceFleetConfig.Configuration": { "additionalProperties": false, "properties": { - "EstimatedInstanceWarmup": { - "markdownDescription": "Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift Servers FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances.", - "title": "EstimatedInstanceWarmup", - "type": "number" + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", + "type": "string" }, - "TargetTrackingConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.TargetTrackingConfiguration", - "markdownDescription": "Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value.", - "title": "TargetTrackingConfiguration" + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConfigurationProperties", + "type": "object" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" + }, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig": { + "additionalProperties": false, + "properties": { + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" + }, + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" } }, "required": [ - "TargetTrackingConfiguration" + "VolumeSpecification" ], "type": "object" }, - "AWS::GameLift::GameServerGroup.InstanceDefinition": { + "AWS::EMR::InstanceFleetConfig.EbsConfiguration": { + "additionalProperties": false, + "properties": { + "EbsBlockDeviceConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig" + }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", + "type": "array" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications": { + "additionalProperties": false, + "properties": { + "OnDemandSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification", + "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", + "title": "OnDemandSpecification" + }, + "SpotSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification", + "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", + "title": "SpotSpecification" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceFleetConfig.InstanceFleetResizingSpecifications": { + "additionalProperties": false, + "properties": { + "OnDemandResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandResizingSpecification", + "markdownDescription": "The resize specification for On-Demand Instances in the instance fleet, which contains the allocation strategy, capacity reservation options, and the resize timeout period.", + "title": "OnDemandResizeSpecification" + }, + "SpotResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotResizingSpecification", + "markdownDescription": "The resize specification for Spot Instances in the instance fleet, which contains the allocation strategy and the resize timeout period.", + "title": "SpotResizeSpecification" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceFleetConfig.InstanceTypeConfig": { "additionalProperties": false, "properties": { + "BidPrice": { + "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPrice", + "type": "string" + }, + "BidPriceAsPercentageOfOnDemandPrice": { + "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPriceAsPercentageOfOnDemandPrice", + "type": "number" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" + }, + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nAn optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see [Configuring Applications](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) .", + "title": "Configurations", + "type": "array" + }, + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the instance type.", + "title": "CustomAmiId", + "type": "string" + }, + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsConfiguration", + "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", + "title": "EbsConfiguration" + }, "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type designation.", + "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", "title": "InstanceType", "type": "string" }, + "Priority": { + "markdownDescription": "The priority at which Amazon EMR launches the Amazon EC2 instances with this instance type. Priority starts at 0, which is the highest priority. Amazon EMR considers the highest priority first.", + "title": "Priority", + "type": "number" + }, "WeightedCapacity": { - "markdownDescription": "Instance weighting that indicates how much this instance type contributes to the total capacity of a game server group. Instance weights are used by Amazon GameLift Servers FleetIQ to calculate the instance type's cost per unit hour and better identify the most cost-effective options. For detailed information on weighting instance capacity, see [Instance Weighting](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-weighting.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . Default value is \"1\".", + "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", "title": "WeightedCapacity", - "type": "string" + "type": "number" } }, "required": [ @@ -103800,42 +110521,144 @@ ], "type": "object" }, - "AWS::GameLift::GameServerGroup.LaunchTemplate": { + "AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "A unique identifier for an existing Amazon EC2 launch template.", - "title": "LaunchTemplateId", + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `open` - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs as an On-Demand Instance.", + "title": "CapacityReservationPreference", "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "A readable identifier for an existing Amazon EC2 launch template.", - "title": "LaunchTemplateName", + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", "type": "string" }, - "Version": { - "markdownDescription": "The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created.", - "title": "Version", + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` ).\n\nIf you do not specify a value, the fleet fulfills the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", "type": "string" } }, "type": "object" }, - "AWS::GameLift::GameServerGroup.TargetTrackingConfiguration": { + "AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification": { "additionalProperties": false, "properties": { - "TargetValue": { - "markdownDescription": "Desired value to use with a game server group target-based scaling policy.", - "title": "TargetValue", + "AllocationStrategy": { + "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", + "title": "AllocationStrategy", + "type": "string" + }, + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions", + "markdownDescription": "The launch specification for On-Demand instances in the instance fleet, which determines the allocation strategy.", + "title": "CapacityReservationOptions" + } + }, + "required": [ + "AllocationStrategy" + ], + "type": "object" + }, + "AWS::EMR::InstanceFleetConfig.OnDemandResizingSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch On-Demand instances during a resize. The default is `lowest-price` .", + "title": "AllocationStrategy", + "type": "string" + }, + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions", + "markdownDescription": "", + "title": "CapacityReservationOptions" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "On-Demand resize timeout in minutes. If On-Demand Instances are not provisioned within this time, the resize workflow stops. The minimum value is 5 minutes, and the maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", + "title": "AllocationStrategy", + "type": "string" + }, + "BlockDurationMinutes": { + "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", + "title": "BlockDurationMinutes", + "type": "number" + }, + "TimeoutAction": { + "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", + "title": "TimeoutAction", + "type": "string" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", + "title": "TimeoutDurationMinutes", "type": "number" } }, "required": [ - "TargetValue" + "TimeoutAction", + "TimeoutDurationMinutes" ], "type": "object" }, - "AWS::GameLift::GameSessionQueue": { + "AWS::EMR::InstanceFleetConfig.SpotResizingSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch Spot instances during a resize. If you run Amazon EMR releases 6.9.0 or higher, the default is `price-capacity-optimized` . If you run Amazon EMR releases 6.8.0 or lower, the default is `capacity-optimized` .", + "title": "AllocationStrategy", + "type": "string" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "Spot resize timeout in minutes. If Spot Instances are not provisioned within this time, the resize workflow will stop provisioning of Spot instances. Minimum value is 5 minutes and maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceFleetConfig.VolumeSpecification": { + "additionalProperties": false, + "properties": { + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" + }, + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" + }, + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", + "type": "string" + } + }, + "required": [ + "SizeInGB", + "VolumeType" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -103870,69 +110693,76 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomEventData": { - "markdownDescription": "Information to be added to all events that are related to this game session queue.", - "title": "CustomEventData", + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.AutoScalingPolicy", + "markdownDescription": "`AutoScalingPolicy` is a subproperty of `InstanceGroupConfig` . `AutoScalingPolicy` defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) in the *Amazon EMR Management Guide* .", + "title": "AutoScalingPolicy" + }, + "BidPrice": { + "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", + "title": "BidPrice", "type": "string" }, - "Destinations": { + "Configurations": { "items": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.GameSessionQueueDestination" + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" }, - "markdownDescription": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue. Destinations are identified by either a fleet ARN or a fleet alias ARN, and are listed in order of placement preference.", - "title": "Destinations", + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", + "title": "Configurations", "type": "array" }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.FilterConfiguration", - "markdownDescription": "A list of locations where a queue is allowed to place new game sessions. Locations are specified in the form of AWS Region codes, such as `us-west-2` . If this parameter is not set, game sessions can be placed in any queue location.", - "title": "FilterConfiguration" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region.", - "title": "Name", + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", + "title": "CustomAmiId", "type": "string" }, - "NotificationTarget": { - "markdownDescription": "An SNS topic ARN that is set up to receive game session placement notifications. See [Setting up notifications for game session placement](https://docs.aws.amazon.com/gamelift/latest/developerguide/queue-notification.html) .", - "title": "NotificationTarget", + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsConfiguration", + "markdownDescription": "`EbsConfiguration` determines the EBS volumes to attach to EMR cluster instances.", + "title": "EbsConfiguration" + }, + "InstanceCount": { + "markdownDescription": "Target number of instances for the instance group.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceRole": { + "markdownDescription": "The role of the instance group in the cluster.\n\n*Allowed Values* : TASK", + "title": "InstanceRole", "type": "string" }, - "PlayerLatencyPolicies": { - "items": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy" - }, - "markdownDescription": "A set of policies that enforce a sliding cap on player latency when processing game sessions placement requests. Use multiple policies to gradually relax the cap over time if Amazon GameLift Servers can't make a placement. Policies are evaluated in order starting with the lowest maximum latency value.", - "title": "PlayerLatencyPolicies", - "type": "array" + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", + "title": "InstanceType", + "type": "string" }, - "PriorityConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PriorityConfiguration", - "markdownDescription": "Custom settings to use when prioritizing destinations and locations for game session placements. This configuration replaces the FleetIQ default prioritization process. Priority types that are not explicitly named will be automatically applied at the end of the prioritization process.", - "title": "PriorityConfiguration" + "JobFlowId": { + "markdownDescription": "The ID of an Amazon EMR cluster that you want to associate this instance group with.", + "title": "JobFlowId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of labels to assign to the new game session queue resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", - "type": "array" + "Market": { + "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", + "title": "Market", + "type": "string" }, - "TimeoutInSeconds": { - "markdownDescription": "The maximum time, in seconds, that a new game session placement request remains in the queue. When a request exceeds this time, the game session placement changes to a `TIMED_OUT` status. If you don't specify a request timeout, the queue uses a default value.", - "title": "TimeoutInSeconds", - "type": "number" + "Name": { + "markdownDescription": "Friendly name given to the instance group.", + "title": "Name", + "type": "string" } }, "required": [ - "Name" + "InstanceCount", + "InstanceRole", + "InstanceType", + "JobFlowId" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::GameSessionQueue" + "AWS::EMR::InstanceGroupConfig" ], "type": "string" }, @@ -103951,70 +110781,316 @@ ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.FilterConfiguration": { + "AWS::EMR::InstanceGroupConfig.AutoScalingPolicy": { "additionalProperties": false, "properties": { - "AllowedLocations": { + "Constraints": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingConstraints", + "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", + "title": "Constraints" + }, + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingRule" }, - "markdownDescription": "A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` .", - "title": "AllowedLocations", + "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", + "title": "Rules", "type": "array" } }, + "required": [ + "Constraints", + "Rules" + ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.GameSessionQueueDestination": { + "AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions.", - "title": "DestinationArn", + "ComparisonOperator": { + "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", + "title": "ComparisonOperator", + "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.MetricDimension" + }, + "markdownDescription": "A CloudWatch metric dimension.", + "title": "Dimensions", + "type": "array" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", + "title": "EvaluationPeriods", + "type": "number" + }, + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", + "title": "Namespace", + "type": "string" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", + "title": "Statistic", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", + "title": "Unit", "type": "string" } }, + "required": [ + "ComparisonOperator", + "MetricName", + "Period", + "Threshold" + ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy": { + "AWS::EMR::InstanceGroupConfig.Configuration": { "additionalProperties": false, "properties": { - "MaximumIndividualPlayerLatencyMilliseconds": { - "markdownDescription": "The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property.", - "title": "MaximumIndividualPlayerLatencyMilliseconds", - "type": "number" + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", + "type": "string" }, - "PolicyDurationSeconds": { - "markdownDescription": "The length of time, in seconds, that the policy is enforced while placing a new game session. A null value for this property means that the policy is enforced until the queue times out.", - "title": "PolicyDurationSeconds", + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConfigurationProperties", + "type": "object" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" + }, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig": { + "additionalProperties": false, + "properties": { + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" + }, + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", "type": "number" } }, + "required": [ + "VolumeSpecification" + ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.PriorityConfiguration": { + "AWS::EMR::InstanceGroupConfig.EbsConfiguration": { "additionalProperties": false, "properties": { - "LocationOrder": { + "EbsBlockDeviceConfigs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig" }, - "markdownDescription": "The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations can include AWS Region codes (such as `us-west-2` ), local zones, and custom locations (for Anywhere fleets). Each location must be listed only once. For details, see [Amazon GameLift Servers service locations.](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html)", - "title": "LocationOrder", + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", "type": "array" }, - "PriorityOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "A custom sequence to use when prioritizing where to place new game sessions. Each priority type is listed once.\n\n- `LATENCY` -- Amazon GameLift Servers prioritizes locations where the average player latency is lowest. Player latency data is provided in each game session placement request.\n- `COST` -- Amazon GameLift Servers prioritizes queue destinations with the lowest current hosting costs. Cost is evaluated based on the destination's location, instance type, and fleet type (Spot or On-Demand).\n- `DESTINATION` -- Amazon GameLift Servers prioritizes based on the list order of destinations in the queue configuration.\n- `LOCATION` -- Amazon GameLift Servers prioritizes based on the provided order of locations, as defined in `LocationOrder` .", - "title": "PriorityOrder", - "type": "array" + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" } }, "type": "object" }, - "AWS::GameLift::Location": { + "AWS::EMR::InstanceGroupConfig.MetricDimension": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The dimension name.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The dimension value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.ScalingAction": { + "additionalProperties": false, + "properties": { + "Market": { + "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", + "title": "Market", + "type": "string" + }, + "SimpleScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration", + "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", + "title": "SimpleScalingPolicyConfiguration" + } + }, + "required": [ + "SimpleScalingPolicyConfiguration" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.ScalingConstraints": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", + "title": "MinCapacity", + "type": "number" + } + }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.ScalingRule": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingAction", + "markdownDescription": "The conditions that trigger an automatic scaling activity.", + "title": "Action" + }, + "Description": { + "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", + "title": "Name", + "type": "string" + }, + "Trigger": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingTrigger", + "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", + "title": "Trigger" + } + }, + "required": [ + "Action", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.ScalingTrigger": { + "additionalProperties": false, + "properties": { + "CloudWatchAlarmDefinition": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition", + "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", + "title": "CloudWatchAlarmDefinition" + } + }, + "required": [ + "CloudWatchAlarmDefinition" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "AdjustmentType": { + "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", + "title": "AdjustmentType", + "type": "string" + }, + "CoolDown": { + "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", + "title": "CoolDown", + "type": "number" + }, + "ScalingAdjustment": { + "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", + "title": "ScalingAdjustment", + "type": "number" + } + }, + "required": [ + "ScalingAdjustment" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.VolumeSpecification": { + "additionalProperties": false, + "properties": { + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" + }, + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" + }, + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", + "type": "string" + } + }, + "required": [ + "SizeInGB", + "VolumeType" + ], + "type": "object" + }, + "AWS::EMR::SecurityConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -104049,28 +111125,25 @@ "Properties": { "additionalProperties": false, "properties": { - "LocationName": { - "markdownDescription": "A descriptive name for the custom location.", - "title": "LocationName", + "Name": { + "markdownDescription": "The name of the security configuration.", + "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of labels to assign to the new resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Rareference* .", - "title": "Tags", - "type": "array" + "SecurityConfiguration": { + "markdownDescription": "The security configuration details in JSON format. For JSON parameters and examples, see [Use Security Configurations to Set Up Cluster Security](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-security-configurations.html) in the *Amazon EMR Management Guide* .", + "title": "SecurityConfiguration", + "type": "object" } }, "required": [ - "LocationName" + "SecurityConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::Location" + "AWS::EMR::SecurityConfiguration" ], "type": "string" }, @@ -104089,7 +111162,7 @@ ], "type": "object" }, - "AWS::GameLift::MatchmakingConfiguration": { + "AWS::EMR::Step": { "additionalProperties": false, "properties": { "Condition": { @@ -104124,112 +111197,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptanceRequired": { - "markdownDescription": "A flag that determines whether a match that was created with this configuration must be accepted by the matched players. To require acceptance, set to `TRUE` . With this option enabled, matchmaking tickets use the status `REQUIRES_ACCEPTANCE` to indicate when a completed potential match is waiting for player acceptance.", - "title": "AcceptanceRequired", - "type": "boolean" - }, - "AcceptanceTimeoutSeconds": { - "markdownDescription": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.", - "title": "AcceptanceTimeoutSeconds", - "type": "number" - }, - "AdditionalPlayerCount": { - "markdownDescription": "The number of player slots in a match to keep open for future players. For example, if the configuration's rule set specifies a match for a single 12-person team, and the additional player count is set to 2, only 10 players are selected for the match. This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "AdditionalPlayerCount", - "type": "number" - }, - "BackfillMode": { - "markdownDescription": "The method used to backfill game sessions that are created with this matchmaking configuration. Specify `MANUAL` when your game manages backfill requests manually or does not use the match backfill feature. Specify `AUTOMATIC` to have GameLift create a `StartMatchBackfill` request whenever a game session has one or more open slots. Learn more about manual and automatic backfill in [Backfill Existing Games with FlexMatch](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-backfill.html) . Automatic backfill is not available when `FlexMatchMode` is set to `STANDALONE` .", - "title": "BackfillMode", - "type": "string" - }, - "CreationTime": { - "markdownDescription": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example `\"1469498468.057\"` ).", - "title": "CreationTime", - "type": "string" - }, - "CustomEventData": { - "markdownDescription": "Information to add to all events related to the matchmaking configuration.", - "title": "CustomEventData", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the matchmaking configuration.", - "title": "Description", - "type": "string" - }, - "FlexMatchMode": { - "markdownDescription": "Indicates whether this matchmaking configuration is being used with Amazon GameLift Servers hosting or as a standalone matchmaking solution.\n\n- *STANDALONE* - FlexMatch forms matches and returns match information, including players and team assignments, in a [MatchmakingSucceeded](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-events.html#match-events-matchmakingsucceeded) event.\n- *WITH_QUEUE* - FlexMatch forms matches and uses the specified Amazon GameLift Servers queue to start a game session for the match.", - "title": "FlexMatchMode", + "ActionOnFailure": { + "markdownDescription": "This specifies what action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", + "title": "ActionOnFailure", "type": "string" }, - "GameProperties": { - "items": { - "$ref": "#/definitions/AWS::GameLift::MatchmakingConfiguration.GameProperty" - }, - "markdownDescription": "A set of custom properties for a game session, formatted as key-value pairs. These properties are passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "GameProperties", - "type": "array" + "HadoopJarStep": { + "$ref": "#/definitions/AWS::EMR::Step.HadoopJarStepConfig", + "markdownDescription": "The `HadoopJarStepConfig` property type specifies a job flow step consisting of a JAR file whose main function will be executed. The main function submits a job for the cluster to execute as a step on the master node, and then waits for the job to finish or fail before executing subsequent steps.", + "title": "HadoopJarStep" }, - "GameSessionData": { - "markdownDescription": "A set of custom game session properties, formatted as a single string value. This data is passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "GameSessionData", + "JobFlowId": { + "markdownDescription": "A string that uniquely identifies the cluster (job flow).", + "title": "JobFlowId", "type": "string" }, - "GameSessionQueueArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) that is assigned to a Amazon GameLift Servers game session queue resource and uniquely identifies it. ARNs are unique across all Regions. Format is `arn:aws:gamelift:::gamesessionqueue/` . Queues can be located in any Region. Queues are used to start new Amazon GameLift Servers-hosted game sessions for matches that are created with this matchmaking configuration. If `FlexMatchMode` is set to `STANDALONE` , do not set this parameter.", - "title": "GameSessionQueueArns", - "type": "array" - }, "Name": { - "markdownDescription": "A unique identifier for the matchmaking configuration. This name is used to identify the configuration associated with a matchmaking request or ticket.", + "markdownDescription": "The name of the cluster step.", "title": "Name", "type": "string" - }, - "NotificationTarget": { - "markdownDescription": "An SNS topic ARN that is set up to receive matchmaking notifications. See [Setting up notifications for matchmaking](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-notification.html) for more information.", - "title": "NotificationTarget", - "type": "string" - }, - "RequestTimeoutSeconds": { - "markdownDescription": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out. Requests that fail due to timing out can be resubmitted as needed.", - "title": "RequestTimeoutSeconds", - "type": "number" - }, - "RuleSetArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) associated with the GameLift matchmaking rule set resource that this configuration uses.", - "title": "RuleSetArn", - "type": "string" - }, - "RuleSetName": { - "markdownDescription": "A unique identifier for the matchmaking rule set to use with this configuration. You can use either the rule set name or ARN value. A matchmaking configuration can only use rule sets that are defined in the same Region.", - "title": "RuleSetName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of labels to assign to the new matchmaking configuration resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", - "type": "array" } }, "required": [ - "AcceptanceRequired", - "Name", - "RequestTimeoutSeconds", - "RuleSetName" + "ActionOnFailure", + "HadoopJarStep", + "JobFlowId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::MatchmakingConfiguration" + "AWS::EMR::Step" ], "type": "string" }, @@ -104248,27 +111247,58 @@ ], "type": "object" }, - "AWS::GameLift::MatchmakingConfiguration.GameProperty": { + "AWS::EMR::Step.HadoopJarStepConfig": { + "additionalProperties": false, + "properties": { + "Args": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", + "title": "Args", + "type": "array" + }, + "Jar": { + "markdownDescription": "A path to a JAR file run during the step.", + "title": "Jar", + "type": "string" + }, + "MainClass": { + "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", + "title": "MainClass", + "type": "string" + }, + "StepProperties": { + "items": { + "$ref": "#/definitions/AWS::EMR::Step.KeyValue" + }, + "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.", + "title": "StepProperties", + "type": "array" + } + }, + "required": [ + "Jar" + ], + "type": "object" + }, + "AWS::EMR::Step.KeyValue": { "additionalProperties": false, "properties": { "Key": { - "markdownDescription": "The game property identifier.", + "markdownDescription": "The unique identifier of a key-value pair.", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The game property value.", + "markdownDescription": "The value part of the identified key.", "title": "Value", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::GameLift::MatchmakingRuleSet": { + "AWS::EMR::Studio": { "additionalProperties": false, "properties": { "Condition": { @@ -104303,34 +111333,113 @@ "Properties": { "additionalProperties": false, "properties": { + "AuthMode": { + "markdownDescription": "Specifies whether the Studio authenticates users using IAM Identity Center or IAM.", + "title": "AuthMode", + "type": "string" + }, + "DefaultS3Location": { + "markdownDescription": "The Amazon S3 location to back up EMR Studio Workspaces and notebook files.", + "title": "DefaultS3Location", + "type": "string" + }, + "Description": { + "markdownDescription": "A detailed description of the Amazon EMR Studio.", + "title": "Description", + "type": "string" + }, + "EncryptionKeyArn": { + "markdownDescription": "The AWS KMS key identifier (ARN) used to encrypt Amazon EMR Studio workspace and notebook files when backed up to Amazon S3.", + "title": "EncryptionKeyArn", + "type": "string" + }, + "EngineSecurityGroupId": { + "markdownDescription": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `VpcId` .", + "title": "EngineSecurityGroupId", + "type": "string" + }, + "IdcInstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance the Studio application belongs to.", + "title": "IdcInstanceArn", + "type": "string" + }, + "IdcUserAssignment": { + "markdownDescription": "Indicates whether the Studio has `REQUIRED` or `OPTIONAL` IAM Identity Center user assignment. If the value is set to `REQUIRED` , users must be explicitly assigned to the Studio application to access the Studio.", + "title": "IdcUserAssignment", + "type": "string" + }, + "IdpAuthUrl": { + "markdownDescription": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.", + "title": "IdpAuthUrl", + "type": "string" + }, + "IdpRelayStateParameterName": { + "markdownDescription": "The name of your identity provider's `RelayState` parameter.", + "title": "IdpRelayStateParameterName", + "type": "string" + }, "Name": { - "markdownDescription": "A unique identifier for the matchmaking rule set. A matchmaking configuration identifies the rule set it uses by this name value. Note that the rule set name is different from the optional `name` field in the rule set body.", + "markdownDescription": "A descriptive name for the Amazon EMR Studio.", "title": "Name", "type": "string" }, - "RuleSetBody": { - "markdownDescription": "A collection of matchmaking rules, formatted as a JSON string. Comments are not allowed in JSON, but most elements support a description field.", - "title": "RuleSetBody", + "ServiceRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services.", + "title": "ServiceRole", "type": "string" }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `VpcId` . Studio users can create a Workspace in any of the specified subnets.", + "title": "SubnetIds", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of labels to assign to the new matchmaking rule set resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "TrustedIdentityPropagationEnabled": { + "markdownDescription": "Indicates whether the Studio has Trusted identity propagation enabled. The default value is `false` .", + "title": "TrustedIdentityPropagationEnabled", + "type": "boolean" + }, + "UserRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify `UserRole` when you set `AuthMode` to `SSO` .", + "title": "UserRole", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.", + "title": "VpcId", + "type": "string" + }, + "WorkspaceSecurityGroupId": { + "markdownDescription": "The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.", + "title": "WorkspaceSecurityGroupId", + "type": "string" } }, "required": [ + "AuthMode", + "DefaultS3Location", + "EngineSecurityGroupId", "Name", - "RuleSetBody" + "ServiceRole", + "SubnetIds", + "VpcId", + "WorkspaceSecurityGroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::MatchmakingRuleSet" + "AWS::EMR::Studio" ], "type": "string" }, @@ -104349,7 +111458,7 @@ ], "type": "object" }, - "AWS::GameLift::Script": { + "AWS::EMR::StudioSessionMapping": { "additionalProperties": false, "properties": { "Condition": { @@ -104384,38 +111493,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", - "title": "Name", + "IdentityName": { + "markdownDescription": "The name of the user or group. For more information, see [UserName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) and [DisplayName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) in the *IAM Identity Center Identity Store API Reference* .", + "title": "IdentityName", "type": "string" }, - "StorageLocation": { - "$ref": "#/definitions/AWS::GameLift::Script.S3Location", - "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift Servers to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift Servers uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", - "title": "StorageLocation" + "IdentityType": { + "markdownDescription": "Specifies whether the identity to map to the Amazon EMR Studio is a user or a group.", + "title": "IdentityType", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", - "type": "array" + "SessionPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles. For more information, see [Create an EMR Studio user role with session policies](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-user-role.html) in the *Amazon EMR Management Guide* .", + "title": "SessionPolicyArn", + "type": "string" }, - "Version": { - "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", - "title": "Version", + "StudioId": { + "markdownDescription": "The ID of the Amazon EMR Studio to which the user or group will be mapped.", + "title": "StudioId", "type": "string" } }, "required": [ - "StorageLocation" + "IdentityName", + "IdentityType", + "SessionPolicyArn", + "StudioId" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::Script" + "AWS::EMR::StudioSessionMapping" ], "type": "string" }, @@ -104434,38 +111543,7 @@ ], "type": "object" }, - "AWS::GameLift::Script.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift Servers doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name of the zip file that contains the build files or script files.", - "title": "Key", - "type": "string" - }, - "ObjectVersion": { - "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift Servers uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", - "title": "ObjectVersion", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access the S3 bucket.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "Bucket", - "Key", - "RoleArn" - ], - "type": "object" - }, - "AWS::GlobalAccelerator::Accelerator": { + "AWS::EMR::WALWorkspace": { "additionalProperties": false, "properties": { "Condition": { @@ -104500,46 +111578,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n\nIf the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.", - "title": "Enabled", - "type": "boolean" - }, - "IpAddressType": { - "markdownDescription": "The IP address type that an accelerator supports. For a standard accelerator, the value can be IPV4 or DUAL_STACK.", - "title": "IpAddressType", - "type": "string" - }, - "IpAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "Optionally, if you've added your own IP address pool to Global Accelerator (BYOIP), you can choose IP addresses from your own pool to use for the accelerator's static IP addresses when you create an accelerator. You can specify one or two addresses, separated by a comma. Do not include the /32 suffix.\n\nOnly one IP address from each of your IP address ranges can be used for each accelerator. If you specify only one IP address from your IP address range, Global Accelerator assigns a second static IP address for the accelerator from the AWS IP address pool.\n\nNote that you can't update IP addresses for an existing accelerator. To change them, you must create a new accelerator with the new addresses.\n\nFor more information, see [Bring Your Own IP Addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "IpAddresses", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the accelerator. The name must contain only alphanumeric characters or hyphens (-), and must not begin or end with a hyphen.", - "title": "Name", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "markdownDescription": "", "title": "Tags", "type": "array" + }, + "WALWorkspaceName": { + "markdownDescription": "", + "title": "WALWorkspaceName", + "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::Accelerator" + "AWS::EMR::WALWorkspace" ], "type": "string" }, @@ -104553,12 +111610,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GlobalAccelerator::CrossAccountAttachment": { + "AWS::EMRContainers::VirtualCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -104593,44 +111649,39 @@ "Properties": { "additionalProperties": false, "properties": { + "ContainerProvider": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerProvider", + "markdownDescription": "The container provider of the virtual cluster.", + "title": "ContainerProvider" + }, "Name": { - "markdownDescription": "The name of the cross-account attachment.", + "markdownDescription": "The name of the virtual cluster.", "title": "Name", "type": "string" }, - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "The principals included in the cross-account attachment.", - "title": "Principals", - "type": "array" - }, - "Resources": { - "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::CrossAccountAttachment.Resource" - }, - "markdownDescription": "The resources included in the cross-account attachment.", - "title": "Resources", - "type": "array" + "SecurityConfigurationId": { + "markdownDescription": "The ID of the security configuration.", + "title": "SecurityConfigurationId", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ + "ContainerProvider", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::CrossAccountAttachment" + "AWS::EMRContainers::VirtualCluster" ], "type": "string" }, @@ -104649,26 +111700,61 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::CrossAccountAttachment.Resource": { + "AWS::EMRContainers::VirtualCluster.ContainerInfo": { "additionalProperties": false, "properties": { - "EndpointId": { - "markdownDescription": "The endpoint ID for the endpoint that is specified as a AWS resource.\n\nAn endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.", - "title": "EndpointId", + "EksInfo": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.EksInfo", + "markdownDescription": "The information about the Amazon EKS cluster.", + "title": "EksInfo" + } + }, + "required": [ + "EksInfo" + ], + "type": "object" + }, + "AWS::EMRContainers::VirtualCluster.ContainerProvider": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the container cluster.\n\n*Minimum* : 1\n\n*Maximum* : 100\n\n*Pattern* : `^[0-9A-Za-z][A-Za-z0-9\\-_]*`", + "title": "Id", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region where a shared endpoint resource is located.", - "title": "Region", + "Info": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerInfo", + "markdownDescription": "The information about the container cluster.", + "title": "Info" + }, + "Type": { + "markdownDescription": "The type of the container provider. Amazon EKS is the only supported type as of now.", + "title": "Type", "type": "string" } }, "required": [ - "EndpointId" + "Id", + "Info", + "Type" ], "type": "object" }, - "AWS::GlobalAccelerator::EndpointGroup": { + "AWS::EMRContainers::VirtualCluster.EksInfo": { + "additionalProperties": false, + "properties": { + "Namespace": { + "markdownDescription": "The namespaces of the EKS cluster.\n\n*Minimum* : 1\n\n*Maximum* : 63\n\n*Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?`", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "AWS::EMRServerless::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -104703,72 +111789,116 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointConfigurations": { + "Architecture": { + "markdownDescription": "The CPU architecture of an application.", + "title": "Architecture", + "type": "string" + }, + "AutoStartConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStartConfiguration", + "markdownDescription": "The configuration for an application to automatically start on job submission.", + "title": "AutoStartConfiguration" + }, + "AutoStopConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStopConfiguration", + "markdownDescription": "The configuration for an application to automatically stop after a certain amount of time being idle.", + "title": "AutoStopConfiguration" + }, + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.IdentityCenterConfiguration", + "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", + "title": "IdentityCenterConfiguration" + }, + "ImageConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", + "markdownDescription": "The image configuration applied to all worker types.", + "title": "ImageConfiguration" + }, + "InitialCapacity": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration" + "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair" }, - "markdownDescription": "The list of endpoint objects.", - "title": "EndpointConfigurations", + "markdownDescription": "The initial capacity of the application.", + "title": "InitialCapacity", "type": "array" }, - "EndpointGroupRegion": { - "markdownDescription": "The AWS Regions where the endpoint group is located.", - "title": "EndpointGroupRegion", - "type": "string" + "InteractiveConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.InteractiveConfiguration", + "markdownDescription": "The interactive configuration object that enables the interactive use cases for an application.", + "title": "InteractiveConfiguration" }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The time\u201410 seconds or 30 seconds\u2014between health checks for each endpoint. The default value is 30.", - "title": "HealthCheckIntervalSeconds", - "type": "number" + "MaximumCapacity": { + "$ref": "#/definitions/AWS::EMRServerless::Application.MaximumAllowedResources", + "markdownDescription": "The maximum capacity of the application. This is cumulative across all workers at any given point in time during the lifespan of the application is created. No new resources will be created once any one of the defined limits is hit.", + "title": "MaximumCapacity" }, - "HealthCheckPath": { - "markdownDescription": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/).", - "title": "HealthCheckPath", + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", + "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", + "title": "MonitoringConfiguration" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", "type": "string" }, - "HealthCheckPort": { - "markdownDescription": "The port that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group.\n\nThe default port is the port for the listener that this endpoint group is associated with. If the listener port is a list, Global Accelerator uses the first specified port in the list of ports.", - "title": "HealthCheckPort", - "type": "number" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.NetworkConfiguration", + "markdownDescription": "The network configuration for customer VPC connectivity for the application.", + "title": "NetworkConfiguration" }, - "HealthCheckProtocol": { - "markdownDescription": "The protocol that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group. The default value is TCP.", - "title": "HealthCheckProtocol", + "ReleaseLabel": { + "markdownDescription": "The EMR release associated with the application.", + "title": "ReleaseLabel", "type": "string" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", - "type": "string" + "RuntimeConfiguration": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" + }, + "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", + "title": "RuntimeConfiguration", + "type": "array" }, - "PortOverrides": { + "SchedulerConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.SchedulerConfiguration", + "markdownDescription": "The scheduler configuration for batch and streaming jobs running on this application. Supported with release labels emr-7.0.0 and above.", + "title": "SchedulerConfiguration" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.PortOverride" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on.", - "title": "PortOverrides", + "markdownDescription": "The tags assigned to the application.", + "title": "Tags", "type": "array" }, - "ThresholdCount": { - "markdownDescription": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.", - "title": "ThresholdCount", - "type": "number" + "Type": { + "markdownDescription": "The type of application, such as Spark or Hive.", + "title": "Type", + "type": "string" }, - "TrafficDialPercentage": { - "markdownDescription": "The percentage of traffic to send to an AWS Regions . Additional traffic is distributed to other endpoint groups for this listener.\n\nUse this action to increase (dial up) or decrease (dial down) traffic to a specific Region. The percentage is applied to the traffic that would otherwise have been routed to the Region based on optimal routing.\n\nThe default value is 100.", - "title": "TrafficDialPercentage", - "type": "number" + "WorkerTypeSpecifications": { + "additionalProperties": false, + "markdownDescription": "The specification applied to each worker type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerTypeSpecificationInput" + } + }, + "title": "WorkerTypeSpecifications", + "type": "object" } }, "required": [ - "EndpointGroupRegion", - "ListenerArn" + "ReleaseLabel", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::EndpointGroup" + "AWS::EMRServerless::Application" ], "type": "string" }, @@ -104787,511 +111917,375 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { + "AWS::EMRServerless::Application.AutoStartConfiguration": { "additionalProperties": false, "properties": { - "AttachmentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cross-account attachment that specifies the endpoints (resources) that can be added to accelerators and principals that have permission to add the endpoints.", - "title": "AttachmentArn", - "type": "string" - }, - "ClientIPPreservationEnabled": { - "markdownDescription": "Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint. The value is true or false. The default value is true for new accelerators.\n\nIf the value is set to true, the client's IP address is preserved in the `X-Forwarded-For` request header as traffic travels to applications on the Application Load Balancer endpoint fronted by the accelerator.\n\nFor more information, see [Preserve Client IP Addresses](https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "ClientIPPreservationEnabled", + "Enabled": { + "markdownDescription": "Enables the application to automatically start on job submission.", + "title": "Enabled", "type": "boolean" - }, - "EndpointId": { - "markdownDescription": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID. For Amazon EC2 instances, this is the EC2 instance ID. A resource must be valid and active when you add it as an endpoint.\n\nFor cross-account endpoints, this must be the ARN of the resource.", - "title": "EndpointId", - "type": "string" - }, - "Weight": { - "markdownDescription": "The weight associated with the endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. For example, you might specify endpoint weights of 4, 5, 5, and 6 (sum=20). The result is that 4/20 of your traffic, on average, is routed to the first endpoint, 5/20 is routed both to the second and third endpoints, and 6/20 is routed to the last endpoint. For more information, see [Endpoint Weights](https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "Weight", - "type": "number" } }, - "required": [ - "EndpointId" - ], "type": "object" }, - "AWS::GlobalAccelerator::EndpointGroup.PortOverride": { + "AWS::EMRServerless::Application.AutoStopConfiguration": { "additionalProperties": false, "properties": { - "EndpointPort": { - "markdownDescription": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance.", - "title": "EndpointPort", - "type": "number" + "Enabled": { + "markdownDescription": "Enables the application to automatically stop after a certain amount of time being idle. Defaults to true.", + "title": "Enabled", + "type": "boolean" }, - "ListenerPort": { - "markdownDescription": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on.", - "title": "ListenerPort", + "IdleTimeoutMinutes": { + "markdownDescription": "The amount of idle time in minutes after which your application will automatically stop. Defaults to 15 minutes.", + "title": "IdleTimeoutMinutes", "type": "number" } }, - "required": [ - "EndpointPort", - "ListenerPort" - ], "type": "object" }, - "AWS::GlobalAccelerator::Listener": { + "AWS::EMRServerless::Application.CloudWatchLoggingConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Enabled": { + "markdownDescription": "Enables CloudWatch logging.", + "title": "Enabled", + "type": "boolean" + }, + "EncryptionKeyArn": { + "markdownDescription": "The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.", + "title": "EncryptionKeyArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LogGroupName": { + "markdownDescription": "The name of the log group in Amazon CloudWatch Logs where you want to publish your logs.", + "title": "LogGroupName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LogStreamNamePrefix": { + "markdownDescription": "Prefix for the CloudWatch log stream name.", + "title": "LogStreamNamePrefix", + "type": "string" }, - "Metadata": { - "type": "object" + "LogTypeMap": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.LogTypeMapKeyValuePair" + }, + "markdownDescription": "", + "title": "LogTypeMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.ConfigurationObject": { + "additionalProperties": false, + "properties": { + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", + "type": "string" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" + }, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" }, "Properties": { - "additionalProperties": false, - "properties": { - "AcceleratorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of your accelerator.", - "title": "AcceleratorArn", - "type": "string" - }, - "ClientAffinity": { - "markdownDescription": "Client affinity lets you direct all requests from a user to the same endpoint, if you have stateful applications, regardless of the port and protocol of the client request. Client affinity gives you control over whether to always route each client to the same specific endpoint.\n\nAWS Global Accelerator uses a consistent-flow hashing algorithm to choose the optimal endpoint for a connection. If client affinity is `NONE` , Global Accelerator uses the \"five-tuple\" (5-tuple) properties\u2014source IP address, source port, destination IP address, destination port, and protocol\u2014to select the hash value, and then chooses the best endpoint. However, with this setting, if someone uses different ports to connect to Global Accelerator, their connections might not be always routed to the same endpoint because the hash value changes.\n\nIf you want a given client to always be routed to the same endpoint, set client affinity to `SOURCE_IP` instead. When you use the `SOURCE_IP` setting, Global Accelerator uses the \"two-tuple\" (2-tuple) properties\u2014 source (client) IP address and destination IP address\u2014to select the hash value.\n\nThe default value is `NONE` .", - "title": "ClientAffinity", - "type": "string" - }, - "PortRanges": { - "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::Listener.PortRange" - }, - "markdownDescription": "The list of port ranges for the connections from clients to the accelerator.", - "title": "PortRanges", - "type": "array" - }, - "Protocol": { - "markdownDescription": "The protocol for the connections from clients to the accelerator.", - "title": "Protocol", + "additionalProperties": true, + "markdownDescription": "A set of properties specified within a configuration classification.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "AcceleratorArn", - "PortRanges", - "Protocol" - ], + "title": "Properties", "type": "object" - }, - "Type": { - "enum": [ - "AWS::GlobalAccelerator::Listener" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" } }, "required": [ - "Type", - "Properties" + "Classification" ], "type": "object" }, - "AWS::GlobalAccelerator::Listener.PortRange": { + "AWS::EMRServerless::Application.IdentityCenterConfiguration": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "The first port in the range of ports, inclusive.", - "title": "FromPort", - "type": "number" + "IdentityCenterInstanceArn": { + "markdownDescription": "", + "title": "IdentityCenterInstanceArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.ImageConfigurationInput": { + "additionalProperties": false, + "properties": { + "ImageUri": { + "markdownDescription": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration.", + "title": "ImageUri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.InitialCapacityConfig": { + "additionalProperties": false, + "properties": { + "WorkerConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerConfiguration", + "markdownDescription": "The resource configuration of the initial capacity configuration.", + "title": "WorkerConfiguration" }, - "ToPort": { - "markdownDescription": "The last port in the range of ports, inclusive.", - "title": "ToPort", + "WorkerCount": { + "markdownDescription": "The number of workers in the initial capacity configuration.", + "title": "WorkerCount", "type": "number" } }, "required": [ - "FromPort", - "ToPort" + "WorkerConfiguration", + "WorkerCount" ], "type": "object" }, - "AWS::Glue::Classifier": { + "AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CsvClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.CsvClassifier", - "markdownDescription": "A classifier for comma-separated values (CSV).", - "title": "CsvClassifier" - }, - "GrokClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.GrokClassifier", - "markdownDescription": "A classifier that uses `grok` .", - "title": "GrokClassifier" - }, - "JsonClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.JsonClassifier", - "markdownDescription": "A classifier for JSON content.", - "title": "JsonClassifier" - }, - "XMLClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.XMLClassifier", - "markdownDescription": "A classifier for XML content.", - "title": "XMLClassifier" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::Classifier" - ], + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfig", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "Type" + "Key", + "Value" ], "type": "object" }, - "AWS::Glue::Classifier.CsvClassifier": { + "AWS::EMRServerless::Application.InteractiveConfiguration": { "additionalProperties": false, "properties": { - "AllowSingleColumn": { - "markdownDescription": "Enables the processing of files that contain only one column.", - "title": "AllowSingleColumn", - "type": "boolean" - }, - "ContainsCustomDatatype": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether the CSV file contains custom data types.", - "title": "ContainsCustomDatatype", - "type": "array" - }, - "ContainsHeader": { - "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", - "title": "ContainsHeader", - "type": "string" - }, - "CustomDatatypeConfigured": { - "markdownDescription": "Enables the configuration of custom data types.", - "title": "CustomDatatypeConfigured", + "LivyEndpointEnabled": { + "markdownDescription": "Enables an Apache Livy endpoint that you can connect to and run interactive jobs.", + "title": "LivyEndpointEnabled", "type": "boolean" }, - "Delimiter": { - "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", - "title": "Delimiter", - "type": "string" - }, - "DisableValueTrimming": { - "markdownDescription": "Specifies not to trim values before identifying the type of column values. The default value is `true` .", - "title": "DisableValueTrimming", + "StudioEnabled": { + "markdownDescription": "Enables you to connect an application to Amazon EMR Studio to run interactive workloads in a notebook.", + "title": "StudioEnabled", "type": "boolean" - }, - "Header": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of strings representing column names.", - "title": "Header", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" - }, - "QuoteSymbol": { - "markdownDescription": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.", - "title": "QuoteSymbol", - "type": "string" } }, "type": "object" }, - "AWS::Glue::Classifier.GrokClassifier": { + "AWS::EMRServerless::Application.LogTypeMapKeyValuePair": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "An identifier of the data format that the classifier matches, such as Twitter, JSON, Omniture logs, and so on.", - "title": "Classification", - "type": "string" - }, - "CustomPatterns": { - "markdownDescription": "Optional custom grok patterns defined by this classifier. For more information, see custom patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", - "title": "CustomPatterns", - "type": "string" - }, - "GrokPattern": { - "markdownDescription": "The grok pattern applied to a data store by this classifier. For more information, see built-in patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", - "title": "GrokPattern", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Value", + "type": "array" } }, "required": [ - "Classification", - "GrokPattern" + "Key", + "Value" ], "type": "object" }, - "AWS::Glue::Classifier.JsonClassifier": { + "AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath` , as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json) .", - "title": "JsonPath", - "type": "string" + "Enabled": { + "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", + "title": "Enabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", + "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", + "title": "EncryptionKeyArn", "type": "string" } }, - "required": [ - "JsonPath" - ], "type": "object" }, - "AWS::Glue::Classifier.XMLClassifier": { + "AWS::EMRServerless::Application.MaximumAllowedResources": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "An identifier of the data format that the classifier matches.", - "title": "Classification", + "Cpu": { + "markdownDescription": "The maximum allowed CPU for an application.", + "title": "Cpu", "type": "string" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", + "Disk": { + "markdownDescription": "The maximum allowed disk for an application.", + "title": "Disk", "type": "string" }, - "RowTag": { - "markdownDescription": "The XML tag designating the element that contains each record in an XML document being parsed. This can't identify a self-closing element (closed by `/>` ). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `` is okay, but `` is not).", - "title": "RowTag", + "Memory": { + "markdownDescription": "The maximum allowed resources for an application.", + "title": "Memory", "type": "string" } }, "required": [ - "Classification", - "RowTag" + "Cpu", + "Memory" ], "type": "object" }, - "AWS::Glue::Connection": { + "AWS::EMRServerless::Application.MonitoringConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CloudWatchLoggingConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.CloudWatchLoggingConfiguration", + "markdownDescription": "The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch.", + "title": "CloudWatchLoggingConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ManagedPersistenceMonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", + "markdownDescription": "The managed log persistence configuration for a job run.", + "title": "ManagedPersistenceMonitoringConfiguration" }, - "Metadata": { - "type": "object" + "PrometheusMonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.PrometheusMonitoringConfiguration", + "markdownDescription": "The monitoring configuration object you can configure to send metrics to Amazon Managed Service for Prometheus for a job run.", + "title": "PrometheusMonitoringConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The ID of the data catalog to create the catalog object in. Currently, this should be the AWS account ID.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId` .", - "title": "CatalogId", - "type": "string" - }, - "ConnectionInput": { - "$ref": "#/definitions/AWS::Glue::Connection.ConnectionInput", - "markdownDescription": "The connection that you want to create.", - "title": "ConnectionInput" - } + "S3MonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", + "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", + "title": "S3MonitoringConfiguration" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" }, - "required": [ - "CatalogId", - "ConnectionInput" - ], - "type": "object" + "markdownDescription": "The array of security group Ids for customer VPC connectivity.", + "title": "SecurityGroupIds", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Glue::Connection" - ], + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of subnet Ids for customer VPC connectivity.", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.PrometheusMonitoringConfiguration": { + "additionalProperties": false, + "properties": { + "RemoteWriteUrl": { + "markdownDescription": "The remote write URL in the Amazon Managed Service for Prometheus workspace to send metrics to.", + "title": "RemoteWriteUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.S3MonitoringConfiguration": { + "additionalProperties": false, + "properties": { + "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", + "title": "EncryptionKeyArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LogUri": { + "markdownDescription": "The Amazon S3 destination URI for log publishing.", + "title": "LogUri", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Glue::Connection.ConnectionInput": { + "AWS::EMRServerless::Application.SchedulerConfiguration": { "additionalProperties": false, "properties": { - "ConnectionProperties": { - "markdownDescription": "These key-value pairs define parameters for the connection.", - "title": "ConnectionProperties", - "type": "object" + "MaxConcurrentRuns": { + "markdownDescription": "The maximum concurrent job runs on this application. If scheduler configuration is enabled on your application, the default value is 15. The valid range is 1 to 1000.", + "title": "MaxConcurrentRuns", + "type": "number" }, - "ConnectionType": { - "markdownDescription": "The type of the connection. Currently, these types are supported:\n\n- `JDBC` - Designates a connection to a database through Java Database Connectivity (JDBC).\n\n`JDBC` Connections use the following ConnectionParameters.\n\n- Required: All of ( `HOST` , `PORT` , `JDBC_ENGINE` ) or `JDBC_CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- Optional: `JDBC_ENFORCE_SSL` , `CUSTOM_JDBC_CERT` , `CUSTOM_JDBC_CERT_STRING` , `SKIP_CUSTOM_JDBC_CERT_VALIDATION` . These parameters are used to configure SSL with JDBC.\n- `KAFKA` - Designates a connection to an Apache Kafka streaming platform.\n\n`KAFKA` Connections use the following ConnectionParameters.\n\n- Required: `KAFKA_BOOTSTRAP_SERVERS` .\n- Optional: `KAFKA_SSL_ENABLED` , `KAFKA_CUSTOM_CERT` , `KAFKA_SKIP_CUSTOM_CERT_VALIDATION` . These parameters are used to configure SSL with `KAFKA` .\n- Optional: `KAFKA_CLIENT_KEYSTORE` , `KAFKA_CLIENT_KEYSTORE_PASSWORD` , `KAFKA_CLIENT_KEY_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEYSTORE_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEY_PASSWORD` . These parameters are used to configure TLS client configuration with SSL in `KAFKA` .\n- Optional: `KAFKA_SASL_MECHANISM` . Can be specified as `SCRAM-SHA-512` , `GSSAPI` , or `AWS_MSK_IAM` .\n- Optional: `KAFKA_SASL_SCRAM_USERNAME` , `KAFKA_SASL_SCRAM_PASSWORD` , `ENCRYPTED_KAFKA_SASL_SCRAM_PASSWORD` . These parameters are used to configure SASL/SCRAM-SHA-512 authentication with `KAFKA` .\n- Optional: `KAFKA_SASL_GSSAPI_KEYTAB` , `KAFKA_SASL_GSSAPI_KRB5_CONF` , `KAFKA_SASL_GSSAPI_SERVICE` , `KAFKA_SASL_GSSAPI_PRINCIPAL` . These parameters are used to configure SASL/GSSAPI authentication with `KAFKA` .\n- `MONGODB` - Designates a connection to a MongoDB document database.\n\n`MONGODB` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `VIEW_VALIDATION_REDSHIFT` - Designates a connection used for view validation by Amazon Redshift.\n- `VIEW_VALIDATION_ATHENA` - Designates a connection used for view validation by Amazon Athena.\n- `NETWORK` - Designates a network connection to a data source within an Amazon Virtual Private Cloud environment (Amazon VPC).\n\n`NETWORK` Connections do not require ConnectionParameters. Instead, provide a PhysicalConnectionRequirements.\n- `MARKETPLACE` - Uses configuration settings contained in a connector purchased from AWS Marketplace to read from and write to data stores that are not natively supported by AWS Glue .\n\n`MARKETPLACE` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTOR_TYPE` , `CONNECTOR_URL` , `CONNECTOR_CLASS_NAME` , `CONNECTION_URL` .\n- Required for `JDBC` `CONNECTOR_TYPE` connections: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `CUSTOM` - Uses configuration settings contained in a custom connector to read from and write to data stores that are not natively supported by AWS Glue .\n\nAdditionally, a `ConnectionType` for the following SaaS connectors is supported:\n\n- `FACEBOOKADS` - Designates a connection to Facebook Ads.\n- `GOOGLEADS` - Designates a connection to Google Ads.\n- `GOOGLESHEETS` - Designates a connection to Google Sheets.\n- `GOOGLEANALYTICS4` - Designates a connection to Google Analytics 4.\n- `HUBSPOT` - Designates a connection to HubSpot.\n- `INSTAGRAMADS` - Designates a connection to Instagram Ads.\n- `INTERCOM` - Designates a connection to Intercom.\n- `JIRACLOUD` - Designates a connection to Jira Cloud.\n- `MARKETO` - Designates a connection to Adobe Marketo Engage.\n- `NETSUITEERP` - Designates a connection to Oracle NetSuite.\n- `SALESFORCE` - Designates a connection to Salesforce using OAuth authentication.\n- `SALESFORCEMARKETINGCLOUD` - Designates a connection to Salesforce Marketing Cloud.\n- `SALESFORCEPARDOT` - Designates a connection to Salesforce Marketing Cloud Account Engagement (MCAE).\n- `SAPODATA` - Designates a connection to SAP OData.\n- `SERVICENOW` - Designates a connection to ServiceNow.\n- `SLACK` - Designates a connection to Slack.\n- `SNAPCHATADS` - Designates a connection to Snapchat Ads.\n- `STRIPE` - Designates a connection to Stripe.\n- `ZENDESK` - Designates a connection to Zendesk.\n- `ZOHOCRM` - Designates a connection to Zoho CRM.\n\nFor more information on the connection parameters needed for a particular connector, see the documentation for the connector in [Adding an AWS Glue connection](https://docs.aws.amazon.com/glue/latest/dg/console-connections.html) in the AWS Glue User Guide.\n\n`SFTP` is not supported.\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue , consult [AWS Glue connection properties](https://docs.aws.amazon.com/glue/latest/dg/connection-defining.html) .\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue Studio, consult [Using connectors and connections](https://docs.aws.amazon.com/glue/latest/ug/connectors-chapter.html) .", - "title": "ConnectionType", + "QueueTimeoutMinutes": { + "markdownDescription": "The maximum duration in minutes for the job in QUEUED state. If scheduler configuration is enabled on your application, the default value is 360 minutes (6 hours). The valid range is from 15 to 720.", + "title": "QueueTimeoutMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.WorkerConfiguration": { + "additionalProperties": false, + "properties": { + "Cpu": { + "markdownDescription": "The CPU requirements of the worker configuration. Each worker can have 1, 2, 4, 8, or 16 vCPUs.", + "title": "Cpu", "type": "string" }, - "Description": { - "markdownDescription": "The description of the connection.", - "title": "Description", + "Disk": { + "markdownDescription": "The disk requirements of the worker configuration.", + "title": "Disk", "type": "string" }, - "MatchCriteria": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of criteria that can be used in selecting this connection.", - "title": "MatchCriteria", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the connection.", - "title": "Name", + "DiskType": { + "markdownDescription": "The disk type for every worker instance of the work type. Shuffle optimized disks have higher performance characteristics and are better for shuffle heavy workloads. Default is `STANDARD` .", + "title": "DiskType", "type": "string" }, - "PhysicalConnectionRequirements": { - "$ref": "#/definitions/AWS::Glue::Connection.PhysicalConnectionRequirements", - "markdownDescription": "The physical connection requirements, such as virtual private cloud (VPC) and `SecurityGroup` , that are needed to successfully make this connection.", - "title": "PhysicalConnectionRequirements" + "Memory": { + "markdownDescription": "The memory requirements of the worker configuration.", + "title": "Memory", + "type": "string" } }, "required": [ - "ConnectionType" + "Cpu", + "Memory" ], "type": "object" }, - "AWS::Glue::Connection.PhysicalConnectionRequirements": { + "AWS::EMRServerless::Application.WorkerTypeSpecificationInput": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The connection's Availability Zone.", - "title": "AvailabilityZone", - "type": "string" - }, - "SecurityGroupIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group ID list used by the connection.", - "title": "SecurityGroupIdList", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet ID used by the connection.", - "title": "SubnetId", - "type": "string" + "ImageConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", + "markdownDescription": "The image configuration for a worker type.", + "title": "ImageConfiguration" } }, "type": "object" }, - "AWS::Glue::Crawler": { + "AWS::EVS::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -105326,89 +112320,98 @@ "Properties": { "additionalProperties": false, "properties": { - "Classifiers": { + "ConnectivityInfo": { + "$ref": "#/definitions/AWS::EVS::Environment.ConnectivityInfo", + "markdownDescription": "The connectivity configuration for the environment. Amazon EVS requires that you specify two route server peer IDs. During environment creation, the route server endpoints peer with the NSX uplink VLAN for connectivity to the NSX overlay network.", + "title": "ConnectivityInfo" + }, + "EnvironmentName": { + "markdownDescription": "The name of the environment.", + "title": "EnvironmentName", + "type": "string" + }, + "Hosts": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EVS::Environment.HostInfoForCreate" }, - "markdownDescription": "A list of UTF-8 strings that specify the names of custom classifiers that are associated with the crawler.", - "title": "Classifiers", + "markdownDescription": "Required for environment resource creation.", + "title": "Hosts", "type": "array" }, - "Configuration": { - "markdownDescription": "Crawler configuration information. This versioned JSON string allows users to specify aspects of a crawler's behavior. For more information, see [Configuring a Crawler](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html) .", - "title": "Configuration", - "type": "string" - }, - "CrawlerSecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used by this crawler.", - "title": "CrawlerSecurityConfiguration", - "type": "string" + "InitialVlans": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlans", + "markdownDescription": "> Amazon EVS is in public preview release and is subject to change. \n\nThe initial VLAN subnets for the environment. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC.\n\nRequired for environment resource creation.", + "title": "InitialVlans" }, - "DatabaseName": { - "markdownDescription": "The name of the database in which the crawler's output is stored.", - "title": "DatabaseName", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key ID that AWS Secrets Manager uses to encrypt secrets that are associated with the environment. These secrets contain the VCF credentials that are needed to install vCenter Server, NSX, and SDDC Manager.\n\nBy default, Amazon EVS use the AWS Secrets Manager managed key `aws/secretsmanager` . You can also specify a customer managed key.", + "title": "KmsKeyId", "type": "string" }, - "Description": { - "markdownDescription": "A description of the crawler.", - "title": "Description", - "type": "string" + "LicenseInfo": { + "$ref": "#/definitions/AWS::EVS::Environment.LicenseInfo", + "markdownDescription": "The license information that Amazon EVS requires to create an environment. Amazon EVS requires two license keys: a VCF solution key and a vSAN license key. The VCF solution key must cover a minimum of 256 cores. The vSAN license key must provide at least 110 TiB of vSAN capacity.", + "title": "LicenseInfo" }, - "LakeFormationConfiguration": { - "$ref": "#/definitions/AWS::Glue::Crawler.LakeFormationConfiguration", - "markdownDescription": "Specifies whether the crawler should use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", - "title": "LakeFormationConfiguration" + "ServiceAccessSecurityGroups": { + "$ref": "#/definitions/AWS::EVS::Environment.ServiceAccessSecurityGroups", + "markdownDescription": "The security groups that allow traffic between the Amazon EVS control plane and your VPC for service access. If a security group is not specified, Amazon EVS uses the default security group in your account for service access.", + "title": "ServiceAccessSecurityGroups" }, - "Name": { - "markdownDescription": "The name of the crawler.", - "title": "Name", + "ServiceAccessSubnetId": { + "markdownDescription": "The subnet that is used to establish connectivity between the Amazon EVS control plane and VPC. Amazon EVS uses this subnet to perform validations and create the environment.", + "title": "ServiceAccessSubnetId", "type": "string" }, - "RecrawlPolicy": { - "$ref": "#/definitions/AWS::Glue::Crawler.RecrawlPolicy", - "markdownDescription": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.", - "title": "RecrawlPolicy" - }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that's used to access customer resources, such as Amazon Simple Storage Service (Amazon S3) data.", - "title": "Role", + "SiteId": { + "markdownDescription": "The Broadcom Site ID that is associated with your Amazon EVS environment. Amazon EVS uses the Broadcom Site ID that you provide to meet Broadcom VCF license usage reporting requirements for Amazon EVS.", + "title": "SiteId", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::Glue::Crawler.Schedule", - "markdownDescription": "For scheduled crawlers, the schedule when the crawler runs.", - "title": "Schedule" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "title": "Tags", + "type": "array" }, - "SchemaChangePolicy": { - "$ref": "#/definitions/AWS::Glue::Crawler.SchemaChangePolicy", - "markdownDescription": "The policy that specifies update and delete behaviors for the crawler. The policy tells the crawler what to do in the event that it detects a change in a table that already exists in the customer's database at the time of the crawl. The `SchemaChangePolicy` does not affect whether or how new tables and partitions are added. New tables and partitions are always created regardless of the `SchemaChangePolicy` on a crawler.\n\nThe SchemaChangePolicy consists of two components, `UpdateBehavior` and `DeleteBehavior` .", - "title": "SchemaChangePolicy" + "TermsAccepted": { + "markdownDescription": "Customer confirmation that the customer has purchased and will continue to maintain the required number of VCF software licenses to cover all physical processor cores in the Amazon EVS environment. Information about your VCF software in Amazon EVS will be shared with Broadcom to verify license compliance.", + "title": "TermsAccepted", + "type": "boolean" }, - "TablePrefix": { - "markdownDescription": "The prefix added to the names of tables that are created.", - "title": "TablePrefix", - "type": "string" + "VcfHostnames": { + "$ref": "#/definitions/AWS::EVS::Environment.VcfHostnames", + "markdownDescription": "The DNS hostnames to be used by the VCF management appliances in your environment.\n\nFor environment creation to be successful, each hostname entry must resolve to a domain name that you've registered in your DNS service of choice and configured in the DHCP option set of your VPC. DNS hostnames cannot be changed after environment creation has started.", + "title": "VcfHostnames" }, - "Tags": { - "markdownDescription": "The tags to use with this crawler.", - "title": "Tags", - "type": "object" + "VcfVersion": { + "markdownDescription": "The VCF version of the environment.", + "title": "VcfVersion", + "type": "string" }, - "Targets": { - "$ref": "#/definitions/AWS::Glue::Crawler.Targets", - "markdownDescription": "A collection of targets to crawl.", - "title": "Targets" + "VpcId": { + "markdownDescription": "The VPC associated with the environment.", + "title": "VpcId", + "type": "string" } }, "required": [ - "Role", - "Targets" + "ConnectivityInfo", + "LicenseInfo", + "ServiceAccessSubnetId", + "SiteId", + "TermsAccepted", + "VcfHostnames", + "VcfVersion", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Crawler" + "AWS::EVS::Environment" ], "type": "string" }, @@ -105427,308 +112430,274 @@ ], "type": "object" }, - "AWS::Glue::Crawler.CatalogTarget": { + "AWS::EVS::Environment.Check": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a `Catalog` connection type paired with a `NETWORK` Connection type.", - "title": "ConnectionName", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database to be synchronized.", - "title": "DatabaseName", + "ImpairedSince": { + "markdownDescription": "The time when environment health began to be impaired.", + "title": "ImpairedSince", "type": "string" }, - "DlqEventQueueArn": { - "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", - "title": "DlqEventQueueArn", + "Result": { + "markdownDescription": "The check result.", + "title": "Result", "type": "string" }, - "EventQueueArn": { - "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", - "title": "EventQueueArn", + "Type": { + "markdownDescription": "The check type. Amazon EVS performs the following checks.\n\n- `KEY_REUSE` : checks that the VCF license key is not used by another Amazon EVS environment. This check fails if a used license is added to the environment.\n- `KEY_COVERAGE` : checks that your VCF license key allocates sufficient vCPU cores for all deployed hosts. The check fails when any assigned hosts in the EVS environment are not covered by license keys, or when any unassigned hosts cannot be covered by available vCPU cores in keys.\n- `REACHABILITY` : checks that the Amazon EVS control plane has a persistent connection to SDDC Manager. If Amazon EVS cannot reach the environment, this check fails.\n- `HOST_COUNT` : Checks that your environment has a minimum of 4 hosts, which is a requirement for VCF 5.2.1.\n\nIf this check fails, you will need to add hosts so that your environment meets this minimum requirement. Amazon EVS only supports environments with 4-16 hosts.", + "title": "Type", "type": "string" - }, - "Tables": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the tables to be synchronized.", - "title": "Tables", - "type": "array" } }, + "required": [ + "Result", + "Type" + ], "type": "object" }, - "AWS::Glue::Crawler.DeltaTarget": { + "AWS::EVS::Environment.ConnectivityInfo": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Delta table target.", - "title": "ConnectionName", - "type": "string" - }, - "CreateNativeDeltaTable": { - "markdownDescription": "Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly.", - "title": "CreateNativeDeltaTable", - "type": "boolean" - }, - "DeltaTables": { + "PrivateRouteServerPeerings": { "items": { "type": "string" }, - "markdownDescription": "A list of the Amazon S3 paths to the Delta tables.", - "title": "DeltaTables", + "markdownDescription": "The unique IDs for private route server peers.", + "title": "PrivateRouteServerPeerings", "type": "array" - }, - "WriteManifest": { - "markdownDescription": "Specifies whether to write the manifest files to the Delta table path.", - "title": "WriteManifest", - "type": "boolean" } }, + "required": [ + "PrivateRouteServerPeerings" + ], "type": "object" }, - "AWS::Glue::Crawler.DynamoDBTarget": { + "AWS::EVS::Environment.HostInfoForCreate": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The name of the DynamoDB table to crawl.", - "title": "Path", + "DedicatedHostId": { + "markdownDescription": "The unique ID of the Amazon EC2 Dedicated Host.", + "title": "DedicatedHostId", "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.IcebergTarget": { - "additionalProperties": false, - "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Iceberg target.", - "title": "ConnectionName", + }, + "HostName": { + "markdownDescription": "The DNS hostname of the host. DNS hostnames for hosts must be unique across Amazon EVS environments and within VCF.", + "title": "HostName", "type": "string" }, - "Exclusions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of global patterns used to exclude from the crawl.", - "title": "Exclusions", - "type": "array" + "InstanceType": { + "markdownDescription": "The EC2 instance type that represents the host.", + "title": "InstanceType", + "type": "string" }, - "MaximumTraversalDepth": { - "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time.", - "title": "MaximumTraversalDepth", - "type": "number" + "KeyName": { + "markdownDescription": "The name of the SSH key that is used to access the host.", + "title": "KeyName", + "type": "string" }, - "Paths": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix .", - "title": "Paths", - "type": "array" + "PlacementGroupId": { + "markdownDescription": "The unique ID of the placement group where the host is placed.", + "title": "PlacementGroupId", + "type": "string" } }, + "required": [ + "HostName", + "InstanceType", + "KeyName" + ], "type": "object" }, - "AWS::Glue::Crawler.JdbcTarget": { + "AWS::EVS::Environment.InitialVlanInfo": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the JDBC target.", - "title": "ConnectionName", - "type": "string" - }, - "Exclusions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", - "title": "Exclusions", - "type": "array" - }, - "Path": { - "markdownDescription": "The path of the JDBC target.", - "title": "Path", + "Cidr": { + "markdownDescription": "The CIDR block that you provide to create an Amazon EVS VLAN subnet. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC.", + "title": "Cidr", "type": "string" } }, + "required": [ + "Cidr" + ], "type": "object" }, - "AWS::Glue::Crawler.LakeFormationConfiguration": { + "AWS::EVS::Environment.InitialVlans": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "Required for cross account crawls. For same account crawls as the target data, this can be left as null.", - "title": "AccountId", - "type": "string" + "EdgeVTep": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The edge VTEP VLAN subnet. This VLAN subnet manages traffic flowing between the internal network and external networks, including internet access and other site connections.", + "title": "EdgeVTep" }, - "UseLakeFormationCredentials": { - "markdownDescription": "Specifies whether to use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", - "title": "UseLakeFormationCredentials", - "type": "boolean" + "ExpansionVlan1": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.", + "title": "ExpansionVlan1" + }, + "ExpansionVlan2": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.", + "title": "ExpansionVlan2" + }, + "Hcx": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The HCX VLAN subnet. This VLAN subnet allows the HCX Interconnnect (IX) and HCX Network Extension (NE) to reach their peers and enable HCX Service Mesh creation.", + "title": "Hcx" + }, + "NsxUpLink": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The NSX uplink VLAN subnet. This VLAN subnet allows connectivity to the NSX overlay network.", + "title": "NsxUpLink" + }, + "VMotion": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The vMotion VLAN subnet. This VLAN subnet carries traffic for vSphere vMotion.", + "title": "VMotion" + }, + "VSan": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The vSAN VLAN subnet. This VLAN subnet carries the communication between ESXi hosts to implement a vSAN shared storage pool.", + "title": "VSan" + }, + "VTep": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The VTEP VLAN subnet. This VLAN subnet handles internal network traffic between virtual machines within a VCF instance.", + "title": "VTep" + }, + "VmManagement": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The VM management VLAN subnet. This VLAN subnet carries traffic for vSphere virtual machines.", + "title": "VmManagement" + }, + "VmkManagement": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The host VMkernel management VLAN subnet. This VLAN subnet carries traffic for managing ESXi hosts and communicating with VMware vCenter Server.", + "title": "VmkManagement" } }, + "required": [ + "EdgeVTep", + "ExpansionVlan1", + "ExpansionVlan2", + "Hcx", + "NsxUpLink", + "VMotion", + "VSan", + "VTep", + "VmManagement", + "VmkManagement" + ], "type": "object" }, - "AWS::Glue::Crawler.MongoDBTarget": { + "AWS::EVS::Environment.LicenseInfo": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.", - "title": "ConnectionName", + "SolutionKey": { + "markdownDescription": "The VCF solution key. This license unlocks VMware VCF product features, including vSphere, NSX, SDDC Manager, and vCenter Server. The VCF solution key must cover a minimum of 256 cores.", + "title": "SolutionKey", "type": "string" }, - "Path": { - "markdownDescription": "The path of the Amazon DocumentDB or MongoDB target (database/collection).", - "title": "Path", + "VsanKey": { + "markdownDescription": "The VSAN license key. This license unlocks vSAN features. The vSAN license key must provide at least 110 TiB of vSAN capacity.", + "title": "VsanKey", "type": "string" } }, + "required": [ + "SolutionKey", + "VsanKey" + ], "type": "object" }, - "AWS::Glue::Crawler.RecrawlPolicy": { + "AWS::EVS::Environment.Secret": { "additionalProperties": false, "properties": { - "RecrawlBehavior": { - "markdownDescription": "Specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVERYTHING` specifies crawling the entire dataset again.\n\nA value of `CRAWL_NEW_FOLDERS_ONLY` specifies crawling only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVENT_MODE` specifies crawling only the changes identified by Amazon S3 events.", - "title": "RecrawlBehavior", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret.", + "title": "SecretArn", "type": "string" } }, "type": "object" }, - "AWS::Glue::Crawler.S3Target": { + "AWS::EVS::Environment.ServiceAccessSecurityGroups": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC).", - "title": "ConnectionName", - "type": "string" - }, - "DlqEventQueueArn": { - "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", - "title": "DlqEventQueueArn", - "type": "string" - }, - "EventQueueArn": { - "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", - "title": "EventQueueArn", - "type": "string" - }, - "Exclusions": { + "SecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", - "title": "Exclusions", + "markdownDescription": "The security groups that allow service access.", + "title": "SecurityGroups", "type": "array" - }, - "Path": { - "markdownDescription": "The path to the Amazon S3 target.", - "title": "Path", - "type": "string" - }, - "SampleSize": { - "markdownDescription": "Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249.", - "title": "SampleSize", - "type": "number" } }, "type": "object" }, - "AWS::Glue::Crawler.Schedule": { + "AWS::EVS::Environment.VcfHostnames": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", - "title": "ScheduleExpression", + "CloudBuilder": { + "markdownDescription": "The hostname for VMware Cloud Builder.", + "title": "CloudBuilder", "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.SchemaChangePolicy": { - "additionalProperties": false, - "properties": { - "DeleteBehavior": { - "markdownDescription": "The deletion behavior when the crawler finds a deleted object.\n\nA value of `LOG` specifies that if a table or partition is found to no longer exist, do not delete it, only log that it was found to no longer exist.\n\nA value of `DELETE_FROM_DATABASE` specifies that if a table or partition is found to have been removed, delete it from the database.\n\nA value of `DEPRECATE_IN_DATABASE` specifies that if a table has been found to no longer exist, to add a property to the table that says \"DEPRECATED\" and includes a timestamp with the time of deprecation.", - "title": "DeleteBehavior", + }, + "Nsx": { + "markdownDescription": "The VMware NSX hostname.", + "title": "Nsx", "type": "string" }, - "UpdateBehavior": { - "markdownDescription": "The update behavior when the crawler finds a changed schema.\n\nA value of `LOG` specifies that if a table or a partition already exists, and a change is detected, do not update it, only log that a change was detected. Add new tables and new partitions (including on existing tables).\n\nA value of `UPDATE_IN_DATABASE` specifies that if a table or partition already exists, and a change is detected, update it. Add new tables and partitions.", - "title": "UpdateBehavior", + "NsxEdge1": { + "markdownDescription": "The hostname for the first NSX Edge node.", + "title": "NsxEdge1", "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.Targets": { - "additionalProperties": false, - "properties": { - "CatalogTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.CatalogTarget" - }, - "markdownDescription": "Specifies AWS Glue Data Catalog targets.", - "title": "CatalogTargets", - "type": "array" }, - "DeltaTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.DeltaTarget" - }, - "markdownDescription": "Specifies an array of Delta data store targets.", - "title": "DeltaTargets", - "type": "array" + "NsxEdge2": { + "markdownDescription": "The hostname for the second NSX Edge node.", + "title": "NsxEdge2", + "type": "string" }, - "DynamoDBTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.DynamoDBTarget" - }, - "markdownDescription": "Specifies Amazon DynamoDB targets.", - "title": "DynamoDBTargets", - "type": "array" + "NsxManager1": { + "markdownDescription": "The hostname for the first VMware NSX Manager virtual machine (VM).", + "title": "NsxManager1", + "type": "string" }, - "IcebergTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" - }, - "markdownDescription": "Specifies Apache Iceberg data store targets.", - "title": "IcebergTargets", - "type": "array" + "NsxManager2": { + "markdownDescription": "The hostname for the second VMware NSX Manager virtual machine (VM).", + "title": "NsxManager2", + "type": "string" }, - "JdbcTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" - }, - "markdownDescription": "Specifies JDBC targets.", - "title": "JdbcTargets", - "type": "array" + "NsxManager3": { + "markdownDescription": "The hostname for the third VMware NSX Manager virtual machine (VM).", + "title": "NsxManager3", + "type": "string" }, - "MongoDBTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.MongoDBTarget" - }, - "markdownDescription": "A list of Mongo DB targets.", - "title": "MongoDBTargets", - "type": "array" + "SddcManager": { + "markdownDescription": "The hostname for SDDC Manager.", + "title": "SddcManager", + "type": "string" }, - "S3Targets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.S3Target" - }, - "markdownDescription": "Specifies Amazon Simple Storage Service (Amazon S3) targets.", - "title": "S3Targets", - "type": "array" + "VCenter": { + "markdownDescription": "The VMware vCenter hostname.", + "title": "VCenter", + "type": "string" } }, + "required": [ + "CloudBuilder", + "Nsx", + "NsxEdge1", + "NsxEdge2", + "NsxManager1", + "NsxManager2", + "NsxManager3", + "SddcManager", + "VCenter" + ], "type": "object" }, - "AWS::Glue::CustomEntityType": { + "AWS::ElastiCache::CacheCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -105763,107 +112732,160 @@ "Properties": { "additionalProperties": false, "properties": { - "ContextWords": { + "AZMode": { + "markdownDescription": "Specifies whether the nodes in this Memcached cluster are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region.\n\nThis parameter is only supported for Memcached clusters.\n\nIf the `AZMode` and `PreferredAvailabilityZones` are not specified, ElastiCache assumes `single-az` mode.", + "title": "AZMode", + "type": "string" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "CacheNodeType": { + "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. Changing the CacheNodeType of a Memcached instance is currently not supported. If you need to scale using Memcached, we recommend forcing a replacement update by changing the `LogicalResourceId` of the resource.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.8xlarge` , `cache.m6g.12xlarge` , `cache.m6g.16xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.8xlarge` , `cache.r6g.12xlarge` , `cache.r6g.16xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n\n*Additional node type info*\n\n- All current generation instance types are created in Amazon VPC by default.\n- Valkey and Redis OSS append-only files (AOF) are not supported for T1 or T2 instances.\n- Valkey and Redis OSS Multi-AZ with automatic failover is not supported on T1 instances.\n- Redis OSS configuration variables `appendonly` and `appendfsync` are not supported on Redis OSS version 2.8.22 and later.", + "title": "CacheNodeType", + "type": "string" + }, + "CacheParameterGroupName": { + "markdownDescription": "The name of the parameter group to associate with this cluster. If this argument is omitted, the default parameter group for the specified engine is used. You cannot use any parameter group which has `cluster-enabled='yes'` when creating a cluster.", + "title": "CacheParameterGroupName", + "type": "string" + }, + "CacheSecurityGroupNames": { "items": { "type": "string" }, - "markdownDescription": "A list of context words. If none of these context words are found within the vicinity of the regular expression the data will not be detected as sensitive data.\n\nIf no context words are passed only a regular expression is checked.", - "title": "ContextWords", + "markdownDescription": "A list of security group names to associate with this cluster.\n\nUse this parameter only when you are creating a cluster outside of an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "CacheSecurityGroupNames", "type": "array" }, - "Name": { - "markdownDescription": "A name for the custom pattern that allows it to be retrieved or deleted later. This name must be unique per AWS account.", - "title": "Name", + "CacheSubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see `[AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .`", + "title": "CacheSubnetGroupName", "type": "string" }, - "RegexString": { - "markdownDescription": "A regular expression string that is used for detecting sensitive data in a custom pattern.", - "title": "RegexString", + "ClusterName": { + "markdownDescription": "A name for the cache cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the cache cluster. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe name must contain 1 to 50 alphanumeric characters or hyphens. The name must start with a letter and cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ClusterName", "type": "string" }, - "Tags": { - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", - "title": "Tags", - "type": "object" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::CustomEntityType" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Glue::DataCatalogEncryptionSettings": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "Engine": { + "markdownDescription": "The name of the cache engine to be used for this cluster.\n\nValid values for this parameter are: `memcached` | valkey | `redis`", + "title": "Engine", "type": "string" }, - { + "EngineVersion": { + "markdownDescription": "The version number of the cache engine to be used for this cluster. To view the supported cache engine versions, use the DescribeCacheEngineVersions operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ), but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", + "title": "EngineVersion", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The network type you choose when modifying a cluster, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "IpDiscovery", + "type": "string" + }, + "LogDeliveryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest" + }, + "markdownDescription": "Specifies the destination, format and type of the logs.", + "title": "LogDeliveryConfigurations", + "type": "array" + }, + "NetworkType": { + "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "NetworkType", + "type": "string" + }, + "NotificationTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", + "title": "NotificationTopicArn", + "type": "string" + }, + "NumCacheNodes": { + "markdownDescription": "The number of cache nodes that the cache cluster should have.\n\n> However, if the `PreferredAvailabilityZone` and `PreferredAvailabilityZones` properties were not previously specified and you don't specify any new values, an update requires [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NumCacheNodes", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which each of the cache nodes accepts connections.", + "title": "Port", + "type": "number" + }, + "PreferredAvailabilityZone": { + "markdownDescription": "The EC2 Availability Zone in which the cluster is created.\n\nAll nodes belonging to this cluster are placed in the preferred Availability Zone. If you want to create your nodes across multiple Availability Zones, use `PreferredAvailabilityZones` .\n\nDefault: System chosen Availability Zone.", + "title": "PreferredAvailabilityZone", + "type": "string" + }, + "PreferredAvailabilityZones": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "A list of the Availability Zones in which cache nodes are created. The order of the zones in the list is not important.\n\nThis option is only supported on Memcached.\n\n> If you are creating your cluster in an Amazon VPC (recommended) you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheNodes` . \n\nIf you want all the nodes in the same Availability Zone, use `PreferredAvailabilityZone` instead, or repeat the Availability Zone multiple times in the list.\n\nDefault: System chosen Availability Zones.", + "title": "PreferredAvailabilityZones", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the settings are created.", - "title": "CatalogId", + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", + "title": "PreferredMaintenanceWindow", "type": "string" }, - "DataCatalogEncryptionSettings": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings", - "markdownDescription": "Contains configuration information for maintaining Data Catalog security.", - "title": "DataCatalogEncryptionSettings" + "SnapshotArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A single-element string list containing an Amazon Resource Name (ARN) that uniquely identifies a Valkey or Redis OSS RDB snapshot file stored in Amazon S3. The snapshot file is used to populate the node group (shard). The Amazon S3 object name in the ARN cannot contain any commas.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", + "title": "SnapshotArns", + "type": "array" + }, + "SnapshotName": { + "markdownDescription": "The name of a Valkey or Redis OSS snapshot from which to restore data into the new node group (shard). The snapshot status changes to `restoring` while the new node group (shard) is being created.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot taken today is retained for 5 days before being deleted.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nDefault: 0 (i.e., automatic backups are disabled for this cache cluster).", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", + "title": "SnapshotWindow", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be added to this resource.", + "title": "Tags", + "type": "array" + }, + "TransitEncryptionEnabled": { + "markdownDescription": "A flag that enables in-transit encryption when set to true.", + "title": "TransitEncryptionEnabled", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC security groups associated with the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "VpcSecurityGroupIds", + "type": "array" } }, "required": [ - "CatalogId", - "DataCatalogEncryptionSettings" + "CacheNodeType", + "Engine", + "NumCacheNodes" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::DataCatalogEncryptionSettings" + "AWS::ElastiCache::CacheCluster" ], "type": "string" }, @@ -105882,60 +112904,83 @@ ], "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption": { + "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "An AWS KMS key that is used to encrypt the connection password.\n\nIf connection password protection is enabled, the caller of `CreateConnection` and `UpdateConnection` needs at least `kms:Encrypt` permission on the specified AWS KMS key, to encrypt passwords before storing them in the Data Catalog. You can set the decrypt permission to enable or restrict access on the password key according to your security requirements.", - "title": "KmsKeyId", + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group.", + "title": "LogGroup", "type": "string" - }, - "ReturnConnectionPasswordEncrypted": { - "markdownDescription": "When the `ReturnConnectionPasswordEncrypted` flag is set to \"true\", passwords remain encrypted in the responses of `GetConnection` and `GetConnections` . This encryption takes effect independently from catalog encryption.", - "title": "ReturnConnectionPasswordEncrypted", - "type": "boolean" } }, + "required": [ + "LogGroup" + ], "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings": { + "AWS::ElastiCache::CacheCluster.DestinationDetails": { "additionalProperties": false, "properties": { - "ConnectionPasswordEncryption": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption", - "markdownDescription": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of `CreateConnection` or `UpdateConnection` and store it in the `ENCRYPTED_PASSWORD` field in the connection properties. You can enable catalog encryption or only password encryption.", - "title": "ConnectionPasswordEncryption" + "CloudWatchLogsDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails", + "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", + "title": "CloudWatchLogsDetails" }, - "EncryptionAtRest": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest", - "markdownDescription": "Specifies the encryption-at-rest configuration for the Data Catalog.", - "title": "EncryptionAtRest" + "KinesisFirehoseDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails", + "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", + "title": "KinesisFirehoseDetails" } }, "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest": { + "AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails": { "additionalProperties": false, "properties": { - "CatalogEncryptionMode": { - "markdownDescription": "The encryption-at-rest mode for encrypting Data Catalog data.", - "title": "CatalogEncryptionMode", + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", + "title": "DeliveryStream", + "type": "string" + } + }, + "required": [ + "DeliveryStream" + ], + "type": "object" + }, + "AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest": { + "additionalProperties": false, + "properties": { + "DestinationDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.DestinationDetails", + "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "title": "DestinationDetails" + }, + "DestinationType": { + "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", + "title": "DestinationType", "type": "string" }, - "CatalogEncryptionServiceRole": { - "markdownDescription": "The role that AWS Glue assumes to encrypt and decrypt the Data Catalog objects on the caller's behalf.", - "title": "CatalogEncryptionServiceRole", + "LogFormat": { + "markdownDescription": "Valid values are either `json` or `text` .", + "title": "LogFormat", "type": "string" }, - "SseAwsKmsKeyId": { - "markdownDescription": "The ID of the AWS KMS key to use for encryption at rest.", - "title": "SseAwsKmsKeyId", + "LogType": { + "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", + "title": "LogType", "type": "string" } }, + "required": [ + "DestinationDetails", + "DestinationType", + "LogFormat", + "LogType" + ], "type": "object" }, - "AWS::Glue::DataQualityRuleset": { + "AWS::ElastiCache::GlobalReplicationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -105970,130 +113015,71 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "Used for idempotency and is recommended to be set to a random ID (such as a UUID) to avoid creating or starting multiple instances of the same resource.", - "title": "ClientToken", + "AutomaticFailoverEnabled": { + "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.", + "title": "AutomaticFailoverEnabled", + "type": "boolean" + }, + "CacheNodeType": { + "markdownDescription": "The cache node type of the Global datastore", + "title": "CacheNodeType", "type": "string" }, - "Description": { - "markdownDescription": "A description of the data quality ruleset.", - "title": "Description", + "CacheParameterGroupName": { + "markdownDescription": "The name of the cache parameter group to use with the Global datastore. It must be compatible with the major engine version used by the Global datastore.", + "title": "CacheParameterGroupName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the data quality ruleset.", - "title": "Name", + "Engine": { + "markdownDescription": "The ElastiCache engine. For Valkey or Redis OSS only.", + "title": "Engine", "type": "string" }, - "Ruleset": { - "markdownDescription": "A Data Quality Definition Language (DQDL) ruleset. For more information see the AWS Glue Developer Guide.", - "title": "Ruleset", + "EngineVersion": { + "markdownDescription": "The Elasticache Valkey or Redis OSS engine version.", + "title": "EngineVersion", "type": "string" }, - "Tags": { - "markdownDescription": "A list of tags applied to the data quality ruleset.", - "title": "Tags", - "type": "object" + "GlobalNodeGroupCount": { + "markdownDescription": "The number of node groups that comprise the Global Datastore.", + "title": "GlobalNodeGroupCount", + "type": "number" }, - "TargetTable": { - "$ref": "#/definitions/AWS::Glue::DataQualityRuleset.DataQualityTargetTable", - "markdownDescription": "An object representing an AWS Glue table.", - "title": "TargetTable" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::DataQualityRuleset" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Glue::DataQualityRuleset.DataQualityTargetTable": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database where the AWS Glue table exists.", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of the AWS Glue table.", - "title": "TableName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Database": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "GlobalReplicationGroupDescription": { + "markdownDescription": "The optional description of the Global datastore", + "title": "GlobalReplicationGroupDescription", "type": "string" }, - { + "GlobalReplicationGroupIdSuffix": { + "markdownDescription": "The suffix name of a Global Datastore. The suffix guarantees uniqueness of the Global Datastore name across multiple regions.", + "title": "GlobalReplicationGroupIdSuffix", + "type": "string" + }, + "Members": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember" }, + "markdownDescription": "The replication groups that comprise the Global datastore.", + "title": "Members", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The AWS account ID for the account in which to create the catalog object.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", - "title": "CatalogId", - "type": "string" }, - "DatabaseInput": { - "$ref": "#/definitions/AWS::Glue::Database.DatabaseInput", - "markdownDescription": "The metadata for the database.", - "title": "DatabaseInput" + "RegionalConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration" + }, + "markdownDescription": "The Regions that comprise the Global Datastore.", + "title": "RegionalConfigurations", + "type": "array" } }, "required": [ - "CatalogId", - "DatabaseInput" + "Members" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Database" + "AWS::ElastiCache::GlobalReplicationGroup" ], "type": "string" }, @@ -106112,118 +113098,71 @@ ], "type": "object" }, - "AWS::Glue::Database.DataLakePrincipal": { - "additionalProperties": false, - "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the AWS Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Database.DatabaseIdentifier": { + "AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the database resides.", - "title": "CatalogId", + "ReplicationGroupId": { + "markdownDescription": "The replication group id of the Global datastore member.", + "title": "ReplicationGroupId", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database.", - "title": "DatabaseName", + "ReplicationGroupRegion": { + "markdownDescription": "The Amazon region of the Global datastore member.", + "title": "ReplicationGroupRegion", "type": "string" }, - "Region": { - "markdownDescription": "The Region of the database.", - "title": "Region", + "Role": { + "markdownDescription": "Indicates the role of the replication group, `PRIMARY` or `SECONDARY` .", + "title": "Role", "type": "string" } }, "type": "object" }, - "AWS::Glue::Database.DatabaseInput": { + "AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration": { "additionalProperties": false, "properties": { - "CreateTableDefaultPermissions": { - "items": { - "$ref": "#/definitions/AWS::Glue::Database.PrincipalPrivileges" - }, - "markdownDescription": "Creates a set of default permissions on the table for principals. Used by AWS Lake Formation . Not used in the normal course of AWS Glue operations.", - "title": "CreateTableDefaultPermissions", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the database.", - "title": "Description", - "type": "string" - }, - "FederatedDatabase": { - "$ref": "#/definitions/AWS::Glue::Database.FederatedDatabase", - "markdownDescription": "A `FederatedDatabase` structure that references an entity outside the AWS Glue Data Catalog .", - "title": "FederatedDatabase" - }, - "LocationUri": { - "markdownDescription": "The location of the database (for example, an HDFS path).", - "title": "LocationUri", + "ReplicationGroupId": { + "markdownDescription": "The name of the secondary cluster", + "title": "ReplicationGroupId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "Name", + "ReplicationGroupRegion": { + "markdownDescription": "The Amazon region where the cluster is stored", + "title": "ReplicationGroupRegion", "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define parameters and properties of the database.", - "title": "Parameters", - "type": "object" - }, - "TargetDatabase": { - "$ref": "#/definitions/AWS::Glue::Database.DatabaseIdentifier", - "markdownDescription": "A `DatabaseIdentifier` structure that describes a target database for resource linking.", - "title": "TargetDatabase" + "ReshardingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration" + }, + "markdownDescription": "A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster.", + "title": "ReshardingConfigurations", + "type": "array" } }, "type": "object" }, - "AWS::Glue::Database.FederatedDatabase": { + "AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to the external metastore.", - "title": "ConnectionName", + "NodeGroupId": { + "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", + "title": "NodeGroupId", "type": "string" }, - "Identifier": { - "markdownDescription": "A unique identifier for the federated database.", - "title": "Identifier", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Database.PrincipalPrivileges": { - "additionalProperties": false, - "properties": { - "Permissions": { + "PreferredAvailabilityZones": { "items": { "type": "string" }, - "markdownDescription": "The permissions that are granted to the principal.", - "title": "Permissions", + "markdownDescription": "A list of preferred availability zones for the nodes in this cluster.", + "title": "PreferredAvailabilityZones", "type": "array" - }, - "Principal": { - "$ref": "#/definitions/AWS::Glue::Database.DataLakePrincipal", - "markdownDescription": "The principal who is granted permissions.", - "title": "Principal" } }, "type": "object" }, - "AWS::Glue::DevEndpoint": { + "AWS::ElastiCache::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -106258,96 +113197,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Arguments": { - "markdownDescription": "A map of arguments used to configure the `DevEndpoint` .\n\nValid arguments are:\n\n- `\"--enable-glue-datacatalog\": \"\"`\n- `\"GLUE_PYTHON_VERSION\": \"3\"`\n- `\"GLUE_PYTHON_VERSION\": \"2\"`\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", - "title": "Arguments", - "type": "object" - }, - "EndpointName": { - "markdownDescription": "The name of the `DevEndpoint` .", - "title": "EndpointName", - "type": "string" - }, - "ExtraJarsS3Path": { - "markdownDescription": "The path to one or more Java `.jar` files in an S3 bucket that should be loaded in your `DevEndpoint` .\n\n> You can only use pure Java/Scala libraries with a `DevEndpoint` .", - "title": "ExtraJarsS3Path", - "type": "string" - }, - "ExtraPythonLibsS3Path": { - "markdownDescription": "The paths to one or more Python libraries in an Amazon S3 bucket that should be loaded in your `DevEndpoint` . Multiple values must be complete paths separated by a comma.\n\n> You can only use pure Python libraries with a `DevEndpoint` . Libraries that rely on C extensions, such as the [pandas](https://docs.aws.amazon.com/http://pandas.pydata.org/) Python data analysis library, are not currently supported.", - "title": "ExtraPythonLibsS3Path", - "type": "string" - }, - "GlueVersion": { - "markdownDescription": "The AWS Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for running your ETL scripts on development endpoints.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nDevelopment endpoints that are created without specifying a Glue version default to Glue 0.9.\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", - "title": "GlueVersion", + "CacheParameterGroupFamily": { + "markdownDescription": "The name of the cache parameter group family that this cache parameter group is compatible with.\n\nValid values are: `valkey8` | `valkey7` | `memcached1.4` | `memcached1.5` | `memcached1.6` | `redis2.6` | `redis2.8` | `redis3.2` | `redis4.0` | `redis5.0` | `redis6.x` | `redis7`", + "title": "CacheParameterGroupFamily", "type": "string" }, - "NumberOfNodes": { - "markdownDescription": "The number of AWS Glue Data Processing Units (DPUs) allocated to this `DevEndpoint` .", - "title": "NumberOfNodes", - "type": "number" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated to the development endpoint.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", - "title": "NumberOfWorkers", - "type": "number" - }, - "PublicKey": { - "markdownDescription": "The public key to be used by this `DevEndpoint` for authentication. This attribute is provided for backward compatibility because the recommended attribute to use is public keys.", - "title": "PublicKey", + "Description": { + "markdownDescription": "The description for this cache parameter group.", + "title": "Description", "type": "string" }, - "PublicKeys": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": true, + "markdownDescription": "A comma-delimited list of parameter name/value pairs.\n\nFor example:\n\n```\n\"Properties\" : { \"cas_disabled\" : \"1\", \"chunk_size_growth_factor\" : \"1.02\"\n}\n```", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of public keys to be used by the `DevEndpoints` for authentication. Using this attribute is preferred over a single public key because the public keys allow you to have a different private key per client.\n\n> If you previously created an endpoint with a public key, you must remove that key to be able to set a list of public keys. Call the `UpdateDevEndpoint` API operation with the public key content in the `deletePublicKeys` attribute, and the list of new keys in the `addPublicKeys` attribute.", - "title": "PublicKeys", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used in this `DevEndpoint` .", - "title": "RoleArn", - "type": "string" - }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this `DevEndpoint` .", - "title": "SecurityConfiguration", - "type": "string" + "title": "Properties", + "type": "object" }, - "SecurityGroupIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of security group identifiers used in this `DevEndpoint` .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet ID for this `DevEndpoint` .", - "title": "SubnetId", - "type": "string" - }, - "Tags": { - "markdownDescription": "The tags to use with this DevEndpoint.", + "markdownDescription": "A tag that can be added to an ElastiCache parameter group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your parameter groups. A tag with a null Value is permitted.", "title": "Tags", - "type": "object" - }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated to the development endpoint. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n\nKnown issue: when a development endpoint is created with the `G.2X` `WorkerType` configuration, the Spark drivers for the development endpoint will run on 4 vCPU, 16 GB of memory, and a 64 GB disk.", - "title": "WorkerType", - "type": "string" + "type": "array" } }, "required": [ - "RoleArn" + "CacheParameterGroupFamily", + "Description" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::DevEndpoint" + "AWS::ElastiCache::ParameterGroup" ], "type": "string" }, @@ -106366,7 +113254,7 @@ ], "type": "object" }, - "AWS::Glue::Job": { + "AWS::ElastiCache::ReplicationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -106401,116 +113289,234 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedCapacity": { - "markdownDescription": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job.", - "title": "AllocatedCapacity", - "type": "number" + "AtRestEncryptionEnabled": { + "markdownDescription": "A flag that enables encryption at rest when set to `true` .\n\n*Required:* Only available when creating a replication group in an Amazon VPC using Redis OSS version `3.2.6` or `4.x` onward.\n\nDefault: `false`", + "title": "AtRestEncryptionEnabled", + "type": "boolean" }, - "Command": { - "$ref": "#/definitions/AWS::Glue::Job.JobCommand", - "markdownDescription": "The code that executes a job.", - "title": "Command" + "AuthToken": { + "markdownDescription": "*Reserved parameter.* The password used to access a password protected server.\n\n`AuthToken` can be specified only on replication groups where `TransitEncryptionEnabled` is `true` . For more information, see [Authenticating Valkey or Redis OSS users with the AUTH Command](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/auth.html) .\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` . \n\nPassword constraints:\n\n- Must be only printable ASCII characters.\n- Must be at least 16 characters and no more than 128 characters in length.\n- Nonalphanumeric characters are restricted to (!, &, #, $, ^, <, >, -, ).\n\nFor more information, see [AUTH password](https://docs.aws.amazon.com/http://redis.io/commands/AUTH) at http://redis.io/commands/AUTH.\n\n> If ADDING the AuthToken, update requires [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "AuthToken", + "type": "string" }, - "Connections": { - "$ref": "#/definitions/AWS::Glue::Job.ConnectionsList", - "markdownDescription": "The connections used for this job.", - "title": "Connections" + "AutoMinorVersionUpgrade": { + "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" }, - "DefaultArguments": { - "markdownDescription": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .", - "title": "DefaultArguments", - "type": "object" + "AutomaticFailoverEnabled": { + "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.\n\nDefault: false", + "title": "AutomaticFailoverEnabled", + "type": "boolean" }, - "Description": { - "markdownDescription": "A description of the job.", - "title": "Description", + "CacheNodeType": { + "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.12xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.12xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Amazon Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)", + "title": "CacheNodeType", "type": "string" }, - "ExecutionClass": { - "markdownDescription": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs.", - "title": "ExecutionClass", + "CacheParameterGroupName": { + "markdownDescription": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n\nIf you are running Valkey or Redis OSS version 3.2.4 or later, only one node group (shard), and want to use a default parameter group, we recommend that you specify the parameter group by name.\n\n- To create a Valkey or Redis OSS (cluster mode disabled) replication group, use `CacheParameterGroupName=default.redis3.2` .\n- To create a Valkey or Redis OSS (cluster mode enabled) replication group, use `CacheParameterGroupName=default.redis3.2.cluster.on` .", + "title": "CacheParameterGroupName", "type": "string" }, - "ExecutionProperty": { - "$ref": "#/definitions/AWS::Glue::Job.ExecutionProperty", - "markdownDescription": "The maximum number of concurrent runs that are allowed for this job.", - "title": "ExecutionProperty" + "CacheSecurityGroupNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of cache security group names to associate with this replication group.", + "title": "CacheSecurityGroupNames", + "type": "array" }, - "GlueVersion": { - "markdownDescription": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available.", - "title": "GlueVersion", + "CacheSubnetGroupName": { + "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", + "title": "CacheSubnetGroupName", "type": "string" }, - "LogUri": { - "markdownDescription": "This field is reserved for future use.", - "title": "LogUri", + "ClusterMode": { + "markdownDescription": "The mode can be enabled or disabled. To change the cluster mode from disabled to enabled, you must first set the cluster mode to compatible. The compatible mode allows your Valkey or Redis OSS clients to connect using both cluster mode enabled and cluster mode disabled. After you migrate all Valkey or Redis OSS clients to use cluster mode enabled, you can then complete cluster mode configuration and set the cluster mode to enabled. For more information, see [Modify cluster mode](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/modify-cluster-mode.html) .", + "title": "ClusterMode", "type": "string" }, - "MaxCapacity": { - "markdownDescription": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation.", - "title": "MaxCapacity", + "DataTieringEnabled": { + "markdownDescription": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html) .", + "title": "DataTieringEnabled", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the cache engine to be used for the clusters in this replication group. The value must be set to `valkey` or `redis` .\n\n> Upgrading an existing engine from redis to valkey is done through in-place migration, and requires a parameter group.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the cache engine to be used for the clusters in this replication group. To view the supported cache engine versions, use the `DescribeCacheEngineVersions` operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ) in the *ElastiCache User Guide* , but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", + "title": "EngineVersion", + "type": "string" + }, + "GlobalReplicationGroupId": { + "markdownDescription": "The name of the Global datastore", + "title": "GlobalReplicationGroupId", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The network type you choose when creating a replication group, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 or Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "IpDiscovery", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key used to encrypt the disk on the cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LogDeliveryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest" + }, + "markdownDescription": "Specifies the destination, format and type of the logs.", + "title": "LogDeliveryConfigurations", + "type": "array" + }, + "MultiAZEnabled": { + "markdownDescription": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see [Minimizing Downtime: Multi-AZ](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html) .", + "title": "MultiAZEnabled", + "type": "boolean" + }, + "NetworkType": { + "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "NetworkType", + "type": "string" + }, + "NodeGroupConfiguration": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration" + }, + "markdownDescription": "`NodeGroupConfiguration` is a property of the `AWS::ElastiCache::ReplicationGroup` resource that configures an Amazon ElastiCache (ElastiCache) Valkey or Redis OSS cluster node group.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NodeGroupConfiguration` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NodeGroupConfiguration` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NodeGroupConfiguration", + "type": "array" + }, + "NotificationTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", + "title": "NotificationTopicArn", + "type": "string" + }, + "NumCacheClusters": { + "markdownDescription": "The number of clusters this replication group initially has.\n\nThis parameter is not used if there is more than one node group (shard). You should use `ReplicasPerNodeGroup` instead.\n\nIf `AutomaticFailoverEnabled` is `true` , the value of this parameter must be at least 2. If `AutomaticFailoverEnabled` is `false` you can omit this parameter (it will default to 1), or you can explicitly set it to a value between 2 and 6.\n\nThe maximum permitted value for `NumCacheClusters` is 6 (1 primary plus 5 replicas).", + "title": "NumCacheClusters", "type": "number" }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry this job after a JobRun fails.", - "title": "MaxRetries", + "NumNodeGroups": { + "markdownDescription": "An optional parameter that specifies the number of node groups (shards) for this Valkey or Redis OSS (cluster mode enabled) replication group. For Valkey or Redis OSS (cluster mode disabled) either omit this parameter or set it to 1.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NumNodeGroups` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NumNodeGroups` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .\n\nDefault: 1", + "title": "NumNodeGroups", "type": "number" }, - "Name": { - "markdownDescription": "The name you assign to this job definition.", - "title": "Name", + "Port": { + "markdownDescription": "The port number on which each member of the replication group accepts connections.", + "title": "Port", + "type": "number" + }, + "PreferredCacheClusterAZs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 Availability Zones in which the replication group's clusters are created. The order of the Availability Zones in the list is the order in which clusters are allocated. The primary cluster is created in the first AZ in the list.\n\nThis parameter is not used if there is more than one node group (shard). You should use `NodeGroupConfiguration` instead.\n\n> If you are creating your replication group in an Amazon VPC (recommended), you can only locate clusters in Availability Zones associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheClusters` . \n\nDefault: system chosen Availability Zones.", + "title": "PreferredCacheClusterAZs", + "type": "array" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", + "title": "PreferredMaintenanceWindow", "type": "string" }, - "NonOverridableArguments": { - "markdownDescription": "Non-overridable arguments for this job, specified as name-value pairs.", - "title": "NonOverridableArguments", - "type": "object" + "PrimaryClusterId": { + "markdownDescription": "The identifier of the cluster that serves as the primary for this replication group. This cluster must already exist and have a status of `available` .\n\nThis parameter is not required if `NumCacheClusters` , `NumNodeGroups` , or `ReplicasPerNodeGroup` is specified.", + "title": "PrimaryClusterId", + "type": "string" }, - "NotificationProperty": { - "$ref": "#/definitions/AWS::Glue::Job.NotificationProperty", - "markdownDescription": "Specifies configuration properties of a notification.", - "title": "NotificationProperty" + "ReplicasPerNodeGroup": { + "markdownDescription": "An optional parameter that specifies the number of replica nodes in each node group (shard). Valid values are 0 to 5.", + "title": "ReplicasPerNodeGroup", + "type": "number" }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", - "title": "NumberOfWorkers", + "ReplicationGroupDescription": { + "markdownDescription": "A user-created description for the replication group.", + "title": "ReplicationGroupDescription", + "type": "string" + }, + "ReplicationGroupId": { + "markdownDescription": "The replication group identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- A name must contain from 1 to 40 alphanumeric characters or hyphens.\n- The first character must be a letter.\n- A name cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ReplicationGroupId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more Amazon VPC security groups associated with this replication group.\n\nUse this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the Valkey or Redis OSS RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new replication group. The Amazon S3 object name in the ARN cannot contain any commas. The new replication group will have the number of node groups (console: shards) specified by the parameter *NumNodeGroups* or the number of node groups configured by *NodeGroupConfiguration* regardless of the number of ARNs specified here.\n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", + "title": "SnapshotArns", + "type": "array" + }, + "SnapshotName": { + "markdownDescription": "The name of a snapshot from which to restore data into the new replication group. The snapshot status changes to `restoring` while the new replication group is being created.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot that was taken today is retained for 5 days before being deleted.\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster).", + "title": "SnapshotRetentionLimit", "type": "number" }, - "Role": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job.", - "title": "Role", + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.", + "title": "SnapshotWindow", "type": "string" }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this job.", - "title": "SecurityConfiguration", + "SnapshottingClusterId": { + "markdownDescription": "The cluster ID that is used as the daily snapshot source for the replication group. This parameter cannot be set for Valkey or Redis OSS (cluster mode enabled) replication groups.", + "title": "SnapshottingClusterId", "type": "string" }, "Tags": { - "markdownDescription": "The tags to use with this job.", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key= `myKey` , Value= `myKeyValue` . You can include multiple tags as shown following: Key= `myKey` , Value= `myKeyValue` Key= `mySecondKey` , Value= `mySecondKeyValue` . Tags on replication groups will be replicated to all nodes.", "title": "Tags", - "type": "object" + "type": "array" }, - "Timeout": { - "markdownDescription": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours).", - "title": "Timeout", - "type": "number" + "TransitEncryptionEnabled": { + "markdownDescription": "A flag that enables in-transit encryption when set to `true` .\n\nThis parameter is only available when creating a replication group in an Amazon VPC using Valkey version `7.2` and above, Redis OSS version `3.2.6` , or Redis OSS version `4.x` and above, and the cluster is being created in an Amazon VPC.\n\nIf you enable in-transit encryption, you must also specify a value for `CacheSubnetGroup` .\n\n> TransitEncryptionEnabled is required when creating a new valkey replication group. \n\nDefault: `false`\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` .", + "title": "TransitEncryptionEnabled", + "type": "boolean" }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 94GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 138GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Spain), Europe (Stockholm), and South America (S\u00e3o Paulo).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk, and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 or later streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk, and provides up to 8 Ray workers based on the autoscaler.", - "title": "WorkerType", + "TransitEncryptionMode": { + "markdownDescription": "A setting that allows you to migrate your clients to use in-transit encryption, with no downtime.\n\nWhen setting `TransitEncryptionEnabled` to `true` , you can set your `TransitEncryptionMode` to `preferred` in the same request, to allow both encrypted and unencrypted connections at the same time. Once you migrate all your Valkey or Redis OSS clients to use encrypted connections you can modify the value to `required` to allow encrypted connections only.\n\nSetting `TransitEncryptionMode` to `required` is a two-step process that requires you to first set the `TransitEncryptionMode` to `preferred` , after that you can set `TransitEncryptionMode` to `required` .\n\nThis process will not trigger the replacement of the replication group.", + "title": "TransitEncryptionMode", "type": "string" + }, + "UserGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of user group to associate with the replication group.", + "title": "UserGroupIds", + "type": "array" } }, "required": [ - "Command", - "Role" + "ReplicationGroupDescription" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Job" + "AWS::ElastiCache::ReplicationGroup" ], "type": "string" }, @@ -106529,69 +113535,117 @@ ], "type": "object" }, - "AWS::Glue::Job.ConnectionsList": { + "AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails": { "additionalProperties": false, "properties": { - "Connections": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of connections used by the job.", - "title": "Connections", - "type": "array" + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group.", + "title": "LogGroup", + "type": "string" } }, + "required": [ + "LogGroup" + ], "type": "object" }, - "AWS::Glue::Job.ExecutionProperty": { + "AWS::ElastiCache::ReplicationGroup.DestinationDetails": { "additionalProperties": false, "properties": { - "MaxConcurrentRuns": { - "markdownDescription": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.", - "title": "MaxConcurrentRuns", - "type": "number" + "CloudWatchLogsDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails", + "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", + "title": "CloudWatchLogsDetails" + }, + "KinesisFirehoseDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails", + "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", + "title": "KinesisFirehoseDetails" } }, "type": "object" }, - "AWS::Glue::Job.JobCommand": { + "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` .", - "title": "Name", + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", + "title": "DeliveryStream", "type": "string" + } + }, + "required": [ + "DeliveryStream" + ], + "type": "object" + }, + "AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest": { + "additionalProperties": false, + "properties": { + "DestinationDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.DestinationDetails", + "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "title": "DestinationDetails" }, - "PythonVersion": { - "markdownDescription": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated.", - "title": "PythonVersion", + "DestinationType": { + "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", + "title": "DestinationType", "type": "string" }, - "Runtime": { - "markdownDescription": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide.", - "title": "Runtime", + "LogFormat": { + "markdownDescription": "Valid values are either `json` or `text` .", + "title": "LogFormat", "type": "string" }, - "ScriptLocation": { - "markdownDescription": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required).", - "title": "ScriptLocation", + "LogType": { + "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", + "title": "LogType", "type": "string" } }, + "required": [ + "DestinationDetails", + "DestinationType", + "LogFormat", + "LogType" + ], "type": "object" }, - "AWS::Glue::Job.NotificationProperty": { + "AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration": { "additionalProperties": false, "properties": { - "NotifyDelayAfter": { - "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification.", - "title": "NotifyDelayAfter", + "NodeGroupId": { + "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", + "title": "NodeGroupId", + "type": "string" + }, + "PrimaryAvailabilityZone": { + "markdownDescription": "The Availability Zone where the primary node of this node group (shard) is launched.", + "title": "PrimaryAvailabilityZone", + "type": "string" + }, + "ReplicaAvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Availability Zones to be used for the read replicas. The number of Availability Zones in this list must match the value of `ReplicaCount` or `ReplicasPerNodeGroup` if not specified.", + "title": "ReplicaAvailabilityZones", + "type": "array" + }, + "ReplicaCount": { + "markdownDescription": "The number of read replica nodes in this node group (shard).", + "title": "ReplicaCount", "type": "number" + }, + "Slots": { + "markdownDescription": "A string of comma-separated values where the first set of values are the slot numbers (zero based), and the second set of values are the keyspaces for each slot. The following example specifies three slots (numbered 0, 1, and 2): `0,1,2,0-4999,5000-9999,10000-16,383` .\n\nIf you don't specify a value, ElastiCache allocates keys equally among each slot.\n\nWhen you use an `UseOnlineResharding` update policy to update the number of node groups without interruption, ElastiCache evenly distributes the keyspaces between the specified number of slots. This cannot be updated later. Therefore, after updating the number of node groups in this way, you should remove the value specified for the `Slots` property of each `NodeGroupConfiguration` from the stack template, as it no longer reflects the actual values in each node group. For more information, see [UseOnlineResharding Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) .", + "title": "Slots", + "type": "string" } }, "type": "object" }, - "AWS::Glue::MLTransform": { + "AWS::ElastiCache::SecurityGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -106627,81 +113681,27 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A user-defined, long-form description text for the machine learning transform.", + "markdownDescription": "A description for the cache security group.", "title": "Description", "type": "string" }, - "GlueVersion": { - "markdownDescription": "This value determines which version of AWS Glue this machine learning transform is compatible with. Glue 1.0 is recommended for most customers. If the value is not set, the Glue compatibility defaults to Glue 0.9. For more information, see [AWS Glue Versions](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html#release-notes-versions) in the developer guide.", - "title": "GlueVersion", - "type": "string" - }, - "InputRecordTables": { - "$ref": "#/definitions/AWS::Glue::MLTransform.InputRecordTables", - "markdownDescription": "A list of AWS Glue table definitions used by the transform.", - "title": "InputRecordTables" - }, - "MaxCapacity": { - "markdownDescription": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from 2 to 100 DPUs; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory. For more information, see the [AWS Glue pricing page](https://docs.aws.amazon.com/glue/pricing/) .\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.\n\nWhen the `WorkerType` field is set to a value other than `Standard` , the `MaxCapacity` field is set automatically and becomes read-only.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry after an `MLTaskRun` of the machine learning transform fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "A user-defined name for the machine learning transform. Names are required to be unique. `Name` is optional:\n\n- If you supply `Name` , the stack cannot be repeatedly created.\n- If `Name` is not provided, a randomly generated name will be used instead.", - "title": "Name", - "type": "string" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a task of the transform runs.\n\nIf `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).", - "title": "NumberOfWorkers", - "type": "number" - }, - "Role": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role with the required permissions. The required permissions include both AWS Glue service role permissions to AWS Glue resources, and Amazon S3 permissions required by the transform.\n\n- This role needs AWS Glue service role permissions to allow access to resources in AWS Glue . See [Attach a Policy to IAM Users That Access AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/attach-policy-iam-user.html) .\n- This role needs permission to your Amazon Simple Storage Service (Amazon S3) sources, targets, temporary directory, scripts, and any libraries used by the task run for this transform.", - "title": "Role", - "type": "string" - }, "Tags": { - "markdownDescription": "The tags to use with this machine learning transform. You may use tags to limit access to the machine learning transform. For more information about tags in AWS Glue , see [AWS Tags in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html) in the developer guide.", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A tag that can be added to an ElastiCache security group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your security groups. A tag with a null Value is permitted.", "title": "Tags", - "type": "object" - }, - "Timeout": { - "markdownDescription": "The timeout in minutes of the machine learning transform.", - "title": "Timeout", - "type": "number" - }, - "TransformEncryption": { - "$ref": "#/definitions/AWS::Glue::MLTransform.TransformEncryption", - "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data. Machine learning\ntransforms can access user data encrypted in Amazon S3 using KMS.\n\nAdditionally, imported labels and trained transforms can now be encrypted using a customer provided\nKMS key.", - "title": "TransformEncryption" - }, - "TransformParameters": { - "$ref": "#/definitions/AWS::Glue::MLTransform.TransformParameters", - "markdownDescription": "The algorithm-specific parameters that are associated with the machine learning transform.", - "title": "TransformParameters" - }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated when a task of this transform runs. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker provides 4 vCPU, 16 GB of memory and a 64GB disk, and 1 executor per worker.\n- For the `G.2X` worker type, each worker provides 8 vCPU, 32 GB of memory and a 128GB disk, and 1 executor per worker.\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.", - "title": "WorkerType", - "type": "string" + "type": "array" } }, "required": [ - "InputRecordTables", - "Role", - "TransformParameters" + "Description" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::MLTransform" + "AWS::ElastiCache::SecurityGroup" ], "type": "string" }, @@ -106720,134 +113720,7 @@ ], "type": "object" }, - "AWS::Glue::MLTransform.FindMatchesParameters": { - "additionalProperties": false, - "properties": { - "AccuracyCostTradeoff": { - "markdownDescription": "The value that is selected when tuning your transform for a balance between accuracy and cost. A value of 0.5 means that the system balances accuracy and cost concerns. A value of 1.0 means a bias purely for accuracy, which typically results in a higher cost, sometimes substantially higher. A value of 0.0 means a bias purely for cost, which results in a less accurate `FindMatches` transform, sometimes with unacceptable accuracy.\n\nAccuracy measures how well the transform finds true positives and true negatives. Increasing accuracy requires more machine resources and cost. But it also results in increased recall.\n\nCost measures how many compute resources, and thus money, are consumed to run the transform.", - "title": "AccuracyCostTradeoff", - "type": "number" - }, - "EnforceProvidedLabels": { - "markdownDescription": "The value to switch on or off to force the output to match the provided labels from users. If the value is `True` , the `find matches` transform forces the output to match the provided labels. The results override the normal conflation results. If the value is `False` , the `find matches` transform does not ensure all the labels provided are respected, and the results rely on the trained model.\n\nNote that setting this value to true may increase the conflation execution time.", - "title": "EnforceProvidedLabels", - "type": "boolean" - }, - "PrecisionRecallTradeoff": { - "markdownDescription": "The value selected when tuning your transform for a balance between precision and recall. A value of 0.5 means no preference; a value of 1.0 means a bias purely for precision, and a value of 0.0 means a bias for recall. Because this is a tradeoff, choosing values close to 1.0 means very low recall, and choosing values close to 0.0 results in very low precision.\n\nThe precision metric indicates how often your model is correct when it predicts a match.\n\nThe recall metric indicates that for an actual match, how often your model predicts the match.", - "title": "PrecisionRecallTradeoff", - "type": "number" - }, - "PrimaryKeyColumnName": { - "markdownDescription": "The name of a column that uniquely identifies rows in the source table. Used to help identify matching records.", - "title": "PrimaryKeyColumnName", - "type": "string" - } - }, - "required": [ - "PrimaryKeyColumnName" - ], - "type": "object" - }, - "AWS::Glue::MLTransform.GlueTables": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "A unique identifier for the AWS Glue Data Catalog .", - "title": "CatalogId", - "type": "string" - }, - "ConnectionName": { - "markdownDescription": "The name of the connection to the AWS Glue Data Catalog .", - "title": "ConnectionName", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "A database name in the AWS Glue Data Catalog .", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "A table name in the AWS Glue Data Catalog .", - "title": "TableName", - "type": "string" - } - }, - "required": [ - "DatabaseName", - "TableName" - ], - "type": "object" - }, - "AWS::Glue::MLTransform.InputRecordTables": { - "additionalProperties": false, - "properties": { - "GlueTables": { - "items": { - "$ref": "#/definitions/AWS::Glue::MLTransform.GlueTables" - }, - "markdownDescription": "The database and table in the AWS Glue Data Catalog that is used for input or output data.", - "title": "GlueTables", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Glue::MLTransform.MLUserDataEncryption": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The ID for the customer-provided KMS key.", - "title": "KmsKeyId", - "type": "string" - }, - "MLUserDataEncryptionMode": { - "markdownDescription": "The encryption mode applied to user data. Valid values are:\n\n- DISABLED: encryption is disabled.\n- SSEKMS: use of server-side encryption with AWS Key Management Service (SSE-KMS) for user data\nstored in Amazon S3.", - "title": "MLUserDataEncryptionMode", - "type": "string" - } - }, - "required": [ - "MLUserDataEncryptionMode" - ], - "type": "object" - }, - "AWS::Glue::MLTransform.TransformEncryption": { - "additionalProperties": false, - "properties": { - "MLUserDataEncryption": { - "$ref": "#/definitions/AWS::Glue::MLTransform.MLUserDataEncryption", - "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data.", - "title": "MLUserDataEncryption" - }, - "TaskRunSecurityConfigurationName": { - "markdownDescription": "The name of the security configuration.", - "title": "TaskRunSecurityConfigurationName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::MLTransform.TransformParameters": { - "additionalProperties": false, - "properties": { - "FindMatchesParameters": { - "$ref": "#/definitions/AWS::Glue::MLTransform.FindMatchesParameters", - "markdownDescription": "The parameters for the find matches algorithm.", - "title": "FindMatchesParameters" - }, - "TransformType": { - "markdownDescription": "The type of machine learning transform. `FIND_MATCHES` is the only option.\n\nFor information about the types of machine learning transforms, see [Working with machine learning transforms](https://docs.aws.amazon.com/glue/latest/dg/console-machine-learning-transforms.html) .", - "title": "TransformType", - "type": "string" - } - }, - "required": [ - "TransformType" - ], - "type": "object" - }, - "AWS::Glue::Partition": { + "AWS::ElastiCache::SecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { @@ -106882,38 +113755,31 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The AWS account ID of the catalog in which the partion is to be created.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", - "title": "CatalogId", + "CacheSecurityGroupName": { + "markdownDescription": "The name of the Cache Security Group to authorize.", + "title": "CacheSecurityGroupName", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database in which to create the partition.", - "title": "DatabaseName", + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 Security Group to include in the authorization.", + "title": "EC2SecurityGroupName", "type": "string" }, - "PartitionInput": { - "$ref": "#/definitions/AWS::Glue::Partition.PartitionInput", - "markdownDescription": "The structure used to create and update a partition.", - "title": "PartitionInput" - }, - "TableName": { - "markdownDescription": "The name of the metadata table in which the partition is to be created.", - "title": "TableName", + "EC2SecurityGroupOwnerId": { + "markdownDescription": "Specifies the Amazon Account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName property. The Amazon access key ID is not an acceptable value.", + "title": "EC2SecurityGroupOwnerId", "type": "string" } }, "required": [ - "CatalogId", - "DatabaseName", - "PartitionInput", - "TableName" + "CacheSecurityGroupName", + "EC2SecurityGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Partition" + "AWS::ElastiCache::SecurityGroupIngress" ], "type": "string" }, @@ -106932,247 +113798,234 @@ ], "type": "object" }, - "AWS::Glue::Partition.Column": { + "AWS::ElastiCache::ServerlessCache": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A free-form text comment.", - "title": "Comment", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `Column` .", - "title": "Name", + "Condition": { "type": "string" }, - "Type": { - "markdownDescription": "The data type of the `Column` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::Glue::Partition.Order": { - "additionalProperties": false, - "properties": { - "Column": { - "markdownDescription": "The name of the column.", - "title": "Column", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SortOrder": { - "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", - "title": "SortOrder", - "type": "number" - } - }, - "required": [ - "Column" - ], - "type": "object" - }, - "AWS::Glue::Partition.PartitionInput": { - "additionalProperties": false, - "properties": { - "Parameters": { - "markdownDescription": "These key-value pairs define partition parameters.", - "title": "Parameters", - "type": "object" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "StorageDescriptor": { - "$ref": "#/definitions/AWS::Glue::Partition.StorageDescriptor", - "markdownDescription": "Provides information about the physical location where the partition is stored.", - "title": "StorageDescriptor" + "Metadata": { + "type": "object" }, - "Values": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CacheUsageLimits": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.CacheUsageLimits", + "markdownDescription": "The cache usage limit for the serverless cache.", + "title": "CacheUsageLimits" + }, + "DailySnapshotTime": { + "markdownDescription": "The daily time that a cache snapshot will be created. Default is NULL, i.e. snapshots will not be created at a specific time on a daily basis. Available for Valkey, Redis OSS and Serverless Memcached only.", + "title": "DailySnapshotTime", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the serverless cache.", + "title": "Description", + "type": "string" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", + "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", + "title": "Endpoint" + }, + "Engine": { + "markdownDescription": "The engine the serverless cache is compatible with.", + "title": "Engine", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The name of the final snapshot taken of a cache before the cache is deleted.", + "title": "FinalSnapshotName", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key that is used to encrypt data at rest in the serverless cache.", + "title": "KmsKeyId", + "type": "string" + }, + "MajorEngineVersion": { + "markdownDescription": "The version number of the engine the serverless cache is compatible with.", + "title": "MajorEngineVersion", + "type": "string" + }, + "ReaderEndpoint": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", + "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", + "title": "ReaderEndpoint" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the EC2 security groups associated with the serverless cache.", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServerlessCacheName": { + "markdownDescription": "The unique identifier of the serverless cache.", + "title": "ServerlessCacheName", + "type": "string" + }, + "SnapshotArnsToRestore": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the snapshot from which to restore data into the new cache.", + "title": "SnapshotArnsToRestore", + "type": "array" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The current setting for the number of serverless cache snapshots the system will retain. Available for Valkey, Redis OSS and Serverless Memcached only.", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "If no subnet IDs are given and your VPC is in us-west-1, then ElastiCache will select 2 default subnets across AZs in your VPC. For all other Regions, if no subnet IDs are given then ElastiCache will select 3 default subnets across AZs in your default VPC.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be added to this resource.", + "title": "Tags", + "type": "array" + }, + "UserGroupId": { + "markdownDescription": "The identifier of the user group associated with the serverless cache. Available for Valkey and Redis OSS only. Default is NULL.", + "title": "UserGroupId", + "type": "string" + } }, - "markdownDescription": "The values of the partition. Although this parameter is not required by the SDK, you must specify this parameter for a valid input.\n\nThe values for the keys for the new partition must be passed as an array of String objects that must be ordered in the same order as the partition keys appearing in the Amazon S3 prefix. Otherwise AWS Glue will add the values to the wrong keys.", - "title": "Values", - "type": "array" - } - }, - "required": [ - "Values" - ], - "type": "object" - }, - "AWS::Glue::Partition.SchemaId": { - "additionalProperties": false, - "properties": { - "RegistryName": { - "markdownDescription": "The name of the schema registry that contains the schema.", - "title": "RegistryName", - "type": "string" + "required": [ + "Engine", + "ServerlessCacheName" + ], + "type": "object" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", - "title": "SchemaArn", + "Type": { + "enum": [ + "AWS::ElastiCache::ServerlessCache" + ], "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", - "title": "SchemaName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Glue::Partition.SchemaReference": { + "AWS::ElastiCache::ServerlessCache.CacheUsageLimits": { "additionalProperties": false, "properties": { - "SchemaId": { - "$ref": "#/definitions/AWS::Glue::Partition.SchemaId", - "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", - "title": "SchemaId" - }, - "SchemaVersionId": { - "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", - "title": "SchemaVersionId", - "type": "string" + "DataStorage": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.DataStorage", + "markdownDescription": "The maximum data storage limit in the cache, expressed in Gigabytes.", + "title": "DataStorage" }, - "SchemaVersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionNumber", - "type": "number" + "ECPUPerSecond": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.ECPUPerSecond", + "markdownDescription": "The number of ElastiCache Processing Units (ECPU) the cache can consume per second.", + "title": "ECPUPerSecond" } }, "type": "object" }, - "AWS::Glue::Partition.SerdeInfo": { + "AWS::ElastiCache::ServerlessCache.DataStorage": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the SerDe.", - "title": "Name", - "type": "string" + "Maximum": { + "markdownDescription": "The upper limit for data storage the cache is set to use.", + "title": "Maximum", + "type": "number" }, - "Parameters": { - "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", - "title": "Parameters", - "type": "object" + "Minimum": { + "markdownDescription": "The lower limit for data storage the cache is set to use.", + "title": "Minimum", + "type": "number" }, - "SerializationLibrary": { - "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", - "title": "SerializationLibrary", + "Unit": { + "markdownDescription": "The unit that the storage is measured in, in GB.", + "title": "Unit", "type": "string" } }, + "required": [ + "Unit" + ], "type": "object" }, - "AWS::Glue::Partition.SkewedInfo": { + "AWS::ElastiCache::ServerlessCache.ECPUPerSecond": { "additionalProperties": false, "properties": { - "SkewedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of names of columns that contain skewed values.", - "title": "SkewedColumnNames", - "type": "array" - }, - "SkewedColumnValueLocationMaps": { - "markdownDescription": "A mapping of skewed values to the columns that contain them.", - "title": "SkewedColumnValueLocationMaps", - "type": "object" + "Maximum": { + "markdownDescription": "The configuration for the maximum number of ECPUs the cache can consume per second.", + "title": "Maximum", + "type": "number" }, - "SkewedColumnValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", - "title": "SkewedColumnValues", - "type": "array" + "Minimum": { + "markdownDescription": "The configuration for the minimum number of ECPUs the cache should be able consume per second.", + "title": "Minimum", + "type": "number" } }, "type": "object" }, - "AWS::Glue::Partition.StorageDescriptor": { + "AWS::ElastiCache::ServerlessCache.Endpoint": { "additionalProperties": false, "properties": { - "BucketColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", - "title": "BucketColumns", - "type": "array" - }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Partition.Column" - }, - "markdownDescription": "A list of the `Columns` in the table.", - "title": "Columns", - "type": "array" - }, - "Compressed": { - "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", - "title": "Compressed", - "type": "boolean" - }, - "InputFormat": { - "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", - "title": "InputFormat", - "type": "string" - }, - "Location": { - "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", - "title": "Location", + "Address": { + "markdownDescription": "The DNS hostname of the cache node.", + "title": "Address", "type": "string" }, - "NumberOfBuckets": { - "markdownDescription": "The number of buckets.\n\nYou must specify this property if the partition contains any dimension columns.", - "title": "NumberOfBuckets", - "type": "number" - }, - "OutputFormat": { - "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", - "title": "OutputFormat", + "Port": { + "markdownDescription": "The port number that the cache engine is listening on.", + "title": "Port", "type": "string" - }, - "Parameters": { - "markdownDescription": "The user-supplied properties in key-value form.", - "title": "Parameters", - "type": "object" - }, - "SchemaReference": { - "$ref": "#/definitions/AWS::Glue::Partition.SchemaReference", - "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", - "title": "SchemaReference" - }, - "SerdeInfo": { - "$ref": "#/definitions/AWS::Glue::Partition.SerdeInfo", - "markdownDescription": "The serialization/deserialization (SerDe) information.", - "title": "SerdeInfo" - }, - "SkewedInfo": { - "$ref": "#/definitions/AWS::Glue::Partition.SkewedInfo", - "markdownDescription": "The information about values that appear frequently in a column (skewed values).", - "title": "SkewedInfo" - }, - "SortColumns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Partition.Order" - }, - "markdownDescription": "A list specifying the sort order of each bucket in the table.", - "title": "SortColumns", - "type": "array" - }, - "StoredAsSubDirectories": { - "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", - "title": "StoredAsSubDirectories", - "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Registry": { + "AWS::ElastiCache::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -107207,33 +114060,42 @@ "Properties": { "additionalProperties": false, "properties": { + "CacheSubnetGroupName": { + "markdownDescription": "The name for the cache subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\nExample: `mysubnetgroup`", + "title": "CacheSubnetGroupName", + "type": "string" + }, "Description": { - "markdownDescription": "A description of the registry.", + "markdownDescription": "The description for the cache subnet group.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name of the registry.", - "title": "Name", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The EC2 subnet IDs for the cache subnet group.", + "title": "SubnetIds", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", + "markdownDescription": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "Description", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Registry" + "AWS::ElastiCache::SubnetGroup" ], "type": "string" }, @@ -107252,7 +114114,7 @@ ], "type": "object" }, - "AWS::Glue::Schema": { + "AWS::ElastiCache::User": { "additionalProperties": false, "properties": { "Condition": { @@ -107287,61 +114149,63 @@ "Properties": { "additionalProperties": false, "properties": { - "CheckpointVersion": { - "$ref": "#/definitions/AWS::Glue::Schema.SchemaVersion", - "markdownDescription": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint.", - "title": "CheckpointVersion" - }, - "Compatibility": { - "markdownDescription": "The compatibility mode of the schema.", - "title": "Compatibility", - "type": "string" - }, - "DataFormat": { - "markdownDescription": "The data format of the schema definition. Currently only `AVRO` is supported.", - "title": "DataFormat", + "AccessString": { + "markdownDescription": "Access permissions string used for this user.", + "title": "AccessString", "type": "string" }, - "Description": { - "markdownDescription": "A description of the schema if specified when created.", - "title": "Description", - "type": "string" + "AuthenticationMode": { + "$ref": "#/definitions/AWS::ElastiCache::User.AuthenticationMode", + "markdownDescription": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```", + "title": "AuthenticationMode" }, - "Name": { - "markdownDescription": "Name of the schema to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace.", - "title": "Name", + "Engine": { + "markdownDescription": "The current supported values are valkey and redis.", + "title": "Engine", "type": "string" }, - "Registry": { - "$ref": "#/definitions/AWS::Glue::Schema.Registry", - "markdownDescription": "The registry where a schema is stored.", - "title": "Registry" + "NoPasswordRequired": { + "markdownDescription": "Indicates a password is not required for this user.", + "title": "NoPasswordRequired", + "type": "boolean" }, - "SchemaDefinition": { - "markdownDescription": "The schema definition using the `DataFormat` setting for `SchemaName` .", - "title": "SchemaDefinition", - "type": "string" + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "Passwords used for this user. You can create up to two passwords for each user.", + "title": "Passwords", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", + "markdownDescription": "The list of tags.", "title": "Tags", "type": "array" + }, + "UserId": { + "markdownDescription": "The ID of the user.", + "title": "UserId", + "type": "string" + }, + "UserName": { + "markdownDescription": "The username of the user.", + "title": "UserName", + "type": "string" } }, "required": [ - "Compatibility", - "DataFormat", - "Name", - "SchemaDefinition" + "Engine", + "UserId", + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Schema" + "AWS::ElastiCache::User" ], "type": "string" }, @@ -107360,39 +114224,119 @@ ], "type": "object" }, - "AWS::Glue::Schema.Registry": { + "AWS::ElastiCache::User.AuthenticationMode": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the registry.", - "title": "Arn", - "type": "string" + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the passwords to use for authentication if `Type` is set to `password` .", + "title": "Passwords", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the registry.", - "title": "Name", + "Type": { + "markdownDescription": "Specifies the authentication type. Possible options are IAM authentication, password and no password.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Glue::Schema.SchemaVersion": { + "AWS::ElastiCache::UserGroup": { "additionalProperties": false, "properties": { - "IsLatest": { - "markdownDescription": "Indicates if this version is the latest version of the schema.", - "title": "IsLatest", - "type": "boolean" + "Condition": { + "type": "string" }, - "VersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "VersionNumber", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Engine": { + "markdownDescription": "The current supported values are valkey and redis.", + "title": "Engine", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags.", + "title": "Tags", + "type": "array" + }, + "UserGroupId": { + "markdownDescription": "The ID of the user group.", + "title": "UserGroupId", + "type": "string" + }, + "UserIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user IDs that belong to the user group. A user named `default` must be included.", + "title": "UserIds", + "type": "array" + } + }, + "required": [ + "Engine", + "UserGroupId", + "UserIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ElastiCache::UserGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Glue::SchemaVersion": { + "AWS::ElasticBeanstalk::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -107427,26 +114371,27 @@ "Properties": { "additionalProperties": false, "properties": { - "Schema": { - "$ref": "#/definitions/AWS::Glue::SchemaVersion.Schema", - "markdownDescription": "The schema that includes the schema version.", - "title": "Schema" + "ApplicationName": { + "markdownDescription": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "ApplicationName", + "type": "string" }, - "SchemaDefinition": { - "markdownDescription": "The schema definition for the schema version.", - "title": "SchemaDefinition", + "Description": { + "markdownDescription": "Your description of the application.", + "title": "Description", "type": "string" + }, + "ResourceLifecycleConfig": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig", + "markdownDescription": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions.", + "title": "ResourceLifecycleConfig" } }, - "required": [ - "Schema", - "SchemaDefinition" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SchemaVersion" + "AWS::ElasticBeanstalk::Application" ], "type": "string" }, @@ -107460,33 +114405,85 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Glue::SchemaVersion.Schema": { + "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { "additionalProperties": false, "properties": { - "RegistryName": { - "markdownDescription": "The name of the registry where the schema is stored. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "RegistryName", + "ServiceRole": { + "markdownDescription": "The ARN of an IAM service role that Elastic Beanstalk has permission to assume.\n\nThe `ServiceRole` property is required the first time that you provide a `ResourceLifecycleConfig` for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value.", + "title": "ServiceRole", "type": "string" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "SchemaArn", - "type": "string" + "VersionLifecycleConfig": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig", + "markdownDescription": "Defines lifecycle settings for application versions.", + "title": "VersionLifecycleConfig" + } + }, + "type": "object" + }, + "AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig": { + "additionalProperties": false, + "properties": { + "MaxAgeRule": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxAgeRule", + "markdownDescription": "Specify a max age rule to restrict the length of time that application versions are retained for an application.", + "title": "MaxAgeRule" }, - "SchemaName": { - "markdownDescription": "The name of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "SchemaName", - "type": "string" + "MaxCountRule": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxCountRule", + "markdownDescription": "Specify a max count rule to restrict the number of application versions that are retained for an application.", + "title": "MaxCountRule" } }, "type": "object" }, - "AWS::Glue::SchemaVersionMetadata": { + "AWS::ElasticBeanstalk::Application.MaxAgeRule": { + "additionalProperties": false, + "properties": { + "DeleteSourceFromS3": { + "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", + "title": "DeleteSourceFromS3", + "type": "boolean" + }, + "Enabled": { + "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", + "title": "Enabled", + "type": "boolean" + }, + "MaxAgeInDays": { + "markdownDescription": "Specify the number of days to retain an application versions.", + "title": "MaxAgeInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ElasticBeanstalk::Application.MaxCountRule": { + "additionalProperties": false, + "properties": { + "DeleteSourceFromS3": { + "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", + "title": "DeleteSourceFromS3", + "type": "boolean" + }, + "Enabled": { + "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", + "title": "Enabled", + "type": "boolean" + }, + "MaxCount": { + "markdownDescription": "Specify the maximum number of application versions to retain.", + "title": "MaxCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ElasticBeanstalk::ApplicationVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -107521,32 +114518,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A metadata key in a key-value pair for metadata.", - "title": "Key", + "ApplicationName": { + "markdownDescription": "The name of the Elastic Beanstalk application that is associated with this application version.", + "title": "ApplicationName", "type": "string" }, - "SchemaVersionId": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionId", + "Description": { + "markdownDescription": "A description of this application version.", + "title": "Description", "type": "string" }, - "Value": { - "markdownDescription": "A metadata key's corresponding value.", - "title": "Value", - "type": "string" + "SourceBundle": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle", + "markdownDescription": "The Amazon S3 bucket and key that identify the location of the source bundle for this version.\n\n> The Amazon S3 bucket must be in the same region as the environment.", + "title": "SourceBundle" } }, "required": [ - "Key", - "SchemaVersionId", - "Value" + "ApplicationName", + "SourceBundle" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SchemaVersionMetadata" + "AWS::ElasticBeanstalk::ApplicationVersion" ], "type": "string" }, @@ -107565,7 +114561,27 @@ ], "type": "object" }, - "AWS::Glue::SecurityConfiguration": { + "AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket where the data is located.", + "title": "S3Bucket", + "type": "string" + }, + "S3Key": { + "markdownDescription": "The Amazon S3 key where the data is located.", + "title": "S3Key", + "type": "string" + } + }, + "required": [ + "S3Bucket", + "S3Key" + ], + "type": "object" + }, + "AWS::ElasticBeanstalk::ConfigurationTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -107600,26 +114616,53 @@ "Properties": { "additionalProperties": false, "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.EncryptionConfiguration", - "markdownDescription": "The encryption configuration associated with this security configuration.", - "title": "EncryptionConfiguration" + "ApplicationName": { + "markdownDescription": "The name of the Elastic Beanstalk application to associate with this configuration template.", + "title": "ApplicationName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the security configuration.", - "title": "Name", + "Description": { + "markdownDescription": "An optional description for this configuration.", + "title": "Description", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of an environment whose settings you want to use to create the configuration template. You must specify `EnvironmentId` if you don't specify `PlatformArn` , `SolutionStackName` , or `SourceConfiguration` .", + "title": "EnvironmentId", + "type": "string" + }, + "OptionSettings": { + "items": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting" + }, + "markdownDescription": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the *AWS Elastic Beanstalk Developer Guide* .", + "title": "OptionSettings", + "type": "array" + }, + "PlatformArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , then don't specify `SolutionStackName` .", + "title": "PlatformArn", + "type": "string" + }, + "SolutionStackName": { + "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, `64bit Amazon Linux 2013.09 running Tomcat 7 Java 7` . A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\nYou must specify `SolutionStackName` if you don't specify `PlatformArn` , `EnvironmentId` , or `SourceConfiguration` .\n\nUse the [`ListAvailableSolutionStacks`](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html) API to obtain a list of available solution stacks.", + "title": "SolutionStackName", "type": "string" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration", + "markdownDescription": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in `OptionSettings` override any values obtained from the `SourceConfiguration` .\n\nYou must specify `SourceConfiguration` if you don't specify `PlatformArn` , `EnvironmentId` , or `SolutionStackName` .\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name.", + "title": "SourceConfiguration" } }, "required": [ - "EncryptionConfiguration", - "Name" + "ApplicationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SecurityConfiguration" + "AWS::ElasticBeanstalk::ConfigurationTemplate" ], "type": "string" }, @@ -107638,81 +114681,57 @@ ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.CloudWatchEncryption": { + "AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting": { "additionalProperties": false, "properties": { - "CloudWatchEncryptionMode": { - "markdownDescription": "The encryption mode to use for CloudWatch data.", - "title": "CloudWatchEncryptionMode", + "Namespace": { + "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", + "title": "Namespace", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", + "OptionName": { + "markdownDescription": "The name of the configuration option.", + "title": "OptionName", "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::SecurityConfiguration.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchEncryption": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.CloudWatchEncryption", - "markdownDescription": "The encryption configuration for Amazon CloudWatch.", - "title": "CloudWatchEncryption" - }, - "JobBookmarksEncryption": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.JobBookmarksEncryption", - "markdownDescription": "The encryption configuration for job bookmarks.", - "title": "JobBookmarksEncryption" }, - "S3Encryptions": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.S3Encryptions", - "markdownDescription": "The encyption configuration for Amazon Simple Storage Service (Amazon S3) data.", - "title": "S3Encryptions" - } - }, - "type": "object" - }, - "AWS::Glue::SecurityConfiguration.JobBookmarksEncryption": { - "additionalProperties": false, - "properties": { - "JobBookmarksEncryptionMode": { - "markdownDescription": "The encryption mode to use for job bookmarks data.", - "title": "JobBookmarksEncryptionMode", + "ResourceName": { + "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", + "title": "ResourceName", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", + "Value": { + "markdownDescription": "The current value for the configuration option.", + "title": "Value", "type": "string" } }, + "required": [ + "Namespace", + "OptionName" + ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.S3Encryption": { + "AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", + "ApplicationName": { + "markdownDescription": "The name of the application associated with the configuration.", + "title": "ApplicationName", "type": "string" }, - "S3EncryptionMode": { - "markdownDescription": "The encryption mode to use for Amazon S3 data.", - "title": "S3EncryptionMode", + "TemplateName": { + "markdownDescription": "The name of the configuration template.", + "title": "TemplateName", "type": "string" } }, + "required": [ + "ApplicationName", + "TemplateName" + ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.S3Encryptions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Glue::Table": { + "AWS::ElasticBeanstalk::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -107747,37 +114766,81 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which to create the `Table` .", - "title": "CatalogId", + "ApplicationName": { + "markdownDescription": "The name of the application that is associated with this environment.", + "title": "ApplicationName", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database where the table metadata resides. For Hive compatibility, this must be all lowercase.", - "title": "DatabaseName", + "CNAMEPrefix": { + "markdownDescription": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.", + "title": "CNAMEPrefix", "type": "string" }, - "OpenTableFormatInput": { - "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput", - "markdownDescription": "Specifies an `OpenTableFormatInput` structure when creating an open format table.", - "title": "OpenTableFormatInput" + "Description": { + "markdownDescription": "Your description for this environment.", + "title": "Description", + "type": "string" }, - "TableInput": { - "$ref": "#/definitions/AWS::Glue::Table.TableInput", - "markdownDescription": "A structure used to define a table.", - "title": "TableInput" + "EnvironmentName": { + "markdownDescription": "A unique name for the environment.\n\nConstraint: Must be from 4 to 40 characters in length. The name can contain only letters, numbers, and hyphens. It can't start or end with a hyphen. This name must be unique within a region in your account.\n\nIf you don't specify the `CNAMEPrefix` parameter, the environment name becomes part of the CNAME, and therefore part of the visible URL for your application.\n\nIf you don't specify an environment name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "EnvironmentName", + "type": "string" + }, + "OperationsRole": { + "markdownDescription": "> The operations role feature of AWS Elastic Beanstalk is in beta release and is subject to change. \n\nThe Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. If specified, Elastic Beanstalk uses the operations role for permissions to downstream services during this call and during subsequent calls acting on this environment. To specify an operations role, you must have the `iam:PassRole` permission for the role.", + "title": "OperationsRole", + "type": "string" + }, + "OptionSettings": { + "items": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.OptionSetting" + }, + "markdownDescription": "Key-value pairs defining configuration options for this environment, such as the instance type. These options override the values that are defined in the solution stack or the [configuration template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-beanstalk-configurationtemplate.html) . If you remove any options during a stack update, the removed options retain their current values.", + "title": "OptionSettings", + "type": "array" + }, + "PlatformArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform to use with the environment. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , don't specify `SolutionStackName` .", + "title": "PlatformArn", + "type": "string" + }, + "SolutionStackName": { + "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. If specified, Elastic Beanstalk sets the configuration values to the default values associated with the specified solution stack. For a list of current solution stacks, see [Elastic Beanstalk Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html) in the *AWS Elastic Beanstalk Platforms* guide.\n\n> If you specify `SolutionStackName` , don't specify `PlatformArn` or `TemplateName` .", + "title": "SolutionStackName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the tags applied to resources in the environment.", + "title": "Tags", + "type": "array" + }, + "TemplateName": { + "markdownDescription": "The name of the Elastic Beanstalk configuration template to use with the environment.\n\n> If you specify `TemplateName` , then don't specify `SolutionStackName` .", + "title": "TemplateName", + "type": "string" + }, + "Tier": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.Tier", + "markdownDescription": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.", + "title": "Tier" + }, + "VersionLabel": { + "markdownDescription": "The name of the application version to deploy.\n\nDefault: If not specified, Elastic Beanstalk attempts to deploy the sample application.", + "title": "VersionLabel", + "type": "string" } }, "required": [ - "CatalogId", - "DatabaseName", - "TableInput" + "ApplicationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Table" + "AWS::ElasticBeanstalk::Environment" ], "type": "string" }, @@ -107796,343 +114859,453 @@ ], "type": "object" }, - "AWS::Glue::Table.Column": { + "AWS::ElasticBeanstalk::Environment.OptionSetting": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A free-form text comment.", - "title": "Comment", + "Namespace": { + "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", + "title": "Namespace", "type": "string" }, - "Name": { - "markdownDescription": "The name of the `Column` .", - "title": "Name", + "OptionName": { + "markdownDescription": "The name of the configuration option.", + "title": "OptionName", "type": "string" }, - "Type": { - "markdownDescription": "The data type of the `Column` .", - "title": "Type", + "ResourceName": { + "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", + "title": "ResourceName", + "type": "string" + }, + "Value": { + "markdownDescription": "The current value for the configuration option.", + "title": "Value", "type": "string" } }, "required": [ - "Name" + "Namespace", + "OptionName" ], "type": "object" }, - "AWS::Glue::Table.IcebergInput": { + "AWS::ElasticBeanstalk::Environment.Tier": { "additionalProperties": false, "properties": { - "MetadataOperation": { - "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation", - "markdownDescription": "A required metadata operation. Can only be set to CREATE.", - "title": "MetadataOperation" + "Name": { + "markdownDescription": "The name of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `WebServer`\n- For *Worker tier* \u2013 `Worker`", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `Standard`\n- For *Worker tier* \u2013 `SQS/HTTP`", + "title": "Type", + "type": "string" }, "Version": { - "markdownDescription": "The table version for the Iceberg table. Defaults to 2.", + "markdownDescription": "The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version.\n\n> This member is deprecated. Any specific version that you set may become out of date. We recommend leaving it unspecified.", "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::Glue::Table.MetadataOperation": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Glue::Table.OpenTableFormatInput": { - "additionalProperties": false, - "properties": { - "IcebergInput": { - "$ref": "#/definitions/AWS::Glue::Table.IcebergInput", - "markdownDescription": "Specifies an `IcebergInput` structure that defines an Apache Iceberg metadata table.", - "title": "IcebergInput" - } - }, - "type": "object" - }, - "AWS::Glue::Table.Order": { + "AWS::ElasticLoadBalancing::LoadBalancer": { "additionalProperties": false, "properties": { - "Column": { - "markdownDescription": "The name of the column.", - "title": "Column", + "Condition": { "type": "string" }, - "SortOrder": { - "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", - "title": "SortOrder", - "type": "number" - } - }, - "required": [ - "Column", - "SortOrder" - ], - "type": "object" - }, - "AWS::Glue::Table.SchemaId": { - "additionalProperties": false, - "properties": { - "RegistryName": { - "markdownDescription": "The name of the schema registry that contains the schema.", - "title": "RegistryName", - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", - "title": "SchemaArn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLoggingPolicy": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy", + "markdownDescription": "Information about where and how access logs are stored for the load balancer.", + "title": "AccessLoggingPolicy" + }, + "AppCookieStickinessPolicy": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy" + }, + "markdownDescription": "Information about a policy for application-controlled session stickiness.", + "title": "AppCookieStickinessPolicy", + "type": "array" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones for a load balancer in a default VPC. For a load balancer in a nondefault VPC, specify `Subnets` instead.\n\nUpdate requires replacement if you did not previously specify an Availability Zone or if you are removing all Availability Zones. Otherwise, update requires no interruption.", + "title": "AvailabilityZones", + "type": "array" + }, + "ConnectionDrainingPolicy": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy", + "markdownDescription": "If enabled, the load balancer allows existing requests to complete before the load balancer shifts traffic away from a deregistered or unhealthy instance.\n\nFor more information, see [Configure connection draining](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) in the *User Guide for Classic Load Balancers* .", + "title": "ConnectionDrainingPolicy" + }, + "ConnectionSettings": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings", + "markdownDescription": "If enabled, the load balancer allows the connections to remain idle (no data is sent over the connection) for the specified duration.\n\nBy default, Elastic Load Balancing maintains a 60-second idle connection timeout for both front-end and back-end connections of your load balancer. For more information, see [Configure idle connection timeout](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) in the *User Guide for Classic Load Balancers* .", + "title": "ConnectionSettings" + }, + "CrossZone": { + "markdownDescription": "If enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones.\n\nFor more information, see [Configure cross-zone load balancing](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) in the *User Guide for Classic Load Balancers* .", + "title": "CrossZone", + "type": "boolean" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck", + "markdownDescription": "The health check settings to use when evaluating the health of your EC2 instances.\n\nUpdate requires replacement if you did not previously specify health check settings or if you are removing the health check settings. Otherwise, update requires no interruption.", + "title": "HealthCheck" + }, + "Instances": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the instances for the load balancer.", + "title": "Instances", + "type": "array" + }, + "LBCookieStickinessPolicy": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy" + }, + "markdownDescription": "Information about a policy for duration-based session stickiness.", + "title": "LBCookieStickinessPolicy", + "type": "array" + }, + "Listeners": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Listeners" + }, + "markdownDescription": "The listeners for the load balancer. You can specify at most one listener per port.\n\nIf you update the properties for a listener, AWS CloudFormation deletes the existing listener and creates a new one with the specified properties. While the new listener is being created, clients cannot connect to the load balancer.", + "title": "Listeners", + "type": "array" + }, + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer. This name must be unique within your set of load balancers for the region.\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) . If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", + "title": "LoadBalancerName", + "type": "string" + }, + "Policies": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Policies" + }, + "markdownDescription": "The policies defined for your Classic Load Balancer. Specify only back-end server policies.", + "title": "Policies", + "type": "array" + }, + "Scheme": { + "markdownDescription": "The type of load balancer. Valid only for load balancers in a VPC.\n\nIf `Scheme` is `internet-facing` , the load balancer has a public DNS name that resolves to a public IP address.\n\nIf `Scheme` is `internal` , the load balancer has a public DNS name that resolves to a private IP address.", + "title": "Scheme", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the load balancer. Valid only for load balancers in a VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets for the load balancer. You can specify at most one subnet per Availability Zone.\n\nUpdate requires replacement if you did not previously specify a subnet or if you are removing all subnets. Otherwise, update requires no interruption. To update to a different subnet in the current Availability Zone, you must first update to a subnet in a different Availability Zone, then update to the new subnet in the original Availability Zone.", + "title": "Subnets", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with a load balancer.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Listeners" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ElasticLoadBalancing::LoadBalancer" + ], "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", - "title": "SchemaName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Glue::Table.SchemaReference": { + "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { "additionalProperties": false, "properties": { - "SchemaId": { - "$ref": "#/definitions/AWS::Glue::Table.SchemaId", - "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", - "title": "SchemaId" + "EmitInterval": { + "markdownDescription": "The interval for publishing the access logs. You can specify an interval of either 5 minutes or 60 minutes.\n\nDefault: 60 minutes", + "title": "EmitInterval", + "type": "number" }, - "SchemaVersionId": { - "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", - "title": "SchemaVersionId", + "Enabled": { + "markdownDescription": "Specifies whether access logs are enabled for the load balancer.", + "title": "Enabled", + "type": "boolean" + }, + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket where the access logs are stored.", + "title": "S3BucketName", "type": "string" }, - "SchemaVersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionNumber", - "type": "number" + "S3BucketPrefix": { + "markdownDescription": "The logical hierarchy you created for your Amazon S3 bucket, for example `my-bucket-prefix/prod` . If the prefix is not provided, the log is placed at the root level of the bucket.", + "title": "S3BucketPrefix", + "type": "string" } }, + "required": [ + "Enabled", + "S3BucketName" + ], "type": "object" }, - "AWS::Glue::Table.SerdeInfo": { + "AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the SerDe.", - "title": "Name", + "CookieName": { + "markdownDescription": "The name of the application cookie used for stickiness.", + "title": "CookieName", "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", - "title": "Parameters", - "type": "object" - }, - "SerializationLibrary": { - "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", - "title": "SerializationLibrary", + "PolicyName": { + "markdownDescription": "The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.", + "title": "PolicyName", "type": "string" } }, + "required": [ + "CookieName", + "PolicyName" + ], "type": "object" }, - "AWS::Glue::Table.SkewedInfo": { + "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy": { "additionalProperties": false, "properties": { - "SkewedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of names of columns that contain skewed values.", - "title": "SkewedColumnNames", - "type": "array" - }, - "SkewedColumnValueLocationMaps": { - "markdownDescription": "A mapping of skewed values to the columns that contain them.", - "title": "SkewedColumnValueLocationMaps", - "type": "object" + "Enabled": { + "markdownDescription": "Specifies whether connection draining is enabled for the load balancer.", + "title": "Enabled", + "type": "boolean" }, - "SkewedColumnValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", - "title": "SkewedColumnValues", - "type": "array" + "Timeout": { + "markdownDescription": "The maximum time, in seconds, to keep the existing connections open before deregistering the instances.", + "title": "Timeout", + "type": "number" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::Glue::Table.StorageDescriptor": { + "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings": { "additionalProperties": false, "properties": { - "BucketColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", - "title": "BucketColumns", - "type": "array" - }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Table.Column" - }, - "markdownDescription": "A list of the `Columns` in the table.", - "title": "Columns", - "type": "array" - }, - "Compressed": { - "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", - "title": "Compressed", - "type": "boolean" - }, - "InputFormat": { - "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", - "title": "InputFormat", + "IdleTimeout": { + "markdownDescription": "The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.", + "title": "IdleTimeout", + "type": "number" + } + }, + "required": [ + "IdleTimeout" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck": { + "additionalProperties": false, + "properties": { + "HealthyThreshold": { + "markdownDescription": "The number of consecutive health checks successes required before moving the instance to the `Healthy` state.", + "title": "HealthyThreshold", "type": "string" }, - "Location": { - "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", - "title": "Location", + "Interval": { + "markdownDescription": "The approximate interval, in seconds, between health checks of an individual instance.", + "title": "Interval", "type": "string" }, - "NumberOfBuckets": { - "markdownDescription": "Must be specified if the table contains any dimension columns.", - "title": "NumberOfBuckets", - "type": "number" - }, - "OutputFormat": { - "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", - "title": "OutputFormat", + "Target": { + "markdownDescription": "The instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535.\n\nTCP is the default, specified as a TCP: port pair, for example \"TCP:5000\". In this case, a health check simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy.\n\nSSL is also specified as SSL: port pair, for example, SSL:5000.\n\nFor HTTP/HTTPS, you must include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example \"HTTP:80/weather/us/wa/seattle\". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than \"200 OK\" within the timeout period is considered unhealthy.\n\nThe total length of the HTTP ping target must be 1024 16-bit Unicode characters or less.", + "title": "Target", "type": "string" }, - "Parameters": { - "markdownDescription": "The user-supplied properties in key-value form.", - "title": "Parameters", - "type": "object" - }, - "SchemaReference": { - "$ref": "#/definitions/AWS::Glue::Table.SchemaReference", - "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", - "title": "SchemaReference" - }, - "SerdeInfo": { - "$ref": "#/definitions/AWS::Glue::Table.SerdeInfo", - "markdownDescription": "The serialization/deserialization (SerDe) information.", - "title": "SerdeInfo" - }, - "SkewedInfo": { - "$ref": "#/definitions/AWS::Glue::Table.SkewedInfo", - "markdownDescription": "The information about values that appear frequently in a column (skewed values).", - "title": "SkewedInfo" - }, - "SortColumns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Table.Order" - }, - "markdownDescription": "A list specifying the sort order of each bucket in the table.", - "title": "SortColumns", - "type": "array" + "Timeout": { + "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check.\n\nThis value must be less than the `Interval` value.", + "title": "Timeout", + "type": "string" }, - "StoredAsSubDirectories": { - "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", - "title": "StoredAsSubDirectories", - "type": "boolean" + "UnhealthyThreshold": { + "markdownDescription": "The number of consecutive health check failures required before moving the instance to the `Unhealthy` state.", + "title": "UnhealthyThreshold", + "type": "string" } }, + "required": [ + "HealthyThreshold", + "Interval", + "Target", + "Timeout", + "UnhealthyThreshold" + ], "type": "object" }, - "AWS::Glue::Table.TableIdentifier": { + "AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the table resides.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database that contains the target table.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the target table.", - "title": "Name", + "CookieExpirationPeriod": { + "markdownDescription": "The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session.", + "title": "CookieExpirationPeriod", "type": "string" }, - "Region": { - "markdownDescription": "The Region of the table.", - "title": "Region", + "PolicyName": { + "markdownDescription": "The name of the policy. This name must be unique within the set of policies for this load balancer.", + "title": "PolicyName", "type": "string" } }, "type": "object" }, - "AWS::Glue::Table.TableInput": { + "AWS::ElasticLoadBalancing::LoadBalancer.Listeners": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the table.", - "title": "Description", + "InstancePort": { + "markdownDescription": "The port on which the instance is listening.", + "title": "InstancePort", "type": "string" }, - "Name": { - "markdownDescription": "The table name. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "Name", + "InstanceProtocol": { + "markdownDescription": "The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL.\n\nIf the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is secure, (HTTPS or SSL), the listener's `InstanceProtocol` must also be secure.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is HTTP or TCP, the listener's `InstanceProtocol` must be HTTP or TCP.", + "title": "InstanceProtocol", "type": "string" }, - "Owner": { - "markdownDescription": "The table owner. Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", - "title": "Owner", + "LoadBalancerPort": { + "markdownDescription": "The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.", + "title": "LoadBalancerPort", "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define properties associated with the table.", - "title": "Parameters", - "type": "object" - }, - "PartitionKeys": { + "PolicyNames": { "items": { - "$ref": "#/definitions/AWS::Glue::Table.Column" + "type": "string" }, - "markdownDescription": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n\nWhen you create a table used by Amazon Athena, and you do not specify any `partitionKeys` , you must at least set the value of `partitionKeys` to an empty list. For example:\n\n`\"PartitionKeys\": []`", - "title": "PartitionKeys", + "markdownDescription": "The names of the policies to associate with the listener.", + "title": "PolicyNames", "type": "array" }, - "Retention": { - "markdownDescription": "The retention time for this table.", - "title": "Retention", - "type": "number" - }, - "StorageDescriptor": { - "$ref": "#/definitions/AWS::Glue::Table.StorageDescriptor", - "markdownDescription": "A storage descriptor containing information about the physical storage of this table.", - "title": "StorageDescriptor" + "Protocol": { + "markdownDescription": "The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL.", + "title": "Protocol", + "type": "string" }, - "TableType": { - "markdownDescription": "The type of this table. AWS Glue will create tables with the `EXTERNAL_TABLE` type. Other services, such as Athena, may create tables with additional table types.\n\nAWS Glue related table types:\n\n- **EXTERNAL_TABLE** - Hive compatible attribute - indicates a non-Hive managed table.\n- **GOVERNED** - Used by AWS Lake Formation . The AWS Glue Data Catalog understands `GOVERNED` .", - "title": "TableType", + "SSLCertificateId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the server certificate.", + "title": "SSLCertificateId", "type": "string" + } + }, + "required": [ + "InstancePort", + "LoadBalancerPort", + "Protocol" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancing::LoadBalancer.Policies": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "type": "object" + }, + "markdownDescription": "The policy attributes.", + "title": "Attributes", + "type": "array" }, - "TargetTable": { - "$ref": "#/definitions/AWS::Glue::Table.TableIdentifier", - "markdownDescription": "A `TableIdentifier` structure that describes a target table for resource linking.", - "title": "TargetTable" + "InstancePorts": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance ports for the policy. Required only for some policy types.", + "title": "InstancePorts", + "type": "array" }, - "ViewExpandedText": { - "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", - "title": "ViewExpandedText", + "LoadBalancerPorts": { + "items": { + "type": "string" + }, + "markdownDescription": "The load balancer ports for the policy. Required only for some policy types.", + "title": "LoadBalancerPorts", + "type": "array" + }, + "PolicyName": { + "markdownDescription": "The name of the policy.", + "title": "PolicyName", "type": "string" }, - "ViewOriginalText": { - "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations. If the table is a `VIRTUAL_VIEW` , certain Athena configuration encoded in base64.", - "title": "ViewOriginalText", + "PolicyType": { + "markdownDescription": "The name of the policy type.", + "title": "PolicyType", "type": "string" } }, + "required": [ + "Attributes", + "PolicyName", + "PolicyType" + ], "type": "object" }, - "AWS::Glue::TableOptimizer": { + "AWS::ElasticLoadBalancingV2::Listener": { "additionalProperties": false, "properties": { "Condition": { @@ -108167,44 +115340,73 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The catalog ID of the table.", - "title": "CatalogId", - "type": "string" + "AlpnPolicy": { + "items": { + "type": "string" + }, + "markdownDescription": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.", + "title": "AlpnPolicy", + "type": "array" }, - "DatabaseName": { - "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "DatabaseName", - "type": "string" + "Certificates": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Certificate" + }, + "markdownDescription": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nFor an HTTPS listener, update requires some interruptions. For a TLS listener, update requires no interruption.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", + "title": "Certificates", + "type": "array" }, - "TableName": { - "markdownDescription": "The table name. For Hive compatibility, this must be entirely lowercase.", - "title": "TableName", + "DefaultActions": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Action" + }, + "markdownDescription": "The actions for the default rule. You cannot define a condition for a default rule.\n\nTo create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) .", + "title": "DefaultActions", + "type": "array" + }, + "ListenerAttributes": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ListenerAttribute" + }, + "markdownDescription": "The listener attributes. Attributes that you do not modify retain their current values.", + "title": "ListenerAttributes", + "type": "array" + }, + "LoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", + "title": "LoadBalancerArn", "type": "string" }, - "TableOptimizerConfiguration": { - "$ref": "#/definitions/AWS::Glue::TableOptimizer.TableOptimizerConfiguration", - "markdownDescription": "Specifies configuration details of a table optimizer.", - "title": "TableOptimizerConfiguration" + "MutualAuthentication": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication", + "markdownDescription": "The mutual authentication configuration information.", + "title": "MutualAuthentication" }, - "Type": { - "markdownDescription": "The type of table optimizer. The valid values are:\n\n- compaction - for managing compaction with a table optimizer.\n- retention - for managing the retention of snapshot with a table optimizer.\n- orphan_file_deletion - for managing the deletion of orphan files with a table optimizer.", - "title": "Type", + "Port": { + "markdownDescription": "The port on which the load balancer is listening. You can't specify a port for a Gateway Load Balancer.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can\u2019t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You can't specify a protocol for a Gateway Load Balancer.", + "title": "Protocol", + "type": "string" + }, + "SslPolicy": { + "markdownDescription": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/describe-ssl-policies.html) in the *Network Load Balancers Guide* .\n\n[HTTPS listeners] Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic. To decrease the possibility of an interruption if your load balancer is handling a high volume of traffic, create an additional load balancer or request an LCU reservation.", + "title": "SslPolicy", "type": "string" } }, "required": [ - "CatalogId", - "DatabaseName", - "TableName", - "TableOptimizerConfiguration", - "Type" + "DefaultActions", + "LoadBalancerArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::TableOptimizer" + "AWS::ElasticLoadBalancingV2::Listener" ], "type": "string" }, @@ -108223,259 +115425,359 @@ ], "type": "object" }, - "AWS::Glue::TableOptimizer.TableOptimizerConfiguration": { + "AWS::ElasticLoadBalancingV2::Listener.Action": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Whether the table optimization is enabled.", - "title": "Enabled", - "type": "boolean" + "AuthenticateCognitoConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig", + "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", + "title": "AuthenticateCognitoConfig" }, - "RoleArn": { - "markdownDescription": "A role passed by the caller which gives the service permission to update the resources associated with the optimizer on the caller's behalf.", - "title": "RoleArn", + "AuthenticateOidcConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig", + "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", + "title": "AuthenticateOidcConfig" + }, + "FixedResponseConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig", + "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", + "title": "FixedResponseConfig" + }, + "ForwardConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ForwardConfig", + "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", + "title": "ForwardConfig" + }, + "Order": { + "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", + "title": "Order", + "type": "number" + }, + "RedirectConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.RedirectConfig", + "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", + "title": "RedirectConfig" + }, + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", + "title": "TargetGroupArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of action.", + "title": "Type", "type": "string" } }, "required": [ - "Enabled", - "RoleArn" + "Type" ], "type": "object" }, - "AWS::Glue::Trigger": { + "AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig": { "additionalProperties": false, "properties": { - "Condition": { + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" }, - "Metadata": { - "type": "object" + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::Glue::Trigger.Action" - }, - "markdownDescription": "The actions initiated by this trigger.", - "title": "Actions", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of this trigger.", - "title": "Description", - "type": "string" - }, - "EventBatchingCondition": { - "$ref": "#/definitions/AWS::Glue::Trigger.EventBatchingCondition", - "markdownDescription": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires.", - "title": "EventBatchingCondition" - }, - "Name": { - "markdownDescription": "The name of the trigger.", - "title": "Name", - "type": "string" - }, - "Predicate": { - "$ref": "#/definitions/AWS::Glue::Trigger.Predicate", - "markdownDescription": "The predicate of this trigger, which defines when it will fire.", - "title": "Predicate" - }, - "Schedule": { - "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) in the *AWS Glue Developer Guide* . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", - "title": "Schedule", - "type": "string" - }, - "StartOnCreation": { - "markdownDescription": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.", - "title": "StartOnCreation", - "type": "boolean" - }, - "Tags": { - "markdownDescription": "The tags to use with this trigger.", - "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "The type of trigger that this is.", - "title": "Type", - "type": "string" - }, - "WorkflowName": { - "markdownDescription": "The name of the workflow associated with the trigger.", - "title": "WorkflowName", - "type": "string" - } - }, - "required": [ - "Actions", - "Type" - ], - "type": "object" + "UserPoolArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", + "title": "UserPoolArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Glue::Trigger" - ], + "UserPoolClientId": { + "markdownDescription": "The ID of the Amazon Cognito user pool client.", + "title": "UserPoolClientId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UserPoolDomain": { + "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", + "title": "UserPoolDomain", "type": "string" } }, "required": [ - "Type", - "Properties" + "UserPoolArn", + "UserPoolClientId", + "UserPoolDomain" ], "type": "object" }, - "AWS::Glue::Trigger.Action": { + "AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig": { "additionalProperties": false, "properties": { - "Arguments": { - "markdownDescription": "The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the developer guide.", - "title": "Arguments", + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", "type": "object" }, - "CrawlerName": { - "markdownDescription": "The name of the crawler to be used with this action.", - "title": "CrawlerName", + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "AuthorizationEndpoint", "type": "string" }, - "JobName": { - "markdownDescription": "The name of a job to be executed.", - "title": "JobName", + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", "type": "string" }, - "NotificationProperty": { - "$ref": "#/definitions/AWS::Glue::Trigger.NotificationProperty", - "markdownDescription": "Specifies configuration properties of a job run notification.", - "title": "NotificationProperty" + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", + "title": "ClientSecret", + "type": "string" }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this action.", - "title": "SecurityConfiguration", + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "Issuer", "type": "string" }, - "Timeout": { - "markdownDescription": "The `JobRun` timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.", - "title": "Timeout", - "type": "number" + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" + }, + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "string" + }, + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "TokenEndpoint", + "type": "string" + }, + "UseExistingClientSecret": { + "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", + "title": "UseExistingClientSecret", + "type": "boolean" + }, + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "UserInfoEndpoint", + "type": "string" + } + }, + "required": [ + "AuthorizationEndpoint", + "ClientId", + "Issuer", + "TokenEndpoint", + "UserInfoEndpoint" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::Listener.Certificate": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", + "type": "string" } }, "type": "object" }, - "AWS::Glue::Trigger.Condition": { + "AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig": { "additionalProperties": false, "properties": { - "CrawlState": { - "markdownDescription": "The state of the crawler to which this condition applies.", - "title": "CrawlState", + "ContentType": { + "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", + "title": "ContentType", "type": "string" }, - "CrawlerName": { - "markdownDescription": "The name of the crawler to which this condition applies.", - "title": "CrawlerName", + "MessageBody": { + "markdownDescription": "The message.", + "title": "MessageBody", "type": "string" }, - "JobName": { - "markdownDescription": "The name of the job whose `JobRuns` this condition applies to, and on which this trigger waits.", - "title": "JobName", + "StatusCode": { + "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", + "title": "StatusCode", "type": "string" + } + }, + "required": [ + "StatusCode" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::Listener.ForwardConfig": { + "additionalProperties": false, + "properties": { + "TargetGroupStickinessConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig", + "markdownDescription": "Information about the target group stickiness for a rule.", + "title": "TargetGroupStickinessConfig" }, - "LogicalOperator": { - "markdownDescription": "A logical operator.", - "title": "LogicalOperator", + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple" + }, + "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", + "title": "TargetGroups", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::Listener.ListenerAttribute": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attribute is supported by Network Load Balancers, and Gateway Load Balancers.\n\n- `tcp.idle_timeout.seconds` - The tcp idle timeout value, in seconds. The valid range is 60-6000 seconds. The default is 350 seconds.\n\nThe following attributes are only supported by Application Load Balancers.\n\n- `routing.http.request.x_amzn_mtls_clientcert_serial_number.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Serial-Number* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_issuer.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Issuer* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_subject.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Subject* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_validity.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Validity* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_leaf.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Leaf* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert* HTTP request header.\n- `routing.http.request.x_amzn_tls_version.header_name` - Enables you to modify the header name of the *X-Amzn-Tls-Version* HTTP request header.\n- `routing.http.request.x_amzn_tls_cipher_suite.header_name` - Enables you to modify the header name of the *X-Amzn-Tls-Cipher-Suite* HTTP request header.\n- `routing.http.response.server.enabled` - Enables you to allow or remove the HTTP response server header.\n- `routing.http.response.strict_transport_security.header_value` - Informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS.\n- `routing.http.response.access_control_allow_origin.header_value` - Specifies which origins are allowed to access the server.\n- `routing.http.response.access_control_allow_methods.header_value` - Returns which HTTP methods are allowed when accessing the server from a different origin.\n- `routing.http.response.access_control_allow_headers.header_value` - Specifies which headers can be used during the request.\n- `routing.http.response.access_control_allow_credentials.header_value` - Indicates whether the browser should include credentials such as cookies or authentication when making requests.\n- `routing.http.response.access_control_expose_headers.header_value` - Returns which headers the browser can expose to the requesting client.\n- `routing.http.response.access_control_max_age.header_value` - Specifies how long the results of a preflight request can be cached, in seconds.\n- `routing.http.response.content_security_policy.header_value` - Specifies restrictions enforced by the browser to help minimize the risk of certain types of security threats.\n- `routing.http.response.x_content_type_options.header_value` - Indicates whether the MIME types advertised in the *Content-Type* headers should be followed and not be changed.\n- `routing.http.response.x_frame_options.header_value` - Indicates whether the browser is allowed to render a page in a *frame* , *iframe* , *embed* or *object* .", + "title": "Key", "type": "string" }, - "State": { - "markdownDescription": "The condition state. Currently, the values supported are `SUCCEEDED` , `STOPPED` , `TIMEOUT` , and `FAILED` .", - "title": "State", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Glue::Trigger.EventBatchingCondition": { + "AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires.", - "title": "BatchSize", - "type": "number" + "AdvertiseTrustStoreCaNames": { + "markdownDescription": "Indicates whether trust store CA certificate names are advertised.", + "title": "AdvertiseTrustStoreCaNames", + "type": "string" }, - "BatchWindow": { - "markdownDescription": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received.", - "title": "BatchWindow", - "type": "number" + "IgnoreClientCertificateExpiry": { + "markdownDescription": "Indicates whether expired client certificates are ignored.", + "title": "IgnoreClientCertificateExpiry", + "type": "boolean" + }, + "Mode": { + "markdownDescription": "The client certificate handling method. Options are `off` , `passthrough` or `verify` . The default value is `off` .", + "title": "Mode", + "type": "string" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::Listener.RedirectConfig": { + "additionalProperties": false, + "properties": { + "Host": { + "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", + "title": "Host", + "type": "string" + }, + "Path": { + "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", + "title": "Path", + "type": "string" + }, + "Port": { + "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", + "title": "Protocol", + "type": "string" + }, + "Query": { + "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", + "title": "Query", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", + "title": "StatusCode", + "type": "string" } }, "required": [ - "BatchSize" + "StatusCode" ], "type": "object" }, - "AWS::Glue::Trigger.NotificationProperty": { + "AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig": { "additionalProperties": false, "properties": { - "NotifyDelayAfter": { - "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification", - "title": "NotifyDelayAfter", + "DurationSeconds": { + "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", + "title": "DurationSeconds", "type": "number" + }, + "Enabled": { + "markdownDescription": "Indicates whether target group stickiness is enabled.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Trigger.Predicate": { + "AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple": { "additionalProperties": false, "properties": { - "Conditions": { - "items": { - "$ref": "#/definitions/AWS::Glue::Trigger.Condition" - }, - "markdownDescription": "A list of the conditions that determine when the trigger will fire.", - "title": "Conditions", - "type": "array" - }, - "Logical": { - "markdownDescription": "An optional field if only one condition is listed. If multiple conditions are listed, then this field is required.", - "title": "Logical", + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "TargetGroupArn", "type": "string" + }, + "Weight": { + "markdownDescription": "The weight. The range is 0 to 999.", + "title": "Weight", + "type": "number" } }, "type": "object" }, - "AWS::Glue::Workflow": { + "AWS::ElasticLoadBalancingV2::ListenerCertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -108510,37 +115812,29 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultRunProperties": { - "markdownDescription": "A collection of properties to be used as part of each execution of the workflow", - "title": "DefaultRunProperties", - "type": "object" + "Certificates": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate" + }, + "markdownDescription": "The certificate. You can specify one certificate per resource.", + "title": "Certificates", + "type": "array" }, - "Description": { - "markdownDescription": "A description of the workflow", - "title": "Description", + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", "type": "string" - }, - "MaxConcurrentRuns": { - "markdownDescription": "You can use this parameter to prevent unwanted multiple updates to data, to control costs, or in some cases, to prevent exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.", - "title": "MaxConcurrentRuns", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the workflow representing the flow", - "title": "Name", - "type": "string" - }, - "Tags": { - "markdownDescription": "The tags to use with this workflow.", - "title": "Tags", - "type": "object" } }, + "required": [ + "Certificates", + "ListenerArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Workflow" + "AWS::ElasticLoadBalancingV2::ListenerCertificate" ], "type": "string" }, @@ -108554,11 +115848,23 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Grafana::Workspace": { + "AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule": { "additionalProperties": false, "properties": { "Condition": { @@ -108593,114 +115899,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAccessType": { - "markdownDescription": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access.", - "title": "AccountAccessType", - "type": "string" - }, - "AuthenticationProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies whether this workspace uses SAML 2.0, AWS IAM Identity Center , or both to authenticate users for using the Grafana console within a workspace. For more information, see [User authentication in Amazon Managed Grafana](https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html) .\n\n*Allowed Values* : `AWS_SSO | SAML`", - "title": "AuthenticationProviders", - "type": "array" - }, - "ClientToken": { - "markdownDescription": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.", - "title": "ClientToken", - "type": "string" - }, - "DataSources": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.\n\nThis list is only used when the workspace was created through the AWS console, and the `permissionType` is `SERVICE_MANAGED` .", - "title": "DataSources", - "type": "array" - }, - "Description": { - "markdownDescription": "The user-defined description of the workspace.", - "title": "Description", - "type": "string" - }, - "GrafanaVersion": { - "markdownDescription": "Specifies the version of Grafana to support in the workspace. Defaults to the latest version on create (for example, 9.4), or the current version of the workspace on update.\n\nCan only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).\n\nTo know what versions are available to upgrade to for a specific workspace, see the [ListVersions](https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListVersions.html) operation.", - "title": "GrafanaVersion", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the workspace.", - "title": "Name", - "type": "string" - }, - "NetworkAccessControl": { - "$ref": "#/definitions/AWS::Grafana::Workspace.NetworkAccessControl", - "markdownDescription": "The configuration settings for network access to your workspace.", - "title": "NetworkAccessControl" - }, - "NotificationDestinations": { + "Actions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.Action" }, - "markdownDescription": "The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.\n\n*AllowedValues* : `SNS`", - "title": "NotificationDestinations", + "markdownDescription": "The actions.\n\nThe rule must include exactly one of the following types of actions: `forward` , `fixed-response` , or `redirect` , and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.", + "title": "Actions", "type": "array" }, - "OrganizationRoleName": { - "markdownDescription": "The name of the IAM role that is used to access resources through Organizations.", - "title": "OrganizationRoleName", - "type": "string" - }, - "OrganizationalUnits": { + "Conditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition" }, - "markdownDescription": "Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.", - "title": "OrganizationalUnits", + "markdownDescription": "The conditions.\n\nThe rule can optionally include up to one of each of the following conditions: `http-request-method` , `host-header` , `path-pattern` , and `source-ip` . A rule can also optionally include one or more of each of the following conditions: `http-header` and `query-string` .", + "title": "Conditions", "type": "array" }, - "PermissionType": { - "markdownDescription": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)", - "title": "PermissionType", - "type": "string" - }, - "PluginAdminEnabled": { - "markdownDescription": "Whether plugin administration is enabled in the workspace. Setting to `true` allows workspace admins to install, uninstall, and update plugins from within the Grafana workspace.\n\n> This option is only valid for workspaces that support Grafana version 9 or newer.", - "title": "PluginAdminEnabled", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The IAM role that grants permissions to the AWS resources that the workspace will view data from. This role must already exist.", - "title": "RoleArn", - "type": "string" - }, - "SamlConfiguration": { - "$ref": "#/definitions/AWS::Grafana::Workspace.SamlConfiguration", - "markdownDescription": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace.", - "title": "SamlConfiguration" - }, - "StackSetName": { - "markdownDescription": "The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.", - "title": "StackSetName", + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", "type": "string" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Grafana::Workspace.VpcConfiguration", - "markdownDescription": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n> Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2).", - "title": "VpcConfiguration" + "Priority": { + "markdownDescription": "The rule priority. A listener can't have multiple rules with the same priority.\n\nIf you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.", + "title": "Priority", + "type": "number" } }, "required": [ - "AccountAccessType", - "AuthenticationProviders", - "PermissionType" + "Actions", + "Conditions", + "Priority" ], "type": "object" }, "Type": { "enum": [ - "AWS::Grafana::Workspace" + "AWS::ElasticLoadBalancingV2::ListenerRule" ], "type": "string" }, @@ -108719,166 +115954,460 @@ ], "type": "object" }, - "AWS::Grafana::Workspace.AssertionAttributes": { + "AWS::ElasticLoadBalancingV2::ListenerRule.Action": { "additionalProperties": false, "properties": { - "Email": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the email names for SAML users.", - "title": "Email", + "AuthenticateCognitoConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig", + "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", + "title": "AuthenticateCognitoConfig" + }, + "AuthenticateOidcConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig", + "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", + "title": "AuthenticateOidcConfig" + }, + "FixedResponseConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig", + "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", + "title": "FixedResponseConfig" + }, + "ForwardConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig", + "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", + "title": "ForwardConfig" + }, + "Order": { + "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", + "title": "Order", + "type": "number" + }, + "RedirectConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig", + "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", + "title": "RedirectConfig" + }, + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", + "title": "TargetGroupArn", "type": "string" }, - "Groups": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for user groups.", - "title": "Groups", + "Type": { + "markdownDescription": "The type of action.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig": { + "additionalProperties": false, + "properties": { + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", "type": "string" }, - "Login": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the login names for SAML users.", - "title": "Login", + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", "type": "string" }, - "Name": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for SAML users.", - "title": "Name", + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", "type": "string" }, - "Org": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for the users' organizations.", - "title": "Org", + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "number" + }, + "UserPoolArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", + "title": "UserPoolArn", "type": "string" }, - "Role": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user roles.", - "title": "Role", + "UserPoolClientId": { + "markdownDescription": "The ID of the Amazon Cognito user pool client.", + "title": "UserPoolClientId", + "type": "string" + }, + "UserPoolDomain": { + "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", + "title": "UserPoolDomain", "type": "string" } }, + "required": [ + "UserPoolArn", + "UserPoolClientId", + "UserPoolDomain" + ], "type": "object" }, - "AWS::Grafana::Workspace.IdpMetadata": { + "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig": { "additionalProperties": false, "properties": { - "Url": { - "markdownDescription": "The URL of the location containing the IdP metadata.", - "title": "Url", + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "AuthorizationEndpoint", "type": "string" }, - "Xml": { - "markdownDescription": "The full IdP metadata, in XML format.", - "title": "Xml", + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", + "title": "ClientSecret", + "type": "string" + }, + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "Issuer", + "type": "string" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" + }, + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "number" + }, + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "TokenEndpoint", + "type": "string" + }, + "UseExistingClientSecret": { + "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", + "title": "UseExistingClientSecret", + "type": "boolean" + }, + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "UserInfoEndpoint", + "type": "string" + } + }, + "required": [ + "AuthorizationEndpoint", + "ClientId", + "Issuer", + "TokenEndpoint", + "UserInfoEndpoint" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", + "title": "ContentType", + "type": "string" + }, + "MessageBody": { + "markdownDescription": "The message.", + "title": "MessageBody", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", + "title": "StatusCode", "type": "string" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::Grafana::Workspace.NetworkAccessControl": { + "AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig": { "additionalProperties": false, "properties": { - "PrefixListIds": { + "TargetGroupStickinessConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig", + "markdownDescription": "Information about the target group stickiness for a rule.", + "title": "TargetGroupStickinessConfig" + }, + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple" + }, + "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", + "title": "TargetGroups", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig": { + "additionalProperties": false, + "properties": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "An array of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration (passed an empty array) then no IP addresses are allowed to access the workspace. You create a prefix list using the Amazon VPC console.\n\nPrefix list IDs have the format `pl- *1a2b3c4d*` .\n\nFor more information about prefix lists, see [Group CIDR blocks using managed prefix lists](https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "PrefixListIds", + "markdownDescription": "The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). You must include at least one \".\" character. You can include only alphabetical characters after the final \".\" character.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the host name.", + "title": "Values", "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig": { + "additionalProperties": false, + "properties": { + "HttpHeaderName": { + "markdownDescription": "The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.", + "title": "HttpHeaderName", + "type": "string" }, - "VpceIds": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "An array of Amazon VPC endpoint IDs for the workspace. You can create VPC endpoints to your Amazon Managed Grafana workspace for access from within a VPC. If a `NetworkAccessConfiguration` is specified then only VPC endpoints specified here are allowed to access the workspace. If you pass in an empty array of strings, then no VPCs are allowed to access the workspace.\n\nVPC endpoint IDs have the format `vpce- *1a2b3c4d*` .\n\nFor more information about creating an interface VPC endpoint, see [Interface VPC endpoints](https://docs.aws.amazon.com/grafana/latest/userguide/VPC-endpoints) in the *Amazon Managed Grafana User Guide* .\n\n> The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the `com.amazonaws.[region].grafana-workspace` service endpoint). Other VPC endpoints are ignored.", - "title": "VpceIds", + "markdownDescription": "The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf the same header appears multiple times in the request, we search them in order until a match is found.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::Grafana::Workspace.RoleValues": { + "AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig": { "additionalProperties": false, "properties": { - "Admin": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Admin` role to.", - "title": "Admin", + "markdownDescription": "The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.", + "title": "Values", "type": "array" - }, - "Editor": { + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig": { + "additionalProperties": false, + "properties": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Editor` role to.", - "title": "Editor", + "markdownDescription": "The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::Grafana::Workspace.SamlConfiguration": { + "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig": { "additionalProperties": false, "properties": { - "AllowedOrganizations": { + "Values": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue" }, - "markdownDescription": "Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access.", - "title": "AllowedOrganizations", + "markdownDescription": "The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in `Values` using a '\\' character.\n\nIf you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.", + "title": "Values", "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key. You can omit the key.", + "title": "Key", + "type": "string" }, - "AssertionAttributes": { - "$ref": "#/definitions/AWS::Grafana::Workspace.AssertionAttributes", - "markdownDescription": "A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace.", - "title": "AssertionAttributes" + "Value": { + "markdownDescription": "The value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig": { + "additionalProperties": false, + "properties": { + "Host": { + "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", + "title": "Host", + "type": "string" }, - "IdpMetadata": { - "$ref": "#/definitions/AWS::Grafana::Workspace.IdpMetadata", - "markdownDescription": "A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace.", - "title": "IdpMetadata" + "Path": { + "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", + "title": "Path", + "type": "string" }, - "LoginValidityDuration": { - "markdownDescription": "How long a sign-on session by a SAML user is valid, before the user has to sign on again.", - "title": "LoginValidityDuration", - "type": "number" + "Port": { + "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", + "title": "Port", + "type": "string" }, - "RoleValues": { - "$ref": "#/definitions/AWS::Grafana::Workspace.RoleValues", - "markdownDescription": "A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace.", - "title": "RoleValues" + "Protocol": { + "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", + "title": "Protocol", + "type": "string" + }, + "Query": { + "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", + "title": "Query", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", + "title": "StatusCode", + "type": "string" } }, "required": [ - "IdpMetadata" + "StatusCode" ], "type": "object" }, - "AWS::Grafana::Workspace.VpcConfiguration": { + "AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "Field": { + "markdownDescription": "The field in the HTTP request. The following are the possible values:\n\n- `http-header`\n- `http-request-method`\n- `host-header`\n- `path-pattern`\n- `query-string`\n- `source-ip`", + "title": "Field", + "type": "string" + }, + "HostHeaderConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig", + "markdownDescription": "Information for a host header condition. Specify only when `Field` is `host-header` .", + "title": "HostHeaderConfig" + }, + "HttpHeaderConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig", + "markdownDescription": "Information for an HTTP header condition. Specify only when `Field` is `http-header` .", + "title": "HttpHeaderConfig" + }, + "HttpRequestMethodConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig", + "markdownDescription": "Information for an HTTP method condition. Specify only when `Field` is `http-request-method` .", + "title": "HttpRequestMethodConfig" + }, + "PathPatternConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig", + "markdownDescription": "Information for a path pattern condition. Specify only when `Field` is `path-pattern` .", + "title": "PathPatternConfig" + }, + "QueryStringConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig", + "markdownDescription": "Information for a query string condition. Specify only when `Field` is `query-string` .", + "title": "QueryStringConfig" + }, + "SourceIpConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig", + "markdownDescription": "Information for a source IP condition. Specify only when `Field` is `source-ip` .", + "title": "SourceIpConfig" + }, + "Values": { "items": { "type": "string" }, - "markdownDescription": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 1 items. Maximum number of 5 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", - "title": "SecurityGroupIds", + "markdownDescription": "The condition value. Specify only when `Field` is `host-header` or `path-pattern` . Alternatively, to specify multiple host names or multiple path patterns, use `HostHeaderConfig` or `PathPatternConfig` .\n\nIf `Field` is `host-header` and you're not using `HostHeaderConfig` , you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- - .\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)\n\nIf `Field` is `path-pattern` and you're not using `PathPatternConfig` , you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- _ - . $ / ~ \" ' @ : +\n- & (using &)\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)", + "title": "Values", "type": "array" - }, - "SubnetIds": { + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig": { + "additionalProperties": false, + "properties": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 2 items. Maximum number of 6 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", - "title": "SubnetIds", + "markdownDescription": "The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported.\n\nIf you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.", + "title": "Values", "type": "array" } }, - "required": [ - "SecurityGroupIds", - "SubnetIds" - ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinition": { + "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig": { + "additionalProperties": false, + "properties": { + "DurationSeconds": { + "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", + "title": "DurationSeconds", + "type": "number" + }, + "Enabled": { + "markdownDescription": "Indicates whether target group stickiness is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple": { + "additionalProperties": false, + "properties": { + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "TargetGroupArn", + "type": "string" + }, + "Weight": { + "markdownDescription": "The weight. The range is 0 to 999.", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { @@ -108913,30 +116442,92 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion", - "markdownDescription": "The connector definition version to include when the connector definition is created. A connector definition version contains a list of [`connector`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html) property types.\n\n> To associate a connector definition version after the connector definition is created, create an [`AWS::Greengrass::ConnectorDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-connectordefinitionversion.html) resource and specify the ID of this connector definition.", - "title": "InitialVersion" + "EnablePrefixForIpv6SourceNat": { + "markdownDescription": "[Network Load Balancers with UDP listeners] Indicates whether to use an IPv6 prefix from each subnet for source NAT. The IP address type must be `dualstack` . The default value is `off` .", + "title": "EnablePrefixForIpv6SourceNat", + "type": "string" + }, + "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { + "markdownDescription": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . The default is `on` .\n\nYou can't configure this property on a Network Load Balancer unless you associated a security group with the load balancer when you created it.", + "title": "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic", + "type": "string" + }, + "IpAddressType": { + "markdownDescription": "The IP address type. Internal load balancers must use `ipv4` .\n\n[Application Load Balancers] The possible values are `ipv4` (IPv4 addresses), `dualstack` (IPv4 and IPv6 addresses), and `dualstack-without-public-ipv4` (public IPv6 addresses and private IPv4 and IPv6 addresses).\n\nApplication Load Balancer authentication supports IPv4 addresses only when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer can't complete the authentication process, resulting in HTTP 500 errors.\n\n[Network Load Balancers and Gateway Load Balancers] The possible values are `ipv4` (IPv4 addresses) and `dualstack` (IPv4 and IPv6 addresses).", + "title": "IpAddressType", + "type": "string" + }, + "Ipv4IpamPoolId": { + "markdownDescription": "The ID of the IPv4 IPAM pool.", + "title": "Ipv4IpamPoolId", + "type": "string" + }, + "LoadBalancerAttributes": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute" + }, + "markdownDescription": "The load balancer attributes. Attributes that you do not modify retain their current values.", + "title": "LoadBalancerAttributes", + "type": "array" + }, + "MinimumLoadBalancerCapacity": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.MinimumLoadBalancerCapacity", + "markdownDescription": "The minimum capacity for a load balancer.", + "title": "MinimumLoadBalancerCapacity" }, "Name": { - "markdownDescription": "The name of the connector definition.", + "markdownDescription": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", "title": "Name", "type": "string" }, + "Scheme": { + "markdownDescription": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n\nThe nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n\nThe default is an Internet-facing load balancer.\n\nYou can't specify a scheme for a Gateway Load Balancer.", + "title": "Scheme", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer.", + "title": "SecurityGroups", + "type": "array" + }, + "SubnetMappings": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping" + }, + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones. You can't specify Elastic IP addresses for your subnets.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n\n[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You can't specify Elastic IP addresses for your subnets.", + "title": "SubnetMappings", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers and Gateway Load Balancers] You can specify subnets from one or more Availability Zones.", + "title": "Subnets", + "type": "array" + }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the connector definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the load balancer.", "title": "Tags", - "type": "object" + "type": "array" + }, + "Type": { + "markdownDescription": "The type of load balancer. The default is `application` .", + "title": "Type", + "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ConnectorDefinition" + "AWS::ElasticLoadBalancingV2::LoadBalancer" ], "type": "string" }, @@ -108950,54 +116541,75 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinition.Connector": { + "AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute": { "additionalProperties": false, "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "ConnectorArn", + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deletion_protection.enabled` - Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .\n- `load_balancing.cross_zone.enabled` - Indicates whether cross-zone load balancing is enabled. The possible values are `true` and `false` . The default for Network Load Balancers and Gateway Load Balancers is `false` . The default for Application Load Balancers is `true` , and can't be changed.\n\nThe following attributes are supported by both Application Load Balancers and Network Load Balancers:\n\n- `access_logs.s3.enabled` - Indicates whether access logs are enabled. The value is `true` or `false` . The default is `false` .\n- `access_logs.s3.bucket` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `access_logs.s3.prefix` - The prefix for the location in the S3 bucket for the access logs.\n- `ipv6.deny_all_igw_traffic` - Blocks internet gateway (IGW) access to the load balancer. It is set to `false` for internet-facing load balancers and `true` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.\n- `zonal_shift.config.enabled` - Indicates whether zonal shift is enabled. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Application Load Balancers:\n\n- `idle_timeout.timeout_seconds` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.\n- `client_keep_alive.seconds` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n- `connection_logs.s3.enabled` - Indicates whether connection logs are enabled. The value is `true` or `false` . The default is `false` .\n- `connection_logs.s3.bucket` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `connection_logs.s3.prefix` - The prefix for the location in the S3 bucket for the connection logs.\n- `routing.http.desync_mitigation_mode` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive` .\n- `routing.http.drop_invalid_header_fields.enabled` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( `true` ) or routed to targets ( `false` ). The default is `false` .\n- `routing.http.preserve_host_header.enabled` - Indicates whether the Application Load Balancer should preserve the `Host` header in the HTTP request and send it to the target without any change. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.x_amzn_tls_version_and_cipher_suite.enabled` - Indicates whether the two headers ( `x-amzn-tls-version` and `x-amzn-tls-cipher-suite` ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The `x-amzn-tls-version` header has information about the TLS protocol version negotiated with the client, and the `x-amzn-tls-cipher-suite` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are `true` and `false` . The default is `false` .\n- `routing.http.xff_client_port.enabled` - Indicates whether the `X-Forwarded-For` header should preserve the source port that the client used to connect to the load balancer. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.xff_header_processing.mode` - Enables you to modify, preserve, or remove the `X-Forwarded-For` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are `append` , `preserve` , and `remove` . The default is `append` .\n\n- If the value is `append` , the Application Load Balancer adds the client IP address (of the last hop) to the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- If the value is `preserve` the Application Load Balancer preserves the `X-Forwarded-For` header in the HTTP request, and sends it to targets without any change.\n- If the value is `remove` , the Application Load Balancer removes the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- `routing.http2.enabled` - Indicates whether HTTP/2 is enabled. The possible values are `true` and `false` . The default is `true` . Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.\n- `waf.fail_open.enabled` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Network Load Balancers:\n\n- `dns_record.client_routing_policy` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are `availability_zone_affinity` with 100 percent zonal affinity, `partial_availability_zone_affinity` with 85 percent zonal affinity, and `any_availability_zone` with 0 percent zonal affinity.", + "title": "Key", "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters or configuration used by the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "Parameters", - "type": "object" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::LoadBalancer.MinimumLoadBalancerCapacity": { + "additionalProperties": false, + "properties": { + "CapacityUnits": { + "markdownDescription": "The number of capacity units.", + "title": "CapacityUnits", + "type": "number" } }, "required": [ - "ConnectorArn", - "Id" + "CapacityUnits" ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion": { + "AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping": { "additionalProperties": false, "properties": { - "Connectors": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.Connector" - }, - "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to a connector definition version at a time.", - "title": "Connectors", - "type": "array" + "AllocationId": { + "markdownDescription": "[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.", + "title": "AllocationId", + "type": "string" + }, + "IPv6Address": { + "markdownDescription": "[Network Load Balancers] The IPv6 address.", + "title": "IPv6Address", + "type": "string" + }, + "PrivateIPv4Address": { + "markdownDescription": "[Network Load Balancers] The private IPv4 address for an internal load balancer.", + "title": "PrivateIPv4Address", + "type": "string" + }, + "SourceNatIpv6Prefix": { + "markdownDescription": "[Network Load Balancers with UDP listeners] The IPv6 prefix to use for source NAT. Specify an IPv6 prefix (/80 netmask) from the subnet CIDR block or `auto_assigned` to use an IPv6 prefix selected at random from the subnet CIDR block.", + "title": "SourceNatIpv6Prefix", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", + "type": "string" } }, "required": [ - "Connectors" + "SubnetId" ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinitionVersion": { + "AWS::ElasticLoadBalancingV2::TargetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -109032,29 +116644,116 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectorDefinitionId": { - "markdownDescription": "The ID of the connector definition associated with this version. This value is a GUID.", - "title": "ConnectorDefinitionId", + "HealthCheckEnabled": { + "markdownDescription": "Indicates whether health checks are enabled. If the target type is `lambda` , health checks are disabled by default but can be enabled. If the target type is `instance` , `ip` , or `alb` , health checks are always enabled and can't be disabled.", + "title": "HealthCheckEnabled", + "type": "boolean" + }, + "HealthCheckIntervalSeconds": { + "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds. If the target type is `lambda` , the default is 35 seconds.", + "title": "HealthCheckIntervalSeconds", + "type": "number" + }, + "HealthCheckPath": { + "markdownDescription": "[HTTP/HTTPS health checks] The destination for health checks on the targets.\n\n[HTTP1 or HTTP2 protocol version] The ping path. The default is /.\n\n[GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is / AWS .ALB/healthcheck.", + "title": "HealthCheckPath", "type": "string" }, - "Connectors": { + "HealthCheckPort": { + "markdownDescription": "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port` , which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80.", + "title": "HealthCheckPort", + "type": "string" + }, + "HealthCheckProtocol": { + "markdownDescription": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.", + "title": "HealthCheckProtocol", + "type": "string" + }, + "HealthCheckTimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2\u2013120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is `lambda` , the default is 30 seconds.", + "title": "HealthCheckTimeoutSeconds", + "type": "number" + }, + "HealthyThresholdCount": { + "markdownDescription": "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 5. If the target type is `lambda` , the default is 5.", + "title": "HealthyThresholdCount", + "type": "number" + }, + "IpAddressType": { + "markdownDescription": "The IP address type. The default value is `ipv4` .", + "title": "IpAddressType", + "type": "string" + }, + "Matcher": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.Matcher", + "markdownDescription": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499. For target groups with a protocol of GENEVE, the range is 200-399.", + "title": "Matcher" + }, + "Name": { + "markdownDescription": "The name of the target group.\n\nThis name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.", + "title": "Name", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "[HTTP/HTTPS protocol] The protocol version. The possible values are `GRPC` , `HTTP1` , and `HTTP2` .", + "title": "ProtocolVersion", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinitionVersion.Connector" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to the connector definition version at a time.", - "title": "Connectors", + "markdownDescription": "The tags.", + "title": "Tags", "type": "array" + }, + "TargetGroupAttributes": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute" + }, + "markdownDescription": "The target group attributes. Attributes that you do not modify retain their current values.", + "title": "TargetGroupAttributes", + "type": "array" + }, + "TargetType": { + "markdownDescription": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.\n\n- `instance` - Register targets by instance ID. This is the default value.\n- `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n- `lambda` - Register a single Lambda function as a target.\n- `alb` - Register a single Application Load Balancer as a target.", + "title": "TargetType", + "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription" + }, + "markdownDescription": "The targets.", + "title": "Targets", + "type": "array" + }, + "UnhealthyThresholdCount": { + "markdownDescription": "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 2. If the target type is `lambda` , the default is 5.", + "title": "UnhealthyThresholdCount", + "type": "number" + }, + "VpcId": { + "markdownDescription": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply. Otherwise, this parameter is required.", + "title": "VpcId", + "type": "string" } }, - "required": [ - "ConnectorDefinitionId", - "Connectors" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ConnectorDefinitionVersion" + "AWS::ElasticLoadBalancingV2::TargetGroup" ], "type": "string" }, @@ -109068,37 +116767,67 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinitionVersion.Connector": { + "AWS::ElasticLoadBalancingV2::TargetGroup.Matcher": { "additionalProperties": false, "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "ConnectorArn", + "GrpcCode": { + "markdownDescription": "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12.", + "title": "GrpcCode", + "type": "string" + }, + "HttpCode": { + "markdownDescription": "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Gateway Load Balancers, this must be \"200\u2013399\".\n\nNote that when using shorthand syntax, some values such as commas need to be escaped.", + "title": "HttpCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "An Availability Zone or `all` . This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer.\n\nFor Application Load Balancer target groups, the specified Availability Zone value is only applicable when cross-zone load balancing is off. Otherwise the parameter is ignored and treated as `all` .\n\nThis parameter is not supported if the target type of the target group is `instance` or `alb` .\n\nIf the target type is `ip` and the IP address is in a subnet of the VPC for the target group, the Availability Zone is automatically detected and this parameter is optional. If the IP address is outside the VPC, this parameter is required.\n\nFor Application Load Balancer target groups with cross-zone load balancing off, if the target type is `ip` and the IP address is outside of the VPC for the target group, this should be an Availability Zone inside the VPC for the target group.\n\nIf the target type is `lambda` , this parameter is optional and the only supported value is `all` .", + "title": "AvailabilityZone", "type": "string" }, "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "markdownDescription": "The ID of the target. If the target type of the target group is `instance` , specify an instance ID. If the target type is `ip` , specify an IP address. If the target type is `lambda` , specify the ARN of the Lambda function. If the target type is `alb` , specify the ARN of the Application Load Balancer target.", "title": "Id", "type": "string" }, - "Parameters": { - "markdownDescription": "The parameters or configuration that the connector uses.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "Parameters", - "type": "object" + "Port": { + "markdownDescription": "The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is `alb` , the targeted Application Load Balancer must have at least one listener whose port matches the target group port. This parameter is not used if the target is a Lambda function.", + "title": "Port", + "type": "number" } }, "required": [ - "ConnectorArn", "Id" ], "type": "object" }, - "AWS::Greengrass::CoreDefinition": { + "AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deregistration_delay.timeout_seconds` - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from `draining` to `unused` . The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.\n- `stickiness.enabled` - Indicates whether target stickiness is enabled. The value is `true` or `false` . The default is `false` .\n- `stickiness.type` - Indicates the type of stickiness. The possible values are:\n\n- `lb_cookie` and `app_cookie` for Application Load Balancers.\n- `source_ip` for Network Load Balancers.\n- `source_ip_dest_ip` and `source_ip_dest_ip_proto` for Gateway Load Balancers.\n\nThe following attributes are supported by Application Load Balancers and Network Load Balancers:\n\n- `load_balancing.cross_zone.enabled` - Indicates whether cross zone load balancing is enabled. The value is `true` , `false` or `use_load_balancer_configuration` . The default is `use_load_balancer_configuration` .\n- `target_group_health.dns_failover.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to the maximum number of targets. The default is 1.\n- `target_group_health.dns_failover.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are 1 to the maximum number of targets. The default is 1.\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n\nThe following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:\n\n- `load_balancing.algorithm.type` - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is `round_robin` , `least_outstanding_requests` , or `weighted_random` . The default is `round_robin` .\n- `load_balancing.algorithm.anomaly_mitigation` - Only available when `load_balancing.algorithm.type` is `weighted_random` . Indicates whether anomaly mitigation is enabled. The value is `on` or `off` . The default is `off` .\n- `slow_start.duration_seconds` - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).\n- `stickiness.app_cookie.cookie_name` - Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: `AWSALB` , `AWSALBAPP` , and `AWSALBTG` ; they're reserved for use by the load balancer.\n- `stickiness.app_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n- `stickiness.lb_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n\nThe following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:\n\n- `lambda.multi_value_headers.enabled` - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is `true` or `false` . The default is `false` . If the value is `false` and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.\n\nThe following attributes are supported only by Network Load Balancers:\n\n- `deregistration_delay.connection_termination.enabled` - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is `true` or `false` . For new UDP/TCP_UDP target groups the default is `true` . Otherwise, the default is `false` .\n- `preserve_client_ip.enabled` - Indicates whether client IP preservation is enabled. The value is `true` or `false` . The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation can't be disabled for UDP and TCP_UDP target groups.\n- `proxy_protocol_v2.enabled` - Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` .\n- `target_health_state.unhealthy.connection_termination.enabled` - Indicates whether the load balancer terminates connections to unhealthy targets. The value is `true` or `false` . The default is `true` . This attribute can't be enabled for UDP and TCP_UDP target groups.\n- `target_health_state.unhealthy.draining_interval_seconds` - The amount of time for Elastic Load Balancing to wait before changing the state of an unhealthy target from `unhealthy.draining` to `unhealthy` . The range is 0-360000 seconds. The default value is 0 seconds.\n\nNote: This attribute can only be configured when `target_health_state.unhealthy.connection_termination.enabled` is `false` .\n\nThe following attributes are supported only by Gateway Load Balancers:\n\n- `target_failover.on_deregistration` - Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.\n- `target_failover.on_unhealthy` - Indicates how the Gateway Load Balancer handles existing flows when a target is unhealthy. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::TrustStore": { "additionalProperties": false, "properties": { "Condition": { @@ -109133,30 +116862,40 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.CoreDefinitionVersion", - "markdownDescription": "The core definition version to include when the core definition is created. Currently, a core definition version can contain only one [`core`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-coredefinition-core.html) .\n\n> To associate a core definition version after the core definition is created, create an [`AWS::Greengrass::CoreDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-coredefinitionversion.html) resource and specify the ID of this core definition.", - "title": "InitialVersion" + "CaCertificatesBundleS3Bucket": { + "markdownDescription": "The Amazon S3 bucket for the ca certificates bundle.", + "title": "CaCertificatesBundleS3Bucket", + "type": "string" + }, + "CaCertificatesBundleS3Key": { + "markdownDescription": "The Amazon S3 path for the ca certificates bundle.", + "title": "CaCertificatesBundleS3Key", + "type": "string" + }, + "CaCertificatesBundleS3ObjectVersion": { + "markdownDescription": "The Amazon S3 object version for the ca certificates bundle. If undefined the current version is used.", + "title": "CaCertificatesBundleS3ObjectVersion", + "type": "string" }, "Name": { - "markdownDescription": "The name of the core definition.", + "markdownDescription": "The name of the trust store.", "title": "Name", "type": "string" }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the core definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the trust store.", "title": "Tags", - "type": "object" + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::CoreDefinition" + "AWS::ElasticLoadBalancingV2::TrustStore" ], "type": "string" }, @@ -109170,60 +116909,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Greengrass::CoreDefinition.Core": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "SyncShadow": { - "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The ARN of the core, which is an AWS IoT device (thing).", - "title": "ThingArn", - "type": "string" - } - }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], - "type": "object" - }, - "AWS::Greengrass::CoreDefinition.CoreDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Cores": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.Core" - }, - "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", - "title": "Cores", - "type": "array" - } - }, - "required": [ - "Cores" + "Type" ], "type": "object" }, - "AWS::Greengrass::CoreDefinitionVersion": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation": { "additionalProperties": false, "properties": { "Condition": { @@ -109258,29 +116948,25 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreDefinitionId": { - "markdownDescription": "The ID of the core definition associated with this version. This value is a GUID.", - "title": "CoreDefinitionId", - "type": "string" - }, - "Cores": { + "RevocationContents": { "items": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinitionVersion.Core" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent" }, - "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", - "title": "Cores", + "markdownDescription": "The revocation file to add.", + "title": "RevocationContents", "type": "array" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", + "type": "string" } }, - "required": [ - "CoreDefinitionId", - "Cores" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::CoreDefinitionVersion" + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation" ], "type": "string" }, @@ -109294,43 +116980,63 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Greengrass::CoreDefinitionVersion.Core": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", + "RevocationType": { + "markdownDescription": "The type of revocation file.", + "title": "RevocationType", "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket for the revocation file.", + "title": "S3Bucket", "type": "string" }, - "SyncShadow": { - "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the core, which is an AWS IoT device (thing).", - "title": "ThingArn", + "S3Key": { + "markdownDescription": "The Amazon S3 path for the revocation file.", + "title": "S3Key", + "type": "string" + }, + "S3ObjectVersion": { + "markdownDescription": "The Amazon S3 object version of the revocation file.", + "title": "S3ObjectVersion", "type": "string" } }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], "type": "object" }, - "AWS::Greengrass::DeviceDefinition": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.TrustStoreRevocation": { + "additionalProperties": false, + "properties": { + "NumberOfRevokedEntries": { + "markdownDescription": "The number of revoked certificates.", + "title": "NumberOfRevokedEntries", + "type": "number" + }, + "RevocationId": { + "markdownDescription": "The revocation ID of the revocation file.", + "title": "RevocationId", + "type": "string" + }, + "RevocationType": { + "markdownDescription": "The type of revocation file.", + "title": "RevocationType", + "type": "string" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -109365,30 +117071,102 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion", - "markdownDescription": "The device definition version to include when the device definition is created. A device definition version contains a list of [`device`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-devicedefinition-device.html) property types.\n\n> To associate a device definition version after the device definition is created, create an [`AWS::Greengrass::DeviceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-devicedefinitionversion.html) resource and specify the ID of this device definition.", - "title": "InitialVersion" + "AccessPolicies": { + "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guid* e.", + "title": "AccessPolicies", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the device definition.", - "title": "Name", + "AdvancedOptions": { + "additionalProperties": true, + "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [Advanced cluster parameters](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) in the *Amazon OpenSearch Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdvancedOptions", + "type": "object" + }, + "AdvancedSecurityOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput", + "markdownDescription": "Specifies options for fine-grained access control.", + "title": "AdvancedSecurityOptions" + }, + "CognitoOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.CognitoOptions", + "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", + "title": "CognitoOptions" + }, + "DomainEndpointOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.DomainEndpointOptions", + "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", + "title": "DomainEndpointOptions" + }, + "DomainName": { + "markdownDescription": "A name for the OpenSearch Service domain. For valid values, see the [DomainName](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-datatypes-domainname) data type in the *Amazon OpenSearch Service Developer Guide* . If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DomainName", + "type": "string" + }, + "EBSOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.EBSOptions", + "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "EBSOptions" + }, + "ElasticsearchClusterConfig": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ElasticsearchClusterConfig", + "markdownDescription": "ElasticsearchClusterConfig is a property of the AWS::Elasticsearch::Domain resource that configures the cluster of an Amazon OpenSearch Service domain.", + "title": "ElasticsearchClusterConfig" + }, + "ElasticsearchVersion": { + "markdownDescription": "The version of Elasticsearch to use, such as 2.3. If not specified, 1.5 is used as the default. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `ElasticsearchVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `ElasticsearchVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "ElasticsearchVersion", "type": "string" }, + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.EncryptionAtRestOptions", + "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS Key Management Service key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .", + "title": "EncryptionAtRestOptions" + }, + "LogPublishingOptions": { + "additionalProperties": false, + "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.LogPublishingOption" + } + }, + "title": "LogPublishingOptions", + "type": "object" + }, + "NodeToNodeEncryptionOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions", + "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", + "title": "NodeToNodeEncryptionOptions" + }, + "SnapshotOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.SnapshotOptions", + "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indices.", + "title": "SnapshotOptions" + }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the device definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", "title": "Tags", - "type": "object" + "type": "array" + }, + "VPCOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.VPCOptions", + "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VPCOptions" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::DeviceDefinition" + "AWS::Elasticsearch::Domain" ], "type": "string" }, @@ -109402,167 +117180,300 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Greengrass::DeviceDefinition.Device": { + "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", + "AnonymousAuthEnabled": { + "markdownDescription": "", + "title": "AnonymousAuthEnabled", + "type": "boolean" + }, + "Enabled": { + "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption.", + "title": "Enabled", + "type": "boolean" + }, + "InternalUserDatabaseEnabled": { + "markdownDescription": "True to enable the internal user database.", + "title": "InternalUserDatabaseEnabled", + "type": "boolean" + }, + "MasterUserOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.MasterUserOptions", + "markdownDescription": "Specifies information about the master user.", + "title": "MasterUserOptions" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.CognitoOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", + "title": "Enabled", + "type": "boolean" + }, + "IdentityPoolId": { + "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", + "title": "IdentityPoolId", "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "RoleArn": { + "markdownDescription": "The `AmazonESCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool. Required if you enable Cognito authentication.", + "title": "RoleArn", "type": "string" }, - "SyncShadow": { - "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", - "title": "SyncShadow", + "UserPoolId": { + "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", + "title": "UserPoolId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.ColdStorageOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage in order to enable cold storage.", + "title": "Enabled", "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.DomainEndpointOptions": { + "additionalProperties": false, + "properties": { + "CustomEndpoint": { + "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpoint", + "type": "string" }, - "ThingArn": { - "markdownDescription": "The ARN of the device, which is an AWS IoT device (thing).", - "title": "ThingArn", + "CustomEndpointCertificateArn": { + "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpointCertificateArn", + "type": "string" + }, + "CustomEndpointEnabled": { + "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", + "title": "CustomEndpointEnabled", + "type": "boolean" + }, + "EnforceHTTPS": { + "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS.", + "title": "EnforceHTTPS", + "type": "boolean" + }, + "TLSSecurityPolicy": { + "markdownDescription": "The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:\n\n- `Policy-Min-TLS-1-0-2019-07`\n- `Policy-Min-TLS-1-2-2019-07`", + "title": "TLSSecurityPolicy", "type": "string" } }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], "type": "object" }, - "AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion": { + "AWS::Elasticsearch::Domain.EBSOptions": { "additionalProperties": false, "properties": { - "Devices": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.Device" - }, - "markdownDescription": "The devices in this version.", - "title": "Devices", - "type": "array" + "EBSEnabled": { + "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", + "title": "EBSEnabled", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to provisioned IOPS EBS volume types.", + "title": "Iops", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain, such as standard, gp2, or io1. For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", + "title": "VolumeType", + "type": "string" } }, - "required": [ - "Devices" - ], "type": "object" }, - "AWS::Greengrass::DeviceDefinitionVersion": { + "AWS::Elasticsearch::Domain.ElasticsearchClusterConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ColdStorageOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ColdStorageOptions", + "markdownDescription": "Specifies cold storage options for the domain.", + "title": "ColdStorageOptions" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DedicatedMasterCount": { + "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify true for the DedicatedMasterEnabled property.", + "title": "DedicatedMasterCount", + "type": "number" + }, + "DedicatedMasterEnabled": { + "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", + "title": "DedicatedMasterEnabled", + "type": "boolean" + }, + "DedicatedMasterType": { + "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.elasticsearch` . If you specify this property, you must specify true for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "DedicatedMasterType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InstanceCount": { + "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", + "title": "InstanceCount", + "type": "number" }, - "Metadata": { - "type": "object" + "InstanceType": { + "markdownDescription": "The instance type for your data nodes, such as `m3.medium.elasticsearch` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "InstanceType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeviceDefinitionId": { - "markdownDescription": "The ID of the device definition associated with this version. This value is a GUID.", - "title": "DeviceDefinitionId", - "type": "string" - }, - "Devices": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinitionVersion.Device" - }, - "markdownDescription": "The devices in this version.", - "title": "Devices", - "type": "array" - } - }, - "required": [ - "DeviceDefinitionId", - "Devices" - ], - "type": "object" + "WarmCount": { + "markdownDescription": "The number of warm nodes in the cluster. Required if you enable warm storage.", + "title": "WarmCount", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Greengrass::DeviceDefinitionVersion" - ], + "WarmEnabled": { + "markdownDescription": "Whether to enable warm storage for the cluster.", + "title": "WarmEnabled", + "type": "boolean" + }, + "WarmType": { + "markdownDescription": "The instance type for the cluster's warm nodes. Required if you enable warm storage.", + "title": "WarmType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ZoneAwarenessConfig": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ZoneAwarenessConfig", + "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", + "title": "ZoneAwarenessConfig" + }, + "ZoneAwarenessEnabled": { + "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", + "title": "ZoneAwarenessEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.EncryptionAtRestOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specify `true` to enable encryption at rest.", + "title": "Enabled", + "type": "boolean" + }, + "KmsKeyId": { + "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.", + "title": "KmsKeyId", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Greengrass::DeviceDefinitionVersion.Device": { + "AWS::Elasticsearch::Domain.LogPublishingOption": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing for the domain.", + "title": "CloudWatchLogsLogGroupArn", "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Enabled": { + "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.MasterUserOptions": { + "additionalProperties": false, + "properties": { + "MasterUserARN": { + "markdownDescription": "ARN for the master user. Only specify if `InternalUserDatabaseEnabled` is false in `AdvancedSecurityOptions` .", + "title": "MasterUserARN", "type": "string" }, - "SyncShadow": { - "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", - "title": "SyncShadow", - "type": "boolean" + "MasterUserName": { + "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", + "title": "MasterUserName", + "type": "string" }, - "ThingArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device, which is an AWS IoT device (thing).", - "title": "ThingArn", + "MasterUserPassword": { + "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", + "title": "MasterUserPassword", "type": "string" } }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition": { + "AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether node-to-node encryption is enabled, as a Boolean.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.SnapshotOptions": { + "additionalProperties": false, + "properties": { + "AutomatedSnapshotStartHour": { + "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indices in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", + "title": "AutomatedSnapshotStartHour", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.VPCOptions": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nRequired if you're creating your domain inside a VPC.", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.ZoneAwarenessConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZoneCount": { + "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", + "title": "AvailabilityZoneCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow": { "additionalProperties": false, "properties": { "Condition": { @@ -109597,30 +117508,62 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion", - "markdownDescription": "The function definition version to include when the function definition is created. A function definition version contains a list of [`function`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinition-function.html) property types.\n\n> To associate a function definition version after the function definition is created, create an [`AWS::Greengrass::FunctionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-functiondefinitionversion.html) resource and specify the ID of this function definition.", - "title": "InitialVersion" + "Description": { + "markdownDescription": "A description of the workflow.", + "title": "Description", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the function definition.", - "title": "Name", + "IdMappingTechniques": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques", + "markdownDescription": "An object which defines the ID mapping technique and any additional configurations.", + "title": "IdMappingTechniques" + }, + "InputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource" + }, + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" + }, + "OutputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource" + }, + "markdownDescription": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` .", + "title": "OutputSourceConfig", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", + "title": "RoleArn", "type": "string" }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the function definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", - "type": "object" + "type": "array" + }, + "WorkflowName": { + "markdownDescription": "The name of the workflow. There can't be multiple `IdMappingWorkflows` with the same name.", + "title": "WorkflowName", + "type": "string" } }, "required": [ - "Name" + "IdMappingTechniques", + "InputSourceConfig", + "RoleArn", + "WorkflowName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::FunctionDefinition" + "AWS::EntityResolution::IdMappingWorkflow" ], "type": "string" }, @@ -109639,190 +117582,171 @@ ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition.DefaultConfig": { - "additionalProperties": false, - "properties": { - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", - "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", - "title": "Execution" - } - }, - "required": [ - "Execution" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.Environment": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingRuleBasedProperties": { "additionalProperties": false, "properties": { - "AccessSysfs": { - "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "AccessSysfs", - "type": "boolean" + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of the `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", + "type": "string" }, - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", - "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", - "title": "Execution" + "RecordMatchingModel": { + "markdownDescription": "The type of matching record that is allowed to be used in an ID mapping workflow.\n\nIf the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source can be matched to the same record in the target.\n\nIf the value is set to `MANY_SOURCE_TO_ONE_TARGET` , multiple records in the source can be matched to one record in the target.", + "title": "RecordMatchingModel", + "type": "string" }, - "ResourceAccessPolicies": { + "RuleDefinitionType": { + "markdownDescription": "The set of rules you can use in an ID mapping workflow. The limitations specified for the source or target to define the match rules must be compatible.", + "title": "RuleDefinitionType", + "type": "string" + }, + "Rules": { "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy" + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.Rule" }, - "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only for Lambda functions that run in a Greengrass container.", - "title": "ResourceAccessPolicies", + "markdownDescription": "The rules that can be used for ID mapping.", + "title": "Rules", "type": "array" - }, - "Variables": { - "markdownDescription": "Environment variables for the Lambda function.", - "title": "Variables", - "type": "object" } }, + "required": [ + "AttributeMatchingModel", + "RecordMatchingModel" + ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition.Execution": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques": { "additionalProperties": false, "properties": { - "IsolationMode": { - "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", - "title": "IsolationMode", + "IdMappingType": { + "markdownDescription": "The type of ID mapping.", + "title": "IdMappingType", "type": "string" }, - "RunAs": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.RunAs", - "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", - "title": "RunAs" + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.ProviderProperties", + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "title": "ProviderProperties" + }, + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingRuleBasedProperties", + "markdownDescription": "An object which defines any additional configurations required by rule-based matching.", + "title": "RuleBasedProperties" } }, "type": "object" }, - "AWS::Greengrass::FunctionDefinition.Function": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", - "title": "FunctionArn", + "InputSourceARN": { + "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", + "title": "InputSourceARN", "type": "string" }, - "FunctionConfiguration": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionConfiguration", - "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", - "title": "FunctionConfiguration" + "SchemaArn": { + "markdownDescription": "The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` .", + "title": "SchemaArn", + "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Type": { + "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", + "title": "Type", "type": "string" } }, "required": [ - "FunctionArn", - "FunctionConfiguration", - "Id" + "InputSourceARN" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition.FunctionConfiguration": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource": { "additionalProperties": false, "properties": { - "EncodingType": { - "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", - "title": "EncodingType", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Environment", - "markdownDescription": "The environment configuration of the function.", - "title": "Environment" - }, - "ExecArgs": { - "markdownDescription": "The execution arguments.", - "title": "ExecArgs", + "KMSArn": { + "markdownDescription": "Customer AWS KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", + "title": "KMSArn", "type": "string" }, - "Executable": { - "markdownDescription": "The name of the function executable.", - "title": "Executable", + "OutputS3Path": { + "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", + "title": "OutputS3Path", "type": "string" - }, - "MemorySize": { - "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "MemorySize", - "type": "number" - }, - "Pinned": { - "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", - "title": "Pinned", - "type": "boolean" - }, - "Timeout": { - "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", - "title": "Timeout", - "type": "number" } }, + "required": [ + "OutputS3Path" + ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion": { + "AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration": { "additionalProperties": false, "properties": { - "DefaultConfig": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.DefaultConfig", - "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", - "title": "DefaultConfig" - }, - "Functions": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Function" - }, - "markdownDescription": "The functions in this version.", - "title": "Functions", - "type": "array" + "IntermediateS3Path": { + "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", + "title": "IntermediateS3Path", + "type": "string" } }, "required": [ - "Functions" + "IntermediateS3Path" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy": { + "AWS::EntityResolution::IdMappingWorkflow.ProviderProperties": { "additionalProperties": false, "properties": { - "Permission": { - "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", - "title": "Permission", - "type": "string" + "IntermediateSourceConfiguration": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration", + "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", + "title": "IntermediateSourceConfiguration" }, - "ResourceId": { - "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", - "title": "ResourceId", + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "The required configuration fields to use with the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ProviderConfiguration", + "type": "object" + }, + "ProviderServiceArn": { + "markdownDescription": "The ARN of the provider service.", + "title": "ProviderServiceArn", "type": "string" } }, "required": [ - "ResourceId" + "ProviderServiceArn" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition.RunAs": { + "AWS::EntityResolution::IdMappingWorkflow.Rule": { "additionalProperties": false, "properties": { - "Gid": { - "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", - "title": "Gid", - "type": "number" + "MatchingKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", + "type": "array" }, - "Uid": { - "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", - "title": "Uid", - "type": "number" + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", + "type": "string" } }, + "required": [ + "MatchingKeys", + "RuleName" + ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion": { + "AWS::EntityResolution::IdNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -109857,34 +117781,60 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultConfig": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig", - "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", - "title": "DefaultConfig" + "Description": { + "markdownDescription": "The description of the ID namespace.", + "title": "Description", + "type": "string" }, - "FunctionDefinitionId": { - "markdownDescription": "The ID of the function definition associated with this version. This value is a GUID.", - "title": "FunctionDefinitionId", + "IdMappingWorkflowProperties": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties" + }, + "markdownDescription": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` .", + "title": "IdMappingWorkflowProperties", + "type": "array" + }, + "IdNamespaceName": { + "markdownDescription": "The name of the ID namespace.", + "title": "IdNamespaceName", "type": "string" }, - "Functions": { + "InputSourceConfig": { "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Function" + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceInputSource" }, - "markdownDescription": "The functions in this version.", - "title": "Functions", + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", + "title": "Type", + "type": "string" } }, "required": [ - "FunctionDefinitionId", - "Functions" + "IdNamespaceName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::FunctionDefinitionVersion" + "AWS::EntityResolution::IdNamespace" ], "type": "string" }, @@ -109903,168 +117853,133 @@ ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig": { - "additionalProperties": false, - "properties": { - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", - "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", - "title": "Execution" - } - }, - "required": [ - "Execution" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinitionVersion.Environment": { + "AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties": { "additionalProperties": false, "properties": { - "AccessSysfs": { - "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "AccessSysfs", - "type": "boolean" - }, - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", - "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", - "title": "Execution" + "IdMappingType": { + "markdownDescription": "The type of ID mapping.", + "title": "IdMappingType", + "type": "string" }, - "ResourceAccessPolicies": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy" - }, - "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "ResourceAccessPolicies", - "type": "array" + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceProviderProperties", + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "title": "ProviderProperties" }, - "Variables": { - "markdownDescription": "Environment variables for the Lambda function.", - "title": "Variables", - "type": "object" + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceRuleBasedProperties", + "markdownDescription": "An object which defines any additional configurations required by rule-based matching.", + "title": "RuleBasedProperties" } }, + "required": [ + "IdMappingType" + ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.Execution": { + "AWS::EntityResolution::IdNamespace.IdNamespaceInputSource": { "additionalProperties": false, "properties": { - "IsolationMode": { - "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", - "title": "IsolationMode", + "InputSourceARN": { + "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", + "title": "InputSourceARN", "type": "string" }, - "RunAs": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.RunAs", - "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", - "title": "RunAs" + "SchemaName": { + "markdownDescription": "The name of the schema.", + "title": "SchemaName", + "type": "string" } }, + "required": [ + "InputSourceARN" + ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.Function": { + "AWS::EntityResolution::IdNamespace.NamespaceProviderProperties": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", - "title": "FunctionArn", - "type": "string" - }, - "FunctionConfiguration": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration", - "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", - "title": "FunctionConfiguration" + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ProviderConfiguration", + "type": "object" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "ProviderServiceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the provider service.", + "title": "ProviderServiceArn", "type": "string" } }, "required": [ - "FunctionArn", - "FunctionConfiguration", - "Id" + "ProviderServiceArn" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration": { + "AWS::EntityResolution::IdNamespace.NamespaceRuleBasedProperties": { "additionalProperties": false, "properties": { - "EncodingType": { - "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", - "title": "EncodingType", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Environment", - "markdownDescription": "The environment configuration of the function.", - "title": "Environment" - }, - "ExecArgs": { - "markdownDescription": "The execution arguments.", - "title": "ExecArgs", - "type": "string" - }, - "Executable": { - "markdownDescription": "The name of the function executable.", - "title": "Executable", + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", "type": "string" }, - "MemorySize": { - "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "MemorySize", - "type": "number" + "RecordMatchingModels": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of matching record that is allowed to be used in an ID mapping workflow.\n\nIf the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source is matched to one record in the target.\n\nIf the value is set to `MANY_SOURCE_TO_ONE_TARGET` , all matching records in the source are matched to one record in the target.", + "title": "RecordMatchingModels", + "type": "array" }, - "Pinned": { - "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", - "title": "Pinned", - "type": "boolean" + "RuleDefinitionTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The sets of rules you can use in an ID mapping workflow. The limitations specified for the source and target must be compatible.", + "title": "RuleDefinitionTypes", + "type": "array" }, - "Timeout": { - "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", - "title": "Timeout", - "type": "number" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.Rule" + }, + "markdownDescription": "The rules for the ID namespace.", + "title": "Rules", + "type": "array" } }, "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy": { + "AWS::EntityResolution::IdNamespace.Rule": { "additionalProperties": false, "properties": { - "Permission": { - "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", - "title": "Permission", - "type": "string" + "MatchingKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", + "type": "array" }, - "ResourceId": { - "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", - "title": "ResourceId", + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", "type": "string" } }, "required": [ - "ResourceId" + "MatchingKeys", + "RuleName" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.RunAs": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", - "title": "Gid", - "type": "number" - }, - "Uid": { - "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", - "title": "Uid", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Greengrass::Group": { + "AWS::EntityResolution::MatchingWorkflow": { "additionalProperties": false, "properties": { "Condition": { @@ -110099,35 +118014,68 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::Group.GroupVersion", - "markdownDescription": "The group version to include when the group is created. A group version references the Amazon Resource Name (ARN) of a core definition version, device definition version, subscription definition version, and other version types. The group version must reference a core definition version that contains one core. Other version types are optionally included, depending on your business need.\n\n> To associate a group version after the group is created, create an [`AWS::Greengrass::GroupVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-groupversion.html) resource and specify the ID of this group.", - "title": "InitialVersion" - }, - "Name": { - "markdownDescription": "The name of the group.", - "title": "Name", + "Description": { + "markdownDescription": "A description of the workflow.", + "title": "Description", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role attached to the group. This role contains the permissions that Lambda functions and connectors use to interact with other AWS services.", - "title": "RoleArn", - "type": "string" + "IncrementalRunConfig": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IncrementalRunConfig", + "markdownDescription": "Optional. An object that defines the incremental run type. This object contains only the `incrementalRunType` field, which appears as \"Automatic\" in the console.\n\n> For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported.", + "title": "IncrementalRunConfig" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the group. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Greengrass::Group" + "InputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.InputSource" + }, + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" + }, + "OutputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputSource" + }, + "markdownDescription": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` .", + "title": "OutputSourceConfig", + "type": "array" + }, + "ResolutionTechniques": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques", + "markdownDescription": "An object which defines the `resolutionType` and the `ruleBasedProperties` .", + "title": "ResolutionTechniques" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "WorkflowName": { + "markdownDescription": "The name of the workflow. There can't be multiple `MatchingWorkflows` with the same name.", + "title": "WorkflowName", + "type": "string" + } + }, + "required": [ + "InputSourceConfig", + "OutputSourceConfig", + "ResolutionTechniques", + "RoleArn", + "WorkflowName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EntityResolution::MatchingWorkflow" ], "type": "string" }, @@ -110146,48 +118094,214 @@ ], "type": "object" }, - "AWS::Greengrass::Group.GroupVersion": { + "AWS::EntityResolution::MatchingWorkflow.IncrementalRunConfig": { "additionalProperties": false, "properties": { - "ConnectorDefinitionVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", - "title": "ConnectorDefinitionVersionArn", + "IncrementalRunType": { + "markdownDescription": "The type of incremental run. The only valid value is `IMMEDIATE` . This appears as \"Automatic\" in the console.\n\n> For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported.", + "title": "IncrementalRunType", "type": "string" + } + }, + "required": [ + "IncrementalRunType" + ], + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.InputSource": { + "additionalProperties": false, + "properties": { + "ApplyNormalization": { + "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", + "title": "ApplyNormalization", + "type": "boolean" }, - "CoreDefinitionVersionArn": { - "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", - "title": "CoreDefinitionVersionArn", + "InputSourceARN": { + "markdownDescription": "An object containing `InputSourceARN` , `SchemaName` , and `ApplyNormalization` .", + "title": "InputSourceARN", "type": "string" }, - "DeviceDefinitionVersionArn": { - "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", - "title": "DeviceDefinitionVersionArn", + "SchemaArn": { + "markdownDescription": "The name of the schema.", + "title": "SchemaArn", + "type": "string" + } + }, + "required": [ + "InputSourceARN", + "SchemaArn" + ], + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration": { + "additionalProperties": false, + "properties": { + "IntermediateS3Path": { + "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", + "title": "IntermediateS3Path", "type": "string" + } + }, + "required": [ + "IntermediateS3Path" + ], + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.OutputAttribute": { + "additionalProperties": false, + "properties": { + "Hashed": { + "markdownDescription": "Enables the ability to hash the column values in the output.", + "title": "Hashed", + "type": "boolean" }, - "FunctionDefinitionVersionArn": { - "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", - "title": "FunctionDefinitionVersionArn", + "Name": { + "markdownDescription": "A name of a column to be written to the output. This must be an `InputField` name in the schema mapping.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.OutputSource": { + "additionalProperties": false, + "properties": { + "ApplyNormalization": { + "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", + "title": "ApplyNormalization", + "type": "boolean" + }, + "KMSArn": { + "markdownDescription": "Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", + "title": "KMSArn", "type": "string" }, - "LoggerDefinitionVersionArn": { - "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", - "title": "LoggerDefinitionVersionArn", + "Output": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputAttribute" + }, + "markdownDescription": "A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed.", + "title": "Output", + "type": "array" + }, + "OutputS3Path": { + "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", + "title": "OutputS3Path", "type": "string" + } + }, + "required": [ + "Output", + "OutputS3Path" + ], + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.ProviderProperties": { + "additionalProperties": false, + "properties": { + "IntermediateSourceConfiguration": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration", + "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", + "title": "IntermediateSourceConfiguration" }, - "ResourceDefinitionVersionArn": { - "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", - "title": "ResourceDefinitionVersionArn", + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "The required configuration fields to use with the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ProviderConfiguration", + "type": "object" + }, + "ProviderServiceArn": { + "markdownDescription": "The ARN of the provider service.", + "title": "ProviderServiceArn", + "type": "string" + } + }, + "required": [ + "ProviderServiceArn" + ], + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques": { + "additionalProperties": false, + "properties": { + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ProviderProperties", + "markdownDescription": "The properties of the provider service.", + "title": "ProviderProperties" + }, + "ResolutionType": { + "markdownDescription": "The type of matching. There are three types of matching: `RULE_MATCHING` , `ML_MATCHING` , and `PROVIDER` .", + "title": "ResolutionType", "type": "string" }, - "SubscriptionDefinitionVersionArn": { - "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", - "title": "SubscriptionDefinitionVersionArn", + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties", + "markdownDescription": "An object which defines the list of matching rules to run and has a field `Rules` , which is a list of rule objects.", + "title": "RuleBasedProperties" + } + }, + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.Rule": { + "additionalProperties": false, + "properties": { + "MatchingKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", + "type": "array" + }, + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", "type": "string" } }, + "required": [ + "MatchingKeys", + "RuleName" + ], "type": "object" }, - "AWS::Greengrass::GroupVersion": { + "AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties": { + "additionalProperties": false, + "properties": { + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", + "type": "string" + }, + "MatchPurpose": { + "markdownDescription": "An indicator of whether to generate IDs and index the data or not.\n\nIf you choose `IDENTIFIER_GENERATION` , the process generates IDs and indexes the data.\n\nIf you choose `INDEXING` , the process indexes the data without generating IDs.", + "title": "MatchPurpose", + "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.Rule" + }, + "markdownDescription": "A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` .", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "AttributeMatchingModel", + "Rules" + ], + "type": "object" + }, + "AWS::EntityResolution::PolicyStatement": { "additionalProperties": false, "properties": { "Condition": { @@ -110222,55 +118336,52 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectorDefinitionVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", - "title": "ConnectorDefinitionVersionArn", - "type": "string" - }, - "CoreDefinitionVersionArn": { - "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", - "title": "CoreDefinitionVersionArn", - "type": "string" - }, - "DeviceDefinitionVersionArn": { - "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", - "title": "DeviceDefinitionVersionArn", - "type": "string" + "Action": { + "items": { + "type": "string" + }, + "markdownDescription": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .", + "title": "Action", + "type": "array" }, - "FunctionDefinitionVersionArn": { - "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", - "title": "FunctionDefinitionVersionArn", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.", + "title": "Arn", "type": "string" }, - "GroupId": { - "markdownDescription": "The ID of the group associated with this version. This value is a GUID.", - "title": "GroupId", + "Condition": { + "markdownDescription": "A set of condition keys that you can use in key policies.", + "title": "Condition", "type": "string" }, - "LoggerDefinitionVersionArn": { - "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", - "title": "LoggerDefinitionVersionArn", + "Effect": { + "markdownDescription": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n> If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.", + "title": "Effect", "type": "string" }, - "ResourceDefinitionVersionArn": { - "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", - "title": "ResourceDefinitionVersionArn", - "type": "string" + "Principal": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS service or AWS account that can access the resource defined as ARN.", + "title": "Principal", + "type": "array" }, - "SubscriptionDefinitionVersionArn": { - "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", - "title": "SubscriptionDefinitionVersionArn", + "StatementId": { + "markdownDescription": "A statement identifier that differentiates the statement from others in the same policy.", + "title": "StatementId", "type": "string" } }, "required": [ - "GroupId" + "Arn", + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::GroupVersion" + "AWS::EntityResolution::PolicyStatement" ], "type": "string" }, @@ -110289,7 +118400,7 @@ ], "type": "object" }, - "AWS::Greengrass::LoggerDefinition": { + "AWS::EntityResolution::SchemaMapping": { "additionalProperties": false, "properties": { "Condition": { @@ -110324,30 +118435,42 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion", - "markdownDescription": "The logger definition version to include when the logger definition is created. A logger definition version contains a list of [`logger`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-loggerdefinition-logger.html) property types.\n\n> To associate a logger definition version after the logger definition is created, create an [`AWS::Greengrass::LoggerDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-loggerdefinitionversion.html) resource and specify the ID of this logger definition.", - "title": "InitialVersion" + "Description": { + "markdownDescription": "A description of the schema.", + "title": "Description", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the logger definition.", - "title": "Name", + "MappedInputFields": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::SchemaMapping.SchemaInputAttribute" + }, + "markdownDescription": "A list of `MappedInputFields` . Each `MappedInputField` corresponds to a column the source data table, and contains column name plus additional information that AWS Entity Resolution uses for matching.", + "title": "MappedInputFields", + "type": "array" + }, + "SchemaName": { + "markdownDescription": "The name of the schema. There can't be multiple `SchemaMappings` with the same name.", + "title": "SchemaName", "type": "string" }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the logger definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "MappedInputFields", + "SchemaName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::LoggerDefinition" + "AWS::EntityResolution::SchemaMapping" ], "type": "string" }, @@ -110366,61 +118489,47 @@ ], "type": "object" }, - "AWS::Greengrass::LoggerDefinition.Logger": { + "AWS::EntityResolution::SchemaMapping.SchemaInputAttribute": { "additionalProperties": false, "properties": { - "Component": { - "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", - "title": "Component", + "FieldName": { + "markdownDescription": "A string containing the field name.", + "title": "FieldName", "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "GroupName": { + "markdownDescription": "A string that instructs AWS Entity Resolution to combine several columns into a unified column with the identical attribute type.\n\nFor example, when working with columns such as `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , assigning them a common `groupName` will prompt AWS Entity Resolution to concatenate them into a single value.", + "title": "GroupName", "type": "string" }, - "Level": { - "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", - "title": "Level", + "Hashed": { + "markdownDescription": "Indicates if the column values are hashed in the schema input.\n\nIf the value is set to `TRUE` , the column values are hashed.\n\nIf the value is set to `FALSE` , the column values are cleartext.", + "title": "Hashed", + "type": "boolean" + }, + "MatchKey": { + "markdownDescription": "A key that allows grouping of multiple input attributes into a unified matching group.\n\nFor example, consider a scenario where the source table contains various addresses, such as `business_address` and `shipping_address` . By assigning a `matchKey` called `address` to both attributes, AWS Entity Resolution will match records across these fields to create a consolidated matching group.\n\nIf no `matchKey` is specified for a column, it won't be utilized for matching purposes but will still be included in the output table.", + "title": "MatchKey", "type": "string" }, - "Space": { - "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", - "title": "Space", - "type": "number" + "SubType": { + "markdownDescription": "The subtype of the attribute, selected from a list of values.", + "title": "SubType", + "type": "string" }, "Type": { - "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", + "markdownDescription": "The type of the attribute, selected from a list of values.\n\nLiveRamp supports: `NAME` | `NAME_FIRST` | `NAME_MIDDLE` | `NAME_LAST` | `ADDRESS` | `ADDRESS_STREET1` | `ADDRESS_STREET2` | `ADDRESS_STREET3` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `PROVIDER_ID`\n\nTransUnion supports: `NAME` | `NAME_FIRST` | `NAME_LAST` | `ADDRESS` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `IPV4` | `IPV6` | `MAID`\n\nUnified ID 2.0 supports: `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID`\n\n> Normalization is only supported for `NAME` , `ADDRESS` , `PHONE` , and `EMAIL_ADDRESS` .\n> \n> If you want to normalize `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , you must group them by assigning them to the `NAME` `groupName` .\n> \n> If you want to normalize `ADDRESS_STREET1` , `ADDRESS_STREET2` , `ADDRESS_STREET3` , `ADDRESS_CITY` , `ADDRESS_STATE` , `ADDRESS_COUNTRY` , and `ADDRESS_POSTALCODE` , you must group them by assigning them to the `ADDRESS` `groupName` .\n> \n> If you want to normalize `PHONE_NUMBER` and `PHONE_COUNTRYCODE` , you must group them by assigning them to the `PHONE` `groupName` .", "title": "Type", "type": "string" } }, "required": [ - "Component", - "Id", - "Level", + "FieldName", "Type" ], "type": "object" }, - "AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Loggers": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.Logger" - }, - "markdownDescription": "The loggers in this version.", - "title": "Loggers", - "type": "array" - } - }, - "required": [ - "Loggers" - ], - "type": "object" - }, - "AWS::Greengrass::LoggerDefinitionVersion": { + "AWS::EventSchemas::Discoverer": { "additionalProperties": false, "properties": { "Condition": { @@ -110455,29 +118564,38 @@ "Properties": { "additionalProperties": false, "properties": { - "LoggerDefinitionId": { - "markdownDescription": "The ID of the logger definition associated with this version. This value is a GUID.", - "title": "LoggerDefinitionId", + "CrossAccount": { + "markdownDescription": "Allows for the discovery of the event schemas that are sent to the event bus from another account.", + "title": "CrossAccount", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description for the discoverer.", + "title": "Description", "type": "string" }, - "Loggers": { + "SourceArn": { + "markdownDescription": "The ARN of the event bus.", + "title": "SourceArn", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinitionVersion.Logger" + "$ref": "#/definitions/AWS::EventSchemas::Discoverer.TagsEntry" }, - "markdownDescription": "The loggers in this version.", - "title": "Loggers", + "markdownDescription": "Tags associated with the resource.", + "title": "Tags", "type": "array" } }, "required": [ - "LoggerDefinitionId", - "Loggers" + "SourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::LoggerDefinitionVersion" + "AWS::EventSchemas::Discoverer" ], "type": "string" }, @@ -110496,44 +118614,27 @@ ], "type": "object" }, - "AWS::Greengrass::LoggerDefinitionVersion.Logger": { + "AWS::EventSchemas::Discoverer.TagsEntry": { "additionalProperties": false, "properties": { - "Component": { - "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", - "title": "Component", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Level": { - "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", - "title": "Level", + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", "type": "string" }, - "Space": { - "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", - "title": "Space", - "type": "number" - }, - "Type": { - "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", - "title": "Type", + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", "type": "string" } }, "required": [ - "Component", - "Id", - "Level", - "Type" + "Key", + "Value" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition": { + "AWS::EventSchemas::Registry": { "additionalProperties": false, "properties": { "Condition": { @@ -110568,30 +118669,30 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion", - "markdownDescription": "The resource definition version to include when the resource definition is created. A resource definition version contains a list of [`resource instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinition-resourceinstance.html) property types.\n\n> To associate a resource definition version after the resource definition is created, create an [`AWS::Greengrass::ResourceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-resourcedefinitionversion.html) resource and specify the ID of this resource definition.", - "title": "InitialVersion" + "Description": { + "markdownDescription": "A description of the registry to be created.", + "title": "Description", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the resource definition.", - "title": "Name", + "RegistryName": { + "markdownDescription": "The name of the schema registry.", + "title": "RegistryName", "type": "string" }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the resource definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/AWS::EventSchemas::Registry.TagsEntry" + }, + "markdownDescription": "Tags to associate with the registry.", "title": "Tags", - "type": "object" + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ResourceDefinition" + "AWS::EventSchemas::Registry" ], "type": "string" }, @@ -110605,241 +118706,31 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.GroupOwnerSetting": { - "additionalProperties": false, - "properties": { - "AutoAddGroupOwner": { - "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", - "title": "AutoAddGroupOwner", - "type": "boolean" - }, - "GroupOwner": { - "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", - "title": "GroupOwner", - "type": "string" - } - }, - "required": [ - "AutoAddGroupOwner" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData": { - "additionalProperties": false, - "properties": { - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource in the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceDataContainer": { - "additionalProperties": false, - "properties": { - "LocalDeviceResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData", - "markdownDescription": "Settings for a local device resource.", - "title": "LocalDeviceResourceData" - }, - "LocalVolumeResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData", - "markdownDescription": "Settings for a local volume resource.", - "title": "LocalVolumeResourceData" - }, - "S3MachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", - "title": "S3MachineLearningModelResourceData" - }, - "SageMakerMachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", - "title": "SageMakerMachineLearningModelResourceData" - }, - "SecretsManagerSecretResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData", - "markdownDescription": "Settings for a secret resource.", - "title": "SecretsManagerSecretResourceData" - } - }, - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Resources": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceInstance" - }, - "markdownDescription": "The resources in this version.", - "title": "Resources", - "type": "array" - } - }, - "required": [ - "Resources" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting": { - "additionalProperties": false, - "properties": { - "GroupOwner": { - "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", - "title": "GroupOwner", - "type": "string" - }, - "GroupPermission": { - "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", - "title": "GroupPermission", - "type": "string" - } - }, - "required": [ - "GroupOwner", - "GroupPermission" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.ResourceInstance": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", - "title": "Name", - "type": "string" - }, - "ResourceDataContainer": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDataContainer", - "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", - "title": "ResourceDataContainer" - } - }, - "required": [ - "Id", - "Name", - "ResourceDataContainer" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "S3Uri": { - "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", - "title": "S3Uri", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "S3Uri" + "Type" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData": { + "AWS::EventSchemas::Registry.TagsEntry": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", "type": "string" }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "SageMakerJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", - "title": "SageMakerJobArn", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SageMakerJobArn" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData": { - "additionalProperties": false, - "properties": { - "ARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", - "title": "ARN", + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", "type": "string" - }, - "AdditionalStagingLabelsToDownload": { - "items": { - "type": "string" - }, - "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", - "title": "AdditionalStagingLabelsToDownload", - "type": "array" } }, "required": [ - "ARN" + "Key", + "Value" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion": { + "AWS::EventSchemas::RegistryPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -110874,29 +118765,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceDefinitionId": { - "markdownDescription": "The ID of the resource definition associated with this version. This value is a GUID.", - "title": "ResourceDefinitionId", + "Policy": { + "markdownDescription": "A resource-based policy.", + "title": "Policy", + "type": "object" + }, + "RegistryName": { + "markdownDescription": "The name of the registry.", + "title": "RegistryName", "type": "string" }, - "Resources": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance" - }, - "markdownDescription": "The resources in this version.", - "title": "Resources", - "type": "array" + "RevisionId": { + "markdownDescription": "The revision ID of the policy.", + "title": "RevisionId", + "type": "string" } }, "required": [ - "ResourceDefinitionId", - "Resources" + "Policy", + "RegistryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ResourceDefinitionVersion" + "AWS::EventSchemas::RegistryPolicy" ], "type": "string" }, @@ -110915,219 +118808,7 @@ ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting": { - "additionalProperties": false, - "properties": { - "AutoAddGroupOwner": { - "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", - "title": "AutoAddGroupOwner", - "type": "boolean" - }, - "GroupOwner": { - "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", - "title": "GroupOwner", - "type": "string" - } - }, - "required": [ - "AutoAddGroupOwner" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData": { - "additionalProperties": false, - "properties": { - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource in the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", - "title": "SourcePath", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SourcePath" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer": { - "additionalProperties": false, - "properties": { - "LocalDeviceResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData", - "markdownDescription": "Settings for a local device resource.", - "title": "LocalDeviceResourceData" - }, - "LocalVolumeResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData", - "markdownDescription": "Settings for a local volume resource.", - "title": "LocalVolumeResourceData" - }, - "S3MachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", - "title": "S3MachineLearningModelResourceData" - }, - "SageMakerMachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", - "title": "SageMakerMachineLearningModelResourceData" - }, - "SecretsManagerSecretResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData", - "markdownDescription": "Settings for a secret resource.", - "title": "SecretsManagerSecretResourceData" - } - }, - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting": { - "additionalProperties": false, - "properties": { - "GroupOwner": { - "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", - "title": "GroupOwner", - "type": "string" - }, - "GroupPermission": { - "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", - "title": "GroupPermission", - "type": "string" - } - }, - "required": [ - "GroupOwner", - "GroupPermission" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", - "title": "Name", - "type": "string" - }, - "ResourceDataContainer": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer", - "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", - "title": "ResourceDataContainer" - } - }, - "required": [ - "Id", - "Name", - "ResourceDataContainer" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "S3Uri": { - "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", - "title": "S3Uri", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "S3Uri" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData": { - "additionalProperties": false, - "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "SageMakerJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", - "title": "SageMakerJobArn", - "type": "string" - } - }, - "required": [ - "DestinationPath", - "SageMakerJobArn" - ], - "type": "object" - }, - "AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData": { - "additionalProperties": false, - "properties": { - "ARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", - "title": "ARN", - "type": "string" - }, - "AdditionalStagingLabelsToDownload": { - "items": { - "type": "string" - }, - "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", - "title": "AdditionalStagingLabelsToDownload", - "type": "array" - } - }, - "required": [ - "ARN" - ], - "type": "object" - }, - "AWS::Greengrass::SubscriptionDefinition": { + "AWS::EventSchemas::Schema": { "additionalProperties": false, "properties": { "Condition": { @@ -111162,30 +118843,50 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion", - "markdownDescription": "The subscription definition version to include when the subscription definition is created. A subscription definition version contains a list of [`subscription`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-subscriptiondefinition-subscription.html) property types.\n\n> To associate a subscription definition version after the subscription definition is created, create an [`AWS::Greengrass::SubscriptionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-subscriptiondefinitionversion.html) resource and specify the ID of this subscription definition.", - "title": "InitialVersion" + "Content": { + "markdownDescription": "The source of the schema definition.", + "title": "Content", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the subscription definition.", - "title": "Name", + "Description": { + "markdownDescription": "A description of the schema.", + "title": "Description", + "type": "string" + }, + "RegistryName": { + "markdownDescription": "The name of the schema registry.", + "title": "RegistryName", + "type": "string" + }, + "SchemaName": { + "markdownDescription": "The name of the schema.", + "title": "SchemaName", "type": "string" }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the subscription definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/AWS::EventSchemas::Schema.TagsEntry" + }, + "markdownDescription": "Tags associated with the schema.", "title": "Tags", - "type": "object" + "type": "array" + }, + "Type": { + "markdownDescription": "The type of schema.\n\nValid types include `OpenApi3` and `JSONSchemaDraft4` .", + "title": "Type", + "type": "string" } }, "required": [ - "Name" + "Content", + "RegistryName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::SubscriptionDefinition" + "AWS::EventSchemas::Schema" ], "type": "string" }, @@ -111204,56 +118905,27 @@ ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinition.Subscription": { + "AWS::EventSchemas::Schema.TagsEntry": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Source": { - "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Source", - "type": "string" - }, - "Subject": { - "markdownDescription": "The MQTT topic used to route the message.", - "title": "Subject", + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", "type": "string" }, - "Target": { - "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Target", + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", "type": "string" } }, "required": [ - "Id", - "Source", - "Subject", - "Target" - ], - "type": "object" - }, - "AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Subscriptions": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.Subscription" - }, - "markdownDescription": "The subscriptions in this version.", - "title": "Subscriptions", - "type": "array" - } - }, - "required": [ - "Subscriptions" + "Key", + "Value" ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinitionVersion": { + "AWS::Events::ApiDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -111288,29 +118960,47 @@ "Properties": { "additionalProperties": false, "properties": { - "SubscriptionDefinitionId": { - "markdownDescription": "The ID of the subscription definition associated with this version. This value is a GUID.", - "title": "SubscriptionDefinitionId", + "ConnectionArn": { + "markdownDescription": "The ARN of the connection to use for the API destination. The destination endpoint must support the authorization type specified for the connection.", + "title": "ConnectionArn", "type": "string" }, - "Subscriptions": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinitionVersion.Subscription" - }, - "markdownDescription": "The subscriptions in this version.", - "title": "Subscriptions", - "type": "array" + "Description": { + "markdownDescription": "A description for the API destination to create.", + "title": "Description", + "type": "string" + }, + "HttpMethod": { + "markdownDescription": "The method to use for the request to the HTTP invocation endpoint.", + "title": "HttpMethod", + "type": "string" + }, + "InvocationEndpoint": { + "markdownDescription": "The URL to the HTTP invocation endpoint for the API destination.", + "title": "InvocationEndpoint", + "type": "string" + }, + "InvocationRateLimitPerSecond": { + "markdownDescription": "The maximum number of requests per second to send to the HTTP invocation endpoint.", + "title": "InvocationRateLimitPerSecond", + "type": "number" + }, + "Name": { + "markdownDescription": "The name for the API destination to create.", + "title": "Name", + "type": "string" } }, "required": [ - "SubscriptionDefinitionId", - "Subscriptions" + "ConnectionArn", + "HttpMethod", + "InvocationEndpoint" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::SubscriptionDefinitionVersion" + "AWS::Events::ApiDestination" ], "type": "string" }, @@ -111329,39 +119019,99 @@ ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinitionVersion.Subscription": { + "AWS::Events::Archive": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Condition": { "type": "string" }, - "Source": { - "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Source", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Subject": { - "markdownDescription": "The MQTT topic used to route the message.", - "title": "Subject", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ArchiveName": { + "markdownDescription": "The name for the archive to create.", + "title": "ArchiveName", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the archive.", + "title": "Description", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "An event pattern to use to filter events sent to the archive.", + "title": "EventPattern", + "type": "object" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt this archive. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt the archive.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n> If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.\n> \n> For more information, see [Encrypting archives](https://docs.aws.amazon.com/eventbridge/latest/userguide/encryption-archives.html) in the *Amazon EventBridge User Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "RetentionDays": { + "markdownDescription": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely", + "title": "RetentionDays", + "type": "number" + }, + "SourceArn": { + "markdownDescription": "The ARN of the event bus that sends events to the archive.", + "title": "SourceArn", + "type": "string" + } + }, + "required": [ + "SourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Events::Archive" + ], "type": "string" }, - "Target": { - "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Target", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Id", - "Source", - "Subject", - "Target" + "Type", + "Properties" ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion": { + "AWS::Events::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -111396,33 +119146,42 @@ "Properties": { "additionalProperties": false, "properties": { - "InlineRecipe": { - "markdownDescription": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", - "title": "InlineRecipe", + "AuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.AuthParameters", + "markdownDescription": "The authorization parameters to use to authorize with the endpoint.\n\nYou must include only authorization parameters for the `AuthorizationType` you specify.", + "title": "AuthParameters" + }, + "AuthorizationType": { + "markdownDescription": "The type of authorization to use for the connection.\n\n> OAUTH tokens are refreshed when a 401 or 407 response is returned.", + "title": "AuthorizationType", "type": "string" }, - "LambdaFunction": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource", - "markdownDescription": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", - "title": "LambdaFunction" + "Description": { + "markdownDescription": "A description for the connection to create.", + "title": "Description", + "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "InvocationConnectivityParameters": { + "$ref": "#/definitions/AWS::Events::Connection.InvocationConnectivityParameters", + "markdownDescription": "For connections to private APIs, the parameters to use for invoking the API.\n\nFor more information, see [Connecting to private APIs](https://docs.aws.amazon.com/eventbridge/latest/userguide/connection-private.html) in the **Amazon EventBridge User Guide** .", + "title": "InvocationConnectivityParameters" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt this connection. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt the connection.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name for the connection to create.", + "title": "Name", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::GreengrassV2::ComponentVersion" + "AWS::Events::Connection" ], "type": "string" }, @@ -111440,274 +119199,231 @@ ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { + "AWS::Events::Connection.ApiKeyAuthParameters": { "additionalProperties": false, "properties": { - "DependencyType": { - "markdownDescription": "The type of this dependency. Choose from the following options:\n\n- `SOFT` \u2013 The component doesn't restart if the dependency changes state.\n- `HARD` \u2013 The component restarts if the dependency changes state.\n\nDefault: `HARD`", - "title": "DependencyType", + "ApiKeyName": { + "markdownDescription": "The name of the API key to use for authorization.", + "title": "ApiKeyName", "type": "string" }, - "VersionRequirement": { - "markdownDescription": "The component version requirement for the component dependency.\n\nAWS IoT Greengrass uses semantic version constraints. For more information, see [Semantic Versioning](https://docs.aws.amazon.com/https://semver.org/) .", - "title": "VersionRequirement", + "ApiKeyValue": { + "markdownDescription": "The value for the API key to use for authorization.", + "title": "ApiKeyValue", "type": "string" } }, + "required": [ + "ApiKeyName", + "ApiKeyValue" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.ComponentPlatform": { + "AWS::Events::Connection.AuthParameters": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" + "ApiKeyAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ApiKeyAuthParameters", + "markdownDescription": "The API Key parameters to use for authorization.", + "title": "ApiKeyAuthParameters" }, - "Name": { - "markdownDescription": "The friendly name of the platform. This name helps you identify the platform.\n\nIf you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::ComponentVersion.LambdaContainerParams": { - "additionalProperties": false, - "properties": { - "Devices": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount" - }, - "markdownDescription": "The list of system devices that the container can access.", - "title": "Devices", - "type": "array" + "BasicAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.BasicAuthParameters", + "markdownDescription": "The authorization parameters for Basic authorization.", + "title": "BasicAuthParameters" }, - "MemorySizeInKB": { - "markdownDescription": "The memory size of the container, expressed in kilobytes.\n\nDefault: `16384` (16 MB)", - "title": "MemorySizeInKB", - "type": "number" + "ConnectivityParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectivityParameters", + "markdownDescription": "For private OAuth authentication endpoints. The parameters EventBridge uses to authenticate against the endpoint.\n\nFor more information, see [Authorization methods for connections](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-target-connection-auth.html) in the **Amazon EventBridge User Guide** .", + "title": "ConnectivityParameters" }, - "MountROSysfs": { - "markdownDescription": "Whether or not the container can read information from the device's `/sys` folder.\n\nDefault: `false`", - "title": "MountROSysfs", - "type": "boolean" + "InvocationHttpParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", + "markdownDescription": "Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint.", + "title": "InvocationHttpParameters" }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount" - }, - "markdownDescription": "The list of volumes that the container can access.", - "title": "Volumes", - "type": "array" + "OAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.OAuthParameters", + "markdownDescription": "The OAuth parameters to use for authorization.", + "title": "OAuthParameters" } }, "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount": { + "AWS::Events::Connection.BasicAuthParameters": { "additionalProperties": false, "properties": { - "AddGroupOwner": { - "markdownDescription": "Whether or not to add the component's system user as an owner of the device.\n\nDefault: `false`", - "title": "AddGroupOwner", - "type": "boolean" - }, - "Path": { - "markdownDescription": "The mount path for the device in the file system.", - "title": "Path", + "Password": { + "markdownDescription": "The password associated with the user name to use for Basic authorization.", + "title": "Password", "type": "string" }, - "Permission": { - "markdownDescription": "The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", - "title": "Permission", + "Username": { + "markdownDescription": "The user name to use for Basic authorization.", + "title": "Username", "type": "string" } }, + "required": [ + "Password", + "Username" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaEventSource": { + "AWS::Events::Connection.ClientParameters": { "additionalProperties": false, "properties": { - "Topic": { - "markdownDescription": "The topic to which to subscribe to receive event messages.", - "title": "Topic", + "ClientID": { + "markdownDescription": "The client ID to use for OAuth authorization.", + "title": "ClientID", "type": "string" }, - "Type": { - "markdownDescription": "The type of event source. Choose from the following options:\n\n- `PUB_SUB` \u2013 Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic.\n- `IOT_CORE` \u2013 Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic.", - "title": "Type", + "ClientSecret": { + "markdownDescription": "The client secret assciated with the client ID to use for OAuth authorization.", + "title": "ClientSecret", "type": "string" } }, + "required": [ + "ClientID", + "ClientSecret" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters": { + "AWS::Events::Connection.ConnectionHttpParameters": { "additionalProperties": false, "properties": { - "EnvironmentVariables": { - "additionalProperties": true, - "markdownDescription": "The map of environment variables that are available to the Lambda function when it runs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "BodyParameters": { + "items": { + "$ref": "#/definitions/AWS::Events::Connection.Parameter" }, - "title": "EnvironmentVariables", - "type": "object" + "markdownDescription": "Any additional body string parameters for the connection.", + "title": "BodyParameters", + "type": "array" }, - "EventSources": { + "HeaderParameters": { "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaEventSource" + "$ref": "#/definitions/AWS::Events::Connection.Parameter" }, - "markdownDescription": "The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages.", - "title": "EventSources", + "markdownDescription": "Any additional header parameters for the connection.", + "title": "HeaderParameters", "type": "array" }, - "ExecArgs": { + "QueryStringParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Events::Connection.Parameter" }, - "markdownDescription": "The list of arguments to pass to the Lambda function when it runs.", - "title": "ExecArgs", + "markdownDescription": "Any additional query string parameters for the connection.", + "title": "QueryStringParameters", "type": "array" - }, - "InputPayloadEncodingType": { - "markdownDescription": "The encoding type that the Lambda function supports.\n\nDefault: `json`", - "title": "InputPayloadEncodingType", - "type": "string" - }, - "LinuxProcessParams": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams", - "markdownDescription": "The parameters for the Linux process that contains the Lambda function.", - "title": "LinuxProcessParams" - }, - "MaxIdleTimeInSeconds": { - "markdownDescription": "The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process.", - "title": "MaxIdleTimeInSeconds", - "type": "number" - }, - "MaxInstancesCount": { - "markdownDescription": "The maximum number of instances that a non-pinned Lambda function can run at the same time.", - "title": "MaxInstancesCount", - "type": "number" - }, - "MaxQueueSize": { - "markdownDescription": "The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message.", - "title": "MaxQueueSize", - "type": "number" - }, - "Pinned": { - "markdownDescription": "Whether or not the Lambda function is pinned, or long-lived.\n\n- A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container.\n- A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function.\n\nDefault: `true`", - "title": "Pinned", - "type": "boolean" - }, - "StatusTimeoutInSeconds": { - "markdownDescription": "The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component.", - "title": "StatusTimeoutInSeconds", - "type": "number" - }, - "TimeoutInSeconds": { - "markdownDescription": "The maximum amount of time in seconds that the Lambda function can process a work item.", - "title": "TimeoutInSeconds", - "type": "number" } }, "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource": { + "AWS::Events::Connection.ConnectivityParameters": { "additionalProperties": false, "properties": { - "ComponentDependencies": { - "additionalProperties": false, - "markdownDescription": "The component versions on which this Lambda function component depends.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement" - } - }, - "title": "ComponentDependencies", - "type": "object" - }, - "ComponentLambdaParameters": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters", - "markdownDescription": "The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device.", - "title": "ComponentLambdaParameters" - }, - "ComponentName": { - "markdownDescription": "The name of the component.\n\nDefaults to the name of the Lambda function.", - "title": "ComponentName", + "ResourceParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ResourceParameters", + "markdownDescription": "The parameters for EventBridge to use when invoking the resource endpoint.", + "title": "ResourceParameters" + } + }, + "required": [ + "ResourceParameters" + ], + "type": "object" + }, + "AWS::Events::Connection.InvocationConnectivityParameters": { + "additionalProperties": false, + "properties": { + "ResourceParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ResourceParameters", + "markdownDescription": "The parameters for EventBridge to use when invoking the resource endpoint.", + "title": "ResourceParameters" + } + }, + "required": [ + "ResourceParameters" + ], + "type": "object" + }, + "AWS::Events::Connection.OAuthParameters": { + "additionalProperties": false, + "properties": { + "AuthorizationEndpoint": { + "markdownDescription": "The URL to the authorization endpoint when OAuth is specified as the authorization type.", + "title": "AuthorizationEndpoint", "type": "string" }, - "ComponentPlatforms": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentPlatform" - }, - "markdownDescription": "The platforms that the component version supports.", - "title": "ComponentPlatforms", - "type": "array" + "ClientParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ClientParameters", + "markdownDescription": "The client parameters for OAuth authorization.", + "title": "ClientParameters" }, - "ComponentVersion": { - "markdownDescription": "The version of the component.\n\nDefaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` .", - "title": "ComponentVersion", + "HttpMethod": { + "markdownDescription": "The method to use for the authorization request.", + "title": "HttpMethod", "type": "string" }, - "LambdaArn": { - "markdownDescription": "The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` .", - "title": "LambdaArn", - "type": "string" + "OAuthHttpParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", + "markdownDescription": "Details about the additional parameters to use for the connection.", + "title": "OAuthHttpParameters" } }, + "required": [ + "AuthorizationEndpoint", + "ClientParameters", + "HttpMethod" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams": { + "AWS::Events::Connection.Parameter": { "additionalProperties": false, "properties": { - "ContainerParams": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaContainerParams", - "markdownDescription": "The parameters for the container in which the Lambda function runs.", - "title": "ContainerParams" + "IsValueSecret": { + "markdownDescription": "Specifies whether the value is secret.", + "title": "IsValueSecret", + "type": "boolean" }, - "IsolationMode": { - "markdownDescription": "The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container.\n\nDefault: `GreengrassContainer`", - "title": "IsolationMode", + "Key": { + "markdownDescription": "The key for a query string parameter.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value associated with the key for the query string parameter.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount": { + "AWS::Events::Connection.ResourceParameters": { "additionalProperties": false, "properties": { - "AddGroupOwner": { - "markdownDescription": "Whether or not to add the AWS IoT Greengrass user group as an owner of the volume.\n\nDefault: `false`", - "title": "AddGroupOwner", - "type": "boolean" - }, - "DestinationPath": { - "markdownDescription": "The path to the logical volume in the file system.", - "title": "DestinationPath", + "ResourceAssociationArn": { + "markdownDescription": "For connections to private APIs, the Amazon Resource Name (ARN) of the resource association EventBridge created between the connection and the private API's resource configuration.\n\n> The value of this property is set by EventBridge . Any value you specify in your template is ignored.", + "title": "ResourceAssociationArn", "type": "string" }, - "Permission": { - "markdownDescription": "The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", - "title": "Permission", - "type": "string" - }, - "SourcePath": { - "markdownDescription": "The path to the physical volume in the file system.", - "title": "SourcePath", + "ResourceConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon VPC Lattice resource configuration for the resource endpoint.", + "title": "ResourceConfigurationArn", "type": "string" } }, + "required": [ + "ResourceConfigurationArn" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment": { + "AWS::Events::Endpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -111742,62 +119458,49 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "additionalProperties": false, - "markdownDescription": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification" - } - }, - "title": "Components", - "type": "object" - }, - "DeploymentName": { - "markdownDescription": "The name of the deployment.", - "title": "DeploymentName", + "Description": { + "markdownDescription": "A description for the endpoint.", + "title": "Description", "type": "string" }, - "DeploymentPolicies": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentPolicies", - "markdownDescription": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure.", - "title": "DeploymentPolicies" - }, - "IotJobConfiguration": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration", - "markdownDescription": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration.", - "title": "IotJobConfiguration" + "EventBuses": { + "items": { + "$ref": "#/definitions/AWS::Events::Endpoint.EndpointEventBus" + }, + "markdownDescription": "The event buses being used by the endpoint.\n\n*Exactly* : `2`", + "title": "EventBuses", + "type": "array" }, - "ParentTargetArn": { - "markdownDescription": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment.", - "title": "ParentTargetArn", + "Name": { + "markdownDescription": "The name of the endpoint.", + "title": "Name", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "ReplicationConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.ReplicationConfig", + "markdownDescription": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` .", + "title": "ReplicationConfig" }, - "TargetArn": { - "markdownDescription": "The ARN of the target AWS IoT thing or thing group.", - "title": "TargetArn", + "RoleArn": { + "markdownDescription": "The ARN of the role used by event replication for the endpoint.", + "title": "RoleArn", "type": "string" + }, + "RoutingConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.RoutingConfig", + "markdownDescription": "The routing configuration of the endpoint.", + "title": "RoutingConfig" } }, "required": [ - "TargetArn" + "EventBuses", + "RoutingConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::GreengrassV2::Deployment" + "AWS::Events::Endpoint" ], "type": "string" }, @@ -111816,271 +119519,229 @@ ], "type": "object" }, - "AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate": { + "AWS::Events::Endpoint.EndpointEventBus": { "additionalProperties": false, "properties": { - "Merge": { - "markdownDescription": "A serialized JSON string that contains the configuration object to merge to target devices. The core device merges this configuration with the component's existing configuration. If this is the first time a component deploys on a device, the core device merges this configuration with the component's default configuration. This means that the core device keeps it's existing configuration for keys and values that you don't specify in this object. For more information, see [Merge configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#merge-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "Merge", + "EventBusArn": { + "markdownDescription": "The ARN of the event bus the endpoint is associated with.", + "title": "EventBusArn", "type": "string" - }, - "Reset": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of configuration nodes to reset to default values on target devices. Use JSON pointers to specify each node to reset. JSON pointers start with a forward slash ( `/` ) and use forward slashes to separate the key for each level in the object. For more information, see the [JSON pointer specification](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) and [Reset configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#reset-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "Reset", - "type": "array" } }, + "required": [ + "EventBusArn" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification": { + "AWS::Events::Endpoint.FailoverConfig": { "additionalProperties": false, "properties": { - "ComponentVersion": { - "markdownDescription": "The version of the component.", - "title": "ComponentVersion", - "type": "string" - }, - "ConfigurationUpdate": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate", - "markdownDescription": "The configuration updates to deploy for the component. You can define reset updates and merge updates. A reset updates the keys that you specify to the default configuration for the component. A merge updates the core device's component configuration with the keys and values that you specify. The AWS IoT Greengrass Core software applies reset updates before it applies merge updates. For more information, see [Update component configuration](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) .", - "title": "ConfigurationUpdate" + "Primary": { + "$ref": "#/definitions/AWS::Events::Endpoint.Primary", + "markdownDescription": "The main Region of the endpoint.", + "title": "Primary" }, - "RunWith": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentRunWith", - "markdownDescription": "The system user and group that the software uses to run component processes on the core device. If you omit this parameter, the software uses the system user and group that you configure for the core device. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "RunWith" + "Secondary": { + "$ref": "#/definitions/AWS::Events::Endpoint.Secondary", + "markdownDescription": "The Region that events are routed to when failover is triggered or event replication is enabled.", + "title": "Secondary" } }, + "required": [ + "Primary", + "Secondary" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.ComponentRunWith": { + "AWS::Events::Endpoint.Primary": { "additionalProperties": false, "properties": { - "PosixUser": { - "markdownDescription": "The POSIX system user and (optional) group to use to run this component. Specify the user and group separated by a colon ( `:` ) in the following format: `user:group` . The group is optional. If you don't specify a group, the AWS IoT Greengrass Core software uses the primary user for the group.", - "title": "PosixUser", - "type": "string" - }, - "SystemResourceLimits": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.SystemResourceLimits", - "markdownDescription": "The system resource limits to apply to this component's process on the core device. AWS IoT Greengrass supports this feature only on Linux core devices.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default system resource limits that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", - "title": "SystemResourceLimits" - }, - "WindowsUser": { - "markdownDescription": "The Windows user to use to run this component on Windows core devices. The user must exist on each Windows core device, and its name and password must be in the LocalSystem account's Credentials Manager instance.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default Windows user that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) .", - "title": "WindowsUser", + "HealthCheck": { + "markdownDescription": "The ARN of the health check used by the endpoint to determine whether failover is triggered.", + "title": "HealthCheck", "type": "string" } }, + "required": [ + "HealthCheck" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy": { + "AWS::Events::Endpoint.ReplicationConfig": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Whether or not to notify components and wait for components to become safe to update. Choose from the following options:\n\n- `NOTIFY_COMPONENTS` \u2013 The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n- `SKIP_NOTIFY_COMPONENTS` \u2013 The deployment doesn't notify components or wait for them to be safe to update.\n\nDefault: `NOTIFY_COMPONENTS`", - "title": "Action", + "State": { + "markdownDescription": "The state of event replication.", + "title": "State", "type": "string" - }, - "TimeoutInSeconds": { - "markdownDescription": "The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device.\n\nDefault: `60`", - "title": "TimeoutInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy": { - "additionalProperties": false, - "properties": { - "TimeoutInSeconds": { - "markdownDescription": "The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device.\n\nDefault: `30`", - "title": "TimeoutInSeconds", - "type": "number" } }, + "required": [ + "State" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration": { + "AWS::Events::Endpoint.RoutingConfig": { "additionalProperties": false, "properties": { - "AbortConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortConfig", - "markdownDescription": "The stop configuration for the job. This configuration defines when and how to stop a job rollout.", - "title": "AbortConfig" - }, - "JobExecutionsRolloutConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig", - "markdownDescription": "The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices.", - "title": "JobExecutionsRolloutConfig" - }, - "TimeoutConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig", - "markdownDescription": "The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job.", - "title": "TimeoutConfig" + "FailoverConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.FailoverConfig", + "markdownDescription": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.", + "title": "FailoverConfig" } }, + "required": [ + "FailoverConfig" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentPolicies": { + "AWS::Events::Endpoint.Secondary": { "additionalProperties": false, "properties": { - "ComponentUpdatePolicy": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy", - "markdownDescription": "The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices.", - "title": "ComponentUpdatePolicy" - }, - "ConfigurationValidationPolicy": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy", - "markdownDescription": "The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates.", - "title": "ConfigurationValidationPolicy" - }, - "FailureHandlingPolicy": { - "markdownDescription": "The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails.\n\nDefault: `ROLLBACK`", - "title": "FailureHandlingPolicy", + "Route": { + "markdownDescription": "Defines the secondary Region.", + "title": "Route", "type": "string" } }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.IoTJobAbortConfig": { - "additionalProperties": false, - "properties": { - "CriteriaList": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortCriteria" - }, - "markdownDescription": "The list of criteria that define when and how to cancel the configuration deployment.", - "title": "CriteriaList", - "type": "array" - } - }, "required": [ - "CriteriaList" + "Route" ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobAbortCriteria": { + "AWS::Events::EventBus": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to perform when the criteria are met.", - "title": "Action", + "Condition": { "type": "string" }, - "FailureType": { - "markdownDescription": "The type of job deployment failure that can cancel a job.", - "title": "FailureType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MinNumberOfExecutedThings": { - "markdownDescription": "The minimum number of things that receive the configuration before the job can cancel.", - "title": "MinNumberOfExecutedThings", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ThresholdPercentage": { - "markdownDescription": "The minimum percentage of `failureType` failures that occur before the job can cancel.\n\nThis parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` ).", - "title": "ThresholdPercentage", - "type": "number" - } - }, - "required": [ - "Action", - "FailureType", - "MinNumberOfExecutedThings", - "ThresholdPercentage" - ], - "type": "object" - }, - "AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig": { - "additionalProperties": false, - "properties": { - "ExponentialRate": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate", - "markdownDescription": "The exponential rate to increase the job rollout rate.", - "title": "ExponentialRate" + "Metadata": { + "type": "object" }, - "MaximumPerMinute": { - "markdownDescription": "The maximum number of devices that receive a pending job notification, per minute.", - "title": "MaximumPerMinute", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate": { - "additionalProperties": false, - "properties": { - "BaseRatePerMinute": { - "markdownDescription": "The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job.", - "title": "BaseRatePerMinute", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Events::EventBus.DeadLetterConfig", + "markdownDescription": "Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ).\n\nFor more information, see [Using dead-letter queues to process undelivered events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-event-delivery.html#eb-rule-dlq) in the *EventBridge User Guide* .", + "title": "DeadLetterConfig" + }, + "Description": { + "markdownDescription": "The event bus description.", + "title": "Description", + "type": "string" + }, + "EventSourceName": { + "markdownDescription": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", + "title": "EventSourceName", + "type": "string" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt events on the event bus.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n> Schema discovery is not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:\n> \n> - You call `[CreateDiscoverer](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer)` on an event bus set to use a customer managed key for encryption.\n> - You call `[UpdatedEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html)` to set a customer managed key on an event bus with schema discovery enabled.\n> \n> To enable schema discovery on an event bus, choose to use an AWS owned key . For more information, see [Encrypting events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption-event-bus-cmkey.html) in the *Amazon EventBridge User Guide* . > If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.\n> \n> For more information, see [Encrypting archives](https://docs.aws.amazon.com/eventbridge/latest/userguide/encryption-archives.html) in the *Amazon EventBridge User Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "LogConfig": { + "$ref": "#/definitions/AWS::Events::EventBus.LogConfig", + "markdownDescription": "The logging configuration settings for the event bus.\n\nFor more information, see [Configuring logs for event buses](https://docs.aws.amazon.com/eb-event-bus-logs.html) in the *EventBridge User Guide* .", + "title": "LogConfig" + }, + "Name": { + "markdownDescription": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", + "title": "Policy", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to associate with the event bus.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "IncrementFactor": { - "markdownDescription": "The exponential factor to increase the rollout rate for the job.\n\nThis parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` ).", - "title": "IncrementFactor", - "type": "number" + "Type": { + "enum": [ + "AWS::Events::EventBus" + ], + "type": "string" }, - "RateIncreaseCriteria": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria", - "markdownDescription": "The criteria to increase the rollout rate for the job.", - "title": "RateIncreaseCriteria" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "BaseRatePerMinute", - "IncrementFactor", - "RateIncreaseCriteria" + "Type", + "Properties" ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria": { - "additionalProperties": false, - "properties": { - "NumberOfNotifiedThings": { - "markdownDescription": "The number of devices to receive the job notification before the rollout rate increases.", - "title": "NumberOfNotifiedThings", - "type": "number" - }, - "NumberOfSucceededThings": { - "markdownDescription": "The number of devices to successfully run the configuration job before the rollout rate increases.", - "title": "NumberOfSucceededThings", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig": { + "AWS::Events::EventBus.DeadLetterConfig": { "additionalProperties": false, "properties": { - "InProgressTimeoutInMinutes": { - "markdownDescription": "The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` .\n\nThe timeout interval must be between 1 minute and 7 days (10080 minutes).", - "title": "InProgressTimeoutInMinutes", - "type": "number" + "Arn": { + "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", + "title": "Arn", + "type": "string" } }, "type": "object" }, - "AWS::GreengrassV2::Deployment.SystemResourceLimits": { + "AWS::Events::EventBus.LogConfig": { "additionalProperties": false, "properties": { - "Cpus": { - "markdownDescription": "The maximum amount of CPU time that a component's processes can use on the core device. A core device's total CPU time is equivalent to the device's number of CPU cores. For example, on a core device with 4 CPU cores, you can set this value to 2 to limit the component's processes to 50 percent usage of each CPU core. On a device with 1 CPU core, you can set this value to 0.25 to limit the component's processes to 25 percent usage of the CPU. If you set this value to a number greater than the number of CPU cores, the AWS IoT Greengrass Core software doesn't limit the component's CPU usage.", - "title": "Cpus", - "type": "number" + "IncludeDetail": { + "markdownDescription": "Whether EventBridge include detailed event information in the records it generates. Detailed data can be useful for troubleshooting and debugging. This information includes details of the event itself, as well as target details.\n\nFor more information, see [Including detail data in event bus logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-logs-data) in the *EventBridge User Guide* .", + "title": "IncludeDetail", + "type": "string" }, - "Memory": { - "markdownDescription": "The maximum amount of RAM, expressed in kilobytes, that a component's processes can use on the core device. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", - "title": "Memory", - "type": "number" + "Level": { + "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the event bus.\n\nFor more information, see [Specifying event bus log level](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-bus-logs-level) in the *EventBridge User Guide* .", + "title": "Level", + "type": "string" } }, "type": "object" }, - "AWS::GroundStation::Config": { + "AWS::Events::EventBusPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -112115,34 +119776,45 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigData": { - "$ref": "#/definitions/AWS::GroundStation::Config.ConfigData", - "markdownDescription": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype.", - "title": "ConfigData" + "Action": { + "markdownDescription": "The action that you are enabling the other account to perform.", + "title": "Action", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the config object.", - "title": "Name", + "Condition": { + "$ref": "#/definitions/AWS::Events::EventBusPolicy.Condition", + "markdownDescription": "This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization. For more information about AWS Organizations, see [What Is AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) in the *AWS Organizations User Guide* .\n\nIf you specify `Condition` with an AWS organization ID, and specify \"*\" as the value for `Principal` , you grant permission to all the accounts in the named organization.\n\nThe `Condition` is a JSON string which must contain `Type` , `Key` , and `Value` fields.", + "title": "Condition" + }, + "EventBusName": { + "markdownDescription": "The name of the event bus associated with the rule. If you omit this, the default event bus is used.", + "title": "EventBusName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags assigned to a resource.", - "title": "Tags", - "type": "array" + "Principal": { + "markdownDescription": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify \"*\" to permit any account to put events to your default event bus.\n\nIf you specify \"*\" without specifying `Condition` , avoid creating rules that may match undesirable events. To create more secure rules, make sure that the event pattern for each rule contains an `account` field with a specific account ID from which to receive events. Rules with an account field do not match any events sent from other accounts.", + "title": "Principal", + "type": "string" + }, + "Statement": { + "markdownDescription": "A JSON string that describes the permission policy statement. You can include a `Policy` parameter in the request instead of using the `StatementId` , `Action` , `Principal` , or `Condition` parameters.", + "title": "Statement", + "type": "object" + }, + "StatementId": { + "markdownDescription": "An identifier string for the external account that you are granting permissions to. If you later want to revoke the permission for this external account, specify this `StatementId` when you run [RemovePermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html) .\n\n> Each `StatementId` must be unique.", + "title": "StatementId", + "type": "string" } }, "required": [ - "ConfigData", - "Name" + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::Config" + "AWS::Events::EventBusPolicy" ], "type": "string" }, @@ -112161,540 +119833,722 @@ ], "type": "object" }, - "AWS::GroundStation::Config.AntennaDownlinkConfig": { - "additionalProperties": false, - "properties": { - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig": { + "AWS::Events::EventBusPolicy.Condition": { "additionalProperties": false, "properties": { - "DecodeConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DecodeConfig", - "markdownDescription": "Defines how the RF signal will be decoded.", - "title": "DecodeConfig" + "Key": { + "markdownDescription": "Specifies the key for the condition. Currently the only supported key is `aws:PrincipalOrgID` .", + "title": "Key", + "type": "string" }, - "DemodulationConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DemodulationConfig", - "markdownDescription": "Defines how the RF signal will be demodulated.", - "title": "DemodulationConfig" + "Type": { + "markdownDescription": "Specifies the type of condition. Currently the only supported value is `StringEquals` .", + "title": "Type", + "type": "string" }, - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" + "Value": { + "markdownDescription": "Specifies the value for the key. Currently, this must be the ID of the organization.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::GroundStation::Config.AntennaUplinkConfig": { + "AWS::Events::Rule": { "additionalProperties": false, "properties": { - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.UplinkSpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" + "Condition": { + "type": "string" }, - "TargetEirp": { - "$ref": "#/definitions/AWS::GroundStation::Config.Eirp", - "markdownDescription": "The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW.", - "title": "TargetEirp" - }, - "TransmitDisabled": { - "markdownDescription": "Whether or not uplink transmit is disabled.", - "title": "TransmitDisabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.ConfigData": { - "additionalProperties": false, - "properties": { - "AntennaDownlinkConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkConfig", - "markdownDescription": "Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks).", - "title": "AntennaDownlinkConfig" + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" }, - "AntennaDownlinkDemodDecodeConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig", - "markdownDescription": "Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data.", - "title": "AntennaDownlinkDemodDecodeConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AntennaUplinkConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaUplinkConfig", - "markdownDescription": "Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts.", - "title": "AntennaUplinkConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DataflowEndpointConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DataflowEndpointConfig", - "markdownDescription": "Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact.", - "title": "DataflowEndpointConfig" + "Metadata": { + "type": "object" }, - "S3RecordingConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.S3RecordingConfig", - "markdownDescription": "Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts.", - "title": "S3RecordingConfig" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the rule.", + "title": "Description", + "type": "string" + }, + "EventBusName": { + "markdownDescription": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.", + "title": "EventBusName", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "The event pattern of the rule. For more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the **Amazon EventBridge User Guide** .", + "title": "EventPattern", + "type": "object" + }, + "Name": { + "markdownDescription": "The name of the rule.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", + "title": "RoleArn", + "type": "string" + }, + "ScheduleExpression": { + "markdownDescription": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", + "title": "ScheduleExpression", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the **Amazon EventBridge User Guide** .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", + "title": "State", + "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.Target" + }, + "markdownDescription": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the **Amazon EventBridge User Guide** .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the **Amazon EventBridge User Guide** .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code.", + "title": "Targets", + "type": "array" + } + }, + "type": "object" }, - "TrackingConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.TrackingConfig", - "markdownDescription": "Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact.", - "title": "TrackingConfig" + "Type": { + "enum": [ + "AWS::Events::Rule" + ], + "type": "string" }, - "UplinkEchoConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.UplinkEchoConfig", - "markdownDescription": "Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts.", - "title": "UplinkEchoConfig" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::GroundStation::Config.DataflowEndpointConfig": { + "AWS::Events::Rule.AppSyncParameters": { "additionalProperties": false, "properties": { - "DataflowEndpointName": { - "markdownDescription": "The name of the dataflow endpoint to use during contacts.", - "title": "DataflowEndpointName", - "type": "string" - }, - "DataflowEndpointRegion": { - "markdownDescription": "The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact.", - "title": "DataflowEndpointRegion", + "GraphQLOperation": { + "markdownDescription": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.\n\nFor more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* .", + "title": "GraphQLOperation", "type": "string" } }, + "required": [ + "GraphQLOperation" + ], "type": "object" }, - "AWS::GroundStation::Config.DecodeConfig": { + "AWS::Events::Rule.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "UnvalidatedJSON": { - "markdownDescription": "The decoding settings are in JSON format and define a set of steps to perform to decode the data.", - "title": "UnvalidatedJSON", + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", + "type": "array" } }, + "required": [ + "Subnets" + ], "type": "object" }, - "AWS::GroundStation::Config.DemodulationConfig": { + "AWS::Events::Rule.BatchArrayProperties": { "additionalProperties": false, "properties": { - "UnvalidatedJSON": { - "markdownDescription": "The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use.", - "title": "UnvalidatedJSON", - "type": "string" + "Size": { + "markdownDescription": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.", + "title": "Size", + "type": "number" } }, "type": "object" }, - "AWS::GroundStation::Config.Eirp": { + "AWS::Events::Rule.BatchParameters": { "additionalProperties": false, "properties": { - "Units": { - "markdownDescription": "The units of the EIRP.", - "title": "Units", + "ArrayProperties": { + "$ref": "#/definitions/AWS::Events::Rule.BatchArrayProperties", + "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", + "title": "ArrayProperties" + }, + "JobDefinition": { + "markdownDescription": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.", + "title": "JobDefinition", "type": "string" }, - "Value": { - "markdownDescription": "The value of the EIRP. Valid values are between 20.0 to 50.0 dBW.", - "title": "Value", + "JobName": { + "markdownDescription": "The name to use for this execution of the job, if the target is an AWS Batch job.", + "title": "JobName", + "type": "string" + }, + "RetryStrategy": { + "$ref": "#/definitions/AWS::Events::Rule.BatchRetryStrategy", + "markdownDescription": "The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1\u201310. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition.", + "title": "RetryStrategy" + } + }, + "required": [ + "JobDefinition", + "JobName" + ], + "type": "object" + }, + "AWS::Events::Rule.BatchRetryStrategy": { + "additionalProperties": false, + "properties": { + "Attempts": { + "markdownDescription": "The number of times to attempt to retry, if the job fails. Valid values are 1\u201310.", + "title": "Attempts", "type": "number" } }, "type": "object" }, - "AWS::GroundStation::Config.Frequency": { + "AWS::Events::Rule.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Units": { - "markdownDescription": "The units of the frequency.", - "title": "Units", + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "Value": { - "markdownDescription": "The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "Value", + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", "type": "number" } }, + "required": [ + "CapacityProvider" + ], "type": "object" }, - "AWS::GroundStation::Config.FrequencyBandwidth": { + "AWS::Events::Rule.DeadLetterConfig": { "additionalProperties": false, "properties": { - "Units": { - "markdownDescription": "The units of the bandwidth.", - "title": "Units", + "Arn": { + "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", + "title": "Arn", "type": "string" - }, - "Value": { - "markdownDescription": "The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", - "title": "Value", - "type": "number" } }, "type": "object" }, - "AWS::GroundStation::Config.S3RecordingConfig": { + "AWS::Events::Rule.EcsParameters": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` .", - "title": "BucketArn", + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", + "title": "CapacityProviderStrategy", + "type": "array" + }, + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Group": { + "markdownDescription": "Specifies an ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/`\n\n*Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}`", - "title": "Prefix", + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", "type": "string" }, - "RoleArn": { - "markdownDescription": "Defines the ARN of the role assumed for putting archives to S3.", - "title": "RoleArn", + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Events::Rule.NetworkConfiguration", + "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.PlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", + "type": "array" + }, + "PlacementStrategies": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.PlacementStrategy" + }, + "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", + "title": "PlacementStrategies", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", + "type": "string" + }, + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action.", + "title": "PropagateTags", + "type": "string" + }, + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "TagList": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", + "title": "TagList", + "type": "array" + }, + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", + "title": "TaskCount", + "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", "type": "string" } }, + "required": [ + "TaskDefinitionArn" + ], "type": "object" }, - "AWS::GroundStation::Config.SpectrumConfig": { + "AWS::Events::Rule.HttpParameters": { "additionalProperties": false, "properties": { - "Bandwidth": { - "$ref": "#/definitions/AWS::GroundStation::Config.FrequencyBandwidth", - "markdownDescription": "The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", - "title": "Bandwidth" + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" }, - "CenterFrequency": { - "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", - "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "CenterFrequency" + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" }, - "Polarization": { - "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` . Capturing both `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` polarization requires two separate configs.", - "title": "Polarization", - "type": "string" + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" } }, "type": "object" }, - "AWS::GroundStation::Config.TrackingConfig": { + "AWS::Events::Rule.InputTransformer": { "additionalProperties": false, "properties": { - "Autotrack": { - "markdownDescription": "Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost.", - "title": "Autotrack", + "InputPathsMap": { + "additionalProperties": true, + "markdownDescription": "Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target.\n\n`InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation.\n\nThe keys cannot start with \" AWS .\"", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "InputPathsMap", + "type": "object" + }, + "InputTemplate": { + "markdownDescription": "Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: < *value* >\n\nIf `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply:\n\n- The placeholder cannot be used as an object key.\n\nThe following example shows the syntax for using `InputPathsMap` and `InputTemplate` .\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \"`\n\n`}`\n\nTo have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \\\"\\\"\"`\n\n`}`\n\nThe `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": '{\"myInstance\": ,\"myStatus\": \" is in state \\\"\\\"\"}'`\n\n`}`", + "title": "InputTemplate", "type": "string" } }, + "required": [ + "InputTemplate" + ], "type": "object" }, - "AWS::GroundStation::Config.UplinkEchoConfig": { + "AWS::Events::Rule.KinesisParameters": { "additionalProperties": false, "properties": { - "AntennaUplinkConfigArn": { - "markdownDescription": "Defines the ARN of the uplink config to echo back to a dataflow endpoint.", - "title": "AntennaUplinkConfigArn", + "PartitionKeyPath": { + "markdownDescription": "The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* .", + "title": "PartitionKeyPath", "type": "string" - }, - "Enabled": { - "markdownDescription": "Whether or not uplink echo is enabled.", - "title": "Enabled", - "type": "boolean" } }, + "required": [ + "PartitionKeyPath" + ], "type": "object" }, - "AWS::GroundStation::Config.UplinkSpectrumConfig": { + "AWS::Events::Rule.NetworkConfiguration": { "additionalProperties": false, "properties": { - "CenterFrequency": { - "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", - "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "CenterFrequency" - }, - "Polarization": { - "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` .", - "title": "Polarization", - "type": "string" + "AwsVpcConfiguration": { + "$ref": "#/definitions/AWS::Events::Rule.AwsVpcConfiguration", + "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", + "title": "AwsVpcConfiguration" } }, "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup": { + "AWS::Events::Rule.PlacementConstraint": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "Expression", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContactPostPassDurationSeconds": { - "markdownDescription": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a `POSTPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `POSTPASS` state.", - "title": "ContactPostPassDurationSeconds", - "type": "number" - }, - "ContactPrePassDurationSeconds": { - "markdownDescription": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a `PREPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `PREPASS` state.", - "title": "ContactPrePassDurationSeconds", - "type": "number" - }, - "EndpointDetails": { - "items": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" - }, - "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", - "title": "EndpointDetails", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags assigned to a resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "EndpointDetails" - ], - "type": "object" - }, "Type": { - "enum": [ - "AWS::GroundStation::DataflowEndpointGroup" - ], + "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Events::Rule.PlacementStrategy": { + "additionalProperties": false, + "properties": { + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", + "title": "Field", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint": { + "AWS::Events::Rule.RedshiftDataParameters": { "additionalProperties": false, "properties": { - "AgentStatus": { - "markdownDescription": "The status of AgentEndpoint.", - "title": "AgentStatus", + "Database": { + "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", + "title": "Database", "type": "string" }, - "AuditResults": { - "markdownDescription": "The results of the audit.", - "title": "AuditResults", + "DbUser": { + "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", + "title": "DbUser", "type": "string" }, - "EgressAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails", - "markdownDescription": "The egress address of AgentEndpoint.", - "title": "EgressAddress" + "SecretManagerArn": { + "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager.", + "title": "SecretManagerArn", + "type": "string" }, - "IngressAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails", - "markdownDescription": "The ingress address of AgentEndpoint.", - "title": "IngressAddress" + "Sql": { + "markdownDescription": "The SQL statement text to run.", + "title": "Sql", + "type": "string" }, - "Name": { - "markdownDescription": "Name string associated with AgentEndpoint. Used as a human-readable identifier for AgentEndpoint.", - "title": "Name", + "Sqls": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back.", + "title": "Sqls", + "type": "array" + }, + "StatementName": { + "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", + "title": "StatementName", "type": "string" + }, + "WithEvent": { + "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", + "title": "WithEvent", + "type": "boolean" } }, + "required": [ + "Database" + ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails": { + "AWS::Events::Rule.RetryPolicy": { "additionalProperties": false, "properties": { - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", - "title": "Mtu", + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", + "title": "MaximumEventAgeInSeconds", "type": "number" }, - "SocketAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", - "markdownDescription": "A socket address.", - "title": "SocketAddress" + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met.", + "title": "MaximumRetryAttempts", + "type": "number" } }, "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint": { + "AWS::Events::Rule.RunCommandParameters": { "additionalProperties": false, "properties": { - "Address": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", - "markdownDescription": "The address and port of an endpoint.", - "title": "Address" - }, - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set.", - "title": "Mtu", - "type": "number" - }, - "Name": { - "markdownDescription": "The endpoint name.\n\nWhen listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite.", - "title": "Name", - "type": "string" + "RunCommandTargets": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.RunCommandTarget" + }, + "markdownDescription": "Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag.", + "title": "RunCommandTargets", + "type": "array" } }, + "required": [ + "RunCommandTargets" + ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.EndpointDetails": { + "AWS::Events::Rule.RunCommandTarget": { "additionalProperties": false, "properties": { - "AwsGroundStationAgentEndpoint": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint", - "markdownDescription": "An agent endpoint.", - "title": "AwsGroundStationAgentEndpoint" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint", - "markdownDescription": "Information about the endpoint such as name and the endpoint address.", - "title": "Endpoint" + "Key": { + "markdownDescription": "Can be either `tag:` *tag-key* or `InstanceIds` .", + "title": "Key", + "type": "string" }, - "SecurityDetails": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SecurityDetails", - "markdownDescription": "The role ARN, and IDs for security groups and subnets.", - "title": "SecurityDetails" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs.", + "title": "Values", + "type": "array" } }, + "required": [ + "Key", + "Values" + ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.IntegerRange": { + "AWS::Events::Rule.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "A maximum value.", - "title": "Maximum", - "type": "number" + "Name": { + "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Name", + "type": "string" }, - "Minimum": { - "markdownDescription": "A minimum value.", - "title": "Minimum", - "type": "number" + "Value": { + "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Value", + "type": "string" } }, + "required": [ + "Name", + "Value" + ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails": { + "AWS::Events::Rule.SageMakerPipelineParameters": { "additionalProperties": false, "properties": { - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", - "title": "Mtu", - "type": "number" - }, - "SocketAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress", - "markdownDescription": "A ranged socket address.", - "title": "SocketAddress" + "PipelineParameterList": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameter" + }, + "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", + "title": "PipelineParameterList", + "type": "array" } }, "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress": { + "AWS::Events::Rule.SqsParameters": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "IPv4 socket address.", - "title": "Name", + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", "type": "string" - }, - "PortRange": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.IntegerRange", - "markdownDescription": "Port range of a socket address.", - "title": "PortRange" } }, + "required": [ + "MessageGroupId" + ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.SecurityDetails": { + "AWS::Events::Rule.Target": { "additionalProperties": false, "properties": { + "AppSyncParameters": { + "$ref": "#/definitions/AWS::Events::Rule.AppSyncParameters", + "markdownDescription": "Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API.", + "title": "AppSyncParameters" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target.", + "title": "Arn", + "type": "string" + }, + "BatchParameters": { + "$ref": "#/definitions/AWS::Events::Rule.BatchParameters", + "markdownDescription": "If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* .", + "title": "BatchParameters" + }, + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Events::Rule.DeadLetterConfig", + "markdownDescription": "The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" + }, + "EcsParameters": { + "$ref": "#/definitions/AWS::Events::Rule.EcsParameters", + "markdownDescription": "Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* .", + "title": "EcsParameters" + }, + "HttpParameters": { + "$ref": "#/definitions/AWS::Events::Rule.HttpParameters", + "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", + "title": "HttpParameters" + }, + "Id": { + "markdownDescription": "The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string.", + "title": "Id", + "type": "string" + }, + "Input": { + "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .", + "title": "Input", + "type": "string" + }, + "InputPath": { + "markdownDescription": "The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) .", + "title": "InputPath", + "type": "string" + }, + "InputTransformer": { + "$ref": "#/definitions/AWS::Events::Rule.InputTransformer", + "markdownDescription": "Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target.", + "title": "InputTransformer" + }, + "KinesisParameters": { + "$ref": "#/definitions/AWS::Events::Rule.KinesisParameters", + "markdownDescription": "The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key.", + "title": "KinesisParameters" + }, + "RedshiftDataParameters": { + "$ref": "#/definitions/AWS::Events::Rule.RedshiftDataParameters", + "markdownDescription": "Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster.\n\nIf you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.", + "title": "RedshiftDataParameters" + }, + "RetryPolicy": { + "$ref": "#/definitions/AWS::Events::Rule.RetryPolicy", + "markdownDescription": "The retry policy configuration to use for the dead-letter queue.", + "title": "RetryPolicy" + }, "RoleArn": { - "markdownDescription": "The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` .\n\nGround Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact.", + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target.", "title": "RoleArn", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group Ids of the security role, such as `sg-1234567890abcdef0` .", - "title": "SecurityGroupIds", - "type": "array" + "RunCommandParameters": { + "$ref": "#/definitions/AWS::Events::Rule.RunCommandParameters", + "markdownDescription": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command.", + "title": "RunCommandParameters" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnet Ids of the security details, such as `subnet-12345678` .", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.SocketAddress": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the endpoint, such as `Endpoint 1` .", - "title": "Name", - "type": "string" + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameters", + "markdownDescription": "Contains the SageMaker AI Model Building Pipeline parameters to start execution of a SageMaker AI Model Building Pipeline.\n\nIf you specify a SageMaker AI Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events.", + "title": "SageMakerPipelineParameters" }, - "Port": { - "markdownDescription": "The port of the endpoint, such as `55888` .", - "title": "Port", - "type": "number" + "SqsParameters": { + "$ref": "#/definitions/AWS::Events::Rule.SqsParameters", + "markdownDescription": "Contains the message group ID to use when the target is a FIFO queue.\n\nIf you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled.", + "title": "SqsParameters" } }, + "required": [ + "Arn", + "Id" + ], "type": "object" }, - "AWS::GroundStation::MissionProfile": { + "AWS::Evidently::Experiment": { "additionalProperties": false, "properties": { "Condition": { @@ -112729,69 +120583,88 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactPostPassDurationSeconds": { - "markdownDescription": "Amount of time in seconds after a contact ends that you\u2019d like to receive a Ground Station Contact State Change indicating the pass has finished.", - "title": "ContactPostPassDurationSeconds", - "type": "number" - }, - "ContactPrePassDurationSeconds": { - "markdownDescription": "Amount of time in seconds prior to contact start that you'd like to receive a Ground Station Contact State Change Event indicating an upcoming pass.", - "title": "ContactPrePassDurationSeconds", - "type": "number" + "Description": { + "markdownDescription": "An optional description of the experiment.", + "title": "Description", + "type": "string" }, - "DataflowEdges": { + "MetricGoals": { "items": { - "$ref": "#/definitions/AWS::GroundStation::MissionProfile.DataflowEdge" + "$ref": "#/definitions/AWS::Evidently::Experiment.MetricGoalObject" }, - "markdownDescription": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config.", - "title": "DataflowEdges", + "markdownDescription": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment.", + "title": "MetricGoals", "type": "array" }, - "MinimumViableContactDurationSeconds": { - "markdownDescription": "Minimum length of a contact in seconds that Ground Station will return when listing contacts. Ground Station will not return contacts shorter than this duration.", - "title": "MinimumViableContactDurationSeconds", - "type": "number" - }, "Name": { - "markdownDescription": "The name of the mission profile.", + "markdownDescription": "A name for the new experiment.", "title": "Name", "type": "string" }, - "StreamsKmsKey": { - "$ref": "#/definitions/AWS::GroundStation::MissionProfile.StreamsKmsKey", - "markdownDescription": "KMS key to use for encrypting streams.", - "title": "StreamsKmsKey" + "OnlineAbConfig": { + "$ref": "#/definitions/AWS::Evidently::Experiment.OnlineAbConfigObject", + "markdownDescription": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation.", + "title": "OnlineAbConfig" }, - "StreamsKmsRole": { - "markdownDescription": "Role to use for encrypting streams with KMS key.", - "title": "StreamsKmsRole", + "Project": { + "markdownDescription": "The name or the ARN of the project where this experiment is to be created.", + "title": "Project", + "type": "string" + }, + "RandomizationSalt": { + "markdownDescription": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` .", + "title": "RandomizationSalt", + "type": "string" + }, + "RemoveSegment": { + "markdownDescription": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running.", + "title": "RemoveSegment", + "type": "boolean" + }, + "RunningStatus": { + "$ref": "#/definitions/AWS::Evidently::Experiment.RunningStatusObject", + "markdownDescription": "A structure that you can use to start and stop the experiment.", + "title": "RunningStatus" + }, + "SamplingRate": { + "markdownDescription": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience.", + "title": "SamplingRate", + "type": "number" + }, + "Segment": { + "markdownDescription": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", + "title": "Segment", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags assigned to the mission profile.", + "markdownDescription": "Assigns one or more tags (key-value pairs) to the experiment.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an experiment.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" }, - "TrackingConfigArn": { - "markdownDescription": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact.", - "title": "TrackingConfigArn", - "type": "string" + "Treatments": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentObject" + }, + "markdownDescription": "An array of structures that describe the configuration of each feature variation used in the experiment.", + "title": "Treatments", + "type": "array" } }, "required": [ - "DataflowEdges", - "MinimumViableContactDurationSeconds", + "MetricGoals", "Name", - "TrackingConfigArn" + "OnlineAbConfig", + "Project", + "Treatments" ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::MissionProfile" + "AWS::Evidently::Experiment" ], "type": "string" }, @@ -112810,281 +120683,148 @@ ], "type": "object" }, - "AWS::GroundStation::MissionProfile.DataflowEdge": { + "AWS::Evidently::Experiment.MetricGoalObject": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge.", - "title": "Destination", + "DesiredChange": { + "markdownDescription": "`INCREASE` means that a variation with a higher number for this metric is performing better.\n\n`DECREASE` means that a variation with a lower number for this metric is performing better.", + "title": "DesiredChange", "type": "string" }, - "Source": { - "markdownDescription": "The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge.", - "title": "Source", + "EntityIdKey": { + "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", + "title": "EntityIdKey", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", + "title": "EventPattern", + "type": "string" + }, + "MetricName": { + "markdownDescription": "A name for the metric. It can include up to 255 characters.", + "title": "MetricName", + "type": "string" + }, + "UnitLabel": { + "markdownDescription": "A label for the units that the metric is measuring.", + "title": "UnitLabel", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "The JSON path to reference the numerical metric value in the event.", + "title": "ValueKey", "type": "string" } }, + "required": [ + "DesiredChange", + "EntityIdKey", + "MetricName", + "ValueKey" + ], "type": "object" }, - "AWS::GroundStation::MissionProfile.StreamsKmsKey": { + "AWS::Evidently::Experiment.OnlineAbConfigObject": { "additionalProperties": false, "properties": { - "KmsAliasArn": { - "markdownDescription": "KMS Alias Arn.", - "title": "KmsAliasArn", + "ControlTreatmentName": { + "markdownDescription": "The name of the variation that is to be the default variation that the other variations are compared to.", + "title": "ControlTreatmentName", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "KMS Key Arn.", - "title": "KmsKeyArn", - "type": "string" + "TreatmentWeights": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentToWeight" + }, + "markdownDescription": "A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation.", + "title": "TreatmentWeights", + "type": "array" } }, "type": "object" }, - "AWS::GuardDuty::Detector": { + "AWS::Evidently::Experiment.RunningStatusObject": { "additionalProperties": false, "properties": { - "Condition": { + "AnalysisCompleteTime": { + "markdownDescription": "If you are using AWS CloudFormation to start the experiment, use this field to specify when the experiment is to end. The format is as a UNIX timestamp. For more information about this format, see [The Current Epoch Unix Timestamp](https://docs.aws.amazon.com/https://www.unixtimestamp.com/index.php) .", + "title": "AnalysisCompleteTime", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DesiredState": { + "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment.", + "title": "DesiredState", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Reason": { + "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, this is an optional field that you can use to record why the experiment is being stopped or cancelled.", + "title": "Reason", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataSources": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNDataSourceConfigurations", - "markdownDescription": "Describes which data sources will be enabled for the detector.", - "title": "DataSources" - }, - "Enable": { - "markdownDescription": "Specifies whether the detector is to be enabled on creation.", - "title": "Enable", - "type": "boolean" - }, - "Features": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureConfiguration" - }, - "markdownDescription": "A list of features that will be configured for the detector.", - "title": "Features", - "type": "array" - }, - "FindingPublishingFrequency": { - "markdownDescription": "Specifies how frequently updated findings are exported.", - "title": "FindingPublishingFrequency", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.TagItem" - }, - "markdownDescription": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Enable" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::GuardDuty::Detector" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Status": { + "markdownDescription": "To start the experiment now, specify `START` for this parameter. If this experiment is currently running and you want to stop it now, specify `STOP` .", + "title": "Status", "type": "string" } }, "required": [ - "Type", - "Properties" + "Status" ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { - "additionalProperties": false, - "properties": { - "Kubernetes": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesConfiguration", - "markdownDescription": "Describes which Kubernetes data sources are enabled for a detector.", - "title": "Kubernetes" - }, - "MalwareProtection": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration", - "markdownDescription": "Describes whether Malware Protection will be enabled as a data source.", - "title": "MalwareProtection" - }, - "S3Logs": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNS3LogsConfiguration", - "markdownDescription": "Describes whether S3 data event logs are enabled as a data source.", - "title": "S3Logs" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration": { + "AWS::Evidently::Experiment.TreatmentObject": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the additional configuration.", - "title": "Name", + "Description": { + "markdownDescription": "The description of the treatment.", + "title": "Description", "type": "string" }, - "Status": { - "markdownDescription": "Status of the additional configuration.", - "title": "Status", + "Feature": { + "markdownDescription": "The name of the feature for this experiment.", + "title": "Feature", "type": "string" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNFeatureConfiguration": { - "additionalProperties": false, - "properties": { - "AdditionalConfiguration": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration" - }, - "markdownDescription": "Information about the additional configuration of a feature in your account.", - "title": "AdditionalConfiguration", - "type": "array" }, - "Name": { - "markdownDescription": "Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* .", - "title": "Name", + "TreatmentName": { + "markdownDescription": "A name for this treatment. It can include up to 127 characters.", + "title": "TreatmentName", "type": "string" }, - "Status": { - "markdownDescription": "Status of the feature configuration.", - "title": "Status", + "Variation": { + "markdownDescription": "The name of the variation to use for this treatment.", + "title": "Variation", "type": "string" } }, "required": [ - "Name", - "Status" - ], - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", - "title": "Enable", - "type": "boolean" - } - }, - "required": [ - "Enable" - ], - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNKubernetesConfiguration": { - "additionalProperties": false, - "properties": { - "AuditLogs": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration", - "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", - "title": "AuditLogs" - } - }, - "required": [ - "AuditLogs" - ], - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration": { - "additionalProperties": false, - "properties": { - "ScanEc2InstanceWithFindings": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration", - "markdownDescription": "Describes the configuration of Malware Protection for EC2 instances with findings.", - "title": "ScanEc2InstanceWithFindings" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNS3LogsConfiguration": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "The status of S3 data event logs as a data source.", - "title": "Enable", - "type": "boolean" - } - }, - "required": [ - "Enable" + "Feature", + "TreatmentName", + "Variation" ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration": { - "additionalProperties": false, - "properties": { - "EbsVolumes": { - "markdownDescription": "Describes the configuration for scanning EBS volumes as data source.", - "title": "EbsVolumes", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.TagItem": { + "AWS::Evidently::Experiment.TreatmentToWeight": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", - "type": "string" + "SplitWeight": { + "markdownDescription": "The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment.", + "title": "SplitWeight", + "type": "number" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "Treatment": { + "markdownDescription": "The name of the treatment.", + "title": "Treatment", "type": "string" } }, "required": [ - "Key", - "Value" + "SplitWeight", + "Treatment" ], "type": "object" }, - "AWS::GuardDuty::Filter": { + "AWS::Evidently::Feature": { "additionalProperties": false, "properties": { "Condition": { @@ -113119,53 +120859,66 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies the action that is to be applied to the findings that match the filter.", - "title": "Action", + "DefaultVariation": { + "markdownDescription": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation.", + "title": "DefaultVariation", "type": "string" }, "Description": { - "markdownDescription": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.", + "markdownDescription": "An optional description of the feature.", "title": "Description", "type": "string" }, - "DetectorId": { - "markdownDescription": "The detector ID associated with the GuardDuty account for which you want to create a filter.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", - "type": "string" + "EntityOverrides": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Feature.EntityOverride" + }, + "markdownDescription": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.", + "title": "EntityOverrides", + "type": "array" }, - "FindingCriteria": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.FindingCriteria", - "markdownDescription": "Represents the criteria to be used in the filter for querying findings.", - "title": "FindingCriteria" + "EvaluationStrategy": { + "markdownDescription": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.", + "title": "EvaluationStrategy", + "type": "string" }, "Name": { - "markdownDescription": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.", + "markdownDescription": "The name for the feature. It can include up to 127 characters.", "title": "Name", "type": "string" }, - "Rank": { - "markdownDescription": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` .", - "title": "Rank", - "type": "number" + "Project": { + "markdownDescription": "The name or ARN of the project that is to contain the new feature.", + "title": "Project", + "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" + }, + "Variations": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Feature.VariationObject" + }, + "markdownDescription": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` ).", + "title": "Variations", + "type": "array" } }, "required": [ - "FindingCriteria" + "Name", + "Project", + "Variations" ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::Filter" + "AWS::Evidently::Feature" ], "type": "string" }, @@ -113184,122 +120937,57 @@ ], "type": "object" }, - "AWS::GuardDuty::Filter.Condition": { + "AWS::Evidently::Feature.EntityOverride": { "additionalProperties": false, "properties": { - "Eq": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the equal condition to apply to a single field when querying for findings.", - "title": "Eq", - "type": "array" - }, - "Equals": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents an *equal* ** condition to be applied to a single field when querying for findings.", - "title": "Equals", - "type": "array" - }, - "GreaterThan": { - "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", - "title": "GreaterThan", - "type": "number" - }, - "GreaterThanOrEqual": { - "markdownDescription": "Represents a *greater than or equal* condition to be applied to a single field when querying for findings.", - "title": "GreaterThanOrEqual", - "type": "number" - }, - "Gt": { - "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", - "title": "Gt", - "type": "number" - }, - "Gte": { - "markdownDescription": "Represents the greater than or equal condition to apply to a single field when querying for findings.", - "title": "Gte", - "type": "number" - }, - "LessThan": { - "markdownDescription": "Represents a *less than* condition to be applied to a single field when querying for findings.", - "title": "LessThan", - "type": "number" - }, - "LessThanOrEqual": { - "markdownDescription": "Represents a *less than or equal* condition to be applied to a single field when querying for findings.", - "title": "LessThanOrEqual", - "type": "number" - }, - "Lt": { - "markdownDescription": "Represents the less than condition to apply to a single field when querying for findings.", - "title": "Lt", - "type": "number" - }, - "Lte": { - "markdownDescription": "Represents the less than or equal condition to apply to a single field when querying for findings.", - "title": "Lte", - "type": "number" - }, - "Neq": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the not equal condition to apply to a single field when querying for findings.", - "title": "Neq", - "type": "array" + "EntityId": { + "markdownDescription": "The entity ID to be served the variation specified in `Variation` .", + "title": "EntityId", + "type": "string" }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents a *not equal* ** condition to be applied to a single field when querying for findings.", - "title": "NotEquals", - "type": "array" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Filter.FindingCriteria": { - "additionalProperties": false, - "properties": { - "Criterion": { - "additionalProperties": false, - "markdownDescription": "Represents a map of finding properties that match specified conditions and values when querying findings.\n\nFor information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion:\n\n- accountId\n- id\n- region\n- severity\n\nTo filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition:\n\n- *Low* : `[\"1\", \"2\", \"3\"]`\n- *Medium* : `[\"4\", \"5\", \"6\"]`\n- *High* : `[\"7\", \"8\", \"9\"]`\n\nFor more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* .\n- type\n- updatedAt\n\nType: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds.\n- resource.accessKeyDetails.accessKeyId\n- resource.accessKeyDetails.principalId\n- resource.accessKeyDetails.userName\n- resource.accessKeyDetails.userType\n- resource.instanceDetails.iamInstanceProfile.id\n- resource.instanceDetails.imageId\n- resource.instanceDetails.instanceId\n- resource.instanceDetails.tags.key\n- resource.instanceDetails.tags.value\n- resource.instanceDetails.networkInterfaces.ipv6Addresses\n- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress\n- resource.instanceDetails.networkInterfaces.publicDnsName\n- resource.instanceDetails.networkInterfaces.publicIp\n- resource.instanceDetails.networkInterfaces.securityGroups.groupId\n- resource.instanceDetails.networkInterfaces.securityGroups.groupName\n- resource.instanceDetails.networkInterfaces.subnetId\n- resource.instanceDetails.networkInterfaces.vpcId\n- resource.instanceDetails.outpostArn\n- resource.resourceType\n- resource.s3BucketDetails.publicAccess.effectivePermissions\n- resource.s3BucketDetails.name\n- resource.s3BucketDetails.tags.key\n- resource.s3BucketDetails.tags.value\n- resource.s3BucketDetails.type\n- service.action.actionType\n- service.action.awsApiCallAction.api\n- service.action.awsApiCallAction.callerType\n- service.action.awsApiCallAction.errorCode\n- service.action.awsApiCallAction.remoteIpDetails.city.cityName\n- service.action.awsApiCallAction.remoteIpDetails.country.countryName\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.awsApiCallAction.remoteIpDetails.organization.asn\n- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg\n- service.action.awsApiCallAction.serviceName\n- service.action.dnsRequestAction.domain\n- service.action.dnsRequestAction.domainWithSuffix\n- service.action.networkConnectionAction.blocked\n- service.action.networkConnectionAction.connectionDirection\n- service.action.networkConnectionAction.localPortDetails.port\n- service.action.networkConnectionAction.protocol\n- service.action.networkConnectionAction.remoteIpDetails.city.cityName\n- service.action.networkConnectionAction.remoteIpDetails.country.countryName\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6\n- service.action.networkConnectionAction.remoteIpDetails.organization.asn\n- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg\n- service.action.networkConnectionAction.remotePortDetails.port\n- service.action.awsApiCallAction.remoteAccountDetails.affiliated\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.kubernetesApiCallAction.namespace\n- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn\n- service.action.kubernetesApiCallAction.requestUri\n- service.action.kubernetesApiCallAction.statusCode\n- service.action.networkConnectionAction.localIpDetails.ipAddressV4\n- service.action.networkConnectionAction.localIpDetails.ipAddressV6\n- service.action.networkConnectionAction.protocol\n- service.action.awsApiCallAction.serviceName\n- service.action.awsApiCallAction.remoteAccountDetails.accountId\n- service.additionalInfo.threatListName\n- service.resourceRole\n- resource.eksClusterDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace\n- resource.kubernetesDetails.kubernetesUserDetails.username\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix\n- service.ebsVolumeScanDetails.scanId\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash\n- service.malwareScanDetails.threats.name\n- resource.ecsClusterDetails.name\n- resource.ecsClusterDetails.taskDetails.containers.image\n- resource.ecsClusterDetails.taskDetails.definitionArn\n- resource.containerDetails.image\n- resource.rdsDbInstanceDetails.dbInstanceIdentifier\n- resource.rdsDbInstanceDetails.dbClusterIdentifier\n- resource.rdsDbInstanceDetails.engine\n- resource.rdsDbUserDetails.user\n- resource.rdsDbInstanceDetails.tags.key\n- resource.rdsDbInstanceDetails.tags.value\n- service.runtimeDetails.process.executableSha256\n- service.runtimeDetails.process.name\n- service.runtimeDetails.process.name\n- resource.lambdaDetails.functionName\n- resource.lambdaDetails.functionArn\n- resource.lambdaDetails.tags.key\n- resource.lambdaDetails.tags.value", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.Condition" - } - }, - "title": "Criterion", - "type": "object" + "Variation": { + "markdownDescription": "The name of the variation to serve to the user session that matches the `EntityId` .", + "title": "Variation", + "type": "string" } }, "type": "object" }, - "AWS::GuardDuty::Filter.TagItem": { + "AWS::Evidently::Feature.VariationObject": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "BooleanValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is boolean.", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a double.", + "title": "DoubleValue", + "type": "number" + }, + "LongValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a long.", + "title": "LongValue", + "type": "number" + }, + "StringValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a string.", + "title": "StringValue", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "VariationName": { + "markdownDescription": "A name for the variation. It can include up to 127 characters.", + "title": "VariationName", "type": "string" } }, "required": [ - "Key", - "Value" + "VariationName" ], "type": "object" }, - "AWS::GuardDuty::IPSet": { + "AWS::Evidently::Launch": { "additionalProperties": false, "properties": { "Condition": { @@ -113334,49 +121022,75 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "Indicates whether or not GuardDuty uses the `IPSet` .", - "title": "Activate", - "type": "boolean" - }, - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", + "Description": { + "markdownDescription": "An optional description for the launch.", + "title": "Description", "type": "string" }, - "Format": { - "markdownDescription": "The format of the file that contains the IPSet.", - "title": "Format", - "type": "string" + "ExecutionStatus": { + "$ref": "#/definitions/AWS::Evidently::Launch.ExecutionStatusObject", + "markdownDescription": "A structure that you can use to start and stop the launch.", + "title": "ExecutionStatus" }, - "Location": { - "markdownDescription": "The URI of the file that contains the IPSet.", - "title": "Location", - "type": "string" + "Groups": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.LaunchGroupObject" + }, + "markdownDescription": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch.", + "title": "Groups", + "type": "array" + }, + "MetricMonitors": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.MetricDefinitionObject" + }, + "markdownDescription": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array.", + "title": "MetricMonitors", + "type": "array" }, "Name": { - "markdownDescription": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", + "markdownDescription": "The name for the launch. It can include up to 127 characters.", "title": "Name", "type": "string" }, + "Project": { + "markdownDescription": "The name or ARN of the project that you want to create the launch in.", + "title": "Project", + "type": "string" + }, + "RandomizationSalt": { + "markdownDescription": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` .", + "title": "RandomizationSalt", + "type": "string" + }, + "ScheduledSplitsConfig": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.StepConfig" + }, + "markdownDescription": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch.", + "title": "ScheduledSplitsConfig", + "type": "array" + }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::IPSet.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Assigns one or more tags (key-value pairs) to the launch.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a launch.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" } }, "required": [ - "Format", - "Location" + "Groups", + "Name", + "Project", + "ScheduledSplitsConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::IPSet" + "AWS::Evidently::Launch" ], "type": "string" }, @@ -113395,197 +121109,178 @@ ], "type": "object" }, - "AWS::GuardDuty::IPSet.TagItem": { + "AWS::Evidently::Launch.ExecutionStatusObject": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "DesiredState": { + "markdownDescription": "If you are using AWS CloudFormation to stop this launch, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment. If you omit this parameter, the default of `COMPLETED` is used.", + "title": "DesiredState", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "Reason": { + "markdownDescription": "If you are using AWS CloudFormation to stop this launch, this is an optional field that you can use to record why the launch is being stopped or cancelled.", + "title": "Reason", + "type": "string" + }, + "Status": { + "markdownDescription": "To start the launch now, specify `START` for this parameter. If this launch is currently running and you want to stop it now, specify `STOP` .", + "title": "Status", "type": "string" } }, "required": [ - "Key", - "Value" + "Status" ], "type": "object" }, - "AWS::GuardDuty::Master": { + "AWS::Evidently::Launch.GroupToWeight": { "additionalProperties": false, "properties": { - "Condition": { + "GroupName": { + "markdownDescription": "The name of the launch group. It can include up to 127 characters.", + "title": "GroupName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SplitWeight": { + "markdownDescription": "The portion of launch traffic to allocate to this launch group.\n\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group.", + "title": "SplitWeight", + "type": "number" + } + }, + "required": [ + "GroupName", + "SplitWeight" + ], + "type": "object" + }, + "AWS::Evidently::Launch.LaunchGroupObject": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the launch group.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty member account.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", - "type": "string" - }, - "InvitationId": { - "markdownDescription": "The ID of the invitation that is sent to the account designated as a member account. You can find the invitation ID by running the [ListInvitations](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html) in the *GuardDuty API Reference* .", - "title": "InvitationId", - "type": "string" - }, - "MasterId": { - "markdownDescription": "The AWS account ID of the account designated as the GuardDuty administrator account.", - "title": "MasterId", - "type": "string" - } - }, - "required": [ - "DetectorId", - "MasterId" - ], - "type": "object" + "Feature": { + "markdownDescription": "The feature that this launch is using.", + "title": "Feature", + "type": "string" }, - "Type": { - "enum": [ - "AWS::GuardDuty::Master" - ], + "GroupName": { + "markdownDescription": "A name for this launch group. It can include up to 127 characters.", + "title": "GroupName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Variation": { + "markdownDescription": "The feature variation to use for this launch group.", + "title": "Variation", "type": "string" } }, "required": [ - "Type", - "Properties" + "Feature", + "GroupName", + "Variation" ], "type": "object" }, - "AWS::GuardDuty::Member": { + "AWS::Evidently::Launch.MetricDefinitionObject": { "additionalProperties": false, "properties": { - "Condition": { + "EntityIdKey": { + "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", + "title": "EntityIdKey", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EventPattern": { + "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", + "title": "EventPattern", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MetricName": { + "markdownDescription": "A name for the metric. It can include up to 255 characters.", + "title": "MetricName", + "type": "string" }, - "Metadata": { - "type": "object" + "UnitLabel": { + "markdownDescription": "A label for the units that the metric is measuring.", + "title": "UnitLabel", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DetectorId": { - "markdownDescription": "The ID of the detector associated with the GuardDuty service to add the member to.", - "title": "DetectorId", - "type": "string" - }, - "DisableEmailNotification": { - "markdownDescription": "Specifies whether or not to disable email notification for the member account that you invite.", - "title": "DisableEmailNotification", - "type": "boolean" - }, - "Email": { - "markdownDescription": "The email address associated with the member account.", - "title": "Email", - "type": "string" - }, - "MemberId": { - "markdownDescription": "The AWS account ID of the account to designate as a member.", - "title": "MemberId", - "type": "string" - }, - "Message": { - "markdownDescription": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members.", - "title": "Message", - "type": "string" - }, - "Status": { - "markdownDescription": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Email" - ], - "type": "object" + "ValueKey": { + "markdownDescription": "The value that is tracked to produce the metric.", + "title": "ValueKey", + "type": "string" + } + }, + "required": [ + "EntityIdKey", + "MetricName", + "ValueKey" + ], + "type": "object" + }, + "AWS::Evidently::Launch.SegmentOverride": { + "additionalProperties": false, + "properties": { + "EvaluationOrder": { + "markdownDescription": "A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first.", + "title": "EvaluationOrder", + "type": "number" }, - "Type": { - "enum": [ - "AWS::GuardDuty::Member" - ], + "Segment": { + "markdownDescription": "The ARN of the segment to use for this override.", + "title": "Segment", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Weights": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + }, + "markdownDescription": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic.", + "title": "Weights", + "type": "array" + } + }, + "required": [ + "EvaluationOrder", + "Segment", + "Weights" + ], + "type": "object" + }, + "AWS::Evidently::Launch.StepConfig": { + "additionalProperties": false, + "properties": { + "GroupWeights": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + }, + "markdownDescription": "An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch.", + "title": "GroupWeights", + "type": "array" + }, + "SegmentOverrides": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.SegmentOverride" + }, + "markdownDescription": "An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age.\n\nFor more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) .", + "title": "SegmentOverrides", + "type": "array" + }, + "StartTime": { + "markdownDescription": "The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z`", + "title": "StartTime", "type": "string" } }, "required": [ - "Type", - "Properties" + "GroupWeights", + "StartTime" ], "type": "object" }, - "AWS::GuardDuty::ThreatIntelSet": { + "AWS::Evidently::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -113620,49 +121315,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", - "title": "Activate", - "type": "boolean" - }, - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create a `ThreatIntelSet` .\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", - "type": "string" + "AppConfigResource": { + "$ref": "#/definitions/AWS::Evidently::Project.AppConfigResourceObject", + "markdownDescription": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission.", + "title": "AppConfigResource" }, - "Format": { - "markdownDescription": "The format of the file that contains the ThreatIntelSet.", - "title": "Format", - "type": "string" + "DataDelivery": { + "$ref": "#/definitions/AWS::Evidently::Project.DataDeliveryObject", + "markdownDescription": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation.", + "title": "DataDelivery" }, - "Location": { - "markdownDescription": "The URI of the file that contains the ThreatIntelSet.", - "title": "Location", + "Description": { + "markdownDescription": "An optional description of the project.", + "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", + "markdownDescription": "The name for the project. It can include up to 127 characters.", "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Assigns one or more tags (key-value pairs) to the project.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a project.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" } }, "required": [ - "Format", - "Location" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::ThreatIntelSet" + "AWS::Evidently::Project" ], "type": "string" }, @@ -113681,27 +121370,62 @@ ], "type": "object" }, - "AWS::GuardDuty::ThreatIntelSet.TagItem": { + "AWS::Evidently::Project.AppConfigResourceObject": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "ApplicationId": { + "markdownDescription": "The ID of the AWS AppConfig application to use for client-side evaluation.", + "title": "ApplicationId", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "EnvironmentId": { + "markdownDescription": "The ID of the AWS AppConfig environment to use for client-side evaluation.", + "title": "EnvironmentId", "type": "string" } }, "required": [ - "Key", - "Value" + "ApplicationId", + "EnvironmentId" ], "type": "object" }, - "AWS::HealthImaging::Datastore": { + "AWS::Evidently::Project.DataDeliveryObject": { + "additionalProperties": false, + "properties": { + "LogGroup": { + "markdownDescription": "If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name.", + "title": "LogGroup", + "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::Evidently::Project.S3Destination", + "markdownDescription": "If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Evidently::Project.S3Destination": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the bucket in which Evidently stores evaluation events.", + "title": "BucketName", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The bucket prefix in which Evidently stores evaluation events.", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::Evidently::Segment": { "additionalProperties": false, "properties": { "Condition": { @@ -113736,33 +121460,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The data store name.", - "title": "DatastoreName", + "Description": { + "markdownDescription": "An optional description for this segment.", + "title": "Description", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data.", - "title": "KmsKeyArn", + "Name": { + "markdownDescription": "A name for the segment.", + "title": "Name", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", + "title": "Pattern", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags provided when creating a data store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", - "type": "object" + "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::HealthImaging::Datastore" + "AWS::Evidently::Segment" ], "type": "string" }, @@ -113776,11 +121505,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore": { + "AWS::FIS::ExperimentTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -113815,48 +121545,84 @@ "Properties": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The data store name (user-generated).", - "title": "DatastoreName", - "type": "string" + "Actions": { + "additionalProperties": false, + "markdownDescription": "The actions for the experiment.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateAction" + } + }, + "title": "Actions", + "type": "object" }, - "DatastoreTypeVersion": { - "markdownDescription": "The FHIR release version supported by the data store. Current support is for version `R4` .", - "title": "DatastoreTypeVersion", + "Description": { + "markdownDescription": "The description for the experiment template.", + "title": "Description", "type": "string" }, - "IdentityProviderConfiguration": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration", - "markdownDescription": "The identity provider configuration selected when the data store was created.", - "title": "IdentityProviderConfiguration" + "ExperimentOptions": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions", + "markdownDescription": "The experiment options for an experiment template.", + "title": "ExperimentOptions" }, - "PreloadDataConfig": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.PreloadDataConfig", - "markdownDescription": "The preloaded Synthea data configuration for the data store.", - "title": "PreloadDataConfig" + "ExperimentReportConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentReportConfiguration", + "markdownDescription": "Describes the report configuration for the experiment template.", + "title": "ExperimentReportConfiguration" }, - "SseConfiguration": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.SseConfiguration", - "markdownDescription": "The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.", - "title": "SseConfiguration" + "LogConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration", + "markdownDescription": "The configuration for experiment logging.", + "title": "LogConfiguration" }, - "Tags": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role.", + "title": "RoleArn", + "type": "string" + }, + "StopConditions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The stop conditions for the experiment.", + "title": "StopConditions", "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags for the experiment template.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Targets": { + "additionalProperties": false, + "markdownDescription": "The targets for the experiment.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget" + } + }, + "title": "Targets", + "type": "object" } }, "required": [ - "DatastoreTypeVersion" + "Description", + "RoleArn", + "StopConditions", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::HealthLake::FHIRDatastore" + "AWS::FIS::ExperimentTemplate" ], "type": "string" }, @@ -113875,284 +121641,319 @@ ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.CreatedAt": { + "AWS::FIS::ExperimentTemplate.CloudWatchDashboard": { "additionalProperties": false, "properties": { - "Nanos": { - "markdownDescription": "", - "title": "Nanos", - "type": "number" - }, - "Seconds": { - "markdownDescription": "", - "title": "Seconds", + "DashboardIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch dashboard to include in the experiment report.", + "title": "DashboardIdentifier", "type": "string" } }, "required": [ - "Nanos", - "Seconds" + "DashboardIdentifier" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration": { + "AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration": { "additionalProperties": false, "properties": { - "AuthorizationStrategy": { - "markdownDescription": "The authorization strategy selected when the HealthLake data store is created.\n\n> HealthLake provides support for both SMART on FHIR V1 and V2 as described below.\n> \n> - `SMART_ON_FHIR_V1` \u2013 Support for only SMART on FHIR V1, which includes `read` (read/search) and `write` (create/update/delete) permissions.\n> - `SMART_ON_FHIR` \u2013 Support for both SMART on FHIR V1 and V2, which includes `create` , `read` , `update` , `delete` , and `search` permissions.\n> - `AWS_AUTH` \u2013 The default HealthLake authorization strategy; not affiliated with SMART on FHIR.", - "title": "AuthorizationStrategy", - "type": "string" - }, - "FineGrainedAuthorizationEnabled": { - "markdownDescription": "The parameter to enable SMART on FHIR fine-grained authorization for the data store.", - "title": "FineGrainedAuthorizationEnabled", - "type": "boolean" - }, - "IdpLambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.", - "title": "IdpLambdaArn", - "type": "string" - }, - "Metadata": { - "markdownDescription": "The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see [Metadata](https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata) in SMART's App Launch specification.\n\n`authorization_endpoint` : The URL to the OAuth2 authorization endpoint.\n\n`grant_types_supported` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are `authorization_code` and `client_credentials` .\n\n`token_endpoint` : The URL to the OAuth2 token endpoint.\n\n`capabilities` : An array of strings of the SMART capabilities that the authorization server supports.\n\n`code_challenge_methods_supported` : An array of strings of supported PKCE code challenge methods. You must include the `S256` method in the array of PKCE code challenge methods.", - "title": "Metadata", + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.", + "title": "LogGroupArn", "type": "string" } }, "required": [ - "AuthorizationStrategy" + "LogGroupArn" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig": { + "AWS::FIS::ExperimentTemplate.DataSources": { "additionalProperties": false, "properties": { - "CmkType": { - "markdownDescription": "The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see [KmsEncryptionConfig](https://docs.aws.amazon.com/healthlake/latest/APIReference/API_KmsEncryptionConfig.html#HealthLake-Type-KmsEncryptionConfig-CmkType) .", - "title": "CmkType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.", - "title": "KmsKeyId", - "type": "string" + "CloudWatchDashboards": { + "items": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchDashboard" + }, + "markdownDescription": "The CloudWatch dashboards to include as data sources in the experiment report.", + "title": "CloudWatchDashboards", + "type": "array" } }, - "required": [ - "CmkType" - ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.PreloadDataConfig": { + "AWS::FIS::ExperimentTemplate.ExperimentReportS3Configuration": { "additionalProperties": false, "properties": { - "PreloadDataType": { - "markdownDescription": "The type of preloaded data. Only Synthea preloaded data is supported.", - "title": "PreloadDataType", + "BucketName": { + "markdownDescription": "The name of the S3 bucket where the experiment report will be stored.", + "title": "BucketName", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix of the S3 bucket where the experiment report will be stored.", + "title": "Prefix", "type": "string" } }, "required": [ - "PreloadDataType" + "BucketName" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.SseConfiguration": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { "additionalProperties": false, "properties": { - "KmsEncryptionConfig": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig", - "markdownDescription": "The server-side encryption key configuration for a customer provided encryption key.", - "title": "KmsEncryptionConfig" - } - }, - "required": [ - "KmsEncryptionConfig" - ], - "type": "object" - }, - "AWS::IAM::AccessKey": { - "additionalProperties": false, - "properties": { - "Condition": { + "ActionId": { + "markdownDescription": "The ID of the action.", + "title": "ActionId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "A description for the action.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the action.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "Parameters", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Serial": { - "markdownDescription": "This value is specific to CloudFormation and can only be *incremented* . Incrementing this value notifies CloudFormation that you want to rotate your access key. When you update your stack, CloudFormation will replace the existing access key with a new key.", - "title": "Serial", - "type": "number" - }, - "Status": { - "markdownDescription": "The status of the access key. `Active` means that the key is valid for API calls, while `Inactive` means it is not.", - "title": "Status", - "type": "string" - }, - "UserName": { - "markdownDescription": "The name of the IAM user that the new key will belong to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "UserName", + "StartAfter": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the action that must be completed before the current action starts.", + "title": "StartAfter", + "type": "array" + }, + "Targets": { + "additionalProperties": true, + "markdownDescription": "The targets for the action.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "UserName" - ], + "title": "Targets", "type": "object" + } + }, + "required": [ + "ActionId" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions": { + "additionalProperties": false, + "properties": { + "AccountTargeting": { + "markdownDescription": "The account targeting setting for an experiment template.", + "title": "AccountTargeting", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IAM::AccessKey" - ], + "EmptyTargetResolutionMode": { + "markdownDescription": "The empty target resolution mode for an experiment template.", + "title": "EmptyTargetResolutionMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentReportConfiguration": { + "additionalProperties": false, + "properties": { + "DataSources": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.DataSources", + "markdownDescription": "The data sources for the experiment report.", + "title": "DataSources" + }, + "Outputs": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.Outputs", + "markdownDescription": "The output destinations of the experiment report.", + "title": "Outputs" + }, + "PostExperimentDuration": { + "markdownDescription": "The duration after the experiment end time for the data sources to include in the report.", + "title": "PostExperimentDuration", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PreExperimentDuration": { + "markdownDescription": "The duration before the experiment start time for the data sources to include in the report.", + "title": "PreExperimentDuration", "type": "string" } }, "required": [ - "Type", - "Properties" + "Outputs" ], "type": "object" }, - "AWS::IAM::Group": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "CloudWatchLogsConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration", + "markdownDescription": "The configuration for experiment logging to CloudWatch Logs .", + "title": "CloudWatchLogsConfiguration" + }, + "LogSchemaVersion": { + "markdownDescription": "The schema version.", + "title": "LogSchemaVersion", + "type": "number" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.S3Configuration", + "markdownDescription": "The configuration for experiment logging to Amazon S3 .", + "title": "S3Configuration" + } + }, + "required": [ + "LogSchemaVersion" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition": { + "additionalProperties": false, + "properties": { + "Source": { + "markdownDescription": "The source for the stop condition.", + "title": "Source", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch alarm, if applicable.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Source" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget": { + "additionalProperties": false, + "properties": { + "Filters": { + "items": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter" + }, + "markdownDescription": "The filters to apply to identify target resources using specific attributes.", + "title": "Filters", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the resource type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "Parameters", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the group to create. Do not include the path in this value.\n\nThe group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "GroupName", - "type": "string" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" - }, - "Path": { - "markdownDescription": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the targets.", + "title": "ResourceArns", + "type": "array" + }, + "ResourceTags": { + "additionalProperties": true, + "markdownDescription": "The tags for the target resources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::Group.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an IAM Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group) .\n\n> The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a group, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", - "title": "Policies", - "type": "array" } }, + "title": "ResourceTags", "type": "object" }, - "Type": { - "enum": [ - "AWS::IAM::Group" - ], + "ResourceType": { + "markdownDescription": "The resource type.", + "title": "ResourceType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectionMode": { + "markdownDescription": "Scopes the identified resources to a specific count or percentage.", + "title": "SelectionMode", "type": "string" } }, "required": [ - "Type" + "ResourceType", + "SelectionMode" ], "type": "object" }, - "AWS::IAM::Group.Policy": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.", - "title": "PolicyDocument", - "type": "object" + "Path": { + "markdownDescription": "The attribute path for the filter.", + "title": "Path", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The attribute values for the filter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Path", + "Values" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.Outputs": { + "additionalProperties": false, + "properties": { + "ExperimentReportS3Configuration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentReportS3Configuration", + "markdownDescription": "The S3 destination for the experiment report.", + "title": "ExperimentReportS3Configuration" + } + }, + "required": [ + "ExperimentReportS3Configuration" + ], + "type": "object" + }, + "AWS::FIS::ExperimentTemplate.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the destination bucket.", + "title": "BucketName", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The bucket prefix.", + "title": "Prefix", "type": "string" } }, "required": [ - "PolicyDocument", - "PolicyName" + "BucketName" ], "type": "object" }, - "AWS::IAM::GroupPolicy": { + "AWS::FIS::TargetAccountConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -114187,31 +121988,37 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", - "title": "GroupName", + "AccountId": { + "markdownDescription": "The AWS account ID of the target account.", + "title": "AccountId", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" + "Description": { + "markdownDescription": "The description of the target account.", + "title": "Description", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", + "ExperimentTemplateId": { + "markdownDescription": "The ID of the experiment template.", + "title": "ExperimentTemplateId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role for the target account.", + "title": "RoleArn", "type": "string" } }, "required": [ - "GroupName", - "PolicyName" + "AccountId", + "ExperimentTemplateId", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::GroupPolicy" + "AWS::FIS::TargetAccountConfiguration" ], "type": "string" }, @@ -114230,7 +122037,7 @@ ], "type": "object" }, - "AWS::IAM::InstanceProfile": { + "AWS::FMS::NotificationChannel": { "additionalProperties": false, "properties": { "Condition": { @@ -114265,33 +122072,26 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceProfileName": { - "markdownDescription": "The name of the instance profile to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "InstanceProfileName", + "SnsRoleName": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity.", + "title": "SnsRoleName", "type": "string" }, - "Path": { - "markdownDescription": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager .", + "title": "SnsTopicArn", "type": "string" - }, - "Roles": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions.", - "title": "Roles", - "type": "array" } }, "required": [ - "Roles" + "SnsRoleName", + "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::InstanceProfile" + "AWS::FMS::NotificationChannel" ], "type": "string" }, @@ -114310,7 +122110,7 @@ ], "type": "object" }, - "AWS::IAM::ManagedPolicy": { + "AWS::FMS::Policy": { "additionalProperties": false, "properties": { "Condition": { @@ -114345,59 +122145,105 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A friendly description of the policy.\n\nTypically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n\nThe policy description is immutable. After a value is assigned, it cannot be changed.", - "title": "Description", + "DeleteAllPolicyResources": { + "markdownDescription": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.", + "title": "DeleteAllPolicyResources", + "type": "boolean" + }, + "ExcludeMap": { + "$ref": "#/definitions/AWS::FMS::Policy.IEMap", + "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", + "title": "ExcludeMap" + }, + "ExcludeResourceTags": { + "markdownDescription": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy.", + "title": "ExcludeResourceTags", + "type": "boolean" + }, + "IncludeMap": { + "$ref": "#/definitions/AWS::FMS::Policy.IEMap", + "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", + "title": "IncludeMap" + }, + "PolicyDescription": { + "markdownDescription": "Your description of the AWS Firewall Manager policy.", + "title": "PolicyDescription", "type": "string" }, - "Groups": { + "PolicyName": { + "markdownDescription": "The name of the AWS Firewall Manager policy.", + "title": "PolicyName", + "type": "string" + }, + "RemediationEnabled": { + "markdownDescription": "Indicates if the policy should be automatically applied to new resources.", + "title": "RemediationEnabled", + "type": "boolean" + }, + "ResourceSetIds": { "items": { "type": "string" }, - "markdownDescription": "The name (friendly name, not ARN) of the group to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Groups", + "markdownDescription": "The unique identifiers of the resource sets used by the policy.", + "title": "ResourceSetIds", "type": "array" }, - "ManagedPolicyName": { - "markdownDescription": "The friendly name of the policy.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "ManagedPolicyName", + "ResourceTagLogicalOperator": { + "markdownDescription": "Specifies whether to combine multiple resource tags with AND, so that a resource must have all tags to be included or excluded, or OR, so that a resource must have at least one tag.\n\nDefault: `AND`", + "title": "ResourceTagLogicalOperator", "type": "string" }, - "Path": { - "markdownDescription": "The path for the policy.\n\nFor more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> You cannot use an asterisk (*) in the path name.", - "title": "Path", - "type": "string" + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::FMS::Policy.ResourceTag" + }, + "markdownDescription": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` .", + "title": "ResourceTags", + "type": "array" }, - "PolicyDocument": { - "markdownDescription": "The JSON policy document that you want to use as the content for the new policy.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and AWS STS character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length) .\n\nTo learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide* .\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" + "ResourceType": { + "markdownDescription": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` .", + "title": "ResourceType", + "type": "string" }, - "Roles": { + "ResourceTypeList": { "items": { "type": "string" }, - "markdownDescription": "The name (friendly name, not ARN) of the role to attach the policy to.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Roles", + "markdownDescription": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` .", + "title": "ResourceTypeList", "type": "array" }, - "Users": { + "ResourcesCleanUp": { + "markdownDescription": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies.", + "title": "ResourcesCleanUp", + "type": "boolean" + }, + "SecurityServicePolicyData": { + "$ref": "#/definitions/AWS::FMS::Policy.SecurityServicePolicyData", + "markdownDescription": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", + "title": "SecurityServicePolicyData" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::FMS::Policy.PolicyTag" }, - "markdownDescription": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Users", + "markdownDescription": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "title": "Tags", "type": "array" } }, "required": [ - "PolicyDocument" + "ExcludeResourceTags", + "PolicyName", + "RemediationEnabled", + "SecurityServicePolicyData" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::ManagedPolicy" + "AWS::FMS::Policy" ], "type": "string" }, @@ -114416,98 +122262,277 @@ ], "type": "object" }, - "AWS::IAM::OIDCProvider": { + "AWS::FMS::Policy.IEMap": { "additionalProperties": false, "properties": { - "Condition": { + "ACCOUNT": { + "items": { + "type": "string" + }, + "markdownDescription": "The account list for the map.", + "title": "ACCOUNT", + "type": "array" + }, + "ORGUNIT": { + "items": { + "type": "string" + }, + "markdownDescription": "The organizational unit list for the map.", + "title": "ORGUNIT", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FMS::Policy.IcmpTypeCode": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "ICMP code.", + "title": "Code", + "type": "number" + }, + "Type": { + "markdownDescription": "ICMP type.", + "title": "Type", + "type": "number" + } + }, + "required": [ + "Code", + "Type" + ], + "type": "object" + }, + "AWS::FMS::Policy.NetworkAclCommonPolicy": { + "additionalProperties": false, + "properties": { + "NetworkAclEntrySet": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntrySet", + "markdownDescription": "The definition of the first and last rules for the network ACL policy.", + "title": "NetworkAclEntrySet" + } + }, + "required": [ + "NetworkAclEntrySet" + ], + "type": "object" + }, + "AWS::FMS::Policy.NetworkAclEntry": { + "additionalProperties": false, + "properties": { + "CidrBlock": { + "markdownDescription": "The IPv4 network range to allow or deny, in CIDR notation.", + "title": "CidrBlock", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Egress": { + "markdownDescription": "Indicates whether the rule is an egress, or outbound, rule (applied to traffic leaving the subnet). If it's not an egress rule, then it's an ingress, or inbound, rule.", + "title": "Egress", + "type": "boolean" + }, + "IcmpTypeCode": { + "$ref": "#/definitions/AWS::FMS::Policy.IcmpTypeCode", + "markdownDescription": "ICMP protocol: The ICMP type and code.", + "title": "IcmpTypeCode" + }, + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation.", + "title": "Ipv6CidrBlock", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PortRange": { + "$ref": "#/definitions/AWS::FMS::Policy.PortRange", + "markdownDescription": "TCP or UDP protocols: The range of ports the rule applies to.", + "title": "PortRange" }, - "Metadata": { - "type": "object" + "Protocol": { + "markdownDescription": "The protocol number. A value of \"-1\" means all protocols.", + "title": "Protocol", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClientIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", - "title": "ClientIdList", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", - "title": "Tags", - "type": "array" - }, - "ThumbprintList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .\n\nThis property is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate.", - "title": "ThumbprintList", - "type": "array" - }, - "Url": { - "markdownDescription": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", - "title": "Url", - "type": "string" - } + "RuleAction": { + "markdownDescription": "Indicates whether to allow or deny the traffic that matches the rule.", + "title": "RuleAction", + "type": "string" + } + }, + "required": [ + "Egress", + "Protocol", + "RuleAction" + ], + "type": "object" + }, + "AWS::FMS::Policy.NetworkAclEntrySet": { + "additionalProperties": false, + "properties": { + "FirstEntries": { + "items": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntry" }, - "required": [ - "ThumbprintList" - ], - "type": "object" + "markdownDescription": "The rules that you want to run first in the Firewall Manager managed network ACLs.\n\n> Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. \n\nYou must specify at least one first entry or one last entry in any network ACL policy.", + "title": "FirstEntries", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IAM::OIDCProvider" - ], + "ForceRemediateForFirstEntries": { + "markdownDescription": "Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries.\n\nIf forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* .", + "title": "ForceRemediateForFirstEntries", + "type": "boolean" + }, + "ForceRemediateForLastEntries": { + "markdownDescription": "Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries.\n\nIf forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* .", + "title": "ForceRemediateForLastEntries", + "type": "boolean" + }, + "LastEntries": { + "items": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntry" + }, + "markdownDescription": "The rules that you want to run last in the Firewall Manager managed network ACLs.\n\n> Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. \n\nYou must specify at least one first entry or one last entry in any network ACL policy.", + "title": "LastEntries", + "type": "array" + } + }, + "required": [ + "ForceRemediateForFirstEntries", + "ForceRemediateForLastEntries" + ], + "type": "object" + }, + "AWS::FMS::Policy.NetworkFirewallPolicy": { + "additionalProperties": false, + "properties": { + "FirewallDeploymentModel": { + "markdownDescription": "Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .", + "title": "FirewallDeploymentModel", "type": "string" + } + }, + "required": [ + "FirewallDeploymentModel" + ], + "type": "object" + }, + "AWS::FMS::Policy.PolicyOption": { + "additionalProperties": false, + "properties": { + "NetworkAclCommonPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclCommonPolicy", + "markdownDescription": "Defines a Firewall Manager network ACL policy.", + "title": "NetworkAclCommonPolicy" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NetworkFirewallPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkFirewallPolicy", + "markdownDescription": "Defines the deployment model to use for the firewall policy.", + "title": "NetworkFirewallPolicy" + }, + "ThirdPartyFirewallPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.ThirdPartyFirewallPolicy", + "markdownDescription": "Defines the policy options for a third-party firewall policy.", + "title": "ThirdPartyFirewallPolicy" + } + }, + "type": "object" + }, + "AWS::FMS::Policy.PolicyTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key", + "Value" ], "type": "object" }, - "AWS::IAM::Policy": { + "AWS::FMS::Policy.PortRange": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The beginning port number of the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The ending port number of the range.", + "title": "To", + "type": "number" + } + }, + "required": [ + "From", + "To" + ], + "type": "object" + }, + "AWS::FMS::Policy.ResourceTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The resource tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The resource tag value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + }, + "AWS::FMS::Policy.SecurityServicePolicyData": { + "additionalProperties": false, + "properties": { + "ManagedServiceData": { + "markdownDescription": "Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", + "title": "ManagedServiceData", + "type": "string" + }, + "PolicyOption": { + "$ref": "#/definitions/AWS::FMS::Policy.PolicyOption", + "markdownDescription": "Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy.", + "title": "PolicyOption" + }, + "Type": { + "markdownDescription": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::FMS::Policy.ThirdPartyFirewallPolicy": { + "additionalProperties": false, + "properties": { + "FirewallDeploymentModel": { + "markdownDescription": "Defines the deployment model to use for the third-party firewall policy.", + "title": "FirewallDeploymentModel", + "type": "string" + } + }, + "required": [ + "FirewallDeploymentModel" + ], + "type": "object" + }, + "AWS::FMS::ResourceSet": { "additionalProperties": false, "properties": { "Condition": { @@ -114542,50 +122567,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Groups": { + "Description": { + "markdownDescription": "A description of the resource set.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The descriptive name of the resource set. You can't change the name of a resource set after you create it.", + "title": "Name", + "type": "string" + }, + "ResourceTypeList": { "items": { "type": "string" }, - "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", - "title": "Groups", + "markdownDescription": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list.", + "title": "ResourceTypeList", "type": "array" }, - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" - }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", - "type": "string" - }, - "Roles": { + "Resources": { "items": { "type": "string" }, - "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Roles", + "markdownDescription": "", + "title": "Resources", "type": "array" }, - "Users": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Users", + "markdownDescription": "", + "title": "Tags", "type": "array" } }, "required": [ - "PolicyDocument", - "PolicyName" + "Name", + "ResourceTypeList" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::Policy" + "AWS::FMS::ResourceSet" ], "type": "string" }, @@ -114604,7 +122629,7 @@ ], "type": "object" }, - "AWS::IAM::Role": { + "AWS::FSx::DataRepositoryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -114639,69 +122664,55 @@ "Properties": { "additionalProperties": false, "properties": { - "AssumeRolePolicyDocument": { - "markdownDescription": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples) . For more information about the elements that you can use in an IAM policy, see [IAM Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *IAM User Guide* .", - "title": "AssumeRolePolicyDocument", - "type": "object" + "BatchImportMetaDataOnCreate": { + "markdownDescription": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to `true` .", + "title": "BatchImportMetaDataOnCreate", + "type": "boolean" }, - "Description": { - "markdownDescription": "A description of the role that you provide.", - "title": "Description", + "DataRepositoryPath": { + "markdownDescription": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format `s3://myBucket/myPrefix/` . This path specifies where in the S3 data repository files will be imported from or exported to.", + "title": "DataRepositoryPath", "type": "string" }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" - }, - "MaxSessionDuration": { - "markdownDescription": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n\nAnyone who assumes the role from the AWS CLI or API can use the `DurationSeconds` API parameter or the `duration-seconds` AWS CLI parameter to request a longer session. The `MaxSessionDuration` setting determines the maximum duration that can be requested using the `DurationSeconds` parameter. If users don't specify a value for the `DurationSeconds` parameter, their security credentials are valid for one hour by default. This applies when you use the `AssumeRole*` API operations or the `assume-role*` AWS CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide* .", - "title": "MaxSessionDuration", - "type": "number" - }, - "Path": { - "markdownDescription": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "FileSystemId": { + "markdownDescription": "The ID of the file system on which the data repository association is configured.", + "title": "FileSystemId", "type": "string" }, - "PermissionsBoundary": { - "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role.\n\nFor more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .", - "title": "PermissionsBoundary", + "FileSystemPath": { + "markdownDescription": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as `/ns1/` ) or subdirectory (such as `/ns1/subdir/` ) that will be mapped 1-1 with `DataRepositoryPath` . The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/` , then you cannot link another data repository with file system path `/ns1/ns2` .\n\nThis path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n\n> If you specify only a forward slash ( `/` ) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system.", + "title": "FileSystemPath", "type": "string" }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::Role.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Policies", - "type": "array" + "ImportedFileChunkSize": { + "markdownDescription": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.", + "title": "ImportedFileChunkSize", + "type": "number" }, - "RoleName": { - "markdownDescription": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "RoleName", - "type": "string" + "S3": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.S3", + "markdownDescription": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.", + "title": "S3" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", "title": "Tags", "type": "array" } }, "required": [ - "AssumeRolePolicyDocument" + "DataRepositoryPath", + "FileSystemId", + "FileSystemPath" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::Role" + "AWS::FSx::DataRepositoryAssociation" ], "type": "string" }, @@ -114720,27 +122731,57 @@ ], "type": "object" }, - "AWS::IAM::Role.Policy": { + "AWS::FSx::DataRepositoryAssociation.AutoExportPolicy": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", - "title": "PolicyDocument", - "type": "object" - }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", - "type": "string" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The `AutoExportPolicy` can have the following event values:\n\n- `NEW` - New files and directories are automatically exported to the data repository as they are added to the file system.\n- `CHANGED` - Changes to files and directories on the file system are automatically exported to the data repository.\n- `DELETED` - Files and directories are automatically deleted on the data repository when they are deleted on the file system.\n\nYou can define any combination of event types for your `AutoExportPolicy` .", + "title": "Events", + "type": "array" } }, "required": [ - "PolicyDocument", - "PolicyName" + "Events" ], "type": "object" }, - "AWS::IAM::RolePolicy": { + "AWS::FSx::DataRepositoryAssociation.AutoImportPolicy": { + "additionalProperties": false, + "properties": { + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The `AutoImportPolicy` can have the following event values:\n\n- `NEW` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `CHANGED` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository.\n- `DELETED` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository.\n\nYou can define any combination of event types for your `AutoImportPolicy` .", + "title": "Events", + "type": "array" + } + }, + "required": [ + "Events" + ], + "type": "object" + }, + "AWS::FSx::DataRepositoryAssociation.S3": { + "additionalProperties": false, + "properties": { + "AutoExportPolicy": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoExportPolicy", + "markdownDescription": "Describes a data repository association's automatic export policy. The `AutoExportPolicy` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file.\n\nThe `AutoExportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", + "title": "AutoExportPolicy" + }, + "AutoImportPolicy": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoImportPolicy", + "markdownDescription": "Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket.\n\nThe `AutoImportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", + "title": "AutoImportPolicy" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem": { "additionalProperties": false, "properties": { "Condition": { @@ -114775,31 +122816,90 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" + "BackupId": { + "markdownDescription": "The ID of the file system backup that you are using to create a file system. For more information, see [CreateFileSystemFromBackup](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html) .", + "title": "BackupId", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", + "FileSystemType": { + "markdownDescription": "The type of Amazon FSx file system, which can be `LUSTRE` , `WINDOWS` , `ONTAP` , or `OPENZFS` .", + "title": "FileSystemType", "type": "string" }, - "RoleName": { - "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "RoleName", + "FileSystemTypeVersion": { + "markdownDescription": "For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are `2.10` , `2.12` , and `2.15` :\n\n- `2.10` is supported by the Scratch and Persistent_1 Lustre deployment types.\n- `2.12` is supported by all Lustre deployment types, except for `PERSISTENT_2` with a metadata configuration mode.\n- `2.15` is supported by all Lustre deployment types and is recommended for all new file systems.\n\nDefault value is `2.10` , except for the following deployments:\n\n- Default value is `2.12` when `DeploymentType` is set to `PERSISTENT_2` without a metadata configuration mode.\n- Default value is `2.15` when `DeploymentType` is set to `PERSISTENT_2` with a metadata configuration mode.", + "title": "FileSystemTypeVersion", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server\n\nIf this ID isn't specified, the Amazon FSx-managed key for your account is used. For more information, see [Encrypt](https://docs.aws.amazon.com//kms/latest/APIReference/API_Encrypt.html) in the *AWS Key Management Service API Reference* .", + "title": "KmsKeyId", + "type": "string" + }, + "LustreConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.LustreConfiguration", + "markdownDescription": "The Lustre configuration for the file system being created. This configuration is required if the `FileSystemType` is set to `LUSTRE` .\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", + "title": "LustreConfiguration" + }, + "OntapConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.OntapConfiguration", + "markdownDescription": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating. This configuration is required if the `FileSystemType` is set to `ONTAP` .", + "title": "OntapConfiguration" + }, + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.OpenZFSConfiguration", + "markdownDescription": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating. This configuration is required if the `FileSystemType` is set to `OPENZFS` .", + "title": "OpenZFSConfiguration" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", + "title": "SecurityGroupIds", + "type": "array" + }, + "StorageCapacity": { + "markdownDescription": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", + "title": "StorageCapacity", + "type": "number" + }, + "StorageType": { + "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type and for Lustre file systems with the Persistent_2 deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [FSx for Lustre storage classes](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html#lustre-storage-classes) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageType", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", + "title": "Tags", + "type": "array" + }, + "WindowsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.WindowsConfiguration", + "markdownDescription": "The configuration object for the Microsoft Windows file system you are creating. This configuration is required if `FileSystemType` is set to `WINDOWS` .", + "title": "WindowsConfiguration" } }, "required": [ - "PolicyName", - "RoleName" + "FileSystemType", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::RolePolicy" + "AWS::FSx::FileSystem" ], "type": "string" }, @@ -114818,400 +122918,546 @@ ], "type": "object" }, - "AWS::IAM::SAMLProvider": { + "AWS::FSx::FileSystem.AuditLogConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AuditLogDestination": { + "markdownDescription": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN.\n\nThe name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehose delivery stream must begin with the `aws-fsx` prefix.\n\nThe destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose delivery stream) must be in the same AWS partition, AWS Region , and AWS account as your Amazon FSx file system.", + "title": "AuditLogDestination", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FileAccessAuditLogLevel": { + "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file and folder accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access files or folders are logged.\n- `FAILURE_ONLY` - only failed attempts to access files or folders are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access files or folders are logged.\n- `DISABLED` - access auditing of files and folders is turned off.", + "title": "FileAccessAuditLogLevel", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Name", - "type": "string" - }, - "SamlMetadataDocument": { - "markdownDescription": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*", - "title": "SamlMetadataDocument", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", - "title": "Tags", - "type": "array" - } + "FileShareAccessAuditLogLevel": { + "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file share accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access file shares are logged.\n- `FAILURE_ONLY` - only failed attempts to access file shares are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access file shares are logged.\n- `DISABLED` - access auditing of file shares is turned off.", + "title": "FileShareAccessAuditLogLevel", + "type": "string" + } + }, + "required": [ + "FileAccessAuditLogLevel", + "FileShareAccessAuditLogLevel" + ], + "type": "object" + }, + "AWS::FSx::FileSystem.ClientConfigurations": { + "additionalProperties": false, + "properties": { + "Clients": { + "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", + "title": "Clients", + "type": "string" + }, + "Options": { + "items": { + "type": "string" }, - "required": [ - "SamlMetadataDocument" - ], - "type": "object" + "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", + "title": "Options", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.DataReadCacheConfiguration": { + "additionalProperties": false, + "properties": { + "SizeGiB": { + "markdownDescription": "Required if `SizingMode` is set to `USER_PROVISIONED` . Specifies the size of the file system's SSD read cache, in gibibytes (GiB).", + "title": "SizeGiB", + "type": "number" }, - "Type": { - "enum": [ - "AWS::IAM::SAMLProvider" - ], + "SizingMode": { + "markdownDescription": "Specifies how the provisioned SSD read cache is sized, as follows:\n\n- Set to `NO_CACHE` if you do not want to use an SSD read cache with your Intelligent-Tiering file system.\n- Set to `USER_PROVISIONED` to specify the exact size of your SSD read cache.\n- Set to `PROPORTIONAL_TO_THROUGHPUT_CAPACITY` to have your SSD read cache automatically sized based on your throughput capacity.", + "title": "SizingMode", "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.DiskIopsConfiguration": { + "additionalProperties": false, + "properties": { + "Iops": { + "markdownDescription": "The total number of SSD IOPS provisioned for the file system.\n\nThe minimum and maximum values for this property depend on the value of `HAPairs` and `StorageCapacity` . The minimum value is calculated as `StorageCapacity` * 3 * `HAPairs` (3 IOPS per GB of `StorageCapacity` ). The maximum value is calculated as 200,000 * `HAPairs` .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) if the value of `Iops` is outside of the minimum or maximum values.", + "title": "Iops", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Mode": { + "markdownDescription": "Specifies whether the file system is using the `AUTOMATIC` setting of SSD IOPS of 3 IOPS per GB of storage capacity, or if it using a `USER_PROVISIONED` value.", + "title": "Mode", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IAM::ServerCertificate": { + "AWS::FSx::FileSystem.LustreConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AutoImportPolicy": { + "markdownDescription": "(Optional) When you create your file system, your existing S3 objects appear as file and directory listings. Use this property to choose how Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. `AutoImportPolicy` can have the following values:\n\n- `NONE` - (Default) AutoImport is off. Amazon FSx only updates file and directory listings from the linked S3 bucket when the file system is created. FSx does not update file and directory listings for any new or changed objects after choosing this option.\n- `NEW` - AutoImport is on. Amazon FSx automatically imports directory listings of any new objects added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `NEW_CHANGED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket and any existing objects that are changed in the S3 bucket after you choose this option.\n- `NEW_CHANGED_DELETED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket, any existing objects that are changed in the S3 bucket, and any objects that were deleted in the S3 bucket.\n\nFor more information, see [Automatically import updates from your S3 bucket](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) .\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "AutoImportPolicy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `0` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "CopyTagsToBackups": { + "markdownDescription": "(Optional) Not available for use with file systems that are linked to a data repository. A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. If `CopyTagsToBackups` is set to true, all file system tags are copied to all automatic and user-initiated backups when the user doesn't specify any backup-specific tags. If `CopyTagsToBackups` is set to true and you specify one or more backup tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.\n\n(Default = `false` )\n\nFor more information, see [Working with backups](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-backups-fsx.html) in the *Amazon FSx for Lustre User Guide* .", + "title": "CopyTagsToBackups", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DataCompressionType": { + "markdownDescription": "Sets the data compression configuration for the file system. `DataCompressionType` can have the following values:\n\n- `NONE` - (Default) Data compression is turned off when the file system is created.\n- `LZ4` - Data compression is turned on with the LZ4 algorithm.\n\nFor more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* .", + "title": "DataCompressionType", + "type": "string" }, - "Metadata": { - "type": "object" + "DataReadCacheConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DataReadCacheConfiguration", + "markdownDescription": "Specifies the optional provisioned SSD read cache on FSx for Lustre file systems that use the Intelligent-Tiering storage class. Required when `StorageType` is set to `INTELLIGENT_TIERING` .", + "title": "DataReadCacheConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CertificateBody": { - "markdownDescription": "The contents of the public key certificate.", - "title": "CertificateBody", - "type": "string" - }, - "CertificateChain": { - "markdownDescription": "The contents of the public key certificate chain.", - "title": "CertificateChain", - "type": "string" - }, - "Path": { - "markdownDescription": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` ).", - "title": "Path", - "type": "string" - }, - "PrivateKey": { - "markdownDescription": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PrivateKey", - "type": "string" - }, - "ServerCertificateName": { - "markdownDescription": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "ServerCertificateName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "DeploymentType": { + "markdownDescription": "(Optional) Choose `SCRATCH_1` and `SCRATCH_2` deployment types when you need temporary storage and shorter-term processing of data. The `SCRATCH_2` deployment type provides in-transit encryption of data and higher burst throughput capacity than `SCRATCH_1` .\n\nChoose `PERSISTENT_1` for longer-term storage and for throughput-focused workloads that aren\u2019t latency-sensitive. `PERSISTENT_1` supports encryption of data in transit, and is available in all AWS Regions in which FSx for Lustre is available.\n\nChoose `PERSISTENT_2` for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. `PERSISTENT_2` supports the SSD and Intelligent-Tiering storage classes. You can optionally specify a metadata configuration mode for `PERSISTENT_2` which supports increasing metadata performance. `PERSISTENT_2` is available in a limited number of AWS Regions . For more information, and an up-to-date list of AWS Regions in which `PERSISTENT_2` is available, see [Deployment and storage class options for FSx for Lustre file systems](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html) in the *Amazon FSx for Lustre User Guide* .\n\n> If you choose `PERSISTENT_2` , and you set `FileSystemTypeVersion` to `2.10` , the `CreateFileSystem` operation fails. \n\nEncryption of data in transit is automatically turned on when you access `SCRATCH_2` , `PERSISTENT_1` , and `PERSISTENT_2` file systems from Amazon EC2 instances that support automatic encryption in the AWS Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see [Encrypting data in transit](https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) in the *Amazon FSx for Lustre User Guide* .\n\n(Default = `SCRATCH_1` )", + "title": "DeploymentType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IAM::ServerCertificate" - ], + "DriveCacheType": { + "markdownDescription": "The type of drive cache used by `PERSISTENT_1` file systems that are provisioned with HDD storage devices. This parameter is required when storage type is HDD. Set this property to `READ` to improve the performance for frequently accessed files by caching up to 20% of the total storage capacity of the file system.\n\nThis parameter is required when `StorageType` is set to `HDD` and `DeploymentType` is `PERSISTENT_1` .", + "title": "DriveCacheType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EfaEnabled": { + "markdownDescription": "(Optional) Specifies whether Elastic Fabric Adapter (EFA) and GPUDirect Storage (GDS) support is enabled for the Amazon FSx for Lustre file system.\n\n(Default = `false` )", + "title": "EfaEnabled", + "type": "boolean" + }, + "ExportPath": { + "markdownDescription": "(Optional) Specifies the path in the Amazon S3 bucket where the root of your Amazon FSx file system is exported. The path must use the same Amazon S3 bucket as specified in ImportPath. You can provide an optional prefix to which new and changed data is to be exported from your Amazon FSx for Lustre file system. If an `ExportPath` value is not provided, Amazon FSx sets a default export path, `s3://import-bucket/FSxLustre[creation-timestamp]` . The timestamp is in UTC format, for example `s3://import-bucket/FSxLustre20181105T222312Z` .\n\nThe Amazon S3 export bucket must be the same as the import bucket specified by `ImportPath` . If you specify only a bucket name, such as `s3://import-bucket` , you get a 1:1 mapping of file system objects to S3 bucket objects. This mapping means that the input data in S3 is overwritten on export. If you provide a custom prefix in the export path, such as `s3://import-bucket/[custom-optional-prefix]` , Amazon FSx exports the contents of your file system to that export prefix in the Amazon S3 bucket.\n\n> This parameter is not supported for file systems with a data repository association.", + "title": "ExportPath", + "type": "string" + }, + "ImportPath": { + "markdownDescription": "(Optional) The path to the Amazon S3 bucket (including the optional prefix) that you're using as the data repository for your Amazon FSx for Lustre file system. The root of your FSx for Lustre file system will be mapped to the root of the Amazon S3 bucket you select. An example is `s3://import-bucket/optional-prefix` . If you specify a prefix after the Amazon S3 bucket name, only object keys with that prefix are loaded into the file system.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "ImportPath", + "type": "string" + }, + "ImportedFileChunkSize": { + "markdownDescription": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "ImportedFileChunkSize", + "type": "number" + }, + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.MetadataConfiguration", + "markdownDescription": "The Lustre metadata performance configuration for the creation of an FSx for Lustre file system using a `PERSISTENT_2` deployment type.", + "title": "MetadataConfiguration" + }, + "PerUnitStorageThroughput": { + "markdownDescription": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", + "title": "PerUnitStorageThroughput", + "type": "number" + }, + "ThroughputCapacity": { + "markdownDescription": "Specifies the throughput of an FSx for Lustre file system using the Intelligent-Tiering storage class, measured in megabytes per second (MBps). Valid values are 4000 MBps or multiples of 4000 MBps. You pay for the amount of throughput that you provision.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::IAM::ServiceLinkedRole": { + "AWS::FSx::FileSystem.MetadataConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Iops": { + "markdownDescription": "The number of Metadata IOPS provisioned for the file system.", + "title": "Iops", + "type": "number" + }, + "Mode": { + "markdownDescription": "Specifies whether the file system is using the AUTOMATIC setting of metadata IOPS or if it is using a USER_PROVISIONED value.", + "title": "Mode", "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.NfsExports": { + "additionalProperties": false, + "properties": { + "ClientConfigurations": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.ClientConfigurations" + }, + "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", + "title": "ClientConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.OntapConfiguration": { + "additionalProperties": false, + "properties": { + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DeploymentType": { + "markdownDescription": "Specifies the FSx for ONTAP file system deployment type to use in creating the file system.\n\n- `MULTI_AZ_1` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. This is a first-generation FSx for ONTAP file system.\n- `MULTI_AZ_2` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary AZ unavailability. This is a second-generation FSx for ONTAP file system.\n- `SINGLE_AZ_1` - A file system configured for Single-AZ redundancy. This is a first-generation FSx for ONTAP file system.\n- `SINGLE_AZ_2` - A file system configured with multiple high-availability (HA) pairs for Single-AZ redundancy. This is a second-generation FSx for ONTAP file system.\n\nFor information about the use cases for Multi-AZ and Single-AZ deployments, refer to [Choosing a file system deployment type](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-AZ.html) .", + "title": "DeploymentType", + "type": "string" }, - "Metadata": { - "type": "object" + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS configuration for the FSx for ONTAP file system.", + "title": "DiskIopsConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AWSServiceName": { - "markdownDescription": "The service principal for the AWS service to which this role is attached. You use a string similar to a URL but without the http:// in front. For example: `elasticbeanstalk.amazonaws.com` .\n\nService principals are unique and case-sensitive. To find the exact service principal for your service-linked role, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the *IAM User Guide* . Look for the services that have *Yes* in the *Service-Linked Role* column. Choose the *Yes* link to view the service-linked role documentation for that service.", - "title": "AWSServiceName", - "type": "string" - }, - "CustomSuffix": { - "markdownDescription": "A string that you provide, which is combined with the service-provided prefix to form the complete role name. If you make multiple requests for the same service, then you must supply a different `CustomSuffix` for each request. Otherwise the request fails with a duplicate role name error. For example, you could add `-1` or `-debug` to the suffix.\n\nSome services do not support the `CustomSuffix` parameter. If you provide an optional suffix and the operation fails, try the operation again without the suffix.", - "title": "CustomSuffix", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the role.", - "title": "Description", - "type": "string" - } - }, - "type": "object" + "EndpointIpAddressRange": { + "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API, Amazon FSx selects an unused IP address range for you from the 198.19.* range. By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses from the VPC\u2019s primary CIDR range to use as the endpoint IP address range for the file system. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", + "title": "EndpointIpAddressRange", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IAM::ServiceLinkedRole" - ], + "FsxAdminPassword": { + "markdownDescription": "The ONTAP administrative password for the `fsxadmin` user with which you administer your file system using the NetApp ONTAP CLI and REST API.", + "title": "FsxAdminPassword", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HAPairs": { + "markdownDescription": "Specifies how many high-availability (HA) pairs of file servers will power your file system. First-generation file systems are powered by 1 HA pair. Second-generation multi-AZ file systems are powered by 1 HA pair. Second generation single-AZ file systems are powered by up to 12 HA pairs. The default value is 1. The value of this property affects the values of `StorageCapacity` , `Iops` , and `ThroughputCapacity` . For more information, see [High-availability (HA) pairs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/administering-file-systems.html#HA-pairs) in the FSx for ONTAP user guide. Block storage protocol support (iSCSI and NVMe over TCP) is disabled on file systems with more than 6 HA pairs. For more information, see [Using block storage protocols](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/supported-fsx-clients.html#using-block-storage) .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `HAPairs` is less than 1 or greater than 12.\n- The value of `HAPairs` is greater than 1 and the value of `DeploymentType` is `SINGLE_AZ_1` , `MULTI_AZ_1` , or `MULTI_AZ_2` .", + "title": "HAPairs", + "type": "number" + }, + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` or `MULTI_AZ_2` . This specifies the subnet in which you want the preferred file server to be located.", + "title": "PreferredSubnetId", + "type": "string" + }, + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n\n> Amazon FSx manages these route tables for Multi-AZ file systems using tag-based authentication. These route tables are tagged with `Key: AmazonFSx; Value: ManagedByAmazonFSx` . When creating FSx for ONTAP Multi-AZ file systems using AWS CloudFormation we recommend that you add the `Key: AmazonFSx; Value: ManagedByAmazonFSx` tag manually.", + "title": "RouteTableIds", + "type": "array" + }, + "ThroughputCapacity": { + "markdownDescription": "Sets the throughput capacity for the file system that you're creating in megabytes per second (MBps). For more information, see [Managing throughput capacity](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) in the FSx for ONTAP User Guide.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value.\n- The value of `ThroughputCapacity` when divided by the value of `HAPairs` is outside of the valid range for `ThroughputCapacity` .", + "title": "ThroughputCapacity", + "type": "number" + }, + "ThroughputCapacityPerHAPair": { + "markdownDescription": "Use to choose the throughput capacity per HA pair, rather than the total throughput for the file system.\n\nYou can define either the `ThroughputCapacityPerHAPair` or the `ThroughputCapacity` when creating a file system, but not both.\n\nThis field and `ThroughputCapacity` are the same for file systems powered by one HA pair.\n\n- For `SINGLE_AZ_1` and `MULTI_AZ_1` file systems, valid values are 128, 256, 512, 1024, 2048, or 4096 MBps.\n- For `SINGLE_AZ_2` , valid values are 1536, 3072, or 6144 MBps.\n- For `MULTI_AZ_2` , valid values are 384, 768, 1536, 3072, or 6144 MBps.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value for file systems with one HA pair.\n- The value of deployment type is `SINGLE_AZ_2` and `ThroughputCapacity` / `ThroughputCapacityPerHAPair` is not a valid HA pair (a value between 1 and 12).\n- The value of `ThroughputCapacityPerHAPair` is not a valid value.", + "title": "ThroughputCapacityPerHAPair", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", "type": "string" } }, "required": [ - "Type" + "DeploymentType" ], "type": "object" }, - "AWS::IAM::User": { + "AWS::FSx::FileSystem.OpenZFSConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "CopyTagsToBackups": { + "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to backups. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToBackups", + "type": "boolean" + }, + "CopyTagsToVolumes": { + "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to volumes. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to volumes where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to volumes. If you specify one or more tags when creating the volume, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToVolumes", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeploymentType": { + "markdownDescription": "Specifies the file system deployment type. Valid values are the following:\n\n- `MULTI_AZ_1` - Creates file systems with high availability and durability by replicating your data and supporting failover across multiple Availability Zones in the same AWS Region .\n- `SINGLE_AZ_HA_2` - Creates file systems with high availability and throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_HA_1` - Creates file systems with high availability and throughput capacities of 64 - 4,096 MB/s by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_2` - Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache that automatically recover within a single Availability Zone.\n- `SINGLE_AZ_1` - Creates file systems with throughput capacities of 64 - 4,096 MBs that automatically recover within a single Availability Zone.\n\nFor a list of which AWS Regions each deployment type is available in, see [Deployment type availability](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) . For more information on the differences in performance between deployment types, see [File system performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "DeploymentType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS file system. By default, Amazon FSx automatically provisions 3 IOPS per GB of storage capacity. You can provision additional IOPS per GB of storage. The configuration consists of the total number of provisioned SSD IOPS and how it is was provisioned, or the mode (by the customer or by Amazon FSx).", + "title": "DiskIopsConfiguration" }, - "Metadata": { - "type": "object" + "EndpointIpAddressRange": { + "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API and Amazon FSx console, Amazon FSx selects an available /28 IP address range for you from one of the VPC's CIDR ranges. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", + "title": "EndpointIpAddressRange", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of group names to which you want to add the user.", - "title": "Groups", - "type": "array" - }, - "LoginProfile": { - "$ref": "#/definitions/AWS::IAM::User.LoginProfile", - "markdownDescription": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the AWS Management Console .\n\nYou can use the AWS CLI , the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the AWS Management Console .\n\nFor more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *IAM User Guide* .", - "title": "LoginProfile" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" - }, - "Path": { - "markdownDescription": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", - "type": "string" - }, - "PermissionsBoundary": { - "markdownDescription": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n\nA permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\nFor more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide* .", - "title": "PermissionsBoundary", - "type": "string" - }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::User.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an IAM User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user) .\n\n> The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a user, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", - "title": "Policies", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", - "title": "Tags", - "type": "array" - }, - "UserName": { - "markdownDescription": "The name of the user to create. Do not include the path in this value.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "UserName", - "type": "string" - } + "Options": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "To delete a file system if there are child volumes present below the root volume, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` . If your file system has child volumes and you don't use this option, the delete request will fail.", + "title": "Options", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IAM::User" - ], + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located.", + "title": "PreferredSubnetId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ReadCacheConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.ReadCacheConfiguration", + "markdownDescription": "Specifies the optional provisioned SSD read cache on file systems that use the Intelligent-Tiering storage class.", + "title": "ReadCacheConfiguration" + }, + "RootVolumeConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.RootVolumeConfiguration", + "markdownDescription": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", + "title": "RootVolumeConfiguration" + }, + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", + "title": "RouteTableIds", + "type": "array" + }, + "ThroughputCapacity": { + "markdownDescription": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Required if you are creating a new file system.\n\nValid values depend on the `DeploymentType` that you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", "type": "string" } }, "required": [ - "Type" + "DeploymentType" ], "type": "object" }, - "AWS::IAM::User.LoginProfile": { + "AWS::FSx::FileSystem.ReadCacheConfiguration": { + "additionalProperties": false, + "properties": { + "SizeGiB": { + "markdownDescription": "Required if `SizingMode` is set to `USER_PROVISIONED` . Specifies the size of the file system's SSD read cache, in gibibytes (GiB).", + "title": "SizeGiB", + "type": "number" + }, + "SizingMode": { + "markdownDescription": "Specifies how the provisioned SSD read cache is sized, as follows:\n\n- Set to `NO_CACHE` if you do not want to use an SSD read cache with your Intelligent-Tiering file system.\n- Set to `USER_PROVISIONED` to specify the exact size of your SSD read cache.\n- Set to `PROPORTIONAL_TO_THROUGHPUT_CAPACITY` to have your SSD read cache automatically sized based on your throughput capacity.", + "title": "SizingMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.RootVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "CopyTagsToSnapshots": { + "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots of the volume. This value defaults to `false` . If it's set to `true` , all tags for the volume are copied to snapshots where the user doesn't specify tags. If this value is `true` and you specify one or more tags, only the specified tags are copied to snapshots. If you specify one or more tags when creating the snapshot, no tags are copied from the volume, regardless of this value.", + "title": "CopyTagsToSnapshots", + "type": "boolean" + }, + "DataCompressionType": { + "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", + "title": "DataCompressionType", + "type": "string" + }, + "NfsExports": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.NfsExports" + }, + "markdownDescription": "The configuration object for mounting a file system.", + "title": "NfsExports", + "type": "array" + }, + "ReadOnly": { + "markdownDescription": "A Boolean value indicating whether the volume is read-only. Setting this value to `true` can be useful after you have completed changes to a volume and no longer want changes to occur.", + "title": "ReadOnly", + "type": "boolean" + }, + "RecordSizeKiB": { + "markdownDescription": "Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB. The default is 128 KiB. Most workloads should use the default record size. Database workflows can benefit from a smaller record size, while streaming workflows can benefit from a larger record size. For additional guidance on setting a custom record size, see [Tips for maximizing performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#performance-tips-zfs) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "RecordSizeKiB", + "type": "number" + }, + "UserAndGroupQuotas": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.UserAndGroupQuotas" + }, + "markdownDescription": "An object specifying how much storage users or groups can use on the volume.", + "title": "UserAndGroupQuotas", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration": { "additionalProperties": false, "properties": { + "DnsIps": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", + "title": "DnsIps", + "type": "array" + }, + "DomainName": { + "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", + "title": "DomainName", + "type": "string" + }, + "FileSystemAdministratorsGroup": { + "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", + "title": "FileSystemAdministratorsGroup", + "type": "string" + }, + "OrganizationalUnitDistinguishedName": { + "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", + "title": "OrganizationalUnitDistinguishedName", + "type": "string" + }, "Password": { - "markdownDescription": "The user's password.", + "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", "title": "Password", "type": "string" }, - "PasswordResetRequired": { - "markdownDescription": "Specifies whether the user is required to set a new password on next sign-in.", - "title": "PasswordResetRequired", - "type": "boolean" + "UserName": { + "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", + "title": "UserName", + "type": "string" } }, - "required": [ - "Password" - ], "type": "object" }, - "AWS::IAM::User.Policy": { + "AWS::FSx::FileSystem.UserAndGroupQuotas": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", - "title": "PolicyDocument", - "type": "object" + "Id": { + "markdownDescription": "The ID of the user or group that the quota applies to.", + "title": "Id", + "type": "number" }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", + "StorageCapacityQuotaGiB": { + "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", + "title": "StorageCapacityQuotaGiB", + "type": "number" + }, + "Type": { + "markdownDescription": "Specifies whether the quota applies to a user or group.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.WindowsConfiguration": { + "additionalProperties": false, + "properties": { + "ActiveDirectoryId": { + "markdownDescription": "The ID for an existing AWS Managed Microsoft Active Directory (AD) instance that the file system should join when it's created. Required if you are joining the file system to an existing AWS Managed Microsoft AD.", + "title": "ActiveDirectoryId", + "type": "string" + }, + "Aliases": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of one or more DNS alias names that you want to associate with the Amazon FSx file system. Aliases allow you to use existing DNS names to access the data in your Amazon FSx file system. You can associate up to 50 aliases with a file system at any time.\n\nFor more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) and [Walkthrough 5: Using DNS aliases to access your file system](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/walkthrough05-file-system-custom-CNAME.html) , including additional steps you must take to be able to access your file system using a DNS alias.\n\nAn alias name has to meet the following requirements:\n\n- Formatted as a fully-qualified domain name (FQDN), `hostname.domain` , for example, `accounting.example.com` .\n- Can contain alphanumeric characters, the underscore (_), and the hyphen (-).\n- Cannot start or end with a hyphen.\n- Can start with a numeric.\n\nFor DNS alias names, Amazon FSx stores alphabetical characters as lowercase letters (a-z), regardless of how you specify them: as uppercase letters, lowercase letters, or the corresponding letters in escape codes.", + "title": "Aliases", + "type": "array" + }, + "AuditLogConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.AuditLogConfiguration", + "markdownDescription": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system.", + "title": "AuditLogConfiguration" + }, + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "CopyTagsToBackups": { + "markdownDescription": "A boolean flag indicating whether tags for the file system should be copied to backups. This value defaults to false. If it's set to true, all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToBackups", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Specifies the file system deployment type, valid values are the following:\n\n- `MULTI_AZ_1` - Deploys a high availability file system that is configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. You can only deploy a Multi-AZ file system in AWS Regions that have a minimum of three Availability Zones. Also supports HDD storage type\n- `SINGLE_AZ_1` - (Default) Choose to deploy a file system that is configured for single AZ redundancy.\n- `SINGLE_AZ_2` - The latest generation Single AZ file system. Specifies a file system that is configured for single AZ redundancy and supports HDD storage type.\n\nFor more information, see [Availability and Durability: Single-AZ and Multi-AZ File Systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) .", + "title": "DeploymentType", + "type": "string" + }, + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", + "title": "DiskIopsConfiguration" + }, + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", + "title": "PreferredSubnetId", + "type": "string" + }, + "SelfManagedActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration", + "markdownDescription": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [Using Amazon FSx for Windows with your self-managed Microsoft Active Directory](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) or [Managing FSx for ONTAP SVMs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) .", + "title": "SelfManagedActiveDirectoryConfiguration" + }, + "ThroughputCapacity": { + "markdownDescription": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.", + "title": "WeeklyMaintenanceStartTime", "type": "string" } }, "required": [ - "PolicyDocument", - "PolicyName" + "ThroughputCapacity" ], "type": "object" }, - "AWS::IAM::UserPolicy": { + "AWS::FSx::S3AccessPointAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -115246,31 +123492,37 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" - }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", + "Name": { + "markdownDescription": "The name of the S3 access point attachment; also used for the name of the S3 access point.", + "title": "Name", "type": "string" }, - "UserName": { - "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "UserName", + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPointOpenZFSConfiguration", + "markdownDescription": "The OpenZFSConfiguration of the S3 access point attachment.", + "title": "OpenZFSConfiguration" + }, + "S3AccessPoint": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPoint", + "markdownDescription": "The S3 access point configuration of the S3 access point attachment.", + "title": "S3AccessPoint" + }, + "Type": { + "markdownDescription": "The type of Amazon FSx volume that the S3 access point is attached to.", + "title": "Type", "type": "string" } }, "required": [ - "PolicyName", - "UserName" + "Name", + "OpenZFSConfiguration", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::UserPolicy" + "AWS::FSx::S3AccessPointAttachment" ], "type": "string" }, @@ -115289,83 +123541,129 @@ ], "type": "object" }, - "AWS::IAM::UserToGroupAddition": { + "AWS::FSx::S3AccessPointAttachment.FileSystemGID": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Gid": { + "markdownDescription": "The GID of the file system user.", + "title": "Gid", + "type": "number" + } + }, + "required": [ + "Gid" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.OpenZFSFileSystemIdentity": { + "additionalProperties": false, + "properties": { + "PosixUser": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.OpenZFSPosixFileSystemUser", + "markdownDescription": "Specifies the UID and GIDs of the file system POSIX user.", + "title": "PosixUser" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Specifies the FSx for OpenZFS user identity type, accepts only `POSIX` .", + "title": "Type", "type": "string" + } + }, + "required": [ + "PosixUser", + "Type" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.OpenZFSPosixFileSystemUser": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The GID of the file system user.", + "title": "Gid", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SecondaryGids": { + "items": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.FileSystemGID" + }, + "markdownDescription": "The list of secondary GIDs for the file system user.", + "title": "SecondaryGids", + "type": "array" }, - "Metadata": { - "type": "object" + "Uid": { + "markdownDescription": "The UID of the file system user.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.S3AccessPoint": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "The S3 access point's alias.", + "title": "Alias", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the group to update.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "GroupName", - "type": "string" - }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the names of the users that you want to add to the group.", - "title": "Users", - "type": "array" - } - }, - "required": [ - "GroupName", - "Users" - ], + "Policy": { + "markdownDescription": "The S3 access point's policy.", + "title": "Policy", "type": "object" }, - "Type": { - "enum": [ - "AWS::IAM::UserToGroupAddition" - ], + "ResourceARN": { + "markdownDescription": "The S3 access point's ARN.", + "title": "ResourceARN", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VpcConfiguration": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPointVpcConfiguration", + "markdownDescription": "The S3 access point's virtual private cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.S3AccessPointOpenZFSConfiguration": { + "additionalProperties": false, + "properties": { + "FileSystemIdentity": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.OpenZFSFileSystemIdentity", + "markdownDescription": "The file system identity used to authorize file access requests made using the S3 access point.", + "title": "FileSystemIdentity" + }, + "VolumeId": { + "markdownDescription": "The ID of the FSx for OpenZFS volume that the S3 access point is attached to.", + "title": "VolumeId", "type": "string" } }, "required": [ - "Type", - "Properties" + "FileSystemIdentity", + "VolumeId" ], "type": "object" }, - "AWS::IAM::VirtualMFADevice": { + "AWS::FSx::S3AccessPointAttachment.S3AccessPointVpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "Specifies the virtual private cloud (VPC) for the S3 access point VPC configuration, if one exists.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "VpcId" + ], + "type": "object" + }, + "AWS::FSx::Snapshot": { "additionalProperties": false, "properties": { "Condition": { @@ -115400,41 +123698,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "Name": { + "markdownDescription": "The name of the snapshot.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", "title": "Tags", "type": "array" }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM user associated with this virtual MFA device.", - "title": "Users", - "type": "array" - }, - "VirtualMfaDeviceName": { - "markdownDescription": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "VirtualMfaDeviceName", + "VolumeId": { + "markdownDescription": "The ID of the volume that the snapshot is of.", + "title": "VolumeId", "type": "string" } }, "required": [ - "Users" + "Name", + "VolumeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::VirtualMFADevice" + "AWS::FSx::Snapshot" ], "type": "string" }, @@ -115453,7 +123744,7 @@ ], "type": "object" }, - "AWS::IVS::Channel": { + "AWS::FSx::StorageVirtualMachine": { "additionalProperties": false, "properties": { "Condition": { @@ -115488,55 +123779,49 @@ "Properties": { "additionalProperties": false, "properties": { - "Authorized": { - "markdownDescription": "Whether the channel is authorized.\n\n*Default* : `false`", - "title": "Authorized", - "type": "boolean" - }, - "InsecureIngest": { - "markdownDescription": "Whether the channel allows insecure RTMP ingest.\n\n*Default* : `false`", - "title": "InsecureIngest", - "type": "boolean" + "ActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration", + "markdownDescription": "Describes the Microsoft Active Directory configuration to which the SVM is joined, if applicable.", + "title": "ActiveDirectoryConfiguration" }, - "LatencyMode": { - "markdownDescription": "Channel latency mode. Valid values:\n\n- `NORMAL` : Use NORMAL to broadcast and deliver live video up to Full HD.\n- `LOW` : Use LOW for near real-time interactions with viewers.\n\n> In the console, `LOW` and `NORMAL` correspond to `Ultra-low` and `Standard` , respectively. \n\n*Default* : `LOW`", - "title": "LatencyMode", + "FileSystemId": { + "markdownDescription": "Specifies the FSx for ONTAP file system on which to create the SVM.", + "title": "FileSystemId", "type": "string" }, "Name": { - "markdownDescription": "Channel name.", + "markdownDescription": "The name of the SVM.", "title": "Name", "type": "string" }, - "Preset": { - "markdownDescription": "An optional transcode preset for the channel. This is selectable only for `ADVANCED_HD` and `ADVANCED_SD` channel types. For those channel types, the default preset is `HIGHER_BANDWIDTH_DELIVERY` . For other channel types ( `BASIC` and `STANDARD` ), `preset` is the empty string (\"\").", - "title": "Preset", + "RootVolumeSecurityStyle": { + "markdownDescription": "The security style of the root volume of the SVM. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Microsoft Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Microsoft Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style.html) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "RootVolumeSecurityStyle", "type": "string" }, - "RecordingConfigurationArn": { - "markdownDescription": "The ARN of a RecordingConfiguration resource. An empty string indicates that recording is disabled for the channel. A RecordingConfiguration ARN indicates that recording is enabled using the specified recording configuration. See the [RecordingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ivs-recordingconfiguration.html) resource for more information and an example.\n\n*Default* : \"\" (empty string, recording is disabled)", - "title": "RecordingConfigurationArn", + "SvmAdminPassword": { + "markdownDescription": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's `fsxadmin` user to manage the SVM. For more information, see [Managing SVMs using the NetApp ONTAP CLI](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-resources-ontap-apps.html#vsadmin-ontap-cli) in the *FSx for ONTAP User Guide* .", + "title": "SvmAdminPassword", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-channel-tag.html) .", + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The channel type, which determines the allowable resolution and bitrate. *If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately.* For details, see [Channel Types](https://docs.aws.amazon.com/ivs/latest/LowLatencyAPIReference/channel-types.html) .\n\n*Default* : `STANDARD`", - "title": "Type", - "type": "string" } }, + "required": [ + "FileSystemId", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::Channel" + "AWS::FSx::StorageVirtualMachine" ], "type": "string" }, @@ -115550,11 +123835,67 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVS::EncoderConfiguration": { + "AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration": { + "additionalProperties": false, + "properties": { + "NetBiosName": { + "markdownDescription": "The NetBIOS name of the Active Directory computer object that will be created for your SVM.", + "title": "NetBiosName", + "type": "string" + }, + "SelfManagedActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration", + "markdownDescription": "The configuration that Amazon FSx uses to join the ONTAP storage virtual machine (SVM) to your self-managed (including on-premises) Microsoft Active Directory directory.", + "title": "SelfManagedActiveDirectoryConfiguration" + } + }, + "type": "object" + }, + "AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration": { + "additionalProperties": false, + "properties": { + "DnsIps": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", + "title": "DnsIps", + "type": "array" + }, + "DomainName": { + "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", + "title": "DomainName", + "type": "string" + }, + "FileSystemAdministratorsGroup": { + "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", + "title": "FileSystemAdministratorsGroup", + "type": "string" + }, + "OrganizationalUnitDistinguishedName": { + "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", + "title": "OrganizationalUnitDistinguishedName", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", + "title": "Password", + "type": "string" + }, + "UserName": { + "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", + "title": "UserName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::Volume": { "additionalProperties": false, "properties": { "Condition": { @@ -115589,30 +123930,48 @@ "Properties": { "additionalProperties": false, "properties": { + "BackupId": { + "markdownDescription": "Specifies the ID of the volume backup to use to create a new volume.", + "title": "BackupId", + "type": "string" + }, "Name": { - "markdownDescription": "Encoder cnfiguration name.", + "markdownDescription": "The name of the volume.", "title": "Name", "type": "string" }, + "OntapConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.OntapConfiguration", + "markdownDescription": "The configuration of an Amazon FSx for NetApp ONTAP volume.", + "title": "OntapConfiguration" + }, + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.OpenZFSConfiguration", + "markdownDescription": "The configuration of an Amazon FSx for OpenZFS volume.", + "title": "OpenZFSConfiguration" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-tag.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "Video": { - "$ref": "#/definitions/AWS::IVS::EncoderConfiguration.Video", - "markdownDescription": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps. See the [Video](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-video.html) property type for more information.", - "title": "Video" + "VolumeType": { + "markdownDescription": "The type of the volume.", + "title": "VolumeType", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::EncoderConfiguration" + "AWS::FSx::Volume" ], "type": "string" }, @@ -115626,449 +123985,383 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVS::EncoderConfiguration.Video": { + "AWS::FSx::Volume.AggregateConfiguration": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "Bitrate for generated output, in bps. Default: 2500000.", - "title": "Bitrate", - "type": "number" - }, - "Framerate": { - "markdownDescription": "Video frame rate, in fps. Default: 30.", - "title": "Framerate", - "type": "number" - }, - "Height": { - "markdownDescription": "Video-resolution height. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720.", - "title": "Height", - "type": "number" + "Aggregates": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregates that this volume resides on. Aggregates are storage pools which make up your primary storage tier. Each high-availability (HA) pair has one aggregate. The names of the aggregates map to the names of the aggregates in the ONTAP CLI and REST API. For FlexVols, there will always be a single entry.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The strings in the value of `Aggregates` are not are not formatted as `aggrX` , where X is a number between 1 and 12.\n- The value of `Aggregates` contains aggregates that are not present.\n- One or more of the aggregates supplied are too close to the volume limit to support adding more volumes.", + "title": "Aggregates", + "type": "array" }, - "Width": { - "markdownDescription": "Video-resolution width. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280.", - "title": "Width", + "ConstituentsPerAggregate": { + "markdownDescription": "Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. This field is optional when creating a FlexGroup volume. If unspecified, the default value will be 8. This field cannot be provided when creating a FlexVol volume.", + "title": "ConstituentsPerAggregate", "type": "number" } }, "type": "object" }, - "AWS::IVS::PlaybackKeyPair": { + "AWS::FSx::Volume.AutocommitPeriod": { "additionalProperties": false, "properties": { - "Condition": { + "Type": { + "markdownDescription": "Defines the type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. The default value is `NONE` .", + "title": "Type", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "Defines the amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. The following ranges are valid:\n\n- `Minutes` : 5 - 65,535\n- `Hours` : 1 - 65,535\n- `Days` : 1 - 3,650\n- `Months` : 1 - 120\n- `Years` : 1 - 10", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::FSx::Volume.ClientConfigurations": { + "additionalProperties": false, + "properties": { + "Clients": { + "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", + "title": "Clients", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Playback-key-pair name. The value does not need to be unique.", - "title": "Name", - "type": "string" - }, - "PublicKeyMaterial": { - "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PlaybackKeyPair resource.", - "title": "PublicKeyMaterial", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackkeypair-tag.html) .", - "title": "Tags", - "type": "array" - } + "Options": { + "items": { + "type": "string" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IVS::PlaybackKeyPair" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", + "title": "Options", + "type": "array" } }, "required": [ - "Type" + "Clients", + "Options" ], "type": "object" }, - "AWS::IVS::PlaybackRestrictionPolicy": { + "AWS::FSx::Volume.NfsExports": { "additionalProperties": false, "properties": { - "Condition": { + "ClientConfigurations": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.ClientConfigurations" + }, + "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", + "title": "ClientConfigurations", + "type": "array" + } + }, + "required": [ + "ClientConfigurations" + ], + "type": "object" + }, + "AWS::FSx::Volume.OntapConfiguration": { + "additionalProperties": false, + "properties": { + "AggregateConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.AggregateConfiguration", + "markdownDescription": "Used to specify the configuration options for an FSx for ONTAP volume's storage aggregate or aggregates.", + "title": "AggregateConfiguration" + }, + "CopyTagsToBackups": { + "markdownDescription": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to false. If it's set to true, all tags for the volume are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the volume, regardless of this value.", + "title": "CopyTagsToBackups", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "JunctionPath": { + "markdownDescription": "Specifies the location in the SVM's namespace where the volume is mounted. This parameter is required. The `JunctionPath` must have a leading forward slash, such as `/vol3` .", + "title": "JunctionPath", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "OntapVolumeType": { + "markdownDescription": "Specifies the type of volume you are creating. Valid values are the following:\n\n- `RW` specifies a read/write volume. `RW` is the default.\n- `DP` specifies a data-protection volume. A `DP` volume is read-only and can be used as the destination of a NetApp SnapMirror relationship.\n\nFor more information, see [Volume types](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-types) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "OntapVolumeType", + "type": "string" }, - "Metadata": { - "type": "object" + "SecurityStyle": { + "markdownDescription": "Specifies the security style for the volume. If a volume's security style is not specified, it is automatically set to the root volume's security style. The security style determines the type of permissions that FSx for ONTAP uses to control data access. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see the topic [What the security styles and their effects are](https://docs.aws.amazon.com/https://docs.netapp.com/us-en/ontap/nfs-admin/security-styles-their-effects-concept.html) in the NetApp Documentation Center.\n\nFor more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-security-style) in the FSx for ONTAP User Guide.", + "title": "SecurityStyle", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedCountries": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of country codes that control geoblocking restrictions. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array).", - "title": "AllowedCountries", - "type": "array" - }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\"](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)", - "title": "AllowedOrigins", - "type": "array" - }, - "EnableStrictOriginEnforcement": { - "markdownDescription": "Whether channel playback is constrained by the origin site.", - "title": "EnableStrictOriginEnforcement", - "type": "boolean" - }, - "Name": { - "markdownDescription": "Playback-restriction-policy name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackrestrictionpolicy-tag.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AllowedCountries", - "AllowedOrigins" - ], - "type": "object" + "SizeInBytes": { + "markdownDescription": "Specifies the configured size of the volume, in bytes.", + "title": "SizeInBytes", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IVS::PlaybackRestrictionPolicy" - ], + "SizeInMegabytes": { + "markdownDescription": "Use `SizeInBytes` instead. Specifies the size of the volume, in megabytes (MB), that you are creating.", + "title": "SizeInMegabytes", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SnaplockConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.SnaplockConfiguration", + "markdownDescription": "The SnapLock configuration object for an FSx for ONTAP SnapLock volume.", + "title": "SnaplockConfiguration" + }, + "SnapshotPolicy": { + "markdownDescription": "Specifies the snapshot policy for the volume. There are three built-in snapshot policies:\n\n- `default` : This is the default policy. A maximum of six hourly snapshots taken five minutes past the hour. A maximum of two daily snapshots taken Monday through Saturday at 10 minutes after midnight. A maximum of two weekly snapshots taken every Sunday at 15 minutes after midnight.\n- `default-1weekly` : This policy is the same as the `default` policy except that it only retains one snapshot from the weekly schedule.\n- `none` : This policy does not take any snapshots. This policy can be assigned to volumes to prevent automatic snapshots from being taken.\n\nYou can also provide the name of a custom policy that you created with the ONTAP CLI or REST API.\n\nFor more information, see [Snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "SnapshotPolicy", + "type": "string" + }, + "StorageEfficiencyEnabled": { + "markdownDescription": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume, or set to false to disable them.\n\n`StorageEfficiencyEnabled` is required when creating a `RW` volume ( `OntapVolumeType` set to `RW` ).", + "title": "StorageEfficiencyEnabled", + "type": "string" + }, + "StorageVirtualMachineId": { + "markdownDescription": "Specifies the ONTAP SVM in which to create the volume.", + "title": "StorageVirtualMachineId", + "type": "string" + }, + "TieringPolicy": { + "$ref": "#/definitions/AWS::FSx::Volume.TieringPolicy", + "markdownDescription": "Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent tiering automatically transitions a volume's data between the file system's primary storage and capacity pool storage based on your access patterns.\n\nValid tiering policies are the following:\n\n- `SNAPSHOT_ONLY` - (Default value) moves cold snapshots to the capacity pool storage tier.\n\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", + "title": "TieringPolicy" + }, + "VolumeStyle": { + "markdownDescription": "Use to specify the style of an ONTAP volume. FSx for ONTAP offers two styles of volumes that you can use for different purposes, FlexVol and FlexGroup volumes. For more information, see [Volume styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-styles) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "VolumeStyle", "type": "string" } }, "required": [ - "Type", - "Properties" + "StorageVirtualMachineId" ], "type": "object" }, - "AWS::IVS::RecordingConfiguration": { + "AWS::FSx::Volume.OpenZFSConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CopyTagsToSnapshots": { + "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots. This value defaults to `false` . If this value is set to `true` , and you do not specify any tags, all tags for the original volume are copied over to snapshots. If this value is\u00a0set to `true` , and you do specify one or more tags, only the specified tags for the original volume are copied over to snapshots. If you specify one or more tags when creating a new snapshot, no tags are copied over from the original volume, regardless of this value.", + "title": "CopyTagsToSnapshots", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataCompressionType": { + "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", + "title": "DataCompressionType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "NfsExports": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.NfsExports" + }, + "markdownDescription": "The configuration object for mounting a Network File System (NFS) file system.", + "title": "NfsExports", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DestinationConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.DestinationConfiguration", - "markdownDescription": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information.", - "title": "DestinationConfiguration" - }, - "Name": { - "markdownDescription": "Recording-configuration name. The value does not need to be unique.", - "title": "Name", - "type": "string" - }, - "RecordingReconnectWindowSeconds": { - "markdownDescription": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n\n*Default* : `0`", - "title": "RecordingReconnectWindowSeconds", - "type": "number" - }, - "RenditionConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.RenditionConfiguration", - "markdownDescription": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information.", - "title": "RenditionConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-tag.html) .", - "title": "Tags", - "type": "array" - }, - "ThumbnailConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.ThumbnailConfiguration", - "markdownDescription": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information.", - "title": "ThumbnailConfiguration" - } + "Options": { + "items": { + "type": "string" }, - "required": [ - "DestinationConfiguration" - ], - "type": "object" + "markdownDescription": "To delete the volume's child volumes, snapshots, and clones, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` .", + "title": "Options", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IVS::RecordingConfiguration" - ], - "type": "string" + "OriginSnapshot": { + "$ref": "#/definitions/AWS::FSx::Volume.OriginSnapshot", + "markdownDescription": "The configuration object that specifies the snapshot to use as the origin of the data for the volume.", + "title": "OriginSnapshot" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ParentVolumeId": { + "markdownDescription": "The ID of the volume to use as the parent volume of the volume that you are creating.", + "title": "ParentVolumeId", "type": "string" + }, + "ReadOnly": { + "markdownDescription": "A Boolean value indicating whether the volume is read-only.", + "title": "ReadOnly", + "type": "boolean" + }, + "RecordSizeKiB": { + "markdownDescription": "Specifies the suggested block size for a volume in a ZFS dataset, in kibibytes (KiB). For file systems using the Intelligent-Tiering storage class, valid values are 128, 256, 512, 1024, 2048, or 4096 KiB, with a default of 1024 KiB. For all other file systems, valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB, with a default of 128 KiB. We recommend using the default setting for the majority of use cases. Generally, workloads that write in fixed small or large record sizes may benefit from setting a custom record size, like database workloads (small record size) or media streaming workloads (large record size). For additional guidance on when to set a custom record size, see [ZFS Record size](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#record-size-performance) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "RecordSizeKiB", + "type": "number" + }, + "StorageCapacityQuotaGiB": { + "markdownDescription": "Sets the maximum storage size in gibibytes (GiB) for the volume. You can specify a quota that is larger than the storage on the parent volume. A volume quota limits the amount of storage that the volume can consume to the configured amount, but does not guarantee the space will be available on the parent volume. To guarantee quota space, you must also set `StorageCapacityReservationGiB` . To *not* specify a storage capacity quota, set this to `-1` .\n\nFor more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageCapacityQuotaGiB", + "type": "number" + }, + "StorageCapacityReservationGiB": { + "markdownDescription": "Specifies the amount of storage in gibibytes (GiB) to reserve from the parent volume. Setting `StorageCapacityReservationGiB` guarantees that the specified amount of storage space on the parent volume will always be available for the volume. You can't reserve more storage than the parent volume has. To *not* specify a storage capacity reservation, set this to `0` or `-1` . For more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageCapacityReservationGiB", + "type": "number" + }, + "UserAndGroupQuotas": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.UserAndGroupQuotas" + }, + "markdownDescription": "Configures how much storage users and groups can use on the volume.", + "title": "UserAndGroupQuotas", + "type": "array" } }, "required": [ - "Type", - "Properties" + "ParentVolumeId" ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { + "AWS::FSx::Volume.OriginSnapshot": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.S3DestinationConfiguration", - "markdownDescription": "An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information.", - "title": "S3" + "CopyStrategy": { + "markdownDescription": "Specifies the strategy used when copying data from the snapshot to the new volume.\n\n- `CLONE` - The new volume references the data in the origin snapshot. Cloning a snapshot is faster than copying data from the snapshot to a new volume and doesn't consume disk throughput. However, the origin snapshot can't be deleted if there is a volume using its copied data.\n- `FULL_COPY` - Copies all data from the snapshot to the new volume.\n\nSpecify this option to create the volume from a snapshot on another FSx for OpenZFS file system.\n\n> The `INCREMENTAL_COPY` option is only for updating an existing volume by using a snapshot from another FSx for OpenZFS file system. For more information, see [CopySnapshotAndUpdateVolume](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html) .", + "title": "CopyStrategy", + "type": "string" + }, + "SnapshotARN": { + "markdownDescription": "Specifies the snapshot to use when creating an OpenZFS volume from a snapshot.", + "title": "SnapshotARN", + "type": "string" } }, + "required": [ + "CopyStrategy", + "SnapshotARN" + ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.RenditionConfiguration": { + "AWS::FSx::Volume.RetentionPeriod": { "additionalProperties": false, "properties": { - "RenditionSelection": { - "markdownDescription": "The set of renditions are recorded for a stream. For `BASIC` channels, the `CUSTOM` value has no effect. If `CUSTOM` is specified, a set of renditions can be specified in the `renditions` field. Default: `ALL` .", - "title": "RenditionSelection", + "Type": { + "markdownDescription": "Defines the type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE` , the files are retained forever. If you set it to `UNSPECIFIED` , the files are retained until you set an explicit retention period.", + "title": "Type", "type": "string" }, - "Renditions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of which renditions are recorded for a stream, if `renditionSelection` is `CUSTOM` ; otherwise, this field is irrelevant. The selected renditions are recorded if they are available during the stream. If a selected rendition is unavailable, the best available rendition is recorded. For details on the resolution dimensions of each rendition, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", - "title": "Renditions", - "type": "array" + "Value": { + "markdownDescription": "Defines the amount of time for the retention period of an FSx for ONTAP SnapLock volume. You can't set a value for `INFINITE` or `UNSPECIFIED` . For all other options, the following ranges are valid:\n\n- `Seconds` : 0 - 65,535\n- `Minutes` : 0 - 65,535\n- `Hours` : 0 - 24\n- `Days` : 0 - 365\n- `Months` : 0 - 12\n- `Years` : 0 - 100", + "title": "Value", + "type": "number" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.S3DestinationConfiguration": { + "AWS::FSx::Volume.SnaplockConfiguration": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Location (S3 bucket name) where recorded videos will be stored.", - "title": "BucketName", + "AuditLogVolume": { + "markdownDescription": "Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false` . If you set `AuditLogVolume` to `true` , the SnapLock volume is created as an audit log volume. The minimum retention period for an audit log volume is six months.\n\nFor more information, see [SnapLock audit log volumes](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume) .", + "title": "AuditLogVolume", + "type": "string" + }, + "AutocommitPeriod": { + "$ref": "#/definitions/AWS::FSx::Volume.AutocommitPeriod", + "markdownDescription": "The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume.", + "title": "AutocommitPeriod" + }, + "PrivilegedDelete": { + "markdownDescription": "Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock administrators to delete write once, read many (WORM) files even if they have active retention periods. `PERMANENTLY_DISABLED` is a terminal state. If privileged delete is permanently disabled on a SnapLock volume, you can't re-enable it. The default value is `DISABLED` .\n\nFor more information, see [Privileged delete](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete) .", + "title": "PrivilegedDelete", + "type": "string" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::FSx::Volume.SnaplockRetentionPeriod", + "markdownDescription": "Specifies the retention period of an FSx for ONTAP SnapLock volume.", + "title": "RetentionPeriod" + }, + "SnaplockType": { + "markdownDescription": "Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. You can choose one of the following retention modes:\n\n- `COMPLIANCE` : Files transitioned to write once, read many (WORM) on a Compliance volume can't be deleted until their retention periods expire. This retention mode is used to address government or industry-specific mandates or to protect against ransomware attacks. For more information, see [SnapLock Compliance](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html) .\n- `ENTERPRISE` : Files transitioned to WORM on an Enterprise volume can be deleted by authorized users before their retention periods expire using privileged delete. This retention mode is used to advance an organization's data integrity and internal compliance or to test retention settings before using SnapLock Compliance. For more information, see [SnapLock Enterprise](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html) .", + "title": "SnaplockType", + "type": "string" + }, + "VolumeAppendModeEnabled": { + "markdownDescription": "Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. Volume-append mode allows you to create WORM-appendable files and write data to them incrementally. The default value is `false` .\n\nFor more information, see [Volume-append mode](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append) .", + "title": "VolumeAppendModeEnabled", "type": "string" } }, "required": [ - "BucketName" + "SnaplockType" ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.ThumbnailConfiguration": { + "AWS::FSx::Volume.SnaplockRetentionPeriod": { "additionalProperties": false, "properties": { - "RecordingMode": { - "markdownDescription": "Thumbnail recording mode. Valid values:\n\n- `DISABLED` : Use DISABLED to disable the generation of thumbnails for recorded video.\n- `INTERVAL` : Use INTERVAL to enable the generation of thumbnails for recorded video at a time interval controlled by the [TargetIntervalSeconds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-targetintervalseconds) property.\n\n*Default* : `INTERVAL`", - "title": "RecordingMode", - "type": "string" - }, - "Resolution": { - "markdownDescription": "The desired resolution of recorded thumbnails for a stream. Thumbnails are recorded at the selected resolution if the corresponding rendition is available during the stream; otherwise, they are recorded at source resolution. For more information about resolution values and their corresponding height and width dimensions, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", - "title": "Resolution", - "type": "string" + "DefaultRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period.", + "title": "DefaultRetention" }, - "Storage": { - "items": { - "type": "string" - }, - "markdownDescription": "The format in which thumbnails are recorded for a stream. `SEQUENTIAL` records all generated thumbnails in a serial manner, to the media/thumbnails directory. `LATEST` saves the latest thumbnail in media/thumbnails/latest/thumb.jpg and overwrites it at the interval specified by `targetIntervalSeconds` . You can enable both `SEQUENTIAL` and `LATEST` . Default: `SEQUENTIAL` .", - "title": "Storage", - "type": "array" + "MaximumRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", + "title": "MaximumRetention" }, - "TargetIntervalSeconds": { - "markdownDescription": "The targeted thumbnail-generation interval in seconds. This is configurable (and required) only if [RecordingMode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-recordingmode) is `INTERVAL` .\n\n> Setting a value for `TargetIntervalSeconds` does not guarantee that thumbnails are generated at the specified interval. For thumbnails to be generated at the `TargetIntervalSeconds` interval, the `IDR/Keyframe` value for the input video must be less than the `TargetIntervalSeconds` value. See [Amazon IVS Streaming Configuration](https://docs.aws.amazon.com/ivs/latest/LowLatencyUserGuide/streaming-config.html) for information on setting `IDR/Keyframe` to the recommended value in video-encoder settings. \n\n*Default* : 60", - "title": "TargetIntervalSeconds", - "type": "number" + "MinimumRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", + "title": "MinimumRetention" } }, + "required": [ + "DefaultRetention", + "MaximumRetention", + "MinimumRetention" + ], "type": "object" }, - "AWS::IVS::Stage": { + "AWS::FSx::Volume.TieringPolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CoolingPeriod": { + "markdownDescription": "Specifies the number of days that user data in a volume must remain inactive before it is considered \"cold\" and moved to the capacity pool. Used with the `AUTO` and `SNAPSHOT_ONLY` tiering policies. Enter a whole number between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY` .", + "title": "CoolingPeriod", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "Specifies the tiering policy used to transition data. Default value is `SNAPSHOT_ONLY` .\n\n- `SNAPSHOT_ONLY` - moves cold snapshots to the capacity pool storage tier.\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", + "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::Volume.UserAndGroupQuotas": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the user or group that the quota applies to.", + "title": "Id", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Stage name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-stage-tag.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "StorageCapacityQuotaGiB": { + "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", + "title": "StorageCapacityQuotaGiB", + "type": "number" }, "Type": { - "enum": [ - "AWS::IVS::Stage" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "Specifies whether the quota applies to a user or group.", + "title": "Type", "type": "string" } }, "required": [ + "Id", + "StorageCapacityQuotaGiB", "Type" ], "type": "object" }, - "AWS::IVS::StorageConfiguration": { + "AWS::FinSpace::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -116103,33 +124396,53 @@ "Properties": { "additionalProperties": false, "properties": { + "Description": { + "markdownDescription": "The description of the FinSpace environment.", + "title": "Description", + "type": "string" + }, + "FederationMode": { + "markdownDescription": "The authentication mode for the environment.", + "title": "FederationMode", + "type": "string" + }, + "FederationParameters": { + "$ref": "#/definitions/AWS::FinSpace::Environment.FederationParameters", + "markdownDescription": "Configuration information when authentication mode is FEDERATED.", + "title": "FederationParameters" + }, + "KmsKeyId": { + "markdownDescription": "The KMS key id used to encrypt in the FinSpace environment.", + "title": "KmsKeyId", + "type": "string" + }, "Name": { - "markdownDescription": "Storage cnfiguration name.", + "markdownDescription": "The name of the FinSpace environment.", "title": "Name", "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::IVS::StorageConfiguration.S3StorageConfiguration", - "markdownDescription": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information.", - "title": "S3" + "SuperuserParameters": { + "$ref": "#/definitions/AWS::FinSpace::Environment.SuperuserParameters", + "markdownDescription": "Configuration information for the superuser.", + "title": "SuperuserParameters" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-tag.html) .", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "S3" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::StorageConfiguration" + "AWS::FinSpace::Environment" ], "type": "string" }, @@ -116148,96 +124461,83 @@ ], "type": "object" }, - "AWS::IVS::StorageConfiguration.S3StorageConfiguration": { + "AWS::FinSpace::Environment.AttributeMapItems": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the S3 bucket where recorded video will be stored.", - "title": "BucketName", + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::IVS::StreamKey": { + "AWS::FinSpace::Environment.FederationParameters": { "additionalProperties": false, "properties": { - "Condition": { + "ApplicationCallBackURL": { + "markdownDescription": "The redirect or sign-in URL that should be entered into the SAML 2.0 compliant identity provider configuration (IdP).", + "title": "ApplicationCallBackURL", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttributeMap": { + "items": { + "$ref": "#/definitions/AWS::FinSpace::Environment.AttributeMapItems" + }, + "markdownDescription": "SAML attribute name and value. The name must always be `Email` and the value should be set to the attribute definition in which user email is set. For example, name would be `Email` and value `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` . Please check your SAML 2.0 compliant identity provider (IdP) documentation for details.", + "title": "AttributeMap", + "type": "array" + }, + "FederationProviderName": { + "markdownDescription": "Name of the identity provider (IdP).", + "title": "FederationProviderName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FederationURN": { + "markdownDescription": "The Uniform Resource Name (URN). Also referred as Service Provider URN or Audience URI or Service Provider Entity ID.", + "title": "FederationURN", + "type": "string" }, - "Metadata": { - "type": "object" + "SamlMetadataDocument": { + "markdownDescription": "SAML 2.0 Metadata document from identity provider (IdP).", + "title": "SamlMetadataDocument", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelArn": { - "markdownDescription": "Channel ARN for the stream.", - "title": "ChannelArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-streamkey-tag.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ChannelArn" - ], - "type": "object" + "SamlMetadataURL": { + "markdownDescription": "Provide the metadata URL from your SAML 2.0 compliant identity provider (IdP).", + "title": "SamlMetadataURL", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FinSpace::Environment.SuperuserParameters": { + "additionalProperties": false, + "properties": { + "EmailAddress": { + "markdownDescription": "The email address of the superuser.", + "title": "EmailAddress", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IVS::StreamKey" - ], + "FirstName": { + "markdownDescription": "The first name of the superuser.", + "title": "FirstName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LastName": { + "markdownDescription": "The last name of the superuser.", + "title": "LastName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration": { + "AWS::Forecast::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -116272,33 +124572,56 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationConfiguration": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.DestinationConfiguration", - "markdownDescription": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged.", - "title": "DestinationConfiguration" + "DataFrequency": { + "markdownDescription": "The frequency of data collection. This parameter is required for RELATED_TIME_SERIES datasets.\n\nValid intervals are an integer followed by Y (Year), M (Month), W (Week), D (Day), H (Hour), and min (Minute). For example, \"1D\" indicates every day and \"15min\" indicates every 15 minutes. You cannot specify a value that would overlap with the next larger frequency. That means, for example, you cannot specify a frequency of 60 minutes, because that is equivalent to 1 hour. The valid values for each frequency are the following:\n\n- Minute - 1-59\n- Hour - 1-23\n- Day - 1-6\n- Week - 1-4\n- Month - 1-11\n- Year - 1\n\nThus, if you want every other week forecasts, specify \"2W\". Or, if you want quarterly forecasts, you specify \"3M\".", + "title": "DataFrequency", + "type": "string" }, - "Name": { - "markdownDescription": "Logging-configuration name. The value does not need to be unique.", - "title": "Name", + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", + "type": "string" + }, + "DatasetType": { + "markdownDescription": "The dataset type.", + "title": "DatasetType", + "type": "string" + }, + "Domain": { + "markdownDescription": "The domain associated with the dataset.", + "title": "Domain", "type": "string" }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Forecast::Dataset.EncryptionConfig", + "markdownDescription": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key.", + "title": "EncryptionConfig" + }, + "Schema": { + "$ref": "#/definitions/AWS::Forecast::Dataset.Schema", + "markdownDescription": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) .", + "title": "Schema" + }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Forecast::Dataset.TagsItems" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-loggingconfiguration-tag.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "DestinationConfiguration" + "DatasetName", + "DatasetType", + "Domain", + "Schema" ], "type": "object" }, "Type": { "enum": [ - "AWS::IVSChat::LoggingConfiguration" + "AWS::Forecast::Dataset" ], "type": "string" }, @@ -116317,70 +124640,73 @@ ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration": { + "AWS::Forecast::Dataset.AttributesItems": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged.", - "title": "LogGroupName", + "AttributeName": { + "markdownDescription": "", + "title": "AttributeName", + "type": "string" + }, + "AttributeType": { + "markdownDescription": "", + "title": "AttributeType", "type": "string" } }, - "required": [ - "LogGroupName" - ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.DestinationConfiguration": { + "AWS::Forecast::Dataset.EncryptionConfig": { "additionalProperties": false, "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration", - "markdownDescription": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.", - "title": "CloudWatchLogs" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration", - "markdownDescription": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.", - "title": "Firehose" + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key.", + "title": "KmsKeyArn", + "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration", - "markdownDescription": "An Amazon S3 destination configuration where chat activity will be logged.", - "title": "S3" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.\n\nPassing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error.", + "title": "RoleArn", + "type": "string" } }, "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration": { + "AWS::Forecast::Dataset.Schema": { "additionalProperties": false, "properties": { - "DeliveryStreamName": { - "markdownDescription": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged.", - "title": "DeliveryStreamName", - "type": "string" + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::Forecast::Dataset.AttributesItems" + }, + "markdownDescription": "An array of attributes specifying the name and type of each field in a dataset.", + "title": "Attributes", + "type": "array" } }, - "required": [ - "DeliveryStreamName" - ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration": { + "AWS::Forecast::Dataset.TagsItems": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the Amazon S3 bucket where chat activity will be logged.", - "title": "BucketName", + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, "required": [ - "BucketName" + "Key", + "Value" ], "type": "object" }, - "AWS::IVSChat::Room": { + "AWS::Forecast::DatasetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -116415,48 +124741,42 @@ "Properties": { "additionalProperties": false, "properties": { - "LoggingConfigurationIdentifiers": { + "DatasetArns": { "items": { "type": "string" }, - "markdownDescription": "List of logging-configuration identifiers attached to the room.", - "title": "LoggingConfigurationIdentifiers", + "markdownDescription": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group.", + "title": "DatasetArns", "type": "array" }, - "MaximumMessageLength": { - "markdownDescription": "Maximum number of characters in a single message. Messages are expected to be UTF-8 encoded and this limit applies specifically to rune/code-point count, not number of bytes.", - "title": "MaximumMessageLength", - "type": "number" - }, - "MaximumMessageRatePerSecond": { - "markdownDescription": "Maximum number of messages per second that can be sent to the room (by all clients).", - "title": "MaximumMessageRatePerSecond", - "type": "number" - }, - "MessageReviewHandler": { - "$ref": "#/definitions/AWS::IVSChat::Room.MessageReviewHandler", - "markdownDescription": "Configuration information for optional review of messages.", - "title": "MessageReviewHandler" + "DatasetGroupName": { + "markdownDescription": "The name of the dataset group.", + "title": "DatasetGroupName", + "type": "string" }, - "Name": { - "markdownDescription": "Room name. The value does not need to be unique.", - "title": "Name", + "Domain": { + "markdownDescription": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the `Domain` parameter of the [CreateDataset](https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html) operation must match.\n\nThe `Domain` and `DatasetType` that you choose determine the fields that must be present in training data that you import to a dataset. For example, if you choose the `RETAIL` domain and `TARGET_TIME_SERIES` as the `DatasetType` , Amazon Forecast requires that `item_id` , `timestamp` , and `demand` fields are present in your data. For more information, see [Dataset groups](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-datasets-groups.html) .", + "title": "Domain", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-room-tag.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "DatasetGroupName", + "Domain" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVSChat::Room" + "AWS::Forecast::DatasetGroup" ], "type": "string" }, @@ -116470,27 +124790,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVSChat::Room.MessageReviewHandler": { - "additionalProperties": false, - "properties": { - "FallbackResult": { - "markdownDescription": "Specifies the fallback behavior (whether the message is allowed or denied) if the handler does not return a valid response, encounters an error, or times out. (For the timeout period, see [Service Quotas](https://docs.aws.amazon.com/ivs/latest/userguide/service-quotas.html) .) If allowed, the message is delivered with returned content to all users connected to the room. If denied, the message is not delivered to any user.\n\n*Default* : `ALLOW`", - "title": "FallbackResult", - "type": "string" - }, - "Uri": { - "markdownDescription": "Identifier of the message review handler. Currently this must be an ARN of a lambda function.", - "title": "Uri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IdentityStore::Group": { + "AWS::FraudDetector::Detector": { "additionalProperties": false, "properties": { "Condition": { @@ -116525,31 +124830,66 @@ "Properties": { "additionalProperties": false, "properties": { + "AssociatedModels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Model" + }, + "markdownDescription": "The models to associate with this detector. You must provide the ARNs of all the models you want to associate.", + "title": "AssociatedModels", + "type": "array" + }, "Description": { - "markdownDescription": "A string containing the description of the group.", + "markdownDescription": "The detector description.", "title": "Description", "type": "string" }, - "DisplayName": { - "markdownDescription": "The display name value for the group. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.\n\nPrefix search supports a maximum of 1,000 characters for the string.", - "title": "DisplayName", + "DetectorId": { + "markdownDescription": "The name of the detector.", + "title": "DetectorId", "type": "string" }, - "IdentityStoreId": { - "markdownDescription": "The globally unique identifier for the identity store.", - "title": "IdentityStoreId", + "DetectorVersionStatus": { + "markdownDescription": "The status of the detector version. If a value is not provided for this property, AWS CloudFormation assumes `DRAFT` status.\n\nValid values: `ACTIVE | DRAFT`", + "title": "DetectorVersionStatus", + "type": "string" + }, + "EventType": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EventType", + "markdownDescription": "The event type associated with this detector.", + "title": "EventType" + }, + "RuleExecutionMode": { + "markdownDescription": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules.", + "title": "RuleExecutionMode", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Rule" + }, + "markdownDescription": "The rules to include in the detector version.", + "title": "Rules", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "DisplayName", - "IdentityStoreId" + "DetectorId", + "EventType", + "Rules" ], "type": "object" }, "Type": { "enum": [ - "AWS::IdentityStore::Group" + "AWS::FraudDetector::Detector" ], "type": "string" }, @@ -116568,100 +124908,349 @@ ], "type": "object" }, - "AWS::IdentityStore::GroupMembership": { + "AWS::FraudDetector::Detector.EntityType": { "additionalProperties": false, "properties": { - "Condition": { + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CreatedTime": { + "markdownDescription": "Timestamp of when the entity type was created.", + "title": "CreatedTime", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", + "type": "string" }, - "Metadata": { - "type": "object" + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupId": { - "markdownDescription": "The identifier for a group in the identity store.", - "title": "GroupId", - "type": "string" - }, - "IdentityStoreId": { - "markdownDescription": "The globally unique identifier for the identity store.", - "title": "IdentityStoreId", - "type": "string" - }, - "MemberId": { - "$ref": "#/definitions/AWS::IdentityStore::GroupMembership.MemberId", - "markdownDescription": "An object containing the identifier of a group member. Setting the `MemberId` 's `UserId` field to a specific User's ID indicates that user is a member of the group.", - "title": "MemberId" - } + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the entity type was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The entity type name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" }, - "required": [ - "GroupId", - "IdentityStoreId", - "MemberId" - ], - "type": "object" + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.EventType": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IdentityStore::GroupMembership" - ], + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "The event type description.", + "title": "Description", + "type": "string" + }, + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EntityType" + }, + "markdownDescription": "The event type entity types.", + "title": "EntityTypes", + "type": "array" + }, + "EventVariables": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EventVariable" + }, + "markdownDescription": "The event type event variables.", + "title": "EventVariables", + "type": "array" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "Labels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Label" + }, + "markdownDescription": "The event type labels.", + "title": "Labels", + "type": "array" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the event type was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The event type name.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IdentityStore::GroupMembership.MemberId": { + "AWS::FraudDetector::Detector.EventVariable": { "additionalProperties": false, "properties": { - "UserId": { - "markdownDescription": "An object containing the identifiers of resources that can be members.", - "title": "UserId", + "Arn": { + "markdownDescription": "The event variable ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp for when the event variable was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSource": { + "markdownDescription": "The data source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type of the event variable.\n\nValid values: `STRING | INTEGER | BOOLEAN | FLOAT`", + "title": "DataType", + "type": "string" + }, + "DefaultValue": { + "markdownDescription": "The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the event variable.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the event variable was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the event variable.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .", + "title": "VariableType", "type": "string" } }, - "required": [ - "UserId" - ], "type": "object" }, - "AWS::ImageBuilder::Component": { + "AWS::FraudDetector::Detector.Label": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The label ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The label description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the label was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The label name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.Model": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the model.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.Outcome": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The outcome ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "The timestamp when the outcome was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The outcome description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "The timestamp when the outcome was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The outcome name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.Rule": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The rule ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp for when the rule was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The rule description.", + "title": "Description", + "type": "string" + }, + "DetectorId": { + "markdownDescription": "The detector for which the rule is associated.", + "title": "DetectorId", + "type": "string" + }, + "Expression": { + "markdownDescription": "The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) .", + "title": "Expression", + "type": "string" + }, + "Language": { + "markdownDescription": "The rule language.\n\nValid Value: DETECTORPL", + "title": "Language", + "type": "string" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the rule was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Outcomes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Outcome" + }, + "markdownDescription": "The rule outcome.", + "title": "Outcomes", + "type": "array" + }, + "RuleId": { + "markdownDescription": "The rule ID.", + "title": "RuleId", + "type": "string" + }, + "RuleVersion": { + "markdownDescription": "The rule version.", + "title": "RuleVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::EntityType": { "additionalProperties": false, "properties": { "Condition": { @@ -116696,76 +125285,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ChangeDescription": { - "markdownDescription": "The change description of the component. Describes what change has been made in this version, or what makes this version different from other versions of the component.", - "title": "ChangeDescription", - "type": "string" - }, - "Data": { - "markdownDescription": "Component `data` contains inline YAML document content for the component. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", - "title": "Data", - "type": "string" - }, "Description": { - "markdownDescription": "Describes the contents of the component.", + "markdownDescription": "The entity type description.", "title": "Description", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key that is used to encrypt this component.", - "title": "KmsKeyId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the component.", + "markdownDescription": "The entity type name.\n\nPattern: `^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, - "Platform": { - "markdownDescription": "The operating system platform of the component.", - "title": "Platform", - "type": "string" - }, - "SupportedOsVersions": { - "items": { - "type": "string" - }, - "markdownDescription": "The operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.", - "title": "SupportedOsVersions", - "type": "array" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags that apply to the component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A key and value pair.", "title": "Tags", - "type": "object" - }, - "Uri": { - "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", - "title": "Uri", - "type": "string" - }, - "Version": { - "markdownDescription": "The component version. For example, `1.0.0` .", - "title": "Version", - "type": "string" + "type": "array" } }, "required": [ - "Name", - "Platform", - "Version" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Component" + "AWS::FraudDetector::EntityType" ], "type": "string" }, @@ -116784,7 +125330,7 @@ ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe": { + "AWS::FraudDetector::EventType": { "additionalProperties": false, "properties": { "Condition": { @@ -116819,104 +125365,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration" - }, - "markdownDescription": "Build and test components that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", - "title": "Components", - "type": "array" - }, - "ContainerType": { - "markdownDescription": "Specifies the type of container, such as Docker.", - "title": "ContainerType", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the container recipe.", + "markdownDescription": "The event type description.", "title": "Description", "type": "string" }, - "DockerfileTemplateData": { - "markdownDescription": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.", - "title": "DockerfileTemplateData", - "type": "string" - }, - "DockerfileTemplateUri": { - "markdownDescription": "The S3 URI for the Dockerfile that will be used to build your container image.", - "title": "DockerfileTemplateUri", - "type": "string" - }, - "ImageOsVersionOverride": { - "markdownDescription": "Specifies the operating system version for the base image.", - "title": "ImageOsVersionOverride", - "type": "string" + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::EventType.EntityType" + }, + "markdownDescription": "The event type entity types.", + "title": "EntityTypes", + "type": "array" }, - "InstanceConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration", - "markdownDescription": "A group of options that can be used to configure an instance for building and testing container images.", - "title": "InstanceConfiguration" + "EventVariables": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::EventType.EventVariable" + }, + "markdownDescription": "The event type event variables.", + "title": "EventVariables", + "type": "array" }, - "KmsKeyId": { - "markdownDescription": "Identifies which KMS key is used to encrypt the container image for distribution to the target Region.", - "title": "KmsKeyId", - "type": "string" + "Labels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::EventType.Label" + }, + "markdownDescription": "The event type labels.", + "title": "Labels", + "type": "array" }, "Name": { - "markdownDescription": "The name of the container recipe.", + "markdownDescription": "The event type name.\n\nPattern : `^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, - "ParentImage": { - "markdownDescription": "The base image for customizations specified in the container recipe. This can contain an Image Builder image resource ARN or a container image URI, for example `amazonlinux:latest` .", - "title": "ParentImage", - "type": "string" - }, - "PlatformOverride": { - "markdownDescription": "Specifies the operating system platform when you use a custom base image.", - "title": "PlatformOverride", - "type": "string" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags that are attached to the container recipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" - }, - "TargetRepository": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository", - "markdownDescription": "The destination repository for the container image.", - "title": "TargetRepository" - }, - "Version": { - "markdownDescription": "The semantic version of the container recipe.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.\n> \n> *Filtering:* With semantic versioning, you have the flexibility to use wildcards (x) to specify the most recent versions or nodes when selecting the base image or components for your recipe. When you use a wildcard in any node, all nodes to the right of the first wildcard must also be wildcards.", - "title": "Version", - "type": "string" - }, - "WorkingDirectory": { - "markdownDescription": "The working directory for use during build and test workflows.", - "title": "WorkingDirectory", - "type": "string" + "type": "array" } }, "required": [ - "Components", - "ContainerType", - "Name", - "ParentImage", - "TargetRepository", - "Version" + "EntityTypes", + "EventVariables", + "Labels", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ContainerRecipe" + "AWS::FraudDetector::EventType" ], "type": "string" }, @@ -116935,156 +125437,159 @@ ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { + "AWS::FraudDetector::EventType.EntityType": { "additionalProperties": false, "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the entity type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the entity type was last updated.", + "title": "LastUpdatedTime", "type": "string" }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentParameter" - }, - "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", - "title": "Parameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.ComponentParameter": { - "additionalProperties": false, - "properties": { "Name": { - "markdownDescription": "The name of the component parameter to set.", + "markdownDescription": "The entity type name.\n\n`^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, - "Value": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Sets the value for the named component parameter.", - "title": "Value", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification": { + "AWS::FraudDetector::EventType.EventVariable": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Use to configure delete on termination of the associated device.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Use to configure device encryption.", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "Use to configure device IOPS.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", - "title": "KmsKeyId", + "Arn": { + "markdownDescription": "The event variable ARN.", + "title": "Arn", "type": "string" }, - "SnapshotId": { - "markdownDescription": "The snapshot that defines the device contents.", - "title": "SnapshotId", + "CreatedTime": { + "markdownDescription": "Timestamp for when event variable was created.", + "title": "CreatedTime", "type": "string" }, - "Throughput": { - "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", - "title": "Throughput", - "type": "number" + "DataSource": { + "markdownDescription": "The source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", + "type": "string" }, - "VolumeSize": { - "markdownDescription": "Use to override the device's volume size.", - "title": "VolumeSize", - "type": "number" + "DataType": { + "markdownDescription": "The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) .", + "title": "DataType", + "type": "string" }, - "VolumeType": { - "markdownDescription": "Use to override the device's volume type.", - "title": "VolumeType", + "DefaultValue": { + "markdownDescription": "The default value of the event variable", + "title": "DefaultValue", "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "markdownDescription": "The device to which these mappings apply.", - "title": "DeviceName", + }, + "Description": { + "markdownDescription": "The event variable description.", + "title": "Description", "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification", - "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", - "title": "Ebs" + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" }, - "NoDevice": { - "markdownDescription": "Use to remove a mapping from the base image.", - "title": "NoDevice", + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the event variable was last updated.", + "title": "LastUpdatedTime", "type": "string" }, - "VirtualName": { - "markdownDescription": "Use to manage instance ephemeral devices.", - "title": "VirtualName", + "Name": { + "markdownDescription": "The name of the event variable.", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration": { - "additionalProperties": false, - "properties": { - "BlockDeviceMappings": { + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Defines the block devices to attach for building an instance from this Image Builder AMI.", - "title": "BlockDeviceMappings", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" }, - "Image": { - "markdownDescription": "The base image for a container build and test instance. This can contain an AMI ID or it can specify an AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n\nIf not specified, Image Builder uses the appropriate ECS-optimized AMI as a base image.", - "title": "Image", + "VariableType": { + "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) .", + "title": "VariableType", "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository": { + "AWS::FraudDetector::EventType.Label": { "additionalProperties": false, "properties": { - "RepositoryName": { - "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", - "title": "RepositoryName", + "Arn": { + "markdownDescription": "The label ARN.", + "title": "Arn", "type": "string" }, - "Service": { - "markdownDescription": "Specifies the service in which this image was registered.", - "title": "Service", + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The label description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the label was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The label name.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration": { + "AWS::FraudDetector::Label": { "additionalProperties": false, "properties": { "Condition": { @@ -117120,44 +125625,32 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of this distribution configuration.", + "markdownDescription": "The label description.", "title": "Description", "type": "string" }, - "Distributions": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.Distribution" - }, - "markdownDescription": "The distributions of this distribution configuration formatted as an array of Distribution objects.", - "title": "Distributions", - "type": "array" - }, "Name": { - "markdownDescription": "The name of this distribution configuration.", + "markdownDescription": "The label name.\n\nPattern: `^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of this distribution configuration.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Distributions", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::DistributionConfiguration" + "AWS::FraudDetector::Label" ], "type": "string" }, @@ -117176,262 +125669,283 @@ ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration": { + "AWS::FraudDetector::List": { "additionalProperties": false, "properties": { - "AmiTags": { - "additionalProperties": true, - "markdownDescription": "The tags to apply to AMIs distributed to this Region.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AmiTags", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the AMI distribution configuration. Minimum and maximum length are in characters.", - "title": "Description", + "Condition": { "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The KMS key identifier used to encrypt the distributed image.", - "title": "KmsKeyId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LaunchPermissionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration", - "markdownDescription": "Launch permissions can be used to configure which AWS account s can use the AMI to launch instances.", - "title": "LaunchPermissionConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Name": { - "markdownDescription": "The name of the output AMI.", - "title": "Name", - "type": "string" + "Metadata": { + "type": "object" }, - "TargetAccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of an account to which you want to distribute an image.", - "title": "TargetAccountIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration": { - "additionalProperties": false, - "properties": { - "ContainerTags": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the list.", + "title": "Description", + "type": "string" + }, + "Elements": { + "items": { + "type": "string" + }, + "markdownDescription": "The elements in the list.", + "title": "Elements", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the list.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VariableType": { + "markdownDescription": "The variable type of the list. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types)", + "title": "VariableType", + "type": "string" + } }, - "markdownDescription": "Tags that are attached to the container distribution configuration.", - "title": "ContainerTags", - "type": "array" + "required": [ + "Name" + ], + "type": "object" }, - "Description": { - "markdownDescription": "The description of the container distribution configuration.", - "title": "Description", + "Type": { + "enum": [ + "AWS::FraudDetector::List" + ], "type": "string" }, - "TargetRepository": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository", - "markdownDescription": "The destination repository for the container distribution configuration.", - "title": "TargetRepository" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.Distribution": { + "AWS::FraudDetector::Outcome": { "additionalProperties": false, "properties": { - "AmiDistributionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration", - "markdownDescription": "The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below.", - "title": "AmiDistributionConfiguration" + "Condition": { + "type": "string" }, - "ContainerDistributionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration", - "markdownDescription": "Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below.", - "title": "ContainerDistributionConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FastLaunchConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration" - }, - "markdownDescription": "The Windows faster-launching configurations to use for AMI distribution.", - "title": "FastLaunchConfigurations", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LaunchTemplateConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration" - }, - "markdownDescription": "A group of launchTemplateConfiguration settings that apply to image distribution for specified accounts.", - "title": "LaunchTemplateConfigurations", - "type": "array" + "Metadata": { + "type": "object" }, - "LicenseConfigurationArns": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The outcome description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The outcome name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The License Manager Configuration to associate with the AMI in the specified Region. For more information, see the [LicenseConfiguration API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_LicenseConfiguration.html) .", - "title": "LicenseConfigurationArns", - "type": "array" + "required": [ + "Name" + ], + "type": "object" }, - "Region": { - "markdownDescription": "The target Region for the Distribution Configuration. For example, `eu-west-1` .", - "title": "Region", + "Type": { + "enum": [ + "AWS::FraudDetector::Outcome" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Region" + "Type", + "Properties" ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration": { + "AWS::FraudDetector::Variable": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The owner account ID for the fast-launch enabled Windows AMI.", - "title": "AccountId", + "Condition": { "type": "string" }, - "Enabled": { - "markdownDescription": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to `true` to start using Windows faster launching, or `false` to stop using it.", - "title": "Enabled", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification", - "markdownDescription": "The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.", - "title": "LaunchTemplate" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MaxParallelLaunches": { - "markdownDescription": "The maximum number of parallel instances that are launched for creating resources.", - "title": "MaxParallelLaunches", - "type": "number" - }, - "SnapshotConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration", - "markdownDescription": "Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.", - "title": "SnapshotConfiguration" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification": { - "additionalProperties": false, - "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template to use for faster launching for a Windows AMI.", - "title": "LaunchTemplateId", - "type": "string" - }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template to use for faster launching for a Windows AMI.", - "title": "LaunchTemplateName", - "type": "string" - }, - "LaunchTemplateVersion": { - "markdownDescription": "The version of the launch template to use for faster launching for a Windows AMI.", - "title": "LaunchTemplateVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration": { - "additionalProperties": false, - "properties": { - "TargetResourceCount": { - "markdownDescription": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.", - "title": "TargetResourceCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration": { - "additionalProperties": false, - "properties": { - "OrganizationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN for an AWS Organization that you want to share your AMI with. For more information, see [What is AWS Organizations ?](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) .", - "title": "OrganizationArns", - "type": "array" - }, - "OrganizationalUnitArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN for an AWS Organizations organizational unit (OU) that you want to share your AMI with. For more information about key concepts for AWS Organizations , see [AWS Organizations terminology and concepts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html) .", - "title": "OrganizationalUnitArns", - "type": "array" - }, - "UserGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the group.", - "title": "UserGroups", - "type": "array" + "Metadata": { + "type": "object" }, - "UserIds": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DataSource": { + "markdownDescription": "The data source of the variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type of the variable.\n\nValid data types: `STRING | INTEGER | BOOLEAN | FLOAT`", + "title": "DataType", + "type": "string" + }, + "DefaultValue": { + "markdownDescription": "The default value of the variable.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the variable.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the variable.\n\nPattern: `^[0-9a-z_-]+$`", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of the variable. For more information see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .\n\nValid Values: `AUTH_CODE | AVS | BILLING_ADDRESS_L1 | BILLING_ADDRESS_L2 | BILLING_CITY | BILLING_COUNTRY | BILLING_NAME | BILLING_PHONE | BILLING_STATE | BILLING_ZIP | CARD_BIN | CATEGORICAL | CURRENCY_CODE | EMAIL_ADDRESS | FINGERPRINT | FRAUD_LABEL | FREE_FORM_TEXT | IP_ADDRESS | NUMERIC | ORDER_ID | PAYMENT_TYPE | PHONE_NUMBER | PRICE | PRODUCT_CATEGORY | SHIPPING_ADDRESS_L1 | SHIPPING_ADDRESS_L2 | SHIPPING_CITY | SHIPPING_COUNTRY | SHIPPING_NAME | SHIPPING_PHONE | SHIPPING_STATE | SHIPPING_ZIP | USERAGENT`", + "title": "VariableType", + "type": "string" + } }, - "markdownDescription": "The AWS account ID.", - "title": "UserIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The account ID that this configuration applies to.", - "title": "AccountId", - "type": "string" - }, - "LaunchTemplateId": { - "markdownDescription": "Identifies the Amazon EC2 launch template to use.", - "title": "LaunchTemplateId", - "type": "string" + "required": [ + "DataSource", + "DataType", + "DefaultValue", + "Name" + ], + "type": "object" }, - "SetDefaultVersion": { - "markdownDescription": "Set the specified Amazon EC2 launch template as the default launch template for the specified account.", - "title": "SetDefaultVersion", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository": { - "additionalProperties": false, - "properties": { - "RepositoryName": { - "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", - "title": "RepositoryName", + "Type": { + "enum": [ + "AWS::FraudDetector::Variable" + ], "type": "string" }, - "Service": { - "markdownDescription": "Specifies the service in which this image was registered.", - "title": "Service", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ImageBuilder::Image": { + "AWS::GameLift::Alias": { "additionalProperties": false, "properties": { "Condition": { @@ -117466,74 +125980,39 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.", - "title": "ContainerRecipeArn", - "type": "string" - }, - "DistributionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration that defines and configures the outputs of your pipeline.", - "title": "DistributionConfigurationArn", - "type": "string" - }, - "EnhancedImageMetadataEnabled": { - "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", - "title": "EnhancedImageMetadataEnabled", - "type": "boolean" - }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", - "title": "ExecutionRole", + "Description": { + "markdownDescription": "A human-readable description of the alias.", + "title": "Description", "type": "string" }, - "ImageRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.", - "title": "ImageRecipeArn", + "Name": { + "markdownDescription": "A descriptive label that is associated with an alias. Alias names do not need to be unique.", + "title": "Name", "type": "string" }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageScanningConfiguration", - "markdownDescription": "Contains settings for vulnerability scans.", - "title": "ImageScanningConfiguration" - }, - "ImageTestsConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageTestsConfiguration", - "markdownDescription": "The image tests configuration of the image.", - "title": "ImageTestsConfiguration" - }, - "InfrastructureConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration that defines the environment in which your image will be built and tested.", - "title": "InfrastructureConfigurationArn", - "type": "string" + "RoutingStrategy": { + "$ref": "#/definitions/AWS::GameLift::Alias.RoutingStrategy", + "markdownDescription": "The routing configuration, including routing type and fleet target, for the alias.", + "title": "RoutingStrategy" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of the image.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Workflows": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowConfiguration" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Contains an array of workflow configuration objects.", - "title": "Workflows", + "markdownDescription": "", + "title": "Tags", "type": "array" } }, "required": [ - "InfrastructureConfigurationArn" + "Name", + "RoutingStrategy" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Image" + "AWS::GameLift::Alias" ], "type": "string" }, @@ -117552,106 +126031,31 @@ ], "type": "object" }, - "AWS::ImageBuilder::Image.EcrConfiguration": { - "additionalProperties": false, - "properties": { - "ContainerTags": { - "items": { - "type": "string" - }, - "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", - "title": "ContainerTags", - "type": "array" - }, - "RepositoryName": { - "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", - "title": "RepositoryName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.ImageScanningConfiguration": { - "additionalProperties": false, - "properties": { - "EcrConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.EcrConfiguration", - "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", - "title": "EcrConfiguration" - }, - "ImageScanningEnabled": { - "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", - "title": "ImageScanningEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.ImageTestsConfiguration": { - "additionalProperties": false, - "properties": { - "ImageTestsEnabled": { - "markdownDescription": "Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.", - "title": "ImageTestsEnabled", - "type": "boolean" - }, - "TimeoutMinutes": { - "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", - "title": "TimeoutMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.WorkflowConfiguration": { + "AWS::GameLift::Alias.RoutingStrategy": { "additionalProperties": false, "properties": { - "OnFailure": { - "markdownDescription": "The action to take if the workflow fails.", - "title": "OnFailure", + "FleetId": { + "markdownDescription": "A unique identifier for a fleet that the alias points to. If you specify `SIMPLE` for the `Type` property, you must specify this property.", + "title": "FleetId", "type": "string" }, - "ParallelGroup": { - "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", - "title": "ParallelGroup", + "Message": { + "markdownDescription": "The message text to be used with a terminal routing strategy. If you specify `TERMINAL` for the `Type` property, you must specify this property.", + "title": "Message", "type": "string" }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowParameter" - }, - "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", - "title": "Parameters", - "type": "array" - }, - "WorkflowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", - "title": "WorkflowArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image.WorkflowParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the workflow parameter to set.", - "title": "Name", + "Type": { + "markdownDescription": "A type of routing strategy.\n\nPossible routing types include the following:\n\n- *SIMPLE* - The alias resolves to one specific fleet. Use this type when routing to active fleets.\n- *TERMINAL* - The alias does not resolve to a fleet but instead can be used to display a message to the user. A terminal alias throws a `TerminalRoutingStrategyException` with the message that you specified in the `Message` property.", + "title": "Type", "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named workflow parameter.", - "title": "Value", - "type": "array" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline": { + "AWS::GameLift::Build": { "additionalProperties": false, "properties": { "Condition": { @@ -117686,95 +126090,45 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that is used for this pipeline.", - "title": "ContainerRecipeArn", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of this image pipeline.", - "title": "Description", - "type": "string" - }, - "DistributionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline.", - "title": "DistributionConfigurationArn", - "type": "string" - }, - "EnhancedImageMetadataEnabled": { - "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", - "title": "EnhancedImageMetadataEnabled", - "type": "boolean" - }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", - "title": "ExecutionRole", - "type": "string" - }, - "ImageRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe associated with this image pipeline.", - "title": "ImageRecipeArn", - "type": "string" - }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration", - "markdownDescription": "Contains settings for vulnerability scans.", - "title": "ImageScanningConfiguration" - }, - "ImageTestsConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration", - "markdownDescription": "The configuration of the image tests that run after image creation to ensure the quality of the image that was created.", - "title": "ImageTestsConfiguration" - }, - "InfrastructureConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline.", - "title": "InfrastructureConfigurationArn", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the image pipeline.", + "markdownDescription": "A descriptive label that is associated with a build. Build names do not need to be unique.", "title": "Name", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.Schedule", - "markdownDescription": "The schedule of the image pipeline. A schedule configures how often and when a pipeline automatically creates a new image.", - "title": "Schedule" + "OperatingSystem": { + "markdownDescription": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "title": "OperatingSystem", + "type": "string" }, - "Status": { - "markdownDescription": "The status of the image pipeline.", - "title": "Status", + "ServerSdkVersion": { + "markdownDescription": "A server SDK version you used when integrating your game server build with Amazon GameLift Servers. For more information see [Integrate games with custom game servers](https://docs.aws.amazon.com/gamelift/latest/developerguide/integration-custom-intro.html) . By default Amazon GameLift Servers sets this value to `4.0.2` .", + "title": "ServerSdkVersion", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of this image pipeline.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "StorageLocation": { + "$ref": "#/definitions/AWS::GameLift::Build.StorageLocation", + "markdownDescription": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift Servers to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift Servers will report a `SizeOnDisk` of 0.", + "title": "StorageLocation" }, - "Workflows": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Contains the workflows that run for the image pipeline.", - "title": "Workflows", + "markdownDescription": "", + "title": "Tags", "type": "array" + }, + "Version": { + "markdownDescription": "Version information that is associated with this build. Version strings do not need to be unique.", + "title": "Version", + "type": "string" } }, - "required": [ - "InfrastructureConfigurationArn", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ImagePipeline" + "AWS::GameLift::Build" ], "type": "string" }, @@ -117788,127 +126142,42 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.EcrConfiguration": { - "additionalProperties": false, - "properties": { - "ContainerTags": { - "items": { - "type": "string" - }, - "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", - "title": "ContainerTags", - "type": "array" - }, - "RepositoryName": { - "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", - "title": "RepositoryName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration": { - "additionalProperties": false, - "properties": { - "EcrConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.EcrConfiguration", - "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", - "title": "EcrConfiguration" - }, - "ImageScanningEnabled": { - "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", - "title": "ImageScanningEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration": { - "additionalProperties": false, - "properties": { - "ImageTestsEnabled": { - "markdownDescription": "Defines if tests should be executed when building this image. For example, `true` or `false` .", - "title": "ImageTestsEnabled", - "type": "boolean" - }, - "TimeoutMinutes": { - "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", - "title": "TimeoutMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImagePipeline.Schedule": { + "AWS::GameLift::Build.StorageLocation": { "additionalProperties": false, "properties": { - "PipelineExecutionStartCondition": { - "markdownDescription": "The condition configures when the pipeline should trigger a new image build. When the `pipelineExecutionStartCondition` is set to `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE` , and you use semantic version filters on the base image or components in your image recipe, Image Builder will build a new image only when there are new versions of the image or components in your recipe that match the semantic version filter. When it is set to `EXPRESSION_MATCH_ONLY` , it will build a new image every time the CRON expression matches the current time. For semantic version syntax, see [CreateComponent](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html) in the *Image Builder API Reference* .", - "title": "PipelineExecutionStartCondition", + "Bucket": { + "markdownDescription": "An Amazon S3 bucket identifier. The name of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "title": "Bucket", "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "The cron expression determines how often EC2 Image Builder evaluates your `pipelineExecutionStartCondition` .\n\nFor information on how to format a cron expression in Image Builder, see [Use cron expressions in EC2 Image Builder](https://docs.aws.amazon.com/imagebuilder/latest/userguide/image-builder-cron.html) .", - "title": "ScheduleExpression", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration": { - "additionalProperties": false, - "properties": { - "OnFailure": { - "markdownDescription": "The action to take if the workflow fails.", - "title": "OnFailure", + "Key": { + "markdownDescription": "The name of the zip file that contains the build files or script files.", + "title": "Key", "type": "string" }, - "ParallelGroup": { - "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", - "title": "ParallelGroup", + "ObjectVersion": { + "markdownDescription": "A version of a stored file to retrieve, if the object versioning feature is turned on for the S3 bucket. Use this parameter to specify a specific version. If this parameter isn't set, Amazon GameLift Servers retrieves the latest version of the file.", + "title": "ObjectVersion", "type": "string" }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowParameter" - }, - "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", - "title": "Parameters", - "type": "array" - }, - "WorkflowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", - "title": "WorkflowArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImagePipeline.WorkflowParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the workflow parameter to set.", - "title": "Name", + "RoleArn": { + "markdownDescription": "The ARNfor an IAM role that allows Amazon GameLift to access the S3 bucket.", + "title": "RoleArn", "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named workflow parameter.", - "title": "Value", - "type": "array" } }, + "required": [ + "Bucket", + "Key", + "RoleArn" + ], "type": "object" }, - "AWS::ImageBuilder::ImageRecipe": { + "AWS::GameLift::ContainerFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -117943,75 +126212,115 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInstanceConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration", - "markdownDescription": "Before you create a new AMI, Image Builder launches temporary Amazon EC2 instances to build and test your image configuration. Instance configuration adds a layer of control over those instances. You can define settings and add scripts to run when an instance is launched from your AMI.", - "title": "AdditionalInstanceConfiguration" + "BillingType": { + "markdownDescription": "Indicates whether the fleet uses On-Demand or Spot instances for this fleet. Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . You can't update this fleet property.\n\nBy default, this property is set to `ON_DEMAND` .", + "title": "BillingType", + "type": "string" }, - "BlockDeviceMappings": { + "DeploymentConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.DeploymentConfiguration", + "markdownDescription": "Set of rules for processing a deployment for a container fleet update.", + "title": "DeploymentConfiguration" + }, + "Description": { + "markdownDescription": "A meaningful description of the container fleet.", + "title": "Description", + "type": "string" + }, + "FleetRoleArn": { + "markdownDescription": "The unique identifier for an AWS Identity and Access Management (IAM) role with permissions to run your containers on resources that are managed by Amazon GameLift Servers. See [Set up an IAM service role](https://docs.aws.amazon.com/gamelift/latest/developerguide/setting-up-role.html) . This fleet property can't be changed.", + "title": "FleetRoleArn", + "type": "string" + }, + "GameServerContainerGroupDefinitionName": { + "markdownDescription": "The name of the fleet's game server container group definition, which describes how to deploy containers with your game server build and support software onto each fleet instance.", + "title": "GameServerContainerGroupDefinitionName", + "type": "string" + }, + "GameServerContainerGroupsPerInstance": { + "markdownDescription": "The number of times to replicate the game server container group on each fleet instance.", + "title": "GameServerContainerGroupsPerInstance", + "type": "number" + }, + "GameSessionCreationLimitPolicy": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.GameSessionCreationLimitPolicy", + "markdownDescription": "A policy that limits the number of game sessions that each individual player can create on instances in this fleet. The limit applies for a specified span of time.", + "title": "GameSessionCreationLimitPolicy" + }, + "InstanceConnectionPortRange": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.ConnectionPortRange", + "markdownDescription": "The set of port numbers to open on each instance in a container fleet. Connection ports are used by inbound traffic to connect with processes that are running in containers on the fleet.", + "title": "InstanceConnectionPortRange" + }, + "InstanceInboundPermissions": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping" + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.IpPermission" }, - "markdownDescription": "The block device mappings to apply when creating images from this recipe.", - "title": "BlockDeviceMappings", + "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet.", + "title": "InstanceInboundPermissions", "type": "array" }, - "Components": { + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type to use for all instances in the fleet. Instance type determines the computing resources and processing power that's available to host your game servers. This includes including CPU, memory, storage, and networking capacity. You can't update this fleet property.", + "title": "InstanceType", + "type": "string" + }, + "Locations": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentConfiguration" + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LocationConfiguration" }, - "markdownDescription": "The components that are included in the image recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", - "title": "Components", + "markdownDescription": "", + "title": "Locations", "type": "array" }, - "Description": { - "markdownDescription": "The description of the image recipe.", - "title": "Description", - "type": "string" + "LogConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LogConfiguration", + "markdownDescription": "The method that is used to collect container logs for the fleet. Amazon GameLift Servers saves all standard output for each container in logs, including game session logs.\n\n- `CLOUDWATCH` -- Send logs to an Amazon CloudWatch log group that you define. Each container emits a log stream, which is organized in the log group.\n- `S3` -- Store logs in an Amazon S3 bucket that you define.\n- `NONE` -- Don't collect container logs.", + "title": "LogConfiguration" }, - "Name": { - "markdownDescription": "The name of the image recipe.", - "title": "Name", + "MetricGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. Metric groups aggregate metrics for multiple fleets.", + "title": "MetricGroups", + "type": "array" + }, + "NewGameSessionProtectionPolicy": { + "markdownDescription": "Determines whether Amazon GameLift Servers can shut down game sessions on the fleet that are actively running and hosting players. Amazon GameLift Servers might prompt an instance shutdown when scaling down fleet capacity or when retiring unhealthy instances. You can also set game session protection for individual game sessions using [UpdateGameSession](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameSession.html) .\n\n- *NoProtection* -- Game sessions can be shut down during active gameplay.\n- *FullProtection* -- Game sessions in `ACTIVE` status can't be shut down.", + "title": "NewGameSessionProtectionPolicy", "type": "string" }, - "ParentImage": { - "markdownDescription": "The base image for customizations specified in the image recipe. You can specify the parent image using one of the following options:\n\n- AMI ID\n- Image Builder image Amazon Resource Name (ARN)\n- AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n- AWS Marketplace product ID", - "title": "ParentImage", + "PerInstanceContainerGroupDefinitionName": { + "markdownDescription": "The name of the fleet's per-instance container group definition.", + "title": "PerInstanceContainerGroupDefinitionName", "type": "string" }, + "ScalingPolicies": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.ScalingPolicy" + }, + "markdownDescription": "", + "title": "ScalingPolicies", + "type": "array" + }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of the image recipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" - }, - "Version": { - "markdownDescription": "The version of the image recipe.", - "title": "Version", - "type": "string" - }, - "WorkingDirectory": { - "markdownDescription": "The working directory to be used during build and test workflows.", - "title": "WorkingDirectory", - "type": "string" + "type": "array" } }, "required": [ - "Components", - "Name", - "ParentImage", - "Version" + "FleetRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ImageRecipe" + "AWS::GameLift::ContainerFleet" ], "type": "string" }, @@ -118030,148 +126339,250 @@ ], "type": "object" }, - "AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration": { + "AWS::GameLift::ContainerFleet.ConnectionPortRange": { "additionalProperties": false, "properties": { - "SystemsManagerAgent": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent", - "markdownDescription": "Contains settings for the Systems Manager agent on your build instance.", - "title": "SystemsManagerAgent" + "FromPort": { + "markdownDescription": "Starting value for the port range.", + "title": "FromPort", + "type": "number" }, - "UserDataOverride": { - "markdownDescription": "Use this property to provide commands or a command script to run when you launch your build instance.\n\nThe userDataOverride property replaces any commands that Image Builder might have added to ensure that Systems Manager is installed on your Linux build instance. If you override the user data, make sure that you add commands to install Systems Manager, if it is not pre-installed on your base image.\n\n> The user data is always base 64 encoded. For example, the following commands are encoded as `IyEvYmluL2Jhc2gKbWtkaXIgLXAgL3Zhci9iYi8KdG91Y2ggL3Zhci$` :\n> \n> *#!/bin/bash*\n> \n> mkdir -p /var/bb/\n> \n> touch /var", - "title": "UserDataOverride", + "ToPort": { + "markdownDescription": "Ending value for the port. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "ToPort" + ], + "type": "object" + }, + "AWS::GameLift::ContainerFleet.DeploymentConfiguration": { + "additionalProperties": false, + "properties": { + "ImpairmentStrategy": { + "markdownDescription": "Determines what actions to take if a deployment fails. If the fleet is multi-location, this strategy applies across all fleet locations. With a rollback strategy, updated fleet instances are rolled back to the last successful deployment. Alternatively, you can maintain a few impaired containers for the purpose of debugging, while all other tasks return to the last successful deployment.", + "title": "ImpairmentStrategy", + "type": "string" + }, + "MinimumHealthyPercentage": { + "markdownDescription": "Sets a minimum level of healthy tasks to maintain during deployment activity.", + "title": "MinimumHealthyPercentage", + "type": "number" + }, + "ProtectionStrategy": { + "markdownDescription": "Determines how fleet deployment activity affects active game sessions on the fleet. With protection, a deployment honors game session protection, and delays actions that would interrupt a protected active game session until the game session ends. Without protection, deployment activity can shut down all running tasks, including active game sessions, regardless of game session protection.", + "title": "ProtectionStrategy", "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::ImageRecipe.ComponentConfiguration": { + "AWS::GameLift::ContainerFleet.DeploymentDetails": { "additionalProperties": false, "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", + "LatestDeploymentId": { + "markdownDescription": "A unique identifier for a fleet deployment.", + "title": "LatestDeploymentId", "type": "string" + } + }, + "type": "object" + }, + "AWS::GameLift::ContainerFleet.GameSessionCreationLimitPolicy": { + "additionalProperties": false, + "properties": { + "NewGameSessionsPerCreator": { + "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy evaluates when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", + "title": "NewGameSessionsPerCreator", + "type": "number" }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentParameter" - }, - "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", - "title": "Parameters", - "type": "array" + "PolicyPeriodInMinutes": { + "markdownDescription": "The time span used in evaluating the resource creation limit policy.", + "title": "PolicyPeriodInMinutes", + "type": "number" } }, "type": "object" }, - "AWS::ImageBuilder::ImageRecipe.ComponentParameter": { + "AWS::GameLift::ContainerFleet.IpPermission": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the component parameter to set.", - "title": "Name", + "FromPort": { + "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "FromPort", + "type": "number" + }, + "IpRange": { + "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", + "title": "IpRange", "type": "string" }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named component parameter.", - "title": "Value", - "type": "array" + "Protocol": { + "markdownDescription": "The network communication protocol used by the fleet.", + "title": "Protocol", + "type": "string" + }, + "ToPort": { + "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "ToPort", + "type": "number" } }, "required": [ - "Name", - "Value" + "FromPort", + "IpRange", + "Protocol", + "ToPort" ], "type": "object" }, - "AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification": { + "AWS::GameLift::ContainerFleet.LocationCapacity": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Configures delete on termination of the associated device.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Use to configure device encryption.", - "title": "Encrypted", - "type": "boolean" + "DesiredEC2Instances": { + "markdownDescription": "", + "title": "DesiredEC2Instances", + "type": "number" }, - "Iops": { - "markdownDescription": "Use to configure device IOPS.", - "title": "Iops", + "MaxSize": { + "markdownDescription": "", + "title": "MaxSize", "type": "number" }, - "KmsKeyId": { - "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", - "title": "KmsKeyId", + "MinSize": { + "markdownDescription": "", + "title": "MinSize", + "type": "number" + } + }, + "required": [ + "DesiredEC2Instances", + "MaxSize", + "MinSize" + ], + "type": "object" + }, + "AWS::GameLift::ContainerFleet.LocationConfiguration": { + "additionalProperties": false, + "properties": { + "Location": { + "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Location", "type": "string" }, - "SnapshotId": { - "markdownDescription": "The snapshot that defines the device contents.", - "title": "SnapshotId", - "type": "string" + "LocationCapacity": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LocationCapacity", + "markdownDescription": "", + "title": "LocationCapacity" }, - "Throughput": { - "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", - "title": "Throughput", - "type": "number" + "StoppedActions": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "StoppedActions", + "type": "array" + } + }, + "required": [ + "Location" + ], + "type": "object" + }, + "AWS::GameLift::ContainerFleet.LogConfiguration": { + "additionalProperties": false, + "properties": { + "LogDestination": { + "markdownDescription": "The type of log collection to use for a fleet.\n\n- `CLOUDWATCH` -- (default value) Send logs to an Amazon CloudWatch log group that you define. Each container emits a log stream, which is organized in the log group.\n- `S3` -- Store logs in an Amazon S3 bucket that you define. This bucket must reside in the fleet's home AWS Region.\n- `NONE` -- Don't collect container logs.", + "title": "LogDestination", + "type": "string" }, - "VolumeSize": { - "markdownDescription": "Overrides the volume size of the device.", - "title": "VolumeSize", - "type": "number" + "LogGroupArn": { + "markdownDescription": "If log destination is `CLOUDWATCH` , logs are sent to the specified log group in Amazon CloudWatch.", + "title": "LogGroupArn", + "type": "string" }, - "VolumeType": { - "markdownDescription": "Overrides the volume type of the device.", - "title": "VolumeType", + "S3BucketName": { + "markdownDescription": "If log destination is `S3` , logs are sent to the specified Amazon S3 bucket name.", + "title": "S3BucketName", "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping": { + "AWS::GameLift::ContainerFleet.ScalingPolicy": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device to which these mappings apply.", - "title": "DeviceName", + "ComparisonOperator": { + "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", + "title": "ComparisonOperator", "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification", - "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", - "title": "Ebs" + "EvaluationPeriods": { + "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", + "title": "EvaluationPeriods", + "type": "number" }, - "NoDevice": { - "markdownDescription": "Enter an empty string to remove a mapping from the parent image.\n\nThe following is an example of an empty string value in the `NoDevice` field.\n\n`NoDevice:\"\"`", - "title": "NoDevice", + "MetricName": { + "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", + "title": "MetricName", "type": "string" }, - "VirtualName": { - "markdownDescription": "Manages the instance ephemeral devices.", - "title": "VirtualName", + "Name": { + "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", + "title": "Name", + "type": "string" + }, + "PolicyType": { + "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", + "title": "PolicyType", + "type": "string" + }, + "ScalingAdjustment": { + "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", + "title": "ScalingAdjustment", + "type": "number" + }, + "ScalingAdjustmentType": { + "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", + "title": "ScalingAdjustmentType", "type": "string" + }, + "TargetConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.TargetConfiguration", + "markdownDescription": "An object that contains settings for a target-based scaling policy.", + "title": "TargetConfiguration" + }, + "Threshold": { + "markdownDescription": "Metric value used to trigger a scaling event.", + "title": "Threshold", + "type": "number" } }, + "required": [ + "MetricName", + "Name" + ], "type": "object" }, - "AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent": { + "AWS::GameLift::ContainerFleet.TargetConfiguration": { "additionalProperties": false, "properties": { - "UninstallAfterBuild": { - "markdownDescription": "Controls whether the Systems Manager agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false.", - "title": "UninstallAfterBuild", - "type": "boolean" + "TargetValue": { + "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", + "title": "TargetValue", + "type": "number" } }, + "required": [ + "TargetValue" + ], "type": "object" }, - "AWS::ImageBuilder::InfrastructureConfiguration": { + "AWS::GameLift::ContainerGroupDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -118206,99 +126617,74 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the infrastructure configuration.", - "title": "Description", - "type": "string" - }, - "InstanceMetadataOptions": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions", - "markdownDescription": "The instance metadata options that you can set for the HTTP requests that pipeline builds use to launch EC2 build and test instances.", - "title": "InstanceMetadataOptions" - }, - "InstanceProfileName": { - "markdownDescription": "The instance profile to associate with the instance used to customize your Amazon EC2 AMI.", - "title": "InstanceProfileName", - "type": "string" - }, - "InstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types of the infrastructure configuration. You can specify one or more instance types to use for this build. The service will pick one of these instance types based on availability.", - "title": "InstanceTypes", - "type": "array" - }, - "KeyPair": { - "markdownDescription": "The key pair of the infrastructure configuration. You can use this to log on to and debug the instance used to create your image.", - "title": "KeyPair", + "ContainerGroupType": { + "markdownDescription": "The type of container group. Container group type determines how Amazon GameLift Servers deploys the container group on each fleet instance.", + "title": "ContainerGroupType", "type": "string" }, - "Logging": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Logging", - "markdownDescription": "The logging configuration of the infrastructure configuration.", - "title": "Logging" + "GameServerContainerDefinition": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.GameServerContainerDefinition", + "markdownDescription": "The definition for the game server container in this group. This property is used only when the container group type is `GAME_SERVER` . This container definition specifies a container image with the game server build.", + "title": "GameServerContainerDefinition" }, "Name": { - "markdownDescription": "The name of the infrastructure configuration.", + "markdownDescription": "A descriptive identifier for the container group definition. The name value is unique in an AWS Region.", "title": "Name", "type": "string" }, - "ResourceTags": { - "additionalProperties": true, - "markdownDescription": "The metadata tags to assign to the Amazon EC2 instance that Image Builder launches during the build process. Tags are formatted as key value pairs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ResourceTags", - "type": "object" + "OperatingSystem": { + "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "title": "OperatingSystem", + "type": "string" }, - "SecurityGroupIds": { + "SourceVersionNumber": { + "markdownDescription": "", + "title": "SourceVersionNumber", + "type": "number" + }, + "SupportContainerDefinitions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.SupportContainerDefinition" }, - "markdownDescription": "The security group IDs to associate with the instance used to customize your Amazon EC2 AMI.", - "title": "SecurityGroupIds", + "markdownDescription": "The set of definitions for support containers in this group. A container group definition might have zero support container definitions. Support container can be used in any type of container group.", + "title": "SupportContainerDefinitions", "type": "array" }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.\n\n> EC2 Image Builder is unable to send notifications to SNS topics that are encrypted using keys from other accounts. The key that is used to encrypt the SNS topic must reside in the account that the Image Builder service runs under.", - "title": "SnsTopicArn", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The subnet ID in which to place the instance used to customize your Amazon EC2 AMI.", - "title": "SubnetId", - "type": "string" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The metadata tags to assign to the infrastructure configuration resource that Image Builder creates as output. Tags are formatted as key value pairs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" + "type": "array" }, - "TerminateInstanceOnFailure": { - "markdownDescription": "The terminate instance on failure setting of the infrastructure configuration. Set to false if you want Image Builder to retain the instance used to configure your AMI if the build or test phase of your workflow fails.", - "title": "TerminateInstanceOnFailure", - "type": "boolean" + "TotalMemoryLimitMebibytes": { + "markdownDescription": "The amount of memory (in MiB) on a fleet instance to allocate for the container group. All containers in the group share these resources.\n\nYou can set a limit for each container definition in the group. If individual containers have limits, this total value must be greater than any individual container's memory limit.", + "title": "TotalMemoryLimitMebibytes", + "type": "number" + }, + "TotalVcpuLimit": { + "markdownDescription": "The amount of vCPU units on a fleet instance to allocate for the container group (1 vCPU is equal to 1024 CPU units). All containers in the group share these resources. You can set a limit for each container definition in the group. If individual containers have limits, this total value must be equal to or greater than the sum of the limits for each container in the group.", + "title": "TotalVcpuLimit", + "type": "number" + }, + "VersionDescription": { + "markdownDescription": "An optional description that was provided for a container group definition update. Each version can have a unique description.", + "title": "VersionDescription", + "type": "string" } }, "required": [ - "InstanceProfileName", - "Name" + "Name", + "OperatingSystem", + "TotalMemoryLimitMebibytes", + "TotalVcpuLimit" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::InfrastructureConfiguration" + "AWS::GameLift::ContainerGroupDefinition" ], "type": "string" }, @@ -118317,50 +126703,285 @@ ], "type": "object" }, - "AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions": { + "AWS::GameLift::ContainerGroupDefinition.ContainerDependency": { "additionalProperties": false, "properties": { - "HttpPutResponseHopLimit": { - "markdownDescription": "Limit the number of hops that an instance metadata request can traverse to reach its destination. The default is one hop. However, if HTTP tokens are required, container image builds need a minimum of two hops.", - "title": "HttpPutResponseHopLimit", - "type": "number" + "Condition": { + "markdownDescription": "The condition that the dependency container must reach before the dependent container can start. Valid conditions include:\n\n- START - The dependency container must have started.\n- COMPLETE - The dependency container has run to completion (exits). Use this condition with nonessential containers, such as those that run a script and then exit. The dependency container can't be an essential container.\n- SUCCESS - The dependency container has run to completion and exited with a zero status. The dependency container can't be an essential container.\n- HEALTHY - The dependency container has passed its Docker health check. Use this condition with dependency containers that have health checks configured. This condition is confirmed at container group startup only.", + "title": "Condition", + "type": "string" }, - "HttpTokens": { - "markdownDescription": "Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows:\n\n- *required* \u2013 When you retrieve the IAM role credentials, version 2.0 credentials are returned in all cases.\n- *optional* \u2013 You can include a signed token header in your request to retrieve instance metadata, or you can leave it out. If you include it, version 2.0 credentials are returned for the IAM role. Otherwise, version 1.0 credentials are returned.\n\nThe default setting is *optional* .", - "title": "HttpTokens", + "ContainerName": { + "markdownDescription": "A descriptive label for the container definition that this container depends on.", + "title": "ContainerName", "type": "string" } }, + "required": [ + "Condition", + "ContainerName" + ], "type": "object" }, - "AWS::ImageBuilder::InfrastructureConfiguration.Logging": { - "additionalProperties": false, - "properties": { - "S3Logs": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.S3Logs", - "markdownDescription": "The Amazon S3 logging configuration.", - "title": "S3Logs" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::InfrastructureConfiguration.S3Logs": { + "AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment": { "additionalProperties": false, "properties": { - "S3BucketName": { - "markdownDescription": "The S3 bucket in which to store the logs.", - "title": "S3BucketName", + "Name": { + "markdownDescription": "The environment variable name.", + "title": "Name", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "The Amazon S3 path to the bucket where the logs are stored.", - "title": "S3KeyPrefix", + "Value": { + "markdownDescription": "The environment variable value.", + "title": "Value", "type": "string" } }, + "required": [ + "Name", + "Value" + ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy": { + "AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck": { + "additionalProperties": false, + "properties": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "A string array that specifies the command that the container runs to determine if it's healthy.", + "title": "Command", + "type": "array" + }, + "Interval": { + "markdownDescription": "The time period (in seconds) between each health check.", + "title": "Interval", + "type": "number" + }, + "Retries": { + "markdownDescription": "The number of times to retry a failed health check before flagging the container unhealthy. The first run of the command does not count as a retry.", + "title": "Retries", + "type": "number" + }, + "StartPeriod": { + "markdownDescription": "The optional grace period (in seconds) to give a container time to bootstrap before the first failed health check counts toward the number of retries.", + "title": "StartPeriod", + "type": "number" + }, + "Timeout": { + "markdownDescription": "The time period (in seconds) to wait for a health check to succeed before counting a failed health check.", + "title": "Timeout", + "type": "number" + } + }, + "required": [ + "Command" + ], + "type": "object" + }, + "AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint": { + "additionalProperties": false, + "properties": { + "AccessLevel": { + "markdownDescription": "The type of access for the container.", + "title": "AccessLevel", + "type": "string" + }, + "ContainerPath": { + "markdownDescription": "The mount path on the container. If this property isn't set, the instance path is used.", + "title": "ContainerPath", + "type": "string" + }, + "InstancePath": { + "markdownDescription": "The path to the source file or directory.", + "title": "InstancePath", + "type": "string" + } + }, + "required": [ + "InstancePath" + ], + "type": "object" + }, + "AWS::GameLift::ContainerGroupDefinition.ContainerPortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "A starting value for the range of allowed port numbers.", + "title": "FromPort", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network protocol that these ports support.", + "title": "Protocol", + "type": "string" + }, + "ToPort": { + "markdownDescription": "An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "Protocol", + "ToPort" + ], + "type": "object" + }, + "AWS::GameLift::ContainerGroupDefinition.GameServerContainerDefinition": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The container definition identifier. Container names are unique within a container group definition.", + "title": "ContainerName", + "type": "string" + }, + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" + }, + "markdownDescription": "Indicates that the container relies on the status of other containers in the same container group during startup and shutdown sequences. A container might have dependencies on multiple containers.", + "title": "DependsOn", + "type": "array" + }, + "EnvironmentOverride": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" + }, + "markdownDescription": "A set of environment variables that's passed to the container on startup. See the [ContainerDefinition::environment](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-environment) parameter in the *Amazon Elastic Container Service API Reference* .", + "title": "EnvironmentOverride", + "type": "array" + }, + "ImageUri": { + "markdownDescription": "The URI to the image that Amazon GameLift Servers uses when deploying this container to a container fleet. For a more specific identifier, see `ResolvedImageDigest` .", + "title": "ImageUri", + "type": "string" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint" + }, + "markdownDescription": "A mount point that binds a path inside the container to a file or directory on the host system and lets it access the file or directory.", + "title": "MountPoints", + "type": "array" + }, + "PortConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration", + "markdownDescription": "The set of ports that are available to bind to processes in the container. For example, a game server process requires a container port to allow game clients to connect to it. Container ports aren't directly accessed by inbound traffic. Amazon GameLift Servers maps these container ports to externally accessible connection ports, which are assigned as needed from the container fleet's `ConnectionPortRange` .", + "title": "PortConfiguration" + }, + "ResolvedImageDigest": { + "markdownDescription": "A unique and immutable identifier for the container image. The digest is a SHA 256 hash of the container image manifest.", + "title": "ResolvedImageDigest", + "type": "string" + }, + "ServerSdkVersion": { + "markdownDescription": "The Amazon GameLift Servers server SDK version that the game server is integrated with. Only game servers using 5.2.0 or higher are compatible with container fleets.", + "title": "ServerSdkVersion", + "type": "string" + } + }, + "required": [ + "ContainerName", + "ImageUri", + "ServerSdkVersion" + ], + "type": "object" + }, + "AWS::GameLift::ContainerGroupDefinition.PortConfiguration": { + "additionalProperties": false, + "properties": { + "ContainerPortRanges": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerPortRange" + }, + "markdownDescription": "", + "title": "ContainerPortRanges", + "type": "array" + } + }, + "required": [ + "ContainerPortRanges" + ], + "type": "object" + }, + "AWS::GameLift::ContainerGroupDefinition.SupportContainerDefinition": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The container definition identifier. Container names are unique within a container group definition.", + "title": "ContainerName", + "type": "string" + }, + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" + }, + "markdownDescription": "Indicates that the container relies on the status of other containers in the same container group during its startup and shutdown sequences. A container might have dependencies on multiple containers.", + "title": "DependsOn", + "type": "array" + }, + "EnvironmentOverride": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" + }, + "markdownDescription": "A set of environment variables that's passed to the container on startup. See the [ContainerDefinition::environment](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-environment) parameter in the *Amazon Elastic Container Service API Reference* .", + "title": "EnvironmentOverride", + "type": "array" + }, + "Essential": { + "markdownDescription": "Indicates whether the container is vital to the container group. If an essential container fails, the entire container group restarts.", + "title": "Essential", + "type": "boolean" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck", + "markdownDescription": "A configuration for a non-terminal health check. A support container automatically restarts if it stops functioning or if it fails this health check.", + "title": "HealthCheck" + }, + "ImageUri": { + "markdownDescription": "The URI to the image that Amazon GameLift Servers deploys to a container fleet. For a more specific identifier, see `ResolvedImageDigest` .", + "title": "ImageUri", + "type": "string" + }, + "MemoryHardLimitMebibytes": { + "markdownDescription": "The amount of memory that Amazon GameLift Servers makes available to the container. If memory limits aren't set for an individual container, the container shares the container group's total memory allocation.\n\n*Related data type:* [ContainerGroupDefinition TotalMemoryLimitMebibytes](https://docs.aws.amazon.com/gamelift/latest/apireference/API_ContainerGroupDefinition.html)", + "title": "MemoryHardLimitMebibytes", + "type": "number" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint" + }, + "markdownDescription": "A mount point that binds a path inside the container to a file or directory on the host system and lets it access the file or directory.", + "title": "MountPoints", + "type": "array" + }, + "PortConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration", + "markdownDescription": "A set of ports that allow access to the container from external users. Processes running in the container can bind to a one of these ports. Container ports aren't directly accessed by inbound traffic. Amazon GameLift Servers maps these container ports to externally accessible connection ports, which are assigned as needed from the container fleet's `ConnectionPortRange` .", + "title": "PortConfiguration" + }, + "ResolvedImageDigest": { + "markdownDescription": "A unique and immutable identifier for the container image. The digest is a SHA 256 hash of the container image manifest.", + "title": "ResolvedImageDigest", + "type": "string" + }, + "Vcpu": { + "markdownDescription": "The number of vCPU units that are reserved for the container. If no resources are reserved, the container shares the total vCPU limit for the container group.\n\n*Related data type:* [ContainerGroupDefinition TotalVcpuLimit](https://docs.aws.amazon.com/gamelift/latest/apireference/API_ContainerGroupDefinition.html)", + "title": "Vcpu", + "type": "number" + } + }, + "required": [ + "ContainerName", + "ImageUri" + ], + "type": "object" + }, + "AWS::GameLift::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -118395,68 +127016,140 @@ "Properties": { "additionalProperties": false, "properties": { + "AnywhereConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.AnywhereConfiguration", + "markdownDescription": "Amazon GameLift Servers Anywhere configuration options.", + "title": "AnywhereConfiguration" + }, + "ApplyCapacity": { + "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", + "title": "ApplyCapacity", + "type": "string" + }, + "BuildId": { + "markdownDescription": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a `READY` status. This fleet setting cannot be changed once the fleet is created.", + "title": "BuildId", + "type": "string" + }, + "CertificateConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.CertificateConfiguration", + "markdownDescription": "Prompts Amazon GameLift Servers to generate a TLS/SSL certificate for the fleet. Amazon GameLift Servers uses the certificates to encrypt traffic between game clients and the game servers running on Amazon GameLift Servers. By default, the `CertificateConfiguration` is `DISABLED` . You can't change this property after you create the fleet.\n\nAWS Certificate Manager (ACM) certificates expire after 13 months. Certificate expiration can cause fleets to fail, preventing players from connecting to instances in the fleet. We recommend you replace fleets before 13 months, consider using fleet aliases for a smooth transition.\n\n> ACM isn't available in all AWS regions. A fleet creation request with certificate generation enabled in an unsupported Region, fails with a 4xx error. For more information about the supported Regions, see [Supported Regions](https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateConfiguration" + }, + "ComputeType": { + "markdownDescription": "The type of compute resource used to host your game servers.\n\n- `EC2` \u2013 The game server build is deployed to Amazon EC2 instances for cloud hosting. This is the default setting.\n- `ANYWHERE` \u2013 Game servers and supporting software are deployed to compute resources that you provide and manage. With this compute type, you can also set the `AnywhereConfiguration` parameter.", + "title": "ComputeType", + "type": "string" + }, "Description": { - "markdownDescription": "Optional description for the lifecycle policy.", + "markdownDescription": "A description for the fleet.", "title": "Description", "type": "string" }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to run lifecycle actions.", - "title": "ExecutionRole", + "EC2InboundPermissions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.IpPermission" + }, + "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet. Set this parameter for managed EC2 fleets. You can leave this parameter empty when creating the fleet, but you must call [](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings) to set it before players can connect to game sessions. As a best practice, we recommend opening ports for remote access only when you need them and closing them when you're finished. For Amazon GameLift Servers Realtime fleets, Amazon GameLift Servers automatically sets TCP and UDP ranges.", + "title": "EC2InboundPermissions", + "type": "array" + }, + "EC2InstanceType": { + "markdownDescription": "The Amazon GameLift Servers-supported Amazon EC2 instance type to use with managed EC2 fleets. Instance type determines the computing resources that will be used to host your game servers, including CPU, memory, storage, and networking capacity. See [Amazon Elastic Compute Cloud Instance Types](https://docs.aws.amazon.com/ec2/instance-types/) for detailed descriptions of Amazon EC2 instance types.", + "title": "EC2InstanceType", "type": "string" }, - "Name": { - "markdownDescription": "The name of the lifecycle policy to create.", - "title": "Name", + "FleetType": { + "markdownDescription": "Indicates whether to use On-Demand or Spot instances for this fleet. By default, this property is set to `ON_DEMAND` . Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . This fleet property can't be changed after the fleet is created.", + "title": "FleetType", "type": "string" }, - "PolicyDetails": { + "InstanceRoleARN": { + "markdownDescription": "A unique identifier for an IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN by using the [IAM dashboard](https://docs.aws.amazon.com/iam/) in the AWS Management Console . Learn more about using on-box credentials for your game servers at [Access external resources from a game server](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", + "title": "InstanceRoleARN", + "type": "string" + }, + "InstanceRoleCredentialsProvider": { + "markdownDescription": "Indicates that fleet instances maintain a shared credentials file for the IAM role defined in `InstanceRoleArn` . Shared credentials allow applications that are deployed with the game server executable to communicate with other AWS resources. This property is used only when the game server is integrated with the server SDK version 5.x. For more information about using shared credentials, see [Communicate with other AWS resources from your fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", + "title": "InstanceRoleCredentialsProvider", + "type": "string" + }, + "Locations": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.PolicyDetail" + "$ref": "#/definitions/AWS::GameLift::Fleet.LocationConfiguration" }, - "markdownDescription": "Configuration details for the lifecycle policy rules.", - "title": "PolicyDetails", + "markdownDescription": "A set of remote locations to deploy additional instances to and manage as a multi-location fleet. Use this parameter when creating a fleet in AWS Regions that support multiple locations. You can add any AWS Region or Local Zone that's supported by Amazon GameLift Servers. Provide a list of one or more AWS Region codes, such as `us-west-2` , or Local Zone names. When using this parameter, Amazon GameLift Servers requires you to include your home location in the request. For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Locations", "type": "array" }, - "ResourceSelection": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ResourceSelection", - "markdownDescription": "Selection criteria for the resources that the lifecycle policy applies to.", - "title": "ResourceSelection" + "MetricGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. A metric group is used to aggregate the metrics for multiple fleets. You can specify an existing metric group name or set a new name to create a new metric group. A fleet can be included in only one metric group at a time.", + "title": "MetricGroups", + "type": "array" }, - "ResourceType": { - "markdownDescription": "The type of Image Builder resource that the lifecycle policy applies to.", - "title": "ResourceType", + "Name": { + "markdownDescription": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique.", + "title": "Name", "type": "string" }, - "Status": { - "markdownDescription": "Indicates whether the lifecycle policy resource is enabled.", - "title": "Status", + "NewGameSessionProtectionPolicy": { + "markdownDescription": "The status of termination protection for active game sessions on the fleet. By default, this property is set to `NoProtection` .\n\n- *NoProtection* - Game sessions can be terminated during active gameplay as a result of a scale-down event.\n- *FullProtection* - Game sessions in `ACTIVE` status cannot be terminated during a scale-down event.", + "title": "NewGameSessionProtectionPolicy", + "type": "string" + }, + "PeerVpcAwsAccountId": { + "markdownDescription": "Used when peering your Amazon GameLift Servers fleet with a VPC, the unique identifier for the AWS account that owns the VPC. You can find your account ID in the AWS Management Console under account settings.", + "title": "PeerVpcAwsAccountId", + "type": "string" + }, + "PeerVpcId": { + "markdownDescription": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift Servers fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the [VPC Dashboard](https://docs.aws.amazon.com/vpc/) in the AWS Management Console . Learn more about VPC peering in [VPC Peering with Amazon GameLift Servers Fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/vpc-peering.html) .", + "title": "PeerVpcId", + "type": "string" + }, + "ResourceCreationLimitPolicy": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", + "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", + "title": "ResourceCreationLimitPolicy" + }, + "RuntimeConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.RuntimeConfiguration", + "markdownDescription": "Instructions for how to launch and maintain server processes on instances in the fleet. The runtime configuration defines one or more server process configurations, each identifying a build executable or Realtime script file and the number of processes of that type to run concurrently.\n\n> The `RuntimeConfiguration` parameter is required unless the fleet is being configured using the older parameters `ServerLaunchPath` and `ServerLaunchParameters` , which are still supported for backward compatibility.", + "title": "RuntimeConfiguration" + }, + "ScalingPolicies": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ScalingPolicy" + }, + "markdownDescription": "Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.", + "title": "ScalingPolicies", + "type": "array" + }, + "ScriptId": { + "markdownDescription": "The unique identifier for a Realtime configuration script to be deployed on fleet instances. You can use either the script ID or ARN. Scripts must be uploaded to Amazon GameLift Servers prior to creating the fleet. This fleet property cannot be changed later.\n\n> You can't use the `!Ref` command to reference a script created with a CloudFormation template for the fleet property `ScriptId` . Instead, use `Fn::GetAtt Script.Arn` or `Fn::GetAtt Script.Id` to retrieve either of these properties as input for `ScriptId` . Alternatively, enter a `ScriptId` string manually.", + "title": "ScriptId", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags to apply to the lifecycle policy resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "ExecutionRole", - "Name", - "PolicyDetails", - "ResourceSelection", - "ResourceType" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::LifecyclePolicy" + "AWS::GameLift::Fleet" ], "type": "string" }, @@ -118475,232 +127168,261 @@ ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.Action": { + "AWS::GameLift::Fleet.AnywhereConfiguration": { "additionalProperties": false, "properties": { - "IncludeResources": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.IncludeResources", - "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", - "title": "IncludeResources" - }, - "Type": { - "markdownDescription": "Specifies the lifecycle action to take.", - "title": "Type", + "Cost": { + "markdownDescription": "The cost to run your fleet per hour. Amazon GameLift Servers uses the provided cost of your fleet to balance usage in queues. For more information about queues, see [Setting up queues](https://docs.aws.amazon.com/gamelift/latest/developerguide/queues-intro.html) in the *Amazon GameLift Servers Developer Guide* .", + "title": "Cost", "type": "string" } }, "required": [ - "Type" + "Cost" ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules": { + "AWS::GameLift::Fleet.CertificateConfiguration": { "additionalProperties": false, "properties": { - "IsPublic": { - "markdownDescription": "Configures whether public AMIs are excluded from the lifecycle action.", - "title": "IsPublic", - "type": "boolean" - }, - "LastLaunched": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.LastLaunched", - "markdownDescription": "Specifies configuration details for Image Builder to exclude the most recent resources from lifecycle actions.", - "title": "LastLaunched" - }, - "Regions": { - "items": { - "type": "string" - }, - "markdownDescription": "Configures AWS Region s that are excluded from the lifecycle action.", - "title": "Regions", - "type": "array" - }, - "SharedAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies AWS account s whose resources are excluded from the lifecycle action.", - "title": "SharedAccounts", - "type": "array" - }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "Lists tags that should be excluded from lifecycle actions for the AMIs that have them.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TagMap", - "type": "object" + "CertificateType": { + "markdownDescription": "Indicates whether a TLS/SSL certificate is generated for a fleet.\n\nValid values include:\n\n- *GENERATED* - Generate a TLS/SSL certificate for this fleet.\n- *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet.", + "title": "CertificateType", + "type": "string" } }, + "required": [ + "CertificateType" + ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.ExclusionRules": { + "AWS::GameLift::Fleet.IpPermission": { "additionalProperties": false, "properties": { - "Amis": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules", - "markdownDescription": "Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action.", - "title": "Amis" + "FromPort": { + "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "FromPort", + "type": "number" }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "Contains a list of tags that Image Builder uses to skip lifecycle actions for Image Builder image resources that have them.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TagMap", - "type": "object" + "IpRange": { + "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", + "title": "IpRange", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The network communication protocol used by the fleet.", + "title": "Protocol", + "type": "string" + }, + "ToPort": { + "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "ToPort", + "type": "number" } }, + "required": [ + "FromPort", + "IpRange", + "Protocol", + "ToPort" + ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.Filter": { + "AWS::GameLift::Fleet.LocationCapacity": { "additionalProperties": false, "properties": { - "RetainAtLeast": { - "markdownDescription": "For age-based filters, this is the number of resources to keep on hand after the lifecycle `DELETE` action is applied. Impacted resources are only deleted if you have more than this number of resources. If you have fewer resources than this number, the impacted resource is not deleted.", - "title": "RetainAtLeast", + "DesiredEC2Instances": { + "markdownDescription": "The number of Amazon EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. Changes in desired instance value can take up to 1 minute to be reflected when viewing the fleet's capacity settings.", + "title": "DesiredEC2Instances", "type": "number" }, - "Type": { - "markdownDescription": "Filter resources based on either `age` or `count` .", - "title": "Type", - "type": "string" - }, - "Unit": { - "markdownDescription": "Defines the unit of time that the lifecycle policy uses to determine impacted resources. This is required for age-based rules.", - "title": "Unit", - "type": "string" + "MaxSize": { + "markdownDescription": "The maximum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 1.", + "title": "MaxSize", + "type": "number" }, - "Value": { - "markdownDescription": "The number of units for the time period or for the count. For example, a value of `6` might refer to six months or six AMIs.\n\n> For count-based filters, this value represents the minimum number of resources to keep on hand. If you have fewer resources than this number, the resource is excluded from lifecycle actions.", - "title": "Value", + "MinSize": { + "markdownDescription": "The minimum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 0.", + "title": "MinSize", "type": "number" } }, "required": [ - "Type", - "Value" + "DesiredEC2Instances", + "MaxSize", + "MinSize" ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.IncludeResources": { + "AWS::GameLift::Fleet.LocationConfiguration": { "additionalProperties": false, "properties": { - "Amis": { - "markdownDescription": "Specifies whether the lifecycle action should apply to distributed AMIs.", - "title": "Amis", - "type": "boolean" - }, - "Containers": { - "markdownDescription": "Specifies whether the lifecycle action should apply to distributed containers.", - "title": "Containers", - "type": "boolean" + "Location": { + "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Location", + "type": "string" }, - "Snapshots": { - "markdownDescription": "Specifies whether the lifecycle action should apply to snapshots associated with distributed AMIs.", - "title": "Snapshots", - "type": "boolean" + "LocationCapacity": { + "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", + "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", + "title": "LocationCapacity" } }, + "required": [ + "Location" + ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.LastLaunched": { + "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "Defines the unit of time that the lifecycle policy uses to calculate elapsed time since the last instance launched from the AMI. For example: days, weeks, months, or years.", - "title": "Unit", - "type": "string" + "NewGameSessionsPerCreator": { + "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy is evaluated when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", + "title": "NewGameSessionsPerCreator", + "type": "number" }, - "Value": { - "markdownDescription": "The integer number of units for the time period. For example `6` (months).", - "title": "Value", + "PolicyPeriodInMinutes": { + "markdownDescription": "The time span used in evaluating the resource creation limit policy.", + "title": "PolicyPeriodInMinutes", "type": "number" } }, - "required": [ - "Unit", - "Value" - ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.PolicyDetail": { + "AWS::GameLift::Fleet.RuntimeConfiguration": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Action", - "markdownDescription": "Configuration details for the policy action.", - "title": "Action" + "GameSessionActivationTimeoutSeconds": { + "markdownDescription": "The maximum amount of time (in seconds) allowed to launch a new game session and have it report ready to host players. During this time, the game session is in status `ACTIVATING` . If the game session does not become active before the timeout, it is ended and the game session status is changed to `TERMINATED` .", + "title": "GameSessionActivationTimeoutSeconds", + "type": "number" }, - "ExclusionRules": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ExclusionRules", - "markdownDescription": "Additional rules to specify resources that should be exempt from policy actions.", - "title": "ExclusionRules" + "MaxConcurrentGameSessionActivations": { + "markdownDescription": "The number of game sessions in status `ACTIVATING` to allow on an instance or compute. This setting limits the instance resources that can be used for new game activations at any one time.", + "title": "MaxConcurrentGameSessionActivations", + "type": "number" }, - "Filter": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Filter", - "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", - "title": "Filter" + "ServerProcesses": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ServerProcess" + }, + "markdownDescription": "A collection of server process configurations that identify what server processes to run on fleet computes.", + "title": "ServerProcesses", + "type": "array" } }, - "required": [ - "Action", - "Filter" - ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.RecipeSelection": { + "AWS::GameLift::Fleet.ScalingPolicy": { "additionalProperties": false, "properties": { + "ComparisonOperator": { + "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", + "title": "ComparisonOperator", + "type": "string" + }, + "EvaluationPeriods": { + "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", + "title": "EvaluationPeriods", + "type": "number" + }, + "Location": { + "markdownDescription": "The fleet location.", + "title": "Location", + "type": "string" + }, + "MetricName": { + "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", + "title": "MetricName", + "type": "string" + }, "Name": { - "markdownDescription": "The name of an Image Builder recipe that the lifecycle policy uses for resource selection.", + "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", "title": "Name", "type": "string" }, - "SemanticVersion": { - "markdownDescription": "The version of the Image Builder recipe specified by the `name` field.", - "title": "SemanticVersion", + "PolicyType": { + "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", + "title": "PolicyType", + "type": "string" + }, + "ScalingAdjustment": { + "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", + "title": "ScalingAdjustment", + "type": "number" + }, + "ScalingAdjustmentType": { + "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", + "title": "ScalingAdjustmentType", + "type": "string" + }, + "Status": { + "markdownDescription": "Current status of the scaling policy. The scaling policy can be in force only when in an `ACTIVE` status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.\n\n- *ACTIVE* -- The scaling policy can be used for auto-scaling a fleet.\n- *UPDATE_REQUESTED* -- A request to update the scaling policy has been received.\n- *UPDATING* -- A change is being made to the scaling policy.\n- *DELETE_REQUESTED* -- A request to delete the scaling policy has been received.\n- *DELETING* -- The scaling policy is being deleted.\n- *DELETED* -- The scaling policy has been deleted.\n- *ERROR* -- An error occurred in creating the policy. It should be removed and recreated.", + "title": "Status", + "type": "string" + }, + "TargetConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.TargetConfiguration", + "markdownDescription": "An object that contains settings for a target-based scaling policy.", + "title": "TargetConfiguration" + }, + "Threshold": { + "markdownDescription": "Metric value used to trigger a scaling event.", + "title": "Threshold", + "type": "number" + }, + "UpdateStatus": { + "markdownDescription": "The current status of the fleet's scaling policies in a requested fleet location. The status `PENDING_UPDATE` indicates that an update was requested for the fleet but has not yet been completed for the location.", + "title": "UpdateStatus", "type": "string" } }, "required": [ - "Name", - "SemanticVersion" + "MetricName", + "Name" ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.ResourceSelection": { + "AWS::GameLift::Fleet.ServerProcess": { "additionalProperties": false, "properties": { - "Recipes": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.RecipeSelection" - }, - "markdownDescription": "A list of recipes that are used as selection criteria for the output images that the lifecycle policy applies to.", - "title": "Recipes", - "type": "array" + "ConcurrentExecutions": { + "markdownDescription": "The number of server processes using this configuration that run concurrently on each instance or compute.", + "title": "ConcurrentExecutions", + "type": "number" }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "A list of tags that are used as selection criteria for the Image Builder image resources that the lifecycle policy applies to.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TagMap", - "type": "object" + "LaunchPath": { + "markdownDescription": "The location of a game build executable or Realtime script. Game builds and Realtime scripts are installed on instances at the root:\n\n- Windows (custom game builds only): `C:\\game` . Example: \" `C:\\game\\MyGame\\server.exe` \"\n- Linux: `/local/game` . Examples: \" `/local/game/MyGame/server.exe` \" or \" `/local/game/MyRealtimeScript.js` \"\n\n> Amazon GameLift Servers doesn't support the use of setup scripts that launch the game executable. For custom game builds, this parameter must indicate the executable that calls the server SDK operations `initSDK()` and `ProcessReady()` .", + "title": "LaunchPath", + "type": "string" + }, + "Parameters": { + "markdownDescription": "An optional list of parameters to pass to the server executable or Realtime script on launch.\n\nLength Constraints: Minimum length of 1. Maximum length of 1024.\n\nPattern: [A-Za-z0-9_:.+\\/\\\\\\- =@{},?'\\[\\]\"]+", + "title": "Parameters", + "type": "string" + } + }, + "required": [ + "ConcurrentExecutions", + "LaunchPath" + ], + "type": "object" + }, + "AWS::GameLift::Fleet.TargetConfiguration": { + "additionalProperties": false, + "properties": { + "TargetValue": { + "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", + "title": "TargetValue", + "type": "number" } }, + "required": [ + "TargetValue" + ], "type": "object" }, - "AWS::ImageBuilder::Workflow": { + "AWS::GameLift::GameServerGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -118735,68 +127457,86 @@ "Properties": { "additionalProperties": false, "properties": { - "ChangeDescription": { - "markdownDescription": "Describes what change has been made in this version of the workflow, or what makes this version different from other versions of the workflow.", - "title": "ChangeDescription", - "type": "string" + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.AutoScalingPolicy", + "markdownDescription": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. The scaling policy uses the metric `\"PercentUtilizedGameServers\"` to maintain a buffer of idle game servers that can immediately accommodate new games and players. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "AutoScalingPolicy" }, - "Data": { - "markdownDescription": "Contains the UTF-8 encoded YAML document content for the workflow. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", - "title": "Data", + "BalancingStrategy": { + "markdownDescription": "Indicates how Amazon GameLift Servers FleetIQ balances the use of Spot Instances and On-Demand Instances in the game server group. Method options include the following:\n\n- `SPOT_ONLY` - Only Spot Instances are used in the game server group. If Spot Instances are unavailable or not viable for game hosting, the game server group provides no hosting capacity until Spot Instances can again be used. Until then, no new instances are started, and the existing nonviable Spot Instances are terminated (after current gameplay ends) and are not replaced.\n- `SPOT_PREFERRED` - (default value) Spot Instances are used whenever available in the game server group. If Spot Instances are unavailable, the game server group continues to provide hosting capacity by falling back to On-Demand Instances. Existing nonviable Spot Instances are terminated (after current gameplay ends) and are replaced with new On-Demand Instances.\n- `ON_DEMAND_ONLY` - Only On-Demand Instances are used in the game server group. No Spot Instances are used, even when available, while this balancing strategy is in force.", + "title": "BalancingStrategy", "type": "string" }, - "Description": { - "markdownDescription": "Describes the workflow.", - "title": "Description", + "DeleteOption": { + "markdownDescription": "The type of delete to perform. To delete a game server group, specify the `DeleteOption` . Options include the following:\n\n- `SAFE_DELETE` \u2013 (default) Terminates the game server group and Amazon EC2 Auto Scaling group only when it has no game servers that are in `UTILIZED` status.\n- `FORCE_DELETE` \u2013 Terminates the game server group, including all active game servers regardless of their utilization status, and the Amazon EC2 Auto Scaling group.\n- `RETAIN` \u2013 Does a safe delete of the game server group but retains the Amazon EC2 Auto Scaling group as is.", + "title": "DeleteOption", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key that is used to encrypt this workflow resource.", - "title": "KmsKeyId", + "GameServerGroupName": { + "markdownDescription": "A developer-defined identifier for the game server group. The name is unique for each Region in each AWS account.", + "title": "GameServerGroupName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the workflow to create.", - "title": "Name", + "GameServerProtectionPolicy": { + "markdownDescription": "A flag that indicates whether instances in the game server group are protected from early termination. Unprotected instances that have active game servers running might be terminated during a scale-down event, causing players to be dropped from the game. Protected instances cannot be terminated while there are active game servers running except in the event of a forced game server group deletion (see ). An exception to this is with Spot Instances, which can be terminated by AWS regardless of protection status.", + "title": "GameServerProtectionPolicy", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags that apply to the workflow resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "InstanceDefinitions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.InstanceDefinition" }, - "title": "Tags", - "type": "object" + "markdownDescription": "The set of Amazon EC2 instance types that Amazon GameLift Servers FleetIQ can use when balancing and automatically scaling instances in the corresponding Auto Scaling group.", + "title": "InstanceDefinitions", + "type": "array" }, - "Type": { - "markdownDescription": "The phase in the image build process for which the workflow resource is responsible.", - "title": "Type", - "type": "string" + "LaunchTemplate": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.LaunchTemplate", + "markdownDescription": "The Amazon EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. You can specify the template using either the template name or ID. For help with creating a launch template, see [Creating a Launch Template for an Auto Scaling Group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.\n\n> If you specify network interfaces in your launch template, you must explicitly set the property `AssociatePublicIpAddress` to \"true\". If no network interface is specified in the launch template, Amazon GameLift Servers FleetIQ uses your account's default VPC.", + "title": "LaunchTemplate" }, - "Uri": { - "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", - "title": "Uri", - "type": "string" + "MaxSize": { + "markdownDescription": "The maximum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and EC2 do not scale up the group above this maximum. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "MaxSize", + "type": "number" }, - "Version": { - "markdownDescription": "The semantic version of this workflow resource. The semantic version syntax adheres to the following rules.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.", - "title": "Version", + "MinSize": { + "markdownDescription": "The minimum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and Amazon EC2 do not scale down the group below this minimum. In production, this value should be set to at least 1. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "MinSize", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access your Amazon EC2 Auto Scaling groups.", + "title": "RoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of labels to assign to the new game server group resource. Tags are developer-defined key-value pairs. Tagging AWS resources is useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags, respectively. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "title": "Tags", + "type": "array" + }, + "VpcSubnets": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. By default, all Amazon GameLift Servers FleetIQ-supported Availability Zones are used. You can use this parameter to specify VPCs that you've set up. This property cannot be updated after the game server group is created, and the corresponding Auto Scaling group will always use the property value that is set with this request, even if the Auto Scaling group is updated directly.", + "title": "VpcSubnets", + "type": "array" } }, "required": [ - "Name", - "Type", - "Version" + "GameServerGroupName", + "InstanceDefinitions", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Workflow" + "AWS::GameLift::GameServerGroup" ], "type": "string" }, @@ -118815,75 +127555,80 @@ ], "type": "object" }, - "AWS::Inspector::AssessmentTarget": { + "AWS::GameLift::GameServerGroup.AutoScalingPolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "EstimatedInstanceWarmup": { + "markdownDescription": "Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift Servers FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances.", + "title": "EstimatedInstanceWarmup", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetTrackingConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.TargetTrackingConfiguration", + "markdownDescription": "Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value.", + "title": "TargetTrackingConfiguration" + } + }, + "required": [ + "TargetTrackingConfiguration" + ], + "type": "object" + }, + "AWS::GameLift::GameServerGroup.InstanceDefinition": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type designation.", + "title": "InstanceType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssessmentTargetName": { - "markdownDescription": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", - "title": "AssessmentTargetName", - "type": "string" - }, - "ResourceGroupArn": { - "markdownDescription": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target.", - "title": "ResourceGroupArn", - "type": "string" - } - }, - "type": "object" + "WeightedCapacity": { + "markdownDescription": "Instance weighting that indicates how much this instance type contributes to the total capacity of a game server group. Instance weights are used by Amazon GameLift Servers FleetIQ to calculate the instance type's cost per unit hour and better identify the most cost-effective options. For detailed information on weighting instance capacity, see [Instance Weighting](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-weighting.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . Default value is \"1\".", + "title": "WeightedCapacity", + "type": "string" + } + }, + "required": [ + "InstanceType" + ], + "type": "object" + }, + "AWS::GameLift::GameServerGroup.LaunchTemplate": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "A unique identifier for an existing Amazon EC2 launch template.", + "title": "LaunchTemplateId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Inspector::AssessmentTarget" - ], + "LaunchTemplateName": { + "markdownDescription": "A readable identifier for an existing Amazon EC2 launch template.", + "title": "LaunchTemplateName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Version": { + "markdownDescription": "The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created.", + "title": "Version", "type": "string" } }, + "type": "object" + }, + "AWS::GameLift::GameServerGroup.TargetTrackingConfiguration": { + "additionalProperties": false, + "properties": { + "TargetValue": { + "markdownDescription": "Desired value to use with a game server group target-based scaling policy.", + "title": "TargetValue", + "type": "number" + } + }, "required": [ - "Type" + "TargetValue" ], "type": "object" }, - "AWS::Inspector::AssessmentTemplate": { + "AWS::GameLift::GameSessionQueue": { "additionalProperties": false, "properties": { "Condition": { @@ -118918,48 +127663,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AssessmentTargetArn": { - "markdownDescription": "The ARN of the assessment target to be included in the assessment template.", - "title": "AssessmentTargetArn", + "CustomEventData": { + "markdownDescription": "Information to be added to all events that are related to this game session queue.", + "title": "CustomEventData", "type": "string" }, - "AssessmentTemplateName": { - "markdownDescription": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.", - "title": "AssessmentTemplateName", + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.GameSessionQueueDestination" + }, + "markdownDescription": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue. Destinations are identified by either a fleet ARN or a fleet alias ARN, and are listed in order of placement preference.", + "title": "Destinations", + "type": "array" + }, + "FilterConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.FilterConfiguration", + "markdownDescription": "A list of locations where a queue is allowed to place new game sessions. Locations are specified in the form of AWS Region codes, such as `us-west-2` . If this parameter is not set, game sessions can be placed in any queue location.", + "title": "FilterConfiguration" + }, + "Name": { + "markdownDescription": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region.", + "title": "Name", "type": "string" }, - "DurationInSeconds": { - "markdownDescription": "The duration of the assessment run in seconds.", - "title": "DurationInSeconds", - "type": "number" + "NotificationTarget": { + "markdownDescription": "An SNS topic ARN that is set up to receive game session placement notifications. See [Setting up notifications for game session placement](https://docs.aws.amazon.com/gamelift/latest/developerguide/queue-notification.html) .", + "title": "NotificationTarget", + "type": "string" }, - "RulesPackageArns": { + "PlayerLatencyPolicies": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy" }, - "markdownDescription": "The ARNs of the rules packages that you want to use in the assessment template.", - "title": "RulesPackageArns", + "markdownDescription": "A set of policies that enforce a sliding cap on player latency when processing game sessions placement requests. Use multiple policies to gradually relax the cap over time if Amazon GameLift Servers can't make a placement. Policies are evaluated in order starting with the lowest maximum latency value.", + "title": "PlayerLatencyPolicies", "type": "array" }, - "UserAttributesForFindings": { + "PriorityConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PriorityConfiguration", + "markdownDescription": "Custom settings to use when prioritizing destinations and locations for game session placements. This configuration replaces the FleetIQ default prioritization process. Priority types that are not explicitly named will be automatically applied at the end of the prioritization process.", + "title": "PriorityConfiguration" + }, + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.", - "title": "UserAttributesForFindings", + "markdownDescription": "A list of labels to assign to the new game session queue resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "title": "Tags", "type": "array" + }, + "TimeoutInSeconds": { + "markdownDescription": "The maximum time, in seconds, that a new game session placement request remains in the queue. When a request exceeds this time, the game session placement changes to a `TIMED_OUT` status. If you don't specify a request timeout, the queue uses a default value.", + "title": "TimeoutInSeconds", + "type": "number" } }, "required": [ - "AssessmentTargetArn", - "DurationInSeconds", - "RulesPackageArns" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Inspector::AssessmentTemplate" + "AWS::GameLift::GameSessionQueue" ], "type": "string" }, @@ -118978,7 +127744,70 @@ ], "type": "object" }, - "AWS::Inspector::ResourceGroup": { + "AWS::GameLift::GameSessionQueue.FilterConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` .", + "title": "AllowedLocations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GameLift::GameSessionQueue.GameSessionQueueDestination": { + "additionalProperties": false, + "properties": { + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions.", + "title": "DestinationArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy": { + "additionalProperties": false, + "properties": { + "MaximumIndividualPlayerLatencyMilliseconds": { + "markdownDescription": "The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property.", + "title": "MaximumIndividualPlayerLatencyMilliseconds", + "type": "number" + }, + "PolicyDurationSeconds": { + "markdownDescription": "The length of time, in seconds, that the policy is enforced while placing a new game session. A null value for this property means that the policy is enforced until the queue times out.", + "title": "PolicyDurationSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GameLift::GameSessionQueue.PriorityConfiguration": { + "additionalProperties": false, + "properties": { + "LocationOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations can include AWS Region codes (such as `us-west-2` ), local zones, and custom locations (for Anywhere fleets). Each location must be listed only once. For details, see [Amazon GameLift Servers service locations.](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html)", + "title": "LocationOrder", + "type": "array" + }, + "PriorityOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "A custom sequence to use when prioritizing where to place new game sessions. Each priority type is listed once.\n\n- `LATENCY` -- Amazon GameLift Servers prioritizes locations where the average player latency is lowest. Player latency data is provided in each game session placement request.\n- `COST` -- Amazon GameLift Servers prioritizes queue destinations with the lowest current hosting costs. Cost is evaluated based on the destination's location, instance type, and fleet type (Spot or On-Demand).\n- `DESTINATION` -- Amazon GameLift Servers prioritizes based on the list order of destinations in the queue configuration.\n- `LOCATION` -- Amazon GameLift Servers prioritizes based on the provided order of locations, as defined in `LocationOrder` .", + "title": "PriorityOrder", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GameLift::Location": { "additionalProperties": false, "properties": { "Condition": { @@ -119013,23 +127842,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceGroupTags": { + "LocationName": { + "markdownDescription": "A descriptive name for the custom location.", + "title": "LocationName", + "type": "string" + }, + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "ResourceGroupTags", + "markdownDescription": "A list of labels to assign to the new resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Rareference* .", + "title": "Tags", "type": "array" } }, "required": [ - "ResourceGroupTags" + "LocationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Inspector::ResourceGroup" + "AWS::GameLift::Location" ], "type": "string" }, @@ -119048,7 +127882,7 @@ ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration": { + "AWS::GameLift::MatchmakingConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -119083,43 +127917,112 @@ "Properties": { "additionalProperties": false, "properties": { - "ScanName": { - "markdownDescription": "The name of the CIS scan configuration.", - "title": "ScanName", - "type": "string" + "AcceptanceRequired": { + "markdownDescription": "A flag that determines whether a match that was created with this configuration must be accepted by the matched players. To require acceptance, set to `TRUE` . With this option enabled, matchmaking tickets use the status `REQUIRES_ACCEPTANCE` to indicate when a completed potential match is waiting for player acceptance.", + "title": "AcceptanceRequired", + "type": "boolean" }, - "Schedule": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Schedule", - "markdownDescription": "The CIS scan configuration's schedule.", - "title": "Schedule" + "AcceptanceTimeoutSeconds": { + "markdownDescription": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.", + "title": "AcceptanceTimeoutSeconds", + "type": "number" }, - "SecurityLevel": { - "markdownDescription": "The CIS scan configuration's CIS Benchmark level.", - "title": "SecurityLevel", + "AdditionalPlayerCount": { + "markdownDescription": "The number of player slots in a match to keep open for future players. For example, if the configuration's rule set specifies a match for a single 12-person team, and the additional player count is set to 2, only 10 players are selected for the match. This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "AdditionalPlayerCount", + "type": "number" + }, + "BackfillMode": { + "markdownDescription": "The method used to backfill game sessions that are created with this matchmaking configuration. Specify `MANUAL` when your game manages backfill requests manually or does not use the match backfill feature. Specify `AUTOMATIC` to have GameLift create a `StartMatchBackfill` request whenever a game session has one or more open slots. Learn more about manual and automatic backfill in [Backfill Existing Games with FlexMatch](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-backfill.html) . Automatic backfill is not available when `FlexMatchMode` is set to `STANDALONE` .", + "title": "BackfillMode", + "type": "string" + }, + "CreationTime": { + "markdownDescription": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example `\"1469498468.057\"` ).", + "title": "CreationTime", + "type": "string" + }, + "CustomEventData": { + "markdownDescription": "Information to add to all events related to the matchmaking configuration.", + "title": "CustomEventData", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the matchmaking configuration.", + "title": "Description", + "type": "string" + }, + "FlexMatchMode": { + "markdownDescription": "Indicates whether this matchmaking configuration is being used with Amazon GameLift Servers hosting or as a standalone matchmaking solution.\n\n- *STANDALONE* - FlexMatch forms matches and returns match information, including players and team assignments, in a [MatchmakingSucceeded](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-events.html#match-events-matchmakingsucceeded) event.\n- *WITH_QUEUE* - FlexMatch forms matches and uses the specified Amazon GameLift Servers queue to start a game session for the match.", + "title": "FlexMatchMode", + "type": "string" + }, + "GameProperties": { + "items": { + "$ref": "#/definitions/AWS::GameLift::MatchmakingConfiguration.GameProperty" + }, + "markdownDescription": "A set of custom properties for a game session, formatted as key-value pairs. These properties are passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "GameProperties", + "type": "array" + }, + "GameSessionData": { + "markdownDescription": "A set of custom game session properties, formatted as a single string value. This data is passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "GameSessionData", + "type": "string" + }, + "GameSessionQueueArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) that is assigned to a Amazon GameLift Servers game session queue resource and uniquely identifies it. ARNs are unique across all Regions. Format is `arn:aws:gamelift:::gamesessionqueue/` . Queues can be located in any Region. Queues are used to start new Amazon GameLift Servers-hosted game sessions for matches that are created with this matchmaking configuration. If `FlexMatchMode` is set to `STANDALONE` , do not set this parameter.", + "title": "GameSessionQueueArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A unique identifier for the matchmaking configuration. This name is used to identify the configuration associated with a matchmaking request or ticket.", + "title": "Name", + "type": "string" + }, + "NotificationTarget": { + "markdownDescription": "An SNS topic ARN that is set up to receive matchmaking notifications. See [Setting up notifications for matchmaking](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-notification.html) for more information.", + "title": "NotificationTarget", + "type": "string" + }, + "RequestTimeoutSeconds": { + "markdownDescription": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out. Requests that fail due to timing out can be resubmitted as needed.", + "title": "RequestTimeoutSeconds", + "type": "number" + }, + "RuleSetArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) associated with the GameLift matchmaking rule set resource that this configuration uses.", + "title": "RuleSetArn", + "type": "string" + }, + "RuleSetName": { + "markdownDescription": "A unique identifier for the matchmaking rule set to use with this configuration. You can use either the rule set name or ARN value. A matchmaking configuration can only use rule sets that are defined in the same Region.", + "title": "RuleSetName", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The CIS scan configuration's tags.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of labels to assign to the new matchmaking configuration resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", - "type": "object" - }, - "Targets": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.CisTargets", - "markdownDescription": "The CIS scan configuration's targets.", - "title": "Targets" + "type": "array" } }, + "required": [ + "AcceptanceRequired", + "Name", + "RequestTimeoutSeconds", + "RuleSetName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::InspectorV2::CisScanConfiguration" + "AWS::GameLift::MatchmakingConfiguration" ], "type": "string" }, @@ -119133,136 +128036,32 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::InspectorV2::CisScanConfiguration.CisTargets": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The CIS target account ids.", - "title": "AccountIds", - "type": "array" - }, - "TargetResourceTags": { - "markdownDescription": "The CIS target resource tags.", - "title": "TargetResourceTags", - "type": "object" - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "AWS::InspectorV2::CisScanConfiguration.DailySchedule": { - "additionalProperties": false, - "properties": { - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The schedule start time.", - "title": "StartTime" - } - }, - "required": [ - "StartTime" - ], - "type": "object" - }, - "AWS::InspectorV2::CisScanConfiguration.MonthlySchedule": { - "additionalProperties": false, - "properties": { - "Day": { - "markdownDescription": "The monthly schedule's day.", - "title": "Day", - "type": "string" - }, - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The monthly schedule's start time.", - "title": "StartTime" - } - }, - "required": [ - "Day", - "StartTime" + "Type", + "Properties" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.Schedule": { - "additionalProperties": false, - "properties": { - "Daily": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.DailySchedule", - "markdownDescription": "A daily schedule.", - "title": "Daily" - }, - "Monthly": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.MonthlySchedule", - "markdownDescription": "A monthly schedule.", - "title": "Monthly" - }, - "OneTime": { - "markdownDescription": "A one time schedule.", - "title": "OneTime", - "type": "object" - }, - "Weekly": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.WeeklySchedule", - "markdownDescription": "A weekly schedule.", - "title": "Weekly" - } - }, - "type": "object" - }, - "AWS::InspectorV2::CisScanConfiguration.Time": { + "AWS::GameLift::MatchmakingConfiguration.GameProperty": { "additionalProperties": false, "properties": { - "TimeOfDay": { - "markdownDescription": "The time of day in 24-hour format (00:00).", - "title": "TimeOfDay", + "Key": { + "markdownDescription": "The game property identifier.", + "title": "Key", "type": "string" }, - "TimeZone": { - "markdownDescription": "The timezone.", - "title": "TimeZone", + "Value": { + "markdownDescription": "The game property value.", + "title": "Value", "type": "string" } }, "required": [ - "TimeOfDay", - "TimeZone" - ], - "type": "object" - }, - "AWS::InspectorV2::CisScanConfiguration.WeeklySchedule": { - "additionalProperties": false, - "properties": { - "Days": { - "items": { - "type": "string" - }, - "markdownDescription": "The weekly schedule's days.", - "title": "Days", - "type": "array" - }, - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The weekly schedule's start time.", - "title": "StartTime" - } - }, - "required": [ - "Days", - "StartTime" + "Key", + "Value" ], "type": "object" }, - "AWS::InspectorV2::Filter": { + "AWS::GameLift::MatchmakingRuleSet": { "additionalProperties": false, "properties": { "Condition": { @@ -119297,37 +128096,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the filter.", - "title": "Description", + "Name": { + "markdownDescription": "A unique identifier for the matchmaking rule set. A matchmaking configuration identifies the rule set it uses by this name value. Note that the rule set name is different from the optional `name` field in the rule set body.", + "title": "Name", "type": "string" }, - "FilterAction": { - "markdownDescription": "The action that is to be applied to the findings that match the filter.", - "title": "FilterAction", + "RuleSetBody": { + "markdownDescription": "A collection of matchmaking rules, formatted as a JSON string. Comments are not allowed in JSON, but most elements support a description field.", + "title": "RuleSetBody", "type": "string" }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.FilterCriteria", - "markdownDescription": "Details on the filter criteria associated with this filter.", - "title": "FilterCriteria" - }, - "Name": { - "markdownDescription": "The name of the filter.", - "title": "Name", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of labels to assign to the new matchmaking rule set resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "title": "Tags", + "type": "array" } }, "required": [ - "FilterAction", - "FilterCriteria", - "Name" + "Name", + "RuleSetBody" ], "type": "object" }, "Type": { "enum": [ - "AWS::InspectorV2::Filter" + "AWS::GameLift::MatchmakingRuleSet" ], "type": "string" }, @@ -119346,389 +128142,7 @@ ], "type": "object" }, - "AWS::InspectorV2::Filter.DateFilter": { - "additionalProperties": false, - "properties": { - "EndInclusive": { - "markdownDescription": "A timestamp representing the end of the time period filtered on.", - "title": "EndInclusive", - "type": "number" - }, - "StartInclusive": { - "markdownDescription": "A timestamp representing the start of the time period filtered on.", - "title": "StartInclusive", - "type": "number" - } - }, - "type": "object" - }, - "AWS::InspectorV2::Filter.FilterCriteria": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the AWS account IDs used to filter findings.", - "title": "AwsAccountId", - "type": "array" - }, - "ComponentId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the component IDs used to filter findings.", - "title": "ComponentId", - "type": "array" - }, - "ComponentType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the component types used to filter findings.", - "title": "ComponentType", - "type": "array" - }, - "Ec2InstanceImageId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance image IDs used to filter findings.", - "title": "Ec2InstanceImageId", - "type": "array" - }, - "Ec2InstanceSubnetId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance subnet IDs used to filter findings.", - "title": "Ec2InstanceSubnetId", - "type": "array" - }, - "Ec2InstanceVpcId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance VPC IDs used to filter findings.", - "title": "Ec2InstanceVpcId", - "type": "array" - }, - "EcrImageArchitecture": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon ECR image architecture types used to filter findings.", - "title": "EcrImageArchitecture", - "type": "array" - }, - "EcrImageHash": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon ECR image hashes used to filter findings.", - "title": "EcrImageHash", - "type": "array" - }, - "EcrImagePushedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the Amazon ECR image push date and time used to filter findings.", - "title": "EcrImagePushedAt", - "type": "array" - }, - "EcrImageRegistry": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the Amazon ECR registry used to filter findings.", - "title": "EcrImageRegistry", - "type": "array" - }, - "EcrImageRepositoryName": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the name of the Amazon ECR repository used to filter findings.", - "title": "EcrImageRepositoryName", - "type": "array" - }, - "EcrImageTags": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "The tags attached to the Amazon ECR container image.", - "title": "EcrImageTags", - "type": "array" - }, - "FindingArn": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding ARNs used to filter findings.", - "title": "FindingArn", - "type": "array" - }, - "FindingStatus": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding status types used to filter findings.", - "title": "FindingStatus", - "type": "array" - }, - "FindingType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding types used to filter findings.", - "title": "FindingType", - "type": "array" - }, - "FirstObservedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was first seen used to filter findings.", - "title": "FirstObservedAt", - "type": "array" - }, - "InspectorScore": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" - }, - "markdownDescription": "The Amazon Inspector score to filter on.", - "title": "InspectorScore", - "type": "array" - }, - "LastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was last seen used to filter findings.", - "title": "LastObservedAt", - "type": "array" - }, - "NetworkProtocol": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on network protocol used to filter findings.", - "title": "NetworkProtocol", - "type": "array" - }, - "PortRange": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.PortRangeFilter" - }, - "markdownDescription": "Details on the port ranges used to filter findings.", - "title": "PortRange", - "type": "array" - }, - "RelatedVulnerabilities": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the related vulnerabilities used to filter findings.", - "title": "RelatedVulnerabilities", - "type": "array" - }, - "ResourceId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the resource IDs used to filter findings.", - "title": "ResourceId", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.MapFilter" - }, - "markdownDescription": "Details on the resource tags used to filter findings.", - "title": "ResourceTags", - "type": "array" - }, - "ResourceType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the resource types used to filter findings.", - "title": "ResourceType", - "type": "array" - }, - "Severity": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the severity used to filter findings.", - "title": "Severity", - "type": "array" - }, - "Title": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding title used to filter findings.", - "title": "Title", - "type": "array" - }, - "UpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was last updated at used to filter findings.", - "title": "UpdatedAt", - "type": "array" - }, - "VendorSeverity": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vendor severity used to filter findings.", - "title": "VendorSeverity", - "type": "array" - }, - "VulnerabilityId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vulnerability ID used to filter findings.", - "title": "VulnerabilityId", - "type": "array" - }, - "VulnerabilitySource": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vulnerability score to filter findings by.", - "title": "VulnerabilitySource", - "type": "array" - }, - "VulnerablePackages": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.PackageFilter" - }, - "markdownDescription": "Details on the vulnerable packages used to filter findings.", - "title": "VulnerablePackages", - "type": "array" - } - }, - "type": "object" - }, - "AWS::InspectorV2::Filter.MapFilter": { - "additionalProperties": false, - "properties": { - "Comparison": { - "markdownDescription": "The operator to use when comparing values in the filter.", - "title": "Comparison", - "type": "string" - }, - "Key": { - "markdownDescription": "The tag key used in the filter.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The tag value used in the filter.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Comparison" - ], - "type": "object" - }, - "AWS::InspectorV2::Filter.NumberFilter": { - "additionalProperties": false, - "properties": { - "LowerInclusive": { - "markdownDescription": "The lowest number to be included in the filter.", - "title": "LowerInclusive", - "type": "number" - }, - "UpperInclusive": { - "markdownDescription": "The highest number to be included in the filter.", - "title": "UpperInclusive", - "type": "number" - } - }, - "type": "object" - }, - "AWS::InspectorV2::Filter.PackageFilter": { - "additionalProperties": false, - "properties": { - "Architecture": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the package architecture type to filter on.", - "title": "Architecture" - }, - "Epoch": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter", - "markdownDescription": "An object that contains details on the package epoch to filter on.", - "title": "Epoch" - }, - "Name": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the name of the package to filter on.", - "title": "Name" - }, - "Release": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the package release to filter on.", - "title": "Release" - }, - "SourceLayerHash": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the source layer hash to filter on.", - "title": "SourceLayerHash" - }, - "Version": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "The package version to filter on.", - "title": "Version" - } - }, - "type": "object" - }, - "AWS::InspectorV2::Filter.PortRangeFilter": { - "additionalProperties": false, - "properties": { - "BeginInclusive": { - "markdownDescription": "The port number the port range begins at.", - "title": "BeginInclusive", - "type": "number" - }, - "EndInclusive": { - "markdownDescription": "The port number the port range ends at.", - "title": "EndInclusive", - "type": "number" - } - }, - "type": "object" - }, - "AWS::InspectorV2::Filter.StringFilter": { - "additionalProperties": false, - "properties": { - "Comparison": { - "markdownDescription": "The operator to use when comparing values in the filter.", - "title": "Comparison", - "type": "string" - }, - "Value": { - "markdownDescription": "The value to filter on.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Comparison", - "Value" - ], - "type": "object" - }, - "AWS::InternetMonitor::Monitor": { + "AWS::GameLift::Script": { "additionalProperties": false, "properties": { "Condition": { @@ -119763,87 +128177,38 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.HealthEventsConfig", - "markdownDescription": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* .", - "title": "HealthEventsConfig" - }, - "IncludeLinkedAccounts": { - "markdownDescription": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", - "title": "IncludeLinkedAccounts", - "type": "boolean" - }, - "InternetMeasurementsLogDelivery": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery", - "markdownDescription": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs).", - "title": "InternetMeasurementsLogDelivery" - }, - "LinkedAccountId": { - "markdownDescription": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", - "title": "LinkedAccountId", - "type": "string" - }, - "MaxCityNetworksToMonitor": { - "markdownDescription": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* .", - "title": "MaxCityNetworksToMonitor", - "type": "number" - }, - "MonitorName": { - "markdownDescription": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", - "title": "MonitorName", + "Name": { + "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", + "title": "Name", "type": "string" }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n> Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty.", - "title": "Resources", - "type": "array" - }, - "ResourcesToAdd": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", - "title": "ResourcesToAdd", - "type": "array" - }, - "ResourcesToRemove": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", - "title": "ResourcesToRemove", - "type": "array" - }, - "Status": { - "markdownDescription": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` .", - "title": "Status", - "type": "string" + "StorageLocation": { + "$ref": "#/definitions/AWS::GameLift::Script.S3Location", + "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift Servers to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift Servers uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", + "title": "StorageLocation" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for a monitor, listed as a set of *key:value* pairs.", + "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" }, - "TrafficPercentageToMonitor": { - "markdownDescription": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor.", - "title": "TrafficPercentageToMonitor", - "type": "number" + "Version": { + "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", + "title": "Version", + "type": "string" } }, "required": [ - "MonitorName" + "StorageLocation" ], "type": "object" }, "Type": { "enum": [ - "AWS::InternetMonitor::Monitor" + "AWS::GameLift::Script" ], "type": "string" }, @@ -119862,86 +128227,38 @@ ], "type": "object" }, - "AWS::InternetMonitor::Monitor.HealthEventsConfig": { - "additionalProperties": false, - "properties": { - "AvailabilityLocalHealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", - "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue.", - "title": "AvailabilityLocalHealthEventsConfig" - }, - "AvailabilityScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event.", - "title": "AvailabilityScoreThreshold", - "type": "number" - }, - "PerformanceLocalHealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", - "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue.", - "title": "PerformanceLocalHealthEventsConfig" - }, - "PerformanceScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event.", - "title": "PerformanceScoreThreshold", - "type": "number" - } - }, - "type": "object" - }, - "AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery": { - "additionalProperties": false, - "properties": { - "S3Config": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", - "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", - "title": "S3Config" - } - }, - "type": "object" - }, - "AWS::InternetMonitor::Monitor.LocalHealthEventsConfig": { + "AWS::GameLift::Script.S3Location": { "additionalProperties": false, "properties": { - "HealthScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for a local health score.", - "title": "HealthScoreThreshold", - "type": "number" - }, - "MinTrafficImpact": { - "markdownDescription": "The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score.\n\nIf you don't set a minimum traffic impact threshold, the default value is 0.01%.", - "title": "MinTrafficImpact", - "type": "number" - }, - "Status": { - "markdownDescription": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` .", - "title": "Status", + "Bucket": { + "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift Servers doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "title": "Bucket", "type": "string" - } - }, - "type": "object" - }, - "AWS::InternetMonitor::Monitor.S3Config": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", - "title": "BucketName", + }, + "Key": { + "markdownDescription": "The name of the zip file that contains the build files or script files.", + "title": "Key", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", - "title": "BucketPrefix", + "ObjectVersion": { + "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift Servers uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", + "title": "ObjectVersion", "type": "string" }, - "LogDeliveryStatus": { - "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", - "title": "LogDeliveryStatus", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access the S3 bucket.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "Bucket", + "Key", + "RoleArn" + ], "type": "object" }, - "AWS::IoT1Click::Device": { + "AWS::GlobalAccelerator::Accelerator": { "additionalProperties": false, "properties": { "Condition": { @@ -119976,22 +128293,46 @@ "Properties": { "additionalProperties": false, "properties": { - "DeviceId": { - "type": "string" - }, "Enabled": { + "markdownDescription": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n\nIf the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.", + "title": "Enabled", "type": "boolean" + }, + "IpAddressType": { + "markdownDescription": "The IP address type that an accelerator supports. For a standard accelerator, the value can be IPV4 or DUAL_STACK.", + "title": "IpAddressType", + "type": "string" + }, + "IpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "Optionally, if you've added your own IP address pool to Global Accelerator (BYOIP), you can choose IP addresses from your own pool to use for the accelerator's static IP addresses when you create an accelerator. You can specify one or two addresses, separated by a comma. Do not include the /32 suffix.\n\nOnly one IP address from each of your IP address ranges can be used for each accelerator. If you specify only one IP address from your IP address range, Global Accelerator assigns a second static IP address for the accelerator from the AWS IP address pool.\n\nNote that you can't update IP addresses for an existing accelerator. To change them, you must create a new accelerator with the new addresses.\n\nFor more information, see [Bring Your Own IP Addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "IpAddresses", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the accelerator. The name must contain only alphanumeric characters or hyphens (-), and must not begin or end with a hyphen.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "DeviceId", - "Enabled" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT1Click::Device" + "AWS::GlobalAccelerator::Accelerator" ], "type": "string" }, @@ -120010,7 +128351,7 @@ ], "type": "object" }, - "AWS::IoT1Click::Placement": { + "AWS::GlobalAccelerator::CrossAccountAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -120045,27 +128386,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociatedDevices": { - "type": "object" + "Name": { + "markdownDescription": "The name of the cross-account attachment.", + "title": "Name", + "type": "string" }, - "Attributes": { - "type": "object" + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "The principals included in the cross-account attachment.", + "title": "Principals", + "type": "array" }, - "PlacementName": { - "type": "string" + "Resources": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::CrossAccountAttachment.Resource" + }, + "markdownDescription": "The resources included in the cross-account attachment.", + "title": "Resources", + "type": "array" }, - "ProjectName": { - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "ProjectName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT1Click::Placement" + "AWS::GlobalAccelerator::CrossAccountAttachment" ], "type": "string" }, @@ -120084,7 +128442,28 @@ ], "type": "object" }, - "AWS::IoT1Click::Project": { + "AWS::GlobalAccelerator::CrossAccountAttachment.Resource": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in AWS Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator\n\nFor more information, see [Bring your own IP addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the AWS Global Accelerator Developer Guide.", + "title": "Cidr", + "type": "string" + }, + "EndpointId": { + "markdownDescription": "The endpoint ID for the endpoint that is specified as a AWS resource.\n\nAn endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.", + "title": "EndpointId", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region where a shared endpoint resource is located.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GlobalAccelerator::EndpointGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -120119,24 +128498,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { + "EndpointConfigurations": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration" + }, + "markdownDescription": "The list of endpoint objects.", + "title": "EndpointConfigurations", + "type": "array" + }, + "EndpointGroupRegion": { + "markdownDescription": "The AWS Regions where the endpoint group is located.", + "title": "EndpointGroupRegion", "type": "string" }, - "PlacementTemplate": { - "$ref": "#/definitions/AWS::IoT1Click::Project.PlacementTemplate" + "HealthCheckIntervalSeconds": { + "markdownDescription": "The time\u201410 seconds or 30 seconds\u2014between health checks for each endpoint. The default value is 30.", + "title": "HealthCheckIntervalSeconds", + "type": "number" }, - "ProjectName": { + "HealthCheckPath": { + "markdownDescription": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/).", + "title": "HealthCheckPath", + "type": "string" + }, + "HealthCheckPort": { + "markdownDescription": "The port that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group.\n\nThe default port is the port for the listener that this endpoint group is associated with. If the listener port is a list, Global Accelerator uses the first specified port in the list of ports.", + "title": "HealthCheckPort", + "type": "number" + }, + "HealthCheckProtocol": { + "markdownDescription": "The protocol that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group. The default value is TCP.", + "title": "HealthCheckProtocol", + "type": "string" + }, + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", "type": "string" + }, + "PortOverrides": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.PortOverride" + }, + "markdownDescription": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on.", + "title": "PortOverrides", + "type": "array" + }, + "ThresholdCount": { + "markdownDescription": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.", + "title": "ThresholdCount", + "type": "number" + }, + "TrafficDialPercentage": { + "markdownDescription": "The percentage of traffic to send to an AWS Regions . Additional traffic is distributed to other endpoint groups for this listener.\n\nUse this action to increase (dial up) or decrease (dial down) traffic to a specific Region. The percentage is applied to the traffic that would otherwise have been routed to the Region based on optimal routing.\n\nThe default value is 100.", + "title": "TrafficDialPercentage", + "type": "number" } }, "required": [ - "PlacementTemplate" + "EndpointGroupRegion", + "ListenerArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT1Click::Project" + "AWS::GlobalAccelerator::EndpointGroup" ], "type": "string" }, @@ -120155,31 +128582,56 @@ ], "type": "object" }, - "AWS::IoT1Click::Project.DeviceTemplate": { + "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { "additionalProperties": false, "properties": { - "CallbackOverrides": { - "type": "object" + "AttachmentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cross-account attachment that specifies the endpoints (resources) that can be added to accelerators and principals that have permission to add the endpoints.", + "title": "AttachmentArn", + "type": "string" }, - "DeviceType": { + "ClientIPPreservationEnabled": { + "markdownDescription": "Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint. The value is true or false. The default value is true for new accelerators.\n\nIf the value is set to true, the client's IP address is preserved in the `X-Forwarded-For` request header as traffic travels to applications on the Application Load Balancer endpoint fronted by the accelerator.\n\nFor more information, see [Preserve Client IP Addresses](https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "ClientIPPreservationEnabled", + "type": "boolean" + }, + "EndpointId": { + "markdownDescription": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID. For Amazon EC2 instances, this is the EC2 instance ID. A resource must be valid and active when you add it as an endpoint.\n\nFor cross-account endpoints, this must be the ARN of the resource.", + "title": "EndpointId", "type": "string" + }, + "Weight": { + "markdownDescription": "The weight associated with the endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. For example, you might specify endpoint weights of 4, 5, 5, and 6 (sum=20). The result is that 4/20 of your traffic, on average, is routed to the first endpoint, 5/20 is routed both to the second and third endpoints, and 6/20 is routed to the last endpoint. For more information, see [Endpoint Weights](https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "Weight", + "type": "number" } }, + "required": [ + "EndpointId" + ], "type": "object" }, - "AWS::IoT1Click::Project.PlacementTemplate": { + "AWS::GlobalAccelerator::EndpointGroup.PortOverride": { "additionalProperties": false, "properties": { - "DefaultAttributes": { - "type": "object" + "EndpointPort": { + "markdownDescription": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance.", + "title": "EndpointPort", + "type": "number" }, - "DeviceTemplates": { - "type": "object" + "ListenerPort": { + "markdownDescription": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on.", + "title": "ListenerPort", + "type": "number" } }, + "required": [ + "EndpointPort", + "ListenerPort" + ], "type": "object" }, - "AWS::IoT::AccountAuditConfiguration": { + "AWS::GlobalAccelerator::Listener": { "additionalProperties": false, "properties": { "Condition": { @@ -120214,37 +128666,40 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account. You can use the expression `!Sub \"${AWS::AccountId}\"` to use your account ID.", - "title": "AccountId", + "AcceleratorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of your accelerator.", + "title": "AcceleratorArn", "type": "string" }, - "AuditCheckConfigurations": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations", - "markdownDescription": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on available audit checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)", - "title": "AuditCheckConfigurations" - }, - "AuditNotificationTargetConfigurations": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations", - "markdownDescription": "Information about the targets to which audit notifications are sent.", - "title": "AuditNotificationTargetConfigurations" + "ClientAffinity": { + "markdownDescription": "Client affinity lets you direct all requests from a user to the same endpoint, if you have stateful applications, regardless of the port and protocol of the client request. Client affinity gives you control over whether to always route each client to the same specific endpoint.\n\nAWS Global Accelerator uses a consistent-flow hashing algorithm to choose the optimal endpoint for a connection. If client affinity is `NONE` , Global Accelerator uses the \"five-tuple\" (5-tuple) properties\u2014source IP address, source port, destination IP address, destination port, and protocol\u2014to select the hash value, and then chooses the best endpoint. However, with this setting, if someone uses different ports to connect to Global Accelerator, their connections might not be always routed to the same endpoint because the hash value changes.\n\nIf you want a given client to always be routed to the same endpoint, set client affinity to `SOURCE_IP` instead. When you use the `SOURCE_IP` setting, Global Accelerator uses the \"two-tuple\" (2-tuple) properties\u2014 source (client) IP address and destination IP address\u2014to select the hash value.\n\nThe default value is `NONE` .", + "title": "ClientAffinity", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.", - "title": "RoleArn", + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::Listener.PortRange" + }, + "markdownDescription": "The list of port ranges for the connections from clients to the accelerator.", + "title": "PortRanges", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The protocol for the connections from clients to the accelerator.", + "title": "Protocol", "type": "string" } }, "required": [ - "AccountId", - "AuditCheckConfigurations", - "RoleArn" + "AcceleratorArn", + "PortRanges", + "Protocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::AccountAuditConfiguration" + "AWS::GlobalAccelerator::Listener" ], "type": "string" }, @@ -120263,136 +128718,27 @@ ], "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "True if this audit check is enabled for this account.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations": { - "additionalProperties": false, - "properties": { - "AuthenticatedCognitoRoleOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed.", - "title": "AuthenticatedCognitoRoleOverlyPermissiveCheck" - }, - "CaCertificateExpiringCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired.", - "title": "CaCertificateExpiringCheck" - }, - "CaCertificateKeyQualityCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` .", - "title": "CaCertificateKeyQualityCheck" - }, - "ConflictingClientIdsCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if multiple devices connect using the same client ID.", - "title": "ConflictingClientIdsCheck" - }, - "DeviceCertificateExpiringCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a device certificate is expiring. By default, this check applies to device certificates expiring within 30 days or that have expired. You can modify this threshold by configuring the DeviceCertExpirationAuditCheckConfiguration.", - "title": "DeviceCertificateExpiringCheck" - }, - "DeviceCertificateKeyQualityCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size.", - "title": "DeviceCertificateKeyQualityCheck" - }, - "DeviceCertificateSharedCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT .", - "title": "DeviceCertificateSharedCheck" - }, - "IntermediateCaRevokedForActiveDeviceCertificatesCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if device certificates are still active despite being revoked by an intermediate CA.", - "title": "IntermediateCaRevokedForActiveDeviceCertificatesCheck" - }, - "IoTPolicyPotentialMisConfigurationCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy.", - "title": "IoTPolicyPotentialMisConfigurationCheck" - }, - "IotPolicyOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role.", - "title": "IotPolicyOverlyPermissiveCheck" - }, - "IotRoleAliasAllowsAccessToUnusedServicesCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year.", - "title": "IotRoleAliasAllowsAccessToUnusedServicesCheck" - }, - "IotRoleAliasOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive.", - "title": "IotRoleAliasOverlyPermissiveCheck" - }, - "LoggingDisabledCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if AWS IoT logs are disabled.", - "title": "LoggingDisabledCheck" - }, - "RevokedCaCertificateStillActiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a revoked CA certificate is still active.", - "title": "RevokedCaCertificateStillActiveCheck" - }, - "RevokedDeviceCertificateStillActiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a revoked device certificate is still active.", - "title": "RevokedDeviceCertificateStillActiveCheck" - }, - "UnauthenticatedCognitoRoleOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive.", - "title": "UnauthenticatedCognitoRoleOverlyPermissiveCheck" - } - }, - "type": "object" - }, - "AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget": { + "AWS::GlobalAccelerator::Listener.PortRange": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "True if notifications to the target are enabled.", - "title": "Enabled", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to send notifications to the target.", - "title": "RoleArn", - "type": "string" + "FromPort": { + "markdownDescription": "The first port in the range of ports, inclusive.", + "title": "FromPort", + "type": "number" }, - "TargetArn": { - "markdownDescription": "The ARN of the target (SNS topic) to which audit notifications are sent.", - "title": "TargetArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations": { - "additionalProperties": false, - "properties": { - "Sns": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget", - "markdownDescription": "The `Sns` notification target.", - "title": "Sns" + "ToPort": { + "markdownDescription": "The last port in the range of ports, inclusive.", + "title": "ToPort", + "type": "number" } }, + "required": [ + "FromPort", + "ToPort" + ], "type": "object" }, - "AWS::IoT::Authorizer": { + "AWS::Glue::Classifier": { "additionalProperties": false, "properties": { "Condition": { @@ -120427,64 +128773,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizerFunctionArn": { - "markdownDescription": "The authorizer's Lambda function ARN.", - "title": "AuthorizerFunctionArn", - "type": "string" - }, - "AuthorizerName": { - "markdownDescription": "The authorizer name.", - "title": "AuthorizerName", - "type": "string" - }, - "EnableCachingForHttp": { - "markdownDescription": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections.", - "title": "EnableCachingForHttp", - "type": "boolean" - }, - "SigningDisabled": { - "markdownDescription": "Specifies whether AWS IoT validates the token signature in an authorization request.", - "title": "SigningDisabled", - "type": "boolean" - }, - "Status": { - "markdownDescription": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`", - "title": "Status", - "type": "string" + "CsvClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.CsvClassifier", + "markdownDescription": "A classifier for comma-separated values (CSV).", + "title": "CsvClassifier" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the custom authorizer.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", - "title": "Tags", - "type": "array" + "GrokClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.GrokClassifier", + "markdownDescription": "A classifier that uses `grok` .", + "title": "GrokClassifier" }, - "TokenKeyName": { - "markdownDescription": "The key used to extract the token from the HTTP headers.", - "title": "TokenKeyName", - "type": "string" + "JsonClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.JsonClassifier", + "markdownDescription": "A classifier for JSON content.", + "title": "JsonClassifier" }, - "TokenSigningPublicKeys": { - "additionalProperties": true, - "markdownDescription": "The public keys used to validate the token signature returned by your custom authentication service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TokenSigningPublicKeys", - "type": "object" + "XMLClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.XMLClassifier", + "markdownDescription": "A classifier for XML content.", + "title": "XMLClassifier" } }, - "required": [ - "AuthorizerFunctionArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Authorizer" + "AWS::Glue::Classifier" ], "type": "string" }, @@ -120498,226 +128812,142 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoT::BillingGroup": { + "AWS::Glue::Classifier.CsvClassifier": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AllowSingleColumn": { + "markdownDescription": "Enables the processing of files that contain only one column.", + "title": "AllowSingleColumn", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ContainsCustomDatatype": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether the CSV file contains custom data types.", + "title": "ContainsCustomDatatype", + "type": "array" + }, + "ContainsHeader": { + "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", + "title": "ContainsHeader", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CustomDatatypeConfigured": { + "markdownDescription": "Enables the configuration of custom data types.", + "title": "CustomDatatypeConfigured", + "type": "boolean" }, - "Metadata": { - "type": "object" + "Delimiter": { + "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", + "title": "Delimiter", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BillingGroupName": { - "markdownDescription": "The name of the billing group.", - "title": "BillingGroupName", - "type": "string" - }, - "BillingGroupProperties": { - "$ref": "#/definitions/AWS::IoT::BillingGroup.BillingGroupProperties", - "markdownDescription": "The properties of the billing group.", - "title": "BillingGroupProperties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the billing group.", - "title": "Tags", - "type": "array" - } + "DisableValueTrimming": { + "markdownDescription": "Specifies not to trim values before identifying the type of column values. The default value is `true` .", + "title": "DisableValueTrimming", + "type": "boolean" + }, + "Header": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "A list of strings representing column names.", + "title": "Header", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IoT::BillingGroup" - ], + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "QuoteSymbol": { + "markdownDescription": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.", + "title": "QuoteSymbol", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::IoT::BillingGroup.BillingGroupProperties": { + "AWS::Glue::Classifier.GrokClassifier": { "additionalProperties": false, "properties": { - "BillingGroupDescription": { - "markdownDescription": "The description of the billing group.", - "title": "BillingGroupDescription", + "Classification": { + "markdownDescription": "An identifier of the data format that the classifier matches, such as Twitter, JSON, Omniture logs, and so on.", + "title": "Classification", + "type": "string" + }, + "CustomPatterns": { + "markdownDescription": "Optional custom grok patterns defined by this classifier. For more information, see custom patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", + "title": "CustomPatterns", + "type": "string" + }, + "GrokPattern": { + "markdownDescription": "The grok pattern applied to a data store by this classifier. For more information, see built-in patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", + "title": "GrokPattern", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", "type": "string" } }, + "required": [ + "Classification", + "GrokPattern" + ], "type": "object" }, - "AWS::IoT::CACertificate": { + "AWS::Glue::Classifier.JsonClassifier": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoRegistrationStatus": { - "markdownDescription": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\".", - "title": "AutoRegistrationStatus", - "type": "string" - }, - "CACertificatePem": { - "markdownDescription": "The certificate data in PEM format.", - "title": "CACertificatePem", - "type": "string" - }, - "CertificateMode": { - "markdownDescription": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\".", - "title": "CertificateMode", - "type": "string" - }, - "RegistrationConfig": { - "$ref": "#/definitions/AWS::IoT::CACertificate.RegistrationConfig", - "markdownDescription": "Information about the registration configuration.", - "title": "RegistrationConfig" - }, - "RemoveAutoRegistration": { - "markdownDescription": "If true, removes auto registration.", - "title": "RemoveAutoRegistration", - "type": "boolean" - }, - "Status": { - "markdownDescription": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\".", - "title": "Status", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "VerificationCertificatePem": { - "markdownDescription": "The private key verification certificate.", - "title": "VerificationCertificatePem", - "type": "string" - } - }, - "required": [ - "CACertificatePem", - "Status" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT::CACertificate" - ], + "JsonPath": { + "markdownDescription": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath` , as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json) .", + "title": "JsonPath", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "JsonPath" ], "type": "object" }, - "AWS::IoT::CACertificate.RegistrationConfig": { + "AWS::Glue::Classifier.XMLClassifier": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the role.", - "title": "RoleArn", + "Classification": { + "markdownDescription": "An identifier of the data format that the classifier matches.", + "title": "Classification", "type": "string" }, - "TemplateBody": { - "markdownDescription": "The template body.", - "title": "TemplateBody", + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the provisioning template.", - "title": "TemplateName", + "RowTag": { + "markdownDescription": "The XML tag designating the element that contains each record in an XML document being parsed. This can't identify a self-closing element (closed by `/>` ). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `` is okay, but `` is not).", + "title": "RowTag", "type": "string" } }, + "required": [ + "Classification", + "RowTag" + ], "type": "object" }, - "AWS::IoT::Certificate": { + "AWS::Glue::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -120752,40 +128982,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CACertificatePem": { - "markdownDescription": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.", - "title": "CACertificatePem", - "type": "string" - }, - "CertificateMode": { - "markdownDescription": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .", - "title": "CertificateMode", - "type": "string" - }, - "CertificatePem": { - "markdownDescription": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.", - "title": "CertificatePem", - "type": "string" - }, - "CertificateSigningRequest": { - "markdownDescription": "The certificate signing request (CSR).", - "title": "CertificateSigningRequest", + "CatalogId": { + "markdownDescription": "The ID of the data catalog to create the catalog object in. Currently, this should be the AWS account ID.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId` .", + "title": "CatalogId", "type": "string" }, - "Status": { - "markdownDescription": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used.", - "title": "Status", - "type": "string" + "ConnectionInput": { + "$ref": "#/definitions/AWS::Glue::Connection.ConnectionInput", + "markdownDescription": "The connection that you want to create.", + "title": "ConnectionInput" } }, "required": [ - "Status" + "CatalogId", + "ConnectionInput" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Certificate" + "AWS::Glue::Connection" ], "type": "string" }, @@ -120804,270 +129020,255 @@ ], "type": "object" }, - "AWS::IoT::CertificateProvider": { + "AWS::Glue::Connection.AuthenticationConfigurationInput": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AuthenticationType": { + "markdownDescription": "A structure containing the authentication configuration in the CreateConnection request.", + "title": "AuthenticationType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "BasicAuthenticationCredentials": { + "$ref": "#/definitions/AWS::Glue::Connection.BasicAuthenticationCredentials", + "markdownDescription": "The credentials used when the authentication type is basic authentication.", + "title": "BasicAuthenticationCredentials" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountDefaultForOperations": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` .", - "title": "AccountDefaultForOperations", - "type": "array" - }, - "CertificateProviderName": { - "markdownDescription": "The name of the certificate provider.", - "title": "CertificateProviderName", - "type": "string" - }, - "LambdaFunctionArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "LambdaFunctionArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the certificate provider.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AccountDefaultForOperations", - "LambdaFunctionArn" - ], + "CustomAuthenticationCredentials": { + "markdownDescription": "The credentials used when the authentication type is custom authentication.", + "title": "CustomAuthenticationCredentials", "type": "object" }, - "Type": { - "enum": [ - "AWS::IoT::CertificateProvider" - ], + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key used to encrypt the connection. Only taken an as input in the request and stored in the Secret Manager.", + "title": "KmsKeyArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OAuth2Properties": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2PropertiesInput", + "markdownDescription": "The properties for OAuth2 authentication in the CreateConnection request.", + "title": "OAuth2Properties" + }, + "SecretArn": { + "markdownDescription": "The secret manager ARN to store credentials in the CreateConnection request.", + "title": "SecretArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "AuthenticationType" ], "type": "object" }, - "AWS::IoT::CustomMetric": { + "AWS::Glue::Connection.AuthorizationCodeProperties": { "additionalProperties": false, "properties": { - "Condition": { + "AuthorizationCode": { + "markdownDescription": "An authorization code to be used in the third leg of the `AUTHORIZATION_CODE` grant workflow. This is a single-use code which becomes invalid once exchanged for an access token, thus it is acceptable to have this value as a request parameter.", + "title": "AuthorizationCode", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RedirectUri": { + "markdownDescription": "The redirect URI where the user gets redirected to by authorization server when issuing an authorization code. The URI is subsequently used when the authorization code is exchanged for an access token.", + "title": "RedirectUri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Connection.BasicAuthenticationCredentials": { + "additionalProperties": false, + "properties": { + "Password": { + "markdownDescription": "The password to connect to the data source.", + "title": "Password", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { + "Username": { + "markdownDescription": "The username to connect to the data source.", + "title": "Username", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Connection.ConnectionInput": { + "additionalProperties": false, + "properties": { + "AthenaProperties": { + "markdownDescription": "Connection properties specific to the Athena compute environment.", + "title": "AthenaProperties", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DisplayName": { - "markdownDescription": "The friendly name in the console for the custom metric. This name doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. You can update the friendly name after you define it.", - "title": "DisplayName", - "type": "string" - }, - "MetricName": { - "markdownDescription": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. The name can't begin with `aws:` . You can\u2019t change the name after you define it.", - "title": "MetricName", - "type": "string" - }, - "MetricType": { - "markdownDescription": "The type of the custom metric. Types include `string-list` , `ip-address-list` , `number-list` , and `number` .\n\n> The type `number` only takes a single metric value as an input, but when you submit the metrics value in the DeviceMetrics report, you must pass it as an array with a single value.", - "title": "MetricType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the custom metric.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "MetricType" - ], + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::Glue::Connection.AuthenticationConfigurationInput", + "markdownDescription": "The authentication properties of the connection.", + "title": "AuthenticationConfiguration" + }, + "ConnectionProperties": { + "markdownDescription": "These key-value pairs define parameters for the connection.", + "title": "ConnectionProperties", "type": "object" }, - "Type": { - "enum": [ - "AWS::IoT::CustomMetric" - ], + "ConnectionType": { + "markdownDescription": "The type of the connection. Currently, these types are supported:\n\n- `JDBC` - Designates a connection to a database through Java Database Connectivity (JDBC).\n\n`JDBC` Connections use the following ConnectionParameters.\n\n- Required: All of ( `HOST` , `PORT` , `JDBC_ENGINE` ) or `JDBC_CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- Optional: `JDBC_ENFORCE_SSL` , `CUSTOM_JDBC_CERT` , `CUSTOM_JDBC_CERT_STRING` , `SKIP_CUSTOM_JDBC_CERT_VALIDATION` . These parameters are used to configure SSL with JDBC.\n- `KAFKA` - Designates a connection to an Apache Kafka streaming platform.\n\n`KAFKA` Connections use the following ConnectionParameters.\n\n- Required: `KAFKA_BOOTSTRAP_SERVERS` .\n- Optional: `KAFKA_SSL_ENABLED` , `KAFKA_CUSTOM_CERT` , `KAFKA_SKIP_CUSTOM_CERT_VALIDATION` . These parameters are used to configure SSL with `KAFKA` .\n- Optional: `KAFKA_CLIENT_KEYSTORE` , `KAFKA_CLIENT_KEYSTORE_PASSWORD` , `KAFKA_CLIENT_KEY_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEYSTORE_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEY_PASSWORD` . These parameters are used to configure TLS client configuration with SSL in `KAFKA` .\n- Optional: `KAFKA_SASL_MECHANISM` . Can be specified as `SCRAM-SHA-512` , `GSSAPI` , or `AWS_MSK_IAM` .\n- Optional: `KAFKA_SASL_SCRAM_USERNAME` , `KAFKA_SASL_SCRAM_PASSWORD` , `ENCRYPTED_KAFKA_SASL_SCRAM_PASSWORD` . These parameters are used to configure SASL/SCRAM-SHA-512 authentication with `KAFKA` .\n- Optional: `KAFKA_SASL_GSSAPI_KEYTAB` , `KAFKA_SASL_GSSAPI_KRB5_CONF` , `KAFKA_SASL_GSSAPI_SERVICE` , `KAFKA_SASL_GSSAPI_PRINCIPAL` . These parameters are used to configure SASL/GSSAPI authentication with `KAFKA` .\n- `MONGODB` - Designates a connection to a MongoDB document database.\n\n`MONGODB` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `VIEW_VALIDATION_REDSHIFT` - Designates a connection used for view validation by Amazon Redshift.\n- `VIEW_VALIDATION_ATHENA` - Designates a connection used for view validation by Amazon Athena.\n- `NETWORK` - Designates a network connection to a data source within an Amazon Virtual Private Cloud environment (Amazon VPC).\n\n`NETWORK` Connections do not require ConnectionParameters. Instead, provide a PhysicalConnectionRequirements.\n- `MARKETPLACE` - Uses configuration settings contained in a connector purchased from AWS Marketplace to read from and write to data stores that are not natively supported by AWS Glue .\n\n`MARKETPLACE` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTOR_TYPE` , `CONNECTOR_URL` , `CONNECTOR_CLASS_NAME` , `CONNECTION_URL` .\n- Required for `JDBC` `CONNECTOR_TYPE` connections: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `CUSTOM` - Uses configuration settings contained in a custom connector to read from and write to data stores that are not natively supported by AWS Glue .\n\nAdditionally, a `ConnectionType` for the following SaaS connectors is supported:\n\n- `FACEBOOKADS` - Designates a connection to Facebook Ads.\n- `GOOGLEADS` - Designates a connection to Google Ads.\n- `GOOGLESHEETS` - Designates a connection to Google Sheets.\n- `GOOGLEANALYTICS4` - Designates a connection to Google Analytics 4.\n- `HUBSPOT` - Designates a connection to HubSpot.\n- `INSTAGRAMADS` - Designates a connection to Instagram Ads.\n- `INTERCOM` - Designates a connection to Intercom.\n- `JIRACLOUD` - Designates a connection to Jira Cloud.\n- `MARKETO` - Designates a connection to Adobe Marketo Engage.\n- `NETSUITEERP` - Designates a connection to Oracle NetSuite.\n- `SALESFORCE` - Designates a connection to Salesforce using OAuth authentication.\n- `SALESFORCEMARKETINGCLOUD` - Designates a connection to Salesforce Marketing Cloud.\n- `SALESFORCEPARDOT` - Designates a connection to Salesforce Marketing Cloud Account Engagement (MCAE).\n- `SAPODATA` - Designates a connection to SAP OData.\n- `SERVICENOW` - Designates a connection to ServiceNow.\n- `SLACK` - Designates a connection to Slack.\n- `SNAPCHATADS` - Designates a connection to Snapchat Ads.\n- `STRIPE` - Designates a connection to Stripe.\n- `ZENDESK` - Designates a connection to Zendesk.\n- `ZOHOCRM` - Designates a connection to Zoho CRM.\n\nFor more information on the connection parameters needed for a particular connector, see the documentation for the connector in [Adding an AWS Glue connection](https://docs.aws.amazon.com/glue/latest/dg/console-connections.html) in the AWS Glue User Guide.\n\n`SFTP` is not supported.\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue , consult [AWS Glue connection properties](https://docs.aws.amazon.com/glue/latest/dg/connection-defining.html) .\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue Studio, consult [Using connectors and connections](https://docs.aws.amazon.com/glue/latest/ug/connectors-chapter.html) .", + "title": "ConnectionType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "The description of the connection.", + "title": "Description", + "type": "string" + }, + "MatchCriteria": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of criteria that can be used in selecting this connection.", + "title": "MatchCriteria", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the connection.", + "title": "Name", "type": "string" + }, + "PhysicalConnectionRequirements": { + "$ref": "#/definitions/AWS::Glue::Connection.PhysicalConnectionRequirements", + "markdownDescription": "The physical connection requirements, such as virtual private cloud (VPC) and `SecurityGroup` , that are needed to successfully make this connection.", + "title": "PhysicalConnectionRequirements" + }, + "PythonProperties": { + "markdownDescription": "Connection properties specific to the Python compute environment.", + "title": "PythonProperties", + "type": "object" + }, + "SparkProperties": { + "markdownDescription": "Connection properties specific to the Spark compute environment.", + "title": "SparkProperties", + "type": "object" + }, + "ValidateCredentials": { + "markdownDescription": "A flag to validate the credentials during create connection. Default is true.", + "title": "ValidateCredentials", + "type": "boolean" + }, + "ValidateForComputeEnvironments": { + "items": { + "type": "string" + }, + "markdownDescription": "The compute environments that the specified connection properties are validated against.", + "title": "ValidateForComputeEnvironments", + "type": "array" } }, "required": [ - "Type", - "Properties" + "ConnectionType" ], "type": "object" }, - "AWS::IoT::Dimension": { + "AWS::Glue::Connection.OAuth2ClientApplication": { "additionalProperties": false, "properties": { - "Condition": { + "AWSManagedClientApplicationReference": { + "markdownDescription": "The reference to the SaaS-side client app that is AWS managed.", + "title": "AWSManagedClientApplicationReference", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UserManagedClientApplicationClientId": { + "markdownDescription": "The client application clientID if the ClientAppType is `USER_MANAGED` .", + "title": "UserManagedClientApplicationClientId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Connection.OAuth2Credentials": { + "additionalProperties": false, + "properties": { + "AccessToken": { + "markdownDescription": "The access token used when the authentication type is OAuth2.", + "title": "AccessToken", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "JwtToken": { + "markdownDescription": "The JSON Web Token (JWT) used when the authentication type is OAuth2.", + "title": "JwtToken", + "type": "string" }, - "Metadata": { - "type": "object" + "RefreshToken": { + "markdownDescription": "The refresh token used when the authentication type is OAuth2.", + "title": "RefreshToken", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A unique identifier for the dimension.", - "title": "Name", - "type": "string" - }, - "StringValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the value or list of values for the dimension. For `TOPIC_FILTER` dimensions, this is a pattern used to match the MQTT topic (for example, \"admin/#\").", - "title": "StringValues", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the dimension.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "Specifies the type of dimension. Supported types: `TOPIC_FILTER.`", - "title": "Type", - "type": "string" - } - }, - "required": [ - "StringValues", - "Type" - ], - "type": "object" + "UserManagedClientApplicationClientSecret": { + "markdownDescription": "The client application client secret if the client application is user managed.", + "title": "UserManagedClientApplicationClientSecret", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Connection.OAuth2PropertiesInput": { + "additionalProperties": false, + "properties": { + "AuthorizationCodeProperties": { + "$ref": "#/definitions/AWS::Glue::Connection.AuthorizationCodeProperties", + "markdownDescription": "The set of properties required for the the OAuth2 `AUTHORIZATION_CODE` grant type.", + "title": "AuthorizationCodeProperties" }, - "Type": { - "enum": [ - "AWS::IoT::Dimension" - ], + "OAuth2ClientApplication": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2ClientApplication", + "markdownDescription": "The client application type in the CreateConnection request. For example, `AWS_MANAGED` or `USER_MANAGED` .", + "title": "OAuth2ClientApplication" + }, + "OAuth2Credentials": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2Credentials", + "markdownDescription": "The credentials used when the authentication type is OAuth2 authentication.", + "title": "OAuth2Credentials" + }, + "OAuth2GrantType": { + "markdownDescription": "The OAuth2 grant type in the CreateConnection request. For example, `AUTHORIZATION_CODE` , `JWT_BEARER` , or `CLIENT_CREDENTIALS` .", + "title": "OAuth2GrantType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TokenUrl": { + "markdownDescription": "The URL of the provider's authentication server, to exchange an authorization code for an access token.", + "title": "TokenUrl", + "type": "string" + }, + "TokenUrlParametersMap": { + "markdownDescription": "A map of parameters that are added to the token `GET` request.", + "title": "TokenUrlParametersMap", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Glue::Connection.PhysicalConnectionRequirements": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The connection's Availability Zone.", + "title": "AvailabilityZone", + "type": "string" + }, + "SecurityGroupIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group ID list used by the connection.", + "title": "SecurityGroupIdList", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The subnet ID used by the connection.", + "title": "SubnetId", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoT::DomainConfiguration": { + "AWS::Glue::Crawler": { "additionalProperties": false, "properties": { "Condition": { @@ -121102,68 +129303,89 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizerConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.AuthorizerConfig", - "markdownDescription": "An object that specifies the authorization service for a domain.", - "title": "AuthorizerConfig" + "Classifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of UTF-8 strings that specify the names of custom classifiers that are associated with the crawler.", + "title": "Classifiers", + "type": "array" }, - "DomainConfigurationName": { - "markdownDescription": "The name of the domain configuration. This value must be unique to a region.", - "title": "DomainConfigurationName", + "Configuration": { + "markdownDescription": "Crawler configuration information. This versioned JSON string allows users to specify aspects of a crawler's behavior. For more information, see [Configuring a Crawler](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html) .", + "title": "Configuration", "type": "string" }, - "DomainConfigurationStatus": { - "markdownDescription": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`", - "title": "DomainConfigurationStatus", + "CrawlerSecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used by this crawler.", + "title": "CrawlerSecurityConfiguration", "type": "string" }, - "DomainName": { - "markdownDescription": "The name of the domain.", - "title": "DomainName", + "DatabaseName": { + "markdownDescription": "The name of the database in which the crawler's output is stored.", + "title": "DatabaseName", "type": "string" }, - "ServerCertificateArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.", - "title": "ServerCertificateArns", - "type": "array" + "Description": { + "markdownDescription": "A description of the crawler.", + "title": "Description", + "type": "string" }, - "ServerCertificateConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ServerCertificateConfig", - "markdownDescription": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", - "title": "ServerCertificateConfig" + "LakeFormationConfiguration": { + "$ref": "#/definitions/AWS::Glue::Crawler.LakeFormationConfiguration", + "markdownDescription": "Specifies whether the crawler should use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", + "title": "LakeFormationConfiguration" }, - "ServiceType": { - "markdownDescription": "The type of service delivered by the endpoint.\n\n> AWS IoT Core currently supports only the `DATA` service type.", - "title": "ServiceType", + "Name": { + "markdownDescription": "The name of the crawler.", + "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the domain configuration.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", - "title": "Tags", - "type": "array" + "RecrawlPolicy": { + "$ref": "#/definitions/AWS::Glue::Crawler.RecrawlPolicy", + "markdownDescription": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.", + "title": "RecrawlPolicy" }, - "TlsConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.TlsConfig", - "markdownDescription": "An object that specifies the TLS configuration for a domain.", - "title": "TlsConfig" + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that's used to access customer resources, such as Amazon Simple Storage Service (Amazon S3) data.", + "title": "Role", + "type": "string" }, - "ValidationCertificateArn": { - "markdownDescription": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.", - "title": "ValidationCertificateArn", + "Schedule": { + "$ref": "#/definitions/AWS::Glue::Crawler.Schedule", + "markdownDescription": "For scheduled crawlers, the schedule when the crawler runs.", + "title": "Schedule" + }, + "SchemaChangePolicy": { + "$ref": "#/definitions/AWS::Glue::Crawler.SchemaChangePolicy", + "markdownDescription": "The policy that specifies update and delete behaviors for the crawler. The policy tells the crawler what to do in the event that it detects a change in a table that already exists in the customer's database at the time of the crawl. The `SchemaChangePolicy` does not affect whether or how new tables and partitions are added. New tables and partitions are always created regardless of the `SchemaChangePolicy` on a crawler.\n\nThe SchemaChangePolicy consists of two components, `UpdateBehavior` and `DeleteBehavior` .", + "title": "SchemaChangePolicy" + }, + "TablePrefix": { + "markdownDescription": "The prefix added to the names of tables that are created.", + "title": "TablePrefix", "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this crawler.", + "title": "Tags", + "type": "object" + }, + "Targets": { + "$ref": "#/definitions/AWS::Glue::Crawler.Targets", + "markdownDescription": "A collection of targets to crawl.", + "title": "Targets" } }, + "required": [ + "Role", + "Targets" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::DomainConfiguration" + "AWS::Glue::Crawler" ], "type": "string" }, @@ -121177,70 +129399,361 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::DomainConfiguration.AuthorizerConfig": { + "AWS::Glue::Crawler.CatalogTarget": { "additionalProperties": false, "properties": { - "AllowAuthorizerOverride": { - "markdownDescription": "A Boolean that specifies whether the domain configuration's authorization service can be overridden.", - "title": "AllowAuthorizerOverride", - "type": "boolean" + "ConnectionName": { + "markdownDescription": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a `Catalog` connection type paired with a `NETWORK` Connection type.", + "title": "ConnectionName", + "type": "string" }, - "DefaultAuthorizerName": { - "markdownDescription": "The name of the authorization service for a domain configuration.", - "title": "DefaultAuthorizerName", + "DatabaseName": { + "markdownDescription": "The name of the database to be synchronized.", + "title": "DatabaseName", "type": "string" + }, + "DlqEventQueueArn": { + "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", + "title": "DlqEventQueueArn", + "type": "string" + }, + "EventQueueArn": { + "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", + "title": "EventQueueArn", + "type": "string" + }, + "Tables": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the tables to be synchronized.", + "title": "Tables", + "type": "array" } }, "type": "object" }, - "AWS::IoT::DomainConfiguration.ServerCertificateConfig": { - "additionalProperties": false, - "properties": { - "EnableOCSPCheck": { - "markdownDescription": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", - "title": "EnableOCSPCheck", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoT::DomainConfiguration.ServerCertificateSummary": { + "AWS::Glue::Crawler.DeltaTarget": { "additionalProperties": false, "properties": { - "ServerCertificateArn": { - "markdownDescription": "The ARN of the server certificate.", - "title": "ServerCertificateArn", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Delta table target.", + "title": "ConnectionName", "type": "string" }, - "ServerCertificateStatus": { - "markdownDescription": "The status of the server certificate.", - "title": "ServerCertificateStatus", + "CreateNativeDeltaTable": { + "markdownDescription": "Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly.", + "title": "CreateNativeDeltaTable", + "type": "boolean" + }, + "DeltaTables": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the Amazon S3 paths to the Delta tables.", + "title": "DeltaTables", + "type": "array" + }, + "WriteManifest": { + "markdownDescription": "Specifies whether to write the manifest files to the Delta table path.", + "title": "WriteManifest", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Glue::Crawler.DynamoDBTarget": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The name of the DynamoDB table to crawl.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Crawler.HudiTarget": { + "additionalProperties": false, + "properties": { + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Hudi target. If your Hudi files are stored in buckets that require VPC authorization, you can set their connection properties here.", + "title": "ConnectionName", "type": "string" }, - "ServerCertificateStatusDetail": { - "markdownDescription": "Details that explain the status of the server certificate.", - "title": "ServerCertificateStatusDetail", + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", + "type": "array" + }, + "MaximumTraversalDepth": { + "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time.", + "title": "MaximumTraversalDepth", + "type": "number" + }, + "Paths": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon S3 location strings for Hudi, each indicating the root folder with which the metadata files for a Hudi table resides. The Hudi folder may be located in a child folder of the root folder.\n\nThe crawler will scan all folders underneath a path for a Hudi folder.", + "title": "Paths", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Glue::Crawler.IcebergTarget": { + "additionalProperties": false, + "properties": { + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Iceberg target.", + "title": "ConnectionName", "type": "string" + }, + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of global patterns used to exclude from the crawl.", + "title": "Exclusions", + "type": "array" + }, + "MaximumTraversalDepth": { + "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time.", + "title": "MaximumTraversalDepth", + "type": "number" + }, + "Paths": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix .", + "title": "Paths", + "type": "array" } }, "type": "object" }, - "AWS::IoT::DomainConfiguration.TlsConfig": { + "AWS::Glue::Crawler.JdbcTarget": { "additionalProperties": false, "properties": { - "SecurityPolicy": { - "markdownDescription": "The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* .", - "title": "SecurityPolicy", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the JDBC target.", + "title": "ConnectionName", + "type": "string" + }, + "EnableAdditionalMetadata": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify a value of `RAWTYPES` or `COMMENTS` to enable additional metadata in table responses. `RAWTYPES` provides the native-level datatype. `COMMENTS` provides comments associated with a column or table in the database.\n\nIf you do not need additional metadata, keep the field empty.", + "title": "EnableAdditionalMetadata", + "type": "array" + }, + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", + "type": "array" + }, + "Path": { + "markdownDescription": "The path of the JDBC target.", + "title": "Path", "type": "string" } }, "type": "object" }, - "AWS::IoT::FleetMetric": { + "AWS::Glue::Crawler.LakeFormationConfiguration": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "Required for cross account crawls. For same account crawls as the target data, this can be left as null.", + "title": "AccountId", + "type": "string" + }, + "UseLakeFormationCredentials": { + "markdownDescription": "Specifies whether to use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", + "title": "UseLakeFormationCredentials", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Glue::Crawler.MongoDBTarget": { + "additionalProperties": false, + "properties": { + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.", + "title": "ConnectionName", + "type": "string" + }, + "Path": { + "markdownDescription": "The path of the Amazon DocumentDB or MongoDB target (database/collection).", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Crawler.RecrawlPolicy": { + "additionalProperties": false, + "properties": { + "RecrawlBehavior": { + "markdownDescription": "Specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVERYTHING` specifies crawling the entire dataset again.\n\nA value of `CRAWL_NEW_FOLDERS_ONLY` specifies crawling only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVENT_MODE` specifies crawling only the changes identified by Amazon S3 events.", + "title": "RecrawlBehavior", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Crawler.S3Target": { + "additionalProperties": false, + "properties": { + "ConnectionName": { + "markdownDescription": "The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC).", + "title": "ConnectionName", + "type": "string" + }, + "DlqEventQueueArn": { + "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", + "title": "DlqEventQueueArn", + "type": "string" + }, + "EventQueueArn": { + "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", + "title": "EventQueueArn", + "type": "string" + }, + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", + "type": "array" + }, + "Path": { + "markdownDescription": "The path to the Amazon S3 target.", + "title": "Path", + "type": "string" + }, + "SampleSize": { + "markdownDescription": "Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249.", + "title": "SampleSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Glue::Crawler.Schedule": { + "additionalProperties": false, + "properties": { + "ScheduleExpression": { + "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", + "title": "ScheduleExpression", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Crawler.SchemaChangePolicy": { + "additionalProperties": false, + "properties": { + "DeleteBehavior": { + "markdownDescription": "The deletion behavior when the crawler finds a deleted object.\n\nA value of `LOG` specifies that if a table or partition is found to no longer exist, do not delete it, only log that it was found to no longer exist.\n\nA value of `DELETE_FROM_DATABASE` specifies that if a table or partition is found to have been removed, delete it from the database.\n\nA value of `DEPRECATE_IN_DATABASE` specifies that if a table has been found to no longer exist, to add a property to the table that says \"DEPRECATED\" and includes a timestamp with the time of deprecation.", + "title": "DeleteBehavior", + "type": "string" + }, + "UpdateBehavior": { + "markdownDescription": "The update behavior when the crawler finds a changed schema.\n\nA value of `LOG` specifies that if a table or a partition already exists, and a change is detected, do not update it, only log that a change was detected. Add new tables and new partitions (including on existing tables).\n\nA value of `UPDATE_IN_DATABASE` specifies that if a table or partition already exists, and a change is detected, update it. Add new tables and partitions.", + "title": "UpdateBehavior", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Crawler.Targets": { + "additionalProperties": false, + "properties": { + "CatalogTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.CatalogTarget" + }, + "markdownDescription": "Specifies AWS Glue Data Catalog targets.", + "title": "CatalogTargets", + "type": "array" + }, + "DeltaTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.DeltaTarget" + }, + "markdownDescription": "Specifies an array of Delta data store targets.", + "title": "DeltaTargets", + "type": "array" + }, + "DynamoDBTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.DynamoDBTarget" + }, + "markdownDescription": "Specifies Amazon DynamoDB targets.", + "title": "DynamoDBTargets", + "type": "array" + }, + "HudiTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.HudiTarget" + }, + "markdownDescription": "", + "title": "HudiTargets", + "type": "array" + }, + "IcebergTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" + }, + "markdownDescription": "Specifies Apache Iceberg data store targets.", + "title": "IcebergTargets", + "type": "array" + }, + "JdbcTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" + }, + "markdownDescription": "Specifies JDBC targets.", + "title": "JdbcTargets", + "type": "array" + }, + "MongoDBTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.MongoDBTarget" + }, + "markdownDescription": "A list of Mongo DB targets.", + "title": "MongoDBTargets", + "type": "array" + }, + "S3Targets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.S3Target" + }, + "markdownDescription": "Specifies Amazon Simple Storage Service (Amazon S3) targets.", + "title": "S3Targets", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Glue::CustomEntityType": { "additionalProperties": false, "properties": { "Condition": { @@ -121275,68 +129788,35 @@ "Properties": { "additionalProperties": false, "properties": { - "AggregationField": { - "markdownDescription": "The field to aggregate.", - "title": "AggregationField", - "type": "string" - }, - "AggregationType": { - "$ref": "#/definitions/AWS::IoT::FleetMetric.AggregationType", - "markdownDescription": "The type of the aggregation query.", - "title": "AggregationType" - }, - "Description": { - "markdownDescription": "The fleet metric description.", - "title": "Description", - "type": "string" - }, - "IndexName": { - "markdownDescription": "The name of the index to search.", - "title": "IndexName", - "type": "string" - }, - "MetricName": { - "markdownDescription": "The name of the fleet metric to create.", - "title": "MetricName", - "type": "string" - }, - "Period": { - "markdownDescription": "The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60.", - "title": "Period", - "type": "number" + "ContextWords": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of context words. If none of these context words are found within the vicinity of the regular expression the data will not be detected as sensitive data.\n\nIf no context words are passed only a regular expression is checked.", + "title": "ContextWords", + "type": "array" }, - "QueryString": { - "markdownDescription": "The search query string.", - "title": "QueryString", + "Name": { + "markdownDescription": "A name for the custom pattern that allows it to be retrieved or deleted later. This name must be unique per AWS account.", + "title": "Name", "type": "string" }, - "QueryVersion": { - "markdownDescription": "The query version.", - "title": "QueryVersion", + "RegexString": { + "markdownDescription": "A regular expression string that is used for detecting sensitive data in a custom pattern.", + "title": "RegexString", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the fleet metric.", + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", - "type": "array" - }, - "Unit": { - "markdownDescription": "Used to support unit transformation such as milliseconds to seconds. Must be a unit supported by CW metric. Default to null.", - "title": "Unit", - "type": "string" + "type": "object" } }, - "required": [ - "MetricName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::FleetMetric" + "AWS::Glue::CustomEntityType" ], "type": "string" }, @@ -121350,35 +129830,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::IoT::FleetMetric.AggregationType": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the aggregation type.", - "title": "Name", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the values of aggregation types.", - "title": "Values", - "type": "array" - } - }, - "required": [ - "Name", - "Values" + "Type" ], "type": "object" }, - "AWS::IoT::JobTemplate": { + "AWS::Glue::DataCatalogEncryptionSettings": { "additionalProperties": false, "properties": { "Condition": { @@ -121413,90 +129869,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AbortConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortConfig", - "markdownDescription": "The criteria that determine when and how a job abort takes place.", - "title": "AbortConfig" - }, - "Description": { - "markdownDescription": "A description of the job template.", - "title": "Description", - "type": "string" - }, - "DestinationPackageVersions": { - "items": { - "type": "string" - }, - "markdownDescription": "The package version Amazon Resource Names (ARNs) that are installed on the device\u2019s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed.", - "title": "DestinationPackageVersions", - "type": "array" - }, - "Document": { - "markdownDescription": "The job document.\n\nRequired if you don't specify a value for `documentSource` .", - "title": "Document", - "type": "string" - }, - "DocumentSource": { - "markdownDescription": "An S3 link, or S3 object URL, to the job document. The link is an Amazon S3 object URL and is required if you don't specify a value for `document` .\n\nFor example, `--document-source https://s3. *region-code* .amazonaws.com/example-firmware/device-firmware.1.0`\n\nFor more information, see [Methods for accessing a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html) .", - "title": "DocumentSource", - "type": "string" - }, - "JobArn": { - "markdownDescription": "The ARN of the job to use as the basis for the job template.", - "title": "JobArn", - "type": "string" - }, - "JobExecutionsRetryConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRetryConfig", - "markdownDescription": "Allows you to create the criteria to retry a job.", - "title": "JobExecutionsRetryConfig" - }, - "JobExecutionsRolloutConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRolloutConfig", - "markdownDescription": "Allows you to create a staged rollout of a job.", - "title": "JobExecutionsRolloutConfig" - }, - "JobTemplateId": { - "markdownDescription": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here.", - "title": "JobTemplateId", + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the settings are created.", + "title": "CatalogId", "type": "string" }, - "MaintenanceWindows": { - "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.MaintenanceWindow" - }, - "markdownDescription": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job.", - "title": "MaintenanceWindows", - "type": "array" - }, - "PresignedUrlConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.PresignedUrlConfig", - "markdownDescription": "Configuration for pre-signed S3 URLs.", - "title": "PresignedUrlConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the job template.", - "title": "Tags", - "type": "array" - }, - "TimeoutConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.TimeoutConfig", - "markdownDescription": "Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to `IN_PROGRESS` . If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to `TIMED_OUT` .", - "title": "TimeoutConfig" + "DataCatalogEncryptionSettings": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings", + "markdownDescription": "Contains configuration information for maintaining Data Catalog security.", + "title": "DataCatalogEncryptionSettings" } }, "required": [ - "Description", - "JobTemplateId" + "CatalogId", + "DataCatalogEncryptionSettings" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::JobTemplate" + "AWS::Glue::DataCatalogEncryptionSettings" ], "type": "string" }, @@ -121515,193 +129907,60 @@ ], "type": "object" }, - "AWS::IoT::JobTemplate.AbortConfig": { - "additionalProperties": false, - "properties": { - "CriteriaList": { - "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortCriteria" - }, - "markdownDescription": "The list of criteria that determine when and how to abort the job.", - "title": "CriteriaList", - "type": "array" - } - }, - "required": [ - "CriteriaList" - ], - "type": "object" - }, - "AWS::IoT::JobTemplate.AbortCriteria": { + "AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The type of job action to take to initiate the job abort.", - "title": "Action", - "type": "string" - }, - "FailureType": { - "markdownDescription": "The type of job execution failures that can initiate a job abort.", - "title": "FailureType", + "KmsKeyId": { + "markdownDescription": "An AWS KMS key that is used to encrypt the connection password.\n\nIf connection password protection is enabled, the caller of `CreateConnection` and `UpdateConnection` needs at least `kms:Encrypt` permission on the specified AWS KMS key, to encrypt passwords before storing them in the Data Catalog. You can set the decrypt permission to enable or restrict access on the password key according to your security requirements.", + "title": "KmsKeyId", "type": "string" }, - "MinNumberOfExecutedThings": { - "markdownDescription": "The minimum number of things which must receive job execution notifications before the job can be aborted.", - "title": "MinNumberOfExecutedThings", - "type": "number" - }, - "ThresholdPercentage": { - "markdownDescription": "The minimum percentage of job execution failures that must occur to initiate the job abort.\n\nAWS IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999).", - "title": "ThresholdPercentage", - "type": "number" - } - }, - "required": [ - "Action", - "FailureType", - "MinNumberOfExecutedThings", - "ThresholdPercentage" - ], - "type": "object" - }, - "AWS::IoT::JobTemplate.ExponentialRolloutRate": { - "additionalProperties": false, - "properties": { - "BaseRatePerMinute": { - "markdownDescription": "The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout.", - "title": "BaseRatePerMinute", - "type": "number" - }, - "IncrementFactor": { - "markdownDescription": "The exponential factor to increase the rate of rollout for a job.\n\nAWS IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55).", - "title": "IncrementFactor", - "type": "number" - }, - "RateIncreaseCriteria": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.RateIncreaseCriteria", - "markdownDescription": "The criteria to initiate the increase in rate of rollout for a job.", - "title": "RateIncreaseCriteria" - } - }, - "required": [ - "BaseRatePerMinute", - "IncrementFactor", - "RateIncreaseCriteria" - ], - "type": "object" - }, - "AWS::IoT::JobTemplate.JobExecutionsRetryConfig": { - "additionalProperties": false, - "properties": { - "RetryCriteriaList": { - "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.RetryCriteria" - }, - "markdownDescription": "The list of criteria that determines how many retries are allowed for each failure type for a job.", - "title": "RetryCriteriaList", - "type": "array" + "ReturnConnectionPasswordEncrypted": { + "markdownDescription": "When the `ReturnConnectionPasswordEncrypted` flag is set to \"true\", passwords remain encrypted in the responses of `GetConnection` and `GetConnections` . This encryption takes effect independently from catalog encryption.", + "title": "ReturnConnectionPasswordEncrypted", + "type": "boolean" } }, "type": "object" }, - "AWS::IoT::JobTemplate.JobExecutionsRolloutConfig": { + "AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings": { "additionalProperties": false, "properties": { - "ExponentialRolloutRate": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.ExponentialRolloutRate", - "markdownDescription": "The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout.", - "title": "ExponentialRolloutRate" + "ConnectionPasswordEncryption": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption", + "markdownDescription": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of `CreateConnection` or `UpdateConnection` and store it in the `ENCRYPTED_PASSWORD` field in the connection properties. You can enable catalog encryption or only password encryption.", + "title": "ConnectionPasswordEncryption" }, - "MaximumPerMinute": { - "markdownDescription": "The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.", - "title": "MaximumPerMinute", - "type": "number" + "EncryptionAtRest": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest", + "markdownDescription": "Specifies the encryption-at-rest configuration for the Data Catalog.", + "title": "EncryptionAtRest" } }, "type": "object" }, - "AWS::IoT::JobTemplate.MaintenanceWindow": { + "AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest": { "additionalProperties": false, "properties": { - "DurationInMinutes": { - "markdownDescription": "Displays the duration of the next maintenance window.", - "title": "DurationInMinutes", - "type": "number" - }, - "StartTime": { - "markdownDescription": "Displays the start time of the next maintenance window.", - "title": "StartTime", + "CatalogEncryptionMode": { + "markdownDescription": "The encryption-at-rest mode for encrypting Data Catalog data.", + "title": "CatalogEncryptionMode", "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::JobTemplate.PresignedUrlConfig": { - "additionalProperties": false, - "properties": { - "ExpiresInSec": { - "markdownDescription": "How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.", - "title": "ExpiresInSec", - "type": "number" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.\n\n> For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* .", - "title": "RoleArn", + "CatalogEncryptionServiceRole": { + "markdownDescription": "The role that AWS Glue assumes to encrypt and decrypt the Data Catalog objects on the caller's behalf.", + "title": "CatalogEncryptionServiceRole", "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::JobTemplate.RateIncreaseCriteria": { - "additionalProperties": false, - "properties": { - "NumberOfNotifiedThings": { - "markdownDescription": "The threshold for number of notified things that will initiate the increase in rate of rollout.", - "title": "NumberOfNotifiedThings", - "type": "number" }, - "NumberOfSucceededThings": { - "markdownDescription": "The threshold for number of succeeded things that will initiate the increase in rate of rollout.", - "title": "NumberOfSucceededThings", - "type": "number" - } - }, - "type": "object" - }, - "AWS::IoT::JobTemplate.RetryCriteria": { - "additionalProperties": false, - "properties": { - "FailureType": { - "markdownDescription": "The type of job execution failures that can initiate a job retry.", - "title": "FailureType", + "SseAwsKmsKeyId": { + "markdownDescription": "The ID of the AWS KMS key to use for encryption at rest.", + "title": "SseAwsKmsKeyId", "type": "string" - }, - "NumberOfRetries": { - "markdownDescription": "The number of retries allowed for a failure type for the job.", - "title": "NumberOfRetries", - "type": "number" - } - }, - "type": "object" - }, - "AWS::IoT::JobTemplate.TimeoutConfig": { - "additionalProperties": false, - "properties": { - "InProgressTimeoutInMinutes": { - "markdownDescription": "Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status.", - "title": "InProgressTimeoutInMinutes", - "type": "number" } }, - "required": [ - "InProgressTimeoutInMinutes" - ], "type": "object" }, - "AWS::IoT::Logging": { + "AWS::Glue::DataQualityRuleset": { "additionalProperties": false, "properties": { "Condition": { @@ -121736,32 +129995,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The account ID.", - "title": "AccountId", + "ClientToken": { + "markdownDescription": "Used for idempotency and is recommended to be set to a random ID (such as a UUID) to avoid creating or starting multiple instances of the same resource.", + "title": "ClientToken", "type": "string" }, - "DefaultLogLevel": { - "markdownDescription": "The default log level. Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", - "title": "DefaultLogLevel", + "Description": { + "markdownDescription": "A description of the data quality ruleset.", + "title": "Description", "type": "string" }, - "RoleArn": { - "markdownDescription": "The role ARN used for the log.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name of the data quality ruleset.", + "title": "Name", + "type": "string" + }, + "Ruleset": { + "markdownDescription": "A Data Quality Definition Language (DQDL) ruleset. For more information see the AWS Glue Developer Guide.", + "title": "Ruleset", "type": "string" + }, + "Tags": { + "markdownDescription": "A list of tags applied to the data quality ruleset.", + "title": "Tags", + "type": "object" + }, + "TargetTable": { + "$ref": "#/definitions/AWS::Glue::DataQualityRuleset.DataQualityTargetTable", + "markdownDescription": "An object representing an AWS Glue table.", + "title": "TargetTable" } }, - "required": [ - "AccountId", - "DefaultLogLevel", - "RoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Logging" + "AWS::Glue::DataQualityRuleset" ], "type": "string" }, @@ -121775,12 +130044,27 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoT::MitigationAction": { + "AWS::Glue::DataQualityRuleset.DataQualityTargetTable": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of the database where the AWS Glue table exists.", + "title": "DatabaseName", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the AWS Glue table.", + "title": "TableName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -121815,39 +130099,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionName": { - "markdownDescription": "The friendly name of the mitigation action.", - "title": "ActionName", + "CatalogId": { + "markdownDescription": "The AWS account ID for the account in which to create the catalog object.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", + "title": "CatalogId", "type": "string" }, - "ActionParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.ActionParams", - "markdownDescription": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.", - "title": "ActionParams" + "DatabaseInput": { + "$ref": "#/definitions/AWS::Glue::Database.DatabaseInput", + "markdownDescription": "The metadata for the database.", + "title": "DatabaseInput" }, - "RoleArn": { - "markdownDescription": "The IAM role ARN used to apply this mitigation action.", - "title": "RoleArn", + "DatabaseName": { + "markdownDescription": "The name of the catalog database.", + "title": "DatabaseName", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the mitigation action.", - "title": "Tags", - "type": "array" } }, "required": [ - "ActionParams", - "RoleArn" + "CatalogId", + "DatabaseInput" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::MitigationAction" + "AWS::Glue::Database" ], "type": "string" }, @@ -121866,141 +130142,118 @@ ], "type": "object" }, - "AWS::IoT::MitigationAction.ActionParams": { + "AWS::Glue::Database.DataLakePrincipal": { "additionalProperties": false, "properties": { - "AddThingsToThingGroupParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.AddThingsToThingGroupParams", - "markdownDescription": "Specifies the group to which you want to add the devices.", - "title": "AddThingsToThingGroupParams" - }, - "EnableIoTLoggingParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.EnableIoTLoggingParams", - "markdownDescription": "Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` .", - "title": "EnableIoTLoggingParams" - }, - "PublishFindingToSnsParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.PublishFindingToSnsParams", - "markdownDescription": "Specifies the topic to which the finding should be published.", - "title": "PublishFindingToSnsParams" - }, - "ReplaceDefaultPolicyVersionParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams", - "markdownDescription": "Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported.", - "title": "ReplaceDefaultPolicyVersionParams" - }, - "UpdateCACertificateParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateCACertificateParams", - "markdownDescription": "Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported.", - "title": "UpdateCACertificateParams" - }, - "UpdateDeviceCertificateParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateDeviceCertificateParams", - "markdownDescription": "Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported.", - "title": "UpdateDeviceCertificateParams" + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the AWS Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", + "type": "string" } }, "type": "object" }, - "AWS::IoT::MitigationAction.AddThingsToThingGroupParams": { + "AWS::Glue::Database.DatabaseIdentifier": { "additionalProperties": false, "properties": { - "OverrideDynamicGroups": { - "markdownDescription": "Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.", - "title": "OverrideDynamicGroups", - "type": "boolean" + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the database resides.", + "title": "CatalogId", + "type": "string" }, - "ThingGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.", - "title": "ThingGroupNames", - "type": "array" - } - }, - "required": [ - "ThingGroupNames" - ], - "type": "object" - }, - "AWS::IoT::MitigationAction.EnableIoTLoggingParams": { - "additionalProperties": false, - "properties": { - "LogLevel": { - "markdownDescription": "Specifies the type of information to be logged.", - "title": "LogLevel", + "DatabaseName": { + "markdownDescription": "The name of the catalog database.", + "title": "DatabaseName", "type": "string" }, - "RoleArnForLogging": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used for logging.", - "title": "RoleArnForLogging", + "Region": { + "markdownDescription": "The Region of the database.", + "title": "Region", "type": "string" } }, - "required": [ - "LogLevel", - "RoleArnForLogging" - ], "type": "object" }, - "AWS::IoT::MitigationAction.PublishFindingToSnsParams": { + "AWS::Glue::Database.DatabaseInput": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "The ARN of the topic to which you want to publish the findings.", - "title": "TopicArn", + "CreateTableDefaultPermissions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Database.PrincipalPrivileges" + }, + "markdownDescription": "Creates a set of default permissions on the table for principals. Used by AWS Lake Formation . Not used in the normal course of AWS Glue operations.", + "title": "CreateTableDefaultPermissions", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the database.", + "title": "Description", "type": "string" - } - }, - "required": [ - "TopicArn" - ], - "type": "object" - }, - "AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams": { - "additionalProperties": false, - "properties": { - "TemplateName": { - "markdownDescription": "The name of the template to be applied. The only supported value is `BLANK_POLICY` .", - "title": "TemplateName", + }, + "FederatedDatabase": { + "$ref": "#/definitions/AWS::Glue::Database.FederatedDatabase", + "markdownDescription": "A `FederatedDatabase` structure that references an entity outside the AWS Glue Data Catalog .", + "title": "FederatedDatabase" + }, + "LocationUri": { + "markdownDescription": "The location of the database (for example, an HDFS path).", + "title": "LocationUri", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "Name", "type": "string" + }, + "Parameters": { + "markdownDescription": "These key-value pairs define parameters and properties of the database.", + "title": "Parameters", + "type": "object" + }, + "TargetDatabase": { + "$ref": "#/definitions/AWS::Glue::Database.DatabaseIdentifier", + "markdownDescription": "A `DatabaseIdentifier` structure that describes a target database for resource linking.", + "title": "TargetDatabase" } }, - "required": [ - "TemplateName" - ], "type": "object" }, - "AWS::IoT::MitigationAction.UpdateCACertificateParams": { + "AWS::Glue::Database.FederatedDatabase": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` .", - "title": "Action", + "ConnectionName": { + "markdownDescription": "The name of the connection to the external metastore.", + "title": "ConnectionName", + "type": "string" + }, + "Identifier": { + "markdownDescription": "A unique identifier for the federated database.", + "title": "Identifier", "type": "string" } }, - "required": [ - "Action" - ], "type": "object" }, - "AWS::IoT::MitigationAction.UpdateDeviceCertificateParams": { + "AWS::Glue::Database.PrincipalPrivileges": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` .", - "title": "Action", - "type": "string" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions that are granted to the principal.", + "title": "Permissions", + "type": "array" + }, + "Principal": { + "$ref": "#/definitions/AWS::Glue::Database.DataLakePrincipal", + "markdownDescription": "The principal who is granted permissions.", + "title": "Principal" } }, - "required": [ - "Action" - ], "type": "object" }, - "AWS::IoT::Policy": { + "AWS::Glue::DevEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -122035,33 +130288,96 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The JSON document that describes the policy.", - "title": "PolicyDocument", + "Arguments": { + "markdownDescription": "A map of arguments used to configure the `DevEndpoint` .\n\nValid arguments are:\n\n- `\"--enable-glue-datacatalog\": \"\"`\n- `\"GLUE_PYTHON_VERSION\": \"3\"`\n- `\"GLUE_PYTHON_VERSION\": \"2\"`\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", + "title": "Arguments", "type": "object" }, - "PolicyName": { - "markdownDescription": "The policy name.", - "title": "PolicyName", + "EndpointName": { + "markdownDescription": "The name of the `DevEndpoint` .", + "title": "EndpointName", "type": "string" }, - "Tags": { + "ExtraJarsS3Path": { + "markdownDescription": "The path to one or more Java `.jar` files in an S3 bucket that should be loaded in your `DevEndpoint` .\n\n> You can only use pure Java/Scala libraries with a `DevEndpoint` .", + "title": "ExtraJarsS3Path", + "type": "string" + }, + "ExtraPythonLibsS3Path": { + "markdownDescription": "The paths to one or more Python libraries in an Amazon S3 bucket that should be loaded in your `DevEndpoint` . Multiple values must be complete paths separated by a comma.\n\n> You can only use pure Python libraries with a `DevEndpoint` . Libraries that rely on C extensions, such as the [pandas](https://docs.aws.amazon.com/http://pandas.pydata.org/) Python data analysis library, are not currently supported.", + "title": "ExtraPythonLibsS3Path", + "type": "string" + }, + "GlueVersion": { + "markdownDescription": "The AWS Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for running your ETL scripts on development endpoints.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nDevelopment endpoints that are created without specifying a Glue version default to Glue 0.9.\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", + "title": "GlueVersion", + "type": "string" + }, + "NumberOfNodes": { + "markdownDescription": "The number of AWS Glue Data Processing Units (DPUs) allocated to this `DevEndpoint` .", + "title": "NumberOfNodes", + "type": "number" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated to the development endpoint.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", + "title": "NumberOfWorkers", + "type": "number" + }, + "PublicKey": { + "markdownDescription": "The public key to be used by this `DevEndpoint` for authentication. This attribute is provided for backward compatibility because the recommended attribute to use is public keys.", + "title": "PublicKey", + "type": "string" + }, + "PublicKeys": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "A list of public keys to be used by the `DevEndpoints` for authentication. Using this attribute is preferred over a single public key because the public keys allow you to have a different private key per client.\n\n> If you previously created an endpoint with a public key, you must remove that key to be able to set a list of public keys. Call the `UpdateDevEndpoint` API operation with the public key content in the `deletePublicKeys` attribute, and the list of new keys in the `addPublicKeys` attribute.", + "title": "PublicKeys", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used in this `DevEndpoint` .", + "title": "RoleArn", + "type": "string" + }, + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this `DevEndpoint` .", + "title": "SecurityConfiguration", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group identifiers used in this `DevEndpoint` .", + "title": "SecurityGroupIds", "type": "array" + }, + "SubnetId": { + "markdownDescription": "The subnet ID for this `DevEndpoint` .", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this DevEndpoint.", + "title": "Tags", + "type": "object" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated to the development endpoint. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n\nKnown issue: when a development endpoint is created with the `G.2X` `WorkerType` configuration, the Spark drivers for the development endpoint will run on 4 vCPU, 16 GB of memory, and a 64 GB disk.", + "title": "WorkerType", + "type": "string" } }, "required": [ - "PolicyDocument" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Policy" + "AWS::Glue::DevEndpoint" ], "type": "string" }, @@ -122080,7 +130396,7 @@ ], "type": "object" }, - "AWS::IoT::PolicyPrincipalAttachment": { + "AWS::Glue::Job": { "additionalProperties": false, "properties": { "Condition": { @@ -122115,26 +130431,131 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyName": { - "markdownDescription": "The name of the AWS IoT policy.", - "title": "PolicyName", - "type": "string" + "AllocatedCapacity": { + "markdownDescription": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job.", + "title": "AllocatedCapacity", + "type": "number" }, - "Principal": { - "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", - "title": "Principal", + "Command": { + "$ref": "#/definitions/AWS::Glue::Job.JobCommand", + "markdownDescription": "The code that executes a job.", + "title": "Command" + }, + "Connections": { + "$ref": "#/definitions/AWS::Glue::Job.ConnectionsList", + "markdownDescription": "The connections used for this job.", + "title": "Connections" + }, + "DefaultArguments": { + "markdownDescription": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .", + "title": "DefaultArguments", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the job.", + "title": "Description", + "type": "string" + }, + "ExecutionClass": { + "markdownDescription": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs.", + "title": "ExecutionClass", + "type": "string" + }, + "ExecutionProperty": { + "$ref": "#/definitions/AWS::Glue::Job.ExecutionProperty", + "markdownDescription": "The maximum number of concurrent runs that are allowed for this job.", + "title": "ExecutionProperty" + }, + "GlueVersion": { + "markdownDescription": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available.", + "title": "GlueVersion", + "type": "string" + }, + "JobMode": { + "markdownDescription": "A mode that describes how a job was created. Valid values are:\n\n- `SCRIPT` - The job was created using the AWS Glue Studio script editor.\n- `VISUAL` - The job was created using the AWS Glue Studio visual editor.\n- `NOTEBOOK` - The job was created using an interactive sessions notebook.\n\nWhen the `JobMode` field is missing or null, `SCRIPT` is assigned as the default value.", + "title": "JobMode", + "type": "string" + }, + "JobRunQueuingEnabled": { + "markdownDescription": "Specifies whether job run queuing is enabled for the job runs for this job.\n\nA value of true means job run queuing is enabled for the job runs. If false or not populated, the job runs will not be considered for queueing.\n\nIf this field does not match the value set in the job run, then the value from the job run field will be used.", + "title": "JobRunQueuingEnabled", + "type": "boolean" + }, + "LogUri": { + "markdownDescription": "This field is reserved for future use.", + "title": "LogUri", + "type": "string" + }, + "MaintenanceWindow": { + "markdownDescription": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. AWS Glue periodically performs maintenance activities. During these maintenance windows, AWS Glue will need to restart your streaming jobs.\n\nAWS Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT.", + "title": "MaintenanceWindow", + "type": "string" + }, + "MaxCapacity": { + "markdownDescription": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry this job after a JobRun fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "The name you assign to this job definition.", + "title": "Name", + "type": "string" + }, + "NonOverridableArguments": { + "markdownDescription": "Non-overridable arguments for this job, specified as name-value pairs.", + "title": "NonOverridableArguments", + "type": "object" + }, + "NotificationProperty": { + "$ref": "#/definitions/AWS::Glue::Job.NotificationProperty", + "markdownDescription": "Specifies configuration properties of a notification.", + "title": "NotificationProperty" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", + "title": "NumberOfWorkers", + "type": "number" + }, + "Role": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job.", + "title": "Role", + "type": "string" + }, + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this job.", + "title": "SecurityConfiguration", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this job.", + "title": "Tags", + "type": "object" + }, + "Timeout": { + "markdownDescription": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours).", + "title": "Timeout", + "type": "number" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 94GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 138GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Spain), Europe (Stockholm), and South America (S\u00e3o Paulo).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk, and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 or later streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk, and provides up to 8 Ray workers based on the autoscaler.", + "title": "WorkerType", "type": "string" } }, "required": [ - "PolicyName", - "Principal" + "Command", + "Role" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::PolicyPrincipalAttachment" + "AWS::Glue::Job" ], "type": "string" }, @@ -122153,7 +130574,69 @@ ], "type": "object" }, - "AWS::IoT::ProvisioningTemplate": { + "AWS::Glue::Job.ConnectionsList": { + "additionalProperties": false, + "properties": { + "Connections": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of connections used by the job.", + "title": "Connections", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Glue::Job.ExecutionProperty": { + "additionalProperties": false, + "properties": { + "MaxConcurrentRuns": { + "markdownDescription": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.", + "title": "MaxConcurrentRuns", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Glue::Job.JobCommand": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` .", + "title": "Name", + "type": "string" + }, + "PythonVersion": { + "markdownDescription": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated.", + "title": "PythonVersion", + "type": "string" + }, + "Runtime": { + "markdownDescription": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide.", + "title": "Runtime", + "type": "string" + }, + "ScriptLocation": { + "markdownDescription": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required).", + "title": "ScriptLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Job.NotificationProperty": { + "additionalProperties": false, + "properties": { + "NotifyDelayAfter": { + "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification.", + "title": "NotifyDelayAfter", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Glue::MLTransform": { "additionalProperties": false, "properties": { "Condition": { @@ -122189,58 +130672,81 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the fleet provisioning template.", + "markdownDescription": "A user-defined, long-form description text for the machine learning transform.", "title": "Description", "type": "string" }, - "Enabled": { - "markdownDescription": "True to enable the fleet provisioning template, otherwise false.", - "title": "Enabled", - "type": "boolean" + "GlueVersion": { + "markdownDescription": "This value determines which version of AWS Glue this machine learning transform is compatible with. Glue 1.0 is recommended for most customers. If the value is not set, the Glue compatibility defaults to Glue 0.9. For more information, see [AWS Glue Versions](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html#release-notes-versions) in the developer guide.", + "title": "GlueVersion", + "type": "string" }, - "PreProvisioningHook": { - "$ref": "#/definitions/AWS::IoT::ProvisioningTemplate.ProvisioningHook", - "markdownDescription": "Creates a pre-provisioning hook template.", - "title": "PreProvisioningHook" + "InputRecordTables": { + "$ref": "#/definitions/AWS::Glue::MLTransform.InputRecordTables", + "markdownDescription": "A list of AWS Glue table definitions used by the transform.", + "title": "InputRecordTables" }, - "ProvisioningRoleArn": { - "markdownDescription": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.", - "title": "ProvisioningRoleArn", + "MaxCapacity": { + "markdownDescription": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from 2 to 100 DPUs; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory. For more information, see the [AWS Glue pricing page](https://docs.aws.amazon.com/glue/pricing/) .\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.\n\nWhen the `WorkerType` field is set to a value other than `Standard` , the `MaxCapacity` field is set automatically and becomes read-only.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry after an `MLTaskRun` of the machine learning transform fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "A user-defined name for the machine learning transform. Names are required to be unique. `Name` is optional:\n\n- If you supply `Name` , the stack cannot be repeatedly created.\n- If `Name` is not provided, a randomly generated name will be used instead.", + "title": "Name", + "type": "string" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a task of the transform runs.\n\nIf `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).", + "title": "NumberOfWorkers", + "type": "number" + }, + "Role": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role with the required permissions. The required permissions include both AWS Glue service role permissions to AWS Glue resources, and Amazon S3 permissions required by the transform.\n\n- This role needs AWS Glue service role permissions to allow access to resources in AWS Glue . See [Attach a Policy to IAM Users That Access AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/attach-policy-iam-user.html) .\n- This role needs permission to your Amazon Simple Storage Service (Amazon S3) sources, targets, temporary directory, scripts, and any libraries used by the task run for this transform.", + "title": "Role", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the fleet provisioning template.", + "markdownDescription": "The tags to use with this machine learning transform. You may use tags to limit access to the machine learning transform. For more information about tags in AWS Glue , see [AWS Tags in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html) in the developer guide.", "title": "Tags", - "type": "array" + "type": "object" }, - "TemplateBody": { - "markdownDescription": "The JSON formatted contents of the fleet provisioning template version.", - "title": "TemplateBody", - "type": "string" + "Timeout": { + "markdownDescription": "The timeout in minutes of the machine learning transform.", + "title": "Timeout", + "type": "number" }, - "TemplateName": { - "markdownDescription": "The name of the fleet provisioning template.", - "title": "TemplateName", - "type": "string" + "TransformEncryption": { + "$ref": "#/definitions/AWS::Glue::MLTransform.TransformEncryption", + "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data. Machine learning\ntransforms can access user data encrypted in Amazon S3 using KMS.\n\nAdditionally, imported labels and trained transforms can now be encrypted using a customer provided\nKMS key.", + "title": "TransformEncryption" }, - "TemplateType": { - "markdownDescription": "The type of the provisioning template.", - "title": "TemplateType", + "TransformParameters": { + "$ref": "#/definitions/AWS::Glue::MLTransform.TransformParameters", + "markdownDescription": "The algorithm-specific parameters that are associated with the machine learning transform.", + "title": "TransformParameters" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated when a task of this transform runs. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker provides 4 vCPU, 16 GB of memory and a 64GB disk, and 1 executor per worker.\n- For the `G.2X` worker type, each worker provides 8 vCPU, 32 GB of memory and a 128GB disk, and 1 executor per worker.\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.", + "title": "WorkerType", "type": "string" } }, "required": [ - "ProvisioningRoleArn", - "TemplateBody" + "InputRecordTables", + "Role", + "TransformParameters" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ProvisioningTemplate" + "AWS::Glue::MLTransform" ], "type": "string" }, @@ -122259,187 +130765,134 @@ ], "type": "object" }, - "AWS::IoT::ProvisioningTemplate.ProvisioningHook": { + "AWS::Glue::MLTransform.FindMatchesParameters": { "additionalProperties": false, "properties": { - "PayloadVersion": { - "markdownDescription": "The payload that was sent to the target function. The valid payload is `\"2020-04-01\"` .", - "title": "PayloadVersion", - "type": "string" + "AccuracyCostTradeoff": { + "markdownDescription": "The value that is selected when tuning your transform for a balance between accuracy and cost. A value of 0.5 means that the system balances accuracy and cost concerns. A value of 1.0 means a bias purely for accuracy, which typically results in a higher cost, sometimes substantially higher. A value of 0.0 means a bias purely for cost, which results in a less accurate `FindMatches` transform, sometimes with unacceptable accuracy.\n\nAccuracy measures how well the transform finds true positives and true negatives. Increasing accuracy requires more machine resources and cost. But it also results in increased recall.\n\nCost measures how many compute resources, and thus money, are consumed to run the transform.", + "title": "AccuracyCostTradeoff", + "type": "number" }, - "TargetArn": { - "markdownDescription": "The ARN of the target function.", - "title": "TargetArn", + "EnforceProvidedLabels": { + "markdownDescription": "The value to switch on or off to force the output to match the provided labels from users. If the value is `True` , the `find matches` transform forces the output to match the provided labels. The results override the normal conflation results. If the value is `False` , the `find matches` transform does not ensure all the labels provided are respected, and the results rely on the trained model.\n\nNote that setting this value to true may increase the conflation execution time.", + "title": "EnforceProvidedLabels", + "type": "boolean" + }, + "PrecisionRecallTradeoff": { + "markdownDescription": "The value selected when tuning your transform for a balance between precision and recall. A value of 0.5 means no preference; a value of 1.0 means a bias purely for precision, and a value of 0.0 means a bias for recall. Because this is a tradeoff, choosing values close to 1.0 means very low recall, and choosing values close to 0.0 results in very low precision.\n\nThe precision metric indicates how often your model is correct when it predicts a match.\n\nThe recall metric indicates that for an actual match, how often your model predicts the match.", + "title": "PrecisionRecallTradeoff", + "type": "number" + }, + "PrimaryKeyColumnName": { + "markdownDescription": "The name of a column that uniquely identifies rows in the source table. Used to help identify matching records.", + "title": "PrimaryKeyColumnName", "type": "string" } }, + "required": [ + "PrimaryKeyColumnName" + ], "type": "object" }, - "AWS::IoT::ResourceSpecificLogging": { + "AWS::Glue::MLTransform.GlueTables": { "additionalProperties": false, "properties": { - "Condition": { + "CatalogId": { + "markdownDescription": "A unique identifier for the AWS Glue Data Catalog .", + "title": "CatalogId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ConnectionName": { + "markdownDescription": "The name of the connection to the AWS Glue Data Catalog .", + "title": "ConnectionName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogLevel": { - "markdownDescription": "The default log level.Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", - "title": "LogLevel", - "type": "string" - }, - "TargetName": { - "markdownDescription": "The target name.", - "title": "TargetName", - "type": "string" - }, - "TargetType": { - "markdownDescription": "The target type. Valid Values: `DEFAULT | THING_GROUP`", - "title": "TargetType", - "type": "string" - } - }, - "required": [ - "LogLevel", - "TargetName", - "TargetType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT::ResourceSpecificLogging" - ], + "DatabaseName": { + "markdownDescription": "A database name in the AWS Glue Data Catalog .", + "title": "DatabaseName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableName": { + "markdownDescription": "A table name in the AWS Glue Data Catalog .", + "title": "TableName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DatabaseName", + "TableName" ], "type": "object" }, - "AWS::IoT::RoleAlias": { + "AWS::Glue::MLTransform.InputRecordTables": { "additionalProperties": false, "properties": { - "Condition": { + "GlueTables": { + "items": { + "$ref": "#/definitions/AWS::Glue::MLTransform.GlueTables" + }, + "markdownDescription": "The database and table in the AWS Glue Data Catalog that is used for input or output data.", + "title": "GlueTables", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Glue::MLTransform.MLUserDataEncryption": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The ID for the customer-provided KMS key.", + "title": "KmsKeyId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MLUserDataEncryptionMode": { + "markdownDescription": "The encryption mode applied to user data. Valid values are:\n\n- DISABLED: encryption is disabled.\n- SSEKMS: use of server-side encryption with AWS Key Management Service (SSE-KMS) for user data\nstored in Amazon S3.", + "title": "MLUserDataEncryptionMode", "type": "string" + } + }, + "required": [ + "MLUserDataEncryptionMode" + ], + "type": "object" + }, + "AWS::Glue::MLTransform.TransformEncryption": { + "additionalProperties": false, + "properties": { + "MLUserDataEncryption": { + "$ref": "#/definitions/AWS::Glue::MLTransform.MLUserDataEncryption", + "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data.", + "title": "MLUserDataEncryption" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CredentialDurationSeconds": { - "markdownDescription": "The number of seconds for which the credential is valid.", - "title": "CredentialDurationSeconds", - "type": "number" - }, - "RoleAlias": { - "markdownDescription": "The role alias.", - "title": "RoleAlias", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The role ARN.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT::RoleAlias" - ], + "TaskRunSecurityConfigurationName": { + "markdownDescription": "The name of the security configuration.", + "title": "TaskRunSecurityConfigurationName", "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::MLTransform.TransformParameters": { + "additionalProperties": false, + "properties": { + "FindMatchesParameters": { + "$ref": "#/definitions/AWS::Glue::MLTransform.FindMatchesParameters", + "markdownDescription": "The parameters for the find matches algorithm.", + "title": "FindMatchesParameters" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TransformType": { + "markdownDescription": "The type of machine learning transform. `FIND_MATCHES` is the only option.\n\nFor information about the types of machine learning transforms, see [Working with machine learning transforms](https://docs.aws.amazon.com/glue/latest/dg/console-machine-learning-transforms.html) .", + "title": "TransformType", "type": "string" } }, "required": [ - "Type", - "Properties" + "TransformType" ], "type": "object" }, - "AWS::IoT::ScheduledAudit": { + "AWS::Glue::Partition": { "additionalProperties": false, "properties": { "Condition": { @@ -122474,52 +130927,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month on which the scheduled audit is run (if the `frequency` is \"MONTHLY\"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the \"LAST\" day of the month.", - "title": "DayOfMonth", + "CatalogId": { + "markdownDescription": "The AWS account ID of the catalog in which the partion is to be created.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", + "title": "CatalogId", "type": "string" }, - "DayOfWeek": { - "markdownDescription": "The day of the week on which the scheduled audit is run (if the `frequency` is \"WEEKLY\" or \"BIWEEKLY\").", - "title": "DayOfWeek", + "DatabaseName": { + "markdownDescription": "The name of the catalog database in which to create the partition.", + "title": "DatabaseName", "type": "string" }, - "Frequency": { - "markdownDescription": "How often the scheduled audit occurs.", - "title": "Frequency", - "type": "string" + "PartitionInput": { + "$ref": "#/definitions/AWS::Glue::Partition.PartitionInput", + "markdownDescription": "The structure used to create and update a partition.", + "title": "PartitionInput" }, - "ScheduledAuditName": { - "markdownDescription": "The name of the scheduled audit.", - "title": "ScheduledAuditName", + "TableName": { + "markdownDescription": "The name of the metadata table in which the partition is to be created.", + "title": "TableName", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the scheduled audit.", - "title": "Tags", - "type": "array" - }, - "TargetCheckNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use `DescribeAccountAuditConfiguration` to see the list of all checks, including those that are enabled or use `UpdateAccountAuditConfiguration` to select which checks are enabled.)\n\nThe following checks are currently available:\n\n- `AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`\n- `CA_CERTIFICATE_EXPIRING_CHECK`\n- `CA_CERTIFICATE_KEY_QUALITY_CHECK`\n- `CONFLICTING_CLIENT_IDS_CHECK`\n- `DEVICE_CERTIFICATE_EXPIRING_CHECK`\n- `DEVICE_CERTIFICATE_KEY_QUALITY_CHECK`\n- `DEVICE_CERTIFICATE_SHARED_CHECK`\n- `IOT_POLICY_OVERLY_PERMISSIVE_CHECK`\n- `IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK`\n- `IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK`\n- `LOGGING_DISABLED_CHECK`\n- `REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`", - "title": "TargetCheckNames", - "type": "array" } }, "required": [ - "Frequency", - "TargetCheckNames" + "CatalogId", + "DatabaseName", + "PartitionInput", + "TableName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ScheduledAudit" + "AWS::Glue::Partition" ], "type": "string" }, @@ -122538,356 +130977,247 @@ ], "type": "object" }, - "AWS::IoT::SecurityProfile": { + "AWS::Glue::Partition.Column": { "additionalProperties": false, "properties": { - "Condition": { + "Comment": { + "markdownDescription": "A free-form text comment.", + "title": "Comment", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the `Column` .", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalMetricsToRetainV2": { - "items": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricToRetain" - }, - "markdownDescription": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's `behaviors` , but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.", - "title": "AdditionalMetricsToRetainV2", - "type": "array" - }, - "AlertTargets": { - "additionalProperties": false, - "markdownDescription": "Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.AlertTarget" - } - }, - "title": "AlertTargets", - "type": "object" - }, - "Behaviors": { - "items": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.Behavior" - }, - "markdownDescription": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", - "title": "Behaviors", - "type": "array" - }, - "MetricsExportConfig": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricsExportConfig", - "markdownDescription": "Specifies the MQTT topic and role ARN required for metric export.", - "title": "MetricsExportConfig" - }, - "SecurityProfileDescription": { - "markdownDescription": "A description of the security profile.", - "title": "SecurityProfileDescription", - "type": "string" - }, - "SecurityProfileName": { - "markdownDescription": "The name you gave to the security profile.", - "title": "SecurityProfileName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the security profile.", - "title": "Tags", - "type": "array" - }, - "TargetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN of the target (thing group) to which the security profile is attached.", - "title": "TargetArns", - "type": "array" - } - }, - "type": "object" - }, "Type": { - "enum": [ - "AWS::IoT::SecurityProfile" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The data type of the `Column` .", + "title": "Type", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" }, - "AWS::IoT::SecurityProfile.AlertTarget": { + "AWS::Glue::Partition.Order": { "additionalProperties": false, "properties": { - "AlertTargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the notification target to which alerts are sent.", - "title": "AlertTargetArn", + "Column": { + "markdownDescription": "The name of the column.", + "title": "Column", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to send alerts to the notification target.", - "title": "RoleArn", - "type": "string" + "SortOrder": { + "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", + "title": "SortOrder", + "type": "number" } }, "required": [ - "AlertTargetArn", - "RoleArn" + "Column" ], "type": "object" }, - "AWS::IoT::SecurityProfile.Behavior": { + "AWS::Glue::Partition.PartitionInput": { "additionalProperties": false, "properties": { - "Criteria": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.BehaviorCriteria", - "markdownDescription": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n> In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.", - "title": "Criteria" - }, - "ExportMetric": { - "markdownDescription": "Value indicates exporting metrics related to the behavior when it is true.", - "title": "ExportMetric", - "type": "boolean" - }, - "Metric": { - "markdownDescription": "What is measured by the behavior.", - "title": "Metric", - "type": "string" - }, - "MetricDimension": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", - "markdownDescription": "The dimension of the metric.", - "title": "MetricDimension" + "Parameters": { + "markdownDescription": "These key-value pairs define partition parameters.", + "title": "Parameters", + "type": "object" }, - "Name": { - "markdownDescription": "The name you've given to the behavior.", - "title": "Name", - "type": "string" + "StorageDescriptor": { + "$ref": "#/definitions/AWS::Glue::Partition.StorageDescriptor", + "markdownDescription": "Provides information about the physical location where the partition is stored.", + "title": "StorageDescriptor" }, - "SuppressAlerts": { - "markdownDescription": "The alert status. If you set the value to `true` , alerts will be suppressed.", - "title": "SuppressAlerts", - "type": "boolean" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values of the partition. Although this parameter is not required by the SDK, you must specify this parameter for a valid input.\n\nThe values for the keys for the new partition must be passed as an array of String objects that must be ordered in the same order as the partition keys appearing in the Amazon S3 prefix. Otherwise AWS Glue will add the values to the wrong keys.", + "title": "Values", + "type": "array" } }, "required": [ - "Name" + "Values" ], "type": "object" }, - "AWS::IoT::SecurityProfile.BehaviorCriteria": { + "AWS::Glue::Partition.SchemaId": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The operator that relates the thing measured ( `metric` ) to the criteria (containing a `value` or `statisticalThreshold` ). Valid operators include:\n\n- `string-list` : `in-set` and `not-in-set`\n- `number-list` : `in-set` and `not-in-set`\n- `ip-address-list` : `in-cidr-set` and `not-in-cidr-set`\n- `number` : `less-than` , `less-than-equals` , `greater-than` , and `greater-than-equals`", - "title": "ComparisonOperator", + "RegistryName": { + "markdownDescription": "The name of the schema registry that contains the schema.", + "title": "RegistryName", "type": "string" }, - "ConsecutiveDatapointsToAlarm": { - "markdownDescription": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.", - "title": "ConsecutiveDatapointsToAlarm", - "type": "number" - }, - "ConsecutiveDatapointsToClear": { - "markdownDescription": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.", - "title": "ConsecutiveDatapointsToClear", - "type": "number" - }, - "DurationSeconds": { - "markdownDescription": "Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, `NUM_MESSAGES_SENT` ). For a `statisticalThreshhold` metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.", - "title": "DurationSeconds", - "type": "number" - }, - "MlDetectionConfig": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MachineLearningDetectionConfig", - "markdownDescription": "The confidence level of the detection model.", - "title": "MlDetectionConfig" - }, - "StatisticalThreshold": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.StatisticalThreshold", - "markdownDescription": "A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.", - "title": "StatisticalThreshold" + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", + "title": "SchemaArn", + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricValue", - "markdownDescription": "The value to be compared with the `metric` .", - "title": "Value" + "SchemaName": { + "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", + "title": "SchemaName", + "type": "string" } }, "type": "object" }, - "AWS::IoT::SecurityProfile.MachineLearningDetectionConfig": { + "AWS::Glue::Partition.SchemaReference": { "additionalProperties": false, "properties": { - "ConfidenceLevel": { - "markdownDescription": "The model confidence level.\n\nThere are three levels of confidence, `\"high\"` , `\"medium\"` , and `\"low\"` .\n\nThe higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.", - "title": "ConfidenceLevel", + "SchemaId": { + "$ref": "#/definitions/AWS::Glue::Partition.SchemaId", + "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", + "title": "SchemaId" + }, + "SchemaVersionId": { + "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", + "title": "SchemaVersionId", "type": "string" + }, + "SchemaVersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionNumber", + "type": "number" } }, "type": "object" }, - "AWS::IoT::SecurityProfile.MetricDimension": { + "AWS::Glue::Partition.SerdeInfo": { "additionalProperties": false, "properties": { - "DimensionName": { - "markdownDescription": "The name of the dimension.", - "title": "DimensionName", + "Name": { + "markdownDescription": "Name of the SerDe.", + "title": "Name", "type": "string" }, - "Operator": { - "markdownDescription": "Operators are constructs that perform logical operations. Valid values are `IN` and `NOT_IN` .", - "title": "Operator", + "Parameters": { + "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", + "title": "Parameters", + "type": "object" + }, + "SerializationLibrary": { + "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", + "title": "SerializationLibrary", "type": "string" } }, - "required": [ - "DimensionName" - ], "type": "object" }, - "AWS::IoT::SecurityProfile.MetricToRetain": { + "AWS::Glue::Partition.SkewedInfo": { "additionalProperties": false, "properties": { - "ExportMetric": { - "markdownDescription": "The value indicates exporting metrics related to the `MetricToRetain` when it's true.", - "title": "ExportMetric", - "type": "boolean" + "SkewedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of names of columns that contain skewed values.", + "title": "SkewedColumnNames", + "type": "array" }, - "Metric": { - "markdownDescription": "A standard of measurement.", - "title": "Metric", - "type": "string" + "SkewedColumnValueLocationMaps": { + "markdownDescription": "A mapping of skewed values to the columns that contain them.", + "title": "SkewedColumnValueLocationMaps", + "type": "object" }, - "MetricDimension": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", - "markdownDescription": "The dimension of the metric.", - "title": "MetricDimension" + "SkewedColumnValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", + "title": "SkewedColumnValues", + "type": "array" } }, - "required": [ - "Metric" - ], "type": "object" }, - "AWS::IoT::SecurityProfile.MetricValue": { + "AWS::Glue::Partition.StorageDescriptor": { "additionalProperties": false, "properties": { - "Cidrs": { + "BucketColumns": { "items": { "type": "string" }, - "markdownDescription": "If the `comparisonOperator` calls for a set of CIDRs, use this to specify that set to be compared with the `metric` .", - "title": "Cidrs", + "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", + "title": "BucketColumns", "type": "array" }, - "Count": { - "markdownDescription": "If the `comparisonOperator` calls for a numeric value, use this to specify that numeric value to be compared with the `metric` .", - "title": "Count", + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Partition.Column" + }, + "markdownDescription": "A list of the `Columns` in the table.", + "title": "Columns", + "type": "array" + }, + "Compressed": { + "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", + "title": "Compressed", + "type": "boolean" + }, + "InputFormat": { + "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", + "title": "InputFormat", "type": "string" }, - "Number": { - "markdownDescription": "The numeric values of a metric.", - "title": "Number", + "Location": { + "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", + "title": "Location", + "type": "string" + }, + "NumberOfBuckets": { + "markdownDescription": "The number of buckets.\n\nYou must specify this property if the partition contains any dimension columns.", + "title": "NumberOfBuckets", "type": "number" }, - "Numbers": { - "items": { - "type": "number" - }, - "markdownDescription": "The numeric value of a metric.", - "title": "Numbers", - "type": "array" + "OutputFormat": { + "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", + "title": "OutputFormat", + "type": "string" }, - "Ports": { - "items": { - "type": "number" - }, - "markdownDescription": "If the `comparisonOperator` calls for a set of ports, use this to specify that set to be compared with the `metric` .", - "title": "Ports", - "type": "array" + "Parameters": { + "markdownDescription": "The user-supplied properties in key-value form.", + "title": "Parameters", + "type": "object" }, - "Strings": { + "SchemaReference": { + "$ref": "#/definitions/AWS::Glue::Partition.SchemaReference", + "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", + "title": "SchemaReference" + }, + "SerdeInfo": { + "$ref": "#/definitions/AWS::Glue::Partition.SerdeInfo", + "markdownDescription": "The serialization/deserialization (SerDe) information.", + "title": "SerdeInfo" + }, + "SkewedInfo": { + "$ref": "#/definitions/AWS::Glue::Partition.SkewedInfo", + "markdownDescription": "The information about values that appear frequently in a column (skewed values).", + "title": "SkewedInfo" + }, + "SortColumns": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Glue::Partition.Order" }, - "markdownDescription": "The string values of a metric.", - "title": "Strings", + "markdownDescription": "A list specifying the sort order of each bucket in the table.", + "title": "SortColumns", "type": "array" - } - }, - "type": "object" - }, - "AWS::IoT::SecurityProfile.MetricsExportConfig": { - "additionalProperties": false, - "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic that Device Defender Detect should publish messages to for metrics export.", - "title": "MqttTopic", - "type": "string" }, - "RoleArn": { - "markdownDescription": "This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "MqttTopic", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::SecurityProfile.StatisticalThreshold": { - "additionalProperties": false, - "properties": { - "Statistic": { - "markdownDescription": "The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( `durationSeconds` ) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( `comparisonOperator` ) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.", - "title": "Statistic", - "type": "string" + "StoredAsSubDirectories": { + "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", + "title": "StoredAsSubDirectories", + "type": "boolean" } }, "type": "object" }, - "AWS::IoT::SoftwarePackage": { + "AWS::Glue::Registry": { "additionalProperties": false, "properties": { "Condition": { @@ -122923,29 +131253,32 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A summary of the package being created. This can be used to outline the package's contents or purpose.", + "markdownDescription": "A description of the registry.", "title": "Description", "type": "string" }, - "PackageName": { - "markdownDescription": "The name of the new software package.", - "title": "PackageName", + "Name": { + "markdownDescription": "The name of the registry.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the package.", + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SoftwarePackage" + "AWS::Glue::Registry" ], "type": "string" }, @@ -122959,11 +131292,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::SoftwarePackageVersion": { + "AWS::Glue::Schema": { "additionalProperties": false, "properties": { "Condition": { @@ -122998,49 +131332,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "Metadata that can be used to define a package version\u2019s configuration. For example, the S3 file location, configuration options that are being sent to the device or fleet.\n\nThe combined size of all the attributes on a package version is limited to 3KB.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" + "CheckpointVersion": { + "$ref": "#/definitions/AWS::Glue::Schema.SchemaVersion", + "markdownDescription": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint.", + "title": "CheckpointVersion" + }, + "Compatibility": { + "markdownDescription": "The compatibility mode of the schema.", + "title": "Compatibility", + "type": "string" + }, + "DataFormat": { + "markdownDescription": "The data format of the schema definition. Currently only `AVRO` is supported.", + "title": "DataFormat", + "type": "string" }, "Description": { - "markdownDescription": "A summary of the package version being created. This can be used to outline the package's contents or purpose.", + "markdownDescription": "A description of the schema if specified when created.", "title": "Description", "type": "string" }, - "PackageName": { - "markdownDescription": "The name of the associated software package.", - "title": "PackageName", + "Name": { + "markdownDescription": "Name of the schema to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace.", + "title": "Name", + "type": "string" + }, + "Registry": { + "$ref": "#/definitions/AWS::Glue::Schema.Registry", + "markdownDescription": "The registry where a schema is stored.", + "title": "Registry" + }, + "SchemaDefinition": { + "markdownDescription": "The schema definition using the `DataFormat` setting for `SchemaName` .", + "title": "SchemaDefinition", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the package version.", + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", "type": "array" - }, - "VersionName": { - "markdownDescription": "The name of the new package version.", - "title": "VersionName", - "type": "string" } }, "required": [ - "PackageName" + "Compatibility", + "DataFormat", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SoftwarePackageVersion" + "AWS::Glue::Schema" ], "type": "string" }, @@ -123059,92 +131404,39 @@ ], "type": "object" }, - "AWS::IoT::Thing": { + "AWS::Glue::Schema.Registry": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AttributePayload": { - "$ref": "#/definitions/AWS::IoT::Thing.AttributePayload", - "markdownDescription": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed.", - "title": "AttributePayload" - }, - "ThingName": { - "markdownDescription": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.", - "title": "ThingName", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT::Thing" - ], + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the registry.", + "title": "Arn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the registry.", + "title": "Name", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::IoT::Thing.AttributePayload": { + "AWS::Glue::Schema.SchemaVersion": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" + "IsLatest": { + "markdownDescription": "Indicates if this version is the latest version of the schema.", + "title": "IsLatest", + "type": "boolean" + }, + "VersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "VersionNumber", + "type": "number" } }, "type": "object" }, - "AWS::IoT::ThingGroup": { + "AWS::Glue::SchemaVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -123179,40 +131471,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ParentGroupName": { - "markdownDescription": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined.", - "title": "ParentGroupName", - "type": "string" - }, - "QueryString": { - "markdownDescription": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` .", - "title": "QueryString", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the thing group or dynamic thing group.", - "title": "Tags", - "type": "array" + "Schema": { + "$ref": "#/definitions/AWS::Glue::SchemaVersion.Schema", + "markdownDescription": "The schema that includes the schema version.", + "title": "Schema" }, - "ThingGroupName": { - "markdownDescription": "The thing group name.", - "title": "ThingGroupName", + "SchemaDefinition": { + "markdownDescription": "The schema definition for the schema version.", + "title": "SchemaDefinition", "type": "string" - }, - "ThingGroupProperties": { - "$ref": "#/definitions/AWS::IoT::ThingGroup.ThingGroupProperties", - "markdownDescription": "Thing group properties.", - "title": "ThingGroupProperties" } }, + "required": [ + "Schema", + "SchemaDefinition" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingGroup" + "AWS::Glue::SchemaVersion" ], "type": "string" }, @@ -123226,44 +131504,33 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::ThingGroup.AttributePayload": { - "additionalProperties": false, - "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - } - }, - "type": "object" - }, - "AWS::IoT::ThingGroup.ThingGroupProperties": { + "AWS::Glue::SchemaVersion.Schema": { "additionalProperties": false, "properties": { - "AttributePayload": { - "$ref": "#/definitions/AWS::IoT::ThingGroup.AttributePayload", - "markdownDescription": "The thing group attributes in JSON format.", - "title": "AttributePayload" + "RegistryName": { + "markdownDescription": "The name of the registry where the schema is stored. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "RegistryName", + "type": "string" }, - "ThingGroupDescription": { - "markdownDescription": "The thing group description.", - "title": "ThingGroupDescription", + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "SchemaArn", + "type": "string" + }, + "SchemaName": { + "markdownDescription": "The name of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "SchemaName", "type": "string" } }, "type": "object" }, - "AWS::IoT::ThingPrincipalAttachment": { + "AWS::Glue::SchemaVersionMetadata": { "additionalProperties": false, "properties": { "Condition": { @@ -123298,26 +131565,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Principal": { - "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", - "title": "Principal", + "Key": { + "markdownDescription": "A metadata key in a key-value pair for metadata.", + "title": "Key", "type": "string" }, - "ThingName": { - "markdownDescription": "The name of the AWS IoT thing.", - "title": "ThingName", + "SchemaVersionId": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionId", + "type": "string" + }, + "Value": { + "markdownDescription": "A metadata key's corresponding value.", + "title": "Value", "type": "string" } }, "required": [ - "Principal", - "ThingName" + "Key", + "SchemaVersionId", + "Value" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingPrincipalAttachment" + "AWS::Glue::SchemaVersionMetadata" ], "type": "string" }, @@ -123336,7 +131609,7 @@ ], "type": "object" }, - "AWS::IoT::ThingType": { + "AWS::Glue::SecurityConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -123371,35 +131644,26 @@ "Properties": { "additionalProperties": false, "properties": { - "DeprecateThingType": { - "markdownDescription": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action.", - "title": "DeprecateThingType", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the thing type.", - "title": "Tags", - "type": "array" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.EncryptionConfiguration", + "markdownDescription": "The encryption configuration associated with this security configuration.", + "title": "EncryptionConfiguration" }, - "ThingTypeName": { - "markdownDescription": "The name of the thing type.", - "title": "ThingTypeName", + "Name": { + "markdownDescription": "The name of the security configuration.", + "title": "Name", "type": "string" - }, - "ThingTypeProperties": { - "$ref": "#/definitions/AWS::IoT::ThingType.ThingTypeProperties", - "markdownDescription": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, a list of searchable thing attribute names, and a list of propagating attributes. After a thing type is created, you can only update `Mqtt5Configuration` .", - "title": "ThingTypeProperties" } }, + "required": [ + "EncryptionConfiguration", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingType" + "AWS::Glue::SecurityConfiguration" ], "type": "string" }, @@ -123413,30 +131677,86 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::ThingType.ThingTypeProperties": { + "AWS::Glue::SecurityConfiguration.CloudWatchEncryption": { "additionalProperties": false, "properties": { - "SearchableAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of searchable thing attribute names.", - "title": "SearchableAttributes", - "type": "array" + "CloudWatchEncryptionMode": { + "markdownDescription": "The encryption mode to use for CloudWatch data.", + "title": "CloudWatchEncryptionMode", + "type": "string" }, - "ThingTypeDescription": { - "markdownDescription": "The description of the thing type.", - "title": "ThingTypeDescription", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, - "AWS::IoT::TopicRule": { + "AWS::Glue::SecurityConfiguration.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchEncryption": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.CloudWatchEncryption", + "markdownDescription": "The encryption configuration for Amazon CloudWatch.", + "title": "CloudWatchEncryption" + }, + "JobBookmarksEncryption": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.JobBookmarksEncryption", + "markdownDescription": "The encryption configuration for job bookmarks.", + "title": "JobBookmarksEncryption" + }, + "S3Encryptions": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.S3Encryptions", + "markdownDescription": "The encyption configuration for Amazon Simple Storage Service (Amazon S3) data.", + "title": "S3Encryptions" + } + }, + "type": "object" + }, + "AWS::Glue::SecurityConfiguration.JobBookmarksEncryption": { + "additionalProperties": false, + "properties": { + "JobBookmarksEncryptionMode": { + "markdownDescription": "The encryption mode to use for job bookmarks data.", + "title": "JobBookmarksEncryptionMode", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::SecurityConfiguration.S3Encryption": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", + "type": "string" + }, + "S3EncryptionMode": { + "markdownDescription": "The encryption mode to use for Amazon S3 data.", + "title": "S3EncryptionMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::SecurityConfiguration.S3Encryptions": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::Glue::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -123471,33 +131791,37 @@ "Properties": { "additionalProperties": false, "properties": { - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which to create the `Table` .", + "title": "CatalogId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the topic rule.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", - "title": "Tags", - "type": "array" + "DatabaseName": { + "markdownDescription": "The name of the database where the table metadata resides. For Hive compatibility, this must be all lowercase.", + "title": "DatabaseName", + "type": "string" }, - "TopicRulePayload": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TopicRulePayload", - "markdownDescription": "The rule payload.", - "title": "TopicRulePayload" + "OpenTableFormatInput": { + "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput", + "markdownDescription": "Specifies an `OpenTableFormatInput` structure when creating an open format table.", + "title": "OpenTableFormatInput" + }, + "TableInput": { + "$ref": "#/definitions/AWS::Glue::Table.TableInput", + "markdownDescription": "A structure used to define a table.", + "title": "TableInput" } }, "required": [ - "TopicRulePayload" + "CatalogId", + "DatabaseName", + "TableInput" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::TopicRule" + "AWS::Glue::Table" ], "type": "string" }, @@ -123516,1176 +131840,750 @@ ], "type": "object" }, - "AWS::IoT::TopicRule.Action": { + "AWS::Glue::Table.Column": { "additionalProperties": false, "properties": { - "CloudwatchAlarm": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchAlarmAction", - "markdownDescription": "Change the state of a CloudWatch alarm.", - "title": "CloudwatchAlarm" - }, - "CloudwatchLogs": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchLogsAction", - "markdownDescription": "Sends data to CloudWatch.", - "title": "CloudwatchLogs" - }, - "CloudwatchMetric": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchMetricAction", - "markdownDescription": "Capture a CloudWatch metric.", - "title": "CloudwatchMetric" - }, - "DynamoDB": { - "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBAction", - "markdownDescription": "Write to a DynamoDB table.", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBv2Action", - "markdownDescription": "Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.", - "title": "DynamoDBv2" - }, - "Elasticsearch": { - "$ref": "#/definitions/AWS::IoT::TopicRule.ElasticsearchAction", - "markdownDescription": "Write data to an Amazon OpenSearch Service domain.\n\n> The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) .", - "title": "Elasticsearch" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoT::TopicRule.FirehoseAction", - "markdownDescription": "Write to an Amazon Kinesis Firehose stream.", - "title": "Firehose" - }, - "Http": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAction", - "markdownDescription": "Send data to an HTTPS endpoint.", - "title": "Http" - }, - "IotAnalytics": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotAnalyticsAction", - "markdownDescription": "Sends message data to an AWS IoT Analytics channel.", - "title": "IotAnalytics" - }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotEventsAction", - "markdownDescription": "Sends an input to an AWS IoT Events detector.", - "title": "IotEvents" - }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotSiteWiseAction", - "markdownDescription": "Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties.", - "title": "IotSiteWise" - }, - "Kafka": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaAction", - "markdownDescription": "Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster.", - "title": "Kafka" - }, - "Kinesis": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KinesisAction", - "markdownDescription": "Write data to an Amazon Kinesis stream.", - "title": "Kinesis" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoT::TopicRule.LambdaAction", - "markdownDescription": "Invoke a Lambda function.", - "title": "Lambda" - }, - "Location": { - "$ref": "#/definitions/AWS::IoT::TopicRule.LocationAction", - "markdownDescription": "Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) .", - "title": "Location" - }, - "OpenSearch": { - "$ref": "#/definitions/AWS::IoT::TopicRule.OpenSearchAction", - "markdownDescription": "Write data to an Amazon OpenSearch Service domain.", - "title": "OpenSearch" - }, - "Republish": { - "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishAction", - "markdownDescription": "Publish to another MQTT topic.", - "title": "Republish" - }, - "S3": { - "$ref": "#/definitions/AWS::IoT::TopicRule.S3Action", - "markdownDescription": "Write to an Amazon S3 bucket.", - "title": "S3" - }, - "Sns": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SnsAction", - "markdownDescription": "Publish to an Amazon SNS topic.", - "title": "Sns" - }, - "Sqs": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SqsAction", - "markdownDescription": "Publish to an Amazon SQS queue.", - "title": "Sqs" + "Comment": { + "markdownDescription": "A free-form text comment.", + "title": "Comment", + "type": "string" }, - "StepFunctions": { - "$ref": "#/definitions/AWS::IoT::TopicRule.StepFunctionsAction", - "markdownDescription": "Starts execution of a Step Functions state machine.", - "title": "StepFunctions" + "Name": { + "markdownDescription": "The name of the `Column` .", + "title": "Name", + "type": "string" }, - "Timestream": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamAction", - "markdownDescription": "Writes attributes from an MQTT message.", - "title": "Timestream" + "Type": { + "markdownDescription": "The data type of the `Column` .", + "title": "Type", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::IoT::TopicRule.AssetPropertyTimestamp": { + "AWS::Glue::Table.IcebergInput": { "additionalProperties": false, "properties": { - "OffsetInNanos": { - "markdownDescription": "Optional. A string that contains the nanosecond time offset. Accepts substitution templates.", - "title": "OffsetInNanos", - "type": "string" + "MetadataOperation": { + "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation", + "markdownDescription": "A required metadata operation. Can only be set to CREATE.", + "title": "MetadataOperation" }, - "TimeInSeconds": { - "markdownDescription": "A string that contains the time in seconds since epoch. Accepts substitution templates.", - "title": "TimeInSeconds", + "Version": { + "markdownDescription": "The table version for the Iceberg table. Defaults to 2.", + "title": "Version", "type": "string" } }, - "required": [ - "TimeInSeconds" - ], "type": "object" }, - "AWS::IoT::TopicRule.AssetPropertyValue": { + "AWS::Glue::Table.MetadataOperation": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::Glue::Table.OpenTableFormatInput": { "additionalProperties": false, "properties": { - "Quality": { - "markdownDescription": "Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` .", - "title": "Quality", + "IcebergInput": { + "$ref": "#/definitions/AWS::Glue::Table.IcebergInput", + "markdownDescription": "Specifies an `IcebergInput` structure that defines an Apache Iceberg metadata table.", + "title": "IcebergInput" + } + }, + "type": "object" + }, + "AWS::Glue::Table.Order": { + "additionalProperties": false, + "properties": { + "Column": { + "markdownDescription": "The name of the column.", + "title": "Column", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyTimestamp", - "markdownDescription": "The asset property value timestamp.", - "title": "Timestamp" - }, - "Value": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyVariant", - "markdownDescription": "The value of the asset property.", - "title": "Value" + "SortOrder": { + "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", + "title": "SortOrder", + "type": "number" } }, "required": [ - "Timestamp", - "Value" + "Column", + "SortOrder" ], "type": "object" }, - "AWS::IoT::TopicRule.AssetPropertyVariant": { + "AWS::Glue::Table.SchemaId": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates.", - "title": "BooleanValue", - "type": "string" - }, - "DoubleValue": { - "markdownDescription": "Optional. A string that contains the double value of the value entry. Accepts substitution templates.", - "title": "DoubleValue", + "RegistryName": { + "markdownDescription": "The name of the schema registry that contains the schema.", + "title": "RegistryName", "type": "string" }, - "IntegerValue": { - "markdownDescription": "Optional. A string that contains the integer value of the value entry. Accepts substitution templates.", - "title": "IntegerValue", + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", + "title": "SchemaArn", "type": "string" }, - "StringValue": { - "markdownDescription": "Optional. The string value of the value entry. Accepts substitution templates.", - "title": "StringValue", + "SchemaName": { + "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", + "title": "SchemaName", "type": "string" } }, "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchAlarmAction": { + "AWS::Glue::Table.SchemaReference": { "additionalProperties": false, "properties": { - "AlarmName": { - "markdownDescription": "The CloudWatch alarm name.", - "title": "AlarmName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch alarm.", - "title": "RoleArn", - "type": "string" + "SchemaId": { + "$ref": "#/definitions/AWS::Glue::Table.SchemaId", + "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", + "title": "SchemaId" }, - "StateReason": { - "markdownDescription": "The reason for the alarm change.", - "title": "StateReason", + "SchemaVersionId": { + "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", + "title": "SchemaVersionId", "type": "string" }, - "StateValue": { - "markdownDescription": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.", - "title": "StateValue", - "type": "string" + "SchemaVersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionNumber", + "type": "number" } }, - "required": [ - "AlarmName", - "RoleArn", - "StateReason", - "StateValue" - ], "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchLogsAction": { + "AWS::Glue::Table.SerdeInfo": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Indicates whether batches of log records will be extracted and uploaded into CloudWatch.", - "title": "BatchMode", - "type": "boolean" - }, - "LogGroupName": { - "markdownDescription": "The CloudWatch log name.", - "title": "LogGroupName", + "Name": { + "markdownDescription": "Name of the SerDe.", + "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch log.", - "title": "RoleArn", + "Parameters": { + "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", + "title": "Parameters", + "type": "object" + }, + "SerializationLibrary": { + "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", + "title": "SerializationLibrary", "type": "string" } }, - "required": [ - "LogGroupName", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchMetricAction": { + "AWS::Glue::Table.SkewedInfo": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The CloudWatch metric name.", - "title": "MetricName", - "type": "string" - }, - "MetricNamespace": { - "markdownDescription": "The CloudWatch metric namespace name.", - "title": "MetricNamespace", - "type": "string" - }, - "MetricTimestamp": { - "markdownDescription": "An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) .", - "title": "MetricTimestamp", - "type": "string" - }, - "MetricUnit": { - "markdownDescription": "The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch.", - "title": "MetricUnit", - "type": "string" + "SkewedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of names of columns that contain skewed values.", + "title": "SkewedColumnNames", + "type": "array" }, - "MetricValue": { - "markdownDescription": "The CloudWatch metric value.", - "title": "MetricValue", - "type": "string" + "SkewedColumnValueLocationMaps": { + "markdownDescription": "A mapping of skewed values to the columns that contain them.", + "title": "SkewedColumnValueLocationMaps", + "type": "object" }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch metric.", - "title": "RoleArn", - "type": "string" + "SkewedColumnValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", + "title": "SkewedColumnValues", + "type": "array" } }, - "required": [ - "MetricName", - "MetricNamespace", - "MetricUnit", - "MetricValue", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.DynamoDBAction": { + "AWS::Glue::Table.StorageDescriptor": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The hash key name.", - "title": "HashKeyField", - "type": "string" + "BucketColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", + "title": "BucketColumns", + "type": "array" }, - "HashKeyType": { - "markdownDescription": "The hash key type. Valid values are \"STRING\" or \"NUMBER\"", - "title": "HashKeyType", - "type": "string" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Table.Column" + }, + "markdownDescription": "A list of the `Columns` in the table.", + "title": "Columns", + "type": "array" }, - "HashKeyValue": { - "markdownDescription": "The hash key value.", - "title": "HashKeyValue", - "type": "string" + "Compressed": { + "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", + "title": "Compressed", + "type": "boolean" }, - "PayloadField": { - "markdownDescription": "The action payload. This name can be customized.", - "title": "PayloadField", + "InputFormat": { + "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", + "title": "InputFormat", "type": "string" }, - "RangeKeyField": { - "markdownDescription": "The range key name.", - "title": "RangeKeyField", + "Location": { + "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", + "title": "Location", "type": "string" }, - "RangeKeyType": { - "markdownDescription": "The range key type. Valid values are \"STRING\" or \"NUMBER\"", - "title": "RangeKeyType", - "type": "string" + "NumberOfBuckets": { + "markdownDescription": "Must be specified if the table contains any dimension columns.", + "title": "NumberOfBuckets", + "type": "number" }, - "RangeKeyValue": { - "markdownDescription": "The range key value.", - "title": "RangeKeyValue", + "OutputFormat": { + "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", + "title": "OutputFormat", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", - "title": "RoleArn", - "type": "string" + "Parameters": { + "markdownDescription": "The user-supplied properties in key-value form.", + "title": "Parameters", + "type": "object" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", - "type": "string" + "SchemaReference": { + "$ref": "#/definitions/AWS::Glue::Table.SchemaReference", + "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", + "title": "SchemaReference" + }, + "SerdeInfo": { + "$ref": "#/definitions/AWS::Glue::Table.SerdeInfo", + "markdownDescription": "The serialization/deserialization (SerDe) information.", + "title": "SerdeInfo" + }, + "SkewedInfo": { + "$ref": "#/definitions/AWS::Glue::Table.SkewedInfo", + "markdownDescription": "The information about values that appear frequently in a column (skewed values).", + "title": "SkewedInfo" + }, + "SortColumns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Table.Order" + }, + "markdownDescription": "A list specifying the sort order of each bucket in the table.", + "title": "SortColumns", + "type": "array" + }, + "StoredAsSubDirectories": { + "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", + "title": "StoredAsSubDirectories", + "type": "boolean" } }, - "required": [ - "HashKeyField", - "HashKeyValue", - "RoleArn", - "TableName" - ], "type": "object" }, - "AWS::IoT::TopicRule.DynamoDBv2Action": { + "AWS::Glue::Table.TableIdentifier": { "additionalProperties": false, "properties": { - "PutItem": { - "$ref": "#/definitions/AWS::IoT::TopicRule.PutItemInput", - "markdownDescription": "Specifies the DynamoDB table to which the message data will be written. For example:\n\n`{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }`\n\nEach attribute in the message payload will be written to a separate column in the DynamoDB database.", - "title": "PutItem" + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the table resides.", + "title": "CatalogId", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", - "title": "RoleArn", + "DatabaseName": { + "markdownDescription": "The name of the catalog database that contains the target table.", + "title": "DatabaseName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the target table.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region of the table.", + "title": "Region", "type": "string" } }, "type": "object" }, - "AWS::IoT::TopicRule.ElasticsearchAction": { + "AWS::Glue::Table.TableInput": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "The endpoint of your OpenSearch domain.", - "title": "Endpoint", + "Description": { + "markdownDescription": "A description of the table.", + "title": "Description", "type": "string" }, - "Id": { - "markdownDescription": "The unique identifier for the document you are storing.", - "title": "Id", + "Name": { + "markdownDescription": "The table name. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "Name", "type": "string" }, - "Index": { - "markdownDescription": "The index where you want to store your data.", - "title": "Index", + "Owner": { + "markdownDescription": "The table owner. Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", + "title": "Owner", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role ARN that has access to OpenSearch.", - "title": "RoleArn", + "Parameters": { + "markdownDescription": "These key-value pairs define properties associated with the table.", + "title": "Parameters", + "type": "object" + }, + "PartitionKeys": { + "items": { + "$ref": "#/definitions/AWS::Glue::Table.Column" + }, + "markdownDescription": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n\nWhen you create a table used by Amazon Athena, and you do not specify any `partitionKeys` , you must at least set the value of `partitionKeys` to an empty list. For example:\n\n`\"PartitionKeys\": []`", + "title": "PartitionKeys", + "type": "array" + }, + "Retention": { + "markdownDescription": "The retention time for this table.", + "title": "Retention", + "type": "number" + }, + "StorageDescriptor": { + "$ref": "#/definitions/AWS::Glue::Table.StorageDescriptor", + "markdownDescription": "A storage descriptor containing information about the physical storage of this table.", + "title": "StorageDescriptor" + }, + "TableType": { + "markdownDescription": "The type of this table. AWS Glue will create tables with the `EXTERNAL_TABLE` type. Other services, such as Athena, may create tables with additional table types.\n\nAWS Glue related table types:\n\n- **EXTERNAL_TABLE** - Hive compatible attribute - indicates a non-Hive managed table.\n- **GOVERNED** - Used by AWS Lake Formation . The AWS Glue Data Catalog understands `GOVERNED` .", + "title": "TableType", "type": "string" }, - "Type": { - "markdownDescription": "The type of document you are storing.", - "title": "Type", + "TargetTable": { + "$ref": "#/definitions/AWS::Glue::Table.TableIdentifier", + "markdownDescription": "A `TableIdentifier` structure that describes a target table for resource linking.", + "title": "TargetTable" + }, + "ViewExpandedText": { + "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", + "title": "ViewExpandedText", + "type": "string" + }, + "ViewOriginalText": { + "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations. If the table is a `VIRTUAL_VIEW` , certain Athena configuration encoded in base64.", + "title": "ViewOriginalText", "type": "string" } }, - "required": [ - "Endpoint", - "Id", - "Index", - "RoleArn", - "Type" - ], "type": "object" }, - "AWS::IoT::TopicRule.FirehoseAction": { + "AWS::Glue::TableOptimizer": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` .\n\nWhen `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records.", - "title": "BatchMode", - "type": "boolean" + "Condition": { + "type": "string" }, - "DeliveryStreamName": { - "markdownDescription": "The delivery stream name.", - "title": "DeliveryStreamName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that grants access to the Amazon Kinesis Firehose stream.", - "title": "RoleArn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The catalog ID of the table.", + "title": "CatalogId", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "DatabaseName", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table name. For Hive compatibility, this must be entirely lowercase.", + "title": "TableName", + "type": "string" + }, + "TableOptimizerConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.TableOptimizerConfiguration", + "markdownDescription": "Specifies configuration details of a table optimizer.", + "title": "TableOptimizerConfiguration" + }, + "Type": { + "markdownDescription": "The type of table optimizer. The valid values are:\n\n- compaction - for managing compaction with a table optimizer.\n- retention - for managing the retention of snapshot with a table optimizer.\n- orphan_file_deletion - for managing the deletion of orphan files with a table optimizer.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "CatalogId", + "DatabaseName", + "TableName", + "TableOptimizerConfiguration", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::TableOptimizer" + ], "type": "string" }, - "Separator": { - "markdownDescription": "A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DeliveryStreamName", - "RoleArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRule.HttpAction": { + "AWS::Glue::TableOptimizer.IcebergConfiguration": { "additionalProperties": false, "properties": { - "Auth": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAuthorization", - "markdownDescription": "The authentication method to use when sending data to an HTTPS endpoint.", - "title": "Auth" - }, - "ConfirmationUrl": { - "markdownDescription": "The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL.", - "title": "ConfirmationUrl", + "Location": { + "markdownDescription": "Specifies a directory in which to look for orphan files (defaults to the table's location). You may choose a sub-directory rather than the top-level table location.", + "title": "Location", "type": "string" }, - "Headers": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpActionHeader" - }, - "markdownDescription": "The HTTP headers to send with the message data.", - "title": "Headers", - "type": "array" - }, - "Url": { - "markdownDescription": "The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible.", - "title": "Url", - "type": "string" + "OrphanFileRetentionPeriodInDays": { + "markdownDescription": "The specific number of days you want to keep the orphan files.", + "title": "OrphanFileRetentionPeriodInDays", + "type": "number" } }, - "required": [ - "Url" - ], "type": "object" }, - "AWS::IoT::TopicRule.HttpActionHeader": { + "AWS::Glue::TableOptimizer.OrphanFileDeletionConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The HTTP header key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The HTTP header value. Substitution templates are supported.", - "title": "Value", - "type": "string" + "IcebergConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.IcebergConfiguration", + "markdownDescription": "The `IcebergConfiguration` property helps optimize your Iceberg tables in AWS Glue by allowing you to specify format-specific settings that control how data is stored, compressed, and managed.", + "title": "IcebergConfiguration" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.HttpAuthorization": { + "AWS::Glue::TableOptimizer.RetentionConfiguration": { "additionalProperties": false, "properties": { - "Sigv4": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SigV4Authorization", - "markdownDescription": "Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) .", - "title": "Sigv4" + "IcebergConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.IcebergConfiguration", + "markdownDescription": "The configuration for an Iceberg snapshot retention optimizer.", + "title": "IcebergConfiguration" } }, "type": "object" }, - "AWS::IoT::TopicRule.IotAnalyticsAction": { + "AWS::Glue::TableOptimizer.TableOptimizerConfiguration": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Whether to process the action as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages.", - "title": "BatchMode", - "type": "boolean" - }, - "ChannelName": { - "markdownDescription": "The name of the IoT Analytics channel to which message data will be sent.", - "title": "ChannelName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "ChannelName", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.IotEventsAction": { - "additionalProperties": false, - "properties": { - "BatchMode": { - "markdownDescription": "Whether to process the event actions as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` , you can't specify a `messageId` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages.", - "title": "BatchMode", + "Enabled": { + "markdownDescription": "Whether the table optimization is enabled.", + "title": "Enabled", "type": "boolean" }, - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input.", - "title": "InputName", - "type": "string" + "OrphanFileDeletionConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.OrphanFileDeletionConfiguration", + "markdownDescription": "`OrphanFileDeletionConfiguration` is a property that can be included within the TableOptimizer resource. It controls the automatic deletion of orphaned files - files that are not tracked by the table metadata, and older than the configured age limit.", + "title": "OrphanFileDeletionConfiguration" }, - "MessageId": { - "markdownDescription": "The ID of the message. The default `messageId` is a new UUID value.\n\nWhen `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned.\n\nAssign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector.", - "title": "MessageId", - "type": "string" + "RetentionConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.RetentionConfiguration", + "markdownDescription": "The configuration for a snapshot retention optimizer for Apache Iceberg tables.", + "title": "RetentionConfiguration" }, "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").", + "markdownDescription": "A role passed by the caller which gives the service permission to update the resources associated with the optimizer on the caller's behalf.", "title": "RoleArn", "type": "string" - } - }, - "required": [ - "InputName", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.IotSiteWiseAction": { - "additionalProperties": false, - "properties": { - "PutAssetPropertyValueEntries": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.PutAssetPropertyValueEntry" - }, - "markdownDescription": "A list of asset property value entries.", - "title": "PutAssetPropertyValueEntries", - "type": "array" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"` ). The trust policy can restrict access to specific asset hierarchy paths.", - "title": "RoleArn", - "type": "string" + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.VpcConfiguration", + "markdownDescription": "An object that describes the VPC configuration for a table optimizer. This configuration is necessary to perform optimization on tables that are in a customer VPC.", + "title": "VpcConfiguration" } }, "required": [ - "PutAssetPropertyValueEntries", + "Enabled", "RoleArn" ], "type": "object" }, - "AWS::IoT::TopicRule.KafkaAction": { - "additionalProperties": false, - "properties": { - "ClientProperties": { - "additionalProperties": true, - "markdownDescription": "Properties of the Apache Kafka producer client.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ClientProperties", - "type": "object" - }, - "DestinationArn": { - "markdownDescription": "The ARN of Kafka action's VPC `TopicRuleDestination` .", - "title": "DestinationArn", - "type": "string" - }, - "Headers": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaActionHeader" - }, - "markdownDescription": "The list of Kafka headers that you specify.", - "title": "Headers", - "type": "array" - }, - "Key": { - "markdownDescription": "The Kafka message key.", - "title": "Key", - "type": "string" - }, - "Partition": { - "markdownDescription": "The Kafka message partition.", - "title": "Partition", - "type": "string" - }, - "Topic": { - "markdownDescription": "The Kafka topic for messages to be sent to the Kafka broker.", - "title": "Topic", - "type": "string" - } - }, - "required": [ - "ClientProperties", - "DestinationArn", - "Topic" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.KafkaActionHeader": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key of the Kafka header.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the Kafka header.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.KinesisAction": { - "additionalProperties": false, - "properties": { - "PartitionKey": { - "markdownDescription": "The partition key.", - "title": "PartitionKey", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.", - "title": "RoleArn", - "type": "string" - }, - "StreamName": { - "markdownDescription": "The name of the Amazon Kinesis stream.", - "title": "StreamName", - "type": "string" - } - }, - "required": [ - "RoleArn", - "StreamName" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.LambdaAction": { - "additionalProperties": false, - "properties": { - "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "FunctionArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.LocationAction": { - "additionalProperties": false, - "properties": { - "DeviceId": { - "markdownDescription": "The unique ID of the device providing the location data.", - "title": "DeviceId", - "type": "string" - }, - "Latitude": { - "markdownDescription": "A string that evaluates to a double value that represents the latitude of the device's location.", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "A string that evaluates to a double value that represents the longitude of the device's location.", - "title": "Longitude", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role that grants permission to write to the Amazon Location resource.", - "title": "RoleArn", - "type": "string" - }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Timestamp", - "markdownDescription": "The time that the location data was sampled. The default value is the time the MQTT message was processed.", - "title": "Timestamp" - }, - "TrackerName": { - "markdownDescription": "The name of the tracker resource in Amazon Location in which the location is updated.", - "title": "TrackerName", - "type": "string" - } - }, - "required": [ - "DeviceId", - "Latitude", - "Longitude", - "RoleArn", - "TrackerName" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.OpenSearchAction": { - "additionalProperties": false, - "properties": { - "Endpoint": { - "markdownDescription": "The endpoint of your OpenSearch domain.", - "title": "Endpoint", - "type": "string" - }, - "Id": { - "markdownDescription": "The unique identifier for the document you are storing.", - "title": "Id", - "type": "string" - }, - "Index": { - "markdownDescription": "The OpenSearch index where you want to store your data.", - "title": "Index", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role ARN that has access to OpenSearch.", - "title": "RoleArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of document you are storing.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Endpoint", - "Id", - "Index", - "RoleArn", - "Type" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.PutAssetPropertyValueEntry": { - "additionalProperties": false, - "properties": { - "AssetId": { - "markdownDescription": "The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "AssetId", - "type": "string" - }, - "EntryId": { - "markdownDescription": "Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID.", - "title": "EntryId", - "type": "string" - }, - "PropertyAlias": { - "markdownDescription": "The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "PropertyAlias", - "type": "string" - }, - "PropertyId": { - "markdownDescription": "The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "PropertyId", - "type": "string" - }, - "PropertyValues": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyValue" - }, - "markdownDescription": "A list of property values to insert that each contain timestamp, quality, and value (TQV) information.", - "title": "PropertyValues", - "type": "array" - } - }, - "required": [ - "PropertyValues" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.PutItemInput": { - "additionalProperties": false, - "properties": { - "TableName": { - "markdownDescription": "The table where the message data will be written.", - "title": "TableName", - "type": "string" - } - }, - "required": [ - "TableName" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.RepublishAction": { + "AWS::Glue::TableOptimizer.VpcConfiguration": { "additionalProperties": false, "properties": { - "Headers": { - "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishActionHeaders", - "markdownDescription": "MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide.", - "title": "Headers" - }, - "Qos": { - "markdownDescription": "The Quality of Service (QoS) level to use when republishing messages. The default value is 0.", - "title": "Qos", - "type": "number" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", - "type": "string" - }, - "Topic": { - "markdownDescription": "The name of the MQTT topic.", - "title": "Topic", + "GlueConnectionName": { + "markdownDescription": "The name of the AWS Glue connection used for the VPC for the table optimizer.", + "title": "GlueConnectionName", "type": "string" } }, - "required": [ - "RoleArn", - "Topic" - ], "type": "object" }, - "AWS::IoT::TopicRule.RepublishActionHeaders": { + "AWS::Glue::Trigger": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "A UTF-8 encoded string that describes the content of the publishing message.\n\nFor more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "ContentType", - "type": "string" - }, - "CorrelationData": { - "markdownDescription": "The base64-encoded binary data used by the sender of the request message to identify which request the response message is for.\n\nFor more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .\n\n> This binary data must be base64-encoded.", - "title": "CorrelationData", + "Condition": { "type": "string" }, - "MessageExpiry": { - "markdownDescription": "A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "MessageExpiry", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PayloadFormatIndicator": { - "markdownDescription": "An `Enum` string value that indicates whether the payload is formatted as UTF-8.\n\nValid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` .\n\nFor more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "PayloadFormatIndicator", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ResponseTopic": { - "markdownDescription": "A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters.\n\nFor more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "ResponseTopic", - "type": "string" + "Metadata": { + "type": "object" }, - "UserProperties": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.UserProperty" + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Trigger.Action" + }, + "markdownDescription": "The actions initiated by this trigger.", + "title": "Actions", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of this trigger.", + "title": "Description", + "type": "string" + }, + "EventBatchingCondition": { + "$ref": "#/definitions/AWS::Glue::Trigger.EventBatchingCondition", + "markdownDescription": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires.", + "title": "EventBatchingCondition" + }, + "Name": { + "markdownDescription": "The name of the trigger.", + "title": "Name", + "type": "string" + }, + "Predicate": { + "$ref": "#/definitions/AWS::Glue::Trigger.Predicate", + "markdownDescription": "The predicate of this trigger, which defines when it will fire.", + "title": "Predicate" + }, + "Schedule": { + "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) in the *AWS Glue Developer Guide* . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", + "title": "Schedule", + "type": "string" + }, + "StartOnCreation": { + "markdownDescription": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.", + "title": "StartOnCreation", + "type": "boolean" + }, + "Tags": { + "markdownDescription": "The tags to use with this trigger.", + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The type of trigger that this is.", + "title": "Type", + "type": "string" + }, + "WorkflowName": { + "markdownDescription": "The name of the workflow associated with the trigger.", + "title": "WorkflowName", + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs that you define in the MQTT5 header.", - "title": "UserProperties", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.S3Action": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket.", - "title": "BucketName", - "type": "string" - }, - "CannedAcl": { - "markdownDescription": "The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) .", - "title": "CannedAcl", - "type": "string" + "required": [ + "Actions", + "Type" + ], + "type": "object" }, - "Key": { - "markdownDescription": "The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) .", - "title": "Key", + "Type": { + "enum": [ + "AWS::Glue::Trigger" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketName", - "Key", - "RoleArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRule.SigV4Authorization": { + "AWS::Glue::Trigger.Action": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the signing role.", - "title": "RoleArn", - "type": "string" - }, - "ServiceName": { - "markdownDescription": "The service name to use while signing with Sig V4.", - "title": "ServiceName", - "type": "string" + "Arguments": { + "markdownDescription": "The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the developer guide.", + "title": "Arguments", + "type": "object" }, - "SigningRegion": { - "markdownDescription": "The signing region.", - "title": "SigningRegion", - "type": "string" - } - }, - "required": [ - "RoleArn", - "ServiceName", - "SigningRegion" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.SnsAction": { - "additionalProperties": false, - "properties": { - "MessageFormat": { - "markdownDescription": "(Optional) The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* .", - "title": "MessageFormat", + "CrawlerName": { + "markdownDescription": "The name of the crawler to be used with this action.", + "title": "CrawlerName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", + "JobName": { + "markdownDescription": "The name of a job to be executed.", + "title": "JobName", "type": "string" }, - "TargetArn": { - "markdownDescription": "The ARN of the SNS topic.", - "title": "TargetArn", - "type": "string" - } - }, - "required": [ - "RoleArn", - "TargetArn" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.SqsAction": { - "additionalProperties": false, - "properties": { - "QueueUrl": { - "markdownDescription": "The URL of the Amazon SQS queue.", - "title": "QueueUrl", - "type": "string" + "NotificationProperty": { + "$ref": "#/definitions/AWS::Glue::Trigger.NotificationProperty", + "markdownDescription": "Specifies configuration properties of a job run notification.", + "title": "NotificationProperty" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this action.", + "title": "SecurityConfiguration", "type": "string" }, - "UseBase64": { - "markdownDescription": "Specifies whether to use Base64 encoding.", - "title": "UseBase64", - "type": "boolean" + "Timeout": { + "markdownDescription": "The `JobRun` timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.", + "title": "Timeout", + "type": "number" } }, - "required": [ - "QueueUrl", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.StepFunctionsAction": { + "AWS::Glue::Trigger.Condition": { "additionalProperties": false, "properties": { - "ExecutionNamePrefix": { - "markdownDescription": "(Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided.", - "title": "ExecutionNamePrefix", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").", - "title": "RoleArn", + "CrawlState": { + "markdownDescription": "The state of the crawler to which this condition applies.", + "title": "CrawlState", "type": "string" }, - "StateMachineName": { - "markdownDescription": "The name of the Step Functions state machine whose execution will be started.", - "title": "StateMachineName", - "type": "string" - } - }, - "required": [ - "RoleArn", - "StateMachineName" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.Timestamp": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", - "title": "Unit", + "CrawlerName": { + "markdownDescription": "The name of the crawler to which this condition applies.", + "title": "CrawlerName", "type": "string" }, - "Value": { - "markdownDescription": "An expression that returns a long epoch time value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Value" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.TimestreamAction": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The name of an Amazon Timestream database that has the table to write records into.", - "title": "DatabaseName", + "JobName": { + "markdownDescription": "The name of the job whose `JobRuns` this condition applies to, and on which this trigger waits.", + "title": "JobName", "type": "string" }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamDimension" - }, - "markdownDescription": "Metadata attributes of the time series that are written in each measure record.", - "title": "Dimensions", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table.", - "title": "RoleArn", + "LogicalOperator": { + "markdownDescription": "A logical operator.", + "title": "LogicalOperator", "type": "string" }, - "TableName": { - "markdownDescription": "The table where the message data will be written.", - "title": "TableName", + "State": { + "markdownDescription": "The condition state. Currently, the values supported are `SUCCEEDED` , `STOPPED` , `TIMEOUT` , and `FAILED` .", + "title": "State", "type": "string" - }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamTimestamp", - "markdownDescription": "The value to use for the entry's timestamp. If blank, the time that the entry was processed is used.", - "title": "Timestamp" } }, - "required": [ - "DatabaseName", - "Dimensions", - "RoleArn", - "TableName" - ], "type": "object" }, - "AWS::IoT::TopicRule.TimestreamDimension": { + "AWS::Glue::Trigger.EventBatchingCondition": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.", - "title": "Name", - "type": "string" + "BatchSize": { + "markdownDescription": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires.", + "title": "BatchSize", + "type": "number" }, - "Value": { - "markdownDescription": "The value to write in this column of the database record.", - "title": "Value", - "type": "string" + "BatchWindow": { + "markdownDescription": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received.", + "title": "BatchWindow", + "type": "number" } }, "required": [ - "Name", - "Value" + "BatchSize" ], "type": "object" }, - "AWS::IoT::TopicRule.TimestreamTimestamp": { + "AWS::Glue::Trigger.NotificationProperty": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", - "title": "Unit", - "type": "string" - }, - "Value": { - "markdownDescription": "An expression that returns a long epoch time value.", - "title": "Value", - "type": "string" + "NotifyDelayAfter": { + "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification", + "title": "NotifyDelayAfter", + "type": "number" } }, - "required": [ - "Unit", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.TopicRulePayload": { + "AWS::Glue::Trigger.Predicate": { "additionalProperties": false, "properties": { - "Actions": { + "Conditions": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Action" + "$ref": "#/definitions/AWS::Glue::Trigger.Condition" }, - "markdownDescription": "The actions associated with the rule.", - "title": "Actions", + "markdownDescription": "A list of the conditions that determine when the trigger will fire.", + "title": "Conditions", "type": "array" }, - "AwsIotSqlVersion": { - "markdownDescription": "The version of the SQL rules engine to use when evaluating the rule.\n\nThe default value is 2015-10-08.", - "title": "AwsIotSqlVersion", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the rule.", - "title": "Description", - "type": "string" - }, - "ErrorAction": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Action", - "markdownDescription": "The action to take when an error occurs.", - "title": "ErrorAction" - }, - "RuleDisabled": { - "markdownDescription": "Specifies whether the rule is disabled.", - "title": "RuleDisabled", - "type": "boolean" - }, - "Sql": { - "markdownDescription": "The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* .", - "title": "Sql", - "type": "string" - } - }, - "required": [ - "Actions", - "Sql" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.UserProperty": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "A key to be specified in `UserProperty` .", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "A value to be specified in `UserProperty` .", - "title": "Value", + "Logical": { + "markdownDescription": "An optional field if only one condition is listed. If multiple conditions are listed, then this field is required.", + "title": "Logical", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRuleDestination": { + "AWS::Glue::UsageProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -124720,27 +132618,38 @@ "Properties": { "additionalProperties": false, "properties": { - "HttpUrlProperties": { - "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary", - "markdownDescription": "Properties of the HTTP URL.", - "title": "HttpUrlProperties" + "Configuration": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ProfileConfiguration", + "markdownDescription": "", + "title": "Configuration" }, - "Status": { - "markdownDescription": "- **IN_PROGRESS** - A topic rule destination was created but has not been confirmed. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.\n- **ENABLED** - Confirmation was completed, and traffic to this destination is allowed. You can set status to `DISABLED` by calling `UpdateTopicRuleDestination` .\n- **DISABLED** - Confirmation was completed, and traffic to this destination is not allowed. You can set status to `ENABLED` by calling `UpdateTopicRuleDestination` .\n- **ERROR** - Confirmation could not be completed; for example, if the confirmation timed out. You can call `GetTopicRuleDestination` for details about the error. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.", - "title": "Status", + "Description": { + "markdownDescription": "A description of the usage profile.", + "title": "Description", "type": "string" }, - "VpcProperties": { - "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.VpcDestinationProperties", - "markdownDescription": "Properties of the virtual private cloud (VPC) connection.", - "title": "VpcProperties" + "Name": { + "markdownDescription": "The name of the usage profile.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::TopicRuleDestination" + "AWS::Glue::UsageProfile" ], "type": "string" }, @@ -124754,54 +132663,69 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary": { + "AWS::Glue::UsageProfile.ConfigurationObject": { "additionalProperties": false, "properties": { - "ConfirmationUrl": { - "markdownDescription": "The URL used to confirm the HTTP topic rule destination URL.", - "title": "ConfirmationUrl", + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed values for the parameter.", + "title": "AllowedValues", + "type": "array" + }, + "DefaultValue": { + "markdownDescription": "A default value for the parameter.", + "title": "DefaultValue", + "type": "string" + }, + "MaxValue": { + "markdownDescription": "A maximum allowed value for the parameter.", + "title": "MaxValue", + "type": "string" + }, + "MinValue": { + "markdownDescription": "A minimum allowed value for the parameter.", + "title": "MinValue", "type": "string" } }, "type": "object" }, - "AWS::IoT::TopicRuleDestination.VpcDestinationProperties": { + "AWS::Glue::UsageProfile.ProfileConfiguration": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs).", - "title": "RoleArn", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" + "JobConfiguration": { + "additionalProperties": false, + "markdownDescription": "A key-value map of configuration parameters for AWS Glue jobs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ConfigurationObject" + } }, - "markdownDescription": "The security groups of the VPC destination.", - "title": "SecurityGroups", - "type": "array" + "title": "JobConfiguration", + "type": "object" }, - "SubnetIds": { - "items": { - "type": "string" + "SessionConfiguration": { + "additionalProperties": false, + "markdownDescription": "A key-value map of configuration parameters for AWS Glue sessions.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ConfigurationObject" + } }, - "markdownDescription": "The subnet IDs of the VPC destination.", - "title": "SubnetIds", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" + "title": "SessionConfiguration", + "type": "object" } }, "type": "object" }, - "AWS::IoTAnalytics::Channel": { + "AWS::Glue::Workflow": { "additionalProperties": false, "properties": { "Condition": { @@ -124836,35 +132760,37 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", + "DefaultRunProperties": { + "markdownDescription": "A collection of properties to be used as part of each execution of the workflow", + "title": "DefaultRunProperties", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the workflow", + "title": "Description", "type": "string" }, - "ChannelStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.ChannelStorage", - "markdownDescription": "Where channel data is stored.", - "title": "ChannelStorage" + "MaxConcurrentRuns": { + "markdownDescription": "You can use this parameter to prevent unwanted multiple updates to data, to control costs, or in some cases, to prevent exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.", + "title": "MaxConcurrentRuns", + "type": "number" }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.RetentionPeriod", - "markdownDescription": "How long, in days, message data is kept for the channel.", - "title": "RetentionPeriod" + "Name": { + "markdownDescription": "The name of the workflow representing the flow", + "title": "Name", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags to use with this workflow.", "title": "Tags", - "type": "array" + "type": "object" } }, "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Channel" + "AWS::Glue::Workflow" ], "type": "string" }, @@ -124882,64 +132808,7 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Channel.ChannelStorage": { - "additionalProperties": false, - "properties": { - "CustomerManagedS3": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.CustomerManagedS3", - "markdownDescription": "Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created.", - "title": "CustomerManagedS3" - }, - "ServiceManagedS3": { - "markdownDescription": "Used to store channel data in an S3 bucket managed by AWS IoT Analytics . You can't change the choice of S3 storage after the data store is created.", - "title": "ServiceManagedS3", - "type": "object" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Channel.CustomerManagedS3": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket in which channel data is stored.", - "title": "Bucket", - "type": "string" - }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/).", - "title": "KeyPrefix", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "Bucket", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Channel.RetentionPeriod": { - "additionalProperties": false, - "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" - }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Dataset": { + "AWS::Grafana::Workspace": { "additionalProperties": false, "properties": { "Condition": { @@ -124974,71 +132843,115 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Action" - }, - "markdownDescription": "The `DatasetAction` objects that automatically create the dataset contents.", - "title": "Actions", - "type": "array" + "AccountAccessType": { + "markdownDescription": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access.", + "title": "AccountAccessType", + "type": "string" }, - "ContentDeliveryRules": { + "AuthenticationProviders": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule" + "type": "string" }, - "markdownDescription": "When dataset contents are created they are delivered to destinations specified here.", - "title": "ContentDeliveryRules", + "markdownDescription": "Specifies whether this workspace uses SAML 2.0, AWS IAM Identity Center , or both to authenticate users for using the Grafana console within a workspace. For more information, see [User authentication in Amazon Managed Grafana](https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html) .\n\n*Allowed Values* : `AWS_SSO | SAML`", + "title": "AuthenticationProviders", "type": "array" }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", + "ClientToken": { + "markdownDescription": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.", + "title": "ClientToken", "type": "string" }, - "LateDataRules": { + "DataSources": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRule" + "type": "string" }, - "markdownDescription": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter.", - "title": "LateDataRules", + "markdownDescription": "Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.\n\nThis list is only used when the workspace was created through the AWS console, and the `permissionType` is `SERVICE_MANAGED` .", + "title": "DataSources", "type": "array" }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.RetentionPeriod", - "markdownDescription": "Optional. How long, in days, message data is kept for the dataset.", - "title": "RetentionPeriod" + "Description": { + "markdownDescription": "The user-defined description of the workspace.", + "title": "Description", + "type": "string" }, - "Tags": { + "GrafanaVersion": { + "markdownDescription": "Specifies the version of Grafana to support in the workspace. Defaults to the latest version on create (for example, 9.4), or the current version of the workspace on update.\n\nCan only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).\n\nTo know what versions are available to upgrade to for a specific workspace, see the [ListVersions](https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListVersions.html) operation.", + "title": "GrafanaVersion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the workspace.", + "title": "Name", + "type": "string" + }, + "NetworkAccessControl": { + "$ref": "#/definitions/AWS::Grafana::Workspace.NetworkAccessControl", + "markdownDescription": "The configuration settings for network access to your workspace.", + "title": "NetworkAccessControl" + }, + "NotificationDestinations": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.\n\n*AllowedValues* : `SNS`", + "title": "NotificationDestinations", "type": "array" }, - "Triggers": { + "OrganizationRoleName": { + "markdownDescription": "The name of the IAM role that is used to access resources through Organizations.", + "title": "OrganizationRoleName", + "type": "string" + }, + "OrganizationalUnits": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Trigger" + "type": "string" }, - "markdownDescription": "The `DatasetTrigger` objects that specify when the dataset is automatically updated.", - "title": "Triggers", + "markdownDescription": "Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.", + "title": "OrganizationalUnits", "type": "array" }, - "VersioningConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.VersioningConfiguration", - "markdownDescription": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* .", - "title": "VersioningConfiguration" - } - }, - "required": [ - "Actions" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoTAnalytics::Dataset" - ], + "PermissionType": { + "markdownDescription": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)", + "title": "PermissionType", + "type": "string" + }, + "PluginAdminEnabled": { + "markdownDescription": "Whether plugin administration is enabled in the workspace. Setting to `true` allows workspace admins to install, uninstall, and update plugins from within the Grafana workspace.\n\n> This option is only valid for workspaces that support Grafana version 9 or newer.", + "title": "PluginAdminEnabled", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "The IAM role that grants permissions to the AWS resources that the workspace will view data from. This role must already exist.", + "title": "RoleArn", + "type": "string" + }, + "SamlConfiguration": { + "$ref": "#/definitions/AWS::Grafana::Workspace.SamlConfiguration", + "markdownDescription": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace.", + "title": "SamlConfiguration" + }, + "StackSetName": { + "markdownDescription": "The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.", + "title": "StackSetName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Grafana::Workspace.VpcConfiguration", + "markdownDescription": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n> Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2).", + "title": "VpcConfiguration" + } + }, + "required": [ + "AccountAccessType", + "AuthenticationProviders", + "PermissionType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Grafana::Workspace" + ], "type": "string" }, "UpdateReplacePolicy": { @@ -125056,426 +132969,285 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Action": { + "AWS::Grafana::Workspace.AssertionAttributes": { "additionalProperties": false, "properties": { - "ActionName": { - "markdownDescription": "The name of the data set action by which data set contents are automatically created.", - "title": "ActionName", + "Email": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the email names for SAML users.", + "title": "Email", "type": "string" }, - "ContainerAction": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ContainerAction", - "markdownDescription": "Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries.", - "title": "ContainerAction" - }, - "QueryAction": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.QueryAction", - "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", - "title": "QueryAction" - } - }, - "required": [ - "ActionName" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.ContainerAction": { - "additionalProperties": false, - "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The ARN of the role which gives permission to the system to access needed resources in order to run the \"containerAction\". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application.", - "title": "ExecutionRoleArn", + "Groups": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for user groups.", + "title": "Groups", "type": "string" }, - "Image": { - "markdownDescription": "The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents.", - "title": "Image", + "Login": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the login names for SAML users.", + "title": "Login", "type": "string" }, - "ResourceConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ResourceConfiguration", - "markdownDescription": "Configuration of the resource which executes the \"containerAction\".", - "title": "ResourceConfiguration" - }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Variable" - }, - "markdownDescription": "The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of \"stringValue\", \"datasetContentVersionValue\", or \"outputFileUriValue\".", - "title": "Variables", - "type": "array" - } - }, - "required": [ - "ExecutionRoleArn", - "Image", - "ResourceConfiguration" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination", - "markdownDescription": "The destination to which dataset contents are delivered.", - "title": "Destination" - }, - "EntryName": { - "markdownDescription": "The name of the dataset content delivery rules entry.", - "title": "EntryName", + "Name": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for SAML users.", + "title": "Name", "type": "string" - } - }, - "required": [ - "Destination" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination": { - "additionalProperties": false, - "properties": { - "IotEventsDestinationConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration", - "markdownDescription": "Configuration information for delivery of dataset contents to AWS IoT Events .", - "title": "IotEventsDestinationConfiguration" }, - "S3DestinationConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.S3DestinationConfiguration", - "markdownDescription": "Configuration information for delivery of dataset contents to Amazon S3.", - "title": "S3DestinationConfiguration" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.DatasetContentVersionValue": { - "additionalProperties": false, - "properties": { - "DatasetName": { - "markdownDescription": "The name of the dataset whose latest contents are used as input to the notebook or application.", - "title": "DatasetName", + "Org": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for the users' organizations.", + "title": "Org", "type": "string" - } - }, - "required": [ - "DatasetName" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.DeltaTime": { - "additionalProperties": false, - "properties": { - "OffsetSeconds": { - "markdownDescription": "The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe.", - "title": "OffsetSeconds", - "type": "number" }, - "TimeExpression": { - "markdownDescription": "An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated.", - "title": "TimeExpression", + "Role": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user roles.", + "title": "Role", "type": "string" } }, - "required": [ - "OffsetSeconds", - "TimeExpression" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration": { - "additionalProperties": false, - "properties": { - "TimeoutInMinutes": { - "markdownDescription": "A time interval. You can use `timeoutInMinutes` so that AWS IoT Analytics can batch up late data notifications that have been generated since the last execution. AWS IoT Analytics sends one batch of notifications to Amazon CloudWatch Events at one time.\n\nFor more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* .", - "title": "TimeoutInMinutes", - "type": "number" - } - }, - "required": [ - "TimeoutInMinutes" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.Filter": { - "additionalProperties": false, - "properties": { - "DeltaTime": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTime", - "markdownDescription": "Used to limit data to that which has arrived since the last execution of the action.", - "title": "DeltaTime" - } - }, "type": "object" }, - "AWS::IoTAnalytics::Dataset.GlueConfiguration": { + "AWS::Grafana::Workspace.IdpMetadata": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables.", - "title": "DatabaseName", + "Url": { + "markdownDescription": "The URL of the location containing the IdP metadata.", + "title": "Url", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets.", - "title": "TableName", + "Xml": { + "markdownDescription": "The full IdP metadata, in XML format.", + "title": "Xml", "type": "string" } }, - "required": [ - "DatabaseName", - "TableName" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration": { + "AWS::Grafana::Workspace.NetworkAccessControl": { "additionalProperties": false, "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input to which dataset contents are delivered.", - "title": "InputName", - "type": "string" + "PrefixListIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration (passed an empty array) then no IP addresses are allowed to access the workspace. You create a prefix list using the Amazon VPC console.\n\nPrefix list IDs have the format `pl- *1a2b3c4d*` .\n\nFor more information about prefix lists, see [Group CIDR blocks using managed prefix lists](https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "PrefixListIds", + "type": "array" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to deliver dataset contents to an AWS IoT Events input.", - "title": "RoleArn", - "type": "string" + "VpceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon VPC endpoint IDs for the workspace. You can create VPC endpoints to your Amazon Managed Grafana workspace for access from within a VPC. If a `NetworkAccessConfiguration` is specified then only VPC endpoints specified here are allowed to access the workspace. If you pass in an empty array of strings, then no VPCs are allowed to access the workspace.\n\nVPC endpoint IDs have the format `vpce- *1a2b3c4d*` .\n\nFor more information about creating an interface VPC endpoint, see [Interface VPC endpoints](https://docs.aws.amazon.com/grafana/latest/userguide/VPC-endpoints) in the *Amazon Managed Grafana User Guide* .\n\n> The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the `com.amazonaws.[region].grafana-workspace` service endpoint). Other VPC endpoints are ignored.", + "title": "VpceIds", + "type": "array" } }, - "required": [ - "InputName", - "RoleArn" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.LateDataRule": { + "AWS::Grafana::Workspace.RoleValues": { "additionalProperties": false, "properties": { - "RuleConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration", - "markdownDescription": "The information needed to configure the late data rule.", - "title": "RuleConfiguration" + "Admin": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Admin` role to.", + "title": "Admin", + "type": "array" }, - "RuleName": { - "markdownDescription": "The name of the late data rule.", - "title": "RuleName", - "type": "string" - } - }, - "required": [ - "RuleConfiguration" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration": { - "additionalProperties": false, - "properties": { - "DeltaTimeSessionWindowConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration", - "markdownDescription": "The information needed to configure a delta time session window.", - "title": "DeltaTimeSessionWindowConfiguration" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.OutputFileUriValue": { - "additionalProperties": false, - "properties": { - "FileName": { - "markdownDescription": "The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket.", - "title": "FileName", - "type": "string" + "Editor": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Editor` role to.", + "title": "Editor", + "type": "array" } }, - "required": [ - "FileName" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.QueryAction": { + "AWS::Grafana::Workspace.SamlConfiguration": { "additionalProperties": false, "properties": { - "Filters": { + "AllowedOrganizations": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Filter" + "type": "string" }, - "markdownDescription": "Pre-filters applied to message data.", - "title": "Filters", + "markdownDescription": "Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access.", + "title": "AllowedOrganizations", "type": "array" }, - "SqlQuery": { - "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", - "title": "SqlQuery", - "type": "string" + "AssertionAttributes": { + "$ref": "#/definitions/AWS::Grafana::Workspace.AssertionAttributes", + "markdownDescription": "A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace.", + "title": "AssertionAttributes" + }, + "IdpMetadata": { + "$ref": "#/definitions/AWS::Grafana::Workspace.IdpMetadata", + "markdownDescription": "A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace.", + "title": "IdpMetadata" + }, + "LoginValidityDuration": { + "markdownDescription": "How long a sign-on session by a SAML user is valid, before the user has to sign on again.", + "title": "LoginValidityDuration", + "type": "number" + }, + "RoleValues": { + "$ref": "#/definitions/AWS::Grafana::Workspace.RoleValues", + "markdownDescription": "A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace.", + "title": "RoleValues" } }, "required": [ - "SqlQuery" + "IdpMetadata" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.ResourceConfiguration": { + "AWS::Grafana::Workspace.VpcConfiguration": { "additionalProperties": false, "properties": { - "ComputeType": { - "markdownDescription": "The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB).", - "title": "ComputeType", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 1 items. Maximum number of 5 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", + "title": "SecurityGroupIds", + "type": "array" }, - "VolumeSizeInGB": { - "markdownDescription": "The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50).", - "title": "VolumeSizeInGB", - "type": "number" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 2 items. Maximum number of 6 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "ComputeType", - "VolumeSizeInGB" + "SecurityGroupIds", + "SubnetIds" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.RetentionPeriod": { + "AWS::Greengrass::ConnectorDefinition": { "additionalProperties": false, "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" + "Condition": { + "type": "string" }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.S3DestinationConfiguration": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket to which dataset contents are delivered.", - "title": "Bucket", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "GlueConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.GlueConfiguration", - "markdownDescription": "Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service.", - "title": "GlueConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Key": { - "markdownDescription": "The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key.\n\nYou can create a unique key with the following options:\n\n- Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run.\n- Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content.\n- Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content.\n\nThe following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv`\n\n> If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other.", - "title": "Key", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion", + "markdownDescription": "The connector definition version to include when the connector definition is created. A connector definition version contains a list of [`connector`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html) property types.\n\n> To associate a connector definition version after the connector definition is created, create an [`AWS::Greengrass::ConnectorDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-connectordefinitionversion.html) resource and specify the ID of this connector definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the connector definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the connector definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::ConnectorDefinition" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 and AWS Glue resources.", - "title": "RoleArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket", - "Key", - "RoleArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Schedule": { + "AWS::Greengrass::ConnectorDefinition.Connector": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation.", - "title": "ScheduleExpression", + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "ConnectorArn", "type": "string" - } - }, - "required": [ - "ScheduleExpression" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.Trigger": { - "additionalProperties": false, - "properties": { - "Schedule": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Schedule", - "markdownDescription": "The \"Schedule\" when the trigger is initiated.", - "title": "Schedule" }, - "TriggeringDataset": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.TriggeringDataset", - "markdownDescription": "Information about the data set whose content generation triggers the new data set content generation.", - "title": "TriggeringDataset" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Dataset.TriggeringDataset": { - "additionalProperties": false, - "properties": { - "DatasetName": { - "markdownDescription": "The name of the data set whose content generation triggers the new data set content generation.", - "title": "DatasetName", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters or configuration used by the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "Parameters", + "type": "object" } }, "required": [ - "DatasetName" + "ConnectorArn", + "Id" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Variable": { + "AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion": { "additionalProperties": false, "properties": { - "DatasetContentVersionValue": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentVersionValue", - "markdownDescription": "The value of the variable as a structure that specifies a dataset content version.", - "title": "DatasetContentVersionValue" - }, - "DoubleValue": { - "markdownDescription": "The value of the variable as a double (numeric).", - "title": "DoubleValue", - "type": "number" - }, - "OutputFileUriValue": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.OutputFileUriValue", - "markdownDescription": "The value of the variable as a structure that specifies an output file URI.", - "title": "OutputFileUriValue" - }, - "StringValue": { - "markdownDescription": "The value of the variable as a string.", - "title": "StringValue", - "type": "string" - }, - "VariableName": { - "markdownDescription": "The name of the variable.", - "title": "VariableName", - "type": "string" + "Connectors": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.Connector" + }, + "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to a connector definition version at a time.", + "title": "Connectors", + "type": "array" } }, "required": [ - "VariableName" + "Connectors" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.VersioningConfiguration": { - "additionalProperties": false, - "properties": { - "MaxVersions": { - "markdownDescription": "How many versions of dataset contents are kept. The `unlimited` parameter must be `false` .", - "title": "MaxVersions", - "type": "number" - }, - "Unlimited": { - "markdownDescription": "If true, unlimited versions of dataset contents are kept.", - "title": "Unlimited", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore": { + "AWS::Greengrass::ConnectorDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -125510,45 +133282,29 @@ "Properties": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The name of the data store.", - "title": "DatastoreName", + "ConnectorDefinitionId": { + "markdownDescription": "The ID of the connector definition associated with this version. This value is a GUID.", + "title": "ConnectorDefinitionId", "type": "string" }, - "DatastorePartitions": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartitions", - "markdownDescription": "Information about the partition dimensions in a data store.", - "title": "DatastorePartitions" - }, - "DatastoreStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastoreStorage", - "markdownDescription": "Where data store data is stored.", - "title": "DatastoreStorage" - }, - "FileFormatConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.FileFormatConfiguration", - "markdownDescription": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store.", - "title": "FileFormatConfiguration" - }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.RetentionPeriod", - "markdownDescription": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored.", - "title": "RetentionPeriod" - }, - "Tags": { + "Connectors": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinitionVersion.Connector" }, - "markdownDescription": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to the connector definition version at a time.", + "title": "Connectors", "type": "array" } }, + "required": [ + "ConnectorDefinitionId", + "Connectors" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Datastore" + "AWS::Greengrass::ConnectorDefinitionVersion" ], "type": "string" }, @@ -125562,227 +133318,269 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.Column": { + "AWS::Greengrass::ConnectorDefinitionVersion.Connector": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the column.", - "title": "Name", + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "ConnectorArn", "type": "string" }, - "Type": { - "markdownDescription": "The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* .", - "title": "Type", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters or configuration that the connector uses.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "Parameters", + "type": "object" } }, "required": [ - "Name", - "Type" + "ConnectorArn", + "Id" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.CustomerManagedS3": { + "AWS::Greengrass::CoreDefinition": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", - "title": "Bucket", + "Condition": { "type": "string" }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", - "title": "KeyPrefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", - "title": "RoleArn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.CoreDefinitionVersion", + "markdownDescription": "The core definition version to include when the core definition is created. Currently, a core definition version can contain only one [`core`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-coredefinition-core.html) .\n\n> To associate a core definition version after the core definition is created, create an [`AWS::Greengrass::CoreDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-coredefinitionversion.html) resource and specify the ID of this core definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the core definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the core definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::CoreDefinition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket", - "RoleArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage": { + "AWS::Greengrass::CoreDefinition.Core": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", - "title": "Bucket", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", "type": "string" }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", - "title": "KeyPrefix", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "SyncShadow": { + "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", + "title": "SyncShadow", + "type": "boolean" + }, + "ThingArn": { + "markdownDescription": "The ARN of the core, which is an AWS IoT device (thing).", + "title": "ThingArn", "type": "string" } }, "required": [ - "Bucket" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.DatastorePartition": { - "additionalProperties": false, - "properties": { - "Partition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Partition", - "markdownDescription": "A partition dimension defined by an attribute.", - "title": "Partition" - }, - "TimestampPartition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.TimestampPartition", - "markdownDescription": "A partition dimension defined by a timestamp attribute.", - "title": "TimestampPartition" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.DatastorePartitions": { + "AWS::Greengrass::CoreDefinition.CoreDefinitionVersion": { "additionalProperties": false, "properties": { - "Partitions": { + "Cores": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartition" + "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.Core" }, - "markdownDescription": "A list of partition dimensions in a data store.", - "title": "Partitions", + "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", + "title": "Cores", "type": "array" } }, + "required": [ + "Cores" + ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.DatastoreStorage": { + "AWS::Greengrass::CoreDefinitionVersion": { "additionalProperties": false, "properties": { - "CustomerManagedS3": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3", - "markdownDescription": "Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", - "title": "CustomerManagedS3" + "Condition": { + "type": "string" }, - "IotSiteWiseMultiLayerStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage", - "markdownDescription": "Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created.", - "title": "IotSiteWiseMultiLayerStorage" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ServiceManagedS3": { - "markdownDescription": "Use this to store data store data in an S3 bucket managed by the AWS IoT Analytics service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", - "title": "ServiceManagedS3", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { "type": "object" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.FileFormatConfiguration": { - "additionalProperties": false, - "properties": { - "JsonConfiguration": { - "markdownDescription": "Contains the configuration information of the JSON format.", - "title": "JsonConfiguration", + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreDefinitionId": { + "markdownDescription": "The ID of the core definition associated with this version. This value is a GUID.", + "title": "CoreDefinitionId", + "type": "string" + }, + "Cores": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::CoreDefinitionVersion.Core" + }, + "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", + "title": "Cores", + "type": "array" + } + }, + "required": [ + "CoreDefinitionId", + "Cores" + ], "type": "object" }, - "ParquetConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.ParquetConfiguration", - "markdownDescription": "Contains the configuration information of the Parquet format.", - "title": "ParquetConfiguration" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage": { - "additionalProperties": false, - "properties": { - "CustomerManagedS3Storage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage", - "markdownDescription": "Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage.", - "title": "CustomerManagedS3Storage" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.ParquetConfiguration": { - "additionalProperties": false, - "properties": { - "SchemaDefinition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.SchemaDefinition", - "markdownDescription": "Information needed to define a schema.", - "title": "SchemaDefinition" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.Partition": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "The name of the attribute that defines a partition dimension.", - "title": "AttributeName", + "Type": { + "enum": [ + "AWS::Greengrass::CoreDefinitionVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AttributeName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.RetentionPeriod": { + "AWS::Greengrass::CoreDefinitionVersion.Core": { "additionalProperties": false, "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" + "CertificateArn": { + "markdownDescription": "The ARN of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", + "type": "string" }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.SchemaDefinition": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Column" - }, - "markdownDescription": "Specifies one or more columns that store your data.\n\nEach schema can have up to 100 columns. Each column can have up to 100 nested types.", - "title": "Columns", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Datastore.TimestampPartition": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "The attribute name of the partition defined by a timestamp.", - "title": "AttributeName", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "TimestampFormat": { - "markdownDescription": "The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time).", - "title": "TimestampFormat", + "SyncShadow": { + "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", + "title": "SyncShadow", + "type": "boolean" + }, + "ThingArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the core, which is an AWS IoT device (thing).", + "title": "ThingArn", "type": "string" } }, "required": [ - "AttributeName" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline": { + "AWS::Greengrass::DeviceDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -125817,36 +133615,30 @@ "Properties": { "additionalProperties": false, "properties": { - "PipelineActivities": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Activity" - }, - "markdownDescription": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`", - "title": "PipelineActivities", - "type": "array" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion", + "markdownDescription": "The device definition version to include when the device definition is created. A device definition version contains a list of [`device`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-devicedefinition-device.html) property types.\n\n> To associate a device definition version after the device definition is created, create an [`AWS::Greengrass::DeviceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-devicedefinitionversion.html) resource and specify the ID of this device definition.", + "title": "InitialVersion" }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", + "Name": { + "markdownDescription": "The name of the device definition.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Application-specific metadata to attach to the device definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "PipelineActivities" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Pipeline" + "AWS::Greengrass::DeviceDefinition" ], "type": "string" }, @@ -125865,356 +133657,55 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Activity": { + "AWS::Greengrass::DeviceDefinition.Device": { "additionalProperties": false, "properties": { - "AddAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.AddAttributes", - "markdownDescription": "Adds other attributes based on existing attributes in the message.", - "title": "AddAttributes" - }, - "Channel": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Channel", - "markdownDescription": "Determines the source of the messages to be processed.", - "title": "Channel" - }, - "Datastore": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Datastore", - "markdownDescription": "Specifies where to store the processed message data.", - "title": "Datastore" - }, - "DeviceRegistryEnrich": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich", - "markdownDescription": "Adds data from the AWS IoT device registry to your message.", - "title": "DeviceRegistryEnrich" - }, - "DeviceShadowEnrich": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich", - "markdownDescription": "Adds information from the AWS IoT Device Shadows service to a message.", - "title": "DeviceShadowEnrich" - }, - "Filter": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Filter", - "markdownDescription": "Filters a message based on its attributes.", - "title": "Filter" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Lambda", - "markdownDescription": "Runs a Lambda function to modify the message.", - "title": "Lambda" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", + "type": "string" }, - "Math": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Math", - "markdownDescription": "Computes an arithmetic expression using the message's attributes and adds it to the message.", - "title": "Math" + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" }, - "RemoveAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.RemoveAttributes", - "markdownDescription": "Removes attributes from a message.", - "title": "RemoveAttributes" + "SyncShadow": { + "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", + "title": "SyncShadow", + "type": "boolean" }, - "SelectAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.SelectAttributes", - "markdownDescription": "Creates a new message using only the specified attributes from the original message.", - "title": "SelectAttributes" - } - }, - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.AddAttributes": { - "additionalProperties": false, - "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A list of 1-50 \"AttributeNameMapping\" objects that map an existing attribute to a new attribute.\n\n> The existing attributes remain in the message, so if you want to remove the originals, use \"RemoveAttributeActivity\".", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "Name": { - "markdownDescription": "The name of the 'addAttributes' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" - } - }, - "required": [ - "Attributes", - "Name" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.Channel": { - "additionalProperties": false, - "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel from which the messages are processed.", - "title": "ChannelName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'channel' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" - } - }, - "required": [ - "ChannelName", - "Name" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.Datastore": { - "additionalProperties": false, - "properties": { - "DatastoreName": { - "markdownDescription": "The name of the data store where processed messages are stored.", - "title": "DatastoreName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the datastore activity.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "DatastoreName", - "Name" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich": { - "additionalProperties": false, - "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that is added to the message.", - "title": "Attribute", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'deviceRegistryEnrich' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows access to the device's registry information.", - "title": "RoleArn", - "type": "string" - }, - "ThingName": { - "markdownDescription": "The name of the IoT device whose registry information is added to the message.", - "title": "ThingName", - "type": "string" - } - }, - "required": [ - "Attribute", - "Name", - "RoleArn", - "ThingName" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich": { - "additionalProperties": false, - "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that is added to the message.", - "title": "Attribute", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'deviceShadowEnrich' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows access to the device's shadow.", - "title": "RoleArn", - "type": "string" - }, - "ThingName": { - "markdownDescription": "The name of the IoT device whose shadow information is added to the message.", - "title": "ThingName", - "type": "string" - } - }, - "required": [ - "Attribute", - "Name", - "RoleArn", - "ThingName" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.Filter": { - "additionalProperties": false, - "properties": { - "Filter": { - "markdownDescription": "An expression that looks like an SQL WHERE clause that must return a Boolean value.", - "title": "Filter", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'filter' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" - } - }, - "required": [ - "Filter", - "Name" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.Lambda": { - "additionalProperties": false, - "properties": { - "BatchSize": { - "markdownDescription": "The number of messages passed to the Lambda function for processing.\n\nThe AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions.", - "title": "BatchSize", - "type": "number" - }, - "LambdaName": { - "markdownDescription": "The name of the Lambda function that is run on the message.", - "title": "LambdaName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'lambda' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" - } - }, - "required": [ - "BatchSize", - "LambdaName", - "Name" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.Math": { - "additionalProperties": false, - "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that contains the result of the math operation.", - "title": "Attribute", - "type": "string" - }, - "Math": { - "markdownDescription": "An expression that uses one or more existing attributes and must return an integer value.", - "title": "Math", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'math' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" - } - }, - "required": [ - "Attribute", - "Math", - "Name" - ], - "type": "object" - }, - "AWS::IoTAnalytics::Pipeline.RemoveAttributes": { - "additionalProperties": false, - "properties": { - "Attributes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of 1-50 attributes to remove from the message.", - "title": "Attributes", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the 'removeAttributes' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "ThingArn": { + "markdownDescription": "The ARN of the device, which is an AWS IoT device (thing).", + "title": "ThingArn", + "type": "string" } }, "required": [ - "Attributes", - "Name" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.SelectAttributes": { + "AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion": { "additionalProperties": false, "properties": { - "Attributes": { + "Devices": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.Device" }, - "markdownDescription": "A list of the attributes to select from the message.", - "title": "Attributes", + "markdownDescription": "The devices in this version.", + "title": "Devices", "type": "array" - }, - "Name": { - "markdownDescription": "The name of the 'selectAttributes' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" } }, "required": [ - "Attributes", - "Name" + "Devices" ], "type": "object" }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition": { + "AWS::Greengrass::DeviceDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -126249,28 +133740,29 @@ "Properties": { "additionalProperties": false, "properties": { - "SuiteDefinitionConfiguration": { - "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration", - "markdownDescription": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String", - "title": "SuiteDefinitionConfiguration" + "DeviceDefinitionId": { + "markdownDescription": "The ID of the device definition associated with this version. This value is a GUID.", + "title": "DeviceDefinitionId", + "type": "string" }, - "Tags": { + "Devices": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinitionVersion.Device" }, - "markdownDescription": "Metadata that can be used to manage the the Suite Definition.", - "title": "Tags", + "markdownDescription": "The devices in this version.", + "title": "Devices", "type": "array" } }, "required": [ - "SuiteDefinitionConfiguration" + "DeviceDefinitionId", + "Devices" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition" + "AWS::Greengrass::DeviceDefinitionVersion" ], "type": "string" }, @@ -126289,61 +133781,38 @@ ], "type": "object" }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest": { + "AWS::Greengrass::DeviceDefinitionVersion.Device": { "additionalProperties": false, "properties": { "CertificateArn": { - "markdownDescription": "Lists device's certificate ARN.", + "markdownDescription": "The ARN of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", "title": "CertificateArn", "type": "string" }, - "ThingArn": { - "markdownDescription": "Lists device's thing ARN.", - "title": "ThingArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration": { - "additionalProperties": false, - "properties": { - "DevicePermissionRoleArn": { - "markdownDescription": "Gets the device permission ARN. This is a required parameter.", - "title": "DevicePermissionRoleArn", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "Devices": { - "items": { - "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest" - }, - "markdownDescription": "Gets the devices configured.", - "title": "Devices", - "type": "array" - }, - "IntendedForQualification": { - "markdownDescription": "Gets the tests intended for qualification in a suite.", - "title": "IntendedForQualification", + "SyncShadow": { + "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", + "title": "SyncShadow", "type": "boolean" }, - "RootGroup": { - "markdownDescription": "Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default.\n\nFor a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048.", - "title": "RootGroup", - "type": "string" - }, - "SuiteDefinitionName": { - "markdownDescription": "Gets the suite definition name. This is a required parameter.", - "title": "SuiteDefinitionName", + "ThingArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device, which is an AWS IoT device (thing).", + "title": "ThingArn", "type": "string" } }, "required": [ - "DevicePermissionRoleArn", - "RootGroup" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel": { + "AWS::Greengrass::FunctionDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -126378,64 +133847,30 @@ "Properties": { "additionalProperties": false, "properties": { - "AlarmCapabilities": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmCapabilities", - "markdownDescription": "Contains the configuration information of alarm state changes.", - "title": "AlarmCapabilities" - }, - "AlarmEventActions": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmEventActions", - "markdownDescription": "Contains information about one or more alarm actions.", - "title": "AlarmEventActions" - }, - "AlarmModelDescription": { - "markdownDescription": "The description of the alarm model.", - "title": "AlarmModelDescription", - "type": "string" - }, - "AlarmModelName": { - "markdownDescription": "The name of the alarm model.", - "title": "AlarmModelName", - "type": "string" - }, - "AlarmRule": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmRule", - "markdownDescription": "Defines when your alarm is invoked.", - "title": "AlarmRule" - }, - "Key": { - "markdownDescription": "An input attribute used as a key to create an alarm. AWS IoT Events routes [inputs](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Input.html) associated with this key to the alarm.", - "title": "Key", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion", + "markdownDescription": "The function definition version to include when the function definition is created. A function definition version contains a list of [`function`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinition-function.html) property types.\n\n> To associate a function definition version after the function definition is created, create an [`AWS::Greengrass::FunctionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-functiondefinitionversion.html) resource and specify the ID of this function definition.", + "title": "InitialVersion" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that allows the alarm to perform actions and access AWS resources. For more information, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name of the function definition.", + "title": "Name", "type": "string" }, - "Severity": { - "markdownDescription": "A non-negative integer that reflects the severity level of the alarm.", - "title": "Severity", - "type": "number" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the alarm model. The tags help you manage the alarm model. For more information, see [Tagging your AWS IoT Events resources](https://docs.aws.amazon.com/iotevents/latest/developerguide/tagging-iotevents.html) in the *AWS IoT Events Developer Guide* .\n\nYou can create up to 50 tags for one alarm model.", + "markdownDescription": "Application-specific metadata to attach to the function definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "AlarmRule", - "RoleArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::AlarmModel" + "AWS::Greengrass::FunctionDefinition" ], "type": "string" }, @@ -126454,474 +133889,432 @@ ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { + "AWS::Greengrass::FunctionDefinition.DefaultConfig": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "The value must be `TRUE` or `FALSE` . If `TRUE` , you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to `NORMAL` . If `FALSE` , you won't receive notifications. The alarm automatically changes to the `NORMAL` state when the input property value returns to the specified range.", - "title": "Enabled", - "type": "boolean" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", + "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", + "title": "Execution" } }, + "required": [ + "Execution" + ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmAction": { + "AWS::Greengrass::FunctionDefinition.Environment": { "additionalProperties": false, "properties": { - "DynamoDB": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDB", - "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBAction` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `hashKeyType` parameter can be `'STRING'` .\n- For references, you must specify either variables or input values. For example, the value for the `hashKeyField` parameter can be `$input.GreenhouseInput.name` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `hashKeyValue` parameter uses a substitution template.\n\n`'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nIf the defined payload type is a string, `DynamoDBAction` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the `payloadField` parameter is `_raw` .", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDBv2", - "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBv2Action` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `tableName` parameter can be `'GreenhouseTemperatureTable'` .\n- For references, you must specify either variables or input values. For example, the value for the `tableName` parameter can be `$variable.ddbtableName` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `contentExpression` parameter in `Payload` uses a substitution template.\n\n`'{\\\"sensorID\\\": \\\"${$input.GreenhouseInput.sensor_id}\\\", \\\"temperature\\\": \\\"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\\\"}'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nThe value for the `type` parameter in `Payload` must be `JSON` .", - "title": "DynamoDBv2" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Firehose", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", - "title": "Firehose" - }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotEvents", - "markdownDescription": "Sends an AWS IoT Events input, passing in information about the detector model instance and the event that triggered the action.", - "title": "IotEvents" - }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotSiteWise", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to a specified asset property in AWS IoT SiteWise .\n\nYou must use expressions for all parameters in `IotSiteWiseAction` . The expressions accept literals, operators, functions, references, and substitutions templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `propertyAlias` parameter can be `'/company/windfarm/3/turbine/7/temperature'` .\n- For references, you must specify either variables or input values. For example, the value for the `assetId` parameter can be `$input.TurbineInput.assetId1` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `propertyAlias` parameter uses a substitution template.\n\n`'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`\n\nYou must specify either `propertyAlias` or both `assetId` and `propertyId` to identify the target asset property in AWS IoT SiteWise .\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .", - "title": "IotSiteWise" - }, - "IotTopicPublish": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotTopicPublish", - "markdownDescription": "Information required to publish the MQTT message through the AWS IoT message broker.", - "title": "IotTopicPublish" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Lambda", - "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", - "title": "Lambda" - }, - "Sns": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sns", - "markdownDescription": "Information required to publish the Amazon SNS message.", - "title": "Sns" + "AccessSysfs": { + "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "AccessSysfs", + "type": "boolean" }, - "Sqs": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sqs", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue.", - "title": "Sqs" - } - }, - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.AlarmCapabilities": { - "additionalProperties": false, - "properties": { - "AcknowledgeFlow": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AcknowledgeFlow", - "markdownDescription": "Specifies whether to get notified for alarm state changes.", - "title": "AcknowledgeFlow" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", + "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", + "title": "Execution" }, - "InitializationConfiguration": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.InitializationConfiguration", - "markdownDescription": "Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model.", - "title": "InitializationConfiguration" - } - }, - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.AlarmEventActions": { - "additionalProperties": false, - "properties": { - "AlarmActions": { + "ResourceAccessPolicies": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmAction" + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy" }, - "markdownDescription": "Specifies one or more supported actions to receive notifications when the alarm state changes.", - "title": "AlarmActions", + "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only for Lambda functions that run in a Greengrass container.", + "title": "ResourceAccessPolicies", "type": "array" + }, + "Variables": { + "markdownDescription": "Environment variables for the Lambda function.", + "title": "Variables", + "type": "object" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmRule": { - "additionalProperties": false, - "properties": { - "SimpleRule": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.SimpleRule", - "markdownDescription": "A rule that compares an input property value to a threshold value with a comparison operator.", - "title": "SimpleRule" - } - }, - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp": { + "AWS::Greengrass::FunctionDefinition.Execution": { "additionalProperties": false, "properties": { - "OffsetInNanos": { - "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", - "title": "OffsetInNanos", + "IsolationMode": { + "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", + "title": "IsolationMode", "type": "string" }, - "TimeInSeconds": { - "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", - "title": "TimeInSeconds", - "type": "string" + "RunAs": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.RunAs", + "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", + "title": "RunAs" } }, - "required": [ - "TimeInSeconds" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AssetPropertyValue": { + "AWS::Greengrass::FunctionDefinition.Function": { "additionalProperties": false, "properties": { - "Quality": { - "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", - "title": "Quality", + "FunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", + "title": "FunctionArn", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp", - "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", - "title": "Timestamp" + "FunctionConfiguration": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionConfiguration", + "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", + "title": "FunctionConfiguration" }, - "Value": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyVariant", - "markdownDescription": "The value to send to an asset property.", - "title": "Value" + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" } }, "required": [ - "Value" + "FunctionArn", + "FunctionConfiguration", + "Id" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AssetPropertyVariant": { + "AWS::Greengrass::FunctionDefinition.FunctionConfiguration": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", - "title": "BooleanValue", + "EncodingType": { + "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", + "title": "EncodingType", "type": "string" }, - "DoubleValue": { - "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", - "title": "DoubleValue", - "type": "string" + "Environment": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Environment", + "markdownDescription": "The environment configuration of the function.", + "title": "Environment" }, - "IntegerValue": { - "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", - "title": "IntegerValue", + "ExecArgs": { + "markdownDescription": "The execution arguments.", + "title": "ExecArgs", "type": "string" }, - "StringValue": { - "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", - "title": "StringValue", + "Executable": { + "markdownDescription": "The name of the function executable.", + "title": "Executable", "type": "string" + }, + "MemorySize": { + "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "MemorySize", + "type": "number" + }, + "Pinned": { + "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", + "title": "Pinned", + "type": "boolean" + }, + "Timeout": { + "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", + "title": "Timeout", + "type": "number" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.DynamoDB": { + "AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", - "title": "HashKeyType", - "type": "string" - }, - "HashKeyValue": { - "markdownDescription": "The value of the hash key (also called the partition key).", - "title": "HashKeyValue", - "type": "string" - }, - "Operation": { - "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", - "title": "Operation", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "PayloadField": { - "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", - "title": "PayloadField", - "type": "string" - }, - "RangeKeyField": { - "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", - "title": "RangeKeyField", - "type": "string" - }, - "RangeKeyType": { - "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", - "title": "RangeKeyType", - "type": "string" - }, - "RangeKeyValue": { - "markdownDescription": "The value of the range key (also called the sort key).", - "title": "RangeKeyValue", - "type": "string" + "DefaultConfig": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.DefaultConfig", + "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", + "title": "DefaultConfig" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", - "title": "TableName", - "type": "string" + "Functions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Function" + }, + "markdownDescription": "The functions in this version.", + "title": "Functions", + "type": "array" } }, "required": [ - "HashKeyField", - "HashKeyValue", - "TableName" + "Functions" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.DynamoDBv2": { + "AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" + "Permission": { + "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", + "title": "Permission", + "type": "string" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", + "ResourceId": { + "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", + "title": "ResourceId", "type": "string" } }, "required": [ - "TableName" + "ResourceId" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Firehose": { + "AWS::Greengrass::FunctionDefinition.RunAs": { "additionalProperties": false, "properties": { - "DeliveryStreamName": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", - "title": "DeliveryStreamName", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", - "title": "Payload" + "Gid": { + "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", + "title": "Gid", + "type": "number" }, - "Separator": { - "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", - "type": "string" + "Uid": { + "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", + "title": "Uid", + "type": "number" } }, - "required": [ - "DeliveryStreamName" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.InitializationConfiguration": { + "AWS::Greengrass::FunctionDefinitionVersion": { "additionalProperties": false, "properties": { - "DisabledOnInitialization": { - "markdownDescription": "The value must be `TRUE` or `FALSE` . If `FALSE` , all alarm instances created based on the alarm model are activated. The default value is `TRUE` .", - "title": "DisabledOnInitialization", - "type": "boolean" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultConfig": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig", + "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", + "title": "DefaultConfig" + }, + "FunctionDefinitionId": { + "markdownDescription": "The ID of the function definition associated with this version. This value is a GUID.", + "title": "FunctionDefinitionId", + "type": "string" + }, + "Functions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Function" + }, + "markdownDescription": "The functions in this version.", + "title": "Functions", + "type": "array" + } + }, + "required": [ + "FunctionDefinitionId", + "Functions" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::FunctionDefinitionVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DisabledOnInitialization" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.IotEvents": { + "AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig": { "additionalProperties": false, "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", - "title": "InputName", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", - "title": "Payload" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", + "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", + "title": "Execution" } }, "required": [ - "InputName" + "Execution" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.IotSiteWise": { + "AWS::Greengrass::FunctionDefinitionVersion.Environment": { "additionalProperties": false, "properties": { - "AssetId": { - "markdownDescription": "The ID of the asset that has the specified property.", - "title": "AssetId", - "type": "string" - }, - "EntryId": { - "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", - "title": "EntryId", - "type": "string" + "AccessSysfs": { + "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "AccessSysfs", + "type": "boolean" }, - "PropertyAlias": { - "markdownDescription": "The alias of the asset property.", - "title": "PropertyAlias", - "type": "string" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", + "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", + "title": "Execution" }, - "PropertyId": { - "markdownDescription": "The ID of the asset property.", - "title": "PropertyId", - "type": "string" + "ResourceAccessPolicies": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy" + }, + "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "ResourceAccessPolicies", + "type": "array" }, - "PropertyValue": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyValue", - "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", - "title": "PropertyValue" + "Variables": { + "markdownDescription": "Environment variables for the Lambda function.", + "title": "Variables", + "type": "object" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.IotTopicPublish": { + "AWS::Greengrass::FunctionDefinitionVersion.Execution": { "additionalProperties": false, "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", - "title": "MqttTopic", + "IsolationMode": { + "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", + "title": "IsolationMode", "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", - "title": "Payload" + "RunAs": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.RunAs", + "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", + "title": "RunAs" } }, - "required": [ - "MqttTopic" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Lambda": { + "AWS::Greengrass::FunctionDefinitionVersion.Function": { "additionalProperties": false, "properties": { "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function that is executed.", + "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", "title": "FunctionArn", "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", - "title": "Payload" - } - }, - "required": [ - "FunctionArn" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.Payload": { - "additionalProperties": false, - "properties": { - "ContentExpression": { - "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", - "title": "ContentExpression", - "type": "string" + "FunctionConfiguration": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration", + "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", + "title": "FunctionConfiguration" }, - "Type": { - "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", - "title": "Type", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" } }, "required": [ - "ContentExpression", - "Type" + "FunctionArn", + "FunctionConfiguration", + "Id" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.SimpleRule": { + "AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The comparison operator.", - "title": "ComparisonOperator", + "EncodingType": { + "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", + "title": "EncodingType", "type": "string" }, - "InputProperty": { - "markdownDescription": "The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property.", - "title": "InputProperty", + "Environment": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Environment", + "markdownDescription": "The environment configuration of the function.", + "title": "Environment" + }, + "ExecArgs": { + "markdownDescription": "The execution arguments.", + "title": "ExecArgs", "type": "string" }, - "Threshold": { - "markdownDescription": "The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute.", - "title": "Threshold", + "Executable": { + "markdownDescription": "The name of the function executable.", + "title": "Executable", "type": "string" + }, + "MemorySize": { + "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "MemorySize", + "type": "number" + }, + "Pinned": { + "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", + "title": "Pinned", + "type": "boolean" + }, + "Timeout": { + "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", + "title": "Timeout", + "type": "number" } }, - "required": [ - "ComparisonOperator", - "InputProperty", - "Threshold" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Sns": { + "AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", - "title": "Payload" + "Permission": { + "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", + "title": "Permission", + "type": "string" }, - "TargetArn": { - "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", - "title": "TargetArn", + "ResourceId": { + "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", + "title": "ResourceId", "type": "string" } }, "required": [ - "TargetArn" + "ResourceId" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Sqs": { + "AWS::Greengrass::FunctionDefinitionVersion.RunAs": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", - "title": "Payload" - }, - "QueueUrl": { - "markdownDescription": "The URL of the SQS queue where the data is written.", - "title": "QueueUrl", - "type": "string" + "Gid": { + "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", + "title": "Gid", + "type": "number" }, - "UseBase64": { - "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", - "title": "UseBase64", - "type": "boolean" + "Uid": { + "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", + "title": "Uid", + "type": "number" } }, - "required": [ - "QueueUrl" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel": { + "AWS::Greengrass::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -126956,54 +134349,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DetectorModelDefinition": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DetectorModelDefinition", - "markdownDescription": "Information that defines how a detector operates.", - "title": "DetectorModelDefinition" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::Group.GroupVersion", + "markdownDescription": "The group version to include when the group is created. A group version references the Amazon Resource Name (ARN) of a core definition version, device definition version, subscription definition version, and other version types. The group version must reference a core definition version that contains one core. Other version types are optionally included, depending on your business need.\n\n> To associate a group version after the group is created, create an [`AWS::Greengrass::GroupVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-groupversion.html) resource and specify the ID of this group.", + "title": "InitialVersion" }, - "DetectorModelDescription": { - "markdownDescription": "A brief description of the detector model.", - "title": "DetectorModelDescription", - "type": "string" - }, - "DetectorModelName": { - "markdownDescription": "The name of the detector model.", - "title": "DetectorModelName", - "type": "string" - }, - "EvaluationMethod": { - "markdownDescription": "Information about the order in which events are evaluated and how actions are executed.", - "title": "EvaluationMethod", - "type": "string" - }, - "Key": { - "markdownDescription": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value.", - "title": "Key", + "Name": { + "markdownDescription": "The name of the group.", + "title": "Name", "type": "string" }, "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to AWS IoT Events to perform its operations.", + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role attached to the group. This role contains the permissions that Lambda functions and connectors use to interact with other AWS services.", "title": "RoleArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Application-specific metadata to attach to the group. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "DetectorModelDefinition", - "RoleArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::DetectorModel" + "AWS::Greengrass::Group" ], "type": "string" }, @@ -127022,640 +134396,700 @@ ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.Action": { + "AWS::Greengrass::Group.GroupVersion": { "additionalProperties": false, "properties": { - "ClearTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ClearTimer", - "markdownDescription": "Information needed to clear the timer.", - "title": "ClearTimer" - }, - "DynamoDB": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDB", - "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDBv2", - "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", - "title": "DynamoDBv2" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Firehose", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", - "title": "Firehose" - }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotEvents", - "markdownDescription": "Sends AWS IoT Events input, which passes information about the detector model instance and the event that triggered the action.", - "title": "IotEvents" - }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotSiteWise", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an asset property in AWS IoT SiteWise .", - "title": "IotSiteWise" - }, - "IotTopicPublish": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotTopicPublish", - "markdownDescription": "Publishes an MQTT message with the given topic to the AWS IoT message broker.", - "title": "IotTopicPublish" + "ConnectorDefinitionVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", + "title": "ConnectorDefinitionVersionArn", + "type": "string" }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Lambda", - "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", - "title": "Lambda" + "CoreDefinitionVersionArn": { + "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", + "title": "CoreDefinitionVersionArn", + "type": "string" }, - "ResetTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ResetTimer", - "markdownDescription": "Information needed to reset the timer.", - "title": "ResetTimer" + "DeviceDefinitionVersionArn": { + "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", + "title": "DeviceDefinitionVersionArn", + "type": "string" }, - "SetTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetTimer", - "markdownDescription": "Information needed to set the timer.", - "title": "SetTimer" + "FunctionDefinitionVersionArn": { + "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", + "title": "FunctionDefinitionVersionArn", + "type": "string" }, - "SetVariable": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetVariable", - "markdownDescription": "Sets a variable to a specified value.", - "title": "SetVariable" + "LoggerDefinitionVersionArn": { + "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", + "title": "LoggerDefinitionVersionArn", + "type": "string" }, - "Sns": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sns", - "markdownDescription": "Sends an Amazon SNS message.", - "title": "Sns" + "ResourceDefinitionVersionArn": { + "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", + "title": "ResourceDefinitionVersionArn", + "type": "string" }, - "Sqs": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sqs", - "markdownDescription": "Sends an Amazon SNS message.", - "title": "Sqs" + "SubscriptionDefinitionVersionArn": { + "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", + "title": "SubscriptionDefinitionVersionArn", + "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp": { + "AWS::Greengrass::GroupVersion": { "additionalProperties": false, "properties": { - "OffsetInNanos": { - "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", - "title": "OffsetInNanos", + "Condition": { "type": "string" }, - "TimeInSeconds": { - "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", - "title": "TimeInSeconds", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorDefinitionVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", + "title": "ConnectorDefinitionVersionArn", + "type": "string" + }, + "CoreDefinitionVersionArn": { + "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", + "title": "CoreDefinitionVersionArn", + "type": "string" + }, + "DeviceDefinitionVersionArn": { + "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", + "title": "DeviceDefinitionVersionArn", + "type": "string" + }, + "FunctionDefinitionVersionArn": { + "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", + "title": "FunctionDefinitionVersionArn", + "type": "string" + }, + "GroupId": { + "markdownDescription": "The ID of the group associated with this version. This value is a GUID.", + "title": "GroupId", + "type": "string" + }, + "LoggerDefinitionVersionArn": { + "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", + "title": "LoggerDefinitionVersionArn", + "type": "string" + }, + "ResourceDefinitionVersionArn": { + "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", + "title": "ResourceDefinitionVersionArn", + "type": "string" + }, + "SubscriptionDefinitionVersionArn": { + "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", + "title": "SubscriptionDefinitionVersionArn", + "type": "string" + } + }, + "required": [ + "GroupId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::GroupVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "TimeInSeconds" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.AssetPropertyValue": { + "AWS::Greengrass::LoggerDefinition": { "additionalProperties": false, "properties": { - "Quality": { - "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", - "title": "Quality", + "Condition": { "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp", - "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", - "title": "Timestamp" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyVariant", - "markdownDescription": "The value to send to an asset property.", - "title": "Value" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion", + "markdownDescription": "The logger definition version to include when the logger definition is created. A logger definition version contains a list of [`logger`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-loggerdefinition-logger.html) property types.\n\n> To associate a logger definition version after the logger definition is created, create an [`AWS::Greengrass::LoggerDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-loggerdefinitionversion.html) resource and specify the ID of this logger definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the logger definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the logger definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::LoggerDefinition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.AssetPropertyVariant": { + "AWS::Greengrass::LoggerDefinition.Logger": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", - "title": "BooleanValue", + "Component": { + "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", + "title": "Component", "type": "string" }, - "DoubleValue": { - "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", - "title": "DoubleValue", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "IntegerValue": { - "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", - "title": "IntegerValue", + "Level": { + "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", + "title": "Level", "type": "string" }, - "StringValue": { - "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", - "title": "StringValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.ClearTimer": { - "additionalProperties": false, - "properties": { - "TimerName": { - "markdownDescription": "The name of the timer to clear.", - "title": "TimerName", + "Space": { + "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", + "title": "Space", + "type": "number" + }, + "Type": { + "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", + "title": "Type", "type": "string" } }, "required": [ - "TimerName" + "Component", + "Id", + "Level", + "Type" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.DetectorModelDefinition": { + "AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion": { "additionalProperties": false, "properties": { - "InitialStateName": { - "markdownDescription": "The state that is entered at the creation of each detector (instance).", - "title": "InitialStateName", - "type": "string" - }, - "States": { + "Loggers": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.State" + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.Logger" }, - "markdownDescription": "Information about the states of the detector.", - "title": "States", + "markdownDescription": "The loggers in this version.", + "title": "Loggers", "type": "array" } }, "required": [ - "InitialStateName", - "States" + "Loggers" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.DynamoDB": { + "AWS::Greengrass::LoggerDefinitionVersion": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", - "title": "HashKeyType", - "type": "string" - }, - "HashKeyValue": { - "markdownDescription": "The value of the hash key (also called the partition key).", - "title": "HashKeyValue", + "Condition": { "type": "string" }, - "Operation": { - "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", - "title": "Operation", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "PayloadField": { - "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", - "title": "PayloadField", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RangeKeyField": { - "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", - "title": "RangeKeyField", - "type": "string" + "Metadata": { + "type": "object" }, - "RangeKeyType": { - "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", - "title": "RangeKeyType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "LoggerDefinitionId": { + "markdownDescription": "The ID of the logger definition associated with this version. This value is a GUID.", + "title": "LoggerDefinitionId", + "type": "string" + }, + "Loggers": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinitionVersion.Logger" + }, + "markdownDescription": "The loggers in this version.", + "title": "Loggers", + "type": "array" + } + }, + "required": [ + "LoggerDefinitionId", + "Loggers" + ], + "type": "object" }, - "RangeKeyValue": { - "markdownDescription": "The value of the range key (also called the sort key).", - "title": "RangeKeyValue", + "Type": { + "enum": [ + "AWS::Greengrass::LoggerDefinitionVersion" + ], "type": "string" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", - "title": "TableName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HashKeyField", - "HashKeyValue", - "TableName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.DynamoDBv2": { + "AWS::Greengrass::LoggerDefinitionVersion.Logger": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", + "Component": { + "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", + "title": "Component", "type": "string" - } - }, - "required": [ - "TableName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Event": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" - }, - "markdownDescription": "The actions to be performed.", - "title": "Actions", - "type": "array" }, - "Condition": { - "markdownDescription": "Optional. The Boolean expression that, when TRUE, causes the `actions` to be performed. If not present, the actions are performed (=TRUE). If the expression result is not a Boolean value, the actions are not performed (=FALSE).", - "title": "Condition", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "EventName": { - "markdownDescription": "The name of the event.", - "title": "EventName", - "type": "string" - } - }, - "required": [ - "EventName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Firehose": { - "additionalProperties": false, - "properties": { - "DeliveryStreamName": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", - "title": "DeliveryStreamName", + "Level": { + "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", + "title": "Level", "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", - "title": "Payload" + "Space": { + "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", + "title": "Space", + "type": "number" }, - "Separator": { - "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", + "Type": { + "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", + "title": "Type", "type": "string" } }, "required": [ - "DeliveryStreamName" + "Component", + "Id", + "Level", + "Type" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.IotEvents": { + "AWS::Greengrass::ResourceDefinition": { "additionalProperties": false, "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", - "title": "InputName", + "Condition": { "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", - "title": "Payload" - } - }, - "required": [ - "InputName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.IotSiteWise": { - "additionalProperties": false, - "properties": { - "AssetId": { - "markdownDescription": "The ID of the asset that has the specified property.", - "title": "AssetId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "EntryId": { - "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", - "title": "EntryId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PropertyAlias": { - "markdownDescription": "The alias of the asset property.", - "title": "PropertyAlias", - "type": "string" + "Metadata": { + "type": "object" }, - "PropertyId": { - "markdownDescription": "The ID of the asset property.", - "title": "PropertyId", + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion", + "markdownDescription": "The resource definition version to include when the resource definition is created. A resource definition version contains a list of [`resource instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinition-resourceinstance.html) property types.\n\n> To associate a resource definition version after the resource definition is created, create an [`AWS::Greengrass::ResourceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-resourcedefinitionversion.html) resource and specify the ID of this resource definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the resource definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the resource definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::ResourceDefinition" + ], "type": "string" }, - "PropertyValue": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyValue", - "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", - "title": "PropertyValue" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "PropertyValue" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.IotTopicPublish": { + "AWS::Greengrass::ResourceDefinition.GroupOwnerSetting": { "additionalProperties": false, "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", - "title": "MqttTopic", - "type": "string" + "AutoAddGroupOwner": { + "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", + "title": "AutoAddGroupOwner", + "type": "boolean" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", - "title": "Payload" + "GroupOwner": { + "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", + "title": "GroupOwner", + "type": "string" } }, "required": [ - "MqttTopic" + "AutoAddGroupOwner" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.Lambda": { + "AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function that is executed.", - "title": "FunctionArn", - "type": "string" + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", - "title": "Payload" + "SourcePath": { + "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", + "title": "SourcePath", + "type": "string" } }, "required": [ - "FunctionArn" + "SourcePath" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.OnEnter": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" - }, - "markdownDescription": "Specifies the actions that are performed when the state is entered and the `condition` is `TRUE` .", - "title": "Events", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.OnExit": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" - }, - "markdownDescription": "Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE` .", - "title": "Events", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.OnInput": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" - }, - "markdownDescription": "Specifies the actions performed when the `condition` evaluates to TRUE.", - "title": "Events", - "type": "array" - }, - "TransitionEvents": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.TransitionEvent" - }, - "markdownDescription": "Specifies the actions performed, and the next state entered, when a `condition` evaluates to TRUE.", - "title": "TransitionEvents", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Payload": { + "AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData": { "additionalProperties": false, "properties": { - "ContentExpression": { - "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", - "title": "ContentExpression", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource in the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "Type": { - "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", - "title": "Type", + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" + }, + "SourcePath": { + "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", + "title": "SourcePath", "type": "string" } }, "required": [ - "ContentExpression", - "Type" + "DestinationPath", + "SourcePath" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.ResetTimer": { + "AWS::Greengrass::ResourceDefinition.ResourceDataContainer": { "additionalProperties": false, "properties": { - "TimerName": { - "markdownDescription": "The name of the timer to reset.", - "title": "TimerName", - "type": "string" + "LocalDeviceResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData", + "markdownDescription": "Settings for a local device resource.", + "title": "LocalDeviceResourceData" + }, + "LocalVolumeResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData", + "markdownDescription": "Settings for a local volume resource.", + "title": "LocalVolumeResourceData" + }, + "S3MachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", + "title": "S3MachineLearningModelResourceData" + }, + "SageMakerMachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", + "title": "SageMakerMachineLearningModelResourceData" + }, + "SecretsManagerSecretResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData", + "markdownDescription": "Settings for a secret resource.", + "title": "SecretsManagerSecretResourceData" } }, - "required": [ - "TimerName" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.SetTimer": { + "AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion": { "additionalProperties": false, "properties": { - "DurationExpression": { - "markdownDescription": "The duration of the timer, in seconds. You can use a string expression that includes numbers, variables ( `$variable.` ), and input values ( `$input..` ) as the duration. The range of the duration is 1-31622400 seconds. To ensure accuracy, the minimum duration is 60 seconds. The evaluated result of the duration is rounded down to the nearest whole number.", - "title": "DurationExpression", - "type": "string" - }, - "Seconds": { - "markdownDescription": "The number of seconds until the timer expires. The minimum value is 60 seconds to ensure accuracy. The maximum value is 31622400 seconds.", - "title": "Seconds", - "type": "number" - }, - "TimerName": { - "markdownDescription": "The name of the timer.", - "title": "TimerName", - "type": "string" + "Resources": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceInstance" + }, + "markdownDescription": "The resources in this version.", + "title": "Resources", + "type": "array" } }, "required": [ - "TimerName" + "Resources" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.SetVariable": { + "AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The new value of the variable.", - "title": "Value", + "GroupOwner": { + "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", + "title": "GroupOwner", "type": "string" }, - "VariableName": { - "markdownDescription": "The name of the variable.", - "title": "VariableName", + "GroupPermission": { + "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", + "title": "GroupPermission", "type": "string" } }, "required": [ - "Value", - "VariableName" + "GroupOwner", + "GroupPermission" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.Sns": { + "AWS::Greengrass::ResourceDefinition.ResourceInstance": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", - "title": "Payload" + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" }, - "TargetArn": { - "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", - "title": "TargetArn", + "Name": { + "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", + "title": "Name", "type": "string" + }, + "ResourceDataContainer": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDataContainer", + "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", + "title": "ResourceDataContainer" } }, "required": [ - "TargetArn" + "Id", + "Name", + "ResourceDataContainer" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.Sqs": { + "AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", - "title": "Payload" - }, - "QueueUrl": { - "markdownDescription": "The URL of the SQS queue where the data is written.", - "title": "QueueUrl", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "UseBase64": { - "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", - "title": "UseBase64", - "type": "boolean" + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" + }, + "S3Uri": { + "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", + "title": "S3Uri", + "type": "string" } }, "required": [ - "QueueUrl" + "DestinationPath", + "S3Uri" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.State": { + "AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "OnEnter": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnEnter", - "markdownDescription": "When entering this state, perform these `actions` if the `condition` is TRUE.", - "title": "OnEnter" - }, - "OnExit": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnExit", - "markdownDescription": "When exiting this state, perform these `actions` if the specified `condition` is `TRUE` .", - "title": "OnExit" + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", + "type": "string" }, - "OnInput": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnInput", - "markdownDescription": "When an input is received and the `condition` is TRUE, perform the specified `actions` .", - "title": "OnInput" + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" }, - "StateName": { - "markdownDescription": "The name of the state.", - "title": "StateName", + "SageMakerJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", + "title": "SageMakerJobArn", "type": "string" } }, "required": [ - "StateName" + "DestinationPath", + "SageMakerJobArn" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.TransitionEvent": { + "AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData": { "additionalProperties": false, "properties": { - "Actions": { + "ARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", + "title": "ARN", + "type": "string" + }, + "AdditionalStagingLabelsToDownload": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" + "type": "string" }, - "markdownDescription": "The actions to be performed.", - "title": "Actions", + "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", + "title": "AdditionalStagingLabelsToDownload", "type": "array" - }, - "Condition": { - "markdownDescription": "Required. A Boolean expression that when TRUE causes the actions to be performed and the `nextState` to be entered.", - "title": "Condition", - "type": "string" - }, - "EventName": { - "markdownDescription": "The name of the transition event.", - "title": "EventName", - "type": "string" - }, - "NextState": { - "markdownDescription": "The next state to enter.", - "title": "NextState", - "type": "string" } }, "required": [ - "Condition", - "EventName", - "NextState" + "ARN" ], "type": "object" }, - "AWS::IoTEvents::Input": { + "AWS::Greengrass::ResourceDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -127690,38 +135124,29 @@ "Properties": { "additionalProperties": false, "properties": { - "InputDefinition": { - "$ref": "#/definitions/AWS::IoTEvents::Input.InputDefinition", - "markdownDescription": "The definition of the input.", - "title": "InputDefinition" - }, - "InputDescription": { - "markdownDescription": "A brief description of the input.", - "title": "InputDescription", - "type": "string" - }, - "InputName": { - "markdownDescription": "The name of the input.", - "title": "InputName", + "ResourceDefinitionId": { + "markdownDescription": "The ID of the resource definition associated with this version. This value is a GUID.", + "title": "ResourceDefinitionId", "type": "string" }, - "Tags": { + "Resources": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The resources in this version.", + "title": "Resources", "type": "array" } }, "required": [ - "InputDefinition" + "ResourceDefinitionId", + "Resources" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::Input" + "AWS::Greengrass::ResourceDefinitionVersion" ], "type": "string" }, @@ -127740,48 +135165,229 @@ ], "type": "object" }, - "AWS::IoTEvents::Input.Attribute": { + "AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events ( `BatchPutMessage` ). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors.\n\nSyntax: `....`", - "title": "JsonPath", + "AutoAddGroupOwner": { + "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", + "title": "AutoAddGroupOwner", + "type": "boolean" + }, + "GroupOwner": { + "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", + "title": "GroupOwner", "type": "string" } }, "required": [ - "JsonPath" + "AutoAddGroupOwner" ], "type": "object" }, - "AWS::IoTEvents::Input.InputDefinition": { + "AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::Input.Attribute" - }, - "markdownDescription": "The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage` . Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input.", - "title": "Attributes", - "type": "array" + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" + }, + "SourcePath": { + "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", + "title": "SourcePath", + "type": "string" } }, "required": [ - "Attributes" + "SourcePath" ], "type": "object" }, - "AWS::IoTFleetHub::Application": { + "AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData": { "additionalProperties": false, "properties": { - "Condition": { + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource in the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" + }, + "SourcePath": { + "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", + "title": "SourcePath", + "type": "string" + } + }, + "required": [ + "DestinationPath", + "SourcePath" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer": { + "additionalProperties": false, + "properties": { + "LocalDeviceResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData", + "markdownDescription": "Settings for a local device resource.", + "title": "LocalDeviceResourceData" + }, + "LocalVolumeResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData", + "markdownDescription": "Settings for a local volume resource.", + "title": "LocalVolumeResourceData" + }, + "S3MachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", + "title": "S3MachineLearningModelResourceData" + }, + "SageMakerMachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", + "title": "SageMakerMachineLearningModelResourceData" + }, + "SecretsManagerSecretResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData", + "markdownDescription": "Settings for a secret resource.", + "title": "SecretsManagerSecretResourceData" + } + }, + "type": "object" + }, + "AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting": { + "additionalProperties": false, + "properties": { + "GroupOwner": { + "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", + "title": "GroupOwner", + "type": "string" + }, + "GroupPermission": { + "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", + "title": "GroupPermission", + "type": "string" + } + }, + "required": [ + "GroupOwner", + "GroupPermission" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", + "title": "Name", + "type": "string" + }, + "ResourceDataContainer": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer", + "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", + "title": "ResourceDataContainer" + } + }, + "required": [ + "Id", + "Name", + "ResourceDataContainer" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData": { + "additionalProperties": false, + "properties": { + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", + "type": "string" + }, + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" + }, + "S3Uri": { + "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "DestinationPath", + "S3Uri" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData": { + "additionalProperties": false, + "properties": { + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", + "type": "string" + }, + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" + }, + "SageMakerJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", + "title": "SageMakerJobArn", + "type": "string" + } + }, + "required": [ + "DestinationPath", + "SageMakerJobArn" + ], + "type": "object" + }, + "AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData": { + "additionalProperties": false, + "properties": { + "ARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", + "title": "ARN", + "type": "string" + }, + "AdditionalStagingLabelsToDownload": { + "items": { + "type": "string" + }, + "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", + "title": "AdditionalStagingLabelsToDownload", + "type": "array" + } + }, + "required": [ + "ARN" + ], + "type": "object" + }, + "AWS::Greengrass::SubscriptionDefinition": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" ], "type": "string" }, @@ -127806,39 +135412,30 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationDescription": { - "markdownDescription": "An optional description of the web application.", - "title": "ApplicationDescription", - "type": "string" - }, - "ApplicationName": { - "markdownDescription": "The name of the web application.", - "title": "ApplicationName", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion", + "markdownDescription": "The subscription definition version to include when the subscription definition is created. A subscription definition version contains a list of [`subscription`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-subscriptiondefinition-subscription.html) property types.\n\n> To associate a subscription definition version after the subscription definition is created, create an [`AWS::Greengrass::SubscriptionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-subscriptiondefinitionversion.html) resource and specify the ID of this subscription definition.", + "title": "InitialVersion" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core .\n\n> The name of the role must be in the form `FleetHub_random_string` . \n\nPattern: `^arn:[!-~]+$`", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name of the subscription definition.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A set of key/value pairs that you can use to manage the web application resource.", + "markdownDescription": "Application-specific metadata to attach to the subscription definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "ApplicationName", - "RoleArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetHub::Application" + "AWS::Greengrass::SubscriptionDefinition" ], "type": "string" }, @@ -127857,7 +135454,56 @@ ], "type": "object" }, - "AWS::IoTFleetWise::Campaign": { + "AWS::Greengrass::SubscriptionDefinition.Subscription": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "Source": { + "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Source", + "type": "string" + }, + "Subject": { + "markdownDescription": "The MQTT topic used to route the message.", + "title": "Subject", + "type": "string" + }, + "Target": { + "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Id", + "Source", + "Subject", + "Target" + ], + "type": "object" + }, + "AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion": { + "additionalProperties": false, + "properties": { + "Subscriptions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.Subscription" + }, + "markdownDescription": "The subscriptions in this version.", + "title": "Subscriptions", + "type": "array" + } + }, + "required": [ + "Subscriptions" + ], + "type": "object" + }, + "AWS::Greengrass::SubscriptionDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -127892,116 +135538,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies how to update a campaign. The action can be one of the following:\n\n- `APPROVE` - To approve delivering a data collection scheme to vehicles.\n- `SUSPEND` - To suspend collecting signal data. The campaign is deleted from vehicles and all vehicles in the suspended campaign will stop sending data.\n- `RESUME` - To reactivate the `SUSPEND` campaign. The campaign is redeployed to all vehicles and the vehicles will resume sending data.\n- `UPDATE` - To update a campaign.", - "title": "Action", - "type": "string" - }, - "CollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.CollectionScheme", - "markdownDescription": "The data collection scheme associated with the campaign. You can specify a scheme that collects data based on time or an event.", - "title": "CollectionScheme" - }, - "Compression": { - "markdownDescription": "Whether to compress signals before transmitting data to AWS IoT FleetWise . If you don't want to compress the signals, use `OFF` . If it's not specified, `SNAPPY` is used.\n\nDefault: `SNAPPY`", - "title": "Compression", - "type": "string" - }, - "DataDestinationConfigs": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataDestinationConfig" - }, - "markdownDescription": "The destination where the campaign sends data. You can choose to send data to be stored in Amazon S3 or Amazon Timestream .\n\nAmazon S3 optimizes the cost of data storage and provides additional mechanisms to use vehicle data, such as data lakes, centralized data storage, data processing pipelines, and analytics. AWS IoT FleetWise supports at-least-once file delivery to S3. Your vehicle data is stored on multiple AWS IoT FleetWise servers for redundancy and high availability.\n\nYou can use Amazon Timestream to access and analyze time series data, and Timestream to query vehicle data so that you can identify trends and patterns.", - "title": "DataDestinationConfigs", - "type": "array" - }, - "DataExtraDimensions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of vehicle attributes to associate with a campaign.\n\nEnrich the data with specified vehicle attributes. For example, add `make` and `model` to the campaign, and AWS IoT FleetWise will associate the data with those attributes as dimensions in Amazon Timestream . You can then query the data against `make` and `model` .\n\nDefault: An empty array", - "title": "DataExtraDimensions", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the campaign.", - "title": "Description", - "type": "string" - }, - "DiagnosticsMode": { - "markdownDescription": "Option for a vehicle to send diagnostic trouble codes to AWS IoT FleetWise . If you want to send diagnostic trouble codes, use `SEND_ACTIVE_DTCS` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", - "title": "DiagnosticsMode", - "type": "string" - }, - "ExpiryTime": { - "markdownDescription": "The time the campaign expires, in seconds since epoch (January 1, 1970 at midnight UTC time). Vehicle data isn't collected after the campaign expires.\n\nDefault: 253402214400 (December 31, 9999, 00:00:00 UTC)", - "title": "ExpiryTime", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a campaign.", - "title": "Name", - "type": "string" - }, - "PostTriggerCollectionDuration": { - "markdownDescription": "How long (in milliseconds) to collect raw data after a triggering event initiates the collection. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "PostTriggerCollectionDuration", - "type": "number" - }, - "Priority": { - "markdownDescription": "A number indicating the priority of one campaign over another campaign for a certain vehicle or fleet. A campaign with the lowest value is deployed to vehicles before any other campaigns. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "Priority", - "type": "number" - }, - "SignalCatalogArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the campaign.", - "title": "SignalCatalogArn", - "type": "string" - }, - "SignalsToCollect": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalInformation" - }, - "markdownDescription": "A list of information about signals to collect.", - "title": "SignalsToCollect", - "type": "array" - }, - "SpoolingMode": { - "markdownDescription": "Whether to store collected data after a vehicle lost a connection with the cloud. After a connection is re-established, the data is automatically forwarded to AWS IoT FleetWise . If you want to store collected data when a vehicle loses connection with the cloud, use `TO_DISK` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", - "title": "SpoolingMode", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The time, in milliseconds, to deliver a campaign after it was approved. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "StartTime", + "SubscriptionDefinitionId": { + "markdownDescription": "The ID of the subscription definition associated with this version. This value is a GUID.", + "title": "SubscriptionDefinitionId", "type": "string" }, - "Tags": { + "Subscriptions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinitionVersion.Subscription" }, - "markdownDescription": "Metadata that can be used to manage the campaign.", - "title": "Tags", + "markdownDescription": "The subscriptions in this version.", + "title": "Subscriptions", "type": "array" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle or fleet to which the campaign is deployed.", - "title": "TargetArn", - "type": "string" } }, "required": [ - "Action", - "CollectionScheme", - "Name", - "SignalCatalogArn", - "TargetArn" + "SubscriptionDefinitionId", + "Subscriptions" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Campaign" + "AWS::Greengrass::SubscriptionDefinitionVersion" ], "type": "string" }, @@ -128020,155 +135579,39 @@ ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.CollectionScheme": { - "additionalProperties": false, - "properties": { - "ConditionBasedCollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme", - "markdownDescription": "Information about a collection scheme that uses a simple logical expression to recognize what data to collect.", - "title": "ConditionBasedCollectionScheme" - }, - "TimeBasedCollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme", - "markdownDescription": "Information about a collection scheme that uses a time period to decide how often to collect data.", - "title": "TimeBasedCollectionScheme" - } - }, - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme": { - "additionalProperties": false, - "properties": { - "ConditionLanguageVersion": { - "markdownDescription": "Specifies the version of the conditional expression language.", - "title": "ConditionLanguageVersion", - "type": "number" - }, - "Expression": { - "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.Vehicle.OutsideAirTemperature >= 105.0` .", - "title": "Expression", - "type": "string" - }, - "MinimumTriggerIntervalMs": { - "markdownDescription": "The minimum duration of time between two triggering events to collect data, in milliseconds.\n\n> If a signal changes often, you might want to collect data at a slower rate.", - "title": "MinimumTriggerIntervalMs", - "type": "number" - }, - "TriggerMode": { - "markdownDescription": "Whether to collect data for all triggering events ( `ALWAYS` ). Specify ( `RISING_EDGE` ), or specify only when the condition first evaluates to false. For example, triggering on \"AirbagDeployed\"; Users aren't interested on triggering when the airbag is already exploded; they only care about the change from not deployed => deployed.", - "title": "TriggerMode", - "type": "string" - } - }, - "required": [ - "Expression" - ], - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.DataDestinationConfig": { - "additionalProperties": false, - "properties": { - "S3Config": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.S3Config", - "markdownDescription": "The Amazon S3 bucket where the AWS IoT FleetWise campaign sends data.", - "title": "S3Config" - }, - "TimestreamConfig": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimestreamConfig", - "markdownDescription": "The Amazon Timestream table where the campaign sends data.", - "title": "TimestreamConfig" - } - }, - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.S3Config": { + "AWS::Greengrass::SubscriptionDefinitionVersion.Subscription": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket.", - "title": "BucketArn", - "type": "string" - }, - "DataFormat": { - "markdownDescription": "Specify the format that files are saved in the Amazon S3 bucket. You can save files in an Apache Parquet or JSON format.\n\n- Parquet - Store data in a columnar storage file format. Parquet is optimal for fast data retrieval and can reduce costs. This option is selected by default.\n- JSON - Store data in a standard text-based JSON file format.", - "title": "DataFormat", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Enter an S3 bucket prefix. The prefix is the string of characters after the bucket name and before the object name. You can use the prefix to organize data stored in Amazon S3 buckets. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .\n\nBy default, AWS IoT FleetWise sets the prefix `processed-data/year=YY/month=MM/date=DD/hour=HH/` (in UTC) to data it delivers to Amazon S3 . You can enter a prefix to append it to this default prefix. For example, if you enter the prefix `vehicles` , the prefix will be `vehicles/processed-data/year=YY/month=MM/date=DD/hour=HH/` .", - "title": "Prefix", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "StorageCompressionFormat": { - "markdownDescription": "By default, stored data is compressed as a .gzip file. Compressed files have a reduced file size, which can optimize the cost of data storage.", - "title": "StorageCompressionFormat", + "Source": { + "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Source", "type": "string" - } - }, - "required": [ - "BucketArn" - ], - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.SignalInformation": { - "additionalProperties": false, - "properties": { - "MaxSampleCount": { - "markdownDescription": "The maximum number of samples to collect.", - "title": "MaxSampleCount", - "type": "number" - }, - "MinimumSamplingIntervalMs": { - "markdownDescription": "The minimum duration of time (in milliseconds) between two triggering events to collect data.\n\n> If a signal changes often, you might want to collect data at a slower rate.", - "title": "MinimumSamplingIntervalMs", - "type": "number" }, - "Name": { - "markdownDescription": "The name of the signal.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme": { - "additionalProperties": false, - "properties": { - "PeriodMs": { - "markdownDescription": "The time period (in milliseconds) to decide how often to collect data. For example, if the time period is `60000` , the Edge Agent software collects data once every minute.", - "title": "PeriodMs", - "type": "number" - } - }, - "required": [ - "PeriodMs" - ], - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.TimestreamConfig": { - "additionalProperties": false, - "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants AWS IoT FleetWise permission to deliver data to the Amazon Timestream table.", - "title": "ExecutionRoleArn", + "Subject": { + "markdownDescription": "The MQTT topic used to route the message.", + "title": "Subject", "type": "string" }, - "TimestreamTableArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Timestream table.", - "title": "TimestreamTableArn", + "Target": { + "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Target", "type": "string" } }, "required": [ - "ExecutionRoleArn", - "TimestreamTableArn" + "Id", + "Source", + "Subject", + "Target" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest": { + "AWS::GreengrassV2::ComponentVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -128203,60 +135646,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the decoder manifest.", - "title": "Description", - "type": "string" - }, - "ModelManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle model (model manifest) associated with the decoder manifest.", - "title": "ModelManifestArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the decoder manifest.", - "title": "Name", + "InlineRecipe": { + "markdownDescription": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", + "title": "InlineRecipe", "type": "string" }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems" - }, - "markdownDescription": "A list of information about available network interfaces.", - "title": "NetworkInterfaces", - "type": "array" - }, - "SignalDecoders": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems" - }, - "markdownDescription": "A list of information about signal decoders.", - "title": "SignalDecoders", - "type": "array" - }, - "Status": { - "markdownDescription": "The state of the decoder manifest. If the status is `ACTIVE` , the decoder manifest can't be edited. If the status is marked `DRAFT` , you can edit the decoder manifest.", - "title": "Status", - "type": "string" + "LambdaFunction": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource", + "markdownDescription": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", + "title": "LambdaFunction" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Metadata that can be used to manage the decoder manifest.", "title": "Tags", - "type": "array" + "type": "object" } }, - "required": [ - "ModelManifestArn", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::DecoderManifest" + "AWS::GreengrassV2::ComponentVersion" ], "type": "string" }, @@ -128270,244 +135686,278 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.CanInterface": { + "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The unique name of the interface.", - "title": "Name", - "type": "string" - }, - "ProtocolName": { - "markdownDescription": "The name of the communication protocol for the interface.", - "title": "ProtocolName", + "DependencyType": { + "markdownDescription": "The type of this dependency. Choose from the following options:\n\n- `SOFT` \u2013 The component doesn't restart if the dependency changes state.\n- `HARD` \u2013 The component restarts if the dependency changes state.\n\nDefault: `HARD`", + "title": "DependencyType", "type": "string" }, - "ProtocolVersion": { - "markdownDescription": "The version of the communication protocol for the interface.", - "title": "ProtocolVersion", + "VersionRequirement": { + "markdownDescription": "The component version requirement for the component dependency.\n\nAWS IoT Greengrass uses semantic version constraints. For more information, see [Semantic Versioning](https://docs.aws.amazon.com/https://semver.org/) .", + "title": "VersionRequirement", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.CanSignal": { + "AWS::GreengrassV2::ComponentVersion.ComponentPlatform": { "additionalProperties": false, "properties": { - "Factor": { - "markdownDescription": "A multiplier used to decode the CAN message.", - "title": "Factor", - "type": "string" - }, - "IsBigEndian": { - "markdownDescription": "Whether the byte ordering of a CAN message is big-endian.", - "title": "IsBigEndian", - "type": "string" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" }, - "IsSigned": { - "markdownDescription": "Whether the message data is specified as a signed value.", - "title": "IsSigned", + "Name": { + "markdownDescription": "The friendly name of the platform. This name helps you identify the platform.\n\nIf you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform.", + "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::ComponentVersion.LambdaContainerParams": { + "additionalProperties": false, + "properties": { + "Devices": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount" + }, + "markdownDescription": "The list of system devices that the container can access.", + "title": "Devices", + "type": "array" }, - "Length": { - "markdownDescription": "How many bytes of data are in the message.", - "title": "Length", - "type": "string" + "MemorySizeInKB": { + "markdownDescription": "The memory size of the container, expressed in kilobytes.\n\nDefault: `16384` (16 MB)", + "title": "MemorySizeInKB", + "type": "number" }, - "MessageId": { - "markdownDescription": "The ID of the message.", - "title": "MessageId", - "type": "string" + "MountROSysfs": { + "markdownDescription": "Whether or not the container can read information from the device's `/sys` folder.\n\nDefault: `false`", + "title": "MountROSysfs", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the signal.", - "title": "Name", - "type": "string" + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount" + }, + "markdownDescription": "The list of volumes that the container can access.", + "title": "Volumes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount": { + "additionalProperties": false, + "properties": { + "AddGroupOwner": { + "markdownDescription": "Whether or not to add the component's system user as an owner of the device.\n\nDefault: `false`", + "title": "AddGroupOwner", + "type": "boolean" }, - "Offset": { - "markdownDescription": "The offset used to calculate the signal value. Combined with factor, the calculation is `value = raw_value * factor + offset` .", - "title": "Offset", + "Path": { + "markdownDescription": "The mount path for the device in the file system.", + "title": "Path", "type": "string" }, - "StartBit": { - "markdownDescription": "Indicates the beginning of the CAN message.", - "title": "StartBit", + "Permission": { + "markdownDescription": "The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", + "title": "Permission", "type": "string" } }, - "required": [ - "Factor", - "IsBigEndian", - "IsSigned", - "Length", - "MessageId", - "Offset", - "StartBit" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems": { + "AWS::GreengrassV2::ComponentVersion.LambdaEventSource": { "additionalProperties": false, "properties": { - "CanInterface": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanInterface" - }, - "InterfaceId": { + "Topic": { + "markdownDescription": "The topic to which to subscribe to receive event messages.", + "title": "Topic", "type": "string" }, - "ObdInterface": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdInterface" - }, "Type": { + "markdownDescription": "The type of event source. Choose from the following options:\n\n- `PUB_SUB` \u2013 Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic.\n- `IOT_CORE` \u2013 Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic.", + "title": "Type", "type": "string" } }, - "required": [ - "InterfaceId", - "Type" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.ObdInterface": { + "AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters": { "additionalProperties": false, "properties": { - "DtcRequestIntervalSeconds": { - "markdownDescription": "The maximum number message requests per diagnostic trouble code per second.", - "title": "DtcRequestIntervalSeconds", - "type": "string" + "EnvironmentVariables": { + "additionalProperties": true, + "markdownDescription": "The map of environment variables that are available to the Lambda function when it runs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "EnvironmentVariables", + "type": "object" }, - "HasTransmissionEcu": { - "markdownDescription": "Whether the vehicle has a transmission control module (TCM).", - "title": "HasTransmissionEcu", - "type": "string" + "EventSources": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaEventSource" + }, + "markdownDescription": "The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages.", + "title": "EventSources", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the interface.", - "title": "Name", - "type": "string" + "ExecArgs": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of arguments to pass to the Lambda function when it runs.", + "title": "ExecArgs", + "type": "array" }, - "ObdStandard": { - "markdownDescription": "The standard OBD II PID.", - "title": "ObdStandard", + "InputPayloadEncodingType": { + "markdownDescription": "The encoding type that the Lambda function supports.\n\nDefault: `json`", + "title": "InputPayloadEncodingType", "type": "string" }, - "PidRequestIntervalSeconds": { - "markdownDescription": "The maximum number message requests per second.", - "title": "PidRequestIntervalSeconds", - "type": "string" + "LinuxProcessParams": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams", + "markdownDescription": "The parameters for the Linux process that contains the Lambda function.", + "title": "LinuxProcessParams" }, - "RequestMessageId": { - "markdownDescription": "The ID of the message requesting vehicle data.", - "title": "RequestMessageId", - "type": "string" + "MaxIdleTimeInSeconds": { + "markdownDescription": "The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process.", + "title": "MaxIdleTimeInSeconds", + "type": "number" }, - "UseExtendedIds": { - "markdownDescription": "Whether to use extended IDs in the message.", - "title": "UseExtendedIds", - "type": "string" + "MaxInstancesCount": { + "markdownDescription": "The maximum number of instances that a non-pinned Lambda function can run at the same time.", + "title": "MaxInstancesCount", + "type": "number" + }, + "MaxQueueSize": { + "markdownDescription": "The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message.", + "title": "MaxQueueSize", + "type": "number" + }, + "Pinned": { + "markdownDescription": "Whether or not the Lambda function is pinned, or long-lived.\n\n- A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container.\n- A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function.\n\nDefault: `true`", + "title": "Pinned", + "type": "boolean" + }, + "StatusTimeoutInSeconds": { + "markdownDescription": "The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component.", + "title": "StatusTimeoutInSeconds", + "type": "number" + }, + "TimeoutInSeconds": { + "markdownDescription": "The maximum amount of time in seconds that the Lambda function can process a work item.", + "title": "TimeoutInSeconds", + "type": "number" } }, - "required": [ - "Name", - "RequestMessageId" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.ObdSignal": { + "AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource": { "additionalProperties": false, "properties": { - "BitMaskLength": { - "markdownDescription": "The number of bits to mask in a message.", - "title": "BitMaskLength", - "type": "string" - }, - "BitRightShift": { - "markdownDescription": "The number of positions to shift bits in the message.", - "title": "BitRightShift", - "type": "string" - }, - "ByteLength": { - "markdownDescription": "The length of a message.", - "title": "ByteLength", - "type": "string" + "ComponentDependencies": { + "additionalProperties": false, + "markdownDescription": "The component versions on which this Lambda function component depends.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement" + } + }, + "title": "ComponentDependencies", + "type": "object" }, - "Offset": { - "markdownDescription": "The offset used to calculate the signal value. Combined with scaling, the calculation is `value = raw_value * scaling + offset` .", - "title": "Offset", - "type": "string" + "ComponentLambdaParameters": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters", + "markdownDescription": "The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device.", + "title": "ComponentLambdaParameters" }, - "Pid": { - "markdownDescription": "The diagnostic code used to request data from a vehicle for this signal.", - "title": "Pid", + "ComponentName": { + "markdownDescription": "The name of the component.\n\nDefaults to the name of the Lambda function.", + "title": "ComponentName", "type": "string" }, - "PidResponseLength": { - "markdownDescription": "The length of the requested data.", - "title": "PidResponseLength", - "type": "string" + "ComponentPlatforms": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentPlatform" + }, + "markdownDescription": "The platforms that the component version supports.", + "title": "ComponentPlatforms", + "type": "array" }, - "Scaling": { - "markdownDescription": "A multiplier used to decode the message.", - "title": "Scaling", + "ComponentVersion": { + "markdownDescription": "The version of the component.\n\nDefaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` .", + "title": "ComponentVersion", "type": "string" }, - "ServiceMode": { - "markdownDescription": "The mode of operation (diagnostic service) in a message.", - "title": "ServiceMode", + "LambdaArn": { + "markdownDescription": "The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` .", + "title": "LambdaArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams": { + "additionalProperties": false, + "properties": { + "ContainerParams": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaContainerParams", + "markdownDescription": "The parameters for the container in which the Lambda function runs.", + "title": "ContainerParams" }, - "StartByte": { - "markdownDescription": "Indicates the beginning of the message.", - "title": "StartByte", + "IsolationMode": { + "markdownDescription": "The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container.\n\nDefault: `GreengrassContainer`", + "title": "IsolationMode", "type": "string" } }, - "required": [ - "ByteLength", - "Offset", - "Pid", - "PidResponseLength", - "Scaling", - "ServiceMode", - "StartByte" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems": { + "AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount": { "additionalProperties": false, "properties": { - "CanSignal": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanSignal" + "AddGroupOwner": { + "markdownDescription": "Whether or not to add the AWS IoT Greengrass user group as an owner of the volume.\n\nDefault: `false`", + "title": "AddGroupOwner", + "type": "boolean" }, - "FullyQualifiedName": { + "DestinationPath": { + "markdownDescription": "The path to the logical volume in the file system.", + "title": "DestinationPath", "type": "string" }, - "InterfaceId": { + "Permission": { + "markdownDescription": "The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", + "title": "Permission", "type": "string" }, - "ObdSignal": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdSignal" - }, - "Type": { + "SourcePath": { + "markdownDescription": "The path to the physical volume in the file system.", + "title": "SourcePath", "type": "string" } }, - "required": [ - "FullyQualifiedName", - "InterfaceId", - "Type" - ], "type": "object" }, - "AWS::IoTFleetWise::Fleet": { + "AWS::GreengrassV2::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -128542,39 +135992,62 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the fleet.", - "title": "Description", - "type": "string" + "Components": { + "additionalProperties": false, + "markdownDescription": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification" + } + }, + "title": "Components", + "type": "object" }, - "Id": { - "markdownDescription": "The unique ID of the fleet.", - "title": "Id", + "DeploymentName": { + "markdownDescription": "The name of the deployment.", + "title": "DeploymentName", "type": "string" }, - "SignalCatalogArn": { - "markdownDescription": "The ARN of the signal catalog associated with the fleet.", - "title": "SignalCatalogArn", + "DeploymentPolicies": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentPolicies", + "markdownDescription": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure.", + "title": "DeploymentPolicies" + }, + "IotJobConfiguration": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration", + "markdownDescription": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration.", + "title": "IotJobConfiguration" + }, + "ParentTargetArn": { + "markdownDescription": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment.", + "title": "ParentTargetArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Metadata that can be used to manage the fleet.", "title": "Tags", - "type": "array" + "type": "object" + }, + "TargetArn": { + "markdownDescription": "The ARN of the target AWS IoT thing or thing group.", + "title": "TargetArn", + "type": "string" } }, "required": [ - "Id", - "SignalCatalogArn" + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Fleet" + "AWS::GreengrassV2::Deployment" ], "type": "string" }, @@ -128593,430 +136066,271 @@ ], "type": "object" }, - "AWS::IoTFleetWise::ModelManifest": { + "AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate": { "additionalProperties": false, "properties": { - "Condition": { + "Merge": { + "markdownDescription": "A serialized JSON string that contains the configuration object to merge to target devices. The core device merges this configuration with the component's existing configuration. If this is the first time a component deploys on a device, the core device merges this configuration with the component's default configuration. This means that the core device keeps it's existing configuration for keys and values that you don't specify in this object. For more information, see [Merge configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#merge-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "Merge", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Reset": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of configuration nodes to reset to default values on target devices. Use JSON pointers to specify each node to reset. JSON pointers start with a forward slash ( `/` ) and use forward slashes to separate the key for each level in the object. For more information, see the [JSON pointer specification](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) and [Reset configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#reset-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "Reset", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification": { + "additionalProperties": false, + "properties": { + "ComponentVersion": { + "markdownDescription": "The version of the component.", + "title": "ComponentVersion", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A brief description of the vehicle model.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the vehicle model.", - "title": "Name", - "type": "string" - }, - "Nodes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of nodes, which are a general abstraction of signals.", - "title": "Nodes", - "type": "array" - }, - "SignalCatalogArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the vehicle model.", - "title": "SignalCatalogArn", - "type": "string" - }, - "Status": { - "markdownDescription": "The state of the vehicle model. If the status is `ACTIVE` , the vehicle model can't be edited. If the status is `DRAFT` , you can edit the vehicle model.", - "title": "Status", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the vehicle model.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name", - "SignalCatalogArn" - ], - "type": "object" + "ConfigurationUpdate": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate", + "markdownDescription": "The configuration updates to deploy for the component. You can define reset updates and merge updates. A reset updates the keys that you specify to the default configuration for the component. A merge updates the core device's component configuration with the keys and values that you specify. The AWS IoT Greengrass Core software applies reset updates before it applies merge updates. For more information, see [Update component configuration](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) .", + "title": "ConfigurationUpdate" }, - "Type": { - "enum": [ - "AWS::IoTFleetWise::ModelManifest" - ], + "RunWith": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentRunWith", + "markdownDescription": "The system user and group that the software uses to run component processes on the core device. If you omit this parameter, the software uses the system user and group that you configure for the core device. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "RunWith" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.ComponentRunWith": { + "additionalProperties": false, + "properties": { + "PosixUser": { + "markdownDescription": "The POSIX system user and (optional) group to use to run this component. Specify the user and group separated by a colon ( `:` ) in the following format: `user:group` . The group is optional. If you don't specify a group, the AWS IoT Greengrass Core software uses the primary user for the group.", + "title": "PosixUser", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SystemResourceLimits": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.SystemResourceLimits", + "markdownDescription": "The system resource limits to apply to this component's process on the core device. AWS IoT Greengrass supports this feature only on Linux core devices.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default system resource limits that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", + "title": "SystemResourceLimits" + }, + "WindowsUser": { + "markdownDescription": "The Windows user to use to run this component on Windows core devices. The user must exist on each Windows core device, and its name and password must be in the LocalSystem account's Credentials Manager instance.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default Windows user that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) .", + "title": "WindowsUser", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog": { + "AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Action": { + "markdownDescription": "Whether or not to notify components and wait for components to become safe to update. Choose from the following options:\n\n- `NOTIFY_COMPONENTS` \u2013 The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n- `SKIP_NOTIFY_COMPONENTS` \u2013 The deployment doesn't notify components or wait for them to be safe to update.\n\nDefault: `NOTIFY_COMPONENTS`", + "title": "Action", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device.\n\nDefault: `60`", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy": { + "additionalProperties": false, + "properties": { + "TimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device.\n\nDefault: `30`", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration": { + "additionalProperties": false, + "properties": { + "AbortConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortConfig", + "markdownDescription": "The stop configuration for the job. This configuration defines when and how to stop a job rollout.", + "title": "AbortConfig" }, - "Metadata": { - "type": "object" + "JobExecutionsRolloutConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig", + "markdownDescription": "The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices.", + "title": "JobExecutionsRolloutConfig" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A brief description of the signal catalog.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the signal catalog.", - "title": "Name", - "type": "string" - }, - "NodeCounts": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.NodeCounts", - "markdownDescription": "Information about the number of nodes and node types in a vehicle network.", - "title": "NodeCounts" - }, - "Nodes": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Node" - }, - "markdownDescription": "A list of information about nodes, which are a general abstraction of signals.", - "title": "Nodes", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the signal catalog.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "TimeoutConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig", + "markdownDescription": "The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job.", + "title": "TimeoutConfig" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentPolicies": { + "additionalProperties": false, + "properties": { + "ComponentUpdatePolicy": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy", + "markdownDescription": "The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices.", + "title": "ComponentUpdatePolicy" }, - "Type": { - "enum": [ - "AWS::IoTFleetWise::SignalCatalog" - ], - "type": "string" + "ConfigurationValidationPolicy": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy", + "markdownDescription": "The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates.", + "title": "ConfigurationValidationPolicy" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FailureHandlingPolicy": { + "markdownDescription": "The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails.\n\nDefault: `ROLLBACK`", + "title": "FailureHandlingPolicy", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Actuator": { + "AWS::GreengrassV2::Deployment.IoTJobAbortConfig": { "additionalProperties": false, "properties": { - "AllowedValues": { + "CriteriaList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortCriteria" }, - "markdownDescription": "A list of possible values an actuator can take.", - "title": "AllowedValues", + "markdownDescription": "The list of criteria that define when and how to cancel the configuration deployment.", + "title": "CriteriaList", "type": "array" - }, - "AssignedValue": { - "markdownDescription": "A specified value for the actuator.", - "title": "AssignedValue", - "type": "string" - }, - "DataType": { - "markdownDescription": "The specified data type of the actuator.", - "title": "DataType", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of the actuator.", - "title": "Description", - "type": "string" - }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the actuator. For example, the fully qualified name of an actuator might be `Vehicle.Front.Left.Door.Lock` .", - "title": "FullyQualifiedName", - "type": "string" - }, - "Max": { - "markdownDescription": "The specified possible maximum value of an actuator.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The specified possible minimum value of an actuator.", - "title": "Min", - "type": "number" - }, - "Unit": { - "markdownDescription": "The scientific unit for the actuator.", - "title": "Unit", - "type": "string" } }, "required": [ - "DataType", - "FullyQualifiedName" + "CriteriaList" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Attribute": { + "AWS::GreengrassV2::Deployment.IoTJobAbortCriteria": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values an attribute can be assigned.", - "title": "AllowedValues", - "type": "array" - }, - "AssignedValue": { - "markdownDescription": "A specified value for the attribute.", - "title": "AssignedValue", - "type": "string" - }, - "DataType": { - "markdownDescription": "The specified data type of the attribute.", - "title": "DataType", - "type": "string" - }, - "DefaultValue": { - "markdownDescription": "The default value of the attribute.", - "title": "DefaultValue", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of the attribute.", - "title": "Description", + "Action": { + "markdownDescription": "The action to perform when the criteria are met.", + "title": "Action", "type": "string" }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the attribute. For example, the fully qualified name of an attribute might be `Vehicle.Body.Engine.Type` .", - "title": "FullyQualifiedName", + "FailureType": { + "markdownDescription": "The type of job deployment failure that can cancel a job.", + "title": "FailureType", "type": "string" }, - "Max": { - "markdownDescription": "The specified possible maximum value of the attribute.", - "title": "Max", + "MinNumberOfExecutedThings": { + "markdownDescription": "The minimum number of things that receive the configuration before the job can cancel.", + "title": "MinNumberOfExecutedThings", "type": "number" }, - "Min": { - "markdownDescription": "The specified possible minimum value of the attribute.", - "title": "Min", + "ThresholdPercentage": { + "markdownDescription": "The minimum percentage of `failureType` failures that occur before the job can cancel.\n\nThis parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` ).", + "title": "ThresholdPercentage", "type": "number" - }, - "Unit": { - "markdownDescription": "The scientific unit for the attribute.", - "title": "Unit", - "type": "string" } }, "required": [ - "DataType", - "FullyQualifiedName" + "Action", + "FailureType", + "MinNumberOfExecutedThings", + "ThresholdPercentage" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Branch": { + "AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the branch.", - "title": "Description", - "type": "string" + "ExponentialRate": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate", + "markdownDescription": "The exponential rate to increase the job rollout rate.", + "title": "ExponentialRate" }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the branch. For example, the fully qualified name of a branch might be `Vehicle.Body.Engine` .", - "title": "FullyQualifiedName", - "type": "string" + "MaximumPerMinute": { + "markdownDescription": "The maximum number of devices that receive a pending job notification, per minute.", + "title": "MaximumPerMinute", + "type": "number" } }, - "required": [ - "FullyQualifiedName" - ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Node": { + "AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate": { "additionalProperties": false, "properties": { - "Actuator": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Actuator", - "markdownDescription": "Information about a node specified as an actuator.\n\n> An actuator is a digital representation of a vehicle device.", - "title": "Actuator" - }, - "Attribute": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Attribute", - "markdownDescription": "Information about a node specified as an attribute.\n\n> An attribute represents static information about a vehicle.", - "title": "Attribute" + "BaseRatePerMinute": { + "markdownDescription": "The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job.", + "title": "BaseRatePerMinute", + "type": "number" }, - "Branch": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Branch", - "markdownDescription": "Information about a node specified as a branch.\n\n> A group of signals that are defined in a hierarchical structure.", - "title": "Branch" + "IncrementFactor": { + "markdownDescription": "The exponential factor to increase the rollout rate for the job.\n\nThis parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` ).", + "title": "IncrementFactor", + "type": "number" }, - "Sensor": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Sensor", - "markdownDescription": "An input component that reports the environmental condition of a vehicle.\n\n> You can collect data about fluid levels, temperatures, vibrations, or battery voltage from sensors.", - "title": "Sensor" + "RateIncreaseCriteria": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria", + "markdownDescription": "The criteria to increase the rollout rate for the job.", + "title": "RateIncreaseCriteria" } }, + "required": [ + "BaseRatePerMinute", + "IncrementFactor", + "RateIncreaseCriteria" + ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.NodeCounts": { + "AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria": { "additionalProperties": false, "properties": { - "TotalActuators": { - "markdownDescription": "The total number of nodes in a vehicle network that represent actuators.", - "title": "TotalActuators", - "type": "number" - }, - "TotalAttributes": { - "markdownDescription": "The total number of nodes in a vehicle network that represent attributes.", - "title": "TotalAttributes", - "type": "number" - }, - "TotalBranches": { - "markdownDescription": "The total number of nodes in a vehicle network that represent branches.", - "title": "TotalBranches", + "NumberOfNotifiedThings": { + "markdownDescription": "The number of devices to receive the job notification before the rollout rate increases.", + "title": "NumberOfNotifiedThings", "type": "number" }, - "TotalNodes": { - "markdownDescription": "The total number of nodes in a vehicle network.", - "title": "TotalNodes", + "NumberOfSucceededThings": { + "markdownDescription": "The number of devices to successfully run the configuration job before the rollout rate increases.", + "title": "NumberOfSucceededThings", "type": "number" - }, - "TotalSensors": { - "markdownDescription": "The total number of nodes in a vehicle network that represent sensors.", - "title": "TotalSensors", + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig": { + "additionalProperties": false, + "properties": { + "InProgressTimeoutInMinutes": { + "markdownDescription": "The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` .\n\nThe timeout interval must be between 1 minute and 7 days (10080 minutes).", + "title": "InProgressTimeoutInMinutes", "type": "number" } }, "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Sensor": { + "AWS::GreengrassV2::Deployment.SystemResourceLimits": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values a sensor can take.", - "title": "AllowedValues", - "type": "array" - }, - "DataType": { - "markdownDescription": "The specified data type of the sensor.", - "title": "DataType", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of a sensor.", - "title": "Description", - "type": "string" - }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the sensor. For example, the fully qualified name of a sensor might be `Vehicle.Body.Engine.Battery` .", - "title": "FullyQualifiedName", - "type": "string" - }, - "Max": { - "markdownDescription": "The specified possible maximum value of the sensor.", - "title": "Max", + "Cpus": { + "markdownDescription": "The maximum amount of CPU time that a component's processes can use on the core device. A core device's total CPU time is equivalent to the device's number of CPU cores. For example, on a core device with 4 CPU cores, you can set this value to 2 to limit the component's processes to 50 percent usage of each CPU core. On a device with 1 CPU core, you can set this value to 0.25 to limit the component's processes to 25 percent usage of the CPU. If you set this value to a number greater than the number of CPU cores, the AWS IoT Greengrass Core software doesn't limit the component's CPU usage.", + "title": "Cpus", "type": "number" }, - "Min": { - "markdownDescription": "The specified possible minimum value of the sensor.", - "title": "Min", + "Memory": { + "markdownDescription": "The maximum amount of RAM, expressed in kilobytes, that a component's processes can use on the core device. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", + "title": "Memory", "type": "number" - }, - "Unit": { - "markdownDescription": "The scientific unit of measurement for data collected by the sensor.", - "title": "Unit", - "type": "string" } }, - "required": [ - "DataType", - "FullyQualifiedName" - ], "type": "object" }, - "AWS::IoTFleetWise::Vehicle": { + "AWS::GroundStation::Config": { "additionalProperties": false, "properties": { "Condition": { @@ -129051,34 +136365,13 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociationBehavior": { - "markdownDescription": "An option to create a new AWS IoT thing when creating a vehicle, or to validate an existing thing as a vehicle.", - "title": "AssociationBehavior", - "type": "string" - }, - "Attributes": { - "additionalProperties": true, - "markdownDescription": "Static information about a vehicle in a key-value pair. For example: `\"engine Type\"` : `\"v6\"`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "DecoderManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a decoder manifest associated with the vehicle to create.", - "title": "DecoderManifestArn", - "type": "string" - }, - "ModelManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the vehicle model (model manifest) to create the vehicle from.", - "title": "ModelManifestArn", - "type": "string" + "ConfigData": { + "$ref": "#/definitions/AWS::GroundStation::Config.ConfigData", + "markdownDescription": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype.", + "title": "ConfigData" }, "Name": { - "markdownDescription": "The unique ID of the vehicle.", + "markdownDescription": "The name of the config object.", "title": "Name", "type": "string" }, @@ -129086,21 +136379,20 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata which can be used to manage the vehicle.", + "markdownDescription": "Tags assigned to a resource.", "title": "Tags", "type": "array" } }, "required": [ - "DecoderManifestArn", - "ModelManifestArn", + "ConfigData", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Vehicle" + "AWS::GroundStation::Config" ], "type": "string" }, @@ -129119,350 +136411,272 @@ ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy": { + "AWS::GroundStation::Config.AntennaDownlinkConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessPolicyIdentity": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity", - "markdownDescription": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", - "title": "AccessPolicyIdentity" - }, - "AccessPolicyPermission": { - "markdownDescription": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", - "title": "AccessPolicyPermission", - "type": "string" - }, - "AccessPolicyResource": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource", - "markdownDescription": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.", - "title": "AccessPolicyResource" - } - }, - "required": [ - "AccessPolicyIdentity", - "AccessPolicyPermission", - "AccessPolicyResource" - ], - "type": "object" + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig": { + "additionalProperties": false, + "properties": { + "DecodeConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DecodeConfig", + "markdownDescription": "Defines how the RF signal will be decoded.", + "title": "DecodeConfig" }, - "Type": { - "enum": [ - "AWS::IoTSiteWise::AccessPolicy" - ], - "type": "string" + "DemodulationConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DemodulationConfig", + "markdownDescription": "Defines how the RF signal will be demodulated.", + "title": "DemodulationConfig" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { + "AWS::GroundStation::Config.AntennaUplinkConfig": { "additionalProperties": false, "properties": { - "IamRole": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamRole", - "markdownDescription": "An IAM role identity.", - "title": "IamRole" + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.UplinkSpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" }, - "IamUser": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamUser", - "markdownDescription": "An IAM user identity.", - "title": "IamUser" + "TargetEirp": { + "$ref": "#/definitions/AWS::GroundStation::Config.Eirp", + "markdownDescription": "The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW.", + "title": "TargetEirp" }, - "User": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.User", - "markdownDescription": "An IAM Identity Center user identity.", - "title": "User" + "TransmitDisabled": { + "markdownDescription": "Whether or not uplink transmit is disabled.", + "title": "TransmitDisabled", + "type": "boolean" } }, "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource": { + "AWS::GroundStation::Config.ConfigData": { "additionalProperties": false, "properties": { - "Portal": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Portal", - "markdownDescription": "Identifies an AWS IoT SiteWise Monitor portal.", - "title": "Portal" + "AntennaDownlinkConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkConfig", + "markdownDescription": "Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks).", + "title": "AntennaDownlinkConfig" }, - "Project": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Project", - "markdownDescription": "Identifies a specific AWS IoT SiteWise Monitor project.", - "title": "Project" + "AntennaDownlinkDemodDecodeConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig", + "markdownDescription": "Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data.", + "title": "AntennaDownlinkDemodDecodeConfig" + }, + "AntennaUplinkConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaUplinkConfig", + "markdownDescription": "Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts.", + "title": "AntennaUplinkConfig" + }, + "DataflowEndpointConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DataflowEndpointConfig", + "markdownDescription": "Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact.", + "title": "DataflowEndpointConfig" + }, + "S3RecordingConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.S3RecordingConfig", + "markdownDescription": "Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts.", + "title": "S3RecordingConfig" + }, + "TrackingConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.TrackingConfig", + "markdownDescription": "Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact.", + "title": "TrackingConfig" + }, + "UplinkEchoConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.UplinkEchoConfig", + "markdownDescription": "Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts.", + "title": "UplinkEchoConfig" } }, "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.IamRole": { + "AWS::GroundStation::Config.DataflowEndpointConfig": { "additionalProperties": false, "properties": { - "arn": { - "markdownDescription": "The ARN of the IAM role. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .", - "title": "arn", + "DataflowEndpointName": { + "markdownDescription": "The name of the dataflow endpoint to use during contacts.", + "title": "DataflowEndpointName", + "type": "string" + }, + "DataflowEndpointRegion": { + "markdownDescription": "The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact.", + "title": "DataflowEndpointRegion", "type": "string" } }, "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.IamUser": { + "AWS::GroundStation::Config.DecodeConfig": { "additionalProperties": false, "properties": { - "arn": { - "markdownDescription": "The ARN of the IAM user. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .\n\n> If you delete the IAM user, access policies that contain this identity include an empty `arn` . You can delete the access policy for the IAM user that no longer exists.", - "title": "arn", + "UnvalidatedJSON": { + "markdownDescription": "The decoding settings are in JSON format and define a set of steps to perform to decode the data.", + "title": "UnvalidatedJSON", "type": "string" } }, "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.Portal": { + "AWS::GroundStation::Config.DemodulationConfig": { "additionalProperties": false, "properties": { - "id": { - "markdownDescription": "The ID of the portal.", - "title": "id", + "UnvalidatedJSON": { + "markdownDescription": "The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use.", + "title": "UnvalidatedJSON", "type": "string" } }, "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.Project": { + "AWS::GroundStation::Config.Eirp": { "additionalProperties": false, "properties": { - "id": { - "markdownDescription": "The ID of the project.", - "title": "id", + "Units": { + "markdownDescription": "The units of the EIRP.", + "title": "Units", "type": "string" + }, + "Value": { + "markdownDescription": "The value of the EIRP. Valid values are between 20.0 to 50.0 dBW.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.User": { + "AWS::GroundStation::Config.Frequency": { "additionalProperties": false, "properties": { - "id": { - "markdownDescription": "The IAM Identity Center ID of the user.", - "title": "id", + "Units": { + "markdownDescription": "The units of the frequency.", + "title": "Units", "type": "string" + }, + "Value": { + "markdownDescription": "The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::IoTSiteWise::Asset": { + "AWS::GroundStation::Config.FrequencyBandwidth": { "additionalProperties": false, "properties": { - "Condition": { + "Units": { + "markdownDescription": "The units of the bandwidth.", + "title": "Units", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.S3RecordingConfig": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` .", + "title": "BucketArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssetDescription": { - "markdownDescription": "The ID of the asset, in UUID format.", - "title": "AssetDescription", - "type": "string" - }, - "AssetExternalId": { - "markdownDescription": "The external ID of the asset model composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetExternalId", - "type": "string" - }, - "AssetHierarchies": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetHierarchy" - }, - "markdownDescription": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships.", - "title": "AssetHierarchies", - "type": "array" - }, - "AssetModelId": { - "markdownDescription": "The ID of the asset model from which to create the asset. This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelId", - "type": "string" - }, - "AssetName": { - "markdownDescription": "A friendly name for the asset.", - "title": "AssetName", - "type": "string" - }, - "AssetProperties": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetProperty" - }, - "markdownDescription": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object.", - "title": "AssetProperties", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AssetModelId", - "AssetName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoTSiteWise::Asset" - ], + "Prefix": { + "markdownDescription": "The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/`\n\n*Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}`", + "title": "Prefix", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "Defines the ARN of the role assumed for putting archives to S3.", + "title": "RoleArn", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoTSiteWise::Asset.AssetHierarchy": { + "AWS::GroundStation::Config.SpectrumConfig": { "additionalProperties": false, "properties": { - "ChildAssetId": { - "markdownDescription": "The Id of the child asset.", - "title": "ChildAssetId", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of the hierarchy, if it has one. When you update an asset hierarchy, you may assign an external ID if it doesn't already have one. You can't change the external ID of an asset hierarchy that already has one. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ExternalId", - "type": "string" + "Bandwidth": { + "$ref": "#/definitions/AWS::GroundStation::Config.FrequencyBandwidth", + "markdownDescription": "The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", + "title": "Bandwidth" }, - "Id": { - "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" + "CenterFrequency": { + "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", + "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "CenterFrequency" }, - "LogicalId": { - "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .", - "title": "LogicalId", + "Polarization": { + "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` . Capturing both `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` polarization requires two separate configs.", + "title": "Polarization", "type": "string" } }, - "required": [ - "ChildAssetId" - ], "type": "object" }, - "AWS::IoTSiteWise::Asset.AssetProperty": { + "AWS::GroundStation::Config.TrackingConfig": { "additionalProperties": false, "properties": { - "Alias": { - "markdownDescription": "The alias that identifies the property, such as an OPC-UA server data stream path (for example, `/company/windfarm/3/turbine/7/temperature` ). For more information, see [Mapping industrial data streams to asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/connect-data-streams.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Alias", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of the property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the asset property.\n\n> This is a return value and can't be set.", - "title": "Id", + "Autotrack": { + "markdownDescription": "Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost.", + "title": "Autotrack", "type": "string" - }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset property.", - "title": "LogicalId", + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.UplinkEchoConfig": { + "additionalProperties": false, + "properties": { + "AntennaUplinkConfigArn": { + "markdownDescription": "Defines the ARN of the uplink config to echo back to a dataflow endpoint.", + "title": "AntennaUplinkConfigArn", "type": "string" }, - "NotificationState": { - "markdownDescription": "The MQTT notification state (enabled or disabled) for this asset property. When the notification state is enabled, AWS IoT SiteWise publishes property value updates to a unique MQTT topic. For more information, see [Interacting with other services](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/interact-with-other-services.html) in the *AWS IoT SiteWise User Guide* .\n\nIf you omit this parameter, the notification state is set to `DISABLED` .", - "title": "NotificationState", - "type": "string" + "Enabled": { + "markdownDescription": "Whether or not uplink echo is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.UplinkSpectrumConfig": { + "additionalProperties": false, + "properties": { + "CenterFrequency": { + "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", + "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "CenterFrequency" }, - "Unit": { - "markdownDescription": "The unit (such as `Newtons` or `RPM` ) of the asset property.", - "title": "Unit", + "Polarization": { + "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` .", + "title": "Polarization", "type": "string" } }, "type": "object" }, - "AWS::IoTSiteWise::AssetModel": { + "AWS::GroundStation::DataflowEndpointGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -129497,67 +136711,41 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetModelCompositeModels": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel" - }, - "markdownDescription": "The composite models that are part of this asset model. It groups properties (such as attributes, measurements, transforms, and metrics) and child composite models that model parts of your industrial equipment. Each composite model has a type that defines the properties that the composite model supports. Use composite models to define alarms on this asset model.\n\n> When creating custom composite models, you need to use [CreateAssetModelCompositeModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModelCompositeModel.html) . For more information, see [Creating custom composite models (Components)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-custom-composite-models.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelCompositeModels", - "type": "array" - }, - "AssetModelDescription": { - "markdownDescription": "A description for the asset model.", - "title": "AssetModelDescription", - "type": "string" - }, - "AssetModelExternalId": { - "markdownDescription": "The external ID of the asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelExternalId", - "type": "string" - }, - "AssetModelHierarchies": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelHierarchy" - }, - "markdownDescription": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 10 hierarchies per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelHierarchies", - "type": "array" + "ContactPostPassDurationSeconds": { + "markdownDescription": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a `POSTPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `POSTPASS` state.", + "title": "ContactPostPassDurationSeconds", + "type": "number" }, - "AssetModelName": { - "markdownDescription": "A unique name for the asset model.", - "title": "AssetModelName", - "type": "string" + "ContactPrePassDurationSeconds": { + "markdownDescription": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a `PREPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `PREPASS` state.", + "title": "ContactPrePassDurationSeconds", + "type": "number" }, - "AssetModelProperties": { + "EndpointDetails": { "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" }, - "markdownDescription": "The property definitions of the asset model. For more information, see [Asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 200 properties per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelProperties", + "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", + "title": "EndpointDetails", "type": "array" }, - "AssetModelType": { - "markdownDescription": "The type of asset model.\n\n- *ASSET_MODEL* \u2013 (default) An asset model that you can use to create assets. Can't be included as a component in another asset model.\n- *COMPONENT_MODEL* \u2013 A reusable component that you can include in the composite models of other asset models. You can't create assets directly from this type of asset model.", - "title": "AssetModelType", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "Tags assigned to a resource.", "title": "Tags", "type": "array" } }, "required": [ - "AssetModelName" + "EndpointDetails" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::AssetModel" + "AWS::GroundStation::DataflowEndpointGroup" ], "type": "string" }, @@ -129576,354 +136764,187 @@ ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel": { + "AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint": { "additionalProperties": false, "properties": { - "ComposedAssetModelId": { - "markdownDescription": "The ID of a component model which is reused to create this composite model.", - "title": "ComposedAssetModelId", + "AgentStatus": { + "markdownDescription": "The status of AgentEndpoint.", + "title": "AgentStatus", "type": "string" }, - "CompositeModelProperties": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" - }, - "markdownDescription": "The asset property definitions for this composite model.", - "title": "CompositeModelProperties", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the composite model.\n\n> If the composite model is a `component-model-based` composite model, the description is inherited from the `COMPONENT_MODEL` asset model and cannot be changed.", - "title": "Description", + "AuditResults": { + "markdownDescription": "The results of the audit.", + "title": "AuditResults", "type": "string" }, - "ExternalId": { - "markdownDescription": "The external ID of a composite model on this asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `Path` must be specified.", - "title": "ExternalId", - "type": "string" + "EgressAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails", + "markdownDescription": "The egress address of AgentEndpoint.", + "title": "EgressAddress" }, - "Id": { - "markdownDescription": "The ID of the asset model composite model.\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" + "IngressAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails", + "markdownDescription": "The ingress address of AgentEndpoint.", + "title": "IngressAddress" }, "Name": { - "markdownDescription": "The name of the composite model.", + "markdownDescription": "Name string associated with AgentEndpoint. Used as a human-readable identifier for AgentEndpoint.", "title": "Name", "type": "string" - }, - "ParentAssetModelCompositeModelExternalId": { - "markdownDescription": "The external ID of the parent composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ParentAssetModelCompositeModelExternalId", - "type": "string" - }, - "Path": { - "items": { - "type": "string" - }, - "markdownDescription": "The structured path to the property from the root of the asset using property names. Path is used as the ID if the asset model is a derived composite model.\n\n> One of `ExternalId` or `Path` must be specified.", - "title": "Path", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the composite model. For alarm composite models, this type is `AWS/ALARM` .", - "title": "Type", - "type": "string" } }, - "required": [ - "Name", - "Type" - ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.AssetModelHierarchy": { + "AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails": { "additionalProperties": false, "properties": { - "ChildAssetModelId": { - "markdownDescription": "The ID of the asset model, in UUID format. All assets in this hierarchy must be instances of the `childAssetModelId` asset model. AWS IoT SiteWise will always return the actual asset model ID for this value. However, when you are specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) , you may provide either the asset model ID or else `externalId:` followed by the asset model's external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ChildAssetModelId", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID (if any) provided in the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) operation. You can assign an external ID by specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) . However, you can't change the external ID if one is already assigned. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the asset model hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set. \n\n- If you are callling [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) to create a *new* hierarchy: You can specify its ID here, if desired. AWS IoT SiteWise automatically generates a unique ID for you, so this parameter is never required. However, if you prefer to supply your own ID instead, you can specify it here in UUID format. If you specify your own ID, it must be globally unique.\n- If you are calling UpdateAssetModel to modify an *existing* hierarchy: This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", - "title": "Id", - "type": "string" - }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset model hierarchy. This ID is a `hierarchyLogicalId` .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "LogicalId", - "type": "string" + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", + "title": "Mtu", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the asset model hierarchy that you specify by using the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) API operation.", - "title": "Name", - "type": "string" + "SocketAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", + "markdownDescription": "A socket address.", + "title": "SocketAddress" } }, - "required": [ - "ChildAssetModelId", - "Name" - ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.AssetModelProperty": { + "AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint": { "additionalProperties": false, "properties": { - "DataType": { - "markdownDescription": "The data type of the asset model property.\n\nIf you specify `STRUCT` , you must also specify `dataTypeSpec` to identify the type of the structure for this property.", - "title": "DataType", - "type": "string" - }, - "DataTypeSpec": { - "markdownDescription": "The data type of the structure for this property. This parameter exists on properties that have the `STRUCT` data type.", - "title": "DataTypeSpec", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of the asset property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the property.\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" + "Address": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", + "markdownDescription": "The address and port of an endpoint.", + "title": "Address" }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset model property.\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "LogicalId", - "type": "string" + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set.", + "title": "Mtu", + "type": "number" }, "Name": { - "markdownDescription": "The name of the asset model property.", + "markdownDescription": "The endpoint name.\n\nWhen listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite.", "title": "Name", "type": "string" - }, - "Type": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyType", - "markdownDescription": "Contains a property type, which can be one of `attribute` , `measurement` , `metric` , or `transform` .", - "title": "Type" - }, - "Unit": { - "markdownDescription": "The unit of the asset model property, such as `Newtons` or `RPM` .", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "DataType", - "Name", - "Type" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.Attribute": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* .", - "title": "DefaultValue", - "type": "string" } }, "type": "object" }, - "AWS::IoTSiteWise::AssetModel.ExpressionVariable": { + "AWS::GroundStation::DataflowEndpointGroup.EndpointDetails": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The friendly name of the variable to be used in the expression.", - "title": "Name", - "type": "string" + "AwsGroundStationAgentEndpoint": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint", + "markdownDescription": "An agent endpoint.", + "title": "AwsGroundStationAgentEndpoint" }, - "Value": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.VariableValue", - "markdownDescription": "The variable that identifies an asset property from which to use values.", - "title": "Value" + "Endpoint": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint", + "markdownDescription": "Information about the endpoint such as name and the endpoint address.", + "title": "Endpoint" + }, + "SecurityDetails": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SecurityDetails", + "markdownDescription": "The role ARN, and IDs for security groups and subnets.", + "title": "SecurityDetails" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.Metric": { + "AWS::GroundStation::DataflowEndpointGroup.IntegerRange": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The mathematical expression that defines the metric aggregation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Expression", - "type": "string" - }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" - }, - "markdownDescription": "The list of variables used in the expression.", - "title": "Variables", - "type": "array" + "Maximum": { + "markdownDescription": "A maximum value.", + "title": "Maximum", + "type": "number" }, - "Window": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.MetricWindow", - "markdownDescription": "The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression. AWS IoT SiteWise computes one data point per `window` .", - "title": "Window" + "Minimum": { + "markdownDescription": "A minimum value.", + "title": "Minimum", + "type": "number" } }, - "required": [ - "Expression", - "Variables", - "Window" - ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.MetricWindow": { + "AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails": { "additionalProperties": false, "properties": { - "Tumbling": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.TumblingWindow", - "markdownDescription": "The tumbling time interval window.", - "title": "Tumbling" + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", + "title": "Mtu", + "type": "number" + }, + "SocketAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress", + "markdownDescription": "A ranged socket address.", + "title": "SocketAddress" } }, "type": "object" }, - "AWS::IoTSiteWise::AssetModel.PropertyPathDefinition": { + "AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress": { "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "The name of the path segment.", + "markdownDescription": "IPv4 socket address.", "title": "Name", "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.PropertyType": { - "additionalProperties": false, - "properties": { - "Attribute": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Attribute", - "markdownDescription": "Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine.", - "title": "Attribute" - }, - "Metric": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Metric", - "markdownDescription": "Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature.", - "title": "Metric" - }, - "Transform": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Transform", - "markdownDescription": "Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit.", - "title": "Transform" }, - "TypeName": { - "markdownDescription": "The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` .", - "title": "TypeName", - "type": "string" + "PortRange": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.IntegerRange", + "markdownDescription": "Port range of a socket address.", + "title": "PortRange" } }, - "required": [ - "TypeName" - ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.Transform": { + "AWS::GroundStation::DataflowEndpointGroup.SecurityDetails": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The mathematical expression that defines the transformation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Expression", + "RoleArn": { + "markdownDescription": "The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` .\n\nGround Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact.", + "title": "RoleArn", "type": "string" }, - "Variables": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" + "type": "string" }, - "markdownDescription": "The list of variables used in the expression.", - "title": "Variables", + "markdownDescription": "The security group Ids of the security role, such as `sg-1234567890abcdef0` .", + "title": "SecurityGroupIds", "type": "array" - } - }, - "required": [ - "Expression", - "Variables" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.TumblingWindow": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The time interval for the tumbling window. The interval time must be between 1 minute and 1 week.\n\nAWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on.\n\nWhen AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval.", - "title": "Interval", - "type": "string" }, - "Offset": { - "markdownDescription": "The offset for the tumbling window. The `offset` parameter accepts the following:\n\n- The offset time.\n\nFor example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The ISO 8601 format.\n\nFor example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The 24-hour clock.\n\nFor example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC).\n- The offset time zone.\n\nFor example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric.\n- If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day.", - "title": "Offset", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet Ids of the security details, such as `subnet-12345678` .", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "Interval" - ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.VariableValue": { + "AWS::GroundStation::DataflowEndpointGroup.SocketAddress": { "additionalProperties": false, "properties": { - "HierarchyExternalId": { - "markdownDescription": "The external ID of the hierarchy being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyExternalId", - "type": "string" - }, - "HierarchyId": { - "markdownDescription": "The ID of the hierarchy to query for the property ID. You can use the hierarchy's name instead of the hierarchy's ID. If the hierarchy has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\nYou use a hierarchy ID instead of a model ID because you can have several hierarchies using the same model and therefore the same `propertyId` . For example, you might have separately grouped assets that come from the same asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyId", - "type": "string" - }, - "HierarchyLogicalId": { - "markdownDescription": "The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` .\n\nYou use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyLogicalId", - "type": "string" - }, - "PropertyExternalId": { - "markdownDescription": "The external ID of the property being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "PropertyExternalId", - "type": "string" - }, - "PropertyId": { - "markdownDescription": "The ID of the property to use as the variable. You can use the property `name` if it's from the same asset model. If the property has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> This is a return value and can't be set.", - "title": "PropertyId", - "type": "string" - }, - "PropertyLogicalId": { - "markdownDescription": "The `LogicalID` of the property that is being referenced.", - "title": "PropertyLogicalId", + "Name": { + "markdownDescription": "The name of the endpoint, such as `Endpoint 1` .", + "title": "Name", "type": "string" }, - "PropertyPath": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyPathDefinition" - }, - "markdownDescription": "The path of the property. Each step of the path is the name of the step. See the following example:\n\n`PropertyPath: Name: AssetModelName Name: Composite1 Name: NestedComposite`", - "title": "PropertyPath", - "type": "array" + "Port": { + "markdownDescription": "The port of the endpoint, such as `55888` .", + "title": "Port", + "type": "number" } }, "type": "object" }, - "AWS::IoTSiteWise::Dashboard": { + "AWS::GroundStation::MissionProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -129958,45 +136979,69 @@ "Properties": { "additionalProperties": false, "properties": { - "DashboardDefinition": { - "markdownDescription": "The dashboard definition specified in a JSON literal.\n\n- AWS IoT SiteWise Monitor (Classic) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-using-aws-cli.html)\n- AWS IoT SiteWise Monitor (AI-aware) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-ai-dashboard-cli.html)\n\nin the *AWS IoT SiteWise User Guide*", - "title": "DashboardDefinition", - "type": "string" + "ContactPostPassDurationSeconds": { + "markdownDescription": "Amount of time in seconds after a contact ends that you\u2019d like to receive a Ground Station Contact State Change indicating the pass has finished.", + "title": "ContactPostPassDurationSeconds", + "type": "number" }, - "DashboardDescription": { - "markdownDescription": "A description for the dashboard.", - "title": "DashboardDescription", - "type": "string" + "ContactPrePassDurationSeconds": { + "markdownDescription": "Amount of time in seconds prior to contact start that you'd like to receive a Ground Station Contact State Change Event indicating an upcoming pass.", + "title": "ContactPrePassDurationSeconds", + "type": "number" }, - "DashboardName": { - "markdownDescription": "A friendly name for the dashboard.", - "title": "DashboardName", + "DataflowEdges": { + "items": { + "$ref": "#/definitions/AWS::GroundStation::MissionProfile.DataflowEdge" + }, + "markdownDescription": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config.", + "title": "DataflowEdges", + "type": "array" + }, + "MinimumViableContactDurationSeconds": { + "markdownDescription": "Minimum length of a contact in seconds that Ground Station will return when listing contacts. Ground Station will not return contacts shorter than this duration.", + "title": "MinimumViableContactDurationSeconds", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the mission profile.", + "title": "Name", "type": "string" }, - "ProjectId": { - "markdownDescription": "The ID of the project in which to create the dashboard.", - "title": "ProjectId", + "StreamsKmsKey": { + "$ref": "#/definitions/AWS::GroundStation::MissionProfile.StreamsKmsKey", + "markdownDescription": "KMS key to use for encrypting streams.", + "title": "StreamsKmsKey" + }, + "StreamsKmsRole": { + "markdownDescription": "Role to use for encrypting streams with KMS key.", + "title": "StreamsKmsRole", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the dashboard. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "Tags assigned to the mission profile.", "title": "Tags", "type": "array" + }, + "TrackingConfigArn": { + "markdownDescription": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact.", + "title": "TrackingConfigArn", + "type": "string" } }, "required": [ - "DashboardDefinition", - "DashboardDescription", - "DashboardName" + "DataflowEdges", + "MinimumViableContactDurationSeconds", + "Name", + "TrackingConfigArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Dashboard" + "AWS::GroundStation::MissionProfile" ], "type": "string" }, @@ -130015,7 +137060,44 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Gateway": { + "AWS::GroundStation::MissionProfile.DataflowEdge": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge.", + "title": "Destination", + "type": "string" + }, + "Source": { + "markdownDescription": "The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge.", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::MissionProfile.StreamsKmsKey": { + "additionalProperties": false, + "properties": { + "KmsAliasArn": { + "markdownDescription": "KMS Alias Arn.", + "title": "KmsAliasArn", + "type": "string" + }, + "KmsAliasName": { + "markdownDescription": "KMS Alias Name.", + "title": "KmsAliasName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "KMS Key Arn.", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector": { "additionalProperties": false, "properties": { "Condition": { @@ -130050,42 +137132,46 @@ "Properties": { "additionalProperties": false, "properties": { - "GatewayCapabilitySummaries": { + "DataSources": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNDataSourceConfigurations", + "markdownDescription": "Describes which data sources will be enabled for the detector.", + "title": "DataSources" + }, + "Enable": { + "markdownDescription": "Specifies whether the detector is to be enabled on creation.", + "title": "Enable", + "type": "boolean" + }, + "Features": { "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary" + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureConfiguration" }, - "markdownDescription": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", - "title": "GatewayCapabilitySummaries", + "markdownDescription": "A list of features that will be configured for the detector.", + "title": "Features", "type": "array" }, - "GatewayName": { - "markdownDescription": "A unique name for the gateway.", - "title": "GatewayName", + "FindingPublishingFrequency": { + "markdownDescription": "Specifies how frequently updated findings are exported.", + "title": "FindingPublishingFrequency", "type": "string" }, - "GatewayPlatform": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayPlatform", - "markdownDescription": "The gateway's platform. You can only specify one platform in a gateway.", - "title": "GatewayPlatform" - }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::Detector.TagItem" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "GatewayName", - "GatewayPlatform" + "Enable" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Gateway" + "AWS::GuardDuty::Detector" ], "type": "string" }, @@ -130104,85 +137190,156 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary": { + "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { "additionalProperties": false, "properties": { - "CapabilityConfiguration": { - "markdownDescription": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", - "title": "CapabilityConfiguration", + "Kubernetes": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesConfiguration", + "markdownDescription": "Describes which Kubernetes data sources are enabled for a detector.", + "title": "Kubernetes" + }, + "MalwareProtection": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration", + "markdownDescription": "Describes whether Malware Protection will be enabled as a data source.", + "title": "MalwareProtection" + }, + "S3Logs": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNS3LogsConfiguration", + "markdownDescription": "Describes whether S3 data event logs are enabled as a data source.", + "title": "S3Logs" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the additional configuration.", + "title": "Name", "type": "string" }, - "CapabilityNamespace": { - "markdownDescription": "The namespace of the capability configuration. For example, if you configure OPC-UA sources from the AWS IoT SiteWise console, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:version` , where `version` is a number such as `1` .", - "title": "CapabilityNamespace", + "Status": { + "markdownDescription": "Status of the additional configuration.", + "title": "Status", "type": "string" } }, - "required": [ - "CapabilityNamespace" - ], "type": "object" }, - "AWS::IoTSiteWise::Gateway.GatewayPlatform": { + "AWS::GuardDuty::Detector.CFNFeatureConfiguration": { "additionalProperties": false, "properties": { - "Greengrass": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.Greengrass" + "AdditionalConfiguration": { + "items": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration" + }, + "markdownDescription": "Information about the additional configuration of a feature in your account.", + "title": "AdditionalConfiguration", + "type": "array" }, - "GreengrassV2": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GreengrassV2", - "markdownDescription": "A gateway that runs on AWS IoT Greengrass V2 .", - "title": "GreengrassV2" + "Name": { + "markdownDescription": "Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* .", + "title": "Name", + "type": "string" }, - "SiemensIE": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.SiemensIE", - "markdownDescription": "An AWS IoT SiteWise Edge gateway that runs on a Siemens Industrial Edge Device.", - "title": "SiemensIE" + "Status": { + "markdownDescription": "Status of the feature configuration.", + "title": "Status", + "type": "string" } }, + "required": [ + "Name", + "Status" + ], "type": "object" }, - "AWS::IoTSiteWise::Gateway.Greengrass": { + "AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration": { "additionalProperties": false, "properties": { - "GroupArn": { - "type": "string" + "Enable": { + "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", + "title": "Enable", + "type": "boolean" } }, "required": [ - "GroupArn" + "Enable" ], "type": "object" }, - "AWS::IoTSiteWise::Gateway.GreengrassV2": { + "AWS::GuardDuty::Detector.CFNKubernetesConfiguration": { "additionalProperties": false, "properties": { - "CoreDeviceThingName": { - "markdownDescription": "The name of the AWS IoT thing for your AWS IoT Greengrass V2 core device.", - "title": "CoreDeviceThingName", - "type": "string" + "AuditLogs": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration", + "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", + "title": "AuditLogs" } }, "required": [ - "CoreDeviceThingName" + "AuditLogs" ], "type": "object" }, - "AWS::IoTSiteWise::Gateway.SiemensIE": { + "AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration": { "additionalProperties": false, "properties": { - "IotCoreThingName": { - "markdownDescription": "The name of the AWS IoT Thing for your AWS IoT SiteWise Edge gateway.", - "title": "IotCoreThingName", + "ScanEc2InstanceWithFindings": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration", + "markdownDescription": "Describes the configuration of Malware Protection for EC2 instances with findings.", + "title": "ScanEc2InstanceWithFindings" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNS3LogsConfiguration": { + "additionalProperties": false, + "properties": { + "Enable": { + "markdownDescription": "The status of S3 data event logs as a data source.", + "title": "Enable", + "type": "boolean" + } + }, + "required": [ + "Enable" + ], + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration": { + "additionalProperties": false, + "properties": { + "EbsVolumes": { + "markdownDescription": "Describes the configuration for scanning EBS volumes as data source.", + "title": "EbsVolumes", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, "required": [ - "IotCoreThingName" + "Key", + "Value" ], "type": "object" }, - "AWS::IoTSiteWise::Portal": { + "AWS::GuardDuty::Filter": { "additionalProperties": false, "properties": { "Condition": { @@ -130217,60 +137374,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Alarms": { - "$ref": "#/definitions/AWS::IoTSiteWise::Portal.Alarms", - "markdownDescription": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see [Monitoring with alarms](https://docs.aws.amazon.com/iot-sitewise/latest/appguide/monitor-alarms.html) in the *AWS IoT SiteWise Application Guide* .", - "title": "Alarms" - }, - "NotificationSenderEmail": { - "markdownDescription": "The email address that sends alarm notifications.\n\n> If you use the [AWS IoT Events managed Lambda function](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) to manage your emails, you must [verify the sender email address in Amazon SES](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html) .", - "title": "NotificationSenderEmail", + "Action": { + "markdownDescription": "Specifies the action that is to be applied to the findings that match the filter.", + "title": "Action", "type": "string" }, - "PortalAuthMode": { - "markdownDescription": "The service to use to authenticate users to the portal. Choose from the following options:\n\n- `SSO` \u2013 The portal uses AWS IAM Identity Center to authenticate users and manage user permissions. Before you can create a portal that uses IAM Identity Center, you must enable IAM Identity Center. For more information, see [Enabling IAM Identity Center](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-get-started.html#mon-gs-sso) in the *AWS IoT SiteWise User Guide* . This option is only available in AWS Regions other than the China Regions.\n- `IAM` \u2013 The portal uses AWS Identity and Access Management to authenticate users and manage user permissions.\n\nYou can't change this value after you create a portal.\n\nDefault: `SSO`", - "title": "PortalAuthMode", + "Description": { + "markdownDescription": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.", + "title": "Description", "type": "string" }, - "PortalContactEmail": { - "markdownDescription": "The AWS administrator's contact email address.", - "title": "PortalContactEmail", + "DetectorId": { + "markdownDescription": "The detector ID associated with the GuardDuty account for which you want to create a filter.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "PortalDescription": { - "markdownDescription": "A description for the portal.", - "title": "PortalDescription", - "type": "string" + "FindingCriteria": { + "$ref": "#/definitions/AWS::GuardDuty::Filter.FindingCriteria", + "markdownDescription": "Represents the criteria to be used in the filter for querying findings.", + "title": "FindingCriteria" }, - "PortalName": { - "markdownDescription": "A friendly name for the portal.", - "title": "PortalName", + "Name": { + "markdownDescription": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.", + "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf. For more information, see [Using service roles for AWS IoT SiteWise Monitor](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-service-role.html) in the *AWS IoT SiteWise User Guide* .", - "title": "RoleArn", - "type": "string" + "Rank": { + "markdownDescription": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` .", + "title": "Rank", + "type": "number" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::Filter.TagItem" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the portal. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "PortalContactEmail", - "PortalName", - "RoleArn" + "DetectorId", + "FindingCriteria", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Portal" + "AWS::GuardDuty::Filter" ], "type": "string" }, @@ -130289,23 +137441,122 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Portal.Alarms": { + "AWS::GuardDuty::Filter.Condition": { "additionalProperties": false, "properties": { - "AlarmRoleArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events .", - "title": "AlarmRoleArn", + "Eq": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents the equal condition to apply to a single field when querying for findings.", + "title": "Eq", + "type": "array" + }, + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents an *equal* ** condition to be applied to a single field when querying for findings.", + "title": "Equals", + "type": "array" + }, + "GreaterThan": { + "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", + "title": "GreaterThan", + "type": "number" + }, + "GreaterThanOrEqual": { + "markdownDescription": "Represents a *greater than or equal* condition to be applied to a single field when querying for findings.", + "title": "GreaterThanOrEqual", + "type": "number" + }, + "Gt": { + "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", + "title": "Gt", + "type": "number" + }, + "Gte": { + "markdownDescription": "Represents the greater than or equal condition to apply to a single field when querying for findings.", + "title": "Gte", + "type": "number" + }, + "LessThan": { + "markdownDescription": "Represents a *less than* condition to be applied to a single field when querying for findings.", + "title": "LessThan", + "type": "number" + }, + "LessThanOrEqual": { + "markdownDescription": "Represents a *less than or equal* condition to be applied to a single field when querying for findings.", + "title": "LessThanOrEqual", + "type": "number" + }, + "Lt": { + "markdownDescription": "Represents the less than condition to apply to a single field when querying for findings.", + "title": "Lt", + "type": "number" + }, + "Lte": { + "markdownDescription": "Represents the less than or equal condition to apply to a single field when querying for findings.", + "title": "Lte", + "type": "number" + }, + "Neq": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents the not equal condition to apply to a single field when querying for findings.", + "title": "Neq", + "type": "array" + }, + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents a *not equal* ** condition to be applied to a single field when querying for findings.", + "title": "NotEquals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Filter.FindingCriteria": { + "additionalProperties": false, + "properties": { + "Criterion": { + "additionalProperties": false, + "markdownDescription": "Represents a map of finding properties that match specified conditions and values when querying findings.\n\nFor information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion:\n\n- accountId\n- id\n- region\n- severity\n\nTo filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition:\n\n- *Low* : `[\"1\", \"2\", \"3\"]`\n- *Medium* : `[\"4\", \"5\", \"6\"]`\n- *High* : `[\"7\", \"8\", \"9\"]`\n\nFor more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* .\n- type\n- updatedAt\n\nType: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds.\n- resource.accessKeyDetails.accessKeyId\n- resource.accessKeyDetails.principalId\n- resource.accessKeyDetails.userName\n- resource.accessKeyDetails.userType\n- resource.instanceDetails.iamInstanceProfile.id\n- resource.instanceDetails.imageId\n- resource.instanceDetails.instanceId\n- resource.instanceDetails.tags.key\n- resource.instanceDetails.tags.value\n- resource.instanceDetails.networkInterfaces.ipv6Addresses\n- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress\n- resource.instanceDetails.networkInterfaces.publicDnsName\n- resource.instanceDetails.networkInterfaces.publicIp\n- resource.instanceDetails.networkInterfaces.securityGroups.groupId\n- resource.instanceDetails.networkInterfaces.securityGroups.groupName\n- resource.instanceDetails.networkInterfaces.subnetId\n- resource.instanceDetails.networkInterfaces.vpcId\n- resource.instanceDetails.outpostArn\n- resource.resourceType\n- resource.s3BucketDetails.publicAccess.effectivePermissions\n- resource.s3BucketDetails.name\n- resource.s3BucketDetails.tags.key\n- resource.s3BucketDetails.tags.value\n- resource.s3BucketDetails.type\n- service.action.actionType\n- service.action.awsApiCallAction.api\n- service.action.awsApiCallAction.callerType\n- service.action.awsApiCallAction.errorCode\n- service.action.awsApiCallAction.remoteIpDetails.city.cityName\n- service.action.awsApiCallAction.remoteIpDetails.country.countryName\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.awsApiCallAction.remoteIpDetails.organization.asn\n- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg\n- service.action.awsApiCallAction.serviceName\n- service.action.dnsRequestAction.domain\n- service.action.dnsRequestAction.domainWithSuffix\n- service.action.networkConnectionAction.blocked\n- service.action.networkConnectionAction.connectionDirection\n- service.action.networkConnectionAction.localPortDetails.port\n- service.action.networkConnectionAction.protocol\n- service.action.networkConnectionAction.remoteIpDetails.city.cityName\n- service.action.networkConnectionAction.remoteIpDetails.country.countryName\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6\n- service.action.networkConnectionAction.remoteIpDetails.organization.asn\n- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg\n- service.action.networkConnectionAction.remotePortDetails.port\n- service.action.awsApiCallAction.remoteAccountDetails.affiliated\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.kubernetesApiCallAction.namespace\n- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn\n- service.action.kubernetesApiCallAction.requestUri\n- service.action.kubernetesApiCallAction.statusCode\n- service.action.networkConnectionAction.localIpDetails.ipAddressV4\n- service.action.networkConnectionAction.localIpDetails.ipAddressV6\n- service.action.networkConnectionAction.protocol\n- service.action.awsApiCallAction.serviceName\n- service.action.awsApiCallAction.remoteAccountDetails.accountId\n- service.additionalInfo.threatListName\n- service.resourceRole\n- resource.eksClusterDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace\n- resource.kubernetesDetails.kubernetesUserDetails.username\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix\n- service.ebsVolumeScanDetails.scanId\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash\n- service.malwareScanDetails.threats.name\n- resource.ecsClusterDetails.name\n- resource.ecsClusterDetails.taskDetails.containers.image\n- resource.ecsClusterDetails.taskDetails.definitionArn\n- resource.containerDetails.image\n- resource.rdsDbInstanceDetails.dbInstanceIdentifier\n- resource.rdsDbInstanceDetails.dbClusterIdentifier\n- resource.rdsDbInstanceDetails.engine\n- resource.rdsDbUserDetails.user\n- resource.rdsDbInstanceDetails.tags.key\n- resource.rdsDbInstanceDetails.tags.value\n- service.runtimeDetails.process.executableSha256\n- service.runtimeDetails.process.name\n- service.runtimeDetails.process.name\n- resource.lambdaDetails.functionName\n- resource.lambdaDetails.functionArn\n- resource.lambdaDetails.tags.key\n- resource.lambdaDetails.tags.value", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GuardDuty::Filter.Condition" + } + }, + "title": "Criterion", + "type": "object" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Filter.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "NotificationLambdaArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Lambda function that manages alarm notifications. For more information, see [Managing alarm notifications](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) in the *AWS IoT Events Developer Guide* .", - "title": "NotificationLambdaArn", + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::IoTSiteWise::Project": { + "AWS::GuardDuty::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -130340,47 +137591,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list that contains the IDs of each asset associated with the project.", - "title": "AssetIds", - "type": "array" + "Activate": { + "markdownDescription": "Indicates whether or not GuardDuty uses the `IPSet` .", + "title": "Activate", + "type": "boolean" }, - "PortalId": { - "markdownDescription": "The ID of the portal in which to create the project.", - "title": "PortalId", + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "ProjectDescription": { - "markdownDescription": "A description for the project.", - "title": "ProjectDescription", + "ExpectedBucketOwner": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", + "title": "ExpectedBucketOwner", "type": "string" }, - "ProjectName": { - "markdownDescription": "A friendly name for the project.", - "title": "ProjectName", + "Format": { + "markdownDescription": "The format of the file that contains the IPSet.", + "title": "Format", + "type": "string" + }, + "Location": { + "markdownDescription": "The URI of the file that contains the IPSet.", + "title": "Location", + "type": "string" + }, + "Name": { + "markdownDescription": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", + "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::IPSet.TagItem" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the project. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "PortalId", - "ProjectName" + "Format", + "Location" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Project" + "AWS::GuardDuty::IPSet" ], "type": "string" }, @@ -130399,7 +137657,27 @@ ], "type": "object" }, - "AWS::IoTThingsGraph::FlowTemplate": { + "AWS::GuardDuty::IPSet.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -130434,21 +137712,39 @@ "Properties": { "additionalProperties": false, "properties": { - "CompatibleNamespaceVersion": { - "type": "number" + "Actions": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNActions", + "markdownDescription": "Specifies the action that is to be applied to the Malware Protection plan resource.", + "title": "Actions" }, - "Definition": { - "$ref": "#/definitions/AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument" + "ProtectedResource": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNProtectedResource", + "markdownDescription": "Information about the protected resource. Presently, `S3Bucket` is the only supported protected resource.", + "title": "ProtectedResource" + }, + "Role": { + "markdownDescription": "Amazon Resource Name (ARN) of the IAM role that includes the permissions required to scan and (optionally) add tags to the associated protected resource.\n\nTo find the ARN of your IAM role, go to the IAM console, and select the role name for details.", + "title": "Role", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.TagItem" + }, + "markdownDescription": "The tags to be added to the created Malware Protection plan resource. Each tag consists of a key and an optional value, both of which you need to specify.", + "title": "Tags", + "type": "array" } }, "required": [ - "Definition" + "ProtectedResource", + "Role" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTThingsGraph::FlowTemplate" + "AWS::GuardDuty::MalwareProtectionPlan" ], "type": "string" }, @@ -130467,23 +137763,98 @@ ], "type": "object" }, - "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { + "AWS::GuardDuty::MalwareProtectionPlan.CFNActions": { "additionalProperties": false, "properties": { - "Language": { + "Tagging": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNTagging", + "markdownDescription": "Contains information about tagging status of the Malware Protection plan resource.", + "title": "Tagging" + } + }, + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan.CFNProtectedResource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.S3Bucket", + "markdownDescription": "Information about the protected S3 bucket resource.", + "title": "S3Bucket" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan.CFNStatusReasons": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The status code of the Malware Protection plan. For more information, see [Malware Protection plan resource status](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection-s3-bucket-status-gdu.html) in the *GuardDuty User Guide* .", + "title": "Code", "type": "string" }, - "Text": { + "Message": { + "markdownDescription": "Issue message that specifies the reason. For information about potential troubleshooting steps, see [Troubleshooting Malware Protection for S3 status issues](https://docs.aws.amazon.com/guardduty/latest/ug/troubleshoot-s3-malware-protection-status-errors.html) in the *Amazon GuardDuty User Guide* .", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan.CFNTagging": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Indicates whether or not you chose GuardDuty to add a predefined tag to the scanned S3 object.\n\nPotential values include `ENABLED` and `DISABLED` . These values are case-sensitive.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan.S3Bucket": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "Name of the S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "ObjectPrefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the specified object prefixes. An S3 object will be scanned only if it belongs to any of the specified object prefixes.", + "title": "ObjectPrefixes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, "required": [ - "Language", - "Text" + "Key", + "Value" ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType": { + "AWS::GuardDuty::Master": { "additionalProperties": false, "properties": { "Condition": { @@ -130518,99 +137889,123 @@ "Properties": { "additionalProperties": false, "properties": { - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty member account.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "CompositeComponentTypes": { - "additionalProperties": false, - "markdownDescription": "Maps strings to `compositeComponentTypes` of the `componentType` . `CompositeComponentType` is referenced by `componentTypeId` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.CompositeComponentType" - } - }, - "title": "CompositeComponentTypes", - "type": "object" + "InvitationId": { + "markdownDescription": "The ID of the invitation that is sent to the account designated as a member account. You can find the invitation ID by running the [ListInvitations](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html) in the *GuardDuty API Reference* .", + "title": "InvitationId", + "type": "string" }, - "Description": { - "markdownDescription": "The description of the component type.", - "title": "Description", + "MasterId": { + "markdownDescription": "The AWS account ID of the account designated as the GuardDuty administrator account.", + "title": "MasterId", + "type": "string" + } + }, + "required": [ + "DetectorId", + "MasterId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::GuardDuty::Master" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::GuardDuty::Member": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "ExtendsFrom": { + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "The name of the parent component type that this component type extends.", - "title": "ExtendsFrom", "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DetectorId": { + "markdownDescription": "The ID of the detector associated with the GuardDuty service to add the member to.", + "title": "DetectorId", + "type": "string" }, - "Functions": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the functions in the component type. Each string in the mapping must be unique to this object.\n\nFor information on the FunctionResponse object see the [FunctionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_FunctionResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Function" - } - }, - "title": "Functions", - "type": "object" - }, - "IsSingleton": { - "markdownDescription": "A boolean value that specifies whether an entity can have more than one component of this type.", - "title": "IsSingleton", + "DisableEmailNotification": { + "markdownDescription": "Specifies whether or not to disable email notification for the member account that you invite.", + "title": "DisableEmailNotification", "type": "boolean" }, - "PropertyDefinitions": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property definitions in the component type. Each string in the mapping must be unique to this object.\n\nFor information about the PropertyDefinitionResponse object, see the [PropertyDefinitionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_PropertyDefinitionResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyDefinition" - } - }, - "title": "PropertyDefinitions", - "type": "object" + "Email": { + "markdownDescription": "The email address associated with the member account.", + "title": "Email", + "type": "string" }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyGroup" - } - }, - "title": "PropertyGroups", - "type": "object" + "MemberId": { + "markdownDescription": "The AWS account ID of the account to designate as a member.", + "title": "MemberId", + "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The ComponentType tags.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "Message": { + "markdownDescription": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members.", + "title": "Message", + "type": "string" }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the component type.", - "title": "WorkspaceId", + "Status": { + "markdownDescription": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited.", + "title": "Status", "type": "string" } }, "required": [ - "ComponentTypeId", - "WorkspaceId" + "Email" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::ComponentType" + "AWS::GuardDuty::Member" ], "type": "string" }, @@ -130629,299 +138024,7 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.CompositeComponentType": { - "additionalProperties": false, - "properties": { - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.DataConnector": { - "additionalProperties": false, - "properties": { - "IsNative": { - "markdownDescription": "A boolean value that specifies whether the data connector is native to IoT TwinMaker.", - "title": "IsNative", - "type": "boolean" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.LambdaFunction", - "markdownDescription": "The Lambda function associated with the data connector.", - "title": "Lambda" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.DataType": { - "additionalProperties": false, - "properties": { - "AllowedValues": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - }, - "markdownDescription": "The allowed values for this data type.", - "title": "AllowedValues", - "type": "array" - }, - "NestedType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", - "markdownDescription": "The nested type in the data type.", - "title": "NestedType" - }, - "Relationship": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Relationship", - "markdownDescription": "A relationship that associates a component with another component.", - "title": "Relationship" - }, - "Type": { - "markdownDescription": "The underlying type of the data type.\n\nValid Values: `RELATIONSHIP | STRING | LONG | BOOLEAN | INTEGER | DOUBLE | LIST | MAP`", - "title": "Type", - "type": "string" - }, - "UnitOfMeasure": { - "markdownDescription": "The unit of measure used in this data type.", - "title": "UnitOfMeasure", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.DataValue": { - "additionalProperties": false, - "properties": { - "BooleanValue": { - "markdownDescription": "A boolean value.", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "A double value.", - "title": "DoubleValue", - "type": "number" - }, - "Expression": { - "markdownDescription": "An expression that produces the value.", - "title": "Expression", - "type": "string" - }, - "IntegerValue": { - "markdownDescription": "An integer value.", - "title": "IntegerValue", - "type": "number" - }, - "ListValue": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - }, - "markdownDescription": "A list of multiple values.", - "title": "ListValue", - "type": "array" - }, - "LongValue": { - "markdownDescription": "A long value.", - "title": "LongValue", - "type": "number" - }, - "MapValue": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to multiple `DataValue` objects.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - } - }, - "title": "MapValue", - "type": "object" - }, - "RelationshipValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.RelationshipValue", - "markdownDescription": "A value that relates a component to another component.", - "title": "RelationshipValue" - }, - "StringValue": { - "markdownDescription": "A string value.", - "title": "StringValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.Error": { - "additionalProperties": false, - "properties": { - "Code": { - "markdownDescription": "The component type error code.", - "title": "Code", - "type": "string" - }, - "Message": { - "markdownDescription": "The component type error message.", - "title": "Message", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.Function": { - "additionalProperties": false, - "properties": { - "ImplementedBy": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataConnector", - "markdownDescription": "The data connector.", - "title": "ImplementedBy" - }, - "RequiredProperties": { - "items": { - "type": "string" - }, - "markdownDescription": "The required properties of the function.", - "title": "RequiredProperties", - "type": "array" - }, - "Scope": { - "markdownDescription": "The scope of the function.", - "title": "Scope", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.LambdaFunction": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Lambda function ARN.", - "title": "Arn", - "type": "string" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.PropertyDefinition": { - "additionalProperties": false, - "properties": { - "Configurations": { - "additionalProperties": true, - "markdownDescription": "A mapping that specifies configuration information about the property.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Configurations", - "type": "object" - }, - "DataType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", - "markdownDescription": "", - "title": "DataType" - }, - "DefaultValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue", - "markdownDescription": "A boolean value that specifies whether the property ID comes from an external data store.", - "title": "DefaultValue" - }, - "IsExternalId": { - "markdownDescription": "A Boolean value that specifies whether the property ID comes from an external data source.", - "title": "IsExternalId", - "type": "boolean" - }, - "IsRequiredInEntity": { - "markdownDescription": "A boolean value that specifies whether the property is required in an entity.", - "title": "IsRequiredInEntity", - "type": "boolean" - }, - "IsStoredExternally": { - "markdownDescription": "A boolean value that specifies whether the property is stored externally.", - "title": "IsStoredExternally", - "type": "boolean" - }, - "IsTimeSeries": { - "markdownDescription": "A boolean value that specifies whether the property consists of time series data.", - "title": "IsTimeSeries", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.PropertyGroup": { - "additionalProperties": false, - "properties": { - "GroupType": { - "markdownDescription": "The group type.", - "title": "GroupType", - "type": "string" - }, - "PropertyNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The property names.", - "title": "PropertyNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.Relationship": { - "additionalProperties": false, - "properties": { - "RelationshipType": { - "markdownDescription": "The type of the relationship.", - "title": "RelationshipType", - "type": "string" - }, - "TargetComponentTypeId": { - "markdownDescription": "The ID of the target component type associated with this relationship.", - "title": "TargetComponentTypeId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.RelationshipValue": { - "additionalProperties": false, - "properties": { - "TargetComponentName": { - "markdownDescription": "The target component name.", - "title": "TargetComponentName", - "type": "string" - }, - "TargetEntityId": { - "markdownDescription": "The target entity Id.", - "title": "TargetEntityId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.Status": { - "additionalProperties": false, - "properties": { - "Error": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Error", - "markdownDescription": "The component type error.", - "title": "Error" - }, - "State": { - "markdownDescription": "The component type status state.", - "title": "State", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity": { + "AWS::GuardDuty::PublishingDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -130956,74 +138059,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the components in the entity. Each string in the mapping must be unique to this object.\n\nFor information on the component object see the [component](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_ComponentResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Component" - } - }, - "title": "Components", - "type": "object" - }, - "CompositeComponents": { - "additionalProperties": false, - "markdownDescription": "Maps string to `compositeComponent` updates in the request. Each key of the map represents the `componentPath` of the `compositeComponent` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.CompositeComponent" - } - }, - "title": "CompositeComponents", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the entity.", - "title": "Description", - "type": "string" - }, - "EntityId": { - "markdownDescription": "The ID of the entity.", - "title": "EntityId", - "type": "string" + "DestinationProperties": { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination.CFNDestinationProperties", + "markdownDescription": "Contains the Amazon Resource Name (ARN) of the resource to publish to, such as an S3 bucket, and the ARN of the KMS key to use to encrypt published findings.", + "title": "DestinationProperties" }, - "EntityName": { - "markdownDescription": "The entity name.", - "title": "EntityName", + "DestinationType": { + "markdownDescription": "The type of publishing destination. GuardDuty supports Amazon S3 buckets as a publishing destination.", + "title": "DestinationType", "type": "string" }, - "ParentEntityId": { - "markdownDescription": "The ID of the parent entity.", - "title": "ParentEntityId", + "DetectorId": { + "markdownDescription": "The ID of the GuardDuty detector where the publishing destination exists.", + "title": "DetectorId", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can use to manage the entity.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination.TagItem" }, + "markdownDescription": "Describes a tag.", "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the entity.", - "title": "WorkspaceId", - "type": "string" + "type": "array" } }, "required": [ - "EntityName", - "WorkspaceId" + "DestinationProperties", + "DestinationType", + "DetectorId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Entity" + "AWS::GuardDuty::PublishingDestination" ], "type": "string" }, @@ -131042,368 +138111,43 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::Entity.Component": { - "additionalProperties": false, - "properties": { - "ComponentName": { - "markdownDescription": "The name of the component.", - "title": "ComponentName", - "type": "string" - }, - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", - "type": "string" - }, - "DefinedIn": { - "markdownDescription": "The name of the property definition set in the request.", - "title": "DefinedIn", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the component.", - "title": "Description", - "type": "string" - }, - "Properties": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" - } - }, - "title": "Properties", - "type": "object" - }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" - } - }, - "title": "PropertyGroups", - "type": "object" - }, - "Status": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", - "markdownDescription": "The status of the component.", - "title": "Status" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.CompositeComponent": { - "additionalProperties": false, - "properties": { - "ComponentName": { - "markdownDescription": "The name of the component.", - "title": "ComponentName", - "type": "string" - }, - "ComponentPath": { - "markdownDescription": "The path to the composite component, starting from the top-level component.", - "title": "ComponentPath", - "type": "string" - }, - "ComponentTypeId": { - "markdownDescription": "The ID of the composite component type.", - "title": "ComponentTypeId", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the component type.", - "title": "Description", - "type": "string" - }, - "Properties": { - "additionalProperties": false, - "markdownDescription": "Map of strings to the properties in the component type. Each string in the mapping must be unique to this component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" - } - }, - "title": "Properties", - "type": "object" - }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "The property groups.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" - } - }, - "title": "PropertyGroups", - "type": "object" - }, - "Status": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", - "markdownDescription": "The current status of the composite component.", - "title": "Status" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.DataType": { - "additionalProperties": false, - "properties": { - "AllowedValues": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - }, - "markdownDescription": "The allowed values.", - "title": "AllowedValues", - "type": "array" - }, - "NestedType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", - "markdownDescription": "The nested type.", - "title": "NestedType" - }, - "Relationship": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Relationship", - "markdownDescription": "The relationship.", - "title": "Relationship" - }, - "Type": { - "markdownDescription": "The entity type.", - "title": "Type", - "type": "string" - }, - "UnitOfMeasure": { - "markdownDescription": "The unit of measure.", - "title": "UnitOfMeasure", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.DataValue": { + "AWS::GuardDuty::PublishingDestination.CFNDestinationProperties": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "A boolean value.", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "A double value.", - "title": "DoubleValue", - "type": "number" - }, - "Expression": { - "markdownDescription": "An expression that produces the value.", - "title": "Expression", + "DestinationArn": { + "markdownDescription": "The ARN of the resource where the findings are published.", + "title": "DestinationArn", "type": "string" }, - "IntegerValue": { - "markdownDescription": "An integer value.", - "title": "IntegerValue", - "type": "number" - }, - "ListValue": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - }, - "markdownDescription": "A list of multiple values.", - "title": "ListValue", - "type": "array" - }, - "LongValue": { - "markdownDescription": "A long value.", - "title": "LongValue", - "type": "number" - }, - "MapValue": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to multiple DataValue objects.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - } - }, - "title": "MapValue", - "type": "object" - }, - "RelationshipValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.RelationshipValue", - "markdownDescription": "A value that relates a component to another component.", - "title": "RelationshipValue" - }, - "StringValue": { - "markdownDescription": "A string value.", - "title": "StringValue", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key to use for encryption.", + "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, - "AWS::IoTTwinMaker::Entity.Definition": { - "additionalProperties": false, - "properties": { - "Configuration": { - "additionalProperties": true, - "markdownDescription": "The configuration.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Configuration", - "type": "object" - }, - "DataType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", - "markdownDescription": "The data type", - "title": "DataType" - }, - "DefaultValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", - "markdownDescription": "The default value.", - "title": "DefaultValue" - }, - "IsExternalId": { - "markdownDescription": "Displays if the entity has a external Id.", - "title": "IsExternalId", - "type": "boolean" - }, - "IsFinal": { - "markdownDescription": "Displays if the entity is final.", - "title": "IsFinal", - "type": "boolean" - }, - "IsImported": { - "markdownDescription": "Displays if the entity is imported.", - "title": "IsImported", - "type": "boolean" - }, - "IsInherited": { - "markdownDescription": "Displays if the entity is inherited.", - "title": "IsInherited", - "type": "boolean" - }, - "IsRequiredInEntity": { - "markdownDescription": "Displays if the entity is a required entity.", - "title": "IsRequiredInEntity", - "type": "boolean" - }, - "IsStoredExternally": { - "markdownDescription": "Displays if the entity is tored externally.", - "title": "IsStoredExternally", - "type": "boolean" - }, - "IsTimeSeries": { - "markdownDescription": "Displays if the entity", - "title": "IsTimeSeries", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.Error": { + "AWS::GuardDuty::PublishingDestination.TagItem": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The entity error code.", - "title": "Code", - "type": "string" - }, - "Message": { - "markdownDescription": "The entity error message.", - "title": "Message", + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.Property": { - "additionalProperties": false, - "properties": { - "Definition": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Definition", - "markdownDescription": "An object that specifies information about a property.", - "title": "Definition" }, "Value": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", - "markdownDescription": "An object that contains information about a value for a time series property.", - "title": "Value" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.PropertyGroup": { - "additionalProperties": false, - "properties": { - "GroupType": { - "markdownDescription": "The group type.", - "title": "GroupType", - "type": "string" - }, - "PropertyNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The property names.", - "title": "PropertyNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.Relationship": { - "additionalProperties": false, - "properties": { - "RelationshipType": { - "markdownDescription": "The relationship type.", - "title": "RelationshipType", - "type": "string" - }, - "TargetComponentTypeId": { - "markdownDescription": "the component type Id target.", - "title": "TargetComponentTypeId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.RelationshipValue": { - "additionalProperties": false, - "properties": { - "TargetComponentName": { - "markdownDescription": "The target component name.", - "title": "TargetComponentName", - "type": "string" - }, - "TargetEntityId": { - "markdownDescription": "The target entity Id.", - "title": "TargetEntityId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.Status": { - "additionalProperties": false, - "properties": { - "Error": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Error", - "markdownDescription": "The error message.", - "title": "Error" - }, - "State": { - "markdownDescription": "The current state of the entity, component, component type, or workspace.\n\nValid Values: `CREATING | UPDATING | DELETING | ACTIVE | ERROR`", - "title": "State", + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::IoTTwinMaker::Scene": { + "AWS::GuardDuty::ThreatIntelSet": { "additionalProperties": false, "properties": { "Condition": { @@ -131438,67 +138182,54 @@ "Properties": { "additionalProperties": false, "properties": { - "Capabilities": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of capabilities that the scene uses to render.", - "title": "Capabilities", - "type": "array" + "Activate": { + "markdownDescription": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", + "title": "Activate", + "type": "boolean" }, - "ContentLocation": { - "markdownDescription": "The relative path that specifies the location of the content definition file.", - "title": "ContentLocation", + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create a `ThreatIntelSet` .\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "Description": { - "markdownDescription": "The description of this scene.", - "title": "Description", + "ExpectedBucketOwner": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", + "title": "ExpectedBucketOwner", "type": "string" }, - "SceneId": { - "markdownDescription": "The ID of the scene.", - "title": "SceneId", + "Format": { + "markdownDescription": "The format of the file that contains the ThreatIntelSet.", + "title": "Format", "type": "string" }, - "SceneMetadata": { - "additionalProperties": true, - "markdownDescription": "The scene metadata.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "SceneMetadata", - "type": "object" + "Location": { + "markdownDescription": "The URI of the file that contains the ThreatIntelSet.", + "title": "Location", + "type": "string" + }, + "Name": { + "markdownDescription": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", + "title": "Name", + "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The ComponentType tags.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet.TagItem" }, + "markdownDescription": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace.", - "title": "WorkspaceId", - "type": "string" + "type": "array" } }, "required": [ - "ContentLocation", - "SceneId", - "WorkspaceId" + "Format", + "Location" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Scene" + "AWS::GuardDuty::ThreatIntelSet" ], "type": "string" }, @@ -131517,97 +138248,27 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::SyncJob": { + "AWS::GuardDuty::ThreatIntelSet.TagItem": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "SyncRole": { - "markdownDescription": "The SyncJob IAM role. This IAM role is used by the sync job to read from the syncSource, and create, update or delete the corresponding resources.", - "title": "SyncRole", - "type": "string" - }, - "SyncSource": { - "markdownDescription": "The sync source.\n\n> Currently the only supported syncSoucre is `SITEWISE` .", - "title": "SyncSource", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata you can use to manage the SyncJob.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the sync job.", - "title": "WorkspaceId", - "type": "string" - } - }, - "required": [ - "SyncRole", - "SyncSource", - "WorkspaceId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoTTwinMaker::SyncJob" - ], + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key", + "Value" ], "type": "object" }, - "AWS::IoTTwinMaker::Workspace": { + "AWS::HealthImaging::Datastore": { "additionalProperties": false, "properties": { "Condition": { @@ -131642,24 +138303,19 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the workspace.", - "title": "Description", - "type": "string" - }, - "Role": { - "markdownDescription": "The ARN of the execution role associated with the workspace.", - "title": "Role", + "DatastoreName": { + "markdownDescription": "The data store name.", + "title": "DatastoreName", "type": "string" }, - "S3Location": { - "markdownDescription": "The ARN of the S3 bucket where resources associated with the workspace are stored.", - "title": "S3Location", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data.", + "title": "KmsKeyArn", "type": "string" }, "Tags": { "additionalProperties": true, - "markdownDescription": "Metadata that you can use to manage the workspace.", + "markdownDescription": "The tags provided when creating a data store.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -131667,23 +138323,13 @@ }, "title": "Tags", "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace.", - "title": "WorkspaceId", - "type": "string" } }, - "required": [ - "Role", - "S3Location", - "WorkspaceId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Workspace" + "AWS::HealthImaging::Datastore" ], "type": "string" }, @@ -131697,12 +138343,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTWireless::Destination": { + "AWS::HealthLake::FHIRDatastore": { "additionalProperties": false, "properties": { "Condition": { @@ -131737,50 +138382,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the new resource. Maximum length is 2048 characters.", - "title": "Description", + "DatastoreName": { + "markdownDescription": "The data store name (user-generated).", + "title": "DatastoreName", "type": "string" }, - "Expression": { - "markdownDescription": "The rule name to send messages to.", - "title": "Expression", + "DatastoreTypeVersion": { + "markdownDescription": "The FHIR release version supported by the data store. Current support is for version `R4` .", + "title": "DatastoreTypeVersion", "type": "string" }, - "ExpressionType": { - "markdownDescription": "The type of value in `Expression` .", - "title": "ExpressionType", - "type": "string" + "IdentityProviderConfiguration": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration", + "markdownDescription": "The identity provider configuration selected when the data store was created.", + "title": "IdentityProviderConfiguration" }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", - "type": "string" + "PreloadDataConfig": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.PreloadDataConfig", + "markdownDescription": "The preloaded Synthea data configuration for the data store.", + "title": "PreloadDataConfig" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM Role that authorizes the destination.", - "title": "RoleArn", - "type": "string" + "SseConfiguration": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.SseConfiguration", + "markdownDescription": "The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.", + "title": "SseConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "Expression", - "ExpressionType", - "Name" + "DatastoreTypeVersion" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::Destination" + "AWS::HealthLake::FHIRDatastore" ], "type": "string" }, @@ -131799,10 +138442,106 @@ ], "type": "object" }, - "AWS::IoTWireless::DeviceProfile": { + "AWS::HealthLake::FHIRDatastore.CreatedAt": { "additionalProperties": false, "properties": { - "Condition": { + "Nanos": { + "markdownDescription": "", + "title": "Nanos", + "type": "number" + }, + "Seconds": { + "markdownDescription": "", + "title": "Seconds", + "type": "string" + } + }, + "required": [ + "Nanos", + "Seconds" + ], + "type": "object" + }, + "AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationStrategy": { + "markdownDescription": "The authorization strategy selected when the HealthLake data store is created.\n\n> HealthLake provides support for both SMART on FHIR V1 and V2 as described below.\n> \n> - `SMART_ON_FHIR_V1` \u2013 Support for only SMART on FHIR V1, which includes `read` (read/search) and `write` (create/update/delete) permissions.\n> - `SMART_ON_FHIR` \u2013 Support for both SMART on FHIR V1 and V2, which includes `create` , `read` , `update` , `delete` , and `search` permissions.\n> - `AWS_AUTH` \u2013 The default HealthLake authorization strategy; not affiliated with SMART on FHIR.", + "title": "AuthorizationStrategy", + "type": "string" + }, + "FineGrainedAuthorizationEnabled": { + "markdownDescription": "The parameter to enable SMART on FHIR fine-grained authorization for the data store.", + "title": "FineGrainedAuthorizationEnabled", + "type": "boolean" + }, + "IdpLambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.", + "title": "IdpLambdaArn", + "type": "string" + }, + "Metadata": { + "markdownDescription": "The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see [Metadata](https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata) in SMART's App Launch specification.\n\n`authorization_endpoint` : The URL to the OAuth2 authorization endpoint.\n\n`grant_types_supported` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are `authorization_code` and `client_credentials` .\n\n`token_endpoint` : The URL to the OAuth2 token endpoint.\n\n`capabilities` : An array of strings of the SMART capabilities that the authorization server supports.\n\n`code_challenge_methods_supported` : An array of strings of supported PKCE code challenge methods. You must include the `S256` method in the array of PKCE code challenge methods.", + "title": "Metadata", + "type": "string" + } + }, + "required": [ + "AuthorizationStrategy" + ], + "type": "object" + }, + "AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig": { + "additionalProperties": false, + "properties": { + "CmkType": { + "markdownDescription": "The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see [KmsEncryptionConfig](https://docs.aws.amazon.com/healthlake/latest/APIReference/API_KmsEncryptionConfig.html#HealthLake-Type-KmsEncryptionConfig-CmkType) .", + "title": "CmkType", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.", + "title": "KmsKeyId", + "type": "string" + } + }, + "required": [ + "CmkType" + ], + "type": "object" + }, + "AWS::HealthLake::FHIRDatastore.PreloadDataConfig": { + "additionalProperties": false, + "properties": { + "PreloadDataType": { + "markdownDescription": "The type of preloaded data. Only Synthea preloaded data is supported.", + "title": "PreloadDataType", + "type": "string" + } + }, + "required": [ + "PreloadDataType" + ], + "type": "object" + }, + "AWS::HealthLake::FHIRDatastore.SseConfiguration": { + "additionalProperties": false, + "properties": { + "KmsEncryptionConfig": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig", + "markdownDescription": "The server-side encryption key configuration for a customer provided encryption key.", + "title": "KmsEncryptionConfig" + } + }, + "required": [ + "KmsEncryptionConfig" + ], + "type": "object" + }, + "AWS::IAM::AccessKey": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -131834,30 +138573,30 @@ "Properties": { "additionalProperties": false, "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile", - "markdownDescription": "LoRaWAN device profile object.", - "title": "LoRaWAN" + "Serial": { + "markdownDescription": "This value is specific to CloudFormation and can only be *incremented* . Incrementing this value notifies CloudFormation that you want to rotate your access key. When you update your stack, CloudFormation will replace the existing access key with a new key.", + "title": "Serial", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", + "Status": { + "markdownDescription": "The status of the access key. `Active` means that the key is valid for API calls, while `Inactive` means it is not.", + "title": "Status", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", - "type": "array" + "UserName": { + "markdownDescription": "The name of the IAM user that the new key will belong to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "UserName", + "type": "string" } }, + "required": [ + "UserName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::DeviceProfile" + "AWS::IAM::AccessKey" ], "type": "string" }, @@ -131871,115 +138610,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { - "additionalProperties": false, - "properties": { - "ClassBTimeout": { - "markdownDescription": "The ClassBTimeout value.", - "title": "ClassBTimeout", - "type": "number" - }, - "ClassCTimeout": { - "markdownDescription": "The ClassCTimeout value.", - "title": "ClassCTimeout", - "type": "number" - }, - "FactoryPresetFreqsList": { - "items": { - "type": "number" - }, - "markdownDescription": "The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000.", - "title": "FactoryPresetFreqsList", - "type": "array" - }, - "MacVersion": { - "markdownDescription": "The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile.", - "title": "MacVersion", - "type": "string" - }, - "MaxDutyCycle": { - "markdownDescription": "The MaxDutyCycle value.", - "title": "MaxDutyCycle", - "type": "number" - }, - "MaxEirp": { - "markdownDescription": "The MaxEIRP value.", - "title": "MaxEirp", - "type": "number" - }, - "PingSlotDr": { - "markdownDescription": "The PingSlotDR value.", - "title": "PingSlotDr", - "type": "number" - }, - "PingSlotFreq": { - "markdownDescription": "The PingSlotFreq value.", - "title": "PingSlotFreq", - "type": "number" - }, - "PingSlotPeriod": { - "markdownDescription": "The PingSlotPeriod value.", - "title": "PingSlotPeriod", - "type": "number" - }, - "RegParamsRevision": { - "markdownDescription": "The version of regional parameters.", - "title": "RegParamsRevision", - "type": "string" - }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", - "type": "string" - }, - "RxDataRate2": { - "markdownDescription": "The RXDataRate2 value.", - "title": "RxDataRate2", - "type": "number" - }, - "RxDelay1": { - "markdownDescription": "The RXDelay1 value.", - "title": "RxDelay1", - "type": "number" - }, - "RxDrOffset1": { - "markdownDescription": "The RXDROffset1 value.", - "title": "RxDrOffset1", - "type": "number" - }, - "RxFreq2": { - "markdownDescription": "The RXFreq2 value.", - "title": "RxFreq2", - "type": "number" - }, - "Supports32BitFCnt": { - "markdownDescription": "The Supports32BitFCnt value.", - "title": "Supports32BitFCnt", - "type": "boolean" - }, - "SupportsClassB": { - "markdownDescription": "The SupportsClassB value.", - "title": "SupportsClassB", - "type": "boolean" - }, - "SupportsClassC": { - "markdownDescription": "The SupportsClassC value.", - "title": "SupportsClassC", - "type": "boolean" - }, - "SupportsJoin": { - "markdownDescription": "The SupportsJoin value.", - "title": "SupportsJoin", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTWireless::FuotaTask": { + "AWS::IAM::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -132014,70 +138650,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociateMulticastGroup": { - "markdownDescription": "The ID of the multicast group to associate with a FUOTA task.", - "title": "AssociateMulticastGroup", - "type": "string" - }, - "AssociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to associate with a multicast group.", - "title": "AssociateWirelessDevice", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the new resource.", - "title": "Description", - "type": "string" - }, - "DisassociateMulticastGroup": { - "markdownDescription": "The ID of the multicast group to disassociate from a FUOTA task.", - "title": "DisassociateMulticastGroup", - "type": "string" - }, - "DisassociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to disassociate from a FUOTA task.", - "title": "DisassociateWirelessDevice", - "type": "string" - }, - "FirmwareUpdateImage": { - "markdownDescription": "The S3 URI points to a firmware update image that is to be used with a FUOTA task.", - "title": "FirmwareUpdateImage", - "type": "string" - }, - "FirmwareUpdateRole": { - "markdownDescription": "The firmware update role that is to be used with a FUOTA task.", - "title": "FirmwareUpdateRole", + "GroupName": { + "markdownDescription": "The name of the group to create. Do not include the path in this value.\n\nThe group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "GroupName", "type": "string" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::FuotaTask.LoRaWAN", - "markdownDescription": "The LoRaWAN information used with a FUOTA task.", - "title": "LoRaWAN" + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", + "type": "array" }, - "Name": { - "markdownDescription": "The name of a FUOTA task.", - "title": "Name", + "Path": { + "markdownDescription": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", "type": "string" }, - "Tags": { + "Policies": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::IAM::Group.Policy" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an IAM Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group) .\n\n> The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a group, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", + "title": "Policies", "type": "array" } }, - "required": [ - "FirmwareUpdateImage", - "FirmwareUpdateRole", - "LoRaWAN" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::FuotaTask" + "AWS::IAM::Group" ], "type": "string" }, @@ -132091,31 +138695,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTWireless::FuotaTask.LoRaWAN": { + "AWS::IAM::Group.Policy": { "additionalProperties": false, "properties": { - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The policy document.", + "title": "PolicyDocument", + "type": "object" }, - "StartTime": { - "markdownDescription": "Start time of a FUOTA task.", - "title": "StartTime", + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", "type": "string" } }, "required": [ - "RfRegion" + "PolicyDocument", + "PolicyName" ], "type": "object" }, - "AWS::IoTWireless::MulticastGroup": { + "AWS::IAM::GroupPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -132150,48 +138754,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to associate with a multicast group.", - "title": "AssociateWirelessDevice", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the multicast group.", - "title": "Description", - "type": "string" - }, - "DisassociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to disassociate from a multicast group.", - "title": "DisassociateWirelessDevice", + "GroupName": { + "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", + "title": "GroupName", "type": "string" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::MulticastGroup.LoRaWAN", - "markdownDescription": "The LoRaWAN information that is to be used with the multicast group.", - "title": "LoRaWAN" + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the multicast group.", - "title": "Name", + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", - "type": "array" } }, "required": [ - "LoRaWAN" + "GroupName", + "PolicyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::MulticastGroup" + "AWS::IAM::GroupPolicy" ], "type": "string" }, @@ -132210,37 +138797,87 @@ ], "type": "object" }, - "AWS::IoTWireless::MulticastGroup.LoRaWAN": { + "AWS::IAM::InstanceProfile": { "additionalProperties": false, "properties": { - "DlClass": { - "markdownDescription": "DlClass for LoRaWAN. Valid values are ClassB and ClassC.", - "title": "DlClass", + "Condition": { "type": "string" }, - "NumberOfDevicesInGroup": { - "markdownDescription": "Number of devices that are associated to the multicast group.", - "title": "NumberOfDevicesInGroup", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "NumberOfDevicesRequested": { - "markdownDescription": "Number of devices that are requested to be associated with the multicast group.", - "title": "NumberOfDevicesRequested", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceProfileName": { + "markdownDescription": "The name of the instance profile to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "InstanceProfileName", + "type": "string" + }, + "Path": { + "markdownDescription": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", + "type": "string" + }, + "Roles": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions.", + "title": "Roles", + "type": "array" + } + }, + "required": [ + "Roles" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::InstanceProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DlClass", - "RfRegion" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTWireless::NetworkAnalyzerConfiguration": { + "AWS::IAM::ManagedPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -132276,53 +138913,58 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the resource.", + "markdownDescription": "A friendly description of the policy.\n\nTypically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n\nThe policy description is immutable. After a value is assigned, it cannot be changed.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "Name of the network analyzer configuration.", - "title": "Name", - "type": "string" - }, - "Tags": { + "Groups": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags to attach to the specified resource. Tags are metadata that you can use to manage a resource.", - "title": "Tags", + "markdownDescription": "The name (friendly name, not ARN) of the group to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Groups", "type": "array" }, - "TraceContent": { - "$ref": "#/definitions/AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent", - "markdownDescription": "Trace content for your wireless gateway and wireless device resources.", - "title": "TraceContent" + "ManagedPolicyName": { + "markdownDescription": "The friendly name of the policy.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "ManagedPolicyName", + "type": "string" }, - "WirelessDevices": { + "Path": { + "markdownDescription": "The path for the policy.\n\nFor more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> You cannot use an asterisk (*) in the path name.", + "title": "Path", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "The JSON policy document that you want to use as the content for the new policy.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and AWS STS character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length) .\n\nTo learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide* .\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "Roles": { "items": { "type": "string" }, - "markdownDescription": "Wireless device resources to add to the network analyzer configuration. Provide the `WirelessDeviceId` of the resource to add in the input array.", - "title": "WirelessDevices", + "markdownDescription": "The name (friendly name, not ARN) of the role to attach the policy to.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Roles", "type": "array" }, - "WirelessGateways": { + "Users": { "items": { "type": "string" }, - "markdownDescription": "Wireless gateway resources to add to the network analyzer configuration. Provide the `WirelessGatewayId` of the resource to add in the input array.", - "title": "WirelessGateways", + "markdownDescription": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Users", "type": "array" } }, "required": [ - "Name" + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::NetworkAnalyzerConfiguration" + "AWS::IAM::ManagedPolicy" ], "type": "string" }, @@ -132341,23 +138983,7 @@ ], "type": "object" }, - "AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent": { - "additionalProperties": false, - "properties": { - "LogLevel": { - "markdownDescription": "The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs", - "title": "LogLevel", - "type": "string" - }, - "WirelessDeviceFrameInfo": { - "markdownDescription": "`FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server.", - "title": "WirelessDeviceFrameInfo", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::PartnerAccount": { + "AWS::IAM::OIDCProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -132392,50 +139018,41 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountLinked": { - "markdownDescription": "Whether the partner account is linked to the AWS account.", - "title": "AccountLinked", - "type": "boolean" - }, - "PartnerAccountId": { - "markdownDescription": "The ID of the partner account to update.", - "title": "PartnerAccountId", - "type": "string" - }, - "PartnerType": { - "markdownDescription": "The partner type.", - "title": "PartnerType", - "type": "string" - }, - "Sidewalk": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo", - "markdownDescription": "The Sidewalk account credentials.", - "title": "Sidewalk" - }, - "SidewalkResponse": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint", - "markdownDescription": "Information about a Sidewalk account.", - "title": "SidewalkResponse" - }, - "SidewalkUpdate": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount", - "markdownDescription": "Sidewalk update.", - "title": "SidewalkUpdate" + "ClientIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", + "title": "ClientIdList", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", "title": "Tags", "type": "array" + }, + "ThumbprintList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .\n\nThis property is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate.", + "title": "ThumbprintList", + "type": "array" + }, + "Url": { + "markdownDescription": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", + "title": "Url", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::PartnerAccount" + "AWS::IAM::OIDCProvider" ], "type": "string" }, @@ -132453,53 +139070,7 @@ ], "type": "object" }, - "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo": { - "additionalProperties": false, - "properties": { - "AppServerPrivateKey": { - "markdownDescription": "The Sidewalk application server private key. The application server private key is a secret key, which you should handle in a similar way as you would an application password. You can protect the application server private key by storing the value in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppServerPrivateKey", - "type": "string" - } - }, - "required": [ - "AppServerPrivateKey" - ], - "type": "object" - }, - "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint": { - "additionalProperties": false, - "properties": { - "AmazonId": { - "markdownDescription": "The Sidewalk Amazon ID.", - "title": "AmazonId", - "type": "string" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" - }, - "Fingerprint": { - "markdownDescription": "The fingerprint of the Sidewalk application server private key.", - "title": "Fingerprint", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount": { - "additionalProperties": false, - "properties": { - "AppServerPrivateKey": { - "markdownDescription": "The new Sidewalk application server private key.", - "title": "AppServerPrivateKey", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::ServiceProfile": { + "AWS::IAM::Policy": { "additionalProperties": false, "properties": { "Condition": { @@ -132534,30 +139105,50 @@ "Properties": { "additionalProperties": false, "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile", - "markdownDescription": "LoRaWAN service profile object.", - "title": "LoRaWAN" + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", + "title": "Groups", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", "type": "string" }, - "Tags": { + "Roles": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", + "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Roles", + "type": "array" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Users", "type": "array" } }, + "required": [ + "PolicyDocument", + "PolicyName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::ServiceProfile" + "AWS::IAM::Policy" ], "type": "string" }, @@ -132571,112 +139162,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile": { - "additionalProperties": false, - "properties": { - "AddGwMetadata": { - "markdownDescription": "The AddGWMetaData value.", - "title": "AddGwMetadata", - "type": "boolean" - }, - "ChannelMask": { - "markdownDescription": "The ChannelMask value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ChannelMask", - "type": "string" - }, - "DevStatusReqFreq": { - "markdownDescription": "The DevStatusReqFreq value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DevStatusReqFreq", - "type": "number" - }, - "DlBucketSize": { - "markdownDescription": "The DLBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlBucketSize", - "type": "number" - }, - "DlRate": { - "markdownDescription": "The DLRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlRate", - "type": "number" - }, - "DlRatePolicy": { - "markdownDescription": "The DLRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlRatePolicy", - "type": "string" - }, - "DrMax": { - "markdownDescription": "The DRMax value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DrMax", - "type": "number" - }, - "DrMin": { - "markdownDescription": "The DRMin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DrMin", - "type": "number" - }, - "HrAllowed": { - "markdownDescription": "The HRAllowed value that describes whether handover roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "HrAllowed", - "type": "boolean" - }, - "MinGwDiversity": { - "markdownDescription": "The MinGwDiversity value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "MinGwDiversity", - "type": "number" - }, - "NwkGeoLoc": { - "markdownDescription": "The NwkGeoLoc value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "NwkGeoLoc", - "type": "boolean" - }, - "PrAllowed": { - "markdownDescription": "The PRAllowed value that describes whether passive roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "PrAllowed", - "type": "boolean" - }, - "RaAllowed": { - "markdownDescription": "The RAAllowed value that describes whether roaming activation is allowed.", - "title": "RaAllowed", - "type": "boolean" - }, - "ReportDevStatusBattery": { - "markdownDescription": "The ReportDevStatusBattery value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ReportDevStatusBattery", - "type": "boolean" - }, - "ReportDevStatusMargin": { - "markdownDescription": "The ReportDevStatusMargin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ReportDevStatusMargin", - "type": "boolean" - }, - "TargetPer": { - "markdownDescription": "The TargetPer value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "TargetPer", - "type": "number" - }, - "UlBucketSize": { - "markdownDescription": "The UlBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlBucketSize", - "type": "number" - }, - "UlRate": { - "markdownDescription": "The ULRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlRate", - "type": "number" - }, - "UlRatePolicy": { - "markdownDescription": "The ULRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlRatePolicy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition": { + "AWS::IAM::Role": { "additionalProperties": false, "properties": { "Condition": { @@ -132711,48 +139202,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoCreateTasks": { - "markdownDescription": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If `false` , the task must be created by calling `CreateWirelessGatewayTask` .", - "title": "AutoCreateTasks", - "type": "boolean" + "AssumeRolePolicyDocument": { + "markdownDescription": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples) . For more information about the elements that you can use in an IAM policy, see [IAM Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *IAM User Guide* .", + "title": "AssumeRolePolicyDocument", + "type": "object" }, - "LoRaWANUpdateGatewayTaskEntry": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry", - "markdownDescription": "LoRaWANUpdateGatewayTaskEntry object.", - "title": "LoRaWANUpdateGatewayTaskEntry" + "Description": { + "markdownDescription": "A description of the role that you provide.", + "title": "Description", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", + "type": "array" + }, + "MaxSessionDuration": { + "markdownDescription": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n\nAnyone who assumes the role from the AWS CLI or API can use the `DurationSeconds` API parameter or the `duration-seconds` AWS CLI parameter to request a longer session. The `MaxSessionDuration` setting determines the maximum duration that can be requested using the `DurationSeconds` parameter. If users don't specify a value for the `DurationSeconds` parameter, their security credentials are valid for one hour by default. This applies when you use the `AssumeRole*` API operations or the `assume-role*` AWS CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide* .", + "title": "MaxSessionDuration", + "type": "number" + }, + "Path": { + "markdownDescription": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", "type": "string" }, - "Tags": { + "PermissionsBoundary": { + "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role.\n\nFor more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .", + "title": "PermissionsBoundary", + "type": "string" + }, + "Policies": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::IAM::Role.Policy" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Policies", "type": "array" }, - "TaskDefinitionType": { - "markdownDescription": "A filter to list only the wireless gateway task definitions that use this task definition type.", - "title": "TaskDefinitionType", + "RoleName": { + "markdownDescription": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "RoleName", "type": "string" }, - "Update": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate", - "markdownDescription": "Information about the gateways to update.", - "title": "Update" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "AutoCreateTasks" + "AssumeRolePolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::TaskDefinition" + "AWS::IAM::Role" ], "type": "string" }, @@ -132771,91 +139283,27 @@ ], "type": "object" }, - "AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion": { - "additionalProperties": false, - "properties": { - "Model": { - "markdownDescription": "The model number of the wireless gateway.", - "title": "Model", - "type": "string" - }, - "PackageVersion": { - "markdownDescription": "The version of the wireless gateway firmware.", - "title": "PackageVersion", - "type": "string" - }, - "Station": { - "markdownDescription": "The basic station version of the wireless gateway.", - "title": "Station", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate": { - "additionalProperties": false, - "properties": { - "CurrentVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The version of the gateways that should receive the update.", - "title": "CurrentVersion" - }, - "SigKeyCrc": { - "markdownDescription": "The CRC of the signature private key to check.", - "title": "SigKeyCrc", - "type": "number" - }, - "UpdateSignature": { - "markdownDescription": "The signature used to verify the update firmware.", - "title": "UpdateSignature", - "type": "string" - }, - "UpdateVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The firmware version to update the gateway to.", - "title": "UpdateVersion" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry": { - "additionalProperties": false, - "properties": { - "CurrentVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The version of the gateways that should receive the update.", - "title": "CurrentVersion" - }, - "UpdateVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The firmware version to update the gateway to.", - "title": "UpdateVersion" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate": { + "AWS::IAM::Role.Policy": { "additionalProperties": false, "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate", - "markdownDescription": "The properties that relate to the LoRaWAN wireless gateway.", - "title": "LoRaWAN" - }, - "UpdateDataRole": { - "markdownDescription": "The IAM role used to read data from the S3 bucket.", - "title": "UpdateDataRole", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", + "title": "PolicyDocument", + "type": "object" }, - "UpdateDataSource": { - "markdownDescription": "The link to the S3 bucket.", - "title": "UpdateDataSource", + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", "type": "string" } }, + "required": [ + "PolicyDocument", + "PolicyName" + ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice": { + "AWS::IAM::RolePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -132890,64 +139338,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the new resource. Maximum length is 2048.", - "title": "Description", - "type": "string" - }, - "DestinationName": { - "markdownDescription": "The name of the destination to assign to the new wireless device. Can have only have alphanumeric, - (hyphen) and _ (underscore) characters and it can't have any spaces.", - "title": "DestinationName", - "type": "string" - }, - "LastUplinkReceivedAt": { - "markdownDescription": "The date and time when the most recent uplink was received.", - "title": "LastUplinkReceivedAt", - "type": "string" - }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.LoRaWANDevice", - "markdownDescription": "The device configuration information to use to create the wireless device. Must be at least one of OtaaV10x, OtaaV11, AbpV11, or AbpV10x.", - "title": "LoRaWAN" - }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", - "type": "string" - }, - "Positioning": { - "markdownDescription": "FPort values for the GNSS, Stream, and ClockSync functions of the positioning information.", - "title": "Positioning", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", - "type": "array" + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" }, - "ThingArn": { - "markdownDescription": "The ARN of the thing to associate with the wireless device.", - "title": "ThingArn", + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", "type": "string" }, - "Type": { - "markdownDescription": "The wireless device type.", - "title": "Type", + "RoleName": { + "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "RoleName", "type": "string" } }, "required": [ - "DestinationName", - "Type" + "PolicyName", + "RoleName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessDevice" + "AWS::IAM::RolePolicy" ], "type": "string" }, @@ -132966,226 +139381,517 @@ ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.AbpV10x": { + "AWS::IAM::SAMLProvider": { "additionalProperties": false, "properties": { - "DevAddr": { - "markdownDescription": "The DevAddr value.", - "title": "DevAddr", + "Condition": { "type": "string" }, - "SessionKeys": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x", - "markdownDescription": "Session keys for ABP v1.0.x.", - "title": "SessionKeys" - } - }, - "required": [ - "DevAddr", - "SessionKeys" - ], - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.AbpV11": { - "additionalProperties": false, - "properties": { - "DevAddr": { - "markdownDescription": "The DevAddr value.", - "title": "DevAddr", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SessionKeys": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11", - "markdownDescription": "Session keys for ABP v1.1.", - "title": "SessionKeys" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AddPrivateKey": { + "markdownDescription": "Specifies the new private key from your external identity provider. The private key must be a .pem file that uses AES-GCM or AES-CBC encryption algorithm to decrypt SAML assertions.", + "title": "AddPrivateKey", + "type": "string" + }, + "AssertionEncryptionMode": { + "markdownDescription": "Specifies the encryption setting for the SAML provider.", + "title": "AssertionEncryptionMode", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Name", + "type": "string" + }, + "PrivateKeyList": { + "items": { + "$ref": "#/definitions/AWS::IAM::SAMLProvider.SAMLPrivateKey" + }, + "markdownDescription": "The private key metadata for the SAML provider.", + "title": "PrivateKeyList", + "type": "array" + }, + "RemovePrivateKey": { + "markdownDescription": "The Key ID of the private key to remove.", + "title": "RemovePrivateKey", + "type": "string" + }, + "SamlMetadataDocument": { + "markdownDescription": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*", + "title": "SamlMetadataDocument", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::SAMLProvider" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DevAddr", - "SessionKeys" + "Type" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.Application": { + "AWS::IAM::SAMLProvider.SAMLPrivateKey": { "additionalProperties": false, "properties": { - "DestinationName": { - "markdownDescription": "The name of the position data destination that describes the IoT rule that processes the device's position data.", - "title": "DestinationName", + "KeyId": { + "markdownDescription": "The unique identifier for the SAML private key.", + "title": "KeyId", "type": "string" }, - "FPort": { - "markdownDescription": "The name of the new destination for the device.", - "title": "FPort", - "type": "number" - }, - "Type": { - "markdownDescription": "Application type, which can be specified to obtain real-time position information of your LoRaWAN device.", - "title": "Type", + "Timestamp": { + "markdownDescription": "The date and time, in [ISO 8601 date-time](https://docs.aws.amazon.com/http://www.iso.org/iso/iso8601) format, when the private key was uploaded.", + "title": "Timestamp", "type": "string" } }, + "required": [ + "KeyId", + "Timestamp" + ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.FPorts": { + "AWS::IAM::ServerCertificate": { "additionalProperties": false, "properties": { - "Applications": { - "items": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.Application" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateBody": { + "markdownDescription": "The contents of the public key certificate.", + "title": "CertificateBody", + "type": "string" + }, + "CertificateChain": { + "markdownDescription": "The contents of the public key certificate chain.", + "title": "CertificateChain", + "type": "string" + }, + "Path": { + "markdownDescription": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` ).", + "title": "Path", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PrivateKey", + "type": "string" + }, + "ServerCertificateName": { + "markdownDescription": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "ServerCertificateName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "LoRaWAN application configuration, which can be used to perform geolocation.", - "title": "Applications", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::ServerCertificate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.LoRaWANDevice": { + "AWS::IAM::ServiceLinkedRole": { "additionalProperties": false, "properties": { - "AbpV10x": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV10x", - "markdownDescription": "ABP device object for LoRaWAN specification v1.0.x.", - "title": "AbpV10x" - }, - "AbpV11": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV11", - "markdownDescription": "ABP device object for create APIs for v1.1.", - "title": "AbpV11" - }, - "DevEui": { - "markdownDescription": "The DevEUI value.", - "title": "DevEui", + "Condition": { "type": "string" }, - "DeviceProfileId": { - "markdownDescription": "The ID of the device profile for the new wireless device.", - "title": "DeviceProfileId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FPorts": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.FPorts", - "markdownDescription": "List of FPort assigned for different LoRaWAN application packages to use.", - "title": "FPorts" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "OtaaV10x": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV10x", - "markdownDescription": "OTAA device object for create APIs for v1.0.x", - "title": "OtaaV10x" + "Metadata": { + "type": "object" }, - "OtaaV11": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV11", - "markdownDescription": "OTAA device object for v1.1 for create APIs.", - "title": "OtaaV11" + "Properties": { + "additionalProperties": false, + "properties": { + "AWSServiceName": { + "markdownDescription": "The service principal for the AWS service to which this role is attached. You use a string similar to a URL but without the http:// in front. For example: `elasticbeanstalk.amazonaws.com` .\n\nService principals are unique and case-sensitive. To find the exact service principal for your service-linked role, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the *IAM User Guide* . Look for the services that have *Yes* in the *Service-Linked Role* column. Choose the *Yes* link to view the service-linked role documentation for that service.", + "title": "AWSServiceName", + "type": "string" + }, + "CustomSuffix": { + "markdownDescription": "A string that you provide, which is combined with the service-provided prefix to form the complete role name. If you make multiple requests for the same service, then you must supply a different `CustomSuffix` for each request. Otherwise the request fails with a duplicate role name error. For example, you could add `-1` or `-debug` to the suffix.\n\nSome services do not support the `CustomSuffix` parameter. If you provide an optional suffix and the operation fails, try the operation again without the suffix.", + "title": "CustomSuffix", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the role.", + "title": "Description", + "type": "string" + } + }, + "type": "object" }, - "ServiceProfileId": { - "markdownDescription": "The ID of the service profile.", - "title": "ServiceProfileId", + "Type": { + "enum": [ + "AWS::IAM::ServiceLinkedRole" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.OtaaV10x": { + "AWS::IAM::User": { "additionalProperties": false, "properties": { - "AppEui": { - "markdownDescription": "The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3.", - "title": "AppEui", + "Condition": { "type": "string" }, - "AppKey": { - "markdownDescription": "The AppKey value.", - "title": "AppKey", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of group names to which you want to add the user.", + "title": "Groups", + "type": "array" + }, + "LoginProfile": { + "$ref": "#/definitions/AWS::IAM::User.LoginProfile", + "markdownDescription": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the AWS Management Console .\n\nYou can use the AWS CLI , the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the AWS Management Console .\n\nFor more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *IAM User Guide* .", + "title": "LoginProfile" + }, + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", + "type": "array" + }, + "Path": { + "markdownDescription": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", + "type": "string" + }, + "PermissionsBoundary": { + "markdownDescription": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n\nA permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\nFor more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide* .", + "title": "PermissionsBoundary", + "type": "string" + }, + "Policies": { + "items": { + "$ref": "#/definitions/AWS::IAM::User.Policy" + }, + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an IAM User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user) .\n\n> The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a user, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", + "title": "Policies", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "title": "Tags", + "type": "array" + }, + "UserName": { + "markdownDescription": "The name of the user to create. Do not include the path in this value.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "UserName", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::User" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AppEui", - "AppKey" + "Type" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.OtaaV11": { + "AWS::IAM::User.LoginProfile": { "additionalProperties": false, "properties": { - "AppKey": { - "markdownDescription": "The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppKey", - "type": "string" - }, - "JoinEui": { - "markdownDescription": "The JoinEUI value.", - "title": "JoinEui", + "Password": { + "markdownDescription": "The user's password.", + "title": "Password", "type": "string" }, - "NwkKey": { - "markdownDescription": "The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "NwkKey", - "type": "string" + "PasswordResetRequired": { + "markdownDescription": "Specifies whether the user is required to set a new password on next sign-in.", + "title": "PasswordResetRequired", + "type": "boolean" } }, "required": [ - "AppKey", - "JoinEui", - "NwkKey" + "Password" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x": { + "AWS::IAM::User.Policy": { "additionalProperties": false, "properties": { - "AppSKey": { - "markdownDescription": "The AppSKey value.", - "title": "AppSKey", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", + "title": "PolicyDocument", + "type": "object" }, - "NwkSKey": { - "markdownDescription": "The NwkKey value.", - "title": "NwkSKey", + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", "type": "string" } }, "required": [ - "AppSKey", - "NwkSKey" + "PolicyDocument", + "PolicyName" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11": { + "AWS::IAM::UserPolicy": { "additionalProperties": false, "properties": { - "AppSKey": { - "markdownDescription": "The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppSKey", + "Condition": { "type": "string" }, - "FNwkSIntKey": { - "markdownDescription": "The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "FNwkSIntKey", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NwkSEncKey": { - "markdownDescription": "The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "NwkSEncKey", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", + "type": "string" + }, + "UserName": { + "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "UserName", + "type": "string" + } + }, + "required": [ + "PolicyName", + "UserName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::UserPolicy" + ], "type": "string" }, - "SNwkSIntKey": { - "markdownDescription": "The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "SNwkSIntKey", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AppSKey", - "FNwkSIntKey", - "NwkSEncKey", - "SNwkSIntKey" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTWireless::WirelessDeviceImportTask": { + "AWS::IAM::UserToGroupAddition": { "additionalProperties": false, "properties": { "Condition": { @@ -133220,34 +139926,29 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationName": { - "markdownDescription": "The name of the destination that describes the IoT rule to route messages from the Sidewalk devices in the import task to other applications.", - "title": "DestinationName", + "GroupName": { + "markdownDescription": "The name of the group to update.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "GroupName", "type": "string" }, - "Sidewalk": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk", - "markdownDescription": "The Sidewalk-related information of the wireless device import task.", - "title": "Sidewalk" - }, - "Tags": { + "Users": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Adds to or modifies the tags of the given resource. Tags are metadata that you can use to manage a resource.", - "title": "Tags", + "markdownDescription": "A list of the names of the users that you want to add to the group.", + "title": "Users", "type": "array" } }, "required": [ - "DestinationName", - "Sidewalk" + "GroupName", + "Users" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessDeviceImportTask" + "AWS::IAM::UserToGroupAddition" ], "type": "string" }, @@ -133266,36 +139967,95 @@ ], "type": "object" }, - "AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk": { + "AWS::IAM::VirtualMFADevice": { "additionalProperties": false, "properties": { - "DeviceCreationFile": { - "markdownDescription": "The CSV file contained in an S3 bucket that's used for adding devices to an import task.", - "title": "DeviceCreationFile", + "Condition": { "type": "string" }, - "DeviceCreationFileList": { - "items": { - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "title": "Tags", + "type": "array" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM user associated with this virtual MFA device.", + "title": "Users", + "type": "array" + }, + "VirtualMfaDeviceName": { + "markdownDescription": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "VirtualMfaDeviceName", + "type": "string" + } }, - "markdownDescription": "List of Sidewalk devices that are added to the import task.", - "title": "DeviceCreationFileList", - "type": "array" + "required": [ + "Users" + ], + "type": "object" }, - "Role": { - "markdownDescription": "The IAM role that allows to access the CSV file in the S3 bucket.", - "title": "Role", + "Type": { + "enum": [ + "AWS::IAM::VirtualMFADevice" + ], "type": "string" }, - "SidewalkManufacturingSn": { - "markdownDescription": "The Sidewalk manufacturing serial number (SMSN) of the Sidewalk device.", - "title": "SidewalkManufacturingSn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::IoTWireless::WirelessGateway": { + "AWS::IVS::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -133330,53 +140090,65 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the new resource. The maximum length is 2048 characters.", - "title": "Description", + "Authorized": { + "markdownDescription": "Whether the channel is authorized.\n\n*Default* : `false`", + "title": "Authorized", + "type": "boolean" + }, + "ContainerFormat": { + "markdownDescription": "Indicates which content-packaging format is used (MPEG-TS or fMP4). If `multitrackInputConfiguration` is specified and `enabled` is `true` , then `containerFormat` is required and must be set to `FRAGMENTED_MP4` . Otherwise, `containerFormat` may be set to `TS` or `FRAGMENTED_MP4` . Default: `TS` .", + "title": "ContainerFormat", "type": "string" }, - "LastUplinkReceivedAt": { - "markdownDescription": "The date and time when the most recent uplink was received.", - "title": "LastUplinkReceivedAt", + "InsecureIngest": { + "markdownDescription": "Whether the channel allows insecure RTMP ingest.\n\n*Default* : `false`", + "title": "InsecureIngest", + "type": "boolean" + }, + "LatencyMode": { + "markdownDescription": "Channel latency mode. Valid values:\n\n- `NORMAL` : Use NORMAL to broadcast and deliver live video up to Full HD.\n- `LOW` : Use LOW for near real-time interactions with viewers.\n\n> In the console, `LOW` and `NORMAL` correspond to `Ultra-low` and `Standard` , respectively. \n\n*Default* : `LOW`", + "title": "LatencyMode", "type": "string" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessGateway.LoRaWANGateway", - "markdownDescription": "The gateway configuration information to use to create the wireless gateway.", - "title": "LoRaWAN" + "MultitrackInputConfiguration": { + "$ref": "#/definitions/AWS::IVS::Channel.MultitrackInputConfiguration", + "markdownDescription": "Object specifying multitrack input configuration. Default: no multitrack input configuration is specified.", + "title": "MultitrackInputConfiguration" }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "Channel name.", "title": "Name", "type": "string" }, + "Preset": { + "markdownDescription": "An optional transcode preset for the channel. This is selectable only for `ADVANCED_HD` and `ADVANCED_SD` channel types. For those channel types, the default preset is `HIGHER_BANDWIDTH_DELIVERY` . For other channel types ( `BASIC` and `STANDARD` ), `preset` is the empty string (\"\").", + "title": "Preset", + "type": "string" + }, + "RecordingConfigurationArn": { + "markdownDescription": "The ARN of a RecordingConfiguration resource. An empty string indicates that recording is disabled for the channel. A RecordingConfiguration ARN indicates that recording is enabled using the specified recording configuration. See the [RecordingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ivs-recordingconfiguration.html) resource for more information and an example.\n\n*Default* : \"\" (empty string, recording is disabled)", + "title": "RecordingConfigurationArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-channel-tag.html) .", "title": "Tags", "type": "array" }, - "ThingArn": { - "markdownDescription": "The ARN of the thing to associate with the wireless gateway.", - "title": "ThingArn", - "type": "string" - }, - "ThingName": { - "markdownDescription": "The name of the thing associated with the wireless gateway. The value is empty if a thing isn't associated with the gateway.", - "title": "ThingName", + "Type": { + "markdownDescription": "The channel type, which determines the allowable resolution and bitrate. *If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately.* For details, see [Channel Types](https://docs.aws.amazon.com/ivs/latest/LowLatencyAPIReference/channel-types.html) .\n\n*Default* : `STANDARD`", + "title": "Type", "type": "string" } }, - "required": [ - "LoRaWAN" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessGateway" + "AWS::IVS::Channel" ], "type": "string" }, @@ -133390,32 +140162,32 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTWireless::WirelessGateway.LoRaWANGateway": { + "AWS::IVS::Channel.MultitrackInputConfiguration": { "additionalProperties": false, "properties": { - "GatewayEui": { - "markdownDescription": "The gateway's EUI value.", - "title": "GatewayEui", + "Enabled": { + "markdownDescription": "Indicates whether multitrack input is enabled. Can be set to `true` only if channel type is `STANDARD` . Setting `enabled` to `true` with any other channel type will cause an exception. If `true` , then `policy` , `maximumResolution` , and `containerFormat` are required, and `containerFormat` must be set to `FRAGMENTED_MP4` . Default: `false` .", + "title": "Enabled", + "type": "boolean" + }, + "MaximumResolution": { + "markdownDescription": "Maximum resolution for multitrack input. Required if `enabled` is `true` .", + "title": "MaximumResolution", "type": "string" }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", + "Policy": { + "markdownDescription": "Indicates whether multitrack input is allowed or required. Required if `enabled` is `true` .", + "title": "Policy", "type": "string" } }, - "required": [ - "GatewayEui", - "RfRegion" - ], "type": "object" }, - "AWS::KMS::Alias": { + "AWS::IVS::EncoderConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -133450,26 +140222,30 @@ "Properties": { "additionalProperties": false, "properties": { - "AliasName": { - "markdownDescription": "Specifies the alias name. This value must begin with `alias/` followed by a name, such as `alias/ExampleAlias` .\n\n> If you change the value of the `AliasName` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). \n\nThe alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with `alias/aws/` . The `alias/aws/` prefix is reserved for [AWS managed keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", - "title": "AliasName", + "Name": { + "markdownDescription": "Encoder cnfiguration name.", + "title": "Name", "type": "string" }, - "TargetKeyId": { - "markdownDescription": "Associates the alias with the specified [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) . The KMS key must be in the same AWS account and Region.\n\nA valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n\nFor help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *AWS Key Management Service Developer Guide* .\n\nSpecify the key ID or the key ARN of the KMS key.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nTo get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) .", - "title": "TargetKeyId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-tag.html) .", + "title": "Tags", + "type": "array" + }, + "Video": { + "$ref": "#/definitions/AWS::IVS::EncoderConfiguration.Video", + "markdownDescription": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps. See the [Video](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-video.html) property type for more information.", + "title": "Video" } }, - "required": [ - "AliasName", - "TargetKeyId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::Alias" + "AWS::IVS::EncoderConfiguration" ], "type": "string" }, @@ -133483,12 +140259,37 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::KMS::Key": { + "AWS::IVS::EncoderConfiguration.Video": { + "additionalProperties": false, + "properties": { + "Bitrate": { + "markdownDescription": "Bitrate for generated output, in bps. Default: 2500000.", + "title": "Bitrate", + "type": "number" + }, + "Framerate": { + "markdownDescription": "Video frame rate, in fps. Default: 30.", + "title": "Framerate", + "type": "number" + }, + "Height": { + "markdownDescription": "Video-resolution height. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720.", + "title": "Height", + "type": "number" + }, + "Width": { + "markdownDescription": "Video-resolution width. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280.", + "title": "Width", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IVS::IngestConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -133523,75 +140324,45 @@ "Properties": { "additionalProperties": false, "properties": { - "BypassPolicyLockoutSafetyCheck": { - "markdownDescription": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n\n> Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n> \n> For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *AWS Key Management Service Developer Guide* . \n\nUse this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key.", - "title": "BypassPolicyLockoutSafetyCheck", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use.", - "title": "Description", + "IngestProtocol": { + "markdownDescription": "Type of ingest protocol that the user employs for broadcasting.", + "title": "IngestProtocol", "type": "string" }, - "EnableKeyRotation": { - "markdownDescription": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n\nAWS KMS supports automatic rotation only for symmetric encryption KMS keys ( `KeySpec` = `SYMMETRIC_DEFAULT` ). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin `EXTERNAL` , omit the `EnableKeyRotation` property or set it to `false` .\n\nTo enable automatic key rotation of the key material for a multi-Region KMS key, set `EnableKeyRotation` to `true` on the primary key (created by using `AWS::KMS::Key` ). AWS KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *AWS Key Management Service Developer Guide* .\n\nWhen you enable automatic rotation, AWS KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. AWS KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "EnableKeyRotation", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", - "title": "Enabled", + "InsecureIngest": { + "markdownDescription": "Whether the channel allows insecure RTMP ingest. Default: `false` .", + "title": "InsecureIngest", "type": "boolean" }, - "KeyPolicy": { - "markdownDescription": "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n- The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *AWS Key Management Service Developer Guide* . (To omit this condition, set `BypassPolicyLockoutSafetyCheck` to true.)\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nIf you do not provide a key policy, AWS KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *AWS Key Management Service Developer Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters\n- Printable characters in the Basic Latin and Latin-1 Supplement character set\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", - "title": "KeyPolicy", - "type": "object" - }, - "KeySpec": { - "markdownDescription": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- Asymmetric ML-DSA key pairs (signing and verification)\n\n- `ML_DSA_44`\n- `ML_DSA_65`\n- `ML_DSA_87`\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", - "title": "KeySpec", - "type": "string" - }, - "KeyUsage": { - "markdownDescription": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with ML-DSA key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", - "title": "KeyUsage", + "Name": { + "markdownDescription": "Ingest name.", + "title": "Name", "type": "string" }, - "MultiRegion": { - "markdownDescription": "Creates a multi-Region primary key that you can replicate in other AWS Regions . You can't change the `MultiRegion` value after the KMS key is created.\n\nFor a list of AWS Regions in which multi-Region keys are supported, see [Multi-Region keys in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the ** .\n\n> If you change the value of the `MultiRegion` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nFor a multi-Region key, set to this property to `true` . For a single-Region key, omit this property or set it to `false` . The default value is `false` .\n\n*Multi-Region keys* are an AWS KMS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n\nTo create a replica of this primary key in a different AWS Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.", - "title": "MultiRegion", - "type": "boolean" - }, - "Origin": { - "markdownDescription": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> - AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.\n> - `EXTERNAL` is not supported for ML-DSA keys.", - "title": "Origin", + "StageArn": { + "markdownDescription": "ARN of the stage with which the IngestConfiguration is associated.", + "title": "StageArn", "type": "string" }, - "PendingWindowInDays": { - "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "PendingWindowInDays", - "type": "number" - }, - "RotationPeriodInDays": { - "markdownDescription": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n\nThe rotation period defines the number of days after you enable automatic key rotation that AWS KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n\nYou can use the [`kms:RotationPeriodInDays`](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the `RotationPeriodInDays` parameter.\n\nFor more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "RotationPeriodInDays", - "type": "number" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nFor information about tags in AWS KMS , see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *AWS Key Management Service Developer Guide* . For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" + }, + "UserId": { + "markdownDescription": "Customer-assigned name to help identify the participant using the IngestConfiguration; this can be used to link a participant to a user in the customer\u2019s own systems. This can be any UTF-8 encoded text. *This field is exposed to all stage participants and should not be used for personally identifying, confidential, or sensitive information.*", + "title": "UserId", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::KMS::Key" + "AWS::IVS::IngestConfiguration" ], "type": "string" }, @@ -133609,7 +140380,7 @@ ], "type": "object" }, - "AWS::KMS::ReplicaKey": { + "AWS::IVS::PlaybackKeyPair": { "additionalProperties": false, "properties": { "Condition": { @@ -133644,49 +140415,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the KMS key.\n\nThe default value is an empty string (no description).\n\nThe description is not a shared property of multi-Region keys. You can specify the same description or a different description for each key in a set of related multi-Region keys. AWS Key Management Service does not synchronize this property.", - "title": "Description", + "Name": { + "markdownDescription": "Playback-key-pair name. The value does not need to be unique.", + "title": "Name", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the replica might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations. Also, while the replica key is being created, its key state is `Creating` . When the process is complete, the key state of the replica key changes to `Enabled` .\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", - "title": "Enabled", - "type": "boolean" - }, - "KeyPolicy": { - "markdownDescription": "The key policy that authorizes use of the replica key.\n\nThe key policy is not a shared property of multi-Region keys. You can specify the same key policy or a different key policy for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nThe key policy must conform to the following rules.\n\n- The key policy must give the caller [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) permission on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section of the **AWS Key Management Service Developer Guide** .\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters from the space character ( `\\u0020` ) through the end of the ASCII character range.\n- Printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` ).\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", - "title": "KeyPolicy", - "type": "object" - }, - "PendingWindowInDays": { - "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a replica key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a replica key from a CloudFormation stack, AWS KMS schedules the replica key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of replica key is `Pending Deletion` , which prevents it from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the replica key.\n\nIf the KMS key is a multi-Region primary key with replica keys, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n\nYou cannot use a CloudFormation template to cancel deletion of the replica after you remove it from the stack, regardless of the waiting period. However, if you specify a replica key in your template that is based on the same primary key as the original replica key, CloudFormation creates a new replica key with the same key ID, key material, and other shared properties of the original replica key. This new replica key can decrypt ciphertext that was encrypted under the original replica key, or any related multi-Region key.\n\nFor detailed information about deleting multi-Region keys, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nFor information about the `PendingDeletion` key state, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "PendingWindowInDays", - "type": "number" - }, - "PrimaryKeyArn": { - "markdownDescription": "Specifies the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS partition. You can create only one replica of a given primary key in each AWS Region .\n\n> If you change the `PrimaryKeyArn` value of a replica key, the existing replica key is scheduled for deletion and a new replica key is created based on the specified primary key. While it is scheduled for deletion, the existing replica key becomes unusable. You can cancel the scheduled deletion of the key outside of CloudFormation.\n> \n> However, if you inadvertently delete a replica key, you can decrypt ciphertext encrypted by that replica key by using any related multi-Region key. If necessary, you can recreate the replica in the same Region after the previous one is completely deleted. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* \n\nSpecify the key ARN of an existing multi-Region primary key. For example, `arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab` .", - "title": "PrimaryKeyArn", + "PublicKeyMaterial": { + "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PlaybackKeyPair resource.", + "title": "PublicKeyMaterial", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nTags are not a shared property of multi-Region keys. You can specify the same tags or different tags for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, AWS KMS replaces the current tag value with the specified one.\n\nWhen you assign tags to an AWS resource, AWS generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackkeypair-tag.html) .", "title": "Tags", "type": "array" } }, - "required": [ - "KeyPolicy", - "PrimaryKeyArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::ReplicaKey" + "AWS::IVS::PlaybackKeyPair" ], "type": "string" }, @@ -133700,12 +140452,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::KafkaConnect::Connector": { + "AWS::IVS::PlaybackRestrictionPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -133740,100 +140491,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Capacity": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Capacity", - "markdownDescription": "The connector's compute capacity settings.", - "title": "Capacity" - }, - "ConnectorConfiguration": { - "additionalProperties": true, - "markdownDescription": "The configuration of the connector.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "AllowedCountries": { + "items": { + "type": "string" }, - "title": "ConnectorConfiguration", - "type": "object" - }, - "ConnectorDescription": { - "markdownDescription": "The description of the connector.", - "title": "ConnectorDescription", - "type": "string" - }, - "ConnectorName": { - "markdownDescription": "The name of the connector.\n\nThe connector name must be unique and can include up to 128 characters. Valid characters you can include in a connector name are: a-z, A-Z, 0-9, and -.", - "title": "ConnectorName", - "type": "string" - }, - "KafkaCluster": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaCluster", - "markdownDescription": "The details of the Apache Kafka cluster to which the connector is connected.", - "title": "KafkaCluster" - }, - "KafkaClusterClientAuthentication": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication", - "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used.", - "title": "KafkaClusterClientAuthentication" - }, - "KafkaClusterEncryptionInTransit": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit", - "markdownDescription": "Details of encryption in transit to the Apache Kafka cluster.", - "title": "KafkaClusterEncryptionInTransit" - }, - "KafkaConnectVersion": { - "markdownDescription": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.", - "title": "KafkaConnectVersion", - "type": "string" - }, - "LogDelivery": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.LogDelivery", - "markdownDescription": "The settings for delivering connector logs to Amazon CloudWatch Logs.", - "title": "LogDelivery" + "markdownDescription": "A list of country codes that control geoblocking restrictions. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array).", + "title": "AllowedCountries", + "type": "array" }, - "Plugins": { + "AllowedOrigins": { "items": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Plugin" + "type": "string" }, - "markdownDescription": "Specifies which plugin to use for the connector. You must specify a single-element list. Amazon MSK Connect does not currently support specifying multiple plugins.", - "title": "Plugins", + "markdownDescription": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\"](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)", + "title": "AllowedOrigins", "type": "array" }, - "ServiceExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon Web Services resources.", - "title": "ServiceExecutionRoleArn", + "EnableStrictOriginEnforcement": { + "markdownDescription": "Whether channel playback is constrained by the origin site.", + "title": "EnableStrictOriginEnforcement", + "type": "boolean" + }, + "Name": { + "markdownDescription": "Playback-restriction-policy name.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackrestrictionpolicy-tag.html) .", "title": "Tags", "type": "array" - }, - "WorkerConfiguration": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerConfiguration", - "markdownDescription": "The worker configurations that are in use with the connector.", - "title": "WorkerConfiguration" } }, "required": [ - "Capacity", - "ConnectorConfiguration", - "ConnectorName", - "KafkaCluster", - "KafkaClusterClientAuthentication", - "KafkaClusterEncryptionInTransit", - "KafkaConnectVersion", - "Plugins", - "ServiceExecutionRoleArn" + "AllowedCountries", + "AllowedOrigins" ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::Connector" + "AWS::IVS::PlaybackRestrictionPolicy" ], "type": "string" }, @@ -133852,347 +140553,661 @@ ], "type": "object" }, - "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { + "AWS::IVS::PublicKey": { "additionalProperties": false, "properties": { - "BootstrapServers": { - "markdownDescription": "The bootstrap servers of the cluster.", - "title": "BootstrapServers", + "Condition": { "type": "string" }, - "Vpc": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Vpc", - "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", - "title": "Vpc" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Public key name. The value does not need to be unique.", + "title": "Name", + "type": "string" + }, + "PublicKeyMaterial": { + "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PublicKey resource.", + "title": "PublicKeyMaterial", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::PublicKey" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "BootstrapServers", - "Vpc" + "Type" ], "type": "object" }, - "AWS::KafkaConnect::Connector.AutoScaling": { + "AWS::IVS::RecordingConfiguration": { "additionalProperties": false, "properties": { - "MaxWorkerCount": { - "markdownDescription": "The maximum number of workers allocated to the connector.", - "title": "MaxWorkerCount", - "type": "number" + "Condition": { + "type": "string" }, - "McuCount": { - "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", - "title": "McuCount", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MinWorkerCount": { - "markdownDescription": "The minimum number of workers allocated to the connector.", - "title": "MinWorkerCount", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ScaleInPolicy": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleInPolicy", - "markdownDescription": "The sacle-in policy for the connector.", - "title": "ScaleInPolicy" + "Metadata": { + "type": "object" }, - "ScaleOutPolicy": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleOutPolicy", - "markdownDescription": "The sacle-out policy for the connector.", - "title": "ScaleOutPolicy" + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.DestinationConfiguration", + "markdownDescription": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information.", + "title": "DestinationConfiguration" + }, + "Name": { + "markdownDescription": "Recording-configuration name. The value does not need to be unique.", + "title": "Name", + "type": "string" + }, + "RecordingReconnectWindowSeconds": { + "markdownDescription": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n\n*Default* : `0`", + "title": "RecordingReconnectWindowSeconds", + "type": "number" + }, + "RenditionConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.RenditionConfiguration", + "markdownDescription": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information.", + "title": "RenditionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-tag.html) .", + "title": "Tags", + "type": "array" + }, + "ThumbnailConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.ThumbnailConfiguration", + "markdownDescription": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information.", + "title": "ThumbnailConfiguration" + } + }, + "required": [ + "DestinationConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::RecordingConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "MaxWorkerCount", - "McuCount", - "MinWorkerCount", - "ScaleInPolicy", - "ScaleOutPolicy" + "Type", + "Properties" ], "type": "object" }, - "AWS::KafkaConnect::Connector.Capacity": { + "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { "additionalProperties": false, "properties": { - "AutoScaling": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.AutoScaling", - "markdownDescription": "Information about the auto scaling parameters for the connector.", - "title": "AutoScaling" - }, - "ProvisionedCapacity": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ProvisionedCapacity", - "markdownDescription": "Details about a fixed capacity allocated to a connector.", - "title": "ProvisionedCapacity" + "S3": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.S3DestinationConfiguration", + "markdownDescription": "An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information.", + "title": "S3" } }, "type": "object" }, - "AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery": { + "AWS::IVS::RecordingConfiguration.RenditionConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Whether log delivery to Amazon CloudWatch Logs is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "LogGroup": { - "markdownDescription": "The name of the CloudWatch log group that is the destination for log delivery.", - "title": "LogGroup", + "RenditionSelection": { + "markdownDescription": "The set of renditions are recorded for a stream. For `BASIC` channels, the `CUSTOM` value has no effect. If `CUSTOM` is specified, a set of renditions can be specified in the `renditions` field. Default: `ALL` .", + "title": "RenditionSelection", "type": "string" + }, + "Renditions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of which renditions are recorded for a stream, if `renditionSelection` is `CUSTOM` ; otherwise, this field is irrelevant. The selected renditions are recorded if they are available during the stream. If a selected rendition is unavailable, the best available rendition is recorded. For details on the resolution dimensions of each rendition, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", + "title": "Renditions", + "type": "array" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::KafkaConnect::Connector.CustomPlugin": { + "AWS::IVS::RecordingConfiguration.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "CustomPluginArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom plugin.", - "title": "CustomPluginArn", + "BucketName": { + "markdownDescription": "Location (S3 bucket name) where recorded videos will be stored.", + "title": "BucketName", "type": "string" - }, - "Revision": { - "markdownDescription": "The revision of the custom plugin.", - "title": "Revision", - "type": "number" } }, "required": [ - "CustomPluginArn", - "Revision" + "BucketName" ], "type": "object" }, - "AWS::KafkaConnect::Connector.FirehoseLogDelivery": { + "AWS::IVS::RecordingConfiguration.ThumbnailConfiguration": { "additionalProperties": false, "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.", - "title": "DeliveryStream", + "RecordingMode": { + "markdownDescription": "Thumbnail recording mode. Valid values:\n\n- `DISABLED` : Use DISABLED to disable the generation of thumbnails for recorded video.\n- `INTERVAL` : Use INTERVAL to enable the generation of thumbnails for recorded video at a time interval controlled by the [TargetIntervalSeconds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-targetintervalseconds) property.\n\n*Default* : `INTERVAL`", + "title": "RecordingMode", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether connector logs get delivered to Amazon Kinesis Data Firehose.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.KafkaCluster": { - "additionalProperties": false, - "properties": { - "ApacheKafkaCluster": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ApacheKafkaCluster", - "markdownDescription": "The Apache Kafka cluster to which the connector is connected.", - "title": "ApacheKafkaCluster" + "Resolution": { + "markdownDescription": "The desired resolution of recorded thumbnails for a stream. Thumbnails are recorded at the selected resolution if the corresponding rendition is available during the stream; otherwise, they are recorded at source resolution. For more information about resolution values and their corresponding height and width dimensions, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", + "title": "Resolution", + "type": "string" + }, + "Storage": { + "items": { + "type": "string" + }, + "markdownDescription": "The format in which thumbnails are recorded for a stream. `SEQUENTIAL` records all generated thumbnails in a serial manner, to the media/thumbnails directory. `LATEST` saves the latest thumbnail in media/thumbnails/latest/thumb.jpg and overwrites it at the interval specified by `targetIntervalSeconds` . You can enable both `SEQUENTIAL` and `LATEST` . Default: `SEQUENTIAL` .", + "title": "Storage", + "type": "array" + }, + "TargetIntervalSeconds": { + "markdownDescription": "The targeted thumbnail-generation interval in seconds. This is configurable (and required) only if [RecordingMode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-recordingmode) is `INTERVAL` .\n\n> Setting a value for `TargetIntervalSeconds` does not guarantee that thumbnails are generated at the specified interval. For thumbnails to be generated at the `TargetIntervalSeconds` interval, the `IDR/Keyframe` value for the input video must be less than the `TargetIntervalSeconds` value. See [Amazon IVS Streaming Configuration](https://docs.aws.amazon.com/ivs/latest/LowLatencyUserGuide/streaming-config.html) for information on setting `IDR/Keyframe` to the recommended value in video-encoder settings. \n\n*Default* : 60", + "title": "TargetIntervalSeconds", + "type": "number" } }, - "required": [ - "ApacheKafkaCluster" - ], "type": "object" }, - "AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication": { + "AWS::IVS::Stage": { "additionalProperties": false, "properties": { - "AuthenticationType": { - "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used.", - "title": "AuthenticationType", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoParticipantRecordingConfiguration": { + "$ref": "#/definitions/AWS::IVS::Stage.AutoParticipantRecordingConfiguration", + "markdownDescription": "", + "title": "AutoParticipantRecordingConfiguration" + }, + "Name": { + "markdownDescription": "Stage name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-stage-tag.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::Stage" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AuthenticationType" + "Type" ], "type": "object" }, - "AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit": { + "AWS::IVS::Stage.AutoParticipantRecordingConfiguration": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The type of encryption in transit to the Apache Kafka cluster.", - "title": "EncryptionType", + "MediaTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Types of media to be recorded. Default: `AUDIO_VIDEO` .", + "title": "MediaTypes", + "type": "array" + }, + "StorageConfigurationArn": { + "markdownDescription": "ARN of the StorageConfiguration resource to use for individual participant recording. Default: \"\" (empty string, no storage configuration is specified). Individual participant recording cannot be started unless a storage configuration is specified, when a Stage is created or updated.", + "title": "StorageConfigurationArn", "type": "string" } }, "required": [ - "EncryptionType" + "StorageConfigurationArn" ], "type": "object" }, - "AWS::KafkaConnect::Connector.LogDelivery": { + "AWS::IVS::StorageConfiguration": { "additionalProperties": false, "properties": { - "WorkerLogDelivery": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerLogDelivery", - "markdownDescription": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations.", - "title": "WorkerLogDelivery" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Storage cnfiguration name.", + "title": "Name", + "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::IVS::StorageConfiguration.S3StorageConfiguration", + "markdownDescription": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information.", + "title": "S3" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-tag.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::StorageConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "WorkerLogDelivery" + "Type", + "Properties" ], "type": "object" }, - "AWS::KafkaConnect::Connector.Plugin": { + "AWS::IVS::StorageConfiguration.S3StorageConfiguration": { "additionalProperties": false, "properties": { - "CustomPlugin": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.CustomPlugin", - "markdownDescription": "Details about a custom plugin.", - "title": "CustomPlugin" + "BucketName": { + "markdownDescription": "Name of the S3 bucket where recorded video will be stored.", + "title": "BucketName", + "type": "string" } }, "required": [ - "CustomPlugin" + "BucketName" ], "type": "object" }, - "AWS::KafkaConnect::Connector.ProvisionedCapacity": { + "AWS::IVS::StreamKey": { "additionalProperties": false, "properties": { - "McuCount": { - "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", - "title": "McuCount", - "type": "number" + "Condition": { + "type": "string" }, - "WorkerCount": { - "markdownDescription": "The number of workers that are allocated to the connector.", - "title": "WorkerCount", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelArn": { + "markdownDescription": "Channel ARN for the stream.", + "title": "ChannelArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-streamkey-tag.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ChannelArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVS::StreamKey" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "WorkerCount" + "Type", + "Properties" ], "type": "object" }, - "AWS::KafkaConnect::Connector.S3LogDelivery": { + "AWS::IVSChat::LoggingConfiguration": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that is the destination for log delivery.", - "title": "Bucket", + "Condition": { "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether connector logs get sent to the specified Amazon S3 destination.", - "title": "Enabled", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Prefix": { - "markdownDescription": "The S3 prefix that is the destination for log delivery.", - "title": "Prefix", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationConfiguration": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.DestinationConfiguration", + "markdownDescription": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged.", + "title": "DestinationConfiguration" + }, + "Name": { + "markdownDescription": "Logging-configuration name. The value does not need to be unique.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-loggingconfiguration-tag.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DestinationConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IVSChat::LoggingConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Enabled" + "Type", + "Properties" ], "type": "object" }, - "AWS::KafkaConnect::Connector.ScaleInPolicy": { + "AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration": { "additionalProperties": false, "properties": { - "CpuUtilizationPercentage": { - "markdownDescription": "Specifies the CPU utilization percentage threshold at which you want connector scale in to be triggered.", - "title": "CpuUtilizationPercentage", - "type": "number" + "LogGroupName": { + "markdownDescription": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged.", + "title": "LogGroupName", + "type": "string" } }, "required": [ - "CpuUtilizationPercentage" + "LogGroupName" ], "type": "object" }, - "AWS::KafkaConnect::Connector.ScaleOutPolicy": { + "AWS::IVSChat::LoggingConfiguration.DestinationConfiguration": { "additionalProperties": false, "properties": { - "CpuUtilizationPercentage": { - "markdownDescription": "The CPU utilization percentage threshold at which you want connector scale out to be triggered.", - "title": "CpuUtilizationPercentage", - "type": "number" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration", + "markdownDescription": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.", + "title": "CloudWatchLogs" + }, + "Firehose": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration", + "markdownDescription": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.", + "title": "Firehose" + }, + "S3": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration", + "markdownDescription": "An Amazon S3 destination configuration where chat activity will be logged.", + "title": "S3" } }, - "required": [ - "CpuUtilizationPercentage" - ], "type": "object" }, - "AWS::KafkaConnect::Connector.Vpc": { + "AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group IDs for the connector.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnets for the connector.", - "title": "Subnets", - "type": "array" + "DeliveryStreamName": { + "markdownDescription": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged.", + "title": "DeliveryStreamName", + "type": "string" } }, "required": [ - "SecurityGroups", - "Subnets" + "DeliveryStreamName" ], "type": "object" }, - "AWS::KafkaConnect::Connector.WorkerConfiguration": { + "AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "Revision": { - "markdownDescription": "The revision of the worker configuration.", - "title": "Revision", - "type": "number" - }, - "WorkerConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the worker configuration.", - "title": "WorkerConfigurationArn", + "BucketName": { + "markdownDescription": "Name of the Amazon S3 bucket where chat activity will be logged.", + "title": "BucketName", "type": "string" } }, "required": [ - "Revision", - "WorkerConfigurationArn" + "BucketName" ], "type": "object" }, - "AWS::KafkaConnect::Connector.WorkerLogDelivery": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery", - "markdownDescription": "Details about delivering logs to Amazon CloudWatch Logs.", - "title": "CloudWatchLogs" - }, - "Firehose": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.FirehoseLogDelivery", - "markdownDescription": "Details about delivering logs to Amazon Kinesis Data Firehose.", - "title": "Firehose" - }, - "S3": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.S3LogDelivery", - "markdownDescription": "Details about delivering logs to Amazon S3.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::KafkaConnect::CustomPlugin": { + "AWS::IVSChat::Room": { "additionalProperties": false, "properties": { "Condition": { @@ -134227,23 +141242,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The format of the plugin file.", - "title": "ContentType", - "type": "string" + "LoggingConfigurationIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "List of logging-configuration identifiers attached to the room.", + "title": "LoggingConfigurationIdentifiers", + "type": "array" }, - "Description": { - "markdownDescription": "The description of the custom plugin.", - "title": "Description", - "type": "string" + "MaximumMessageLength": { + "markdownDescription": "Maximum number of characters in a single message. Messages are expected to be UTF-8 encoded and this limit applies specifically to rune/code-point count, not number of bytes.", + "title": "MaximumMessageLength", + "type": "number" }, - "Location": { - "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.CustomPluginLocation", - "markdownDescription": "Information about the location of the custom plugin.", - "title": "Location" + "MaximumMessageRatePerSecond": { + "markdownDescription": "Maximum number of messages per second that can be sent to the room (by all clients).", + "title": "MaximumMessageRatePerSecond", + "type": "number" + }, + "MessageReviewHandler": { + "$ref": "#/definitions/AWS::IVSChat::Room.MessageReviewHandler", + "markdownDescription": "Configuration information for optional review of messages.", + "title": "MessageReviewHandler" }, "Name": { - "markdownDescription": "The name of the custom plugin.", + "markdownDescription": "Room name. The value does not need to be unique.", "title": "Name", "type": "string" }, @@ -134251,21 +141274,16 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-room-tag.html) .", "title": "Tags", "type": "array" } }, - "required": [ - "ContentType", - "Location", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::CustomPlugin" + "AWS::IVSChat::Room" ], "type": "string" }, @@ -134279,67 +141297,198 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::KafkaConnect::CustomPlugin.CustomPluginFileDescription": { + "AWS::IVSChat::Room.MessageReviewHandler": { "additionalProperties": false, "properties": { - "FileMd5": { - "markdownDescription": "The hex-encoded MD5 checksum of the custom plugin file. You can use it to validate the file.", - "title": "FileMd5", + "FallbackResult": { + "markdownDescription": "Specifies the fallback behavior (whether the message is allowed or denied) if the handler does not return a valid response, encounters an error, or times out. (For the timeout period, see [Service Quotas](https://docs.aws.amazon.com/ivs/latest/userguide/service-quotas.html) .) If allowed, the message is delivered with returned content to all users connected to the room. If denied, the message is not delivered to any user.\n\n*Default* : `ALLOW`", + "title": "FallbackResult", "type": "string" }, - "FileSize": { - "markdownDescription": "The size in bytes of the custom plugin file. You can use it to validate the file.", - "title": "FileSize", - "type": "number" + "Uri": { + "markdownDescription": "Identifier of the message review handler. Currently this must be an ARN of a lambda function.", + "title": "Uri", + "type": "string" } }, "type": "object" }, - "AWS::KafkaConnect::CustomPlugin.CustomPluginLocation": { + "AWS::IdentityStore::Group": { "additionalProperties": false, "properties": { - "S3Location": { - "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.S3Location", - "markdownDescription": "The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3.", - "title": "S3Location" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A string containing the description of the group.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name value for the group. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.\n\nPrefix search supports a maximum of 1,000 characters for the string.", + "title": "DisplayName", + "type": "string" + }, + "IdentityStoreId": { + "markdownDescription": "The globally unique identifier for the identity store.", + "title": "IdentityStoreId", + "type": "string" + } + }, + "required": [ + "DisplayName", + "IdentityStoreId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IdentityStore::Group" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "S3Location" + "Type", + "Properties" ], "type": "object" }, - "AWS::KafkaConnect::CustomPlugin.S3Location": { + "AWS::IdentityStore::GroupMembership": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an S3 bucket.", - "title": "BucketArn", + "Condition": { "type": "string" }, - "FileKey": { - "markdownDescription": "The file key for an object in an S3 bucket.", - "title": "FileKey", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ObjectVersion": { - "markdownDescription": "The version of an object in an S3 bucket.", - "title": "ObjectVersion", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GroupId": { + "markdownDescription": "The identifier for a group in the identity store.", + "title": "GroupId", + "type": "string" + }, + "IdentityStoreId": { + "markdownDescription": "The globally unique identifier for the identity store.", + "title": "IdentityStoreId", + "type": "string" + }, + "MemberId": { + "$ref": "#/definitions/AWS::IdentityStore::GroupMembership.MemberId", + "markdownDescription": "An object containing the identifier of a group member. Setting the `MemberId` 's `UserId` field to a specific User's ID indicates that user is a member of the group.", + "title": "MemberId" + } + }, + "required": [ + "GroupId", + "IdentityStoreId", + "MemberId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IdentityStore::GroupMembership" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketArn", - "FileKey" + "Type", + "Properties" ], "type": "object" }, - "AWS::KafkaConnect::WorkerConfiguration": { + "AWS::IdentityStore::GroupMembership.MemberId": { + "additionalProperties": false, + "properties": { + "UserId": { + "markdownDescription": "An object containing the identifiers of resources that can be members.", + "title": "UserId", + "type": "string" + } + }, + "required": [ + "UserId" + ], + "type": "object" + }, + "AWS::ImageBuilder::Component": { "additionalProperties": false, "properties": { "Condition": { @@ -134374,39 +141523,76 @@ "Properties": { "additionalProperties": false, "properties": { + "ChangeDescription": { + "markdownDescription": "The change description of the component. Describes what change has been made in this version, or what makes this version different from other versions of the component.", + "title": "ChangeDescription", + "type": "string" + }, + "Data": { + "markdownDescription": "Component `data` contains inline YAML document content for the component. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", + "title": "Data", + "type": "string" + }, "Description": { - "markdownDescription": "The description of a worker configuration.", + "markdownDescription": "Describes the contents of the component.", "title": "Description", "type": "string" }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key that is used to encrypt this component.", + "title": "KmsKeyId", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the worker configuration.", + "markdownDescription": "The name of the component.", "title": "Name", "type": "string" }, - "PropertiesFileContent": { - "markdownDescription": "Base64 encoded contents of the connect-distributed.properties file.", - "title": "PropertiesFileContent", + "Platform": { + "markdownDescription": "The operating system platform of the component.", + "title": "Platform", "type": "string" }, - "Tags": { + "SupportedOsVersions": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "The operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.", + "title": "SupportedOsVersions", "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags that apply to the component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Uri": { + "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", + "title": "Uri", + "type": "string" + }, + "Version": { + "markdownDescription": "The component version. For example, `1.0.0` .", + "title": "Version", + "type": "string" } }, "required": [ "Name", - "PropertiesFileContent" + "Platform", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::WorkerConfiguration" + "AWS::ImageBuilder::Component" ], "type": "string" }, @@ -134425,7 +141611,7 @@ ], "type": "object" }, - "AWS::Kendra::DataSource": { + "AWS::ImageBuilder::ContainerRecipe": { "additionalProperties": false, "properties": { "Condition": { @@ -134460,70 +141646,104 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomDocumentEnrichmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration", - "markdownDescription": "Configuration information for altering document metadata and content during the document ingestion process.", - "title": "CustomDocumentEnrichmentConfiguration" + "Components": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration" + }, + "markdownDescription": "Build and test components that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", + "title": "Components", + "type": "array" }, - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceConfiguration", - "markdownDescription": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources.", - "title": "DataSourceConfiguration" + "ContainerType": { + "markdownDescription": "Specifies the type of container, such as Docker.", + "title": "ContainerType", + "type": "string" }, "Description": { - "markdownDescription": "A description for the data source connector.", + "markdownDescription": "The description of the container recipe.", "title": "Description", "type": "string" }, - "IndexId": { - "markdownDescription": "The identifier of the index you want to use with the data source connector.", - "title": "IndexId", + "DockerfileTemplateData": { + "markdownDescription": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.", + "title": "DockerfileTemplateData", "type": "string" }, - "LanguageCode": { - "markdownDescription": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", - "title": "LanguageCode", + "DockerfileTemplateUri": { + "markdownDescription": "The S3 URI for the Dockerfile that will be used to build your container image.", + "title": "DockerfileTemplateUri", + "type": "string" + }, + "ImageOsVersionOverride": { + "markdownDescription": "Specifies the operating system version for the base image.", + "title": "ImageOsVersionOverride", + "type": "string" + }, + "InstanceConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration", + "markdownDescription": "A group of options that can be used to configure an instance for building and testing container images.", + "title": "InstanceConfiguration" + }, + "KmsKeyId": { + "markdownDescription": "Identifies which KMS key is used to encrypt the container image for distribution to the target Region.", + "title": "KmsKeyId", "type": "string" }, "Name": { - "markdownDescription": "The name of the data source.", + "markdownDescription": "The name of the container recipe.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources.", - "title": "RoleArn", + "ParentImage": { + "markdownDescription": "The base image for customizations specified in the container recipe. This can contain an Image Builder image resource ARN or a container image URI, for example `amazonlinux:latest` .", + "title": "ParentImage", "type": "string" }, - "Schedule": { - "markdownDescription": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index.", - "title": "Schedule", + "PlatformOverride": { + "markdownDescription": "Specifies the operating system platform when you use a custom base image.", + "title": "PlatformOverride", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Tags that are attached to the container recipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" }, - "Type": { - "markdownDescription": "The type of the data source.", - "title": "Type", + "TargetRepository": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository", + "markdownDescription": "The destination repository for the container image.", + "title": "TargetRepository" + }, + "Version": { + "markdownDescription": "The semantic version of the container recipe.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.\n> \n> *Filtering:* With semantic versioning, you have the flexibility to use wildcards (x) to specify the most recent versions or nodes when selecting the base image or components for your recipe. When you use a wildcard in any node, all nodes to the right of the first wildcard must also be wildcards.", + "title": "Version", + "type": "string" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory for use during build and test workflows.", + "title": "WorkingDirectory", "type": "string" } }, "required": [ - "IndexId", + "Components", + "ContainerType", "Name", - "Type" + "ParentImage", + "TargetRepository", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::DataSource" + "AWS::ImageBuilder::ContainerRecipe" ], "type": "string" }, @@ -134542,1587 +141762,1271 @@ ], "type": "object" }, - "AWS::Kendra::DataSource.AccessControlListConfiguration": { + "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { "additionalProperties": false, "properties": { - "KeyPath": { - "markdownDescription": "Path to the AWS S3 bucket that contains the access control list files.", - "title": "KeyPath", + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", "type": "string" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentParameter" + }, + "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", + "title": "Parameters", + "type": "array" } }, "type": "object" }, - "AWS::Kendra::DataSource.AclConfiguration": { + "AWS::ImageBuilder::ContainerRecipe.ComponentParameter": { "additionalProperties": false, "properties": { - "AllowedGroupsColumnName": { - "markdownDescription": "A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation.", - "title": "AllowedGroupsColumnName", + "Name": { + "markdownDescription": "The name of the component parameter to set.", + "title": "Name", "type": "string" + }, + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the value for the named component parameter.", + "title": "Value", + "type": "array" } }, "required": [ - "AllowedGroupsColumnName" + "Name", + "Value" ], "type": "object" }, - "AWS::Kendra::DataSource.ColumnConfiguration": { + "AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification": { "additionalProperties": false, "properties": { - "ChangeDetectingColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "One to five columns that indicate when a document in the database has changed.", - "title": "ChangeDetectingColumns", - "type": "array" + "DeleteOnTermination": { + "markdownDescription": "Use to configure delete on termination of the associated device.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "DocumentDataColumnName": { - "markdownDescription": "The column that contains the contents of the document.", - "title": "DocumentDataColumnName", - "type": "string" + "Encrypted": { + "markdownDescription": "Use to configure device encryption.", + "title": "Encrypted", + "type": "boolean" }, - "DocumentIdColumnName": { - "markdownDescription": "The column that provides the document's identifier.", - "title": "DocumentIdColumnName", + "Iops": { + "markdownDescription": "Use to configure device IOPS.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", + "title": "KmsKeyId", "type": "string" }, - "DocumentTitleColumnName": { - "markdownDescription": "The column that contains the title of the document.", - "title": "DocumentTitleColumnName", + "SnapshotId": { + "markdownDescription": "The snapshot that defines the device contents.", + "title": "SnapshotId", "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation.", - "title": "FieldMappings", - "type": "array" - } - }, - "required": [ - "ChangeDetectingColumns", - "DocumentDataColumnName", - "DocumentIdColumnName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration": { - "additionalProperties": false, - "properties": { - "AttachmentFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping.", - "title": "AttachmentFieldMappings", - "type": "array" + "Throughput": { + "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", + "title": "Throughput", + "type": "number" }, - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments of pages and blogs in Confluence.", - "title": "CrawlAttachments", - "type": "boolean" + "VolumeSize": { + "markdownDescription": "Use to override the device's volume size.", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "Use to override the device's volume type.", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping": { + "AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.\n\nYou must first create the index field using the `UpdateIndex` API.", - "title": "DataSourceFieldName", + "DeviceName": { + "markdownDescription": "The device to which these mappings apply.", + "title": "DeviceName", "type": "string" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "Ebs": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification", + "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "Use to remove a mapping from the base image.", + "title": "NoDevice", "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "VirtualName": { + "markdownDescription": "Use to manage instance ephemeral devices.", + "title": "VirtualName", "type": "string" } }, - "required": [ - "DataSourceFieldName", - "IndexFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceBlogConfiguration": { + "AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration": { "additionalProperties": false, "properties": { - "BlogFieldMappings": { + "BlockDeviceMappings": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping" + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping" }, - "markdownDescription": "Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping.", - "title": "BlogFieldMappings", + "markdownDescription": "Defines the block devices to attach for building an instance from this Image Builder AMI.", + "title": "BlockDeviceMappings", "type": "array" + }, + "Image": { + "markdownDescription": "The base image for a container build and test instance. This can contain an AMI ID or it can specify an AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n\nIf not specified, Image Builder uses the appropriate ECS-optimized AMI as a base image.", + "title": "Image", + "type": "string" } }, "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping": { + "AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", - "type": "string" - }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "RepositoryName": { + "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", + "title": "RepositoryName", "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "Service": { + "markdownDescription": "Specifies the service in which this image was registered.", + "title": "Service", "type": "string" } }, - "required": [ - "DataSourceFieldName", - "IndexFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration": { "additionalProperties": false, "properties": { - "AttachmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration", - "markdownDescription": "Configuration information for indexing attachments to Confluence blogs and pages.", - "title": "AttachmentConfiguration" - }, - "BlogConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogConfiguration", - "markdownDescription": "Configuration information for indexing Confluence blogs.", - "title": "BlogConfiguration" + "Condition": { + "type": "string" }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", - "title": "InclusionPatterns", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PageConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageConfiguration", - "markdownDescription": "Configuration information for indexing Confluence pages.", - "title": "PageConfiguration" + "Metadata": { + "type": "object" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password.\n\nYou can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) .", - "title": "SecretArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of this distribution configuration.", + "title": "Description", + "type": "string" + }, + "Distributions": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.Distribution" + }, + "markdownDescription": "The distributions of this distribution configuration formatted as an array of Distribution objects.", + "title": "Distributions", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of this distribution configuration.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of this distribution configuration.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Distributions", + "Name" + ], + "type": "object" }, - "ServerUrl": { - "markdownDescription": "The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* .", - "title": "ServerUrl", + "Type": { + "enum": [ + "AWS::ImageBuilder::DistributionConfiguration" + ], "type": "string" }, - "SpaceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceConfiguration", - "markdownDescription": "Configuration information for indexing Confluence spaces.", - "title": "SpaceConfiguration" - }, - "Version": { - "markdownDescription": "The version or the type of Confluence installation to connect to.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) .", - "title": "VpcConfiguration" } }, "required": [ - "SecretArn", - "ServerUrl", - "Version" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluencePageConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration": { "additionalProperties": false, "properties": { - "PageFieldMappings": { + "AmiTags": { + "additionalProperties": true, + "markdownDescription": "The tags to apply to AMIs distributed to this Region.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AmiTags", + "type": "object" + }, + "Description": { + "markdownDescription": "The description of the AMI distribution configuration. Minimum and maximum length are in characters.", + "title": "Description", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The KMS key identifier used to encrypt the distributed image.", + "title": "KmsKeyId", + "type": "string" + }, + "LaunchPermissionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration", + "markdownDescription": "Launch permissions can be used to configure which AWS account s can use the AMI to launch instances.", + "title": "LaunchPermissionConfiguration" + }, + "Name": { + "markdownDescription": "The name of the output AMI.", + "title": "Name", + "type": "string" + }, + "TargetAccountIds": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping" + "type": "string" }, - "markdownDescription": "Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `PageFieldMappings` parameter, you must specify at least one field mapping.", - "title": "PageFieldMappings", + "markdownDescription": "The ID of an account to which you want to distribute an image.", + "title": "TargetAccountIds", "type": "array" } }, "type": "object" }, - "AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping": { + "AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", - "type": "string" + "ContainerTags": { + "items": { + "type": "string" + }, + "markdownDescription": "Tags that are attached to the container distribution configuration.", + "title": "ContainerTags", + "type": "array" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "Description": { + "markdownDescription": "The description of the container distribution configuration.", + "title": "Description", "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", - "type": "string" + "TargetRepository": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository", + "markdownDescription": "The destination repository for the container distribution configuration.", + "title": "TargetRepository" } }, - "required": [ - "DataSourceFieldName", - "IndexFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceSpaceConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.Distribution": { "additionalProperties": false, "properties": { - "CrawlArchivedSpaces": { - "markdownDescription": "`TRUE` to index archived spaces.", - "title": "CrawlArchivedSpaces", - "type": "boolean" + "AmiDistributionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration", + "markdownDescription": "The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below.", + "title": "AmiDistributionConfiguration" }, - "CrawlPersonalSpaces": { - "markdownDescription": "`TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) .", - "title": "CrawlPersonalSpaces", - "type": "boolean" + "ContainerDistributionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration", + "markdownDescription": "Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below.", + "title": "ContainerDistributionConfiguration" }, - "ExcludeSpaces": { + "FastLaunchConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration" }, - "markdownDescription": "A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded.", - "title": "ExcludeSpaces", + "markdownDescription": "The Windows faster-launching configurations to use for AMI distribution.", + "title": "FastLaunchConfigurations", "type": "array" }, - "IncludeSpaces": { + "LaunchTemplateConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration" }, - "markdownDescription": "A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded.", - "title": "IncludeSpaces", + "markdownDescription": "A group of launchTemplateConfiguration settings that apply to image distribution for specified accounts.", + "title": "LaunchTemplateConfigurations", "type": "array" }, - "SpaceFieldMappings": { + "LicenseConfigurationArns": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping" + "type": "string" }, - "markdownDescription": "Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping.", - "title": "SpaceFieldMappings", + "markdownDescription": "The License Manager Configuration to associate with the AMI in the specified Region. For more information, see the [LicenseConfiguration API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_LicenseConfiguration.html) .", + "title": "LicenseConfigurationArns", "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping": { - "additionalProperties": false, - "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", - "type": "string" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "Region": { + "markdownDescription": "The target Region for the Distribution Configuration. For example, `eu-west-1` .", + "title": "Region", "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", - "type": "string" + "SsmParameterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.SsmParameterConfiguration" + }, + "markdownDescription": "Contains settings to update AWS Systems Manager (SSM) Parameter Store Parameters with output AMI IDs from the build by target Region.", + "title": "SsmParameterConfigurations", + "type": "array" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "Region" ], "type": "object" }, - "AWS::Kendra::DataSource.ConnectionConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration": { "additionalProperties": false, "properties": { - "DatabaseHost": { - "markdownDescription": "The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address.", - "title": "DatabaseHost", + "AccountId": { + "markdownDescription": "The owner account ID for the fast-launch enabled Windows AMI.", + "title": "AccountId", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database containing the document data.", - "title": "DatabaseName", - "type": "string" + "Enabled": { + "markdownDescription": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to `true` to start using Windows faster launching, or `false` to stop using it.", + "title": "Enabled", + "type": "boolean" }, - "DatabasePort": { - "markdownDescription": "The port that the database uses for connections.", - "title": "DatabasePort", - "type": "number" + "LaunchTemplate": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification", + "markdownDescription": "The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.", + "title": "LaunchTemplate" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide.", - "title": "SecretArn", - "type": "string" + "MaxParallelLaunches": { + "markdownDescription": "The maximum number of parallel instances that are launched for creating resources.", + "title": "MaxParallelLaunches", + "type": "number" }, - "TableName": { - "markdownDescription": "The name of the table that contains the document data.", - "title": "TableName", - "type": "string" + "SnapshotConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration", + "markdownDescription": "Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.", + "title": "SnapshotConfiguration" } }, - "required": [ - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "SecretArn", - "TableName" - ], "type": "object" }, - "AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "InlineConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration" - }, - "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra.", - "title": "InlineConfigurations", - "type": "array" - }, - "PostExtractionHookConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", - "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", - "title": "PostExtractionHookConfiguration" + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateId", + "type": "string" }, - "PreExtractionHookConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", - "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", - "title": "PreExtractionHookConfiguration" + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateName", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", - "title": "RoleArn", + "LaunchTemplateVersion": { + "markdownDescription": "The version of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateVersion", "type": "string" } }, "type": "object" }, - "AWS::Kendra::DataSource.DataSourceConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration": { "additionalProperties": false, "properties": { - "ConfluenceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceConfiguration", - "markdownDescription": "Provides the configuration information to connect to Confluence as your data source.", - "title": "ConfluenceConfiguration" - }, - "DatabaseConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DatabaseConfiguration", - "markdownDescription": "Provides the configuration information to connect to a database as your data source.", - "title": "DatabaseConfiguration" - }, - "GoogleDriveConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.GoogleDriveConfiguration", - "markdownDescription": "Provides the configuration information to connect to Google Drive as your data source.", - "title": "GoogleDriveConfiguration" - }, - "OneDriveConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveConfiguration", - "markdownDescription": "Provides the configuration information to connect to Microsoft OneDrive as your data source.", - "title": "OneDriveConfiguration" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3DataSourceConfiguration", - "markdownDescription": "Provides the configuration information to connect to an Amazon S3 bucket as your data source.\n\n> Amazon Kendra now supports an upgraded Amazon S3 connector.\n> \n> You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.\n> \n> Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.\n> \n> We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024.", - "title": "S3Configuration" - }, - "SalesforceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceConfiguration", - "markdownDescription": "Provides the configuration information to connect to Salesforce as your data source.", - "title": "SalesforceConfiguration" - }, - "ServiceNowConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowConfiguration", - "markdownDescription": "Provides the configuration information to connect to ServiceNow as your data source.", - "title": "ServiceNowConfiguration" - }, - "SharePointConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SharePointConfiguration", - "markdownDescription": "Provides the configuration information to connect to Microsoft SharePoint as your data source.", - "title": "SharePointConfiguration" - }, - "WebCrawlerConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerConfiguration", - "markdownDescription": "Provides the configuration information required for Amazon Kendra Web Crawler.", - "title": "WebCrawlerConfiguration" - }, - "WorkDocsConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WorkDocsConfiguration", - "markdownDescription": "Provides the configuration information to connect to Amazon WorkDocs as your data source.", - "title": "WorkDocsConfiguration" + "TargetResourceCount": { + "markdownDescription": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.", + "title": "TargetResourceCount", + "type": "number" } }, "type": "object" }, - "AWS::Kendra::DataSource.DataSourceToIndexFieldMapping": { + "AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source. You must first create the index field using the `UpdateIndex` API.", - "title": "DataSourceFieldName", - "type": "string" + "OrganizationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN for an AWS Organization that you want to share your AMI with. For more information, see [What is AWS Organizations ?](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) .", + "title": "OrganizationArns", + "type": "array" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field, you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", - "type": "string" + "OrganizationalUnitArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN for an AWS Organizations organizational unit (OU) that you want to share your AMI with. For more information about key concepts for AWS Organizations , see [AWS Organizations terminology and concepts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html) .", + "title": "OrganizationalUnitArns", + "type": "array" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the data source field. The index field type must match the data source field type.", - "title": "IndexFieldName", - "type": "string" - } - }, - "required": [ - "DataSourceFieldName", - "IndexFieldName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.DataSourceVpcConfiguration": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { + "UserGroups": { "items": { "type": "string" }, - "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source.", - "title": "SecurityGroupIds", + "markdownDescription": "The name of the group.", + "title": "UserGroups", "type": "array" }, - "SubnetIds": { + "UserIds": { "items": { "type": "string" }, - "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", - "title": "SubnetIds", + "markdownDescription": "The AWS account ID.", + "title": "UserIds", "type": "array" } }, - "required": [ - "SecurityGroupIds", - "SubnetIds" - ], "type": "object" }, - "AWS::Kendra::DataSource.DatabaseConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration": { "additionalProperties": false, "properties": { - "AclConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.AclConfiguration", - "markdownDescription": "Information about the database column that provides information for user context filtering.", - "title": "AclConfiguration" - }, - "ColumnConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ColumnConfiguration", - "markdownDescription": "Information about where the index should get the document information from the database.", - "title": "ColumnConfiguration" - }, - "ConnectionConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConnectionConfiguration", - "markdownDescription": "Configuration information that's required to connect to a database.", - "title": "ConnectionConfiguration" - }, - "DatabaseEngineType": { - "markdownDescription": "The type of database engine that runs the database.", - "title": "DatabaseEngineType", + "AccountId": { + "markdownDescription": "The account ID that this configuration applies to.", + "title": "AccountId", "type": "string" }, - "SqlConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SqlConfiguration", - "markdownDescription": "Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source.", - "title": "SqlConfiguration" + "LaunchTemplateId": { + "markdownDescription": "Identifies the Amazon EC2 launch template to use.", + "title": "LaunchTemplateId", + "type": "string" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Provides information for connecting to an Amazon VPC.", - "title": "VpcConfiguration" + "SetDefaultVersion": { + "markdownDescription": "Set the specified Amazon EC2 launch template as the default launch template for the specified account.", + "title": "SetDefaultVersion", + "type": "boolean" } }, - "required": [ - "ColumnConfiguration", - "ConnectionConfiguration", - "DatabaseEngineType" - ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeCondition": { + "AWS::ImageBuilder::DistributionConfiguration.SsmParameterConfiguration": { "additionalProperties": false, "properties": { - "ConditionDocumentAttributeKey": { - "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Kendra currently does not support `_document_body` as an attribute key used for the condition.", - "title": "ConditionDocumentAttributeKey", + "AmiAccountId": { + "markdownDescription": "Specify the account that will own the Parameter in a given Region. During distribution, this account must be specified in distribution settings as a target account for the Region.", + "title": "AmiAccountId", "type": "string" }, - "ConditionOnValue": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", - "markdownDescription": "The value used by the operator.\n\nFor example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value.", - "title": "ConditionOnValue" + "DataType": { + "markdownDescription": "The data type specifies what type of value the Parameter contains. We recommend that you use data type `aws:ec2:image` .", + "title": "DataType", + "type": "string" }, - "Operator": { - "markdownDescription": "The condition operator.\n\nFor example, you can use 'Contains' to partially match a string.", - "title": "Operator", + "ParameterName": { + "markdownDescription": "This is the name of the Parameter in the target Region or account. The image distribution creates the Parameter if it doesn't already exist. Otherwise, it updates the parameter.", + "title": "ParameterName", "type": "string" } }, "required": [ - "ConditionDocumentAttributeKey", - "Operator" + "ParameterName" ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeTarget": { + "AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository": { "additionalProperties": false, "properties": { - "TargetDocumentAttributeKey": { - "markdownDescription": "The identifier of the target document attribute or metadata field.\n\nFor example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", - "title": "TargetDocumentAttributeKey", + "RepositoryName": { + "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", + "title": "RepositoryName", "type": "string" }, - "TargetDocumentAttributeValue": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", - "markdownDescription": "The target value you want to create for the target attribute.\n\nFor example, 'Finance' could be the target value for the target attribute key 'Department'.", - "title": "TargetDocumentAttributeValue" - }, - "TargetDocumentAttributeValueDeletion": { - "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` . To create a target value ( `TargetDocumentAttributeValue` ), set this to `FALSE` .", - "title": "TargetDocumentAttributeValueDeletion", - "type": "boolean" + "Service": { + "markdownDescription": "Specifies the service in which this image was registered.", + "title": "Service", + "type": "string" } }, - "required": [ - "TargetDocumentAttributeKey" - ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeValue": { + "AWS::ImageBuilder::Image": { "additionalProperties": false, "properties": { - "DateValue": { - "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", - "title": "DateValue", + "Condition": { "type": "string" }, - "LongValue": { - "markdownDescription": "A long integer value.", - "title": "LongValue", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "StringListValue": { - "items": { - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContainerRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.", + "title": "ContainerRecipeArn", + "type": "string" + }, + "DistributionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration that defines and configures the outputs of your pipeline.", + "title": "DistributionConfigurationArn", + "type": "string" + }, + "EnhancedImageMetadataEnabled": { + "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", + "title": "EnhancedImageMetadataEnabled", + "type": "boolean" + }, + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", + "title": "ExecutionRole", + "type": "string" + }, + "ImageRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.", + "title": "ImageRecipeArn", + "type": "string" + }, + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageScanningConfiguration", + "markdownDescription": "Contains settings for vulnerability scans.", + "title": "ImageScanningConfiguration" + }, + "ImageTestsConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageTestsConfiguration", + "markdownDescription": "The image tests configuration of the image.", + "title": "ImageTestsConfiguration" + }, + "InfrastructureConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration that defines the environment in which your image will be built and tested.", + "title": "InfrastructureConfigurationArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of the image.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Workflows": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowConfiguration" + }, + "markdownDescription": "Contains an array of workflow configuration objects.", + "title": "Workflows", + "type": "array" + } }, - "markdownDescription": "A list of strings. The default maximum length or number of strings is 10.", - "title": "StringListValue", - "type": "array" + "type": "object" }, - "StringValue": { - "markdownDescription": "A string, such as \"department\".", - "title": "StringValue", + "Type": { + "enum": [ + "AWS::ImageBuilder::Image" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.DocumentsMetadataConfiguration": { - "additionalProperties": false, - "properties": { - "S3Prefix": { - "markdownDescription": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files.", - "title": "S3Prefix", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Kendra::DataSource.GoogleDriveConfiguration": { + "AWS::ImageBuilder::Image.EcrConfiguration": { "additionalProperties": false, "properties": { - "ExcludeMimeTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded.\n\nFor a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", - "title": "ExcludeMimeTypes", - "type": "array" - }, - "ExcludeSharedDrives": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded.", - "title": "ExcludeSharedDrives", - "type": "array" - }, - "ExcludeUserAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way.", - "title": "ExcludeUserAccounts", - "type": "array" - }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "InclusionPatterns": { + "ContainerTags": { "items": { "type": "string" }, - "markdownDescription": "A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "InclusionPatterns", + "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", + "title": "ContainerTags", "type": "array" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", - "title": "SecretArn", + "RepositoryName": { + "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", + "title": "RepositoryName", "type": "string" } }, - "required": [ - "SecretArn" - ], "type": "object" }, - "AWS::Kendra::DataSource.HookConfiguration": { + "AWS::ImageBuilder::Image.ImageScanningConfiguration": { "additionalProperties": false, "properties": { - "InvocationCondition": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", - "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time.", - "title": "InvocationCondition" - }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", - "title": "LambdaArn", - "type": "string" + "EcrConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.EcrConfiguration", + "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", + "title": "EcrConfiguration" }, - "S3Bucket": { - "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) .", - "title": "S3Bucket", - "type": "string" + "ImageScanningEnabled": { + "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", + "title": "ImageScanningEnabled", + "type": "boolean" } }, - "required": [ - "LambdaArn", - "S3Bucket" - ], "type": "object" }, - "AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration": { + "AWS::ImageBuilder::Image.ImageTestsConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", - "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Kendra.", - "title": "Condition" - }, - "DocumentContentDeletion": { - "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", - "title": "DocumentContentDeletion", + "ImageTestsEnabled": { + "markdownDescription": "Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.", + "title": "ImageTestsEnabled", "type": "boolean" }, - "Target": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeTarget", - "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Kendra. You can also include a value.", - "title": "Target" + "TimeoutMinutes": { + "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", + "title": "TimeoutMinutes", + "type": "number" } }, "type": "object" }, - "AWS::Kendra::DataSource.OneDriveConfiguration": { + "AWS::ImageBuilder::Image.WorkflowConfiguration": { "additionalProperties": false, "properties": { - "DisableLocalGroups": { - "markdownDescription": "`TRUE` to disable local groups information.", - "title": "DisableLocalGroups", - "type": "boolean" - }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", - "title": "ExclusionPatterns", - "type": "array" + "OnFailure": { + "markdownDescription": "The action to take if the workflow fails.", + "title": "OnFailure", + "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata.", - "title": "FieldMappings", - "type": "array" + "ParallelGroup": { + "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", + "title": "ParallelGroup", + "type": "string" }, - "InclusionPatterns": { + "Parameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowParameter" }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", - "title": "InclusionPatterns", + "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", + "title": "Parameters", "type": "array" }, - "OneDriveUsers": { - "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveUsers", - "markdownDescription": "A list of user accounts whose documents should be indexed.", - "title": "OneDriveUsers" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application.", - "title": "SecretArn", - "type": "string" - }, - "TenantDomain": { - "markdownDescription": "The Azure Active Directory domain of the organization.", - "title": "TenantDomain", + "WorkflowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", + "title": "WorkflowArn", "type": "string" } }, - "required": [ - "OneDriveUsers", - "SecretArn", - "TenantDomain" - ], "type": "object" }, - "AWS::Kendra::DataSource.OneDriveUsers": { + "AWS::ImageBuilder::Image.WorkflowParameter": { "additionalProperties": false, "properties": { - "OneDriveUserList": { - "items": { + "Name": { + "markdownDescription": "The name of the workflow parameter to set.", + "title": "Name", + "type": "string" + }, + "Value": { + "items": { "type": "string" }, - "markdownDescription": "A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users.", - "title": "OneDriveUserList", + "markdownDescription": "Sets the value for the named workflow parameter.", + "title": "Value", "type": "array" - }, - "OneDriveUserS3Path": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", - "markdownDescription": "The S3 bucket location of a file containing a list of users whose documents should be indexed.", - "title": "OneDriveUserS3Path" } }, "type": "object" }, - "AWS::Kendra::DataSource.ProxyConfiguration": { + "AWS::ImageBuilder::ImagePipeline": { "additionalProperties": false, "properties": { - "Credentials": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nThe credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials.", - "title": "Credentials", - "type": "string" - }, - "Host": { - "markdownDescription": "The name of the website host you want to connect to via a web proxy server.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", - "title": "Host", + "Condition": { "type": "string" }, - "Port": { - "markdownDescription": "The port number of the website host you want to connect to via a web proxy server.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", - "title": "Port", - "type": "number" - } - }, - "required": [ - "Host", - "Port" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.S3DataSourceConfiguration": { - "additionalProperties": false, - "properties": { - "AccessControlListConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.AccessControlListConfiguration", - "markdownDescription": "Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) .", - "title": "AccessControlListConfiguration" - }, - "BucketName": { - "markdownDescription": "The name of the bucket that contains the documents.", - "title": "BucketName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DocumentsMetadataConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentsMetadataConfiguration", - "markdownDescription": "Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document.", - "title": "DocumentsMetadataConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", - "title": "ExclusionPatterns", - "type": "array" + "Metadata": { + "type": "object" }, - "InclusionPatterns": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ContainerRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that is used for this pipeline.", + "title": "ContainerRecipeArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of this image pipeline.", + "title": "Description", + "type": "string" + }, + "DistributionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline.", + "title": "DistributionConfigurationArn", + "type": "string" + }, + "EnhancedImageMetadataEnabled": { + "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", + "title": "EnhancedImageMetadataEnabled", + "type": "boolean" + }, + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", + "title": "ExecutionRole", + "type": "string" + }, + "ImageRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe associated with this image pipeline.", + "title": "ImageRecipeArn", + "type": "string" + }, + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration", + "markdownDescription": "Contains settings for vulnerability scans.", + "title": "ImageScanningConfiguration" + }, + "ImageTestsConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration", + "markdownDescription": "The configuration of the image tests that run after image creation to ensure the quality of the image that was created.", + "title": "ImageTestsConfiguration" + }, + "InfrastructureConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline.", + "title": "InfrastructureConfigurationArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the image pipeline.", + "title": "Name", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.Schedule", + "markdownDescription": "The schedule of the image pipeline. A schedule configures how often and when a pipeline automatically creates a new image.", + "title": "Schedule" + }, + "Status": { + "markdownDescription": "The status of the image pipeline.", + "title": "Status", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of this image pipeline.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Workflows": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration" + }, + "markdownDescription": "Contains the workflows that run for the image pipeline.", + "title": "Workflows", + "type": "array" + } }, - "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", - "title": "InclusionPatterns", - "type": "array" + "required": [ + "InfrastructureConfigurationArn", + "Name" + ], + "type": "object" }, - "InclusionPrefixes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of S3 prefixes for the documents that should be included in the index.", - "title": "InclusionPrefixes", - "type": "array" - } - }, - "required": [ - "BucketName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.S3Path": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that contains the file.", - "title": "Bucket", + "Type": { + "enum": [ + "AWS::ImageBuilder::ImagePipeline" + ], "type": "string" }, - "Key": { - "markdownDescription": "The name of the file.", - "title": "Key", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket", - "Key" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration": { + "AWS::ImageBuilder::ImagePipeline.EcrConfiguration": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps fields from a Salesforce chatter feed into Amazon Kendra index fields.", - "title": "FieldMappings", - "type": "array" - }, - "IncludeFilterTypes": { + "ContainerTags": { "items": { "type": "string" }, - "markdownDescription": "Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both.", - "title": "IncludeFilterTypes", + "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", + "title": "ContainerTags", "type": "array" + }, + "RepositoryName": { + "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", + "title": "RepositoryName", + "type": "string" } }, - "required": [ - "DocumentDataFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceConfiguration": { + "AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration": { "additionalProperties": false, "properties": { - "ChatterFeedConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration", - "markdownDescription": "Configuration information for Salesforce chatter feeds.", - "title": "ChatterFeedConfiguration" + "EcrConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.EcrConfiguration", + "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", + "title": "EcrConfiguration" }, - "CrawlAttachments": { - "markdownDescription": "Indicates whether Amazon Kendra should index attachments to Salesforce objects.", - "title": "CrawlAttachments", + "ImageScanningEnabled": { + "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", + "title": "ImageScanningEnabled", "type": "boolean" - }, - "ExcludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", - "title": "ExcludeAttachmentFilePatterns", - "type": "array" - }, - "IncludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", - "title": "IncludeAttachmentFilePatterns", - "type": "array" - }, - "KnowledgeArticleConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration", - "markdownDescription": "Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both.", - "title": "KnowledgeArticleConfiguration" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys:\n\n- authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token.\n- consumerKey - The application public key generated when you created your Salesforce application.\n- consumerSecret - The application private key generated when you created your Salesforce application.\n- password - The password associated with the user logging in to the Salesforce instance.\n- securityToken - The token associated with the user logging in to the Salesforce instance.\n- username - The user name of the user logging in to the Salesforce instance.", - "title": "SecretArn", - "type": "string" - }, - "ServerUrl": { - "markdownDescription": "The instance URL for the Salesforce site that you want to index.", - "title": "ServerUrl", - "type": "string" - }, - "StandardObjectAttachmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration", - "markdownDescription": "Configuration information for processing attachments to Salesforce standard objects.", - "title": "StandardObjectAttachmentConfiguration" - }, - "StandardObjectConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration" - }, - "markdownDescription": "Configuration of the Salesforce standard objects that Amazon Kendra indexes.", - "title": "StandardObjectConfigurations", - "type": "array" } }, - "required": [ - "SecretArn", - "ServerUrl" - ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration": { + "AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field in the custom knowledge article that contains the document data to index.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field in the custom knowledge article that contains the document title.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of the custom knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", - "type": "array" + "ImageTestsEnabled": { + "markdownDescription": "Defines if tests should be executed when building this image. For example, `true` or `false` .", + "title": "ImageTestsEnabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the configuration.", - "title": "Name", - "type": "string" + "TimeoutMinutes": { + "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", + "title": "TimeoutMinutes", + "type": "number" } }, - "required": [ - "DocumentDataFieldName", - "Name" - ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration": { + "AWS::ImageBuilder::ImagePipeline.Schedule": { "additionalProperties": false, "properties": { - "CustomKnowledgeArticleTypeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration" - }, - "markdownDescription": "Configuration information for custom Salesforce knowledge articles.", - "title": "CustomKnowledgeArticleTypeConfigurations", - "type": "array" - }, - "IncludedStates": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state.", - "title": "IncludedStates", - "type": "array" + "PipelineExecutionStartCondition": { + "markdownDescription": "The condition configures when the pipeline should trigger a new image build. When the `pipelineExecutionStartCondition` is set to `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE` , and you use semantic version filters on the base image or components in your image recipe, Image Builder will build a new image only when there are new versions of the image or components in your recipe that match the semantic version filter. When it is set to `EXPRESSION_MATCH_ONLY` , it will build a new image every time the CRON expression matches the current time. For semantic version syntax, see [CreateComponent](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html) in the *Image Builder API Reference* .", + "title": "PipelineExecutionStartCondition", + "type": "string" }, - "StandardKnowledgeArticleTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration", - "markdownDescription": "Configuration information for standard Salesforce knowledge articles.", - "title": "StandardKnowledgeArticleTypeConfiguration" + "ScheduleExpression": { + "markdownDescription": "The cron expression determines how often EC2 Image Builder evaluates your `pipelineExecutionStartCondition` .\n\nFor information on how to format a cron expression in Image Builder, see [Use cron expressions in EC2 Image Builder](https://docs.aws.amazon.com/imagebuilder/latest/userguide/image-builder-cron.html) .", + "title": "ScheduleExpression", + "type": "string" } }, - "required": [ - "IncludedStates" - ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration": { + "AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field that contains the document data to index.", - "title": "DocumentDataFieldName", + "OnFailure": { + "markdownDescription": "The action to take if the workflow fails.", + "title": "OnFailure", "type": "string" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field that contains the document title.", - "title": "DocumentTitleFieldName", + "ParallelGroup": { + "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", + "title": "ParallelGroup", "type": "string" }, - "FieldMappings": { + "Parameters": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowParameter" }, - "markdownDescription": "Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", + "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", + "title": "Parameters", "type": "array" + }, + "WorkflowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", + "title": "WorkflowArn", + "type": "string" } }, - "required": [ - "DocumentDataFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration": { + "AWS::ImageBuilder::ImagePipeline.WorkflowParameter": { "additionalProperties": false, "properties": { - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field used for the document title.", - "title": "DocumentTitleFieldName", + "Name": { + "markdownDescription": "The name of the workflow parameter to set.", + "title": "Name", "type": "string" }, - "FieldMappings": { + "Value": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "type": "string" }, - "markdownDescription": "One or more objects that map fields in attachments to Amazon Kendra index fields.", - "title": "FieldMappings", + "markdownDescription": "Sets the value for the named workflow parameter.", + "title": "Value", "type": "array" } }, "type": "object" }, - "AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration": { + "AWS::ImageBuilder::ImageRecipe": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field in the standard object table that contains the document contents.", - "title": "DocumentDataFieldName", + "Condition": { "type": "string" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field in the standard object table that contains the document title.", - "title": "DocumentTitleFieldName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalInstanceConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration", + "markdownDescription": "Before you create a new AMI, Image Builder launches temporary Amazon EC2 instances to build and test your image configuration. Instance configuration adds a layer of control over those instances. You can define settings and add scripts to run when an instance is launched from your AMI.", + "title": "AdditionalInstanceConfiguration" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping" + }, + "markdownDescription": "The block device mappings to apply when creating images from this recipe.", + "title": "BlockDeviceMappings", + "type": "array" + }, + "Components": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentConfiguration" + }, + "markdownDescription": "The components that are included in the image recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", + "title": "Components", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the image recipe.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the image recipe.", + "title": "Name", + "type": "string" + }, + "ParentImage": { + "markdownDescription": "The base image for customizations specified in the image recipe. You can specify the parent image using one of the following options:\n\n- AMI ID\n- Image Builder image Amazon Resource Name (ARN)\n- AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n- AWS Marketplace product ID", + "title": "ParentImage", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of the image recipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Version": { + "markdownDescription": "The version of the image recipe.", + "title": "Version", + "type": "string" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory to be used during build and test workflows.", + "title": "WorkingDirectory", + "type": "string" + } }, - "markdownDescription": "Maps attributes or field names of the standard object to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", - "type": "array" + "required": [ + "Components", + "Name", + "ParentImage", + "Version" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the standard object.", - "title": "Name", + "Type": { + "enum": [ + "AWS::ImageBuilder::ImageRecipe" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DocumentDataFieldName", - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.ServiceNowConfiguration": { + "AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration": { "additionalProperties": false, "properties": { - "AuthenticationType": { - "markdownDescription": "The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password.\n\nWhen you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", - "title": "AuthenticationType", - "type": "string" - }, - "HostUrl": { - "markdownDescription": "The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.*", - "title": "HostUrl", - "type": "string" - }, - "KnowledgeArticleConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration", - "markdownDescription": "Configuration information for crawling knowledge articles in the ServiceNow site.", - "title": "KnowledgeArticleConfiguration" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", - "title": "SecretArn", - "type": "string" - }, - "ServiceCatalogConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration", - "markdownDescription": "Configuration information for crawling service catalogs in the ServiceNow site.", - "title": "ServiceCatalogConfiguration" + "SystemsManagerAgent": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent", + "markdownDescription": "Contains settings for the Systems Manager agent on your build instance.", + "title": "SystemsManagerAgent" }, - "ServiceNowBuildVersion": { - "markdownDescription": "The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` .", - "title": "ServiceNowBuildVersion", + "UserDataOverride": { + "markdownDescription": "Use this property to provide commands or a command script to run when you launch your build instance.\n\nThe userDataOverride property replaces any commands that Image Builder might have added to ensure that Systems Manager is installed on your Linux build instance. If you override the user data, make sure that you add commands to install Systems Manager, if it is not pre-installed on your base image.\n\n> The user data is always base 64 encoded. For example, the following commands are encoded as `IyEvYmluL2Jhc2gKbWtkaXIgLXAgL3Zhci9iYi8KdG91Y2ggL3Zhci$` :\n> \n> *#!/bin/bash*\n> \n> mkdir -p /var/bb/\n> \n> touch /var", + "title": "UserDataOverride", "type": "string" } }, - "required": [ - "HostUrl", - "SecretArn", - "ServiceNowBuildVersion" - ], "type": "object" }, - "AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration": { + "AWS::ImageBuilder::ImageRecipe.ComponentConfiguration": { "additionalProperties": false, "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments to knowledge articles.", - "title": "CrawlAttachments", - "type": "boolean" - }, - "DocumentDataFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "ExcludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "ExcludeAttachmentFilePatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "FilterQuery": { - "markdownDescription": "A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private.\n\nThe query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) .", - "title": "FilterQuery", + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", "type": "string" }, - "IncludeAttachmentFilePatterns": { + "Parameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentParameter" }, - "markdownDescription": "A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "IncludeAttachmentFilePatterns", + "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", + "title": "Parameters", "type": "array" } }, - "required": [ - "DocumentDataFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration": { + "AWS::ImageBuilder::ImageRecipe.ComponentParameter": { "additionalProperties": false, "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments to service catalog items.", - "title": "CrawlAttachments", - "type": "boolean" - }, - "DocumentDataFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", - "title": "DocumentTitleFieldName", + "Name": { + "markdownDescription": "The name of the component parameter to set.", + "title": "Name", "type": "string" }, - "ExcludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", - "title": "ExcludeAttachmentFilePatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "IncludeAttachmentFilePatterns": { + "Value": { "items": { "type": "string" }, - "markdownDescription": "A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", - "title": "IncludeAttachmentFilePatterns", + "markdownDescription": "Sets the value for the named component parameter.", + "title": "Value", "type": "array" } }, "required": [ - "DocumentDataFieldName" + "Name", + "Value" ], "type": "object" }, - "AWS::Kendra::DataSource.SharePointConfiguration": { + "AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification": { "additionalProperties": false, "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index document attachments.", - "title": "CrawlAttachments", + "DeleteOnTermination": { + "markdownDescription": "Configures delete on termination of the associated device.", + "title": "DeleteOnTermination", "type": "boolean" }, - "DisableLocalGroups": { - "markdownDescription": "`TRUE` to disable local groups information.", - "title": "DisableLocalGroups", + "Encrypted": { + "markdownDescription": "Use to configure device encryption.", + "title": "Encrypted", "type": "boolean" }, - "DocumentTitleFieldName": { - "markdownDescription": "The Microsoft SharePoint attribute field that contains the title of the document.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index.\n\nThe regex is applied to the display URL of the SharePoint document.", - "title": "ExclusionPatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) .", - "title": "FieldMappings", - "type": "array" - }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe regex applies to the display URL of the SharePoint document.", - "title": "InclusionPatterns", - "type": "array" + "Iops": { + "markdownDescription": "Use to configure device IOPS.", + "title": "Iops", + "type": "number" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) .", - "title": "SecretArn", + "KmsKeyId": { + "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", + "title": "KmsKeyId", "type": "string" }, - "SharePointVersion": { - "markdownDescription": "The version of Microsoft SharePoint that you use.", - "title": "SharePointVersion", + "SnapshotId": { + "markdownDescription": "The snapshot that defines the device contents.", + "title": "SnapshotId", "type": "string" }, - "SslCertificateS3Path": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", - "markdownDescription": "Information required to find a specific file in an Amazon S3 bucket.", - "title": "SslCertificateS3Path" - }, - "Urls": { - "items": { - "type": "string" - }, - "markdownDescription": "The Microsoft SharePoint site URLs for the documents you want to index.", - "title": "Urls", - "type": "array" + "Throughput": { + "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", + "title": "Throughput", + "type": "number" }, - "UseChangeLog": { - "markdownDescription": "`TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint.", - "title": "UseChangeLog", - "type": "boolean" + "VolumeSize": { + "markdownDescription": "Overrides the volume size of the device.", + "title": "VolumeSize", + "type": "number" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Provides information for connecting to an Amazon VPC.", - "title": "VpcConfiguration" - } - }, - "required": [ - "SecretArn", - "SharePointVersion", - "Urls" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.SqlConfiguration": { - "additionalProperties": false, - "properties": { - "QueryIdentifiersEnclosingOption": { - "markdownDescription": "Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (\") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` .\n\nBy default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes.\n\nPostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case.\n\nFor MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` .", - "title": "QueryIdentifiersEnclosingOption", + "VolumeType": { + "markdownDescription": "Overrides the volume type of the device.", + "title": "VolumeType", "type": "string" } }, "type": "object" }, - "AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration": { - "additionalProperties": false, - "properties": { - "BasicAuthentication": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerBasicAuthentication" - }, - "markdownDescription": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host.", - "title": "BasicAuthentication", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerBasicAuthentication": { + "AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping": { "additionalProperties": false, "properties": { - "Credentials": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nYou use a secret if basic authentication credentials are required to connect to a website. The secret stores your credentials of user name and password.", - "title": "Credentials", - "type": "string" - }, - "Host": { - "markdownDescription": "The name of the website host you want to connect to using authentication credentials.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", - "title": "Host", + "DeviceName": { + "markdownDescription": "The device to which these mappings apply.", + "title": "DeviceName", "type": "string" }, - "Port": { - "markdownDescription": "The port number of the website host you want to connect to using authentication credentials.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", - "title": "Port", - "type": "number" - } - }, - "required": [ - "Credentials", - "Host", - "Port" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerConfiguration": { - "additionalProperties": false, - "properties": { - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration", - "markdownDescription": "Configuration information required to connect to websites using authentication.\n\nYou can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.", - "title": "AuthenticationConfiguration" - }, - "CrawlDepth": { - "markdownDescription": "The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2.", - "title": "CrawlDepth", - "type": "number" - }, - "MaxContentSizePerPageInMegaBytes": { - "markdownDescription": "The maximum size (in MB) of a web page or attachment to crawl.\n\nFiles larger than this size (in MB) are skipped/not crawled.\n\nThe default maximum size of a web page or attachment is set to 50 MB.", - "title": "MaxContentSizePerPageInMegaBytes", - "type": "number" - }, - "MaxLinksPerPage": { - "markdownDescription": "The maximum number of URLs on a web page to include when crawling a website. This number is per web page.\n\nAs a website\u2019s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance.\n\nThe default maximum links per page is 100.", - "title": "MaxLinksPerPage", - "type": "number" - }, - "MaxUrlsPerMinuteCrawlRate": { - "markdownDescription": "The maximum number of URLs crawled per website host per minute.\n\nA minimum of one URL is required.\n\nThe default maximum number of URLs crawled per website host per minute is 300.", - "title": "MaxUrlsPerMinuteCrawlRate", - "type": "number" - }, - "ProxyConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ProxyConfiguration", - "markdownDescription": "Configuration information required to connect to your internal websites via a web proxy.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.\n\nWeb proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) .", - "title": "ProxyConfiguration" - }, - "UrlExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", - "title": "UrlExclusionPatterns", - "type": "array" - }, - "UrlInclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", - "title": "UrlInclusionPatterns", - "type": "array" - }, - "Urls": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerUrls", - "markdownDescription": "Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl.\n\nYou can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs.\n\nYou can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling.\n\n*When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.*", - "title": "Urls" - } - }, - "required": [ - "Urls" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration": { - "additionalProperties": false, - "properties": { - "SeedUrls": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of seed or starting point URLs of the websites you want to crawl.\n\nThe list can include a maximum of 100 seed URLs.", - "title": "SeedUrls", - "type": "array" + "Ebs": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification", + "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", + "title": "Ebs" }, - "WebCrawlerMode": { - "markdownDescription": "You can choose one of the following modes:\n\n- `HOST_ONLY` \u2014crawl only the website host names. For example, if the seed URL is \"abc.example.com\", then only URLs with host name \"abc.example.com\" are crawled.\n- `SUBDOMAINS` \u2014crawl the website host names with subdomains. For example, if the seed URL is \"abc.example.com\", then \"a.abc.example.com\" and \"b.abc.example.com\" are also crawled.\n- `EVERYTHING` \u2014crawl the website host names with subdomains and other domains that the web pages link to.\n\nThe default mode is set to `HOST_ONLY` .", - "title": "WebCrawlerMode", + "NoDevice": { + "markdownDescription": "Enter an empty string to remove a mapping from the parent image.\n\nThe following is an example of an empty string value in the `NoDevice` field.\n\n`NoDevice:\"\"`", + "title": "NoDevice", "type": "string" - } - }, - "required": [ - "SeedUrls" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration": { - "additionalProperties": false, - "properties": { - "SiteMaps": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of sitemap URLs of the websites you want to crawl.\n\nThe list can include a maximum of three sitemap URLs.", - "title": "SiteMaps", - "type": "array" - } - }, - "required": [ - "SiteMaps" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerUrls": { - "additionalProperties": false, - "properties": { - "SeedUrlConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration", - "markdownDescription": "Configuration of the seed or starting point URLs of the websites you want to crawl.\n\nYou can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to.\n\nYou can list up to 100 seed URLs.", - "title": "SeedUrlConfiguration" }, - "SiteMapsConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration", - "markdownDescription": "Configuration of the sitemap URLs of the websites you want to crawl.\n\nOnly URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs.", - "title": "SiteMapsConfiguration" + "VirtualName": { + "markdownDescription": "Manages the instance ephemeral devices.", + "title": "VirtualName", + "type": "string" } }, "type": "object" }, - "AWS::Kendra::DataSource.WorkDocsConfiguration": { + "AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent": { "additionalProperties": false, "properties": { - "CrawlComments": { - "markdownDescription": "`TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on.\n\nThe default is set to `FALSE` .", - "title": "CrawlComments", - "type": "boolean" - }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain files in your Amazon WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don\u2019t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Amazon WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Amazon WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Amazon WorkDocs data source field names must exist in your Amazon WorkDocs custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain files in your Amazon WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", - "title": "InclusionPatterns", - "type": "array" - }, - "OrganizationId": { - "markdownDescription": "The identifier of the directory corresponding to your Amazon WorkDocs site repository.\n\nYou can find the organization ID in the [AWS Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your Amazon WorkDocs site directory has an ID, which is the organization ID. You can also set up a new Amazon WorkDocs directory in the AWS Directory Service console and enable a Amazon WorkDocs site for the directory in the Amazon WorkDocs console.", - "title": "OrganizationId", - "type": "string" - }, - "UseChangeLog": { - "markdownDescription": "`TRUE` to use the Amazon WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in Amazon WorkDocs.", - "title": "UseChangeLog", + "UninstallAfterBuild": { + "markdownDescription": "Controls whether the Systems Manager agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false.", + "title": "UninstallAfterBuild", "type": "boolean" } }, - "required": [ - "OrganizationId" - ], "type": "object" }, - "AWS::Kendra::Faq": { + "AWS::ImageBuilder::InfrastructureConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -136158,60 +143062,103 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description for the FAQ.", + "markdownDescription": "The description of the infrastructure configuration.", "title": "Description", "type": "string" }, - "FileFormat": { - "markdownDescription": "The format of the input file. You can choose between a basic CSV format, a CSV format that includes customs attributes in a header, and a JSON format that includes custom attributes.\n\nThe format must match the format of the file stored in the S3 bucket identified in the S3Path parameter.\n\nValid values are:\n\n- `CSV`\n- `CSV_WITH_HEADER`\n- `JSON`", - "title": "FileFormat", - "type": "string" + "InstanceMetadataOptions": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions", + "markdownDescription": "The instance metadata options that you can set for the HTTP requests that pipeline builds use to launch EC2 build and test instances.", + "title": "InstanceMetadataOptions" }, - "IndexId": { - "markdownDescription": "The identifier of the index that contains the FAQ.", - "title": "IndexId", + "InstanceProfileName": { + "markdownDescription": "The instance profile to associate with the instance used to customize your Amazon EC2 AMI.", + "title": "InstanceProfileName", "type": "string" }, - "LanguageCode": { - "markdownDescription": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", - "title": "LanguageCode", + "InstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types of the infrastructure configuration. You can specify one or more instance types to use for this build. The service will pick one of these instance types based on availability.", + "title": "InstanceTypes", + "type": "array" + }, + "KeyPair": { + "markdownDescription": "The key pair of the infrastructure configuration. You can use this to log on to and debug the instance used to create your image.", + "title": "KeyPair", "type": "string" }, - "Name": { - "markdownDescription": "The name that you assigned the FAQ when you created or updated the FAQ.", + "Logging": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Logging", + "markdownDescription": "The logging configuration of the infrastructure configuration.", + "title": "Logging" + }, + "Name": { + "markdownDescription": "The name of the infrastructure configuration.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQ.", - "title": "RoleArn", + "Placement": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Placement", + "markdownDescription": "The instance placement settings that define where the instances that are launched from your image will run.", + "title": "Placement" + }, + "ResourceTags": { + "additionalProperties": true, + "markdownDescription": "The metadata tags to assign to the Amazon EC2 instance that Image Builder launches during the build process. Tags are formatted as key value pairs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ResourceTags", + "type": "object" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group IDs to associate with the instance used to customize your Amazon EC2 AMI.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.\n\n> EC2 Image Builder is unable to send notifications to SNS topics that are encrypted using keys from other accounts. The key that is used to encrypt the SNS topic must reside in the account that the Image Builder service runs under.", + "title": "SnsTopicArn", "type": "string" }, - "S3Path": { - "$ref": "#/definitions/AWS::Kendra::Faq.S3Path", - "markdownDescription": "The Amazon Simple Storage Service (Amazon S3) location of the FAQ input data.", - "title": "S3Path" + "SubnetId": { + "markdownDescription": "The subnet ID in which to place the instance used to customize your Amazon EC2 AMI.", + "title": "SubnetId", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The metadata tags to assign to the infrastructure configuration resource that Image Builder creates as output. Tags are formatted as key value pairs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" + }, + "TerminateInstanceOnFailure": { + "markdownDescription": "The terminate instance on failure setting of the infrastructure configuration. Set to false if you want Image Builder to retain the instance used to configure your AMI if the build or test phase of your workflow fails.", + "title": "TerminateInstanceOnFailure", + "type": "boolean" } }, "required": [ - "IndexId", - "Name", - "RoleArn", - "S3Path" + "InstanceProfileName", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::Faq" + "AWS::ImageBuilder::InfrastructureConfiguration" ], "type": "string" }, @@ -136230,27 +143177,76 @@ ], "type": "object" }, - "AWS::Kendra::Faq.S3Path": { + "AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that contains the file.", - "title": "Bucket", + "HttpPutResponseHopLimit": { + "markdownDescription": "Limit the number of hops that an instance metadata request can traverse to reach its destination. The default is one hop. However, if HTTP tokens are required, container image builds need a minimum of two hops.", + "title": "HttpPutResponseHopLimit", + "type": "number" + }, + "HttpTokens": { + "markdownDescription": "Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows:\n\n- *required* \u2013 When you retrieve the IAM role credentials, version 2.0 credentials are returned in all cases.\n- *optional* \u2013 You can include a signed token header in your request to retrieve instance metadata, or you can leave it out. If you include it, version 2.0 credentials are returned for the IAM role. Otherwise, version 1.0 credentials are returned.\n\nThe default setting is *optional* .", + "title": "HttpTokens", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::InfrastructureConfiguration.Logging": { + "additionalProperties": false, + "properties": { + "S3Logs": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.S3Logs", + "markdownDescription": "The Amazon S3 logging configuration.", + "title": "S3Logs" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::InfrastructureConfiguration.Placement": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where your build and test instances will launch.", + "title": "AvailabilityZone", "type": "string" }, - "Key": { - "markdownDescription": "The name of the file.", - "title": "Key", + "HostId": { + "markdownDescription": "The ID of the Dedicated Host on which build and test instances run. This only applies if `tenancy` is `host` . If you specify the host ID, you must not specify the resource group ARN. If you specify both, Image Builder returns an error.", + "title": "HostId", + "type": "string" + }, + "HostResourceGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host resource group in which to launch build and test instances. This only applies if `tenancy` is `host` . If you specify the resource group ARN, you must not specify the host ID. If you specify both, Image Builder returns an error.", + "title": "HostResourceGroupArn", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware. An instance with a tenancy of `host` runs on a Dedicated Host.\n\nIf tenancy is set to `host` , then you can optionally specify one target for placement \u2013 either host ID or host resource group ARN. If automatic placement is enabled for your host, and you don't specify any placement target, Amazon EC2 will try to find an available host for your build and test instances.", + "title": "Tenancy", "type": "string" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::Kendra::Index": { + "AWS::ImageBuilder::InfrastructureConfiguration.S3Logs": { + "additionalProperties": false, + "properties": { + "S3BucketName": { + "markdownDescription": "The S3 bucket in which to store the logs.", + "title": "S3BucketName", + "type": "string" + }, + "S3KeyPrefix": { + "markdownDescription": "The Amazon S3 path to the bucket where the logs are stored.", + "title": "S3KeyPrefix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::LifecyclePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -136285,76 +143281,68 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityUnits": { - "$ref": "#/definitions/AWS::Kendra::Index.CapacityUnitsConfiguration", - "markdownDescription": "Specifies additional capacity units configured for your Enterprise Edition index. You can add and remove capacity units to fit your usage requirements.", - "title": "CapacityUnits" - }, "Description": { - "markdownDescription": "A description for the index.", + "markdownDescription": "Optional description for the lifecycle policy.", "title": "Description", "type": "string" }, - "DocumentMetadataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.DocumentMetadataConfiguration" - }, - "markdownDescription": "Specifies the properties of an index field. You can add either a custom or a built-in field. You can add and remove built-in fields at any time. When a built-in field is removed it's configuration reverts to the default for the field. Custom fields can't be removed from an index after they are added.", - "title": "DocumentMetadataConfigurations", - "type": "array" - }, - "Edition": { - "markdownDescription": "Indicates whether the index is a Enterprise Edition index, a Developer Edition index, or a GenAI Enterprise Edition index.", - "title": "Edition", + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to run lifecycle actions.", + "title": "ExecutionRole", "type": "string" }, "Name": { - "markdownDescription": "The name of the index.", + "markdownDescription": "The name of the lifecycle policy to create.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket.", - "title": "RoleArn", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.ServerSideEncryptionConfiguration", - "markdownDescription": "The identifier of the AWS KMS customer managed key (CMK) to use to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs.", - "title": "ServerSideEncryptionConfiguration" - }, - "Tags": { + "PolicyDetails": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.PolicyDetail" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "Configuration details for the lifecycle policy rules.", + "title": "PolicyDetails", "type": "array" }, - "UserContextPolicy": { - "markdownDescription": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable.", - "title": "UserContextPolicy", + "ResourceSelection": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ResourceSelection", + "markdownDescription": "Selection criteria for the resources that the lifecycle policy applies to.", + "title": "ResourceSelection" + }, + "ResourceType": { + "markdownDescription": "The type of Image Builder resource that the lifecycle policy applies to.", + "title": "ResourceType", "type": "string" }, - "UserTokenConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.UserTokenConfiguration" + "Status": { + "markdownDescription": "Indicates whether the lifecycle policy resource is enabled.", + "title": "Status", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags to apply to the lifecycle policy resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Defines the type of user token used for the index.", - "title": "UserTokenConfigurations", - "type": "array" + "title": "Tags", + "type": "object" } }, "required": [ - "Edition", + "ExecutionRole", "Name", - "RoleArn" + "PolicyDetails", + "ResourceSelection", + "ResourceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::Index" + "AWS::ImageBuilder::LifecyclePolicy" ], "type": "string" }, @@ -136373,224 +143361,232 @@ ], "type": "object" }, - "AWS::Kendra::Index.CapacityUnitsConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy.Action": { "additionalProperties": false, "properties": { - "QueryCapacityUnits": { - "markdownDescription": "The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity.\n\nA single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units.\n\n`GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second).", - "title": "QueryCapacityUnits", - "type": "number" + "IncludeResources": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.IncludeResources", + "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", + "title": "IncludeResources" }, - "StorageCapacityUnits": { - "markdownDescription": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units.", - "title": "StorageCapacityUnits", - "type": "number" + "Type": { + "markdownDescription": "Specifies the lifecycle action to take.", + "title": "Type", + "type": "string" } }, "required": [ - "QueryCapacityUnits", - "StorageCapacityUnits" + "Type" ], "type": "object" }, - "AWS::Kendra::Index.DocumentMetadataConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the index field.", - "title": "Name", - "type": "string" + "IsPublic": { + "markdownDescription": "Configures whether public AMIs are excluded from the lifecycle action.", + "title": "IsPublic", + "type": "boolean" }, - "Relevance": { - "$ref": "#/definitions/AWS::Kendra::Index.Relevance", - "markdownDescription": "Provides tuning parameters to determine how the field affects the search results.", - "title": "Relevance" + "LastLaunched": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.LastLaunched", + "markdownDescription": "Specifies configuration details for Image Builder to exclude the most recent resources from lifecycle actions.", + "title": "LastLaunched" }, - "Search": { - "$ref": "#/definitions/AWS::Kendra::Index.Search", - "markdownDescription": "Provides information about how the field is used during a search.", - "title": "Search" + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "Configures AWS Region s that are excluded from the lifecycle action.", + "title": "Regions", + "type": "array" }, - "Type": { - "markdownDescription": "The data type of the index field.", - "title": "Type", - "type": "string" + "SharedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies AWS account s whose resources are excluded from the lifecycle action.", + "title": "SharedAccounts", + "type": "array" + }, + "TagMap": { + "additionalProperties": true, + "markdownDescription": "Lists tags that should be excluded from lifecycle actions for the AMIs that have them.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" } }, - "required": [ - "Name", - "Type" - ], "type": "object" }, - "AWS::Kendra::Index.JsonTokenTypeConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy.ExclusionRules": { "additionalProperties": false, "properties": { - "GroupAttributeField": { - "markdownDescription": "The group attribute field.", - "title": "GroupAttributeField", - "type": "string" + "Amis": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules", + "markdownDescription": "Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action.", + "title": "Amis" }, - "UserNameAttributeField": { - "markdownDescription": "The user name attribute field.", - "title": "UserNameAttributeField", - "type": "string" + "TagMap": { + "additionalProperties": true, + "markdownDescription": "Contains a list of tags that Image Builder uses to skip lifecycle actions for Image Builder image resources that have them.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" } }, - "required": [ - "GroupAttributeField", - "UserNameAttributeField" - ], "type": "object" }, - "AWS::Kendra::Index.JwtTokenTypeConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy.Filter": { "additionalProperties": false, "properties": { - "ClaimRegex": { - "markdownDescription": "The regular expression that identifies the claim.", - "title": "ClaimRegex", - "type": "string" - }, - "GroupAttributeField": { - "markdownDescription": "The group attribute field.", - "title": "GroupAttributeField", - "type": "string" - }, - "Issuer": { - "markdownDescription": "The issuer of the token.", - "title": "Issuer", - "type": "string" - }, - "KeyLocation": { - "markdownDescription": "The location of the key.", - "title": "KeyLocation", - "type": "string" + "RetainAtLeast": { + "markdownDescription": "For age-based filters, this is the number of resources to keep on hand after the lifecycle `DELETE` action is applied. Impacted resources are only deleted if you have more than this number of resources. If you have fewer resources than this number, the impacted resource is not deleted.", + "title": "RetainAtLeast", + "type": "number" }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (arn) of the secret.", - "title": "SecretManagerArn", + "Type": { + "markdownDescription": "Filter resources based on either `age` or `count` .", + "title": "Type", "type": "string" }, - "URL": { - "markdownDescription": "The signing key URL.", - "title": "URL", + "Unit": { + "markdownDescription": "Defines the unit of time that the lifecycle policy uses to determine impacted resources. This is required for age-based rules.", + "title": "Unit", "type": "string" }, - "UserNameAttributeField": { - "markdownDescription": "The user name attribute field.", - "title": "UserNameAttributeField", - "type": "string" + "Value": { + "markdownDescription": "The number of units for the time period or for the count. For example, a value of `6` might refer to six months or six AMIs.\n\n> For count-based filters, this value represents the minimum number of resources to keep on hand. If you have fewer resources than this number, the resource is excluded from lifecycle actions.", + "title": "Value", + "type": "number" } }, "required": [ - "KeyLocation" + "Type", + "Value" ], "type": "object" }, - "AWS::Kendra::Index.Relevance": { + "AWS::ImageBuilder::LifecyclePolicy.IncludeResources": { "additionalProperties": false, "properties": { - "Duration": { - "markdownDescription": "Specifies the time period that the boost applies to. For example, to make the boost apply to documents with the field value within the last month, you would use \"2628000s\". Once the field value is beyond the specified range, the effect of the boost drops off. The higher the importance, the faster the effect drops off. If you don't specify a value, the default is 3 months. The value of the field is a numeric string followed by the character \"s\", for example \"86400s\" for one day, or \"604800s\" for one week.\n\nOnly applies to `DATE` fields.", - "title": "Duration", - "type": "string" - }, - "Freshness": { - "markdownDescription": "Indicates that this field determines how \"fresh\" a document is. For example, if document 1 was created on November 5, and document 2 was created on October 31, document 1 is \"fresher\" than document 2. Only applies to `DATE` fields.", - "title": "Freshness", + "Amis": { + "markdownDescription": "Specifies whether the lifecycle action should apply to distributed AMIs.", + "title": "Amis", "type": "boolean" }, - "Importance": { - "markdownDescription": "The relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers.", - "title": "Importance", - "type": "number" - }, - "RankOrder": { - "markdownDescription": "Determines how values should be interpreted.\n\nWhen the `RankOrder` field is `ASCENDING` , higher numbers are better. For example, a document with a rating score of 10 is higher ranking than a document with a rating score of 1.\n\nWhen the `RankOrder` field is `DESCENDING` , lower numbers are better. For example, in a task tracking application, a priority 1 task is more important than a priority 5 task.\n\nOnly applies to `LONG` fields.", - "title": "RankOrder", - "type": "string" + "Containers": { + "markdownDescription": "Specifies whether the lifecycle action should apply to distributed containers.", + "title": "Containers", + "type": "boolean" }, - "ValueImportanceItems": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.ValueImportanceItem" - }, - "markdownDescription": "An array of key-value pairs for different boosts when they appear in the search result list. For example, if you want to boost query terms that match the \"department\" field in the result, query terms that match this field are boosted in the result. You can add entries from the department field to boost documents with those values higher.\n\nFor example, you can add entries to the map with names of departments. If you add \"HR\", 5 and \"Legal\",3 those departments are given special attention when they appear in the metadata of a document.", - "title": "ValueImportanceItems", - "type": "array" + "Snapshots": { + "markdownDescription": "Specifies whether the lifecycle action should apply to snapshots associated with distributed AMIs.", + "title": "Snapshots", + "type": "boolean" } }, "type": "object" }, - "AWS::Kendra::Index.Search": { + "AWS::ImageBuilder::LifecyclePolicy.LastLaunched": { "additionalProperties": false, "properties": { - "Displayable": { - "markdownDescription": "Determines whether the field is returned in the query response. The default is `true` .", - "title": "Displayable", - "type": "boolean" - }, - "Facetable": { - "markdownDescription": "Indicates that the field can be used to create search facets, a count of results for each value in the field. The default is `false` .", - "title": "Facetable", - "type": "boolean" - }, - "Searchable": { - "markdownDescription": "Determines whether the field is used in the search. If the `Searchable` field is `true` , you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for string fields and `false` for number and date fields.", - "title": "Searchable", - "type": "boolean" + "Unit": { + "markdownDescription": "Defines the unit of time that the lifecycle policy uses to calculate elapsed time since the last instance launched from the AMI. For example: days, weeks, months, or years.", + "title": "Unit", + "type": "string" }, - "Sortable": { - "markdownDescription": "Determines whether the field can be used to sort the results of a query. The default is `false` .", - "title": "Sortable", - "type": "boolean" + "Value": { + "markdownDescription": "The integer number of units for the time period. For example `6` (months).", + "title": "Value", + "type": "number" } }, + "required": [ + "Unit", + "Value" + ], "type": "object" }, - "AWS::Kendra::Index.ServerSideEncryptionConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy.PolicyDetail": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys.", - "title": "KmsKeyId", - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Action", + "markdownDescription": "Configuration details for the policy action.", + "title": "Action" + }, + "ExclusionRules": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ExclusionRules", + "markdownDescription": "Additional rules to specify resources that should be exempt from policy actions.", + "title": "ExclusionRules" + }, + "Filter": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Filter", + "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", + "title": "Filter" } }, + "required": [ + "Action", + "Filter" + ], "type": "object" }, - "AWS::Kendra::Index.UserTokenConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy.RecipeSelection": { "additionalProperties": false, "properties": { - "JsonTokenTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.JsonTokenTypeConfiguration", - "markdownDescription": "Information about the JSON token type configuration.", - "title": "JsonTokenTypeConfiguration" + "Name": { + "markdownDescription": "The name of an Image Builder recipe that the lifecycle policy uses for resource selection.", + "title": "Name", + "type": "string" }, - "JwtTokenTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.JwtTokenTypeConfiguration", - "markdownDescription": "Information about the JWT token type configuration.", - "title": "JwtTokenTypeConfiguration" + "SemanticVersion": { + "markdownDescription": "The version of the Image Builder recipe specified by the `name` field.", + "title": "SemanticVersion", + "type": "string" } }, + "required": [ + "Name", + "SemanticVersion" + ], "type": "object" }, - "AWS::Kendra::Index.ValueImportanceItem": { + "AWS::ImageBuilder::LifecyclePolicy.ResourceSelection": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The document metadata value used for the search boost.", - "title": "Key", - "type": "string" + "Recipes": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.RecipeSelection" + }, + "markdownDescription": "A list of recipes that are used as selection criteria for the output images that the lifecycle policy applies to.", + "title": "Recipes", + "type": "array" }, - "Value": { - "markdownDescription": "The boost value for a document when the key is part of the metadata of a document.", - "title": "Value", - "type": "number" + "TagMap": { + "additionalProperties": true, + "markdownDescription": "A list of tags that are used as selection criteria for the Image Builder image resources that the lifecycle policy applies to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" } }, "type": "object" }, - "AWS::KendraRanking::ExecutionPlan": { + "AWS::ImageBuilder::Workflow": { "additionalProperties": false, "properties": { "Condition": { @@ -136625,38 +143621,68 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityUnits": { - "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration", - "markdownDescription": "You can set additional capacity units to meet the needs of your rescore execution plan. You are given a single capacity unit by default. If you want to use the default capacity, you don't set additional capacity units. For more information on the default capacity and additional capacity units, see [Adjusting capacity](https://docs.aws.amazon.com/kendra/latest/dg/adjusting-capacity.html) .", - "title": "CapacityUnits" + "ChangeDescription": { + "markdownDescription": "Describes what change has been made in this version of the workflow, or what makes this version different from other versions of the workflow.", + "title": "ChangeDescription", + "type": "string" + }, + "Data": { + "markdownDescription": "Contains the UTF-8 encoded YAML document content for the workflow. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", + "title": "Data", + "type": "string" }, "Description": { - "markdownDescription": "A description for the rescore execution plan.", + "markdownDescription": "Describes the workflow.", "title": "Description", "type": "string" }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key that is used to encrypt this workflow resource.", + "title": "KmsKeyId", + "type": "string" + }, "Name": { - "markdownDescription": "A name for the rescore execution plan.", + "markdownDescription": "The name of the workflow to create.", "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Tags that apply to the workflow resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of key-value pairs that identify or categorize your rescore execution plan. You can also use tags to help control access to the rescore execution plan. Tag keys and values can consist of Unicode letters, digits, white space. They can also consist of underscore, period, colon, equal, plus, and asperand.", "title": "Tags", - "type": "array" + "type": "object" + }, + "Type": { + "markdownDescription": "The phase in the image build process for which the workflow resource is responsible.", + "title": "Type", + "type": "string" + }, + "Uri": { + "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", + "title": "Uri", + "type": "string" + }, + "Version": { + "markdownDescription": "The semantic version of this workflow resource. The semantic version syntax adheres to the following rules.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.", + "title": "Version", + "type": "string" } }, "required": [ - "Name" + "Name", + "Type", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::KendraRanking::ExecutionPlan" + "AWS::ImageBuilder::Workflow" ], "type": "string" }, @@ -136675,21 +143701,75 @@ ], "type": "object" }, - "AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration": { + "AWS::Inspector::AssessmentTarget": { "additionalProperties": false, "properties": { - "RescoreCapacityUnits": { - "markdownDescription": "The amount of extra capacity for your rescore execution plan.\n\nA single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units.", - "title": "RescoreCapacityUnits", - "type": "number" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssessmentTargetName": { + "markdownDescription": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", + "title": "AssessmentTargetName", + "type": "string" + }, + "ResourceGroupArn": { + "markdownDescription": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target.", + "title": "ResourceGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Inspector::AssessmentTarget" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "RescoreCapacityUnits" + "Type" ], "type": "object" }, - "AWS::Kinesis::Stream": { + "AWS::Inspector::AssessmentTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -136724,45 +143804,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "Name", + "AssessmentTargetArn": { + "markdownDescription": "The ARN of the assessment target to be included in the assessment template.", + "title": "AssessmentTargetArn", "type": "string" }, - "RetentionPeriodHours": { - "markdownDescription": "The number of hours for the data records that are stored in shards to remain accessible. The default value is 24. For more information about the stream retention period, see [Changing the Data Retention Period](https://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html) in the Amazon Kinesis Developer Guide.", - "title": "RetentionPeriodHours", - "type": "number" + "AssessmentTemplateName": { + "markdownDescription": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.", + "title": "AssessmentTemplateName", + "type": "string" }, - "ShardCount": { - "markdownDescription": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", - "title": "ShardCount", + "DurationInSeconds": { + "markdownDescription": "The duration of the assessment run in seconds.", + "title": "DurationInSeconds", "type": "number" }, - "StreamEncryption": { - "$ref": "#/definitions/AWS::Kinesis::Stream.StreamEncryption", - "markdownDescription": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption.", - "title": "StreamEncryption" - }, - "StreamModeDetails": { - "$ref": "#/definitions/AWS::Kinesis::Stream.StreamModeDetails", - "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", - "title": "StreamModeDetails" + "RulesPackageArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the rules packages that you want to use in the assessment template.", + "title": "RulesPackageArns", + "type": "array" }, - "Tags": { + "UserAttributesForFindings": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the Kinesis stream. For information about constraints for this property, see [Tag Restrictions](https://docs.aws.amazon.com/streams/latest/dev/tagging.html#tagging-restrictions) in the *Amazon Kinesis Developer Guide* .", - "title": "Tags", + "markdownDescription": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.", + "title": "UserAttributesForFindings", "type": "array" } }, + "required": [ + "AssessmentTargetArn", + "DurationInSeconds", + "RulesPackageArns" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Kinesis::Stream" + "AWS::Inspector::AssessmentTemplate" ], "type": "string" }, @@ -136776,45 +143859,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Kinesis::Stream.StreamEncryption": { - "additionalProperties": false, - "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use. The only valid value is `KMS` .", - "title": "EncryptionType", - "type": "string" - }, - "KeyId": { - "markdownDescription": "The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias `aws/kinesis` .\n\n- Key ARN example: `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`\n- Alias ARN example: `arn:aws:kms:us-east-1:123456789012:alias/MyAliasName`\n- Globally unique key ID example: `12345678-1234-1234-1234-123456789012`\n- Alias name example: `alias/MyAliasName`\n- Master key owned by Kinesis Data Streams: `alias/aws/kinesis`", - "title": "KeyId", - "type": "string" - } - }, - "required": [ - "EncryptionType", - "KeyId" - ], - "type": "object" - }, - "AWS::Kinesis::Stream.StreamModeDetails": { - "additionalProperties": false, - "properties": { - "StreamMode": { - "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", - "title": "StreamMode", - "type": "string" - } - }, - "required": [ - "StreamMode" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kinesis::StreamConsumer": { + "AWS::Inspector::ResourceGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -136849,26 +143899,23 @@ "Properties": { "additionalProperties": false, "properties": { - "ConsumerName": { - "markdownDescription": "The name of the consumer is something you choose when you register the consumer.", - "title": "ConsumerName", - "type": "string" - }, - "StreamARN": { - "markdownDescription": "The ARN of the stream with which you registered the consumer.", - "title": "StreamARN", - "type": "string" + "ResourceGroupTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "ResourceGroupTags", + "type": "array" } }, "required": [ - "ConsumerName", - "StreamARN" + "ResourceGroupTags" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kinesis::StreamConsumer" + "AWS::Inspector::ResourceGroup" ], "type": "string" }, @@ -136887,7 +143934,7 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::Application": { + "AWS::InspectorV2::CisScanConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -136922,38 +143969,49 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationCode": { - "markdownDescription": "One or more SQL statements that read input data, transform it, and generate output. For example, you can write a SQL statement that reads data from one in-application stream, generates a running average of the number of advertisement clicks by vendor, and insert resulting rows in another in-application stream using pumps. For more information about the typical pattern, see [Application Code](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-app-code.html) .\n\nYou can provide such series of SQL statements, where output of one statement can be used as the input for the next statement. You store intermediate results by creating in-application streams and pumps.\n\nNote that the application code must create the streams with names specified in the `Outputs` . For example, if your `Outputs` defines output streams named `ExampleOutputStream1` and `ExampleOutputStream2` , then your application code must create these streams.", - "title": "ApplicationCode", + "ScanName": { + "markdownDescription": "The name of the CIS scan configuration.", + "title": "ScanName", "type": "string" }, - "ApplicationDescription": { - "markdownDescription": "Summary description of the application.", - "title": "ApplicationDescription", - "type": "string" + "Schedule": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Schedule", + "markdownDescription": "The CIS scan configuration's schedule.", + "title": "Schedule" }, - "ApplicationName": { - "markdownDescription": "Name of your Amazon Kinesis Analytics application (for example, `sample-app` ).", - "title": "ApplicationName", + "SecurityLevel": { + "markdownDescription": "The CIS scan configuration's CIS Benchmark level.", + "title": "SecurityLevel", "type": "string" }, - "Inputs": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.Input" + "Tags": { + "additionalProperties": true, + "markdownDescription": "The CIS scan configuration's tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Use this parameter to configure the application input.\n\nYou can configure your application to receive input from a single streaming source. In this configuration, you map this streaming source to an in-application stream that is created. Your application code can then query the in-application stream like a table (you can think of it as a constantly updating table).\n\nFor the streaming source, you provide its Amazon Resource Name (ARN) and format of data on the stream (for example, JSON, CSV, etc.). You also must provide an IAM role that Amazon Kinesis Analytics can assume to read this stream on your behalf.\n\nTo create the in-application stream, you need to specify a schema to transform your data into a schematized version used in SQL. In the schema, you provide the necessary mapping of the data elements in the streaming source to record columns in the in-app stream.", - "title": "Inputs", - "type": "array" + "title": "Tags", + "type": "object" + }, + "Targets": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.CisTargets", + "markdownDescription": "The CIS scan configuration's targets.", + "title": "Targets" } }, "required": [ - "Inputs" + "ScanName", + "Schedule", + "SecurityLevel", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::Application" + "AWS::InspectorV2::CisScanConfiguration" ], "type": "string" }, @@ -136972,262 +144030,144 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::Application.CSVMappingParameters": { + "AWS::InspectorV2::CisScanConfiguration.CisTargets": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", - "type": "string" + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The CIS target account ids.", + "title": "AccountIds", + "type": "array" }, - "RecordRowDelimiter": { - "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", - "type": "string" + "TargetResourceTags": { + "markdownDescription": "The CIS target resource tags.", + "title": "TargetResourceTags", + "type": "object" } }, "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" + "AccountIds", + "TargetResourceTags" ], "type": "object" }, - "AWS::KinesisAnalytics::Application.Input": { + "AWS::InspectorV2::CisScanConfiguration.DailySchedule": { "additionalProperties": false, "properties": { - "InputParallelism": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputParallelism", - "markdownDescription": "Describes the number of in-application streams to create.\n\nData from your source is routed to these in-application input streams.\n\nSee [Configuring Application Input](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-input.html) .", - "title": "InputParallelism" - }, - "InputProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputProcessingConfiguration", - "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputprocessingconfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) .", - "title": "InputProcessingConfiguration" - }, - "InputSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", - "title": "InputSchema" - }, - "KinesisFirehoseInput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisFirehoseInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis Firehose delivery stream, identifies the delivery stream's ARN and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", - "title": "KinesisFirehoseInput" - }, - "KinesisStreamsInput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisStreamsInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis stream, identifies the stream's Amazon Resource Name (ARN) and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", - "title": "KinesisStreamsInput" - }, - "NamePrefix": { - "markdownDescription": "Name prefix to use when creating an in-application stream. Suppose that you specify a prefix \"MyInApplicationStream.\" Amazon Kinesis Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with names \"MyInApplicationStream_001,\" \"MyInApplicationStream_002,\" and so on.", - "title": "NamePrefix", - "type": "string" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The schedule start time.", + "title": "StartTime" } }, "required": [ - "InputSchema", - "NamePrefix" + "StartTime" ], "type": "object" }, - "AWS::KinesisAnalytics::Application.InputLambdaProcessor": { + "AWS::InspectorV2::CisScanConfiguration.MonthlySchedule": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the [AWS Lambda](https://docs.aws.amazon.com/lambda/) function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", + "Day": { + "markdownDescription": "The monthly schedule's day.", + "title": "Day", "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of the IAM role that is used to access the AWS Lambda function.", - "title": "RoleARN", - "type": "string" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The monthly schedule's start time.", + "title": "StartTime" } }, "required": [ - "ResourceARN", - "RoleARN" + "Day", + "StartTime" ], "type": "object" }, - "AWS::KinesisAnalytics::Application.InputParallelism": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "Number of in-application streams to create. For more information, see [Limits](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/limits.html) .", - "title": "Count", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputProcessingConfiguration": { - "additionalProperties": false, - "properties": { - "InputLambdaProcessor": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputLambdaProcessor", - "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) that is used to preprocess the records in the stream before being processed by your application code.", - "title": "InputLambdaProcessor" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputSchema": { + "AWS::InspectorV2::CisScanConfiguration.Schedule": { "additionalProperties": false, "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordColumn" - }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", - "type": "array" + "Daily": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.DailySchedule", + "markdownDescription": "A daily schedule.", + "title": "Daily" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", - "type": "string" + "Monthly": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.MonthlySchedule", + "markdownDescription": "A monthly schedule.", + "title": "Monthly" }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" - } - }, - "required": [ - "RecordColumns", - "RecordFormat" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.JSONMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordRowPath": { - "markdownDescription": "Path to the top-level parent that contains the records.", - "title": "RecordRowPath", - "type": "string" + "OneTime": { + "markdownDescription": "A one time schedule.", + "title": "OneTime", + "type": "object" + }, + "Weekly": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.WeeklySchedule", + "markdownDescription": "A weekly schedule.", + "title": "Weekly" } }, - "required": [ - "RecordRowPath" - ], "type": "object" }, - "AWS::KinesisAnalytics::Application.KinesisFirehoseInput": { + "AWS::InspectorV2::CisScanConfiguration.Time": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the input delivery stream.", - "title": "ResourceARN", + "TimeOfDay": { + "markdownDescription": "The time of day in 24-hour format (00:00).", + "title": "TimeOfDay", "type": "string" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to make sure that the role has the necessary permissions to access the stream.", - "title": "RoleARN", + "TimeZone": { + "markdownDescription": "The timezone.", + "title": "TimeZone", "type": "string" } }, "required": [ - "ResourceARN", - "RoleARN" + "TimeOfDay", + "TimeZone" ], "type": "object" }, - "AWS::KinesisAnalytics::Application.KinesisStreamsInput": { + "AWS::InspectorV2::CisScanConfiguration.WeeklySchedule": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the input Amazon Kinesis stream to read.", - "title": "ResourceARN", - "type": "string" + "Days": { + "items": { + "type": "string" + }, + "markdownDescription": "The weekly schedule's days.", + "title": "Days", + "type": "array" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The weekly schedule's start time.", + "title": "StartTime" } }, "required": [ - "ResourceARN", - "RoleARN" + "Days", + "StartTime" ], "type": "object" }, - "AWS::KinesisAnalytics::Application.MappingParameters": { - "additionalProperties": false, - "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" - }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.RecordColumn": { + "AWS::InspectorV2::Filter": { "additionalProperties": false, "properties": { - "Mapping": { - "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", - "title": "Mapping", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "Name of the column created in the in-application input stream or reference table.", - "title": "Name", - "type": "string" - }, - "SqlType": { - "markdownDescription": "Type of column created in the in-application input stream or reference table.", - "title": "SqlType", - "type": "string" - } - }, - "required": [ - "Name", - "SqlType" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.RecordFormat": { - "additionalProperties": false, - "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.MappingParameters", - "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" - }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", - "type": "string" - } - }, - "required": [ - "RecordFormatType" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationOutput": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, "DependsOn": { @@ -137251,26 +144191,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "Name of the application to which you want to add the output configuration.", - "title": "ApplicationName", + "Description": { + "markdownDescription": "A description of the filter.", + "title": "Description", "type": "string" }, - "Output": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.Output", - "markdownDescription": "An array of objects, each describing one output configuration. In the output configuration, you specify the name of an in-application stream, a destination (that is, an Amazon Kinesis stream, an Amazon Kinesis Firehose delivery stream, or an AWS Lambda function), and record the formation to use when writing to the destination.", - "title": "Output" + "FilterAction": { + "markdownDescription": "The action that is to be applied to the findings that match the filter.", + "title": "FilterAction", + "type": "string" + }, + "FilterCriteria": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.FilterCriteria", + "markdownDescription": "Details on the filter criteria associated with this filter.", + "title": "FilterCriteria" + }, + "Name": { + "markdownDescription": "The name of the filter.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags attached to the filter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "ApplicationName", - "Output" + "FilterAction", + "FilterCriteria", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::ApplicationOutput" + "AWS::InspectorV2::Filter" ], "type": "string" }, @@ -137289,112 +144251,487 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema": { + "AWS::InspectorV2::Filter.DateFilter": { "additionalProperties": false, "properties": { - "RecordFormatType": { - "markdownDescription": "Specifies the format of the records on the output stream.", - "title": "RecordFormatType", - "type": "string" + "EndInclusive": { + "markdownDescription": "A timestamp representing the end of the time period filtered on.", + "title": "EndInclusive", + "type": "number" + }, + "StartInclusive": { + "markdownDescription": "A timestamp representing the start of the time period filtered on.", + "title": "StartInclusive", + "type": "number" } }, "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput": { + "AWS::InspectorV2::Filter.FilterCriteria": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the destination Amazon Kinesis Firehose delivery stream to write to.", - "title": "ResourceARN", - "type": "string" + "AwsAccountId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the AWS account IDs used to filter findings.", + "title": "AwsAccountId", + "type": "array" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" + "CodeVulnerabilityDetectorName": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "CodeVulnerabilityDetectorName", + "type": "array" + }, + "CodeVulnerabilityDetectorTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "CodeVulnerabilityDetectorTags", + "type": "array" + }, + "CodeVulnerabilityFilePath": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "CodeVulnerabilityFilePath", + "type": "array" + }, + "ComponentId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the component IDs used to filter findings.", + "title": "ComponentId", + "type": "array" + }, + "ComponentType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the component types used to filter findings.", + "title": "ComponentType", + "type": "array" + }, + "Ec2InstanceImageId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance image IDs used to filter findings.", + "title": "Ec2InstanceImageId", + "type": "array" + }, + "Ec2InstanceSubnetId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance subnet IDs used to filter findings.", + "title": "Ec2InstanceSubnetId", + "type": "array" + }, + "Ec2InstanceVpcId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance VPC IDs used to filter findings.", + "title": "Ec2InstanceVpcId", + "type": "array" + }, + "EcrImageArchitecture": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon ECR image architecture types used to filter findings.", + "title": "EcrImageArchitecture", + "type": "array" + }, + "EcrImageHash": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon ECR image hashes used to filter findings.", + "title": "EcrImageHash", + "type": "array" + }, + "EcrImagePushedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the Amazon ECR image push date and time used to filter findings.", + "title": "EcrImagePushedAt", + "type": "array" + }, + "EcrImageRegistry": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the Amazon ECR registry used to filter findings.", + "title": "EcrImageRegistry", + "type": "array" + }, + "EcrImageRepositoryName": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the name of the Amazon ECR repository used to filter findings.", + "title": "EcrImageRepositoryName", + "type": "array" + }, + "EcrImageTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "The tags attached to the Amazon ECR container image.", + "title": "EcrImageTags", + "type": "array" + }, + "EpssScore": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" + }, + "markdownDescription": "", + "title": "EpssScore", + "type": "array" + }, + "ExploitAvailable": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "ExploitAvailable", + "type": "array" + }, + "FindingArn": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding ARNs used to filter findings.", + "title": "FindingArn", + "type": "array" + }, + "FindingStatus": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding status types used to filter findings.", + "title": "FindingStatus", + "type": "array" + }, + "FindingType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding types used to filter findings.", + "title": "FindingType", + "type": "array" + }, + "FirstObservedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the date and time a finding was first seen used to filter findings.", + "title": "FirstObservedAt", + "type": "array" + }, + "FixAvailable": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "FixAvailable", + "type": "array" + }, + "InspectorScore": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" + }, + "markdownDescription": "The Amazon Inspector score to filter on.", + "title": "InspectorScore", + "type": "array" + }, + "LambdaFunctionExecutionRoleArn": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionExecutionRoleArn", + "type": "array" + }, + "LambdaFunctionLastModifiedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionLastModifiedAt", + "type": "array" + }, + "LambdaFunctionLayers": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionLayers", + "type": "array" + }, + "LambdaFunctionName": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionName", + "type": "array" + }, + "LambdaFunctionRuntime": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionRuntime", + "type": "array" + }, + "LastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the date and time a finding was last seen used to filter findings.", + "title": "LastObservedAt", + "type": "array" + }, + "NetworkProtocol": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on network protocol used to filter findings.", + "title": "NetworkProtocol", + "type": "array" + }, + "PortRange": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.PortRangeFilter" + }, + "markdownDescription": "Details on the port ranges used to filter findings.", + "title": "PortRange", + "type": "array" + }, + "RelatedVulnerabilities": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the related vulnerabilities used to filter findings.", + "title": "RelatedVulnerabilities", + "type": "array" + }, + "ResourceId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the resource IDs used to filter findings.", + "title": "ResourceId", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.MapFilter" + }, + "markdownDescription": "Details on the resource tags used to filter findings.", + "title": "ResourceTags", + "type": "array" + }, + "ResourceType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the resource types used to filter findings.", + "title": "ResourceType", + "type": "array" + }, + "Severity": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the severity used to filter findings.", + "title": "Severity", + "type": "array" + }, + "Title": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding title used to filter findings.", + "title": "Title", + "type": "array" + }, + "UpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the date and time a finding was last updated at used to filter findings.", + "title": "UpdatedAt", + "type": "array" + }, + "VendorSeverity": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the vendor severity used to filter findings.", + "title": "VendorSeverity", + "type": "array" + }, + "VulnerabilityId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the vulnerability ID used to filter findings.", + "title": "VulnerabilityId", + "type": "array" + }, + "VulnerabilitySource": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the vulnerability score to filter findings by.", + "title": "VulnerabilitySource", + "type": "array" + }, + "VulnerablePackages": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.PackageFilter" + }, + "markdownDescription": "Details on the vulnerable packages used to filter findings.", + "title": "VulnerablePackages", + "type": "array" } }, - "required": [ - "ResourceARN", - "RoleARN" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput": { + "AWS::InspectorV2::Filter.MapFilter": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the destination Amazon Kinesis stream to write to.", - "title": "ResourceARN", + "Comparison": { + "markdownDescription": "The operator to use when comparing values in the filter.", + "title": "Comparison", "type": "string" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", + "Key": { + "markdownDescription": "The tag key used in the filter.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value used in the filter.", + "title": "Value", "type": "string" } }, "required": [ - "ResourceARN", - "RoleARN" + "Comparison" ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput": { + "AWS::InspectorV2::Filter.NumberFilter": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", - "type": "string" + "LowerInclusive": { + "markdownDescription": "The lowest number to be included in the filter.", + "title": "LowerInclusive", + "type": "number" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination function on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" + "UpperInclusive": { + "markdownDescription": "The highest number to be included in the filter.", + "title": "UpperInclusive", + "type": "number" } }, - "required": [ - "ResourceARN", - "RoleARN" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.Output": { + "AWS::InspectorV2::Filter.PackageFilter": { "additionalProperties": false, "properties": { - "DestinationSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema", - "markdownDescription": "Describes the data format when records are written to the destination. For more information, see [Configuring Application Output](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-output.html) .", - "title": "DestinationSchema" - }, - "KinesisFirehoseOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput", - "markdownDescription": "Identifies an Amazon Kinesis Firehose delivery stream as the destination.", - "title": "KinesisFirehoseOutput" + "Architecture": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the package architecture type to filter on.", + "title": "Architecture" }, - "KinesisStreamsOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput", - "markdownDescription": "Identifies an Amazon Kinesis stream as the destination.", - "title": "KinesisStreamsOutput" + "Epoch": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter", + "markdownDescription": "An object that contains details on the package epoch to filter on.", + "title": "Epoch" }, - "LambdaOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput", - "markdownDescription": "Identifies an AWS Lambda function as the destination.", - "title": "LambdaOutput" + "FilePath": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "", + "title": "FilePath" }, "Name": { - "markdownDescription": "Name of the in-application stream.", - "title": "Name", + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the name of the package to filter on.", + "title": "Name" + }, + "Release": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the package release to filter on.", + "title": "Release" + }, + "SourceLambdaLayerArn": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "", + "title": "SourceLambdaLayerArn" + }, + "SourceLayerHash": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the source layer hash to filter on.", + "title": "SourceLayerHash" + }, + "Version": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "The package version to filter on.", + "title": "Version" + } + }, + "type": "object" + }, + "AWS::InspectorV2::Filter.PortRangeFilter": { + "additionalProperties": false, + "properties": { + "BeginInclusive": { + "markdownDescription": "The port number the port range begins at.", + "title": "BeginInclusive", + "type": "number" + }, + "EndInclusive": { + "markdownDescription": "The port number the port range ends at.", + "title": "EndInclusive", + "type": "number" + } + }, + "type": "object" + }, + "AWS::InspectorV2::Filter.StringFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The operator to use when comparing values in the filter.", + "title": "Comparison", + "type": "string" + }, + "Value": { + "markdownDescription": "The value to filter on.", + "title": "Value", "type": "string" } }, "required": [ - "DestinationSchema" + "Comparison", + "Value" ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource": { + "AWS::InternetMonitor::Monitor": { "additionalProperties": false, "properties": { "Condition": { @@ -137429,26 +144766,87 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "Name of an existing application.", - "title": "ApplicationName", + "HealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.HealthEventsConfig", + "markdownDescription": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* .", + "title": "HealthEventsConfig" + }, + "IncludeLinkedAccounts": { + "markdownDescription": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", + "title": "IncludeLinkedAccounts", + "type": "boolean" + }, + "InternetMeasurementsLogDelivery": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery", + "markdownDescription": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs).", + "title": "InternetMeasurementsLogDelivery" + }, + "LinkedAccountId": { + "markdownDescription": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", + "title": "LinkedAccountId", "type": "string" }, - "ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource", - "markdownDescription": "The reference data source can be an object in your Amazon S3 bucket. Amazon Kinesis Analytics reads the object and copies the data into the in-application table that is created. You provide an S3 bucket, object key name, and the resulting in-application table that is created. You must also provide an IAM role with the necessary permissions that Amazon Kinesis Analytics can assume to read the object from your S3 bucket on your behalf.", - "title": "ReferenceDataSource" + "MaxCityNetworksToMonitor": { + "markdownDescription": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* .", + "title": "MaxCityNetworksToMonitor", + "type": "number" + }, + "MonitorName": { + "markdownDescription": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", + "title": "MonitorName", + "type": "string" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n> Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty.", + "title": "Resources", + "type": "array" + }, + "ResourcesToAdd": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", + "title": "ResourcesToAdd", + "type": "array" + }, + "ResourcesToRemove": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", + "title": "ResourcesToRemove", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` .", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for a monitor, listed as a set of *key:value* pairs.", + "title": "Tags", + "type": "array" + }, + "TrafficPercentageToMonitor": { + "markdownDescription": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor.", + "title": "TrafficPercentageToMonitor", + "type": "number" } }, "required": [ - "ApplicationName", - "ReferenceDataSource" + "MonitorName" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::ApplicationReferenceDataSource" + "AWS::InternetMonitor::Monitor" ], "type": "string" }, @@ -137467,179 +144865,86 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", - "type": "string" - }, - "RecordRowDelimiter": { - "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", - "type": "string" - } - }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordRowPath": { - "markdownDescription": "Path to the top-level parent that contains the records.", - "title": "RecordRowPath", - "type": "string" - } - }, - "required": [ - "RecordRowPath" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters": { + "AWS::InternetMonitor::Monitor.HealthEventsConfig": { "additionalProperties": false, "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" + "AvailabilityLocalHealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", + "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue.", + "title": "AvailabilityLocalHealthEventsConfig" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn": { - "additionalProperties": false, - "properties": { - "Mapping": { - "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", - "title": "Mapping", - "type": "string" + "AvailabilityScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event.", + "title": "AvailabilityScoreThreshold", + "type": "number" }, - "Name": { - "markdownDescription": "Name of the column created in the in-application input stream or reference table.", - "title": "Name", - "type": "string" + "PerformanceLocalHealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", + "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue.", + "title": "PerformanceLocalHealthEventsConfig" }, - "SqlType": { - "markdownDescription": "Type of column created in the in-application input stream or reference table.", - "title": "SqlType", - "type": "string" + "PerformanceScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event.", + "title": "PerformanceScoreThreshold", + "type": "number" } }, - "required": [ - "Name", - "SqlType" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat": { + "AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters", - "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" - }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", - "type": "string" + "S3Config": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", + "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", + "title": "S3Config" } }, - "required": [ - "RecordFormatType" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource": { + "AWS::InternetMonitor::Monitor.LocalHealthEventsConfig": { "additionalProperties": false, "properties": { - "ReferenceSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", - "title": "ReferenceSchema" - }, - "S3ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource", - "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. Also identifies the IAM role Amazon Kinesis Analytics can assume to read this object on your behalf. An Amazon Kinesis Analytics application loads reference data only once. If the data changes, you call the `UpdateApplication` operation to trigger reloading of data into your application.", - "title": "S3ReferenceDataSource" + "HealthScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for a local health score.", + "title": "HealthScoreThreshold", + "type": "number" }, - "TableName": { - "markdownDescription": "Name of the in-application table to create.", - "title": "TableName", - "type": "string" - } - }, - "required": [ - "ReferenceSchema" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema": { - "additionalProperties": false, - "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn" - }, - "markdownDescription": "A list of RecordColumn objects.", - "title": "RecordColumns", - "type": "array" + "MinTrafficImpact": { + "markdownDescription": "The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score.\n\nIf you don't set a minimum traffic impact threshold, the default value is 0.01%.", + "title": "MinTrafficImpact", + "type": "number" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the reference source. For example, UTF-8.", - "title": "RecordEncoding", + "Status": { + "markdownDescription": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` .", + "title": "Status", "type": "string" - }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat", - "markdownDescription": "Specifies the format of the records on the reference source.", - "title": "RecordFormat" } }, - "required": [ - "RecordColumns", - "RecordFormat" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource": { + "AWS::InternetMonitor::Monitor.S3Config": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", + "BucketName": { + "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", + "title": "BucketName", "type": "string" }, - "FileKey": { - "markdownDescription": "Object key name containing reference data.", - "title": "FileKey", + "BucketPrefix": { + "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", + "title": "BucketPrefix", "type": "string" }, - "ReferenceRoleARN": { - "markdownDescription": "ARN of the IAM role that the service can assume to read data on your behalf. This role must have permission for the `s3:GetObject` action on the object and trust policy that allows Amazon Kinesis Analytics service principal to assume this role.", - "title": "ReferenceRoleARN", + "LogDeliveryStatus": { + "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", + "title": "LogDeliveryStatus", "type": "string" } }, - "required": [ - "BucketARN", - "FileKey", - "ReferenceRoleARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application": { + "AWS::Invoicing::InvoiceUnit": { "additionalProperties": false, "properties": { "Condition": { @@ -137674,64 +144979,50 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration", - "markdownDescription": "Use this parameter to configure the application.", - "title": "ApplicationConfiguration" - }, - "ApplicationDescription": { - "markdownDescription": "The description of the application.", - "title": "ApplicationDescription", - "type": "string" - }, - "ApplicationMaintenanceConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration", - "markdownDescription": "Specifies the maintenance window parameters for a Kinesis Data Analytics application.", - "title": "ApplicationMaintenanceConfiguration" - }, - "ApplicationMode": { - "markdownDescription": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE` . However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional.", - "title": "ApplicationMode", - "type": "string" - }, - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "Description": { + "markdownDescription": "The assigned description for an invoice unit. This information can't be modified or deleted.", + "title": "Description", "type": "string" }, - "RunConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RunConfiguration", - "markdownDescription": "Describes the starting parameters for an Managed Service for Apache Flink application.", - "title": "RunConfiguration" - }, - "RuntimeEnvironment": { - "markdownDescription": "The runtime environment for the application.", - "title": "RuntimeEnvironment", + "InvoiceReceiver": { + "markdownDescription": "The account that receives invoices related to the invoice unit.", + "title": "InvoiceReceiver", "type": "string" }, - "ServiceExecutionRole": { - "markdownDescription": "Specifies the IAM role that the application uses to access external resources.", - "title": "ServiceExecutionRole", + "Name": { + "markdownDescription": "A unique name that is distinctive within your AWS .", + "title": "Name", "type": "string" }, - "Tags": { + "ResourceTags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit.ResourceTag" }, - "markdownDescription": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50.", - "title": "Tags", + "markdownDescription": "The tag structure that contains a tag key and value.", + "title": "ResourceTags", "type": "array" + }, + "Rule": { + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit.Rule", + "markdownDescription": "An `InvoiceUnitRule` object used the categorize invoice units.", + "title": "Rule" + }, + "TaxInheritanceDisabled": { + "markdownDescription": "Whether the invoice unit based tax inheritance is/ should be enabled or disabled.", + "title": "TaxInheritanceDisabled", + "type": "boolean" } }, "required": [ - "RuntimeEnvironment", - "ServiceExecutionRole" + "InvoiceReceiver", + "Name", + "Rule" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::Application" + "AWS::Invoicing::InvoiceUnit" ], "type": "string" }, @@ -137750,741 +145041,514 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { + "AWS::Invoicing::InvoiceUnit.ResourceTag": { "additionalProperties": false, "properties": { - "CodeContent": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CodeContent", - "markdownDescription": "The location and type of the application code.", - "title": "CodeContent" + "Key": { + "markdownDescription": "The object key of your of your resource tag.", + "title": "Key", + "type": "string" }, - "CodeContentType": { - "markdownDescription": "Specifies whether the code content is in text or zip format.", - "title": "CodeContentType", + "Value": { + "markdownDescription": "The specific value of the resource tag.", + "title": "Value", "type": "string" } }, "required": [ - "CodeContent", - "CodeContentType" + "Key", + "Value" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration": { + "AWS::Invoicing::InvoiceUnit.Rule": { "additionalProperties": false, "properties": { - "ApplicationCodeConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration", - "markdownDescription": "The code location and type parameters for a Managed Service for Apache Flink application.", - "title": "ApplicationCodeConfiguration" - }, - "ApplicationSnapshotConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration", - "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", - "title": "ApplicationSnapshotConfiguration" - }, - "EnvironmentProperties": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.EnvironmentProperties", - "markdownDescription": "Describes execution properties for a Managed Service for Apache Flink application.", - "title": "EnvironmentProperties" - }, - "FlinkApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration", - "markdownDescription": "The creation and update parameters for a Managed Service for Apache Flink application.", - "title": "FlinkApplicationConfiguration" - }, - "SqlApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration", - "markdownDescription": "The creation and update parameters for a SQL-based Kinesis Data Analytics application.", - "title": "SqlApplicationConfiguration" - }, - "VpcConfigurations": { + "LinkedAccounts": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.VpcConfiguration" + "type": "string" }, - "markdownDescription": "The array of descriptions of VPC configurations available to the application.", - "title": "VpcConfigurations", + "markdownDescription": "The list of `LINKED_ACCOUNT` IDs where charges are included within the invoice unit.", + "title": "LinkedAccounts", "type": "array" - }, - "ZeppelinApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration", - "markdownDescription": "The configuration parameters for a Kinesis Data Analytics Studio notebook.", - "title": "ZeppelinApplicationConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration": { - "additionalProperties": false, - "properties": { - "ApplicationMaintenanceWindowStartTime": { - "markdownDescription": "", - "title": "ApplicationMaintenanceWindowStartTime", - "type": "string" } }, "required": [ - "ApplicationMaintenanceWindowStartTime" + "LinkedAccounts" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration": { + "AWS::IoT::AccountAuditConfiguration": { "additionalProperties": false, "properties": { - "ApplicationRestoreType": { - "markdownDescription": "Specifies how the application should be restored.", - "title": "ApplicationRestoreType", + "Condition": { "type": "string" }, - "SnapshotName": { - "markdownDescription": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if `RESTORE_FROM_CUSTOM_SNAPSHOT` is specified for the `ApplicationRestoreType` .", - "title": "SnapshotName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account. You can use the expression `!Sub \"${AWS::AccountId}\"` to use your account ID.", + "title": "AccountId", + "type": "string" + }, + "AuditCheckConfigurations": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations", + "markdownDescription": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on available audit checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)", + "title": "AuditCheckConfigurations" + }, + "AuditNotificationTargetConfigurations": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations", + "markdownDescription": "Information about the targets to which audit notifications are sent.", + "title": "AuditNotificationTargetConfigurations" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "AccountId", + "AuditCheckConfigurations", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::AccountAuditConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ApplicationRestoreType" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration": { + "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { "additionalProperties": false, "properties": { - "SnapshotsEnabled": { - "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", - "title": "SnapshotsEnabled", + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", "type": "boolean" } }, - "required": [ - "SnapshotsEnabled" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CSVMappingParameters": { + "AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", - "type": "string" + "AuthenticatedCognitoRoleOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed.", + "title": "AuthenticatedCognitoRoleOverlyPermissiveCheck" }, - "RecordRowDelimiter": { - "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", - "type": "string" - } - }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.CatalogConfiguration": { - "additionalProperties": false, - "properties": { - "GlueDataCatalogConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration", - "markdownDescription": "The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook.", - "title": "GlueDataCatalogConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration": { - "additionalProperties": false, - "properties": { - "CheckpointInterval": { - "markdownDescription": "Describes the interval in milliseconds between checkpoint operations.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointInterval` value of 60000, even if this value is set to another value using this API or in application code.", - "title": "CheckpointInterval", - "type": "number" + "CaCertificateExpiringCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired.", + "title": "CaCertificateExpiringCheck" }, - "CheckpointingEnabled": { - "markdownDescription": "Describes whether checkpointing is enabled for a Managed Service for Apache Flink application.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointingEnabled` value of `true` , even if this value is set to another value using this API or in application code.", - "title": "CheckpointingEnabled", - "type": "boolean" + "CaCertificateKeyQualityCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` .", + "title": "CaCertificateKeyQualityCheck" }, - "ConfigurationType": { - "markdownDescription": "Describes whether the application uses Managed Service for Apache Flink' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled` , `CheckpointInterval` , or `MinPauseBetweenCheckpoints` parameters.\n\n> If this value is set to `DEFAULT` , the application will use the following values, even if they are set to other values using APIs or application code:\n> \n> - *CheckpointingEnabled:* true\n> - *CheckpointInterval:* 60000\n> - *MinPauseBetweenCheckpoints:* 5000", - "title": "ConfigurationType", - "type": "string" + "ConflictingClientIdsCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if multiple devices connect using the same client ID.", + "title": "ConflictingClientIdsCheck" }, - "MinPauseBetweenCheckpoints": { - "markdownDescription": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the `CheckpointInterval` , the application otherwise performs continual checkpoint operations. For more information, see [Tuning Checkpointing](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/large_state_tuning/#tuning-checkpointing) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `MinPauseBetweenCheckpoints` value of 5000, even if this value is set using this API or in application code.", - "title": "MinPauseBetweenCheckpoints", - "type": "number" - } - }, - "required": [ - "ConfigurationType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.CodeContent": { - "additionalProperties": false, - "properties": { - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", - "markdownDescription": "Information about the Amazon S3 bucket that contains the application code.", - "title": "S3ContentLocation" + "DeviceCertificateAgeCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.DeviceCertAgeAuditCheckConfiguration", + "markdownDescription": "Checks when a device certificate has been active for a number of days greater than or equal to the number you specify.", + "title": "DeviceCertificateAgeCheck" }, - "TextContent": { - "markdownDescription": "The text-format code for a Managed Service for Apache Flink application.", - "title": "TextContent", - "type": "string" + "DeviceCertificateExpiringCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.DeviceCertExpirationAuditCheckConfiguration", + "markdownDescription": "Checks if a device certificate is expiring. By default, this check applies to device certificates expiring within 30 days or that have expired. You can modify this threshold by configuring the DeviceCertExpirationAuditCheckConfiguration.", + "title": "DeviceCertificateExpiringCheck" }, - "ZipFileContent": { - "markdownDescription": "The zip-format code for a Managed Service for Apache Flink application.", - "title": "ZipFileContent", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration": { - "additionalProperties": false, - "properties": { - "ArtifactType": { - "markdownDescription": "Set this to either `UDF` or `DEPENDENCY_JAR` . `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket.", - "title": "ArtifactType", - "type": "string" + "DeviceCertificateKeyQualityCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size.", + "title": "DeviceCertificateKeyQualityCheck" }, - "MavenReference": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MavenReference", - "markdownDescription": "The parameters required to fully specify a Maven reference.", - "title": "MavenReference" + "DeviceCertificateSharedCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT .", + "title": "DeviceCertificateSharedCheck" }, - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", - "markdownDescription": "The location of the custom artifacts.", - "title": "S3ContentLocation" - } - }, - "required": [ - "ArtifactType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation", - "markdownDescription": "The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data.", - "title": "S3ContentLocation" - } - }, - "required": [ - "S3ContentLocation" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.EnvironmentProperties": { - "additionalProperties": false, - "properties": { - "PropertyGroups": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.PropertyGroup" - }, - "markdownDescription": "Describes the execution property groups.", - "title": "PropertyGroups", - "type": "array" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "CheckpointConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration", - "markdownDescription": "Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/concepts/programming-model.html#checkpoints-for-fault-tolerance) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) .", - "title": "CheckpointConfiguration" + "IntermediateCaRevokedForActiveDeviceCertificatesCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if device certificates are still active despite being revoked by an intermediate CA.", + "title": "IntermediateCaRevokedForActiveDeviceCertificatesCheck" }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration", - "markdownDescription": "Describes configuration parameters for Amazon CloudWatch logging for an application.", - "title": "MonitoringConfiguration" + "IoTPolicyPotentialMisConfigurationCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy.", + "title": "IoTPolicyPotentialMisConfigurationCheck" }, - "ParallelismConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration", - "markdownDescription": "Describes parameters for how an application executes multiple tasks simultaneously.", - "title": "ParallelismConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration": { - "additionalProperties": false, - "properties": { - "AllowNonRestoredState": { - "markdownDescription": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. This will happen if the program is updated between snapshots to remove stateful parameters, and state data in the snapshot no longer corresponds to valid application data. For more information, see [Allowing Non-Restored State](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/savepoints/#allowing-non-restored-state) in the [Apache Flink documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> This value defaults to `false` . If you update your application without specifying this parameter, `AllowNonRestoredState` will be set to `false` , even if it was previously set to `true` .", - "title": "AllowNonRestoredState", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration": { - "additionalProperties": false, - "properties": { - "DatabaseARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the database.", - "title": "DatabaseARN", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.Input": { - "additionalProperties": false, - "properties": { - "InputParallelism": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputParallelism", - "markdownDescription": "Describes the number of in-application streams to create.", - "title": "InputParallelism" + "IotPolicyOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role.", + "title": "IotPolicyOverlyPermissiveCheck" }, - "InputProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration", - "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputProcessingConfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) .", - "title": "InputProcessingConfiguration" + "IotRoleAliasAllowsAccessToUnusedServicesCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year.", + "title": "IotRoleAliasAllowsAccessToUnusedServicesCheck" }, - "InputSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", - "title": "InputSchema" + "IotRoleAliasOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive.", + "title": "IotRoleAliasOverlyPermissiveCheck" }, - "KinesisFirehoseInput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN.", - "title": "KinesisFirehoseInput" + "LoggingDisabledCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if AWS IoT logs are disabled.", + "title": "LoggingDisabledCheck" }, - "KinesisStreamsInput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN).", - "title": "KinesisStreamsInput" + "RevokedCaCertificateStillActiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a revoked CA certificate is still active.", + "title": "RevokedCaCertificateStillActiveCheck" }, - "NamePrefix": { - "markdownDescription": "The name prefix to use when creating an in-application stream. Suppose that you specify a prefix \" `MyInApplicationStream` .\" Kinesis Data Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with the names \" `MyInApplicationStream_001` ,\" \" `MyInApplicationStream_002` ,\" and so on.", - "title": "NamePrefix", - "type": "string" - } - }, - "required": [ - "InputSchema", - "NamePrefix" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the Amazon Lambda function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", - "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.InputParallelism": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of in-application streams to create.", - "title": "Count", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration": { - "additionalProperties": false, - "properties": { - "InputLambdaProcessor": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor", - "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) that is used to preprocess the records in the stream before being processed by your application code.", - "title": "InputLambdaProcessor" + "RevokedDeviceCertificateStillActiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a revoked device certificate is still active.", + "title": "RevokedDeviceCertificateStillActiveCheck" + }, + "UnauthenticatedCognitoRoleOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive.", + "title": "UnauthenticatedCognitoRoleOverlyPermissiveCheck" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.InputSchema": { + "AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget": { "additionalProperties": false, "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordColumn" - }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", - "type": "array" + "Enabled": { + "markdownDescription": "True if notifications to the target are enabled.", + "title": "Enabled", + "type": "boolean" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to send notifications to the target.", + "title": "RoleArn", "type": "string" }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" + "TargetArn": { + "markdownDescription": "The ARN of the target (SNS topic) to which audit notifications are sent.", + "title": "TargetArn", + "type": "string" } }, - "required": [ - "RecordColumns", - "RecordFormat" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.JSONMappingParameters": { + "AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations": { "additionalProperties": false, "properties": { - "RecordRowPath": { - "markdownDescription": "The path to the top-level parent that contains the records.", - "title": "RecordRowPath", - "type": "string" + "Sns": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget", + "markdownDescription": "The `Sns` notification target.", + "title": "Sns" } }, - "required": [ - "RecordRowPath" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput": { + "AWS::IoT::AccountAuditConfiguration.CertAgeCheckCustomConfiguration": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", - "title": "ResourceARN", + "CertAgeThresholdInDays": { + "markdownDescription": "The number of days that defines when a device certificate is considered to have aged. The check will report a finding if a certificate has been active for a number of days greater than or equal to this threshold value.", + "title": "CertAgeThresholdInDays", "type": "string" } }, - "required": [ - "ResourceARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput": { + "AWS::IoT::AccountAuditConfiguration.CertExpirationCheckCustomConfiguration": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the input Kinesis data stream to read.", - "title": "ResourceARN", + "CertExpirationThresholdInDays": { + "markdownDescription": "The number of days before expiration that defines when a device certificate is considered to be approaching expiration. The check will report a finding if a certificate will expire within this number of days.", + "title": "CertExpirationThresholdInDays", "type": "string" } }, - "required": [ - "ResourceARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.MappingParameters": { + "AWS::IoT::AccountAuditConfiguration.DeviceCertAgeAuditCheckConfiguration": { "additionalProperties": false, "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" + "Configuration": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.CertAgeCheckCustomConfiguration", + "markdownDescription": "Configuration settings for the device certificate age check, including the threshold in days for certificate age. This configuration is of type `CertAgeCheckCustomConfiguration` .", + "title": "Configuration" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.MavenReference": { + "AWS::IoT::AccountAuditConfiguration.DeviceCertExpirationAuditCheckConfiguration": { "additionalProperties": false, "properties": { - "ArtifactId": { - "markdownDescription": "The artifact ID of the Maven reference.", - "title": "ArtifactId", - "type": "string" - }, - "GroupId": { - "markdownDescription": "The group ID of the Maven reference.", - "title": "GroupId", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.CertExpirationCheckCustomConfiguration", + "markdownDescription": "Configuration settings for the device certificate expiration check, including the threshold in days before expiration. This configuration is of type `CertExpirationCheckCustomConfiguration`", + "title": "Configuration" }, - "Version": { - "markdownDescription": "The version of the Maven reference.", - "title": "Version", - "type": "string" + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", + "type": "boolean" } }, - "required": [ - "ArtifactId", - "GroupId", - "Version" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration": { + "AWS::IoT::Authorizer": { "additionalProperties": false, "properties": { - "ConfigurationType": { - "markdownDescription": "Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to `CUSTOM` in order to set the `LogLevel` or `MetricsLevel` parameters.", - "title": "ConfigurationType", - "type": "string" - }, - "LogLevel": { - "markdownDescription": "Describes the verbosity of the CloudWatch Logs for an application.", - "title": "LogLevel", - "type": "string" - }, - "MetricsLevel": { - "markdownDescription": "Describes the granularity of the CloudWatch Logs for an application. The `Parallelism` level is not recommended for applications with a Parallelism over 64 due to excessive costs.", - "title": "MetricsLevel", + "Condition": { "type": "string" - } - }, - "required": [ - "ConfigurationType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration": { - "additionalProperties": false, - "properties": { - "AutoScalingEnabled": { - "markdownDescription": "Describes whether the Managed Service for Apache Flink service can increase the parallelism of the application in response to increased throughput.", - "title": "AutoScalingEnabled", - "type": "boolean" }, - "ConfigurationType": { - "markdownDescription": "Describes whether the application uses the default parallelism for the Managed Service for Apache Flink service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled` , `Parallelism` , or `ParallelismPerKPU` properties.", - "title": "ConfigurationType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Parallelism": { - "markdownDescription": "Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if [ParallelismConfiguration:AutoScalingEnabled](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_ParallelismConfiguration.html#kinesisanalytics-Type-ParallelismConfiguration-AutoScalingEnabled.html) is set to `true` .", - "title": "Parallelism", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParallelismPerKPU": { - "markdownDescription": "Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see [Amazon Kinesis Data Analytics Pricing](https://docs.aws.amazon.com/kinesis/data-analytics/pricing/) .", - "title": "ParallelismPerKPU", - "type": "number" - } - }, - "required": [ - "ConfigurationType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.PropertyGroup": { - "additionalProperties": false, - "properties": { - "PropertyGroupId": { - "markdownDescription": "Describes the key of an application execution property key-value pair.", - "title": "PropertyGroupId", - "type": "string" + "Metadata": { + "type": "object" }, - "PropertyMap": { - "additionalProperties": true, - "markdownDescription": "Describes the value of an application execution property key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "AuthorizerFunctionArn": { + "markdownDescription": "The authorizer's Lambda function ARN.", + "title": "AuthorizerFunctionArn", + "type": "string" + }, + "AuthorizerName": { + "markdownDescription": "The authorizer name.", + "title": "AuthorizerName", + "type": "string" + }, + "EnableCachingForHttp": { + "markdownDescription": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections.", + "title": "EnableCachingForHttp", + "type": "boolean" + }, + "SigningDisabled": { + "markdownDescription": "Specifies whether AWS IoT validates the token signature in an authorization request.", + "title": "SigningDisabled", + "type": "boolean" + }, + "Status": { + "markdownDescription": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the custom authorizer.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "title": "Tags", + "type": "array" + }, + "TokenKeyName": { + "markdownDescription": "The key used to extract the token from the HTTP headers.", + "title": "TokenKeyName", "type": "string" + }, + "TokenSigningPublicKeys": { + "additionalProperties": true, + "markdownDescription": "The public keys used to validate the token signature returned by your custom authentication service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TokenSigningPublicKeys", + "type": "object" } }, - "title": "PropertyMap", + "required": [ + "AuthorizerFunctionArn" + ], "type": "object" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.RecordColumn": { - "additionalProperties": false, - "properties": { - "Mapping": { - "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", - "title": "Mapping", - "type": "string" }, - "Name": { - "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", - "title": "Name", + "Type": { + "enum": [ + "AWS::IoT::Authorizer" + ], "type": "string" }, - "SqlType": { - "markdownDescription": "The type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "SqlType" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.RecordFormat": { + "AWS::IoT::BillingGroup": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MappingParameters", - "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" - }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "Condition": { "type": "string" - } - }, - "required": [ - "RecordFormatType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.RunConfiguration": { - "additionalProperties": false, - "properties": { - "ApplicationRestoreConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration", - "markdownDescription": "Describes the restore behavior of a restarting application.", - "title": "ApplicationRestoreConfiguration" }, - "FlinkRunConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration", - "markdownDescription": "Describes the starting parameters for a Managed Service for Apache Flink application.", - "title": "FlinkRunConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation": { - "additionalProperties": false, - "properties": { - "BasePath": { - "markdownDescription": "The base path for the S3 bucket.", - "title": "BasePath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", - "type": "string" - } - }, - "required": [ - "BucketARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.S3ContentLocation": { - "additionalProperties": false, - "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) for the S3 bucket containing the application code.", - "title": "BucketARN", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FileKey": { - "markdownDescription": "The file key for the object containing the application code.", - "title": "FileKey", - "type": "string" + "Metadata": { + "type": "object" }, - "ObjectVersion": { - "markdownDescription": "The version of the object containing the application code.", - "title": "ObjectVersion", - "type": "string" - } - }, - "required": [ - "BucketARN", - "FileKey" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "Inputs": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.Input" - }, - "markdownDescription": "The array of [Input](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_Input.html) objects describing the input streams used by the application.", - "title": "Inputs", - "type": "array" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.VpcConfiguration": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "BillingGroupName": { + "markdownDescription": "The name of the billing group.", + "title": "BillingGroupName", + "type": "string" + }, + "BillingGroupProperties": { + "$ref": "#/definitions/AWS::IoT::BillingGroup.BillingGroupProperties", + "markdownDescription": "The properties of the billing group.", + "title": "BillingGroupProperties" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the billing group.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The array of [SecurityGroup](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SecurityGroup.html) IDs used by the VPC configuration.", - "title": "SecurityGroupIds", - "type": "array" + "type": "object" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The array of [Subnet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Subnet.html) IDs used by the VPC configuration.", - "title": "SubnetIds", - "type": "array" + "Type": { + "enum": [ + "AWS::IoT::BillingGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "SecurityGroupIds", - "SubnetIds" + "Type" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "CatalogConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CatalogConfiguration", - "markdownDescription": "The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook.", - "title": "CatalogConfiguration" - }, - "CustomArtifactsConfiguration": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration" - }, - "markdownDescription": "A list of `CustomArtifactConfiguration` objects.", - "title": "CustomArtifactsConfiguration", - "type": "array" - }, - "DeployAsApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration", - "markdownDescription": "The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state.", - "title": "DeployAsApplicationConfiguration" - }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration", - "markdownDescription": "The monitoring configuration of a Kinesis Data Analytics Studio notebook.", - "title": "MonitoringConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration": { + "AWS::IoT::BillingGroup.BillingGroupProperties": { "additionalProperties": false, "properties": { - "LogLevel": { - "markdownDescription": "The verbosity of the CloudWatch Logs for an application. You can set it to `INFO` , `WARN` , `ERROR` , or `DEBUG` .", - "title": "LogLevel", + "BillingGroupDescription": { + "markdownDescription": "The description of the billing group.", + "title": "BillingGroupDescription", "type": "string" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption": { + "AWS::IoT::CACertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -138519,26 +145583,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "AutoRegistrationStatus": { + "markdownDescription": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\".", + "title": "AutoRegistrationStatus", "type": "string" }, - "CloudWatchLoggingOption": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption", - "markdownDescription": "Provides a description of Amazon CloudWatch logging options, including the log stream Amazon Resource Name (ARN).", - "title": "CloudWatchLoggingOption" + "CACertificatePem": { + "markdownDescription": "The certificate data in PEM format.", + "title": "CACertificatePem", + "type": "string" + }, + "CertificateMode": { + "markdownDescription": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\".", + "title": "CertificateMode", + "type": "string" + }, + "RegistrationConfig": { + "$ref": "#/definitions/AWS::IoT::CACertificate.RegistrationConfig", + "markdownDescription": "Information about the registration configuration.", + "title": "RegistrationConfig" + }, + "RemoveAutoRegistration": { + "markdownDescription": "If true, removes auto registration.", + "title": "RemoveAutoRegistration", + "type": "boolean" + }, + "Status": { + "markdownDescription": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\".", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VerificationCertificatePem": { + "markdownDescription": "The private key verification certificate.", + "title": "VerificationCertificatePem", + "type": "string" } }, "required": [ - "ApplicationName", - "CloudWatchLoggingOption" + "CACertificatePem", + "Status" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption" + "AWS::IoT::CACertificate" ], "type": "string" }, @@ -138557,21 +145654,28 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption": { + "AWS::IoT::CACertificate.RegistrationConfig": { "additionalProperties": false, "properties": { - "LogStreamARN": { - "markdownDescription": "The ARN of the CloudWatch log to receive application messages.", - "title": "LogStreamARN", + "RoleArn": { + "markdownDescription": "The ARN of the role.", + "title": "RoleArn", + "type": "string" + }, + "TemplateBody": { + "markdownDescription": "The template body.", + "title": "TemplateBody", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the provisioning template.", + "title": "TemplateName", "type": "string" } }, - "required": [ - "LogStreamARN" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput": { + "AWS::IoT::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -138606,26 +145710,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "CACertificatePem": { + "markdownDescription": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.", + "title": "CACertificatePem", "type": "string" }, - "Output": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.Output", - "markdownDescription": "Describes a SQL-based Kinesis Data Analytics application's output configuration, in which you identify an in-application stream and a destination where you want the in-application stream data to be written. The destination can be a Kinesis data stream or a Kinesis Data Firehose delivery stream.", - "title": "Output" + "CertificateMode": { + "markdownDescription": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .", + "title": "CertificateMode", + "type": "string" + }, + "CertificatePem": { + "markdownDescription": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.", + "title": "CertificatePem", + "type": "string" + }, + "CertificateSigningRequest": { + "markdownDescription": "The certificate signing request (CSR).", + "title": "CertificateSigningRequest", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used.", + "title": "Status", + "type": "string" } }, "required": [ - "ApplicationName", - "Output" + "Status" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationOutput" + "AWS::IoT::Certificate" ], "type": "string" }, @@ -138644,94 +145762,7 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema": { - "additionalProperties": false, - "properties": { - "RecordFormatType": { - "markdownDescription": "Specifies the format of the records on the output stream.", - "title": "RecordFormatType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the destination delivery stream to write to.", - "title": "ResourceARN", - "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the destination Kinesis data stream to write to.", - "title": "ResourceARN", - "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", - "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.Output": { - "additionalProperties": false, - "properties": { - "DestinationSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema", - "markdownDescription": "Describes the data format when records are written to the destination.", - "title": "DestinationSchema" - }, - "KinesisFirehoseOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput", - "markdownDescription": "Identifies a Kinesis Data Firehose delivery stream as the destination.", - "title": "KinesisFirehoseOutput" - }, - "KinesisStreamsOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput", - "markdownDescription": "Identifies a Kinesis data stream as the destination.", - "title": "KinesisStreamsOutput" - }, - "LambdaOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput", - "markdownDescription": "Identifies an Amazon Lambda function as the destination.", - "title": "LambdaOutput" - }, - "Name": { - "markdownDescription": "The name of the in-application stream.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "DestinationSchema" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource": { + "AWS::IoT::CertificateProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -138766,26 +145797,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "AccountDefaultForOperations": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` .", + "title": "AccountDefaultForOperations", + "type": "array" + }, + "CertificateProviderName": { + "markdownDescription": "The name of the certificate provider.", + "title": "CertificateProviderName", "type": "string" }, - "ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource", - "markdownDescription": "For a SQL-based Kinesis Data Analytics application, describes the reference data source by providing the source information (Amazon S3 bucket name and object key name), the resulting in-application table name that is created, and the necessary schema to map the data elements in the Amazon S3 object to the in-application table.", - "title": "ReferenceDataSource" + "LambdaFunctionArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "LambdaFunctionArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the certificate provider.", + "title": "Tags", + "type": "array" } }, "required": [ - "ApplicationName", - "ReferenceDataSource" + "AccountDefaultForOperations", + "LambdaFunctionArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource" + "AWS::IoT::CertificateProvider" ], "type": "string" }, @@ -138804,173 +145851,395 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters": { + "AWS::IoT::Command": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", + "Condition": { "type": "string" }, - "RecordRowDelimiter": { - "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordRowPath": { - "markdownDescription": "The path to the top-level parent that contains the records.", - "title": "RecordRowPath", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CommandId": { + "markdownDescription": "The unique identifier of the command.", + "title": "CommandId", + "type": "string" + }, + "CreatedAt": { + "markdownDescription": "The timestamp, when the command was created.", + "title": "CreatedAt", + "type": "string" + }, + "Deprecated": { + "markdownDescription": "Indicates whether the command has been deprecated.", + "title": "Deprecated", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the command parameter.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the command.", + "title": "DisplayName", + "type": "string" + }, + "LastUpdatedAt": { + "markdownDescription": "The timestamp, when the command was last updated.", + "title": "LastUpdatedAt", + "type": "string" + }, + "MandatoryParameters": { + "items": { + "$ref": "#/definitions/AWS::IoT::Command.CommandParameter" + }, + "markdownDescription": "", + "title": "MandatoryParameters", + "type": "array" + }, + "Namespace": { + "markdownDescription": "", + "title": "Namespace", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoT::Command.CommandPayload", + "markdownDescription": "", + "title": "Payload" + }, + "PendingDeletion": { + "markdownDescription": "Indicates whether the command is pending deletion.", + "title": "PendingDeletion", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "CommandId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::Command" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "RecordRowPath" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters": { + "AWS::IoT::Command.CommandParameter": { "additionalProperties": false, "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" + "DefaultValue": { + "$ref": "#/definitions/AWS::IoT::Command.CommandParameterValue", + "markdownDescription": "", + "title": "DefaultValue" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn": { - "additionalProperties": false, - "properties": { - "Mapping": { - "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", - "title": "Mapping", + "Description": { + "markdownDescription": "", + "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", + "markdownDescription": "", "title": "Name", "type": "string" }, - "SqlType": { - "markdownDescription": "The type of column created in the in-application input stream or reference table.", - "title": "SqlType", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::IoT::Command.CommandParameterValue", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "Name", - "SqlType" + "Name" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat": { + "AWS::IoT::Command.CommandParameterValue": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters", - "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" + "B": { + "markdownDescription": "", + "title": "B", + "type": "boolean" }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "BIN": { + "markdownDescription": "", + "title": "BIN", + "type": "string" + }, + "D": { + "markdownDescription": "", + "title": "D", + "type": "number" + }, + "I": { + "markdownDescription": "", + "title": "I", + "type": "number" + }, + "L": { + "markdownDescription": "", + "title": "L", + "type": "string" + }, + "S": { + "markdownDescription": "", + "title": "S", + "type": "string" + }, + "UL": { + "markdownDescription": "", + "title": "UL", "type": "string" } }, - "required": [ - "RecordFormatType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource": { + "AWS::IoT::Command.CommandPayload": { "additionalProperties": false, "properties": { - "ReferenceSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", - "title": "ReferenceSchema" - }, - "S3ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource", - "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. A Kinesis Data Analytics application loads reference data only once. If the data changes, you call the [UpdateApplication](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_UpdateApplication.html) operation to trigger reloading of data into your application.", - "title": "S3ReferenceDataSource" + "Content": { + "markdownDescription": "", + "title": "Content", + "type": "string" }, - "TableName": { - "markdownDescription": "The name of the in-application table to create.", - "title": "TableName", + "ContentType": { + "markdownDescription": "", + "title": "ContentType", "type": "string" } }, - "required": [ - "ReferenceSchema" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema": { + "AWS::IoT::CustomMetric": { "additionalProperties": false, "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DisplayName": { + "markdownDescription": "The friendly name in the console for the custom metric. This name doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. You can update the friendly name after you define it.", + "title": "DisplayName", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. The name can't begin with `aws:` . You can\u2019t change the name after you define it.", + "title": "MetricName", + "type": "string" + }, + "MetricType": { + "markdownDescription": "The type of the custom metric. Types include `string-list` , `ip-address-list` , `number-list` , and `number` .\n\n> The type `number` only takes a single metric value as an input, but when you submit the metrics value in the DeviceMetrics report, you must pass it as an array with a single value.", + "title": "MetricType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the custom metric.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", - "type": "array" + "required": [ + "MetricType" + ], + "type": "object" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", + "Type": { + "enum": [ + "AWS::IoT::CustomMetric" + ], "type": "string" }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "RecordColumns", - "RecordFormat" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource": { + "AWS::IoT::Dimension": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", + "Condition": { "type": "string" }, - "FileKey": { - "markdownDescription": "The object key name containing the reference data.", - "title": "FileKey", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A unique identifier for the dimension.", + "title": "Name", + "type": "string" + }, + "StringValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the value or list of values for the dimension. For `TOPIC_FILTER` dimensions, this is a pattern used to match the MQTT topic (for example, \"admin/#\").", + "title": "StringValues", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the dimension.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "Specifies the type of dimension. Supported types: `TOPIC_FILTER.`", + "title": "Type", + "type": "string" + } + }, + "required": [ + "StringValues", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::Dimension" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketARN", - "FileKey" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream": { + "AWS::IoT::DomainConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -139005,90 +146274,83 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonOpenSearchServerlessDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service.", - "title": "AmazonOpenSearchServerlessDestinationConfiguration" - }, - "AmazonopensearchserviceDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration", - "markdownDescription": "The destination in Amazon OpenSearch Service. You can specify only one destination.", - "title": "AmazonopensearchserviceDestinationConfiguration" - }, - "DeliveryStreamEncryptionConfigurationInput": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput", - "markdownDescription": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE).", - "title": "DeliveryStreamEncryptionConfigurationInput" - }, - "DeliveryStreamName": { - "markdownDescription": "The name of the Firehose stream.", - "title": "DeliveryStreamName", + "ApplicationProtocol": { + "markdownDescription": "An enumerated string that speci\ufb01es the application-layer protocol.", + "title": "ApplicationProtocol", "type": "string" }, - "DeliveryStreamType": { - "markdownDescription": "The Firehose stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the Firehose stream directly.\n- `KinesisStreamAsSource` : The Firehose stream uses a Kinesis data stream as a source.", - "title": "DeliveryStreamType", + "AuthenticationType": { + "markdownDescription": "An enumerated string that speci\ufb01es the authentication type.", + "title": "AuthenticationType", "type": "string" }, - "ElasticsearchDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration", - "markdownDescription": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "ElasticsearchDestinationConfiguration" - }, - "ExtendedS3DestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration", - "markdownDescription": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "ExtendedS3DestinationConfiguration" + "AuthorizerConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.AuthorizerConfig", + "markdownDescription": "An object that specifies the authorization service for a domain.", + "title": "AuthorizerConfig" }, - "HttpEndpointDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration", - "markdownDescription": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination.", - "title": "HttpEndpointDestinationConfiguration" + "ClientCertificateConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ClientCertificateConfig", + "markdownDescription": "An object that speci\ufb01es the client certificate con\ufb01guration for a domain.", + "title": "ClientCertificateConfig" }, - "KinesisStreamSourceConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration", - "markdownDescription": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream.", - "title": "KinesisStreamSourceConfiguration" + "DomainConfigurationName": { + "markdownDescription": "The name of the domain configuration. This value must be unique to a region.", + "title": "DomainConfigurationName", + "type": "string" }, - "MSKSourceConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration", - "markdownDescription": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream.", - "title": "MSKSourceConfiguration" + "DomainConfigurationStatus": { + "markdownDescription": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`", + "title": "DomainConfigurationStatus", + "type": "string" }, - "RedshiftDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration", - "markdownDescription": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "RedshiftDestinationConfiguration" + "DomainName": { + "markdownDescription": "The name of the domain.", + "title": "DomainName", + "type": "string" }, - "S3DestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "S3DestinationConfiguration" + "ServerCertificateArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.", + "title": "ServerCertificateArns", + "type": "array" }, - "SnowflakeDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration", - "markdownDescription": "Configure Snowflake destination", - "title": "SnowflakeDestinationConfiguration" + "ServerCertificateConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ServerCertificateConfig", + "markdownDescription": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", + "title": "ServerCertificateConfig" }, - "SplunkDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration", - "markdownDescription": "The configuration of a destination in Splunk for the delivery stream.", - "title": "SplunkDestinationConfiguration" + "ServiceType": { + "markdownDescription": "The type of service delivered by the endpoint.\n\n> AWS IoT Core currently supports only the `DATA` service type.", + "title": "ServiceType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A set of tags to assign to the Firehose stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the Firehose stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a Firehose stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)", + "markdownDescription": "Metadata which can be used to manage the domain configuration.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", "title": "Tags", "type": "array" + }, + "TlsConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.TlsConfig", + "markdownDescription": "An object that specifies the TLS configuration for a domain.", + "title": "TlsConfig" + }, + "ValidationCertificateArn": { + "markdownDescription": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.", + "title": "ValidationCertificateArn", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::KinesisFirehose::DeliveryStream" + "AWS::IoT::DomainConfiguration" ], "type": "string" }, @@ -139106,1442 +146368,1734 @@ ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints": { + "AWS::IoT::DomainConfiguration.AuthorizerConfig": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", - "title": "IntervalInSeconds", - "type": "number" + "AllowAuthorizerOverride": { + "markdownDescription": "A Boolean that specifies whether the domain configuration's authorization service can be overridden.", + "title": "AllowAuthorizerOverride", + "type": "boolean" }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n\nWe recommend setting this parameter to a value greater than the amount of data you typically ingest into the Firehose stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", - "title": "SizeInMBs", - "type": "number" + "DefaultAuthorizerName": { + "markdownDescription": "The name of the authorization service for a domain configuration.", + "title": "DefaultAuthorizerName", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration": { + "AWS::IoT::DomainConfiguration.ClientCertificateConfig": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "", - "title": "CloudWatchLoggingOptions" - }, - "CollectionEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.", - "title": "CollectionEndpoint", - "type": "string" - }, - "IndexName": { - "markdownDescription": "The Serverless offering for Amazon OpenSearch Service index name.", - "title": "IndexName", + "ClientCertificateCallbackArn": { + "markdownDescription": "The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.", + "title": "ClientCertificateCallbackArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::DomainConfiguration.ServerCertificateConfig": { + "additionalProperties": false, + "properties": { + "EnableOCSPCheck": { + "markdownDescription": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", + "title": "EnableOCSPCheck", + "type": "boolean" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes).", - "title": "RetryOptions" - }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents.", - "title": "RoleARN", + "OcspAuthorizedResponderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration.", + "title": "OcspAuthorizedResponderArn", "type": "string" }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.", - "title": "S3BackupMode", + "OcspLambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration.", + "title": "OcspLambdaArn", "type": "string" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "", - "title": "S3Configuration" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "", - "title": "VpcConfiguration" } }, - "required": [ - "IndexName", - "RoleARN", - "S3Configuration" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions": { + "AWS::IoT::DomainConfiguration.ServerCertificateSummary": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", - "title": "DurationInSeconds", - "type": "number" + "ServerCertificateArn": { + "markdownDescription": "The ARN of the server certificate.", + "title": "ServerCertificateArn", + "type": "string" + }, + "ServerCertificateStatus": { + "markdownDescription": "The status of the server certificate.", + "title": "ServerCertificateStatus", + "type": "string" + }, + "ServerCertificateStatusDetail": { + "markdownDescription": "Details that explain the status of the server certificate.", + "title": "ServerCertificateStatusDetail", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { + "AWS::IoT::DomainConfiguration.TlsConfig": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", - "title": "IntervalInSeconds", - "type": "number" - }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", - "title": "SizeInMBs", - "type": "number" + "SecurityPolicy": { + "markdownDescription": "The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* .", + "title": "SecurityPolicy", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration": { + "AWS::IoT::FleetMetric": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", - "title": "CloudWatchLoggingOptions" - }, - "ClusterEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field.", - "title": "ClusterEndpoint", - "type": "string" - }, - "DocumentIdOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", - "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", - "title": "DocumentIdOptions" - }, - "DomainARN": { - "markdownDescription": "The ARN of the Amazon OpenSearch Service domain.", - "title": "DomainARN", - "type": "string" - }, - "IndexName": { - "markdownDescription": "The Amazon OpenSearch Service index name.", - "title": "IndexName", + "Condition": { "type": "string" }, - "IndexRotationPeriod": { - "markdownDescription": "The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data.", - "title": "IndexRotationPeriod", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "Describes a data processing configuration.", - "title": "ProcessingConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions", - "markdownDescription": "The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes).", - "title": "RetryOptions" + "Metadata": { + "type": "object" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents.", - "title": "RoleARN", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AggregationField": { + "markdownDescription": "The field to aggregate.", + "title": "AggregationField", + "type": "string" + }, + "AggregationType": { + "$ref": "#/definitions/AWS::IoT::FleetMetric.AggregationType", + "markdownDescription": "The type of the aggregation query.", + "title": "AggregationType" + }, + "Description": { + "markdownDescription": "The fleet metric description.", + "title": "Description", + "type": "string" + }, + "IndexName": { + "markdownDescription": "The name of the index to search.", + "title": "IndexName", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the fleet metric to create.", + "title": "MetricName", + "type": "string" + }, + "Period": { + "markdownDescription": "The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60.", + "title": "Period", + "type": "number" + }, + "QueryString": { + "markdownDescription": "The search query string.", + "title": "QueryString", + "type": "string" + }, + "QueryVersion": { + "markdownDescription": "The query version.", + "title": "QueryVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the fleet metric.", + "title": "Tags", + "type": "array" + }, + "Unit": { + "markdownDescription": "Used to support unit transformation such as milliseconds to seconds. Must be a unit supported by CW metric. Default to null.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "MetricName" + ], + "type": "object" }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3.", - "title": "S3BackupMode", + "Type": { + "enum": [ + "AWS::IoT::FleetMetric" + ], "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in Amazon S3.", - "title": "S3Configuration" - }, - "TypeName": { - "markdownDescription": "The Amazon OpenSearch Service type name.", - "title": "TypeName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "The details of the VPC of the Amazon OpenSearch Service destination.", - "title": "VpcConfiguration" } }, "required": [ - "IndexName", - "RoleARN", - "S3Configuration" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions": { + "AWS::IoT::FleetMetric.AggregationType": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", - "title": "DurationInSeconds", - "type": "number" + "Name": { + "markdownDescription": "The name of the aggregation type.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the values of aggregation types.", + "title": "Values", + "type": "array" } }, + "required": [ + "Name", + "Values" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration": { + "AWS::IoT::JobTemplate": { "additionalProperties": false, "properties": { - "Connectivity": { - "markdownDescription": "The type of connectivity used to access the Amazon MSK cluster.", - "title": "Connectivity", + "Condition": { "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of the role used to access the Amazon MSK cluster.", - "title": "RoleARN", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AbortConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortConfig", + "markdownDescription": "The criteria that determine when and how a job abort takes place.", + "title": "AbortConfig" + }, + "Description": { + "markdownDescription": "A description of the job template.", + "title": "Description", + "type": "string" + }, + "DestinationPackageVersions": { + "items": { + "type": "string" + }, + "markdownDescription": "The package version Amazon Resource Names (ARNs) that are installed on the device\u2019s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed.", + "title": "DestinationPackageVersions", + "type": "array" + }, + "Document": { + "markdownDescription": "The job document.\n\nRequired if you don't specify a value for `documentSource` .", + "title": "Document", + "type": "string" + }, + "DocumentSource": { + "markdownDescription": "An S3 link, or S3 object URL, to the job document. The link is an Amazon S3 object URL and is required if you don't specify a value for `document` .\n\nFor example, `--document-source https://s3. *region-code* .amazonaws.com/example-firmware/device-firmware.1.0`\n\nFor more information, see [Methods for accessing a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html) .", + "title": "DocumentSource", + "type": "string" + }, + "JobArn": { + "markdownDescription": "The ARN of the job to use as the basis for the job template.", + "title": "JobArn", + "type": "string" + }, + "JobExecutionsRetryConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRetryConfig", + "markdownDescription": "Allows you to create the criteria to retry a job.", + "title": "JobExecutionsRetryConfig" + }, + "JobExecutionsRolloutConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRolloutConfig", + "markdownDescription": "Allows you to create a staged rollout of a job.", + "title": "JobExecutionsRolloutConfig" + }, + "JobTemplateId": { + "markdownDescription": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here.", + "title": "JobTemplateId", + "type": "string" + }, + "MaintenanceWindows": { + "items": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.MaintenanceWindow" + }, + "markdownDescription": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job.", + "title": "MaintenanceWindows", + "type": "array" + }, + "PresignedUrlConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.PresignedUrlConfig", + "markdownDescription": "Configuration for pre-signed S3 URLs.", + "title": "PresignedUrlConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the job template.", + "title": "Tags", + "type": "array" + }, + "TimeoutConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.TimeoutConfig", + "markdownDescription": "Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to `IN_PROGRESS` . If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to `TIMED_OUT` .", + "title": "TimeoutConfig" + } + }, + "required": [ + "Description", + "JobTemplateId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::JobTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Connectivity", - "RoleARN" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.BufferingHints": { + "AWS::IoT::JobTemplate.AbortConfig": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "IntervalInSeconds", - "type": "number" - }, - "SizeInMBs": { - "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "SizeInMBs", - "type": "number" + "CriteriaList": { + "items": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortCriteria" + }, + "markdownDescription": "The list of criteria that determine when and how to abort the job.", + "title": "CriteriaList", + "type": "array" } }, + "required": [ + "CriteriaList" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions": { + "AWS::IoT::JobTemplate.AbortCriteria": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Logs logging is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "LogGroupName": { - "markdownDescription": "The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use.\n\nConditional. If you enable logging, you must specify this property.", - "title": "LogGroupName", + "Action": { + "markdownDescription": "The type of job action to take to initiate the job abort.", + "title": "Action", "type": "string" }, - "LogStreamName": { - "markdownDescription": "The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery.\n\nConditional. If you enable logging, you must specify this property.", - "title": "LogStreamName", + "FailureType": { + "markdownDescription": "The type of job execution failures that can initiate a job abort.", + "title": "FailureType", "type": "string" + }, + "MinNumberOfExecutedThings": { + "markdownDescription": "The minimum number of things which must receive job execution notifications before the job can be aborted.", + "title": "MinNumberOfExecutedThings", + "type": "number" + }, + "ThresholdPercentage": { + "markdownDescription": "The minimum percentage of job execution failures that must occur to initiate the job abort.\n\nAWS IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999).", + "title": "ThresholdPercentage", + "type": "number" } }, + "required": [ + "Action", + "FailureType", + "MinNumberOfExecutedThings", + "ThresholdPercentage" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.CopyCommand": { + "AWS::IoT::JobTemplate.ExponentialRolloutRate": { "additionalProperties": false, "properties": { - "CopyOptions": { - "markdownDescription": "Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "CopyOptions", - "type": "string" + "BaseRatePerMinute": { + "markdownDescription": "The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout.", + "title": "BaseRatePerMinute", + "type": "number" }, - "DataTableColumns": { - "markdownDescription": "A comma-separated list of column names.", - "title": "DataTableColumns", - "type": "string" + "IncrementFactor": { + "markdownDescription": "The exponential factor to increase the rate of rollout for a job.\n\nAWS IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55).", + "title": "IncrementFactor", + "type": "number" }, - "DataTableName": { - "markdownDescription": "The name of the target table. The table must already exist in the database.", - "title": "DataTableName", - "type": "string" + "RateIncreaseCriteria": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.RateIncreaseCriteria", + "markdownDescription": "The criteria to initiate the increase in rate of rollout for a job.", + "title": "RateIncreaseCriteria" } }, "required": [ - "DataTableName" + "BaseRatePerMinute", + "IncrementFactor", + "RateIncreaseCriteria" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration": { + "AWS::IoT::JobTemplate.JobExecutionsRetryConfig": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details.", - "title": "Enabled", - "type": "boolean" - }, - "InputFormatConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration", - "markdownDescription": "Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true.", - "title": "InputFormatConfiguration" - }, - "OutputFormatConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration", - "markdownDescription": "Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true.", - "title": "OutputFormatConfiguration" - }, - "SchemaConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration", - "markdownDescription": "Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true.", - "title": "SchemaConfiguration" + "RetryCriteriaList": { + "items": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.RetryCriteria" + }, + "markdownDescription": "The list of criteria that determines how many retries are allowed for each failure type for a job.", + "title": "RetryCriteriaList", + "type": "array" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput": { + "AWS::IoT::JobTemplate.JobExecutionsRolloutConfig": { "additionalProperties": false, "properties": { - "KeyARN": { - "markdownDescription": "If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK.", - "title": "KeyARN", - "type": "string" + "ExponentialRolloutRate": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.ExponentialRolloutRate", + "markdownDescription": "The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout.", + "title": "ExponentialRolloutRate" }, - "KeyType": { - "markdownDescription": "Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) .\n\nYou can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams.\n\n> To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide.", - "title": "KeyType", - "type": "string" - } - }, - "required": [ - "KeyType" - ], + "MaximumPerMinute": { + "markdownDescription": "The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.", + "title": "MaximumPerMinute", + "type": "number" + } + }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.Deserializer": { + "AWS::IoT::JobTemplate.MaintenanceWindow": { "additionalProperties": false, "properties": { - "HiveJsonSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe", - "markdownDescription": "The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.", - "title": "HiveJsonSerDe" + "DurationInMinutes": { + "markdownDescription": "Displays the duration of the next maintenance window.", + "title": "DurationInMinutes", + "type": "number" }, - "OpenXJsonSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe", - "markdownDescription": "The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.", - "title": "OpenXJsonSerDe" + "StartTime": { + "markdownDescription": "Displays the start time of the next maintenance window.", + "title": "StartTime", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions": { + "AWS::IoT::JobTemplate.PresignedUrlConfig": { "additionalProperties": false, "properties": { - "DefaultDocumentIdFormat": { - "markdownDescription": "When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs.\n\nWhen the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance.", - "title": "DefaultDocumentIdFormat", + "ExpiresInSec": { + "markdownDescription": "How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.", + "title": "ExpiresInSec", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.\n\n> For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* .", + "title": "RoleArn", "type": "string" } }, "required": [ - "DefaultDocumentIdFormat" + "RoleArn" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration": { + "AWS::IoT::JobTemplate.RateIncreaseCriteria": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream.", - "title": "Enabled", - "type": "boolean" + "NumberOfNotifiedThings": { + "markdownDescription": "The threshold for number of notified things that will initiate the increase in rate of rollout.", + "title": "NumberOfNotifiedThings", + "type": "number" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", - "markdownDescription": "Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.", - "title": "RetryOptions" + "NumberOfSucceededThings": { + "markdownDescription": "The threshold for number of succeeded things that will initiate the increase in rate of rollout.", + "title": "NumberOfSucceededThings", + "type": "number" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints": { + "AWS::IoT::JobTemplate.RetryCriteria": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "IntervalInSeconds", - "type": "number" + "FailureType": { + "markdownDescription": "The type of job execution failures that can initiate a job retry.", + "title": "FailureType", + "type": "string" }, - "SizeInMBs": { - "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "SizeInMBs", + "NumberOfRetries": { + "markdownDescription": "The number of retries allowed for a failure type for the job.", + "title": "NumberOfRetries", "type": "number" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration": { + "AWS::IoT::JobTemplate.TimeoutConfig": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints", - "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch Logs logging options for the delivery stream.", - "title": "CloudWatchLoggingOptions" - }, - "ClusterEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field.", - "title": "ClusterEndpoint", - "type": "string" - }, - "DocumentIdOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", - "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", - "title": "DocumentIdOptions" - }, - "DomainARN": { - "markdownDescription": "The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* .\n\nSpecify either `ClusterEndpoint` or `DomainARN` .", - "title": "DomainARN", - "type": "string" - }, - "IndexName": { - "markdownDescription": "The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing.", - "title": "IndexName", + "InProgressTimeoutInMinutes": { + "markdownDescription": "Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status.", + "title": "InProgressTimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "InProgressTimeoutInMinutes" + ], + "type": "object" + }, + "AWS::IoT::Logging": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "IndexRotationPeriod": { - "markdownDescription": "The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "IndexRotationPeriod", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions", - "markdownDescription": "The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES.", - "title": "RetryOptions" + "Metadata": { + "type": "object" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) .", - "title": "RoleARN", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The account ID.", + "title": "AccountId", + "type": "string" + }, + "DefaultLogLevel": { + "markdownDescription": "The default log level. Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", + "title": "DefaultLogLevel", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The role ARN used for the log.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "AccountId", + "DefaultLogLevel", + "RoleArn" + ], + "type": "object" }, - "S3BackupMode": { - "markdownDescription": "The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "S3BackupMode", + "Type": { + "enum": [ + "AWS::IoT::Logging" + ], "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The S3 bucket where Kinesis Data Firehose backs up incoming data.", - "title": "S3Configuration" - }, - "TypeName": { - "markdownDescription": "The Elasticsearch type name that Amazon ES adds to documents when indexing data.", - "title": "TypeName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "The details of the VPC of the Amazon ES destination.", - "title": "VpcConfiguration" } }, "required": [ - "IndexName", - "RoleARN", - "S3Configuration" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "DurationInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KMSEncryptionConfig": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig", - "markdownDescription": "The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data.", - "title": "KMSEncryptionConfig" - }, - "NoEncryptionConfig": { - "markdownDescription": "Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "NoEncryptionConfig", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration": { + "AWS::IoT::MitigationAction": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "BucketARN", - "type": "string" - }, - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "The buffering option.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "CompressionFormat": { - "markdownDescription": "The compression format. If no value is specified, the default is `UNCOMPRESSED` .", - "title": "CompressionFormat", + "Condition": { "type": "string" }, - "CustomTimeZone": { - "markdownDescription": "The time zone you prefer. UTC is the default.", - "title": "CustomTimeZone", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DataFormatConversionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration", - "markdownDescription": "The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3.", - "title": "DataFormatConversionConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DynamicPartitioningConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration", - "markdownDescription": "The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys.", - "title": "DynamicPartitioningConfiguration" + "Metadata": { + "type": "object" }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", - "markdownDescription": "The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` .", - "title": "EncryptionConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "ActionName": { + "markdownDescription": "The friendly name of the mitigation action.", + "title": "ActionName", + "type": "string" + }, + "ActionParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.ActionParams", + "markdownDescription": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.", + "title": "ActionParams" + }, + "RoleArn": { + "markdownDescription": "The IAM role ARN used to apply this mitigation action.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the mitigation action.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ActionParams", + "RoleArn" + ], + "type": "object" }, - "ErrorOutputPrefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", - "title": "ErrorOutputPrefix", + "Type": { + "enum": [ + "AWS::IoT::MitigationAction" + ], "type": "string" }, - "FileExtension": { - "markdownDescription": "Specify a file extension. It will override the default file extension", - "title": "FileExtension", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::IoT::MitigationAction.ActionParams": { + "additionalProperties": false, + "properties": { + "AddThingsToThingGroupParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.AddThingsToThingGroupParams", + "markdownDescription": "Specifies the group to which you want to add the devices.", + "title": "AddThingsToThingGroupParams" }, - "Prefix": { - "markdownDescription": "The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "Prefix", - "type": "string" + "EnableIoTLoggingParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.EnableIoTLoggingParams", + "markdownDescription": "Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` .", + "title": "EnableIoTLoggingParams" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" + "PublishFindingToSnsParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.PublishFindingToSnsParams", + "markdownDescription": "Specifies the topic to which the finding should be published.", + "title": "PublishFindingToSnsParams" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "RoleARN", - "type": "string" + "ReplaceDefaultPolicyVersionParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams", + "markdownDescription": "Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported.", + "title": "ReplaceDefaultPolicyVersionParams" }, - "S3BackupConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for backup in Amazon S3.", - "title": "S3BackupConfiguration" + "UpdateCACertificateParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateCACertificateParams", + "markdownDescription": "Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported.", + "title": "UpdateCACertificateParams" }, - "S3BackupMode": { - "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", - "title": "S3BackupMode", - "type": "string" + "UpdateDeviceCertificateParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateDeviceCertificateParams", + "markdownDescription": "Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported.", + "title": "UpdateDeviceCertificateParams" } }, - "required": [ - "BucketARN", - "RoleARN" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe": { + "AWS::IoT::MitigationAction.AddThingsToThingGroupParams": { "additionalProperties": false, "properties": { - "TimestampFormats": { + "OverrideDynamicGroups": { + "markdownDescription": "Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.", + "title": "OverrideDynamicGroups", + "type": "boolean" + }, + "ThingGroupNames": { "items": { "type": "string" }, - "markdownDescription": "Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default.", - "title": "TimestampFormats", + "markdownDescription": "The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.", + "title": "ThingGroupNames", "type": "array" } }, + "required": [ + "ThingGroupNames" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute": { + "AWS::IoT::MitigationAction.EnableIoTLoggingParams": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the HTTP endpoint common attribute.", - "title": "AttributeName", + "LogLevel": { + "markdownDescription": "Specifies the type of information to be logged.", + "title": "LogLevel", "type": "string" }, - "AttributeValue": { - "markdownDescription": "The value of the HTTP endpoint common attribute.", - "title": "AttributeValue", + "RoleArnForLogging": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used for logging.", + "title": "RoleArnForLogging", "type": "string" } }, "required": [ - "AttributeName", - "AttributeValue" + "LogLevel", + "RoleArnForLogging" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration": { + "AWS::IoT::MitigationAction.PublishFindingToSnsParams": { "additionalProperties": false, "properties": { - "AccessKey": { - "markdownDescription": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.", - "title": "AccessKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the HTTP endpoint selected as the destination.", - "title": "Name", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL of the HTTP endpoint selected as the destination.", - "title": "Url", + "TopicArn": { + "markdownDescription": "The ARN of the topic to which you want to publish the findings.", + "title": "TopicArn", "type": "string" } }, "required": [ - "Url" + "TopicArn" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration": { + "AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", - "title": "CloudWatchLoggingOptions" - }, - "EndpointConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration", - "markdownDescription": "The configuration of the HTTP endpoint selected as the destination.", - "title": "EndpointConfiguration" - }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "Describes the data processing configuration.", - "title": "ProcessingConfiguration" - }, - "RequestConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration", - "markdownDescription": "The configuration of the request sent to the HTTP endpoint specified as the destination.", - "title": "RequestConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", - "markdownDescription": "Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination.", - "title": "RetryOptions" - }, - "RoleARN": { - "markdownDescription": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs.", - "title": "RoleARN", - "type": "string" - }, - "S3BackupMode": { - "markdownDescription": "Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly).", - "title": "S3BackupMode", + "TemplateName": { + "markdownDescription": "The name of the template to be applied. The only supported value is `BLANK_POLICY` .", + "title": "TemplateName", "type": "string" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in Amazon S3.", - "title": "S3Configuration" } }, "required": [ - "EndpointConfiguration", - "S3Configuration" + "TemplateName" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration": { + "AWS::IoT::MitigationAction.UpdateCACertificateParams": { "additionalProperties": false, "properties": { - "CommonAttributes": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute" - }, - "markdownDescription": "Describes the metadata sent to the HTTP endpoint destination.", - "title": "CommonAttributes", - "type": "array" - }, - "ContentEncoding": { - "markdownDescription": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation.", - "title": "ContentEncoding", + "Action": { + "markdownDescription": "The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` .", + "title": "Action", "type": "string" } }, + "required": [ + "Action" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration": { - "additionalProperties": false, - "properties": { - "Deserializer": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Deserializer", - "markdownDescription": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request.", - "title": "Deserializer" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig": { + "AWS::IoT::MitigationAction.UpdateDeviceCertificateParams": { "additionalProperties": false, "properties": { - "AWSKMSKeyARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.", - "title": "AWSKMSKeyARN", + "Action": { + "markdownDescription": "The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` .", + "title": "Action", "type": "string" } }, "required": [ - "AWSKMSKeyARN" + "Action" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration": { + "AWS::IoT::Policy": { "additionalProperties": false, "properties": { - "KinesisStreamARN": { - "markdownDescription": "The ARN of the source Kinesis data stream.", - "title": "KinesisStreamARN", + "Condition": { "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of the role that provides access to the source Kinesis data stream.", - "title": "RoleARN", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "KinesisStreamARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration": { - "additionalProperties": false, - "properties": { - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration", - "markdownDescription": "The authentication configuration of the Amazon MSK cluster.", - "title": "AuthenticationConfiguration" }, - "MSKClusterARN": { - "markdownDescription": "The ARN of the Amazon MSK cluster.", - "title": "MSKClusterARN", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "The JSON document that describes the policy.", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The policy name.", + "title": "PolicyName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "PolicyDocument" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::Policy" + ], "type": "string" }, - "TopicName": { - "markdownDescription": "The topic name within the Amazon MSK cluster.", - "title": "TopicName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AuthenticationConfiguration", - "MSKClusterARN", - "TopicName" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe": { + "AWS::IoT::PolicyPrincipalAttachment": { "additionalProperties": false, "properties": { - "CaseInsensitive": { - "markdownDescription": "When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them.", - "title": "CaseInsensitive", - "type": "boolean" + "Condition": { + "type": "string" }, - "ColumnToJsonKeyMappings": { - "additionalProperties": true, - "markdownDescription": "Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{\"ts\": \"timestamp\"}` to map this key to a column named `ts` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "ColumnToJsonKeyMappings", - "type": "object" + ] }, - "ConvertDotsInJsonKeysToUnderscores": { - "markdownDescription": "When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option.\n\nThe default is `false` .", - "title": "ConvertDotsInJsonKeysToUnderscores", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.OrcSerDe": { - "additionalProperties": false, - "properties": { - "BlockSizeBytes": { - "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", - "title": "BlockSizeBytes", - "type": "number" + "Metadata": { + "type": "object" }, - "BloomFilterColumns": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyName": { + "markdownDescription": "The name of the AWS IoT policy.", + "title": "PolicyName", + "type": "string" + }, + "Principal": { + "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", + "title": "Principal", + "type": "string" + } }, - "markdownDescription": "The column names for which you want Firehose to create bloom filters. The default is `null` .", - "title": "BloomFilterColumns", - "type": "array" - }, - "BloomFilterFalsePositiveProbability": { - "markdownDescription": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1.", - "title": "BloomFilterFalsePositiveProbability", - "type": "number" + "required": [ + "PolicyName", + "Principal" + ], + "type": "object" }, - "Compression": { - "markdownDescription": "The compression code to use over data blocks. The default is `SNAPPY` .", - "title": "Compression", + "Type": { + "enum": [ + "AWS::IoT::PolicyPrincipalAttachment" + ], "type": "string" }, - "DictionaryKeyThreshold": { - "markdownDescription": "Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1.", - "title": "DictionaryKeyThreshold", - "type": "number" - }, - "EnablePadding": { - "markdownDescription": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` .", - "title": "EnablePadding", - "type": "boolean" - }, - "FormatVersion": { - "markdownDescription": "The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` .", - "title": "FormatVersion", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "PaddingTolerance": { - "markdownDescription": "A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.\n\nFor the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.\n\nKinesis Data Firehose ignores this parameter when `EnablePadding` is `false` .", - "title": "PaddingTolerance", - "type": "number" - }, - "RowIndexStride": { - "markdownDescription": "The number of rows between index entries. The default is 10,000 and the minimum is 1,000.", - "title": "RowIndexStride", - "type": "number" - }, - "StripeSizeBytes": { - "markdownDescription": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.", - "title": "StripeSizeBytes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration": { - "additionalProperties": false, - "properties": { - "Serializer": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Serializer", - "markdownDescription": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request.", - "title": "Serializer" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ParquetSerDe": { + "AWS::IoT::ProvisioningTemplate": { "additionalProperties": false, "properties": { - "BlockSizeBytes": { - "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", - "title": "BlockSizeBytes", - "type": "number" + "Condition": { + "type": "string" }, - "Compression": { - "markdownDescription": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.", - "title": "Compression", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "EnableDictionaryCompression": { - "markdownDescription": "Indicates whether to enable dictionary compression.", - "title": "EnableDictionaryCompression", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MaxPaddingBytes": { - "markdownDescription": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0.", - "title": "MaxPaddingBytes", - "type": "number" + "Metadata": { + "type": "object" }, - "PageSizeBytes": { - "markdownDescription": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", - "title": "PageSizeBytes", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the fleet provisioning template.", + "title": "Description", + "type": "string" + }, + "Enabled": { + "markdownDescription": "True to enable the fleet provisioning template, otherwise false.", + "title": "Enabled", + "type": "boolean" + }, + "PreProvisioningHook": { + "$ref": "#/definitions/AWS::IoT::ProvisioningTemplate.ProvisioningHook", + "markdownDescription": "Creates a pre-provisioning hook template.", + "title": "PreProvisioningHook" + }, + "ProvisioningRoleArn": { + "markdownDescription": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.", + "title": "ProvisioningRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the fleet provisioning template.", + "title": "Tags", + "type": "array" + }, + "TemplateBody": { + "markdownDescription": "The JSON formatted contents of the fleet provisioning template version.", + "title": "TemplateBody", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the fleet provisioning template.", + "title": "TemplateName", + "type": "string" + }, + "TemplateType": { + "markdownDescription": "The type of the provisioning template.", + "title": "TemplateType", + "type": "string" + } + }, + "required": [ + "ProvisioningRoleArn", + "TemplateBody" + ], + "type": "object" }, - "WriterVersion": { - "markdownDescription": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` .", - "title": "WriterVersion", + "Type": { + "enum": [ + "AWS::IoT::ProvisioningTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration": { + "AWS::IoT::ProvisioningTemplate.ProvisioningHook": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether data processing is enabled (true) or disabled (false).", - "title": "Enabled", - "type": "boolean" + "PayloadVersion": { + "markdownDescription": "The payload that was sent to the target function. The valid payload is `\"2020-04-01\"` .", + "title": "PayloadVersion", + "type": "string" }, - "Processors": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Processor" - }, - "markdownDescription": "The data processors.", - "title": "Processors", - "type": "array" + "TargetArn": { + "markdownDescription": "The ARN of the target function.", + "title": "TargetArn", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.Processor": { + "AWS::IoT::ResourceSpecificLogging": { "additionalProperties": false, "properties": { - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessorParameter" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LogLevel": { + "markdownDescription": "The default log level.Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", + "title": "LogLevel", + "type": "string" + }, + "TargetName": { + "markdownDescription": "The target name.", + "title": "TargetName", + "type": "string" + }, + "TargetType": { + "markdownDescription": "The target type. Valid Values: `DEFAULT | THING_GROUP`", + "title": "TargetType", + "type": "string" + } }, - "markdownDescription": "The processor parameters.", - "title": "Parameters", - "type": "array" + "required": [ + "LogLevel", + "TargetName", + "TargetType" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of processor. Valid values: `Lambda` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.ProcessorParameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.", - "title": "ParameterName", + "enum": [ + "AWS::IoT::ResourceSpecificLogging" + ], "type": "string" }, - "ParameterValue": { - "markdownDescription": "The parameter value.", - "title": "ParameterValue", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterName", - "ParameterValue" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration": { + "AWS::IoT::RoleAlias": { "additionalProperties": false, "properties": { - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" + "Condition": { + "type": "string" }, - "ClusterJDBCURL": { - "markdownDescription": "The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster.", - "title": "ClusterJDBCURL", - "type": "string" - }, - "CopyCommand": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CopyCommand", - "markdownDescription": "Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket.", - "title": "CopyCommand" - }, - "Password": { - "markdownDescription": "The password for the Amazon Redshift user that you specified in the `Username` property.", - "title": "Password", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).", - "title": "RetryOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RoleARN": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "RoleARN", - "type": "string" + "Metadata": { + "type": "object" }, - "S3BackupConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for backup in Amazon S3.", - "title": "S3BackupConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "CredentialDurationSeconds": { + "markdownDescription": "The number of seconds for which the credential is valid.", + "title": "CredentialDurationSeconds", + "type": "number" + }, + "RoleAlias": { + "markdownDescription": "The role alias.", + "title": "RoleAlias", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The role ARN.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" }, - "S3BackupMode": { - "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", - "title": "S3BackupMode", + "Type": { + "enum": [ + "AWS::IoT::RoleAlias" + ], "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them.", - "title": "S3Configuration" - }, - "Username": { - "markdownDescription": "The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster.", - "title": "Username", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ClusterJDBCURL", - "CopyCommand", - "Password", - "RoleARN", - "S3Configuration", - "Username" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value.", - "title": "DurationInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.RetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt.", - "title": "DurationInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration": { + "AWS::IoT::ScheduledAudit": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to.", - "title": "BucketARN", + "Condition": { "type": "string" }, - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "CompressionFormat": { - "markdownDescription": "The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "CompressionFormat", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", - "markdownDescription": "Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket.", - "title": "EncryptionConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ErrorOutputPrefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", - "title": "ErrorOutputPrefix", - "type": "string" + "Metadata": { + "type": "object" }, - "Prefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered.", - "title": "Prefix", + "Properties": { + "additionalProperties": false, + "properties": { + "DayOfMonth": { + "markdownDescription": "The day of the month on which the scheduled audit is run (if the `frequency` is \"MONTHLY\"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the \"LAST\" day of the month.", + "title": "DayOfMonth", + "type": "string" + }, + "DayOfWeek": { + "markdownDescription": "The day of the week on which the scheduled audit is run (if the `frequency` is \"WEEKLY\" or \"BIWEEKLY\").", + "title": "DayOfWeek", + "type": "string" + }, + "Frequency": { + "markdownDescription": "How often the scheduled audit occurs.", + "title": "Frequency", + "type": "string" + }, + "ScheduledAuditName": { + "markdownDescription": "The name of the scheduled audit.", + "title": "ScheduledAuditName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the scheduled audit.", + "title": "Tags", + "type": "array" + }, + "TargetCheckNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use `DescribeAccountAuditConfiguration` to see the list of all checks, including those that are enabled or use `UpdateAccountAuditConfiguration` to select which checks are enabled.)\n\nThe following checks are currently available:\n\n- `AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`\n- `CA_CERTIFICATE_EXPIRING_CHECK`\n- `CA_CERTIFICATE_KEY_QUALITY_CHECK`\n- `CONFLICTING_CLIENT_IDS_CHECK`\n- `DEVICE_CERTIFICATE_EXPIRING_CHECK`\n- `DEVICE_CERTIFICATE_KEY_QUALITY_CHECK`\n- `DEVICE_CERTIFICATE_SHARED_CHECK`\n- `IOT_POLICY_OVERLY_PERMISSIVE_CHECK`\n- `IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK`\n- `IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK`\n- `LOGGING_DISABLED_CHECK`\n- `REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`", + "title": "TargetCheckNames", + "type": "array" + } + }, + "required": [ + "Frequency", + "TargetCheckNames" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::ScheduledAudit" + ], "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "RoleARN", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketARN", - "RoleARN" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration": { + "AWS::IoT::SecurityProfile": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.", - "title": "CatalogId", + "Condition": { "type": "string" }, - "DatabaseName": { - "markdownDescription": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified.", - "title": "DatabaseName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Region": { - "markdownDescription": "If you don't specify an AWS Region, the default is the current Region.", - "title": "Region", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RoleARN": { - "markdownDescription": "The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified.", - "title": "RoleARN", - "type": "string" + "Metadata": { + "type": "object" }, - "TableName": { - "markdownDescription": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", - "title": "TableName", + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalMetricsToRetainV2": { + "items": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricToRetain" + }, + "markdownDescription": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's `behaviors` , but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.", + "title": "AdditionalMetricsToRetainV2", + "type": "array" + }, + "AlertTargets": { + "additionalProperties": false, + "markdownDescription": "Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.AlertTarget" + } + }, + "title": "AlertTargets", + "type": "object" + }, + "Behaviors": { + "items": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.Behavior" + }, + "markdownDescription": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", + "title": "Behaviors", + "type": "array" + }, + "MetricsExportConfig": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricsExportConfig", + "markdownDescription": "Specifies the MQTT topic and role ARN required for metric export.", + "title": "MetricsExportConfig" + }, + "SecurityProfileDescription": { + "markdownDescription": "A description of the security profile.", + "title": "SecurityProfileDescription", + "type": "string" + }, + "SecurityProfileName": { + "markdownDescription": "The name you gave to the security profile.", + "title": "SecurityProfileName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the security profile.", + "title": "Tags", + "type": "array" + }, + "TargetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the target (thing group) to which the security profile is attached.", + "title": "TargetArns", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::SecurityProfile" + ], "type": "string" }, - "VersionId": { - "markdownDescription": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up.", - "title": "VersionId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.Serializer": { + "AWS::IoT::SecurityProfile.AlertTarget": { "additionalProperties": false, "properties": { - "OrcSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OrcSerDe", - "markdownDescription": "A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) .", - "title": "OrcSerDe" + "AlertTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the notification target to which alerts are sent.", + "title": "AlertTargetArn", + "type": "string" }, - "ParquetSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ParquetSerDe", - "markdownDescription": "A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/docs/contribution-guidelines/) .", - "title": "ParquetSerDe" + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to send alerts to the notification target.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "AlertTargetArn", + "RoleArn" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration": { + "AWS::IoT::SecurityProfile.Behavior": { "additionalProperties": false, "properties": { - "AccountUrl": { - "markdownDescription": "URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional.", - "title": "AccountUrl", - "type": "string" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "", - "title": "CloudWatchLoggingOptions" - }, - "ContentColumnName": { - "markdownDescription": "The name of the record content column.", - "title": "ContentColumnName", - "type": "string" - }, - "DataLoadingOption": { - "markdownDescription": "Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column.", - "title": "DataLoadingOption", - "type": "string" - }, - "Database": { - "markdownDescription": "All data in Snowflake is maintained in databases.", - "title": "Database", - "type": "string" - }, - "KeyPassphrase": { - "markdownDescription": "Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", - "title": "KeyPassphrase", - "type": "string" - }, - "MetaDataColumnName": { - "markdownDescription": "Specify a column name in the table, where the metadata information has to be loaded. When you enable this field, you will see the following column in the snowflake table, which differs based on the source type.\n\nFor Direct PUT as source\n\n`{ \"firehoseDeliveryStreamName\" : \"streamname\", \"IngestionTime\" : \"timestamp\" }`\n\nFor Kinesis Data Stream as source\n\n`\"kinesisStreamName\" : \"streamname\", \"kinesisShardId\" : \"Id\", \"kinesisPartitionKey\" : \"key\", \"kinesisSequenceNumber\" : \"1234\", \"subsequenceNumber\" : \"2334\", \"IngestionTime\" : \"timestamp\" }`", - "title": "MetaDataColumnName", - "type": "string" - }, - "PrivateKey": { - "markdownDescription": "The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", - "title": "PrivateKey", - "type": "string" - }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions", - "markdownDescription": "The time period where Firehose will retry sending data to the chosen HTTP endpoint.", - "title": "RetryOptions" - }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Snowflake role", - "title": "RoleARN", - "type": "string" - }, - "S3BackupMode": { - "markdownDescription": "Choose an S3 backup mode", - "title": "S3BackupMode", - "type": "string" + "Criteria": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.BehaviorCriteria", + "markdownDescription": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n> In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.", + "title": "Criteria" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "", - "title": "S3Configuration" + "ExportMetric": { + "markdownDescription": "Value indicates exporting metrics related to the behavior when it is true.", + "title": "ExportMetric", + "type": "boolean" }, - "Schema": { - "markdownDescription": "Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views", - "title": "Schema", + "Metric": { + "markdownDescription": "What is measured by the behavior.", + "title": "Metric", "type": "string" }, - "SnowflakeRoleConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration", - "markdownDescription": "Optionally configure a Snowflake role. Otherwise the default user role will be used.", - "title": "SnowflakeRoleConfiguration" - }, - "SnowflakeVpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration", - "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", - "title": "SnowflakeVpcConfiguration" + "MetricDimension": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", + "markdownDescription": "The dimension of the metric.", + "title": "MetricDimension" }, - "Table": { - "markdownDescription": "All data in Snowflake is stored in database tables, logically structured as collections of columns and rows.", - "title": "Table", + "Name": { + "markdownDescription": "The name you've given to the behavior.", + "title": "Name", "type": "string" }, - "User": { - "markdownDescription": "User login name for the Snowflake account.", - "title": "User", - "type": "string" + "SuppressAlerts": { + "markdownDescription": "The alert status. If you set the value to `true` , alerts will be suppressed.", + "title": "SuppressAlerts", + "type": "boolean" } }, "required": [ - "AccountUrl", - "Database", - "PrivateKey", - "RoleARN", - "S3Configuration", - "Schema", - "Table", - "User" + "Name" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions": { + "AWS::IoT::SecurityProfile.BehaviorCriteria": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "the time period where Firehose will retry sending data to the chosen HTTP endpoint.", - "title": "DurationInSeconds", + "ComparisonOperator": { + "markdownDescription": "The operator that relates the thing measured ( `metric` ) to the criteria (containing a `value` or `statisticalThreshold` ). Valid operators include:\n\n- `string-list` : `in-set` and `not-in-set`\n- `number-list` : `in-set` and `not-in-set`\n- `ip-address-list` : `in-cidr-set` and `not-in-cidr-set`\n- `number` : `less-than` , `less-than-equals` , `greater-than` , and `greater-than-equals`", + "title": "ComparisonOperator", + "type": "string" + }, + "ConsecutiveDatapointsToAlarm": { + "markdownDescription": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.", + "title": "ConsecutiveDatapointsToAlarm", + "type": "number" + }, + "ConsecutiveDatapointsToClear": { + "markdownDescription": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.", + "title": "ConsecutiveDatapointsToClear", + "type": "number" + }, + "DurationSeconds": { + "markdownDescription": "Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, `NUM_MESSAGES_SENT` ). For a `statisticalThreshhold` metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.", + "title": "DurationSeconds", "type": "number" + }, + "MlDetectionConfig": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MachineLearningDetectionConfig", + "markdownDescription": "The confidence level of the detection model.", + "title": "MlDetectionConfig" + }, + "StatisticalThreshold": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.StatisticalThreshold", + "markdownDescription": "A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.", + "title": "StatisticalThreshold" + }, + "Value": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricValue", + "markdownDescription": "The value to be compared with the `metric` .", + "title": "Value" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration": { + "AWS::IoT::SecurityProfile.MachineLearningDetectionConfig": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enable Snowflake role", - "title": "Enabled", - "type": "boolean" - }, - "SnowflakeRole": { - "markdownDescription": "The Snowflake role you wish to configure", - "title": "SnowflakeRole", + "ConfidenceLevel": { + "markdownDescription": "The model confidence level.\n\nThere are three levels of confidence, `\"high\"` , `\"medium\"` , and `\"low\"` .\n\nThe higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.", + "title": "ConfidenceLevel", "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration": { + "AWS::IoT::SecurityProfile.MetricDimension": { "additionalProperties": false, "properties": { - "PrivateLinkVpceId": { - "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", - "title": "PrivateLinkVpceId", + "DimensionName": { + "markdownDescription": "The name of the dimension.", + "title": "DimensionName", + "type": "string" + }, + "Operator": { + "markdownDescription": "Operators are constructs that perform logical operations. Valid values are `IN` and `NOT_IN` .", + "title": "Operator", "type": "string" } }, "required": [ - "PrivateLinkVpceId" + "DimensionName" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints": { + "AWS::IoT::SecurityProfile.MetricToRetain": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute).", - "title": "IntervalInSeconds", - "type": "number" + "ExportMetric": { + "markdownDescription": "The value indicates exporting metrics related to the `MetricToRetain` when it's true.", + "title": "ExportMetric", + "type": "boolean" }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.", - "title": "SizeInMBs", - "type": "number" + "Metric": { + "markdownDescription": "A standard of measurement.", + "title": "Metric", + "type": "string" + }, + "MetricDimension": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", + "markdownDescription": "The dimension of the metric.", + "title": "MetricDimension" } }, + "required": [ + "Metric" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration": { + "AWS::IoT::SecurityProfile.MetricValue": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for Splunk are used.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "HECAcknowledgmentTimeoutInSeconds": { - "markdownDescription": "The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings.", - "title": "HECAcknowledgmentTimeoutInSeconds", - "type": "number" - }, - "HECEndpoint": { - "markdownDescription": "The HTTP Event Collector (HEC) endpoint to which Firehose sends your data.", - "title": "HECEndpoint", - "type": "string" - }, - "HECEndpointType": { - "markdownDescription": "This type can be either `Raw` or `Event` .", - "title": "HECEndpointType", - "type": "string" + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "If the `comparisonOperator` calls for a set of CIDRs, use this to specify that set to be compared with the `metric` .", + "title": "Cidrs", + "type": "array" }, - "HECToken": { - "markdownDescription": "This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.", - "title": "HECToken", + "Count": { + "markdownDescription": "If the `comparisonOperator` calls for a numeric value, use this to specify that numeric value to be compared with the `metric` .", + "title": "Count", "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration.", - "title": "ProcessingConfiguration" + "Number": { + "markdownDescription": "The numeric values of a metric.", + "title": "Number", + "type": "number" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk.", - "title": "RetryOptions" + "Numbers": { + "items": { + "type": "number" + }, + "markdownDescription": "The numeric value of a metric.", + "title": "Numbers", + "type": "array" }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` .\n\nYou can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` .", - "title": "S3BackupMode", - "type": "string" + "Ports": { + "items": { + "type": "number" + }, + "markdownDescription": "If the `comparisonOperator` calls for a set of ports, use this to specify that set to be compared with the `metric` .", + "title": "Ports", + "type": "array" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for the backup Amazon S3 location.", - "title": "S3Configuration" + "Strings": { + "items": { + "type": "string" + }, + "markdownDescription": "The string values of a metric.", + "title": "Strings", + "type": "array" } }, - "required": [ - "HECEndpoint", - "HECEndpointType", - "HECToken", - "S3Configuration" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions": { + "AWS::IoT::SecurityProfile.MetricsExportConfig": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt.", - "title": "DurationInSeconds", - "type": "number" + "MqttTopic": { + "markdownDescription": "The MQTT topic that Device Defender Detect should publish messages to for metrics export.", + "title": "MqttTopic", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "MqttTopic", + "RoleArn" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.VpcConfiguration": { + "AWS::IoT::SecurityProfile.StatisticalThreshold": { "additionalProperties": false, "properties": { - "RoleARN": { - "markdownDescription": "The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:\n\n- `ec2:DescribeVpcs`\n- `ec2:DescribeVpcAttribute`\n- `ec2:DescribeSubnets`\n- `ec2:DescribeSecurityGroups`\n- `ec2:DescribeNetworkInterfaces`\n- `ec2:CreateNetworkInterface`\n- `ec2:CreateNetworkInterfacePermission`\n- `ec2:DeleteNetworkInterface`\n\nIf you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.", - "title": "RoleARN", + "Statistic": { + "markdownDescription": "The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( `durationSeconds` ) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( `comparisonOperator` ) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.", + "title": "Statistic", "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.\n\nThe number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here.", - "title": "SubnetIds", - "type": "array" } }, - "required": [ - "RoleARN", - "SecurityGroupIds", - "SubnetIds" - ], "type": "object" }, - "AWS::KinesisVideo::SignalingChannel": { + "AWS::IoT::SoftwarePackage": { "additionalProperties": false, "properties": { "Condition": { @@ -140576,35 +148130,30 @@ "Properties": { "additionalProperties": false, "properties": { - "MessageTtlSeconds": { - "markdownDescription": "The period of time (in seconds) a signaling channel retains undelivered messages before they are discarded. Use `API_UpdateSignalingChannel` to update this value.", - "title": "MessageTtlSeconds", - "type": "number" + "Description": { + "markdownDescription": "A summary of the package being created. This can be used to outline the package's contents or purpose.", + "title": "Description", + "type": "string" }, - "Name": { - "markdownDescription": "A name for the signaling channel that you are creating. It must be unique for each AWS account and AWS Region .", - "title": "Name", + "PackageName": { + "markdownDescription": "The name of the new software package.", + "title": "PackageName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata that can be used to manage the package.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "A type of the signaling channel that you are creating. Currently, `SINGLE_MASTER` is the only supported channel type.", - "title": "Type", - "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::KinesisVideo::SignalingChannel" + "AWS::IoT::SoftwarePackage" ], "type": "string" }, @@ -140622,7 +148171,7 @@ ], "type": "object" }, - "AWS::KinesisVideo::Stream": { + "AWS::IoT::SoftwarePackageVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -140657,45 +148206,64 @@ "Properties": { "additionalProperties": false, "properties": { - "DataRetentionInHours": { - "markdownDescription": "How long the stream retains data, in hours.", - "title": "DataRetentionInHours", - "type": "number" + "Artifact": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.PackageVersionArtifact", + "markdownDescription": "", + "title": "Artifact" }, - "DeviceName": { - "markdownDescription": "The name of the device that is associated with the stream.", - "title": "DeviceName", - "type": "string" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "Metadata that can be used to define a package version\u2019s configuration. For example, the S3 file location, configuration options that are being sent to the device or fleet.\n\nThe combined size of all the attributes on a package version is limited to 3KB.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key that Kinesis Video Streams uses to encrypt data on the stream.", - "title": "KmsKeyId", + "Description": { + "markdownDescription": "A summary of the package version being created. This can be used to outline the package's contents or purpose.", + "title": "Description", "type": "string" }, - "MediaType": { - "markdownDescription": "The `MediaType` of the stream.", - "title": "MediaType", + "PackageName": { + "markdownDescription": "The name of the associated software package.", + "title": "PackageName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the stream.", - "title": "Name", + "Recipe": { + "markdownDescription": "", + "title": "Recipe", "type": "string" }, + "Sbom": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.Sbom", + "markdownDescription": "", + "title": "Sbom" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Metadata that can be used to manage the package version.", "title": "Tags", "type": "array" + }, + "VersionName": { + "markdownDescription": "The name of the new package version.", + "title": "VersionName", + "type": "string" } }, + "required": [ + "PackageName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisVideo::Stream" + "AWS::IoT::SoftwarePackageVersion" ], "type": "string" }, @@ -140709,11 +148277,66 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::LakeFormation::DataCellsFilter": { + "AWS::IoT::SoftwarePackageVersion.PackageVersionArtifact": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.S3Location", + "markdownDescription": "", + "title": "S3Location" + } + }, + "required": [ + "S3Location" + ], + "type": "object" + }, + "AWS::IoT::SoftwarePackageVersion.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key", + "Version" + ], + "type": "object" + }, + "AWS::IoT::SoftwarePackageVersion.Sbom": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.S3Location", + "markdownDescription": "", + "title": "S3Location" + } + }, + "required": [ + "S3Location" + ], + "type": "object" + }, + "AWS::IoT::Thing": { "additionalProperties": false, "properties": { "Condition": { @@ -140748,56 +148371,22 @@ "Properties": { "additionalProperties": false, "properties": { - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of UTF-8 strings. A list of column names.", - "title": "ColumnNames", - "type": "array" - }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.ColumnWildcard", - "markdownDescription": "A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .", - "title": "ColumnWildcard" - }, - "DatabaseName": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA database in the Data Catalog .", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe name given by the user to the data filter cell.", - "title": "Name", - "type": "string" - }, - "RowFilter": { - "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.RowFilter", - "markdownDescription": "A PartiQL predicate.", - "title": "RowFilter" - }, - "TableCatalogId": { - "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe ID of the catalog to which the table belongs.", - "title": "TableCatalogId", - "type": "string" + "AttributePayload": { + "$ref": "#/definitions/AWS::IoT::Thing.AttributePayload", + "markdownDescription": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed.", + "title": "AttributePayload" }, - "TableName": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA table in the database.", - "title": "TableName", + "ThingName": { + "markdownDescription": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.", + "title": "ThingName", "type": "string" } }, - "required": [ - "DatabaseName", - "Name", - "TableCatalogId", - "TableName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::DataCellsFilter" + "AWS::IoT::Thing" ], "type": "string" }, @@ -140811,42 +148400,28 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { + "AWS::IoT::Thing.AttributePayload": { "additionalProperties": false, "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::DataCellsFilter.RowFilter": { - "additionalProperties": false, - "properties": { - "AllRowsWildcard": { - "markdownDescription": "A wildcard for all rows.", - "title": "AllRowsWildcard", + "title": "Attributes", "type": "object" - }, - "FilterExpression": { - "markdownDescription": "A filter expression.", - "title": "FilterExpression", - "type": "string" } }, "type": "object" }, - "AWS::LakeFormation::DataLakeSettings": { + "AWS::IoT::ThingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -140881,68 +148456,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Admins": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.Admins", - "markdownDescription": "A list of AWS Lake Formation principals.", - "title": "Admins" - }, - "AllowExternalDataFiltering": { - "markdownDescription": "Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation .\n\nIf set to true, you allow Amazon EMR clusters or other third-party engines to access data in Amazon S3 locations that are registered with Lake Formation .\n\nIf false or null, no third-party query engines will be able to access data in Amazon S3 locations that are registered with Lake Formation.\n\nFor more information, see [External data filtering setting](https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter) .", - "title": "AllowExternalDataFiltering", - "type": "boolean" + "ParentGroupName": { + "markdownDescription": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined.", + "title": "ParentGroupName", + "type": "string" }, - "AllowFullTableExternalDataAccess": { - "markdownDescription": "Specifies whether query engines and applications can get credentials without IAM session tags if the user has full table access. It provides query engines and applications performance benefits as well as simplifies data access. Amazon EMR on Amazon EC2 is able to leverage this setting.\n\nFor more information, see [](https://docs.aws.amazon.com/lake-formation/latest/dg/using-cred-vending.html)", - "title": "AllowFullTableExternalDataAccess", - "type": "boolean" + "QueryString": { + "markdownDescription": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` .", + "title": "QueryString", + "type": "string" }, - "AuthorizedSessionTagValueList": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = \"LakeFormationTrustedCaller\" and value = \"TRUE\" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation 's administrative API operations.", - "title": "AuthorizedSessionTagValueList", + "markdownDescription": "Metadata which can be used to manage the thing group or dynamic thing group.", + "title": "Tags", "type": "array" }, - "CreateDatabaseDefaultPermissions": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions", - "markdownDescription": "Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicates that the user's IAM permissions determine the access to the database. This is referred to as the setting \"Use only IAM access control,\" and is to support backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", - "title": "CreateDatabaseDefaultPermissions" - }, - "CreateTableDefaultPermissions": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions", - "markdownDescription": "Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicate that the user's IAM permissions determine the access to the table. This is referred to as the setting \"Use only IAM access control,\" and is to support the backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` permissions to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", - "title": "CreateTableDefaultPermissions" - }, - "ExternalDataFilteringAllowList": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList", - "markdownDescription": "A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering.", - "title": "ExternalDataFilteringAllowList" - }, - "MutationType": { - "markdownDescription": "Specifies whether the data lake settings are updated by adding new values to the current settings ( `APPEND` ) or by replacing the current settings with new settings ( `REPLACE` ).\n\n> If you choose `REPLACE` , your current data lake settings will be replaced with the new values in your template.", - "title": "MutationType", + "ThingGroupName": { + "markdownDescription": "The thing group name.", + "title": "ThingGroupName", "type": "string" }, - "Parameters": { - "markdownDescription": "A key-value map that provides an additional configuration on your data lake. `CrossAccountVersion` is the key you can configure in the `Parameters` field. Accepted values for the `CrossAccountVersion` key are 1, 2, 3, and 4.", - "title": "Parameters", - "type": "object" - }, - "TrustedResourceOwners": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of UTF-8 strings.\n\nA list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.", - "title": "TrustedResourceOwners", - "type": "array" + "ThingGroupProperties": { + "$ref": "#/definitions/AWS::IoT::ThingGroup.ThingGroupProperties", + "markdownDescription": "Thing group properties.", + "title": "ThingGroupProperties" } }, "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::DataLakeSettings" + "AWS::IoT::ThingGroup" ], "type": "string" }, @@ -140960,64 +148507,40 @@ ], "type": "object" }, - "AWS::LakeFormation::DataLakeSettings.Admins": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.DataLakePrincipal": { + "AWS::IoT::ThingGroup.AttributePayload": { "additionalProperties": false, "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" } }, - "required": [ - "DataLakePrincipalIdentifier" - ], - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList": { - "additionalProperties": false, - "properties": {}, "type": "object" }, - "AWS::LakeFormation::DataLakeSettings.PrincipalPermissions": { + "AWS::IoT::ThingGroup.ThingGroupProperties": { "additionalProperties": false, "properties": { - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions that are granted to the principal.", - "title": "Permissions", - "type": "array" + "AttributePayload": { + "$ref": "#/definitions/AWS::IoT::ThingGroup.AttributePayload", + "markdownDescription": "The thing group attributes in JSON format.", + "title": "AttributePayload" }, - "Principal": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.DataLakePrincipal", - "markdownDescription": "The principal who is granted permissions.", - "title": "Principal" + "ThingGroupDescription": { + "markdownDescription": "The thing group description.", + "title": "ThingGroupDescription", + "type": "string" } }, - "required": [ - "Permissions", - "Principal" - ], "type": "object" }, - "AWS::LakeFormation::Permissions": { + "AWS::IoT::ThingPrincipalAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -141052,42 +148575,31 @@ "Properties": { "additionalProperties": false, "properties": { - "DataLakePrincipal": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLakePrincipal", - "markdownDescription": "The AWS Lake Formation principal.", - "title": "DataLakePrincipal" - }, - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions granted or revoked.", - "title": "Permissions", - "type": "array" + "Principal": { + "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", + "title": "Principal", + "type": "string" }, - "PermissionsWithGrantOption": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", - "title": "PermissionsWithGrantOption", - "type": "array" + "ThingName": { + "markdownDescription": "The name of the AWS IoT thing.", + "title": "ThingName", + "type": "string" }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.Resource", - "markdownDescription": "A structure for the resource.", - "title": "Resource" + "ThingPrincipalType": { + "markdownDescription": "", + "title": "ThingPrincipalType", + "type": "string" } }, "required": [ - "DataLakePrincipal", - "Resource" + "Principal", + "ThingName" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::Permissions" + "AWS::IoT::ThingPrincipalAttachment" ], "type": "string" }, @@ -141106,155 +148618,150 @@ ], "type": "object" }, - "AWS::LakeFormation::Permissions.ColumnWildcard": { - "additionalProperties": false, - "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.DataLakePrincipal": { - "additionalProperties": false, - "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.DataLocationResource": { + "AWS::IoT::ThingType": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "Condition": { "type": "string" }, - "S3Resource": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", - "title": "S3Resource", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::Permissions.DatabaseResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeprecateThingType": { + "markdownDescription": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action.", + "title": "DeprecateThingType", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the thing type.", + "title": "Tags", + "type": "array" + }, + "ThingTypeName": { + "markdownDescription": "The name of the thing type.", + "title": "ThingTypeName", + "type": "string" + }, + "ThingTypeProperties": { + "$ref": "#/definitions/AWS::IoT::ThingType.ThingTypeProperties", + "markdownDescription": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, a list of searchable thing attribute names, and a list of propagating attributes. After a thing type is created, you can only update `Mqtt5Configuration` .", + "title": "ThingTypeProperties" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::ThingType" + ], "type": "string" }, - "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", - "title": "Name", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::LakeFormation::Permissions.Resource": { + "AWS::IoT::ThingType.Mqtt5Configuration": { "additionalProperties": false, "properties": { - "DataLocationResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLocationResource", - "markdownDescription": "A structure for a data location object where permissions are granted or revoked.", - "title": "DataLocationResource" - }, - "DatabaseResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DatabaseResource", - "markdownDescription": "A structure for the database object.", - "title": "DatabaseResource" - }, - "TableResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableResource", - "markdownDescription": "A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "TableResource" - }, - "TableWithColumnsResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWithColumnsResource", - "markdownDescription": "A structure for a table with columns object. This object is only used when granting a SELECT permission.", - "title": "TableWithColumnsResource" + "PropagatingAttributes": { + "items": { + "$ref": "#/definitions/AWS::IoT::ThingType.PropagatingAttribute" + }, + "markdownDescription": "An object that represents the connection attribute, the thing attribute, and the MQTT 5 user property key.", + "title": "PropagatingAttributes", + "type": "array" } }, "type": "object" }, - "AWS::LakeFormation::Permissions.TableResource": { + "AWS::IoT::ThingType.PropagatingAttribute": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "ConnectionAttribute": { + "markdownDescription": "The attribute associated with the connection details.", + "title": "ConnectionAttribute", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "ThingAttribute": { + "markdownDescription": "The thing attribute that is propagating for MQTT 5 message enrichment.", + "title": "ThingAttribute", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", + "UserPropertyKey": { + "markdownDescription": "The key of the MQTT 5 user property, which is a key-value pair.", + "title": "UserPropertyKey", "type": "string" - }, - "TableWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWildcard", - "markdownDescription": "An empty object representing all tables under a database. If this field is specified instead of the `Name` field, all tables under `DatabaseName` will have permission changes applied.", - "title": "TableWildcard" } }, + "required": [ + "UserPropertyKey" + ], "type": "object" }, - "AWS::LakeFormation::Permissions.TableWildcard": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::Permissions.TableWithColumnsResource": { + "AWS::IoT::ThingType.ThingTypeProperties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" + "Mqtt5Configuration": { + "$ref": "#/definitions/AWS::IoT::ThingType.Mqtt5Configuration", + "markdownDescription": "The configuration to add user-defined properties to enrich MQTT 5 messages.", + "title": "Mqtt5Configuration" }, - "ColumnNames": { + "SearchableAttributes": { "items": { "type": "string" }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", + "markdownDescription": "A list of searchable thing attribute names.", + "title": "SearchableAttributes", "type": "array" }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.ColumnWildcard", - "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnWildcard" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", + "ThingTypeDescription": { + "markdownDescription": "The description of the thing type.", + "title": "ThingTypeDescription", "type": "string" } }, "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions": { + "AWS::IoT::TopicRule": { "additionalProperties": false, "properties": { "Condition": { @@ -141289,49 +148796,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", - "title": "Catalog", + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", "type": "string" }, - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions granted or revoked.", - "title": "Permissions", - "type": "array" - }, - "PermissionsWithGrantOption": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", - "title": "PermissionsWithGrantOption", + "markdownDescription": "Metadata which can be used to manage the topic rule.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "title": "Tags", "type": "array" }, - "Principal": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal", - "markdownDescription": "The principal to be granted a permission.", - "title": "Principal" - }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.Resource", - "markdownDescription": "The resource to be granted or revoked permissions.", - "title": "Resource" + "TopicRulePayload": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TopicRulePayload", + "markdownDescription": "The rule payload.", + "title": "TopicRulePayload" } }, "required": [ - "Permissions", - "PermissionsWithGrantOption", - "Principal", - "Resource" + "TopicRulePayload" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::PrincipalPermissions" + "AWS::IoT::TopicRule" ], "type": "string" }, @@ -141350,826 +148841,1176 @@ ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.ColumnWildcard": { + "AWS::IoT::TopicRule.Action": { "additionalProperties": false, "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" + "CloudwatchAlarm": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchAlarmAction", + "markdownDescription": "Change the state of a CloudWatch alarm.", + "title": "CloudwatchAlarm" + }, + "CloudwatchLogs": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchLogsAction", + "markdownDescription": "Sends data to CloudWatch.", + "title": "CloudwatchLogs" + }, + "CloudwatchMetric": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchMetricAction", + "markdownDescription": "Capture a CloudWatch metric.", + "title": "CloudwatchMetric" + }, + "DynamoDB": { + "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBAction", + "markdownDescription": "Write to a DynamoDB table.", + "title": "DynamoDB" + }, + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBv2Action", + "markdownDescription": "Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.", + "title": "DynamoDBv2" + }, + "Elasticsearch": { + "$ref": "#/definitions/AWS::IoT::TopicRule.ElasticsearchAction", + "markdownDescription": "Write data to an Amazon OpenSearch Service domain.\n\n> The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) .", + "title": "Elasticsearch" + }, + "Firehose": { + "$ref": "#/definitions/AWS::IoT::TopicRule.FirehoseAction", + "markdownDescription": "Write to an Amazon Kinesis Firehose stream.", + "title": "Firehose" + }, + "Http": { + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAction", + "markdownDescription": "Send data to an HTTPS endpoint.", + "title": "Http" + }, + "IotAnalytics": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotAnalyticsAction", + "markdownDescription": "Sends message data to an AWS IoT Analytics channel.", + "title": "IotAnalytics" + }, + "IotEvents": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotEventsAction", + "markdownDescription": "Sends an input to an AWS IoT Events detector.", + "title": "IotEvents" + }, + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotSiteWiseAction", + "markdownDescription": "Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties.", + "title": "IotSiteWise" + }, + "Kafka": { + "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaAction", + "markdownDescription": "Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster.", + "title": "Kafka" + }, + "Kinesis": { + "$ref": "#/definitions/AWS::IoT::TopicRule.KinesisAction", + "markdownDescription": "Write data to an Amazon Kinesis stream.", + "title": "Kinesis" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoT::TopicRule.LambdaAction", + "markdownDescription": "Invoke a Lambda function.", + "title": "Lambda" + }, + "Location": { + "$ref": "#/definitions/AWS::IoT::TopicRule.LocationAction", + "markdownDescription": "Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) .", + "title": "Location" + }, + "OpenSearch": { + "$ref": "#/definitions/AWS::IoT::TopicRule.OpenSearchAction", + "markdownDescription": "Write data to an Amazon OpenSearch Service domain.", + "title": "OpenSearch" + }, + "Republish": { + "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishAction", + "markdownDescription": "Publish to another MQTT topic.", + "title": "Republish" + }, + "S3": { + "$ref": "#/definitions/AWS::IoT::TopicRule.S3Action", + "markdownDescription": "Write to an Amazon S3 bucket.", + "title": "S3" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SnsAction", + "markdownDescription": "Publish to an Amazon SNS topic.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SqsAction", + "markdownDescription": "Publish to an Amazon SQS queue.", + "title": "Sqs" + }, + "StepFunctions": { + "$ref": "#/definitions/AWS::IoT::TopicRule.StepFunctionsAction", + "markdownDescription": "Starts execution of a Step Functions state machine.", + "title": "StepFunctions" + }, + "Timestream": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamAction", + "markdownDescription": "Writes attributes from an MQTT message.", + "title": "Timestream" } }, "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource": { + "AWS::IoT::TopicRule.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "A database in the Data Catalog .", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name given by the user to the data filter cell.", - "title": "Name", - "type": "string" - }, - "TableCatalogId": { - "markdownDescription": "The ID of the catalog to which the table belongs.", - "title": "TableCatalogId", + "OffsetInNanos": { + "markdownDescription": "Optional. A string that contains the nanosecond time offset. Accepts substitution templates.", + "title": "OffsetInNanos", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table.", - "title": "TableName", + "TimeInSeconds": { + "markdownDescription": "A string that contains the time in seconds since epoch. Accepts substitution templates.", + "title": "TimeInSeconds", "type": "string" } }, "required": [ - "DatabaseName", - "Name", - "TableCatalogId", - "TableName" + "TimeInSeconds" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal": { + "AWS::IoT::TopicRule.AssetPropertyValue": { "additionalProperties": false, "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the AWS Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", + "Quality": { + "markdownDescription": "Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` .", + "title": "Quality", "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyTimestamp", + "markdownDescription": "The asset property value timestamp.", + "title": "Timestamp" + }, + "Value": { + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyVariant", + "markdownDescription": "The value of the asset property.", + "title": "Value" } }, + "required": [ + "Timestamp", + "Value" + ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.DataLocationResource": { + "AWS::IoT::TopicRule.AssetPropertyVariant": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", - "title": "CatalogId", + "BooleanValue": { + "markdownDescription": "Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates.", + "title": "BooleanValue", "type": "string" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", - "title": "ResourceArn", + "DoubleValue": { + "markdownDescription": "Optional. A string that contains the double value of the value entry. Accepts substitution templates.", + "title": "DoubleValue", + "type": "string" + }, + "IntegerValue": { + "markdownDescription": "Optional. A string that contains the integer value of the value entry. Accepts substitution templates.", + "title": "IntegerValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "Optional. The string value of the value entry. Accepts substitution templates.", + "title": "StringValue", "type": "string" } }, - "required": [ - "CatalogId", - "ResourceArn" - ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.DatabaseResource": { + "AWS::IoT::TopicRule.CloudwatchAlarmAction": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", - "title": "CatalogId", + "AlarmName": { + "markdownDescription": "The CloudWatch alarm name.", + "title": "AlarmName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", - "title": "Name", + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch alarm.", + "title": "RoleArn", + "type": "string" + }, + "StateReason": { + "markdownDescription": "The reason for the alarm change.", + "title": "StateReason", + "type": "string" + }, + "StateValue": { + "markdownDescription": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.", + "title": "StateValue", "type": "string" } }, "required": [ - "CatalogId", - "Name" + "AlarmName", + "RoleArn", + "StateReason", + "StateValue" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.LFTag": { + "AWS::IoT::TopicRule.CloudwatchLogsAction": { "additionalProperties": false, "properties": { - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", + "BatchMode": { + "markdownDescription": "Indicates whether batches of log records will be extracted and uploaded into CloudWatch.", + "title": "BatchMode", + "type": "boolean" + }, + "LogGroupName": { + "markdownDescription": "The CloudWatch log name.", + "title": "LogGroupName", "type": "string" }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch log.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "LogGroupName", + "RoleArn" + ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource": { + "AWS::IoT::TopicRule.CloudwatchMetricAction": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with Data Catalog .", - "title": "CatalogId", + "MetricName": { + "markdownDescription": "The CloudWatch metric name.", + "title": "MetricName", "type": "string" }, - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", + "MetricNamespace": { + "markdownDescription": "The CloudWatch metric namespace name.", + "title": "MetricNamespace", "type": "string" }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values for the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" + "MetricTimestamp": { + "markdownDescription": "An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) .", + "title": "MetricTimestamp", + "type": "string" + }, + "MetricUnit": { + "markdownDescription": "The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch.", + "title": "MetricUnit", + "type": "string" + }, + "MetricValue": { + "markdownDescription": "The CloudWatch metric value.", + "title": "MetricValue", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch metric.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "CatalogId", - "TagKey", - "TagValues" + "MetricName", + "MetricNamespace", + "MetricUnit", + "MetricValue", + "RoleArn" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource": { + "AWS::IoT::TopicRule.DynamoDBAction": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "CatalogId", + "HashKeyField": { + "markdownDescription": "The hash key name.", + "title": "HashKeyField", "type": "string" }, - "Expression": { - "items": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTag" - }, - "markdownDescription": "A list of LF-tag conditions that apply to the resource's LF-tag policy.", - "title": "Expression", - "type": "array" + "HashKeyType": { + "markdownDescription": "The hash key type. Valid values are \"STRING\" or \"NUMBER\"", + "title": "HashKeyType", + "type": "string" }, - "ResourceType": { - "markdownDescription": "The resource type for which the LF-tag policy applies.", - "title": "ResourceType", + "HashKeyValue": { + "markdownDescription": "The hash key value.", + "title": "HashKeyValue", + "type": "string" + }, + "PayloadField": { + "markdownDescription": "The action payload. This name can be customized.", + "title": "PayloadField", + "type": "string" + }, + "RangeKeyField": { + "markdownDescription": "The range key name.", + "title": "RangeKeyField", + "type": "string" + }, + "RangeKeyType": { + "markdownDescription": "The range key type. Valid values are \"STRING\" or \"NUMBER\"", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The range key value.", + "title": "RangeKeyValue", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", + "title": "RoleArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", "type": "string" } }, "required": [ - "CatalogId", - "Expression", - "ResourceType" + "HashKeyField", + "HashKeyValue", + "RoleArn", + "TableName" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.Resource": { + "AWS::IoT::TopicRule.DynamoDBv2Action": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "Catalog", - "type": "object" - }, - "DataCellsFilter": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource", - "markdownDescription": "A data cell filter.", - "title": "DataCellsFilter" - }, - "DataLocation": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLocationResource", - "markdownDescription": "The location of an Amazon S3 path where permissions are granted or revoked.", - "title": "DataLocation" - }, - "Database": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DatabaseResource", - "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", - "title": "Database" - }, - "LFTag": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource", - "markdownDescription": "The LF-tag key and values attached to a resource.", - "title": "LFTag" - }, - "LFTagPolicy": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource", - "markdownDescription": "A list of LF-tag conditions that define a resource's LF-tag policy.", - "title": "LFTagPolicy" - }, - "Table": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableResource", - "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Table" + "PutItem": { + "$ref": "#/definitions/AWS::IoT::TopicRule.PutItemInput", + "markdownDescription": "Specifies the DynamoDB table to which the message data will be written. For example:\n\n`{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }`\n\nEach attribute in the message payload will be written to a separate column in the DynamoDB database.", + "title": "PutItem" }, - "TableWithColumns": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource", - "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", - "title": "TableWithColumns" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", + "title": "RoleArn", + "type": "string" } }, "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.TableResource": { + "AWS::IoT::TopicRule.ElasticsearchAction": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", - "title": "CatalogId", + "Endpoint": { + "markdownDescription": "The endpoint of your OpenSearch domain.", + "title": "Endpoint", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "Id": { + "markdownDescription": "The unique identifier for the document you are storing.", + "title": "Id", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", + "Index": { + "markdownDescription": "The index where you want to store your data.", + "title": "Index", "type": "string" }, - "TableWildcard": { - "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", - "title": "TableWildcard", - "type": "object" + "RoleArn": { + "markdownDescription": "The IAM role ARN that has access to OpenSearch.", + "title": "RoleArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of document you are storing.", + "title": "Type", + "type": "string" } }, "required": [ - "CatalogId", - "DatabaseName" + "Endpoint", + "Id", + "Index", + "RoleArn", + "Type" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource": { + "AWS::IoT::TopicRule.FirehoseAction": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", - "title": "CatalogId", - "type": "string" - }, - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", - "type": "array" + "BatchMode": { + "markdownDescription": "Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` .\n\nWhen `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records.", + "title": "BatchMode", + "type": "boolean" }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.ColumnWildcard", - "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnWildcard" + "DeliveryStreamName": { + "markdownDescription": "The delivery stream name.", + "title": "DeliveryStreamName", + "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "RoleArn": { + "markdownDescription": "The IAM role that grants access to the Amazon Kinesis Firehose stream.", + "title": "RoleArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", + "Separator": { + "markdownDescription": "A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", "type": "string" } }, "required": [ - "CatalogId", - "DatabaseName", - "Name" + "DeliveryStreamName", + "RoleArn" ], "type": "object" }, - "AWS::LakeFormation::Resource": { + "AWS::IoT::TopicRule.HttpAction": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Auth": { + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAuthorization", + "markdownDescription": "The authentication method to use when sending data to an HTTPS endpoint.", + "title": "Auth" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ConfirmationUrl": { + "markdownDescription": "The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL.", + "title": "ConfirmationUrl", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "HybridAccessEnabled": { - "markdownDescription": "Indicates whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.", - "title": "HybridAccessEnabled", - "type": "boolean" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "ResourceArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role that registered a resource.", - "title": "RoleArn", - "type": "string" - }, - "UseServiceLinkedRole": { - "markdownDescription": "Designates a trusted caller, an IAM principal, by registering this caller with the Data Catalog .", - "title": "UseServiceLinkedRole", - "type": "boolean" - }, - "WithFederation": { - "markdownDescription": "Allows Lake Formation to assume a role to access tables in a federated database.", - "title": "WithFederation", - "type": "boolean" - } + "Headers": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpActionHeader" }, - "required": [ - "ResourceArn", - "UseServiceLinkedRole" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::LakeFormation::Resource" - ], - "type": "string" + "markdownDescription": "The HTTP headers to send with the message data.", + "title": "Headers", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Url": { + "markdownDescription": "The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible.", + "title": "Url", "type": "string" } }, "required": [ - "Type", - "Properties" + "Url" ], "type": "object" }, - "AWS::LakeFormation::Tag": { + "AWS::IoT::TopicRule.HttpActionHeader": { "additionalProperties": false, "properties": { - "Condition": { + "Key": { + "markdownDescription": "The HTTP header key.", + "title": "Key", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The HTTP header value. Substitution templates are supported.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.HttpAuthorization": { + "additionalProperties": false, + "properties": { + "Sigv4": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SigV4Authorization", + "markdownDescription": "Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) .", + "title": "Sigv4" + } + }, + "type": "object" + }, + "AWS::IoT::TopicRule.IotAnalyticsAction": { + "additionalProperties": false, + "properties": { + "BatchMode": { + "markdownDescription": "Whether to process the action as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages.", + "title": "BatchMode", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "CatalogId", - "type": "string" - }, - "TagKey": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe key-name for the LF-tag.", - "title": "TagKey", - "type": "string" - }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of UTF-8 strings, not less than 1 or more than 50 strings.\n\nA list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" - } - }, - "required": [ - "TagKey", - "TagValues" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::LakeFormation::Tag" - ], + "ChannelName": { + "markdownDescription": "The name of the IoT Analytics channel to which message data will be sent.", + "title": "ChannelName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).", + "title": "RoleArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ChannelName", + "RoleArn" ], "type": "object" }, - "AWS::LakeFormation::TagAssociation": { + "AWS::IoT::TopicRule.IotEventsAction": { "additionalProperties": false, "properties": { - "Condition": { + "BatchMode": { + "markdownDescription": "Whether to process the event actions as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` , you can't specify a `messageId` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages.", + "title": "BatchMode", + "type": "boolean" + }, + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input.", + "title": "InputName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MessageId": { + "markdownDescription": "The ID of the message. The default `messageId` is a new UUID value.\n\nWhen `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned.\n\nAssign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector.", + "title": "MessageId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "InputName", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.IotSiteWiseAction": { + "additionalProperties": false, + "properties": { + "PutAssetPropertyValueEntries": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.PutAssetPropertyValueEntry" + }, + "markdownDescription": "A list of asset property value entries.", + "title": "PutAssetPropertyValueEntries", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"` ). The trust policy can restrict access to specific asset hierarchy paths.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "PutAssetPropertyValueEntries", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.KafkaAction": { + "additionalProperties": false, + "properties": { + "ClientProperties": { + "additionalProperties": true, + "markdownDescription": "Properties of the Apache Kafka producer client.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "ClientProperties", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "LFTags": { - "items": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.LFTagPair" - }, - "markdownDescription": "A structure containing an LF-tag key-value pair.", - "title": "LFTags", - "type": "array" - }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.Resource", - "markdownDescription": "UTF-8 string (valid values: `DATABASE | TABLE` ).\n\nThe resource for which the LF-tag policy applies.", - "title": "Resource" - } + "DestinationArn": { + "markdownDescription": "The ARN of Kafka action's VPC `TopicRuleDestination` .", + "title": "DestinationArn", + "type": "string" + }, + "Headers": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaActionHeader" }, - "required": [ - "LFTags", - "Resource" - ], - "type": "object" + "markdownDescription": "The list of Kafka headers that you specify.", + "title": "Headers", + "type": "array" }, - "Type": { - "enum": [ - "AWS::LakeFormation::TagAssociation" - ], + "Key": { + "markdownDescription": "The Kafka message key.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Partition": { + "markdownDescription": "The Kafka message partition.", + "title": "Partition", + "type": "string" + }, + "Topic": { + "markdownDescription": "The Kafka topic for messages to be sent to the Kafka broker.", + "title": "Topic", "type": "string" } }, "required": [ - "Type", - "Properties" + "ClientProperties", + "DestinationArn", + "Topic" ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.DatabaseResource": { + "AWS::IoT::TopicRule.KafkaActionHeader": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it should be the account ID of the caller.", - "title": "CatalogId", + "Key": { + "markdownDescription": "The key of the Kafka header.", + "title": "Key", "type": "string" }, - "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", - "title": "Name", + "Value": { + "markdownDescription": "The value of the Kafka header.", + "title": "Value", "type": "string" } }, "required": [ - "CatalogId", - "Name" + "Key", + "Value" ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.LFTagPair": { + "AWS::IoT::TopicRule.KinesisAction": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "PartitionKey": { + "markdownDescription": "The partition key.", + "title": "PartitionKey", "type": "string" }, - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.", + "title": "RoleArn", "type": "string" }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" + "StreamName": { + "markdownDescription": "The name of the Amazon Kinesis stream.", + "title": "StreamName", + "type": "string" } }, "required": [ - "CatalogId", - "TagKey", - "TagValues" + "RoleArn", + "StreamName" ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.Resource": { + "AWS::IoT::TopicRule.LambdaAction": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "Catalog", - "type": "object" + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "FunctionArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::TopicRule.LocationAction": { + "additionalProperties": false, + "properties": { + "DeviceId": { + "markdownDescription": "The unique ID of the device providing the location data.", + "title": "DeviceId", + "type": "string" }, - "Database": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.DatabaseResource", - "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", - "title": "Database" + "Latitude": { + "markdownDescription": "A string that evaluates to a double value that represents the latitude of the device's location.", + "title": "Latitude", + "type": "string" }, - "Table": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableResource", - "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Table" + "Longitude": { + "markdownDescription": "A string that evaluates to a double value that represents the longitude of the device's location.", + "title": "Longitude", + "type": "string" }, - "TableWithColumns": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableWithColumnsResource", - "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", - "title": "TableWithColumns" + "RoleArn": { + "markdownDescription": "The IAM role that grants permission to write to the Amazon Location resource.", + "title": "RoleArn", + "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Timestamp", + "markdownDescription": "The time that the location data was sampled. The default value is the time the MQTT message was processed.", + "title": "Timestamp" + }, + "TrackerName": { + "markdownDescription": "The name of the tracker resource in Amazon Location in which the location is updated.", + "title": "TrackerName", + "type": "string" } }, + "required": [ + "DeviceId", + "Latitude", + "Longitude", + "RoleArn", + "TrackerName" + ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.TableResource": { + "AWS::IoT::TopicRule.OpenSearchAction": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "Endpoint": { + "markdownDescription": "The endpoint of your OpenSearch domain.", + "title": "Endpoint", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "Id": { + "markdownDescription": "The unique identifier for the document you are storing.", + "title": "Id", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", + "Index": { + "markdownDescription": "The OpenSearch index where you want to store your data.", + "title": "Index", "type": "string" }, - "TableWildcard": { - "markdownDescription": "A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", - "title": "TableWildcard", - "type": "object" + "RoleArn": { + "markdownDescription": "The IAM role ARN that has access to OpenSearch.", + "title": "RoleArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of document you are storing.", + "title": "Type", + "type": "string" } }, "required": [ - "CatalogId", - "DatabaseName" + "Endpoint", + "Id", + "Index", + "RoleArn", + "Type" ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.TableWithColumnsResource": { + "AWS::IoT::TopicRule.PutAssetPropertyValueEntry": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of TableResource$Name or TableResource$TableWildcard is required.", - "title": "CatalogId", + "AssetId": { + "markdownDescription": "The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "AssetId", "type": "string" }, - "ColumnNames": { + "EntryId": { + "markdownDescription": "Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID.", + "title": "EntryId", + "type": "string" + }, + "PropertyAlias": { + "markdownDescription": "The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "PropertyAlias", + "type": "string" + }, + "PropertyId": { + "markdownDescription": "The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "PropertyId", + "type": "string" + }, + "PropertyValues": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyValue" }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", + "markdownDescription": "A list of property values to insert that each contain timestamp, quality, and value (TQV) information.", + "title": "PropertyValues", "type": "array" + } + }, + "required": [ + "PropertyValues" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.PutItemInput": { + "additionalProperties": false, + "properties": { + "TableName": { + "markdownDescription": "The table where the message data will be written.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "TableName" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.RepublishAction": { + "additionalProperties": false, + "properties": { + "Headers": { + "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishActionHeaders", + "markdownDescription": "MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide.", + "title": "Headers" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "Qos": { + "markdownDescription": "The Quality of Service (QoS) level to use when republishing messages. The default value is 0.", + "title": "Qos", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", + "Topic": { + "markdownDescription": "The name of the MQTT topic.", + "title": "Topic", "type": "string" } }, "required": [ - "CatalogId", - "ColumnNames", - "DatabaseName", - "Name" + "RoleArn", + "Topic" ], "type": "object" }, - "AWS::Lambda::Alias": { + "AWS::IoT::TopicRule.RepublishActionHeaders": { "additionalProperties": false, "properties": { - "Condition": { + "ContentType": { + "markdownDescription": "A UTF-8 encoded string that describes the content of the publishing message.\n\nFor more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "ContentType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CorrelationData": { + "markdownDescription": "The base64-encoded binary data used by the sender of the request message to identify which request the response message is for.\n\nFor more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .\n\n> This binary data must be base64-encoded.", + "title": "CorrelationData", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MessageExpiry": { + "markdownDescription": "A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "MessageExpiry", + "type": "string" }, - "Metadata": { - "type": "object" + "PayloadFormatIndicator": { + "markdownDescription": "An `Enum` string value that indicates whether the payload is formatted as UTF-8.\n\nValid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` .\n\nFor more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "PayloadFormatIndicator", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the alias.", - "title": "Description", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", - "type": "string" - }, - "FunctionVersion": { - "markdownDescription": "The function version that the alias invokes.", - "title": "FunctionVersion", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the alias.", - "title": "Name", - "type": "string" - }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration", - "markdownDescription": "Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.", - "title": "ProvisionedConcurrencyConfig" - }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::Lambda::Alias.AliasRoutingConfiguration", - "markdownDescription": "The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.", - "title": "RoutingConfig" - } + "ResponseTopic": { + "markdownDescription": "A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters.\n\nFor more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "ResponseTopic", + "type": "string" + }, + "UserProperties": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.UserProperty" }, - "required": [ - "FunctionName", - "FunctionVersion", - "Name" - ], - "type": "object" + "markdownDescription": "An array of key-value pairs that you define in the MQTT5 header.", + "title": "UserProperties", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoT::TopicRule.S3Action": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The Amazon S3 bucket.", + "title": "BucketName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Lambda::Alias" - ], + "CannedAcl": { + "markdownDescription": "The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) .", + "title": "CannedAcl", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Key": { + "markdownDescription": "The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) .", + "title": "Key", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "BucketName", + "Key", + "RoleArn" ], "type": "object" }, - "AWS::Lambda::Alias.AliasRoutingConfiguration": { + "AWS::IoT::TopicRule.SigV4Authorization": { "additionalProperties": false, "properties": { - "AdditionalVersionWeights": { + "RoleArn": { + "markdownDescription": "The ARN of the signing role.", + "title": "RoleArn", + "type": "string" + }, + "ServiceName": { + "markdownDescription": "The service name to use while signing with Sig V4.", + "title": "ServiceName", + "type": "string" + }, + "SigningRegion": { + "markdownDescription": "The signing region.", + "title": "SigningRegion", + "type": "string" + } + }, + "required": [ + "RoleArn", + "ServiceName", + "SigningRegion" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.SnsAction": { + "additionalProperties": false, + "properties": { + "MessageFormat": { + "markdownDescription": "(Optional) The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* .", + "title": "MessageFormat", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" + }, + "TargetArn": { + "markdownDescription": "The ARN of the SNS topic.", + "title": "TargetArn", + "type": "string" + } + }, + "required": [ + "RoleArn", + "TargetArn" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.SqsAction": { + "additionalProperties": false, + "properties": { + "QueueUrl": { + "markdownDescription": "The URL of the Amazon SQS queue.", + "title": "QueueUrl", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" + }, + "UseBase64": { + "markdownDescription": "Specifies whether to use Base64 encoding.", + "title": "UseBase64", + "type": "boolean" + } + }, + "required": [ + "QueueUrl", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.StepFunctionsAction": { + "additionalProperties": false, + "properties": { + "ExecutionNamePrefix": { + "markdownDescription": "(Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided.", + "title": "ExecutionNamePrefix", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").", + "title": "RoleArn", + "type": "string" + }, + "StateMachineName": { + "markdownDescription": "The name of the Step Functions state machine whose execution will be started.", + "title": "StateMachineName", + "type": "string" + } + }, + "required": [ + "RoleArn", + "StateMachineName" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.Timestamp": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "An expression that returns a long epoch time value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.TimestreamAction": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of an Amazon Timestream database that has the table to write records into.", + "title": "DatabaseName", + "type": "string" + }, + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::Lambda::Alias.VersionWeight" + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamDimension" }, - "markdownDescription": "The second version, and the percentage of traffic that's routed to it.", - "title": "AdditionalVersionWeights", + "markdownDescription": "Metadata attributes of the time series that are written in each measure record.", + "title": "Dimensions", "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table.", + "title": "RoleArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table where the message data will be written.", + "title": "TableName", + "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamTimestamp", + "markdownDescription": "The value to use for the entry's timestamp. If blank, the time that the entry was processed is used.", + "title": "Timestamp" } }, "required": [ - "AdditionalVersionWeights" + "DatabaseName", + "Dimensions", + "RoleArn", + "TableName" ], "type": "object" }, - "AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration": { + "AWS::IoT::TopicRule.TimestreamDimension": { "additionalProperties": false, "properties": { - "ProvisionedConcurrentExecutions": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the alias.", - "title": "ProvisionedConcurrentExecutions", - "type": "number" + "Name": { + "markdownDescription": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value to write in this column of the database record.", + "title": "Value", + "type": "string" } }, "required": [ - "ProvisionedConcurrentExecutions" + "Name", + "Value" ], "type": "object" }, - "AWS::Lambda::Alias.VersionWeight": { + "AWS::IoT::TopicRule.TimestreamTimestamp": { "additionalProperties": false, "properties": { - "FunctionVersion": { - "markdownDescription": "The qualifier of the second version.", - "title": "FunctionVersion", + "Unit": { + "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", + "title": "Unit", "type": "string" }, - "FunctionWeight": { - "markdownDescription": "The percentage of traffic that the alias routes to the second version.", - "title": "FunctionWeight", - "type": "number" + "Value": { + "markdownDescription": "An expression that returns a long epoch time value.", + "title": "Value", + "type": "string" } }, "required": [ - "FunctionVersion", - "FunctionWeight" + "Unit", + "Value" ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig": { + "AWS::IoT::TopicRule.TopicRulePayload": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Action" + }, + "markdownDescription": "The actions associated with the rule.", + "title": "Actions", + "type": "array" + }, + "AwsIotSqlVersion": { + "markdownDescription": "The version of the SQL rules engine to use when evaluating the rule.\n\nThe default value is 2015-10-08.", + "title": "AwsIotSqlVersion", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the rule.", + "title": "Description", + "type": "string" + }, + "ErrorAction": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Action", + "markdownDescription": "The action to take when an error occurs.", + "title": "ErrorAction" + }, + "RuleDisabled": { + "markdownDescription": "Specifies whether the rule is disabled.", + "title": "RuleDisabled", + "type": "boolean" + }, + "Sql": { + "markdownDescription": "The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* .", + "title": "Sql", + "type": "string" + } + }, + "required": [ + "Actions", + "Sql" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.UserProperty": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A key to be specified in `UserProperty` .", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "A value to be specified in `UserProperty` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::IoT::TopicRuleDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -142204,30 +150045,27 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedPublishers": { - "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.AllowedPublishers", - "markdownDescription": "List of allowed publishers.", - "title": "AllowedPublishers" - }, - "CodeSigningPolicies": { - "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.CodeSigningPolicies", - "markdownDescription": "The code signing policy controls the validation failure action for signature mismatch or expiry.", - "title": "CodeSigningPolicies" + "HttpUrlProperties": { + "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary", + "markdownDescription": "Properties of the HTTP URL.", + "title": "HttpUrlProperties" }, - "Description": { - "markdownDescription": "Code signing configuration description.", - "title": "Description", + "Status": { + "markdownDescription": "- **IN_PROGRESS** - A topic rule destination was created but has not been confirmed. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.\n- **ENABLED** - Confirmation was completed, and traffic to this destination is allowed. You can set status to `DISABLED` by calling `UpdateTopicRuleDestination` .\n- **DISABLED** - Confirmation was completed, and traffic to this destination is not allowed. You can set status to `ENABLED` by calling `UpdateTopicRuleDestination` .\n- **ERROR** - Confirmation could not be completed; for example, if the confirmation timed out. You can call `GetTopicRuleDestination` for details about the error. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.", + "title": "Status", "type": "string" + }, + "VpcProperties": { + "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.VpcDestinationProperties", + "markdownDescription": "Properties of the virtual private cloud (VPC) connection.", + "title": "VpcProperties" } }, - "required": [ - "AllowedPublishers" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::CodeSigningConfig" + "AWS::IoT::TopicRuleDestination" ], "type": "string" }, @@ -142241,43 +150079,54 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig.AllowedPublishers": { + "AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary": { "additionalProperties": false, "properties": { - "SigningProfileVersionArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.", - "title": "SigningProfileVersionArns", - "type": "array" + "ConfirmationUrl": { + "markdownDescription": "The URL used to confirm the HTTP topic rule destination URL.", + "title": "ConfirmationUrl", + "type": "string" } }, - "required": [ - "SigningProfileVersionArns" - ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig.CodeSigningPolicies": { + "AWS::IoT::TopicRuleDestination.VpcDestinationProperties": { "additionalProperties": false, "properties": { - "UntrustedArtifactOnDeployment": { - "markdownDescription": "Code signing configuration policy for deployment validation failure. If you set the policy to `Enforce` , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to `Warn` , Lambda allows the deployment and creates a CloudWatch log.\n\nDefault value: `Warn`", - "title": "UntrustedArtifactOnDeployment", + "RoleArn": { + "markdownDescription": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs).", + "title": "RoleArn", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups of the VPC destination.", + "title": "SecurityGroups", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet IDs of the VPC destination.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, - "required": [ - "UntrustedArtifactOnDeployment" - ], "type": "object" }, - "AWS::Lambda::EventInvokeConfig": { + "AWS::IoTAnalytics::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -142312,41 +150161,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationConfig": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.DestinationConfig", - "markdownDescription": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Bucket* - The ARN of an Amazon S3 bucket.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus.\n\n> S3 buckets are supported only for on-failure destinations. To retain records of successful invocations, use another destination type.", - "title": "DestinationConfig" - }, - "FunctionName": { - "markdownDescription": "The name of the Lambda function.\n\n*Minimum* : `1`\n\n*Maximum* : `64`\n\n*Pattern* : `([a-zA-Z0-9-_]+)`", - "title": "FunctionName", + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", "type": "string" }, - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum age of a request that Lambda sends to a function for processing.", - "title": "MaximumEventAgeInSeconds", - "type": "number" + "ChannelStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.ChannelStorage", + "markdownDescription": "Where channel data is stored.", + "title": "ChannelStorage" }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of times to retry when the function returns an error.", - "title": "MaximumRetryAttempts", - "type": "number" + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.RetentionPeriod", + "markdownDescription": "How long, in days, message data is kept for the channel.", + "title": "RetentionPeriod" }, - "Qualifier": { - "markdownDescription": "The identifier of a version or alias.\n\n- *Version* - A version number.\n- *Alias* - An alias name.\n- *Latest* - To specify the unpublished version, use `$LATEST` .", - "title": "Qualifier", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "FunctionName", - "Qualifier" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::EventInvokeConfig" + "AWS::IoTAnalytics::Channel" ], "type": "string" }, @@ -142360,56 +150203,68 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Lambda::EventInvokeConfig.DestinationConfig": { + "AWS::IoTAnalytics::Channel.ChannelStorage": { "additionalProperties": false, "properties": { - "OnFailure": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnFailure", - "markdownDescription": "The destination configuration for failed invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", - "title": "OnFailure" + "CustomerManagedS3": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.CustomerManagedS3", + "markdownDescription": "Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created.", + "title": "CustomerManagedS3" }, - "OnSuccess": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnSuccess", - "markdownDescription": "The destination configuration for successful invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", - "title": "OnSuccess" + "ServiceManagedS3": { + "markdownDescription": "Used to store channel data in an S3 bucket managed by AWS IoT Analytics . You can't change the choice of S3 storage after the data store is created.", + "title": "ServiceManagedS3", + "type": "object" } }, "type": "object" }, - "AWS::Lambda::EventInvokeConfig.OnFailure": { + "AWS::IoTAnalytics::Channel.CustomerManagedS3": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", - "title": "Destination", + "Bucket": { + "markdownDescription": "The name of the S3 bucket in which channel data is stored.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/).", + "title": "KeyPrefix", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Destination" + "Bucket", + "RoleArn" ], "type": "object" }, - "AWS::Lambda::EventInvokeConfig.OnSuccess": { + "AWS::IoTAnalytics::Channel.RetentionPeriod": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.", - "title": "Destination", - "type": "string" + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" + }, + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", + "type": "boolean" } }, - "required": [ - "Destination" - ], "type": "object" }, - "AWS::Lambda::EventSourceMapping": { + "AWS::IoTAnalytics::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -142444,142 +150299,70 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonManagedKafkaEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig", - "markdownDescription": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", - "title": "AmazonManagedKafkaEventSourceConfig" - }, - "BatchSize": { - "markdownDescription": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", - "title": "BatchSize", - "type": "number" - }, - "BisectBatchOnFunctionError": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.\n\n> When using `BisectBatchOnFunctionError` , check the `BatchSize` parameter in the `OnFailure` destination message's metadata. The `BatchSize` could be greater than 1 since Lambda consolidates failed messages metadata when writing to the `OnFailure` destination.", - "title": "BisectBatchOnFunctionError", - "type": "boolean" - }, - "DestinationConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DestinationConfig", - "markdownDescription": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.", - "title": "DestinationConfig" - }, - "DocumentDBEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig", - "markdownDescription": "Specific configuration settings for a DocumentDB event source.", - "title": "DocumentDBEventSourceConfig" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Action" + }, + "markdownDescription": "The `DatasetAction` objects that automatically create the dataset contents.", + "title": "Actions", + "type": "array" }, - "Enabled": { - "markdownDescription": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n\nDefault: True", - "title": "Enabled", - "type": "boolean" + "ContentDeliveryRules": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule" + }, + "markdownDescription": "When dataset contents are created they are delivered to destinations specified here.", + "title": "ContentDeliveryRules", + "type": "array" }, - "EventSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the event source.\n\n- *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n- *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n- *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc) ).\n- *Amazon MQ* \u2013 The ARN of the broker.\n- *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.", - "title": "EventSourceArn", + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", "type": "string" }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.FilterCriteria", - "markdownDescription": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", - "title": "FilterCriteria" + "LateDataRules": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRule" + }, + "markdownDescription": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter.", + "title": "LateDataRules", + "type": "array" }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* \u2013 `MyFunction` .\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Version or Alias ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD` .\n- *Partial ARN* \u2013 `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", - "title": "FunctionName", - "type": "string" + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.RetentionPeriod", + "markdownDescription": "Optional. How long, in days, message data is kept for the dataset.", + "title": "RetentionPeriod" }, - "FunctionResponseTypes": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "(Kinesis, DynamoDB Streams, and SQS) A list of current response type enums applied to the event source mapping.\n\nValid Values: `ReportBatchItemFailures`", - "title": "FunctionResponseTypes", + "markdownDescription": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ , Amazon DocumentDB event sources)* : 500 ms\n\n*Related setting:* For Amazon SQS event sources, when you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "Triggers": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Trigger" + }, + "markdownDescription": "The `DatasetTrigger` objects that specify when the dataset is automatically updated.", + "title": "Triggers", + "type": "array" }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1,\nwhich sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n\n> The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed", - "title": "MaximumRecordAgeInSeconds", - "type": "number" - }, - "MaximumRetryAttempts": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1,\nwhich sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", - "type": "number" - }, - "ParallelizationFactor": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", - "type": "number" - }, - "Queues": { - "items": { - "type": "string" - }, - "markdownDescription": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.", - "title": "Queues", - "type": "array" - }, - "ScalingConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ScalingConfig", - "markdownDescription": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency) .", - "title": "ScalingConfig" - }, - "SelfManagedEventSource": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedEventSource", - "markdownDescription": "The self-managed Apache Kafka cluster for your event source.", - "title": "SelfManagedEventSource" - }, - "SelfManagedKafkaEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig", - "markdownDescription": "Specific configuration settings for a self-managed Apache Kafka event source.", - "title": "SelfManagedKafkaEventSourceConfig" - }, - "SourceAccessConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SourceAccessConfiguration" - }, - "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.", - "title": "SourceAccessConfigurations", - "type": "array" - }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n\n- *LATEST* - Read only new records.\n- *TRIM_HORIZON* - Process all available records.\n- *AT_TIMESTAMP* - Specify a time from which to start reading records.", - "title": "StartingPosition", - "type": "string" - }, - "StartingPositionTimestamp": { - "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds. `StartingPositionTimestamp` cannot be in the future.", - "title": "StartingPositionTimestamp", - "type": "number" - }, - "Topics": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the Kafka topic.", - "title": "Topics", - "type": "array" - }, - "TumblingWindowInSeconds": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.", - "title": "TumblingWindowInSeconds", - "type": "number" + "VersioningConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.VersioningConfiguration", + "markdownDescription": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* .", + "title": "VersioningConfiguration" } }, "required": [ - "FunctionName" + "Actions" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::EventSourceMapping" + "AWS::IoTAnalytics::Dataset" ], "type": "string" }, @@ -142598,161 +150381,431 @@ ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig": { + "AWS::IoTAnalytics::Dataset.Action": { "additionalProperties": false, "properties": { - "ConsumerGroupId": { - "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", - "title": "ConsumerGroupId", + "ActionName": { + "markdownDescription": "The name of the data set action by which data set contents are automatically created.", + "title": "ActionName", "type": "string" + }, + "ContainerAction": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ContainerAction", + "markdownDescription": "Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries.", + "title": "ContainerAction" + }, + "QueryAction": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.QueryAction", + "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", + "title": "QueryAction" } }, + "required": [ + "ActionName" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.DestinationConfig": { + "AWS::IoTAnalytics::Dataset.ContainerAction": { "additionalProperties": false, "properties": { - "OnFailure": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.OnFailure", - "markdownDescription": "The destination configuration for failed invocations.", - "title": "OnFailure" + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the role which gives permission to the system to access needed resources in order to run the \"containerAction\". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "Image": { + "markdownDescription": "The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents.", + "title": "Image", + "type": "string" + }, + "ResourceConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ResourceConfiguration", + "markdownDescription": "Configuration of the resource which executes the \"containerAction\".", + "title": "ResourceConfiguration" + }, + "Variables": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Variable" + }, + "markdownDescription": "The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of \"stringValue\", \"datasetContentVersionValue\", or \"outputFileUriValue\".", + "title": "Variables", + "type": "array" + } + }, + "required": [ + "ExecutionRoleArn", + "Image", + "ResourceConfiguration" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination", + "markdownDescription": "The destination to which dataset contents are delivered.", + "title": "Destination" + }, + "EntryName": { + "markdownDescription": "The name of the dataset content delivery rules entry.", + "title": "EntryName", + "type": "string" } }, + "required": [ + "Destination" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig": { + "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination": { "additionalProperties": false, "properties": { - "CollectionName": { - "markdownDescription": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.", - "title": "CollectionName", + "IotEventsDestinationConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration", + "markdownDescription": "Configuration information for delivery of dataset contents to AWS IoT Events .", + "title": "IotEventsDestinationConfiguration" + }, + "S3DestinationConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.S3DestinationConfiguration", + "markdownDescription": "Configuration information for delivery of dataset contents to Amazon S3.", + "title": "S3DestinationConfiguration" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.DatasetContentVersionValue": { + "additionalProperties": false, + "properties": { + "DatasetName": { + "markdownDescription": "The name of the dataset whose latest contents are used as input to the notebook or application.", + "title": "DatasetName", "type": "string" + } + }, + "required": [ + "DatasetName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.DeltaTime": { + "additionalProperties": false, + "properties": { + "OffsetSeconds": { + "markdownDescription": "The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe.", + "title": "OffsetSeconds", + "type": "number" }, + "TimeExpression": { + "markdownDescription": "An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated.", + "title": "TimeExpression", + "type": "string" + } + }, + "required": [ + "OffsetSeconds", + "TimeExpression" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration": { + "additionalProperties": false, + "properties": { + "TimeoutInMinutes": { + "markdownDescription": "A time interval. You can use `timeoutInMinutes` so that AWS IoT Analytics can batch up late data notifications that have been generated since the last execution. AWS IoT Analytics sends one batch of notifications to Amazon CloudWatch Events at one time.\n\nFor more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* .", + "title": "TimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "TimeoutInMinutes" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.Filter": { + "additionalProperties": false, + "properties": { + "DeltaTime": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTime", + "markdownDescription": "Used to limit data to that which has arrived since the last execution of the action.", + "title": "DeltaTime" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.GlueConfiguration": { + "additionalProperties": false, + "properties": { "DatabaseName": { - "markdownDescription": "The name of the database to consume within the DocumentDB cluster.", + "markdownDescription": "The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables.", "title": "DatabaseName", "type": "string" }, - "FullDocument": { - "markdownDescription": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.", - "title": "FullDocument", + "TableName": { + "markdownDescription": "The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets.", + "title": "TableName", "type": "string" } }, + "required": [ + "DatabaseName", + "TableName" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.Endpoints": { + "AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration": { "additionalProperties": false, "properties": { - "KafkaBootstrapServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", - "title": "KafkaBootstrapServers", - "type": "array" + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input to which dataset contents are delivered.", + "title": "InputName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to deliver dataset contents to an AWS IoT Events input.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "InputName", + "RoleArn" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.Filter": { + "AWS::IoTAnalytics::Dataset.LateDataRule": { "additionalProperties": false, "properties": { - "Pattern": { - "markdownDescription": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax) .", - "title": "Pattern", + "RuleConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration", + "markdownDescription": "The information needed to configure the late data rule.", + "title": "RuleConfiguration" + }, + "RuleName": { + "markdownDescription": "The name of the late data rule.", + "title": "RuleName", "type": "string" } }, + "required": [ + "RuleConfiguration" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.FilterCriteria": { + "AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration": { + "additionalProperties": false, + "properties": { + "DeltaTimeSessionWindowConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration", + "markdownDescription": "The information needed to configure a delta time session window.", + "title": "DeltaTimeSessionWindowConfiguration" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.OutputFileUriValue": { + "additionalProperties": false, + "properties": { + "FileName": { + "markdownDescription": "The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket.", + "title": "FileName", + "type": "string" + } + }, + "required": [ + "FileName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.QueryAction": { "additionalProperties": false, "properties": { "Filters": { "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Filter" + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Filter" }, - "markdownDescription": "A list of filters.", + "markdownDescription": "Pre-filters applied to message data.", "title": "Filters", "type": "array" + }, + "SqlQuery": { + "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", + "title": "SqlQuery", + "type": "string" } }, + "required": [ + "SqlQuery" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.OnFailure": { + "AWS::IoTAnalytics::Dataset.ResourceConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", - "title": "Destination", + "ComputeType": { + "markdownDescription": "The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB).", + "title": "ComputeType", "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50).", + "title": "VolumeSizeInGB", + "type": "number" } }, + "required": [ + "ComputeType", + "VolumeSizeInGB" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.ScalingConfig": { + "AWS::IoTAnalytics::Dataset.RetentionPeriod": { "additionalProperties": false, "properties": { - "MaximumConcurrency": { - "markdownDescription": "Limits the number of concurrent instances that the Amazon SQS event source can invoke.", - "title": "MaximumConcurrency", + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", "type": "number" + }, + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", + "type": "boolean" } }, "type": "object" }, - "AWS::Lambda::EventSourceMapping.SelfManagedEventSource": { + "AWS::IoTAnalytics::Dataset.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "Endpoints": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Endpoints", - "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", - "title": "Endpoints" + "Bucket": { + "markdownDescription": "The name of the S3 bucket to which dataset contents are delivered.", + "title": "Bucket", + "type": "string" + }, + "GlueConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.GlueConfiguration", + "markdownDescription": "Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service.", + "title": "GlueConfiguration" + }, + "Key": { + "markdownDescription": "The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key.\n\nYou can create a unique key with the following options:\n\n- Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run.\n- Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content.\n- Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content.\n\nThe following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv`\n\n> If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other.", + "title": "Key", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 and AWS Glue resources.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "Bucket", + "Key", + "RoleArn" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig": { + "AWS::IoTAnalytics::Dataset.Schedule": { "additionalProperties": false, "properties": { - "ConsumerGroupId": { - "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add) .", - "title": "ConsumerGroupId", + "ScheduleExpression": { + "markdownDescription": "The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation.", + "title": "ScheduleExpression", "type": "string" } }, + "required": [ + "ScheduleExpression" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.SourceAccessConfiguration": { + "AWS::IoTAnalytics::Dataset.Trigger": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: `\"Type\":\"SASL_SCRAM_512_AUTH\"` .\n\n- `BASIC_AUTH` \u2013 (Amazon MQ) The AWS Secrets Manager secret that stores your broker credentials.\n- `BASIC_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n- `VPC_SUBNET` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n- `VPC_SECURITY_GROUP` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_256_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_512_AUTH` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n- `VIRTUAL_HOST` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n- `CLIENT_CERTIFICATE_TLS_AUTH` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n- `SERVER_ROOT_CA_CERTIFICATE` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.", - "title": "Type", + "Schedule": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Schedule", + "markdownDescription": "The \"Schedule\" when the trigger is initiated.", + "title": "Schedule" + }, + "TriggeringDataset": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.TriggeringDataset", + "markdownDescription": "Information about the data set whose content generation triggers the new data set content generation.", + "title": "TriggeringDataset" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.TriggeringDataset": { + "additionalProperties": false, + "properties": { + "DatasetName": { + "markdownDescription": "The name of the data set whose content generation triggers the new data set content generation.", + "title": "DatasetName", + "type": "string" + } + }, + "required": [ + "DatasetName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.Variable": { + "additionalProperties": false, + "properties": { + "DatasetContentVersionValue": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentVersionValue", + "markdownDescription": "The value of the variable as a structure that specifies a dataset content version.", + "title": "DatasetContentVersionValue" + }, + "DoubleValue": { + "markdownDescription": "The value of the variable as a double (numeric).", + "title": "DoubleValue", + "type": "number" + }, + "OutputFileUriValue": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.OutputFileUriValue", + "markdownDescription": "The value of the variable as a structure that specifies an output file URI.", + "title": "OutputFileUriValue" + }, + "StringValue": { + "markdownDescription": "The value of the variable as a string.", + "title": "StringValue", "type": "string" }, - "URI": { - "markdownDescription": "The value for your chosen configuration in `Type` . For example: `\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"` .", - "title": "URI", + "VariableName": { + "markdownDescription": "The name of the variable.", + "title": "VariableName", "type": "string" } }, + "required": [ + "VariableName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.VersioningConfiguration": { + "additionalProperties": false, + "properties": { + "MaxVersions": { + "markdownDescription": "How many versions of dataset contents are kept. The `unlimited` parameter must be `false` .", + "title": "MaxVersions", + "type": "number" + }, + "Unlimited": { + "markdownDescription": "If true, unlimited versions of dataset contents are kept.", + "title": "Unlimited", + "type": "boolean" + } + }, "type": "object" }, - "AWS::Lambda::Function": { + "AWS::IoTAnalytics::Datastore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -142782,153 +150835,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Architectures": { - "items": { - "type": "string" - }, - "markdownDescription": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is `x86_64` .", - "title": "Architectures", - "type": "array" - }, - "Code": { - "$ref": "#/definitions/AWS::Lambda::Function.Code", - "markdownDescription": "The code for the function. You can define your function code in multiple ways:\n\n- For .zip deployment packages, you can specify the Amazon S3 location of the .zip file in the `S3Bucket` , `S3Key` , and `S3ObjectVersion` properties.\n- For .zip deployment packages, you can alternatively define the function code inline in the `ZipFile` property. This method works only for Node.js and Python functions.\n- For container images, specify the URI of your container image in the Amazon ECR registry in the `ImageUri` property.", - "title": "Code" - }, - "CodeSigningConfigArn": { - "markdownDescription": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration\nincludes a set of signing profiles, which define the trusted publishers for this function.", - "title": "CodeSigningConfigArn", - "type": "string" - }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.DeadLetterConfig", - "markdownDescription": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq) .", - "title": "DeadLetterConfig" - }, - "Description": { - "markdownDescription": "A description of the function.", - "title": "Description", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Lambda::Function.Environment", - "markdownDescription": "Environment variables that are accessible from function code during execution.", - "title": "Environment" - }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", - "markdownDescription": "The size of the function's `/tmp` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", - "title": "EphemeralStorage" - }, - "FileSystemConfigs": { - "items": { - "$ref": "#/definitions/AWS::Lambda::Function.FileSystemConfig" - }, - "markdownDescription": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a `DependsOn` attribute to ensure that the mount target is created or updated before the function.\n\nFor more information about using the `DependsOn` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", - "title": "FileSystemConfigs", - "type": "array" - }, - "FunctionName": { - "markdownDescription": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, AWS CloudFormation generates one.\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "FunctionName", - "type": "string" - }, - "Handler": { - "markdownDescription": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html) .", - "title": "Handler", - "type": "string" - }, - "ImageConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.ImageConfig", - "markdownDescription": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) .", - "title": "ImageConfig" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt the following resources:\n\n- The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption) .\n- The function's [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) snapshots.\n- When used with `SourceKMSKeyArn` , the unzipped version of the .zip deployment package that's used for function invocations. For more information, see [Specifying a customer managed key for Lambda](https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption) .\n- The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see [Function lifecycle](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle) .\n\nIf you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) or an [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", - "title": "KmsKeyArn", - "type": "string" - }, - "Layers": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", - "title": "Layers", - "type": "array" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.LoggingConfig", - "markdownDescription": "The function's Amazon CloudWatch Logs configuration settings.", - "title": "LoggingConfig" - }, - "MemorySize": { - "markdownDescription": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.", - "title": "MemorySize", - "type": "number" - }, - "PackageType": { - "markdownDescription": "The type of deployment package. Set to `Image` for container image and set `Zip` for .zip file archive.", - "title": "PackageType", + "DatastoreName": { + "markdownDescription": "The name of the data store.", + "title": "DatastoreName", "type": "string" }, - "ReservedConcurrentExecutions": { - "markdownDescription": "The number of simultaneous executions to reserve for the function.", - "title": "ReservedConcurrentExecutions", - "type": "number" - }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function's execution role.", - "title": "Role", - "type": "string" + "DatastorePartitions": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartitions", + "markdownDescription": "Information about the partition dimensions in a data store.", + "title": "DatastorePartitions" }, - "Runtime": { - "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels) .\n\nFor a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported) .", - "title": "Runtime", - "type": "string" + "DatastoreStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastoreStorage", + "markdownDescription": "Where data store data is stored.", + "title": "DatastoreStorage" }, - "RuntimeManagementConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.RuntimeManagementConfig", - "markdownDescription": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) .", - "title": "RuntimeManagementConfig" + "FileFormatConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.FileFormatConfiguration", + "markdownDescription": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store.", + "title": "FileFormatConfiguration" }, - "SnapStart": { - "$ref": "#/definitions/AWS::Lambda::Function.SnapStart", - "markdownDescription": "The function's [AWS Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", - "title": "SnapStart" + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.RetentionPeriod", + "markdownDescription": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored.", + "title": "RetentionPeriod" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "markdownDescription": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "Timeout": { - "markdownDescription": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) .", - "title": "Timeout", - "type": "number" - }, - "TracingConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.TracingConfig", - "markdownDescription": "Set `Mode` to `Active` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) .", - "title": "TracingConfig" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.VpcConfig", - "markdownDescription": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html) .", - "title": "VpcConfig" } }, - "required": [ - "Code", - "Role" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Function" + "AWS::IoTAnalytics::Datastore" ], "type": "string" }, @@ -142942,245 +150887,227 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Lambda::Function.Code": { + "AWS::IoTAnalytics::Datastore.Column": { "additionalProperties": false, "properties": { - "ImageUri": { - "markdownDescription": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.", - "title": "ImageUri", + "Name": { + "markdownDescription": "The name of the column.", + "title": "Name", "type": "string" }, - "S3Bucket": { - "markdownDescription": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account .", - "title": "S3Bucket", + "Type": { + "markdownDescription": "The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* .", + "title": "Type", "type": "string" - }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of the deployment package.", - "title": "S3Key", + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.CustomerManagedS3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", + "title": "Bucket", "type": "string" }, - "S3ObjectVersion": { - "markdownDescription": "For versioned objects, the version of the deployment package object to use.", - "title": "S3ObjectVersion", + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", + "title": "KeyPrefix", "type": "string" }, - "ZipFile": { - "markdownDescription": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named `index` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) . This zip file cannot exceed 4MB. For the `Handler` property, the first part of the handler identifier must be `index` . For example, `index.handler` .\n\n> When you specify source code inline for a Node.js function, the `index` file that AWS CloudFormation creates uses the extension `.js` . This means that Lambda treats the file as a CommonJS module. ES modules aren't supported for inline functions. \n\nFor JSON, you must escape quotes and special characters such as newline ( `\\n` ) with a backslash.\n\nIf you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( [cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html) ) that simplifies sending responses. See [Using AWS Lambda with AWS CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.", - "title": "ZipFile", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "Bucket", + "RoleArn" + ], "type": "object" }, - "AWS::Lambda::Function.DeadLetterConfig": { + "AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage": { "additionalProperties": false, "properties": { - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", - "title": "TargetArn", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", + "title": "KeyPrefix", "type": "string" } }, + "required": [ + "Bucket" + ], "type": "object" }, - "AWS::Lambda::Function.Environment": { + "AWS::IoTAnalytics::Datastore.DatastorePartition": { "additionalProperties": false, "properties": { - "Variables": { - "additionalProperties": true, - "markdownDescription": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html) .\n\nIf the value of the environment variable is a time or a duration, enclose the value in quotes.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Variables", - "type": "object" + "Partition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Partition", + "markdownDescription": "A partition dimension defined by an attribute.", + "title": "Partition" + }, + "TimestampPartition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.TimestampPartition", + "markdownDescription": "A partition dimension defined by a timestamp attribute.", + "title": "TimestampPartition" } }, "type": "object" }, - "AWS::Lambda::Function.EphemeralStorage": { + "AWS::IoTAnalytics::Datastore.DatastorePartitions": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The size of the function's `/tmp` directory.", - "title": "Size", - "type": "number" + "Partitions": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartition" + }, + "markdownDescription": "A list of partition dimensions in a data store.", + "title": "Partitions", + "type": "array" } }, - "required": [ - "Size" - ], "type": "object" }, - "AWS::Lambda::Function.FileSystemConfig": { + "AWS::IoTAnalytics::Datastore.DatastoreStorage": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.", - "title": "Arn", - "type": "string" + "CustomerManagedS3": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3", + "markdownDescription": "Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", + "title": "CustomerManagedS3" }, - "LocalMountPath": { - "markdownDescription": "The path where the function can access the file system, starting with `/mnt/` .", - "title": "LocalMountPath", - "type": "string" + "IotSiteWiseMultiLayerStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage", + "markdownDescription": "Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created.", + "title": "IotSiteWiseMultiLayerStorage" + }, + "ServiceManagedS3": { + "markdownDescription": "Use this to store data store data in an S3 bucket managed by the AWS IoT Analytics service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", + "title": "ServiceManagedS3", + "type": "object" } }, - "required": [ - "Arn", - "LocalMountPath" - ], "type": "object" }, - "AWS::Lambda::Function.ImageConfig": { + "AWS::IoTAnalytics::Datastore.FileFormatConfiguration": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.", - "title": "Command", - "type": "array" - }, - "EntryPoint": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.", - "title": "EntryPoint", - "type": "array" + "JsonConfiguration": { + "markdownDescription": "Contains the configuration information of the JSON format.", + "title": "JsonConfiguration", + "type": "object" }, - "WorkingDirectory": { - "markdownDescription": "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.", - "title": "WorkingDirectory", - "type": "string" + "ParquetConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.ParquetConfiguration", + "markdownDescription": "Contains the configuration information of the Parquet format.", + "title": "ParquetConfiguration" } }, "type": "object" }, - "AWS::Lambda::Function.LoggingConfig": { + "AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage": { "additionalProperties": false, "properties": { - "ApplicationLogLevel": { - "markdownDescription": "Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where `TRACE` is the highest level and `FATAL` is the lowest.", - "title": "ApplicationLogLevel", - "type": "string" - }, - "LogFormat": { - "markdownDescription": "The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON.", - "title": "LogFormat", - "type": "string" - }, - "LogGroup": { - "markdownDescription": "The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named `/aws/lambda/` . To use a different log group, enter an existing log group or enter a new log group name.", - "title": "LogGroup", - "type": "string" - }, - "SystemLogLevel": { - "markdownDescription": "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where `DEBUG` is the highest level and `WARN` is the lowest.", - "title": "SystemLogLevel", - "type": "string" + "CustomerManagedS3Storage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage", + "markdownDescription": "Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage.", + "title": "CustomerManagedS3Storage" } }, "type": "object" }, - "AWS::Lambda::Function.RuntimeManagementConfig": { + "AWS::IoTAnalytics::Datastore.ParquetConfiguration": { "additionalProperties": false, "properties": { - "RuntimeVersionArn": { - "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", - "title": "RuntimeVersionArn", - "type": "string" - }, - "UpdateRuntimeOn": { - "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", - "title": "UpdateRuntimeOn", - "type": "string" + "SchemaDefinition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.SchemaDefinition", + "markdownDescription": "Information needed to define a schema.", + "title": "SchemaDefinition" } }, - "required": [ - "UpdateRuntimeOn" - ], "type": "object" }, - "AWS::Lambda::Function.SnapStart": { + "AWS::IoTAnalytics::Datastore.Partition": { "additionalProperties": false, "properties": { - "ApplyOn": { - "markdownDescription": "Set `ApplyOn` to `PublishedVersions` to create a snapshot of the initialized execution environment when you publish a function version.", - "title": "ApplyOn", + "AttributeName": { + "markdownDescription": "The name of the attribute that defines a partition dimension.", + "title": "AttributeName", "type": "string" } }, "required": [ - "ApplyOn" + "AttributeName" ], "type": "object" }, - "AWS::Lambda::Function.SnapStartResponse": { + "AWS::IoTAnalytics::Datastore.RetentionPeriod": { "additionalProperties": false, "properties": { - "ApplyOn": { - "markdownDescription": "When set to `PublishedVersions` , Lambda creates a snapshot of the execution environment when you publish a function version.", - "title": "ApplyOn", - "type": "string" + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" }, - "OptimizationStatus": { - "markdownDescription": "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using) , this response element indicates whether SnapStart is activated for the specified function version.", - "title": "OptimizationStatus", - "type": "string" + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", + "type": "boolean" } }, "type": "object" }, - "AWS::Lambda::Function.TracingConfig": { + "AWS::IoTAnalytics::Datastore.SchemaDefinition": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The tracing mode.", - "title": "Mode", - "type": "string" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Column" + }, + "markdownDescription": "Specifies one or more columns that store your data.\n\nEach schema can have up to 100 columns. Each column can have up to 100 nested types.", + "title": "Columns", + "type": "array" } }, "type": "object" }, - "AWS::Lambda::Function.VpcConfig": { + "AWS::IoTAnalytics::Datastore.TimestampPartition": { "additionalProperties": false, "properties": { - "Ipv6AllowedForDualStack": { - "markdownDescription": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.", - "title": "Ipv6AllowedForDualStack", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC security group IDs.", - "title": "SecurityGroupIds", - "type": "array" + "AttributeName": { + "markdownDescription": "The attribute name of the partition defined by a timestamp.", + "title": "AttributeName", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC subnet IDs.", - "title": "SubnetIds", - "type": "array" + "TimestampFormat": { + "markdownDescription": "The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time).", + "title": "TimestampFormat", + "type": "string" } }, + "required": [ + "AttributeName" + ], "type": "object" }, - "AWS::Lambda::LayerVersion": { + "AWS::IoTAnalytics::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -143215,51 +151142,36 @@ "Properties": { "additionalProperties": false, "properties": { - "CompatibleArchitectures": { + "PipelineActivities": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Activity" }, - "markdownDescription": "A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .", - "title": "CompatibleArchitectures", + "markdownDescription": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`", + "title": "PipelineActivities", "type": "array" }, - "CompatibleRuntimes": { + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .", - "title": "CompatibleRuntimes", + "markdownDescription": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" - }, - "Content": { - "$ref": "#/definitions/AWS::Lambda::LayerVersion.Content", - "markdownDescription": "The function layer archive.", - "title": "Content" - }, - "Description": { - "markdownDescription": "The description of the version.", - "title": "Description", - "type": "string" - }, - "LayerName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", - "title": "LayerName", - "type": "string" - }, - "LicenseInfo": { - "markdownDescription": "The layer's software license. It can be any of the following:\n\n- An [SPDX license identifier](https://docs.aws.amazon.com/https://spdx.org/licenses/) . For example, `MIT` .\n- The URL of a license hosted on the internet. For example, `https://opensource.org/licenses/MIT` .\n- The full text of the license.", - "title": "LicenseInfo", - "type": "string" } }, "required": [ - "Content" + "PipelineActivities" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::LayerVersion" + "AWS::IoTAnalytics::Pipeline" ], "type": "string" }, @@ -143278,356 +151190,356 @@ ], "type": "object" }, - "AWS::Lambda::LayerVersion.Content": { + "AWS::IoTAnalytics::Pipeline.Activity": { "additionalProperties": false, "properties": { - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket of the layer archive.", - "title": "S3Bucket", - "type": "string" + "AddAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.AddAttributes", + "markdownDescription": "Adds other attributes based on existing attributes in the message.", + "title": "AddAttributes" }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of the layer archive.", - "title": "S3Key", - "type": "string" + "Channel": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Channel", + "markdownDescription": "Determines the source of the messages to be processed.", + "title": "Channel" }, - "S3ObjectVersion": { - "markdownDescription": "For versioned objects, the version of the layer archive object to use.", - "title": "S3ObjectVersion", - "type": "string" + "Datastore": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Datastore", + "markdownDescription": "Specifies where to store the processed message data.", + "title": "Datastore" + }, + "DeviceRegistryEnrich": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich", + "markdownDescription": "Adds data from the AWS IoT device registry to your message.", + "title": "DeviceRegistryEnrich" + }, + "DeviceShadowEnrich": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich", + "markdownDescription": "Adds information from the AWS IoT Device Shadows service to a message.", + "title": "DeviceShadowEnrich" + }, + "Filter": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Filter", + "markdownDescription": "Filters a message based on its attributes.", + "title": "Filter" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Lambda", + "markdownDescription": "Runs a Lambda function to modify the message.", + "title": "Lambda" + }, + "Math": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Math", + "markdownDescription": "Computes an arithmetic expression using the message's attributes and adds it to the message.", + "title": "Math" + }, + "RemoveAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.RemoveAttributes", + "markdownDescription": "Removes attributes from a message.", + "title": "RemoveAttributes" + }, + "SelectAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.SelectAttributes", + "markdownDescription": "Creates a new message using only the specified attributes from the original message.", + "title": "SelectAttributes" } }, - "required": [ - "S3Bucket", - "S3Key" - ], "type": "object" }, - "AWS::Lambda::LayerVersionPermission": { + "AWS::IoTAnalytics::Pipeline.AddAttributes": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The API action that grants access to the layer. For example, `lambda:GetLayerVersion` .", - "title": "Action", - "type": "string" - }, - "LayerVersionArn": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", - "title": "LayerVersionArn", - "type": "string" - }, - "OrganizationId": { - "markdownDescription": "With the principal set to `*` , grant permission to all accounts in the specified organization.", - "title": "OrganizationId", - "type": "string" - }, - "Principal": { - "markdownDescription": "An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified). For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.", - "title": "Principal", + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A list of 1-50 \"AttributeNameMapping\" objects that map an existing attribute to a new attribute.\n\n> The existing attributes remain in the message, so if you want to remove the originals, use \"RemoveAttributeActivity\".", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "Action", - "LayerVersionArn", - "Principal" - ], + "title": "Attributes", "type": "object" }, - "Type": { - "enum": [ - "AWS::Lambda::LayerVersionPermission" - ], + "Name": { + "markdownDescription": "The name of the 'addAttributes' activity.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" } }, "required": [ - "Type", - "Properties" + "Attributes", + "Name" ], "type": "object" }, - "AWS::Lambda::Permission": { + "AWS::IoTAnalytics::Pipeline.Channel": { "additionalProperties": false, "properties": { - "Condition": { + "ChannelName": { + "markdownDescription": "The name of the channel from which the messages are processed.", + "title": "ChannelName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the 'channel' activity.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" + } + }, + "required": [ + "ChannelName", + "Name" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.Datastore": { + "additionalProperties": false, + "properties": { + "DatastoreName": { + "markdownDescription": "The name of the data store where processed messages are stored.", + "title": "DatastoreName", + "type": "string" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name of the datastore activity.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DatastoreName", + "Name" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The name of the attribute that is added to the message.", + "title": "Attribute", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The action that the principal can use on the function. For example, `lambda:InvokeFunction` or `lambda:GetFunction` .", - "title": "Action", - "type": "string" - }, - "EventSourceToken": { - "markdownDescription": "For Alexa Smart Home functions, a token that the invoker must supply.", - "title": "EventSourceToken", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function, version, or alias.\n\n**Name formats** - *Function name* \u2013 `my-function` (name-only), `my-function:v1` (with alias).\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:my-function` .\n- *Partial ARN* \u2013 `123456789012:function:my-function` .\n\nYou can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", - "type": "string" - }, - "FunctionUrlAuthType": { - "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", - "title": "FunctionUrlAuthType", - "type": "string" - }, - "Principal": { - "markdownDescription": "The AWS service , AWS account , IAM user, or IAM role that invokes the function. If you specify a service, use `SourceArn` or `SourceAccount` to limit who can invoke the function through that service.", - "title": "Principal", - "type": "string" - }, - "PrincipalOrgID": { - "markdownDescription": "The identifier for your organization in AWS Organizations . Use this to grant permissions to all the AWS accounts under this organization.", - "title": "PrincipalOrgID", - "type": "string" - }, - "SourceAccount": { - "markdownDescription": "For AWS service , the ID of the AWS account that owns the resource. Use this together with `SourceArn` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.", - "title": "SourceAccount", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "For AWS services , the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n\nNote that Lambda configures the comparison using the `StringLike` operator.", - "title": "SourceArn", - "type": "string" - } - }, - "required": [ - "Action", - "FunctionName", - "Principal" - ], - "type": "object" + "Name": { + "markdownDescription": "The name of the 'deviceRegistryEnrich' activity.", + "title": "Name", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Lambda::Permission" - ], + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "The ARN of the role that allows access to the device's registry information.", + "title": "RoleArn", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the IoT device whose registry information is added to the message.", + "title": "ThingName", "type": "string" } }, "required": [ - "Type", - "Properties" + "Attribute", + "Name", + "RoleArn", + "ThingName" ], "type": "object" }, - "AWS::Lambda::Url": { + "AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich": { "additionalProperties": false, "properties": { - "Condition": { + "Attribute": { + "markdownDescription": "The name of the attribute that is added to the message.", + "title": "Attribute", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the 'deviceShadowEnrich' activity.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" }, - "Metadata": { - "type": "object" + "RoleArn": { + "markdownDescription": "The ARN of the role that allows access to the device's shadow.", + "title": "RoleArn", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AuthType": { - "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", - "title": "AuthType", - "type": "string" - }, - "Cors": { - "$ref": "#/definitions/AWS::Lambda::Url.Cors", - "markdownDescription": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.", - "title": "Cors" - }, - "InvokeMode": { - "markdownDescription": "Use one of the following options:\n\n- `BUFFERED` \u2013 This is the default option. Lambda invokes your function using the `Invoke` API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.\n- `RESPONSE_STREAM` \u2013 Your function streams payload results as they become available. Lambda invokes your function using the `InvokeWithResponseStream` API operation. The maximum response payload size is 20 MB, however, you can [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) .", - "title": "InvokeMode", - "type": "string" - }, - "Qualifier": { - "markdownDescription": "The alias name.", - "title": "Qualifier", - "type": "string" - }, - "TargetFunctionArn": { - "markdownDescription": "The name of the Lambda function.\n\n**Name formats** - *Function name* - `my-function` .\n- *Function ARN* - `lambda: : :function:my-function` .\n- *Partial ARN* - `:function:my-function` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "TargetFunctionArn", - "type": "string" - } - }, - "required": [ - "AuthType", - "TargetFunctionArn" - ], - "type": "object" + "ThingName": { + "markdownDescription": "The name of the IoT device whose shadow information is added to the message.", + "title": "ThingName", + "type": "string" + } + }, + "required": [ + "Attribute", + "Name", + "RoleArn", + "ThingName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.Filter": { + "additionalProperties": false, + "properties": { + "Filter": { + "markdownDescription": "An expression that looks like an SQL WHERE clause that must return a Boolean value.", + "title": "Filter", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Lambda::Url" - ], + "Name": { + "markdownDescription": "The name of the 'filter' activity.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" } }, "required": [ - "Type", - "Properties" + "Filter", + "Name" ], "type": "object" }, - "AWS::Lambda::Url.Cors": { + "AWS::IoTAnalytics::Pipeline.Lambda": { "additionalProperties": false, "properties": { - "AllowCredentials": { - "markdownDescription": "Whether you want to allow cookies or other credentials in requests to your function URL. The default is `false` .", - "title": "AllowCredentials", - "type": "boolean" + "BatchSize": { + "markdownDescription": "The number of messages passed to the Lambda function for processing.\n\nThe AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions.", + "title": "BatchSize", + "type": "number" }, - "AllowHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "The HTTP headers that origins can include in requests to your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", - "title": "AllowHeaders", - "type": "array" + "LambdaName": { + "markdownDescription": "The name of the Lambda function that is run on the message.", + "title": "LambdaName", + "type": "string" }, - "AllowMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "The HTTP methods that are allowed when calling your function URL. For example: `GET` , `POST` , `DELETE` , or the wildcard character ( `*` ).", - "title": "AllowMethods", - "type": "array" + "Name": { + "markdownDescription": "The name of the 'lambda' activity.", + "title": "Name", + "type": "string" }, - "AllowOrigins": { + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" + } + }, + "required": [ + "BatchSize", + "LambdaName", + "Name" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.Math": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The name of the attribute that contains the result of the math operation.", + "title": "Attribute", + "type": "string" + }, + "Math": { + "markdownDescription": "An expression that uses one or more existing attributes and must return an integer value.", + "title": "Math", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the 'math' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" + } + }, + "required": [ + "Attribute", + "Math", + "Name" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.RemoveAttributes": { + "additionalProperties": false, + "properties": { + "Attributes": { "items": { "type": "string" }, - "markdownDescription": "The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example: `https://www.example.com` , `http://localhost:60905` .\n\nAlternatively, you can grant access to all origins with the wildcard character ( `*` ).", - "title": "AllowOrigins", + "markdownDescription": "A list of 1-50 attributes to remove from the message.", + "title": "Attributes", "type": "array" }, - "ExposeHeaders": { + "Name": { + "markdownDescription": "The name of the 'removeAttributes' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" + } + }, + "required": [ + "Attributes", + "Name" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Pipeline.SelectAttributes": { + "additionalProperties": false, + "properties": { + "Attributes": { "items": { "type": "string" }, - "markdownDescription": "The HTTP headers in your function response that you want to expose to origins that call your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", - "title": "ExposeHeaders", + "markdownDescription": "A list of the attributes to select from the message.", + "title": "Attributes", "type": "array" }, - "MaxAge": { - "markdownDescription": "The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results.", - "title": "MaxAge", - "type": "number" + "Name": { + "markdownDescription": "The name of the 'selectAttributes' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" } }, + "required": [ + "Attributes", + "Name" + ], "type": "object" }, - "AWS::Lambda::Version": { + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -143662,40 +151574,28 @@ "Properties": { "additionalProperties": false, "properties": { - "CodeSha256": { - "markdownDescription": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.", - "title": "CodeSha256", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the version to override the description in the function configuration. Updates are not supported for this property.", - "title": "Description", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", - "type": "string" - }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/AWS::Lambda::Version.ProvisionedConcurrencyConfiguration", - "markdownDescription": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.", - "title": "ProvisionedConcurrencyConfig" + "SuiteDefinitionConfiguration": { + "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration", + "markdownDescription": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String", + "title": "SuiteDefinitionConfiguration" }, - "RuntimePolicy": { - "$ref": "#/definitions/AWS::Lambda::Version.RuntimePolicy", - "markdownDescription": "", - "title": "RuntimePolicy" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the the Suite Definition.", + "title": "Tags", + "type": "array" } }, "required": [ - "FunctionName" + "SuiteDefinitionConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Version" + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition" ], "type": "string" }, @@ -143714,40 +151614,61 @@ ], "type": "object" }, - "AWS::Lambda::Version.ProvisionedConcurrencyConfiguration": { + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest": { "additionalProperties": false, "properties": { - "ProvisionedConcurrentExecutions": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the version.", - "title": "ProvisionedConcurrentExecutions", - "type": "number" + "CertificateArn": { + "markdownDescription": "Lists device's certificate ARN.", + "title": "CertificateArn", + "type": "string" + }, + "ThingArn": { + "markdownDescription": "Lists device's thing ARN.", + "title": "ThingArn", + "type": "string" } }, - "required": [ - "ProvisionedConcurrentExecutions" - ], "type": "object" }, - "AWS::Lambda::Version.RuntimePolicy": { + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration": { "additionalProperties": false, "properties": { - "RuntimeVersionArn": { - "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", - "title": "RuntimeVersionArn", + "DevicePermissionRoleArn": { + "markdownDescription": "Gets the device permission ARN. This is a required parameter.", + "title": "DevicePermissionRoleArn", "type": "string" }, - "UpdateRuntimeOn": { - "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", - "title": "UpdateRuntimeOn", + "Devices": { + "items": { + "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest" + }, + "markdownDescription": "Gets the devices configured.", + "title": "Devices", + "type": "array" + }, + "IntendedForQualification": { + "markdownDescription": "Gets the tests intended for qualification in a suite.", + "title": "IntendedForQualification", + "type": "boolean" + }, + "RootGroup": { + "markdownDescription": "Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default.\n\nFor a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048.", + "title": "RootGroup", + "type": "string" + }, + "SuiteDefinitionName": { + "markdownDescription": "Gets the suite definition name. This is a required parameter.", + "title": "SuiteDefinitionName", "type": "string" } }, "required": [ - "UpdateRuntimeOn" + "DevicePermissionRoleArn", + "RootGroup" ], "type": "object" }, - "AWS::Lex::Bot": { + "AWS::IoTEvents::AlarmModel": { "additionalProperties": false, "properties": { "Condition": { @@ -143782,82 +151703,64 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoBuildBotLocales": { - "markdownDescription": "Indicates whether Amazon Lex V2 should automatically build the locales for the bot after a change.", - "title": "AutoBuildBotLocales", - "type": "boolean" - }, - "BotFileS3Location": { - "$ref": "#/definitions/AWS::Lex::Bot.S3Location", - "markdownDescription": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*", - "title": "BotFileS3Location" - }, - "BotLocales": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.BotLocale" - }, - "markdownDescription": "A list of locales for the bot.", - "title": "BotLocales", - "type": "array" + "AlarmCapabilities": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmCapabilities", + "markdownDescription": "Contains the configuration information of alarm state changes.", + "title": "AlarmCapabilities" }, - "BotTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to add to the bot. You can only add tags when you import a bot. You can't use the `UpdateBot` operation to update tags. To update tags, use the `TagResource` operation.", - "title": "BotTags", - "type": "array" + "AlarmEventActions": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmEventActions", + "markdownDescription": "Contains information about one or more alarm actions.", + "title": "AlarmEventActions" }, - "DataPrivacy": { - "$ref": "#/definitions/AWS::Lex::Bot.DataPrivacy", - "markdownDescription": "By default, data stored by Amazon Lex is encrypted. The `DataPrivacy` structure provides settings that determine how Amazon Lex handles special cases of securing the data for your bot.", - "title": "DataPrivacy" + "AlarmModelDescription": { + "markdownDescription": "The description of the alarm model.", + "title": "AlarmModelDescription", + "type": "string" }, - "Description": { - "markdownDescription": "The description of the version.", - "title": "Description", + "AlarmModelName": { + "markdownDescription": "The name of the alarm model.", + "title": "AlarmModelName", "type": "string" }, - "IdleSessionTTLInSeconds": { - "markdownDescription": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Lex deletes any data provided before the timeout.\n\nYou can specify between 60 (1 minute) and 86,400 (24 hours) seconds.", - "title": "IdleSessionTTLInSeconds", - "type": "number" + "AlarmRule": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmRule", + "markdownDescription": "Defines when your alarm is invoked.", + "title": "AlarmRule" }, - "Name": { - "markdownDescription": "The name of the bot locale.", - "title": "Name", + "Key": { + "markdownDescription": "An input attribute used as a key to create an alarm. AWS IoT Events routes [inputs](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Input.html) associated with this key to the alarm.", + "title": "Key", "type": "string" }, "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot.", + "markdownDescription": "The ARN of the IAM role that allows the alarm to perform actions and access AWS resources. For more information, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", "title": "RoleArn", "type": "string" }, - "TestBotAliasSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.TestBotAliasSettings", - "markdownDescription": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values.", - "title": "TestBotAliasSettings" + "Severity": { + "markdownDescription": "A non-negative integer that reflects the severity level of the alarm.", + "title": "Severity", + "type": "number" }, - "TestBotAliasTags": { + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to add to the test alias for a bot. You can only add tags when you import a bot. You can't use the `UpdateAlias` operation to update tags. To update tags on the test alias, use the `TagResource` operation.", - "title": "TestBotAliasTags", + "markdownDescription": "A list of key-value pairs that contain metadata for the alarm model. The tags help you manage the alarm model. For more information, see [Tagging your AWS IoT Events resources](https://docs.aws.amazon.com/iotevents/latest/developerguide/tagging-iotevents.html) in the *AWS IoT Events Developer Guide* .\n\nYou can create up to 50 tags for one alarm model.", + "title": "Tags", "type": "array" } }, "required": [ - "DataPrivacy", - "IdleSessionTTLInSeconds", - "Name", + "AlarmRule", "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::Bot" + "AWS::IoTEvents::AlarmModel" ], "type": "string" }, @@ -143876,1682 +151779,1864 @@ ], "type": "object" }, - "AWS::Lex::Bot.AdvancedRecognitionSetting": { + "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { "additionalProperties": false, "properties": { - "AudioRecognitionStrategy": { - "markdownDescription": "Enables using the slot values as a custom vocabulary for recognizing user utterances.", - "title": "AudioRecognitionStrategy", - "type": "string" + "Enabled": { + "markdownDescription": "The value must be `TRUE` or `FALSE` . If `TRUE` , you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to `NORMAL` . If `FALSE` , you won't receive notifications. The alarm automatically changes to the `NORMAL` state when the input property value returns to the specified range.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::Lex::Bot.AllowedInputTypes": { + "AWS::IoTEvents::AlarmModel.AlarmAction": { "additionalProperties": false, "properties": { - "AllowAudioInput": { - "markdownDescription": "Indicates whether audio input is allowed.", - "title": "AllowAudioInput", - "type": "boolean" + "DynamoDB": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDB", + "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBAction` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `hashKeyType` parameter can be `'STRING'` .\n- For references, you must specify either variables or input values. For example, the value for the `hashKeyField` parameter can be `$input.GreenhouseInput.name` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `hashKeyValue` parameter uses a substitution template.\n\n`'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nIf the defined payload type is a string, `DynamoDBAction` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the `payloadField` parameter is `_raw` .", + "title": "DynamoDB" }, - "AllowDTMFInput": { - "markdownDescription": "Indicates whether DTMF input is allowed.", - "title": "AllowDTMFInput", - "type": "boolean" + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDBv2", + "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBv2Action` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `tableName` parameter can be `'GreenhouseTemperatureTable'` .\n- For references, you must specify either variables or input values. For example, the value for the `tableName` parameter can be `$variable.ddbtableName` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `contentExpression` parameter in `Payload` uses a substitution template.\n\n`'{\\\"sensorID\\\": \\\"${$input.GreenhouseInput.sensor_id}\\\", \\\"temperature\\\": \\\"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\\\"}'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nThe value for the `type` parameter in `Payload` must be `JSON` .", + "title": "DynamoDBv2" + }, + "Firehose": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Firehose", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", + "title": "Firehose" + }, + "IotEvents": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotEvents", + "markdownDescription": "Sends an AWS IoT Events input, passing in information about the detector model instance and the event that triggered the action.", + "title": "IotEvents" + }, + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotSiteWise", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to a specified asset property in AWS IoT SiteWise .\n\nYou must use expressions for all parameters in `IotSiteWiseAction` . The expressions accept literals, operators, functions, references, and substitutions templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `propertyAlias` parameter can be `'/company/windfarm/3/turbine/7/temperature'` .\n- For references, you must specify either variables or input values. For example, the value for the `assetId` parameter can be `$input.TurbineInput.assetId1` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `propertyAlias` parameter uses a substitution template.\n\n`'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`\n\nYou must specify either `propertyAlias` or both `assetId` and `propertyId` to identify the target asset property in AWS IoT SiteWise .\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .", + "title": "IotSiteWise" + }, + "IotTopicPublish": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotTopicPublish", + "markdownDescription": "Information required to publish the MQTT message through the AWS IoT message broker.", + "title": "IotTopicPublish" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Lambda", + "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", + "title": "Lambda" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sns", + "markdownDescription": "Information required to publish the Amazon SNS message.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sqs", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue.", + "title": "Sqs" } }, - "required": [ - "AllowAudioInput", - "AllowDTMFInput" - ], "type": "object" }, - "AWS::Lex::Bot.AudioAndDTMFInputSpecification": { + "AWS::IoTEvents::AlarmModel.AlarmCapabilities": { "additionalProperties": false, "properties": { - "AudioSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioSpecification", - "markdownDescription": "Specifies the settings on audio input.", - "title": "AudioSpecification" - }, - "DTMFSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.DTMFSpecification", - "markdownDescription": "Specifies the settings on DTMF input.", - "title": "DTMFSpecification" + "AcknowledgeFlow": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AcknowledgeFlow", + "markdownDescription": "Specifies whether to get notified for alarm state changes.", + "title": "AcknowledgeFlow" }, - "StartTimeoutMs": { - "markdownDescription": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.", - "title": "StartTimeoutMs", - "type": "number" + "InitializationConfiguration": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.InitializationConfiguration", + "markdownDescription": "Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model.", + "title": "InitializationConfiguration" } }, - "required": [ - "StartTimeoutMs" - ], "type": "object" }, - "AWS::Lex::Bot.AudioLogDestination": { + "AWS::IoTEvents::AlarmModel.AlarmEventActions": { "additionalProperties": false, "properties": { - "S3Bucket": { - "$ref": "#/definitions/AWS::Lex::Bot.S3BucketLogDestination", - "markdownDescription": "Specifies the Amazon S3 bucket where the audio files are stored.", - "title": "S3Bucket" + "AlarmActions": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmAction" + }, + "markdownDescription": "Specifies one or more supported actions to receive notifications when the alarm state changes.", + "title": "AlarmActions", + "type": "array" } }, - "required": [ - "S3Bucket" - ], "type": "object" }, - "AWS::Lex::Bot.AudioLogSetting": { + "AWS::IoTEvents::AlarmModel.AlarmRule": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioLogDestination", - "markdownDescription": "Specifies the location of the audio log files collected when conversation logging is enabled for a bot.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Determines whether audio logging in enabled for the bot.", - "title": "Enabled", - "type": "boolean" + "SimpleRule": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.SimpleRule", + "markdownDescription": "A rule that compares an input property value to a threshold value with a comparison operator.", + "title": "SimpleRule" } }, - "required": [ - "Destination", - "Enabled" - ], "type": "object" }, - "AWS::Lex::Bot.AudioSpecification": { + "AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { - "EndTimeoutMs": { - "markdownDescription": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.", - "title": "EndTimeoutMs", - "type": "number" + "OffsetInNanos": { + "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", + "title": "OffsetInNanos", + "type": "string" }, - "MaxLengthMs": { - "markdownDescription": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.", - "title": "MaxLengthMs", - "type": "number" + "TimeInSeconds": { + "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", + "title": "TimeInSeconds", + "type": "string" } }, "required": [ - "EndTimeoutMs", - "MaxLengthMs" + "TimeInSeconds" ], "type": "object" }, - "AWS::Lex::Bot.BotAliasLocaleSettings": { + "AWS::IoTEvents::AlarmModel.AssetPropertyValue": { "additionalProperties": false, "properties": { - "CodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.CodeHookSpecification", - "markdownDescription": "Specifies the Lambda function that should be used in the locale.", - "title": "CodeHookSpecification" + "Quality": { + "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", + "title": "Quality", + "type": "string" }, - "Enabled": { - "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", - "title": "Enabled", - "type": "boolean" + "Timestamp": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp", + "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", + "title": "Timestamp" + }, + "Value": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyVariant", + "markdownDescription": "The value to send to an asset property.", + "title": "Value" } }, "required": [ - "Enabled" + "Value" ], "type": "object" }, - "AWS::Lex::Bot.BotAliasLocaleSettingsItem": { + "AWS::IoTEvents::AlarmModel.AssetPropertyVariant": { "additionalProperties": false, "properties": { - "BotAliasLocaleSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettings", - "markdownDescription": "Specifies locale settings for a locale.", - "title": "BotAliasLocaleSetting" + "BooleanValue": { + "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", + "title": "BooleanValue", + "type": "string" }, - "LocaleId": { - "markdownDescription": "Specifies the locale that the settings apply to.", - "title": "LocaleId", + "DoubleValue": { + "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", + "title": "DoubleValue", + "type": "string" + }, + "IntegerValue": { + "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", + "title": "IntegerValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", + "title": "StringValue", "type": "string" } }, - "required": [ - "BotAliasLocaleSetting", - "LocaleId" - ], "type": "object" }, - "AWS::Lex::Bot.BotLocale": { + "AWS::IoTEvents::AlarmModel.DynamoDB": { "additionalProperties": false, "properties": { - "CustomVocabulary": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabulary", - "markdownDescription": "Specifies a custom vocabulary to use with a specific locale.", - "title": "CustomVocabulary" + "HashKeyField": { + "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", + "title": "HashKeyField", + "type": "string" }, - "Description": { - "markdownDescription": "A description of the bot locale. Use this to help identify the bot locale in lists.", - "title": "Description", + "HashKeyType": { + "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", + "title": "HashKeyType", "type": "string" }, - "Intents": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Intent" - }, - "markdownDescription": "One or more intents defined for the locale.", - "title": "Intents", - "type": "array" + "HashKeyValue": { + "markdownDescription": "The value of the hash key (also called the partition key).", + "title": "HashKeyValue", + "type": "string" }, - "LocaleId": { - "markdownDescription": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales.", - "title": "LocaleId", + "Operation": { + "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", + "title": "Operation", "type": "string" }, - "NluConfidenceThreshold": { - "markdownDescription": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot.", - "title": "NluConfidenceThreshold", - "type": "number" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" }, - "SlotTypes": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotType" - }, - "markdownDescription": "One or more slot types defined for the locale.", - "title": "SlotTypes", - "type": "array" + "PayloadField": { + "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", + "title": "PayloadField", + "type": "string" }, - "VoiceSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.VoiceSettings", - "markdownDescription": "Defines settings for using an Amazon Polly voice to communicate with a user.\n\nValid values include:\n\n- `standard`\n- `neural`\n- `long-form`\n- `generative`", - "title": "VoiceSettings" + "RangeKeyField": { + "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", + "title": "RangeKeyField", + "type": "string" + }, + "RangeKeyType": { + "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The value of the range key (also called the sort key).", + "title": "RangeKeyValue", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", + "title": "TableName", + "type": "string" } }, "required": [ - "LocaleId", - "NluConfidenceThreshold" + "HashKeyField", + "HashKeyValue", + "TableName" ], "type": "object" }, - "AWS::Lex::Bot.Button": { + "AWS::IoTEvents::AlarmModel.DynamoDBv2": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The text that appears on the button. Use this to tell the user what value is returned when they choose this button.", - "title": "Text", - "type": "string" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" }, - "Value": { - "markdownDescription": "The value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.", - "title": "Value", + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", "type": "string" } }, "required": [ - "Text", - "Value" + "TableName" ], "type": "object" }, - "AWS::Lex::Bot.CloudWatchLogGroupLogDestination": { + "AWS::IoTEvents::AlarmModel.Firehose": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", - "title": "CloudWatchLogGroupArn", + "DeliveryStreamName": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", + "title": "DeliveryStreamName", "type": "string" }, - "LogPrefix": { - "markdownDescription": "The prefix of the log stream name within the log group that you specified", - "title": "LogPrefix", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", + "title": "Payload" + }, + "Separator": { + "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", "type": "string" } }, "required": [ - "CloudWatchLogGroupArn", - "LogPrefix" + "DeliveryStreamName" ], "type": "object" }, - "AWS::Lex::Bot.CodeHookSpecification": { + "AWS::IoTEvents::AlarmModel.InitializationConfiguration": { "additionalProperties": false, "properties": { - "LambdaCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.LambdaCodeHook", - "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", - "title": "LambdaCodeHook" + "DisabledOnInitialization": { + "markdownDescription": "The value must be `TRUE` or `FALSE` . If `FALSE` , all alarm instances created based on the alarm model are activated. The default value is `TRUE` .", + "title": "DisabledOnInitialization", + "type": "boolean" } }, "required": [ - "LambdaCodeHook" + "DisabledOnInitialization" ], "type": "object" }, - "AWS::Lex::Bot.Condition": { + "AWS::IoTEvents::AlarmModel.IotEvents": { "additionalProperties": false, "properties": { - "ExpressionString": { - "markdownDescription": "The expression string that is evaluated.", - "title": "ExpressionString", + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", + "title": "InputName", "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", + "title": "Payload" } }, "required": [ - "ExpressionString" + "InputName" ], "type": "object" }, - "AWS::Lex::Bot.ConditionalBranch": { + "AWS::IoTEvents::AlarmModel.IotSiteWise": { "additionalProperties": false, "properties": { - "Condition": { - "$ref": "#/definitions/AWS::Lex::Bot.Condition", - "markdownDescription": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken.", - "title": "Condition" + "AssetId": { + "markdownDescription": "The ID of the asset that has the specified property.", + "title": "AssetId", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the branch.", - "title": "Name", + "EntryId": { + "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", + "title": "EntryId", "type": "string" }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" + "PropertyAlias": { + "markdownDescription": "The alias of the asset property.", + "title": "PropertyAlias", + "type": "string" }, - "Response": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "Response" - } - }, - "required": [ - "Condition", - "Name", - "NextStep" - ], - "type": "object" - }, - "AWS::Lex::Bot.ConditionalSpecification": { - "additionalProperties": false, - "properties": { - "ConditionalBranches": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalBranch" - }, - "markdownDescription": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true.", - "title": "ConditionalBranches", - "type": "array" - }, - "DefaultBranch": { - "$ref": "#/definitions/AWS::Lex::Bot.DefaultConditionalBranch", - "markdownDescription": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step.", - "title": "DefaultBranch" + "PropertyId": { + "markdownDescription": "The ID of the asset property.", + "title": "PropertyId", + "type": "string" }, - "IsActive": { - "markdownDescription": "Determines whether a conditional branch is active. When `IsActive` is false, the conditions are not evaluated.", - "title": "IsActive", - "type": "boolean" + "PropertyValue": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyValue", + "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", + "title": "PropertyValue" } }, - "required": [ - "ConditionalBranches", - "DefaultBranch", - "IsActive" - ], "type": "object" }, - "AWS::Lex::Bot.ConversationLogSettings": { + "AWS::IoTEvents::AlarmModel.IotTopicPublish": { "additionalProperties": false, "properties": { - "AudioLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioLogSetting" - }, - "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", - "title": "AudioLogSettings", - "type": "array" + "MqttTopic": { + "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", + "title": "MqttTopic", + "type": "string" }, - "TextLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.TextLogSetting" - }, - "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", - "title": "TextLogSettings", - "type": "array" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", + "title": "Payload" } }, + "required": [ + "MqttTopic" + ], "type": "object" }, - "AWS::Lex::Bot.CustomPayload": { + "AWS::IoTEvents::AlarmModel.Lambda": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The string that is sent to your application.", - "title": "Value", + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function that is executed.", + "title": "FunctionArn", "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", + "title": "Payload" } }, "required": [ - "Value" + "FunctionArn" ], "type": "object" }, - "AWS::Lex::Bot.CustomVocabulary": { + "AWS::IoTEvents::AlarmModel.Payload": { "additionalProperties": false, "properties": { - "CustomVocabularyItems": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabularyItem" - }, - "markdownDescription": "Specifies a list of words that you expect to be used during a conversation with your bot.", - "title": "CustomVocabularyItems", - "type": "array" + "ContentExpression": { + "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", + "title": "ContentExpression", + "type": "string" + }, + "Type": { + "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", + "title": "Type", + "type": "string" } }, "required": [ - "CustomVocabularyItems" + "ContentExpression", + "Type" ], "type": "object" }, - "AWS::Lex::Bot.CustomVocabularyItem": { + "AWS::IoTEvents::AlarmModel.SimpleRule": { "additionalProperties": false, "properties": { - "DisplayAs": { - "markdownDescription": "The DisplayAs value for the custom vocabulary item from the custom vocabulary list.", - "title": "DisplayAs", + "ComparisonOperator": { + "markdownDescription": "The comparison operator.", + "title": "ComparisonOperator", "type": "string" }, - "Phrase": { - "markdownDescription": "Specifies 1 - 4 words that should be recognized.", - "title": "Phrase", + "InputProperty": { + "markdownDescription": "The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property.", + "title": "InputProperty", "type": "string" }, - "Weight": { - "markdownDescription": "Specifies the degree to which the phrase recognition is boosted. The default value is 1.", - "title": "Weight", - "type": "number" + "Threshold": { + "markdownDescription": "The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute.", + "title": "Threshold", + "type": "string" } }, "required": [ - "Phrase" + "ComparisonOperator", + "InputProperty", + "Threshold" ], "type": "object" }, - "AWS::Lex::Bot.DTMFSpecification": { + "AWS::IoTEvents::AlarmModel.Sns": { "additionalProperties": false, "properties": { - "DeletionCharacter": { - "markdownDescription": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.", - "title": "DeletionCharacter", - "type": "string" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", + "title": "Payload" }, - "EndCharacter": { - "markdownDescription": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.", - "title": "EndCharacter", + "TargetArn": { + "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", + "title": "TargetArn", "type": "string" - }, - "EndTimeoutMs": { - "markdownDescription": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.", - "title": "EndTimeoutMs", - "type": "number" - }, - "MaxLength": { - "markdownDescription": "The maximum number of DTMF digits allowed in an utterance.", - "title": "MaxLength", - "type": "number" } }, "required": [ - "DeletionCharacter", - "EndCharacter", - "EndTimeoutMs", - "MaxLength" + "TargetArn" ], "type": "object" }, - "AWS::Lex::Bot.DataPrivacy": { + "AWS::IoTEvents::AlarmModel.Sqs": { "additionalProperties": false, "properties": { - "ChildDirected": { - "markdownDescription": "For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) .", - "title": "ChildDirected", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", + "title": "Payload" + }, + "QueueUrl": { + "markdownDescription": "The URL of the SQS queue where the data is written.", + "title": "QueueUrl", + "type": "string" + }, + "UseBase64": { + "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", + "title": "UseBase64", "type": "boolean" } }, "required": [ - "ChildDirected" + "QueueUrl" ], "type": "object" }, - "AWS::Lex::Bot.DefaultConditionalBranch": { + "AWS::IoTEvents::DetectorModel": { "additionalProperties": false, "properties": { - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" + "Condition": { + "type": "string" }, - "Response": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "Response" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.DialogAction": { - "additionalProperties": false, - "properties": { - "SlotToElicit": { - "markdownDescription": "If the dialog action is `ElicitSlot` , defines the slot to elicit from the user.", - "title": "SlotToElicit", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SuppressNextMessage": { - "markdownDescription": "When true the next message for the intent is not used.", - "title": "SuppressNextMessage", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DetectorModelDefinition": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DetectorModelDefinition", + "markdownDescription": "Information that defines how a detector operates.", + "title": "DetectorModelDefinition" + }, + "DetectorModelDescription": { + "markdownDescription": "A brief description of the detector model.", + "title": "DetectorModelDescription", + "type": "string" + }, + "DetectorModelName": { + "markdownDescription": "The name of the detector model.", + "title": "DetectorModelName", + "type": "string" + }, + "EvaluationMethod": { + "markdownDescription": "Information about the order in which events are evaluated and how actions are executed.", + "title": "EvaluationMethod", + "type": "string" + }, + "Key": { + "markdownDescription": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value.", + "title": "Key", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to AWS IoT Events to perform its operations.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DetectorModelDefinition", + "RoleArn" + ], + "type": "object" }, "Type": { - "markdownDescription": "The action that the bot should execute.", - "title": "Type", + "enum": [ + "AWS::IoTEvents::DetectorModel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.DialogCodeHookInvocationSetting": { + "AWS::IoTEvents::DetectorModel.Action": { "additionalProperties": false, "properties": { - "EnableCodeHookInvocation": { - "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", - "title": "EnableCodeHookInvocation", - "type": "boolean" + "ClearTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ClearTimer", + "markdownDescription": "Information needed to clear the timer.", + "title": "ClearTimer" }, - "InvocationLabel": { - "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", - "title": "InvocationLabel", - "type": "string" + "DynamoDB": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDB", + "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", + "title": "DynamoDB" }, - "IsActive": { - "markdownDescription": "Determines whether a dialog code hook is used when the intent is activated.", - "title": "IsActive", - "type": "boolean" + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDBv2", + "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", + "title": "DynamoDBv2" }, - "PostCodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification", - "markdownDescription": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete.", - "title": "PostCodeHookSpecification" + "Firehose": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Firehose", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", + "title": "Firehose" + }, + "IotEvents": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotEvents", + "markdownDescription": "Sends AWS IoT Events input, which passes information about the detector model instance and the event that triggered the action.", + "title": "IotEvents" + }, + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotSiteWise", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an asset property in AWS IoT SiteWise .", + "title": "IotSiteWise" + }, + "IotTopicPublish": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotTopicPublish", + "markdownDescription": "Publishes an MQTT message with the given topic to the AWS IoT message broker.", + "title": "IotTopicPublish" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Lambda", + "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", + "title": "Lambda" + }, + "ResetTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ResetTimer", + "markdownDescription": "Information needed to reset the timer.", + "title": "ResetTimer" + }, + "SetTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetTimer", + "markdownDescription": "Information needed to set the timer.", + "title": "SetTimer" + }, + "SetVariable": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetVariable", + "markdownDescription": "Sets a variable to a specified value.", + "title": "SetVariable" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sns", + "markdownDescription": "Sends an Amazon SNS message.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sqs", + "markdownDescription": "Sends an Amazon SNS message.", + "title": "Sqs" } }, - "required": [ - "EnableCodeHookInvocation", - "IsActive", - "PostCodeHookSpecification" - ], "type": "object" }, - "AWS::Lex::Bot.DialogCodeHookSetting": { + "AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables the dialog code hook so that it processes user requests.", - "title": "Enabled", - "type": "boolean" + "OffsetInNanos": { + "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", + "title": "OffsetInNanos", + "type": "string" + }, + "TimeInSeconds": { + "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", + "title": "TimeInSeconds", + "type": "string" } }, "required": [ - "Enabled" + "TimeInSeconds" ], "type": "object" }, - "AWS::Lex::Bot.DialogState": { + "AWS::IoTEvents::DetectorModel.AssetPropertyValue": { "additionalProperties": false, "properties": { - "DialogAction": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogAction", - "markdownDescription": "Defines the action that the bot executes at runtime when the conversation reaches this step.", - "title": "DialogAction" + "Quality": { + "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", + "title": "Quality", + "type": "string" }, - "Intent": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentOverride", - "markdownDescription": "Override settings to configure the intent state.", - "title": "Intent" + "Timestamp": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp", + "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", + "title": "Timestamp" }, - "SessionAttributes": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SessionAttribute" - }, - "markdownDescription": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.", - "title": "SessionAttributes", - "type": "array" + "Value": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyVariant", + "markdownDescription": "The value to send to an asset property.", + "title": "Value" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::Lex::Bot.ElicitationCodeHookInvocationSetting": { + "AWS::IoTEvents::DetectorModel.AssetPropertyVariant": { "additionalProperties": false, "properties": { - "EnableCodeHookInvocation": { - "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", - "title": "EnableCodeHookInvocation", - "type": "boolean" + "BooleanValue": { + "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", + "title": "BooleanValue", + "type": "string" }, - "InvocationLabel": { - "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", - "title": "InvocationLabel", + "DoubleValue": { + "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", + "title": "DoubleValue", + "type": "string" + }, + "IntegerValue": { + "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", + "title": "IntegerValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", + "title": "StringValue", "type": "string" } }, - "required": [ - "EnableCodeHookInvocation" - ], "type": "object" }, - "AWS::Lex::Bot.ExternalSourceSetting": { + "AWS::IoTEvents::DetectorModel.ClearTimer": { "additionalProperties": false, "properties": { - "GrammarSlotTypeSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSetting", - "markdownDescription": "Settings required for a slot type based on a grammar that you provide.", - "title": "GrammarSlotTypeSetting" + "TimerName": { + "markdownDescription": "The name of the timer to clear.", + "title": "TimerName", + "type": "string" } }, + "required": [ + "TimerName" + ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentCodeHookSetting": { + "AWS::IoTEvents::DetectorModel.DetectorModelDefinition": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether a Lambda function should be invoked to fulfill a specific intent.", - "title": "Enabled", - "type": "boolean" - }, - "FulfillmentUpdatesSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdatesSpecification", - "markdownDescription": "Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations.", - "title": "FulfillmentUpdatesSpecification" - }, - "IsActive": { - "markdownDescription": "Determines whether the fulfillment code hook is used. When `active` is false, the code hook doesn't run.", - "title": "IsActive", - "type": "boolean" + "InitialStateName": { + "markdownDescription": "The state that is entered at the creation of each detector (instance).", + "title": "InitialStateName", + "type": "string" }, - "PostFulfillmentStatusSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PostFulfillmentStatusSpecification", - "markdownDescription": "Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations.", - "title": "PostFulfillmentStatusSpecification" + "States": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.State" + }, + "markdownDescription": "Information about the states of the detector.", + "title": "States", + "type": "array" } }, "required": [ - "Enabled" + "InitialStateName", + "States" ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentStartResponseSpecification": { + "AWS::IoTEvents::DetectorModel.DynamoDB": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Determines whether the user can interrupt the start message while it is playing.", - "title": "AllowInterrupt", - "type": "boolean" + "HashKeyField": { + "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", + "title": "HashKeyField", + "type": "string" }, - "DelayInSeconds": { - "markdownDescription": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.", - "title": "DelayInSeconds", - "type": "number" + "HashKeyType": { + "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", + "title": "HashKeyType", + "type": "string" }, - "MessageGroups": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user.", - "title": "MessageGroups", - "type": "array" + "HashKeyValue": { + "markdownDescription": "The value of the hash key (also called the partition key).", + "title": "HashKeyValue", + "type": "string" + }, + "Operation": { + "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", + "title": "Operation", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" + }, + "PayloadField": { + "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", + "title": "PayloadField", + "type": "string" + }, + "RangeKeyField": { + "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", + "title": "RangeKeyField", + "type": "string" + }, + "RangeKeyType": { + "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The value of the range key (also called the sort key).", + "title": "RangeKeyValue", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", + "title": "TableName", + "type": "string" } }, "required": [ - "DelayInSeconds", - "MessageGroups" + "HashKeyField", + "HashKeyValue", + "TableName" ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentUpdateResponseSpecification": { + "AWS::IoTEvents::DetectorModel.DynamoDBv2": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Determines whether the user can interrupt an update message while it is playing.", - "title": "AllowInterrupt", - "type": "boolean" - }, - "FrequencyInSeconds": { - "markdownDescription": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.", - "title": "FrequencyInSeconds", - "type": "number" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" }, - "MessageGroups": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.", - "title": "MessageGroups", - "type": "array" + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", + "type": "string" } }, "required": [ - "FrequencyInSeconds", - "MessageGroups" + "TableName" ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentUpdatesSpecification": { + "AWS::IoTEvents::DetectorModel.Event": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.\n\nIf the `active` field is set to true, the `startResponse` , `updateResponse` , and `timeoutInSeconds` fields are required.", - "title": "Active", - "type": "boolean" - }, - "StartResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentStartResponseSpecification", - "markdownDescription": "Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running.", - "title": "StartResponse" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" + }, + "markdownDescription": "The actions to be performed.", + "title": "Actions", + "type": "array" }, - "TimeoutInSeconds": { - "markdownDescription": "The length of time that the fulfillment Lambda function should run before it times out.", - "title": "TimeoutInSeconds", - "type": "number" + "Condition": { + "markdownDescription": "Optional. The Boolean expression that, when TRUE, causes the `actions` to be performed. If not present, the actions are performed (=TRUE). If the expression result is not a Boolean value, the actions are not performed (=FALSE).", + "title": "Condition", + "type": "string" }, - "UpdateResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdateResponseSpecification", - "markdownDescription": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running.", - "title": "UpdateResponse" + "EventName": { + "markdownDescription": "The name of the event.", + "title": "EventName", + "type": "string" } }, "required": [ - "Active" + "EventName" ], "type": "object" }, - "AWS::Lex::Bot.GrammarSlotTypeSetting": { + "AWS::IoTEvents::DetectorModel.Firehose": { "additionalProperties": false, "properties": { - "Source": { - "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSource", - "markdownDescription": "The source of the grammar used to create the slot type.", - "title": "Source" + "DeliveryStreamName": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", + "title": "DeliveryStreamName", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", + "title": "Payload" + }, + "Separator": { + "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", + "type": "string" } }, + "required": [ + "DeliveryStreamName" + ], "type": "object" }, - "AWS::Lex::Bot.GrammarSlotTypeSource": { + "AWS::IoTEvents::DetectorModel.IotEvents": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The AWS KMS key required to decrypt the contents of the grammar, if any.", - "title": "KmsKeyArn", - "type": "string" - }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the grammar source.", - "title": "S3BucketName", + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", + "title": "InputName", "type": "string" }, - "S3ObjectKey": { - "markdownDescription": "The path to the grammar in the Amazon S3 bucket.", - "title": "S3ObjectKey", - "type": "string" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", + "title": "Payload" } }, "required": [ - "S3BucketName", - "S3ObjectKey" + "InputName" ], "type": "object" }, - "AWS::Lex::Bot.ImageResponseCard": { + "AWS::IoTEvents::DetectorModel.IotSiteWise": { "additionalProperties": false, "properties": { - "Buttons": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Button" - }, - "markdownDescription": "A list of buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button.", - "title": "Buttons", - "type": "array" + "AssetId": { + "markdownDescription": "The ID of the asset that has the specified property.", + "title": "AssetId", + "type": "string" }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.", - "title": "ImageUrl", + "EntryId": { + "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", + "title": "EntryId", "type": "string" }, - "Subtitle": { - "markdownDescription": "The subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.", - "title": "Subtitle", + "PropertyAlias": { + "markdownDescription": "The alias of the asset property.", + "title": "PropertyAlias", "type": "string" }, - "Title": { - "markdownDescription": "The title to display on the response card. The format of the title is determined by the platform displaying the response card.", - "title": "Title", + "PropertyId": { + "markdownDescription": "The ID of the asset property.", + "title": "PropertyId", "type": "string" + }, + "PropertyValue": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyValue", + "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", + "title": "PropertyValue" } }, "required": [ - "Title" + "PropertyValue" ], "type": "object" }, - "AWS::Lex::Bot.InitialResponseSetting": { + "AWS::IoTEvents::DetectorModel.IotTopicPublish": { "additionalProperties": false, "properties": { - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.", - "title": "CodeHook" - }, - "Conditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", - "title": "Conditional" - }, - "InitialResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "InitialResponse" + "MqttTopic": { + "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", + "title": "MqttTopic", + "type": "string" }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", + "title": "Payload" } }, + "required": [ + "MqttTopic" + ], "type": "object" }, - "AWS::Lex::Bot.InputContext": { + "AWS::IoTEvents::DetectorModel.Lambda": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the context.", - "title": "Name", + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function that is executed.", + "title": "FunctionArn", "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", + "title": "Payload" } }, "required": [ - "Name" + "FunctionArn" ], "type": "object" }, - "AWS::Lex::Bot.Intent": { + "AWS::IoTEvents::DetectorModel.OnEnter": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the intent. Use the description to help identify the intent in lists.", - "title": "Description", - "type": "string" - }, - "DialogCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookSetting", - "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction.", - "title": "DialogCodeHook" - }, - "FulfillmentCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentCodeHookSetting", - "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user.", - "title": "FulfillmentCodeHook" - }, - "InitialResponseSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.InitialResponseSetting", - "markdownDescription": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.", - "title": "InitialResponseSetting" - }, - "InputContexts": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.InputContext" - }, - "markdownDescription": "A list of contexts that must be active for this intent to be considered by Amazon Lex .", - "title": "InputContexts", - "type": "array" - }, - "IntentClosingSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentClosingSetting", - "markdownDescription": "Sets the response that Amazon Lex sends to the user when the intent is closed.", - "title": "IntentClosingSetting" - }, - "IntentConfirmationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentConfirmationSetting", - "markdownDescription": "Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers \"no,\" the settings contain a statement that is sent to the user to end the intent.", - "title": "IntentConfirmationSetting" - }, - "KendraConfiguration": { - "$ref": "#/definitions/AWS::Lex::Bot.KendraConfiguration", - "markdownDescription": "Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance.", - "title": "KendraConfiguration" - }, - "Name": { - "markdownDescription": "The name of the intent. Intent names must be unique within the locale that contains the intent and can't match the name of any built-in intent.", - "title": "Name", - "type": "string" - }, - "OutputContexts": { + "Events": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.OutputContext" + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" }, - "markdownDescription": "A list of contexts that the intent activates when it is fulfilled.", - "title": "OutputContexts", + "markdownDescription": "Specifies the actions that are performed when the state is entered and the `condition` is `TRUE` .", + "title": "Events", "type": "array" - }, - "ParentIntentSignature": { - "markdownDescription": "A unique identifier for the built-in intent to base this intent on.", - "title": "ParentIntentSignature", - "type": "string" - }, - "SampleUtterances": { + } + }, + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.OnExit": { + "additionalProperties": false, + "properties": { + "Events": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" }, - "markdownDescription": "A list of utterances that a user might say to signal the intent.", - "title": "SampleUtterances", + "markdownDescription": "Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE` .", + "title": "Events", "type": "array" - }, - "SlotPriorities": { + } + }, + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.OnInput": { + "additionalProperties": false, + "properties": { + "Events": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotPriority" + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" }, - "markdownDescription": "Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order.", - "title": "SlotPriorities", + "markdownDescription": "Specifies the actions performed when the `condition` evaluates to TRUE.", + "title": "Events", "type": "array" }, - "Slots": { + "TransitionEvents": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Slot" + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.TransitionEvent" }, - "markdownDescription": "A list of slots that the intent requires for fulfillment.", - "title": "Slots", + "markdownDescription": "Specifies the actions performed, and the next state entered, when a `condition` evaluates to TRUE.", + "title": "TransitionEvents", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::Lex::Bot.IntentClosingSetting": { + "AWS::IoTEvents::DetectorModel.Payload": { "additionalProperties": false, "properties": { - "ClosingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to the user when the intent is complete.", - "title": "ClosingResponse" - }, - "Conditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches associated with the intent's closing response. These branches are executed when the `nextStep` attribute is set to `EvalutateConditional` .", - "title": "Conditional" - }, - "IsActive": { - "markdownDescription": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", - "type": "boolean" + "ContentExpression": { + "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", + "title": "ContentExpression", + "type": "string" }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes after playing the intent's closing response.", - "title": "NextStep" + "Type": { + "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", + "title": "Type", + "type": "string" } }, + "required": [ + "ContentExpression", + "Type" + ], "type": "object" }, - "AWS::Lex::Bot.IntentConfirmationSetting": { + "AWS::IoTEvents::DetectorModel.ResetTimer": { "additionalProperties": false, "properties": { - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "The `DialogCodeHookInvocationSetting` object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `InvokeDialogCodeHook` .", - "title": "CodeHook" - }, - "ConfirmationConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the intent is closed.", - "title": "ConfirmationConditional" - }, - "ConfirmationNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes when the customer confirms the intent.", - "title": "ConfirmationNextStep" - }, - "ConfirmationResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "ConfirmationResponse" - }, - "DeclinationConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the intent is declined.", - "title": "DeclinationConditional" - }, - "DeclinationNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes when the customer declines the intent.", - "title": "DeclinationNextStep" - }, - "DeclinationResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "When the user answers \"no\" to the question defined in `promptSpecification` , Amazon Lex responds with this response to acknowledge that the intent was canceled.", - "title": "DeclinationResponse" - }, - "ElicitationCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", - "markdownDescription": "The `DialogCodeHookInvocationSetting` used when the code hook is invoked during confirmation prompt retries.", - "title": "ElicitationCodeHook" - }, - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step to take in the conversation if the confirmation step fails.", - "title": "FailureNextStep" - }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the intent confirmation fails.", - "title": "FailureResponse" - }, - "IsActive": { - "markdownDescription": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", - "type": "boolean" - }, - "PromptSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", - "markdownDescription": "Prompts the user to confirm the intent. This question should have a yes or no answer.\n\nAmazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. For example, with the `OrderPizza` intent, you might want to confirm that the order is correct before placing it. For other intents, such as intents that simply respond to user questions, you might not need to ask the user for confirmation before providing the information.", - "title": "PromptSpecification" + "TimerName": { + "markdownDescription": "The name of the timer to reset.", + "title": "TimerName", + "type": "string" } }, "required": [ - "PromptSpecification" + "TimerName" ], "type": "object" }, - "AWS::Lex::Bot.IntentOverride": { + "AWS::IoTEvents::DetectorModel.SetTimer": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the intent. Only required when you're switching intents.", - "title": "Name", + "DurationExpression": { + "markdownDescription": "The duration of the timer, in seconds. You can use a string expression that includes numbers, variables ( `$variable.` ), and input values ( `$input..` ) as the duration. The range of the duration is 1-31622400 seconds. To ensure accuracy, the minimum duration is 60 seconds. The evaluated result of the duration is rounded down to the nearest whole number.", + "title": "DurationExpression", "type": "string" }, - "Slots": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverrideMap" - }, - "markdownDescription": "A map of all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden.", - "title": "Slots", - "type": "array" + "Seconds": { + "markdownDescription": "The number of seconds until the timer expires. The minimum value is 60 seconds to ensure accuracy. The maximum value is 31622400 seconds.", + "title": "Seconds", + "type": "number" + }, + "TimerName": { + "markdownDescription": "The name of the timer.", + "title": "TimerName", + "type": "string" } }, + "required": [ + "TimerName" + ], "type": "object" }, - "AWS::Lex::Bot.KendraConfiguration": { + "AWS::IoTEvents::DetectorModel.SetVariable": { "additionalProperties": false, "properties": { - "KendraIndex": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot.", - "title": "KendraIndex", + "Value": { + "markdownDescription": "The new value of the variable.", + "title": "Value", "type": "string" }, - "QueryFilterString": { - "markdownDescription": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) .", - "title": "QueryFilterString", + "VariableName": { + "markdownDescription": "The name of the variable.", + "title": "VariableName", "type": "string" - }, - "QueryFilterStringEnabled": { - "markdownDescription": "Determines whether the `AMAZON.KendraSearchIntent` intent uses a custom query string to query the Amazon Kendra index.", - "title": "QueryFilterStringEnabled", - "type": "boolean" } }, "required": [ - "KendraIndex" + "Value", + "VariableName" ], "type": "object" }, - "AWS::Lex::Bot.LambdaCodeHook": { + "AWS::IoTEvents::DetectorModel.Sns": { "additionalProperties": false, "properties": { - "CodeHookInterfaceVersion": { - "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", - "title": "CodeHookInterfaceVersion", - "type": "string" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", + "title": "Payload" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", - "title": "LambdaArn", + "TargetArn": { + "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", + "title": "TargetArn", "type": "string" } }, "required": [ - "CodeHookInterfaceVersion", - "LambdaArn" + "TargetArn" ], "type": "object" }, - "AWS::Lex::Bot.Message": { + "AWS::IoTEvents::DetectorModel.Sqs": { "additionalProperties": false, "properties": { - "CustomPayload": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomPayload", - "markdownDescription": "A message in a custom format defined by the client application.", - "title": "CustomPayload" - }, - "ImageResponseCard": { - "$ref": "#/definitions/AWS::Lex::Bot.ImageResponseCard", - "markdownDescription": "A message that defines a response card that the client application can show to the user.", - "title": "ImageResponseCard" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", + "title": "Payload" }, - "PlainTextMessage": { - "$ref": "#/definitions/AWS::Lex::Bot.PlainTextMessage", - "markdownDescription": "A message in plain text format.", - "title": "PlainTextMessage" + "QueueUrl": { + "markdownDescription": "The URL of the SQS queue where the data is written.", + "title": "QueueUrl", + "type": "string" }, - "SSMLMessage": { - "$ref": "#/definitions/AWS::Lex::Bot.SSMLMessage", - "markdownDescription": "A message in Speech Synthesis Markup Language (SSML).", - "title": "SSMLMessage" + "UseBase64": { + "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", + "title": "UseBase64", + "type": "boolean" } }, + "required": [ + "QueueUrl" + ], "type": "object" }, - "AWS::Lex::Bot.MessageGroup": { + "AWS::IoTEvents::DetectorModel.State": { "additionalProperties": false, "properties": { - "Message": { - "$ref": "#/definitions/AWS::Lex::Bot.Message", - "markdownDescription": "The primary message that Amazon Lex should send to the user.", - "title": "Message" + "OnEnter": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnEnter", + "markdownDescription": "When entering this state, perform these `actions` if the `condition` is TRUE.", + "title": "OnEnter" }, - "Variations": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Message" - }, - "markdownDescription": "Message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user.", - "title": "Variations", - "type": "array" + "OnExit": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnExit", + "markdownDescription": "When exiting this state, perform these `actions` if the specified `condition` is `TRUE` .", + "title": "OnExit" + }, + "OnInput": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnInput", + "markdownDescription": "When an input is received and the `condition` is TRUE, perform the specified `actions` .", + "title": "OnInput" + }, + "StateName": { + "markdownDescription": "The name of the state.", + "title": "StateName", + "type": "string" } }, "required": [ - "Message" + "StateName" ], "type": "object" }, - "AWS::Lex::Bot.MultipleValuesSetting": { - "additionalProperties": false, - "properties": { - "AllowMultipleValues": { - "markdownDescription": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` .", - "title": "AllowMultipleValues", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.ObfuscationSetting": { + "AWS::IoTEvents::DetectorModel.TransitionEvent": { "additionalProperties": false, "properties": { - "ObfuscationSettingType": { - "markdownDescription": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.", - "title": "ObfuscationSettingType", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" + }, + "markdownDescription": "The actions to be performed.", + "title": "Actions", + "type": "array" + }, + "Condition": { + "markdownDescription": "Required. A Boolean expression that when TRUE causes the actions to be performed and the `nextState` to be entered.", + "title": "Condition", + "type": "string" + }, + "EventName": { + "markdownDescription": "The name of the transition event.", + "title": "EventName", + "type": "string" + }, + "NextState": { + "markdownDescription": "The next state to enter.", + "title": "NextState", "type": "string" } }, "required": [ - "ObfuscationSettingType" + "Condition", + "EventName", + "NextState" ], "type": "object" }, - "AWS::Lex::Bot.OutputContext": { + "AWS::IoTEvents::Input": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the output context.", - "title": "Name", + "Condition": { "type": "string" }, - "TimeToLiveInSeconds": { - "markdownDescription": "The amount of time, in seconds, that the output context should remain active. The time is figured from the first time the context is sent to the user.", - "title": "TimeToLiveInSeconds", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TurnsToLive": { - "markdownDescription": "The number of conversation turns that the output context should remain active. The number of turns is counted from the first time that the context is sent to the user.", - "title": "TurnsToLive", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InputDefinition": { + "$ref": "#/definitions/AWS::IoTEvents::Input.InputDefinition", + "markdownDescription": "The definition of the input.", + "title": "InputDefinition" + }, + "InputDescription": { + "markdownDescription": "A brief description of the input.", + "title": "InputDescription", + "type": "string" + }, + "InputName": { + "markdownDescription": "The name of the input.", + "title": "InputName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "InputDefinition" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTEvents::Input" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "TimeToLiveInSeconds", - "TurnsToLive" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.PlainTextMessage": { + "AWS::IoTEvents::Input.Attribute": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The message to send to the user.", - "title": "Value", + "JsonPath": { + "markdownDescription": "An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events ( `BatchPutMessage` ). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors.\n\nSyntax: `....`", + "title": "JsonPath", "type": "string" } }, "required": [ - "Value" + "JsonPath" ], "type": "object" }, - "AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification": { + "AWS::IoTEvents::Input.InputDefinition": { "additionalProperties": false, "properties": { - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureNextStep" - }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the code hook fails.", - "title": "FailureResponse" - }, - "SuccessConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook finishes successfully.", - "title": "SuccessConditional" - }, - "SuccessNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifics the next step the bot runs after the dialog code hook finishes successfully.", - "title": "SuccessNextStep" - }, - "SuccessResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the code hook succeeds.", - "title": "SuccessResponse" - }, - "TimeoutConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate if the code hook times out.", - "title": "TimeoutConditional" - }, - "TimeoutNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the code hook times out.", - "title": "TimeoutNextStep" - }, - "TimeoutResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond to the user input when the code hook times out.", - "title": "TimeoutResponse" + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::Input.Attribute" + }, + "markdownDescription": "The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage` . Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input.", + "title": "Attributes", + "type": "array" } }, + "required": [ + "Attributes" + ], "type": "object" }, - "AWS::Lex::Bot.PostFulfillmentStatusSpecification": { + "AWS::IoTFleetHub::Application": { "additionalProperties": false, "properties": { - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureNextStep" - }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't successful.", - "title": "FailureResponse" - }, - "SuccessConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully.", - "title": "SuccessConditional" - }, - "SuccessNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully.", - "title": "SuccessNextStep" - }, - "SuccessResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the fulfillment is successful.", - "title": "SuccessResponse" + "Condition": { + "type": "string" }, - "TimeoutConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate if the fulfillment code hook times out.", - "title": "TimeoutConditional" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TimeoutNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the fulfillment code hook times out.", - "title": "TimeoutNextStep" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TimeoutResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't completed within the timeout period.", - "title": "TimeoutResponse" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.PromptAttemptSpecification": { - "additionalProperties": false, - "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech prompt attempt from the bot.", - "title": "AllowInterrupt", - "type": "boolean" + "Metadata": { + "type": "object" }, - "AllowedInputTypes": { - "$ref": "#/definitions/AWS::Lex::Bot.AllowedInputTypes", - "markdownDescription": "Indicates the allowed input types of the prompt attempt.", - "title": "AllowedInputTypes" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationDescription": { + "markdownDescription": "An optional description of the web application.", + "title": "ApplicationDescription", + "type": "string" + }, + "ApplicationName": { + "markdownDescription": "The name of the web application.", + "title": "ApplicationName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core .\n\n> The name of the role must be in the form `FleetHub_random_string` . \n\nPattern: `^arn:[!-~]+$`", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of key/value pairs that you can use to manage the web application resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ApplicationName", + "RoleArn" + ], + "type": "object" }, - "AudioAndDTMFInputSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioAndDTMFInputSpecification", - "markdownDescription": "Specifies the settings on audio and DTMF input.", - "title": "AudioAndDTMFInputSpecification" + "Type": { + "enum": [ + "AWS::IoTFleetHub::Application" + ], + "type": "string" }, - "TextInputSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.TextInputSpecification", - "markdownDescription": "Specifies the settings on text input.", - "title": "TextInputSpecification" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "AllowedInputTypes" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.PromptSpecification": { + "AWS::IoTFleetWise::Campaign": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech prompt from the bot.", - "title": "AllowInterrupt", - "type": "boolean" + "Condition": { + "type": "string" }, - "MaxRetries": { - "markdownDescription": "The maximum number of times the bot tries to elicit a response from the user using this prompt.", - "title": "MaxRetries", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime.", - "title": "MessageGroupsList", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MessageSelectionStrategy": { - "markdownDescription": "Indicates how a message is selected from a message group among retries.", - "title": "MessageSelectionStrategy", - "type": "string" + "Metadata": { + "type": "object" }, - "PromptAttemptsSpecification": { + "Properties": { "additionalProperties": false, - "markdownDescription": "Specifies the advanced settings on each attempt of the prompt.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptAttemptSpecification" + "properties": { + "Action": { + "markdownDescription": "Specifies how to update a campaign. The action can be one of the following:\n\n- `APPROVE` - To approve delivering a data collection scheme to vehicles.\n- `SUSPEND` - To suspend collecting signal data. The campaign is deleted from vehicles and all vehicles in the suspended campaign will stop sending data.\n- `RESUME` - To reactivate the `SUSPEND` campaign. The campaign is redeployed to all vehicles and the vehicles will resume sending data.\n- `UPDATE` - To update a campaign.", + "title": "Action", + "type": "string" + }, + "CollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.CollectionScheme", + "markdownDescription": "The data collection scheme associated with the campaign. You can specify a scheme that collects data based on time or an event.", + "title": "CollectionScheme" + }, + "Compression": { + "markdownDescription": "Whether to compress signals before transmitting data to AWS IoT FleetWise . If you don't want to compress the signals, use `OFF` . If it's not specified, `SNAPPY` is used.\n\nDefault: `SNAPPY`", + "title": "Compression", + "type": "string" + }, + "DataDestinationConfigs": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataDestinationConfig" + }, + "markdownDescription": "The destination where the campaign sends data. You can choose to send data to be stored in Amazon S3 or Amazon Timestream .\n\nAmazon S3 optimizes the cost of data storage and provides additional mechanisms to use vehicle data, such as data lakes, centralized data storage, data processing pipelines, and analytics. AWS IoT FleetWise supports at-least-once file delivery to S3. Your vehicle data is stored on multiple AWS IoT FleetWise servers for redundancy and high availability.\n\nYou can use Amazon Timestream to access and analyze time series data, and Timestream to query vehicle data so that you can identify trends and patterns.", + "title": "DataDestinationConfigs", + "type": "array" + }, + "DataExtraDimensions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of vehicle attributes to associate with a campaign.\n\nEnrich the data with specified vehicle attributes. For example, add `make` and `model` to the campaign, and AWS IoT FleetWise will associate the data with those attributes as dimensions in Amazon Timestream . You can then query the data against `make` and `model` .\n\nDefault: An empty array", + "title": "DataExtraDimensions", + "type": "array" + }, + "DataPartitions": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartition" + }, + "markdownDescription": "The data partitions associated with the signals collected from the vehicle.", + "title": "DataPartitions", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the campaign.", + "title": "Description", + "type": "string" + }, + "DiagnosticsMode": { + "markdownDescription": "Option for a vehicle to send diagnostic trouble codes to AWS IoT FleetWise . If you want to send diagnostic trouble codes, use `SEND_ACTIVE_DTCS` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", + "title": "DiagnosticsMode", + "type": "string" + }, + "ExpiryTime": { + "markdownDescription": "The time the campaign expires, in seconds since epoch (January 1, 1970 at midnight UTC time). Vehicle data isn't collected after the campaign expires.\n\nDefault: 253402214400 (December 31, 9999, 00:00:00 UTC)", + "title": "ExpiryTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a campaign.", + "title": "Name", + "type": "string" + }, + "PostTriggerCollectionDuration": { + "markdownDescription": "How long (in milliseconds) to collect raw data after a triggering event initiates the collection. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "PostTriggerCollectionDuration", + "type": "number" + }, + "Priority": { + "markdownDescription": "A number indicating the priority of one campaign over another campaign for a certain vehicle or fleet. A campaign with the lowest value is deployed to vehicles before any other campaigns. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "Priority", + "type": "number" + }, + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the campaign.", + "title": "SignalCatalogArn", + "type": "string" + }, + "SignalsToCollect": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalInformation" + }, + "markdownDescription": "A list of information about signals to collect.", + "title": "SignalsToCollect", + "type": "array" + }, + "SignalsToFetch": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalFetchInformation" + }, + "markdownDescription": "A list of information about signals to fetch.", + "title": "SignalsToFetch", + "type": "array" + }, + "SpoolingMode": { + "markdownDescription": "Whether to store collected data after a vehicle lost a connection with the cloud. After a connection is re-established, the data is automatically forwarded to AWS IoT FleetWise . If you want to store collected data when a vehicle loses connection with the cloud, use `TO_DISK` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", + "title": "SpoolingMode", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The time, in milliseconds, to deliver a campaign after it was approved. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "StartTime", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the campaign.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle or fleet to which the campaign is deployed.", + "title": "TargetArn", + "type": "string" } }, - "title": "PromptAttemptsSpecification", + "required": [ + "CollectionScheme", + "Name", + "SignalCatalogArn", + "TargetArn" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTFleetWise::Campaign" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "MaxRetries", - "MessageGroupsList" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.ResponseSpecification": { + "AWS::IoTFleetWise::Campaign.CollectionScheme": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech response from Amazon Lex.", - "title": "AllowInterrupt", - "type": "boolean" + "ConditionBasedCollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme", + "markdownDescription": "Information about a collection scheme that uses a simple logical expression to recognize what data to collect.", + "title": "ConditionBasedCollectionScheme" }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime.", - "title": "MessageGroupsList", - "type": "array" + "TimeBasedCollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme", + "markdownDescription": "Information about a collection scheme that uses a time period to decide how often to collect data.", + "title": "TimeBasedCollectionScheme" } }, - "required": [ - "MessageGroupsList" - ], "type": "object" }, - "AWS::Lex::Bot.S3BucketLogDestination": { + "AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", - "title": "KmsKeyArn", - "type": "string" + "ConditionLanguageVersion": { + "markdownDescription": "Specifies the version of the conditional expression language.", + "title": "ConditionLanguageVersion", + "type": "number" }, - "LogPrefix": { - "markdownDescription": "The S3 prefix to assign to audio log files.", - "title": "LogPrefix", + "Expression": { + "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.Vehicle.OutsideAirTemperature >= 105.0` .", + "title": "Expression", "type": "string" }, - "S3BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", - "title": "S3BucketArn", + "MinimumTriggerIntervalMs": { + "markdownDescription": "The minimum duration of time between two triggering events to collect data, in milliseconds.\n\n> If a signal changes often, you might want to collect data at a slower rate.", + "title": "MinimumTriggerIntervalMs", + "type": "number" + }, + "TriggerMode": { + "markdownDescription": "Whether to collect data for all triggering events ( `ALWAYS` ). Specify ( `RISING_EDGE` ), or specify only when the condition first evaluates to false. For example, triggering on \"AirbagDeployed\"; Users aren't interested on triggering when the airbag is already exploded; they only care about the change from not deployed => deployed.", + "title": "TriggerMode", "type": "string" } }, "required": [ - "LogPrefix", - "S3BucketArn" + "Expression" ], "type": "object" }, - "AWS::Lex::Bot.S3Location": { + "AWS::IoTFleetWise::Campaign.ConditionBasedSignalFetchConfig": { "additionalProperties": false, "properties": { - "S3Bucket": { - "markdownDescription": "The S3 bucket name.", - "title": "S3Bucket", - "type": "string" - }, - "S3ObjectKey": { - "markdownDescription": "The path and file name to the object in the S3 bucket.", - "title": "S3ObjectKey", + "ConditionExpression": { + "markdownDescription": "The condition that must be satisfied to trigger a signal fetch.", + "title": "ConditionExpression", "type": "string" }, - "S3ObjectVersion": { - "markdownDescription": "The version of the object in the S3 bucket.", - "title": "S3ObjectVersion", + "TriggerMode": { + "markdownDescription": "Indicates the mode in which the signal fetch is triggered.", + "title": "TriggerMode", "type": "string" } }, "required": [ - "S3Bucket", - "S3ObjectKey" + "ConditionExpression", + "TriggerMode" ], "type": "object" }, - "AWS::Lex::Bot.SSMLMessage": { + "AWS::IoTFleetWise::Campaign.DataDestinationConfig": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The SSML text that defines the prompt.", - "title": "Value", - "type": "string" + "MqttTopicConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.MqttTopicConfig", + "markdownDescription": "The MQTT topic to which the AWS IoT FleetWise campaign routes data.\n\n> Access to certain AWS IoT FleetWise features is currently gated. For more information, see [AWS Region and feature availability](https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/fleetwise-regions.html) in the *AWS IoT FleetWise Developer Guide* .", + "title": "MqttTopicConfig" + }, + "S3Config": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.S3Config", + "markdownDescription": "The Amazon S3 bucket where the AWS IoT FleetWise campaign sends data.", + "title": "S3Config" + }, + "TimestreamConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimestreamConfig", + "markdownDescription": "The Amazon Timestream table where the campaign sends data.", + "title": "TimestreamConfig" } }, - "required": [ - "Value" - ], "type": "object" }, - "AWS::Lex::Bot.SampleUtterance": { + "AWS::IoTFleetWise::Campaign.DataPartition": { "additionalProperties": false, "properties": { - "Utterance": { - "markdownDescription": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.", - "title": "Utterance", + "Id": { + "markdownDescription": "The ID of the data partition. The data partition ID must be unique within a campaign. You can establish a data partition as the default partition for a campaign by using `default` as the ID.", + "title": "Id", "type": "string" + }, + "StorageOptions": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartitionStorageOptions", + "markdownDescription": "The storage options for a data partition.", + "title": "StorageOptions" + }, + "UploadOptions": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartitionUploadOptions", + "markdownDescription": "The upload options for the data partition.", + "title": "UploadOptions" } }, "required": [ - "Utterance" + "Id", + "StorageOptions" ], "type": "object" }, - "AWS::Lex::Bot.SampleValue": { + "AWS::IoTFleetWise::Campaign.DataPartitionStorageOptions": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value that can be used for a slot type.", - "title": "Value", + "MaximumSize": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.StorageMaximumSize", + "markdownDescription": "The maximum storage size of the data stored in the data partition.\n\n> Newer data overwrites older data when the partition reaches the maximum size.", + "title": "MaximumSize" + }, + "MinimumTimeToLive": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.StorageMinimumTimeToLive", + "markdownDescription": "The amount of time that data in this partition will be kept on disk.\n\n- After the designated amount of time passes, the data can be removed, but it's not guaranteed to be removed.\n- Before the time expires, data in this partition can still be deleted if the partition reaches its configured maximum size.\n- Newer data will overwrite older data when the partition reaches the maximum size.", + "title": "MinimumTimeToLive" + }, + "StorageLocation": { + "markdownDescription": "The folder name for the data partition under the campaign storage folder.", + "title": "StorageLocation", "type": "string" } }, "required": [ - "Value" + "MaximumSize", + "MinimumTimeToLive", + "StorageLocation" ], "type": "object" }, - "AWS::Lex::Bot.SentimentAnalysisSettings": { + "AWS::IoTFleetWise::Campaign.DataPartitionUploadOptions": { "additionalProperties": false, "properties": { - "DetectSentiment": { - "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", - "title": "DetectSentiment", - "type": "boolean" + "ConditionLanguageVersion": { + "markdownDescription": "The version of the condition language. Defaults to the most recent condition language version.", + "title": "ConditionLanguageVersion", + "type": "number" + }, + "Expression": { + "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.`Vehicle.OutsideAirTemperature` >= 105.0` .", + "title": "Expression", + "type": "string" } }, "required": [ - "DetectSentiment" + "Expression" ], "type": "object" }, - "AWS::Lex::Bot.SessionAttribute": { + "AWS::IoTFleetWise::Campaign.MqttTopicConfig": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the session attribute.", - "title": "Key", + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT FleetWise permission to access and act on messages sent to the MQTT topic.", + "title": "ExecutionRoleArn", "type": "string" }, - "Value": { - "markdownDescription": "The session-specific context information for the session attribute.", - "title": "Value", + "MqttTopicArn": { + "markdownDescription": "The ARN of the MQTT topic.", + "title": "MqttTopicArn", "type": "string" } }, "required": [ - "Key" + "ExecutionRoleArn", + "MqttTopicArn" ], "type": "object" }, - "AWS::Lex::Bot.Slot": { + "AWS::IoTFleetWise::Campaign.S3Config": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the slot.", - "title": "Description", + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket.", + "title": "BucketArn", "type": "string" }, - "MultipleValuesSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.MultipleValuesSetting", - "markdownDescription": "Indicates whether a slot can return multiple values.", - "title": "MultipleValuesSetting" - }, - "Name": { - "markdownDescription": "The name given to the slot.", - "title": "Name", + "DataFormat": { + "markdownDescription": "Specify the format that files are saved in the Amazon S3 bucket. You can save files in an Apache Parquet or JSON format.\n\n- Parquet - Store data in a columnar storage file format. Parquet is optimal for fast data retrieval and can reduce costs. This option is selected by default.\n- JSON - Store data in a standard text-based JSON file format.", + "title": "DataFormat", "type": "string" }, - "ObfuscationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.ObfuscationSetting", - "markdownDescription": "Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs.", - "title": "ObfuscationSetting" - }, - "SlotTypeName": { - "markdownDescription": "The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot.", - "title": "SlotTypeName", + "Prefix": { + "markdownDescription": "Enter an S3 bucket prefix. The prefix is the string of characters after the bucket name and before the object name. You can use the prefix to organize data stored in Amazon S3 buckets. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .\n\nBy default, AWS IoT FleetWise sets the prefix `processed-data/year=YY/month=MM/date=DD/hour=HH/` (in UTC) to data it delivers to Amazon S3 . You can enter a prefix to append it to this default prefix. For example, if you enter the prefix `vehicles` , the prefix will be `vehicles/processed-data/year=YY/month=MM/date=DD/hour=HH/` .", + "title": "Prefix", "type": "string" }, - "ValueElicitationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueElicitationSetting", - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value.\n- TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ValueElicitationSetting" + "StorageCompressionFormat": { + "markdownDescription": "By default, stored data is compressed as a .gzip file. Compressed files have a reduced file size, which can optimize the cost of data storage.", + "title": "StorageCompressionFormat", + "type": "string" } }, "required": [ - "Name", - "SlotTypeName", - "ValueElicitationSetting" + "BucketArn" ], "type": "object" }, - "AWS::Lex::Bot.SlotCaptureSetting": { + "AWS::IoTFleetWise::Campaign.SignalFetchConfig": { "additionalProperties": false, "properties": { - "CaptureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the slot value is captured.", - "title": "CaptureConditional" - }, - "CaptureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out.", - "title": "CaptureNextStep" - }, - "CaptureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "CaptureResponse" - }, - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "Code hook called after Amazon Lex successfully captures a slot value.", - "title": "CodeHook" - }, - "ElicitationCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", - "markdownDescription": "Code hook called when Amazon Lex doesn't capture a slot value.", - "title": "ElicitationCodeHook" - }, - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate when the slot value isn't captured.", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the slot value code is not recognized.", - "title": "FailureNextStep" + "ConditionBased": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedSignalFetchConfig", + "markdownDescription": "The configuration of a condition-based signal fetch operation.", + "title": "ConditionBased" }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the slot fails to be captured.", - "title": "FailureResponse" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value to use when a user doesn't provide a value for a slot.", - "title": "DefaultValue", - "type": "string" + "TimeBased": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedSignalFetchConfig", + "markdownDescription": "The configuration of a time-based signal fetch operation.", + "title": "TimeBased" } }, - "required": [ - "DefaultValue" - ], "type": "object" }, - "AWS::Lex::Bot.SlotDefaultValueSpecification": { + "AWS::IoTFleetWise::Campaign.SignalFetchInformation": { "additionalProperties": false, "properties": { - "DefaultValueList": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValue" + "type": "string" }, - "markdownDescription": "A list of default values. Amazon Lex chooses the default value to use in the order that they are presented in the list.", - "title": "DefaultValueList", + "markdownDescription": "The actions to be performed by the signal fetch.", + "title": "Actions", "type": "array" - } - }, - "required": [ - "DefaultValueList" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotPriority": { - "additionalProperties": false, - "properties": { - "Priority": { - "markdownDescription": "The priority that Amazon Lex should apply to the slot.", - "title": "Priority", + }, + "ConditionLanguageVersion": { + "markdownDescription": "The version of the condition language used.", + "title": "ConditionLanguageVersion", "type": "number" }, - "SlotName": { - "markdownDescription": "The name of the slot.", - "title": "SlotName", + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the signal to be fetched.", + "title": "FullyQualifiedName", "type": "string" + }, + "SignalFetchConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalFetchConfig", + "markdownDescription": "The configuration of the signal fetch operation.", + "title": "SignalFetchConfig" } }, "required": [ - "Priority", - "SlotName" + "Actions", + "FullyQualifiedName", + "SignalFetchConfig" ], "type": "object" }, - "AWS::Lex::Bot.SlotType": { + "AWS::IoTFleetWise::Campaign.SignalInformation": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the slot type. Use the description to help identify the slot type in lists.", - "title": "Description", + "DataPartitionId": { + "markdownDescription": "The ID of the data partition this signal is associated with.\n\nThe ID must match one of the IDs provided in `dataPartitions` . This is accomplished either by specifying a particular data partition ID or by using `default` for an established default partition. You can establish a default partition in the `DataPartition` data type.\n\n> If you upload a signal as a condition for a campaign's data partition, the same signal must be included in `signalsToCollect` . > Access to certain AWS IoT FleetWise features is currently gated. For more information, see [AWS Region and feature availability](https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/fleetwise-regions.html) in the *AWS IoT FleetWise Developer Guide* .", + "title": "DataPartitionId", "type": "string" }, - "ExternalSourceSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.ExternalSourceSetting", - "markdownDescription": "Sets the type of external information used to create the slot type.", - "title": "ExternalSourceSetting" + "MaxSampleCount": { + "markdownDescription": "The maximum number of samples to collect.", + "title": "MaxSampleCount", + "type": "number" + }, + "MinimumSamplingIntervalMs": { + "markdownDescription": "The minimum duration of time (in milliseconds) between two triggering events to collect data.\n\n> If a signal changes often, you might want to collect data at a slower rate.", + "title": "MinimumSamplingIntervalMs", + "type": "number" }, "Name": { - "markdownDescription": "The name of the slot type. A slot type name must be unique withing the account.", + "markdownDescription": "The name of the signal.", "title": "Name", "type": "string" - }, - "ParentSlotTypeSignature": { - "markdownDescription": "The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type.\n\nOnly `AMAZON.AlphaNumeric` is supported.", - "title": "ParentSlotTypeSignature", - "type": "string" - }, - "SlotTypeValues": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotTypeValue" - }, - "markdownDescription": "A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot.", - "title": "SlotTypeValues", - "type": "array" - }, - "ValueSelectionSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueSelectionSetting", - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ValueSelectionSetting" } }, "required": [ @@ -145559,323 +153644,98 @@ ], "type": "object" }, - "AWS::Lex::Bot.SlotTypeValue": { + "AWS::IoTFleetWise::Campaign.StorageMaximumSize": { "additionalProperties": false, "properties": { - "SampleValue": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleValue", - "markdownDescription": "The value of the slot type entry.", - "title": "SampleValue" + "Unit": { + "markdownDescription": "The data type of the data to store.", + "title": "Unit", + "type": "string" }, - "Synonyms": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleValue" - }, - "markdownDescription": "Additional values related to the slot type entry.", - "title": "Synonyms", - "type": "array" + "Value": { + "markdownDescription": "The maximum amount of time to store data.", + "title": "Value", + "type": "number" } }, "required": [ - "SampleValue" + "Unit", + "Value" ], "type": "object" }, - "AWS::Lex::Bot.SlotValue": { + "AWS::IoTFleetWise::Campaign.StorageMinimumTimeToLive": { "additionalProperties": false, "properties": { - "InterpretedValue": { - "markdownDescription": "The value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the `resolvedValues` list.", - "title": "InterpretedValue", + "Unit": { + "markdownDescription": "The time increment type.", + "title": "Unit", "type": "string" + }, + "Value": { + "markdownDescription": "The minimum amount of time to store the data.", + "title": "Value", + "type": "number" } }, + "required": [ + "Unit", + "Value" + ], "type": "object" }, - "AWS::Lex::Bot.SlotValueElicitationSetting": { + "AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme": { "additionalProperties": false, "properties": { - "DefaultValueSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", - "markdownDescription": "A list of default values for a slot. Default values are used when Amazon Lex hasn't determined a value for a slot. You can specify default values from context variables, session attributes, and defined values.", - "title": "DefaultValueSpecification" - }, - "PromptSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", - "markdownDescription": "The prompt that Amazon Lex uses to elicit the slot value from the user.", - "title": "PromptSpecification" - }, - "SampleUtterances": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" - }, - "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This is optional. In most cases, Amazon Lex is capable of understanding user utterances.", - "title": "SampleUtterances", - "type": "array" - }, - "SlotCaptureSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotCaptureSetting", - "markdownDescription": "Specifies the settings that Amazon Lex uses when a slot value is successfully entered by a user.", - "title": "SlotCaptureSetting" - }, - "SlotConstraint": { - "markdownDescription": "Specifies whether the slot is required or optional.", - "title": "SlotConstraint", - "type": "string" - }, - "WaitAndContinueSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", - "markdownDescription": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input.", - "title": "WaitAndContinueSpecification" + "PeriodMs": { + "markdownDescription": "The time period (in milliseconds) to decide how often to collect data. For example, if the time period is `60000` , the Edge Agent software collects data once every minute.", + "title": "PeriodMs", + "type": "number" } }, "required": [ - "SlotConstraint" + "PeriodMs" ], "type": "object" }, - "AWS::Lex::Bot.SlotValueOverride": { + "AWS::IoTFleetWise::Campaign.TimeBasedSignalFetchConfig": { "additionalProperties": false, "properties": { - "Shape": { - "markdownDescription": "When the shape value is `List` , it indicates that the `values` field contains a list of slot values. When the value is `Scalar` , it indicates that the `value` field contains a single value.", - "title": "Shape", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValue", - "markdownDescription": "The current value of the slot.", - "title": "Value" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride" - }, - "markdownDescription": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\"", - "title": "Values", - "type": "array" + "ExecutionFrequencyMs": { + "markdownDescription": "The frequency with which the signal fetch will be executed.", + "title": "ExecutionFrequencyMs", + "type": "number" } }, + "required": [ + "ExecutionFrequencyMs" + ], "type": "object" }, - "AWS::Lex::Bot.SlotValueOverrideMap": { + "AWS::IoTFleetWise::Campaign.TimestreamConfig": { "additionalProperties": false, "properties": { - "SlotName": { - "markdownDescription": "The name of the slot.", - "title": "SlotName", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants AWS IoT FleetWise permission to deliver data to the Amazon Timestream table.", + "title": "ExecutionRoleArn", "type": "string" }, - "SlotValueOverride": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride", - "markdownDescription": "The SlotValueOverride object to which the slot name will be mapped.", - "title": "SlotValueOverride" + "TimestreamTableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Timestream table.", + "title": "TimestreamTableArn", + "type": "string" } }, + "required": [ + "ExecutionRoleArn", + "TimestreamTableArn" + ], "type": "object" }, - "AWS::Lex::Bot.SlotValueRegexFilter": { + "AWS::IoTFleetWise::DecoderManifest": { "additionalProperties": false, "properties": { - "Pattern": { - "markdownDescription": "A regular expression used to validate the value of a slot.\n\nUse a standard regular expression. Amazon Lex supports the following characters in the regular expression:\n\n- A-Z, a-z\n- 0-9\n- Unicode characters (\"\\\u2060u\")\n\nRepresent Unicode characters with four digits, for example \"\\\u2060u0041\" or \"\\\u2060u005A\".\n\nThe following regular expression operators are not supported:\n\n- Infinite repeaters: *, +, or {x,} with no upper bound.\n- Wild card (.)", - "title": "Pattern", - "type": "string" - } - }, - "required": [ - "Pattern" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotValueSelectionSetting": { - "additionalProperties": false, - "properties": { - "AdvancedRecognitionSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.AdvancedRecognitionSetting", - "markdownDescription": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances.", - "title": "AdvancedRecognitionSetting" - }, - "RegexFilter": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueRegexFilter", - "markdownDescription": "A regular expression used to validate the value of a slot.", - "title": "RegexFilter" - }, - "ResolutionStrategy": { - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ResolutionStrategy", - "type": "string" - } - }, - "required": [ - "ResolutionStrategy" - ], - "type": "object" - }, - "AWS::Lex::Bot.StillWaitingResponseSpecification": { - "additionalProperties": false, - "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates that the user can interrupt the response by speaking while the message is being played.", - "title": "AllowInterrupt", - "type": "boolean" - }, - "FrequencyInSeconds": { - "markdownDescription": "How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes.", - "title": "FrequencyInSeconds", - "type": "number" - }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user.", - "title": "MessageGroupsList", - "type": "array" - }, - "TimeoutInSeconds": { - "markdownDescription": "If Amazon Lex waits longer than this length of time for a response, it will stop sending messages.", - "title": "TimeoutInSeconds", - "type": "number" - } - }, - "required": [ - "FrequencyInSeconds", - "MessageGroupsList", - "TimeoutInSeconds" - ], - "type": "object" - }, - "AWS::Lex::Bot.TestBotAliasSettings": { - "additionalProperties": false, - "properties": { - "BotAliasLocaleSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettingsItem" - }, - "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale.", - "title": "BotAliasLocaleSettings", - "type": "array" - }, - "ConversationLogSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.ConversationLogSettings", - "markdownDescription": "Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users.", - "title": "ConversationLogSettings" - }, - "Description": { - "markdownDescription": "Specifies a description for the test bot alias.", - "title": "Description", - "type": "string" - }, - "SentimentAnalysisSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.SentimentAnalysisSettings", - "markdownDescription": "Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", - "title": "SentimentAnalysisSettings" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.TextInputSpecification": { - "additionalProperties": false, - "properties": { - "StartTimeoutMs": { - "markdownDescription": "Time for which a bot waits before re-prompting a customer for text input.", - "title": "StartTimeoutMs", - "type": "number" - } - }, - "required": [ - "StartTimeoutMs" - ], - "type": "object" - }, - "AWS::Lex::Bot.TextLogDestination": { - "additionalProperties": false, - "properties": { - "CloudWatch": { - "$ref": "#/definitions/AWS::Lex::Bot.CloudWatchLogGroupLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", - "title": "CloudWatch" - } - }, - "required": [ - "CloudWatch" - ], - "type": "object" - }, - "AWS::Lex::Bot.TextLogSetting": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::Bot.TextLogDestination", - "markdownDescription": "Specifies the Amazon CloudWatch Logs destination log group for conversation text logs.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Determines whether conversation logs should be stored for an alias.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Destination", - "Enabled" - ], - "type": "object" - }, - "AWS::Lex::Bot.VoiceSettings": { - "additionalProperties": false, - "properties": { - "Engine": { - "markdownDescription": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the [`engine` parameter of the `SynthesizeSpeech` operation](https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html#polly-SynthesizeSpeech-request-Engine) in the *Amazon Polly developer guide* .\n\nIf you do not specify a value, the default is `standard` .", - "title": "Engine", - "type": "string" - }, - "VoiceId": { - "markdownDescription": "The identifier of the Amazon Polly voice to use.", - "title": "VoiceId", - "type": "string" - } - }, - "required": [ - "VoiceId" - ], - "type": "object" - }, - "AWS::Lex::Bot.WaitAndContinueSpecification": { - "additionalProperties": false, - "properties": { - "ContinueResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation.", - "title": "ContinueResponse" - }, - "IsActive": { - "markdownDescription": "Specifies whether the bot will wait for a user to respond. When this field is false, wait and continue responses for a slot aren't used. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", - "type": "boolean" - }, - "StillWaitingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.StillWaitingResponseSpecification", - "markdownDescription": "A response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user.", - "title": "StillWaitingResponse" - }, - "WaitingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue.", - "title": "WaitingResponse" - } - }, - "required": [ - "ContinueResponse", - "WaitingResponse" - ], - "type": "object" - }, - "AWS::Lex::BotAlias": { - "additionalProperties": false, - "properties": { - "Condition": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -145907,62 +153767,65 @@ "Properties": { "additionalProperties": false, "properties": { - "BotAliasLocaleSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettingsItem" - }, - "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale.", - "title": "BotAliasLocaleSettings", - "type": "array" - }, - "BotAliasName": { - "markdownDescription": "The name of the bot alias.", - "title": "BotAliasName", + "DefaultForUnmappedSignals": { + "markdownDescription": "Use default decoders for all unmapped signals in the model. You don't need to provide any detailed decoding information.", + "title": "DefaultForUnmappedSignals", "type": "string" }, - "BotAliasTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nYou can only add tags when you specify an alias.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "BotAliasTags", - "type": "array" + "Description": { + "markdownDescription": "A brief description of the decoder manifest.", + "title": "Description", + "type": "string" }, - "BotId": { - "markdownDescription": "The unique identifier of the bot.", - "title": "BotId", + "ModelManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle model (model manifest) associated with the decoder manifest.", + "title": "ModelManifestArn", "type": "string" }, - "BotVersion": { - "markdownDescription": "The version of the bot that the bot alias references.", - "title": "BotVersion", + "Name": { + "markdownDescription": "The name of the decoder manifest.", + "title": "Name", "type": "string" }, - "ConversationLogSettings": { - "$ref": "#/definitions/AWS::Lex::BotAlias.ConversationLogSettings", - "markdownDescription": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 .", - "title": "ConversationLogSettings" + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems" + }, + "markdownDescription": "A list of information about available network interfaces.", + "title": "NetworkInterfaces", + "type": "array" }, - "Description": { - "markdownDescription": "The description of the bot alias.", - "title": "Description", + "SignalDecoders": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems" + }, + "markdownDescription": "A list of information about signal decoders.", + "title": "SignalDecoders", + "type": "array" + }, + "Status": { + "markdownDescription": "The state of the decoder manifest. If the status is `ACTIVE` , the decoder manifest can't be edited. If the status is marked `DRAFT` , you can edit the decoder manifest.", + "title": "Status", "type": "string" }, - "SentimentAnalysisSettings": { - "$ref": "#/definitions/AWS::Lex::BotAlias.SentimentAnalysisSettings", - "markdownDescription": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", - "title": "SentimentAnalysisSettings" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the decoder manifest.", + "title": "Tags", + "type": "array" } }, "required": [ - "BotAliasName", - "BotId" + "ModelManifestArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::BotAlias" + "AWS::IoTFleetWise::DecoderManifest" ], "type": "string" }, @@ -145981,344 +153844,288 @@ ], "type": "object" }, - "AWS::Lex::BotAlias.AudioLogDestination": { - "additionalProperties": false, - "properties": { - "S3Bucket": { - "$ref": "#/definitions/AWS::Lex::BotAlias.S3BucketLogDestination", - "markdownDescription": "The S3 bucket location where audio logs are stored.", - "title": "S3Bucket" - } - }, - "required": [ - "S3Bucket" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.AudioLogSetting": { + "AWS::IoTFleetWise::DecoderManifest.CanInterface": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogDestination", - "markdownDescription": "The location of audio log files collected when conversation logging is enabled for a bot.", - "title": "Destination" + "Name": { + "markdownDescription": "The unique name of the interface.", + "title": "Name", + "type": "string" }, - "Enabled": { - "markdownDescription": "Determines whether audio logging in enabled for the bot.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Destination", - "Enabled" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.BotAliasLocaleSettings": { - "additionalProperties": false, - "properties": { - "CodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::BotAlias.CodeHookSpecification", - "markdownDescription": "Specifies the Lambda function that should be used in the locale.", - "title": "CodeHookSpecification" + "ProtocolName": { + "markdownDescription": "The name of the communication protocol for the interface.", + "title": "ProtocolName", + "type": "string" }, - "Enabled": { - "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", - "title": "Enabled", - "type": "boolean" + "ProtocolVersion": { + "markdownDescription": "The version of the communication protocol for the interface.", + "title": "ProtocolVersion", + "type": "string" } }, "required": [ - "Enabled" + "Name" ], "type": "object" }, - "AWS::Lex::BotAlias.BotAliasLocaleSettingsItem": { + "AWS::IoTFleetWise::DecoderManifest.CanSignal": { "additionalProperties": false, "properties": { - "BotAliasLocaleSetting": { - "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettings", - "markdownDescription": "Specifies settings that are unique to a locale.", - "title": "BotAliasLocaleSetting" + "Factor": { + "markdownDescription": "A multiplier used to decode the CAN message.", + "title": "Factor", + "type": "string" }, - "LocaleId": { - "markdownDescription": "The unique identifier of the locale.", - "title": "LocaleId", + "IsBigEndian": { + "markdownDescription": "Whether the byte ordering of a CAN message is big-endian.", + "title": "IsBigEndian", "type": "string" - } - }, - "required": [ - "BotAliasLocaleSetting", - "LocaleId" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination": { - "additionalProperties": false, - "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", - "title": "CloudWatchLogGroupArn", + }, + "IsSigned": { + "markdownDescription": "Whether the message data is specified as a signed value.", + "title": "IsSigned", "type": "string" }, - "LogPrefix": { - "markdownDescription": "The prefix of the log stream name within the log group that you specified", - "title": "LogPrefix", + "Length": { + "markdownDescription": "How many bytes of data are in the message.", + "title": "Length", "type": "string" - } - }, - "required": [ - "CloudWatchLogGroupArn", - "LogPrefix" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.CodeHookSpecification": { - "additionalProperties": false, - "properties": { - "LambdaCodeHook": { - "$ref": "#/definitions/AWS::Lex::BotAlias.LambdaCodeHook", - "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", - "title": "LambdaCodeHook" - } - }, - "required": [ - "LambdaCodeHook" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.ConversationLogSettings": { - "additionalProperties": false, - "properties": { - "AudioLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogSetting" - }, - "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", - "title": "AudioLogSettings", - "type": "array" }, - "TextLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogSetting" - }, - "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", - "title": "TextLogSettings", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lex::BotAlias.LambdaCodeHook": { - "additionalProperties": false, - "properties": { - "CodeHookInterfaceVersion": { - "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", - "title": "CodeHookInterfaceVersion", + "MessageId": { + "markdownDescription": "The ID of the message.", + "title": "MessageId", "type": "string" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", - "title": "LambdaArn", + "Name": { + "markdownDescription": "The name of the signal.", + "title": "Name", "type": "string" - } - }, - "required": [ - "CodeHookInterfaceVersion", - "LambdaArn" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.S3BucketLogDestination": { - "additionalProperties": false, - "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", - "title": "KmsKeyArn", + }, + "Offset": { + "markdownDescription": "The offset used to calculate the signal value. Combined with factor, the calculation is `value = raw_value * factor + offset` .", + "title": "Offset", "type": "string" }, - "LogPrefix": { - "markdownDescription": "The S3 prefix to assign to audio log files.", - "title": "LogPrefix", + "SignalValueType": { + "markdownDescription": "The value type of the signal. The default value is `INTEGER` .", + "title": "SignalValueType", "type": "string" }, - "S3BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", - "title": "S3BucketArn", + "StartBit": { + "markdownDescription": "Indicates the beginning of the CAN message.", + "title": "StartBit", "type": "string" } }, "required": [ - "LogPrefix", - "S3BucketArn" + "Factor", + "IsBigEndian", + "IsSigned", + "Length", + "MessageId", + "Offset", + "StartBit" ], "type": "object" }, - "AWS::Lex::BotAlias.SentimentAnalysisSettings": { + "AWS::IoTFleetWise::DecoderManifest.CustomDecodingInterface": { "additionalProperties": false, "properties": { - "DetectSentiment": { - "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", - "title": "DetectSentiment", - "type": "boolean" + "Name": { + "markdownDescription": "The name of the interface.", + "title": "Name", + "type": "string" } }, "required": [ - "DetectSentiment" + "Name" ], "type": "object" }, - "AWS::Lex::BotAlias.TextLogDestination": { + "AWS::IoTFleetWise::DecoderManifest.CustomDecodingSignal": { "additionalProperties": false, "properties": { - "CloudWatch": { - "$ref": "#/definitions/AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", - "title": "CloudWatch" + "Id": { + "markdownDescription": "The ID of the signal.", + "title": "Id", + "type": "string" } }, "required": [ - "CloudWatch" + "Id" ], "type": "object" }, - "AWS::Lex::BotAlias.TextLogSetting": { + "AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.", - "title": "Destination" + "CanInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanInterface" }, - "Enabled": { - "markdownDescription": "Determines whether conversation logs should be stored for an alias.", - "title": "Enabled", - "type": "boolean" + "CustomDecodingInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CustomDecodingInterface" + }, + "InterfaceId": { + "type": "string" + }, + "ObdInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdInterface" + }, + "Type": { + "type": "string" } }, "required": [ - "Destination", - "Enabled" + "InterfaceId", + "Type" ], "type": "object" }, - "AWS::Lex::BotVersion": { + "AWS::IoTFleetWise::DecoderManifest.ObdInterface": { "additionalProperties": false, "properties": { - "Condition": { + "DtcRequestIntervalSeconds": { + "markdownDescription": "The maximum number message requests per diagnostic trouble code per second.", + "title": "DtcRequestIntervalSeconds", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HasTransmissionEcu": { + "markdownDescription": "Whether the vehicle has a transmission control module (TCM).", + "title": "HasTransmissionEcu", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "The name of the interface.", + "title": "Name", + "type": "string" }, - "Metadata": { - "type": "object" + "ObdStandard": { + "markdownDescription": "The standard OBD II PID.", + "title": "ObdStandard", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BotId": { - "markdownDescription": "The unique identifier of the bot.", - "title": "BotId", - "type": "string" - }, - "BotVersionLocaleSpecification": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleSpecification" - }, - "markdownDescription": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.", - "title": "BotVersionLocaleSpecification", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the version.", - "title": "Description", - "type": "string" - } - }, - "required": [ - "BotId", - "BotVersionLocaleSpecification" - ], - "type": "object" + "PidRequestIntervalSeconds": { + "markdownDescription": "The maximum number message requests per second.", + "title": "PidRequestIntervalSeconds", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Lex::BotVersion" - ], + "RequestMessageId": { + "markdownDescription": "The ID of the message requesting vehicle data.", + "title": "RequestMessageId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UseExtendedIds": { + "markdownDescription": "Whether to use extended IDs in the message.", + "title": "UseExtendedIds", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "RequestMessageId" ], "type": "object" }, - "AWS::Lex::BotVersion.BotVersionLocaleDetails": { + "AWS::IoTFleetWise::DecoderManifest.ObdSignal": { "additionalProperties": false, "properties": { - "SourceBotVersion": { - "markdownDescription": "The version of a bot used for a bot locale.", - "title": "SourceBotVersion", + "BitMaskLength": { + "markdownDescription": "The number of bits to mask in a message.", + "title": "BitMaskLength", + "type": "string" + }, + "BitRightShift": { + "markdownDescription": "The number of positions to shift bits in the message.", + "title": "BitRightShift", + "type": "string" + }, + "ByteLength": { + "markdownDescription": "The length of a message.", + "title": "ByteLength", + "type": "string" + }, + "IsSigned": { + "markdownDescription": "Determines whether the message is signed ( `true` ) or not ( `false` ). If it's signed, the message can represent both positive and negative numbers. The `isSigned` parameter only applies to the `INTEGER` raw signal type, and it doesn't affect the `FLOATING_POINT` raw signal type. The default value is `false` .", + "title": "IsSigned", + "type": "string" + }, + "Offset": { + "markdownDescription": "The offset used to calculate the signal value. Combined with scaling, the calculation is `value = raw_value * scaling + offset` .", + "title": "Offset", + "type": "string" + }, + "Pid": { + "markdownDescription": "The diagnostic code used to request data from a vehicle for this signal.", + "title": "Pid", + "type": "string" + }, + "PidResponseLength": { + "markdownDescription": "The length of the requested data.", + "title": "PidResponseLength", + "type": "string" + }, + "Scaling": { + "markdownDescription": "A multiplier used to decode the message.", + "title": "Scaling", + "type": "string" + }, + "ServiceMode": { + "markdownDescription": "The mode of operation (diagnostic service) in a message.", + "title": "ServiceMode", + "type": "string" + }, + "SignalValueType": { + "markdownDescription": "The value type of the signal. The default value is `INTEGER` .", + "title": "SignalValueType", + "type": "string" + }, + "StartByte": { + "markdownDescription": "Indicates the beginning of the message.", + "title": "StartByte", "type": "string" } }, "required": [ - "SourceBotVersion" + "ByteLength", + "Offset", + "Pid", + "PidResponseLength", + "Scaling", + "ServiceMode", + "StartByte" ], "type": "object" }, - "AWS::Lex::BotVersion.BotVersionLocaleSpecification": { + "AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems": { "additionalProperties": false, "properties": { - "BotVersionLocaleDetails": { - "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleDetails", - "markdownDescription": "The version of a bot used for a bot locale.", - "title": "BotVersionLocaleDetails" + "CanSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanSignal" }, - "LocaleId": { - "markdownDescription": "The identifier of the locale to add to the version.", - "title": "LocaleId", + "CustomDecodingSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CustomDecodingSignal" + }, + "FullyQualifiedName": { + "type": "string" + }, + "InterfaceId": { + "type": "string" + }, + "ObdSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdSignal" + }, + "Type": { "type": "string" } }, "required": [ - "BotVersionLocaleDetails", - "LocaleId" + "FullyQualifiedName", + "InterfaceId", + "Type" ], "type": "object" }, - "AWS::Lex::ResourcePolicy": { + "AWS::IoTFleetWise::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -146353,26 +154160,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception.", - "title": "Policy", - "type": "object" + "Description": { + "markdownDescription": "A brief description of the fleet.", + "title": "Description", + "type": "string" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to.", - "title": "ResourceArn", + "Id": { + "markdownDescription": "The unique ID of the fleet.", + "title": "Id", + "type": "string" + }, + "SignalCatalogArn": { + "markdownDescription": "The ARN of the signal catalog associated with the fleet.", + "title": "SignalCatalogArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the fleet.", + "title": "Tags", + "type": "array" } }, "required": [ - "Policy", - "ResourceArn" + "Id", + "SignalCatalogArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::ResourcePolicy" + "AWS::IoTFleetWise::Fleet" ], "type": "string" }, @@ -146391,7 +154211,7 @@ ], "type": "object" }, - "AWS::LicenseManager::Grant": { + "AWS::IoTFleetWise::ModelManifest": { "additionalProperties": false, "properties": { "Condition": { @@ -146426,48 +154246,52 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedOperations": { - "items": { - "type": "string" - }, - "markdownDescription": "Allowed operations for the grant.", - "title": "AllowedOperations", - "type": "array" - }, - "GrantName": { - "markdownDescription": "Grant name.", - "title": "GrantName", - "type": "string" - }, - "HomeRegion": { - "markdownDescription": "Home Region of the grant.", - "title": "HomeRegion", + "Description": { + "markdownDescription": "A brief description of the vehicle model.", + "title": "Description", "type": "string" }, - "LicenseArn": { - "markdownDescription": "License ARN.", - "title": "LicenseArn", + "Name": { + "markdownDescription": "The name of the vehicle model.", + "title": "Name", "type": "string" }, - "Principals": { + "Nodes": { "items": { "type": "string" }, - "markdownDescription": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization.", - "title": "Principals", + "markdownDescription": "A list of nodes, which are a general abstraction of signals.", + "title": "Nodes", "type": "array" }, + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the vehicle model.", + "title": "SignalCatalogArn", + "type": "string" + }, "Status": { - "markdownDescription": "Granted license status.", + "markdownDescription": "The state of the vehicle model. If the status is `ACTIVE` , the vehicle model can't be edited. If the status is `DRAFT` , you can edit the vehicle model.", "title": "Status", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the vehicle model.", + "title": "Tags", + "type": "array" } }, + "required": [ + "Name", + "SignalCatalogArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::LicenseManager::Grant" + "AWS::IoTFleetWise::ModelManifest" ], "type": "string" }, @@ -146481,11 +154305,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::LicenseManager::License": { + "AWS::IoTFleetWise::SignalCatalog": { "additionalProperties": false, "properties": { "Condition": { @@ -146520,82 +154345,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Beneficiary": { - "markdownDescription": "License beneficiary.", - "title": "Beneficiary", + "Description": { + "markdownDescription": "A brief description of the signal catalog.", + "title": "Description", "type": "string" }, - "ConsumptionConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.ConsumptionConfiguration", - "markdownDescription": "Configuration for consumption of the license.", - "title": "ConsumptionConfiguration" + "Name": { + "markdownDescription": "The name of the signal catalog.", + "title": "Name", + "type": "string" }, - "Entitlements": { + "NodeCounts": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.NodeCounts", + "markdownDescription": "Information about the number of nodes and node types in a vehicle network.", + "title": "NodeCounts" + }, + "Nodes": { "items": { - "$ref": "#/definitions/AWS::LicenseManager::License.Entitlement" + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Node" }, - "markdownDescription": "License entitlements.", - "title": "Entitlements", + "markdownDescription": "A list of information about nodes, which are a general abstraction of signals.", + "title": "Nodes", "type": "array" }, - "HomeRegion": { - "markdownDescription": "Home Region of the license.", - "title": "HomeRegion", - "type": "string" - }, - "Issuer": { - "$ref": "#/definitions/AWS::LicenseManager::License.IssuerData", - "markdownDescription": "License issuer.", - "title": "Issuer" - }, - "LicenseMetadata": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::LicenseManager::License.Metadata" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "License metadata.", - "title": "LicenseMetadata", + "markdownDescription": "Metadata that can be used to manage the signal catalog.", + "title": "Tags", "type": "array" - }, - "LicenseName": { - "markdownDescription": "License name.", - "title": "LicenseName", - "type": "string" - }, - "ProductName": { - "markdownDescription": "Product name.", - "title": "ProductName", - "type": "string" - }, - "ProductSKU": { - "markdownDescription": "Product SKU.", - "title": "ProductSKU", - "type": "string" - }, - "Status": { - "markdownDescription": "License status.", - "title": "Status", - "type": "string" - }, - "Validity": { - "$ref": "#/definitions/AWS::LicenseManager::License.ValidityDateFormat", - "markdownDescription": "Date and time range during which the license is valid, in ISO8601-UTC format.", - "title": "Validity" } }, - "required": [ - "ConsumptionConfiguration", - "Entitlements", - "HomeRegion", - "Issuer", - "LicenseName", - "ProductName", - "Validity" - ], "type": "object" }, "Type": { "enum": [ - "AWS::LicenseManager::License" + "AWS::IoTFleetWise::SignalCatalog" ], "type": "string" }, @@ -146609,166 +154395,246 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::LicenseManager::License.BorrowConfiguration": { + "AWS::IoTFleetWise::SignalCatalog.Actuator": { "additionalProperties": false, "properties": { - "AllowEarlyCheckIn": { - "markdownDescription": "Indicates whether early check-ins are allowed.", - "title": "AllowEarlyCheckIn", - "type": "boolean" + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values an actuator can take.", + "title": "AllowedValues", + "type": "array" }, - "MaxTimeToLiveInMinutes": { - "markdownDescription": "Maximum time for the borrow configuration, in minutes.", - "title": "MaxTimeToLiveInMinutes", + "AssignedValue": { + "markdownDescription": "A specified value for the actuator.", + "title": "AssignedValue", + "type": "string" + }, + "DataType": { + "markdownDescription": "The specified data type of the actuator.", + "title": "DataType", + "type": "string" + }, + "Description": { + "markdownDescription": "A brief description of the actuator.", + "title": "Description", + "type": "string" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the actuator. For example, the fully qualified name of an actuator might be `Vehicle.Front.Left.Door.Lock` .", + "title": "FullyQualifiedName", + "type": "string" + }, + "Max": { + "markdownDescription": "The specified possible maximum value of an actuator.", + "title": "Max", "type": "number" + }, + "Min": { + "markdownDescription": "The specified possible minimum value of an actuator.", + "title": "Min", + "type": "number" + }, + "Unit": { + "markdownDescription": "The scientific unit for the actuator.", + "title": "Unit", + "type": "string" } }, "required": [ - "AllowEarlyCheckIn", - "MaxTimeToLiveInMinutes" + "DataType", + "FullyQualifiedName" ], "type": "object" }, - "AWS::LicenseManager::License.ConsumptionConfiguration": { + "AWS::IoTFleetWise::SignalCatalog.Attribute": { "additionalProperties": false, "properties": { - "BorrowConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.BorrowConfiguration", - "markdownDescription": "Details about a borrow configuration.", - "title": "BorrowConfiguration" + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values an attribute can be assigned.", + "title": "AllowedValues", + "type": "array" }, - "ProvisionalConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.ProvisionalConfiguration", - "markdownDescription": "Details about a provisional configuration.", - "title": "ProvisionalConfiguration" + "AssignedValue": { + "markdownDescription": "A specified value for the attribute.", + "title": "AssignedValue", + "type": "string" }, - "RenewType": { - "markdownDescription": "Renewal frequency.", - "title": "RenewType", + "DataType": { + "markdownDescription": "The specified data type of the attribute.", + "title": "DataType", "type": "string" - } - }, - "type": "object" - }, - "AWS::LicenseManager::License.Entitlement": { - "additionalProperties": false, - "properties": { - "AllowCheckIn": { - "markdownDescription": "Indicates whether check-ins are allowed.", - "title": "AllowCheckIn", - "type": "boolean" }, - "MaxCount": { - "markdownDescription": "Maximum entitlement count. Use if the unit is not None.", - "title": "MaxCount", - "type": "number" + "DefaultValue": { + "markdownDescription": "The default value of the attribute.", + "title": "DefaultValue", + "type": "string" }, - "Name": { - "markdownDescription": "Entitlement name.", - "title": "Name", + "Description": { + "markdownDescription": "A brief description of the attribute.", + "title": "Description", "type": "string" }, - "Overage": { - "markdownDescription": "Indicates whether overages are allowed.", - "title": "Overage", - "type": "boolean" + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the attribute. For example, the fully qualified name of an attribute might be `Vehicle.Body.Engine.Type` .", + "title": "FullyQualifiedName", + "type": "string" + }, + "Max": { + "markdownDescription": "The specified possible maximum value of the attribute.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The specified possible minimum value of the attribute.", + "title": "Min", + "type": "number" }, "Unit": { - "markdownDescription": "Entitlement unit.", + "markdownDescription": "The scientific unit for the attribute.", "title": "Unit", "type": "string" - }, - "Value": { - "markdownDescription": "Entitlement resource. Use only if the unit is None.", - "title": "Value", - "type": "string" } }, "required": [ - "Name", - "Unit" + "DataType", + "FullyQualifiedName" ], "type": "object" }, - "AWS::LicenseManager::License.IssuerData": { + "AWS::IoTFleetWise::SignalCatalog.Branch": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Issuer name.", - "title": "Name", + "Description": { + "markdownDescription": "A brief description of the branch.", + "title": "Description", "type": "string" }, - "SignKey": { - "markdownDescription": "Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm.", - "title": "SignKey", + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the branch. For example, the fully qualified name of a branch might be `Vehicle.Body.Engine` .", + "title": "FullyQualifiedName", "type": "string" } }, "required": [ - "Name" + "FullyQualifiedName" ], "type": "object" }, - "AWS::LicenseManager::License.Metadata": { + "AWS::IoTFleetWise::SignalCatalog.Node": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The key name.", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", - "type": "string" + "Actuator": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Actuator", + "markdownDescription": "Information about a node specified as an actuator.\n\n> An actuator is a digital representation of a vehicle device.", + "title": "Actuator" + }, + "Attribute": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Attribute", + "markdownDescription": "Information about a node specified as an attribute.\n\n> An attribute represents static information about a vehicle.", + "title": "Attribute" + }, + "Branch": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Branch", + "markdownDescription": "Information about a node specified as a branch.\n\n> A group of signals that are defined in a hierarchical structure.", + "title": "Branch" + }, + "Sensor": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Sensor", + "markdownDescription": "An input component that reports the environmental condition of a vehicle.\n\n> You can collect data about fluid levels, temperatures, vibrations, or battery voltage from sensors.", + "title": "Sensor" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::LicenseManager::License.ProvisionalConfiguration": { + "AWS::IoTFleetWise::SignalCatalog.NodeCounts": { "additionalProperties": false, "properties": { - "MaxTimeToLiveInMinutes": { - "markdownDescription": "Maximum time for the provisional configuration, in minutes.", - "title": "MaxTimeToLiveInMinutes", + "TotalActuators": { + "markdownDescription": "The total number of nodes in a vehicle network that represent actuators.", + "title": "TotalActuators", + "type": "number" + }, + "TotalAttributes": { + "markdownDescription": "The total number of nodes in a vehicle network that represent attributes.", + "title": "TotalAttributes", + "type": "number" + }, + "TotalBranches": { + "markdownDescription": "The total number of nodes in a vehicle network that represent branches.", + "title": "TotalBranches", + "type": "number" + }, + "TotalNodes": { + "markdownDescription": "The total number of nodes in a vehicle network.", + "title": "TotalNodes", + "type": "number" + }, + "TotalSensors": { + "markdownDescription": "The total number of nodes in a vehicle network that represent sensors.", + "title": "TotalSensors", "type": "number" } }, - "required": [ - "MaxTimeToLiveInMinutes" - ], "type": "object" }, - "AWS::LicenseManager::License.ValidityDateFormat": { + "AWS::IoTFleetWise::SignalCatalog.Sensor": { "additionalProperties": false, "properties": { - "Begin": { - "markdownDescription": "Start of the time range.", - "title": "Begin", + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values a sensor can take.", + "title": "AllowedValues", + "type": "array" + }, + "DataType": { + "markdownDescription": "The specified data type of the sensor.", + "title": "DataType", "type": "string" }, - "End": { - "markdownDescription": "End of the time range.", - "title": "End", + "Description": { + "markdownDescription": "A brief description of a sensor.", + "title": "Description", + "type": "string" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the sensor. For example, the fully qualified name of a sensor might be `Vehicle.Body.Engine.Battery` .", + "title": "FullyQualifiedName", + "type": "string" + }, + "Max": { + "markdownDescription": "The specified possible maximum value of the sensor.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The specified possible minimum value of the sensor.", + "title": "Min", + "type": "number" + }, + "Unit": { + "markdownDescription": "The scientific unit of measurement for data collected by the sensor.", + "title": "Unit", "type": "string" } }, "required": [ - "Begin", - "End" + "DataType", + "FullyQualifiedName" ], "type": "object" }, - "AWS::Lightsail::Alarm": { + "AWS::IoTFleetWise::StateTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -146803,81 +154669,64 @@ "Properties": { "additionalProperties": false, "properties": { - "AlarmName": { - "markdownDescription": "The name of the alarm.", - "title": "AlarmName", - "type": "string" + "DataExtraDimensions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of vehicle attributes associated with the payload published on the state template's MQTT topic.", + "title": "DataExtraDimensions", + "type": "array" }, - "ComparisonOperator": { - "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold.", - "title": "ComparisonOperator", + "Description": { + "markdownDescription": "A brief description of the state template.", + "title": "Description", "type": "string" }, - "ContactProtocols": { + "MetadataExtraDimensions": { "items": { "type": "string" }, - "markdownDescription": "The contact protocols for the alarm, such as `Email` , `SMS` (text messaging), or both.\n\n*Allowed Values* : `Email` | `SMS`", - "title": "ContactProtocols", + "markdownDescription": "A list of vehicle attributes to associate with the user properties of the messages published on the state template's MQTT topic. For example, if you add `Vehicle.Attributes.Make` and `Vehicle.Attributes.Model` attributes, these attributes are included as user properties with the MQTT message.", + "title": "MetadataExtraDimensions", "type": "array" }, - "DatapointsToAlarm": { - "markdownDescription": "The number of data points within the evaluation periods that must be breaching to cause the alarm to go to the `ALARM` state.", - "title": "DatapointsToAlarm", - "type": "number" - }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods over which data is compared to the specified threshold.", - "title": "EvaluationPeriods", - "type": "number" - }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the alarm.", - "title": "MetricName", + "Name": { + "markdownDescription": "The unique alias of the state template.", + "title": "Name", "type": "string" }, - "MonitoredResourceName": { - "markdownDescription": "The name of the Lightsail resource that the alarm monitors.", - "title": "MonitoredResourceName", + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the state template.", + "title": "SignalCatalogArn", "type": "string" }, - "NotificationEnabled": { - "markdownDescription": "A Boolean value indicating whether the alarm is enabled.", - "title": "NotificationEnabled", - "type": "boolean" - }, - "NotificationTriggers": { + "StateTemplateProperties": { "items": { "type": "string" }, - "markdownDescription": "The alarm states that trigger a notification.\n\n> To specify the `OK` and `INSUFFICIENT_DATA` values, you must also specify `ContactProtocols` values. Otherwise, the `OK` and `INSUFFICIENT_DATA` values will not take effect and the stack will drift. \n\n*Allowed Values* : `OK` | `ALARM` | `INSUFFICIENT_DATA`", - "title": "NotificationTriggers", + "markdownDescription": "A list of signals from which data is collected. The state template properties contain the fully qualified names of the signals.", + "title": "StateTemplateProperties", "type": "array" }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", - "type": "number" - }, - "TreatMissingData": { - "markdownDescription": "Specifies how the alarm handles missing data points.\n\nAn alarm can treat missing data in the following ways:\n\n- `breaching` - Assumes the missing data is not within the threshold. Missing data counts towards the number of times that the metric is not within the threshold.\n- `notBreaching` - Assumes the missing data is within the threshold. Missing data does not count towards the number of times that the metric is not within the threshold.\n- `ignore` - Ignores the missing data. Maintains the current alarm state.\n- `missing` - Missing data is treated as missing.", - "title": "TreatMissingData", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the state template.", + "title": "Tags", + "type": "array" } }, "required": [ - "AlarmName", - "ComparisonOperator", - "EvaluationPeriods", - "MetricName", - "MonitoredResourceName", - "Threshold" + "Name", + "SignalCatalogArn", + "StateTemplateProperties" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Alarm" + "AWS::IoTFleetWise::StateTemplate" ], "type": "string" }, @@ -146896,7 +154745,7 @@ ], "type": "object" }, - "AWS::Lightsail::Bucket": { + "AWS::IoTFleetWise::Vehicle": { "additionalProperties": false, "properties": { "Condition": { @@ -146931,60 +154780,64 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRules": { - "$ref": "#/definitions/AWS::Lightsail::Bucket.AccessRules", - "markdownDescription": "An object that describes the access rules for the bucket.", - "title": "AccessRules" - }, - "BucketName": { - "markdownDescription": "The name of the bucket.", - "title": "BucketName", + "AssociationBehavior": { + "markdownDescription": "An option to create a new AWS IoT thing when creating a vehicle, or to validate an existing thing as a vehicle.", + "title": "AssociationBehavior", "type": "string" }, - "BundleId": { - "markdownDescription": "The bundle ID for the bucket (for example, `small_1_0` ).\n\nA bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket.", - "title": "BundleId", + "Attributes": { + "additionalProperties": true, + "markdownDescription": "Static information about a vehicle in a key-value pair. For example: `\"engine Type\"` : `\"v6\"`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "DecoderManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a decoder manifest associated with the vehicle to create.", + "title": "DecoderManifestArn", "type": "string" }, - "ObjectVersioning": { - "markdownDescription": "Indicates whether object versioning is enabled for the bucket.\n\nThe following options can be configured:\n\n- `Enabled` - Object versioning is enabled.\n- `Suspended` - Object versioning was previously enabled but is currently suspended. Existing object versions are retained.\n- `NeverEnabled` - Object versioning has never been enabled.", - "title": "ObjectVersioning", - "type": "boolean" + "ModelManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the vehicle model (model manifest) to create the vehicle from.", + "title": "ModelManifestArn", + "type": "string" }, - "ReadOnlyAccessAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of AWS account IDs that have read-only access to the bucket.", - "title": "ReadOnlyAccessAccounts", - "type": "array" + "Name": { + "markdownDescription": "The unique ID of the vehicle.", + "title": "Name", + "type": "string" }, - "ResourcesReceivingAccess": { + "StateTemplates": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.StateTemplateAssociation" }, - "markdownDescription": "An array of Lightsail instances that have access to the bucket.", - "title": "ResourcesReceivingAccess", + "markdownDescription": "Associate state templates to track the state of the vehicle. State templates determine which signal updates the vehicle sends to the cloud.", + "title": "StateTemplates", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "Metadata which can be used to manage the vehicle.", "title": "Tags", "type": "array" } }, "required": [ - "BucketName", - "BundleId" + "DecoderManifestArn", + "ModelManifestArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Bucket" + "AWS::IoTFleetWise::Vehicle" ], "type": "string" }, @@ -147003,112 +154856,77 @@ ], "type": "object" }, - "AWS::Lightsail::Bucket.AccessRules": { + "AWS::IoTFleetWise::Vehicle.PeriodicStateTemplateUpdateStrategy": { "additionalProperties": false, "properties": { - "AllowPublicOverrides": { - "markdownDescription": "A Boolean value indicating whether the access control list (ACL) permissions that are applied to individual objects override the `GetObject` option that is currently specified.\n\nWhen this is true, you can use the [PutObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html) Amazon S3 API operation to set individual objects to public (read-only) or private, using either the `public-read` ACL or the `private` ACL.", - "title": "AllowPublicOverrides", - "type": "boolean" - }, - "GetObject": { - "markdownDescription": "Specifies the anonymous access to all objects in a bucket.\n\nThe following options can be specified:\n\n- `public` - Sets all objects in the bucket to public (read-only), making them readable by everyone on the internet.\n\nIf the `GetObject` value is set to `public` , then all objects in the bucket default to public regardless of the `allowPublicOverrides` value.\n- `private` - Sets all objects in the bucket to private, making them readable only by you and anyone that you grant access to.\n\nIf the `GetObject` value is set to `private` , and the `allowPublicOverrides` value is set to `true` , then all objects in the bucket default to private unless they are configured with a `public-read` ACL. Individual objects with a `public-read` ACL are readable by everyone on the internet.", - "title": "GetObject", - "type": "string" + "StateTemplateUpdateRate": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.TimePeriod", + "markdownDescription": "", + "title": "StateTemplateUpdateRate" } }, + "required": [ + "StateTemplateUpdateRate" + ], "type": "object" }, - "AWS::Lightsail::Certificate": { + "AWS::IoTFleetWise::Vehicle.StateTemplateAssociation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Identifier": { + "markdownDescription": "The unique ID of the state template.", + "title": "Identifier", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CertificateName": { - "markdownDescription": "The name of the certificate.", - "title": "CertificateName", - "type": "string" - }, - "DomainName": { - "markdownDescription": "The domain name of the certificate.", - "title": "DomainName", - "type": "string" - }, - "SubjectAlternativeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings that specify the alternate domains (such as `example.org` ) and subdomains (such as `blog.example.com` ) of the certificate.", - "title": "SubjectAlternativeNames", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CertificateName", - "DomainName" - ], + "StateTemplateUpdateStrategy": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.StateTemplateUpdateStrategy", + "markdownDescription": "", + "title": "StateTemplateUpdateStrategy" + } + }, + "required": [ + "Identifier", + "StateTemplateUpdateStrategy" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Vehicle.StateTemplateUpdateStrategy": { + "additionalProperties": false, + "properties": { + "OnChange": { + "markdownDescription": "", + "title": "OnChange", "type": "object" }, - "Type": { - "enum": [ - "AWS::Lightsail::Certificate" - ], + "Periodic": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.PeriodicStateTemplateUpdateStrategy", + "markdownDescription": "", + "title": "Periodic" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Vehicle.TimePeriod": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "A unit of time.", + "title": "Unit", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "markdownDescription": "A number of time units.", + "title": "Value", + "type": "number" } }, "required": [ - "Type", - "Properties" + "Unit", + "Value" ], "type": "object" }, - "AWS::Lightsail::Container": { + "AWS::IoTSiteWise::AccessPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -147143,63 +154961,32 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerServiceDeployment": { - "$ref": "#/definitions/AWS::Lightsail::Container.ContainerServiceDeployment", - "markdownDescription": "An object that describes the current container deployment of the container service.", - "title": "ContainerServiceDeployment" - }, - "IsDisabled": { - "markdownDescription": "A Boolean value indicating whether the container service is disabled.", - "title": "IsDisabled", - "type": "boolean" - }, - "Power": { - "markdownDescription": "The power specification of the container service.\n\nThe power specifies the amount of RAM, the number of vCPUs, and the base price of the container service.", - "title": "Power", - "type": "string" - }, - "PrivateRegistryAccess": { - "$ref": "#/definitions/AWS::Lightsail::Container.PrivateRegistryAccess", - "markdownDescription": "An object that describes the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry ( Amazon ECR ) private repositories.\n\nFor more information, see [Configuring access to an Amazon ECR private repository for an Amazon Lightsail container service](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-container-service-ecr-private-repo-access) in the *Amazon Lightsail Developer Guide* .", - "title": "PrivateRegistryAccess" - }, - "PublicDomainNames": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.PublicDomainName" - }, - "markdownDescription": "The public domain name of the container service, such as `example.com` and `www.example.com` .\n\nYou can specify up to four public domain names for a container service. The domain names that you specify are used when you create a deployment with a container that is configured as the public endpoint of your container service.\n\nIf you don't specify public domain names, then you can use the default domain of the container service.\n\n> You must create and validate an SSL/TLS certificate before you can use public domain names with your container service. Use the [AWS::Lightsail::Certificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-certificate.html) resource to create a certificate for the public domain names that you want to use with your container service.", - "title": "PublicDomainNames", - "type": "array" - }, - "Scale": { - "markdownDescription": "The scale specification of the container service.\n\nThe scale specifies the allocated compute nodes of the container service.", - "title": "Scale", - "type": "number" + "AccessPolicyIdentity": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity", + "markdownDescription": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", + "title": "AccessPolicyIdentity" }, - "ServiceName": { - "markdownDescription": "The name of the container service.", - "title": "ServiceName", + "AccessPolicyPermission": { + "markdownDescription": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", + "title": "AccessPolicyPermission", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" + "AccessPolicyResource": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource", + "markdownDescription": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.", + "title": "AccessPolicyResource" } }, "required": [ - "Power", - "Scale", - "ServiceName" + "AccessPolicyIdentity", + "AccessPolicyPermission", + "AccessPolicyResource" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Container" + "AWS::IoTSiteWise::AccessPolicy" ], "type": "string" }, @@ -147218,201 +155005,99 @@ ], "type": "object" }, - "AWS::Lightsail::Container.Container": { + "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The launch command for the container.", - "title": "Command", - "type": "array" - }, - "ContainerName": { - "markdownDescription": "The name of the container.", - "title": "ContainerName", - "type": "string" - }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.EnvironmentVariable" - }, - "markdownDescription": "The environment variables of the container.", - "title": "Environment", - "type": "array" - }, - "Image": { - "markdownDescription": "The name of the image used for the container.\n\nContainer images that are sourced from (registered and stored on) your container service start with a colon ( `:` ). For example, if your container service name is `container-service-1` , the container image label is `mystaticsite` , and you want to use the third version ( `3` ) of the registered container image, then you should specify `:container-service-1.mystaticsite.3` . To use the latest version of a container image, specify `latest` instead of a version number (for example, `:container-service-1.mystaticsite.latest` ). Your container service will automatically use the highest numbered version of the registered container image.\n\nContainer images that are sourced from a public registry like Docker Hub don\u2019t start with a colon. For example, `nginx:latest` or `nginx` .", - "title": "Image", - "type": "string" + "IamRole": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamRole", + "markdownDescription": "An IAM role identity.", + "title": "IamRole" }, - "Ports": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.PortInfo" - }, - "markdownDescription": "An object that describes the open firewall ports and protocols of the container.", - "title": "Ports", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lightsail::Container.ContainerServiceDeployment": { - "additionalProperties": false, - "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.Container" - }, - "markdownDescription": "An object that describes the configuration for the containers of the deployment.", - "title": "Containers", - "type": "array" + "IamUser": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamUser", + "markdownDescription": "An IAM user identity.", + "title": "IamUser" }, - "PublicEndpoint": { - "$ref": "#/definitions/AWS::Lightsail::Container.PublicEndpoint", - "markdownDescription": "An object that describes the endpoint of the deployment.", - "title": "PublicEndpoint" + "User": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.User", + "markdownDescription": "An IAM Identity Center user identity.", + "title": "User" } }, "type": "object" }, - "AWS::Lightsail::Container.EcrImagePullerRole": { + "AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource": { "additionalProperties": false, "properties": { - "IsActive": { - "markdownDescription": "A boolean value that indicates whether the `ECRImagePullerRole` is active.", - "title": "IsActive", - "type": "boolean" + "Portal": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Portal", + "markdownDescription": "Identifies an AWS IoT SiteWise Monitor portal.", + "title": "Portal" }, - "PrincipalArn": { - "markdownDescription": "The principle Amazon Resource Name (ARN) of the role. This property is read-only.", - "title": "PrincipalArn", - "type": "string" + "Project": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Project", + "markdownDescription": "Identifies a specific AWS IoT SiteWise Monitor project.", + "title": "Project" } }, "type": "object" }, - "AWS::Lightsail::Container.EnvironmentVariable": { + "AWS::IoTSiteWise::AccessPolicy.IamRole": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The environment variable value.", - "title": "Value", - "type": "string" - }, - "Variable": { - "markdownDescription": "The environment variable key.", - "title": "Variable", + "arn": { + "markdownDescription": "The ARN of the IAM role. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .", + "title": "arn", "type": "string" } }, "type": "object" }, - "AWS::Lightsail::Container.HealthCheckConfig": { + "AWS::IoTSiteWise::AccessPolicy.IamUser": { "additionalProperties": false, "properties": { - "HealthyThreshold": { - "markdownDescription": "The number of consecutive health check successes required before moving the container to the `Healthy` state. The default value is `2` .", - "title": "HealthyThreshold", - "type": "number" - }, - "IntervalSeconds": { - "markdownDescription": "The approximate interval, in seconds, between health checks of an individual container. You can specify between `5` and `300` seconds. The default value is `5` .", - "title": "IntervalSeconds", - "type": "number" - }, - "Path": { - "markdownDescription": "The path on the container on which to perform the health check. The default value is `/` .", - "title": "Path", - "type": "string" - }, - "SuccessCodes": { - "markdownDescription": "The HTTP codes to use when checking for a successful response from a container. You can specify values between `200` and `499` . You can specify multiple values (for example, `200,202` ) or a range of values (for example, `200-299` ).", - "title": "SuccessCodes", + "arn": { + "markdownDescription": "The ARN of the IAM user. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .\n\n> If you delete the IAM user, access policies that contain this identity include an empty `arn` . You can delete the access policy for the IAM user that no longer exists.", + "title": "arn", "type": "string" - }, - "TimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check. You can specify between `2` and `60` seconds. The default value is `2` .", - "title": "TimeoutSeconds", - "type": "number" - }, - "UnhealthyThreshold": { - "markdownDescription": "The number of consecutive health check failures required before moving the container to the `Unhealthy` state. The default value is `2` .", - "title": "UnhealthyThreshold", - "type": "number" } }, "type": "object" }, - "AWS::Lightsail::Container.PortInfo": { + "AWS::IoTSiteWise::AccessPolicy.Portal": { "additionalProperties": false, "properties": { - "Port": { - "markdownDescription": "The open firewall ports of the container.", - "title": "Port", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol name for the open ports.\n\n*Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP`", - "title": "Protocol", + "id": { + "markdownDescription": "The ID of the portal.", + "title": "id", "type": "string" } }, "type": "object" }, - "AWS::Lightsail::Container.PrivateRegistryAccess": { - "additionalProperties": false, - "properties": { - "EcrImagePullerRole": { - "$ref": "#/definitions/AWS::Lightsail::Container.EcrImagePullerRole", - "markdownDescription": "An object that describes the activation status of the role that you can use to grant a Lightsail container service access to Amazon ECR private repositories. If the role is activated, the Amazon Resource Name (ARN) of the role is also listed.", - "title": "EcrImagePullerRole" - } - }, - "type": "object" - }, - "AWS::Lightsail::Container.PublicDomainName": { + "AWS::IoTSiteWise::AccessPolicy.Project": { "additionalProperties": false, "properties": { - "CertificateName": { - "markdownDescription": "The name of the certificate for the public domains.", - "title": "CertificateName", + "id": { + "markdownDescription": "The ID of the project.", + "title": "id", "type": "string" - }, - "DomainNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The public domain names to use with the container service.", - "title": "DomainNames", - "type": "array" } }, "type": "object" }, - "AWS::Lightsail::Container.PublicEndpoint": { + "AWS::IoTSiteWise::AccessPolicy.User": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The name of the container entry of the deployment that the endpoint configuration applies to.", - "title": "ContainerName", + "id": { + "markdownDescription": "The IAM Identity Center ID of the user.", + "title": "id", "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port of the specified container to which traffic is forwarded to.", - "title": "ContainerPort", - "type": "number" - }, - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::Lightsail::Container.HealthCheckConfig", - "markdownDescription": "An object that describes the health check configuration of the container.", - "title": "HealthCheckConfig" } }, "type": "object" }, - "AWS::Lightsail::Database": { + "AWS::IoTSiteWise::Asset": { "additionalProperties": false, "properties": { "Condition": { @@ -147447,100 +155132,60 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the database.", - "title": "AvailabilityZone", - "type": "string" - }, - "BackupRetention": { - "markdownDescription": "A Boolean value indicating whether automated backup retention is enabled for the database. Data Import Mode is enabled when `BackupRetention` is set to `false` , and is disabled when `BackupRetention` is set to `true` .", - "title": "BackupRetention", - "type": "boolean" - }, - "CaCertificateIdentifier": { - "markdownDescription": "The certificate associated with the database.", - "title": "CaCertificateIdentifier", - "type": "string" - }, - "MasterDatabaseName": { - "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n*MySQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, no database is created in the database resource.\n\nConstraints:\n\n- Must contain 1-64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in MySQL, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , and [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, a database named `postgres` is created in the database resource.\n\nConstraints:\n\n- Must contain 1-63 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in PostgreSQL, see the SQL Key Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", - "title": "MasterDatabaseName", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the primary user of the database. The password can include any printable ASCII character except the following: /, \", or @. It cannot contain spaces.\n\n> The `MasterUserPassword` and `RotateMasterUserPassword` parameters cannot be used together in the same template. \n\n*MySQL*\n\nConstraints: Must contain 8-41 characters.\n\n*PostgreSQL*\n\nConstraints: Must contain 8-128 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The name for the primary user.\n\n*MySQL*\n\nConstraints:\n\n- Required for MySQL.\n- Must be 1-16 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , or [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nConstraints:\n\n- Required for PostgreSQL.\n- Must be 1-63 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", - "title": "MasterUsername", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created for the database (for example, `16:00-16:30` ).", - "title": "PreferredBackupWindow", + "AssetDescription": { + "markdownDescription": "The ID of the asset, in UUID format.", + "title": "AssetDescription", "type": "string" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur for the database, formatted as follows: `ddd:hh24:mi-ddd:hh24:mi` . For example, `Tue:17:00-Tue:17:30` .", - "title": "PreferredMaintenanceWindow", + "AssetExternalId": { + "markdownDescription": "The external ID of the asset model composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetExternalId", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "A Boolean value indicating whether the database is accessible to anyone on the internet.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "RelationalDatabaseBlueprintId": { - "markdownDescription": "The blueprint ID for the database (for example, `mysql_8_0` ).", - "title": "RelationalDatabaseBlueprintId", - "type": "string" + "AssetHierarchies": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetHierarchy" + }, + "markdownDescription": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships.", + "title": "AssetHierarchies", + "type": "array" }, - "RelationalDatabaseBundleId": { - "markdownDescription": "The bundle ID for the database (for example, `medium_1_0` ).", - "title": "RelationalDatabaseBundleId", + "AssetModelId": { + "markdownDescription": "The ID of the asset model from which to create the asset. This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelId", "type": "string" }, - "RelationalDatabaseName": { - "markdownDescription": "The name of the instance.", - "title": "RelationalDatabaseName", + "AssetName": { + "markdownDescription": "A friendly name for the asset.", + "title": "AssetName", "type": "string" }, - "RelationalDatabaseParameters": { + "AssetProperties": { "items": { - "$ref": "#/definitions/AWS::Lightsail::Database.RelationalDatabaseParameter" + "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetProperty" }, - "markdownDescription": "An array of parameters for the database.", - "title": "RelationalDatabaseParameters", + "markdownDescription": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object.", + "title": "AssetProperties", "type": "array" }, - "RotateMasterUserPassword": { - "markdownDescription": "A Boolean value indicating whether to change the primary user password to a new, strong password generated by Lightsail .\n\n> The `RotateMasterUserPassword` and `MasterUserPassword` parameters cannot be used together in the same template.", - "title": "RotateMasterUserPassword", - "type": "boolean" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ - "MasterDatabaseName", - "MasterUsername", - "RelationalDatabaseBlueprintId", - "RelationalDatabaseBundleId", - "RelationalDatabaseName" + "AssetModelId", + "AssetName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Database" + "AWS::IoTSiteWise::Asset" ], "type": "string" }, @@ -147559,53 +155204,72 @@ ], "type": "object" }, - "AWS::Lightsail::Database.RelationalDatabaseParameter": { + "AWS::IoTSiteWise::Asset.AssetHierarchy": { "additionalProperties": false, "properties": { - "AllowedValues": { - "markdownDescription": "The valid range of values for the parameter.", - "title": "AllowedValues", + "ChildAssetId": { + "markdownDescription": "The Id of the child asset.", + "title": "ChildAssetId", "type": "string" }, - "ApplyMethod": { - "markdownDescription": "Indicates when parameter updates are applied.\n\nCan be `immediate` or `pending-reboot` .", - "title": "ApplyMethod", + "ExternalId": { + "markdownDescription": "The external ID of the hierarchy, if it has one. When you update an asset hierarchy, you may assign an external ID if it doesn't already have one. You can't change the external ID of an asset hierarchy that already has one. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ExternalId", "type": "string" }, - "ApplyType": { - "markdownDescription": "Specifies the engine-specific parameter type.", - "title": "ApplyType", + "Id": { + "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set.", + "title": "Id", "type": "string" }, - "DataType": { - "markdownDescription": "The valid data type of the parameter.", - "title": "DataType", + "LogicalId": { + "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .", + "title": "LogicalId", + "type": "string" + } + }, + "required": [ + "ChildAssetId" + ], + "type": "object" + }, + "AWS::IoTSiteWise::Asset.AssetProperty": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "The alias that identifies the property, such as an OPC-UA server data stream path (for example, `/company/windfarm/3/turbine/7/temperature` ). For more information, see [Mapping industrial data streams to asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/connect-data-streams.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Alias", "type": "string" }, - "Description": { - "markdownDescription": "A description of the parameter.", - "title": "Description", + "ExternalId": { + "markdownDescription": "The external ID of the property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ExternalId", "type": "string" }, - "IsModifiable": { - "markdownDescription": "A Boolean value indicating whether the parameter can be modified.", - "title": "IsModifiable", - "type": "boolean" + "Id": { + "markdownDescription": "The ID of the asset property.\n\n> This is a return value and can't be set.", + "title": "Id", + "type": "string" }, - "ParameterName": { - "markdownDescription": "The name of the parameter.", - "title": "ParameterName", + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset property.", + "title": "LogicalId", "type": "string" }, - "ParameterValue": { - "markdownDescription": "The value for the parameter.", - "title": "ParameterValue", + "NotificationState": { + "markdownDescription": "The MQTT notification state (enabled or disabled) for this asset property. When the notification state is enabled, AWS IoT SiteWise publishes property value updates to a unique MQTT topic. For more information, see [Interacting with other services](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/interact-with-other-services.html) in the *AWS IoT SiteWise User Guide* .\n\nIf you omit this parameter, the notification state is set to `DISABLED` .", + "title": "NotificationState", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit (such as `Newtons` or `RPM` ) of the asset property.", + "title": "Unit", "type": "string" } }, "type": "object" }, - "AWS::Lightsail::Disk": { + "AWS::IoTSiteWise::AssetModel": { "additionalProperties": false, "properties": { "Condition": { @@ -147640,52 +155304,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AddOns": { + "AssetModelCompositeModels": { "items": { - "$ref": "#/definitions/AWS::Lightsail::Disk.AddOn" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel" }, - "markdownDescription": "An array of add-ons for the disk.\n\n> If the disk has an add-on enabled when performing a delete disk request, the add-on is automatically disabled before the disk is deleted.", - "title": "AddOns", + "markdownDescription": "The composite models that are part of this asset model. It groups properties (such as attributes, measurements, transforms, and metrics) and child composite models that model parts of your industrial equipment. Each composite model has a type that defines the properties that the composite model supports. Use composite models to define alarms on this asset model.\n\n> When creating custom composite models, you need to use [CreateAssetModelCompositeModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModelCompositeModel.html) . For more information, see [Creating custom composite models (Components)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-custom-composite-models.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelCompositeModels", "type": "array" }, - "AvailabilityZone": { - "markdownDescription": "The AWS Region and Availability Zone location for the disk (for example, `us-east-1a` ).", - "title": "AvailabilityZone", + "AssetModelDescription": { + "markdownDescription": "A description for the asset model.", + "title": "AssetModelDescription", "type": "string" }, - "DiskName": { - "markdownDescription": "The name of the disk.", - "title": "DiskName", + "AssetModelExternalId": { + "markdownDescription": "The external ID of the asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelExternalId", "type": "string" }, - "Location": { - "$ref": "#/definitions/AWS::Lightsail::Disk.Location", - "markdownDescription": "The AWS Region and Availability Zone where the disk is located.", - "title": "Location" + "AssetModelHierarchies": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelHierarchy" + }, + "markdownDescription": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 10 hierarchies per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelHierarchies", + "type": "array" }, - "SizeInGb": { - "markdownDescription": "The size of the disk in GB.", - "title": "SizeInGb", - "type": "number" + "AssetModelName": { + "markdownDescription": "A unique name for the asset model.", + "title": "AssetModelName", + "type": "string" + }, + "AssetModelProperties": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" + }, + "markdownDescription": "The property definitions of the asset model. For more information, see [Asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 200 properties per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelProperties", + "type": "array" + }, + "AssetModelType": { + "markdownDescription": "The type of asset model.\n\n- *ASSET_MODEL* \u2013 (default) An asset model that you can use to create assets. Can't be included as a component in another asset model.\n- *COMPONENT_MODEL* \u2013 A reusable component that you can include in the composite models of other asset models. You can't create assets directly from this type of asset model.", + "title": "AssetModelType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ - "DiskName", - "SizeInGb" + "AssetModelName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Disk" + "AWS::IoTSiteWise::AssetModel" ], "type": "string" }, @@ -147704,330 +155383,354 @@ ], "type": "object" }, - "AWS::Lightsail::Disk.AddOn": { + "AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel": { "additionalProperties": false, "properties": { - "AddOnType": { - "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for a disk.", - "title": "AddOnType", + "ComposedAssetModelId": { + "markdownDescription": "The ID of a component model which is reused to create this composite model.", + "title": "ComposedAssetModelId", "type": "string" }, - "AutoSnapshotAddOnRequest": { - "$ref": "#/definitions/AWS::Lightsail::Disk.AutoSnapshotAddOn", - "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", - "title": "AutoSnapshotAddOnRequest" + "CompositeModelProperties": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" + }, + "markdownDescription": "The asset property definitions for this composite model.", + "title": "CompositeModelProperties", + "type": "array" }, - "Status": { - "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", - "title": "Status", + "Description": { + "markdownDescription": "The description of the composite model.\n\n> If the composite model is a `component-model-based` composite model, the description is inherited from the `COMPONENT_MODEL` asset model and cannot be changed.", + "title": "Description", + "type": "string" + }, + "ExternalId": { + "markdownDescription": "The external ID of a composite model on this asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `Path` must be specified.", + "title": "ExternalId", + "type": "string" + }, + "Id": { + "markdownDescription": "The ID of the asset model composite model.\n\n> This is a return value and can't be set.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the composite model.", + "title": "Name", + "type": "string" + }, + "ParentAssetModelCompositeModelExternalId": { + "markdownDescription": "The external ID of the parent composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ParentAssetModelCompositeModelExternalId", + "type": "string" + }, + "Path": { + "items": { + "type": "string" + }, + "markdownDescription": "The structured path to the property from the root of the asset using property names. Path is used as the ID if the asset model is a derived composite model.\n\n> One of `ExternalId` or `Path` must be specified.", + "title": "Path", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the composite model. For alarm composite models, this type is `AWS/ALARM` .", + "title": "Type", "type": "string" } }, "required": [ - "AddOnType" + "Name", + "Type" ], "type": "object" }, - "AWS::Lightsail::Disk.AutoSnapshotAddOn": { + "AWS::IoTSiteWise::AssetModel.AssetModelHierarchy": { "additionalProperties": false, "properties": { - "SnapshotTimeOfDay": { - "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", - "title": "SnapshotTimeOfDay", + "ChildAssetModelId": { + "markdownDescription": "The ID of the asset model, in UUID format. All assets in this hierarchy must be instances of the `childAssetModelId` asset model. AWS IoT SiteWise will always return the actual asset model ID for this value. However, when you are specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) , you may provide either the asset model ID or else `externalId:` followed by the asset model's external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ChildAssetModelId", + "type": "string" + }, + "ExternalId": { + "markdownDescription": "The external ID (if any) provided in the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) operation. You can assign an external ID by specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) . However, you can't change the external ID if one is already assigned. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "ExternalId", + "type": "string" + }, + "Id": { + "markdownDescription": "The ID of the asset model hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set. \n\n- If you are callling [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) to create a *new* hierarchy: You can specify its ID here, if desired. AWS IoT SiteWise automatically generates a unique ID for you, so this parameter is never required. However, if you prefer to supply your own ID instead, you can specify it here in UUID format. If you specify your own ID, it must be globally unique.\n- If you are calling UpdateAssetModel to modify an *existing* hierarchy: This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", + "title": "Id", + "type": "string" + }, + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset model hierarchy. This ID is a `hierarchyLogicalId` .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "LogicalId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the asset model hierarchy that you specify by using the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) API operation.", + "title": "Name", "type": "string" } }, + "required": [ + "ChildAssetModelId", + "Name" + ], "type": "object" }, - "AWS::Lightsail::Disk.Location": { + "AWS::IoTSiteWise::AssetModel.AssetModelProperty": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the disk is located.", - "title": "AvailabilityZone", + "DataType": { + "markdownDescription": "The data type of the asset model property.\n\nIf you specify `STRUCT` , you must also specify `dataTypeSpec` to identify the type of the structure for this property.", + "title": "DataType", "type": "string" }, - "RegionName": { - "markdownDescription": "The AWS Region where the disk is located.", - "title": "RegionName", + "DataTypeSpec": { + "markdownDescription": "The data type of the structure for this property. This parameter exists on properties that have the `STRUCT` data type.", + "title": "DataTypeSpec", + "type": "string" + }, + "ExternalId": { + "markdownDescription": "The external ID of the asset property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "ExternalId", + "type": "string" + }, + "Id": { + "markdownDescription": "The ID of the property.\n\n> This is a return value and can't be set.", + "title": "Id", + "type": "string" + }, + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset model property.\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "LogicalId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the asset model property.", + "title": "Name", + "type": "string" + }, + "Type": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyType", + "markdownDescription": "Contains a property type, which can be one of `attribute` , `measurement` , `metric` , or `transform` .", + "title": "Type" + }, + "Unit": { + "markdownDescription": "The unit of the asset model property, such as `Newtons` or `RPM` .", + "title": "Unit", "type": "string" } }, + "required": [ + "DataType", + "Name", + "Type" + ], "type": "object" }, - "AWS::Lightsail::Distribution": { + "AWS::IoTSiteWise::AssetModel.Attribute": { "additionalProperties": false, "properties": { - "Condition": { + "DefaultValue": { + "markdownDescription": "The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* .", + "title": "DefaultValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.ExpressionVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The friendly name of the variable to be used in the expression.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.VariableValue", + "markdownDescription": "The variable that identifies an asset property from which to use values.", + "title": "Value" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel.Metric": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The mathematical expression that defines the metric aggregation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Expression", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BundleId": { - "markdownDescription": "The ID of the bundle applied to the distribution.", - "title": "BundleId", - "type": "string" - }, - "CacheBehaviorSettings": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheSettings", - "markdownDescription": "An object that describes the cache behavior settings of the distribution.", - "title": "CacheBehaviorSettings" - }, - "CacheBehaviors": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehaviorPerPath" - }, - "markdownDescription": "An array of objects that describe the per-path cache behavior of the distribution.", - "title": "CacheBehaviors", - "type": "array" - }, - "CertificateName": { - "markdownDescription": "The name of the SSL/TLS certificate attached to the distribution.", - "title": "CertificateName", - "type": "string" - }, - "DefaultCacheBehavior": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehavior", - "markdownDescription": "An object that describes the default cache behavior of the distribution.", - "title": "DefaultCacheBehavior" - }, - "DistributionName": { - "markdownDescription": "The name of the distribution", - "title": "DistributionName", - "type": "string" - }, - "IpAddressType": { - "markdownDescription": "The IP address type of the distribution.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for IPv4 and IPv6.", - "title": "IpAddressType", - "type": "string" - }, - "IsEnabled": { - "markdownDescription": "A Boolean value indicating whether the distribution is enabled.", - "title": "IsEnabled", - "type": "boolean" - }, - "Origin": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.InputOrigin", - "markdownDescription": "An object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer.\n\nThe distribution pulls, caches, and serves content from the origin.", - "title": "Origin" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } + "Variables": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" }, - "required": [ - "BundleId", - "DefaultCacheBehavior", - "DistributionName", - "Origin" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Lightsail::Distribution" - ], - "type": "string" + "markdownDescription": "The list of variables used in the expression.", + "title": "Variables", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Window": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.MetricWindow", + "markdownDescription": "The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression. AWS IoT SiteWise computes one data point per `window` .", + "title": "Window" } }, "required": [ - "Type", - "Properties" + "Expression", + "Variables", + "Window" ], "type": "object" }, - "AWS::Lightsail::Distribution.CacheBehavior": { + "AWS::IoTSiteWise::AssetModel.MetricWindow": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "The cache behavior of the distribution.\n\nThe following cache behaviors can be specified:\n\n- *`cache`* - This option is best for static sites. When specified, your distribution caches and serves your entire website as static content. This behavior is ideal for websites with static content that doesn't change depending on who views it, or for websites that don't use cookies, headers, or query strings to personalize content.\n- *`dont-cache`* - This option is best for sites that serve a mix of static and dynamic content. When specified, your distribution caches and serves only the content that is specified in the distribution\u2019s `CacheBehaviorPerPath` parameter. This behavior is ideal for websites or web applications that use cookies, headers, and query strings to personalize content for individual users.", - "title": "Behavior", - "type": "string" + "Tumbling": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.TumblingWindow", + "markdownDescription": "The tumbling time interval window.", + "title": "Tumbling" } }, "type": "object" }, - "AWS::Lightsail::Distribution.CacheBehaviorPerPath": { + "AWS::IoTSiteWise::AssetModel.PropertyPathDefinition": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "The cache behavior for the specified path.\n\nYou can specify one of the following per-path cache behaviors:\n\n- *`cache`* - This behavior caches the specified path.\n- *`dont-cache`* - This behavior doesn't cache the specified path.", - "title": "Behavior", - "type": "string" - }, - "Path": { - "markdownDescription": "The path to a directory or file to cache, or not cache. Use an asterisk symbol to specify wildcard directories ( `path/to/assets/*` ), and file types ( `*.html` , `*jpg` , `*js` ). Directories and file paths are case-sensitive.\n\nExamples:\n\n- Specify the following to cache all files in the document root of an Apache web server running on a instance.\n\n`var/www/html/`\n- Specify the following file to cache only the index page in the document root of an Apache web server.\n\n`var/www/html/index.html`\n- Specify the following to cache only the .html files in the document root of an Apache web server.\n\n`var/www/html/*.html`\n- Specify the following to cache only the .jpg, .png, and .gif files in the images sub-directory of the document root of an Apache web server.\n\n`var/www/html/images/*.jpg`\n\n`var/www/html/images/*.png`\n\n`var/www/html/images/*.gif`\n\nSpecify the following to cache all files in the images subdirectory of the document root of an Apache web server.\n\n`var/www/html/images/`", - "title": "Path", + "Name": { + "markdownDescription": "The name of the path segment.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Lightsail::Distribution.CacheSettings": { + "AWS::IoTSiteWise::AssetModel.PropertyType": { "additionalProperties": false, "properties": { - "AllowedHTTPMethods": { - "markdownDescription": "The HTTP methods that are processed and forwarded to the distribution's origin.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution forwards the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution forwards the `GET` , `HEAD` , and `OPTIONS` methods.\n- `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` - The distribution forwards the `GET` , `HEAD` , `OPTIONS` , `PUT` , `PATCH` , `POST` , and `DELETE` methods.\n\nIf you specify `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` , you might need to restrict access to your distribution's origin so users can't perform operations that you don't want them to. For example, you might not want users to have permission to delete objects from your origin.", - "title": "AllowedHTTPMethods", - "type": "string" - }, - "CachedHTTPMethods": { - "markdownDescription": "The HTTP method responses that are cached by your distribution.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution caches responses to the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution caches responses to the `GET` , `HEAD` , and `OPTIONS` methods.", - "title": "CachedHTTPMethods", - "type": "string" - }, - "DefaultTTL": { - "markdownDescription": "The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.\n\n> The value specified applies only when the origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", - "title": "DefaultTTL", - "type": "number" - }, - "ForwardedCookies": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CookieObject", - "markdownDescription": "An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded.", - "title": "ForwardedCookies" - }, - "ForwardedHeaders": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.HeaderObject", - "markdownDescription": "An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded.", - "title": "ForwardedHeaders" + "Attribute": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Attribute", + "markdownDescription": "Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine.", + "title": "Attribute" }, - "ForwardedQueryStrings": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.QueryStringObject", - "markdownDescription": "An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded.", - "title": "ForwardedQueryStrings" + "Metric": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Metric", + "markdownDescription": "Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature.", + "title": "Metric" }, - "MaximumTTL": { - "markdownDescription": "The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nThe value specified applies only when the origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", - "title": "MaximumTTL", - "type": "number" + "Transform": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Transform", + "markdownDescription": "Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit.", + "title": "Transform" }, - "MinimumTTL": { - "markdownDescription": "The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nA value of `0` must be specified for `minimumTTL` if the distribution is configured to forward all headers to the origin.", - "title": "MinimumTTL", - "type": "number" + "TypeName": { + "markdownDescription": "The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` .", + "title": "TypeName", + "type": "string" } }, + "required": [ + "TypeName" + ], "type": "object" }, - "AWS::Lightsail::Distribution.CookieObject": { + "AWS::IoTSiteWise::AssetModel.Transform": { "additionalProperties": false, "properties": { - "CookiesAllowList": { + "Expression": { + "markdownDescription": "The mathematical expression that defines the transformation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Expression", + "type": "string" + }, + "Variables": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" }, - "markdownDescription": "The specific cookies to forward to your distribution's origin.", - "title": "CookiesAllowList", + "markdownDescription": "The list of variables used in the expression.", + "title": "Variables", "type": "array" - }, - "Option": { - "markdownDescription": "Specifies which cookies to forward to the distribution's origin for a cache behavior.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all cookies to your origin.\n- *`none`* - Doesn\u2019t forward cookies to your origin.\n- *`allow-list`* - Forwards only the cookies that you specify using the `CookiesAllowList` parameter.", - "title": "Option", - "type": "string" } }, + "required": [ + "Expression", + "Variables" + ], "type": "object" }, - "AWS::Lightsail::Distribution.HeaderObject": { + "AWS::IoTSiteWise::AssetModel.TumblingWindow": { "additionalProperties": false, "properties": { - "HeadersAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The specific headers to forward to your distribution's origin.", - "title": "HeadersAllowList", - "type": "array" + "Interval": { + "markdownDescription": "The time interval for the tumbling window. The interval time must be between 1 minute and 1 week.\n\nAWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on.\n\nWhen AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval.", + "title": "Interval", + "type": "string" }, - "Option": { - "markdownDescription": "The headers that you want your distribution to forward to your origin. Your distribution caches your content based on these headers.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all headers to your origin..\n- *`none`* - Forwards only the default headers.\n- *`allow-list`* - Forwards only the headers that you specify using the `HeadersAllowList` parameter.", - "title": "Option", + "Offset": { + "markdownDescription": "The offset for the tumbling window. The `offset` parameter accepts the following:\n\n- The offset time.\n\nFor example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The ISO 8601 format.\n\nFor example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The 24-hour clock.\n\nFor example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC).\n- The offset time zone.\n\nFor example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric.\n- If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day.", + "title": "Offset", "type": "string" } }, + "required": [ + "Interval" + ], "type": "object" }, - "AWS::Lightsail::Distribution.InputOrigin": { + "AWS::IoTSiteWise::AssetModel.VariableValue": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the origin resource.", - "title": "Name", + "HierarchyExternalId": { + "markdownDescription": "The external ID of the hierarchy being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyExternalId", "type": "string" }, - "ProtocolPolicy": { - "markdownDescription": "The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.", - "title": "ProtocolPolicy", + "HierarchyId": { + "markdownDescription": "The ID of the hierarchy to query for the property ID. You can use the hierarchy's name instead of the hierarchy's ID. If the hierarchy has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\nYou use a hierarchy ID instead of a model ID because you can have several hierarchies using the same model and therefore the same `propertyId` . For example, you might have separately grouped assets that come from the same asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyId", "type": "string" }, - "RegionName": { - "markdownDescription": "The AWS Region name of the origin resource.", - "title": "RegionName", + "HierarchyLogicalId": { + "markdownDescription": "The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` .\n\nYou use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyLogicalId", "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Distribution.QueryStringObject": { - "additionalProperties": false, - "properties": { - "Option": { - "markdownDescription": "Indicates whether the distribution forwards and caches based on query strings.", - "title": "Option", - "type": "boolean" }, - "QueryStringsAllowList": { + "PropertyExternalId": { + "markdownDescription": "The external ID of the property being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "PropertyExternalId", + "type": "string" + }, + "PropertyId": { + "markdownDescription": "The ID of the property to use as the variable. You can use the property `name` if it's from the same asset model. If the property has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> This is a return value and can't be set.", + "title": "PropertyId", + "type": "string" + }, + "PropertyLogicalId": { + "markdownDescription": "The `LogicalID` of the property that is being referenced.", + "title": "PropertyLogicalId", + "type": "string" + }, + "PropertyPath": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyPathDefinition" }, - "markdownDescription": "The specific query strings that the distribution forwards to the origin.\n\nYour distribution caches content based on the specified query strings.\n\nIf the `option` parameter is true, then your distribution forwards all query strings, regardless of what you specify using the `QueryStringsAllowList` parameter.", - "title": "QueryStringsAllowList", + "markdownDescription": "The path of the property. Each step of the path is the name of the step. See the following example:\n\n`PropertyPath: Name: AssetModelName Name: Composite1 Name: NestedComposite`", + "title": "PropertyPath", "type": "array" } }, "type": "object" }, - "AWS::Lightsail::Instance": { + "AWS::IoTSiteWise::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -148062,83 +155765,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AddOns": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.AddOn" - }, - "markdownDescription": "An array of add-ons for the instance.\n\n> If the instance has an add-on enabled when performing a delete instance request, the add-on is automatically disabled before the instance is deleted.", - "title": "AddOns", - "type": "array" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", - "type": "string" - }, - "BlueprintId": { - "markdownDescription": "The blueprint ID for the instance (for example, `os_amlinux_2016_03` ).", - "title": "BlueprintId", + "DashboardDefinition": { + "markdownDescription": "The dashboard definition specified in a JSON literal.\n\n- AWS IoT SiteWise Monitor (Classic) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-using-aws-cli.html)\n- AWS IoT SiteWise Monitor (AI-aware) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-ai-dashboard-cli.html)\n\nin the *AWS IoT SiteWise User Guide*", + "title": "DashboardDefinition", "type": "string" }, - "BundleId": { - "markdownDescription": "The bundle ID for the instance (for example, `micro_1_0` ).", - "title": "BundleId", + "DashboardDescription": { + "markdownDescription": "A description for the dashboard.", + "title": "DashboardDescription", "type": "string" }, - "Hardware": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Hardware", - "markdownDescription": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n> The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", - "title": "Hardware" - }, - "InstanceName": { - "markdownDescription": "The name of the instance.", - "title": "InstanceName", + "DashboardName": { + "markdownDescription": "A friendly name for the dashboard.", + "title": "DashboardName", "type": "string" }, - "KeyPairName": { - "markdownDescription": "The name of the key pair to use for the instance.\n\nIf no key pair name is specified, the Regional Lightsail default key pair is used.", - "title": "KeyPairName", + "ProjectId": { + "markdownDescription": "The ID of the project in which to create the dashboard.", + "title": "ProjectId", "type": "string" }, - "Location": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Location", - "markdownDescription": "The location for the instance, such as the AWS Region and Availability Zone.\n\n> The `Location` property is read-only and should not be specified in a create instance or update instance request.", - "title": "Location" - }, - "Networking": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Networking", - "markdownDescription": "The public ports and the monthly amount of data transfer allocated for the instance.", - "title": "Networking" - }, - "State": { - "$ref": "#/definitions/AWS::Lightsail::Instance.State", - "markdownDescription": "The status code and the state (for example, `running` ) of the instance.\n\n> The `State` property is read-only and should not be specified in a create instance or update instance request.", - "title": "State" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "A list of key-value pairs that contain metadata for the dashboard. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" - }, - "UserData": { - "markdownDescription": "The optional launch script for the instance.\n\nSpecify a launch script to configure an instance with additional user data. For example, you might want to specify `apt-get -y update` as a launch script.\n\n> Depending on the blueprint of your instance, the command to get software on your instance varies. Amazon Linux and CentOS use `yum` , Debian and Ubuntu use `apt-get` , and FreeBSD uses `pkg` .", - "title": "UserData", - "type": "string" } }, "required": [ - "BlueprintId", - "BundleId", - "InstanceName" + "DashboardDefinition", + "DashboardDescription", + "DashboardName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Instance" + "AWS::IoTSiteWise::Dashboard" ], "type": "string" }, @@ -148157,241 +155822,7 @@ ], "type": "object" }, - "AWS::Lightsail::Instance.AddOn": { - "additionalProperties": false, - "properties": { - "AddOnType": { - "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for an instance.", - "title": "AddOnType", - "type": "string" - }, - "AutoSnapshotAddOnRequest": { - "$ref": "#/definitions/AWS::Lightsail::Instance.AutoSnapshotAddOn", - "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", - "title": "AutoSnapshotAddOnRequest" - }, - "Status": { - "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", - "title": "Status", - "type": "string" - } - }, - "required": [ - "AddOnType" - ], - "type": "object" - }, - "AWS::Lightsail::Instance.AutoSnapshotAddOn": { - "additionalProperties": false, - "properties": { - "SnapshotTimeOfDay": { - "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", - "title": "SnapshotTimeOfDay", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.Disk": { - "additionalProperties": false, - "properties": { - "AttachedTo": { - "markdownDescription": "The resources to which the disk is attached.", - "title": "AttachedTo", - "type": "string" - }, - "AttachmentState": { - "markdownDescription": "(Deprecated) The attachment state of the disk.\n\n> In releases prior to November 14, 2017, this parameter returned `attached` for system disks in the API response. It is now deprecated, but still included in the response. Use `isAttached` instead.", - "title": "AttachmentState", - "type": "string" - }, - "DiskName": { - "markdownDescription": "The unique name of the disk.", - "title": "DiskName", - "type": "string" - }, - "IOPS": { - "markdownDescription": "The input/output operations per second (IOPS) of the disk.", - "title": "IOPS", - "type": "number" - }, - "IsSystemDisk": { - "markdownDescription": "A Boolean value indicating whether this disk is a system disk (has an operating system loaded on it).", - "title": "IsSystemDisk", - "type": "boolean" - }, - "Path": { - "markdownDescription": "The disk path.", - "title": "Path", - "type": "string" - }, - "SizeInGb": { - "markdownDescription": "The size of the disk in GB.", - "title": "SizeInGb", - "type": "string" - } - }, - "required": [ - "DiskName", - "Path" - ], - "type": "object" - }, - "AWS::Lightsail::Instance.Hardware": { - "additionalProperties": false, - "properties": { - "CpuCount": { - "markdownDescription": "The number of vCPUs the instance has.\n\n> The `CpuCount` property is read-only and should not be specified in a create instance or update instance request.", - "title": "CpuCount", - "type": "number" - }, - "Disks": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Disk" - }, - "markdownDescription": "The disks attached to the instance.\n\nThe instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", - "title": "Disks", - "type": "array" - }, - "RamSizeInGb": { - "markdownDescription": "The amount of RAM in GB on the instance (for example, `1.0` ).\n\n> The `RamSizeInGb` property is read-only and should not be specified in a create instance or update instance request.", - "title": "RamSizeInGb", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.Location": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", - "type": "string" - }, - "RegionName": { - "markdownDescription": "The name of the AWS Region for the instance.", - "title": "RegionName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.MonthlyTransfer": { - "additionalProperties": false, - "properties": { - "GbPerMonthAllocated": { - "markdownDescription": "The amount of allocated monthly data transfer (in GB) for an instance.", - "title": "GbPerMonthAllocated", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.Networking": { - "additionalProperties": false, - "properties": { - "MonthlyTransfer": { - "$ref": "#/definitions/AWS::Lightsail::Instance.MonthlyTransfer", - "markdownDescription": "The monthly amount of data transfer, in GB, allocated for the instance", - "title": "MonthlyTransfer" - }, - "Ports": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Port" - }, - "markdownDescription": "An array of ports to open on the instance.", - "title": "Ports", - "type": "array" - } - }, - "required": [ - "Ports" - ], - "type": "object" - }, - "AWS::Lightsail::Instance.Port": { - "additionalProperties": false, - "properties": { - "AccessDirection": { - "markdownDescription": "The access direction ( `inbound` or `outbound` ).\n\n> Lightsail currently supports only `inbound` access direction.", - "title": "AccessDirection", - "type": "string" - }, - "AccessFrom": { - "markdownDescription": "The location from which access is allowed. For example, `Anywhere (0.0.0.0/0)` , or `Custom` if a specific IP address or range of IP addresses is allowed.", - "title": "AccessFrom", - "type": "string" - }, - "AccessType": { - "markdownDescription": "The type of access ( `Public` or `Private` ).", - "title": "AccessType", - "type": "string" - }, - "CidrListAliases": { - "items": { - "type": "string" - }, - "markdownDescription": "An alias that defines access for a preconfigured range of IP addresses.\n\nThe only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance.", - "title": "CidrListAliases", - "type": "array" - }, - "Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.\n\n> The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. \n\nExamples:\n\n- To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` .\n- To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` .", - "title": "Cidrs", - "type": "array" - }, - "CommonName": { - "markdownDescription": "The common name of the port information.", - "title": "CommonName", - "type": "string" - }, - "FromPort": { - "markdownDescription": "The first port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP type for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP type for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", - "title": "FromPort", - "type": "number" - }, - "Ipv6Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used.\n\n> The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance.", - "title": "Ipv6Cidrs", - "type": "array" - }, - "Protocol": { - "markdownDescription": "The IP protocol name.\n\nThe name can be one of the following:\n\n- `tcp` - Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of streamed data between applications running on hosts communicating by an IP network. If you have an application that doesn't require reliable data stream service, use UDP instead.\n- `all` - All transport layer protocol types.\n- `udp` - With User Datagram Protocol (UDP), computer applications can send messages (or datagrams) to other hosts on an Internet Protocol (IP) network. Prior communications are not required to set up transmission channels or data paths. Applications that don't require reliable data stream service can use UDP, which provides a connectionless datagram service that emphasizes reduced latency over reliability. If you do require reliable data stream service, use TCP instead.\n- `icmp` - Internet Control Message Protocol (ICMP) is used to send error messages and operational information indicating success or failure when communicating with an instance. For example, an error is indicated when an instance could not be reached. When you specify `icmp` as the `protocol` , you must specify the ICMP type using the `fromPort` parameter, and ICMP code using the `toPort` parameter.", - "title": "Protocol", - "type": "string" - }, - "ToPort": { - "markdownDescription": "The last port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP code for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP code for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", - "title": "ToPort", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.State": { - "additionalProperties": false, - "properties": { - "Code": { - "markdownDescription": "The status code of the instance.", - "title": "Code", - "type": "number" - }, - "Name": { - "markdownDescription": "The state of the instance (for example, `running` or `pending` ).", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::LoadBalancer": { + "AWS::IoTSiteWise::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -148426,67 +155857,39 @@ "Properties": { "additionalProperties": false, "properties": { - "AttachedInstances": { - "items": { - "type": "string" - }, - "markdownDescription": "The Lightsail instances to attach to the load balancer.", - "title": "AttachedInstances", - "type": "array" - }, - "HealthCheckPath": { - "markdownDescription": "The path on the attached instance where the health check will be performed. If no path is specified, the load balancer tries to make a request to the default (root) page ( `/index.html` ).", - "title": "HealthCheckPath", - "type": "string" - }, - "InstancePort": { - "markdownDescription": "The port that the load balancer uses to direct traffic to your Lightsail instances. For HTTP traffic, specify port `80` . For HTTPS traffic, specify port `443` .", - "title": "InstancePort", - "type": "number" - }, - "IpAddressType": { - "markdownDescription": "The IP address type of the load balancer.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for both IPv4 and IPv6.", - "title": "IpAddressType", + "DatasetDescription": { + "markdownDescription": "", + "title": "DatasetDescription", "type": "string" }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer.", - "title": "LoadBalancerName", + "DatasetName": { + "markdownDescription": "", + "title": "DatasetName", "type": "string" }, - "SessionStickinessEnabled": { - "markdownDescription": "A Boolean value indicating whether session stickiness is enabled.\n\nEnable session stickiness (also known as *session affinity* ) to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.", - "title": "SessionStickinessEnabled", - "type": "boolean" - }, - "SessionStickinessLBCookieDurationSeconds": { - "markdownDescription": "The time period, in seconds, after which the load balancer session stickiness cookie should be considered stale. If you do not specify this parameter, the default value is 0, which indicates that the sticky session should last for the duration of the browser session.", - "title": "SessionStickinessLBCookieDurationSeconds", - "type": "string" + "DatasetSource": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.DatasetSource", + "markdownDescription": "", + "title": "DatasetSource" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "TlsPolicyName": { - "markdownDescription": "The name of the TLS security policy for the load balancer.", - "title": "TlsPolicyName", - "type": "string" } }, "required": [ - "InstancePort", - "LoadBalancerName" + "DatasetName", + "DatasetSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::LoadBalancer" + "AWS::IoTSiteWise::Dataset" ], "type": "string" }, @@ -148505,7 +155908,63 @@ ], "type": "object" }, - "AWS::Lightsail::LoadBalancerTlsCertificate": { + "AWS::IoTSiteWise::Dataset.DatasetSource": { + "additionalProperties": false, + "properties": { + "SourceDetail": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.SourceDetail", + "markdownDescription": "", + "title": "SourceDetail" + }, + "SourceFormat": { + "markdownDescription": "", + "title": "SourceFormat", + "type": "string" + }, + "SourceType": { + "markdownDescription": "", + "title": "SourceType", + "type": "string" + } + }, + "required": [ + "SourceFormat", + "SourceType" + ], + "type": "object" + }, + "AWS::IoTSiteWise::Dataset.KendraSourceDetail": { + "additionalProperties": false, + "properties": { + "KnowledgeBaseArn": { + "markdownDescription": "", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "KnowledgeBaseArn", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoTSiteWise::Dataset.SourceDetail": { + "additionalProperties": false, + "properties": { + "Kendra": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.KendraSourceDetail", + "markdownDescription": "", + "title": "Kendra" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::Gateway": { "additionalProperties": false, "properties": { "Condition": { @@ -148540,50 +155999,47 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateAlternativeNames": { + "GatewayCapabilitySummaries": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary" }, - "markdownDescription": "An array of alternative domain names and subdomain names for your SSL/TLS certificate.\n\nIn addition to the primary domain name, you can have up to nine alternative domain names. Wildcards (such as `*.example.com` ) are not supported.", - "title": "CertificateAlternativeNames", + "markdownDescription": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", + "title": "GatewayCapabilitySummaries", "type": "array" }, - "CertificateDomainName": { - "markdownDescription": "The domain name for the SSL/TLS certificate. For example, `example.com` or `www.example.com` .", - "title": "CertificateDomainName", - "type": "string" - }, - "CertificateName": { - "markdownDescription": "The name of the SSL/TLS certificate.", - "title": "CertificateName", + "GatewayName": { + "markdownDescription": "A unique name for the gateway.", + "title": "GatewayName", "type": "string" }, - "HttpsRedirectionEnabled": { - "markdownDescription": "A Boolean value indicating whether HTTPS redirection is enabled for the load balancer that the TLS certificate is attached to.", - "title": "HttpsRedirectionEnabled", - "type": "boolean" - }, - "IsAttached": { - "markdownDescription": "A Boolean value indicating whether the SSL/TLS certificate is attached to a Lightsail load balancer.", - "title": "IsAttached", - "type": "boolean" + "GatewayPlatform": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayPlatform", + "markdownDescription": "The gateway's platform. You can only specify one platform in a gateway.", + "title": "GatewayPlatform" }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer that the SSL/TLS certificate is attached to.", - "title": "LoadBalancerName", + "GatewayVersion": { + "markdownDescription": "", + "title": "GatewayVersion", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "CertificateDomainName", - "CertificateName", - "LoadBalancerName" + "GatewayName", + "GatewayPlatform" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::LoadBalancerTlsCertificate" + "AWS::IoTSiteWise::Gateway" ], "type": "string" }, @@ -148602,79 +156058,75 @@ ], "type": "object" }, - "AWS::Lightsail::StaticIp": { + "AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary": { "additionalProperties": false, "properties": { - "Condition": { + "CapabilityConfiguration": { + "markdownDescription": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", + "title": "CapabilityConfiguration", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CapabilityNamespace": { + "markdownDescription": "The namespace of the capability configuration. For example, if you configure OPC UA sources for an MQTT-enabled gateway, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:3` .", + "title": "CapabilityNamespace", "type": "string" + } + }, + "required": [ + "CapabilityNamespace" + ], + "type": "object" + }, + "AWS::IoTSiteWise::Gateway.GatewayPlatform": { + "additionalProperties": false, + "properties": { + "GreengrassV2": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GreengrassV2", + "markdownDescription": "A gateway that runs on AWS IoT Greengrass V2 .", + "title": "GreengrassV2" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AttachedTo": { - "markdownDescription": "The instance that the static IP is attached to.", - "title": "AttachedTo", - "type": "string" - }, - "StaticIpName": { - "markdownDescription": "The name of the static IP.", - "title": "StaticIpName", - "type": "string" - } - }, - "required": [ - "StaticIpName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Lightsail::StaticIp" - ], + "SiemensIE": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.SiemensIE", + "markdownDescription": "An AWS IoT SiteWise Edge gateway that runs on a Siemens Industrial Edge Device.", + "title": "SiemensIE" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::Gateway.GreengrassV2": { + "additionalProperties": false, + "properties": { + "CoreDeviceOperatingSystem": { + "markdownDescription": "", + "title": "CoreDeviceOperatingSystem", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CoreDeviceThingName": { + "markdownDescription": "The name of the AWS IoT thing for your AWS IoT Greengrass V2 core device.", + "title": "CoreDeviceThingName", "type": "string" } }, "required": [ - "Type", - "Properties" + "CoreDeviceThingName" ], "type": "object" }, - "AWS::Location::APIKey": { + "AWS::IoTSiteWise::Gateway.SiemensIE": { + "additionalProperties": false, + "properties": { + "IotCoreThingName": { + "markdownDescription": "The name of the AWS IoT Thing for your AWS IoT SiteWise Edge gateway.", + "title": "IotCoreThingName", + "type": "string" + } + }, + "required": [ + "IotCoreThingName" + ], + "type": "object" + }, + "AWS::IoTSiteWise::Portal": { "additionalProperties": false, "properties": { "Condition": { @@ -148709,59 +156161,76 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Updates the description for the API key resource.", - "title": "Description", + "Alarms": { + "$ref": "#/definitions/AWS::IoTSiteWise::Portal.Alarms", + "markdownDescription": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see [Monitoring with alarms](https://docs.aws.amazon.com/iot-sitewise/latest/appguide/monitor-alarms.html) in the *AWS IoT SiteWise Application Guide* .", + "title": "Alarms" + }, + "NotificationSenderEmail": { + "markdownDescription": "The email address that sends alarm notifications.\n\n> If you use the [AWS IoT Events managed Lambda function](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) to manage your emails, you must [verify the sender email address in Amazon SES](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html) .", + "title": "NotificationSenderEmail", "type": "string" }, - "ExpireTime": { - "markdownDescription": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) .", - "title": "ExpireTime", + "PortalAuthMode": { + "markdownDescription": "The service to use to authenticate users to the portal. Choose from the following options:\n\n- `SSO` \u2013 The portal uses AWS IAM Identity Center to authenticate users and manage user permissions. Before you can create a portal that uses IAM Identity Center, you must enable IAM Identity Center. For more information, see [Enabling IAM Identity Center](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-get-started.html#mon-gs-sso) in the *AWS IoT SiteWise User Guide* . This option is only available in AWS Regions other than the China Regions.\n- `IAM` \u2013 The portal uses AWS Identity and Access Management to authenticate users and manage user permissions.\n\nYou can't change this value after you create a portal.\n\nDefault: `SSO`", + "title": "PortalAuthMode", "type": "string" }, - "ForceDelete": { - "markdownDescription": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n> This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use.", - "title": "ForceDelete", - "type": "boolean" + "PortalContactEmail": { + "markdownDescription": "The AWS administrator's contact email address.", + "title": "PortalContactEmail", + "type": "string" }, - "ForceUpdate": { - "markdownDescription": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred.", - "title": "ForceUpdate", - "type": "boolean" + "PortalDescription": { + "markdownDescription": "A description for the portal.", + "title": "PortalDescription", + "type": "string" }, - "KeyName": { - "markdownDescription": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` .", - "title": "KeyName", + "PortalName": { + "markdownDescription": "A friendly name for the portal.", + "title": "PortalName", "type": "string" }, - "NoExpiry": { - "markdownDescription": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time.", - "title": "NoExpiry", - "type": "boolean" + "PortalType": { + "markdownDescription": "Define the type of portal. The value for AWS IoT SiteWise Monitor (Classic) is `SITEWISE_PORTAL_V1` . The value for AWS IoT SiteWise Monitor (AI-aware) is `SITEWISE_PORTAL_V2` .", + "title": "PortalType", + "type": "string" }, - "Restrictions": { - "$ref": "#/definitions/AWS::Location::APIKey.ApiKeyRestrictions", - "markdownDescription": "The API key restrictions for the API key resource.", - "title": "Restrictions" + "PortalTypeConfiguration": { + "additionalProperties": false, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTSiteWise::Portal.PortalTypeEntry" + } + }, + "title": "PortalTypeConfiguration", + "type": "object" + }, + "RoleArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf. For more information, see [Using service roles for AWS IoT SiteWise Monitor](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-service-role.html) in the *AWS IoT SiteWise User Guide* .", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair that helps manage, identify, search, and filter your resources by labelling them.", + "markdownDescription": "A list of key-value pairs that contain metadata for the portal. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ - "KeyName", - "Restrictions" + "PortalContactEmail", + "PortalName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::APIKey" + "AWS::IoTSiteWise::Portal" ], "type": "string" }, @@ -148780,41 +156249,40 @@ ], "type": "object" }, - "AWS::Location::APIKey.ApiKeyRestrictions": { + "AWS::IoTSiteWise::Portal.Alarms": { "additionalProperties": false, "properties": { - "AllowActions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action.\n\nThe following are valid values for the actions.\n\n- *Map actions*\n\n- `geo:GetMap*` - Allows all actions needed for map rendering.\n- *Enhanced Maps actions*\n\n- `geo-maps:GetTile` - Allows getting map tiles for rendering.\n- `geo-maps:GetStaticMap` - Allows getting static map images.\n- *Place actions*\n\n- `geo:SearchPlaceIndexForText` - Allows finding geo coordinates of a known place.\n- `geo:SearchPlaceIndexForPosition` - Allows getting nearest address to geo coordinates.\n- `geo:SearchPlaceIndexForSuggestions` - Allows suggestions based on an incomplete or misspelled query.\n- `geo:GetPlace` - Allows getting details of a place.\n- *Enhanced Places actions*\n\n- `geo-places:Autcomplete` - Allows auto-completion of search text.\n- `geo-places:Geocode` - Allows finding geo coordinates of a known place.\n- `geo-places:GetPlace` - Allows getting details of a place.\n- `geo-places:ReverseGeocode` - Allows getting nearest address to geo coordinates.\n- `geo-places:SearchNearby` - Allows category based places search around geo coordinates.\n- `geo-places:SearchText` - Allows place or address search based on free-form text.\n- `geo-places:Suggest` - Allows suggestions based on an incomplete or misspelled query.\n- *Route actions*\n\n- `geo:CalculateRoute` - Allows point to point routing.\n- `geo:CalculateRouteMatrix` - Allows matrix routing.\n- *Enhanced Routes actions*\n\n- `geo-routes:CalculateIsolines` - Allows isoline calculation.\n- `geo-routes:CalculateRoutes` - Allows point to point routing.\n- `geo-routes:CalculateRouteMatrix` - Allows matrix routing.\n- `geo-routes:OptimizeWaypoints` - Allows computing the best sequence of waypoints.\n- `geo-routes:SnapToRoads` - Allows snapping GPS points to a likely route.\n\n> You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `[\"geo:GetMap*\"]` is valid but `[\"geo:GetTile\"]` is not. Similarly, you cannot use `[\"geo:SearchPlaceIndexFor*\"]` - you must list each of the Place actions separately.", - "title": "AllowActions", - "type": "array" - }, - "AllowReferers": { - "items": { - "type": "string" - }, - "markdownDescription": "An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) or any symbols in this list `$\\-._+!*`(),;/?:@=&`\n- May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes.\n- May contain wildcard characters question mark (?) and asterisk (*).\n\nQuestion mark (?) will replace any single character (including hexadecimal digits).\n\nAsterisk (*) will replace any multiple characters (including multiple hexadecimal digits).\n- No spaces allowed. For example, `https://example.com` .", - "title": "AllowReferers", - "type": "array" + "AlarmRoleArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events .", + "title": "AlarmRoleArn", + "type": "string" }, - "AllowResources": { + "NotificationLambdaArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Lambda function that manages alarm notifications. For more information, see [Managing alarm notifications](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) in the *AWS IoT Events Developer Guide* .", + "title": "NotificationLambdaArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::Portal.PortalTypeEntry": { + "additionalProperties": false, + "properties": { + "PortalTools": { "items": { "type": "string" }, - "markdownDescription": "A list of allowed resource ARNs that a API key bearer can perform actions on.\n\n- The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type.\n- The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created.\n- Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:).\n- No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` .\n\nFor more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) .", - "title": "AllowResources", + "markdownDescription": "The array of tools associated with the specified portal type. The possible values are `ASSISTANT` and `DASHBOARD` .", + "title": "PortalTools", "type": "array" } }, "required": [ - "AllowActions", - "AllowResources" + "PortalTools" ], "type": "object" }, - "AWS::Location::GeofenceCollection": { + "AWS::IoTSiteWise::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -148849,38 +156317,47 @@ "Properties": { "additionalProperties": false, "properties": { - "CollectionName": { - "markdownDescription": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` .", - "title": "CollectionName", + "AssetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list that contains the IDs of each asset associated with the project.", + "title": "AssetIds", + "type": "array" + }, + "PortalId": { + "markdownDescription": "The ID of the portal in which to create the project.", + "title": "PortalId", "type": "string" }, - "Description": { - "markdownDescription": "An optional description for the geofence collection.", - "title": "Description", + "ProjectDescription": { + "markdownDescription": "A description for the project.", + "title": "ProjectDescription", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", - "title": "KmsKeyId", + "ProjectName": { + "markdownDescription": "A friendly name for the project.", + "title": "ProjectName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Applies one or more tags to the geofence collection. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", + "markdownDescription": "A list of key-value pairs that contain metadata for the project. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ - "CollectionName" + "PortalId", + "ProjectName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::GeofenceCollection" + "AWS::IoTSiteWise::Project" ], "type": "string" }, @@ -148899,7 +156376,7 @@ ], "type": "object" }, - "AWS::Location::Map": { + "AWS::IoTThingsGraph::FlowTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -148934,44 +156411,21 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::Location::Map.MapConfiguration", - "markdownDescription": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource.", - "title": "Configuration" - }, - "Description": { - "markdownDescription": "An optional description for the map resource.", - "title": "Description", - "type": "string" - }, - "MapName": { - "markdownDescription": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` .", - "title": "MapName", - "type": "string" - }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", - "type": "string" + "CompatibleNamespaceVersion": { + "type": "number" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", - "title": "Tags", - "type": "array" + "Definition": { + "$ref": "#/definitions/AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument" } }, "required": [ - "Configuration", - "MapName" + "Definition" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::Map" + "AWS::IoTThingsGraph::FlowTemplate" ], "type": "string" }, @@ -148990,34 +156444,23 @@ ], "type": "object" }, - "AWS::Location::Map.MapConfiguration": { + "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { "additionalProperties": false, "properties": { - "CustomLayers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style.\n\n> Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) .", - "title": "CustomLayers", - "type": "array" - }, - "PoliticalView": { - "markdownDescription": "Specifies the map political view selected from an available data provider.", - "title": "PoliticalView", + "Language": { "type": "string" }, - "Style": { - "markdownDescription": "Specifies the map style selected from an available data provider.\n\nValid [Esri map styles](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) :\n\n- `VectorEsriDarkGrayCanvas` \u2013 The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `RasterEsriImagery` \u2013 The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide.\n- `VectorEsriLightGrayCanvas` \u2013 The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `VectorEsriTopographic` \u2013 The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style.\n- `VectorEsriStreets` \u2013 The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map.\n- `VectorEsriNavigation` \u2013 The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices.\n\nValid [HERE Technologies map styles](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) :\n\n- `VectorHereContrast` \u2013 The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering.\n\n> The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it.\n- `VectorHereExplore` \u2013 A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan.\n- `VectorHereExploreTruck` \u2013 A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics.\n- `RasterHereExploreSatellite` \u2013 A global map containing high resolution satellite imagery.\n- `HybridHereExploreSatellite` \u2013 A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved.\n\n> Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved.\n\nValid [GrabMaps map styles](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) :\n\n- `VectorGrabStandardLight` \u2013 The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia.\n- `VectorGrabStandardDark` \u2013 The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia.\n\n> Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) . \n\nValid [Open Data map styles](https://docs.aws.amazon.com/location/previous/developerguide/open-data.html) :\n\n- `VectorOpenDataStandardLight` \u2013 The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataStandardDark` \u2013 Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataVisualizationLight` \u2013 The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data.\n- `VectorOpenDataVisualizationDark` \u2013 The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data.", - "title": "Style", + "Text": { "type": "string" } }, "required": [ - "Style" + "Language", + "Text" ], "type": "object" }, - "AWS::Location::PlaceIndex": { + "AWS::IoTTwinMaker::ComponentType": { "additionalProperties": false, "properties": { "Condition": { @@ -149052,49 +156495,99 @@ "Properties": { "additionalProperties": false, "properties": { - "DataSource": { - "markdownDescription": "Specifies the geospatial data provider for the new place index.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` \u2013 Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n> If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS service terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service developer guide* .", - "title": "DataSource", + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", "type": "string" }, - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Location::PlaceIndex.DataSourceConfiguration", - "markdownDescription": "Specifies the data storage option requesting Places.", - "title": "DataSourceConfiguration" + "CompositeComponentTypes": { + "additionalProperties": false, + "markdownDescription": "Maps strings to `compositeComponentTypes` of the `componentType` . `CompositeComponentType` is referenced by `componentTypeId` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.CompositeComponentType" + } + }, + "title": "CompositeComponentTypes", + "type": "object" }, "Description": { - "markdownDescription": "The optional description for the place index resource.", + "markdownDescription": "The description of the component type.", "title": "Description", "type": "string" }, - "IndexName": { - "markdownDescription": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` .", - "title": "IndexName", - "type": "string" + "ExtendsFrom": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the parent component type that this component type extends.", + "title": "ExtendsFrom", + "type": "array" }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", - "type": "string" + "Functions": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the functions in the component type. Each string in the mapping must be unique to this object.\n\nFor information on the FunctionResponse object see the [FunctionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_FunctionResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Function" + } + }, + "title": "Functions", + "type": "object" + }, + "IsSingleton": { + "markdownDescription": "A boolean value that specifies whether an entity can have more than one component of this type.", + "title": "IsSingleton", + "type": "boolean" + }, + "PropertyDefinitions": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property definitions in the component type. Each string in the mapping must be unique to this object.\n\nFor information about the PropertyDefinitionResponse object, see the [PropertyDefinitionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_PropertyDefinitionResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyDefinition" + } + }, + "title": "PropertyDefinitions", + "type": "object" + }, + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The ComponentType tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "", "title": "Tags", - "type": "array" + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the component type.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "DataSource", - "IndexName" + "ComponentTypeId", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::PlaceIndex" + "AWS::IoTTwinMaker::ComponentType" ], "type": "string" }, @@ -149113,18 +156606,299 @@ ], "type": "object" }, - "AWS::Location::PlaceIndex.DataSourceConfiguration": { + "AWS::IoTTwinMaker::ComponentType.CompositeComponentType": { "additionalProperties": false, "properties": { - "IntendedUse": { - "markdownDescription": "Specifies how the results of an operation will be stored by the caller.\n\nValid values include:\n\n- `SingleUse` specifies that the results won't be stored.\n- `Storage` specifies that the result can be cached or stored in a database.\n\nDefault value: `SingleUse`", - "title": "IntendedUse", + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", "type": "string" } }, "type": "object" }, - "AWS::Location::RouteCalculator": { + "AWS::IoTTwinMaker::ComponentType.DataConnector": { + "additionalProperties": false, + "properties": { + "IsNative": { + "markdownDescription": "A boolean value that specifies whether the data connector is native to IoT TwinMaker.", + "title": "IsNative", + "type": "boolean" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.LambdaFunction", + "markdownDescription": "The Lambda function associated with the data connector.", + "title": "Lambda" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.DataType": { + "additionalProperties": false, + "properties": { + "AllowedValues": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + }, + "markdownDescription": "The allowed values for this data type.", + "title": "AllowedValues", + "type": "array" + }, + "NestedType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", + "markdownDescription": "The nested type in the data type.", + "title": "NestedType" + }, + "Relationship": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Relationship", + "markdownDescription": "A relationship that associates a component with another component.", + "title": "Relationship" + }, + "Type": { + "markdownDescription": "The underlying type of the data type.\n\nValid Values: `RELATIONSHIP | STRING | LONG | BOOLEAN | INTEGER | DOUBLE | LIST | MAP`", + "title": "Type", + "type": "string" + }, + "UnitOfMeasure": { + "markdownDescription": "The unit of measure used in this data type.", + "title": "UnitOfMeasure", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.DataValue": { + "additionalProperties": false, + "properties": { + "BooleanValue": { + "markdownDescription": "A boolean value.", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "A double value.", + "title": "DoubleValue", + "type": "number" + }, + "Expression": { + "markdownDescription": "An expression that produces the value.", + "title": "Expression", + "type": "string" + }, + "IntegerValue": { + "markdownDescription": "An integer value.", + "title": "IntegerValue", + "type": "number" + }, + "ListValue": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + }, + "markdownDescription": "A list of multiple values.", + "title": "ListValue", + "type": "array" + }, + "LongValue": { + "markdownDescription": "A long value.", + "title": "LongValue", + "type": "number" + }, + "MapValue": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to multiple `DataValue` objects.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + } + }, + "title": "MapValue", + "type": "object" + }, + "RelationshipValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.RelationshipValue", + "markdownDescription": "A value that relates a component to another component.", + "title": "RelationshipValue" + }, + "StringValue": { + "markdownDescription": "A string value.", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.Error": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The component type error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "The component type error message.", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.Function": { + "additionalProperties": false, + "properties": { + "ImplementedBy": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataConnector", + "markdownDescription": "The data connector.", + "title": "ImplementedBy" + }, + "RequiredProperties": { + "items": { + "type": "string" + }, + "markdownDescription": "The required properties of the function.", + "title": "RequiredProperties", + "type": "array" + }, + "Scope": { + "markdownDescription": "The scope of the function.", + "title": "Scope", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.LambdaFunction": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Lambda function ARN.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.PropertyDefinition": { + "additionalProperties": false, + "properties": { + "Configurations": { + "additionalProperties": true, + "markdownDescription": "A mapping that specifies configuration information about the property.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Configurations", + "type": "object" + }, + "DataType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", + "markdownDescription": "", + "title": "DataType" + }, + "DefaultValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue", + "markdownDescription": "A boolean value that specifies whether the property ID comes from an external data store.", + "title": "DefaultValue" + }, + "IsExternalId": { + "markdownDescription": "A Boolean value that specifies whether the property ID comes from an external data source.", + "title": "IsExternalId", + "type": "boolean" + }, + "IsRequiredInEntity": { + "markdownDescription": "A boolean value that specifies whether the property is required in an entity.", + "title": "IsRequiredInEntity", + "type": "boolean" + }, + "IsStoredExternally": { + "markdownDescription": "A boolean value that specifies whether the property is stored externally.", + "title": "IsStoredExternally", + "type": "boolean" + }, + "IsTimeSeries": { + "markdownDescription": "A boolean value that specifies whether the property consists of time series data.", + "title": "IsTimeSeries", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.PropertyGroup": { + "additionalProperties": false, + "properties": { + "GroupType": { + "markdownDescription": "The group type.", + "title": "GroupType", + "type": "string" + }, + "PropertyNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The property names.", + "title": "PropertyNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.Relationship": { + "additionalProperties": false, + "properties": { + "RelationshipType": { + "markdownDescription": "The type of the relationship.", + "title": "RelationshipType", + "type": "string" + }, + "TargetComponentTypeId": { + "markdownDescription": "The ID of the target component type associated with this relationship.", + "title": "TargetComponentTypeId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.RelationshipValue": { + "additionalProperties": false, + "properties": { + "TargetComponentName": { + "markdownDescription": "The target component name.", + "title": "TargetComponentName", + "type": "string" + }, + "TargetEntityId": { + "markdownDescription": "The target entity Id.", + "title": "TargetEntityId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.Status": { + "additionalProperties": false, + "properties": { + "Error": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Error", + "markdownDescription": "The component type error.", + "title": "Error" + }, + "State": { + "markdownDescription": "The component type status state.", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity": { "additionalProperties": false, "properties": { "Condition": { @@ -149159,44 +156933,74 @@ "Properties": { "additionalProperties": false, "properties": { - "CalculatorName": { - "markdownDescription": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` .", - "title": "CalculatorName", - "type": "string" + "Components": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the components in the entity. Each string in the mapping must be unique to this object.\n\nFor information on the component object see the [component](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_ComponentResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Component" + } + }, + "title": "Components", + "type": "object" }, - "DataSource": { - "markdownDescription": "Specifies the data provider of traffic and road network data.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` \u2013 Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", - "title": "DataSource", - "type": "string" + "CompositeComponents": { + "additionalProperties": false, + "markdownDescription": "Maps string to `compositeComponent` updates in the request. Each key of the map represents the `componentPath` of the `compositeComponent` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.CompositeComponent" + } + }, + "title": "CompositeComponents", + "type": "object" }, "Description": { - "markdownDescription": "The optional description for the route calculator resource.", + "markdownDescription": "The description of the entity.", "title": "Description", "type": "string" }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", + "EntityId": { + "markdownDescription": "The ID of the entity.", + "title": "EntityId", + "type": "string" + }, + "EntityName": { + "markdownDescription": "The entity name.", + "title": "EntityName", + "type": "string" + }, + "ParentEntityId": { + "markdownDescription": "The ID of the parent entity.", + "title": "ParentEntityId", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Metadata that you can use to manage the entity.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "", "title": "Tags", - "type": "array" + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the entity.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "CalculatorName", - "DataSource" + "EntityName", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::RouteCalculator" + "AWS::IoTTwinMaker::Entity" ], "type": "string" }, @@ -149215,7 +157019,368 @@ ], "type": "object" }, - "AWS::Location::Tracker": { + "AWS::IoTTwinMaker::Entity.Component": { + "additionalProperties": false, + "properties": { + "ComponentName": { + "markdownDescription": "The name of the component.", + "title": "ComponentName", + "type": "string" + }, + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", + "type": "string" + }, + "DefinedIn": { + "markdownDescription": "The name of the property definition set in the request.", + "title": "DefinedIn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the component.", + "title": "Description", + "type": "string" + }, + "Properties": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" + } + }, + "title": "Properties", + "type": "object" + }, + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" + }, + "Status": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", + "markdownDescription": "The status of the component.", + "title": "Status" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.CompositeComponent": { + "additionalProperties": false, + "properties": { + "ComponentName": { + "markdownDescription": "The name of the component.", + "title": "ComponentName", + "type": "string" + }, + "ComponentPath": { + "markdownDescription": "The path to the composite component, starting from the top-level component.", + "title": "ComponentPath", + "type": "string" + }, + "ComponentTypeId": { + "markdownDescription": "The ID of the composite component type.", + "title": "ComponentTypeId", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the component type.", + "title": "Description", + "type": "string" + }, + "Properties": { + "additionalProperties": false, + "markdownDescription": "Map of strings to the properties in the component type. Each string in the mapping must be unique to this component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" + } + }, + "title": "Properties", + "type": "object" + }, + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "The property groups.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" + }, + "Status": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", + "markdownDescription": "The current status of the composite component.", + "title": "Status" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.DataType": { + "additionalProperties": false, + "properties": { + "AllowedValues": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + }, + "markdownDescription": "The allowed values.", + "title": "AllowedValues", + "type": "array" + }, + "NestedType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", + "markdownDescription": "The nested type.", + "title": "NestedType" + }, + "Relationship": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Relationship", + "markdownDescription": "The relationship.", + "title": "Relationship" + }, + "Type": { + "markdownDescription": "The entity type.", + "title": "Type", + "type": "string" + }, + "UnitOfMeasure": { + "markdownDescription": "The unit of measure.", + "title": "UnitOfMeasure", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.DataValue": { + "additionalProperties": false, + "properties": { + "BooleanValue": { + "markdownDescription": "A boolean value.", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "A double value.", + "title": "DoubleValue", + "type": "number" + }, + "Expression": { + "markdownDescription": "An expression that produces the value.", + "title": "Expression", + "type": "string" + }, + "IntegerValue": { + "markdownDescription": "An integer value.", + "title": "IntegerValue", + "type": "number" + }, + "ListValue": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + }, + "markdownDescription": "A list of multiple values.", + "title": "ListValue", + "type": "array" + }, + "LongValue": { + "markdownDescription": "A long value.", + "title": "LongValue", + "type": "number" + }, + "MapValue": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to multiple DataValue objects.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + } + }, + "title": "MapValue", + "type": "object" + }, + "RelationshipValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.RelationshipValue", + "markdownDescription": "A value that relates a component to another component.", + "title": "RelationshipValue" + }, + "StringValue": { + "markdownDescription": "A string value.", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Definition": { + "additionalProperties": false, + "properties": { + "Configuration": { + "additionalProperties": true, + "markdownDescription": "The configuration.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Configuration", + "type": "object" + }, + "DataType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", + "markdownDescription": "The data type", + "title": "DataType" + }, + "DefaultValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", + "markdownDescription": "The default value.", + "title": "DefaultValue" + }, + "IsExternalId": { + "markdownDescription": "Displays if the entity has a external Id.", + "title": "IsExternalId", + "type": "boolean" + }, + "IsFinal": { + "markdownDescription": "Displays if the entity is final.", + "title": "IsFinal", + "type": "boolean" + }, + "IsImported": { + "markdownDescription": "Displays if the entity is imported.", + "title": "IsImported", + "type": "boolean" + }, + "IsInherited": { + "markdownDescription": "Displays if the entity is inherited.", + "title": "IsInherited", + "type": "boolean" + }, + "IsRequiredInEntity": { + "markdownDescription": "Displays if the entity is a required entity.", + "title": "IsRequiredInEntity", + "type": "boolean" + }, + "IsStoredExternally": { + "markdownDescription": "Displays if the entity is tored externally.", + "title": "IsStoredExternally", + "type": "boolean" + }, + "IsTimeSeries": { + "markdownDescription": "Displays if the entity", + "title": "IsTimeSeries", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Error": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The entity error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "The entity error message.", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Property": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Definition", + "markdownDescription": "An object that specifies information about a property.", + "title": "Definition" + }, + "Value": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", + "markdownDescription": "An object that contains information about a value for a time series property.", + "title": "Value" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.PropertyGroup": { + "additionalProperties": false, + "properties": { + "GroupType": { + "markdownDescription": "The group type.", + "title": "GroupType", + "type": "string" + }, + "PropertyNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The property names.", + "title": "PropertyNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Relationship": { + "additionalProperties": false, + "properties": { + "RelationshipType": { + "markdownDescription": "The relationship type.", + "title": "RelationshipType", + "type": "string" + }, + "TargetComponentTypeId": { + "markdownDescription": "the component type Id target.", + "title": "TargetComponentTypeId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.RelationshipValue": { + "additionalProperties": false, + "properties": { + "TargetComponentName": { + "markdownDescription": "The target component name.", + "title": "TargetComponentName", + "type": "string" + }, + "TargetEntityId": { + "markdownDescription": "The target entity Id.", + "title": "TargetEntityId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Status": { + "additionalProperties": false, + "properties": { + "Error": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Error", + "markdownDescription": "The error message.", + "title": "Error" + }, + "State": { + "markdownDescription": "The current state of the entity, component, component type, or workspace.\n\nValid Values: `CREATING | UPDATING | DELETING | ACTIVE | ERROR`", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Scene": { "additionalProperties": false, "properties": { "Condition": { @@ -149250,53 +157415,67 @@ "Properties": { "additionalProperties": false, "properties": { + "Capabilities": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of capabilities that the scene uses to render.", + "title": "Capabilities", + "type": "array" + }, + "ContentLocation": { + "markdownDescription": "The relative path that specifies the location of the content definition file.", + "title": "ContentLocation", + "type": "string" + }, "Description": { - "markdownDescription": "An optional description for the tracker resource.", + "markdownDescription": "The description of this scene.", "title": "Description", "type": "string" }, - "EventBridgeEnabled": { - "markdownDescription": "", - "title": "EventBridgeEnabled", - "type": "boolean" - }, - "KmsKeyEnableGeospatialQueries": { - "markdownDescription": "", - "title": "KmsKeyEnableGeospatialQueries", - "type": "boolean" - }, - "KmsKeyId": { - "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", - "title": "KmsKeyId", + "SceneId": { + "markdownDescription": "The ID of the scene.", + "title": "SceneId", "type": "string" }, - "PositionFiltering": { - "markdownDescription": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` .", - "title": "PositionFiltering", - "type": "string" + "SceneMetadata": { + "additionalProperties": true, + "markdownDescription": "The scene metadata.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "SceneMetadata", + "type": "object" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The ComponentType tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "", "title": "Tags", - "type": "array" + "type": "object" }, - "TrackerName": { - "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", - "title": "TrackerName", + "WorkspaceId": { + "markdownDescription": "The ID of the workspace.", + "title": "WorkspaceId", "type": "string" } }, "required": [ - "TrackerName" + "ContentLocation", + "SceneId", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::Tracker" + "AWS::IoTTwinMaker::Scene" ], "type": "string" }, @@ -149315,7 +157494,7 @@ ], "type": "object" }, - "AWS::Location::TrackerConsumer": { + "AWS::IoTTwinMaker::SyncJob": { "additionalProperties": false, "properties": { "Condition": { @@ -149350,26 +157529,43 @@ "Properties": { "additionalProperties": false, "properties": { - "ConsumerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`", - "title": "ConsumerArn", + "SyncRole": { + "markdownDescription": "The SyncJob IAM role. This IAM role is used by the sync job to read from the syncSource, and create, update or delete the corresponding resources.", + "title": "SyncRole", "type": "string" }, - "TrackerName": { - "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", - "title": "TrackerName", + "SyncSource": { + "markdownDescription": "The sync source.\n\n> Currently the only supported syncSoucre is `SITEWISE` .", + "title": "SyncSource", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata you can use to manage the SyncJob.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the sync job.", + "title": "WorkspaceId", "type": "string" } }, "required": [ - "ConsumerArn", - "TrackerName" + "SyncRole", + "SyncSource", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::TrackerConsumer" + "AWS::IoTTwinMaker::SyncJob" ], "type": "string" }, @@ -149388,7 +157584,7 @@ ], "type": "object" }, - "AWS::Logs::AccountPolicy": { + "AWS::IoTTwinMaker::Workspace": { "additionalProperties": false, "properties": { "Condition": { @@ -149423,42 +157619,48 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "Specify the policy, in JSON.\n\n*Data protection policy*\n\nA data protection policy must include two JSON blocks:\n\n- The first block must include both a `DataIdentifer` array and an `Operation` property with an `Audit` action. The `DataIdentifer` array lists the types of sensitive data that you want to mask. For more information about the available options, see [Types of data that you can mask](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html) .\n\nThe `Operation` property with an `Audit` action is required to find the sensitive data terms. This `Audit` action must contain a `FindingsDestination` object. You can optionally use that `FindingsDestination` object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Firehose streams, and S3 buckets, they must already exist.\n- The second block must include both a `DataIdentifer` array and an `Operation` property with an `Deidentify` action. The `DataIdentifer` array must exactly match the `DataIdentifer` array in the first block of the policy.\n\nThe `Operation` property with the `Deidentify` action is what actually masks the data, and it must contain the `\"MaskConfig\": {}` object. The `\"MaskConfig\": {}` object must be empty.\n\n> The contents of the two `DataIdentifer` arrays must match exactly. \n\nIn addition to the two JSON blocks, the `policyDocument` can also include `Name` , `Description` , and `Version` fields. The `Name` is different than the operation's `policyName` parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch .\n\nThe JSON specified in `policyDocument` can be up to 30,720 characters long.\n\n*Subscription filter policy*\n\nA subscription filter policy can include the following attributes in a JSON block:\n\n- *DestinationArn* The ARN of the destination to deliver log events to. Supported destinations are:\n\n- An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.\n- An Firehose data stream in the same account as the subscription policy, for same-account delivery.\n- A Lambda function in the same account as the subscription policy, for same-account delivery.\n- A logical destination in a different account created with [PutDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html) , for cross-account delivery. Kinesis Data Streams and Firehose are supported as logical destinations.\n- *RoleArn* The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.\n- *FilterPattern* A filter pattern for subscribing to a filtered stream of log events.\n- *Distribution* The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to `Random` for a more even distribution. This property is only applicable when the destination is an Kinesis Data Streams data stream.\n\n*Field index policy*\n\nA field index filter policy can include the following attribute in a JSON block:\n\n- *Fields* The array of field indexes to create.\n\nThe following is an example of an index policy document that creates two indexes, `RequestId` and `TransactionId` .\n\n`\"policyDocument\": \"{ \\\"Fields\\\": [ \\\"RequestId\\\", \\\"TransactionId\\\" ] }\"`\n\n*Transformer policy*\n\nA transformer policy must include one JSON block with the array of processors and their configurations. For more information about available processors, see [Processors that you can use](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors) .", - "title": "PolicyDocument", + "Description": { + "markdownDescription": "The description of the workspace.", + "title": "Description", "type": "string" }, - "PolicyName": { - "markdownDescription": "A name for the policy. This must be unique within the account.", - "title": "PolicyName", + "Role": { + "markdownDescription": "The ARN of the execution role associated with the workspace.", + "title": "Role", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of policy that you're creating or updating.", - "title": "PolicyType", + "S3Location": { + "markdownDescription": "The ARN of the S3 bucket where resources associated with the workspace are stored.", + "title": "S3Location", "type": "string" }, - "Scope": { - "markdownDescription": "Currently the only valid value for this parameter is `ALL` , which specifies that the policy applies to all log groups in the account. If you omit this parameter, the default of `ALL` is used. To scope down a subscription filter policy to a subset of log groups, use the `SelectionCriteria` parameter.", - "title": "Scope", - "type": "string" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can use to manage the workspace.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" }, - "SelectionCriteria": { - "markdownDescription": "Use this parameter to apply the new policy to a subset of log groups in the account.\n\nYou need to specify `SelectionCriteria` only when you specify `SUBSCRIPTION_FILTER_POLICY` , `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` for `PolicyType` .\n\nIf `PolicyType` is `SUBSCRIPTION_FILTER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupName NOT IN []`\n\nIf `PolicyType` is `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupNamePrefix`\n\nThe `SelectionCriteria` string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.\n\nUsing the `SelectionCriteria` parameter with `SUBSCRIPTION_FILTER_POLICY` is useful to help prevent infinite loops. For more information, see [Log recursion prevention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html) .", - "title": "SelectionCriteria", + "WorkspaceId": { + "markdownDescription": "The ID of the workspace.", + "title": "WorkspaceId", "type": "string" } }, "required": [ - "PolicyDocument", - "PolicyName", - "PolicyType" + "Role", + "S3Location", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::AccountPolicy" + "AWS::IoTTwinMaker::Workspace" ], "type": "string" }, @@ -149477,7 +157679,7 @@ ], "type": "object" }, - "AWS::Logs::Delivery": { + "AWS::IoTWireless::Destination": { "additionalProperties": false, "properties": { "Condition": { @@ -149512,34 +157714,50 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliveryDestinationArn": { - "markdownDescription": "The ARN of the delivery destination that is associated with this delivery.", - "title": "DeliveryDestinationArn", + "Description": { + "markdownDescription": "The description of the new resource. Maximum length is 2048 characters.", + "title": "Description", "type": "string" }, - "DeliverySourceName": { - "markdownDescription": "The name of the delivery source that is associated with this delivery.", - "title": "DeliverySourceName", + "Expression": { + "markdownDescription": "The rule name to send messages to.", + "title": "Expression", + "type": "string" + }, + "ExpressionType": { + "markdownDescription": "The type of value in `Expression` .", + "title": "ExpressionType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM Role that authorizes the destination.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the delivery.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "required": [ - "DeliveryDestinationArn", - "DeliverySourceName" + "Expression", + "ExpressionType", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::Delivery" + "AWS::IoTWireless::Destination" ], "type": "string" }, @@ -149558,7 +157776,7 @@ ], "type": "object" }, - "AWS::Logs::DeliveryDestination": { + "AWS::IoTWireless::DeviceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -149593,18 +157811,13 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliveryDestinationPolicy": { - "markdownDescription": "An IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. For examples of this policy, see [Examples](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html#API_PutDeliveryDestinationPolicy_Examples) in the CloudWatch Logs API Reference.", - "title": "DeliveryDestinationPolicy", - "type": "object" - }, - "DestinationResourceArn": { - "markdownDescription": "The ARN of the AWS destination that this delivery destination represents. That AWS destination can be a log group in CloudWatch Logs , an Amazon S3 bucket, or a Firehose stream.", - "title": "DestinationResourceArn", - "type": "string" + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile", + "markdownDescription": "LoRaWAN device profile object.", + "title": "LoRaWAN" }, "Name": { - "markdownDescription": "The name of this delivery destination.", + "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, @@ -149612,19 +157825,16 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the delivery destination.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::DeliveryDestination" + "AWS::IoTWireless::DeviceProfile" ], "type": "string" }, @@ -149638,12 +157848,115 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Logs::DeliverySource": { + "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { + "additionalProperties": false, + "properties": { + "ClassBTimeout": { + "markdownDescription": "The ClassBTimeout value.", + "title": "ClassBTimeout", + "type": "number" + }, + "ClassCTimeout": { + "markdownDescription": "The ClassCTimeout value.", + "title": "ClassCTimeout", + "type": "number" + }, + "FactoryPresetFreqsList": { + "items": { + "type": "number" + }, + "markdownDescription": "The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000.", + "title": "FactoryPresetFreqsList", + "type": "array" + }, + "MacVersion": { + "markdownDescription": "The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile.", + "title": "MacVersion", + "type": "string" + }, + "MaxDutyCycle": { + "markdownDescription": "The MaxDutyCycle value.", + "title": "MaxDutyCycle", + "type": "number" + }, + "MaxEirp": { + "markdownDescription": "The MaxEIRP value.", + "title": "MaxEirp", + "type": "number" + }, + "PingSlotDr": { + "markdownDescription": "The PingSlotDR value.", + "title": "PingSlotDr", + "type": "number" + }, + "PingSlotFreq": { + "markdownDescription": "The PingSlotFreq value.", + "title": "PingSlotFreq", + "type": "number" + }, + "PingSlotPeriod": { + "markdownDescription": "The PingSlotPeriod value.", + "title": "PingSlotPeriod", + "type": "number" + }, + "RegParamsRevision": { + "markdownDescription": "The version of regional parameters.", + "title": "RegParamsRevision", + "type": "string" + }, + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", + "type": "string" + }, + "RxDataRate2": { + "markdownDescription": "The RXDataRate2 value.", + "title": "RxDataRate2", + "type": "number" + }, + "RxDelay1": { + "markdownDescription": "The RXDelay1 value.", + "title": "RxDelay1", + "type": "number" + }, + "RxDrOffset1": { + "markdownDescription": "The RXDROffset1 value.", + "title": "RxDrOffset1", + "type": "number" + }, + "RxFreq2": { + "markdownDescription": "The RXFreq2 value.", + "title": "RxFreq2", + "type": "number" + }, + "Supports32BitFCnt": { + "markdownDescription": "The Supports32BitFCnt value.", + "title": "Supports32BitFCnt", + "type": "boolean" + }, + "SupportsClassB": { + "markdownDescription": "The SupportsClassB value.", + "title": "SupportsClassB", + "type": "boolean" + }, + "SupportsClassC": { + "markdownDescription": "The SupportsClassC value.", + "title": "SupportsClassC", + "type": "boolean" + }, + "SupportsJoin": { + "markdownDescription": "The SupportsJoin value.", + "title": "SupportsJoin", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTWireless::FuotaTask": { "additionalProperties": false, "properties": { "Condition": { @@ -149678,38 +157991,70 @@ "Properties": { "additionalProperties": false, "properties": { - "LogType": { - "markdownDescription": "The type of log that the source is sending. For valid values for this parameter, see the documentation for the source service.", - "title": "LogType", + "AssociateMulticastGroup": { + "markdownDescription": "The ID of the multicast group to associate with a FUOTA task.", + "title": "AssociateMulticastGroup", "type": "string" }, - "Name": { - "markdownDescription": "The unique name of the delivery source.", - "title": "Name", + "AssociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to associate with a multicast group.", + "title": "AssociateWirelessDevice", "type": "string" }, - "ResourceArn": { - "markdownDescription": "The ARN of the AWS resource that is generating and sending logs. For example, `arn:aws:workmail:us-east-1:123456789012:organization/m-1234EXAMPLEabcd1234abcd1234abcd1234`", - "title": "ResourceArn", + "Description": { + "markdownDescription": "The description of the new resource.", + "title": "Description", + "type": "string" + }, + "DisassociateMulticastGroup": { + "markdownDescription": "The ID of the multicast group to disassociate from a FUOTA task.", + "title": "DisassociateMulticastGroup", + "type": "string" + }, + "DisassociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to disassociate from a FUOTA task.", + "title": "DisassociateWirelessDevice", + "type": "string" + }, + "FirmwareUpdateImage": { + "markdownDescription": "The S3 URI points to a firmware update image that is to be used with a FUOTA task.", + "title": "FirmwareUpdateImage", + "type": "string" + }, + "FirmwareUpdateRole": { + "markdownDescription": "The firmware update role that is to be used with a FUOTA task.", + "title": "FirmwareUpdateRole", + "type": "string" + }, + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::FuotaTask.LoRaWAN", + "markdownDescription": "The LoRaWAN information used with a FUOTA task.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of a FUOTA task.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the delivery source.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "FirmwareUpdateImage", + "FirmwareUpdateRole", + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::DeliverySource" + "AWS::IoTWireless::FuotaTask" ], "type": "string" }, @@ -149728,7 +158073,26 @@ ], "type": "object" }, - "AWS::Logs::Destination": { + "AWS::IoTWireless::FuotaTask.LoRaWAN": { + "additionalProperties": false, + "properties": { + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", + "type": "string" + }, + "StartTime": { + "markdownDescription": "Start time of a FUOTA task.", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "RfRegion" + ], + "type": "object" + }, + "AWS::IoTWireless::MulticastGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -149763,37 +158127,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationName": { - "markdownDescription": "The name of the destination.", - "title": "DestinationName", + "AssociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to associate with a multicast group.", + "title": "AssociateWirelessDevice", "type": "string" }, - "DestinationPolicy": { - "markdownDescription": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination.", - "title": "DestinationPolicy", + "Description": { + "markdownDescription": "The description of the multicast group.", + "title": "Description", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource.", - "title": "RoleArn", + "DisassociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to disassociate from a multicast group.", + "title": "DisassociateWirelessDevice", "type": "string" }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the physical target where the log events are delivered (for example, a Kinesis stream).", - "title": "TargetArn", + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::MulticastGroup.LoRaWAN", + "markdownDescription": "The LoRaWAN information that is to be used with the multicast group.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of the multicast group.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" } }, "required": [ - "DestinationName", - "RoleArn", - "TargetArn" + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::Destination" + "AWS::IoTWireless::MulticastGroup" ], "type": "string" }, @@ -149812,7 +158187,37 @@ ], "type": "object" }, - "AWS::Logs::LogAnomalyDetector": { + "AWS::IoTWireless::MulticastGroup.LoRaWAN": { + "additionalProperties": false, + "properties": { + "DlClass": { + "markdownDescription": "DlClass for LoRaWAN. Valid values are ClassB and ClassC.", + "title": "DlClass", + "type": "string" + }, + "NumberOfDevicesInGroup": { + "markdownDescription": "Number of devices that are associated to the multicast group.", + "title": "NumberOfDevicesInGroup", + "type": "number" + }, + "NumberOfDevicesRequested": { + "markdownDescription": "Number of devices that are requested to be associated with the multicast group.", + "title": "NumberOfDevicesRequested", + "type": "number" + }, + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", + "type": "string" + } + }, + "required": [ + "DlClass", + "RfRegion" + ], + "type": "object" + }, + "AWS::IoTWireless::NetworkAnalyzerConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -149847,50 +158252,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account to create the anomaly detector in.", - "title": "AccountId", + "Description": { + "markdownDescription": "The description of the resource.", + "title": "Description", "type": "string" }, - "AnomalyVisibilityTime": { - "markdownDescription": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly.", - "title": "AnomalyVisibilityTime", - "type": "number" - }, - "DetectorName": { - "markdownDescription": "A name for this anomaly detector.", - "title": "DetectorName", + "Name": { + "markdownDescription": "Name of the network analyzer configuration.", + "title": "Name", "type": "string" }, - "EvaluationFrequency": { - "markdownDescription": "Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for `EvaluationFrequency` .", - "title": "EvaluationFrequency", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to attach to the specified resource. Tags are metadata that you can use to manage a resource.", + "title": "Tags", + "type": "array" }, - "FilterPattern": { - "markdownDescription": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", - "type": "string" + "TraceContent": { + "$ref": "#/definitions/AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent", + "markdownDescription": "Trace content for your wireless gateway and wireless device resources.", + "title": "TraceContent" }, - "KmsKeyId": { - "markdownDescription": "Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds.\n\nFor more information about using a AWS KMS key and to see the required IAM policy, see [Use a AWS KMS key with an anomaly detector](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/LogsAnomalyDetection-KMS.html) .", - "title": "KmsKeyId", - "type": "string" + "WirelessDevices": { + "items": { + "type": "string" + }, + "markdownDescription": "Wireless device resources to add to the network analyzer configuration. Provide the `WirelessDeviceId` of the resource to add in the input array.", + "title": "WirelessDevices", + "type": "array" }, - "LogGroupArnList": { + "WirelessGateways": { "items": { "type": "string" }, - "markdownDescription": "The ARN of the log group that is associated with this anomaly detector. You can specify only one log group ARN.", - "title": "LogGroupArnList", + "markdownDescription": "Wireless gateway resources to add to the network analyzer configuration. Provide the `WirelessGatewayId` of the resource to add in the input array.", + "title": "WirelessGateways", "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::LogAnomalyDetector" + "AWS::IoTWireless::NetworkAnalyzerConfiguration" ], "type": "string" }, @@ -149904,11 +158313,28 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Logs::LogGroup": { + "AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent": { + "additionalProperties": false, + "properties": { + "LogLevel": { + "markdownDescription": "The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs", + "title": "LogLevel", + "type": "string" + }, + "WirelessDeviceFrameInfo": { + "markdownDescription": "`FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server.", + "title": "WirelessDeviceFrameInfo", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::PartnerAccount": { "additionalProperties": false, "properties": { "Condition": { @@ -149943,36 +158369,41 @@ "Properties": { "additionalProperties": false, "properties": { - "DataProtectionPolicy": { - "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n\nFor more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html) .", - "title": "DataProtectionPolicy", - "type": "object" + "AccountLinked": { + "markdownDescription": "Whether the partner account is linked to the AWS account.", + "title": "AccountLinked", + "type": "boolean" }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use when encrypting log data.\n\nTo associate an AWS KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs . This enables CloudWatch Logs to decrypt this data whenever it is requested.\n\nIf you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an `InvalidParameterException` error.\n\nLog group data is always encrypted in CloudWatch Logs . If you omit this key, the encryption does not use AWS KMS . For more information, see [Encrypt log data in CloudWatch Logs using AWS Key Management Service](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)", - "title": "KmsKeyId", + "PartnerAccountId": { + "markdownDescription": "The ID of the partner account to update.", + "title": "PartnerAccountId", "type": "string" }, - "LogGroupClass": { - "markdownDescription": "Specifies the log group class for this log group. There are two classes:\n\n- The `Standard` log class supports all CloudWatch Logs features.\n- The `Infrequent Access` log class supports a subset of CloudWatch Logs features and incurs lower costs.\n\nFor details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)", - "title": "LogGroupClass", + "PartnerType": { + "markdownDescription": "The partner type.", + "title": "PartnerType", "type": "string" }, - "LogGroupName": { - "markdownDescription": "The name of the log group. If you don't specify a name, AWS CloudFormation generates a unique ID for the log group.", - "title": "LogGroupName", - "type": "string" + "Sidewalk": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo", + "markdownDescription": "The Sidewalk account credentials.", + "title": "Sidewalk" }, - "RetentionInDays": { - "markdownDescription": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n\nTo set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html) .", - "title": "RetentionInDays", - "type": "number" + "SidewalkResponse": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint", + "markdownDescription": "Information about a Sidewalk account.", + "title": "SidewalkResponse" + }, + "SidewalkUpdate": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount", + "markdownDescription": "Sidewalk update.", + "title": "SidewalkUpdate" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the log group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } @@ -149981,7 +158412,7 @@ }, "Type": { "enum": [ - "AWS::Logs::LogGroup" + "AWS::IoTWireless::PartnerAccount" ], "type": "string" }, @@ -149999,79 +158430,53 @@ ], "type": "object" }, - "AWS::Logs::LogStream": { + "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo": { "additionalProperties": false, "properties": { - "Condition": { + "AppServerPrivateKey": { + "markdownDescription": "The Sidewalk application server private key. The application server private key is a secret key, which you should handle in a similar way as you would an application password. You can protect the application server private key by storing the value in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppServerPrivateKey", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "AppServerPrivateKey" + ], + "type": "object" + }, + "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint": { + "additionalProperties": false, + "properties": { + "AmazonId": { + "markdownDescription": "The Sidewalk Amazon ID.", + "title": "AmazonId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogGroupName": { - "markdownDescription": "The name of the log group where the log stream is created.", - "title": "LogGroupName", - "type": "string" - }, - "LogStreamName": { - "markdownDescription": "The name of the log stream. The name must be unique within the log group.", - "title": "LogStreamName", - "type": "string" - } - }, - "required": [ - "LogGroupName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Logs::LogStream" - ], + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Fingerprint": { + "markdownDescription": "The fingerprint of the Sidewalk application server private key.", + "title": "Fingerprint", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Logs::MetricFilter": { + "AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount": { + "additionalProperties": false, + "properties": { + "AppServerPrivateKey": { + "markdownDescription": "The new Sidewalk application server private key.", + "title": "AppServerPrivateKey", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::ServiceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -150106,40 +158511,30 @@ "Properties": { "additionalProperties": false, "properties": { - "FilterName": { - "markdownDescription": "The name of the metric filter.", - "title": "FilterName", - "type": "string" - }, - "FilterPattern": { - "markdownDescription": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", - "type": "string" + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile", + "markdownDescription": "LoRaWAN service profile object.", + "title": "LoRaWAN" }, - "LogGroupName": { - "markdownDescription": "The name of an existing log group that you want to associate with this metric filter.", - "title": "LogGroupName", + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", "type": "string" }, - "MetricTransformations": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::Logs::MetricFilter.MetricTransformation" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metric transformations.", - "title": "MetricTransformations", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", "type": "array" } }, - "required": [ - "FilterPattern", - "LogGroupName", - "MetricTransformations" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::MetricFilter" + "AWS::IoTWireless::ServiceProfile" ], "type": "string" }, @@ -150153,76 +158548,112 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Logs::MetricFilter.Dimension": { + "AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name for the CloudWatch metric dimension that the metric filter creates.\n\nDimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:).", - "title": "Key", - "type": "string" + "AddGwMetadata": { + "markdownDescription": "The AddGWMetaData value.", + "title": "AddGwMetadata", + "type": "boolean" }, - "Value": { - "markdownDescription": "The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, `$.eventType` for JSON log events, or `$server` for space-delimited log events.", - "title": "Value", + "ChannelMask": { + "markdownDescription": "The ChannelMask value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ChannelMask", "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::Logs::MetricFilter.MetricTransformation": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "(Optional) The value to emit when a filter pattern does not match a log event. This value can be null.", - "title": "DefaultValue", + }, + "DevStatusReqFreq": { + "markdownDescription": "The DevStatusReqFreq value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DevStatusReqFreq", "type": "number" }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::Logs::MetricFilter.Dimension" - }, - "markdownDescription": "The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.\n\n> Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as `IPAddress` or `requestID` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric.\n> \n> CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.\n> \n> You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated AWS Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html) .", - "title": "Dimensions", - "type": "array" + "DlBucketSize": { + "markdownDescription": "The DLBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlBucketSize", + "type": "number" }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric.", - "title": "MetricName", - "type": "string" + "DlRate": { + "markdownDescription": "The DLRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlRate", + "type": "number" }, - "MetricNamespace": { - "markdownDescription": "A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", - "title": "MetricNamespace", + "DlRatePolicy": { + "markdownDescription": "The DLRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlRatePolicy", "type": "string" }, - "MetricValue": { - "markdownDescription": "The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like `Error` , specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as `$.size` .", - "title": "MetricValue", - "type": "string" + "DrMax": { + "markdownDescription": "The DRMax value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DrMax", + "type": "number" }, - "Unit": { - "markdownDescription": "The unit to assign to the metric. If you omit this, the unit is set as `None` .", - "title": "Unit", + "DrMin": { + "markdownDescription": "The DRMin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DrMin", + "type": "number" + }, + "HrAllowed": { + "markdownDescription": "The HRAllowed value that describes whether handover roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "HrAllowed", + "type": "boolean" + }, + "MinGwDiversity": { + "markdownDescription": "The MinGwDiversity value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "MinGwDiversity", + "type": "number" + }, + "NwkGeoLoc": { + "markdownDescription": "The NwkGeoLoc value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "NwkGeoLoc", + "type": "boolean" + }, + "PrAllowed": { + "markdownDescription": "The PRAllowed value that describes whether passive roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "PrAllowed", + "type": "boolean" + }, + "RaAllowed": { + "markdownDescription": "The RAAllowed value that describes whether roaming activation is allowed.", + "title": "RaAllowed", + "type": "boolean" + }, + "ReportDevStatusBattery": { + "markdownDescription": "The ReportDevStatusBattery value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ReportDevStatusBattery", + "type": "boolean" + }, + "ReportDevStatusMargin": { + "markdownDescription": "The ReportDevStatusMargin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ReportDevStatusMargin", + "type": "boolean" + }, + "TargetPer": { + "markdownDescription": "The TargetPer value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "TargetPer", + "type": "number" + }, + "UlBucketSize": { + "markdownDescription": "The UlBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlBucketSize", + "type": "number" + }, + "UlRate": { + "markdownDescription": "The ULRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlRate", + "type": "number" + }, + "UlRatePolicy": { + "markdownDescription": "The ULRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlRatePolicy", "type": "string" } }, - "required": [ - "MetricName", - "MetricNamespace", - "MetricValue" - ], "type": "object" }, - "AWS::Logs::QueryDefinition": { + "AWS::IoTWireless::TaskDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -150257,34 +158688,48 @@ "Properties": { "additionalProperties": false, "properties": { - "LogGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Use this parameter if you want the query to query only certain log groups.", - "title": "LogGroupNames", - "type": "array" + "AutoCreateTasks": { + "markdownDescription": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If `false` , the task must be created by calling `CreateWirelessGatewayTask` .", + "title": "AutoCreateTasks", + "type": "boolean" + }, + "LoRaWANUpdateGatewayTaskEntry": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry", + "markdownDescription": "LoRaWANUpdateGatewayTaskEntry object.", + "title": "LoRaWANUpdateGatewayTaskEntry" }, "Name": { - "markdownDescription": "A name for the query definition.\n\n> You can use the name to create a folder structure for your queries. To create a folder, use a forward slash (/) to prefix your desired query name with your desired folder name. For example, `*folder-name* / *query-name*` .", + "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, - "QueryString": { - "markdownDescription": "The query string to use for this query definition. For more information, see [CloudWatch Logs Insights Query Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html) .", - "title": "QueryString", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" + }, + "TaskDefinitionType": { + "markdownDescription": "A filter to list only the wireless gateway task definitions that use this task definition type.", + "title": "TaskDefinitionType", "type": "string" + }, + "Update": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate", + "markdownDescription": "Information about the gateways to update.", + "title": "Update" } }, "required": [ - "Name", - "QueryString" + "AutoCreateTasks" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::QueryDefinition" + "AWS::IoTWireless::TaskDefinition" ], "type": "string" }, @@ -150303,174 +158748,91 @@ ], "type": "object" }, - "AWS::Logs::ResourcePolicy": { + "AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Model": { + "markdownDescription": "The model number of the wireless gateway.", + "title": "Model", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "The details of the policy. It must be formatted in JSON, and you must use backslashes to escape characters that need to be escaped in JSON strings, such as double quote marks.", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyName": { - "markdownDescription": "The name of the resource policy.", - "title": "PolicyName", - "type": "string" - } - }, - "required": [ - "PolicyDocument", - "PolicyName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Logs::ResourcePolicy" - ], + "PackageVersion": { + "markdownDescription": "The version of the wireless gateway firmware.", + "title": "PackageVersion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Station": { + "markdownDescription": "The basic station version of the wireless gateway.", + "title": "Station", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Logs::SubscriptionFilter": { + "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CurrentVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The version of the gateways that should receive the update.", + "title": "CurrentVersion" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SigKeyCrc": { + "markdownDescription": "The CRC of the signature private key to check.", + "title": "SigKeyCrc", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "UpdateSignature": { + "markdownDescription": "The signature used to verify the update firmware.", + "title": "UpdateSignature", + "type": "string" }, - "Metadata": { - "type": "object" + "UpdateVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The firmware version to update the gateway to.", + "title": "UpdateVersion" + } + }, + "type": "object" + }, + "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry": { + "additionalProperties": false, + "properties": { + "CurrentVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The version of the gateways that should receive the update.", + "title": "CurrentVersion" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination.", - "title": "DestinationArn", - "type": "string" - }, - "Distribution": { - "markdownDescription": "The method used to distribute log data to the destination, which can be either random or grouped by log stream.", - "title": "Distribution", - "type": "string" - }, - "FilterName": { - "markdownDescription": "The name of the subscription filter.", - "title": "FilterName", - "type": "string" - }, - "FilterPattern": { - "markdownDescription": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", - "title": "LogGroupName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "DestinationArn", - "FilterPattern", - "LogGroupName" - ], - "type": "object" + "UpdateVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The firmware version to update the gateway to.", + "title": "UpdateVersion" + } + }, + "type": "object" + }, + "AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate": { + "additionalProperties": false, + "properties": { + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate", + "markdownDescription": "The properties that relate to the LoRaWAN wireless gateway.", + "title": "LoRaWAN" }, - "Type": { - "enum": [ - "AWS::Logs::SubscriptionFilter" - ], + "UpdateDataRole": { + "markdownDescription": "The IAM role used to read data from the S3 bucket.", + "title": "UpdateDataRole", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UpdateDataSource": { + "markdownDescription": "The link to the S3 bucket.", + "title": "UpdateDataSource", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler": { + "AWS::IoTWireless::WirelessDevice": { "additionalProperties": false, "properties": { "Condition": { @@ -150505,67 +158867,64 @@ "Properties": { "additionalProperties": false, "properties": { - "DataDelayOffsetInMinutes": { - "markdownDescription": "A period of time (in minutes) by which inference on the data is delayed after the data starts. For instance, if an offset delay time of five minutes was selected, inference will not begin on the data until the first data measurement after the five minute mark. For example, if five minutes is selected, the inference scheduler will wake up at the configured frequency with the additional five minute delay time to check the customer S3 bucket. The customer can upload data at the same frequency and they don't need to stop and restart the scheduler when uploading new data.", - "title": "DataDelayOffsetInMinutes", - "type": "number" - }, - "DataInputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration", - "markdownDescription": "Specifies configuration information for the input data for the inference scheduler, including delimiter, format, and dataset location.", - "title": "DataInputConfiguration" - }, - "DataOutputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration", - "markdownDescription": "Specifies configuration information for the output results for the inference scheduler, including the Amazon S3 location for the output.", - "title": "DataOutputConfiguration" - }, - "DataUploadFrequency": { - "markdownDescription": "How often data is uploaded to the source S3 bucket for the input data. This value is the length of time between data uploads. For instance, if you select 5 minutes, Amazon Lookout for Equipment will upload the real-time data to the source bucket once every 5 minutes. This frequency also determines how often Amazon Lookout for Equipment starts a scheduled inference on your data. In this example, it starts once every 5 minutes.", - "title": "DataUploadFrequency", + "Description": { + "markdownDescription": "The description of the new resource. Maximum length is 2048.", + "title": "Description", "type": "string" }, - "InferenceSchedulerName": { - "markdownDescription": "The name of the inference scheduler.", - "title": "InferenceSchedulerName", + "DestinationName": { + "markdownDescription": "The name of the destination to assign to the new wireless device. Can have only have alphanumeric, - (hyphen) and _ (underscore) characters and it can't have any spaces.", + "title": "DestinationName", "type": "string" }, - "ModelName": { - "markdownDescription": "The name of the machine learning model used for the inference scheduler.", - "title": "ModelName", + "LastUplinkReceivedAt": { + "markdownDescription": "The date and time when the most recent uplink was received.", + "title": "LastUplinkReceivedAt", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source being used for the inference.", - "title": "RoleArn", + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.LoRaWANDevice", + "markdownDescription": "The device configuration information to use to create the wireless device. Must be at least one of OtaaV10x, OtaaV11, AbpV11, or AbpV10x.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", "type": "string" }, - "ServerSideKmsKeyId": { - "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt inference scheduler data by Amazon Lookout for Equipment .", - "title": "ServerSideKmsKeyId", + "Positioning": { + "markdownDescription": "FPort values for the GNSS, Stream, and ClockSync functions of the positioning information.", + "title": "Positioning", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags associated with the inference scheduler.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" + }, + "ThingArn": { + "markdownDescription": "The ARN of the thing to associate with the wireless device.", + "title": "ThingArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The wireless device type.", + "title": "Type", + "type": "string" } }, "required": [ - "DataInputConfiguration", - "DataOutputConfiguration", - "DataUploadFrequency", - "ModelName", - "RoleArn" + "DestinationName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutEquipment::InferenceScheduler" + "AWS::IoTWireless::WirelessDevice" ], "type": "string" }, @@ -150584,104 +158943,226 @@ ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration": { + "AWS::IoTWireless::WirelessDevice.AbpV10x": { "additionalProperties": false, "properties": { - "InferenceInputNameConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration", - "markdownDescription": "", - "title": "InferenceInputNameConfiguration" - }, - "InputTimeZoneOffset": { - "markdownDescription": "", - "title": "InputTimeZoneOffset", + "DevAddr": { + "markdownDescription": "The DevAddr value.", + "title": "DevAddr", "type": "string" }, - "S3InputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration", - "markdownDescription": "", - "title": "S3InputConfiguration" + "SessionKeys": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x", + "markdownDescription": "Session keys for ABP v1.0.x.", + "title": "SessionKeys" } }, "required": [ - "S3InputConfiguration" + "DevAddr", + "SessionKeys" ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration": { + "AWS::IoTWireless::WirelessDevice.AbpV11": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "", - "title": "KmsKeyId", + "DevAddr": { + "markdownDescription": "The DevAddr value.", + "title": "DevAddr", "type": "string" }, - "S3OutputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration", - "markdownDescription": "", - "title": "S3OutputConfiguration" + "SessionKeys": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11", + "markdownDescription": "Session keys for ABP v1.1.", + "title": "SessionKeys" } }, "required": [ - "S3OutputConfiguration" + "DevAddr", + "SessionKeys" ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration": { + "AWS::IoTWireless::WirelessDevice.Application": { "additionalProperties": false, "properties": { - "ComponentTimestampDelimiter": { - "markdownDescription": "", - "title": "ComponentTimestampDelimiter", + "DestinationName": { + "markdownDescription": "The name of the position data destination that describes the IoT rule that processes the device's position data.", + "title": "DestinationName", "type": "string" }, - "TimestampFormat": { - "markdownDescription": "", - "title": "TimestampFormat", + "FPort": { + "markdownDescription": "The name of the new destination for the device.", + "title": "FPort", + "type": "number" + }, + "Type": { + "markdownDescription": "Application type, which can be specified to obtain real-time position information of your LoRaWAN device.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration": { + "AWS::IoTWireless::WirelessDevice.FPorts": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "", - "title": "Bucket", + "Applications": { + "items": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.Application" + }, + "markdownDescription": "LoRaWAN application configuration, which can be used to perform geolocation.", + "title": "Applications", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.LoRaWANDevice": { + "additionalProperties": false, + "properties": { + "AbpV10x": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV10x", + "markdownDescription": "ABP device object for LoRaWAN specification v1.0.x.", + "title": "AbpV10x" + }, + "AbpV11": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV11", + "markdownDescription": "ABP device object for create APIs for v1.1.", + "title": "AbpV11" + }, + "DevEui": { + "markdownDescription": "The DevEUI value.", + "title": "DevEui", "type": "string" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", + "DeviceProfileId": { + "markdownDescription": "The ID of the device profile for the new wireless device.", + "title": "DeviceProfileId", + "type": "string" + }, + "FPorts": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.FPorts", + "markdownDescription": "List of FPort assigned for different LoRaWAN application packages to use.", + "title": "FPorts" + }, + "OtaaV10x": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV10x", + "markdownDescription": "OTAA device object for create APIs for v1.0.x", + "title": "OtaaV10x" + }, + "OtaaV11": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV11", + "markdownDescription": "OTAA device object for v1.1 for create APIs.", + "title": "OtaaV11" + }, + "ServiceProfileId": { + "markdownDescription": "The ID of the service profile.", + "title": "ServiceProfileId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.OtaaV10x": { + "additionalProperties": false, + "properties": { + "AppEui": { + "markdownDescription": "The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3.", + "title": "AppEui", + "type": "string" + }, + "AppKey": { + "markdownDescription": "The AppKey value.", + "title": "AppKey", "type": "string" } }, "required": [ - "Bucket" + "AppEui", + "AppKey" ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration": { + "AWS::IoTWireless::WirelessDevice.OtaaV11": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "", - "title": "Bucket", + "AppKey": { + "markdownDescription": "The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppKey", "type": "string" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", + "JoinEui": { + "markdownDescription": "The JoinEUI value.", + "title": "JoinEui", + "type": "string" + }, + "NwkKey": { + "markdownDescription": "The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "NwkKey", "type": "string" } }, "required": [ - "Bucket" + "AppKey", + "JoinEui", + "NwkKey" ], "type": "object" }, - "AWS::LookoutMetrics::Alert": { + "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x": { + "additionalProperties": false, + "properties": { + "AppSKey": { + "markdownDescription": "The AppSKey value.", + "title": "AppSKey", + "type": "string" + }, + "NwkSKey": { + "markdownDescription": "The NwkKey value.", + "title": "NwkSKey", + "type": "string" + } + }, + "required": [ + "AppSKey", + "NwkSKey" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11": { + "additionalProperties": false, + "properties": { + "AppSKey": { + "markdownDescription": "The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppSKey", + "type": "string" + }, + "FNwkSIntKey": { + "markdownDescription": "The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "FNwkSIntKey", + "type": "string" + }, + "NwkSEncKey": { + "markdownDescription": "The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "NwkSEncKey", + "type": "string" + }, + "SNwkSIntKey": { + "markdownDescription": "The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "SNwkSIntKey", + "type": "string" + } + }, + "required": [ + "AppSKey", + "FNwkSIntKey", + "NwkSEncKey", + "SNwkSIntKey" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDeviceImportTask": { "additionalProperties": false, "properties": { "Condition": { @@ -150716,42 +159197,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.Action", - "markdownDescription": "Action that will be triggered when there is an alert.", - "title": "Action" - }, - "AlertDescription": { - "markdownDescription": "A description of the alert.", - "title": "AlertDescription", - "type": "string" - }, - "AlertName": { - "markdownDescription": "The name of the alert.", - "title": "AlertName", + "DestinationName": { + "markdownDescription": "The name of the destination that describes the IoT rule to route messages from the Sidewalk devices in the import task to other applications.", + "title": "DestinationName", "type": "string" }, - "AlertSensitivityThreshold": { - "markdownDescription": "An integer from 0 to 100 specifying the alert sensitivity threshold.", - "title": "AlertSensitivityThreshold", - "type": "number" + "Sidewalk": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk", + "markdownDescription": "The Sidewalk-related information of the wireless device import task.", + "title": "Sidewalk" }, - "AnomalyDetectorArn": { - "markdownDescription": "The ARN of the detector to which the alert is attached.", - "title": "AnomalyDetectorArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Adds to or modifies the tags of the given resource. Tags are metadata that you can use to manage a resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "Action", - "AlertSensitivityThreshold", - "AnomalyDetectorArn" + "DestinationName", + "Sidewalk" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutMetrics::Alert" + "AWS::IoTWireless::WirelessDeviceImportTask" ], "type": "string" }, @@ -150770,63 +159243,36 @@ ], "type": "object" }, - "AWS::LookoutMetrics::Alert.Action": { - "additionalProperties": false, - "properties": { - "LambdaConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.LambdaConfiguration", - "markdownDescription": "A configuration for an AWS Lambda channel.", - "title": "LambdaConfiguration" - }, - "SNSConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.SNSConfiguration", - "markdownDescription": "A configuration for an Amazon SNS channel.", - "title": "SNSConfiguration" - } - }, - "type": "object" - }, - "AWS::LookoutMetrics::Alert.LambdaConfiguration": { + "AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "LambdaArn", + "DeviceCreationFile": { + "markdownDescription": "The CSV file contained in an S3 bucket that's used for adding devices to an import task.", + "title": "DeviceCreationFile", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that has permission to invoke the Lambda function.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "LambdaArn", - "RoleArn" - ], - "type": "object" - }, - "AWS::LookoutMetrics::Alert.SNSConfiguration": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that has access to the target SNS topic.", - "title": "RoleArn", + "DeviceCreationFileList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of Sidewalk devices that are added to the import task.", + "title": "DeviceCreationFileList", + "type": "array" + }, + "Role": { + "markdownDescription": "The IAM role that allows to access the CSV file in the S3 bucket.", + "title": "Role", "type": "string" }, - "SnsTopicArn": { - "markdownDescription": "The ARN of the target SNS topic.", - "title": "SnsTopicArn", + "SidewalkManufacturingSn": { + "markdownDescription": "The Sidewalk manufacturing serial number (SMSN) of the Sidewalk device.", + "title": "SidewalkManufacturingSn", "type": "string" } }, - "required": [ - "RoleArn", - "SnsTopicArn" - ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector": { + "AWS::IoTWireless::WirelessGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -150861,44 +159307,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AnomalyDetectorConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig", - "markdownDescription": "Contains information about the configuration of the anomaly detector.", - "title": "AnomalyDetectorConfig" - }, - "AnomalyDetectorDescription": { - "markdownDescription": "A description of the detector.", - "title": "AnomalyDetectorDescription", + "Description": { + "markdownDescription": "The description of the new resource. The maximum length is 2048 characters.", + "title": "Description", "type": "string" }, - "AnomalyDetectorName": { - "markdownDescription": "The name of the detector.", - "title": "AnomalyDetectorName", + "LastUplinkReceivedAt": { + "markdownDescription": "The date and time when the most recent uplink was received.", + "title": "LastUplinkReceivedAt", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key to use to encrypt your data.", - "title": "KmsKeyArn", + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessGateway.LoRaWANGateway", + "markdownDescription": "The gateway configuration information to use to create the wireless gateway.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", "type": "string" }, - "MetricSetList": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSet" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The detector's dataset.", - "title": "MetricSetList", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", "type": "array" + }, + "ThingArn": { + "markdownDescription": "The ARN of the thing to associate with the wireless gateway.", + "title": "ThingArn", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the thing associated with the wireless gateway. The value is empty if a thing isn't associated with the gateway.", + "title": "ThingName", + "type": "string" } }, "required": [ - "AnomalyDetectorConfig", - "MetricSetList" + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutMetrics::AnomalyDetector" + "AWS::IoTWireless::WirelessGateway" ], "type": "string" }, @@ -150917,434 +159372,27 @@ ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig": { - "additionalProperties": false, - "properties": { - "AnomalyDetectorFrequency": { - "markdownDescription": "The frequency at which the detector analyzes its source data.", - "title": "AnomalyDetectorFrequency", - "type": "string" - } - }, - "required": [ - "AnomalyDetectorFrequency" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig": { - "additionalProperties": false, - "properties": { - "FlowName": { - "markdownDescription": "name of the flow.", - "title": "FlowName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access the flow.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "FlowName", - "RoleArn" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access data in Amazon CloudWatch.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor": { - "additionalProperties": false, - "properties": { - "Charset": { - "markdownDescription": "The character set in which the source CSV file is written.", - "title": "Charset", - "type": "string" - }, - "ContainsHeader": { - "markdownDescription": "Whether or not the source CSV file contains a header.", - "title": "ContainsHeader", - "type": "boolean" - }, - "Delimiter": { - "markdownDescription": "The character used to delimit the source CSV file.", - "title": "Delimiter", - "type": "string" - }, - "FileCompression": { - "markdownDescription": "The level of compression of the source CSV file.", - "title": "FileCompression", - "type": "string" - }, - "HeaderList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the source CSV file's headers, if any.", - "title": "HeaderList", - "type": "array" - }, - "QuoteSymbol": { - "markdownDescription": "The character used as a quote character.", - "title": "QuoteSymbol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor": { - "additionalProperties": false, - "properties": { - "CsvFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor", - "markdownDescription": "Contains information about how a source CSV data file should be analyzed.", - "title": "CsvFormatDescriptor" - }, - "JsonFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor", - "markdownDescription": "Contains information about how a source JSON data file should be analyzed.", - "title": "JsonFormatDescriptor" - } - }, - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor": { - "additionalProperties": false, - "properties": { - "Charset": { - "markdownDescription": "The character set in which the source JSON file is written.", - "title": "Charset", - "type": "string" - }, - "FileCompression": { - "markdownDescription": "The level of compression of the source CSV file.", - "title": "FileCompression", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.Metric": { - "additionalProperties": false, - "properties": { - "AggregationFunction": { - "markdownDescription": "The function with which the metric is calculated.", - "title": "AggregationFunction", - "type": "string" - }, - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace for the metric.", - "title": "Namespace", - "type": "string" - } - }, - "required": [ - "AggregationFunction", - "MetricName" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.MetricSet": { - "additionalProperties": false, - "properties": { - "DimensionList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the fields you want to treat as dimensions.", - "title": "DimensionList", - "type": "array" - }, - "MetricList": { - "items": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.Metric" - }, - "markdownDescription": "A list of metrics that the dataset will contain.", - "title": "MetricList", - "type": "array" - }, - "MetricSetDescription": { - "markdownDescription": "A description of the dataset you are creating.", - "title": "MetricSetDescription", - "type": "string" - }, - "MetricSetFrequency": { - "markdownDescription": "The frequency with which the source data will be analyzed for anomalies.", - "title": "MetricSetFrequency", - "type": "string" - }, - "MetricSetName": { - "markdownDescription": "The name of the dataset.", - "title": "MetricSetName", - "type": "string" - }, - "MetricSource": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSource", - "markdownDescription": "Contains information about how the source data should be interpreted.", - "title": "MetricSource" - }, - "Offset": { - "markdownDescription": "After an interval ends, the amount of seconds that the detector waits before importing data. Offset is only supported for S3, Redshift, Athena and datasources.", - "title": "Offset", - "type": "number" - }, - "TimestampColumn": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.TimestampColumn", - "markdownDescription": "Contains information about the column used for tracking time in your source data.", - "title": "TimestampColumn" - }, - "Timezone": { - "markdownDescription": "The time zone in which your source data was recorded.", - "title": "Timezone", - "type": "string" - } - }, - "required": [ - "MetricList", - "MetricSetName", - "MetricSource" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.MetricSource": { - "additionalProperties": false, - "properties": { - "AppFlowConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig", - "markdownDescription": "Details about an AppFlow datasource.", - "title": "AppFlowConfig" - }, - "CloudwatchConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig", - "markdownDescription": "Details about an Amazon CloudWatch monitoring datasource.", - "title": "CloudwatchConfig" - }, - "RDSSourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig", - "markdownDescription": "Details about an Amazon Relational Database Service (RDS) datasource.", - "title": "RDSSourceConfig" - }, - "RedshiftSourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig", - "markdownDescription": "Details about an Amazon Redshift database datasource.", - "title": "RedshiftSourceConfig" - }, - "S3SourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig", - "markdownDescription": "Contains information about the configuration of the S3 bucket that contains source files.", - "title": "S3SourceConfig" - } - }, - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig": { - "additionalProperties": false, - "properties": { - "DBInstanceIdentifier": { - "markdownDescription": "A string identifying the database instance.", - "title": "DBInstanceIdentifier", - "type": "string" - }, - "DatabaseHost": { - "markdownDescription": "The host name of the database.", - "title": "DatabaseHost", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the RDS database.", - "title": "DatabaseName", - "type": "string" - }, - "DatabasePort": { - "markdownDescription": "The port number where the database can be accessed.", - "title": "DatabasePort", - "type": "number" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role.", - "title": "RoleArn", - "type": "string" - }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", - "title": "SecretManagerArn", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of the table in the database.", - "title": "TableName", - "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", - "markdownDescription": "An object containing information about the Amazon Virtual Private Cloud (VPC) configuration.", - "title": "VpcConfiguration" - } - }, - "required": [ - "DBInstanceIdentifier", - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "RoleArn", - "SecretManagerArn", - "TableName", - "VpcConfiguration" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig": { - "additionalProperties": false, - "properties": { - "ClusterIdentifier": { - "markdownDescription": "A string identifying the Redshift cluster.", - "title": "ClusterIdentifier", - "type": "string" - }, - "DatabaseHost": { - "markdownDescription": "The name of the database host.", - "title": "DatabaseHost", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The Redshift database name.", - "title": "DatabaseName", - "type": "string" - }, - "DatabasePort": { - "markdownDescription": "The port number where the database can be accessed.", - "title": "DatabasePort", - "type": "number" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role providing access to the database.", - "title": "RoleArn", - "type": "string" - }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", - "title": "SecretManagerArn", - "type": "string" - }, - "TableName": { - "markdownDescription": "The table name of the Redshift database.", - "title": "TableName", - "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", - "markdownDescription": "Contains information about the Amazon Virtual Private Cloud (VPC) configuration.", - "title": "VpcConfiguration" - } - }, - "required": [ - "ClusterIdentifier", - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "RoleArn", - "SecretManagerArn", - "TableName", - "VpcConfiguration" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig": { - "additionalProperties": false, - "properties": { - "FileFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor", - "markdownDescription": "Contains information about a source file's formatting.", - "title": "FileFormatDescriptor" - }, - "HistoricalDataPathList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of paths to the historical data files.", - "title": "HistoricalDataPathList", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that has read and write access permissions to the source S3 bucket.", - "title": "RoleArn", - "type": "string" - }, - "TemplatedPathList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of templated paths to the source files.", - "title": "TemplatedPathList", - "type": "array" - } - }, - "required": [ - "FileFormatDescriptor", - "RoleArn" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.TimestampColumn": { + "AWS::IoTWireless::WirelessGateway.LoRaWANGateway": { "additionalProperties": false, "properties": { - "ColumnFormat": { - "markdownDescription": "The format of the timestamp column.", - "title": "ColumnFormat", + "GatewayEui": { + "markdownDescription": "The gateway's EUI value.", + "title": "GatewayEui", "type": "string" }, - "ColumnName": { - "markdownDescription": "The name of the timestamp column.", - "title": "ColumnName", + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", "type": "string" } }, - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration": { - "additionalProperties": false, - "properties": { - "SecurityGroupIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings containing the list of security groups.", - "title": "SecurityGroupIdList", - "type": "array" - }, - "SubnetIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings containing the Amazon VPC subnet IDs (e.g., `subnet-0bb1c79de3EXAMPLE` .", - "title": "SubnetIdList", - "type": "array" - } - }, "required": [ - "SecurityGroupIdList", - "SubnetIdList" + "GatewayEui", + "RfRegion" ], "type": "object" }, - "AWS::LookoutVision::Project": { + "AWS::KMS::Alias": { "additionalProperties": false, "properties": { "Condition": { @@ -151379,20 +159427,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ProjectName": { - "markdownDescription": "The name of the project.", - "title": "ProjectName", + "AliasName": { + "markdownDescription": "Specifies the alias name. This value must begin with `alias/` followed by a name, such as `alias/ExampleAlias` .\n\n> If you change the value of the `AliasName` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). \n\nThe alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with `alias/aws/` . The `alias/aws/` prefix is reserved for [AWS managed keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", + "title": "AliasName", + "type": "string" + }, + "TargetKeyId": { + "markdownDescription": "Associates the alias with the specified [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) . The KMS key must be in the same AWS account and Region.\n\nA valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n\nFor help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *AWS Key Management Service Developer Guide* .\n\nSpecify the key ID or the key ARN of the KMS key.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nTo get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) .", + "title": "TargetKeyId", "type": "string" } }, "required": [ - "ProjectName" + "AliasName", + "TargetKeyId" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutVision::Project" + "AWS::KMS::Alias" ], "type": "string" }, @@ -151411,7 +159465,7 @@ ], "type": "object" }, - "AWS::M2::Application": { + "AWS::KMS::Key": { "additionalProperties": false, "properties": { "Condition": { @@ -151446,58 +159500,75 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "$ref": "#/definitions/AWS::M2::Application.Definition", - "markdownDescription": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) .", - "title": "Definition" + "BypassPolicyLockoutSafetyCheck": { + "markdownDescription": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n\n> Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n> \n> For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *AWS Key Management Service Developer Guide* . \n\nUse this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key.", + "title": "BypassPolicyLockoutSafetyCheck", + "type": "boolean" }, "Description": { - "markdownDescription": "The description of the application.", + "markdownDescription": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use.", "title": "Description", "type": "string" }, - "EngineType": { - "markdownDescription": "The type of the target platform for this application.", - "title": "EngineType", - "type": "string" + "EnableKeyRotation": { + "markdownDescription": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n\nAWS KMS supports automatic rotation only for symmetric encryption KMS keys ( `KeySpec` = `SYMMETRIC_DEFAULT` ). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin `EXTERNAL` , omit the `EnableKeyRotation` property or set it to `false` .\n\nTo enable automatic key rotation of the key material for a multi-Region KMS key, set `EnableKeyRotation` to `true` on the primary key (created by using `AWS::KMS::Key` ). AWS KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *AWS Key Management Service Developer Guide* .\n\nWhen you enable automatic rotation, AWS KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. AWS KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "EnableKeyRotation", + "type": "boolean" }, - "KmsKeyId": { - "markdownDescription": "The identifier of a customer managed key.", - "title": "KmsKeyId", + "Enabled": { + "markdownDescription": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", + "title": "Enabled", + "type": "boolean" + }, + "KeyPolicy": { + "markdownDescription": "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n- The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *AWS Key Management Service Developer Guide* . (To omit this condition, set `BypassPolicyLockoutSafetyCheck` to true.)\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nIf you do not provide a key policy, AWS KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *AWS Key Management Service Developer Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters\n- Printable characters in the Basic Latin and Latin-1 Supplement character set\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", + "title": "KeyPolicy", + "type": "object" + }, + "KeySpec": { + "markdownDescription": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- Asymmetric ML-DSA key pairs (signing and verification)\n\n- `ML_DSA_44`\n- `ML_DSA_65`\n- `ML_DSA_87`\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", + "title": "KeySpec", "type": "string" }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", + "KeyUsage": { + "markdownDescription": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with ML-DSA key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", + "title": "KeyUsage", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role associated with the application.", - "title": "RoleArn", + "MultiRegion": { + "markdownDescription": "Creates a multi-Region primary key that you can replicate in other AWS Regions . You can't change the `MultiRegion` value after the KMS key is created.\n\nFor a list of AWS Regions in which multi-Region keys are supported, see [Multi-Region keys in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the ** .\n\n> If you change the value of the `MultiRegion` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nFor a multi-Region key, set to this property to `true` . For a single-Region key, omit this property or set it to `false` . The default value is `false` .\n\n*Multi-Region keys* are an AWS KMS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n\nTo create a replica of this primary key in a different AWS Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.", + "title": "MultiRegion", + "type": "boolean" + }, + "Origin": { + "markdownDescription": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> - AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.\n> - `EXTERNAL` is not supported for ML-DSA keys.", + "title": "Origin", "type": "string" }, + "PendingWindowInDays": { + "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "PendingWindowInDays", + "type": "number" + }, + "RotationPeriodInDays": { + "markdownDescription": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n\nThe rotation period defines the number of days after you enable automatic key rotation that AWS KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n\nYou can use the [`kms:RotationPeriodInDays`](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the `RotationPeriodInDays` parameter.\n\nFor more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "RotationPeriodInDays", + "type": "number" + }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nFor information about tags in AWS KMS , see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *AWS Key Management Service Developer Guide* . For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" + "type": "array" } }, - "required": [ - "Definition", - "EngineType", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::M2::Application" + "AWS::KMS::Key" ], "type": "string" }, @@ -151511,28 +159582,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::M2::Application.Definition": { - "additionalProperties": false, - "properties": { - "Content": { - "markdownDescription": "The content of the application definition. This is a JSON object that contains the resource configuration/definitions that identify an application.", - "title": "Content", - "type": "string" - }, - "S3Location": { - "markdownDescription": "The S3 bucket that contains the application definition.", - "title": "S3Location", - "type": "string" - } - }, - "type": "object" - }, - "AWS::M2::Environment": { + "AWS::KMS::ReplicaKey": { "additionalProperties": false, "properties": { "Condition": { @@ -151568,96 +159622,48 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the runtime environment.", + "markdownDescription": "A description of the KMS key.\n\nThe default value is an empty string (no description).\n\nThe description is not a shared property of multi-Region keys. You can specify the same description or a different description for each key in a set of related multi-Region keys. AWS Key Management Service does not synchronize this property.", "title": "Description", "type": "string" }, - "EngineType": { - "markdownDescription": "The target platform for the runtime environment.", - "title": "EngineType", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version of the runtime engine.", - "title": "EngineVersion", - "type": "string" - }, - "HighAvailabilityConfig": { - "$ref": "#/definitions/AWS::M2::Environment.HighAvailabilityConfig", - "markdownDescription": "Defines the details of a high availability configuration.", - "title": "HighAvailabilityConfig" - }, - "InstanceType": { - "markdownDescription": "The instance type of the runtime environment.", - "title": "InstanceType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of a customer managed key.", - "title": "KmsKeyId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the runtime environment.", - "title": "Name", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. The following two examples are valid maintenance windows: `sun:23:45-mon:00:15` or `sat:01:00-sat:03:00` .\n\nIf you do not provide a value, a random system-generated value will be assigned.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "Specifies whether the runtime environment is publicly accessible.", - "title": "PubliclyAccessible", + "Enabled": { + "markdownDescription": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the replica might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations. Also, while the replica key is being created, its key state is `Creating` . When the process is complete, the key state of the replica key changes to `Enabled` .\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", + "title": "Enabled", "type": "boolean" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of security groups for the VPC associated with this runtime environment.", - "title": "SecurityGroupIds", - "type": "array" + "KeyPolicy": { + "markdownDescription": "The key policy that authorizes use of the replica key.\n\nThe key policy is not a shared property of multi-Region keys. You can specify the same key policy or a different key policy for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nThe key policy must conform to the following rules.\n\n- The key policy must give the caller [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) permission on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section of the **AWS Key Management Service Developer Guide** .\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters from the space character ( `\\u0020` ) through the end of the ASCII character range.\n- Printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` ).\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", + "title": "KeyPolicy", + "type": "object" }, - "StorageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::M2::Environment.StorageConfiguration" - }, - "markdownDescription": "Defines the storage configuration for a runtime environment.", - "title": "StorageConfigurations", - "type": "array" + "PendingWindowInDays": { + "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a replica key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a replica key from a CloudFormation stack, AWS KMS schedules the replica key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of replica key is `Pending Deletion` , which prevents it from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the replica key.\n\nIf the KMS key is a multi-Region primary key with replica keys, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n\nYou cannot use a CloudFormation template to cancel deletion of the replica after you remove it from the stack, regardless of the waiting period. However, if you specify a replica key in your template that is based on the same primary key as the original replica key, CloudFormation creates a new replica key with the same key ID, key material, and other shared properties of the original replica key. This new replica key can decrypt ciphertext that was encrypted under the original replica key, or any related multi-Region key.\n\nFor detailed information about deleting multi-Region keys, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nFor information about the `PendingDeletion` key state, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "PendingWindowInDays", + "type": "number" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets associated with the VPC for this runtime environment.", - "title": "SubnetIds", - "type": "array" + "PrimaryKeyArn": { + "markdownDescription": "Specifies the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS partition. You can create only one replica of a given primary key in each AWS Region .\n\n> If you change the `PrimaryKeyArn` value of a replica key, the existing replica key is scheduled for deletion and a new replica key is created based on the specified primary key. While it is scheduled for deletion, the existing replica key becomes unusable. You can cancel the scheduled deletion of the key outside of CloudFormation.\n> \n> However, if you inadvertently delete a replica key, you can decrypt ciphertext encrypted by that replica key by using any related multi-Region key. If necessary, you can recreate the replica in the same Region after the previous one is completely deleted. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* \n\nSpecify the key ARN of an existing multi-Region primary key. For example, `arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab` .", + "title": "PrimaryKeyArn", + "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nTags are not a shared property of multi-Region keys. You can specify the same tags or different tags for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, AWS KMS replaces the current tag value with the specified one.\n\nWhen you assign tags to an AWS resource, AWS generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) .", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "EngineType", - "InstanceType", - "Name" + "KeyPolicy", + "PrimaryKeyArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::M2::Environment" + "AWS::KMS::ReplicaKey" ], "type": "string" }, @@ -151676,88 +159682,18 @@ ], "type": "object" }, - "AWS::M2::Environment.EfsStorageConfiguration": { + "AWS::KafkaConnect::Connector": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The file system identifier.", - "title": "FileSystemId", + "Condition": { "type": "string" }, - "MountPoint": { - "markdownDescription": "The mount point for the file system.", - "title": "MountPoint", - "type": "string" - } - }, - "required": [ - "FileSystemId", - "MountPoint" - ], - "type": "object" - }, - "AWS::M2::Environment.FsxStorageConfiguration": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "markdownDescription": "The file system identifier.", - "title": "FileSystemId", - "type": "string" - }, - "MountPoint": { - "markdownDescription": "The mount point for the file system.", - "title": "MountPoint", - "type": "string" - } - }, - "required": [ - "FileSystemId", - "MountPoint" - ], - "type": "object" - }, - "AWS::M2::Environment.HighAvailabilityConfig": { - "additionalProperties": false, - "properties": { - "DesiredCapacity": { - "markdownDescription": "The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100.", - "title": "DesiredCapacity", - "type": "number" - } - }, - "required": [ - "DesiredCapacity" - ], - "type": "object" - }, - "AWS::M2::Environment.StorageConfiguration": { - "additionalProperties": false, - "properties": { - "Efs": { - "$ref": "#/definitions/AWS::M2::Environment.EfsStorageConfiguration", - "markdownDescription": "Defines the storage configuration for an Amazon EFS file system.", - "title": "Efs" - }, - "Fsx": { - "$ref": "#/definitions/AWS::M2::Environment.FsxStorageConfiguration", - "markdownDescription": "Defines the storage configuration for an Amazon FSx file system.", - "title": "Fsx" - } - }, - "type": "object" - }, - "AWS::MSK::BatchScramSecret": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, "DependsOn": { @@ -151781,164 +159717,100 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", - "title": "ClusterArn", - "type": "string" - }, - "SecretArnList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of Amazon Resource Name (ARN)s of Secrets Manager secrets.", - "title": "SecretArnList", - "type": "array" - } - }, - "required": [ - "ClusterArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MSK::BatchScramSecret" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::MSK::Cluster": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "Capacity": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Capacity", + "markdownDescription": "The connector's compute capacity settings.", + "title": "Capacity" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "ConnectorConfiguration": { + "additionalProperties": true, + "markdownDescription": "The configuration of the connector.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BrokerNodeGroupInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.BrokerNodeGroupInfo", - "markdownDescription": "Information about the broker nodes in the cluster.", - "title": "BrokerNodeGroupInfo" - }, - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::Cluster.ClientAuthentication", - "markdownDescription": "Includes all client authentication related information.", - "title": "ClientAuthentication" + "title": "ConnectorConfiguration", + "type": "object" }, - "ClusterName": { - "markdownDescription": "The name of the cluster.", - "title": "ClusterName", + "ConnectorDescription": { + "markdownDescription": "The description of the connector.", + "title": "ConnectorDescription", "type": "string" }, - "ConfigurationInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.ConfigurationInfo", - "markdownDescription": "Represents the configuration that you want MSK to use for the cluster.", - "title": "ConfigurationInfo" - }, - "CurrentVersion": { - "markdownDescription": "The version of the cluster that you want to update.", - "title": "CurrentVersion", + "ConnectorName": { + "markdownDescription": "The name of the connector.\n\nThe connector name must be unique and can include up to 128 characters. Valid characters you can include in a connector name are: a-z, A-Z, 0-9, and -.", + "title": "ConnectorName", "type": "string" }, - "EncryptionInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInfo", - "markdownDescription": "Includes all encryption-related information.", - "title": "EncryptionInfo" + "KafkaCluster": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaCluster", + "markdownDescription": "The details of the Apache Kafka cluster to which the connector is connected.", + "title": "KafkaCluster" }, - "EnhancedMonitoring": { - "markdownDescription": "Specifies the level of monitoring for the MSK cluster.", - "title": "EnhancedMonitoring", - "type": "string" + "KafkaClusterClientAuthentication": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication", + "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used.", + "title": "KafkaClusterClientAuthentication" }, - "KafkaVersion": { - "markdownDescription": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use [supported Apache Kafka versions](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) .", - "title": "KafkaVersion", - "type": "string" + "KafkaClusterEncryptionInTransit": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit", + "markdownDescription": "Details of encryption in transit to the Apache Kafka cluster.", + "title": "KafkaClusterEncryptionInTransit" }, - "LoggingInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.LoggingInfo", - "markdownDescription": "Logging info details for the cluster.", - "title": "LoggingInfo" + "KafkaConnectVersion": { + "markdownDescription": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.", + "title": "KafkaConnectVersion", + "type": "string" }, - "NumberOfBrokerNodes": { - "markdownDescription": "The number of broker nodes in the cluster.", - "title": "NumberOfBrokerNodes", - "type": "number" + "LogDelivery": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.LogDelivery", + "markdownDescription": "The settings for delivering connector logs to Amazon CloudWatch Logs.", + "title": "LogDelivery" }, - "OpenMonitoring": { - "$ref": "#/definitions/AWS::MSK::Cluster.OpenMonitoring", - "markdownDescription": "The settings for open monitoring.", - "title": "OpenMonitoring" + "Plugins": { + "items": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Plugin" + }, + "markdownDescription": "Specifies which plugin to use for the connector. You must specify a single-element list. Amazon MSK Connect does not currently support specifying multiple plugins.", + "title": "Plugins", + "type": "array" }, - "StorageMode": { - "markdownDescription": "This controls storage mode for supported storage tiers.", - "title": "StorageMode", + "ServiceExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon Web Services resources.", + "title": "ServiceExecutionRoleArn", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" + "type": "array" + }, + "WorkerConfiguration": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerConfiguration", + "markdownDescription": "The worker configurations that are in use with the connector.", + "title": "WorkerConfiguration" } }, "required": [ - "BrokerNodeGroupInfo", - "ClusterName", - "KafkaVersion", - "NumberOfBrokerNodes" + "Capacity", + "ConnectorConfiguration", + "ConnectorName", + "KafkaCluster", + "KafkaClusterClientAuthentication", + "KafkaClusterEncryptionInTransit", + "KafkaConnectVersion", + "Plugins", + "ServiceExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Cluster" + "AWS::KafkaConnect::Connector" ], "type": "string" }, @@ -151957,104 +159829,90 @@ ], "type": "object" }, - "AWS::MSK::Cluster.BrokerLogs": { + "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { "additionalProperties": false, "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::MSK::Cluster.CloudWatchLogs", - "markdownDescription": "", - "title": "CloudWatchLogs" - }, - "Firehose": { - "$ref": "#/definitions/AWS::MSK::Cluster.Firehose", - "markdownDescription": "Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.", - "title": "Firehose" + "BootstrapServers": { + "markdownDescription": "The bootstrap servers of the cluster.", + "title": "BootstrapServers", + "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::MSK::Cluster.S3", - "markdownDescription": "Details of the Amazon S3 destination for broker logs.", - "title": "S3" + "Vpc": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Vpc", + "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", + "title": "Vpc" } }, + "required": [ + "BootstrapServers", + "Vpc" + ], "type": "object" }, - "AWS::MSK::Cluster.BrokerNodeGroupInfo": { + "AWS::KafkaConnect::Connector.AutoScaling": { "additionalProperties": false, "properties": { - "BrokerAZDistribution": { - "markdownDescription": "This parameter is currently not in use.", - "title": "BrokerAZDistribution", - "type": "string" - }, - "ClientSubnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", - "title": "ClientSubnets", - "type": "array" + "MaxWorkerCount": { + "markdownDescription": "The maximum number of workers allocated to the connector.", + "title": "MaxWorkerCount", + "type": "number" }, - "ConnectivityInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.ConnectivityInfo", - "markdownDescription": "Information about the cluster's connectivity setting.", - "title": "ConnectivityInfo" + "McuCount": { + "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", + "title": "McuCount", + "type": "number" }, - "InstanceType": { - "markdownDescription": "The type of Amazon EC2 instances to use for brokers. Depending on the [broker type](https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html) , Amazon MSK supports the following broker sizes:\n\n*Standard broker sizes*\n\n- kafka.t3.small\n\n> You can't select the kafka.t3.small instance type when the metadata mode is KRaft.\n- kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge\n- kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge\n\n*Express broker sizes*\n\n- express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge\n\n> Some broker sizes might not be available in certian AWS Regions. See the updated [Pricing tools](https://docs.aws.amazon.com/msk/pricing/) section on the Amazon MSK pricing page for the latest list of available instances by Region.", - "title": "InstanceType", - "type": "string" + "MinWorkerCount": { + "markdownDescription": "The minimum number of workers allocated to the connector.", + "title": "MinWorkerCount", + "type": "number" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", - "title": "SecurityGroups", - "type": "array" + "ScaleInPolicy": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleInPolicy", + "markdownDescription": "The sacle-in policy for the connector.", + "title": "ScaleInPolicy" }, - "StorageInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.StorageInfo", - "markdownDescription": "Contains information about storage volumes attached to Amazon MSK broker nodes.", - "title": "StorageInfo" + "ScaleOutPolicy": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleOutPolicy", + "markdownDescription": "The sacle-out policy for the connector.", + "title": "ScaleOutPolicy" } }, "required": [ - "ClientSubnets", - "InstanceType" + "MaxWorkerCount", + "McuCount", + "MinWorkerCount", + "ScaleInPolicy", + "ScaleOutPolicy" ], "type": "object" }, - "AWS::MSK::Cluster.ClientAuthentication": { + "AWS::KafkaConnect::Connector.Capacity": { "additionalProperties": false, "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::Cluster.Sasl", - "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", - "title": "Sasl" - }, - "Tls": { - "$ref": "#/definitions/AWS::MSK::Cluster.Tls", - "markdownDescription": "Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` .", - "title": "Tls" + "AutoScaling": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.AutoScaling", + "markdownDescription": "Information about the auto scaling parameters for the connector.", + "title": "AutoScaling" }, - "Unauthenticated": { - "$ref": "#/definitions/AWS::MSK::Cluster.Unauthenticated", - "markdownDescription": "Details for ClientAuthentication using no authentication.", - "title": "Unauthenticated" + "ProvisionedCapacity": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ProvisionedCapacity", + "markdownDescription": "Details about a fixed capacity allocated to a connector.", + "title": "ProvisionedCapacity" } }, "type": "object" }, - "AWS::MSK::Cluster.CloudWatchLogs": { + "AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery": { "additionalProperties": false, "properties": { "Enabled": { - "markdownDescription": "Specifies whether broker logs get sent to the specified CloudWatch Logs destination.", + "markdownDescription": "Whether log delivery to Amazon CloudWatch Logs is enabled.", "title": "Enabled", "type": "boolean" }, "LogGroup": { - "markdownDescription": "The CloudWatch log group that is the destination for broker logs.", + "markdownDescription": "The name of the CloudWatch log group that is the destination for log delivery.", "title": "LogGroup", "type": "string" } @@ -152064,114 +159922,36 @@ ], "type": "object" }, - "AWS::MSK::Cluster.ConfigurationInfo": { + "AWS::KafkaConnect::Connector.CustomPlugin": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "ARN of the configuration to use.", - "title": "Arn", + "CustomPluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom plugin.", + "title": "CustomPluginArn", "type": "string" }, "Revision": { - "markdownDescription": "The revision of the configuration to use.", + "markdownDescription": "The revision of the custom plugin.", "title": "Revision", "type": "number" } }, "required": [ - "Arn", + "CustomPluginArn", "Revision" ], "type": "object" }, - "AWS::MSK::Cluster.ConnectivityInfo": { - "additionalProperties": false, - "properties": { - "PublicAccess": { - "$ref": "#/definitions/AWS::MSK::Cluster.PublicAccess", - "markdownDescription": "Access control settings for the cluster's brokers.", - "title": "PublicAccess" - }, - "VpcConnectivity": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivity", - "markdownDescription": "VPC connection control settings for brokers.", - "title": "VpcConnectivity" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EBSStorageInfo": { - "additionalProperties": false, - "properties": { - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::MSK::Cluster.ProvisionedThroughput", - "markdownDescription": "EBS volume provisioned throughput information.", - "title": "ProvisionedThroughput" - }, - "VolumeSize": { - "markdownDescription": "The size in GiB of the EBS volume for the data drive on each broker node.", - "title": "VolumeSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionAtRest": { - "additionalProperties": false, - "properties": { - "DataVolumeKMSKeyId": { - "markdownDescription": "The ARN of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.", - "title": "DataVolumeKMSKeyId", - "type": "string" - } - }, - "required": [ - "DataVolumeKMSKeyId" - ], - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionInTransit": { - "additionalProperties": false, - "properties": { - "ClientBroker": { - "markdownDescription": "Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.\n\n- `TLS` : Indicates that client-broker communication is enabled with TLS only.\n- `TLS_PLAINTEXT` : Indicates that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.\n- `PLAINTEXT` : Indicates that client-broker communication is enabled in plaintext only.\n\nThe default value is `TLS` .", - "title": "ClientBroker", - "type": "string" - }, - "InCluster": { - "markdownDescription": "When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.\n\nThe default value is true.", - "title": "InCluster", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionInfo": { - "additionalProperties": false, - "properties": { - "EncryptionAtRest": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionAtRest", - "markdownDescription": "The data-volume encryption details.", - "title": "EncryptionAtRest" - }, - "EncryptionInTransit": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInTransit", - "markdownDescription": "The details for encryption in transit.", - "title": "EncryptionInTransit" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Firehose": { + "AWS::KafkaConnect::Connector.FirehoseLogDelivery": { "additionalProperties": false, "properties": { "DeliveryStream": { - "markdownDescription": "The Kinesis Data Firehose delivery stream that is the destination for broker logs.", + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.", "title": "DeliveryStream", "type": "string" }, "Enabled": { - "markdownDescription": "Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream.", + "markdownDescription": "Specifies whether connector logs get delivered to Amazon Kinesis Data Firehose.", "title": "Enabled", "type": "boolean" } @@ -152181,134 +159961,110 @@ ], "type": "object" }, - "AWS::MSK::Cluster.Iam": { + "AWS::KafkaConnect::Connector.KafkaCluster": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "ApacheKafkaCluster": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ApacheKafkaCluster", + "markdownDescription": "The Apache Kafka cluster to which the connector is connected.", + "title": "ApacheKafkaCluster" } }, "required": [ - "Enabled" + "ApacheKafkaCluster" ], "type": "object" }, - "AWS::MSK::Cluster.JmxExporter": { + "AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication": { "additionalProperties": false, "properties": { - "EnabledInBroker": { - "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", - "title": "EnabledInBroker", - "type": "boolean" + "AuthenticationType": { + "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used.", + "title": "AuthenticationType", + "type": "string" } }, "required": [ - "EnabledInBroker" + "AuthenticationType" ], "type": "object" }, - "AWS::MSK::Cluster.LoggingInfo": { + "AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit": { "additionalProperties": false, "properties": { - "BrokerLogs": { - "$ref": "#/definitions/AWS::MSK::Cluster.BrokerLogs", - "markdownDescription": "You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.", - "title": "BrokerLogs" + "EncryptionType": { + "markdownDescription": "The type of encryption in transit to the Apache Kafka cluster.", + "title": "EncryptionType", + "type": "string" } }, "required": [ - "BrokerLogs" + "EncryptionType" ], "type": "object" }, - "AWS::MSK::Cluster.NodeExporter": { + "AWS::KafkaConnect::Connector.LogDelivery": { "additionalProperties": false, "properties": { - "EnabledInBroker": { - "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", - "title": "EnabledInBroker", - "type": "boolean" + "WorkerLogDelivery": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerLogDelivery", + "markdownDescription": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations.", + "title": "WorkerLogDelivery" } }, "required": [ - "EnabledInBroker" + "WorkerLogDelivery" ], "type": "object" }, - "AWS::MSK::Cluster.OpenMonitoring": { + "AWS::KafkaConnect::Connector.Plugin": { "additionalProperties": false, "properties": { - "Prometheus": { - "$ref": "#/definitions/AWS::MSK::Cluster.Prometheus", - "markdownDescription": "Prometheus exporter settings.", - "title": "Prometheus" + "CustomPlugin": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.CustomPlugin", + "markdownDescription": "Details about a custom plugin.", + "title": "CustomPlugin" } }, "required": [ - "Prometheus" + "CustomPlugin" ], "type": "object" }, - "AWS::MSK::Cluster.Prometheus": { - "additionalProperties": false, - "properties": { - "JmxExporter": { - "$ref": "#/definitions/AWS::MSK::Cluster.JmxExporter", - "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", - "title": "JmxExporter" - }, - "NodeExporter": { - "$ref": "#/definitions/AWS::MSK::Cluster.NodeExporter", - "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", - "title": "NodeExporter" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.ProvisionedThroughput": { + "AWS::KafkaConnect::Connector.ProvisionedCapacity": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Provisioned throughput is on or off.", - "title": "Enabled", - "type": "boolean" + "McuCount": { + "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", + "title": "McuCount", + "type": "number" }, - "VolumeThroughput": { - "markdownDescription": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.", - "title": "VolumeThroughput", + "WorkerCount": { + "markdownDescription": "The number of workers that are allocated to the connector.", + "title": "WorkerCount", "type": "number" } }, + "required": [ + "WorkerCount" + ], "type": "object" }, - "AWS::MSK::Cluster.PublicAccess": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.S3": { + "AWS::KafkaConnect::Connector.S3LogDelivery": { "additionalProperties": false, "properties": { "Bucket": { - "markdownDescription": "The name of the S3 bucket that is the destination for broker logs.", + "markdownDescription": "The name of the S3 bucket that is the destination for log delivery.", "title": "Bucket", "type": "string" }, "Enabled": { - "markdownDescription": "Specifies whether broker logs get sent to the specified Amazon S3 destination.", + "markdownDescription": "Specifies whether connector logs get sent to the specified Amazon S3 destination.", "title": "Enabled", "type": "boolean" }, "Prefix": { - "markdownDescription": "The S3 prefix that is the destination for broker logs.", + "markdownDescription": "The S3 prefix that is the destination for log delivery.", "title": "Prefix", "type": "string" } @@ -152318,166 +160074,102 @@ ], "type": "object" }, - "AWS::MSK::Cluster.Sasl": { - "additionalProperties": false, - "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::Cluster.Iam", - "markdownDescription": "Details for ClientAuthentication using IAM.", - "title": "Iam" - }, - "Scram": { - "$ref": "#/definitions/AWS::MSK::Cluster.Scram", - "markdownDescription": "Details for SASL/SCRAM client authentication.", - "title": "Scram" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Scram": { + "AWS::KafkaConnect::Connector.ScaleInPolicy": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "SASL/SCRAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "CpuUtilizationPercentage": { + "markdownDescription": "Specifies the CPU utilization percentage threshold at which you want connector scale in to be triggered.", + "title": "CpuUtilizationPercentage", + "type": "number" } }, "required": [ - "Enabled" + "CpuUtilizationPercentage" ], "type": "object" }, - "AWS::MSK::Cluster.StorageInfo": { + "AWS::KafkaConnect::Connector.ScaleOutPolicy": { "additionalProperties": false, "properties": { - "EBSStorageInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.EBSStorageInfo", - "markdownDescription": "EBS volume information.", - "title": "EBSStorageInfo" + "CpuUtilizationPercentage": { + "markdownDescription": "The CPU utilization percentage threshold at which you want connector scale out to be triggered.", + "title": "CpuUtilizationPercentage", + "type": "number" } }, + "required": [ + "CpuUtilizationPercentage" + ], "type": "object" }, - "AWS::MSK::Cluster.Tls": { + "AWS::KafkaConnect::Connector.Vpc": { "additionalProperties": false, "properties": { - "CertificateAuthorityArnList": { + "SecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "List of AWS Private CA ARNs.", - "title": "CertificateAuthorityArnList", + "markdownDescription": "The security group IDs for the connector.", + "title": "SecurityGroups", "type": "array" }, - "Enabled": { - "markdownDescription": "TLS authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Unauthenticated": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Unauthenticated is enabled or not.", - "title": "Enabled", - "type": "boolean" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnets for the connector.", + "title": "Subnets", + "type": "array" } }, "required": [ - "Enabled" + "SecurityGroups", + "Subnets" ], "type": "object" }, - "AWS::MSK::Cluster.VpcConnectivity": { - "additionalProperties": false, - "properties": { - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityClientAuthentication", - "markdownDescription": "VPC connection control settings for brokers.", - "title": "ClientAuthentication" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityClientAuthentication": { + "AWS::KafkaConnect::Connector.WorkerConfiguration": { "additionalProperties": false, "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivitySasl", - "markdownDescription": "Details for VpcConnectivity ClientAuthentication using SASL.", - "title": "Sasl" + "Revision": { + "markdownDescription": "The revision of the worker configuration.", + "title": "Revision", + "type": "number" }, - "Tls": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityTls", - "markdownDescription": "Details for VpcConnectivity ClientAuthentication using TLS.", - "title": "Tls" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityIam": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "WorkerConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the worker configuration.", + "title": "WorkerConfigurationArn", + "type": "string" } }, "required": [ - "Enabled" + "Revision", + "WorkerConfigurationArn" ], "type": "object" }, - "AWS::MSK::Cluster.VpcConnectivitySasl": { + "AWS::KafkaConnect::Connector.WorkerLogDelivery": { "additionalProperties": false, "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityIam", - "markdownDescription": "Details for ClientAuthentication using IAM for VpcConnectivity.", - "title": "Iam" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery", + "markdownDescription": "Details about delivering logs to Amazon CloudWatch Logs.", + "title": "CloudWatchLogs" }, - "Scram": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityScram", - "markdownDescription": "Details for SASL/SCRAM client authentication for VpcConnectivity.", - "title": "Scram" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityScram": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/SCRAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityTls": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "TLS authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "Firehose": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.FirehoseLogDelivery", + "markdownDescription": "Details about delivering logs to Amazon Kinesis Data Firehose.", + "title": "Firehose" + }, + "S3": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.S3LogDelivery", + "markdownDescription": "Details about delivering logs to Amazon S3.", + "title": "S3" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::MSK::ClusterPolicy": { + "AWS::KafkaConnect::CustomPlugin": { "additionalProperties": false, "properties": { "Condition": { @@ -152512,26 +160204,45 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", - "title": "ClusterArn", + "ContentType": { + "markdownDescription": "The format of the plugin file.", + "title": "ContentType", "type": "string" }, - "Policy": { - "markdownDescription": "Resource policy for the cluster.", - "title": "Policy", - "type": "object" + "Description": { + "markdownDescription": "The description of the custom plugin.", + "title": "Description", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.CustomPluginLocation", + "markdownDescription": "Information about the location of the custom plugin.", + "title": "Location" + }, + "Name": { + "markdownDescription": "The name of the custom plugin.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "ClusterArn", - "Policy" + "ContentType", + "Location", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::ClusterPolicy" + "AWS::KafkaConnect::CustomPlugin" ], "type": "string" }, @@ -152550,7 +160261,62 @@ ], "type": "object" }, - "AWS::MSK::Configuration": { + "AWS::KafkaConnect::CustomPlugin.CustomPluginFileDescription": { + "additionalProperties": false, + "properties": { + "FileMd5": { + "markdownDescription": "The hex-encoded MD5 checksum of the custom plugin file. You can use it to validate the file.", + "title": "FileMd5", + "type": "string" + }, + "FileSize": { + "markdownDescription": "The size in bytes of the custom plugin file. You can use it to validate the file.", + "title": "FileSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KafkaConnect::CustomPlugin.CustomPluginLocation": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.S3Location", + "markdownDescription": "The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3.", + "title": "S3Location" + } + }, + "required": [ + "S3Location" + ], + "type": "object" + }, + "AWS::KafkaConnect::CustomPlugin.S3Location": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an S3 bucket.", + "title": "BucketArn", + "type": "string" + }, + "FileKey": { + "markdownDescription": "The file key for an object in an S3 bucket.", + "title": "FileKey", + "type": "string" + }, + "ObjectVersion": { + "markdownDescription": "The version of an object in an S3 bucket.", + "title": "ObjectVersion", + "type": "string" + } + }, + "required": [ + "BucketArn", + "FileKey" + ], + "type": "object" + }, + "AWS::KafkaConnect::WorkerConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -152586,43 +160352,38 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the configuration.", + "markdownDescription": "The description of a worker configuration.", "title": "Description", "type": "string" }, - "KafkaVersionsList": { - "items": { - "type": "string" - }, - "markdownDescription": "The [versions of Apache Kafka](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) with which you can use this MSK configuration.\n\nWhen you update the `KafkaVersionsList` property, AWS CloudFormation recreates a new configuration with the updated property before deleting the old configuration. Such an update requires a [resource replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) . To successfully update `KafkaVersionsList` , you must also update the `Name` property in the same operation.\n\nIf your configuration is attached with any clusters created using the AWS Management Console or AWS CLI , you'll need to manually delete the old configuration from the console after the update completes.\n\nFor more information, see [Can\u2019t update KafkaVersionsList in MSK configuration](https://docs.aws.amazon.com/msk/latest/developerguide/troubleshooting.html#troubleshoot-kafkaversionslist-cfn-update-failure) in the *Amazon MSK Developer Guide* .", - "title": "KafkaVersionsList", - "type": "array" - }, - "LatestRevision": { - "$ref": "#/definitions/AWS::MSK::Configuration.LatestRevision", - "markdownDescription": "Latest revision of the MSK configuration.", - "title": "LatestRevision" - }, "Name": { - "markdownDescription": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\".", + "markdownDescription": "The name of the worker configuration.", "title": "Name", "type": "string" }, - "ServerProperties": { - "markdownDescription": "Contents of the `server.properties` file. When using the console, the SDK, or the AWS CLI , the contents of `server.properties` can be in plaintext.", - "title": "ServerProperties", + "PropertiesFileContent": { + "markdownDescription": "Base64 encoded contents of the connect-distributed.properties file.", + "title": "PropertiesFileContent", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ "Name", - "ServerProperties" + "PropertiesFileContent" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Configuration" + "AWS::KafkaConnect::WorkerConfiguration" ], "type": "string" }, @@ -152641,28 +160402,7 @@ ], "type": "object" }, - "AWS::MSK::Configuration.LatestRevision": { - "additionalProperties": false, - "properties": { - "CreationTime": { - "markdownDescription": "The time when the configuration revision was created.", - "title": "CreationTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the configuration revision.", - "title": "Description", - "type": "string" - }, - "Revision": { - "markdownDescription": "The revision number.", - "title": "Revision", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MSK::Replicator": { + "AWS::Kendra::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -152697,60 +160437,70 @@ "Properties": { "additionalProperties": false, "properties": { - "CurrentVersion": { - "type": "string" + "CustomDocumentEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration", + "markdownDescription": "Configuration information for altering document metadata and content during the document ingestion process.", + "title": "CustomDocumentEnrichmentConfiguration" + }, + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceConfiguration", + "markdownDescription": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources.", + "title": "DataSourceConfiguration" }, "Description": { - "markdownDescription": "A summary description of the replicator.", + "markdownDescription": "A description for the data source connector.", "title": "Description", "type": "string" }, - "KafkaClusters": { - "items": { - "$ref": "#/definitions/AWS::MSK::Replicator.KafkaCluster" - }, - "markdownDescription": "Kafka Clusters to use in setting up sources / targets for replication.", - "title": "KafkaClusters", - "type": "array" + "IndexId": { + "markdownDescription": "The identifier of the index you want to use with the data source connector.", + "title": "IndexId", + "type": "string" }, - "ReplicationInfoList": { - "items": { - "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationInfo" - }, - "markdownDescription": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.", - "title": "ReplicationInfoList", - "type": "array" + "LanguageCode": { + "markdownDescription": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", + "title": "LanguageCode", + "type": "string" }, - "ReplicatorName": { - "markdownDescription": "The name of the replicator. Alpha-numeric characters with '-' are allowed.", - "title": "ReplicatorName", + "Name": { + "markdownDescription": "The name of the data source.", + "title": "Name", "type": "string" }, - "ServiceExecutionRoleArn": { - "markdownDescription": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters)", - "title": "ServiceExecutionRoleArn", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources.", + "title": "RoleArn", + "type": "string" + }, + "Schedule": { + "markdownDescription": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index.", + "title": "Schedule", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "List of tags to attach to created Replicator.", + "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of the data source.", + "title": "Type", + "type": "string" } }, "required": [ - "KafkaClusters", - "ReplicationInfoList", - "ReplicatorName", - "ServiceExecutionRoleArn" + "IndexId", + "Name", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Replicator" + "AWS::Kendra::DataSource" ], "type": "string" }, @@ -152769,699 +160519,488 @@ ], "type": "object" }, - "AWS::MSK::Replicator.AmazonMskCluster": { + "AWS::Kendra::DataSource.AccessControlListConfiguration": { "additionalProperties": false, "properties": { - "MskClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon MSK cluster.", - "title": "MskClusterArn", + "KeyPath": { + "markdownDescription": "Path to the AWS S3 bucket that contains the access control list files.", + "title": "KeyPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.AclConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedGroupsColumnName": { + "markdownDescription": "A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation.", + "title": "AllowedGroupsColumnName", "type": "string" } }, "required": [ - "MskClusterArn" + "AllowedGroupsColumnName" ], "type": "object" }, - "AWS::MSK::Replicator.ConsumerGroupReplication": { + "AWS::Kendra::DataSource.ColumnConfiguration": { "additionalProperties": false, "properties": { - "ConsumerGroupsToExclude": { + "ChangeDetectingColumns": { "items": { "type": "string" }, - "markdownDescription": "List of regular expression patterns indicating the consumer groups that should not be replicated.", - "title": "ConsumerGroupsToExclude", + "markdownDescription": "One to five columns that indicate when a document in the database has changed.", + "title": "ChangeDetectingColumns", "type": "array" }, - "ConsumerGroupsToReplicate": { + "DocumentDataColumnName": { + "markdownDescription": "The column that contains the contents of the document.", + "title": "DocumentDataColumnName", + "type": "string" + }, + "DocumentIdColumnName": { + "markdownDescription": "The column that provides the document's identifier.", + "title": "DocumentIdColumnName", + "type": "string" + }, + "DocumentTitleColumnName": { + "markdownDescription": "The column that contains the title of the document.", + "title": "DocumentTitleColumnName", + "type": "string" + }, + "FieldMappings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, - "markdownDescription": "List of regular expression patterns indicating the consumer groups to copy.", - "title": "ConsumerGroupsToReplicate", + "markdownDescription": "An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation.", + "title": "FieldMappings", "type": "array" - }, - "DetectAndCopyNewConsumerGroups": { - "markdownDescription": "Enables synchronization of consumer groups to target cluster.", - "title": "DetectAndCopyNewConsumerGroups", - "type": "boolean" - }, - "SynchroniseConsumerGroupOffsets": { - "markdownDescription": "Enables synchronization of consumer group offsets to target cluster. The translated offsets will be written to topic __consumer_offsets.", - "title": "SynchroniseConsumerGroupOffsets", - "type": "boolean" - } - }, - "required": [ - "ConsumerGroupsToReplicate" - ], - "type": "object" - }, - "AWS::MSK::Replicator.KafkaCluster": { - "additionalProperties": false, - "properties": { - "AmazonMskCluster": { - "$ref": "#/definitions/AWS::MSK::Replicator.AmazonMskCluster", - "markdownDescription": "Details of an Amazon MSK Cluster.", - "title": "AmazonMskCluster" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::MSK::Replicator.KafkaClusterClientVpcConfig", - "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", - "title": "VpcConfig" } }, "required": [ - "AmazonMskCluster", - "VpcConfig" + "ChangeDetectingColumns", + "DocumentDataColumnName", + "DocumentIdColumnName" ], "type": "object" }, - "AWS::MSK::Replicator.KafkaClusterClientVpcConfig": { + "AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "AttachmentFieldMappings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping" }, - "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", - "title": "SecurityGroupIds", + "markdownDescription": "Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping.", + "title": "AttachmentFieldMappings", "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets in the client VPC to connect to.", - "title": "SubnetIds", - "type": "array" + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments of pages and blogs in Confluence.", + "title": "CrawlAttachments", + "type": "boolean" } }, - "required": [ - "SubnetIds" - ], "type": "object" }, - "AWS::MSK::Replicator.ReplicationInfo": { + "AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping": { "additionalProperties": false, "properties": { - "ConsumerGroupReplication": { - "$ref": "#/definitions/AWS::MSK::Replicator.ConsumerGroupReplication", - "markdownDescription": "Configuration relating to consumer group replication.", - "title": "ConsumerGroupReplication" - }, - "SourceKafkaClusterArn": { - "markdownDescription": "The ARN of the source Kafka cluster.", - "title": "SourceKafkaClusterArn", + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.\n\nYou must first create the index field using the `UpdateIndex` API.", + "title": "DataSourceFieldName", "type": "string" }, - "TargetCompressionType": { - "markdownDescription": "The compression type to use when producing records to target cluster.", - "title": "TargetCompressionType", + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", "type": "string" }, - "TargetKafkaClusterArn": { - "markdownDescription": "The ARN of the target Kafka cluster.", - "title": "TargetKafkaClusterArn", + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", "type": "string" - }, - "TopicReplication": { - "$ref": "#/definitions/AWS::MSK::Replicator.TopicReplication", - "markdownDescription": "Configuration relating to topic replication.", - "title": "TopicReplication" } }, "required": [ - "ConsumerGroupReplication", - "SourceKafkaClusterArn", - "TargetCompressionType", - "TargetKafkaClusterArn", - "TopicReplication" + "DataSourceFieldName", + "IndexFieldName" ], "type": "object" }, - "AWS::MSK::Replicator.ReplicationStartingPosition": { + "AWS::Kendra::DataSource.ConfluenceBlogConfiguration": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of replication starting position.", - "title": "Type", - "type": "string" + "BlogFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping.", + "title": "BlogFieldMappings", + "type": "array" } }, "type": "object" }, - "AWS::MSK::Replicator.TopicReplication": { + "AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping": { "additionalProperties": false, "properties": { - "CopyAccessControlListsForTopics": { - "markdownDescription": "Whether to periodically configure remote topic ACLs to match their corresponding upstream topics.", - "title": "CopyAccessControlListsForTopics", - "type": "boolean" + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", + "type": "string" }, - "CopyTopicConfigurations": { - "markdownDescription": "Whether to periodically configure remote topics to match their corresponding upstream topics.", - "title": "CopyTopicConfigurations", - "type": "boolean" + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" }, - "DetectAndCopyNewTopics": { - "markdownDescription": "Whether to periodically check for new topics and partitions.", - "title": "DetectAndCopyNewTopics", - "type": "boolean" + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", + "type": "string" + } + }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.ConfluenceConfiguration": { + "additionalProperties": false, + "properties": { + "AttachmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration", + "markdownDescription": "Configuration information for indexing attachments to Confluence blogs and pages.", + "title": "AttachmentConfiguration" }, - "StartingPosition": { - "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationStartingPosition", - "markdownDescription": "Specifies the position in the topics to start replicating from.", - "title": "StartingPosition" + "BlogConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogConfiguration", + "markdownDescription": "Configuration information for indexing Confluence blogs.", + "title": "BlogConfiguration" }, - "TopicsToExclude": { + "ExclusionPatterns": { "items": { "type": "string" }, - "markdownDescription": "List of regular expression patterns indicating the topics that should not be replicated.", - "title": "TopicsToExclude", + "markdownDescription": "A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", + "title": "ExclusionPatterns", "type": "array" }, - "TopicsToReplicate": { + "InclusionPatterns": { "items": { "type": "string" }, - "markdownDescription": "List of regular expression patterns indicating the topics to copy.", - "title": "TopicsToReplicate", + "markdownDescription": "A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", + "title": "InclusionPatterns", "type": "array" - } - }, - "required": [ - "TopicsToReplicate" - ], - "type": "object" - }, - "AWS::MSK::ServerlessCluster": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "PageConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageConfiguration", + "markdownDescription": "Configuration information for indexing Confluence pages.", + "title": "PageConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password.\n\nYou can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) .", + "title": "SecretArn", + "type": "string" }, - "Metadata": { - "type": "object" + "ServerUrl": { + "markdownDescription": "The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* .", + "title": "ServerUrl", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.ClientAuthentication", - "markdownDescription": "Includes all client authentication related information.", - "title": "ClientAuthentication" - }, - "ClusterName": { - "markdownDescription": "The name of the cluster.", - "title": "ClusterName", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "VpcConfigs": { - "items": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.VpcConfig" - }, - "markdownDescription": "VPC configuration information for the serverless cluster.", - "title": "VpcConfigs", - "type": "array" - } - }, - "required": [ - "ClientAuthentication", - "ClusterName", - "VpcConfigs" - ], - "type": "object" + "SpaceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceConfiguration", + "markdownDescription": "Configuration information for indexing Confluence spaces.", + "title": "SpaceConfiguration" }, - "Type": { - "enum": [ - "AWS::MSK::ServerlessCluster" - ], + "Version": { + "markdownDescription": "The version or the type of Confluence installation to connect to.", + "title": "Version", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::MSK::ServerlessCluster.ClientAuthentication": { - "additionalProperties": false, - "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Sasl", - "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", - "title": "Sasl" + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) .", + "title": "VpcConfiguration" } }, "required": [ - "Sasl" + "SecretArn", + "ServerUrl", + "Version" ], "type": "object" }, - "AWS::MSK::ServerlessCluster.Iam": { + "AWS::Kendra::DataSource.ConfluencePageConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "PageFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `PageFieldMappings` parameter, you must specify at least one field mapping.", + "title": "PageFieldMappings", + "type": "array" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::MSK::ServerlessCluster.Sasl": { + "AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping": { "additionalProperties": false, "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Iam", - "markdownDescription": "Details for ClientAuthentication using IAM.", - "title": "Iam" + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", + "type": "string" + }, + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" + }, + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", + "type": "string" } }, "required": [ - "Iam" + "DataSourceFieldName", + "IndexFieldName" ], "type": "object" }, - "AWS::MSK::ServerlessCluster.VpcConfig": { + "AWS::Kendra::DataSource.ConfluenceSpaceConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroups": { + "CrawlArchivedSpaces": { + "markdownDescription": "`TRUE` to index archived spaces.", + "title": "CrawlArchivedSpaces", + "type": "boolean" + }, + "CrawlPersonalSpaces": { + "markdownDescription": "`TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) .", + "title": "CrawlPersonalSpaces", + "type": "boolean" + }, + "ExcludeSpaces": { "items": { "type": "string" }, - "markdownDescription": "", - "title": "SecurityGroups", + "markdownDescription": "A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded.", + "title": "ExcludeSpaces", "type": "array" }, - "SubnetIds": { + "IncludeSpaces": { "items": { "type": "string" }, - "markdownDescription": "", - "title": "SubnetIds", + "markdownDescription": "A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded.", + "title": "IncludeSpaces", + "type": "array" + }, + "SpaceFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping.", + "title": "SpaceFieldMappings", "type": "array" } }, - "required": [ - "SubnetIds" - ], "type": "object" }, - "AWS::MSK::VpcConnection": { + "AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Authentication": { - "markdownDescription": "The type of private link authentication.", - "title": "Authentication", - "type": "string" - }, - "ClientSubnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets in the client VPC to connect to.", - "title": "ClientSubnets", - "type": "array" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", - "title": "SecurityGroups", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) you specify while creating the VPC connection.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "TargetClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster.", - "title": "TargetClusterArn", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The VPC ID of the remote client.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "Authentication", - "ClientSubnets", - "SecurityGroups", - "TargetClusterArn", - "VpcId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MSK::VpcConnection" - ], + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataSourceFieldName", + "IndexFieldName" ], "type": "object" }, - "AWS::MWAA::Environment": { + "AWS::Kendra::DataSource.ConnectionConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "DatabaseHost": { + "markdownDescription": "The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address.", + "title": "DatabaseHost", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "The name of the database containing the document data.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AirflowConfigurationOptions": { - "markdownDescription": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", - "title": "AirflowConfigurationOptions", - "type": "object" - }, - "AirflowVersion": { - "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` | `2.8.1` | `2.9.2` | `2.10.1` (latest)", - "title": "AirflowVersion", - "type": "string" - }, - "DagS3Path": { - "markdownDescription": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", - "title": "DagS3Path", - "type": "string" - }, - "EndpointManagement": { - "markdownDescription": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", - "title": "EndpointManagement", - "type": "string" - }, - "EnvironmentClass": { - "markdownDescription": "The environment class type. Valid values: `mw1.micro` , `mw1.small` , `mw1.medium` , `mw1.large` , `mw1.1large` , and `mw1.2large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", - "title": "EnvironmentClass", - "type": "string" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", - "title": "ExecutionRoleArn", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", - "title": "KmsKey", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::MWAA::Environment.LoggingConfiguration", - "markdownDescription": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` .", - "title": "LoggingConfiguration" - }, - "MaxWorkers": { - "markdownDescription": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` .", - "title": "MaxWorkers", - "type": "number" - }, - "MinWorkers": { - "markdownDescription": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` .", - "title": "MinWorkers", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of your Amazon MWAA environment.", - "title": "Name", - "type": "string" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::MWAA::Environment.NetworkConfiguration", - "markdownDescription": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", - "title": "NetworkConfiguration" - }, - "PluginsS3ObjectVersion": { - "markdownDescription": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", - "title": "PluginsS3ObjectVersion", - "type": "string" - }, - "PluginsS3Path": { - "markdownDescription": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", - "title": "PluginsS3Path", - "type": "string" - }, - "RequirementsS3ObjectVersion": { - "markdownDescription": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", - "title": "RequirementsS3ObjectVersion", - "type": "string" - }, - "RequirementsS3Path": { - "markdownDescription": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", - "title": "RequirementsS3Path", - "type": "string" - }, - "Schedulers": { - "markdownDescription": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - For environments larger than mw1.micro, accepts values from 2 to 5. Defaults to 2 for all environment sizes except mw1.micro, which defaults to 1.\n- *v1* - Accepts 1.", - "title": "Schedulers", - "type": "number" - }, - "SourceBucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) .", - "title": "SourceBucketArn", - "type": "string" - }, - "StartupScriptS3ObjectVersion": { - "markdownDescription": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", - "title": "StartupScriptS3ObjectVersion", - "type": "string" - }, - "StartupScriptS3Path": { - "markdownDescription": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", - "title": "StartupScriptS3Path", - "type": "string" - }, - "Tags": { - "markdownDescription": "The key-value tag pairs associated to your environment. For example, `\"Environment\": \"Staging\"` . To learn more, see [Tagging](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .\n\nIf you specify new tags for an existing environment, the update requires service interruption before taking effect.", - "title": "Tags", - "type": "object" - }, - "WebserverAccessMode": { - "markdownDescription": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` .", - "title": "WebserverAccessMode", - "type": "string" - }, - "WeeklyMaintenanceWindowStart": { - "markdownDescription": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)", - "title": "WeeklyMaintenanceWindowStart", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" + "DatabasePort": { + "markdownDescription": "The port that the database uses for connections.", + "title": "DatabasePort", + "type": "number" }, - "Type": { - "enum": [ - "AWS::MWAA::Environment" - ], + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide.", + "title": "SecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableName": { + "markdownDescription": "The name of the table that contains the document data.", + "title": "TableName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "SecretArn", + "TableName" ], "type": "object" }, - "AWS::MWAA::Environment.LoggingConfiguration": { + "AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "DagProcessingLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the processing logs sent to CloudWatch Logs and the logging level to send.", - "title": "DagProcessingLogs" + "InlineConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration" + }, + "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra.", + "title": "InlineConfigurations", + "type": "array" }, - "SchedulerLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the scheduler logs sent to CloudWatch Logs and the logging level to send.", - "title": "SchedulerLogs" + "PostExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", + "title": "PostExtractionHookConfiguration" }, - "TaskLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the task logs sent to CloudWatch Logs and the logging level to send.", - "title": "TaskLogs" + "PreExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", + "title": "PreExtractionHookConfiguration" }, - "WebserverLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the web server logs sent to CloudWatch Logs and the logging level to send.", - "title": "WebserverLogs" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "ConfluenceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceConfiguration", + "markdownDescription": "Provides the configuration information to connect to Confluence as your data source.", + "title": "ConfluenceConfiguration" }, - "WorkerLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the worker logs sent to CloudWatch Logs and the logging level to send.", - "title": "WorkerLogs" + "DatabaseConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DatabaseConfiguration", + "markdownDescription": "Provides the configuration information to connect to a database as your data source.", + "title": "DatabaseConfiguration" + }, + "GoogleDriveConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.GoogleDriveConfiguration", + "markdownDescription": "Provides the configuration information to connect to Google Drive as your data source.", + "title": "GoogleDriveConfiguration" + }, + "OneDriveConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveConfiguration", + "markdownDescription": "Provides the configuration information to connect to Microsoft OneDrive as your data source.", + "title": "OneDriveConfiguration" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3DataSourceConfiguration", + "markdownDescription": "Provides the configuration information to connect to an Amazon S3 bucket as your data source.\n\n> Amazon Kendra now supports an upgraded Amazon S3 connector.\n> \n> You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.\n> \n> Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.\n> \n> We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024.", + "title": "S3Configuration" + }, + "SalesforceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceConfiguration", + "markdownDescription": "Provides the configuration information to connect to Salesforce as your data source.", + "title": "SalesforceConfiguration" + }, + "ServiceNowConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowConfiguration", + "markdownDescription": "Provides the configuration information to connect to ServiceNow as your data source.", + "title": "ServiceNowConfiguration" + }, + "SharePointConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SharePointConfiguration", + "markdownDescription": "Provides the configuration information to connect to Microsoft SharePoint as your data source.", + "title": "SharePointConfiguration" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.TemplateConfiguration", + "markdownDescription": "Provides a template for the configuration information to connect to your data source.", + "title": "TemplateConfiguration" + }, + "WebCrawlerConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerConfiguration", + "markdownDescription": "Provides the configuration information required for Amazon Kendra Web Crawler.", + "title": "WebCrawlerConfiguration" + }, + "WorkDocsConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WorkDocsConfiguration", + "markdownDescription": "Provides the configuration information to connect to Amazon WorkDocs as your data source.", + "title": "WorkDocsConfiguration" } }, "type": "object" }, - "AWS::MWAA::Environment.ModuleLoggingConfiguration": { + "AWS::Kendra::DataSource.DataSourceToIndexFieldMapping": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled.\n\n> `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA.", - "title": "CloudWatchLogGroupArn", + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source. You must first create the index field using the `UpdateIndex` API.", + "title": "DataSourceFieldName", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs.", - "title": "Enabled", - "type": "boolean" + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field, you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" }, - "LogLevel": { - "markdownDescription": "Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` .", - "title": "LogLevel", + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the data source field. The index field type must match the data source field type.", + "title": "IndexFieldName", "type": "string" } }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], "type": "object" }, - "AWS::MWAA::Environment.NetworkConfiguration": { + "AWS::Kendra::DataSource.DataSourceVpcConfiguration": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "A list of one or more security group IDs. Accepts up to 5 security group IDs. A security group must be attached to the same VPC as the subnets. To learn more, see [Security in your VPC on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-security.html) .", + "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source.", "title": "SecurityGroupIds", "type": "array" }, @@ -153469,1199 +161008,1117 @@ "items": { "type": "string" }, - "markdownDescription": "A list of subnet IDs. *Required* to create an environment. Must be private subnets in two different availability zones. A subnet must be attached to the same VPC as the security group. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", + "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", "title": "SubnetIds", "type": "array" } }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], "type": "object" }, - "AWS::Macie::AllowList": { + "AWS::Kendra::DataSource.DatabaseConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AclConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.AclConfiguration", + "markdownDescription": "Information about the database column that provides information for user context filtering.", + "title": "AclConfiguration" }, - "Metadata": { - "type": "object" + "ColumnConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ColumnConfiguration", + "markdownDescription": "Information about where the index should get the document information from the database.", + "title": "ColumnConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Criteria": { - "$ref": "#/definitions/AWS::Macie::AllowList.Criteria", - "markdownDescription": "The criteria that specify the text or text pattern to ignore. The criteria can be the location and name of an Amazon S3 object that lists specific text to ignore ( `S3WordsList` ), or a regular expression ( `Regex` ) that defines a text pattern to ignore.", - "title": "Criteria" - }, - "Description": { - "markdownDescription": "A custom description of the allow list. The description can contain 1-512 characters.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A custom name for the allow list. The name can contain 1-128 characters.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to the allow list.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Criteria", - "Name" - ], - "type": "object" + "ConnectionConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConnectionConfiguration", + "markdownDescription": "Configuration information that's required to connect to a database.", + "title": "ConnectionConfiguration" }, - "Type": { - "enum": [ - "AWS::Macie::AllowList" - ], + "DatabaseEngineType": { + "markdownDescription": "The type of database engine that runs the database.", + "title": "DatabaseEngineType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SqlConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SqlConfiguration", + "markdownDescription": "Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source.", + "title": "SqlConfiguration" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Provides information for connecting to an Amazon VPC.", + "title": "VpcConfiguration" } }, "required": [ - "Type", - "Properties" + "ColumnConfiguration", + "ConnectionConfiguration", + "DatabaseEngineType" ], "type": "object" }, - "AWS::Macie::AllowList.Criteria": { + "AWS::Kendra::DataSource.DocumentAttributeCondition": { "additionalProperties": false, "properties": { - "Regex": { - "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to ignore. The expression can contain 1-512 characters.", - "title": "Regex", + "ConditionDocumentAttributeKey": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Kendra currently does not support `_document_body` as an attribute key used for the condition.", + "title": "ConditionDocumentAttributeKey", "type": "string" }, - "S3WordsList": { - "$ref": "#/definitions/AWS::Macie::AllowList.S3WordsList", - "markdownDescription": "The location and name of an Amazon S3 object that lists specific text to ignore.", - "title": "S3WordsList" + "ConditionOnValue": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", + "markdownDescription": "The value used by the operator.\n\nFor example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value.", + "title": "ConditionOnValue" + }, + "Operator": { + "markdownDescription": "The condition operator.\n\nFor example, you can use 'Contains' to partially match a string.", + "title": "Operator", + "type": "string" } }, + "required": [ + "ConditionDocumentAttributeKey", + "Operator" + ], "type": "object" }, - "AWS::Macie::AllowList.S3WordsList": { + "AWS::Kendra::DataSource.DocumentAttributeTarget": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The full name of the S3 bucket that contains the object. This value correlates to the `Name` field of a bucket's properties in Amazon S3 .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", - "title": "BucketName", + "TargetDocumentAttributeKey": { + "markdownDescription": "The identifier of the target document attribute or metadata field.\n\nFor example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", + "title": "TargetDocumentAttributeKey", "type": "string" }, - "ObjectKey": { - "markdownDescription": "The full name of the S3 object. This value correlates to the `Key` field of an object's properties in Amazon S3 . If the name includes a path, include the complete path. For example, `AllowLists/Macie/MyList.txt` .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", - "title": "ObjectKey", - "type": "string" + "TargetDocumentAttributeValue": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", + "markdownDescription": "The target value you want to create for the target attribute.\n\nFor example, 'Finance' could be the target value for the target attribute key 'Department'.", + "title": "TargetDocumentAttributeValue" + }, + "TargetDocumentAttributeValueDeletion": { + "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` . To create a target value ( `TargetDocumentAttributeValue` ), set this to `FALSE` .", + "title": "TargetDocumentAttributeValueDeletion", + "type": "boolean" } }, "required": [ - "BucketName", - "ObjectKey" + "TargetDocumentAttributeKey" ], "type": "object" }, - "AWS::Macie::CustomDataIdentifier": { + "AWS::Kendra::DataSource.DocumentAttributeValue": { "additionalProperties": false, "properties": { - "Condition": { + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", + "type": "number" + }, + "StringListValue": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings. The default maximum length or number of strings is 10.", + "title": "StringListValue", + "type": "array" + }, + "StringValue": { + "markdownDescription": "A string, such as \"department\".", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.DocumentsMetadataConfiguration": { + "additionalProperties": false, + "properties": { + "S3Prefix": { + "markdownDescription": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files.", + "title": "S3Prefix", "type": "string" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.GoogleDriveConfiguration": { + "additionalProperties": false, + "properties": { + "ExcludeMimeTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded.\n\nFor a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", + "title": "ExcludeMimeTypes", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExcludeSharedDrives": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded.", + "title": "ExcludeSharedDrives", + "type": "array" }, - "Metadata": { - "type": "object" + "ExcludeUserAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way.", + "title": "ExcludeUserAccounts", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A custom description of the custom data identifier. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Description", - "type": "string" - }, - "IgnoreWords": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of character sequences ( *ignore words* ) to exclude from the results. If text matches the regular expression ( `Regex` ) but it contains a string in this array, Amazon Macie ignores the text and doesn't include it in the results.\n\nThe array can contain 1-10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.", - "title": "IgnoreWords", - "type": "array" - }, - "Keywords": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of character sequences ( *keywords* ), one of which must precede and be in proximity ( `MaximumMatchDistance` ) of the regular expression ( `Regex` ) to match.\n\nThe array can contain 1-50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.", - "title": "Keywords", - "type": "array" - }, - "MaximumMatchDistance": { - "markdownDescription": "The maximum number of characters that can exist between the end of at least one complete character sequence specified by the `Keywords` array and the end of text that matches the regular expression ( `Regex` ). If a complete keyword precedes all the text that matches the regular expression and the keyword is within the specified distance, Amazon Macie includes the result.\n\nThe distance can be 1-300 characters. The default value is 50.", - "title": "MaximumMatchDistance", - "type": "number" - }, - "Name": { - "markdownDescription": "A custom name for the custom data identifier. The name can contain 1-128 characters.\n\nAvoid including sensitive data in the name of a custom data identifier. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Name", - "type": "string" - }, - "Regex": { - "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to match. The expression can contain 1-512 characters.", - "title": "Regex", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to the custom data identifier.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "ExclusionPatterns": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Regex" - ], - "type": "object" + "markdownDescription": "A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "ExclusionPatterns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Macie::CustomDataIdentifier" - ], - "type": "string" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata.", + "title": "FieldMappings", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "InclusionPatterns", + "type": "array" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", + "title": "SecretArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "SecretArn" ], "type": "object" }, - "AWS::Macie::FindingsFilter": { + "AWS::Kendra::DataSource.HookConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The action to perform on findings that match the filter criteria ( `FindingCriteria` ). Valid values are:\n\n- `ARCHIVE` - Suppress (automatically archive) the findings.\n- `NOOP` - Don't perform any action on the findings.", - "title": "Action", - "type": "string" - }, - "Description": { - "markdownDescription": "A custom description of the findings filter. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Description", - "type": "string" - }, - "FindingCriteria": { - "$ref": "#/definitions/AWS::Macie::FindingsFilter.FindingCriteria", - "markdownDescription": "The criteria to use to filter findings.", - "title": "FindingCriteria" - }, - "Name": { - "markdownDescription": "A custom name for the findings filter. The name can contain 3-64 characters.\n\nAvoid including sensitive data in the name. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Name", - "type": "string" - }, - "Position": { - "markdownDescription": "The position of the findings filter in the list of saved filter rules on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to findings.", - "title": "Position", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to the findings filter.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "FindingCriteria", - "Name" - ], - "type": "object" + "InvocationCondition": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", + "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time.", + "title": "InvocationCondition" }, - "Type": { - "enum": [ - "AWS::Macie::FindingsFilter" - ], + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", + "title": "LambdaArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Bucket": { + "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) .", + "title": "S3Bucket", "type": "string" } }, "required": [ - "Type", - "Properties" + "LambdaArn", + "S3Bucket" ], "type": "object" }, - "AWS::Macie::FindingsFilter.CriterionAdditionalProperties": { + "AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "eq": { + "Condition": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", + "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Kendra.", + "title": "Condition" + }, + "DocumentContentDeletion": { + "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", + "title": "DocumentContentDeletion", + "type": "boolean" + }, + "Target": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeTarget", + "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Kendra. You can also include a value.", + "title": "Target" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.OneDriveConfiguration": { + "additionalProperties": false, + "properties": { + "DisableLocalGroups": { + "markdownDescription": "`TRUE` to disable local groups information.", + "title": "DisableLocalGroups", + "type": "boolean" + }, + "ExclusionPatterns": { "items": { "type": "string" }, - "markdownDescription": "The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", - "title": "eq", + "markdownDescription": "A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", + "title": "ExclusionPatterns", "type": "array" }, - "gt": { - "markdownDescription": "The value for the specified property is greater than the specified value.", - "title": "gt", - "type": "number" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata.", + "title": "FieldMappings", + "type": "array" }, - "gte": { - "markdownDescription": "The value for the specified property is greater than or equal to the specified value.", - "title": "gte", - "type": "number" + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", + "title": "InclusionPatterns", + "type": "array" }, - "lt": { - "markdownDescription": "The value for the specified property is less than the specified value.", - "title": "lt", - "type": "number" + "OneDriveUsers": { + "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveUsers", + "markdownDescription": "A list of user accounts whose documents should be indexed.", + "title": "OneDriveUsers" }, - "lte": { - "markdownDescription": "The value for the specified property is less than or equal to the specified value.", - "title": "lte", - "type": "number" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application.", + "title": "SecretArn", + "type": "string" }, - "neq": { + "TenantDomain": { + "markdownDescription": "The Azure Active Directory domain of the organization.", + "title": "TenantDomain", + "type": "string" + } + }, + "required": [ + "OneDriveUsers", + "SecretArn", + "TenantDomain" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.OneDriveUsers": { + "additionalProperties": false, + "properties": { + "OneDriveUserList": { "items": { "type": "string" }, - "markdownDescription": "The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", - "title": "neq", + "markdownDescription": "A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users.", + "title": "OneDriveUserList", "type": "array" + }, + "OneDriveUserS3Path": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", + "markdownDescription": "The S3 bucket location of a file containing a list of users whose documents should be indexed.", + "title": "OneDriveUserS3Path" } }, "type": "object" }, - "AWS::Macie::FindingsFilter.FindingCriteria": { + "AWS::Kendra::DataSource.ProxyConfiguration": { "additionalProperties": false, "properties": { - "Criterion": { - "additionalProperties": false, - "markdownDescription": "Specifies a condition that defines the property, operator, and one or more values to use to filter the results.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Macie::FindingsFilter.CriterionAdditionalProperties" - } - }, - "title": "Criterion", - "type": "object" + "Credentials": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nThe credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials.", + "title": "Credentials", + "type": "string" + }, + "Host": { + "markdownDescription": "The name of the website host you want to connect to via a web proxy server.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port number of the website host you want to connect to via a web proxy server.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", + "title": "Port", + "type": "number" } }, + "required": [ + "Host", + "Port" + ], "type": "object" }, - "AWS::Macie::Session": { + "AWS::Kendra::DataSource.S3DataSourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AccessControlListConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.AccessControlListConfiguration", + "markdownDescription": "Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) .", + "title": "AccessControlListConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BucketName": { + "markdownDescription": "The name of the bucket that contains the documents.", + "title": "BucketName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DocumentsMetadataConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentsMetadataConfiguration", + "markdownDescription": "Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document.", + "title": "DocumentsMetadataConfiguration" }, - "Metadata": { - "type": "object" + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", + "title": "ExclusionPatterns", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "FindingPublishingFrequency": { - "markdownDescription": "Specifies how often Amazon Macie publishes updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events ). Valid values are:\n\n- FIFTEEN_MINUTES\n- ONE_HOUR\n- SIX_HOURS", - "title": "FindingPublishingFrequency", - "type": "string" - }, - "Status": { - "markdownDescription": "The status of Amazon Macie for the account. Valid values are: `ENABLED` , start or resume Macie activities for the account; and, `PAUSED` , suspend Macie activities for the account.", - "title": "Status", - "type": "string" - } + "InclusionPatterns": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", + "title": "InclusionPatterns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Macie::Session" - ], + "InclusionPrefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of S3 prefixes for the documents that should be included in the index.", + "title": "InclusionPrefixes", + "type": "array" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.S3Path": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", "type": "string" } }, "required": [ - "Type" + "Bucket", + "Key" ], "type": "object" }, - "AWS::ManagedBlockchain::Accessor": { + "AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "DocumentDataFieldName": { + "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column.", + "title": "DocumentDataFieldName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DocumentTitleFieldName": { + "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column.", + "title": "DocumentTitleFieldName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessorType": { - "markdownDescription": "The type of the accessor.\n\n> Currently, accessor type is restricted to `BILLING_TOKEN` .", - "title": "AccessorType", - "type": "string" - }, - "NetworkType": { - "markdownDescription": "The blockchain network that the `Accessor` token is created for.\n\n> We recommend using the appropriate `networkType` value for the blockchain network that you are creating the `Accessor` token for. You cannot use the value `ETHEREUM_MAINNET_AND_GOERLI` to specify a `networkType` for your Accessor token.\n> \n> The default value of `ETHEREUM_MAINNET_AND_GOERLI` is only applied:\n> \n> - when the `CreateAccessor` action does not set a `networkType` .\n> - to all existing `Accessor` tokens that were created before the `networkType` property was introduced.", - "title": "NetworkType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the Accessor.\n\nFor more information about tags, see [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/tagging-resources.html) in the *Amazon Managed Blockchain Ethereum Developer Guide* , or [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/tagging-resources.html) in the *Amazon Managed Blockchain Hyperledger Fabric Developer Guide* .", - "title": "Tags", - "type": "array" - } + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, - "required": [ - "AccessorType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ManagedBlockchain::Accessor" - ], - "type": "string" + "markdownDescription": "Maps fields from a Salesforce chatter feed into Amazon Kendra index fields.", + "title": "FieldMappings", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IncludeFilterTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both.", + "title": "IncludeFilterTypes", + "type": "array" } }, "required": [ - "Type", - "Properties" + "DocumentDataFieldName" ], "type": "object" }, - "AWS::ManagedBlockchain::Member": { + "AWS::Kendra::DataSource.SalesforceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChatterFeedConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration", + "markdownDescription": "Configuration information for Salesforce chatter feeds.", + "title": "ChatterFeedConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CrawlAttachments": { + "markdownDescription": "Indicates whether Amazon Kendra should index attachments to Salesforce objects.", + "title": "CrawlAttachments", + "type": "boolean" }, - "Metadata": { - "type": "object" + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "InvitationId": { - "markdownDescription": "The unique identifier of the invitation to join the network sent to the account that creates the member.", - "title": "InvitationId", - "type": "string" - }, - "MemberConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberConfiguration", - "markdownDescription": "Configuration properties of the member.", - "title": "MemberConfiguration" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkConfiguration", - "markdownDescription": "Configuration properties of the network to which the member belongs.", - "title": "NetworkConfiguration" - }, - "NetworkId": { - "markdownDescription": "The unique identifier of the network to which the member belongs.", - "title": "NetworkId", - "type": "string" - } + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" }, - "required": [ - "MemberConfiguration" - ], - "type": "object" + "markdownDescription": "A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::ManagedBlockchain::Member" - ], + "KnowledgeArticleConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration", + "markdownDescription": "Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both.", + "title": "KnowledgeArticleConfiguration" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys:\n\n- authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token.\n- consumerKey - The application public key generated when you created your Salesforce application.\n- consumerSecret - The application private key generated when you created your Salesforce application.\n- password - The password associated with the user logging in to the Salesforce instance.\n- securityToken - The token associated with the user logging in to the Salesforce instance.\n- username - The user name of the user logging in to the Salesforce instance.", + "title": "SecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ServerUrl": { + "markdownDescription": "The instance URL for the Salesforce site that you want to index.", + "title": "ServerUrl", "type": "string" + }, + "StandardObjectAttachmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration", + "markdownDescription": "Configuration information for processing attachments to Salesforce standard objects.", + "title": "StandardObjectAttachmentConfiguration" + }, + "StandardObjectConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration" + }, + "markdownDescription": "Configuration of the Salesforce standard objects that Amazon Kendra indexes.", + "title": "StandardObjectConfigurations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "SecretArn", + "ServerUrl" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { + "AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration": { "additionalProperties": false, "properties": { - "ProposalDurationInHours": { - "markdownDescription": "The duration from the time that a proposal is created until it expires. If members cast neither the required number of `YES` votes to approve the proposal nor the number of `NO` votes required to reject it before the duration expires, the proposal is `EXPIRED` and `ProposalActions` aren't carried out.", - "title": "ProposalDurationInHours", - "type": "number" + "DocumentDataFieldName": { + "markdownDescription": "The name of the field in the custom knowledge article that contains the document data to index.", + "title": "DocumentDataFieldName", + "type": "string" }, - "ThresholdComparator": { - "markdownDescription": "Determines whether the vote percentage must be greater than the `ThresholdPercentage` or must be greater than or equal to the `ThresholdPercentage` to be approved.", - "title": "ThresholdComparator", + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field in the custom knowledge article that contains the document title.", + "title": "DocumentTitleFieldName", "type": "string" }, - "ThresholdPercentage": { - "markdownDescription": "The percentage of votes among all members that must be `YES` for a proposal to be approved. For example, a `ThresholdPercentage` value of `50` indicates 50%. The `ThresholdComparator` determines the precise comparison. If a `ThresholdPercentage` value of `50` is specified on a network with 10 members, along with a `ThresholdComparator` value of `GREATER_THAN` , this indicates that 6 `YES` votes are required for the proposal to be approved.", - "title": "ThresholdPercentage", - "type": "number" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the custom knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the configuration.", + "title": "Name", + "type": "string" } }, + "required": [ + "DocumentDataFieldName", + "Name" + ], "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberConfiguration": { + "AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description of the member.", - "title": "Description", - "type": "string" + "CustomKnowledgeArticleTypeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration" + }, + "markdownDescription": "Configuration information for custom Salesforce knowledge articles.", + "title": "CustomKnowledgeArticleTypeConfigurations", + "type": "array" }, - "MemberFrameworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration", - "markdownDescription": "Configuration properties of the blockchain framework relevant to the member.", - "title": "MemberFrameworkConfiguration" + "IncludedStates": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state.", + "title": "IncludedStates", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the member.", - "title": "Name", - "type": "string" + "StandardKnowledgeArticleTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration", + "markdownDescription": "Configuration information for standard Salesforce knowledge articles.", + "title": "StandardKnowledgeArticleTypeConfiguration" } }, "required": [ - "Name" + "IncludedStates" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberFabricConfiguration": { + "AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration": { "additionalProperties": false, "properties": { - "AdminPassword": { - "markdownDescription": "The password for the member's initial administrative user. The `AdminPassword` must be at least 8 characters long and no more than 32 characters. It must contain at least one uppercase letter, one lowercase letter, and one digit. It cannot have a single quotation mark (\u2018), a double quotation marks (\u201c), a forward slash(/), a backward slash(\\), @, or a space.", - "title": "AdminPassword", + "DocumentDataFieldName": { + "markdownDescription": "The name of the field that contains the document data to index.", + "title": "DocumentDataFieldName", "type": "string" }, - "AdminUsername": { - "markdownDescription": "The user name for the member's initial administrative user.", - "title": "AdminUsername", + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field that contains the document title.", + "title": "DocumentTitleFieldName", "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" } }, "required": [ - "AdminPassword", - "AdminUsername" + "DocumentDataFieldName" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration": { + "AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration": { "additionalProperties": false, "properties": { - "MemberFabricConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFabricConfiguration", - "markdownDescription": "Configuration properties for Hyperledger Fabric.", - "title": "MemberFabricConfiguration" + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field used for the document title.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "One or more objects that map fields in attachments to Amazon Kendra index fields.", + "title": "FieldMappings", + "type": "array" } }, "type": "object" }, - "AWS::ManagedBlockchain::Member.NetworkConfiguration": { + "AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Attributes of the blockchain framework for the network.", - "title": "Description", + "DocumentDataFieldName": { + "markdownDescription": "The name of the field in the standard object table that contains the document contents.", + "title": "DocumentDataFieldName", "type": "string" }, - "Framework": { - "markdownDescription": "The blockchain framework that the network uses.", - "title": "Framework", + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field in the standard object table that contains the document title.", + "title": "DocumentTitleFieldName", "type": "string" }, - "FrameworkVersion": { - "markdownDescription": "The version of the blockchain framework that the network uses.", - "title": "FrameworkVersion", - "type": "string" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the standard object to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" }, "Name": { - "markdownDescription": "The name of the network.", + "markdownDescription": "The name of the standard object.", "title": "Name", "type": "string" - }, - "NetworkFrameworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration", - "markdownDescription": "Configuration properties relevant to the network for the blockchain framework that the network uses.", - "title": "NetworkFrameworkConfiguration" - }, - "VotingPolicy": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.VotingPolicy", - "markdownDescription": "The voting rules that the network uses to decide if a proposal is accepted.", - "title": "VotingPolicy" } }, "required": [ - "Framework", - "FrameworkVersion", - "Name", - "VotingPolicy" + "DocumentDataFieldName", + "Name" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.NetworkFabricConfiguration": { + "AWS::Kendra::DataSource.ServiceNowConfiguration": { "additionalProperties": false, "properties": { - "Edition": { - "markdownDescription": "The edition of Amazon Managed Blockchain that the network uses. Valid values are `standard` and `starter` . For more information, see [Amazon Managed Blockchain Pricing](https://docs.aws.amazon.com/managed-blockchain/pricing/)", - "title": "Edition", + "AuthenticationType": { + "markdownDescription": "The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password.\n\nWhen you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", + "title": "AuthenticationType", + "type": "string" + }, + "HostUrl": { + "markdownDescription": "The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.*", + "title": "HostUrl", + "type": "string" + }, + "KnowledgeArticleConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration", + "markdownDescription": "Configuration information for crawling knowledge articles in the ServiceNow site.", + "title": "KnowledgeArticleConfiguration" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", + "title": "SecretArn", + "type": "string" + }, + "ServiceCatalogConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration", + "markdownDescription": "Configuration information for crawling service catalogs in the ServiceNow site.", + "title": "ServiceCatalogConfiguration" + }, + "ServiceNowBuildVersion": { + "markdownDescription": "The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` .", + "title": "ServiceNowBuildVersion", "type": "string" } }, "required": [ - "Edition" + "HostUrl", + "SecretArn", + "ServiceNowBuildVersion" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration": { - "additionalProperties": false, - "properties": { - "NetworkFabricConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFabricConfiguration", - "markdownDescription": "Configuration properties for Hyperledger Fabric for a member in a Managed Blockchain network that is using the Hyperledger Fabric framework.", - "title": "NetworkFabricConfiguration" - } - }, - "type": "object" - }, - "AWS::ManagedBlockchain::Member.VotingPolicy": { - "additionalProperties": false, - "properties": { - "ApprovalThresholdPolicy": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy", - "markdownDescription": "Defines the rules for the network for voting on proposals, such as the percentage of `YES` votes required for the proposal to be approved and the duration of the proposal. The policy applies to all proposals and is specified when the network is created.", - "title": "ApprovalThresholdPolicy" - } - }, - "type": "object" - }, - "AWS::ManagedBlockchain::Node": { + "AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments to knowledge articles.", + "title": "CrawlAttachments", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DocumentDataFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", + "title": "DocumentDataFieldName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DocumentTitleFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", + "title": "DocumentTitleFieldName", + "type": "string" }, - "Metadata": { - "type": "object" + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MemberId": { - "markdownDescription": "The unique identifier of the member to which the node belongs. Applies only to Hyperledger Fabric.", - "title": "MemberId", - "type": "string" - }, - "NetworkId": { - "markdownDescription": "The unique identifier of the network for the node.\n\nEthereum public networks have the following `NetworkId` s:\n\n- `n-ethereum-mainnet`", - "title": "NetworkId", - "type": "string" - }, - "NodeConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Node.NodeConfiguration", - "markdownDescription": "Configuration properties of a peer node.", - "title": "NodeConfiguration" - } + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, - "required": [ - "NetworkId", - "NodeConfiguration" - ], - "type": "object" + "markdownDescription": "Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", + "title": "FieldMappings", + "type": "array" }, - "Type": { - "enum": [ - "AWS::ManagedBlockchain::Node" - ], + "FilterQuery": { + "markdownDescription": "A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private.\n\nThe query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) .", + "title": "FilterQuery", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" } }, "required": [ - "Type", - "Properties" + "DocumentDataFieldName" ], "type": "object" }, - "AWS::ManagedBlockchain::Node.NodeConfiguration": { + "AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which the node exists. Required for Ethereum nodes.", - "title": "AvailabilityZone", + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments to service catalog items.", + "title": "CrawlAttachments", + "type": "boolean" + }, + "DocumentDataFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", + "title": "DocumentDataFieldName", "type": "string" }, - "InstanceType": { - "markdownDescription": "The Amazon Managed Blockchain instance type for the node.", - "title": "InstanceType", + "DocumentTitleFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", + "title": "DocumentTitleFieldName", "type": "string" + }, + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" } }, "required": [ - "AvailabilityZone", - "InstanceType" + "DocumentDataFieldName" ], "type": "object" }, - "AWS::MediaConnect::Bridge": { + "AWS::Kendra::DataSource.SharePointConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index document attachments.", + "title": "CrawlAttachments", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DisableLocalGroups": { + "markdownDescription": "`TRUE` to disable local groups information.", + "title": "DisableLocalGroups", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DocumentTitleFieldName": { + "markdownDescription": "The Microsoft SharePoint attribute field that contains the title of the document.", + "title": "DocumentTitleFieldName", + "type": "string" }, - "Metadata": { - "type": "object" + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index.\n\nThe regex is applied to the display URL of the SharePoint document.", + "title": "ExclusionPatterns", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "EgressGatewayBridge": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.EgressGatewayBridge", - "markdownDescription": "An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises.", - "title": "EgressGatewayBridge" - }, - "IngressGatewayBridge": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.IngressGatewayBridge", - "markdownDescription": "An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud.", - "title": "IngressGatewayBridge" - }, - "Name": { - "markdownDescription": "The name of the bridge. This name can not be modified after the bridge is created.", - "title": "Name", - "type": "string" - }, - "Outputs": { - "items": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeOutput" - }, - "markdownDescription": "The outputs that you want to add to this bridge.", - "title": "Outputs", - "type": "array" - }, - "PlacementArn": { - "markdownDescription": "The bridge placement Amazon Resource Number (ARN).", - "title": "PlacementArn", - "type": "string" - }, - "SourceFailoverConfig": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.FailoverConfig", - "markdownDescription": "The settings for source failover.", - "title": "SourceFailoverConfig" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeSource" - }, - "markdownDescription": "The sources that you want to add to this bridge.", - "title": "Sources", - "type": "array" - } + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, - "required": [ - "Name", - "PlacementArn", - "Sources" - ], - "type": "object" + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) .", + "title": "FieldMappings", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaConnect::Bridge" - ], + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe regex applies to the display URL of the SharePoint document.", + "title": "InclusionPatterns", + "type": "array" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) .", + "title": "SecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SharePointVersion": { + "markdownDescription": "The version of Microsoft SharePoint that you use.", + "title": "SharePointVersion", "type": "string" + }, + "SslCertificateS3Path": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", + "markdownDescription": "Information required to find a specific file in an Amazon S3 bucket.", + "title": "SslCertificateS3Path" + }, + "Urls": { + "items": { + "type": "string" + }, + "markdownDescription": "The Microsoft SharePoint site URLs for the documents you want to index.", + "title": "Urls", + "type": "array" + }, + "UseChangeLog": { + "markdownDescription": "`TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint.", + "title": "UseChangeLog", + "type": "boolean" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Provides information for connecting to an Amazon VPC.", + "title": "VpcConfiguration" } }, "required": [ - "Type", - "Properties" + "SecretArn", + "SharePointVersion", + "Urls" ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeFlowSource": { + "AWS::Kendra::DataSource.SqlConfiguration": { "additionalProperties": false, "properties": { - "FlowArn": { - "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", - "title": "FlowArn", - "type": "string" - }, - "FlowVpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this source.", - "title": "FlowVpcInterfaceAttachment" - }, - "Name": { - "markdownDescription": "The name of the flow source.", - "title": "Name", + "QueryIdentifiersEnclosingOption": { + "markdownDescription": "Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (\") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` .\n\nBy default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes.\n\nPostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case.\n\nFor MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` .", + "title": "QueryIdentifiersEnclosingOption", "type": "string" } }, - "required": [ - "FlowArn", - "Name" - ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeNetworkOutput": { + "AWS::Kendra::DataSource.TemplateConfiguration": { "additionalProperties": false, "properties": { - "IpAddress": { - "markdownDescription": "The network output IP address.", - "title": "IpAddress", - "type": "string" - }, - "Name": { - "markdownDescription": "The network output name.", - "title": "Name", - "type": "string" - }, - "NetworkName": { - "markdownDescription": "The network output's gateway network name.", - "title": "NetworkName", - "type": "string" - }, - "Port": { - "markdownDescription": "The network output's port.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" - }, - "Ttl": { - "markdownDescription": "The network output TTL.", - "title": "Ttl", - "type": "number" + "Template": { + "markdownDescription": "The template schema used for the data source, where templates schemas are supported.\n\nSee [Data source template schemas](https://docs.aws.amazon.com/kendra/latest/dg/ds-schemas.html) .", + "title": "Template", + "type": "object" } }, "required": [ - "IpAddress", - "Name", - "NetworkName", - "Port", - "Protocol", - "Ttl" + "Template" ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeNetworkSource": { + "AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration": { "additionalProperties": false, "properties": { - "MulticastIp": { - "markdownDescription": "The network source multicast IP.", - "title": "MulticastIp", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the network source.", - "title": "Name", + "BasicAuthentication": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerBasicAuthentication" + }, + "markdownDescription": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host.", + "title": "BasicAuthentication", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.WebCrawlerBasicAuthentication": { + "additionalProperties": false, + "properties": { + "Credentials": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nYou use a secret if basic authentication credentials are required to connect to a website. The secret stores your credentials of user name and password.", + "title": "Credentials", "type": "string" }, - "NetworkName": { - "markdownDescription": "The network source's gateway network name.", - "title": "NetworkName", + "Host": { + "markdownDescription": "The name of the website host you want to connect to using authentication credentials.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", + "title": "Host", "type": "string" }, "Port": { - "markdownDescription": "The network source port.", + "markdownDescription": "The port number of the website host you want to connect to using authentication credentials.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", "title": "Port", "type": "number" - }, - "Protocol": { - "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" } }, "required": [ - "MulticastIp", - "Name", - "NetworkName", - "Port", - "Protocol" + "Credentials", + "Host", + "Port" ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeOutput": { - "additionalProperties": false, - "properties": { - "NetworkOutput": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkOutput", - "markdownDescription": "The output of the bridge. A network output is delivered to your premises.", - "title": "NetworkOutput" - } - }, - "type": "object" - }, - "AWS::MediaConnect::Bridge.BridgeSource": { + "AWS::Kendra::DataSource.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "FlowSource": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeFlowSource", - "markdownDescription": "The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow.", - "title": "FlowSource" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration", + "markdownDescription": "Configuration information required to connect to websites using authentication.\n\nYou can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.", + "title": "AuthenticationConfiguration" }, - "NetworkSource": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkSource", - "markdownDescription": "The source of the bridge. A network source originates at your premises.", - "title": "NetworkSource" - } - }, - "type": "object" - }, - "AWS::MediaConnect::Bridge.EgressGatewayBridge": { - "additionalProperties": false, - "properties": { - "MaxBitrate": { - "markdownDescription": "The maximum expected bitrate (in bps) of the egress bridge.", - "title": "MaxBitrate", + "CrawlDepth": { + "markdownDescription": "The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2.", + "title": "CrawlDepth", + "type": "number" + }, + "MaxContentSizePerPageInMegaBytes": { + "markdownDescription": "The maximum size (in MB) of a web page or attachment to crawl.\n\nFiles larger than this size (in MB) are skipped/not crawled.\n\nThe default maximum size of a web page or attachment is set to 50 MB.", + "title": "MaxContentSizePerPageInMegaBytes", + "type": "number" + }, + "MaxLinksPerPage": { + "markdownDescription": "The maximum number of URLs on a web page to include when crawling a website. This number is per web page.\n\nAs a website\u2019s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance.\n\nThe default maximum links per page is 100.", + "title": "MaxLinksPerPage", + "type": "number" + }, + "MaxUrlsPerMinuteCrawlRate": { + "markdownDescription": "The maximum number of URLs crawled per website host per minute.\n\nA minimum of one URL is required.\n\nThe default maximum number of URLs crawled per website host per minute is 300.", + "title": "MaxUrlsPerMinuteCrawlRate", "type": "number" + }, + "ProxyConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ProxyConfiguration", + "markdownDescription": "Configuration information required to connect to your internal websites via a web proxy.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.\n\nWeb proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) .", + "title": "ProxyConfiguration" + }, + "UrlExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", + "title": "UrlExclusionPatterns", + "type": "array" + }, + "UrlInclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", + "title": "UrlInclusionPatterns", + "type": "array" + }, + "Urls": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerUrls", + "markdownDescription": "Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl.\n\nYou can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs.\n\nYou can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling.\n\n*When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.*", + "title": "Urls" } }, "required": [ - "MaxBitrate" + "Urls" ], "type": "object" }, - "AWS::MediaConnect::Bridge.FailoverConfig": { + "AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration": { "additionalProperties": false, "properties": { - "FailoverMode": { - "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams.", - "title": "FailoverMode", - "type": "string" - }, - "SourcePriority": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.SourcePriority", - "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", - "title": "SourcePriority" + "SeedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of seed or starting point URLs of the websites you want to crawl.\n\nThe list can include a maximum of 100 seed URLs.", + "title": "SeedUrls", + "type": "array" }, - "State": { - "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", - "title": "State", + "WebCrawlerMode": { + "markdownDescription": "You can choose one of the following modes:\n\n- `HOST_ONLY` \u2014crawl only the website host names. For example, if the seed URL is \"abc.example.com\", then only URLs with host name \"abc.example.com\" are crawled.\n- `SUBDOMAINS` \u2014crawl the website host names with subdomains. For example, if the seed URL is \"abc.example.com\", then \"a.abc.example.com\" and \"b.abc.example.com\" are also crawled.\n- `EVERYTHING` \u2014crawl the website host names with subdomains and other domains that the web pages link to.\n\nThe default mode is set to `HOST_ONLY` .", + "title": "WebCrawlerMode", "type": "string" } }, "required": [ - "FailoverMode" + "SeedUrls" ], "type": "object" }, - "AWS::MediaConnect::Bridge.IngressGatewayBridge": { + "AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration": { "additionalProperties": false, "properties": { - "MaxBitrate": { - "markdownDescription": "The maximum expected bitrate (in bps) of the ingress bridge.", - "title": "MaxBitrate", - "type": "number" - }, - "MaxOutputs": { - "markdownDescription": "The maximum number of outputs on the ingress bridge.", - "title": "MaxOutputs", - "type": "number" + "SiteMaps": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of sitemap URLs of the websites you want to crawl.\n\nThe list can include a maximum of three sitemap URLs.", + "title": "SiteMaps", + "type": "array" } }, "required": [ - "MaxBitrate", - "MaxOutputs" + "SiteMaps" ], "type": "object" }, - "AWS::MediaConnect::Bridge.SourcePriority": { + "AWS::Kendra::DataSource.WebCrawlerUrls": { "additionalProperties": false, "properties": { - "PrimarySource": { - "markdownDescription": "The name of the source you choose as the primary source for this flow.", - "title": "PrimarySource", - "type": "string" + "SeedUrlConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration", + "markdownDescription": "Configuration of the seed or starting point URLs of the websites you want to crawl.\n\nYou can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to.\n\nYou can list up to 100 seed URLs.", + "title": "SeedUrlConfiguration" + }, + "SiteMapsConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration", + "markdownDescription": "Configuration of the sitemap URLs of the websites you want to crawl.\n\nOnly URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs.", + "title": "SiteMapsConfiguration" } }, "type": "object" }, - "AWS::MediaConnect::Bridge.VpcInterfaceAttachment": { + "AWS::Kendra::DataSource.WorkDocsConfiguration": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "CrawlComments": { + "markdownDescription": "`TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on.\n\nThe default is set to `FALSE` .", + "title": "CrawlComments", + "type": "boolean" + }, + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain files in your Amazon WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don\u2019t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", + "title": "ExclusionPatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Amazon WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Amazon WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Amazon WorkDocs data source field names must exist in your Amazon WorkDocs custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain files in your Amazon WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", + "title": "InclusionPatterns", + "type": "array" + }, + "OrganizationId": { + "markdownDescription": "The identifier of the directory corresponding to your Amazon WorkDocs site repository.\n\nYou can find the organization ID in the [AWS Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your Amazon WorkDocs site directory has an ID, which is the organization ID. You can also set up a new Amazon WorkDocs directory in the AWS Directory Service console and enable a Amazon WorkDocs site for the directory in the Amazon WorkDocs console.", + "title": "OrganizationId", "type": "string" + }, + "UseChangeLog": { + "markdownDescription": "`TRUE` to use the Amazon WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in Amazon WorkDocs.", + "title": "UseChangeLog", + "type": "boolean" } }, + "required": [ + "OrganizationId" + ], "type": "object" }, - "AWS::MediaConnect::BridgeOutput": { + "AWS::Kendra::Faq": { "additionalProperties": false, "properties": { "Condition": { @@ -154696,32 +162153,61 @@ "Properties": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bridge that you want to update.", - "title": "BridgeArn", + "Description": { + "markdownDescription": "A description for the FAQ.", + "title": "Description", + "type": "string" + }, + "FileFormat": { + "markdownDescription": "The format of the input file. You can choose between a basic CSV format, a CSV format that includes customs attributes in a header, and a JSON format that includes custom attributes.\n\nThe format must match the format of the file stored in the S3 bucket identified in the S3Path parameter.\n\nValid values are:\n\n- `CSV`\n- `CSV_WITH_HEADER`\n- `JSON`", + "title": "FileFormat", + "type": "string" + }, + "IndexId": { + "markdownDescription": "The identifier of the index that contains the FAQ.", + "title": "IndexId", + "type": "string" + }, + "LanguageCode": { + "markdownDescription": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", + "title": "LanguageCode", "type": "string" }, "Name": { - "markdownDescription": "The network output name. This name is used to reference the output and must be unique among outputs in this bridge.", + "markdownDescription": "The name that you assigned the FAQ when you created or updated the FAQ.", "title": "Name", "type": "string" }, - "NetworkOutput": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput", - "markdownDescription": "The network output of the bridge. A network output is delivered to your premises.", - "title": "NetworkOutput" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQ.", + "title": "RoleArn", + "type": "string" + }, + "S3Path": { + "$ref": "#/definitions/AWS::Kendra::Faq.S3Path", + "markdownDescription": "The Amazon Simple Storage Service (Amazon S3) location of the FAQ input data.", + "title": "S3Path" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "BridgeArn", + "IndexId", "Name", - "NetworkOutput" + "RoleArn", + "S3Path" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::BridgeOutput" + "AWS::Kendra::Faq" ], "type": "string" }, @@ -154740,45 +162226,27 @@ ], "type": "object" }, - "AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput": { + "AWS::Kendra::Faq.S3Path": { "additionalProperties": false, "properties": { - "IpAddress": { - "markdownDescription": "The network output IP address.", - "title": "IpAddress", - "type": "string" - }, - "NetworkName": { - "markdownDescription": "The network output's gateway network name.", - "title": "NetworkName", + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", "type": "string" }, - "Port": { - "markdownDescription": "The network output's port.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", "type": "string" - }, - "Ttl": { - "markdownDescription": "The network output TTL.", - "title": "Ttl", - "type": "number" } }, "required": [ - "IpAddress", - "NetworkName", - "Port", - "Protocol", - "Ttl" + "Bucket", + "Key" ], "type": "object" }, - "AWS::MediaConnect::BridgeSource": { + "AWS::Kendra::Index": { "additionalProperties": false, "properties": { "Condition": { @@ -154813,36 +162281,76 @@ "Properties": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", + "CapacityUnits": { + "$ref": "#/definitions/AWS::Kendra::Index.CapacityUnitsConfiguration", + "markdownDescription": "Specifies additional capacity units configured for your Enterprise Edition index. You can add and remove capacity units to fit your usage requirements.", + "title": "CapacityUnits" + }, + "Description": { + "markdownDescription": "A description for the index.", + "title": "Description", "type": "string" }, - "FlowSource": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeFlowSource", - "markdownDescription": "The source of the flow.", - "title": "FlowSource" + "DocumentMetadataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.DocumentMetadataConfiguration" + }, + "markdownDescription": "Specifies the properties of an index field. You can add either a custom or a built-in field. You can add and remove built-in fields at any time. When a built-in field is removed it's configuration reverts to the default for the field. Custom fields can't be removed from an index after they are added.", + "title": "DocumentMetadataConfigurations", + "type": "array" + }, + "Edition": { + "markdownDescription": "Indicates whether the index is a Enterprise Edition index, a Developer Edition index, or a GenAI Enterprise Edition index.", + "title": "Edition", + "type": "string" }, "Name": { - "markdownDescription": "The name of the flow source. This name is used to reference the source and must be unique among sources in this bridge.", + "markdownDescription": "The name of the index.", "title": "Name", "type": "string" }, - "NetworkSource": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeNetworkSource", - "markdownDescription": "The source of the network.", - "title": "NetworkSource" + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket.", + "title": "RoleArn", + "type": "string" + }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.ServerSideEncryptionConfiguration", + "markdownDescription": "The identifier of the AWS KMS customer managed key (CMK) to use to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs.", + "title": "ServerSideEncryptionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserContextPolicy": { + "markdownDescription": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable.", + "title": "UserContextPolicy", + "type": "string" + }, + "UserTokenConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.UserTokenConfiguration" + }, + "markdownDescription": "Defines the type of user token used for the index.", + "title": "UserTokenConfigurations", + "type": "array" } }, "required": [ - "BridgeArn", - "Name" + "Edition", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::BridgeSource" + "AWS::Kendra::Index" ], "type": "string" }, @@ -154861,382 +162369,224 @@ ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.BridgeFlowSource": { + "AWS::Kendra::Index.CapacityUnitsConfiguration": { "additionalProperties": false, "properties": { - "FlowArn": { - "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", - "title": "FlowArn", - "type": "string" + "QueryCapacityUnits": { + "markdownDescription": "The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity.\n\nA single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units.\n\n`GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second).", + "title": "QueryCapacityUnits", + "type": "number" }, - "FlowVpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this source.", - "title": "FlowVpcInterfaceAttachment" + "StorageCapacityUnits": { + "markdownDescription": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units.", + "title": "StorageCapacityUnits", + "type": "number" } }, "required": [ - "FlowArn" + "QueryCapacityUnits", + "StorageCapacityUnits" ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.BridgeNetworkSource": { + "AWS::Kendra::Index.DocumentMetadataConfiguration": { "additionalProperties": false, "properties": { - "MulticastIp": { - "markdownDescription": "The network source multicast IP.", - "title": "MulticastIp", + "Name": { + "markdownDescription": "The name of the index field.", + "title": "Name", "type": "string" }, - "NetworkName": { - "markdownDescription": "The network source's gateway network name.", - "title": "NetworkName", - "type": "string" + "Relevance": { + "$ref": "#/definitions/AWS::Kendra::Index.Relevance", + "markdownDescription": "Provides tuning parameters to determine how the field affects the search results.", + "title": "Relevance" }, - "Port": { - "markdownDescription": "The network source port.", - "title": "Port", - "type": "number" + "Search": { + "$ref": "#/definitions/AWS::Kendra::Index.Search", + "markdownDescription": "Provides information about how the field is used during a search.", + "title": "Search" }, - "Protocol": { - "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "Type": { + "markdownDescription": "The data type of the index field.", + "title": "Type", "type": "string" } }, "required": [ - "MulticastIp", - "NetworkName", - "Port", - "Protocol" + "Name", + "Type" ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment": { - "additionalProperties": false, - "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaConnect::Flow": { + "AWS::Kendra::Index.JsonTokenTypeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS Region.", - "title": "AvailabilityZone", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the flow.", - "title": "Name", - "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.Source", - "markdownDescription": "The settings for the source that you want to use for the new flow.", - "title": "Source" - }, - "SourceFailoverConfig": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.FailoverConfig", - "markdownDescription": "The settings for source failover.", - "title": "SourceFailoverConfig" - } - }, - "required": [ - "Name", - "Source" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaConnect::Flow" - ], + "GroupAttributeField": { + "markdownDescription": "The group attribute field.", + "title": "GroupAttributeField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UserNameAttributeField": { + "markdownDescription": "The user name attribute field.", + "title": "UserNameAttributeField", "type": "string" } }, "required": [ - "Type", - "Properties" + "GroupAttributeField", + "UserNameAttributeField" ], "type": "object" }, - "AWS::MediaConnect::Flow.Encryption": { + "AWS::Kendra::Index.JwtTokenTypeConfiguration": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", + "ClaimRegex": { + "markdownDescription": "The regular expression that identifies the claim.", + "title": "ClaimRegex", "type": "string" }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", + "GroupAttributeField": { + "markdownDescription": "The group attribute field.", + "title": "GroupAttributeField", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", + "Issuer": { + "markdownDescription": "The issuer of the token.", + "title": "Issuer", "type": "string" }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", + "KeyLocation": { + "markdownDescription": "The location of the key.", + "title": "KeyLocation", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (arn) of the secret.", + "title": "SecretManagerArn", "type": "string" }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", + "URL": { + "markdownDescription": "The signing key URL.", + "title": "URL", "type": "string" }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", + "UserNameAttributeField": { + "markdownDescription": "The user name attribute field.", + "title": "UserNameAttributeField", "type": "string" } }, "required": [ - "RoleArn" + "KeyLocation" ], "type": "object" }, - "AWS::MediaConnect::Flow.FailoverConfig": { + "AWS::Kendra::Index.Relevance": { "additionalProperties": false, "properties": { - "FailoverMode": { - "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. The string for this property must be entered as MERGE or FAILOVER. No other string entry is valid.", - "title": "FailoverMode", + "Duration": { + "markdownDescription": "Specifies the time period that the boost applies to. For example, to make the boost apply to documents with the field value within the last month, you would use \"2628000s\". Once the field value is beyond the specified range, the effect of the boost drops off. The higher the importance, the faster the effect drops off. If you don't specify a value, the default is 3 months. The value of the field is a numeric string followed by the character \"s\", for example \"86400s\" for one day, or \"604800s\" for one week.\n\nOnly applies to `DATE` fields.", + "title": "Duration", "type": "string" }, - "RecoveryWindow": { - "markdownDescription": "Search window time to look for dash-7 packets.", - "title": "RecoveryWindow", - "type": "number" + "Freshness": { + "markdownDescription": "Indicates that this field determines how \"fresh\" a document is. For example, if document 1 was created on November 5, and document 2 was created on October 31, document 1 is \"fresher\" than document 2. Only applies to `DATE` fields.", + "title": "Freshness", + "type": "boolean" }, - "SourcePriority": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.SourcePriority", - "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", - "title": "SourcePriority" + "Importance": { + "markdownDescription": "The relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers.", + "title": "Importance", + "type": "number" }, - "State": { - "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", - "title": "State", + "RankOrder": { + "markdownDescription": "Determines how values should be interpreted.\n\nWhen the `RankOrder` field is `ASCENDING` , higher numbers are better. For example, a document with a rating score of 10 is higher ranking than a document with a rating score of 1.\n\nWhen the `RankOrder` field is `DESCENDING` , lower numbers are better. For example, in a task tracking application, a priority 1 task is more important than a priority 5 task.\n\nOnly applies to `LONG` fields.", + "title": "RankOrder", "type": "string" + }, + "ValueImportanceItems": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.ValueImportanceItem" + }, + "markdownDescription": "An array of key-value pairs for different boosts when they appear in the search result list. For example, if you want to boost query terms that match the \"department\" field in the result, query terms that match this field are boosted in the result. You can add entries from the department field to boost documents with those values higher.\n\nFor example, you can add entries to the map with names of departments. If you add \"HR\", 5 and \"Legal\",3 those departments are given special attention when they appear in the metadata of a document.", + "title": "ValueImportanceItems", + "type": "array" } }, "type": "object" }, - "AWS::MediaConnect::Flow.GatewayBridgeSource": { + "AWS::Kendra::Index.Search": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", - "type": "string" + "Displayable": { + "markdownDescription": "Determines whether the field is returned in the query response. The default is `true` .", + "title": "Displayable", + "type": "boolean" }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", - "title": "VpcInterfaceAttachment" + "Facetable": { + "markdownDescription": "Indicates that the field can be used to create search facets, a count of results for each value in the field. The default is `false` .", + "title": "Facetable", + "type": "boolean" + }, + "Searchable": { + "markdownDescription": "Determines whether the field is used in the search. If the `Searchable` field is `true` , you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for string fields and `false` for number and date fields.", + "title": "Searchable", + "type": "boolean" + }, + "Sortable": { + "markdownDescription": "Determines whether the field can be used to sort the results of a query. The default is `false` .", + "title": "Sortable", + "type": "boolean" } }, - "required": [ - "BridgeArn" - ], "type": "object" }, - "AWS::MediaConnect::Flow.Source": { + "AWS::Kendra::Index.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "Decryption": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.Encryption", - "markdownDescription": "The type of encryption that is used on the content ingested from this source.", - "title": "Decryption" - }, - "Description": { - "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", - "title": "Description", - "type": "string" - }, - "EntitlementArn": { - "markdownDescription": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow.", - "title": "EntitlementArn", - "type": "string" - }, - "GatewayBridgeSource": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.GatewayBridgeSource", - "markdownDescription": "The source configuration for cloud flows receiving a stream from a bridge.", - "title": "GatewayBridgeSource" - }, - "IngestIp": { - "markdownDescription": "The IP address that the flow will be listening on for incoming content.", - "title": "IngestIp", - "type": "string" - }, - "IngestPort": { - "markdownDescription": "The port that the flow will be listening on for incoming content.", - "title": "IngestPort", - "type": "number" - }, - "MaxBitrate": { - "markdownDescription": "The maximum bitrate for RIST, RTP, and RTP-FEC streams.", - "title": "MaxBitrate", - "type": "number" - }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds for a RIST or Zixi-based source.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the source.", - "title": "Name", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" - }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" - }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The ARN of the source.", - "title": "SourceArn", - "type": "string" - }, - "SourceIngestPort": { - "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", - "title": "SourceIngestPort", - "type": "string" - }, - "SourceListenerAddress": { - "markdownDescription": "Source IP or domain name for SRT-caller protocol.", - "title": "SourceListenerAddress", - "type": "string" - }, - "SourceListenerPort": { - "markdownDescription": "Source port for SRT-caller protocol.", - "title": "SourceListenerPort", - "type": "number" - }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for the transport. This parameter applies only to Zixi-based streams.", - "title": "StreamId", - "type": "string" - }, - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface that is used for this source.", - "title": "VpcInterfaceName", - "type": "string" - }, - "WhitelistCidr": { - "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "WhitelistCidr", + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys.", + "title": "KmsKeyId", "type": "string" } }, "type": "object" }, - "AWS::MediaConnect::Flow.SourcePriority": { + "AWS::Kendra::Index.UserTokenConfiguration": { "additionalProperties": false, "properties": { - "PrimarySource": { - "markdownDescription": "The name of the source you choose as the primary source for this flow.", - "title": "PrimarySource", - "type": "string" + "JsonTokenTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.JsonTokenTypeConfiguration", + "markdownDescription": "Information about the JSON token type configuration.", + "title": "JsonTokenTypeConfiguration" + }, + "JwtTokenTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.JwtTokenTypeConfiguration", + "markdownDescription": "Information about the JWT token type configuration.", + "title": "JwtTokenTypeConfiguration" } }, - "required": [ - "PrimarySource" - ], "type": "object" }, - "AWS::MediaConnect::Flow.VpcInterfaceAttachment": { + "AWS::Kendra::Index.ValueImportanceItem": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "Key": { + "markdownDescription": "The document metadata value used for the search boost.", + "title": "Key", "type": "string" + }, + "Value": { + "markdownDescription": "The boost value for a document when the key is part of the metadata of a document.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::MediaConnect::FlowEntitlement": { + "AWS::KendraRanking::ExecutionPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -155271,56 +162621,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DataTransferSubscriberFeePercent": { - "markdownDescription": "The percentage of the entitlement data transfer fee that you want the subscriber to be responsible for.", - "title": "DataTransferSubscriberFeePercent", - "type": "number" + "CapacityUnits": { + "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration", + "markdownDescription": "You can set additional capacity units to meet the needs of your rescore execution plan. You are given a single capacity unit by default. If you want to use the default capacity, you don't set additional capacity units. For more information on the default capacity and additional capacity units, see [Adjusting capacity](https://docs.aws.amazon.com/kendra/latest/dg/adjusting-capacity.html) .", + "title": "CapacityUnits" }, "Description": { - "markdownDescription": "A description of the entitlement. This description appears only on the MediaConnect console and is not visible outside of the current AWS account.", + "markdownDescription": "A description for the rescore execution plan.", "title": "Description", "type": "string" }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowEntitlement.Encryption", - "markdownDescription": "Information about the encryption of the flow.", - "title": "Encryption" - }, - "EntitlementStatus": { - "markdownDescription": "An indication of whether the new entitlement should be enabled or disabled as soon as it is created. If you don\u2019t specify the entitlementStatus field in your request, MediaConnect sets it to ENABLED.", - "title": "EntitlementStatus", - "type": "string" - }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "FlowArn", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the entitlement. This value must be unique within the current flow.", + "markdownDescription": "A name for the rescore execution plan.", "title": "Name", "type": "string" }, - "Subscribers": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", - "title": "Subscribers", + "markdownDescription": "A list of key-value pairs that identify or categorize your rescore execution plan. You can also use tags to help control access to the rescore execution plan. Tag keys and values can consist of Unicode letters, digits, white space. They can also consist of underscore, period, colon, equal, plus, and asperand.", + "title": "Tags", "type": "array" } }, "required": [ - "Description", - "FlowArn", - "Name", - "Subscribers" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowEntitlement" + "AWS::KendraRanking::ExecutionPlan" ], "type": "string" }, @@ -155339,62 +162671,21 @@ ], "type": "object" }, - "AWS::MediaConnect::FlowEntitlement.Encryption": { + "AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" - }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" + "RescoreCapacityUnits": { + "markdownDescription": "The amount of extra capacity for your rescore execution plan.\n\nA single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units.", + "title": "RescoreCapacityUnits", + "type": "number" } }, "required": [ - "Algorithm", - "RoleArn" + "RescoreCapacityUnits" ], "type": "object" }, - "AWS::MediaConnect::FlowOutput": { + "AWS::Kinesis::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -155429,89 +162720,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "CidrAllowList", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the output. This description appears only on the MediaConnect console and will not be seen by the end user.", - "title": "Description", - "type": "string" - }, - "Destination": { - "markdownDescription": "The IP address where you want to send the output.", - "title": "Destination", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Encryption", - "markdownDescription": "The type of key used for the encryption. If no `keyType` is provided, the service will use the default setting (static-key). Allowable encryption types: static-key.", - "title": "Encryption" - }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow this output is attached to.", - "title": "FlowArn", - "type": "string" - }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the bridge's output.", - "title": "Name", - "type": "string" - }, - "Port": { - "markdownDescription": "The port to use when content is distributed to this output.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol to use for the output.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" - }, - "RemoteId": { - "markdownDescription": "The remote ID for the Zixi-pull stream.", - "title": "RemoteId", - "type": "string" - }, - "SmoothingLatency": { - "markdownDescription": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams.", - "title": "SmoothingLatency", - "type": "number" - }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", - "title": "StreamId", + "ResourceArn": { + "markdownDescription": "This is the name for the resource policy.", + "title": "ResourceArn", "type": "string" }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this output.", - "title": "VpcInterfaceAttachment" + "ResourcePolicy": { + "markdownDescription": "This is the description for the resource policy.", + "title": "ResourcePolicy", + "type": "object" } }, "required": [ - "FlowArn", - "Protocol" + "ResourceArn", + "ResourcePolicy" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowOutput" + "AWS::Kinesis::ResourcePolicy" ], "type": "string" }, @@ -155530,48 +162758,7 @@ ], "type": "object" }, - "AWS::MediaConnect::FlowOutput.Encryption": { - "additionalProperties": false, - "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", - "type": "string" - } - }, - "required": [ - "RoleArn", - "SecretArn" - ], - "type": "object" - }, - "AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment": { - "additionalProperties": false, - "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaConnect::FlowSource": { + "AWS::Kinesis::Stream": { "additionalProperties": false, "properties": { "Condition": { @@ -155606,106 +162793,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Decryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.Encryption", - "markdownDescription": "The type of encryption that is used on the content ingested from this source. Allowable encryption types: static-key.", - "title": "Decryption" - }, - "Description": { - "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", - "title": "Description", - "type": "string" - }, - "EntitlementArn": { - "markdownDescription": "The ARN of the entitlement that allows you to subscribe to this flow. The entitlement is set by the flow originator, and the ARN is generated as part of the originator's flow.", - "title": "EntitlementArn", - "type": "string" - }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", - "title": "FlowArn", - "type": "string" - }, - "GatewayBridgeSource": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.GatewayBridgeSource", - "markdownDescription": "The bridge's source.", - "title": "GatewayBridgeSource" - }, - "IngestPort": { - "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", - "title": "IngestPort", - "type": "number" - }, - "MaxBitrate": { - "markdownDescription": "The smoothing max bitrate (in bps) for RIST, RTP, and RTP-FEC streams.", - "title": "MaxBitrate", - "type": "number" - }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" + "DesiredShardLevelMetrics": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of shard-level metrics in properties to enable enhanced monitoring mode.", + "title": "DesiredShardLevelMetrics", + "type": "array" }, "Name": { - "markdownDescription": "The name of the source.", + "markdownDescription": "The name of the Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "Name", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol that the source uses to deliver the content to MediaConnect. Adding additional sources to an existing flow requires Failover to be enabled. When you enable Failover, the additional source must use the same protocol as the existing source. Only the following protocols support failover: Zixi-push, RTP-FEC, RTP, RIST and SRT protocols.\n\nIf you use failover with SRT caller or listener, the `FailoverMode` property must be set to `FAILOVER` . The `FailoverMode` property\u00a0is found in\u00a0the `FailoverConfig` resource\u00a0of the same flow ARN you used for the source's `FlowArn` property. SRT caller/listener does not support\u00a0merge\u00a0mode failover.", - "title": "Protocol", - "type": "string" - }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", + "RetentionPeriodHours": { + "markdownDescription": "The number of hours for the data records that are stored in shards to remain accessible. The default value is 24. For more information about the stream retention period, see [Changing the Data Retention Period](https://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html) in the Amazon Kinesis Developer Guide.", + "title": "RetentionPeriodHours", "type": "number" }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", - "type": "string" - }, - "SourceListenerAddress": { - "markdownDescription": "Source IP or domain name for SRT-caller protocol.", - "title": "SourceListenerAddress", - "type": "string" - }, - "SourceListenerPort": { - "markdownDescription": "Source port for SRT-caller protocol.", - "title": "SourceListenerPort", + "ShardCount": { + "markdownDescription": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", + "title": "ShardCount", "type": "number" }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", - "title": "StreamId", - "type": "string" + "StreamEncryption": { + "$ref": "#/definitions/AWS::Kinesis::Stream.StreamEncryption", + "markdownDescription": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption.", + "title": "StreamEncryption" }, - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this source.", - "title": "VpcInterfaceName", - "type": "string" + "StreamModeDetails": { + "$ref": "#/definitions/AWS::Kinesis::Stream.StreamModeDetails", + "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", + "title": "StreamModeDetails" }, - "WhitelistCidr": { - "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "WhitelistCidr", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the Kinesis stream. For information about constraints for this property, see [Tag Restrictions](https://docs.aws.amazon.com/streams/latest/dev/tagging.html#tagging-restrictions) in the *Amazon Kinesis Developer Guide* .", + "title": "Tags", + "type": "array" } }, - "required": [ - "Description", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowSource" + "AWS::Kinesis::Stream" ], "type": "string" }, @@ -155719,96 +162853,45 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::MediaConnect::FlowSource.Encryption": { + "AWS::Kinesis::Stream.StreamEncryption": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" - }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", + "EncryptionType": { + "markdownDescription": "The encryption type to use. The only valid value is `KMS` .", + "title": "EncryptionType", "type": "string" }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", + "KeyId": { + "markdownDescription": "The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias `aws/kinesis` .\n\n- Key ARN example: `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`\n- Alias ARN example: `arn:aws:kms:us-east-1:123456789012:alias/MyAliasName`\n- Globally unique key ID example: `12345678-1234-1234-1234-123456789012`\n- Alias name example: `alias/MyAliasName`\n- Master key owned by Kinesis Data Streams: `alias/aws/kinesis`", + "title": "KeyId", "type": "string" } }, "required": [ - "RoleArn" + "EncryptionType", + "KeyId" ], "type": "object" }, - "AWS::MediaConnect::FlowSource.GatewayBridgeSource": { + "AWS::Kinesis::Stream.StreamModeDetails": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", + "StreamMode": { + "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", + "title": "StreamMode", "type": "string" - }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", - "title": "VpcInterfaceAttachment" } }, "required": [ - "BridgeArn" + "StreamMode" ], "type": "object" }, - "AWS::MediaConnect::FlowSource.VpcInterfaceAttachment": { - "additionalProperties": false, - "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaConnect::FlowVpcInterface": { + "AWS::Kinesis::StreamConsumer": { "additionalProperties": false, "properties": { "Condition": { @@ -155843,47 +162926,34 @@ "Properties": { "additionalProperties": false, "properties": { - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "FlowArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the VPC interface. This name must be unique within the flow.", - "title": "Name", + "ConsumerName": { + "markdownDescription": "The name of the consumer is something you choose when you register the consumer.", + "title": "ConsumerName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created when you set up MediaConnect as a trusted service.", - "title": "RoleArn", + "StreamARN": { + "markdownDescription": "The ARN of the stream with which you registered the consumer.", + "title": "StreamARN", "type": "string" }, - "SecurityGroupIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A virtual firewall to control inbound and outbound traffic.", - "title": "SecurityGroupIds", + "markdownDescription": "An array of tags to be added to a specified Kinesis resource. A tag consists of a required key and an optional value. You can specify up to 50 tag key-value pairs.", + "title": "Tags", "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet IDs that you want to use for your VPC interface. A range of IP addresses in your VPC. When you create your VPC, you specify a range of IPv4 addresses for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. This is the primary CIDR block for your VPC. When you create a subnet for your VPC, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. The subnets that you use across all VPC interfaces on the flow must be in the same Availability Zone as the flow.", - "title": "SubnetId", - "type": "string" } }, "required": [ - "FlowArn", - "Name", - "RoleArn", - "SecurityGroupIds", - "SubnetId" + "ConsumerName", + "StreamARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowVpcInterface" + "AWS::Kinesis::StreamConsumer" ], "type": "string" }, @@ -155902,7 +162972,7 @@ ], "type": "object" }, - "AWS::MediaConnect::Gateway": { + "AWS::KinesisAnalytics::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -155937,38 +163007,38 @@ "Properties": { "additionalProperties": false, "properties": { - "EgressCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The range of IP addresses that are allowed to contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "EgressCidrBlocks", - "type": "array" + "ApplicationCode": { + "markdownDescription": "One or more SQL statements that read input data, transform it, and generate output. For example, you can write a SQL statement that reads data from one in-application stream, generates a running average of the number of advertisement clicks by vendor, and insert resulting rows in another in-application stream using pumps. For more information about the typical pattern, see [Application Code](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-app-code.html) .\n\nYou can provide such series of SQL statements, where output of one statement can be used as the input for the next statement. You store intermediate results by creating in-application streams and pumps.\n\nNote that the application code must create the streams with names specified in the `Outputs` . For example, if your `Outputs` defines output streams named `ExampleOutputStream1` and `ExampleOutputStream2` , then your application code must create these streams.", + "title": "ApplicationCode", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the gateway. This name can not be modified after the gateway is created.", - "title": "Name", + "ApplicationDescription": { + "markdownDescription": "Summary description of the application.", + "title": "ApplicationDescription", "type": "string" }, - "Networks": { + "ApplicationName": { + "markdownDescription": "Name of your Amazon Kinesis Analytics application (for example, `sample-app` ).", + "title": "ApplicationName", + "type": "string" + }, + "Inputs": { "items": { - "$ref": "#/definitions/AWS::MediaConnect::Gateway.GatewayNetwork" + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.Input" }, - "markdownDescription": "The list of networks in the gateway.", - "title": "Networks", + "markdownDescription": "Use this parameter to configure the application input.\n\nYou can configure your application to receive input from a single streaming source. In this configuration, you map this streaming source to an in-application stream that is created. Your application code can then query the in-application stream like a table (you can think of it as a constantly updating table).\n\nFor the streaming source, you provide its Amazon Resource Name (ARN) and format of data on the stream (for example, JSON, CSV, etc.). You also must provide an IAM role that Amazon Kinesis Analytics can assume to read this stream on your behalf.\n\nTo create the in-application stream, you need to specify a schema to transform your data into a schematized version used in SQL. In the schema, you provide the necessary mapping of the data elements in the streaming source to record columns in the in-app stream.", + "title": "Inputs", "type": "array" } }, "required": [ - "EgressCidrBlocks", - "Name", - "Networks" + "Inputs" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::Gateway" + "AWS::KinesisAnalytics::Application" ], "type": "string" }, @@ -155987,177 +163057,251 @@ ], "type": "object" }, - "AWS::MediaConnect::Gateway.GatewayNetwork": { + "AWS::KinesisAnalytics::Application.CSVMappingParameters": { "additionalProperties": false, "properties": { - "CidrBlock": { - "markdownDescription": "A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "CidrBlock", + "RecordColumnDelimiter": { + "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "Name": { - "markdownDescription": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway.", - "title": "Name", + "RecordRowDelimiter": { + "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" } }, "required": [ - "CidrBlock", - "Name" + "RecordColumnDelimiter", + "RecordRowDelimiter" ], "type": "object" }, - "AWS::MediaConvert::JobTemplate": { + "AWS::KinesisAnalytics::Application.Input": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InputParallelism": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputParallelism", + "markdownDescription": "Describes the number of in-application streams to create.\n\nData from your source is routed to these in-application input streams.\n\nSee [Configuring Application Input](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-input.html) .", + "title": "InputParallelism" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "InputProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputProcessingConfiguration", + "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputprocessingconfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) .", + "title": "InputProcessingConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", + "title": "InputSchema" }, - "Metadata": { - "type": "object" + "KinesisFirehoseInput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisFirehoseInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis Firehose delivery stream, identifies the delivery stream's ARN and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", + "title": "KinesisFirehoseInput" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccelerationSettings": { - "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.AccelerationSettings", - "markdownDescription": "Accelerated transcoding can significantly speed up jobs with long, visually complex content. Outputs that use this feature incur pro-tier pricing. For information about feature limitations, For more information, see [Job Limitations for Accelerated Transcoding in AWS Elemental MediaConvert](https://docs.aws.amazon.com/mediaconvert/latest/ug/job-requirements.html) in the *AWS Elemental MediaConvert User Guide* .", - "title": "AccelerationSettings" - }, - "Category": { - "markdownDescription": "Optional. A category for the job template you are creating", - "title": "Category", - "type": "string" - }, - "Description": { - "markdownDescription": "Optional. A description of the job template you are creating.", - "title": "Description", - "type": "string" - }, - "HopDestinations": { - "items": { - "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.HopDestination" - }, - "markdownDescription": "Optional. Configuration for a destination queue to which the job can hop once a customer-defined minimum wait time has passed. For more information, see [Setting Up Queue Hopping to Avoid Long Waits](https://docs.aws.amazon.com/mediaconvert/latest/ug/setting-up-queue-hopping-to-avoid-long-waits.html) in the *AWS Elemental MediaConvert User Guide* .", - "title": "HopDestinations", - "type": "array" - }, - "Name": { - "markdownDescription": "Name of the output group", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "Specify the relative priority for this job. In any given queue, the service begins processing the job with the highest value first. When more than one job has the same priority, the service begins processing the job that you submitted first. If you don't specify a priority, the service uses the default value 0. Minimum: -50 Maximum: 50", - "title": "Priority", - "type": "number" - }, - "Queue": { - "markdownDescription": "Optional. The queue that jobs created from this template are assigned to. Specify the Amazon Resource Name (ARN) of the queue. For example, arn:aws:mediaconvert:us-west-2:505474453218:queues/Default. If you don't specify this, jobs will go to the default queue.", - "title": "Queue", - "type": "string" - }, - "SettingsJson": { - "markdownDescription": "Specify, in JSON format, the transcoding job settings for this job template. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert job templates, see [Working with AWS Elemental MediaConvert Job Templates](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-job-templates.html) in the ** .", - "title": "SettingsJson", - "type": "object" - }, - "StatusUpdateInterval": { - "markdownDescription": "Specify how often MediaConvert sends STATUS_UPDATE events to Amazon CloudWatch Events. Set the interval, in seconds, between status updates. MediaConvert sends an update at this interval from the time the service begins processing your job to the time it completes the transcode or encounters an error.\n\nSpecify one of the following enums:\n\nSECONDS_10\n\nSECONDS_12\n\nSECONDS_15\n\nSECONDS_20\n\nSECONDS_30\n\nSECONDS_60\n\nSECONDS_120\n\nSECONDS_180\n\nSECONDS_240\n\nSECONDS_300\n\nSECONDS_360\n\nSECONDS_420\n\nSECONDS_480\n\nSECONDS_540\n\nSECONDS_600", - "title": "StatusUpdateInterval", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - } + "KinesisStreamsInput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisStreamsInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis stream, identifies the stream's Amazon Resource Name (ARN) and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", + "title": "KinesisStreamsInput" + }, + "NamePrefix": { + "markdownDescription": "Name prefix to use when creating an in-application stream. Suppose that you specify a prefix \"MyInApplicationStream.\" Amazon Kinesis Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with names \"MyInApplicationStream_001,\" \"MyInApplicationStream_002,\" and so on.", + "title": "NamePrefix", + "type": "string" + } + }, + "required": [ + "InputSchema", + "NamePrefix" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputLambdaProcessor": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the [AWS Lambda](https://docs.aws.amazon.com/lambda/) function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "The ARN of the IAM role that is used to access the AWS Lambda function.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputParallelism": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "Number of in-application streams to create. For more information, see [Limits](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/limits.html) .", + "title": "Count", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "InputLambdaProcessor": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputLambdaProcessor", + "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) that is used to preprocess the records in the stream before being processed by your application code.", + "title": "InputLambdaProcessor" + } + }, + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputSchema": { + "additionalProperties": false, + "properties": { + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordColumn" }, - "required": [ - "SettingsJson" - ], - "type": "object" + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaConvert::JobTemplate" - ], + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" + } + }, + "required": [ + "RecordColumns", + "RecordFormat" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.JSONMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordRowPath": { + "markdownDescription": "Path to the top-level parent that contains the records.", + "title": "RecordRowPath", "type": "string" } }, "required": [ - "Type", - "Properties" + "RecordRowPath" ], "type": "object" }, - "AWS::MediaConvert::JobTemplate.AccelerationSettings": { + "AWS::KinesisAnalytics::Application.KinesisFirehoseInput": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "Specify the conditions when the service will run your job with accelerated transcoding.", - "title": "Mode", + "ResourceARN": { + "markdownDescription": "ARN of the input delivery stream.", + "title": "ResourceARN", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to make sure that the role has the necessary permissions to access the stream.", + "title": "RoleARN", "type": "string" } }, "required": [ - "Mode" + "ResourceARN", + "RoleARN" ], "type": "object" }, - "AWS::MediaConvert::JobTemplate.HopDestination": { + "AWS::KinesisAnalytics::Application.KinesisStreamsInput": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Optional. When you set up a job to use queue hopping, you can specify a different relative priority for the job in the destination queue. If you don't specify, the relative priority will remain the same as in the previous queue.", - "title": "Priority", - "type": "number" + "ResourceARN": { + "markdownDescription": "ARN of the input Amazon Kinesis stream to read.", + "title": "ResourceARN", + "type": "string" }, - "Queue": { - "markdownDescription": "Optional unless the job is submitted on the default queue. When you set up a job to use queue hopping, you can specify a destination queue. This queue cannot be the original queue to which the job is submitted. If the original queue isn't the default queue and you don't specify the destination queue, the job will move to the default queue.", - "title": "Queue", + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.MappingParameters": { + "additionalProperties": false, + "properties": { + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "WaitMinutes": { - "markdownDescription": "Required for setting up a job to use queue hopping. Minimum wait time in minutes until the job can hop to the destination queue. Valid range is 1 to 4320 minutes, inclusive.", - "title": "WaitMinutes", - "type": "number" + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::MediaConvert::Preset": { + "AWS::KinesisAnalytics::Application.RecordColumn": { + "additionalProperties": false, + "properties": { + "Mapping": { + "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", + "title": "Mapping", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the column created in the in-application input stream or reference table.", + "title": "Name", + "type": "string" + }, + "SqlType": { + "markdownDescription": "Type of column created in the in-application input stream or reference table.", + "title": "SqlType", + "type": "string" + } + }, + "required": [ + "Name", + "SqlType" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.RecordFormat": { + "additionalProperties": false, + "properties": { + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.MappingParameters", + "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" + }, + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", + "type": "string" + } + }, + "required": [ + "RecordFormatType" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput": { "additionalProperties": false, "properties": { "Condition": { @@ -156192,40 +163336,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Category": { - "markdownDescription": "The new category for the preset, if you are changing it.", - "title": "Category", - "type": "string" - }, - "Description": { - "markdownDescription": "The new description for the preset, if you are changing it.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the preset that you are modifying.", - "title": "Name", + "ApplicationName": { + "markdownDescription": "Name of the application to which you want to add the output configuration.", + "title": "ApplicationName", "type": "string" }, - "SettingsJson": { - "markdownDescription": "Specify, in JSON format, the transcoding job settings for this output preset. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert output presets, see [Working with AWS Elemental MediaConvert Output Presets](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-presets.html) in the ** .", - "title": "SettingsJson", - "type": "object" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" + "Output": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.Output", + "markdownDescription": "An array of objects, each describing one output configuration. In the output configuration, you specify the name of an in-application stream, a destination (that is, an Amazon Kinesis stream, an Amazon Kinesis Firehose delivery stream, or an AWS Lambda function), and record the formation to use when writing to the destination.", + "title": "Output" } }, "required": [ - "SettingsJson" + "ApplicationName", + "Output" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConvert::Preset" + "AWS::KinesisAnalytics::ApplicationOutput" ], "type": "string" }, @@ -156244,90 +163374,112 @@ ], "type": "object" }, - "AWS::MediaConvert::Queue": { + "AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema": { "additionalProperties": false, "properties": { - "Condition": { + "RecordFormatType": { + "markdownDescription": "Specifies the format of the records on the output stream.", + "title": "RecordFormatType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "ARN of the destination Amazon Kinesis Firehose delivery stream to write to.", + "title": "ResourceARN", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "ARN of the destination Amazon Kinesis stream to write to.", + "title": "ResourceARN", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", + "type": "string" }, - "Metadata": { - "type": "object" + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination function on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.Output": { + "additionalProperties": false, + "properties": { + "DestinationSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema", + "markdownDescription": "Describes the data format when records are written to the destination. For more information, see [Configuring Application Output](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-output.html) .", + "title": "DestinationSchema" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Optional. A description of the queue that you are creating.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the queue that you are creating.", - "title": "Name", - "type": "string" - }, - "PricingPlan": { - "markdownDescription": "When you use AWS CloudFormation , you can create only on-demand queues. Therefore, always set `PricingPlan` to the value \"ON_DEMAND\" when declaring an AWS::MediaConvert::Queue in your AWS CloudFormation template.\n\nTo create a reserved queue, use the AWS Elemental MediaConvert console at https://console.aws.amazon.com/mediaconvert to set up a contract. For more information, see [Working with AWS Elemental MediaConvert Queues](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-queues.html) in the ** .", - "title": "PricingPlan", - "type": "string" - }, - "Status": { - "markdownDescription": "Initial state of the queue. Queues can be either ACTIVE or PAUSED. If you create a paused queue, then jobs that you send to that queue won't begin.", - "title": "Status", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - } - }, - "type": "object" + "KinesisFirehoseOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput", + "markdownDescription": "Identifies an Amazon Kinesis Firehose delivery stream as the destination.", + "title": "KinesisFirehoseOutput" }, - "Type": { - "enum": [ - "AWS::MediaConvert::Queue" - ], - "type": "string" + "KinesisStreamsOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput", + "markdownDescription": "Identifies an Amazon Kinesis stream as the destination.", + "title": "KinesisStreamsOutput" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LambdaOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput", + "markdownDescription": "Identifies an AWS Lambda function as the destination.", + "title": "LambdaOutput" + }, + "Name": { + "markdownDescription": "Name of the in-application stream.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "DestinationSchema" ], "type": "object" }, - "AWS::MediaLive::Channel": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -156362,78 +163514,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CdiInputSpecification": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CdiInputSpecification", - "markdownDescription": "Specification of CDI inputs for this channel.", - "title": "CdiInputSpecification" - }, - "ChannelClass": { - "markdownDescription": "The class for this channel. For a channel with two pipelines, the class is STANDARD. For a channel with one pipeline, the class is SINGLE_PIPELINE.", - "title": "ChannelClass", - "type": "string" - }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestination" - }, - "markdownDescription": "The settings that identify the destination for the outputs in this MediaLive output package.", - "title": "Destinations", - "type": "array" - }, - "EncoderSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EncoderSettings", - "markdownDescription": "The encoding configuration for the output content.", - "title": "EncoderSettings" - }, - "InputAttachments": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" - }, - "markdownDescription": "The list of input attachments for the channel.", - "title": "InputAttachments", - "type": "array" - }, - "InputSpecification": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputSpecification", - "markdownDescription": "The input specification for this channel. It specifies the key characteristics of the inputs for this channel: the maximum bitrate, the resolution, and the codec.", - "title": "InputSpecification" - }, - "LogLevel": { - "markdownDescription": "The verbosity for logging activity for this channel. Charges for logging (which are generated through Amazon CloudWatch Logging) are higher for higher verbosities.", - "title": "LogLevel", - "type": "string" - }, - "Maintenance": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MaintenanceCreateSettings", - "markdownDescription": "Maintenance settings for this channel.", - "title": "Maintenance" - }, - "Name": { - "markdownDescription": "Name of channel.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role for MediaLive to assume when running this channel. The role is identified by its ARN.", - "title": "RoleArn", + "ApplicationName": { + "markdownDescription": "Name of an existing application.", + "title": "ApplicationName", "type": "string" }, - "Tags": { - "markdownDescription": "A collection of tags for this channel. Each tag is a key-value pair.", - "title": "Tags", - "type": "object" - }, - "Vpc": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VpcOutputSettings", - "markdownDescription": "Settings to enable VPC mode in the channel, so that the endpoints for all outputs are in your VPC.", - "title": "Vpc" + "ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource", + "markdownDescription": "The reference data source can be an object in your Amazon S3 bucket. Amazon Kinesis Analytics reads the object and copies the data into the in-application table that is created. You provide an S3 bucket, object key name, and the resulting in-application table that is created. You must also provide an IAM role with the necessary permissions that Amazon Kinesis Analytics can assume to read the object from your S3 bucket on your behalf.", + "title": "ReferenceDataSource" } }, + "required": [ + "ApplicationName", + "ReferenceDataSource" + ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::Channel" + "AWS::KinesisAnalytics::ApplicationReferenceDataSource" ], "type": "string" }, @@ -156447,4647 +163547,5035 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaLive::Channel.AacSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid values depend on the rate control mode and profile.", - "title": "Bitrate", - "type": "number" - }, - "CodingMode": { - "markdownDescription": "Mono, stereo, or 5.1 channel layout. Valid values depend on the rate control mode and profile. The adReceiverMix setting receives a stereo description plus control track, and emits a mono AAC encode of the description track, with control data emitted in the PES header as per ETSI TS 101 154 Annex E.", - "title": "CodingMode", - "type": "string" - }, - "InputType": { - "markdownDescription": "Set to broadcasterMixedAd when the input contains pre-mixed main audio + AD (narration) as a stereo pair. The Audio Type field (audioType) will be set to 3, which signals to downstream systems that this stream contains broadcaster mixed AD. Note that the input received by the encoder must contain pre-mixed audio; MediaLive does not perform the mixing. The values in audioTypeControl and audioType (in AudioDescription) are ignored when set to broadcasterMixedAd. Leave this set to normal when the input does not contain pre-mixed audio + AD.", - "title": "InputType", - "type": "string" - }, - "Profile": { - "markdownDescription": "The AAC profile.", - "title": "Profile", - "type": "string" - }, - "RateControlMode": { - "markdownDescription": "The rate control mode.", - "title": "RateControlMode", - "type": "string" - }, - "RawFormat": { - "markdownDescription": "Sets the LATM/LOAS AAC output for raw containers.", - "title": "RawFormat", - "type": "string" - }, - "SampleRate": { - "markdownDescription": "The sample rate in Hz. Valid values depend on the rate control mode and profile.", - "title": "SampleRate", - "type": "number" - }, - "Spec": { - "markdownDescription": "Uses MPEG-2 AAC audio instead of MPEG-4 AAC audio for raw or MPEG-2 Transport Stream containers.", - "title": "Spec", + "RecordColumnDelimiter": { + "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "VbrQuality": { - "markdownDescription": "The VBR quality level. This is used only if rateControlMode is VBR.", - "title": "VbrQuality", + "RecordRowDelimiter": { + "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" } }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], "type": "object" }, - "AWS::MediaLive::Channel.Ac3Settings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters": { "additionalProperties": false, "properties": { - "AttenuationControl": { - "markdownDescription": "", - "title": "AttenuationControl", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", - "title": "Bitrate", - "type": "number" - }, - "BitstreamMode": { - "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream. For more information about these values, see ATSC A/52-2012.", - "title": "BitstreamMode", - "type": "string" - }, - "CodingMode": { - "markdownDescription": "The Dolby Digital coding mode. This determines the number of channels.", - "title": "CodingMode", - "type": "string" - }, - "Dialnorm": { - "markdownDescription": "Sets the dialnorm for the output. If excluded and the input audio is Dolby Digital, dialnorm is passed through.", - "title": "Dialnorm", - "type": "number" - }, - "DrcProfile": { - "markdownDescription": "If set to filmStandard, adds dynamic range compression signaling to the output bitstream as defined in the Dolby Digital specification.", - "title": "DrcProfile", - "type": "string" - }, - "LfeFilter": { - "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. This is valid only in codingMode32Lfe mode.", - "title": "LfeFilter", - "type": "string" - }, - "MetadataControl": { - "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is supplied from one of these streams, the static metadata settings are used.", - "title": "MetadataControl", + "RecordRowPath": { + "markdownDescription": "Path to the top-level parent that contains the records.", + "title": "RecordRowPath", "type": "string" } }, + "required": [ + "RecordRowPath" + ], "type": "object" }, - "AWS::MediaLive::Channel.AncillarySourceSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters": { "additionalProperties": false, "properties": { - "SourceAncillaryChannelNumber": { - "markdownDescription": "Specifies the number (1 to 4) of the captions channel you want to extract from the ancillary captions. If you plan to convert the ancillary captions to another format, complete this field. If you plan to choose Embedded as the captions destination in the output (to pass through all the channels in the ancillary captions), leave this field blank because MediaLive ignores the field.", - "title": "SourceAncillaryChannelNumber", - "type": "number" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" + }, + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::MediaLive::Channel.ArchiveCdnSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn": { "additionalProperties": false, "properties": { - "ArchiveS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this Archive output.", - "title": "ArchiveS3Settings" + "Mapping": { + "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", + "title": "Mapping", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the column created in the in-application input stream or reference table.", + "title": "Name", + "type": "string" + }, + "SqlType": { + "markdownDescription": "Type of column created in the in-application input stream or reference table.", + "title": "SqlType", + "type": "string" } }, + "required": [ + "Name", + "SqlType" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveContainerSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat": { "additionalProperties": false, "properties": { - "M2tsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", - "markdownDescription": "The settings for the M2TS in the archive output.", - "title": "M2tsSettings" + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters", + "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "RawSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RawSettings", - "markdownDescription": "The settings for Raw archive output type.", - "title": "RawSettings" + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", + "type": "string" } }, + "required": [ + "RecordFormatType" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveGroupSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource": { "additionalProperties": false, "properties": { - "ArchiveCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveCdnSettings", - "markdownDescription": "Settings to configure the destination of an Archive output.", - "title": "ArchiveCdnSettings" + "ReferenceSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", + "title": "ReferenceSchema" }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "A directory and base file name where archive files should be written.", - "title": "Destination" + "S3ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource", + "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. Also identifies the IAM role Amazon Kinesis Analytics can assume to read this object on your behalf. An Amazon Kinesis Analytics application loads reference data only once. If the data changes, you call the `UpdateApplication` operation to trigger reloading of data into your application.", + "title": "S3ReferenceDataSource" }, - "RolloverInterval": { - "markdownDescription": "The number of seconds to write to an archive file before closing and starting a new one.", - "title": "RolloverInterval", - "type": "number" + "TableName": { + "markdownDescription": "Name of the in-application table to create.", + "title": "TableName", + "type": "string" } }, + "required": [ + "ReferenceSchema" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveOutputSettings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema": { "additionalProperties": false, "properties": { - "ContainerSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveContainerSettings", - "markdownDescription": "The settings that are specific to the container type of the file.", - "title": "ContainerSettings" + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn" + }, + "markdownDescription": "A list of RecordColumn objects.", + "title": "RecordColumns", + "type": "array" }, - "Extension": { - "markdownDescription": "The output file extension. If excluded, this is auto-selected from the container type.", - "title": "Extension", + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the reference source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. The string is required for multiple outputs of the same type.", - "title": "NameModifier", - "type": "string" + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat", + "markdownDescription": "Specifies the format of the records on the reference source.", + "title": "RecordFormat" } }, + "required": [ + "RecordColumns", + "RecordFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveS3Settings": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", + "BucketARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.AribDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.AribSourceSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.AudioChannelMapping": { - "additionalProperties": false, - "properties": { - "InputChannelLevels": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputChannelLevel" - }, - "markdownDescription": "The indices and gain values for each input channel that should be remixed into this output channel.", - "title": "InputChannelLevels", - "type": "array" }, - "OutputChannel": { - "markdownDescription": "The index of the output channel that is being produced.", - "title": "OutputChannel", - "type": "number" + "FileKey": { + "markdownDescription": "Object key name containing reference data.", + "title": "FileKey", + "type": "string" + }, + "ReferenceRoleARN": { + "markdownDescription": "ARN of the IAM role that the service can assume to read data on your behalf. This role must have permission for the `s3:GetObject` action on the object and trust policy that allows Amazon Kinesis Analytics service principal to assume this role.", + "title": "ReferenceRoleARN", + "type": "string" } }, + "required": [ + "BucketARN", + "FileKey", + "ReferenceRoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioCodecSettings": { + "AWS::KinesisAnalyticsV2::Application": { "additionalProperties": false, "properties": { - "AacSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AacSettings", - "markdownDescription": "The setup of the AAC audio codec in the output.", - "title": "AacSettings" + "Condition": { + "type": "string" }, - "Ac3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Ac3Settings", - "markdownDescription": "The setup of an AC3 audio codec in the output.", - "title": "Ac3Settings" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Eac3AtmosSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3AtmosSettings", - "markdownDescription": "", - "title": "Eac3AtmosSettings" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Eac3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3Settings", - "markdownDescription": "The setup of an EAC3 audio codec in the output.", - "title": "Eac3Settings" + "Metadata": { + "type": "object" }, - "Mp2Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mp2Settings", - "markdownDescription": "The setup of an MP2 audio codec in the output.", - "title": "Mp2Settings" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration", + "markdownDescription": "Use this parameter to configure the application.", + "title": "ApplicationConfiguration" + }, + "ApplicationDescription": { + "markdownDescription": "The description of the application.", + "title": "ApplicationDescription", + "type": "string" + }, + "ApplicationMaintenanceConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration", + "markdownDescription": "Specifies the maintenance window parameters for a Kinesis Data Analytics application.", + "title": "ApplicationMaintenanceConfiguration" + }, + "ApplicationMode": { + "markdownDescription": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE` . However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional.", + "title": "ApplicationMode", + "type": "string" + }, + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "RunConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RunConfiguration", + "markdownDescription": "Describes the starting parameters for an Managed Service for Apache Flink application.", + "title": "RunConfiguration" + }, + "RuntimeEnvironment": { + "markdownDescription": "The runtime environment for the application.", + "title": "RuntimeEnvironment", + "type": "string" + }, + "ServiceExecutionRole": { + "markdownDescription": "Specifies the IAM role that the application uses to access external resources.", + "title": "ServiceExecutionRole", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "RuntimeEnvironment", + "ServiceExecutionRole" + ], + "type": "object" }, - "PassThroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.PassThroughSettings", - "markdownDescription": "The setup to pass through the Dolby audio codec to the output.", - "title": "PassThroughSettings" + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::Application" + ], + "type": "string" }, - "WavSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.WavSettings", - "markdownDescription": "Settings for audio encoded with the WAV codec.", - "title": "WavSettings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioDescription": { + "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { "additionalProperties": false, "properties": { - "AudioDashRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "AudioDashRoles", - "type": "array" - }, - "AudioNormalizationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioNormalizationSettings", - "markdownDescription": "The advanced audio normalization settings.", - "title": "AudioNormalizationSettings" - }, - "AudioSelectorName": { - "markdownDescription": "The name of the AudioSelector that is used as the source for this AudioDescription.", - "title": "AudioSelectorName", - "type": "string" - }, - "AudioType": { - "markdownDescription": "Applies only if audioTypeControl is useConfigured. The values for audioType are defined in ISO-IEC 13818-1.", - "title": "AudioType", - "type": "string" + "CodeContent": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CodeContent", + "markdownDescription": "The location and type of the application code.", + "title": "CodeContent" }, - "AudioTypeControl": { - "markdownDescription": "Determines how audio type is determined. followInput: If the input contains an ISO 639 audioType, then that value is passed through to the output. If the input contains no ISO 639 audioType, the value in Audio Type is included in the output. useConfigured: The value in Audio Type is included in the output. Note that this field and audioType are both ignored if inputType is broadcasterMixedAd.", - "title": "AudioTypeControl", + "CodeContentType": { + "markdownDescription": "Specifies whether the code content is in text or zip format.", + "title": "CodeContentType", "type": "string" + } + }, + "required": [ + "CodeContent", + "CodeContentType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration": { + "additionalProperties": false, + "properties": { + "ApplicationCodeConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration", + "markdownDescription": "The code location and type parameters for a Managed Service for Apache Flink application.", + "title": "ApplicationCodeConfiguration" }, - "AudioWatermarkingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioWatermarkSettings", - "markdownDescription": "Settings to configure one or more solutions that insert audio watermarks in the audio encode", - "title": "AudioWatermarkingSettings" - }, - "CodecSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioCodecSettings", - "markdownDescription": "The audio codec settings.", - "title": "CodecSettings" + "ApplicationSnapshotConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration", + "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", + "title": "ApplicationSnapshotConfiguration" }, - "DvbDashAccessibility": { - "markdownDescription": "", - "title": "DvbDashAccessibility", - "type": "string" + "ApplicationSystemRollbackConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSystemRollbackConfiguration", + "markdownDescription": "Describes whether system rollbacks are enabled for a Managed Service for Apache Flink application.", + "title": "ApplicationSystemRollbackConfiguration" }, - "LanguageCode": { - "markdownDescription": "Indicates the language of the audio output track. Used only if languageControlMode is useConfigured, or there is no ISO 639 language code specified in the input.", - "title": "LanguageCode", - "type": "string" + "EnvironmentProperties": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.EnvironmentProperties", + "markdownDescription": "Describes execution properties for a Managed Service for Apache Flink application.", + "title": "EnvironmentProperties" }, - "LanguageCodeControl": { - "markdownDescription": "Choosing followInput causes the ISO 639 language code of the output to follow the ISO 639 language code of the input. The languageCode setting is used when useConfigured is set, or when followInput is selected but there is no ISO 639 language code specified by the input.", - "title": "LanguageCodeControl", - "type": "string" + "FlinkApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration", + "markdownDescription": "The creation and update parameters for a Managed Service for Apache Flink application.", + "title": "FlinkApplicationConfiguration" }, - "Name": { - "markdownDescription": "The name of this AudioDescription. Outputs use this name to uniquely identify this AudioDescription. Description names should be unique within this channel.", - "title": "Name", - "type": "string" + "SqlApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration", + "markdownDescription": "The creation and update parameters for a SQL-based Kinesis Data Analytics application.", + "title": "SqlApplicationConfiguration" }, - "RemixSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RemixSettings", - "markdownDescription": "The settings that control how input audio channels are remixed into the output audio channels.", - "title": "RemixSettings" + "VpcConfigurations": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.VpcConfiguration" + }, + "markdownDescription": "The array of descriptions of VPC configurations available to the application.", + "title": "VpcConfigurations", + "type": "array" }, - "StreamName": { - "markdownDescription": "Used for Microsoft Smooth and Apple HLS outputs. Indicates the name displayed by the player (for example, English or Director Commentary).", - "title": "StreamName", - "type": "string" + "ZeppelinApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration", + "markdownDescription": "The configuration parameters for a Kinesis Data Analytics Studio notebook.", + "title": "ZeppelinApplicationConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioDolbyEDecode": { + "AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration": { "additionalProperties": false, "properties": { - "ProgramSelection": { + "ApplicationMaintenanceWindowStartTime": { "markdownDescription": "", - "title": "ProgramSelection", + "title": "ApplicationMaintenanceWindowStartTime", "type": "string" } }, + "required": [ + "ApplicationMaintenanceWindowStartTime" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioHlsRenditionSelection": { + "AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration": { "additionalProperties": false, "properties": { - "GroupId": { - "markdownDescription": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.", - "title": "GroupId", + "ApplicationRestoreType": { + "markdownDescription": "Specifies how the application should be restored.", + "title": "ApplicationRestoreType", "type": "string" }, - "Name": { - "markdownDescription": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.", - "title": "Name", + "SnapshotName": { + "markdownDescription": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if `RESTORE_FROM_CUSTOM_SNAPSHOT` is specified for the `ApplicationRestoreType` .", + "title": "SnapshotName", "type": "string" } }, + "required": [ + "ApplicationRestoreType" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioLanguageSelection": { + "AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration": { "additionalProperties": false, "properties": { - "LanguageCode": { - "markdownDescription": "Selects a specific three-letter language code from within an audio source.", - "title": "LanguageCode", + "SnapshotsEnabled": { + "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", + "title": "SnapshotsEnabled", + "type": "boolean" + } + }, + "required": [ + "SnapshotsEnabled" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ApplicationSystemRollbackConfiguration": { + "additionalProperties": false, + "properties": { + "RollbackEnabled": { + "markdownDescription": "Describes whether system rollbacks are enabled for a Managed Service for Apache Flink application.", + "title": "RollbackEnabled", + "type": "boolean" + } + }, + "required": [ + "RollbackEnabled" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.CSVMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordColumnDelimiter": { + "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "LanguageSelectionPolicy": { - "markdownDescription": "When set to \"strict,\" the transport stream demux strictly identifies audio streams by their language descriptor. If a PMT update occurs such that an audio stream matching the initially selected language is no longer present, then mute is encoded until the language returns. If set to \"loose,\" then on a PMT update the demux chooses another audio stream in the program with the same stream type if it can't find one with the same language.", - "title": "LanguageSelectionPolicy", + "RecordRowDelimiter": { + "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" } }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioNormalizationSettings": { + "AWS::KinesisAnalyticsV2::Application.CatalogConfiguration": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The audio normalization algorithm to use. itu17701 conforms to the CALM Act specification. itu17702 conforms to the EBU R-128 specification.", - "title": "Algorithm", - "type": "string" + "GlueDataCatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration", + "markdownDescription": "The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook.", + "title": "GlueDataCatalogConfiguration" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration": { + "additionalProperties": false, + "properties": { + "CheckpointInterval": { + "markdownDescription": "Describes the interval in milliseconds between checkpoint operations.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointInterval` value of 60000, even if this value is set to another value using this API or in application code.", + "title": "CheckpointInterval", + "type": "number" }, - "AlgorithmControl": { - "markdownDescription": "When set to correctAudio, the output audio is corrected using the chosen algorithm. If set to measureOnly, the audio is measured but not adjusted.", - "title": "AlgorithmControl", + "CheckpointingEnabled": { + "markdownDescription": "Describes whether checkpointing is enabled for a Managed Service for Apache Flink application.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointingEnabled` value of `true` , even if this value is set to another value using this API or in application code.", + "title": "CheckpointingEnabled", + "type": "boolean" + }, + "ConfigurationType": { + "markdownDescription": "Describes whether the application uses Managed Service for Apache Flink' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled` , `CheckpointInterval` , or `MinPauseBetweenCheckpoints` parameters.\n\n> If this value is set to `DEFAULT` , the application will use the following values, even if they are set to other values using APIs or application code:\n> \n> - *CheckpointingEnabled:* true\n> - *CheckpointInterval:* 60000\n> - *MinPauseBetweenCheckpoints:* 5000", + "title": "ConfigurationType", "type": "string" }, - "TargetLkfs": { - "markdownDescription": "The Target LKFS(loudness) to adjust volume to. If no value is entered, a default value is used according to the chosen algorithm. The CALM Act (1770-1) recommends a target of -24 LKFS. The EBU R-128 specification (1770-2) recommends a target of -23 LKFS.", - "title": "TargetLkfs", + "MinPauseBetweenCheckpoints": { + "markdownDescription": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the `CheckpointInterval` , the application otherwise performs continual checkpoint operations. For more information, see [Tuning Checkpointing](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/large_state_tuning/#tuning-checkpointing) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `MinPauseBetweenCheckpoints` value of 5000, even if this value is set using this API or in application code.", + "title": "MinPauseBetweenCheckpoints", "type": "number" } }, + "required": [ + "ConfigurationType" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioOnlyHlsSettings": { + "AWS::KinesisAnalyticsV2::Application.CodeContent": { "additionalProperties": false, "properties": { - "AudioGroupId": { - "markdownDescription": "Specifies the group that the audio rendition belongs to.", - "title": "AudioGroupId", - "type": "string" - }, - "AudioOnlyImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "Used with an audio-only stream. It must be a .jpg or .png file. If given, this image is used as the cover art for the audio-only output. Ideally, it should be formatted for an iPhone screen for two reasons. The iPhone does not resize the image; instead, it crops a centered image on the top/bottom and left/right. Additionally, this image file gets saved bit-for-bit into every 10-second segment file, so it increases bandwidth by {image file size} * {segment count} * {user count.}.", - "title": "AudioOnlyImage" + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", + "markdownDescription": "Information about the Amazon S3 bucket that contains the application code.", + "title": "S3ContentLocation" }, - "AudioTrackType": { - "markdownDescription": "Four types of audio-only tracks are supported: Audio-Only Variant Stream The client can play back this audio-only stream instead of video in low-bandwidth scenarios. Represented as an EXT-X-STREAM-INF in the HLS manifest. Alternate Audio, Auto Select, Default Alternate rendition that the client should try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=YES, AUTOSELECT=YES Alternate Audio, Auto Select, Not Default Alternate rendition that the client might try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=YES Alternate Audio, not Auto Select Alternate rendition that the client will not try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=NO.", - "title": "AudioTrackType", + "TextContent": { + "markdownDescription": "The text-format code for a Managed Service for Apache Flink application.", + "title": "TextContent", "type": "string" }, - "SegmentType": { - "markdownDescription": "Specifies the segment type.", - "title": "SegmentType", + "ZipFileContent": { + "markdownDescription": "The zip-format code for a Managed Service for Apache Flink application.", + "title": "ZipFileContent", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioPidSelection": { + "AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration": { "additionalProperties": false, "properties": { - "Pid": { - "markdownDescription": "Select the audio by this PID.", - "title": "Pid", - "type": "number" + "ArtifactType": { + "markdownDescription": "Set this to either `UDF` or `DEPENDENCY_JAR` . `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket.", + "title": "ArtifactType", + "type": "string" + }, + "MavenReference": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MavenReference", + "markdownDescription": "The parameters required to fully specify a Maven reference.", + "title": "MavenReference" + }, + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", + "markdownDescription": "The location of the custom artifacts.", + "title": "S3ContentLocation" } }, + "required": [ + "ArtifactType" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioSelector": { + "AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A name for this AudioSelector.", - "title": "Name", - "type": "string" - }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelectorSettings", - "markdownDescription": "Information about the specific audio to extract from the input.", - "title": "SelectorSettings" + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation", + "markdownDescription": "The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data.", + "title": "S3ContentLocation" } }, + "required": [ + "S3ContentLocation" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioSelectorSettings": { + "AWS::KinesisAnalyticsV2::Application.EnvironmentProperties": { "additionalProperties": false, "properties": { - "AudioHlsRenditionSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioHlsRenditionSelection", - "markdownDescription": "Selector for HLS audio rendition.", - "title": "AudioHlsRenditionSelection" - }, - "AudioLanguageSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioLanguageSelection", - "markdownDescription": "The language code of the audio to select.", - "title": "AudioLanguageSelection" + "PropertyGroups": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.PropertyGroup" + }, + "markdownDescription": "Describes the execution property groups.", + "title": "PropertyGroups", + "type": "array" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration": { + "additionalProperties": false, + "properties": { + "CheckpointConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration", + "markdownDescription": "Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/concepts/programming-model.html#checkpoints-for-fault-tolerance) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) .", + "title": "CheckpointConfiguration" }, - "AudioPidSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioPidSelection", - "markdownDescription": "The PID of the audio to select.", - "title": "AudioPidSelection" + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration", + "markdownDescription": "Describes configuration parameters for Amazon CloudWatch logging for an application.", + "title": "MonitoringConfiguration" }, - "AudioTrackSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrackSelection", - "markdownDescription": "Information about the audio track to extract.", - "title": "AudioTrackSelection" + "ParallelismConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration", + "markdownDescription": "Describes parameters for how an application executes multiple tasks simultaneously.", + "title": "ParallelismConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioSilenceFailoverSettings": { + "AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration": { "additionalProperties": false, "properties": { - "AudioSelectorName": { - "markdownDescription": "The name of the audio selector in the input that MediaLive should monitor to detect silence. Select your most important rendition. If you didn't create an audio selector in this input, leave blank.", - "title": "AudioSelectorName", - "type": "string" - }, - "AudioSilenceThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that the active input must be silent before automatic input failover occurs. Silence is defined as audio loss or audio quieter than -50 dBFS.", - "title": "AudioSilenceThresholdMsec", - "type": "number" + "AllowNonRestoredState": { + "markdownDescription": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. This will happen if the program is updated between snapshots to remove stateful parameters, and state data in the snapshot no longer corresponds to valid application data. For more information, see [Allowing Non-Restored State](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/savepoints/#allowing-non-restored-state) in the [Apache Flink documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> This value defaults to `false` . If you update your application without specifying this parameter, `AllowNonRestoredState` will be set to `false` , even if it was previously set to `true` .", + "title": "AllowNonRestoredState", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioTrack": { + "AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration": { "additionalProperties": false, "properties": { - "Track": { - "markdownDescription": "1-based integer value that maps to a specific audio track", - "title": "Track", - "type": "number" + "DatabaseARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database.", + "title": "DatabaseARN", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioTrackSelection": { + "AWS::KinesisAnalyticsV2::Application.Input": { "additionalProperties": false, "properties": { - "DolbyEDecode": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDolbyEDecode", - "markdownDescription": "", - "title": "DolbyEDecode" + "InputParallelism": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputParallelism", + "markdownDescription": "Describes the number of in-application streams to create.", + "title": "InputParallelism" }, - "Tracks": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrack" - }, - "markdownDescription": "Selects one or more unique audio tracks from within a source.", - "title": "Tracks", - "type": "array" + "InputProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration", + "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputProcessingConfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) .", + "title": "InputProcessingConfiguration" + }, + "InputSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", + "title": "InputSchema" + }, + "KinesisFirehoseInput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN.", + "title": "KinesisFirehoseInput" + }, + "KinesisStreamsInput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN).", + "title": "KinesisStreamsInput" + }, + "NamePrefix": { + "markdownDescription": "The name prefix to use when creating an in-application stream. Suppose that you specify a prefix \" `MyInApplicationStream` .\" Kinesis Data Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with the names \" `MyInApplicationStream_001` ,\" \" `MyInApplicationStream_002` ,\" and so on.", + "title": "NamePrefix", + "type": "string" } }, + "required": [ + "InputSchema", + "NamePrefix" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioWatermarkSettings": { + "AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor": { "additionalProperties": false, "properties": { - "NielsenWatermarksSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenWatermarksSettings", - "markdownDescription": "Settings to configure Nielsen Watermarks in the audio encode", - "title": "NielsenWatermarksSettings" + "ResourceARN": { + "markdownDescription": "The ARN of the Amazon Lambda function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", + "type": "string" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.AutomaticInputFailoverSettings": { + "AWS::KinesisAnalyticsV2::Application.InputParallelism": { "additionalProperties": false, "properties": { - "ErrorClearTimeMsec": { - "markdownDescription": "This clear time defines the requirement a recovered input must meet to be considered healthy. The input must have no failover conditions for this length of time. Enter a time in milliseconds. This value is particularly important if the input_preference for the failover pair is set to PRIMARY_INPUT_PREFERRED, because after this time, MediaLive will switch back to the primary input.", - "title": "ErrorClearTimeMsec", + "Count": { + "markdownDescription": "The number of in-application streams to create.", + "title": "Count", "type": "number" - }, - "FailoverConditions": { + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "InputLambdaProcessor": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor", + "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) that is used to preprocess the records in the stream before being processed by your application code.", + "title": "InputLambdaProcessor" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.InputSchema": { + "additionalProperties": false, + "properties": { + "RecordColumns": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverCondition" + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordColumn" }, - "markdownDescription": "A list of failover conditions. If any of these conditions occur, MediaLive will perform a failover to the other input.", - "title": "FailoverConditions", + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", "type": "array" }, - "InputPreference": { - "markdownDescription": "Input preference when deciding which input to make active when a previously failed input has recovered.", - "title": "InputPreference", + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "SecondaryInputId": { - "markdownDescription": "The input ID of the secondary input in the automatic input failover pair.", - "title": "SecondaryInputId", + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" + } + }, + "required": [ + "RecordColumns", + "RecordFormat" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.JSONMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordRowPath": { + "markdownDescription": "The path to the top-level parent that contains the records.", + "title": "RecordRowPath", "type": "string" } }, + "required": [ + "RecordRowPath" + ], "type": "object" }, - "AWS::MediaLive::Channel.AvailBlanking": { + "AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput": { "additionalProperties": false, "properties": { - "AvailBlankingImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The blanking image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", - "title": "AvailBlankingImage" - }, - "State": { - "markdownDescription": "When set to enabled, the video, audio, and captions are blanked when insertion metadata is added.", - "title": "State", + "ResourceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", + "title": "ResourceARN", "type": "string" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.AvailConfiguration": { + "AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput": { "additionalProperties": false, "properties": { - "AvailSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailSettings", - "markdownDescription": "The setup of ad avail handling in the output.", - "title": "AvailSettings" + "ResourceARN": { + "markdownDescription": "The ARN of the input Kinesis data stream to read.", + "title": "ResourceARN", + "type": "string" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.AvailSettings": { + "AWS::KinesisAnalyticsV2::Application.MappingParameters": { "additionalProperties": false, "properties": { - "Esam": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Esam", - "markdownDescription": "", - "title": "Esam" - }, - "Scte35SpliceInsert": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35SpliceInsert", - "markdownDescription": "The setup for SCTE-35 splice insert handling.", - "title": "Scte35SpliceInsert" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "Scte35TimeSignalApos": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35TimeSignalApos", - "markdownDescription": "The setup for SCTE-35 time signal APOS handling.", - "title": "Scte35TimeSignalApos" + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::MediaLive::Channel.BlackoutSlate": { + "AWS::KinesisAnalyticsV2::Application.MavenReference": { "additionalProperties": false, "properties": { - "BlackoutSlateImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The blackout slate image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", - "title": "BlackoutSlateImage" - }, - "NetworkEndBlackout": { - "markdownDescription": "Setting to enabled causes MediaLive to blackout the video, audio, and captions, and raise the \"Network Blackout Image\" slate when an SCTE104/35 Network End Segmentation Descriptor is encountered. The blackout is lifted when the Network Start Segmentation Descriptor is encountered. The Network End and Network Start descriptors must contain a network ID that matches the value entered in Network ID.", - "title": "NetworkEndBlackout", + "ArtifactId": { + "markdownDescription": "The artifact ID of the Maven reference.", + "title": "ArtifactId", "type": "string" }, - "NetworkEndBlackoutImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The path to the local file to use as the Network End Blackout image. The image is scaled to fill the entire output raster.", - "title": "NetworkEndBlackoutImage" - }, - "NetworkId": { - "markdownDescription": "Provides a Network ID that matches EIDR ID format (for example, \"10.XXXX/XXXX-XXXX-XXXX-XXXX-XXXX-C\").", - "title": "NetworkId", + "GroupId": { + "markdownDescription": "The group ID of the Maven reference.", + "title": "GroupId", "type": "string" }, - "State": { - "markdownDescription": "When set to enabled, this causes video, audio, and captions to be blanked when indicated by program metadata.", - "title": "State", + "Version": { + "markdownDescription": "The version of the Maven reference.", + "title": "Version", "type": "string" } }, + "required": [ + "ArtifactId", + "GroupId", + "Version" + ], "type": "object" }, - "AWS::MediaLive::Channel.BurnInDestinationSettings": { + "AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "If no explicit xPosition or yPosition is provided, setting alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. All burn-in and DVB-Sub font settings must match.", - "title": "Alignment", + "ConfigurationType": { + "markdownDescription": "Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to `CUSTOM` in order to set the `LogLevel` or `MetricsLevel` parameters.", + "title": "ConfigurationType", "type": "string" }, - "BackgroundColor": { - "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundColor", + "LogLevel": { + "markdownDescription": "Describes the verbosity of the CloudWatch Logs for an application.", + "title": "LogLevel", "type": "string" }, - "BackgroundOpacity": { - "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundOpacity", - "type": "number" - }, - "Font": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", - "title": "Font" + "MetricsLevel": { + "markdownDescription": "Describes the granularity of the CloudWatch Logs for an application. The `Parallelism` level is not recommended for applications with a Parallelism over 64 due to excessive costs.", + "title": "MetricsLevel", + "type": "string" + } + }, + "required": [ + "ConfigurationType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration": { + "additionalProperties": false, + "properties": { + "AutoScalingEnabled": { + "markdownDescription": "Describes whether the Managed Service for Apache Flink service can increase the parallelism of the application in response to increased throughput.", + "title": "AutoScalingEnabled", + "type": "boolean" }, - "FontColor": { - "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "FontColor", + "ConfigurationType": { + "markdownDescription": "Describes whether the application uses the default parallelism for the Managed Service for Apache Flink service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled` , `Parallelism` , or `ParallelismPerKPU` properties.", + "title": "ConfigurationType", "type": "string" }, - "FontOpacity": { - "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", - "title": "FontOpacity", + "Parallelism": { + "markdownDescription": "Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if [ParallelismConfiguration:AutoScalingEnabled](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_ParallelismConfiguration.html#kinesisanalytics-Type-ParallelismConfiguration-AutoScalingEnabled.html) is set to `true` .", + "title": "Parallelism", "type": "number" }, - "FontResolution": { - "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", - "title": "FontResolution", - "type": "number" - }, - "FontSize": { - "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", - "title": "FontSize", - "type": "string" - }, - "OutlineColor": { - "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineColor", - "type": "string" - }, - "OutlineSize": { - "markdownDescription": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineSize", - "type": "number" - }, - "ShadowColor": { - "markdownDescription": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowColor", - "type": "string" - }, - "ShadowOpacity": { - "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "ShadowOpacity", - "type": "number" - }, - "ShadowXOffset": { - "markdownDescription": "Specifies the horizontal offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowXOffset", - "type": "number" - }, - "ShadowYOffset": { - "markdownDescription": "Specifies the vertical offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowYOffset", - "type": "number" - }, - "TeletextGridControl": { - "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies only to Teletext inputs and DVB-Sub/Burn-in outputs.", - "title": "TeletextGridControl", - "type": "string" - }, - "XPosition": { - "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. All burn-in and DVB-Sub font settings must match.", - "title": "XPosition", - "type": "number" - }, - "YPosition": { - "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. All burn-in and DVB-Sub font settings must match.", - "title": "YPosition", + "ParallelismPerKPU": { + "markdownDescription": "Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see [Amazon Kinesis Data Analytics Pricing](https://docs.aws.amazon.com/kinesis/data-analytics/pricing/) .", + "title": "ParallelismPerKPU", "type": "number" } }, + "required": [ + "ConfigurationType" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionDescription": { + "AWS::KinesisAnalyticsV2::Application.PropertyGroup": { "additionalProperties": false, "properties": { - "Accessibility": { - "markdownDescription": "", - "title": "Accessibility", + "PropertyGroupId": { + "markdownDescription": "Describes the key of an application execution property key-value pair.", + "title": "PropertyGroupId", "type": "string" }, - "CaptionDashRoles": { - "items": { - "type": "string" + "PropertyMap": { + "additionalProperties": true, + "markdownDescription": "Describes the value of an application execution property key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "", - "title": "CaptionDashRoles", - "type": "array" - }, - "CaptionSelectorName": { - "markdownDescription": "Specifies which input captions selector to use as a captions source when generating output captions. This field should match a captionSelector name.", - "title": "CaptionSelectorName", - "type": "string" - }, - "DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDestinationSettings", - "markdownDescription": "Additional settings for a captions destination that depend on the destination type.", - "title": "DestinationSettings" - }, - "DvbDashAccessibility": { - "markdownDescription": "", - "title": "DvbDashAccessibility", + "title": "PropertyMap", + "type": "object" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.RecordColumn": { + "additionalProperties": false, + "properties": { + "Mapping": { + "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", + "title": "Mapping", "type": "string" }, - "LanguageCode": { - "markdownDescription": "An ISO 639-2 three-digit code. For more information, see http://www.loc.gov/standards/iso639-2/.", - "title": "LanguageCode", + "Name": { + "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", + "title": "Name", "type": "string" }, - "LanguageDescription": { - "markdownDescription": "Human-readable information to indicate the captions that are available for players (for example, English or Spanish).", - "title": "LanguageDescription", + "SqlType": { + "markdownDescription": "The type of column created in the in-application input stream or reference table.", + "title": "SqlType", "type": "string" + } + }, + "required": [ + "Name", + "SqlType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.RecordFormat": { + "additionalProperties": false, + "properties": { + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MappingParameters", + "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "Name": { - "markdownDescription": "The name of the captions description. The name is used to associate a captions description with an output. Names must be unique within a channel.", - "title": "Name", + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" } }, + "required": [ + "RecordFormatType" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionDestinationSettings": { + "AWS::KinesisAnalyticsV2::Application.RunConfiguration": { "additionalProperties": false, "properties": { - "AribDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AribDestinationSettings", - "markdownDescription": "The configuration of one ARIB captions encode in the output.", - "title": "AribDestinationSettings" - }, - "BurnInDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.BurnInDestinationSettings", - "markdownDescription": "The configuration of one burn-in captions encode in the output.", - "title": "BurnInDestinationSettings" - }, - "DvbSubDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubDestinationSettings", - "markdownDescription": "The configuration of one DVB Sub captions encode in the output.", - "title": "DvbSubDestinationSettings" - }, - "EbuTtDDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EbuTtDDestinationSettings", - "markdownDescription": "Settings for EBU-TT captions in the output.", - "title": "EbuTtDDestinationSettings" - }, - "EmbeddedDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedDestinationSettings", - "markdownDescription": "The configuration of one embedded captions encode in the output.", - "title": "EmbeddedDestinationSettings" - }, - "EmbeddedPlusScte20DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings", - "markdownDescription": "The configuration of one embedded plus SCTE-20 captions encode in the output.", - "title": "EmbeddedPlusScte20DestinationSettings" - }, - "RtmpCaptionInfoDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings", - "markdownDescription": "The configuration of one RTMPCaptionInfo captions encode in the output.", - "title": "RtmpCaptionInfoDestinationSettings" - }, - "Scte20PlusEmbeddedDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings", - "markdownDescription": "The configuration of one SCTE20 plus embedded captions encode in the output.", - "title": "Scte20PlusEmbeddedDestinationSettings" - }, - "Scte27DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27DestinationSettings", - "markdownDescription": "The configuration of one SCTE-27 captions encode in the output.", - "title": "Scte27DestinationSettings" - }, - "SmpteTtDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.SmpteTtDestinationSettings", - "markdownDescription": "The configuration of one SMPTE-TT captions encode in the output.", - "title": "SmpteTtDestinationSettings" - }, - "TeletextDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextDestinationSettings", - "markdownDescription": "The configuration of one Teletext captions encode in the output.", - "title": "TeletextDestinationSettings" - }, - "TtmlDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TtmlDestinationSettings", - "markdownDescription": "The configuration of one TTML captions encode in the output.", - "title": "TtmlDestinationSettings" + "ApplicationRestoreConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration", + "markdownDescription": "Describes the restore behavior of a restarting application.", + "title": "ApplicationRestoreConfiguration" }, - "WebvttDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.WebvttDestinationSettings", - "markdownDescription": "The configuration of one WebVTT captions encode in the output.", - "title": "WebvttDestinationSettings" + "FlinkRunConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration", + "markdownDescription": "Describes the starting parameters for a Managed Service for Apache Flink application.", + "title": "FlinkRunConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.CaptionLanguageMapping": { + "AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation": { "additionalProperties": false, "properties": { - "CaptionChannel": { - "markdownDescription": "The closed caption channel being described by this CaptionLanguageMapping. Each channel mapping must have a unique channel number (maximum of 4).", - "title": "CaptionChannel", - "type": "number" - }, - "LanguageCode": { - "markdownDescription": "A three-character ISO 639-2 language code (see http://www.loc.gov/standards/iso639-2).", - "title": "LanguageCode", + "BasePath": { + "markdownDescription": "The base path for the S3 bucket.", + "title": "BasePath", "type": "string" }, - "LanguageDescription": { - "markdownDescription": "The textual description of language.", - "title": "LanguageDescription", + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", "type": "string" } }, + "required": [ + "BucketARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionRectangle": { + "AWS::KinesisAnalyticsV2::Application.S3ContentLocation": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "See the description in leftOffset.\n\nFor height, specify the entire height of the rectangle as a percentage of the underlying frame height. For example, \\\"80\\\" means the rectangle height is 80% of the underlying frame height. The topOffset and rectangleHeight must add up to 100% or less. This field corresponds to tts:extent - Y in the TTML standard.", - "title": "Height", - "type": "number" - }, - "LeftOffset": { - "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. (Make sure to leave the default if you don't have either of these formats in the output.) You can define a display rectangle for the captions that is smaller than the underlying video frame. You define the rectangle by specifying the position of the left edge, top edge, bottom edge, and right edge of the rectangle, all within the underlying video frame. The units for the measurements are percentages. If you specify a value for one of these fields, you must specify a value for all of them.\n\nFor leftOffset, specify the position of the left edge of the rectangle, as a percentage of the underlying frame width, and relative to the left edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame width. The rectangle left edge starts at that position from the left edge of the frame. This field corresponds to tts:origin - X in the TTML standard.", - "title": "LeftOffset", - "type": "number" + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) for the S3 bucket containing the application code.", + "title": "BucketARN", + "type": "string" }, - "TopOffset": { - "markdownDescription": "See the description in leftOffset.\n\nFor topOffset, specify the position of the top edge of the rectangle, as a percentage of the underlying frame height, and relative to the top edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame height. The rectangle top edge starts at that position from the top edge of the frame. This field corresponds to tts:origin - Y in the TTML standard.", - "title": "TopOffset", - "type": "number" + "FileKey": { + "markdownDescription": "The file key for the object containing the application code.", + "title": "FileKey", + "type": "string" }, - "Width": { - "markdownDescription": "See the description in leftOffset.\n\nFor width, specify the entire width of the rectangle as a percentage of the underlying frame width. For example, \\\"80\\\" means the rectangle width is 80% of the underlying frame width. The leftOffset and rectangleWidth must add up to 100% or less. This field corresponds to tts:extent - X in the TTML standard.", - "title": "Width", - "type": "number" + "ObjectVersion": { + "markdownDescription": "The version of the object containing the application code.", + "title": "ObjectVersion", + "type": "string" } }, + "required": [ + "BucketARN", + "FileKey" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionSelector": { + "AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration": { "additionalProperties": false, "properties": { - "LanguageCode": { - "markdownDescription": "When specified, this field indicates the three-letter language code of the captions track to extract from the source.", - "title": "LanguageCode", - "type": "string" - }, - "Name": { - "markdownDescription": "The name identifier for a captions selector. This name is used to associate this captions selector with one or more captions descriptions. Names must be unique within a channel.", - "title": "Name", - "type": "string" - }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelectorSettings", - "markdownDescription": "Information about the specific audio to extract from the input.", - "title": "SelectorSettings" + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.Input" + }, + "markdownDescription": "The array of [Input](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_Input.html) objects describing the input streams used by the application.", + "title": "Inputs", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.CaptionSelectorSettings": { + "AWS::KinesisAnalyticsV2::Application.VpcConfiguration": { "additionalProperties": false, "properties": { - "AncillarySourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AncillarySourceSettings", - "markdownDescription": "Information about the ancillary captions to extract from the input.", - "title": "AncillarySourceSettings" - }, - "AribSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AribSourceSettings", - "markdownDescription": "Information about the ARIB captions to extract from the input.", - "title": "AribSourceSettings" - }, - "DvbSubSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubSourceSettings", - "markdownDescription": "Information about the DVB Sub captions to extract from the input.", - "title": "DvbSubSourceSettings" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of [SecurityGroup](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SecurityGroup.html) IDs used by the VPC configuration.", + "title": "SecurityGroupIds", + "type": "array" }, - "EmbeddedSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedSourceSettings", - "markdownDescription": "Information about the embedded captions to extract from the input.", - "title": "EmbeddedSourceSettings" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of [Subnet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Subnet.html) IDs used by the VPC configuration.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration": { + "additionalProperties": false, + "properties": { + "CatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CatalogConfiguration", + "markdownDescription": "The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook.", + "title": "CatalogConfiguration" }, - "Scte20SourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20SourceSettings", - "markdownDescription": "Information about the SCTE-20 captions to extract from the input.", - "title": "Scte20SourceSettings" + "CustomArtifactsConfiguration": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration" + }, + "markdownDescription": "A list of `CustomArtifactConfiguration` objects.", + "title": "CustomArtifactsConfiguration", + "type": "array" }, - "Scte27SourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27SourceSettings", - "markdownDescription": "Information about the SCTE-27 captions to extract from the input.", - "title": "Scte27SourceSettings" + "DeployAsApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration", + "markdownDescription": "The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state.", + "title": "DeployAsApplicationConfiguration" }, - "TeletextSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextSourceSettings", - "markdownDescription": "Information about the Teletext captions to extract from the input.", - "title": "TeletextSourceSettings" + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration", + "markdownDescription": "The monitoring configuration of a Kinesis Data Analytics Studio notebook.", + "title": "MonitoringConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.CdiInputSpecification": { + "AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration": { "additionalProperties": false, "properties": { - "Resolution": { - "markdownDescription": "Maximum CDI input resolution", - "title": "Resolution", + "LogLevel": { + "markdownDescription": "The verbosity of the CloudWatch Logs for an application. You can set it to `INFO` , `WARN` , `ERROR` , or `DEBUG` .", + "title": "LogLevel", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.CmafIngestGroupSettings": { + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "", - "title": "Destination" - }, - "NielsenId3Behavior": { - "markdownDescription": "", - "title": "NielsenId3Behavior", + "Condition": { "type": "string" }, - "Scte35Type": { - "markdownDescription": "", - "title": "Scte35Type", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SegmentLength": { - "markdownDescription": "", - "title": "SegmentLength", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SegmentLengthUnits": { - "markdownDescription": "", - "title": "SegmentLengthUnits", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "CloudWatchLoggingOption": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption", + "markdownDescription": "Provides a description of Amazon CloudWatch logging options, including the log stream Amazon Resource Name (ARN).", + "title": "CloudWatchLoggingOption" + } + }, + "required": [ + "ApplicationName", + "CloudWatchLoggingOption" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption" + ], "type": "string" }, - "SendDelayMs": { - "markdownDescription": "", - "title": "SendDelayMs", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.CmafIngestOutputSettings": { + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption": { "additionalProperties": false, "properties": { - "NameModifier": { - "markdownDescription": "", - "title": "NameModifier", + "LogStreamARN": { + "markdownDescription": "The ARN of the CloudWatch log to receive application messages.", + "title": "LogStreamARN", "type": "string" } }, + "required": [ + "LogStreamARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.ColorCorrection": { + "AWS::KinesisAnalyticsV2::ApplicationOutput": { "additionalProperties": false, "properties": { - "InputColorSpace": { - "markdownDescription": "", - "title": "InputColorSpace", + "Condition": { "type": "string" }, - "OutputColorSpace": { - "markdownDescription": "", - "title": "OutputColorSpace", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Uri": { - "markdownDescription": "", - "title": "Uri", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "Output": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.Output", + "markdownDescription": "Describes a SQL-based Kinesis Data Analytics application's output configuration, in which you identify an in-application stream and a destination where you want the in-application stream data to be written. The destination can be a Kinesis data stream or a Kinesis Data Firehose delivery stream.", + "title": "Output" + } + }, + "required": [ + "ApplicationName", + "Output" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::ApplicationOutput" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.ColorCorrectionSettings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema": { "additionalProperties": false, "properties": { - "GlobalColorCorrections": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrection" - }, - "markdownDescription": "", - "title": "GlobalColorCorrections", - "type": "array" + "RecordFormatType": { + "markdownDescription": "Specifies the format of the records on the output stream.", + "title": "RecordFormatType", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.ColorSpacePassthroughSettings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput": { "additionalProperties": false, - "properties": {}, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the destination delivery stream to write to.", + "title": "ResourceARN", + "type": "string" + } + }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.DolbyVision81Settings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput": { "additionalProperties": false, - "properties": {}, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the destination Kinesis data stream to write to.", + "title": "ResourceARN", + "type": "string" + } + }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbNitSettings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput": { "additionalProperties": false, "properties": { - "NetworkId": { - "markdownDescription": "The numeric value placed in the Network Information Table (NIT).", - "title": "NetworkId", - "type": "number" - }, - "NetworkName": { - "markdownDescription": "The network name text placed in the networkNameDescriptor inside the Network Information Table (NIT). The maximum length is 256 characters.", - "title": "NetworkName", + "ResourceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" - }, - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", - "type": "number" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbSdtSettings": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.Output": { "additionalProperties": false, "properties": { - "OutputSdt": { - "markdownDescription": "Selects a method of inserting SDT information into an output stream. The sdtFollow setting copies SDT information from input stream to output stream. The sdtFollowIfPresent setting copies SDT information from input stream to output stream if SDT information is present in the input. Otherwise, it falls back on the user-defined values. The sdtManual setting means that the user will enter the SDT information. The sdtNone setting means that the output stream will not contain SDT information.", - "title": "OutputSdt", - "type": "string" + "DestinationSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema", + "markdownDescription": "Describes the data format when records are written to the destination.", + "title": "DestinationSchema" }, - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", - "type": "number" + "KinesisFirehoseOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput", + "markdownDescription": "Identifies a Kinesis Data Firehose delivery stream as the destination.", + "title": "KinesisFirehoseOutput" }, - "ServiceName": { - "markdownDescription": "The service name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", - "title": "ServiceName", - "type": "string" + "KinesisStreamsOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput", + "markdownDescription": "Identifies a Kinesis data stream as the destination.", + "title": "KinesisStreamsOutput" }, - "ServiceProviderName": { - "markdownDescription": "The service provider name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", - "title": "ServiceProviderName", + "LambdaOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput", + "markdownDescription": "Identifies an Amazon Lambda function as the destination.", + "title": "LambdaOutput" + }, + "Name": { + "markdownDescription": "The name of the in-application stream.", + "title": "Name", "type": "string" } }, + "required": [ + "DestinationSchema" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbSubDestinationSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "If no explicit xPosition or yPosition is provided, setting the alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. This option is not valid for source captions that are STL or 608/embedded. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "Alignment", + "Condition": { "type": "string" }, - "BackgroundColor": { - "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BackgroundOpacity": { - "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundOpacity", - "type": "number" - }, - "Font": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", - "title": "Font" - }, - "FontColor": { - "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "FontColor", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FontOpacity": { - "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", - "title": "FontOpacity", - "type": "number" + "Metadata": { + "type": "object" }, - "FontResolution": { - "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", - "title": "FontResolution", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" + }, + "ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource", + "markdownDescription": "For a SQL-based Kinesis Data Analytics application, describes the reference data source by providing the source information (Amazon S3 bucket name and object key name), the resulting in-application table name that is created, and the necessary schema to map the data elements in the Amazon S3 object to the in-application table.", + "title": "ReferenceDataSource" + } + }, + "required": [ + "ApplicationName", + "ReferenceDataSource" + ], + "type": "object" }, - "FontSize": { - "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", - "title": "FontSize", + "Type": { + "enum": [ + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource" + ], "type": "string" }, - "OutlineColor": { - "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineColor", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "OutlineSize": { - "markdownDescription": "Specifies the font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineSize", - "type": "number" - }, - "ShadowColor": { - "markdownDescription": "Specifies the color of the shadow that is cast by the captions. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowColor", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordColumnDelimiter": { + "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "ShadowOpacity": { - "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "ShadowOpacity", - "type": "number" - }, - "ShadowXOffset": { - "markdownDescription": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowXOffset", - "type": "number" - }, - "ShadowYOffset": { - "markdownDescription": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowYOffset", - "type": "number" - }, - "TeletextGridControl": { - "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies to only Teletext inputs and DVB-Sub/Burn-in outputs.", - "title": "TeletextGridControl", + "RecordRowDelimiter": { + "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" - }, - "XPosition": { - "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "XPosition", - "type": "number" - }, - "YPosition": { - "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "YPosition", - "type": "number" } }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbSubSourceSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters": { "additionalProperties": false, "properties": { - "OcrLanguage": { - "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", - "title": "OcrLanguage", + "RecordRowPath": { + "markdownDescription": "The path to the top-level parent that contains the records.", + "title": "RecordRowPath", "type": "string" - }, - "Pid": { - "markdownDescription": "When using DVB-Sub with burn-in or SMPTE-TT, use this PID for the source content. It is unused for DVB-Sub passthrough. All DVB-Sub content is passed through, regardless of selectors.", - "title": "Pid", - "type": "number" } }, + "required": [ + "RecordRowPath" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbTdtSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters": { "additionalProperties": false, "properties": { - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", - "type": "number" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" + }, + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::MediaLive::Channel.Eac3AtmosSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "", - "title": "Bitrate", - "type": "number" - }, - "CodingMode": { - "markdownDescription": "", - "title": "CodingMode", + "Mapping": { + "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", + "title": "Mapping", "type": "string" }, - "Dialnorm": { - "markdownDescription": "", - "title": "Dialnorm", - "type": "number" - }, - "DrcLine": { - "markdownDescription": "", - "title": "DrcLine", + "Name": { + "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", + "title": "Name", "type": "string" }, - "DrcRf": { - "markdownDescription": "", - "title": "DrcRf", + "SqlType": { + "markdownDescription": "The type of column created in the in-application input stream or reference table.", + "title": "SqlType", "type": "string" - }, - "HeightTrim": { - "markdownDescription": "", - "title": "HeightTrim", - "type": "number" - }, - "SurroundTrim": { - "markdownDescription": "", - "title": "SurroundTrim", - "type": "number" } }, + "required": [ + "Name", + "SqlType" + ], "type": "object" }, - "AWS::MediaLive::Channel.Eac3Settings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat": { "additionalProperties": false, "properties": { - "AttenuationControl": { - "markdownDescription": "When set to attenuate3Db, applies a 3 dB attenuation to the surround channels. Used only for the 3/2 coding mode.", - "title": "AttenuationControl", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", - "title": "Bitrate", - "type": "number" - }, - "BitstreamMode": { - "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted E-AC-3 stream. For more information, see ATSC A/52-2012 (Annex E).", - "title": "BitstreamMode", - "type": "string" - }, - "CodingMode": { - "markdownDescription": "The Dolby Digital Plus coding mode. This mode determines the number of channels.", - "title": "CodingMode", - "type": "string" - }, - "DcFilter": { - "markdownDescription": "When set to enabled, activates a DC highpass filter for all input channels.", - "title": "DcFilter", - "type": "string" - }, - "Dialnorm": { - "markdownDescription": "Sets the dialnorm for the output. If blank and the input audio is Dolby Digital Plus, dialnorm will be passed through.", - "title": "Dialnorm", - "type": "number" - }, - "DrcLine": { - "markdownDescription": "Sets the Dolby dynamic range compression profile.", - "title": "DrcLine", - "type": "string" - }, - "DrcRf": { - "markdownDescription": "Sets the profile for heavy Dolby dynamic range compression, ensuring that the instantaneous signal peaks do not exceed specified levels.", - "title": "DrcRf", - "type": "string" - }, - "LfeControl": { - "markdownDescription": "When encoding 3/2 audio, setting to lfe enables the LFE channel.", - "title": "LfeControl", - "type": "string" - }, - "LfeFilter": { - "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. Valid only with a codingMode32 coding mode.", - "title": "LfeFilter", - "type": "string" - }, - "LoRoCenterMixLevel": { - "markdownDescription": "The Left only/Right only center mix level. Used only for the 3/2 coding mode.", - "title": "LoRoCenterMixLevel", - "type": "number" - }, - "LoRoSurroundMixLevel": { - "markdownDescription": "The Left only/Right only surround mix level. Used only for a 3/2 coding mode.", - "title": "LoRoSurroundMixLevel", - "type": "number" - }, - "LtRtCenterMixLevel": { - "markdownDescription": "The Left total/Right total center mix level. Used only for a 3/2 coding mode.", - "title": "LtRtCenterMixLevel", - "type": "number" - }, - "LtRtSurroundMixLevel": { - "markdownDescription": "The Left total/Right total surround mix level. Used only for the 3/2 coding mode.", - "title": "LtRtSurroundMixLevel", - "type": "number" - }, - "MetadataControl": { - "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is not supplied from one of these streams, then the static metadata settings are used.", - "title": "MetadataControl", - "type": "string" - }, - "PassthroughControl": { - "markdownDescription": "When set to whenPossible, input DD+ audio will be passed through if it is present on the input. This detection is dynamic over the life of the transcode. Inputs that alternate between DD+ and non-DD+ content will have a consistent DD+ output as the system alternates between passthrough and encoding.", - "title": "PassthroughControl", - "type": "string" - }, - "PhaseControl": { - "markdownDescription": "When set to shift90Degrees, applies a 90-degree phase shift to the surround channels. Used only for a 3/2 coding mode.", - "title": "PhaseControl", - "type": "string" + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters", + "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "StereoDownmix": { - "markdownDescription": "A stereo downmix preference. Used only for the 3/2 coding mode.", - "title": "StereoDownmix", + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" + } + }, + "required": [ + "RecordFormatType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource": { + "additionalProperties": false, + "properties": { + "ReferenceSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", + "title": "ReferenceSchema" }, - "SurroundExMode": { - "markdownDescription": "When encoding 3/2 audio, sets whether an extra center back surround channel is matrix encoded into the left and right surround channels.", - "title": "SurroundExMode", - "type": "string" + "S3ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource", + "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. A Kinesis Data Analytics application loads reference data only once. If the data changes, you call the [UpdateApplication](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_UpdateApplication.html) operation to trigger reloading of data into your application.", + "title": "S3ReferenceDataSource" }, - "SurroundMode": { - "markdownDescription": "When encoding 2/0 audio, sets whether Dolby Surround is matrix-encoded into the two channels.", - "title": "SurroundMode", + "TableName": { + "markdownDescription": "The name of the in-application table to create.", + "title": "TableName", "type": "string" } }, + "required": [ + "ReferenceSchema" + ], "type": "object" }, - "AWS::MediaLive::Channel.EbuTtDDestinationSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema": { "additionalProperties": false, "properties": { - "CopyrightHolder": { - "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. Complete this field if you want to include the name of the copyright holder in the copyright metadata tag in the TTML", - "title": "CopyrightHolder", - "type": "string" - }, - "FillLineGap": { - "markdownDescription": "Specifies how to handle the gap between the lines (in multi-line captions). - enabled: Fill with the captions background color (as specified in the input captions).\n- disabled: Leave the gap unfilled.", - "title": "FillLineGap", - "type": "string" + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn" + }, + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", + "type": "array" }, - "FontFamily": { - "markdownDescription": "Specifies the font family to include in the font data attached to the EBU-TT captions. Valid only if styleControl is set to include. If you leave this field empty, the font family is set to \"monospaced\". (If styleControl is set to exclude, the font family is always set to \"monospaced\".) You specify only the font family. All other style information (color, bold, position and so on) is copied from the input captions. The size is always set to 100% to allow the downstream player to choose the size. - Enter a list of font families, as a comma-separated list of font names, in order of preference. The name can be a font family (such as \u201cArial\u201d), or a generic font family (such as \u201cserif\u201d), or \u201cdefault\u201d (to let the downstream player choose the font).\n- Leave blank to set the family to \u201cmonospace\u201d.", - "title": "FontFamily", + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "StyleControl": { - "markdownDescription": "Specifies the style information (font color, font position, and so on) to include in the font data that is attached to the EBU-TT captions. - include: Take the style information (font color, font position, and so on) from the source captions and include that information in the font data attached to the EBU-TT captions. This option is valid only if the source captions are Embedded or Teletext.\n- exclude: In the font data attached to the EBU-TT captions, set the font family to \"monospaced\". Do not include any other style information.", - "title": "StyleControl", - "type": "string" + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" } }, + "required": [ + "RecordColumns", + "RecordFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.EmbeddedDestinationSettings": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource": { "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings": { - "additionalProperties": false, - "properties": {}, + "properties": { + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", + "type": "string" + }, + "FileKey": { + "markdownDescription": "The object key name containing the reference data.", + "title": "FileKey", + "type": "string" + } + }, + "required": [ + "BucketARN", + "FileKey" + ], "type": "object" }, - "AWS::MediaLive::Channel.EmbeddedSourceSettings": { + "AWS::KinesisFirehose::DeliveryStream": { "additionalProperties": false, "properties": { - "Convert608To708": { - "markdownDescription": "If this is upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. If 708 data is present in the source content, it is discarded.", - "title": "Convert608To708", + "Condition": { "type": "string" }, - "Scte20Detection": { - "markdownDescription": "Set to \"auto\" to handle streams with intermittent or non-aligned SCTE-20 and embedded captions.", - "title": "Scte20Detection", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Source608ChannelNumber": { - "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions. This is unused for passthrough.", - "title": "Source608ChannelNumber", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmazonOpenSearchServerlessDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service.", + "title": "AmazonOpenSearchServerlessDestinationConfiguration" + }, + "AmazonopensearchserviceDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration", + "markdownDescription": "The destination in Amazon OpenSearch Service. You can specify only one destination.", + "title": "AmazonopensearchserviceDestinationConfiguration" + }, + "DatabaseSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceConfiguration", + "markdownDescription": "The top level object for configuring streams with database as a source.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceConfiguration" + }, + "DeliveryStreamEncryptionConfigurationInput": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput", + "markdownDescription": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE).", + "title": "DeliveryStreamEncryptionConfigurationInput" + }, + "DeliveryStreamName": { + "markdownDescription": "The name of the Firehose stream.", + "title": "DeliveryStreamName", + "type": "string" + }, + "DeliveryStreamType": { + "markdownDescription": "The Firehose stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the Firehose stream directly.\n- `KinesisStreamAsSource` : The Firehose stream uses a Kinesis data stream as a source.", + "title": "DeliveryStreamType", + "type": "string" + }, + "DirectPutSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DirectPutSourceConfiguration", + "markdownDescription": "The structure that configures parameters such as `ThroughputHintInMBs` for a stream configured with Direct PUT as a source.", + "title": "DirectPutSourceConfiguration" + }, + "ElasticsearchDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration", + "markdownDescription": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "ElasticsearchDestinationConfiguration" + }, + "ExtendedS3DestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration", + "markdownDescription": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "ExtendedS3DestinationConfiguration" + }, + "HttpEndpointDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration", + "markdownDescription": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination.", + "title": "HttpEndpointDestinationConfiguration" + }, + "IcebergDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.IcebergDestinationConfiguration", + "markdownDescription": "Specifies the destination configure settings for Apache Iceberg Table.", + "title": "IcebergDestinationConfiguration" + }, + "KinesisStreamSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration", + "markdownDescription": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream.", + "title": "KinesisStreamSourceConfiguration" + }, + "MSKSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration", + "markdownDescription": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream.", + "title": "MSKSourceConfiguration" + }, + "RedshiftDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration", + "markdownDescription": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "RedshiftDestinationConfiguration" + }, + "S3DestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "S3DestinationConfiguration" + }, + "SnowflakeDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration", + "markdownDescription": "Configure Snowflake destination", + "title": "SnowflakeDestinationConfiguration" + }, + "SplunkDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration", + "markdownDescription": "The configuration of a destination in Splunk for the delivery stream.", + "title": "SplunkDestinationConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags to assign to the Firehose stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the Firehose stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a Firehose stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::KinesisFirehose::DeliveryStream" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints": { + "additionalProperties": false, + "properties": { + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", + "title": "IntervalInSeconds", "type": "number" }, - "Source608TrackNumber": { - "markdownDescription": "This field is unused and deprecated.", - "title": "Source608TrackNumber", + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n\nWe recommend setting this parameter to a value greater than the amount of data you typically ingest into the Firehose stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", + "title": "SizeInMBs", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.EncoderSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration": { "additionalProperties": false, "properties": { - "AudioDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDescription" - }, - "markdownDescription": "The encoding information for output audio.", - "title": "AudioDescriptions", - "type": "array" - }, - "AvailBlanking": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailBlanking", - "markdownDescription": "The settings for ad avail blanking.", - "title": "AvailBlanking" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", + "title": "BufferingHints" }, - "AvailConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailConfiguration", - "markdownDescription": "The configuration settings for the ad avail handling.", - "title": "AvailConfiguration" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "", + "title": "CloudWatchLoggingOptions" }, - "BlackoutSlate": { - "$ref": "#/definitions/AWS::MediaLive::Channel.BlackoutSlate", - "markdownDescription": "The settings for the blackout slate.", - "title": "BlackoutSlate" + "CollectionEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.", + "title": "CollectionEndpoint", + "type": "string" }, - "CaptionDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDescription" - }, - "markdownDescription": "The encoding information for output captions.", - "title": "CaptionDescriptions", - "type": "array" + "IndexName": { + "markdownDescription": "The Serverless offering for Amazon OpenSearch Service index name.", + "title": "IndexName", + "type": "string" }, - "ColorCorrectionSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrectionSettings", + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "", - "title": "ColorCorrectionSettings" - }, - "FeatureActivations": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FeatureActivations", - "markdownDescription": "Settings to enable specific features.", - "title": "FeatureActivations" - }, - "GlobalConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.GlobalConfiguration", - "markdownDescription": "The configuration settings that apply to the entire channel.", - "title": "GlobalConfiguration" + "title": "ProcessingConfiguration" }, - "MotionGraphicsConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsConfiguration", - "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsConfiguration" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes).", + "title": "RetryOptions" }, - "NielsenConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenConfiguration", - "markdownDescription": "The settings to configure Nielsen watermarks.", - "title": "NielsenConfiguration" + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents.", + "title": "RoleARN", + "type": "string" }, - "OutputGroups": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroup" - }, - "markdownDescription": "The settings for the output groups in the channel.", - "title": "OutputGroups", - "type": "array" + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.", + "title": "S3BackupMode", + "type": "string" }, - "ThumbnailConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ThumbnailConfiguration", + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "", - "title": "ThumbnailConfiguration" - }, - "TimecodeConfig": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeConfig", - "markdownDescription": "Contains settings used to acquire and adjust timecode information from the inputs.", - "title": "TimecodeConfig" + "title": "S3Configuration" }, - "VideoDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoDescription" - }, - "markdownDescription": "The encoding information for output videos.", - "title": "VideoDescriptions", - "type": "array" + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", + "markdownDescription": "", + "title": "VpcConfiguration" + } + }, + "required": [ + "IndexName", + "RoleARN", + "S3Configuration" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.EpochLockingSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { "additionalProperties": false, "properties": { - "CustomEpoch": { - "markdownDescription": "", - "title": "CustomEpoch", - "type": "string" + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", + "title": "IntervalInSeconds", + "type": "number" }, - "JamSyncTime": { - "markdownDescription": "", - "title": "JamSyncTime", - "type": "string" + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", + "title": "SizeInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.Esam": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration": { "additionalProperties": false, "properties": { - "AcquisitionPointId": { - "markdownDescription": "", - "title": "AcquisitionPointId", + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", + "title": "BufferingHints" + }, + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", + "title": "CloudWatchLoggingOptions" + }, + "ClusterEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field.", + "title": "ClusterEndpoint", "type": "string" }, - "AdAvailOffset": { - "markdownDescription": "", - "title": "AdAvailOffset", - "type": "number" + "DocumentIdOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", + "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", + "title": "DocumentIdOptions" }, - "PasswordParam": { - "markdownDescription": "", - "title": "PasswordParam", + "DomainARN": { + "markdownDescription": "The ARN of the Amazon OpenSearch Service domain.", + "title": "DomainARN", "type": "string" }, - "PoisEndpoint": { - "markdownDescription": "", - "title": "PoisEndpoint", + "IndexName": { + "markdownDescription": "The Amazon OpenSearch Service index name.", + "title": "IndexName", "type": "string" }, - "Username": { - "markdownDescription": "", - "title": "Username", + "IndexRotationPeriod": { + "markdownDescription": "The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data.", + "title": "IndexRotationPeriod", "type": "string" }, - "ZoneIdentity": { - "markdownDescription": "", - "title": "ZoneIdentity", + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "Describes a data processing configuration.", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions", + "markdownDescription": "The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes).", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents.", + "title": "RoleARN", + "type": "string" + }, + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3.", + "title": "S3BackupMode", + "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in Amazon S3.", + "title": "S3Configuration" + }, + "TypeName": { + "markdownDescription": "The Amazon OpenSearch Service type name.", + "title": "TypeName", "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", + "markdownDescription": "The details of the VPC of the Amazon OpenSearch Service destination.", + "title": "VpcConfiguration" } }, + "required": [ + "IndexName", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.FailoverCondition": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions": { "additionalProperties": false, "properties": { - "FailoverConditionSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverConditionSettings", - "markdownDescription": "Settings for a specific failover condition.", - "title": "FailoverConditionSettings" + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.FailoverConditionSettings": { + "AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration": { "additionalProperties": false, "properties": { - "AudioSilenceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSilenceFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if the specified audio selector is silent for the specified period.", - "title": "AudioSilenceSettings" + "Connectivity": { + "markdownDescription": "The type of connectivity used to access the Amazon MSK cluster.", + "title": "Connectivity", + "type": "string" }, - "InputLossSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if content is not detected in this input for the specified period.", - "title": "InputLossSettings" + "RoleARN": { + "markdownDescription": "The ARN of the role used to access the Amazon MSK cluster.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "Connectivity", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.BufferingHints": { + "additionalProperties": false, + "properties": { + "IntervalInSeconds": { + "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "IntervalInSeconds", + "type": "number" }, - "VideoBlackSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoBlackFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if content is considered black for the specified period.", - "title": "VideoBlackSettings" + "SizeInMBs": { + "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "SizeInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.FeatureActivations": { + "AWS::KinesisFirehose::DeliveryStream.CatalogConfiguration": { "additionalProperties": false, "properties": { - "InputPrepareScheduleActions": { - "markdownDescription": "Enables the Input Prepare feature. You can create Input Prepare actions in the schedule only if this feature is enabled.\nIf you disable the feature on an existing schedule, make sure that you first delete all input prepare actions from the schedule.", - "title": "InputPrepareScheduleActions", + "CatalogArn": { + "markdownDescription": "Specifies the Glue catalog ARN identifier of the destination Apache Iceberg Tables. You must specify the ARN in the format `arn:aws:glue:region:account-id:catalog` .", + "title": "CatalogArn", "type": "string" }, - "OutputStaticImageOverlayScheduleActions": { - "markdownDescription": "", - "title": "OutputStaticImageOverlayScheduleActions", + "WarehouseLocation": { + "markdownDescription": "The warehouse location for Apache Iceberg tables. You must configure this when schema evolution and table creation is enabled.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "WarehouseLocation", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.FecOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions": { "additionalProperties": false, "properties": { - "ColumnDepth": { - "markdownDescription": "The parameter D from SMPTE 2022-1. The height of the FEC protection matrix. The number of transport stream packets per column error correction packet. The number must be between 4 and 20, inclusive.", - "title": "ColumnDepth", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether CloudWatch Logs logging is enabled.", + "title": "Enabled", + "type": "boolean" }, - "IncludeFec": { - "markdownDescription": "Enables column only or column and row-based FEC.", - "title": "IncludeFec", + "LogGroupName": { + "markdownDescription": "The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use.\n\nConditional. If you enable logging, you must specify this property.", + "title": "LogGroupName", "type": "string" }, - "RowLength": { - "markdownDescription": "The parameter L from SMPTE 2022-1. The width of the FEC protection matrix. Must be between 1 and 20, inclusive. If only Column FEC is used, then larger values increase robustness. If Row FEC is used, then this is the number of transport stream packets per row error correction packet, and the value must be between 4 and 20, inclusive, if includeFec is columnAndRow. If includeFec is column, this value must be 1 to 20, inclusive.", - "title": "RowLength", - "type": "number" + "LogStreamName": { + "markdownDescription": "The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery.\n\nConditional. If you enable logging, you must specify this property.", + "title": "LogStreamName", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.Fmp4HlsSettings": { + "AWS::KinesisFirehose::DeliveryStream.CopyCommand": { "additionalProperties": false, "properties": { - "AudioRenditionSets": { - "markdownDescription": "List all the audio groups that are used with the video output stream. Input all the audio GROUP-IDs that are associated to the video, separate by ','.", - "title": "AudioRenditionSets", + "CopyOptions": { + "markdownDescription": "Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "CopyOptions", "type": "string" }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", + "DataTableColumns": { + "markdownDescription": "A comma-separated list of column names.", + "title": "DataTableColumns", "type": "string" }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", + "DataTableName": { + "markdownDescription": "The name of the target table. The table must already exist in the database.", + "title": "DataTableName", "type": "string" } }, + "required": [ + "DataTableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureCdnSettings": { + "AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration": { "additionalProperties": false, "properties": { - "FrameCaptureS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this Frame Capture output.", - "title": "FrameCaptureS3Settings" + "Enabled": { + "markdownDescription": "Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details.", + "title": "Enabled", + "type": "boolean" + }, + "InputFormatConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration", + "markdownDescription": "Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true.", + "title": "InputFormatConfiguration" + }, + "OutputFormatConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration", + "markdownDescription": "Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true.", + "title": "OutputFormatConfiguration" + }, + "SchemaConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration", + "markdownDescription": "Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true.", + "title": "SchemaConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseColumns": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The destination for the frame capture files. The destination is either the URI for an Amazon S3 bucket and object, plus a file name prefix (for example, s3ssl://sportsDelivery/highlights/20180820/curling_) or the URI for a MediaStore container, plus a file name prefix (for example, mediastoressl://sportsDelivery/20180820/curling_). The final file names consist of the prefix from the destination field (for example, \"curling_\") + name modifier + the counter (5 digits, starting from 00001) + extension (which is always .jpg). For example, curlingLow.00001.jpg.", - "title": "Destination" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "FrameCaptureCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureCdnSettings", - "markdownDescription": "Settings to configure the destination of a Frame Capture output.", - "title": "FrameCaptureCdnSettings" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureHlsSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceAuthenticationConfiguration": { "additionalProperties": false, - "properties": {}, + "properties": { + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "", + "title": "SecretsManagerConfiguration" + } + }, + "required": [ + "SecretsManagerConfiguration" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceConfiguration": { "additionalProperties": false, "properties": { - "NameModifier": { - "markdownDescription": "Required if the output group contains more than one output. This modifier forms part of the output file name.", - "title": "NameModifier", + "Columns": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseColumns", + "markdownDescription": "The list of column patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Columns" + }, + "DatabaseSourceAuthenticationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceAuthenticationConfiguration", + "markdownDescription": "The structure to configure the authentication methods for Firehose to connect to source database endpoint.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceAuthenticationConfiguration" + }, + "DatabaseSourceVPCConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceVPCConfiguration", + "markdownDescription": "The details of the VPC Endpoint Service which Firehose uses to create a PrivateLink to the database.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceVPCConfiguration" + }, + "Databases": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Databases", + "markdownDescription": "The list of database patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Databases" + }, + "Digest": { + "markdownDescription": "", + "title": "Digest", + "type": "string" + }, + "Endpoint": { + "markdownDescription": "The endpoint of the database server.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Endpoint", + "type": "string" + }, + "Port": { + "markdownDescription": "The port of the database. This can be one of the following values.\n\n- 3306 for MySQL database type\n- 5432 for PostgreSQL database type\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Port", + "type": "number" + }, + "PublicCertificate": { + "markdownDescription": "", + "title": "PublicCertificate", + "type": "string" + }, + "SSLMode": { + "markdownDescription": "The mode to enable or disable SSL when Firehose connects to the database endpoint.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SSLMode", + "type": "string" + }, + "SnapshotWatermarkTable": { + "markdownDescription": "The fully qualified name of the table in source database endpoint that Firehose uses to track snapshot progress.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SnapshotWatermarkTable", + "type": "string" + }, + "SurrogateKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The optional list of table and column names used as unique key columns when taking snapshot if the tables don\u2019t have primary keys configured.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SurrogateKeys", + "type": "array" + }, + "Tables": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseTables", + "markdownDescription": "The list of table patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Tables" + }, + "Type": { + "markdownDescription": "The type of database engine. This can be one of the following values.\n\n- MySQL\n- PostgreSQL\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Type", "type": "string" } }, + "required": [ + "DatabaseSourceAuthenticationConfiguration", + "DatabaseSourceVPCConfiguration", + "Databases", + "Endpoint", + "Port", + "SnapshotWatermarkTable", + "Tables", + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureS3Settings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceVPCConfiguration": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", + "VpcEndpointServiceName": { + "markdownDescription": "The VPC endpoint service name which Firehose uses to create a PrivateLink to the database. The endpoint service must have the Firehose service principle `firehose.amazonaws.com` as an allowed principal on the VPC endpoint service. The VPC endpoint service name is a string that looks like `com.amazonaws.vpce..` .\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "VpcEndpointServiceName", "type": "string" } }, + "required": [ + "VpcEndpointServiceName" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseTables": { "additionalProperties": false, "properties": { - "CaptureInterval": { - "markdownDescription": "The frequency, in seconds, for capturing frames for inclusion in the output. For example, \"10\" means capture a frame every 10 seconds.", - "title": "CaptureInterval", - "type": "number" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "CaptureIntervalUnits": { - "markdownDescription": "Unit for the frame capture interval.", - "title": "CaptureIntervalUnits", - "type": "string" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.Databases": { + "additionalProperties": false, + "properties": { + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "Include": { + "items": { + "type": "string" + }, "markdownDescription": "", - "title": "TimecodeBurninSettings" + "title": "Include", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.GlobalConfiguration": { + "AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput": { "additionalProperties": false, "properties": { - "InitialAudioGain": { - "markdownDescription": "The value to set the initial audio gain for the channel.", - "title": "InitialAudioGain", - "type": "number" + "KeyARN": { + "markdownDescription": "If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK.", + "title": "KeyARN", + "type": "string" }, - "InputEndAction": { - "markdownDescription": "Indicates the action to take when the current input completes (for example, end-of-file). When switchAndLoopInputs is configured, MediaLive restarts at the beginning of the first input. When \"none\" is configured, MediaLive transcodes either black, a solid color, or a user-specified slate images per the \"Input Loss Behavior\" configuration until the next input switch occurs (which is controlled through the Channel Schedule API).", - "title": "InputEndAction", + "KeyType": { + "markdownDescription": "Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) .\n\nYou can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams.\n\n> To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide.", + "title": "KeyType", "type": "string" + } + }, + "required": [ + "KeyType" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.Deserializer": { + "additionalProperties": false, + "properties": { + "HiveJsonSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe", + "markdownDescription": "The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.", + "title": "HiveJsonSerDe" }, - "InputLossBehavior": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossBehavior", - "markdownDescription": "The settings for system actions when the input is lost.", - "title": "InputLossBehavior" + "OpenXJsonSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe", + "markdownDescription": "The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.", + "title": "OpenXJsonSerDe" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.DestinationTableConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationDatabaseName": { + "markdownDescription": "The name of the Apache Iceberg database.", + "title": "DestinationDatabaseName", + "type": "string" }, - "OutputLockingMode": { - "markdownDescription": "Indicates how MediaLive pipelines are synchronized. PIPELINELOCKING - MediaLive attempts to synchronize the output of each pipeline to the other. EPOCHLOCKING - MediaLive attempts to synchronize the output of each pipeline to the Unix epoch.", - "title": "OutputLockingMode", + "DestinationTableName": { + "markdownDescription": "Specifies the name of the Apache Iceberg Table.", + "title": "DestinationTableName", "type": "string" }, - "OutputLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLockingSettings", - "markdownDescription": "", - "title": "OutputLockingSettings" + "PartitionSpec": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.PartitionSpec", + "markdownDescription": "The partition spec configuration for a table that is used by automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "PartitionSpec" }, - "OutputTimingSource": { - "markdownDescription": "Indicates whether the rate of frames emitted by the Live encoder should be paced by its system clock (which optionally might be locked to another source through NTP) or should be locked to the clock of the source that is providing the input stream.", - "title": "OutputTimingSource", + "S3ErrorOutputPrefix": { + "markdownDescription": "The table specific S3 error output prefix. All the errors that occurred while delivering to this table will be prefixed with this value in S3 destination.", + "title": "S3ErrorOutputPrefix", "type": "string" }, - "SupportLowFramerateInputs": { - "markdownDescription": "Adjusts the video input buffer for streams with very low video frame rates. This is commonly set to enabled for music channels with less than one video frame per second.", - "title": "SupportLowFramerateInputs", - "type": "string" + "UniqueKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of unique keys for a given Apache Iceberg table. Firehose will use these for running Create, Update, or Delete operations on the given Iceberg table.", + "title": "UniqueKeys", + "type": "array" } }, + "required": [ + "DestinationDatabaseName", + "DestinationTableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.H264ColorSpaceSettings": { + "AWS::KinesisFirehose::DeliveryStream.DirectPutSourceConfiguration": { "additionalProperties": false, "properties": { - "ColorSpacePassthroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", - "markdownDescription": "Passthrough applies no color space conversion to the output.", - "title": "ColorSpacePassthroughSettings" - }, - "Rec601Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", - "markdownDescription": "Settings to configure the handling of Rec601 color space.", - "title": "Rec601Settings" - }, - "Rec709Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", - "markdownDescription": "Settings to configure the handling of Rec709 color space.", - "title": "Rec709Settings" + "ThroughputHintInMBs": { + "markdownDescription": "The value that you configure for this parameter is for information purpose only and does not affect Firehose delivery throughput limit. You can use the [Firehose Limits form](https://docs.aws.amazon.com/https://support.console.aws.amazon.com/support/home#/case/create%3FissueType=service-limit-increase%26limitType=kinesis-firehose-limits) to request a throughput limit increase.", + "title": "ThroughputHintInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.H264FilterSettings": { + "AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "DefaultDocumentIdFormat": { + "markdownDescription": "When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs.\n\nWhen the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance.", + "title": "DefaultDocumentIdFormat", + "type": "string" } }, + "required": [ + "DefaultDocumentIdFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.H264Settings": { + "AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "The adaptive quantization. This allows intra-frame quantizers to vary to improve visual quality.", - "title": "AdaptiveQuantization", - "type": "string" - }, - "AfdSignaling": { - "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is auto, the system tries to preserve the input AFD value (in cases where multiple AFD values are valid). If set to fixed, the AFD value is the value configured in the fixedAfd parameter.", - "title": "AfdSignaling", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream.", + "title": "Enabled", + "type": "boolean" }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. This is required when the rate control mode is VBR or CBR. It isn't used for QVBR. In a Microsoft Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", - "title": "Bitrate", + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.", + "title": "RetryOptions" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints": { + "additionalProperties": false, + "properties": { + "IntervalInSeconds": { + "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "IntervalInSeconds", "type": "number" }, - "BufFillPct": { - "markdownDescription": "The percentage of the buffer that should initially be filled (HRD buffer model).", - "title": "BufFillPct", + "SizeInMBs": { + "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "SizeInMBs", "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints", + "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain.", + "title": "BufferingHints" }, - "BufSize": { - "markdownDescription": "The size of the buffer (HRD buffer model) in bits/second.", - "title": "BufSize", - "type": "number" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch Logs logging options for the delivery stream.", + "title": "CloudWatchLoggingOptions" }, - "ColorMetadata": { - "markdownDescription": "Includes color space metadata in the output.", - "title": "ColorMetadata", + "ClusterEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field.", + "title": "ClusterEndpoint", "type": "string" }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264ColorSpaceSettings", - "markdownDescription": "Settings to configure the color space handling for the video.", - "title": "ColorSpaceSettings" + "DocumentIdOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", + "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", + "title": "DocumentIdOptions" }, - "EntropyEncoding": { - "markdownDescription": "The entropy encoding mode. Use cabac (must be in Main or High profile) or cavlc.", - "title": "EntropyEncoding", + "DomainARN": { + "markdownDescription": "The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* .\n\nSpecify either `ClusterEndpoint` or `DomainARN` .", + "title": "DomainARN", "type": "string" }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264FilterSettings", - "markdownDescription": "Optional filters that you can apply to an encode.", - "title": "FilterSettings" - }, - "FixedAfd": { - "markdownDescription": "A four-bit AFD value to write on all frames of video in the output stream. Valid only when afdSignaling is set to Fixed.", - "title": "FixedAfd", + "IndexName": { + "markdownDescription": "The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing.", + "title": "IndexName", "type": "string" }, - "FlickerAq": { - "markdownDescription": "If set to enabled, adjusts the quantization within each frame to reduce flicker or pop on I-frames.", - "title": "FlickerAq", + "IndexRotationPeriod": { + "markdownDescription": "The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "IndexRotationPeriod", "type": "string" }, - "ForceFieldPictures": { - "markdownDescription": "This setting applies only when scan type is \"interlaced.\" It controls whether coding is performed on a field basis or on a frame basis. (When the video is progressive, the coding is always performed on a frame basis.)\nenabled: Force MediaLive to code on a field basis, so that odd and even sets of fields are coded separately.\ndisabled: Code the two sets of fields separately (on a field basis) or together (on a frame basis using PAFF), depending on what is most appropriate for the content.", - "title": "ForceFieldPictures", - "type": "string" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" }, - "FramerateControl": { - "markdownDescription": "Indicates how the output video frame rate is specified. If you select \"specified,\" the output video frame rate is determined by framerateNumerator and framerateDenominator. If you select \"initializeFromSource,\" the output video frame rate is set equal to the input video frame rate of the first input.", - "title": "FramerateControl", + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions", + "markdownDescription": "The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES.", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) .", + "title": "RoleARN", "type": "string" }, - "FramerateDenominator": { - "markdownDescription": "The frame rate denominator.", - "title": "FramerateDenominator", - "type": "number" + "S3BackupMode": { + "markdownDescription": "The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "S3BackupMode", + "type": "string" }, - "FramerateNumerator": { - "markdownDescription": "The frame rate numerator. The frame rate is a fraction, for example, 24000/1001 = 23.976 fps.", - "title": "FramerateNumerator", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The S3 bucket where Kinesis Data Firehose backs up incoming data.", + "title": "S3Configuration" }, - "GopBReference": { - "markdownDescription": "If enabled, uses reference B frames for GOP structures that have B frames > 1.", - "title": "GopBReference", + "TypeName": { + "markdownDescription": "The Elasticsearch type name that Amazon ES adds to documents when indexing data.", + "title": "TypeName", "type": "string" }, - "GopClosedCadence": { - "markdownDescription": "The frequency of closed GOPs. In streaming applications, we recommend that you set this to 1 so that a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", - "title": "GopClosedCadence", + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", + "markdownDescription": "The details of the VPC of the Amazon ES destination.", + "title": "VpcConfiguration" + } + }, + "required": [ + "IndexName", + "RoleARN", + "S3Configuration" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "DurationInSeconds", "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KMSEncryptionConfig": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig", + "markdownDescription": "The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data.", + "title": "KMSEncryptionConfig" }, - "GopNumBFrames": { - "markdownDescription": "The number of B-frames between reference frames.", - "title": "GopNumBFrames", - "type": "number" + "NoEncryptionConfig": { + "markdownDescription": "Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "NoEncryptionConfig", + "type": "string" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration": { + "additionalProperties": false, + "properties": { + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "BucketARN", + "type": "string" }, - "GopSize": { - "markdownDescription": "The GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits. The value must be greater than zero.", - "title": "GopSize", - "type": "number" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "The buffering option.", + "title": "BufferingHints" }, - "GopSizeUnits": { - "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds, the system converts the gopSize into a frame count at runtime.", - "title": "GopSizeUnits", - "type": "string" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" }, - "Level": { - "markdownDescription": "The H.264 level.", - "title": "Level", + "CompressionFormat": { + "markdownDescription": "The compression format. If no value is specified, the default is `UNCOMPRESSED` .", + "title": "CompressionFormat", "type": "string" }, - "LookAheadRateControl": { - "markdownDescription": "The amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", - "title": "LookAheadRateControl", + "CustomTimeZone": { + "markdownDescription": "The time zone you prefer. UTC is the default.", + "title": "CustomTimeZone", "type": "string" }, - "MaxBitrate": { - "markdownDescription": "For QVBR: See the tooltip for Quality level. For VBR: Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.", - "title": "MaxBitrate", - "type": "number" + "DataFormatConversionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration", + "markdownDescription": "The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3.", + "title": "DataFormatConversionConfiguration" }, - "MinIInterval": { - "markdownDescription": "Meaningful only if sceneChangeDetect is set to enabled. This setting enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting the I-interval. The normal cadence resumes for the next GOP. Note that the maximum GOP stretch = GOP size + Min-I-interval - 1.", - "title": "MinIInterval", - "type": "number" + "DynamicPartitioningConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration", + "markdownDescription": "The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys.", + "title": "DynamicPartitioningConfiguration" }, - "NumRefFrames": { - "markdownDescription": "The number of reference frames to use. The encoder might use more than requested if you use B-frames or interlaced encoding.", - "title": "NumRefFrames", - "type": "number" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", + "markdownDescription": "The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` .", + "title": "EncryptionConfiguration" }, - "ParControl": { - "markdownDescription": "Indicates how the output pixel aspect ratio is specified. If \"specified\" is selected, the output video pixel aspect ratio is determined by parNumerator and parDenominator. If \"initializeFromSource\" is selected, the output pixels aspect ratio will be set equal to the input video pixel aspect ratio of the first input.", - "title": "ParControl", + "ErrorOutputPrefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", + "title": "ErrorOutputPrefix", "type": "string" }, - "ParDenominator": { - "markdownDescription": "The Pixel Aspect Ratio denominator.", - "title": "ParDenominator", - "type": "number" - }, - "ParNumerator": { - "markdownDescription": "The Pixel Aspect Ratio numerator.", - "title": "ParNumerator", - "type": "number" - }, - "Profile": { - "markdownDescription": "An H.264 profile.", - "title": "Profile", + "FileExtension": { + "markdownDescription": "Specify a file extension. It will override the default file extension", + "title": "FileExtension", "type": "string" }, - "QualityLevel": { - "markdownDescription": "Leave as STANDARD_QUALITY or choose a different value (which might result in additional costs to run the channel).\n- ENHANCED_QUALITY: Produces a slightly better video quality without an increase in the bitrate. Has an effect only when the Rate control mode is QVBR or CBR. If this channel is in a MediaLive multiplex, the value must be ENHANCED_QUALITY.\n- STANDARD_QUALITY: Valid for any Rate control mode.", - "title": "QualityLevel", + "Prefix": { + "markdownDescription": "The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "Prefix", "type": "string" }, - "QvbrQualityLevel": { - "markdownDescription": "Controls the target quality for the video encode. This applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are: - Primary screen: Quality level: 8 to 10. Max bitrate: 4M - PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M - Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M.", - "title": "QvbrQualityLevel", - "type": "number" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" }, - "RateControlMode": { - "markdownDescription": "The rate control mode. QVBR: The quality will match the specified quality level except when it is constrained by the maximum bitrate. We recommend this if you or your viewers pay for bandwidth. VBR: The quality and bitrate vary, depending on the video complexity. We recommend this instead of QVBR if you want to maintain a specific average bitrate over the duration of the channel. CBR: The quality varies, depending on the video complexity. We recommend this only if you distribute your assets to devices that can't handle variable bitrates.", - "title": "RateControlMode", - "type": "string" - }, - "ScanType": { - "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", - "title": "ScanType", - "type": "string" - }, - "SceneChangeDetect": { - "markdownDescription": "The scene change detection. On: inserts I-frames when the scene change is detected. Off: does not force an I-frame when the scene change is detected.", - "title": "SceneChangeDetect", - "type": "string" - }, - "Slices": { - "markdownDescription": "The number of slices per picture. The number must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures. This field is optional. If you don't specify a value, MediaLive chooses the number of slices based on the encode resolution.", - "title": "Slices", - "type": "number" - }, - "Softness": { - "markdownDescription": "Softness. Selects a quantizer matrix. Larger values reduce high-frequency content in the encoded image.", - "title": "Softness", - "type": "number" - }, - "SpatialAq": { - "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the spatial variation of content complexity.", - "title": "SpatialAq", - "type": "string" - }, - "SubgopLength": { - "markdownDescription": "If set to fixed, uses gopNumBFrames B-frames per sub-GOP. If set to dynamic, optimizes the number of B-frames used for each sub-GOP to improve visual quality.", - "title": "SubgopLength", - "type": "string" - }, - "Syntax": { - "markdownDescription": "Produces a bitstream that is compliant with SMPTE RP-2027.", - "title": "Syntax", - "type": "string" - }, - "TemporalAq": { - "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the temporal variation of content complexity.", - "title": "TemporalAq", + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "RoleARN", "type": "string" }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" + "S3BackupConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for backup in Amazon S3.", + "title": "S3BackupConfiguration" }, - "TimecodeInsertion": { - "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream. disabled: don't include timecodes. picTimingSei: pass through picture timing SEI messages from the source specified in Timecode Config.", - "title": "TimecodeInsertion", + "S3BackupMode": { + "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", + "title": "S3BackupMode", "type": "string" } }, + "required": [ + "BucketARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.H265ColorSpaceSettings": { + "AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe": { "additionalProperties": false, "properties": { - "ColorSpacePassthroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", - "markdownDescription": "Passthrough applies no color space conversion to the output.", - "title": "ColorSpacePassthroughSettings" - }, - "DolbyVision81Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DolbyVision81Settings", - "markdownDescription": "", - "title": "DolbyVision81Settings" - }, - "Hdr10Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", - "markdownDescription": "Settings to configure the handling of HDR10 color space.", - "title": "Hdr10Settings" - }, - "Rec601Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", - "markdownDescription": "Settings to configure the handling of Rec601 color space.", - "title": "Rec601Settings" - }, - "Rec709Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", - "markdownDescription": "Settings to configure the handling of Rec709 color space.", - "title": "Rec709Settings" + "TimestampFormats": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default.", + "title": "TimestampFormats", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.H265FilterSettings": { + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "AttributeName": { + "markdownDescription": "The name of the HTTP endpoint common attribute.", + "title": "AttributeName", + "type": "string" + }, + "AttributeValue": { + "markdownDescription": "The value of the HTTP endpoint common attribute.", + "title": "AttributeValue", + "type": "string" } }, + "required": [ + "AttributeName", + "AttributeValue" + ], "type": "object" }, - "AWS::MediaLive::Channel.H265Settings": { + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "Adaptive quantization. Allows intra-frame quantizers to vary to improve visual quality.", - "title": "AdaptiveQuantization", + "AccessKey": { + "markdownDescription": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.", + "title": "AccessKey", "type": "string" }, - "AfdSignaling": { - "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is \"auto\", the system will try to preserve the input AFD value (in cases where multiple AFD values are valid). If set to \"fixed\", the AFD value will be the value configured in the fixedAfd parameter.", - "title": "AfdSignaling", + "Name": { + "markdownDescription": "The name of the HTTP endpoint selected as the destination.", + "title": "Name", "type": "string" }, - "AlternativeTransferFunction": { - "markdownDescription": "Whether or not EML should insert an Alternative Transfer Function SEI message to support backwards compatibility with non-HDR decoders and displays.", - "title": "AlternativeTransferFunction", + "Url": { + "markdownDescription": "The URL of the HTTP endpoint selected as the destination.", + "title": "Url", "type": "string" + } + }, + "required": [ + "Url" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other.", + "title": "BufferingHints" }, - "Bitrate": { - "markdownDescription": "Average bitrate in bits/second. Required when the rate control mode is VBR or CBR. Not used for QVBR. In an MS Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", - "title": "Bitrate", - "type": "number" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", + "title": "CloudWatchLoggingOptions" }, - "BufSize": { - "markdownDescription": "Size of buffer (HRD buffer model) in bits.", - "title": "BufSize", - "type": "number" + "EndpointConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration", + "markdownDescription": "The configuration of the HTTP endpoint selected as the destination.", + "title": "EndpointConfiguration" }, - "ColorMetadata": { - "markdownDescription": "Includes colorspace metadata in the output.", - "title": "ColorMetadata", - "type": "string" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "Describes the data processing configuration.", + "title": "ProcessingConfiguration" }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265ColorSpaceSettings", - "markdownDescription": "Color Space settings", - "title": "ColorSpaceSettings" + "RequestConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration", + "markdownDescription": "The configuration of the request sent to the HTTP endpoint specified as the destination.", + "title": "RequestConfiguration" }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265FilterSettings", - "markdownDescription": "Optional filters that you can apply to an encode.", - "title": "FilterSettings" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination.", + "title": "RetryOptions" }, - "FixedAfd": { - "markdownDescription": "Four bit AFD value to write on all frames of video in the output stream. Only valid when afdSignaling is set to 'Fixed'.", - "title": "FixedAfd", + "RoleARN": { + "markdownDescription": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs.", + "title": "RoleARN", "type": "string" }, - "FlickerAq": { - "markdownDescription": "If set to enabled, adjust quantization within each frame to reduce flicker or 'pop' on I-frames.", - "title": "FlickerAq", + "S3BackupMode": { + "markdownDescription": "Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly).", + "title": "S3BackupMode", "type": "string" }, - "FramerateDenominator": { - "markdownDescription": "Framerate denominator.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "Framerate numerator - framerate is a fraction, e.g. 24000 / 1001 = 23.976 fps.", - "title": "FramerateNumerator", - "type": "number" - }, - "GopClosedCadence": { - "markdownDescription": "Frequency of closed GOPs. In streaming applications, it is recommended that this be set to 1 so a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", - "title": "GopClosedCadence", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in Amazon S3.", + "title": "S3Configuration" }, - "GopSize": { - "markdownDescription": "GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits.\nIf gopSizeUnits is frames, gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, gopSize must be greater than 0, but need not be an integer.", - "title": "GopSize", - "type": "number" + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for HTTP Endpoint destination.", + "title": "SecretsManagerConfiguration" + } + }, + "required": [ + "EndpointConfiguration", + "S3Configuration" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration": { + "additionalProperties": false, + "properties": { + "CommonAttributes": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute" + }, + "markdownDescription": "Describes the metadata sent to the HTTP endpoint destination.", + "title": "CommonAttributes", + "type": "array" }, - "GopSizeUnits": { - "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds the system will convert the gopSize into a frame count at run time.", - "title": "GopSizeUnits", + "ContentEncoding": { + "markdownDescription": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation.", + "title": "ContentEncoding", "type": "string" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.IcebergDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "AppendOnly": { + "markdownDescription": "Describes whether all incoming data for this delivery stream will be append only (inserts only and not for updates and deletes) for Iceberg delivery. This feature is only applicable for Apache Iceberg Tables.\n\nThe default value is false. If you set this value to true, Firehose automatically increases the throughput limit of a stream based on the throttling levels of the stream. If you set this parameter to true for a stream with updates and deletes, you will see out of order delivery.", + "title": "AppendOnly", + "type": "boolean" }, - "Level": { - "markdownDescription": "H.265 Level.", - "title": "Level", - "type": "string" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "", + "title": "BufferingHints" }, - "LookAheadRateControl": { - "markdownDescription": "Amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", - "title": "LookAheadRateControl", - "type": "string" + "CatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CatalogConfiguration", + "markdownDescription": "Configuration describing where the destination Apache Iceberg Tables are persisted.", + "title": "CatalogConfiguration" }, - "MaxBitrate": { - "markdownDescription": "For QVBR: See the tooltip for Quality level", - "title": "MaxBitrate", - "type": "number" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "", + "title": "CloudWatchLoggingOptions" }, - "MinIInterval": { - "markdownDescription": "Only meaningful if sceneChangeDetect is set to enabled. Defaults to 5 if multiplex rate control is used. Enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk and/or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting I-interval. The normal cadence resumes for the next GOP. Note: Maximum GOP stretch = GOP size + Min-I-interval - 1", - "title": "MinIInterval", - "type": "number" + "DestinationTableConfigurationList": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DestinationTableConfiguration" + }, + "markdownDescription": "Provides a list of `DestinationTableConfigurations` which Firehose uses to deliver data to Apache Iceberg Tables. Firehose will write data with insert if table specific configuration is not provided here.", + "title": "DestinationTableConfigurationList", + "type": "array" }, - "MvOverPictureBoundaries": { + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "", - "title": "MvOverPictureBoundaries", - "type": "string" + "title": "ProcessingConfiguration" }, - "MvTemporalPredictor": { + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", "markdownDescription": "", - "title": "MvTemporalPredictor", - "type": "string" + "title": "RetryOptions" }, - "ParDenominator": { - "markdownDescription": "Pixel Aspect Ratio denominator.", - "title": "ParDenominator", - "type": "number" + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling Apache Iceberg Tables.", + "title": "RoleARN", + "type": "string" }, - "ParNumerator": { - "markdownDescription": "Pixel Aspect Ratio numerator.", - "title": "ParNumerator", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "", + "title": "S3Configuration" }, - "Profile": { - "markdownDescription": "H.265 Profile.", - "title": "Profile", - "type": "string" + "SchemaEvolutionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaEvolutionConfiguration", + "markdownDescription": "The configuration to enable automatic schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SchemaEvolutionConfiguration" }, - "QvbrQualityLevel": { - "markdownDescription": "Controls the target quality for the video encode. Applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are:\n- Primary screen: Quality level: 8 to 10. Max bitrate: 4M\n- PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M\n- Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M", - "title": "QvbrQualityLevel", - "type": "number" + "TableCreationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.TableCreationConfiguration", + "markdownDescription": "The configuration to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "TableCreationConfiguration" }, - "RateControlMode": { - "markdownDescription": "Rate control mode. QVBR: Quality will match the specified quality level except when it is constrained by the\nmaximum bitrate. Recommended if you or your viewers pay for bandwidth. CBR: Quality varies, depending on the video complexity. Recommended only if you distribute\nyour assets to devices that cannot handle variable bitrates. Multiplex: This rate control mode is only supported (and is required) when the video is being\ndelivered to a MediaLive Multiplex in which case the rate control configuration is controlled\nby the properties within the Multiplex Program.", - "title": "RateControlMode", + "s3BackupMode": { + "markdownDescription": "Describes how Firehose will backup records. Currently,S3 backup only supports `FailedDataOnly` .", + "title": "s3BackupMode", "type": "string" - }, - "ScanType": { - "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", - "title": "ScanType", + } + }, + "required": [ + "CatalogConfiguration", + "RoleARN", + "S3Configuration" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration": { + "additionalProperties": false, + "properties": { + "Deserializer": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Deserializer", + "markdownDescription": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request.", + "title": "Deserializer" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig": { + "additionalProperties": false, + "properties": { + "AWSKMSKeyARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.", + "title": "AWSKMSKeyARN", "type": "string" - }, - "SceneChangeDetect": { - "markdownDescription": "Scene change detection.", - "title": "SceneChangeDetect", + } + }, + "required": [ + "AWSKMSKeyARN" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration": { + "additionalProperties": false, + "properties": { + "KinesisStreamARN": { + "markdownDescription": "The ARN of the source Kinesis data stream.", + "title": "KinesisStreamARN", "type": "string" }, - "Slices": { - "markdownDescription": "Number of slices per picture. Must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures.\nThis field is optional; when no value is specified the encoder will choose the number of slices based on encode resolution.", - "title": "Slices", - "type": "number" - }, - "Tier": { - "markdownDescription": "H.265 Tier.", - "title": "Tier", + "RoleARN": { + "markdownDescription": "The ARN of the role that provides access to the source Kinesis data stream.", + "title": "RoleARN", "type": "string" + } + }, + "required": [ + "KinesisStreamARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration", + "markdownDescription": "The authentication configuration of the Amazon MSK cluster.", + "title": "AuthenticationConfiguration" }, - "TileHeight": { - "markdownDescription": "", - "title": "TileHeight", - "type": "number" - }, - "TilePadding": { - "markdownDescription": "", - "title": "TilePadding", + "MSKClusterARN": { + "markdownDescription": "The ARN of the Amazon MSK cluster.", + "title": "MSKClusterARN", "type": "string" }, - "TileWidth": { - "markdownDescription": "", - "title": "TileWidth", - "type": "number" - }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" - }, - "TimecodeInsertion": { - "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream.\n- 'disabled': Do not include timecodes\n- 'picTimingSei': Pass through picture timing SEI messages from the source specified in Timecode Config", - "title": "TimecodeInsertion", + "ReadFromTimestamp": { + "markdownDescription": "The start date and time in UTC for the offset position within your MSK topic from where Firehose begins to read. By default, this is set to timestamp when Firehose becomes Active.\n\nIf you want to create a Firehose stream with Earliest start position from SDK or CLI, you need to set the `ReadFromTimestamp` parameter to Epoch (1970-01-01T00:00:00Z).", + "title": "ReadFromTimestamp", "type": "string" }, - "TreeblockSize": { - "markdownDescription": "", - "title": "TreeblockSize", + "TopicName": { + "markdownDescription": "The topic name within the Amazon MSK cluster.", + "title": "TopicName", "type": "string" } }, + "required": [ + "AuthenticationConfiguration", + "MSKClusterARN", + "TopicName" + ], "type": "object" }, - "AWS::MediaLive::Channel.Hdr10Settings": { + "AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe": { "additionalProperties": false, "properties": { - "MaxCll": { - "markdownDescription": "Maximum Content Light Level\nAn integer metadata value defining the maximum light level, in nits,\nof any single pixel within an encoded HDR video stream or file.", - "title": "MaxCll", - "type": "number" + "CaseInsensitive": { + "markdownDescription": "When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them.", + "title": "CaseInsensitive", + "type": "boolean" }, - "MaxFall": { - "markdownDescription": "Maximum Frame Average Light Level\nAn integer metadata value defining the maximum average light level, in nits,\nfor any single frame within an encoded HDR video stream or file.", - "title": "MaxFall", - "type": "number" + "ColumnToJsonKeyMappings": { + "additionalProperties": true, + "markdownDescription": "Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{\"ts\": \"timestamp\"}` to map this key to a column named `ts` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ColumnToJsonKeyMappings", + "type": "object" + }, + "ConvertDotsInJsonKeysToUnderscores": { + "markdownDescription": "When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option.\n\nThe default is `false` .", + "title": "ConvertDotsInJsonKeysToUnderscores", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsAkamaiSettings": { + "AWS::KinesisFirehose::DeliveryStream.OrcSerDe": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", + "BlockSizeBytes": { + "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", + "title": "BlockSizeBytes", "type": "number" }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", + "BloomFilterColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "The column names for which you want Firehose to create bloom filters. The default is `null` .", + "title": "BloomFilterColumns", + "type": "array" + }, + "BloomFilterFalsePositiveProbability": { + "markdownDescription": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1.", + "title": "BloomFilterFalsePositiveProbability", "type": "number" }, - "HttpTransferMode": { - "markdownDescription": "Specifies whether to use chunked transfer encoding to Akamai. To enable this feature, contact Akamai.", - "title": "HttpTransferMode", + "Compression": { + "markdownDescription": "The compression code to use over data blocks. The default is `SNAPPY` .", + "title": "Compression", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that will be made before the channel is put into an error state.", - "title": "NumRetries", + "DictionaryKeyThreshold": { + "markdownDescription": "Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1.", + "title": "DictionaryKeyThreshold", "type": "number" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "EnablePadding": { + "markdownDescription": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` .", + "title": "EnablePadding", + "type": "boolean" }, - "Salt": { - "markdownDescription": "The salt for authenticated Akamai.", - "title": "Salt", + "FormatVersion": { + "markdownDescription": "The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` .", + "title": "FormatVersion", "type": "string" }, - "Token": { - "markdownDescription": "The token parameter for authenticated Akamai. If this is not specified, _gda_ is used.", - "title": "Token", - "type": "string" + "PaddingTolerance": { + "markdownDescription": "A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.\n\nFor the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.\n\nKinesis Data Firehose ignores this parameter when `EnablePadding` is `false` .", + "title": "PaddingTolerance", + "type": "number" + }, + "RowIndexStride": { + "markdownDescription": "The number of rows between index entries. The default is 10,000 and the minimum is 1,000.", + "title": "RowIndexStride", + "type": "number" + }, + "StripeSizeBytes": { + "markdownDescription": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.", + "title": "StripeSizeBytes", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsBasicPutSettings": { + "AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", + "Serializer": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Serializer", + "markdownDescription": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request.", + "title": "Serializer" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.ParquetSerDe": { + "additionalProperties": false, + "properties": { + "BlockSizeBytes": { + "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", + "title": "BlockSizeBytes", "type": "number" }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" + "Compression": { + "markdownDescription": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.", + "title": "Compression", + "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that MediaLive makes before the channel is put into an error state.", - "title": "NumRetries", + "EnableDictionaryCompression": { + "markdownDescription": "Indicates whether to enable dictionary compression.", + "title": "EnableDictionaryCompression", + "type": "boolean" + }, + "MaxPaddingBytes": { + "markdownDescription": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0.", + "title": "MaxPaddingBytes", "type": "number" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", + "PageSizeBytes": { + "markdownDescription": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", + "title": "PageSizeBytes", "type": "number" + }, + "WriterVersion": { + "markdownDescription": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` .", + "title": "WriterVersion", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsCdnSettings": { + "AWS::KinesisFirehose::DeliveryStream.PartitionField": { "additionalProperties": false, "properties": { - "HlsAkamaiSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsAkamaiSettings", - "markdownDescription": "Sets up Akamai as the downstream system for the HLS output group.", - "title": "HlsAkamaiSettings" - }, - "HlsBasicPutSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsBasicPutSettings", - "markdownDescription": "The settings for Basic Put for the HLS output.", - "title": "HlsBasicPutSettings" - }, - "HlsMediaStoreSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsMediaStoreSettings", - "markdownDescription": "Sets up MediaStore as the destination for the HLS output.", - "title": "HlsMediaStoreSettings" - }, - "HlsS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this HLS output.", - "title": "HlsS3Settings" - }, - "HlsWebdavSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsWebdavSettings", - "markdownDescription": "The settings for Web VTT captions in the HLS output group.\n\nThe parent of this entity is HlsGroupSettings.", - "title": "HlsWebdavSettings" + "SourceName": { + "markdownDescription": "The column name to be configured in partition spec.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SourceName", + "type": "string" } }, + "required": [ + "SourceName" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.PartitionSpec": { "additionalProperties": false, "properties": { - "AdMarkers": { + "Identity": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.PartitionField" }, - "markdownDescription": "Chooses one or more ad marker types to pass SCTE35 signals through to this group of Apple HLS outputs.", - "title": "AdMarkers", + "markdownDescription": "List of identity [transforms](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#partition-transforms) that performs an identity transformation. The transform takes the source value, and does not modify it. Result type is the source type.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Identity", "type": "array" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether data processing is enabled (true) or disabled (false).", + "title": "Enabled", + "type": "boolean" }, - "BaseUrlContent": { - "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", - "title": "BaseUrlContent", - "type": "string" - }, - "BaseUrlContent1": { - "markdownDescription": "Optional. One value per output group. This field is required only if you are completing Base URL content A, and the downstream system has notified you that the media files for pipeline 1 of all outputs are in a location different from the media files for pipeline 0.", - "title": "BaseUrlContent1", - "type": "string" - }, - "BaseUrlManifest": { - "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", - "title": "BaseUrlManifest", - "type": "string" - }, - "BaseUrlManifest1": { - "markdownDescription": "Optional. One value per output group. Complete this field only if you are completing Base URL manifest A, and the downstream system has notified you that the child manifest files for pipeline 1 of all outputs are in a location different from the child manifest files for pipeline 0.", - "title": "BaseUrlManifest1", - "type": "string" - }, - "CaptionLanguageMappings": { + "Processors": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Processor" }, - "markdownDescription": "A mapping of up to 4 captions channels to captions languages. This is meaningful only if captionLanguageSetting is set to \"insert.\"", - "title": "CaptionLanguageMappings", + "markdownDescription": "The data processors.", + "title": "Processors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.Processor": { + "additionalProperties": false, + "properties": { + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessorParameter" + }, + "markdownDescription": "The processor parameters.", + "title": "Parameters", "type": "array" }, - "CaptionLanguageSetting": { - "markdownDescription": "Applies only to 608 embedded output captions. Insert: Include CLOSED-CAPTIONS lines in the manifest. Specify at least one language in the CC1 Language Code field. One CLOSED-CAPTION line is added for each Language Code that you specify. Make sure to specify the languages in the order in which they appear in the original source (if the source is embedded format) or the order of the captions selectors (if the source is other than embedded). Otherwise, languages in the manifest will not match properly with the output captions. None: Include the CLOSED-CAPTIONS=NONE line in the manifest. Omit: Omit any CLOSED-CAPTIONS line from the manifest.", - "title": "CaptionLanguageSetting", + "Type": { + "markdownDescription": "The type of processor. Valid values: `Lambda` .", + "title": "Type", "type": "string" - }, - "ClientCache": { - "markdownDescription": "When set to \"disabled,\" sets the #EXT-X-ALLOW-CACHE:no tag in the manifest, which prevents clients from saving media segments for later replay.", - "title": "ClientCache", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.ProcessorParameter": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.", + "title": "ParameterName", "type": "string" }, - "CodecSpecification": { - "markdownDescription": "The specification to use (RFC-6381 or the default RFC-4281) during m3u8 playlist generation.", - "title": "CodecSpecification", + "ParameterValue": { + "markdownDescription": "The parameter value.", + "title": "ParameterValue", "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" }, - "ConstantIv": { - "markdownDescription": "Used with encryptionType. This is a 128-bit, 16-byte hex value that is represented by a 32-character text string. If ivSource is set to \"explicit,\" this parameter is required and is used as the IV for encryption.", - "title": "ConstantIv", + "ClusterJDBCURL": { + "markdownDescription": "The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster.", + "title": "ClusterJDBCURL", "type": "string" }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "A directory or HTTP destination for the HLS segments, manifest files, and encryption keys (if enabled).", - "title": "Destination" - }, - "DirectoryStructure": { - "markdownDescription": "Places segments in subdirectories.", - "title": "DirectoryStructure", - "type": "string" + "CopyCommand": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CopyCommand", + "markdownDescription": "Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket.", + "title": "CopyCommand" }, - "DiscontinuityTags": { - "markdownDescription": "Specifies whether to insert EXT-X-DISCONTINUITY tags in the HLS child manifests for this output group.\nTypically, choose Insert because these tags are required in the manifest (according to the HLS specification) and serve an important purpose.\nChoose Never Insert only if the downstream system is doing real-time failover (without using the MediaLive automatic failover feature) and only if that downstream system has advised you to exclude the tags.", - "title": "DiscontinuityTags", + "Password": { + "markdownDescription": "The password for the Amazon Redshift user that you specified in the `Username` property.", + "title": "Password", "type": "string" }, - "EncryptionType": { - "markdownDescription": "Encrypts the segments with the specified encryption scheme. Exclude this parameter if you don't want encryption.", - "title": "EncryptionType", - "type": "string" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" }, - "HlsCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsCdnSettings", - "markdownDescription": "The parameters that control interactions with the CDN.", - "title": "HlsCdnSettings" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).", + "title": "RetryOptions" }, - "HlsId3SegmentTagging": { - "markdownDescription": "State of HLS ID3 Segment Tagging", - "title": "HlsId3SegmentTagging", + "RoleARN": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "RoleARN", "type": "string" }, - "IFrameOnlyPlaylists": { - "markdownDescription": "DISABLED: Don't create an I-frame-only manifest, but do create the master and media manifests (according to the Output Selection field). STANDARD: Create an I-frame-only manifest for each output that contains video, as well as the other manifests (according to the Output Selection field). The I-frame manifest contains a #EXT-X-I-FRAMES-ONLY tag to indicate it is I-frame only, and one or more #EXT-X-BYTERANGE entries identifying the I-frame position. For example, #EXT-X-BYTERANGE:160364@1461888\".", - "title": "IFrameOnlyPlaylists", - "type": "string" + "S3BackupConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for backup in Amazon S3.", + "title": "S3BackupConfiguration" }, - "IncompleteSegmentBehavior": { - "markdownDescription": "Specifies whether to include the final (incomplete) segment in the media output when the pipeline stops producing output because of a channel stop, a channel pause or a loss of input to the pipeline.\nAuto means that MediaLive decides whether to include the final segment, depending on the channel class and the types of output groups.\nSuppress means to never include the incomplete segment. We recommend you choose Auto and let MediaLive control the behavior.", - "title": "IncompleteSegmentBehavior", + "S3BackupMode": { + "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", + "title": "S3BackupMode", "type": "string" }, - "IndexNSegments": { - "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the maximum number of segments in the media manifest file. After this maximum, older segments are removed from the media manifest. This number must be less than or equal to the Keep Segments field.", - "title": "IndexNSegments", - "type": "number" - }, - "InputLossAction": { - "markdownDescription": "A parameter that controls output group behavior on an input loss.", - "title": "InputLossAction", - "type": "string" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them.", + "title": "S3Configuration" }, - "IvInManifest": { - "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If set to \"include,\" the IV is listed in the manifest. Otherwise, the IV is not in the manifest.", - "title": "IvInManifest", - "type": "string" + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Amazon Redshift.", + "title": "SecretsManagerConfiguration" }, - "IvSource": { - "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If this setting is \"followsSegmentNumber,\" it causes the IV to change every segment (to match the segment number). If this is set to \"explicit,\" you must enter a constantIv value.", - "title": "IvSource", + "Username": { + "markdownDescription": "The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster.", + "title": "Username", "type": "string" - }, - "KeepSegments": { - "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the number of media segments (.ts files) to retain in the destination directory.", - "title": "KeepSegments", + } + }, + "required": [ + "ClusterJDBCURL", + "CopyCommand", + "RoleARN", + "S3Configuration" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value.", + "title": "DurationInSeconds", "type": "number" - }, - "KeyFormat": { - "markdownDescription": "Specifies how the key is represented in the resource identified by the URI. If the parameter is absent, an implicit value of \"identity\" is used. A reverse DNS string can also be specified.", - "title": "KeyFormat", - "type": "string" - }, - "KeyFormatVersions": { - "markdownDescription": "Either a single positive integer version value or a slash-delimited list of version values (1/2/3).", - "title": "KeyFormatVersions", + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.RetryOptions": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt.", + "title": "DurationInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration": { + "additionalProperties": false, + "properties": { + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to.", + "title": "BucketARN", "type": "string" }, - "KeyProviderSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.KeyProviderSettings", - "markdownDescription": "The key provider settings.", - "title": "KeyProviderSettings" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket.", + "title": "BufferingHints" }, - "ManifestCompression": { - "markdownDescription": "When set to gzip, compresses HLS playlist.", - "title": "ManifestCompression", - "type": "string" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" }, - "ManifestDurationFormat": { - "markdownDescription": "Indicates whether the output manifest should use a floating point or integer values for segment duration.", - "title": "ManifestDurationFormat", + "CompressionFormat": { + "markdownDescription": "The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "CompressionFormat", "type": "string" }, - "MinSegmentLength": { - "markdownDescription": "When set, minimumSegmentLength is enforced by looking ahead and back within the specified range for a nearby avail and extending the segment size if needed.", - "title": "MinSegmentLength", - "type": "number" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", + "markdownDescription": "Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket.", + "title": "EncryptionConfiguration" }, - "Mode": { - "markdownDescription": "If \"vod,\" all segments are indexed and kept permanently in the destination and manifest. If \"live,\" only the number segments specified in keepSegments and indexNSegments are kept. Newer segments replace older segments, which might prevent players from rewinding all the way to the beginning of the channel. VOD mode uses HLS EXT-X-PLAYLIST-TYPE of EVENT while the channel is running, converting it to a \"VOD\" type manifest on completion of the stream.", - "title": "Mode", + "ErrorOutputPrefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", + "title": "ErrorOutputPrefix", "type": "string" }, - "OutputSelection": { - "markdownDescription": "MANIFESTSANDSEGMENTS: Generates manifests (the master manifest, if applicable, and media manifests) for this output group. SEGMENTSONLY: Doesn't generate any manifests for this output group.", - "title": "OutputSelection", + "Prefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered.", + "title": "Prefix", "type": "string" }, - "ProgramDateTime": { - "markdownDescription": "Includes or excludes the EXT-X-PROGRAM-DATE-TIME tag in .m3u8 manifest files. The value is calculated as follows: Either the program date and time are initialized using the input timecode source, or the time is initialized using the input timecode source and the date is initialized using the timestampOffset.", - "title": "ProgramDateTime", + "RoleARN": { + "markdownDescription": "The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "RoleARN", "type": "string" - }, - "ProgramDateTimeClock": { - "markdownDescription": "Specifies the algorithm used to drive the HLS EXT-X-PROGRAM-DATE-TIME clock. Options include: INITIALIZE_FROM_OUTPUT_TIMECODE: The PDT clock is initialized as a function of the first output timecode, then incremented by the EXTINF duration of each encoded segment. SYSTEM_CLOCK: The PDT clock is initialized as a function of the UTC wall clock, then incremented by the EXTINF duration of each encoded segment. If the PDT clock diverges from the wall clock by more than 500ms, it is resynchronized to the wall clock.", - "title": "ProgramDateTimeClock", + } + }, + "required": [ + "BucketARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.", + "title": "CatalogId", "type": "string" }, - "ProgramDateTimePeriod": { - "markdownDescription": "The period of insertion of the EXT-X-PROGRAM-DATE-TIME entry, in seconds.", - "title": "ProgramDateTimePeriod", - "type": "number" - }, - "RedundantManifest": { - "markdownDescription": "ENABLED: The master manifest (.m3u8 file) for each pipeline includes information about both pipelines: first its own media files, then the media files of the other pipeline. This feature allows a playout device that supports stale manifest detection to switch from one manifest to the other, when the current manifest seems to be stale. There are still two destinations and two master manifests, but both master manifests reference the media files from both pipelines. DISABLED: The master manifest (.m3u8 file) for each pipeline includes information about its own pipeline only. For an HLS output group with MediaPackage as the destination, the DISABLED behavior is always followed. MediaPackage regenerates the manifests it serves to players, so a redundant manifest from MediaLive is irrelevant.", - "title": "RedundantManifest", + "DatabaseName": { + "markdownDescription": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified.", + "title": "DatabaseName", "type": "string" }, - "SegmentLength": { - "markdownDescription": "The length of the MPEG-2 Transport Stream segments to create, in seconds. Note that segments will end on the next keyframe after this number of seconds, so the actual segment length might be longer.", - "title": "SegmentLength", - "type": "number" - }, - "SegmentationMode": { - "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", - "title": "SegmentationMode", + "Region": { + "markdownDescription": "If you don't specify an AWS Region, the default is the current Region.", + "title": "Region", "type": "string" }, - "SegmentsPerSubdirectory": { - "markdownDescription": "The number of segments to write to a subdirectory before starting a new one. For this setting to have an effect, directoryStructure must be subdirectoryPerStream.", - "title": "SegmentsPerSubdirectory", - "type": "number" - }, - "StreamInfResolution": { - "markdownDescription": "The include or exclude RESOLUTION attribute for a video in the EXT-X-STREAM-INF tag of a variant manifest.", - "title": "StreamInfResolution", + "RoleARN": { + "markdownDescription": "The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified.", + "title": "RoleARN", "type": "string" }, - "TimedMetadataId3Frame": { - "markdownDescription": "Indicates the ID3 frame that has the timecode.", - "title": "TimedMetadataId3Frame", + "TableName": { + "markdownDescription": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", + "title": "TableName", "type": "string" }, - "TimedMetadataId3Period": { - "markdownDescription": "The timed metadata interval, in seconds.", - "title": "TimedMetadataId3Period", - "type": "number" - }, - "TimestampDeltaMilliseconds": { - "markdownDescription": "Provides an extra millisecond delta offset to fine tune the timestamps.", - "title": "TimestampDeltaMilliseconds", - "type": "number" - }, - "TsFileMode": { - "markdownDescription": "SEGMENTEDFILES: Emits the program as segments -multiple .ts media files. SINGLEFILE: Applies only if the Mode field is VOD. Emits the program as a single .ts media file. The media manifest includes #EXT-X-BYTERANGE tags to index segments for playback. A typical use for this value is when sending the output to AWS Elemental MediaConvert, which can accept only a single media file. Playback while the channel is running is not guaranteed due to HTTP server caching.", - "title": "TsFileMode", + "VersionId": { + "markdownDescription": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up.", + "title": "VersionId", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsInputSettings": { + "AWS::KinesisFirehose::DeliveryStream.SchemaEvolutionConfiguration": { "additionalProperties": false, "properties": { - "Bandwidth": { - "markdownDescription": "When specified, the HLS stream with the m3u8 bandwidth that most closely matches this value is chosen. Otherwise, the highest bandwidth stream in the m3u8 is chosen. The bitrate is specified in bits per second, as in an HLS manifest.", - "title": "Bandwidth", - "type": "number" - }, - "BufferSegments": { - "markdownDescription": "When specified, reading of the HLS input begins this many buffer segments from the end (most recently written segment). When not specified, the HLS input begins with the first segment specified in the m3u8.", - "title": "BufferSegments", - "type": "number" - }, - "Retries": { - "markdownDescription": "The number of consecutive times that attempts to read a manifest or segment must fail before the input is considered unavailable.", - "title": "Retries", - "type": "number" - }, - "RetryInterval": { - "markdownDescription": "The number of seconds between retries when an attempt to read a manifest or segment fails.", - "title": "RetryInterval", - "type": "number" - }, - "Scte35Source": { - "markdownDescription": "Identifies the source for the SCTE-35 messages that MediaLive will ingest. Messages can be ingested from the content segments (in the stream) or from tags in the playlist (the HLS manifest). MediaLive ignores SCTE-35 information in the source that is not selected.", - "title": "Scte35Source", - "type": "string" + "Enabled": { + "markdownDescription": "Specify whether you want to enable schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsMediaStoreSettings": { + "AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" + "Enabled": { + "markdownDescription": "Specifies whether you want to use the secrets manager feature. When set as `True` the secrets manager configuration overwrites the existing secrets in the destination configuration. When it's set to `False` Firehose falls back to the credentials in the destination configuration.", + "title": "Enabled", + "type": "boolean" }, - "MediaStoreStorageClass": { - "markdownDescription": "When set to temporal, output files are stored in non-persistent memory for faster reading and writing.", - "title": "MediaStoreStorageClass", + "RoleARN": { + "markdownDescription": "Specifies the role that Firehose assumes when calling the Secrets Manager API operation. When you provide the role, it overrides any destination specific role defined in the destination configuration. If you do not provide the then we use the destination specific role. This parameter is required for Splunk.", + "title": "RoleARN", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" - }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "SecretARN": { + "markdownDescription": "The ARN of the secret that stores your credentials. It must be in the same region as the Firehose stream and the role. The secret ARN can reside in a different account than the Firehose stream and role as Firehose supports cross-account secret access. This parameter is required when *Enabled* is set to `True` .", + "title": "SecretARN", + "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.Serializer": { "additionalProperties": false, "properties": { - "H265PackagingType": { - "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", - "title": "H265PackagingType", - "type": "string" - }, - "HlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsSettings", - "markdownDescription": "The settings regarding the underlying stream. These settings are different for audio-only outputs.", - "title": "HlsSettings" - }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. Accepts \\\"Format Identifiers\\\":#formatIdentifierParameters.", - "title": "NameModifier", - "type": "string" + "OrcSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OrcSerDe", + "markdownDescription": "A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) .", + "title": "OrcSerDe" }, - "SegmentModifier": { - "markdownDescription": "A string that is concatenated to the end of segment file names.", - "title": "SegmentModifier", - "type": "string" + "ParquetSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ParquetSerDe", + "markdownDescription": "A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/docs/contribution-guidelines/) .", + "title": "ParquetSerDe" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsS3Settings": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeBufferingHints": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", - "type": "string" + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 0.", + "title": "IntervalInSeconds", + "type": "number" + }, + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 128.", + "title": "SizeInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsSettings": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration": { "additionalProperties": false, "properties": { - "AudioOnlyHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioOnlyHlsSettings", - "markdownDescription": "The settings for an audio-only output.", - "title": "AudioOnlyHlsSettings" + "AccountUrl": { + "markdownDescription": "URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional.", + "title": "AccountUrl", + "type": "string" }, - "Fmp4HlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Fmp4HlsSettings", - "markdownDescription": "The settings for an fMP4 container.", - "title": "Fmp4HlsSettings" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeBufferingHints", + "markdownDescription": "Describes the buffering to perform before delivering data to the Snowflake destination. If you do not specify any value, Firehose uses the default values.", + "title": "BufferingHints" }, - "FrameCaptureHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureHlsSettings", - "markdownDescription": "Settings for a frame capture output in an HLS output group.", - "title": "FrameCaptureHlsSettings" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "", + "title": "CloudWatchLoggingOptions" }, - "StandardHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.StandardHlsSettings", - "markdownDescription": "The settings for a standard output (an output that is not audio-only).", - "title": "StandardHlsSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.HlsWebdavSettings": { - "additionalProperties": false, - "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" + "ContentColumnName": { + "markdownDescription": "The name of the record content column.", + "title": "ContentColumnName", + "type": "string" }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" + "DataLoadingOption": { + "markdownDescription": "Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column.", + "title": "DataLoadingOption", + "type": "string" }, - "HttpTransferMode": { - "markdownDescription": "Specifies whether to use chunked transfer encoding to WebDAV.", - "title": "HttpTransferMode", + "Database": { + "markdownDescription": "All data in Snowflake is maintained in databases.", + "title": "Database", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" + "KeyPassphrase": { + "markdownDescription": "Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", + "title": "KeyPassphrase", + "type": "string" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.HtmlMotionGraphicsSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.InputAttachment": { - "additionalProperties": false, - "properties": { - "AutomaticInputFailoverSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AutomaticInputFailoverSettings", - "markdownDescription": "Settings to implement automatic input failover in this input.", - "title": "AutomaticInputFailoverSettings" + "MetaDataColumnName": { + "markdownDescription": "Specify a column name in the table, where the metadata information has to be loaded. When you enable this field, you will see the following column in the snowflake table, which differs based on the source type.\n\nFor Direct PUT as source\n\n`{ \"firehoseDeliveryStreamName\" : \"streamname\", \"IngestionTime\" : \"timestamp\" }`\n\nFor Kinesis Data Stream as source\n\n`\"kinesisStreamName\" : \"streamname\", \"kinesisShardId\" : \"Id\", \"kinesisPartitionKey\" : \"key\", \"kinesisSequenceNumber\" : \"1234\", \"subsequenceNumber\" : \"2334\", \"IngestionTime\" : \"timestamp\" }`", + "title": "MetaDataColumnName", + "type": "string" }, - "InputAttachmentName": { - "markdownDescription": "A name for the attachment. This is required if you want to use this input in an input switch action.", - "title": "InputAttachmentName", + "PrivateKey": { + "markdownDescription": "The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", + "title": "PrivateKey", "type": "string" }, - "InputId": { - "markdownDescription": "The ID of the input to attach.", - "title": "InputId", + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions", + "markdownDescription": "The time period where Firehose will retry sending data to the chosen HTTP endpoint.", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Snowflake role", + "title": "RoleARN", "type": "string" }, - "InputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputSettings", - "markdownDescription": "Information about the content to extract from the input and about the general handling of the content.", - "title": "InputSettings" + "S3BackupMode": { + "markdownDescription": "Choose an S3 backup mode", + "title": "S3BackupMode", + "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "", + "title": "S3Configuration" + }, + "Schema": { + "markdownDescription": "Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views", + "title": "Schema", + "type": "string" + }, + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Snowflake.", + "title": "SecretsManagerConfiguration" + }, + "SnowflakeRoleConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration", + "markdownDescription": "Optionally configure a Snowflake role. Otherwise the default user role will be used.", + "title": "SnowflakeRoleConfiguration" + }, + "SnowflakeVpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration", + "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", + "title": "SnowflakeVpcConfiguration" + }, + "Table": { + "markdownDescription": "All data in Snowflake is stored in database tables, logically structured as collections of columns and rows.", + "title": "Table", + "type": "string" + }, + "User": { + "markdownDescription": "User login name for the Snowflake account.", + "title": "User", + "type": "string" } }, + "required": [ + "AccountUrl", + "Database", + "RoleARN", + "S3Configuration", + "Schema", + "Table" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputChannelLevel": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions": { "additionalProperties": false, "properties": { - "Gain": { - "markdownDescription": "The remixing value. Units are in dB, and acceptable values are within the range from -60 (mute) to 6 dB.", - "title": "Gain", - "type": "number" - }, - "InputChannel": { - "markdownDescription": "The index of the input channel that is used as a source.", - "title": "InputChannel", + "DurationInSeconds": { + "markdownDescription": "the time period where Firehose will retry sending data to the chosen HTTP endpoint.", + "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.InputLocation": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration": { "additionalProperties": false, "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This applies only if the downstream system requires credentials.", - "title": "PasswordParam", - "type": "string" - }, - "Uri": { - "markdownDescription": "The URI should be a path to a file that is accessible to the Live system (for example, an http:// URI) depending on the output type. For example, an RTMP destination should have a URI similar to rtmp://fmsserver/live.", - "title": "Uri", - "type": "string" + "Enabled": { + "markdownDescription": "Enable Snowflake role", + "title": "Enabled", + "type": "boolean" }, - "Username": { - "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", - "title": "Username", + "SnowflakeRole": { + "markdownDescription": "The Snowflake role you wish to configure", + "title": "SnowflakeRole", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.InputLossBehavior": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration": { "additionalProperties": false, "properties": { - "BlackFrameMsec": { - "markdownDescription": "On input loss, the number of milliseconds to substitute black into the output before switching to the frame specified by inputLossImageType. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", - "title": "BlackFrameMsec", - "type": "number" - }, - "InputLossImageColor": { - "markdownDescription": "When the input loss image type is \"color,\" this field specifies the color to use. Value: 6 hex characters that represent the values of RGB.", - "title": "InputLossImageColor", - "type": "string" - }, - "InputLossImageSlate": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "When the input loss image type is \"slate,\" these fields specify the parameters for accessing the slate.", - "title": "InputLossImageSlate" - }, - "InputLossImageType": { - "markdownDescription": "Indicates whether to substitute a solid color or a slate into the output after the input loss exceeds blackFrameMsec.", - "title": "InputLossImageType", + "PrivateLinkVpceId": { + "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", + "title": "PrivateLinkVpceId", "type": "string" - }, - "RepeatFrameMsec": { - "markdownDescription": "On input loss, the number of milliseconds to repeat the previous picture before substituting black into the output. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", - "title": "RepeatFrameMsec", - "type": "number" } }, + "required": [ + "PrivateLinkVpceId" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputLossFailoverSettings": { + "AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints": { "additionalProperties": false, "properties": { - "InputLossThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that no input is detected. After that time, an input failover will occur.", - "title": "InputLossThresholdMsec", + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute).", + "title": "IntervalInSeconds", + "type": "number" + }, + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.", + "title": "SizeInMBs", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.InputSettings": { + "AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration": { "additionalProperties": false, "properties": { - "AudioSelectors": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelector" - }, - "markdownDescription": "Information about the specific audio to extract from the input.\n\nThe parent of this entity is InputSettings.", - "title": "AudioSelectors", - "type": "array" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for Splunk are used.", + "title": "BufferingHints" }, - "CaptionSelectors": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelector" - }, - "markdownDescription": "Information about the specific captions to extract from the input.", - "title": "CaptionSelectors", - "type": "array" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" }, - "DeblockFilter": { - "markdownDescription": "Enables or disables the deblock filter when filtering.", - "title": "DeblockFilter", - "type": "string" + "HECAcknowledgmentTimeoutInSeconds": { + "markdownDescription": "The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings.", + "title": "HECAcknowledgmentTimeoutInSeconds", + "type": "number" }, - "DenoiseFilter": { - "markdownDescription": "Enables or disables the denoise filter when filtering.", - "title": "DenoiseFilter", + "HECEndpoint": { + "markdownDescription": "The HTTP Event Collector (HEC) endpoint to which Firehose sends your data.", + "title": "HECEndpoint", "type": "string" }, - "FilterStrength": { - "markdownDescription": "Adjusts the magnitude of filtering from 1 (minimal) to 5 (strongest).", - "title": "FilterStrength", - "type": "number" + "HECEndpointType": { + "markdownDescription": "This type can be either `Raw` or `Event` .", + "title": "HECEndpointType", + "type": "string" }, - "InputFilter": { - "markdownDescription": "Turns on the filter for this input. MPEG-2 inputs have the deblocking filter enabled by default. 1) auto - filtering is applied depending on input type/quality 2) disabled - no filtering is applied to the input 3) forced - filtering is applied regardless of the input type.", - "title": "InputFilter", + "HECToken": { + "markdownDescription": "This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.", + "title": "HECToken", "type": "string" }, - "NetworkInputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NetworkInputSettings", - "markdownDescription": "Information about how to connect to the upstream system.", - "title": "NetworkInputSettings" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration.", + "title": "ProcessingConfiguration" }, - "Scte35Pid": { - "markdownDescription": "", - "title": "Scte35Pid", - "type": "number" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk.", + "title": "RetryOptions" }, - "Smpte2038DataPreference": { - "markdownDescription": "Specifies whether to extract applicable ancillary data from a SMPTE-2038 source in this input. Applicable data types are captions, timecode, AFD, and SCTE-104 messages.\n- PREFER: Extract from SMPTE-2038 if present in this input, otherwise extract from another source (if any).\n- IGNORE: Never extract any ancillary data from SMPTE-2038.", - "title": "Smpte2038DataPreference", + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` .\n\nYou can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` .", + "title": "S3BackupMode", "type": "string" }, - "SourceEndBehavior": { - "markdownDescription": "The loop input if it is a file.", - "title": "SourceEndBehavior", - "type": "string" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for the backup Amazon S3 location.", + "title": "S3Configuration" }, - "VideoSelector": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelector", - "markdownDescription": "Information about one video to extract from the input.", - "title": "VideoSelector" + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Splunk.", + "title": "SecretsManagerConfiguration" } }, + "required": [ + "HECEndpoint", + "HECEndpointType", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputSpecification": { + "AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions": { "additionalProperties": false, "properties": { - "Codec": { - "markdownDescription": "The codec to include in the input specification for this channel.", - "title": "Codec", - "type": "string" - }, - "MaximumBitrate": { - "markdownDescription": "The maximum input bitrate for any input attached to this channel.", - "title": "MaximumBitrate", - "type": "string" - }, - "Resolution": { - "markdownDescription": "The resolution for any input attached to this channel.", - "title": "Resolution", - "type": "string" + "DurationInSeconds": { + "markdownDescription": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt.", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.KeyProviderSettings": { + "AWS::KinesisFirehose::DeliveryStream.TableCreationConfiguration": { "additionalProperties": false, "properties": { - "StaticKeySettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.StaticKeySettings", - "markdownDescription": "The configuration of static key settings.", - "title": "StaticKeySettings" + "Enabled": { + "markdownDescription": "Specify whether you want to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.M2tsSettings": { + "AWS::KinesisFirehose::DeliveryStream.VpcConfiguration": { "additionalProperties": false, "properties": { - "AbsentInputAudioBehavior": { - "markdownDescription": "When set to drop, the output audio streams are removed from the program if the selected input audio stream is removed from the input. This allows the output audio configuration to dynamically change based on the input configuration. If this is set to encodeSilence, all output audio streams will output encoded silence when not connected to an active input stream.", - "title": "AbsentInputAudioBehavior", - "type": "string" - }, - "Arib": { - "markdownDescription": "When set to enabled, uses ARIB-compliant field muxing and removes video descriptor.", - "title": "Arib", - "type": "string" - }, - "AribCaptionsPid": { - "markdownDescription": "The PID for ARIB Captions in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "AribCaptionsPid", - "type": "string" - }, - "AribCaptionsPidControl": { - "markdownDescription": "If set to auto, The PID number used for ARIB Captions will be auto-selected from unused PIDs. If set to useConfigured, ARIB captions will be on the configured PID number.", - "title": "AribCaptionsPidControl", - "type": "string" - }, - "AudioBufferModel": { - "markdownDescription": "When set to dvb, uses the DVB buffer model for Dolby Digital audio. When set to atsc, the ATSC model is used.", - "title": "AudioBufferModel", - "type": "string" - }, - "AudioFramesPerPes": { - "markdownDescription": "The number of audio frames to insert for each PES packet.", - "title": "AudioFramesPerPes", - "type": "number" - }, - "AudioPids": { - "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "AudioPids", - "type": "string" - }, - "AudioStreamType": { - "markdownDescription": "When set to atsc, uses stream type = 0x81 for AC3 and stream type = 0x87 for EAC3. When set to dvb, uses stream type = 0x06.", - "title": "AudioStreamType", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "The output bitrate of the transport stream in bits per second. Setting to 0 lets the muxer automatically determine the appropriate bitrate.", - "title": "Bitrate", - "type": "number" - }, - "BufferModel": { - "markdownDescription": "If set to multiplex, uses the multiplex buffer model for accurate interleaving. Setting to bufferModel to none can lead to lower latency, but low-memory devices might not be able to play back the stream without interruptions.", - "title": "BufferModel", - "type": "string" - }, - "CcDescriptor": { - "markdownDescription": "When set to enabled, generates captionServiceDescriptor in PMT.", - "title": "CcDescriptor", - "type": "string" - }, - "DvbNitSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbNitSettings", - "markdownDescription": "Inserts a DVB Network Information Table (NIT) at the specified table repetition interval.", - "title": "DvbNitSettings" - }, - "DvbSdtSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSdtSettings", - "markdownDescription": "Inserts a DVB Service Description Table (SDT) at the specified table repetition interval.", - "title": "DvbSdtSettings" - }, - "DvbSubPids": { - "markdownDescription": "The PID for the input source DVB Subtitle data to this output. Multiple values are accepted, and can be entered in ranges and/or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "DvbSubPids", - "type": "string" - }, - "DvbTdtSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbTdtSettings", - "markdownDescription": "Inserts DVB Time and Date Table (TDT) at the specified table repetition interval.", - "title": "DvbTdtSettings" - }, - "DvbTeletextPid": { - "markdownDescription": "The PID for the input source DVB Teletext data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "DvbTeletextPid", - "type": "string" - }, - "Ebif": { - "markdownDescription": "If set to passthrough, passes any EBIF data from the input source to this output.", - "title": "Ebif", - "type": "string" - }, - "EbpAudioInterval": { - "markdownDescription": "When videoAndFixedIntervals is selected, audio EBP markers are added to partitions 3 and 4. The interval between these additional markers is fixed, and is slightly shorter than the video EBP marker interval. This is only available when EBP Cablelabs segmentation markers are selected. Partitions 1 and 2 always follow the video interval.", - "title": "EbpAudioInterval", - "type": "string" - }, - "EbpLookaheadMs": { - "markdownDescription": "When set, enforces that Encoder Boundary Points do not come within the specified time interval of each other by looking ahead at input video. If another EBP is going to come in within the specified time interval, the current EBP is not emitted, and the segment is \"stretched\" to the next marker. The lookahead value does not add latency to the system. The channel must be configured elsewhere to create sufficient latency to make the lookahead accurate.", - "title": "EbpLookaheadMs", - "type": "number" - }, - "EbpPlacement": { - "markdownDescription": "Controls placement of EBP on audio PIDs. If set to videoAndAudioPids, EBP markers are placed on the video PID and all audio PIDs. If set to videoPid, EBP markers are placed on only the video PID.", - "title": "EbpPlacement", - "type": "string" - }, - "EcmPid": { - "markdownDescription": "This field is unused and deprecated.", - "title": "EcmPid", - "type": "string" - }, - "EsRateInPes": { - "markdownDescription": "Includes or excludes the ES Rate field in the PES header.", - "title": "EsRateInPes", - "type": "string" - }, - "EtvPlatformPid": { - "markdownDescription": "The PID for the input source ETV Platform data to this output. You can enter it as a decimal or hexadecimal value. Valid values are 32 (or 0x20) to 8182 (or 0x1ff6).", - "title": "EtvPlatformPid", - "type": "string" - }, - "EtvSignalPid": { - "markdownDescription": "The PID for input source ETV Signal data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "EtvSignalPid", - "type": "string" - }, - "FragmentTime": { - "markdownDescription": "The length in seconds of each fragment. This is used only with EBP markers.", - "title": "FragmentTime", - "type": "number" - }, - "Klv": { - "markdownDescription": "If set to passthrough, passes any KLV data from the input source to this output.", - "title": "Klv", - "type": "string" - }, - "KlvDataPids": { - "markdownDescription": "The PID for the input source KLV data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "KlvDataPids", - "type": "string" - }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", - "type": "string" - }, - "NullPacketBitrate": { - "markdownDescription": "The value, in bits per second, of extra null packets to insert into the transport stream. This can be used if a downstream encryption system requires periodic null packets.", - "title": "NullPacketBitrate", - "type": "number" - }, - "PatInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", - "title": "PatInterval", - "type": "number" - }, - "PcrControl": { - "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", - "title": "PcrControl", - "type": "string" - }, - "PcrPeriod": { - "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", - "title": "PcrPeriod", - "type": "number" - }, - "PcrPid": { - "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "PcrPid", - "type": "string" - }, - "PmtInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", - "title": "PmtInterval", - "type": "number" - }, - "PmtPid": { - "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "PmtPid", - "type": "string" - }, - "ProgramNum": { - "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", - "title": "ProgramNum", - "type": "number" - }, - "RateMode": { - "markdownDescription": "When VBR, does not insert null packets into the transport stream to fill the specified bitrate. The bitrate setting acts as the maximum bitrate when VBR is set.", - "title": "RateMode", - "type": "string" - }, - "Scte27Pids": { - "markdownDescription": "The PID for the input source SCTE-27 data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "Scte27Pids", + "RoleARN": { + "markdownDescription": "The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:\n\n- `ec2:DescribeVpcs`\n- `ec2:DescribeVpcAttribute`\n- `ec2:DescribeSubnets`\n- `ec2:DescribeSecurityGroups`\n- `ec2:DescribeNetworkInterfaces`\n- `ec2:CreateNetworkInterface`\n- `ec2:CreateNetworkInterfacePermission`\n- `ec2:DeleteNetworkInterface`\n\nIf you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.", + "title": "RoleARN", "type": "string" }, - "Scte35Control": { - "markdownDescription": "Optionally passes SCTE-35 signals from the input source to this output.", - "title": "Scte35Control", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic.", + "title": "SecurityGroupIds", + "type": "array" }, - "Scte35Pid": { - "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "Scte35Pid", + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.\n\nThe number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "RoleARN", + "SecurityGroupIds", + "SubnetIds" + ], + "type": "object" + }, + "AWS::KinesisVideo::SignalingChannel": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Scte35PrerollPullupMilliseconds": { - "markdownDescription": "", - "title": "Scte35PrerollPullupMilliseconds", - "type": "number" - }, - "SegmentationMarkers": { - "markdownDescription": "Inserts segmentation markers at each segmentationTime period. raiSegstart sets the Random Access Indicator bit in the adaptation field. raiAdapt sets the RAI bit and adds the current timecode in the private data bytes. psiSegstart inserts PAT and PMT tables at the start of segments. ebp adds Encoder Boundary Point information to the adaptation field as per OpenCable specification OC-SP-EBP-I01-130118. ebpLegacy adds Encoder Boundary Point information to the adaptation field using a legacy proprietary format.", - "title": "SegmentationMarkers", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SegmentationStyle": { - "markdownDescription": "The segmentation style parameter controls how segmentation markers are inserted into the transport stream. With avails, it is possible that segments might be truncated, which can influence where future segmentation markers are inserted. When a segmentation style of resetCadence is selected and a segment is truncated due to an avail, we will reset the segmentation cadence. This means the subsequent segment will have a duration of $segmentationTime seconds. When a segmentation style of maintainCadence is selected and a segment is truncated due to an avail, we will not reset the segmentation cadence. This means the subsequent segment will likely be truncated as well. However, all segments after that will have a duration of $segmentationTime seconds. Note that EBP lookahead is a slight exception to this rule.", - "title": "SegmentationStyle", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SegmentationTime": { - "markdownDescription": "The length, in seconds, of each segment. This is required unless markers is set to None_.", - "title": "SegmentationTime", - "type": "number" + "Metadata": { + "type": "object" }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "MessageTtlSeconds": { + "markdownDescription": "The period of time (in seconds) a signaling channel retains undelivered messages before they are discarded. Use `API_UpdateSignalingChannel` to update this value.", + "title": "MessageTtlSeconds", + "type": "number" + }, + "Name": { + "markdownDescription": "A name for the signaling channel that you are creating. It must be unique for each AWS account and AWS Region .", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "A type of the signaling channel that you are creating. Currently, `SINGLE_MASTER` is the only supported channel type.", + "title": "Type", + "type": "string" + } + }, + "type": "object" }, - "TimedMetadataPid": { - "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "TimedMetadataPid", + "Type": { + "enum": [ + "AWS::KinesisVideo::SignalingChannel" + ], "type": "string" }, - "TransportStreamId": { - "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", - "title": "TransportStreamId", - "type": "number" - }, - "VideoPid": { - "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "VideoPid", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.M3u8Settings": { + "AWS::KinesisVideo::Stream": { "additionalProperties": false, "properties": { - "AudioFramesPerPes": { - "markdownDescription": "The number of audio frames to insert for each PES packet.", - "title": "AudioFramesPerPes", - "type": "number" - }, - "AudioPids": { - "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value.", - "title": "AudioPids", - "type": "string" - }, - "EcmPid": { - "markdownDescription": "This parameter is unused and deprecated.", - "title": "EcmPid", - "type": "string" - }, - "KlvBehavior": { - "markdownDescription": "", - "title": "KlvBehavior", - "type": "string" - }, - "KlvDataPids": { - "markdownDescription": "", - "title": "KlvDataPids", - "type": "string" - }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", - "type": "string" - }, - "PatInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", - "title": "PatInterval", - "type": "number" - }, - "PcrControl": { - "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", - "title": "PcrControl", - "type": "string" - }, - "PcrPeriod": { - "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", - "title": "PcrPeriod", - "type": "number" - }, - "PcrPid": { - "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value.", - "title": "PcrPid", + "Condition": { "type": "string" }, - "PmtInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", - "title": "PmtInterval", - "type": "number" - }, - "PmtPid": { - "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "PmtPid", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProgramNum": { - "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", - "title": "ProgramNum", - "type": "number" - }, - "Scte35Behavior": { - "markdownDescription": "If set to passthrough, passes any SCTE-35 signals from the input source to this output.", - "title": "Scte35Behavior", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Scte35Pid": { - "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "Scte35Pid", - "type": "string" + "Metadata": { + "type": "object" }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DataRetentionInHours": { + "markdownDescription": "How long the stream retains data, in hours.", + "title": "DataRetentionInHours", + "type": "number" + }, + "DeviceName": { + "markdownDescription": "The name of the device that is associated with the stream.", + "title": "DeviceName", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key that Kinesis Video Streams uses to encrypt data on the stream.", + "title": "KmsKeyId", + "type": "string" + }, + "MediaType": { + "markdownDescription": "The `MediaType` of the stream.", + "title": "MediaType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the stream.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "TimedMetadataPid": { - "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "TimedMetadataPid", + "Type": { + "enum": [ + "AWS::KinesisVideo::Stream" + ], "type": "string" }, - "TransportStreamId": { - "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", - "title": "TransportStreamId", - "type": "number" - }, - "VideoPid": { - "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "VideoPid", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.MaintenanceCreateSettings": { + "AWS::LakeFormation::DataCellsFilter": { "additionalProperties": false, "properties": { - "MaintenanceDay": { - "markdownDescription": "Choose one day of the week for maintenance. The chosen day is used for all future maintenance windows.", - "title": "MaintenanceDay", + "Condition": { "type": "string" }, - "MaintenanceStartTime": { - "markdownDescription": "Choose the hour that maintenance will start. The chosen time is used for all future maintenance windows.", - "title": "MaintenanceStartTime", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.MaintenanceUpdateSettings": { - "additionalProperties": false, - "properties": { - "MaintenanceDay": { + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MaintenanceScheduledDate": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of UTF-8 strings. A list of column names.", + "title": "ColumnNames", + "type": "array" + }, + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.ColumnWildcard", + "markdownDescription": "A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .", + "title": "ColumnWildcard" + }, + "DatabaseName": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA database in the Data Catalog .", + "title": "DatabaseName", + "type": "string" + }, + "Name": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe name given by the user to the data filter cell.", + "title": "Name", + "type": "string" + }, + "RowFilter": { + "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.RowFilter", + "markdownDescription": "A PartiQL predicate.", + "title": "RowFilter" + }, + "TableCatalogId": { + "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe ID of the catalog to which the table belongs.", + "title": "TableCatalogId", + "type": "string" + }, + "TableName": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA table in the database.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "Name", + "TableCatalogId", + "TableName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::LakeFormation::DataCellsFilter" + ], "type": "string" }, - "MaintenanceStartTime": { + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageGroupSettings": { + "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The MediaPackage channel destination.", - "title": "Destination" + "ExcludedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings": { + "AWS::LakeFormation::DataCellsFilter.RowFilter": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The ID of the channel in MediaPackage that is the destination for this output group. You don't need to specify the individual inputs in MediaPackage; MediaLive handles the connection of the two MediaLive pipelines to the two MediaPackage inputs. The MediaPackage channel and MediaLive channel must be in the same Region.", - "title": "ChannelId", + "AllRowsWildcard": { + "markdownDescription": "A wildcard for all rows.", + "title": "AllRowsWildcard", + "type": "object" + }, + "FilterExpression": { + "markdownDescription": "A filter expression.", + "title": "FilterExpression", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageOutputSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.MotionGraphicsConfiguration": { + "AWS::LakeFormation::DataLakeSettings": { "additionalProperties": false, "properties": { - "MotionGraphicsInsertion": { - "markdownDescription": "Enables or disables the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsInsertion", + "Condition": { "type": "string" }, - "MotionGraphicsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsSettings", - "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.MotionGraphicsSettings": { - "additionalProperties": false, - "properties": { - "HtmlMotionGraphicsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HtmlMotionGraphicsSettings", - "markdownDescription": "Settings to configure the motion graphics overlay to use an HTML asset.", - "title": "HtmlMotionGraphicsSettings" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Admins": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.Admins", + "markdownDescription": "A list of AWS Lake Formation principals.", + "title": "Admins" + }, + "AllowExternalDataFiltering": { + "markdownDescription": "Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation .\n\nIf set to true, you allow Amazon EMR clusters or other third-party engines to access data in Amazon S3 locations that are registered with Lake Formation .\n\nIf false or null, no third-party query engines will be able to access data in Amazon S3 locations that are registered with Lake Formation.\n\nFor more information, see [External data filtering setting](https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter) .", + "title": "AllowExternalDataFiltering", + "type": "boolean" + }, + "AllowFullTableExternalDataAccess": { + "markdownDescription": "Specifies whether query engines and applications can get credentials without IAM session tags if the user has full table access. It provides query engines and applications performance benefits as well as simplifies data access. Amazon EMR on Amazon EC2 is able to leverage this setting.\n\nFor more information, see [](https://docs.aws.amazon.com/lake-formation/latest/dg/using-cred-vending.html)", + "title": "AllowFullTableExternalDataAccess", + "type": "boolean" + }, + "AuthorizedSessionTagValueList": { + "items": { + "type": "string" + }, + "markdownDescription": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = \"LakeFormationTrustedCaller\" and value = \"TRUE\" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation 's administrative API operations.", + "title": "AuthorizedSessionTagValueList", + "type": "array" + }, + "CreateDatabaseDefaultPermissions": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions", + "markdownDescription": "Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicates that the user's IAM permissions determine the access to the database. This is referred to as the setting \"Use only IAM access control,\" and is to support backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", + "title": "CreateDatabaseDefaultPermissions" + }, + "CreateTableDefaultPermissions": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions", + "markdownDescription": "Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicate that the user's IAM permissions determine the access to the table. This is referred to as the setting \"Use only IAM access control,\" and is to support the backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` permissions to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", + "title": "CreateTableDefaultPermissions" + }, + "ExternalDataFilteringAllowList": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList", + "markdownDescription": "A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering.", + "title": "ExternalDataFilteringAllowList" + }, + "MutationType": { + "markdownDescription": "Specifies whether the data lake settings are updated by adding new values to the current settings ( `APPEND` ) or by replacing the current settings with new settings ( `REPLACE` ).\n\n> If you choose `REPLACE` , your current data lake settings will be replaced with the new values in your template.", + "title": "MutationType", + "type": "string" + }, + "Parameters": { + "markdownDescription": "A key-value map that provides an additional configuration on your data lake. `CrossAccountVersion` is the key you can configure in the `Parameters` field. Accepted values for the `CrossAccountVersion` key are 1, 2, 3, and 4.", + "title": "Parameters", + "type": "object" + }, + "TrustedResourceOwners": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of UTF-8 strings.\n\nA list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.", + "title": "TrustedResourceOwners", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::LakeFormation::DataLakeSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.Mp2Settings": { + "AWS::LakeFormation::DataLakeSettings.Admins": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.DataLakePrincipal": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second.", - "title": "Bitrate", - "type": "number" - }, - "CodingMode": { - "markdownDescription": "The MPEG2 Audio coding mode. Valid values are codingMode10 (for mono) or codingMode20 (for stereo).", - "title": "CodingMode", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" - }, - "SampleRate": { - "markdownDescription": "The sample rate in Hz.", - "title": "SampleRate", - "type": "number" } }, + "required": [ + "DataLakePrincipalIdentifier" + ], "type": "object" }, - "AWS::MediaLive::Channel.Mpeg2FilterSettings": { + "AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.PrincipalPermissions": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions that are granted to the principal.", + "title": "Permissions", + "type": "array" + }, + "Principal": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.DataLakePrincipal", + "markdownDescription": "The principal who is granted permissions.", + "title": "Principal" } }, + "required": [ + "Permissions", + "Principal" + ], "type": "object" }, - "AWS::MediaLive::Channel.Mpeg2Settings": { + "AWS::LakeFormation::Permissions": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "Choose Off to disable adaptive quantization. Or choose another value to enable the quantizer and set its strength. The strengths are: Auto, Off, Low, Medium, High. When you enable this field, MediaLive allows intra-frame quantizers to vary, which might improve visual quality.", - "title": "AdaptiveQuantization", - "type": "string" - }, - "AfdSignaling": { - "markdownDescription": "Indicates the AFD values that MediaLive will write into the video encode. If you do not know what AFD signaling is, or if your downstream system has not given you guidance, choose AUTO.\nAUTO: MediaLive will try to preserve the input AFD value (in cases where multiple AFD values are valid).\nFIXED: MediaLive will use the value you specify in fixedAFD.", - "title": "AfdSignaling", - "type": "string" - }, - "ColorMetadata": { - "markdownDescription": "Specifies whether to include the color space metadata. The metadata describes the color space that applies to the video (the colorSpace field). We recommend that you insert the metadata.", - "title": "ColorMetadata", - "type": "string" - }, - "ColorSpace": { - "markdownDescription": "Choose the type of color space conversion to apply to the output. For detailed information on setting up both the input and the output to obtain the desired color space in the output, see the section on \\\"MediaLive Features - Video - color space\\\" in the MediaLive User Guide.\nPASSTHROUGH: Keep the color space of the input content - do not convert it.\nAUTO:Convert all content that is SD to rec 601, and convert all content that is HD to rec 709.", - "title": "ColorSpace", - "type": "string" - }, - "DisplayAspectRatio": { - "markdownDescription": "Sets the pixel aspect ratio for the encode.", - "title": "DisplayAspectRatio", + "Condition": { "type": "string" }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2FilterSettings", - "markdownDescription": "Optionally specify a noise reduction filter, which can improve quality of compressed content. If you do not choose a filter, no filter will be applied.\nTEMPORAL: This filter is useful for both source content that is noisy (when it has excessive digital artifacts) and source content that is clean.\nWhen the content is noisy, the filter cleans up the source content before the encoding phase, with these two effects: First, it improves the output video quality because the content has been cleaned up. Secondly, it decreases the bandwidth because MediaLive does not waste bits on encoding noise.\nWhen the content is reasonably clean, the filter tends to decrease the bitrate.", - "title": "FilterSettings" - }, - "FixedAfd": { - "markdownDescription": "Complete this field only when afdSignaling is set to FIXED. Enter the AFD value (4 bits) to write on all frames of the video encode.", - "title": "FixedAfd", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FramerateDenominator": { - "markdownDescription": "description\": \"The framerate denominator. For example, 1001. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "The framerate numerator. For example, 24000. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", - "title": "FramerateNumerator", - "type": "number" - }, - "GopClosedCadence": { - "markdownDescription": "MPEG2: default is open GOP.", - "title": "GopClosedCadence", - "type": "number" - }, - "GopNumBFrames": { - "markdownDescription": "Relates to the GOP structure. The number of B-frames between reference frames. If you do not know what a B-frame is, use the default.", - "title": "GopNumBFrames", - "type": "number" - }, - "GopSize": { - "markdownDescription": "Relates to the GOP structure. The GOP size (keyframe interval) in the units specified in gopSizeUnits. If you do not know what GOP is, use the default.\nIf gopSizeUnits is frames, then the gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, the gopSize must be greater than 0, but does not need to be an integer.", - "title": "GopSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "GopSizeUnits": { - "markdownDescription": "Relates to the GOP structure. Specifies whether the gopSize is specified in frames or seconds. If you do not plan to change the default gopSize, leave the default. If you specify SECONDS, MediaLive will internally convert the gop size to a frame count.", - "title": "GopSizeUnits", - "type": "string" + "Metadata": { + "type": "object" }, - "ScanType": { - "markdownDescription": "Set the scan type of the output to PROGRESSIVE or INTERLACED (top field first).", - "title": "ScanType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DataLakePrincipal": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLakePrincipal", + "markdownDescription": "The AWS Lake Formation principal.", + "title": "DataLakePrincipal" + }, + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions granted or revoked.", + "title": "Permissions", + "type": "array" + }, + "PermissionsWithGrantOption": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", + "title": "PermissionsWithGrantOption", + "type": "array" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.Resource", + "markdownDescription": "A structure for the resource.", + "title": "Resource" + } + }, + "required": [ + "DataLakePrincipal", + "Resource" + ], + "type": "object" }, - "SubgopLength": { - "markdownDescription": "Relates to the GOP structure. If you do not know what GOP is, use the default.\nFIXED: Set the number of B-frames in each sub-GOP to the value in gopNumBFrames.\nDYNAMIC: Let MediaLive optimize the number of B-frames in each sub-GOP, to improve visual quality.", - "title": "SubgopLength", + "Type": { + "enum": [ + "AWS::LakeFormation::Permissions" + ], "type": "string" }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" - }, - "TimecodeInsertion": { - "markdownDescription": "Determines how MediaLive inserts timecodes in the output video. For detailed information about setting up the input and the output for a timecode, see the section on \\\"MediaLive Features - Timecode configuration\\\" in the MediaLive User Guide.\nDISABLED: do not include timecodes.\nGOP_TIMECODE: Include timecode metadata in the GOP header.", - "title": "TimecodeInsertion", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::LakeFormation::Permissions.ColumnWildcard": { + "additionalProperties": false, + "properties": { + "ExcludedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", + "type": "array" + } + }, "type": "object" }, - "AWS::MediaLive::Channel.MsSmoothGroupSettings": { + "AWS::LakeFormation::Permissions.DataLakePrincipal": { "additionalProperties": false, "properties": { - "AcquisitionPointId": { - "markdownDescription": "The value of the Acquisition Point Identity element that is used in each message placed in the sparse track. Enabled only if sparseTrackType is not \"none.\"", - "title": "AcquisitionPointId", - "type": "string" - }, - "AudioOnlyTimecodeControl": { - "markdownDescription": "If set to passthrough for an audio-only Microsoft Smooth output, the fragment absolute time is set to the current timecode. This option does not write timecodes to the audio elementary stream.", - "title": "AudioOnlyTimecodeControl", - "type": "string" - }, - "CertificateMode": { - "markdownDescription": "If set to verifyAuthenticity, verifies the HTTPS certificate chain to a trusted certificate authority (CA). This causes HTTPS outputs to self-signed certificates to fail.", - "title": "CertificateMode", - "type": "string" - }, - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying the connection to the IIS server if the connection is lost. Content is cached during this time, and the cache is delivered to the IIS server after the connection is re-established.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The Smooth Streaming publish point on an IIS server. MediaLive acts as a \"Push\" encoder to IIS.", - "title": "Destination" - }, - "EventId": { - "markdownDescription": "The Microsoft Smooth channel ID that is sent to the IIS server. Specify the ID only if eventIdMode is set to useConfigured.", - "title": "EventId", - "type": "string" - }, - "EventIdMode": { - "markdownDescription": "Specifies whether to send a channel ID to the IIS server. If no channel ID is sent and the same channel is used without changing the publishing point, clients might see cached video from the previous run. Options: - \"useConfigured\" - use the value provided in eventId - \"useTimestamp\" - generate and send a channel ID based on the current timestamp - \"noEventId\" - do not send a channel ID to the IIS server.", - "title": "EventIdMode", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" - }, - "EventStopBehavior": { - "markdownDescription": "When set to sendEos, sends an EOS signal to an IIS server when stopping the channel.", - "title": "EventStopBehavior", + } + }, + "type": "object" + }, + "AWS::LakeFormation::Permissions.DataLocationResource": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "FragmentLength": { - "markdownDescription": "The length, in seconds, of mp4 fragments to generate. The fragment length must be compatible with GOP size and frame rate.", - "title": "FragmentLength", - "type": "number" - }, - "InputLossAction": { - "markdownDescription": "A parameter that controls output group behavior on an input loss.", - "title": "InputLossAction", + "S3Resource": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", + "title": "S3Resource", "type": "string" - }, - "NumRetries": { - "markdownDescription": "The number of retry attempts.", - "title": "NumRetries", - "type": "number" - }, - "RestartDelay": { - "markdownDescription": "The number of seconds before initiating a restart due to output failure, due to exhausting the numRetries on one segment, or exceeding filecacheDuration.", - "title": "RestartDelay", - "type": "number" - }, - "SegmentationMode": { - "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", - "title": "SegmentationMode", + } + }, + "type": "object" + }, + "AWS::LakeFormation::Permissions.DatabaseResource": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "SendDelayMs": { - "markdownDescription": "The number of milliseconds to delay the output from the second pipeline.", - "title": "SendDelayMs", - "type": "number" - }, - "SparseTrackType": { - "markdownDescription": "If set to scte35, uses incoming SCTE-35 messages to generate a sparse track in this group of Microsoft Smooth outputs.", - "title": "SparseTrackType", + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::LakeFormation::Permissions.Resource": { + "additionalProperties": false, + "properties": { + "DataLocationResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLocationResource", + "markdownDescription": "A structure for a data location object where permissions are granted or revoked.", + "title": "DataLocationResource" }, - "StreamManifestBehavior": { - "markdownDescription": "When set to send, sends a stream manifest so that the publishing point doesn't start until all streams start.", - "title": "StreamManifestBehavior", - "type": "string" + "DatabaseResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DatabaseResource", + "markdownDescription": "A structure for the database object.", + "title": "DatabaseResource" }, - "TimestampOffset": { - "markdownDescription": "The timestamp offset for the channel. Used only if timestampOffsetMode is set to useConfiguredOffset.", - "title": "TimestampOffset", - "type": "string" + "TableResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableResource", + "markdownDescription": "A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "TableResource" }, - "TimestampOffsetMode": { - "markdownDescription": "The type of timestamp date offset to use. - useEventStartDate: Use the date the channel was started as the offset - useConfiguredOffset: Use an explicitly configured date as the offset.", - "title": "TimestampOffsetMode", - "type": "string" + "TableWithColumnsResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWithColumnsResource", + "markdownDescription": "A structure for a table with columns object. This object is only used when granting a SELECT permission.", + "title": "TableWithColumnsResource" } }, "type": "object" }, - "AWS::MediaLive::Channel.MsSmoothOutputSettings": { + "AWS::LakeFormation::Permissions.TableResource": { "additionalProperties": false, "properties": { - "H265PackagingType": { - "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", - "title": "H265PackagingType", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. This is required for multiple outputs of the same type.", - "title": "NameModifier", + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", + "type": "string" + }, + "TableWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWildcard", + "markdownDescription": "An empty object representing all tables under a database. If this field is specified instead of the `Name` field, all tables under `DatabaseName` will have permission changes applied.", + "title": "TableWildcard" } }, "type": "object" }, - "AWS::MediaLive::Channel.MultiplexGroupSettings": { + "AWS::LakeFormation::Permissions.TableWildcard": { "additionalProperties": false, "properties": {}, "type": "object" }, - "AWS::MediaLive::Channel.MultiplexOutputSettings": { + "AWS::LakeFormation::Permissions.TableWithColumnsResource": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "Destination is a Multiplex.", - "title": "Destination" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", + "type": "string" + }, + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", + "type": "array" + }, + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.ColumnWildcard", + "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnWildcard" + }, + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings": { + "AWS::LakeFormation::PrincipalPermissions": { "additionalProperties": false, "properties": { - "MultiplexId": { - "markdownDescription": "The ID of the Multiplex that the encoder is providing output to. You do not need to specify the individual inputs to the Multiplex; MediaLive will handle the connection of the two MediaLive pipelines to the two Multiplex instances.\nThe Multiplex must be in the same region as the Channel.", - "title": "MultiplexId", + "Condition": { "type": "string" }, - "ProgramName": { - "markdownDescription": "The program name of the Multiplex program that the encoder is providing output to.", - "title": "ProgramName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", + "title": "Catalog", + "type": "string" + }, + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions granted or revoked.", + "title": "Permissions", + "type": "array" + }, + "PermissionsWithGrantOption": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", + "title": "PermissionsWithGrantOption", + "type": "array" + }, + "Principal": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal", + "markdownDescription": "The principal to be granted a permission.", + "title": "Principal" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.Resource", + "markdownDescription": "The resource to be granted or revoked permissions.", + "title": "Resource" + } + }, + "required": [ + "Permissions", + "PermissionsWithGrantOption", + "Principal", + "Resource" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::LakeFormation::PrincipalPermissions" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.NetworkInputSettings": { + "AWS::LakeFormation::PrincipalPermissions.ColumnWildcard": { "additionalProperties": false, "properties": { - "HlsInputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsInputSettings", - "markdownDescription": "Information about how to connect to the upstream system.", - "title": "HlsInputSettings" - }, - "ServerValidation": { - "markdownDescription": "Checks HTTPS server certificates. When set to checkCryptographyOnly, cryptography in the certificate is checked, but not the server's name. Certain subdomains (notably S3 buckets that use dots in the bucket name) don't strictly match the corresponding certificate's wildcard pattern and would otherwise cause the channel to error. This setting is ignored for protocols that do not use HTTPS.", - "title": "ServerValidation", - "type": "string" + "ExcludedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.NielsenCBET": { + "AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource": { "additionalProperties": false, "properties": { - "CbetCheckDigitString": { - "markdownDescription": "Enter the CBET check digits to use in the watermark.", - "title": "CbetCheckDigitString", + "DatabaseName": { + "markdownDescription": "A database in the Data Catalog .", + "title": "DatabaseName", "type": "string" }, - "CbetStepaside": { - "markdownDescription": "Determines the method of CBET insertion mode when prior encoding is detected on the same layer.", - "title": "CbetStepaside", + "Name": { + "markdownDescription": "The name given by the user to the data filter cell.", + "title": "Name", "type": "string" }, - "Csid": { - "markdownDescription": "Enter the CBET Source ID (CSID) to use in the watermark", - "title": "Csid", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.NielsenConfiguration": { - "additionalProperties": false, - "properties": { - "DistributorId": { - "markdownDescription": "Enter the Distributor ID assigned to your organization by Nielsen.", - "title": "DistributorId", + "TableCatalogId": { + "markdownDescription": "The ID of the catalog to which the table belongs.", + "title": "TableCatalogId", "type": "string" }, - "NielsenPcmToId3Tagging": { - "markdownDescription": "Enables Nielsen PCM to ID3 tagging", - "title": "NielsenPcmToId3Tagging", + "TableName": { + "markdownDescription": "The name of the table.", + "title": "TableName", "type": "string" } }, + "required": [ + "DatabaseName", + "Name", + "TableCatalogId", + "TableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.NielsenNaesIiNw": { + "AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal": { "additionalProperties": false, "properties": { - "CheckDigitString": { - "markdownDescription": "Enter the check digit string for the watermark", - "title": "CheckDigitString", - "type": "string" - }, - "Sid": { - "markdownDescription": "Enter the Nielsen Source ID (SID) to include in the watermark", - "title": "Sid", - "type": "number" - }, - "Timezone": { - "markdownDescription": "", - "title": "Timezone", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the AWS Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.NielsenWatermarksSettings": { + "AWS::LakeFormation::PrincipalPermissions.DataLocationResource": { "additionalProperties": false, "properties": { - "NielsenCbetSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenCBET", - "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen CBET", - "title": "NielsenCbetSettings" - }, - "NielsenDistributionType": { - "markdownDescription": "Choose the distribution types that you want to assign to the watermarks:\n- PROGRAM_CONTENT\n- FINAL_DISTRIBUTOR", - "title": "NielsenDistributionType", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", + "title": "CatalogId", "type": "string" }, - "NielsenNaesIiNwSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenNaesIiNw", - "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen NAES II (N2) and Nielsen NAES VI (NW).", - "title": "NielsenNaesIiNwSettings" + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", + "title": "ResourceArn", + "type": "string" } }, + "required": [ + "CatalogId", + "ResourceArn" + ], "type": "object" }, - "AWS::MediaLive::Channel.Output": { + "AWS::LakeFormation::PrincipalPermissions.DatabaseResource": { "additionalProperties": false, "properties": { - "AudioDescriptionNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the audio descriptions that are used as audio sources for this output.", - "title": "AudioDescriptionNames", - "type": "array" - }, - "CaptionDescriptionNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the caption descriptions that are used as captions sources for this output.", - "title": "CaptionDescriptionNames", - "type": "array" - }, - "OutputName": { - "markdownDescription": "The name that is used to identify an output.", - "title": "OutputName", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "OutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputSettings", - "markdownDescription": "The output type-specific settings.", - "title": "OutputSettings" - }, - "VideoDescriptionName": { - "markdownDescription": "The name of the VideoDescription that is used as the source for this output.", - "title": "VideoDescriptionName", + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", "type": "string" } }, + "required": [ + "CatalogId", + "Name" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputDestination": { + "AWS::LakeFormation::PrincipalPermissions.LFTag": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID for this destination.", - "title": "Id", + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", "type": "string" }, - "MediaPackageSettings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings" - }, - "markdownDescription": "The destination settings for a MediaPackage output.", - "title": "MediaPackageSettings", - "type": "array" - }, - "MultiplexSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings", - "markdownDescription": "Destination settings for a Multiplex output; one destination for both encoders.", - "title": "MultiplexSettings" - }, - "Settings": { + "TagValues": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestinationSettings" + "type": "string" }, - "markdownDescription": "The destination settings for an output.", - "title": "Settings", + "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.OutputDestinationSettings": { + "AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource": { "additionalProperties": false, "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This password parameter applies only if the downstream system requires credentials.", - "title": "PasswordParam", - "type": "string" - }, - "StreamName": { - "markdownDescription": "The stream name for the content. This applies only to RTMP outputs.", - "title": "StreamName", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with Data Catalog .", + "title": "CatalogId", "type": "string" }, - "Url": { - "markdownDescription": "The URL for the destination.", - "title": "Url", + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", "type": "string" }, - "Username": { - "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", - "title": "Username", - "type": "string" + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values for the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" } }, + "required": [ + "CatalogId", + "TagKey", + "TagValues" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputGroup": { + "AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A custom output group name that you can optionally define. Only letters, numbers, and the underscore character are allowed. The maximum length is 32 characters.", - "title": "Name", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "CatalogId", "type": "string" }, - "OutputGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroupSettings", - "markdownDescription": "The settings associated with the output group.", - "title": "OutputGroupSettings" - }, - "Outputs": { + "Expression": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Output" + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTag" }, - "markdownDescription": "The settings for the outputs in the output group.", - "title": "Outputs", + "markdownDescription": "A list of LF-tag conditions that apply to the resource's LF-tag policy.", + "title": "Expression", "type": "array" + }, + "ResourceType": { + "markdownDescription": "The resource type for which the LF-tag policy applies.", + "title": "ResourceType", + "type": "string" } }, + "required": [ + "CatalogId", + "Expression", + "ResourceType" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputGroupSettings": { + "AWS::LakeFormation::PrincipalPermissions.Resource": { "additionalProperties": false, "properties": { - "ArchiveGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveGroupSettings", - "markdownDescription": "The configuration of an archive output group.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "ArchiveGroupSettings" - }, - "CmafIngestGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestGroupSettings", - "markdownDescription": "", - "title": "CmafIngestGroupSettings" + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "Catalog", + "type": "object" }, - "FrameCaptureGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureGroupSettings", - "markdownDescription": "The configuration of a frame capture output group.", - "title": "FrameCaptureGroupSettings" + "DataCellsFilter": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource", + "markdownDescription": "A data cell filter.", + "title": "DataCellsFilter" }, - "HlsGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsGroupSettings", - "markdownDescription": "The configuration of an HLS output group.", - "title": "HlsGroupSettings" + "DataLocation": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLocationResource", + "markdownDescription": "The location of an Amazon S3 path where permissions are granted or revoked.", + "title": "DataLocation" }, - "MediaPackageGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageGroupSettings", - "markdownDescription": "The configuration of a MediaPackage output group.", - "title": "MediaPackageGroupSettings" + "Database": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DatabaseResource", + "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", + "title": "Database" }, - "MsSmoothGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothGroupSettings", - "markdownDescription": "The configuration of a Microsoft Smooth output group.", - "title": "MsSmoothGroupSettings" + "LFTag": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource", + "markdownDescription": "The LF-tag key and values attached to a resource.", + "title": "LFTag" }, - "MultiplexGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexGroupSettings", - "markdownDescription": "The settings for a Multiplex output group.", - "title": "MultiplexGroupSettings" + "LFTagPolicy": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource", + "markdownDescription": "A list of LF-tag conditions that define a resource's LF-tag policy.", + "title": "LFTagPolicy" }, - "RtmpGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpGroupSettings", - "markdownDescription": "The configuration of an RTMP output group.", - "title": "RtmpGroupSettings" + "Table": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableResource", + "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Table" }, - "UdpGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpGroupSettings", - "markdownDescription": "The configuration of a UDP output group.", - "title": "UdpGroupSettings" + "TableWithColumns": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource", + "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", + "title": "TableWithColumns" } }, "type": "object" }, - "AWS::MediaLive::Channel.OutputLocationRef": { + "AWS::LakeFormation::PrincipalPermissions.TableResource": { "additionalProperties": false, "properties": { - "DestinationRefId": { - "markdownDescription": "A reference ID for this destination.", - "title": "DestinationRefId", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", + "type": "string" + }, + "TableWildcard": { + "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", + "title": "TableWildcard", + "type": "object" } }, + "required": [ + "CatalogId", + "DatabaseName" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputLockingSettings": { + "AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource": { "additionalProperties": false, "properties": { - "EpochLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EpochLockingSettings", - "markdownDescription": "", - "title": "EpochLockingSettings" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", + "title": "CatalogId", + "type": "string" }, - "PipelineLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.PipelineLockingSettings", - "markdownDescription": "", - "title": "PipelineLockingSettings" + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", + "type": "array" + }, + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.ColumnWildcard", + "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnWildcard" + }, + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", + "type": "string" } }, + "required": [ + "CatalogId", + "DatabaseName", + "Name" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputSettings": { + "AWS::LakeFormation::Resource": { "additionalProperties": false, "properties": { - "ArchiveOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveOutputSettings", - "markdownDescription": "The settings for an archive output.", - "title": "ArchiveOutputSettings" + "Condition": { + "type": "string" }, - "CmafIngestOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestOutputSettings", - "markdownDescription": "", - "title": "CmafIngestOutputSettings" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FrameCaptureOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureOutputSettings", - "markdownDescription": "The settings for a frame capture output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "FrameCaptureOutputSettings" - }, - "HlsOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsOutputSettings", - "markdownDescription": "The settings for an HLS output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "HlsOutputSettings" - }, - "MediaPackageOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputSettings", - "markdownDescription": "The settings for a MediaPackage output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "MediaPackageOutputSettings" - }, - "MsSmoothOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothOutputSettings", - "markdownDescription": "The settings for a Microsoft Smooth output.", - "title": "MsSmoothOutputSettings" - }, - "MultiplexOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexOutputSettings", - "markdownDescription": "Configuration of a Multiplex output.", - "title": "MultiplexOutputSettings" - }, - "RtmpOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpOutputSettings", - "markdownDescription": "The settings for an RTMP output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "RtmpOutputSettings" - }, - "UdpOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpOutputSettings", - "markdownDescription": "The settings for a UDP output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "UdpOutputSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.PassThroughSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.PipelineLockingSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RawSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Rec601Settings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Rec709Settings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RemixSettings": { - "additionalProperties": false, - "properties": { - "ChannelMappings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioChannelMapping" - }, - "markdownDescription": "A mapping of input channels to output channels, with appropriate gain adjustments.", - "title": "ChannelMappings", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ChannelsIn": { - "markdownDescription": "The number of input channels to be used.", - "title": "ChannelsIn", - "type": "number" + "Metadata": { + "type": "object" }, - "ChannelsOut": { - "markdownDescription": "The number of output channels to be produced. Valid values: 1, 2, 4, 6, 8.", - "title": "ChannelsOut", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RtmpGroupSettings": { - "additionalProperties": false, - "properties": { - "AdMarkers": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "HybridAccessEnabled": { + "markdownDescription": "Indicates whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.", + "title": "HybridAccessEnabled", + "type": "boolean" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "ResourceArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that registered a resource.", + "title": "RoleArn", + "type": "string" + }, + "UseServiceLinkedRole": { + "markdownDescription": "Designates a trusted caller, an IAM principal, by registering this caller with the Data Catalog .", + "title": "UseServiceLinkedRole", + "type": "boolean" + }, + "WithFederation": { + "markdownDescription": "Allows Lake Formation to assume a role to access tables in a federated database.", + "title": "WithFederation", + "type": "boolean" + } }, - "markdownDescription": "Choose the ad marker type for this output group. MediaLive will create a message based on the content of each SCTE-35 message, format it for that marker type, and insert it in the datastream.", - "title": "AdMarkers", - "type": "array" - }, - "AuthenticationScheme": { - "markdownDescription": "An authentication scheme to use when connecting with a CDN.", - "title": "AuthenticationScheme", - "type": "string" - }, - "CacheFullBehavior": { - "markdownDescription": "Controls behavior when the content cache fills up. If a remote origin server stalls the RTMP connection and doesn't accept content fast enough, the media cache fills up. When the cache reaches the duration specified by cacheLength, the cache stops accepting new content. If set to disconnectImmediately, the RTMP output forces a disconnect. Clear the media cache, and reconnect after restartDelay seconds. If set to waitForServer, the RTMP output waits up to 5 minutes to allow the origin server to begin accepting data again.", - "title": "CacheFullBehavior", - "type": "string" - }, - "CacheLength": { - "markdownDescription": "The cache length, in seconds, that is used to calculate buffer size.", - "title": "CacheLength", - "type": "number" - }, - "CaptionData": { - "markdownDescription": "Controls the types of data that pass to onCaptionInfo outputs. If set to all, 608 and 708 carried DTVCC data is passed. If set to field1AndField2608, DTVCC data is stripped out, but 608 data from both fields is passed. If set to field1608, only the data carried in 608 from field 1 video is passed.", - "title": "CaptionData", - "type": "string" - }, - "IncludeFillerNalUnits": { - "markdownDescription": "", - "title": "IncludeFillerNalUnits", - "type": "string" + "required": [ + "ResourceArn", + "UseServiceLinkedRole" + ], + "type": "object" }, - "InputLossAction": { - "markdownDescription": "Controls the behavior of this RTMP group if the input becomes unavailable. emitOutput: Emit a slate until the input returns. pauseOutput: Stop transmitting data until the input returns. This does not close the underlying RTMP connection.", - "title": "InputLossAction", + "Type": { + "enum": [ + "AWS::LakeFormation::Resource" + ], "type": "string" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.RtmpOutputSettings": { - "additionalProperties": false, - "properties": { - "CertificateMode": { - "markdownDescription": "If set to verifyAuthenticity, verifies the TLS certificate chain to a trusted certificate authority (CA). This causes RTMPS outputs with self-signed certificates to fail.", - "title": "CertificateMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the Flash Media server if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The RTMP endpoint excluding the stream name (for example, rtmp://host/appname).", - "title": "Destination" - }, - "NumRetries": { - "markdownDescription": "The number of retry attempts.", - "title": "NumRetries", - "type": "number" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte20SourceSettings": { + "AWS::LakeFormation::Tag": { "additionalProperties": false, "properties": { - "Convert608To708": { - "markdownDescription": "If upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. Any 708 data present in the source content is discarded.", - "title": "Convert608To708", + "Condition": { "type": "string" }, - "Source608ChannelNumber": { - "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions.", - "title": "Source608ChannelNumber", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte27DestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte27SourceSettings": { - "additionalProperties": false, - "properties": { - "OcrLanguage": { - "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", - "title": "OcrLanguage", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Pid": { - "markdownDescription": "The PID field is used in conjunction with the captions selector languageCode field as follows: Specify PID and Language: Extracts captions from that PID; the language is \"informational.\" Specify PID and omit Language: Extracts the specified PID. Omit PID and specify Language: Extracts the specified language, whichever PID that happens to be. Omit PID and omit Language: Valid only if source is DVB-Sub that is being passed through; all languages are passed through.", - "title": "Pid", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte35SpliceInsert": { - "additionalProperties": false, - "properties": { - "AdAvailOffset": { - "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", - "title": "AdAvailOffset", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NoRegionalBlackoutFlag": { - "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "NoRegionalBlackoutFlag", - "type": "string" + "Metadata": { + "type": "object" }, - "WebDeliveryAllowedFlag": { - "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "WebDeliveryAllowedFlag", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte35TimeSignalApos": { - "additionalProperties": false, - "properties": { - "AdAvailOffset": { - "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", - "title": "AdAvailOffset", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "CatalogId", + "type": "string" + }, + "TagKey": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe key-name for the LF-tag.", + "title": "TagKey", + "type": "string" + }, + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of UTF-8 strings, not less than 1 or more than 50 strings.\n\nA list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" + } + }, + "required": [ + "TagKey", + "TagValues" + ], + "type": "object" }, - "NoRegionalBlackoutFlag": { - "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "NoRegionalBlackoutFlag", + "Type": { + "enum": [ + "AWS::LakeFormation::Tag" + ], "type": "string" }, - "WebDeliveryAllowedFlag": { - "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "WebDeliveryAllowedFlag", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.SmpteTtDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.StandardHlsSettings": { + "AWS::LakeFormation::TagAssociation": { "additionalProperties": false, "properties": { - "AudioRenditionSets": { - "markdownDescription": "Lists all the audio groups that are used with the video output stream. This inputs all the audio GROUP-IDs that are associated with the video, separated by a comma (,).", - "title": "AudioRenditionSets", + "Condition": { "type": "string" }, - "M3u8Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M3u8Settings", - "markdownDescription": "Settings for the M3U8 container.", - "title": "M3u8Settings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.StaticKeySettings": { - "additionalProperties": false, - "properties": { - "KeyProviderServer": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The URL of the license server that is used for protecting content.", - "title": "KeyProviderServer" - }, - "StaticKeyValue": { - "markdownDescription": "The static key value as a 32 character hexadecimal string.", - "title": "StaticKeyValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TeletextDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.TeletextSourceSettings": { - "additionalProperties": false, - "properties": { - "OutputRectangle": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionRectangle", - "markdownDescription": "Settings to configure the caption rectangle for an output captions that will be created using this Teletext source captions.", - "title": "OutputRectangle" }, - "PageNumber": { - "markdownDescription": "Specifies the Teletext page number within the data stream from which to extract captions. The range is 0x100 (256) to 0x8FF (2303). This is unused for passthrough. It should be specified as a hexadecimal string with no \"0x\" prefix.", - "title": "PageNumber", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TemporalFilterSettings": { - "additionalProperties": false, - "properties": { - "PostFilterSharpening": { - "markdownDescription": "If you enable this filter, the results are the following:\n- If the source content is noisy (it contains excessive digital artifacts), the filter cleans up the source.\n- If the source content is already clean, the filter tends to decrease the bitrate, especially when the rate control mode is QVBR.", - "title": "PostFilterSharpening", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Strength": { - "markdownDescription": "Choose a filter strength. We recommend a strength of 1 or 2. A higher strength might take out good information, resulting in an image that is overly soft.", - "title": "Strength", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.ThumbnailConfiguration": { - "additionalProperties": false, - "properties": { - "State": { - "markdownDescription": "", - "title": "State", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TimecodeBurninSettings": { - "additionalProperties": false, - "properties": { - "FontSize": { - "markdownDescription": "", - "title": "FontSize", - "type": "string" + "Metadata": { + "type": "object" }, - "Position": { - "markdownDescription": "", - "title": "Position", + "Properties": { + "additionalProperties": false, + "properties": { + "LFTags": { + "items": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.LFTagPair" + }, + "markdownDescription": "A structure containing an LF-tag key-value pair.", + "title": "LFTags", + "type": "array" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.Resource", + "markdownDescription": "UTF-8 string (valid values: `DATABASE | TABLE` ).\n\nThe resource for which the LF-tag policy applies.", + "title": "Resource" + } + }, + "required": [ + "LFTags", + "Resource" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::LakeFormation::TagAssociation" + ], "type": "string" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.TimecodeConfig": { + "AWS::LakeFormation::TagAssociation.DatabaseResource": { "additionalProperties": false, "properties": { - "Source": { - "markdownDescription": "Identifies the source for the timecode that will be associated with the channel outputs. Embedded (embedded): Initialize the output timecode with timecode from the source. If no embedded timecode is detected in the source, the system falls back to using \"Start at 0\" (zerobased). System Clock (systemclock): Use the UTC time. Start at 0 (zerobased): The time of the first frame of the channel will be 00:00:00:00.", - "title": "Source", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it should be the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "SyncThreshold": { - "markdownDescription": "The threshold in frames beyond which output timecode is resynchronized to the input timecode. Discrepancies below this threshold are permitted to avoid unnecessary discontinuities in the output timecode. There is no timecode sync when this is not specified.", - "title": "SyncThreshold", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TtmlDestinationSettings": { - "additionalProperties": false, - "properties": { - "StyleControl": { - "markdownDescription": "When set to passthrough, passes through style and position information from a TTML-like input source (TTML, SMPTE-TT, CFF-TT) to the CFF-TT output or TTML output.", - "title": "StyleControl", + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", "type": "string" } }, + "required": [ + "CatalogId", + "Name" + ], "type": "object" }, - "AWS::MediaLive::Channel.UdpContainerSettings": { - "additionalProperties": false, - "properties": { - "M2tsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", - "markdownDescription": "The M2TS configuration for this UDP output.", - "title": "M2tsSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.UdpGroupSettings": { + "AWS::LakeFormation::TagAssociation.LFTagPair": { "additionalProperties": false, "properties": { - "InputLossAction": { - "markdownDescription": "Specifies the behavior of the last resort when the input video is lost, and no more backup inputs are available. When dropTs is selected, the entire transport stream stops emitting. When dropProgram is selected, the program can be dropped from the transport stream (and replaced with null packets to meet the TS bitrate requirement). Or when emitProgram is selected, the transport stream continues to be produced normally with repeat frames, black frames, or slate frames substituted for the absent input video.", - "title": "InputLossAction", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "TimedMetadataId3Frame": { - "markdownDescription": "Indicates the ID3 frame that has the timecode.", - "title": "TimedMetadataId3Frame", + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", "type": "string" }, - "TimedMetadataId3Period": { - "markdownDescription": "The timed metadata interval in seconds.", - "title": "TimedMetadataId3Period", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.UdpOutputSettings": { - "additionalProperties": false, - "properties": { - "BufferMsec": { - "markdownDescription": "The UDP output buffering in milliseconds. Larger values increase latency through the transcoder but simultaneously assist the transcoder in maintaining a constant, low-jitter UDP/RTP output while accommodating clock recovery, input switching, input disruptions, picture reordering, and so on.", - "title": "BufferMsec", - "type": "number" - }, - "ContainerSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", - "markdownDescription": "The settings for the UDP output.", - "title": "ContainerSettings" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The destination address and port number for RTP or UDP packets. These can be unicast or multicast RTP or UDP (for example, rtp://239.10.10.10:5001 or udp://10.100.100.100:5002).", - "title": "Destination" - }, - "FecOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FecOutputSettings", - "markdownDescription": "The settings for enabling and adjusting Forward Error Correction on UDP outputs.", - "title": "FecOutputSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoBlackFailoverSettings": { - "additionalProperties": false, - "properties": { - "BlackDetectThreshold": { - "markdownDescription": "A value used in calculating the threshold below which MediaLive considers a pixel to be 'black'. For the input to be considered black, every pixel in a frame must be below this threshold. The threshold is calculated as a percentage (expressed as a decimal) of white. Therefore .1 means 10% white (or 90% black). Note how the formula works for any color depth. For example, if you set this field to 0.1 in 10-bit color depth: (1023*0.1=102.3), which means a pixel value of 102 or less is 'black'. If you set this field to .1 in an 8-bit color depth: (255*0.1=25.5), which means a pixel value of 25 or less is 'black'. The range is 0.0 to 1.0, with any number of decimal places.", - "title": "BlackDetectThreshold", - "type": "number" - }, - "VideoBlackThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that the active input must be black before automatic input failover occurs.", - "title": "VideoBlackThresholdMsec", - "type": "number" + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" } }, + "required": [ + "CatalogId", + "TagKey", + "TagValues" + ], "type": "object" }, - "AWS::MediaLive::Channel.VideoCodecSettings": { + "AWS::LakeFormation::TagAssociation.Resource": { "additionalProperties": false, "properties": { - "FrameCaptureSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureSettings", - "markdownDescription": "The settings for the video codec in a frame capture output.", - "title": "FrameCaptureSettings" + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "Catalog", + "type": "object" }, - "H264Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264Settings", - "markdownDescription": "The settings for the H.264 codec in the output.", - "title": "H264Settings" + "Database": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.DatabaseResource", + "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", + "title": "Database" }, - "H265Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265Settings", - "markdownDescription": "Settings for video encoded with the H265 codec.", - "title": "H265Settings" + "Table": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableResource", + "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Table" }, - "Mpeg2Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2Settings", - "markdownDescription": "Settings for video encoded with the MPEG-2 codec.", - "title": "Mpeg2Settings" + "TableWithColumns": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableWithColumnsResource", + "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", + "title": "TableWithColumns" } }, "type": "object" }, - "AWS::MediaLive::Channel.VideoDescription": { + "AWS::LakeFormation::TagAssociation.TableResource": { "additionalProperties": false, "properties": { - "CodecSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoCodecSettings", - "markdownDescription": "The video codec settings.", - "title": "CodecSettings" - }, - "Height": { - "markdownDescription": "The output video height, in pixels. This must be an even number. For most codecs, you can keep this field and width blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", - "title": "Height", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of this VideoDescription. Outputs use this name to uniquely identify this description. Description names should be unique within this channel.", - "title": "Name", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "RespondToAfd": { - "markdownDescription": "Indicates how to respond to the AFD values in the input stream. RESPOND causes input video to be clipped, depending on the AFD value, input display aspect ratio, and output display aspect ratio, and (except for the FRAMECAPTURE codec) includes the values in the output. PASSTHROUGH (does not apply to FRAMECAPTURE codec) ignores the AFD values and includes the values in the output, so input video is not clipped. NONE ignores the AFD values and does not include the values through to the output, so input video is not clipped.", - "title": "RespondToAfd", + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", "type": "string" }, - "ScalingBehavior": { - "markdownDescription": "STRETCHTOOUTPUT configures the output position to stretch the video to the specified output resolution (height and width). This option overrides any position value. DEFAULT might insert black boxes (pillar boxes or letter boxes) around the video to provide the specified output resolution.", - "title": "ScalingBehavior", + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", "type": "string" }, - "Sharpness": { - "markdownDescription": "Changes the strength of the anti-alias filter used for scaling. 0 is the softest setting, and 100 is the sharpest. We recommend a setting of 50 for most content.", - "title": "Sharpness", - "type": "number" - }, - "Width": { - "markdownDescription": "The output video width, in pixels. It must be an even number. For most codecs, you can keep this field and height blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", - "title": "Width", - "type": "number" + "TableWildcard": { + "markdownDescription": "A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", + "title": "TableWildcard", + "type": "object" } }, + "required": [ + "CatalogId", + "DatabaseName" + ], "type": "object" }, - "AWS::MediaLive::Channel.VideoSelector": { + "AWS::LakeFormation::TagAssociation.TableWithColumnsResource": { "additionalProperties": false, "properties": { - "ColorSpace": { - "markdownDescription": "Specifies the color space of an input. This setting works in tandem with colorSpaceConversion to determine if MediaLive will perform any conversion.", - "title": "ColorSpace", - "type": "string" - }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings", - "markdownDescription": "Settings to configure color space settings in the incoming video.", - "title": "ColorSpaceSettings" - }, - "ColorSpaceUsage": { - "markdownDescription": "Applies only if colorSpace is a value other than Follow. This field controls how the value in the colorSpace field is used. Fallback means that when the input does include color space data, that data is used, but when the input has no color space data, the value in colorSpace is used. Choose fallback if your input is sometimes missing color space data, but when it does have color space data, that data is correct. Force means to always use the value in colorSpace. Choose force if your input usually has no color space data or might have unreliable color space data.", - "title": "ColorSpaceUsage", + "CatalogId": { + "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of TableResource$Name or TableResource$TableWildcard is required.", + "title": "CatalogId", "type": "string" }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorSettings", - "markdownDescription": "Information about the video to select from the content.", - "title": "SelectorSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings": { - "additionalProperties": false, - "properties": { - "Hdr10Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", - "markdownDescription": "Settings to configure color space settings in the incoming video.", - "title": "Hdr10Settings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelectorPid": { - "additionalProperties": false, - "properties": { - "Pid": { - "markdownDescription": "Selects a specific PID from within a video source.", - "title": "Pid", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelectorProgramId": { - "additionalProperties": false, - "properties": { - "ProgramId": { - "markdownDescription": "Selects a specific program from within a multi-program transport stream. If the program doesn't exist, MediaLive selects the first program within the transport stream by default.", - "title": "ProgramId", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelectorSettings": { - "additionalProperties": false, - "properties": { - "VideoSelectorPid": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorPid", - "markdownDescription": "Used to extract video by PID.", - "title": "VideoSelectorPid" - }, - "VideoSelectorProgramId": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorProgramId", - "markdownDescription": "Used to extract video by program ID.", - "title": "VideoSelectorProgramId" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VpcOutputSettings": { - "additionalProperties": false, - "properties": { - "PublicAddressAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "List of public address allocation IDs to associate with ENIs that will be created in Output VPC. Must specify one for SINGLE_PIPELINE, two for STANDARD channels", - "title": "PublicAddressAllocationIds", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of up to 5 EC2 VPC security group IDs to attach to the Output VPC network interfaces.\nIf none are specified then the VPC default security group will be used", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { + "ColumnNames": { "items": { "type": "string" }, - "markdownDescription": "A list of VPC subnet IDs from the same VPC.\nIf STANDARD channel, subnet IDs must be mapped to two unique availability zones (AZ).", - "title": "SubnetIds", + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.WavSettings": { - "additionalProperties": false, - "properties": { - "BitDepth": { - "markdownDescription": "Bits per sample.", - "title": "BitDepth", - "type": "number" }, - "CodingMode": { - "markdownDescription": "The audio coding mode for the WAV audio. The mode determines the number of channels in the audio.", - "title": "CodingMode", + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", "type": "string" }, - "SampleRate": { - "markdownDescription": "Sample rate in Hz.", - "title": "SampleRate", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.WebvttDestinationSettings": { - "additionalProperties": false, - "properties": { - "StyleControl": { - "markdownDescription": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO_STYLE_DATA - Don't pass through the style. The output captions will not contain any font styling information.", - "title": "StyleControl", + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", "type": "string" } }, + "required": [ + "CatalogId", + "ColumnNames", + "DatabaseName", + "Name" + ], "type": "object" }, - "AWS::MediaLive::Input": { + "AWS::Lambda::Alias": { "additionalProperties": false, "properties": { "Condition": { @@ -161122,77 +168610,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputDestinationRequest" - }, - "markdownDescription": "Settings that apply only if the input is a push type of input.", - "title": "Destinations", - "type": "array" - }, - "InputDevices": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputDeviceSettings" - }, - "markdownDescription": "Settings that apply only if the input is an Elemental Link input.", - "title": "InputDevices", - "type": "array" + "Description": { + "markdownDescription": "A description of the alias.", + "title": "Description", + "type": "string" }, - "InputSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of input security groups (referenced by IDs) to attach to the input if the input is a push type.", - "title": "InputSecurityGroups", - "type": "array" + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" }, - "MediaConnectFlows": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.MediaConnectFlowRequest" - }, - "markdownDescription": "Settings that apply only if the input is a MediaConnect input.", - "title": "MediaConnectFlows", - "type": "array" + "FunctionVersion": { + "markdownDescription": "The function version that the alias invokes.", + "title": "FunctionVersion", + "type": "string" }, "Name": { - "markdownDescription": "A name for the input.", + "markdownDescription": "The name of the alias.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role for MediaLive to assume when creating a MediaConnect input or Amazon VPC input. This doesn't apply to other types of inputs. The role is identified by its ARN.", - "title": "RoleArn", - "type": "string" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputSourceRequest" - }, - "markdownDescription": "Settings that apply only if the input is a pull type of input.", - "title": "Sources", - "type": "array" - }, - "Tags": { - "markdownDescription": "A collection of tags for this input. Each tag is a key-value pair.", - "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "The type for this input.", - "title": "Type", - "type": "string" + "ProvisionedConcurrencyConfig": { + "$ref": "#/definitions/AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration", + "markdownDescription": "Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.", + "title": "ProvisionedConcurrencyConfig" }, - "Vpc": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputVpcRequest", - "markdownDescription": "Settings that apply only if the input is an push input where the source is on Amazon VPC.", - "title": "Vpc" + "RoutingConfig": { + "$ref": "#/definitions/AWS::Lambda::Alias.AliasRoutingConfiguration", + "markdownDescription": "The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.", + "title": "RoutingConfig" } }, + "required": [ + "FunctionName", + "FunctionVersion", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::Input" + "AWS::Lambda::Alias" ], "type": "string" }, @@ -161206,96 +168664,60 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaLive::Input.InputDestinationRequest": { - "additionalProperties": false, - "properties": { - "StreamName": { - "markdownDescription": "The stream name (application name/application instance) for the location the RTMP source content will be pushed to in MediaLive.", - "title": "StreamName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.InputDeviceRequest": { + "AWS::Lambda::Alias.AliasRoutingConfiguration": { "additionalProperties": false, "properties": { - "Id": { - "type": "string" + "AdditionalVersionWeights": { + "items": { + "$ref": "#/definitions/AWS::Lambda::Alias.VersionWeight" + }, + "markdownDescription": "The second version, and the percentage of traffic that's routed to it.", + "title": "AdditionalVersionWeights", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Input.InputDeviceSettings": { + "AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The unique ID for the device.", - "title": "Id", - "type": "string" + "ProvisionedConcurrentExecutions": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the alias.", + "title": "ProvisionedConcurrentExecutions", + "type": "number" } }, + "required": [ + "ProvisionedConcurrentExecutions" + ], "type": "object" }, - "AWS::MediaLive::Input.InputSourceRequest": { + "AWS::Lambda::Alias.VersionWeight": { "additionalProperties": false, "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the upstream system. The password parameter applies only if the upstream system requires credentials.", - "title": "PasswordParam", - "type": "string" - }, - "Url": { - "markdownDescription": "For a pull input, the URL where MediaLive pulls the source content from.", - "title": "Url", - "type": "string" - }, - "Username": { - "markdownDescription": "The user name to connect to the upstream system. The user name applies only if the upstream system requires credentials.", - "title": "Username", + "FunctionVersion": { + "markdownDescription": "The qualifier of the second version.", + "title": "FunctionVersion", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.InputVpcRequest": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of up to five VPC security group IDs to attach to the input VPC network interfaces. The security groups require subnet IDs. If none are specified, MediaLive uses the VPC default security group.", - "title": "SecurityGroupIds", - "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of two VPC subnet IDs from the same VPC. You must associate subnet IDs to two unique Availability Zones.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.MediaConnectFlowRequest": { - "additionalProperties": false, - "properties": { - "FlowArn": { - "markdownDescription": "The ARN of one or two MediaConnect flows that are the sources for this MediaConnect input.", - "title": "FlowArn", - "type": "string" + "FunctionWeight": { + "markdownDescription": "The percentage of traffic that the alias routes to the second version.", + "title": "FunctionWeight", + "type": "number" } }, + "required": [ + "FunctionVersion", + "FunctionWeight" + ], "type": "object" }, - "AWS::MediaLive::InputSecurityGroup": { + "AWS::Lambda::CodeSigningConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -161330,25 +168752,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "markdownDescription": "A collection of tags for this input security group. Each tag is a key-value pair.", - "title": "Tags", - "type": "object" + "AllowedPublishers": { + "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.AllowedPublishers", + "markdownDescription": "List of allowed publishers.", + "title": "AllowedPublishers" }, - "WhitelistRules": { + "CodeSigningPolicies": { + "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.CodeSigningPolicies", + "markdownDescription": "The code signing policy controls the validation failure action for signature mismatch or expiry.", + "title": "CodeSigningPolicies" + }, + "Description": { + "markdownDescription": "Code signing configuration description.", + "title": "Description", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of IPv4 CIDR addresses to include in the input security group as \"allowed\" addresses.", - "title": "WhitelistRules", + "markdownDescription": "A list of tags to add to the code signing configuration.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "title": "Tags", "type": "array" } }, + "required": [ + "AllowedPublishers" + ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::InputSecurityGroup" + "AWS::Lambda::CodeSigningConfig" ], "type": "string" }, @@ -161362,22 +168797,43 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr": { + "AWS::Lambda::CodeSigningConfig.AllowedPublishers": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "An IPv4 CIDR range to include in this input security group.", - "title": "Cidr", + "SigningProfileVersionArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.", + "title": "SigningProfileVersionArns", + "type": "array" + } + }, + "required": [ + "SigningProfileVersionArns" + ], + "type": "object" + }, + "AWS::Lambda::CodeSigningConfig.CodeSigningPolicies": { + "additionalProperties": false, + "properties": { + "UntrustedArtifactOnDeployment": { + "markdownDescription": "Code signing configuration policy for deployment validation failure. If you set the policy to `Enforce` , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to `Warn` , Lambda allows the deployment and creates a CloudWatch log.\n\nDefault value: `Warn`", + "title": "UntrustedArtifactOnDeployment", "type": "string" } }, + "required": [ + "UntrustedArtifactOnDeployment" + ], "type": "object" }, - "AWS::MediaLive::Multiplex": { + "AWS::Lambda::EventInvokeConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -161412,51 +168868,41 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of availability zones for the multiplex.", - "title": "AvailabilityZones", - "type": "array" + "DestinationConfig": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.DestinationConfig", + "markdownDescription": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Bucket* - The ARN of an Amazon S3 bucket.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus.\n\n> S3 buckets are supported only for on-failure destinations. To retain records of successful invocations, use another destination type.", + "title": "DestinationConfig" }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexOutputDestination" - }, - "markdownDescription": "A list of the multiplex output destinations.", - "title": "Destinations", - "type": "array" + "FunctionName": { + "markdownDescription": "The name of the Lambda function.\n\n*Minimum* : `1`\n\n*Maximum* : `64`\n\n*Pattern* : `([a-zA-Z0-9-_]+)`", + "title": "FunctionName", + "type": "string" }, - "MultiplexSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexSettings", - "markdownDescription": "Configuration for a multiplex event.", - "title": "MultiplexSettings" + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum age of a request that Lambda sends to a function for processing.", + "title": "MaximumEventAgeInSeconds", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the multiplex.", - "title": "Name", - "type": "string" + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of times to retry when the function returns an error.", + "title": "MaximumRetryAttempts", + "type": "number" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.Tags" - }, - "markdownDescription": "A collection of key-value pairs.", - "title": "Tags", - "type": "array" + "Qualifier": { + "markdownDescription": "The identifier of a version or alias.\n\n- *Version* - A version number.\n- *Alias* - An alias name.\n- *Latest* - To specify the unpublished version, use `$LATEST` .", + "title": "Qualifier", + "type": "string" } }, "required": [ - "AvailabilityZones", - "MultiplexSettings", - "Name" + "FunctionName", + "Qualifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::Multiplex" + "AWS::Lambda::EventInvokeConfig" ], "type": "string" }, @@ -161475,75 +168921,51 @@ ], "type": "object" }, - "AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings": { - "additionalProperties": false, - "properties": { - "EntitlementArn": { - "markdownDescription": "The MediaConnect entitlement ARN available as a Flow source.", - "title": "EntitlementArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Multiplex.MultiplexOutputDestination": { + "AWS::Lambda::EventInvokeConfig.DestinationConfig": { "additionalProperties": false, "properties": { - "MultiplexMediaConnectOutputDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings", - "markdownDescription": "", - "title": "MultiplexMediaConnectOutputDestinationSettings" + "OnFailure": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnFailure", + "markdownDescription": "The destination configuration for failed invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", + "title": "OnFailure" + }, + "OnSuccess": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnSuccess", + "markdownDescription": "The destination configuration for successful invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", + "title": "OnSuccess" } }, "type": "object" }, - "AWS::MediaLive::Multiplex.MultiplexSettings": { + "AWS::Lambda::EventInvokeConfig.OnFailure": { "additionalProperties": false, "properties": { - "MaximumVideoBufferDelayMilliseconds": { - "markdownDescription": "Maximum video buffer delay in milliseconds.", - "title": "MaximumVideoBufferDelayMilliseconds", - "type": "number" - }, - "TransportStreamBitrate": { - "markdownDescription": "Transport stream bit rate.", - "title": "TransportStreamBitrate", - "type": "number" - }, - "TransportStreamId": { - "markdownDescription": "Transport stream ID.", - "title": "TransportStreamId", - "type": "number" - }, - "TransportStreamReservedBitrate": { - "markdownDescription": "Transport stream reserved bit rate.", - "title": "TransportStreamReservedBitrate", - "type": "number" + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", + "title": "Destination", + "type": "string" } }, "required": [ - "TransportStreamBitrate", - "TransportStreamId" + "Destination" ], "type": "object" }, - "AWS::MediaLive::Multiplex.Tags": { + "AWS::Lambda::EventInvokeConfig.OnSuccess": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "", - "title": "Value", + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.", + "title": "Destination", "type": "string" } }, + "required": [ + "Destination" + ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram": { + "AWS::Lambda::EventSourceMapping": { "additionalProperties": false, "properties": { "Condition": { @@ -161578,48 +169000,165 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelId": { - "type": "string" + "AmazonManagedKafkaEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig", + "markdownDescription": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", + "title": "AmazonManagedKafkaEventSourceConfig" }, - "MultiplexId": { - "markdownDescription": "The unique id of the multiplex.", - "title": "MultiplexId", + "BatchSize": { + "markdownDescription": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", + "title": "BatchSize", + "type": "number" + }, + "BisectBatchOnFunctionError": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.\n\n> When using `BisectBatchOnFunctionError` , check the `BatchSize` parameter in the `OnFailure` destination message's metadata. The `BatchSize` could be greater than 1 since Lambda consolidates failed messages metadata when writing to the `OnFailure` destination.", + "title": "BisectBatchOnFunctionError", + "type": "boolean" + }, + "DestinationConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DestinationConfig", + "markdownDescription": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.", + "title": "DestinationConfig" + }, + "DocumentDBEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig", + "markdownDescription": "Specific configuration settings for a DocumentDB event source.", + "title": "DocumentDBEventSourceConfig" + }, + "Enabled": { + "markdownDescription": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n\nDefault: True", + "title": "Enabled", + "type": "boolean" + }, + "EventSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the event source.\n\n- *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n- *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n- *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc) ).\n- *Amazon MQ* \u2013 The ARN of the broker.\n- *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.", + "title": "EventSourceArn", "type": "string" }, - "MultiplexProgramSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings", - "markdownDescription": "Multiplex Program settings configuration.", - "title": "MultiplexProgramSettings" + "FilterCriteria": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.FilterCriteria", + "markdownDescription": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", + "title": "FilterCriteria" }, - "PacketIdentifiersMap": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap", - "markdownDescription": "", - "title": "PacketIdentifiersMap" + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* \u2013 `MyFunction` .\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Version or Alias ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD` .\n- *Partial ARN* \u2013 `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" }, - "PipelineDetails": { + "FunctionResponseTypes": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail" + "type": "string" }, - "markdownDescription": "", - "title": "PipelineDetails", + "markdownDescription": "(Kinesis, DynamoDB Streams, and SQS) A list of current response type enums applied to the event source mapping.\n\nValid Values: `ReportBatchItemFailures`", + "title": "FunctionResponseTypes", "type": "array" }, - "PreferredChannelPipeline": { - "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.\nIf set to \\\"PIPELINE_0\\\" or \\\"PIPELINE_1\\\" and an unhealthy ingest causes the multiplex to switch to the non-preferred pipeline,\nit will switch back once that ingest is healthy again. If set to \\\"CURRENTLY_ACTIVE\\\",\nit will not switch back to the other pipeline based on it recovering to a healthy state,\nit will only switch if the active pipeline becomes unhealthy.", - "title": "PreferredChannelPipeline", + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that Lambda uses to encrypt your function's [filter criteria](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-basics) .", + "title": "KmsKeyArn", "type": "string" }, - "ProgramName": { - "markdownDescription": "", - "title": "ProgramName", + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ , Amazon DocumentDB event sources)* : 500 ms\n\n*Related setting:* For Amazon SQS event sources, when you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "MaximumRecordAgeInSeconds": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1,\nwhich sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n\n> The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed", + "title": "MaximumRecordAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1,\nwhich sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" + }, + "MetricsConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.MetricsConfig", + "markdownDescription": "The metrics configuration for your event source. For more information, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics) .", + "title": "MetricsConfig" + }, + "ParallelizationFactor": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" + }, + "ProvisionedPollerConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ProvisionedPollerConfig", + "markdownDescription": "(Amazon MSK and self-managed Apache Kafka only) The provisioned mode configuration for the event source. For more information, see [provisioned mode](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#invocation-eventsourcemapping-provisioned-mode) .", + "title": "ProvisionedPollerConfig" + }, + "Queues": { + "items": { + "type": "string" + }, + "markdownDescription": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.", + "title": "Queues", + "type": "array" + }, + "ScalingConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ScalingConfig", + "markdownDescription": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency) .", + "title": "ScalingConfig" + }, + "SelfManagedEventSource": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedEventSource", + "markdownDescription": "The self-managed Apache Kafka cluster for your event source.", + "title": "SelfManagedEventSource" + }, + "SelfManagedKafkaEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig", + "markdownDescription": "Specific configuration settings for a self-managed Apache Kafka event source.", + "title": "SelfManagedKafkaEventSourceConfig" + }, + "SourceAccessConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SourceAccessConfiguration" + }, + "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.", + "title": "SourceAccessConfigurations", + "type": "array" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n\n- *LATEST* - Read only new records.\n- *TRIM_HORIZON* - Process all available records.\n- *AT_TIMESTAMP* - Specify a time from which to start reading records.", + "title": "StartingPosition", "type": "string" + }, + "StartingPositionTimestamp": { + "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds. `StartingPositionTimestamp` cannot be in the future.", + "title": "StartingPositionTimestamp", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the event source mapping.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "title": "Tags", + "type": "array" + }, + "Topics": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the Kafka topic.", + "title": "Topics", + "type": "array" + }, + "TumblingWindowInSeconds": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.", + "title": "TumblingWindowInSeconds", + "type": "number" } }, + "required": [ + "FunctionName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::Multiplexprogram" + "AWS::Lambda::EventSourceMapping" ], "type": "string" }, @@ -161633,201 +169172,265 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap": { + "AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig": { "additionalProperties": false, "properties": { - "AudioPids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "AudioPids", - "type": "array" + "ConsumerGroupId": { + "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", + "title": "ConsumerGroupId", + "type": "string" }, - "DvbSubPids": { + "SchemaRegistryConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", + "markdownDescription": "Specific configuration settings for a Kafka schema registry.", + "title": "SchemaRegistryConfig" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.DestinationConfig": { + "additionalProperties": false, + "properties": { + "OnFailure": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.OnFailure", + "markdownDescription": "The destination configuration for failed invocations.", + "title": "OnFailure" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig": { + "additionalProperties": false, + "properties": { + "CollectionName": { + "markdownDescription": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.", + "title": "CollectionName", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the database to consume within the DocumentDB cluster.", + "title": "DatabaseName", + "type": "string" + }, + "FullDocument": { + "markdownDescription": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.", + "title": "FullDocument", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.Endpoints": { + "additionalProperties": false, + "properties": { + "KafkaBootstrapServers": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "", - "title": "DvbSubPids", + "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", + "title": "KafkaBootstrapServers", "type": "array" - }, - "DvbTeletextPid": { - "markdownDescription": "", - "title": "DvbTeletextPid", - "type": "number" - }, - "EtvPlatformPid": { - "markdownDescription": "", - "title": "EtvPlatformPid", - "type": "number" - }, - "EtvSignalPid": { - "markdownDescription": "", - "title": "EtvSignalPid", - "type": "number" - }, - "KlvDataPids": { + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.Filter": { + "additionalProperties": false, + "properties": { + "Pattern": { + "markdownDescription": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax) .", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.FilterCriteria": { + "additionalProperties": false, + "properties": { + "Filters": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Filter" }, - "markdownDescription": "", - "title": "KlvDataPids", + "markdownDescription": "A list of filters.", + "title": "Filters", "type": "array" - }, - "PcrPid": { - "markdownDescription": "", - "title": "PcrPid", - "type": "number" - }, - "PmtPid": { - "markdownDescription": "", - "title": "PmtPid", - "type": "number" - }, - "PrivateMetadataPid": { - "markdownDescription": "", - "title": "PrivateMetadataPid", - "type": "number" - }, - "Scte27Pids": { + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.MetricsConfig": { + "additionalProperties": false, + "properties": { + "Metrics": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "", - "title": "Scte27Pids", + "markdownDescription": "The metrics you want your event source mapping to produce. Include `EventCount` to receive event source mapping metrics related to the number of events processed by your event source mapping. For more information about these metrics, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics) .", + "title": "Metrics", "type": "array" - }, - "Scte35Pid": { - "markdownDescription": "", - "title": "Scte35Pid", + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.OnFailure": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", + "title": "Destination", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.ProvisionedPollerConfig": { + "additionalProperties": false, + "properties": { + "MaximumPollers": { + "markdownDescription": "The maximum number of event pollers this event source can scale up to.", + "title": "MaximumPollers", "type": "number" }, - "TimedMetadataPid": { - "markdownDescription": "", - "title": "TimedMetadataPid", + "MinimumPollers": { + "markdownDescription": "The minimum number of event pollers this event source can scale down to.", + "title": "MinimumPollers", "type": "number" - }, - "VideoPid": { - "markdownDescription": "", - "title": "VideoPid", + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.ScalingConfig": { + "additionalProperties": false, + "properties": { + "MaximumConcurrency": { + "markdownDescription": "Limits the number of concurrent instances that the Amazon SQS event source can invoke.", + "title": "MaximumConcurrency", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail": { + "AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig": { "additionalProperties": false, "properties": { - "ActiveChannelPipeline": { - "markdownDescription": "Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex.", - "title": "ActiveChannelPipeline", + "Type": { + "markdownDescription": "The type of authentication Lambda uses to access your schema registry.", + "title": "Type", "type": "string" }, - "PipelineId": { - "markdownDescription": "Identifies a specific pipeline in the multiplex.", - "title": "PipelineId", + "URI": { + "markdownDescription": "The URI of the secret (Secrets Manager secret ARN) to authenticate with your schema registry.", + "title": "URI", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor": { + "AWS::Lambda::EventSourceMapping.SchemaRegistryConfig": { "additionalProperties": false, "properties": { - "ProviderName": { - "markdownDescription": "Name of the provider.", - "title": "ProviderName", + "AccessConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig" + }, + "markdownDescription": "An array of access configuration objects that tell Lambda how to authenticate with your schema registry.", + "title": "AccessConfigs", + "type": "array" + }, + "EventRecordFormat": { + "markdownDescription": "The record format that Lambda delivers to your function after schema validation.\n\n- Choose `JSON` to have Lambda deliver the record to your function as a standard JSON object.\n- Choose `SOURCE` to have Lambda deliver the record to your function in its original source format. Lambda removes all schema metadata, such as the schema ID, before sending the record to your function.", + "title": "EventRecordFormat", "type": "string" }, - "ServiceName": { - "markdownDescription": "Name of the service.", - "title": "ServiceName", + "SchemaRegistryURI": { + "markdownDescription": "The URI for your schema registry. The correct URI format depends on the type of schema registry you're using.\n\n- For AWS Glue schema registries, use the ARN of the registry.\n- For Confluent schema registries, use the URL of the registry.", + "title": "SchemaRegistryURI", "type": "string" + }, + "SchemaValidationConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaValidationConfig" + }, + "markdownDescription": "An array of schema validation configuration objects, which tell Lambda the message attributes you want to validate and filter using your schema registry.", + "title": "SchemaValidationConfigs", + "type": "array" } }, - "required": [ - "ProviderName", - "ServiceName" - ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings": { + "AWS::Lambda::EventSourceMapping.SchemaValidationConfig": { "additionalProperties": false, "properties": { - "PreferredChannelPipeline": { - "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.", - "title": "PreferredChannelPipeline", + "Attribute": { + "markdownDescription": "The attributes you want your schema registry to validate and filter for. If you selected `JSON` as the `EventRecordFormat` , Lambda also deserializes the selected message attributes.", + "title": "Attribute", "type": "string" - }, - "ProgramNumber": { - "markdownDescription": "Unique program number.", - "title": "ProgramNumber", - "type": "number" - }, - "ServiceDescriptor": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor", - "markdownDescription": "Transport stream service descriptor configuration for the Multiplex program.", - "title": "ServiceDescriptor" - }, - "VideoSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings", - "markdownDescription": "Program video settings configuration.", - "title": "VideoSettings" } }, - "required": [ - "ProgramNumber" - ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings": { + "AWS::Lambda::EventSourceMapping.SelfManagedEventSource": { "additionalProperties": false, "properties": { - "MaximumBitrate": { - "markdownDescription": "Maximum statmux bitrate.", - "title": "MaximumBitrate", - "type": "number" - }, - "MinimumBitrate": { - "markdownDescription": "Minimum statmux bitrate.", - "title": "MinimumBitrate", - "type": "number" + "Endpoints": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Endpoints", + "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", + "title": "Endpoints" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig": { + "additionalProperties": false, + "properties": { + "ConsumerGroupId": { + "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add) .", + "title": "ConsumerGroupId", + "type": "string" }, - "Priority": { - "markdownDescription": "The purpose of the priority is to use a combination of the\\nmultiplex rate control algorithm and the QVBR capability of the\\nencoder to prioritize the video quality of some channels in a\\nmultiplex over others. Channels that have a higher priority will\\nget higher video quality at the expense of the video quality of\\nother channels in the multiplex with lower priority.", - "title": "Priority", - "type": "number" + "SchemaRegistryConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", + "markdownDescription": "Specific configuration settings for a Kafka schema registry.", + "title": "SchemaRegistryConfig" } }, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings": { + "AWS::Lambda::EventSourceMapping.SourceAccessConfiguration": { "additionalProperties": false, "properties": { - "ConstantBitrate": { - "markdownDescription": "The constant bitrate configuration for the video encode.\nWhen this field is defined, StatmuxSettings must be undefined.", - "title": "ConstantBitrate", - "type": "number" + "Type": { + "markdownDescription": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: `\"Type\":\"SASL_SCRAM_512_AUTH\"` .\n\n- `BASIC_AUTH` \u2013 (Amazon MQ) The AWS Secrets Manager secret that stores your broker credentials.\n- `BASIC_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n- `VPC_SUBNET` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n- `VPC_SECURITY_GROUP` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_256_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_512_AUTH` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n- `VIRTUAL_HOST` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n- `CLIENT_CERTIFICATE_TLS_AUTH` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n- `SERVER_ROOT_CA_CERTIFICATE` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.", + "title": "Type", + "type": "string" }, - "StatmuxSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings", - "markdownDescription": "Statmux rate control settings.\nWhen this field is defined, ConstantBitrate must be undefined.", - "title": "StatmuxSettings" + "URI": { + "markdownDescription": "The value for your chosen configuration in `Type` . For example: `\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"` .", + "title": "URI", + "type": "string" } }, "type": "object" }, - "AWS::MediaPackage::Asset": { + "AWS::Lambda::Function": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -161857,59 +169460,158 @@ "Properties": { "additionalProperties": false, "properties": { - "EgressEndpoints": { + "Architectures": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::Asset.EgressEndpoint" + "type": "string" }, - "markdownDescription": "List of playback endpoints that are available for this asset.", - "title": "EgressEndpoints", + "markdownDescription": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is `x86_64` .", + "title": "Architectures", "type": "array" }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the asset.", - "title": "Id", + "Code": { + "$ref": "#/definitions/AWS::Lambda::Function.Code", + "markdownDescription": "The code for the function. You can define your function code in multiple ways:\n\n- For .zip deployment packages, you can specify the Amazon S3 location of the .zip file in the `S3Bucket` , `S3Key` , and `S3ObjectVersion` properties.\n- For .zip deployment packages, you can alternatively define the function code inline in the `ZipFile` property. This method works only for Node.js and Python functions.\n- For container images, specify the URI of your container image in the Amazon ECR registry in the `ImageUri` property.", + "title": "Code" + }, + "CodeSigningConfigArn": { + "markdownDescription": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration\nincludes a set of signing profiles, which define the trusted publishers for this function.", + "title": "CodeSigningConfigArn", "type": "string" }, - "PackagingGroupId": { - "markdownDescription": "The ID of the packaging group associated with this asset.", - "title": "PackagingGroupId", + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.DeadLetterConfig", + "markdownDescription": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq) .", + "title": "DeadLetterConfig" + }, + "Description": { + "markdownDescription": "A description of the function.", + "title": "Description", "type": "string" }, - "ResourceId": { - "markdownDescription": "Unique identifier for this asset, as it's configured in the key provider service.", - "title": "ResourceId", + "Environment": { + "$ref": "#/definitions/AWS::Lambda::Function.Environment", + "markdownDescription": "Environment variables that are accessible from function code during execution.", + "title": "Environment" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", + "markdownDescription": "The size of the function's `/tmp` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", + "title": "EphemeralStorage" + }, + "FileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::Function.FileSystemConfig" + }, + "markdownDescription": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a `DependsOn` attribute to ensure that the mount target is created or updated before the function.\n\nFor more information about using the `DependsOn` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", + "title": "FileSystemConfigs", + "type": "array" + }, + "FunctionName": { + "markdownDescription": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, AWS CloudFormation generates one.\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "FunctionName", "type": "string" }, - "SourceArn": { - "markdownDescription": "The ARN for the source content in Amazon S3.", - "title": "SourceArn", + "Handler": { + "markdownDescription": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html) .", + "title": "Handler", "type": "string" }, - "SourceRoleArn": { - "markdownDescription": "The ARN for the IAM role that provides AWS Elemental MediaPackage access to the Amazon S3 bucket where the source content is stored. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "SourceRoleArn", + "ImageConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.ImageConfig", + "markdownDescription": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) .", + "title": "ImageConfig" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt the following resources:\n\n- The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption) .\n- The function's [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) snapshots.\n- When used with `SourceKMSKeyArn` , the unzipped version of the .zip deployment package that's used for function invocations. For more information, see [Specifying a customer managed key for Lambda](https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption) .\n- The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see [Function lifecycle](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle) .\n\nIf you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) or an [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", + "title": "KmsKeyArn", + "type": "string" + }, + "Layers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", + "title": "Layers", + "type": "array" + }, + "LoggingConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.LoggingConfig", + "markdownDescription": "The function's Amazon CloudWatch Logs configuration settings.", + "title": "LoggingConfig" + }, + "MemorySize": { + "markdownDescription": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.", + "title": "MemorySize", + "type": "number" + }, + "PackageType": { + "markdownDescription": "The type of deployment package. Set to `Image` for container image and set `Zip` for .zip file archive.", + "title": "PackageType", + "type": "string" + }, + "RecursiveLoop": { + "markdownDescription": "The status of your function's recursive loop detection configuration.\n\nWhen this value is set to `Allow` and Lambda detects your function being invoked as part of a recursive loop, it doesn't take any action.\n\nWhen this value is set to `Terminate` and Lambda detects your function being invoked as part of a recursive loop, it stops your function being invoked and notifies you.", + "title": "RecursiveLoop", + "type": "string" + }, + "ReservedConcurrentExecutions": { + "markdownDescription": "The number of simultaneous executions to reserve for the function.", + "title": "ReservedConcurrentExecutions", + "type": "number" + }, + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function's execution role.", + "title": "Role", + "type": "string" + }, + "Runtime": { + "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels) .\n\nFor a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported) .", + "title": "Runtime", "type": "string" }, + "RuntimeManagementConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.RuntimeManagementConfig", + "markdownDescription": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) .", + "title": "RuntimeManagementConfig" + }, + "SnapStart": { + "$ref": "#/definitions/AWS::Lambda::Function.SnapStart", + "markdownDescription": "The function's [AWS Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", + "title": "SnapStart" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the asset.", + "markdownDescription": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "title": "Tags", "type": "array" + }, + "Timeout": { + "markdownDescription": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) .", + "title": "Timeout", + "type": "number" + }, + "TracingConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.TracingConfig", + "markdownDescription": "Set `Mode` to `Active` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) .", + "title": "TracingConfig" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.VpcConfig", + "markdownDescription": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html) .", + "title": "VpcConfig" } }, "required": [ - "Id", - "PackagingGroupId", - "SourceArn", - "SourceRoleArn" + "Code", + "Role" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::Asset" + "AWS::Lambda::Function" ], "type": "string" }, @@ -161928,186 +169630,252 @@ ], "type": "object" }, - "AWS::MediaPackage::Asset.EgressEndpoint": { + "AWS::Lambda::Function.Code": { "additionalProperties": false, "properties": { - "PackagingConfigurationId": { - "markdownDescription": "The ID of a packaging configuration that's applied to this asset.", - "title": "PackagingConfigurationId", + "ImageUri": { + "markdownDescription": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.", + "title": "ImageUri", "type": "string" }, - "Url": { - "markdownDescription": "The URL that's used to request content from this endpoint.", - "title": "Url", + "S3Bucket": { + "markdownDescription": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account .", + "title": "S3Bucket", + "type": "string" + }, + "S3Key": { + "markdownDescription": "The Amazon S3 key of the deployment package.", + "title": "S3Key", + "type": "string" + }, + "S3ObjectVersion": { + "markdownDescription": "For versioned objects, the version of the deployment package object to use.", + "title": "S3ObjectVersion", + "type": "string" + }, + "SourceKMSKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt your function's .zip deployment package. If you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) .", + "title": "SourceKMSKeyArn", + "type": "string" + }, + "ZipFile": { + "markdownDescription": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named `index` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) . This zip file cannot exceed 4MB. For the `Handler` property, the first part of the handler identifier must be `index` . For example, `index.handler` .\n\n> When you specify source code inline for a Node.js function, the `index` file that AWS CloudFormation creates uses the extension `.js` . This means that Lambda treats the file as a CommonJS module. ES modules aren't supported for inline functions. \n\nFor JSON, you must escape quotes and special characters such as newline ( `\\n` ) with a backslash.\n\nIf you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( [cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html) ) that simplifies sending responses. See [Using AWS Lambda with AWS CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.", + "title": "ZipFile", "type": "string" } }, - "required": [ - "PackagingConfigurationId", - "Url" - ], "type": "object" }, - "AWS::MediaPackage::Channel": { + "AWS::Lambda::Function.DeadLetterConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", + "title": "TargetArn", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Any descriptive information that you want to add to the channel for future identification purposes.", - "title": "Description", - "type": "string" - }, - "EgressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", - "markdownDescription": "Configures egress access logs.", - "title": "EgressAccessLogs" - }, - "HlsIngest": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.HlsIngest", - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "HlsIngest" - }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the channel.", - "title": "Id", + } + }, + "type": "object" + }, + "AWS::Lambda::Function.Environment": { + "additionalProperties": false, + "properties": { + "Variables": { + "additionalProperties": true, + "markdownDescription": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html) .\n\nIf the value of the environment variable is a time or a duration, enclose the value in quotes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "IngressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", - "markdownDescription": "Configures ingress access logs.", - "title": "IngressAccessLogs" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the channel.", - "title": "Tags", - "type": "array" } }, - "required": [ - "Id" - ], + "title": "Variables", "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackage::Channel" - ], + } + }, + "type": "object" + }, + "AWS::Lambda::Function.EphemeralStorage": { + "additionalProperties": false, + "properties": { + "Size": { + "markdownDescription": "The size of the function's `/tmp` directory.", + "title": "Size", + "type": "number" + } + }, + "required": [ + "Size" + ], + "type": "object" + }, + "AWS::Lambda::Function.FileSystemConfig": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.", + "title": "Arn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocalMountPath": { + "markdownDescription": "The path where the function can access the file system, starting with `/mnt/` .", + "title": "LocalMountPath", "type": "string" } }, "required": [ - "Type", - "Properties" + "Arn", + "LocalMountPath" ], "type": "object" }, - "AWS::MediaPackage::Channel.HlsIngest": { + "AWS::Lambda::Function.ImageConfig": { "additionalProperties": false, "properties": { - "ingestEndpoints": { + "Command": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.IngestEndpoint" + "type": "string" }, - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "ingestEndpoints", + "markdownDescription": "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.", + "title": "Command", + "type": "array" + }, + "EntryPoint": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.", + "title": "EntryPoint", "type": "array" + }, + "WorkingDirectory": { + "markdownDescription": "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.", + "title": "WorkingDirectory", + "type": "string" } }, "type": "object" }, - "AWS::MediaPackage::Channel.IngestEndpoint": { + "AWS::Lambda::Function.LoggingConfig": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The endpoint identifier.", - "title": "Id", + "ApplicationLogLevel": { + "markdownDescription": "Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where `TRACE` is the highest level and `FATAL` is the lowest.", + "title": "ApplicationLogLevel", "type": "string" }, - "Password": { - "markdownDescription": "The system-generated password for WebDAV input authentication.", - "title": "Password", + "LogFormat": { + "markdownDescription": "The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON.", + "title": "LogFormat", "type": "string" }, - "Url": { - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "Url", + "LogGroup": { + "markdownDescription": "The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named `/aws/lambda/` . To use a different log group, enter an existing log group or enter a new log group name.", + "title": "LogGroup", "type": "string" }, - "Username": { - "markdownDescription": "The system-generated username for WebDAV input authentication.", - "title": "Username", + "SystemLogLevel": { + "markdownDescription": "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where `DEBUG` is the highest level and `WARN` is the lowest.", + "title": "SystemLogLevel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::Function.RuntimeManagementConfig": { + "additionalProperties": false, + "properties": { + "RuntimeVersionArn": { + "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", + "title": "RuntimeVersionArn", + "type": "string" + }, + "UpdateRuntimeOn": { + "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", + "title": "UpdateRuntimeOn", "type": "string" } }, "required": [ - "Id", - "Password", - "Url", - "Username" + "UpdateRuntimeOn" ], "type": "object" }, - "AWS::MediaPackage::Channel.LogConfiguration": { + "AWS::Lambda::Function.SnapStart": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "Sets a custom Amazon CloudWatch log group name.", - "title": "LogGroupName", + "ApplyOn": { + "markdownDescription": "Set `ApplyOn` to `PublishedVersions` to create a snapshot of the initialized execution environment when you publish a function version.", + "title": "ApplyOn", "type": "string" } }, + "required": [ + "ApplyOn" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint": { + "AWS::Lambda::Function.SnapStartResponse": { "additionalProperties": false, "properties": { - "Condition": { + "ApplyOn": { + "markdownDescription": "When set to `PublishedVersions` , Lambda creates a snapshot of the execution environment when you publish a function version.", + "title": "ApplyOn", "type": "string" }, - "DeletionPolicy": { - "enum": [ + "OptimizationStatus": { + "markdownDescription": "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using) , this response element indicates whether SnapStart is activated for the specified function version.", + "title": "OptimizationStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::Function.TracingConfig": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The tracing mode.", + "title": "Mode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::Function.VpcConfig": { + "additionalProperties": false, + "properties": { + "Ipv6AllowedForDualStack": { + "markdownDescription": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.", + "title": "Ipv6AllowedForDualStack", + "type": "boolean" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC security group IDs.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs.", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lambda::LayerVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ "Delete", "Retain", "Snapshot" @@ -162135,92 +169903,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Authorization": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.Authorization", - "markdownDescription": "Parameters for CDN authorization.", - "title": "Authorization" - }, - "ChannelId": { - "markdownDescription": "The ID of the channel associated with this endpoint.", - "title": "ChannelId", - "type": "string" + "CompatibleArchitectures": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .", + "title": "CompatibleArchitectures", + "type": "array" }, - "CmafPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafPackage", - "markdownDescription": "Parameters for Common Media Application Format (CMAF) packaging.", - "title": "CmafPackage" + "CompatibleRuntimes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .", + "title": "CompatibleRuntimes", + "type": "array" }, - "DashPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashPackage", - "markdownDescription": "Parameters for DASH packaging.", - "title": "DashPackage" + "Content": { + "$ref": "#/definitions/AWS::Lambda::LayerVersion.Content", + "markdownDescription": "The function layer archive.", + "title": "Content" }, "Description": { - "markdownDescription": "Any descriptive information that you want to add to the endpoint for future identification purposes.", + "markdownDescription": "The description of the version.", "title": "Description", "type": "string" }, - "HlsPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsPackage", - "markdownDescription": "Parameters for Apple HLS packaging.", - "title": "HlsPackage" - }, - "Id": { - "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", - "title": "Id", - "type": "string" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint.", - "title": "ManifestName", + "LayerName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", + "title": "LayerName", "type": "string" }, - "MssPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssPackage", - "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", - "title": "MssPackage" - }, - "Origination": { - "markdownDescription": "Controls video origination from this endpoint.\n\nValid values:\n\n- `ALLOW` - enables this endpoint to serve content to requesting devices.\n- `DENY` - prevents this endpoint from serving content. Denying origination is helpful for harvesting live-to-VOD assets. For more information about harvesting and origination, see [Live-to-VOD Requirements](https://docs.aws.amazon.com/mediapackage/latest/ug/ltov-reqmts.html) .", - "title": "Origination", + "LicenseInfo": { + "markdownDescription": "The layer's software license. It can be any of the following:\n\n- An [SPDX license identifier](https://docs.aws.amazon.com/https://spdx.org/licenses/) . For example, `MIT` .\n- The URL of a license hosted on the internet. For example, `https://opensource.org/licenses/MIT` .\n- The full text of the license.", + "title": "LicenseInfo", "type": "string" - }, - "StartoverWindowSeconds": { - "markdownDescription": "Maximum duration (seconds) of content to retain for startover playback. Omit this attribute or enter `0` to indicate that startover playback is disabled for this endpoint.", - "title": "StartoverWindowSeconds", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the endpoint.", - "title": "Tags", - "type": "array" - }, - "TimeDelaySeconds": { - "markdownDescription": "Minimum duration (seconds) of delay to enforce on the playback of live content. Omit this attribute or enter `0` to indicate that there is no time delay in effect for this endpoint.", - "title": "TimeDelaySeconds", - "type": "number" - }, - "Whitelist": { - "items": { - "type": "string" - }, - "markdownDescription": "The IP addresses that can access this endpoint.", - "title": "Whitelist", - "type": "array" } }, "required": [ - "ChannelId", - "Id" + "Content" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::OriginEndpoint" + "AWS::Lambda::LayerVersion" ], "type": "string" }, @@ -162239,477 +169966,593 @@ ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.Authorization": { + "AWS::Lambda::LayerVersion.Content": { "additionalProperties": false, "properties": { - "CdnIdentifierSecret": { - "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that your Content Delivery Network (CDN) uses for authorization to access your endpoint.", - "title": "CdnIdentifierSecret", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket of the layer archive.", + "title": "S3Bucket", "type": "string" }, - "SecretsRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", - "title": "SecretsRoleArn", + "S3Key": { + "markdownDescription": "The Amazon S3 key of the layer archive.", + "title": "S3Key", + "type": "string" + }, + "S3ObjectVersion": { + "markdownDescription": "For versioned objects, the version of the layer archive object to use.", + "title": "S3ObjectVersion", "type": "string" } }, "required": [ - "CdnIdentifierSecret", - "SecretsRoleArn" + "S3Bucket", + "S3Key" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.CmafEncryption": { + "AWS::Lambda::LayerVersionPermission": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then AWS Elemental MediaPackage creates the constant initialization vector (IV).", - "title": "ConstantInitializationVector", + "Condition": { "type": "string" }, - "EncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "EncryptionMethod", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" - } - }, - "required": [ - "SpekeKeyProvider" - ], - "type": "object" - }, - "AWS::MediaPackage::OriginEndpoint.CmafPackage": { - "additionalProperties": false, - "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "Metadata": { + "type": "object" }, - "HlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsManifest" + "Properties": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The API action that grants access to the layer. For example, `lambda:GetLayerVersion` .", + "title": "Action", + "type": "string" + }, + "LayerVersionArn": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", + "title": "LayerVersionArn", + "type": "string" + }, + "OrganizationId": { + "markdownDescription": "With the principal set to `*` , grant permission to all accounts in the specified organization.", + "title": "OrganizationId", + "type": "string" + }, + "Principal": { + "markdownDescription": "An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified). For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.", + "title": "Principal", + "type": "string" + } }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", - "type": "array" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source segment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "required": [ + "Action", + "LayerVersionArn", + "Principal" + ], + "type": "object" }, - "SegmentPrefix": { - "markdownDescription": "An optional custom string that is prepended to the name of each segment. If not specified, the segment prefix defaults to the ChannelId.", - "title": "SegmentPrefix", + "Type": { + "enum": [ + "AWS::Lambda::LayerVersionPermission" + ], "type": "string" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" - } - }, - "type": "object" - }, - "AWS::MediaPackage::OriginEndpoint.DashEncryption": { - "additionalProperties": false, - "properties": { - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" - }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "SpekeKeyProvider" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.DashPackage": { + "AWS::Lambda::Permission": { "additionalProperties": false, "properties": { - "AdTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_ADVERTISEMENT` .\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_PLACEMENT_OPPORTUNITY` .\n- `SPLICE_INSERT` .", - "title": "AdTriggers", - "type": "array" - }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", + "Condition": { "type": "string" }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestLayout": { - "markdownDescription": "Determines the position of some tags in the manifest.\n\nValid values:\n\n- `FULL` - Elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` .\n- `COMPACT` - Duplicate elements are combined and presented at the `AdaptationSet` level.", - "title": "ManifestLayout", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ManifestWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each manifest.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", - "title": "MinBufferTimeSeconds", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MinUpdatePeriodSeconds": { - "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", - "title": "MinUpdatePeriodSeconds", - "type": "number" + "Metadata": { + "type": "object" }, - "PeriodTriggers": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action that the principal can use on the function. For example, `lambda:InvokeFunction` or `lambda:GetFunction` .", + "title": "Action", + "type": "string" + }, + "EventSourceToken": { + "markdownDescription": "For Alexa Smart Home functions, a token that the invoker must supply.", + "title": "EventSourceToken", + "type": "string" + }, + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function, version, or alias.\n\n**Name formats** - *Function name* \u2013 `my-function` (name-only), `my-function:v1` (with alias).\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:my-function` .\n- *Partial ARN* \u2013 `123456789012:function:my-function` .\n\nYou can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" + }, + "FunctionUrlAuthType": { + "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", + "title": "FunctionUrlAuthType", + "type": "string" + }, + "Principal": { + "markdownDescription": "The AWS service , AWS account , IAM user, or IAM role that invokes the function. If you specify a service, use `SourceArn` or `SourceAccount` to limit who can invoke the function through that service.", + "title": "Principal", + "type": "string" + }, + "PrincipalOrgID": { + "markdownDescription": "The identifier for your organization in AWS Organizations . Use this to grant permissions to all the AWS accounts under this organization.", + "title": "PrincipalOrgID", + "type": "string" + }, + "SourceAccount": { + "markdownDescription": "For AWS service , the ID of the AWS account that owns the resource. Use this together with `SourceArn` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.", + "title": "SourceAccount", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "For AWS services , the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n\nNote that Lambda configures the comparison using the `StringLike` operator.", + "title": "SourceArn", + "type": "string" + } }, - "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", - "title": "PeriodTriggers", - "type": "array" - }, - "Profile": { - "markdownDescription": "The DASH profile for the output.\n\nValid values:\n\n- `NONE` - The output doesn't use a DASH profile.\n- `HBBTV_1_5` - The output is compliant with HbbTV v1.5.\n- `DVB_DASH_2014` - The output is compliant with DVB-DASH 2014.", - "title": "Profile", - "type": "string" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentTemplateFormat": { - "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValid values:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .\n- `NUMBER_WITH_DURATION` - The `$Number$` variable is used in the `media` URL and a `duration` attribute is added to the segment template. The `SegmentTimeline` object is removed from the representation.\n- `TIME_WITH_TIMELINE` - The `$Time$` variable is used in the `media` URL. The value of this variable is the timestamp of when the segment starts. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", - "title": "SegmentTemplateFormat", - "type": "string" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" - }, - "SuggestedPresentationDelaySeconds": { - "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest.", - "title": "SuggestedPresentationDelaySeconds", - "type": "number" + "required": [ + "Action", + "FunctionName", + "Principal" + ], + "type": "object" }, - "UtcTiming": { - "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", - "title": "UtcTiming", + "Type": { + "enum": [ + "AWS::Lambda::Permission" + ], "type": "string" }, - "UtcTimingUri": { - "markdownDescription": "Specifies the value attribute of the UTC timing field when utcTiming is set to HTTP-ISO or HTTP-HEAD.", - "title": "UtcTimingUri", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaPackage::OriginEndpoint.HlsEncryption": { + "AWS::Lambda::Url": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks.", - "title": "ConstantInitializationVector", + "Condition": { "type": "string" }, - "EncryptionMethod": { - "markdownDescription": "HLS encryption type.", - "title": "EncryptionMethod", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RepeatExtXKey": { - "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", - "title": "RepeatExtXKey", - "type": "boolean" + "Metadata": { + "type": "object" }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "Properties": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", + "title": "AuthType", + "type": "string" + }, + "Cors": { + "$ref": "#/definitions/AWS::Lambda::Url.Cors", + "markdownDescription": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.", + "title": "Cors" + }, + "InvokeMode": { + "markdownDescription": "Use one of the following options:\n\n- `BUFFERED` \u2013 This is the default option. Lambda invokes your function using the `Invoke` API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.\n- `RESPONSE_STREAM` \u2013 Your function streams payload results as they become available. Lambda invokes your function using the `InvokeWithResponseStream` API operation. The maximum response payload size is 20 MB, however, you can [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) .", + "title": "InvokeMode", + "type": "string" + }, + "Qualifier": { + "markdownDescription": "The alias name.", + "title": "Qualifier", + "type": "string" + }, + "TargetFunctionArn": { + "markdownDescription": "The name of the Lambda function.\n\n**Name formats** - *Function name* - `my-function` .\n- *Function ARN* - `lambda: : :function:my-function` .\n- *Partial ARN* - `:function:my-function` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "TargetFunctionArn", + "type": "string" + } + }, + "required": [ + "AuthType", + "TargetFunctionArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Lambda::Url" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "SpekeKeyProvider" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.HlsManifest": { + "AWS::Lambda::Url.Cors": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", - "type": "string" + "AllowCredentials": { + "markdownDescription": "Whether you want to allow cookies or other credentials in requests to your function URL. The default is `false` .", + "title": "AllowCredentials", + "type": "boolean" }, - "AdTriggers": { + "AllowHeaders": { "items": { "type": "string" }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", - "title": "AdTriggers", + "markdownDescription": "The HTTP headers that origins can include in requests to your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", + "title": "AllowHeaders", "type": "array" }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", - "type": "string" - }, - "Id": { - "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", - "title": "Id", - "type": "string" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Applies to stream sets with a single video track only. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint. The manifestName on the HLSManifest object overrides the manifestName that you provided on the originEndpoint object.", - "title": "ManifestName", - "type": "string" + "AllowMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "The HTTP methods that are allowed when calling your function URL. For example: `GET` , `POST` , `DELETE` , or the wildcard character ( `*` ).", + "title": "AllowMethods", + "type": "array" }, - "PlaylistType": { - "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", - "title": "PlaylistType", - "type": "string" + "AllowOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example: `https://www.example.com` , `http://localhost:60905` .\n\nAlternatively, you can grant access to all origins with the wildcard character ( `*` ).", + "title": "AllowOrigins", + "type": "array" }, - "PlaylistWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each parent manifest.", - "title": "PlaylistWindowSeconds", - "type": "number" + "ExposeHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "The HTTP headers in your function response that you want to expose to origins that call your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", + "title": "ExposeHeaders", + "type": "array" }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", + "MaxAge": { + "markdownDescription": "The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results.", + "title": "MaxAge", "type": "number" - }, - "Url": { - "markdownDescription": "The URL that's used to request this manifest from this endpoint.", - "title": "Url", - "type": "string" } }, - "required": [ - "Id" - ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.HlsPackage": { + "AWS::Lambda::Version": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", + "Condition": { "type": "string" }, - "AdTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", - "title": "AdTriggers", - "type": "array" - }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeDvbSubtitles": { - "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", - "title": "IncludeDvbSubtitles", - "type": "boolean" + "Metadata": { + "type": "object" }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Only applies to stream sets with a single video track. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "CodeSha256": { + "markdownDescription": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.", + "title": "CodeSha256", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the version to override the description in the function configuration. Updates are not supported for this property.", + "title": "Description", + "type": "string" + }, + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" + }, + "ProvisionedConcurrencyConfig": { + "$ref": "#/definitions/AWS::Lambda::Version.ProvisionedConcurrencyConfiguration", + "markdownDescription": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.", + "title": "ProvisionedConcurrencyConfig" + }, + "RuntimePolicy": { + "$ref": "#/definitions/AWS::Lambda::Version.RuntimePolicy", + "markdownDescription": "", + "title": "RuntimePolicy" + } + }, + "required": [ + "FunctionName" + ], + "type": "object" }, - "PlaylistType": { - "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", - "title": "PlaylistType", + "Type": { + "enum": [ + "AWS::Lambda::Version" + ], "type": "string" }, - "PlaylistWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each parent manifest.", - "title": "PlaylistWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" - }, - "UseAudioRenditionGroup": { - "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", - "title": "UseAudioRenditionGroup", - "type": "boolean" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.MssEncryption": { + "AWS::Lambda::Version.ProvisionedConcurrencyConfiguration": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "ProvisionedConcurrentExecutions": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the version.", + "title": "ProvisionedConcurrentExecutions", + "type": "number" } }, "required": [ - "SpekeKeyProvider" + "ProvisionedConcurrentExecutions" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.MssPackage": { + "AWS::Lambda::Version.RuntimePolicy": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "ManifestWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each manifest.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "RuntimeVersionArn": { + "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", + "title": "RuntimeVersionArn", + "type": "string" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" + "UpdateRuntimeOn": { + "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", + "title": "UpdateRuntimeOn", + "type": "string" } }, + "required": [ + "UpdateRuntimeOn" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider": { + "AWS::LaunchWizard::Deployment": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption.", - "title": "CertificateArn", + "Condition": { "type": "string" }, - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration", - "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", - "title": "EncryptionContractConfiguration" - }, - "ResourceId": { - "markdownDescription": "Unique identifier for this endpoint, as it is configured in the key provider service.", - "title": "ResourceId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. This role must have a trust policy that allows AWS Elemental MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "RoleArn", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SystemIds": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeploymentPatternName": { + "markdownDescription": "The name of the deployment pattern.", + "title": "DeploymentPatternName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the deployment.", + "title": "Name", + "type": "string" + }, + "Specifications": { + "additionalProperties": true, + "markdownDescription": "The settings specified for the deployment. These settings define how to deploy and configure your resources created by the deployment. For more information about the specifications required for creating a deployment for a SAP workload, see [SAP deployment specifications](https://docs.aws.amazon.com/launchwizard/latest/APIReference/launch-wizard-specifications-sap.html) . To retrieve the specifications required to create a deployment for other workloads, use the [`GetWorkloadDeploymentPattern`](https://docs.aws.amazon.com/launchwizard/latest/APIReference/API_GetWorkloadDeploymentPattern.html) operation.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Specifications", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::LaunchWizard::Deployment.Tags" + }, + "markdownDescription": "Information about the tags attached to a deployment.", + "title": "Tags", + "type": "array" + }, + "WorkloadName": { + "markdownDescription": "The name of the workload.", + "title": "WorkloadName", + "type": "string" + } }, - "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", - "title": "SystemIds", - "type": "array" + "required": [ + "DeploymentPatternName", + "Name", + "WorkloadName" + ], + "type": "object" }, - "Url": { - "markdownDescription": "URL for the key provider\u2019s key retrieval API endpoint. Must start with https://.", - "title": "Url", + "Type": { + "enum": [ + "AWS::LaunchWizard::Deployment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ResourceId", - "RoleArn", - "SystemIds", - "Url" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.StreamSelection": { + "AWS::LaunchWizard::Deployment.Tags": { "additionalProperties": false, "properties": { - "MaxVideoBitsPerSecond": { - "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", - "title": "MaxVideoBitsPerSecond", - "type": "number" - }, - "MinVideoBitsPerSecond": { - "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", - "title": "MinVideoBitsPerSecond", - "type": "number" + "Key": { + "markdownDescription": "The key name of the tag.", + "title": "Key", + "type": "string" }, - "StreamOrder": { - "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", - "title": "StreamOrder", + "Value": { + "markdownDescription": "The value for the tag.", + "title": "Value", "type": "string" } }, + "required": [ + "Key" + ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration": { + "AWS::Lex::Bot": { "additionalProperties": false, "properties": { "Condition": { @@ -162744,54 +170587,87 @@ "Properties": { "additionalProperties": false, "properties": { - "CmafPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafPackage", - "markdownDescription": "Parameters for CMAF packaging.", - "title": "CmafPackage" + "AutoBuildBotLocales": { + "markdownDescription": "Indicates whether Amazon Lex V2 should automatically build the locales for the bot after a change.", + "title": "AutoBuildBotLocales", + "type": "boolean" }, - "DashPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashPackage", - "markdownDescription": "Parameters for DASH-ISO packaging.", - "title": "DashPackage" + "BotFileS3Location": { + "$ref": "#/definitions/AWS::Lex::Bot.S3Location", + "markdownDescription": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*", + "title": "BotFileS3Location" }, - "HlsPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsPackage", - "markdownDescription": "Parameters for Apple HLS packaging.", - "title": "HlsPackage" + "BotLocales": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.BotLocale" + }, + "markdownDescription": "A list of locales for the bot.", + "title": "BotLocales", + "type": "array" }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the packaging configuration.", - "title": "Id", + "BotTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the bot. You can only add tags when you import a bot. You can't use the `UpdateBot` operation to update tags. To update tags, use the `TagResource` operation.", + "title": "BotTags", + "type": "array" + }, + "DataPrivacy": { + "$ref": "#/definitions/AWS::Lex::Bot.DataPrivacy", + "markdownDescription": "By default, data stored by Amazon Lex is encrypted. The `DataPrivacy` structure provides settings that determine how Amazon Lex handles special cases of securing the data for your bot.", + "title": "DataPrivacy" + }, + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", "type": "string" }, - "MssPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssPackage", - "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", - "title": "MssPackage" + "IdleSessionTTLInSeconds": { + "markdownDescription": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Lex deletes any data provided before the timeout.\n\nYou can specify between 60 (1 minute) and 86,400 (24 hours) seconds.", + "title": "IdleSessionTTLInSeconds", + "type": "number" }, - "PackagingGroupId": { - "markdownDescription": "The ID of the packaging group associated with this packaging configuration.", - "title": "PackagingGroupId", + "Name": { + "markdownDescription": "The name of the bot locale.", + "title": "Name", "type": "string" }, - "Tags": { + "Replication": { + "$ref": "#/definitions/AWS::Lex::Bot.Replication", + "markdownDescription": "", + "title": "Replication" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot.", + "title": "RoleArn", + "type": "string" + }, + "TestBotAliasSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.TestBotAliasSettings", + "markdownDescription": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values.", + "title": "TestBotAliasSettings" + }, + "TestBotAliasTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the packaging configuration.", - "title": "Tags", + "markdownDescription": "A list of tags to add to the test alias for a bot. You can only add tags when you import a bot. You can't use the `UpdateAlias` operation to update tags. To update tags on the test alias, use the `TagResource` operation.", + "title": "TestBotAliasTags", "type": "array" } }, "required": [ - "Id", - "PackagingGroupId" + "DataPrivacy", + "IdleSessionTTLInSeconds", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaPackage::PackagingConfiguration" + "AWS::Lex::Bot" ], "type": "string" }, @@ -162810,2904 +170686,2550 @@ ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.CmafEncryption": { + "AWS::Lex::Bot.AdvancedRecognitionSetting": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" - } - }, - "required": [ - "SpekeKeyProvider" - ], + "AudioRecognitionStrategy": { + "markdownDescription": "Enables using the slot values as a custom vocabulary for recognizing user utterances.", + "title": "AudioRecognitionStrategy", + "type": "string" + } + }, "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.CmafPackage": { + "AWS::Lex::Bot.AllowedInputTypes": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "HlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" - }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", - "type": "array" + "AllowAudioInput": { + "markdownDescription": "Indicates whether audio input is allowed.", + "title": "AllowAudioInput", + "type": "boolean" }, - "IncludeEncoderConfigurationInSegments": { - "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", - "title": "IncludeEncoderConfigurationInSegments", + "AllowDTMFInput": { + "markdownDescription": "Indicates whether DTMF input is allowed.", + "title": "AllowDTMFInput", "type": "boolean" + } + }, + "required": [ + "AllowAudioInput", + "AllowDTMFInput" + ], + "type": "object" + }, + "AWS::Lex::Bot.AudioAndDTMFInputSpecification": { + "additionalProperties": false, + "properties": { + "AudioSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioSpecification", + "markdownDescription": "Specifies the settings on audio input.", + "title": "AudioSpecification" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", + "DTMFSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.DTMFSpecification", + "markdownDescription": "Specifies the settings on DTMF input.", + "title": "DTMFSpecification" + }, + "StartTimeoutMs": { + "markdownDescription": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.", + "title": "StartTimeoutMs", "type": "number" } }, "required": [ - "HlsManifests" + "StartTimeoutMs" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.DashEncryption": { + "AWS::Lex::Bot.AudioLogDestination": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "S3Bucket": { + "$ref": "#/definitions/AWS::Lex::Bot.S3BucketLogDestination", + "markdownDescription": "Specifies the Amazon S3 bucket where the audio files are stored.", + "title": "S3Bucket" } }, "required": [ - "SpekeKeyProvider" + "S3Bucket" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.DashManifest": { + "AWS::Lex::Bot.AudioLogSetting": { "additionalProperties": false, "properties": { - "ManifestLayout": { - "markdownDescription": "Determines the position of some tags in the Media Presentation Description (MPD). When set to `FULL` , elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` . When set to `COMPACT` , duplicate elements are combined and presented at the AdaptationSet level.", - "title": "ManifestLayout", - "type": "string" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", - "type": "string" - }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", - "title": "MinBufferTimeSeconds", - "type": "number" - }, - "Profile": { - "markdownDescription": "The DASH profile type. When set to `HBBTV_1_5` , the content is compliant with HbbTV 1.5.", - "title": "Profile", - "type": "string" - }, - "ScteMarkersSource": { - "markdownDescription": "The source of scte markers used.\n\nValue description:\n\n- `SEGMENTS` - The scte markers are sourced from the segments of the ingested content.\n- `MANIFEST` - the scte markers are sourced from the manifest of the ingested content. The MANIFEST value is compatible with source HLS playlists using the SCTE-35 Enhanced syntax ( `EXT-OATCLS-SCTE35` tags). SCTE-35 Elemental and SCTE-35 Daterange syntaxes are not supported with this option.", - "title": "ScteMarkersSource", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioLogDestination", + "markdownDescription": "Specifies the location of the audio log files collected when conversation logging is enabled for a bot.", + "title": "Destination" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" + "Enabled": { + "markdownDescription": "Determines whether audio logging in enabled for the bot.", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Destination", + "Enabled" + ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.DashPackage": { + "AWS::Lex::Bot.AudioSpecification": { "additionalProperties": false, "properties": { - "DashManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashManifest" - }, - "markdownDescription": "A list of DASH manifest configurations that are available from this endpoint.", - "title": "DashManifests", - "type": "array" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "IncludeEncoderConfigurationInSegments": { - "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", - "title": "IncludeEncoderConfigurationInSegments", - "type": "boolean" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "PeriodTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", - "title": "PeriodTriggers", - "type": "array" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration.", - "title": "SegmentDurationSeconds", + "EndTimeoutMs": { + "markdownDescription": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.", + "title": "EndTimeoutMs", "type": "number" }, - "SegmentTemplateFormat": { - "markdownDescription": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to `NUMBER_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to `TIME_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to `NUMBER_WITH_DURATION` , only a duration is included in each SegmentTemplate, with $Number$ media URLs.", - "title": "SegmentTemplateFormat", - "type": "string" + "MaxLengthMs": { + "markdownDescription": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.", + "title": "MaxLengthMs", + "type": "number" } }, "required": [ - "DashManifests" + "EndTimeoutMs", + "MaxLengthMs" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration": { + "AWS::Lex::Bot.BKBExactResponseFields": { "additionalProperties": false, "properties": { - "PresetSpeke20Audio": { - "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", - "title": "PresetSpeke20Audio", + "AnswerField": { + "markdownDescription": "", + "title": "AnswerField", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.BedrockAgentConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockAgentAliasId": { + "markdownDescription": "", + "title": "BedrockAgentAliasId", "type": "string" }, - "PresetSpeke20Video": { - "markdownDescription": "A collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", - "title": "PresetSpeke20Video", + "BedrockAgentId": { + "markdownDescription": "", + "title": "BedrockAgentId", "type": "string" } }, - "required": [ - "PresetSpeke20Audio", - "PresetSpeke20Video" - ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsEncryption": { + "AWS::Lex::Bot.BedrockAgentIntentConfiguration": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks. If you don't specify a constant initialization vector (IV), AWS Elemental MediaPackage periodically rotates the IV.", - "title": "ConstantInitializationVector", - "type": "string" + "BedrockAgentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentConfiguration", + "markdownDescription": "", + "title": "BedrockAgentConfiguration" }, - "EncryptionMethod": { - "markdownDescription": "HLS encryption type.", - "title": "EncryptionMethod", + "BedrockAgentIntentKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentIntentKnowledgeBaseConfiguration", + "markdownDescription": "", + "title": "BedrockAgentIntentKnowledgeBaseConfiguration" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.BedrockAgentIntentKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockKnowledgeBaseArn": { + "markdownDescription": "", + "title": "BedrockKnowledgeBaseArn", "type": "string" }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "BedrockModelConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelConfiguration" } }, "required": [ - "SpekeKeyProvider" + "BedrockKnowledgeBaseArn", + "BedrockModelConfiguration" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsManifest": { + "AWS::Lex::Bot.BedrockGuardrailConfiguration": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "This setting controls ad markers in the packaged content.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", + "BedrockGuardrailIdentifier": { + "markdownDescription": "", + "title": "BedrockGuardrailIdentifier", "type": "string" }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Applies to stream sets with a single video track only. When enabled, the output includes an additional I-frame only stream, along with the other tracks.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", + "BedrockGuardrailVersion": { + "markdownDescription": "", + "title": "BedrockGuardrailVersion", "type": "string" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "RepeatExtXKey": { - "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", - "title": "RepeatExtXKey", - "type": "boolean" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", - "title": "StreamSelection" } }, "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsPackage": { + "AWS::Lex::Bot.BedrockKnowledgeStoreConfiguration": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "HlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" - }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", - "type": "array" - }, - "IncludeDvbSubtitles": { - "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", - "title": "IncludeDvbSubtitles", - "type": "boolean" + "BKBExactResponseFields": { + "$ref": "#/definitions/AWS::Lex::Bot.BKBExactResponseFields", + "markdownDescription": "", + "title": "BKBExactResponseFields" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "BedrockKnowledgeBaseArn": { + "markdownDescription": "The base ARN of the knowledge base used.", + "title": "BedrockKnowledgeBaseArn", + "type": "string" }, - "UseAudioRenditionGroup": { - "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", - "title": "UseAudioRenditionGroup", + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response, or to return an answer generated by the model, using the fields you specify from the database.", + "title": "ExactResponse", "type": "boolean" } }, - "required": [ - "HlsManifests" - ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssEncryption": { + "AWS::Lex::Bot.BedrockModelSpecification": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "BedrockGuardrailConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockGuardrailConfiguration", + "markdownDescription": "", + "title": "BedrockGuardrailConfiguration" + }, + "BedrockModelCustomPrompt": { + "markdownDescription": "", + "title": "BedrockModelCustomPrompt", + "type": "string" + }, + "BedrockTraceStatus": { + "markdownDescription": "", + "title": "BedrockTraceStatus", + "type": "string" + }, + "ModelArn": { + "markdownDescription": "The ARN of the foundation model used in descriptive bot building.", + "title": "ModelArn", + "type": "string" } }, "required": [ - "SpekeKeyProvider" + "ModelArn" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssManifest": { + "AWS::Lex::Bot.BotAliasLocaleSettings": { "additionalProperties": false, "properties": { - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", - "type": "string" + "CodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.CodeHookSpecification", + "markdownDescription": "Specifies the Lambda function that should be used in the locale.", + "title": "CodeHookSpecification" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", - "title": "StreamSelection" + "Enabled": { + "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssPackage": { + "AWS::Lex::Bot.BotAliasLocaleSettingsItem": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "MssManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssManifest" - }, - "markdownDescription": "A list of Microsoft Smooth manifest configurations that are available from this endpoint.", - "title": "MssManifests", - "type": "array" + "BotAliasLocaleSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettings", + "markdownDescription": "Specifies locale settings for a locale.", + "title": "BotAliasLocaleSetting" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "LocaleId": { + "markdownDescription": "Specifies the locale that the settings apply to.", + "title": "LocaleId", + "type": "string" } }, "required": [ - "MssManifests" + "BotAliasLocaleSetting", + "LocaleId" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider": { + "AWS::Lex::Bot.BotLocale": { "additionalProperties": false, "properties": { - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration", - "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", - "title": "EncryptionContractConfiguration" + "CustomVocabulary": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabulary", + "markdownDescription": "Specifies a custom vocabulary to use with a specific locale.", + "title": "CustomVocabulary" }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "RoleArn", + "Description": { + "markdownDescription": "A description of the bot locale. Use this to help identify the bot locale in lists.", + "title": "Description", "type": "string" }, - "SystemIds": { + "GenerativeAISettings": { + "$ref": "#/definitions/AWS::Lex::Bot.GenerativeAISettings", + "markdownDescription": "", + "title": "GenerativeAISettings" + }, + "Intents": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.Intent" }, - "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", - "title": "SystemIds", + "markdownDescription": "One or more intents defined for the locale.", + "title": "Intents", "type": "array" }, - "Url": { - "markdownDescription": "URL for the key provider's key retrieval API endpoint. Must start with https://.", - "title": "Url", + "LocaleId": { + "markdownDescription": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales.", + "title": "LocaleId", "type": "string" + }, + "NluConfidenceThreshold": { + "markdownDescription": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot.", + "title": "NluConfidenceThreshold", + "type": "number" + }, + "SlotTypes": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotType" + }, + "markdownDescription": "One or more slot types defined for the locale.", + "title": "SlotTypes", + "type": "array" + }, + "VoiceSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.VoiceSettings", + "markdownDescription": "Defines settings for using an Amazon Polly voice to communicate with a user.\n\nValid values include:\n\n- `standard`\n- `neural`\n- `long-form`\n- `generative`", + "title": "VoiceSettings" } }, "required": [ - "RoleArn", - "SystemIds", - "Url" + "LocaleId", + "NluConfidenceThreshold" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.StreamSelection": { + "AWS::Lex::Bot.BuildtimeSettings": { "additionalProperties": false, "properties": { - "MaxVideoBitsPerSecond": { - "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", - "title": "MaxVideoBitsPerSecond", - "type": "number" - }, - "MinVideoBitsPerSecond": { - "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", - "title": "MinVideoBitsPerSecond", - "type": "number" + "DescriptiveBotBuilderSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.DescriptiveBotBuilderSpecification", + "markdownDescription": "", + "title": "DescriptiveBotBuilderSpecification" }, - "StreamOrder": { - "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", - "title": "StreamOrder", - "type": "string" + "SampleUtteranceGenerationSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtteranceGenerationSpecification", + "markdownDescription": "", + "title": "SampleUtteranceGenerationSpecification" } }, "type": "object" }, - "AWS::MediaPackage::PackagingGroup": { + "AWS::Lex::Bot.Button": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Authorization": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.Authorization", - "markdownDescription": "Parameters for CDN authorization.", - "title": "Authorization" - }, - "EgressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.LogConfiguration", - "markdownDescription": "The configuration parameters for egress access logging.", - "title": "EgressAccessLogs" - }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the packaging group.", - "title": "Id", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the packaging group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackage::PackagingGroup" - ], + "Text": { + "markdownDescription": "The text that appears on the button. Use this to tell the user what value is returned when they choose this button.", + "title": "Text", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Text", + "Value" ], "type": "object" }, - "AWS::MediaPackage::PackagingGroup.Authorization": { + "AWS::Lex::Bot.CloudWatchLogGroupLogDestination": { "additionalProperties": false, "properties": { - "CdnIdentifierSecret": { - "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization.", - "title": "CdnIdentifierSecret", + "CloudWatchLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "SecretsRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", - "title": "SecretsRoleArn", + "LogPrefix": { + "markdownDescription": "The prefix of the log stream name within the log group that you specified", + "title": "LogPrefix", "type": "string" } }, "required": [ - "CdnIdentifierSecret", - "SecretsRoleArn" + "CloudWatchLogGroupArn", + "LogPrefix" ], "type": "object" }, - "AWS::MediaPackage::PackagingGroup.LogConfiguration": { + "AWS::Lex::Bot.CodeHookSpecification": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "Sets a custom Amazon CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/EgressAccessLogs.", - "title": "LogGroupName", - "type": "string" + "LambdaCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.LambdaCodeHook", + "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", + "title": "LambdaCodeHook" } }, + "required": [ + "LambdaCodeHook" + ], "type": "object" }, - "AWS::MediaPackageV2::Channel": { + "AWS::Lex::Bot.CompositeSlotTypeSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the channel configuration.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the channel.", - "title": "Description", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the channel.", - "title": "Tags", - "type": "array" - } + "SubSlots": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotTypeComposition" }, - "required": [ - "ChannelGroupName", - "ChannelName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::Channel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Subslots in the composite slot.", + "title": "SubSlots", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaPackageV2::Channel.IngestEndpoint": { + "AWS::Lex::Bot.Condition": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The identifier associated with the ingest endpoint of the channel.", - "title": "Id", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL associated with the ingest endpoint of the channel.", - "title": "Url", + "ExpressionString": { + "markdownDescription": "The expression string that is evaluated.", + "title": "ExpressionString", "type": "string" } }, + "required": [ + "ExpressionString" + ], "type": "object" }, - "AWS::MediaPackageV2::ChannelGroup": { + "AWS::Lex::Bot.ConditionalBranch": { "additionalProperties": false, "properties": { "Condition": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.Condition", + "markdownDescription": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken.", + "title": "Condition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the branch.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group.", - "title": "ChannelGroupName", - "type": "string" - }, - "Description": { - "markdownDescription": "The configuration for a MediaPackage V2 channel group.", - "title": "Description", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the channel group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ChannelGroupName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::ChannelGroup" - ], - "type": "string" + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Response": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "Response" } }, "required": [ - "Type", - "Properties" + "Condition", + "Name", + "NextStep" ], "type": "object" }, - "AWS::MediaPackageV2::ChannelPolicy": { + "AWS::Lex::Bot.ConditionalSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the channel policy.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The name of the channel associated with the channel policy.", - "title": "ChannelName", - "type": "string" - }, - "Policy": { - "markdownDescription": "The policy associated with the channel.", - "title": "Policy", - "type": "object" - } + "ConditionalBranches": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalBranch" }, - "required": [ - "ChannelGroupName", - "ChannelName", - "Policy" - ], - "type": "object" + "markdownDescription": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true.", + "title": "ConditionalBranches", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::ChannelPolicy" - ], - "type": "string" + "DefaultBranch": { + "$ref": "#/definitions/AWS::Lex::Bot.DefaultConditionalBranch", + "markdownDescription": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step.", + "title": "DefaultBranch" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IsActive": { + "markdownDescription": "Determines whether a conditional branch is active. When `IsActive` is false, the conditions are not evaluated.", + "title": "IsActive", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "ConditionalBranches", + "DefaultBranch", + "IsActive" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint": { + "AWS::Lex::Bot.ConversationLogSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the origin endpoint configuration.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The channel name associated with the origin endpoint.", - "title": "ChannelName", - "type": "string" - }, - "ContainerType": { - "markdownDescription": "The container type associated with the origin endpoint configuration.", - "title": "ContainerType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description associated with the origin endpoint.", - "title": "Description", - "type": "string" - }, - "HlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration" - }, - "markdownDescription": "The HLS manifests associated with the origin endpoint configuration.", - "title": "HlsManifests", - "type": "array" - }, - "LowLatencyHlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration" - }, - "markdownDescription": "The low-latency HLS (LL-HLS) manifests associated with the origin endpoint.", - "title": "LowLatencyHlsManifests", - "type": "array" - }, - "OriginEndpointName": { - "markdownDescription": "The name of the origin endpoint associated with the origin endpoint configuration.", - "title": "OriginEndpointName", - "type": "string" - }, - "Segment": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Segment", - "markdownDescription": "The segment associated with the origin endpoint.", - "title": "Segment" - }, - "StartoverWindowSeconds": { - "markdownDescription": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", - "title": "StartoverWindowSeconds", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the origin endpoint.", - "title": "Tags", - "type": "array" - } + "AudioLogSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioLogSetting" }, - "required": [ - "ChannelGroupName", - "ChannelName", - "OriginEndpointName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::OriginEndpoint" - ], - "type": "string" + "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", + "title": "AudioLogSettings", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TextLogSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.TextLogSetting" + }, + "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", + "title": "TextLogSettings", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.Encryption": { + "AWS::Lex::Bot.CustomPayload": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).", - "title": "ConstantInitializationVector", + "Value": { + "markdownDescription": "The string that is sent to your application.", + "title": "Value", "type": "string" - }, - "EncryptionMethod": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod", - "markdownDescription": "The encryption method to use.", - "title": "EncryptionMethod" - }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "The interval, in seconds, to rotate encryption keys for the origin endpoint.", - "title": "KeyRotationIntervalSeconds", - "type": "number" - }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "The SPEKE key provider to use for encryption.", - "title": "SpekeKeyProvider" } }, "required": [ - "EncryptionMethod", - "SpekeKeyProvider" + "Value" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration": { + "AWS::Lex::Bot.CustomVocabulary": { "additionalProperties": false, "properties": { - "PresetSpeke20Audio": { - "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", - "title": "PresetSpeke20Audio", - "type": "string" - }, - "PresetSpeke20Video": { - "markdownDescription": "The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint.\n\nA collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", - "title": "PresetSpeke20Video", - "type": "string" + "CustomVocabularyItems": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabularyItem" + }, + "markdownDescription": "Specifies a list of words that you expect to be used during a conversation with your bot.", + "title": "CustomVocabularyItems", + "type": "array" } }, "required": [ - "PresetSpeke20Audio", - "PresetSpeke20Video" + "CustomVocabularyItems" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod": { + "AWS::Lex::Bot.CustomVocabularyItem": { "additionalProperties": false, "properties": { - "CmafEncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "CmafEncryptionMethod", + "DisplayAs": { + "markdownDescription": "The DisplayAs value for the custom vocabulary item from the custom vocabulary list.", + "title": "DisplayAs", "type": "string" }, - "TsEncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "TsEncryptionMethod", + "Phrase": { + "markdownDescription": "Specifies 1 - 4 words that should be recognized.", + "title": "Phrase", "type": "string" + }, + "Weight": { + "markdownDescription": "Specifies the degree to which the phrase recognition is boosted. The default value is 1.", + "title": "Weight", + "type": "number" } }, + "required": [ + "Phrase" + ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration": { + "AWS::Lex::Bot.DTMFSpecification": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.", - "title": "End", + "DeletionCharacter": { + "markdownDescription": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.", + "title": "DeletionCharacter", "type": "string" }, - "ManifestFilter": { - "markdownDescription": "Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.", - "title": "ManifestFilter", + "EndCharacter": { + "markdownDescription": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.", + "title": "EndCharacter", "type": "string" }, - "Start": { - "markdownDescription": "Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.", - "title": "Start", - "type": "string" + "EndTimeoutMs": { + "markdownDescription": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.", + "title": "EndTimeoutMs", + "type": "number" }, - "TimeDelaySeconds": { - "markdownDescription": "Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.", - "title": "TimeDelaySeconds", + "MaxLength": { + "markdownDescription": "The maximum number of DTMF digits allowed in an utterance.", + "title": "MaxLength", "type": "number" } }, + "required": [ + "DeletionCharacter", + "EndCharacter", + "EndTimeoutMs", + "MaxLength" + ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration": { + "AWS::Lex::Bot.DataPrivacy": { "additionalProperties": false, "properties": { - "ChildManifestName": { - "markdownDescription": "The name of the child manifest associated with the HLS manifest configuration.", - "title": "ChildManifestName", - "type": "string" - }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", - "markdownDescription": "", - "title": "FilterConfiguration" - }, - "ManifestName": { - "markdownDescription": "The name of the manifest associated with the HLS manifest configuration.", - "title": "ManifestName", - "type": "string" - }, - "ManifestWindowSeconds": { - "markdownDescription": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "ScteHls": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", - "markdownDescription": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", - "title": "ScteHls" - }, - "Url": { - "markdownDescription": "The URL of the HLS manifest configuration.", - "title": "Url", - "type": "string" + "ChildDirected": { + "markdownDescription": "For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) .", + "title": "ChildDirected", + "type": "boolean" } }, "required": [ - "ManifestName" + "ChildDirected" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration": { + "AWS::Lex::Bot.DataSourceConfiguration": { "additionalProperties": false, "properties": { - "ChildManifestName": { - "markdownDescription": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "ChildManifestName", - "type": "string" - }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", - "markdownDescription": "", - "title": "FilterConfiguration" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", - "title": "ManifestName", - "type": "string" - }, - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of the manifest's content.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" + "BedrockKnowledgeStoreConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockKnowledgeStoreConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon Bedrock knowledge base used for the `AMAZON.QnAIntent` . To set up a knowledge base, follow the steps at [Building a knowledge base](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base.html) .", + "title": "BedrockKnowledgeStoreConfiguration" }, - "ScteHls": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", - "markdownDescription": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "ScteHls" + "KendraConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QnAKendraConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon Kendra index used for the `AMAZON.QnAIntent` . To create a Amazon Kendra index, follow the steps at [Creating an index](https://docs.aws.amazon.com/kendra/latest/dg/create-index.html) .", + "title": "KendraConfiguration" }, - "Url": { - "markdownDescription": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "Url", - "type": "string" - } - }, - "required": [ - "ManifestName" - ], - "type": "object" - }, - "AWS::MediaPackageV2::OriginEndpoint.Scte": { - "additionalProperties": false, - "properties": { - "ScteFilter": { - "items": { - "type": "string" - }, - "markdownDescription": "The filter associated with the SCTE-35 configuration.", - "title": "ScteFilter", - "type": "array" + "OpensearchConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.OpensearchConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon OpenSearch Service database used for the `AMAZON.QnAIntent` . To create a domain, follow the steps at [Creating and managing Amazon OpenSearch Service domains](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html) .", + "title": "OpensearchConfiguration" } }, "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.ScteHls": { + "AWS::Lex::Bot.DefaultConditionalBranch": { "additionalProperties": false, "properties": { - "AdMarkerHls": { - "markdownDescription": "The SCTE-35 HLS ad-marker configuration.", - "title": "AdMarkerHls", - "type": "string" + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" + }, + "Response": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "Response" } }, "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.Segment": { + "AWS::Lex::Bot.DescriptiveBotBuilderSpecification": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Encryption", - "markdownDescription": "Whether to use encryption for the segment.", - "title": "Encryption" - }, - "IncludeIframeOnlyStreams": { - "markdownDescription": "Whether the segment includes I-frame-only streams.", - "title": "IncludeIframeOnlyStreams", - "type": "boolean" - }, - "Scte": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Scte", - "markdownDescription": "The SCTE-35 configuration associated with the segment.", - "title": "Scte" - }, - "SegmentDurationSeconds": { - "markdownDescription": "The duration of the segment, in seconds.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment associated with the origin endpoint.", - "title": "SegmentName", - "type": "string" - }, - "TsIncludeDvbSubtitles": { - "markdownDescription": "Whether the segment includes DVB subtitles.", - "title": "TsIncludeDvbSubtitles", - "type": "boolean" + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "An object containing information about the Amazon Bedrock model used to interpret the prompt used in descriptive bot building.", + "title": "BedrockModelSpecification" }, - "TsUseAudioRenditionGroup": { - "markdownDescription": "Whether the segment is an audio rendition group.", - "title": "TsUseAudioRenditionGroup", + "Enabled": { + "markdownDescription": "Specifies whether the descriptive bot building feature is activated or not.", + "title": "Enabled", "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider": { + "AWS::Lex::Bot.DialogAction": { "additionalProperties": false, "properties": { - "DrmSystems": { - "items": { - "type": "string" - }, - "markdownDescription": "The DRM solution provider you're using to protect your content during distribution.", - "title": "DrmSystems", - "type": "array" - }, - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration", - "markdownDescription": "The encryption contract configuration associated with the SPEKE key provider.", - "title": "EncryptionContractConfiguration" - }, - "ResourceId": { - "markdownDescription": "The unique identifier for the content. The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.\n\nThe following example shows a resource ID: `MovieNight20171126093045`", - "title": "ResourceId", + "SlotToElicit": { + "markdownDescription": "If the dialog action is `ElicitSlot` , defines the slot to elicit from the user.", + "title": "SlotToElicit", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.\n\nValid format: `arn:aws:iam::{accountID}:role/{name}` . The following example shows a role ARN: `arn:aws:iam::444455556666:role/SpekeAccess`", - "title": "RoleArn", - "type": "string" + "SuppressNextMessage": { + "markdownDescription": "When true the next message for the intent is not used.", + "title": "SuppressNextMessage", + "type": "boolean" }, - "Url": { - "markdownDescription": "The URL of the SPEKE key provider.", - "title": "Url", + "Type": { + "markdownDescription": "The action that the bot should execute.", + "title": "Type", "type": "string" } }, "required": [ - "DrmSystems", - "EncryptionContractConfiguration", - "ResourceId", - "RoleArn", - "Url" + "Type" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpointPolicy": { + "AWS::Lex::Bot.DialogCodeHookInvocationSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "EnableCodeHookInvocation": { + "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", + "title": "EnableCodeHookInvocation", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InvocationLabel": { + "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", + "title": "InvocationLabel", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the origin endpoint policy.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The channel name associated with the origin endpoint policy.", - "title": "ChannelName", - "type": "string" - }, - "OriginEndpointName": { - "markdownDescription": "The name of the origin endpoint associated with the origin endpoint policy.", - "title": "OriginEndpointName", - "type": "string" - }, - "Policy": { - "markdownDescription": "The policy associated with the origin endpoint.", - "title": "Policy", - "type": "object" - } - }, - "required": [ - "ChannelGroupName", - "ChannelName", - "OriginEndpointName", - "Policy" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::OriginEndpointPolicy" - ], - "type": "string" + "IsActive": { + "markdownDescription": "Determines whether a dialog code hook is used when the intent is activated.", + "title": "IsActive", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "PostCodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification", + "markdownDescription": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete.", + "title": "PostCodeHookSpecification" } }, "required": [ - "Type", - "Properties" + "EnableCodeHookInvocation", + "IsActive", + "PostCodeHookSpecification" ], "type": "object" }, - "AWS::MediaStore::Container": { + "AWS::Lex::Bot.DialogCodeHookSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessLoggingEnabled": { - "markdownDescription": "The state of access logging on the container. This value is `false` by default, indicating that AWS Elemental MediaStore does not send access logs to Amazon CloudWatch Logs. When you enable access logging on the container, MediaStore changes this value to `true` , indicating that the service delivers access logs for objects stored in that container to CloudWatch Logs.", - "title": "AccessLoggingEnabled", - "type": "boolean" - }, - "ContainerName": { - "markdownDescription": "The name for the container. The name must be from 1 to 255 characters. Container names must be unique to your AWS account within a specific region. As an example, you could create a container named `movies` in every region, as long as you don\u2019t have an existing container with that name.", - "title": "ContainerName", - "type": "string" - }, - "CorsPolicy": { - "items": { - "$ref": "#/definitions/AWS::MediaStore::Container.CorsRule" - }, - "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nSets the cross-origin resource sharing (CORS) configuration on a container so that the container can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com to access your AWS Elemental MediaStore container at my.example.container.com by using the browser's XMLHttpRequest capability.\n\nTo enable CORS on a container, you attach a CORS policy to the container. In the CORS policy, you configure rules that identify origins and the HTTP methods that can be executed on your container. The policy can contain up to 398,000 characters. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.\n\nTo learn more about CORS, see [Cross-Origin Resource Sharing (CORS) in AWS Elemental MediaStore](https://docs.aws.amazon.com/mediastore/latest/ug/cors-policy.html) .", - "title": "CorsPolicy", - "type": "array" - }, - "LifecyclePolicy": { - "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nWrites an object lifecycle policy to a container. If the container already has an object lifecycle policy, the service replaces the existing policy with the new policy. It takes up to 20 minutes for the change to take effect.\n\nFor information about how to construct an object lifecycle policy, see [Components of an Object Lifecycle Policy](https://docs.aws.amazon.com/mediastore/latest/ug/policies-object-lifecycle-components.html) .", - "title": "LifecyclePolicy", - "type": "string" - }, - "MetricPolicy": { - "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicy", - "markdownDescription": "The metric policy that is associated with the container. A metric policy allows AWS Elemental MediaStore to send metrics to Amazon CloudWatch. In the policy, you must indicate whether you want MediaStore to send container-level metrics. You can also include rules to define groups of objects that you want MediaStore to send object-level metrics for.\n\nTo view examples of how to construct a metric policy for your use case, see [Example Metric Policies](https://docs.aws.amazon.com/mediastore/latest/ug/policies-metric-examples.html) .", - "title": "MetricPolicy" - }, - "Policy": { - "markdownDescription": "Creates an access policy for the specified container to restrict the users and clients that can access it. For information about the data that is included in an access policy, see the [AWS Identity and Access Management User Guide](https://docs.aws.amazon.com/iam/) .\n\nFor this release of the REST API, you can create only one policy for a container. If you enter `PutContainerPolicy` twice, the second command modifies the existing policy.", - "title": "Policy", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ContainerName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaStore::Container" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Enables the dialog code hook so that it processes user requests.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::MediaStore::Container.CorsRule": { + "AWS::Lex::Bot.DialogState": { "additionalProperties": false, "properties": { - "AllowedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies which headers are allowed in a preflight `OPTIONS` request through the `Access-Control-Request-Headers` header. Each header name that is specified in `Access-Control-Request-Headers` must have a corresponding entry in the rule. Only the headers that were requested are sent back.\n\nThis element can contain only one wildcard character (*).", - "title": "AllowedHeaders", - "type": "array" - }, - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.\n\nEach CORS rule must contain at least one `AllowedMethods` and one `AllowedOrigins` element.", - "title": "AllowedMethods", - "type": "array" + "DialogAction": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogAction", + "markdownDescription": "Defines the action that the bot executes at runtime when the conversation reaches this step.", + "title": "DialogAction" }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nEach CORS rule must have at least one `AllowedOrigins` element. The string value can include only one wildcard character (*), for example, http://*.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.", - "title": "AllowedOrigins", - "type": "array" + "Intent": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentOverride", + "markdownDescription": "Override settings to configure the intent state.", + "title": "Intent" }, - "ExposeHeaders": { + "SessionAttributes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.SessionAttribute" }, - "markdownDescription": "One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nThis element is optional for each rule.", - "title": "ExposeHeaders", + "markdownDescription": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.", + "title": "SessionAttributes", "type": "array" - }, - "MaxAgeSeconds": { - "markdownDescription": "The time in seconds that your browser caches the preflight response for the specified resource.\n\nA CORS rule can have only one `MaxAgeSeconds` element.", - "title": "MaxAgeSeconds", - "type": "number" } }, "type": "object" }, - "AWS::MediaStore::Container.MetricPolicy": { + "AWS::Lex::Bot.ElicitationCodeHookInvocationSetting": { "additionalProperties": false, "properties": { - "ContainerLevelMetrics": { - "markdownDescription": "A setting to enable or disable metrics at the container level.", - "title": "ContainerLevelMetrics", - "type": "string" + "EnableCodeHookInvocation": { + "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", + "title": "EnableCodeHookInvocation", + "type": "boolean" }, - "MetricPolicyRules": { - "items": { - "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicyRule" - }, - "markdownDescription": "A parameter that holds an array of rules that enable metrics at the object level. This parameter is optional, but if you choose to include it, you must also include at least one rule. By default, you can include up to five rules. You can also [request a quota increase](https://docs.aws.amazon.com/servicequotas/home?region=us-east-1#!/services/mediastore/quotas) to allow up to 300 rules per policy.", - "title": "MetricPolicyRules", - "type": "array" + "InvocationLabel": { + "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", + "title": "InvocationLabel", + "type": "string" } }, "required": [ - "ContainerLevelMetrics" + "EnableCodeHookInvocation" ], "type": "object" }, - "AWS::MediaStore::Container.MetricPolicyRule": { + "AWS::Lex::Bot.ExactResponseFields": { "additionalProperties": false, "properties": { - "ObjectGroup": { - "markdownDescription": "A path or file name that defines which objects to include in the group. Wildcards (*) are acceptable.", - "title": "ObjectGroup", + "AnswerField": { + "markdownDescription": "The name of the field that contains the answer to the query made to the OpenSearch Service database.", + "title": "AnswerField", "type": "string" }, - "ObjectGroupName": { - "markdownDescription": "A name that allows you to refer to the object group.", - "title": "ObjectGroupName", + "QuestionField": { + "markdownDescription": "The name of the field that contains the query made to the OpenSearch Service database.", + "title": "QuestionField", "type": "string" } }, - "required": [ - "ObjectGroup", - "ObjectGroupName" - ], "type": "object" }, - "AWS::MediaTailor::Channel": { + "AWS::Lex::Bot.ExternalSourceSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Audiences": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of audiences defined in channel.", - "title": "Audiences", - "type": "array" - }, - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", - "type": "string" - }, - "FillerSlate": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.SlateSource", - "markdownDescription": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` .", - "title": "FillerSlate" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.LogConfigurationForChannel", - "markdownDescription": "The log configuration.", - "title": "LogConfiguration" - }, - "Outputs": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.RequestOutputItem" - }, - "markdownDescription": "The channel's output properties.", - "title": "Outputs", - "type": "array" - }, - "PlaybackMode": { - "markdownDescription": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule.", - "title": "PlaybackMode", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the channel. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - }, - "Tier": { - "markdownDescription": "The tier for this channel. STANDARD tier channels can contain live programs.", - "title": "Tier", - "type": "string" - }, - "TimeShiftConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.TimeShiftConfiguration", - "markdownDescription": "The configuration for time-shifted viewing.", - "title": "TimeShiftConfiguration" - } - }, - "required": [ - "ChannelName", - "Outputs", - "PlaybackMode" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaTailor::Channel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "GrammarSlotTypeSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSetting", + "markdownDescription": "Settings required for a slot type based on a grammar that you provide.", + "title": "GrammarSlotTypeSetting" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaTailor::Channel.DashPlaylistSettings": { + "AWS::Lex::Bot.FulfillmentCodeHookSetting": { "additionalProperties": false, "properties": { - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", - "title": "ManifestWindowSeconds", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether a Lambda function should be invoked to fulfill a specific intent.", + "title": "Enabled", + "type": "boolean" }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "MinBufferTimeSeconds", - "type": "number" + "FulfillmentUpdatesSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdatesSpecification", + "markdownDescription": "Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations.", + "title": "FulfillmentUpdatesSpecification" }, - "MinUpdatePeriodSeconds": { - "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "MinUpdatePeriodSeconds", - "type": "number" + "IsActive": { + "markdownDescription": "Determines whether the fulfillment code hook is used. When `active` is false, the code hook doesn't run.", + "title": "IsActive", + "type": "boolean" }, - "SuggestedPresentationDelaySeconds": { - "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "SuggestedPresentationDelaySeconds", - "type": "number" + "PostFulfillmentStatusSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PostFulfillmentStatusSpecification", + "markdownDescription": "Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations.", + "title": "PostFulfillmentStatusSpecification" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::MediaTailor::Channel.HlsPlaylistSettings": { + "AWS::Lex::Bot.FulfillmentStartResponseSpecification": { "additionalProperties": false, "properties": { - "AdMarkupType": { + "AllowInterrupt": { + "markdownDescription": "Determines whether the user can interrupt the start message while it is playing.", + "title": "AllowInterrupt", + "type": "boolean" + }, + "DelayInSeconds": { + "markdownDescription": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.", + "title": "DelayInSeconds", + "type": "number" + }, + "MessageGroups": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "markdownDescription": "Determines the type of SCTE 35 tags to use in ad markup. Specify `DATERANGE` to use `DATERANGE` tags (for live or VOD content). Specify `SCTE35_ENHANCED` to use `EXT-X-CUE-OUT` and `EXT-X-CUE-IN` tags (for VOD content only).", - "title": "AdMarkupType", + "markdownDescription": "1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user.", + "title": "MessageGroups", "type": "array" - }, - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", - "title": "ManifestWindowSeconds", - "type": "number" } }, + "required": [ + "DelayInSeconds", + "MessageGroups" + ], "type": "object" }, - "AWS::MediaTailor::Channel.LogConfigurationForChannel": { + "AWS::Lex::Bot.FulfillmentUpdateResponseSpecification": { "additionalProperties": false, "properties": { - "LogTypes": { + "AllowInterrupt": { + "markdownDescription": "Determines whether the user can interrupt an update message while it is playing.", + "title": "AllowInterrupt", + "type": "boolean" + }, + "FrequencyInSeconds": { + "markdownDescription": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.", + "title": "FrequencyInSeconds", + "type": "number" + }, + "MessageGroups": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "markdownDescription": "The log types.", - "title": "LogTypes", + "markdownDescription": "1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.", + "title": "MessageGroups", "type": "array" } }, + "required": [ + "FrequencyInSeconds", + "MessageGroups" + ], "type": "object" }, - "AWS::MediaTailor::Channel.RequestOutputItem": { + "AWS::Lex::Bot.FulfillmentUpdatesSpecification": { "additionalProperties": false, "properties": { - "DashPlaylistSettings": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.DashPlaylistSettings", - "markdownDescription": "DASH manifest configuration parameters.", - "title": "DashPlaylistSettings" + "Active": { + "markdownDescription": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.\n\nIf the `active` field is set to true, the `startResponse` , `updateResponse` , and `timeoutInSeconds` fields are required.", + "title": "Active", + "type": "boolean" }, - "HlsPlaylistSettings": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.HlsPlaylistSettings", - "markdownDescription": "HLS playlist configuration parameters.", - "title": "HlsPlaylistSettings" + "StartResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentStartResponseSpecification", + "markdownDescription": "Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running.", + "title": "StartResponse" }, - "ManifestName": { - "markdownDescription": "The name of the manifest for the channel. The name appears in the `PlaybackUrl` .", - "title": "ManifestName", - "type": "string" + "TimeoutInSeconds": { + "markdownDescription": "The length of time that the fulfillment Lambda function should run before it times out.", + "title": "TimeoutInSeconds", + "type": "number" }, - "SourceGroup": { - "markdownDescription": "A string used to match which `HttpPackageConfiguration` is used for each `VodSource` .", - "title": "SourceGroup", - "type": "string" + "UpdateResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdateResponseSpecification", + "markdownDescription": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running.", + "title": "UpdateResponse" } }, "required": [ - "ManifestName", - "SourceGroup" + "Active" ], "type": "object" }, - "AWS::MediaTailor::Channel.SlateSource": { + "AWS::Lex::Bot.GenerativeAISettings": { "additionalProperties": false, "properties": { - "SourceLocationName": { - "markdownDescription": "The name of the source location where the slate VOD source is stored.", - "title": "SourceLocationName", - "type": "string" + "BuildtimeSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.BuildtimeSettings", + "markdownDescription": "", + "title": "BuildtimeSettings" }, - "VodSourceName": { - "markdownDescription": "The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.", - "title": "VodSourceName", - "type": "string" + "RuntimeSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.RuntimeSettings", + "markdownDescription": "", + "title": "RuntimeSettings" } }, "type": "object" }, - "AWS::MediaTailor::Channel.TimeShiftConfiguration": { + "AWS::Lex::Bot.GrammarSlotTypeSetting": { "additionalProperties": false, "properties": { - "MaxTimeDelaySeconds": { - "markdownDescription": "The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).", - "title": "MaxTimeDelaySeconds", - "type": "number" + "Source": { + "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSource", + "markdownDescription": "The source of the grammar used to create the slot type.", + "title": "Source" } }, - "required": [ - "MaxTimeDelaySeconds" - ], "type": "object" }, - "AWS::MediaTailor::ChannelPolicy": { + "AWS::Lex::Bot.GrammarSlotTypeSource": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KmsKeyArn": { + "markdownDescription": "The AWS KMS key required to decrypt the contents of the grammar, if any.", + "title": "KmsKeyArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel associated with this Channel Policy.", - "title": "ChannelName", - "type": "string" - }, - "Policy": { - "markdownDescription": "The IAM policy for the channel. IAM policies are used to control access to your channel.", - "title": "Policy", - "type": "object" - } - }, - "required": [ - "ChannelName", - "Policy" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaTailor::ChannelPolicy" - ], + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the grammar source.", + "title": "S3BucketName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3ObjectKey": { + "markdownDescription": "The path to the grammar in the Amazon S3 bucket.", + "title": "S3ObjectKey", "type": "string" } }, "required": [ - "Type", - "Properties" + "S3BucketName", + "S3ObjectKey" ], "type": "object" }, - "AWS::MediaTailor::LiveSource": { + "AWS::Lex::Bot.ImageResponseCard": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Buttons": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Button" + }, + "markdownDescription": "A list of buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button.", + "title": "Buttons", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ImageUrl": { + "markdownDescription": "The URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.", + "title": "ImageUrl", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "HttpPackageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::LiveSource.HttpPackageConfiguration" - }, - "markdownDescription": "The HTTP package configurations for the live source.", - "title": "HttpPackageConfigurations", - "type": "array" - }, - "LiveSourceName": { - "markdownDescription": "The name that's used to refer to a live source.", - "title": "LiveSourceName", - "type": "string" - }, - "SourceLocationName": { - "markdownDescription": "The name of the source location.", - "title": "SourceLocationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the live source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "HttpPackageConfigurations", - "LiveSourceName", - "SourceLocationName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaTailor::LiveSource" - ], + "Subtitle": { + "markdownDescription": "The subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.", + "title": "Subtitle", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "The title to display on the response card. The format of the title is determined by the platform displaying the response card.", + "title": "Title", "type": "string" } }, "required": [ - "Type", - "Properties" + "Title" ], "type": "object" }, - "AWS::MediaTailor::LiveSource.HttpPackageConfiguration": { + "AWS::Lex::Bot.InitialResponseSetting": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", - "title": "Path", - "type": "string" + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.", + "title": "CodeHook" }, - "SourceGroup": { - "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", - "title": "SourceGroup", - "type": "string" + "Conditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", + "title": "Conditional" }, - "Type": { - "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", - "title": "Type", + "InitialResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "InitialResponse" + }, + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.InputContext": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the context.", + "title": "Name", "type": "string" } }, "required": [ - "Path", - "SourceGroup", - "Type" + "Name" ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration": { + "AWS::Lex::Bot.Intent": { "additionalProperties": false, "properties": { - "Condition": { + "BedrockAgentIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentIntentConfiguration", + "markdownDescription": "", + "title": "BedrockAgentIntentConfiguration" + }, + "Description": { + "markdownDescription": "A description of the intent. Use the description to help identify the intent in lists.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DialogCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookSetting", + "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction.", + "title": "DialogCodeHook" + }, + "FulfillmentCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentCodeHookSetting", + "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user.", + "title": "FulfillmentCodeHook" + }, + "InitialResponseSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.InitialResponseSetting", + "markdownDescription": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.", + "title": "InitialResponseSetting" + }, + "InputContexts": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.InputContext" + }, + "markdownDescription": "A list of contexts that must be active for this intent to be considered by Amazon Lex .", + "title": "InputContexts", + "type": "array" + }, + "IntentClosingSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentClosingSetting", + "markdownDescription": "Sets the response that Amazon Lex sends to the user when the intent is closed.", + "title": "IntentClosingSetting" + }, + "IntentConfirmationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentConfirmationSetting", + "markdownDescription": "Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers \"no,\" the settings contain a statement that is sent to the user to end the intent.", + "title": "IntentConfirmationSetting" + }, + "KendraConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.KendraConfiguration", + "markdownDescription": "Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance.", + "title": "KendraConfiguration" + }, + "Name": { + "markdownDescription": "The name of the intent. Intent names must be unique within the locale that contains the intent and can't match the name of any built-in intent.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "OutputContexts": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.OutputContext" + }, + "markdownDescription": "A list of contexts that the intent activates when it is fulfilled.", + "title": "OutputContexts", + "type": "array" }, - "Metadata": { - "type": "object" + "ParentIntentSignature": { + "markdownDescription": "A unique identifier for the built-in intent to base this intent on.", + "title": "ParentIntentSignature", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdDecisionServerUrl": { - "markdownDescription": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters.", - "title": "AdDecisionServerUrl", - "type": "string" - }, - "AvailSuppression": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AvailSuppression", - "markdownDescription": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see [Ad Suppression](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", - "title": "AvailSuppression" - }, - "Bumper": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.Bumper", - "markdownDescription": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see [Bumpers](https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html) .", - "title": "Bumper" - }, - "CdnConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration", - "markdownDescription": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management.", - "title": "CdnConfiguration" - }, - "ConfigurationAliases": { - "additionalProperties": true, - "markdownDescription": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see [Domain Variables](https://docs.aws.amazon.com/mediatailor/latest/ug/variables-domain.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "object" - } - }, - "title": "ConfigurationAliases", - "type": "object" - }, - "DashConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.DashConfiguration", - "markdownDescription": "The configuration for a DASH source.", - "title": "DashConfiguration" - }, - "HlsConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration", - "markdownDescription": "The configuration for HLS content.", - "title": "HlsConfiguration" - }, - "LivePreRollConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration", - "markdownDescription": "The configuration for pre-roll ad insertion.", - "title": "LivePreRollConfiguration" - }, - "ManifestProcessingRules": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules", - "markdownDescription": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor.", - "title": "ManifestProcessingRules" - }, - "Name": { - "markdownDescription": "The identifier for the playback configuration.", - "title": "Name", - "type": "string" - }, - "PersonalizationThresholdSeconds": { - "markdownDescription": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to *ad replacement* in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see [Ad Behavior in AWS Elemental MediaTailor](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", - "title": "PersonalizationThresholdSeconds", - "type": "number" - }, - "SlateAdUrl": { - "markdownDescription": "The URL for a video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID playback configurations. For VPAID, the slate is required because MediaTailor provides it in the slots designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video.", - "title": "SlateAdUrl", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the playback configuration. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - }, - "TranscodeProfileName": { - "markdownDescription": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support.", - "title": "TranscodeProfileName", - "type": "string" - }, - "VideoContentSourceUrl": { - "markdownDescription": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters.", - "title": "VideoContentSourceUrl", - "type": "string" - } + "QInConnectIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QInConnectIntentConfiguration", + "markdownDescription": "", + "title": "QInConnectIntentConfiguration" + }, + "QnAIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QnAIntentConfiguration", + "markdownDescription": "", + "title": "QnAIntentConfiguration" + }, + "SampleUtterances": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" }, - "required": [ - "AdDecisionServerUrl", - "Name", - "VideoContentSourceUrl" - ], - "type": "object" + "markdownDescription": "A list of utterances that a user might say to signal the intent.", + "title": "SampleUtterances", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaTailor::PlaybackConfiguration" - ], - "type": "string" + "SlotPriorities": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotPriority" + }, + "markdownDescription": "Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order.", + "title": "SlotPriorities", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Slots": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Slot" + }, + "markdownDescription": "A list of slots that the intent requires for fulfillment.", + "title": "Slots", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { + "AWS::Lex::Bot.IntentClosingSetting": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables ad marker passthrough for your configuration.", - "title": "Enabled", + "ClosingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to the user when the intent is complete.", + "title": "ClosingResponse" + }, + "Conditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches associated with the intent's closing response. These branches are executed when the `nextStep` attribute is set to `EvalutateConditional` .", + "title": "Conditional" + }, + "IsActive": { + "markdownDescription": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", "type": "boolean" + }, + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes after playing the intent's closing response.", + "title": "NextStep" } }, "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.AvailSuppression": { + "AWS::Lex::Bot.IntentConfirmationSetting": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to `BEHIND_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to `AFTER_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value.", - "title": "Mode", - "type": "string" + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "The `DialogCodeHookInvocationSetting` object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `InvokeDialogCodeHook` .", + "title": "CodeHook" }, - "Value": { - "markdownDescription": "A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge.", - "title": "Value", - "type": "string" + "ConfirmationConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the intent is closed.", + "title": "ConfirmationConditional" + }, + "ConfirmationNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes when the customer confirms the intent.", + "title": "ConfirmationNextStep" + }, + "ConfirmationResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "ConfirmationResponse" + }, + "DeclinationConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the intent is declined.", + "title": "DeclinationConditional" + }, + "DeclinationNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes when the customer declines the intent.", + "title": "DeclinationNextStep" + }, + "DeclinationResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "When the user answers \"no\" to the question defined in `promptSpecification` , Amazon Lex responds with this response to acknowledge that the intent was canceled.", + "title": "DeclinationResponse" + }, + "ElicitationCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", + "markdownDescription": "The `DialogCodeHookInvocationSetting` used when the code hook is invoked during confirmation prompt retries.", + "title": "ElicitationCodeHook" + }, + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", + "title": "FailureConditional" + }, + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step to take in the conversation if the confirmation step fails.", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the intent confirmation fails.", + "title": "FailureResponse" + }, + "IsActive": { + "markdownDescription": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "Prompts the user to confirm the intent. This question should have a yes or no answer.\n\nAmazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. For example, with the `OrderPizza` intent, you might want to confirm that the order is correct before placing it. For other intents, such as intents that simply respond to user questions, you might not need to ask the user for confirmation before providing the information.", + "title": "PromptSpecification" } }, + "required": [ + "PromptSpecification" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.Bumper": { + "AWS::Lex::Bot.IntentOverride": { "additionalProperties": false, "properties": { - "EndUrl": { - "markdownDescription": "The URL for the end bumper asset.", - "title": "EndUrl", + "Name": { + "markdownDescription": "The name of the intent. Only required when you're switching intents.", + "title": "Name", "type": "string" }, - "StartUrl": { - "markdownDescription": "The URL for the start bumper asset.", - "title": "StartUrl", - "type": "string" + "Slots": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverrideMap" + }, + "markdownDescription": "A map of all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden.", + "title": "Slots", + "type": "array" } }, "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration": { + "AWS::Lex::Bot.KendraConfiguration": { "additionalProperties": false, "properties": { - "AdSegmentUrlPrefix": { - "markdownDescription": "A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor. ** .amazonaws.com. Then specify the rule's name in this `AdSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments.", - "title": "AdSegmentUrlPrefix", + "KendraIndex": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot.", + "title": "KendraIndex", "type": "string" }, - "ContentSegmentUrlPrefix": { - "markdownDescription": "A content delivery network (CDN) to cache content segments, so that content requests don\u2019t always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this `ContentSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments.", - "title": "ContentSegmentUrlPrefix", + "QueryFilterString": { + "markdownDescription": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) .", + "title": "QueryFilterString", "type": "string" + }, + "QueryFilterStringEnabled": { + "markdownDescription": "Determines whether the `AMAZON.KendraSearchIntent` intent uses a custom query string to query the Amazon Kendra index.", + "title": "QueryFilterStringEnabled", + "type": "boolean" } }, + "required": [ + "KendraIndex" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.DashConfiguration": { + "AWS::Lex::Bot.LambdaCodeHook": { "additionalProperties": false, "properties": { - "ManifestEndpointPrefix": { - "markdownDescription": "The URL generated by MediaTailor to initiate a playback session. The session uses server-side reporting. This setting is ignored in PUT operations.", - "title": "ManifestEndpointPrefix", - "type": "string" - }, - "MpdLocation": { - "markdownDescription": "The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are `DISABLED` and `EMT_DEFAULT` . The `EMT_DEFAULT` setting enables the inclusion of the tag and is the default value.", - "title": "MpdLocation", + "CodeHookInterfaceVersion": { + "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", + "title": "CodeHookInterfaceVersion", "type": "string" }, - "OriginManifestType": { - "markdownDescription": "The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to `SINGLE_PERIOD` . The default setting is `MULTI_PERIOD` . For multi-period manifests, omit this setting or set it to `MULTI_PERIOD` .", - "title": "OriginManifestType", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", + "title": "LambdaArn", "type": "string" } }, + "required": [ + "CodeHookInterfaceVersion", + "LambdaArn" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration": { + "AWS::Lex::Bot.Message": { "additionalProperties": false, "properties": { - "ManifestEndpointPrefix": { - "markdownDescription": "The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting.", - "title": "ManifestEndpointPrefix", - "type": "string" + "CustomPayload": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomPayload", + "markdownDescription": "A message in a custom format defined by the client application.", + "title": "CustomPayload" + }, + "ImageResponseCard": { + "$ref": "#/definitions/AWS::Lex::Bot.ImageResponseCard", + "markdownDescription": "A message that defines a response card that the client application can show to the user.", + "title": "ImageResponseCard" + }, + "PlainTextMessage": { + "$ref": "#/definitions/AWS::Lex::Bot.PlainTextMessage", + "markdownDescription": "A message in plain text format.", + "title": "PlainTextMessage" + }, + "SSMLMessage": { + "$ref": "#/definitions/AWS::Lex::Bot.SSMLMessage", + "markdownDescription": "A message in Speech Synthesis Markup Language (SSML).", + "title": "SSMLMessage" } }, "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration": { + "AWS::Lex::Bot.MessageGroup": { "additionalProperties": false, "properties": { - "AdDecisionServerUrl": { - "markdownDescription": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters.", - "title": "AdDecisionServerUrl", - "type": "string" + "Message": { + "$ref": "#/definitions/AWS::Lex::Bot.Message", + "markdownDescription": "The primary message that Amazon Lex should send to the user.", + "title": "Message" }, - "MaxDurationSeconds": { - "markdownDescription": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns.", - "title": "MaxDurationSeconds", - "type": "number" + "Variations": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Message" + }, + "markdownDescription": "Message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user.", + "title": "Variations", + "type": "array" } }, + "required": [ + "Message" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules": { + "AWS::Lex::Bot.MultipleValuesSetting": { "additionalProperties": false, "properties": { - "AdMarkerPassthrough": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough", - "markdownDescription": "For HLS, when set to `true` , MediaTailor passes through `EXT-X-CUE-IN` , `EXT-X-CUE-OUT` , and `EXT-X-SPLICEPOINT-SCTE35` ad markers from the origin manifest to the MediaTailor personalized manifest.\n\nNo logic is applied to these ad markers. For example, if `EXT-X-CUE-OUT` has a value of `60` , but no ads are filled for that ad break, MediaTailor will not set the value to `0` .", - "title": "AdMarkerPassthrough" + "AllowMultipleValues": { + "markdownDescription": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` .", + "title": "AllowMultipleValues", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaTailor::SourceLocation": { + "AWS::Lex::Bot.NluImprovementSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "Enabled": { + "markdownDescription": "Determines whether the Assisted NLU feature is enabled for the bot. When set to `true` , Amazon Lex uses advanced models to improve intent recognition and slot resolution, with the default being `false` .", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.ObfuscationSetting": { + "additionalProperties": false, + "properties": { + "ObfuscationSettingType": { + "markdownDescription": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.", + "title": "ObfuscationSettingType", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "ObfuscationSettingType" + ], + "type": "object" + }, + "AWS::Lex::Bot.OpensearchConfiguration": { + "additionalProperties": false, + "properties": { + "DomainEndpoint": { + "markdownDescription": "The endpoint of the Amazon OpenSearch Service domain.", + "title": "DomainEndpoint", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response or to return an answer generated by the model using the fields you specify from the database.", + "title": "ExactResponse", + "type": "boolean" }, - "Metadata": { - "type": "object" + "ExactResponseFields": { + "$ref": "#/definitions/AWS::Lex::Bot.ExactResponseFields", + "markdownDescription": "Contains the names of the fields used for an exact response to the user.", + "title": "ExactResponseFields" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.AccessConfiguration", - "markdownDescription": "The access configuration for the source location.", - "title": "AccessConfiguration" - }, - "DefaultSegmentDeliveryConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration", - "markdownDescription": "The default segment delivery configuration.", - "title": "DefaultSegmentDeliveryConfiguration" - }, - "HttpConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.HttpConfiguration", - "markdownDescription": "The HTTP configuration for the source location.", - "title": "HttpConfiguration" - }, - "SegmentDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration" - }, - "markdownDescription": "The segment delivery configurations for the source location.", - "title": "SegmentDeliveryConfigurations", - "type": "array" - }, - "SourceLocationName": { - "markdownDescription": "The name of the source location.", - "title": "SourceLocationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the source location. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - } + "IncludeFields": { + "items": { + "type": "string" }, - "required": [ - "HttpConfiguration", - "SourceLocationName" - ], - "type": "object" + "markdownDescription": "Contains a list of fields from the Amazon OpenSearch Service that the model can use to generate the answer to the query.", + "title": "IncludeFields", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaTailor::SourceLocation" - ], + "IndexName": { + "markdownDescription": "The name of the Amazon OpenSearch Service index.", + "title": "IndexName", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::Lex::Bot.OutputContext": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the output context.", + "title": "Name", "type": "string" + }, + "TimeToLiveInSeconds": { + "markdownDescription": "The amount of time, in seconds, that the output context should remain active. The time is figured from the first time the context is sent to the user.", + "title": "TimeToLiveInSeconds", + "type": "number" + }, + "TurnsToLive": { + "markdownDescription": "The number of conversation turns that the output context should remain active. The number of turns is counted from the first time that the context is sent to the user.", + "title": "TurnsToLive", + "type": "number" } }, "required": [ - "Type", - "Properties" + "Name", + "TimeToLiveInSeconds", + "TurnsToLive" ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.AccessConfiguration": { + "AWS::Lex::Bot.PlainTextMessage": { "additionalProperties": false, "properties": { - "AccessType": { - "markdownDescription": "The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` .\n\n`S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name.\n\nBefore you can use `S3_SIGV4` , you must meet these requirements:\n\n\u2022 You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide.\n\n\u2022 The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations.\n\n\u2022 The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations.", - "title": "AccessType", + "Value": { + "markdownDescription": "The message to send to the user.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification": { + "additionalProperties": false, + "properties": { + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureConditional" }, - "SecretsManagerAccessTokenConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration", - "markdownDescription": "AWS Secrets Manager access token configuration parameters.", - "title": "SecretsManagerAccessTokenConfiguration" + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the code hook fails.", + "title": "FailureResponse" + }, + "SuccessConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook finishes successfully.", + "title": "SuccessConditional" + }, + "SuccessNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifics the next step the bot runs after the dialog code hook finishes successfully.", + "title": "SuccessNextStep" + }, + "SuccessResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the code hook succeeds.", + "title": "SuccessResponse" + }, + "TimeoutConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate if the code hook times out.", + "title": "TimeoutConditional" + }, + "TimeoutNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the code hook times out.", + "title": "TimeoutNextStep" + }, + "TimeoutResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond to the user input when the code hook times out.", + "title": "TimeoutResponse" } }, "type": "object" }, - "AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration": { + "AWS::Lex::Bot.PostFulfillmentStatusSpecification": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The hostname of the server that will be used to serve segments. This string must include the protocol, such as *https://* .", - "title": "BaseUrl", - "type": "string" + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureConditional" + }, + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't successful.", + "title": "FailureResponse" + }, + "SuccessConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully.", + "title": "SuccessConditional" + }, + "SuccessNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully.", + "title": "SuccessNextStep" + }, + "SuccessResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the fulfillment is successful.", + "title": "SuccessResponse" + }, + "TimeoutConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate if the fulfillment code hook times out.", + "title": "TimeoutConditional" + }, + "TimeoutNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the fulfillment code hook times out.", + "title": "TimeoutNextStep" + }, + "TimeoutResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't completed within the timeout period.", + "title": "TimeoutResponse" } }, "type": "object" }, - "AWS::MediaTailor::SourceLocation.HttpConfiguration": { + "AWS::Lex::Bot.PromptAttemptSpecification": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The base URL for the source location host server. This string must include the protocol, such as *https://* .", - "title": "BaseUrl", - "type": "string" + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech prompt attempt from the bot.", + "title": "AllowInterrupt", + "type": "boolean" + }, + "AllowedInputTypes": { + "$ref": "#/definitions/AWS::Lex::Bot.AllowedInputTypes", + "markdownDescription": "Indicates the allowed input types of the prompt attempt.", + "title": "AllowedInputTypes" + }, + "AudioAndDTMFInputSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioAndDTMFInputSpecification", + "markdownDescription": "Specifies the settings on audio and DTMF input.", + "title": "AudioAndDTMFInputSpecification" + }, + "TextInputSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.TextInputSpecification", + "markdownDescription": "Specifies the settings on text input.", + "title": "TextInputSpecification" } }, "required": [ - "BaseUrl" + "AllowedInputTypes" ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration": { + "AWS::Lex::Bot.PromptSpecification": { "additionalProperties": false, "properties": { - "HeaderName": { - "markdownDescription": "The name of the HTTP header used to supply the access token in requests to the source location.", - "title": "HeaderName", - "type": "string" + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech prompt from the bot.", + "title": "AllowInterrupt", + "type": "boolean" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.", - "title": "SecretArn", - "type": "string" + "MaxRetries": { + "markdownDescription": "The maximum number of times the bot tries to elicit a response from the user using this prompt.", + "title": "MaxRetries", + "type": "number" }, - "SecretStringKey": { - "markdownDescription": "The AWS Secrets Manager [SecretString](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html#SecretsManager-CreateSecret-request-SecretString.html) key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.", - "title": "SecretStringKey", + "MessageGroupsList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + }, + "markdownDescription": "A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime.", + "title": "MessageGroupsList", + "type": "array" + }, + "MessageSelectionStrategy": { + "markdownDescription": "Indicates how a message is selected from a message group among retries.", + "title": "MessageSelectionStrategy", "type": "string" + }, + "PromptAttemptsSpecification": { + "additionalProperties": false, + "markdownDescription": "Specifies the advanced settings on each attempt of the prompt.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptAttemptSpecification" + } + }, + "title": "PromptAttemptsSpecification", + "type": "object" } }, + "required": [ + "MaxRetries", + "MessageGroupsList" + ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration": { + "AWS::Lex::Bot.QInConnectAssistantConfiguration": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as `https://example.com/some/path` . To use a relative URL specify the relative path, such as `/some/path*` .", - "title": "BaseUrl", + "AssistantArn": { + "markdownDescription": "", + "title": "AssistantArn", "type": "string" + } + }, + "required": [ + "AssistantArn" + ], + "type": "object" + }, + "AWS::Lex::Bot.QInConnectIntentConfiguration": { + "additionalProperties": false, + "properties": { + "QInConnectAssistantConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QInConnectAssistantConfiguration", + "markdownDescription": "", + "title": "QInConnectAssistantConfiguration" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.QnAIntentConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockModelConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelConfiguration" }, - "Name": { - "markdownDescription": "A unique identifier used to distinguish between multiple segment delivery configurations in a source location.", - "title": "Name", - "type": "string" + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.DataSourceConfiguration", + "markdownDescription": "Contains details about the configuration of the data source used for the `AMAZON.QnAIntent` .", + "title": "DataSourceConfiguration" } }, + "required": [ + "BedrockModelConfiguration", + "DataSourceConfiguration" + ], "type": "object" }, - "AWS::MediaTailor::VodSource": { + "AWS::Lex::Bot.QnAKendraConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response from the Amazon Kendra index or to let the Amazon Bedrock model you select generate a response based on the results. To use this feature, you must first add FAQ questions to your index by following the steps at [Adding frequently asked questions (FAQs) to an index](https://docs.aws.amazon.com/kendra/latest/dg/in-creating-faq.html) .", + "title": "ExactResponse", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KendraIndex": { + "markdownDescription": "The ARN of the Amazon Kendra index to use.", + "title": "KendraIndex", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "QueryFilterString": { + "markdownDescription": "Contains the Amazon Kendra filter string to use if enabled. For more information on the Amazon Kendra search filter JSON format, see [Using document attributes to filter search results](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html#search-filtering) .", + "title": "QueryFilterString", + "type": "string" }, - "Metadata": { - "type": "object" + "QueryFilterStringEnabled": { + "markdownDescription": "Specifies whether to enable an Amazon Kendra filter string or not.", + "title": "QueryFilterStringEnabled", + "type": "boolean" + } + }, + "required": [ + "ExactResponse", + "KendraIndex", + "QueryFilterStringEnabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.Replication": { + "additionalProperties": false, + "properties": { + "ReplicaRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "ReplicaRegions", + "type": "array" + } + }, + "required": [ + "ReplicaRegions" + ], + "type": "object" + }, + "AWS::Lex::Bot.ResponseSpecification": { + "additionalProperties": false, + "properties": { + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech response from Amazon Lex.", + "title": "AllowInterrupt", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "HttpPackageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::VodSource.HttpPackageConfiguration" - }, - "markdownDescription": "The HTTP package configurations for the VOD source.", - "title": "HttpPackageConfigurations", - "type": "array" - }, - "SourceLocationName": { - "markdownDescription": "The name of the source location that the VOD source is associated with.", - "title": "SourceLocationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the VOD source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - }, - "VodSourceName": { - "markdownDescription": "The name of the VOD source.", - "title": "VodSourceName", - "type": "string" - } + "MessageGroupsList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "required": [ - "HttpPackageConfigurations", - "SourceLocationName", - "VodSourceName" - ], - "type": "object" + "markdownDescription": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime.", + "title": "MessageGroupsList", + "type": "array" + } + }, + "required": [ + "MessageGroupsList" + ], + "type": "object" + }, + "AWS::Lex::Bot.RuntimeSettings": { + "additionalProperties": false, + "properties": { + "NluImprovementSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.NluImprovementSpecification", + "markdownDescription": "", + "title": "NluImprovementSpecification" }, - "Type": { - "enum": [ - "AWS::MediaTailor::VodSource" - ], + "SlotResolutionImprovementSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotResolutionImprovementSpecification", + "markdownDescription": "", + "title": "SlotResolutionImprovementSpecification" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.S3BucketLogDestination": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", + "title": "KmsKeyArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LogPrefix": { + "markdownDescription": "The S3 prefix to assign to audio log files.", + "title": "LogPrefix", + "type": "string" + }, + "S3BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", + "title": "S3BucketArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "LogPrefix", + "S3BucketArn" ], "type": "object" }, - "AWS::MediaTailor::VodSource.HttpPackageConfiguration": { + "AWS::Lex::Bot.S3Location": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", - "title": "Path", + "S3Bucket": { + "markdownDescription": "The S3 bucket name.", + "title": "S3Bucket", "type": "string" }, - "SourceGroup": { - "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", - "title": "SourceGroup", + "S3ObjectKey": { + "markdownDescription": "The path and file name to the object in the S3 bucket.", + "title": "S3ObjectKey", "type": "string" }, - "Type": { - "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", - "title": "Type", + "S3ObjectVersion": { + "markdownDescription": "The version of the object in the S3 bucket.", + "title": "S3ObjectVersion", "type": "string" } }, "required": [ - "Path", - "SourceGroup", - "Type" + "S3Bucket", + "S3ObjectKey" ], "type": "object" }, - "AWS::MemoryDB::ACL": { + "AWS::Lex::Bot.SSMLMessage": { "additionalProperties": false, "properties": { - "Condition": { + "Value": { + "markdownDescription": "The SSML text that defines the prompt.", + "title": "Value", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::Lex::Bot.SampleUtterance": { + "additionalProperties": false, + "properties": { + "Utterance": { + "markdownDescription": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.", + "title": "Utterance", "type": "string" + } + }, + "required": [ + "Utterance" + ], + "type": "object" + }, + "AWS::Lex::Bot.SampleUtteranceGenerationSpecification": { + "additionalProperties": false, + "properties": { + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelSpecification" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ACLName": { - "markdownDescription": "The name of the Access Control List.", - "title": "ACLName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "UserNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of users that belong to the Access Control List.", - "title": "UserNames", - "type": "array" - } - }, - "required": [ - "ACLName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MemoryDB::ACL" - ], + "Enabled": { + "markdownDescription": "Specifies whether to enable sample utterance generation or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.SampleValue": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The value that can be used for a slot type.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::Lex::Bot.SentimentAnalysisSettings": { + "additionalProperties": false, + "properties": { + "DetectSentiment": { + "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", + "title": "DetectSentiment", + "type": "boolean" + } + }, + "required": [ + "DetectSentiment" + ], + "type": "object" + }, + "AWS::Lex::Bot.SessionAttribute": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the session attribute.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The session-specific context information for the session attribute.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key" ], "type": "object" }, - "AWS::MemoryDB::Cluster": { + "AWS::Lex::Bot.Slot": { "additionalProperties": false, "properties": { - "Condition": { + "Description": { + "markdownDescription": "The description of the slot.", + "title": "Description", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MultipleValuesSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.MultipleValuesSetting", + "markdownDescription": "Indicates whether a slot can return multiple values.", + "title": "MultipleValuesSetting" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "The name given to the slot.", + "title": "Name", + "type": "string" }, - "Metadata": { - "type": "object" + "ObfuscationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.ObfuscationSetting", + "markdownDescription": "Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs.", + "title": "ObfuscationSetting" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ACLName": { - "markdownDescription": "The name of the Access Control List to associate with the cluster .", - "title": "ACLName", - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "When set to true, the cluster will automatically receive minor engine version upgrades after launch.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "ClusterEndpoint": { - "$ref": "#/definitions/AWS::MemoryDB::Cluster.Endpoint", - "markdownDescription": "The cluster 's configuration endpoint.", - "title": "ClusterEndpoint" - }, - "ClusterName": { - "markdownDescription": "The name of the cluster .", - "title": "ClusterName", - "type": "string" - }, - "DataTiering": { - "markdownDescription": "Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html) .", - "title": "DataTiering", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the cluster .", - "title": "Description", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The Redis engine version used by the cluster .", - "title": "EngineVersion", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.", - "title": "FinalSnapshotName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key used to encrypt the cluster .", - "title": "KmsKeyId", - "type": "string" - }, - "MaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n*Pattern* : `ddd:hh24:mi-ddd:hh24:mi`", - "title": "MaintenanceWindow", - "type": "string" - }, - "NodeType": { - "markdownDescription": "The cluster 's node type.", - "title": "NodeType", - "type": "string" - }, - "NumReplicasPerShard": { - "markdownDescription": "The number of replicas to apply to each shard.\n\n*Default value* : `1`\n\n*Maximum value* : `5`", - "title": "NumReplicasPerShard", - "type": "number" - }, - "NumShards": { - "markdownDescription": "The number of shards in the cluster .", - "title": "NumShards", - "type": "number" - }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group used by the cluster .", - "title": "ParameterGroupName", - "type": "string" - }, - "Port": { - "markdownDescription": "The port used by the cluster .", - "title": "Port", - "type": "number" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group names to associate with this cluster .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster . The Amazon S3 object name in the ARN cannot contain any commas.", - "title": "SnapshotArns", - "type": "array" - }, - "SnapshotName": { - "markdownDescription": "The name of a snapshot from which to restore data into the new cluster . The snapshot status changes to restoring while the new cluster is being created.", - "title": "SnapshotName", - "type": "string" - }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted.", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: 05:00-09:00 If you do not specify this parameter, MemoryDB automatically chooses an appropriate time range.", - "title": "SnapshotWindow", - "type": "string" - }, - "SnsTopicArn": { - "markdownDescription": "When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the ARN of the SNS topic, such as `arn:aws:memorydb:us-east-1:123456789012:mySNSTopic`", - "title": "SnsTopicArn", - "type": "string" - }, - "SnsTopicStatus": { - "markdownDescription": "The SNS topic must be in Active status to receive notifications.", - "title": "SnsTopicStatus", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group used by the cluster .", - "title": "SubnetGroupName", - "type": "string" - }, - "TLSEnabled": { - "markdownDescription": "A flag to indicate if In-transit encryption is enabled.", - "title": "TLSEnabled", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ACLName", - "ClusterName", - "NodeType" - ], - "type": "object" + "SlotTypeName": { + "markdownDescription": "The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot.", + "title": "SlotTypeName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::MemoryDB::Cluster" - ], + "SubSlotSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotSetting", + "markdownDescription": "", + "title": "SubSlotSetting" + }, + "ValueElicitationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueElicitationSetting", + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value.\n- TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ValueElicitationSetting" + } + }, + "required": [ + "Name", + "SlotTypeName", + "ValueElicitationSetting" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotCaptureSetting": { + "additionalProperties": false, + "properties": { + "CaptureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the slot value is captured.", + "title": "CaptureConditional" + }, + "CaptureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out.", + "title": "CaptureNextStep" + }, + "CaptureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "CaptureResponse" + }, + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "Code hook called after Amazon Lex successfully captures a slot value.", + "title": "CodeHook" + }, + "ElicitationCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", + "markdownDescription": "Code hook called when Amazon Lex doesn't capture a slot value.", + "title": "ElicitationCodeHook" + }, + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate when the slot value isn't captured.", + "title": "FailureConditional" + }, + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the slot value code is not recognized.", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the slot fails to be captured.", + "title": "FailureResponse" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "The default value to use when a user doesn't provide a value for a slot.", + "title": "DefaultValue", "type": "string" + } + }, + "required": [ + "DefaultValue" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotDefaultValueSpecification": { + "additionalProperties": false, + "properties": { + "DefaultValueList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValue" + }, + "markdownDescription": "A list of default values. Amazon Lex chooses the default value to use in the order that they are presented in the list.", + "title": "DefaultValueList", + "type": "array" + } + }, + "required": [ + "DefaultValueList" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotPriority": { + "additionalProperties": false, + "properties": { + "Priority": { + "markdownDescription": "The priority that Amazon Lex should apply to the slot.", + "title": "Priority", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SlotName": { + "markdownDescription": "The name of the slot.", + "title": "SlotName", "type": "string" } }, "required": [ - "Type", - "Properties" + "Priority", + "SlotName" ], "type": "object" }, - "AWS::MemoryDB::Cluster.Endpoint": { + "AWS::Lex::Bot.SlotResolutionImprovementSpecification": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The DNS hostname of the node.", - "title": "Address", + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "An object containing information about the Amazon Bedrock model used to assist slot resolution.", + "title": "BedrockModelSpecification" + }, + "Enabled": { + "markdownDescription": "Specifies whether assisted slot resolution is turned on or off.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotType": { + "additionalProperties": false, + "properties": { + "CompositeSlotTypeSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.CompositeSlotTypeSetting", + "markdownDescription": "", + "title": "CompositeSlotTypeSetting" + }, + "Description": { + "markdownDescription": "A description of the slot type. Use the description to help identify the slot type in lists.", + "title": "Description", "type": "string" }, - "Port": { - "markdownDescription": "The port number that the engine is listening on.", - "title": "Port", - "type": "number" + "ExternalSourceSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.ExternalSourceSetting", + "markdownDescription": "Sets the type of external information used to create the slot type.", + "title": "ExternalSourceSetting" + }, + "Name": { + "markdownDescription": "The name of the slot type. A slot type name must be unique withing the account.", + "title": "Name", + "type": "string" + }, + "ParentSlotTypeSignature": { + "markdownDescription": "The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type.\n\nOnly `AMAZON.AlphaNumeric` is supported.", + "title": "ParentSlotTypeSignature", + "type": "string" + }, + "SlotTypeValues": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotTypeValue" + }, + "markdownDescription": "A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot.", + "title": "SlotTypeValues", + "type": "array" + }, + "ValueSelectionSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueSelectionSetting", + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ValueSelectionSetting" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::MemoryDB::ParameterGroup": { + "AWS::Lex::Bot.SlotTypeValue": { "additionalProperties": false, "properties": { - "Condition": { + "SampleValue": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleValue", + "markdownDescription": "The value of the slot type entry.", + "title": "SampleValue" + }, + "Synonyms": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleValue" + }, + "markdownDescription": "Additional values related to the slot type entry.", + "title": "Synonyms", + "type": "array" + } + }, + "required": [ + "SampleValue" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotValue": { + "additionalProperties": false, + "properties": { + "InterpretedValue": { + "markdownDescription": "The value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the `resolvedValues` list.", + "title": "InterpretedValue", "type": "string" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueElicitationSetting": { + "additionalProperties": false, + "properties": { + "DefaultValueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", + "markdownDescription": "A list of default values for a slot. Default values are used when Amazon Lex hasn't determined a value for a slot. You can specify default values from context variables, session attributes, and defined values.", + "title": "DefaultValueSpecification" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "The prompt that Amazon Lex uses to elicit the slot value from the user.", + "title": "PromptSpecification" + }, + "SampleUtterances": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + }, + "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This is optional. In most cases, Amazon Lex is capable of understanding user utterances.", + "title": "SampleUtterances", + "type": "array" + }, + "SlotCaptureSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotCaptureSetting", + "markdownDescription": "Specifies the settings that Amazon Lex uses when a slot value is successfully entered by a user.", + "title": "SlotCaptureSetting" + }, + "SlotConstraint": { + "markdownDescription": "Specifies whether the slot is required or optional.", + "title": "SlotConstraint", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "WaitAndContinueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", + "markdownDescription": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input.", + "title": "WaitAndContinueSpecification" + } + }, + "required": [ + "SlotConstraint" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotValueOverride": { + "additionalProperties": false, + "properties": { + "Shape": { + "markdownDescription": "When the shape value is `List` , it indicates that the `values` field contains a list of slot values. When the value is `Scalar` , it indicates that the `value` field contains a single value.", + "title": "Shape", + "type": "string" }, - "Metadata": { - "type": "object" + "Value": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValue", + "markdownDescription": "The current value of the slot.", + "title": "Value" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "The name of the parameter group family that this parameter group is compatible with.", - "title": "Family", - "type": "string" - }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group.", - "title": "ParameterGroupName", - "type": "string" - }, - "Parameters": { - "markdownDescription": "Returns the detailed parameter list for the parameter group.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "Values": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride" }, - "required": [ - "Family", - "ParameterGroupName" - ], - "type": "object" + "markdownDescription": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\"", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueOverrideMap": { + "additionalProperties": false, + "properties": { + "SlotName": { + "markdownDescription": "The name of the slot.", + "title": "SlotName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::MemoryDB::ParameterGroup" - ], + "SlotValueOverride": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride", + "markdownDescription": "The SlotValueOverride object to which the slot name will be mapped.", + "title": "SlotValueOverride" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueRegexFilter": { + "additionalProperties": false, + "properties": { + "Pattern": { + "markdownDescription": "A regular expression used to validate the value of a slot.\n\nUse a standard regular expression. Amazon Lex supports the following characters in the regular expression:\n\n- A-Z, a-z\n- 0-9\n- Unicode characters (\"\\\u2060u\")\n\nRepresent Unicode characters with four digits, for example \"\\\u2060u0041\" or \"\\\u2060u005A\".\n\nThe following regular expression operators are not supported:\n\n- Infinite repeaters: *, +, or {x,} with no upper bound.\n- Wild card (.)", + "title": "Pattern", "type": "string" + } + }, + "required": [ + "Pattern" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotValueSelectionSetting": { + "additionalProperties": false, + "properties": { + "AdvancedRecognitionSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.AdvancedRecognitionSetting", + "markdownDescription": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances.", + "title": "AdvancedRecognitionSetting" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RegexFilter": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueRegexFilter", + "markdownDescription": "A regular expression used to validate the value of a slot.", + "title": "RegexFilter" + }, + "ResolutionStrategy": { + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ResolutionStrategy", "type": "string" } }, "required": [ - "Type", - "Properties" + "ResolutionStrategy" ], "type": "object" }, - "AWS::MemoryDB::SubnetGroup": { + "AWS::Lex::Bot.Specifications": { "additionalProperties": false, "properties": { - "Condition": { + "SlotTypeId": { + "markdownDescription": "The unique identifier assigned to the slot type.", + "title": "SlotTypeId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ValueElicitationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotValueElicitationSetting", + "markdownDescription": "Specifies the elicitation setting details for constituent sub slots of a composite slot.", + "title": "ValueElicitationSetting" + } + }, + "required": [ + "SlotTypeId", + "ValueElicitationSetting" + ], + "type": "object" + }, + "AWS::Lex::Bot.StillWaitingResponseSpecification": { + "additionalProperties": false, + "properties": { + "AllowInterrupt": { + "markdownDescription": "Indicates that the user can interrupt the response by speaking while the message is being played.", + "title": "AllowInterrupt", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FrequencyInSeconds": { + "markdownDescription": "How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes.", + "title": "FrequencyInSeconds", + "type": "number" }, - "Metadata": { - "type": "object" + "MessageGroupsList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + }, + "markdownDescription": "One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user.", + "title": "MessageGroupsList", + "type": "array" }, - "Properties": { + "TimeoutInSeconds": { + "markdownDescription": "If Amazon Lex waits longer than this length of time for a response, it will stop sending messages.", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "required": [ + "FrequencyInSeconds", + "MessageGroupsList", + "TimeoutInSeconds" + ], + "type": "object" + }, + "AWS::Lex::Bot.SubSlotSetting": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression text for defining the constituent sub slots in the composite slot using logical AND and OR operators.", + "title": "Expression", + "type": "string" + }, + "SlotSpecifications": { "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the subnet group.", - "title": "Description", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the cluster .", - "title": "SubnetGroupName", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon VPC subnet IDs for the subnet group.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "markdownDescription": "Specifications for the constituent sub slots of a composite slot.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Lex::Bot.Specifications" } }, - "required": [ - "SubnetGroupName", - "SubnetIds" - ], + "title": "SlotSpecifications", "type": "object" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SubSlotTypeComposition": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of a constituent sub slot inside a composite slot.", + "title": "Name", + "type": "string" }, - "Type": { - "enum": [ - "AWS::MemoryDB::SubnetGroup" - ], + "SlotTypeId": { + "markdownDescription": "The unique identifier assigned to a slot type. This refers to either a built-in slot type or the unique slotTypeId of a custom slot type.", + "title": "SlotTypeId", "type": "string" + } + }, + "required": [ + "Name", + "SlotTypeId" + ], + "type": "object" + }, + "AWS::Lex::Bot.SubSlotValueElicitationSetting": { + "additionalProperties": false, + "properties": { + "DefaultValueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", + "markdownDescription": "", + "title": "DefaultValueSpecification" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "", + "title": "PromptSpecification" + }, + "SampleUtterances": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + }, + "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a sub slot value, you can provide those utterances to improve accuracy. This is optional. In most cases Amazon Lex is capable of understanding user utterances. This is similar to `SampleUtterances` for slots.", + "title": "SampleUtterances", + "type": "array" + }, + "WaitAndContinueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", + "markdownDescription": "", + "title": "WaitAndContinueSpecification" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.TestBotAliasSettings": { + "additionalProperties": false, + "properties": { + "BotAliasLocaleSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettingsItem" + }, + "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale.", + "title": "BotAliasLocaleSettings", + "type": "array" + }, + "ConversationLogSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.ConversationLogSettings", + "markdownDescription": "Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users.", + "title": "ConversationLogSettings" + }, + "Description": { + "markdownDescription": "Specifies a description for the test bot alias.", + "title": "Description", "type": "string" + }, + "SentimentAnalysisSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.SentimentAnalysisSettings", + "markdownDescription": "Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", + "title": "SentimentAnalysisSettings" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.TextInputSpecification": { + "additionalProperties": false, + "properties": { + "StartTimeoutMs": { + "markdownDescription": "Time for which a bot waits before re-prompting a customer for text input.", + "title": "StartTimeoutMs", + "type": "number" } }, "required": [ - "Type", - "Properties" + "StartTimeoutMs" ], "type": "object" }, - "AWS::MemoryDB::User": { + "AWS::Lex::Bot.TextLogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatch": { + "$ref": "#/definitions/AWS::Lex::Bot.CloudWatchLogGroupLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", + "title": "CloudWatch" + } + }, + "required": [ + "CloudWatch" + ], + "type": "object" + }, + "AWS::Lex::Bot.TextLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::Bot.TextLogDestination", + "markdownDescription": "Specifies the Amazon CloudWatch Logs destination log group for conversation text logs.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Determines whether conversation logs should be stored for an alias.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.VoiceSettings": { + "additionalProperties": false, + "properties": { + "Engine": { + "markdownDescription": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the [`engine` parameter of the `SynthesizeSpeech` operation](https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html#polly-SynthesizeSpeech-request-Engine) in the *Amazon Polly developer guide* .\n\nIf you do not specify a value, the default is `standard` .", + "title": "Engine", + "type": "string" + }, + "VoiceId": { + "markdownDescription": "The identifier of the Amazon Polly voice to use.", + "title": "VoiceId", + "type": "string" + } + }, + "required": [ + "VoiceId" + ], + "type": "object" + }, + "AWS::Lex::Bot.WaitAndContinueSpecification": { + "additionalProperties": false, + "properties": { + "ContinueResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation.", + "title": "ContinueResponse" + }, + "IsActive": { + "markdownDescription": "Specifies whether the bot will wait for a user to respond. When this field is false, wait and continue responses for a slot aren't used. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "StillWaitingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.StillWaitingResponseSpecification", + "markdownDescription": "A response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user.", + "title": "StillWaitingResponse" + }, + "WaitingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue.", + "title": "WaitingResponse" + } + }, + "required": [ + "ContinueResponse", + "WaitingResponse" + ], + "type": "object" + }, + "AWS::Lex::BotAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -165742,38 +173264,62 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessString": { - "markdownDescription": "Access permissions string used for this user.", - "title": "AccessString", - "type": "string" + "BotAliasLocaleSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettingsItem" + }, + "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale.", + "title": "BotAliasLocaleSettings", + "type": "array" }, - "AuthenticationMode": { - "$ref": "#/definitions/AWS::MemoryDB::User.AuthenticationMode", - "markdownDescription": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* &* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`", - "title": "AuthenticationMode" + "BotAliasName": { + "markdownDescription": "The name of the bot alias.", + "title": "BotAliasName", + "type": "string" }, - "Tags": { + "BotAliasTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nYou can only add tags when you specify an alias.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "BotAliasTags", "type": "array" }, - "UserName": { - "markdownDescription": "The name of the user.", - "title": "UserName", + "BotId": { + "markdownDescription": "The unique identifier of the bot.", + "title": "BotId", + "type": "string" + }, + "BotVersion": { + "markdownDescription": "The version of the bot that the bot alias references.", + "title": "BotVersion", + "type": "string" + }, + "ConversationLogSettings": { + "$ref": "#/definitions/AWS::Lex::BotAlias.ConversationLogSettings", + "markdownDescription": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 .", + "title": "ConversationLogSettings" + }, + "Description": { + "markdownDescription": "The description of the bot alias.", + "title": "Description", "type": "string" + }, + "SentimentAnalysisSettings": { + "$ref": "#/definitions/AWS::Lex::BotAlias.SentimentAnalysisSettings", + "markdownDescription": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", + "title": "SentimentAnalysisSettings" } }, "required": [ - "UserName" + "BotAliasName", + "BotId" ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::User" + "AWS::Lex::BotAlias" ], "type": "string" }, @@ -165792,263 +173338,229 @@ ], "type": "object" }, - "AWS::MemoryDB::User.AuthenticationMode": { + "AWS::Lex::BotAlias.AudioLogDestination": { "additionalProperties": false, "properties": { - "Passwords": { - "items": { - "type": "string" - }, - "markdownDescription": "The password(s) used for authentication", - "title": "Passwords", - "type": "array" + "S3Bucket": { + "$ref": "#/definitions/AWS::Lex::BotAlias.S3BucketLogDestination", + "markdownDescription": "The S3 bucket location where audio logs are stored.", + "title": "S3Bucket" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.AudioLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogDestination", + "markdownDescription": "The location of audio log files collected when conversation logging is enabled for a bot.", + "title": "Destination" }, - "Type": { - "markdownDescription": "Indicates whether the user requires a password to authenticate. All newly-created users require a password.", - "title": "Type", + "Enabled": { + "markdownDescription": "Determines whether audio logging in enabled for the bot.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.BotAliasLocaleSettings": { + "additionalProperties": false, + "properties": { + "CodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::BotAlias.CodeHookSpecification", + "markdownDescription": "Specifies the Lambda function that should be used in the locale.", + "title": "CodeHookSpecification" + }, + "Enabled": { + "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.BotAliasLocaleSettingsItem": { + "additionalProperties": false, + "properties": { + "BotAliasLocaleSetting": { + "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettings", + "markdownDescription": "Specifies settings that are unique to a locale.", + "title": "BotAliasLocaleSetting" + }, + "LocaleId": { + "markdownDescription": "The unique identifier of the locale.", + "title": "LocaleId", "type": "string" } }, + "required": [ + "BotAliasLocaleSetting", + "LocaleId" + ], "type": "object" }, - "AWS::Neptune::DBCluster": { + "AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination": { "additionalProperties": false, "properties": { - "Condition": { + "CloudWatchLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LogPrefix": { + "markdownDescription": "The prefix of the log stream name within the log group that you specified", + "title": "LogPrefix", "type": "string" + } + }, + "required": [ + "CloudWatchLogGroupArn", + "LogPrefix" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.CodeHookSpecification": { + "additionalProperties": false, + "properties": { + "LambdaCodeHook": { + "$ref": "#/definitions/AWS::Lex::BotAlias.LambdaCodeHook", + "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", + "title": "LambdaCodeHook" + } + }, + "required": [ + "LambdaCodeHook" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.ConversationLogSettings": { + "additionalProperties": false, + "properties": { + "AudioLogSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogSetting" + }, + "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", + "title": "AudioLogSettings", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::Neptune::DBCluster.DBClusterRole" - }, - "markdownDescription": "Provides a list of the Amazon Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon services on your behalf.", - "title": "AssociatedRoles", - "type": "array" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in.", - "title": "AvailabilityZones", - "type": "array" - }, - "BackupRetentionPeriod": { - "markdownDescription": "Specifies the number of days for which automatic DB snapshots are retained.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "*If set to `true` , tags are copied to any snapshot of the DB cluster that is created.*", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "Provides the name of the DB cluster parameter group.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBInstanceParameterGroupName": { - "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major engine version upgrade request\n\nNote that when you apply a parameter group using `DBInstanceParameterGroupName` , parameter changes are applied immediately, not during the next maintenance window.\n\n**Constraints** - The DB parameter group must be in the same DB parameter group family as the target DB cluster version.\n- The `DBInstanceParameterGroupName` parameter is only valid for major engine version upgrades.", - "title": "DBInstanceParameterGroupName", - "type": "string" - }, - "DBPort": { - "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nIf not specified, the default port used is `8182` .\n\n> The `Port` property will soon be deprecated. Please update existing templates to use the new `DBPort` property that has the same functionality.", - "title": "DBPort", - "type": "number" - }, - "DBSubnetGroupName": { - "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DeletionProtection": { - "markdownDescription": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies a list of log types that are enabled for export to CloudWatch Logs.", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EngineVersion": { - "markdownDescription": "Indicates the database engine version.", - "title": "EngineVersion", - "type": "string" - }, - "IamAuthEnabled": { - "markdownDescription": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.", - "title": "IamAuthEnabled", - "type": "boolean" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .", - "title": "KmsKeyId", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the `BackupRetentionPeriod` .\n\nAn update may require some interruption.", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "RestoreType", - "type": "string" - }, - "ServerlessScalingConfiguration": { - "$ref": "#/definitions/AWS::Neptune::DBCluster.ServerlessScalingConfiguration", - "markdownDescription": "", - "title": "ServerlessScalingConfiguration" - }, - "SnapshotIdentifier": { - "markdownDescription": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a `SnapshotIdentifier` , you must specify the same `SnapshotIdentifier` for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the `SnapshotIdentifier` , an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the `SnapshotIdentifier` , and the original DB cluster is deleted.", - "title": "SnapshotIdentifier", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption and set this property to `true` .\n\nIf you enable the `StorageEncrypted` property but don't specify the `KmsKeyId` property, then the default KMS key is used. If you specify the `KmsKeyId` property, then that KMS key is used to encrypt the database instances in the DB cluster.\n\nIf you specify the `SourceDBClusterIdentifier` property, and don't specify this property or disable it, the value is inherited from the source DB cluster. If the source DB cluster is encrypted, the `KmsKeyId` property from the source cluster is used.\n\nIf you specify the `DBSnapshotIdentifier` and don't specify this property or disable it, the value is inherited from the snapshot and the specified `KmsKeyId` property from the snapshot is used.", - "title": "StorageEncrypted", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to this cluster.", - "title": "Tags", - "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Provides a list of VPC security groups that the DB cluster belongs to.", - "title": "VpcSecurityGroupIds", - "type": "array" - } + "TextLogSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogSetting" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Neptune::DBCluster" - ], + "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", + "title": "TextLogSettings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lex::BotAlias.LambdaCodeHook": { + "additionalProperties": false, + "properties": { + "CodeHookInterfaceVersion": { + "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", + "title": "CodeHookInterfaceVersion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", + "title": "LambdaArn", "type": "string" } }, "required": [ - "Type" + "CodeHookInterfaceVersion", + "LambdaArn" ], "type": "object" }, - "AWS::Neptune::DBCluster.DBClusterRole": { + "AWS::Lex::BotAlias.S3BucketLogDestination": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see [DescribeDBEngineVersions](https://docs.aws.amazon.com/neptune/latest/userguide/api-other-apis.html#DescribeDBEngineVersions) .", - "title": "FeatureName", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", + "title": "KmsKeyArn", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", - "title": "RoleArn", + "LogPrefix": { + "markdownDescription": "The S3 prefix to assign to audio log files.", + "title": "LogPrefix", + "type": "string" + }, + "S3BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", + "title": "S3BucketArn", "type": "string" } }, "required": [ - "RoleArn" + "LogPrefix", + "S3BucketArn" ], "type": "object" }, - "AWS::Neptune::DBCluster.ServerlessScalingConfiguration": { + "AWS::Lex::BotAlias.SentimentAnalysisSettings": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on.", - "title": "MaxCapacity", - "type": "number" + "DetectSentiment": { + "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", + "title": "DetectSentiment", + "type": "boolean" + } + }, + "required": [ + "DetectSentiment" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.TextLogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatch": { + "$ref": "#/definitions/AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", + "title": "CloudWatch" + } + }, + "required": [ + "CloudWatch" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.TextLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.", + "title": "Destination" }, - "MinCapacity": { - "markdownDescription": "The minimum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on.", - "title": "MinCapacity", - "type": "number" + "Enabled": { + "markdownDescription": "Determines whether conversation logs should be stored for an alias.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "MaxCapacity", - "MinCapacity" + "Destination", + "Enabled" ], "type": "object" }, - "AWS::Neptune::DBClusterParameterGroup": { + "AWS::Lex::BotVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -166083,45 +173595,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB cluster parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", - "title": "Family", - "type": "string" - }, - "Name": { - "markdownDescription": "Provides the name of the DB cluster parameter group.", - "title": "Name", + "BotId": { + "markdownDescription": "The unique identifier of the bot.", + "title": "BotId", "type": "string" }, - "Parameters": { - "markdownDescription": "The parameters to set for this DB cluster parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nIf you update the parameters, some interruption may occur depending on which parameters you update.", - "title": "Parameters", - "type": "object" - }, - "Tags": { + "BotVersionLocaleSpecification": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleSpecification" }, - "markdownDescription": "The tags that you want to attach to this parameter group.", - "title": "Tags", + "markdownDescription": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.", + "title": "BotVersionLocaleSpecification", "type": "array" + }, + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", + "type": "string" } }, "required": [ - "Description", - "Family", - "Parameters" + "BotId", + "BotVersionLocaleSpecification" ], "type": "object" }, "Type": { "enum": [ - "AWS::Neptune::DBClusterParameterGroup" + "AWS::Lex::BotVersion" ], "type": "string" }, @@ -166140,7 +173641,41 @@ ], "type": "object" }, - "AWS::Neptune::DBInstance": { + "AWS::Lex::BotVersion.BotVersionLocaleDetails": { + "additionalProperties": false, + "properties": { + "SourceBotVersion": { + "markdownDescription": "The version of a bot used for a bot locale.", + "title": "SourceBotVersion", + "type": "string" + } + }, + "required": [ + "SourceBotVersion" + ], + "type": "object" + }, + "AWS::Lex::BotVersion.BotVersionLocaleSpecification": { + "additionalProperties": false, + "properties": { + "BotVersionLocaleDetails": { + "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleDetails", + "markdownDescription": "The version of a bot used for a bot locale.", + "title": "BotVersionLocaleDetails" + }, + "LocaleId": { + "markdownDescription": "The identifier of the locale to add to the version.", + "title": "LocaleId", + "type": "string" + } + }, + "required": [ + "BotVersionLocaleDetails", + "LocaleId" + ], + "type": "object" + }, + "AWS::Lex::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -166175,71 +173710,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowMajorVersionUpgrade": { - "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. This parameter must be set to true when specifying a value for the EngineVersion parameter that is a different major version than the DB instance's current version.\n\nWhen you change this parameter for an existing DB cluster, CloudFormation will replace your existing DB cluster with a new, empty one that uses the engine version you specified.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "Indicates that minor version patches are applied automatically.\n\nWhen updating this property, some interruptions may occur.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "Specifies the name of the Availability Zone the DB instance is located in.", - "title": "AvailabilityZone", - "type": "string" - }, - "DBClusterIdentifier": { - "markdownDescription": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBInstanceClass": { - "markdownDescription": "Contains the name of the compute and memory capacity class of the DB instance.\n\nIf you update this property, some interruptions may occur.", - "title": "DBInstanceClass", - "type": "string" - }, - "DBInstanceIdentifier": { - "markdownDescription": "Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.", - "title": "DBInstanceIdentifier", - "type": "string" - }, - "DBParameterGroupName": { - "markdownDescription": "The name of an existing DB parameter group or a reference to an AWS::Neptune::DBParameterGroup resource created in the template. If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.", - "title": "DBParameterGroupName", - "type": "string" - }, - "DBSnapshotIdentifier": { - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new virtual private cloud (VPC).", - "title": "DBSubnetGroupName", - "type": "string" + "Policy": { + "markdownDescription": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception.", + "title": "Policy", + "type": "object" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", - "title": "PreferredMaintenanceWindow", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to.", + "title": "ResourceArn", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for this DB instance.", - "title": "Tags", - "type": "array" } }, "required": [ - "DBInstanceClass" + "Policy", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Neptune::DBInstance" + "AWS::Lex::ResourcePolicy" ], "type": "string" }, @@ -166258,7 +173748,7 @@ ], "type": "object" }, - "AWS::Neptune::DBParameterGroup": { + "AWS::LicenseManager::Grant": { "additionalProperties": false, "properties": { "Condition": { @@ -166293,45 +173783,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB parameter group.", - "title": "Description", - "type": "string" + "AllowedOperations": { + "items": { + "type": "string" + }, + "markdownDescription": "Allowed operations for the grant.", + "title": "AllowedOperations", + "type": "array" }, - "Family": { - "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", - "title": "Family", + "GrantName": { + "markdownDescription": "Grant name.", + "title": "GrantName", "type": "string" }, - "Name": { - "markdownDescription": "Provides the name of the DB parameter group.", - "title": "Name", + "HomeRegion": { + "markdownDescription": "Home Region of the grant.", + "title": "HomeRegion", "type": "string" }, - "Parameters": { - "markdownDescription": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.", - "title": "Parameters", - "type": "object" + "LicenseArn": { + "markdownDescription": "License ARN.", + "title": "LicenseArn", + "type": "string" }, - "Tags": { + "Principals": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags that you want to attach to this parameter group.", - "title": "Tags", + "markdownDescription": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization.", + "title": "Principals", "type": "array" + }, + "Status": { + "markdownDescription": "Granted license status.", + "title": "Status", + "type": "string" } }, - "required": [ - "Description", - "Family", - "Parameters" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Neptune::DBParameterGroup" + "AWS::LicenseManager::Grant" ], "type": "string" }, @@ -166345,12 +173838,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Neptune::DBSubnetGroup": { + "AWS::LicenseManager::License": { "additionalProperties": false, "properties": { "Condition": { @@ -166385,42 +173877,82 @@ "Properties": { "additionalProperties": false, "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "Provides the description of the DB subnet group.", - "title": "DBSubnetGroupDescription", + "Beneficiary": { + "markdownDescription": "License beneficiary.", + "title": "Beneficiary", "type": "string" }, - "DBSubnetGroupName": { - "markdownDescription": "The name of the DB subnet group.", - "title": "DBSubnetGroupName", - "type": "string" + "ConsumptionConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.ConsumptionConfiguration", + "markdownDescription": "Configuration for consumption of the license.", + "title": "ConsumptionConfiguration" }, - "SubnetIds": { + "Entitlements": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::LicenseManager::License.Entitlement" }, - "markdownDescription": "The Amazon EC2 subnet IDs for the DB subnet group.", - "title": "SubnetIds", + "markdownDescription": "License entitlements.", + "title": "Entitlements", "type": "array" }, - "Tags": { + "HomeRegion": { + "markdownDescription": "Home Region of the license.", + "title": "HomeRegion", + "type": "string" + }, + "Issuer": { + "$ref": "#/definitions/AWS::LicenseManager::License.IssuerData", + "markdownDescription": "License issuer.", + "title": "Issuer" + }, + "LicenseMetadata": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::LicenseManager::License.Metadata" }, - "markdownDescription": "The tags that you want to attach to the DB subnet group.", - "title": "Tags", + "markdownDescription": "License metadata.", + "title": "LicenseMetadata", "type": "array" + }, + "LicenseName": { + "markdownDescription": "License name.", + "title": "LicenseName", + "type": "string" + }, + "ProductName": { + "markdownDescription": "Product name.", + "title": "ProductName", + "type": "string" + }, + "ProductSKU": { + "markdownDescription": "Product SKU.", + "title": "ProductSKU", + "type": "string" + }, + "Status": { + "markdownDescription": "License status.", + "title": "Status", + "type": "string" + }, + "Validity": { + "$ref": "#/definitions/AWS::LicenseManager::License.ValidityDateFormat", + "markdownDescription": "Date and time range during which the license is valid, in ISO8601-UTC format.", + "title": "Validity" } }, "required": [ - "DBSubnetGroupDescription", - "SubnetIds" + "ConsumptionConfiguration", + "Entitlements", + "HomeRegion", + "Issuer", + "LicenseName", + "ProductName", + "Validity" ], "type": "object" }, "Type": { "enum": [ - "AWS::Neptune::DBSubnetGroup" + "AWS::LicenseManager::License" ], "type": "string" }, @@ -166439,7 +173971,161 @@ ], "type": "object" }, - "AWS::NeptuneGraph::Graph": { + "AWS::LicenseManager::License.BorrowConfiguration": { + "additionalProperties": false, + "properties": { + "AllowEarlyCheckIn": { + "markdownDescription": "Indicates whether early check-ins are allowed.", + "title": "AllowEarlyCheckIn", + "type": "boolean" + }, + "MaxTimeToLiveInMinutes": { + "markdownDescription": "Maximum time for the borrow configuration, in minutes.", + "title": "MaxTimeToLiveInMinutes", + "type": "number" + } + }, + "required": [ + "AllowEarlyCheckIn", + "MaxTimeToLiveInMinutes" + ], + "type": "object" + }, + "AWS::LicenseManager::License.ConsumptionConfiguration": { + "additionalProperties": false, + "properties": { + "BorrowConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.BorrowConfiguration", + "markdownDescription": "Details about a borrow configuration.", + "title": "BorrowConfiguration" + }, + "ProvisionalConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.ProvisionalConfiguration", + "markdownDescription": "Details about a provisional configuration.", + "title": "ProvisionalConfiguration" + }, + "RenewType": { + "markdownDescription": "Renewal frequency.", + "title": "RenewType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LicenseManager::License.Entitlement": { + "additionalProperties": false, + "properties": { + "AllowCheckIn": { + "markdownDescription": "Indicates whether check-ins are allowed.", + "title": "AllowCheckIn", + "type": "boolean" + }, + "MaxCount": { + "markdownDescription": "Maximum entitlement count. Use if the unit is not None.", + "title": "MaxCount", + "type": "number" + }, + "Name": { + "markdownDescription": "Entitlement name.", + "title": "Name", + "type": "string" + }, + "Overage": { + "markdownDescription": "Indicates whether overages are allowed.", + "title": "Overage", + "type": "boolean" + }, + "Unit": { + "markdownDescription": "Entitlement unit.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "Entitlement resource. Use only if the unit is None.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Unit" + ], + "type": "object" + }, + "AWS::LicenseManager::License.IssuerData": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Issuer name.", + "title": "Name", + "type": "string" + }, + "SignKey": { + "markdownDescription": "Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm.", + "title": "SignKey", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::LicenseManager::License.Metadata": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The key name.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::LicenseManager::License.ProvisionalConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTimeToLiveInMinutes": { + "markdownDescription": "Maximum time for the provisional configuration, in minutes.", + "title": "MaxTimeToLiveInMinutes", + "type": "number" + } + }, + "required": [ + "MaxTimeToLiveInMinutes" + ], + "type": "object" + }, + "AWS::LicenseManager::License.ValidityDateFormat": { + "additionalProperties": false, + "properties": { + "Begin": { + "markdownDescription": "Start of the time range.", + "title": "Begin", + "type": "string" + }, + "End": { + "markdownDescription": "End of the time range.", + "title": "End", + "type": "string" + } + }, + "required": [ + "Begin", + "End" + ], + "type": "object" + }, + "AWS::Lightsail::Alarm": { "additionalProperties": false, "properties": { "Condition": { @@ -166474,53 +174160,81 @@ "Properties": { "additionalProperties": false, "properties": { - "DeletionProtection": { - "markdownDescription": "A value that indicates whether the graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" + "AlarmName": { + "markdownDescription": "The name of the alarm.", + "title": "AlarmName", + "type": "string" }, - "GraphName": { - "markdownDescription": "The graph name. For example: `my-graph-1` .\n\nThe name must contain from 1 to 63 letters, numbers, or hyphens, and its first character must be a letter. It cannot end with a hyphen or contain two consecutive hyphens.\n\nIf you don't specify a graph name, a unique graph name is generated for you using the prefix `graph-for` , followed by a combination of `Stack Name` and a `UUID` .", - "title": "GraphName", + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold.", + "title": "ComparisonOperator", "type": "string" }, - "ProvisionedMemory": { - "markdownDescription": "The provisioned memory-optimized Neptune Capacity Units (m-NCUs) to use for the graph.\n\nMin = 16", - "title": "ProvisionedMemory", - "type": "number" + "ContactProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The contact protocols for the alarm, such as `Email` , `SMS` (text messaging), or both.\n\n*Allowed Values* : `Email` | `SMS`", + "title": "ContactProtocols", + "type": "array" }, - "PublicConnectivity": { - "markdownDescription": "Specifies whether or not the graph can be reachable over the internet. All access to graphs is IAM authenticated.\n\nWhen the graph is publicly available, its domain name system (DNS) endpoint resolves to the public IP address from the internet. When the graph isn't publicly available, you need to create a `PrivateGraphEndpoint` in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\nDefault: If not specified, the default value is false.\n\n> If enabling public connectivity for the first time, there will be a delay while it is enabled.", - "title": "PublicConnectivity", - "type": "boolean" + "DatapointsToAlarm": { + "markdownDescription": "The number of data points within the evaluation periods that must be breaching to cause the alarm to go to the `ALARM` state.", + "title": "DatapointsToAlarm", + "type": "number" }, - "ReplicaCount": { - "markdownDescription": "The number of replicas in other AZs.\n\nDefault: If not specified, the default value is 1.", - "title": "ReplicaCount", + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold.", + "title": "EvaluationPeriods", "type": "number" }, - "Tags": { + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm.", + "title": "MetricName", + "type": "string" + }, + "MonitoredResourceName": { + "markdownDescription": "The name of the Lightsail resource that the alarm monitors.", + "title": "MonitoredResourceName", + "type": "string" + }, + "NotificationEnabled": { + "markdownDescription": "A Boolean value indicating whether the alarm is enabled.", + "title": "NotificationEnabled", + "type": "boolean" + }, + "NotificationTriggers": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Adds metadata tags to the new graph. These tags can also be used with cost allocation reporting, or used in a Condition statement in an IAM policy.", - "title": "Tags", + "markdownDescription": "The alarm states that trigger a notification.\n\n> To specify the `OK` and `INSUFFICIENT_DATA` values, you must also specify `ContactProtocols` values. Otherwise, the `OK` and `INSUFFICIENT_DATA` values will not take effect and the stack will drift. \n\n*Allowed Values* : `OK` | `ALARM` | `INSUFFICIENT_DATA`", + "title": "NotificationTriggers", "type": "array" }, - "VectorSearchConfiguration": { - "$ref": "#/definitions/AWS::NeptuneGraph::Graph.VectorSearchConfiguration", - "markdownDescription": "Specifies the number of dimensions for vector embeddings that will be loaded into the graph. The value is specified as `dimension=` value. Max = 65,535", - "title": "VectorSearchConfiguration" + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", + "type": "number" + }, + "TreatMissingData": { + "markdownDescription": "Specifies how the alarm handles missing data points.\n\nAn alarm can treat missing data in the following ways:\n\n- `breaching` - Assumes the missing data is not within the threshold. Missing data counts towards the number of times that the metric is not within the threshold.\n- `notBreaching` - Assumes the missing data is within the threshold. Missing data does not count towards the number of times that the metric is not within the threshold.\n- `ignore` - Ignores the missing data. Maintains the current alarm state.\n- `missing` - Missing data is treated as missing.", + "title": "TreatMissingData", + "type": "string" } }, "required": [ - "ProvisionedMemory" + "AlarmName", + "ComparisonOperator", + "EvaluationPeriods", + "MetricName", + "MonitoredResourceName", + "Threshold" ], "type": "object" }, "Type": { "enum": [ - "AWS::NeptuneGraph::Graph" + "AWS::Lightsail::Alarm" ], "type": "string" }, @@ -166539,21 +174253,7 @@ ], "type": "object" }, - "AWS::NeptuneGraph::Graph.VectorSearchConfiguration": { - "additionalProperties": false, - "properties": { - "VectorSearchDimension": { - "markdownDescription": "The number of dimensions.", - "title": "VectorSearchDimension", - "type": "number" - } - }, - "required": [ - "VectorSearchDimension" - ], - "type": "object" - }, - "AWS::NeptuneGraph::PrivateGraphEndpoint": { + "AWS::Lightsail::Bucket": { "additionalProperties": false, "properties": { "Condition": { @@ -166588,42 +174288,60 @@ "Properties": { "additionalProperties": false, "properties": { - "GraphIdentifier": { - "markdownDescription": "The unique identifier of the Neptune Analytics graph.", - "title": "GraphIdentifier", + "AccessRules": { + "$ref": "#/definitions/AWS::Lightsail::Bucket.AccessRules", + "markdownDescription": "An object that describes the access rules for the bucket.", + "title": "AccessRules" + }, + "BucketName": { + "markdownDescription": "The name of the bucket.", + "title": "BucketName", "type": "string" }, - "SecurityGroupIds": { + "BundleId": { + "markdownDescription": "The bundle ID for the bucket (for example, `small_1_0` ).\n\nA bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket.", + "title": "BundleId", + "type": "string" + }, + "ObjectVersioning": { + "markdownDescription": "Indicates whether object versioning is enabled for the bucket.\n\nThe following options can be configured:\n\n- `Enabled` - Object versioning is enabled.\n- `Suspended` - Object versioning was previously enabled but is currently suspended. Existing object versions are retained.\n- `NeverEnabled` - Object versioning has never been enabled.", + "title": "ObjectVersioning", + "type": "boolean" + }, + "ReadOnlyAccessAccounts": { "items": { "type": "string" }, - "markdownDescription": "Security groups to be attached to the private graph endpoint..", - "title": "SecurityGroupIds", + "markdownDescription": "An array of AWS account IDs that have read-only access to the bucket.", + "title": "ReadOnlyAccessAccounts", "type": "array" }, - "SubnetIds": { + "ResourcesReceivingAccess": { "items": { "type": "string" }, - "markdownDescription": "Subnets in which private graph endpoint ENIs are created.", - "title": "SubnetIds", + "markdownDescription": "An array of Lightsail instances that have access to the bucket.", + "title": "ResourcesReceivingAccess", "type": "array" }, - "VpcId": { - "markdownDescription": "The VPC in which the private graph endpoint needs to be created.", - "title": "VpcId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "GraphIdentifier", - "VpcId" + "BucketName", + "BundleId" ], "type": "object" }, "Type": { "enum": [ - "AWS::NeptuneGraph::PrivateGraphEndpoint" + "AWS::Lightsail::Bucket" ], "type": "string" }, @@ -166642,7 +174360,23 @@ ], "type": "object" }, - "AWS::NetworkFirewall::Firewall": { + "AWS::Lightsail::Bucket.AccessRules": { + "additionalProperties": false, + "properties": { + "AllowPublicOverrides": { + "markdownDescription": "A Boolean value indicating whether the access control list (ACL) permissions that are applied to individual objects override the `GetObject` option that is currently specified.\n\nWhen this is true, you can use the [PutObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html) Amazon S3 API operation to set individual objects to public (read-only) or private, using either the `public-read` ACL or the `private` ACL.", + "title": "AllowPublicOverrides", + "type": "boolean" + }, + "GetObject": { + "markdownDescription": "Specifies the anonymous access to all objects in a bucket.\n\nThe following options can be specified:\n\n- `public` - Sets all objects in the bucket to public (read-only), making them readable by everyone on the internet.\n\nIf the `GetObject` value is set to `public` , then all objects in the bucket default to public regardless of the `allowPublicOverrides` value.\n- `private` - Sets all objects in the bucket to private, making them readable only by you and anyone that you grant access to.\n\nIf the `GetObject` value is set to `private` , and the `allowPublicOverrides` value is set to `true` , then all objects in the bucket default to private unless they are configured with a `public-read` ACL. Individual objects with a `public-read` ACL are readable by everyone on the internet.", + "title": "GetObject", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -166677,69 +174411,42 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteProtection": { - "markdownDescription": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` .", - "title": "DeleteProtection", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description of the firewall.", - "title": "Description", - "type": "string" - }, - "FirewallName": { - "markdownDescription": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", - "title": "FirewallName", + "CertificateName": { + "markdownDescription": "The name of the certificate.", + "title": "CertificateName", "type": "string" }, - "FirewallPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.", - "title": "FirewallPolicyArn", + "DomainName": { + "markdownDescription": "The domain name of the certificate.", + "title": "DomainName", "type": "string" }, - "FirewallPolicyChangeProtection": { - "markdownDescription": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", - "title": "FirewallPolicyChangeProtection", - "type": "boolean" - }, - "SubnetChangeProtection": { - "markdownDescription": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", - "title": "SubnetChangeProtection", - "type": "boolean" - }, - "SubnetMappings": { + "SubjectAlternativeNames": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::Firewall.SubnetMapping" + "type": "string" }, - "markdownDescription": "The primary public subnets that Network Firewall is using for the firewall. Network Firewall creates a firewall endpoint in each subnet. Create a subnet mapping for each Availability Zone where you want to use the firewall.\n\nThese subnets are all defined for a single, primary VPC, and each must belong to a different Availability Zone. Each of these subnets establishes the availability of the firewall in its Availability Zone.\n\nIn addition to these subnets, you can define other endpoints for the firewall in `VpcEndpointAssociation` resources. You can define these additional endpoints for any VPC, and for any of the Availability Zones where the firewall resource already has a subnet mapping. VPC endpoint associations give you the ability to protect multiple VPCs using a single firewall, and to define multiple firewall endpoints for a VPC in a single Availability Zone.", - "title": "SubnetMappings", + "markdownDescription": "An array of strings that specify the alternate domains (such as `example.org` ) and subdomains (such as `blog.example.com` ) of the certificate.", + "title": "SubjectAlternativeNames", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall.", - "title": "VpcId", - "type": "string" } }, "required": [ - "FirewallName", - "FirewallPolicyArn", - "SubnetMappings", - "VpcId" + "CertificateName", + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkFirewall::Firewall" + "AWS::Lightsail::Certificate" ], "type": "string" }, @@ -166758,26 +174465,7 @@ ], "type": "object" }, - "AWS::NetworkFirewall::Firewall.SubnetMapping": { - "additionalProperties": false, - "properties": { - "IPAddressType": { - "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", - "title": "IPAddressType", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The unique identifier for the subnet.", - "title": "SubnetId", - "type": "string" - } - }, - "required": [ - "SubnetId" - ], - "type": "object" - }, - "AWS::NetworkFirewall::FirewallPolicy": { + "AWS::Lightsail::Container": { "additionalProperties": false, "properties": { "Condition": { @@ -166812,39 +174500,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the firewall policy.", - "title": "Description", + "ContainerServiceDeployment": { + "$ref": "#/definitions/AWS::Lightsail::Container.ContainerServiceDeployment", + "markdownDescription": "An object that describes the current container deployment of the container service.", + "title": "ContainerServiceDeployment" + }, + "IsDisabled": { + "markdownDescription": "A Boolean value indicating whether the container service is disabled.", + "title": "IsDisabled", + "type": "boolean" + }, + "Power": { + "markdownDescription": "The power specification of the container service.\n\nThe power specifies the amount of RAM, the number of vCPUs, and the base price of the container service.", + "title": "Power", "type": "string" }, - "FirewallPolicy": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy", - "markdownDescription": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", - "title": "FirewallPolicy" + "PrivateRegistryAccess": { + "$ref": "#/definitions/AWS::Lightsail::Container.PrivateRegistryAccess", + "markdownDescription": "An object that describes the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry ( Amazon ECR ) private repositories.\n\nFor more information, see [Configuring access to an Amazon ECR private repository for an Amazon Lightsail container service](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-container-service-ecr-private-repo-access) in the *Amazon Lightsail Developer Guide* .", + "title": "PrivateRegistryAccess" }, - "FirewallPolicyName": { - "markdownDescription": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", - "title": "FirewallPolicyName", + "PublicDomainNames": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.PublicDomainName" + }, + "markdownDescription": "The public domain name of the container service, such as `example.com` and `www.example.com` .\n\nYou can specify up to four public domain names for a container service. The domain names that you specify are used when you create a deployment with a container that is configured as the public endpoint of your container service.\n\nIf you don't specify public domain names, then you can use the default domain of the container service.\n\n> You must create and validate an SSL/TLS certificate before you can use public domain names with your container service. Use the [AWS::Lightsail::Certificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-certificate.html) resource to create a certificate for the public domain names that you want to use with your container service.", + "title": "PublicDomainNames", + "type": "array" + }, + "Scale": { + "markdownDescription": "The scale specification of the container service.\n\nThe scale specifies the allocated compute nodes of the container service.", + "title": "Scale", + "type": "number" + }, + "ServiceName": { + "markdownDescription": "The name of the container service.", + "title": "ServiceName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ - "FirewallPolicy", - "FirewallPolicyName" + "Power", + "Scale", + "ServiceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkFirewall::FirewallPolicy" + "AWS::Lightsail::Container" ], "type": "string" }, @@ -166863,244 +174575,201 @@ ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.ActionDefinition": { + "AWS::Lightsail::Container.Container": { "additionalProperties": false, "properties": { - "PublishMetricAction": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction", - "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", - "title": "PublishMetricAction" + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The launch command for the container.", + "title": "Command", + "type": "array" + }, + "ContainerName": { + "markdownDescription": "The name of the container.", + "title": "ContainerName", + "type": "string" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.EnvironmentVariable" + }, + "markdownDescription": "The environment variables of the container.", + "title": "Environment", + "type": "array" + }, + "Image": { + "markdownDescription": "The name of the image used for the container.\n\nContainer images that are sourced from (registered and stored on) your container service start with a colon ( `:` ). For example, if your container service name is `container-service-1` , the container image label is `mystaticsite` , and you want to use the third version ( `3` ) of the registered container image, then you should specify `:container-service-1.mystaticsite.3` . To use the latest version of a container image, specify `latest` instead of a version number (for example, `:container-service-1.mystaticsite.latest` ). Your container service will automatically use the highest numbered version of the registered container image.\n\nContainer images that are sourced from a public registry like Docker Hub don\u2019t start with a colon. For example, `nginx:latest` or `nginx` .", + "title": "Image", + "type": "string" + }, + "Ports": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.PortInfo" + }, + "markdownDescription": "An object that describes the open firewall ports and protocols of the container.", + "title": "Ports", + "type": "array" } }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.CustomAction": { + "AWS::Lightsail::Container.ContainerServiceDeployment": { "additionalProperties": false, "properties": { - "ActionDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.ActionDefinition", - "markdownDescription": "The custom action associated with the action name.", - "title": "ActionDefinition" + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.Container" + }, + "markdownDescription": "An object that describes the configuration for the containers of the deployment.", + "title": "Containers", + "type": "array" }, - "ActionName": { - "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", - "title": "ActionName", + "PublicEndpoint": { + "$ref": "#/definitions/AWS::Lightsail::Container.PublicEndpoint", + "markdownDescription": "An object that describes the endpoint of the deployment.", + "title": "PublicEndpoint" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.EcrImagePullerRole": { + "additionalProperties": false, + "properties": { + "IsActive": { + "markdownDescription": "A boolean value that indicates whether the `ECRImagePullerRole` is active.", + "title": "IsActive", + "type": "boolean" + }, + "PrincipalArn": { + "markdownDescription": "The principle Amazon Resource Name (ARN) of the role. This property is read-only.", + "title": "PrincipalArn", "type": "string" } }, - "required": [ - "ActionDefinition", - "ActionName" - ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.Dimension": { + "AWS::Lightsail::Container.EnvironmentVariable": { "additionalProperties": false, "properties": { "Value": { - "markdownDescription": "The value to use in the custom metric dimension.", + "markdownDescription": "The environment variable value.", "title": "Value", "type": "string" + }, + "Variable": { + "markdownDescription": "The environment variable key.", + "title": "Variable", + "type": "string" } }, - "required": [ - "Value" - ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy": { + "AWS::Lightsail::Container.HealthCheckConfig": { "additionalProperties": false, "properties": { - "PolicyVariables": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PolicyVariables", - "markdownDescription": "Contains variables that you can use to override default Suricata settings in your firewall policy.", - "title": "PolicyVariables" - }, - "StatefulDefaultActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.\n\nValid values of the stateful default action:\n\n- aws:drop_strict\n- aws:drop_established\n- aws:alert_strict\n- aws:alert_established\n\nFor more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "StatefulDefaultActions", - "type": "array" - }, - "StatefulEngineOptions": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions", - "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.", - "title": "StatefulEngineOptions" - }, - "StatefulRuleGroupReferences": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference" - }, - "markdownDescription": "References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.", - "title": "StatefulRuleGroupReferences", - "type": "array" + "HealthyThreshold": { + "markdownDescription": "The number of consecutive health check successes required before moving the container to the `Healthy` state. The default value is `2` .", + "title": "HealthyThreshold", + "type": "number" }, - "StatelessCustomActions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.CustomAction" - }, - "markdownDescription": "The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.", - "title": "StatelessCustomActions", - "type": "array" + "IntervalSeconds": { + "markdownDescription": "The approximate interval, in seconds, between health checks of an individual container. You can specify between `5` and `300` seconds. The default value is `5` .", + "title": "IntervalSeconds", + "type": "number" }, - "StatelessDefaultActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", - "title": "StatelessDefaultActions", - "type": "array" + "Path": { + "markdownDescription": "The path on the container on which to perform the health check. The default value is `/` .", + "title": "Path", + "type": "string" }, - "StatelessFragmentDefaultActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", - "title": "StatelessFragmentDefaultActions", - "type": "array" + "SuccessCodes": { + "markdownDescription": "The HTTP codes to use when checking for a successful response from a container. You can specify values between `200` and `499` . You can specify multiple values (for example, `200,202` ) or a range of values (for example, `200-299` ).", + "title": "SuccessCodes", + "type": "string" }, - "StatelessRuleGroupReferences": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference" - }, - "markdownDescription": "References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.", - "title": "StatelessRuleGroupReferences", - "type": "array" + "TimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check. You can specify between `2` and `60` seconds. The default value is `2` .", + "title": "TimeoutSeconds", + "type": "number" }, - "TLSInspectionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the TLS inspection configuration.", - "title": "TLSInspectionConfigurationArn", - "type": "string" + "UnhealthyThreshold": { + "markdownDescription": "The number of consecutive health check failures required before moving the container to the `Unhealthy` state. The default value is `2` .", + "title": "UnhealthyThreshold", + "type": "number" } }, - "required": [ - "StatelessDefaultActions", - "StatelessFragmentDefaultActions" - ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.IPSet": { + "AWS::Lightsail::Container.PortInfo": { "additionalProperties": false, "properties": { - "Definition": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", - "title": "Definition", - "type": "array" + "Port": { + "markdownDescription": "The open firewall ports of the container.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol name for the open ports.\n\n*Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP`", + "title": "Protocol", + "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.PolicyVariables": { + "AWS::Lightsail::Container.PrivateRegistryAccess": { "additionalProperties": false, "properties": { - "RuleVariables": { - "additionalProperties": false, - "markdownDescription": "The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata `HOME_NET` variable. If your firewall uses an inspection VPC, you might want to override the `HOME_NET` variable with the CIDRs of your home networks. If you don't override `HOME_NET` with your own CIDRs, Network Firewall by default uses the CIDR of your inspection VPC.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.IPSet" - } - }, - "title": "RuleVariables", - "type": "object" + "EcrImagePullerRole": { + "$ref": "#/definitions/AWS::Lightsail::Container.EcrImagePullerRole", + "markdownDescription": "An object that describes the activation status of the role that you can use to grant a Lightsail container service access to Amazon ECR private repositories. If the role is activated, the Amazon Resource Name (ARN) of the role is also listed.", + "title": "EcrImagePullerRole" } }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction": { + "AWS::Lightsail::Container.PublicDomainName": { "additionalProperties": false, "properties": { - "Dimensions": { + "CertificateName": { + "markdownDescription": "The name of the certificate for the public domains.", + "title": "CertificateName", + "type": "string" + }, + "DomainNames": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.Dimension" + "type": "string" }, - "markdownDescription": "", - "title": "Dimensions", + "markdownDescription": "The public domain names to use with the container service.", + "title": "DomainNames", "type": "array" } }, - "required": [ - "Dimensions" - ], - "type": "object" - }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions": { - "additionalProperties": false, - "properties": { - "RuleOrder": { - "markdownDescription": "Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "RuleOrder", - "type": "string" - }, - "StreamExceptionPolicy": { - "markdownDescription": "Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.\n\n- `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.\n- `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent\u2014a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action.\n- `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.", - "title": "StreamExceptionPolicy", - "type": "string" - } - }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride": { + "AWS::Lightsail::Container.PublicEndpoint": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups.", - "title": "Action", + "ContainerName": { + "markdownDescription": "The name of the container entry of the deployment that the endpoint configuration applies to.", + "title": "ContainerName", "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference": { - "additionalProperties": false, - "properties": { - "Override": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride", - "markdownDescription": "The action that allows the policy owner to override the behavior of the rule group within a policy.", - "title": "Override" - }, - "Priority": { - "markdownDescription": "An integer setting that indicates the order in which to run the stateful rule groups in a single `FirewallPolicy` . This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings.\n\nNetwork Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.\n\nYou can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.", - "title": "Priority", - "type": "number" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the stateful rule group.", - "title": "ResourceArn", - "type": "string" - } - }, - "required": [ - "ResourceArn" - ], - "type": "object" - }, - "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference": { - "additionalProperties": false, - "properties": { - "Priority": { - "markdownDescription": "An integer setting that indicates the order in which to run the stateless rule groups in a single `FirewallPolicy` . Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.", - "title": "Priority", + "ContainerPort": { + "markdownDescription": "The port of the specified container to which traffic is forwarded to.", + "title": "ContainerPort", "type": "number" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the stateless rule group.", - "title": "ResourceArn", - "type": "string" + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::Lightsail::Container.HealthCheckConfig", + "markdownDescription": "An object that describes the health check configuration of the container.", + "title": "HealthCheckConfig" } }, - "required": [ - "Priority", - "ResourceArn" - ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration": { + "AWS::Lightsail::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -167135,31 +174804,100 @@ "Properties": { "additionalProperties": false, "properties": { - "FirewallArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", - "title": "FirewallArn", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the database.", + "title": "AvailabilityZone", "type": "string" }, - "FirewallName": { - "markdownDescription": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", - "title": "FirewallName", + "BackupRetention": { + "markdownDescription": "A Boolean value indicating whether automated backup retention is enabled for the database. Data Import Mode is enabled when `BackupRetention` is set to `false` , and is disabled when `BackupRetention` is set to `true` .", + "title": "BackupRetention", + "type": "boolean" + }, + "CaCertificateIdentifier": { + "markdownDescription": "The certificate associated with the database.", + "title": "CaCertificateIdentifier", "type": "string" }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration", - "markdownDescription": "Defines how AWS Network Firewall performs logging for a `Firewall` .", - "title": "LoggingConfiguration" + "MasterDatabaseName": { + "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n*MySQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, no database is created in the database resource.\n\nConstraints:\n\n- Must contain 1-64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in MySQL, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , and [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, a database named `postgres` is created in the database resource.\n\nConstraints:\n\n- Must contain 1-63 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in PostgreSQL, see the SQL Key Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", + "title": "MasterDatabaseName", + "type": "string" + }, + "MasterUserPassword": { + "markdownDescription": "The password for the primary user of the database. The password can include any printable ASCII character except the following: /, \", or @. It cannot contain spaces.\n\n> The `MasterUserPassword` and `RotateMasterUserPassword` parameters cannot be used together in the same template. \n\n*MySQL*\n\nConstraints: Must contain 8-41 characters.\n\n*PostgreSQL*\n\nConstraints: Must contain 8-128 characters.", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUsername": { + "markdownDescription": "The name for the primary user.\n\n*MySQL*\n\nConstraints:\n\n- Required for MySQL.\n- Must be 1-16 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , or [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nConstraints:\n\n- Required for PostgreSQL.\n- Must be 1-63 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", + "title": "MasterUsername", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created for the database (for example, `16:00-16:30` ).", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur for the database, formatted as follows: `ddd:hh24:mi-ddd:hh24:mi` . For example, `Tue:17:00-Tue:17:30` .", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "A Boolean value indicating whether the database is accessible to anyone on the internet.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "RelationalDatabaseBlueprintId": { + "markdownDescription": "The blueprint ID for the database (for example, `mysql_8_0` ).", + "title": "RelationalDatabaseBlueprintId", + "type": "string" + }, + "RelationalDatabaseBundleId": { + "markdownDescription": "The bundle ID for the database (for example, `medium_1_0` ).", + "title": "RelationalDatabaseBundleId", + "type": "string" + }, + "RelationalDatabaseName": { + "markdownDescription": "The name of the instance.", + "title": "RelationalDatabaseName", + "type": "string" + }, + "RelationalDatabaseParameters": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Database.RelationalDatabaseParameter" + }, + "markdownDescription": "An array of parameters for the database.", + "title": "RelationalDatabaseParameters", + "type": "array" + }, + "RotateMasterUserPassword": { + "markdownDescription": "A Boolean value indicating whether to change the primary user password to a new, strong password generated by Lightsail .\n\n> The `RotateMasterUserPassword` and `MasterUserPassword` parameters cannot be used together in the same template.", + "title": "RotateMasterUserPassword", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "FirewallArn", - "LoggingConfiguration" + "MasterDatabaseName", + "MasterUsername", + "RelationalDatabaseBlueprintId", + "RelationalDatabaseBundleId", + "RelationalDatabaseName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkFirewall::LoggingConfiguration" + "AWS::Lightsail::Database" ], "type": "string" }, @@ -167178,56 +174916,53 @@ ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig": { + "AWS::Lightsail::Database.RelationalDatabaseParameter": { "additionalProperties": false, "properties": { - "LogDestination": { - "additionalProperties": true, - "markdownDescription": "The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.\n\n- For an Amazon S3 bucket, provide the name of the bucket, with key `bucketName` , and optionally provide a prefix, with key `prefix` .\n\nThe following example specifies an Amazon S3 bucket named `DOC-EXAMPLE-BUCKET` and the prefix `alerts` :\n\n`\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }`\n- For a CloudWatch log group, provide the name of the CloudWatch log group, with key `logGroup` . The following example specifies a log group named `alert-log-group` :\n\n`\"LogDestination\": { \"logGroup\": \"alert-log-group\" }`\n- For a Firehose delivery stream, provide the name of the delivery stream, with key `deliveryStream` . The following example specifies a delivery stream named `alert-delivery-stream` :\n\n`\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "LogDestination", - "type": "object" + "AllowedValues": { + "markdownDescription": "The valid range of values for the parameter.", + "title": "AllowedValues", + "type": "string" }, - "LogDestinationType": { - "markdownDescription": "The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.", - "title": "LogDestinationType", + "ApplyMethod": { + "markdownDescription": "Indicates when parameter updates are applied.\n\nCan be `immediate` or `pending-reboot` .", + "title": "ApplyMethod", "type": "string" }, - "LogType": { - "markdownDescription": "The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.\n\n- `ALERT` - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the `StatefulRule` property.\n- `FLOW` - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.\n- `TLS` - Logs for events that are related to TLS inspection. For more information, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-configurations.html) in the *Network Firewall Developer Guide* .", - "title": "LogType", + "ApplyType": { + "markdownDescription": "Specifies the engine-specific parameter type.", + "title": "ApplyType", + "type": "string" + }, + "DataType": { + "markdownDescription": "The valid data type of the parameter.", + "title": "DataType", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the parameter.", + "title": "Description", + "type": "string" + }, + "IsModifiable": { + "markdownDescription": "A Boolean value indicating whether the parameter can be modified.", + "title": "IsModifiable", + "type": "boolean" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter.", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The value for the parameter.", + "title": "ParameterValue", "type": "string" } }, - "required": [ - "LogDestination", - "LogDestinationType", - "LogType" - ], - "type": "object" - }, - "AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration": { - "additionalProperties": false, - "properties": { - "LogDestinationConfigs": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig" - }, - "markdownDescription": "Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups.", - "title": "LogDestinationConfigs", - "type": "array" - } - }, - "required": [ - "LogDestinationConfigs" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup": { + "AWS::Lightsail::Disk": { "additionalProperties": false, "properties": { "Condition": { @@ -167262,50 +174997,52 @@ "Properties": { "additionalProperties": false, "properties": { - "Capacity": { - "markdownDescription": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.", - "title": "Capacity", - "type": "number" + "AddOns": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Disk.AddOn" + }, + "markdownDescription": "An array of add-ons for the disk.\n\n> If the disk has an add-on enabled when performing a delete disk request, the add-on is automatically disabled before the disk is deleted.", + "title": "AddOns", + "type": "array" }, - "Description": { - "markdownDescription": "A description of the rule group.", - "title": "Description", + "AvailabilityZone": { + "markdownDescription": "The AWS Region and Availability Zone location for the disk (for example, `us-east-1a` ).", + "title": "AvailabilityZone", "type": "string" }, - "RuleGroup": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleGroup", - "markdownDescription": "An object that defines the rule group rules.", - "title": "RuleGroup" - }, - "RuleGroupName": { - "markdownDescription": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", - "title": "RuleGroupName", + "DiskName": { + "markdownDescription": "The name of the disk.", + "title": "DiskName", "type": "string" }, + "Location": { + "$ref": "#/definitions/AWS::Lightsail::Disk.Location", + "markdownDescription": "The AWS Region and Availability Zone where the disk is located.", + "title": "Location" + }, + "SizeInGb": { + "markdownDescription": "The size of the disk in GB.", + "title": "SizeInGb", + "type": "number" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules.", - "title": "Type", - "type": "string" } }, "required": [ - "Capacity", - "RuleGroupName", - "Type" + "DiskName", + "SizeInGb" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkFirewall::RuleGroup" + "AWS::Lightsail::Disk" ], "type": "string" }, @@ -167324,530 +175061,694 @@ ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.ActionDefinition": { - "additionalProperties": false, - "properties": { - "PublishMetricAction": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PublishMetricAction", - "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", - "title": "PublishMetricAction" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.Address": { + "AWS::Lightsail::Disk.AddOn": { "additionalProperties": false, "properties": { - "AddressDefinition": { - "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "AddressDefinition", + "AddOnType": { + "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for a disk.", + "title": "AddOnType", + "type": "string" + }, + "AutoSnapshotAddOnRequest": { + "$ref": "#/definitions/AWS::Lightsail::Disk.AutoSnapshotAddOn", + "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", + "title": "AutoSnapshotAddOnRequest" + }, + "Status": { + "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", + "title": "Status", "type": "string" } }, "required": [ - "AddressDefinition" + "AddOnType" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.CustomAction": { + "AWS::Lightsail::Disk.AutoSnapshotAddOn": { "additionalProperties": false, "properties": { - "ActionDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ActionDefinition", - "markdownDescription": "The custom action associated with the action name.", - "title": "ActionDefinition" - }, - "ActionName": { - "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", - "title": "ActionName", + "SnapshotTimeOfDay": { + "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", + "title": "SnapshotTimeOfDay", "type": "string" } }, - "required": [ - "ActionDefinition", - "ActionName" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.Dimension": { + "AWS::Lightsail::Disk.Location": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to use in the custom metric dimension.", - "title": "Value", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where the disk is located.", + "title": "AvailabilityZone", + "type": "string" + }, + "RegionName": { + "markdownDescription": "The AWS Region where the disk is located.", + "title": "RegionName", "type": "string" } }, - "required": [ - "Value" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.Header": { + "AWS::Lightsail::Distribution": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "Destination", + "Condition": { "type": "string" }, - "DestinationPort": { - "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", - "title": "DestinationPort", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Direction": { - "markdownDescription": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination.", - "title": "Direction", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Protocol": { - "markdownDescription": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP.", - "title": "Protocol", - "type": "string" + "Metadata": { + "type": "object" }, - "Source": { - "markdownDescription": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "Source", + "Properties": { + "additionalProperties": false, + "properties": { + "BundleId": { + "markdownDescription": "The ID of the bundle applied to the distribution.", + "title": "BundleId", + "type": "string" + }, + "CacheBehaviorSettings": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheSettings", + "markdownDescription": "An object that describes the cache behavior settings of the distribution.", + "title": "CacheBehaviorSettings" + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehaviorPerPath" + }, + "markdownDescription": "An array of objects that describe the per-path cache behavior of the distribution.", + "title": "CacheBehaviors", + "type": "array" + }, + "CertificateName": { + "markdownDescription": "The name of the SSL/TLS certificate attached to the distribution.", + "title": "CertificateName", + "type": "string" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehavior", + "markdownDescription": "An object that describes the default cache behavior of the distribution.", + "title": "DefaultCacheBehavior" + }, + "DistributionName": { + "markdownDescription": "The name of the distribution", + "title": "DistributionName", + "type": "string" + }, + "IpAddressType": { + "markdownDescription": "The IP address type of the distribution.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for IPv4 and IPv6.", + "title": "IpAddressType", + "type": "string" + }, + "IsEnabled": { + "markdownDescription": "A Boolean value indicating whether the distribution is enabled.", + "title": "IsEnabled", + "type": "boolean" + }, + "Origin": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.InputOrigin", + "markdownDescription": "An object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer.\n\nThe distribution pulls, caches, and serves content from the origin.", + "title": "Origin" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "BundleId", + "DefaultCacheBehavior", + "DistributionName", + "Origin" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Lightsail::Distribution" + ], "type": "string" }, - "SourcePort": { - "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", - "title": "SourcePort", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Destination", - "DestinationPort", - "Direction", - "Protocol", - "Source", - "SourcePort" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.IPSet": { + "AWS::Lightsail::Distribution.CacheBehavior": { "additionalProperties": false, "properties": { - "Definition": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", - "title": "Definition", - "type": "array" + "Behavior": { + "markdownDescription": "The cache behavior of the distribution.\n\nThe following cache behaviors can be specified:\n\n- *`cache`* - This option is best for static sites. When specified, your distribution caches and serves your entire website as static content. This behavior is ideal for websites with static content that doesn't change depending on who views it, or for websites that don't use cookies, headers, or query strings to personalize content.\n- *`dont-cache`* - This option is best for sites that serve a mix of static and dynamic content. When specified, your distribution caches and serves only the content that is specified in the distribution\u2019s `CacheBehaviorPerPath` parameter. This behavior is ideal for websites or web applications that use cookies, headers, and query strings to personalize content for individual users.", + "title": "Behavior", + "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.IPSetReference": { + "AWS::Lightsail::Distribution.CacheBehaviorPerPath": { "additionalProperties": false, "properties": { - "ReferenceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to include in the `RuleGroup.IPSetReference` .", - "title": "ReferenceArn", + "Behavior": { + "markdownDescription": "The cache behavior for the specified path.\n\nYou can specify one of the following per-path cache behaviors:\n\n- *`cache`* - This behavior caches the specified path.\n- *`dont-cache`* - This behavior doesn't cache the specified path.", + "title": "Behavior", + "type": "string" + }, + "Path": { + "markdownDescription": "The path to a directory or file to cache, or not cache. Use an asterisk symbol to specify wildcard directories ( `path/to/assets/*` ), and file types ( `*.html` , `*jpg` , `*js` ). Directories and file paths are case-sensitive.\n\nExamples:\n\n- Specify the following to cache all files in the document root of an Apache web server running on a instance.\n\n`var/www/html/`\n- Specify the following file to cache only the index page in the document root of an Apache web server.\n\n`var/www/html/index.html`\n- Specify the following to cache only the .html files in the document root of an Apache web server.\n\n`var/www/html/*.html`\n- Specify the following to cache only the .jpg, .png, and .gif files in the images sub-directory of the document root of an Apache web server.\n\n`var/www/html/images/*.jpg`\n\n`var/www/html/images/*.png`\n\n`var/www/html/images/*.gif`\n\nSpecify the following to cache all files in the images subdirectory of the document root of an Apache web server.\n\n`var/www/html/images/`", + "title": "Path", "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.MatchAttributes": { + "AWS::Lightsail::Distribution.CacheSettings": { "additionalProperties": false, "properties": { - "DestinationPorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" - }, - "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", - "title": "DestinationPorts", - "type": "array" + "AllowedHTTPMethods": { + "markdownDescription": "The HTTP methods that are processed and forwarded to the distribution's origin.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution forwards the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution forwards the `GET` , `HEAD` , and `OPTIONS` methods.\n- `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` - The distribution forwards the `GET` , `HEAD` , `OPTIONS` , `PUT` , `PATCH` , `POST` , and `DELETE` methods.\n\nIf you specify `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` , you might need to restrict access to your distribution's origin so users can't perform operations that you don't want them to. For example, you might not want users to have permission to delete objects from your origin.", + "title": "AllowedHTTPMethods", + "type": "string" }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" - }, - "markdownDescription": "The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.", - "title": "Destinations", - "type": "array" + "CachedHTTPMethods": { + "markdownDescription": "The HTTP method responses that are cached by your distribution.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution caches responses to the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution caches responses to the `GET` , `HEAD` , and `OPTIONS` methods.", + "title": "CachedHTTPMethods", + "type": "string" }, - "Protocols": { - "items": { - "type": "number" - }, - "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.", - "title": "Protocols", - "type": "array" + "DefaultTTL": { + "markdownDescription": "The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.\n\n> The value specified applies only when the origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", + "title": "DefaultTTL", + "type": "number" }, - "SourcePorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" - }, - "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nIf not specified, this matches with any source port.\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", - "title": "SourcePorts", - "type": "array" + "ForwardedCookies": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CookieObject", + "markdownDescription": "An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded.", + "title": "ForwardedCookies" }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" - }, - "markdownDescription": "The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.", - "title": "Sources", - "type": "array" + "ForwardedHeaders": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.HeaderObject", + "markdownDescription": "An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded.", + "title": "ForwardedHeaders" }, - "TCPFlags": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.TCPFlagField" - }, - "markdownDescription": "The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).", - "title": "TCPFlags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.PortRange": { - "additionalProperties": false, - "properties": { - "FromPort": { - "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", - "title": "FromPort", + "ForwardedQueryStrings": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.QueryStringObject", + "markdownDescription": "An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded.", + "title": "ForwardedQueryStrings" + }, + "MaximumTTL": { + "markdownDescription": "The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nThe value specified applies only when the origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", + "title": "MaximumTTL", "type": "number" }, - "ToPort": { - "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", - "title": "ToPort", + "MinimumTTL": { + "markdownDescription": "The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nA value of `0` must be specified for `minimumTTL` if the distribution is configured to forward all headers to the origin.", + "title": "MinimumTTL", "type": "number" } }, - "required": [ - "FromPort", - "ToPort" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.PortSet": { + "AWS::Lightsail::Distribution.CookieObject": { "additionalProperties": false, "properties": { - "Definition": { + "CookiesAllowList": { "items": { "type": "string" }, - "markdownDescription": "The set of port ranges.", - "title": "Definition", + "markdownDescription": "The specific cookies to forward to your distribution's origin.", + "title": "CookiesAllowList", "type": "array" + }, + "Option": { + "markdownDescription": "Specifies which cookies to forward to the distribution's origin for a cache behavior.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all cookies to your origin.\n- *`none`* - Doesn\u2019t forward cookies to your origin.\n- *`allow-list`* - Forwards only the cookies that you specify using the `CookiesAllowList` parameter.", + "title": "Option", + "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.PublishMetricAction": { + "AWS::Lightsail::Distribution.HeaderObject": { "additionalProperties": false, "properties": { - "Dimensions": { + "HeadersAllowList": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Dimension" + "type": "string" }, - "markdownDescription": "", - "title": "Dimensions", + "markdownDescription": "The specific headers to forward to your distribution's origin.", + "title": "HeadersAllowList", "type": "array" + }, + "Option": { + "markdownDescription": "The headers that you want your distribution to forward to your origin. Your distribution caches your content based on these headers.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all headers to your origin..\n- *`none`* - Forwards only the default headers.\n- *`allow-list`* - Forwards only the headers that you specify using the `HeadersAllowList` parameter.", + "title": "Option", + "type": "string" } }, - "required": [ - "Dimensions" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.ReferenceSets": { + "AWS::Lightsail::Distribution.InputOrigin": { "additionalProperties": false, "properties": { - "IPSetReferences": { - "additionalProperties": false, - "markdownDescription": "The IP set references to use in the stateful rule group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSetReference" - } - }, - "title": "IPSetReferences", - "type": "object" + "Name": { + "markdownDescription": "The name of the origin resource.", + "title": "Name", + "type": "string" + }, + "ProtocolPolicy": { + "markdownDescription": "The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.", + "title": "ProtocolPolicy", + "type": "string" + }, + "RegionName": { + "markdownDescription": "The AWS Region name of the origin resource.", + "title": "RegionName", + "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleDefinition": { + "AWS::Lightsail::Distribution.QueryStringObject": { "additionalProperties": false, "properties": { - "Actions": { + "Option": { + "markdownDescription": "Indicates whether the distribution forwards and caches based on query strings.", + "title": "Option", + "type": "boolean" + }, + "QueryStringsAllowList": { "items": { "type": "string" }, - "markdownDescription": "The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions.\n\n> Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the `FirewallPolicy` . \n\nFor every rule, you must specify exactly one of the following standard actions.\n\n- *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination.\n- *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination.\n- *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection.\n\nAdditionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting.\n\nTo provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `[\u201caws:pass\u201d, \u201cMyMetricsAction\u201d]` .", - "title": "Actions", + "markdownDescription": "The specific query strings that the distribution forwards to the origin.\n\nYour distribution caches content based on the specified query strings.\n\nIf the `option` parameter is true, then your distribution forwards all query strings, regardless of what you specify using the `QueryStringsAllowList` parameter.", + "title": "QueryStringsAllowList", "type": "array" - }, - "MatchAttributes": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.MatchAttributes", - "markdownDescription": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.", - "title": "MatchAttributes" } }, - "required": [ - "Actions", - "MatchAttributes" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleGroup": { + "AWS::Lightsail::Instance": { "additionalProperties": false, "properties": { - "ReferenceSets": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ReferenceSets", - "markdownDescription": "The reference sets for the stateful rule group.", - "title": "ReferenceSets" + "Condition": { + "type": "string" }, - "RuleVariables": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleVariables", - "markdownDescription": "Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.", - "title": "RuleVariables" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "RulesSource": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSource", - "markdownDescription": "The stateful rules or stateless rules for the rule group.", - "title": "RulesSource" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "StatefulRuleOptions": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions", - "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* .", - "title": "StatefulRuleOptions" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AddOns": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Instance.AddOn" + }, + "markdownDescription": "An array of add-ons for the instance.\n\n> If the instance has an add-on enabled when performing a delete instance request, the add-on is automatically disabled before the instance is deleted.", + "title": "AddOns", + "type": "array" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", + "type": "string" + }, + "BlueprintId": { + "markdownDescription": "The blueprint ID for the instance (for example, `os_amlinux_2016_03` ).", + "title": "BlueprintId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle ID for the instance (for example, `micro_1_0` ).", + "title": "BundleId", + "type": "string" + }, + "Hardware": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Hardware", + "markdownDescription": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n> The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", + "title": "Hardware" + }, + "InstanceName": { + "markdownDescription": "The name of the instance.", + "title": "InstanceName", + "type": "string" + }, + "KeyPairName": { + "markdownDescription": "The name of the key pair to use for the instance.\n\nIf no key pair name is specified, the Regional Lightsail default key pair is used.", + "title": "KeyPairName", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Location", + "markdownDescription": "The location for the instance, such as the AWS Region and Availability Zone.\n\n> The `Location` property is read-only and should not be specified in a create instance or update instance request.", + "title": "Location" + }, + "Networking": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Networking", + "markdownDescription": "The public ports and the monthly amount of data transfer allocated for the instance.", + "title": "Networking" + }, + "State": { + "$ref": "#/definitions/AWS::Lightsail::Instance.State", + "markdownDescription": "The status code and the state (for example, `running` ) of the instance.\n\n> The `State` property is read-only and should not be specified in a create instance or update instance request.", + "title": "State" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" + }, + "UserData": { + "markdownDescription": "The optional launch script for the instance.\n\nSpecify a launch script to configure an instance with additional user data. For example, you might want to specify `apt-get -y update` as a launch script.\n\n> Depending on the blueprint of your instance, the command to get software on your instance varies. Amazon Linux and CentOS use `yum` , Debian and Ubuntu use `apt-get` , and FreeBSD uses `pkg` .", + "title": "UserData", + "type": "string" + } + }, + "required": [ + "BlueprintId", + "BundleId", + "InstanceName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Lightsail::Instance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "RulesSource" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleOption": { + "AWS::Lightsail::Instance.AddOn": { "additionalProperties": false, "properties": { - "Keyword": { - "markdownDescription": "The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", - "title": "Keyword", + "AddOnType": { + "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for an instance.", + "title": "AddOnType", "type": "string" }, - "Settings": { - "items": { - "type": "string" - }, - "markdownDescription": "The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", - "title": "Settings", - "type": "array" + "AutoSnapshotAddOnRequest": { + "$ref": "#/definitions/AWS::Lightsail::Instance.AutoSnapshotAddOn", + "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", + "title": "AutoSnapshotAddOnRequest" + }, + "Status": { + "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", + "title": "Status", + "type": "string" } }, "required": [ - "Keyword" + "AddOnType" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RuleVariables": { + "AWS::Lightsail::Instance.AutoSnapshotAddOn": { "additionalProperties": false, "properties": { - "IPSets": { - "additionalProperties": false, - "markdownDescription": "A list of IP addresses and address ranges, in CIDR notation.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSet" - } - }, - "title": "IPSets", - "type": "object" - }, - "PortSets": { - "additionalProperties": false, - "markdownDescription": "A list of port ranges.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortSet" - } - }, - "title": "PortSets", - "type": "object" + "SnapshotTimeOfDay": { + "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", + "title": "SnapshotTimeOfDay", + "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RulesSource": { + "AWS::Lightsail::Instance.Disk": { "additionalProperties": false, "properties": { - "RulesSourceList": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSourceList", - "markdownDescription": "Stateful inspection criteria for a domain list rule group.", - "title": "RulesSourceList" + "AttachedTo": { + "markdownDescription": "The resources to which the disk is attached.", + "title": "AttachedTo", + "type": "string" }, - "RulesString": { - "markdownDescription": "Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.\n\nThese rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.\n\n> You can't use the `priority` keyword if the `RuleOrder` option in `StatefulRuleOptions` is set to `STRICT_ORDER` .", - "title": "RulesString", + "AttachmentState": { + "markdownDescription": "(Deprecated) The attachment state of the disk.\n\n> In releases prior to November 14, 2017, this parameter returned `attached` for system disks in the API response. It is now deprecated, but still included in the response. Use `isAttached` instead.", + "title": "AttachmentState", "type": "string" }, - "StatefulRules": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRule" - }, - "markdownDescription": "An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-7.0.3/rules/intro.html) .", - "title": "StatefulRules", - "type": "array" + "DiskName": { + "markdownDescription": "The unique name of the disk.", + "title": "DiskName", + "type": "string" }, - "StatelessRulesAndCustomActions": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions", - "markdownDescription": "Stateless inspection criteria to be used in a stateless rule group.", - "title": "StatelessRulesAndCustomActions" + "IOPS": { + "markdownDescription": "The input/output operations per second (IOPS) of the disk.", + "title": "IOPS", + "type": "number" + }, + "IsSystemDisk": { + "markdownDescription": "A Boolean value indicating whether this disk is a system disk (has an operating system loaded on it).", + "title": "IsSystemDisk", + "type": "boolean" + }, + "Path": { + "markdownDescription": "The disk path.", + "title": "Path", + "type": "string" + }, + "SizeInGb": { + "markdownDescription": "The size of the disk in GB.", + "title": "SizeInGb", + "type": "string" } }, + "required": [ + "DiskName", + "Path" + ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.RulesSourceList": { + "AWS::Lightsail::Instance.Hardware": { "additionalProperties": false, "properties": { - "GeneratedRulesType": { - "markdownDescription": "Whether you want to allow or deny access to the domains in your target list.", - "title": "GeneratedRulesType", - "type": "string" + "CpuCount": { + "markdownDescription": "The number of vCPUs the instance has.\n\n> The `CpuCount` property is read-only and should not be specified in a create instance or update instance request.", + "title": "CpuCount", + "type": "number" }, - "TargetTypes": { + "Disks": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lightsail::Instance.Disk" }, - "markdownDescription": "The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` .", - "title": "TargetTypes", + "markdownDescription": "The disks attached to the instance.\n\nThe instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", + "title": "Disks", "type": "array" }, - "Targets": { - "items": { - "type": "string" - }, - "markdownDescription": "The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:\n\n- Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` .\n- Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` .", - "title": "Targets", - "type": "array" + "RamSizeInGb": { + "markdownDescription": "The amount of RAM in GB on the instance (for example, `1.0` ).\n\n> The `RamSizeInGb` property is read-only and should not be specified in a create instance or update instance request.", + "title": "RamSizeInGb", + "type": "number" } }, - "required": [ - "GeneratedRulesType", - "TargetTypes", - "Targets" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatefulRule": { + "AWS::Lightsail::Instance.Location": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.\n\nThe actions for a stateful rule are defined as follows:\n\n- *PASS* - Permits the packets to go to the intended destination.\n- *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n- *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic.\n- *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\nYou can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` .\n- *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\n`REJECT` isn't currently available for use with IMAP and FTP protocols.", - "title": "Action", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", "type": "string" }, - "Header": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Header", - "markdownDescription": "The stateful inspection criteria for this rule, used to inspect traffic flows.", - "title": "Header" - }, - "RuleOptions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleOption" - }, - "markdownDescription": "Additional settings for a stateful rule, provided as keywords and settings.", - "title": "RuleOptions", - "type": "array" + "RegionName": { + "markdownDescription": "The name of the AWS Region for the instance.", + "title": "RegionName", + "type": "string" } }, - "required": [ - "Action", - "Header", - "RuleOptions" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions": { + "AWS::Lightsail::Instance.MonthlyTransfer": { "additionalProperties": false, "properties": { - "RuleOrder": { - "markdownDescription": "Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "RuleOrder", + "GbPerMonthAllocated": { + "markdownDescription": "The amount of allocated monthly data transfer (in GB) for an instance.", + "title": "GbPerMonthAllocated", "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatelessRule": { + "AWS::Lightsail::Instance.Networking": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.\n\nEach stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object.\n\nYou can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on.", - "title": "Priority", - "type": "number" + "MonthlyTransfer": { + "$ref": "#/definitions/AWS::Lightsail::Instance.MonthlyTransfer", + "markdownDescription": "The monthly amount of data transfer, in GB, allocated for the instance", + "title": "MonthlyTransfer" }, - "RuleDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleDefinition", - "markdownDescription": "Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria.", - "title": "RuleDefinition" + "Ports": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Port" + }, + "markdownDescription": "An array of ports to open on the instance.", + "title": "Ports", + "type": "array" } }, "required": [ - "Priority", - "RuleDefinition" + "Ports" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions": { + "AWS::Lightsail::Instance.Port": { "additionalProperties": false, "properties": { - "CustomActions": { + "AccessDirection": { + "markdownDescription": "The access direction ( `inbound` or `outbound` ).\n\n> Lightsail currently supports only `inbound` access direction.", + "title": "AccessDirection", + "type": "string" + }, + "AccessFrom": { + "markdownDescription": "The location from which access is allowed. For example, `Anywhere (0.0.0.0/0)` , or `Custom` if a specific IP address or range of IP addresses is allowed.", + "title": "AccessFrom", + "type": "string" + }, + "AccessType": { + "markdownDescription": "The type of access ( `Public` or `Private` ).", + "title": "AccessType", + "type": "string" + }, + "CidrListAliases": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.CustomAction" + "type": "string" }, - "markdownDescription": "Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule `RuleGroup.RuleDefinition` `Actions` specification.", - "title": "CustomActions", + "markdownDescription": "An alias that defines access for a preconfigured range of IP addresses.\n\nThe only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance.", + "title": "CidrListAliases", "type": "array" }, - "StatelessRules": { + "Cidrs": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRule" + "type": "string" }, - "markdownDescription": "Defines the set of stateless rules for use in a stateless rule group.", - "title": "StatelessRules", + "markdownDescription": "The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.\n\n> The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. \n\nExamples:\n\n- To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` .\n- To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` .", + "title": "Cidrs", "type": "array" + }, + "CommonName": { + "markdownDescription": "The common name of the port information.", + "title": "CommonName", + "type": "string" + }, + "FromPort": { + "markdownDescription": "The first port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP type for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP type for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", + "title": "FromPort", + "type": "number" + }, + "Ipv6Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used.\n\n> The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance.", + "title": "Ipv6Cidrs", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The IP protocol name.\n\nThe name can be one of the following:\n\n- `tcp` - Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of streamed data between applications running on hosts communicating by an IP network. If you have an application that doesn't require reliable data stream service, use UDP instead.\n- `all` - All transport layer protocol types.\n- `udp` - With User Datagram Protocol (UDP), computer applications can send messages (or datagrams) to other hosts on an Internet Protocol (IP) network. Prior communications are not required to set up transmission channels or data paths. Applications that don't require reliable data stream service can use UDP, which provides a connectionless datagram service that emphasizes reduced latency over reliability. If you do require reliable data stream service, use TCP instead.\n- `icmp` - Internet Control Message Protocol (ICMP) is used to send error messages and operational information indicating success or failure when communicating with an instance. For example, an error is indicated when an instance could not be reached. When you specify `icmp` as the `protocol` , you must specify the ICMP type using the `fromPort` parameter, and ICMP code using the `toPort` parameter.", + "title": "Protocol", + "type": "string" + }, + "ToPort": { + "markdownDescription": "The last port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP code for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP code for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", + "title": "ToPort", + "type": "number" } }, - "required": [ - "StatelessRules" - ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.TCPFlagField": { + "AWS::Lightsail::Instance.State": { "additionalProperties": false, "properties": { - "Flags": { - "items": { - "type": "string" - }, - "markdownDescription": "Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting.\n\nFor the flags that are specified in the masks setting, the following must be true for the packet to match:\n\n- The ones that are set in this flags setting must be set in the packet.\n- The ones that are not set in this flags setting must also not be set in the packet.", - "title": "Flags", - "type": "array" + "Code": { + "markdownDescription": "The status code of the instance.", + "title": "Code", + "type": "number" }, - "Masks": { - "items": { - "type": "string" - }, - "markdownDescription": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting.", - "title": "Masks", - "type": "array" + "Name": { + "markdownDescription": "The state of the instance (for example, `running` or `pending` ).", + "title": "Name", + "type": "string" } }, - "required": [ - "Flags" - ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration": { + "AWS::Lightsail::InstanceSnapshot": { "additionalProperties": false, "properties": { "Condition": { @@ -167882,39 +175783,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the TLS inspection configuration.", - "title": "Description", + "InstanceName": { + "markdownDescription": "The name the user gave the instance ( `Amazon_Linux_2023-1` ).", + "title": "InstanceName", "type": "string" }, - "TLSInspectionConfiguration": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration", - "markdownDescription": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", - "title": "TLSInspectionConfiguration" - }, - "TLSInspectionConfigurationName": { - "markdownDescription": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it.", - "title": "TLSInspectionConfigurationName", + "InstanceSnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "InstanceSnapshotName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key:value pairs to associate with the resource.", + "markdownDescription": "The tag keys and optional values for the resource. For more information about tags in Lightsail, see the [Amazon Lightsail Developer Guide](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-tags) .", "title": "Tags", "type": "array" } }, "required": [ - "TLSInspectionConfiguration", - "TLSInspectionConfigurationName" + "InstanceName", + "InstanceSnapshotName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkFirewall::TLSInspectionConfiguration" + "AWS::Lightsail::InstanceSnapshot" ], "type": "string" }, @@ -167933,160 +175829,23 @@ ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.Address": { - "additionalProperties": false, - "properties": { - "AddressDefinition": { - "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "AddressDefinition", - "type": "string" - } - }, - "required": [ - "AddressDefinition" - ], - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus": { + "AWS::Lightsail::InstanceSnapshot.Location": { "additionalProperties": false, "properties": { - "RevokedStatusAction": { - "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has a revoked status.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", - "title": "RevokedStatusAction", - "type": "string" - }, - "UnknownStatusAction": { - "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has an unknown status, or a status that cannot be determined for any other reason, including when the service is unable to connect to the OCSP and CRL endpoints for the certificate.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", - "title": "UnknownStatusAction", + "AvailabilityZone": { + "markdownDescription": "", + "title": "AvailabilityZone", "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange": { - "additionalProperties": false, - "properties": { - "FromPort": { - "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", - "title": "FromPort", - "type": "number" }, - "ToPort": { - "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", - "title": "ToPort", - "type": "number" - } - }, - "required": [ - "FromPort", - "ToPort" - ], - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.", - "title": "ResourceArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration": { - "additionalProperties": false, - "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", - "title": "CertificateAuthorityArn", + "RegionName": { + "markdownDescription": "", + "title": "RegionName", "type": "string" - }, - "CheckCertificateRevocationStatus": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus", - "markdownDescription": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .", - "title": "CheckCertificateRevocationStatus" - }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope" - }, - "markdownDescription": "A list of scopes.", - "title": "Scopes", - "type": "array" - }, - "ServerCertificates": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate" - }, - "markdownDescription": "The list of server certificates to use for inbound SSL/TLS inspection.", - "title": "ServerCertificates", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope": { - "additionalProperties": false, - "properties": { - "DestinationPorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" - }, - "markdownDescription": "The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", - "title": "DestinationPorts", - "type": "array" - }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" - }, - "markdownDescription": "The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any destination address.", - "title": "Destinations", - "type": "array" - }, - "Protocols": { - "items": { - "type": "number" - }, - "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.\n\nNetwork Firewall currently supports only TCP.", - "title": "Protocols", - "type": "array" - }, - "SourcePorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" - }, - "markdownDescription": "The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", - "title": "SourcePorts", - "type": "array" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" - }, - "markdownDescription": "The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any source address.", - "title": "Sources", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration": { - "additionalProperties": false, - "properties": { - "ServerCertificateConfigurations": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration" - }, - "markdownDescription": "Lists the server certificate configurations that are associated with the TLS configuration.", - "title": "ServerCertificateConfigurations", - "type": "array" } }, "type": "object" }, - "AWS::NetworkManager::ConnectAttachment": { + "AWS::Lightsail::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { @@ -168121,51 +175880,67 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "The ID of the core network where the Connect attachment is located.", - "title": "CoreNetworkId", + "AttachedInstances": { + "items": { + "type": "string" + }, + "markdownDescription": "The Lightsail instances to attach to the load balancer.", + "title": "AttachedInstances", + "type": "array" + }, + "HealthCheckPath": { + "markdownDescription": "The path on the attached instance where the health check will be performed. If no path is specified, the load balancer tries to make a request to the default (root) page ( `/index.html` ).", + "title": "HealthCheckPath", "type": "string" }, - "EdgeLocation": { - "markdownDescription": "The Region where the edge is located.", - "title": "EdgeLocation", + "InstancePort": { + "markdownDescription": "The port that the load balancer uses to direct traffic to your Lightsail instances. For HTTP traffic, specify port `80` . For HTTPS traffic, specify port `443` .", + "title": "InstancePort", + "type": "number" + }, + "IpAddressType": { + "markdownDescription": "The IP address type of the load balancer.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for both IPv4 and IPv6.", + "title": "IpAddressType", "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions", - "markdownDescription": "Options for connecting an attachment.", - "title": "Options" + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer.", + "title": "LoadBalancerName", + "type": "string" }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" + "SessionStickinessEnabled": { + "markdownDescription": "A Boolean value indicating whether session stickiness is enabled.\n\nEnable session stickiness (also known as *session affinity* ) to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.", + "title": "SessionStickinessEnabled", + "type": "boolean" + }, + "SessionStickinessLBCookieDurationSeconds": { + "markdownDescription": "The time period, in seconds, after which the load balancer session stickiness cookie should be considered stale. If you do not specify this parameter, the default value is 0, which indicates that the sticky session should last for the duration of the browser session.", + "title": "SessionStickinessLBCookieDurationSeconds", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the Connect attachment.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" }, - "TransportAttachmentId": { - "markdownDescription": "The ID of the transport attachment.", - "title": "TransportAttachmentId", + "TlsPolicyName": { + "markdownDescription": "The name of the TLS security policy for the load balancer.", + "title": "TlsPolicyName", "type": "string" } }, "required": [ - "CoreNetworkId", - "EdgeLocation", - "Options", - "TransportAttachmentId" + "InstancePort", + "LoadBalancerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::ConnectAttachment" + "AWS::Lightsail::LoadBalancer" ], "type": "string" }, @@ -168184,42 +175959,7 @@ ], "type": "object" }, - "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { - "additionalProperties": false, - "properties": { - "Protocol": { - "markdownDescription": "The protocol used for the attachment connection.", - "title": "Protocol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange": { - "additionalProperties": false, - "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::ConnectPeer": { + "AWS::Lightsail::LoadBalancerTlsCertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -168254,57 +175994,50 @@ "Properties": { "additionalProperties": false, "properties": { - "BgpOptions": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.BgpOptions", - "markdownDescription": "Describes the BGP options.", - "title": "BgpOptions" - }, - "ConnectAttachmentId": { - "markdownDescription": "The ID of the attachment to connect.", - "title": "ConnectAttachmentId", - "type": "string" - }, - "CoreNetworkAddress": { - "markdownDescription": "The IP address of a core network.", - "title": "CoreNetworkAddress", - "type": "string" - }, - "InsideCidrBlocks": { + "CertificateAlternativeNames": { "items": { "type": "string" }, - "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", - "title": "InsideCidrBlocks", + "markdownDescription": "An array of alternative domain names and subdomain names for your SSL/TLS certificate.\n\nIn addition to the primary domain name, you can have up to nine alternative domain names. Wildcards (such as `*.example.com` ) are not supported.", + "title": "CertificateAlternativeNames", "type": "array" }, - "PeerAddress": { - "markdownDescription": "The IP address of the Connect peer.", - "title": "PeerAddress", + "CertificateDomainName": { + "markdownDescription": "The domain name for the SSL/TLS certificate. For example, `example.com` or `www.example.com` .", + "title": "CertificateDomainName", "type": "string" }, - "SubnetArn": { - "markdownDescription": "The subnet ARN of the Connect peer.", - "title": "SubnetArn", + "CertificateName": { + "markdownDescription": "The name of the SSL/TLS certificate.", + "title": "CertificateName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags associated with the Connect peer.", - "title": "Tags", - "type": "array" + "HttpsRedirectionEnabled": { + "markdownDescription": "A Boolean value indicating whether HTTPS redirection is enabled for the load balancer that the TLS certificate is attached to.", + "title": "HttpsRedirectionEnabled", + "type": "boolean" + }, + "IsAttached": { + "markdownDescription": "A Boolean value indicating whether the SSL/TLS certificate is attached to a Lightsail load balancer.", + "title": "IsAttached", + "type": "boolean" + }, + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer that the SSL/TLS certificate is attached to.", + "title": "LoadBalancerName", + "type": "string" } }, "required": [ - "ConnectAttachmentId", - "PeerAddress" + "CertificateDomainName", + "CertificateName", + "LoadBalancerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::ConnectPeer" + "AWS::Lightsail::LoadBalancerTlsCertificate" ], "type": "string" }, @@ -168323,81 +176056,79 @@ ], "type": "object" }, - "AWS::NetworkManager::ConnectPeer.BgpOptions": { - "additionalProperties": false, - "properties": { - "PeerAsn": { - "markdownDescription": "The Peer ASN of the BGP.", - "title": "PeerAsn", - "type": "number" - } - }, - "type": "object" - }, - "AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration": { + "AWS::Lightsail::StaticIp": { "additionalProperties": false, "properties": { - "CoreNetworkAddress": { - "markdownDescription": "The address of a core network.", - "title": "CoreNetworkAddress", + "Condition": { "type": "string" }, - "CoreNetworkAsn": { - "markdownDescription": "The ASN of the Coret Network.", - "title": "CoreNetworkAsn", - "type": "number" - }, - "PeerAddress": { - "markdownDescription": "The address of a core network Connect peer.", - "title": "PeerAddress", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PeerAsn": { - "markdownDescription": "The ASN of the Connect peer.", - "title": "PeerAsn", - "type": "number" - } - }, - "type": "object" - }, - "AWS::NetworkManager::ConnectPeer.ConnectPeerConfiguration": { - "additionalProperties": false, - "properties": { - "BgpConfigurations": { - "items": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration" - }, - "markdownDescription": "The Connect peer BGP configurations.", - "title": "BgpConfigurations", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CoreNetworkAddress": { - "markdownDescription": "The IP address of a core network.", - "title": "CoreNetworkAddress", - "type": "string" + "Metadata": { + "type": "object" }, - "InsideCidrBlocks": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AttachedTo": { + "markdownDescription": "The instance that the static IP is attached to.", + "title": "AttachedTo", + "type": "string" + }, + "StaticIpName": { + "markdownDescription": "The name of the static IP.", + "title": "StaticIpName", + "type": "string" + } }, - "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", - "title": "InsideCidrBlocks", - "type": "array" + "required": [ + "StaticIpName" + ], + "type": "object" }, - "PeerAddress": { - "markdownDescription": "The IP address of the Connect peer.", - "title": "PeerAddress", + "Type": { + "enum": [ + "AWS::Lightsail::StaticIp" + ], "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol used for a Connect peer configuration.", - "title": "Protocol", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::NetworkManager::CoreNetwork": { + "AWS::Location::APIKey": { "additionalProperties": false, "properties": { "Condition": { @@ -168433,37 +176164,58 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of a core network.", + "markdownDescription": "Updates the description for the API key resource.", "title": "Description", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network that your core network is a part of.", - "title": "GlobalNetworkId", + "ExpireTime": { + "markdownDescription": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) .", + "title": "ExpireTime", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "Describes a core network policy. For more information, see [Core network policies](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) .\n\nIf you update the policy document, CloudFormation will apply the core network change set generated from the updated policy document, and then set it as the LIVE policy.", - "title": "PolicyDocument", - "type": "object" + "ForceDelete": { + "markdownDescription": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n> This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use.", + "title": "ForceDelete", + "type": "boolean" + }, + "ForceUpdate": { + "markdownDescription": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred.", + "title": "ForceUpdate", + "type": "boolean" + }, + "KeyName": { + "markdownDescription": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` .", + "title": "KeyName", + "type": "string" + }, + "NoExpiry": { + "markdownDescription": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time.", + "title": "NoExpiry", + "type": "boolean" + }, + "Restrictions": { + "$ref": "#/definitions/AWS::Location::APIKey.ApiKeyRestrictions", + "markdownDescription": "The API key restrictions for the API key resource.", + "title": "Restrictions" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value tags associated with a core network.", + "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair that helps manage, identify, search, and filter your resources by labelling them.", "title": "Tags", "type": "array" } }, "required": [ - "GlobalNetworkId" + "KeyName", + "Restrictions" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::CoreNetwork" + "AWS::Location::APIKey" ], "type": "string" }, @@ -168482,58 +176234,41 @@ ], "type": "object" }, - "AWS::NetworkManager::CoreNetwork.CoreNetworkEdge": { + "AWS::Location::APIKey.ApiKeyRestrictions": { "additionalProperties": false, "properties": { - "Asn": { - "markdownDescription": "The ASN of a core network edge.", - "title": "Asn", - "type": "number" - }, - "EdgeLocation": { - "markdownDescription": "The Region where a core network edge is located.", - "title": "EdgeLocation", - "type": "string" - }, - "InsideCidrBlocks": { + "AllowActions": { "items": { "type": "string" }, - "markdownDescription": "The inside IP addresses used for core network edges.", - "title": "InsideCidrBlocks", + "markdownDescription": "A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action.\n\nThe following are valid values for the actions.\n\n- *Map actions*\n\n- `geo:GetMap*` - Allows all actions needed for map rendering.\n- *Enhanced Maps actions*\n\n- `geo-maps:GetTile` - Allows getting map tiles for rendering.\n- `geo-maps:GetStaticMap` - Allows getting static map images.\n- *Place actions*\n\n- `geo:SearchPlaceIndexForText` - Allows finding geo coordinates of a known place.\n- `geo:SearchPlaceIndexForPosition` - Allows getting nearest address to geo coordinates.\n- `geo:SearchPlaceIndexForSuggestions` - Allows suggestions based on an incomplete or misspelled query.\n- `geo:GetPlace` - Allows getting details of a place.\n- *Enhanced Places actions*\n\n- `geo-places:Autcomplete` - Allows auto-completion of search text.\n- `geo-places:Geocode` - Allows finding geo coordinates of a known place.\n- `geo-places:GetPlace` - Allows getting details of a place.\n- `geo-places:ReverseGeocode` - Allows getting nearest address to geo coordinates.\n- `geo-places:SearchNearby` - Allows category based places search around geo coordinates.\n- `geo-places:SearchText` - Allows place or address search based on free-form text.\n- `geo-places:Suggest` - Allows suggestions based on an incomplete or misspelled query.\n- *Route actions*\n\n- `geo:CalculateRoute` - Allows point to point routing.\n- `geo:CalculateRouteMatrix` - Allows matrix routing.\n- *Enhanced Routes actions*\n\n- `geo-routes:CalculateIsolines` - Allows isoline calculation.\n- `geo-routes:CalculateRoutes` - Allows point to point routing.\n- `geo-routes:CalculateRouteMatrix` - Allows matrix routing.\n- `geo-routes:OptimizeWaypoints` - Allows computing the best sequence of waypoints.\n- `geo-routes:SnapToRoads` - Allows snapping GPS points to a likely route.\n\n> You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `[\"geo:GetMap*\"]` is valid but `[\"geo:GetTile\"]` is not. Similarly, you cannot use `[\"geo:SearchPlaceIndexFor*\"]` - you must list each of the Place actions separately.", + "title": "AllowActions", "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::CoreNetwork.CoreNetworkSegment": { - "additionalProperties": false, - "properties": { - "EdgeLocations": { + }, + "AllowReferers": { "items": { "type": "string" }, - "markdownDescription": "The Regions where the edges are located.", - "title": "EdgeLocations", + "markdownDescription": "An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) or any symbols in this list `$\\-._+!*`(),;/?:@=&`\n- May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes.\n- May contain wildcard characters question mark (?) and asterisk (*).\n\nQuestion mark (?) will replace any single character (including hexadecimal digits).\n\nAsterisk (*) will replace any multiple characters (including multiple hexadecimal digits).\n- No spaces allowed. For example, `https://example.com` .", + "title": "AllowReferers", "type": "array" }, - "Name": { - "markdownDescription": "The name of a core network segment.", - "title": "Name", - "type": "string" - }, - "SharedSegments": { + "AllowResources": { "items": { "type": "string" }, - "markdownDescription": "The shared segments of a core network.", - "title": "SharedSegments", + "markdownDescription": "A list of allowed resource ARNs that a API key bearer can perform actions on.\n\n- The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type.\n- The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created.\n- Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:).\n- No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` .\n\nFor more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) .", + "title": "AllowResources", "type": "array" } }, + "required": [ + "AllowActions", + "AllowResources" + ], "type": "object" }, - "AWS::NetworkManager::CustomerGatewayAssociation": { + "AWS::Location::GeofenceCollection": { "additionalProperties": false, "properties": { "Condition": { @@ -168568,37 +176303,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomerGatewayArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the customer gateway.", - "title": "CustomerGatewayArn", + "CollectionName": { + "markdownDescription": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` .", + "title": "CollectionName", "type": "string" }, - "DeviceId": { - "markdownDescription": "The ID of the device.", - "title": "DeviceId", + "Description": { + "markdownDescription": "An optional description for the geofence collection.", + "title": "Description", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "KmsKeyId": { + "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", + "title": "KmsKeyId", "type": "string" }, - "LinkId": { - "markdownDescription": "The ID of the link.", - "title": "LinkId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Applies one or more tags to the geofence collection. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", + "title": "Tags", + "type": "array" } }, "required": [ - "CustomerGatewayArn", - "DeviceId", - "GlobalNetworkId" + "CollectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::CustomerGatewayAssociation" + "AWS::Location::GeofenceCollection" ], "type": "string" }, @@ -168617,7 +176353,7 @@ ], "type": "object" }, - "AWS::NetworkManager::Device": { + "AWS::Location::Map": { "additionalProperties": false, "properties": { "Condition": { @@ -168652,68 +176388,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AWSLocation": { - "$ref": "#/definitions/AWS::NetworkManager::Device.AWSLocation", - "markdownDescription": "The AWS location of the device.", - "title": "AWSLocation" + "Configuration": { + "$ref": "#/definitions/AWS::Location::Map.MapConfiguration", + "markdownDescription": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource.", + "title": "Configuration" }, "Description": { - "markdownDescription": "A description of the device.\n\nConstraints: Maximum length of 256 characters.", + "markdownDescription": "An optional description for the map resource.", "title": "Description", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", - "type": "string" - }, - "Location": { - "$ref": "#/definitions/AWS::NetworkManager::Device.Location", - "markdownDescription": "The site location.", - "title": "Location" - }, - "Model": { - "markdownDescription": "The model of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "Model", - "type": "string" - }, - "SerialNumber": { - "markdownDescription": "The serial number of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "SerialNumber", + "MapName": { + "markdownDescription": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` .", + "title": "MapName", "type": "string" }, - "SiteId": { - "markdownDescription": "The site ID.", - "title": "SiteId", + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the device.", + "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The device type.", - "title": "Type", - "type": "string" - }, - "Vendor": { - "markdownDescription": "The vendor of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "Vendor", - "type": "string" } }, "required": [ - "GlobalNetworkId" + "Configuration", + "MapName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::Device" + "AWS::Location::Map" ], "type": "string" }, @@ -168732,44 +176444,34 @@ ], "type": "object" }, - "AWS::NetworkManager::Device.AWSLocation": { - "additionalProperties": false, - "properties": { - "SubnetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the subnet that the device is located in.", - "title": "SubnetArn", - "type": "string" - }, - "Zone": { - "markdownDescription": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost.", - "title": "Zone", - "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkManager::Device.Location": { + "AWS::Location::Map.MapConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The physical address.", - "title": "Address", - "type": "string" + "CustomLayers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style.\n\n> Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) .", + "title": "CustomLayers", + "type": "array" }, - "Latitude": { - "markdownDescription": "The latitude.", - "title": "Latitude", + "PoliticalView": { + "markdownDescription": "Specifies the map political view selected from an available data provider.", + "title": "PoliticalView", "type": "string" }, - "Longitude": { - "markdownDescription": "The longitude.", - "title": "Longitude", + "Style": { + "markdownDescription": "Specifies the map style selected from an available data provider.\n\nValid [Esri map styles](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) :\n\n- `VectorEsriDarkGrayCanvas` \u2013 The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `RasterEsriImagery` \u2013 The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide.\n- `VectorEsriLightGrayCanvas` \u2013 The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `VectorEsriTopographic` \u2013 The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style.\n- `VectorEsriStreets` \u2013 The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map.\n- `VectorEsriNavigation` \u2013 The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices.\n\nValid [HERE Technologies map styles](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) :\n\n- `VectorHereContrast` \u2013 The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering.\n\n> The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it.\n- `VectorHereExplore` \u2013 A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan.\n- `VectorHereExploreTruck` \u2013 A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics.\n- `RasterHereExploreSatellite` \u2013 A global map containing high resolution satellite imagery.\n- `HybridHereExploreSatellite` \u2013 A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved.\n\n> Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved.\n\nValid [GrabMaps map styles](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) :\n\n- `VectorGrabStandardLight` \u2013 The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia.\n- `VectorGrabStandardDark` \u2013 The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia.\n\n> Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) . \n\nValid [Open Data map styles](https://docs.aws.amazon.com/location/previous/developerguide/open-data.html) :\n\n- `VectorOpenDataStandardLight` \u2013 The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataStandardDark` \u2013 Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataVisualizationLight` \u2013 The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data.\n- `VectorOpenDataVisualizationDark` \u2013 The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data.", + "title": "Style", "type": "string" } }, + "required": [ + "Style" + ], "type": "object" }, - "AWS::NetworkManager::GlobalNetwork": { + "AWS::Location::PlaceIndex": { "additionalProperties": false, "properties": { "Condition": { @@ -168804,35 +176506,49 @@ "Properties": { "additionalProperties": false, "properties": { - "CreatedAt": { - "markdownDescription": "The date and time that the global network was created.", - "title": "CreatedAt", + "DataSource": { + "markdownDescription": "Specifies the geospatial data provider for the new place index.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` \u2013 Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n> If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS service terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service developer guide* .", + "title": "DataSource", "type": "string" }, + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Location::PlaceIndex.DataSourceConfiguration", + "markdownDescription": "Specifies the data storage option requesting Places.", + "title": "DataSourceConfiguration" + }, "Description": { - "markdownDescription": "A description of the global network.\n\nConstraints: Maximum length of 256 characters.", + "markdownDescription": "The optional description for the place index resource.", "title": "Description", "type": "string" }, - "State": { - "markdownDescription": "The state of the global network.", - "title": "State", + "IndexName": { + "markdownDescription": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` .", + "title": "IndexName", + "type": "string" + }, + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the global network.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, + "required": [ + "DataSource", + "IndexName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::GlobalNetwork" + "AWS::Location::PlaceIndex" ], "type": "string" }, @@ -168846,11 +176562,23 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkManager::Link": { + "AWS::Location::PlaceIndex.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "IntendedUse": { + "markdownDescription": "Specifies how the results of an operation will be stored by the caller.\n\nValid values include:\n\n- `SingleUse` specifies that the results won't be stored.\n- `Storage` specifies that the result can be cached or stored in a database.\n\nDefault value: `SingleUse`", + "title": "IntendedUse", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Location::RouteCalculator": { "additionalProperties": false, "properties": { "Condition": { @@ -168885,55 +176613,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Bandwidth": { - "$ref": "#/definitions/AWS::NetworkManager::Link.Bandwidth", - "markdownDescription": "The bandwidth for the link.", - "title": "Bandwidth" + "CalculatorName": { + "markdownDescription": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` .", + "title": "CalculatorName", + "type": "string" }, - "Description": { - "markdownDescription": "A description of the link.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", + "DataSource": { + "markdownDescription": "Specifies the data provider of traffic and road network data.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` \u2013 Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", + "title": "DataSource", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "Description": { + "markdownDescription": "The optional description for the route calculator resource.", + "title": "Description", "type": "string" }, - "Provider": { - "markdownDescription": "The provider of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", - "title": "Provider", - "type": "string" - }, - "SiteId": { - "markdownDescription": "The ID of the site.", - "title": "SiteId", + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the link.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", - "title": "Type", - "type": "string" } }, "required": [ - "Bandwidth", - "GlobalNetworkId", - "SiteId" + "CalculatorName", + "DataSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::Link" + "AWS::Location::RouteCalculator" ], "type": "string" }, @@ -168952,23 +176669,7 @@ ], "type": "object" }, - "AWS::NetworkManager::Link.Bandwidth": { - "additionalProperties": false, - "properties": { - "DownloadSpeed": { - "markdownDescription": "Download speed in Mbps.", - "title": "DownloadSpeed", - "type": "number" - }, - "UploadSpeed": { - "markdownDescription": "Upload speed in Mbps.", - "title": "UploadSpeed", - "type": "number" - } - }, - "type": "object" - }, - "AWS::NetworkManager::LinkAssociation": { + "AWS::Location::Tracker": { "additionalProperties": false, "properties": { "Condition": { @@ -169003,32 +176704,53 @@ "Properties": { "additionalProperties": false, "properties": { - "DeviceId": { - "markdownDescription": "The device ID for the link association.", - "title": "DeviceId", + "Description": { + "markdownDescription": "An optional description for the tracker resource.", + "title": "Description", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "EventBridgeEnabled": { + "markdownDescription": "", + "title": "EventBridgeEnabled", + "type": "boolean" + }, + "KmsKeyEnableGeospatialQueries": { + "markdownDescription": "", + "title": "KmsKeyEnableGeospatialQueries", + "type": "boolean" + }, + "KmsKeyId": { + "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", + "title": "KmsKeyId", "type": "string" }, - "LinkId": { - "markdownDescription": "The ID of the link.", - "title": "LinkId", + "PositionFiltering": { + "markdownDescription": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` .", + "title": "PositionFiltering", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "TrackerName": { + "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", + "title": "TrackerName", "type": "string" } }, "required": [ - "DeviceId", - "GlobalNetworkId", - "LinkId" + "TrackerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::LinkAssociation" + "AWS::Location::Tracker" ], "type": "string" }, @@ -169047,7 +176769,7 @@ ], "type": "object" }, - "AWS::NetworkManager::Site": { + "AWS::Location::TrackerConsumer": { "additionalProperties": false, "properties": { "Condition": { @@ -169082,38 +176804,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of your site.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", + "ConsumerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`", + "title": "ConsumerArn", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "TrackerName": { + "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", + "title": "TrackerName", "type": "string" - }, - "Location": { - "$ref": "#/definitions/AWS::NetworkManager::Site.Location", - "markdownDescription": "The site location. This information is used for visualization in the Network Manager console. If you specify the address, the latitude and longitude are automatically calculated.\n\n- `Address` : The physical address of the site.\n- `Latitude` : The latitude of the site.\n- `Longitude` : The longitude of the site.", - "title": "Location" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the site.", - "title": "Tags", - "type": "array" } }, "required": [ - "GlobalNetworkId" + "ConsumerArn", + "TrackerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::Site" + "AWS::Location::TrackerConsumer" ], "type": "string" }, @@ -169132,28 +176842,7 @@ ], "type": "object" }, - "AWS::NetworkManager::Site.Location": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The physical address.", - "title": "Address", - "type": "string" - }, - "Latitude": { - "markdownDescription": "The latitude.", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "The longitude.", - "title": "Longitude", - "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkManager::SiteToSiteVpnAttachment": { + "AWS::Logs::AccountPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -169188,39 +176877,42 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "", - "title": "CoreNetworkId", + "PolicyDocument": { + "markdownDescription": "Specify the policy, in JSON.\n\n*Data protection policy*\n\nA data protection policy must include two JSON blocks:\n\n- The first block must include both a `DataIdentifer` array and an `Operation` property with an `Audit` action. The `DataIdentifer` array lists the types of sensitive data that you want to mask. For more information about the available options, see [Types of data that you can mask](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html) .\n\nThe `Operation` property with an `Audit` action is required to find the sensitive data terms. This `Audit` action must contain a `FindingsDestination` object. You can optionally use that `FindingsDestination` object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Firehose streams, and S3 buckets, they must already exist.\n- The second block must include both a `DataIdentifer` array and an `Operation` property with an `Deidentify` action. The `DataIdentifer` array must exactly match the `DataIdentifer` array in the first block of the policy.\n\nThe `Operation` property with the `Deidentify` action is what actually masks the data, and it must contain the `\"MaskConfig\": {}` object. The `\"MaskConfig\": {}` object must be empty.\n\n> The contents of the two `DataIdentifer` arrays must match exactly. \n\nIn addition to the two JSON blocks, the `policyDocument` can also include `Name` , `Description` , and `Version` fields. The `Name` is different than the operation's `policyName` parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch .\n\nThe JSON specified in `policyDocument` can be up to 30,720 characters long.\n\n*Subscription filter policy*\n\nA subscription filter policy can include the following attributes in a JSON block:\n\n- *DestinationArn* The ARN of the destination to deliver log events to. Supported destinations are:\n\n- An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.\n- An Firehose data stream in the same account as the subscription policy, for same-account delivery.\n- A Lambda function in the same account as the subscription policy, for same-account delivery.\n- A logical destination in a different account created with [PutDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html) , for cross-account delivery. Kinesis Data Streams and Firehose are supported as logical destinations.\n- *RoleArn* The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.\n- *FilterPattern* A filter pattern for subscribing to a filtered stream of log events.\n- *Distribution* The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to `Random` for a more even distribution. This property is only applicable when the destination is an Kinesis Data Streams data stream.\n\n*Field index policy*\n\nA field index filter policy can include the following attribute in a JSON block:\n\n- *Fields* The array of field indexes to create.\n\nThe following is an example of an index policy document that creates two indexes, `RequestId` and `TransactionId` .\n\n`\"policyDocument\": \"{ \\\"Fields\\\": [ \\\"RequestId\\\", \\\"TransactionId\\\" ] }\"`\n\n*Transformer policy*\n\nA transformer policy must include one JSON block with the array of processors and their configurations. For more information about available processors, see [Processors that you can use](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors) .", + "title": "PolicyDocument", "type": "string" }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" + "PolicyName": { + "markdownDescription": "A name for the policy. This must be unique within the account.", + "title": "PolicyName", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the Site-to-Site VPN attachment.", - "title": "Tags", - "type": "array" + "PolicyType": { + "markdownDescription": "The type of policy that you're creating or updating.", + "title": "PolicyType", + "type": "string" }, - "VpnConnectionArn": { - "markdownDescription": "The ARN of the site-to-site VPN attachment.", - "title": "VpnConnectionArn", + "Scope": { + "markdownDescription": "Currently the only valid value for this parameter is `ALL` , which specifies that the policy applies to all log groups in the account. If you omit this parameter, the default of `ALL` is used. To scope down a subscription filter policy to a subset of log groups, use the `SelectionCriteria` parameter.", + "title": "Scope", + "type": "string" + }, + "SelectionCriteria": { + "markdownDescription": "Use this parameter to apply the new policy to a subset of log groups in the account.\n\nYou need to specify `SelectionCriteria` only when you specify `SUBSCRIPTION_FILTER_POLICY` , `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` for `PolicyType` .\n\nIf `PolicyType` is `SUBSCRIPTION_FILTER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupName NOT IN []`\n\nIf `PolicyType` is `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupNamePrefix`\n\nThe `SelectionCriteria` string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.\n\nUsing the `SelectionCriteria` parameter with `SUBSCRIPTION_FILTER_POLICY` is useful to help prevent infinite loops. For more information, see [Log recursion prevention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html) .", + "title": "SelectionCriteria", "type": "string" } }, "required": [ - "CoreNetworkId", - "VpnConnectionArn" + "PolicyDocument", + "PolicyName", + "PolicyType" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::SiteToSiteVpnAttachment" + "AWS::Logs::AccountPolicy" ], "type": "string" }, @@ -169239,31 +176931,7 @@ ], "type": "object" }, - "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange": { - "additionalProperties": false, - "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::TransitGatewayPeering": { + "AWS::Logs::Delivery": { "additionalProperties": false, "properties": { "Condition": { @@ -169298,34 +176966,57 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "The ID of the core network.", - "title": "CoreNetworkId", + "DeliveryDestinationArn": { + "markdownDescription": "The ARN of the delivery destination that is associated with this delivery.", + "title": "DeliveryDestinationArn", + "type": "string" + }, + "DeliverySourceName": { + "markdownDescription": "The name of the delivery source that is associated with this delivery.", + "title": "DeliverySourceName", + "type": "string" + }, + "FieldDelimiter": { + "markdownDescription": "The field delimiter that is used between record fields when the final output format of a delivery is in `Plain` , `W3C` , or `Raw` format.", + "title": "FieldDelimiter", + "type": "string" + }, + "RecordFields": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of record fields to be delivered to the destination, in order. If the delivery's log source has mandatory fields, they must be included in this list.", + "title": "RecordFields", + "type": "array" + }, + "S3EnableHiveCompatiblePath": { + "markdownDescription": "Use this parameter to cause the S3 objects that contain delivered logs to use a prefix structure that allows for integration with Apache Hive.", + "title": "S3EnableHiveCompatiblePath", + "type": "boolean" + }, + "S3SuffixPath": { + "markdownDescription": "Use this to reconfigure the S3 object prefix to contain either static or variable sections. The valid variables to use in the suffix path will vary by each log source. To find the values supported for the suffix path for each log source, use the [DescribeConfigurationTemplates](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeConfigurationTemplates.html) operation and check the `allowedSuffixPathFields` field in the response.", + "title": "S3SuffixPath", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value tags associated with the peering.", + "markdownDescription": "An array of key-value pairs to apply to the delivery.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "TransitGatewayArn": { - "markdownDescription": "The ARN of the transit gateway.", - "title": "TransitGatewayArn", - "type": "string" } }, "required": [ - "CoreNetworkId", - "TransitGatewayArn" + "DeliveryDestinationArn", + "DeliverySourceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::TransitGatewayPeering" + "AWS::Logs::Delivery" ], "type": "string" }, @@ -169344,7 +177035,7 @@ ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRegistration": { + "AWS::Logs::DeliveryDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -169379,26 +177070,43 @@ "Properties": { "additionalProperties": false, "properties": { - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "DeliveryDestinationPolicy": { + "$ref": "#/definitions/AWS::Logs::DeliveryDestination.DestinationPolicy", + "markdownDescription": "An IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. For examples of this policy, see [Examples](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html#API_PutDeliveryDestinationPolicy_Examples) in the CloudWatch Logs API Reference.", + "title": "DeliveryDestinationPolicy" + }, + "DestinationResourceArn": { + "markdownDescription": "The ARN of the AWS destination that this delivery destination represents. That AWS destination can be a log group in CloudWatch Logs , an Amazon S3 bucket, or a Firehose stream.", + "title": "DestinationResourceArn", "type": "string" }, - "TransitGatewayArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the transit gateway.", - "title": "TransitGatewayArn", + "Name": { + "markdownDescription": "The name of this delivery destination.", + "title": "Name", + "type": "string" + }, + "OutputFormat": { + "markdownDescription": "The format of the logs that are sent to this delivery destination.", + "title": "OutputFormat", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the delivery destination.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "GlobalNetworkId", - "TransitGatewayArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::TransitGatewayRegistration" + "AWS::Logs::DeliveryDestination" ], "type": "string" }, @@ -169417,7 +177125,23 @@ ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRouteTableAttachment": { + "AWS::Logs::DeliveryDestination.DestinationPolicy": { + "additionalProperties": false, + "properties": { + "DeliveryDestinationName": { + "markdownDescription": "", + "title": "DeliveryDestinationName", + "type": "string" + }, + "DeliveryDestinationPolicy": { + "markdownDescription": "", + "title": "DeliveryDestinationPolicy", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Logs::DeliverySource": { "additionalProperties": false, "properties": { "Condition": { @@ -169452,39 +177176,38 @@ "Properties": { "additionalProperties": false, "properties": { - "PeeringId": { - "markdownDescription": "The ID of the transit gateway peering.", - "title": "PeeringId", + "LogType": { + "markdownDescription": "The type of log that the source is sending. For valid values for this parameter, see the documentation for the source service.", + "title": "LogType", "type": "string" }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange", - "markdownDescription": "This property is read-only. Values can't be assigned to it.", - "title": "ProposedSegmentChange" + "Name": { + "markdownDescription": "The unique name of the delivery source.", + "title": "Name", + "type": "string" + }, + "ResourceArn": { + "markdownDescription": "The ARN of the AWS resource that is generating and sending logs. For example, `arn:aws:workmail:us-east-1:123456789012:organization/m-1234EXAMPLEabcd1234abcd1234abcd1234`", + "title": "ResourceArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value pairs associated with the transit gateway route table attachment.", + "markdownDescription": "An array of key-value pairs to apply to the delivery source.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "TransitGatewayRouteTableArn": { - "markdownDescription": "The ARN of the transit gateway attachment route table. For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` .", - "title": "TransitGatewayRouteTableArn", - "type": "string" } }, "required": [ - "PeeringId", - "TransitGatewayRouteTableArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::TransitGatewayRouteTableAttachment" + "AWS::Logs::DeliverySource" ], "type": "string" }, @@ -169503,31 +177226,7 @@ ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { - "additionalProperties": false, - "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::VpcAttachment": { + "AWS::Logs::Destination": { "additionalProperties": false, "properties": { "Condition": { @@ -169562,53 +177261,37 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "The core network ID.", - "title": "CoreNetworkId", + "DestinationName": { + "markdownDescription": "The name of the destination.", + "title": "DestinationName", "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.VpcOptions", - "markdownDescription": "Options for creating the VPC attachment.", - "title": "Options" - }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" - }, - "SubnetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnet ARNs.", - "title": "SubnetArns", - "type": "array" + "DestinationPolicy": { + "markdownDescription": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination.", + "title": "DestinationPolicy", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the VPC attachment.", - "title": "Tags", - "type": "array" + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource.", + "title": "RoleArn", + "type": "string" }, - "VpcArn": { - "markdownDescription": "The ARN of the VPC attachment.", - "title": "VpcArn", + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the physical target where the log events are delivered (for example, a Kinesis stream).", + "title": "TargetArn", "type": "string" } }, "required": [ - "CoreNetworkId", - "SubnetArns", - "VpcArn" + "DestinationName", + "RoleArn", + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::VpcAttachment" + "AWS::Logs::Destination" ], "type": "string" }, @@ -169627,47 +177310,7 @@ ], "type": "object" }, - "AWS::NetworkManager::VpcAttachment.ProposedSegmentChange": { - "additionalProperties": false, - "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::VpcAttachment.VpcOptions": { - "additionalProperties": false, - "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is `false` .", - "title": "ApplianceModeSupport", - "type": "boolean" - }, - "Ipv6Support": { - "markdownDescription": "Indicates whether IPv6 is supported.", - "title": "Ipv6Support", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile": { + "AWS::Logs::Integration": { "additionalProperties": false, "properties": { "Condition": { @@ -169702,59 +177345,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "type": "string" - }, - "Ec2SubnetIds": { - "items": { - "type": "string" - }, - "type": "array" - }, - "LaunchProfileProtocolVersions": { - "items": { - "type": "string" - }, - "type": "array" - }, - "Name": { + "IntegrationName": { + "markdownDescription": "The name of this integration.", + "title": "IntegrationName", "type": "string" }, - "StreamConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfiguration" - }, - "StudioComponentIds": { - "items": { - "type": "string" - }, - "type": "array" - }, - "StudioId": { + "IntegrationType": { + "markdownDescription": "The type of integration. Integrations with OpenSearch Service have the type `OPENSEARCH` .", + "title": "IntegrationType", "type": "string" }, - "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "type": "object" + "ResourceConfig": { + "$ref": "#/definitions/AWS::Logs::Integration.ResourceConfig", + "markdownDescription": "This structure contains configuration details about an integration between CloudWatch Logs and another entity.", + "title": "ResourceConfig" } }, "required": [ - "Ec2SubnetIds", - "LaunchProfileProtocolVersions", - "Name", - "StreamConfiguration", - "StudioComponentIds", - "StudioId" + "IntegrationName", + "IntegrationType", + "ResourceConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::LaunchProfile" + "AWS::Logs::Integration" ], "type": "string" }, @@ -169773,111 +177389,56 @@ ], "type": "object" }, - "AWS::NimbleStudio::LaunchProfile.StreamConfiguration": { + "AWS::Logs::Integration.OpenSearchResourceConfig": { "additionalProperties": false, "properties": { - "AutomaticTerminationMode": { + "ApplicationARN": { + "markdownDescription": "If you want to use an existing OpenSearch Service application for your integration with OpenSearch Service, specify it here. If you omit this, a new application will be created.", + "title": "ApplicationARN", "type": "string" }, - "ClipboardMode": { - "type": "string" - }, - "Ec2InstanceTypes": { + "DashboardViewerPrincipals": { "items": { "type": "string" }, + "markdownDescription": "Specify the ARNs of IAM roles and IAM users who you want to grant permission to for viewing the dashboards.\n\n> In addition to specifying these users here, you must also grant them the *CloudWatchOpenSearchDashboardAccess* IAM policy. For more information, see [IAM policies for users](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/OpenSearch-Dashboards-UserRoles.html) .", + "title": "DashboardViewerPrincipals", "type": "array" }, - "MaxSessionLengthInMinutes": { - "type": "number" - }, - "MaxStoppedSessionLengthInMinutes": { - "type": "number" - }, - "SessionBackup": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionBackup" - }, - "SessionPersistenceMode": { + "DataSourceRoleArn": { + "markdownDescription": "Specify the ARN of an IAM role that CloudWatch Logs will use to create the integration. This role must have the permissions necessary to access the OpenSearch Service collection to be able to create the dashboards. For more information about the permissions needed, see [Permissions that the integration needs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/OpenSearch-Dashboards-CreateRole.html) in the CloudWatch Logs User Guide.", + "title": "DataSourceRoleArn", "type": "string" }, - "SessionStorage": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage" - }, - "StreamingImageIds": { - "items": { - "type": "string" - }, - "type": "array" - }, - "VolumeConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.VolumeConfiguration" - } - }, - "required": [ - "ClipboardMode", - "Ec2InstanceTypes", - "StreamingImageIds" - ], - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionBackup": { - "additionalProperties": false, - "properties": { - "MaxBackupsToRetain": { - "type": "number" - }, - "Mode": { + "KmsKeyArn": { + "markdownDescription": "To have the vended dashboard data encrypted with AWS KMS instead of the CloudWatch Logs default encryption method, specify the ARN of the AWS KMS key that you want to use.", + "title": "KmsKeyArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage": { - "additionalProperties": false, - "properties": { - "Mode": { - "items": { - "type": "string" - }, - "type": "array" }, - "Root": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamingSessionStorageRoot" + "RetentionDays": { + "markdownDescription": "Specify how many days that you want the data derived by OpenSearch Service to be retained in the index that the dashboard refers to. This also sets the maximum time period that you can choose when viewing data in the dashboard. Choosing a longer time frame will incur additional costs.", + "title": "RetentionDays", + "type": "number" } }, "required": [ - "Mode" + "DashboardViewerPrincipals", + "DataSourceRoleArn" ], "type": "object" }, - "AWS::NimbleStudio::LaunchProfile.StreamingSessionStorageRoot": { - "additionalProperties": false, - "properties": { - "Linux": { - "type": "string" - }, - "Windows": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.VolumeConfiguration": { + "AWS::Logs::Integration.ResourceConfig": { "additionalProperties": false, "properties": { - "Iops": { - "type": "number" - }, - "Size": { - "type": "number" - }, - "Throughput": { - "type": "number" + "OpenSearchResourceConfig": { + "$ref": "#/definitions/AWS::Logs::Integration.OpenSearchResourceConfig", + "markdownDescription": "This structure contains configuration details about an integration between CloudWatch Logs and OpenSearch Service.", + "title": "OpenSearchResourceConfig" } }, "type": "object" }, - "AWS::NimbleStudio::StreamingImage": { + "AWS::Logs::LogAnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -169912,38 +177473,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { + "AccountId": { + "markdownDescription": "The ID of the account to create the anomaly detector in.", + "title": "AccountId", + "type": "string" + }, + "AnomalyVisibilityTime": { + "markdownDescription": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly.", + "title": "AnomalyVisibilityTime", + "type": "number" + }, + "DetectorName": { + "markdownDescription": "A name for this anomaly detector.", + "title": "DetectorName", "type": "string" }, - "Ec2ImageId": { + "EvaluationFrequency": { + "markdownDescription": "Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for `EvaluationFrequency` .", + "title": "EvaluationFrequency", "type": "string" }, - "Name": { + "FilterPattern": { + "markdownDescription": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", "type": "string" }, - "StudioId": { + "KmsKeyId": { + "markdownDescription": "Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds.\n\nFor more information about using a AWS KMS key and to see the required IAM policy, see [Use a AWS KMS key with an anomaly detector](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/LogsAnomalyDetection-KMS.html) .", + "title": "KmsKeyId", "type": "string" }, - "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "LogGroupArnList": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "The ARN of the log group that is associated with this anomaly detector. You can specify only one log group ARN.", + "title": "LogGroupArnList", + "type": "array" } }, - "required": [ - "Ec2ImageId", - "Name", - "StudioId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::StreamingImage" + "AWS::Logs::LogAnomalyDetector" ], "type": "string" }, @@ -169957,27 +177530,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::NimbleStudio::StreamingImage.StreamingImageEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "type": "string" - }, - "KeyType": { - "type": "string" - } - }, - "required": [ - "KeyType" + "Type" ], "type": "object" }, - "AWS::NimbleStudio::Studio": { + "AWS::Logs::LogGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -170012,42 +177569,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AdminRoleArn": { - "type": "string" + "DataProtectionPolicy": { + "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n\nFor more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html) .", + "title": "DataProtectionPolicy", + "type": "object" }, - "DisplayName": { + "FieldIndexPolicies": { + "items": { + "type": "object" + }, + "markdownDescription": "Creates or updates a *field index policy* for the specified log group. Only log groups in the Standard log class support field index policies. For more information about log classes, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html) .\n\nYou can use field index policies to create *field indexes* on fields found in log events in the log group. Creating field indexes lowers the costs for CloudWatch Logs Insights queries that reference those field indexes, because these queries attempt to skip the processing of log events that are known to not match the indexed field. Good fields to index are fields that you often need to query for and fields that have high cardinality of values Common examples of indexes include request ID, session ID, userID, and instance IDs. For more information, see [Create field indexes to improve query performance and reduce costs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html) .\n\nCurrently, this array supports only one field index policy object.", + "title": "FieldIndexPolicies", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use when encrypting log data.\n\nTo associate an AWS KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs . This enables CloudWatch Logs to decrypt this data whenever it is requested.\n\nIf you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an `InvalidParameterException` error.\n\nLog group data is always encrypted in CloudWatch Logs . If you omit this key, the encryption does not use AWS KMS . For more information, see [Encrypt log data in CloudWatch Logs using AWS Key Management Service](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)", + "title": "KmsKeyId", "type": "string" }, - "StudioEncryptionConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::Studio.StudioEncryptionConfiguration" + "LogGroupClass": { + "markdownDescription": "Specifies the log group class for this log group. There are two classes:\n\n- The `Standard` log class supports all CloudWatch Logs features.\n- The `Infrequent Access` log class supports a subset of CloudWatch Logs features and incurs lower costs.\n\nFor details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)", + "title": "LogGroupClass", + "type": "string" }, - "StudioName": { + "LogGroupName": { + "markdownDescription": "The name of the log group. If you don't specify a name, AWS CloudFormation generates a unique ID for the log group.", + "title": "LogGroupName", "type": "string" }, + "RetentionInDays": { + "markdownDescription": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n\nTo set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html) .", + "title": "RetentionInDays", + "type": "number" + }, "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, - "type": "object" - }, - "UserRoleArn": { - "type": "string" + "markdownDescription": "An array of key-value pairs to apply to the log group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "AdminRoleArn", - "DisplayName", - "StudioName", - "UserRoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::Studio" + "AWS::Logs::LogGroup" ], "type": "string" }, @@ -170061,27 +177629,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::NimbleStudio::Studio.StudioEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "type": "string" - }, - "KeyType": { - "type": "string" - } - }, - "required": [ - "KeyType" + "Type" ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent": { + "AWS::Logs::LogStream": { "additionalProperties": false, "properties": { "Condition": { @@ -170116,62 +177668,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.StudioComponentConfiguration" - }, - "Description": { - "type": "string" - }, - "Ec2SecurityGroupIds": { - "items": { - "type": "string" - }, - "type": "array" - }, - "InitializationScripts": { - "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.StudioComponentInitializationScript" - }, - "type": "array" - }, - "Name": { - "type": "string" - }, - "ScriptParameters": { - "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ScriptParameterKeyValue" - }, - "type": "array" - }, - "StudioId": { - "type": "string" - }, - "Subtype": { + "LogGroupName": { + "markdownDescription": "The name of the log group where the log stream is created.", + "title": "LogGroupName", "type": "string" }, - "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "type": "object" - }, - "Type": { + "LogStreamName": { + "markdownDescription": "The name of the log stream. The name must be unique within the log group.", + "title": "LogStreamName", "type": "string" } }, "required": [ - "Name", - "StudioId", - "Type" + "LogGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::StudioComponent" + "AWS::Logs::LogStream" ], "type": "string" }, @@ -170190,127 +177705,7 @@ ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent.ActiveDirectoryComputerAttribute": { - "additionalProperties": false, - "properties": { - "Name": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.ActiveDirectoryConfiguration": { - "additionalProperties": false, - "properties": { - "ComputerAttributes": { - "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ActiveDirectoryComputerAttribute" - }, - "type": "array" - }, - "DirectoryId": { - "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.ComputeFarmConfiguration": { - "additionalProperties": false, - "properties": { - "ActiveDirectoryUser": { - "type": "string" - }, - "Endpoint": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.LicenseServiceConfiguration": { - "additionalProperties": false, - "properties": { - "Endpoint": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.ScriptParameterKeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.SharedFileSystemConfiguration": { - "additionalProperties": false, - "properties": { - "Endpoint": { - "type": "string" - }, - "FileSystemId": { - "type": "string" - }, - "LinuxMountPoint": { - "type": "string" - }, - "ShareName": { - "type": "string" - }, - "WindowsMountDrive": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.StudioComponentConfiguration": { - "additionalProperties": false, - "properties": { - "ActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ActiveDirectoryConfiguration" - }, - "ComputeFarmConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ComputeFarmConfiguration" - }, - "LicenseServiceConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.LicenseServiceConfiguration" - }, - "SharedFileSystemConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.SharedFileSystemConfiguration" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent.StudioComponentInitializationScript": { - "additionalProperties": false, - "properties": { - "LaunchProfileProtocolVersion": { - "type": "string" - }, - "Platform": { - "type": "string" - }, - "RunContext": { - "type": "string" - }, - "Script": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::OSIS::Pipeline": { + "AWS::Logs::MetricFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -170345,66 +177740,45 @@ "Properties": { "additionalProperties": false, "properties": { - "BufferOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.BufferOptions", - "markdownDescription": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) .", - "title": "BufferOptions" - }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.EncryptionAtRestOptions", - "markdownDescription": "Options to control how OpenSearch encrypts buffer data.", - "title": "EncryptionAtRestOptions" - }, - "LogPublishingOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.LogPublishingOptions", - "markdownDescription": "Key-value pairs that represent log publishing settings.", - "title": "LogPublishingOptions" - }, - "MaxUnits": { - "markdownDescription": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).", - "title": "MaxUnits", - "type": "number" + "ApplyOnTransformedLogs": { + "markdownDescription": "This parameter is valid only for log groups that have an active log transformer. For more information about log transformers, see [PutTransformer](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html) .\n\nIf this value is `true` , the metric filter is applied on the transformed version of the log events instead of the original ingested log events.", + "title": "ApplyOnTransformedLogs", + "type": "boolean" }, - "MinUnits": { - "markdownDescription": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).", - "title": "MinUnits", - "type": "number" + "FilterName": { + "markdownDescription": "The name of the metric filter.", + "title": "FilterName", + "type": "string" }, - "PipelineConfigurationBody": { - "markdownDescription": "The Data Prepper pipeline configuration in YAML format.", - "title": "PipelineConfigurationBody", + "FilterPattern": { + "markdownDescription": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", "type": "string" }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", + "LogGroupName": { + "markdownDescription": "The name of an existing log group that you want to associate with this metric filter.", + "title": "LogGroupName", "type": "string" }, - "Tags": { + "MetricTransformations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Logs::MetricFilter.MetricTransformation" }, - "markdownDescription": "List of tags to add to the pipeline upon creation.", - "title": "Tags", + "markdownDescription": "The metric transformations.", + "title": "MetricTransformations", "type": "array" - }, - "VpcOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", - "markdownDescription": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint.", - "title": "VpcOptions" } }, "required": [ - "MaxUnits", - "MinUnits", - "PipelineConfigurationBody", - "PipelineName" + "FilterPattern", + "LogGroupName", + "MetricTransformations" ], "type": "object" }, "Type": { "enum": [ - "AWS::OSIS::Pipeline" + "AWS::Logs::MetricFilter" ], "type": "string" }, @@ -170423,111 +177797,71 @@ ], "type": "object" }, - "AWS::OSIS::Pipeline.BufferOptions": { - "additionalProperties": false, - "properties": { - "PersistentBufferEnabled": { - "markdownDescription": "Whether persistent buffering should be enabled.", - "title": "PersistentBufferEnabled", - "type": "boolean" - } - }, - "required": [ - "PersistentBufferEnabled" - ], - "type": "object" - }, - "AWS::OSIS::Pipeline.CloudWatchLogDestination": { + "AWS::Logs::MetricFilter.Dimension": { "additionalProperties": false, "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs group to send pipeline logs to. You can specify an existing log group or create a new one. For example, `/aws/vendedlogs/OpenSearchService/pipelines` .", - "title": "LogGroup", + "Key": { + "markdownDescription": "The name for the CloudWatch metric dimension that the metric filter creates.\n\nDimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:).", + "title": "Key", "type": "string" - } - }, - "required": [ - "LogGroup" - ], - "type": "object" - }, - "AWS::OSIS::Pipeline.EncryptionAtRestOptions": { - "additionalProperties": false, - "properties": { - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key used to encrypt buffer data. By default, data is encrypted using an AWS owned key.", - "title": "KmsKeyArn", + }, + "Value": { + "markdownDescription": "The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, `$.eventType` for JSON log events, or `$server` for space-delimited log events.", + "title": "Value", "type": "string" } }, "required": [ - "KmsKeyArn" + "Key", + "Value" ], "type": "object" }, - "AWS::OSIS::Pipeline.LogPublishingOptions": { + "AWS::Logs::MetricFilter.MetricTransformation": { "additionalProperties": false, "properties": { - "CloudWatchLogDestination": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.CloudWatchLogDestination", - "markdownDescription": "The destination for OpenSearch Ingestion logs sent to Amazon CloudWatch Logs. This parameter is required if `IsLoggingEnabled` is set to `true` .", - "title": "CloudWatchLogDestination" + "DefaultValue": { + "markdownDescription": "(Optional) The value to emit when a filter pattern does not match a log event. This value can be null.", + "title": "DefaultValue", + "type": "number" }, - "IsLoggingEnabled": { - "markdownDescription": "Whether logs should be published.", - "title": "IsLoggingEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OSIS::Pipeline.VpcEndpoint": { - "additionalProperties": false, - "properties": { - "VpcEndpointId": { - "markdownDescription": "The unique identifier of the endpoint.", - "title": "VpcEndpointId", + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::Logs::MetricFilter.Dimension" + }, + "markdownDescription": "The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.\n\n> Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as `IPAddress` or `requestID` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric.\n> \n> CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.\n> \n> You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated AWS Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html) .", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric.", + "title": "MetricName", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID for your VPC. AWS PrivateLink generates this value when you create a VPC.", - "title": "VpcId", + "MetricNamespace": { + "markdownDescription": "A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", + "title": "MetricNamespace", "type": "string" }, - "VpcOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", - "markdownDescription": "Information about the VPC, including associated subnets and security groups.", - "title": "VpcOptions" - } - }, - "type": "object" - }, - "AWS::OSIS::Pipeline.VpcOptions": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups associated with the VPC endpoint.", - "title": "SecurityGroupIds", - "type": "array" + "MetricValue": { + "markdownDescription": "The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like `Error` , specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as `$.size` .", + "title": "MetricValue", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs associated with the VPC endpoint.", - "title": "SubnetIds", - "type": "array" + "Unit": { + "markdownDescription": "The unit to assign to the metric. If you omit this, the unit is set as `None` .", + "title": "Unit", + "type": "string" } }, "required": [ - "SubnetIds" + "MetricName", + "MetricNamespace", + "MetricValue" ], "type": "object" }, - "AWS::Oam::Link": { + "AWS::Logs::QueryDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -170562,50 +177896,39 @@ "Properties": { "additionalProperties": false, "properties": { - "LabelTemplate": { - "markdownDescription": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`\n\n> In the and Regions, the only supported option is to use custom labels, and the `$AccountName` , `$AccountEmail` , and `$AccountEmailNoDomain` variables all resolve as *account-id* instead of the specified variable.", - "title": "LabelTemplate", - "type": "string" - }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkConfiguration", - "markdownDescription": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account.", - "title": "LinkConfiguration" - }, - "ResourceTypes": { + "LogGroupNames": { "items": { "type": "string" }, - "markdownDescription": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` .", - "title": "ResourceTypes", + "markdownDescription": "Use this parameter if you want the query to query only certain log groups.", + "title": "LogGroupNames", "type": "array" }, - "SinkIdentifier": { - "markdownDescription": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks.", - "title": "SinkIdentifier", + "Name": { + "markdownDescription": "A name for the query definition.\n\n> You can use the name to create a folder structure for your queries. To create a folder, use a forward slash (/) to prefix your desired query name with your desired folder name. For example, `*folder-name* / *query-name*` .", + "title": "Name", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to the link.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "QueryLanguage": { + "markdownDescription": "The query language used for this query. For more information about the query languages that CloudWatch Logs supports, see [Supported query languages](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData_Languages.html) .", + "title": "QueryLanguage", + "type": "string" + }, + "QueryString": { + "markdownDescription": "The query string to use for this query definition. For more information, see [CloudWatch Logs Insights Query Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html) .", + "title": "QueryString", + "type": "string" } }, "required": [ - "ResourceTypes", - "SinkIdentifier" + "Name", + "QueryString" ], "type": "object" }, "Type": { "enum": [ - "AWS::Oam::Link" + "AWS::Logs::QueryDefinition" ], "type": "string" }, @@ -170624,37 +177947,7 @@ ], "type": "object" }, - "AWS::Oam::Link.LinkConfiguration": { - "additionalProperties": false, - "properties": { - "LogGroupConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", - "markdownDescription": "Use this structure to filter which log groups are to share log events from this source account to the monitoring account.", - "title": "LogGroupConfiguration" - }, - "MetricConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", - "markdownDescription": "Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account.", - "title": "MetricConfiguration" - } - }, - "type": "object" - }, - "AWS::Oam::Link.LinkFilter": { - "additionalProperties": false, - "properties": { - "Filter": { - "markdownDescription": "When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account\n\nWhen used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.\n\nUse single quotation marks (') around log group names and metric namespaces.\n\nThe matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .\n\n- `=` and `!=`\n- `AND`\n- `OR`\n- `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.\n- `IN` and `NOT IN` , using parentheses `( )`\n\nExamples:\n\n- `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.\n- `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.\n- `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.\n- `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .\n- `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .\n- `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .\n\n> If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account.", - "title": "Filter", - "type": "string" - } - }, - "required": [ - "Filter" - ], - "type": "object" - }, - "AWS::Oam::Sink": { + "AWS::Logs::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -170689,36 +177982,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A name for the sink.", - "title": "Name", + "PolicyDocument": { + "markdownDescription": "The details of the policy. It must be formatted in JSON, and you must use backslashes to escape characters that need to be escaped in JSON strings, such as double quote marks.", + "title": "PolicyDocument", "type": "string" }, - "Policy": { - "markdownDescription": "The IAM policy that grants permissions to source accounts to link to this sink. The policy can grant permission in the following ways:\n\n- Include organization IDs or organization paths to permit all accounts in an organization\n- Include account IDs to permit the specified accounts", - "title": "Policy", - "type": "object" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to the sink.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "PolicyName": { + "markdownDescription": "The name of the resource policy.", + "title": "PolicyName", + "type": "string" } }, "required": [ - "Name" + "PolicyDocument", + "PolicyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Oam::Sink" + "AWS::Logs::ResourcePolicy" ], "type": "string" }, @@ -170737,7 +178020,7 @@ ], "type": "object" }, - "AWS::Omics::AnnotationStore": { + "AWS::Logs::SubscriptionFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -170772,57 +178055,52 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", - "type": "string" + "ApplyOnTransformedLogs": { + "markdownDescription": "This parameter is valid only for log groups that have an active log transformer. For more information about log transformers, see [PutTransformer](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html) .\n\nIf this value is `true` , the subscription filter is applied on the transformed version of the log events instead of the original ingested log events.", + "title": "ApplyOnTransformedLogs", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the Annotation Store.", - "title": "Name", + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination.", + "title": "DestinationArn", "type": "string" }, - "Reference": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.ReferenceItem", - "markdownDescription": "The genome reference for the store's annotations.", - "title": "Reference" + "Distribution": { + "markdownDescription": "The method used to distribute log data to the destination, which can be either random or grouped by log stream.", + "title": "Distribution", + "type": "string" }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.SseConfig", - "markdownDescription": "The store's server-side encryption (SSE) settings.", - "title": "SseConfig" + "FilterName": { + "markdownDescription": "The name of the subscription filter.", + "title": "FilterName", + "type": "string" }, - "StoreFormat": { - "markdownDescription": "The annotation file format of the store.", - "title": "StoreFormat", + "FilterPattern": { + "markdownDescription": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", "type": "string" }, - "StoreOptions": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.StoreOptions", - "markdownDescription": "File parsing options for the annotation store.", - "title": "StoreOptions" + "LogGroupName": { + "markdownDescription": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", + "title": "LogGroupName", + "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "Name", - "StoreFormat" + "DestinationArn", + "FilterPattern", + "LogGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::AnnotationStore" + "AWS::Logs::SubscriptionFilter" ], "type": "string" }, @@ -170841,81 +178119,7 @@ ], "type": "object" }, - "AWS::Omics::AnnotationStore.ReferenceItem": { - "additionalProperties": false, - "properties": { - "ReferenceArn": { - "markdownDescription": "The reference's ARN.", - "title": "ReferenceArn", - "type": "string" - } - }, - "required": [ - "ReferenceArn" - ], - "type": "object" - }, - "AWS::Omics::AnnotationStore.SseConfig": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Omics::AnnotationStore.StoreOptions": { - "additionalProperties": false, - "properties": { - "TsvStoreOptions": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.TsvStoreOptions", - "markdownDescription": "Formatting options for a TSV file.", - "title": "TsvStoreOptions" - } - }, - "required": [ - "TsvStoreOptions" - ], - "type": "object" - }, - "AWS::Omics::AnnotationStore.TsvStoreOptions": { - "additionalProperties": false, - "properties": { - "AnnotationType": { - "markdownDescription": "The store's annotation type.", - "title": "AnnotationType", - "type": "string" - }, - "FormatToHeader": { - "additionalProperties": true, - "markdownDescription": "The store's header key to column name mapping.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "FormatToHeader", - "type": "object" - }, - "Schema": { - "markdownDescription": "The schema of an annotation store.", - "title": "Schema", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Omics::ReferenceStore": { + "AWS::Logs::Transformer": { "additionalProperties": false, "properties": { "Condition": { @@ -170950,41 +178154,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", + "LogGroupIdentifier": { + "markdownDescription": "Specify either the name or ARN of the log group to create the transformer for.", + "title": "LogGroupIdentifier", "type": "string" }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::ReferenceStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "TransformerConfig": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.Processor" }, - "title": "Tags", - "type": "object" + "markdownDescription": "This structure is an array that contains the configuration of this log transformer. A log transformer is an array of processors, where each processor applies one type of transformation to the log events that are ingested.", + "title": "TransformerConfig", + "type": "array" } }, "required": [ - "Name" + "LogGroupIdentifier", + "TransformerConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::ReferenceStore" + "AWS::Logs::Transformer" ], "type": "string" }, @@ -171003,120 +178195,755 @@ ], "type": "object" }, - "AWS::Omics::ReferenceStore.SseConfig": { + "AWS::Logs::Transformer.AddKeyEntry": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", + "Key": { + "markdownDescription": "The key of the new entry to be added to the log event", + "title": "Key", "type": "string" }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the key already exists in the log event. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" + }, + "Value": { + "markdownDescription": "The value of the new entry to be added to the log event", + "title": "Value", "type": "string" } }, "required": [ - "Type" + "Key", + "Value" ], "type": "object" }, - "AWS::Omics::RunGroup": { + "AWS::Logs::Transformer.AddKeys": { "additionalProperties": false, "properties": { - "Condition": { + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.AddKeyEntry" + }, + "markdownDescription": "An array of objects, where each object contains the information about one key to add to the log event.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.CopyValue": { + "additionalProperties": false, + "properties": { + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.CopyValueEntry" + }, + "markdownDescription": "An array of `CopyValueEntry` objects, where each object contains the information about one field value to copy.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.CopyValueEntry": { + "additionalProperties": false, + "properties": { + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" + }, + "Source": { + "markdownDescription": "The key to copy.", + "title": "Source", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Target": { + "markdownDescription": "The key of the field to copy the value to.", + "title": "Target", "type": "string" + } + }, + "required": [ + "Source", + "Target" + ], + "type": "object" + }, + "AWS::Logs::Transformer.Csv": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of names to use for the columns in the transformed log event.\n\nIf you omit this, default column names ( `[column_1, column_2 ...]` ) are used.", + "title": "Columns", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Delimiter": { + "markdownDescription": "The character used to separate each column in the original comma-separated value log event. If you omit this, the processor looks for the comma `,` character as the delimiter.", + "title": "Delimiter", + "type": "string" }, - "Metadata": { - "type": "object" + "QuoteCharacter": { + "markdownDescription": "The character used used as a text qualifier for a single column of data. If you omit this, the double quotation mark `\"` character is used.", + "title": "QuoteCharacter", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MaxCpus": { - "markdownDescription": "The group's maximum CPU count setting.", - "title": "MaxCpus", - "type": "number" - }, - "MaxDuration": { - "markdownDescription": "The group's maximum duration setting in minutes.", - "title": "MaxDuration", - "type": "number" - }, - "MaxGpus": { - "markdownDescription": "The maximum GPUs that can be used by a run group.", - "title": "MaxGpus", - "type": "number" - }, - "MaxRuns": { - "markdownDescription": "The group's maximum concurrent run setting.", - "title": "MaxRuns", - "type": "number" - }, - "Name": { - "markdownDescription": "The group's name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "Source": { + "markdownDescription": "The path to the field in the log event that has the comma separated values to be parsed. If you omit this value, the whole log message is processed.", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.DateTimeConverter": { + "additionalProperties": false, + "properties": { + "Locale": { + "markdownDescription": "The locale of the source field. If you omit this, the default of `locale.ROOT` is used.", + "title": "Locale", + "type": "string" + }, + "MatchPatterns": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "A list of patterns to match against the `source` field.", + "title": "MatchPatterns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Omics::RunGroup" - ], + "Source": { + "markdownDescription": "The key to apply the date conversion to.", + "title": "Source", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceTimezone": { + "markdownDescription": "The time zone of the source field. If you omit this, the default used is the UTC zone.", + "title": "SourceTimezone", + "type": "string" + }, + "Target": { + "markdownDescription": "The JSON field to store the result in.", + "title": "Target", + "type": "string" + }, + "TargetFormat": { + "markdownDescription": "The datetime format to use for the converted data in the target field.\n\nIf you omit this, the default of `yyyy-MM-dd'T'HH:mm:ss.SSS'Z` is used.", + "title": "TargetFormat", + "type": "string" + }, + "TargetTimezone": { + "markdownDescription": "The time zone of the target field. If you omit this, the default used is the UTC zone.", + "title": "TargetTimezone", + "type": "string" + } + }, + "required": [ + "MatchPatterns", + "Source", + "Target" + ], + "type": "object" + }, + "AWS::Logs::Transformer.DeleteKeys": { + "additionalProperties": false, + "properties": { + "WithKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of keys to delete.", + "title": "WithKeys", + "type": "array" + } + }, + "required": [ + "WithKeys" + ], + "type": "object" + }, + "AWS::Logs::Transformer.Grok": { + "additionalProperties": false, + "properties": { + "Match": { + "markdownDescription": "The grok pattern to match against the log event. For a list of supported grok patterns, see [Supported grok patterns](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#Grok-Patterns) .", + "title": "Match", + "type": "string" + }, + "Source": { + "markdownDescription": "The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.", + "title": "Source", + "type": "string" + } + }, + "required": [ + "Match" + ], + "type": "object" + }, + "AWS::Logs::Transformer.ListToMap": { + "additionalProperties": false, + "properties": { + "Flatten": { + "markdownDescription": "A Boolean value to indicate whether the list will be flattened into single items. Specify `true` to flatten the list. The default is `false`", + "title": "Flatten", + "type": "boolean" + }, + "FlattenedElement": { + "markdownDescription": "If you set `flatten` to `true` , use `flattenedElement` to specify which element, `first` or `last` , to keep.\n\nYou must specify this parameter if `flatten` is `true`", + "title": "FlattenedElement", + "type": "string" + }, + "Key": { + "markdownDescription": "The key of the field to be extracted as keys in the generated map", + "title": "Key", + "type": "string" + }, + "Source": { + "markdownDescription": "The key in the log event that has a list of objects that will be converted to a map.", + "title": "Source", + "type": "string" + }, + "Target": { + "markdownDescription": "The key of the field that will hold the generated map", + "title": "Target", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "If this is specified, the values that you specify in this parameter will be extracted from the `source` objects and put into the values of the generated map. Otherwise, original objects in the source list will be put into the values of the generated map.", + "title": "ValueKey", + "type": "string" + } + }, + "required": [ + "Key", + "Source" + ], + "type": "object" + }, + "AWS::Logs::Transformer.LowerCaseString": { + "additionalProperties": false, + "properties": { + "WithKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The array caontaining the keys of the fields to convert to lowercase.", + "title": "WithKeys", + "type": "array" + } + }, + "required": [ + "WithKeys" + ], + "type": "object" + }, + "AWS::Logs::Transformer.MoveKeyEntry": { + "additionalProperties": false, + "properties": { + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" + }, + "Source": { + "markdownDescription": "The key to move.", + "title": "Source", + "type": "string" + }, + "Target": { + "markdownDescription": "The key to move to.", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Source", + "Target" + ], + "type": "object" + }, + "AWS::Logs::Transformer.MoveKeys": { + "additionalProperties": false, + "properties": { + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.MoveKeyEntry" + }, + "markdownDescription": "An array of objects, where each object contains the information about one key to move.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.ParseCloudfront": { + "additionalProperties": false, + "properties": { + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseJSON": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The location to put the parsed key value pair into. If you omit this parameter, it is placed under the root node.", + "title": "Destination", + "type": "string" + }, + "Source": { + "markdownDescription": "Path to the field in the log event that will be parsed. Use dot notation to access child fields. For example, `store.book`", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseKeyValue": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The destination field to put the extracted key-value pairs into", + "title": "Destination", + "type": "string" + }, + "FieldDelimiter": { + "markdownDescription": "The field delimiter string that is used between key-value pairs in the original log events. If you omit this, the ampersand `&` character is used.", + "title": "FieldDelimiter", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "If you want to add a prefix to all transformed keys, specify it here.", + "title": "KeyPrefix", + "type": "string" + }, + "KeyValueDelimiter": { + "markdownDescription": "The delimiter string to use between the key and value in each pair in the transformed log event.\n\nIf you omit this, the equal `=` character is used.", + "title": "KeyValueDelimiter", + "type": "string" + }, + "NonMatchValue": { + "markdownDescription": "A value to insert into the value field in the result, when a key-value pair is not successfully split.", + "title": "NonMatchValue", + "type": "string" + }, + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" + }, + "Source": { + "markdownDescription": "Path to the field in the log event that will be parsed. Use dot notation to access child fields. For example, `store.book`", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParsePostgres": { + "additionalProperties": false, + "properties": { + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseRoute53": { + "additionalProperties": false, + "properties": { + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseToOCSF": { + "additionalProperties": false, + "properties": { + "EventSource": { + "markdownDescription": "Specify the service or process that produces the log events that will be converted with this processor.", + "title": "EventSource", + "type": "string" + }, + "OcsfVersion": { + "markdownDescription": "Specify which version of the OCSF schema to use for the transformed log events.", + "title": "OcsfVersion", + "type": "string" + }, + "Source": { + "markdownDescription": "The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.", + "title": "Source", + "type": "string" + } + }, + "required": [ + "EventSource", + "OcsfVersion" + ], + "type": "object" + }, + "AWS::Logs::Transformer.ParseVPC": { + "additionalProperties": false, + "properties": { + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseWAF": { + "additionalProperties": false, + "properties": { + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.Processor": { + "additionalProperties": false, + "properties": { + "AddKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.AddKeys", + "markdownDescription": "Use this parameter to include the [addKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-addKeys) processor in your transformer.", + "title": "AddKeys" + }, + "CopyValue": { + "$ref": "#/definitions/AWS::Logs::Transformer.CopyValue", + "markdownDescription": "Use this parameter to include the [copyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-copyValue) processor in your transformer.", + "title": "CopyValue" + }, + "Csv": { + "$ref": "#/definitions/AWS::Logs::Transformer.Csv", + "markdownDescription": "Use this parameter to include the [CSV](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-CSV) processor in your transformer.", + "title": "Csv" + }, + "DateTimeConverter": { + "$ref": "#/definitions/AWS::Logs::Transformer.DateTimeConverter", + "markdownDescription": "Use this parameter to include the [datetimeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-datetimeConverter) processor in your transformer.", + "title": "DateTimeConverter" + }, + "DeleteKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.DeleteKeys", + "markdownDescription": "Use this parameter to include the [deleteKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-deleteKeys) processor in your transformer.", + "title": "DeleteKeys" + }, + "Grok": { + "$ref": "#/definitions/AWS::Logs::Transformer.Grok", + "markdownDescription": "Use this parameter to include the [grok](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-grok) processor in your transformer.", + "title": "Grok" + }, + "ListToMap": { + "$ref": "#/definitions/AWS::Logs::Transformer.ListToMap", + "markdownDescription": "Use this parameter to include the [listToMap](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-listToMap) processor in your transformer.", + "title": "ListToMap" + }, + "LowerCaseString": { + "$ref": "#/definitions/AWS::Logs::Transformer.LowerCaseString", + "markdownDescription": "Use this parameter to include the [lowerCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-lowerCaseString) processor in your transformer.", + "title": "LowerCaseString" + }, + "MoveKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.MoveKeys", + "markdownDescription": "Use this parameter to include the [moveKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-moveKeys) processor in your transformer.", + "title": "MoveKeys" + }, + "ParseCloudfront": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseCloudfront", + "markdownDescription": "Use this parameter to include the [parseCloudfront](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseCloudfront) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseCloudfront" + }, + "ParseJSON": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseJSON", + "markdownDescription": "Use this parameter to include the [parseJSON](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseJSON) processor in your transformer.", + "title": "ParseJSON" + }, + "ParseKeyValue": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseKeyValue", + "markdownDescription": "Use this parameter to include the [parseKeyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseKeyValue) processor in your transformer.", + "title": "ParseKeyValue" + }, + "ParsePostgres": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParsePostgres", + "markdownDescription": "Use this parameter to include the [parsePostGres](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parsePostGres) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParsePostgres" + }, + "ParseRoute53": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseRoute53", + "markdownDescription": "Use this parameter to include the [parseRoute53](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseRoute53) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseRoute53" + }, + "ParseToOCSF": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseToOCSF", + "markdownDescription": "Use this parameter to convert logs into Open Cybersecurity Schema (OCSF) format.", + "title": "ParseToOCSF" + }, + "ParseVPC": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseVPC", + "markdownDescription": "Use this parameter to include the [parseVPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseVPC) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseVPC" + }, + "ParseWAF": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseWAF", + "markdownDescription": "Use this parameter to include the [parseWAF](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseWAF) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseWAF" + }, + "RenameKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.RenameKeys", + "markdownDescription": "Use this parameter to include the [renameKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-renameKeys) processor in your transformer.", + "title": "RenameKeys" + }, + "SplitString": { + "$ref": "#/definitions/AWS::Logs::Transformer.SplitString", + "markdownDescription": "Use this parameter to include the [splitString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-splitString) processor in your transformer.", + "title": "SplitString" + }, + "SubstituteString": { + "$ref": "#/definitions/AWS::Logs::Transformer.SubstituteString", + "markdownDescription": "Use this parameter to include the [substituteString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-substituteString) processor in your transformer.", + "title": "SubstituteString" + }, + "TrimString": { + "$ref": "#/definitions/AWS::Logs::Transformer.TrimString", + "markdownDescription": "Use this parameter to include the [trimString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-trimString) processor in your transformer.", + "title": "TrimString" + }, + "TypeConverter": { + "$ref": "#/definitions/AWS::Logs::Transformer.TypeConverter", + "markdownDescription": "Use this parameter to include the [typeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-typeConverter) processor in your transformer.", + "title": "TypeConverter" + }, + "UpperCaseString": { + "$ref": "#/definitions/AWS::Logs::Transformer.UpperCaseString", + "markdownDescription": "Use this parameter to include the [upperCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-upperCaseString) processor in your transformer.", + "title": "UpperCaseString" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.RenameKeyEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key to rename", + "title": "Key", + "type": "string" + }, + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the existing value if the destination key already exists. The default is `false`", + "title": "OverwriteIfExists", + "type": "boolean" + }, + "RenameTo": { + "markdownDescription": "The string to use for the new key name", + "title": "RenameTo", + "type": "string" + } + }, + "required": [ + "Key", + "RenameTo" + ], + "type": "object" + }, + "AWS::Logs::Transformer.RenameKeys": { + "additionalProperties": false, + "properties": { + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.RenameKeyEntry" + }, + "markdownDescription": "An array of `RenameKeyEntry` objects, where each object contains the information about a single key to rename.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.SplitString": { + "additionalProperties": false, + "properties": { + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.SplitStringEntry" + }, + "markdownDescription": "An array of `SplitStringEntry` objects, where each object contains the information about one field to split.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.SplitStringEntry": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The separator characters to split the string entry on.", + "title": "Delimiter", + "type": "string" + }, + "Source": { + "markdownDescription": "The key of the field to split.", + "title": "Source", + "type": "string" + } + }, + "required": [ + "Delimiter", + "Source" + ], + "type": "object" + }, + "AWS::Logs::Transformer.SubstituteString": { + "additionalProperties": false, + "properties": { + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.SubstituteStringEntry" + }, + "markdownDescription": "An array of objects, where each object contains the information about one key to match and replace.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.SubstituteStringEntry": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The regular expression string to be replaced. Special regex characters such as [ and ] must be escaped using \\\\ when using double quotes and with \\ when using single quotes. For more information, see [Class Pattern](https://docs.aws.amazon.com/https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/util/regex/Pattern.html) on the Oracle web site.", + "title": "From", + "type": "string" + }, + "Source": { + "markdownDescription": "The key to modify", + "title": "Source", + "type": "string" + }, + "To": { + "markdownDescription": "The string to be substituted for each match of `from`", + "title": "To", + "type": "string" + } + }, + "required": [ + "From", + "Source", + "To" + ], + "type": "object" + }, + "AWS::Logs::Transformer.TrimString": { + "additionalProperties": false, + "properties": { + "WithKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The array containing the keys of the fields to trim.", + "title": "WithKeys", + "type": "array" + } + }, + "required": [ + "WithKeys" + ], + "type": "object" + }, + "AWS::Logs::Transformer.TypeConverter": { + "additionalProperties": false, + "properties": { + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.TypeConverterEntry" + }, + "markdownDescription": "An array of `TypeConverterEntry` objects, where each object contains the information about one field to change the type of.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.TypeConverterEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key with the value that is to be converted to a different type.", + "title": "Key", + "type": "string" + }, + "Type": { + "markdownDescription": "The type to convert the field value to. Valid values are `integer` , `double` , `string` and `boolean` .", + "title": "Type", "type": "string" } }, "required": [ + "Key", "Type" ], "type": "object" }, - "AWS::Omics::SequenceStore": { + "AWS::Logs::Transformer.UpperCaseString": { + "additionalProperties": false, + "properties": { + "WithKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of containing the keys of the field to convert to uppercase.", + "title": "WithKeys", + "type": "array" + } + }, + "required": [ + "WithKeys" + ], + "type": "object" + }, + "AWS::LookoutEquipment::InferenceScheduler": { "additionalProperties": false, "properties": { "Condition": { @@ -171151,46 +178978,67 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", + "DataDelayOffsetInMinutes": { + "markdownDescription": "A period of time (in minutes) by which inference on the data is delayed after the data starts. For instance, if an offset delay time of five minutes was selected, inference will not begin on the data until the first data measurement after the five minute mark. For example, if five minutes is selected, the inference scheduler will wake up at the configured frequency with the additional five minute delay time to check the customer S3 bucket. The customer can upload data at the same frequency and they don't need to stop and restart the scheduler when uploading new data.", + "title": "DataDelayOffsetInMinutes", + "type": "number" + }, + "DataInputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration", + "markdownDescription": "Specifies configuration information for the input data for the inference scheduler, including delimiter, format, and dataset location.", + "title": "DataInputConfiguration" + }, + "DataOutputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration", + "markdownDescription": "Specifies configuration information for the output results for the inference scheduler, including the Amazon S3 location for the output.", + "title": "DataOutputConfiguration" + }, + "DataUploadFrequency": { + "markdownDescription": "How often data is uploaded to the source S3 bucket for the input data. This value is the length of time between data uploads. For instance, if you select 5 minutes, Amazon Lookout for Equipment will upload the real-time data to the source bucket once every 5 minutes. This frequency also determines how often Amazon Lookout for Equipment starts a scheduled inference on your data. In this example, it starts once every 5 minutes.", + "title": "DataUploadFrequency", "type": "string" }, - "FallbackLocation": { - "markdownDescription": "An S3 location that is used to store files that have failed a direct upload.", - "title": "FallbackLocation", + "InferenceSchedulerName": { + "markdownDescription": "The name of the inference scheduler.", + "title": "InferenceSchedulerName", "type": "string" }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", + "ModelName": { + "markdownDescription": "The name of the machine learning model used for the inference scheduler.", + "title": "ModelName", "type": "string" }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::SequenceStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source being used for the inference.", + "title": "RoleArn", + "type": "string" + }, + "ServerSideKmsKeyId": { + "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt inference scheduler data by Amazon Lookout for Equipment .", + "title": "ServerSideKmsKeyId", + "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Any tags associated with the inference scheduler.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "DataInputConfiguration", + "DataOutputConfiguration", + "DataUploadFrequency", + "ModelName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::SequenceStore" + "AWS::LookoutEquipment::InferenceScheduler" ], "type": "string" }, @@ -171209,26 +179057,104 @@ ], "type": "object" }, - "AWS::Omics::SequenceStore.SseConfig": { + "AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", + "InferenceInputNameConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration", + "markdownDescription": "", + "title": "InferenceInputNameConfiguration" + }, + "InputTimeZoneOffset": { + "markdownDescription": "", + "title": "InputTimeZoneOffset", "type": "string" }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", + "S3InputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration", + "markdownDescription": "", + "title": "S3InputConfiguration" + } + }, + "required": [ + "S3InputConfiguration" + ], + "type": "object" + }, + "AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "", + "title": "KmsKeyId", "type": "string" + }, + "S3OutputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration", + "markdownDescription": "", + "title": "S3OutputConfiguration" } }, "required": [ - "Type" + "S3OutputConfiguration" ], "type": "object" }, - "AWS::Omics::VariantStore": { + "AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration": { + "additionalProperties": false, + "properties": { + "ComponentTimestampDelimiter": { + "markdownDescription": "", + "title": "ComponentTimestampDelimiter", + "type": "string" + }, + "TimestampFormat": { + "markdownDescription": "", + "title": "TimestampFormat", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "", + "title": "Bucket", + "type": "string" + }, + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "", + "title": "Bucket", + "type": "string" + }, + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::LookoutMetrics::Alert": { "additionalProperties": false, "properties": { "Condition": { @@ -171263,47 +179189,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.Action", + "markdownDescription": "Action that will be triggered when there is an alert.", + "title": "Action" }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", + "AlertDescription": { + "markdownDescription": "A description of the alert.", + "title": "AlertDescription", "type": "string" }, - "Reference": { - "$ref": "#/definitions/AWS::Omics::VariantStore.ReferenceItem", - "markdownDescription": "The genome reference for the store's variants.", - "title": "Reference" + "AlertName": { + "markdownDescription": "The name of the alert.", + "title": "AlertName", + "type": "string" }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::VariantStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" + "AlertSensitivityThreshold": { + "markdownDescription": "An integer from 0 to 100 specifying the alert sensitivity threshold.", + "title": "AlertSensitivityThreshold", + "type": "number" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "AnomalyDetectorArn": { + "markdownDescription": "The ARN of the detector to which the alert is attached.", + "title": "AnomalyDetectorArn", + "type": "string" } }, "required": [ - "Name", - "Reference" + "Action", + "AlertSensitivityThreshold", + "AnomalyDetectorArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::VariantStore" + "AWS::LookoutMetrics::Alert" ], "type": "string" }, @@ -171322,40 +179243,63 @@ ], "type": "object" }, - "AWS::Omics::VariantStore.ReferenceItem": { + "AWS::LookoutMetrics::Alert.Action": { "additionalProperties": false, "properties": { - "ReferenceArn": { - "markdownDescription": "The reference's ARN.", - "title": "ReferenceArn", + "LambdaConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.LambdaConfiguration", + "markdownDescription": "A configuration for an AWS Lambda channel.", + "title": "LambdaConfiguration" + }, + "SNSConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.SNSConfiguration", + "markdownDescription": "A configuration for an Amazon SNS channel.", + "title": "SNSConfiguration" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::Alert.LambdaConfiguration": { + "additionalProperties": false, + "properties": { + "LambdaArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "LambdaArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that has permission to invoke the Lambda function.", + "title": "RoleArn", "type": "string" } }, "required": [ - "ReferenceArn" + "LambdaArn", + "RoleArn" ], "type": "object" }, - "AWS::Omics::VariantStore.SseConfig": { + "AWS::LookoutMetrics::Alert.SNSConfiguration": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that has access to the target SNS topic.", + "title": "RoleArn", "type": "string" }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", + "SnsTopicArn": { + "markdownDescription": "The ARN of the target SNS topic.", + "title": "SnsTopicArn", "type": "string" } }, "required": [ - "Type" + "RoleArn", + "SnsTopicArn" ], "type": "object" }, - "AWS::Omics::Workflow": { + "AWS::LookoutMetrics::AnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -171390,69 +179334,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Accelerators": { - "markdownDescription": "", - "title": "Accelerators", - "type": "string" - }, - "DefinitionUri": { - "markdownDescription": "The URI of a definition for the workflow.", - "title": "DefinitionUri", - "type": "string" - }, - "Description": { - "markdownDescription": "The parameter's description.", - "title": "Description", - "type": "string" + "AnomalyDetectorConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig", + "markdownDescription": "Contains information about the configuration of the anomaly detector.", + "title": "AnomalyDetectorConfig" }, - "Engine": { - "markdownDescription": "An engine for the workflow.", - "title": "Engine", + "AnomalyDetectorDescription": { + "markdownDescription": "A description of the detector.", + "title": "AnomalyDetectorDescription", "type": "string" }, - "Main": { - "markdownDescription": "The path of the main definition file for the workflow.", - "title": "Main", + "AnomalyDetectorName": { + "markdownDescription": "The name of the detector.", + "title": "AnomalyDetectorName", "type": "string" }, - "Name": { - "markdownDescription": "The workflow's name.", - "title": "Name", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key to use to encrypt your data.", + "title": "KmsKeyArn", "type": "string" }, - "ParameterTemplate": { - "additionalProperties": false, - "markdownDescription": "The workflow's parameter template.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Omics::Workflow.WorkflowParameter" - } - }, - "title": "ParameterTemplate", - "type": "object" - }, - "StorageCapacity": { - "markdownDescription": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version.", - "title": "StorageCapacity", - "type": "number" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the workflow.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "MetricSetList": { + "items": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSet" }, - "title": "Tags", - "type": "object" + "markdownDescription": "The detector's dataset.", + "title": "MetricSetList", + "type": "array" } }, + "required": [ + "AnomalyDetectorConfig", + "MetricSetList" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::Workflow" + "AWS::LookoutMetrics::AnomalyDetector" ], "type": "string" }, @@ -171466,27 +179385,439 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Omics::Workflow.WorkflowParameter": { + "AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The parameter's description.", - "title": "Description", + "AnomalyDetectorFrequency": { + "markdownDescription": "The frequency at which the detector analyzes its source data.", + "title": "AnomalyDetectorFrequency", + "type": "string" + } + }, + "required": [ + "AnomalyDetectorFrequency" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig": { + "additionalProperties": false, + "properties": { + "FlowName": { + "markdownDescription": "name of the flow.", + "title": "FlowName", "type": "string" }, - "Optional": { - "markdownDescription": "Whether the parameter is optional.", - "title": "Optional", + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access the flow.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "FlowName", + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access data in Amazon CloudWatch.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor": { + "additionalProperties": false, + "properties": { + "Charset": { + "markdownDescription": "The character set in which the source CSV file is written.", + "title": "Charset", + "type": "string" + }, + "ContainsHeader": { + "markdownDescription": "Whether or not the source CSV file contains a header.", + "title": "ContainsHeader", "type": "boolean" + }, + "Delimiter": { + "markdownDescription": "The character used to delimit the source CSV file.", + "title": "Delimiter", + "type": "string" + }, + "FileCompression": { + "markdownDescription": "The level of compression of the source CSV file.", + "title": "FileCompression", + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the source CSV file's headers, if any.", + "title": "HeaderList", + "type": "array" + }, + "QuoteSymbol": { + "markdownDescription": "The character used as a quote character.", + "title": "QuoteSymbol", + "type": "string" } }, "type": "object" }, - "AWS::OpenSearchServerless::AccessPolicy": { + "AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor": { + "additionalProperties": false, + "properties": { + "CsvFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor", + "markdownDescription": "Contains information about how a source CSV data file should be analyzed.", + "title": "CsvFormatDescriptor" + }, + "JsonFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor", + "markdownDescription": "Contains information about how a source JSON data file should be analyzed.", + "title": "JsonFormatDescriptor" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor": { + "additionalProperties": false, + "properties": { + "Charset": { + "markdownDescription": "The character set in which the source JSON file is written.", + "title": "Charset", + "type": "string" + }, + "FileCompression": { + "markdownDescription": "The level of compression of the source CSV file.", + "title": "FileCompression", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.Metric": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The function with which the metric is calculated.", + "title": "AggregationFunction", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace for the metric.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "AggregationFunction", + "MetricName" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.MetricSet": { + "additionalProperties": false, + "properties": { + "DimensionList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the fields you want to treat as dimensions.", + "title": "DimensionList", + "type": "array" + }, + "MetricList": { + "items": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.Metric" + }, + "markdownDescription": "A list of metrics that the dataset will contain.", + "title": "MetricList", + "type": "array" + }, + "MetricSetDescription": { + "markdownDescription": "A description of the dataset you are creating.", + "title": "MetricSetDescription", + "type": "string" + }, + "MetricSetFrequency": { + "markdownDescription": "The frequency with which the source data will be analyzed for anomalies.", + "title": "MetricSetFrequency", + "type": "string" + }, + "MetricSetName": { + "markdownDescription": "The name of the dataset.", + "title": "MetricSetName", + "type": "string" + }, + "MetricSource": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSource", + "markdownDescription": "Contains information about how the source data should be interpreted.", + "title": "MetricSource" + }, + "Offset": { + "markdownDescription": "After an interval ends, the amount of seconds that the detector waits before importing data. Offset is only supported for S3, Redshift, Athena and datasources.", + "title": "Offset", + "type": "number" + }, + "TimestampColumn": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.TimestampColumn", + "markdownDescription": "Contains information about the column used for tracking time in your source data.", + "title": "TimestampColumn" + }, + "Timezone": { + "markdownDescription": "The time zone in which your source data was recorded.", + "title": "Timezone", + "type": "string" + } + }, + "required": [ + "MetricList", + "MetricSetName", + "MetricSource" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.MetricSource": { + "additionalProperties": false, + "properties": { + "AppFlowConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig", + "markdownDescription": "Details about an AppFlow datasource.", + "title": "AppFlowConfig" + }, + "CloudwatchConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig", + "markdownDescription": "Details about an Amazon CloudWatch monitoring datasource.", + "title": "CloudwatchConfig" + }, + "RDSSourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig", + "markdownDescription": "Details about an Amazon Relational Database Service (RDS) datasource.", + "title": "RDSSourceConfig" + }, + "RedshiftSourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig", + "markdownDescription": "Details about an Amazon Redshift database datasource.", + "title": "RedshiftSourceConfig" + }, + "S3SourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig", + "markdownDescription": "Contains information about the configuration of the S3 bucket that contains source files.", + "title": "S3SourceConfig" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig": { + "additionalProperties": false, + "properties": { + "DBInstanceIdentifier": { + "markdownDescription": "A string identifying the database instance.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DatabaseHost": { + "markdownDescription": "The host name of the database.", + "title": "DatabaseHost", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the RDS database.", + "title": "DatabaseName", + "type": "string" + }, + "DatabasePort": { + "markdownDescription": "The port number where the database can be accessed.", + "title": "DatabasePort", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role.", + "title": "RoleArn", + "type": "string" + }, + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", + "title": "SecretManagerArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the table in the database.", + "title": "TableName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", + "markdownDescription": "An object containing information about the Amazon Virtual Private Cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "required": [ + "DBInstanceIdentifier", + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "RoleArn", + "SecretManagerArn", + "TableName", + "VpcConfiguration" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig": { + "additionalProperties": false, + "properties": { + "ClusterIdentifier": { + "markdownDescription": "A string identifying the Redshift cluster.", + "title": "ClusterIdentifier", + "type": "string" + }, + "DatabaseHost": { + "markdownDescription": "The name of the database host.", + "title": "DatabaseHost", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The Redshift database name.", + "title": "DatabaseName", + "type": "string" + }, + "DatabasePort": { + "markdownDescription": "The port number where the database can be accessed.", + "title": "DatabasePort", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role providing access to the database.", + "title": "RoleArn", + "type": "string" + }, + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", + "title": "SecretManagerArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table name of the Redshift database.", + "title": "TableName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", + "markdownDescription": "Contains information about the Amazon Virtual Private Cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "required": [ + "ClusterIdentifier", + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "RoleArn", + "SecretManagerArn", + "TableName", + "VpcConfiguration" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig": { + "additionalProperties": false, + "properties": { + "FileFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor", + "markdownDescription": "Contains information about a source file's formatting.", + "title": "FileFormatDescriptor" + }, + "HistoricalDataPathList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of paths to the historical data files.", + "title": "HistoricalDataPathList", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that has read and write access permissions to the source S3 bucket.", + "title": "RoleArn", + "type": "string" + }, + "TemplatedPathList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of templated paths to the source files.", + "title": "TemplatedPathList", + "type": "array" + } + }, + "required": [ + "FileFormatDescriptor", + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.TimestampColumn": { + "additionalProperties": false, + "properties": { + "ColumnFormat": { + "markdownDescription": "The format of the timestamp column.", + "title": "ColumnFormat", + "type": "string" + }, + "ColumnName": { + "markdownDescription": "The name of the timestamp column.", + "title": "ColumnName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings containing the list of security groups.", + "title": "SecurityGroupIdList", + "type": "array" + }, + "SubnetIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings containing the Amazon VPC subnet IDs (e.g., `subnet-0bb1c79de3EXAMPLE` .", + "title": "SubnetIdList", + "type": "array" + } + }, + "required": [ + "SecurityGroupIdList", + "SubnetIdList" + ], + "type": "object" + }, + "AWS::LookoutVision::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -171521,37 +179852,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the policy.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the policy.", - "title": "Name", - "type": "string" - }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of access policy. Currently the only option is `data` .", - "title": "Type", + "ProjectName": { + "markdownDescription": "The name of the project.", + "title": "ProjectName", "type": "string" } }, "required": [ - "Name", - "Policy", - "Type" + "ProjectName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::AccessPolicy" + "AWS::LookoutVision::Project" ], "type": "string" }, @@ -171570,7 +179884,7 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::Collection": { + "AWS::M2::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -171605,43 +179919,57 @@ "Properties": { "additionalProperties": false, "properties": { + "Definition": { + "$ref": "#/definitions/AWS::M2::Application.Definition", + "markdownDescription": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) .", + "title": "Definition" + }, "Description": { - "markdownDescription": "A description of the collection.", + "markdownDescription": "The description of the application.", "title": "Description", "type": "string" }, + "EngineType": { + "markdownDescription": "The type of the target platform for this application.", + "title": "EngineType", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of a customer managed key.", + "title": "KmsKeyId", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the collection.\n\nCollection names must meet the following criteria:\n\n- Starts with a lowercase letter\n- Unique to your account and AWS Region\n- Contains between 3 and 28 characters\n- Contains only lowercase letters a-z, the numbers 0-9, and the hyphen (-)", + "markdownDescription": "The name of the application.", "title": "Name", "type": "string" }, - "StandbyReplicas": { - "markdownDescription": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value.", - "title": "StandbyReplicas", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role associated with the application.", + "title": "RoleArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the collection.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", - "title": "Type", - "type": "string" + "type": "object" } }, "required": [ + "EngineType", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::Collection" + "AWS::M2::Application" ], "type": "string" }, @@ -171660,7 +179988,23 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::LifecyclePolicy": { + "AWS::M2::Application.Definition": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content of the application definition. This is a JSON object that contains the resource configuration/definitions that identify an application.", + "title": "Content", + "type": "string" + }, + "S3Location": { + "markdownDescription": "The S3 bucket that contains the application definition.", + "title": "S3Location", + "type": "string" + } + }, + "type": "object" + }, + "AWS::M2::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -171695,37 +180039,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the lifecycle policy.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the lifecycle policy.", - "title": "Name", + "ApplicationId": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationId", "type": "string" }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", - "type": "string" + "ApplicationVersion": { + "markdownDescription": "The version of the application.", + "title": "ApplicationVersion", + "type": "number" }, - "Type": { - "markdownDescription": "The type of lifecycle policy.", - "title": "Type", + "EnvironmentId": { + "markdownDescription": "The unique identifier of the runtime environment.", + "title": "EnvironmentId", "type": "string" } }, "required": [ - "Name", - "Policy", - "Type" + "ApplicationId", + "ApplicationVersion", + "EnvironmentId" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::LifecyclePolicy" + "AWS::M2::Deployment" ], "type": "string" }, @@ -171744,7 +180083,7 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityConfig": { + "AWS::M2::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -171780,31 +180119,101 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the security configuration.", + "markdownDescription": "The description of the runtime environment.", "title": "Description", "type": "string" }, + "EngineType": { + "markdownDescription": "The target platform for the runtime environment.", + "title": "EngineType", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version of the runtime engine.", + "title": "EngineVersion", + "type": "string" + }, + "HighAvailabilityConfig": { + "$ref": "#/definitions/AWS::M2::Environment.HighAvailabilityConfig", + "markdownDescription": "Defines the details of a high availability configuration.", + "title": "HighAvailabilityConfig" + }, + "InstanceType": { + "markdownDescription": "The instance type of the runtime environment.", + "title": "InstanceType", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of a customer managed key.", + "title": "KmsKeyId", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the security configuration.", + "markdownDescription": "The name of the runtime environment.", "title": "Name", "type": "string" }, - "SamlOptions": { - "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions", - "markdownDescription": "SAML options for the security configuration in the form of a key-value map.", - "title": "SamlOptions" + "NetworkType": { + "markdownDescription": "The network type supported by the runtime environment.", + "title": "NetworkType", + "type": "string" }, - "Type": { - "markdownDescription": "The type of security configuration. Currently the only option is `saml` .", - "title": "Type", + "PreferredMaintenanceWindow": { + "markdownDescription": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. The following two examples are valid maintenance windows: `sun:23:45-mon:00:15` or `sat:01:00-sat:03:00` .\n\nIf you do not provide a value, a random system-generated value will be assigned.", + "title": "PreferredMaintenanceWindow", "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the runtime environment is publicly accessible.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security groups for the VPC associated with this runtime environment.", + "title": "SecurityGroupIds", + "type": "array" + }, + "StorageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::M2::Environment.StorageConfiguration" + }, + "markdownDescription": "Defines the storage configuration for a runtime environment.", + "title": "StorageConfigurations", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets associated with the VPC for this runtime environment.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, + "required": [ + "EngineType", + "InstanceType", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::SecurityConfig" + "AWS::M2::Environment" ], "type": "string" }, @@ -171818,40 +180227,82 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions": { + "AWS::M2::Environment.EfsStorageConfiguration": { "additionalProperties": false, "properties": { - "GroupAttribute": { - "markdownDescription": "The group attribute for this SAML integration.", - "title": "GroupAttribute", + "FileSystemId": { + "markdownDescription": "The file system identifier.", + "title": "FileSystemId", "type": "string" }, - "Metadata": { - "markdownDescription": "The XML IdP metadata file generated from your identity provider.", - "title": "Metadata", + "MountPoint": { + "markdownDescription": "The mount point for the file system.", + "title": "MountPoint", + "type": "string" + } + }, + "required": [ + "FileSystemId", + "MountPoint" + ], + "type": "object" + }, + "AWS::M2::Environment.FsxStorageConfiguration": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The file system identifier.", + "title": "FileSystemId", "type": "string" }, - "SessionTimeout": { - "markdownDescription": "The session timeout, in minutes. Default is 60 minutes (12 hours).", - "title": "SessionTimeout", - "type": "number" - }, - "UserAttribute": { - "markdownDescription": "A user attribute for this SAML integration.", - "title": "UserAttribute", + "MountPoint": { + "markdownDescription": "The mount point for the file system.", + "title": "MountPoint", "type": "string" } }, "required": [ - "Metadata" + "FileSystemId", + "MountPoint" ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityPolicy": { + "AWS::M2::Environment.HighAvailabilityConfig": { + "additionalProperties": false, + "properties": { + "DesiredCapacity": { + "markdownDescription": "The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100.", + "title": "DesiredCapacity", + "type": "number" + } + }, + "required": [ + "DesiredCapacity" + ], + "type": "object" + }, + "AWS::M2::Environment.StorageConfiguration": { + "additionalProperties": false, + "properties": { + "Efs": { + "$ref": "#/definitions/AWS::M2::Environment.EfsStorageConfiguration", + "markdownDescription": "Defines the storage configuration for an Amazon EFS file system.", + "title": "Efs" + }, + "Fsx": { + "$ref": "#/definitions/AWS::M2::Environment.FsxStorageConfiguration", + "markdownDescription": "Defines the storage configuration for an Amazon FSx file system.", + "title": "Fsx" + } + }, + "type": "object" + }, + "AWS::MPA::ApprovalTeam": { "additionalProperties": false, "properties": { "Condition": { @@ -171886,37 +180337,58 @@ "Properties": { "additionalProperties": false, "properties": { + "ApprovalStrategy": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.ApprovalStrategy", + "markdownDescription": "Contains details for how an approval team grants approval.", + "title": "ApprovalStrategy" + }, + "Approvers": { + "items": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.Approver" + }, + "markdownDescription": "Contains details for an approver.", + "title": "Approvers", + "type": "array" + }, "Description": { - "markdownDescription": "The description of the security policy.", + "markdownDescription": "Description for the team.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the policy.", + "markdownDescription": "Name of the team.", "title": "Name", "type": "string" }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", - "type": "string" + "Policies": { + "items": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.Policy" + }, + "markdownDescription": "Contains details for a policy. Policies define what operations a team that define the permissions for team resources.", + "title": "Policies", + "type": "array" }, - "Type": { - "markdownDescription": "The type of security policy. Can be either `encryption` or `network` .", - "title": "Type", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags that you have added to the specified resource.", + "title": "Tags", + "type": "array" } }, "required": [ + "ApprovalStrategy", + "Approvers", + "Description", "Name", - "Policy", - "Type" + "Policies" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::SecurityPolicy" + "AWS::MPA::ApprovalTeam" ], "type": "string" }, @@ -171935,7 +180407,84 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::VpcEndpoint": { + "AWS::MPA::ApprovalTeam.ApprovalStrategy": { + "additionalProperties": false, + "properties": { + "MofN": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.MofNApprovalStrategy", + "markdownDescription": "Minimum number of approvals (M) required for a total number of approvers (N).", + "title": "MofN" + } + }, + "required": [ + "MofN" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.Approver": { + "additionalProperties": false, + "properties": { + "ApproverId": { + "markdownDescription": "ID for the approver.", + "title": "ApproverId", + "type": "string" + }, + "PrimaryIdentityId": { + "markdownDescription": "ID for the user.", + "title": "PrimaryIdentityId", + "type": "string" + }, + "PrimaryIdentitySourceArn": { + "markdownDescription": "Amazon Resource Name (ARN) for the identity source. The identity source manages the user authentication for approvers.", + "title": "PrimaryIdentitySourceArn", + "type": "string" + }, + "PrimaryIdentityStatus": { + "markdownDescription": "Status for the identity source. For example, if an approver has accepted a team invitation with a user authentication method managed by the identity source.", + "title": "PrimaryIdentityStatus", + "type": "string" + }, + "ResponseTime": { + "markdownDescription": "Timestamp when the approver responded to an approval team invitation.", + "title": "ResponseTime", + "type": "string" + } + }, + "required": [ + "PrimaryIdentityId", + "PrimaryIdentitySourceArn" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.MofNApprovalStrategy": { + "additionalProperties": false, + "properties": { + "MinApprovalsRequired": { + "markdownDescription": "Minimum number of approvals (M) required for a total number of approvers (N).", + "title": "MinApprovalsRequired", + "type": "number" + } + }, + "required": [ + "MinApprovalsRequired" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.Policy": { + "additionalProperties": false, + "properties": { + "PolicyArn": { + "markdownDescription": "", + "title": "PolicyArn", + "type": "string" + } + }, + "required": [ + "PolicyArn" + ], + "type": "object" + }, + "AWS::MPA::IdentitySource": { "additionalProperties": false, "properties": { "Condition": { @@ -171970,43 +180519,142 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the endpoint.", - "title": "Name", + "IdentitySourceParameters": { + "$ref": "#/definitions/AWS::MPA::IdentitySource.IdentitySourceParameters", + "markdownDescription": "A `IdentitySourceParameters` object. Contains details for the resource that provides identities to the identity source. For example, an IAM Identity Center instance.", + "title": "IdentitySourceParameters" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags that you have added to the specified resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "IdentitySourceParameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MPA::IdentitySource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::MPA::IdentitySource.IamIdentityCenter": { + "additionalProperties": false, + "properties": { + "ApprovalPortalUrl": { + "markdownDescription": "", + "title": "ApprovalPortalUrl", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "Amazon Resource Name (ARN) for the IAM Identity Center instance.", + "title": "InstanceArn", + "type": "string" + }, + "Region": { + "markdownDescription": "AWS Region where the IAM Identity Center instance is located.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "InstanceArn", + "Region" + ], + "type": "object" + }, + "AWS::MPA::IdentitySource.IdentitySourceParameters": { + "additionalProperties": false, + "properties": { + "IamIdentityCenter": { + "$ref": "#/definitions/AWS::MPA::IdentitySource.IamIdentityCenter", + "markdownDescription": "AWS IAM Identity Center credentials.", + "title": "IamIdentityCenter" + } + }, + "required": [ + "IamIdentityCenter" + ], + "type": "object" + }, + "AWS::MSK::BatchScramSecret": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "SecurityGroupIds": { + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", - "title": "SecurityGroupIds", "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", + "title": "ClusterArn", + "type": "string" }, - "SubnetIds": { + "SecretArnList": { "items": { "type": "string" }, - "markdownDescription": "The ID of the subnets from which you access OpenSearch Serverless.", - "title": "SubnetIds", + "markdownDescription": "List of Amazon Resource Name (ARN)s of Secrets Manager secrets.", + "title": "SecretArnList", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC from which you access OpenSearch Serverless.", - "title": "VpcId", - "type": "string" } }, "required": [ - "Name", - "SubnetIds", - "VpcId" + "ClusterArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::VpcEndpoint" + "AWS::MSK::BatchScramSecret" ], "type": "string" }, @@ -172025,7 +180673,7 @@ ], "type": "object" }, - "AWS::OpenSearchService::Domain": { + "AWS::MSK::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -172060,117 +180708,89 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "AccessPolicies", - "type": "object" - }, - "AdvancedOptions": { - "additionalProperties": true, - "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdvancedOptions", - "type": "object" + "BrokerNodeGroupInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.BrokerNodeGroupInfo", + "markdownDescription": "Information about the broker nodes in the cluster.", + "title": "BrokerNodeGroupInfo" }, - "AdvancedSecurityOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput", - "markdownDescription": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain.", - "title": "AdvancedSecurityOptions" + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::Cluster.ClientAuthentication", + "markdownDescription": "Includes all client authentication related information.", + "title": "ClientAuthentication" }, - "ClusterConfig": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ClusterConfig", - "markdownDescription": "Container for the cluster configuration of a domain.", - "title": "ClusterConfig" + "ClusterName": { + "markdownDescription": "The name of the cluster.", + "title": "ClusterName", + "type": "string" }, - "CognitoOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.CognitoOptions", - "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", - "title": "CognitoOptions" + "ConfigurationInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.ConfigurationInfo", + "markdownDescription": "Represents the configuration that you want MSK to use for the cluster.", + "title": "ConfigurationInfo" }, - "DomainEndpointOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", - "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", - "title": "DomainEndpointOptions" - }, - "DomainName": { - "markdownDescription": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DomainName", + "CurrentVersion": { + "markdownDescription": "The version of the cluster that you want to update.", + "title": "CurrentVersion", "type": "string" }, - "EBSOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.EBSOptions", - "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "EBSOptions" - }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.EncryptionAtRestOptions", - "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "EncryptionAtRestOptions" + "EncryptionInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInfo", + "markdownDescription": "Includes all encryption-related information.", + "title": "EncryptionInfo" }, - "EngineVersion": { - "markdownDescription": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "EngineVersion", + "EnhancedMonitoring": { + "markdownDescription": "Specifies the level of monitoring for the MSK cluster.", + "title": "EnhancedMonitoring", "type": "string" }, - "IPAddressType": { - "markdownDescription": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later.", - "title": "IPAddressType", + "KafkaVersion": { + "markdownDescription": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use [supported Apache Kafka versions](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) .", + "title": "KafkaVersion", "type": "string" }, - "LogPublishingOptions": { - "additionalProperties": false, - "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.LogPublishingOption" - } - }, - "title": "LogPublishingOptions", - "type": "object" - }, - "NodeToNodeEncryptionOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions", - "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", - "title": "NodeToNodeEncryptionOptions" + "LoggingInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.LoggingInfo", + "markdownDescription": "Logging info details for the cluster.", + "title": "LoggingInfo" }, - "OffPeakWindowOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindowOptions", - "markdownDescription": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.", - "title": "OffPeakWindowOptions" + "NumberOfBrokerNodes": { + "markdownDescription": "The number of broker nodes in the cluster.", + "title": "NumberOfBrokerNodes", + "type": "number" }, - "SnapshotOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SnapshotOptions", - "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes.", - "title": "SnapshotOptions" + "OpenMonitoring": { + "$ref": "#/definitions/AWS::MSK::Cluster.OpenMonitoring", + "markdownDescription": "The settings for open monitoring.", + "title": "OpenMonitoring" }, - "SoftwareUpdateOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SoftwareUpdateOptions", - "markdownDescription": "Service software update options for the domain.", - "title": "SoftwareUpdateOptions" + "StorageMode": { + "markdownDescription": "This controls storage mode for supported storage tiers.", + "title": "StorageMode", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", "title": "Tags", - "type": "array" - }, - "VPCOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.VPCOptions", - "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint.", - "title": "VPCOptions" + "type": "object" } }, + "required": [ + "BrokerNodeGroupInfo", + "ClusterName", + "KafkaVersion", + "NumberOfBrokerNodes" + ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchService::Domain" + "AWS::MSK::Cluster" ], "type": "string" }, @@ -172184,485 +180804,532 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { + "AWS::MSK::Cluster.BrokerLogs": { "additionalProperties": false, "properties": { - "AnonymousAuthDisableDate": { - "markdownDescription": "Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", - "title": "AnonymousAuthDisableDate", - "type": "string" - }, - "AnonymousAuthEnabled": { - "markdownDescription": "True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", - "title": "AnonymousAuthEnabled", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) .", - "title": "Enabled", - "type": "boolean" - }, - "InternalUserDatabaseEnabled": { - "markdownDescription": "True to enable the internal user database.", - "title": "InternalUserDatabaseEnabled", - "type": "boolean" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::MSK::Cluster.CloudWatchLogs", + "markdownDescription": "", + "title": "CloudWatchLogs" }, - "MasterUserOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.MasterUserOptions", - "markdownDescription": "Specifies information about the master user.", - "title": "MasterUserOptions" + "Firehose": { + "$ref": "#/definitions/AWS::MSK::Cluster.Firehose", + "markdownDescription": "Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.", + "title": "Firehose" }, - "SAMLOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SAMLOptions", - "markdownDescription": "Container for information about the SAML configuration for OpenSearch Dashboards.", - "title": "SAMLOptions" + "S3": { + "$ref": "#/definitions/AWS::MSK::Cluster.S3", + "markdownDescription": "Details of the Amazon S3 destination for broker logs.", + "title": "S3" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.ClusterConfig": { + "AWS::MSK::Cluster.BrokerNodeGroupInfo": { "additionalProperties": false, "properties": { - "ColdStorageOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ColdStorageOptions", - "markdownDescription": "Container for cold storage configuration options.", - "title": "ColdStorageOptions" - }, - "DedicatedMasterCount": { - "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property.", - "title": "DedicatedMasterCount", - "type": "number" - }, - "DedicatedMasterEnabled": { - "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", - "title": "DedicatedMasterEnabled", - "type": "boolean" - }, - "DedicatedMasterType": { - "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "DedicatedMasterType", + "BrokerAZDistribution": { + "markdownDescription": "This parameter is currently not in use.", + "title": "BrokerAZDistribution", "type": "string" }, - "InstanceCount": { - "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", - "title": "InstanceCount", - "type": "number" + "ClientSubnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", + "title": "ClientSubnets", + "type": "array" + }, + "ConnectivityInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.ConnectivityInfo", + "markdownDescription": "Information about the cluster's connectivity setting.", + "title": "ConnectivityInfo" }, "InstanceType": { - "markdownDescription": "The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "markdownDescription": "The type of Amazon EC2 instances to use for brokers. Depending on the [broker type](https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html) , Amazon MSK supports the following broker sizes:\n\n*Standard broker sizes*\n\n- kafka.t3.small\n\n> You can't select the kafka.t3.small instance type when the metadata mode is KRaft.\n- kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge\n- kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge\n\n*Express broker sizes*\n\n- express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge\n\n> Some broker sizes might not be available in certian AWS Regions. See the updated [Pricing tools](https://docs.aws.amazon.com/msk/pricing/) section on the Amazon MSK pricing page for the latest list of available instances by Region.", "title": "InstanceType", "type": "string" }, - "MultiAZWithStandbyEnabled": { - "markdownDescription": "Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) .", - "title": "MultiAZWithStandbyEnabled", - "type": "boolean" - }, - "WarmCount": { - "markdownDescription": "The number of warm nodes in the cluster.", - "title": "WarmCount", - "type": "number" - }, - "WarmEnabled": { - "markdownDescription": "Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) .", - "title": "WarmEnabled", - "type": "boolean" - }, - "WarmType": { - "markdownDescription": "The instance type for the cluster's warm nodes.", - "title": "WarmType", - "type": "string" - }, - "ZoneAwarenessConfig": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ZoneAwarenessConfig", - "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", - "title": "ZoneAwarenessConfig" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", + "title": "SecurityGroups", + "type": "array" }, - "ZoneAwarenessEnabled": { - "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", - "title": "ZoneAwarenessEnabled", - "type": "boolean" + "StorageInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.StorageInfo", + "markdownDescription": "Contains information about storage volumes attached to Amazon MSK broker nodes.", + "title": "StorageInfo" } }, + "required": [ + "ClientSubnets", + "InstanceType" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.CognitoOptions": { + "AWS::MSK::Cluster.ClientAuthentication": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", - "title": "Enabled", - "type": "boolean" - }, - "IdentityPoolId": { - "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "IdentityPoolId", - "type": "string" + "Sasl": { + "$ref": "#/definitions/AWS::MSK::Cluster.Sasl", + "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", + "title": "Sasl" }, - "RoleArn": { - "markdownDescription": "The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "RoleArn", - "type": "string" + "Tls": { + "$ref": "#/definitions/AWS::MSK::Cluster.Tls", + "markdownDescription": "Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` .", + "title": "Tls" }, - "UserPoolId": { - "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "UserPoolId", - "type": "string" + "Unauthenticated": { + "$ref": "#/definitions/AWS::MSK::Cluster.Unauthenticated", + "markdownDescription": "Details for ClientAuthentication using no authentication.", + "title": "Unauthenticated" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.ColdStorageOptions": { + "AWS::MSK::Cluster.CloudWatchLogs": { "additionalProperties": false, "properties": { "Enabled": { - "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage.", + "markdownDescription": "Specifies whether broker logs get sent to the specified CloudWatch Logs destination.", "title": "Enabled", "type": "boolean" + }, + "LogGroup": { + "markdownDescription": "The CloudWatch log group that is the destination for broker logs.", + "title": "LogGroup", + "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.DomainEndpointOptions": { + "AWS::MSK::Cluster.ConfigurationInfo": { "additionalProperties": false, "properties": { - "CustomEndpoint": { - "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpoint", - "type": "string" - }, - "CustomEndpointCertificateArn": { - "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpointCertificateArn", + "Arn": { + "markdownDescription": "ARN of the configuration to use.", + "title": "Arn", "type": "string" }, - "CustomEndpointEnabled": { - "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", - "title": "CustomEndpointEnabled", - "type": "boolean" - }, - "EnforceHTTPS": { - "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "EnforceHTTPS", - "type": "boolean" - }, - "TLSSecurityPolicy": { - "markdownDescription": "The minimum TLS version required for traffic to the domain. The policy can be one of the following values:\n\n- *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2\n- *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2\n- *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites", - "title": "TLSSecurityPolicy", - "type": "string" + "Revision": { + "markdownDescription": "The revision of the configuration to use.", + "title": "Revision", + "type": "number" } }, + "required": [ + "Arn", + "Revision" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.EBSOptions": { + "AWS::MSK::Cluster.ConnectivityInfo": { "additionalProperties": false, "properties": { - "EBSEnabled": { - "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", - "title": "EBSEnabled", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types.", - "title": "Iops", - "type": "number" + "PublicAccess": { + "$ref": "#/definitions/AWS::MSK::Cluster.PublicAccess", + "markdownDescription": "Access control settings for the cluster's brokers.", + "title": "PublicAccess" }, - "Throughput": { - "markdownDescription": "The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type.", - "title": "Throughput", - "type": "number" + "VpcConnectivity": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivity", + "markdownDescription": "VPC connection control settings for brokers.", + "title": "VpcConnectivity" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.EBSStorageInfo": { + "additionalProperties": false, + "properties": { + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::MSK::Cluster.ProvisionedThroughput", + "markdownDescription": "EBS volume provisioned throughput information.", + "title": "ProvisionedThroughput" }, "VolumeSize": { - "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "markdownDescription": "The size in GiB of the EBS volume for the data drive on each broker node.", "title": "VolumeSize", "type": "number" - }, - "VolumeType": { - "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", - "title": "VolumeType", + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.EncryptionAtRest": { + "additionalProperties": false, + "properties": { + "DataVolumeKMSKeyId": { + "markdownDescription": "The ARN of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.", + "title": "DataVolumeKMSKeyId", "type": "string" } }, + "required": [ + "DataVolumeKMSKeyId" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.EncryptionAtRestOptions": { + "AWS::MSK::Cluster.EncryptionInTransit": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "Enabled", + "ClientBroker": { + "markdownDescription": "Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.\n\n- `TLS` : Indicates that client-broker communication is enabled with TLS only.\n- `TLS_PLAINTEXT` : Indicates that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.\n- `PLAINTEXT` : Indicates that client-broker communication is enabled in plaintext only.\n\nThe default value is `TLS` .", + "title": "ClientBroker", + "type": "string" + }, + "InCluster": { + "markdownDescription": "When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.\n\nThe default value is true.", + "title": "InCluster", "type": "boolean" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.EncryptionInfo": { + "additionalProperties": false, + "properties": { + "EncryptionAtRest": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionAtRest", + "markdownDescription": "The data-volume encryption details.", + "title": "EncryptionAtRest" }, - "KmsKeyId": { - "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "KmsKeyId", - "type": "string" + "EncryptionInTransit": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInTransit", + "markdownDescription": "The details for encryption in transit.", + "title": "EncryptionInTransit" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.Idp": { + "AWS::MSK::Cluster.Firehose": { "additionalProperties": false, "properties": { - "EntityId": { - "markdownDescription": "The unique entity ID of the application in the SAML identity provider.", - "title": "EntityId", + "DeliveryStream": { + "markdownDescription": "The Kinesis Data Firehose delivery stream that is the destination for broker logs.", + "title": "DeliveryStream", "type": "string" }, - "MetadataContent": { - "markdownDescription": "The metadata of the SAML application, in XML format.", - "title": "MetadataContent", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "EntityId", - "MetadataContent" + "Enabled" ], "type": "object" }, - "AWS::OpenSearchService::Domain.LogPublishingOption": { + "AWS::MSK::Cluster.Iam": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing.", - "title": "CloudWatchLogsLogGroupArn", - "type": "string" - }, "Enabled": { - "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", + "markdownDescription": "SASL/IAM authentication is enabled or not.", "title": "Enabled", "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.MasterUserOptions": { + "AWS::MSK::Cluster.JmxExporter": { "additionalProperties": false, "properties": { - "MasterUserARN": { - "markdownDescription": "Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "MasterUserARN", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", - "title": "MasterUserName", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", - "title": "MasterUserPassword", - "type": "string" + "EnabledInBroker": { + "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", + "title": "EnabledInBroker", + "type": "boolean" } }, + "required": [ + "EnabledInBroker" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions": { + "AWS::MSK::Cluster.LoggingInfo": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "Enabled", + "BrokerLogs": { + "$ref": "#/definitions/AWS::MSK::Cluster.BrokerLogs", + "markdownDescription": "You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.", + "title": "BrokerLogs" + } + }, + "required": [ + "BrokerLogs" + ], + "type": "object" + }, + "AWS::MSK::Cluster.NodeExporter": { + "additionalProperties": false, + "properties": { + "EnabledInBroker": { + "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", + "title": "EnabledInBroker", "type": "boolean" } }, + "required": [ + "EnabledInBroker" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.OffPeakWindow": { + "AWS::MSK::Cluster.OpenMonitoring": { "additionalProperties": false, "properties": { - "WindowStartTime": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.WindowStartTime", - "markdownDescription": "The desired start time for an off-peak maintenance window.", - "title": "WindowStartTime" + "Prometheus": { + "$ref": "#/definitions/AWS::MSK::Cluster.Prometheus", + "markdownDescription": "Prometheus exporter settings.", + "title": "Prometheus" } }, + "required": [ + "Prometheus" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.OffPeakWindowOptions": { + "AWS::MSK::Cluster.Prometheus": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether off-peak window settings are enabled for the domain.", - "title": "Enabled", - "type": "boolean" + "JmxExporter": { + "$ref": "#/definitions/AWS::MSK::Cluster.JmxExporter", + "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", + "title": "JmxExporter" }, - "OffPeakWindow": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindow", - "markdownDescription": "Off-peak window settings for the domain.", - "title": "OffPeakWindow" + "NodeExporter": { + "$ref": "#/definitions/AWS::MSK::Cluster.NodeExporter", + "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", + "title": "NodeExporter" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.SAMLOptions": { + "AWS::MSK::Cluster.ProvisionedThroughput": { "additionalProperties": false, "properties": { "Enabled": { - "markdownDescription": "True to enable SAML authentication for a domain.", + "markdownDescription": "Provisioned throughput is on or off.", "title": "Enabled", "type": "boolean" }, - "Idp": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.Idp", - "markdownDescription": "The SAML Identity Provider's information.", - "title": "Idp" - }, - "MasterBackendRole": { - "markdownDescription": "The backend role that the SAML master user is mapped to.", - "title": "MasterBackendRole", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "The SAML master user name, which is stored in the domain's internal user database.", - "title": "MasterUserName", - "type": "string" - }, - "RolesKey": { - "markdownDescription": "Element of the SAML assertion to use for backend roles. Default is `roles` .", - "title": "RolesKey", - "type": "string" - }, - "SessionTimeoutMinutes": { - "markdownDescription": "The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.", - "title": "SessionTimeoutMinutes", + "VolumeThroughput": { + "markdownDescription": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.", + "title": "VolumeThroughput", "type": "number" - }, - "SubjectKey": { - "markdownDescription": "Element of the SAML assertion to use for the user name. Default is `NameID` .", - "title": "SubjectKey", - "type": "string" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.ServiceSoftwareOptions": { + "AWS::MSK::Cluster.PublicAccess": { "additionalProperties": false, "properties": { - "AutomatedUpdateDate": { - "markdownDescription": "The timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software.", - "title": "AutomatedUpdateDate", - "type": "string" - }, - "Cancellable": { - "markdownDescription": "True if you're able to cancel your service software version update. False if you can't cancel your service software update.", - "title": "Cancellable", - "type": "boolean" - }, - "CurrentVersion": { - "markdownDescription": "The current service software version present on the domain.", - "title": "CurrentVersion", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the service software update status.", - "title": "Description", + "Type": { + "markdownDescription": "DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.", + "title": "Type", "type": "string" - }, - "NewVersion": { - "markdownDescription": "The new service software version, if one is available.", - "title": "NewVersion", + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.S3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that is the destination for broker logs.", + "title": "Bucket", "type": "string" }, - "OptionalDeployment": { - "markdownDescription": "True if a service software is never automatically updated. False if a service software is automatically updated after the automated update date.", - "title": "OptionalDeployment", - "type": "boolean" - }, - "UpdateAvailable": { - "markdownDescription": "True if you're able to update your service software version. False if you can't update your service software version.", - "title": "UpdateAvailable", + "Enabled": { + "markdownDescription": "Specifies whether broker logs get sent to the specified Amazon S3 destination.", + "title": "Enabled", "type": "boolean" }, - "UpdateStatus": { - "markdownDescription": "The status of your service software update.", - "title": "UpdateStatus", + "Prefix": { + "markdownDescription": "The S3 prefix that is the destination for broker logs.", + "title": "Prefix", "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.SnapshotOptions": { + "AWS::MSK::Cluster.Sasl": { "additionalProperties": false, "properties": { - "AutomatedSnapshotStartHour": { - "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", - "title": "AutomatedSnapshotStartHour", - "type": "number" + "Iam": { + "$ref": "#/definitions/AWS::MSK::Cluster.Iam", + "markdownDescription": "Details for ClientAuthentication using IAM.", + "title": "Iam" + }, + "Scram": { + "$ref": "#/definitions/AWS::MSK::Cluster.Scram", + "markdownDescription": "Details for SASL/SCRAM client authentication.", + "title": "Scram" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.SoftwareUpdateOptions": { + "AWS::MSK::Cluster.Scram": { "additionalProperties": false, "properties": { - "AutoSoftwareUpdateEnabled": { - "markdownDescription": "Specifies whether automatic service software updates are enabled for the domain.", - "title": "AutoSoftwareUpdateEnabled", + "Enabled": { + "markdownDescription": "SASL/SCRAM authentication is enabled or not.", + "title": "Enabled", "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.VPCOptions": { + "AWS::MSK::Cluster.StorageInfo": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "EBSStorageInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.EBSStorageInfo", + "markdownDescription": "EBS volume information.", + "title": "EBSStorageInfo" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.Tls": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArnList": { "items": { "type": "string" }, - "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", + "markdownDescription": "List of AWS Private CA ARNs.", + "title": "CertificateAuthorityArnList", "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nIf you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error \"You must specify exactly one subnet\" during template creation.", - "title": "SubnetIds", - "type": "array" + "Enabled": { + "markdownDescription": "TLS authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.WindowStartTime": { + "AWS::MSK::Cluster.Unauthenticated": { "additionalProperties": false, "properties": { - "Hours": { - "markdownDescription": "The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23.", - "title": "Hours", - "type": "number" + "Enabled": { + "markdownDescription": "Unauthenticated is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivity": { + "additionalProperties": false, + "properties": { + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityClientAuthentication", + "markdownDescription": "VPC connection control settings for brokers.", + "title": "ClientAuthentication" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityClientAuthentication": { + "additionalProperties": false, + "properties": { + "Sasl": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivitySasl", + "markdownDescription": "Details for VpcConnectivity ClientAuthentication using SASL.", + "title": "Sasl" }, - "Minutes": { - "markdownDescription": "The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59.", - "title": "Minutes", - "type": "number" + "Tls": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityTls", + "markdownDescription": "Details for VpcConnectivity ClientAuthentication using TLS.", + "title": "Tls" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityIam": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/IAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Hours", - "Minutes" + "Enabled" ], "type": "object" }, - "AWS::OpenSearchService::Domain.ZoneAwarenessConfig": { + "AWS::MSK::Cluster.VpcConnectivitySasl": { "additionalProperties": false, "properties": { - "AvailabilityZoneCount": { - "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", - "title": "AvailabilityZoneCount", - "type": "number" + "Iam": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityIam", + "markdownDescription": "Details for ClientAuthentication using IAM for VpcConnectivity.", + "title": "Iam" + }, + "Scram": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityScram", + "markdownDescription": "Details for SASL/SCRAM client authentication for VpcConnectivity.", + "title": "Scram" } }, "type": "object" }, - "AWS::OpsWorks::App": { + "AWS::MSK::Cluster.VpcConnectivityScram": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/SCRAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityTls": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "TLS authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::ClusterPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -172697,92 +181364,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AppSource": { - "$ref": "#/definitions/AWS::OpsWorks::App.Source", - "markdownDescription": "A `Source` object that specifies the app repository.", - "title": "AppSource" - }, - "Attributes": { - "additionalProperties": true, - "markdownDescription": "One or more user-defined key/value pairs to be added to the stack attributes.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "DataSources": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::App.DataSource" - }, - "markdownDescription": "The app's data source.", - "title": "DataSources", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the app.", - "title": "Description", - "type": "string" - }, - "Domains": { - "items": { - "type": "string" - }, - "markdownDescription": "The app virtual host settings, with multiple domains separated by commas. For example: `'www.example.com, example.com'`", - "title": "Domains", - "type": "array" - }, - "EnableSsl": { - "markdownDescription": "Whether to enable SSL for the app.", - "title": "EnableSsl", - "type": "boolean" - }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::App.EnvironmentVariable" - }, - "markdownDescription": "An array of `EnvironmentVariable` objects that specify environment variables to be associated with the app. After you deploy the app, these variables are defined on the associated app server instance. For more information, see [Environment Variables](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html#workingapps-creating-environment) .\n\nThere is no specific limit on the number of environment variables. However, the size of the associated data structure - which includes the variables' names, values, and protected flag values - cannot exceed 20 KB. This limit should accommodate most if not all use cases. Exceeding it will cause an exception with the message, \"Environment: is too large (maximum is 20KB).\"\n\n> If you have specified one or more environment variables, you cannot modify the stack's Chef version.", - "title": "Environment", - "type": "array" - }, - "Name": { - "markdownDescription": "The app name.", - "title": "Name", - "type": "string" - }, - "Shortname": { - "markdownDescription": "The app's short name.", - "title": "Shortname", - "type": "string" - }, - "SslConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::App.SslConfiguration", - "markdownDescription": "An `SslConfiguration` object with the SSL configuration.", - "title": "SslConfiguration" - }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", + "title": "ClusterArn", "type": "string" }, - "Type": { - "markdownDescription": "The app type. Each supported type is associated with a particular layer. For example, PHP applications are associated with a PHP layer. AWS OpsWorks Stacks deploys an application to those instances that are members of the corresponding layer. If your app isn't one of the standard types, or you prefer to implement your own Deploy recipes, specify `other` .", - "title": "Type", - "type": "string" + "Policy": { + "markdownDescription": "Resource policy for the cluster.", + "title": "Policy", + "type": "object" } }, "required": [ - "Name", - "StackId", - "Type" + "ClusterArn", + "Policy" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::App" + "AWS::MSK::ClusterPolicy" ], "type": "string" }, @@ -172801,110 +181402,7 @@ ], "type": "object" }, - "AWS::OpsWorks::App.DataSource": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The data source's ARN.", - "title": "Arn", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The database name.", - "title": "DatabaseName", - "type": "string" - }, - "Type": { - "markdownDescription": "The data source's type, `AutoSelectOpsworksMysqlInstance` , `OpsworksMysqlInstance` , `RdsDbInstance` , or `None` .", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::App.EnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "(Required) The environment variable's name, which can consist of up to 64 characters and must be specified. The name can contain upper- and lowercase letters, numbers, and underscores (_), but it must start with a letter or underscore.", - "title": "Key", - "type": "string" - }, - "Secure": { - "markdownDescription": "(Optional) Whether the variable's value is returned by the `DescribeApps` action. To hide an environment variable's value, set `Secure` to `true` . `DescribeApps` returns `*****FILTERED*****` instead of the actual value. The default value for `Secure` is `false` .", - "title": "Secure", - "type": "boolean" - }, - "Value": { - "markdownDescription": "(Optional) The environment variable's value, which can be left empty. If you specify a value, it can contain up to 256 characters, which must all be printable.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::OpsWorks::App.Source": { - "additionalProperties": false, - "properties": { - "Password": { - "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "Password", - "type": "string" - }, - "Revision": { - "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", - "title": "Revision", - "type": "string" - }, - "SshKey": { - "markdownDescription": "In requests, the repository's SSH key.\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "SshKey", - "type": "string" - }, - "Type": { - "markdownDescription": "The repository type.", - "title": "Type", - "type": "string" - }, - "Url": { - "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", - "title": "Url", - "type": "string" - }, - "Username": { - "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", - "title": "Username", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::App.SslConfiguration": { - "additionalProperties": false, - "properties": { - "Certificate": { - "markdownDescription": "The contents of the certificate's domain.crt file.", - "title": "Certificate", - "type": "string" - }, - "Chain": { - "markdownDescription": "Optional. Can be used to specify an intermediate certificate authority key or client authentication.", - "title": "Chain", - "type": "string" - }, - "PrivateKey": { - "markdownDescription": "The private key; the contents of the certificate's domain.kex file.", - "title": "PrivateKey", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::ElasticLoadBalancerAttachment": { + "AWS::MSK::Configuration": { "additionalProperties": false, "properties": { "Condition": { @@ -172939,26 +181437,44 @@ "Properties": { "additionalProperties": false, "properties": { - "ElasticLoadBalancerName": { - "markdownDescription": "The Elastic Load Balancing instance name.", - "title": "ElasticLoadBalancerName", + "Description": { + "markdownDescription": "The description of the configuration.", + "title": "Description", "type": "string" }, - "LayerId": { - "markdownDescription": "The AWS OpsWorks layer ID to which the Elastic Load Balancing load balancer is attached.", - "title": "LayerId", + "KafkaVersionsList": { + "items": { + "type": "string" + }, + "markdownDescription": "The [versions of Apache Kafka](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) with which you can use this MSK configuration.\n\nWhen you update the `KafkaVersionsList` property, AWS CloudFormation recreates a new configuration with the updated property before deleting the old configuration. Such an update requires a [resource replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) . To successfully update `KafkaVersionsList` , you must also update the `Name` property in the same operation.\n\nIf your configuration is attached with any clusters created using the AWS Management Console or AWS CLI , you'll need to manually delete the old configuration from the console after the update completes.\n\nFor more information, see [Can\u2019t update KafkaVersionsList in MSK configuration](https://docs.aws.amazon.com/msk/latest/developerguide/troubleshooting.html#troubleshoot-kafkaversionslist-cfn-update-failure) in the *Amazon MSK Developer Guide* .", + "title": "KafkaVersionsList", + "type": "array" + }, + "LatestRevision": { + "$ref": "#/definitions/AWS::MSK::Configuration.LatestRevision", + "markdownDescription": "Latest revision of the MSK configuration.", + "title": "LatestRevision" + }, + "Name": { + "markdownDescription": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\".", + "title": "Name", + "type": "string" + }, + "ServerProperties": { + "markdownDescription": "Contents of the `server.properties` file. When using the console, the SDK, or the AWS CLI , the contents of `server.properties` can be in plaintext.", + "title": "ServerProperties", "type": "string" } }, "required": [ - "ElasticLoadBalancerName", - "LayerId" + "Name", + "ServerProperties" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::ElasticLoadBalancerAttachment" + "AWS::MSK::Configuration" ], "type": "string" }, @@ -172977,7 +181493,28 @@ ], "type": "object" }, - "AWS::OpsWorks::Instance": { + "AWS::MSK::Configuration.LatestRevision": { + "additionalProperties": false, + "properties": { + "CreationTime": { + "markdownDescription": "The time when the configuration revision was created.", + "title": "CreationTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the configuration revision.", + "title": "Description", + "type": "string" + }, + "Revision": { + "markdownDescription": "The revision number.", + "title": "Revision", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MSK::Replicator": { "additionalProperties": false, "properties": { "Condition": { @@ -173012,134 +181549,57 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentVersion": { - "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- `INHERIT` - Use the stack's default agent version setting.\n- *version_number* - Use the specified agent version. This value overrides the stack's default setting. To update the agent version, edit the instance configuration and specify a new version. AWS OpsWorks Stacks installs that version on the instance.\n\nThe default setting is `INHERIT` . To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.", - "title": "AgentVersion", + "Description": { + "markdownDescription": "A summary description of the replicator.", + "title": "Description", "type": "string" }, - "AmiId": { - "markdownDescription": "A custom AMI ID to be used to create the instance. The AMI should be based on one of the supported operating systems. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\n> If you specify a custom AMI, you must set `Os` to `Custom` .", - "title": "AmiId", - "type": "string" + "KafkaClusters": { + "items": { + "$ref": "#/definitions/AWS::MSK::Replicator.KafkaCluster" + }, + "markdownDescription": "Kafka Clusters to use in setting up sources / targets for replication.", + "title": "KafkaClusters", + "type": "array" }, - "Architecture": { - "markdownDescription": "The instance architecture. The default option is `x86_64` . Instance types do not necessarily support both architectures. For a list of the architectures that are supported by the different instance types, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) .", - "title": "Architecture", - "type": "string" - }, - "AutoScalingType": { - "markdownDescription": "For load-based or time-based instances, the type. Windows stacks can use only time-based instances.", - "title": "AutoScalingType", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the AWS OpsWorks instance, such as `us-east-2a` .", - "title": "AvailabilityZone", - "type": "string" - }, - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.BlockDeviceMapping" - }, - "markdownDescription": "An array of `BlockDeviceMapping` objects that specify the instance's block devices. For more information, see [Block Device Mapping](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) . Note that block device mappings are not supported for custom AMIs.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Whether to create an Amazon EBS-optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticIps": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Elastic IP addresses to associate with the instance.", - "title": "ElasticIps", - "type": "array" - }, - "Hostname": { - "markdownDescription": "The instance host name. The following are character limits for instance host names.\n\n- Linux-based instances: 63 characters\n- Windows-based instances: 15 characters", - "title": "Hostname", - "type": "string" - }, - "InstallUpdatesOnBoot": { - "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> We strongly recommend using the default value of `true` to ensure that your instances have the latest security updates.", - "title": "InstallUpdatesOnBoot", - "type": "boolean" - }, - "InstanceType": { - "markdownDescription": "The instance type, such as `t2.micro` . For a list of supported instance types, open the stack in the console, choose *Instances* , and choose *+ Instance* . The *Size* list contains the currently supported types. For more information, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) . The parameter values that you use to specify the various types are in the *API Name* column of the *Available Instance Types* table.", - "title": "InstanceType", - "type": "string" - }, - "LayerIds": { + "ReplicationInfoList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationInfo" }, - "markdownDescription": "An array that contains the instance's layer IDs.", - "title": "LayerIds", + "markdownDescription": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.", + "title": "ReplicationInfoList", "type": "array" }, - "Os": { - "markdownDescription": "The instance's operating system, which must be set to one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` .\n\nNot all operating systems are supported with all versions of Chef. For more information about the supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .\n\nThe default option is the current Amazon Linux version. If you set this parameter to `Custom` , you must use the `CreateInstance` action's AmiId parameter to specify the custom AMI that you want to use. Block device mappings are not supported if the value is `Custom` . For more information about how to use custom AMIs with AWS OpsWorks Stacks, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .", - "title": "Os", - "type": "string" - }, - "RootDeviceType": { - "markdownDescription": "The instance root device type. For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", - "title": "RootDeviceType", - "type": "string" - }, - "SshKeyName": { - "markdownDescription": "The instance's Amazon EC2 key-pair name.", - "title": "SshKeyName", - "type": "string" - }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the instance's subnet. If the stack is running in a VPC, you can use this parameter to override the stack's default subnet ID value and direct AWS OpsWorks Stacks to launch the instance in a different subnet.", - "title": "SubnetId", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The instance's tenancy option. The default option is no tenancy, or if the instance is running in a VPC, inherit tenancy settings from the VPC. The following are valid values for this parameter: `dedicated` , `default` , or `host` . Because there are costs associated with changes in tenancy options, we recommend that you research tenancy options before choosing them for your instances. For more information about dedicated hosts, see [Dedicated Hosts Overview](https://docs.aws.amazon.com/ec2/dedicated-hosts/) and [Amazon EC2 Dedicated Hosts](https://docs.aws.amazon.com/ec2/dedicated-hosts/) . For more information about dedicated instances, see [Dedicated Instances](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html) and [Amazon EC2 Dedicated Instances](https://docs.aws.amazon.com/ec2/purchasing-options/dedicated-instances/) .", - "title": "Tenancy", + "ReplicatorName": { + "markdownDescription": "The name of the replicator. Alpha-numeric characters with '-' are allowed.", + "title": "ReplicatorName", "type": "string" }, - "TimeBasedAutoScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.TimeBasedAutoScaling", - "markdownDescription": "The time-based scaling configuration for the instance.", - "title": "TimeBasedAutoScaling" - }, - "VirtualizationType": { - "markdownDescription": "The instance's virtualization type, `paravirtual` or `hvm` .", - "title": "VirtualizationType", + "ServiceExecutionRoleArn": { + "markdownDescription": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters)", + "title": "ServiceExecutionRoleArn", "type": "string" }, - "Volumes": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of AWS OpsWorks volume IDs to associate with the instance. For more information, see [`AWS::OpsWorks::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-volume.html) .", - "title": "Volumes", + "markdownDescription": "List of tags to attach to created Replicator.", + "title": "Tags", "type": "array" } }, "required": [ - "InstanceType", - "LayerIds", - "StackId" + "KafkaClusters", + "ReplicationInfoList", + "ReplicatorName", + "ServiceExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Instance" + "AWS::MSK::Replicator" ], "type": "string" }, @@ -173158,499 +181618,211 @@ ], "type": "object" }, - "AWS::OpsWorks::Instance.BlockDeviceMapping": { + "AWS::MSK::Replicator.AmazonMskCluster": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name that is exposed to the instance, such as `/dev/sdh` . For the root device, you can use the explicit device name or you can set this parameter to `ROOT_DEVICE` and AWS OpsWorks Stacks will provide the correct device name.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.EbsBlockDevice", - "markdownDescription": "An `EBSBlockDevice` that defines how to configure an Amazon EBS volume when the instance is launched. You can specify either the `VirtualName` or `Ebs` , but not both.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "Suppresses the specified device included in the AMI's block device mapping.", - "title": "NoDevice", - "type": "string" - }, - "VirtualName": { - "markdownDescription": "The virtual device name. For more information, see [BlockDeviceMapping](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html) . You can specify either the `VirtualName` or `Ebs` , but not both.", - "title": "VirtualName", + "MskClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon MSK cluster.", + "title": "MskClusterArn", "type": "string" } }, + "required": [ + "MskClusterArn" + ], "type": "object" }, - "AWS::OpsWorks::Instance.EbsBlockDevice": { + "AWS::MSK::Replicator.ConsumerGroupReplication": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Whether the volume is deleted on instance termination.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", - "title": "Iops", - "type": "number" + "ConsumerGroupsToExclude": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the consumer groups that should not be replicated.", + "title": "ConsumerGroupsToExclude", + "type": "array" }, - "SnapshotId": { - "markdownDescription": "The snapshot ID.", - "title": "SnapshotId", - "type": "string" + "ConsumerGroupsToReplicate": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the consumer groups to copy.", + "title": "ConsumerGroupsToReplicate", + "type": "array" }, - "VolumeSize": { - "markdownDescription": "The volume size, in GiB. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", - "title": "VolumeSize", - "type": "number" + "DetectAndCopyNewConsumerGroups": { + "markdownDescription": "Enables synchronization of consumer groups to target cluster.", + "title": "DetectAndCopyNewConsumerGroups", + "type": "boolean" }, - "VolumeType": { - "markdownDescription": "The volume type. `gp2` for General Purpose (SSD) volumes, `io1` for Provisioned IOPS (SSD) volumes, `st1` for Throughput Optimized hard disk drives (HDD), `sc1` for Cold HDD,and `standard` for Magnetic volumes.\n\nIf you specify the `io1` volume type, you must also specify a value for the `Iops` attribute. The maximum ratio of provisioned IOPS to requested volume size (in GiB) is 50:1. AWS uses the default volume size (in GiB) specified in the AMI attributes to set IOPS to 50 x (volume size).", - "title": "VolumeType", - "type": "string" + "SynchroniseConsumerGroupOffsets": { + "markdownDescription": "Enables synchronization of consumer group offsets to target cluster. The translated offsets will be written to topic __consumer_offsets.", + "title": "SynchroniseConsumerGroupOffsets", + "type": "boolean" } }, + "required": [ + "ConsumerGroupsToReplicate" + ], "type": "object" }, - "AWS::OpsWorks::Instance.TimeBasedAutoScaling": { + "AWS::MSK::Replicator.KafkaCluster": { "additionalProperties": false, "properties": { - "Friday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Friday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Friday", - "type": "object" - }, - "Monday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Monday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Monday", - "type": "object" - }, - "Saturday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Saturday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Saturday", - "type": "object" - }, - "Sunday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Sunday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Sunday", - "type": "object" - }, - "Thursday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Thursday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Thursday", - "type": "object" - }, - "Tuesday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Tuesday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tuesday", - "type": "object" + "AmazonMskCluster": { + "$ref": "#/definitions/AWS::MSK::Replicator.AmazonMskCluster", + "markdownDescription": "Details of an Amazon MSK Cluster.", + "title": "AmazonMskCluster" }, - "Wednesday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Wednesday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Wednesday", - "type": "object" + "VpcConfig": { + "$ref": "#/definitions/AWS::MSK::Replicator.KafkaClusterClientVpcConfig", + "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", + "title": "VpcConfig" } }, + "required": [ + "AmazonMskCluster", + "VpcConfig" + ], "type": "object" }, - "AWS::OpsWorks::Layer": { + "AWS::MSK::Replicator.KafkaClusterClientVpcConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.\n\nTo create a cluster layer, set the `EcsClusterArn` attribute to the cluster's ARN.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "AutoAssignElasticIps": { - "markdownDescription": "Whether to automatically assign an [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", - "title": "AutoAssignElasticIps", - "type": "boolean" - }, - "AutoAssignPublicIps": { - "markdownDescription": "For stacks that are running in a VPC, whether to automatically assign a public IP address to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", - "title": "AutoAssignPublicIps", - "type": "boolean" - }, - "CustomInstanceProfileArn": { - "markdownDescription": "The ARN of an IAM profile to be used for the layer's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "CustomInstanceProfileArn", - "type": "string" - }, - "CustomJson": { - "markdownDescription": "A JSON-formatted string containing custom stack configuration and deployment attributes to be installed on the layer's instances. For more information, see [Using Custom JSON](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-json-override.html) . This feature is supported as of version 1.7.42 of the AWS CLI .", - "title": "CustomJson", - "type": "object" - }, - "CustomRecipes": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.Recipes", - "markdownDescription": "A `LayerCustomRecipes` object that specifies the layer custom recipes.", - "title": "CustomRecipes" - }, - "CustomSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array containing the layer custom security group IDs.", - "title": "CustomSecurityGroupIds", - "type": "array" - }, - "EnableAutoHealing": { - "markdownDescription": "Whether to disable auto healing for the layer.", - "title": "EnableAutoHealing", - "type": "boolean" - }, - "InstallUpdatesOnBoot": { - "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> To ensure that your instances have the latest security updates, we strongly recommend using the default value of `true` .", - "title": "InstallUpdatesOnBoot", - "type": "boolean" - }, - "LifecycleEventConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.LifecycleEventConfiguration", - "markdownDescription": "A `LifeCycleEventConfiguration` object that you can use to configure the Shutdown event to specify an execution timeout and enable or disable Elastic Load Balancer connection draining.", - "title": "LifecycleEventConfiguration" - }, - "LoadBasedAutoScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.LoadBasedAutoScaling", - "markdownDescription": "The load-based scaling configuration for the AWS OpsWorks layer.", - "title": "LoadBasedAutoScaling" - }, - "Name": { - "markdownDescription": "The layer name, which is used by the console. Layer names can be a maximum of 32 characters.", - "title": "Name", - "type": "string" - }, - "Packages": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of `Package` objects that describes the layer packages.", - "title": "Packages", - "type": "array" - }, - "Shortname": { - "markdownDescription": "For custom layers only, use this parameter to specify the layer's short name, which is used internally by AWS OpsWorks Stacks and by Chef recipes. The short name is also used as the name for the directory where your app files are installed. It can have a maximum of 32 characters, which are limited to the alphanumeric characters, '-', '_', and '.'.\n\nBuilt-in layer short names are defined by AWS OpsWorks Stacks. For more information, see the [Layer Reference](https://docs.aws.amazon.com/opsworks/latest/userguide/layers.html) .", - "title": "Shortname", - "type": "string" - }, - "StackId": { - "markdownDescription": "The layer stack ID.", - "title": "StackId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies one or more sets of tags (key\u2013value pairs) to associate with this AWS OpsWorks layer. Use tags to manage your resources.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The layer type. A stack cannot have more than one built-in layer of the same type. It can have any number of custom layers. Built-in layers are not available in Chef 12 stacks.", - "title": "Type", - "type": "string" - }, - "UseEbsOptimizedInstances": { - "markdownDescription": "Whether to use Amazon EBS-optimized instances.", - "title": "UseEbsOptimizedInstances", - "type": "boolean" - }, - "VolumeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.VolumeConfiguration" - }, - "markdownDescription": "A `VolumeConfigurations` object that describes the layer's Amazon EBS volumes.", - "title": "VolumeConfigurations", - "type": "array" - } + "SecurityGroupIds": { + "items": { + "type": "string" }, - "required": [ - "AutoAssignElasticIps", - "AutoAssignPublicIps", - "EnableAutoHealing", - "Name", - "Shortname", - "StackId", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::OpsWorks::Layer" - ], - "type": "string" + "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", + "title": "SecurityGroupIds", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets in the client VPC to connect to.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "Type", - "Properties" + "SubnetIds" ], "type": "object" }, - "AWS::OpsWorks::Layer.AutoScalingThresholds": { + "AWS::MSK::Replicator.ReplicationInfo": { "additionalProperties": false, "properties": { - "CpuThreshold": { - "markdownDescription": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.", - "title": "CpuThreshold", - "type": "number" - }, - "IgnoreMetricsTime": { - "markdownDescription": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events. For example, AWS OpsWorks Stacks adds new instances following an upscaling event but the instances won't start reducing the load until they have been booted and configured. There is no point in raising additional scaling events during that operation, which typically takes several minutes. `IgnoreMetricsTime` allows you to direct AWS OpsWorks Stacks to suppress scaling events long enough to get the new instances online.", - "title": "IgnoreMetricsTime", - "type": "number" + "ConsumerGroupReplication": { + "$ref": "#/definitions/AWS::MSK::Replicator.ConsumerGroupReplication", + "markdownDescription": "Configuration relating to consumer group replication.", + "title": "ConsumerGroupReplication" }, - "InstanceCount": { - "markdownDescription": "The number of instances to add or remove when the load exceeds a threshold.", - "title": "InstanceCount", - "type": "number" + "SourceKafkaClusterArn": { + "markdownDescription": "The ARN of the source Kafka cluster.", + "title": "SourceKafkaClusterArn", + "type": "string" }, - "LoadThreshold": { - "markdownDescription": "The load threshold. A value of -1 disables the threshold. For more information about how load is computed, see [Load (computing)](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Load_%28computing%29) .", - "title": "LoadThreshold", - "type": "number" + "TargetCompressionType": { + "markdownDescription": "The compression type to use when producing records to target cluster.", + "title": "TargetCompressionType", + "type": "string" }, - "MemoryThreshold": { - "markdownDescription": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.", - "title": "MemoryThreshold", - "type": "number" + "TargetKafkaClusterArn": { + "markdownDescription": "The ARN of the target Kafka cluster.", + "title": "TargetKafkaClusterArn", + "type": "string" }, - "ThresholdsWaitTime": { - "markdownDescription": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.", - "title": "ThresholdsWaitTime", - "type": "number" + "TopicReplication": { + "$ref": "#/definitions/AWS::MSK::Replicator.TopicReplication", + "markdownDescription": "Configuration relating to topic replication.", + "title": "TopicReplication" } }, + "required": [ + "ConsumerGroupReplication", + "SourceKafkaClusterArn", + "TargetCompressionType", + "TargetKafkaClusterArn", + "TopicReplication" + ], "type": "object" }, - "AWS::OpsWorks::Layer.LifecycleEventConfiguration": { + "AWS::MSK::Replicator.ReplicationStartingPosition": { "additionalProperties": false, "properties": { - "ShutdownEventConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.ShutdownEventConfiguration", - "markdownDescription": "The Shutdown event configuration.", - "title": "ShutdownEventConfiguration" + "Type": { + "markdownDescription": "The type of replication starting position.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::OpsWorks::Layer.LoadBasedAutoScaling": { + "AWS::MSK::Replicator.ReplicationTopicNameConfiguration": { "additionalProperties": false, "properties": { - "DownScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", - "markdownDescription": "An `AutoScalingThresholds` object that describes the downscaling configuration, which defines how and when AWS OpsWorks Stacks reduces the number of instances.", - "title": "DownScaling" - }, - "Enable": { - "markdownDescription": "Whether load-based auto scaling is enabled for the layer.", - "title": "Enable", - "type": "boolean" - }, - "UpScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", - "markdownDescription": "An `AutoScalingThresholds` object that describes the upscaling configuration, which defines how and when AWS OpsWorks Stacks increases the number of instances.", - "title": "UpScaling" + "Type": { + "markdownDescription": "The type of replication topic name configuration, identical to upstream topic name or prefixed with source cluster alias.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::OpsWorks::Layer.Recipes": { + "AWS::MSK::Replicator.TopicReplication": { "additionalProperties": false, "properties": { - "Configure": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `configure` event.", - "title": "Configure", - "type": "array" + "CopyAccessControlListsForTopics": { + "markdownDescription": "Whether to periodically configure remote topic ACLs to match their corresponding upstream topics.", + "title": "CopyAccessControlListsForTopics", + "type": "boolean" }, - "Deploy": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `deploy` event.", - "title": "Deploy", - "type": "array" + "CopyTopicConfigurations": { + "markdownDescription": "Whether to periodically configure remote topics to match their corresponding upstream topics.", + "title": "CopyTopicConfigurations", + "type": "boolean" }, - "Setup": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `setup` event.", - "title": "Setup", - "type": "array" + "DetectAndCopyNewTopics": { + "markdownDescription": "Whether to periodically check for new topics and partitions.", + "title": "DetectAndCopyNewTopics", + "type": "boolean" }, - "Shutdown": { + "StartingPosition": { + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationStartingPosition", + "markdownDescription": "Specifies the position in the topics to start replicating from.", + "title": "StartingPosition" + }, + "TopicNameConfiguration": { + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationTopicNameConfiguration", + "markdownDescription": "Configuration for specifying replicated topic names will be the same as their corresponding upstream topics or prefixed with source cluster alias.", + "title": "TopicNameConfiguration" + }, + "TopicsToExclude": { "items": { "type": "string" }, - "markdownDescription": "An array of custom recipe names to be run following a `shutdown` event.", - "title": "Shutdown", + "markdownDescription": "List of regular expression patterns indicating the topics that should not be replicated.", + "title": "TopicsToExclude", "type": "array" }, - "Undeploy": { + "TopicsToReplicate": { "items": { "type": "string" }, - "markdownDescription": "An array of custom recipe names to be run following a `undeploy` event.", - "title": "Undeploy", + "markdownDescription": "List of regular expression patterns indicating the topics to copy.", + "title": "TopicsToReplicate", "type": "array" } }, + "required": [ + "TopicsToReplicate" + ], "type": "object" }, - "AWS::OpsWorks::Layer.ShutdownEventConfiguration": { - "additionalProperties": false, - "properties": { - "DelayUntilElbConnectionsDrained": { - "markdownDescription": "Whether to enable Elastic Load Balancing connection draining. For more information, see [Connection Draining](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#conn-drain)", - "title": "DelayUntilElbConnectionsDrained", - "type": "boolean" - }, - "ExecutionTimeout": { - "markdownDescription": "The time, in seconds, that AWS OpsWorks Stacks waits after triggering a Shutdown event before shutting down an instance.", - "title": "ExecutionTimeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Layer.VolumeConfiguration": { - "additionalProperties": false, - "properties": { - "Encrypted": { - "markdownDescription": "Specifies whether an Amazon EBS volume is encrypted. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) .", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) to provision for the volume. For PIOPS volumes, the IOPS per disk.\n\nIf you specify `io1` for the volume type, you must specify this property.", - "title": "Iops", - "type": "number" - }, - "MountPoint": { - "markdownDescription": "The volume mount point. For example \"/dev/sdh\".", - "title": "MountPoint", - "type": "string" - }, - "NumberOfDisks": { - "markdownDescription": "The number of disks in the volume.", - "title": "NumberOfDisks", - "type": "number" - }, - "RaidLevel": { - "markdownDescription": "The volume [RAID level](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Standard_RAID_levels) .", - "title": "RaidLevel", - "type": "number" - }, - "Size": { - "markdownDescription": "The volume size.", - "title": "Size", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) .\n\n- `standard` - Magnetic. Magnetic volumes must have a minimum size of 1 GiB and a maximum size of 1024 GiB.\n- `io1` - Provisioned IOPS (SSD). PIOPS volumes must have a minimum size of 4 GiB and a maximum size of 16384 GiB.\n- `gp2` - General Purpose (SSD). General purpose volumes must have a minimum size of 1 GiB and a maximum size of 16384 GiB.\n- `st1` - Throughput Optimized hard disk drive (HDD). Throughput optimized HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.\n- `sc1` - Cold HDD. Cold HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Stack": { + "AWS::MSK::ServerlessCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -173685,160 +181857,46 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentVersion": { - "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- Auto-update - Set this parameter to `LATEST` . AWS OpsWorks Stacks automatically installs new agent versions on the stack's instances as soon as they are available.\n- Fixed version - Set this parameter to your preferred agent version. To update the agent version, you must edit the stack configuration and specify a new version. AWS OpsWorks Stacks installs that version on the stack's instances.\n\nThe default setting is the most recent release of the agent. To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.\n\n> You can also specify an agent version when you create or update an instance, which overrides the stack's default setting.", - "title": "AgentVersion", + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.ClientAuthentication", + "markdownDescription": "Includes all client authentication related information.", + "title": "ClientAuthentication" + }, + "ClusterName": { + "markdownDescription": "The name of the cluster.", + "title": "ClusterName", "type": "string" }, - "Attributes": { + "Tags": { "additionalProperties": true, - "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.", + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, - "title": "Attributes", - "type": "object" - }, - "ChefConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.ChefConfiguration", - "markdownDescription": "A `ChefConfiguration` object that specifies whether to enable Berkshelf and the Berkshelf version on Chef 11.10 stacks. For more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", - "title": "ChefConfiguration" - }, - "CloneAppIds": { - "items": { - "type": "string" - }, - "markdownDescription": "If you're cloning an AWS OpsWorks stack, a list of AWS OpsWorks application stack IDs from the source stack to include in the cloned stack.", - "title": "CloneAppIds", - "type": "array" - }, - "ClonePermissions": { - "markdownDescription": "If you're cloning an AWS OpsWorks stack, indicates whether to clone the source stack's permissions.", - "title": "ClonePermissions", - "type": "boolean" - }, - "ConfigurationManager": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.StackConfigurationManager", - "markdownDescription": "The configuration manager. When you create a stack we recommend that you use the configuration manager to specify the Chef version: 12, 11.10, or 11.4 for Linux stacks, or 12.2 for Windows stacks. The default value for Linux stacks is currently 12.", - "title": "ConfigurationManager" - }, - "CustomCookbooksSource": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.Source", - "markdownDescription": "Contains the information required to retrieve an app or cookbook from a repository. For more information, see [Adding Apps](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html) or [Cookbooks and Recipes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook.html) .", - "title": "CustomCookbooksSource" - }, - "CustomJson": { - "markdownDescription": "A string that contains user-defined, custom JSON. It can be used to override the corresponding default stack configuration attribute values or to pass data to recipes. The string should be in the following format:\n\n`\"{\\\"key1\\\": \\\"value1\\\", \\\"key2\\\": \\\"value2\\\",...}\"`\n\nFor more information about custom JSON, see [Use Custom JSON to Modify the Stack Configuration Attributes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-json.html) .", - "title": "CustomJson", + "title": "Tags", "type": "object" }, - "DefaultAvailabilityZone": { - "markdownDescription": "The stack's default Availability Zone, which must be in the specified region. For more information, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html) . If you also specify a value for `DefaultSubnetId` , the subnet must be in the same zone. For more information, see the `VpcId` parameter description.", - "title": "DefaultAvailabilityZone", - "type": "string" - }, - "DefaultInstanceProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM profile that is the default profile for all of the stack's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "DefaultInstanceProfileArn", - "type": "string" - }, - "DefaultOs": { - "markdownDescription": "The stack's default operating system, which is installed on every instance unless you specify a different operating system when you create the instance. You can specify one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` . You specify the custom AMI you want to use when you create instances. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\nThe default option is the current Amazon Linux version. Not all operating systems are supported with all versions of Chef. For more information about supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .", - "title": "DefaultOs", - "type": "string" - }, - "DefaultRootDeviceType": { - "markdownDescription": "The default root device type. This value is the default for all instances in the stack, but you can override it when you create an instance. The default option is `instance-store` . For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", - "title": "DefaultRootDeviceType", - "type": "string" - }, - "DefaultSshKeyName": { - "markdownDescription": "A default Amazon EC2 key pair name. The default value is none. If you specify a key pair name, AWS OpsWorks installs the public key on the instance and you can use the private key with an SSH client to log in to the instance. For more information, see [Using SSH to Communicate with an Instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-ssh.html) and [Managing SSH Access](https://docs.aws.amazon.com/opsworks/latest/userguide/security-ssh-access.html) . You can override this setting by specifying a different key pair, or no key pair, when you [create an instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-add.html) .", - "title": "DefaultSshKeyName", - "type": "string" - }, - "DefaultSubnetId": { - "markdownDescription": "The stack's default subnet ID. All instances are launched into this subnet unless you specify another subnet ID when you create the instance. This parameter is required if you specify a value for the `VpcId` parameter. If you also specify a value for `DefaultAvailabilityZone` , the subnet must be in that zone.", - "title": "DefaultSubnetId", - "type": "string" - }, - "EcsClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Elastic Container Service ( Amazon ECS ) cluster to register with the AWS OpsWorks stack.\n\n> If you specify a cluster that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the cluster.", - "title": "EcsClusterArn", - "type": "string" - }, - "ElasticIps": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.ElasticIp" - }, - "markdownDescription": "A list of Elastic IP addresses to register with the AWS OpsWorks stack.\n\n> If you specify an IP address that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the IP address.", - "title": "ElasticIps", - "type": "array" - }, - "HostnameTheme": { - "markdownDescription": "The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. By default, `HostnameTheme` is set to `Layer_Dependent` , which creates host names by appending integers to the layer's short name. The other themes are:\n\n- `Baked_Goods`\n- `Clouds`\n- `Europe_Cities`\n- `Fruits`\n- `Greek_Deities_and_Titans`\n- `Legendary_creatures_from_Japan`\n- `Planets_and_Moons`\n- `Roman_Deities`\n- `Scottish_Islands`\n- `US_Cities`\n- `Wild_Cats`\n\nTo obtain a generated host name, call `GetHostNameSuggestion` , which returns a host name based on the current theme.", - "title": "HostnameTheme", - "type": "string" - }, - "Name": { - "markdownDescription": "The stack name. Stack names can be a maximum of 64 characters.", - "title": "Name", - "type": "string" - }, - "RdsDbInstances": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.RdsDbInstance" - }, - "markdownDescription": "The Amazon Relational Database Service ( Amazon RDS ) database instance to register with the AWS OpsWorks stack.\n\n> If you specify a database instance that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the database instance.", - "title": "RdsDbInstances", - "type": "array" - }, - "ServiceRoleArn": { - "markdownDescription": "The stack's IAM role, which allows AWS OpsWorks Stacks to work with AWS resources on your behalf. You must set this parameter to the Amazon Resource Name (ARN) for an existing IAM role. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "ServiceRoleArn", - "type": "string" - }, - "SourceStackId": { - "markdownDescription": "If you're cloning an AWS OpsWorks stack, the stack ID of the source AWS OpsWorks stack to clone.", - "title": "SourceStackId", - "type": "string" - }, - "Tags": { + "VpcConfigs": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.VpcConfig" }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a stack or layer.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- Leading and trailing white spaces are trimmed from both the key and value.\n- A maximum of 40 tags is allowed for any resource.", - "title": "Tags", + "markdownDescription": "VPC configuration information for the serverless cluster.", + "title": "VpcConfigs", "type": "array" - }, - "UseCustomCookbooks": { - "markdownDescription": "Whether the stack uses custom cookbooks.", - "title": "UseCustomCookbooks", - "type": "boolean" - }, - "UseOpsworksSecurityGroups": { - "markdownDescription": "Whether to associate the AWS OpsWorks Stacks built-in security groups with the stack's layers.\n\nAWS OpsWorks Stacks provides a standard set of built-in security groups, one for each layer, which are associated with layers by default. With `UseOpsworksSecurityGroups` you can instead provide your own custom security groups. `UseOpsworksSecurityGroups` has the following settings:\n\n- True - AWS OpsWorks Stacks automatically associates the appropriate built-in security group with each layer (default setting). You can associate additional security groups with a layer after you create it, but you cannot delete the built-in security group.\n- False - AWS OpsWorks Stacks does not associate built-in security groups with layers. You must create appropriate EC2 security groups and associate a security group with each layer that you create. However, you can still manually associate a built-in security group with a layer on creation; custom security groups are required only for those layers that need custom settings.\n\nFor more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", - "title": "UseOpsworksSecurityGroups", - "type": "boolean" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC that the stack is to be launched into. The VPC must be in the stack's region. All instances are launched into this VPC. You cannot change the ID later.\n\n- If your account supports EC2-Classic, the default value is `no VPC` .\n- If your account does not support EC2-Classic, the default value is the default VPC for the specified region.\n\nIf the VPC ID corresponds to a default VPC and you have specified either the `DefaultAvailabilityZone` or the `DefaultSubnetId` parameter only, AWS OpsWorks Stacks infers the value of the other parameter. If you specify neither parameter, AWS OpsWorks Stacks sets these parameters to the first valid Availability Zone for the specified region and the corresponding default VPC subnet ID, respectively.\n\nIf you specify a nondefault VPC ID, note the following:\n\n- It must belong to a VPC in your account that is in the specified region.\n- You must specify a value for `DefaultSubnetId` .\n\nFor more information about how to use AWS OpsWorks Stacks with a VPC, see [Running a Stack in a VPC](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-vpc.html) . For more information about default VPC and EC2-Classic, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", - "title": "VpcId", - "type": "string" } }, "required": [ - "DefaultInstanceProfileArn", - "Name", - "ServiceRoleArn" + "ClientAuthentication", + "ClusterName", + "VpcConfigs" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Stack" + "AWS::MSK::ServerlessCluster" ], "type": "string" }, @@ -173857,120 +181915,74 @@ ], "type": "object" }, - "AWS::OpsWorks::Stack.ChefConfiguration": { - "additionalProperties": false, - "properties": { - "BerkshelfVersion": { - "markdownDescription": "The Berkshelf version.", - "title": "BerkshelfVersion", - "type": "string" - }, - "ManageBerkshelf": { - "markdownDescription": "Whether to enable Berkshelf.", - "title": "ManageBerkshelf", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Stack.ElasticIp": { + "AWS::MSK::ServerlessCluster.ClientAuthentication": { "additionalProperties": false, "properties": { - "Ip": { - "markdownDescription": "The IP address.", - "title": "Ip", - "type": "string" - }, - "Name": { - "markdownDescription": "The name, which can be a maximum of 32 characters.", - "title": "Name", - "type": "string" + "Sasl": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Sasl", + "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", + "title": "Sasl" } }, "required": [ - "Ip" + "Sasl" ], "type": "object" }, - "AWS::OpsWorks::Stack.RdsDbInstance": { + "AWS::MSK::ServerlessCluster.Iam": { "additionalProperties": false, "properties": { - "DbPassword": { - "markdownDescription": "AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "DbPassword", - "type": "string" - }, - "DbUser": { - "markdownDescription": "The master user name.", - "title": "DbUser", - "type": "string" - }, - "RdsDbInstanceArn": { - "markdownDescription": "The instance's ARN.", - "title": "RdsDbInstanceArn", - "type": "string" + "Enabled": { + "markdownDescription": "SASL/IAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "DbPassword", - "DbUser", - "RdsDbInstanceArn" + "Enabled" ], "type": "object" }, - "AWS::OpsWorks::Stack.Source": { + "AWS::MSK::ServerlessCluster.Sasl": { "additionalProperties": false, "properties": { - "Password": { - "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "Password", - "type": "string" - }, - "Revision": { - "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", - "title": "Revision", - "type": "string" - }, - "SshKey": { - "markdownDescription": "The repository's SSH key. For more information, see [Using Git Repository SSH Keys](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-deploykeys.html) in the *AWS OpsWorks User Guide* . To pass in an SSH key as a parameter, see the following example:\n\n`\"Parameters\" : { \"GitSSHKey\" : { \"Description\" : \"Change SSH key newlines to commas.\", \"Type\" : \"CommaDelimitedList\", \"NoEcho\" : \"true\" }, ... \"CustomCookbooksSource\": { \"Revision\" : { \"Ref\": \"GitRevision\"}, \"SshKey\" : { \"Fn::Join\" : [ \"\\n\", { \"Ref\": \"GitSSHKey\"} ] }, \"Type\": \"git\", \"Url\": { \"Ref\": \"GitURL\"} } ...`", - "title": "SshKey", - "type": "string" - }, - "Type": { - "markdownDescription": "The repository type.", - "title": "Type", - "type": "string" - }, - "Url": { - "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", - "title": "Url", - "type": "string" - }, - "Username": { - "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", - "title": "Username", - "type": "string" + "Iam": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Iam", + "markdownDescription": "Details for ClientAuthentication using IAM.", + "title": "Iam" } }, + "required": [ + "Iam" + ], "type": "object" }, - "AWS::OpsWorks::Stack.StackConfigurationManager": { + "AWS::MSK::ServerlessCluster.VpcConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name. This parameter must be set to `Chef` .", - "title": "Name", - "type": "string" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SecurityGroups", + "type": "array" }, - "Version": { - "markdownDescription": "The Chef version. This parameter must be set to 12, 11.10, or 11.4 for Linux stacks, and to 12.2 for Windows stacks. The default value for Linux stacks is 12.", - "title": "Version", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SubnetIds", + "type": "array" } }, + "required": [ + "SubnetIds" + ], "type": "object" }, - "AWS::OpsWorks::UserProfile": { + "AWS::MSK::VpcConnection": { "additionalProperties": false, "properties": { "Condition": { @@ -174005,35 +182017,61 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowSelfManagement": { - "markdownDescription": "Whether users can specify their own SSH public key through the My Settings page. For more information, see [Managing User Permissions](https://docs.aws.amazon.com/opsworks/latest/userguide/security-settingsshkey.html) .", - "title": "AllowSelfManagement", - "type": "boolean" - }, - "IamUserArn": { - "markdownDescription": "The user's IAM ARN.", - "title": "IamUserArn", + "Authentication": { + "markdownDescription": "The type of private link authentication.", + "title": "Authentication", "type": "string" }, - "SshPublicKey": { - "markdownDescription": "The user's SSH public key.", - "title": "SshPublicKey", + "ClientSubnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets in the client VPC to connect to.", + "title": "ClientSubnets", + "type": "array" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", + "title": "SecurityGroups", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An arbitrary set of tags (key-value pairs) you specify while creating the VPC connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TargetClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster.", + "title": "TargetClusterArn", "type": "string" }, - "SshUsername": { - "markdownDescription": "The user's SSH user name.", - "title": "SshUsername", + "VpcId": { + "markdownDescription": "The VPC ID of the remote client.", + "title": "VpcId", "type": "string" } }, "required": [ - "IamUserArn" + "Authentication", + "ClientSubnets", + "SecurityGroups", + "TargetClusterArn", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::UserProfile" + "AWS::MSK::VpcConnection" ], "type": "string" }, @@ -174052,7 +182090,7 @@ ], "type": "object" }, - "AWS::OpsWorks::Volume": { + "AWS::MWAA::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -174087,212 +182125,145 @@ "Properties": { "additionalProperties": false, "properties": { - "Ec2VolumeId": { - "markdownDescription": "The Amazon EC2 volume ID.", - "title": "Ec2VolumeId", - "type": "string" + "AirflowConfigurationOptions": { + "markdownDescription": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", + "title": "AirflowConfigurationOptions", + "type": "object" }, - "MountPoint": { - "markdownDescription": "The volume mount point. For example, \"/mnt/disk1\".", - "title": "MountPoint", + "AirflowVersion": { + "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` | `2.8.1` | `2.9.2` | `2.10.1` (latest)", + "title": "AirflowVersion", "type": "string" }, - "Name": { - "markdownDescription": "The volume name. Volume names are a maximum of 128 characters.", - "title": "Name", + "DagS3Path": { + "markdownDescription": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", + "title": "DagS3Path", "type": "string" }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", + "EndpointManagement": { + "markdownDescription": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", + "title": "EndpointManagement", "type": "string" - } - }, - "required": [ - "Ec2VolumeId", - "StackId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::OpsWorks::Volume" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::OpsWorksCM::Server": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "EnvironmentClass": { + "markdownDescription": "The environment class type. Valid values: `mw1.micro` , `mw1.small` , `mw1.medium` , `mw1.large` , `mw1.1large` , and `mw1.2large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", + "title": "EnvironmentClass", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssociatePublicIpAddress": { - "markdownDescription": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` .", - "title": "AssociatePublicIpAddress", - "type": "boolean" + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", + "title": "ExecutionRoleArn", + "type": "string" }, - "BackupId": { - "markdownDescription": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId.", - "title": "BackupId", + "KmsKey": { + "markdownDescription": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", + "title": "KmsKey", "type": "string" }, - "BackupRetentionCount": { - "markdownDescription": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` .", - "title": "BackupRetentionCount", - "type": "number" + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::MWAA::Environment.LoggingConfiguration", + "markdownDescription": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` .", + "title": "LoggingConfiguration" }, - "CustomCertificate": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate\u2019s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` .", - "title": "CustomCertificate", - "type": "string" + "MaxWebservers": { + "markdownDescription": "The maximum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. For example, in scenarios where your workload requires network calls to the Apache Airflow REST API with a high transaction-per-second (TPS) rate, Amazon MWAA will increase the number of web servers up to the number set in `MaxWebserers` . As TPS rates decrease Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: For environments larger than mw1.micro, accepts values from `2` to `5` . Defaults to `2` for all environment sizes except mw1.micro, which defaults to `1` .", + "title": "MaxWebservers", + "type": "number" }, - "CustomDomain": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` .", - "title": "CustomDomain", - "type": "string" + "MaxWorkers": { + "markdownDescription": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` .", + "title": "MaxWorkers", + "type": "number" }, - "CustomPrivateKey": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` .", - "title": "CustomPrivateKey", - "type": "string" + "MinWebservers": { + "markdownDescription": "The minimum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. As the transaction-per-second rate, and the network load, decrease, Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: For environments larger than mw1.micro, accepts values from `2` to `5` . Defaults to `2` for all environment sizes except mw1.micro, which defaults to `1` .", + "title": "MinWebservers", + "type": "number" }, - "DisableAutomatedBackup": { - "markdownDescription": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` .", - "title": "DisableAutomatedBackup", - "type": "boolean" + "MinWorkers": { + "markdownDescription": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` .", + "title": "MinWorkers", + "type": "number" }, - "Engine": { - "markdownDescription": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` .", - "title": "Engine", + "Name": { + "markdownDescription": "The name of your Amazon MWAA environment.", + "title": "Name", "type": "string" }, - "EngineAttributes": { - "items": { - "$ref": "#/definitions/AWS::OpsWorksCM::Server.EngineAttribute" - }, - "markdownDescription": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^&+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key.", - "title": "EngineAttributes", - "type": "array" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::MWAA::Environment.NetworkConfiguration", + "markdownDescription": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", + "title": "NetworkConfiguration" }, - "EngineModel": { - "markdownDescription": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef.", - "title": "EngineModel", + "PluginsS3ObjectVersion": { + "markdownDescription": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", + "title": "PluginsS3ObjectVersion", "type": "string" }, - "EngineVersion": { - "markdownDescription": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` .", - "title": "EngineVersion", + "PluginsS3Path": { + "markdownDescription": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", + "title": "PluginsS3Path", "type": "string" }, - "InstanceProfileArn": { - "markdownDescription": "The ARN of the instance profile that your Amazon EC2 instances use.", - "title": "InstanceProfileArn", + "RequirementsS3ObjectVersion": { + "markdownDescription": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", + "title": "RequirementsS3ObjectVersion", "type": "string" }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type to use. For example, `m5.large` .", - "title": "InstanceType", + "RequirementsS3Path": { + "markdownDescription": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", + "title": "RequirementsS3Path", "type": "string" }, - "KeyPair": { - "markdownDescription": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH.", - "title": "KeyPair", + "Schedulers": { + "markdownDescription": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - For environments larger than mw1.micro, accepts values from 2 to 5. Defaults to 2 for all environment sizes except mw1.micro, which defaults to 1.\n- *v1* - Accepts 1.", + "title": "Schedulers", + "type": "number" + }, + "SourceBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) .", + "title": "SourceBucketArn", "type": "string" }, - "PreferredBackupWindow": { - "markdownDescription": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", - "title": "PreferredBackupWindow", + "StartupScriptS3ObjectVersion": { + "markdownDescription": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", + "title": "StartupScriptS3ObjectVersion", "type": "string" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", - "title": "PreferredMaintenanceWindow", + "StartupScriptS3Path": { + "markdownDescription": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", + "title": "StartupScriptS3Path", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", - "title": "SecurityGroupIds", - "type": "array" + "Tags": { + "markdownDescription": "The key-value tag pairs associated to your environment. For example, `\"Environment\": \"Staging\"` . To learn more, see [Tagging](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .\n\nIf you specify new tags for an existing environment, the update requires service interruption before taking effect.", + "title": "Tags", + "type": "object" }, - "ServiceRoleArn": { - "markdownDescription": "The service role that the AWS OpsWorks CM service backend uses to work with your account. Although the AWS OpsWorks management console typically creates the service role for you, if you are using the AWS CLI or API commands, run the service-role-creation.yaml AWS CloudFormation template, located at https://s3.amazonaws.com/opsworks-cm-us-east-1-prod-default-assets/misc/opsworks-cm-roles.yaml. This template creates a CloudFormation stack that includes the service role and instance profile that you need.", - "title": "ServiceRoleArn", + "WebserverAccessMode": { + "markdownDescription": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` .", + "title": "WebserverAccessMode", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", - "title": "SubnetIds", - "type": "array" + "WeeklyMaintenanceWindowStart": { + "markdownDescription": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)", + "title": "WeeklyMaintenanceWindowStart", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server.", - "title": "Tags", - "type": "array" + "WorkerReplacementStrategy": { + "markdownDescription": "", + "title": "WorkerReplacementStrategy", + "type": "string" } }, "required": [ - "InstanceProfileArn", - "InstanceType", - "ServiceRoleArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorksCM::Server" + "AWS::MWAA::Environment" ], "type": "string" }, @@ -174311,23 +182282,81 @@ ], "type": "object" }, - "AWS::OpsWorksCM::Server.EngineAttribute": { + "AWS::MWAA::Environment.LoggingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the engine attribute.\n\n*Attribute name for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_ADMIN_PASSWORD`\n\n*Attribute names for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD`\n- `PUPPET_R10K_REMOTE`\n- `PUPPET_R10K_PRIVATE_KEY`", - "title": "Name", + "DagProcessingLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the processing logs sent to CloudWatch Logs and the logging level to send.", + "title": "DagProcessingLogs" + }, + "SchedulerLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the scheduler logs sent to CloudWatch Logs and the logging level to send.", + "title": "SchedulerLogs" + }, + "TaskLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the task logs sent to CloudWatch Logs and the logging level to send.", + "title": "TaskLogs" + }, + "WebserverLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the web server logs sent to CloudWatch Logs and the logging level to send.", + "title": "WebserverLogs" + }, + "WorkerLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the worker logs sent to CloudWatch Logs and the logging level to send.", + "title": "WorkerLogs" + } + }, + "type": "object" + }, + "AWS::MWAA::Environment.ModuleLoggingConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchLogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled.\n\n> `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "Value": { - "markdownDescription": "The value of the engine attribute.\n\n*Attribute value for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers.\n\n`openssl genrsa -out *pivotal_key_file_name* .pem 2048`\n\nOn Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com.\n\n*Attribute values for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key.", - "title": "Value", + "Enabled": { + "markdownDescription": "Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs.", + "title": "Enabled", + "type": "boolean" + }, + "LogLevel": { + "markdownDescription": "Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` .", + "title": "LogLevel", "type": "string" } }, "type": "object" }, - "AWS::Organizations::Account": { + "AWS::MWAA::Environment.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more security group IDs. Accepts up to 5 security group IDs. A security group must be attached to the same VPC as the subnets. To learn more, see [Security in your VPC on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-security.html) .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs. *Required* to create an environment. Must be private subnets in two different availability zones. A subnet must be attached to the same VPC as the security group. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Macie::AllowList": { "additionalProperties": false, "properties": { "Condition": { @@ -174362,47 +182391,39 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountName": { - "markdownDescription": "The account name given to the account when it was created.", - "title": "AccountName", - "type": "string" + "Criteria": { + "$ref": "#/definitions/AWS::Macie::AllowList.Criteria", + "markdownDescription": "The criteria that specify the text or text pattern to ignore. The criteria can be the location and name of an Amazon S3 object that lists specific text to ignore ( `S3WordsList` ), or a regular expression ( `Regex` ) that defines a text pattern to ignore.", + "title": "Criteria" }, - "Email": { - "markdownDescription": "The email address associated with the AWS account.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for this parameter is a string of characters that represents a standard internet email address.", - "title": "Email", + "Description": { + "markdownDescription": "A custom description of the allow list. The description can contain 1-512 characters.", + "title": "Description", "type": "string" }, - "ParentIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique identifier (ID) of the root or organizational unit (OU) that you want to create the new account in. If you don't specify this parameter, the `ParentId` defaults to the root ID.\n\nThis parameter only accepts a string array with one string value.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "ParentIds", - "type": "array" - }, - "RoleName": { - "markdownDescription": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.\n\nIf you don't specify this parameter, the role name defaults to `OrganizationAccountAccessRole` .\n\nFor more information about how to use this role to access the member account, see the following links:\n\n- [Creating the OrganizationAccountAccessRole in an invited member account](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) in the *AWS Organizations User Guide*\n- Steps 2 and 3 in [IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) in the *IAM User Guide*\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-", - "title": "RoleName", + "Name": { + "markdownDescription": "A custom name for the allow list. The name can contain 1-128 characters.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the maximum allowed number of tags for an account, then the entire request fails and the account is not created.", + "markdownDescription": "An array of key-value pairs to apply to the allow list.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "AccountName", - "Email" + "Criteria", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::Account" + "AWS::Macie::AllowList" ], "type": "string" }, @@ -174421,70 +182442,43 @@ ], "type": "object" }, - "AWS::Organizations::Organization": { + "AWS::Macie::AllowList.Criteria": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Regex": { + "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to ignore. The expression can contain 1-512 characters.", + "title": "Regex", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "FeatureSet": { - "markdownDescription": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.\n\n- `ALL` In addition to all the features supported by the consolidated billing feature set, the management account gains access to advanced features that give you more control over accounts in your organization. For more information, see [All features](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all) in the *AWS Organizations User Guide* .\n- `CONSOLIDATED_BILLING` All member accounts have their bills consolidated to and paid by the management account. For more information, see [Consolidated billing](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only) in the *AWS Organizations User Guide* .\n\n> The consolidated billing feature feature set isn't available for organizations in the AWS GovCloud (US) Region.\n\nIf you don't specify this property, the default value is `ALL` .", - "title": "FeatureSet", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Organizations::Organization" - ], + "S3WordsList": { + "$ref": "#/definitions/AWS::Macie::AllowList.S3WordsList", + "markdownDescription": "The location and name of an Amazon S3 object that lists specific text to ignore.", + "title": "S3WordsList" + } + }, + "type": "object" + }, + "AWS::Macie::AllowList.S3WordsList": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The full name of the S3 bucket that contains the object. This value correlates to the `Name` field of a bucket's properties in Amazon S3 .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", + "title": "BucketName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectKey": { + "markdownDescription": "The full name of the S3 object. This value correlates to the `Key` field of an object's properties in Amazon S3 . If the name includes a path, include the complete path. For example, `AllowLists/Macie/MyList.txt` .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", + "title": "ObjectKey", "type": "string" } }, "required": [ - "Type" + "BucketName", + "ObjectKey" ], "type": "object" }, - "AWS::Organizations::OrganizationalUnit": { + "AWS::Macie::CustomDataIdentifier": { "additionalProperties": false, "properties": { "Condition": { @@ -174519,34 +182513,60 @@ "Properties": { "additionalProperties": false, "properties": { + "Description": { + "markdownDescription": "A custom description of the custom data identifier. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", + "title": "Description", + "type": "string" + }, + "IgnoreWords": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of character sequences ( *ignore words* ) to exclude from the results. If text matches the regular expression ( `Regex` ) but it contains a string in this array, Amazon Macie ignores the text and doesn't include it in the results.\n\nThe array can contain 1-10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.", + "title": "IgnoreWords", + "type": "array" + }, + "Keywords": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of character sequences ( *keywords* ), one of which must precede and be in proximity ( `MaximumMatchDistance` ) of the regular expression ( `Regex` ) to match.\n\nThe array can contain 1-50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.", + "title": "Keywords", + "type": "array" + }, + "MaximumMatchDistance": { + "markdownDescription": "The maximum number of characters that can exist between the end of at least one complete character sequence specified by the `Keywords` array and the end of text that matches the regular expression ( `Regex` ). If a complete keyword precedes all the text that matches the regular expression and the keyword is within the specified distance, Amazon Macie includes the result.\n\nThe distance can be 1-300 characters. The default value is 50.", + "title": "MaximumMatchDistance", + "type": "number" + }, "Name": { - "markdownDescription": "The friendly name of this OU.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "markdownDescription": "A custom name for the custom data identifier. The name can contain 1-128 characters.\n\nAvoid including sensitive data in the name of a custom data identifier. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Name", "type": "string" }, - "ParentId": { - "markdownDescription": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in.\n\n> To update the `ParentId` parameter value, you must first remove all accounts attached to the organizational unit (OU). OUs can't be moved within the organization with accounts still attached. \n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "ParentId", + "Regex": { + "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to match. The expression can contain 1-512 characters.", + "title": "Regex", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that you want to attach to the newly created OU. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for an OU, then the entire request fails and the OU is not created.", + "markdownDescription": "An array of key-value pairs to apply to the custom data identifier.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Name", - "ParentId" + "Regex" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::OrganizationalUnit" + "AWS::Macie::CustomDataIdentifier" ], "type": "string" }, @@ -174565,7 +182585,7 @@ ], "type": "object" }, - "AWS::Organizations::Policy": { + "AWS::Macie::FindingsFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -174600,53 +182620,49 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The policy text content. You can specify the policy content as a JSON object or a JSON string.\n\n> When you specify the policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the policy content as a JSON object instead. \n\nThe text that you supply must adhere to the rules of the policy type you specify in the `Type` parameter. The following AWS Organizations quotas are enforced for the maximum size of a policy document:\n\n- Service control policies: 5,120 characters\n- Resource control policies: 5,120 characters\n- Declarative policies: 10,000 characters\n- Backup policies: 10,000 characters\n- Tag policies: 10,000 characters\n- Chat applications policies: 10,000 characters\n- AI services opt-out policies: 2,500 characters\n\nFor more information about Organizations service quotas, see [Quotas for AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) in the *AWS Organizations User Guide* .", - "title": "Content", - "type": "object" + "Action": { + "markdownDescription": "The action to perform on findings that match the filter criteria ( `FindingCriteria` ). Valid values are:\n\n- `ARCHIVE` - Suppress (automatically archive) the findings.\n- `NOOP` - Don't perform any action on the findings.", + "title": "Action", + "type": "string" }, "Description": { - "markdownDescription": "Human readable description of the policy.", + "markdownDescription": "A custom description of the findings filter. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Description", "type": "string" }, + "FindingCriteria": { + "$ref": "#/definitions/AWS::Macie::FindingsFilter.FindingCriteria", + "markdownDescription": "The criteria to use to filter findings.", + "title": "FindingCriteria" + }, "Name": { - "markdownDescription": "Name of the policy.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "markdownDescription": "A custom name for the findings filter. The name can contain 3-64 characters.\n\nAvoid including sensitive data in the name. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Name", "type": "string" }, + "Position": { + "markdownDescription": "The position of the findings filter in the list of saved filter rules on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to findings.", + "title": "Position", + "type": "number" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for a policy, then the entire request fails and the policy is not created.", + "markdownDescription": "An array of key-value pairs to apply to the findings filter.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "TargetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to. You can get the ID by calling the [ListRoots](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html) , [ListOrganizationalUnitsForParent](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html) , or [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) operations. If you don't specify this parameter, the policy is created but not attached to any organization resource.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a target ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Account* - A string that consists of exactly 12 digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "TargetIds", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of policy to create.", - "title": "Type", - "type": "string" } }, "required": [ - "Content", - "Name", - "Type" + "FindingCriteria", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::Policy" + "AWS::Macie::FindingsFilter" ], "type": "string" }, @@ -174665,7 +182681,66 @@ ], "type": "object" }, - "AWS::Organizations::ResourcePolicy": { + "AWS::Macie::FindingsFilter.CriterionAdditionalProperties": { + "additionalProperties": false, + "properties": { + "eq": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", + "title": "eq", + "type": "array" + }, + "gt": { + "markdownDescription": "The value for the specified property is greater than the specified value.", + "title": "gt", + "type": "number" + }, + "gte": { + "markdownDescription": "The value for the specified property is greater than or equal to the specified value.", + "title": "gte", + "type": "number" + }, + "lt": { + "markdownDescription": "The value for the specified property is less than the specified value.", + "title": "lt", + "type": "number" + }, + "lte": { + "markdownDescription": "The value for the specified property is less than or equal to the specified value.", + "title": "lte", + "type": "number" + }, + "neq": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", + "title": "neq", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Macie::FindingsFilter.FindingCriteria": { + "additionalProperties": false, + "properties": { + "Criterion": { + "additionalProperties": false, + "markdownDescription": "Specifies a condition that defines the property, operator, and one or more values to use to filter the results.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Macie::FindingsFilter.CriterionAdditionalProperties" + } + }, + "title": "Criterion", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Macie::Session": { "additionalProperties": false, "properties": { "Condition": { @@ -174700,28 +182775,22 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The policy text of the organization resource policy. You can specify the resource policy content as a JSON object or a JSON string.\n\n> When you specify the resource policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the resource policy content as a JSON object instead.", - "title": "Content", - "type": "object" + "FindingPublishingFrequency": { + "markdownDescription": "Specifies how often Amazon Macie publishes updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events ). Valid values are:\n\n- FIFTEEN_MINUTES\n- ONE_HOUR\n- SIX_HOURS", + "title": "FindingPublishingFrequency", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the newly created resource policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the *AWS Organizations User Guide* .\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for the resource policy, then the entire request fails and the resource policy is not created.", - "title": "Tags", - "type": "array" + "Status": { + "markdownDescription": "The status of Amazon Macie for the account. Valid values are: `ENABLED` , start or resume Macie activities for the account; and, `PAUSED` , suspend Macie activities for the account.", + "title": "Status", + "type": "string" } }, - "required": [ - "Content" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::ResourcePolicy" + "AWS::Macie::Session" ], "type": "string" }, @@ -174735,12 +182804,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::PCAConnectorAD::Connector": { + "AWS::ManagedBlockchain::Accessor": { "additionalProperties": false, "properties": { "Condition": { @@ -174775,43 +182843,33 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority being used.", - "title": "CertificateAuthorityArn", + "AccessorType": { + "markdownDescription": "The type of the accessor.\n\n> Currently, accessor type is restricted to `BILLING_TOKEN` .", + "title": "AccessorType", "type": "string" }, - "DirectoryId": { - "markdownDescription": "The identifier of the Active Directory.", - "title": "DirectoryId", + "NetworkType": { + "markdownDescription": "The blockchain network that the `Accessor` token is created for.\n\n> We recommend using the appropriate `networkType` value for the blockchain network that you are creating the `Accessor` token for. You cannot use the value `ETHEREUM_MAINNET_AND_GOERLI` to specify a `networkType` for your Accessor token.\n> \n> The default value of `ETHEREUM_MAINNET_AND_GOERLI` is only applied:\n> \n> - when the `CreateAccessor` action does not set a `networkType` .\n> - to all existing `Accessor` tokens that were created before the `networkType` property was introduced.", + "title": "NetworkType", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a connector consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "The tags assigned to the Accessor.\n\nFor more information about tags, see [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/tagging-resources.html) in the *Amazon Managed Blockchain Ethereum Developer Guide* , or [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/tagging-resources.html) in the *Amazon Managed Blockchain Hyperledger Fabric Developer Guide* .", "title": "Tags", - "type": "object" - }, - "VpcInformation": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Connector.VpcInformation", - "markdownDescription": "Information of the VPC and security group(s) used with the connector.", - "title": "VpcInformation" + "type": "array" } }, "required": [ - "CertificateAuthorityArn", - "DirectoryId", - "VpcInformation" + "AccessorType" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::Connector" + "AWS::ManagedBlockchain::Accessor" ], "type": "string" }, @@ -174830,24 +182888,7 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::Connector.VpcInformation": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups used with the connector. You can use a maximum of 4 security groups with a connector.", - "title": "SecurityGroupIds", - "type": "array" - } - }, - "required": [ - "SecurityGroupIds" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::DirectoryRegistration": { + "AWS::ManagedBlockchain::Member": { "additionalProperties": false, "properties": { "Condition": { @@ -174882,31 +182923,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DirectoryId": { - "markdownDescription": "The identifier of the Active Directory.", - "title": "DirectoryId", + "InvitationId": { + "markdownDescription": "The unique identifier of the invitation to join the network sent to the account that creates the member.", + "title": "InvitationId", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a directory registration consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "MemberConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberConfiguration", + "markdownDescription": "Configuration properties of the member.", + "title": "MemberConfiguration" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkConfiguration", + "markdownDescription": "Configuration properties of the network to which the member belongs.", + "title": "NetworkConfiguration" + }, + "NetworkId": { + "markdownDescription": "The unique identifier of the network to which the member belongs.", + "title": "NetworkId", + "type": "string" } }, "required": [ - "DirectoryId" + "MemberConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::DirectoryRegistration" + "AWS::ManagedBlockchain::Member" ], "type": "string" }, @@ -174925,7 +182970,161 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::ServicePrincipalName": { + "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { + "additionalProperties": false, + "properties": { + "ProposalDurationInHours": { + "markdownDescription": "The duration from the time that a proposal is created until it expires. If members cast neither the required number of `YES` votes to approve the proposal nor the number of `NO` votes required to reject it before the duration expires, the proposal is `EXPIRED` and `ProposalActions` aren't carried out.", + "title": "ProposalDurationInHours", + "type": "number" + }, + "ThresholdComparator": { + "markdownDescription": "Determines whether the vote percentage must be greater than the `ThresholdPercentage` or must be greater than or equal to the `ThresholdPercentage` to be approved.", + "title": "ThresholdComparator", + "type": "string" + }, + "ThresholdPercentage": { + "markdownDescription": "The percentage of votes among all members that must be `YES` for a proposal to be approved. For example, a `ThresholdPercentage` value of `50` indicates 50%. The `ThresholdComparator` determines the precise comparison. If a `ThresholdPercentage` value of `50` is specified on a network with 10 members, along with a `ThresholdComparator` value of `GREATER_THAN` , this indicates that 6 `YES` votes are required for the proposal to be approved.", + "title": "ThresholdPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.MemberConfiguration": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "An optional description of the member.", + "title": "Description", + "type": "string" + }, + "MemberFrameworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration", + "markdownDescription": "Configuration properties of the blockchain framework relevant to the member.", + "title": "MemberFrameworkConfiguration" + }, + "Name": { + "markdownDescription": "The name of the member.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.MemberFabricConfiguration": { + "additionalProperties": false, + "properties": { + "AdminPassword": { + "markdownDescription": "The password for the member's initial administrative user. The `AdminPassword` must be at least 8 characters long and no more than 32 characters. It must contain at least one uppercase letter, one lowercase letter, and one digit. It cannot have a single quotation mark (\u2018), a double quotation marks (\u201c), a forward slash(/), a backward slash(\\), @, or a space.", + "title": "AdminPassword", + "type": "string" + }, + "AdminUsername": { + "markdownDescription": "The user name for the member's initial administrative user.", + "title": "AdminUsername", + "type": "string" + } + }, + "required": [ + "AdminPassword", + "AdminUsername" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration": { + "additionalProperties": false, + "properties": { + "MemberFabricConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFabricConfiguration", + "markdownDescription": "Configuration properties for Hyperledger Fabric.", + "title": "MemberFabricConfiguration" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Attributes of the blockchain framework for the network.", + "title": "Description", + "type": "string" + }, + "Framework": { + "markdownDescription": "The blockchain framework that the network uses.", + "title": "Framework", + "type": "string" + }, + "FrameworkVersion": { + "markdownDescription": "The version of the blockchain framework that the network uses.", + "title": "FrameworkVersion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the network.", + "title": "Name", + "type": "string" + }, + "NetworkFrameworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration", + "markdownDescription": "Configuration properties relevant to the network for the blockchain framework that the network uses.", + "title": "NetworkFrameworkConfiguration" + }, + "VotingPolicy": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.VotingPolicy", + "markdownDescription": "The voting rules that the network uses to decide if a proposal is accepted.", + "title": "VotingPolicy" + } + }, + "required": [ + "Framework", + "FrameworkVersion", + "Name", + "VotingPolicy" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.NetworkFabricConfiguration": { + "additionalProperties": false, + "properties": { + "Edition": { + "markdownDescription": "The edition of Amazon Managed Blockchain that the network uses. Valid values are `standard` and `starter` . For more information, see [Amazon Managed Blockchain Pricing](https://docs.aws.amazon.com/managed-blockchain/pricing/)", + "title": "Edition", + "type": "string" + } + }, + "required": [ + "Edition" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration": { + "additionalProperties": false, + "properties": { + "NetworkFabricConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFabricConfiguration", + "markdownDescription": "Configuration properties for Hyperledger Fabric for a member in a Managed Blockchain network that is using the Hyperledger Fabric framework.", + "title": "NetworkFabricConfiguration" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.VotingPolicy": { + "additionalProperties": false, + "properties": { + "ApprovalThresholdPolicy": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy", + "markdownDescription": "Defines the rules for the network for voting on proposals, such as the percentage of `YES` votes required for the proposal to be approved and the duration of the proposal. The policy applies to all proposals and is specified when the network is created.", + "title": "ApprovalThresholdPolicy" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Node": { "additionalProperties": false, "properties": { "Condition": { @@ -174960,22 +183159,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", - "title": "ConnectorArn", + "MemberId": { + "markdownDescription": "The unique identifier of the member to which the node belongs. Applies only to Hyperledger Fabric.", + "title": "MemberId", "type": "string" }, - "DirectoryRegistrationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) .", - "title": "DirectoryRegistrationArn", + "NetworkId": { + "markdownDescription": "The unique identifier of the network for the node.\n\nEthereum public networks have the following `NetworkId` s:\n\n- `n-ethereum-mainnet`", + "title": "NetworkId", "type": "string" + }, + "NodeConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Node.NodeConfiguration", + "markdownDescription": "Configuration properties of a peer node.", + "title": "NodeConfiguration" } }, + "required": [ + "NetworkId", + "NodeConfiguration" + ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::ServicePrincipalName" + "AWS::ManagedBlockchain::Node" ], "type": "string" }, @@ -174989,11 +183197,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::PCAConnectorAD::Template": { + "AWS::ManagedBlockchain::Node.NodeConfiguration": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which the node exists. Required for Ethereum nodes.", + "title": "AvailabilityZone", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The Amazon Managed Blockchain instance type for the node.", + "title": "InstanceType", + "type": "string" + } + }, + "required": [ + "AvailabilityZone", + "InstanceType" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge": { "additionalProperties": false, "properties": { "Condition": { @@ -175028,48 +183257,58 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", - "title": "ConnectorArn", - "type": "string" + "EgressGatewayBridge": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.EgressGatewayBridge", + "markdownDescription": "An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises.", + "title": "EgressGatewayBridge" }, - "Definition": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateDefinition", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "Definition" + "IngressGatewayBridge": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.IngressGatewayBridge", + "markdownDescription": "An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud.", + "title": "IngressGatewayBridge" }, "Name": { - "markdownDescription": "Name of the templates. Template names must be unique.", + "markdownDescription": "The name of the bridge. This name can not be modified after the bridge is created.", "title": "Name", "type": "string" }, - "ReenrollAllCertificateHolders": { - "markdownDescription": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template.", - "title": "ReenrollAllCertificateHolders", - "type": "boolean" + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeOutput" + }, + "markdownDescription": "The outputs that you want to add to this bridge.", + "title": "Outputs", + "type": "array" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a template consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "PlacementArn": { + "markdownDescription": "The bridge placement Amazon Resource Number (ARN).", + "title": "PlacementArn", + "type": "string" + }, + "SourceFailoverConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.FailoverConfig", + "markdownDescription": "The settings for source failover.", + "title": "SourceFailoverConfig" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeSource" }, - "title": "Tags", - "type": "object" + "markdownDescription": "The sources that you want to add to this bridge.", + "title": "Sources", + "type": "array" } }, "required": [ - "ConnectorArn", - "Definition", - "Name" + "Name", + "PlacementArn", + "Sources" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::Template" + "AWS::MediaConnect::Bridge" ], "type": "string" }, @@ -175088,942 +183327,237 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ApplicationPolicies": { + "AWS::MediaConnect::Bridge.BridgeFlowSource": { "additionalProperties": false, "properties": { - "Critical": { - "markdownDescription": "Marks the application policy extension as critical.", - "title": "Critical", - "type": "boolean" + "FlowArn": { + "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", + "title": "FlowArn", + "type": "string" }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicy" - }, - "markdownDescription": "Application policies describe what the certificate can be used for.", - "title": "Policies", - "type": "array" + "FlowVpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this source.", + "title": "FlowVpcInterfaceAttachment" + }, + "Name": { + "markdownDescription": "The name of the flow source.", + "title": "Name", + "type": "string" } }, "required": [ - "Policies" + "FlowArn", + "Name" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ApplicationPolicy": { + "AWS::MediaConnect::Bridge.BridgeNetworkOutput": { "additionalProperties": false, "properties": { - "PolicyObjectIdentifier": { - "markdownDescription": "The object identifier (OID) of an application policy.", - "title": "PolicyObjectIdentifier", + "IpAddress": { + "markdownDescription": "The network output IP address.", + "title": "IpAddress", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of application policy", - "title": "PolicyType", + "Name": { + "markdownDescription": "The network output name.", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.CertificateValidity": { - "additionalProperties": false, - "properties": { - "RenewalPeriod": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", - "markdownDescription": "Renewal period is the period of time before certificate expiration when a new certificate will be requested.", - "title": "RenewalPeriod" }, - "ValidityPeriod": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", - "markdownDescription": "Information describing the end of the validity period of the certificate. This parameter sets the \u201cNot After\u201d date for the certificate. Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280. This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.", - "title": "ValidityPeriod" + "NetworkName": { + "markdownDescription": "The network output's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network output's port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" + }, + "Ttl": { + "markdownDescription": "The network output TTL.", + "title": "Ttl", + "type": "number" } }, "required": [ - "RenewalPeriod", - "ValidityPeriod" + "IpAddress", + "Name", + "NetworkName", + "Port", + "Protocol", + "Ttl" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV2": { + "AWS::MediaConnect::Bridge.BridgeNetworkSource": { "additionalProperties": false, "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" - }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" - }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV3": { - "additionalProperties": false, - "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" - }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" - }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV4": { - "additionalProperties": false, - "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" - }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" - }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.ExtensionsV2": { - "additionalProperties": false, - "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" - }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", - "title": "KeyUsage" - } - }, - "required": [ - "KeyUsage" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.ExtensionsV3": { - "additionalProperties": false, - "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" - }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", - "title": "KeyUsage" - } - }, - "required": [ - "KeyUsage" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.ExtensionsV4": { - "additionalProperties": false, - "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" - }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.", - "title": "KeyUsage" - } - }, - "required": [ - "KeyUsage" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV2": { - "additionalProperties": false, - "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" - }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users.", - "title": "MachineType", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV3": { - "additionalProperties": false, - "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" - }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", - "title": "MachineType", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV4": { - "additionalProperties": false, - "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" - }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", - "title": "MachineType", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.KeyUsage": { - "additionalProperties": false, - "properties": { - "Critical": { - "markdownDescription": "Sets the key usage extension to critical.", - "title": "Critical", - "type": "boolean" - }, - "UsageFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageFlags", - "markdownDescription": "The key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.", - "title": "UsageFlags" - } - }, - "required": [ - "UsageFlags" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.KeyUsageFlags": { - "additionalProperties": false, - "properties": { - "DataEncipherment": { - "markdownDescription": "DataEncipherment is asserted when the subject public key is used for directly enciphering raw user data without the use of an intermediate symmetric cipher.", - "title": "DataEncipherment", - "type": "boolean" - }, - "DigitalSignature": { - "markdownDescription": "The digitalSignature is asserted when the subject public key is used for verifying digital signatures.", - "title": "DigitalSignature", - "type": "boolean" - }, - "KeyAgreement": { - "markdownDescription": "KeyAgreement is asserted when the subject public key is used for key agreement.", - "title": "KeyAgreement", - "type": "boolean" - }, - "KeyEncipherment": { - "markdownDescription": "KeyEncipherment is asserted when the subject public key is used for enciphering private or secret keys, i.e., for key transport.", - "title": "KeyEncipherment", - "type": "boolean" - }, - "NonRepudiation": { - "markdownDescription": "NonRepudiation is asserted when the subject public key is used to verify digital signatures.", - "title": "NonRepudiation", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.KeyUsageProperty": { - "additionalProperties": false, - "properties": { - "PropertyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags", - "markdownDescription": "You can specify key usage for encryption, key agreement, and signature. You can use property flags or property type but not both.", - "title": "PropertyFlags" - }, - "PropertyType": { - "markdownDescription": "You can specify all key usages using property type ALL. You can use property type or property flags but not both.", - "title": "PropertyType", + "MulticastIp": { + "markdownDescription": "The network source multicast IP.", + "title": "MulticastIp", "type": "string" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags": { - "additionalProperties": false, - "properties": { - "Decrypt": { - "markdownDescription": "Allows key for encryption and decryption.", - "title": "Decrypt", - "type": "boolean" - }, - "KeyAgreement": { - "markdownDescription": "Allows key exchange without encryption.", - "title": "KeyAgreement", - "type": "boolean" }, - "Sign": { - "markdownDescription": "Allow key use for digital signature.", - "title": "Sign", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2": { - "additionalProperties": false, - "properties": { - "CryptoProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", - "type": "array" + "MulticastSourceSettings": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.MulticastSourceSettings", + "markdownDescription": "The settings related to the multicast source.", + "title": "MulticastSourceSettings" }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", + "Name": { + "markdownDescription": "The name of the network source.", + "title": "Name", "type": "string" }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", - "type": "number" - } - }, - "required": [ - "KeySpec", - "MinimalKeyLength" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3": { - "additionalProperties": false, - "properties": { - "Algorithm": { - "markdownDescription": "Defines the algorithm used to generate the private key.", - "title": "Algorithm", + "NetworkName": { + "markdownDescription": "The network source's gateway network name.", + "title": "NetworkName", "type": "string" }, - "CryptoProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", - "type": "array" + "Port": { + "markdownDescription": "The network source port.", + "title": "Port", + "type": "number" }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", + "Protocol": { + "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" - }, - "KeyUsageProperty": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", - "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", - "title": "KeyUsageProperty" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", - "type": "number" } }, "required": [ - "Algorithm", - "KeySpec", - "KeyUsageProperty", - "MinimalKeyLength" + "MulticastIp", + "Name", + "NetworkName", + "Port", + "Protocol" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4": { + "AWS::MediaConnect::Bridge.BridgeOutput": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "Defines the algorithm used to generate the private key.", - "title": "Algorithm", - "type": "string" - }, - "CryptoProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", - "type": "array" - }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", - "type": "string" - }, - "KeyUsageProperty": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", - "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", - "title": "KeyUsageProperty" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", - "type": "number" + "NetworkOutput": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkOutput", + "markdownDescription": "The output of the bridge. A network output is delivered to your premises.", + "title": "NetworkOutput" } }, - "required": [ - "KeySpec", - "MinimalKeyLength" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2": { + "AWS::MediaConnect::Bridge.BridgeSource": { "additionalProperties": false, "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", - "type": "string" - }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" + "FlowSource": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeFlowSource", + "markdownDescription": "The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow.", + "title": "FlowSource" }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Require user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", - "type": "boolean" + "NetworkSource": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkSource", + "markdownDescription": "The source of the bridge. A network source originates at your premises.", + "title": "NetworkSource" } }, - "required": [ - "ClientVersion" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3": { + "AWS::MediaConnect::Bridge.EgressGatewayBridge": { "additionalProperties": false, "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", - "type": "string" - }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" - }, - "RequireAlternateSignatureAlgorithm": { - "markdownDescription": "Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", - "title": "RequireAlternateSignatureAlgorithm", - "type": "boolean" - }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Requirer user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", - "type": "boolean" + "MaxBitrate": { + "markdownDescription": "The maximum expected bitrate (in bps) of the egress bridge.", + "title": "MaxBitrate", + "type": "number" } }, "required": [ - "ClientVersion" + "MaxBitrate" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4": { + "AWS::MediaConnect::Bridge.FailoverConfig": { "additionalProperties": false, "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", + "FailoverMode": { + "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams.", + "title": "FailoverMode", "type": "string" }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" - }, - "RequireAlternateSignatureAlgorithm": { - "markdownDescription": "Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", - "title": "RequireAlternateSignatureAlgorithm", - "type": "boolean" - }, - "RequireSameKeyRenewal": { - "markdownDescription": "Renew certificate using the same private key.", - "title": "RequireSameKeyRenewal", - "type": "boolean" - }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Require user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", - "type": "boolean" + "SourcePriority": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.SourcePriority", + "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", + "title": "SourcePriority" }, - "UseLegacyProvider": { - "markdownDescription": "Specifies the cryptographic service provider category used to generate private keys. Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.", - "title": "UseLegacyProvider", - "type": "boolean" + "State": { + "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", + "title": "State", + "type": "string" } }, "required": [ - "ClientVersion" + "FailoverMode" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV2": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV3": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV4": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.TemplateDefinition": { - "additionalProperties": false, - "properties": { - "TemplateV2": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV2", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV2" - }, - "TemplateV3": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV3", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV3" - }, - "TemplateV4": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV4", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV4" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.TemplateV2": { + "AWS::MediaConnect::Bridge.IngressGatewayBridge": { "additionalProperties": false, "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV2", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV2", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV2", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2", - "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, and cryptographic providers for the private key of a certificate for v2 templates. V2 templates allow you to use Legacy Cryptographic Service Providers.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2", - "markdownDescription": "Private key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV2", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" + "MaxBitrate": { + "markdownDescription": "The maximum expected bitrate (in bps) of the ingress bridge.", + "title": "MaxBitrate", + "type": "number" }, - "SupersededTemplates": { - "items": { - "type": "string" - }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", - "type": "array" + "MaxOutputs": { + "markdownDescription": "The maximum number of outputs on the ingress bridge.", + "title": "MaxOutputs", + "type": "number" } }, "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" + "MaxBitrate", + "MaxOutputs" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.TemplateV3": { + "AWS::MediaConnect::Bridge.MulticastSourceSettings": { "additionalProperties": false, "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV3", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV3", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV3", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "HashAlgorithm": { - "markdownDescription": "Specifies the hash algorithm used to hash the private key.", - "title": "HashAlgorithm", + "MulticastSourceIp": { + "markdownDescription": "The IP address of the source for source-specific multicast (SSM).", + "title": "MulticastSourceIp", "type": "string" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3", - "markdownDescription": "Private key attributes allow you to specify the algorithm, minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v3 templates. V3 templates allow you to use Key Storage Providers.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3", - "markdownDescription": "Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV3", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" - }, - "SupersededTemplates": { - "items": { - "type": "string" - }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", - "type": "array" } }, - "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "HashAlgorithm", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.TemplateV4": { + "AWS::MediaConnect::Bridge.SourcePriority": { "additionalProperties": false, "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV4", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV4", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV4", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "HashAlgorithm": { - "markdownDescription": "Specifies the hash algorithm used to hash the private key. Hash algorithm can only be specified when using Key Storage Providers.", - "title": "HashAlgorithm", + "PrimarySource": { + "markdownDescription": "The name of the source you choose as the primary source for this flow.", + "title": "PrimarySource", "type": "string" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4", - "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v4 templates. V4 templates allow you to use either Key Storage Providers or Legacy Cryptographic Service Providers. You specify the cryptography provider category in private key flags.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4", - "markdownDescription": "Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV4", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" - }, - "SupersededTemplates": { - "items": { - "type": "string" - }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", - "type": "array" } }, - "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ValidityPeriod": { + "AWS::MediaConnect::Bridge.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { - "Period": { - "markdownDescription": "The numeric value for the validity period.", - "title": "Period", - "type": "number" - }, - "PeriodType": { - "markdownDescription": "The unit of time. You can select hours, days, weeks, months, and years.", - "title": "PeriodType", + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", "type": "string" } }, - "required": [ - "Period", - "PeriodType" - ], "type": "object" }, - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry": { + "AWS::MediaConnect::BridgeOutput": { "additionalProperties": false, "properties": { "Condition": { @@ -176058,36 +183592,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRights": { - "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights", - "markdownDescription": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.", - "title": "AccessRights" - }, - "GroupDisplayName": { - "markdownDescription": "Name of the Active Directory group. This name does not need to match the group name in Active Directory.", - "title": "GroupDisplayName", + "BridgeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bridge that you want to update.", + "title": "BridgeArn", "type": "string" }, - "GroupSecurityIdentifier": { - "markdownDescription": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\".", - "title": "GroupSecurityIdentifier", + "Name": { + "markdownDescription": "The network output name. This name is used to reference the output and must be unique among outputs in this bridge.", + "title": "Name", "type": "string" }, - "TemplateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .", - "title": "TemplateArn", - "type": "string" + "NetworkOutput": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput", + "markdownDescription": "The network output of the bridge. A network output is delivered to your premises.", + "title": "NetworkOutput" } }, "required": [ - "AccessRights", - "GroupDisplayName" + "BridgeArn", + "Name", + "NetworkOutput" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" + "AWS::MediaConnect::BridgeOutput" ], "type": "string" }, @@ -176106,23 +183636,45 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights": { + "AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput": { "additionalProperties": false, "properties": { - "AutoEnroll": { - "markdownDescription": "Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment", - "title": "AutoEnroll", + "IpAddress": { + "markdownDescription": "The network output IP address.", + "title": "IpAddress", "type": "string" }, - "Enroll": { - "markdownDescription": "Allow or deny an Active Directory group from enrolling certificates issued against a template.", - "title": "Enroll", + "NetworkName": { + "markdownDescription": "The network output's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network output's port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" + }, + "Ttl": { + "markdownDescription": "The network output TTL.", + "title": "Ttl", + "type": "number" } }, + "required": [ + "IpAddress", + "NetworkName", + "Port", + "Protocol", + "Ttl" + ], "type": "object" }, - "AWS::Panorama::ApplicationInstance": { + "AWS::MediaConnect::BridgeSource": { "additionalProperties": false, "properties": { "Condition": { @@ -176157,59 +183709,36 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationInstanceIdToReplace": { - "markdownDescription": "The ID of an application instance to replace with the new instance.", - "title": "ApplicationInstanceIdToReplace", - "type": "string" - }, - "DefaultRuntimeContextDevice": { - "markdownDescription": "The device's ID.", - "title": "DefaultRuntimeContextDevice", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the application instance.", - "title": "Description", + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", "type": "string" }, - "ManifestOverridesPayload": { - "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestOverridesPayload", - "markdownDescription": "Setting overrides for the application manifest.", - "title": "ManifestOverridesPayload" - }, - "ManifestPayload": { - "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestPayload", - "markdownDescription": "The application's manifest document.", - "title": "ManifestPayload" + "FlowSource": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeFlowSource", + "markdownDescription": "The source of the flow.", + "title": "FlowSource" }, "Name": { - "markdownDescription": "A name for the application instance.", + "markdownDescription": "The name of the flow source. This name is used to reference the source and must be unique among sources in this bridge.", "title": "Name", "type": "string" }, - "RuntimeRoleArn": { - "markdownDescription": "The ARN of a runtime role for the application instance.", - "title": "RuntimeRoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags for the application instance.", - "title": "Tags", - "type": "array" + "NetworkSource": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeNetworkSource", + "markdownDescription": "The source of the network.", + "title": "NetworkSource" } }, "required": [ - "DefaultRuntimeContextDevice", - "ManifestPayload" + "BridgeArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Panorama::ApplicationInstance" + "AWS::MediaConnect::BridgeSource" ], "type": "string" }, @@ -176228,140 +183757,85 @@ ], "type": "object" }, - "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { - "additionalProperties": false, - "properties": { - "PayloadData": { - "markdownDescription": "The overrides document.", - "title": "PayloadData", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Panorama::ApplicationInstance.ManifestPayload": { + "AWS::MediaConnect::BridgeSource.BridgeFlowSource": { "additionalProperties": false, "properties": { - "PayloadData": { - "markdownDescription": "The application manifest.", - "title": "PayloadData", + "FlowArn": { + "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", + "title": "FlowArn", "type": "string" + }, + "FlowVpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this source.", + "title": "FlowVpcInterfaceAttachment" } }, + "required": [ + "FlowArn" + ], "type": "object" }, - "AWS::Panorama::Package": { + "AWS::MediaConnect::BridgeSource.BridgeNetworkSource": { "additionalProperties": false, "properties": { - "Condition": { + "MulticastIp": { + "markdownDescription": "The network source multicast IP.", + "title": "MulticastIp", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PackageName": { - "markdownDescription": "A name for the package.", - "title": "PackageName", - "type": "string" - }, - "StorageLocation": { - "$ref": "#/definitions/AWS::Panorama::Package.StorageLocation", - "markdownDescription": "A storage location.", - "title": "StorageLocation" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags for the package.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "PackageName" - ], - "type": "object" + "MulticastSourceSettings": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.MulticastSourceSettings", + "markdownDescription": "The settings related to the multicast source.", + "title": "MulticastSourceSettings" }, - "Type": { - "enum": [ - "AWS::Panorama::Package" - ], + "NetworkName": { + "markdownDescription": "The network source's gateway network name.", + "title": "NetworkName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Port": { + "markdownDescription": "The network source port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" } }, "required": [ - "Type", - "Properties" + "MulticastIp", + "NetworkName", + "Port", + "Protocol" ], "type": "object" }, - "AWS::Panorama::Package.StorageLocation": { + "AWS::MediaConnect::BridgeSource.MulticastSourceSettings": { "additionalProperties": false, "properties": { - "BinaryPrefixLocation": { - "markdownDescription": "The location's binary prefix.", - "title": "BinaryPrefixLocation", - "type": "string" - }, - "Bucket": { - "markdownDescription": "The location's bucket.", - "title": "Bucket", - "type": "string" - }, - "GeneratedPrefixLocation": { - "markdownDescription": "The location's generated prefix.", - "title": "GeneratedPrefixLocation", - "type": "string" - }, - "ManifestPrefixLocation": { - "markdownDescription": "The location's manifest prefix.", - "title": "ManifestPrefixLocation", + "MulticastSourceIp": { + "markdownDescription": "The IP address of the source for source-specific multicast (SSM).", + "title": "MulticastSourceIp", "type": "string" - }, - "RepoPrefixLocation": { - "markdownDescription": "The location's repo prefix.", - "title": "RepoPrefixLocation", + } + }, + "type": "object" + }, + "AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", "type": "string" } }, "type": "object" }, - "AWS::Panorama::PackageVersion": { + "AWS::MediaConnect::Flow": { "additionalProperties": false, "properties": { "Condition": { @@ -176396,47 +183870,72 @@ "Properties": { "additionalProperties": false, "properties": { - "MarkLatest": { - "markdownDescription": "Whether to mark the new version as the latest version.", - "title": "MarkLatest", - "type": "boolean" - }, - "OwnerAccount": { - "markdownDescription": "An owner account.", - "title": "OwnerAccount", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS Region.", + "title": "AvailabilityZone", "type": "string" }, - "PackageId": { - "markdownDescription": "A package ID.", - "title": "PackageId", + "FlowSize": { + "markdownDescription": "Determines the processing capacity and feature set of the flow. Set this optional parameter to LARGE if you want to enable NDI outputs on the flow.", + "title": "FlowSize", "type": "string" }, - "PackageVersion": { - "markdownDescription": "A package version.", - "title": "PackageVersion", - "type": "string" + "Maintenance": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Maintenance", + "markdownDescription": "The maintenance settings you want to use for the flow.", + "title": "Maintenance" }, - "PatchVersion": { - "markdownDescription": "A patch version.", - "title": "PatchVersion", - "type": "string" + "MediaStreams": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStream" + }, + "markdownDescription": "The media streams that are associated with the flow. After you associate a media stream with a source, you can also associate it with outputs on the flow.", + "title": "MediaStreams", + "type": "array" }, - "UpdatedLatestPatchVersion": { - "markdownDescription": "If the version was marked latest, the new version to maker as latest.", - "title": "UpdatedLatestPatchVersion", + "Name": { + "markdownDescription": "The name of the flow.", + "title": "Name", "type": "string" + }, + "NdiConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.NdiConfig", + "markdownDescription": "Specifies the configuration settings for NDI outputs. Required when the flow includes NDI outputs.", + "title": "NdiConfig" + }, + "Source": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Source", + "markdownDescription": "The settings for the source that you want to use for the new flow.", + "title": "Source" + }, + "SourceFailoverConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.FailoverConfig", + "markdownDescription": "The settings for source failover.", + "title": "SourceFailoverConfig" + }, + "SourceMonitoringConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SourceMonitoringConfig", + "markdownDescription": "The settings for source monitoring.", + "title": "SourceMonitoringConfig" + }, + "VpcInterfaces": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterface" + }, + "markdownDescription": "The VPC Interfaces for this flow.", + "title": "VpcInterfaces", + "type": "array" } }, "required": [ - "PackageId", - "PackageVersion", - "PatchVersion" + "Name", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::Panorama::PackageVersion" + "AWS::MediaConnect::Flow" ], "type": "string" }, @@ -176455,385 +183954,644 @@ ], "type": "object" }, - "AWS::PaymentCryptography::Alias": { + "AWS::MediaConnect::Flow.AudioMonitoringSetting": { "additionalProperties": false, "properties": { - "Condition": { + "SilentAudio": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SilentAudio", + "markdownDescription": "Detects periods of silence.", + "title": "SilentAudio" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.BlackFrames": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Indicates whether the `BlackFrames` metric is enabled or disabled..", + "title": "State", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of black frames that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.Encryption": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", + "type": "string" }, - "Metadata": { - "type": "object" + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AliasName": { - "markdownDescription": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n> Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output.", - "title": "AliasName", - "type": "string" - }, - "KeyArn": { - "markdownDescription": "The `KeyARN` of the key associated with the alias.", - "title": "KeyArn", - "type": "string" - } - }, - "required": [ - "AliasName" - ], - "type": "object" + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::PaymentCryptography::Alias" - ], + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", "type": "string" } }, "required": [ - "Type", - "Properties" + "RoleArn" ], "type": "object" }, - "AWS::PaymentCryptography::Key": { + "AWS::MediaConnect::Flow.FailoverConfig": { "additionalProperties": false, "properties": { - "Condition": { + "FailoverMode": { + "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. The string for this property must be entered as MERGE or FAILOVER. No other string entry is valid.", + "title": "FailoverMode", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RecoveryWindow": { + "markdownDescription": "Search window time to look for dash-7 packets.", + "title": "RecoveryWindow", + "type": "number" + }, + "SourcePriority": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SourcePriority", + "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", + "title": "SourcePriority" + }, + "State": { + "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.Fmtp": { + "additionalProperties": false, + "properties": { + "ChannelOrder": { + "markdownDescription": "The format of the audio channel.", + "title": "ChannelOrder", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Colorimetry": { + "markdownDescription": "The format used for the representation of color.", + "title": "Colorimetry", + "type": "string" }, - "Metadata": { - "type": "object" + "ExactFramerate": { + "markdownDescription": "The frame rate for the video stream, in frames/second. For example: 60000/1001.", + "title": "ExactFramerate", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether the key is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Exportable": { - "markdownDescription": "Specifies whether the key is exportable. This data is immutable after the key is created.", - "title": "Exportable", - "type": "boolean" - }, - "KeyAttributes": { - "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyAttributes", - "markdownDescription": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.", - "title": "KeyAttributes" - }, - "KeyCheckValueAlgorithm": { - "markdownDescription": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.", - "title": "KeyCheckValueAlgorithm", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Exportable", - "KeyAttributes" - ], - "type": "object" + "Par": { + "markdownDescription": "The pixel aspect ratio (PAR) of the video.", + "title": "Par", + "type": "string" }, - "Type": { - "enum": [ - "AWS::PaymentCryptography::Key" - ], + "Range": { + "markdownDescription": "The encoding range of the video.", + "title": "Range", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ScanMode": { + "markdownDescription": "The type of compression that was used to smooth the video\u2019s appearance.", + "title": "ScanMode", + "type": "string" + }, + "Tcs": { + "markdownDescription": "The transfer characteristic system (TCS) that is used in the video.", + "title": "Tcs", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PaymentCryptography::Key.KeyAttributes": { + "AWS::MediaConnect::Flow.FrozenFrames": { "additionalProperties": false, "properties": { - "KeyAlgorithm": { - "markdownDescription": "The key algorithm to be use during creation of an AWS Payment Cryptography key.\n\nFor symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms.", - "title": "KeyAlgorithm", + "State": { + "markdownDescription": "Indicates whether the `FrozenFrames` metric is enabled or disabled.", + "title": "State", "type": "string" }, - "KeyClass": { - "markdownDescription": "The type of AWS Payment Cryptography key to create, which determines the classi\ufb01cation of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.", - "title": "KeyClass", + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of a static image that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.GatewayBridgeSource": { + "additionalProperties": false, + "properties": { + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", "type": "string" }, - "KeyModesOfUse": { - "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyModesOfUse", - "markdownDescription": "The list of cryptographic operations that you can perform using the key.", - "title": "KeyModesOfUse" + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", + "title": "VpcInterfaceAttachment" + } + }, + "required": [ + "BridgeArn" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.InputConfiguration": { + "additionalProperties": false, + "properties": { + "InputPort": { + "markdownDescription": "The port that the flow listens on for an incoming media stream.", + "title": "InputPort", + "type": "number" }, - "KeyUsage": { - "markdownDescription": "The cryptographic usage of an AWS Payment Cryptography key as de\ufb01ned in section A.5.2 of the TR-31 spec.", - "title": "KeyUsage", + "Interface": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Interface", + "markdownDescription": "The VPC interface where the media stream comes in from.", + "title": "Interface" + } + }, + "required": [ + "InputPort", + "Interface" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.Interface": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the VPC interface.", + "title": "Name", "type": "string" } }, "required": [ - "KeyAlgorithm", - "KeyClass", - "KeyModesOfUse", - "KeyUsage" + "Name" ], "type": "object" }, - "AWS::PaymentCryptography::Key.KeyModesOfUse": { + "AWS::MediaConnect::Flow.Maintenance": { "additionalProperties": false, "properties": { - "Decrypt": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to decrypt data.", - "title": "Decrypt", - "type": "boolean" + "MaintenanceDay": { + "markdownDescription": "A day of a week when the maintenance will happen. Use Monday/Tuesday/Wednesday/Thursday/Friday/Saturday/Sunday.", + "title": "MaintenanceDay", + "type": "string" }, - "DeriveKey": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to derive new keys.", - "title": "DeriveKey", - "type": "boolean" + "MaintenanceStartHour": { + "markdownDescription": "UTC time when the maintenance will happen. Use 24-hour HH:MM format. Minutes must be 00. Example: 13:00. The default value is 02:00.", + "title": "MaintenanceStartHour", + "type": "string" + } + }, + "required": [ + "MaintenanceDay", + "MaintenanceStartHour" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.MediaStream": { + "additionalProperties": false, + "properties": { + "Attributes": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStreamAttributes", + "markdownDescription": "Attributes that are related to the media stream.", + "title": "Attributes" }, - "Encrypt": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to encrypt data.", - "title": "Encrypt", - "type": "boolean" + "ClockRate": { + "markdownDescription": "The sample rate for the stream. This value is measured in Hz.", + "title": "ClockRate", + "type": "number" }, - "Generate": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.", - "title": "Generate", - "type": "boolean" + "Description": { + "markdownDescription": "A description that can help you quickly identify what your media stream is used for.", + "title": "Description", + "type": "string" }, - "NoRestrictions": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` .", - "title": "NoRestrictions", - "type": "boolean" + "Fmt": { + "markdownDescription": "The format type number (sometimes referred to as RTP payload type) of the media stream. MediaConnect assigns this value to the media stream. For ST 2110 JPEG XS outputs, you need to provide this value to the receiver.", + "title": "Fmt", + "type": "number" }, - "Sign": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used for signing.", - "title": "Sign", - "type": "boolean" + "MediaStreamId": { + "markdownDescription": "A unique identifier for the media stream.", + "title": "MediaStreamId", + "type": "number" }, - "Unwrap": { - "markdownDescription": "", - "title": "Unwrap", - "type": "boolean" + "MediaStreamName": { + "markdownDescription": "A name that helps you distinguish one media stream from another.", + "title": "MediaStreamName", + "type": "string" }, - "Verify": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to verify signatures.", - "title": "Verify", - "type": "boolean" + "MediaStreamType": { + "markdownDescription": "The type of media stream.", + "title": "MediaStreamType", + "type": "string" }, - "Wrap": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to wrap other keys.", - "title": "Wrap", - "type": "boolean" + "VideoFormat": { + "markdownDescription": "The resolution of the video.", + "title": "VideoFormat", + "type": "string" } }, + "required": [ + "MediaStreamId", + "MediaStreamName", + "MediaStreamType" + ], "type": "object" }, - "AWS::Personalize::Dataset": { + "AWS::MediaConnect::Flow.MediaStreamAttributes": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Fmtp": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Fmtp", + "markdownDescription": "The settings that you want to use to define the media stream.", + "title": "Fmtp" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Lang": { + "markdownDescription": "The audio language, in a format that is recognized by the receiver.", + "title": "Lang", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.MediaStreamSourceConfiguration": { + "additionalProperties": false, + "properties": { + "EncodingName": { + "markdownDescription": "The format that was used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video, 2110 streams, set the encoding name to raw. For video, JPEG XS streams, set the encoding name to jxsv.", + "title": "EncodingName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.InputConfiguration" + }, + "markdownDescription": "The media streams that you want to associate with the source.", + "title": "InputConfigurations", + "type": "array" }, - "Metadata": { - "type": "object" + "MediaStreamName": { + "markdownDescription": "A name that helps you distinguish one media stream from another.", + "title": "MediaStreamName", + "type": "string" + } + }, + "required": [ + "EncodingName", + "MediaStreamName" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.NdiConfig": { + "additionalProperties": false, + "properties": { + "MachineName": { + "markdownDescription": "A prefix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect generates a unique 12-character ID as the prefix.", + "title": "MachineName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatasetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group.", - "title": "DatasetGroupArn", - "type": "string" - }, - "DatasetImportJob": { - "$ref": "#/definitions/AWS::Personalize::Dataset.DatasetImportJob", - "markdownDescription": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required.", - "title": "DatasetImportJob" - }, - "DatasetType": { - "markdownDescription": "One of the following values:\n\n- Interactions\n- Items\n- Users\n\n> You can't use CloudFormation to create an Action Interactions or Actions dataset.", - "title": "DatasetType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the dataset.", - "title": "Name", - "type": "string" - }, - "SchemaArn": { - "markdownDescription": "The ARN of the associated schema.", - "title": "SchemaArn", - "type": "string" - } + "NdiDiscoveryServers": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.NdiDiscoveryServerConfig" }, - "required": [ - "DatasetGroupArn", - "DatasetType", - "Name", - "SchemaArn" - ], - "type": "object" + "markdownDescription": "A list of up to three NDI discovery server configurations. While not required by the API, this configuration is necessary for NDI functionality to work properly.", + "title": "NdiDiscoveryServers", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Personalize::Dataset" - ], + "NdiState": { + "markdownDescription": "A setting that controls whether NDI outputs can be used in the flow. Must be ENABLED to add NDI outputs. Default is DISABLED.", + "title": "NdiState", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.NdiDiscoveryServerConfig": { + "additionalProperties": false, + "properties": { + "DiscoveryServerAddress": { + "markdownDescription": "The unique network address of the NDI discovery server.", + "title": "DiscoveryServerAddress", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DiscoveryServerPort": { + "markdownDescription": "The port for the NDI discovery server. Defaults to 5959 if a custom port isn't specified.", + "title": "DiscoveryServerPort", + "type": "number" + }, + "VpcInterfaceAdapter": { + "markdownDescription": "The identifier for the Virtual Private Cloud (VPC) network interface used by the flow.", + "title": "VpcInterfaceAdapter", "type": "string" } }, "required": [ - "Type", - "Properties" + "DiscoveryServerAddress", + "VpcInterfaceAdapter" ], "type": "object" }, - "AWS::Personalize::Dataset.DataSource": { + "AWS::MediaConnect::Flow.SilentAudio": { "additionalProperties": false, "properties": { - "DataLocation": { - "markdownDescription": "For dataset import jobs, the path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. For data deletion jobs, the path to the Amazon S3 bucket that stores the list of records to delete.\n\nFor example:\n\n`s3://bucket-name/folder-name/fileName.csv`\n\nIf your CSV files are in a folder in your Amazon S3 bucket and you want your import job or data deletion job to consider multiple files, you can specify the path to the folder. With a data deletion job, Amazon Personalize uses all files in the folder and any sub folder. Use the following syntax with a `/` after the folder name:\n\n`s3://bucket-name/folder-name/`", - "title": "DataLocation", + "State": { + "markdownDescription": "Indicates whether the `SilentAudio` metric is enabled or disabled.", + "title": "State", "type": "string" + }, + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of silence that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" } }, "type": "object" }, - "AWS::Personalize::Dataset.DatasetImportJob": { + "AWS::MediaConnect::Flow.Source": { "additionalProperties": false, "properties": { - "DataSource": { - "$ref": "#/definitions/AWS::Personalize::Dataset.DataSource", - "markdownDescription": "The Amazon S3 bucket that contains the training data to import.", - "title": "DataSource" + "Decryption": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Encryption", + "markdownDescription": "The type of encryption that is used on the content ingested from this source.", + "title": "Decryption" }, - "DatasetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that receives the imported data.", - "title": "DatasetArn", + "Description": { + "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", + "title": "Description", "type": "string" }, - "DatasetImportJobArn": { - "markdownDescription": "The ARN of the dataset import job.", - "title": "DatasetImportJobArn", + "EntitlementArn": { + "markdownDescription": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow.", + "title": "EntitlementArn", "type": "string" }, - "JobName": { - "markdownDescription": "The name of the import job.", - "title": "JobName", + "GatewayBridgeSource": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.GatewayBridgeSource", + "markdownDescription": "The source configuration for cloud flows receiving a stream from a bridge.", + "title": "GatewayBridgeSource" + }, + "IngestIp": { + "markdownDescription": "The IP address that the flow will be listening on for incoming content.", + "title": "IngestIp", + "type": "string" + }, + "IngestPort": { + "markdownDescription": "The port that the flow will be listening on for incoming content.", + "title": "IngestPort", + "type": "number" + }, + "MaxBitrate": { + "markdownDescription": "The maximum bitrate for RIST, RTP, and RTP-FEC streams.", + "title": "MaxBitrate", + "type": "number" + }, + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds for a RIST or Zixi-based source.", + "title": "MaxLatency", + "type": "number" + }, + "MaxSyncBuffer": { + "markdownDescription": "The size of the buffer (in milliseconds) to use to sync incoming source data.", + "title": "MaxSyncBuffer", + "type": "number" + }, + "MediaStreamSourceConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStreamSourceConfiguration" + }, + "markdownDescription": "The media streams that are associated with the source, and the parameters for those associations.", + "title": "MediaStreamSourceConfigurations", + "type": "array" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the source.", + "title": "Name", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" + }, + "SenderControlPort": { + "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", + "title": "SenderControlPort", + "type": "number" + }, + "SenderIpAddress": { + "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", + "title": "SenderIpAddress", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN of the source.", + "title": "SourceArn", + "type": "string" + }, + "SourceIngestPort": { + "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", + "title": "SourceIngestPort", + "type": "string" + }, + "SourceListenerAddress": { + "markdownDescription": "Source IP or domain name for SRT-caller protocol.", + "title": "SourceListenerAddress", + "type": "string" + }, + "SourceListenerPort": { + "markdownDescription": "Source port for SRT-caller protocol.", + "title": "SourceListenerPort", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for the transport. This parameter applies only to Zixi-based streams.", + "title": "StreamId", + "type": "string" + }, + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface that is used for this source.", + "title": "VpcInterfaceName", + "type": "string" + }, + "WhitelistCidr": { + "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "WhitelistCidr", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.SourceMonitoringConfig": { + "additionalProperties": false, + "properties": { + "AudioMonitoringSettings": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.AudioMonitoringSetting" + }, + "markdownDescription": "Contains the settings for audio stream metrics monitoring.", + "title": "AudioMonitoringSettings", + "type": "array" + }, + "ContentQualityAnalysisState": { + "markdownDescription": "Indicates whether content quality analysis is enabled or disabled.", + "title": "ContentQualityAnalysisState", + "type": "string" + }, + "ThumbnailState": { + "markdownDescription": "The current state of the thumbnail monitoring.\n\n- If you don't explicitly specify a value when creating a flow, no thumbnail state will be set.\n- If you update an existing flow and remove a previously set thumbnail state, the value will change to `DISABLED` .", + "title": "ThumbnailState", + "type": "string" + }, + "VideoMonitoringSettings": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VideoMonitoringSetting" + }, + "markdownDescription": "Contains the settings for video stream metrics monitoring.", + "title": "VideoMonitoringSettings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.SourcePriority": { + "additionalProperties": false, + "properties": { + "PrimarySource": { + "markdownDescription": "The name of the source you choose as the primary source for this flow.", + "title": "PrimarySource", + "type": "string" + } + }, + "required": [ + "PrimarySource" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.VideoMonitoringSetting": { + "additionalProperties": false, + "properties": { + "BlackFrames": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.BlackFrames", + "markdownDescription": "Detects video frames that are black.", + "title": "BlackFrames" + }, + "FrozenFrames": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.FrozenFrames", + "markdownDescription": "Detects video frames that have not changed.", + "title": "FrozenFrames" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.VpcInterface": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Immutable and has to be a unique against other VpcInterfaces in this Flow.", + "title": "Name", + "type": "string" + }, + "NetworkInterfaceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "IDs of the network interfaces created in customer's account by MediaConnect .", + "title": "NetworkInterfaceIds", + "type": "array" + }, + "NetworkInterfaceType": { + "markdownDescription": "The type of network interface.", + "title": "NetworkInterfaceType", "type": "string" }, "RoleArn": { - "markdownDescription": "The ARN of the IAM role that has permissions to read from the Amazon S3 data source.", + "markdownDescription": "A role Arn MediaConnect can assume to create ENIs in your account.", "title": "RoleArn", "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Security Group IDs to be used on ENI.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "Subnet must be in the AZ of the Flow.", + "title": "SubnetId", + "type": "string" } }, + "required": [ + "Name", + "RoleArn", + "SecurityGroupIds", + "SubnetId" + ], "type": "object" }, - "AWS::Personalize::DatasetGroup": { + "AWS::MediaConnect::Flow.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::FlowEntitlement": { "additionalProperties": false, "properties": { "Condition": { @@ -176868,35 +184626,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of a Domain dataset group.", - "title": "Domain", + "DataTransferSubscriberFeePercent": { + "markdownDescription": "The percentage of the entitlement data transfer fee that you want the subscriber to be responsible for.", + "title": "DataTransferSubscriberFeePercent", + "type": "number" + }, + "Description": { + "markdownDescription": "A description of the entitlement. This description appears only on the MediaConnect console and is not visible outside of the current AWS account.", + "title": "Description", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key used to encrypt the datasets.", - "title": "KmsKeyArn", + "Encryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowEntitlement.Encryption", + "markdownDescription": "Information about the encryption of the flow.", + "title": "Encryption" + }, + "EntitlementStatus": { + "markdownDescription": "An indication of whether the new entitlement should be enabled or disabled as soon as it is created. If you don\u2019t specify the entitlementStatus field in your request, MediaConnect sets it to ENABLED.", + "title": "EntitlementStatus", + "type": "string" + }, + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "FlowArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the dataset group.", + "markdownDescription": "The name of the entitlement. This value must be unique within the current flow.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key.", - "title": "RoleArn", - "type": "string" + "Subscribers": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", + "title": "Subscribers", + "type": "array" } }, "required": [ - "Name" + "Description", + "FlowArn", + "Name", + "Subscribers" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::DatasetGroup" + "AWS::MediaConnect::FlowEntitlement" ], "type": "string" }, @@ -176915,7 +184694,62 @@ ], "type": "object" }, - "AWS::Personalize::Schema": { + "AWS::MediaConnect::FlowEntitlement.Encryption": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", + "type": "string" + }, + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", + "type": "string" + }, + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", + "type": "string" + }, + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "Algorithm", + "RoleArn" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput": { "additionalProperties": false, "properties": { "Condition": { @@ -176950,31 +184784,112 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of a schema that you created for a dataset in a Domain dataset group.", - "title": "Domain", + "CidrAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "CidrAllowList", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the output. This description appears only on the MediaConnect console and will not be seen by the end user.", + "title": "Description", + "type": "string" + }, + "Destination": { + "markdownDescription": "The IP address where you want to send the output.", + "title": "Destination", + "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Encryption", + "markdownDescription": "The type of key used for the encryption. If no `keyType` is provided, the service will use the default setting (static-key). Allowable encryption types: static-key.", + "title": "Encryption" + }, + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow this output is attached to.", + "title": "FlowArn", "type": "string" }, + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", + "title": "MaxLatency", + "type": "number" + }, + "MediaStreamOutputConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.MediaStreamOutputConfiguration" + }, + "markdownDescription": "The media streams that are associated with the output, and the parameters for those associations.", + "title": "MediaStreamOutputConfigurations", + "type": "array" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" + }, "Name": { - "markdownDescription": "The name of the schema.", + "markdownDescription": "The name of the bridge's output.", "title": "Name", "type": "string" }, - "Schema": { - "markdownDescription": "The schema.", - "title": "Schema", + "NdiProgramName": { + "markdownDescription": "A suffix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect uses the output name.", + "title": "NdiProgramName", "type": "string" + }, + "NdiSpeedHqQuality": { + "markdownDescription": "A quality setting for the NDI Speed HQ encoder.", + "title": "NdiSpeedHqQuality", + "type": "number" + }, + "OutputStatus": { + "markdownDescription": "", + "title": "OutputStatus", + "type": "string" + }, + "Port": { + "markdownDescription": "The port to use when content is distributed to this output.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol to use for the output.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" + }, + "RemoteId": { + "markdownDescription": "The remote ID for the Zixi-pull stream.", + "title": "RemoteId", + "type": "string" + }, + "SmoothingLatency": { + "markdownDescription": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams.", + "title": "SmoothingLatency", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", + "title": "StreamId", + "type": "string" + }, + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this output.", + "title": "VpcInterfaceAttachment" } }, "required": [ - "Name", - "Schema" + "FlowArn", + "Protocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::Schema" + "AWS::MediaConnect::FlowOutput" ], "type": "string" }, @@ -176993,316 +184908,140 @@ ], "type": "object" }, - "AWS::Personalize::Solution": { + "AWS::MediaConnect::FlowOutput.DestinationConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "DestinationIp": { + "markdownDescription": "The IP address where you want MediaConnect to send contents of the media stream.", + "title": "DestinationIp", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DestinationPort": { + "markdownDescription": "The port that you want MediaConnect to use when it distributes the media stream to the output.", + "title": "DestinationPort", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatasetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group that provides the training data.", - "title": "DatasetGroupArn", - "type": "string" - }, - "EventType": { - "markdownDescription": "The event type (for example, 'click' or 'like') that is used for training the model. If no `eventType` is provided, Amazon Personalize uses all interactions for training with equal weight regardless of type.", - "title": "EventType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the solution.", - "title": "Name", - "type": "string" - }, - "PerformAutoML": { - "markdownDescription": "> We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see [Determining your use case.](https://docs.aws.amazon.com/personalize/latest/dg/determining-use-case.html) \n\nWhen true, Amazon Personalize performs a search for the best USER_PERSONALIZATION recipe from the list specified in the solution configuration ( `recipeArn` must not be specified). When false (the default), Amazon Personalize uses `recipeArn` for training.", - "title": "PerformAutoML", - "type": "boolean" - }, - "PerformHPO": { - "markdownDescription": "Whether to perform hyperparameter optimization (HPO) on the chosen recipe. The default is `false` .", - "title": "PerformHPO", - "type": "boolean" - }, - "RecipeArn": { - "markdownDescription": "The ARN of the recipe used to create the solution. This is required when `performAutoML` is false.", - "title": "RecipeArn", - "type": "string" - }, - "SolutionConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.SolutionConfig", - "markdownDescription": "Describes the configuration properties for the solution.", - "title": "SolutionConfig" - } - }, - "required": [ - "DatasetGroupArn", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Personalize::Solution" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Interface": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Interface", + "markdownDescription": "The VPC interface that you want to use for the media stream associated with the output.", + "title": "Interface" } }, "required": [ - "Type", - "Properties" + "DestinationIp", + "DestinationPort", + "Interface" ], "type": "object" }, - "AWS::Personalize::Solution.AlgorithmHyperParameterRanges": { - "additionalProperties": false, - "properties": { - "CategoricalHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.CategoricalHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of a categorical hyperparameter.", - "title": "CategoricalHyperParameterRanges", - "type": "array" - }, - "ContinuousHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.ContinuousHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of a continuous hyperparameter.", - "title": "ContinuousHyperParameterRanges", - "type": "array" - }, - "IntegerHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.IntegerHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of an integer-valued hyperparameter.", - "title": "IntegerHyperParameterRanges", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.AutoMLConfig": { - "additionalProperties": false, - "properties": { - "MetricName": { - "markdownDescription": "The metric to optimize.", - "title": "MetricName", - "type": "string" - }, - "RecipeList": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of candidate recipes.", - "title": "RecipeList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.CategoricalHyperParameterRange": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the categories for the hyperparameter.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.ContinuousHyperParameterRange": { + "AWS::MediaConnect::FlowOutput.EncodingParameters": { "additionalProperties": false, "properties": { - "MaxValue": { - "markdownDescription": "The maximum allowable value for the hyperparameter.", - "title": "MaxValue", - "type": "number" - }, - "MinValue": { - "markdownDescription": "The minimum allowable value for the hyperparameter.", - "title": "MinValue", + "CompressionFactor": { + "markdownDescription": "A value that is used to calculate compression for an output. The bitrate of the output is calculated as follows: Output bitrate = (1 / compressionFactor) * (source bitrate) This property only applies to outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol. Valid values are floating point numbers in the range of 3.0 to 10.0, inclusive.", + "title": "CompressionFactor", "type": "number" }, - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", + "EncoderProfile": { + "markdownDescription": "A setting on the encoder that drives compression settings. This property only applies to video media streams associated with outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol.", + "title": "EncoderProfile", "type": "string" } }, + "required": [ + "CompressionFactor" + ], "type": "object" }, - "AWS::Personalize::Solution.HpoConfig": { + "AWS::MediaConnect::FlowOutput.Encryption": { "additionalProperties": false, "properties": { - "AlgorithmHyperParameterRanges": { - "$ref": "#/definitions/AWS::Personalize::Solution.AlgorithmHyperParameterRanges", - "markdownDescription": "The hyperparameters and their allowable ranges.", - "title": "AlgorithmHyperParameterRanges" - }, - "HpoObjective": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoObjective", - "markdownDescription": "The metric to optimize during HPO.\n\n> Amazon Personalize doesn't support configuring the `hpoObjective` at this time.", - "title": "HpoObjective" + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", + "type": "string" }, - "HpoResourceConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoResourceConfig", - "markdownDescription": "Describes the resource configuration for HPO.", - "title": "HpoResourceConfig" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.HpoObjective": { - "additionalProperties": false, - "properties": { - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", "type": "string" }, - "MetricRegex": { - "markdownDescription": "A regular expression for finding the metric in the training job logs.", - "title": "MetricRegex", + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", "type": "string" }, - "Type": { - "markdownDescription": "The type of the metric. Valid values are `Maximize` and `Minimize` .", - "title": "Type", + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", "type": "string" } }, + "required": [ + "RoleArn", + "SecretArn" + ], "type": "object" }, - "AWS::Personalize::Solution.HpoResourceConfig": { + "AWS::MediaConnect::FlowOutput.Interface": { "additionalProperties": false, "properties": { - "MaxNumberOfTrainingJobs": { - "markdownDescription": "The maximum number of training jobs when you create a solution version. The maximum value for `maxNumberOfTrainingJobs` is `40` .", - "title": "MaxNumberOfTrainingJobs", - "type": "string" - }, - "MaxParallelTrainingJobs": { - "markdownDescription": "The maximum number of parallel training jobs when you create a solution version. The maximum value for `maxParallelTrainingJobs` is `10` .", - "title": "MaxParallelTrainingJobs", + "Name": { + "markdownDescription": "The name of the VPC interface.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Personalize::Solution.IntegerHyperParameterRange": { + "AWS::MediaConnect::FlowOutput.MediaStreamOutputConfiguration": { "additionalProperties": false, "properties": { - "MaxValue": { - "markdownDescription": "The maximum allowable value for the hyperparameter.", - "title": "MaxValue", - "type": "number" + "DestinationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.DestinationConfiguration" + }, + "markdownDescription": "The transport parameters that are associated with each outbound media stream.", + "title": "DestinationConfigurations", + "type": "array" }, - "MinValue": { - "markdownDescription": "The minimum allowable value for the hyperparameter.", - "title": "MinValue", - "type": "number" + "EncodingName": { + "markdownDescription": "The format that was used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video, 2110 streams, set the encoding name to raw. For video, JPEG XS streams, set the encoding name to jxsv.", + "title": "EncodingName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", + "EncodingParameters": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.EncodingParameters", + "markdownDescription": "A collection of parameters that determine how MediaConnect will convert the content. These fields only apply to outputs on flows that have a CDI source.", + "title": "EncodingParameters" + }, + "MediaStreamName": { + "markdownDescription": "The name of the media stream.", + "title": "MediaStreamName", "type": "string" } }, + "required": [ + "EncodingName", + "MediaStreamName" + ], "type": "object" }, - "AWS::Personalize::Solution.SolutionConfig": { + "AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { - "AlgorithmHyperParameters": { - "additionalProperties": true, - "markdownDescription": "Lists the algorithm hyperparameters and their values.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AlgorithmHyperParameters", - "type": "object" - }, - "AutoMLConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.AutoMLConfig", - "markdownDescription": "The [AutoMLConfig](https://docs.aws.amazon.com/personalize/latest/dg/API_AutoMLConfig.html) object containing a list of recipes to search when AutoML is performed.", - "title": "AutoMLConfig" - }, - "EventValueThreshold": { - "markdownDescription": "Only events with a value greater than or equal to this threshold are used for training a model.", - "title": "EventValueThreshold", + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", "type": "string" - }, - "FeatureTransformationParameters": { - "additionalProperties": true, - "markdownDescription": "Lists the feature transformation parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "FeatureTransformationParameters", - "type": "object" - }, - "HpoConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoConfig", - "markdownDescription": "Describes the properties for hyperparameter optimization (HPO).", - "title": "HpoConfig" } }, "type": "object" }, - "AWS::Pinpoint::ADMChannel": { + "AWS::MediaConnect::FlowSource": { "additionalProperties": false, "properties": { "Condition": { @@ -177337,37 +185076,106 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the ADM channel applies to.", - "title": "ApplicationId", + "Decryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.Encryption", + "markdownDescription": "The type of encryption that is used on the content ingested from this source. Allowable encryption types: static-key.", + "title": "Decryption" + }, + "Description": { + "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", + "title": "Description", "type": "string" }, - "ClientId": { - "markdownDescription": "The Client ID that you received from Amazon to send messages by using ADM.", - "title": "ClientId", + "EntitlementArn": { + "markdownDescription": "The ARN of the entitlement that allows you to subscribe to this flow. The entitlement is set by the flow originator, and the ARN is generated as part of the originator's flow.", + "title": "EntitlementArn", "type": "string" }, - "ClientSecret": { - "markdownDescription": "The Client Secret that you received from Amazon to send messages by using ADM.", - "title": "ClientSecret", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", + "title": "FlowArn", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the ADM channel for the application.", - "title": "Enabled", - "type": "boolean" + "GatewayBridgeSource": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.GatewayBridgeSource", + "markdownDescription": "The bridge's source.", + "title": "GatewayBridgeSource" + }, + "IngestPort": { + "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", + "title": "IngestPort", + "type": "number" + }, + "MaxBitrate": { + "markdownDescription": "The smoothing max bitrate (in bps) for RIST, RTP, and RTP-FEC streams.", + "title": "MaxBitrate", + "type": "number" + }, + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", + "title": "MaxLatency", + "type": "number" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the source.", + "title": "Name", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol that the source uses to deliver the content to MediaConnect. Adding additional sources to an existing flow requires Failover to be enabled. When you enable Failover, the additional source must use the same protocol as the existing source. Only the following protocols support failover: Zixi-push, RTP-FEC, RTP, RIST and SRT protocols.\n\nIf you use failover with SRT caller or listener, the `FailoverMode` property must be set to `FAILOVER` . The `FailoverMode` property\u00a0is found in\u00a0the `FailoverConfig` resource\u00a0of the same flow ARN you used for the source's `FlowArn` property. SRT caller/listener does not support\u00a0merge\u00a0mode failover.", + "title": "Protocol", + "type": "string" + }, + "SenderControlPort": { + "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", + "title": "SenderControlPort", + "type": "number" + }, + "SenderIpAddress": { + "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", + "title": "SenderIpAddress", + "type": "string" + }, + "SourceListenerAddress": { + "markdownDescription": "Source IP or domain name for SRT-caller protocol.", + "title": "SourceListenerAddress", + "type": "string" + }, + "SourceListenerPort": { + "markdownDescription": "Source port for SRT-caller protocol.", + "title": "SourceListenerPort", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", + "title": "StreamId", + "type": "string" + }, + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this source.", + "title": "VpcInterfaceName", + "type": "string" + }, + "WhitelistCidr": { + "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "WhitelistCidr", + "type": "string" } }, "required": [ - "ApplicationId", - "ClientId", - "ClientSecret" + "Description", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::ADMChannel" + "AWS::MediaConnect::FlowSource" ], "type": "string" }, @@ -177386,7 +185194,91 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSChannel": { + "AWS::MediaConnect::FlowSource.Encryption": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", + "type": "string" + }, + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", + "type": "string" + }, + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", + "type": "string" + }, + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowSource.GatewayBridgeSource": { + "additionalProperties": false, + "properties": { + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", + "type": "string" + }, + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", + "title": "VpcInterfaceAttachment" + } + }, + "required": [ + "BridgeArn" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowSource.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::FlowVpcInterface": { "additionalProperties": false, "properties": { "Condition": { @@ -177421,60 +185313,47 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "FlowArn", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", + "Name": { + "markdownDescription": "The name for the VPC interface. This name must be unique within the flow.", + "title": "Name", "type": "string" }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created when you set up MediaConnect as a trusted service.", + "title": "RoleArn", "type": "string" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A virtual firewall to control inbound and outbound traffic.", + "title": "SecurityGroupIds", + "type": "array" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", + "SubnetId": { + "markdownDescription": "The subnet IDs that you want to use for your VPC interface. A range of IP addresses in your VPC. When you create your VPC, you specify a range of IPv4 addresses for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. This is the primary CIDR block for your VPC. When you create a subnet for your VPC, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. The subnets that you use across all VPC interfaces on the flow must be in the same Availability Zone as the flow.", + "title": "SubnetId", "type": "string" } }, "required": [ - "ApplicationId" + "FlowArn", + "Name", + "RoleArn", + "SecurityGroupIds", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSChannel" + "AWS::MediaConnect::FlowVpcInterface" ], "type": "string" }, @@ -177493,7 +185372,7 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSSandboxChannel": { + "AWS::MediaConnect::Gateway": { "additionalProperties": false, "properties": { "Condition": { @@ -177528,60 +185407,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs sandbox channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs Sandbox channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", - "type": "string" - }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", - "type": "string" + "EgressCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The range of IP addresses that are allowed to contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "EgressCidrBlocks", + "type": "array" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", + "Name": { + "markdownDescription": "The name of the gateway. This name can not be modified after the gateway is created.", + "title": "Name", "type": "string" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "Networks": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Gateway.GatewayNetwork" + }, + "markdownDescription": "The list of networks in the gateway.", + "title": "Networks", + "type": "array" } }, "required": [ - "ApplicationId" + "EgressCidrBlocks", + "Name", + "Networks" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSSandboxChannel" + "AWS::MediaConnect::Gateway" ], "type": "string" }, @@ -177600,7 +185457,27 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSVoipChannel": { + "AWS::MediaConnect::Gateway.GatewayNetwork": { + "additionalProperties": false, + "properties": { + "CidrBlock": { + "markdownDescription": "A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "CidrBlock", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "CidrBlock", + "Name" + ], + "type": "object" + }, + "AWS::MediaConvert::JobTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -177635,60 +185512,68 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs VoIP channel applies to.", - "title": "ApplicationId", - "type": "string" + "AccelerationSettings": { + "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.AccelerationSettings", + "markdownDescription": "Accelerated transcoding can significantly speed up jobs with long, visually complex content. Outputs that use this feature incur pro-tier pricing. For information about feature limitations, For more information, see [Job Limitations for Accelerated Transcoding in AWS Elemental MediaConvert](https://docs.aws.amazon.com/mediaconvert/latest/ug/job-requirements.html) in the *AWS Elemental MediaConvert User Guide* .", + "title": "AccelerationSettings" }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", + "Category": { + "markdownDescription": "Optional. A category for the job template you are creating", + "title": "Category", "type": "string" }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", + "Description": { + "markdownDescription": "Optional. A description of the job template you are creating.", + "title": "Description", "type": "string" }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", + "HopDestinations": { + "items": { + "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.HopDestination" + }, + "markdownDescription": "Optional. Configuration for a destination queue to which the job can hop once a customer-defined minimum wait time has passed. For more information, see [Setting Up Queue Hopping to Avoid Long Waits](https://docs.aws.amazon.com/mediaconvert/latest/ug/setting-up-queue-hopping-to-avoid-long-waits.html) in the *AWS Elemental MediaConvert User Guide* .", + "title": "HopDestinations", + "type": "array" + }, + "Name": { + "markdownDescription": "Name of the output group", + "title": "Name", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs VoIP channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" + "Priority": { + "markdownDescription": "Specify the relative priority for this job. In any given queue, the service begins processing the job with the highest value first. When more than one job has the same priority, the service begins processing the job that you submitted first. If you don't specify a priority, the service uses the default value 0. Minimum: -50 Maximum: 50", + "title": "Priority", + "type": "number" }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", + "Queue": { + "markdownDescription": "Optional. The queue that jobs created from this template are assigned to. Specify the Amazon Resource Name (ARN) of the queue. For example, arn:aws:mediaconvert:us-west-2:505474453218:queues/Default. If you don't specify this, jobs will go to the default queue.", + "title": "Queue", "type": "string" }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", - "type": "string" + "SettingsJson": { + "markdownDescription": "Specify, in JSON format, the transcoding job settings for this job template. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert job templates, see [Working with AWS Elemental MediaConvert Job Templates](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-job-templates.html) in the ** .", + "title": "SettingsJson", + "type": "object" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", + "StatusUpdateInterval": { + "markdownDescription": "Specify how often MediaConvert sends STATUS_UPDATE events to Amazon CloudWatch Events. Set the interval, in seconds, between status updates. MediaConvert sends an update at this interval from the time the service begins processing your job to the time it completes the transcode or encounters an error.\n\nSpecify one of the following enums:\n\nSECONDS_10\n\nSECONDS_12\n\nSECONDS_15\n\nSECONDS_20\n\nSECONDS_30\n\nSECONDS_60\n\nSECONDS_120\n\nSECONDS_180\n\nSECONDS_240\n\nSECONDS_300\n\nSECONDS_360\n\nSECONDS_420\n\nSECONDS_480\n\nSECONDS_540\n\nSECONDS_600", + "title": "StatusUpdateInterval", "type": "string" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" } }, "required": [ - "ApplicationId" + "SettingsJson" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSVoipChannel" + "AWS::MediaConvert::JobTemplate" ], "type": "string" }, @@ -177707,7 +185592,42 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSVoipSandboxChannel": { + "AWS::MediaConvert::JobTemplate.AccelerationSettings": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "Specify the conditions when the service will run your job with accelerated transcoding.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::MediaConvert::JobTemplate.HopDestination": { + "additionalProperties": false, + "properties": { + "Priority": { + "markdownDescription": "Optional. When you set up a job to use queue hopping, you can specify a different relative priority for the job in the destination queue. If you don't specify, the relative priority will remain the same as in the previous queue.", + "title": "Priority", + "type": "number" + }, + "Queue": { + "markdownDescription": "Optional unless the job is submitted on the default queue. When you set up a job to use queue hopping, you can specify a destination queue. This queue cannot be the original queue to which the job is submitted. If the original queue isn't the default queue and you don't specify the destination queue, the job will move to the default queue.", + "title": "Queue", + "type": "string" + }, + "WaitMinutes": { + "markdownDescription": "Required for setting up a job to use queue hopping. Minimum wait time in minutes until the job can hop to the destination queue. Valid range is 1 to 4320 minutes, inclusive.", + "title": "WaitMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaConvert::Preset": { "additionalProperties": false, "properties": { "Condition": { @@ -177742,60 +185662,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the application that the APNs VoIP sandbox channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", + "Category": { + "markdownDescription": "The new category for the preset, if you are changing it.", + "title": "Category", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the APNs VoIP sandbox channel is enabled for the application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with the APNs sandbox environment.", - "title": "PrivateKey", + "Description": { + "markdownDescription": "The new description for the preset, if you are changing it.", + "title": "Description", "type": "string" }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple developer account team. This identifier is used for APNs tokens.", - "title": "TeamId", + "Name": { + "markdownDescription": "The name of the preset that you are modifying.", + "title": "Name", "type": "string" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", - "type": "string" + "SettingsJson": { + "markdownDescription": "Specify, in JSON format, the transcoding job settings for this output preset. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert output presets, see [Working with AWS Elemental MediaConvert Output Presets](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-presets.html) in the ** .", + "title": "SettingsJson", + "type": "object" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" } }, "required": [ - "ApplicationId" + "SettingsJson" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSVoipSandboxChannel" + "AWS::MediaConvert::Preset" ], "type": "string" }, @@ -177814,7 +185714,7 @@ ], "type": "object" }, - "AWS::Pinpoint::App": { + "AWS::MediaConvert::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -177849,25 +185749,42 @@ "Properties": { "additionalProperties": false, "properties": { + "ConcurrentJobs": { + "markdownDescription": "Specify the maximum number of jobs your queue can process concurrently. For on-demand queues, the value you enter is constrained by your service quotas for Maximum concurrent jobs, per on-demand queue and Maximum concurrent jobs, per account. For reserved queues, specify the number of jobs you can process concurrently in your reservation plan instead.", + "title": "ConcurrentJobs", + "type": "number" + }, + "Description": { + "markdownDescription": "Optional. A description of the queue that you are creating.", + "title": "Description", + "type": "string" + }, "Name": { - "markdownDescription": "The display name of the application.", + "markdownDescription": "The name of the queue that you are creating.", "title": "Name", "type": "string" }, + "PricingPlan": { + "markdownDescription": "When you use AWS CloudFormation , you can create only on-demand queues. Therefore, always set `PricingPlan` to the value \"ON_DEMAND\" when declaring an AWS::MediaConvert::Queue in your AWS CloudFormation template.\n\nTo create a reserved queue, use the AWS Elemental MediaConvert console at https://console.aws.amazon.com/mediaconvert to set up a contract. For more information, see [Working with AWS Elemental MediaConvert Queues](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-queues.html) in the ** .", + "title": "PricingPlan", + "type": "string" + }, + "Status": { + "markdownDescription": "Initial state of the queue. Queues can be either ACTIVE or PAUSED. If you create a paused queue, then jobs that you send to that queue won't begin.", + "title": "Status", + "type": "string" + }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::App" + "AWS::MediaConvert::Queue" ], "type": "string" }, @@ -177881,12 +185798,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Pinpoint::ApplicationSettings": { + "AWS::MediaLive::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -177921,40 +185837,93 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application.", - "title": "ApplicationId", + "AnywhereSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AnywhereSettings", + "markdownDescription": "", + "title": "AnywhereSettings" + }, + "CdiInputSpecification": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CdiInputSpecification", + "markdownDescription": "Specification of CDI inputs for this channel.", + "title": "CdiInputSpecification" + }, + "ChannelClass": { + "markdownDescription": "The class for this channel. For a channel with two pipelines, the class is STANDARD. For a channel with one pipeline, the class is SINGLE_PIPELINE.", + "title": "ChannelClass", "type": "string" }, - "CampaignHook": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.CampaignHook", - "markdownDescription": "The settings for the Lambda function to use by default as a code hook for campaigns in the application. To override these settings for a specific campaign, use the Campaign resource to define custom Lambda function settings for the campaign.", - "title": "CampaignHook" + "ChannelEngineVersion": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ChannelEngineVersionRequest", + "markdownDescription": "", + "title": "ChannelEngineVersion" }, - "CloudWatchMetricsEnabled": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestination" + }, + "markdownDescription": "The settings that identify the destination for the outputs in this MediaLive output package.", + "title": "Destinations", + "type": "array" + }, + "DryRun": { "markdownDescription": "", - "title": "CloudWatchMetricsEnabled", + "title": "DryRun", "type": "boolean" }, - "Limits": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.Limits", - "markdownDescription": "The default sending limits for campaigns in the application. To override these limits for a specific campaign, use the Campaign resource to define custom limits for the campaign.", - "title": "Limits" + "EncoderSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EncoderSettings", + "markdownDescription": "The encoding configuration for the output content.", + "title": "EncoderSettings" }, - "QuietTime": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.QuietTime", - "markdownDescription": "The default quiet time for campaigns in the application. Quiet time is a specific time range when campaigns don't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the application (or a campaign that has custom quiet time settings).\n\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the application (or a campaign that has custom quiet time settings).\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from a campaign, even if quiet time is enabled.\n\nTo override the default quiet time settings for a specific campaign, use the Campaign resource to define a custom quiet time for the campaign.", - "title": "QuietTime" + "InputAttachments": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" + }, + "markdownDescription": "The list of input attachments for the channel.", + "title": "InputAttachments", + "type": "array" + }, + "InputSpecification": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputSpecification", + "markdownDescription": "The input specification for this channel. It specifies the key characteristics of the inputs for this channel: the maximum bitrate, the resolution, and the codec.", + "title": "InputSpecification" + }, + "LogLevel": { + "markdownDescription": "The verbosity for logging activity for this channel. Charges for logging (which are generated through Amazon CloudWatch Logging) are higher for higher verbosities.", + "title": "LogLevel", + "type": "string" + }, + "Maintenance": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MaintenanceCreateSettings", + "markdownDescription": "Maintenance settings for this channel.", + "title": "Maintenance" + }, + "Name": { + "markdownDescription": "Name of channel.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role for MediaLive to assume when running this channel. The role is identified by its ARN.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "markdownDescription": "A collection of tags for this channel. Each tag is a key-value pair.", + "title": "Tags", + "type": "object" + }, + "Vpc": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VpcOutputSettings", + "markdownDescription": "Settings to enable VPC mode in the channel, so that the endpoints for all outputs are in your VPC.", + "title": "Vpc" } }, - "required": [ - "ApplicationId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::ApplicationSettings" + "AWS::MediaLive::Channel" ], "type": "string" }, @@ -177968,17308 +185937,20635 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Pinpoint::ApplicationSettings.CampaignHook": { + "AWS::MediaLive::Channel.AacSettings": { "additionalProperties": false, "properties": { - "LambdaFunctionName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to send messages for campaigns in the application.", - "title": "LambdaFunctionName", + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid values depend on the rate control mode and profile.", + "title": "Bitrate", + "type": "number" + }, + "CodingMode": { + "markdownDescription": "Mono, stereo, or 5.1 channel layout. Valid values depend on the rate control mode and profile. The adReceiverMix setting receives a stereo description plus control track, and emits a mono AAC encode of the description track, with control data emitted in the PES header as per ETSI TS 101 154 Annex E.", + "title": "CodingMode", "type": "string" }, - "Mode": { - "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", - "title": "Mode", + "InputType": { + "markdownDescription": "Set to broadcasterMixedAd when the input contains pre-mixed main audio + AD (narration) as a stereo pair. The Audio Type field (audioType) will be set to 3, which signals to downstream systems that this stream contains broadcaster mixed AD. Note that the input received by the encoder must contain pre-mixed audio; MediaLive does not perform the mixing. The values in audioTypeControl and audioType (in AudioDescription) are ignored when set to broadcasterMixedAd. Leave this set to normal when the input does not contain pre-mixed audio + AD.", + "title": "InputType", "type": "string" }, - "WebUrl": { - "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", - "title": "WebUrl", + "Profile": { + "markdownDescription": "The AAC profile.", + "title": "Profile", + "type": "string" + }, + "RateControlMode": { + "markdownDescription": "The rate control mode.", + "title": "RateControlMode", + "type": "string" + }, + "RawFormat": { + "markdownDescription": "Sets the LATM/LOAS AAC output for raw containers.", + "title": "RawFormat", + "type": "string" + }, + "SampleRate": { + "markdownDescription": "The sample rate in Hz. Valid values depend on the rate control mode and profile.", + "title": "SampleRate", + "type": "number" + }, + "Spec": { + "markdownDescription": "Uses MPEG-2 AAC audio instead of MPEG-4 AAC audio for raw or MPEG-2 Transport Stream containers.", + "title": "Spec", + "type": "string" + }, + "VbrQuality": { + "markdownDescription": "The VBR quality level. This is used only if rateControlMode is VBR.", + "title": "VbrQuality", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::ApplicationSettings.Limits": { + "AWS::MediaLive::Channel.Ac3Settings": { "additionalProperties": false, "properties": { - "Daily": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", - "title": "Daily", - "type": "number" + "AttenuationControl": { + "markdownDescription": "", + "title": "AttenuationControl", + "type": "string" }, - "MaximumDuration": { - "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", - "title": "MaximumDuration", + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", + "title": "Bitrate", "type": "number" }, - "MessagesPerSecond": { - "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", - "title": "MessagesPerSecond", - "type": "number" + "BitstreamMode": { + "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream. For more information about these values, see ATSC A/52-2012.", + "title": "BitstreamMode", + "type": "string" }, - "Total": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", - "title": "Total", + "CodingMode": { + "markdownDescription": "The Dolby Digital coding mode. This determines the number of channels.", + "title": "CodingMode", + "type": "string" + }, + "Dialnorm": { + "markdownDescription": "Sets the dialnorm for the output. If excluded and the input audio is Dolby Digital, dialnorm is passed through.", + "title": "Dialnorm", "type": "number" + }, + "DrcProfile": { + "markdownDescription": "If set to filmStandard, adds dynamic range compression signaling to the output bitstream as defined in the Dolby Digital specification.", + "title": "DrcProfile", + "type": "string" + }, + "LfeFilter": { + "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. This is valid only in codingMode32Lfe mode.", + "title": "LfeFilter", + "type": "string" + }, + "MetadataControl": { + "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is supplied from one of these streams, the static metadata settings are used.", + "title": "MetadataControl", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::ApplicationSettings.QuietTime": { + "AWS::MediaLive::Channel.AncillarySourceSettings": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "Start", - "type": "string" + "SourceAncillaryChannelNumber": { + "markdownDescription": "Specifies the number (1 to 4) of the captions channel you want to extract from the ancillary captions. If you plan to convert the ancillary captions to another format, complete this field. If you plan to choose Embedded as the captions destination in the output (to pass through all the channels in the ancillary captions), leave this field blank because MediaLive ignores the field.", + "title": "SourceAncillaryChannelNumber", + "type": "number" } }, - "required": [ - "End", - "Start" - ], "type": "object" }, - "AWS::Pinpoint::BaiduChannel": { + "AWS::MediaLive::Channel.AnywhereSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApiKey": { - "markdownDescription": "The API key that you received from the Baidu Cloud Push service to communicate with the service.", - "title": "ApiKey", - "type": "string" - }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're configuring the Baidu channel for.", - "title": "ApplicationId", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the Baidu channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "SecretKey": { - "markdownDescription": "The secret key that you received from the Baidu Cloud Push service to communicate with the service.", - "title": "SecretKey", - "type": "string" - } - }, - "required": [ - "ApiKey", - "ApplicationId", - "SecretKey" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::BaiduChannel" - ], + "ChannelPlacementGroupId": { + "markdownDescription": "", + "title": "ChannelPlacementGroupId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ClusterId": { + "markdownDescription": "", + "title": "ClusterId", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::Campaign": { + "AWS::MediaLive::Channel.ArchiveCdnSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalTreatments": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.WriteTreatmentResource" - }, - "markdownDescription": "An array of requests that defines additional treatments for the campaign, in addition to the default treatment for the campaign.", - "title": "AdditionalTreatments", - "type": "array" - }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the campaign is associated with.", - "title": "ApplicationId", - "type": "string" - }, - "CampaignHook": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignHook", - "markdownDescription": "Specifies the Lambda function to use as a code hook for a campaign.", - "title": "CampaignHook" - }, - "CustomDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", - "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", - "title": "CustomDeliveryConfiguration" - }, - "Description": { - "markdownDescription": "A custom description of the campaign.", - "title": "Description", - "type": "string" - }, - "HoldoutPercent": { - "markdownDescription": "The allocated percentage of users (segment members) who shouldn't receive messages from the campaign.", - "title": "HoldoutPercent", - "type": "number" - }, - "IsPaused": { - "markdownDescription": "Specifies whether to pause the campaign. A paused campaign doesn't run unless you resume it by changing this value to `false` . If you restart a campaign, the campaign restarts from the beginning and not at the point you paused it. If a campaign is running it will complete and then pause. Pause only pauses or skips the next run for a recurring future scheduled campaign. A campaign scheduled for immediate can't be paused.", - "title": "IsPaused", - "type": "boolean" - }, - "Limits": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Limits", - "markdownDescription": "The messaging limits for the campaign.", - "title": "Limits" - }, - "MessageConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", - "markdownDescription": "The message configuration settings for the treatment.", - "title": "MessageConfiguration" - }, - "Name": { - "markdownDescription": "The name of the campaign.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "An integer between 1 and 5, inclusive, that represents the priority of the in-app message campaign, where 1 is the highest priority and 5 is the lowest. If there are multiple messages scheduled to be displayed at the same time, the priority determines the order in which those messages are displayed.", - "title": "Priority", - "type": "number" - }, - "Schedule": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", - "markdownDescription": "The schedule settings for the treatment.", - "title": "Schedule" - }, - "SegmentId": { - "markdownDescription": "The unique identifier for the segment to associate with the campaign.", - "title": "SegmentId", - "type": "string" - }, - "SegmentVersion": { - "markdownDescription": "The version of the segment to associate with the campaign.", - "title": "SegmentVersion", - "type": "number" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", - "markdownDescription": "The message template to use for the treatment.", - "title": "TemplateConfiguration" - }, - "TreatmentDescription": { - "markdownDescription": "A custom description of the treatment.", - "title": "TreatmentDescription", - "type": "string" - }, - "TreatmentName": { - "markdownDescription": "A custom name for the treatment.", - "title": "TreatmentName", - "type": "string" - } - }, - "required": [ - "ApplicationId", - "Name", - "Schedule", - "SegmentId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::Campaign" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ArchiveS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this Archive output.", + "title": "ArchiveS3Settings" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::Campaign.AttributeDimension": { + "AWS::MediaLive::Channel.ArchiveContainerSettings": { "additionalProperties": false, "properties": { - "AttributeType": { - "type": "string" + "M2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", + "markdownDescription": "The settings for the M2TS in the archive output.", + "title": "M2tsSettings" }, - "Values": { - "items": { - "type": "string" - }, - "type": "array" + "RawSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RawSettings", + "markdownDescription": "The settings for Raw archive output type.", + "title": "RawSettings" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignCustomMessage": { + "AWS::MediaLive::Channel.ArchiveGroupSettings": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "The raw, JSON-formatted string to use as the payload for the message. The maximum size is 5 KB.", - "title": "Data", - "type": "string" + "ArchiveCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveCdnSettings", + "markdownDescription": "Settings to configure the destination of an Archive output.", + "title": "ArchiveCdnSettings" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "A directory and base file name where archive files should be written.", + "title": "Destination" + }, + "RolloverInterval": { + "markdownDescription": "The number of seconds to write to an archive file before closing and starting a new one.", + "title": "RolloverInterval", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignEmailMessage": { + "AWS::MediaLive::Channel.ArchiveOutputSettings": { "additionalProperties": false, "properties": { - "Body": { - "markdownDescription": "The body of the email for recipients whose email clients don't render HTML content.", - "title": "Body", - "type": "string" - }, - "FromAddress": { - "markdownDescription": "The verified email address to send the email from. The default address is the `FromAddress` specified for the email channel for the application.", - "title": "FromAddress", - "type": "string" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveContainerSettings", + "markdownDescription": "The settings that are specific to the container type of the file.", + "title": "ContainerSettings" }, - "HtmlBody": { - "markdownDescription": "The body of the email, in HTML format, for recipients whose email clients render HTML content.", - "title": "HtmlBody", + "Extension": { + "markdownDescription": "The output file extension. If excluded, this is auto-selected from the container type.", + "title": "Extension", "type": "string" }, - "Title": { - "markdownDescription": "The subject line, or title, of the email.", - "title": "Title", + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. The string is required for multiple outputs of the same type.", + "title": "NameModifier", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignEventFilter": { + "AWS::MediaLive::Channel.ArchiveS3Settings": { "additionalProperties": false, "properties": { - "Dimensions": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.EventDimensions", - "markdownDescription": "The dimension settings of the event filter for the campaign.", - "title": "Dimensions" - }, - "FilterType": { - "markdownDescription": "The type of event that causes the campaign to be sent. Valid values are: `SYSTEM` , sends the campaign when a system event occurs; and, `ENDPOINT` , sends the campaign when an endpoint event (Events resource) occurs.", - "title": "FilterType", + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignHook": { + "AWS::MediaLive::Channel.AribDestinationSettings": { "additionalProperties": false, - "properties": { - "LambdaFunctionName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to customize a segment for a campaign.", - "title": "LambdaFunctionName", - "type": "string" - }, - "Mode": { - "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", - "title": "Mode", - "type": "string" - }, - "WebUrl": { - "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", - "title": "WebUrl", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignInAppMessage": { + "AWS::MediaLive::Channel.AribSourceSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.AudioChannelMapping": { "additionalProperties": false, "properties": { - "Content": { + "InputChannelLevels": { "items": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageContent" + "$ref": "#/definitions/AWS::MediaLive::Channel.InputChannelLevel" }, - "markdownDescription": "An array that contains configurtion information about the in-app message for the campaign, including title and body text, text colors, background colors, image URLs, and button configurations.", - "title": "Content", + "markdownDescription": "The indices and gain values for each input channel that should be remixed into this output channel.", + "title": "InputChannelLevels", "type": "array" }, - "CustomConfig": { - "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", - "title": "CustomConfig", - "type": "object" - }, - "Layout": { - "markdownDescription": "A string that describes how the in-app message will appear. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", - "title": "Layout", - "type": "string" + "OutputChannel": { + "markdownDescription": "The index of the output channel that is being produced.", + "title": "OutputChannel", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignSmsMessage": { + "AWS::MediaLive::Channel.AudioCodecSettings": { "additionalProperties": false, "properties": { - "Body": { - "markdownDescription": "The body of the SMS message.", - "title": "Body", - "type": "string" + "AacSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AacSettings", + "markdownDescription": "The setup of the AAC audio codec in the output.", + "title": "AacSettings" }, - "EntityId": { - "markdownDescription": "The entity ID or Principal Entity (PE) id received from the regulatory body for sending SMS in your country.", - "title": "EntityId", - "type": "string" + "Ac3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Ac3Settings", + "markdownDescription": "The setup of an AC3 audio codec in the output.", + "title": "Ac3Settings" }, - "MessageType": { - "markdownDescription": "The SMS message type. Valid values are `TRANSACTIONAL` (for messages that are critical or time-sensitive, such as a one-time passwords) and `PROMOTIONAL` (for messsages that aren't critical or time-sensitive, such as marketing messages).", - "title": "MessageType", - "type": "string" + "Eac3AtmosSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3AtmosSettings", + "markdownDescription": "", + "title": "Eac3AtmosSettings" }, - "OriginationNumber": { - "markdownDescription": "The long code to send the SMS message from. This value should be one of the dedicated long codes that's assigned to your AWS account. Although it isn't required, we recommend that you specify the long code using an E.164 format to ensure prompt and accurate delivery of the message. For example, +12065550100.", - "title": "OriginationNumber", - "type": "string" + "Eac3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3Settings", + "markdownDescription": "The setup of an EAC3 audio codec in the output.", + "title": "Eac3Settings" }, - "SenderId": { - "markdownDescription": "The alphabetic Sender ID to display as the sender of the message on a recipient's device. Support for sender IDs varies by country or region. To specify a phone number as the sender, omit this parameter and use `OriginationNumber` instead. For more information about support for Sender ID by country, see the [Amazon Pinpoint User Guide](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) .", - "title": "SenderId", - "type": "string" + "Mp2Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mp2Settings", + "markdownDescription": "The setup of an MP2 audio codec in the output.", + "title": "Mp2Settings" }, - "TemplateId": { - "markdownDescription": "The template ID received from the regulatory body for sending SMS in your country.", - "title": "TemplateId", - "type": "string" + "PassThroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.PassThroughSettings", + "markdownDescription": "The setup to pass through the Dolby audio codec to the output.", + "title": "PassThroughSettings" + }, + "WavSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.WavSettings", + "markdownDescription": "Settings for audio encoded with the WAV codec.", + "title": "WavSettings" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CustomDeliveryConfiguration": { + "AWS::MediaLive::Channel.AudioDescription": { "additionalProperties": false, "properties": { - "DeliveryUri": { - "markdownDescription": "The destination to send the campaign or treatment to. This value can be one of the following:\n\n- The name or Amazon Resource Name (ARN) of an AWS Lambda function to invoke to handle delivery of the campaign or treatment.\n- The URL for a web application or service that supports HTTPS and can receive the message. The URL has to be a full URL, including the HTTPS protocol.", - "title": "DeliveryUri", - "type": "string" - }, - "EndpointTypes": { + "AudioDashRoles": { "items": { "type": "string" }, - "markdownDescription": "The types of endpoints to send the campaign or treatment to. Each valid value maps to a type of channel that you can associate with an endpoint by using the `ChannelType` property of an endpoint.", - "title": "EndpointTypes", + "markdownDescription": "", + "title": "AudioDashRoles", "type": "array" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.DefaultButtonConfiguration": { - "additionalProperties": false, - "properties": { - "BackgroundColor": { - "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", + }, + "AudioNormalizationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioNormalizationSettings", + "markdownDescription": "The advanced audio normalization settings.", + "title": "AudioNormalizationSettings" + }, + "AudioSelectorName": { + "markdownDescription": "The name of the AudioSelector that is used as the source for this AudioDescription.", + "title": "AudioSelectorName", "type": "string" }, - "BorderRadius": { - "markdownDescription": "The border radius of a button.", - "title": "BorderRadius", - "type": "number" + "AudioType": { + "markdownDescription": "Applies only if audioTypeControl is useConfigured. The values for audioType are defined in ISO-IEC 13818-1.", + "title": "AudioType", + "type": "string" }, - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", + "AudioTypeControl": { + "markdownDescription": "Determines how audio type is determined. followInput: If the input contains an ISO 639 audioType, then that value is passed through to the output. If the input contains no ISO 639 audioType, the value in Audio Type is included in the output. useConfigured: The value in Audio Type is included in the output. Note that this field and audioType are both ignored if inputType is broadcasterMixedAd.", + "title": "AudioTypeControl", "type": "string" }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", + "AudioWatermarkingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioWatermarkSettings", + "markdownDescription": "Settings to configure one or more solutions that insert audio watermarks in the audio encode", + "title": "AudioWatermarkingSettings" + }, + "CodecSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioCodecSettings", + "markdownDescription": "The audio codec settings.", + "title": "CodecSettings" + }, + "DvbDashAccessibility": { + "markdownDescription": "", + "title": "DvbDashAccessibility", "type": "string" }, - "Text": { - "markdownDescription": "The text that appears on a button in an in-app message.", - "title": "Text", + "LanguageCode": { + "markdownDescription": "Indicates the language of the audio output track. Used only if languageControlMode is useConfigured, or there is no ISO 639 language code specified in the input.", + "title": "LanguageCode", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", + "LanguageCodeControl": { + "markdownDescription": "Choosing followInput causes the ISO 639 language code of the output to follow the ISO 639 language code of the input. The languageCode setting is used when useConfigured is set, or when followInput is selected but there is no ISO 639 language code specified by the input.", + "title": "LanguageCodeControl", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of this AudioDescription. Outputs use this name to uniquely identify this AudioDescription. Description names should be unique within this channel.", + "title": "Name", + "type": "string" + }, + "RemixSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RemixSettings", + "markdownDescription": "The settings that control how input audio channels are remixed into the output audio channels.", + "title": "RemixSettings" + }, + "StreamName": { + "markdownDescription": "Used for Microsoft Smooth and Apple HLS outputs. Indicates the name displayed by the player (for example, English or Director Commentary).", + "title": "StreamName", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.EventDimensions": { + "AWS::MediaLive::Channel.AudioDolbyEDecode": { "additionalProperties": false, "properties": { - "Attributes": { - "markdownDescription": "One or more custom attributes that your application reports to Amazon Pinpoint. You can use these attributes as selection criteria when you create an event filter.", - "title": "Attributes", - "type": "object" - }, - "EventType": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.SetDimension", - "markdownDescription": "The name of the event that causes the campaign to be sent or the journey activity to be performed. This can be a standard event that Amazon Pinpoint generates, such as `_email.delivered` or `_custom.delivered` . For campaigns, this can also be a custom event that's specific to your application. For information about standard events, see [Streaming Amazon Pinpoint Events](https://docs.aws.amazon.com/pinpoint/latest/developerguide/event-streams.html) in the *Amazon Pinpoint Developer Guide* .", - "title": "EventType" - }, - "Metrics": { - "markdownDescription": "One or more custom metrics that your application reports to Amazon Pinpoint . You can use these metrics as selection criteria when you create an event filter.", - "title": "Metrics", - "type": "object" + "ProgramSelection": { + "markdownDescription": "", + "title": "ProgramSelection", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageBodyConfig": { + "AWS::MediaLive::Channel.AudioHlsRenditionSelection": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" - }, - "Body": { - "markdownDescription": "The main body text of the message.", - "title": "Body", + "GroupId": { + "markdownDescription": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.", + "title": "GroupId", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", - "title": "TextColor", + "Name": { + "markdownDescription": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageButton": { + "AWS::MediaLive::Channel.AudioLanguageSelection": { "additionalProperties": false, "properties": { - "Android": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to Android.", - "title": "Android" - }, - "DefaultConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.DefaultButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in an in-app message.", - "title": "DefaultConfig" - }, - "IOS": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to iOS devices.", - "title": "IOS" + "LanguageCode": { + "markdownDescription": "Selects a specific three-letter language code from within an audio source.", + "title": "LanguageCode", + "type": "string" }, - "Web": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages for web applications.", - "title": "Web" + "LanguageSelectionPolicy": { + "markdownDescription": "When set to \"strict,\" the transport stream demux strictly identifies audio streams by their language descriptor. If a PMT update occurs such that an audio stream matching the initially selected language is no longer present, then mute is encoded until the language returns. If set to \"loose,\" then on a PMT update the demux chooses another audio stream in the program with the same stream type if it can't find one with the same language.", + "title": "LanguageSelectionPolicy", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageContent": { + "AWS::MediaLive::Channel.AudioNormalizationSettings": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", + "Algorithm": { + "markdownDescription": "The audio normalization algorithm to use. itu17701 conforms to the CALM Act specification. itu17702 conforms to the EBU R-128 specification.", + "title": "Algorithm", "type": "string" }, - "BodyConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageBodyConfig", - "markdownDescription": "Specifies the configuration of main body text in an in-app message template.", - "title": "BodyConfig" - }, - "HeaderConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageHeaderConfig", - "markdownDescription": "Specifies the configuration and content of the header or title text of the in-app message.", - "title": "HeaderConfig" - }, - "ImageUrl": { - "markdownDescription": "The URL of the image that appears on an in-app message banner.", - "title": "ImageUrl", + "AlgorithmControl": { + "markdownDescription": "When set to correctAudio, the output audio is corrected using the chosen algorithm. If set to measureOnly, the audio is measured but not adjusted.", + "title": "AlgorithmControl", "type": "string" }, - "PrimaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", - "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", - "title": "PrimaryBtn" - }, - "SecondaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", - "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", - "title": "SecondaryBtn" + "TargetLkfs": { + "markdownDescription": "The Target LKFS(loudness) to adjust volume to. If no value is entered, a default value is used according to the chosen algorithm. The CALM Act (1770-1) recommends a target of -24 LKFS. The EBU R-128 specification (1770-2) recommends a target of -23 LKFS.", + "title": "TargetLkfs", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageHeaderConfig": { + "AWS::MediaLive::Channel.AudioOnlyHlsSettings": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", + "AudioGroupId": { + "markdownDescription": "Specifies the group that the audio rendition belongs to.", + "title": "AudioGroupId", "type": "string" }, - "Header": { - "markdownDescription": "The header or title text of the in-app message.", - "title": "Header", + "AudioOnlyImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "Used with an audio-only stream. It must be a .jpg or .png file. If given, this image is used as the cover art for the audio-only output. Ideally, it should be formatted for an iPhone screen for two reasons. The iPhone does not resize the image; instead, it crops a centered image on the top/bottom and left/right. Additionally, this image file gets saved bit-for-bit into every 10-second segment file, so it increases bandwidth by {image file size} * {segment count} * {user count.}.", + "title": "AudioOnlyImage" + }, + "AudioTrackType": { + "markdownDescription": "Four types of audio-only tracks are supported: Audio-Only Variant Stream The client can play back this audio-only stream instead of video in low-bandwidth scenarios. Represented as an EXT-X-STREAM-INF in the HLS manifest. Alternate Audio, Auto Select, Default Alternate rendition that the client should try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=YES, AUTOSELECT=YES Alternate Audio, Auto Select, Not Default Alternate rendition that the client might try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=YES Alternate Audio, not Auto Select Alternate rendition that the client will not try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=NO.", + "title": "AudioTrackType", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", - "title": "TextColor", + "SegmentType": { + "markdownDescription": "Specifies the segment type.", + "title": "SegmentType", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.Limits": { + "AWS::MediaLive::Channel.AudioPidSelection": { "additionalProperties": false, "properties": { - "Daily": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", - "title": "Daily", - "type": "number" - }, - "MaximumDuration": { - "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", - "title": "MaximumDuration", - "type": "number" - }, - "MessagesPerSecond": { - "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", - "title": "MessagesPerSecond", - "type": "number" - }, - "Session": { - "markdownDescription": "The maximum number of messages that the campaign can send per user session.", - "title": "Session", - "type": "number" - }, - "Total": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", - "title": "Total", + "Pid": { + "markdownDescription": "Select the audio by this PID.", + "title": "Pid", "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.Message": { + "AWS::MediaLive::Channel.AudioSelector": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps the push notification. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of iOS and Android.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", - "type": "string" - }, - "Body": { - "markdownDescription": "The body of the notification message. The maximum number of characters is 200.", - "title": "Body", - "type": "string" - }, - "ImageIconUrl": { - "markdownDescription": "The URL of the image to display as the push notification icon, such as the icon for the app.", - "title": "ImageIconUrl", - "type": "string" - }, - "ImageSmallIconUrl": { - "markdownDescription": "The URL of the image to display as the small, push notification icon, such as a small version of the icon for the app.", - "title": "ImageSmallIconUrl", - "type": "string" - }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display in the push notification.", - "title": "ImageUrl", - "type": "string" - }, - "JsonBody": { - "markdownDescription": "The JSON payload to use for a silent push notification.", - "title": "JsonBody", - "type": "string" - }, - "MediaUrl": { - "markdownDescription": "The URL of the image or video to display in the push notification.", - "title": "MediaUrl", - "type": "string" - }, - "RawContent": { - "markdownDescription": "The raw, JSON-formatted string to use as the payload for the notification message. If specified, this value overrides all other content for the message.", - "title": "RawContent", - "type": "string" - }, - "SilentPush": { - "markdownDescription": "Specifies whether the notification is a silent push notification, which is a push notification that doesn't display on a recipient's device. Silent push notifications can be used for cases such as updating an app's configuration, displaying messages in an in-app message center, or supporting phone home functionality.", - "title": "SilentPush", - "type": "boolean" - }, - "TimeToLive": { - "markdownDescription": "The number of seconds that the push notification service should keep the message, if the service is unable to deliver the notification the first time. This value is converted to an expiration value when it's sent to a push notification service. If this value is `0` , the service treats the notification as if it expires immediately and the service doesn't store or try to deliver the notification again.\n\nThis value doesn't apply to messages that are sent through the Amazon Device Messaging (ADM) service.", - "title": "TimeToLive", - "type": "number" - }, - "Title": { - "markdownDescription": "The title to display above the notification message on a recipient's device.", - "title": "Title", + "Name": { + "markdownDescription": "A name for this AudioSelector.", + "title": "Name", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps the push notification and the value of the `Action` property is `URL` .", - "title": "Url", - "type": "string" + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelectorSettings", + "markdownDescription": "Information about the specific audio to extract from the input.", + "title": "SelectorSettings" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.MessageConfiguration": { + "AWS::MediaLive::Channel.AudioSelectorSettings": { "additionalProperties": false, "properties": { - "ADMMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the ADM (Amazon Device Messaging) channel. If specified, this message overrides the default message.", - "title": "ADMMessage" - }, - "APNSMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the APNs (Apple Push Notification service) channel. If specified, this message overrides the default message.", - "title": "APNSMessage" - }, - "BaiduMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the Baidu (Baidu Cloud Push) channel. If specified, this message overrides the default message.", - "title": "BaiduMessage" - }, - "CustomMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignCustomMessage", - "markdownDescription": "The message that the campaign sends through a custom channel, as specified by the delivery configuration ( `CustomDeliveryConfiguration` ) settings for the campaign. If specified, this message overrides the default message.", - "title": "CustomMessage" - }, - "DefaultMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The default message that the campaign sends through all the channels that are configured for the campaign.", - "title": "DefaultMessage" - }, - "EmailMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEmailMessage", - "markdownDescription": "The message that the campaign sends through the email channel. If specified, this message overrides the default message.\n\n> The maximum email message size is 200 KB. You can use email templates to send larger email messages.", - "title": "EmailMessage" + "AudioHlsRenditionSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioHlsRenditionSelection", + "markdownDescription": "Selector for HLS audio rendition.", + "title": "AudioHlsRenditionSelection" }, - "GCMMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the GCM channel, which enables Amazon Pinpoint to send push notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. If specified, this message overrides the default message.", - "title": "GCMMessage" + "AudioLanguageSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioLanguageSelection", + "markdownDescription": "The language code of the audio to select.", + "title": "AudioLanguageSelection" }, - "InAppMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignInAppMessage", - "markdownDescription": "The default message for the in-app messaging channel. This message overrides the default message ( `DefaultMessage` ).", - "title": "InAppMessage" + "AudioPidSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioPidSelection", + "markdownDescription": "The PID of the audio to select.", + "title": "AudioPidSelection" }, - "SMSMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignSmsMessage", - "markdownDescription": "The message that the campaign sends through the SMS channel. If specified, this message overrides the default message.", - "title": "SMSMessage" + "AudioTrackSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrackSelection", + "markdownDescription": "Information about the audio track to extract.", + "title": "AudioTrackSelection" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.MetricDimension": { + "AWS::MediaLive::Channel.AudioSilenceFailoverSettings": { "additionalProperties": false, "properties": { - "ComparisonOperator": { + "AudioSelectorName": { + "markdownDescription": "The name of the audio selector in the input that MediaLive should monitor to detect silence. Select your most important rendition. If you didn't create an audio selector in this input, leave blank.", + "title": "AudioSelectorName", "type": "string" }, - "Value": { + "AudioSilenceThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that the active input must be silent before automatic input failover occurs. Silence is defined as audio loss or audio quieter than -50 dBFS.", + "title": "AudioSilenceThresholdMsec", "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.OverrideButtonConfiguration": { + "AWS::MediaLive::Channel.AudioTrack": { "additionalProperties": false, "properties": { - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" - }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", - "type": "string" + "Track": { + "markdownDescription": "1-based integer value that maps to a specific audio track", + "title": "Track", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.QuietTime": { + "AWS::MediaLive::Channel.AudioTrackSelection": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "End", - "type": "string" + "DolbyEDecode": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDolbyEDecode", + "markdownDescription": "", + "title": "DolbyEDecode" }, - "Start": { - "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "Start", - "type": "string" + "Tracks": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrack" + }, + "markdownDescription": "Selects one or more unique audio tracks from within a source.", + "title": "Tracks", + "type": "array" } }, - "required": [ - "End", - "Start" - ], "type": "object" }, - "AWS::Pinpoint::Campaign.Schedule": { + "AWS::MediaLive::Channel.AudioWatermarkSettings": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The scheduled time, in ISO 8601 format, when the campaign ended or will end.", - "title": "EndTime", - "type": "string" - }, - "EventFilter": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEventFilter", - "markdownDescription": "The type of event that causes the campaign to be sent, if the value of the `Frequency` property is `EVENT` .", - "title": "EventFilter" - }, - "Frequency": { - "markdownDescription": "Specifies how often the campaign is sent or whether the campaign is sent in response to a specific event.", - "title": "Frequency", - "type": "string" - }, - "IsLocalTime": { - "markdownDescription": "Specifies whether the start and end times for the campaign schedule use each recipient's local time. To base the schedule on each recipient's local time, set this value to `true` .", - "title": "IsLocalTime", - "type": "boolean" - }, - "QuietTime": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.QuietTime", - "markdownDescription": "The default quiet time for the campaign. Quiet time is a specific time range when a campaign doesn't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the campaign.\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the campaign.\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from the campaign, even if quiet time is enabled.", - "title": "QuietTime" - }, - "StartTime": { - "markdownDescription": "The scheduled time when the campaign began or will begin. Valid values are: `IMMEDIATE` , to start the campaign immediately; or, a specific time in ISO 8601 format.", - "title": "StartTime", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "The starting UTC offset for the campaign schedule, if the value of the `IsLocalTime` property is `true` . Valid values are: `UTC, UTC+01, UTC+02, UTC+03, UTC+03:30, UTC+04, UTC+04:30, UTC+05, UTC+05:30, UTC+05:45, UTC+06, UTC+06:30, UTC+07, UTC+08, UTC+09, UTC+09:30, UTC+10, UTC+10:30, UTC+11, UTC+12, UTC+13, UTC-02, UTC-03, UTC-04, UTC-05, UTC-06, UTC-07, UTC-08, UTC-09, UTC-10,` and `UTC-11` .", - "title": "TimeZone", - "type": "string" + "NielsenWatermarksSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenWatermarksSettings", + "markdownDescription": "Settings to configure Nielsen Watermarks in the audio encode", + "title": "NielsenWatermarksSettings" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.SetDimension": { + "AWS::MediaLive::Channel.AutomaticInputFailoverSettings": { "additionalProperties": false, "properties": { - "DimensionType": { - "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", - "title": "DimensionType", - "type": "string" + "ErrorClearTimeMsec": { + "markdownDescription": "This clear time defines the requirement a recovered input must meet to be considered healthy. The input must have no failover conditions for this length of time. Enter a time in milliseconds. This value is particularly important if the input_preference for the failover pair is set to PRIMARY_INPUT_PREFERRED, because after this time, MediaLive will switch back to the primary input.", + "title": "ErrorClearTimeMsec", + "type": "number" }, - "Values": { + "FailoverConditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverCondition" }, - "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", - "title": "Values", + "markdownDescription": "A list of failover conditions. If any of these conditions occur, MediaLive will perform a failover to the other input.", + "title": "FailoverConditions", "type": "array" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.Template": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "Name", + }, + "InputPreference": { + "markdownDescription": "Input preference when deciding which input to make active when a previously failed input has recovered.", + "title": "InputPreference", "type": "string" }, - "Version": { - "markdownDescription": "The unique identifier for the version of the message template to use for the message. If specified, this value must match the identifier for an existing template version. To retrieve a list of versions and version identifiers for a template, use the [Template Versions](https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html) resource.\n\nIf you don't specify a value for this property, Amazon Pinpoint uses the *active version* of the template. The *active version* is typically the version of a template that's been most recently reviewed and approved for use, depending on your workflow. It isn't necessarily the latest version of a template.", - "title": "Version", + "SecondaryInputId": { + "markdownDescription": "The input ID of the secondary input in the automatic input failover pair.", + "title": "SecondaryInputId", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.TemplateConfiguration": { + "AWS::MediaLive::Channel.Av1ColorSpaceSettings": { "additionalProperties": false, "properties": { - "EmailTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The email template to use for the message.", - "title": "EmailTemplate" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "", + "title": "ColorSpacePassthroughSettings" }, - "PushTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The push notification template to use for the message.", - "title": "PushTemplate" + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "", + "title": "Hdr10Settings" }, - "SMSTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The SMS template to use for the message.", - "title": "SMSTemplate" + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "", + "title": "Rec601Settings" }, - "VoiceTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The voice template to use for the message. This object isn't supported for campaigns.", - "title": "VoiceTemplate" + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "", + "title": "Rec709Settings" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.WriteTreatmentResource": { + "AWS::MediaLive::Channel.Av1Settings": { "additionalProperties": false, "properties": { - "CustomDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", - "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", - "title": "CustomDeliveryConfiguration" + "AfdSignaling": { + "markdownDescription": "", + "title": "AfdSignaling", + "type": "string" }, - "MessageConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", - "markdownDescription": "The message configuration settings for the treatment.", - "title": "MessageConfiguration" + "Bitrate": { + "markdownDescription": "", + "title": "Bitrate", + "type": "number" }, - "Schedule": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", - "markdownDescription": "The schedule settings for the treatment.", - "title": "Schedule" + "BufSize": { + "markdownDescription": "", + "title": "BufSize", + "type": "number" }, - "SizePercent": { - "markdownDescription": "The allocated percentage of users (segment members) to send the treatment to.", - "title": "SizePercent", + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Av1ColorSpaceSettings", + "markdownDescription": "", + "title": "ColorSpaceSettings" + }, + "FixedAfd": { + "markdownDescription": "", + "title": "FixedAfd", + "type": "string" + }, + "FramerateDenominator": { + "markdownDescription": "", + "title": "FramerateDenominator", "type": "number" }, - "TemplateConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", - "markdownDescription": "The message template to use for the treatment.", - "title": "TemplateConfiguration" + "FramerateNumerator": { + "markdownDescription": "", + "title": "FramerateNumerator", + "type": "number" }, - "TreatmentDescription": { - "markdownDescription": "A custom description of the treatment.", - "title": "TreatmentDescription", + "GopSize": { + "markdownDescription": "", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "", + "title": "GopSizeUnits", "type": "string" }, - "TreatmentName": { - "markdownDescription": "A custom name for the treatment.", - "title": "TreatmentName", + "Level": { + "markdownDescription": "", + "title": "Level", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::EmailChannel": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "LookAheadRateControl": { + "markdownDescription": "", + "title": "LookAheadRateControl", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MaxBitrate": { + "markdownDescription": "", + "title": "MaxBitrate", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MinIInterval": { + "markdownDescription": "", + "title": "MinIInterval", + "type": "number" }, - "Metadata": { - "type": "object" + "ParDenominator": { + "markdownDescription": "", + "title": "ParDenominator", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're specifying the email channel for.", - "title": "ApplicationId", - "type": "string" - }, - "ConfigurationSet": { - "markdownDescription": "The [Amazon SES configuration set](https://docs.aws.amazon.com/ses/latest/APIReference/API_ConfigurationSet.html) that you want to apply to messages that you send through the channel.", - "title": "ConfigurationSet", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the email channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "FromAddress": { - "markdownDescription": "The verified email address that you want to send email from when you send email through the channel.", - "title": "FromAddress", - "type": "string" - }, - "Identity": { - "markdownDescription": "The Amazon Resource Name (ARN) of the identity, verified with Amazon Simple Email Service (Amazon SES), that you want to use when you send email through the channel.", - "title": "Identity", - "type": "string" - }, - "OrchestrationSendingRoleArn": { - "markdownDescription": "The ARN of an IAM role for Amazon Pinpoint to use to send email from your campaigns or journeys through Amazon SES .", - "title": "OrchestrationSendingRoleArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that you want Amazon Pinpoint to use when it submits email-related event data for the channel.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "ApplicationId", - "FromAddress", - "Identity" - ], - "type": "object" + "ParNumerator": { + "markdownDescription": "", + "title": "ParNumerator", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Pinpoint::EmailChannel" - ], + "QvbrQualityLevel": { + "markdownDescription": "", + "title": "QvbrQualityLevel", + "type": "number" + }, + "RateControlMode": { + "markdownDescription": "", + "title": "RateControlMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SceneChangeDetect": { + "markdownDescription": "", + "title": "SceneChangeDetect", "type": "string" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::EmailTemplate": { + "AWS::MediaLive::Channel.AvailBlanking": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AvailBlankingImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The blanking image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", + "title": "AvailBlankingImage" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "State": { + "markdownDescription": "When set to enabled, the video, audio, and captions are blanked when insertion metadata is added.", + "title": "State", "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.AvailConfiguration": { + "additionalProperties": false, + "properties": { + "AvailSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailSettings", + "markdownDescription": "The setup of ad avail handling in the output.", + "title": "AvailSettings" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Scte35SegmentationScope": { + "markdownDescription": "", + "title": "Scte35SegmentationScope", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.AvailSettings": { + "additionalProperties": false, + "properties": { + "Esam": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Esam", + "markdownDescription": "", + "title": "Esam" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", - "type": "string" - }, - "HtmlPart": { - "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", - "title": "HtmlPart", - "type": "string" - }, - "Subject": { - "markdownDescription": "The subject line, or title, to use in email messages that are based on the message template.", - "title": "Subject", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the message template.", - "title": "TemplateName", - "type": "string" - }, - "TextPart": { - "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", - "title": "TextPart", - "type": "string" - } - }, - "required": [ - "Subject", - "TemplateName" - ], - "type": "object" + "Scte35SpliceInsert": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35SpliceInsert", + "markdownDescription": "The setup for SCTE-35 splice insert handling.", + "title": "Scte35SpliceInsert" }, - "Type": { - "enum": [ - "AWS::Pinpoint::EmailTemplate" - ], + "Scte35TimeSignalApos": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35TimeSignalApos", + "markdownDescription": "The setup for SCTE-35 time signal APOS handling.", + "title": "Scte35TimeSignalApos" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.BandwidthReductionFilterSettings": { + "additionalProperties": false, + "properties": { + "PostFilterSharpening": { + "markdownDescription": "", + "title": "PostFilterSharpening", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Strength": { + "markdownDescription": "", + "title": "Strength", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::EventStream": { + "AWS::MediaLive::Channel.BlackoutSlate": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "BlackoutSlateImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The blackout slate image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", + "title": "BlackoutSlateImage" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NetworkEndBlackout": { + "markdownDescription": "Setting to enabled causes MediaLive to blackout the video, audio, and captions, and raise the \"Network Blackout Image\" slate when an SCTE104/35 Network End Segmentation Descriptor is encountered. The blackout is lifted when the Network Start Segmentation Descriptor is encountered. The Network End and Network Start descriptors must contain a network ID that matches the value entered in Network ID.", + "title": "NetworkEndBlackout", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you want to export data from.", - "title": "ApplicationId", - "type": "string" - }, - "DestinationStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Stream or Amazon Data Firehose delivery stream that you want to publish event data to.\n\nFor a Kinesis Data Stream, the ARN format is: `arn:aws:kinesis: region : account-id :stream/ stream_name`\n\nFor a Firehose delivery stream, the ARN format is: `arn:aws:firehose: region : account-id :deliverystream/ stream_name`", - "title": "DestinationStreamArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The AWS Identity and Access Management (IAM) role that authorizes Amazon Pinpoint to publish event data to the stream in your AWS account.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "ApplicationId", - "DestinationStreamArn", - "RoleArn" - ], - "type": "object" + "NetworkEndBlackoutImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The path to the local file to use as the Network End Blackout image. The image is scaled to fill the entire output raster.", + "title": "NetworkEndBlackoutImage" }, - "Type": { - "enum": [ - "AWS::Pinpoint::EventStream" - ], + "NetworkId": { + "markdownDescription": "Provides a Network ID that matches EIDR ID format (for example, \"10.XXXX/XXXX-XXXX-XXXX-XXXX-XXXX-C\").", + "title": "NetworkId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "State": { + "markdownDescription": "When set to enabled, this causes video, audio, and captions to be blanked when indicated by program metadata.", + "title": "State", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::GCMChannel": { + "AWS::MediaLive::Channel.BurnInDestinationSettings": { "additionalProperties": false, "properties": { - "Condition": { + "Alignment": { + "markdownDescription": "If no explicit xPosition or yPosition is provided, setting alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. All burn-in and DVB-Sub font settings must match.", + "title": "Alignment", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BackgroundColor": { + "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundColor", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BackgroundOpacity": { + "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundOpacity", + "type": "number" }, - "Metadata": { - "type": "object" + "Font": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", + "title": "Font" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApiKey": { - "markdownDescription": "The Web API key, also called the *server key* , that you received from Google to communicate with Google services.", - "title": "ApiKey", - "type": "string" - }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the GCM channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method used for GCM. Values are either \"TOKEN\" or \"KEY\". Defaults to \"KEY\".", - "title": "DefaultAuthenticationMethod", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the GCM channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" - }, - "ServiceJson": { - "markdownDescription": "The contents of the JSON file provided by Google during registration in order to generate an access token for authentication. For more information see [Migrate from legacy FCM APIs to HTTP v1](https://docs.aws.amazon.com/https://firebase.google.com/docs/cloud-messaging/migrate-v1) .", - "title": "ServiceJson", - "type": "string" - } - }, - "required": [ - "ApplicationId" - ], - "type": "object" + "FontColor": { + "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "FontColor", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Pinpoint::GCMChannel" - ], + "FontOpacity": { + "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", + "title": "FontOpacity", + "type": "number" + }, + "FontResolution": { + "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", + "title": "FontResolution", + "type": "number" + }, + "FontSize": { + "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", + "title": "FontSize", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutlineColor": { + "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineColor", + "type": "string" + }, + "OutlineSize": { + "markdownDescription": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineSize", + "type": "number" + }, + "ShadowColor": { + "markdownDescription": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowColor", + "type": "string" + }, + "ShadowOpacity": { + "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "ShadowOpacity", + "type": "number" + }, + "ShadowXOffset": { + "markdownDescription": "Specifies the horizontal offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowXOffset", + "type": "number" + }, + "ShadowYOffset": { + "markdownDescription": "Specifies the vertical offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowYOffset", + "type": "number" + }, + "TeletextGridControl": { + "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies only to Teletext inputs and DVB-Sub/Burn-in outputs.", + "title": "TeletextGridControl", "type": "string" + }, + "XPosition": { + "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. All burn-in and DVB-Sub font settings must match.", + "title": "XPosition", + "type": "number" + }, + "YPosition": { + "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. All burn-in and DVB-Sub font settings must match.", + "title": "YPosition", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::InAppTemplate": { + "AWS::MediaLive::Channel.CaptionDescription": { "additionalProperties": false, "properties": { - "Condition": { + "Accessibility": { + "markdownDescription": "", + "title": "Accessibility", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CaptionDashRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "CaptionDashRoles", + "type": "array" + }, + "CaptionSelectorName": { + "markdownDescription": "Specifies which input captions selector to use as a captions source when generating output captions. This field should match a captionSelector name.", + "title": "CaptionSelectorName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDestinationSettings", + "markdownDescription": "Additional settings for a captions destination that depend on the destination type.", + "title": "DestinationSettings" }, - "Metadata": { - "type": "object" + "DvbDashAccessibility": { + "markdownDescription": "", + "title": "DvbDashAccessibility", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.InAppMessageContent" - }, - "markdownDescription": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors.", - "title": "Content", - "type": "array" - }, - "CustomConfig": { - "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", - "title": "CustomConfig", - "type": "object" - }, - "Layout": { - "markdownDescription": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", - "title": "Layout", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "An optional description of the in-app template.", - "title": "TemplateDescription", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the in-app message template.", - "title": "TemplateName", - "type": "string" - } - }, - "required": [ - "TemplateName" - ], - "type": "object" + "LanguageCode": { + "markdownDescription": "An ISO 639-2 three-digit code. For more information, see http://www.loc.gov/standards/iso639-2/.", + "title": "LanguageCode", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Pinpoint::InAppTemplate" - ], + "LanguageDescription": { + "markdownDescription": "Human-readable information to indicate the captions that are available for players (for example, English or Spanish).", + "title": "LanguageDescription", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the captions description. The name is used to associate a captions description with an output. Names must be unique within a channel.", + "title": "Name", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::InAppTemplate.BodyConfig": { + "AWS::MediaLive::Channel.CaptionDestinationSettings": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" + "AribDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AribDestinationSettings", + "markdownDescription": "The configuration of one ARIB captions encode in the output.", + "title": "AribDestinationSettings" }, - "Body": { - "markdownDescription": "The main body text of the message.", - "title": "Body", - "type": "string" + "BurnInDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BurnInDestinationSettings", + "markdownDescription": "The configuration of one burn-in captions encode in the output.", + "title": "BurnInDestinationSettings" }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", - "type": "string" + "DvbSubDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubDestinationSettings", + "markdownDescription": "The configuration of one DVB Sub captions encode in the output.", + "title": "DvbSubDestinationSettings" + }, + "EbuTtDDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EbuTtDDestinationSettings", + "markdownDescription": "Settings for EBU-TT captions in the output.", + "title": "EbuTtDDestinationSettings" + }, + "EmbeddedDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedDestinationSettings", + "markdownDescription": "The configuration of one embedded captions encode in the output.", + "title": "EmbeddedDestinationSettings" + }, + "EmbeddedPlusScte20DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings", + "markdownDescription": "The configuration of one embedded plus SCTE-20 captions encode in the output.", + "title": "EmbeddedPlusScte20DestinationSettings" + }, + "RtmpCaptionInfoDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings", + "markdownDescription": "The configuration of one RTMPCaptionInfo captions encode in the output.", + "title": "RtmpCaptionInfoDestinationSettings" + }, + "Scte20PlusEmbeddedDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings", + "markdownDescription": "The configuration of one SCTE20 plus embedded captions encode in the output.", + "title": "Scte20PlusEmbeddedDestinationSettings" + }, + "Scte27DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27DestinationSettings", + "markdownDescription": "The configuration of one SCTE-27 captions encode in the output.", + "title": "Scte27DestinationSettings" + }, + "SmpteTtDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SmpteTtDestinationSettings", + "markdownDescription": "The configuration of one SMPTE-TT captions encode in the output.", + "title": "SmpteTtDestinationSettings" + }, + "TeletextDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextDestinationSettings", + "markdownDescription": "The configuration of one Teletext captions encode in the output.", + "title": "TeletextDestinationSettings" + }, + "TtmlDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TtmlDestinationSettings", + "markdownDescription": "The configuration of one TTML captions encode in the output.", + "title": "TtmlDestinationSettings" + }, + "WebvttDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.WebvttDestinationSettings", + "markdownDescription": "The configuration of one WebVTT captions encode in the output.", + "title": "WebvttDestinationSettings" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.ButtonConfig": { + "AWS::MediaLive::Channel.CaptionLanguageMapping": { "additionalProperties": false, "properties": { - "Android": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration.", - "title": "Android" - }, - "DefaultConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration", - "markdownDescription": "Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users.", - "title": "DefaultConfig" + "CaptionChannel": { + "markdownDescription": "The closed caption channel being described by this CaptionLanguageMapping. Each channel mapping must have a unique channel number (maximum of 4).", + "title": "CaptionChannel", + "type": "number" }, - "IOS": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration.", - "title": "IOS" + "LanguageCode": { + "markdownDescription": "A three-character ISO 639-2 language code (see http://www.loc.gov/standards/iso639-2).", + "title": "LanguageCode", + "type": "string" }, - "Web": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration.", - "title": "Web" + "LanguageDescription": { + "markdownDescription": "The textual description of language.", + "title": "LanguageDescription", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration": { + "AWS::MediaLive::Channel.CaptionRectangle": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" - }, - "BorderRadius": { - "markdownDescription": "The border radius of a button.", - "title": "BorderRadius", + "Height": { + "markdownDescription": "See the description in leftOffset.\n\nFor height, specify the entire height of the rectangle as a percentage of the underlying frame height. For example, \\\"80\\\" means the rectangle height is 80% of the underlying frame height. The topOffset and rectangleHeight must add up to 100% or less. This field corresponds to tts:extent - Y in the TTML standard.", + "title": "Height", "type": "number" }, - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" - }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", - "type": "string" + "LeftOffset": { + "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. (Make sure to leave the default if you don't have either of these formats in the output.) You can define a display rectangle for the captions that is smaller than the underlying video frame. You define the rectangle by specifying the position of the left edge, top edge, bottom edge, and right edge of the rectangle, all within the underlying video frame. The units for the measurements are percentages. If you specify a value for one of these fields, you must specify a value for all of them.\n\nFor leftOffset, specify the position of the left edge of the rectangle, as a percentage of the underlying frame width, and relative to the left edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame width. The rectangle left edge starts at that position from the left edge of the frame. This field corresponds to tts:origin - X in the TTML standard.", + "title": "LeftOffset", + "type": "number" }, - "Text": { - "markdownDescription": "The text that appears on a button in an in-app message.", - "title": "Text", - "type": "string" + "TopOffset": { + "markdownDescription": "See the description in leftOffset.\n\nFor topOffset, specify the position of the top edge of the rectangle, as a percentage of the underlying frame height, and relative to the top edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame height. The rectangle top edge starts at that position from the top edge of the frame. This field corresponds to tts:origin - Y in the TTML standard.", + "title": "TopOffset", + "type": "number" }, - "TextColor": { - "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", - "type": "string" + "Width": { + "markdownDescription": "See the description in leftOffset.\n\nFor width, specify the entire width of the rectangle as a percentage of the underlying frame width. For example, \\\"80\\\" means the rectangle width is 80% of the underlying frame width. The leftOffset and rectangleWidth must add up to 100% or less. This field corresponds to tts:extent - X in the TTML standard.", + "title": "Width", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.HeaderConfig": { + "AWS::MediaLive::Channel.CaptionSelector": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", + "LanguageCode": { + "markdownDescription": "When specified, this field indicates the three-letter language code of the captions track to extract from the source.", + "title": "LanguageCode", "type": "string" }, - "Header": { - "markdownDescription": "The title text of the in-app message.", - "title": "Header", + "Name": { + "markdownDescription": "The name identifier for a captions selector. This name is used to associate this captions selector with one or more captions descriptions. Names must be unique within a channel.", + "title": "Name", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the title text, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", - "type": "string" + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelectorSettings", + "markdownDescription": "Information about the specific audio to extract from the input.", + "title": "SelectorSettings" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.InAppMessageContent": { + "AWS::MediaLive::Channel.CaptionSelectorSettings": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" + "AncillarySourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AncillarySourceSettings", + "markdownDescription": "Information about the ancillary captions to extract from the input.", + "title": "AncillarySourceSettings" }, - "BodyConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.BodyConfig", - "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", - "title": "BodyConfig" + "AribSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AribSourceSettings", + "markdownDescription": "Information about the ARIB captions to extract from the input.", + "title": "AribSourceSettings" }, - "HeaderConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.HeaderConfig", - "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", - "title": "HeaderConfig" + "DvbSubSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubSourceSettings", + "markdownDescription": "Information about the DVB Sub captions to extract from the input.", + "title": "DvbSubSourceSettings" }, - "ImageUrl": { - "markdownDescription": "The URL of the image that appears on an in-app message banner.", - "title": "ImageUrl", - "type": "string" + "EmbeddedSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedSourceSettings", + "markdownDescription": "Information about the embedded captions to extract from the input.", + "title": "EmbeddedSourceSettings" }, - "PrimaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", - "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", - "title": "PrimaryBtn" + "Scte20SourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20SourceSettings", + "markdownDescription": "Information about the SCTE-20 captions to extract from the input.", + "title": "Scte20SourceSettings" }, - "SecondaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", - "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", - "title": "SecondaryBtn" + "Scte27SourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27SourceSettings", + "markdownDescription": "Information about the SCTE-27 captions to extract from the input.", + "title": "Scte27SourceSettings" + }, + "TeletextSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextSourceSettings", + "markdownDescription": "Information about the Teletext captions to extract from the input.", + "title": "TeletextSourceSettings" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration": { + "AWS::MediaLive::Channel.CdiInputSpecification": { "additionalProperties": false, "properties": { - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" - }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", + "Resolution": { + "markdownDescription": "Maximum CDI input resolution", + "title": "Resolution", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::PushTemplate": { + "AWS::MediaLive::Channel.ChannelEngineVersionRequest": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ADM": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the ADM (Amazon Device Messaging) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "ADM" - }, - "APNS": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate", - "markdownDescription": "The message template to use for the APNs (Apple Push Notification service) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "APNS" - }, - "Baidu": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the Baidu (Baidu Cloud Push) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "Baidu" - }, - "Default": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate", - "markdownDescription": "The default message template to use for push notification channels.", - "title": "Default" - }, - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", - "type": "string" - }, - "GCM": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the GCM channel, which is used to send notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "GCM" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "TemplateName", - "type": "string" - } - }, - "required": [ - "TemplateName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::PushTemplate" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Version": { + "markdownDescription": "", + "title": "Version", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate": { + "AWS::MediaLive::Channel.CmafIngestCaptionLanguageMapping": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", - "type": "string" - }, - "Body": { - "markdownDescription": "The message body to use in push notifications that are based on the message template.", - "title": "Body", - "type": "string" - }, - "MediaUrl": { - "markdownDescription": "The URL of an image or video to display in push notifications that are based on the message template.", - "title": "MediaUrl", - "type": "string" - }, - "Sound": { - "markdownDescription": "The key for the sound to play when the recipient receives a push notification that's based on the message template. The value for this key is the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", - "title": "Sound", - "type": "string" - }, - "Title": { - "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", - "type": "string" + "CaptionChannel": { + "markdownDescription": "", + "title": "CaptionChannel", + "type": "number" }, - "Url": { - "markdownDescription": "The URL to open in the recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", + "LanguageCode": { + "markdownDescription": "", + "title": "LanguageCode", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate": { + "AWS::MediaLive::Channel.CmafIngestGroupSettings": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This action uses the deep-linking features of the Android platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", + "CaptionLanguageMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestCaptionLanguageMapping" + }, + "markdownDescription": "", + "title": "CaptionLanguageMappings", + "type": "array" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "", + "title": "Destination" + }, + "Id3Behavior": { + "markdownDescription": "", + "title": "Id3Behavior", "type": "string" }, - "Body": { - "markdownDescription": "The message body to use in a push notification that's based on the message template.", - "title": "Body", + "Id3NameModifier": { + "markdownDescription": "", + "title": "Id3NameModifier", "type": "string" }, - "ImageIconUrl": { - "markdownDescription": "The URL of the large icon image to display in the content view of a push notification that's based on the message template.", - "title": "ImageIconUrl", + "KlvBehavior": { + "markdownDescription": "", + "title": "KlvBehavior", "type": "string" }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display in a push notification that's based on the message template.", - "title": "ImageUrl", + "KlvNameModifier": { + "markdownDescription": "", + "title": "KlvNameModifier", "type": "string" }, - "SmallImageIconUrl": { - "markdownDescription": "The URL of the small icon image to display in the status bar and the content view of a push notification that's based on the message template.", - "title": "SmallImageIconUrl", + "NielsenId3Behavior": { + "markdownDescription": "", + "title": "NielsenId3Behavior", "type": "string" }, - "Sound": { - "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .", - "title": "Sound", + "NielsenId3NameModifier": { + "markdownDescription": "", + "title": "NielsenId3NameModifier", "type": "string" }, - "Title": { - "markdownDescription": "The title to use in a push notification that's based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", + "Scte35NameModifier": { + "markdownDescription": "", + "title": "Scte35NameModifier", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS and Android platforms.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", + "Scte35Type": { + "markdownDescription": "", + "title": "Scte35Type", "type": "string" }, - "Body": { - "markdownDescription": "The message body to use in push notifications that are based on the message template.", - "title": "Body", - "type": "string" + "SegmentLength": { + "markdownDescription": "", + "title": "SegmentLength", + "type": "number" }, - "Sound": { - "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .\n\nFor an iOS platform, this value is the key for the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", - "title": "Sound", + "SegmentLengthUnits": { + "markdownDescription": "", + "title": "SegmentLengthUnits", "type": "string" }, - "Title": { - "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", + "SendDelayMs": { + "markdownDescription": "", + "title": "SendDelayMs", + "type": "number" + }, + "TimedMetadataId3Frame": { + "markdownDescription": "", + "title": "TimedMetadataId3Frame", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", + "TimedMetadataId3Period": { + "markdownDescription": "", + "title": "TimedMetadataId3Period", + "type": "number" + }, + "TimedMetadataPassthrough": { + "markdownDescription": "", + "title": "TimedMetadataPassthrough", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::SMSChannel": { + "AWS::MediaLive::Channel.CmafIngestOutputSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the SMS channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the SMS channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "SenderId": { - "markdownDescription": "The identity that you want to display on recipients' devices when they receive messages from the SMS channel.\n\n> SenderIDs are only supported in certain countries and regions. For more information, see [Supported Countries and Regions](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) in the *Amazon Pinpoint User Guide* .", - "title": "SenderId", - "type": "string" - }, - "ShortCode": { - "markdownDescription": "The registered short code that you want to use when you send messages through the SMS channel.\n\n> For information about obtaining a dedicated short code for sending SMS messages, see [Requesting Dedicated Short Codes for SMS Messaging with Amazon Pinpoint](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-awssupport-short-code.html) in the *Amazon Pinpoint User Guide* .", - "title": "ShortCode", - "type": "string" - } - }, - "required": [ - "ApplicationId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::SMSChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NameModifier": { + "markdownDescription": "", + "title": "NameModifier", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::Segment": { + "AWS::MediaLive::Channel.ColorCorrection": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputColorSpace": { + "markdownDescription": "", + "title": "InputColorSpace", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the segment is associated with.", - "title": "ApplicationId", - "type": "string" - }, - "Dimensions": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions", - "markdownDescription": "An array that defines the dimensions for the segment.", - "title": "Dimensions" - }, - "Name": { - "markdownDescription": "The name of the segment.\n\n> A segment must have a name otherwise it will not appear in the Amazon Pinpoint console.", - "title": "Name", - "type": "string" - }, - "SegmentGroups": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentGroups", - "markdownDescription": "The segment group to use and the dimensions to apply to the group's base segments in order to build the segment. A segment group can consist of zero or more base segments. Your request can include only one segment group.", - "title": "SegmentGroups" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - } - }, - "required": [ - "ApplicationId", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::Segment" - ], + "OutputColorSpace": { + "markdownDescription": "", + "title": "OutputColorSpace", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Uri": { + "markdownDescription": "", + "title": "Uri", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::Segment.AttributeDimension": { + "AWS::MediaLive::Channel.ColorCorrectionSettings": { "additionalProperties": false, "properties": { - "AttributeType": { - "type": "string" - }, - "Values": { + "GlobalColorCorrections": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrection" }, + "markdownDescription": "", + "title": "GlobalColorCorrections", "type": "array" } }, "type": "object" }, - "AWS::Pinpoint::Segment.Behavior": { + "AWS::MediaLive::Channel.ColorSpacePassthroughSettings": { "additionalProperties": false, - "properties": { - "Recency": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Recency", - "markdownDescription": "Specifies how recently segment members were active.", - "title": "Recency" - } - }, + "properties": {}, "type": "object" }, - "AWS::Pinpoint::Segment.Coordinates": { + "AWS::MediaLive::Channel.DolbyVision81Settings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.DvbNitSettings": { "additionalProperties": false, "properties": { - "Latitude": { - "markdownDescription": "The latitude coordinate of the location.", - "title": "Latitude", + "NetworkId": { + "markdownDescription": "The numeric value placed in the Network Information Table (NIT).", + "title": "NetworkId", "type": "number" }, - "Longitude": { - "markdownDescription": "The longitude coordinate of the location.", - "title": "Longitude", + "NetworkName": { + "markdownDescription": "The network name text placed in the networkNameDescriptor inside the Network Information Table (NIT). The maximum length is 256 characters.", + "title": "NetworkName", + "type": "string" + }, + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", "type": "number" } }, - "required": [ - "Latitude", - "Longitude" - ], "type": "object" }, - "AWS::Pinpoint::Segment.Demographic": { + "AWS::MediaLive::Channel.DvbSdtSettings": { "additionalProperties": false, "properties": { - "AppVersion": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The app version criteria for the segment.", - "title": "AppVersion" - }, - "Channel": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The channel criteria for the segment.", - "title": "Channel" - }, - "DeviceType": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device type criteria for the segment.", - "title": "DeviceType" + "OutputSdt": { + "markdownDescription": "Selects a method of inserting SDT information into an output stream. The sdtFollow setting copies SDT information from input stream to output stream. The sdtFollowIfPresent setting copies SDT information from input stream to output stream if SDT information is present in the input. Otherwise, it falls back on the user-defined values. The sdtManual setting means that the user will enter the SDT information. The sdtNone setting means that the output stream will not contain SDT information.", + "title": "OutputSdt", + "type": "string" }, - "Make": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device make criteria for the segment.", - "title": "Make" + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", + "type": "number" }, - "Model": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device model criteria for the segment.", - "title": "Model" + "ServiceName": { + "markdownDescription": "The service name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", + "title": "ServiceName", + "type": "string" }, - "Platform": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device platform criteria for the segment.", - "title": "Platform" + "ServiceProviderName": { + "markdownDescription": "The service provider name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", + "title": "ServiceProviderName", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Segment.GPSPoint": { + "AWS::MediaLive::Channel.DvbSubDestinationSettings": { "additionalProperties": false, "properties": { - "Coordinates": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Coordinates", - "markdownDescription": "The GPS coordinates to measure distance from.", - "title": "Coordinates" + "Alignment": { + "markdownDescription": "If no explicit xPosition or yPosition is provided, setting the alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. This option is not valid for source captions that are STL or 608/embedded. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "Alignment", + "type": "string" }, - "RangeInKilometers": { - "markdownDescription": "The range, in kilometers, from the GPS coordinates.", - "title": "RangeInKilometers", + "BackgroundColor": { + "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundColor", + "type": "string" + }, + "BackgroundOpacity": { + "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundOpacity", "type": "number" - } - }, - "required": [ - "Coordinates", - "RangeInKilometers" - ], - "type": "object" - }, - "AWS::Pinpoint::Segment.Groups": { - "additionalProperties": false, - "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions" - }, - "markdownDescription": "An array that defines the dimensions to include or exclude from the segment.", - "title": "Dimensions", - "type": "array" }, - "SourceSegments": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SourceSegments" - }, - "markdownDescription": "The base segment to build the segment on. A base segment, also called a *source segment* , defines the initial population of endpoints for a segment. When you add dimensions to the segment, Amazon Pinpoint filters the base segment by using the dimensions that you specify.\n\nYou can specify more than one dimensional segment or only one imported segment. If you specify an imported segment, the segment size estimate that displays on the Amazon Pinpoint console indicates the size of the imported segment without any filters applied to it.", - "title": "SourceSegments", - "type": "array" + "Font": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", + "title": "Font" }, - "SourceType": { - "markdownDescription": "Specifies how to handle multiple base segments for the segment. For example, if you specify three base segments for the segment, whether the resulting segment is based on all, any, or none of the base segments.", - "title": "SourceType", + "FontColor": { + "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "FontColor", "type": "string" }, - "Type": { - "markdownDescription": "Specifies how to handle multiple dimensions for the segment. For example, if you specify three dimensions for the segment, whether the resulting segment includes endpoints that match all, any, or none of the dimensions.", - "title": "Type", + "FontOpacity": { + "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", + "title": "FontOpacity", + "type": "number" + }, + "FontResolution": { + "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", + "title": "FontResolution", + "type": "number" + }, + "FontSize": { + "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", + "title": "FontSize", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.Location": { - "additionalProperties": false, - "properties": { - "Country": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The country or region code, in ISO 3166-1 alpha-2 format, for the segment.", - "title": "Country" }, - "GPSPoint": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.GPSPoint", - "markdownDescription": "The GPS point dimension for the segment.", - "title": "GPSPoint" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Segment.Recency": { - "additionalProperties": false, - "properties": { - "Duration": { - "markdownDescription": "The duration to use when determining which users have been active or inactive with your app.\n\nPossible values: `HR_24` | `DAY_7` | `DAY_14` | `DAY_30` .", - "title": "Duration", + "OutlineColor": { + "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineColor", "type": "string" }, - "RecencyType": { - "markdownDescription": "The type of recency dimension to use for the segment. Valid values are: `ACTIVE` and `INACTIVE` . If the value is `ACTIVE` , the segment includes users who have used your app within the specified duration are included in the segment. If the value is `INACTIVE` , the segment includes users who haven't used your app within the specified duration are included in the segment.", - "title": "RecencyType", + "OutlineSize": { + "markdownDescription": "Specifies the font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineSize", + "type": "number" + }, + "ShadowColor": { + "markdownDescription": "Specifies the color of the shadow that is cast by the captions. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowColor", "type": "string" - } - }, - "required": [ - "Duration", - "RecencyType" - ], - "type": "object" - }, - "AWS::Pinpoint::Segment.SegmentDimensions": { - "additionalProperties": false, - "properties": { - "Attributes": { - "markdownDescription": "One or more custom attributes to use as criteria for the segment. For more information see [AttributeDimension](https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#apps-application-id-segments-model-attributedimension)", - "title": "Attributes", - "type": "object" }, - "Behavior": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Behavior", - "markdownDescription": "The behavior-based criteria, such as how recently users have used your app, for the segment.", - "title": "Behavior" + "ShadowOpacity": { + "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "ShadowOpacity", + "type": "number" }, - "Demographic": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Demographic", - "markdownDescription": "The demographic-based criteria, such as device platform, for the segment.", - "title": "Demographic" + "ShadowXOffset": { + "markdownDescription": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowXOffset", + "type": "number" }, - "Location": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Location", - "markdownDescription": "The location-based criteria, such as region or GPS coordinates, for the segment.", - "title": "Location" + "ShadowYOffset": { + "markdownDescription": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowYOffset", + "type": "number" }, - "Metrics": { - "markdownDescription": "One or more custom metrics to use as criteria for the segment.", - "title": "Metrics", - "type": "object" + "TeletextGridControl": { + "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies to only Teletext inputs and DVB-Sub/Burn-in outputs.", + "title": "TeletextGridControl", + "type": "string" }, - "UserAttributes": { - "markdownDescription": "One or more custom user attributes to use as criteria for the segment.", - "title": "UserAttributes", - "type": "object" + "XPosition": { + "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "XPosition", + "type": "number" + }, + "YPosition": { + "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "YPosition", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Segment.SegmentGroups": { + "AWS::MediaLive::Channel.DvbSubSourceSettings": { "additionalProperties": false, "properties": { - "Groups": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Groups" - }, - "markdownDescription": "Specifies the set of segment criteria to evaluate when handling segment groups for the segment.", - "title": "Groups", - "type": "array" - }, - "Include": { - "markdownDescription": "Specifies how to handle multiple segment groups for the segment. For example, if the segment includes three segment groups, whether the resulting segment includes endpoints that match all, any, or none of the segment groups.", - "title": "Include", + "OcrLanguage": { + "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", + "title": "OcrLanguage", "type": "string" + }, + "Pid": { + "markdownDescription": "When using DVB-Sub with burn-in or SMPTE-TT, use this PID for the source content. It is unused for DVB-Sub passthrough. All DVB-Sub content is passed through, regardless of selectors.", + "title": "Pid", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Segment.SetDimension": { + "AWS::MediaLive::Channel.DvbTdtSettings": { "additionalProperties": false, "properties": { - "DimensionType": { - "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", - "title": "DimensionType", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", - "title": "Values", - "type": "array" + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Segment.SourceSegments": { + "AWS::MediaLive::Channel.Eac3AtmosSettings": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The unique identifier for the source segment.", - "title": "Id", + "Bitrate": { + "markdownDescription": "", + "title": "Bitrate", + "type": "number" + }, + "CodingMode": { + "markdownDescription": "", + "title": "CodingMode", "type": "string" }, - "Version": { - "markdownDescription": "The version number of the source segment.", - "title": "Version", + "Dialnorm": { + "markdownDescription": "", + "title": "Dialnorm", + "type": "number" + }, + "DrcLine": { + "markdownDescription": "", + "title": "DrcLine", + "type": "string" + }, + "DrcRf": { + "markdownDescription": "", + "title": "DrcRf", + "type": "string" + }, + "HeightTrim": { + "markdownDescription": "", + "title": "HeightTrim", + "type": "number" + }, + "SurroundTrim": { + "markdownDescription": "", + "title": "SurroundTrim", "type": "number" } }, - "required": [ - "Id" - ], "type": "object" }, - "AWS::Pinpoint::SmsTemplate": { + "AWS::MediaLive::Channel.Eac3Settings": { "additionalProperties": false, "properties": { - "Condition": { + "AttenuationControl": { + "markdownDescription": "When set to attenuate3Db, applies a 3 dB attenuation to the surround channels. Used only for the 3/2 coding mode.", + "title": "AttenuationControl", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", + "title": "Bitrate", + "type": "number" + }, + "BitstreamMode": { + "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted E-AC-3 stream. For more information, see ATSC A/52-2012 (Annex E).", + "title": "BitstreamMode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CodingMode": { + "markdownDescription": "The Dolby Digital Plus coding mode. This mode determines the number of channels.", + "title": "CodingMode", + "type": "string" }, - "Metadata": { - "type": "object" + "DcFilter": { + "markdownDescription": "When set to enabled, activates a DC highpass filter for all input channels.", + "title": "DcFilter", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Body": { - "markdownDescription": "The message body to use in text messages that are based on the message template.", - "title": "Body", - "type": "string" - }, - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "TemplateName", - "type": "string" - } - }, - "required": [ - "Body", - "TemplateName" - ], - "type": "object" + "Dialnorm": { + "markdownDescription": "Sets the dialnorm for the output. If blank and the input audio is Dolby Digital Plus, dialnorm will be passed through.", + "title": "Dialnorm", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Pinpoint::SmsTemplate" - ], + "DrcLine": { + "markdownDescription": "Sets the Dolby dynamic range compression profile.", + "title": "DrcLine", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DrcRf": { + "markdownDescription": "Sets the profile for heavy Dolby dynamic range compression, ensuring that the instantaneous signal peaks do not exceed specified levels.", + "title": "DrcRf", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Pinpoint::VoiceChannel": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "LfeControl": { + "markdownDescription": "When encoding 3/2 audio, setting to lfe enables the LFE channel.", + "title": "LfeControl", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LfeFilter": { + "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. Valid only with a codingMode32 coding mode.", + "title": "LfeFilter", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LoRoCenterMixLevel": { + "markdownDescription": "The Left only/Right only center mix level. Used only for the 3/2 coding mode.", + "title": "LoRoCenterMixLevel", + "type": "number" }, - "Metadata": { - "type": "object" + "LoRoSurroundMixLevel": { + "markdownDescription": "The Left only/Right only surround mix level. Used only for a 3/2 coding mode.", + "title": "LoRoSurroundMixLevel", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the voice channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the voice channel for the application.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "ApplicationId" - ], - "type": "object" + "LtRtCenterMixLevel": { + "markdownDescription": "The Left total/Right total center mix level. Used only for a 3/2 coding mode.", + "title": "LtRtCenterMixLevel", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Pinpoint::VoiceChannel" - ], + "LtRtSurroundMixLevel": { + "markdownDescription": "The Left total/Right total surround mix level. Used only for the 3/2 coding mode.", + "title": "LtRtSurroundMixLevel", + "type": "number" + }, + "MetadataControl": { + "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is not supplied from one of these streams, then the static metadata settings are used.", + "title": "MetadataControl", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PassthroughControl": { + "markdownDescription": "When set to whenPossible, input DD+ audio will be passed through if it is present on the input. This detection is dynamic over the life of the transcode. Inputs that alternate between DD+ and non-DD+ content will have a consistent DD+ output as the system alternates between passthrough and encoding.", + "title": "PassthroughControl", + "type": "string" + }, + "PhaseControl": { + "markdownDescription": "When set to shift90Degrees, applies a 90-degree phase shift to the surround channels. Used only for a 3/2 coding mode.", + "title": "PhaseControl", + "type": "string" + }, + "StereoDownmix": { + "markdownDescription": "A stereo downmix preference. Used only for the 3/2 coding mode.", + "title": "StereoDownmix", + "type": "string" + }, + "SurroundExMode": { + "markdownDescription": "When encoding 3/2 audio, sets whether an extra center back surround channel is matrix encoded into the left and right surround channels.", + "title": "SurroundExMode", + "type": "string" + }, + "SurroundMode": { + "markdownDescription": "When encoding 2/0 audio, sets whether Dolby Surround is matrix-encoded into the two channels.", + "title": "SurroundMode", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet": { + "AWS::MediaLive::Channel.EbuTtDDestinationSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CopyrightHolder": { + "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. Complete this field if you want to include the name of the copyright holder in the copyright metadata tag in the TTML", + "title": "CopyrightHolder", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DefaultFontSize": { + "markdownDescription": "", + "title": "DefaultFontSize", + "type": "number" }, - "Metadata": { - "type": "object" + "DefaultLineHeight": { + "markdownDescription": "", + "title": "DefaultLineHeight", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeliveryOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.DeliveryOptions", - "markdownDescription": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.", - "title": "DeliveryOptions" - }, - "Name": { - "markdownDescription": "The name of the configuration set.", - "title": "Name", - "type": "string" - }, - "ReputationOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.ReputationOptions", - "markdownDescription": "An object that defines whether or not Amazon Pinpoint collects reputation metrics for the emails that you send that use the configuration set.", - "title": "ReputationOptions" - }, - "SendingOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.SendingOptions", - "markdownDescription": "An object that defines whether or not Amazon Pinpoint can send email that you send using the configuration set.", - "title": "SendingOptions" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the configuration set.", - "title": "Tags", - "type": "array" - }, - "TrackingOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.TrackingOptions", - "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", - "title": "TrackingOptions" - } - }, - "required": [ - "Name" - ], - "type": "object" + "FillLineGap": { + "markdownDescription": "Specifies how to handle the gap between the lines (in multi-line captions). - enabled: Fill with the captions background color (as specified in the input captions).\n- disabled: Leave the gap unfilled.", + "title": "FillLineGap", + "type": "string" }, - "Type": { - "enum": [ - "AWS::PinpointEmail::ConfigurationSet" - ], + "FontFamily": { + "markdownDescription": "Specifies the font family to include in the font data attached to the EBU-TT captions. Valid only if styleControl is set to include. If you leave this field empty, the font family is set to \"monospaced\". (If styleControl is set to exclude, the font family is always set to \"monospaced\".) You specify only the font family. All other style information (color, bold, position and so on) is copied from the input captions. The size is always set to 100% to allow the downstream player to choose the size. - Enter a list of font families, as a comma-separated list of font names, in order of preference. The name can be a font family (such as \u201cArial\u201d), or a generic font family (such as \u201cserif\u201d), or \u201cdefault\u201d (to let the downstream player choose the font).\n- Leave blank to set the family to \u201cmonospace\u201d.", + "title": "FontFamily", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StyleControl": { + "markdownDescription": "Specifies the style information (font color, font position, and so on) to include in the font data that is attached to the EBU-TT captions. - include: Take the style information (font color, font position, and so on) from the source captions and include that information in the font data attached to the EBU-TT captions. This option is valid only if the source captions are Embedded or Teletext.\n- exclude: In the font data attached to the EBU-TT captions, set the font family to \"monospaced\". Do not include any other style information.", + "title": "StyleControl", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { + "AWS::MediaLive::Channel.EmbeddedDestinationSettings": { "additionalProperties": false, - "properties": { - "SendingPoolName": { - "markdownDescription": "The name of the dedicated IP pool that you want to associate with the configuration set.", - "title": "SendingPoolName", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.ReputationOptions": { + "AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings": { "additionalProperties": false, - "properties": { - "ReputationMetricsEnabled": { - "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", - "title": "ReputationMetricsEnabled", - "type": "boolean" - } - }, + "properties": {}, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.SendingOptions": { + "AWS::MediaLive::Channel.EmbeddedSourceSettings": { "additionalProperties": false, "properties": { - "SendingEnabled": { - "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", - "title": "SendingEnabled", - "type": "boolean" + "Convert608To708": { + "markdownDescription": "If this is upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. If 708 data is present in the source content, it is discarded.", + "title": "Convert608To708", + "type": "string" + }, + "Scte20Detection": { + "markdownDescription": "Set to \"auto\" to handle streams with intermittent or non-aligned SCTE-20 and embedded captions.", + "title": "Scte20Detection", + "type": "string" + }, + "Source608ChannelNumber": { + "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions. This is unused for passthrough.", + "title": "Source608ChannelNumber", + "type": "number" + }, + "Source608TrackNumber": { + "markdownDescription": "This field is unused and deprecated.", + "title": "Source608TrackNumber", + "type": "number" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.Tags": { + "AWS::MediaLive::Channel.EncoderSettings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the configuration set, then this value is required.", - "title": "Key", - "type": "string" + "AudioDescriptions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDescription" + }, + "markdownDescription": "The encoding information for output audio.", + "title": "AudioDescriptions", + "type": "array" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", - "type": "string" + "AvailBlanking": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailBlanking", + "markdownDescription": "The settings for ad avail blanking.", + "title": "AvailBlanking" + }, + "AvailConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailConfiguration", + "markdownDescription": "The configuration settings for the ad avail handling.", + "title": "AvailConfiguration" + }, + "BlackoutSlate": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BlackoutSlate", + "markdownDescription": "The settings for the blackout slate.", + "title": "BlackoutSlate" + }, + "CaptionDescriptions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDescription" + }, + "markdownDescription": "The encoding information for output captions.", + "title": "CaptionDescriptions", + "type": "array" + }, + "ColorCorrectionSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrectionSettings", + "markdownDescription": "", + "title": "ColorCorrectionSettings" + }, + "FeatureActivations": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FeatureActivations", + "markdownDescription": "Settings to enable specific features.", + "title": "FeatureActivations" + }, + "GlobalConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.GlobalConfiguration", + "markdownDescription": "The configuration settings that apply to the entire channel.", + "title": "GlobalConfiguration" + }, + "MotionGraphicsConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsConfiguration", + "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsConfiguration" + }, + "NielsenConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenConfiguration", + "markdownDescription": "The settings to configure Nielsen watermarks.", + "title": "NielsenConfiguration" + }, + "OutputGroups": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroup" + }, + "markdownDescription": "The settings for the output groups in the channel.", + "title": "OutputGroups", + "type": "array" + }, + "ThumbnailConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ThumbnailConfiguration", + "markdownDescription": "", + "title": "ThumbnailConfiguration" + }, + "TimecodeConfig": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeConfig", + "markdownDescription": "Contains settings used to acquire and adjust timecode information from the inputs.", + "title": "TimecodeConfig" + }, + "VideoDescriptions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoDescription" + }, + "markdownDescription": "The encoding information for output videos.", + "title": "VideoDescriptions", + "type": "array" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.TrackingOptions": { + "AWS::MediaLive::Channel.EpochLockingSettings": { "additionalProperties": false, "properties": { - "CustomRedirectDomain": { - "markdownDescription": "The domain that you want to use for tracking open and click events.", - "title": "CustomRedirectDomain", + "CustomEpoch": { + "markdownDescription": "", + "title": "CustomEpoch", + "type": "string" + }, + "JamSyncTime": { + "markdownDescription": "", + "title": "JamSyncTime", "type": "string" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination": { + "AWS::MediaLive::Channel.Esam": { "additionalProperties": false, "properties": { - "Condition": { + "AcquisitionPointId": { + "markdownDescription": "", + "title": "AcquisitionPointId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AdAvailOffset": { + "markdownDescription": "", + "title": "AdAvailOffset", + "type": "number" }, - "Metadata": { - "type": "object" + "PasswordParam": { + "markdownDescription": "", + "title": "PasswordParam", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationSetName": { - "markdownDescription": "The name of the configuration set that contains the event destination that you want to modify.", - "title": "ConfigurationSetName", - "type": "string" - }, - "EventDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination", - "markdownDescription": "An object that defines the event destination.", - "title": "EventDestination" - }, - "EventDestinationName": { - "markdownDescription": "The name of the event destination that you want to modify.", - "title": "EventDestinationName", - "type": "string" - } - }, - "required": [ - "ConfigurationSetName", - "EventDestinationName" - ], - "type": "object" + "PoisEndpoint": { + "markdownDescription": "", + "title": "PoisEndpoint", + "type": "string" }, - "Type": { - "enum": [ - "AWS::PinpointEmail::ConfigurationSetEventDestination" - ], + "Username": { + "markdownDescription": "", + "title": "Username", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ZoneIdentity": { + "markdownDescription": "", + "title": "ZoneIdentity", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination": { + "AWS::MediaLive::Channel.FailoverCondition": { "additionalProperties": false, "properties": { - "DimensionConfigurations": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration" - }, - "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", - "title": "DimensionConfigurations", - "type": "array" + "FailoverConditionSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverConditionSettings", + "markdownDescription": "Settings for a specific failover condition.", + "title": "FailoverConditionSettings" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration": { + "AWS::MediaLive::Channel.FailoverConditionSettings": { "additionalProperties": false, "properties": { - "DefaultDimensionValue": { - "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DefaultDimensionValue", - "type": "string" + "AudioSilenceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSilenceFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if the specified audio selector is silent for the specified period.", + "title": "AudioSilenceSettings" }, - "DimensionName": { - "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DimensionName", - "type": "string" + "InputLossSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if content is not detected in this input for the specified period.", + "title": "InputLossSettings" }, - "DimensionValueSource": { - "markdownDescription": "The location where Amazon Pinpoint finds the value of a dimension to publish to Amazon CloudWatch. Acceptable values: `MESSAGE_TAG` , `EMAIL_HEADER` , and `LINK_TAG` .\n\nIf you want Amazon Pinpoint to use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` API, choose `MESSAGE_TAG` . If you want Amazon Pinpoint to use your own email headers, choose `EMAIL_HEADER` . If you want Amazon Pinpoint to use tags that are specified in your links, choose `LINK_TAG` .", - "title": "DimensionValueSource", - "type": "string" + "VideoBlackSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoBlackFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if content is considered black for the specified period.", + "title": "VideoBlackSettings" } }, - "required": [ - "DefaultDimensionValue", - "DimensionName", - "DimensionValueSource" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination": { + "AWS::MediaLive::Channel.FeatureActivations": { "additionalProperties": false, "properties": { - "CloudWatchDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination", - "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", - "title": "CloudWatchDestination" - }, - "Enabled": { - "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", - "title": "Enabled", - "type": "boolean" - }, - "KinesisFirehoseDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination", - "markdownDescription": "An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift.", - "title": "KinesisFirehoseDestination" - }, - "MatchingEventTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of events that Amazon Pinpoint sends to the specified event destinations. Acceptable values: `SEND` , `REJECT` , `BOUNCE` , `COMPLAINT` , `DELIVERY` , `OPEN` , `CLICK` , and `RENDERING_FAILURE` .", - "title": "MatchingEventTypes", - "type": "array" - }, - "PinpointDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination", - "markdownDescription": "An object that defines a Amazon Pinpoint destination for email events. You can use Amazon Pinpoint events to create attributes in Amazon Pinpoint projects. You can use these attributes to create segments for your campaigns.", - "title": "PinpointDestination" + "InputPrepareScheduleActions": { + "markdownDescription": "Enables the Input Prepare feature. You can create Input Prepare actions in the schedule only if this feature is enabled.\nIf you disable the feature on an existing schedule, make sure that you first delete all input prepare actions from the schedule.", + "title": "InputPrepareScheduleActions", + "type": "string" }, - "SnsDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination", - "markdownDescription": "An object that defines an Amazon SNS destination for email events. You can use Amazon SNS to send notification when certain email events occur.", - "title": "SnsDestination" + "OutputStaticImageOverlayScheduleActions": { + "markdownDescription": "", + "title": "OutputStaticImageOverlayScheduleActions", + "type": "string" } }, - "required": [ - "MatchingEventTypes" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "AWS::MediaLive::Channel.FecOutputSettings": { "additionalProperties": false, "properties": { - "DeliveryStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Firehose stream that Amazon Pinpoint sends email events to.", - "title": "DeliveryStreamArn", - "type": "string" + "ColumnDepth": { + "markdownDescription": "The parameter D from SMPTE 2022-1. The height of the FEC protection matrix. The number of transport stream packets per column error correction packet. The number must be between 4 and 20, inclusive.", + "title": "ColumnDepth", + "type": "number" }, - "IamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that Amazon Pinpoint uses when sending email events to the Amazon Kinesis Data Firehose stream.", - "title": "IamRoleArn", + "IncludeFec": { + "markdownDescription": "Enables column only or column and row-based FEC.", + "title": "IncludeFec", "type": "string" + }, + "RowLength": { + "markdownDescription": "The parameter L from SMPTE 2022-1. The width of the FEC protection matrix. Must be between 1 and 20, inclusive. If only Column FEC is used, then larger values increase robustness. If Row FEC is used, then this is the number of transport stream packets per row error correction packet, and the value must be between 4 and 20, inclusive, if includeFec is columnAndRow. If includeFec is column, this value must be 1 to 20, inclusive.", + "title": "RowLength", + "type": "number" } }, - "required": [ - "DeliveryStreamArn", - "IamRoleArn" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination": { + "AWS::MediaLive::Channel.Fmp4HlsSettings": { "additionalProperties": false, "properties": { - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Pinpoint project that you want to send email events to.", - "title": "ApplicationArn", + "AudioRenditionSets": { + "markdownDescription": "List all the audio groups that are used with the video output stream. Input all the audio GROUP-IDs that are associated to the video, separate by ','.", + "title": "AudioRenditionSets", + "type": "string" + }, + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", + "type": "string" + }, + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", "type": "string" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination": { + "AWS::MediaLive::Channel.FrameCaptureCdnSettings": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic that you want to publish email events to. For more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", - "type": "string" + "FrameCaptureS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this Frame Capture output.", + "title": "FrameCaptureS3Settings" } }, - "required": [ - "TopicArn" - ], "type": "object" }, - "AWS::PinpointEmail::DedicatedIpPool": { + "AWS::MediaLive::Channel.FrameCaptureGroupSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PoolName": { - "markdownDescription": "The name of the dedicated IP pool.", - "title": "PoolName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::DedicatedIpPool.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the dedicated IP pool.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PinpointEmail::DedicatedIpPool" - ], - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The destination for the frame capture files. The destination is either the URI for an Amazon S3 bucket and object, plus a file name prefix (for example, s3ssl://sportsDelivery/highlights/20180820/curling_) or the URI for a MediaStore container, plus a file name prefix (for example, mediastoressl://sportsDelivery/20180820/curling_). The final file names consist of the prefix from the destination field (for example, \"curling_\") + name modifier + the counter (5 digits, starting from 00001) + extension (which is always .jpg). For example, curlingLow.00001.jpg.", + "title": "Destination" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FrameCaptureCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureCdnSettings", + "markdownDescription": "Settings to configure the destination of a Frame Capture output.", + "title": "FrameCaptureCdnSettings" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::PinpointEmail::DedicatedIpPool.Tags": { + "AWS::MediaLive::Channel.FrameCaptureHlsSettings": { "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the dedicated IP pool, then this value is required.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::PinpointEmail::Identity": { + "AWS::MediaLive::Channel.FrameCaptureOutputSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DkimSigningEnabled": { - "markdownDescription": "For domain identities, this attribute is used to enable or disable DomainKeys Identified Mail (DKIM) signing for the domain.\n\nIf the value is `true` , then the messages that you send from the domain are signed using both the DKIM keys for your domain, as well as the keys for the `amazonses.com` domain. If the value is `false` , then the messages that you send are only signed using the DKIM keys for the `amazonses.com` domain.", - "title": "DkimSigningEnabled", - "type": "boolean" - }, - "FeedbackForwardingEnabled": { - "markdownDescription": "Used to enable or disable feedback forwarding for an identity. This setting determines what happens when an identity is used to send an email that results in a bounce or complaint event.\n\nWhen you enable feedback forwarding, Amazon Pinpoint sends you email notifications when bounce or complaint events occur. Amazon Pinpoint sends this notification to the address that you specified in the Return-Path header of the original email.\n\nWhen you disable feedback forwarding, Amazon Pinpoint sends notifications through other mechanisms, such as by notifying an Amazon SNS topic. You're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications, Amazon Pinpoint sends an email notification when these events occur (even if this setting is disabled).", - "title": "FeedbackForwardingEnabled", - "type": "boolean" - }, - "MailFromAttributes": { - "$ref": "#/definitions/AWS::PinpointEmail::Identity.MailFromAttributes", - "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", - "title": "MailFromAttributes" - }, - "Name": { - "markdownDescription": "The address or domain of the identity, such as *sender@example.com* or *example.co.uk* .", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::Identity.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the email identity.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PinpointEmail::Identity" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NameModifier": { + "markdownDescription": "Required if the output group contains more than one output. This modifier forms part of the output file name.", + "title": "NameModifier", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PinpointEmail::Identity.MailFromAttributes": { + "AWS::MediaLive::Channel.FrameCaptureS3Settings": { "additionalProperties": false, "properties": { - "BehaviorOnMxFailure": { - "markdownDescription": "The action that Amazon Pinpoint to takes if it can't read the required MX record for a custom MAIL FROM domain. When you set this value to `UseDefaultValue` , Amazon Pinpoint uses *amazonses.com* as the MAIL FROM domain. When you set this value to `RejectMessage` , Amazon Pinpoint returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.", - "title": "BehaviorOnMxFailure", - "type": "string" - }, - "MailFromDomain": { - "markdownDescription": "The name of a domain that an email identity uses as a custom MAIL FROM domain.", - "title": "MailFromDomain", + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", "type": "string" } }, "type": "object" }, - "AWS::PinpointEmail::Identity.Tags": { + "AWS::MediaLive::Channel.FrameCaptureSettings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the identity, then this value is required.", - "title": "Key", - "type": "string" + "CaptureInterval": { + "markdownDescription": "The frequency, in seconds, for capturing frames for inclusion in the output. For example, \"10\" means capture a frame every 10 seconds.", + "title": "CaptureInterval", + "type": "number" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", + "CaptureIntervalUnits": { + "markdownDescription": "Unit for the frame capture interval.", + "title": "CaptureIntervalUnits", "type": "string" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe": { + "AWS::MediaLive::Channel.GlobalConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InitialAudioGain": { + "markdownDescription": "The value to set the initial audio gain for the channel.", + "title": "InitialAudioGain", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputEndAction": { + "markdownDescription": "Indicates the action to take when the current input completes (for example, end-of-file). When switchAndLoopInputs is configured, MediaLive restarts at the beginning of the first input. When \"none\" is configured, MediaLive transcodes either black, a solid color, or a user-specified slate images per the \"Input Loss Behavior\" configuration until the next input switch occurs (which is controlled through the Channel Schedule API).", + "title": "InputEndAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputLossBehavior": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossBehavior", + "markdownDescription": "The settings for system actions when the input is lost.", + "title": "InputLossBehavior" }, - "Metadata": { - "type": "object" + "OutputLockingMode": { + "markdownDescription": "Indicates how MediaLive pipelines are synchronized. PIPELINELOCKING - MediaLive attempts to synchronize the output of each pipeline to the other. EPOCHLOCKING - MediaLive attempts to synchronize the output of each pipeline to the Unix epoch.", + "title": "OutputLockingMode", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the pipe.", - "title": "Description", - "type": "string" - }, - "DesiredState": { - "markdownDescription": "The state the pipe should be in.", - "title": "DesiredState", - "type": "string" - }, - "Enrichment": { - "markdownDescription": "The ARN of the enrichment resource.", - "title": "Enrichment", - "type": "string" - }, - "EnrichmentParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentParameters", - "markdownDescription": "The parameters required to set up enrichment on your pipe.", - "title": "EnrichmentParameters" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeLogConfiguration", - "markdownDescription": "The logging configuration settings for the pipe.", - "title": "LogConfiguration" - }, - "Name": { - "markdownDescription": "The name of the pipe.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows the pipe to send data to the target.", - "title": "RoleArn", - "type": "string" - }, - "Source": { - "markdownDescription": "The ARN of the source resource.", - "title": "Source", - "type": "string" - }, - "SourceParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceParameters", - "markdownDescription": "The parameters required to set up a source for your pipe.", - "title": "SourceParameters" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The list of key-value pairs to associate with the pipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Target": { - "markdownDescription": "The ARN of the target resource.", - "title": "Target", - "type": "string" - }, - "TargetParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetParameters", - "markdownDescription": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* .", - "title": "TargetParameters" - } - }, - "required": [ - "RoleArn", - "Source", - "Target" - ], - "type": "object" + "OutputLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLockingSettings", + "markdownDescription": "", + "title": "OutputLockingSettings" }, - "Type": { - "enum": [ - "AWS::Pipes::Pipe" - ], + "OutputTimingSource": { + "markdownDescription": "Indicates whether the rate of frames emitted by the Live encoder should be paced by its system clock (which optionally might be locked to another source through NTP) or should be locked to the clock of the source that is providing the input stream.", + "title": "OutputTimingSource", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SupportLowFramerateInputs": { + "markdownDescription": "Adjusts the video input buffer for streams with very low video frame rates. This is commonly set to enabled for music channels with less than one video frame per second.", + "title": "SupportLowFramerateInputs", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pipes::Pipe.AwsVpcConfiguration": { + "AWS::MediaLive::Channel.H264ColorSpaceSettings": { "additionalProperties": false, "properties": { - "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", - "title": "AssignPublicIp", - "type": "string" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "Passthrough applies no color space conversion to the output.", + "title": "ColorSpacePassthroughSettings" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", - "title": "SecurityGroups", - "type": "array" + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "Settings to configure the handling of Rec601 color space.", + "title": "Rec601Settings" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "Settings to configure the handling of Rec709 color space.", + "title": "Rec709Settings" } }, - "required": [ - "Subnets" - ], "type": "object" }, - "AWS::Pipes::Pipe.BatchArrayProperties": { + "AWS::MediaLive::Channel.H264FilterSettings": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The size of the array, if this is an array batch job.", - "title": "Size", - "type": "number" + "BandwidthReductionFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BandwidthReductionFilterSettings", + "markdownDescription": "", + "title": "BandwidthReductionFilterSettings" + }, + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.BatchContainerOverrides": { + "AWS::MediaLive::Channel.H264Settings": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition.", - "title": "Command", - "type": "array" + "AdaptiveQuantization": { + "markdownDescription": "The adaptive quantization. This allows intra-frame quantizers to vary to improve visual quality.", + "title": "AdaptiveQuantization", + "type": "string" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchEnvironmentVariable" - }, - "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition.\n\n> Environment variables cannot start with \" `AWS Batch` \". This naming convention is reserved for variables that AWS Batch sets.", - "title": "Environment", - "type": "array" + "AfdSignaling": { + "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is auto, the system tries to preserve the input AFD value (in cases where multiple AFD values are valid). If set to fixed, the AFD value is the value configured in the fixedAfd parameter.", + "title": "AfdSignaling", + "type": "string" }, - "InstanceType": { - "markdownDescription": "The instance type to use for a multi-node parallel job.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", - "title": "InstanceType", + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. This is required when the rate control mode is VBR or CBR. It isn't used for QVBR. In a Microsoft Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", + "title": "Bitrate", + "type": "number" + }, + "BufFillPct": { + "markdownDescription": "The percentage of the buffer that should initially be filled (HRD buffer model).", + "title": "BufFillPct", + "type": "number" + }, + "BufSize": { + "markdownDescription": "The size of the buffer (HRD buffer model) in bits/second.", + "title": "BufSize", + "type": "number" + }, + "ColorMetadata": { + "markdownDescription": "Includes color space metadata in the output.", + "title": "ColorMetadata", "type": "string" }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchResourceRequirement" - }, - "markdownDescription": "The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", - "title": "ResourceRequirements", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.BatchEnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264ColorSpaceSettings", + "markdownDescription": "Settings to configure the color space handling for the video.", + "title": "ColorSpaceSettings" + }, + "EntropyEncoding": { + "markdownDescription": "The entropy encoding mode. Use cabac (must be in Main or High profile) or cavlc.", + "title": "EntropyEncoding", "type": "string" }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264FilterSettings", + "markdownDescription": "Optional filters that you can apply to an encode.", + "title": "FilterSettings" + }, + "FixedAfd": { + "markdownDescription": "A four-bit AFD value to write on all frames of video in the output stream. Valid only when afdSignaling is set to Fixed.", + "title": "FixedAfd", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.BatchJobDependency": { - "additionalProperties": false, - "properties": { - "JobId": { - "markdownDescription": "The job ID of the AWS Batch job that's associated with this dependency.", - "title": "JobId", + }, + "FlickerAq": { + "markdownDescription": "If set to enabled, adjusts the quantization within each frame to reduce flicker or pop on I-frames.", + "title": "FlickerAq", "type": "string" }, - "Type": { - "markdownDescription": "The type of the job dependency.", - "title": "Type", + "ForceFieldPictures": { + "markdownDescription": "This setting applies only when scan type is \"interlaced.\" It controls whether coding is performed on a field basis or on a frame basis. (When the video is progressive, the coding is always performed on a frame basis.)\nenabled: Force MediaLive to code on a field basis, so that odd and even sets of fields are coded separately.\ndisabled: Code the two sets of fields separately (on a field basis) or together (on a frame basis using PAFF), depending on what is most appropriate for the content.", + "title": "ForceFieldPictures", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.BatchResourceRequirement": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", - "title": "Type", + }, + "FramerateControl": { + "markdownDescription": "Indicates how the output video frame rate is specified. If you select \"specified,\" the output video frame rate is determined by framerateNumerator and framerateDenominator. If you select \"initializeFromSource,\" the output video frame rate is set equal to the input video frame rate of the first input.", + "title": "FramerateControl", "type": "string" }, - "Value": { - "markdownDescription": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n> GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, 4, or 8\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880", - "title": "Value", + "FramerateDenominator": { + "markdownDescription": "The frame rate denominator.", + "title": "FramerateDenominator", + "type": "number" + }, + "FramerateNumerator": { + "markdownDescription": "The frame rate numerator. The frame rate is a fraction, for example, 24000/1001 = 23.976 fps.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopBReference": { + "markdownDescription": "If enabled, uses reference B frames for GOP structures that have B frames > 1.", + "title": "GopBReference", "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.BatchRetryStrategy": { - "additionalProperties": false, - "properties": { - "Attempts": { - "markdownDescription": "The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value.", - "title": "Attempts", + }, + "GopClosedCadence": { + "markdownDescription": "The frequency of closed GOPs. In streaming applications, we recommend that you set this to 1 so that a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", + "title": "GopClosedCadence", "type": "number" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.CapacityProviderStrategyItem": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", - "title": "Base", + }, + "GopNumBFrames": { + "markdownDescription": "The number of B-frames between reference frames.", + "title": "GopNumBFrames", "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "GopSize": { + "markdownDescription": "The GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits. The value must be greater than zero.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds, the system converts the gopSize into a frame count at runtime.", + "title": "GopSizeUnits", "type": "string" }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", + "Level": { + "markdownDescription": "The H.264 level.", + "title": "Level", + "type": "string" + }, + "LookAheadRateControl": { + "markdownDescription": "The amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", + "title": "LookAheadRateControl", + "type": "string" + }, + "MaxBitrate": { + "markdownDescription": "For QVBR: See the tooltip for Quality level. For VBR: Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.", + "title": "MaxBitrate", "type": "number" - } - }, - "required": [ - "CapacityProvider" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.CloudwatchLogsLogDestination": { - "additionalProperties": false, - "properties": { - "LogGroupArn": { - "markdownDescription": "The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records.", - "title": "LogGroupArn", + }, + "MinIInterval": { + "markdownDescription": "Meaningful only if sceneChangeDetect is set to enabled. This setting enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting the I-interval. The normal cadence resumes for the next GOP. Note that the maximum GOP stretch = GOP size + Min-I-interval - 1.", + "title": "MinIInterval", + "type": "number" + }, + "MinQp": { + "markdownDescription": "", + "title": "MinQp", + "type": "number" + }, + "NumRefFrames": { + "markdownDescription": "The number of reference frames to use. The encoder might use more than requested if you use B-frames or interlaced encoding.", + "title": "NumRefFrames", + "type": "number" + }, + "ParControl": { + "markdownDescription": "Indicates how the output pixel aspect ratio is specified. If \"specified\" is selected, the output video pixel aspect ratio is determined by parNumerator and parDenominator. If \"initializeFromSource\" is selected, the output pixels aspect ratio will be set equal to the input video pixel aspect ratio of the first input.", + "title": "ParControl", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.DeadLetterConfig": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The ARN of the specified target for the dead-letter queue.\n\nFor Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN.", - "title": "Arn", + }, + "ParDenominator": { + "markdownDescription": "The Pixel Aspect Ratio denominator.", + "title": "ParDenominator", + "type": "number" + }, + "ParNumerator": { + "markdownDescription": "The Pixel Aspect Ratio numerator.", + "title": "ParNumerator", + "type": "number" + }, + "Profile": { + "markdownDescription": "An H.264 profile.", + "title": "Profile", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.EcsContainerOverride": { - "additionalProperties": false, - "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.", - "title": "Command", - "type": "array" }, - "Cpu": { - "markdownDescription": "The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name.", - "title": "Cpu", + "QualityLevel": { + "markdownDescription": "Leave as STANDARD_QUALITY or choose a different value (which might result in additional costs to run the channel).\n- ENHANCED_QUALITY: Produces a slightly better video quality without an increase in the bitrate. Has an effect only when the Rate control mode is QVBR or CBR. If this channel is in a MediaLive multiplex, the value must be ENHANCED_QUALITY.\n- STANDARD_QUALITY: Valid for any Rate control mode.", + "title": "QualityLevel", + "type": "string" + }, + "QvbrQualityLevel": { + "markdownDescription": "Controls the target quality for the video encode. This applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are: - Primary screen: Quality level: 8 to 10. Max bitrate: 4M - PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M - Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M.", + "title": "QvbrQualityLevel", "type": "number" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentVariable" - }, - "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name.", - "title": "Environment", - "type": "array" + "RateControlMode": { + "markdownDescription": "The rate control mode. QVBR: The quality will match the specified quality level except when it is constrained by the maximum bitrate. We recommend this if you or your viewers pay for bandwidth. VBR: The quality and bitrate vary, depending on the video complexity. We recommend this instead of QVBR if you want to maintain a specific average bitrate over the duration of the channel. CBR: The quality varies, depending on the video complexity. We recommend this only if you distribute your assets to devices that can't handle variable bitrates.", + "title": "RateControlMode", + "type": "string" }, - "EnvironmentFiles": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentFile" - }, - "markdownDescription": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition.", - "title": "EnvironmentFiles", - "type": "array" + "ScanType": { + "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", + "title": "ScanType", + "type": "string" }, - "Memory": { - "markdownDescription": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.", - "title": "Memory", + "SceneChangeDetect": { + "markdownDescription": "The scene change detection. On: inserts I-frames when the scene change is detected. Off: does not force an I-frame when the scene change is detected.", + "title": "SceneChangeDetect", + "type": "string" + }, + "Slices": { + "markdownDescription": "The number of slices per picture. The number must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures. This field is optional. If you don't specify a value, MediaLive chooses the number of slices based on the encode resolution.", + "title": "Slices", "type": "number" }, - "MemoryReservation": { - "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name.", - "title": "MemoryReservation", + "Softness": { + "markdownDescription": "Softness. Selects a quantizer matrix. Larger values reduce high-frequency content in the encoded image.", + "title": "Softness", "type": "number" }, - "Name": { - "markdownDescription": "The name of the container that receives the override. This parameter is required if any override is specified.", - "title": "Name", + "SpatialAq": { + "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the spatial variation of content complexity.", + "title": "SpatialAq", "type": "string" }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsResourceRequirement" - }, - "markdownDescription": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU.", - "title": "ResourceRequirements", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.EcsEnvironmentFile": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The file type to use. The only supported value is `s3` .", - "title": "Type", + "SubgopLength": { + "markdownDescription": "If set to fixed, uses gopNumBFrames B-frames per sub-GOP. If set to dynamic, optimizes the number of B-frames used for each sub-GOP to improve visual quality.", + "title": "SubgopLength", "type": "string" }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", - "title": "Value", + "Syntax": { + "markdownDescription": "Produces a bitstream that is compliant with SMPTE RP-2027.", + "title": "Syntax", + "type": "string" + }, + "TemporalAq": { + "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the temporal variation of content complexity.", + "title": "TemporalAq", + "type": "string" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" + }, + "TimecodeInsertion": { + "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream. disabled: don't include timecodes. picTimingSei: pass through picture timing SEI messages from the source specified in Timecode Config.", + "title": "TimecodeInsertion", "type": "string" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::Pipes::Pipe.EcsEnvironmentVariable": { + "AWS::MediaLive::Channel.H265ColorSpaceSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", - "type": "string" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "Passthrough applies no color space conversion to the output.", + "title": "ColorSpacePassthroughSettings" }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", - "type": "string" + "DolbyVision81Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DolbyVision81Settings", + "markdownDescription": "", + "title": "DolbyVision81Settings" + }, + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "Settings to configure the handling of HDR10 color space.", + "title": "Hdr10Settings" + }, + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "Settings to configure the handling of Rec601 color space.", + "title": "Rec601Settings" + }, + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "Settings to configure the handling of Rec709 color space.", + "title": "Rec709Settings" } }, "type": "object" }, - "AWS::Pipes::Pipe.EcsEphemeralStorage": { + "AWS::MediaLive::Channel.H265FilterSettings": { "additionalProperties": false, "properties": { - "SizeInGiB": { - "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", - "title": "SizeInGiB", - "type": "number" + "BandwidthReductionFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BandwidthReductionFilterSettings", + "markdownDescription": "", + "title": "BandwidthReductionFilterSettings" + }, + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, - "required": [ - "SizeInGiB" - ], "type": "object" }, - "AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride": { + "AWS::MediaLive::Channel.H265Settings": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition.", - "title": "DeviceName", + "AdaptiveQuantization": { + "markdownDescription": "Adaptive quantization. Allows intra-frame quantizers to vary to improve visual quality.", + "title": "AdaptiveQuantization", "type": "string" }, - "DeviceType": { - "markdownDescription": "The Elastic Inference accelerator type to use.", - "title": "DeviceType", + "AfdSignaling": { + "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is \"auto\", the system will try to preserve the input AFD value (in cases where multiple AFD values are valid). If set to \"fixed\", the AFD value will be the value configured in the fixedAfd parameter.", + "title": "AfdSignaling", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.EcsResourceRequirement": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` .", - "title": "Type", + }, + "AlternativeTransferFunction": { + "markdownDescription": "Whether or not EML should insert an Alternative Transfer Function SEI message to support backwards compatibility with non-HDR decoders and displays.", + "title": "AlternativeTransferFunction", "type": "string" }, - "Value": { - "markdownDescription": "The value for the specified resource type.\n\nIf the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nIf the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition.", - "title": "Value", + "Bitrate": { + "markdownDescription": "Average bitrate in bits/second. Required when the rate control mode is VBR or CBR. Not used for QVBR. In an MS Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", + "title": "Bitrate", + "type": "number" + }, + "BufSize": { + "markdownDescription": "Size of buffer (HRD buffer model) in bits.", + "title": "BufSize", + "type": "number" + }, + "ColorMetadata": { + "markdownDescription": "Includes colorspace metadata in the output.", + "title": "ColorMetadata", "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.EcsTaskOverride": { - "additionalProperties": false, - "properties": { - "ContainerOverrides": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsContainerOverride" - }, - "markdownDescription": "One or more container overrides that are sent to a task.", - "title": "ContainerOverrides", - "type": "array" }, - "Cpu": { - "markdownDescription": "The cpu override for the task.", - "title": "Cpu", + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265ColorSpaceSettings", + "markdownDescription": "Color Space settings", + "title": "ColorSpaceSettings" + }, + "Deblocking": { + "markdownDescription": "", + "title": "Deblocking", "type": "string" }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEphemeralStorage", - "markdownDescription": "The ephemeral storage setting override for the task.\n\n> This parameter is only supported for tasks hosted on Fargate that use the following platform versions:\n> \n> - Linux platform version `1.4.0` or later.\n> - Windows platform version `1.0.0` or later.", - "title": "EphemeralStorage" + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265FilterSettings", + "markdownDescription": "Optional filters that you can apply to an encode.", + "title": "FilterSettings" }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ExecutionRoleArn", + "FixedAfd": { + "markdownDescription": "Four bit AFD value to write on all frames of video in the output stream. Only valid when afdSignaling is set to 'Fixed'.", + "title": "FixedAfd", "type": "string" }, - "InferenceAcceleratorOverrides": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride" - }, - "markdownDescription": "The Elastic Inference accelerator override for the task.", - "title": "InferenceAcceleratorOverrides", - "type": "array" + "FlickerAq": { + "markdownDescription": "If set to enabled, adjust quantization within each frame to reduce flicker or 'pop' on I-frames.", + "title": "FlickerAq", + "type": "string" }, - "Memory": { - "markdownDescription": "The memory override for the task.", - "title": "Memory", + "FramerateDenominator": { + "markdownDescription": "Framerate denominator.", + "title": "FramerateDenominator", + "type": "number" + }, + "FramerateNumerator": { + "markdownDescription": "Framerate numerator - framerate is a fraction, e.g. 24000 / 1001 = 23.976 fps.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopClosedCadence": { + "markdownDescription": "Frequency of closed GOPs. In streaming applications, it is recommended that this be set to 1 so a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopSize": { + "markdownDescription": "GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits.\nIf gopSizeUnits is frames, gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, gopSize must be greater than 0, but need not be an integer.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds the system will convert the gopSize into a frame count at run time.", + "title": "GopSizeUnits", "type": "string" }, - "TaskRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "TaskRoleArn", + "Level": { + "markdownDescription": "H.265 Level.", + "title": "Level", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.Filter": { - "additionalProperties": false, - "properties": { - "Pattern": { - "markdownDescription": "The event pattern.", - "title": "Pattern", + }, + "LookAheadRateControl": { + "markdownDescription": "Amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", + "title": "LookAheadRateControl", + "type": "string" + }, + "MaxBitrate": { + "markdownDescription": "For QVBR: See the tooltip for Quality level", + "title": "MaxBitrate", + "type": "number" + }, + "MinIInterval": { + "markdownDescription": "Only meaningful if sceneChangeDetect is set to enabled. Defaults to 5 if multiplex rate control is used. Enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk and/or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting I-interval. The normal cadence resumes for the next GOP. Note: Maximum GOP stretch = GOP size + Min-I-interval - 1", + "title": "MinIInterval", + "type": "number" + }, + "MinQp": { + "markdownDescription": "", + "title": "MinQp", + "type": "number" + }, + "MvOverPictureBoundaries": { + "markdownDescription": "", + "title": "MvOverPictureBoundaries", + "type": "string" + }, + "MvTemporalPredictor": { + "markdownDescription": "", + "title": "MvTemporalPredictor", + "type": "string" + }, + "ParDenominator": { + "markdownDescription": "Pixel Aspect Ratio denominator.", + "title": "ParDenominator", + "type": "number" + }, + "ParNumerator": { + "markdownDescription": "Pixel Aspect Ratio numerator.", + "title": "ParNumerator", + "type": "number" + }, + "Profile": { + "markdownDescription": "H.265 Profile.", + "title": "Profile", + "type": "string" + }, + "QvbrQualityLevel": { + "markdownDescription": "Controls the target quality for the video encode. Applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are:\n- Primary screen: Quality level: 8 to 10. Max bitrate: 4M\n- PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M\n- Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M", + "title": "QvbrQualityLevel", + "type": "number" + }, + "RateControlMode": { + "markdownDescription": "Rate control mode. QVBR: Quality will match the specified quality level except when it is constrained by the\nmaximum bitrate. Recommended if you or your viewers pay for bandwidth. CBR: Quality varies, depending on the video complexity. Recommended only if you distribute\nyour assets to devices that cannot handle variable bitrates. Multiplex: This rate control mode is only supported (and is required) when the video is being\ndelivered to a MediaLive Multiplex in which case the rate control configuration is controlled\nby the properties within the Multiplex Program.", + "title": "RateControlMode", + "type": "string" + }, + "ScanType": { + "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", + "title": "ScanType", + "type": "string" + }, + "SceneChangeDetect": { + "markdownDescription": "Scene change detection.", + "title": "SceneChangeDetect", + "type": "string" + }, + "Slices": { + "markdownDescription": "Number of slices per picture. Must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures.\nThis field is optional; when no value is specified the encoder will choose the number of slices based on encode resolution.", + "title": "Slices", + "type": "number" + }, + "Tier": { + "markdownDescription": "H.265 Tier.", + "title": "Tier", + "type": "string" + }, + "TileHeight": { + "markdownDescription": "", + "title": "TileHeight", + "type": "number" + }, + "TilePadding": { + "markdownDescription": "", + "title": "TilePadding", + "type": "string" + }, + "TileWidth": { + "markdownDescription": "", + "title": "TileWidth", + "type": "number" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" + }, + "TimecodeInsertion": { + "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream.\n- 'disabled': Do not include timecodes\n- 'picTimingSei': Pass through picture timing SEI messages from the source specified in Timecode Config", + "title": "TimecodeInsertion", + "type": "string" + }, + "TreeblockSize": { + "markdownDescription": "", + "title": "TreeblockSize", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.FilterCriteria": { + "AWS::MediaLive::Channel.Hdr10Settings": { "additionalProperties": false, "properties": { - "Filters": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.Filter" - }, - "markdownDescription": "The event patterns.", - "title": "Filters", - "type": "array" + "MaxCll": { + "markdownDescription": "Maximum Content Light Level\nAn integer metadata value defining the maximum light level, in nits,\nof any single pixel within an encoded HDR video stream or file.", + "title": "MaxCll", + "type": "number" + }, + "MaxFall": { + "markdownDescription": "Maximum Frame Average Light Level\nAn integer metadata value defining the maximum average light level, in nits,\nfor any single frame within an encoded HDR video stream or file.", + "title": "MaxFall", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.FirehoseLogDestination": { + "AWS::MediaLive::Channel.HlsAkamaiSettings": { "additionalProperties": false, "properties": { - "DeliveryStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records.", - "title": "DeliveryStreamArn", + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" + }, + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "HttpTransferMode": { + "markdownDescription": "Specifies whether to use chunked transfer encoding to Akamai. To enable this feature, contact Akamai.", + "title": "HttpTransferMode", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.MQBrokerAccessCredentials": { - "additionalProperties": false, - "properties": { - "BasicAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "BasicAuth", + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts that will be made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" + }, + "Salt": { + "markdownDescription": "The salt for authenticated Akamai.", + "title": "Salt", + "type": "string" + }, + "Token": { + "markdownDescription": "The token parameter for authenticated Akamai. If this is not specified, _gda_ is used.", + "title": "Token", "type": "string" } }, - "required": [ - "BasicAuth" - ], "type": "object" }, - "AWS::Pipes::Pipe.MSKAccessCredentials": { + "AWS::MediaLive::Channel.HlsBasicPutSettings": { "additionalProperties": false, "properties": { - "ClientCertificateTlsAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "ClientCertificateTlsAuth", - "type": "string" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "SaslScram512Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram512Auth", - "type": "string" + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts that MediaLive makes before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.NetworkConfiguration": { + "AWS::MediaLive::Channel.HlsCdnSettings": { "additionalProperties": false, "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.AwsVpcConfiguration", - "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", - "title": "AwsvpcConfiguration" + "HlsAkamaiSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsAkamaiSettings", + "markdownDescription": "Sets up Akamai as the downstream system for the HLS output group.", + "title": "HlsAkamaiSettings" + }, + "HlsBasicPutSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsBasicPutSettings", + "markdownDescription": "The settings for Basic Put for the HLS output.", + "title": "HlsBasicPutSettings" + }, + "HlsMediaStoreSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsMediaStoreSettings", + "markdownDescription": "Sets up MediaStore as the destination for the HLS output.", + "title": "HlsMediaStoreSettings" + }, + "HlsS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this HLS output.", + "title": "HlsS3Settings" + }, + "HlsWebdavSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsWebdavSettings", + "markdownDescription": "The settings for Web VTT captions in the HLS output group.\n\nThe parent of this entity is HlsGroupSettings.", + "title": "HlsWebdavSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeEnrichmentHttpParameters": { + "AWS::MediaLive::Channel.HlsGroupSettings": { "additionalProperties": false, "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" - }, - "PathParameterValues": { + "AdMarkers": { "items": { "type": "string" }, - "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", + "markdownDescription": "Chooses one or more ad marker types to pass SCTE35 signals through to this group of Apple HLS outputs.", + "title": "AdMarkers", "type": "array" }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeEnrichmentParameters": { - "additionalProperties": false, - "properties": { - "HttpParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentHttpParameters", - "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", - "title": "HttpParameters" + "BaseUrlContent": { + "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", + "title": "BaseUrlContent", + "type": "string" }, - "InputTemplate": { - "markdownDescription": "Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", - "title": "InputTemplate", + "BaseUrlContent1": { + "markdownDescription": "Optional. One value per output group. This field is required only if you are completing Base URL content A, and the downstream system has notified you that the media files for pipeline 1 of all outputs are in a location different from the media files for pipeline 0.", + "title": "BaseUrlContent1", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeLogConfiguration": { - "additionalProperties": false, - "properties": { - "CloudwatchLogsLogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.CloudwatchLogsLogDestination", - "markdownDescription": "The logging configuration settings for the pipe.", - "title": "CloudwatchLogsLogDestination" }, - "FirehoseLogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.FirehoseLogDestination", - "markdownDescription": "The Amazon Data Firehose logging configuration settings for the pipe.", - "title": "FirehoseLogDestination" + "BaseUrlManifest": { + "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", + "title": "BaseUrlManifest", + "type": "string" }, - "IncludeExecutionData": { + "BaseUrlManifest1": { + "markdownDescription": "Optional. One value per output group. Complete this field only if you are completing Base URL manifest A, and the downstream system has notified you that the child manifest files for pipeline 1 of all outputs are in a location different from the child manifest files for pipeline 0.", + "title": "BaseUrlManifest1", + "type": "string" + }, + "CaptionLanguageMappings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" }, - "markdownDescription": "Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe.\n\nThis applies to all log destinations for the pipe.\n\nFor more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* .\n\n*Allowed values:* `ALL`", - "title": "IncludeExecutionData", + "markdownDescription": "A mapping of up to 4 captions channels to captions languages. This is meaningful only if captionLanguageSetting is set to \"insert.\"", + "title": "CaptionLanguageMappings", "type": "array" }, - "Level": { - "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the pipe.", - "title": "Level", + "CaptionLanguageSetting": { + "markdownDescription": "Applies only to 608 embedded output captions. Insert: Include CLOSED-CAPTIONS lines in the manifest. Specify at least one language in the CC1 Language Code field. One CLOSED-CAPTION line is added for each Language Code that you specify. Make sure to specify the languages in the order in which they appear in the original source (if the source is embedded format) or the order of the captions selectors (if the source is other than embedded). Otherwise, languages in the manifest will not match properly with the output captions. None: Include the CLOSED-CAPTIONS=NONE line in the manifest. Omit: Omit any CLOSED-CAPTIONS line from the manifest.", + "title": "CaptionLanguageSetting", "type": "string" }, - "S3LogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.S3LogDestination", - "markdownDescription": "The Amazon S3 logging configuration settings for the pipe.", - "title": "S3LogDestination" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters": { - "additionalProperties": false, - "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" + "ClientCache": { + "markdownDescription": "When set to \"disabled,\" sets the #EXT-X-ALLOW-CACHE:no tag in the manifest, which prevents clients from saving media segments for later replay.", + "title": "ClientCache", + "type": "string" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" + "CodecSpecification": { + "markdownDescription": "The specification to use (RFC-6381 or the default RFC-4281) during m3u8 playlist generation.", + "title": "CodecSpecification", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "ConstantIv": { + "markdownDescription": "Used with encryptionType. This is a 128-bit, 16-byte hex value that is represented by a 32-character text string. If ivSource is set to \"explicit,\" this parameter is required and is used as the IV for encryption.", + "title": "ConstantIv", + "type": "string" }, - "QueueName": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "QueueName", + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "A directory or HTTP destination for the HLS segments, manifest files, and encryption keys (if enabled).", + "title": "Destination" + }, + "DirectoryStructure": { + "markdownDescription": "Places segments in subdirectories.", + "title": "DirectoryStructure", "type": "string" - } - }, - "required": [ - "Credentials", - "QueueName" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters": { - "additionalProperties": false, - "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", - "markdownDescription": "Define the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" + "DiscontinuityTags": { + "markdownDescription": "Specifies whether to insert EXT-X-DISCONTINUITY tags in the HLS child manifests for this output group.\nTypically, choose Insert because these tags are required in the manifest (according to the HLS specification) and serve an important purpose.\nChoose Never Insert only if the downstream system is doing real-time failover (without using the MediaLive automatic failover feature) and only if that downstream system has advised you to exclude the tags.", + "title": "DiscontinuityTags", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "EncryptionType": { + "markdownDescription": "Encrypts the segments with the specified encryption scheme. Exclude this parameter if you don't want encryption.", + "title": "EncryptionType", + "type": "string" }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", - "title": "MaximumRecordAgeInSeconds", - "type": "number" + "HlsCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsCdnSettings", + "markdownDescription": "The parameters that control interactions with the CDN.", + "title": "HlsCdnSettings" }, - "MaximumRetryAttempts": { - "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", - "type": "number" + "HlsId3SegmentTagging": { + "markdownDescription": "State of HLS ID3 Segment Tagging", + "title": "HlsId3SegmentTagging", + "type": "string" }, - "OnPartialBatchItemFailure": { - "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", - "title": "OnPartialBatchItemFailure", + "IFrameOnlyPlaylists": { + "markdownDescription": "DISABLED: Don't create an I-frame-only manifest, but do create the master and media manifests (according to the Output Selection field). STANDARD: Create an I-frame-only manifest for each output that contains video, as well as the other manifests (according to the Output Selection field). The I-frame manifest contains a #EXT-X-I-FRAMES-ONLY tag to indicate it is I-frame only, and one or more #EXT-X-BYTERANGE entries identifying the I-frame position. For example, #EXT-X-BYTERANGE:160364@1461888\".", + "title": "IFrameOnlyPlaylists", "type": "string" }, - "ParallelizationFactor": { - "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", + "IncompleteSegmentBehavior": { + "markdownDescription": "Specifies whether to include the final (incomplete) segment in the media output when the pipeline stops producing output because of a channel stop, a channel pause or a loss of input to the pipeline.\nAuto means that MediaLive decides whether to include the final segment, depending on the channel class and the types of output groups.\nSuppress means to never include the incomplete segment. We recommend you choose Auto and let MediaLive control the behavior.", + "title": "IncompleteSegmentBehavior", + "type": "string" + }, + "IndexNSegments": { + "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the maximum number of segments in the media manifest file. After this maximum, older segments are removed from the media manifest. This number must be less than or equal to the Keep Segments field.", + "title": "IndexNSegments", "type": "number" }, - "StartingPosition": { - "markdownDescription": "(Streams only) The position in a stream from which to start reading.\n\n*Valid values* : `TRIM_HORIZON | LATEST`", - "title": "StartingPosition", + "InputLossAction": { + "markdownDescription": "A parameter that controls output group behavior on an input loss.", + "title": "InputLossAction", "type": "string" - } - }, - "required": [ - "StartingPosition" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters": { - "additionalProperties": false, - "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", - "markdownDescription": "Define the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" + "IvInManifest": { + "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If set to \"include,\" the IV is listed in the manifest. Otherwise, the IV is not in the manifest.", + "title": "IvInManifest", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "IvSource": { + "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If this setting is \"followsSegmentNumber,\" it causes the IV to change every segment (to match the segment number). If this is set to \"explicit,\" you must enter a constantIv value.", + "title": "IvSource", + "type": "string" }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", - "title": "MaximumRecordAgeInSeconds", + "KeepSegments": { + "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the number of media segments (.ts files) to retain in the destination directory.", + "title": "KeepSegments", "type": "number" }, - "MaximumRetryAttempts": { - "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", - "type": "number" + "KeyFormat": { + "markdownDescription": "Specifies how the key is represented in the resource identified by the URI. If the parameter is absent, an implicit value of \"identity\" is used. A reverse DNS string can also be specified.", + "title": "KeyFormat", + "type": "string" }, - "OnPartialBatchItemFailure": { - "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", - "title": "OnPartialBatchItemFailure", + "KeyFormatVersions": { + "markdownDescription": "Either a single positive integer version value or a slash-delimited list of version values (1/2/3).", + "title": "KeyFormatVersions", "type": "string" }, - "ParallelizationFactor": { - "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", - "type": "number" + "KeyProviderSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.KeyProviderSettings", + "markdownDescription": "The key provider settings.", + "title": "KeyProviderSettings" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "ManifestCompression": { + "markdownDescription": "When set to gzip, compresses HLS playlist.", + "title": "ManifestCompression", "type": "string" }, - "StartingPositionTimestamp": { - "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds.", - "title": "StartingPositionTimestamp", + "ManifestDurationFormat": { + "markdownDescription": "Indicates whether the output manifest should use a floating point or integer values for segment duration.", + "title": "ManifestDurationFormat", "type": "string" - } - }, - "required": [ - "StartingPosition" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters": { - "additionalProperties": false, - "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", + }, + "MinSegmentLength": { + "markdownDescription": "When set, minimumSegmentLength is enforced by looking ahead and back within the specified range for a nearby avail and extending the segment size if needed.", + "title": "MinSegmentLength", "type": "number" }, - "ConsumerGroupID": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "ConsumerGroupID", + "Mode": { + "markdownDescription": "If \"vod,\" all segments are indexed and kept permanently in the destination and manifest. If \"live,\" only the number segments specified in keepSegments and indexNSegments are kept. Newer segments replace older segments, which might prevent players from rewinding all the way to the beginning of the channel. VOD mode uses HLS EXT-X-PLAYLIST-TYPE of EVENT while the channel is running, converting it to a \"VOD\" type manifest on completion of the stream.", + "title": "Mode", "type": "string" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MSKAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" + "OutputSelection": { + "markdownDescription": "MANIFESTSANDSEGMENTS: Generates manifests (the master manifest, if applicable, and media manifests) for this output group. SEGMENTSONLY: Doesn't generate any manifests for this output group.", + "title": "OutputSelection", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "ProgramDateTime": { + "markdownDescription": "Includes or excludes the EXT-X-PROGRAM-DATE-TIME tag in .m3u8 manifest files. The value is calculated as follows: Either the program date and time are initialized using the input timecode source, or the time is initialized using the input timecode source and the date is initialized using the timestampOffset.", + "title": "ProgramDateTime", + "type": "string" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "ProgramDateTimeClock": { + "markdownDescription": "Specifies the algorithm used to drive the HLS EXT-X-PROGRAM-DATE-TIME clock. Options include: INITIALIZE_FROM_OUTPUT_TIMECODE: The PDT clock is initialized as a function of the first output timecode, then incremented by the EXTINF duration of each encoded segment. SYSTEM_CLOCK: The PDT clock is initialized as a function of the UTC wall clock, then incremented by the EXTINF duration of each encoded segment. If the PDT clock diverges from the wall clock by more than 500ms, it is resynchronized to the wall clock.", + "title": "ProgramDateTimeClock", "type": "string" }, - "TopicName": { - "markdownDescription": "The name of the topic that the pipe will read from.", - "title": "TopicName", + "ProgramDateTimePeriod": { + "markdownDescription": "The period of insertion of the EXT-X-PROGRAM-DATE-TIME entry, in seconds.", + "title": "ProgramDateTimePeriod", + "type": "number" + }, + "RedundantManifest": { + "markdownDescription": "ENABLED: The master manifest (.m3u8 file) for each pipeline includes information about both pipelines: first its own media files, then the media files of the other pipeline. This feature allows a playout device that supports stale manifest detection to switch from one manifest to the other, when the current manifest seems to be stale. There are still two destinations and two master manifests, but both master manifests reference the media files from both pipelines. DISABLED: The master manifest (.m3u8 file) for each pipeline includes information about its own pipeline only. For an HLS output group with MediaPackage as the destination, the DISABLED behavior is always followed. MediaPackage regenerates the manifests it serves to players, so a redundant manifest from MediaLive is irrelevant.", + "title": "RedundantManifest", "type": "string" - } - }, - "required": [ - "TopicName" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeSourceParameters": { - "additionalProperties": false, - "properties": { - "ActiveMQBrokerParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters", - "markdownDescription": "The parameters for using an Active MQ broker as a source.", - "title": "ActiveMQBrokerParameters" }, - "DynamoDBStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters", - "markdownDescription": "The parameters for using a DynamoDB stream as a source.", - "title": "DynamoDBStreamParameters" + "SegmentLength": { + "markdownDescription": "The length of the MPEG-2 Transport Stream segments to create, in seconds. Note that segments will end on the next keyframe after this number of seconds, so the actual segment length might be longer.", + "title": "SegmentLength", + "type": "number" }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::Pipes::Pipe.FilterCriteria", - "markdownDescription": "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects.\n\nFor more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* .", - "title": "FilterCriteria" + "SegmentationMode": { + "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", + "title": "SegmentationMode", + "type": "string" }, - "KinesisStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters", - "markdownDescription": "The parameters for using a Kinesis stream as a source.", - "title": "KinesisStreamParameters" + "SegmentsPerSubdirectory": { + "markdownDescription": "The number of segments to write to a subdirectory before starting a new one. For this setting to have an effect, directoryStructure must be subdirectoryPerStream.", + "title": "SegmentsPerSubdirectory", + "type": "number" }, - "ManagedStreamingKafkaParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters", - "markdownDescription": "The parameters for using an MSK stream as a source.", - "title": "ManagedStreamingKafkaParameters" + "StreamInfResolution": { + "markdownDescription": "The include or exclude RESOLUTION attribute for a video in the EXT-X-STREAM-INF tag of a variant manifest.", + "title": "StreamInfResolution", + "type": "string" }, - "RabbitMQBrokerParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters", - "markdownDescription": "The parameters for using a Rabbit MQ broker as a source.", - "title": "RabbitMQBrokerParameters" + "TimedMetadataId3Frame": { + "markdownDescription": "Indicates the ID3 frame that has the timecode.", + "title": "TimedMetadataId3Frame", + "type": "string" }, - "SelfManagedKafkaParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters", - "markdownDescription": "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* .", - "title": "SelfManagedKafkaParameters" + "TimedMetadataId3Period": { + "markdownDescription": "The timed metadata interval, in seconds.", + "title": "TimedMetadataId3Period", + "type": "number" }, - "SqsQueueParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSqsQueueParameters", - "markdownDescription": "The parameters for using a Amazon SQS stream as a source.", - "title": "SqsQueueParameters" + "TimestampDeltaMilliseconds": { + "markdownDescription": "Provides an extra millisecond delta offset to fine tune the timestamps.", + "title": "TimestampDeltaMilliseconds", + "type": "number" + }, + "TsFileMode": { + "markdownDescription": "SEGMENTEDFILES: Emits the program as segments -multiple .ts media files. SINGLEFILE: Applies only if the Mode field is VOD. Emits the program as a single .ts media file. The media manifest includes #EXT-X-BYTERANGE tags to index segments for playback. A typical use for this value is when sending the output to AWS Elemental MediaConvert, which can accept only a single media file. Playback while the channel is running is not guaranteed due to HTTP server caching.", + "title": "TsFileMode", + "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters": { + "AWS::MediaLive::Channel.HlsInputSettings": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", + "Bandwidth": { + "markdownDescription": "When specified, the HLS stream with the m3u8 bandwidth that most closely matches this value is chosen. Otherwise, the highest bandwidth stream in the m3u8 is chosen. The bitrate is specified in bits per second, as in an HLS manifest.", + "title": "Bandwidth", "type": "number" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" + "BufferSegments": { + "markdownDescription": "When specified, reading of the HLS input begins this many buffer segments from the end (most recently written segment). When not specified, the HLS input begins with the first segment specified in the m3u8.", + "title": "BufferSegments", + "type": "number" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", + "Retries": { + "markdownDescription": "The number of consecutive times that attempts to read a manifest or segment must fail before the input is considered unavailable.", + "title": "Retries", "type": "number" }, - "QueueName": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "QueueName", - "type": "string" + "RetryInterval": { + "markdownDescription": "The number of seconds between retries when an attempt to read a manifest or segment fails.", + "title": "RetryInterval", + "type": "number" }, - "VirtualHost": { - "markdownDescription": "The name of the virtual host associated with the source broker.", - "title": "VirtualHost", + "Scte35Source": { + "markdownDescription": "Identifies the source for the SCTE-35 messages that MediaLive will ingest. Messages can be ingested from the content segments (in the stream) or from tags in the playlist (the HLS manifest). MediaLive ignores SCTE-35 information in the source that is not selected.", + "title": "Scte35Source", "type": "string" } }, - "required": [ - "Credentials", - "QueueName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters": { + "AWS::MediaLive::Channel.HlsMediaStoreSettings": { "additionalProperties": false, "properties": { - "AdditionalBootstrapServers": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of server URLs.", - "title": "AdditionalBootstrapServers", - "type": "array" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", "type": "number" }, - "ConsumerGroupID": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "ConsumerGroupID", + "MediaStoreStorageClass": { + "markdownDescription": "When set to temporal, output files are stored in non-persistent memory for faster reading and writing.", + "title": "MediaStoreStorageClass", "type": "string" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", + "NumRetries": { + "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", + "title": "NumRetries", "type": "number" }, - "ServerRootCaCertificate": { - "markdownDescription": "The ARN of the Secrets Manager secret used for certification.", - "title": "ServerRootCaCertificate", + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.HlsOutputSettings": { + "additionalProperties": false, + "properties": { + "H265PackagingType": { + "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", + "title": "H265PackagingType", "type": "string" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", - "type": "string" + "HlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsSettings", + "markdownDescription": "The settings regarding the underlying stream. These settings are different for audio-only outputs.", + "title": "HlsSettings" }, - "TopicName": { - "markdownDescription": "The name of the topic that the pipe will read from.", - "title": "TopicName", + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. Accepts \\\"Format Identifiers\\\":#formatIdentifierParameters.", + "title": "NameModifier", "type": "string" }, - "Vpc": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc", - "markdownDescription": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used.", - "title": "Vpc" + "SegmentModifier": { + "markdownDescription": "A string that is concatenated to the end of segment file names.", + "title": "SegmentModifier", + "type": "string" } }, - "required": [ - "TopicName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceSqsQueueParameters": { + "AWS::MediaLive::Channel.HlsS3Settings": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", + "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetBatchJobParameters": { + "AWS::MediaLive::Channel.HlsSettings": { "additionalProperties": false, "properties": { - "ArrayProperties": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchArrayProperties", - "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", - "title": "ArrayProperties" + "AudioOnlyHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioOnlyHlsSettings", + "markdownDescription": "The settings for an audio-only output.", + "title": "AudioOnlyHlsSettings" }, - "ContainerOverrides": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchContainerOverrides", - "markdownDescription": "The overrides that are sent to a container.", - "title": "ContainerOverrides" + "Fmp4HlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Fmp4HlsSettings", + "markdownDescription": "The settings for an fMP4 container.", + "title": "Fmp4HlsSettings" }, - "DependsOn": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchJobDependency" - }, - "markdownDescription": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin.", - "title": "DependsOn", - "type": "array" + "FrameCaptureHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureHlsSettings", + "markdownDescription": "Settings for a frame capture output in an HLS output group.", + "title": "FrameCaptureHlsSettings" }, - "JobDefinition": { - "markdownDescription": "The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used.", - "title": "JobDefinition", - "type": "string" + "StandardHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.StandardHlsSettings", + "markdownDescription": "The settings for a standard output (an output that is not audio-only).", + "title": "StandardHlsSettings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.HlsWebdavSettings": { + "additionalProperties": false, + "properties": { + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "JobName": { - "markdownDescription": "The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", - "title": "JobName", + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "HttpTransferMode": { + "markdownDescription": "Specifies whether to use chunked transfer encoding to WebDAV.", + "title": "HttpTransferMode", "type": "string" }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "NumRetries": { + "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" }, - "RetryStrategy": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchRetryStrategy", - "markdownDescription": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition.", - "title": "RetryStrategy" + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, - "required": [ - "JobDefinition", - "JobName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters": { + "AWS::MediaLive::Channel.HtmlMotionGraphicsSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.InputAttachment": { "additionalProperties": false, "properties": { - "LogStreamName": { - "markdownDescription": "The name of the log stream.", - "title": "LogStreamName", + "AutomaticInputFailoverSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AutomaticInputFailoverSettings", + "markdownDescription": "Settings to implement automatic input failover in this input.", + "title": "AutomaticInputFailoverSettings" + }, + "InputAttachmentName": { + "markdownDescription": "A name for the attachment. This is required if you want to use this input in an input switch action.", + "title": "InputAttachmentName", "type": "string" }, - "Timestamp": { - "markdownDescription": "A [dynamic path parameter](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) to a field in the payload containing the time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.\n\nThe value cannot be a static timestamp as the provided timestamp would be applied to all events delivered by the Pipe, regardless of when they are actually delivered.\n\nIf no dynamic path parameter is provided, the default value is the time the invocation is processed by the Pipe.", - "title": "Timestamp", + "InputId": { + "markdownDescription": "The ID of the input to attach.", + "title": "InputId", "type": "string" + }, + "InputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputSettings", + "markdownDescription": "Information about the content to extract from the input and about the general handling of the content.", + "title": "InputSettings" + }, + "LogicalInterfaceNames": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "LogicalInterfaceNames", + "type": "array" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetEcsTaskParameters": { + "AWS::MediaLive::Channel.InputChannelLevel": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", - "title": "CapacityProviderStrategy", - "type": "array" + "Gain": { + "markdownDescription": "The remixing value. Units are in dB, and acceptable values are within the range from -60 (mute) to 6 dB.", + "title": "Gain", + "type": "number" }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "EnableECSManagedTags", - "type": "boolean" + "InputChannel": { + "markdownDescription": "The index of the input channel that is used as a source.", + "title": "InputChannel", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.InputLocation": { + "additionalProperties": false, + "properties": { + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This applies only if the downstream system requires credentials.", + "title": "PasswordParam", + "type": "string" }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", - "type": "boolean" + "Uri": { + "markdownDescription": "The URI should be a path to a file that is accessible to the Live system (for example, an http:// URI) depending on the output type. For example, an RTMP destination should have a URI similar to rtmp://fmsserver/live.", + "title": "Uri", + "type": "string" }, - "Group": { - "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", + "Username": { + "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", + "title": "Username", "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.InputLossBehavior": { + "additionalProperties": false, + "properties": { + "BlackFrameMsec": { + "markdownDescription": "On input loss, the number of milliseconds to substitute black into the output before switching to the frame specified by inputLossImageType. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", + "title": "BlackFrameMsec", + "type": "number" }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", + "InputLossImageColor": { + "markdownDescription": "When the input loss image type is \"color,\" this field specifies the color to use. Value: 6 hex characters that represent the values of RGB.", + "title": "InputLossImageColor", "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.NetworkConfiguration", - "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", - "title": "NetworkConfiguration" + "InputLossImageSlate": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "When the input loss image type is \"slate,\" these fields specify the parameters for accessing the slate.", + "title": "InputLossImageSlate" }, - "Overrides": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsTaskOverride", - "markdownDescription": "The overrides that are associated with a task.", - "title": "Overrides" + "InputLossImageType": { + "markdownDescription": "Indicates whether to substitute a solid color or a slate into the output after the input loss exceeds blackFrameMsec.", + "title": "InputLossImageType", + "type": "string" }, - "PlacementConstraints": { + "RepeatFrameMsec": { + "markdownDescription": "On input loss, the number of milliseconds to repeat the previous picture before substituting black into the output. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", + "title": "RepeatFrameMsec", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.InputLossFailoverSettings": { + "additionalProperties": false, + "properties": { + "InputLossThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that no input is detected. After that time, an input failover will occur.", + "title": "InputLossThresholdMsec", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.InputSettings": { + "additionalProperties": false, + "properties": { + "AudioSelectors": { "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementConstraint" + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelector" }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", + "markdownDescription": "Information about the specific audio to extract from the input.\n\nThe parent of this entity is InputSettings.", + "title": "AudioSelectors", "type": "array" }, - "PlacementStrategy": { + "CaptionSelectors": { "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementStrategy" + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelector" }, - "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", - "title": "PlacementStrategy", + "markdownDescription": "Information about the specific captions to extract from the input.", + "title": "CaptionSelectors", "type": "array" }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", + "DeblockFilter": { + "markdownDescription": "Enables or disables the deblock filter when filtering.", + "title": "DeblockFilter", "type": "string" }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action.", - "title": "PropagateTags", + "DenoiseFilter": { + "markdownDescription": "Enables or disables the denoise filter when filtering.", + "title": "DenoiseFilter", "type": "string" }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", + "FilterStrength": { + "markdownDescription": "Adjusts the magnitude of filtering from 1 (minimal) to 5 (strongest).", + "title": "FilterStrength", + "type": "number" + }, + "InputFilter": { + "markdownDescription": "Turns on the filter for this input. MPEG-2 inputs have the deblocking filter enabled by default. 1) auto - filtering is applied depending on input type/quality 2) disabled - no filtering is applied to the input 3) forced - filtering is applied regardless of the input type.", + "title": "InputFilter", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", - "title": "Tags", - "type": "array" + "NetworkInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NetworkInputSettings", + "markdownDescription": "Information about how to connect to the upstream system.", + "title": "NetworkInputSettings" }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", - "title": "TaskCount", + "Scte35Pid": { + "markdownDescription": "", + "title": "Scte35Pid", "type": "number" }, - "TaskDefinitionArn": { - "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", + "Smpte2038DataPreference": { + "markdownDescription": "Specifies whether to extract applicable ancillary data from a SMPTE-2038 source in this input. Applicable data types are captions, timecode, AFD, and SCTE-104 messages.\n- PREFER: Extract from SMPTE-2038 if present in this input, otherwise extract from another source (if any).\n- IGNORE: Never extract any ancillary data from SMPTE-2038.", + "title": "Smpte2038DataPreference", + "type": "string" + }, + "SourceEndBehavior": { + "markdownDescription": "The loop input if it is a file.", + "title": "SourceEndBehavior", "type": "string" + }, + "VideoSelector": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelector", + "markdownDescription": "Information about one video to extract from the input.", + "title": "VideoSelector" } }, - "required": [ - "TaskDefinitionArn" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters": { + "AWS::MediaLive::Channel.InputSpecification": { "additionalProperties": false, "properties": { - "DetailType": { - "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", - "title": "DetailType", - "type": "string" - }, - "EndpointId": { - "markdownDescription": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` .", - "title": "EndpointId", + "Codec": { + "markdownDescription": "The codec to include in the input specification for this channel.", + "title": "Codec", "type": "string" }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present.", - "title": "Resources", - "type": "array" - }, - "Source": { - "markdownDescription": "The source of the event.", - "title": "Source", + "MaximumBitrate": { + "markdownDescription": "The maximum input bitrate for any input attached to this channel.", + "title": "MaximumBitrate", "type": "string" }, - "Time": { - "markdownDescription": "The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used.", - "title": "Time", + "Resolution": { + "markdownDescription": "The resolution for any input attached to this channel.", + "title": "Resolution", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetHttpParameters": { + "AWS::MediaLive::Channel.KeyProviderSettings": { "additionalProperties": false, "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" - }, - "PathParameterValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", - "type": "array" - }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", - "type": "object" + "StaticKeySettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.StaticKeySettings", + "markdownDescription": "The configuration of static key settings.", + "title": "StaticKeySettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters": { + "AWS::MediaLive::Channel.M2tsSettings": { "additionalProperties": false, "properties": { - "PartitionKey": { - "markdownDescription": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.", - "title": "PartitionKey", + "AbsentInputAudioBehavior": { + "markdownDescription": "When set to drop, the output audio streams are removed from the program if the selected input audio stream is removed from the input. This allows the output audio configuration to dynamically change based on the input configuration. If this is set to encodeSilence, all output audio streams will output encoded silence when not connected to an active input stream.", + "title": "AbsentInputAudioBehavior", "type": "string" - } - }, - "required": [ - "PartitionKey" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters": { - "additionalProperties": false, - "properties": { - "InvocationType": { - "markdownDescription": "Specify whether to invoke the function synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n- `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", - "title": "InvocationType", + }, + "Arib": { + "markdownDescription": "When set to enabled, uses ARIB-compliant field muxing and removes video descriptor.", + "title": "Arib", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetParameters": { - "additionalProperties": false, - "properties": { - "BatchJobParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetBatchJobParameters", - "markdownDescription": "The parameters for using an AWS Batch job as a target.", - "title": "BatchJobParameters" }, - "CloudWatchLogsParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters", - "markdownDescription": "The parameters for using an CloudWatch Logs log stream as a target.", - "title": "CloudWatchLogsParameters" + "AribCaptionsPid": { + "markdownDescription": "The PID for ARIB Captions in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "AribCaptionsPid", + "type": "string" }, - "EcsTaskParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEcsTaskParameters", - "markdownDescription": "The parameters for using an Amazon ECS task as a target.", - "title": "EcsTaskParameters" + "AribCaptionsPidControl": { + "markdownDescription": "If set to auto, The PID number used for ARIB Captions will be auto-selected from unused PIDs. If set to useConfigured, ARIB captions will be on the configured PID number.", + "title": "AribCaptionsPidControl", + "type": "string" }, - "EventBridgeEventBusParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters", - "markdownDescription": "The parameters for using an EventBridge event bus as a target.", - "title": "EventBridgeEventBusParameters" + "AudioBufferModel": { + "markdownDescription": "When set to dvb, uses the DVB buffer model for Dolby Digital audio. When set to atsc, the ATSC model is used.", + "title": "AudioBufferModel", + "type": "string" }, - "HttpParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetHttpParameters", - "markdownDescription": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations.", - "title": "HttpParameters" + "AudioFramesPerPes": { + "markdownDescription": "The number of audio frames to insert for each PES packet.", + "title": "AudioFramesPerPes", + "type": "number" }, - "InputTemplate": { - "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", - "title": "InputTemplate", + "AudioPids": { + "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "AudioPids", "type": "string" }, - "KinesisStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters", - "markdownDescription": "The parameters for using a Kinesis stream as a target.", - "title": "KinesisStreamParameters" + "AudioStreamType": { + "markdownDescription": "When set to atsc, uses stream type = 0x81 for AC3 and stream type = 0x87 for EAC3. When set to dvb, uses stream type = 0x06.", + "title": "AudioStreamType", + "type": "string" }, - "LambdaFunctionParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters", - "markdownDescription": "The parameters for using a Lambda function as a target.", - "title": "LambdaFunctionParameters" + "Bitrate": { + "markdownDescription": "The output bitrate of the transport stream in bits per second. Setting to 0 lets the muxer automatically determine the appropriate bitrate.", + "title": "Bitrate", + "type": "number" }, - "RedshiftDataParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters", - "markdownDescription": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement.", - "title": "RedshiftDataParameters" + "BufferModel": { + "markdownDescription": "If set to multiplex, uses the multiplex buffer model for accurate interleaving. Setting to bufferModel to none can lead to lower latency, but low-memory devices might not be able to play back the stream without interruptions.", + "title": "BufferModel", + "type": "string" }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters", - "markdownDescription": "The parameters for using a SageMaker AI pipeline as a target.", - "title": "SageMakerPipelineParameters" + "CcDescriptor": { + "markdownDescription": "When set to enabled, generates captionServiceDescriptor in PMT.", + "title": "CcDescriptor", + "type": "string" }, - "SqsQueueParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSqsQueueParameters", - "markdownDescription": "The parameters for using a Amazon SQS stream as a target.", - "title": "SqsQueueParameters" + "DvbNitSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbNitSettings", + "markdownDescription": "Inserts a DVB Network Information Table (NIT) at the specified table repetition interval.", + "title": "DvbNitSettings" }, - "StepFunctionStateMachineParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetStateMachineParameters", - "markdownDescription": "The parameters for using a Step Functions state machine as a target.", - "title": "StepFunctionStateMachineParameters" + "DvbSdtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSdtSettings", + "markdownDescription": "Inserts a DVB Service Description Table (SDT) at the specified table repetition interval.", + "title": "DvbSdtSettings" + }, + "DvbSubPids": { + "markdownDescription": "The PID for the input source DVB Subtitle data to this output. Multiple values are accepted, and can be entered in ranges and/or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "DvbSubPids", + "type": "string" + }, + "DvbTdtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbTdtSettings", + "markdownDescription": "Inserts DVB Time and Date Table (TDT) at the specified table repetition interval.", + "title": "DvbTdtSettings" + }, + "DvbTeletextPid": { + "markdownDescription": "The PID for the input source DVB Teletext data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "DvbTeletextPid", + "type": "string" + }, + "Ebif": { + "markdownDescription": "If set to passthrough, passes any EBIF data from the input source to this output.", + "title": "Ebif", + "type": "string" + }, + "EbpAudioInterval": { + "markdownDescription": "When videoAndFixedIntervals is selected, audio EBP markers are added to partitions 3 and 4. The interval between these additional markers is fixed, and is slightly shorter than the video EBP marker interval. This is only available when EBP Cablelabs segmentation markers are selected. Partitions 1 and 2 always follow the video interval.", + "title": "EbpAudioInterval", + "type": "string" + }, + "EbpLookaheadMs": { + "markdownDescription": "When set, enforces that Encoder Boundary Points do not come within the specified time interval of each other by looking ahead at input video. If another EBP is going to come in within the specified time interval, the current EBP is not emitted, and the segment is \"stretched\" to the next marker. The lookahead value does not add latency to the system. The channel must be configured elsewhere to create sufficient latency to make the lookahead accurate.", + "title": "EbpLookaheadMs", + "type": "number" + }, + "EbpPlacement": { + "markdownDescription": "Controls placement of EBP on audio PIDs. If set to videoAndAudioPids, EBP markers are placed on the video PID and all audio PIDs. If set to videoPid, EBP markers are placed on only the video PID.", + "title": "EbpPlacement", + "type": "string" + }, + "EcmPid": { + "markdownDescription": "This field is unused and deprecated.", + "title": "EcmPid", + "type": "string" + }, + "EsRateInPes": { + "markdownDescription": "Includes or excludes the ES Rate field in the PES header.", + "title": "EsRateInPes", + "type": "string" + }, + "EtvPlatformPid": { + "markdownDescription": "The PID for the input source ETV Platform data to this output. You can enter it as a decimal or hexadecimal value. Valid values are 32 (or 0x20) to 8182 (or 0x1ff6).", + "title": "EtvPlatformPid", + "type": "string" + }, + "EtvSignalPid": { + "markdownDescription": "The PID for input source ETV Signal data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "EtvSignalPid", + "type": "string" + }, + "FragmentTime": { + "markdownDescription": "The length in seconds of each fragment. This is used only with EBP markers.", + "title": "FragmentTime", + "type": "number" + }, + "Klv": { + "markdownDescription": "If set to passthrough, passes any KLV data from the input source to this output.", + "title": "Klv", + "type": "string" + }, + "KlvDataPids": { + "markdownDescription": "The PID for the input source KLV data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "KlvDataPids", + "type": "string" + }, + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", + "type": "string" + }, + "NullPacketBitrate": { + "markdownDescription": "The value, in bits per second, of extra null packets to insert into the transport stream. This can be used if a downstream encryption system requires periodic null packets.", + "title": "NullPacketBitrate", + "type": "number" + }, + "PatInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", + "title": "PatInterval", + "type": "number" + }, + "PcrControl": { + "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", + "title": "PcrControl", + "type": "string" + }, + "PcrPeriod": { + "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", + "title": "PcrPeriod", + "type": "number" + }, + "PcrPid": { + "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "PcrPid", + "type": "string" + }, + "PmtInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", + "title": "PmtInterval", + "type": "number" + }, + "PmtPid": { + "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "PmtPid", + "type": "string" + }, + "ProgramNum": { + "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", + "title": "ProgramNum", + "type": "number" + }, + "RateMode": { + "markdownDescription": "When VBR, does not insert null packets into the transport stream to fill the specified bitrate. The bitrate setting acts as the maximum bitrate when VBR is set.", + "title": "RateMode", + "type": "string" + }, + "Scte27Pids": { + "markdownDescription": "The PID for the input source SCTE-27 data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "Scte27Pids", + "type": "string" + }, + "Scte35Control": { + "markdownDescription": "Optionally passes SCTE-35 signals from the input source to this output.", + "title": "Scte35Control", + "type": "string" + }, + "Scte35Pid": { + "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "Scte35Pid", + "type": "string" + }, + "Scte35PrerollPullupMilliseconds": { + "markdownDescription": "", + "title": "Scte35PrerollPullupMilliseconds", + "type": "number" + }, + "SegmentationMarkers": { + "markdownDescription": "Inserts segmentation markers at each segmentationTime period. raiSegstart sets the Random Access Indicator bit in the adaptation field. raiAdapt sets the RAI bit and adds the current timecode in the private data bytes. psiSegstart inserts PAT and PMT tables at the start of segments. ebp adds Encoder Boundary Point information to the adaptation field as per OpenCable specification OC-SP-EBP-I01-130118. ebpLegacy adds Encoder Boundary Point information to the adaptation field using a legacy proprietary format.", + "title": "SegmentationMarkers", + "type": "string" + }, + "SegmentationStyle": { + "markdownDescription": "The segmentation style parameter controls how segmentation markers are inserted into the transport stream. With avails, it is possible that segments might be truncated, which can influence where future segmentation markers are inserted. When a segmentation style of resetCadence is selected and a segment is truncated due to an avail, we will reset the segmentation cadence. This means the subsequent segment will have a duration of $segmentationTime seconds. When a segmentation style of maintainCadence is selected and a segment is truncated due to an avail, we will not reset the segmentation cadence. This means the subsequent segment will likely be truncated as well. However, all segments after that will have a duration of $segmentationTime seconds. Note that EBP lookahead is a slight exception to this rule.", + "title": "SegmentationStyle", + "type": "string" + }, + "SegmentationTime": { + "markdownDescription": "The length, in seconds, of each segment. This is required unless markers is set to None_.", + "title": "SegmentationTime", + "type": "number" + }, + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", + "type": "string" + }, + "TimedMetadataPid": { + "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "TimedMetadataPid", + "type": "string" + }, + "TransportStreamId": { + "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", + "title": "TransportStreamId", + "type": "number" + }, + "VideoPid": { + "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "VideoPid", + "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters": { + "AWS::MediaLive::Channel.M3u8Settings": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", - "title": "Database", + "AudioFramesPerPes": { + "markdownDescription": "The number of audio frames to insert for each PES packet.", + "title": "AudioFramesPerPes", + "type": "number" + }, + "AudioPids": { + "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value.", + "title": "AudioPids", "type": "string" }, - "DbUser": { - "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", - "title": "DbUser", + "EcmPid": { + "markdownDescription": "This parameter is unused and deprecated.", + "title": "EcmPid", "type": "string" }, - "SecretManagerArn": { - "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using Secrets Manager.", - "title": "SecretManagerArn", + "KlvBehavior": { + "markdownDescription": "", + "title": "KlvBehavior", "type": "string" }, - "Sqls": { - "items": { - "type": "string" - }, - "markdownDescription": "The SQL statement text to run.", - "title": "Sqls", - "type": "array" + "KlvDataPids": { + "markdownDescription": "", + "title": "KlvDataPids", + "type": "string" }, - "StatementName": { - "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", - "title": "StatementName", + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", "type": "string" }, - "WithEvent": { - "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", - "title": "WithEvent", - "type": "boolean" + "PatInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", + "title": "PatInterval", + "type": "number" + }, + "PcrControl": { + "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", + "title": "PcrControl", + "type": "string" + }, + "PcrPeriod": { + "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", + "title": "PcrPeriod", + "type": "number" + }, + "PcrPid": { + "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value.", + "title": "PcrPid", + "type": "string" + }, + "PmtInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", + "title": "PmtInterval", + "type": "number" + }, + "PmtPid": { + "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "PmtPid", + "type": "string" + }, + "ProgramNum": { + "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", + "title": "ProgramNum", + "type": "number" + }, + "Scte35Behavior": { + "markdownDescription": "If set to passthrough, passes any SCTE-35 signals from the input source to this output.", + "title": "Scte35Behavior", + "type": "string" + }, + "Scte35Pid": { + "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "Scte35Pid", + "type": "string" + }, + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", + "type": "string" + }, + "TimedMetadataPid": { + "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "TimedMetadataPid", + "type": "string" + }, + "TransportStreamId": { + "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", + "title": "TransportStreamId", + "type": "number" + }, + "VideoPid": { + "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "VideoPid", + "type": "string" } }, - "required": [ - "Database", - "Sqls" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters": { + "AWS::MediaLive::Channel.MaintenanceCreateSettings": { "additionalProperties": false, "properties": { - "PipelineParameterList": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SageMakerPipelineParameter" - }, - "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", - "title": "PipelineParameterList", - "type": "array" + "MaintenanceDay": { + "markdownDescription": "Choose one day of the week for maintenance. The chosen day is used for all future maintenance windows.", + "title": "MaintenanceDay", + "type": "string" + }, + "MaintenanceStartTime": { + "markdownDescription": "Choose the hour that maintenance will start. The chosen time is used for all future maintenance windows.", + "title": "MaintenanceStartTime", + "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetSqsQueueParameters": { + "AWS::MediaLive::Channel.MaintenanceUpdateSettings": { "additionalProperties": false, "properties": { - "MessageDeduplicationId": { - "markdownDescription": "This parameter applies only to FIFO (first-in-first-out) queues.\n\nThe token used for deduplication of sent messages.", - "title": "MessageDeduplicationId", + "MaintenanceDay": { "type": "string" }, - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", + "MaintenanceScheduledDate": { + "type": "string" + }, + "MaintenanceStartTime": { "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetStateMachineParameters": { + "AWS::MediaLive::Channel.MediaPackageGroupSettings": { "additionalProperties": false, "properties": { - "InvocationType": { - "markdownDescription": "Specify whether to invoke the Step Functions state machine synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* .\n\n> `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows.\n- `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* .\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", - "title": "InvocationType", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The MediaPackage channel destination.", + "title": "Destination" + }, + "MediapackageV2GroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageV2GroupSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PlacementConstraint": { + "AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "Expression", + "ChannelGroup": { + "markdownDescription": "", + "title": "ChannelGroup", "type": "string" }, - "Type": { - "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", - "title": "Type", + "ChannelId": { + "markdownDescription": "The ID of the channel in MediaPackage that is the destination for this output group. You don't need to specify the individual inputs in MediaPackage; MediaLive handles the connection of the two MediaLive pipelines to the two MediaPackage inputs. The MediaPackage channel and MediaLive channel must be in the same Region.", + "title": "ChannelId", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "", + "title": "ChannelName", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PlacementStrategy": { + "AWS::MediaLive::Channel.MediaPackageOutputSettings": { "additionalProperties": false, "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", - "title": "Field", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", - "title": "Type", - "type": "string" + "MediaPackageV2DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageV2DestinationSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.S3LogDestination": { + "AWS::MediaLive::Channel.MediaPackageV2DestinationSettings": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", - "title": "BucketName", + "AudioGroupId": { "type": "string" }, - "BucketOwner": { - "markdownDescription": "The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", - "title": "BucketOwner", + "AudioRenditionSets": { "type": "string" }, - "OutputFormat": { - "markdownDescription": "The format EventBridge uses for the log records.\n\nEventBridge currently only supports `json` formatting.", - "title": "OutputFormat", + "HlsAutoSelect": { "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix text with which to begin Amazon S3 log object names.\n\nFor more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "Prefix", + "HlsDefault": { "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.SageMakerPipelineParameter": { + "AWS::MediaLive::Channel.MediaPackageV2GroupSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Value", - "type": "string" + "CaptionLanguageMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" + }, + "type": "array" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials": { + "AWS::MediaLive::Channel.MotionGraphicsConfiguration": { "additionalProperties": false, "properties": { - "BasicAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "BasicAuth", + "MotionGraphicsInsertion": { + "markdownDescription": "Enables or disables the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsInsertion", "type": "string" }, - "ClientCertificateTlsAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "ClientCertificateTlsAuth", - "type": "string" + "MotionGraphicsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsSettings", + "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsSettings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.MotionGraphicsSettings": { + "additionalProperties": false, + "properties": { + "HtmlMotionGraphicsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HtmlMotionGraphicsSettings", + "markdownDescription": "Settings to configure the motion graphics overlay to use an HTML asset.", + "title": "HtmlMotionGraphicsSettings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.Mp2Settings": { + "additionalProperties": false, + "properties": { + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second.", + "title": "Bitrate", + "type": "number" }, - "SaslScram256Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram256Auth", + "CodingMode": { + "markdownDescription": "The MPEG2 Audio coding mode. Valid values are codingMode10 (for mono) or codingMode20 (for stereo).", + "title": "CodingMode", "type": "string" }, - "SaslScram512Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram512Auth", - "type": "string" + "SampleRate": { + "markdownDescription": "The sample rate in Hz.", + "title": "SampleRate", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc": { + "AWS::MediaLive::Channel.Mpeg2FilterSettings": { "additionalProperties": false, "properties": { - "SecurityGroup": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the stream. These security groups must all be in the same VPC. You can specify as many as five security groups.", - "title": "SecurityGroup", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the stream. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, "type": "object" }, - "AWS::Proton::EnvironmentAccountConnection": { + "AWS::MediaLive::Channel.Mpeg2Settings": { "additionalProperties": false, "properties": { - "Condition": { + "AdaptiveQuantization": { + "markdownDescription": "Choose Off to disable adaptive quantization. Or choose another value to enable the quantizer and set its strength. The strengths are: Auto, Off, Low, Medium, High. When you enable this field, MediaLive allows intra-frame quantizers to vary, which might improve visual quality.", + "title": "AdaptiveQuantization", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AfdSignaling": { + "markdownDescription": "Indicates the AFD values that MediaLive will write into the video encode. If you do not know what AFD signaling is, or if your downstream system has not given you guidance, choose AUTO.\nAUTO: MediaLive will try to preserve the input AFD value (in cases where multiple AFD values are valid).\nFIXED: MediaLive will use the value you specify in fixedAFD.", + "title": "AfdSignaling", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColorMetadata": { + "markdownDescription": "Specifies whether to include the color space metadata. The metadata describes the color space that applies to the video (the colorSpace field). We recommend that you insert the metadata.", + "title": "ColorMetadata", + "type": "string" }, - "Metadata": { - "type": "object" + "ColorSpace": { + "markdownDescription": "Choose the type of color space conversion to apply to the output. For detailed information on setting up both the input and the output to obtain the desired color space in the output, see the section on \\\"MediaLive Features - Video - color space\\\" in the MediaLive User Guide.\nPASSTHROUGH: Keep the color space of the input content - do not convert it.\nAUTO:Convert all content that is SD to rec 601, and convert all content that is HD to rec 709.", + "title": "ColorSpace", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CodebuildRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account.", - "title": "CodebuildRoleArn", - "type": "string" - }, - "ComponentRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account.\n\nThe environment account connection must have a `componentRoleArn` to allow directly defined components to be associated with any environments running in the account.\n\nFor more information about components, see [AWS Proton components](https://docs.aws.amazon.com/proton/latest/userguide/ag-components.html) in the *AWS Proton User Guide* .", - "title": "ComponentRoleArn", - "type": "string" - }, - "EnvironmentAccountId": { - "markdownDescription": "The environment account that's connected to the environment account connection.", - "title": "EnvironmentAccountId", - "type": "string" - }, - "EnvironmentName": { - "markdownDescription": "The name of the environment that's associated with the environment account connection.", - "title": "EnvironmentName", - "type": "string" - }, - "ManagementAccountId": { - "markdownDescription": "The ID of the management account that's connected to the environment account connection.", - "title": "ManagementAccountId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM service role that's associated with the environment account connection.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment account connection. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "DisplayAspectRatio": { + "markdownDescription": "Sets the pixel aspect ratio for the encode.", + "title": "DisplayAspectRatio", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Proton::EnvironmentAccountConnection" - ], + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2FilterSettings", + "markdownDescription": "Optionally specify a noise reduction filter, which can improve quality of compressed content. If you do not choose a filter, no filter will be applied.\nTEMPORAL: This filter is useful for both source content that is noisy (when it has excessive digital artifacts) and source content that is clean.\nWhen the content is noisy, the filter cleans up the source content before the encoding phase, with these two effects: First, it improves the output video quality because the content has been cleaned up. Secondly, it decreases the bandwidth because MediaLive does not waste bits on encoding noise.\nWhen the content is reasonably clean, the filter tends to decrease the bitrate.", + "title": "FilterSettings" + }, + "FixedAfd": { + "markdownDescription": "Complete this field only when afdSignaling is set to FIXED. Enter the AFD value (4 bits) to write on all frames of the video encode.", + "title": "FixedAfd", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FramerateDenominator": { + "markdownDescription": "description\": \"The framerate denominator. For example, 1001. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", + "title": "FramerateDenominator", + "type": "number" + }, + "FramerateNumerator": { + "markdownDescription": "The framerate numerator. For example, 24000. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopClosedCadence": { + "markdownDescription": "MPEG2: default is open GOP.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopNumBFrames": { + "markdownDescription": "Relates to the GOP structure. The number of B-frames between reference frames. If you do not know what a B-frame is, use the default.", + "title": "GopNumBFrames", + "type": "number" + }, + "GopSize": { + "markdownDescription": "Relates to the GOP structure. The GOP size (keyframe interval) in the units specified in gopSizeUnits. If you do not know what GOP is, use the default.\nIf gopSizeUnits is frames, then the gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, the gopSize must be greater than 0, but does not need to be an integer.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Relates to the GOP structure. Specifies whether the gopSize is specified in frames or seconds. If you do not plan to change the default gopSize, leave the default. If you specify SECONDS, MediaLive will internally convert the gop size to a frame count.", + "title": "GopSizeUnits", + "type": "string" + }, + "ScanType": { + "markdownDescription": "Set the scan type of the output to PROGRESSIVE or INTERLACED (top field first).", + "title": "ScanType", + "type": "string" + }, + "SubgopLength": { + "markdownDescription": "Relates to the GOP structure. If you do not know what GOP is, use the default.\nFIXED: Set the number of B-frames in each sub-GOP to the value in gopNumBFrames.\nDYNAMIC: Let MediaLive optimize the number of B-frames in each sub-GOP, to improve visual quality.", + "title": "SubgopLength", + "type": "string" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" + }, + "TimecodeInsertion": { + "markdownDescription": "Determines how MediaLive inserts timecodes in the output video. For detailed information about setting up the input and the output for a timecode, see the section on \\\"MediaLive Features - Timecode configuration\\\" in the MediaLive User Guide.\nDISABLED: do not include timecodes.\nGOP_TIMECODE: Include timecode metadata in the GOP header.", + "title": "TimecodeInsertion", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Proton::EnvironmentTemplate": { + "AWS::MediaLive::Channel.MsSmoothGroupSettings": { "additionalProperties": false, "properties": { - "Condition": { + "AcquisitionPointId": { + "markdownDescription": "The value of the Acquisition Point Identity element that is used in each message placed in the sparse track. Enabled only if sparseTrackType is not \"none.\"", + "title": "AcquisitionPointId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AudioOnlyTimecodeControl": { + "markdownDescription": "If set to passthrough for an audio-only Microsoft Smooth output, the fragment absolute time is set to the current timecode. This option does not write timecodes to the audio elementary stream.", + "title": "AudioOnlyTimecodeControl", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "CertificateMode": { + "markdownDescription": "If set to verifyAuthenticity, verifies the HTTPS certificate chain to a trusted certificate authority (CA). This causes HTTPS outputs to self-signed certificates to fail.", + "title": "CertificateMode", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the environment template.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The name of the environment template as displayed in the developer interface.", - "title": "DisplayName", - "type": "string" - }, - "EncryptionKey": { - "markdownDescription": "The customer provided encryption key for the environment template.", - "title": "EncryptionKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment template.", - "title": "Name", - "type": "string" - }, - "Provisioning": { - "markdownDescription": "When included, indicates that the environment template is for customer provisioned and managed infrastructure.", - "title": "Provisioning", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment template. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying the connection to the IIS server if the connection is lost. Content is cached during this time, and the cache is delivered to the IIS server after the connection is re-established.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Proton::EnvironmentTemplate" - ], + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The Smooth Streaming publish point on an IIS server. MediaLive acts as a \"Push\" encoder to IIS.", + "title": "Destination" + }, + "EventId": { + "markdownDescription": "The Microsoft Smooth channel ID that is sent to the IIS server. Specify the ID only if eventIdMode is set to useConfigured.", + "title": "EventId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EventIdMode": { + "markdownDescription": "Specifies whether to send a channel ID to the IIS server. If no channel ID is sent and the same channel is used without changing the publishing point, clients might see cached video from the previous run. Options: - \"useConfigured\" - use the value provided in eventId - \"useTimestamp\" - generate and send a channel ID based on the current timestamp - \"noEventId\" - do not send a channel ID to the IIS server.", + "title": "EventIdMode", "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Proton::ServiceTemplate": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "EventStopBehavior": { + "markdownDescription": "When set to sendEos, sends an EOS signal to an IIS server when stopping the channel.", + "title": "EventStopBehavior", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "FragmentLength": { + "markdownDescription": "The length, in seconds, of mp4 fragments to generate. The fragment length must be compatible with GOP size and frame rate.", + "title": "FragmentLength", + "type": "number" + }, + "InputLossAction": { + "markdownDescription": "A parameter that controls output group behavior on an input loss.", + "title": "InputLossAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NumRetries": { + "markdownDescription": "The number of retry attempts.", + "title": "NumRetries", + "type": "number" }, - "Metadata": { - "type": "object" + "RestartDelay": { + "markdownDescription": "The number of seconds before initiating a restart due to output failure, due to exhausting the numRetries on one segment, or exceeding filecacheDuration.", + "title": "RestartDelay", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the service template.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The service template name as displayed in the developer interface.", - "title": "DisplayName", - "type": "string" - }, - "EncryptionKey": { - "markdownDescription": "The customer provided service template encryption key that's used to encrypt data.", - "title": "EncryptionKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the service template.", - "title": "Name", - "type": "string" - }, - "PipelineProvisioning": { - "markdownDescription": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template.", - "title": "PipelineProvisioning", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An object that includes the template bundle S3 bucket path and name for the new version of a service template.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "SegmentationMode": { + "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", + "title": "SegmentationMode", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Proton::ServiceTemplate" - ], + "SendDelayMs": { + "markdownDescription": "The number of milliseconds to delay the output from the second pipeline.", + "title": "SendDelayMs", + "type": "number" + }, + "SparseTrackType": { + "markdownDescription": "If set to scte35, uses incoming SCTE-35 messages to generate a sparse track in this group of Microsoft Smooth outputs.", + "title": "SparseTrackType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamManifestBehavior": { + "markdownDescription": "When set to send, sends a stream manifest so that the publishing point doesn't start until all streams start.", + "title": "StreamManifestBehavior", + "type": "string" + }, + "TimestampOffset": { + "markdownDescription": "The timestamp offset for the channel. Used only if timestampOffsetMode is set to useConfiguredOffset.", + "title": "TimestampOffset", + "type": "string" + }, + "TimestampOffsetMode": { + "markdownDescription": "The type of timestamp date offset to use. - useEventStartDate: Use the date the channel was started as the offset - useConfiguredOffset: Use an explicitly configured date as the offset.", + "title": "TimestampOffsetMode", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::QLDB::Ledger": { + "AWS::MediaLive::Channel.MsSmoothOutputSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "H265PackagingType": { + "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", + "title": "H265PackagingType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeletionProtection": { - "markdownDescription": "Specifies whether the ledger is protected from being deleted by any user. If not defined during ledger creation, this feature is enabled ( `true` ) by default.\n\nIf deletion protection is enabled, you must first disable it before you can delete the ledger. You can disable it by calling the `UpdateLedger` operation to set this parameter to `false` .", - "title": "DeletionProtection", - "type": "boolean" - }, - "KmsKey": { - "markdownDescription": "The key in AWS Key Management Service ( AWS KMS ) to use for encryption of data at rest in the ledger. For more information, see [Encryption at rest](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html) in the *Amazon QLDB Developer Guide* .\n\nUse one of the following options to specify this parameter:\n\n- `AWS_OWNED_KMS_KEY` : Use an AWS KMS key that is owned and managed by AWS on your behalf.\n- *Undefined* : By default, use an AWS owned KMS key.\n- *A valid symmetric customer managed KMS key* : Use the specified symmetric encryption KMS key in your account that you create, own, and manage.\n\nAmazon QLDB does not support asymmetric keys. For more information, see [Using symmetric and asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .\n\nTo specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with `\"alias/\"` . To specify a key in a different AWS account , you must use the key ARN or alias ARN.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`\n\nFor more information, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the ledger that you want to create. The name must be unique among all of the ledgers in your AWS account in the current Region.\n\nNaming constraints for ledger names are defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", - "title": "Name", - "type": "string" - }, - "PermissionsMode": { - "markdownDescription": "The permissions mode to assign to the ledger that you want to create. This parameter can have one of the following values:\n\n- `ALLOW_ALL` : A legacy permissions mode that enables access control with API-level granularity for ledgers.\n\nThis mode allows users who have the `SendCommand` API permission for this ledger to run all PartiQL commands (hence, `ALLOW_ALL` ) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.\n- `STANDARD` : ( *Recommended* ) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.\n\nBy default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the `SendCommand` API permission for the ledger. For information, see [Getting started with the standard permissions mode](https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html) in the *Amazon QLDB Developer Guide* .\n\n> We strongly recommend using the `STANDARD` permissions mode to maximize the security of your ledger data.", - "title": "PermissionsMode", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "PermissionsMode" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::QLDB::Ledger" - ], + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. This is required for multiple outputs of the same type.", + "title": "NameModifier", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.MulticastInputSettings": { + "additionalProperties": false, + "properties": { + "SourceIpAddress": { + "markdownDescription": "", + "title": "SourceIpAddress", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::QLDB::Stream": { + "AWS::MediaLive::Channel.MultiplexContainerSettings": { "additionalProperties": false, "properties": { - "Condition": { + "MultiplexM2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexM2tsSettings", + "markdownDescription": "", + "title": "MultiplexM2tsSettings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.MultiplexGroupSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.MultiplexM2tsSettings": { + "additionalProperties": false, + "properties": { + "AbsentInputAudioBehavior": { + "markdownDescription": "", + "title": "AbsentInputAudioBehavior", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Arib": { + "markdownDescription": "", + "title": "Arib", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AudioBufferModel": { + "markdownDescription": "", + "title": "AudioBufferModel", + "type": "string" }, - "Metadata": { - "type": "object" + "AudioFramesPerPes": { + "markdownDescription": "", + "title": "AudioFramesPerPes", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExclusiveEndTime": { - "markdownDescription": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .", - "title": "ExclusiveEndTime", - "type": "string" - }, - "InclusiveStartTime": { - "markdownDescription": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` .", - "title": "InclusiveStartTime", - "type": "string" - }, - "KinesisConfiguration": { - "$ref": "#/definitions/AWS::QLDB::Stream.KinesisConfiguration", - "markdownDescription": "The configuration settings of the Kinesis Data Streams destination for your stream request.", - "title": "KinesisConfiguration" - }, - "LedgerName": { - "markdownDescription": "The name of the ledger.", - "title": "LedgerName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests.", - "title": "RoleArn", - "type": "string" - }, - "StreamName": { - "markdownDescription": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", - "title": "StreamName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "InclusiveStartTime", - "KinesisConfiguration", - "LedgerName", - "RoleArn", - "StreamName" - ], - "type": "object" + "AudioStreamType": { + "markdownDescription": "", + "title": "AudioStreamType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::QLDB::Stream" - ], + "CcDescriptor": { + "markdownDescription": "", + "title": "CcDescriptor", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Ebif": { + "markdownDescription": "", + "title": "Ebif", + "type": "string" + }, + "EsRateInPes": { + "markdownDescription": "", + "title": "EsRateInPes", + "type": "string" + }, + "Klv": { + "markdownDescription": "", + "title": "Klv", + "type": "string" + }, + "NielsenId3Behavior": { + "markdownDescription": "", + "title": "NielsenId3Behavior", + "type": "string" + }, + "PcrControl": { + "markdownDescription": "", + "title": "PcrControl", + "type": "string" + }, + "PcrPeriod": { + "markdownDescription": "", + "title": "PcrPeriod", + "type": "number" + }, + "Scte35Control": { + "markdownDescription": "", + "title": "Scte35Control", "type": "string" + }, + "Scte35PrerollPullupMilliseconds": { + "markdownDescription": "", + "title": "Scte35PrerollPullupMilliseconds", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::QLDB::Stream.KinesisConfiguration": { + "AWS::MediaLive::Channel.MultiplexOutputSettings": { "additionalProperties": false, "properties": { - "AggregationEnabled": { - "markdownDescription": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call.\n\nDefault: `True`\n\n> Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* .", - "title": "AggregationEnabled", - "type": "boolean" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexContainerSettings", + "markdownDescription": "", + "title": "ContainerSettings" }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.", - "title": "StreamArn", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "Destination is a Multiplex.", + "title": "Destination" } }, "type": "object" }, - "AWS::QuickSight::Analysis": { + "AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings": { "additionalProperties": false, "properties": { - "Condition": { + "MultiplexId": { + "markdownDescription": "The ID of the Multiplex that the encoder is providing output to. You do not need to specify the individual inputs to the Multiplex; MediaLive will handle the connection of the two MediaLive pipelines to the two Multiplex instances.\nThe Multiplex must be in the same region as the Channel.", + "title": "MultiplexId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ProgramName": { + "markdownDescription": "The program name of the Multiplex program that the encoder is providing output to.", + "title": "ProgramName", "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.NetworkInputSettings": { + "additionalProperties": false, + "properties": { + "HlsInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsInputSettings", + "markdownDescription": "Information about how to connect to the upstream system.", + "title": "HlsInputSettings" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "MulticastInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MulticastInputSettings", + "markdownDescription": "", + "title": "MulticastInputSettings" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnalysisId": { - "markdownDescription": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", - "title": "AnalysisId", - "type": "string" - }, - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you are creating an analysis.", - "title": "AwsAccountId", - "type": "string" - }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefinition", - "markdownDescription": "", - "title": "Definition" - }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisError" - }, - "markdownDescription": "Errors associated with the analysis.", - "title": "Errors", - "type": "array" - }, - "Name": { - "markdownDescription": "A descriptive name for the analysis that you're creating. This name displays for the analysis in the Amazon QuickSight console.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Parameters", - "markdownDescription": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values.", - "title": "Parameters" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ResourcePermission" - }, - "markdownDescription": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` .", - "title": "Permissions", - "type": "array" - }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Sheet" - }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", - "type": "array" - }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceEntity", - "markdownDescription": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", - "title": "SourceEntity" - }, - "Status": { - "markdownDescription": "Status associated with the analysis.", - "title": "Status", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis.", - "title": "Tags", - "type": "array" - }, - "ThemeArn": { - "markdownDescription": "The ARN for the theme to apply to the analysis that you're creating. To see the theme in the Amazon QuickSight console, make sure that you have access to it.", - "title": "ThemeArn", - "type": "string" - }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" - } - }, - "required": [ - "AnalysisId", - "AwsAccountId", - "Name" - ], - "type": "object" + "ServerValidation": { + "markdownDescription": "Checks HTTPS server certificates. When set to checkCryptographyOnly, cryptography in the certificate is checked, but not the server's name. Certain subdomains (notably S3 buckets that use dots in the bucket name) don't strictly match the corresponding certificate's wildcard pattern and would otherwise cause the channel to error. This setting is ignored for protocols that do not use HTTPS.", + "title": "ServerValidation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.NielsenCBET": { + "additionalProperties": false, + "properties": { + "CbetCheckDigitString": { + "markdownDescription": "Enter the CBET check digits to use in the watermark.", + "title": "CbetCheckDigitString", + "type": "string" }, - "Type": { - "enum": [ - "AWS::QuickSight::Analysis" - ], + "CbetStepaside": { + "markdownDescription": "Determines the method of CBET insertion mode when prior encoding is detected on the same layer.", + "title": "CbetStepaside", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Csid": { + "markdownDescription": "Enter the CBET Source ID (CSID) to use in the watermark", + "title": "Csid", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AggregationFunction": { + "AWS::MediaLive::Channel.NielsenConfiguration": { "additionalProperties": false, "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" - }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", + "DistributorId": { + "markdownDescription": "Enter the Distributor ID assigned to your organization by Nielsen.", + "title": "DistributorId", "type": "string" }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", + "NielsenPcmToId3Tagging": { + "markdownDescription": "Enables Nielsen PCM to ID3 tagging", + "title": "NielsenPcmToId3Tagging", "type": "string" - }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AggregationSortConfiguration": { + "AWS::MediaLive::Channel.NielsenNaesIiNw": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" + "CheckDigitString": { + "markdownDescription": "Enter the check digit string for the watermark", + "title": "CheckDigitString", + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" + "Sid": { + "markdownDescription": "Enter the Nielsen Source ID (SID) to include in the watermark", + "title": "Sid", + "type": "number" }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", + "Timezone": { + "markdownDescription": "", + "title": "Timezone", "type": "string" } }, - "required": [ - "Column", - "SortDirection" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisDefaults": { + "AWS::MediaLive::Channel.NielsenWatermarksSettings": { "additionalProperties": false, "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" + "NielsenCbetSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenCBET", + "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen CBET", + "title": "NielsenCbetSettings" + }, + "NielsenDistributionType": { + "markdownDescription": "Choose the distribution types that you want to assign to the watermarks:\n- PROGRAM_CONTENT\n- FINAL_DISTRIBUTOR", + "title": "NielsenDistributionType", + "type": "string" + }, + "NielsenNaesIiNwSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenNaesIiNw", + "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen NAES II (N2) and Nielsen NAES VI (NW).", + "title": "NielsenNaesIiNwSettings" } }, - "required": [ - "DefaultNewSheetConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisDefinition": { + "AWS::MediaLive::Channel.Output": { "additionalProperties": false, "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefaults", - "markdownDescription": "", - "title": "AnalysisDefaults" - }, - "CalculatedFields": { + "AudioDescriptionNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedField" + "type": "string" }, - "markdownDescription": "An array of calculated field definitions for the analysis.", - "title": "CalculatedFields", + "markdownDescription": "The names of the audio descriptions that are used as audio sources for this output.", + "title": "AudioDescriptionNames", "type": "array" }, - "ColumnConfigurations": { + "CaptionDescriptionNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnConfiguration" + "type": "string" }, - "markdownDescription": "An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis.", - "title": "ColumnConfigurations", + "markdownDescription": "The names of the caption descriptions that are used as captions sources for this output.", + "title": "CaptionDescriptionNames", "type": "array" }, - "DataSetIdentifierDeclarations": { + "OutputName": { + "markdownDescription": "The name that is used to identify an output.", + "title": "OutputName", + "type": "string" + }, + "OutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputSettings", + "markdownDescription": "The output type-specific settings.", + "title": "OutputSettings" + }, + "VideoDescriptionName": { + "markdownDescription": "The name of the VideoDescription that is used as the source for this output.", + "title": "VideoDescriptionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.OutputDestination": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID for this destination.", + "title": "Id", + "type": "string" + }, + "LogicalInterfaceNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetIdentifierDeclaration" + "type": "string" }, - "markdownDescription": "An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures.", - "title": "DataSetIdentifierDeclarations", + "markdownDescription": "", + "title": "LogicalInterfaceNames", "type": "array" }, - "FilterGroups": { + "MediaPackageSettings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterGroup" + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings" }, - "markdownDescription": "Filter definitions for an analysis.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", + "markdownDescription": "The destination settings for a MediaPackage output.", + "title": "MediaPackageSettings", "type": "array" }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AssetOptions", - "markdownDescription": "An array of option definitions for an analysis.", - "title": "Options" + "MultiplexSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings", + "markdownDescription": "Destination settings for a Multiplex output; one destination for both encoders.", + "title": "MultiplexSettings" }, - "ParameterDeclarations": { + "Settings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDeclaration" + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestinationSettings" }, - "markdownDescription": "An array of parameter declarations for an analysis.\n\nParameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", + "markdownDescription": "The destination settings for an output.", + "title": "Settings", "type": "array" }, - "Sheets": { + "SrtSettings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetDefinition" + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtOutputDestinationSettings" }, - "markdownDescription": "An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis.", - "title": "Sheets", + "markdownDescription": "", + "title": "SrtSettings", "type": "array" } }, - "required": [ - "DataSetIdentifierDeclarations" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisError": { + "AWS::MediaLive::Channel.OutputDestinationSettings": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "The message associated with the analysis error.", - "title": "Message", + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This password parameter applies only if the downstream system requires credentials.", + "title": "PasswordParam", "type": "string" }, - "Type": { - "markdownDescription": "The type of the analysis error.", - "title": "Type", + "StreamName": { + "markdownDescription": "The stream name for the content. This applies only to RTMP outputs.", + "title": "StreamName", "type": "string" }, - "ViolatedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Entity" - }, - "markdownDescription": "Lists the violated entities that caused the analysis error", - "title": "ViolatedEntities", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AnalysisSourceEntity": { - "additionalProperties": false, - "properties": { - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceTemplate", - "markdownDescription": "The source template for the source entity of the analysis.", - "title": "SourceTemplate" + "Url": { + "markdownDescription": "The URL for the destination.", + "title": "Url", + "type": "string" + }, + "Username": { + "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", + "title": "Username", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisSourceTemplate": { + "AWS::MediaLive::Channel.OutputGroup": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source template of an analysis.", - "title": "Arn", + "Name": { + "markdownDescription": "A custom output group name that you can optionally define. Only letters, numbers, and the underscore character are allowed. The maximum length is 32 characters.", + "title": "Name", "type": "string" }, - "DataSetReferences": { + "OutputGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroupSettings", + "markdownDescription": "The settings associated with the output group.", + "title": "OutputGroupSettings" + }, + "Outputs": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetReference" + "$ref": "#/definitions/AWS::MediaLive::Channel.Output" }, - "markdownDescription": "The dataset references of the source template of an analysis.", - "title": "DataSetReferences", + "markdownDescription": "The settings for the outputs in the output group.", + "title": "Outputs", "type": "array" } }, - "required": [ - "Arn", - "DataSetReferences" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnchorDateConfiguration": { + "AWS::MediaLive::Channel.OutputGroupSettings": { "additionalProperties": false, "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", - "type": "string" + "ArchiveGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveGroupSettings", + "markdownDescription": "The configuration of an archive output group.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "ArchiveGroupSettings" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", - "type": "string" + "CmafIngestGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestGroupSettings", + "markdownDescription": "", + "title": "CmafIngestGroupSettings" + }, + "FrameCaptureGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureGroupSettings", + "markdownDescription": "The configuration of a frame capture output group.", + "title": "FrameCaptureGroupSettings" + }, + "HlsGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsGroupSettings", + "markdownDescription": "The configuration of an HLS output group.", + "title": "HlsGroupSettings" + }, + "MediaPackageGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageGroupSettings", + "markdownDescription": "The configuration of a MediaPackage output group.", + "title": "MediaPackageGroupSettings" + }, + "MsSmoothGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothGroupSettings", + "markdownDescription": "The configuration of a Microsoft Smooth output group.", + "title": "MsSmoothGroupSettings" + }, + "MultiplexGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexGroupSettings", + "markdownDescription": "The settings for a Multiplex output group.", + "title": "MultiplexGroupSettings" + }, + "RtmpGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpGroupSettings", + "markdownDescription": "The configuration of an RTMP output group.", + "title": "RtmpGroupSettings" + }, + "SrtGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtGroupSettings", + "markdownDescription": "", + "title": "SrtGroupSettings" + }, + "UdpGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpGroupSettings", + "markdownDescription": "The configuration of a UDP output group.", + "title": "UdpGroupSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ArcAxisConfiguration": { + "AWS::MediaLive::Channel.OutputLocationRef": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" - }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" + "DestinationRefId": { + "markdownDescription": "A reference ID for this destination.", + "title": "DestinationRefId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ArcAxisDisplayRange": { + "AWS::MediaLive::Channel.OutputLockingSettings": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", - "type": "number" + "EpochLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EpochLockingSettings", + "markdownDescription": "", + "title": "EpochLockingSettings" }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", - "type": "number" + "PipelineLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.PipelineLockingSettings", + "markdownDescription": "", + "title": "PipelineLockingSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ArcConfiguration": { + "AWS::MediaLive::Channel.OutputSettings": { "additionalProperties": false, "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", - "type": "number" + "ArchiveOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveOutputSettings", + "markdownDescription": "The settings for an archive output.", + "title": "ArchiveOutputSettings" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" + "CmafIngestOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestOutputSettings", + "markdownDescription": "", + "title": "CmafIngestOutputSettings" + }, + "FrameCaptureOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureOutputSettings", + "markdownDescription": "The settings for a frame capture output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "FrameCaptureOutputSettings" + }, + "HlsOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsOutputSettings", + "markdownDescription": "The settings for an HLS output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "HlsOutputSettings" + }, + "MediaPackageOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputSettings", + "markdownDescription": "The settings for a MediaPackage output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "MediaPackageOutputSettings" + }, + "MsSmoothOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothOutputSettings", + "markdownDescription": "The settings for a Microsoft Smooth output.", + "title": "MsSmoothOutputSettings" + }, + "MultiplexOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexOutputSettings", + "markdownDescription": "Configuration of a Multiplex output.", + "title": "MultiplexOutputSettings" + }, + "RtmpOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpOutputSettings", + "markdownDescription": "The settings for an RTMP output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "RtmpOutputSettings" + }, + "SrtOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtOutputSettings", + "markdownDescription": "", + "title": "SrtOutputSettings" + }, + "UdpOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpOutputSettings", + "markdownDescription": "The settings for a UDP output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "UdpOutputSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ArcOptions": { + "AWS::MediaLive::Channel.PassThroughSettings": { "additionalProperties": false, - "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.AssetOptions": { + "AWS::MediaLive::Channel.PipelineLockingSettings": { "additionalProperties": false, - "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", - "type": "string" - }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.AttributeAggregationFunction": { + "AWS::MediaLive::Channel.RawSettings": { "additionalProperties": false, - "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", - "type": "string" - }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDataOptions": { + "AWS::MediaLive::Channel.Rec601Settings": { "additionalProperties": false, - "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" - }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDisplayMinMaxRange": { + "AWS::MediaLive::Channel.Rec709Settings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.RemixSettings": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", + "ChannelMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioChannelMapping" + }, + "markdownDescription": "A mapping of input channels to output channels, with appropriate gain adjustments.", + "title": "ChannelMappings", + "type": "array" + }, + "ChannelsIn": { + "markdownDescription": "The number of input channels to be used.", + "title": "ChannelsIn", "type": "number" }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", + "ChannelsOut": { + "markdownDescription": "The number of output channels to be produced. Valid values: 1, 2, 4, 6, 8.", + "title": "ChannelsOut", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDisplayOptions": { + "AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.RtmpGroupSettings": { "additionalProperties": false, "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", + "AdMarkers": { + "items": { + "type": "string" + }, + "markdownDescription": "Choose the ad marker type for this output group. MediaLive will create a message based on the content of each SCTE-35 message, format it for that marker type, and insert it in the datastream.", + "title": "AdMarkers", + "type": "array" + }, + "AuthenticationScheme": { + "markdownDescription": "An authentication scheme to use when connecting with a CDN.", + "title": "AuthenticationScheme", "type": "string" }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", + "CacheFullBehavior": { + "markdownDescription": "Controls behavior when the content cache fills up. If a remote origin server stalls the RTMP connection and doesn't accept content fast enough, the media cache fills up. When the cache reaches the duration specified by cacheLength, the cache stops accepting new content. If set to disconnectImmediately, the RTMP output forces a disconnect. Clear the media cache, and reconnect after restartDelay seconds. If set to waitForServer, the RTMP output waits up to 5 minutes to allow the origin server to begin accepting data again.", + "title": "CacheFullBehavior", "type": "string" }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" + "CacheLength": { + "markdownDescription": "The cache length, in seconds, that is used to calculate buffer size.", + "title": "CacheLength", + "type": "number" }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", + "CaptionData": { + "markdownDescription": "Controls the types of data that pass to onCaptionInfo outputs. If set to all, 608 and 708 carried DTVCC data is passed. If set to field1AndField2608, DTVCC data is stripped out, but 608 data from both fields is passed. If set to field1608, only the data carried in 608 from field 1 video is passed.", + "title": "CaptionData", "type": "string" }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" + "IncludeFillerNalUnits": { + "markdownDescription": "", + "title": "IncludeFillerNalUnits", + "type": "string" }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" + "InputLossAction": { + "markdownDescription": "Controls the behavior of this RTMP group if the input becomes unavailable. emitOutput: Emit a slate until the input returns. pauseOutput: Stop transmitting data until the input returns. This does not close the underlying RTMP connection.", + "title": "InputLossAction", + "type": "string" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDisplayRange": { + "AWS::MediaLive::Channel.RtmpOutputSettings": { "additionalProperties": false, "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", - "type": "object" + "CertificateMode": { + "markdownDescription": "If set to verifyAuthenticity, verifies the TLS certificate chain to a trusted certificate authority (CA). This causes RTMPS outputs with self-signed certificates to fail.", + "title": "CertificateMode", + "type": "string" }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the Flash Media server if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The RTMP endpoint excluding the stream name (for example, rtmp://host/appname).", + "title": "Destination" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts.", + "title": "NumRetries", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLabelOptions": { + "AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.Scte20SourceSettings": { "additionalProperties": false, "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" - }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", + "Convert608To708": { + "markdownDescription": "If upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. Any 708 data present in the source content is discarded.", + "title": "Convert608To708", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" + "Source608ChannelNumber": { + "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions.", + "title": "Source608ChannelNumber", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLabelReferenceOptions": { + "AWS::MediaLive::Channel.Scte27DestinationSettings": { "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", - "title": "FieldId", - "type": "string" - } - }, - "required": [ - "Column", - "FieldId" - ], + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLinearScale": { + "AWS::MediaLive::Channel.Scte27SourceSettings": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", - "type": "number" + "OcrLanguage": { + "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", + "title": "OcrLanguage", + "type": "string" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", + "Pid": { + "markdownDescription": "The PID field is used in conjunction with the captions selector languageCode field as follows: Specify PID and Language: Extracts captions from that PID; the language is \"informational.\" Specify PID and omit Language: Extracts the specified PID. Omit PID and specify Language: Extracts the specified language, whichever PID that happens to be. Omit PID and omit Language: Valid only if source is DVB-Sub that is being passed through; all languages are passed through.", + "title": "Pid", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLogarithmicScale": { + "AWS::MediaLive::Channel.Scte35SpliceInsert": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", + "AdAvailOffset": { + "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", + "title": "AdAvailOffset", "type": "number" + }, + "NoRegionalBlackoutFlag": { + "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "NoRegionalBlackoutFlag", + "type": "string" + }, + "WebDeliveryAllowedFlag": { + "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "WebDeliveryAllowedFlag", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisScale": { + "AWS::MediaLive::Channel.Scte35TimeSignalApos": { "additionalProperties": false, "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" + "AdAvailOffset": { + "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", + "title": "AdAvailOffset", + "type": "number" }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" + "NoRegionalBlackoutFlag": { + "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "NoRegionalBlackoutFlag", + "type": "string" + }, + "WebDeliveryAllowedFlag": { + "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "WebDeliveryAllowedFlag", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisTickLabelOptions": { + "AWS::MediaLive::Channel.SmpteTtDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.SrtGroupSettings": { "additionalProperties": false, "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" - }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" + "InputLossAction": { + "markdownDescription": "", + "title": "InputLossAction", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartAggregatedFieldWells": { + "AWS::MediaLive::Channel.SrtOutputDestinationSettings": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", - "type": "array" + "EncryptionPassphraseSecretArn": { + "markdownDescription": "", + "title": "EncryptionPassphraseSecretArn", + "type": "string" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", - "type": "array" + "StreamId": { + "markdownDescription": "", + "title": "StreamId", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", - "title": "Values", - "type": "array" + "Url": { + "markdownDescription": "", + "title": "Url", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartConfiguration": { + "AWS::MediaLive::Channel.SrtOutputSettings": { "additionalProperties": false, "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" - }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "BufferMsec": { + "markdownDescription": "", + "title": "BufferMsec", + "type": "number" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", + "markdownDescription": "", + "title": "ContainerSettings" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "", + "title": "Destination" }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", + "EncryptionType": { + "markdownDescription": "", + "title": "EncryptionType", "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", - "title": "ValueLabelOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "Latency": { + "markdownDescription": "", + "title": "Latency", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartFieldWells": { + "AWS::MediaLive::Channel.StandardHlsSettings": { "additionalProperties": false, "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" + "AudioRenditionSets": { + "markdownDescription": "Lists all the audio groups that are used with the video output stream. This inputs all the audio GROUP-IDs that are associated with the video, separated by a comma (,).", + "title": "AudioRenditionSets", + "type": "string" + }, + "M3u8Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M3u8Settings", + "markdownDescription": "Settings for the M3U8 container.", + "title": "M3u8Settings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartSortConfiguration": { + "AWS::MediaLive::Channel.StaticKeySettings": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of category fields.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", - "type": "array" - }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "KeyProviderServer": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The URL of the license server that is used for protecting content.", + "title": "KeyProviderServer" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "StaticKeyValue": { + "markdownDescription": "The static key value as a 32 character hexadecimal string.", + "title": "StaticKeyValue", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartVisual": { + "AWS::MediaLive::Channel.TeletextDestinationSettings": { "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" - } - }, - "required": [ - "VisualId" - ], + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.BinCountOptions": { + "AWS::MediaLive::Channel.TeletextSourceSettings": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" + "OutputRectangle": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionRectangle", + "markdownDescription": "Settings to configure the caption rectangle for an output captions that will be created using this Teletext source captions.", + "title": "OutputRectangle" + }, + "PageNumber": { + "markdownDescription": "Specifies the Teletext page number within the data stream from which to extract captions. The range is 0x100 (256) to 0x8FF (2303). This is unused for passthrough. It should be specified as a hexadecimal string with no \"0x\" prefix.", + "title": "PageNumber", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BinWidthOptions": { + "AWS::MediaLive::Channel.TemporalFilterSettings": { "additionalProperties": false, "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" + "PostFilterSharpening": { + "markdownDescription": "If you enable this filter, the results are the following:\n- If the source content is noisy (it contains excessive digital artifacts), the filter cleans up the source.\n- If the source content is already clean, the filter tends to decrease the bitrate, especially when the rate control mode is QVBR.", + "title": "PostFilterSharpening", + "type": "string" }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", - "type": "number" + "Strength": { + "markdownDescription": "Choose a filter strength. We recommend a strength of 1 or 2. A higher strength might take out good information, resulting in an image that is overly soft.", + "title": "Strength", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BodySectionConfiguration": { + "AWS::MediaLive::Channel.ThumbnailConfiguration": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" - }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" - }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", + "State": { + "markdownDescription": "", + "title": "State", "type": "string" - }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" } }, - "required": [ - "Content", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.BodySectionContent": { + "AWS::MediaLive::Channel.TimecodeBurninSettings": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" + "FontSize": { + "markdownDescription": "", + "title": "FontSize", + "type": "string" + }, + "Position": { + "markdownDescription": "", + "title": "Position", + "type": "string" + }, + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells": { + "AWS::MediaLive::Channel.TimecodeConfig": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", - "type": "array" + "Source": { + "markdownDescription": "Identifies the source for the timecode that will be associated with the channel outputs. Embedded (embedded): Initialize the output timecode with timecode from the source. If no embedded timecode is detected in the source, the system falls back to using \"Start at 0\" (zerobased). System Clock (systemclock): Use the UTC time. Start at 0 (zerobased): The time of the first frame of the channel will be 00:00:00:00.", + "title": "Source", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "SyncThreshold": { + "markdownDescription": "The threshold in frames beyond which output timecode is resynchronized to the input timecode. Discrepancies below this threshold are permitted to avoid unnecessary discontinuities in the output timecode. There is no timecode sync when this is not specified.", + "title": "SyncThreshold", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotChartConfiguration": { + "AWS::MediaLive::Channel.TtmlDestinationSettings": { "additionalProperties": false, "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "StyleControl": { + "markdownDescription": "When set to passthrough, passes through style and position information from a TTML-like input source (TTML, SMPTE-TT, CFF-TT) to the CFF-TT output or TTML output.", + "title": "StyleControl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotFieldWells": { + "AWS::MediaLive::Channel.UdpContainerSettings": { "additionalProperties": false, "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" + "M2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", + "markdownDescription": "The M2TS configuration for this UDP output.", + "title": "M2tsSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotOptions": { + "AWS::MediaLive::Channel.UdpGroupSettings": { "additionalProperties": false, "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", + "InputLossAction": { + "markdownDescription": "Specifies the behavior of the last resort when the input video is lost, and no more backup inputs are available. When dropTs is selected, the entire transport stream stops emitting. When dropProgram is selected, the program can be dropped from the transport stream (and replaced with null packets to meet the TS bitrate requirement). Or when emitProgram is selected, the transport stream continues to be produced normally with repeat frames, black frames, or slate frames substituted for the absent input video.", + "title": "InputLossAction", "type": "string" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "TimedMetadataId3Frame": { + "markdownDescription": "Indicates the ID3 frame that has the timecode.", + "title": "TimedMetadataId3Frame", "type": "string" }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" + "TimedMetadataId3Period": { + "markdownDescription": "The timed metadata interval in seconds.", + "title": "TimedMetadataId3Period", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotSortConfiguration": { + "AWS::MediaLive::Channel.UdpOutputSettings": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "BufferMsec": { + "markdownDescription": "The UDP output buffering in milliseconds. Larger values increase latency through the transcoder but simultaneously assist the transcoder in maintaining a constant, low-jitter UDP/RTP output while accommodating clock recovery, input switching, input disruptions, picture reordering, and so on.", + "title": "BufferMsec", + "type": "number" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", + "markdownDescription": "The settings for the UDP output.", + "title": "ContainerSettings" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The destination address and port number for RTP or UDP packets. These can be unicast or multicast RTP or UDP (for example, rtp://239.10.10.10:5001 or udp://10.100.100.100:5002).", + "title": "Destination" + }, + "FecOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FecOutputSettings", + "markdownDescription": "The settings for enabling and adjusting Forward Error Correction on UDP outputs.", + "title": "FecOutputSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotStyleOptions": { + "AWS::MediaLive::Channel.VideoBlackFailoverSettings": { "additionalProperties": false, "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", - "type": "string" + "BlackDetectThreshold": { + "markdownDescription": "A value used in calculating the threshold below which MediaLive considers a pixel to be 'black'. For the input to be considered black, every pixel in a frame must be below this threshold. The threshold is calculated as a percentage (expressed as a decimal) of white. Therefore .1 means 10% white (or 90% black). Note how the formula works for any color depth. For example, if you set this field to 0.1 in 10-bit color depth: (1023*0.1=102.3), which means a pixel value of 102 or less is 'black'. If you set this field to .1 in an 8-bit color depth: (255*0.1=25.5), which means a pixel value of 25 or less is 'black'. The range is 0.0 to 1.0, with any number of decimal places.", + "title": "BlackDetectThreshold", + "type": "number" + }, + "VideoBlackThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that the active input must be black before automatic input failover occurs.", + "title": "VideoBlackThresholdMsec", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotVisual": { + "AWS::MediaLive::Channel.VideoCodecSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Av1Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Av1Settings", + "markdownDescription": "", + "title": "Av1Settings" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "FrameCaptureSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureSettings", + "markdownDescription": "The settings for the video codec in a frame capture output.", + "title": "FrameCaptureSettings" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "H264Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264Settings", + "markdownDescription": "The settings for the H.264 codec in the output.", + "title": "H264Settings" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "H265Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265Settings", + "markdownDescription": "Settings for video encoded with the H265 codec.", + "title": "H265Settings" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "Mpeg2Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2Settings", + "markdownDescription": "Settings for video encoded with the MPEG-2 codec.", + "title": "Mpeg2Settings" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CalculatedField": { + "AWS::MediaLive::Channel.VideoDescription": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", - "type": "string" + "CodecSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoCodecSettings", + "markdownDescription": "The video codec settings.", + "title": "CodecSettings" }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", - "type": "string" + "Height": { + "markdownDescription": "The output video height, in pixels. This must be an even number. For most codecs, you can keep this field and width blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", + "title": "Height", + "type": "number" }, "Name": { - "markdownDescription": "The name of the calculated field.", + "markdownDescription": "The name of this VideoDescription. Outputs use this name to uniquely identify this description. Description names should be unique within this channel.", "title": "Name", "type": "string" + }, + "RespondToAfd": { + "markdownDescription": "Indicates how to respond to the AFD values in the input stream. RESPOND causes input video to be clipped, depending on the AFD value, input display aspect ratio, and output display aspect ratio, and (except for the FRAMECAPTURE codec) includes the values in the output. PASSTHROUGH (does not apply to FRAMECAPTURE codec) ignores the AFD values and includes the values in the output, so input video is not clipped. NONE ignores the AFD values and does not include the values through to the output, so input video is not clipped.", + "title": "RespondToAfd", + "type": "string" + }, + "ScalingBehavior": { + "markdownDescription": "STRETCHTOOUTPUT configures the output position to stretch the video to the specified output resolution (height and width). This option overrides any position value. DEFAULT might insert black boxes (pillar boxes or letter boxes) around the video to provide the specified output resolution.", + "title": "ScalingBehavior", + "type": "string" + }, + "Sharpness": { + "markdownDescription": "Changes the strength of the anti-alias filter used for scaling. 0 is the softest setting, and 100 is the sharpest. We recommend a setting of 50 for most content.", + "title": "Sharpness", + "type": "number" + }, + "Width": { + "markdownDescription": "The output video width, in pixels. It must be an even number. For most codecs, you can keep this field and height blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", + "title": "Width", + "type": "number" } }, - "required": [ - "DataSetIdentifier", - "Expression", - "Name" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CalculatedMeasureField": { + "AWS::MediaLive::Channel.VideoSelector": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", + "ColorSpace": { + "markdownDescription": "Specifies the color space of an input. This setting works in tandem with colorSpaceConversion to determine if MediaLive will perform any conversion.", + "title": "ColorSpace", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings", + "markdownDescription": "Settings to configure color space settings in the incoming video.", + "title": "ColorSpaceSettings" + }, + "ColorSpaceUsage": { + "markdownDescription": "Applies only if colorSpace is a value other than Follow. This field controls how the value in the colorSpace field is used. Fallback means that when the input does include color space data, that data is used, but when the input has no color space data, the value in colorSpace is used. Choose fallback if your input is sometimes missing color space data, but when it does have color space data, that data is correct. Force means to always use the value in colorSpace. Choose force if your input usually has no color space data or might have unreliable color space data.", + "title": "ColorSpaceUsage", "type": "string" + }, + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorSettings", + "markdownDescription": "Information about the video to select from the content.", + "title": "SelectorSettings" } }, - "required": [ - "Expression", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CascadingControlConfiguration": { + "AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings": { "additionalProperties": false, "properties": { - "SourceControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlSource" - }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", - "type": "array" + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "Settings to configure color space settings in the incoming video.", + "title": "Hdr10Settings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CascadingControlSource": { + "AWS::MediaLive::Channel.VideoSelectorPid": { "additionalProperties": false, "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" - }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", - "type": "string" + "Pid": { + "markdownDescription": "Selects a specific PID from within a video source.", + "title": "Pid", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CategoricalDimensionField": { + "AWS::MediaLive::Channel.VideoSelectorProgramId": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" + "ProgramId": { + "markdownDescription": "Selects a specific program from within a multi-program transport stream. If the program doesn't exist, MediaLive selects the first program within the transport stream by default.", + "title": "ProgramId", + "type": "number" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoricalMeasureField": { + "AWS::MediaLive::Channel.VideoSelectorSettings": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", - "type": "string" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "VideoSelectorPid": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorPid", + "markdownDescription": "Used to extract video by PID.", + "title": "VideoSelectorPid" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "VideoSelectorProgramId": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorProgramId", + "markdownDescription": "Used to extract video by program ID.", + "title": "VideoSelectorProgramId" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoryDrillDownFilter": { + "AWS::MediaLive::Channel.VpcOutputSettings": { "additionalProperties": false, "properties": { - "CategoryValues": { + "PublicAddressAllocationIds": { "items": { "type": "string" }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", + "markdownDescription": "List of public address allocation IDs to associate with ENIs that will be created in Output VPC. Must specify one for SINGLE_PIPELINE, two for STANDARD channels", + "title": "PublicAddressAllocationIds", "type": "array" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of up to 5 EC2 VPC security group IDs to attach to the Output VPC network interfaces.\nIf none are specified then the VPC default security group will be used", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs from the same VPC.\nIf STANDARD channel, subnet IDs must be mapped to two unique availability zones (AZ).", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "CategoryValues", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoryFilter": { + "AWS::MediaLive::Channel.WavSettings": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" + "BitDepth": { + "markdownDescription": "Bits per sample.", + "title": "BitDepth", + "type": "number" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "CodingMode": { + "markdownDescription": "The audio coding mode for the WAV audio. The mode determines the number of channels in the audio.", + "title": "CodingMode", + "type": "string" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "SampleRate": { + "markdownDescription": "Sample rate in Hz.", + "title": "SampleRate", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.WebvttDestinationSettings": { + "additionalProperties": false, + "properties": { + "StyleControl": { + "markdownDescription": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO_STYLE_DATA - Don't pass through the style. The output captions will not contain any font styling information.", + "title": "StyleControl", "type": "string" } }, - "required": [ - "Column", - "Configuration", - "FilterId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoryFilterConfiguration": { + "AWS::MediaLive::ChannelPlacementGroup": { "additionalProperties": false, "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" + "Condition": { + "type": "string" }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterId": { + "markdownDescription": "", + "title": "ClusterId", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Nodes": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Nodes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::ChannelPlacementGroup.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::ChannelPlacementGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ChartAxisLabelOptions": { + "AWS::MediaLive::ChannelPlacementGroup.Tags": { "additionalProperties": false, "properties": { - "AxisLabelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelOptions" - }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", - "type": "array" - }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ClusterMarker": { + "AWS::MediaLive::CloudWatchAlarmTemplate": { "additionalProperties": false, "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The comparison operator used to compare the specified statistic and the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "DatapointsToAlarm": { + "markdownDescription": "The number of datapoints within the evaluation period that must be breaching to trigger the alarm.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold.", + "title": "EvaluationPeriods", + "type": "number" + }, + "GroupIdentifier": { + "markdownDescription": "A cloudwatch alarm template group's identifier. Can be either be its id or current name.", + "title": "GroupIdentifier", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm. Must be compatible with targetResourceType.", + "title": "MetricName", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the specified statistic is applied.", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the alarm's metric data.", + "title": "Statistic", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TargetResourceType": { + "markdownDescription": "The resource type this template should dynamically generate CloudWatch metric alarms for.", + "title": "TargetResourceType", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The threshold value to compare with the specified statistic.", + "title": "Threshold", + "type": "number" + }, + "TreatMissingData": { + "markdownDescription": "Specifies how missing data points are treated when evaluating the alarm's condition.", + "title": "TreatMissingData", + "type": "string" + } + }, + "required": [ + "ComparisonOperator", + "EvaluationPeriods", + "MetricName", + "Name", + "Period", + "Statistic", + "TargetResourceType", + "Threshold", + "TreatMissingData" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::CloudWatchAlarmTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ClusterMarkerConfiguration": { + "AWS::MediaLive::CloudWatchAlarmTemplateGroup": { "additionalProperties": false, "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::CloudWatchAlarmTemplateGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ColorScale": { + "AWS::MediaLive::Cluster": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", + "Condition": { "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterType": { + "markdownDescription": "", + "title": "ClusterType", + "type": "string" + }, + "InstanceRoleArn": { + "markdownDescription": "", + "title": "InstanceRoleArn", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "NetworkSettings": { + "$ref": "#/definitions/AWS::MediaLive::Cluster.ClusterNetworkSettings", + "markdownDescription": "", + "title": "NetworkSettings" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Cluster.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", - "type": "array" + "type": "object" }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" + "Type": { + "enum": [ + "AWS::MediaLive::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ColorFillType", - "Colors" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.ColorsConfiguration": { + "AWS::MediaLive::Cluster.ClusterNetworkSettings": { "additionalProperties": false, "properties": { - "CustomColors": { + "DefaultRoute": { + "markdownDescription": "", + "title": "DefaultRoute", + "type": "string" + }, + "InterfaceMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomColor" + "$ref": "#/definitions/AWS::MediaLive::Cluster.InterfaceMapping" }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", + "markdownDescription": "", + "title": "InterfaceMappings", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ColumnConfiguration": { + "AWS::MediaLive::Cluster.InterfaceMapping": { "additionalProperties": false, "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" + "LogicalInterfaceName": { + "markdownDescription": "", + "title": "LogicalInterfaceName", + "type": "string" }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", + "NetworkId": { + "markdownDescription": "", + "title": "NetworkId", "type": "string" } }, - "required": [ - "Column" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ColumnHierarchy": { + "AWS::MediaLive::Cluster.Tags": { "additionalProperties": false, "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" - }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ColumnIdentifier": { + "AWS::MediaLive::EventBridgeRuleTemplate": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "Condition": { "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "EventTargets": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplate.EventBridgeRuleTemplateTarget" + }, + "markdownDescription": "The destinations that will receive the event notifications.", + "title": "EventTargets", + "type": "array" + }, + "EventType": { + "markdownDescription": "The type of event to match with the rule.", + "title": "EventType", + "type": "string" + }, + "GroupIdentifier": { + "markdownDescription": "An eventbridge rule template group's identifier. Can be either be its id or current name.", + "title": "GroupIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "EventType", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::EventBridgeRuleTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ColumnName", - "DataSetIdentifier" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ColumnSort": { + "AWS::MediaLive::EventBridgeRuleTemplate.EventBridgeRuleTemplateTarget": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" - }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", + "Arn": { + "markdownDescription": "Target ARNs must be either an SNS topic or CloudWatch log group.", + "title": "Arn", "type": "string" - }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "", - "title": "SortBy" } }, "required": [ - "Direction", - "SortBy" + "Arn" ], "type": "object" }, - "AWS::QuickSight::Analysis.ColumnTooltipItem": { + "AWS::MediaLive::EventBridgeRuleTemplateGroup": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::EventBridgeRuleTemplateGroup" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells": { + "AWS::MediaLive::Input": { "additionalProperties": false, "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" + "Condition": { + "type": "string" }, - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated category field wells of a combo chart.", - "title": "Category", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LineValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputDestinationRequest" + }, + "markdownDescription": "Settings that apply only if the input is a push type of input.", + "title": "Destinations", + "type": "array" + }, + "InputDevices": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputDeviceSettings" + }, + "markdownDescription": "Settings that apply only if the input is an Elemental Link input.", + "title": "InputDevices", + "type": "array" + }, + "InputNetworkLocation": { + "markdownDescription": "", + "title": "InputNetworkLocation", + "type": "string" + }, + "InputSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of input security groups (referenced by IDs) to attach to the input if the input is a push type.", + "title": "InputSecurityGroups", + "type": "array" + }, + "MediaConnectFlows": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MediaConnectFlowRequest" + }, + "markdownDescription": "Settings that apply only if the input is a MediaConnect input.", + "title": "MediaConnectFlows", + "type": "array" + }, + "MulticastSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSettingsCreateRequest", + "markdownDescription": "", + "title": "MulticastSettings" + }, + "Name": { + "markdownDescription": "A name for the input.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role for MediaLive to assume when creating a MediaConnect input or Amazon VPC input. This doesn't apply to other types of inputs. The role is identified by its ARN.", + "title": "RoleArn", + "type": "string" + }, + "SdiSources": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SdiSources", + "type": "array" + }, + "Smpte2110ReceiverGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroupSettings", + "markdownDescription": "", + "title": "Smpte2110ReceiverGroupSettings" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSourceRequest" + }, + "markdownDescription": "Settings that apply only if the input is a pull type of input.", + "title": "Sources", + "type": "array" + }, + "SrtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.SrtSettingsRequest", + "markdownDescription": "", + "title": "SrtSettings" + }, + "Tags": { + "markdownDescription": "A collection of tags for this input. Each tag is a key-value pair.", + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The type for this input.", + "title": "Type", + "type": "string" + }, + "Vpc": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputVpcRequest", + "markdownDescription": "Settings that apply only if the input is an push input where the source is on Amazon VPC.", + "title": "Vpc" + } }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Input" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartConfiguration": { + "AWS::MediaLive::Input.InputDestinationRequest": { "additionalProperties": false, "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" - }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", + "Network": { + "markdownDescription": "", + "title": "Network", "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { + "NetworkRoutes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + "$ref": "#/definitions/AWS::MediaLive::Input.InputRequestDestinationRoute" }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", + "markdownDescription": "", + "title": "NetworkRoutes", "type": "array" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" + "StaticIpAddress": { + "markdownDescription": "", + "title": "StaticIpAddress", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "StreamName": { + "markdownDescription": "The stream name (application name/application instance) for the location the RTMP source content will be pushed to in MediaLive.", + "title": "StreamName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartFieldWells": { + "AWS::MediaLive::Input.InputDeviceRequest": { "additionalProperties": false, "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" + "Id": { + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartSortConfiguration": { + "AWS::MediaLive::Input.InputDeviceSettings": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", - "type": "array" + "Id": { + "markdownDescription": "The unique ID for the device.", + "title": "Id", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartVisual": { + "AWS::MediaLive::Input.InputRequestDestinationRoute": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Cidr": { + "markdownDescription": "", + "title": "Cidr", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Gateway": { + "markdownDescription": "", + "title": "Gateway", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ComparisonConfiguration": { + "AWS::MediaLive::Input.InputSdpLocation": { "additionalProperties": false, "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" + "MediaIndex": { + "markdownDescription": "", + "title": "MediaIndex", + "type": "number" }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", + "SdpUrl": { + "markdownDescription": "", + "title": "SdpUrl", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ComparisonFormatConfiguration": { + "AWS::MediaLive::Input.InputSourceRequest": { "additionalProperties": false, "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the upstream system. The password parameter applies only if the upstream system requires credentials.", + "title": "PasswordParam", + "type": "string" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" + "Url": { + "markdownDescription": "For a pull input, the URL where MediaLive pulls the source content from.", + "title": "Url", + "type": "string" + }, + "Username": { + "markdownDescription": "The user name to connect to the upstream system. The user name applies only if the upstream system requires credentials.", + "title": "Username", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.Computation": { + "AWS::MediaLive::Input.InputVpcRequest": { "additionalProperties": false, "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" - }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" - }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" - }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" - }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" - }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" - }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" - }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" - }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of up to five VPC security group IDs to attach to the input VPC network interfaces. The security groups require subnet IDs. If none are specified, MediaLive uses the VPC default security group.", + "title": "SecurityGroupIds", + "type": "array" }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of two VPC subnet IDs from the same VPC. You must associate subnet IDs to two unique Availability Zones.", + "title": "SubnetIds", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingColor": { + "AWS::MediaLive::Input.MediaConnectFlowRequest": { "additionalProperties": false, "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" - }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" + "FlowArn": { + "markdownDescription": "The ARN of one or two MediaConnect flows that are the sources for this MediaConnect input.", + "title": "FlowArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition": { + "AWS::MediaLive::Input.MulticastSettingsCreateRequest": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSourceCreateRequest" + }, + "markdownDescription": "", + "title": "Sources", + "type": "array" + } + }, + "type": "object" + }, + "AWS::MediaLive::Input.MulticastSettingsUpdateRequest": { + "additionalProperties": false, + "properties": { + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSourceUpdateRequest" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::MediaLive::Input.MulticastSourceCreateRequest": { + "additionalProperties": false, + "properties": { + "SourceIp": { + "markdownDescription": "", + "title": "SourceIp", "type": "string" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" - }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", + "Url": { + "markdownDescription": "", + "title": "Url", "type": "string" - }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" } }, - "required": [ - "Expression", - "IconOptions" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions": { + "AWS::MediaLive::Input.MulticastSourceUpdateRequest": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", + "SourceIp": { "type": "string" }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", + "Url": { "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingGradientColor": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroup": { "additionalProperties": false, "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" - }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", - "type": "string" + "SdpSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroupSdpSettings", + "markdownDescription": "", + "title": "SdpSettings" } }, - "required": [ - "Color", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIcon": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroupSdpSettings": { "additionalProperties": false, "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" + "AncillarySdps": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation" + }, + "markdownDescription": "", + "title": "AncillarySdps", + "type": "array" }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" + "AudioSdps": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation" + }, + "markdownDescription": "", + "title": "AudioSdps", + "type": "array" + }, + "VideoSdp": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation", + "markdownDescription": "", + "title": "VideoSdp" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroupSettings": { "additionalProperties": false, "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", - "type": "string" + "Smpte2110ReceiverGroups": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroup" + }, + "markdownDescription": "", + "title": "Smpte2110ReceiverGroups", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIconSet": { + "AWS::MediaLive::Input.SrtCallerDecryptionRequest": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", + "Algorithm": { + "markdownDescription": "", + "title": "Algorithm", "type": "string" }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", + "PassphraseSecretArn": { + "markdownDescription": "", + "title": "PassphraseSecretArn", "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingSolidColor": { + "AWS::MediaLive::Input.SrtCallerSourceRequest": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "Decryption": { + "$ref": "#/definitions/AWS::MediaLive::Input.SrtCallerDecryptionRequest", + "markdownDescription": "", + "title": "Decryption" + }, + "MinimumLatency": { + "markdownDescription": "", + "title": "MinimumLatency", + "type": "number" + }, + "SrtListenerAddress": { + "markdownDescription": "", + "title": "SrtListenerAddress", "type": "string" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", + "SrtListenerPort": { + "markdownDescription": "", + "title": "SrtListenerPort", + "type": "string" + }, + "StreamId": { + "markdownDescription": "", + "title": "StreamId", "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ContributionAnalysisDefault": { + "AWS::MediaLive::Input.SrtSettingsRequest": { "additionalProperties": false, "properties": { - "ContributorDimensions": { + "SrtCallerSources": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + "$ref": "#/definitions/AWS::MediaLive::Input.SrtCallerSourceRequest" }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", + "markdownDescription": "", + "title": "SrtCallerSources", "type": "array" - }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", - "type": "string" } }, - "required": [ - "ContributorDimensions", - "MeasureFieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration": { + "AWS::MediaLive::InputSecurityGroup": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", + "Condition": { "type": "string" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", - "type": "string" + "Metadata": { + "type": "object" }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "markdownDescription": "A collection of tags for this input security group. Each tag is a key-value pair.", + "title": "Tags", + "type": "object" + }, + "WhitelistRules": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr" + }, + "markdownDescription": "The list of IPv4 CIDR addresses to include in the input security group as \"allowed\" addresses.", + "title": "WhitelistRules", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::InputSecurityGroup" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomActionFilterOperation": { - "additionalProperties": false, - "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomActionNavigationOperation": { + "AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr": { "additionalProperties": false, "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" + "Cidr": { + "markdownDescription": "An IPv4 CIDR range to include in this input security group.", + "title": "Cidr", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CustomActionSetParametersOperation": { + "AWS::MediaLive::Multiplex": { "additionalProperties": false, "properties": { - "ParameterValueConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SetParameterValueConfiguration" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of availability zones for the multiplex.", + "title": "AvailabilityZones", + "type": "array" + }, + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexOutputDestination" + }, + "markdownDescription": "A list of the multiplex output destinations.", + "title": "Destinations", + "type": "array" + }, + "MultiplexSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexSettings", + "markdownDescription": "Configuration for a multiplex event.", + "title": "MultiplexSettings" + }, + "Name": { + "markdownDescription": "The name of the multiplex.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.Tags" + }, + "markdownDescription": "A collection of key-value pairs.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", - "type": "array" - } - }, - "required": [ - "ParameterValueConfigurations" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomActionURLOperation": { - "additionalProperties": false, - "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", + "required": [ + "AvailabilityZones", + "MultiplexSettings", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Multiplex" + ], "type": "string" }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "URLTarget", - "URLTemplate" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomColor": { + "AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", - "type": "string" - }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", - "type": "string" - }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", + "EntitlementArn": { + "markdownDescription": "The MediaConnect entitlement ARN available as a Flow source.", + "title": "EntitlementArn", "type": "string" } }, - "required": [ - "Color" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomContentConfiguration": { + "AWS::MediaLive::Multiplex.MultiplexOutputDestination": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", - "type": "string" - }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", - "type": "string" - }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", - "type": "string" + "MultiplexMediaConnectOutputDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings", + "markdownDescription": "", + "title": "MultiplexMediaConnectOutputDestinationSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CustomContentVisual": { + "AWS::MediaLive::Multiplex.MultiplexSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", - "title": "ChartConfiguration" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", - "type": "string" + "MaximumVideoBufferDelayMilliseconds": { + "markdownDescription": "Maximum video buffer delay in milliseconds.", + "title": "MaximumVideoBufferDelayMilliseconds", + "type": "number" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "TransportStreamBitrate": { + "markdownDescription": "Transport stream bit rate.", + "title": "TransportStreamBitrate", + "type": "number" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "TransportStreamId": { + "markdownDescription": "Transport stream ID.", + "title": "TransportStreamId", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "TransportStreamReservedBitrate": { + "markdownDescription": "Transport stream reserved bit rate.", + "title": "TransportStreamReservedBitrate", + "type": "number" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "TransportStreamBitrate", + "TransportStreamId" ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomFilterConfiguration": { + "AWS::MediaLive::Multiplex.Tags": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", - "type": "string" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomFilterListConfiguration": { + "AWS::MediaLive::Multiplexprogram": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "Condition": { "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MultiplexId": { + "markdownDescription": "The unique id of the multiplex.", + "title": "MultiplexId", + "type": "string" + }, + "MultiplexProgramSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings", + "markdownDescription": "Multiplex Program settings configuration.", + "title": "MultiplexProgramSettings" + }, + "PacketIdentifiersMap": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap", + "markdownDescription": "", + "title": "PacketIdentifiersMap" + }, + "PipelineDetails": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail" + }, + "markdownDescription": "", + "title": "PipelineDetails", + "type": "array" + }, + "PreferredChannelPipeline": { + "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.\nIf set to \\\"PIPELINE_0\\\" or \\\"PIPELINE_1\\\" and an unhealthy ingest causes the multiplex to switch to the non-preferred pipeline,\nit will switch back once that ingest is healthy again. If set to \\\"CURRENTLY_ACTIVE\\\",\nit will not switch back to the other pipeline based on it recovering to a healthy state,\nit will only switch if the active pipeline becomes unhealthy.", + "title": "PreferredChannelPipeline", + "type": "string" + }, + "ProgramName": { + "markdownDescription": "", + "title": "ProgramName", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Multiplexprogram" + ], "type": "string" - } - }, - "required": [ - "MatchOperator", - "NullOption" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomNarrativeOptions": { - "additionalProperties": false, - "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Narrative" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomParameterValues": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap": { "additionalProperties": false, "properties": { - "DateTimeValues": { + "AudioPids": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", + "markdownDescription": "", + "title": "AudioPids", "type": "array" }, - "DecimalValues": { + "DvbSubPids": { "items": { "type": "number" }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", + "markdownDescription": "", + "title": "DvbSubPids", "type": "array" }, - "IntegerValues": { + "DvbTeletextPid": { + "markdownDescription": "", + "title": "DvbTeletextPid", + "type": "number" + }, + "EtvPlatformPid": { + "markdownDescription": "", + "title": "EtvPlatformPid", + "type": "number" + }, + "EtvSignalPid": { + "markdownDescription": "", + "title": "EtvSignalPid", + "type": "number" + }, + "KlvDataPids": { "items": { "type": "number" }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", + "markdownDescription": "", + "title": "KlvDataPids", "type": "array" }, - "StringValues": { + "PcrPid": { + "markdownDescription": "", + "title": "PcrPid", + "type": "number" + }, + "PmtPid": { + "markdownDescription": "", + "title": "PmtPid", + "type": "number" + }, + "PrivateMetadataPid": { + "markdownDescription": "", + "title": "PrivateMetadataPid", + "type": "number" + }, + "Scte27Pids": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", + "markdownDescription": "", + "title": "Scte27Pids", "type": "array" + }, + "Scte35Pid": { + "markdownDescription": "", + "title": "Scte35Pid", + "type": "number" + }, + "TimedMetadataPid": { + "markdownDescription": "", + "title": "TimedMetadataPid", + "type": "number" + }, + "VideoPid": { + "markdownDescription": "", + "title": "VideoPid", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CustomValuesConfiguration": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail": { "additionalProperties": false, "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomParameterValues", - "markdownDescription": "", - "title": "CustomValues" + "ActiveChannelPipeline": { + "markdownDescription": "Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex.", + "title": "ActiveChannelPipeline", + "type": "string" }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", - "type": "boolean" + "PipelineId": { + "markdownDescription": "Identifies a specific pipeline in the multiplex.", + "title": "PipelineId", + "type": "string" } }, - "required": [ - "CustomValues" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataBarsOptions": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", - "type": "string" - }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", + "ProviderName": { + "markdownDescription": "Name of the provider.", + "title": "ProviderName", "type": "string" }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", + "ServiceName": { + "markdownDescription": "Name of the service.", + "title": "ServiceName", "type": "string" } }, "required": [ - "FieldId" + "ProviderName", + "ServiceName" ], "type": "object" }, - "AWS::QuickSight::Analysis.DataColor": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "PreferredChannelPipeline": { + "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.", + "title": "PreferredChannelPipeline", "type": "string" }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", + "ProgramNumber": { + "markdownDescription": "Unique program number.", + "title": "ProgramNumber", "type": "number" + }, + "ServiceDescriptor": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor", + "markdownDescription": "Transport stream service descriptor configuration for the Multiplex program.", + "title": "ServiceDescriptor" + }, + "VideoSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings", + "markdownDescription": "Program video settings configuration.", + "title": "VideoSettings" } }, + "required": [ + "ProgramNumber" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DataFieldSeriesItem": { + "AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", - "type": "string" + "MaximumBitrate": { + "markdownDescription": "Maximum statmux bitrate.", + "title": "MaximumBitrate", + "type": "number" }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", - "type": "string" + "MinimumBitrate": { + "markdownDescription": "Minimum statmux bitrate.", + "title": "MinimumBitrate", + "type": "number" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "Priority": { + "markdownDescription": "The purpose of the priority is to use a combination of the\\nmultiplex rate control algorithm and the QVBR capability of the\\nencoder to prioritize the video quality of some channels in a\\nmultiplex over others. Channels that have a higher priority will\\nget higher video quality at the expense of the video quality of\\nother channels in the multiplex with lower priority.", + "title": "Priority", + "type": "number" } }, - "required": [ - "AxisBinding", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataLabelOptions": { + "AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "DataLabelTypes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelType" - }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", - "type": "array" + "ConstantBitrate": { + "markdownDescription": "The constant bitrate configuration for the video encode.\nWhen this field is defined, StatmuxSettings must be undefined.", + "title": "ConstantBitrate", + "type": "number" }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", + "StatmuxSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings", + "markdownDescription": "Statmux rate control settings.\nWhen this field is defined, ConstantBitrate must be undefined.", + "title": "StatmuxSettings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Network": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" - }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", - "type": "string" + "Metadata": { + "type": "object" }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "IpPools": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.IpPool" + }, + "markdownDescription": "", + "title": "IpPools", + "type": "array" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Routes": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.Route" + }, + "markdownDescription": "", + "title": "Routes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "IpPools", + "Name" + ], + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", + "Type": { + "enum": [ + "AWS::MediaLive::Network" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DataLabelType": { + "AWS::MediaLive::Network.IpPool": { "additionalProperties": false, "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" - }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" - }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" - }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" - }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" + "Cidr": { + "markdownDescription": "", + "title": "Cidr", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataPathColor": { + "AWS::MediaLive::Network.Route": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", + "Cidr": { + "markdownDescription": "", + "title": "Cidr", "type": "string" }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" - }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", + "Gateway": { + "markdownDescription": "", + "title": "Gateway", "type": "string" } }, - "required": [ - "Color", - "Element" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataPathLabelType": { + "AWS::MediaLive::Network.Tags": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", - "type": "string" - }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the data label.", - "title": "Visibility", + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataPathSort": { + "AWS::MediaLive::SdiSource": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", + "Condition": { "type": "string" }, - "SortPaths": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "", + "title": "Mode", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SdiSource.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "", + "title": "Type", + "type": "string" + } }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", - "type": "array" + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::SdiSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Direction", - "SortPaths" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.DataPathType": { + "AWS::MediaLive::SdiSource.Tags": { "additionalProperties": false, "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataPathValue": { + "AWS::MediaLive::SignalMap": { "additionalProperties": false, "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", + "Condition": { "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DataSetIdentifierDeclaration": { - "additionalProperties": false, - "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", - "title": "DataSetArn", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CloudWatchAlarmTemplateGroupIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A cloudwatch alarm template group's identifier. Can be either be its id or current name.", + "title": "CloudWatchAlarmTemplateGroupIdentifiers", + "type": "array" + }, + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "DiscoveryEntryPointArn": { + "markdownDescription": "A top-level supported Amazon Web Services resource ARN to discover a signal map from.", + "title": "DiscoveryEntryPointArn", + "type": "string" + }, + "EventBridgeRuleTemplateGroupIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "An eventbridge rule template group's identifier. Can be either be its id or current name.", + "title": "EventBridgeRuleTemplateGroupIdentifiers", + "type": "array" + }, + "ForceRediscovery": { + "markdownDescription": "If true, will force a rediscovery of a signal map if an unchanged discoveryEntryPointArn is provided.", + "title": "ForceRediscovery", + "type": "boolean" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "DiscoveryEntryPointArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::SignalMap" + ], "type": "string" }, - "Identifier": { - "markdownDescription": "The identifier of the data set, typically the data set's name.", - "title": "Identifier", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSetArn", - "Identifier" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.DataSetReference": { + "AWS::MediaLive::SignalMap.MediaResource": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", - "type": "string" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SignalMap.MediaResourceNeighbor" + }, + "markdownDescription": "A direct destination neighbor to an Amazon Web Services media resource.", + "title": "Destinations", + "type": "array" }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", + "Name": { + "markdownDescription": "The logical name of an Amazon Web Services media resource.", + "title": "Name", "type": "string" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SignalMap.MediaResourceNeighbor" + }, + "markdownDescription": "A direct source neighbor to an Amazon Web Services media resource.", + "title": "Sources", + "type": "array" } }, - "required": [ - "DataSetArn", - "DataSetPlaceholder" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateAxisOptions": { + "AWS::MediaLive::SignalMap.MediaResourceNeighbor": { "additionalProperties": false, "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", + "Arn": { + "markdownDescription": "The ARN of a resource used in Amazon Web Services media workflows.", + "title": "Arn", + "type": "string" + }, + "Name": { + "markdownDescription": "The logical name of an Amazon Web Services media resource.", + "title": "Name", "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DateDimensionField": { + "AWS::MediaLive::SignalMap.MonitorDeployment": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" - }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", + "DetailsUri": { + "markdownDescription": "URI associated with a signal map's monitor deployment.", + "title": "DetailsUri", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "ErrorMessage": { + "markdownDescription": "Error message associated with a failed monitor deployment of a signal map.", + "title": "ErrorMessage", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Status": { + "markdownDescription": "The signal map monitor deployment status.", + "title": "Status", "type": "string" } }, "required": [ - "Column", - "FieldId" + "Status" ], "type": "object" }, - "AWS::QuickSight::Analysis.DateMeasureField": { + "AWS::MediaLive::SignalMap.SuccessfulMonitorDeployment": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "DetailsUri": { + "markdownDescription": "URI associated with a signal map's monitor deployment.", + "title": "DetailsUri", "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Status": { + "markdownDescription": "A signal map's monitor deployment status.", + "title": "Status", "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" } }, "required": [ - "Column", - "FieldId" + "DetailsUri", + "Status" ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeDefaultValues": { + "AWS::MediaPackage::Asset": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Condition": { + "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "StaticValues": { - "items": { - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EgressEndpoints": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::Asset.EgressEndpoint" + }, + "markdownDescription": "List of playback endpoints that are available for this asset.", + "title": "EgressEndpoints", + "type": "array" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the asset.", + "title": "Id", + "type": "string" + }, + "PackagingGroupId": { + "markdownDescription": "The ID of the packaging group associated with this asset.", + "title": "PackagingGroupId", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "Unique identifier for this asset, as it's configured in the key provider service.", + "title": "ResourceId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN for the source content in Amazon S3.", + "title": "SourceArn", + "type": "string" + }, + "SourceRoleArn": { + "markdownDescription": "The ARN for the IAM role that provides AWS Elemental MediaPackage access to the Amazon S3 bucket where the source content is stored. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "SourceRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the asset.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", - "title": "StaticValues", - "type": "array" + "required": [ + "Id", + "PackagingGroupId", + "SourceArn", + "SourceRoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::Asset" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeFormatConfiguration": { + "AWS::MediaPackage::Asset.EgressEndpoint": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", + "PackagingConfigurationId": { + "markdownDescription": "The ID of a packaging configuration that's applied to this asset.", + "title": "PackagingConfigurationId", "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" + "Url": { + "markdownDescription": "The URL that's used to request content from this endpoint.", + "title": "Url", + "type": "string" } }, + "required": [ + "PackagingConfigurationId", + "Url" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeHierarchy": { + "AWS::MediaPackage::Channel": { "additionalProperties": false, "properties": { - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Any descriptive information that you want to add to the channel for future identification purposes.", + "title": "Description", + "type": "string" + }, + "EgressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", + "markdownDescription": "Configures egress access logs.", + "title": "EgressAccessLogs" + }, + "HlsIngest": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.HlsIngest", + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "HlsIngest" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the channel.", + "title": "Id", + "type": "string" + }, + "IngressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", + "markdownDescription": "Configures ingress access logs.", + "title": "IngressAccessLogs" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the channel.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "required": [ + "Id" + ], + "type": "object" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", + "Type": { + "enum": [ + "AWS::MediaPackage::Channel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HierarchyId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeParameter": { + "AWS::MediaPackage::Channel.HlsIngest": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the date-time parameter.", - "title": "Name", - "type": "string" - }, - "Values": { + "ingestEndpoints": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MediaPackage::Channel.IngestEndpoint" }, - "markdownDescription": "The values for the date-time parameter.", - "title": "Values", + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "ingestEndpoints", "type": "array" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeParameterDeclaration": { + "AWS::MediaPackage::Channel.IngestEndpoint": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "Id": { + "markdownDescription": "The endpoint identifier.", + "title": "Id", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Password": { + "markdownDescription": "The system-generated password for WebDAV input authentication.", + "title": "Password", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Url": { + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "Url", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "Username": { + "markdownDescription": "The system-generated username for WebDAV input authentication.", + "title": "Username", + "type": "string" } }, "required": [ - "Name" + "Id", + "Password", + "Url", + "Username" ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions": { + "AWS::MediaPackage::Channel.LogConfiguration": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", + "LogGroupName": { + "markdownDescription": "Sets a custom Amazon CloudWatch log group name.", + "title": "LogGroupName", "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration": { + "AWS::MediaPackage::OriginEndpoint": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "Condition": { "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Authorization": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.Authorization", + "markdownDescription": "Parameters for CDN authorization.", + "title": "Authorization" + }, + "ChannelId": { + "markdownDescription": "The ID of the channel associated with this endpoint.", + "title": "ChannelId", + "type": "string" + }, + "CmafPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafPackage", + "markdownDescription": "Parameters for Common Media Application Format (CMAF) packaging.", + "title": "CmafPackage" + }, + "DashPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashPackage", + "markdownDescription": "Parameters for DASH packaging.", + "title": "DashPackage" + }, + "Description": { + "markdownDescription": "Any descriptive information that you want to add to the endpoint for future identification purposes.", + "title": "Description", + "type": "string" + }, + "HlsPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsPackage", + "markdownDescription": "Parameters for Apple HLS packaging.", + "title": "HlsPackage" + }, + "Id": { + "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", + "title": "Id", + "type": "string" + }, + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint.", + "title": "ManifestName", + "type": "string" + }, + "MssPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssPackage", + "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", + "title": "MssPackage" + }, + "Origination": { + "markdownDescription": "Controls video origination from this endpoint.\n\nValid values:\n\n- `ALLOW` - enables this endpoint to serve content to requesting devices.\n- `DENY` - prevents this endpoint from serving content. Denying origination is helpful for harvesting live-to-VOD assets. For more information about harvesting and origination, see [Live-to-VOD Requirements](https://docs.aws.amazon.com/mediapackage/latest/ug/ltov-reqmts.html) .", + "title": "Origination", + "type": "string" + }, + "StartoverWindowSeconds": { + "markdownDescription": "Maximum duration (seconds) of content to retain for startover playback. Omit this attribute or enter `0` to indicate that startover playback is disabled for this endpoint.", + "title": "StartoverWindowSeconds", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the endpoint.", + "title": "Tags", + "type": "array" + }, + "TimeDelaySeconds": { + "markdownDescription": "Minimum duration (seconds) of delay to enforce on the playback of live content. Omit this attribute or enter `0` to indicate that there is no time delay in effect for this endpoint.", + "title": "TimeDelaySeconds", + "type": "number" + }, + "Whitelist": { + "items": { + "type": "string" + }, + "markdownDescription": "The IP addresses that can access this endpoint.", + "title": "Whitelist", + "type": "array" + } + }, + "required": [ + "ChannelId", + "Id" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::OriginEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalDefaultValues": { + "AWS::MediaPackage::OriginEndpoint.Authorization": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "CdnIdentifierSecret": { + "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that your Content Delivery Network (CDN) uses for authorization to access your endpoint.", + "title": "CdnIdentifierSecret", + "type": "string" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "SecretsRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", + "title": "SecretsRoleArn", + "type": "string" } }, + "required": [ + "CdnIdentifierSecret", + "SecretsRoleArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalParameter": { + "AWS::MediaPackage::OriginEndpoint.CmafEncryption": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the decimal parameter.", - "title": "Name", + "ConstantInitializationVector": { + "markdownDescription": "An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then AWS Elemental MediaPackage creates the constant initialization vector (IV).", + "title": "ConstantInitializationVector", "type": "string" }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the decimal parameter.", - "title": "Values", - "type": "array" + "EncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "EncryptionMethod", + "type": "string" + }, + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "Name", - "Values" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalParameterDeclaration": { + "AWS::MediaPackage::OriginEndpoint.CmafPackage": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "MappedDataSetParameters": { + "HlsManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsManifest" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", "type": "array" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source segment duration.", + "title": "SegmentDurationSeconds", + "type": "number" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "SegmentPrefix": { + "markdownDescription": "An optional custom string that is prepended to the name of each segment. If not specified, the segment prefix defaults to the ChannelId.", + "title": "SegmentPrefix", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalPlacesConfiguration": { + "AWS::MediaPackage::OriginEndpoint.DashEncryption": { "additionalProperties": false, "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", "type": "number" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "DecimalPlaces" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration": { + "AWS::MediaPackage::OriginEndpoint.DashPackage": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "AdTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_ADVERTISEMENT` .\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_PLACEMENT_OPPORTUNITY` .\n- `SPLICE_INSERT` .", + "title": "AdTriggers", + "type": "array" + }, + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", + "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "IncludeIframeOnlyStream": { + "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "ManifestLayout": { + "markdownDescription": "Determines the position of some tags in the manifest.\n\nValid values:\n\n- `FULL` - Elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` .\n- `COMPACT` - Duplicate elements are combined and presented at the `AdaptationSet` level.", + "title": "ManifestLayout", + "type": "string" + }, + "ManifestWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each manifest.", + "title": "ManifestWindowSeconds", "type": "number" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" + }, + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", + "title": "MinUpdatePeriodSeconds", + "type": "number" + }, + "PeriodTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", + "title": "PeriodTriggers", + "type": "array" + }, + "Profile": { + "markdownDescription": "The DASH profile for the output.\n\nValid values:\n\n- `NONE` - The output doesn't use a DASH profile.\n- `HBBTV_1_5` - The output is compliant with HbbTV v1.5.\n- `DVB_DASH_2014` - The output is compliant with DVB-DASH 2014.", + "title": "Profile", + "type": "string" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValid values:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .\n- `NUMBER_WITH_DURATION` - The `$Number$` variable is used in the `media` URL and a `duration` attribute is added to the segment template. The `SegmentTimeline` object is removed from the representation.\n- `TIME_WITH_TIMELINE` - The `$Time$` variable is used in the `media` URL. The value of this variable is the timestamp of when the segment starts. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", + "title": "SegmentTemplateFormat", + "type": "string" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" + }, + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest.", + "title": "SuggestedPresentationDelaySeconds", + "type": "number" + }, + "UtcTiming": { + "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", + "title": "UtcTiming", + "type": "string" + }, + "UtcTimingUri": { + "markdownDescription": "Specifies the value attribute of the UTC timing field when utcTiming is set to HTTP-ISO or HTTP-HEAD.", + "title": "UtcTimingUri", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions": { + "AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration": { "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", - "type": "string" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterControlConfiguration": { + "AWS::MediaPackage::OriginEndpoint.HlsEncryption": { "additionalProperties": false, "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks.", + "title": "ConstantInitializationVector", + "type": "string" }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", + "EncryptionMethod": { + "markdownDescription": "HLS encryption type.", + "title": "EncryptionMethod", "type": "string" + }, + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" + }, + "RepeatExtXKey": { + "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", + "title": "RepeatExtXKey", + "type": "boolean" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "ControlOptions", - "Title" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterControlOptions": { + "AWS::MediaPackage::OriginEndpoint.HlsManifest": { "additionalProperties": false, "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" + "AdMarkers": { + "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", + "type": "string" }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" + "AdTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", + "title": "AdTriggers", + "type": "array" }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", + "type": "string" }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" + "Id": { + "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", + "title": "Id", + "type": "string" }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" + "IncludeIframeOnlyStream": { + "markdownDescription": "Applies to stream sets with a single video track only. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint. The manifestName on the HLSManifest object overrides the manifestName that you provided on the originEndpoint object.", + "title": "ManifestName", + "type": "string" }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "PlaylistType": { + "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", + "title": "PlaylistType", + "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "PlaylistWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each parent manifest.", + "title": "PlaylistWindowSeconds", + "type": "number" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "Url": { + "markdownDescription": "The URL that's used to request this manifest from this endpoint.", + "title": "Url", "type": "string" } }, + "required": [ + "Id" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterListControlOptions": { + "AWS::MediaPackage::OriginEndpoint.HlsPackage": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "AdMarkers": { + "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", + "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "AdTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", + "title": "AdTriggers", + "type": "array" }, - "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "IncludeDvbSubtitles": { + "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", + "title": "IncludeDvbSubtitles", + "type": "boolean" + }, + "IncludeIframeOnlyStream": { + "markdownDescription": "Only applies to stream sets with a single video track. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "PlaylistType": { + "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", + "title": "PlaylistType", + "type": "string" + }, + "PlaylistWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each parent manifest.", + "title": "PlaylistWindowSeconds", + "type": "number" + }, + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" + }, + "UseAudioRenditionGroup": { + "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", + "title": "UseAudioRenditionGroup", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" - } - }, - "required": [ - "CanvasSizeOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration": { + "AWS::MediaPackage::OriginEndpoint.MssEncryption": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "CanvasSizeOptions" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration": { + "AWS::MediaPackage::OriginEndpoint.MssPackage": { "additionalProperties": false, "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" + "ManifestWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each manifest.", + "title": "ManifestWindowSeconds", + "type": "number" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultNewSheetConfiguration": { + "AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption.", + "title": "CertificateArn", + "type": "string" }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration", + "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", + "title": "EncryptionContractConfiguration" }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", + "ResourceId": { + "markdownDescription": "Unique identifier for this endpoint, as it is configured in the key provider service.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. This role must have a trust policy that allows AWS Elemental MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "RoleArn", + "type": "string" + }, + "SystemIds": { + "items": { + "type": "string" + }, + "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", + "title": "SystemIds", + "type": "array" + }, + "Url": { + "markdownDescription": "URL for the key provider\u2019s key retrieval API endpoint. Must start with https://.", + "title": "Url", "type": "string" } }, + "required": [ + "ResourceId", + "RoleArn", + "SystemIds", + "Url" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration": { + "AWS::MediaPackage::OriginEndpoint.StreamSelection": { "additionalProperties": false, "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" + "MaxVideoBitsPerSecond": { + "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", + "title": "MaxVideoBitsPerSecond", + "type": "number" + }, + "MinVideoBitsPerSecond": { + "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", + "title": "MinVideoBitsPerSecond", + "type": "number" + }, + "StreamOrder": { + "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", + "title": "StreamOrder", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions": { + "AWS::MediaPackage::PackagingConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CmafPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafPackage", + "markdownDescription": "Parameters for CMAF packaging.", + "title": "CmafPackage" + }, + "DashPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashPackage", + "markdownDescription": "Parameters for DASH-ISO packaging.", + "title": "DashPackage" + }, + "HlsPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsPackage", + "markdownDescription": "Parameters for Apple HLS packaging.", + "title": "HlsPackage" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the packaging configuration.", + "title": "Id", + "type": "string" + }, + "MssPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssPackage", + "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", + "title": "MssPackage" + }, + "PackagingGroupId": { + "markdownDescription": "The ID of the packaging group associated with this packaging configuration.", + "title": "PackagingGroupId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the packaging configuration.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id", + "PackagingGroupId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::PackagingConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration": { + "AWS::MediaPackage::PackagingConfiguration.CmafEncryption": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "CanvasSizeOptions" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultSliderControlOptions": { + "AWS::MediaPackage::PackagingConfiguration.CmafPackage": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "HlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" + }, + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", + "type": "array" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "IncludeEncoderConfigurationInSegments": { + "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", + "title": "IncludeEncoderConfigurationInSegments", + "type": "boolean" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", "type": "number" - }, - "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", - "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" + "HlsManifests" ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultTextAreaControlOptions": { - "additionalProperties": false, - "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultTextFieldControlOptions": { + "AWS::MediaPackage::PackagingConfiguration.DashEncryption": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DestinationParameterValueConfiguration": { + "AWS::MediaPackage::PackagingConfiguration.DashManifest": { "additionalProperties": false, "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" + "ManifestLayout": { + "markdownDescription": "Determines the position of some tags in the Media Presentation Description (MPD). When set to `FULL` , elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` . When set to `COMPACT` , duplicate elements are combined and presented at the AdaptationSet level.", + "title": "ManifestLayout", + "type": "string" }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", "type": "string" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", + "Profile": { + "markdownDescription": "The DASH profile type. When set to `HBBTV_1_5` , the content is compliant with HbbTV 1.5.", + "title": "Profile", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", + "ScteMarkersSource": { + "markdownDescription": "The source of scte markers used.\n\nValue description:\n\n- `SEGMENTS` - The scte markers are sourced from the segments of the ingested content.\n- `MANIFEST` - the scte markers are sourced from the manifest of the ingested content. The MANIFEST value is compatible with source HLS playlists using the SCTE-35 Enhanced syntax ( `EXT-OATCLS-SCTE35` tags). SCTE-35 Elemental and SCTE-35 Daterange syntaxes are not supported with this option.", + "title": "ScteMarkersSource", "type": "string" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DimensionField": { + "AWS::MediaPackage::PackagingConfiguration.DashPackage": { "additionalProperties": false, "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" + "DashManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashManifest" + }, + "markdownDescription": "A list of DASH manifest configurations that are available from this endpoint.", + "title": "DashManifests", + "type": "array" }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DonutCenterOptions": { - "additionalProperties": false, - "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", + "IncludeEncoderConfigurationInSegments": { + "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", + "title": "IncludeEncoderConfigurationInSegments", + "type": "boolean" + }, + "IncludeIframeOnlyStream": { + "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "PeriodTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", + "title": "PeriodTriggers", + "type": "array" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to `NUMBER_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to `TIME_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to `NUMBER_WITH_DURATION` , only a duration is included in each SegmentTemplate, with $Number$ media URLs.", + "title": "SegmentTemplateFormat", "type": "string" } }, + "required": [ + "DashManifests" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DonutOptions": { + "AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration": { "additionalProperties": false, "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" + "PresetSpeke20Audio": { + "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", + "title": "PresetSpeke20Audio", + "type": "string" }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" + "PresetSpeke20Video": { + "markdownDescription": "A collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", + "title": "PresetSpeke20Video", + "type": "string" } }, + "required": [ + "PresetSpeke20Audio", + "PresetSpeke20Video" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DrillDownFilter": { + "AWS::MediaPackage::PackagingConfiguration.HlsEncryption": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks. If you don't specify a constant initialization vector (IV), AWS Elemental MediaPackage periodically rotates the IV.", + "title": "ConstantInitializationVector", + "type": "string" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" + "EncryptionMethod": { + "markdownDescription": "HLS encryption type.", + "title": "EncryptionMethod", + "type": "string" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DropDownControlDisplayOptions": { + "AWS::MediaPackage::PackagingConfiguration.HlsManifest": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "AdMarkers": { + "markdownDescription": "This setting controls ad markers in the packaged content.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", + "type": "string" }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" + "IncludeIframeOnlyStream": { + "markdownDescription": "Applies to stream sets with a single video track only. When enabled, the output includes an additional I-frame only stream, along with the other tracks.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DynamicDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", + "type": "string" }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" + "RepeatExtXKey": { + "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", + "title": "RepeatExtXKey", + "type": "boolean" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", + "title": "StreamSelection" } }, - "required": [ - "DefaultValueColumn" - ], "type": "object" }, - "AWS::QuickSight::Analysis.EmptyVisual": { + "AWS::MediaPackage::PackagingConfiguration.HlsPackage": { "additionalProperties": false, "properties": { - "Actions": { + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "HlsManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", "type": "array" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", - "title": "DataSetIdentifier", - "type": "string" + "IncludeDvbSubtitles": { + "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", + "title": "IncludeDvbSubtitles", + "type": "boolean" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "UseAudioRenditionGroup": { + "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", + "title": "UseAudioRenditionGroup", + "type": "boolean" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "HlsManifests" ], "type": "object" }, - "AWS::QuickSight::Analysis.Entity": { + "AWS::MediaPackage::PackagingConfiguration.MssEncryption": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", - "type": "string" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ExcludePeriodConfiguration": { + "AWS::MediaPackage::PackagingConfiguration.MssManifest": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", - "type": "number" - }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", "type": "string" }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", - "type": "string" + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", + "title": "StreamSelection" } }, - "required": [ - "Amount", - "Granularity" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ExplicitHierarchy": { + "AWS::MediaPackage::PackagingConfiguration.MssPackage": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", - "type": "array" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "DrillDownFilters": { + "MssManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssManifest" }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", + "markdownDescription": "A list of Microsoft Smooth manifest configurations that are available from this endpoint.", + "title": "MssManifests", "type": "array" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", - "type": "string" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" } }, "required": [ - "Columns", - "HierarchyId" + "MssManifests" ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldBasedTooltip": { + "AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration", + "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", + "title": "EncryptionContractConfiguration" + }, + "RoleArn": { + "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "RoleArn", "type": "string" }, - "TooltipFields": { + "SystemIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipItem" + "type": "string" }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", + "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", + "title": "SystemIds", "type": "array" }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", + "Url": { + "markdownDescription": "URL for the key provider's key retrieval API endpoint. Must start with https://.", + "title": "Url", "type": "string" } }, + "required": [ + "RoleArn", + "SystemIds", + "Url" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldLabelType": { + "AWS::MediaPackage::PackagingConfiguration.StreamSelection": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", - "type": "string" + "MaxVideoBitsPerSecond": { + "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", + "title": "MaxVideoBitsPerSecond", + "type": "number" }, - "Visibility": { - "markdownDescription": "The visibility of the field label.", - "title": "Visibility", + "MinVideoBitsPerSecond": { + "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", + "title": "MinVideoBitsPerSecond", + "type": "number" + }, + "StreamOrder": { + "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", + "title": "StreamOrder", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FieldSeriesItem": { + "AWS::MediaPackage::PackagingGroup": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Authorization": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.Authorization", + "markdownDescription": "Parameters for CDN authorization.", + "title": "Authorization" + }, + "EgressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.LogConfiguration", + "markdownDescription": "The configuration parameters for egress access logging.", + "title": "EgressAccessLogs" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the packaging group.", + "title": "Id", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the packaging group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::PackagingGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "AxisBinding", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldSort": { + "AWS::MediaPackage::PackagingGroup.Authorization": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", + "CdnIdentifierSecret": { + "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization.", + "title": "CdnIdentifierSecret", "type": "string" }, - "FieldId": { - "markdownDescription": "The sort configuration target field.", - "title": "FieldId", + "SecretsRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", + "title": "SecretsRoleArn", "type": "string" } }, "required": [ - "Direction", - "FieldId" + "CdnIdentifierSecret", + "SecretsRoleArn" ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldSortOptions": { + "AWS::MediaPackage::PackagingGroup.LogConfiguration": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" - }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" + "LogGroupName": { + "markdownDescription": "Sets a custom Amazon CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/EgressAccessLogs.", + "title": "LogGroupName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FieldTooltipItem": { + "AWS::MediaPackageV2::Channel": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", - "title": "FieldId", + "Condition": { "type": "string" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", - "type": "string" - } - }, - "required": [ - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the channel configuration.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the channel.", + "title": "Description", + "type": "string" + }, + "InputSwitchConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::Channel.InputSwitchConfiguration", + "markdownDescription": "The configuration for input switching based on the media quality confidence score (MQCS) as provided from AWS Elemental MediaLive.", + "title": "InputSwitchConfiguration" + }, + "InputType": { + "markdownDescription": "The input type will be an immutable field which will be used to define whether the channel will allow CMAF ingest or HLS ingest. If unprovided, it will default to HLS to preserve current behavior.\n\nThe allowed values are:\n\n- `HLS` - The HLS streaming specification (which defines M3U8 manifests and TS segments).\n- `CMAF` - The DASH-IF CMAF Ingest specification (which defines CMAF segments with optional DASH manifests).", + "title": "InputType", + "type": "string" + }, + "OutputHeaderConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::Channel.OutputHeaderConfiguration", + "markdownDescription": "The settings for what common media server data (CMSD) headers AWS Elemental MediaPackage includes in responses to the CDN.", + "title": "OutputHeaderConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "required": [ - "ConditionalFormattingOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" + "required": [ + "ChannelGroupName", + "ChannelName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackageV2::Channel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Shape" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapConfiguration": { + "AWS::MediaPackageV2::Channel.IngestEndpoint": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Id": { + "markdownDescription": "The identifier associated with the ingest endpoint of the channel.", + "title": "Id", + "type": "string" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapFieldWells": { - "additionalProperties": false, - "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" + "Url": { + "markdownDescription": "The URL associated with the ingest endpoint of the channel.", + "title": "Url", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting": { + "AWS::MediaPackageV2::Channel.InputSwitchConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", - "title": "FieldId", - "type": "string" - }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" + "MQCSInputSwitching": { + "markdownDescription": "When true, AWS Elemental MediaPackage performs input switching based on the MQCS. Default is true. This setting is valid only when `InputType` is `CMAF` .", + "title": "MQCSInputSwitching", + "type": "boolean" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapSortConfiguration": { + "AWS::MediaPackageV2::Channel.OutputHeaderConfiguration": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the location fields.", - "title": "CategorySort", - "type": "array" + "PublishMQCS": { + "markdownDescription": "When true, AWS Elemental MediaPackage includes the MQCS in responses to the CDN. This setting is valid only when `InputType` is `CMAF` .", + "title": "PublishMQCS", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapVisual": { + "AWS::MediaPackageV2::ChannelGroup": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group.", + "title": "ChannelGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "The configuration for a MediaPackage V2 channel group.", + "title": "Description", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the channel group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ChannelGroupName" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::MediaPackageV2::ChannelGroup" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.Filter": { + "AWS::MediaPackageV2::ChannelPolicy": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" + "Condition": { + "type": "string" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" + "Metadata": { + "type": "object" }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the channel policy.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The name of the channel associated with the channel policy.", + "title": "ChannelName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The policy associated with the channel.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName", + "Policy" + ], + "type": "object" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" + "Type": { + "enum": [ + "AWS::MediaPackageV2::ChannelPolicy" + ], + "type": "string" }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterControl": { + "AWS::MediaPackageV2::OriginEndpoint": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", - "title": "DateTimePicker" + "Condition": { + "type": "string" }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", - "title": "List" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" + "Metadata": { + "type": "object" }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the origin endpoint configuration.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The channel name associated with the origin endpoint.", + "title": "ChannelName", + "type": "string" + }, + "ContainerType": { + "markdownDescription": "The container type associated with the origin endpoint configuration.", + "title": "ContainerType", + "type": "string" + }, + "DashManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashManifestConfiguration" + }, + "markdownDescription": "A DASH manifest configuration.", + "title": "DashManifests", + "type": "array" + }, + "Description": { + "markdownDescription": "The description associated with the origin endpoint.", + "title": "Description", + "type": "string" + }, + "ForceEndpointErrorConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ForceEndpointErrorConfiguration", + "markdownDescription": "The failover settings for the endpoint.", + "title": "ForceEndpointErrorConfiguration" + }, + "HlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration" + }, + "markdownDescription": "The HLS manifests associated with the origin endpoint configuration.", + "title": "HlsManifests", + "type": "array" + }, + "LowLatencyHlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration" + }, + "markdownDescription": "The low-latency HLS (LL-HLS) manifests associated with the origin endpoint.", + "title": "LowLatencyHlsManifests", + "type": "array" + }, + "OriginEndpointName": { + "markdownDescription": "The name of the origin endpoint associated with the origin endpoint configuration.", + "title": "OriginEndpointName", + "type": "string" + }, + "Segment": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Segment", + "markdownDescription": "The segment associated with the origin endpoint.", + "title": "Segment" + }, + "StartoverWindowSeconds": { + "markdownDescription": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", + "title": "StartoverWindowSeconds", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the origin endpoint.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName", + "ContainerType", + "OriginEndpointName" + ], + "type": "object" }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "Type": { + "enum": [ + "AWS::MediaPackageV2::OriginEndpoint" + ], + "type": "string" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterCrossSheetControl": { + "AWS::MediaPackageV2::OriginEndpoint.DashBaseUrl": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "DvbPriority": { + "markdownDescription": "For use with DVB-DASH profiles only. The priority of this location for servings segments. The lower the number, the higher the priority.", + "title": "DvbPriority", + "type": "number" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", + "DvbWeight": { + "markdownDescription": "For use with DVB-DASH profiles only. The weighting for source locations that have the same priority.", + "title": "DvbWeight", + "type": "number" + }, + "ServiceLocation": { + "markdownDescription": "The name of the source location.", + "title": "ServiceLocation", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", + "Url": { + "markdownDescription": "A source location for segments.", + "title": "Url", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId" + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterDateTimePickerControl": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbFontDownload": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", + "FontFamily": { + "markdownDescription": "The `fontFamily` name for subtitles, as described in [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) .", + "title": "FontFamily", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", - "title": "Title", + "MimeType": { + "markdownDescription": "The `mimeType` of the resource that's at the font download URL.\n\nFor information about font MIME types, see the [MPEG-DASH Profile for Transport of ISO BMFF Based DVB Services over IP Based Networks](https://docs.aws.amazon.com/https://dvb.org/wp-content/uploads/2021/06/A168r4_MPEG-DASH-Profile-for-Transport-of-ISO-BMFF-Based-DVB-Services_Draft-ts_103-285-v140_November_2021.pdf) document.", + "title": "MimeType", "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "Url": { + "markdownDescription": "The URL for downloading fonts for subtitles.", + "title": "Url", "type": "string" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterDropDownControl": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbMetricsReporting": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", - "title": "Title", - "type": "string" + "Probability": { + "markdownDescription": "The number of playback devices per 1000 that will send error reports to the reporting URL. This represents the probability that a playback device will be a reporting player for this session.", + "title": "Probability", + "type": "number" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "ReportingUrl": { + "markdownDescription": "The URL where playback devices send error reports.", + "title": "ReportingUrl", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "ReportingUrl" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterGroup": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbSettings": { "additionalProperties": false, "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", - "type": "string" - }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", - "type": "string" - }, - "Filters": { + "ErrorMetrics": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Filter" + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbMetricsReporting" }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", + "markdownDescription": "Playback device error reporting settings.", + "title": "ErrorMetrics", "type": "array" }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" - }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", - "type": "string" + "FontDownload": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbFontDownload", + "markdownDescription": "Subtitle font settings.", + "title": "FontDownload" } }, - "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterListConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashManifestConfiguration": { "additionalProperties": false, "properties": { - "CategoryValues": { + "BaseUrls": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashBaseUrl" }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", + "markdownDescription": "The base URLs to use for retrieving segments.", + "title": "BaseUrls", "type": "array" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "Compactness": { + "markdownDescription": "The layout of the DASH manifest that MediaPackage produces. `STANDARD` indicates a default manifest, which is compacted. `NONE` indicates a full manifest.\n\nFor information about compactness, see [DASH manifest compactness](https://docs.aws.amazon.com/mediapackage/latest/userguide/compacted.html) in the *AWS Elemental MediaPackage v2 User Guide* .", + "title": "Compactness", "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "DrmSignaling": { + "markdownDescription": "Determines how the DASH manifest signals the DRM content.", + "title": "DrmSignaling", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" - } - }, - "required": [ - "MatchOperator" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterListControl": { - "additionalProperties": false, - "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "DvbSettings": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbSettings", + "markdownDescription": "For endpoints that use the DVB-DASH profile only. The font download and error reporting information that you want MediaPackage to pass through to the manifest.", + "title": "DvbSettings" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", + "ManifestName": { + "markdownDescription": "A short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint.", + "title": "ManifestName", "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of the manifest's content.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", - "type": "string" + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" }, - "Title": { - "markdownDescription": "The title of the `FilterListControl` .", - "title": "Title", - "type": "string" + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", + "title": "MinUpdatePeriodSeconds", + "type": "number" }, - "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration": { - "additionalProperties": false, - "properties": { - "SelectedColumns": { + "PeriodTriggers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + "type": "string" }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", + "markdownDescription": "A list of triggers that controls when AWS Elemental MediaPackage separates the MPEG-DASH manifest into multiple periods. Type `ADS` to indicate that AWS Elemental MediaPackage must create periods in the output manifest that correspond to SCTE-35 ad markers in the input source. Leave this value empty to indicate that the manifest is contained all in one period. For more information about periods in the DASH manifest, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/userguide/multi-period.html) .", + "title": "PeriodTriggers", "type": "array" }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", - "type": "string" - }, - "SelectedFields": { + "Profiles": { "items": { "type": "string" }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", + "markdownDescription": "The profile that the output is compliant with.", + "title": "Profiles", "type": "array" + }, + "ProgramInformation": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashProgramInformation", + "markdownDescription": "Details about the content that you want MediaPackage to pass through in the manifest to the playback device.", + "title": "ProgramInformation" + }, + "ScteDash": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteDash", + "markdownDescription": "The SCTE configuration.", + "title": "ScteDash" + }, + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValue description:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", + "title": "SegmentTemplateFormat", + "type": "string" + }, + "SubtitleConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashSubtitleConfiguration", + "markdownDescription": "The configuration for DASH subtitles.", + "title": "SubtitleConfiguration" + }, + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "The amount of time (in seconds) that the player should be from the end of the manifest.", + "title": "SuggestedPresentationDelaySeconds", + "type": "number" + }, + "UtcTiming": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashUtcTiming", + "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", + "title": "UtcTiming" } }, + "required": [ + "ManifestName" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration": { - "additionalProperties": false, - "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilterRelativeDateTimeControl": { + "AWS::MediaPackageV2::OriginEndpoint.DashProgramInformation": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Copyright": { + "markdownDescription": "A copyright statement about the content.", + "title": "Copyright", + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "LanguageCode": { + "markdownDescription": "The language code for this manifest.", + "title": "LanguageCode", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "MoreInformationUrl": { + "markdownDescription": "An absolute URL that contains more information about this content.", + "title": "MoreInformationUrl", + "type": "string" + }, + "Source": { + "markdownDescription": "Information about the content provider.", + "title": "Source", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", + "markdownDescription": "The title for the manifest.", "title": "Title", "type": "string" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterScopeConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashSubtitleConfiguration": { "additionalProperties": false, "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" - }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" + "TtmlConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashTtmlConfiguration", + "markdownDescription": "Settings for TTML subtitles.", + "title": "TtmlConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilterSelectableValues": { + "AWS::MediaPackageV2::OriginEndpoint.DashTtmlConfiguration": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", - "title": "Values", - "type": "array" + "TtmlProfile": { + "markdownDescription": "The profile that MediaPackage uses when signaling subtitles in the manifest. `IMSC` is the default profile. `EBU-TT-D` produces subtitles that are compliant with the EBU-TT-D TTML profile. MediaPackage passes through subtitle styles to the manifest. For more information about EBU-TT-D subtitles, see [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) .", + "title": "TtmlProfile", + "type": "string" } }, + "required": [ + "TtmlProfile" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterSliderControl": { + "AWS::MediaPackageV2::OriginEndpoint.DashUtcTiming": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", - "type": "string" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", - "type": "string" - }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" - }, - "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", - "title": "Title", + "TimingMode": { + "markdownDescription": "The UTC timing mode.", + "title": "TimingMode", "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "TimingSource": { + "markdownDescription": "The the method that the player uses to synchronize to coordinated universal time (UTC) wall clock time.", + "title": "TimingSource", "type": "string" } }, - "required": [ - "FilterControlId", - "MaximumValue", - "MinimumValue", - "SourceFilterId", - "StepSize", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterTextAreaControl": { + "AWS::MediaPackageV2::OriginEndpoint.Encryption": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).", + "title": "ConstantInitializationVector", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", - "type": "string" + "EncryptionMethod": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod", + "markdownDescription": "The encryption method to use.", + "title": "EncryptionMethod" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", - "type": "string" + "KeyRotationIntervalSeconds": { + "markdownDescription": "The interval, in seconds, to rotate encryption keys for the origin endpoint.", + "title": "KeyRotationIntervalSeconds", + "type": "number" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", - "type": "string" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "The SPEKE key provider to use for encryption.", + "title": "SpekeKeyProvider" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "EncryptionMethod", + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterTextFieldControl": { + "AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", + "PresetSpeke20Audio": { + "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", + "title": "PresetSpeke20Audio", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", - "title": "Title", + "PresetSpeke20Video": { + "markdownDescription": "The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint.\n\nA collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", + "title": "PresetSpeke20Video", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "PresetSpeke20Audio", + "PresetSpeke20Video" ], "type": "object" }, - "AWS::QuickSight::Analysis.FontConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", - "type": "string" - }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", + "CmafEncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "CmafEncryptionMethod", "type": "string" }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" - }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", + "TsEncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "TsEncryptionMethod", "type": "string" - }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FontSize": { + "AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration": { "additionalProperties": false, "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", + "ClipStartTime": { + "markdownDescription": "Optionally specify the clip start time for all of your manifest egress requests. When you include clip start time, note that you cannot use clip start time query parameters for this manifest's endpoint URL.", + "title": "ClipStartTime", + "type": "string" + }, + "End": { + "markdownDescription": "Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.", + "title": "End", + "type": "string" + }, + "ManifestFilter": { + "markdownDescription": "Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.", + "title": "ManifestFilter", + "type": "string" + }, + "Start": { + "markdownDescription": "Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.", + "title": "Start", "type": "string" + }, + "TimeDelaySeconds": { + "markdownDescription": "Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.", + "title": "TimeDelaySeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FontWeight": { + "AWS::MediaPackageV2::OriginEndpoint.ForceEndpointErrorConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", - "title": "Name", - "type": "string" + "EndpointErrorConditions": { + "items": { + "type": "string" + }, + "markdownDescription": "The failover conditions for the endpoint. The options are:\n\n- `STALE_MANIFEST` - The manifest stalled and there are no new segments or parts.\n- `INCOMPLETE_MANIFEST` - There is a gap in the manifest.\n- `MISSING_DRM_KEY` - Key rotation is enabled but we're unable to fetch the key for the current key period.\n- `SLATE_INPUT` - The segments which contain slate content are considered to be missing content.", + "title": "EndpointErrorConditions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ForecastComputation": { + "AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "ChildManifestName": { + "markdownDescription": "The name of the child manifest associated with the HLS manifest configuration.", + "title": "ChildManifestName", "type": "string" }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" - }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "ManifestName": { + "markdownDescription": "The name of the manifest associated with the HLS manifest configuration.", + "title": "ManifestName", "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", + "ManifestWindowSeconds": { + "markdownDescription": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", + "title": "ManifestWindowSeconds", "type": "number" }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", + "title": "ProgramDateTimeIntervalSeconds", "type": "number" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" + "ScteHls": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", + "markdownDescription": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", + "title": "ScteHls" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", - "type": "string" + "StartTag": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.StartTag", + "markdownDescription": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", + "title": "StartTag" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Url": { + "markdownDescription": "The URL of the HLS manifest configuration.", + "title": "Url", + "type": "string" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UrlEncodeChildManifest": { + "markdownDescription": "When enabled, MediaPackage URL-encodes the query string for API requests for HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* .", + "title": "UrlEncodeChildManifest", + "type": "boolean" } }, "required": [ - "ComputationId" + "ManifestName" ], "type": "object" }, - "AWS::QuickSight::Analysis.ForecastConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration": { "additionalProperties": false, "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" + "ChildManifestName": { + "markdownDescription": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "ChildManifestName", + "type": "string" }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ForecastScenario": { - "additionalProperties": false, - "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FormatConfiguration": { - "additionalProperties": false, - "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" + "ManifestName": { + "markdownDescription": "A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", + "title": "ManifestName", + "type": "string" }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of the manifest's content.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FreeFormLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", - "type": "array" + "ScteHls": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", + "markdownDescription": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "ScteHls" + }, + "StartTag": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.StartTag", + "markdownDescription": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", + "title": "StartTag" + }, + "Url": { + "markdownDescription": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "Url", + "type": "string" + }, + "UrlEncodeChildManifest": { + "markdownDescription": "When enabled, MediaPackage URL-encodes the query string for API requests for LL-HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* .", + "title": "UrlEncodeChildManifest", + "type": "boolean" } }, "required": [ - "Elements" + "ManifestName" ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElement": { + "AWS::MediaPackageV2::OriginEndpoint.Scte": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" - }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", - "type": "string" - }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" - }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", - "type": "string" - }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" - }, - "RenderingRules": { + "ScteFilter": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementRenderingRule" + "type": "string" }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", + "markdownDescription": "The filter associated with the SCTE-35 configuration.", + "title": "ScteFilter", "type": "array" - }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" - }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", - "type": "string" - }, - "Width": { - "markdownDescription": "The width of an element within a free-form layout.", - "title": "Width", - "type": "string" - }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", - "type": "string" - }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", - "type": "string" } }, - "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle": { + "AWS::MediaPackageV2::OriginEndpoint.ScteDash": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", + "AdMarkerDash": { + "markdownDescription": "Choose how ad markers are included in the packaged content. If you include ad markers in the content stream in your upstream encoders, then you need to inform MediaPackage what to do with the ad markers in the output.\n\nValue description:\n\n- `Binary` - The SCTE-35 marker is expressed as a hex-string (Base64 string) rather than full XML.\n- `XML` - The SCTE marker is expressed fully in XML.", + "title": "AdMarkerDash", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle": { + "AWS::MediaPackageV2::OriginEndpoint.ScteHls": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", + "AdMarkerHls": { + "markdownDescription": "The SCTE-35 HLS ad-marker configuration.", + "title": "AdMarkerHls", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions": { + "AWS::MediaPackageV2::OriginEndpoint.Segment": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Encryption", + "markdownDescription": "Whether to use encryption for the segment.", + "title": "Encryption" + }, + "IncludeIframeOnlyStreams": { + "markdownDescription": "Whether the segment includes I-frame-only streams.", + "title": "IncludeIframeOnlyStreams", + "type": "boolean" + }, + "Scte": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Scte", + "markdownDescription": "The SCTE-35 configuration associated with the segment.", + "title": "Scte" + }, + "SegmentDurationSeconds": { + "markdownDescription": "The duration of the segment, in seconds.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "SegmentName": { + "markdownDescription": "The name of the segment associated with the origin endpoint.", + "title": "SegmentName", "type": "string" + }, + "TsIncludeDvbSubtitles": { + "markdownDescription": "Whether the segment includes DVB subtitles.", + "title": "TsIncludeDvbSubtitles", + "type": "boolean" + }, + "TsUseAudioRenditionGroup": { + "markdownDescription": "Whether the segment is an audio rendition group.", + "title": "TsUseAudioRenditionGroup", + "type": "boolean" } }, - "required": [ - "OptimizedViewPortWidth" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "Elements": { + "DrmSystems": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" + "type": "string" }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", + "markdownDescription": "The DRM solution provider you're using to protect your content during distribution.", + "title": "DrmSystems", "type": "array" + }, + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration", + "markdownDescription": "The encryption contract configuration associated with the SPEKE key provider.", + "title": "EncryptionContractConfiguration" + }, + "ResourceId": { + "markdownDescription": "The unique identifier for the content. The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.\n\nThe following example shows a resource ID: `MovieNight20171126093045`", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.\n\nValid format: `arn:aws:iam::{accountID}:role/{name}` . The following example shows a role ARN: `arn:aws:iam::444455556666:role/SpekeAccess`", + "title": "RoleArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL of the SPEKE key provider.", + "title": "Url", + "type": "string" } }, "required": [ - "Elements" + "DrmSystems", + "EncryptionContractConfiguration", + "ResourceId", + "RoleArn", + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells": { + "AWS::MediaPackageV2::OriginEndpoint.StartTag": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" + "Precise": { + "markdownDescription": "Specify the value for PRECISE within your EXT-X-START tag. Leave blank, or choose false, to use the default value NO. Choose yes to use the value YES.", + "title": "Precise", + "type": "boolean" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "TimeOffset": { + "markdownDescription": "Specify the value for TIME-OFFSET within your EXT-X-START tag. Enter a signed floating point value which, if positive, must be less than the configured manifest duration minus three times the configured segment target duration. If negative, the absolute value must be larger than three times the configured segment target duration, and the absolute value must be smaller than the configured manifest duration.", + "title": "TimeOffset", + "type": "number" } }, + "required": [ + "TimeOffset" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartConfiguration": { + "AWS::MediaPackageV2::OriginEndpointPolicy": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", - "title": "CategoryLabelOptions" + "Condition": { + "type": "string" }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FieldWells" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the origin endpoint policy.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The channel name associated with the origin endpoint policy.", + "title": "ChannelName", + "type": "string" + }, + "OriginEndpointName": { + "markdownDescription": "The name of the origin endpoint associated with the origin endpoint policy.", + "title": "OriginEndpointName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The policy associated with the origin endpoint.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName", + "OriginEndpointName", + "Policy" + ], + "type": "object" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", - "title": "ValueLabelOptions" + "Type": { + "enum": [ + "AWS::MediaPackageV2::OriginEndpointPolicy" + ], + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", - "title": "VisualPalette" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartDataLabelOptions": { + "AWS::MediaStore::Container": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", + "Condition": { "type": "string" }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", - "type": "string" + "Metadata": { + "type": "object" }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLoggingEnabled": { + "markdownDescription": "The state of access logging on the container. This value is `false` by default, indicating that AWS Elemental MediaStore does not send access logs to Amazon CloudWatch Logs. When you enable access logging on the container, MediaStore changes this value to `true` , indicating that the service delivers access logs for objects stored in that container to CloudWatch Logs.", + "title": "AccessLoggingEnabled", + "type": "boolean" + }, + "ContainerName": { + "markdownDescription": "The name for the container. The name must be from 1 to 255 characters. Container names must be unique to your AWS account within a specific region. As an example, you could create a container named `movies` in every region, as long as you don\u2019t have an existing container with that name.", + "title": "ContainerName", + "type": "string" + }, + "CorsPolicy": { + "items": { + "$ref": "#/definitions/AWS::MediaStore::Container.CorsRule" + }, + "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nSets the cross-origin resource sharing (CORS) configuration on a container so that the container can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com to access your AWS Elemental MediaStore container at my.example.container.com by using the browser's XMLHttpRequest capability.\n\nTo enable CORS on a container, you attach a CORS policy to the container. In the CORS policy, you configure rules that identify origins and the HTTP methods that can be executed on your container. The policy can contain up to 398,000 characters. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.\n\nTo learn more about CORS, see [Cross-Origin Resource Sharing (CORS) in AWS Elemental MediaStore](https://docs.aws.amazon.com/mediastore/latest/ug/cors-policy.html) .", + "title": "CorsPolicy", + "type": "array" + }, + "LifecyclePolicy": { + "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nWrites an object lifecycle policy to a container. If the container already has an object lifecycle policy, the service replaces the existing policy with the new policy. It takes up to 20 minutes for the change to take effect.\n\nFor information about how to construct an object lifecycle policy, see [Components of an Object Lifecycle Policy](https://docs.aws.amazon.com/mediastore/latest/ug/policies-object-lifecycle-components.html) .", + "title": "LifecyclePolicy", + "type": "string" + }, + "MetricPolicy": { + "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicy", + "markdownDescription": "The metric policy that is associated with the container. A metric policy allows AWS Elemental MediaStore to send metrics to Amazon CloudWatch. In the policy, you must indicate whether you want MediaStore to send container-level metrics. You can also include rules to define groups of objects that you want MediaStore to send object-level metrics for.\n\nTo view examples of how to construct a metric policy for your use case, see [Example Metric Policies](https://docs.aws.amazon.com/mediastore/latest/ug/policies-metric-examples.html) .", + "title": "MetricPolicy" + }, + "Policy": { + "markdownDescription": "Creates an access policy for the specified container to restrict the users and clients that can access it. For information about the data that is included in an access policy, see the [AWS Identity and Access Management User Guide](https://docs.aws.amazon.com/iam/) .\n\nFor this release of the REST API, you can create only one policy for a container. If you enter `PutContainerPolicy` twice, the second command modifies the existing policy.", + "title": "Policy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ContainerName" + ], + "type": "object" }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", + "Type": { + "enum": [ + "AWS::MediaStore::Container" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartFieldWells": { - "additionalProperties": false, - "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FunnelChartSortConfiguration": { + "AWS::MediaStore::Container.CorsRule": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { + "AllowedHeaders": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "Specifies which headers are allowed in a preflight `OPTIONS` request through the `Access-Control-Request-Headers` header. Each header name that is specified in `Access-Control-Request-Headers` must have a corresponding entry in the rule. Only the headers that were requested are sent back.\n\nThis element can contain only one wildcard character (*).", + "title": "AllowedHeaders", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FunnelChartVisual": { - "additionalProperties": false, - "properties": { - "Actions": { + }, + "AllowedMethods": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.\n\nEach CORS rule must contain at least one `AllowedMethods` and one `AllowedOrigins` element.", + "title": "AllowedMethods", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "AllowedOrigins": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nEach CORS rule must have at least one `AllowedOrigins` element. The string value can include only one wildcard character (*), for example, http://*.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.", + "title": "AllowedOrigins", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GaugeChartConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { + "ExposeHeaders": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nThis element is optional for each rule.", + "title": "ExposeHeaders", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" - }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GaugeChartConfiguration": { - "additionalProperties": false, - "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" - }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" - }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" + "MaxAgeSeconds": { + "markdownDescription": "The time in seconds that your browser caches the preflight response for the specified resource.\n\nA CORS rule can have only one `MaxAgeSeconds` element.", + "title": "MaxAgeSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartFieldWells": { + "AWS::MediaStore::Container.MetricPolicy": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", - "type": "array" + "ContainerLevelMetrics": { + "markdownDescription": "A setting to enable or disable metrics at the container level.", + "title": "ContainerLevelMetrics", + "type": "string" }, - "Values": { + "MetricPolicyRules": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicyRule" }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", - "title": "Values", + "markdownDescription": "A parameter that holds an array of rules that enable metrics at the object level. This parameter is optional, but if you choose to include it, you must also include at least one rule. By default, you can include up to five rules. You can also [request a quota increase](https://docs.aws.amazon.com/servicequotas/home?region=us-east-1#!/services/mediastore/quotas) to allow up to 300 rules per policy.", + "title": "MetricPolicyRules", "type": "array" } }, + "required": [ + "ContainerLevelMetrics" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartOptions": { + "AWS::MediaStore::Container.MetricPolicyRule": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" - }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" - }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "ObjectGroup": { + "markdownDescription": "A path or file name that defines which objects to include in the group. Wildcards (*) are acceptable.", + "title": "ObjectGroup", "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "ObjectGroupName": { + "markdownDescription": "A name that allows you to refer to the object group.", + "title": "ObjectGroupName", + "type": "string" } }, + "required": [ + "ObjectGroup", + "ObjectGroupName" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::MediaTailor::Channel": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" + "Condition": { + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GaugeChartVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", - "title": "ChartConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", - "title": "ConditionalFormatting" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "Audiences": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of audiences defined in channel.", + "title": "Audiences", + "type": "array" + }, + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", + "type": "string" + }, + "FillerSlate": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.SlateSource", + "markdownDescription": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` .", + "title": "FillerSlate" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.LogConfigurationForChannel", + "markdownDescription": "The log configuration.", + "title": "LogConfiguration" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.RequestOutputItem" + }, + "markdownDescription": "The channel's output properties.", + "title": "Outputs", + "type": "array" + }, + "PlaybackMode": { + "markdownDescription": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule.", + "title": "PlaybackMode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the channel. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "Tier": { + "markdownDescription": "The tier for this channel. STANDARD tier channels can contain live programs.", + "title": "Tier", + "type": "string" + }, + "TimeShiftConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.TimeShiftConfiguration", + "markdownDescription": "The configuration for time-shifted viewing.", + "title": "TimeShiftConfiguration" + } + }, + "required": [ + "ChannelName", + "Outputs", + "PlaybackMode" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::MediaTailor::Channel" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialCoordinateBounds": { + "AWS::MediaTailor::Channel.DashPlaylistSettings": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", + "title": "ManifestWindowSeconds", "type": "number" }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "MinBufferTimeSeconds", "type": "number" }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "MinUpdatePeriodSeconds", "type": "number" }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "SuggestedPresentationDelaySeconds", "type": "number" } }, - "required": [ - "East", - "North", - "South", - "West" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapColorScale": { + "AWS::MediaTailor::Channel.HlsPlaylistSettings": { "additionalProperties": false, "properties": { - "Colors": { + "AdMarkupType": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapDataColor" + "type": "string" }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", + "markdownDescription": "Determines the type of SCTE 35 tags to use in ad markup. Specify `DATERANGE` to use `DATERANGE` tags (for live or VOD content). Specify `SCTE35_ENHANCED` to use `EXT-X-CUE-OUT` and `EXT-X-CUE-IN` tags (for VOD content only).", + "title": "AdMarkupType", "type": "array" + }, + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", + "title": "ManifestWindowSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration": { + "AWS::MediaTailor::Channel.LogConfigurationForChannel": { "additionalProperties": false, "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" + "LogTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The log types.", + "title": "LogTypes", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapDataColor": { + "AWS::MediaTailor::Channel.RequestOutputItem": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", + "DashPlaylistSettings": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.DashPlaylistSettings", + "markdownDescription": "DASH manifest configuration parameters.", + "title": "DashPlaylistSettings" + }, + "HlsPlaylistSettings": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.HlsPlaylistSettings", + "markdownDescription": "HLS playlist configuration parameters.", + "title": "HlsPlaylistSettings" + }, + "ManifestName": { + "markdownDescription": "The name of the manifest for the channel. The name appears in the `PlaybackUrl` .", + "title": "ManifestName", + "type": "string" + }, + "SourceGroup": { + "markdownDescription": "A string used to match which `HttpPackageConfiguration` is used for each `VodSource` .", + "title": "SourceGroup", "type": "string" } }, "required": [ - "Color" + "ManifestName", + "SourceGroup" ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells": { + "AWS::MediaTailor::Channel.SlateSource": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", - "type": "array" - }, - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", - "type": "array" + "SourceLocationName": { + "markdownDescription": "The name of the source location where the slate VOD source is stored.", + "title": "SourceLocationName", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", - "title": "Values", - "type": "array" + "VodSourceName": { + "markdownDescription": "The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.", + "title": "VodSourceName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapConfiguration": { + "AWS::MediaTailor::Channel.TimeShiftConfiguration": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "MaxTimeDelaySeconds": { + "markdownDescription": "The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).", + "title": "MaxTimeDelaySeconds", + "type": "number" + } + }, + "required": [ + "MaxTimeDelaySeconds" + ], + "type": "object" + }, + "AWS::MediaTailor::ChannelPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Metadata": { + "type": "object" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "", - "title": "VisualPalette" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelName": { + "markdownDescription": "The name of the channel associated with this Channel Policy.", + "title": "ChannelName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The IAM policy for the channel. IAM policies are used to control access to your channel.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "ChannelName", + "Policy" + ], + "type": "object" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GeospatialMapFieldWells": { - "additionalProperties": false, - "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GeospatialMapStyleOptions": { - "additionalProperties": false, - "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", + "Type": { + "enum": [ + "AWS::MediaTailor::ChannelPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapVisual": { + "AWS::MediaTailor::LiveSource": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "HttpPackageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::LiveSource.HttpPackageConfiguration" + }, + "markdownDescription": "The HTTP package configurations for the live source.", + "title": "HttpPackageConfigurations", + "type": "array" + }, + "LiveSourceName": { + "markdownDescription": "The name that's used to refer to a live source.", + "title": "LiveSourceName", + "type": "string" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the live source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HttpPackageConfigurations", + "LiveSourceName", + "SourceLocationName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaTailor::LiveSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialPointStyleOptions": { + "AWS::MediaTailor::LiveSource.HttpPackageConfiguration": { "additionalProperties": false, "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" + "Path": { + "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", + "title": "Path", + "type": "string" }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" + "SourceGroup": { + "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", + "title": "SourceGroup", + "type": "string" }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", + "Type": { + "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", + "title": "Type", "type": "string" } }, + "required": [ + "Path", + "SourceGroup", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialWindowOptions": { + "AWS::MediaTailor::PlaybackConfiguration": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" + "Condition": { + "type": "string" }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GlobalTableBorderOptions": { - "additionalProperties": false, - "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GradientColor": { - "additionalProperties": false, - "properties": { - "Stops": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientStop" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdConditioningConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdConditioningConfiguration", + "markdownDescription": "The setting that indicates what conditioning MediaTailor will perform on ads that the ad decision server (ADS) returns, and what priority MediaTailor uses when inserting ads.", + "title": "AdConditioningConfiguration" + }, + "AdDecisionServerUrl": { + "markdownDescription": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters.", + "title": "AdDecisionServerUrl", + "type": "string" + }, + "AvailSuppression": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AvailSuppression", + "markdownDescription": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see [Ad Suppression](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", + "title": "AvailSuppression" + }, + "Bumper": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.Bumper", + "markdownDescription": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see [Bumpers](https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html) .", + "title": "Bumper" + }, + "CdnConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration", + "markdownDescription": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management.", + "title": "CdnConfiguration" + }, + "ConfigurationAliases": { + "additionalProperties": true, + "markdownDescription": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see [Domain Variables](https://docs.aws.amazon.com/mediatailor/latest/ug/variables-domain.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "ConfigurationAliases", + "type": "object" + }, + "DashConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.DashConfiguration", + "markdownDescription": "The configuration for a DASH source.", + "title": "DashConfiguration" + }, + "HlsConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration", + "markdownDescription": "The configuration for HLS content.", + "title": "HlsConfiguration" + }, + "InsertionMode": { + "markdownDescription": "The setting that controls whether players can use stitched or guided ad insertion. The default, `STITCHED_ONLY` , forces all player sessions to use stitched (server-side) ad insertion. Choosing `PLAYER_SELECT` allows players to select either stitched or guided ad insertion at session-initialization time. The default for players that do not specify an insertion mode is stitched.", + "title": "InsertionMode", + "type": "string" + }, + "LivePreRollConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration", + "markdownDescription": "The configuration for pre-roll ad insertion.", + "title": "LivePreRollConfiguration" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LogConfiguration", + "markdownDescription": "Defines where AWS Elemental MediaTailor sends logs for the playback configuration.", + "title": "LogConfiguration" + }, + "ManifestProcessingRules": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules", + "markdownDescription": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor.", + "title": "ManifestProcessingRules" + }, + "Name": { + "markdownDescription": "The identifier for the playback configuration.", + "title": "Name", + "type": "string" + }, + "PersonalizationThresholdSeconds": { + "markdownDescription": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to *ad replacement* in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see [Ad Behavior in AWS Elemental MediaTailor](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", + "title": "PersonalizationThresholdSeconds", + "type": "number" + }, + "SlateAdUrl": { + "markdownDescription": "The URL for a video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID playback configurations. For VPAID, the slate is required because MediaTailor provides it in the slots designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video.", + "title": "SlateAdUrl", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the playback configuration. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "TranscodeProfileName": { + "markdownDescription": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support.", + "title": "TranscodeProfileName", + "type": "string" + }, + "VideoContentSourceUrl": { + "markdownDescription": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters.", + "title": "VideoContentSourceUrl", + "type": "string" + } }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", - "type": "array" + "required": [ + "AdDecisionServerUrl", + "Name", + "VideoContentSourceUrl" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaTailor::PlaybackConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GradientStop": { + "AWS::MediaTailor::PlaybackConfiguration.AdConditioningConfiguration": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "StreamingMediaFileConditioning": { + "markdownDescription": "For ads that have media files with streaming delivery and supported file extensions, indicates what transcoding action MediaTailor takes when it first receives these ads from the ADS. `TRANSCODE` indicates that MediaTailor must transcode the ads. `NONE` indicates that you have already transcoded the ads outside of MediaTailor and don't need them transcoded as part of the ad insertion workflow. For more information about ad conditioning see [Using preconditioned ads](https://docs.aws.amazon.com/mediatailor/latest/ug/precondition-ads.html) in the AWS Elemental MediaTailor user guide.", + "title": "StreamingMediaFileConditioning", "type": "string" - }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", - "type": "number" - }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", - "type": "number" } }, "required": [ - "GradientOffset" + "StreamingMediaFileConditioning" ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions": { + "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" + "Enabled": { + "markdownDescription": "Enables ad marker passthrough for your configuration.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.AdsInteractionLog": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "ExcludeEventTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration.", + "title": "ExcludeEventTypes", + "type": "array" }, - "Elements": { + "PublishOptInEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutElement" + "type": "string" }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", + "markdownDescription": "Indicates that MediaTailor emits `RAW_ADS_RESPONSE` logs for playback sessions that are initialized with this configuration.", + "title": "PublishOptInEventTypes", "type": "array" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutElement": { + "AWS::MediaTailor::PlaybackConfiguration.AvailSuppression": { "additionalProperties": false, "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", - "type": "number" - }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", + "FillPolicy": { + "markdownDescription": "Defines the policy to apply to the avail suppression mode. `BEHIND_LIVE_EDGE` will always use the full avail suppression policy. `AFTER_LIVE_EDGE` mode can be used to invoke partial ad break fills when a session starts mid-break.", + "title": "FillPolicy", "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "Mode": { + "markdownDescription": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to `BEHIND_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to `AFTER_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value.", + "title": "Mode", "type": "string" }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" - }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", - "type": "number" + "Value": { + "markdownDescription": "A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge.", + "title": "Value", + "type": "string" } }, - "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions": { + "AWS::MediaTailor::PlaybackConfiguration.Bumper": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "EndUrl": { + "markdownDescription": "The URL for the end bumper asset.", + "title": "EndUrl", "type": "string" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", + "StartUrl": { + "markdownDescription": "The URL for the start bumper asset.", + "title": "StartUrl", "type": "string" } }, - "required": [ - "ResizeOption" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GrowthRateComputation": { + "AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "AdSegmentUrlPrefix": { + "markdownDescription": "A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor. ** .amazonaws.com. Then specify the rule's name in this `AdSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments.", + "title": "AdSegmentUrlPrefix", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "ContentSegmentUrlPrefix": { + "markdownDescription": "A content delivery network (CDN) to cache content segments, so that content requests don\u2019t always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this `ContentSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments.", + "title": "ContentSegmentUrlPrefix", "type": "string" - }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.DashConfiguration": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" + "ManifestEndpointPrefix": { + "markdownDescription": "The URL generated by MediaTailor to initiate a playback session. The session uses server-side reporting. This setting is ignored in PUT operations.", + "title": "ManifestEndpointPrefix", + "type": "string" }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", + "MpdLocation": { + "markdownDescription": "The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are `DISABLED` and `EMT_DEFAULT` . The `EMT_DEFAULT` setting enables the inclusion of the tag and is the default value.", + "title": "MpdLocation", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" + "OriginManifestType": { + "markdownDescription": "The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to `SINGLE_PERIOD` . The default setting is `MULTI_PERIOD` . For multi-period manifests, omit this setting or set it to `MULTI_PERIOD` .", + "title": "OriginManifestType", + "type": "string" } }, - "required": [ - "Layout", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells": { + "AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", - "type": "array" - }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The values field well of a heat map.", - "title": "Values", - "type": "array" + "ManifestEndpointPrefix": { + "markdownDescription": "The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting.", + "title": "ManifestEndpointPrefix", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration": { "additionalProperties": false, "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" - }, - "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", - "title": "SortConfiguration" + "AdDecisionServerUrl": { + "markdownDescription": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters.", + "title": "AdDecisionServerUrl", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.HeatMapFieldWells": { - "additionalProperties": false, - "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "MaxDurationSeconds": { + "markdownDescription": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns.", + "title": "MaxDurationSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapSortConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.LogConfiguration": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" + "AdsInteractionLog": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdsInteractionLog", + "markdownDescription": "Settings for customizing what events are included in logs for interactions with the ad decision server (ADS).", + "title": "AdsInteractionLog" }, - "HeatMapColumnSort": { + "EnabledLoggingStrategies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", + "markdownDescription": "The method used for collecting logs from AWS Elemental MediaTailor. `LEGACY_CLOUDWATCH` indicates that MediaTailor is sending logs directly to Amazon CloudWatch Logs. `VENDED_LOGS` indicates that MediaTailor is sending logs to CloudWatch, which then vends the logs to your destination of choice. Supported destinations are CloudWatch Logs log group, Amazon S3 bucket, and Amazon Data Firehose stream.", + "title": "EnabledLoggingStrategies", "type": "array" }, - "HeatMapRowItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" + "ManifestServiceInteractionLog": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestServiceInteractionLog", + "markdownDescription": "Settings for customizing what events are included in logs for interactions with the origin server.", + "title": "ManifestServiceInteractionLog" }, - "HeatMapRowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", - "type": "array" + "PercentEnabled": { + "markdownDescription": "The percentage of session logs that MediaTailor sends to your configured log destination. For example, if your playback configuration has 1000 sessions and `percentEnabled` is set to `60` , MediaTailor sends logs for 600 of the sessions to CloudWatch Logs. MediaTailor decides at random which of the playback configuration sessions to send logs for. If you want to view logs for a specific session, you can use the [debug log mode](https://docs.aws.amazon.com/mediatailor/latest/ug/debug-log-mode.html) .\n\nValid values: `0` - `100`", + "title": "PercentEnabled", + "type": "number" } }, + "required": [ + "PercentEnabled" + ], "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapVisual": { + "AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "AdMarkerPassthrough": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough", + "markdownDescription": "For HLS, when set to `true` , MediaTailor passes through `EXT-X-CUE-IN` , `EXT-X-CUE-OUT` , and `EXT-X-SPLICEPOINT-SCTE35` ad markers from the origin manifest to the MediaTailor personalized manifest.\n\nNo logic is applied to these ad markers. For example, if `EXT-X-CUE-OUT` has a value of `60` , but no ads are filled for that ad break, MediaTailor will not set the value to `0` .", + "title": "AdMarkerPassthrough" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.HistogramAggregatedFieldWells": { + "AWS::MediaTailor::PlaybackConfiguration.ManifestServiceInteractionLog": { "additionalProperties": false, "properties": { - "Values": { + "ExcludeEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", - "title": "Values", + "markdownDescription": "Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration.", + "title": "ExcludeEventTypes", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HistogramBinOptions": { + "AWS::MediaTailor::SourceLocation": { "additionalProperties": false, "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" - }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" - }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", + "Condition": { "type": "string" }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.HistogramConfiguration": { - "additionalProperties": false, - "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", - "title": "Tooltip" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", - "title": "VisualPalette" + "Metadata": { + "type": "object" }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "AccessConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.AccessConfiguration", + "markdownDescription": "The access configuration for the source location.", + "title": "AccessConfiguration" + }, + "DefaultSegmentDeliveryConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration", + "markdownDescription": "The default segment delivery configuration.", + "title": "DefaultSegmentDeliveryConfiguration" + }, + "HttpConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.HttpConfiguration", + "markdownDescription": "The HTTP configuration for the source location.", + "title": "HttpConfiguration" + }, + "SegmentDeliveryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration" + }, + "markdownDescription": "The segment delivery configurations for the source location.", + "title": "SegmentDeliveryConfigurations", + "type": "array" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the source location. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HttpConfiguration", + "SourceLocationName" + ], + "type": "object" }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "Type": { + "enum": [ + "AWS::MediaTailor::SourceLocation" + ], + "type": "string" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "YAxisDisplayOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.HistogramFieldWells": { + "AWS::MediaTailor::SourceLocation.AccessConfiguration": { "additionalProperties": false, "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" + "AccessType": { + "markdownDescription": "The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` .\n\n`S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name.\n\nBefore you can use `S3_SIGV4` , you must meet these requirements:\n\n\u2022 You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide.\n\n\u2022 The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations.\n\n\u2022 The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations.", + "title": "AccessType", + "type": "string" + }, + "SecretsManagerAccessTokenConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration", + "markdownDescription": "AWS Secrets Manager access token configuration parameters.", + "title": "SecretsManagerAccessTokenConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HistogramVisual": { + "AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", - "title": "ChartConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "BaseUrl": { + "markdownDescription": "The hostname of the server that will be used to serve segments. This string must include the protocol, such as *https://* .", + "title": "BaseUrl", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.InsightConfiguration": { + "AWS::MediaTailor::SourceLocation.HttpConfiguration": { "additionalProperties": false, "properties": { - "Computations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Computation" - }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", - "type": "array" - }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" + "BaseUrl": { + "markdownDescription": "The base URL for the source location host server. This string must include the protocol, such as *https://* .", + "title": "BaseUrl", + "type": "string" } }, + "required": [ + "BaseUrl" + ], "type": "object" }, - "AWS::QuickSight::Analysis.InsightVisual": { + "AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", + "HeaderName": { + "markdownDescription": "The name of the HTTP header used to supply the access token in requests to the source location.", + "title": "HeaderName", "type": "string" }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.", + "title": "SecretArn", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "SecretStringKey": { + "markdownDescription": "The AWS Secrets Manager [SecretString](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html#SecretsManager-CreateSecret-request-SecretString.html) key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.", + "title": "SecretStringKey", "type": "string" } }, - "required": [ - "DataSetIdentifier", - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.IntegerDefaultValues": { + "AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "BaseUrl": { + "markdownDescription": "The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as `https://example.com/some/path` . To use a relative URL specify the relative path, such as `/some/path*` .", + "title": "BaseUrl", + "type": "string" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", - "type": "array" + "Name": { + "markdownDescription": "A unique identifier used to distinguish between multiple segment delivery configurations in a source location.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.IntegerParameter": { + "AWS::MediaTailor::VodSource": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the integer parameter.", - "title": "Name", + "Condition": { "type": "string" }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the integer parameter.", - "title": "Values", - "type": "array" - } - }, - "required": [ - "Name", - "Values" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.IntegerParameterDeclaration": { - "additionalProperties": false, - "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HttpPackageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::VodSource.HttpPackageConfiguration" + }, + "markdownDescription": "The HTTP package configurations for the VOD source.", + "title": "HttpPackageConfigurations", + "type": "array" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location that the VOD source is associated with.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the VOD source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "VodSourceName": { + "markdownDescription": "The name of the VOD source.", + "title": "VodSourceName", + "type": "string" + } }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "required": [ + "HttpPackageConfigurations", + "SourceLocationName", + "VodSourceName" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Type": { + "enum": [ + "AWS::MediaTailor::VodSource" + ], "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" } }, "required": [ - "Name", - "ParameterValueType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration": { + "AWS::MediaTailor::VodSource.HttpPackageConfiguration": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" - }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "Path": { + "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", + "title": "Path", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ItemsLimitConfiguration": { - "additionalProperties": false, - "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", - "type": "number" }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", + "SourceGroup": { + "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", + "title": "SourceGroup", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting": { - "additionalProperties": false, - "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting": { - "additionalProperties": false, - "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormattingOption" - }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", - "type": "array" + "Type": { + "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", + "title": "Type", + "type": "string" } }, + "required": [ + "Path", + "SourceGroup", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIConditionalFormattingOption": { + "AWS::MemoryDB::ACL": { "additionalProperties": false, "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" - }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" + "Condition": { + "type": "string" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIConfiguration": { - "additionalProperties": false, - "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" + "Metadata": { + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIFieldWells": { - "additionalProperties": false, - "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "Properties": { + "additionalProperties": false, + "properties": { + "ACLName": { + "markdownDescription": "The name of the Access Control List.", + "title": "ACLName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of users that belong to the Access Control List.", + "title": "UserNames", + "type": "array" + } }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", - "type": "array" + "required": [ + "ACLName" + ], + "type": "object" }, - "TrendGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", - "type": "array" + "Type": { + "enum": [ + "AWS::MemoryDB::ACL" + ], + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a KPI visual.", - "title": "Values", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIOptions": { + "AWS::MemoryDB::Cluster": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "Condition": { "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" - }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" + "Metadata": { + "type": "object" }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" + "Properties": { + "additionalProperties": false, + "properties": { + "ACLName": { + "markdownDescription": "The name of the Access Control List to associate with the cluster .", + "title": "ACLName", + "type": "string" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "When set to true, the cluster will automatically receive minor engine version upgrades after launch.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "ClusterEndpoint": { + "$ref": "#/definitions/AWS::MemoryDB::Cluster.Endpoint", + "markdownDescription": "The cluster 's configuration endpoint.", + "title": "ClusterEndpoint" + }, + "ClusterName": { + "markdownDescription": "The name of the cluster .", + "title": "ClusterName", + "type": "string" + }, + "DataTiering": { + "markdownDescription": "Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html) .", + "title": "DataTiering", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the cluster .", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The name of the engine used by the cluster.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The Redis engine version used by the cluster .", + "title": "EngineVersion", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.", + "title": "FinalSnapshotName", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The mechanism that the cluster uses to discover IP addresses. Returns 'ipv4' when DNS endpoints resolve to IPv4 addresses, or 'ipv6' when DNS endpoints resolve to IPv6 addresses.", + "title": "IpDiscovery", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key used to encrypt the cluster .", + "title": "KmsKeyId", + "type": "string" + }, + "MaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n*Pattern* : `ddd:hh24:mi-ddd:hh24:mi`", + "title": "MaintenanceWindow", + "type": "string" + }, + "MultiRegionClusterName": { + "markdownDescription": "The name of the multi-Region cluster that this cluster belongs to.", + "title": "MultiRegionClusterName", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The IP address type for the cluster. Returns 'ipv4' for IPv4 only, 'ipv6' for IPv6 only, or 'dual-stack' if the cluster supports both IPv4 and IPv6 addressing.", + "title": "NetworkType", + "type": "string" + }, + "NodeType": { + "markdownDescription": "The cluster 's node type.", + "title": "NodeType", + "type": "string" + }, + "NumReplicasPerShard": { + "markdownDescription": "The number of replicas to apply to each shard.\n\n*Default value* : `1`\n\n*Maximum value* : `5`", + "title": "NumReplicasPerShard", + "type": "number" + }, + "NumShards": { + "markdownDescription": "The number of shards in the cluster .", + "title": "NumShards", + "type": "number" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group used by the cluster .", + "title": "ParameterGroupName", + "type": "string" + }, + "Port": { + "markdownDescription": "The port used by the cluster .", + "title": "Port", + "type": "number" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group names to associate with this cluster .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster . The Amazon S3 object name in the ARN cannot contain any commas.", + "title": "SnapshotArns", + "type": "array" + }, + "SnapshotName": { + "markdownDescription": "The name of a snapshot from which to restore data into the new cluster . The snapshot status changes to restoring while the new cluster is being created.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted.", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: 05:00-09:00 If you do not specify this parameter, MemoryDB automatically chooses an appropriate time range.", + "title": "SnapshotWindow", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the ARN of the SNS topic, such as `arn:aws:memorydb:us-east-1:123456789012:mySNSTopic`", + "title": "SnsTopicArn", + "type": "string" + }, + "SnsTopicStatus": { + "markdownDescription": "The SNS topic must be in Active status to receive notifications.", + "title": "SnsTopicStatus", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group used by the cluster .", + "title": "SubnetGroupName", + "type": "string" + }, + "TLSEnabled": { + "markdownDescription": "A flag to indicate if In-transit encryption is enabled.", + "title": "TLSEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ACLName", + "ClusterName", + "NodeType" + ], + "type": "object" }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" + "Type": { + "enum": [ + "AWS::MemoryDB::Cluster" + ], + "type": "string" }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting": { + "AWS::MemoryDB::Cluster.Endpoint": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" + "Address": { + "markdownDescription": "The DNS hostname of the node.", + "title": "Address", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPISortConfiguration": { - "additionalProperties": false, - "properties": { - "TrendGroupSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", - "type": "array" + "Port": { + "markdownDescription": "The port number that the engine is listening on.", + "title": "Port", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPISparklineOptions": { + "AWS::MemoryDB::MultiRegionCluster": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", + "Condition": { "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the multi-Region cluster.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The name of the engine used by the multi-Region cluster.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version of the engine used by the multi-Region cluster.", + "title": "EngineVersion", + "type": "string" + }, + "MultiRegionClusterNameSuffix": { + "markdownDescription": "A suffix to be added to the Multi-Region cluster name. Amazon MemoryDB automatically applies a prefix to the Multi-Region cluster Name when it is created. Each Amazon Region has its own prefix. For instance, a Multi-Region cluster Name created in the US-West-1 region will begin with \"virxk\", along with the suffix name you provide. The suffix guarantees uniqueness of the Multi-Region cluster name across multiple regions.", + "title": "MultiRegionClusterNameSuffix", + "type": "string" + }, + "MultiRegionParameterGroupName": { + "markdownDescription": "The name of the multi-Region parameter group associated with the cluster.", + "title": "MultiRegionParameterGroupName", + "type": "string" + }, + "NodeType": { + "markdownDescription": "The node type used by the multi-Region cluster.", + "title": "NodeType", + "type": "string" + }, + "NumShards": { + "markdownDescription": "The number of shards in the multi-Region cluster.", + "title": "NumShards", + "type": "number" + }, + "TLSEnabled": { + "markdownDescription": "Indiciates if the multi-Region cluster is TLS enabled.", + "title": "TLSEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the multi-Region cluster.", + "title": "Tags", + "type": "array" + }, + "UpdateStrategy": { + "markdownDescription": "The strategy to use for the update operation. Supported values are \"coordinated\" or \"uncoordinated\".", + "title": "UpdateStrategy", + "type": "string" + } + }, + "required": [ + "NodeType" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", + "enum": [ + "AWS::MemoryDB::MultiRegionCluster" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the sparkline.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIVisual": { + "AWS::MemoryDB::ParameterGroup": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The name of the parameter group family that this parameter group is compatible with.", + "title": "Family", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group.", + "title": "ParameterGroupName", + "type": "string" + }, + "Parameters": { + "markdownDescription": "Returns the detailed parameter list for the parameter group.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Family", + "ParameterGroupName" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::MemoryDB::ParameterGroup" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIVisualLayoutOptions": { - "additionalProperties": false, - "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIVisualStandardLayout": { + "AWS::MemoryDB::SubnetGroup": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the subnet group.", + "title": "Description", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the cluster .", + "title": "SubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon VPC subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SubnetGroupName", + "SubnetIds" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The standard layout type.", - "title": "Type", + "enum": [ + "AWS::MemoryDB::SubnetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.LabelOptions": { + "AWS::MemoryDB::User": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The text for the label.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the label.", - "title": "FontConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", - "title": "Visibility", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessString": { + "markdownDescription": "Access permissions string used for this user.", + "title": "AccessString", + "type": "string" + }, + "AuthenticationMode": { + "$ref": "#/definitions/AWS::MemoryDB::User.AuthenticationMode", + "markdownDescription": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* &* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`", + "title": "AuthenticationMode" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserName": { + "markdownDescription": "The name of the user.", + "title": "UserName", + "type": "string" + } + }, + "required": [ + "UserName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MemoryDB::User" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.Layout": { + "AWS::MemoryDB::User.AuthenticationMode": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "The password(s) used for authentication", + "title": "Passwords", + "type": "array" + }, + "Type": { + "markdownDescription": "Indicates whether the user requires a password to authenticate. All newly-created users require a password.", + "title": "Type", + "type": "string" } }, - "required": [ - "Configuration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.LayoutConfiguration": { + "AWS::Neptune::DBCluster": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" + "Condition": { + "type": "string" }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::Neptune::DBCluster.DBClusterRole" + }, + "markdownDescription": "Provides a list of the Amazon Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon services on your behalf.", + "title": "AssociatedRoles", + "type": "array" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in.", + "title": "AvailabilityZones", + "type": "array" + }, + "BackupRetentionPeriod": { + "markdownDescription": "Specifies the number of days for which automatic DB snapshots are retained.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "*If set to `true` , tags are copied to any snapshot of the DB cluster that is created.*", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterParameterGroupName": { + "markdownDescription": "Provides the name of the DB cluster parameter group.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "DBInstanceParameterGroupName": { + "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major engine version upgrade request\n\nNote that when you apply a parameter group using `DBInstanceParameterGroupName` , parameter changes are applied immediately, not during the next maintenance window.\n\n**Constraints** - The DB parameter group must be in the same DB parameter group family as the target DB cluster version.\n- The `DBInstanceParameterGroupName` parameter is only valid for major engine version upgrades.", + "title": "DBInstanceParameterGroupName", + "type": "string" + }, + "DBPort": { + "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nIf not specified, the default port used is `8182` .\n\n> The `Port` property will soon be deprecated. Please update existing templates to use the new `DBPort` property that has the same functionality.", + "title": "DBPort", + "type": "number" + }, + "DBSubnetGroupName": { + "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DeletionProtection": { + "markdownDescription": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies a list of log types that are enabled for export to CloudWatch Logs.", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EngineVersion": { + "markdownDescription": "Indicates the database engine version.", + "title": "EngineVersion", + "type": "string" + }, + "IamAuthEnabled": { + "markdownDescription": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.", + "title": "IamAuthEnabled", + "type": "boolean" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .", + "title": "KmsKeyId", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the `BackupRetentionPeriod` .\n\nAn update may require some interruption.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "RestoreType", + "type": "string" + }, + "ServerlessScalingConfiguration": { + "$ref": "#/definitions/AWS::Neptune::DBCluster.ServerlessScalingConfiguration", + "markdownDescription": "", + "title": "ServerlessScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a `SnapshotIdentifier` , you must specify the same `SnapshotIdentifier` for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the `SnapshotIdentifier` , an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the `SnapshotIdentifier` , and the original DB cluster is deleted.", + "title": "SnapshotIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption and set this property to `true` .\n\nIf you enable the `StorageEncrypted` property but don't specify the `KmsKeyId` property, then the default KMS key is used. If you specify the `KmsKeyId` property, then that KMS key is used to encrypt the database instances in the DB cluster.\n\nIf you specify the `SourceDBClusterIdentifier` property, and don't specify this property or disable it, the value is inherited from the source DB cluster. If the source DB cluster is encrypted, the `KmsKeyId` property from the source cluster is used.\n\nIf you specify the `DBSnapshotIdentifier` and don't specify this property or disable it, the value is inherited from the snapshot and the specified `KmsKeyId` property from the snapshot is used.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to this cluster.", + "title": "Tags", + "type": "array" + }, + "UseLatestRestorableTime": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Provides a list of VPC security groups that the DB cluster belongs to.", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LegendOptions": { + "AWS::Neptune::DBCluster.DBClusterRole": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", - "type": "string" - }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", - "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The custom title for the legend.", - "title": "Title" - }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", + "FeatureName": { + "markdownDescription": "The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see [DescribeDBEngineVersions](https://docs.aws.amazon.com/neptune/latest/userguide/api-other-apis.html#DescribeDBEngineVersions) .", + "title": "FeatureName", "type": "string" }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartAggregatedFieldWells": { + "AWS::Neptune::DBCluster.ServerlessScalingConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", - "type": "array" - }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", - "type": "array" + "MaxCapacity": { + "markdownDescription": "The maximum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on.", + "title": "MaxCapacity", + "type": "number" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "MinCapacity": { + "markdownDescription": "The minimum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on.", + "title": "MinCapacity", + "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartConfiguration": { + "AWS::Neptune::DBClusterParameterGroup": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" - }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", - "title": "DataLabels" - }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "FieldWells" - }, - "ForecastConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastConfiguration" - }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", - "type": "array" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "Condition": { + "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "Series": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SeriesItem" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB cluster parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", + "title": "Family", + "type": "string" + }, + "Name": { + "markdownDescription": "Provides the name of the DB cluster parameter group.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters to set for this DB cluster parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nIf you update the parameters, some interruption may occur depending on which parameters you update.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to this parameter group.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", - "title": "Tooltip" + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" }, "Type": { - "markdownDescription": "Determines the type of the line chart.", - "title": "Type", + "enum": [ + "AWS::Neptune::DBClusterParameterGroup" + ], "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings": { + "AWS::Neptune::DBInstance": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", + "Condition": { "type": "string" }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.LineChartFieldWells": { - "additionalProperties": false, - "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowMajorVersionUpgrade": { + "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. This parameter must be set to true when specifying a value for the EngineVersion parameter that is a different major version than the DB instance's current version.\n\nWhen you change this parameter for an existing DB cluster, CloudFormation will replace your existing DB cluster with a new, empty one that uses the engine version you specified.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "Indicates that minor version patches are applied automatically.\n\nWhen updating this property, some interruptions may occur.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "Specifies the name of the Availability Zone the DB instance is located in.", + "title": "AvailabilityZone", + "type": "string" + }, + "DBClusterIdentifier": { + "markdownDescription": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBInstanceClass": { + "markdownDescription": "Contains the name of the compute and memory capacity class of the DB instance.\n\nIf you update this property, some interruptions may occur.", + "title": "DBInstanceClass", + "type": "string" + }, + "DBInstanceIdentifier": { + "markdownDescription": "Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DBParameterGroupName": { + "markdownDescription": "The name of an existing DB parameter group or a reference to an AWS::Neptune::DBParameterGroup resource created in the template. If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.", + "title": "DBParameterGroupName", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new virtual private cloud (VPC).", + "title": "DBSubnetGroupName", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for this DB instance.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBInstanceClass" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartLineStyleSettings": { + "AWS::Neptune::DBParameterGroup": { "additionalProperties": false, "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", + "Condition": { "type": "string" }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", + "title": "Family", + "type": "string" + }, + "Name": { + "markdownDescription": "Provides the name of the DB parameter group.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to this parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBParameterGroup" + ], "type": "string" }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartMarkerStyleSettings": { + "AWS::Neptune::DBSubnetGroup": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", + "Condition": { "type": "string" }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBSubnetGroupDescription": { + "markdownDescription": "Provides the description of the DB subnet group.", + "title": "DBSubnetGroupDescription", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "The name of the DB subnet group.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the DB subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to the DB subnet group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSubnetGroupDescription", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBSubnetGroup" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.LineChartSeriesSettings": { - "additionalProperties": false, - "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartSortConfiguration": { + "AWS::Neptune::EventSubscription": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "Metadata": { + "type": "object" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A Boolean value indicating if the subscription is enabled. True indicates the subscription is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The topic ARN of the event notification subscription.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The source type for the event notification subscription.", + "title": "SourceType", + "type": "string" + } }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::EventSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartVisual": { + "AWS::NeptuneGraph::Graph": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "A value that indicates whether the graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "GraphName": { + "markdownDescription": "The graph name. For example: `my-graph-1` .\n\nThe name must contain from 1 to 63 letters, numbers, or hyphens, and its first character must be a letter. It cannot end with a hyphen or contain two consecutive hyphens.\n\nIf you don't specify a graph name, a unique graph name is generated for you using the prefix `graph-for` , followed by a combination of `Stack Name` and a `UUID` .", + "title": "GraphName", + "type": "string" + }, + "ProvisionedMemory": { + "markdownDescription": "The provisioned memory-optimized Neptune Capacity Units (m-NCUs) to use for the graph.\n\nMin = 16", + "title": "ProvisionedMemory", + "type": "number" + }, + "PublicConnectivity": { + "markdownDescription": "Specifies whether or not the graph can be reachable over the internet. All access to graphs is IAM authenticated.\n\nWhen the graph is publicly available, its domain name system (DNS) endpoint resolves to the public IP address from the internet. When the graph isn't publicly available, you need to create a `PrivateGraphEndpoint` in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\nDefault: If not specified, the default value is false.\n\n> If enabling public connectivity for the first time, there will be a delay while it is enabled.", + "title": "PublicConnectivity", + "type": "boolean" + }, + "ReplicaCount": { + "markdownDescription": "The number of replicas in other AZs.\n\nDefault: If not specified, the default value is 1.", + "title": "ReplicaCount", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Adds metadata tags to the new graph. These tags can also be used with cost allocation reporting, or used in a Condition statement in an IAM policy.", + "title": "Tags", + "type": "array" + }, + "VectorSearchConfiguration": { + "$ref": "#/definitions/AWS::NeptuneGraph::Graph.VectorSearchConfiguration", + "markdownDescription": "Specifies the number of dimensions for vector embeddings that will be loaded into the graph. The value is specified as `dimension=` value. Max = 65,535", + "title": "VectorSearchConfiguration" + } + }, + "required": [ + "ProvisionedMemory" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::NeptuneGraph::Graph" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions": { + "AWS::NeptuneGraph::Graph.VectorSearchConfiguration": { "additionalProperties": false, "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" - }, - "MissingDataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MissingDataConfiguration" - }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", - "type": "array" + "VectorSearchDimension": { + "markdownDescription": "The number of dimensions.", + "title": "VectorSearchDimension", + "type": "number" } }, + "required": [ + "VectorSearchDimension" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ListControlDisplayOptions": { + "AWS::NeptuneGraph::PrivateGraphEndpoint": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Condition": { + "type": "string" }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ListControlSearchOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", - "title": "Visibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GraphIdentifier": { + "markdownDescription": "The unique identifier of the Neptune Analytics graph.", + "title": "GraphIdentifier", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Security groups to be attached to the private graph endpoint..", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Subnets in which private graph endpoint ENIs are created.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The VPC in which the private graph endpoint needs to be created.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "GraphIdentifier", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NeptuneGraph::PrivateGraphEndpoint" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ListControlSelectAllOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", - "title": "Visibility", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LoadingAnimation": { + "AWS::NetworkFirewall::Firewall": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", - "title": "Visibility", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.LocalNavigationConfiguration": { - "additionalProperties": false, - "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeleteProtection": { + "markdownDescription": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` .", + "title": "DeleteProtection", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description of the firewall.", + "title": "Description", + "type": "string" + }, + "EnabledAnalysisTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "An optional setting indicating the specific traffic analysis types to enable on the firewall.", + "title": "EnabledAnalysisTypes", + "type": "array" + }, + "FirewallName": { + "markdownDescription": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", + "title": "FirewallName", + "type": "string" + }, + "FirewallPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.", + "title": "FirewallPolicyArn", + "type": "string" + }, + "FirewallPolicyChangeProtection": { + "markdownDescription": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", + "title": "FirewallPolicyChangeProtection", + "type": "boolean" + }, + "SubnetChangeProtection": { + "markdownDescription": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", + "title": "SubnetChangeProtection", + "type": "boolean" + }, + "SubnetMappings": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::Firewall.SubnetMapping" + }, + "markdownDescription": "The primary public subnets that Network Firewall is using for the firewall. Network Firewall creates a firewall endpoint in each subnet. Create a subnet mapping for each Availability Zone where you want to use the firewall.\n\nThese subnets are all defined for a single, primary VPC, and each must belong to a different Availability Zone. Each of these subnets establishes the availability of the firewall in its Availability Zone.\n\nIn addition to these subnets, you can define other endpoints for the firewall in `VpcEndpointAssociation` resources. You can define these additional endpoints for any VPC, and for any of the Availability Zones where the firewall resource already has a subnet mapping. VPC endpoint associations give you the ability to protect multiple VPCs using a single firewall, and to define multiple firewall endpoints for a VPC in a single Availability Zone.", + "title": "SubnetMappings", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "FirewallName", + "FirewallPolicyArn", + "SubnetMappings", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::Firewall" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "TargetSheetId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.LongFormatText": { + "AWS::NetworkFirewall::Firewall.SubnetMapping": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "IPAddressType": { + "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", + "title": "IPAddressType", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "SubnetId": { + "markdownDescription": "The unique identifier for the subnet.", + "title": "SubnetId", "type": "string" } }, + "required": [ + "SubnetId" + ], "type": "object" }, - "AWS::QuickSight::Analysis.MappedDataSetParameter": { + "AWS::NetworkFirewall::FirewallPolicy": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", + "Condition": { "type": "string" }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the firewall policy.", + "title": "Description", + "type": "string" + }, + "FirewallPolicy": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy", + "markdownDescription": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", + "title": "FirewallPolicy" + }, + "FirewallPolicyName": { + "markdownDescription": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", + "title": "FirewallPolicyName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "FirewallPolicy", + "FirewallPolicyName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::FirewallPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSetIdentifier", - "DataSetParameterName" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.MaximumLabelType": { + "AWS::NetworkFirewall::FirewallPolicy.ActionDefinition": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the maximum label.", - "title": "Visibility", - "type": "string" + "PublishMetricAction": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction", + "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", + "title": "PublishMetricAction" } }, "type": "object" }, - "AWS::QuickSight::Analysis.MaximumMinimumComputation": { + "AWS::NetworkFirewall::FirewallPolicy.CustomAction": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "ActionDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.ActionDefinition", + "markdownDescription": "The custom action associated with the action name.", + "title": "ActionDefinition" }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", + "ActionName": { + "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", + "title": "ActionName", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId", - "Type" + "ActionDefinition", + "ActionName" ], "type": "object" }, - "AWS::QuickSight::Analysis.MeasureField": { + "AWS::NetworkFirewall::FirewallPolicy.Dimension": { "additionalProperties": false, "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" - }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" - }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" - }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "Value": { + "markdownDescription": "The value to use in the custom metric dimension.", + "title": "Value", + "type": "string" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::QuickSight::Analysis.MetricComparisonComputation": { + "AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "PolicyVariables": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PolicyVariables", + "markdownDescription": "Contains variables that you can use to override default Suricata settings in your firewall policy.", + "title": "PolicyVariables" }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" + "StatefulDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.\n\nValid values of the stateful default action:\n\n- aws:drop_strict\n- aws:drop_established\n- aws:alert_strict\n- aws:alert_established\n\nFor more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "StatefulDefaultActions", + "type": "array" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "StatefulEngineOptions": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions", + "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.", + "title": "StatefulEngineOptions" }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" + "StatefulRuleGroupReferences": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference" + }, + "markdownDescription": "References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.", + "title": "StatefulRuleGroupReferences", + "type": "array" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "StatelessCustomActions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.CustomAction" + }, + "markdownDescription": "The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.", + "title": "StatelessCustomActions", + "type": "array" + }, + "StatelessDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", + "title": "StatelessDefaultActions", + "type": "array" + }, + "StatelessFragmentDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", + "title": "StatelessFragmentDefaultActions", + "type": "array" + }, + "StatelessRuleGroupReferences": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference" + }, + "markdownDescription": "References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.", + "title": "StatelessRuleGroupReferences", + "type": "array" + }, + "TLSInspectionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the TLS inspection configuration.", + "title": "TLSInspectionConfigurationArn", + "type": "string" } }, "required": [ - "ComputationId" + "StatelessDefaultActions", + "StatelessFragmentDefaultActions" ], "type": "object" }, - "AWS::QuickSight::Analysis.MinimumLabelType": { + "AWS::NetworkFirewall::FirewallPolicy.FlowTimeouts": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the minimum label.", - "title": "Visibility", - "type": "string" + "TcpIdleTimeoutSeconds": { + "markdownDescription": "The number of seconds that can pass without any TCP traffic sent through the firewall before the firewall determines that the connection is idle. After the idle timeout passes, data packets are dropped, however, the next TCP SYN packet is considered a new flow and is processed by the firewall. Clients or targets can use TCP keepalive packets to reset the idle timeout.\n\nYou can define the `TcpIdleTimeoutSeconds` value to be between 60 and 6000 seconds. If no value is provided, it defaults to 350 seconds.", + "title": "TcpIdleTimeoutSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.MissingDataConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.IPSet": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", - "type": "string" + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", + "title": "Definition", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NegativeValueConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.PolicyVariables": { "additionalProperties": false, "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", - "type": "string" + "RuleVariables": { + "additionalProperties": false, + "markdownDescription": "The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata `HOME_NET` variable. If your firewall uses an inspection VPC, you might want to override the `HOME_NET` variable with the CIDRs of your home networks. If you don't override `HOME_NET` with your own CIDRs, Network Firewall by default uses the CIDR of your inspection VPC.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.IPSet" + } + }, + "title": "RuleVariables", + "type": "object" } }, - "required": [ - "DisplayMode" - ], "type": "object" }, - "AWS::QuickSight::Analysis.NullValueFormatConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction": { "additionalProperties": false, "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", - "type": "string" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.Dimension" + }, + "markdownDescription": "", + "title": "Dimensions", + "type": "array" } }, "required": [ - "NullString" + "Dimensions" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", - "type": "string" + "FlowTimeouts": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FlowTimeouts", + "markdownDescription": "Configures the amount of time that can pass without any traffic sent through the firewall before the firewall determines that the connection is idle.", + "title": "FlowTimeouts" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", + "RuleOrder": { + "markdownDescription": "Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "RuleOrder", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", + "StreamExceptionPolicy": { + "markdownDescription": "Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.\n\n- `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.\n- `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent\u2014a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action.\n- `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.", + "title": "StreamExceptionPolicy", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumberFormatConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" + "Action": { + "markdownDescription": "The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups.", + "title": "Action", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumericAxisOptions": { + "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" + "Override": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride", + "markdownDescription": "The action that allows the policy owner to override the behavior of the rule group within a policy.", + "title": "Override" }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "Priority": { + "markdownDescription": "An integer setting that indicates the order in which to run the stateful rule groups in a single `FirewallPolicy` . This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings.\n\nNetwork Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.\n\nYou can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.", + "title": "Priority", + "type": "number" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the stateful rule group.", + "title": "ResourceArn", + "type": "string" } }, + "required": [ + "ResourceArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter": { + "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", - "title": "Value", + "Priority": { + "markdownDescription": "An integer setting that indicates the order in which to run the stateless rule groups in a single `FirewallPolicy` . Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.", + "title": "Priority", "type": "number" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the stateless rule group.", + "title": "ResourceArn", + "type": "string" } }, "required": [ - "Column", - "Value" + "Priority", + "ResourceArn" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericEqualityFilter": { + "AWS::NetworkFirewall::LoggingConfiguration": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "EnableMonitoringDashboard": { + "markdownDescription": "", + "title": "EnableMonitoringDashboard", + "type": "boolean" + }, + "FirewallArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", + "title": "FirewallArn", + "type": "string" + }, + "FirewallName": { + "markdownDescription": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", + "title": "FirewallName", + "type": "string" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration", + "markdownDescription": "Defines how AWS Network Firewall performs logging for a `Firewall` .", + "title": "LoggingConfiguration" + } + }, + "required": [ + "FirewallArn", + "LoggingConfiguration" + ], + "type": "object" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "Type": { + "enum": [ + "AWS::NetworkFirewall::LoggingConfiguration" + ], "type": "string" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig": { + "additionalProperties": false, + "properties": { + "LogDestination": { + "additionalProperties": true, + "markdownDescription": "The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.\n\n- For an Amazon S3 bucket, provide the name of the bucket, with key `bucketName` , and optionally provide a prefix, with key `prefix` .\n\nThe following example specifies an Amazon S3 bucket named `DOC-EXAMPLE-BUCKET` and the prefix `alerts` :\n\n`\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }`\n- For a CloudWatch log group, provide the name of the CloudWatch log group, with key `logGroup` . The following example specifies a log group named `alert-log-group` :\n\n`\"LogDestination\": { \"logGroup\": \"alert-log-group\" }`\n- For a Firehose delivery stream, provide the name of the delivery stream, with key `deliveryStream` . The following example specifies a delivery stream named `alert-delivery-stream` :\n\n`\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "LogDestination", + "type": "object" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "LogDestinationType": { + "markdownDescription": "The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.", + "title": "LogDestinationType", "type": "string" }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" + "LogType": { + "markdownDescription": "The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.\n\n- `ALERT` - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the `StatefulRule` property.\n- `FLOW` - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.\n- `TLS` - Logs for events that are related to TLS inspection. For more information, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-configurations.html) in the *Network Firewall Developer Guide* .", + "title": "LogType", + "type": "string" } }, "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" + "LogDestination", + "LogDestinationType", + "LogType" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericFormatConfiguration": { + "AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" - }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" - }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" + "LogDestinationConfigs": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig" + }, + "markdownDescription": "Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups.", + "title": "LogDestinationConfigs", + "type": "array" } }, + "required": [ + "LogDestinationConfigs" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericRangeFilter": { + "AWS::NetworkFirewall::RuleGroup": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "Metadata": { + "type": "object" }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" + "Properties": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.", + "title": "Capacity", + "type": "number" + }, + "Description": { + "markdownDescription": "A description of the rule group.", + "title": "Description", + "type": "string" + }, + "RuleGroup": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleGroup", + "markdownDescription": "An object that defines the rule group rules.", + "title": "RuleGroup" + }, + "RuleGroupName": { + "markdownDescription": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", + "title": "RuleGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Capacity", + "RuleGroupName", + "Type" + ], + "type": "object" }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" + "Type": { + "enum": [ + "AWS::NetworkFirewall::RuleGroup" + ], + "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericRangeFilterValue": { + "AWS::NetworkFirewall::RuleGroup.ActionDefinition": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", - "type": "string" - }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", - "type": "number" + "PublishMetricAction": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PublishMetricAction", + "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", + "title": "PublishMetricAction" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumericSeparatorConfiguration": { + "AWS::NetworkFirewall::RuleGroup.Address": { "additionalProperties": false, "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + "AddressDefinition": { + "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "AddressDefinition", "type": "string" - }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" } }, + "required": [ + "AddressDefinition" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericalAggregationFunction": { + "AWS::NetworkFirewall::RuleGroup.CustomAction": { "additionalProperties": false, "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" + "ActionDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ActionDefinition", + "markdownDescription": "The custom action associated with the action name.", + "title": "ActionDefinition" }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", + "ActionName": { + "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", + "title": "ActionName", "type": "string" } }, + "required": [ + "ActionDefinition", + "ActionName" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericalDimensionField": { + "AWS::NetworkFirewall::RuleGroup.Dimension": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Value": { + "markdownDescription": "The value to use in the custom metric dimension.", + "title": "Value", "type": "string" } }, "required": [ - "Column", - "FieldId" + "Value" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericalMeasureField": { + "AWS::NetworkFirewall::RuleGroup.Header": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" + "Destination": { + "markdownDescription": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "Destination", + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" + "DestinationPort": { + "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", + "title": "DestinationPort", + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Direction": { + "markdownDescription": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination.", + "title": "Direction", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - } - }, - "required": [ - "Column", - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.PaginationConfiguration": { - "additionalProperties": false, - "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", - "type": "number" + "Protocol": { + "markdownDescription": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP.", + "title": "Protocol", + "type": "string" }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", - "type": "number" + "Source": { + "markdownDescription": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "Source", + "type": "string" + }, + "SourcePort": { + "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", + "title": "SourcePort", + "type": "string" } }, "required": [ - "PageNumber", - "PageSize" + "Destination", + "DestinationPort", + "Direction", + "Protocol", + "Source", + "SourcePort" ], "type": "object" }, - "AWS::QuickSight::Analysis.PanelConfiguration": { + "AWS::NetworkFirewall::RuleGroup.IPSet": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", - "title": "BackgroundColor", - "type": "string" - }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", - "type": "string" - }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", - "type": "string" - }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", - "type": "string" - }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" - }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", - "type": "string" - }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", - "type": "string" - }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", - "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", + "title": "Definition", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PanelTitleOptions": { + "AWS::NetworkFirewall::RuleGroup.IPSetReference": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "", - "title": "FontConfiguration" - }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", - "type": "string" - }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", + "ReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to include in the `RuleGroup.IPSetReference` .", + "title": "ReferenceArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterControl": { + "AWS::NetworkFirewall::RuleGroup.MatchAttributes": { "additionalProperties": false, "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" + "DestinationPorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" + }, + "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", + "title": "DestinationPorts", + "type": "array" }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" + }, + "markdownDescription": "The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.", + "title": "Destinations", + "type": "array" }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" + "Protocols": { + "items": { + "type": "number" + }, + "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.", + "title": "Protocols", + "type": "array" }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "SourcePorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" + }, + "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nIf not specified, this matches with any source port.\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", + "title": "SourcePorts", + "type": "array" }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" + }, + "markdownDescription": "The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.", + "title": "Sources", + "type": "array" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "TCPFlags": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.TCPFlagField" + }, + "markdownDescription": "The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).", + "title": "TCPFlags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDateTimePickerControl": { + "AWS::NetworkFirewall::RuleGroup.PortRange": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", - "type": "string" + "FromPort": { + "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", + "title": "FromPort", + "type": "number" }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", - "type": "string" + "ToPort": { + "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", + "title": "ToPort", + "type": "number" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "FromPort", + "ToPort" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDeclaration": { + "AWS::NetworkFirewall::RuleGroup.PortSet": { "additionalProperties": false, "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" - }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" - }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" - }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The set of port ranges.", + "title": "Definition", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDropDownControl": { + "AWS::NetworkFirewall::RuleGroup.PublishMetricAction": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", - "type": "string" - }, - "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", - "type": "string" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Dimension" + }, + "markdownDescription": "", + "title": "Dimensions", + "type": "array" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Dimensions" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterListControl": { + "AWS::NetworkFirewall::RuleGroup.ReferenceSets": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", - "type": "string" + "IPSetReferences": { + "additionalProperties": false, + "markdownDescription": "The IP set references to use in the stateful rule group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSetReference" + } + }, + "title": "IPSetReferences", + "type": "object" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterSelectableValues": { + "AWS::NetworkFirewall::RuleGroup.RuleDefinition": { "additionalProperties": false, "properties": { - "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" - }, - "Values": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", + "markdownDescription": "The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions.\n\n> Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the `FirewallPolicy` . \n\nFor every rule, you must specify exactly one of the following standard actions.\n\n- *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination.\n- *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination.\n- *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection.\n\nAdditionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting.\n\nTo provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `[\u201caws:pass\u201d, \u201cMyMetricsAction\u201d]` .", + "title": "Actions", "type": "array" + }, + "MatchAttributes": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.MatchAttributes", + "markdownDescription": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.", + "title": "MatchAttributes" } }, + "required": [ + "Actions", + "MatchAttributes" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterSliderControl": { + "AWS::NetworkFirewall::RuleGroup.RuleGroup": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", - "type": "string" + "ReferenceSets": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ReferenceSets", + "markdownDescription": "The reference sets for the stateful rule group.", + "title": "ReferenceSets" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", - "type": "string" + "RuleVariables": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleVariables", + "markdownDescription": "Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.", + "title": "RuleVariables" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "RulesSource": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSource", + "markdownDescription": "The stateful rules or stateless rules for the rule group.", + "title": "RulesSource" }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", - "type": "string" + "StatefulRuleOptions": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions", + "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* .", + "title": "StatefulRuleOptions" } }, "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" + "RulesSource" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterTextAreaControl": { + "AWS::NetworkFirewall::RuleGroup.RuleOption": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", + "Keyword": { + "markdownDescription": "The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", + "title": "Keyword", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", - "type": "string" + "Settings": { + "items": { + "type": "string" + }, + "markdownDescription": "The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", + "title": "Settings", + "type": "array" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Keyword" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterTextFieldControl": { + "AWS::NetworkFirewall::RuleGroup.RuleVariables": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", - "type": "string" + "IPSets": { + "additionalProperties": false, + "markdownDescription": "A list of IP addresses and address ranges, in CIDR notation.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSet" + } + }, + "title": "IPSets", + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", - "type": "string" + "PortSets": { + "additionalProperties": false, + "markdownDescription": "A list of port ranges.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortSet" + } + }, + "title": "PortSets", + "type": "object" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.Parameters": { + "AWS::NetworkFirewall::RuleGroup.RulesSource": { "additionalProperties": false, "properties": { - "DateTimeParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameter" - }, - "markdownDescription": "The parameters that have a data type of date-time.", - "title": "DateTimeParameters", - "type": "array" + "RulesSourceList": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSourceList", + "markdownDescription": "Stateful inspection criteria for a domain list rule group.", + "title": "RulesSourceList" }, - "DecimalParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameter" - }, - "markdownDescription": "The parameters that have a data type of decimal.", - "title": "DecimalParameters", - "type": "array" + "RulesString": { + "markdownDescription": "Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.\n\nThese rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.\n\n> You can't use the `priority` keyword if the `RuleOrder` option in `StatefulRuleOptions` is set to `STRICT_ORDER` .", + "title": "RulesString", + "type": "string" }, - "IntegerParameters": { + "StatefulRules": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameter" + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRule" }, - "markdownDescription": "The parameters that have a data type of integer.", - "title": "IntegerParameters", + "markdownDescription": "An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-7.0.3/rules/intro.html) .", + "title": "StatefulRules", "type": "array" }, - "StringParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameter" - }, - "markdownDescription": "The parameters that have a data type of string.", - "title": "StringParameters", - "type": "array" + "StatelessRulesAndCustomActions": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions", + "markdownDescription": "Stateless inspection criteria to be used in a stateless rule group.", + "title": "StatelessRulesAndCustomActions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PercentVisibleRange": { + "AWS::NetworkFirewall::RuleGroup.RulesSourceList": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" + "GeneratedRulesType": { + "markdownDescription": "Whether you want to allow or deny access to the domains in your target list.", + "title": "GeneratedRulesType", + "type": "string" }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", - "type": "number" + "TargetTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` .", + "title": "TargetTypes", + "type": "array" + }, + "Targets": { + "items": { + "type": "string" + }, + "markdownDescription": "The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:\n\n- Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` .\n- Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` .", + "title": "Targets", + "type": "array" } }, + "required": [ + "GeneratedRulesType", + "TargetTypes", + "Targets" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration": { + "AWS::NetworkFirewall::RuleGroup.StatefulRule": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", + "Action": { + "markdownDescription": "Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.\n\nThe actions for a stateful rule are defined as follows:\n\n- *PASS* - Permits the packets to go to the intended destination.\n- *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n- *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic.\n- *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\nYou can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` .\n- *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\n`REJECT` isn't currently available for use with IMAP and FTP protocols.", + "title": "Action", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "Header": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Header", + "markdownDescription": "The stateful inspection criteria for this rule, used to inspect traffic flows.", + "title": "Header" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", - "type": "string" + "RuleOptions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleOption" + }, + "markdownDescription": "Additional settings for a stateful rule, provided as keywords and settings.", + "title": "RuleOptions", + "type": "array" } }, + "required": [ + "Action", + "Header", + "RuleOptions" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PercentileAggregation": { + "AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions": { "additionalProperties": false, "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", - "type": "number" + "RuleOrder": { + "markdownDescription": "Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "RuleOrder", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PeriodOverPeriodComputation": { + "AWS::NetworkFirewall::RuleGroup.StatelessRule": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Priority": { + "markdownDescription": "Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.\n\nEach stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object.\n\nYou can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on.", + "title": "Priority", + "type": "number" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "RuleDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleDefinition", + "markdownDescription": "Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria.", + "title": "RuleDefinition" } }, "required": [ - "ComputationId" + "Priority", + "RuleDefinition" ], "type": "object" }, - "AWS::QuickSight::Analysis.PeriodToDateComputation": { + "AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", - "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "CustomActions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.CustomAction" + }, + "markdownDescription": "Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule `RuleGroup.RuleDefinition` `Actions` specification.", + "title": "CustomActions", + "type": "array" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "StatelessRules": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRule" + }, + "markdownDescription": "Defines the set of stateless rules for use in a stateless rule group.", + "title": "StatelessRules", + "type": "array" } }, "required": [ - "ComputationId" + "StatelessRules" ], "type": "object" }, - "AWS::QuickSight::Analysis.PieChartAggregatedFieldWells": { + "AWS::NetworkFirewall::RuleGroup.TCPFlagField": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", - "type": "array" - }, - "SmallMultiples": { + "Flags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", + "markdownDescription": "Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting.\n\nFor the flags that are specified in the masks setting, the following must be true for the packet to match:\n\n- The ones that are set in this flags setting must be set in the packet.\n- The ones that are not set in this flags setting must also not be set in the packet.", + "title": "Flags", "type": "array" }, - "Values": { + "Masks": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting.", + "title": "Masks", "type": "array" } }, + "required": [ + "Flags" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PieChartConfiguration": { + "AWS::NetworkFirewall::TLSInspectionConfiguration": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" - }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the TLS inspection configuration.", + "title": "Description", + "type": "string" + }, + "TLSInspectionConfiguration": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration", + "markdownDescription": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", + "title": "TLSInspectionConfiguration" + }, + "TLSInspectionConfigurationName": { + "markdownDescription": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it.", + "title": "TLSInspectionConfigurationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key:value pairs to associate with the resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "TLSInspectionConfiguration", + "TLSInspectionConfigurationName" + ], + "type": "object" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" + "Type": { + "enum": [ + "AWS::NetworkFirewall::TLSInspectionConfiguration" + ], + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PieChartFieldWells": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.Address": { "additionalProperties": false, "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" + "AddressDefinition": { + "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "AddressDefinition", + "type": "string" } }, + "required": [ + "AddressDefinition" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PieChartSortConfiguration": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" - }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "RevokedStatusAction": { + "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has a revoked status.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", + "title": "RevokedStatusAction", + "type": "string" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "UnknownStatusAction": { + "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has an unknown status, or a status that cannot be determined for any other reason, including when the service is unable to connect to the OCSP and CRL endpoints for the certificate.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", + "title": "UnknownStatusAction", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PieChartVisual": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "FromPort": { + "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", + "title": "FromPort", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "ToPort": { + "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", + "title": "ToPort", + "type": "number" } }, "required": [ - "VisualId" + "FromPort", + "ToPort" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotFieldSortOptions": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.", + "title": "ResourceArn", "type": "string" - }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" } }, - "required": [ - "FieldId", - "SortBy" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", - "type": "array" + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateAuthorityArn", + "type": "string" }, - "Rows": { + "CheckCertificateRevocationStatus": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus", + "markdownDescription": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .", + "title": "CheckCertificateRevocationStatus" + }, + "Scopes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope" }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", + "markdownDescription": "A list of scopes.", + "title": "Scopes", "type": "array" }, - "Values": { + "ServerCertificates": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate" }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", + "markdownDescription": "The list of server certificates to use for inbound SSL/TLS inspection.", + "title": "ServerCertificates", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", - "type": "string" - }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" + "DestinationPorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" + }, + "markdownDescription": "The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", + "title": "DestinationPorts", + "type": "array" }, - "Scopes": { + "Destinations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", + "markdownDescription": "The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any destination address.", + "title": "Destinations", "type": "array" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" - } - }, - "required": [ - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { + "Protocols": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption" + "type": "number" }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.\n\nNetwork Firewall currently supports only TCP.", + "title": "Protocols", + "type": "array" + }, + "SourcePorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" + }, + "markdownDescription": "The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", + "title": "SourcePorts", + "type": "array" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" + }, + "markdownDescription": "The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any source address.", + "title": "Sources", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" + "ServerCertificateConfigurations": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration" + }, + "markdownDescription": "Lists the server certificate configurations that are associated with the TLS configuration.", + "title": "ServerCertificateConfigurations", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope": { + "AWS::NetworkFirewall::VpcEndpointAssociation": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableConfiguration": { - "additionalProperties": false, - "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "Metadata": { + "type": "object" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableDataPathOption": { - "additionalProperties": false, - "properties": { - "DataPathList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the VPC endpoint association.", + "title": "Description", + "type": "string" + }, + "FirewallArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the firewall.", + "title": "FirewallArn", + "type": "string" + }, + "SubnetMapping": { + "$ref": "#/definitions/AWS::NetworkFirewall::VpcEndpointAssociation.SubnetMapping", + "markdownDescription": "The ID for a subnet that's used in an association with a firewall. This is used in `CreateFirewall` , `AssociateSubnets` , and `CreateVpcEndpointAssociation` . AWS Network Firewall creates an instance of the associated firewall in each subnet that you specify, to filter traffic in the subnet's Availability Zone.", + "title": "SubnetMapping" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key:value pairs to associate with the resource.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC for the endpoint association.", + "title": "VpcId", + "type": "string" + } }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", - "type": "array" + "required": [ + "FirewallArn", + "SubnetMapping", + "VpcId" + ], + "type": "object" }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", + "Type": { + "enum": [ + "AWS::NetworkFirewall::VpcEndpointAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataPathList" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption": { + "AWS::NetworkFirewall::VpcEndpointAssociation.SubnetMapping": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", + "IPAddressType": { + "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", + "title": "IPAddressType", "type": "string" }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" + "SubnetId": { + "markdownDescription": "The unique identifier for the subnet.", + "title": "SubnetId", + "type": "string" } }, "required": [ - "Target" + "SubnetId" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget": { + "AWS::NetworkManager::ConnectAttachment": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The ID of the core network where the Connect attachment is located.", + "title": "CoreNetworkId", + "type": "string" + }, + "EdgeLocation": { + "markdownDescription": "The Region where the edge is located.", + "title": "EdgeLocation", + "type": "string" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Options": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions", + "markdownDescription": "Options for connecting an attachment.", + "title": "Options" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the Connect attachment.", + "title": "Tags", + "type": "array" + }, + "TransportAttachmentId": { + "markdownDescription": "The ID of the transport attachment.", + "title": "TransportAttachmentId", + "type": "string" + } }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", - "type": "array" + "required": [ + "CoreNetworkId", + "EdgeLocation", + "Options", + "TransportAttachmentId" + ], + "type": "object" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", + "Type": { + "enum": [ + "AWS::NetworkManager::ConnectAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldOption": { + "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", + "Protocol": { + "markdownDescription": "The protocol used for the attachment connection.", + "title": "Protocol", "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldOptions": { + "AWS::NetworkManager::ConnectAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "CollapseStateOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption" - }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", - "type": "array" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "DataPathOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableDataPathOption" - }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", - "type": "array" + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" }, - "SelectedFieldOptions": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOption" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions": { + "AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldWells": { - "additionalProperties": false, - "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableOptions": { + "AWS::NetworkManager::ConnectPeer": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" - }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", - "type": "string" - }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" - }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", - "type": "string" - }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", + "Condition": { "type": "string" }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" - }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" - }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" + "Metadata": { + "type": "object" }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "BgpOptions": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.BgpOptions", + "markdownDescription": "Describes the BGP options.", + "title": "BgpOptions" + }, + "ConnectAttachmentId": { + "markdownDescription": "The ID of the attachment to connect.", + "title": "ConnectAttachmentId", + "type": "string" + }, + "CoreNetworkAddress": { + "markdownDescription": "The IP address of a core network.", + "title": "CoreNetworkAddress", + "type": "string" + }, + "InsideCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", + "title": "InsideCidrBlocks", + "type": "array" + }, + "PeerAddress": { + "markdownDescription": "The IP address of the Connect peer.", + "title": "PeerAddress", + "type": "string" + }, + "SubnetArn": { + "markdownDescription": "The subnet ARN of the Connect peer.", + "title": "SubnetArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with the Connect peer.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ConnectAttachmentId", + "PeerAddress" + ], + "type": "object" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", + "Type": { + "enum": [ + "AWS::NetworkManager::ConnectPeer" + ], "type": "string" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions": { + "AWS::NetworkManager::ConnectPeer.BgpOptions": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", - "type": "string" - }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", - "type": "string" + "PeerAsn": { + "markdownDescription": "The Peer ASN of the BGP.", + "title": "PeerAsn", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableRowsLabelOptions": { + "AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", + "CoreNetworkAddress": { + "markdownDescription": "The address of a core network.", + "title": "CoreNetworkAddress", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableSortBy": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", - "title": "Column" + "CoreNetworkAsn": { + "markdownDescription": "The ASN of the Coret Network.", + "title": "CoreNetworkAsn", + "type": "number" }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "PeerAddress": { + "markdownDescription": "The address of a core network Connect peer.", + "title": "PeerAddress", + "type": "string" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" + "PeerAsn": { + "markdownDescription": "The ASN of the Connect peer.", + "title": "PeerAsn", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableSortConfiguration": { + "AWS::NetworkManager::ConnectPeer.ConnectPeerConfiguration": { "additionalProperties": false, "properties": { - "FieldSortOptions": { + "BgpConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotFieldSortOptions" + "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration" }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", + "markdownDescription": "The Connect peer BGP configurations.", + "title": "BgpConfigurations", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableTotalOptions": { - "additionalProperties": false, - "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" - }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" + "CoreNetworkAddress": { + "markdownDescription": "The IP address of a core network.", + "title": "CoreNetworkAddress", + "type": "string" }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableVisual": { - "additionalProperties": false, - "properties": { - "Actions": { + "InsideCidrBlocks": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", + "title": "InsideCidrBlocks", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "PeerAddress": { + "markdownDescription": "The IP address of the Connect peer.", + "title": "PeerAddress", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Protocol": { + "markdownDescription": "The protocol used for a Connect peer configuration.", + "title": "Protocol", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTotalOptions": { + "AWS::NetworkManager::CoreNetwork": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation options for each value field.", - "title": "TotalAggregationOptions", - "type": "array" + "Metadata": { + "type": "object" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", - "title": "TotalCellStyle" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of a core network.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network that your core network is a part of.", + "title": "GlobalNetworkId", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "Describes a core network policy. For more information, see [Core network policies](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) .\n\nIf you update the policy document, CloudFormation will apply the core network change set generated from the updated policy document, and then set it as the LIVE policy.", + "title": "PolicyDocument", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with a core network.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "GlobalNetworkId" + ], + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "Type": { + "enum": [ + "AWS::NetworkManager::CoreNetwork" + ], "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PredefinedHierarchy": { + "AWS::NetworkManager::CoreNetwork.CoreNetworkEdge": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" + "Asn": { + "markdownDescription": "The ASN of a core network edge.", + "title": "Asn", + "type": "number" }, - "DrillDownFilters": { + "EdgeLocation": { + "markdownDescription": "The Region where a core network edge is located.", + "title": "EdgeLocation", + "type": "string" + }, + "InsideCidrBlocks": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + "type": "string" }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", + "markdownDescription": "The inside IP addresses used for core network edges.", + "title": "InsideCidrBlocks", "type": "array" - }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", - "type": "string" } }, - "required": [ - "Columns", - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ProgressBarOptions": { + "AWS::NetworkManager::CoreNetwork.CoreNetworkNetworkFunctionGroup": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the progress bar.", - "title": "Visibility", + "EdgeLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "The core network edge locations.", + "title": "EdgeLocations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the network function group.", + "title": "Name", "type": "string" + }, + "Segments": { + "$ref": "#/definitions/AWS::NetworkManager::CoreNetwork.Segments", + "markdownDescription": "The segments associated with the network function group.", + "title": "Segments" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells": { + "AWS::NetworkManager::CoreNetwork.CoreNetworkSegment": { "additionalProperties": false, "properties": { - "Category": { + "EdgeLocations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The aggregated field well categories of a radar chart.", - "title": "Category", + "markdownDescription": "The Regions where the edges are located.", + "title": "EdgeLocations", "type": "array" }, - "Color": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", - "type": "array" + "Name": { + "markdownDescription": "The name of a core network segment.", + "title": "Name", + "type": "string" }, - "Values": { + "SharedSegments": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", - "title": "Values", + "markdownDescription": "The shared segments of a core network.", + "title": "SharedSegments", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartAreaStyleSettings": { + "AWS::NetworkManager::CoreNetwork.Segments": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", - "type": "string" + "SendTo": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SendTo", + "type": "array" + }, + "SendVia": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SendVia", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartConfiguration": { + "AWS::NetworkManager::CustomerGatewayAssociation": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" - }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" - }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", + "Condition": { "type": "string" }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", - "title": "CategoryLabelOptions" - }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", - "title": "ColorLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", - "title": "FieldWells" + "Metadata": { + "type": "object" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Properties": { + "additionalProperties": false, + "properties": { + "CustomerGatewayArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the customer gateway.", + "title": "CustomerGatewayArn", + "type": "string" + }, + "DeviceId": { + "markdownDescription": "The ID of the device.", + "title": "DeviceId", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "LinkId": { + "markdownDescription": "The ID of the link.", + "title": "LinkId", + "type": "string" + } + }, + "required": [ + "CustomerGatewayArn", + "DeviceId", + "GlobalNetworkId" + ], + "type": "object" }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", + "Type": { + "enum": [ + "AWS::NetworkManager::CustomerGatewayAssociation" + ], "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", - "title": "SortConfiguration" - }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.RadarChartFieldWells": { - "additionalProperties": false, - "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.RadarChartSeriesSettings": { - "additionalProperties": false, - "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartSortConfiguration": { + "AWS::NetworkManager::Device": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", - "title": "CategoryItemsLimit" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The category sort options of a radar chart.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", - "title": "ColorItemsLimit" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The color sort configuration of a radar chart.", - "title": "ColorSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.RadarChartVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Metadata": { + "type": "object" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "Properties": { + "additionalProperties": false, + "properties": { + "AWSLocation": { + "$ref": "#/definitions/AWS::NetworkManager::Device.AWSLocation", + "markdownDescription": "The AWS location of the device.", + "title": "AWSLocation" + }, + "Description": { + "markdownDescription": "A description of the device.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::NetworkManager::Device.Location", + "markdownDescription": "The site location.", + "title": "Location" + }, + "Model": { + "markdownDescription": "The model of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "Model", + "type": "string" + }, + "SerialNumber": { + "markdownDescription": "The serial number of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "SerialNumber", + "type": "string" + }, + "SiteId": { + "markdownDescription": "The site ID.", + "title": "SiteId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the device.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The device type.", + "title": "Type", + "type": "string" + }, + "Vendor": { + "markdownDescription": "The vendor of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "Vendor", + "type": "string" + } }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "required": [ + "GlobalNetworkId" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::NetworkManager::Device" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.RangeEndsLabelType": { + "AWS::NetworkManager::Device.AWSLocation": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the range ends label.", - "title": "Visibility", + "SubnetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the subnet that the device is located in.", + "title": "SubnetArn", + "type": "string" + }, + "Zone": { + "markdownDescription": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost.", + "title": "Zone", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLine": { + "AWS::NetworkManager::Device.Location": { "additionalProperties": false, "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" - }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "Address": { + "markdownDescription": "The physical address.", + "title": "Address", + "type": "string" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "Latitude": { + "markdownDescription": "The latitude.", + "title": "Latitude", "type": "string" }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" + "Longitude": { + "markdownDescription": "The longitude.", + "title": "Longitude", + "type": "string" } }, - "required": [ - "DataConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration": { + "AWS::NetworkManager::DirectConnectGatewayAttachment": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "", + "title": "CoreNetworkId", + "type": "string" + }, + "DirectConnectGatewayArn": { + "markdownDescription": "The Direct Connect gateway attachment ARN.", + "title": "DirectConnectGatewayArn", + "type": "string" + }, + "EdgeLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "EdgeLocations", + "type": "array" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "CoreNetworkId", + "DirectConnectGatewayArn", + "EdgeLocations" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::DirectConnectGatewayAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CustomLabel" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineDataConfiguration": { + "AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", - "type": "string" - }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", "type": "string" }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration": { + "AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Calculation", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration": { + "AWS::NetworkManager::GlobalNetwork": { "additionalProperties": false, "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" + "Condition": { + "type": "string" }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", - "type": "string" + "Metadata": { + "type": "object" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "CreatedAt": { + "markdownDescription": "The date and time that the global network was created.", + "title": "CreatedAt", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the global network.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the global network.", + "title": "State", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the global network.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", + "Type": { + "enum": [ + "AWS::NetworkManager::GlobalNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" } }, "required": [ - "Value" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration": { + "AWS::NetworkManager::Link": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", + "Condition": { "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration": { - "additionalProperties": false, - "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Bandwidth": { + "$ref": "#/definitions/AWS::NetworkManager::Link.Bandwidth", + "markdownDescription": "The bandwidth for the link.", + "title": "Bandwidth" + }, + "Description": { + "markdownDescription": "A description of the link.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Provider": { + "markdownDescription": "The provider of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", + "title": "Provider", + "type": "string" + }, + "SiteId": { + "markdownDescription": "The ID of the site.", + "title": "SiteId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the link.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Bandwidth", + "GlobalNetworkId", + "SiteId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::Link" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions": { + "AWS::NetworkManager::Link.Bandwidth": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "DownloadSpeed": { + "markdownDescription": "Download speed in Mbps.", + "title": "DownloadSpeed", + "type": "number" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "UploadSpeed": { + "markdownDescription": "Upload speed in Mbps.", + "title": "UploadSpeed", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RelativeDatesFilter": { + "AWS::NetworkManager::LinkAssociation": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "Metadata": { + "type": "object" }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DeviceId": { + "markdownDescription": "The device ID for the link association.", + "title": "DeviceId", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "LinkId": { + "markdownDescription": "The ID of the link.", + "title": "LinkId", + "type": "string" + } + }, + "required": [ + "DeviceId", + "GlobalNetworkId", + "LinkId" + ], + "type": "object" }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", - "type": "number" + "Type": { + "enum": [ + "AWS::NetworkManager::LinkAssociation" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ResourcePermission": { + "AWS::NetworkManager::Site": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of your site.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::NetworkManager::Site.Location", + "markdownDescription": "The site location. This information is used for visualization in the Network Manager console. If you specify the address, the latitude and longitude are automatically calculated.\n\n- `Address` : The physical address of the site.\n- `Latitude` : The latitude of the site.\n- `Longitude` : The longitude of the site.", + "title": "Location" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the site.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" + "required": [ + "GlobalNetworkId" + ], + "type": "object" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "Type": { + "enum": [ + "AWS::NetworkManager::Site" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Actions", - "Principal" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.RollingDateConfiguration": { + "AWS::NetworkManager::Site.Location": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "Address": { + "markdownDescription": "The physical address.", + "title": "Address", "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", - "title": "Expression", + "Latitude": { + "markdownDescription": "The latitude.", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "The longitude.", + "title": "Longitude", "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.RowAlternateColorOptions": { + "AWS::NetworkManager::SiteToSiteVpnAttachment": { "additionalProperties": false, "properties": { - "RowAlternateColors": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "", + "title": "CoreNetworkId", + "type": "string" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the Site-to-Site VPN attachment.", + "title": "Tags", + "type": "array" + }, + "VpnConnectionArn": { + "markdownDescription": "The ARN of the site-to-site VPN attachment.", + "title": "VpnConnectionArn", + "type": "string" + } }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", - "type": "array" + "required": [ + "CoreNetworkId", + "VpnConnectionArn" + ], + "type": "object" }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", + "Type": { + "enum": [ + "AWS::NetworkManager::SiteToSiteVpnAttachment" + ], "type": "string" }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration": { + "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", "type": "string" }, - "TargetVisuals": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells": { + "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "Destination": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", - "type": "array" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "Source": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", - "type": "array" + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" }, - "Weight": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration": { + "AWS::NetworkManager::TransitGatewayPeering": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", - "title": "DataLabels" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", - "title": "SortConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The ID of the core network.", + "title": "CoreNetworkId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with the peering.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayArn": { + "markdownDescription": "The ARN of the transit gateway.", + "title": "TransitGatewayArn", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "TransitGatewayArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayPeering" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramFieldWells": { + "AWS::NetworkManager::TransitGatewayRegistration": { "additionalProperties": false, "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration": { - "additionalProperties": false, - "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" + "Condition": { + "type": "string" }, - "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "WeightSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "TransitGatewayArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the transit gateway.", + "title": "TransitGatewayArn", + "type": "string" + } }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", - "type": "array" + "required": [ + "GlobalNetworkId", + "TransitGatewayArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayRegistration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramVisual": { + "AWS::NetworkManager::TransitGatewayRouteTableAttachment": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Metadata": { + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Properties": { + "additionalProperties": false, + "properties": { + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "PeeringId": { + "markdownDescription": "The ID of the transit gateway peering.", + "title": "PeeringId", + "type": "string" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange", + "markdownDescription": "This property is read-only. Values can't be assigned to it.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value pairs associated with the transit gateway route table attachment.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayRouteTableArn": { + "markdownDescription": "The ARN of the transit gateway attachment route table. For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` .", + "title": "TransitGatewayRouteTableArn", + "type": "string" + } + }, + "required": [ + "PeeringId", + "TransitGatewayRouteTableArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayRouteTableAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" }, - "Size": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", - "type": "array" + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" }, - "YAxis": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotConfiguration": { + "AWS::NetworkManager::VpcAttachment": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Condition": { + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" + "Metadata": { + "type": "object" }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The core network ID.", + "title": "CoreNetworkId", + "type": "string" + }, + "Options": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.VpcOptions", + "markdownDescription": "Options for creating the VPC attachment.", + "title": "Options" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "SubnetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet ARNs.", + "title": "SubnetArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the VPC attachment.", + "title": "Tags", + "type": "array" + }, + "VpcArn": { + "markdownDescription": "The ARN of the VPC attachment.", + "title": "VpcArn", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "SubnetArns", + "VpcArn" + ], + "type": "object" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" + "Type": { + "enum": [ + "AWS::NetworkManager::VpcAttachment" + ], + "type": "string" }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotFieldWells": { + "AWS::NetworkManager::VpcAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells": { + "AWS::NetworkManager::VpcAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" }, - "Size": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkManager::VpcAttachment.VpcOptions": { + "additionalProperties": false, + "properties": { + "ApplianceModeSupport": { + "markdownDescription": "Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is `false` .", + "title": "ApplianceModeSupport", + "type": "boolean" }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", - "type": "array" + "DnsSupport": { + "markdownDescription": "Indicates whether DNS is supported.", + "title": "DnsSupport", + "type": "boolean" }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", - "type": "array" + "Ipv6Support": { + "markdownDescription": "Indicates whether IPv6 is supported.", + "title": "Ipv6Support", + "type": "boolean" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Indicates whether security group referencing is enabled for this VPC attachment. The default is `true` . However, at the core network policy-level the default is set to `false` .", + "title": "SecurityGroupReferencingSupport", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotVisual": { + "AWS::Notifications::ChannelAssociation": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Channel` .", + "title": "Arn", + "type": "string" + }, + "NotificationConfigurationArn": { + "markdownDescription": "The ARN of the `NotificationConfiguration` associated with the `Channel` .", + "title": "NotificationConfigurationArn", + "type": "string" + } + }, + "required": [ + "Arn", + "NotificationConfigurationArn" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::Notifications::ChannelAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ScrollBarOptions": { + "AWS::Notifications::EventRule": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", + "Condition": { "type": "string" }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SecondaryValueOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EventPattern": { + "markdownDescription": "An additional event pattern used to further filter the events this `EventRule` receives.\n\nFor more information, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) in the *Amazon EventBridge User Guide.*", + "title": "EventPattern", + "type": "string" + }, + "EventType": { + "markdownDescription": "The event type this rule should match with the EventBridge events. It must match with atleast one of the valid EventBridge event types. For example, Amazon EC2 Instance State change Notification and Amazon CloudWatch State Change. For more information, see [Event delivery from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-delivery-level) in the *Amazon EventBridge User Guide* .", + "title": "EventType", + "type": "string" + }, + "NotificationConfigurationArn": { + "markdownDescription": "The ARN for the `NotificationConfiguration` associated with this `EventRule` .", + "title": "NotificationConfigurationArn", + "type": "string" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS Regions that send events to this `EventRule` .", + "title": "Regions", + "type": "array" + }, + "Source": { + "markdownDescription": "The event source this rule should match with the EventBridge event sources. It must match with atleast one of the valid EventBridge event sources. Only AWS service sourced events are supported. For example, `aws.ec2` and `aws.cloudwatch` . For more information, see [Event delivery from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-delivery-level) in the *Amazon EventBridge User Guide* .", + "title": "Source", + "type": "string" + } + }, + "required": [ + "EventType", + "NotificationConfigurationArn", + "Regions", + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::EventRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionAfterPageBreak": { + "AWS::Notifications::EventRule.EventRuleStatusSummary": { "additionalProperties": false, "properties": { + "Reason": { + "markdownDescription": "A human-readable reason for `EventRuleStatus` .", + "title": "Reason", + "type": "string" + }, "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "markdownDescription": "The status of the `EventRule` .\n\n- Values:\n\n- `ACTIVE`\n\n- The `EventRule` can process events.\n- `INACTIVE`\n\n- The `EventRule` may be unable to process events.\n- `CREATING`\n\n- The `EventRule` is being created.\n\nOnly `GET` and `LIST` calls can be run.\n- `UPDATING`\n\n- The `EventRule` is being updated.\n\nOnly `GET` and `LIST` calls can be run.\n- `DELETING`\n\n- The `EventRule` is being deleted.\n\nOnly `GET` and `LIST` calls can be run.", "title": "Status", "type": "string" } }, + "required": [ + "Reason", + "Status" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration": { + "AWS::Notifications::ManagedNotificationAccountContactAssociation": { "additionalProperties": false, "properties": { - "BodySections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionConfiguration" - }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", - "type": "array" + "Condition": { + "type": "string" }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FooterSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HeaderSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactIdentifier": { + "markdownDescription": "The unique identifier of the notification contact associated with the AWS account. For more information about the contact types associated with an account, see the [Account Management Reference Guide](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-contact-alternate.html#manage-acct-update-contact-alternate-orgs) .", + "title": "ContactIdentifier", + "type": "string" + }, + "ManagedNotificationConfigurationArn": { + "markdownDescription": "The ARN of the `ManagedNotificationConfiguration` to be associated with the `Channel` .", + "title": "ManagedNotificationConfigurationArn", + "type": "string" + } }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", - "type": "array" - } - }, - "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" + "required": [ + "ContactIdentifier", + "ManagedNotificationConfigurationArn" + ], + "type": "object" }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", + "Type": { + "enum": [ + "AWS::Notifications::ManagedNotificationAccountContactAssociation" + ], "type": "string" }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" - } - }, "required": [ - "FreeFormLayout" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionPageBreakConfiguration": { - "additionalProperties": false, - "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionStyle": { + "AWS::Notifications::ManagedNotificationAdditionalChannelAssociation": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", + "Condition": { "type": "string" }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration": { - "additionalProperties": false, - "properties": { - "SheetVisualScopingConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetVisualScopingConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelArn": { + "markdownDescription": "The ARN of the `Channel` .", + "title": "ChannelArn", + "type": "string" + }, + "ManagedNotificationConfigurationArn": { + "markdownDescription": "The ARN of the `ManagedNotificationAdditionalChannelAssociation` associated with the `Channel` .", + "title": "ManagedNotificationConfigurationArn", + "type": "string" + } }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SeriesItem": { - "additionalProperties": false, - "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" + "required": [ + "ChannelArn", + "ManagedNotificationConfigurationArn" + ], + "type": "object" }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SetParameterValueConfiguration": { - "additionalProperties": false, - "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", + "Type": { + "enum": [ + "AWS::Notifications::ManagedNotificationAdditionalChannelAssociation" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DestinationParameterName", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ShapeConditionalFormat": { + "AWS::Notifications::NotificationConfiguration": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AggregationDuration": { + "markdownDescription": "The aggregation preference of the `NotificationConfiguration` .\n\n- Values:\n\n- `LONG`\n\n- Aggregate notifications for long periods of time (12 hours).\n- `SHORT`\n\n- Aggregate notifications for short periods of time (5 minutes).\n- `NONE`\n\n- Don't aggregate notifications.", + "title": "AggregationDuration", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the `NotificationConfiguration` .", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `NotificationConfiguration` . Supports RFC 3986's unreserved characters.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of tags assigned to a `NotificationConfiguration` .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::NotificationConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "BackgroundColor" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.Sheet": { + "AWS::Notifications::NotificationHub": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "Condition": { "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions": { - "additionalProperties": false, - "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Region": { + "markdownDescription": "The `NotificationHub` Region.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::NotificationHub" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetControlLayout": { + "AWS::Notifications::NotificationHub.NotificationHubStatusSummary": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" + "NotificationHubStatus": { + "markdownDescription": "Indicates the current status of the `NotificationHub` .", + "title": "NotificationHubStatus", + "type": "string" + }, + "NotificationHubStatusReason": { + "markdownDescription": "An explanation for the current status.", + "title": "NotificationHubStatusReason", + "type": "string" } }, "required": [ - "Configuration" + "NotificationHubStatus", + "NotificationHubStatusReason" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetControlLayoutConfiguration": { + "AWS::NotificationsContacts::EmailContact": { "additionalProperties": false, "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SheetDefinition": { - "additionalProperties": false, - "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", + "Condition": { "type": "string" }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FilterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterControl" - }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", - "type": "array" - }, - "Layouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Layout" - }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterControl" - }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", - "type": "array" + "Metadata": { + "type": "object" }, - "SheetControlLayouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayout" + "Properties": { + "additionalProperties": false, + "properties": { + "EmailAddress": { + "markdownDescription": "The email address of the contact. The activation and notification emails are sent here.", + "title": "EmailAddress", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the contact.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to apply to the email contact.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", - "type": "array" + "required": [ + "EmailAddress", + "Name" + ], + "type": "object" }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", + "Type": { + "enum": [ + "AWS::NotificationsContacts::EmailContact" + ], "type": "string" }, - "TextBoxes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetTextBox" - }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", - "type": "array" - }, - "Title": { - "markdownDescription": "The title of the sheet.", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "Visuals": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Visual" - }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", - "type": "array" } }, "required": [ - "SheetId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetElementConfigurationOverrides": { + "AWS::NotificationsContacts::EmailContact.EmailContact": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", + "Address": { + "markdownDescription": "The email address of the contact.", + "title": "Address", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SheetElementRenderingRule": { - "additionalProperties": false, - "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "Arn", + "type": "string" + }, + "CreationTime": { + "markdownDescription": "The creation time of the `EmailContact` .", + "title": "CreationTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the contact.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the contact. Only activated contacts receive emails.", + "title": "Status", + "type": "string" + }, + "UpdateTime": { + "markdownDescription": "The time the `EmailContact` was last updated.", + "title": "UpdateTime", "type": "string" } }, "required": [ - "ConfigurationOverrides", - "Expression" + "Address", + "Arn", + "CreationTime", + "Name", + "Status", + "UpdateTime" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetTextBox": { + "AWS::ODB::CloudAutonomousVmCluster": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", + "Condition": { "type": "string" }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutonomousDataStorageSizeInTBs": { + "markdownDescription": "The data storage size allocated for Autonomous Databases in the Autonomous VM cluster, in TB.\n\nRequired when creating an Autonomous VM cluster.", + "title": "AutonomousDataStorageSizeInTBs", + "type": "number" + }, + "CloudExadataInfrastructureId": { + "markdownDescription": "The unique identifier of the Cloud Exadata Infrastructure containing this Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "CloudExadataInfrastructureId", + "type": "string" + }, + "CpuCoreCountPerNode": { + "markdownDescription": "The number of CPU cores enabled per node in the Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "CpuCoreCountPerNode", + "type": "number" + }, + "DbServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of database servers associated with the Autonomous VM cluster.", + "title": "DbServers", + "type": "array" + }, + "Description": { + "markdownDescription": "The user-provided description of the Autonomous VM cluster.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "DisplayName", + "type": "string" + }, + "IsMtlsEnabledVmCluster": { + "markdownDescription": "Specifies whether mutual TLS (mTLS) authentication is enabled for the Autonomous VM cluster.", + "title": "IsMtlsEnabledVmCluster", + "type": "boolean" + }, + "LicenseModel": { + "markdownDescription": "The Oracle license model that applies to the Autonomous VM cluster. Valid values are `LICENSE_INCLUDED` or `BRING_YOUR_OWN_LICENSE` .", + "title": "LicenseModel", + "type": "string" + }, + "MaintenanceWindow": { + "$ref": "#/definitions/AWS::ODB::CloudAutonomousVmCluster.MaintenanceWindow", + "markdownDescription": "The scheduling details for the maintenance window. Patching and system updates take place during the maintenance window.", + "title": "MaintenanceWindow" + }, + "MemoryPerOracleComputeUnitInGBs": { + "markdownDescription": "The amount of memory allocated per Oracle Compute Unit, in GB.\n\nRequired when creating an Autonomous VM cluster.", + "title": "MemoryPerOracleComputeUnitInGBs", + "type": "number" + }, + "OdbNetworkId": { + "markdownDescription": "The unique identifier of the ODB network associated with this Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "OdbNetworkId", + "type": "string" + }, + "ScanListenerPortNonTls": { + "markdownDescription": "The SCAN listener port for non-TLS (TCP) protocol. The default is 1521.", + "title": "ScanListenerPortNonTls", + "type": "number" + }, + "ScanListenerPortTls": { + "markdownDescription": "The SCAN listener port for TLS (TCP) protocol. The default is 2484.", + "title": "ScanListenerPortTls", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Autonomous Vm Cluster.", + "title": "Tags", + "type": "array" + }, + "TimeZone": { + "markdownDescription": "The time zone of the Autonomous VM cluster.", + "title": "TimeZone", + "type": "string" + }, + "TotalContainerDatabases": { + "markdownDescription": "The total number of Autonomous Container Databases that can be created with the allocated local storage.\n\nRequired when creating an Autonomous VM cluster.", + "title": "TotalContainerDatabases", + "type": "number" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::CloudAutonomousVmCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SheetTextBoxId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetVisualScopingConfiguration": { + "AWS::ODB::CloudAutonomousVmCluster.MaintenanceWindow": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", - "type": "string" + "DaysOfWeek": { + "items": { + "type": "string" + }, + "markdownDescription": "The days of the week when maintenance can be performed.", + "title": "DaysOfWeek", + "type": "array" }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", - "type": "string" + "HoursOfDay": { + "items": { + "type": "number" + }, + "markdownDescription": "The hours of the day when maintenance can be performed.", + "title": "HoursOfDay", + "type": "array" }, - "VisualIds": { + "LeadTimeInWeeks": { + "markdownDescription": "The lead time in weeks before the maintenance window.", + "title": "LeadTimeInWeeks", + "type": "number" + }, + "Months": { "items": { "type": "string" }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", + "markdownDescription": "The months when maintenance can be performed.", + "title": "Months", + "type": "array" + }, + "Preference": { + "markdownDescription": "The preference for the maintenance window scheduling.", + "title": "Preference", + "type": "string" + }, + "WeeksOfMonth": { + "items": { + "type": "number" + }, + "markdownDescription": "The weeks of the month when maintenance can be performed.", + "title": "WeeksOfMonth", "type": "array" } }, - "required": [ - "Scope", - "SheetId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ShortFormatText": { + "AWS::ODB::CloudExadataInfrastructure": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "Condition": { "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The name of the Availability Zone (AZ) where the Exadata infrastructure is located.\n\nRequired when creating an Exadata infrastructure. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the infrastructure.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the AZ where the Exadata infrastructure is located.\n\nRequired when creating an Exadata infrastructure. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the infrastructure.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "ComputeCount": { + "markdownDescription": "The number of database servers for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "ComputeCount", + "type": "number" + }, + "CustomerContactsToSendToOCI": { + "items": { + "$ref": "#/definitions/AWS::ODB::CloudExadataInfrastructure.CustomerContact" + }, + "markdownDescription": "The email addresses of contacts to receive notification from Oracle about maintenance updates for the Exadata infrastructure.", + "title": "CustomerContactsToSendToOCI", + "type": "array" + }, + "DatabaseServerType": { + "markdownDescription": "The database server model type of the Exadata infrastructure. For the list of valid model names, use the `ListDbSystemShapes` operation.", + "title": "DatabaseServerType", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "DisplayName", + "type": "string" + }, + "Shape": { + "markdownDescription": "The model name of the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "Shape", + "type": "string" + }, + "StorageCount": { + "markdownDescription": "The number of storage servers that are activated for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "StorageCount", + "type": "number" + }, + "StorageServerType": { + "markdownDescription": "The storage server model type of the Exadata infrastructure. For the list of valid model names, use the `ListDbSystemShapes` operation.", + "title": "StorageServerType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Exadata Infrastructure.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::CloudExadataInfrastructure" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SimpleClusterMarker": { + "AWS::ODB::CloudExadataInfrastructure.CustomerContact": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", + "Email": { + "markdownDescription": "The email address of the contact.", + "title": "Email", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SliderControlDisplayOptions": { + "AWS::ODB::CloudVmCluster": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Condition": { + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CloudExadataInfrastructureId": { + "markdownDescription": "The unique identifier of the Exadata infrastructure that this VM cluster belongs to.\n\nRequired when creating a VM cluster.", + "title": "CloudExadataInfrastructureId", + "type": "string" + }, + "ClusterName": { + "markdownDescription": "The name of the Grid Infrastructure (GI) cluster.", + "title": "ClusterName", + "type": "string" + }, + "CpuCoreCount": { + "markdownDescription": "The number of CPU cores enabled on the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "CpuCoreCount", + "type": "number" + }, + "DataCollectionOptions": { + "$ref": "#/definitions/AWS::ODB::CloudVmCluster.DataCollectionOptions", + "markdownDescription": "The set of diagnostic collection options enabled for the VM cluster.", + "title": "DataCollectionOptions" + }, + "DataStorageSizeInTBs": { + "markdownDescription": "The size of the data disk group, in terabytes (TB), that's allocated for the VM cluster.", + "title": "DataStorageSizeInTBs", + "type": "number" + }, + "DbNodeStorageSizeInGBs": { + "markdownDescription": "The amount of local node storage, in gigabytes (GB), that's allocated for the VM cluster.", + "title": "DbNodeStorageSizeInGBs", + "type": "number" + }, + "DbServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of database servers for the VM cluster.", + "title": "DbServers", + "type": "array" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "DisplayName", + "type": "string" + }, + "GiVersion": { + "markdownDescription": "The software version of the Oracle Grid Infrastructure (GI) for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "GiVersion", + "type": "string" + }, + "Hostname": { + "markdownDescription": "The host name for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "Hostname", + "type": "string" + }, + "IsLocalBackupEnabled": { + "markdownDescription": "Specifies whether database backups to local Exadata storage are enabled for the VM cluster.", + "title": "IsLocalBackupEnabled", + "type": "boolean" + }, + "IsSparseDiskgroupEnabled": { + "markdownDescription": "Specifies whether the VM cluster is configured with a sparse disk group.", + "title": "IsSparseDiskgroupEnabled", + "type": "boolean" + }, + "LicenseModel": { + "markdownDescription": "The Oracle license model applied to the VM cluster.", + "title": "LicenseModel", + "type": "string" + }, + "MemorySizeInGBs": { + "markdownDescription": "The amount of memory, in gigabytes (GB), that's allocated for the VM cluster.", + "title": "MemorySizeInGBs", + "type": "number" + }, + "OdbNetworkId": { + "markdownDescription": "The unique identifier of the ODB network for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "OdbNetworkId", + "type": "string" + }, + "ScanListenerPortTcp": { + "markdownDescription": "The port number for TCP connections to the single client access name (SCAN) listener.\n\nValid values: `1024\u20138999` with the following exceptions: `2484` , `6100` , `6200` , `7060` , `7070` , `7085` , and `7879`\n\nDefault: `1521`", + "title": "ScanListenerPortTcp", + "type": "number" + }, + "SshPublicKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The public key portion of one or more key pairs used for SSH access to the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "SshPublicKeys", + "type": "array" + }, + "SystemVersion": { + "markdownDescription": "The operating system version of the image chosen for the VM cluster.", + "title": "SystemVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Vm Cluster.", + "title": "Tags", + "type": "array" + }, + "TimeZone": { + "markdownDescription": "The time zone of the VM cluster.", + "title": "TimeZone", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::CloudVmCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SmallMultiplesAxisProperties": { + "AWS::ODB::CloudVmCluster.DataCollectionOptions": { "additionalProperties": false, "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", - "type": "string" + "IsDiagnosticsEventsEnabled": { + "markdownDescription": "Specifies whether diagnostic collection is enabled for the VM cluster.", + "title": "IsDiagnosticsEventsEnabled", + "type": "boolean" }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", - "type": "string" + "IsHealthMonitoringEnabled": { + "markdownDescription": "Specifies whether health monitoring is enabled for the VM cluster.", + "title": "IsHealthMonitoringEnabled", + "type": "boolean" + }, + "IsIncidentLogsEnabled": { + "markdownDescription": "Specifies whether incident logs are enabled for the VM cluster.", + "title": "IsIncidentLogsEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SmallMultiplesOptions": { + "AWS::ODB::OdbNetwork": { "additionalProperties": false, "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", - "type": "number" + "Condition": { + "type": "string" }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" + "Metadata": { + "type": "object" }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone (AZ) where the ODB network is located.\n\nRequired when creating an ODB network. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the network.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the AZ where the ODB network is located.\n\nRequired when creating an ODB network. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the network.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "BackupSubnetCidr": { + "markdownDescription": "The CIDR range of the backup subnet in the ODB network.", + "title": "BackupSubnetCidr", + "type": "string" + }, + "ClientSubnetCidr": { + "markdownDescription": "The CIDR range of the client subnet in the ODB network.\n\nRequired when creating an ODB network.", + "title": "ClientSubnetCidr", + "type": "string" + }, + "DefaultDnsPrefix": { + "markdownDescription": "The DNS prefix to the default DNS domain name. The default DNS domain name is oraclevcn.com.", + "title": "DefaultDnsPrefix", + "type": "string" + }, + "DeleteAssociatedResources": { + "markdownDescription": "Specifies whether to delete associated OCI networking resources along with the ODB network.\n\nRequired when creating an ODB network.", + "title": "DeleteAssociatedResources", + "type": "boolean" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name of the ODB network.\n\nRequired when creating an ODB network.", + "title": "DisplayName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Odb Network.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::OdbNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.Spacing": { + "AWS::OSIS::Pipeline": { "additionalProperties": false, "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", + "Condition": { "type": "string" }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BufferOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.BufferOptions", + "markdownDescription": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) .", + "title": "BufferOptions" + }, + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.EncryptionAtRestOptions", + "markdownDescription": "Options to control how OpenSearch encrypts buffer data.", + "title": "EncryptionAtRestOptions" + }, + "LogPublishingOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.LogPublishingOptions", + "markdownDescription": "Key-value pairs that represent log publishing settings.", + "title": "LogPublishingOptions" + }, + "MaxUnits": { + "markdownDescription": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).", + "title": "MaxUnits", + "type": "number" + }, + "MinUnits": { + "markdownDescription": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).", + "title": "MinUnits", + "type": "number" + }, + "PipelineConfigurationBody": { + "markdownDescription": "The Data Prepper pipeline configuration in YAML format.", + "title": "PipelineConfigurationBody", + "type": "string" + }, + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "List of tags to add to the pipeline upon creation.", + "title": "Tags", + "type": "array" + }, + "VpcOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", + "markdownDescription": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint.", + "title": "VpcOptions" + } + }, + "required": [ + "MaxUnits", + "MinUnits", + "PipelineConfigurationBody", + "PipelineName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OSIS::Pipeline" + ], "type": "string" }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.StringDefaultValues": { + "AWS::OSIS::Pipeline.BufferOptions": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" - }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "PersistentBufferEnabled": { + "markdownDescription": "Whether persistent buffering should be enabled.", + "title": "PersistentBufferEnabled", + "type": "boolean" } }, + "required": [ + "PersistentBufferEnabled" + ], "type": "object" }, - "AWS::QuickSight::Analysis.StringFormatConfiguration": { + "AWS::OSIS::Pipeline.CloudWatchLogDestination": { "additionalProperties": false, "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs group to send pipeline logs to. You can specify an existing log group or create a new one. For example, `/aws/vendedlogs/OpenSearchService/pipelines` .", + "title": "LogGroup", + "type": "string" } }, + "required": [ + "LogGroup" + ], "type": "object" }, - "AWS::QuickSight::Analysis.StringParameter": { + "AWS::OSIS::Pipeline.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for a string parameter.", - "title": "Name", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key used to encrypt buffer data. By default, data is encrypted using an AWS owned key.", + "title": "KmsKeyArn", "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values of a string parameter.", - "title": "Values", - "type": "array" } }, "required": [ - "Name", - "Values" + "KmsKeyArn" ], "type": "object" }, - "AWS::QuickSight::Analysis.StringParameterDeclaration": { + "AWS::OSIS::Pipeline.LogPublishingOptions": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" - }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", - "type": "string" + "CloudWatchLogDestination": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.CloudWatchLogDestination", + "markdownDescription": "The destination for OpenSearch Ingestion logs sent to Amazon CloudWatch Logs. This parameter is required if `IsLoggingEnabled` is set to `true` .", + "title": "CloudWatchLogDestination" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "IsLoggingEnabled": { + "markdownDescription": "Whether logs should be published.", + "title": "IsLoggingEnabled", + "type": "boolean" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration": { + "AWS::OSIS::Pipeline.VpcAttachmentOptions": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "string" + "AttachToVpc": { + "markdownDescription": "Whether a VPC is attached to the pipeline.", + "title": "AttachToVpc", + "type": "boolean" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "CidrBlock": { + "markdownDescription": "The CIDR block to be reserved for OpenSearch Ingestion to create elastic network interfaces (ENIs).", + "title": "CidrBlock", "type": "string" } }, + "required": [ + "AttachToVpc", + "CidrBlock" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SubtotalOptions": { + "AWS::OSIS::Pipeline.VpcEndpoint": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", - "type": "string" - }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "VpcEndpointId": { + "markdownDescription": "The unique identifier of the endpoint.", + "title": "VpcEndpointId", "type": "string" }, - "FieldLevelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions" - }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", - "type": "array" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" - }, - "StyleTargets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableStyleTarget" - }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", + "VpcId": { + "markdownDescription": "The ID for your VPC. AWS PrivateLink generates this value when you create a VPC.", + "title": "VpcId", "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" + "VpcOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", + "markdownDescription": "Information about the VPC, including associated subnets and security groups.", + "title": "VpcOptions" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableAggregatedFieldWells": { + "AWS::OSIS::Pipeline.VpcOptions": { "additionalProperties": false, "properties": { - "GroupBy": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", + "markdownDescription": "A list of security groups associated with the VPC endpoint.", + "title": "SecurityGroupIds", "type": "array" }, - "Values": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", + "markdownDescription": "A list of subnet IDs associated with the VPC endpoint.", + "title": "SubnetIds", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableBorderOptions": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", - "type": "string" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", - "type": "string" + "VpcAttachmentOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcAttachmentOptions", + "markdownDescription": "Options for attaching a VPC to a pipeline.", + "title": "VpcAttachmentOptions" }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableCellConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "VpcEndpointManagement": { + "markdownDescription": "Defines whether you or Amazon OpenSearch Ingestion service create and manage the VPC endpoint configured for the pipeline.", + "title": "VpcEndpointManagement", "type": "string" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" } }, "required": [ - "FieldId" + "SubnetIds" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableCellImageSizingConfiguration": { - "additionalProperties": false, - "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableCellStyle": { + "AWS::Oam::Link": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", - "title": "BackgroundColor", + "Condition": { "type": "string" }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" - }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", - "type": "number" - }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", - "type": "string" + "Metadata": { + "type": "object" }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", + "Properties": { + "additionalProperties": false, + "properties": { + "LabelTemplate": { + "markdownDescription": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`\n\n> In the and Regions, the only supported option is to use custom labels, and the `$AccountName` , `$AccountEmail` , and `$AccountEmailNoDomain` variables all resolve as *account-id* instead of the specified variable.", + "title": "LabelTemplate", + "type": "string" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkConfiguration", + "markdownDescription": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account.", + "title": "LinkConfiguration" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` .", + "title": "ResourceTypes", + "type": "array" + }, + "SinkIdentifier": { + "markdownDescription": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks.", + "title": "SinkIdentifier", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to the link.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ResourceTypes", + "SinkIdentifier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Oam::Link" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableConditionalFormatting": { + "AWS::Oam::Link.LinkConfiguration": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "LogGroupConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", + "markdownDescription": "Use this structure to filter which log groups are to share log events from this source account to the monitoring account.", + "title": "LogGroupConfiguration" + }, + "MetricConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", + "markdownDescription": "Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account.", + "title": "MetricConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableConditionalFormattingOption": { + "AWS::Oam::Link.LinkFilter": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" - }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" + "Filter": { + "markdownDescription": "When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account\n\nWhen used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.\n\nUse single quotation marks (') around log group names and metric namespaces.\n\nThe matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .\n\n- `=` and `!=`\n- `AND`\n- `OR`\n- `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.\n- `IN` and `NOT IN` , using parentheses `( )`\n\nExamples:\n\n- `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.\n- `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.\n- `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.\n- `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .\n- `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .\n- `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .\n\n> If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account.", + "title": "Filter", + "type": "string" } }, + "required": [ + "Filter" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableConfiguration": { + "AWS::Oam::Sink": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "TableInlineVisualizations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableInlineVisualization" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A name for the sink.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The IAM policy that grants permissions to source accounts to link to this sink. The policy can grant permission in the following ways:\n\n- Include organization IDs or organization paths to permit all accounts in an organization\n- Include account IDs to permit the specified accounts", + "title": "Policy", + "type": "object" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to the sink.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", - "type": "array" + "required": [ + "Name" + ], + "type": "object" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" + "Type": { + "enum": [ + "AWS::Oam::Sink" + ], + "type": "string" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldCustomIconContent": { + "AWS::Omics::AnnotationStore": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Annotation Store.", + "title": "Name", + "type": "string" + }, + "Reference": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.ReferenceItem", + "markdownDescription": "The genome reference for the store's annotations.", + "title": "Reference" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.SseConfig", + "markdownDescription": "The store's server-side encryption (SSE) settings.", + "title": "SseConfig" + }, + "StoreFormat": { + "markdownDescription": "The annotation file format of the store.", + "title": "StoreFormat", + "type": "string" + }, + "StoreOptions": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.StoreOptions", + "markdownDescription": "File parsing options for the annotation store.", + "title": "StoreOptions" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "StoreFormat" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::AnnotationStore" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldCustomTextContent": { + "AWS::Omics::AnnotationStore.ReferenceItem": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" - }, - "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", - "title": "Value", + "ReferenceArn": { + "markdownDescription": "The reference's ARN.", + "title": "ReferenceArn", "type": "string" } }, "required": [ - "FontConfiguration" + "ReferenceArn" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldImageConfiguration": { + "AWS::Omics::AnnotationStore.SseConfig": { "additionalProperties": false, "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldLinkConfiguration": { + "AWS::Omics::AnnotationStore.StoreOptions": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" - }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", - "type": "string" + "TsvStoreOptions": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.TsvStoreOptions", + "markdownDescription": "Formatting options for a TSV file.", + "title": "TsvStoreOptions" } }, "required": [ - "Content", - "Target" + "TsvStoreOptions" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration": { + "AWS::Omics::AnnotationStore.TsvStoreOptions": { "additionalProperties": false, "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" + "AnnotationType": { + "markdownDescription": "The store's annotation type.", + "title": "AnnotationType", + "type": "string" }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" + "FormatToHeader": { + "additionalProperties": true, + "markdownDescription": "The store's header key to column name mapping.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "FormatToHeader", + "type": "object" + }, + "Schema": { + "markdownDescription": "The schema of an annotation store.", + "title": "Schema", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldOption": { + "AWS::Omics::ReferenceStore": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::ReferenceStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::ReferenceStore" + ], "type": "string" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldOptions": { + "AWS::Omics::ReferenceStore.SseConfig": { "additionalProperties": false, "properties": { - "Order": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", - "type": "array" - }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOption" - }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", - "type": "array" + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldURLConfiguration": { + "AWS::Omics::RunGroup": { "additionalProperties": false, "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" + "Condition": { + "type": "string" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldWells": { - "additionalProperties": false, - "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableInlineVisualization": { - "additionalProperties": false, - "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableOptions": { - "additionalProperties": false, - "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" + "Metadata": { + "type": "object" }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "MaxCpus": { + "markdownDescription": "The group's maximum CPU count setting.", + "title": "MaxCpus", + "type": "number" + }, + "MaxDuration": { + "markdownDescription": "The group's maximum duration setting in minutes.", + "title": "MaxDuration", + "type": "number" + }, + "MaxGpus": { + "markdownDescription": "The maximum GPUs that can be used by a run group.", + "title": "MaxGpus", + "type": "number" + }, + "MaxRuns": { + "markdownDescription": "The group's maximum concurrent run setting.", + "title": "MaxRuns", + "type": "number" + }, + "Name": { + "markdownDescription": "The group's name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TablePaginatedReportOptions": { - "additionalProperties": false, - "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "Type": { + "enum": [ + "AWS::Omics::RunGroup" + ], "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TablePinnedFieldOptions": { - "additionalProperties": false, - "properties": { - "PinnedLeftFields": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableRowConditionalFormatting": { + "AWS::Omics::SequenceStore": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" + "Condition": { + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableSideBorderOptions": { - "additionalProperties": false, - "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" + "Metadata": { + "type": "object" }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLogLocation": { + "markdownDescription": "Location of the access logs.", + "title": "AccessLogLocation", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "ETagAlgorithmFamily": { + "markdownDescription": "The algorithm family of the ETag.", + "title": "ETagAlgorithmFamily", + "type": "string" + }, + "FallbackLocation": { + "markdownDescription": "An S3 location that is used to store files that have failed a direct upload.", + "title": "FallbackLocation", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "PropagatedSetLevelTags": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "PropagatedSetLevelTags", + "type": "array" + }, + "S3AccessPolicy": { + "markdownDescription": "", + "title": "S3AccessPolicy", + "type": "object" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::SequenceStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" + "Type": { + "enum": [ + "AWS::Omics::SequenceStore" + ], + "type": "string" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableSortConfiguration": { + "AWS::Omics::SequenceStore.SseConfig": { "additionalProperties": false, "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" }, - "RowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableStyleTarget": { - "additionalProperties": false, - "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", "type": "string" } }, "required": [ - "CellType" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableUnaggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" - }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableVisual": { + "AWS::Omics::VariantStore": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "Reference": { + "$ref": "#/definitions/AWS::Omics::VariantStore.ReferenceItem", + "markdownDescription": "The genome reference for the store's variants.", + "title": "Reference" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::VariantStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "Reference" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::Omics::VariantStore" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TextAreaControlDisplayOptions": { + "AWS::Omics::VariantStore.ReferenceItem": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "ReferenceArn": { + "markdownDescription": "The reference's ARN.", + "title": "ReferenceArn", + "type": "string" } }, + "required": [ + "ReferenceArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TextConditionalFormat": { + "AWS::Omics::VariantStore.SseConfig": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" - }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TextControlPlaceholderOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TextFieldControlDisplayOptions": { + "AWS::Omics::Workflow": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "Condition": { + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Accelerators": { + "markdownDescription": "", + "title": "Accelerators", + "type": "string" + }, + "DefinitionUri": { + "markdownDescription": "The URI of a definition for the workflow.", + "title": "DefinitionUri", + "type": "string" + }, + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "An engine for the workflow.", + "title": "Engine", + "type": "string" + }, + "Main": { + "markdownDescription": "The path of the main definition file for the workflow.", + "title": "Main", + "type": "string" + }, + "Name": { + "markdownDescription": "The workflow's name.", + "title": "Name", + "type": "string" + }, + "ParameterTemplate": { + "additionalProperties": false, + "markdownDescription": "The workflow's parameter template.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Omics::Workflow.WorkflowParameter" + } + }, + "title": "ParameterTemplate", + "type": "object" + }, + "StorageCapacity": { + "markdownDescription": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version. The `storageCapacity` can be overwritten at run time. The storage capacity is not required for runs with a `DYNAMIC` storage type.", + "title": "StorageCapacity", + "type": "number" + }, + "StorageType": { + "markdownDescription": "", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the workflow.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::Workflow" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ThousandSeparatorOptions": { + "AWS::Omics::Workflow.WorkflowParameter": { "additionalProperties": false, "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", - "type": "string" + "Optional": { + "markdownDescription": "Whether the parameter is optional.", + "title": "Optional", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TimeBasedForecastProperties": { + "AWS::Omics::WorkflowVersion": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" + "Condition": { + "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" + "Metadata": { + "type": "object" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Accelerators": { + "markdownDescription": "", + "title": "Accelerators", + "type": "string" + }, + "DefinitionUri": { + "markdownDescription": "", + "title": "DefinitionUri", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the workflow version.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "", + "title": "Engine", + "type": "string" + }, + "Main": { + "markdownDescription": "", + "title": "Main", + "type": "string" + }, + "ParameterTemplate": { + "additionalProperties": false, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Omics::WorkflowVersion.WorkflowParameter" + } + }, + "title": "ParameterTemplate", + "type": "object" + }, + "StorageCapacity": { + "markdownDescription": "", + "title": "StorageCapacity", + "type": "number" + }, + "StorageType": { + "markdownDescription": "", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "VersionName": { + "markdownDescription": "The name of the workflow version.", + "title": "VersionName", + "type": "string" + }, + "WorkflowBucketOwnerId": { + "markdownDescription": "", + "title": "WorkflowBucketOwnerId", + "type": "string" + }, + "WorkflowId": { + "markdownDescription": "The workflow's ID.", + "title": "WorkflowId", + "type": "string" + } + }, + "required": [ + "VersionName", + "WorkflowId" + ], + "type": "object" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "Type": { + "enum": [ + "AWS::Omics::WorkflowVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeEqualityFilter": { + "AWS::Omics::WorkflowVersion.WorkflowParameter": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", + "type": "string" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Optional": { + "markdownDescription": "Whether the parameter is optional.", + "title": "Optional", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::AccessPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of access policy. Currently the only option is `data` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::AccessPolicy" + ], "type": "string" }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeDrillDownFilter": { + "AWS::OpenSearchServerless::Collection": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Condition": { + "type": "string" }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the collection.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the collection.\n\nCollection names must meet the following criteria:\n\n- Starts with a lowercase letter\n- Unique to your account and AWS Region\n- Contains between 3 and 28 characters\n- Contains only lowercase letters a-z, the numbers 0-9, and the hyphen (-)", + "title": "Name", + "type": "string" + }, + "StandbyReplicas": { + "markdownDescription": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value.", + "title": "StandbyReplicas", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the collection.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::Collection" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeFilter": { + "AWS::OpenSearchServerless::Index": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "Metadata": { + "type": "object" }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" + "Properties": { + "additionalProperties": false, + "properties": { + "CollectionEndpoint": { + "markdownDescription": "The endpoint for the collection.", + "title": "CollectionEndpoint", + "type": "string" + }, + "IndexName": { + "markdownDescription": "The name of the OpenSearch Serverless index.", + "title": "IndexName", + "type": "string" + }, + "Mappings": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Mappings", + "markdownDescription": "Index mappings for the OpenSearch Serverless index.", + "title": "Mappings" + }, + "Settings": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.IndexSettings", + "markdownDescription": "Index settings for the OpenSearch Serverless index.", + "title": "Settings" + } + }, + "required": [ + "CollectionEndpoint", + "IndexName" + ], + "type": "object" }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" + "Type": { + "enum": [ + "AWS::OpenSearchServerless::Index" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeFilterValue": { + "AWS::OpenSearchServerless::Index.Index": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", - "type": "string" + "Knn": { + "markdownDescription": "Enable or disable k-nearest neighbor search capability.", + "title": "Knn", + "type": "boolean" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" + "KnnAlgoParamEfSearch": { + "markdownDescription": "The size of the dynamic list for the nearest neighbors.", + "title": "KnnAlgoParamEfSearch", + "type": "number" }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", + "RefreshInterval": { + "markdownDescription": "How often to perform a refresh operation. For example, 1s or 5s.", + "title": "RefreshInterval", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TooltipItem": { + "AWS::OpenSearchServerless::Index.IndexSettings": { "additionalProperties": false, "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" - }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" + "Index": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Index", + "markdownDescription": "Index settings.", + "title": "Index" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TooltipOptions": { + "AWS::OpenSearchServerless::Index.Mappings": { "additionalProperties": false, "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" - }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", - "type": "string" - }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", - "type": "string" + "Properties": { + "additionalProperties": false, + "markdownDescription": "Nested fields within an object or nested field type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.PropertyMapping" + } + }, + "title": "Properties", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomFilter": { + "AWS::OpenSearchServerless::Index.Method": { "additionalProperties": false, "properties": { - "AggregationSortConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationSortConfiguration" - }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Engine": { + "markdownDescription": "The k-NN search engine to use", + "title": "Engine", "type": "string" }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "Name": { + "markdownDescription": "The algorithm name for k-NN search.", + "title": "Name", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Parameters": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Parameters", + "markdownDescription": "Additional parameters for the k-NN algorithm.", + "title": "Parameters" + }, + "SpaceType": { + "markdownDescription": "The distance function used for k-NN search.", + "title": "SpaceType", "type": "string" } }, "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" + "Engine", + "Name" ], "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomMoversComputation": { + "AWS::OpenSearchServerless::Index.Parameters": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "EfConstruction": { + "markdownDescription": "The size of the dynamic list used during k-NN graph creation.", + "title": "EfConstruction", + "type": "number" }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", + "M": { + "markdownDescription": "Number of neighbors to consider during k-NN search.", + "title": "M", + "type": "number" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::Index.PropertyMapping": { + "additionalProperties": false, + "properties": { + "Dimension": { + "markdownDescription": "Dimension size for vector fields, defines the number of dimensions in the vector.", + "title": "Dimension", "type": "number" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "Index": { + "markdownDescription": "Whether a field should be indexed.", + "title": "Index", + "type": "boolean" }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", - "type": "string" + "Method": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Method", + "markdownDescription": "Configuration for k-NN search method.", + "title": "Method" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Properties": { + "additionalProperties": false, + "markdownDescription": "Defines the fields within the mapping, including their types and configurations.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.PropertyMapping" + } + }, + "title": "Properties", + "type": "object" }, "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "markdownDescription": "The field data type. Must be a valid OpenSearch field type.", "title": "Type", "type": "string" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "markdownDescription": "Default value for the field when not specified in a document.", + "title": "Value", + "type": "string" } }, "required": [ - "ComputationId", "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomRankedComputation": { + "AWS::OpenSearchServerless::LifecyclePolicy": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the lifecycle policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the lifecycle policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of lifecycle policy.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" }, "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", + "enum": [ + "AWS::OpenSearchServerless::LifecyclePolicy" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationComputation": { + "AWS::OpenSearchServerless::SecurityConfig": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the security configuration.", + "title": "Description", + "type": "string" + }, + "IamIdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.IamIdentityCenterConfigOptions", + "markdownDescription": "Describes IAM Identity Center options in the form of a key-value map.", + "title": "IamIdentityCenterOptions" + }, + "Name": { + "markdownDescription": "The name of the security configuration.", + "title": "Name", + "type": "string" + }, + "SamlOptions": { + "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions", + "markdownDescription": "SAML options for the security configuration in the form of a key-value map.", + "title": "SamlOptions" + }, + "Type": { + "markdownDescription": "The type of security configuration. Currently the only option is `saml` .", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::SecurityConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationFunction": { + "AWS::OpenSearchServerless::SecurityConfig.IamIdentityCenterConfigOptions": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", + "ApplicationArn": { + "markdownDescription": "The ARN of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TotalAggregationOption": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", + }, + "ApplicationDescription": { + "markdownDescription": "The description of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationDescription", "type": "string" }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" + "ApplicationName": { + "markdownDescription": "The name of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationName", + "type": "string" + }, + "GroupAttribute": { + "markdownDescription": "The group attribute for this IAM Identity Center integration. Defaults to `GroupId` .", + "title": "GroupAttribute", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless.", + "title": "InstanceArn", + "type": "string" + }, + "UserAttribute": { + "markdownDescription": "The user attribute for this IAM Identity Center integration. Defaults to `UserId`", + "title": "UserAttribute", + "type": "string" } }, "required": [ - "FieldId", - "TotalAggregationFunction" + "InstanceArn" ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalOptions": { + "AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", + "GroupAttribute": { + "markdownDescription": "The group attribute for this SAML integration.", + "title": "GroupAttribute", "type": "string" }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "Metadata": { + "markdownDescription": "The XML IdP metadata file generated from your identity provider.", + "title": "Metadata", "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "OpenSearchServerlessEntityId": { + "markdownDescription": "Custom entity id attribute to override default entity id for this saml integration.", + "title": "OpenSearchServerlessEntityId", "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" + "SessionTimeout": { + "markdownDescription": "The session timeout, in minutes. Default is 60 minutes (12 hours).", + "title": "SessionTimeout", + "type": "number" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "UserAttribute": { + "markdownDescription": "A user attribute for this SAML integration.", + "title": "UserAttribute", "type": "string" } }, + "required": [ + "Metadata" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells": { + "AWS::OpenSearchServerless::SecurityPolicy": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", - "type": "array" + "Condition": { + "type": "string" }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Sizes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TreeMapConfiguration": { - "additionalProperties": false, - "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Metadata": { + "type": "object" }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the security policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of security policy. Can be either `encryption` or `network` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", - "title": "SortConfiguration" + "Type": { + "enum": [ + "AWS::OpenSearchServerless::SecurityPolicy" + ], + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TreeMapFieldWells": { - "additionalProperties": false, - "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapSortConfiguration": { + "AWS::OpenSearchServerless::VpcEndpoint": { "additionalProperties": false, "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" + "Condition": { + "type": "string" }, - "TreeMapSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the endpoint.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets from which you access OpenSearch Serverless.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC from which you access OpenSearch Serverless.", + "title": "VpcId", + "type": "string" + } }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", - "type": "array" + "required": [ + "Name", + "SubnetIds", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::VpcEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapVisual": { + "AWS::OpenSearchService::Application": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "AppConfigs": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.AppConfig" + }, + "markdownDescription": "", + "title": "AppConfigs", + "type": "array" + }, + "DataSources": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.DataSource" + }, + "markdownDescription": "", + "title": "DataSources", + "type": "array" + }, + "Endpoint": { + "markdownDescription": "The endpoint URL of an OpenSearch application.", + "title": "Endpoint", + "type": "string" + }, + "IamIdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.IamIdentityCenterOptions", + "markdownDescription": "Settings container for integrating IAM Identity Center with OpenSearch UI applications, which enables enabling secure user authentication and access control across multiple data sources. This setup supports single sign-on (SSO) through IAM Identity Center, allowing centralized user management.", + "title": "IamIdentityCenterOptions" + }, + "Name": { + "markdownDescription": "The name of an OpenSearch application.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::OpenSearchService::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TrendArrowOptions": { + "AWS::OpenSearchService::Application.AppConfig": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", - "title": "Visibility", + "Key": { + "markdownDescription": "The configuration item to set, such as the admin role for the OpenSearch application.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value assigned to the configuration key, such as an IAM user ARN.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Analysis.UnaggregatedField": { + "AWS::OpenSearchService::Application.DataSource": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DataSourceArn": { + "markdownDescription": "", + "title": "DataSourceArn", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "DataSourceDescription": { + "markdownDescription": "Detailed description of a data source.", + "title": "DataSourceDescription", + "type": "string" } }, "required": [ - "Column", - "FieldId" + "DataSourceArn" ], "type": "object" }, - "AWS::QuickSight::Analysis.UniqueValuesComputation": { + "AWS::OpenSearchService::Application.IamIdentityCenterOptions": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" + "Enabled": { + "markdownDescription": "Indicates whether IAM Identity Center is enabled for the OpenSearch application.", + "title": "Enabled", + "type": "boolean" }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "IamIdentityCenterInstanceArn": { + "markdownDescription": "", + "title": "IamIdentityCenterInstanceArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "IamRoleForIdentityCenterApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role assigned to the IAM Identity Center application for the OpenSearch application.", + "title": "IamRoleForIdentityCenterApplicationArn", "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ValidationStrategy": { + "AWS::OpenSearchService::Domain": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPolicies": { + "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "AccessPolicies", + "type": "object" + }, + "AdvancedOptions": { + "additionalProperties": true, + "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdvancedOptions", + "type": "object" + }, + "AdvancedSecurityOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput", + "markdownDescription": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain.", + "title": "AdvancedSecurityOptions" + }, + "ClusterConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ClusterConfig", + "markdownDescription": "Container for the cluster configuration of a domain.", + "title": "ClusterConfig" + }, + "CognitoOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.CognitoOptions", + "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", + "title": "CognitoOptions" + }, + "DomainEndpointOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", + "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", + "title": "DomainEndpointOptions" + }, + "DomainName": { + "markdownDescription": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DomainName", + "type": "string" + }, + "EBSOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.EBSOptions", + "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "EBSOptions" + }, + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.EncryptionAtRestOptions", + "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "EncryptionAtRestOptions" + }, + "EngineVersion": { + "markdownDescription": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "EngineVersion", + "type": "string" + }, + "IPAddressType": { + "markdownDescription": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later.", + "title": "IPAddressType", + "type": "string" + }, + "IdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.IdentityCenterOptions", + "markdownDescription": "Configuration options for controlling IAM Identity Center integration within a domain.", + "title": "IdentityCenterOptions" + }, + "LogPublishingOptions": { + "additionalProperties": false, + "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.LogPublishingOption" + } + }, + "title": "LogPublishingOptions", + "type": "object" + }, + "NodeToNodeEncryptionOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions", + "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", + "title": "NodeToNodeEncryptionOptions" + }, + "OffPeakWindowOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindowOptions", + "markdownDescription": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.", + "title": "OffPeakWindowOptions" + }, + "SkipShardMigrationWait": { + "markdownDescription": "", + "title": "SkipShardMigrationWait", + "type": "boolean" + }, + "SnapshotOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SnapshotOptions", + "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes.", + "title": "SnapshotOptions" + }, + "SoftwareUpdateOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SoftwareUpdateOptions", + "markdownDescription": "Service software update options for the domain.", + "title": "SoftwareUpdateOptions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", + "title": "Tags", + "type": "array" + }, + "VPCOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.VPCOptions", + "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint.", + "title": "VPCOptions" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchService::Domain" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Mode" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.VisibleRangeOptions": { - "additionalProperties": false, - "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.Visual": { + "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" + "AnonymousAuthDisableDate": { + "markdownDescription": "Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", + "title": "AnonymousAuthDisableDate", + "type": "string" }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" + "AnonymousAuthEnabled": { + "markdownDescription": "True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", + "title": "AnonymousAuthEnabled", + "type": "boolean" }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" + "Enabled": { + "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) .", + "title": "Enabled", + "type": "boolean" }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" + "InternalUserDatabaseEnabled": { + "markdownDescription": "True to enable the internal user database.", + "title": "InternalUserDatabaseEnabled", + "type": "boolean" }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" + "JWTOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.JWTOptions", + "markdownDescription": "Container for information about the JWT configuration of the Amazon OpenSearch Service.", + "title": "JWTOptions" }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" + "MasterUserOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.MasterUserOptions", + "markdownDescription": "Specifies information about the master user.", + "title": "MasterUserOptions" }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" + "SAMLOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SAMLOptions", + "markdownDescription": "Container for information about the SAML configuration for OpenSearch Dashboards.", + "title": "SAMLOptions" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.ClusterConfig": { + "additionalProperties": false, + "properties": { + "ColdStorageOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ColdStorageOptions", + "markdownDescription": "Container for cold storage configuration options.", + "title": "ColdStorageOptions" }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" + "DedicatedMasterCount": { + "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property.", + "title": "DedicatedMasterCount", + "type": "number" }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" + "DedicatedMasterEnabled": { + "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", + "title": "DedicatedMasterEnabled", + "type": "boolean" }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" + "DedicatedMasterType": { + "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "DedicatedMasterType", + "type": "string" }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" + "InstanceCount": { + "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", + "title": "InstanceCount", + "type": "number" }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" + "InstanceType": { + "markdownDescription": "The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "InstanceType", + "type": "string" }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" + "MultiAZWithStandbyEnabled": { + "markdownDescription": "Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) .", + "title": "MultiAZWithStandbyEnabled", + "type": "boolean" }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" + "NodeOptions": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeOption" + }, + "markdownDescription": "List of node options for the domain.", + "title": "NodeOptions", + "type": "array" }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" + "WarmCount": { + "markdownDescription": "The number of warm nodes in the cluster.", + "title": "WarmCount", + "type": "number" }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" + "WarmEnabled": { + "markdownDescription": "Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) .", + "title": "WarmEnabled", + "type": "boolean" }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" + "WarmType": { + "markdownDescription": "The instance type for the cluster's warm nodes.", + "title": "WarmType", + "type": "string" }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" + "ZoneAwarenessConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ZoneAwarenessConfig", + "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", + "title": "ZoneAwarenessConfig" }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" + "ZoneAwarenessEnabled": { + "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", + "title": "ZoneAwarenessEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.CognitoOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", + "title": "Enabled", + "type": "boolean" }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" + "IdentityPoolId": { + "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "IdentityPoolId", + "type": "string" }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "RoleArn": { + "markdownDescription": "The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "RoleArn", + "type": "string" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" + "UserPoolId": { + "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "UserPoolId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualCustomAction": { + "AWS::OpenSearchService::Domain.ColdStorageOptions": { "additionalProperties": false, "properties": { - "ActionOperations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomActionOperation" - }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", - "type": "array" - }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", + "Enabled": { + "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.DomainEndpointOptions": { + "additionalProperties": false, + "properties": { + "CustomEndpoint": { + "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpoint", "type": "string" }, - "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", - "title": "Name", + "CustomEndpointCertificateArn": { + "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpointCertificateArn", "type": "string" }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", - "type": "string" + "CustomEndpointEnabled": { + "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", + "title": "CustomEndpointEnabled", + "type": "boolean" }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", + "EnforceHTTPS": { + "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "EnforceHTTPS", + "type": "boolean" + }, + "TLSSecurityPolicy": { + "markdownDescription": "The minimum TLS version required for traffic to the domain. The policy can be one of the following values:\n\n- *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2\n- *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2\n- *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites", + "title": "TLSSecurityPolicy", "type": "string" } }, - "required": [ - "ActionOperations", - "CustomActionId", - "Name", - "Trigger" - ], "type": "object" }, - "AWS::QuickSight::Analysis.VisualCustomActionOperation": { + "AWS::OpenSearchService::Domain.EBSOptions": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" + "EBSEnabled": { + "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", + "title": "EBSEnabled", + "type": "boolean" }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types.", + "title": "Iops", + "type": "number" }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" + "Throughput": { + "markdownDescription": "The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type.", + "title": "Throughput", + "type": "number" }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" + "VolumeSize": { + "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualPalette": { + "AWS::OpenSearchService::Domain.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", - "type": "string" + "Enabled": { + "markdownDescription": "Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "Enabled", + "type": "boolean" }, - "ColorMap": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathColor" - }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", - "type": "array" + "KmsKeyId": { + "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "KmsKeyId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualSubtitleLabelOptions": { + "AWS::OpenSearchService::Domain.IdentityCenterOptions": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" + "EnabledAPIAccess": { + "markdownDescription": "Indicates whether IAM Identity Center is enabled for the application.", + "title": "EnabledAPIAccess", + "type": "boolean" }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", + "IdentityCenterApplicationARN": { + "markdownDescription": "The ARN of the IAM Identity Center application that integrates with Amazon OpenSearch Service.", + "title": "IdentityCenterApplicationARN", + "type": "string" + }, + "IdentityCenterInstanceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance.", + "title": "IdentityCenterInstanceARN", + "type": "string" + }, + "IdentityStoreId": { + "markdownDescription": "The identifier of the IAM Identity Store.", + "title": "IdentityStoreId", + "type": "string" + }, + "RolesKey": { + "markdownDescription": "Specifies the attribute that contains the backend role identifier (such as group name or group ID) in IAM Identity Center.", + "title": "RolesKey", + "type": "string" + }, + "SubjectKey": { + "markdownDescription": "Specifies the attribute that contains the subject identifier (such as username, user ID, or email) in IAM Identity Center.", + "title": "SubjectKey", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualTitleLabelOptions": { + "AWS::OpenSearchService::Domain.Idp": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" + "EntityId": { + "markdownDescription": "The unique entity ID of the application in the SAML identity provider.", + "title": "EntityId", + "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the title label.", - "title": "Visibility", + "MetadataContent": { + "markdownDescription": "The metadata of the SAML application, in XML format.", + "title": "MetadataContent", "type": "string" } }, + "required": [ + "EntityId", + "MetadataContent" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells": { + "AWS::OpenSearchService::Domain.JWTOptions": { "additionalProperties": false, "properties": { - "Breakdowns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", - "type": "array" + "Enabled": { + "markdownDescription": "", + "title": "Enabled", + "type": "boolean" }, - "Categories": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", - "type": "array" + "PublicKey": { + "markdownDescription": "", + "title": "PublicKey", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a waterfall visual.", - "title": "Values", - "type": "array" + "RolesKey": { + "markdownDescription": "", + "title": "RolesKey", + "type": "string" + }, + "SubjectKey": { + "markdownDescription": "", + "title": "SubjectKey", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartConfiguration": { + "AWS::OpenSearchService::Domain.LogPublishingOption": { "additionalProperties": false, "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" - }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", - "title": "SortConfiguration" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", - "title": "VisualPalette" + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing.", + "title": "CloudWatchLogsLogGroupArn", + "type": "string" }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" + "Enabled": { + "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartFieldWells": { + "AWS::OpenSearchService::Domain.MasterUserOptions": { "additionalProperties": false, "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" + "MasterUserARN": { + "markdownDescription": "Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "MasterUserARN", + "type": "string" + }, + "MasterUserName": { + "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", + "title": "MasterUserName", + "type": "string" + }, + "MasterUserPassword": { + "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", + "title": "MasterUserPassword", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartOptions": { + "AWS::OpenSearchService::Domain.NodeConfig": { "additionalProperties": false, "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", + "Count": { + "markdownDescription": "The number of nodes of a specific type within the cluster.", + "title": "Count", + "type": "number" + }, + "Enabled": { + "markdownDescription": "A boolean value indicating whether a specific node type is active or inactive.", + "title": "Enabled", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The instance type of a particular node within the cluster.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartSortConfiguration": { + "AWS::OpenSearchService::Domain.NodeOption": { "additionalProperties": false, "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" + "NodeConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeConfig", + "markdownDescription": "Configuration options for defining the setup of any node type.", + "title": "NodeConfig" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "NodeType": { + "markdownDescription": "Defines the type of node, such as coordinating nodes.", + "title": "NodeType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallVisual": { + "AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "Enabled", + "type": "boolean" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.WhatIfPointScenario": { + "AWS::OpenSearchService::Domain.OffPeakWindow": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", - "type": "string" - }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", - "title": "Value", - "type": "number" + "WindowStartTime": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.WindowStartTime", + "markdownDescription": "The desired start time for an off-peak maintenance window.", + "title": "WindowStartTime" } }, - "required": [ - "Date", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Analysis.WhatIfRangeScenario": { + "AWS::OpenSearchService::Domain.OffPeakWindowOptions": { "additionalProperties": false, "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", - "type": "string" - }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether off-peak window settings are enabled for the domain.", + "title": "Enabled", + "type": "boolean" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", - "title": "Value", - "type": "number" + "OffPeakWindow": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindow", + "markdownDescription": "Off-peak window settings for the domain.", + "title": "OffPeakWindow" } }, - "required": [ - "EndDate", - "StartDate", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells": { + "AWS::OpenSearchService::Domain.SAMLOptions": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" + "Enabled": { + "markdownDescription": "True to enable SAML authentication for a domain.", + "title": "Enabled", + "type": "boolean" }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.WordCloudChartConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", - "title": "CategoryLabelOptions" + "Idp": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.Idp", + "markdownDescription": "The SAML Identity Provider's information.", + "title": "Idp" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "MasterBackendRole": { + "markdownDescription": "The backend role that the SAML master user is mapped to.", + "title": "MasterBackendRole", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", - "title": "SortConfiguration" + "MasterUserName": { + "markdownDescription": "The SAML master user name, which is stored in the domain's internal user database.", + "title": "MasterUserName", + "type": "string" }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.WordCloudFieldWells": { - "additionalProperties": false, - "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" + "RolesKey": { + "markdownDescription": "Element of the SAML assertion to use for backend roles. Default is `roles` .", + "title": "RolesKey", + "type": "string" + }, + "SessionTimeoutMinutes": { + "markdownDescription": "The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.", + "title": "SessionTimeoutMinutes", + "type": "number" + }, + "SubjectKey": { + "markdownDescription": "Element of the SAML assertion to use for the user name. Default is `NameID` .", + "title": "SubjectKey", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudOptions": { + "AWS::OpenSearchService::Domain.ServiceSoftwareOptions": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", + "AutomatedUpdateDate": { + "markdownDescription": "The timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software.", + "title": "AutomatedUpdateDate", "type": "string" }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" + "Cancellable": { + "markdownDescription": "True if you're able to cancel your service software version update. False if you can't cancel your service software update.", + "title": "Cancellable", + "type": "boolean" }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", + "CurrentVersion": { + "markdownDescription": "The current service software version present on the domain.", + "title": "CurrentVersion", "type": "string" }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", + "Description": { + "markdownDescription": "A description of the service software update status.", + "title": "Description", "type": "string" }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", + "NewVersion": { + "markdownDescription": "The new service software version, if one is available.", + "title": "NewVersion", "type": "string" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", + "OptionalDeployment": { + "markdownDescription": "True if a service software is never automatically updated. False if a service software is automatically updated after the automated update date.", + "title": "OptionalDeployment", + "type": "boolean" + }, + "UpdateAvailable": { + "markdownDescription": "True if you're able to update your service software version. False if you can't update your service software version.", + "title": "UpdateAvailable", + "type": "boolean" + }, + "UpdateStatus": { + "markdownDescription": "The status of your service software update.", + "title": "UpdateStatus", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudSortConfiguration": { + "AWS::OpenSearchService::Domain.SnapshotOptions": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "CategorySort", - "type": "array" + "AutomatedSnapshotStartHour": { + "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", + "title": "AutomatedSnapshotStartHour", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudVisual": { + "AWS::OpenSearchService::Domain.SoftwareUpdateOptions": { "additionalProperties": false, "properties": { - "Actions": { + "AutoSoftwareUpdateEnabled": { + "markdownDescription": "Specifies whether automatic service software updates are enabled for the domain.", + "title": "AutoSoftwareUpdateEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.VPCOptions": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nIf you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error \"You must specify exactly one subnet\" during template creation.", + "title": "SubnetIds", "type": "array" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.WindowStartTime": { + "additionalProperties": false, + "properties": { + "Hours": { + "markdownDescription": "The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23.", + "title": "Hours", + "type": "number" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "Minutes": { + "markdownDescription": "The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59.", + "title": "Minutes", + "type": "number" } }, "required": [ - "VisualId" + "Hours", + "Minutes" ], "type": "object" }, - "AWS::QuickSight::Dashboard": { + "AWS::OpenSearchService::Domain.ZoneAwarenessConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZoneCount": { + "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", + "title": "AvailabilityZoneCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::OpsWorks::App": { "additionalProperties": false, "properties": { "Condition": { @@ -195304,96 +206600,92 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you want to create the dashboard.", - "title": "AwsAccountId", - "type": "string" - }, - "DashboardId": { - "markdownDescription": "The ID for the dashboard, also added to the IAM policy.", - "title": "DashboardId", - "type": "string" - }, - "DashboardPublishOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardPublishOptions", - "markdownDescription": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default.", - "title": "DashboardPublishOptions" + "AppSource": { + "$ref": "#/definitions/AWS::OpsWorks::App.Source", + "markdownDescription": "A `Source` object that specifies the app repository.", + "title": "AppSource" }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVersionDefinition", - "markdownDescription": "", - "title": "Definition" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key/value pairs to be added to the stack attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" }, - "LinkEntities": { + "DataSources": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::OpsWorks::App.DataSource" }, - "markdownDescription": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard.", - "title": "LinkEntities", + "markdownDescription": "The app's data source.", + "title": "DataSources", "type": "array" }, - "LinkSharingConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LinkSharingConfiguration", - "markdownDescription": "A structure that contains the link sharing configurations that you want to apply overrides to.", - "title": "LinkSharingConfiguration" - }, - "Name": { - "markdownDescription": "The display name of the dashboard.", - "title": "Name", + "Description": { + "markdownDescription": "A description of the app.", + "title": "Description", "type": "string" }, - "Parameters": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Parameters", - "markdownDescription": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values.", - "title": "Parameters" - }, - "Permissions": { + "Domains": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" + "type": "string" }, - "markdownDescription": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list.", - "title": "Permissions", + "markdownDescription": "The app virtual host settings, with multiple domains separated by commas. For example: `'www.example.com, example.com'`", + "title": "Domains", "type": "array" }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceEntity", - "markdownDescription": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.", - "title": "SourceEntity" + "EnableSsl": { + "markdownDescription": "Whether to enable SSL for the app.", + "title": "EnableSsl", + "type": "boolean" }, - "Tags": { + "Environment": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::OpsWorks::App.EnvironmentVariable" }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard.", - "title": "Tags", + "markdownDescription": "An array of `EnvironmentVariable` objects that specify environment variables to be associated with the app. After you deploy the app, these variables are defined on the associated app server instance. For more information, see [Environment Variables](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html#workingapps-creating-environment) .\n\nThere is no specific limit on the number of environment variables. However, the size of the associated data structure - which includes the variables' names, values, and protected flag values - cannot exceed 20 KB. This limit should accommodate most if not all use cases. Exceeding it will cause an exception with the message, \"Environment: is too large (maximum is 20KB).\"\n\n> If you have specified one or more environment variables, you cannot modify the stack's Chef version.", + "title": "Environment", "type": "array" }, - "ThemeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard.", - "title": "ThemeArn", + "Name": { + "markdownDescription": "The app name.", + "title": "Name", "type": "string" }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" + "Shortname": { + "markdownDescription": "The app's short name.", + "title": "Shortname", + "type": "string" }, - "VersionDescription": { - "markdownDescription": "A description for the first version of the dashboard being created.", - "title": "VersionDescription", + "SslConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::App.SslConfiguration", + "markdownDescription": "An `SslConfiguration` object with the SSL configuration.", + "title": "SslConfiguration" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + }, + "Type": { + "markdownDescription": "The app type. Each supported type is associated with a particular layer. For example, PHP applications are associated with a PHP layer. AWS OpsWorks Stacks deploys an application to those instances that are members of the corresponding layer. If your app isn't one of the standard types, or you prefer to implement your own Deploy recipes, specify `other` .", + "title": "Type", "type": "string" } }, "required": [ - "AwsAccountId", - "DashboardId", - "Name" + "Name", + "StackId", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Dashboard" + "AWS::OpsWorks::App" ], "type": "string" }, @@ -195412,10996 +206704,14246 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.AdHocFilteringOption": { + "AWS::OpsWorks::App.DataSource": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "Availability status.", - "title": "AvailabilityStatus", + "Arn": { + "markdownDescription": "The data source's ARN.", + "title": "Arn", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AggregationFunction": { - "additionalProperties": false, - "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", + "DatabaseName": { + "markdownDescription": "The database name.", + "title": "DatabaseName", "type": "string" }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", + "Type": { + "markdownDescription": "The data source's type, `AutoSelectOpsworksMysqlInstance` , `OpsworksMysqlInstance` , `RdsDbInstance` , or `None` .", + "title": "Type", "type": "string" - }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AggregationSortConfiguration": { + "AWS::OpsWorks::App.EnvironmentVariable": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" + "Key": { + "markdownDescription": "(Required) The environment variable's name, which can consist of up to 64 characters and must be specified. The name can contain upper- and lowercase letters, numbers, and underscores (_), but it must start with a letter or underscore.", + "title": "Key", + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" + "Secure": { + "markdownDescription": "(Optional) Whether the variable's value is returned by the `DescribeApps` action. To hide an environment variable's value, set `Secure` to `true` . `DescribeApps` returns `*****FILTERED*****` instead of the actual value. The default value for `Secure` is `false` .", + "title": "Secure", + "type": "boolean" }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", + "Value": { + "markdownDescription": "(Optional) The environment variable's value, which can be left empty. If you specify a value, it can contain up to 256 characters, which must all be printable.", + "title": "Value", "type": "string" } }, "required": [ - "Column", - "SortDirection" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.AnalysisDefaults": { - "additionalProperties": false, - "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" - } - }, - "required": [ - "DefaultNewSheetConfiguration" + "Key", + "Value" ], "type": "object" }, - "AWS::QuickSight::Dashboard.AnchorDateConfiguration": { + "AWS::OpsWorks::App.Source": { "additionalProperties": false, "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", + "Password": { + "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "Password", "type": "string" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", + "Revision": { + "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", + "title": "Revision", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ArcAxisConfiguration": { - "additionalProperties": false, - "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ArcAxisDisplayRange": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", - "type": "number" + "SshKey": { + "markdownDescription": "In requests, the repository's SSH key.\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "SshKey", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ArcConfiguration": { - "additionalProperties": false, - "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", - "type": "number" + "Type": { + "markdownDescription": "The repository type.", + "title": "Type", + "type": "string" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", + "Url": { + "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", + "title": "Url", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ArcOptions": { - "additionalProperties": false, - "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", + }, + "Username": { + "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", + "title": "Username", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AssetOptions": { + "AWS::OpsWorks::App.SslConfiguration": { "additionalProperties": false, "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", + "Certificate": { + "markdownDescription": "The contents of the certificate's domain.crt file.", + "title": "Certificate", "type": "string" }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", + "Chain": { + "markdownDescription": "Optional. Can be used to specify an intermediate certificate authority key or client authentication.", + "title": "Chain", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The private key; the contents of the certificate's domain.kex file.", + "title": "PrivateKey", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AttributeAggregationFunction": { + "AWS::OpsWorks::ElasticLoadBalancerAttachment": { "additionalProperties": false, "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", + "Condition": { "type": "string" }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisDataOptions": { - "additionalProperties": false, - "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", - "type": "number" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ElasticLoadBalancerName": { + "markdownDescription": "The Elastic Load Balancing instance name.", + "title": "ElasticLoadBalancerName", + "type": "string" + }, + "LayerId": { + "markdownDescription": "The AWS OpsWorks layer ID to which the Elastic Load Balancing load balancer is attached.", + "title": "LayerId", + "type": "string" + } + }, + "required": [ + "ElasticLoadBalancerName", + "LayerId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::ElasticLoadBalancerAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.AxisDisplayOptions": { + "AWS::OpsWorks::Instance": { "additionalProperties": false, "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", - "type": "string" - }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", + "Condition": { "type": "string" }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" - }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisDisplayRange": { - "additionalProperties": false, - "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", + "Metadata": { "type": "object" }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisLabelOptions": { - "additionalProperties": false, - "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" + "Properties": { + "additionalProperties": false, + "properties": { + "AgentVersion": { + "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- `INHERIT` - Use the stack's default agent version setting.\n- *version_number* - Use the specified agent version. This value overrides the stack's default setting. To update the agent version, edit the instance configuration and specify a new version. AWS OpsWorks Stacks installs that version on the instance.\n\nThe default setting is `INHERIT` . To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.", + "title": "AgentVersion", + "type": "string" + }, + "AmiId": { + "markdownDescription": "A custom AMI ID to be used to create the instance. The AMI should be based on one of the supported operating systems. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\n> If you specify a custom AMI, you must set `Os` to `Custom` .", + "title": "AmiId", + "type": "string" + }, + "Architecture": { + "markdownDescription": "The instance architecture. The default option is `x86_64` . Instance types do not necessarily support both architectures. For a list of the architectures that are supported by the different instance types, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) .", + "title": "Architecture", + "type": "string" + }, + "AutoScalingType": { + "markdownDescription": "For load-based or time-based instances, the type. Windows stacks can use only time-based instances.", + "title": "AutoScalingType", + "type": "string" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the AWS OpsWorks instance, such as `us-east-2a` .", + "title": "AvailabilityZone", + "type": "string" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.BlockDeviceMapping" + }, + "markdownDescription": "An array of `BlockDeviceMapping` objects that specify the instance's block devices. For more information, see [Block Device Mapping](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) . Note that block device mappings are not supported for custom AMIs.", + "title": "BlockDeviceMappings", + "type": "array" + }, + "EbsOptimized": { + "markdownDescription": "Whether to create an Amazon EBS-optimized instance.", + "title": "EbsOptimized", + "type": "boolean" + }, + "ElasticIps": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Elastic IP addresses to associate with the instance.", + "title": "ElasticIps", + "type": "array" + }, + "Hostname": { + "markdownDescription": "The instance host name. The following are character limits for instance host names.\n\n- Linux-based instances: 63 characters\n- Windows-based instances: 15 characters", + "title": "Hostname", + "type": "string" + }, + "InstallUpdatesOnBoot": { + "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> We strongly recommend using the default value of `true` to ensure that your instances have the latest security updates.", + "title": "InstallUpdatesOnBoot", + "type": "boolean" + }, + "InstanceType": { + "markdownDescription": "The instance type, such as `t2.micro` . For a list of supported instance types, open the stack in the console, choose *Instances* , and choose *+ Instance* . The *Size* list contains the currently supported types. For more information, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) . The parameter values that you use to specify the various types are in the *API Name* column of the *Available Instance Types* table.", + "title": "InstanceType", + "type": "string" + }, + "LayerIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array that contains the instance's layer IDs.", + "title": "LayerIds", + "type": "array" + }, + "Os": { + "markdownDescription": "The instance's operating system, which must be set to one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` .\n\nNot all operating systems are supported with all versions of Chef. For more information about the supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .\n\nThe default option is the current Amazon Linux version. If you set this parameter to `Custom` , you must use the `CreateInstance` action's AmiId parameter to specify the custom AMI that you want to use. Block device mappings are not supported if the value is `Custom` . For more information about how to use custom AMIs with AWS OpsWorks Stacks, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .", + "title": "Os", + "type": "string" + }, + "RootDeviceType": { + "markdownDescription": "The instance root device type. For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", + "title": "RootDeviceType", + "type": "string" + }, + "SshKeyName": { + "markdownDescription": "The instance's Amazon EC2 key-pair name.", + "title": "SshKeyName", + "type": "string" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the instance's subnet. If the stack is running in a VPC, you can use this parameter to override the stack's default subnet ID value and direct AWS OpsWorks Stacks to launch the instance in a different subnet.", + "title": "SubnetId", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The instance's tenancy option. The default option is no tenancy, or if the instance is running in a VPC, inherit tenancy settings from the VPC. The following are valid values for this parameter: `dedicated` , `default` , or `host` . Because there are costs associated with changes in tenancy options, we recommend that you research tenancy options before choosing them for your instances. For more information about dedicated hosts, see [Dedicated Hosts Overview](https://docs.aws.amazon.com/ec2/dedicated-hosts/) and [Amazon EC2 Dedicated Hosts](https://docs.aws.amazon.com/ec2/dedicated-hosts/) . For more information about dedicated instances, see [Dedicated Instances](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html) and [Amazon EC2 Dedicated Instances](https://docs.aws.amazon.com/ec2/purchasing-options/dedicated-instances/) .", + "title": "Tenancy", + "type": "string" + }, + "TimeBasedAutoScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.TimeBasedAutoScaling", + "markdownDescription": "The time-based scaling configuration for the instance.", + "title": "TimeBasedAutoScaling" + }, + "VirtualizationType": { + "markdownDescription": "The instance's virtualization type, `paravirtual` or `hvm` .", + "title": "VirtualizationType", + "type": "string" + }, + "Volumes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS OpsWorks volume IDs to associate with the instance. For more information, see [`AWS::OpsWorks::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-volume.html) .", + "title": "Volumes", + "type": "array" + } + }, + "required": [ + "InstanceType", + "LayerIds", + "StackId" + ], + "type": "object" }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", + "Type": { + "enum": [ + "AWS::OpsWorks::Instance" + ], "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisLabelReferenceOptions": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", - "title": "FieldId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.AxisLinearScale": { + "AWS::OpsWorks::Instance.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", - "type": "number" + "DeviceName": { + "markdownDescription": "The device name that is exposed to the instance, such as `/dev/sdh` . For the root device, you can use the explicit device name or you can set this parameter to `ROOT_DEVICE` and AWS OpsWorks Stacks will provide the correct device name.", + "title": "DeviceName", + "type": "string" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", - "type": "number" + "Ebs": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.EbsBlockDevice", + "markdownDescription": "An `EBSBlockDevice` that defines how to configure an Amazon EBS volume when the instance is launched. You can specify either the `VirtualName` or `Ebs` , but not both.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "Suppresses the specified device included in the AMI's block device mapping.", + "title": "NoDevice", + "type": "string" + }, + "VirtualName": { + "markdownDescription": "The virtual device name. For more information, see [BlockDeviceMapping](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html) . You can specify either the `VirtualName` or `Ebs` , but not both.", + "title": "VirtualName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisLogarithmicScale": { + "AWS::OpsWorks::Instance.EbsBlockDevice": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", + "DeleteOnTermination": { + "markdownDescription": "Whether the volume is deleted on instance termination.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", + "title": "Iops", "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisScale": { - "additionalProperties": false, - "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" + "SnapshotId": { + "markdownDescription": "The snapshot ID.", + "title": "SnapshotId", + "type": "string" + }, + "VolumeSize": { + "markdownDescription": "The volume size, in GiB. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. `gp2` for General Purpose (SSD) volumes, `io1` for Provisioned IOPS (SSD) volumes, `st1` for Throughput Optimized hard disk drives (HDD), `sc1` for Cold HDD,and `standard` for Magnetic volumes.\n\nIf you specify the `io1` volume type, you must also specify a value for the `Iops` attribute. The maximum ratio of provisioned IOPS to requested volume size (in GiB) is 50:1. AWS uses the default volume size (in GiB) specified in the AMI attributes to set IOPS to 50 x (volume size).", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisTickLabelOptions": { + "AWS::OpsWorks::Instance.TimeBasedAutoScaling": { "additionalProperties": false, "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" - }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "Friday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Friday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", - "title": "Category", - "type": "array" + "title": "Friday", + "type": "object" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "Monday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Monday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", - "type": "array" + "title": "Monday", + "type": "object" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "Saturday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Saturday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", - "type": "array" + "title": "Saturday", + "type": "object" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "Sunday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Sunday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", - "title": "Values", - "type": "array" + "title": "Sunday", + "type": "object" + }, + "Thursday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Thursday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Thursday", + "type": "object" + }, + "Tuesday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Tuesday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tuesday", + "type": "object" + }, + "Wednesday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Wednesday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Wednesday", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartConfiguration": { + "AWS::OpsWorks::Layer": { "additionalProperties": false, "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", + "Condition": { "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", - "title": "CategoryLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" + "Metadata": { + "type": "object" }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + "Properties": { + "additionalProperties": false, + "properties": { + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.\n\nTo create a cluster layer, set the `EcsClusterArn` attribute to the cluster's ARN.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "AutoAssignElasticIps": { + "markdownDescription": "Whether to automatically assign an [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", + "title": "AutoAssignElasticIps", + "type": "boolean" + }, + "AutoAssignPublicIps": { + "markdownDescription": "For stacks that are running in a VPC, whether to automatically assign a public IP address to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", + "title": "AutoAssignPublicIps", + "type": "boolean" + }, + "CustomInstanceProfileArn": { + "markdownDescription": "The ARN of an IAM profile to be used for the layer's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "CustomInstanceProfileArn", + "type": "string" + }, + "CustomJson": { + "markdownDescription": "A JSON-formatted string containing custom stack configuration and deployment attributes to be installed on the layer's instances. For more information, see [Using Custom JSON](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-json-override.html) . This feature is supported as of version 1.7.42 of the AWS CLI .", + "title": "CustomJson", + "type": "object" + }, + "CustomRecipes": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.Recipes", + "markdownDescription": "A `LayerCustomRecipes` object that specifies the layer custom recipes.", + "title": "CustomRecipes" + }, + "CustomSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array containing the layer custom security group IDs.", + "title": "CustomSecurityGroupIds", + "type": "array" + }, + "EnableAutoHealing": { + "markdownDescription": "Whether to disable auto healing for the layer.", + "title": "EnableAutoHealing", + "type": "boolean" + }, + "InstallUpdatesOnBoot": { + "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> To ensure that your instances have the latest security updates, we strongly recommend using the default value of `true` .", + "title": "InstallUpdatesOnBoot", + "type": "boolean" + }, + "LifecycleEventConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.LifecycleEventConfiguration", + "markdownDescription": "A `LifeCycleEventConfiguration` object that you can use to configure the Shutdown event to specify an execution timeout and enable or disable Elastic Load Balancer connection draining.", + "title": "LifecycleEventConfiguration" + }, + "LoadBasedAutoScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.LoadBasedAutoScaling", + "markdownDescription": "The load-based scaling configuration for the AWS OpsWorks layer.", + "title": "LoadBasedAutoScaling" + }, + "Name": { + "markdownDescription": "The layer name, which is used by the console. Layer names can be a maximum of 32 characters.", + "title": "Name", + "type": "string" + }, + "Packages": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of `Package` objects that describes the layer packages.", + "title": "Packages", + "type": "array" + }, + "Shortname": { + "markdownDescription": "For custom layers only, use this parameter to specify the layer's short name, which is used internally by AWS OpsWorks Stacks and by Chef recipes. The short name is also used as the name for the directory where your app files are installed. It can have a maximum of 32 characters, which are limited to the alphanumeric characters, '-', '_', and '.'.\n\nBuilt-in layer short names are defined by AWS OpsWorks Stacks. For more information, see the [Layer Reference](https://docs.aws.amazon.com/opsworks/latest/userguide/layers.html) .", + "title": "Shortname", + "type": "string" + }, + "StackId": { + "markdownDescription": "The layer stack ID.", + "title": "StackId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies one or more sets of tags (key\u2013value pairs) to associate with this AWS OpsWorks layer. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The layer type. A stack cannot have more than one built-in layer of the same type. It can have any number of custom layers. Built-in layers are not available in Chef 12 stacks.", + "title": "Type", + "type": "string" + }, + "UseEbsOptimizedInstances": { + "markdownDescription": "Whether to use Amazon EBS-optimized instances.", + "title": "UseEbsOptimizedInstances", + "type": "boolean" + }, + "VolumeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.VolumeConfiguration" + }, + "markdownDescription": "A `VolumeConfigurations` object that describes the layer's Amazon EBS volumes.", + "title": "VolumeConfigurations", + "type": "array" + } }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "required": [ + "AutoAssignElasticIps", + "AutoAssignPublicIps", + "EnableAutoHealing", + "Name", + "Shortname", + "StackId", + "Type" + ], + "type": "object" }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", + "Type": { + "enum": [ + "AWS::OpsWorks::Layer" + ], "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpsWorks::Layer.AutoScalingThresholds": { + "additionalProperties": false, + "properties": { + "CpuThreshold": { + "markdownDescription": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.", + "title": "CpuThreshold", + "type": "number" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", - "title": "SortConfiguration" + "IgnoreMetricsTime": { + "markdownDescription": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events. For example, AWS OpsWorks Stacks adds new instances following an upscaling event but the instances won't start reducing the load until they have been booted and configured. There is no point in raising additional scaling events during that operation, which typically takes several minutes. `IgnoreMetricsTime` allows you to direct AWS OpsWorks Stacks to suppress scaling events long enough to get the new instances online.", + "title": "IgnoreMetricsTime", + "type": "number" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "InstanceCount": { + "markdownDescription": "The number of instances to add or remove when the load exceeds a threshold.", + "title": "InstanceCount", + "type": "number" }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" + "LoadThreshold": { + "markdownDescription": "The load threshold. A value of -1 disables the threshold. For more information about how load is computed, see [Load (computing)](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Load_%28computing%29) .", + "title": "LoadThreshold", + "type": "number" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", - "title": "ValueLabelOptions" + "MemoryThreshold": { + "markdownDescription": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.", + "title": "MemoryThreshold", + "type": "number" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "ThresholdsWaitTime": { + "markdownDescription": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.", + "title": "ThresholdsWaitTime", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartFieldWells": { + "AWS::OpsWorks::Layer.LifecycleEventConfiguration": { "additionalProperties": false, "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" + "ShutdownEventConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.ShutdownEventConfiguration", + "markdownDescription": "The Shutdown event configuration.", + "title": "ShutdownEventConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartSortConfiguration": { + "AWS::OpsWorks::Layer.LoadBasedAutoScaling": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", - "title": "CategoryItemsLimit" + "DownScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", + "markdownDescription": "An `AutoScalingThresholds` object that describes the downscaling configuration, which defines how and when AWS OpsWorks Stacks reduces the number of instances.", + "title": "DownScaling" }, - "CategorySort": { + "Enable": { + "markdownDescription": "Whether load-based auto scaling is enabled for the layer.", + "title": "Enable", + "type": "boolean" + }, + "UpScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", + "markdownDescription": "An `AutoScalingThresholds` object that describes the upscaling configuration, which defines how and when AWS OpsWorks Stacks increases the number of instances.", + "title": "UpScaling" + } + }, + "type": "object" + }, + "AWS::OpsWorks::Layer.Recipes": { + "additionalProperties": false, + "properties": { + "Configure": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of category fields.", - "title": "CategorySort", + "markdownDescription": "An array of custom recipe names to be run following a `configure` event.", + "title": "Configure", "type": "array" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { + "Deploy": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", + "markdownDescription": "An array of custom recipe names to be run following a `deploy` event.", + "title": "Deploy", "type": "array" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" - }, - "SmallMultiplesSort": { + "Setup": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "An array of custom recipe names to be run following a `setup` event.", + "title": "Setup", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BarChartVisual": { - "additionalProperties": false, - "properties": { - "Actions": { + }, + "Shutdown": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "An array of custom recipe names to be run following a `shutdown` event.", + "title": "Shutdown", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "Undeploy": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "An array of custom recipe names to be run following a `undeploy` event.", + "title": "Undeploy", "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.BinCountOptions": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BinWidthOptions": { + "AWS::OpsWorks::Layer.ShutdownEventConfiguration": { "additionalProperties": false, "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" + "DelayUntilElbConnectionsDrained": { + "markdownDescription": "Whether to enable Elastic Load Balancing connection draining. For more information, see [Connection Draining](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#conn-drain)", + "title": "DelayUntilElbConnectionsDrained", + "type": "boolean" }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", + "ExecutionTimeout": { + "markdownDescription": "The time, in seconds, that AWS OpsWorks Stacks waits after triggering a Shutdown event before shutting down an instance.", + "title": "ExecutionTimeout", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BodySectionConfiguration": { + "AWS::OpsWorks::Layer.VolumeConfiguration": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" + "Encrypted": { + "markdownDescription": "Specifies whether an Amazon EBS volume is encrypted. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) .", + "title": "Encrypted", + "type": "boolean" }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) to provision for the volume. For PIOPS volumes, the IOPS per disk.\n\nIf you specify `io1` for the volume type, you must specify this property.", + "title": "Iops", + "type": "number" }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", + "MountPoint": { + "markdownDescription": "The volume mount point. For example \"/dev/sdh\".", + "title": "MountPoint", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" - } - }, - "required": [ - "Content", - "SectionId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.BodySectionContent": { - "additionalProperties": false, - "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", - "type": "array" + "NumberOfDisks": { + "markdownDescription": "The number of disks in the volume.", + "title": "NumberOfDisks", + "type": "number" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "RaidLevel": { + "markdownDescription": "The volume [RAID level](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Standard_RAID_levels) .", + "title": "RaidLevel", + "type": "number" + }, + "Size": { + "markdownDescription": "The volume size.", + "title": "Size", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) .\n\n- `standard` - Magnetic. Magnetic volumes must have a minimum size of 1 GiB and a maximum size of 1024 GiB.\n- `io1` - Provisioned IOPS (SSD). PIOPS volumes must have a minimum size of 4 GiB and a maximum size of 16384 GiB.\n- `gp2` - General Purpose (SSD). General purpose volumes must have a minimum size of 1 GiB and a maximum size of 16384 GiB.\n- `st1` - Throughput Optimized hard disk drive (HDD). Throughput optimized HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.\n- `sc1` - Cold HDD. Cold HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotChartConfiguration": { + "AWS::OpsWorks::Stack": { "additionalProperties": false, "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + "Properties": { + "additionalProperties": false, + "properties": { + "AgentVersion": { + "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- Auto-update - Set this parameter to `LATEST` . AWS OpsWorks Stacks automatically installs new agent versions on the stack's instances as soon as they are available.\n- Fixed version - Set this parameter to your preferred agent version. To update the agent version, you must edit the stack configuration and specify a new version. AWS OpsWorks Stacks installs that version on the stack's instances.\n\nThe default setting is the most recent release of the agent. To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.\n\n> You can also specify an agent version when you create or update an instance, which overrides the stack's default setting.", + "title": "AgentVersion", + "type": "string" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "ChefConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.ChefConfiguration", + "markdownDescription": "A `ChefConfiguration` object that specifies whether to enable Berkshelf and the Berkshelf version on Chef 11.10 stacks. For more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", + "title": "ChefConfiguration" + }, + "CloneAppIds": { + "items": { + "type": "string" + }, + "markdownDescription": "If you're cloning an AWS OpsWorks stack, a list of AWS OpsWorks application stack IDs from the source stack to include in the cloned stack.", + "title": "CloneAppIds", + "type": "array" + }, + "ClonePermissions": { + "markdownDescription": "If you're cloning an AWS OpsWorks stack, indicates whether to clone the source stack's permissions.", + "title": "ClonePermissions", + "type": "boolean" + }, + "ConfigurationManager": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.StackConfigurationManager", + "markdownDescription": "The configuration manager. When you create a stack we recommend that you use the configuration manager to specify the Chef version: 12, 11.10, or 11.4 for Linux stacks, or 12.2 for Windows stacks. The default value for Linux stacks is currently 12.", + "title": "ConfigurationManager" + }, + "CustomCookbooksSource": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.Source", + "markdownDescription": "Contains the information required to retrieve an app or cookbook from a repository. For more information, see [Adding Apps](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html) or [Cookbooks and Recipes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook.html) .", + "title": "CustomCookbooksSource" + }, + "CustomJson": { + "markdownDescription": "A string that contains user-defined, custom JSON. It can be used to override the corresponding default stack configuration attribute values or to pass data to recipes. The string should be in the following format:\n\n`\"{\\\"key1\\\": \\\"value1\\\", \\\"key2\\\": \\\"value2\\\",...}\"`\n\nFor more information about custom JSON, see [Use Custom JSON to Modify the Stack Configuration Attributes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-json.html) .", + "title": "CustomJson", + "type": "object" + }, + "DefaultAvailabilityZone": { + "markdownDescription": "The stack's default Availability Zone, which must be in the specified region. For more information, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html) . If you also specify a value for `DefaultSubnetId` , the subnet must be in the same zone. For more information, see the `VpcId` parameter description.", + "title": "DefaultAvailabilityZone", + "type": "string" + }, + "DefaultInstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM profile that is the default profile for all of the stack's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "DefaultInstanceProfileArn", + "type": "string" + }, + "DefaultOs": { + "markdownDescription": "The stack's default operating system, which is installed on every instance unless you specify a different operating system when you create the instance. You can specify one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` . You specify the custom AMI you want to use when you create instances. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\nThe default option is the current Amazon Linux version. Not all operating systems are supported with all versions of Chef. For more information about supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .", + "title": "DefaultOs", + "type": "string" + }, + "DefaultRootDeviceType": { + "markdownDescription": "The default root device type. This value is the default for all instances in the stack, but you can override it when you create an instance. The default option is `instance-store` . For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", + "title": "DefaultRootDeviceType", + "type": "string" + }, + "DefaultSshKeyName": { + "markdownDescription": "A default Amazon EC2 key pair name. The default value is none. If you specify a key pair name, AWS OpsWorks installs the public key on the instance and you can use the private key with an SSH client to log in to the instance. For more information, see [Using SSH to Communicate with an Instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-ssh.html) and [Managing SSH Access](https://docs.aws.amazon.com/opsworks/latest/userguide/security-ssh-access.html) . You can override this setting by specifying a different key pair, or no key pair, when you [create an instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-add.html) .", + "title": "DefaultSshKeyName", + "type": "string" + }, + "DefaultSubnetId": { + "markdownDescription": "The stack's default subnet ID. All instances are launched into this subnet unless you specify another subnet ID when you create the instance. This parameter is required if you specify a value for the `VpcId` parameter. If you also specify a value for `DefaultAvailabilityZone` , the subnet must be in that zone.", + "title": "DefaultSubnetId", + "type": "string" + }, + "EcsClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Elastic Container Service ( Amazon ECS ) cluster to register with the AWS OpsWorks stack.\n\n> If you specify a cluster that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the cluster.", + "title": "EcsClusterArn", + "type": "string" + }, + "ElasticIps": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.ElasticIp" + }, + "markdownDescription": "A list of Elastic IP addresses to register with the AWS OpsWorks stack.\n\n> If you specify an IP address that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the IP address.", + "title": "ElasticIps", + "type": "array" + }, + "HostnameTheme": { + "markdownDescription": "The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. By default, `HostnameTheme` is set to `Layer_Dependent` , which creates host names by appending integers to the layer's short name. The other themes are:\n\n- `Baked_Goods`\n- `Clouds`\n- `Europe_Cities`\n- `Fruits`\n- `Greek_Deities_and_Titans`\n- `Legendary_creatures_from_Japan`\n- `Planets_and_Moons`\n- `Roman_Deities`\n- `Scottish_Islands`\n- `US_Cities`\n- `Wild_Cats`\n\nTo obtain a generated host name, call `GetHostNameSuggestion` , which returns a host name based on the current theme.", + "title": "HostnameTheme", + "type": "string" + }, + "Name": { + "markdownDescription": "The stack name. Stack names can be a maximum of 64 characters.", + "title": "Name", + "type": "string" + }, + "RdsDbInstances": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.RdsDbInstance" + }, + "markdownDescription": "The Amazon Relational Database Service ( Amazon RDS ) database instance to register with the AWS OpsWorks stack.\n\n> If you specify a database instance that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the database instance.", + "title": "RdsDbInstances", + "type": "array" + }, + "ServiceRoleArn": { + "markdownDescription": "The stack's IAM role, which allows AWS OpsWorks Stacks to work with AWS resources on your behalf. You must set this parameter to the Amazon Resource Name (ARN) for an existing IAM role. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "ServiceRoleArn", + "type": "string" + }, + "SourceStackId": { + "markdownDescription": "If you're cloning an AWS OpsWorks stack, the stack ID of the source AWS OpsWorks stack to clone.", + "title": "SourceStackId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a stack or layer.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- Leading and trailing white spaces are trimmed from both the key and value.\n- A maximum of 40 tags is allowed for any resource.", + "title": "Tags", + "type": "array" + }, + "UseCustomCookbooks": { + "markdownDescription": "Whether the stack uses custom cookbooks.", + "title": "UseCustomCookbooks", + "type": "boolean" + }, + "UseOpsworksSecurityGroups": { + "markdownDescription": "Whether to associate the AWS OpsWorks Stacks built-in security groups with the stack's layers.\n\nAWS OpsWorks Stacks provides a standard set of built-in security groups, one for each layer, which are associated with layers by default. With `UseOpsworksSecurityGroups` you can instead provide your own custom security groups. `UseOpsworksSecurityGroups` has the following settings:\n\n- True - AWS OpsWorks Stacks automatically associates the appropriate built-in security group with each layer (default setting). You can associate additional security groups with a layer after you create it, but you cannot delete the built-in security group.\n- False - AWS OpsWorks Stacks does not associate built-in security groups with layers. You must create appropriate EC2 security groups and associate a security group with each layer that you create. However, you can still manually associate a built-in security group with a layer on creation; custom security groups are required only for those layers that need custom settings.\n\nFor more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", + "title": "UseOpsworksSecurityGroups", + "type": "boolean" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC that the stack is to be launched into. The VPC must be in the stack's region. All instances are launched into this VPC. You cannot change the ID later.\n\n- If your account supports EC2-Classic, the default value is `no VPC` .\n- If your account does not support EC2-Classic, the default value is the default VPC for the specified region.\n\nIf the VPC ID corresponds to a default VPC and you have specified either the `DefaultAvailabilityZone` or the `DefaultSubnetId` parameter only, AWS OpsWorks Stacks infers the value of the other parameter. If you specify neither parameter, AWS OpsWorks Stacks sets these parameters to the first valid Availability Zone for the specified region and the corresponding default VPC subnet ID, respectively.\n\nIf you specify a nondefault VPC ID, note the following:\n\n- It must belong to a VPC in your account that is in the specified region.\n- You must specify a value for `DefaultSubnetId` .\n\nFor more information about how to use AWS OpsWorks Stacks with a VPC, see [Running a Stack in a VPC](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-vpc.html) . For more information about default VPC and EC2-Classic, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", + "title": "VpcId", + "type": "string" + } }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "required": [ + "DefaultInstanceProfileArn", + "Name", + "ServiceRoleArn" + ], + "type": "object" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BoxPlotFieldWells": { - "additionalProperties": false, - "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BoxPlotOptions": { - "additionalProperties": false, - "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", + "Type": { + "enum": [ + "AWS::OpsWorks::Stack" + ], "type": "string" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotSortConfiguration": { + "AWS::OpsWorks::Stack.ChefConfiguration": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "BerkshelfVersion": { + "markdownDescription": "The Berkshelf version.", + "title": "BerkshelfVersion", + "type": "string" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" + "ManageBerkshelf": { + "markdownDescription": "Whether to enable Berkshelf.", + "title": "ManageBerkshelf", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotStyleOptions": { + "AWS::OpsWorks::Stack.ElasticIp": { "additionalProperties": false, "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", + "Ip": { + "markdownDescription": "The IP address.", + "title": "Ip", + "type": "string" + }, + "Name": { + "markdownDescription": "The name, which can be a maximum of 32 characters.", + "title": "Name", "type": "string" } }, + "required": [ + "Ip" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotVisual": { + "AWS::OpsWorks::Stack.RdsDbInstance": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DbPassword": { + "markdownDescription": "AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "DbPassword", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "DbUser": { + "markdownDescription": "The master user name.", + "title": "DbUser", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "RdsDbInstanceArn": { + "markdownDescription": "The instance's ARN.", + "title": "RdsDbInstanceArn", "type": "string" } }, "required": [ - "VisualId" + "DbPassword", + "DbUser", + "RdsDbInstanceArn" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CalculatedField": { + "AWS::OpsWorks::Stack.Source": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", + "Password": { + "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "Password", "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", + "Revision": { + "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", + "title": "Revision", "type": "string" }, - "Name": { - "markdownDescription": "The name of the calculated field.", - "title": "Name", + "SshKey": { + "markdownDescription": "The repository's SSH key. For more information, see [Using Git Repository SSH Keys](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-deploykeys.html) in the *AWS OpsWorks User Guide* . To pass in an SSH key as a parameter, see the following example:\n\n`\"Parameters\" : { \"GitSSHKey\" : { \"Description\" : \"Change SSH key newlines to commas.\", \"Type\" : \"CommaDelimitedList\", \"NoEcho\" : \"true\" }, ... \"CustomCookbooksSource\": { \"Revision\" : { \"Ref\": \"GitRevision\"}, \"SshKey\" : { \"Fn::Join\" : [ \"\\n\", { \"Ref\": \"GitSSHKey\"} ] }, \"Type\": \"git\", \"Url\": { \"Ref\": \"GitURL\"} } ...`", + "title": "SshKey", + "type": "string" + }, + "Type": { + "markdownDescription": "The repository type.", + "title": "Type", + "type": "string" + }, + "Url": { + "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", + "title": "Url", + "type": "string" + }, + "Username": { + "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", + "title": "Username", "type": "string" } }, - "required": [ - "DataSetIdentifier", - "Expression", - "Name" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CalculatedMeasureField": { + "AWS::OpsWorks::Stack.StackConfigurationManager": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", + "Name": { + "markdownDescription": "The name. This parameter must be set to `Chef` .", + "title": "Name", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Version": { + "markdownDescription": "The Chef version. This parameter must be set to 12, 11.10, or 11.4 for Linux stacks, and to 12.2 for Windows stacks. The default value for Linux stacks is 12.", + "title": "Version", "type": "string" } }, - "required": [ - "Expression", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CascadingControlConfiguration": { + "AWS::OpsWorks::UserProfile": { "additionalProperties": false, "properties": { - "SourceControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlSource" - }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.CascadingControlSource": { - "additionalProperties": false, - "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" + "Condition": { + "type": "string" }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowSelfManagement": { + "markdownDescription": "Whether users can specify their own SSH public key through the My Settings page. For more information, see [Managing User Permissions](https://docs.aws.amazon.com/opsworks/latest/userguide/security-settingsshkey.html) .", + "title": "AllowSelfManagement", + "type": "boolean" + }, + "IamUserArn": { + "markdownDescription": "The user's IAM ARN.", + "title": "IamUserArn", + "type": "string" + }, + "SshPublicKey": { + "markdownDescription": "The user's SSH public key.", + "title": "SshPublicKey", + "type": "string" + }, + "SshUsername": { + "markdownDescription": "The user's SSH user name.", + "title": "SshUsername", + "type": "string" + } + }, + "required": [ + "IamUserArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::UserProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoricalDimensionField": { + "AWS::OpsWorks::Volume": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" + "Condition": { + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Ec2VolumeId": { + "markdownDescription": "The Amazon EC2 volume ID.", + "title": "Ec2VolumeId", + "type": "string" + }, + "MountPoint": { + "markdownDescription": "The volume mount point. For example, \"/mnt/disk1\".", + "title": "MountPoint", + "type": "string" + }, + "Name": { + "markdownDescription": "The volume name. Volume names are a maximum of 128 characters.", + "title": "Name", + "type": "string" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + } + }, + "required": [ + "Ec2VolumeId", + "StackId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorks::Volume" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoricalMeasureField": { + "AWS::OpsWorksCM::Server": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "Condition": { "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssociatePublicIpAddress": { + "markdownDescription": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "BackupId": { + "markdownDescription": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId.", + "title": "BackupId", + "type": "string" + }, + "BackupRetentionCount": { + "markdownDescription": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` .", + "title": "BackupRetentionCount", + "type": "number" + }, + "CustomCertificate": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate\u2019s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` .", + "title": "CustomCertificate", + "type": "string" + }, + "CustomDomain": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` .", + "title": "CustomDomain", + "type": "string" + }, + "CustomPrivateKey": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` .", + "title": "CustomPrivateKey", + "type": "string" + }, + "DisableAutomatedBackup": { + "markdownDescription": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` .", + "title": "DisableAutomatedBackup", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` .", + "title": "Engine", + "type": "string" + }, + "EngineAttributes": { + "items": { + "$ref": "#/definitions/AWS::OpsWorksCM::Server.EngineAttribute" + }, + "markdownDescription": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^&+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key.", + "title": "EngineAttributes", + "type": "array" + }, + "EngineModel": { + "markdownDescription": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef.", + "title": "EngineModel", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` .", + "title": "EngineVersion", + "type": "string" + }, + "InstanceProfileArn": { + "markdownDescription": "The ARN of the instance profile that your Amazon EC2 instances use.", + "title": "InstanceProfileArn", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type to use. For example, `m5.large` .", + "title": "InstanceType", + "type": "string" + }, + "KeyPair": { + "markdownDescription": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH.", + "title": "KeyPair", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServerName": { + "markdownDescription": "The name of the server. The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters.", + "title": "ServerName", + "type": "string" + }, + "ServiceRoleArn": { + "markdownDescription": "The service role that the AWS OpsWorks CM service backend uses to work with your account.", + "title": "ServiceRoleArn", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "InstanceProfileArn", + "InstanceType", + "ServiceRoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorksCM::Server" + ], "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryDrillDownFilter": { + "AWS::OpsWorksCM::Server.EngineAttribute": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", - "type": "array" + "Name": { + "markdownDescription": "The name of the engine attribute.\n\n*Attribute name for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_ADMIN_PASSWORD`\n\n*Attribute names for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD`\n- `PUPPET_R10K_REMOTE`\n- `PUPPET_R10K_PRIVATE_KEY`", + "title": "Name", + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Value": { + "markdownDescription": "The value of the engine attribute.\n\n*Attribute value for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers.\n\n`openssl genrsa -out *pivotal_key_file_name* .pem 2048`\n\nOn Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com.\n\n*Attribute values for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key.", + "title": "Value", + "type": "string" } }, - "required": [ - "CategoryValues", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryFilter": { + "AWS::Organizations::Account": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Condition": { + "type": "string" }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountName": { + "markdownDescription": "The account name given to the account when it was created.", + "title": "AccountName", + "type": "string" + }, + "Email": { + "markdownDescription": "The email address associated with the AWS account.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for this parameter is a string of characters that represents a standard internet email address.", + "title": "Email", + "type": "string" + }, + "ParentIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique identifier (ID) of the root or organizational unit (OU) that you want to create the new account in. If you don't specify this parameter, the `ParentId` defaults to the root ID.\n\nThis parameter only accepts a string array with one string value.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "ParentIds", + "type": "array" + }, + "RoleName": { + "markdownDescription": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.\n\nIf you don't specify this parameter, the role name defaults to `OrganizationAccountAccessRole` .\n\nFor more information about how to use this role to access the member account, see the following links:\n\n- [Creating the OrganizationAccountAccessRole in an invited member account](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) in the *AWS Organizations User Guide*\n- Steps 2 and 3 in [IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) in the *IAM User Guide*\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-", + "title": "RoleName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the maximum allowed number of tags for an account, then the entire request fails and the account is not created.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccountName", + "Email" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Account" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "Configuration", - "FilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryFilterConfiguration": { + "AWS::Organizations::Organization": { "additionalProperties": false, "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" + "Condition": { + "type": "string" }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ChartAxisLabelOptions": { - "additionalProperties": false, - "properties": { - "AxisLabelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "FeatureSet": { + "markdownDescription": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.\n\n- `ALL` In addition to all the features supported by the consolidated billing feature set, the management account gains access to advanced features that give you more control over accounts in your organization. For more information, see [All features](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all) in the *AWS Organizations User Guide* .\n- `CONSOLIDATED_BILLING` All member accounts have their bills consolidated to and paid by the management account. For more information, see [Consolidated billing](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only) in the *AWS Organizations User Guide* .\n\n> The consolidated billing feature feature set isn't available for organizations in the AWS GovCloud (US) Region.\n\nIf you don't specify this property, the default value is `ALL` .", + "title": "FeatureSet", + "type": "string" + } }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", - "type": "array" + "type": "object" }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", + "Type": { + "enum": [ + "AWS::Organizations::Organization" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ClusterMarker": { - "additionalProperties": false, - "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ClusterMarkerConfiguration": { - "additionalProperties": false, - "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ColorScale": { + "AWS::Organizations::OrganizationalUnit": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", + "Condition": { "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The friendly name of this OU.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "title": "Name", + "type": "string" + }, + "ParentId": { + "markdownDescription": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in.\n\n> To update the `ParentId` parameter value, you must first remove all accounts attached to the organizational unit (OU). OUs can't be moved within the organization with accounts still attached. \n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "ParentId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created OU. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for an OU, then the entire request fails and the OU is not created.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", - "type": "array" + "required": [ + "Name", + "ParentId" + ], + "type": "object" }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" + "Type": { + "enum": [ + "AWS::Organizations::OrganizationalUnit" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ColorFillType", - "Colors" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColorsConfiguration": { - "additionalProperties": false, - "properties": { - "CustomColors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomColor" - }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ColumnConfiguration": { + "AWS::Organizations::Policy": { "additionalProperties": false, "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The policy text content. You can specify the policy content as a JSON object or a JSON string.\n\n> When you specify the policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the policy content as a JSON object instead. \n\nThe text that you supply must adhere to the rules of the policy type you specify in the `Type` parameter. The following AWS Organizations quotas are enforced for the maximum size of a policy document:\n\n- Service control policies: 5,120 characters\n- Resource control policies: 5,120 characters\n- Declarative policies: 10,000 characters\n- Backup policies: 10,000 characters\n- Tag policies: 10,000 characters\n- Chat applications policies: 10,000 characters\n- AI services opt-out policies: 2,500 characters\n\nFor more information about Organizations service quotas, see [Quotas for AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) in the *AWS Organizations User Guide* .", + "title": "Content", + "type": "object" + }, + "Description": { + "markdownDescription": "Human readable description of the policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the policy.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for a policy, then the entire request fails and the policy is not created.", + "title": "Tags", + "type": "array" + }, + "TargetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to. You can get the ID by calling the [ListRoots](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html) , [ListOrganizationalUnitsForParent](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html) , or [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) operations. If you don't specify this parameter, the policy is created but not attached to any organization resource.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a target ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Account* - A string that consists of exactly 12 digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "TargetIds", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of policy to create.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Content", + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnHierarchy": { + "AWS::Organizations::ResourcePolicy": { "additionalProperties": false, "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" + "Condition": { + "type": "string" }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ColumnIdentifier": { - "additionalProperties": false, - "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The policy text of the organization resource policy. You can specify the resource policy content as a JSON object or a JSON string.\n\n> When you specify the resource policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the resource policy content as a JSON object instead.", + "title": "Content", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created resource policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the *AWS Organizations User Guide* .\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for the resource policy, then the entire request fails and the resource policy is not created.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Content" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::ResourcePolicy" + ], "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ColumnName", - "DataSetIdentifier" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnSort": { + "AWS::PCAConnectorAD::Connector": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" + "Condition": { + "type": "string" }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "", - "title": "SortBy" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority being used.", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "DirectoryId": { + "markdownDescription": "The identifier of the Active Directory.", + "title": "DirectoryId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a connector consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "VpcInformation": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Connector.VpcInformation", + "markdownDescription": "Information of the VPC and security group(s) used with the connector.", + "title": "VpcInformation" + } + }, + "required": [ + "CertificateAuthorityArn", + "DirectoryId", + "VpcInformation" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::Connector" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Direction", - "SortBy" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnTooltipItem": { + "AWS::PCAConnectorAD::Connector.VpcInformation": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" - }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "IpAddressType": { + "markdownDescription": "The VPC IP address type.", + "title": "IpAddressType", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups used with the connector. You can use a maximum of 4 security groups with a connector.", + "title": "SecurityGroupIds", + "type": "array" } }, "required": [ - "Column" + "SecurityGroupIds" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells": { + "AWS::PCAConnectorAD::DirectoryRegistration": { "additionalProperties": false, "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" - }, - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The aggregated category field wells of a combo chart.", - "title": "Category", - "type": "array" + "Condition": { + "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "LineValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DirectoryId": { + "markdownDescription": "The identifier of the Active Directory.", + "title": "DirectoryId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a directory registration consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", - "type": "array" + "required": [ + "DirectoryId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::DirectoryRegistration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartConfiguration": { + "AWS::PCAConnectorAD::ServicePrincipalName": { "additionalProperties": false, "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" - }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", + "Condition": { "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "DirectoryRegistrationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) .", + "title": "DirectoryRegistrationArn", + "type": "string" + } }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", - "title": "SortConfiguration" + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" + "Type": { + "enum": [ + "AWS::PCAConnectorAD::ServicePrincipalName" + ], + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ComboChartFieldWells": { - "additionalProperties": false, - "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartSortConfiguration": { + "AWS::PCAConnectorAD::Template": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", - "title": "CategoryItemsLimit" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", - "title": "CategorySort", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateDefinition", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "Definition" + }, + "Name": { + "markdownDescription": "Name of the templates. Template names must be unique.", + "title": "Name", + "type": "string" + }, + "ReenrollAllCertificateHolders": { + "markdownDescription": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template.", + "title": "ReenrollAllCertificateHolders", + "type": "boolean" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a template consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", - "type": "array" + "required": [ + "ConnectorArn", + "Definition", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::Template" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartVisual": { + "AWS::PCAConnectorAD::Template.ApplicationPolicies": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Critical": { + "markdownDescription": "Marks the application policy extension as critical.", + "title": "Critical", + "type": "boolean" }, - "ColumnHierarchies": { + "Policies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicy" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "Application policies describe what the certificate can be used for.", + "title": "Policies", "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" } }, "required": [ - "VisualId" + "Policies" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComparisonConfiguration": { + "AWS::PCAConnectorAD::Template.ApplicationPolicy": { "additionalProperties": false, "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" + "PolicyObjectIdentifier": { + "markdownDescription": "The object identifier (OID) of an application policy.", + "title": "PolicyObjectIdentifier", + "type": "string" }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", + "PolicyType": { + "markdownDescription": "The type of application policy", + "title": "PolicyType", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ComparisonFormatConfiguration": { + "AWS::PCAConnectorAD::Template.CertificateValidity": { "additionalProperties": false, "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" + "RenewalPeriod": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", + "markdownDescription": "Renewal period is the period of time before certificate expiration when a new certificate will be requested.", + "title": "RenewalPeriod" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" + "ValidityPeriod": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", + "markdownDescription": "Information describing the end of the validity period of the certificate. This parameter sets the \u201cNot After\u201d date for the certificate. Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280. This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.", + "title": "ValidityPeriod" } }, + "required": [ + "RenewalPeriod", + "ValidityPeriod" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.Computation": { + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV2": { "additionalProperties": false, "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" - }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" - }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" - }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" - }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" - }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingColor": { + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV3": { "additionalProperties": false, "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" + }, + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" + }, + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" + }, + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition": { + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV4": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", - "type": "string" + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", - "type": "string" + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" + }, + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" } }, - "required": [ - "Expression", - "IconOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions": { + "AWS::PCAConnectorAD::Template.ExtensionsV2": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", - "type": "string" + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", - "type": "string" + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", + "title": "KeyUsage" } }, + "required": [ + "KeyUsage" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor": { + "AWS::PCAConnectorAD::Template.ExtensionsV3": { "additionalProperties": false, "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", - "type": "string" + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", + "title": "KeyUsage" } }, "required": [ - "Color", - "Expression" + "KeyUsage" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIcon": { + "AWS::PCAConnectorAD::Template.ExtensionsV4": { "additionalProperties": false, "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.", + "title": "KeyUsage" } }, + "required": [ + "KeyUsage" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration": { + "AWS::PCAConnectorAD::Template.GeneralFlagsV2": { "additionalProperties": false, "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", - "type": "string" + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" + }, + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users.", + "title": "MachineType", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIconSet": { + "AWS::PCAConnectorAD::Template.GeneralFlagsV3": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", - "type": "string" + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", - "type": "string" + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", + "title": "MachineType", + "type": "boolean" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor": { + "AWS::PCAConnectorAD::Template.GeneralFlagsV4": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", - "type": "string" + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", - "type": "string" + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", + "title": "MachineType", + "type": "boolean" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ContributionAnalysisDefault": { + "AWS::PCAConnectorAD::Template.KeyUsage": { "additionalProperties": false, "properties": { - "ContributorDimensions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", - "type": "array" + "Critical": { + "markdownDescription": "Sets the key usage extension to critical.", + "title": "Critical", + "type": "boolean" }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", - "type": "string" + "UsageFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageFlags", + "markdownDescription": "The key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.", + "title": "UsageFlags" } }, "required": [ - "ContributorDimensions", - "MeasureFieldId" + "UsageFlags" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration": { + "AWS::PCAConnectorAD::Template.KeyUsageFlags": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", - "type": "string" + "DataEncipherment": { + "markdownDescription": "DataEncipherment is asserted when the subject public key is used for directly enciphering raw user data without the use of an intermediate symmetric cipher.", + "title": "DataEncipherment", + "type": "boolean" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", - "type": "string" + "DigitalSignature": { + "markdownDescription": "The digitalSignature is asserted when the subject public key is used for verifying digital signatures.", + "title": "DigitalSignature", + "type": "boolean" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "KeyAgreement": { + "markdownDescription": "KeyAgreement is asserted when the subject public key is used for key agreement.", + "title": "KeyAgreement", + "type": "boolean" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", - "type": "string" + "KeyEncipherment": { + "markdownDescription": "KeyEncipherment is asserted when the subject public key is used for enciphering private or secret keys, i.e., for key transport.", + "title": "KeyEncipherment", + "type": "boolean" }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", - "type": "string" + "NonRepudiation": { + "markdownDescription": "NonRepudiation is asserted when the subject public key is used to verify digital signatures.", + "title": "NonRepudiation", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionFilterOperation": { + "AWS::PCAConnectorAD::Template.KeyUsageProperty": { "additionalProperties": false, "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" + "PropertyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags", + "markdownDescription": "You can specify key usage for encryption, key agreement, and signature. You can use property flags or property type but not both.", + "title": "PropertyFlags" }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" + "PropertyType": { + "markdownDescription": "You can specify all key usages using property type ALL. You can use property type or property flags but not both.", + "title": "PropertyType", + "type": "string" } }, - "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionNavigationOperation": { + "AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags": { "additionalProperties": false, "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" + "Decrypt": { + "markdownDescription": "Allows key for encryption and decryption.", + "title": "Decrypt", + "type": "boolean" + }, + "KeyAgreement": { + "markdownDescription": "Allows key exchange without encryption.", + "title": "KeyAgreement", + "type": "boolean" + }, + "Sign": { + "markdownDescription": "Allow key use for digital signature.", + "title": "Sign", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionSetParametersOperation": { + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2": { "additionalProperties": false, "properties": { - "ParameterValueConfigurations": { + "CryptoProviders": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SetParameterValueConfiguration" + "type": "string" }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", "type": "array" + }, + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", + "type": "string" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" } }, "required": [ - "ParameterValueConfigurations" + "KeySpec", + "MinimalKeyLength" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionURLOperation": { + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3": { "additionalProperties": false, "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", + "Algorithm": { + "markdownDescription": "Defines the algorithm used to generate the private key.", + "title": "Algorithm", "type": "string" }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", + "CryptoProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", + "type": "array" + }, + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", "type": "string" + }, + "KeyUsageProperty": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", + "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", + "title": "KeyUsageProperty" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" } }, "required": [ - "URLTarget", - "URLTemplate" + "Algorithm", + "KeySpec", + "KeyUsageProperty", + "MinimalKeyLength" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomColor": { + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "Algorithm": { + "markdownDescription": "Defines the algorithm used to generate the private key.", + "title": "Algorithm", "type": "string" }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", - "type": "string" + "CryptoProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", + "type": "array" }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", "type": "string" + }, + "KeyUsageProperty": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", + "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", + "title": "KeyUsageProperty" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" } }, "required": [ - "Color" + "KeySpec", + "MinimalKeyLength" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomContentConfiguration": { + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", "type": "string" }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", - "type": "string" + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", - "type": "string" + "StrongKeyProtectionRequired": { + "markdownDescription": "Require user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" } }, + "required": [ + "ClientVersion" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomContentVisual": { + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", - "title": "ChartConfiguration" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "RequireAlternateSignatureAlgorithm": { + "markdownDescription": "Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", + "title": "RequireAlternateSignatureAlgorithm", + "type": "boolean" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "StrongKeyProtectionRequired": { + "markdownDescription": "Requirer user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "ClientVersion" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomFilterConfiguration": { + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", "type": "string" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "RequireAlternateSignatureAlgorithm": { + "markdownDescription": "Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", + "title": "RequireAlternateSignatureAlgorithm", + "type": "boolean" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", - "type": "string" + "RequireSameKeyRenewal": { + "markdownDescription": "Renew certificate using the same private key.", + "title": "RequireSameKeyRenewal", + "type": "boolean" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "StrongKeyProtectionRequired": { + "markdownDescription": "Require user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" + }, + "UseLegacyProvider": { + "markdownDescription": "Specifies the cryptographic service provider category used to generate private keys. Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.", + "title": "UseLegacyProvider", + "type": "boolean" } }, "required": [ - "MatchOperator", - "NullOption" + "ClientVersion" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomFilterListConfiguration": { + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV2": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" - } - }, - "required": [ - "MatchOperator", - "NullOption" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomNarrativeOptions": { - "additionalProperties": false, - "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", - "type": "string" - } - }, - "required": [ - "Narrative" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomParameterValues": { - "additionalProperties": false, - "properties": { - "DateTimeValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", - "type": "array" + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" }, - "DecimalValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", - "type": "array" + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" }, - "IntegerValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", - "type": "array" + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" }, - "StringValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomValuesConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomParameterValues", - "markdownDescription": "", - "title": "CustomValues" + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" + }, + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" + }, + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" + }, + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", "type": "boolean" } }, - "required": [ - "CustomValues" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardError": { + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV3": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Message.", - "title": "Message", - "type": "string" + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" }, - "Type": { - "markdownDescription": "Type.", - "title": "Type", - "type": "string" + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" }, - "ViolatedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Entity" - }, - "markdownDescription": "Lists the violated entities that caused the dashboard error.", - "title": "ViolatedEntities", - "type": "array" + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" + }, + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" + }, + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" + }, + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" + }, + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" + }, + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" + }, + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" + }, + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardPublishOptions": { + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV4": { "additionalProperties": false, "properties": { - "AdHocFilteringOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AdHocFilteringOption", - "markdownDescription": "Ad hoc (one-time) filtering option.", - "title": "AdHocFilteringOption" - }, - "DataPointDrillUpDownOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointDrillUpDownOption", - "markdownDescription": "The drill-down options of data points in a dashboard.", - "title": "DataPointDrillUpDownOption" + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" }, - "DataPointMenuLabelOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointMenuLabelOption", - "markdownDescription": "The data point menu label options of a dashboard.", - "title": "DataPointMenuLabelOption" + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" }, - "DataPointTooltipOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointTooltipOption", - "markdownDescription": "The data point tool tip options of a dashboard.", - "title": "DataPointTooltipOption" + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" }, - "ExportToCSVOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportToCSVOption", - "markdownDescription": "Export to .csv option.", - "title": "ExportToCSVOption" + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" }, - "ExportWithHiddenFieldsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption", - "markdownDescription": "Determines if hidden fields are exported with a dashboard.", - "title": "ExportWithHiddenFieldsOption" + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" }, - "SheetControlsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlsOption", - "markdownDescription": "Sheet controls option.", - "title": "SheetControlsOption" + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" }, - "SheetLayoutElementMaximizationOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption", - "markdownDescription": "The sheet layout maximization options of a dashbaord.", - "title": "SheetLayoutElementMaximizationOption" + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" }, - "VisualAxisSortOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualAxisSortOption", - "markdownDescription": "The axis sort options of a dashboard.", - "title": "VisualAxisSortOption" + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" }, - "VisualMenuOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", - "markdownDescription": "The menu options of a visual in a dashboard.", - "title": "VisualMenuOption" + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" }, - "VisualPublishOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVisualPublishOptions", - "markdownDescription": "The visual publish options of a visual in a dashboard.", - "title": "VisualPublishOptions" + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardSourceEntity": { + "AWS::PCAConnectorAD::Template.TemplateDefinition": { "additionalProperties": false, "properties": { - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceTemplate", - "markdownDescription": "Source template.", - "title": "SourceTemplate" + "TemplateV2": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV2", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV2" + }, + "TemplateV3": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV3", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV3" + }, + "TemplateV4": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV4", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV4" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardSourceTemplate": { + "AWS::PCAConnectorAD::Template.TemplateV2": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" }, - "DataSetReferences": { + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV2", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" + }, + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV2", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" + }, + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV2", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" + }, + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2", + "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, and cryptographic providers for the private key of a certificate for v2 templates. V2 templates allow you to use Legacy Cryptographic Service Providers.", + "title": "PrivateKeyAttributes" + }, + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2", + "markdownDescription": "Private key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.", + "title": "PrivateKeyFlags" + }, + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV2", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetReference" + "type": "string" }, - "markdownDescription": "Dataset references.", - "title": "DataSetReferences", + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", "type": "array" } }, "required": [ - "Arn", - "DataSetReferences" + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVersion": { + "AWS::PCAConnectorAD::Template.TemplateV3": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" }, - "CreatedTime": { - "markdownDescription": "The time that this dashboard version was created.", - "title": "CreatedTime", - "type": "string" + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV3", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" }, - "DataSetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Numbers (ARNs) for the datasets that are associated with this version of the dashboard.", - "title": "DataSetArns", - "type": "array" + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV3", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" }, - "Description": { - "markdownDescription": "Description.", - "title": "Description", + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV3", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" + }, + "HashAlgorithm": { + "markdownDescription": "Specifies the hash algorithm used to hash the private key.", + "title": "HashAlgorithm", "type": "string" }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardError" - }, - "markdownDescription": "Errors associated with this dashboard version.", - "title": "Errors", - "type": "array" + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3", + "markdownDescription": "Private key attributes allow you to specify the algorithm, minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v3 templates. V3 templates allow you to use Key Storage Providers.", + "title": "PrivateKeyAttributes" }, - "Sheets": { + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3", + "markdownDescription": "Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.", + "title": "PrivateKeyFlags" + }, + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV3", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Sheet" + "type": "string" }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", "type": "array" - }, - "SourceEntityArn": { - "markdownDescription": "Source entity ARN.", - "title": "SourceEntityArn", - "type": "string" - }, - "Status": { - "markdownDescription": "The HTTP status of the request.", - "title": "Status", - "type": "string" - }, - "ThemeArn": { - "markdownDescription": "The ARN of the theme associated with a version of the dashboard.", - "title": "ThemeArn", - "type": "string" - }, - "VersionNumber": { - "markdownDescription": "Version number for this version of the dashboard.", - "title": "VersionNumber", - "type": "number" } }, + "required": [ + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "HashAlgorithm", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVersionDefinition": { + "AWS::PCAConnectorAD::Template.TemplateV4": { "additionalProperties": false, "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnalysisDefaults", - "markdownDescription": "", - "title": "AnalysisDefaults" + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" }, - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedField" - }, - "markdownDescription": "An array of calculated field definitions for the dashboard.", - "title": "CalculatedFields", - "type": "array" + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV4", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" }, - "ColumnConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnConfiguration" - }, - "markdownDescription": "An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard.", - "title": "ColumnConfigurations", - "type": "array" + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV4", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" }, - "DataSetIdentifierDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration" - }, - "markdownDescription": "An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures.", - "title": "DataSetIdentifierDeclarations", - "type": "array" + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV4", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" }, - "FilterGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterGroup" - }, - "markdownDescription": "The filter definitions for a dashboard.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", - "type": "array" + "HashAlgorithm": { + "markdownDescription": "Specifies the hash algorithm used to hash the private key. Hash algorithm can only be specified when using Key Storage Providers.", + "title": "HashAlgorithm", + "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AssetOptions", - "markdownDescription": "An array of option definitions for a dashboard.", - "title": "Options" + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4", + "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v4 templates. V4 templates allow you to use either Key Storage Providers or Legacy Cryptographic Service Providers. You specify the cryptography provider category in private key flags.", + "title": "PrivateKeyAttributes" }, - "ParameterDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDeclaration" - }, - "markdownDescription": "The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", - "type": "array" + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4", + "markdownDescription": "Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.", + "title": "PrivateKeyFlags" }, - "Sheets": { + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV4", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetDefinition" + "type": "string" }, - "markdownDescription": "An array of sheet definitions for a dashboard.", - "title": "Sheets", + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", "type": "array" } }, "required": [ - "DataSetIdentifierDeclarations" + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVisualPublishOptions": { + "AWS::PCAConnectorAD::Template.ValidityPeriod": { "additionalProperties": false, "properties": { - "ExportHiddenFieldsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportHiddenFieldsOption", - "markdownDescription": "Determines if hidden fields are included in an exported dashboard.", - "title": "ExportHiddenFieldsOption" + "Period": { + "markdownDescription": "The numeric value for the validity period.", + "title": "Period", + "type": "number" + }, + "PeriodType": { + "markdownDescription": "The unit of time. You can select hours, days, weeks, months, and years.", + "title": "PeriodType", + "type": "string" } }, + "required": [ + "Period", + "PeriodType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataBarsOptions": { + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", + "Condition": { "type": "string" }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessRights": { + "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights", + "markdownDescription": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.", + "title": "AccessRights" + }, + "GroupDisplayName": { + "markdownDescription": "Name of the Active Directory group. This name does not need to match the group name in Active Directory.", + "title": "GroupDisplayName", + "type": "string" + }, + "GroupSecurityIdentifier": { + "markdownDescription": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\".", + "title": "GroupSecurityIdentifier", + "type": "string" + }, + "TemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .", + "title": "TemplateArn", + "type": "string" + } + }, + "required": [ + "AccessRights", + "GroupDisplayName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataColor": { + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "AutoEnroll": { + "markdownDescription": "Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment", + "title": "AutoEnroll", "type": "string" }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", - "type": "number" + "Enroll": { + "markdownDescription": "Allow or deny an Active Directory group from enrolling certificates issued against a template.", + "title": "Enroll", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataFieldSeriesItem": { + "AWS::PCAConnectorSCEP::Challenge": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.", + "title": "ConnectorArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConnectorArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorSCEP::Challenge" + ], "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "AxisBinding", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataLabelOptions": { + "AWS::PCAConnectorSCEP::Connector": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "DataLabelTypes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelType" - }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", - "type": "array" - }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", + "Condition": { "type": "string" }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" - }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", - "type": "string" + "Metadata": { + "type": "object" }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority associated with the connector.", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "MobileDeviceManagement": { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector.MobileDeviceManagement", + "markdownDescription": "Contains settings relevant to the mobile device management system that you chose for the connector. If you didn't configure `MobileDeviceManagement` , then the connector is for general-purpose use and this object is empty.", + "title": "MobileDeviceManagement" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "CertificateAuthorityArn" + ], + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", + "Type": { + "enum": [ + "AWS::PCAConnectorSCEP::Connector" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataLabelType": { + "AWS::PCAConnectorSCEP::Connector.IntuneConfiguration": { "additionalProperties": false, "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" - }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" - }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" - }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" + "AzureApplicationId": { + "markdownDescription": "The directory (tenant) ID from your Microsoft Entra ID app registration.", + "title": "AzureApplicationId", + "type": "string" }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" + "Domain": { + "markdownDescription": "The primary domain from your Microsoft Entra ID app registration.", + "title": "Domain", + "type": "string" } }, + "required": [ + "AzureApplicationId", + "Domain" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathColor": { + "AWS::PCAConnectorSCEP::Connector.MobileDeviceManagement": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", - "type": "string" - }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" - }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", - "type": "string" + "Intune": { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector.IntuneConfiguration", + "markdownDescription": "Configuration settings for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see [Using Connector for SCEP for Microsoft Intune](https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlconnector-for-scep-intune.html) .", + "title": "Intune" } }, "required": [ - "Color", - "Element" + "Intune" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathLabelType": { + "AWS::PCAConnectorSCEP::Connector.OpenIdConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", + "Audience": { + "markdownDescription": "The audience value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Audience", "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", + "Issuer": { + "markdownDescription": "The issuer value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Issuer", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the data label.", - "title": "Visibility", + "Subject": { + "markdownDescription": "The subject value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Subject", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathSort": { + "AWS::PCS::Cluster": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", + "Condition": { "type": "string" }, - "SortPaths": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name that identifies the cluster.", + "title": "Name", + "type": "string" + }, + "Networking": { + "$ref": "#/definitions/AWS::PCS::Cluster.Networking", + "markdownDescription": "The networking configuration for the cluster's control plane.", + "title": "Networking" + }, + "Scheduler": { + "$ref": "#/definitions/AWS::PCS::Cluster.Scheduler", + "markdownDescription": "The cluster management and job scheduling software associated with the cluster.", + "title": "Scheduler" + }, + "Size": { + "markdownDescription": "The size of the cluster.", + "title": "Size", + "type": "string" + }, + "SlurmConfiguration": { + "$ref": "#/definitions/AWS::PCS::Cluster.SlurmConfiguration", + "markdownDescription": "Additional options related to the Slurm scheduler.", + "title": "SlurmConfiguration" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", - "type": "array" + "required": [ + "Networking", + "Scheduler", + "Size" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Direction", - "SortPaths" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathType": { + "AWS::PCS::Cluster.Accounting": { "additionalProperties": false, "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", + "DefaultPurgeTimeInDays": { + "markdownDescription": "The default value for all purge settings for `slurmdbd.conf` . For more information, see the [slurmdbd.conf documentation at SchedMD](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurmdbd.conf.html) .\n\nThe default value `-1` means there is no purge time and records persist as long as the cluster exists.\n\n> `0` isn't a valid value.", + "title": "DefaultPurgeTimeInDays", + "type": "number" + }, + "Mode": { + "markdownDescription": "The default value for `mode` is `STANDARD` . A value of `STANDARD` means Slurm accounting is enabled.", + "title": "Mode", "type": "string" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathValue": { + "AWS::PCS::Cluster.AuthKey": { "additionalProperties": false, "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the shared Slurm key.", + "title": "SecretArn", "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", + "SecretVersion": { + "markdownDescription": "The version of the shared Slurm key.", + "title": "SecretVersion", "type": "string" } }, + "required": [ + "SecretArn", + "SecretVersion" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPointDrillUpDownOption": { + "AWS::PCS::Cluster.Endpoint": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the drill down options of data points.", - "title": "AvailabilityStatus", + "Port": { + "markdownDescription": "The endpoint's connection port number.", + "title": "Port", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataPointMenuLabelOption": { - "additionalProperties": false, - "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the data point menu options.", - "title": "AvailabilityStatus", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataPointTooltipOption": { - "additionalProperties": false, - "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the data point tool tip options.", - "title": "AvailabilityStatus", + }, + "PrivateIpAddress": { + "markdownDescription": "The endpoint's private IP address.", + "title": "PrivateIpAddress", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration": { - "additionalProperties": false, - "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", - "title": "DataSetArn", + }, + "PublicIpAddress": { + "markdownDescription": "The endpoint's public IP address.", + "title": "PublicIpAddress", "type": "string" }, - "Identifier": { - "markdownDescription": "The identifier of the data set, typically the data set's name.", - "title": "Identifier", + "Type": { + "markdownDescription": "Indicates the type of endpoint running at the specific IP address.", + "title": "Type", "type": "string" } }, "required": [ - "DataSetArn", - "Identifier" + "Port", + "PrivateIpAddress", + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataSetReference": { + "AWS::PCS::Cluster.ErrorInfo": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", "type": "string" }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", - "type": "string" - } - }, - "required": [ - "DataSetArn", - "DataSetPlaceholder" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.DateAxisOptions": { - "additionalProperties": false, - "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", + "Message": { + "markdownDescription": "The detailed error information.", + "title": "Message", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DateDimensionField": { + "AWS::PCS::Cluster.Networking": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" - }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security group IDs associated with the Elastic Network Interface (ENI) created in subnets.", + "title": "SecurityGroupIds", + "type": "array" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnet IDs where AWS PCS creates an Elastic Network Interface (ENI) to enable communication between managed controllers and AWS PCS resources. The subnet must have an available IP address, cannot reside in AWS Outposts, AWS Wavelength, or an AWS Local Zone. AWS PCS currently supports only 1 subnet in this list.", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateMeasureField": { + "AWS::PCS::Cluster.Scheduler": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "Type": { + "markdownDescription": "The software AWS PCS uses to manage cluster scaling and job scheduling.", + "title": "Type", "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Version": { + "markdownDescription": "The version of the specified scheduling software that AWS PCS uses to manage cluster scaling and job scheduling.", + "title": "Version", "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" } }, "required": [ - "Column", - "FieldId" + "Type", + "Version" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeDefaultValues": { + "AWS::PCS::Cluster.SlurmConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Accounting": { + "$ref": "#/definitions/AWS::PCS::Cluster.Accounting", + "markdownDescription": "The accounting configuration includes configurable settings for Slurm accounting.", + "title": "Accounting" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" + "AuthKey": { + "$ref": "#/definitions/AWS::PCS::Cluster.AuthKey", + "markdownDescription": "The shared Slurm key for authentication, also known as the cluster secret.", + "title": "AuthKey" }, - "StaticValues": { + "ScaleDownIdleTimeInSeconds": { + "markdownDescription": "The time before an idle node is scaled down.", + "title": "ScaleDownIdleTimeInSeconds", + "type": "number" + }, + "SlurmCustomSettings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::PCS::Cluster.SlurmCustomSetting" }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", + "title": "SlurmCustomSettings", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeFormatConfiguration": { + "AWS::PCS::Cluster.SlurmCustomSetting": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", + "ParameterName": { + "markdownDescription": "AWS PCS supports configuration of the following Slurm parameters:\n\n- For *clusters*\n\n- [`Prolog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Prolog_1)\n- [`Epilog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Epilog_1)\n- [`SelectTypeParameters`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_SelectTypeParameters)\n- For *compute node groups*\n\n- [`Weight`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)\n- [`RealMemory`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)", + "title": "ParameterName", "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DateTimeHierarchy": { - "additionalProperties": false, - "properties": { - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", - "type": "array" - }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", + "ParameterValue": { + "markdownDescription": "The values for the configured Slurm settings.", + "title": "ParameterValue", "type": "string" } }, "required": [ - "HierarchyId" + "ParameterName", + "ParameterValue" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeParameter": { + "AWS::PCS::ComputeNodeGroup": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the date-time parameter.", - "title": "Name", + "Condition": { "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values for the date-time parameter.", - "title": "Values", - "type": "array" - } - }, - "required": [ - "Name", - "Values" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.DateTimeParameterDeclaration": { - "additionalProperties": false, - "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmiId": { + "markdownDescription": "The ID of the Amazon Machine Image (AMI) that AWS PCS uses to launch instances. If not provided, AWS PCS uses the AMI ID specified in the custom launch template.", + "title": "AmiId", + "type": "string" + }, + "ClusterId": { + "markdownDescription": "The ID of the cluster of the compute node group.", + "title": "ClusterId", + "type": "string" + }, + "CustomLaunchTemplate": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate", + "markdownDescription": "An Amazon EC2 launch template AWS PCS uses to launch compute nodes.", + "title": "CustomLaunchTemplate" + }, + "IamInstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have pcs:RegisterComputeNodeGroupInstance permissions attached to provision instances correctly.", + "title": "IamInstanceProfileArn", + "type": "string" + }, + "InstanceConfigs": { + "items": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.InstanceConfig" + }, + "markdownDescription": "A list of EC2 instance configurations that AWS PCS can provision in the compute node group.", + "title": "InstanceConfigs", + "type": "array" + }, + "Name": { + "markdownDescription": "The name that identifies the compute node group.", + "title": "Name", + "type": "string" + }, + "PurchaseOption": { + "markdownDescription": "Specifies how EC2 instances are purchased on your behalf. AWS PCS supports On-Demand and Spot instances. For more information, see Instance purchasing options in the Amazon Elastic Compute Cloud User Guide. If you don't provide this option, it defaults to On-Demand.", + "title": "PurchaseOption", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.ScalingConfiguration", + "markdownDescription": "Specifies the boundaries of the compute node group auto scaling.", + "title": "ScalingConfiguration" + }, + "SlurmConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmConfiguration", + "markdownDescription": "Additional options related to the Slurm scheduler.", + "title": "SlurmConfiguration" + }, + "SpotOptions": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SpotOptions", + "markdownDescription": "Additional configuration when you specify `SPOT` as the `purchaseOption` .", + "title": "SpotOptions" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnet IDs where instances are provisioned by the compute node group. The subnets must be in the same VPC as the cluster.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "required": [ + "ClusterId", + "CustomLaunchTemplate", + "IamInstanceProfileArn", + "InstanceConfigs", + "ScalingConfiguration", + "SubnetIds" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Type": { + "enum": [ + "AWS::PCS::ComputeNodeGroup" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, "required": [ - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions": { + "AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", + "TemplateId": { + "markdownDescription": "The ID of the EC2 launch template to use to provision instances.", + "title": "TemplateId", "type": "string" }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Version": { + "markdownDescription": "The version of the EC2 launch template to use to provision instances.", + "title": "Version", + "type": "string" } }, + "required": [ + "Version" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration": { + "AWS::PCS::ComputeNodeGroup.ErrorInfo": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "Message": { + "markdownDescription": "The detailed error information.", + "title": "Message", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalDefaultValues": { + "AWS::PCS::ComputeNodeGroup.InstanceConfig": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" - }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "InstanceType": { + "markdownDescription": "The EC2 instance type that AWS PCS can provision in the compute node group.\n\nExample: `t2.xlarge`", + "title": "InstanceType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalParameter": { + "AWS::PCS::ComputeNodeGroup.ScalingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the decimal parameter.", - "title": "Name", - "type": "string" + "MaxInstanceCount": { + "markdownDescription": "The upper bound of the number of instances allowed in the compute fleet.", + "title": "MaxInstanceCount", + "type": "number" }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the decimal parameter.", - "title": "Values", - "type": "array" + "MinInstanceCount": { + "markdownDescription": "The lower bound of the number of instances allowed in the compute fleet.", + "title": "MinInstanceCount", + "type": "number" } }, "required": [ - "Name", - "Values" + "MaxInstanceCount", + "MinInstanceCount" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalParameterDeclaration": { + "AWS::PCS::ComputeNodeGroup.SlurmConfiguration": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { + "SlurmCustomSettings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmCustomSetting" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", + "title": "SlurmCustomSettings", "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" - }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", - "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalPlacesConfiguration": { + "AWS::PCS::ComputeNodeGroup.SlurmCustomSetting": { "additionalProperties": false, "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", - "type": "number" + "ParameterName": { + "markdownDescription": "AWS PCS supports configuration of the following Slurm parameters:\n\n- For *clusters*\n\n- [`Prolog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Prolog_1)\n- [`Epilog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Epilog_1)\n- [`SelectTypeParameters`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_SelectTypeParameters)\n- For *compute node groups*\n\n- [`Weight`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)\n- [`RealMemory`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The values for the configured Slurm settings.", + "title": "ParameterValue", + "type": "string" } }, "required": [ - "DecimalPlaces" + "ParameterName", + "ParameterValue" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration": { + "AWS::PCS::ComputeNodeGroup.SpotOptions": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" - }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "AllocationStrategy": { + "markdownDescription": "The Amazon EC2 allocation strategy AWS PCS uses to provision EC2 instances. AWS PCS supports lowest price, capacity optimized, and price capacity optimized. If you don't provide this option, it defaults to price capacity optimized.", + "title": "AllocationStrategy", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions": { + "AWS::PCS::Queue": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration": { - "additionalProperties": false, - "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "ControlOptions", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultFilterControlOptions": { - "additionalProperties": false, - "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" - }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" - }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" - }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" - }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Metadata": { + "type": "object" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterId": { + "markdownDescription": "The ID of the cluster of the queue.", + "title": "ClusterId", + "type": "string" + }, + "ComputeNodeGroupConfigurations": { + "items": { + "$ref": "#/definitions/AWS::PCS::Queue.ComputeNodeGroupConfiguration" + }, + "markdownDescription": "The list of compute node group configurations associated with the queue. Queues assign jobs to associated compute node groups.", + "title": "ComputeNodeGroupConfigurations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name that identifies the queue.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ClusterId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::PCS::Queue" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultFilterListControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" }, - "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" - } - }, "required": [ - "CanvasSizeOptions" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration": { + "AWS::PCS::Queue.ComputeNodeGroupConfiguration": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" + "ComputeNodeGroupId": { + "markdownDescription": "The compute node group ID for the compute node group configuration.", + "title": "ComputeNodeGroupId", + "type": "string" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration": { + "AWS::PCS::Queue.ErrorInfo": { "additionalProperties": false, "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" + "Message": { + "markdownDescription": "TBDThe detailed error information.", + "title": "Message", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration": { + "AWS::Panorama::ApplicationInstance": { "additionalProperties": false, "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" + "Condition": { + "type": "string" }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationInstanceIdToReplace": { + "markdownDescription": "The ID of an application instance to replace with the new instance.", + "title": "ApplicationInstanceIdToReplace", + "type": "string" + }, + "DefaultRuntimeContextDevice": { + "markdownDescription": "The device's ID.", + "title": "DefaultRuntimeContextDevice", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the application instance.", + "title": "Description", + "type": "string" + }, + "ManifestOverridesPayload": { + "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestOverridesPayload", + "markdownDescription": "Setting overrides for the application manifest.", + "title": "ManifestOverridesPayload" + }, + "ManifestPayload": { + "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestPayload", + "markdownDescription": "The application's manifest document.", + "title": "ManifestPayload" + }, + "Name": { + "markdownDescription": "A name for the application instance.", + "title": "Name", + "type": "string" + }, + "RuntimeRoleArn": { + "markdownDescription": "The ARN of a runtime role for the application instance.", + "title": "RuntimeRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags for the application instance.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DefaultRuntimeContextDevice", + "ManifestPayload" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Panorama::ApplicationInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions": { + "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "PayloadData": { + "markdownDescription": "The overrides document.", + "title": "PayloadData", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration": { + "AWS::Panorama::ApplicationInstance.ManifestPayload": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" + "PayloadData": { + "markdownDescription": "The application manifest.", + "title": "PayloadData", + "type": "string" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultSliderControlOptions": { + "AWS::Panorama::Package": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PackageName": { + "markdownDescription": "A name for the package.", + "title": "PackageName", + "type": "string" + }, + "StorageLocation": { + "$ref": "#/definitions/AWS::Panorama::Package.StorageLocation", + "markdownDescription": "A storage location.", + "title": "StorageLocation" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags for the package.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "PackageName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "enum": [ + "AWS::Panorama::Package" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions": { + "AWS::Panorama::Package.StorageLocation": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "BinaryPrefixLocation": { + "markdownDescription": "The location's binary prefix.", + "title": "BinaryPrefixLocation", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Bucket": { + "markdownDescription": "The location's bucket.", + "title": "Bucket", + "type": "string" + }, + "GeneratedPrefixLocation": { + "markdownDescription": "The location's generated prefix.", + "title": "GeneratedPrefixLocation", + "type": "string" + }, + "ManifestPrefixLocation": { + "markdownDescription": "The location's manifest prefix.", + "title": "ManifestPrefixLocation", + "type": "string" + }, + "RepoPrefixLocation": { + "markdownDescription": "The location's repo prefix.", + "title": "RepoPrefixLocation", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration": { + "AWS::Panorama::PackageVersion": { "additionalProperties": false, "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" + "Condition": { + "type": "string" }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MarkLatest": { + "markdownDescription": "Whether to mark the new version as the latest version.", + "title": "MarkLatest", + "type": "boolean" + }, + "OwnerAccount": { + "markdownDescription": "An owner account.", + "title": "OwnerAccount", + "type": "string" + }, + "PackageId": { + "markdownDescription": "A package ID.", + "title": "PackageId", + "type": "string" + }, + "PackageVersion": { + "markdownDescription": "A package version.", + "title": "PackageVersion", + "type": "string" + }, + "PatchVersion": { + "markdownDescription": "A patch version.", + "title": "PatchVersion", + "type": "string" + }, + "UpdatedLatestPatchVersion": { + "markdownDescription": "If the version was marked latest, the new version to maker as latest.", + "title": "UpdatedLatestPatchVersion", + "type": "string" + } + }, + "required": [ + "PackageId", + "PackageVersion", + "PatchVersion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Panorama::PackageVersion" + ], "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DimensionField": { + "AWS::PaymentCryptography::Alias": { "additionalProperties": false, "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" + "Condition": { + "type": "string" }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DonutCenterOptions": { - "additionalProperties": false, - "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AliasName": { + "markdownDescription": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n> Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output.", + "title": "AliasName", + "type": "string" + }, + "KeyArn": { + "markdownDescription": "The `KeyARN` of the key associated with the alias.", + "title": "KeyArn", + "type": "string" + } + }, + "required": [ + "AliasName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PaymentCryptography::Alias" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DonutOptions": { - "additionalProperties": false, - "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DrillDownFilter": { + "AWS::PaymentCryptography::Key": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" + "Condition": { + "type": "string" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DropDownControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" + "Metadata": { + "type": "object" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DynamicDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" + "Properties": { + "additionalProperties": false, + "properties": { + "DeriveKeyUsage": { + "markdownDescription": "The cryptographic usage of an ECDH derived key as de\ufb01ned in section A.5.2 of the TR-31 spec.", + "title": "DeriveKeyUsage", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the key is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Exportable": { + "markdownDescription": "Specifies whether the key is exportable. This data is immutable after the key is created.", + "title": "Exportable", + "type": "boolean" + }, + "KeyAttributes": { + "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyAttributes", + "markdownDescription": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.", + "title": "KeyAttributes" + }, + "KeyCheckValueAlgorithm": { + "markdownDescription": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.", + "title": "KeyCheckValueAlgorithm", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Exportable", + "KeyAttributes" + ], + "type": "object" }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" + "Type": { + "enum": [ + "AWS::PaymentCryptography::Key" + ], + "type": "string" }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DefaultValueColumn" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.EmptyVisual": { + "AWS::PaymentCryptography::Key.KeyAttributes": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "KeyAlgorithm": { + "markdownDescription": "The key algorithm to be use during creation of an AWS Payment Cryptography key.\n\nFor symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms.", + "title": "KeyAlgorithm", + "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", - "title": "DataSetIdentifier", + "KeyClass": { + "markdownDescription": "The type of AWS Payment Cryptography key to create, which determines the classi\ufb01cation of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.", + "title": "KeyClass", "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "KeyModesOfUse": { + "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyModesOfUse", + "markdownDescription": "The list of cryptographic operations that you can perform using the key.", + "title": "KeyModesOfUse" + }, + "KeyUsage": { + "markdownDescription": "The cryptographic usage of an AWS Payment Cryptography key as de\ufb01ned in section A.5.2 of the TR-31 spec.", + "title": "KeyUsage", "type": "string" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "KeyAlgorithm", + "KeyClass", + "KeyModesOfUse", + "KeyUsage" ], "type": "object" }, - "AWS::QuickSight::Dashboard.Entity": { + "AWS::PaymentCryptography::Key.KeyModesOfUse": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", - "type": "string" + "Decrypt": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to decrypt data.", + "title": "Decrypt", + "type": "boolean" + }, + "DeriveKey": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to derive new keys.", + "title": "DeriveKey", + "type": "boolean" + }, + "Encrypt": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to encrypt data.", + "title": "Encrypt", + "type": "boolean" + }, + "Generate": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.", + "title": "Generate", + "type": "boolean" + }, + "NoRestrictions": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` .", + "title": "NoRestrictions", + "type": "boolean" + }, + "Sign": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used for signing.", + "title": "Sign", + "type": "boolean" + }, + "Unwrap": { + "markdownDescription": "", + "title": "Unwrap", + "type": "boolean" + }, + "Verify": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to verify signatures.", + "title": "Verify", + "type": "boolean" + }, + "Wrap": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to wrap other keys.", + "title": "Wrap", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ExcludePeriodConfiguration": { + "AWS::Personalize::Dataset": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", - "type": "number" - }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", + "Condition": { "type": "string" }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "Amount", - "Granularity" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.ExplicitHierarchy": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", - "type": "array" }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatasetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group.", + "title": "DatasetGroupArn", + "type": "string" + }, + "DatasetImportJob": { + "$ref": "#/definitions/AWS::Personalize::Dataset.DatasetImportJob", + "markdownDescription": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required.", + "title": "DatasetImportJob" + }, + "DatasetType": { + "markdownDescription": "One of the following values:\n\n- Interactions\n- Items\n- Users\n\n> You can't use CloudFormation to create an Action Interactions or Actions dataset.", + "title": "DatasetType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the dataset.", + "title": "Name", + "type": "string" + }, + "SchemaArn": { + "markdownDescription": "The ARN of the associated schema.", + "title": "SchemaArn", + "type": "string" + } }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "required": [ + "DatasetGroupArn", + "DatasetType", + "Name", + "SchemaArn" + ], + "type": "object" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", + "Type": { + "enum": [ + "AWS::Personalize::Dataset" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Columns", - "HierarchyId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ExportHiddenFieldsOption": { - "additionalProperties": false, - "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the export hidden fields options of a dashbaord.", - "title": "AvailabilityStatus", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ExportToCSVOption": { + "AWS::Personalize::Dataset.DataSource": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "Availability status.", - "title": "AvailabilityStatus", + "DataLocation": { + "markdownDescription": "For dataset import jobs, the path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. For data deletion jobs, the path to the Amazon S3 bucket that stores the list of records to delete.\n\nFor example:\n\n`s3://bucket-name/folder-name/fileName.csv`\n\nIf your CSV files are in a folder in your Amazon S3 bucket and you want your import job or data deletion job to consider multiple files, you can specify the path to the folder. With a data deletion job, Amazon Personalize uses all files in the folder and any sub folder. Use the following syntax with a `/` after the folder name:\n\n`s3://bucket-name/folder-name/`", + "title": "DataLocation", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption": { + "AWS::Personalize::Dataset.DatasetImportJob": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the export with hidden fields options.", - "title": "AvailabilityStatus", + "DataSource": { + "$ref": "#/definitions/AWS::Personalize::Dataset.DataSource", + "markdownDescription": "The Amazon S3 bucket that contains the training data to import.", + "title": "DataSource" + }, + "DatasetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that receives the imported data.", + "title": "DatasetArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FieldBasedTooltip": { - "additionalProperties": false, - "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", + }, + "DatasetImportJobArn": { + "markdownDescription": "The ARN of the dataset import job.", + "title": "DatasetImportJobArn", "type": "string" }, - "TooltipFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipItem" - }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", - "type": "array" + "JobName": { + "markdownDescription": "The name of the import job.", + "title": "JobName", + "type": "string" }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that has permissions to read from the Amazon S3 data source.", + "title": "RoleArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FieldLabelType": { + "AWS::Personalize::DatasetGroup": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", + "Condition": { "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the field label.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FieldSeriesItem": { - "additionalProperties": false, - "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of a Domain dataset group.", + "title": "Domain", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key used to encrypt the datasets.", + "title": "KmsKeyArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the dataset group.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Personalize::DatasetGroup" + ], "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "AxisBinding", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldSort": { + "AWS::Personalize::Schema": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The sort configuration target field.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of a schema that you created for a dataset in a Domain dataset group.", + "title": "Domain", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the schema.", + "title": "Name", + "type": "string" + }, + "Schema": { + "markdownDescription": "The schema.", + "title": "Schema", + "type": "string" + } + }, + "required": [ + "Name", + "Schema" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Personalize::Schema" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Direction", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldSortOptions": { + "AWS::Personalize::Solution": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" + "Condition": { + "type": "string" }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FieldTooltipItem": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatasetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group that provides the training data.", + "title": "DatasetGroupArn", + "type": "string" + }, + "EventType": { + "markdownDescription": "The event type (for example, 'click' or 'like') that is used for training the model. If no `eventType` is provided, Amazon Personalize uses all interactions for training with equal weight regardless of type.", + "title": "EventType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the solution.", + "title": "Name", + "type": "string" + }, + "PerformAutoML": { + "markdownDescription": "> We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see [Determining your use case.](https://docs.aws.amazon.com/personalize/latest/dg/determining-use-case.html) \n\nWhen true, Amazon Personalize performs a search for the best USER_PERSONALIZATION recipe from the list specified in the solution configuration ( `recipeArn` must not be specified). When false (the default), Amazon Personalize uses `recipeArn` for training.", + "title": "PerformAutoML", + "type": "boolean" + }, + "PerformHPO": { + "markdownDescription": "Whether to perform hyperparameter optimization (HPO) on the chosen recipe. The default is `false` .", + "title": "PerformHPO", + "type": "boolean" + }, + "RecipeArn": { + "markdownDescription": "The ARN of the recipe used to create the solution. This is required when `performAutoML` is false.", + "title": "RecipeArn", + "type": "string" + }, + "SolutionConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.SolutionConfig", + "markdownDescription": "Describes the configuration properties for the solution.", + "title": "SolutionConfig" + } + }, + "required": [ + "DatasetGroupArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Personalize::Solution" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells": { + "AWS::Personalize::Solution.AlgorithmHyperParameterRanges": { "additionalProperties": false, "properties": { - "Geospatial": { + "CategoricalHyperParameterRanges": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::Personalize::Solution.CategoricalHyperParameterRange" }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", + "markdownDescription": "Provides the name and range of a categorical hyperparameter.", + "title": "CategoricalHyperParameterRanges", "type": "array" }, - "Values": { + "ContinuousHyperParameterRanges": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::Personalize::Solution.ContinuousHyperParameterRange" }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", - "title": "Values", + "markdownDescription": "Provides the name and range of a continuous hyperparameter.", + "title": "ContinuousHyperParameterRanges", + "type": "array" + }, + "IntegerHyperParameterRanges": { + "items": { + "$ref": "#/definitions/AWS::Personalize::Solution.IntegerHyperParameterRange" + }, + "markdownDescription": "Provides the name and range of an integer-valued hyperparameter.", + "title": "IntegerHyperParameterRanges", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapConditionalFormatting": { + "AWS::Personalize::Solution.AutoMLConfig": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "MetricName": { + "markdownDescription": "The metric to optimize.", + "title": "MetricName", + "type": "string" + }, + "RecipeList": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "The list of candidate recipes.", + "title": "RecipeList", "type": "array" } }, - "required": [ - "ConditionalFormattingOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption": { + "AWS::Personalize::Solution.CategoricalHyperParameterRange": { "additionalProperties": false, "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the categories for the hyperparameter.", + "title": "Values", + "type": "array" } }, - "required": [ - "Shape" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapConfiguration": { + "AWS::Personalize::Solution.ContinuousHyperParameterRange": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" + "MaxValue": { + "markdownDescription": "The maximum allowable value for the hyperparameter.", + "title": "MaxValue", + "type": "number" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "MinValue": { + "markdownDescription": "The minimum allowable value for the hyperparameter.", + "title": "MinValue", + "type": "number" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapFieldWells": { + "AWS::Personalize::Solution.HpoConfig": { "additionalProperties": false, "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" + "AlgorithmHyperParameterRanges": { + "$ref": "#/definitions/AWS::Personalize::Solution.AlgorithmHyperParameterRanges", + "markdownDescription": "The hyperparameters and their allowable ranges.", + "title": "AlgorithmHyperParameterRanges" + }, + "HpoObjective": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoObjective", + "markdownDescription": "The metric to optimize during HPO.\n\n> Amazon Personalize doesn't support configuring the `hpoObjective` at this time.", + "title": "HpoObjective" + }, + "HpoResourceConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoResourceConfig", + "markdownDescription": "Describes the resource configuration for HPO.", + "title": "HpoResourceConfig" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting": { + "AWS::Personalize::Solution.HpoObjective": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", - "title": "FieldId", + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", "type": "string" }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" + "MetricRegex": { + "markdownDescription": "A regular expression for finding the metric in the training job logs.", + "title": "MetricRegex", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the metric. Valid values are `Maximize` and `Minimize` .", + "title": "Type", + "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapSortConfiguration": { + "AWS::Personalize::Solution.HpoResourceConfig": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the location fields.", - "title": "CategorySort", - "type": "array" + "MaxNumberOfTrainingJobs": { + "markdownDescription": "The maximum number of training jobs when you create a solution version. The maximum value for `maxNumberOfTrainingJobs` is `40` .", + "title": "MaxNumberOfTrainingJobs", + "type": "string" + }, + "MaxParallelTrainingJobs": { + "markdownDescription": "The maximum number of parallel training jobs when you create a solution version. The maximum value for `maxParallelTrainingJobs` is `10` .", + "title": "MaxParallelTrainingJobs", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapVisual": { + "AWS::Personalize::Solution.IntegerHyperParameterRange": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "MaxValue": { + "markdownDescription": "The maximum allowable value for the hyperparameter.", + "title": "MaxValue", + "type": "number" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "MinValue": { + "markdownDescription": "The minimum allowable value for the hyperparameter.", + "title": "MinValue", + "type": "number" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Personalize::Solution.SolutionConfig": { + "additionalProperties": false, + "properties": { + "AlgorithmHyperParameters": { + "additionalProperties": true, + "markdownDescription": "Lists the algorithm hyperparameters and their values.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "title": "AlgorithmHyperParameters", + "type": "object" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" + "AutoMLConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.AutoMLConfig", + "markdownDescription": "The [AutoMLConfig](https://docs.aws.amazon.com/personalize/latest/dg/API_AutoMLConfig.html) object containing a list of recipes to search when AutoML is performed.", + "title": "AutoMLConfig" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "EventValueThreshold": { + "markdownDescription": "Only events with a value greater than or equal to this threshold are used for training a model.", + "title": "EventValueThreshold", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "FeatureTransformationParameters": { + "additionalProperties": true, + "markdownDescription": "Lists the feature transformation parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "FeatureTransformationParameters", + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "HpoConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoConfig", + "markdownDescription": "Describes the properties for hyperparameter optimization (HPO).", + "title": "HpoConfig" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.Filter": { + "AWS::Pinpoint::ADMChannel": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" + "Condition": { + "type": "string" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" + "Metadata": { + "type": "object" }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the ADM channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The Client ID that you received from Amazon to send messages by using ADM.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The Client Secret that you received from Amazon to send messages by using ADM.", + "title": "ClientSecret", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the ADM channel for the application.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "ApplicationId", + "ClientId", + "ClientSecret" + ], + "type": "object" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" + "Type": { + "enum": [ + "AWS::Pinpoint::ADMChannel" + ], + "type": "string" }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterControl": { + "AWS::Pinpoint::APNSChannel": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", - "title": "List" + "Condition": { + "type": "string" }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "Metadata": { + "type": "object" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterCrossSheetControl": { - "additionalProperties": false, - "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", + "Type": { + "enum": [ + "AWS::Pinpoint::APNSChannel" + ], "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterDateTimePickerControl": { + "AWS::Pinpoint::APNSSandboxChannel": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", + "Condition": { "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", - "title": "Title", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs sandbox channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs Sandbox channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::Pinpoint::APNSSandboxChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterDropDownControl": { + "AWS::Pinpoint::APNSVoipChannel": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs VoIP channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs VoIP channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::Pinpoint::APNSVoipChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterGroup": { + "AWS::Pinpoint::APNSVoipSandboxChannel": { "additionalProperties": false, "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", + "Condition": { "type": "string" }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Filter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the application that the APNs VoIP sandbox channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the APNs VoIP sandbox channel is enabled for the application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with the APNs sandbox environment.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple developer account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", - "type": "array" + "required": [ + "ApplicationId" + ], + "type": "object" }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" + "Type": { + "enum": [ + "AWS::Pinpoint::APNSVoipSandboxChannel" + ], + "type": "string" }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterListConfiguration": { + "AWS::Pinpoint::App": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" + "Condition": { + "type": "string" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The display name of the application.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::App" + ], "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MatchOperator" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterListControl": { + "AWS::Pinpoint::ApplicationSettings": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `FilterListControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application.", + "title": "ApplicationId", + "type": "string" + }, + "CampaignHook": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.CampaignHook", + "markdownDescription": "The settings for the Lambda function to use by default as a code hook for campaigns in the application. To override these settings for a specific campaign, use the Campaign resource to define custom Lambda function settings for the campaign.", + "title": "CampaignHook" + }, + "CloudWatchMetricsEnabled": { + "markdownDescription": "", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" + }, + "Limits": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.Limits", + "markdownDescription": "The default sending limits for campaigns in the application. To override these limits for a specific campaign, use the Campaign resource to define custom limits for the campaign.", + "title": "Limits" + }, + "QuietTime": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.QuietTime", + "markdownDescription": "The default quiet time for campaigns in the application. Quiet time is a specific time range when campaigns don't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the application (or a campaign that has custom quiet time settings).\n\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the application (or a campaign that has custom quiet time settings).\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from a campaign, even if quiet time is enabled.\n\nTo override the default quiet time settings for a specific campaign, use the Campaign resource to define a custom quiet time for the campaign.", + "title": "QuietTime" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "enum": [ + "AWS::Pinpoint::ApplicationSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration": { + "AWS::Pinpoint::ApplicationSettings.CampaignHook": { "additionalProperties": false, "properties": { - "SelectedColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", - "type": "array" + "LambdaFunctionName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to send messages for campaigns in the application.", + "title": "LambdaFunctionName", + "type": "string" }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", + "Mode": { + "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", + "title": "Mode", "type": "string" }, - "SelectedFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", - "type": "array" + "WebUrl": { + "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", + "title": "WebUrl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration": { + "AWS::Pinpoint::ApplicationSettings.Limits": { "additionalProperties": false, "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" + "Daily": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", + "title": "Daily", + "type": "number" + }, + "MaximumDuration": { + "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", + "title": "MaximumDuration", + "type": "number" + }, + "MessagesPerSecond": { + "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", + "title": "MessagesPerSecond", + "type": "number" + }, + "Total": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", + "title": "Total", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl": { + "AWS::Pinpoint::ApplicationSettings.QuietTime": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "End": { + "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "End", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", + "Start": { + "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "Start", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "End", + "Start" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterScopeConfiguration": { - "additionalProperties": false, - "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" - }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterSelectableValues": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterSliderControl": { + "AWS::Pinpoint::BaiduChannel": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", + "Condition": { "type": "string" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ApiKey": { + "markdownDescription": "The API key that you received from the Baidu Cloud Push service to communicate with the service.", + "title": "ApiKey", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're configuring the Baidu channel for.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the Baidu channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "SecretKey": { + "markdownDescription": "The secret key that you received from the Baidu Cloud Push service to communicate with the service.", + "title": "SecretKey", + "type": "string" + } + }, + "required": [ + "ApiKey", + "ApplicationId", + "SecretKey" + ], + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", - "title": "Title", + "Type": { + "enum": [ + "AWS::Pinpoint::BaiduChannel" + ], "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "MaximumValue", - "MinimumValue", - "SourceFilterId", - "StepSize", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterTextAreaControl": { + "AWS::Pinpoint::Campaign": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "Condition": { "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", - "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterTextFieldControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", - "type": "string" + "Metadata": { + "type": "object" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalTreatments": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.WriteTreatmentResource" + }, + "markdownDescription": "An array of requests that defines additional treatments for the campaign, in addition to the default treatment for the campaign.", + "title": "AdditionalTreatments", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the campaign is associated with.", + "title": "ApplicationId", + "type": "string" + }, + "CampaignHook": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignHook", + "markdownDescription": "Specifies the Lambda function to use as a code hook for a campaign.", + "title": "CampaignHook" + }, + "CustomDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", + "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", + "title": "CustomDeliveryConfiguration" + }, + "Description": { + "markdownDescription": "A custom description of the campaign.", + "title": "Description", + "type": "string" + }, + "HoldoutPercent": { + "markdownDescription": "The allocated percentage of users (segment members) who shouldn't receive messages from the campaign.", + "title": "HoldoutPercent", + "type": "number" + }, + "IsPaused": { + "markdownDescription": "Specifies whether to pause the campaign. A paused campaign doesn't run unless you resume it by changing this value to `false` . If you restart a campaign, the campaign restarts from the beginning and not at the point you paused it. If a campaign is running it will complete and then pause. Pause only pauses or skips the next run for a recurring future scheduled campaign. A campaign scheduled for immediate can't be paused.", + "title": "IsPaused", + "type": "boolean" + }, + "Limits": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Limits", + "markdownDescription": "The messaging limits for the campaign.", + "title": "Limits" + }, + "MessageConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", + "markdownDescription": "The message configuration settings for the treatment.", + "title": "MessageConfiguration" + }, + "Name": { + "markdownDescription": "The name of the campaign.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "An integer between 1 and 5, inclusive, that represents the priority of the in-app message campaign, where 1 is the highest priority and 5 is the lowest. If there are multiple messages scheduled to be displayed at the same time, the priority determines the order in which those messages are displayed.", + "title": "Priority", + "type": "number" + }, + "Schedule": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", + "markdownDescription": "The schedule settings for the treatment.", + "title": "Schedule" + }, + "SegmentId": { + "markdownDescription": "The unique identifier for the segment to associate with the campaign.", + "title": "SegmentId", + "type": "string" + }, + "SegmentVersion": { + "markdownDescription": "The version of the segment to associate with the campaign.", + "title": "SegmentVersion", + "type": "number" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", + "markdownDescription": "The message template to use for the treatment.", + "title": "TemplateConfiguration" + }, + "TreatmentDescription": { + "markdownDescription": "A custom description of the treatment.", + "title": "TreatmentDescription", + "type": "string" + }, + "TreatmentName": { + "markdownDescription": "A custom name for the treatment.", + "title": "TreatmentName", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "Name", + "Schedule", + "SegmentId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::Campaign" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FontConfiguration": { + "AWS::Pinpoint::Campaign.AttributeDimension": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", - "type": "string" - }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", - "type": "string" - }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" - }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", + "AttributeType": { "type": "string" }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FontSize": { - "additionalProperties": false, - "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FontWeight": { + "AWS::Pinpoint::Campaign.CampaignCustomMessage": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", - "title": "Name", + "Data": { + "markdownDescription": "The raw, JSON-formatted string to use as the payload for the message. The maximum size is 5 KB.", + "title": "Data", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastComputation": { + "AWS::Pinpoint::Campaign.CampaignEmailMessage": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Body": { + "markdownDescription": "The body of the email for recipients whose email clients don't render HTML content.", + "title": "Body", "type": "string" }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" - }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "FromAddress": { + "markdownDescription": "The verified email address to send the email from. The default address is the `FromAddress` specified for the email channel for the application.", + "title": "FromAddress", "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" - }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" - }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", + "HtmlBody": { + "markdownDescription": "The body of the email, in HTML format, for recipients whose email clients render HTML content.", + "title": "HtmlBody", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Title": { + "markdownDescription": "The subject line, or title, of the email.", + "title": "Title", + "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastConfiguration": { + "AWS::Pinpoint::Campaign.CampaignEventFilter": { "additionalProperties": false, "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" + "Dimensions": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.EventDimensions", + "markdownDescription": "The dimension settings of the event filter for the campaign.", + "title": "Dimensions" }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" + "FilterType": { + "markdownDescription": "The type of event that causes the campaign to be sent. Valid values are: `SYSTEM` , sends the campaign when a system event occurs; and, `ENDPOINT` , sends the campaign when an endpoint event (Events resource) occurs.", + "title": "FilterType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastScenario": { + "AWS::Pinpoint::Campaign.CampaignHook": { "additionalProperties": false, "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" + "LambdaFunctionName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to customize a segment for a campaign.", + "title": "LambdaFunctionName", + "type": "string" }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" + "Mode": { + "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", + "title": "Mode", + "type": "string" + }, + "WebUrl": { + "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", + "title": "WebUrl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FormatConfiguration": { + "AWS::Pinpoint::Campaign.CampaignInAppMessage": { "additionalProperties": false, "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" + "Content": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageContent" + }, + "markdownDescription": "An array that contains configurtion information about the in-app message for the campaign, including title and body text, text colors, background colors, image URLs, and button configurations.", + "title": "Content", + "type": "array" }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" + "CustomConfig": { + "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", + "title": "CustomConfig", + "type": "object" }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" + "Layout": { + "markdownDescription": "A string that describes how the in-app message will appear. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", + "title": "Layout", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions": { + "AWS::Pinpoint::Campaign.CampaignSmsMessage": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" + "Body": { + "markdownDescription": "The body of the SMS message.", + "title": "Body", + "type": "string" + }, + "EntityId": { + "markdownDescription": "The entity ID or Principal Entity (PE) id received from the regulatory body for sending SMS in your country.", + "title": "EntityId", + "type": "string" + }, + "MessageType": { + "markdownDescription": "The SMS message type. Valid values are `TRANSACTIONAL` (for messages that are critical or time-sensitive, such as a one-time passwords) and `PROMOTIONAL` (for messsages that aren't critical or time-sensitive, such as marketing messages).", + "title": "MessageType", + "type": "string" + }, + "OriginationNumber": { + "markdownDescription": "The long code to send the SMS message from. This value should be one of the dedicated long codes that's assigned to your AWS account. Although it isn't required, we recommend that you specify the long code using an E.164 format to ensure prompt and accurate delivery of the message. For example, +12065550100.", + "title": "OriginationNumber", + "type": "string" + }, + "SenderId": { + "markdownDescription": "The alphabetic Sender ID to display as the sender of the message on a recipient's device. Support for sender IDs varies by country or region. To specify a phone number as the sender, omit this parameter and use `OriginationNumber` instead. For more information about support for Sender ID by country, see the [Amazon Pinpoint User Guide](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) .", + "title": "SenderId", + "type": "string" + }, + "TemplateId": { + "markdownDescription": "The template ID received from the regulatory body for sending SMS in your country.", + "title": "TemplateId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration": { + "AWS::Pinpoint::Campaign.CustomDeliveryConfiguration": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "DeliveryUri": { + "markdownDescription": "The destination to send the campaign or treatment to. This value can be one of the following:\n\n- The name or Amazon Resource Name (ARN) of an AWS Lambda function to invoke to handle delivery of the campaign or treatment.\n- The URL for a web application or service that supports HTTPS and can receive the message. The URL has to be a full URL, including the HTTPS protocol.", + "title": "DeliveryUri", + "type": "string" }, - "Elements": { + "EndpointTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + "type": "string" }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", + "markdownDescription": "The types of endpoints to send the campaign or treatment to. Each valid value maps to a type of channel that you can associate with an endpoint by using the `ChannelType` property of an endpoint.", + "title": "EndpointTypes", "type": "array" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElement": { + "AWS::Pinpoint::Campaign.DefaultButtonConfiguration": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" - }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", - "type": "string" - }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" - }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", + "BackgroundColor": { + "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", "type": "string" }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" - }, - "RenderingRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementRenderingRule" - }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", - "type": "array" - }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" + "BorderRadius": { + "markdownDescription": "The border radius of a button.", + "title": "BorderRadius", + "type": "number" }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", "type": "string" }, - "Width": { - "markdownDescription": "The width of an element within a free-form layout.", - "title": "Width", + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", "type": "string" }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", + "Text": { + "markdownDescription": "The text that appears on a button in an in-app message.", + "title": "Text", "type": "string" }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", + "TextColor": { + "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", "type": "string" } }, - "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle": { + "AWS::Pinpoint::Campaign.EventDimensions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", - "type": "string" + "Attributes": { + "markdownDescription": "One or more custom attributes that your application reports to Amazon Pinpoint. You can use these attributes as selection criteria when you create an event filter.", + "title": "Attributes", + "type": "object" }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", - "type": "string" + "EventType": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.SetDimension", + "markdownDescription": "The name of the event that causes the campaign to be sent or the journey activity to be performed. This can be a standard event that Amazon Pinpoint generates, such as `_email.delivered` or `_custom.delivered` . For campaigns, this can also be a custom event that's specific to your application. For information about standard events, see [Streaming Amazon Pinpoint Events](https://docs.aws.amazon.com/pinpoint/latest/developerguide/event-streams.html) in the *Amazon Pinpoint Developer Guide* .", + "title": "EventType" + }, + "Metrics": { + "markdownDescription": "One or more custom metrics that your application reports to Amazon Pinpoint . You can use these metrics as selection criteria when you create an event filter.", + "title": "Metrics", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle": { + "AWS::Pinpoint::Campaign.InAppMessageBodyConfig": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", + "Alignment": { + "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", "type": "string" }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", + "Body": { + "markdownDescription": "The main body text of the message.", + "title": "Body", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", + "title": "TextColor", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions": { + "AWS::Pinpoint::Campaign.InAppMessageButton": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", - "type": "string" + "Android": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to Android.", + "title": "Android" + }, + "DefaultConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.DefaultButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in an in-app message.", + "title": "DefaultConfig" + }, + "IOS": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to iOS devices.", + "title": "IOS" + }, + "Web": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages for web applications.", + "title": "Web" } }, - "required": [ - "OptimizedViewPortWidth" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration": { + "AWS::Pinpoint::Campaign.InAppMessageContent": { "additionalProperties": false, "properties": { - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", - "type": "array" + "BackgroundColor": { + "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" + }, + "BodyConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageBodyConfig", + "markdownDescription": "Specifies the configuration of main body text in an in-app message template.", + "title": "BodyConfig" + }, + "HeaderConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageHeaderConfig", + "markdownDescription": "Specifies the configuration and content of the header or title text of the in-app message.", + "title": "HeaderConfig" + }, + "ImageUrl": { + "markdownDescription": "The URL of the image that appears on an in-app message banner.", + "title": "ImageUrl", + "type": "string" + }, + "PrimaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", + "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", + "title": "PrimaryBtn" + }, + "SecondaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", + "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", + "title": "SecondaryBtn" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells": { + "AWS::Pinpoint::Campaign.InAppMessageHeaderConfig": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" + "Alignment": { + "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "Header": { + "markdownDescription": "The header or title text of the in-app message.", + "title": "Header", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", + "title": "TextColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartConfiguration": { + "AWS::Pinpoint::Campaign.Limits": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", - "title": "CategoryLabelOptions" - }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FieldWells" + "Daily": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", + "title": "Daily", + "type": "number" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", - "title": "SortConfiguration" + "MaximumDuration": { + "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", + "title": "MaximumDuration", + "type": "number" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", - "title": "Tooltip" + "MessagesPerSecond": { + "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", + "title": "MessagesPerSecond", + "type": "number" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", - "title": "ValueLabelOptions" + "Session": { + "markdownDescription": "The maximum number of messages that the campaign can send per user session.", + "title": "Session", + "type": "number" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", - "title": "VisualPalette" + "Total": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", + "title": "Total", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions": { + "AWS::Pinpoint::Campaign.Message": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", + "Action": { + "markdownDescription": "The action to occur if a recipient taps the push notification. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of iOS and Android.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", "type": "string" }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", + "Body": { + "markdownDescription": "The body of the notification message. The maximum number of characters is 200.", + "title": "Body", "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" + "ImageIconUrl": { + "markdownDescription": "The URL of the image to display as the push notification icon, such as the icon for the app.", + "title": "ImageIconUrl", + "type": "string" }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", + "ImageSmallIconUrl": { + "markdownDescription": "The URL of the image to display as the small, push notification icon, such as a small version of the icon for the app.", + "title": "ImageSmallIconUrl", "type": "string" }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", + "ImageUrl": { + "markdownDescription": "The URL of an image to display in the push notification.", + "title": "ImageUrl", "type": "string" }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", + "JsonBody": { + "markdownDescription": "The JSON payload to use for a silent push notification.", + "title": "JsonBody", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", - "title": "Visibility", + "MediaUrl": { + "markdownDescription": "The URL of the image or video to display in the push notification.", + "title": "MediaUrl", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FunnelChartFieldWells": { - "additionalProperties": false, - "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FunnelChartSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", - "title": "CategoryItemsLimit" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "RawContent": { + "markdownDescription": "The raw, JSON-formatted string to use as the payload for the notification message. If specified, this value overrides all other content for the message.", + "title": "RawContent", + "type": "string" + }, + "SilentPush": { + "markdownDescription": "Specifies whether the notification is a silent push notification, which is a push notification that doesn't display on a recipient's device. Silent push notifications can be used for cases such as updating an app's configuration, displaying messages in an in-app message center, or supporting phone home functionality.", + "title": "SilentPush", + "type": "boolean" + }, + "TimeToLive": { + "markdownDescription": "The number of seconds that the push notification service should keep the message, if the service is unable to deliver the notification the first time. This value is converted to an expiration value when it's sent to a push notification service. If this value is `0` , the service treats the notification as if it expires immediately and the service doesn't store or try to deliver the notification again.\n\nThis value doesn't apply to messages that are sent through the Amazon Device Messaging (ADM) service.", + "title": "TimeToLive", + "type": "number" + }, + "Title": { + "markdownDescription": "The title to display above the notification message on a recipient's device.", + "title": "Title", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps the push notification and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartVisual": { + "AWS::Pinpoint::Campaign.MessageConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "ADMMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the ADM (Amazon Device Messaging) channel. If specified, this message overrides the default message.", + "title": "ADMMessage" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", - "title": "ChartConfiguration" + "APNSMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the APNs (Apple Push Notification service) channel. If specified, this message overrides the default message.", + "title": "APNSMessage" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "BaiduMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the Baidu (Baidu Cloud Push) channel. If specified, this message overrides the default message.", + "title": "BaiduMessage" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "CustomMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignCustomMessage", + "markdownDescription": "The message that the campaign sends through a custom channel, as specified by the delivery configuration ( `CustomDeliveryConfiguration` ) settings for the campaign. If specified, this message overrides the default message.", + "title": "CustomMessage" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "DefaultMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The default message that the campaign sends through all the channels that are configured for the campaign.", + "title": "DefaultMessage" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "EmailMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEmailMessage", + "markdownDescription": "The message that the campaign sends through the email channel. If specified, this message overrides the default message.\n\n> The maximum email message size is 200 KB. You can use email templates to send larger email messages.", + "title": "EmailMessage" + }, + "GCMMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the GCM channel, which enables Amazon Pinpoint to send push notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. If specified, this message overrides the default message.", + "title": "GCMMessage" + }, + "InAppMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignInAppMessage", + "markdownDescription": "The default message for the in-app messaging channel. This message overrides the default message ( `DefaultMessage` ).", + "title": "InAppMessage" + }, + "SMSMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignSmsMessage", + "markdownDescription": "The message that the campaign sends through the SMS channel. If specified, this message overrides the default message.", + "title": "SMSMessage" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting": { + "AWS::Pinpoint::Campaign.MetricDimension": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" + "ComparisonOperator": { + "type": "string" + }, + "Value": { + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting": { + "AWS::Pinpoint::Campaign.OverrideButtonConfiguration": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", + "type": "string" + }, + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption": { + "AWS::Pinpoint::Campaign.QuietTime": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" + "End": { + "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "End", + "type": "string" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" + "Start": { + "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "Start", + "type": "string" } }, + "required": [ + "End", + "Start" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConfiguration": { + "AWS::Pinpoint::Campaign.Schedule": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" + "EndTime": { + "markdownDescription": "The scheduled time, in ISO 8601 format, when the campaign ended or will end.", + "title": "EndTime", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" + "EventFilter": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEventFilter", + "markdownDescription": "The type of event that causes the campaign to be sent, if the value of the `Frequency` property is `EVENT` .", + "title": "EventFilter" }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" + "Frequency": { + "markdownDescription": "Specifies how often the campaign is sent or whether the campaign is sent in response to a specific event.", + "title": "Frequency", + "type": "string" }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" + "IsLocalTime": { + "markdownDescription": "Specifies whether the start and end times for the campaign schedule use each recipient's local time. To base the schedule on each recipient's local time, set this value to `true` .", + "title": "IsLocalTime", + "type": "boolean" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" + "QuietTime": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.QuietTime", + "markdownDescription": "The default quiet time for the campaign. Quiet time is a specific time range when a campaign doesn't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the campaign.\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the campaign.\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from the campaign, even if quiet time is enabled.", + "title": "QuietTime" + }, + "StartTime": { + "markdownDescription": "The scheduled time when the campaign began or will begin. Valid values are: `IMMEDIATE` , to start the campaign immediately; or, a specific time in ISO 8601 format.", + "title": "StartTime", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The starting UTC offset for the campaign schedule, if the value of the `IsLocalTime` property is `true` . Valid values are: `UTC, UTC+01, UTC+02, UTC+03, UTC+03:30, UTC+04, UTC+04:30, UTC+05, UTC+05:30, UTC+05:45, UTC+06, UTC+06:30, UTC+07, UTC+08, UTC+09, UTC+09:30, UTC+10, UTC+10:30, UTC+11, UTC+12, UTC+13, UTC-02, UTC-03, UTC-04, UTC-05, UTC-06, UTC-07, UTC-08, UTC-09, UTC-10,` and `UTC-11` .", + "title": "TimeZone", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartFieldWells": { + "AWS::Pinpoint::Campaign.SetDimension": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", - "type": "array" + "DimensionType": { + "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", + "title": "DimensionType", + "type": "string" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartOptions": { + "AWS::Pinpoint::Campaign.Template": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" - }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" - }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "Name": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "Name", "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "Version": { + "markdownDescription": "The unique identifier for the version of the message template to use for the message. If specified, this value must match the identifier for an existing template version. To retrieve a list of versions and version identifiers for a template, use the [Template Versions](https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html) resource.\n\nIf you don't specify a value for this property, Amazon Pinpoint uses the *active version* of the template. The *active version* is typically the version of a template that's been most recently reviewed and approved for use, depending on your workflow. It isn't necessarily the latest version of a template.", + "title": "Version", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::Pinpoint::Campaign.TemplateConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" + "EmailTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The email template to use for the message.", + "title": "EmailTemplate" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" + "PushTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The push notification template to use for the message.", + "title": "PushTemplate" + }, + "SMSTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The SMS template to use for the message.", + "title": "SMSTemplate" + }, + "VoiceTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The voice template to use for the message. This object isn't supported for campaigns.", + "title": "VoiceTemplate" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartVisual": { + "AWS::Pinpoint::Campaign.WriteTreatmentResource": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "CustomDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", + "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", + "title": "CustomDeliveryConfiguration" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", - "title": "ChartConfiguration" + "MessageConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", + "markdownDescription": "The message configuration settings for the treatment.", + "title": "MessageConfiguration" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", - "title": "ConditionalFormatting" + "Schedule": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", + "markdownDescription": "The schedule settings for the treatment.", + "title": "Schedule" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "SizePercent": { + "markdownDescription": "The allocated percentage of users (segment members) to send the treatment to.", + "title": "SizePercent", + "type": "number" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", + "markdownDescription": "The message template to use for the treatment.", + "title": "TemplateConfiguration" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "TreatmentDescription": { + "markdownDescription": "A custom description of the treatment.", + "title": "TreatmentDescription", + "type": "string" + }, + "TreatmentName": { + "markdownDescription": "A custom name for the treatment.", + "title": "TreatmentName", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialCoordinateBounds": { + "AWS::Pinpoint::EmailChannel": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", - "type": "number" + "Condition": { + "type": "string" }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", - "type": "number" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're specifying the email channel for.", + "title": "ApplicationId", + "type": "string" + }, + "ConfigurationSet": { + "markdownDescription": "The [Amazon SES configuration set](https://docs.aws.amazon.com/ses/latest/APIReference/API_ConfigurationSet.html) that you want to apply to messages that you send through the channel.", + "title": "ConfigurationSet", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the email channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "FromAddress": { + "markdownDescription": "The verified email address that you want to send email from when you send email through the channel.", + "title": "FromAddress", + "type": "string" + }, + "Identity": { + "markdownDescription": "The Amazon Resource Name (ARN) of the identity, verified with Amazon Simple Email Service (Amazon SES), that you want to use when you send email through the channel.", + "title": "Identity", + "type": "string" + }, + "OrchestrationSendingRoleArn": { + "markdownDescription": "The ARN of an IAM role for Amazon Pinpoint to use to send email from your campaigns or journeys through Amazon SES .", + "title": "OrchestrationSendingRoleArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that you want Amazon Pinpoint to use when it submits email-related event data for the channel.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "FromAddress", + "Identity" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EmailChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "East", - "North", - "South", - "West" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale": { + "AWS::Pinpoint::EmailTemplate": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "HtmlPart": { + "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", + "title": "HtmlPart", + "type": "string" + }, + "Subject": { + "markdownDescription": "The subject line, or title, to use in email messages that are based on the message template.", + "title": "Subject", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template.", + "title": "TemplateName", + "type": "string" + }, + "TextPart": { + "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", + "title": "TextPart", + "type": "string" + } }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration": { - "additionalProperties": false, - "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", + "required": [ + "Subject", + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EmailTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Color" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells": { + "AWS::Pinpoint::EventStream": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", - "type": "array" + "Condition": { + "type": "string" }, - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you want to export data from.", + "title": "ApplicationId", + "type": "string" + }, + "DestinationStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Stream or Amazon Data Firehose delivery stream that you want to publish event data to.\n\nFor a Kinesis Data Stream, the ARN format is: `arn:aws:kinesis: region : account-id :stream/ stream_name`\n\nFor a Firehose delivery stream, the ARN format is: `arn:aws:firehose: region : account-id :deliverystream/ stream_name`", + "title": "DestinationStreamArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The AWS Identity and Access Management (IAM) role that authorizes Amazon Pinpoint to publish event data to the stream in your AWS account.", + "title": "RoleArn", + "type": "string" + } }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", - "title": "Values", - "type": "array" + "required": [ + "ApplicationId", + "DestinationStreamArn", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EventStream" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapConfiguration": { + "AWS::Pinpoint::GCMChannel": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "ApiKey": { + "markdownDescription": "The Web API key, also called the *server key* , that you received from Google to communicate with Google services.", + "title": "ApiKey", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the GCM channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method used for GCM. Values are either \"TOKEN\" or \"KEY\". Defaults to \"KEY\".", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the GCM channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "ServiceJson": { + "markdownDescription": "The contents of the JSON file provided by Google during registration in order to generate an access token for authentication. For more information see [Migrate from legacy FCM APIs to HTTP v1](https://docs.aws.amazon.com/https://firebase.google.com/docs/cloud-messaging/migrate-v1) .", + "title": "ServiceJson", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "", - "title": "VisualPalette" + "Type": { + "enum": [ + "AWS::Pinpoint::GCMChannel" + ], + "type": "string" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialMapFieldWells": { - "additionalProperties": false, - "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialMapStyleOptions": { - "additionalProperties": false, - "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapVisual": { + "AWS::Pinpoint::InAppTemplate": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.InAppMessageContent" + }, + "markdownDescription": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors.", + "title": "Content", + "type": "array" + }, + "CustomConfig": { + "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", + "title": "CustomConfig", + "type": "object" + }, + "Layout": { + "markdownDescription": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", + "title": "Layout", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "An optional description of the in-app template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the in-app message template.", + "title": "TemplateName", + "type": "string" + } + }, + "required": [ + "TemplateName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::Pinpoint::InAppTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialPointStyleOptions": { + "AWS::Pinpoint::InAppTemplate.BodyConfig": { "additionalProperties": false, "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" + "Alignment": { + "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" + "Body": { + "markdownDescription": "The main body text of the message.", + "title": "Body", + "type": "string" }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialWindowOptions": { + "AWS::Pinpoint::InAppTemplate.ButtonConfig": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" + "Android": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration.", + "title": "Android" }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", - "type": "string" + "DefaultConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration", + "markdownDescription": "Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users.", + "title": "DefaultConfig" + }, + "IOS": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration.", + "title": "IOS" + }, + "Web": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration.", + "title": "Web" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GlobalTableBorderOptions": { + "AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration": { "additionalProperties": false, "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" + "BackgroundColor": { + "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" + "BorderRadius": { + "markdownDescription": "The border radius of a button.", + "title": "BorderRadius", + "type": "number" + }, + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", + "type": "string" + }, + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" + }, + "Text": { + "markdownDescription": "The text that appears on a button in an in-app message.", + "title": "Text", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GradientColor": { + "AWS::Pinpoint::InAppTemplate.HeaderConfig": { "additionalProperties": false, "properties": { - "Stops": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientStop" - }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", - "type": "array" + "Alignment": { + "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" + }, + "Header": { + "markdownDescription": "The title text of the in-app message.", + "title": "Header", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the title text, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GradientStop": { + "AWS::Pinpoint::InAppTemplate.InAppMessageContent": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "BackgroundColor": { + "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", "type": "string" }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", - "type": "number" + "BodyConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.BodyConfig", + "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", + "title": "BodyConfig" }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", - "type": "number" + "HeaderConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.HeaderConfig", + "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", + "title": "HeaderConfig" + }, + "ImageUrl": { + "markdownDescription": "The URL of the image that appears on an in-app message banner.", + "title": "ImageUrl", + "type": "string" + }, + "PrimaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", + "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", + "title": "PrimaryBtn" + }, + "SecondaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", + "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", + "title": "SecondaryBtn" } }, - "required": [ - "GradientOffset" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions": { + "AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", + "type": "string" + }, + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutConfiguration": { + "AWS::Pinpoint::PushTemplate": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "Condition": { + "type": "string" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutElement" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ADM": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the ADM (Amazon Device Messaging) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "ADM" + }, + "APNS": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate", + "markdownDescription": "The message template to use for the APNs (Apple Push Notification service) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "APNS" + }, + "Baidu": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the Baidu (Baidu Cloud Push) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "Baidu" + }, + "Default": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate", + "markdownDescription": "The default message template to use for push notification channels.", + "title": "Default" + }, + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "GCM": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the GCM channel, which is used to send notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "GCM" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "TemplateName", + "type": "string" + } }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", - "type": "array" + "required": [ + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::PushTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Elements" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutElement": { + "AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate": { "additionalProperties": false, "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", - "type": "number" + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", + "type": "string" }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" + "Body": { + "markdownDescription": "The message body to use in push notifications that are based on the message template.", + "title": "Body", + "type": "string" }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", + "MediaUrl": { + "markdownDescription": "The URL of an image or video to display in push notifications that are based on the message template.", + "title": "MediaUrl", "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "Sound": { + "markdownDescription": "The key for the sound to play when the recipient receives a push notification that's based on the message template. The value for this key is the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", + "title": "Sound", "type": "string" }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" + "Title": { + "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", + "type": "string" }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", - "type": "number" + "Url": { + "markdownDescription": "The URL to open in the recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" } }, - "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions": { + "AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This action uses the deep-linking features of the Android platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", "type": "string" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", + "Body": { + "markdownDescription": "The message body to use in a push notification that's based on the message template.", + "title": "Body", "type": "string" - } - }, - "required": [ - "ResizeOption" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.GrowthRateComputation": { - "additionalProperties": false, - "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + }, + "ImageIconUrl": { + "markdownDescription": "The URL of the large icon image to display in the content view of a push notification that's based on the message template.", + "title": "ImageIconUrl", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "ImageUrl": { + "markdownDescription": "The URL of an image to display in a push notification that's based on the message template.", + "title": "ImageUrl", "type": "string" }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" + "SmallImageIconUrl": { + "markdownDescription": "The URL of the small icon image to display in the status bar and the content view of a push notification that's based on the message template.", + "title": "SmallImageIconUrl", + "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Sound": { + "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .", + "title": "Sound", + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Title": { + "markdownDescription": "The title to use in a push notification that's based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration": { + "AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" - }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS and Android platforms.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" - } - }, - "required": [ - "Layout", - "SectionId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", - "type": "array" + "Body": { + "markdownDescription": "The message body to use in push notifications that are based on the message template.", + "title": "Body", + "type": "string" }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", - "type": "array" + "Sound": { + "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .\n\nFor an iOS platform, this value is the key for the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", + "title": "Sound", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The values field well of a heat map.", - "title": "Values", - "type": "array" + "Title": { + "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapConfiguration": { + "AWS::Pinpoint::SMSChannel": { "additionalProperties": false, "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" - }, - "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" + "Condition": { + "type": "string" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Metadata": { + "type": "object" }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the SMS channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the SMS channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "SenderId": { + "markdownDescription": "The identity that you want to display on recipients' devices when they receive messages from the SMS channel.\n\n> SenderIDs are only supported in certain countries and regions. For more information, see [Supported Countries and Regions](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) in the *Amazon Pinpoint User Guide* .", + "title": "SenderId", + "type": "string" + }, + "ShortCode": { + "markdownDescription": "The registered short code that you want to use when you send messages through the SMS channel.\n\n> For information about obtaining a dedicated short code for sending SMS messages, see [Requesting Dedicated Short Codes for SMS Messaging with Amazon Pinpoint](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-awssupport-short-code.html) in the *Amazon Pinpoint User Guide* .", + "title": "ShortCode", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", - "title": "SortConfiguration" + "Type": { + "enum": [ + "AWS::Pinpoint::SMSChannel" + ], + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.HeatMapFieldWells": { - "additionalProperties": false, - "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapSortConfiguration": { + "AWS::Pinpoint::Segment": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" - }, - "HeatMapColumnSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", - "type": "array" + "Condition": { + "type": "string" }, - "HeatMapRowItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "HeatMapRowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.HeatMapVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", - "title": "ChartConfiguration" + "Metadata": { + "type": "object" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the segment is associated with.", + "title": "ApplicationId", + "type": "string" + }, + "Dimensions": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions", + "markdownDescription": "An array that defines the dimensions for the segment.", + "title": "Dimensions" + }, + "Name": { + "markdownDescription": "The name of the segment.\n\n> A segment must have a name otherwise it will not appear in the Amazon Pinpoint console.", + "title": "Name", + "type": "string" + }, + "SegmentGroups": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentGroups", + "markdownDescription": "The segment group to use and the dimensions to apply to the group's base segments in order to build the segment. A segment group can consist of zero or more base segments. Your request can include only one segment group.", + "title": "SegmentGroups" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "required": [ + "ApplicationId", + "Name" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::Pinpoint::Segment" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells": { + "AWS::Pinpoint::Segment.AttributeDimension": { "additionalProperties": false, "properties": { + "AttributeType": { + "type": "string" + }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", - "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramBinOptions": { + "AWS::Pinpoint::Segment.Behavior": { "additionalProperties": false, "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" - }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" - }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", - "type": "string" + "Recency": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Recency", + "markdownDescription": "Specifies how recently segment members were active.", + "title": "Recency" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Segment.Coordinates": { + "additionalProperties": false, + "properties": { + "Latitude": { + "markdownDescription": "The latitude coordinate of the location.", + "title": "Latitude", + "type": "number" }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", + "Longitude": { + "markdownDescription": "The longitude coordinate of the location.", + "title": "Longitude", "type": "number" } }, + "required": [ + "Latitude", + "Longitude" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramConfiguration": { + "AWS::Pinpoint::Segment.Demographic": { "additionalProperties": false, "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "FieldWells" + "AppVersion": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The app version criteria for the segment.", + "title": "AppVersion" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", - "title": "Tooltip" + "Channel": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The channel criteria for the segment.", + "title": "Channel" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", - "title": "VisualPalette" + "DeviceType": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device type criteria for the segment.", + "title": "DeviceType" }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" + "Make": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device make criteria for the segment.", + "title": "Make" }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "Model": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device model criteria for the segment.", + "title": "Model" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "YAxisDisplayOptions" + "Platform": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device platform criteria for the segment.", + "title": "Platform" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramFieldWells": { + "AWS::Pinpoint::Segment.GPSPoint": { "additionalProperties": false, "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" + "Coordinates": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Coordinates", + "markdownDescription": "The GPS coordinates to measure distance from.", + "title": "Coordinates" + }, + "RangeInKilometers": { + "markdownDescription": "The range, in kilometers, from the GPS coordinates.", + "title": "RangeInKilometers", + "type": "number" } }, + "required": [ + "Coordinates", + "RangeInKilometers" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramVisual": { + "AWS::Pinpoint::Segment.Groups": { "additionalProperties": false, "properties": { - "Actions": { + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "An array that defines the dimensions to include or exclude from the segment.", + "title": "Dimensions", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", - "title": "ChartConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "SourceSegments": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SourceSegments" + }, + "markdownDescription": "The base segment to build the segment on. A base segment, also called a *source segment* , defines the initial population of endpoints for a segment. When you add dimensions to the segment, Amazon Pinpoint filters the base segment by using the dimensions that you specify.\n\nYou can specify more than one dimensional segment or only one imported segment. If you specify an imported segment, the segment size estimate that displays on the Amazon Pinpoint console indicates the size of the imported segment without any filters applied to it.", + "title": "SourceSegments", + "type": "array" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "SourceType": { + "markdownDescription": "Specifies how to handle multiple base segments for the segment. For example, if you specify three base segments for the segment, whether the resulting segment is based on all, any, or none of the base segments.", + "title": "SourceType", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "markdownDescription": "Specifies how to handle multiple dimensions for the segment. For example, if you specify three dimensions for the segment, whether the resulting segment includes endpoints that match all, any, or none of the dimensions.", + "title": "Type", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.InsightConfiguration": { + "AWS::Pinpoint::Segment.Location": { "additionalProperties": false, "properties": { - "Computations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Computation" - }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", - "type": "array" + "Country": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The country or region code, in ISO 3166-1 alpha-2 format, for the segment.", + "title": "Country" }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" + "GPSPoint": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.GPSPoint", + "markdownDescription": "The GPS point dimension for the segment.", + "title": "GPSPoint" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.InsightVisual": { + "AWS::Pinpoint::Segment.Recency": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", + "Duration": { + "markdownDescription": "The duration to use when determining which users have been active or inactive with your app.\n\nPossible values: `HR_24` | `DAY_7` | `DAY_14` | `DAY_30` .", + "title": "Duration", "type": "string" }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "RecencyType": { + "markdownDescription": "The type of recency dimension to use for the segment. Valid values are: `ACTIVE` and `INACTIVE` . If the value is `ACTIVE` , the segment includes users who have used your app within the specified duration are included in the segment. If the value is `INACTIVE` , the segment includes users who haven't used your app within the specified duration are included in the segment.", + "title": "RecencyType", "type": "string" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Duration", + "RecencyType" ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerDefaultValues": { + "AWS::Pinpoint::Segment.SegmentDimensions": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Attributes": { + "markdownDescription": "One or more custom attributes to use as criteria for the segment. For more information see [AttributeDimension](https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#apps-application-id-segments-model-attributedimension)", + "title": "Attributes", + "type": "object" }, - "StaticValues": { + "Behavior": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Behavior", + "markdownDescription": "The behavior-based criteria, such as how recently users have used your app, for the segment.", + "title": "Behavior" + }, + "Demographic": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Demographic", + "markdownDescription": "The demographic-based criteria, such as device platform, for the segment.", + "title": "Demographic" + }, + "Location": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Location", + "markdownDescription": "The location-based criteria, such as region or GPS coordinates, for the segment.", + "title": "Location" + }, + "Metrics": { + "markdownDescription": "One or more custom metrics to use as criteria for the segment.", + "title": "Metrics", + "type": "object" + }, + "UserAttributes": { + "markdownDescription": "One or more custom user attributes to use as criteria for the segment.", + "title": "UserAttributes", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Pinpoint::Segment.SegmentGroups": { + "additionalProperties": false, + "properties": { + "Groups": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::Pinpoint::Segment.Groups" }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "Specifies the set of segment criteria to evaluate when handling segment groups for the segment.", + "title": "Groups", "type": "array" + }, + "Include": { + "markdownDescription": "Specifies how to handle multiple segment groups for the segment. For example, if the segment includes three segment groups, whether the resulting segment includes endpoints that match all, any, or none of the segment groups.", + "title": "Include", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerParameter": { + "AWS::Pinpoint::Segment.SetDimension": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the integer parameter.", - "title": "Name", + "DimensionType": { + "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", + "title": "DimensionType", "type": "string" }, "Values": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "The values for the integer parameter.", + "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", "title": "Values", "type": "array" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerParameterDeclaration": { + "AWS::Pinpoint::Segment.SourceSegments": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" - }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "Id": { + "markdownDescription": "The unique identifier for the source segment.", + "title": "Id", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" + "Version": { + "markdownDescription": "The version number of the source segment.", + "title": "Version", + "type": "number" } }, "required": [ - "Name", - "ParameterValueType" + "Id" ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration": { + "AWS::Pinpoint::SmsTemplate": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" + "Condition": { + "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Body": { + "markdownDescription": "The message body to use in text messages that are based on the message template.", + "title": "Body", + "type": "string" + }, + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "TemplateName", + "type": "string" + } + }, + "required": [ + "Body", + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::SmsTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ItemsLimitConfiguration": { + "AWS::Pinpoint::VoiceChannel": { "additionalProperties": false, "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", - "type": "number" + "Condition": { + "type": "string" }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the voice channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the voice channel for the application.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::VoiceChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting": { + "AWS::PinpointEmail::ConfigurationSet": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" + "Condition": { + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeliveryOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.DeliveryOptions", + "markdownDescription": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.", + "title": "DeliveryOptions" + }, + "Name": { + "markdownDescription": "The name of the configuration set.", + "title": "Name", + "type": "string" + }, + "ReputationOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.ReputationOptions", + "markdownDescription": "An object that defines whether or not Amazon Pinpoint collects reputation metrics for the emails that you send that use the configuration set.", + "title": "ReputationOptions" + }, + "SendingOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.SendingOptions", + "markdownDescription": "An object that defines whether or not Amazon Pinpoint can send email that you send using the configuration set.", + "title": "SendingOptions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the configuration set.", + "title": "Tags", + "type": "array" + }, + "TrackingOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.TrackingOptions", + "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", + "title": "TrackingOptions" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PinpointEmail::ConfigurationSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting": { + "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" + "SendingPoolName": { + "markdownDescription": "The name of the dedicated IP pool that you want to associate with the configuration set.", + "title": "SendingPoolName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIConditionalFormatting": { + "AWS::PinpointEmail::ConfigurationSet.ReputationOptions": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormattingOption" - }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", - "type": "array" + "ReputationMetricsEnabled": { + "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", + "title": "ReputationMetricsEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIConditionalFormattingOption": { + "AWS::PinpointEmail::ConfigurationSet.SendingOptions": { "additionalProperties": false, "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" - }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" - }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" - }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" + "SendingEnabled": { + "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", + "title": "SendingEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIConfiguration": { + "AWS::PinpointEmail::ConfigurationSet.Tags": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" - }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the configuration set, then this value is required.", + "title": "Key", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIFieldWells": { + "AWS::PinpointEmail::ConfigurationSet.TrackingOptions": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", - "type": "array" - }, - "TrendGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a KPI visual.", - "title": "Values", - "type": "array" + "CustomRedirectDomain": { + "markdownDescription": "The domain that you want to use for tracking open and click events.", + "title": "CustomRedirectDomain", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIOptions": { + "AWS::PinpointEmail::ConfigurationSetEventDestination": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "Condition": { "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" - }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" - }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" + "Metadata": { + "type": "object" }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationSetName": { + "markdownDescription": "The name of the configuration set that contains the event destination that you want to modify.", + "title": "ConfigurationSetName", + "type": "string" + }, + "EventDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination", + "markdownDescription": "An object that defines the event destination.", + "title": "EventDestination" + }, + "EventDestinationName": { + "markdownDescription": "The name of the event destination that you want to modify.", + "title": "EventDestinationName", + "type": "string" + } + }, + "required": [ + "ConfigurationSetName", + "EventDestinationName" + ], + "type": "object" }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting": { - "additionalProperties": false, - "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" + "Type": { + "enum": [ + "AWS::PinpointEmail::ConfigurationSetEventDestination" + ], + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPISortConfiguration": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination": { "additionalProperties": false, "properties": { - "TrendGroupSort": { + "DimensionConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration" }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", + "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", + "title": "DimensionConfigurations", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPISparklineOptions": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", - "type": "string" - }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", + "DefaultDimensionValue": { + "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DefaultDimensionValue", "type": "string" }, - "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", + "DimensionName": { + "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DimensionName", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the sparkline.", - "title": "Visibility", + "DimensionValueSource": { + "markdownDescription": "The location where Amazon Pinpoint finds the value of a dimension to publish to Amazon CloudWatch. Acceptable values: `MESSAGE_TAG` , `EMAIL_HEADER` , and `LINK_TAG` .\n\nIf you want Amazon Pinpoint to use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` API, choose `MESSAGE_TAG` . If you want Amazon Pinpoint to use your own email headers, choose `EMAIL_HEADER` . If you want Amazon Pinpoint to use tags that are specified in your links, choose `LINK_TAG` .", + "title": "DimensionValueSource", "type": "string" } }, "required": [ - "Type" + "DefaultDimensionValue", + "DimensionName", + "DimensionValueSource" ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisual": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "CloudWatchDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination", + "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", + "title": "CloudWatchDestination" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", - "title": "ChartConfiguration" + "Enabled": { + "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", + "title": "Enabled", + "type": "boolean" }, - "ColumnHierarchies": { + "KinesisFirehoseDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination", + "markdownDescription": "An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift.", + "title": "KinesisFirehoseDestination" + }, + "MatchingEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The types of events that Amazon Pinpoint sends to the specified event destinations. Acceptable values: `SEND` , `REJECT` , `BOUNCE` , `COMPLAINT` , `DELIVERY` , `OPEN` , `CLICK` , and `RENDERING_FAILURE` .", + "title": "MatchingEventTypes", "type": "array" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "PinpointDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination", + "markdownDescription": "An object that defines a Amazon Pinpoint destination for email events. You can use Amazon Pinpoint events to create attributes in Amazon Pinpoint projects. You can use these attributes to create segments for your campaigns.", + "title": "PinpointDestination" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "SnsDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination", + "markdownDescription": "An object that defines an Amazon SNS destination for email events. You can use Amazon SNS to send notification when certain email events occur.", + "title": "SnsDestination" } }, "required": [ - "VisualId" + "MatchingEventTypes" ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisualLayoutOptions": { - "additionalProperties": false, - "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.KPIVisualStandardLayout": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The standard layout type.", - "title": "Type", + "DeliveryStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Firehose stream that Amazon Pinpoint sends email events to.", + "title": "DeliveryStreamArn", + "type": "string" + }, + "IamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that Amazon Pinpoint uses when sending email events to the Amazon Kinesis Data Firehose stream.", + "title": "IamRoleArn", "type": "string" } }, "required": [ - "Type" + "DeliveryStreamArn", + "IamRoleArn" ], "type": "object" }, - "AWS::QuickSight::Dashboard.LabelOptions": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The text for the label.", - "title": "CustomLabel", - "type": "string" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the label.", - "title": "FontConfiguration" - }, - "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", - "title": "Visibility", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Pinpoint project that you want to send email events to.", + "title": "ApplicationArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.Layout": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic that you want to publish email events to. For more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" } }, "required": [ - "Configuration" + "TopicArn" ], "type": "object" }, - "AWS::QuickSight::Dashboard.LayoutConfiguration": { - "additionalProperties": false, - "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" - }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" - }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.LegendOptions": { + "AWS::PinpointEmail::DedicatedIpPool": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", + "Condition": { "type": "string" }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The custom title for the legend.", - "title": "Title" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PoolName": { + "markdownDescription": "The name of the dedicated IP pool.", + "title": "PoolName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::DedicatedIpPool.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the dedicated IP pool.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PinpointEmail::DedicatedIpPool" + ], "type": "string" }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells": { + "AWS::PinpointEmail::DedicatedIpPool.Tags": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", - "type": "array" - }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", - "type": "array" + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the dedicated IP pool, then this value is required.", + "title": "Key", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartConfiguration": { + "AWS::PinpointEmail::Identity": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" - }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", - "title": "DataLabels" - }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "FieldWells" - }, - "ForecastConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastConfiguration" - }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", - "type": "array" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "Condition": { + "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" - }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "Series": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SeriesItem" + "Properties": { + "additionalProperties": false, + "properties": { + "DkimSigningEnabled": { + "markdownDescription": "For domain identities, this attribute is used to enable or disable DomainKeys Identified Mail (DKIM) signing for the domain.\n\nIf the value is `true` , then the messages that you send from the domain are signed using both the DKIM keys for your domain, as well as the keys for the `amazonses.com` domain. If the value is `false` , then the messages that you send are only signed using the DKIM keys for the `amazonses.com` domain.", + "title": "DkimSigningEnabled", + "type": "boolean" + }, + "FeedbackForwardingEnabled": { + "markdownDescription": "Used to enable or disable feedback forwarding for an identity. This setting determines what happens when an identity is used to send an email that results in a bounce or complaint event.\n\nWhen you enable feedback forwarding, Amazon Pinpoint sends you email notifications when bounce or complaint events occur. Amazon Pinpoint sends this notification to the address that you specified in the Return-Path header of the original email.\n\nWhen you disable feedback forwarding, Amazon Pinpoint sends notifications through other mechanisms, such as by notifying an Amazon SNS topic. You're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications, Amazon Pinpoint sends an email notification when these events occur (even if this setting is disabled).", + "title": "FeedbackForwardingEnabled", + "type": "boolean" + }, + "MailFromAttributes": { + "$ref": "#/definitions/AWS::PinpointEmail::Identity.MailFromAttributes", + "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", + "title": "MailFromAttributes" + }, + "Name": { + "markdownDescription": "The address or domain of the identity, such as *sender@example.com* or *example.co.uk* .", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::Identity.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the email identity.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", - "title": "Tooltip" + "required": [ + "Name" + ], + "type": "object" }, "Type": { - "markdownDescription": "Determines the type of the line chart.", - "title": "Type", + "enum": [ + "AWS::PinpointEmail::Identity" + ], "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings": { + "AWS::PinpointEmail::Identity.MailFromAttributes": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", + "BehaviorOnMxFailure": { + "markdownDescription": "The action that Amazon Pinpoint to takes if it can't read the required MX record for a custom MAIL FROM domain. When you set this value to `UseDefaultValue` , Amazon Pinpoint uses *amazonses.com* as the MAIL FROM domain. When you set this value to `RejectMessage` , Amazon Pinpoint returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.", + "title": "BehaviorOnMxFailure", "type": "string" }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.LineChartFieldWells": { - "additionalProperties": false, - "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" + "MailFromDomain": { + "markdownDescription": "The name of a domain that an email identity uses as a custom MAIL FROM domain.", + "title": "MailFromDomain", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartLineStyleSettings": { + "AWS::PinpointEmail::Identity.Tags": { "additionalProperties": false, "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", - "type": "string" - }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", - "type": "string" - }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the identity, then this value is required.", + "title": "Key", "type": "string" }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings": { + "AWS::Pipes::Pipe": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", + "Condition": { "type": "string" }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the pipe.", + "title": "Description", + "type": "string" + }, + "DesiredState": { + "markdownDescription": "The state the pipe should be in.", + "title": "DesiredState", + "type": "string" + }, + "Enrichment": { + "markdownDescription": "The ARN of the enrichment resource.", + "title": "Enrichment", + "type": "string" + }, + "EnrichmentParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentParameters", + "markdownDescription": "The parameters required to set up enrichment on your pipe.", + "title": "EnrichmentParameters" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt pipe data. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nTo update a pipe that is using the default AWS owned key to use a customer managed key instead, or update a pipe that is using a customer managed key to use a different customer managed key, specify a customer managed key identifier.\n\nTo update a pipe that is using a customer managed key to use the default AWS owned key , specify an empty string.\n\nFor more information, see [Managing keys](https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeLogConfiguration", + "markdownDescription": "The logging configuration settings for the pipe.", + "title": "LogConfiguration" + }, + "Name": { + "markdownDescription": "The name of the pipe.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that allows the pipe to send data to the target.", + "title": "RoleArn", + "type": "string" + }, + "Source": { + "markdownDescription": "The ARN of the source resource.", + "title": "Source", + "type": "string" + }, + "SourceParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceParameters", + "markdownDescription": "The parameters required to set up a source for your pipe.", + "title": "SourceParameters" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The list of key-value pairs to associate with the pipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Target": { + "markdownDescription": "The ARN of the target resource.", + "title": "Target", + "type": "string" + }, + "TargetParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetParameters", + "markdownDescription": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* .", + "title": "TargetParameters" + } + }, + "required": [ + "RoleArn", + "Source", + "Target" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pipes::Pipe" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.LineChartSeriesSettings": { - "additionalProperties": false, - "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartSortConfiguration": { + "AWS::Pipes::Pipe.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", + "type": "string" }, - "CategorySort": { + "SecurityGroups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", "type": "array" }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" - }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" - }, - "SmallMultiplesSort": { + "Subnets": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", "type": "array" } }, + "required": [ + "Subnets" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartVisual": { + "AWS::Pipes::Pipe.BatchArrayProperties": { "additionalProperties": false, "properties": { - "Actions": { + "Size": { + "markdownDescription": "The size of the array, if this is an array batch job.", + "title": "Size", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.BatchContainerOverrides": { + "additionalProperties": false, + "properties": { + "Command": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition.", + "title": "Command", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "Environment": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchEnvironmentVariable" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition.\n\n> Environment variables cannot start with \" `AWS Batch` \". This naming convention is reserved for variables that AWS Batch sets.", + "title": "Environment", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "InstanceType": { + "markdownDescription": "The instance type to use for a multi-node parallel job.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", + "title": "InstanceType", "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions": { - "additionalProperties": false, - "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" }, - "MissingDataConfigurations": { + "ResourceRequirements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MissingDataConfiguration" + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchResourceRequirement" }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", + "markdownDescription": "The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "ResourceRequirements", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LinkSharingConfiguration": { + "AWS::Pipes::Pipe.BatchEnvironmentVariable": { "additionalProperties": false, "properties": { - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" - }, - "markdownDescription": "A structure that contains the permissions of a shareable link.", - "title": "Permissions", - "type": "array" + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ListControlDisplayOptions": { + "AWS::Pipes::Pipe.BatchJobDependency": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" - }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" + "JobId": { + "markdownDescription": "The job ID of the AWS Batch job that's associated with this dependency.", + "title": "JobId", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Type": { + "markdownDescription": "The type of the job dependency.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ListControlSearchOptions": { + "AWS::Pipes::Pipe.BatchResourceRequirement": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", - "title": "Visibility", + "Type": { + "markdownDescription": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n> GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, 4, or 8\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880", + "title": "Value", "type": "string" } }, + "required": [ + "Type", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ListControlSelectAllOptions": { + "AWS::Pipes::Pipe.BatchRetryStrategy": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", - "title": "Visibility", - "type": "string" + "Attempts": { + "markdownDescription": "The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value.", + "title": "Attempts", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LoadingAnimation": { + "AWS::Pipes::Pipe.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", - "title": "Visibility", + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" + }, + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", + "type": "number" } }, + "required": [ + "CapacityProvider" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LocalNavigationConfiguration": { + "AWS::Pipes::Pipe.CloudwatchLogsLogDestination": { "additionalProperties": false, "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", + "LogGroupArn": { + "markdownDescription": "The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records.", + "title": "LogGroupArn", "type": "string" } }, - "required": [ - "TargetSheetId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.LongFormatText": { + "AWS::Pipes::Pipe.DeadLetterConfig": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", - "type": "string" - }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "Arn": { + "markdownDescription": "The ARN of the specified target for the dead-letter queue.\n\nFor Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN.", + "title": "Arn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MappedDataSetParameter": { + "AWS::Pipes::Pipe.DimensionMapping": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", + "DimensionName": { + "markdownDescription": "The metadata attributes of the time series. For example, the name and Availability Zone of an Amazon EC2 instance or the name of the manufacturer of a wind turbine are dimensions.", + "title": "DimensionName", "type": "string" }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", + "DimensionValue": { + "markdownDescription": "Dynamic path to the dimension value in the source event.", + "title": "DimensionValue", + "type": "string" + }, + "DimensionValueType": { + "markdownDescription": "The data type of the dimension for the time-series data.", + "title": "DimensionValueType", "type": "string" } }, "required": [ - "DataSetIdentifier", - "DataSetParameterName" + "DimensionName", + "DimensionValue", + "DimensionValueType" ], "type": "object" }, - "AWS::QuickSight::Dashboard.MaximumLabelType": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility of the maximum label.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.MaximumMinimumComputation": { + "AWS::Pipes::Pipe.EcsContainerOverride": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.", + "title": "Command", + "type": "array" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "Cpu": { + "markdownDescription": "The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name.", + "title": "Cpu", + "type": "number" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentVariable" + }, + "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name.", + "title": "Environment", + "type": "array" }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", - "type": "string" + "EnvironmentFiles": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentFile" + }, + "markdownDescription": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition.", + "title": "EnvironmentFiles", + "type": "array" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" - } - }, - "required": [ - "ComputationId", - "Type" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.MeasureField": { - "additionalProperties": false, - "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" + "Memory": { + "markdownDescription": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.", + "title": "Memory", + "type": "number" }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" + "MemoryReservation": { + "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name.", + "title": "MemoryReservation", + "type": "number" }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" + "Name": { + "markdownDescription": "The name of the container that receives the override. This parameter is required if any override is specified.", + "title": "Name", + "type": "string" }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsResourceRequirement" + }, + "markdownDescription": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU.", + "title": "ResourceRequirements", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MetricComparisonComputation": { + "AWS::Pipes::Pipe.EcsEnvironmentFile": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Type": { + "markdownDescription": "The file type to use. The only supported value is `s3` .", + "title": "Type", "type": "string" }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", + "title": "Value", "type": "string" - }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" } }, "required": [ - "ComputationId" + "Type", + "Value" ], "type": "object" }, - "AWS::QuickSight::Dashboard.MinimumLabelType": { + "AWS::Pipes::Pipe.EcsEnvironmentVariable": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the minimum label.", - "title": "Visibility", + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MissingDataConfiguration": { + "AWS::Pipes::Pipe.EcsEphemeralStorage": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", - "type": "string" + "SizeInGiB": { + "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", + "title": "SizeInGiB", + "type": "number" } }, + "required": [ + "SizeInGiB" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.NegativeValueConfiguration": { + "AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride": { "additionalProperties": false, "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", + "DeviceName": { + "markdownDescription": "The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition.", + "title": "DeviceName", + "type": "string" + }, + "DeviceType": { + "markdownDescription": "The Elastic Inference accelerator type to use.", + "title": "DeviceType", "type": "string" } }, - "required": [ - "DisplayMode" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NullValueFormatConfiguration": { + "AWS::Pipes::Pipe.EcsResourceRequirement": { "additionalProperties": false, "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", + "Type": { + "markdownDescription": "The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the specified resource type.\n\nIf the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nIf the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition.", + "title": "Value", "type": "string" } }, "required": [ - "NullString" + "Type", + "Value" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration": { + "AWS::Pipes::Pipe.EcsTaskOverride": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" + "ContainerOverrides": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsContainerOverride" + }, + "markdownDescription": "One or more container overrides that are sent to a task.", + "title": "ContainerOverrides", + "type": "array" }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" + "Cpu": { + "markdownDescription": "The cpu override for the task.", + "title": "Cpu", + "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEphemeralStorage", + "markdownDescription": "The ephemeral storage setting override for the task.\n\n> This parameter is only supported for tasks hosted on Fargate that use the following platform versions:\n> \n> - Linux platform version `1.4.0` or later.\n> - Windows platform version `1.0.0` or later.", + "title": "EphemeralStorage" }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ExecutionRoleArn", "type": "string" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", - "type": "string" + "InferenceAcceleratorOverrides": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride" + }, + "markdownDescription": "The Elastic Inference accelerator override for the task.", + "title": "InferenceAcceleratorOverrides", + "type": "array" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "Memory": { + "markdownDescription": "The memory override for the task.", + "title": "Memory", + "type": "string" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", + "TaskRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "TaskRoleArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumberFormatConfiguration": { + "AWS::Pipes::Pipe.Filter": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" + "Pattern": { + "markdownDescription": "The event pattern.", + "title": "Pattern", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericAxisOptions": { + "AWS::Pipes::Pipe.FilterCriteria": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" - }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "Filters": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.Filter" + }, + "markdownDescription": "The event patterns.", + "title": "Filters", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter": { + "AWS::Pipes::Pipe.FirehoseLogDestination": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", - "title": "Value", - "type": "number" + "DeliveryStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records.", + "title": "DeliveryStreamArn", + "type": "string" } }, - "required": [ - "Column", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericEqualityFilter": { + "AWS::Pipes::Pipe.MQBrokerAccessCredentials": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "BasicAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "BasicAuth", "type": "string" - }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" } }, "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" + "BasicAuth" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericFormatConfiguration": { + "AWS::Pipes::Pipe.MSKAccessCredentials": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" - }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" + "ClientCertificateTlsAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "ClientCertificateTlsAuth", + "type": "string" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" + "SaslScram512Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram512Auth", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericRangeFilter": { + "AWS::Pipes::Pipe.MultiMeasureAttributeMapping": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "MeasureValue": { + "markdownDescription": "Dynamic path to the measurement attribute in the source event.", + "title": "MeasureValue", "type": "string" }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "MeasureValueType": { + "markdownDescription": "Data type of the measurement attribute in the source event.", + "title": "MeasureValueType", "type": "string" }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" - }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "MultiMeasureAttributeName": { + "markdownDescription": "Target measure name to be used.", + "title": "MultiMeasureAttributeName", "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "MeasureValue", + "MeasureValueType", + "MultiMeasureAttributeName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericRangeFilterValue": { + "AWS::Pipes::Pipe.MultiMeasureMapping": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", - "type": "string" + "MultiMeasureAttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MultiMeasureAttributeMapping" + }, + "markdownDescription": "Mappings that represent multiple source event fields mapped to measures in the same Timestream for LiveAnalytics record.", + "title": "MultiMeasureAttributeMappings", + "type": "array" }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", - "type": "number" + "MultiMeasureName": { + "markdownDescription": "The name of the multiple measurements per record (multi-measure).", + "title": "MultiMeasureName", + "type": "string" } }, + "required": [ + "MultiMeasureAttributeMappings", + "MultiMeasureName" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericSeparatorConfiguration": { + "AWS::Pipes::Pipe.NetworkConfiguration": { "additionalProperties": false, "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", - "type": "string" - }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.AwsVpcConfiguration", + "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", + "title": "AwsvpcConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalAggregationFunction": { + "AWS::Pipes::Pipe.PipeEnrichmentHttpParameters": { "additionalProperties": false, "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", - "type": "string" + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" + }, + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalDimensionField": { + "AWS::Pipes::Pipe.PipeEnrichmentParameters": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "HttpParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentHttpParameters", + "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", + "title": "HttpParameters" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "InputTemplate": { + "markdownDescription": "Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", + "title": "InputTemplate", "type": "string" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalMeasureField": { + "AWS::Pipes::Pipe.PipeLogConfiguration": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" + "CloudwatchLogsLogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.CloudwatchLogsLogDestination", + "markdownDescription": "The logging configuration settings for the pipe.", + "title": "CloudwatchLogsLogDestination" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" + "FirehoseLogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.FirehoseLogDestination", + "markdownDescription": "The Amazon Data Firehose logging configuration settings for the pipe.", + "title": "FirehoseLogDestination" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "IncludeExecutionData": { + "items": { + "type": "string" + }, + "markdownDescription": "Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe.\n\nThis applies to all log destinations for the pipe.\n\nFor more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* .\n\n*Allowed values:* `ALL`", + "title": "IncludeExecutionData", + "type": "array" + }, + "Level": { + "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the pipe.", + "title": "Level", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "S3LogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.S3LogDestination", + "markdownDescription": "The Amazon S3 logging configuration settings for the pipe.", + "title": "S3LogDestination" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PaginationConfiguration": { + "AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters": { "additionalProperties": false, "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", "type": "number" }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", "type": "number" + }, + "QueueName": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "QueueName", + "type": "string" } }, "required": [ - "PageNumber", - "PageSize" + "Credentials", + "QueueName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PanelConfiguration": { + "AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", - "title": "BackgroundColor", - "type": "string" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", - "type": "string" + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", + "markdownDescription": "Define the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", - "type": "string" + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", - "type": "string" + "MaximumRecordAgeInSeconds": { + "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", + "title": "MaximumRecordAgeInSeconds", + "type": "number" }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" + "MaximumRetryAttempts": { + "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", + "OnPartialBatchItemFailure": { + "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", + "title": "OnPartialBatchItemFailure", "type": "string" }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", - "type": "string" + "ParallelizationFactor": { + "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", + "StartingPosition": { + "markdownDescription": "(Streams only) The position in a stream from which to start reading.\n\n*Valid values* : `TRIM_HORIZON | LATEST`", + "title": "StartingPosition", "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" } }, + "required": [ + "StartingPosition" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PanelTitleOptions": { + "AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "", - "title": "FontConfiguration" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", - "type": "string" + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", + "markdownDescription": "Define the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ParameterControl": { - "additionalProperties": false, - "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" + "MaximumRecordAgeInSeconds": { + "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", + "title": "MaximumRecordAgeInSeconds", + "type": "number" }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" + "MaximumRetryAttempts": { + "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "OnPartialBatchItemFailure": { + "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", + "title": "OnPartialBatchItemFailure", + "type": "string" }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "ParallelizationFactor": { + "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", + "type": "string" + }, + "StartingPositionTimestamp": { + "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds.", + "title": "StartingPositionTimestamp", + "type": "string" } }, + "required": [ + "StartingPosition" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDateTimePickerControl": { + "AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", + "ConsumerGroupID": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "ConsumerGroupID", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MSKAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", + "TopicName": { + "markdownDescription": "The name of the topic that the pipe will read from.", + "title": "TopicName", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "TopicName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDeclaration": { + "AWS::Pipes::Pipe.PipeSourceParameters": { "additionalProperties": false, "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" + "ActiveMQBrokerParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters", + "markdownDescription": "The parameters for using an Active MQ broker as a source.", + "title": "ActiveMQBrokerParameters" }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" + "DynamoDBStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters", + "markdownDescription": "The parameters for using a DynamoDB stream as a source.", + "title": "DynamoDBStreamParameters" }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" + "FilterCriteria": { + "$ref": "#/definitions/AWS::Pipes::Pipe.FilterCriteria", + "markdownDescription": "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects.\n\nFor more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* .", + "title": "FilterCriteria" }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" + "KinesisStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters", + "markdownDescription": "The parameters for using a Kinesis stream as a source.", + "title": "KinesisStreamParameters" + }, + "ManagedStreamingKafkaParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters", + "markdownDescription": "The parameters for using an MSK stream as a source.", + "title": "ManagedStreamingKafkaParameters" + }, + "RabbitMQBrokerParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters", + "markdownDescription": "The parameters for using a Rabbit MQ broker as a source.", + "title": "RabbitMQBrokerParameters" + }, + "SelfManagedKafkaParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters", + "markdownDescription": "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* .", + "title": "SelfManagedKafkaParameters" + }, + "SqsQueueParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSqsQueueParameters", + "markdownDescription": "The parameters for using a Amazon SQS stream as a source.", + "title": "SqsQueueParameters" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDropDownControl": { + "AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", - "type": "string" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", - "type": "string" + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", + "QueueName": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "QueueName", "type": "string" }, - "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", + "VirtualHost": { + "markdownDescription": "The name of the virtual host associated with the source broker.", + "title": "VirtualHost", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Credentials", + "QueueName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterListControl": { + "AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "AdditionalBootstrapServers": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of server URLs.", + "title": "AdditionalBootstrapServers", + "type": "array" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", + "ConsumerGroupID": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "ConsumerGroupID", "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "ServerRootCaCertificate": { + "markdownDescription": "The ARN of the Secrets Manager secret used for certification.", + "title": "ServerRootCaCertificate", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", "type": "string" }, - "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", + "TopicName": { + "markdownDescription": "The name of the topic that the pipe will read from.", + "title": "TopicName", "type": "string" + }, + "Vpc": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc", + "markdownDescription": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used.", + "title": "Vpc" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "TopicName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterSelectableValues": { + "AWS::Pipes::Pipe.PipeSourceSqsQueueParameters": { "additionalProperties": false, "properties": { - "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", - "type": "array" + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterSliderControl": { + "AWS::Pipes::Pipe.PipeTargetBatchJobParameters": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "ArrayProperties": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchArrayProperties", + "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", + "title": "ArrayProperties" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "ContainerOverrides": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchContainerOverrides", + "markdownDescription": "The overrides that are sent to a container.", + "title": "ContainerOverrides" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchJobDependency" + }, + "markdownDescription": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin.", + "title": "DependsOn", + "type": "array" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", + "JobDefinition": { + "markdownDescription": "The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used.", + "title": "JobDefinition", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", + "JobName": { + "markdownDescription": "The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", + "title": "JobName", "type": "string" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", - "type": "string" + "RetryStrategy": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchRetryStrategy", + "markdownDescription": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition.", + "title": "RetryStrategy" } }, "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" + "JobDefinition", + "JobName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterTextAreaControl": { + "AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", + "LogStreamName": { + "markdownDescription": "The name of the log stream.", + "title": "LogStreamName", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", + "Timestamp": { + "markdownDescription": "A [dynamic path parameter](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) to a field in the payload containing the time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.\n\nThe value cannot be a static timestamp as the provided timestamp would be applied to all events delivered by the Pipe, regardless of when they are actually delivered.\n\nIf no dynamic path parameter is provided, the default value is the time the invocation is processed by the Pipe.", + "title": "Timestamp", "type": "string" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterTextFieldControl": { + "AWS::Pipes::Pipe.PipeTargetEcsTaskParameters": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", + "title": "CapacityProviderStrategy", + "type": "array" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", - "type": "string" + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "EnableECSManagedTags", + "type": "boolean" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Group": { + "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", "type": "string" - } - }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.Parameters": { - "additionalProperties": false, - "properties": { - "DateTimeParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameter" - }, - "markdownDescription": "The parameters that have a data type of date-time.", - "title": "DateTimeParameters", - "type": "array" }, - "DecimalParameters": { + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.NetworkConfiguration", + "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", + "title": "NetworkConfiguration" + }, + "Overrides": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsTaskOverride", + "markdownDescription": "The overrides that are associated with a task.", + "title": "Overrides" + }, + "PlacementConstraints": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameter" + "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementConstraint" }, - "markdownDescription": "The parameters that have a data type of decimal.", - "title": "DecimalParameters", + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", "type": "array" }, - "IntegerParameters": { + "PlacementStrategy": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameter" + "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementStrategy" }, - "markdownDescription": "The parameters that have a data type of integer.", - "title": "IntegerParameters", + "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", + "title": "PlacementStrategy", "type": "array" }, - "StringParameters": { + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", + "type": "string" + }, + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action.", + "title": "PropagateTags", + "type": "string" + }, + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The parameters that have a data type of string.", - "title": "StringParameters", + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", + "title": "Tags", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PercentVisibleRange": { - "additionalProperties": false, - "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", + "title": "TaskCount", "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", + "type": "string" } }, + "required": [ + "TaskDefinitionArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration": { + "AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" + "DetailType": { + "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", + "title": "DetailType", + "type": "string" }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" + "EndpointId": { + "markdownDescription": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` .", + "title": "EndpointId", + "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present.", + "title": "Resources", + "type": "array" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", + "Source": { + "markdownDescription": "The source of the event.", + "title": "Source", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", + "Time": { + "markdownDescription": "The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used.", + "title": "Time", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PercentileAggregation": { + "AWS::Pipes::Pipe.PipeTargetHttpParameters": { "additionalProperties": false, "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", - "type": "number" + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" + }, + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" + }, + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PeriodOverPeriodComputation": { + "AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "PartitionKey": { + "markdownDescription": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.", + "title": "PartitionKey", "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId" + "PartitionKey" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PeriodToDateComputation": { + "AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", + "InvocationType": { + "markdownDescription": "Specify whether to invoke the function synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n- `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", + "title": "InvocationType", "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells": { + "AWS::Pipes::Pipe.PipeTargetParameters": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", - "type": "array" + "BatchJobParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetBatchJobParameters", + "markdownDescription": "The parameters for using an AWS Batch job as a target.", + "title": "BatchJobParameters" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", - "type": "array" + "CloudWatchLogsParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters", + "markdownDescription": "The parameters for using an CloudWatch Logs log stream as a target.", + "title": "CloudWatchLogsParameters" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PieChartConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" + "EcsTaskParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEcsTaskParameters", + "markdownDescription": "The parameters for using an Amazon ECS task as a target.", + "title": "EcsTaskParameters" }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" + "EventBridgeEventBusParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters", + "markdownDescription": "The parameters for using an EventBridge event bus as a target.", + "title": "EventBridgeEventBusParameters" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "HttpParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetHttpParameters", + "markdownDescription": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations.", + "title": "HttpParameters" }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" + "InputTemplate": { + "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", + "title": "InputTemplate", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "KinesisStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters", + "markdownDescription": "The parameters for using a Kinesis stream as a target.", + "title": "KinesisStreamParameters" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "LambdaFunctionParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters", + "markdownDescription": "The parameters for using a Lambda function as a target.", + "title": "LambdaFunctionParameters" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "RedshiftDataParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters", + "markdownDescription": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement.", + "title": "RedshiftDataParameters" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", - "title": "SortConfiguration" + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters", + "markdownDescription": "The parameters for using a SageMaker AI pipeline as a target.", + "title": "SageMakerPipelineParameters" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "SqsQueueParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSqsQueueParameters", + "markdownDescription": "The parameters for using a Amazon SQS stream as a target.", + "title": "SqsQueueParameters" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" + "StepFunctionStateMachineParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetStateMachineParameters", + "markdownDescription": "The parameters for using a Step Functions state machine as a target.", + "title": "StepFunctionStateMachineParameters" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PieChartFieldWells": { - "additionalProperties": false, - "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" + "TimestreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetTimestreamParameters", + "markdownDescription": "The parameters for using a Timestream for LiveAnalytics table as a target.", + "title": "TimestreamParameters" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartSortConfiguration": { + "AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" + "Database": { + "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", + "title": "Database", + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "DbUser": { + "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", + "title": "DbUser", + "type": "string" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "SecretManagerArn": { + "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using Secrets Manager.", + "title": "SecretManagerArn", + "type": "string" }, - "SmallMultiplesSort": { + "Sqls": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "The SQL statement text to run.", + "title": "Sqls", "type": "array" + }, + "StatementName": { + "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", + "title": "StatementName", + "type": "string" + }, + "WithEvent": { + "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", + "title": "WithEvent", + "type": "boolean" } }, + "required": [ + "Database", + "Sqls" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartVisual": { + "AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "PipelineParameterList": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::Pipes::Pipe.SageMakerPipelineParameter" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", + "title": "PipelineParameterList", "type": "array" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetSqsQueueParameters": { + "additionalProperties": false, + "properties": { + "MessageDeduplicationId": { + "markdownDescription": "This parameter applies only to FIFO (first-in-first-out) queues.\n\nThe token used for deduplication of sent messages.", + "title": "MessageDeduplicationId", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotFieldSortOptions": { + "AWS::Pipes::Pipe.PipeTargetStateMachineParameters": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "InvocationType": { + "markdownDescription": "Specify whether to invoke the Step Functions state machine synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* .\n\n> `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows.\n- `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* .\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", + "title": "InvocationType", "type": "string" - }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" } }, - "required": [ - "FieldId", - "SortBy" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells": { + "AWS::Pipes::Pipe.PipeTargetTimestreamParameters": { "additionalProperties": false, "properties": { - "Columns": { + "DimensionMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::Pipes::Pipe.DimensionMapping" }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", + "markdownDescription": "Map source data to dimensions in the target Timestream for LiveAnalytics table.\n\nFor more information, see [Amazon Timestream for LiveAnalytics concepts](https://docs.aws.amazon.com/timestream/latest/developerguide/concepts.html)", + "title": "DimensionMappings", "type": "array" }, - "Rows": { + "EpochTimeUnit": { + "markdownDescription": "The granularity of the time units used. Default is `MILLISECONDS` .\n\nRequired if `TimeFieldType` is specified as `EPOCH` .", + "title": "EpochTimeUnit", + "type": "string" + }, + "MultiMeasureMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::Pipes::Pipe.MultiMeasureMapping" }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", + "markdownDescription": "Maps multiple measures from the source event to the same record in the specified Timestream for LiveAnalytics table.", + "title": "MultiMeasureMappings", "type": "array" }, - "Values": { + "SingleMeasureMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::Pipes::Pipe.SingleMeasureMapping" }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", + "markdownDescription": "Mappings of single source data fields to individual records in the specified Timestream for LiveAnalytics table.", + "title": "SingleMeasureMappings", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + }, + "TimeFieldType": { + "markdownDescription": "The type of time value used.\n\nThe default is `EPOCH` .", + "title": "TimeFieldType", "type": "string" }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" + "TimeValue": { + "markdownDescription": "Dynamic path to the source data field that represents the time value for your data.", + "title": "TimeValue", + "type": "string" }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope" - }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", - "type": "array" + "TimestampFormat": { + "markdownDescription": "How to format the timestamps. For example, `yyyy-MM-dd'T'HH:mm:ss'Z'` .\n\nRequired if `TimeFieldType` is specified as `TIMESTAMP_FORMAT` .", + "title": "TimestampFormat", + "type": "string" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "VersionValue": { + "markdownDescription": "64 bit version value or source data field that represents the version value for your data.\n\nWrite requests with a higher version number will update the existing measure values of the record and version. In cases where the measure value is the same, the version will still be updated.\n\nDefault value is 1.\n\nTimestream for LiveAnalytics does not support updating partial measure values in a record.\n\nWrite requests for duplicate data with a higher version number will update the existing measure value and version. In cases where the measure value is the same, `Version` will still be updated. Default value is `1` .\n\n> `Version` must be `1` or greater, or you will receive a `ValidationException` error.", + "title": "VersionValue", + "type": "string" } }, "required": [ - "FieldId" + "DimensionMappings", + "TimeValue", + "VersionValue" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption": { + "AWS::Pipes::Pipe.PlacementConstraint": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "Expression", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope": { + "AWS::Pipes::Pipe.PlacementStrategy": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", + "title": "Field", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConfiguration": { + "AWS::Pipes::Pipe.S3LogDestination": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", + "title": "BucketName", + "type": "string" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "BucketOwner": { + "markdownDescription": "The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", + "title": "BucketOwner", + "type": "string" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableDataPathOption": { - "additionalProperties": false, - "properties": { - "DataPathList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" - }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", - "type": "array" + "OutputFormat": { + "markdownDescription": "The format EventBridge uses for the log records.\n\nEventBridge currently only supports `json` formatting.", + "title": "OutputFormat", + "type": "string" }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", + "Prefix": { + "markdownDescription": "The prefix text with which to begin Amazon S3 log object names.\n\nFor more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "Prefix", "type": "string" } }, - "required": [ - "DataPathList" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption": { + "AWS::Pipes::Pipe.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", + "Name": { + "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Name", "type": "string" }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" + "Value": { + "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Value", + "type": "string" } }, "required": [ - "Target" + "Name", + "Value" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget": { + "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" - }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", - "type": "array" - }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", + "BasicAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "BasicAuth", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableFieldOption": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", + }, + "ClientCertificateTlsAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "ClientCertificateTlsAuth", "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", + "SaslScram256Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram256Auth", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", + "SaslScram512Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram512Auth", "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldOptions": { + "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc": { "additionalProperties": false, "properties": { - "CollapseStateOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption" - }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", - "type": "array" - }, - "DataPathOptions": { + "SecurityGroup": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableDataPathOption" + "type": "string" }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", + "markdownDescription": "Specifies the security groups associated with the stream. These security groups must all be in the same VPC. You can specify as many as five security groups.", + "title": "SecurityGroup", "type": "array" }, - "SelectedFieldOptions": { + "Subnets": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOption" + "type": "string" }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", + "markdownDescription": "Specifies the subnets associated with the stream. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions": { + "AWS::Pipes::Pipe.SingleMeasureMapping": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", + "MeasureName": { + "markdownDescription": "Target measure name for the measurement attribute in the Timestream table.", + "title": "MeasureName", + "type": "string" + }, + "MeasureValue": { + "markdownDescription": "Dynamic path of the source field to map to the measure in the record.", + "title": "MeasureValue", + "type": "string" + }, + "MeasureValueType": { + "markdownDescription": "Data type of the source field.", + "title": "MeasureValueType", "type": "string" } }, + "required": [ + "MeasureName", + "MeasureValue", + "MeasureValueType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldWells": { - "additionalProperties": false, - "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.PivotTableOptions": { + "AWS::Proton::EnvironmentAccountConnection": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" - }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", - "type": "string" - }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" - }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", - "type": "string" - }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", + "Condition": { "type": "string" }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" - }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" - }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" + "Metadata": { + "type": "object" }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CodebuildRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account.", + "title": "CodebuildRoleArn", + "type": "string" + }, + "ComponentRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account.\n\nThe environment account connection must have a `componentRoleArn` to allow directly defined components to be associated with any environments running in the account.\n\nFor more information about components, see [AWS Proton components](https://docs.aws.amazon.com/proton/latest/userguide/ag-components.html) in the *AWS Proton User Guide* .", + "title": "ComponentRoleArn", + "type": "string" + }, + "EnvironmentAccountId": { + "markdownDescription": "The environment account that's connected to the environment account connection.", + "title": "EnvironmentAccountId", + "type": "string" + }, + "EnvironmentName": { + "markdownDescription": "The name of the environment that's associated with the environment account connection.", + "title": "EnvironmentName", + "type": "string" + }, + "ManagementAccountId": { + "markdownDescription": "The ID of the management account that's connected to the environment account connection.", + "title": "ManagementAccountId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM service role that's associated with the environment account connection.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment account connection. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", + "Type": { + "enum": [ + "AWS::Proton::EnvironmentAccountConnection" + ], "type": "string" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions": { + "AWS::Proton::EnvironmentTemplate": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "Condition": { "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the environment template.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the environment template as displayed in the developer interface.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer provided encryption key for the environment template.", + "title": "EncryptionKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment template.", + "title": "Name", + "type": "string" + }, + "Provisioning": { + "markdownDescription": "When included, indicates that the environment template is for customer provisioned and managed infrastructure.", + "title": "Provisioning", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment template. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Proton::EnvironmentTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions": { + "AWS::Proton::ServiceTemplate": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the service template.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The service template name as displayed in the developer interface.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer provided service template encryption key that's used to encrypt data.", + "title": "EncryptionKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the service template.", + "title": "Name", + "type": "string" + }, + "PipelineProvisioning": { + "markdownDescription": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template.", + "title": "PipelineProvisioning", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An object that includes the template bundle S3 bucket path and name for the new version of a service template.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Proton::ServiceTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableSortBy": { + "AWS::QBusiness::Application": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", - "title": "Column" + "Condition": { + "type": "string" }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AttachmentsConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.AttachmentsConfiguration", + "markdownDescription": "Configuration information for the file upload during chat feature.", + "title": "AttachmentsConfiguration" + }, + "AutoSubscriptionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.AutoSubscriptionConfiguration", + "markdownDescription": "Subscription configuration information for an Amazon Q Business application using IAM identity federation for user management.", + "title": "AutoSubscriptionConfiguration" + }, + "ClientIdsForOIDC": { + "items": { + "type": "string" + }, + "markdownDescription": "The OIDC client ID for a Amazon Q Business application.", + "title": "ClientIdsForOIDC", + "type": "array" + }, + "Description": { + "markdownDescription": "A description for the Amazon Q Business application.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the Amazon Q Business application.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.EncryptionConfiguration", + "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt data indexed by Amazon Q Business. Amazon Q Business doesn't support asymmetric keys.", + "title": "EncryptionConfiguration" + }, + "IamIdentityProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an identity provider being used by an Amazon Q Business application.", + "title": "IamIdentityProviderArn", + "type": "string" + }, + "IdentityCenterInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance you are either creating for\u2014or connecting to\u2014your Amazon Q Business application.\n\n*Required* : `Yes`", + "title": "IdentityCenterInstanceArn", + "type": "string" + }, + "IdentityType": { + "markdownDescription": "The authentication type being used by a Amazon Q Business application.", + "title": "IdentityType", + "type": "string" + }, + "PersonalizationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.PersonalizationConfiguration", + "markdownDescription": "Configuration information about chat response personalization. For more information, see [Personalizing chat responses](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/personalizing-chat-responses.html) .", + "title": "PersonalizationConfiguration" + }, + "QAppsConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.QAppsConfiguration", + "markdownDescription": "Configuration information about Amazon Q Apps.", + "title": "QAppsConfiguration" + }, + "QuickSightConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.QuickSightConfiguration", + "markdownDescription": "The Amazon QuickSight configuration for an Amazon Q Business application that uses QuickSight as the identity provider.", + "title": "QuickSightConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permissions to access your Amazon CloudWatch logs and metrics. If this property is not specified, Amazon Q Business will create a [service linked role (SLR)](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/using-service-linked-roles.html#slr-permissions) and use it as the application's role.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize your Amazon Q Business application. You can also use tags to help control access to the application. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DisplayName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableSortConfiguration": { + "AWS::QBusiness::Application.AttachmentsConfiguration": { "additionalProperties": false, "properties": { - "FieldSortOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotFieldSortOptions" - }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", - "type": "array" + "AttachmentsControlMode": { + "markdownDescription": "Status information about whether file upload functionality is activated or deactivated for your end user.", + "title": "AttachmentsControlMode", + "type": "string" } }, + "required": [ + "AttachmentsControlMode" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableTotalOptions": { + "AWS::QBusiness::Application.AutoSubscriptionConfiguration": { "additionalProperties": false, "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" - }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" - }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" + "AutoSubscribe": { + "markdownDescription": "Describes whether automatic subscriptions are enabled for an Amazon Q Business application using IAM identity federation for user management.", + "title": "AutoSubscribe", + "type": "string" }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" + "DefaultSubscriptionType": { + "markdownDescription": "Describes the default subscription type assigned to an Amazon Q Business application using IAM identity federation for user management. If the value for `autoSubscribe` is set to `ENABLED` you must select a value for this field.", + "title": "DefaultSubscriptionType", + "type": "string" } }, + "required": [ + "AutoSubscribe" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableVisual": { + "AWS::QBusiness::Application.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key. Amazon Q Business doesn't support asymmetric keys.", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QBusiness::Application.PersonalizationConfiguration": { + "additionalProperties": false, + "properties": { + "PersonalizationControlMode": { + "markdownDescription": "An option to allow Amazon Q Business to customize chat responses using user specific metadata\u2014specifically, location and job information\u2014in your IAM Identity Center instance.", + "title": "PersonalizationControlMode", "type": "string" } }, "required": [ - "VisualId" + "PersonalizationControlMode" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTotalOptions": { + "AWS::QBusiness::Application.QAppsConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", + "QAppsControlMode": { + "markdownDescription": "Status information about whether end users can create and use Amazon Q Apps in the web experience.", + "title": "QAppsControlMode", "type": "string" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + } + }, + "required": [ + "QAppsControlMode" + ], + "type": "object" + }, + "AWS::QBusiness::Application.QuickSightConfiguration": { + "additionalProperties": false, + "properties": { + "ClientNamespace": { + "markdownDescription": "The Amazon QuickSight namespace that is used as the identity provider. For more information about QuickSight namespaces, see [Namespace operations](https://docs.aws.amazon.com/quicksight/latest/developerguide/namespace-operations.html) .", + "title": "ClientNamespace", + "type": "string" + } + }, + "required": [ + "ClientNamespace" + ], + "type": "object" + }, + "AWS::QBusiness::DataAccessor": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation options for each value field.", - "title": "TotalAggregationOptions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", - "title": "TotalCellStyle" + "Metadata": { + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "Properties": { + "additionalProperties": false, + "properties": { + "ActionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.ActionConfiguration" + }, + "markdownDescription": "A list of action configurations specifying the allowed actions and any associated filters.", + "title": "ActionConfigurations", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application.", + "title": "ApplicationId", + "type": "string" + }, + "AuthenticationDetail": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorAuthenticationDetail", + "markdownDescription": "The authentication configuration details for the data accessor. This specifies how the ISV authenticates when accessing data through this data accessor.", + "title": "AuthenticationDetail" + }, + "DisplayName": { + "markdownDescription": "The friendly name of the data accessor.", + "title": "DisplayName", + "type": "string" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the ISV associated with this data accessor.", + "title": "Principal", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the data accessor.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ActionConfigurations", + "ApplicationId", + "DisplayName", + "Principal" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::DataAccessor" + ], "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PredefinedHierarchy": { + "AWS::QBusiness::DataAccessor.ActionConfiguration": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" - }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", - "type": "array" - }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", + "Action": { + "markdownDescription": "The Amazon Q Business action that is allowed.", + "title": "Action", "type": "string" + }, + "FilterConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.ActionFilterConfiguration", + "markdownDescription": "The filter configuration for the action, if any.", + "title": "FilterConfiguration" } }, "required": [ - "Columns", - "HierarchyId" + "Action" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ProgressBarOptions": { + "AWS::QBusiness::DataAccessor.ActionFilterConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the progress bar.", - "title": "Visibility", - "type": "string" + "DocumentAttributeFilter": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter", + "markdownDescription": "Enables filtering of responses based on document attributes or metadata fields.", + "title": "DocumentAttributeFilter" } }, + "required": [ + "DocumentAttributeFilter" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells": { + "AWS::QBusiness::DataAccessor.AttributeFilter": { "additionalProperties": false, "properties": { - "Category": { + "AndAllFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter" }, - "markdownDescription": "The aggregated field well categories of a radar chart.", - "title": "Category", + "markdownDescription": "Performs a logical `AND` operation on all supplied filters.", + "title": "AndAllFilters", "type": "array" }, - "Color": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", - "type": "array" + "ContainsAll": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Returns `true` when a document contains all the specified document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `stringListValue` .", + "title": "ContainsAll" }, - "Values": { + "ContainsAny": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Returns `true` when a document contains any of the specified document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `stringListValue` .", + "title": "ContainsAny" + }, + "EqualsTo": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs an equals operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` , `longValue` , `stringListValue` and `stringValue` .", + "title": "EqualsTo" + }, + "GreaterThan": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a greater than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "GreaterThan" + }, + "GreaterThanOrEquals": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a greater or equals than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "GreaterThanOrEquals" + }, + "LessThan": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a less than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "LessThan" + }, + "LessThanOrEquals": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a less than or equals operation on two document attributes or metadata fields.Supported for the following [document attribute value type](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "LessThanOrEquals" + }, + "NotFilter": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter", + "markdownDescription": "Performs a logical `NOT` operation on all supplied filters.", + "title": "NotFilter" + }, + "OrAllFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter" }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", - "title": "Values", + "markdownDescription": "Performs a logical `OR` operation on all supplied filters.", + "title": "OrAllFilters", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings": { + "AWS::QBusiness::DataAccessor.DataAccessorAuthenticationConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", - "type": "string" + "IdcTrustedTokenIssuerConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorIdcTrustedTokenIssuerConfiguration", + "markdownDescription": "Configuration for IAM Identity Center Trusted Token Issuer (TTI) authentication used when the authentication type is `AWS_IAM_IDC_TTI` .", + "title": "IdcTrustedTokenIssuerConfiguration" } }, + "required": [ + "IdcTrustedTokenIssuerConfiguration" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartConfiguration": { + "AWS::QBusiness::DataAccessor.DataAccessorAuthenticationDetail": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" - }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" - }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", - "type": "string" - }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", - "type": "string" - }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", - "title": "CategoryLabelOptions" - }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", - "title": "ColorLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorAuthenticationConfiguration", + "markdownDescription": "The specific authentication configuration based on the authentication type.", + "title": "AuthenticationConfiguration" }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", + "AuthenticationType": { + "markdownDescription": "The type of authentication to use for the data accessor. This determines how the ISV authenticates when accessing data. You can use one of two authentication types:\n\n- `AWS_IAM_IDC_TTI` - Authentication using IAM Identity Center Trusted Token Issuer (TTI). This authentication type allows the ISV to use a trusted token issuer to generate tokens for accessing the data.\n- `AWS_IAM_IDC_AUTH_CODE` - Authentication using IAM Identity Center authorization code flow. This authentication type uses the standard OAuth 2.0 authorization code flow for authentication.", + "title": "AuthenticationType", "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", - "title": "SortConfiguration" - }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "ExternalIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of external identifiers associated with this authentication configuration. These are used to correlate the data accessor with external systems.", + "title": "ExternalIds", + "type": "array" } }, + "required": [ + "AuthenticationType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartFieldWells": { + "AWS::QBusiness::DataAccessor.DataAccessorIdcTrustedTokenIssuerConfiguration": { "additionalProperties": false, "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" + "IdcTrustedTokenIssuerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center Trusted Token Issuer that will be used for authentication.", + "title": "IdcTrustedTokenIssuerArn", + "type": "string" } }, + "required": [ + "IdcTrustedTokenIssuerArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartSeriesSettings": { + "AWS::QBusiness::DataAccessor.DocumentAttribute": { "additionalProperties": false, "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "Name": { + "markdownDescription": "The identifier for the attribute.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttributeValue", + "markdownDescription": "The value of the attribute.", + "title": "Value" } }, + "required": [ + "Name", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartSortConfiguration": { + "AWS::QBusiness::DataAccessor.DocumentAttributeValue": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The category sort options of a radar chart.", - "title": "CategorySort", - "type": "array" + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt's important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", + "type": "string" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", - "title": "ColorItemsLimit" + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", + "type": "number" }, - "ColorSort": { + "StringListValue": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The color sort configuration of a radar chart.", - "title": "ColorSort", + "markdownDescription": "A list of strings.", + "title": "StringListValue", "type": "array" + }, + "StringValue": { + "markdownDescription": "A string.", + "title": "StringValue", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartVisual": { + "AWS::QBusiness::DataSource": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application the data source will be attached to.", + "title": "ApplicationId", + "type": "string" + }, + "Configuration": { + "markdownDescription": "Use this property to specify a JSON or YAML schema with configuration properties specific to your data source connector to connect your data source repository to Amazon Q Business . You must use the JSON or YAML schema provided by Amazon Q .\n\nThe following links have the configuration properties and schemas for AWS CloudFormation for the following connectors:\n\n- [Amazon Simple Storage Service](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/s3-cfn.html)\n- [Amazon Q Web Crawler](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/web-crawler-cfn.html)\n\nSimilarly, you can find configuration templates and properties for your specific data source using the following steps:\n\n- Navigate to the [Supported connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connectors-list.html) page in the Amazon Q Business User Guide, and select the data source connector of your choice.\n- Then, from that specific data source connector's page, choose the topic containing *Using AWS CloudFormation* to find the schemas for your data source connector, including configuration parameter descriptions and examples.", + "title": "Configuration", + "type": "object" + }, + "Description": { + "markdownDescription": "A description for the data source connector.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the Amazon Q Business data source.", + "title": "DisplayName", + "type": "string" + }, + "DocumentEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentEnrichmentConfiguration", + "markdownDescription": "Provides the configuration information for altering document metadata and content during the document ingestion process.\n\nFor more information, see [Custom document enrichment](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/custom-document-enrichment.html) .", + "title": "DocumentEnrichmentConfiguration" + }, + "IndexId": { + "markdownDescription": "The identifier of the index the data source is attached to.", + "title": "IndexId", + "type": "string" + }, + "MediaExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.MediaExtractionConfiguration", + "markdownDescription": "The configuration for extracting information from media in documents.", + "title": "MediaExtractionConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to access the data source and required resources.", + "title": "RoleArn", + "type": "string" + }, + "SyncSchedule": { + "markdownDescription": "Sets the frequency for Amazon Q Business to check the documents in your data source repository and update your index. If you don't set a schedule, Amazon Q Business won't periodically update the index.\n\nSpecify a `cron-` format schedule string or an empty string to indicate that the index is updated on demand. You can't specify the `Schedule` parameter when the `Type` parameter is set to `CUSTOM` . If you do, you receive a `ValidationException` exception.", + "title": "SyncSchedule", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Configuration information for an Amazon VPC (Virtual Private Cloud) to connect to your data source. For more information, see [Using Amazon VPC with Amazon Q Business connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connector-vpc.html) .", + "title": "VpcConfiguration" + } + }, + "required": [ + "ApplicationId", + "Configuration", + "DisplayName", + "IndexId" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::QBusiness::DataSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.RangeEndsLabelType": { + "AWS::QBusiness::DataSource.AudioExtractionConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the range ends label.", - "title": "Visibility", + "AudioExtractionStatus": { + "markdownDescription": "The status of audio extraction (ENABLED or DISABLED) for processing audio content from files.", + "title": "AudioExtractionStatus", "type": "string" } }, + "required": [ + "AudioExtractionStatus" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLine": { + "AWS::QBusiness::DataSource.DataSourceVpcConfiguration": { "additionalProperties": false, "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Q Business to connect to the data source.", + "title": "SecurityGroupIds", + "type": "array" }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], + "type": "object" + }, + "AWS::QBusiness::DataSource.DocumentAttributeCondition": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Q Business currently doesn't support `_document_body` as an attribute key used for the condition.", + "title": "Key", + "type": "string" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "Operator": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Q Business currently does not support `_document_body` as an attribute key used for the condition.", + "title": "Operator", "type": "string" }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeValue", + "markdownDescription": "The value of a document attribute. You can only provide one value for a document attribute.", + "title": "Value" } }, "required": [ - "DataConfiguration" + "Key", + "Operator" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration": { + "AWS::QBusiness::DataSource.DocumentAttributeTarget": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", + "AttributeValueOperator": { + "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` .", + "title": "AttributeValueOperator", + "type": "string" + }, + "Key": { + "markdownDescription": "The identifier of the target document attribute or metadata field. For example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", + "title": "Key", "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeValue", + "markdownDescription": "The value of a document attribute. You can only provide one value for a document attribute.", + "title": "Value" } }, "required": [ - "CustomLabel" + "Key" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration": { + "AWS::QBusiness::DataSource.DocumentAttributeValue": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt's important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", "type": "string" }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", + "type": "number" }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", - "type": "string" + "StringListValue": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings.", + "title": "StringListValue", + "type": "array" }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" + "StringValue": { + "markdownDescription": "A string.", + "title": "StringValue", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration": { + "AWS::QBusiness::DataSource.DocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" + "InlineConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.InlineDocumentEnrichmentConfiguration" + }, + "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Q Business.", + "title": "InlineConfigurations", + "type": "array" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" + "PostExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) .", + "title": "PostExtractionHookConfiguration" }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" + "PreExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) .", + "title": "PreExtractionHookConfiguration" } }, - "required": [ - "Calculation", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration": { + "AWS::QBusiness::DataSource.HookConfiguration": { "additionalProperties": false, "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" + "InvocationCondition": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeCondition", + "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Q Business should invoke a function that inserts the current date-time.", + "title": "InvocationCondition" }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function during ingestion. For more information, see [Using Lambda functions for Amazon Q Business document enrichment](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/cde-lambda-operations.html) .", + "title": "LambdaArn", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" - }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process.", + "title": "RoleArn", "type": "string" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" - }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", + "S3BucketName": { + "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html#cde-lambda-operations-data-contracts) .", + "title": "S3BucketName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration": { + "AWS::QBusiness::DataSource.ImageExtractionConfiguration": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" + "ImageExtractionStatus": { + "markdownDescription": "Specify whether to extract semantic meaning from images and visuals from documents.", + "title": "ImageExtractionStatus", + "type": "string" } }, "required": [ - "Value" + "ImageExtractionStatus" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration": { + "AWS::QBusiness::DataSource.InlineDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", - "type": "string" + "Condition": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeCondition", + "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Q Business .", + "title": "Condition" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "DocumentContentOperator": { + "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", + "title": "DocumentContentOperator", "type": "string" + }, + "Target": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeTarget", + "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Q Business . You can also include a value.", + "title": "Target" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration": { + "AWS::QBusiness::DataSource.MediaExtractionConfiguration": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" + "AudioExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.AudioExtractionConfiguration", + "markdownDescription": "Configuration settings for extracting and processing audio content from media files.", + "title": "AudioExtractionConfiguration" }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", - "type": "string" + "ImageExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.ImageExtractionConfiguration", + "markdownDescription": "The configuration for extracting semantic meaning from images in documents. For more information, see [Extracting semantic meaning from images and visuals](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/extracting-meaning-from-images.html) .", + "title": "ImageExtractionConfiguration" + }, + "VideoExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.VideoExtractionConfiguration", + "markdownDescription": "Configuration settings for extracting and processing video content from media files.", + "title": "VideoExtractionConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions": { + "AWS::QBusiness::DataSource.VideoExtractionConfiguration": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", + "VideoExtractionStatus": { + "markdownDescription": "The status of video extraction (ENABLED or DISABLED) for processing video content from files.", + "title": "VideoExtractionStatus", "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" } }, + "required": [ + "VideoExtractionStatus" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RelativeDatesFilter": { + "AWS::QBusiness::Index": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Condition": { + "type": "string" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" - }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", - "type": "number" + "Metadata": { + "type": "object" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" - } - }, - "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.ResourcePermission": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application using the index.", + "title": "ApplicationId", + "type": "string" + }, + "CapacityConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Index.IndexCapacityConfiguration", + "markdownDescription": "The capacity units you want to provision for your index. You can add and remove capacity to fit your usage needs.", + "title": "CapacityConfiguration" + }, + "Description": { + "markdownDescription": "A description for the Amazon Q Business index.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the index.", + "title": "DisplayName", + "type": "string" + }, + "DocumentAttributeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::Index.DocumentAttributeConfiguration" + }, + "markdownDescription": "Configuration information for document attributes. Document attributes are metadata or fields associated with your documents. For example, the company department name associated with each document.\n\nFor more information, see [Understanding document attributes](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/doc-attributes.html) .", + "title": "DocumentAttributeConfigurations", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the index. You can also use tags to help control access to the index. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The index type that's suitable for your needs. For more information on what's included in each type of index, see [Amazon Q Business tiers](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/tiers.html#index-tiers) .", + "title": "Type", + "type": "string" + } }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" + "required": [ + "ApplicationId", + "DisplayName" + ], + "type": "object" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", - "type": "string" - } - }, - "required": [ - "Actions", - "Principal" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.RollingDateConfiguration": { - "additionalProperties": false, - "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "Type": { + "enum": [ + "AWS::QBusiness::Index" + ], "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", - "title": "Expression", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Expression" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.RowAlternateColorOptions": { + "AWS::QBusiness::Index.DocumentAttributeConfiguration": { "additionalProperties": false, "properties": { - "RowAlternateColors": { - "items": { - "type": "string" - }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", - "type": "array" + "Name": { + "markdownDescription": "The name of the document attribute.", + "title": "Name", + "type": "string" }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", + "Search": { + "markdownDescription": "Information about whether the document attribute can be used by an end user to search for information on their web experience.", + "title": "Search", "type": "string" }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", + "Type": { + "markdownDescription": "The type of document attribute.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration": { + "AWS::QBusiness::Index.IndexCapacityConfiguration": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", - "type": "string" - }, - "TargetVisuals": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", - "type": "array" + "Units": { + "markdownDescription": "The number of storage units configured for an Amazon Q Business index.", + "title": "Units", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells": { + "AWS::QBusiness::Index.IndexStatistics": { "additionalProperties": false, "properties": { - "Destination": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", - "type": "array" - }, - "Source": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", - "type": "array" - }, - "Weight": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", - "type": "array" + "TextDocumentStatistics": { + "$ref": "#/definitions/AWS::QBusiness::Index.TextDocumentStatistics", + "markdownDescription": "The number of documents indexed.", + "title": "TextDocumentStatistics" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration": { + "AWS::QBusiness::Index.TextDocumentStatistics": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "FieldWells" + "IndexedTextBytes": { + "markdownDescription": "The total size, in bytes, of the indexed documents.", + "title": "IndexedTextBytes", + "type": "number" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", - "title": "SortConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SankeyDiagramFieldWells": { - "additionalProperties": false, - "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" + "IndexedTextDocumentCount": { + "markdownDescription": "The number of text documents indexed.", + "title": "IndexedTextDocumentCount", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration": { + "AWS::QBusiness::Permission": { "additionalProperties": false, "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" + "Condition": { + "type": "string" }, - "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "WeightSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SankeyDiagramVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", - "title": "ChartConfiguration" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon Q Business actions that the ISV is allowed to perform.", + "title": "Actions", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application.", + "title": "ApplicationId", + "type": "string" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::Permission.Condition" + }, + "markdownDescription": "", + "title": "Conditions", + "type": "array" + }, + "Principal": { + "markdownDescription": "Provides user and group information used for filtering documents to use for generating Amazon Q Business conversation responses.", + "title": "Principal", + "type": "string" + }, + "StatementId": { + "markdownDescription": "A unique identifier for the policy statement.", + "title": "StatementId", + "type": "string" + } + }, + "required": [ + "Actions", + "ApplicationId", + "Principal", + "StatementId" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::QBusiness::Permission" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::QBusiness::Permission.Condition": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" + "ConditionKey": { + "markdownDescription": "", + "title": "ConditionKey", + "type": "string" }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", - "type": "array" + "ConditionOperator": { + "markdownDescription": "", + "title": "ConditionOperator", + "type": "string" }, - "YAxis": { + "ConditionValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", + "markdownDescription": "", + "title": "ConditionValues", "type": "array" } }, + "required": [ + "ConditionKey", + "ConditionOperator", + "ConditionValues" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotConfiguration": { + "AWS::QBusiness::Plugin": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Condition": { + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" + "Metadata": { + "type": "object" }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the application that will contain the plugin.", + "title": "ApplicationId", + "type": "string" + }, + "AuthConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.PluginAuthConfiguration", + "markdownDescription": "Authentication configuration information for an Amazon Q Business plugin.", + "title": "AuthConfiguration" + }, + "CustomPluginConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.CustomPluginConfiguration", + "markdownDescription": "Configuration information required to create a custom plugin.", + "title": "CustomPluginConfiguration" + }, + "DisplayName": { + "markdownDescription": "The name of the plugin.", + "title": "DisplayName", + "type": "string" + }, + "ServerUrl": { + "markdownDescription": "The plugin server URL used for configuration.", + "title": "ServerUrl", + "type": "string" + }, + "State": { + "markdownDescription": "The current status of the plugin.", + "title": "State", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the plugin.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "AuthConfiguration", + "DisplayName", + "Type" + ], + "type": "object" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" + "Type": { + "enum": [ + "AWS::QBusiness::Plugin" + ], + "type": "string" }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotFieldWells": { + "AWS::QBusiness::Plugin.APISchema": { "additionalProperties": false, "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" + "Payload": { + "markdownDescription": "The JSON or YAML-formatted payload defining the OpenAPI schema for a custom plugin.", + "title": "Payload", + "type": "string" }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" + "S3": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.S3", + "markdownDescription": "Contains details about the S3 object containing the OpenAPI schema for a custom plugin. The schema could be in either JSON or YAML format.", + "title": "S3" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells": { + "AWS::QBusiness::Plugin.BasicAuthConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" - }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", - "type": "array" + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the basic authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", + "type": "string" }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", - "type": "array" + "SecretArn": { + "markdownDescription": "The ARN of the Secrets Manager secret that stores the basic authentication credentials used for plugin configuration..", + "title": "SecretArn", + "type": "string" } }, + "required": [ + "RoleArn", + "SecretArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotVisual": { + "AWS::QBusiness::Plugin.CustomPluginConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "ApiSchema": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.APISchema", + "markdownDescription": "Contains either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema.", + "title": "ApiSchema" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "ApiSchemaType": { + "markdownDescription": "The type of OpenAPI schema to use.", + "title": "ApiSchemaType", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Description": { + "markdownDescription": "A description for your custom plugin configuration.", + "title": "Description", "type": "string" } }, "required": [ - "VisualId" + "ApiSchema", + "ApiSchemaType", + "Description" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScrollBarOptions": { + "AWS::QBusiness::Plugin.OAuth2ClientCredentialConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", + "AuthorizationUrl": { + "markdownDescription": "The redirect URL required by the OAuth 2.0 protocol for Amazon Q Business to authenticate a plugin user through a third party authentication server.", + "title": "AuthorizationUrl", "type": "string" }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SecondaryValueOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the OAuth 2.0 authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SectionAfterPageBreak": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", - "title": "Status", + }, + "SecretArn": { + "markdownDescription": "The ARN of the Secrets Manager secret that stores the OAuth 2.0 credentials/token used for plugin configuration.", + "title": "SecretArn", + "type": "string" + }, + "TokenUrl": { + "markdownDescription": "The URL required by the OAuth 2.0 protocol to exchange an end user authorization code for an access token.", + "title": "TokenUrl", "type": "string" } }, + "required": [ + "RoleArn", + "SecretArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions": { + "AWS::QBusiness::Plugin.PluginAuthConfiguration": { "additionalProperties": false, "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" + "BasicAuthConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.BasicAuthConfiguration", + "markdownDescription": "Information about the basic authentication credentials used to configure a plugin.", + "title": "BasicAuthConfiguration" + }, + "NoAuthConfiguration": { + "markdownDescription": "Information about invoking a custom plugin without any authentication.", + "title": "NoAuthConfiguration", + "type": "object" + }, + "OAuth2ClientCredentialConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.OAuth2ClientCredentialConfiguration", + "markdownDescription": "Information about the OAuth 2.0 authentication credential/token used to configure a plugin.", + "title": "OAuth2ClientCredentialConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration": { + "AWS::QBusiness::Plugin.S3": { "additionalProperties": false, "properties": { - "BodySections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionConfiguration" - }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", - "type": "array" - }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" - }, - "FooterSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", - "type": "array" + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", + "type": "string" }, - "HeaderSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", - "type": "array" + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", + "type": "string" } }, "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" + "Bucket", + "Key" ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions": { + "AWS::QBusiness::Retriever": { "additionalProperties": false, "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" + "Condition": { + "type": "string" }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application using the retriever.", + "title": "ApplicationId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.RetrieverConfiguration", + "markdownDescription": "Provides information on how the retriever used for your Amazon Q Business application is configured.", + "title": "Configuration" + }, + "DisplayName": { + "markdownDescription": "The name of your retriever.", + "title": "DisplayName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the basic authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the retriever. You can also use tags to help control access to the retriever. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of your retriever.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "Configuration", + "DisplayName", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Retriever" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionLayoutConfiguration": { + "AWS::QBusiness::Retriever.KendraIndexConfiguration": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" + "IndexId": { + "markdownDescription": "The identifier of the Amazon Kendra index.", + "title": "IndexId", + "type": "string" } }, "required": [ - "FreeFormLayout" + "IndexId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionPageBreakConfiguration": { + "AWS::QBusiness::Retriever.NativeIndexConfiguration": { "additionalProperties": false, "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" + "IndexId": { + "markdownDescription": "The identifier for the Amazon Q Business index.", + "title": "IndexId", + "type": "string" } }, + "required": [ + "IndexId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionStyle": { + "AWS::QBusiness::Retriever.RetrieverConfiguration": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", - "type": "string" + "KendraIndexConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.KendraIndexConfiguration", + "markdownDescription": "Provides information on how the Amazon Kendra index used as a retriever for your Amazon Q Business application is configured.", + "title": "KendraIndexConfiguration" }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" + "NativeIndexConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.NativeIndexConfiguration", + "markdownDescription": "Provides information on how a Amazon Q Business index used as a retriever for your Amazon Q Business application is configured.", + "title": "NativeIndexConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration": { + "AWS::QBusiness::WebExperience": { "additionalProperties": false, "properties": { - "SheetVisualScopingConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business web experience.", + "title": "ApplicationId", + "type": "string" + }, + "BrowserExtensionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.BrowserExtensionConfiguration", + "markdownDescription": "The container for browser extension configuration for an Amazon Q Business web experience.", + "title": "BrowserExtensionConfiguration" + }, + "CustomizationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.CustomizationConfiguration", + "markdownDescription": "Contains the configuration information to customize the logo, font, and color of an Amazon Q Business web experience with individual files for each property or a CSS file for them all.", + "title": "CustomizationConfiguration" + }, + "IdentityProviderConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.IdentityProviderConfiguration", + "markdownDescription": "Provides information about the identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "IdentityProviderConfiguration" + }, + "Origins": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the website domain origins that are allowed to embed the Amazon Q Business web experience. The *domain origin* refers to the base URL for accessing a website including the protocol ( `http/https` ), the domain name, and the port number (if specified).\n\n> You must only submit a *base URL* and not a full path. For example, `https://docs.aws.amazon.com` .", + "title": "Origins", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service role attached to your web experience.\n\n> You must provide this value if you're using IAM Identity Center to manage end user access to your application. If you're using legacy identity management to manage user access, you don't need to provide this value.", + "title": "RoleArn", + "type": "string" + }, + "SamplePromptsControlMode": { + "markdownDescription": "Determines whether sample prompts are enabled in the web experience for an end user.", + "title": "SamplePromptsControlMode", + "type": "string" + }, + "Subtitle": { + "markdownDescription": "A subtitle to personalize your Amazon Q Business web experience.", + "title": "Subtitle", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize your Amazon Q Business web experience. You can also use tags to help control access to the web experience. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Title": { + "markdownDescription": "The title for your Amazon Q Business web experience.", + "title": "Title", + "type": "string" + }, + "WelcomeMessage": { + "markdownDescription": "A message in an Amazon Q Business web experience.", + "title": "WelcomeMessage", + "type": "string" + } }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SeriesItem": { - "additionalProperties": false, - "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" + "required": [ + "ApplicationId" + ], + "type": "object" }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SetParameterValueConfiguration": { - "additionalProperties": false, - "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", + "Type": { + "enum": [ + "AWS::QBusiness::WebExperience" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DestinationParameterName", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ShapeConditionalFormat": { + "AWS::QBusiness::WebExperience.BrowserExtensionConfiguration": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "EnabledBrowserExtensions": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify the browser extensions allowed for your Amazon Q web experience.\n\n- `CHROME` \u2014 Enables the extension for Chromium-based browsers (Google Chrome, Microsoft Edge, Opera, etc.).\n- `FIREFOX` \u2014 Enables the extension for Mozilla Firefox.\n- `CHROME` and `FIREFOX` \u2014 Enable the extension for Chromium-based browsers and Mozilla Firefox.", + "title": "EnabledBrowserExtensions", + "type": "array" } }, "required": [ - "BackgroundColor" + "EnabledBrowserExtensions" ], "type": "object" }, - "AWS::QuickSight::Dashboard.Sheet": { + "AWS::QBusiness::WebExperience.CustomizationConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "CustomCSSUrl": { + "markdownDescription": "Provides the URL where the custom CSS file is hosted for an Amazon Q web experience.", + "title": "CustomCSSUrl", "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "FaviconUrl": { + "markdownDescription": "Provides the URL where the custom favicon file is hosted for an Amazon Q web experience.", + "title": "FaviconUrl", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions": { - "additionalProperties": false, - "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", + }, + "FontUrl": { + "markdownDescription": "Provides the URL where the custom font file is hosted for an Amazon Q web experience.", + "title": "FontUrl", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", + "LogoUrl": { + "markdownDescription": "Provides the URL where the custom logo file is hosted for an Amazon Q web experience.", + "title": "LogoUrl", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlLayout": { + "AWS::QBusiness::WebExperience.IdentityProviderConfiguration": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" + "OpenIDConnectConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.OpenIDConnectProviderConfiguration", + "markdownDescription": "The OIDC-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "OpenIDConnectConfiguration" + }, + "SamlConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.SamlProviderConfiguration", + "markdownDescription": "The SAML 2.0-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "SamlConfiguration" } }, - "required": [ - "Configuration" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration": { + "AWS::QBusiness::WebExperience.OpenIDConnectProviderConfiguration": { "additionalProperties": false, "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" + "SecretsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a Secrets Manager secret containing the OIDC client secret.", + "title": "SecretsArn", + "type": "string" + }, + "SecretsRole": { + "markdownDescription": "An IAM role with permissions to access AWS KMS to decrypt the Secrets Manager secret containing your OIDC client secret.", + "title": "SecretsRole", + "type": "string" } }, + "required": [ + "SecretsArn", + "SecretsRole" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlsOption": { + "AWS::QBusiness::WebExperience.SamlProviderConfiguration": { "additionalProperties": false, "properties": { - "VisibilityState": { - "markdownDescription": "Visibility state.", - "title": "VisibilityState", + "AuthenticationUrl": { + "markdownDescription": "The URL where Amazon Q Business end users will be redirected for authentication.", + "title": "AuthenticationUrl", "type": "string" } }, + "required": [ + "AuthenticationUrl" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetDefinition": { + "AWS::QLDB::Ledger": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", + "Condition": { "type": "string" }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FilterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterControl" - }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", - "type": "array" - }, - "Layouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Layout" - }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", - "type": "string" + "Metadata": { + "type": "object" }, - "ParameterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterControl" + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "Specifies whether the ledger is protected from being deleted by any user. If not defined during ledger creation, this feature is enabled ( `true` ) by default.\n\nIf deletion protection is enabled, you must first disable it before you can delete the ledger. You can disable it by calling the `UpdateLedger` operation to set this parameter to `false` .", + "title": "DeletionProtection", + "type": "boolean" + }, + "KmsKey": { + "markdownDescription": "The key in AWS Key Management Service ( AWS KMS ) to use for encryption of data at rest in the ledger. For more information, see [Encryption at rest](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html) in the *Amazon QLDB Developer Guide* .\n\nUse one of the following options to specify this parameter:\n\n- `AWS_OWNED_KMS_KEY` : Use an AWS KMS key that is owned and managed by AWS on your behalf.\n- *Undefined* : By default, use an AWS owned KMS key.\n- *A valid symmetric customer managed KMS key* : Use the specified symmetric encryption KMS key in your account that you create, own, and manage.\n\nAmazon QLDB does not support asymmetric keys. For more information, see [Using symmetric and asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .\n\nTo specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with `\"alias/\"` . To specify a key in a different AWS account , you must use the key ARN or alias ARN.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`\n\nFor more information, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the ledger that you want to create. The name must be unique among all of the ledgers in your AWS account in the current Region.\n\nNaming constraints for ledger names are defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", + "title": "Name", + "type": "string" + }, + "PermissionsMode": { + "markdownDescription": "The permissions mode to assign to the ledger that you want to create. This parameter can have one of the following values:\n\n- `ALLOW_ALL` : A legacy permissions mode that enables access control with API-level granularity for ledgers.\n\nThis mode allows users who have the `SendCommand` API permission for this ledger to run all PartiQL commands (hence, `ALLOW_ALL` ) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.\n- `STANDARD` : ( *Recommended* ) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.\n\nBy default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the `SendCommand` API permission for the ledger. For information, see [Getting started with the standard permissions mode](https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html) in the *Amazon QLDB Developer Guide* .\n\n> We strongly recommend using the `STANDARD` permissions mode to maximize the security of your ledger data.", + "title": "PermissionsMode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", - "type": "array" + "required": [ + "PermissionsMode" + ], + "type": "object" }, - "SheetControlLayouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayout" - }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", - "type": "array" + "Type": { + "enum": [ + "AWS::QLDB::Ledger" + ], + "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QLDB::Stream": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "TextBoxes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetTextBox" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ExclusiveEndTime": { + "markdownDescription": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .", + "title": "ExclusiveEndTime", + "type": "string" + }, + "InclusiveStartTime": { + "markdownDescription": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` .", + "title": "InclusiveStartTime", + "type": "string" + }, + "KinesisConfiguration": { + "$ref": "#/definitions/AWS::QLDB::Stream.KinesisConfiguration", + "markdownDescription": "The configuration settings of the Kinesis Data Streams destination for your stream request.", + "title": "KinesisConfiguration" + }, + "LedgerName": { + "markdownDescription": "The name of the ledger.", + "title": "LedgerName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests.", + "title": "RoleArn", + "type": "string" + }, + "StreamName": { + "markdownDescription": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", + "title": "StreamName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", - "type": "array" + "required": [ + "InclusiveStartTime", + "KinesisConfiguration", + "LedgerName", + "RoleArn", + "StreamName" + ], + "type": "object" }, - "Title": { - "markdownDescription": "The title of the sheet.", - "title": "Title", + "Type": { + "enum": [ + "AWS::QLDB::Stream" + ], "type": "string" }, - "Visuals": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Visual" - }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "SheetId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides": { + "AWS::QLDB::Stream.KinesisConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", + "AggregationEnabled": { + "markdownDescription": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call.\n\nDefault: `True`\n\n> Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* .", + "title": "AggregationEnabled", + "type": "boolean" + }, + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.", + "title": "StreamArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetElementRenderingRule": { + "AWS::QuickSight::Analysis": { "additionalProperties": false, "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" + "Condition": { + "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AnalysisId": { + "markdownDescription": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", + "title": "AnalysisId", + "type": "string" + }, + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you are creating an analysis.", + "title": "AwsAccountId", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisError" + }, + "markdownDescription": "Errors associated with the analysis.", + "title": "Errors", + "type": "array" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A descriptive name for the analysis that you're creating. This name displays for the analysis in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Parameters", + "markdownDescription": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values.", + "title": "Parameters" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ResourcePermission" + }, + "markdownDescription": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` .", + "title": "Permissions", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceEntity", + "markdownDescription": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", + "title": "SourceEntity" + }, + "Status": { + "markdownDescription": "Status associated with the analysis.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis.", + "title": "Tags", + "type": "array" + }, + "ThemeArn": { + "markdownDescription": "The ARN for the theme to apply to the analysis that you're creating. To see the theme in the Amazon QuickSight console, make sure that you have access to it.", + "title": "ThemeArn", + "type": "string" + }, + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + } + }, + "required": [ + "AnalysisId", + "AwsAccountId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Analysis" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ConfigurationOverrides", - "Expression" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption": { + "AWS::QuickSight::Analysis.AggregationFunction": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the sheet layout maximization options of a dashbaord.", - "title": "AvailabilityStatus", + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" + }, + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" + }, + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", "type": "string" + }, + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetTextBox": { + "AWS::QuickSight::Analysis.AggregationSortConfiguration": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", - "type": "string" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" + }, + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", "type": "string" } }, "required": [ - "SheetTextBoxId" + "Column", + "SortDirection" ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration": { + "AWS::QuickSight::Analysis.AnalysisDefaults": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", - "type": "string" + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" + } + }, + "required": [ + "DefaultNewSheetConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.AnalysisDefinition": { + "additionalProperties": false, + "properties": { + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", - "type": "string" + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedField" + }, + "markdownDescription": "An array of calculated field definitions for the analysis.", + "title": "CalculatedFields", + "type": "array" }, - "VisualIds": { + "ColumnConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnConfiguration" }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", + "markdownDescription": "An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis.", + "title": "ColumnConfigurations", + "type": "array" + }, + "DataSetIdentifierDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetIdentifierDeclaration" + }, + "markdownDescription": "An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures.", + "title": "DataSetIdentifierDeclarations", + "type": "array" + }, + "FilterGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterGroup" + }, + "markdownDescription": "Filter definitions for an analysis.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AssetOptions", + "markdownDescription": "An array of option definitions for an analysis.", + "title": "Options" + }, + "ParameterDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDeclaration" + }, + "markdownDescription": "An array of parameter declarations for an analysis.\n\nParameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", + "type": "array" + }, + "QueryExecutionOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.QueryExecutionOptions", + "markdownDescription": "", + "title": "QueryExecutionOptions" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis.", + "title": "Sheets", + "type": "array" + }, + "StaticFiles": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFile" + }, + "markdownDescription": "The static files for the definition.", + "title": "StaticFiles", "type": "array" } }, "required": [ - "Scope", - "SheetId" + "DataSetIdentifierDeclarations" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ShortFormatText": { + "AWS::QuickSight::Analysis.AnalysisError": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "Message": { + "markdownDescription": "The message associated with the analysis error.", + "title": "Message", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "Type": { + "markdownDescription": "The type of the analysis error.", + "title": "Type", "type": "string" + }, + "ViolatedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Entity" + }, + "markdownDescription": "Lists the violated entities that caused the analysis error", + "title": "ViolatedEntities", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SimpleClusterMarker": { + "AWS::QuickSight::Analysis.AnalysisSourceEntity": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", - "type": "string" + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceTemplate", + "markdownDescription": "The source template for the source entity of the analysis.", + "title": "SourceTemplate" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SliderControlDisplayOptions": { + "AWS::QuickSight::Analysis.AnalysisSourceTemplate": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source template of an analysis.", + "title": "Arn", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetReference" + }, + "markdownDescription": "The dataset references of the source template of an analysis.", + "title": "DataSetReferences", + "type": "array" } }, + "required": [ + "Arn", + "DataSetReferences" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties": { + "AWS::QuickSight::Analysis.AnchorDateConfiguration": { "additionalProperties": false, "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", "type": "string" }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SmallMultiplesOptions": { + "AWS::QuickSight::Analysis.ArcAxisConfiguration": { "additionalProperties": false, "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", - "type": "number" + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", "type": "number" - }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" - }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" - }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.Spacing": { + "AWS::QuickSight::Analysis.ArcAxisDisplayRange": { "additionalProperties": false, "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", - "type": "string" - }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", - "type": "string" - }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", - "type": "string" + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", + "type": "number" }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", - "type": "string" + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.StringDefaultValues": { + "AWS::QuickSight::Analysis.ArcConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", + "type": "number" }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.StringFormatConfiguration": { + "AWS::QuickSight::Analysis.ArcOptions": { "additionalProperties": false, "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.StringParameter": { + "AWS::QuickSight::Analysis.AssetOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for a string parameter.", - "title": "Name", + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values of a string parameter.", - "title": "Values", - "type": "array" + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", + "type": "string" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.StringParameterDeclaration": { + "AWS::QuickSight::Analysis.AttributeAggregationFunction": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AxisDataOptions": { + "additionalProperties": false, + "properties": { + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.AxisDisplayMinMaxRange": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "string" + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", + "type": "number" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SubtotalOptions": { + "AWS::QuickSight::Analysis.AxisDisplayOptions": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", "type": "string" }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", "type": "string" }, - "FieldLevelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions" - }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", - "type": "array" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" - }, - "StyleTargets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableStyleTarget" - }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" + }, + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableAggregatedFieldWells": { + "AWS::QuickSight::Analysis.AxisDisplayRange": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableBorderOptions": { + "AWS::QuickSight::Analysis.AxisLabelOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", - "type": "string" + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", "type": "string" }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", - "type": "number" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellConditionalFormatting": { + "AWS::QuickSight::Analysis.AxisLabelReferenceOptions": { "additionalProperties": false, "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" + }, "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", + "markdownDescription": "The field that the axis label is targeted to.", "title": "FieldId", "type": "string" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" } }, "required": [ + "Column", "FieldId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration": { + "AWS::QuickSight::Analysis.AxisLinearScale": { "additionalProperties": false, "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", - "type": "string" + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellStyle": { + "AWS::QuickSight::Analysis.AxisLogarithmicScale": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", - "title": "BackgroundColor", - "type": "string" - }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" - }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", "type": "number" - }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", - "type": "string" - }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", - "type": "string" - }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", - "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableConditionalFormatting": { + "AWS::QuickSight::Analysis.AxisScale": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" + }, + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableConditionalFormattingOption": { + "AWS::QuickSight::Analysis.AxisTickLabelOptions": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableConfiguration": { + "AWS::QuickSight::Analysis.BarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", + "type": "array" }, - "TableInlineVisualizations": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableInlineVisualization" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", "type": "array" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", + "type": "array" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldCustomIconContent": { + "AWS::QuickSight::Analysis.BarChartConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", "type": "string" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldCustomTextContent": { + "AWS::QuickSight::Analysis.BarChartFieldWells": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" - }, - "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", - "title": "Value", - "type": "string" + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" } }, - "required": [ - "FontConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldImageConfiguration": { + "AWS::QuickSight::Analysis.BarChartSortConfiguration": { "additionalProperties": false, "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldLinkConfiguration": { + "AWS::QuickSight::Analysis.BarChartVisual": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Content", - "Target" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration": { + "AWS::QuickSight::Analysis.BinCountOptions": { "additionalProperties": false, "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BinWidthOptions": { + "additionalProperties": false, + "properties": { + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", + "type": "number" }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" + "Value": { + "markdownDescription": "The options that determine the bin width value.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldOption": { + "AWS::QuickSight::Analysis.BodySectionConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", - "type": "string" + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", - "type": "string" + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", "type": "string" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" } }, "required": [ - "FieldId" + "Content", + "SectionId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldOptions": { + "AWS::QuickSight::Analysis.BodySectionContent": { "additionalProperties": false, "properties": { - "Order": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", - "type": "array" + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BodySectionDynamicCategoryDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" }, - "SelectedFieldOptions": { + "SortByMetrics": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort" }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", "type": "array" } }, + "required": [ + "Column" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldURLConfiguration": { + "AWS::QuickSight::Analysis.BodySectionDynamicNumericDimensionConfiguration": { "additionalProperties": false, "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" } }, + "required": [ + "Column" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldWells": { + "AWS::QuickSight::Analysis.BodySectionRepeatConfiguration": { "additionalProperties": false, "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" + "NonRepeatingVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", + "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableInlineVisualization": { + "AWS::QuickSight::Analysis.BodySectionRepeatDimensionConfiguration": { "additionalProperties": false, "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" + }, + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableOptions": { + "AWS::QuickSight::Analysis.BodySectionRepeatPageBreakConfiguration": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" - }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" - }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", - "type": "string" - }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" + "After": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TablePaginatedReportOptions": { + "AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", - "type": "string" + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", + "title": "GroupBy", + "type": "array" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TablePinnedFieldOptions": { + "AWS::QuickSight::Analysis.BoxPlotChartConfiguration": { "additionalProperties": false, "properties": { - "PinnedLeftFields": { + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableRowConditionalFormatting": { + "AWS::QuickSight::Analysis.BoxPlotFieldWells": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableSideBorderOptions": { + "AWS::QuickSight::Analysis.BoxPlotOptions": { "additionalProperties": false, "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" - }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" - }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" - }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", + "type": "string" }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", + "type": "string" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableSortConfiguration": { + "AWS::QuickSight::Analysis.BoxPlotSortConfiguration": { "additionalProperties": false, "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" - }, - "RowSort": { + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", + "markdownDescription": "The sort configuration of a group by fields.", + "title": "CategorySort", "type": "array" + }, + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableStyleTarget": { + "AWS::QuickSight::Analysis.BoxPlotStyleOptions": { "additionalProperties": false, "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", "type": "string" } }, - "required": [ - "CellType" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" - }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", - "type": "array" - } - }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableVisual": { + "AWS::QuickSight::Analysis.BoxPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -206413,142 +220955,180 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions": { + "AWS::QuickSight::Analysis.CalculatedField": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", + "type": "string" }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", + "type": "string" } }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TextConditionalFormat": { + "AWS::QuickSight::Analysis.CalculatedMeasureField": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" - }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" } }, + "required": [ + "Expression", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TextControlPlaceholderOptions": { + "AWS::QuickSight::Analysis.CascadingControlConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", - "type": "string" + "SourceControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlSource" + }, + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions": { + "AWS::QuickSight::Analysis.CascadingControlSource": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ThousandSeparatorOptions": { + "AWS::QuickSight::Analysis.CategoricalDimensionField": { "additionalProperties": false, "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeBasedForecastProperties": { + "AWS::QuickSight::Analysis.CategoricalMeasureField": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", - "type": "number" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.CategoryDrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", + "type": "array" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" } }, + "required": [ + "CategoryValues", + "Column" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeEqualityFilter": { + "AWS::QuickSight::Analysis.CategoryFilter": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" + }, "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, @@ -206556,565 +221136,499 @@ "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", - "type": "string" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", - "type": "string" } }, "required": [ "Column", + "Configuration", "FilterId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter": { + "AWS::QuickSight::Analysis.CategoryFilterConfiguration": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", - "type": "string" + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", - "type": "string" + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" } }, - "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeFilter": { + "AWS::QuickSight::Analysis.CategoryInnerFilter": { "additionalProperties": false, "properties": { "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", "title": "Column" }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "", "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" - }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" } }, "required": [ "Column", - "FilterId", - "NullOption" + "Configuration" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeFilterValue": { + "AWS::QuickSight::Analysis.ChartAxisLabelOptions": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", - "type": "string" + "AxisLabelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelOptions" + }, + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", + "type": "array" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", + "type": "string" }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TooltipItem": { + "AWS::QuickSight::Analysis.ClusterMarker": { "additionalProperties": false, "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" - }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TooltipOptions": { + "AWS::QuickSight::Analysis.ClusterMarkerConfiguration": { "additionalProperties": false, "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" - }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ColorScale": { + "additionalProperties": false, + "properties": { + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", - "type": "string" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor" + }, + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", + "type": "array" + }, + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" } }, + "required": [ + "ColorFillType", + "Colors" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomFilter": { + "AWS::QuickSight::Analysis.ColorsConfiguration": { "additionalProperties": false, "properties": { - "AggregationSortConfigurations": { + "CustomColors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationSortConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomColor" }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ColumnConfiguration": { + "additionalProperties": false, + "properties": { + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" }, "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column.", "title": "Column" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", "type": "string" } }, "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" + "Column" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomMoversComputation": { + "AWS::QuickSight::Analysis.ColumnHierarchy": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", - "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" }, - "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", - "title": "Type", - "type": "string" + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomRankedComputation": { + "AWS::QuickSight::Analysis.ColumnIdentifier": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", "type": "string" }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", - "type": "number" - }, - "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId", - "Type" + "ColumnName", + "DataSetIdentifier" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationComputation": { + "AWS::QuickSight::Analysis.ColumnSort": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" } }, "required": [ - "ComputationId" + "Direction", + "SortBy" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationFunction": { + "AWS::QuickSight::Analysis.ColumnTooltipItem": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TotalAggregationOption": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", "type": "string" }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "string" } }, "required": [ - "FieldId", - "TotalAggregationFunction" + "Column" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalOptions": { + "AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", - "type": "string" - }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", - "type": "string" - }, - "TotalAggregationOptions": { + "BarValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", "type": "array" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Colors": { + "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", + "markdownDescription": "The aggregated category field wells of a combo chart.", + "title": "Category", "type": "array" }, - "Groups": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", "type": "array" }, - "Sizes": { + "LineValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapConfiguration": { + "AWS::QuickSight::Analysis.ComboChartConfiguration": { "additionalProperties": false, "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", + "type": "string" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", + "title": "ColorLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapFieldWells": { + "AWS::QuickSight::Analysis.ComboChartFieldWells": { "additionalProperties": false, "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapSortConfiguration": { + "AWS::QuickSight::Analysis.ComboChartSortConfiguration": { "additionalProperties": false, "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "title": "CategoryItemsLimit" }, - "TreeMapSort": { + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", + "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the color field well in a combo chart.", + "title": "ColorSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapVisual": { + "AWS::QuickSight::Analysis.ComboChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } @@ -207124,3654 +221638,3233 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.TrendArrowOptions": { + "AWS::QuickSight::Analysis.ComparisonConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", - "title": "Visibility", + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" + }, + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.UnaggregatedField": { + "AWS::QuickSight::Analysis.ComparisonFormatConfiguration": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.UniqueValuesComputation": { + "AWS::QuickSight::Analysis.Computation": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "ComputationId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.ValidationStrategy": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", - "type": "string" + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" + }, + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" + }, + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" + }, + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" + }, + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisibleRangeOptions": { + "AWS::QuickSight::Analysis.ConditionalFormattingColor": { "additionalProperties": false, "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.Visual": { + "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" - }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" - }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" - }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" - }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" - }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" - }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" - }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" - }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" - }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" - }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" - }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" - }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" - }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" - }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" - }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" - }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" - }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" - }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", + "type": "string" }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", + "type": "string" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" } }, + "required": [ + "Expression", + "IconOptions" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualAxisSortOption": { + "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availaiblity status of a visual's axis sort options.", - "title": "AvailabilityStatus", + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", + "type": "string" + }, + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualCustomAction": { + "AWS::QuickSight::Analysis.ConditionalFormattingGradientColor": { "additionalProperties": false, "properties": { - "ActionOperations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomActionOperation" - }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", - "type": "array" - }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", - "title": "Name", - "type": "string" - }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", - "type": "string" + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", "type": "string" } }, "required": [ - "ActionOperations", - "CustomActionId", - "Name", - "Trigger" + "Color", + "Expression" ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualCustomActionOperation": { + "AWS::QuickSight::Analysis.ConditionalFormattingIcon": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" - }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" - }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualMenuOption": { + "AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availaiblity status of a visual's menu options.", - "title": "AvailabilityStatus", + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualPalette": { + "AWS::QuickSight::Analysis.ConditionalFormattingIconSet": { "additionalProperties": false, "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", "type": "string" }, - "ColorMap": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathColor" - }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", - "type": "array" + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", + "type": "string" } }, + "required": [ + "Expression" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions": { + "AWS::QuickSight::Analysis.ConditionalFormattingSolidColor": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for solid color.", + "title": "Expression", "type": "string" } }, + "required": [ + "Expression" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualTitleLabelOptions": { + "AWS::QuickSight::Analysis.ContextMenuOption": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" - }, - "Visibility": { - "markdownDescription": "The visibility of the title label.", - "title": "Visibility", + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.ContributionAnalysisDefault": { "additionalProperties": false, "properties": { - "Breakdowns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", - "type": "array" - }, - "Categories": { + "ContributorDimensions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", "type": "array" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a waterfall visual.", - "title": "Values", - "type": "array" + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", + "type": "string" } }, + "required": [ + "ContributorDimensions", + "MeasureFieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartConfiguration": { + "AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" - }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", - "title": "DataLabels" + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "FieldWells" + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", - "title": "Legend" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", + "type": "string" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", - "title": "SortConfiguration" + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", - "title": "VisualPalette" + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", + "type": "string" }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartFieldWells": { + "AWS::QuickSight::Analysis.CustomActionFilterOperation": { "additionalProperties": false, "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" + }, + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" } }, + "required": [ + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartOptions": { + "AWS::QuickSight::Analysis.CustomActionNavigationOperation": { "additionalProperties": false, "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", - "type": "string" + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration": { + "AWS::QuickSight::Analysis.CustomActionSetParametersOperation": { "additionalProperties": false, "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" - }, - "CategorySort": { + "ParameterValueConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.SetParameterValueConfiguration" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", "type": "array" } }, + "required": [ + "ParameterValueConfigurations" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallVisual": { + "AWS::QuickSight::Analysis.CustomActionURLOperation": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", "type": "string" } }, "required": [ - "VisualId" + "URLTarget", + "URLTemplate" ], "type": "object" }, - "AWS::QuickSight::Dashboard.WhatIfPointScenario": { + "AWS::QuickSight::Analysis.CustomColor": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", "type": "string" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", - "title": "Value", - "type": "number" - } - }, - "required": [ - "Date", - "Value" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.WhatIfRangeScenario": { - "additionalProperties": false, - "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", "type": "string" }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", "type": "string" - }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", - "title": "Value", - "type": "number" } }, "required": [ - "EndDate", - "StartDate", - "Value" + "Color" ], "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.WordCloudChartConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", - "title": "SortConfiguration" - }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.WordCloudFieldWells": { - "additionalProperties": false, - "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.WordCloudOptions": { + "AWS::QuickSight::Analysis.CustomContentConfiguration": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", - "type": "string" - }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" - }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", - "type": "string" - }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", "type": "string" }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", "type": "string" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.WordCloudSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "CategorySort", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudVisual": { + "AWS::QuickSight::Analysis.CustomContentVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ + "DataSetIdentifier", "VisualId" ], "type": "object" }, - "AWS::QuickSight::DataSet": { + "AWS::QuickSight::Analysis.CustomFilterConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", - "type": "string" - }, - "ColumnGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnGroup" - }, - "markdownDescription": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.", - "title": "ColumnGroups", - "type": "array" - }, - "ColumnLevelPermissionRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnLevelPermissionRule" - }, - "markdownDescription": "A set of one or more definitions of a `ColumnLevelPermissionRule` .", - "title": "ColumnLevelPermissionRules", - "type": "array" - }, - "DataSetId": { - "markdownDescription": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account.", - "title": "DataSetId", - "type": "string" - }, - "DataSetRefreshProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetRefreshProperties", - "markdownDescription": "The refresh properties of a dataset.", - "title": "DataSetRefreshProperties" - }, - "DataSetUsageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetUsageConfiguration", - "markdownDescription": "The usage configuration to apply to child datasets that reference this dataset as a source.", - "title": "DataSetUsageConfiguration" - }, - "DatasetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DatasetParameter" - }, - "markdownDescription": "The parameters that are declared in a dataset.", - "title": "DatasetParameters", - "type": "array" - }, - "FieldFolders": { - "additionalProperties": false, - "markdownDescription": "The folder that contains fields and nested subfolders for your dataset.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.FieldFolder" - } - }, - "title": "FieldFolders", - "type": "object" - }, - "ImportMode": { - "markdownDescription": "Indicates whether you want to import the data into SPICE.", - "title": "ImportMode", - "type": "string" - }, - "IngestionWaitPolicy": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IngestionWaitPolicy", - "markdownDescription": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours.", - "title": "IngestionWaitPolicy" - }, - "LogicalTableMap": { - "additionalProperties": false, - "markdownDescription": "Configures the combination and transformation of the data from the physical tables.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTable" - } - }, - "title": "LogicalTableMap", - "type": "object" - }, - "Name": { - "markdownDescription": "The display name for the dataset.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions on the dataset.", - "title": "Permissions", - "type": "array" - }, - "PhysicalTableMap": { - "additionalProperties": false, - "markdownDescription": "Declares the physical tables that are available in the underlying data sources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.PhysicalTable" - } - }, - "title": "PhysicalTableMap", - "type": "object" - }, - "RowLevelPermissionDataSet": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionDataSet", - "markdownDescription": "The row-level security configuration for the data that you want to create.", - "title": "RowLevelPermissionDataSet" - }, - "RowLevelPermissionTagConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration", - "markdownDescription": "The element you can use to define tags for row-level security.", - "title": "RowLevelPermissionTagConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::QuickSight::DataSet" - ], + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::QuickSight::DataSet.CalculatedColumn": { - "additionalProperties": false, - "properties": { - "ColumnId": { - "markdownDescription": "A unique ID to identify a calculated column. During a dataset update, if the column ID of a calculated column matches that of an existing calculated column, Amazon QuickSight preserves the existing calculated column.", - "title": "ColumnId", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "ColumnName": { - "markdownDescription": "Column name.", - "title": "ColumnName", + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", "type": "string" }, - "Expression": { - "markdownDescription": "An expression that defines the calculated column.", - "title": "Expression", + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "ColumnId", - "ColumnName", - "Expression" + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::DataSet.CastColumnTypeOperation": { + "AWS::QuickSight::Analysis.CustomFilterListConfiguration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "Column name.", - "title": "ColumnName", - "type": "string" + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" }, - "Format": { - "markdownDescription": "When casting a column from string to datetime type, you can supply a string in a format supported by Amazon QuickSight to denote the source data format.", - "title": "Format", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "NewColumnType": { - "markdownDescription": "New column data type.", - "title": "NewColumnType", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "SubType": { - "markdownDescription": "The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset.", - "title": "SubType", + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "ColumnName", - "NewColumnType" + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::DataSet.ColumnDescription": { + "AWS::QuickSight::Analysis.CustomNarrativeOptions": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The text of a description for a column.", - "title": "Text", + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", "type": "string" } }, + "required": [ + "Narrative" + ], "type": "object" }, - "AWS::QuickSight::DataSet.ColumnGroup": { - "additionalProperties": false, - "properties": { - "GeoSpatialColumnGroup": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.GeoSpatialColumnGroup", - "markdownDescription": "Geospatial column group that denotes a hierarchy.", - "title": "GeoSpatialColumnGroup" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.ColumnLevelPermissionRule": { + "AWS::QuickSight::Analysis.CustomParameterValues": { "additionalProperties": false, "properties": { - "ColumnNames": { + "DateTimeValues": { "items": { "type": "string" }, - "markdownDescription": "An array of column names.", - "title": "ColumnNames", + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", "type": "array" }, - "Principals": { + "DecimalValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", + "type": "array" + }, + "IntegerValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", + "type": "array" + }, + "StringValues": { "items": { "type": "string" }, - "markdownDescription": "An array of Amazon Resource Names (ARNs) for QuickSight users or groups.", - "title": "Principals", + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::DataSet.ColumnTag": { + "AWS::QuickSight::Analysis.CustomValuesConfiguration": { "additionalProperties": false, "properties": { - "ColumnDescription": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnDescription", - "markdownDescription": "A description for a column.", - "title": "ColumnDescription" + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" }, - "ColumnGeographicRole": { - "markdownDescription": "A geospatial role for a column.", - "title": "ColumnGeographicRole", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.CreateColumnsOperation": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CalculatedColumn" - }, - "markdownDescription": "Calculated columns to create.", - "title": "Columns", - "type": "array" + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" } }, "required": [ - "Columns" + "CustomValues" ], "type": "object" }, - "AWS::QuickSight::DataSet.CustomSql": { + "AWS::QuickSight::Analysis.DataBarsOptions": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" - }, - "markdownDescription": "The column schema from the SQL query result set.", - "title": "Columns", - "type": "array" - }, - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data source.", - "title": "DataSourceArn", + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", "type": "string" }, - "Name": { - "markdownDescription": "A display name for the SQL query result.", - "title": "Name", + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", "type": "string" }, - "SqlQuery": { - "markdownDescription": "The SQL query.", - "title": "SqlQuery", + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", "type": "string" } }, "required": [ - "Columns", - "DataSourceArn", - "Name", - "SqlQuery" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSet.DataSetRefreshProperties": { + "AWS::QuickSight::Analysis.DataColor": { "additionalProperties": false, "properties": { - "RefreshConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshConfiguration", - "markdownDescription": "The refresh configuration for a dataset.", - "title": "RefreshConfiguration" + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::DataSet.DataSetUsageConfiguration": { + "AWS::QuickSight::Analysis.DataFieldSeriesItem": { "additionalProperties": false, "properties": { - "DisableUseAsDirectQuerySource": { - "markdownDescription": "An option that controls whether a child dataset of a direct query can use this dataset as a source.", - "title": "DisableUseAsDirectQuerySource", - "type": "boolean" + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" }, - "DisableUseAsImportedSource": { - "markdownDescription": "An option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.", - "title": "DisableUseAsImportedSource", - "type": "boolean" + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, + "required": [ + "AxisBinding", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::DataSet.DatasetParameter": { + "AWS::QuickSight::Analysis.DataLabelOptions": { "additionalProperties": false, "properties": { - "DateTimeDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameter", - "markdownDescription": "A date time parameter that is created in the dataset.", - "title": "DateTimeDatasetParameter" + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", + "type": "string" }, - "DecimalDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameter", - "markdownDescription": "A decimal parameter that is created in the dataset.", - "title": "DecimalDatasetParameter" + "DataLabelTypes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelType" + }, + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", + "type": "array" }, - "IntegerDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameter", - "markdownDescription": "An integer parameter that is created in the dataset.", - "title": "IntegerDatasetParameter" + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", + "type": "string" }, - "StringDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameter", - "markdownDescription": "A string parameter that is created in the dataset.", - "title": "StringDatasetParameter" + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", + "type": "string" + }, + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the data labels.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.DateTimeDatasetParameter": { + "AWS::QuickSight::Analysis.DataLabelType": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given date time parameter. This structure only accepts static values.", - "title": "DefaultValues" + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" }, - "Id": { - "markdownDescription": "An identifier for the parameter that is created in the dataset.", - "title": "Id", - "type": "string" + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" }, - "Name": { - "markdownDescription": "The name of the date time parameter that is created in the dataset.", - "title": "Name", - "type": "string" + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the date time parameter.", - "title": "TimeGranularity", - "type": "string" + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", - "type": "string" + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" } }, - "required": [ - "Id", - "Name", - "ValueType" - ], "type": "object" }, - "AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues": { + "AWS::QuickSight::Analysis.DataPathColor": { "additionalProperties": false, "properties": { - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", - "title": "StaticValues", - "type": "array" + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", + "type": "string" + }, + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", + "type": "string" } }, + "required": [ + "Color", + "Element" + ], "type": "object" }, - "AWS::QuickSight::DataSet.DecimalDatasetParameter": { + "AWS::QuickSight::Analysis.DataPathLabelType": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given decimal parameter. This structure only accepts static values.", - "title": "DefaultValues" - }, - "Id": { - "markdownDescription": "An identifier for the decimal parameter created in the dataset.", - "title": "Id", + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the decimal parameter that is created in the dataset.", - "title": "Name", + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", "type": "string" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Id", - "Name", - "ValueType" - ], "type": "object" }, - "AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues": { + "AWS::QuickSight::Analysis.DataPathSort": { "additionalProperties": false, "properties": { - "StaticValues": { + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", + "type": "string" + }, + "SortPaths": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" }, - "markdownDescription": "A list of static default values for a given decimal parameter.", - "title": "StaticValues", + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", "type": "array" } }, + "required": [ + "Direction", + "SortPaths" + ], "type": "object" }, - "AWS::QuickSight::DataSet.FieldFolder": { + "AWS::QuickSight::Analysis.DataPathType": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "type": "string" - }, - "markdownDescription": "A folder has a list of columns. A column can only be in one folder.", - "title": "Columns", - "type": "array" - }, - "Description": { - "markdownDescription": "The description for a field folder.", - "title": "Description", + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.FilterOperation": { + "AWS::QuickSight::Analysis.DataPathValue": { "additionalProperties": false, "properties": { - "ConditionExpression": { - "markdownDescription": "An expression that must evaluate to a Boolean value. Rows for which the expression evaluates to true are kept in the dataset.", - "title": "ConditionExpression", + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", "type": "string" } }, - "required": [ - "ConditionExpression" - ], "type": "object" }, - "AWS::QuickSight::DataSet.GeoSpatialColumnGroup": { + "AWS::QuickSight::Analysis.DataSetIdentifierDeclaration": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "type": "string" - }, - "markdownDescription": "Columns in this hierarchy.", - "title": "Columns", - "type": "array" - }, - "CountryCode": { - "markdownDescription": "Country code.", - "title": "CountryCode", + "DataSetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", + "title": "DataSetArn", "type": "string" }, - "Name": { - "markdownDescription": "A display name for the hierarchy.", - "title": "Name", + "Identifier": { + "markdownDescription": "The identifier of the data set, typically the data set's name.", + "title": "Identifier", "type": "string" } }, "required": [ - "Columns", - "Name" + "DataSetArn", + "Identifier" ], "type": "object" }, - "AWS::QuickSight::DataSet.IncrementalRefresh": { + "AWS::QuickSight::Analysis.DataSetReference": { "additionalProperties": false, "properties": { - "LookbackWindow": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LookbackWindow", - "markdownDescription": "The lookback window setup for an incremental refresh configuration.", - "title": "LookbackWindow" + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", + "type": "string" + }, + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", + "type": "string" } }, + "required": [ + "DataSetArn", + "DataSetPlaceholder" + ], "type": "object" }, - "AWS::QuickSight::DataSet.IngestionWaitPolicy": { + "AWS::QuickSight::Analysis.DateAxisOptions": { "additionalProperties": false, "properties": { - "IngestionWaitTimeInHours": { - "markdownDescription": "The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. Applicable only when `DataSetImportMode` mode is set to SPICE and `WaitForSpiceIngestion` is set to true.", - "title": "IngestionWaitTimeInHours", - "type": "number" - }, - "WaitForSpiceIngestion": { - "markdownDescription": "Wait for SPICE ingestion to finish to mark dataset creation or update as successful. Default (true). Applicable only when `DataSetImportMode` mode is set to SPICE.", - "title": "WaitForSpiceIngestion", - "type": "boolean" + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.InputColumn": { + "AWS::QuickSight::Analysis.DateDimensionField": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of this column in the underlying data source.", - "title": "Name", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" + }, + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", "type": "string" }, - "SubType": { - "markdownDescription": "The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset.", - "title": "SubType", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "Type": { - "markdownDescription": "The data type of the column.", - "title": "Type", + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "Name", - "Type" + "Column", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSet.IntegerDatasetParameter": { + "AWS::QuickSight::Analysis.DateMeasureField": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given integer parameter. This structure only accepts static values.", - "title": "DefaultValues" - }, - "Id": { - "markdownDescription": "An identifier for the integer parameter created in the dataset.", - "title": "Id", + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", "type": "string" }, - "Name": { - "markdownDescription": "The name of the integer parameter that is created in the dataset.", - "title": "Name", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ - "Id", - "Name", - "ValueType" + "Column", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues": { + "AWS::QuickSight::Analysis.DateTimeDefaultValues": { "additionalProperties": false, "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" + }, "StaticValues": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "A list of static default values for a given integer parameter.", + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::DataSet.JoinInstruction": { + "AWS::QuickSight::Analysis.DateTimeFormatConfiguration": { "additionalProperties": false, "properties": { - "LeftJoinKeyProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", - "markdownDescription": "Join key properties of the left operand.", - "title": "LeftJoinKeyProperties" - }, - "LeftOperand": { - "markdownDescription": "The operand on the left side of a join.", - "title": "LeftOperand", - "type": "string" - }, - "OnClause": { - "markdownDescription": "The join instructions provided in the `ON` clause of a join.", - "title": "OnClause", + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", "type": "string" }, - "RightJoinKeyProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", - "markdownDescription": "Join key properties of the right operand.", - "title": "RightJoinKeyProperties" - }, - "RightOperand": { - "markdownDescription": "The operand on the right side of a join.", - "title": "RightOperand", - "type": "string" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "Type": { - "markdownDescription": "The type of join that it is.", - "title": "Type", - "type": "string" + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" } }, - "required": [ - "LeftOperand", - "OnClause", - "RightOperand", - "Type" - ], "type": "object" }, - "AWS::QuickSight::DataSet.JoinKeyProperties": { + "AWS::QuickSight::Analysis.DateTimeHierarchy": { "additionalProperties": false, "properties": { - "UniqueKey": { - "markdownDescription": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by QuickSight to optimize query performance.", - "title": "UniqueKey", - "type": "boolean" + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", + "type": "string" } }, + "required": [ + "HierarchyId" + ], "type": "object" }, - "AWS::QuickSight::DataSet.LogicalTable": { + "AWS::QuickSight::Analysis.DateTimeParameter": { "additionalProperties": false, "properties": { - "Alias": { - "markdownDescription": "A display name for the logical table.", - "title": "Alias", + "Name": { + "markdownDescription": "A display name for the date-time parameter.", + "title": "Name", "type": "string" }, - "DataTransforms": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.TransformOperation" + "type": "string" }, - "markdownDescription": "Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null.", - "title": "DataTransforms", + "markdownDescription": "The values for the date-time parameter.", + "title": "Values", "type": "array" - }, - "Source": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTableSource", - "markdownDescription": "Source of this logical table.", - "title": "Source" } }, "required": [ - "Alias", - "Source" + "Name", + "Values" ], "type": "object" }, - "AWS::QuickSight::DataSet.LogicalTableSource": { - "additionalProperties": false, - "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the parent dataset.", - "title": "DataSetArn", - "type": "string" - }, - "JoinInstruction": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinInstruction", - "markdownDescription": "Specifies the result of a join of two logical tables.", - "title": "JoinInstruction" - }, - "PhysicalTableId": { - "markdownDescription": "Physical table ID.", - "title": "PhysicalTableId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.LookbackWindow": { + "AWS::QuickSight::Analysis.DateTimeParameterDeclaration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the lookback window column.", - "title": "ColumnName", - "type": "string" - }, - "Size": { - "markdownDescription": "The lookback window column size.", - "title": "Size", - "type": "number" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "SizeUnit": { - "markdownDescription": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` .", - "title": "SizeUnit", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.NewDefaultValues": { - "additionalProperties": false, - "properties": { - "DateTimeStaticValues": { + "MappedDataSetParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, - "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", - "title": "DateTimeStaticValues", + "markdownDescription": "", + "title": "MappedDataSetParameters", "type": "array" }, - "DecimalStaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of static default values for a given decimal parameter.", - "title": "DecimalStaticValues", - "type": "array" + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" }, - "IntegerStaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of static default values for a given integer parameter.", - "title": "IntegerStaticValues", - "type": "array" + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" }, - "StringStaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of static default values for a given string parameter.", - "title": "StringStaticValues", - "type": "array" + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::QuickSight::DataSet.OutputColumn": { + "AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for a column.", - "title": "Description", + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", "type": "string" }, - "Name": { - "markdownDescription": "The display name of the column..", - "title": "Name", + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", "type": "string" }, - "SubType": { - "markdownDescription": "The sub data type of the column.", - "title": "SubType", + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", "type": "string" }, - "Type": { - "markdownDescription": "The data type of the column.", - "title": "Type", - "type": "string" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::DataSet.OverrideDatasetParameterOperation": { + "AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "NewDefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.NewDefaultValues", - "markdownDescription": "The new default values for the parameter.", - "title": "NewDefaultValues" - }, - "NewParameterName": { - "markdownDescription": "The new name for the parameter.", - "title": "NewParameterName", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", "type": "string" }, - "ParameterName": { - "markdownDescription": "The name of the parameter to be overridden with different values.", - "title": "ParameterName", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, - "required": [ - "ParameterName" - ], "type": "object" }, - "AWS::QuickSight::DataSet.PhysicalTable": { + "AWS::QuickSight::Analysis.DecimalDefaultValues": { "additionalProperties": false, "properties": { - "CustomSql": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CustomSql", - "markdownDescription": "A physical table type built from the results of the custom SQL query.", - "title": "CustomSql" - }, - "RelationalTable": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RelationalTable", - "markdownDescription": "A physical table type for relational data sources.", - "title": "RelationalTable" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "S3Source": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.S3Source", - "markdownDescription": "A physical table type for as S3 data source.", - "title": "S3Source" + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::DataSet.ProjectOperation": { + "AWS::QuickSight::Analysis.DecimalParameter": { "additionalProperties": false, "properties": { - "ProjectedColumns": { + "Name": { + "markdownDescription": "A display name for the decimal parameter.", + "title": "Name", + "type": "string" + }, + "Values": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "Projected columns.", - "title": "ProjectedColumns", + "markdownDescription": "The values for the decimal parameter.", + "title": "Values", "type": "array" } }, "required": [ - "ProjectedColumns" + "Name", + "Values" ], "type": "object" }, - "AWS::QuickSight::DataSet.RefreshConfiguration": { - "additionalProperties": false, - "properties": { - "IncrementalRefresh": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IncrementalRefresh", - "markdownDescription": "The incremental refresh for the dataset.", - "title": "IncrementalRefresh" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.RelationalTable": { + "AWS::QuickSight::Analysis.DecimalParameterDeclaration": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog associated with a table.", - "title": "Catalog", - "type": "string" - }, - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", - "title": "DataSourceArn", - "type": "string" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "InputColumns": { + "MappedDataSetParameters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, - "markdownDescription": "The column schema of the table.", - "title": "InputColumns", + "markdownDescription": "", + "title": "MappedDataSetParameters", "type": "array" }, "Name": { - "markdownDescription": "The name of the relational table.", + "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, - "Schema": { - "markdownDescription": "The schema name. This name applies to certain relational database engines.", - "title": "Schema", + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "DataSourceArn", - "InputColumns", - "Name" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::QuickSight::DataSet.RenameColumnOperation": { + "AWS::QuickSight::Analysis.DecimalPlacesConfiguration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column to be renamed.", - "title": "ColumnName", - "type": "string" - }, - "NewColumnName": { - "markdownDescription": "The new name for the column.", - "title": "NewColumnName", - "type": "string" + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" } }, "required": [ - "ColumnName", - "NewColumnName" + "DecimalPlaces" ], "type": "object" }, - "AWS::QuickSight::DataSet.ResourcePermission": { + "AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permisions on", - "title": "Actions", - "type": "array" + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, - "required": [ - "Actions", - "Principal" - ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionDataSet": { + "AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.", - "title": "Arn", - "type": "string" - }, - "FormatVersion": { - "markdownDescription": "The user or group rules associated with the dataset that contains permissions for RLS.\n\nBy default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist.", - "title": "FormatVersion", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace associated with the dataset that contains permissions for RLS.", - "title": "Namespace", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "PermissionPolicy": { - "markdownDescription": "The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only.", - "title": "PermissionPolicy", + "Type": { + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultFilterControlConfiguration": { + "additionalProperties": false, + "properties": { + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" }, - "Status": { - "markdownDescription": "The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", - "title": "Status", + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", "type": "string" } }, "required": [ - "Arn", - "PermissionPolicy" + "ControlOptions", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration": { + "AWS::QuickSight::Analysis.DefaultFilterControlOptions": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", - "title": "Status", - "type": "string" + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" }, - "TagRuleConfigurations": { - "markdownDescription": "The configuration of tags on a dataset to set row-level security.", - "title": "TagRuleConfigurations", - "type": "object" + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" }, - "TagRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagRule" - }, - "markdownDescription": "A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.", - "title": "TagRules", - "type": "array" + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" + }, + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" + }, + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" + }, + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" + }, + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" } }, - "required": [ - "TagRules" - ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionTagRule": { + "AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The column name that a tag key is assigned to.", - "title": "ColumnName", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", "type": "string" }, - "MatchAllValue": { - "markdownDescription": "A string that you want to use to filter by all the values in a column in the dataset and don\u2019t want to list the values one by one. For example, you can use an asterisk as your match all value.", - "title": "MatchAllValue", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "TagKey": { - "markdownDescription": "The unique key for a tag.", - "title": "TagKey", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultFilterListControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "TagMultiValueDelimiter": { - "markdownDescription": "A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.", - "title": "TagMultiValueDelimiter", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", "type": "string" } }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" + } + }, "required": [ - "ColumnName", - "TagKey" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::QuickSight::DataSet.S3Source": { + "AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration": { "additionalProperties": false, "properties": { - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", - "title": "DataSourceArn", - "type": "string" - }, - "InputColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" - }, - "markdownDescription": "A physical table type for an S3 data source.\n\n> For files that aren't JSON, only `STRING` data types are supported in input columns.", - "title": "InputColumns", - "type": "array" - }, - "UploadSettings": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.UploadSettings", - "markdownDescription": "Information about the format for the S3 source file or files.", - "title": "UploadSettings" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" } }, "required": [ - "DataSourceArn", - "InputColumns" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::QuickSight::DataSet.StringDatasetParameter": { + "AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given string dataset parameter type. This structure only accepts static values.", - "title": "DefaultValues" + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" }, - "Id": { - "markdownDescription": "An identifier for the string parameter that is created in the dataset.", - "title": "Id", - "type": "string" + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultNewSheetConfiguration": { + "additionalProperties": false, + "properties": { + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" }, - "Name": { - "markdownDescription": "The name of the string parameter that is created in the dataset.", - "title": "Name", - "type": "string" + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", "type": "string" } }, - "required": [ - "Id", - "Name", - "ValueType" - ], "type": "object" }, - "AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues": { + "AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration": { "additionalProperties": false, "properties": { - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of static default values for a given string parameter.", - "title": "StaticValues", - "type": "array" + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" } }, "type": "object" }, - "AWS::QuickSight::DataSet.TagColumnOperation": { + "AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The column that this operation acts on.", - "title": "ColumnName", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnTag" - }, - "markdownDescription": "The dataset column tag, currently only used for geospatial type tagging.\n\n> This is not tags for the AWS tagging feature.", - "title": "Tags", - "type": "array" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" } }, "required": [ - "ColumnName", - "Tags" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::QuickSight::DataSet.TransformOperation": { + "AWS::QuickSight::Analysis.DefaultSliderControlOptions": { "additionalProperties": false, "properties": { - "CastColumnTypeOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CastColumnTypeOperation", - "markdownDescription": "A transform operation that casts a column to a different type.", - "title": "CastColumnTypeOperation" - }, - "CreateColumnsOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CreateColumnsOperation", - "markdownDescription": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure.", - "title": "CreateColumnsOperation" - }, - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.FilterOperation", - "markdownDescription": "An operation that filters rows based on some condition.", - "title": "FilterOperation" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "OverrideDatasetParameterOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.OverrideDatasetParameterOperation", - "markdownDescription": "A transform operation that overrides the dataset parameter values that are defined in another dataset.", - "title": "OverrideDatasetParameterOperation" + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "ProjectOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ProjectOperation", - "markdownDescription": "An operation that projects columns. Operations that come after a projection can only refer to projected columns.", - "title": "ProjectOperation" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" }, - "RenameColumnOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RenameColumnOperation", - "markdownDescription": "An operation that renames a column.", - "title": "RenameColumnOperation" + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" }, - "TagColumnOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.TagColumnOperation", - "markdownDescription": "An operation that tags a column with additional information.", - "title": "TagColumnOperation" + "Type": { + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" } }, + "required": [ + "MaximumValue", + "MinimumValue", + "StepSize" + ], "type": "object" }, - "AWS::QuickSight::DataSet.UploadSettings": { + "AWS::QuickSight::Analysis.DefaultTextAreaControlOptions": { "additionalProperties": false, "properties": { - "ContainsHeader": { - "markdownDescription": "Whether the file has a header row, or the files each have a header row.", - "title": "ContainsHeader", - "type": "boolean" - }, "Delimiter": { - "markdownDescription": "The delimiter between values in the file.", + "markdownDescription": "The delimiter that is used to separate the lines in text.", "title": "Delimiter", "type": "string" }, - "Format": { - "markdownDescription": "File format.", - "title": "Format", - "type": "string" - }, - "StartFromRow": { - "markdownDescription": "A row number to start reading data from.", - "title": "StartFromRow", - "type": "number" - }, - "TextQualifier": { - "markdownDescription": "Text qualifier.", - "title": "TextQualifier", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::DataSource": { + "AWS::QuickSight::Analysis.DefaultTextFieldControlOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DestinationParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlternateDataSourceParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" - }, - "markdownDescription": "A set of alternate data source parameters that you want to share for the credentials stored with this data source. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the credentials from this existing data source. If the `AlternateDataSourceParameters` list is null, the `Credentials` originally used with this `DataSourceParameters` are automatically allowed.", - "title": "AlternateDataSourceParameters", - "type": "array" - }, - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", - "type": "string" - }, - "Credentials": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceCredentials", - "markdownDescription": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported.", - "title": "Credentials" - }, - "DataSourceId": { - "markdownDescription": "An ID for the data source. This ID is unique per AWS Region for each AWS account.", - "title": "DataSourceId", - "type": "string" - }, - "DataSourceParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters", - "markdownDescription": "The parameters that Amazon QuickSight uses to connect to your underlying source.", - "title": "DataSourceParameters" - }, - "ErrorInfo": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceErrorInfo", - "markdownDescription": "Error information from the last update or the creation of the data source.", - "title": "ErrorInfo" - }, - "Name": { - "markdownDescription": "A display name for the data source.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions on the data source.", - "title": "Permissions", - "type": "array" - }, - "SslProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SslProperties", - "markdownDescription": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source.", - "title": "SslProperties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service.", - "title": "Type", - "type": "string" - }, - "VpcConnectionProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", - "markdownDescription": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source.", - "title": "VpcConnectionProperties" - } - }, - "type": "object" + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" }, - "Type": { - "enum": [ - "AWS::QuickSight::DataSource" - ], + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::QuickSight::DataSource.AmazonElasticsearchParameters": { + "AWS::QuickSight::Analysis.DimensionField": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The OpenSearch domain.", - "title": "Domain", - "type": "string" + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" + }, + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" + }, + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" } }, - "required": [ - "Domain" - ], "type": "object" }, - "AWS::QuickSight::DataSource.AmazonOpenSearchParameters": { + "AWS::QuickSight::Analysis.DonutCenterOptions": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The OpenSearch domain.", - "title": "Domain", + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", "type": "string" } }, - "required": [ - "Domain" - ], "type": "object" }, - "AWS::QuickSight::DataSource.AthenaParameters": { + "AWS::QuickSight::Analysis.DonutOptions": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", - "title": "RoleArn", - "type": "string" + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" }, - "WorkGroup": { - "markdownDescription": "The workgroup that Amazon Athena uses.", - "title": "WorkGroup", - "type": "string" + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" } }, "type": "object" }, - "AWS::QuickSight::DataSource.AuroraParameters": { + "AWS::QuickSight::Analysis.DrillDownFilter": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.AuroraPostgreSqlParameters": { + "AWS::QuickSight::Analysis.DropDownControlDisplayOptions": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The Amazon Aurora PostgreSQL database to connect to.", - "title": "Database", - "type": "string" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "Host": { - "markdownDescription": "The Amazon Aurora PostgreSQL-Compatible host to connect to.", - "title": "Host", - "type": "string" + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" }, - "Port": { - "markdownDescription": "The port that Amazon Aurora PostgreSQL is listening on.", - "title": "Port", - "type": "number" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DynamicDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" + }, + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" + }, + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" } }, "required": [ - "Database", - "Host", - "Port" + "DefaultValueColumn" ], "type": "object" }, - "AWS::QuickSight::DataSource.CredentialPair": { + "AWS::QuickSight::Analysis.EmptyVisual": { "additionalProperties": false, "properties": { - "AlternateDataSourceParameters": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, - "markdownDescription": "A set of alternate data source parameters that you want to share for these credentials. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the new data source with the existing credentials. If the `AlternateDataSourceParameters` list is null, the `DataSourceParameters` originally used with these `Credentials` is automatically allowed.", - "title": "AlternateDataSourceParameters", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "Password": { - "markdownDescription": "Password.", - "title": "Password", + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", "type": "string" }, - "Username": { - "markdownDescription": "User name.", - "title": "Username", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Password", - "Username" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceCredentials": { + "AWS::QuickSight::Analysis.Entity": { "additionalProperties": false, "properties": { - "CopySourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use. When `CopySourceArn` is not null, the credential pair from the data source in the ARN is used as the credentials for the `DataSourceCredentials` structure.", - "title": "CopySourceArn", - "type": "string" - }, - "CredentialPair": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.CredentialPair", - "markdownDescription": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` .", - "title": "CredentialPair" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret associated with the data source in AWS Secrets Manager .", - "title": "SecretArn", + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceErrorInfo": { + "AWS::QuickSight::Analysis.ExcludePeriodConfiguration": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Error message.", - "title": "Message", + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", + "type": "number" + }, + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", "type": "string" }, - "Type": { - "markdownDescription": "Error type.", - "title": "Type", + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", "type": "string" } }, + "required": [ + "Amount", + "Granularity" + ], "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceParameters": { + "AWS::QuickSight::Analysis.ExplicitHierarchy": { "additionalProperties": false, "properties": { - "AmazonElasticsearchParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonElasticsearchParameters", - "markdownDescription": "The parameters for OpenSearch.", - "title": "AmazonElasticsearchParameters" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", + "type": "array" }, - "AmazonOpenSearchParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonOpenSearchParameters", - "markdownDescription": "The parameters for OpenSearch.", - "title": "AmazonOpenSearchParameters" + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", + "type": "array" }, - "AthenaParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AthenaParameters", - "markdownDescription": "The parameters for Amazon Athena.", - "title": "AthenaParameters" - }, - "AuroraParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraParameters", - "markdownDescription": "The parameters for Amazon Aurora MySQL.", - "title": "AuroraParameters" - }, - "AuroraPostgreSqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraPostgreSqlParameters", - "markdownDescription": "The parameters for Amazon Aurora.", - "title": "AuroraPostgreSqlParameters" - }, - "DatabricksParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DatabricksParameters", - "markdownDescription": "The required parameters that are needed to connect to a Databricks data source.", - "title": "DatabricksParameters" - }, - "MariaDbParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.MariaDbParameters", - "markdownDescription": "The parameters for MariaDB.", - "title": "MariaDbParameters" - }, - "MySqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.MySqlParameters", - "markdownDescription": "The parameters for MySQL.", - "title": "MySqlParameters" - }, - "OracleParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.OracleParameters", - "markdownDescription": "Oracle parameters.", - "title": "OracleParameters" - }, - "PostgreSqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.PostgreSqlParameters", - "markdownDescription": "The parameters for PostgreSQL.", - "title": "PostgreSqlParameters" - }, - "PrestoParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.PrestoParameters", - "markdownDescription": "The parameters for Presto.", - "title": "PrestoParameters" - }, - "RdsParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.RdsParameters", - "markdownDescription": "The parameters for Amazon RDS.", - "title": "RdsParameters" - }, - "RedshiftParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftParameters", - "markdownDescription": "The parameters for Amazon Redshift.", - "title": "RedshiftParameters" - }, - "S3Parameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.S3Parameters", - "markdownDescription": "The parameters for S3.", - "title": "S3Parameters" - }, - "SnowflakeParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SnowflakeParameters", - "markdownDescription": "The parameters for Snowflake.", - "title": "SnowflakeParameters" - }, - "SparkParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SparkParameters", - "markdownDescription": "The parameters for Spark.", - "title": "SparkParameters" - }, - "SqlServerParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SqlServerParameters", - "markdownDescription": "The parameters for SQL Server.", - "title": "SqlServerParameters" - }, - "StarburstParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.StarburstParameters", - "markdownDescription": "The parameters that are required to connect to a Starburst data source.", - "title": "StarburstParameters" - }, - "TeradataParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.TeradataParameters", - "markdownDescription": "The parameters for Teradata.", - "title": "TeradataParameters" - }, - "TrinoParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.TrinoParameters", - "markdownDescription": "The parameters that are required to connect to a Trino data source.", - "title": "TrinoParameters" + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", + "type": "string" } }, + "required": [ + "Columns", + "HierarchyId" + ], "type": "object" }, - "AWS::QuickSight::DataSource.DatabricksParameters": { + "AWS::QuickSight::Analysis.FieldBasedTooltip": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "The host name of the Databricks data source.", - "title": "Host", + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", "type": "string" }, - "Port": { - "markdownDescription": "The port for the Databricks data source.", - "title": "Port", - "type": "number" + "TooltipFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipItem" + }, + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", + "type": "array" }, - "SqlEndpointPath": { - "markdownDescription": "The HTTP path of the Databricks data source.", - "title": "SqlEndpointPath", + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", "type": "string" } }, - "required": [ - "Host", - "Port", - "SqlEndpointPath" - ], "type": "object" }, - "AWS::QuickSight::DataSource.ManifestFileLocation": { + "AWS::QuickSight::Analysis.FieldLabelType": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "Amazon S3 bucket.", - "title": "Bucket", + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", "type": "string" }, - "Key": { - "markdownDescription": "Amazon S3 key that identifies an object.", - "title": "Key", + "Visibility": { + "markdownDescription": "The visibility of the field label.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::QuickSight::DataSource.MariaDbParameters": { + "AWS::QuickSight::Analysis.FieldSeriesItem": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "FieldId": { + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", + "title": "FieldId", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, "required": [ - "Database", - "Host", - "Port" + "AxisBinding", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSource.MySqlParameters": { + "AWS::QuickSight::Analysis.FieldSort": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", "type": "string" - }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" } }, "required": [ - "Database", - "Host", - "Port" + "Direction", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSource.OracleParameters": { + "AWS::QuickSight::Analysis.FieldSortOptions": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" - }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.PostgreSqlParameters": { + "AWS::QuickSight::Analysis.FieldTooltipItem": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "string" } }, "required": [ - "Database", - "Host", - "Port" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSource.PrestoParameters": { + "AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "Catalog.", - "title": "Catalog", - "type": "string" - }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", + "type": "array" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, "required": [ - "Catalog", - "Host", - "Port" + "ConditionalFormattingOptions" ], "type": "object" }, - "AWS::QuickSight::DataSource.RdsParameters": { + "AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "Instance ID.", - "title": "InstanceId", - "type": "string" + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" } }, "required": [ - "Database", - "InstanceId" + "Shape" ], "type": "object" }, - "AWS::QuickSight::DataSource.RedshiftParameters": { + "AWS::QuickSight::Analysis.FilledMapConfiguration": { "additionalProperties": false, "properties": { - "ClusterId": { - "markdownDescription": "Cluster ID. This field can be blank if the `Host` and `Port` are provided.", - "title": "ClusterId", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Host": { - "markdownDescription": "Host. This field can be blank if `ClusterId` is provided.", - "title": "Host", + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapFieldWells": { + "additionalProperties": false, + "properties": { + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", "type": "string" }, - "Port": { - "markdownDescription": "Port. This field can be blank if the `ClusterId` is provided.", - "title": "Port", - "type": "number" + "Format": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" } }, "required": [ - "Database" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSource.ResourcePermission": { + "AWS::QuickSight::Analysis.FilledMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the location fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", + "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Actions", - "Principal" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::DataSource.S3Parameters": { + "AWS::QuickSight::Analysis.Filter": { "additionalProperties": false, "properties": { - "ManifestFileLocation": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.ManifestFileLocation", - "markdownDescription": "Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Amazon QuickSight.", - "title": "ManifestFileLocation" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" }, - "RoleArn": { - "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.", - "title": "RoleArn", - "type": "string" + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" + }, + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" + }, + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" + }, + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" } }, - "required": [ - "ManifestFileLocation" - ], "type": "object" }, - "AWS::QuickSight::DataSource.SnowflakeParameters": { + "AWS::QuickSight::Analysis.FilterControl": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" }, - "Warehouse": { - "markdownDescription": "Warehouse.", - "title": "Warehouse", - "type": "string" + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" } }, - "required": [ - "Database", - "Host", - "Warehouse" - ], "type": "object" }, - "AWS::QuickSight::DataSource.SparkParameters": { + "AWS::QuickSight::Analysis.FilterCrossSheetControl": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", + "type": "string" } }, "required": [ - "Host", - "Port" + "FilterControlId", + "SourceFilterId" ], "type": "object" }, - "AWS::QuickSight::DataSource.SqlServerParameters": { + "AWS::QuickSight::Analysis.FilterDateTimePickerControl": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" } }, "required": [ - "Database", - "Host", - "Port" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSource.SslProperties": { + "AWS::QuickSight::Analysis.FilterDropDownControl": { "additionalProperties": false, "properties": { - "DisableSsl": { - "markdownDescription": "A Boolean option to control whether SSL should be disabled.", - "title": "DisableSsl", - "type": "boolean" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], "type": "object" }, - "AWS::QuickSight::DataSource.StarburstParameters": { + "AWS::QuickSight::Analysis.FilterGroup": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog name for the Starburst data source.", - "title": "Catalog", + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", "type": "string" }, - "Host": { - "markdownDescription": "The host name of the Starburst data source.", - "title": "Host", + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", "type": "string" }, - "Port": { - "markdownDescription": "The port for the Starburst data source.", - "title": "Port", - "type": "number" + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Filter" + }, + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", + "type": "array" }, - "ProductType": { - "markdownDescription": "The product type for the Starburst data source.", - "title": "ProductType", + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" + }, + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", "type": "string" } }, "required": [ - "Catalog", - "Host", - "Port" + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" ], "type": "object" }, - "AWS::QuickSight::DataSource.TeradataParameters": { + "AWS::QuickSight::Analysis.FilterListConfiguration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" } }, "required": [ - "Database", - "Host", - "Port" + "MatchOperator" ], "type": "object" }, - "AWS::QuickSight::DataSource.TrinoParameters": { + "AWS::QuickSight::Analysis.FilterListControl": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog name for the Trino data source.", - "title": "Catalog", + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", "type": "string" }, - "Host": { - "markdownDescription": "The host name of the Trino data source.", - "title": "Host", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", "type": "string" }, - "Port": { - "markdownDescription": "The port for the Trino data source.", - "title": "Port", - "type": "number" + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" } }, "required": [ - "Catalog", - "Host", - "Port" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSource.VpcConnectionProperties": { + "AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration": { "additionalProperties": false, "properties": { - "VpcConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the VPC connection.", - "title": "VpcConnectionArn", + "SelectedColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + }, + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", + "type": "array" + }, + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", "type": "string" + }, + "SelectedFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", + "type": "array" } }, - "required": [ - "VpcConnectionArn" - ], "type": "object" }, - "AWS::QuickSight::RefreshSchedule": { + "AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilterRelativeDateTimeControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID of the account that you are creating a schedule in.", - "title": "AwsAccountId", - "type": "string" - }, - "DataSetId": { - "markdownDescription": "The ID of the dataset that you are creating a refresh schedule for.", - "title": "DataSetId", - "type": "string" - }, - "Schedule": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshScheduleMap", - "markdownDescription": "The refresh schedule of a dataset.", - "title": "Schedule" - } - }, - "type": "object" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" }, - "Type": { - "enum": [ - "AWS::QuickSight::RefreshSchedule" - ], + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Type" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::RefreshSchedule.RefreshOnDay": { + "AWS::QuickSight::Analysis.FilterScopeConfiguration": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month that you want your dataset to refresh. This value is required for monthly refresh intervals.", - "title": "DayOfMonth", - "type": "string" + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" }, - "DayOfWeek": { - "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", - "title": "DayOfWeek", - "type": "string" + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" } }, "type": "object" }, - "AWS::QuickSight::RefreshSchedule.RefreshScheduleMap": { + "AWS::QuickSight::Analysis.FilterSelectableValues": { "additionalProperties": false, "properties": { - "RefreshType": { - "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *QuickSight User Guide* .", - "title": "RefreshType", - "type": "string" - }, - "ScheduleFrequency": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.ScheduleFrequency", - "markdownDescription": "The frequency for the refresh schedule.", - "title": "ScheduleFrequency" - }, - "ScheduleId": { - "markdownDescription": "An identifier for the refresh schedule.", - "title": "ScheduleId", - "type": "string" - }, - "StartAfterDateTime": { - "markdownDescription": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format.", - "title": "StartAfterDateTime", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::RefreshSchedule.ScheduleFrequency": { + "AWS::QuickSight::Analysis.FilterSliderControl": { "additionalProperties": false, "properties": { - "Interval": { - "markdownDescription": "The interval between scheduled refreshes. Valid values are as follows:\n\n- `MINUTE15` : The dataset refreshes every 15 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `MINUTE30` : The dataset refreshes every 30 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `HOURLY` : The dataset refreshes every hour. This interval can only be used for one schedule per dataset.\n- `DAILY` : The dataset refreshes every day.\n- `WEEKLY` : The dataset refreshes every week.\n- `MONTHLY` : The dataset refreshes every month.", - "title": "Interval", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", "type": "string" }, - "RefreshOnDay": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshOnDay", - "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", - "title": "RefreshOnDay" + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "TimeOfTheDay": { - "markdownDescription": "The time of day that you want the dataset to refresh. This value is expressed in HH:MM format. This field is not required for schedules that refresh hourly.", - "title": "TimeOfTheDay", + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", "type": "string" }, - "TimeZone": { - "markdownDescription": "The timezone that you want the refresh schedule to use. The timezone ID must match a corresponding ID found on `java.util.time.getAvailableIDs()` .", - "title": "TimeZone", + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", "type": "string" } }, + "required": [ + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Template": { + "AWS::QuickSight::Analysis.FilterTextAreaControl": { "additionalProperties": false, "properties": { - "Condition": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", - "title": "AwsAccountId", - "type": "string" - }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateVersionDefinition", - "markdownDescription": "", - "title": "Definition" - }, - "Name": { - "markdownDescription": "A display name for the template.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions to be set on the template.", - "title": "Permissions", - "type": "array" - }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceEntity", - "markdownDescription": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", - "title": "SourceEntity" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource.", - "title": "Tags", - "type": "array" - }, - "TemplateId": { - "markdownDescription": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account.", - "title": "TemplateId", - "type": "string" - }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" - }, - "VersionDescription": { - "markdownDescription": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field.", - "title": "VersionDescription", - "type": "string" - } - }, - "required": [ - "AwsAccountId", - "TemplateId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::QuickSight::Template" - ], + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Type", - "Properties" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::Template.AggregationFunction": { + "AWS::QuickSight::Analysis.FilterTextFieldControl": { "additionalProperties": false, "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", "type": "string" }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", "type": "string" }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.AggregationSortConfiguration": { - "additionalProperties": false, - "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" - }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Column", - "SortDirection" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::Template.AnalysisDefaults": { + "AWS::QuickSight::Analysis.FontConfiguration": { "additionalProperties": false, "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", + "type": "string" + }, + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", + "type": "string" + }, + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", + "type": "string" + }, + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" + }, + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", + "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" } }, - "required": [ - "DefaultNewSheetConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Template.AnchorDateConfiguration": { + "AWS::QuickSight::Analysis.FontSize": { "additionalProperties": false, "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", "type": "string" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ArcAxisConfiguration": { + "AWS::QuickSight::Analysis.FontWeight": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" - }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ArcAxisDisplayRange": { + "AWS::QuickSight::Analysis.ForecastComputation": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", "type": "number" }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ArcConfiguration": { - "additionalProperties": false, - "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", "type": "number" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Template.ArcOptions": { + "AWS::QuickSight::Analysis.ForecastConfiguration": { "additionalProperties": false, "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" + }, + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" } }, "type": "object" }, - "AWS::QuickSight::Template.AssetOptions": { + "AWS::QuickSight::Analysis.ForecastScenario": { "additionalProperties": false, "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", - "type": "string" + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", - "type": "string" + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" } }, "type": "object" }, - "AWS::QuickSight::Template.AttributeAggregationFunction": { + "AWS::QuickSight::Analysis.FormatConfiguration": { "additionalProperties": false, "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", - "type": "string" + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", - "type": "string" + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" + }, + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisDataOptions": { + "AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" - }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayMinMaxRange": { + "AWS::QuickSight::Analysis.FreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", - "type": "number" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", - "type": "number" + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", + "type": "array" } }, + "required": [ + "Elements" + ], "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayOptions": { + "AWS::QuickSight::Analysis.FreeFormLayoutElement": { "additionalProperties": false, "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", - "type": "string" + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", "type": "string" }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", "type": "string" }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.AxisDisplayRange": { - "additionalProperties": false, - "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", - "type": "object" + "RenderingRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementRenderingRule" + }, + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", + "type": "array" }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.AxisLabelOptions": { - "additionalProperties": false, - "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.AxisLabelReferenceOptions": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", + "type": "string" }, - "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", - "title": "FieldId", + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" + }, + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", "type": "string" } }, "required": [ - "Column", - "FieldId" + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" ], "type": "object" }, - "AWS::QuickSight::Template.AxisLinearScale": { + "AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", - "type": "number" + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", + "type": "string" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", - "type": "number" + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisLogarithmicScale": { + "AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", - "type": "number" + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisScale": { + "AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" - }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" } }, + "required": [ + "OptimizedViewPortWidth" + ], "type": "object" }, - "AWS::QuickSight::Template.AxisTickLabelOptions": { + "AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration": { "additionalProperties": false, "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" - }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" } }, + "required": [ + "Elements" + ], "type": "object" }, - "AWS::QuickSight::Template.BarChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", "title": "Category", "type": "array" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", - "type": "array" - }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", - "type": "array" - }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartConfiguration": { + "AWS::QuickSight::Analysis.FunnelChartConfiguration": { "additionalProperties": false, "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" - }, "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", "title": "CategoryLabelOptions" }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" - }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartFieldWells", - "markdownDescription": "The field wells of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FieldWells" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", - "type": "string" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", "title": "Tooltip" }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" - }, "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", "title": "ValueLabelOptions" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartFieldWells": { + "AWS::QuickSight::Analysis.FunnelChartDataLabelOptions": { "additionalProperties": false, "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", + "type": "string" + }, + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", + "type": "string" + }, + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartSortConfiguration": { + "AWS::QuickSight::Analysis.FunnelChartFieldWells": { + "additionalProperties": false, + "properties": { + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FunnelChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The sort configuration of category fields.", + "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", - "type": "array" - }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" - }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartVisual": { + "AWS::QuickSight::Analysis.FunnelChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -210781,258 +224874,211 @@ ], "type": "object" }, - "AWS::QuickSight::Template.BinCountOptions": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.BinWidthOptions": { + "AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting": { "additionalProperties": false, "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" - }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", - "type": "number" + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" } }, "type": "object" }, - "AWS::QuickSight::Template.BodySectionConfiguration": { + "AWS::QuickSight::Analysis.GaugeChartColorConfiguration": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" - }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" - }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", + "type": "string" } }, - "required": [ - "Content", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Template.BodySectionContent": { + "AWS::QuickSight::Analysis.GaugeChartConditionalFormatting": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotAggregatedFieldWells": { + "AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", - "type": "array" + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotChartConfiguration": { + "AWS::QuickSight::Analysis.GaugeChartConfiguration": { "additionalProperties": false, "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotFieldWells", - "markdownDescription": "The field wells of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", "title": "FieldWells" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "TooltipOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotFieldWells": { + "AWS::QuickSight::Analysis.GaugeChartFieldWells": { "additionalProperties": false, "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotOptions": { + "AWS::QuickSight::Analysis.GaugeChartOptions": { "additionalProperties": false, "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", - "type": "string" + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" + }, + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", "type": "string" }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotSortConfiguration": { + "AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.BoxPlotStyleOptions": { - "additionalProperties": false, - "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", - "type": "string" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotVisual": { + "AWS::QuickSight::Analysis.GaugeChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } @@ -211042,686 +225088,633 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CalculatedField": { + "AWS::QuickSight::Analysis.GeospatialCategoricalColor": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", - "type": "string" + "CategoryDataColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCategoricalDataColor" + }, + "markdownDescription": "A list of categorical data colors for each category.", + "title": "CategoryDataColors", + "type": "array" }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", - "type": "string" + "DefaultOpacity": { + "markdownDescription": "The default opacity of a categorical color.", + "title": "DefaultOpacity", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the calculated field.", - "title": "Name", + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", "type": "string" } }, "required": [ - "DataSetIdentifier", - "Expression", - "Name" + "CategoryDataColors" ], "type": "object" }, - "AWS::QuickSight::Template.CalculatedMeasureField": { + "AWS::QuickSight::Analysis.GeospatialCategoricalDataColor": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", + "Color": { + "markdownDescription": "The color and opacity values for the category data color.", + "title": "Color", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DataValue": { + "markdownDescription": "The data value for the category data color.", + "title": "DataValue", "type": "string" } }, "required": [ - "Expression", - "FieldId" + "Color", + "DataValue" ], "type": "object" }, - "AWS::QuickSight::Template.CascadingControlConfiguration": { + "AWS::QuickSight::Analysis.GeospatialCircleRadius": { "additionalProperties": false, "properties": { - "SourceControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlSource" - }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", - "type": "array" + "Radius": { + "markdownDescription": "The positive value for the radius of a circle.", + "title": "Radius", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.CascadingControlSource": { + "AWS::QuickSight::Analysis.GeospatialCircleSymbolStyle": { "additionalProperties": false, "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" + "CircleRadius": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCircleRadius", + "markdownDescription": "The radius of the circle.", + "title": "CircleRadius" }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", - "type": "string" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width of the stroke (border).", + "title": "StrokeWidth" } }, "type": "object" }, - "AWS::QuickSight::Template.CategoricalDimensionField": { + "AWS::QuickSight::Analysis.GeospatialColor": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "Categorical": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCategoricalColor", + "markdownDescription": "The visualization properties for the categorical color.", + "title": "Categorical" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialGradientColor", + "markdownDescription": "The visualization properties for the gradient color.", + "title": "Gradient" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialSolidColor", + "markdownDescription": "The visualization properties for the solid color.", + "title": "Solid" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.CategoricalMeasureField": { + "AWS::QuickSight::Analysis.GeospatialCoordinateBounds": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", - "type": "string" + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" } }, "required": [ - "Column", - "FieldId" + "East", + "North", + "South", + "West" ], "type": "object" }, - "AWS::QuickSight::Template.CategoryDrillDownFilter": { + "AWS::QuickSight::Analysis.GeospatialDataSourceItem": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "StaticFileDataSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialStaticFileSource", + "markdownDescription": "The static file data source properties for the geospatial data.", + "title": "StaticFileDataSource" } }, - "required": [ - "CategoryValues", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Template.CategoryFilter": { + "AWS::QuickSight::Analysis.GeospatialGradientColor": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" + "DefaultOpacity": { + "markdownDescription": "The default opacity for the gradient color.", + "title": "DefaultOpacity", + "type": "number" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", "type": "string" + }, + "StepColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialGradientStepColor" + }, + "markdownDescription": "A list of gradient step colors for the gradient.", + "title": "StepColors", + "type": "array" } }, "required": [ - "Column", - "Configuration", - "FilterId" + "StepColors" ], "type": "object" }, - "AWS::QuickSight::Template.CategoryFilterConfiguration": { + "AWS::QuickSight::Analysis.GeospatialGradientStepColor": { "additionalProperties": false, "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" - }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "Color": { + "markdownDescription": "The color and opacity values for the gradient step color.", + "title": "Color", + "type": "string" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" + "DataValue": { + "markdownDescription": "The data value for the gradient step color.", + "title": "DataValue", + "type": "number" } }, + "required": [ + "Color", + "DataValue" + ], "type": "object" }, - "AWS::QuickSight::Template.ChartAxisLabelOptions": { + "AWS::QuickSight::Analysis.GeospatialHeatmapColorScale": { "additionalProperties": false, "properties": { - "AxisLabelOptions": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapDataColor" }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", "type": "array" - }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", - "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ClusterMarker": { + "AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration": { "additionalProperties": false, "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Template.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" } }, "type": "object" }, - "AWS::QuickSight::Template.ClusterMarkerConfiguration": { + "AWS::QuickSight::Analysis.GeospatialHeatmapDataColor": { "additionalProperties": false, "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", + "type": "string" } }, + "required": [ + "Color" + ], "type": "object" }, - "AWS::QuickSight::Template.ColorScale": { + "AWS::QuickSight::Analysis.GeospatialLayerColorField": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", - "type": "string" - }, - "Colors": { + "ColorDimensionsFields": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataColor" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", + "markdownDescription": "A list of color dimension fields.", + "title": "ColorDimensionsFields", "type": "array" }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" + "ColorValuesFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "A list of color measure fields.", + "title": "ColorValuesFields", + "type": "array" } }, - "required": [ - "ColorFillType", - "Colors" - ], "type": "object" }, - "AWS::QuickSight::Template.ColorsConfiguration": { + "AWS::QuickSight::Analysis.GeospatialLayerDefinition": { "additionalProperties": false, "properties": { - "CustomColors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomColor" - }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", - "type": "array" + "LineLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineLayer", + "markdownDescription": "The definition for a line layer.", + "title": "LineLayer" + }, + "PointLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointLayer", + "markdownDescription": "The definition for a point layer.", + "title": "PointLayer" + }, + "PolygonLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonLayer", + "markdownDescription": "The definition for a polygon layer.", + "title": "PolygonLayer" } }, "type": "object" }, - "AWS::QuickSight::Template.ColumnConfiguration": { + "AWS::QuickSight::Analysis.GeospatialLayerItem": { "additionalProperties": false, "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerCustomAction" + }, + "markdownDescription": "A list of custom actions for a layer.", + "title": "Actions", + "type": "array" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" + "DataSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialDataSourceItem", + "markdownDescription": "The data source for the layer.", + "title": "DataSource" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" + "JoinDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerJoinDefinition", + "markdownDescription": "The join definition properties for a layer.", + "title": "JoinDefinition" }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", + "Label": { + "markdownDescription": "The label that is displayed for the layer.", + "title": "Label", + "type": "string" + }, + "LayerDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerDefinition", + "markdownDescription": "The definition properties for a layer.", + "title": "LayerDefinition" + }, + "LayerId": { + "markdownDescription": "The ID of the layer.", + "title": "LayerId", + "type": "string" + }, + "LayerType": { + "markdownDescription": "The layer type.", + "title": "LayerType", + "type": "string" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "", + "title": "Tooltip" + }, + "Visibility": { + "markdownDescription": "The state of visibility for the layer.", + "title": "Visibility", "type": "string" } }, "required": [ - "Column" + "LayerId" ], "type": "object" }, - "AWS::QuickSight::Template.ColumnGroupColumnSchema": { + "AWS::QuickSight::Analysis.GeospatialLayerJoinDefinition": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the column group's column schema.", - "title": "Name", + "ColorField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerColorField", + "markdownDescription": "The geospatial color field for the join definition.", + "title": "ColorField" + }, + "DatasetKeyField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField", + "markdownDescription": "", + "title": "DatasetKeyField" + }, + "ShapeKeyField": { + "markdownDescription": "The name of the field or property in the geospatial data source.", + "title": "ShapeKeyField", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ColumnGroupSchema": { + "AWS::QuickSight::Analysis.GeospatialLayerMapConfiguration": { "additionalProperties": false, "properties": { - "ColumnGroupColumnSchemaList": { + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "MapLayers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupColumnSchema" + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerItem" }, - "markdownDescription": "A structure containing the list of schemas for column group columns.", - "title": "ColumnGroupColumnSchemaList", + "markdownDescription": "The geospatial layers to visualize on the map.", + "title": "MapLayers", "type": "array" }, - "Name": { - "markdownDescription": "The name of the column group schema.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ColumnHierarchy": { - "additionalProperties": false, - "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" - }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" + "MapState": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapState", + "markdownDescription": "The map state properties for the map.", + "title": "MapState" }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" + "MapStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyle", + "markdownDescription": "The map style properties for the map.", + "title": "MapStyle" } }, "type": "object" }, - "AWS::QuickSight::Template.ColumnIdentifier": { + "AWS::QuickSight::Analysis.GeospatialLineLayer": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", - "type": "string" - }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineStyle", + "markdownDescription": "The visualization style for a line layer.", + "title": "Style" } }, "required": [ - "ColumnName", - "DataSetIdentifier" + "Style" ], "type": "object" }, - "AWS::QuickSight::Template.ColumnSchema": { + "AWS::QuickSight::Analysis.GeospatialLineStyle": { "additionalProperties": false, "properties": { - "DataType": { - "markdownDescription": "The data type of the column schema.", - "title": "DataType", - "type": "string" - }, - "GeographicRole": { - "markdownDescription": "The geographic role of the column schema.", - "title": "GeographicRole", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the column schema.", - "title": "Name", - "type": "string" + "LineSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineSymbolStyle", + "markdownDescription": "The symbol style for a line style.", + "title": "LineSymbolStyle" } }, "type": "object" }, - "AWS::QuickSight::Template.ColumnSort": { + "AWS::QuickSight::Analysis.GeospatialLineSymbolStyle": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" - }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", - "type": "string" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "", - "title": "SortBy" + "LineWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width value for a line.", + "title": "LineWidth" } }, - "required": [ - "Direction", - "SortBy" - ], "type": "object" }, - "AWS::QuickSight::Template.ColumnTooltipItem": { + "AWS::QuickSight::Analysis.GeospatialLineWidth": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" - }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", - "type": "string" + "LineWidth": { + "markdownDescription": "The positive value for the width of a line.", + "title": "LineWidth", + "type": "number" } }, - "required": [ - "Column" - ], "type": "object" }, - "AWS::QuickSight::Template.ComboChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" - }, - "Category": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The aggregated category field wells of a combo chart.", - "title": "Category", + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", "type": "array" }, - "Colors": { + "Geospatial": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", "type": "array" }, - "LineValues": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartConfiguration": { + "AWS::QuickSight::Analysis.GeospatialMapConfiguration": { "additionalProperties": false, "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" - }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" - }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", - "title": "SortConfiguration" + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "", "title": "VisualPalette" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartFieldWells": { + "AWS::QuickSight::Analysis.GeospatialMapFieldWells": { "additionalProperties": false, "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartSortConfiguration": { + "AWS::QuickSight::Analysis.GeospatialMapState": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", - "title": "CategoryItemsLimit" + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", + "markdownDescription": "", + "title": "Bounds" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", - "title": "CategorySort", - "type": "array" + "MapNavigation": { + "markdownDescription": "Enables or disables map navigation for a map.", + "title": "MapNavigation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color and opacity values for a map.", + "title": "BackgroundColor", + "type": "string" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" + "BaseMapStyle": { + "markdownDescription": "The selected base map style.", + "title": "BaseMapStyle", + "type": "string" }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", - "type": "array" + "BaseMapVisibility": { + "markdownDescription": "The state of visibility for the base map.", + "title": "BaseMapVisibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartVisual": { + "AWS::QuickSight::Analysis.GeospatialMapStyleOptions": { + "additionalProperties": false, + "properties": { + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -211731,1078 +225724,945 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ComparisonConfiguration": { + "AWS::QuickSight::Analysis.GeospatialNullDataSettings": { "additionalProperties": false, "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" - }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", - "type": "string" + "SymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullSymbolStyle", + "markdownDescription": "The symbol style for null data.", + "title": "SymbolStyle" } }, + "required": [ + "SymbolStyle" + ], "type": "object" }, - "AWS::QuickSight::Template.ComparisonFormatConfiguration": { + "AWS::QuickSight::Analysis.GeospatialNullSymbolStyle": { "additionalProperties": false, "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" + "FillColor": { + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor", + "type": "string" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" + "StrokeColor": { + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor", + "type": "string" + }, + "StrokeWidth": { + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.Computation": { + "AWS::QuickSight::Analysis.GeospatialPointLayer": { "additionalProperties": false, "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" - }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Template.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" - }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Template.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" - }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" - }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Template.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" - }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" - }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" - }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" - }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" - }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyle", + "markdownDescription": "The visualization style for a point layer.", + "title": "Style" } }, + "required": [ + "Style" + ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingColor": { + "AWS::QuickSight::Analysis.GeospatialPointStyle": { "additionalProperties": false, "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" - }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" + "CircleSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCircleSymbolStyle", + "markdownDescription": "The circle symbol style for a point layer.", + "title": "CircleSymbolStyle" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition": { + "AWS::QuickSight::Analysis.GeospatialPointStyleOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", - "type": "string" + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", "type": "string" - }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" } }, - "required": [ - "Expression", - "IconOptions" - ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions": { + "AWS::QuickSight::Analysis.GeospatialPolygonLayer": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", - "type": "string" - }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonStyle", + "markdownDescription": "The visualization style for a polygon layer.", + "title": "Style" } }, + "required": [ + "Style" + ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingGradientColor": { + "AWS::QuickSight::Analysis.GeospatialPolygonStyle": { "additionalProperties": false, "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Template.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" - }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", - "type": "string" + "PolygonSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonSymbolStyle", + "markdownDescription": "The polygon symbol style for a polygon layer.", + "title": "PolygonSymbolStyle" } }, - "required": [ - "Color", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingIcon": { + "AWS::QuickSight::Analysis.GeospatialPolygonSymbolStyle": { "additionalProperties": false, "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration": { + "AWS::QuickSight::Analysis.GeospatialSolidColor": { "additionalProperties": false, "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", + "Color": { + "markdownDescription": "The color and opacity values for the color.", + "title": "Color", + "type": "string" + }, + "State": { + "markdownDescription": "Enables and disables the view state of the color.", + "title": "State", "type": "string" } }, + "required": [ + "Color" + ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingIconSet": { + "AWS::QuickSight::Analysis.GeospatialStaticFileSource": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", - "type": "string" - }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", + "StaticFileId": { + "markdownDescription": "The ID of the static file.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "Expression" + "StaticFileId" ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingSolidColor": { + "AWS::QuickSight::Analysis.GeospatialWindowOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", - "type": "string" + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Template.ContributionAnalysisDefault": { + "AWS::QuickSight::Analysis.GlobalTableBorderOptions": { "additionalProperties": false, "properties": { - "ContributorDimensions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", - "type": "array" + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", - "type": "string" + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" } }, - "required": [ - "ContributorDimensions", - "MeasureFieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration": { + "AWS::QuickSight::Analysis.GradientColor": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", - "type": "string" - }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", - "type": "string" - }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", - "type": "string" + "Stops": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientStop" + }, + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.CustomActionFilterOperation": { + "AWS::QuickSight::Analysis.GradientStop": { "additionalProperties": false, "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", + "type": "number" + }, + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", + "type": "number" } }, "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" + "GradientOffset" ], "type": "object" }, - "AWS::QuickSight::Template.CustomActionNavigationOperation": { + "AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.CustomActionSetParametersOperation": { + "AWS::QuickSight::Analysis.GridLayoutConfiguration": { "additionalProperties": false, "properties": { - "ParameterValueConfigurations": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SetParameterValueConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutElement" }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", "type": "array" } }, "required": [ - "ParameterValueConfigurations" + "Elements" ], "type": "object" }, - "AWS::QuickSight::Template.CustomActionURLOperation": { + "AWS::QuickSight::Analysis.GridLayoutElement": { "additionalProperties": false, "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", "type": "string" }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", "type": "string" + }, + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" + }, + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" } }, "required": [ - "URLTarget", - "URLTemplate" + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" ], "type": "object" }, - "AWS::QuickSight::Template.CustomColor": { + "AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", - "type": "string" - }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", "type": "string" }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", "type": "string" } }, "required": [ - "Color" + "ResizeOption" ], "type": "object" }, - "AWS::QuickSight::Template.CustomContentConfiguration": { + "AWS::QuickSight::Analysis.GrowthRateComputation": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", - "type": "string" + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", + "type": "number" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Template.CustomContentVisual": { + "AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", - "title": "ChartConfiguration" + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Layout", + "SectionId" ], "type": "object" }, - "AWS::QuickSight::Template.CustomFilterConfiguration": { + "AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", - "type": "string" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", + "type": "array" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", - "type": "string" + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", + "type": "array" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The values field well of a heat map.", + "title": "Values", + "type": "array" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomFilterListConfiguration": { + "AWS::QuickSight::Analysis.HeatMapConfiguration": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomNarrativeOptions": { + "AWS::QuickSight::Analysis.HeatMapFieldWells": { "additionalProperties": false, "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", - "type": "string" + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" } }, - "required": [ - "Narrative" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomParameterValues": { + "AWS::QuickSight::Analysis.HeatMapSortConfiguration": { "additionalProperties": false, "properties": { - "DateTimeValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", - "type": "array" + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" }, - "DecimalValues": { + "HeatMapColumnSort": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", "type": "array" }, - "IntegerValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", - "type": "array" + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" }, - "StringValues": { + "HeatMapRowSort": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.CustomValuesConfiguration": { + "AWS::QuickSight::Analysis.HeatMapVisual": { "additionalProperties": false, "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomParameterValues", - "markdownDescription": "", - "title": "CustomValues" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", - "type": "boolean" - } - }, - "required": [ - "CustomValues" - ], - "type": "object" - }, - "AWS::QuickSight::Template.DataBarsOptions": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", + "title": "ChartConfiguration" }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "FieldId" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.DataColor": { + "AWS::QuickSight::Analysis.HistogramAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", - "type": "string" - }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", - "type": "number" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.DataFieldSeriesItem": { + "AWS::QuickSight::Analysis.HistogramBinOptions": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", - "type": "string" + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", - "type": "string" + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", + "type": "number" } }, - "required": [ - "AxisBinding", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.DataLabelOptions": { + "AWS::QuickSight::Analysis.HistogramConfiguration": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "DataLabelTypes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelType" - }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", - "type": "array" + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", - "type": "string" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", - "type": "string" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", - "type": "string" + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", - "type": "string" + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", - "type": "string" + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DataLabelType": { + "AWS::QuickSight::Analysis.HistogramFieldWells": { "additionalProperties": false, "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" - }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" - }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" - }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" - }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.DataPathColor": { + "AWS::QuickSight::Analysis.HistogramVisual": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, "required": [ - "Color", - "Element" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.DataPathLabelType": { + "AWS::QuickSight::Analysis.ImageCustomAction": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", - "type": "string" + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the data label.", - "title": "Visibility", + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DataPathSort": { - "additionalProperties": false, - "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", + }, + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", "type": "string" }, - "SortPaths": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" - }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", - "type": "array" + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" } }, "required": [ - "Direction", - "SortPaths" + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" ], "type": "object" }, - "AWS::QuickSight::Template.DataPathType": { + "AWS::QuickSight::Analysis.ImageCustomActionOperation": { "additionalProperties": false, "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", - "type": "string" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" } }, "type": "object" }, - "AWS::QuickSight::Template.DataPathValue": { + "AWS::QuickSight::Analysis.ImageInteractionOptions": { "additionalProperties": false, "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", - "type": "string" - }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", - "type": "string" + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" } }, "type": "object" }, - "AWS::QuickSight::Template.DataSetConfiguration": { + "AWS::QuickSight::Analysis.ImageMenuOption": { "additionalProperties": false, "properties": { - "ColumnGroupSchemaList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupSchema" - }, - "markdownDescription": "A structure containing the list of column group schemas.", - "title": "ColumnGroupSchemaList", - "type": "array" - }, - "DataSetSchema": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetSchema", - "markdownDescription": "Dataset schema.", - "title": "DataSetSchema" - }, - "Placeholder": { - "markdownDescription": "Placeholder.", - "title": "Placeholder", + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DataSetReference": { + "AWS::QuickSight::Analysis.ImageStaticFile": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileSource", + "markdownDescription": "The source of the image static file.", + "title": "Source" }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains an image.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "DataSetArn", - "DataSetPlaceholder" + "StaticFileId" ], "type": "object" }, - "AWS::QuickSight::Template.DataSetSchema": { + "AWS::QuickSight::Analysis.InnerFilter": { "additionalProperties": false, "properties": { - "ColumnSchemaList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSchema" - }, - "markdownDescription": "A structure containing the list of column schemas.", - "title": "ColumnSchemaList", - "type": "array" + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" } }, "type": "object" }, - "AWS::QuickSight::Template.DateAxisOptions": { + "AWS::QuickSight::Analysis.InsightConfiguration": { "additionalProperties": false, "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", - "type": "string" + "Computations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Computation" + }, + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", + "type": "array" + }, + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, "type": "object" }, - "AWS::QuickSight::Template.DateDimensionField": { + "AWS::QuickSight::Analysis.InsightVisual": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" - }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" - } - }, - "required": [ - "Column", - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Template.DateMeasureField": { - "additionalProperties": false, - "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "Column", - "FieldId" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.DateTimeDefaultValues": { + "AWS::QuickSight::Analysis.IntegerDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" - }, "StaticValues": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "markdownDescription": "The static values of the `IntegerDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.DateTimeFormatConfiguration": { + "AWS::QuickSight::Analysis.IntegerParameter": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", + "Name": { + "markdownDescription": "The name of the integer parameter.", + "title": "Name", "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DateTimeHierarchy": { - "additionalProperties": false, - "properties": { - "DrillDownFilters": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + "type": "number" }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", + "markdownDescription": "The values for the integer parameter.", + "title": "Values", "type": "array" - }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", - "type": "string" } }, "required": [ - "HierarchyId" + "Name", + "Values" ], "type": "object" }, - "AWS::QuickSight::Template.DateTimeParameterDeclaration": { + "AWS::QuickSight::Analysis.IntegerParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeDefaultValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", @@ -212813,50 +226673,30 @@ "title": "Name", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" }, "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", "title": "ValueWhenUnset" } }, "required": [ - "Name" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::QuickSight::Template.DateTimePickerControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", - "type": "string" + "type": "number" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", @@ -212866,535 +226706,313 @@ }, "type": "object" }, - "AWS::QuickSight::Template.DecimalDefaultValues": { + "AWS::QuickSight::Analysis.ItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DecimalParameterDeclaration": { + "AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" - }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Template.DecimalPlacesConfiguration": { + "AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting": { "additionalProperties": false, "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", - "type": "number" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" } }, - "required": [ - "DecimalPlaces" - ], "type": "object" }, - "AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.KPIConditionalFormatting": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" - }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormattingOption" + }, + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultDateTimePickerControlOptions": { + "AWS::QuickSight::Analysis.KPIConditionalFormattingOption": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" }, - "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", - "type": "string" + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterControlConfiguration": { + "AWS::QuickSight::Analysis.KPIConfiguration": { "additionalProperties": false, "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" } }, - "required": [ - "ControlOptions", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterControlOptions": { + "AWS::QuickSight::Analysis.KPIFieldWells": { "additionalProperties": false, "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", + "type": "array" }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" - }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" - }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" - }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" - }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" + "TrendGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", + "type": "array" }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterDropDownControlOptions": { + "AWS::QuickSight::Analysis.KPIOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DefaultFilterListControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" }, - "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" - } - }, - "required": [ - "CanvasSizeOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Template.DefaultGridLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" - } - }, - "required": [ - "CanvasSizeOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DefaultNewSheetConfiguration": { - "additionalProperties": false, - "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Template.DefaultSliderControlOptions": { + "AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" }, - "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", - "type": "string" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" } }, - "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" - ], "type": "object" }, - "AWS::QuickSight::Template.DefaultTextAreaControlOptions": { + "AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultTextFieldControlOptions": { + "AWS::QuickSight::Analysis.KPISortConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "TrendGroupSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.DestinationParameterValueConfiguration": { + "AWS::QuickSight::Analysis.KPISparklineOptions": { "additionalProperties": false, "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" - }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", "type": "string" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" - }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", + "Type": { + "markdownDescription": "The type of the sparkline.", + "title": "Type", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DimensionField": { - "additionalProperties": false, - "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" - }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DonutCenterOptions": { - "additionalProperties": false, - "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", "type": "string" } }, - "type": "object" - }, - "AWS::QuickSight::Template.DonutOptions": { - "additionalProperties": false, - "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" - }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DrillDownFilter": { - "additionalProperties": false, - "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" - }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DropDownControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DynamicDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" - }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" - }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" - } - }, "required": [ - "DefaultValueColumn" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.EmptyVisual": { + "AWS::QuickSight::Analysis.KPIVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", - "title": "DataSetIdentifier", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, "VisualId": { @@ -213404,377 +227022,572 @@ } }, "required": [ - "DataSetIdentifier", "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.Entity": { + "AWS::QuickSight::Analysis.KPIVisualLayoutOptions": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", - "type": "string" + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" } }, "type": "object" }, - "AWS::QuickSight::Template.ExcludePeriodConfiguration": { + "AWS::QuickSight::Analysis.KPIVisualStandardLayout": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", - "type": "number" - }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", - "type": "string" - }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", + "Type": { + "markdownDescription": "The standard layout type.", + "title": "Type", "type": "string" } }, "required": [ - "Amount", - "Granularity" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.ExplicitHierarchy": { + "AWS::QuickSight::Analysis.LabelOptions": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", - "type": "array" + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", + "type": "string" }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", + "Visibility": { + "markdownDescription": "Determines whether or not the label is visible.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Columns", - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Template.FieldBasedTooltip": { + "AWS::QuickSight::Analysis.LayerCustomAction": { "additionalProperties": false, "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", - "type": "string" - }, - "TooltipFields": { + "ActionOperations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipItem" + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerCustomActionOperation" }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", + "markdownDescription": "A list of `LayerCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", "type": "array" }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `LayerCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `LayerCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", "type": "string" } }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], "type": "object" }, - "AWS::QuickSight::Template.FieldLabelType": { + "AWS::QuickSight::Analysis.LayerCustomActionOperation": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", - "type": "string" + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", + "markdownDescription": "", + "title": "FilterOperation" }, - "Visibility": { - "markdownDescription": "The visibility of the field label.", - "title": "Visibility", - "type": "string" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" } }, "type": "object" }, - "AWS::QuickSight::Template.FieldSeriesItem": { + "AWS::QuickSight::Analysis.LayerMapVisual": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the layer map visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "VisualId": { + "markdownDescription": "The ID of the visual.", + "title": "VisualId", + "type": "string" } }, "required": [ - "AxisBinding", - "FieldId" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.FieldSort": { + "AWS::QuickSight::Analysis.Layout": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The sort configuration target field.", - "title": "FieldId", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" } }, "required": [ - "Direction", - "FieldId" + "Configuration" ], "type": "object" }, - "AWS::QuickSight::Template.FieldSortOptions": { + "AWS::QuickSight::Analysis.LayoutConfiguration": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" } }, "type": "object" }, - "AWS::QuickSight::Template.FieldTooltipItem": { + "AWS::QuickSight::Analysis.LegendOptions": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", - "title": "FieldId", + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", "type": "string" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", "type": "string" }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" + }, + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" + }, "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", + "markdownDescription": "Determines whether or not the legend is visible.", "title": "Visibility", "type": "string" + }, + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", + "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.LineChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Geospatial": { + "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", "type": "array" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.FilledMapConditionalFormatting": { + "AWS::QuickSight::Analysis.LineChartConfiguration": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "ContributionAnalysisDefaults": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormattingOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" + }, + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" + }, + "ForecastConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastConfiguration" + }, + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", + "type": "array" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" + }, + "Type": { + "markdownDescription": "Determines the type of the line chart.", + "title": "Type", + "type": "string" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" } }, - "required": [ - "ConditionalFormattingOptions" - ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapConditionalFormattingOption": { + "AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings": { "additionalProperties": false, "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", + "type": "string" + }, + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" } }, - "required": [ - "Shape" - ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapConfiguration": { + "AWS::QuickSight::Analysis.LineChartFieldWells": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LineChartLineStyleSettings": { + "additionalProperties": false, + "properties": { + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", + "type": "string" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.FilledMapFieldWells": { + "AWS::QuickSight::Analysis.LineChartMarkerStyleSettings": { "additionalProperties": false, "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", + "type": "string" + }, + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", + "type": "string" + }, + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", + "type": "string" + }, + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.FilledMapShapeConditionalFormatting": { + "AWS::QuickSight::Analysis.LineChartSeriesSettings": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", - "title": "FieldId", - "type": "string" + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Template.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapSortConfiguration": { + "AWS::QuickSight::Analysis.LineChartSortConfiguration": { "additionalProperties": false, "properties": { + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" + }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The sort configuration of the location fields.", + "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" + }, + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.FilledMapVisual": { + "AWS::QuickSight::Analysis.LineChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" - }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } @@ -213784,1443 +227597,1421 @@ ], "type": "object" }, - "AWS::QuickSight::Template.Filter": { + "AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" - }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" - }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" - }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" - }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MissingDataConfiguration" + }, + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterControl": { + "AWS::QuickSight::Analysis.ListControlDisplayOptions": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", - "title": "List" - }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterCrossSheetControl": { + "AWS::QuickSight::Analysis.ListControlSearchOptions": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", "type": "string" } }, - "required": [ - "FilterControlId", - "SourceFilterId" - ], "type": "object" }, - "AWS::QuickSight::Template.FilterDateTimePickerControl": { + "AWS::QuickSight::Analysis.ListControlSelectAllOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", - "title": "Title", + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LoadingAnimation": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", "type": "string" - }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.LocalNavigationConfiguration": { + "additionalProperties": false, + "properties": { + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "TargetSheetId" ], "type": "object" }, - "AWS::QuickSight::Template.FilterDropDownControl": { + "AWS::QuickSight::Analysis.LongFormatText": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", - "title": "Title", + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", "type": "string" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.FilterGroup": { + "AWS::QuickSight::Analysis.MappedDataSetParameter": { "additionalProperties": false, "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", - "type": "string" - }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", + "DataSetIdentifier": { + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", + "title": "DataSetIdentifier", "type": "string" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Filter" - }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", - "type": "array" - }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" - }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", "type": "string" } }, "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" + "DataSetIdentifier", + "DataSetParameterName" ], "type": "object" }, - "AWS::QuickSight::Template.FilterListConfiguration": { + "AWS::QuickSight::Analysis.MaximumLabelType": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", "type": "string" } }, - "required": [ - "MatchOperator" - ], "type": "object" }, - "AWS::QuickSight::Template.FilterListControl": { + "AWS::QuickSight::Analysis.MaximumMinimumComputation": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterListControl` .", - "title": "Title", - "type": "string" + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" }, "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", "title": "Type", "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "ComputationId", + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration": { + "AWS::QuickSight::Analysis.MeasureField": { "additionalProperties": false, "properties": { - "SelectedColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", - "type": "array" + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", - "type": "string" + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" }, - "SelectedFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration": { - "additionalProperties": false, - "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" + }, + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterRelativeDateTimeControl": { + "AWS::QuickSight::Analysis.MetricComparisonComputation": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", - "type": "string" + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" + }, + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "ComputationId" ], "type": "object" }, - "AWS::QuickSight::Template.FilterScopeConfiguration": { + "AWS::QuickSight::Analysis.MinimumLabelType": { "additionalProperties": false, "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" - }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" + "Visibility": { + "markdownDescription": "The visibility of the minimum label.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterSelectableValues": { + "AWS::QuickSight::Analysis.MissingDataConfiguration": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", - "title": "Values", - "type": "array" + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterSliderControl": { + "AWS::QuickSight::Analysis.NegativeValueConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", - "type": "string" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", - "type": "string" - }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" - }, - "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", - "title": "Title", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", "type": "string" } }, "required": [ - "FilterControlId", - "MaximumValue", - "MinimumValue", - "SourceFilterId", - "StepSize", - "Title" + "DisplayMode" ], "type": "object" }, - "AWS::QuickSight::Template.FilterTextAreaControl": { + "AWS::QuickSight::Analysis.NestedFilter": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", - "type": "string" + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", - "type": "string" + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" ], "type": "object" }, - "AWS::QuickSight::Template.FilterTextFieldControl": { + "AWS::QuickSight::Analysis.NullValueFormatConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", - "title": "Title", + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "NullString" ], "type": "object" }, - "AWS::QuickSight::Template.FontConfiguration": { + "AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", "type": "string" }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", + "Prefix": { + "markdownDescription": "Determines the prefix value of the number format.", + "title": "Prefix", "type": "string" }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", "type": "string" - }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" } }, "type": "object" }, - "AWS::QuickSight::Template.FontSize": { + "AWS::QuickSight::Analysis.NumberFormatConfiguration": { "additionalProperties": false, "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.FontWeight": { + "AWS::QuickSight::Analysis.NumericAxisOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", - "title": "Name", - "type": "string" + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" + }, + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" } }, "type": "object" }, - "AWS::QuickSight::Template.ForecastComputation": { + "AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", + "Value": { + "markdownDescription": "The value of the double input numeric drill down filter.", + "title": "Value", "type": "number" + } + }, + "required": [ + "Column", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.NumericEqualityFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" } }, "required": [ - "ComputationId" + "Column", + "FilterId", + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Template.ForecastConfiguration": { + "AWS::QuickSight::Analysis.NumericFormatConfiguration": { "additionalProperties": false, "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.ForecastScenario": { + "AWS::QuickSight::Analysis.NumericRangeFilter": { "additionalProperties": false, "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" + }, + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" } }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], "type": "object" }, - "AWS::QuickSight::Template.FormatConfiguration": { + "AWS::QuickSight::Analysis.NumericRangeFilterValue": { "additionalProperties": false, "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" - }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", + "type": "string" }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions": { + "AWS::QuickSight::Analysis.NumericSeparatorConfiguration": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" } }, "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutConfiguration": { + "AWS::QuickSight::Analysis.NumericalAggregationFunction": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", - "type": "array" + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", + "type": "string" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutElement": { + "AWS::QuickSight::Analysis.NumericalDimensionField": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" - }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", - "type": "string" - }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" - }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", - "type": "string" - }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Template.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" - }, - "RenderingRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementRenderingRule" - }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", - "type": "array" - }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" - }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" }, - "Width": { - "markdownDescription": "The width of an element within a free-form layout.", - "title": "Width", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" + "Column", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle": { + "AWS::QuickSight::Analysis.NumericalMeasureField": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", - "type": "string" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ - "OptimizedViewPortWidth" + "Column", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration": { + "AWS::QuickSight::Analysis.PaginationConfiguration": { "additionalProperties": false, "properties": { - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", - "type": "array" + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", + "type": "number" + }, + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", + "type": "number" } }, "required": [ - "Elements" + "PageNumber", + "PageSize" ], "type": "object" }, - "AWS::QuickSight::Template.FunnelChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.PanelConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FunnelChartConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", - "title": "CategoryLabelOptions" + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "string" }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FieldWells" + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", - "title": "SortConfiguration" + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", - "title": "Tooltip" + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "string" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", - "title": "ValueLabelOptions" + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", - "title": "VisualPalette" + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", + "title": "Title" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartDataLabelOptions": { + "AWS::QuickSight::Analysis.PanelTitleOptions": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" + }, + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", "type": "string" }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ParameterControl": { + "additionalProperties": false, + "properties": { + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", + "title": "DateTimePicker" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", - "type": "string" + "List": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", + "title": "List" }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", - "type": "string" + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" }, - "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", - "title": "Visibility", - "type": "string" + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartFieldWells": { + "AWS::QuickSight::Analysis.ParameterDateTimePickerControl": { "additionalProperties": false, "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", + "title": "Title", + "type": "string" } }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Template.FunnelChartSortConfiguration": { + "AWS::QuickSight::Analysis.ParameterDeclaration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", - "title": "CategoryItemsLimit" + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" + }, + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" + }, + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartVisual": { + "AWS::QuickSight::Analysis.ParameterDropDownControl": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", - "title": "ChartConfiguration" + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", + "type": "string" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "markdownDescription": "The title of the `ParameterDropDownControl` .", + "title": "Title", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", + "title": "Type", "type": "string" } }, "required": [ - "VisualId" + "ParameterControlId", + "SourceParameterName", + "Title" ], "type": "object" }, - "AWS::QuickSight::Template.GaugeChartArcConditionalFormatting": { + "AWS::QuickSight::Analysis.ParameterListControl": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of `ParameterListControl` .", + "title": "Type", + "type": "string" } }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Template.GaugeChartConditionalFormatting": { + "AWS::QuickSight::Analysis.ParameterSelectableValues": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartConditionalFormattingOption": { + "AWS::QuickSight::Analysis.ParameterSliderControl": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.GaugeChartConfiguration": { - "additionalProperties": false, - "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.GaugeChartFieldWells": { - "additionalProperties": false, - "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", - "type": "array" + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", - "title": "Values", - "type": "array" + "Title": { + "markdownDescription": "The title of the `ParameterSliderControl` .", + "title": "Title", + "type": "string" } }, + "required": [ + "MaximumValue", + "MinimumValue", + "ParameterControlId", + "SourceParameterName", + "StepSize", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Template.GaugeChartOptions": { + "AWS::QuickSight::Analysis.ParameterTextAreaControl": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", + "type": "string" }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "Title": { + "markdownDescription": "The title of the `ParameterTextAreaControl` .", + "title": "Title", + "type": "string" } }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::QuickSight::Analysis.ParameterTextFieldControl": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextFieldControl` .", + "title": "Title", + "type": "string" } }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], "type": "object" }, - "AWS::QuickSight::Template.GaugeChartVisual": { + "AWS::QuickSight::Analysis.Parameters": { "additionalProperties": false, "properties": { - "Actions": { + "DateTimeParameters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameter" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The parameters that have a data type of date-time.", + "title": "DateTimeParameters", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DecimalParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameter" + }, + "markdownDescription": "The parameters that have a data type of decimal.", + "title": "DecimalParameters", + "type": "array" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "IntegerParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameter" + }, + "markdownDescription": "The parameters that have a data type of integer.", + "title": "IntegerParameters", + "type": "array" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "StringParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameter" + }, + "markdownDescription": "The parameters that have a data type of string.", + "title": "StringParameters", + "type": "array" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialCoordinateBounds": { + "AWS::QuickSight::Analysis.PercentVisibleRange": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", "type": "number" }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", - "type": "number" + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", - "type": "number" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", + "type": "string" } }, - "required": [ - "East", - "North", - "South", - "West" - ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialHeatmapColorScale": { + "AWS::QuickSight::Analysis.PercentileAggregation": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapDataColor" - }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", - "type": "array" + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialHeatmapConfiguration": { + "AWS::QuickSight::Analysis.PeriodOverPeriodComputation": { "additionalProperties": false, "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialHeatmapDataColor": { + "AWS::QuickSight::Analysis.PeriodToDateComputation": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "Color" + "ComputationId" ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.PieChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Colors": { + "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", "type": "array" }, - "Geospatial": { + "SmallMultiples": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", "type": "array" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapConfiguration": { + "AWS::QuickSight::Analysis.PieChartConfiguration": { "additionalProperties": false, "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", + "title": "CategoryLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" + }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", + "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", + "title": "ValueLabelOptions" + }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" - }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapFieldWells": { + "AWS::QuickSight::Analysis.PieChartFieldWells": { "additionalProperties": false, "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapStyleOptions": { + "AWS::QuickSight::Analysis.PieChartSortConfiguration": { "additionalProperties": false, "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", - "type": "string" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapVisual": { + "AWS::QuickSight::Analysis.PieChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } @@ -215230,539 +229021,503 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialPointStyleOptions": { + "AWS::QuickSight::Analysis.PivotFieldSortOptions": { "additionalProperties": false, "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" - }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" - }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" } }, + "required": [ + "FieldId", + "SortBy" + ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialWindowOptions": { + "AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", + "type": "array" }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", - "type": "string" + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GlobalTableBorderOptions": { + "AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting": { "additionalProperties": false, "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope" + }, + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", + "type": "array" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" } }, + "required": [ + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Template.GradientColor": { + "AWS::QuickSight::Analysis.PivotTableConditionalFormatting": { "additionalProperties": false, "properties": { - "Stops": { + "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GradientStop" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption" }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GradientStop": { + "AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", - "type": "string" - }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", - "type": "number" - }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", - "type": "number" + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" } }, - "required": [ - "GradientOffset" - ], "type": "object" }, - "AWS::QuickSight::Template.GridLayoutCanvasSizeOptions": { + "AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.GridLayoutConfiguration": { + "AWS::QuickSight::Analysis.PivotTableConfiguration": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutElement" - }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", - "type": "array" - } - }, - "required": [ - "Elements" - ], - "type": "object" - }, - "AWS::QuickSight::Template.GridLayoutElement": { - "additionalProperties": false, - "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", - "type": "number" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", - "type": "string" + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", + "title": "SortConfiguration" }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", - "type": "number" + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" } }, - "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" - ], "type": "object" }, - "AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions": { + "AWS::QuickSight::Analysis.PivotTableDataPathOption": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", - "type": "string" + "DataPathList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + }, + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", + "type": "array" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", + "Width": { + "markdownDescription": "The width of the data path option.", + "title": "Width", "type": "string" } }, "required": [ - "ResizeOption" + "DataPathList" ], "type": "object" }, - "AWS::QuickSight::Template.GrowthRateComputation": { + "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", "type": "string" }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" } }, "required": [ - "ComputationId" + "Target" ], "type": "object" }, - "AWS::QuickSight::Template.HeaderFooterSectionConfiguration": { + "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" + "FieldDataPathValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + }, + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", + "type": "array" }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", + "type": "string" } }, "required": [ - "Layout", - "SectionId" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.HeatMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.PivotTableFieldOptions": { "additionalProperties": false, "properties": { - "Columns": { + "CollapseStateOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption" }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", "type": "array" }, - "Rows": { + "DataPathOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableDataPathOption" }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", "type": "array" }, - "Values": { + "SelectedFieldOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOption" }, - "markdownDescription": "The values field well of a heat map.", - "title": "Values", + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapConfiguration": { + "AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions": { "additionalProperties": false, "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" - }, - "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapFieldWells": { + "AWS::QuickSight::Analysis.PivotTableFieldWells": { "additionalProperties": false, "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapSortConfiguration": { + "AWS::QuickSight::Analysis.PivotTableOptions": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" }, - "HeatMapColumnSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", - "type": "array" + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", + "type": "string" }, - "HeatMapRowItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" }, - "HeatMapRowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.HeatMapVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", - "title": "ChartConfiguration" + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", + "type": "string" + }, + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "string" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Template.HistogramAggregatedFieldWells": { + "AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", - "title": "Values", - "type": "array" + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramBinOptions": { + "AWS::QuickSight::Analysis.PivotTableRowsLabelOptions": { "additionalProperties": false, "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Template.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" - }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Template.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" - }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", "type": "string" }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", - "type": "number" + "Visibility": { + "markdownDescription": "The visibility of the rows label.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramConfiguration": { + "AWS::QuickSight::Analysis.PivotTableSortBy": { "additionalProperties": false, "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "FieldWells" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "YAxisDisplayOptions" + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramFieldWells": { + "AWS::QuickSight::Analysis.PivotTableSortConfiguration": { "additionalProperties": false, "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" + "FieldSortOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotFieldSortOptions" + }, + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramVisual": { + "AWS::QuickSight::Analysis.PivotTableTotalOptions": { + "additionalProperties": false, + "properties": { + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" + }, + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" + }, + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -215772,440 +229527,498 @@ ], "type": "object" }, - "AWS::QuickSight::Template.InsightConfiguration": { + "AWS::QuickSight::Analysis.PivotTotalOptions": { "additionalProperties": false, "properties": { - "Computations": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Computation" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", "type": "array" }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" } }, "type": "object" }, - "AWS::QuickSight::Template.InsightVisual": { + "AWS::QuickSight::Analysis.PluginVisual": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", "type": "string" }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" - }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The ID of the visual that you want to use.", "title": "VisualId", "type": "string" } }, "required": [ - "DataSetIdentifier", + "PluginArn", "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.IntegerDefaultValues": { + "AWS::QuickSight::Analysis.PluginVisualConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" - }, - "StaticValues": { + "FieldWells": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualFieldWell" }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" + }, + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.IntegerParameterDeclaration": { + "AWS::QuickSight::Analysis.PluginVisualFieldWell": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" }, - "MappedDataSetParameters": { + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", "type": "array" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" - }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", - "type": "string" + "Measures": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", + "type": "array" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" + "Unaggregated": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" + }, + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", + "type": "array" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.PluginVisualItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", "type": "number" - }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ItemsLimitConfiguration": { + "AWS::QuickSight::Analysis.PluginVisualOptions": { "additionalProperties": false, "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", - "type": "number" - }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", - "type": "string" + "VisualProperties": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualProperty" + }, + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIActualValueConditionalFormatting": { + "AWS::QuickSight::Analysis.PluginVisualProperty": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting": { + "AWS::QuickSight::Analysis.PluginVisualSortConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIConditionalFormatting": { + "AWS::QuickSight::Analysis.PluginVisualTableQuerySort": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" + }, + "RowSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormattingOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIConditionalFormattingOption": { + "AWS::QuickSight::Analysis.PredefinedHierarchy": { "additionalProperties": false, "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" - }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", + "type": "array" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", + "type": "array" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", + "type": "string" } }, + "required": [ + "Columns", + "HierarchyId" + ], "type": "object" }, - "AWS::QuickSight::Template.KPIConfiguration": { + "AWS::QuickSight::Analysis.ProgressBarOptions": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" - }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIFieldWells": { + "AWS::QuickSight::Analysis.QueryExecutionOptions": { "additionalProperties": false, "properties": { - "TargetValues": { + "QueryExecutionMode": { + "markdownDescription": "A structure that describes the query execution mode.", + "title": "QueryExecutionMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", "type": "array" }, - "TrendGroups": { + "Color": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", "type": "array" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The value field wells of a KPI visual.", + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIOptions": { + "AWS::QuickSight::Analysis.RadarChartAreaStyleSettings": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartConfiguration": { + "additionalProperties": false, + "properties": { + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "string" }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Template.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Template.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "title": "SortConfiguration" + }, + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting": { + "AWS::QuickSight::Analysis.RadarChartFieldWells": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIProgressBarConditionalFormatting": { + "AWS::QuickSight::Analysis.RadarChartSeriesSettings": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" } }, "type": "object" }, - "AWS::QuickSight::Template.KPISortConfiguration": { + "AWS::QuickSight::Analysis.RadarChartSortConfiguration": { "additionalProperties": false, "properties": { - "TrendGroupSort": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.KPISparklineOptions": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", - "type": "string" - }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", - "type": "string" }, - "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", - "type": "string" + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" }, - "Visibility": { - "markdownDescription": "The visibility of the sparkline.", - "title": "Visibility", - "type": "string" + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::QuickSight::Template.KPIVisual": { + "AWS::QuickSight::Analysis.RadarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" - }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -216217,440 +230030,720 @@ ], "type": "object" }, - "AWS::QuickSight::Template.KPIVisualLayoutOptions": { + "AWS::QuickSight::Analysis.RangeEndsLabelType": { "additionalProperties": false, "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIVisualStandardLayout": { + "AWS::QuickSight::Analysis.ReferenceLine": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The standard layout type.", - "title": "Type", + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" + }, + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" + }, + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", "type": "string" + }, + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" } }, "required": [ - "Type" + "DataConfiguration" ], "type": "object" }, - "AWS::QuickSight::Template.LabelOptions": { + "AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration": { "additionalProperties": false, "properties": { "CustomLabel": { - "markdownDescription": "The text for the label.", + "markdownDescription": "The string text of the custom label.", "title": "CustomLabel", "type": "string" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the label.", + } + }, + "required": [ + "CustomLabel" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineDataConfiguration": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", + "type": "string" + }, + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" + }, + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", + "type": "string" + }, + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration": { + "additionalProperties": false, + "properties": { + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" + }, + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" + } + }, + "required": [ + "Calculation", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" + }, + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", "title": "FontConfiguration" }, - "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", - "title": "Visibility", + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", + "type": "string" + }, + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" + }, + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.Layout": { + "AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", + "type": "number" } }, "required": [ - "Configuration" + "Value" ], "type": "object" }, - "AWS::QuickSight::Template.LayoutConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" + "Color": { + "markdownDescription": "The hex color of the reference line.", + "title": "Color", + "type": "string" }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.LegendOptions": { + "AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", "type": "string" }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RelativeDatesFilter": { + "additionalProperties": false, + "properties": { + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The custom title for the legend.", - "title": "Title" + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", + "type": "string" }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", + "type": "string" + }, + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", + "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" } }, + "required": [ + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" + ], "type": "object" }, - "AWS::QuickSight::Template.LineChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.ResourcePermission": { "additionalProperties": false, "properties": { - "Category": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "type": "string" }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", - "title": "Category", + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", "type": "array" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", - "type": "array" + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.RollingDateConfiguration": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", + "type": "string" }, - "SmallMultiples": { + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.RowAlternateColorOptions": { + "additionalProperties": false, + "properties": { + "RowAlternateColors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "type": "string" }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", "type": "array" }, - "Values": { + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", + "type": "string" + }, + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration": { + "additionalProperties": false, + "properties": { + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" + }, + "TargetVisuals": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartConfiguration": { + "AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { + "Destination": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", + "type": "array" + }, + "Source": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", "type": "array" }, + "Weight": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration": { + "additionalProperties": false, + "properties": { "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a sankey diagram.", "title": "DataLabels" }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" - }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", "title": "FieldWells" }, - "ForecastConfigurations": { + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SankeyDiagramFieldWells": { + "additionalProperties": false, + "properties": { + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" + }, + "SourceItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" + }, + "WeightSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastConfiguration" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SankeyDiagramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", - "title": "Legend" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", + "title": "ChartConfiguration" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "ReferenceLines": { + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", "type": "array" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" }, - "Series": { + "XAxis": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SeriesItem" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", "type": "array" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ScatterPlotConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, - "Type": { - "markdownDescription": "Determines the type of the line chart.", - "title": "Type", - "type": "string" - }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" }, "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", "title": "XAxisLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LineChartDefaultSeriesSettings": { - "additionalProperties": false, - "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", - "type": "string" - }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LineChartFieldWells": { - "additionalProperties": false, - "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LineChartLineStyleSettings": { - "additionalProperties": false, - "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", - "type": "string" - }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", - "type": "string" }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", - "type": "string" + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", + "title": "YAxisDisplayOptions" }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", - "type": "string" + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartMarkerStyleSettings": { + "AWS::QuickSight::Analysis.ScatterPlotFieldWells": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", - "type": "string" - }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", - "type": "string" - }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", - "type": "string" + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", - "type": "string" + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartSeriesSettings": { + "AWS::QuickSight::Analysis.ScatterPlotSortConfiguration": { "additionalProperties": false, "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartSortConfiguration": { + "AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" }, - "CategorySort": { + "Label": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", "type": "array" }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", + "type": "array" }, - "SmallMultiplesSort": { + "YAxis": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartVisual": { + "AWS::QuickSight::Analysis.ScatterPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -216662,1336 +230755,1520 @@ ], "type": "object" }, - "AWS::QuickSight::Template.LineSeriesAxisDisplayOptions": { - "additionalProperties": false, - "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" - }, - "MissingDataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MissingDataConfiguration" - }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ListControlDisplayOptions": { + "AWS::QuickSight::Analysis.ScrollBarOptions": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" - }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" + "Visibility": { + "markdownDescription": "The visibility of the data zoom scroll bar.", + "title": "Visibility", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" } }, "type": "object" }, - "AWS::QuickSight::Template.ListControlSearchOptions": { + "AWS::QuickSight::Analysis.SecondaryValueOptions": { "additionalProperties": false, "properties": { "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", + "markdownDescription": "Determines the visibility of the secondary value.", "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ListControlSelectAllOptions": { + "AWS::QuickSight::Analysis.SectionAfterPageBreak": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", - "title": "Visibility", + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.LoadingAnimation": { + "AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", - "title": "Visibility", - "type": "string" + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.LocalNavigationConfiguration": { + "AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", - "type": "string" + "BodySections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionConfiguration" + }, + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", + "type": "array" + }, + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" + }, + "FooterSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", + "type": "array" + }, + "HeaderSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", + "type": "array" } }, "required": [ - "TargetSheetId" + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" ], "type": "object" }, - "AWS::QuickSight::Template.LongFormatText": { + "AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" + }, + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.MappedDataSetParameter": { + "AWS::QuickSight::Analysis.SectionLayoutConfiguration": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", - "type": "string" - }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", - "type": "string" + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" } }, "required": [ - "DataSetIdentifier", - "DataSetParameterName" + "FreeFormLayout" ], "type": "object" }, - "AWS::QuickSight::Template.MaximumLabelType": { + "AWS::QuickSight::Analysis.SectionPageBreakConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the maximum label.", - "title": "Visibility", - "type": "string" + "After": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" } }, "type": "object" }, - "AWS::QuickSight::Template.MaximumMinimumComputation": { + "AWS::QuickSight::Analysis.SectionStyle": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "SheetVisualScopingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetVisualScopingConfiguration" + }, + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SeriesItem": { + "additionalProperties": false, + "properties": { + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SetParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", "type": "string" }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DestinationParameterValueConfiguration", + "markdownDescription": "", "title": "Value" } }, "required": [ - "ComputationId", - "Type" + "DestinationParameterName", + "Value" ], "type": "object" }, - "AWS::QuickSight::Template.MeasureField": { + "AWS::QuickSight::Analysis.ShapeConditionalFormat": { "additionalProperties": false, "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" - }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" - }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" - }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" } }, + "required": [ + "BackgroundColor" + ], "type": "object" }, - "AWS::QuickSight::Template.MetricComparisonComputation": { + "AWS::QuickSight::Analysis.Sheet": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" - }, "Name": { - "markdownDescription": "The name of a computation.", + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", "title": "Name", "type": "string" }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", + "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Template.MinimumLabelType": { + "AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions": { "additionalProperties": false, "properties": { + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", + "type": "string" + }, "Visibility": { - "markdownDescription": "The visibility of the minimum label.", + "markdownDescription": "The visibility configuration of info icon label options.", "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.MissingDataConfiguration": { + "AWS::QuickSight::Analysis.SheetControlLayout": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.NegativeValueConfiguration": { - "additionalProperties": false, - "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" } }, "required": [ - "DisplayMode" + "Configuration" ], "type": "object" }, - "AWS::QuickSight::Template.NullValueFormatConfiguration": { + "AWS::QuickSight::Analysis.SheetControlLayoutConfiguration": { "additionalProperties": false, "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", - "type": "string" + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" } }, - "required": [ - "NullString" - ], "type": "object" }, - "AWS::QuickSight::Template.NumberDisplayFormatConfiguration": { + "AWS::QuickSight::Analysis.SheetDefinition": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", + "type": "string" }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", + "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "FilterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterControl" + }, + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", + "type": "array" }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" + }, + "Layouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Layout" + }, + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", "type": "string" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", + "ParameterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterControl" + }, + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", + "type": "array" + }, + "SheetControlLayouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayout" + }, + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", + "type": "array" + }, + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "TextBoxes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetTextBox" + }, + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", + "type": "array" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", "type": "string" + }, + "Visuals": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Visual" + }, + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", + "type": "array" } }, + "required": [ + "SheetId" + ], "type": "object" }, - "AWS::QuickSight::Template.NumberFormatConfiguration": { - "additionalProperties": false, - "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.NumericAxisOptions": { + "AWS::QuickSight::Analysis.SheetElementConfigurationOverrides": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" - }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "Visibility": { + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericEqualityDrillDownFilter": { + "AWS::QuickSight::Analysis.SheetElementRenderingRule": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" }, - "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", - "title": "Value", - "type": "number" + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", + "type": "string" } }, "required": [ - "Column", - "Value" + "ConfigurationOverrides", + "Expression" ], "type": "object" }, - "AWS::QuickSight::Template.NumericEqualityFilter": { + "AWS::QuickSight::Analysis.SheetImage": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageCustomAction" + }, + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", + "type": "array" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", "type": "string" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" } }, "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" + "SheetImageId", + "Source" ], "type": "object" }, - "AWS::QuickSight::Template.NumericFormatConfiguration": { + "AWS::QuickSight::Analysis.SheetImageScalingConfiguration": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" - }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" - }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericRangeFilter": { + "AWS::QuickSight::Analysis.SheetImageSource": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" - }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" } }, - "required": [ - "Column", - "FilterId", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Template.NumericRangeFilterValue": { + "AWS::QuickSight::Analysis.SheetImageStaticFileSource": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", "type": "string" - }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", - "type": "number" } }, + "required": [ + "StaticFileId" + ], "type": "object" }, - "AWS::QuickSight::Template.NumericSeparatorConfiguration": { + "AWS::QuickSight::Analysis.SheetImageTooltipConfiguration": { "additionalProperties": false, "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", - "type": "string" + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Template.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" + "Visibility": { + "markdownDescription": "The visibility of the tooltip.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericalAggregationFunction": { + "AWS::QuickSight::Analysis.SheetImageTooltipText": { "additionalProperties": false, "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" - }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericalDimensionField": { + "AWS::QuickSight::Analysis.SheetTextBox": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", "type": "string" } }, "required": [ - "Column", - "FieldId" + "SheetTextBoxId" ], "type": "object" }, - "AWS::QuickSight::Template.NumericalMeasureField": { + "AWS::QuickSight::Analysis.SheetVisualScopingConfiguration": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "VisualIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", + "type": "array" } }, "required": [ - "Column", - "FieldId" + "Scope", + "SheetId" ], "type": "object" }, - "AWS::QuickSight::Template.PaginationConfiguration": { + "AWS::QuickSight::Analysis.ShortFormatText": { "additionalProperties": false, "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", - "type": "number" + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", - "type": "number" + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" } }, - "required": [ - "PageNumber", - "PageSize" - ], "type": "object" }, - "AWS::QuickSight::Template.PanelConfiguration": { + "AWS::QuickSight::Analysis.SimpleClusterMarker": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", - "title": "BackgroundColor", - "type": "string" - }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", - "type": "string" - }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", - "type": "string" - }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", - "type": "string" - }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" - }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", - "type": "string" - }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", - "type": "string" - }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" } }, "type": "object" }, - "AWS::QuickSight::Template.PanelTitleOptions": { + "AWS::QuickSight::Analysis.SingleAxisOptions": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "", - "title": "FontConfiguration" - }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", - "type": "string" - }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", - "type": "string" + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterControl": { + "AWS::QuickSight::Analysis.SliderControlDisplayOptions": { "additionalProperties": false, "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" - }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" - }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterDateTimePickerControl": { + "AWS::QuickSight::Analysis.SmallMultiplesAxisProperties": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", "type": "string" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.ParameterDeclaration": { + "AWS::QuickSight::Analysis.SmallMultiplesOptions": { "additionalProperties": false, "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", + "type": "number" }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" + }, + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterDropDownControl": { + "AWS::QuickSight::Analysis.Spacing": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", "type": "string" }, - "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", "type": "string" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.ParameterListControl": { + "AWS::QuickSight::Analysis.SpatialStaticFile": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileSource", + "markdownDescription": "The source of the spatial static file.", + "title": "Source" }, - "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", + "StaticFileId": { + "markdownDescription": "The ID of the spatial static file.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "StaticFileId" ], "type": "object" }, - "AWS::QuickSight::Template.ParameterSelectableValues": { + "AWS::QuickSight::Analysis.StaticFile": { "additionalProperties": false, "properties": { - "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" + "ImageStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageStaticFile", + "markdownDescription": "The image static file.", + "title": "ImageStaticFile" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", - "type": "array" + "SpatialStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SpatialStaticFile", + "markdownDescription": "The spacial static file.", + "title": "SpatialStaticFile" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterSliderControl": { + "AWS::QuickSight::Analysis.StaticFileS3SourceOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket.", + "title": "BucketName", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", + "ObjectKey": { + "markdownDescription": "The identifier of the static file in the Amazon S3 bucket.", + "title": "ObjectKey", "type": "string" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" - }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", + "Region": { + "markdownDescription": "The Region of the Amazon S3 account that contains the bucket.", + "title": "Region", "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" + "BucketName", + "ObjectKey", + "Region" ], "type": "object" }, - "AWS::QuickSight::Template.ParameterTextAreaControl": { + "AWS::QuickSight::Analysis.StaticFileSource": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", - "type": "string" + "S3Options": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileS3SourceOptions", + "markdownDescription": "The structure that contains the Amazon S3 location to download the static file from.", + "title": "S3Options" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", - "type": "string" + "UrlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileUrlSourceOptions", + "markdownDescription": "The structure that contains the URL to download the static file from.", + "title": "UrlOptions" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.ParameterTextFieldControl": { + "AWS::QuickSight::Analysis.StaticFileUrlSourceOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", + "Url": { + "markdownDescription": "The URL to download the static file from.", + "title": "Url", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Url" ], "type": "object" }, - "AWS::QuickSight::Template.PercentVisibleRange": { + "AWS::QuickSight::Analysis.StringDefaultValues": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", - "type": "number" + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.PercentageDisplayFormatConfiguration": { + "AWS::QuickSight::Analysis.StringFormatConfiguration": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", - "type": "string" - }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", - "type": "string" + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.PercentileAggregation": { + "AWS::QuickSight::Analysis.StringParameter": { "additionalProperties": false, "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", - "type": "number" + "Name": { + "markdownDescription": "A display name for a string parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values of a string parameter.", + "title": "Values", + "type": "array" } }, + "required": [ + "Name", + "Values" + ], "type": "object" }, - "AWS::QuickSight::Template.PeriodOverPeriodComputation": { + "AWS::QuickSight::Analysis.StringParameterDeclaration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" }, "Name": { - "markdownDescription": "The name of a computation.", + "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "ComputationId" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::QuickSight::Template.PeriodToDateComputation": { + "AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", "type": "string" }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Template.PieChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.SubtotalOptions": { "additionalProperties": false, "properties": { - "Category": { + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", + "type": "string" + }, + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", + "type": "string" + }, + "FieldLevelOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions" }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", "type": "array" }, - "SmallMultiples": { + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" + }, + "StyleTargets": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableStyleTarget" }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", + "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", "type": "array" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartConfiguration": { + "AWS::QuickSight::Analysis.TableBorderOptions": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" - }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", + "type": "string" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", + "type": "string" }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableCellImageSizingConfiguration": { + "additionalProperties": false, + "properties": { + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableCellStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color for the table cells.", + "title": "BackgroundColor", + "type": "string" + }, + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" + }, + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" + }, + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", + "type": "string" + }, + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" + }, + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", "title": "SortConfiguration" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableInlineVisualization" + }, + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartFieldWells": { + "AWS::QuickSight::Analysis.TableFieldCustomIconContent": { "additionalProperties": false, "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartSortConfiguration": { + "AWS::QuickSight::Analysis.TableFieldCustomTextContent": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" }, - "CategorySort": { + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "FontConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldImageConfiguration": { + "additionalProperties": false, + "properties": { + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldLinkConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" + }, + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Content", + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration": { + "additionalProperties": false, + "properties": { + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" + }, + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", + "type": "string" + }, + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" + }, + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldOptions": { + "additionalProperties": false, + "properties": { + "Order": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", "type": "array" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" }, - "SmallMultiplesSort": { + "SelectedFieldOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOption" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" + }, + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartVisual": { + "AWS::QuickSight::Analysis.TableFieldURLConfiguration": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldWells": { + "additionalProperties": false, + "properties": { + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" + }, + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableInlineVisualization": { + "additionalProperties": false, + "properties": { + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" + }, + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" + }, + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TablePinnedFieldOptions": { + "additionalProperties": false, + "properties": { + "PinnedLeftFields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableRowConditionalFormatting": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableSideBorderOptions": { + "additionalProperties": false, + "properties": { + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" + }, + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" + }, + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" + }, + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" + }, + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" + }, + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableSortConfiguration": { + "additionalProperties": false, + "properties": { + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableStyleTarget": { + "additionalProperties": false, + "properties": { + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", + "type": "string" + } + }, + "required": [ + "CellType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" + }, + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } @@ -218001,4380 +232278,41432 @@ ], "type": "object" }, - "AWS::QuickSight::Template.PivotFieldSortOptions": { + "AWS::QuickSight::Analysis.TextAreaControlDisplayOptions": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TextConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" + }, + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TextControlPlaceholderOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TextFieldControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ThousandSeparatorOptions": { + "additionalProperties": false, + "properties": { + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeBasedForecastProperties": { + "additionalProperties": false, + "properties": { + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeEqualityFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", + "type": "string" } }, "required": [ - "FieldId", - "SortBy" + "Column", + "FilterId" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableAggregatedFieldWells": { + "AWS::QuickSight::Analysis.TimeRangeDrillDownFilter": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", - "type": "array" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", - "type": "array" + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", - "type": "array" + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" } }, + "required": [ + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableCellConditionalFormatting": { + "AWS::QuickSight::Analysis.TimeRangeFilter": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope" - }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", - "type": "array" + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" } }, "required": [ - "FieldId" + "Column", + "FilterId", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableConditionalFormatting": { + "AWS::QuickSight::Analysis.TimeRangeFilterValue": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableConditionalFormattingOption": { + "AWS::QuickSight::Analysis.TooltipItem": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" + }, + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableConditionalFormattingScope": { + "AWS::QuickSight::Analysis.TooltipOptions": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" + }, + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableConfiguration": { + "AWS::QuickSight::Analysis.TopBottomFilter": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationSortConfiguration" + }, + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", + "type": "number" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" } }, + "required": [ + "AggregationSortConfigurations", + "Column", + "FilterId" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableDataPathOption": { + "AWS::QuickSight::Analysis.TopBottomMoversComputation": { "additionalProperties": false, "properties": { - "DataPathList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TopBottomRankedComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalAggregationComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalAggregationOption": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", + "type": "string" + }, + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" + } + }, + "required": [ + "FieldId", + "TotalAggregationFunction" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation settings for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "Cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", + "type": "string" + } + }, + "required": [ + "ColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", + "type": "array" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", + "type": "array" + }, + "Sizes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", + "title": "ColorLabelOptions" + }, + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapFieldWells": { + "additionalProperties": false, + "properties": { + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "TreeMapGroupItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" + }, + "TreeMapSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TrendArrowOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the trend arrows.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.UnaggregatedField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.UniqueValuesComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ValidationStrategy": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.VisibleRangeOptions": { + "additionalProperties": false, + "properties": { + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.Visual": { + "additionalProperties": false, + "properties": { + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" + }, + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" + }, + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" + }, + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" + }, + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" + }, + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" + }, + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" + }, + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" + }, + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" + }, + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" + }, + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" + }, + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" + }, + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" + }, + "LayerMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerMapVisual", + "markdownDescription": "The properties for a layer map visual", + "title": "LayerMapVisual" + }, + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" + }, + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" + }, + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualInteractionOptions": { + "additionalProperties": false, + "properties": { + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualPalette": { + "additionalProperties": false, + "properties": { + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", + "type": "string" + }, + "ColorMap": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathColor" + }, + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualSubtitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualTitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the title label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Breakdowns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", + "type": "array" + }, + "Categories": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a waterfall visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" + }, + "CategoryAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" + }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a waterfall visual.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend configuration of a waterfall visual.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", + "title": "SortConfiguration" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a waterfall visual.", + "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartFieldWells": { + "additionalProperties": false, + "properties": { + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartGroupColorConfiguration": { + "additionalProperties": false, + "properties": { + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" + }, + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartOptions": { + "additionalProperties": false, + "properties": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.WhatIfPointScenario": { + "additionalProperties": false, + "properties": { + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Date", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.WhatIfRangeScenario": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "EndDate", + "StartDate", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", + "title": "Size", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" + }, + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudFieldWells": { + "additionalProperties": false, + "properties": { + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudOptions": { + "additionalProperties": false, + "properties": { + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", + "type": "string" + }, + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" + }, + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", + "type": "string" + }, + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", + "type": "string" + }, + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", + "type": "string" + }, + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.YAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", + "type": "string" + } + }, + "required": [ + "YAxis" + ], + "type": "object" + }, + "AWS::QuickSight::CustomPermissions": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account that contains the custom permission configuration that you want to update.", + "title": "AwsAccountId", + "type": "string" + }, + "Capabilities": { + "$ref": "#/definitions/AWS::QuickSight::CustomPermissions.Capabilities", + "markdownDescription": "A set of actions in the custom permissions profile.", + "title": "Capabilities" + }, + "CustomPermissionsName": { + "markdownDescription": "The name of the custom permissions profile.", + "title": "CustomPermissionsName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the custom permissions profile.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AwsAccountId", + "CustomPermissionsName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::CustomPermissions" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::CustomPermissions.Capabilities": { + "additionalProperties": false, + "properties": { + "AddOrRunAnomalyDetectionForAnalyses": { + "markdownDescription": "The ability to add or run anomaly detection.", + "title": "AddOrRunAnomalyDetectionForAnalyses", + "type": "string" + }, + "CreateAndUpdateDashboardEmailReports": { + "markdownDescription": "The ability to create and update email reports.", + "title": "CreateAndUpdateDashboardEmailReports", + "type": "string" + }, + "CreateAndUpdateDataSources": { + "markdownDescription": "The ability to create and update data sources.", + "title": "CreateAndUpdateDataSources", + "type": "string" + }, + "CreateAndUpdateDatasets": { + "markdownDescription": "The ability to create and update datasets.", + "title": "CreateAndUpdateDatasets", + "type": "string" + }, + "CreateAndUpdateThemes": { + "markdownDescription": "The ability to export to Create and Update themes.", + "title": "CreateAndUpdateThemes", + "type": "string" + }, + "CreateAndUpdateThresholdAlerts": { + "markdownDescription": "The ability to create and update threshold alerts.", + "title": "CreateAndUpdateThresholdAlerts", + "type": "string" + }, + "CreateSPICEDataset": { + "markdownDescription": "The ability to create a SPICE dataset.", + "title": "CreateSPICEDataset", + "type": "string" + }, + "CreateSharedFolders": { + "markdownDescription": "The ability to create shared folders.", + "title": "CreateSharedFolders", + "type": "string" + }, + "ExportToCsv": { + "markdownDescription": "The ability to export to CSV files from the UI.", + "title": "ExportToCsv", + "type": "string" + }, + "ExportToCsvInScheduledReports": { + "markdownDescription": "The ability to export to CSV files in scheduled email reports.", + "title": "ExportToCsvInScheduledReports", + "type": "string" + }, + "ExportToExcel": { + "markdownDescription": "The ability to export to Excel files from the UI.", + "title": "ExportToExcel", + "type": "string" + }, + "ExportToExcelInScheduledReports": { + "markdownDescription": "The ability to export to Excel files in scheduled email reports.", + "title": "ExportToExcelInScheduledReports", + "type": "string" + }, + "ExportToPdf": { + "markdownDescription": "The ability to export to PDF files from the UI.", + "title": "ExportToPdf", + "type": "string" + }, + "ExportToPdfInScheduledReports": { + "markdownDescription": "The ability to export to PDF files in scheduled email reports.", + "title": "ExportToPdfInScheduledReports", + "type": "string" + }, + "IncludeContentInScheduledReportsEmail": { + "markdownDescription": "The ability to include content in scheduled email reports.", + "title": "IncludeContentInScheduledReportsEmail", + "type": "string" + }, + "PrintReports": { + "markdownDescription": "The ability to print reports.", + "title": "PrintReports", + "type": "string" + }, + "RenameSharedFolders": { + "markdownDescription": "The ability to rename shared folders.", + "title": "RenameSharedFolders", + "type": "string" + }, + "ShareAnalyses": { + "markdownDescription": "The ability to share analyses.", + "title": "ShareAnalyses", + "type": "string" + }, + "ShareDashboards": { + "markdownDescription": "The ability to share dashboards.", + "title": "ShareDashboards", + "type": "string" + }, + "ShareDataSources": { + "markdownDescription": "The ability to share data sources.", + "title": "ShareDataSources", + "type": "string" + }, + "ShareDatasets": { + "markdownDescription": "The ability to share datasets.", + "title": "ShareDatasets", + "type": "string" + }, + "SubscribeDashboardEmailReports": { + "markdownDescription": "The ability to subscribe to email reports.", + "title": "SubscribeDashboardEmailReports", + "type": "string" + }, + "ViewAccountSPICECapacity": { + "markdownDescription": "The ability to view account SPICE capacity.", + "title": "ViewAccountSPICECapacity", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you want to create the dashboard.", + "title": "AwsAccountId", + "type": "string" + }, + "DashboardId": { + "markdownDescription": "The ID for the dashboard, also added to the IAM policy.", + "title": "DashboardId", + "type": "string" + }, + "DashboardPublishOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardPublishOptions", + "markdownDescription": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default.", + "title": "DashboardPublishOptions" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVersionDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "LinkEntities": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard.", + "title": "LinkEntities", + "type": "array" + }, + "LinkSharingConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LinkSharingConfiguration", + "markdownDescription": "A structure that contains the link sharing configurations that you want to apply overrides to.", + "title": "LinkSharingConfiguration" + }, + "Name": { + "markdownDescription": "The display name of the dashboard.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Parameters", + "markdownDescription": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values.", + "title": "Parameters" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" + }, + "markdownDescription": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list.", + "title": "Permissions", + "type": "array" + }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceEntity", + "markdownDescription": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.", + "title": "SourceEntity" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard.", + "title": "Tags", + "type": "array" + }, + "ThemeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard.", + "title": "ThemeArn", + "type": "string" + }, + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + }, + "VersionDescription": { + "markdownDescription": "A description for the first version of the dashboard being created.", + "title": "VersionDescription", + "type": "string" + } + }, + "required": [ + "AwsAccountId", + "DashboardId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Dashboard" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AdHocFilteringOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "Availability status.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AggregationFunction": { + "additionalProperties": false, + "properties": { + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" + }, + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" + }, + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", + "type": "string" + }, + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AggregationSortConfiguration": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" + }, + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", + "type": "string" + } + }, + "required": [ + "Column", + "SortDirection" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AnalysisDefaults": { + "additionalProperties": false, + "properties": { + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" + } + }, + "required": [ + "DefaultNewSheetConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AnchorDateConfiguration": { + "additionalProperties": false, + "properties": { + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcAxisConfiguration": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" + }, + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcAxisDisplayRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcConfiguration": { + "additionalProperties": false, + "properties": { + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", + "type": "number" + }, + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcOptions": { + "additionalProperties": false, + "properties": { + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AssetOptions": { + "additionalProperties": false, + "properties": { + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", + "type": "string" + }, + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AttributeAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", + "type": "string" + }, + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDataOptions": { + "additionalProperties": false, + "properties": { + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" + }, + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", + "type": "number" + }, + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", + "type": "string" + }, + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", + "type": "string" + }, + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" + }, + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", + "type": "string" + }, + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" + }, + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayRange": { + "additionalProperties": false, + "properties": { + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" + }, + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLabelOptions": { + "additionalProperties": false, + "properties": { + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" + }, + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLabelReferenceOptions": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The field that the axis label is targeted to.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLinearScale": { + "additionalProperties": false, + "properties": { + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLogarithmicScale": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisScale": { + "additionalProperties": false, + "properties": { + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" + }, + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisTickLabelOptions": { + "additionalProperties": false, + "properties": { + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" + }, + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", + "type": "string" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartFieldWells": { + "additionalProperties": false, + "properties": { + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BinCountOptions": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BinWidthOptions": { + "additionalProperties": false, + "properties": { + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", + "type": "number" + }, + "Value": { + "markdownDescription": "The options that determine the bin width value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" + }, + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" + }, + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" + } + }, + "required": [ + "Content", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionContent": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionDynamicCategoryDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionDynamicNumericDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionRepeatConfiguration": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" + }, + "NonRepeatingVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", + "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionRepeatDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" + }, + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionRepeatPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotChartConfiguration": { + "additionalProperties": false, + "properties": { + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotFieldWells": { + "additionalProperties": false, + "properties": { + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotOptions": { + "additionalProperties": false, + "properties": { + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", + "type": "string" + }, + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", + "type": "string" + }, + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of a group by fields.", + "title": "CategorySort", + "type": "array" + }, + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotStyleOptions": { + "additionalProperties": false, + "properties": { + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CalculatedField": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CalculatedMeasureField": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Expression", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CascadingControlConfiguration": { + "additionalProperties": false, + "properties": { + "SourceControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlSource" + }, + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CascadingControlSource": { + "additionalProperties": false, + "properties": { + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" + }, + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoricalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoricalMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryDrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + } + }, + "required": [ + "CategoryValues", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + } + }, + "required": [ + "Column", + "Configuration", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" + }, + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" + }, + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryInnerFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" + } + }, + "required": [ + "Column", + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ChartAxisLabelOptions": { + "additionalProperties": false, + "properties": { + "AxisLabelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelOptions" + }, + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", + "type": "array" + }, + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ClusterMarker": { + "additionalProperties": false, + "properties": { + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ClusterMarkerConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColorScale": { + "additionalProperties": false, + "properties": { + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", + "type": "string" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor" + }, + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", + "type": "array" + }, + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" + } + }, + "required": [ + "ColorFillType", + "Colors" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColorsConfiguration": { + "additionalProperties": false, + "properties": { + "CustomColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomColor" + }, + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnConfiguration": { + "additionalProperties": false, + "properties": { + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column.", + "title": "Column" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" + }, + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", + "type": "string" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnHierarchy": { + "additionalProperties": false, + "properties": { + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" + }, + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" + }, + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnIdentifier": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", + "type": "string" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", + "type": "string" + } + }, + "required": [ + "ColumnName", + "DataSetIdentifier" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnSort": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" + }, + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" + } + }, + "required": [ + "Direction", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnTooltipItem": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "BarValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", + "type": "array" + }, + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated category field wells of a combo chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", + "type": "array" + }, + "LineValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" + }, + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartFieldWells": { + "additionalProperties": false, + "properties": { + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the color field well in a combo chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComparisonConfiguration": { + "additionalProperties": false, + "properties": { + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" + }, + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComparisonFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.Computation": { + "additionalProperties": false, + "properties": { + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" + }, + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" + }, + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" + }, + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" + }, + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" + }, + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" + }, + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingColor": { + "additionalProperties": false, + "properties": { + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", + "type": "string" + }, + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" + }, + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", + "type": "string" + }, + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" + } + }, + "required": [ + "Expression", + "IconOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", + "type": "string" + }, + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor": { + "additionalProperties": false, + "properties": { + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" + }, + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Color", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingIcon": { + "additionalProperties": false, + "properties": { + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" + }, + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration": { + "additionalProperties": false, + "properties": { + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingIconSet": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", + "type": "string" + }, + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for solid color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ContextMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ContributionAnalysisDefault": { + "additionalProperties": false, + "properties": { + "ContributorDimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", + "type": "array" + }, + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", + "type": "string" + } + }, + "required": [ + "ContributorDimensions", + "MeasureFieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomActionFilterOperation": { + "additionalProperties": false, + "properties": { + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" + }, + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" + } + }, + "required": [ + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomActionNavigationOperation": { + "additionalProperties": false, + "properties": { + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomActionSetParametersOperation": { + "additionalProperties": false, + "properties": { + "ParameterValueConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SetParameterValueConfiguration" + }, + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", + "type": "array" + } + }, + "required": [ + "ParameterValueConfigurations" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomActionURLOperation": { + "additionalProperties": false, + "properties": { + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", + "type": "string" + }, + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", + "type": "string" + } + }, + "required": [ + "URLTarget", + "URLTemplate" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", + "type": "string" + }, + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomContentConfiguration": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", + "type": "string" + }, + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", + "type": "string" + }, + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomContentVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", + "type": "string" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomFilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomNarrativeOptions": { + "additionalProperties": false, + "properties": { + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", + "type": "string" + } + }, + "required": [ + "Narrative" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomParameterValues": { + "additionalProperties": false, + "properties": { + "DateTimeValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", + "type": "array" + }, + "DecimalValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", + "type": "array" + }, + "IntegerValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", + "type": "array" + }, + "StringValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomValuesConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" + }, + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" + } + }, + "required": [ + "CustomValues" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardError": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Message.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "Type.", + "title": "Type", + "type": "string" + }, + "ViolatedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Entity" + }, + "markdownDescription": "Lists the violated entities that caused the dashboard error.", + "title": "ViolatedEntities", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardPublishOptions": { + "additionalProperties": false, + "properties": { + "AdHocFilteringOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AdHocFilteringOption", + "markdownDescription": "Ad hoc (one-time) filtering option.", + "title": "AdHocFilteringOption" + }, + "DataPointDrillUpDownOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointDrillUpDownOption", + "markdownDescription": "The drill-down options of data points in a dashboard.", + "title": "DataPointDrillUpDownOption" + }, + "DataPointMenuLabelOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointMenuLabelOption", + "markdownDescription": "The data point menu label options of a dashboard.", + "title": "DataPointMenuLabelOption" + }, + "DataPointTooltipOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointTooltipOption", + "markdownDescription": "The data point tool tip options of a dashboard.", + "title": "DataPointTooltipOption" + }, + "ExportToCSVOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportToCSVOption", + "markdownDescription": "Export to .csv option.", + "title": "ExportToCSVOption" + }, + "ExportWithHiddenFieldsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption", + "markdownDescription": "Determines if hidden fields are exported with a dashboard.", + "title": "ExportWithHiddenFieldsOption" + }, + "SheetControlsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlsOption", + "markdownDescription": "Sheet controls option.", + "title": "SheetControlsOption" + }, + "SheetLayoutElementMaximizationOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption", + "markdownDescription": "The sheet layout maximization options of a dashbaord.", + "title": "SheetLayoutElementMaximizationOption" + }, + "VisualAxisSortOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualAxisSortOption", + "markdownDescription": "The axis sort options of a dashboard.", + "title": "VisualAxisSortOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", + "markdownDescription": "The menu options of a visual in a dashboard.", + "title": "VisualMenuOption" + }, + "VisualPublishOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVisualPublishOptions", + "markdownDescription": "The visual publish options of a visual in a dashboard.", + "title": "VisualPublishOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardSourceEntity": { + "additionalProperties": false, + "properties": { + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceTemplate", + "markdownDescription": "Source template.", + "title": "SourceTemplate" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardSourceTemplate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetReference" + }, + "markdownDescription": "Dataset references.", + "title": "DataSetReferences", + "type": "array" + } + }, + "required": [ + "Arn", + "DataSetReferences" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardVersion": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "The time that this dashboard version was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Numbers (ARNs) for the datasets that are associated with this version of the dashboard.", + "title": "DataSetArns", + "type": "array" + }, + "Description": { + "markdownDescription": "Description.", + "title": "Description", + "type": "string" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardError" + }, + "markdownDescription": "Errors associated with this dashboard version.", + "title": "Errors", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, + "SourceEntityArn": { + "markdownDescription": "Source entity ARN.", + "title": "SourceEntityArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The HTTP status of the request.", + "title": "Status", + "type": "string" + }, + "ThemeArn": { + "markdownDescription": "The ARN of the theme associated with a version of the dashboard.", + "title": "ThemeArn", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "Version number for this version of the dashboard.", + "title": "VersionNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardVersionDefinition": { + "additionalProperties": false, + "properties": { + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" + }, + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedField" + }, + "markdownDescription": "An array of calculated field definitions for the dashboard.", + "title": "CalculatedFields", + "type": "array" + }, + "ColumnConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnConfiguration" + }, + "markdownDescription": "An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard.", + "title": "ColumnConfigurations", + "type": "array" + }, + "DataSetIdentifierDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration" + }, + "markdownDescription": "An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures.", + "title": "DataSetIdentifierDeclarations", + "type": "array" + }, + "FilterGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterGroup" + }, + "markdownDescription": "The filter definitions for a dashboard.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AssetOptions", + "markdownDescription": "An array of option definitions for a dashboard.", + "title": "Options" + }, + "ParameterDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDeclaration" + }, + "markdownDescription": "The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for a dashboard.", + "title": "Sheets", + "type": "array" + }, + "StaticFiles": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFile" + }, + "markdownDescription": "The static files for the definition.", + "title": "StaticFiles", + "type": "array" + } + }, + "required": [ + "DataSetIdentifierDeclarations" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardVisualPublishOptions": { + "additionalProperties": false, + "properties": { + "ExportHiddenFieldsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportHiddenFieldsOption", + "markdownDescription": "Determines if hidden fields are included in an exported dashboard.", + "title": "ExportHiddenFieldsOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataBarsOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", + "type": "string" + }, + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", + "type": "string" + }, + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataFieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataLabelOptions": { + "additionalProperties": false, + "properties": { + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", + "type": "string" + }, + "DataLabelTypes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelType" + }, + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", + "type": "array" + }, + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", + "type": "string" + }, + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", + "type": "string" + }, + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the data labels.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataLabelType": { + "additionalProperties": false, + "properties": { + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" + }, + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" + }, + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" + }, + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" + }, + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", + "type": "string" + }, + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Color", + "Element" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", + "type": "string" + }, + "SortPaths": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + }, + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", + "type": "array" + } + }, + "required": [ + "Direction", + "SortPaths" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathType": { + "additionalProperties": false, + "properties": { + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathValue": { + "additionalProperties": false, + "properties": { + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPointDrillUpDownOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the drill down options of data points.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPointMenuLabelOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the data point menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPointTooltipOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the data point tool tip options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", + "title": "DataSetArn", + "type": "string" + }, + "Identifier": { + "markdownDescription": "The identifier of the data set, typically the data set's name.", + "title": "Identifier", + "type": "string" + } + }, + "required": [ + "DataSetArn", + "Identifier" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataSetReference": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", + "type": "string" + }, + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", + "type": "string" + } + }, + "required": [ + "DataSetArn", + "DataSetPlaceholder" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateAxisOptions": { + "additionalProperties": false, + "properties": { + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" + }, + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", + "type": "string" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeHierarchy": { + "additionalProperties": false, + "properties": { + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for the date-time parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values for the date-time parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", + "type": "string" + }, + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", + "type": "string" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for the decimal parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the decimal parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalPlacesConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" + } + }, + "required": [ + "DecimalPlaces" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "Type": { + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration": { + "additionalProperties": false, + "properties": { + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" + }, + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ControlOptions", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFilterControlOptions": { + "additionalProperties": false, + "properties": { + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" + }, + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" + }, + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" + }, + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" + }, + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" + }, + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" + }, + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFilterListControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" + }, + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration": { + "additionalProperties": false, + "properties": { + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" + }, + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" + }, + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultSliderControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "MaximumValue", + "MinimumValue", + "StepSize" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" + }, + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", + "type": "string" + }, + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" + }, + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DimensionField": { + "additionalProperties": false, + "properties": { + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" + }, + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" + }, + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DonutCenterOptions": { + "additionalProperties": false, + "properties": { + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DonutOptions": { + "additionalProperties": false, + "properties": { + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" + }, + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DropDownControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DynamicDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" + }, + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" + }, + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" + } + }, + "required": [ + "DefaultValueColumn" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.EmptyVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.Entity": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExcludePeriodConfiguration": { + "additionalProperties": false, + "properties": { + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", + "type": "number" + }, + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Amount", + "Granularity" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExplicitHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExportHiddenFieldsOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the export hidden fields options of a dashbaord.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExportToCSVOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "Availability status.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the export with hidden fields options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldBasedTooltip": { + "additionalProperties": false, + "properties": { + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", + "type": "string" + }, + "TooltipFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipItem" + }, + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", + "type": "array" + }, + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the field label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", + "title": "FieldId", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Direction", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldSortOptions": { + "additionalProperties": false, + "properties": { + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" + }, + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldTooltipItem": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", + "type": "string" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "required": [ + "ConditionalFormattingOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" + } + }, + "required": [ + "Shape" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapFieldWells": { + "additionalProperties": false, + "properties": { + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", + "type": "string" + }, + "Format": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the location fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.Filter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" + }, + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" + }, + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" + }, + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" + }, + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterControl": { + "additionalProperties": false, + "properties": { + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" + }, + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterCrossSheetControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterDropDownControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterGroup": { + "additionalProperties": false, + "properties": { + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", + "type": "string" + }, + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Filter" + }, + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", + "type": "array" + }, + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" + }, + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterListControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration": { + "additionalProperties": false, + "properties": { + "SelectedColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", + "type": "array" + }, + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", + "type": "string" + }, + "SelectedFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration": { + "additionalProperties": false, + "properties": { + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" + }, + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterSelectableValues": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", + "type": "string" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterTextAreaControl": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FontConfiguration": { + "additionalProperties": false, + "properties": { + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", + "type": "string" + }, + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", + "type": "string" + }, + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", + "type": "string" + }, + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" + }, + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", + "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FontSize": { + "additionalProperties": false, + "properties": { + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", + "type": "string" + }, + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FontWeight": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ForecastComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", + "type": "number" + }, + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ForecastConfiguration": { + "additionalProperties": false, + "properties": { + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" + }, + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ForecastScenario": { + "additionalProperties": false, + "properties": { + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" + }, + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FormatConfiguration": { + "additionalProperties": false, + "properties": { + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" + }, + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" + }, + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutElement": { + "additionalProperties": false, + "properties": { + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" + }, + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", + "type": "string" + }, + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" + }, + "RenderingRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementRenderingRule" + }, + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", + "type": "array" + }, + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" + }, + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", + "type": "string" + }, + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" + }, + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", + "type": "string" + } + }, + "required": [ + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" + } + }, + "required": [ + "OptimizedViewPortWidth" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", + "title": "CategoryLabelOptions" + }, + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions": { + "additionalProperties": false, + "properties": { + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", + "type": "string" + }, + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", + "type": "string" + }, + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartFieldWells": { + "additionalProperties": false, + "properties": { + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", + "type": "string" + }, + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartConfiguration": { + "additionalProperties": false, + "properties": { + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", + "title": "FieldWells" + }, + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "TooltipOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartOptions": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" + }, + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" + }, + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCategoricalColor": { + "additionalProperties": false, + "properties": { + "CategoryDataColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCategoricalDataColor" + }, + "markdownDescription": "A list of categorical data colors for each category.", + "title": "CategoryDataColors", + "type": "array" + }, + "DefaultOpacity": { + "markdownDescription": "The default opacity of a categorical color.", + "title": "DefaultOpacity", + "type": "number" + }, + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", + "type": "string" + } + }, + "required": [ + "CategoryDataColors" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCategoricalDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the category data color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value for the category data color.", + "title": "DataValue", + "type": "string" + } + }, + "required": [ + "Color", + "DataValue" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCircleRadius": { + "additionalProperties": false, + "properties": { + "Radius": { + "markdownDescription": "The positive value for the radius of a circle.", + "title": "Radius", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCircleSymbolStyle": { + "additionalProperties": false, + "properties": { + "CircleRadius": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCircleRadius", + "markdownDescription": "The radius of the circle.", + "title": "CircleRadius" + }, + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width of the stroke (border).", + "title": "StrokeWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialColor": { + "additionalProperties": false, + "properties": { + "Categorical": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCategoricalColor", + "markdownDescription": "The visualization properties for the categorical color.", + "title": "Categorical" + }, + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialGradientColor", + "markdownDescription": "The visualization properties for the gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialSolidColor", + "markdownDescription": "The visualization properties for the solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCoordinateBounds": { + "additionalProperties": false, + "properties": { + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" + }, + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" + }, + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" + }, + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" + } + }, + "required": [ + "East", + "North", + "South", + "West" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialDataSourceItem": { + "additionalProperties": false, + "properties": { + "StaticFileDataSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialStaticFileSource", + "markdownDescription": "The static file data source properties for the geospatial data.", + "title": "StaticFileDataSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialGradientColor": { + "additionalProperties": false, + "properties": { + "DefaultOpacity": { + "markdownDescription": "The default opacity for the gradient color.", + "title": "DefaultOpacity", + "type": "number" + }, + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", + "type": "string" + }, + "StepColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialGradientStepColor" + }, + "markdownDescription": "A list of gradient step colors for the gradient.", + "title": "StepColors", + "type": "array" + } + }, + "required": [ + "StepColors" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialGradientStepColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the gradient step color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value for the gradient step color.", + "title": "DataValue", + "type": "number" + } + }, + "required": [ + "Color", + "DataValue" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor" + }, + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration": { + "additionalProperties": false, + "properties": { + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLayerColorField": { + "additionalProperties": false, + "properties": { + "ColorDimensionsFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "A list of color dimension fields.", + "title": "ColorDimensionsFields", + "type": "array" + }, + "ColorValuesFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "A list of color measure fields.", + "title": "ColorValuesFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLayerDefinition": { + "additionalProperties": false, + "properties": { + "LineLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineLayer", + "markdownDescription": "The definition for a line layer.", + "title": "LineLayer" + }, + "PointLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointLayer", + "markdownDescription": "The definition for a point layer.", + "title": "PointLayer" + }, + "PolygonLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonLayer", + "markdownDescription": "The definition for a polygon layer.", + "title": "PolygonLayer" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLayerItem": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerCustomAction" + }, + "markdownDescription": "A list of custom actions for a layer.", + "title": "Actions", + "type": "array" + }, + "DataSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialDataSourceItem", + "markdownDescription": "The data source for the layer.", + "title": "DataSource" + }, + "JoinDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerJoinDefinition", + "markdownDescription": "The join definition properties for a layer.", + "title": "JoinDefinition" + }, + "Label": { + "markdownDescription": "The label that is displayed for the layer.", + "title": "Label", + "type": "string" + }, + "LayerDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerDefinition", + "markdownDescription": "The definition properties for a layer.", + "title": "LayerDefinition" + }, + "LayerId": { + "markdownDescription": "The ID of the layer.", + "title": "LayerId", + "type": "string" + }, + "LayerType": { + "markdownDescription": "The layer type.", + "title": "LayerType", + "type": "string" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "", + "title": "Tooltip" + }, + "Visibility": { + "markdownDescription": "The state of visibility for the layer.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "LayerId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLayerJoinDefinition": { + "additionalProperties": false, + "properties": { + "ColorField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerColorField", + "markdownDescription": "The geospatial color field for the join definition.", + "title": "ColorField" + }, + "DatasetKeyField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField", + "markdownDescription": "", + "title": "DatasetKeyField" + }, + "ShapeKeyField": { + "markdownDescription": "The name of the field or property in the geospatial data source.", + "title": "ShapeKeyField", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLayerMapConfiguration": { + "additionalProperties": false, + "properties": { + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "MapLayers": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerItem" + }, + "markdownDescription": "The geospatial layers to visualize on the map.", + "title": "MapLayers", + "type": "array" + }, + "MapState": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapState", + "markdownDescription": "The map state properties for the map.", + "title": "MapState" + }, + "MapStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyle", + "markdownDescription": "The map style properties for the map.", + "title": "MapStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLineLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineStyle", + "markdownDescription": "The visualization style for a line layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLineStyle": { + "additionalProperties": false, + "properties": { + "LineSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineSymbolStyle", + "markdownDescription": "The symbol style for a line style.", + "title": "LineSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLineSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "LineWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width value for a line.", + "title": "LineWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLineWidth": { + "additionalProperties": false, + "properties": { + "LineWidth": { + "markdownDescription": "The positive value for the width of a line.", + "title": "LineWidth", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", + "type": "array" + }, + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" + }, + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "", + "title": "VisualPalette" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapFieldWells": { + "additionalProperties": false, + "properties": { + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapState": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", + "markdownDescription": "", + "title": "Bounds" + }, + "MapNavigation": { + "markdownDescription": "Enables or disables map navigation for a map.", + "title": "MapNavigation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color and opacity values for a map.", + "title": "BackgroundColor", + "type": "string" + }, + "BaseMapStyle": { + "markdownDescription": "The selected base map style.", + "title": "BaseMapStyle", + "type": "string" + }, + "BaseMapVisibility": { + "markdownDescription": "The state of visibility for the base map.", + "title": "BaseMapVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapStyleOptions": { + "additionalProperties": false, + "properties": { + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialNullDataSettings": { + "additionalProperties": false, + "properties": { + "SymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullSymbolStyle", + "markdownDescription": "The symbol style for null data.", + "title": "SymbolStyle" + } + }, + "required": [ + "SymbolStyle" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialNullSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor", + "type": "string" + }, + "StrokeColor": { + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor", + "type": "string" + }, + "StrokeWidth": { + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPointLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyle", + "markdownDescription": "The visualization style for a point layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPointStyle": { + "additionalProperties": false, + "properties": { + "CircleSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCircleSymbolStyle", + "markdownDescription": "The circle symbol style for a point layer.", + "title": "CircleSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPointStyleOptions": { + "additionalProperties": false, + "properties": { + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" + }, + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" + }, + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPolygonLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonStyle", + "markdownDescription": "The visualization style for a polygon layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPolygonStyle": { + "additionalProperties": false, + "properties": { + "PolygonSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonSymbolStyle", + "markdownDescription": "The polygon symbol style for a polygon layer.", + "title": "PolygonSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPolygonSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialSolidColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the color.", + "title": "Color", + "type": "string" + }, + "State": { + "markdownDescription": "Enables and disables the view state of the color.", + "title": "State", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialWindowOptions": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" + }, + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GlobalTableBorderOptions": { + "additionalProperties": false, + "properties": { + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" + }, + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GradientColor": { + "additionalProperties": false, + "properties": { + "Stops": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientStop" + }, + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GradientStop": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", + "type": "number" + }, + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", + "type": "number" + } + }, + "required": [ + "GradientOffset" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutElement" + }, + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GridLayoutElement": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" + }, + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" + } + }, + "required": [ + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" + }, + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", + "type": "string" + } + }, + "required": [ + "ResizeOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GrowthRateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", + "type": "number" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" + }, + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" + } + }, + "required": [ + "Layout", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well of a heat map.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" + }, + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapFieldWells": { + "additionalProperties": false, + "properties": { + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" + }, + "HeatMapColumnSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", + "type": "array" + }, + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" + }, + "HeatMapRowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramBinOptions": { + "additionalProperties": false, + "properties": { + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" + }, + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" + }, + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramConfiguration": { + "additionalProperties": false, + "properties": { + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramFieldWells": { + "additionalProperties": false, + "properties": { + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageCustomActionOperation": { + "additionalProperties": false, + "properties": { + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageInteractionOptions": { + "additionalProperties": false, + "properties": { + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileSource", + "markdownDescription": "The source of the image static file.", + "title": "Source" + }, + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains an image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.InnerFilter": { + "additionalProperties": false, + "properties": { + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.InsightConfiguration": { + "additionalProperties": false, + "properties": { + "Computations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Computation" + }, + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", + "type": "array" + }, + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.InsightVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", + "type": "string" + }, + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.IntegerDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `IntegerDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.IntegerParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the integer parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the integer parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.IntegerParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" + }, + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormattingOption" + }, + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" + }, + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", + "type": "array" + }, + "TrendGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIOptions": { + "additionalProperties": false, + "properties": { + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" + }, + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" + }, + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" + }, + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPISortConfiguration": { + "additionalProperties": false, + "properties": { + "TrendGroupSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPISparklineOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the sparkline.", + "title": "Type", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIVisualLayoutOptions": { + "additionalProperties": false, + "properties": { + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIVisualStandardLayout": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The standard layout type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the label is visible.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayerCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerCustomActionOperation" + }, + "markdownDescription": "A list of `LayerCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `LayerCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `LayerCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayerCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", + "markdownDescription": "", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayerMapVisual": { + "additionalProperties": false, + "properties": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the layer map visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.Layout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" + }, + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LegendOptions": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", + "type": "string" + }, + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" + }, + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the legend is visible.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartConfiguration": { + "additionalProperties": false, + "properties": { + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" + }, + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" + }, + "ForecastConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastConfiguration" + }, + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", + "type": "array" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", + "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" + }, + "Type": { + "markdownDescription": "Determines the type of the line chart.", + "title": "Type", + "type": "string" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", + "type": "string" + }, + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartFieldWells": { + "additionalProperties": false, + "properties": { + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartLineStyleSettings": { + "additionalProperties": false, + "properties": { + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", + "type": "string" + }, + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", + "type": "string" + }, + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", + "type": "string" + }, + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings": { + "additionalProperties": false, + "properties": { + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", + "type": "string" + }, + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", + "type": "string" + }, + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", + "type": "string" + }, + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" + }, + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MissingDataConfiguration" + }, + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LinkSharingConfiguration": { + "additionalProperties": false, + "properties": { + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" + }, + "markdownDescription": "A structure that contains the permissions of a shareable link.", + "title": "Permissions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ListControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ListControlSearchOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ListControlSelectAllOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LoadingAnimation": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LocalNavigationConfiguration": { + "additionalProperties": false, + "properties": { + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", + "type": "string" + } + }, + "required": [ + "TargetSheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LongFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.MappedDataSetParameter": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", + "title": "DataSetIdentifier", + "type": "string" + }, + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "DataSetParameterName" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.MaximumLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.MaximumMinimumComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.MeasureField": { + "additionalProperties": false, + "properties": { + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" + }, + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" + }, + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" + }, + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.MetricComparisonComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.MinimumLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the minimum label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.MissingDataConfiguration": { + "additionalProperties": false, + "properties": { + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NegativeValueConfiguration": { + "additionalProperties": false, + "properties": { + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", + "type": "string" + } + }, + "required": [ + "DisplayMode" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NestedFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" + } + }, + "required": [ + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NullValueFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", + "type": "string" + } + }, + "required": [ + "NullString" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the number format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumberFormatConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericAxisOptions": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" + }, + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Value": { + "markdownDescription": "The value of the double input numeric drill down filter.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Column", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericEqualityFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + }, + "Value": { + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Column", + "FilterId", + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericFormatConfiguration": { + "additionalProperties": false, + "properties": { + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" + }, + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericRangeFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" + }, + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", + "type": "string" + }, + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericSeparatorConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericalAggregationFunction": { + "additionalProperties": false, + "properties": { + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" + }, + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericalMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PaginationConfiguration": { + "additionalProperties": false, + "properties": { + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", + "type": "number" + }, + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", + "type": "number" + } + }, + "required": [ + "PageNumber", + "PageSize" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PanelConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", + "type": "string" + }, + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "string" + }, + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", + "type": "string" + }, + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", + "type": "string" + }, + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", + "type": "string" + }, + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "string" + }, + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", + "type": "string" + }, + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", + "title": "Title" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PanelTitleOptions": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" + }, + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterControl": { + "additionalProperties": false, + "properties": { + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", + "title": "List" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" + }, + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" + }, + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" + }, + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterDropDownControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterListControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of `ParameterListControl` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterSelectableValues": { + "additionalProperties": false, + "properties": { + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `ParameterSliderControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "MaximumValue", + "MinimumValue", + "ParameterControlId", + "SourceParameterName", + "StepSize", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterTextAreaControl": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextFieldControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.Parameters": { + "additionalProperties": false, + "properties": { + "DateTimeParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameter" + }, + "markdownDescription": "The parameters that have a data type of date-time.", + "title": "DateTimeParameters", + "type": "array" + }, + "DecimalParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameter" + }, + "markdownDescription": "The parameters that have a data type of decimal.", + "title": "DecimalParameters", + "type": "array" + }, + "IntegerParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameter" + }, + "markdownDescription": "The parameters that have a data type of integer.", + "title": "IntegerParameters", + "type": "array" + }, + "StringParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameter" + }, + "markdownDescription": "The parameters that have a data type of string.", + "title": "StringParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PercentVisibleRange": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PercentileAggregation": { + "additionalProperties": false, + "properties": { + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PeriodOverPeriodComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PeriodToDateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", + "title": "CategoryLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartFieldWells": { + "additionalProperties": false, + "properties": { + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotFieldSortOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" + } + }, + "required": [ + "FieldId", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope" + }, + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", + "type": "array" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope": { + "additionalProperties": false, + "properties": { + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", + "title": "SortConfiguration" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableDataPathOption": { + "additionalProperties": false, + "properties": { + "DataPathList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + }, + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", + "type": "array" + }, + "Width": { + "markdownDescription": "The width of the data path option.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "DataPathList" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", + "type": "string" + }, + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" + } + }, + "required": [ + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget": { + "additionalProperties": false, + "properties": { + "FieldDataPathValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + }, + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", + "type": "array" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldOptions": { + "additionalProperties": false, + "properties": { + "CollapseStateOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption" + }, + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", + "type": "array" + }, + "DataPathOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableDataPathOption" + }, + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", + "type": "array" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOption" + }, + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldWells": { + "additionalProperties": false, + "properties": { + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" + }, + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", + "type": "string" + }, + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" + }, + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", + "type": "string" + }, + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", + "type": "string" + }, + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" + }, + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" + }, + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", + "type": "string" + }, + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "string" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the rows label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableSortBy": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" + }, + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" + }, + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableSortConfiguration": { + "additionalProperties": false, + "properties": { + "FieldSortOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotFieldSortOptions" + }, + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableTotalOptions": { + "additionalProperties": false, + "properties": { + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" + }, + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" + }, + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisual": { + "additionalProperties": false, + "properties": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" + }, + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual that you want to use.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "PluginArn", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualFieldWell" + }, + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" + }, + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualFieldWell": { + "additionalProperties": false, + "properties": { + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", + "type": "array" + }, + "Measures": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", + "type": "array" + }, + "Unaggregated": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" + }, + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualOptions": { + "additionalProperties": false, + "properties": { + "VisualProperties": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualProperty" + }, + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualProperty": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualSortConfiguration": { + "additionalProperties": false, + "properties": { + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualTableQuerySort": { + "additionalProperties": false, + "properties": { + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PredefinedHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ProgressBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", + "type": "array" + }, + "Color": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartConfiguration": { + "additionalProperties": false, + "properties": { + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "string" + }, + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", + "type": "string" + }, + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" + }, + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" + }, + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" + }, + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "title": "SortConfiguration" + }, + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartFieldWells": { + "additionalProperties": false, + "properties": { + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.RangeEndsLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLine": { + "additionalProperties": false, + "properties": { + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" + }, + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" + }, + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", + "type": "string" + }, + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" + } + }, + "required": [ + "DataConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The string text of the custom label.", + "title": "CustomLabel", + "type": "string" + } + }, + "required": [ + "CustomLabel" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", + "type": "string" + }, + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" + }, + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", + "type": "string" + }, + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration": { + "additionalProperties": false, + "properties": { + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" + }, + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" + } + }, + "required": [ + "Calculation", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" + }, + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", + "title": "FontConfiguration" + }, + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", + "type": "string" + }, + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" + }, + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color of the reference line.", + "title": "Color", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" + }, + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RelativeDatesFilter": { + "additionalProperties": false, + "properties": { + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", + "type": "string" + }, + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", + "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.RollingDateConfiguration": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.RowAlternateColorOptions": { + "additionalProperties": false, + "properties": { + "RowAlternateColors": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", + "type": "array" + }, + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", + "type": "string" + }, + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration": { + "additionalProperties": false, + "properties": { + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" + }, + "TargetVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Destination": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", + "type": "array" + }, + "Source": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", + "type": "array" + }, + "Weight": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a sankey diagram.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramFieldWells": { + "additionalProperties": false, + "properties": { + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" + }, + "SourceItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" + }, + "WeightSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" + }, + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", + "title": "YAxisDisplayOptions" + }, + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotFieldWells": { + "additionalProperties": false, + "properties": { + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" + }, + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" + }, + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScrollBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the data zoom scroll bar.", + "title": "Visibility", + "type": "string" + }, + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SecondaryValueOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines the visibility of the secondary value.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionAfterPageBreak": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "BodySections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionConfiguration" + }, + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", + "type": "array" + }, + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" + }, + "FooterSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", + "type": "array" + }, + "HeaderSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", + "type": "array" + } + }, + "required": [ + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" + }, + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", + "type": "string" + }, + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" + } + }, + "required": [ + "FreeFormLayout" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionStyle": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", + "type": "string" + }, + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "SheetVisualScopingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration" + }, + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SeriesItem": { + "additionalProperties": false, + "properties": { + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" + }, + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SetParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration", + "markdownDescription": "", + "title": "Value" + } + }, + "required": [ + "DestinationParameterName", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ShapeConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" + } + }, + "required": [ + "BackgroundColor" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.Sheet": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions": { + "additionalProperties": false, + "properties": { + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility configuration of info icon label options.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlLayout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlsOption": { + "additionalProperties": false, + "properties": { + "VisibilityState": { + "markdownDescription": "Visibility state.", + "title": "VisibilityState", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetDefinition": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", + "type": "string" + }, + "FilterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterControl" + }, + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", + "type": "array" + }, + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" + }, + "Layouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Layout" + }, + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "ParameterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterControl" + }, + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", + "type": "array" + }, + "SheetControlLayouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayout" + }, + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", + "type": "array" + }, + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", + "type": "string" + }, + "TextBoxes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetTextBox" + }, + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", + "type": "array" + }, + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", + "type": "string" + }, + "Visuals": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Visual" + }, + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", + "type": "array" + } + }, + "required": [ + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetElementRenderingRule": { + "additionalProperties": false, + "properties": { + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" + }, + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "ConfigurationOverrides", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImage": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageCustomAction" + }, + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", + "type": "array" + }, + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" + }, + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" + }, + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" + } + }, + "required": [ + "SheetImageId", + "Source" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageScalingConfiguration": { + "additionalProperties": false, + "properties": { + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageSource": { + "additionalProperties": false, + "properties": { + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageTooltipConfiguration": { + "additionalProperties": false, + "properties": { + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageTooltipText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the sheet layout maximization options of a dashbaord.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetTextBox": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", + "type": "string" + }, + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", + "type": "string" + } + }, + "required": [ + "SheetTextBoxId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration": { + "additionalProperties": false, + "properties": { + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", + "type": "string" + }, + "VisualIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", + "type": "array" + } + }, + "required": [ + "Scope", + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ShortFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SimpleClusterMarker": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SingleAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SliderControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties": { + "additionalProperties": false, + "properties": { + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", + "type": "string" + }, + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SmallMultiplesOptions": { + "additionalProperties": false, + "properties": { + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" + }, + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", + "type": "number" + }, + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" + }, + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" + }, + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.Spacing": { + "additionalProperties": false, + "properties": { + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", + "type": "string" + }, + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", + "type": "string" + }, + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", + "type": "string" + }, + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SpatialStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileSource", + "markdownDescription": "The source of the spatial static file.", + "title": "Source" + }, + "StaticFileId": { + "markdownDescription": "The ID of the spatial static file.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StaticFile": { + "additionalProperties": false, + "properties": { + "ImageStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageStaticFile", + "markdownDescription": "The image static file.", + "title": "ImageStaticFile" + }, + "SpatialStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SpatialStaticFile", + "markdownDescription": "The spacial static file.", + "title": "SpatialStaticFile" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.StaticFileS3SourceOptions": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "ObjectKey": { + "markdownDescription": "The identifier of the static file in the Amazon S3 bucket.", + "title": "ObjectKey", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region of the Amazon S3 account that contains the bucket.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "BucketName", + "ObjectKey", + "Region" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StaticFileSource": { + "additionalProperties": false, + "properties": { + "S3Options": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileS3SourceOptions", + "markdownDescription": "The structure that contains the Amazon S3 location to download the static file from.", + "title": "S3Options" + }, + "UrlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileUrlSourceOptions", + "markdownDescription": "The structure that contains the URL to download the static file from.", + "title": "UrlOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.StaticFileUrlSourceOptions": { + "additionalProperties": false, + "properties": { + "Url": { + "markdownDescription": "The URL to download the static file from.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "Url" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for a string parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values of a string parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SubtotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", + "type": "string" + }, + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", + "type": "string" + }, + "FieldLevelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions" + }, + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", + "type": "array" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" + }, + "StyleTargets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableStyleTarget" + }, + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", + "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableBorderOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", + "type": "string" + }, + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", + "type": "string" + }, + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration": { + "additionalProperties": false, + "properties": { + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableCellStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color for the table cells.", + "title": "BackgroundColor", + "type": "string" + }, + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" + }, + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" + }, + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", + "type": "string" + }, + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" + }, + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", + "title": "SortConfiguration" + }, + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableInlineVisualization" + }, + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldCustomIconContent": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldCustomTextContent": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" + }, + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "FontConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldImageConfiguration": { + "additionalProperties": false, + "properties": { + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldLinkConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" + }, + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Content", + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration": { + "additionalProperties": false, + "properties": { + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" + }, + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", + "type": "string" + }, + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" + }, + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldOptions": { + "additionalProperties": false, + "properties": { + "Order": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", + "type": "array" + }, + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOption" + }, + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" + }, + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldURLConfiguration": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldWells": { + "additionalProperties": false, + "properties": { + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" + }, + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableInlineVisualization": { + "additionalProperties": false, + "properties": { + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" + }, + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" + }, + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TablePinnedFieldOptions": { + "additionalProperties": false, + "properties": { + "PinnedLeftFields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableRowConditionalFormatting": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableSideBorderOptions": { + "additionalProperties": false, + "properties": { + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" + }, + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" + }, + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" + }, + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" + }, + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" + }, + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableSortConfiguration": { + "additionalProperties": false, + "properties": { + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableStyleTarget": { + "additionalProperties": false, + "properties": { + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", + "type": "string" + } + }, + "required": [ + "CellType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" + }, + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" + }, + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextControlPlaceholderOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ThousandSeparatorOptions": { + "additionalProperties": false, + "properties": { + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TimeBasedForecastProperties": { + "additionalProperties": false, + "properties": { + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TimeEqualityFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", + "type": "string" + }, + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TimeRangeFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TimeRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TooltipItem": { + "additionalProperties": false, + "properties": { + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" + }, + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TooltipOptions": { + "additionalProperties": false, + "properties": { + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" + }, + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TopBottomFilter": { + "additionalProperties": false, + "properties": { + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationSortConfiguration" + }, + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", + "type": "number" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AggregationSortConfigurations", + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TopBottomMoversComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TopBottomRankedComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalAggregationComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalAggregationOption": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", + "type": "string" + }, + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" + } + }, + "required": [ + "FieldId", + "TotalAggregationFunction" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation settings for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "Cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", + "type": "string" + } + }, + "required": [ + "ColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", + "type": "array" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", + "type": "array" + }, + "Sizes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", + "title": "ColorLabelOptions" + }, + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapFieldWells": { + "additionalProperties": false, + "properties": { + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "TreeMapGroupItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" + }, + "TreeMapSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TrendArrowOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the trend arrows.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.UnaggregatedField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.UniqueValuesComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ValidationStrategy": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisibleRangeOptions": { + "additionalProperties": false, + "properties": { + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.Visual": { + "additionalProperties": false, + "properties": { + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" + }, + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" + }, + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" + }, + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" + }, + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" + }, + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" + }, + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" + }, + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" + }, + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" + }, + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" + }, + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" + }, + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" + }, + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" + }, + "LayerMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerMapVisual", + "markdownDescription": "The properties for a layer map visual", + "title": "LayerMapVisual" + }, + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" + }, + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" + }, + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualAxisSortOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's axis sort options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualInteractionOptions": { + "additionalProperties": false, + "properties": { + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualPalette": { + "additionalProperties": false, + "properties": { + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", + "type": "string" + }, + "ColorMap": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathColor" + }, + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualTitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the title label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Breakdowns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", + "type": "array" + }, + "Categories": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a waterfall visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" + }, + "CategoryAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" + }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a waterfall visual.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend configuration of a waterfall visual.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", + "title": "SortConfiguration" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a waterfall visual.", + "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartFieldWells": { + "additionalProperties": false, + "properties": { + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartGroupColorConfiguration": { + "additionalProperties": false, + "properties": { + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" + }, + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartOptions": { + "additionalProperties": false, + "properties": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.WhatIfPointScenario": { + "additionalProperties": false, + "properties": { + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Date", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.WhatIfRangeScenario": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "EndDate", + "StartDate", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", + "title": "Size", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" + }, + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudFieldWells": { + "additionalProperties": false, + "properties": { + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudOptions": { + "additionalProperties": false, + "properties": { + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", + "type": "string" + }, + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" + }, + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", + "type": "string" + }, + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", + "type": "string" + }, + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", + "type": "string" + }, + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.YAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", + "type": "string" + } + }, + "required": [ + "YAxis" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", + "type": "string" + }, + "ColumnGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnGroup" + }, + "markdownDescription": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.", + "title": "ColumnGroups", + "type": "array" + }, + "ColumnLevelPermissionRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnLevelPermissionRule" + }, + "markdownDescription": "A set of one or more definitions of a `ColumnLevelPermissionRule` .", + "title": "ColumnLevelPermissionRules", + "type": "array" + }, + "DataSetId": { + "markdownDescription": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account.", + "title": "DataSetId", + "type": "string" + }, + "DataSetRefreshProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetRefreshProperties", + "markdownDescription": "The refresh properties of a dataset.", + "title": "DataSetRefreshProperties" + }, + "DataSetUsageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetUsageConfiguration", + "markdownDescription": "The usage configuration to apply to child datasets that reference this dataset as a source.", + "title": "DataSetUsageConfiguration" + }, + "DatasetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DatasetParameter" + }, + "markdownDescription": "The parameters that are declared in a dataset.", + "title": "DatasetParameters", + "type": "array" + }, + "FieldFolders": { + "additionalProperties": false, + "markdownDescription": "The folder that contains fields and nested subfolders for your dataset.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.FieldFolder" + } + }, + "title": "FieldFolders", + "type": "object" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "ImportMode": { + "markdownDescription": "Indicates whether you want to import the data into SPICE.", + "title": "ImportMode", + "type": "string" + }, + "IngestionWaitPolicy": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IngestionWaitPolicy", + "markdownDescription": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours.", + "title": "IngestionWaitPolicy" + }, + "LogicalTableMap": { + "additionalProperties": false, + "markdownDescription": "Configures the combination and transformation of the data from the physical tables.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTable" + } + }, + "title": "LogicalTableMap", + "type": "object" + }, + "Name": { + "markdownDescription": "The display name for the dataset.", + "title": "Name", + "type": "string" + }, + "PerformanceConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.PerformanceConfiguration", + "markdownDescription": "The performance optimization configuration of a dataset.", + "title": "PerformanceConfiguration" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ResourcePermission" + }, + "markdownDescription": "A list of resource permissions on the dataset.", + "title": "Permissions", + "type": "array" + }, + "PhysicalTableMap": { + "additionalProperties": false, + "markdownDescription": "Declares the physical tables that are available in the underlying data sources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.PhysicalTable" + } + }, + "title": "PhysicalTableMap", + "type": "object" + }, + "RowLevelPermissionDataSet": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionDataSet", + "markdownDescription": "The row-level security configuration for the data that you want to create.", + "title": "RowLevelPermissionDataSet" + }, + "RowLevelPermissionTagConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration", + "markdownDescription": "The element you can use to define tags for row-level security.", + "title": "RowLevelPermissionTagConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.", + "title": "Tags", + "type": "array" + }, + "UseAs": { + "markdownDescription": "The usage of the dataset.", + "title": "UseAs", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::DataSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.CalculatedColumn": { + "additionalProperties": false, + "properties": { + "ColumnId": { + "markdownDescription": "A unique ID to identify a calculated column. During a dataset update, if the column ID of a calculated column matches that of an existing calculated column, Amazon QuickSight preserves the existing calculated column.", + "title": "ColumnId", + "type": "string" + }, + "ColumnName": { + "markdownDescription": "Column name.", + "title": "ColumnName", + "type": "string" + }, + "Expression": { + "markdownDescription": "An expression that defines the calculated column.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "ColumnId", + "ColumnName", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.CastColumnTypeOperation": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "Column name.", + "title": "ColumnName", + "type": "string" + }, + "Format": { + "markdownDescription": "When casting a column from string to datetime type, you can supply a string in a format supported by Amazon QuickSight to denote the source data format.", + "title": "Format", + "type": "string" + }, + "NewColumnType": { + "markdownDescription": "New column data type.", + "title": "NewColumnType", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset.", + "title": "SubType", + "type": "string" + } + }, + "required": [ + "ColumnName", + "NewColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.ColumnDescription": { + "additionalProperties": false, + "properties": { + "Text": { + "markdownDescription": "The text of a description for a column.", + "title": "Text", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ColumnGroup": { + "additionalProperties": false, + "properties": { + "GeoSpatialColumnGroup": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.GeoSpatialColumnGroup", + "markdownDescription": "Geospatial column group that denotes a hierarchy.", + "title": "GeoSpatialColumnGroup" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ColumnLevelPermissionRule": { + "additionalProperties": false, + "properties": { + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of column names.", + "title": "ColumnNames", + "type": "array" + }, + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon Resource Names (ARNs) for QuickSight users or groups.", + "title": "Principals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ColumnTag": { + "additionalProperties": false, + "properties": { + "ColumnDescription": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnDescription", + "markdownDescription": "A description for a column.", + "title": "ColumnDescription" + }, + "ColumnGeographicRole": { + "markdownDescription": "A geospatial role for a column.", + "title": "ColumnGeographicRole", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.CreateColumnsOperation": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CalculatedColumn" + }, + "markdownDescription": "Calculated columns to create.", + "title": "Columns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.CustomSql": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + }, + "markdownDescription": "The column schema from the SQL query result set.", + "title": "Columns", + "type": "array" + }, + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data source.", + "title": "DataSourceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "A display name for the SQL query result.", + "title": "Name", + "type": "string" + }, + "SqlQuery": { + "markdownDescription": "The SQL query.", + "title": "SqlQuery", + "type": "string" + } + }, + "required": [ + "DataSourceArn", + "Name", + "SqlQuery" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.DataSetRefreshProperties": { + "additionalProperties": false, + "properties": { + "FailureConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshFailureConfiguration", + "markdownDescription": "The failure configuration for a dataset.", + "title": "FailureConfiguration" + }, + "RefreshConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshConfiguration", + "markdownDescription": "The refresh configuration for a dataset.", + "title": "RefreshConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.DataSetUsageConfiguration": { + "additionalProperties": false, + "properties": { + "DisableUseAsDirectQuerySource": { + "markdownDescription": "An option that controls whether a child dataset of a direct query can use this dataset as a source.", + "title": "DisableUseAsDirectQuerySource", + "type": "boolean" + }, + "DisableUseAsImportedSource": { + "markdownDescription": "An option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.", + "title": "DisableUseAsImportedSource", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.DatasetParameter": { + "additionalProperties": false, + "properties": { + "DateTimeDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameter", + "markdownDescription": "A date time parameter that is created in the dataset.", + "title": "DateTimeDatasetParameter" + }, + "DecimalDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameter", + "markdownDescription": "A decimal parameter that is created in the dataset.", + "title": "DecimalDatasetParameter" + }, + "IntegerDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameter", + "markdownDescription": "An integer parameter that is created in the dataset.", + "title": "IntegerDatasetParameter" + }, + "StringDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameter", + "markdownDescription": "A string parameter that is created in the dataset.", + "title": "StringDatasetParameter" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.DateTimeDatasetParameter": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given date time parameter. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the parameter that is created in the dataset.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the date time parameter that is created in the dataset.", + "title": "Name", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the date time parameter.", + "title": "TimeGranularity", + "type": "string" + }, + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "Id", + "Name", + "ValueType" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues": { + "additionalProperties": false, + "properties": { + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.DecimalDatasetParameter": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given decimal parameter. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the decimal parameter created in the dataset.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the decimal parameter that is created in the dataset.", + "title": "Name", + "type": "string" + }, + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "Id", + "Name", + "ValueType" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues": { + "additionalProperties": false, + "properties": { + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given decimal parameter.", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.FieldFolder": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "type": "string" + }, + "markdownDescription": "A folder has a list of columns. A column can only be in one folder.", + "title": "Columns", + "type": "array" + }, + "Description": { + "markdownDescription": "The description for a field folder.", + "title": "Description", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.FilterOperation": { + "additionalProperties": false, + "properties": { + "ConditionExpression": { + "markdownDescription": "An expression that must evaluate to a Boolean value. Rows for which the expression evaluates to true are kept in the dataset.", + "title": "ConditionExpression", + "type": "string" + } + }, + "required": [ + "ConditionExpression" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.GeoSpatialColumnGroup": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns in this hierarchy.", + "title": "Columns", + "type": "array" + }, + "CountryCode": { + "markdownDescription": "Country code.", + "title": "CountryCode", + "type": "string" + }, + "Name": { + "markdownDescription": "A display name for the hierarchy.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Columns", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.IncrementalRefresh": { + "additionalProperties": false, + "properties": { + "LookbackWindow": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LookbackWindow", + "markdownDescription": "The lookback window setup for an incremental refresh configuration.", + "title": "LookbackWindow" + } + }, + "required": [ + "LookbackWindow" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.IngestionWaitPolicy": { + "additionalProperties": false, + "properties": { + "IngestionWaitTimeInHours": { + "markdownDescription": "The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. Applicable only when `DataSetImportMode` mode is set to SPICE and `WaitForSpiceIngestion` is set to true.", + "title": "IngestionWaitTimeInHours", + "type": "number" + }, + "WaitForSpiceIngestion": { + "markdownDescription": "Wait for SPICE ingestion to finish to mark dataset creation or update as successful. Default (true). Applicable only when `DataSetImportMode` mode is set to SPICE.", + "title": "WaitForSpiceIngestion", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.InputColumn": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of this column in the underlying data source.", + "title": "Name", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset.", + "title": "SubType", + "type": "string" + }, + "Type": { + "markdownDescription": "The data type of the column.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.IntegerDatasetParameter": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given integer parameter. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the integer parameter created in the dataset.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the integer parameter that is created in the dataset.", + "title": "Name", + "type": "string" + }, + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "Id", + "Name", + "ValueType" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues": { + "additionalProperties": false, + "properties": { + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given integer parameter.", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.JoinInstruction": { + "additionalProperties": false, + "properties": { + "LeftJoinKeyProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", + "markdownDescription": "Join key properties of the left operand.", + "title": "LeftJoinKeyProperties" + }, + "LeftOperand": { + "markdownDescription": "The operand on the left side of a join.", + "title": "LeftOperand", + "type": "string" + }, + "OnClause": { + "markdownDescription": "The join instructions provided in the `ON` clause of a join.", + "title": "OnClause", + "type": "string" + }, + "RightJoinKeyProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", + "markdownDescription": "Join key properties of the right operand.", + "title": "RightJoinKeyProperties" + }, + "RightOperand": { + "markdownDescription": "The operand on the right side of a join.", + "title": "RightOperand", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of join that it is.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "LeftOperand", + "OnClause", + "RightOperand", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.JoinKeyProperties": { + "additionalProperties": false, + "properties": { + "UniqueKey": { + "markdownDescription": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by QuickSight to optimize query performance.", + "title": "UniqueKey", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.LogicalTable": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "A display name for the logical table.", + "title": "Alias", + "type": "string" + }, + "DataTransforms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.TransformOperation" + }, + "markdownDescription": "Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null.", + "title": "DataTransforms", + "type": "array" + }, + "Source": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTableSource", + "markdownDescription": "Source of this logical table.", + "title": "Source" + } + }, + "required": [ + "Alias" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.LogicalTableSource": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the parent dataset.", + "title": "DataSetArn", + "type": "string" + }, + "JoinInstruction": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinInstruction", + "markdownDescription": "Specifies the result of a join of two logical tables.", + "title": "JoinInstruction" + }, + "PhysicalTableId": { + "markdownDescription": "Physical table ID.", + "title": "PhysicalTableId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.LookbackWindow": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the lookback window column.", + "title": "ColumnName", + "type": "string" + }, + "Size": { + "markdownDescription": "The lookback window column size.", + "title": "Size", + "type": "number" + }, + "SizeUnit": { + "markdownDescription": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` .", + "title": "SizeUnit", + "type": "string" + } + }, + "required": [ + "ColumnName", + "Size", + "SizeUnit" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.NewDefaultValues": { + "additionalProperties": false, + "properties": { + "DateTimeStaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", + "title": "DateTimeStaticValues", + "type": "array" + }, + "DecimalStaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given decimal parameter.", + "title": "DecimalStaticValues", + "type": "array" + }, + "IntegerStaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given integer parameter.", + "title": "IntegerStaticValues", + "type": "array" + }, + "StringStaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of static default values for a given string parameter.", + "title": "StringStaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.OutputColumn": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for a column.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The display name of the column..", + "title": "Name", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the column.", + "title": "SubType", + "type": "string" + }, + "Type": { + "markdownDescription": "The data type of the column.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.OverrideDatasetParameterOperation": { + "additionalProperties": false, + "properties": { + "NewDefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.NewDefaultValues", + "markdownDescription": "The new default values for the parameter.", + "title": "NewDefaultValues" + }, + "NewParameterName": { + "markdownDescription": "The new name for the parameter.", + "title": "NewParameterName", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter to be overridden with different values.", + "title": "ParameterName", + "type": "string" + } + }, + "required": [ + "ParameterName" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.PerformanceConfiguration": { + "additionalProperties": false, + "properties": { + "UniqueKeys": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UniqueKey" + }, + "markdownDescription": "", + "title": "UniqueKeys", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.PhysicalTable": { + "additionalProperties": false, + "properties": { + "CustomSql": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CustomSql", + "markdownDescription": "A physical table type built from the results of the custom SQL query.", + "title": "CustomSql" + }, + "RelationalTable": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RelationalTable", + "markdownDescription": "A physical table type for relational data sources.", + "title": "RelationalTable" + }, + "S3Source": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.S3Source", + "markdownDescription": "A physical table type for as S3 data source.", + "title": "S3Source" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ProjectOperation": { + "additionalProperties": false, + "properties": { + "ProjectedColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Projected columns.", + "title": "ProjectedColumns", + "type": "array" + } + }, + "required": [ + "ProjectedColumns" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RefreshConfiguration": { + "additionalProperties": false, + "properties": { + "IncrementalRefresh": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IncrementalRefresh", + "markdownDescription": "The incremental refresh for the dataset.", + "title": "IncrementalRefresh" + } + }, + "required": [ + "IncrementalRefresh" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RefreshFailureConfiguration": { + "additionalProperties": false, + "properties": { + "EmailAlert": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshFailureEmailAlert", + "markdownDescription": "The email alert configuration for a dataset refresh failure.", + "title": "EmailAlert" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.RefreshFailureEmailAlert": { + "additionalProperties": false, + "properties": { + "AlertStatus": { + "markdownDescription": "The status value that determines if email alerts are sent.", + "title": "AlertStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.RelationalTable": { + "additionalProperties": false, + "properties": { + "Catalog": { + "markdownDescription": "The catalog associated with a table.", + "title": "Catalog", + "type": "string" + }, + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", + "title": "DataSourceArn", + "type": "string" + }, + "InputColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + }, + "markdownDescription": "The column schema of the table.", + "title": "InputColumns", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the relational table.", + "title": "Name", + "type": "string" + }, + "Schema": { + "markdownDescription": "The schema name. This name applies to certain relational database engines.", + "title": "Schema", + "type": "string" + } + }, + "required": [ + "DataSourceArn", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RenameColumnOperation": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the column to be renamed.", + "title": "ColumnName", + "type": "string" + }, + "NewColumnName": { + "markdownDescription": "The new name for the column.", + "title": "NewColumnName", + "type": "string" + } + }, + "required": [ + "ColumnName" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permisions on", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RowLevelPermissionDataSet": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.", + "title": "Arn", + "type": "string" + }, + "FormatVersion": { + "markdownDescription": "The user or group rules associated with the dataset that contains permissions for RLS.\n\nBy default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist.", + "title": "FormatVersion", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace associated with the dataset that contains permissions for RLS.", + "title": "Namespace", + "type": "string" + }, + "PermissionPolicy": { + "markdownDescription": "The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only.", + "title": "PermissionPolicy", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Arn", + "PermissionPolicy" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", + "title": "Status", + "type": "string" + }, + "TagRuleConfigurations": { + "markdownDescription": "The configuration of tags on a dataset to set row-level security.", + "title": "TagRuleConfigurations", + "type": "object" + }, + "TagRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagRule" + }, + "markdownDescription": "A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.", + "title": "TagRules", + "type": "array" + } + }, + "required": [ + "TagRules" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RowLevelPermissionTagRule": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The column name that a tag key is assigned to.", + "title": "ColumnName", + "type": "string" + }, + "MatchAllValue": { + "markdownDescription": "A string that you want to use to filter by all the values in a column in the dataset and don\u2019t want to list the values one by one. For example, you can use an asterisk as your match all value.", + "title": "MatchAllValue", + "type": "string" + }, + "TagKey": { + "markdownDescription": "The unique key for a tag.", + "title": "TagKey", + "type": "string" + }, + "TagMultiValueDelimiter": { + "markdownDescription": "A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.", + "title": "TagMultiValueDelimiter", + "type": "string" + } + }, + "required": [ + "ColumnName", + "TagKey" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.S3Source": { + "additionalProperties": false, + "properties": { + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", + "title": "DataSourceArn", + "type": "string" + }, + "InputColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + }, + "markdownDescription": "A physical table type for an S3 data source.\n\n> For files that aren't JSON, only `STRING` data types are supported in input columns.", + "title": "InputColumns", + "type": "array" + }, + "UploadSettings": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UploadSettings", + "markdownDescription": "Information about the format for the S3 source file or files.", + "title": "UploadSettings" + } + }, + "required": [ + "DataSourceArn" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.StringDatasetParameter": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given string dataset parameter type. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the string parameter that is created in the dataset.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the string parameter that is created in the dataset.", + "title": "Name", + "type": "string" + }, + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "Id", + "Name", + "ValueType" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues": { + "additionalProperties": false, + "properties": { + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of static default values for a given string parameter.", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.TagColumnOperation": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The column that this operation acts on.", + "title": "ColumnName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnTag" + }, + "markdownDescription": "The dataset column tag, currently only used for geospatial type tagging.\n\n> This is not tags for the AWS tagging feature.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ColumnName", + "Tags" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.TransformOperation": { + "additionalProperties": false, + "properties": { + "CastColumnTypeOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CastColumnTypeOperation", + "markdownDescription": "A transform operation that casts a column to a different type.", + "title": "CastColumnTypeOperation" + }, + "CreateColumnsOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CreateColumnsOperation", + "markdownDescription": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure.", + "title": "CreateColumnsOperation" + }, + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.FilterOperation", + "markdownDescription": "An operation that filters rows based on some condition.", + "title": "FilterOperation" + }, + "OverrideDatasetParameterOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.OverrideDatasetParameterOperation", + "markdownDescription": "A transform operation that overrides the dataset parameter values that are defined in another dataset.", + "title": "OverrideDatasetParameterOperation" + }, + "ProjectOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ProjectOperation", + "markdownDescription": "An operation that projects columns. Operations that come after a projection can only refer to projected columns.", + "title": "ProjectOperation" + }, + "RenameColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RenameColumnOperation", + "markdownDescription": "An operation that renames a column.", + "title": "RenameColumnOperation" + }, + "TagColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.TagColumnOperation", + "markdownDescription": "An operation that tags a column with additional information.", + "title": "TagColumnOperation" + }, + "UntagColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UntagColumnOperation", + "markdownDescription": "", + "title": "UntagColumnOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.UniqueKey": { + "additionalProperties": false, + "properties": { + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "ColumnNames", + "type": "array" + } + }, + "required": [ + "ColumnNames" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.UntagColumnOperation": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The column that this operation acts on.", + "title": "ColumnName", + "type": "string" + }, + "TagNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The column tags to remove from this column.", + "title": "TagNames", + "type": "array" + } + }, + "required": [ + "ColumnName", + "TagNames" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.UploadSettings": { + "additionalProperties": false, + "properties": { + "ContainsHeader": { + "markdownDescription": "Whether the file has a header row, or the files each have a header row.", + "title": "ContainsHeader", + "type": "boolean" + }, + "Delimiter": { + "markdownDescription": "The delimiter between values in the file.", + "title": "Delimiter", + "type": "string" + }, + "Format": { + "markdownDescription": "File format.", + "title": "Format", + "type": "string" + }, + "StartFromRow": { + "markdownDescription": "A row number to start reading data from.", + "title": "StartFromRow", + "type": "number" + }, + "TextQualifier": { + "markdownDescription": "Text qualifier.", + "title": "TextQualifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AlternateDataSourceParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" + }, + "markdownDescription": "A set of alternate data source parameters that you want to share for the credentials stored with this data source. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the credentials from this existing data source. If the `AlternateDataSourceParameters` list is null, the `Credentials` originally used with this `DataSourceParameters` are automatically allowed.", + "title": "AlternateDataSourceParameters", + "type": "array" + }, + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", + "type": "string" + }, + "Credentials": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceCredentials", + "markdownDescription": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported.", + "title": "Credentials" + }, + "DataSourceId": { + "markdownDescription": "An ID for the data source. This ID is unique per AWS Region for each AWS account.", + "title": "DataSourceId", + "type": "string" + }, + "DataSourceParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters", + "markdownDescription": "The parameters that Amazon QuickSight uses to connect to your underlying source.", + "title": "DataSourceParameters" + }, + "ErrorInfo": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceErrorInfo", + "markdownDescription": "Error information from the last update or the creation of the data source.", + "title": "ErrorInfo" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A display name for the data source.", + "title": "Name", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.ResourcePermission" + }, + "markdownDescription": "A list of resource permissions on the data source.", + "title": "Permissions", + "type": "array" + }, + "SslProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SslProperties", + "markdownDescription": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source.", + "title": "SslProperties" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service.", + "title": "Type", + "type": "string" + }, + "VpcConnectionProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", + "markdownDescription": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source.", + "title": "VpcConnectionProperties" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::DataSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.AmazonElasticsearchParameters": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The OpenSearch domain.", + "title": "Domain", + "type": "string" + } + }, + "required": [ + "Domain" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.AmazonOpenSearchParameters": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The OpenSearch domain.", + "title": "Domain", + "type": "string" + } + }, + "required": [ + "Domain" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.AthenaParameters": { + "additionalProperties": false, + "properties": { + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.IdentityCenterConfiguration", + "markdownDescription": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your workgroup.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center.", + "title": "IdentityCenterConfiguration" + }, + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", + "title": "RoleArn", + "type": "string" + }, + "WorkGroup": { + "markdownDescription": "The workgroup that Amazon Athena uses.", + "title": "WorkGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.AuroraParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.AuroraPostgreSqlParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "The Amazon Aurora PostgreSQL database to connect to.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "The Amazon Aurora PostgreSQL-Compatible host to connect to.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that Amazon Aurora PostgreSQL is listening on.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.CredentialPair": { + "additionalProperties": false, + "properties": { + "AlternateDataSourceParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" + }, + "markdownDescription": "A set of alternate data source parameters that you want to share for these credentials. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the new data source with the existing credentials. If the `AlternateDataSourceParameters` list is null, the `DataSourceParameters` originally used with these `Credentials` is automatically allowed.", + "title": "AlternateDataSourceParameters", + "type": "array" + }, + "Password": { + "markdownDescription": "Password.", + "title": "Password", + "type": "string" + }, + "Username": { + "markdownDescription": "User name.", + "title": "Username", + "type": "string" + } + }, + "required": [ + "Password", + "Username" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.DataSourceCredentials": { + "additionalProperties": false, + "properties": { + "CopySourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use. When `CopySourceArn` is not null, the credential pair from the data source in the ARN is used as the credentials for the `DataSourceCredentials` structure.", + "title": "CopySourceArn", + "type": "string" + }, + "CredentialPair": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.CredentialPair", + "markdownDescription": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` .", + "title": "CredentialPair" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret associated with the data source in AWS Secrets Manager .", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.DataSourceErrorInfo": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Error message.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "Error type.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.DataSourceParameters": { + "additionalProperties": false, + "properties": { + "AmazonElasticsearchParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonElasticsearchParameters", + "markdownDescription": "The parameters for OpenSearch.", + "title": "AmazonElasticsearchParameters" + }, + "AmazonOpenSearchParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonOpenSearchParameters", + "markdownDescription": "The parameters for OpenSearch.", + "title": "AmazonOpenSearchParameters" + }, + "AthenaParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AthenaParameters", + "markdownDescription": "The parameters for Amazon Athena.", + "title": "AthenaParameters" + }, + "AuroraParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraParameters", + "markdownDescription": "The parameters for Amazon Aurora MySQL.", + "title": "AuroraParameters" + }, + "AuroraPostgreSqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraPostgreSqlParameters", + "markdownDescription": "The parameters for Amazon Aurora.", + "title": "AuroraPostgreSqlParameters" + }, + "DatabricksParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DatabricksParameters", + "markdownDescription": "The required parameters that are needed to connect to a Databricks data source.", + "title": "DatabricksParameters" + }, + "MariaDbParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.MariaDbParameters", + "markdownDescription": "The parameters for MariaDB.", + "title": "MariaDbParameters" + }, + "MySqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.MySqlParameters", + "markdownDescription": "The parameters for MySQL.", + "title": "MySqlParameters" + }, + "OracleParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OracleParameters", + "markdownDescription": "Oracle parameters.", + "title": "OracleParameters" + }, + "PostgreSqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.PostgreSqlParameters", + "markdownDescription": "The parameters for PostgreSQL.", + "title": "PostgreSqlParameters" + }, + "PrestoParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.PrestoParameters", + "markdownDescription": "The parameters for Presto.", + "title": "PrestoParameters" + }, + "RdsParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RdsParameters", + "markdownDescription": "The parameters for Amazon RDS.", + "title": "RdsParameters" + }, + "RedshiftParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftParameters", + "markdownDescription": "The parameters for Amazon Redshift.", + "title": "RedshiftParameters" + }, + "S3Parameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.S3Parameters", + "markdownDescription": "The parameters for S3.", + "title": "S3Parameters" + }, + "SnowflakeParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SnowflakeParameters", + "markdownDescription": "The parameters for Snowflake.", + "title": "SnowflakeParameters" + }, + "SparkParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SparkParameters", + "markdownDescription": "The parameters for Spark.", + "title": "SparkParameters" + }, + "SqlServerParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SqlServerParameters", + "markdownDescription": "The parameters for SQL Server.", + "title": "SqlServerParameters" + }, + "StarburstParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.StarburstParameters", + "markdownDescription": "The parameters that are required to connect to a Starburst data source.", + "title": "StarburstParameters" + }, + "TeradataParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.TeradataParameters", + "markdownDescription": "The parameters for Teradata.", + "title": "TeradataParameters" + }, + "TrinoParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.TrinoParameters", + "markdownDescription": "The parameters that are required to connect to a Trino data source.", + "title": "TrinoParameters" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.DatabricksParameters": { + "additionalProperties": false, + "properties": { + "Host": { + "markdownDescription": "The host name of the Databricks data source.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port for the Databricks data source.", + "title": "Port", + "type": "number" + }, + "SqlEndpointPath": { + "markdownDescription": "The HTTP path of the Databricks data source.", + "title": "SqlEndpointPath", + "type": "string" + } + }, + "required": [ + "Host", + "Port", + "SqlEndpointPath" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.IdentityCenterConfiguration": { + "additionalProperties": false, + "properties": { + "EnableIdentityPropagation": { + "markdownDescription": "A Boolean option that controls whether Trusted Identity Propagation should be used.", + "title": "EnableIdentityPropagation", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.ManifestFileLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "Amazon S3 bucket.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "Amazon S3 key that identifies an object.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.MariaDbParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.MySqlParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.OAuthParameters": { + "additionalProperties": false, + "properties": { + "IdentityProviderResourceUri": { + "markdownDescription": "The resource uri of the identity provider.", + "title": "IdentityProviderResourceUri", + "type": "string" + }, + "IdentityProviderVpcConnectionProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", + "markdownDescription": "", + "title": "IdentityProviderVpcConnectionProperties" + }, + "OAuthScope": { + "markdownDescription": "The OAuth scope.", + "title": "OAuthScope", + "type": "string" + }, + "TokenProviderUrl": { + "markdownDescription": "The token endpoint URL of the identity provider.", + "title": "TokenProviderUrl", + "type": "string" + } + }, + "required": [ + "TokenProviderUrl" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.OracleParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + }, + "UseServiceName": { + "markdownDescription": "A Boolean value that indicates whether the `Database` uses a service name or an SID. If this value is left blank, the default value is `SID` . If this value is set to `false` , the value is `SID` .", + "title": "UseServiceName", + "type": "boolean" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.PostgreSqlParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.PrestoParameters": { + "additionalProperties": false, + "properties": { + "Catalog": { + "markdownDescription": "Catalog.", + "title": "Catalog", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Catalog", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.RdsParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "InstanceId": { + "markdownDescription": "Instance ID.", + "title": "InstanceId", + "type": "string" + } + }, + "required": [ + "Database", + "InstanceId" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.RedshiftIAMParameters": { + "additionalProperties": false, + "properties": { + "AutoCreateDatabaseUser": { + "markdownDescription": "Automatically creates a database user. If your database doesn't have a `DatabaseUser` , set this parameter to `True` . If there is no `DatabaseUser` , Amazon QuickSight can't connect to your cluster. The `RoleArn` that you use for this operation must grant access to `redshift:CreateClusterUser` to successfully create the user.", + "title": "AutoCreateDatabaseUser", + "type": "boolean" + }, + "DatabaseGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups whose permissions will be granted to Amazon QuickSight to access the cluster. These permissions are combined with the permissions granted to Amazon QuickSight by the `DatabaseUser` . If you choose to include this parameter, the `RoleArn` must grant access to `redshift:JoinGroup` .", + "title": "DatabaseGroups", + "type": "array" + }, + "DatabaseUser": { + "markdownDescription": "The user whose permissions and group memberships will be used by Amazon QuickSight to access the cluster. If this user already exists in your database, Amazon QuickSight is granted the same permissions that the user has. If the user doesn't exist, set the value of `AutoCreateDatabaseUser` to `True` to create a new user with PUBLIC permissions.", + "title": "DatabaseUser", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to allow Amazon QuickSight to call `redshift:GetClusterCredentials` on your cluster. The calling principal must have `iam:PassRole` access to pass the role to Amazon QuickSight. The role's trust policy must allow the Amazon QuickSight service principal to assume the role.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.RedshiftParameters": { + "additionalProperties": false, + "properties": { + "ClusterId": { + "markdownDescription": "Cluster ID. This field can be blank if the `Host` and `Port` are provided.", + "title": "ClusterId", + "type": "string" + }, + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host. This field can be blank if `ClusterId` is provided.", + "title": "Host", + "type": "string" + }, + "IAMParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftIAMParameters", + "markdownDescription": "An optional parameter that uses IAM authentication to grant Amazon QuickSight access to your cluster. This parameter can be used instead of [DataSourceCredentials](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DataSourceCredentials.html) .", + "title": "IAMParameters" + }, + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.IdentityCenterConfiguration", + "markdownDescription": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your cluster.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center.", + "title": "IdentityCenterConfiguration" + }, + "Port": { + "markdownDescription": "Port. This field can be blank if the `ClusterId` is provided.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + }, + "Resource": { + "markdownDescription": "", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.S3Parameters": { + "additionalProperties": false, + "properties": { + "ManifestFileLocation": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.ManifestFileLocation", + "markdownDescription": "Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Amazon QuickSight.", + "title": "ManifestFileLocation" + }, + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "ManifestFileLocation" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.SnowflakeParameters": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "markdownDescription": "The authentication type that you want to use for your connection. This parameter accepts OAuth and non-OAuth authentication types.", + "title": "AuthenticationType", + "type": "string" + }, + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "DatabaseAccessControlRole": { + "markdownDescription": "The database access control role.", + "title": "DatabaseAccessControlRole", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "OAuthParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OAuthParameters", + "markdownDescription": "An object that contains information needed to create a data source connection between an Amazon QuickSight account and Snowflake.", + "title": "OAuthParameters" + }, + "Warehouse": { + "markdownDescription": "Warehouse.", + "title": "Warehouse", + "type": "string" + } + }, + "required": [ + "Database", + "Host", + "Warehouse" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.SparkParameters": { + "additionalProperties": false, + "properties": { + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.SqlServerParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.SslProperties": { + "additionalProperties": false, + "properties": { + "DisableSsl": { + "markdownDescription": "A Boolean option to control whether SSL should be disabled.", + "title": "DisableSsl", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.StarburstParameters": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "markdownDescription": "The authentication type that you want to use for your connection. This parameter accepts OAuth and non-OAuth authentication types.", + "title": "AuthenticationType", + "type": "string" + }, + "Catalog": { + "markdownDescription": "The catalog name for the Starburst data source.", + "title": "Catalog", + "type": "string" + }, + "DatabaseAccessControlRole": { + "markdownDescription": "The database access control role.", + "title": "DatabaseAccessControlRole", + "type": "string" + }, + "Host": { + "markdownDescription": "The host name of the Starburst data source.", + "title": "Host", + "type": "string" + }, + "OAuthParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OAuthParameters", + "markdownDescription": "An object that contains information needed to create a data source connection between an Amazon QuickSight account and Starburst.", + "title": "OAuthParameters" + }, + "Port": { + "markdownDescription": "The port for the Starburst data source.", + "title": "Port", + "type": "number" + }, + "ProductType": { + "markdownDescription": "The product type for the Starburst data source.", + "title": "ProductType", + "type": "string" + } + }, + "required": [ + "Catalog", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.TeradataParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.TrinoParameters": { + "additionalProperties": false, + "properties": { + "Catalog": { + "markdownDescription": "The catalog name for the Trino data source.", + "title": "Catalog", + "type": "string" + }, + "Host": { + "markdownDescription": "The host name of the Trino data source.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port for the Trino data source.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Catalog", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.VpcConnectionProperties": { + "additionalProperties": false, + "properties": { + "VpcConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the VPC connection.", + "title": "VpcConnectionArn", + "type": "string" + } + }, + "required": [ + "VpcConnectionArn" + ], + "type": "object" + }, + "AWS::QuickSight::Folder": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID for the AWS account where you want to create the folder.", + "title": "AwsAccountId", + "type": "string" + }, + "FolderId": { + "markdownDescription": "The ID of the folder.", + "title": "FolderId", + "type": "string" + }, + "FolderType": { + "markdownDescription": "The type of folder it is.", + "title": "FolderType", + "type": "string" + }, + "Name": { + "markdownDescription": "A display name for the folder.", + "title": "Name", + "type": "string" + }, + "ParentFolderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the folder.", + "title": "ParentFolderArn", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Folder.ResourcePermission" + }, + "markdownDescription": "A structure that describes the principals and the resource-level permissions of a folder.\n\nTo specify no permissions, omit `Permissions` .", + "title": "Permissions", + "type": "array" + }, + "SharingModel": { + "markdownDescription": "The sharing scope of the folder.", + "title": "SharingModel", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags for the folders that you want to apply overrides to.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Folder" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Folder.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::RefreshSchedule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The AWS account ID of the account that you are creating a schedule in.", + "title": "AwsAccountId", + "type": "string" + }, + "DataSetId": { + "markdownDescription": "The ID of the dataset that you are creating a refresh schedule for.", + "title": "DataSetId", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshScheduleMap", + "markdownDescription": "The refresh schedule of a dataset.", + "title": "Schedule" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::RefreshSchedule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::RefreshSchedule.RefreshOnDay": { + "additionalProperties": false, + "properties": { + "DayOfMonth": { + "markdownDescription": "The day of the month that you want your dataset to refresh. This value is required for monthly refresh intervals.", + "title": "DayOfMonth", + "type": "string" + }, + "DayOfWeek": { + "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", + "title": "DayOfWeek", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::RefreshSchedule.RefreshScheduleMap": { + "additionalProperties": false, + "properties": { + "RefreshType": { + "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *QuickSight User Guide* .", + "title": "RefreshType", + "type": "string" + }, + "ScheduleFrequency": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.ScheduleFrequency", + "markdownDescription": "The frequency for the refresh schedule.", + "title": "ScheduleFrequency" + }, + "ScheduleId": { + "markdownDescription": "An identifier for the refresh schedule.", + "title": "ScheduleId", + "type": "string" + }, + "StartAfterDateTime": { + "markdownDescription": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format.", + "title": "StartAfterDateTime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::RefreshSchedule.ScheduleFrequency": { + "additionalProperties": false, + "properties": { + "Interval": { + "markdownDescription": "The interval between scheduled refreshes. Valid values are as follows:\n\n- `MINUTE15` : The dataset refreshes every 15 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `MINUTE30` : The dataset refreshes every 30 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `HOURLY` : The dataset refreshes every hour. This interval can only be used for one schedule per dataset.\n- `DAILY` : The dataset refreshes every day.\n- `WEEKLY` : The dataset refreshes every week.\n- `MONTHLY` : The dataset refreshes every month.", + "title": "Interval", + "type": "string" + }, + "RefreshOnDay": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshOnDay", + "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", + "title": "RefreshOnDay" + }, + "TimeOfTheDay": { + "markdownDescription": "The time of day that you want the dataset to refresh. This value is expressed in HH:MM format. This field is not required for schedules that refresh hourly.", + "title": "TimeOfTheDay", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The timezone that you want the refresh schedule to use. The timezone ID must match a corresponding ID found on `java.util.time.getAvailableIDs()` .", + "title": "TimeZone", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", + "title": "AwsAccountId", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateVersionDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "Name": { + "markdownDescription": "A display name for the template.", + "title": "Name", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ResourcePermission" + }, + "markdownDescription": "A list of resource permissions to be set on the template.", + "title": "Permissions", + "type": "array" + }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceEntity", + "markdownDescription": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", + "title": "SourceEntity" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource.", + "title": "Tags", + "type": "array" + }, + "TemplateId": { + "markdownDescription": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account.", + "title": "TemplateId", + "type": "string" + }, + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + }, + "VersionDescription": { + "markdownDescription": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field.", + "title": "VersionDescription", + "type": "string" + } + }, + "required": [ + "AwsAccountId", + "TemplateId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Template" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::Template.AggregationFunction": { + "additionalProperties": false, + "properties": { + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" + }, + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" + }, + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", + "type": "string" + }, + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AggregationSortConfiguration": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" + }, + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", + "type": "string" + } + }, + "required": [ + "Column", + "SortDirection" + ], + "type": "object" + }, + "AWS::QuickSight::Template.AnalysisDefaults": { + "additionalProperties": false, + "properties": { + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" + } + }, + "required": [ + "DefaultNewSheetConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.AnchorDateConfiguration": { + "additionalProperties": false, + "properties": { + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcAxisConfiguration": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" + }, + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcAxisDisplayRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcConfiguration": { + "additionalProperties": false, + "properties": { + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", + "type": "number" + }, + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcOptions": { + "additionalProperties": false, + "properties": { + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AssetOptions": { + "additionalProperties": false, + "properties": { + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", + "type": "string" + }, + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AttributeAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", + "type": "string" + }, + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisDataOptions": { + "additionalProperties": false, + "properties": { + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" + }, + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisDisplayMinMaxRange": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", + "type": "number" + }, + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", + "type": "object" + }, + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", + "type": "string" + }, + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" + }, + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", + "type": "object" + }, + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" + }, + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisDisplayRange": { + "additionalProperties": false, + "properties": { + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" + }, + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisLabelOptions": { + "additionalProperties": false, + "properties": { + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" + }, + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisLabelReferenceOptions": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The field that the axis label is targeted to.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.AxisLinearScale": { + "additionalProperties": false, + "properties": { + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisLogarithmicScale": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisScale": { + "additionalProperties": false, + "properties": { + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" + }, + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisTickLabelOptions": { + "additionalProperties": false, + "properties": { + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" + }, + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", + "type": "string" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartFieldWells": { + "additionalProperties": false, + "properties": { + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.BinCountOptions": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BinWidthOptions": { + "additionalProperties": false, + "properties": { + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", + "type": "number" + }, + "Value": { + "markdownDescription": "The options that determine the bin width value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" + }, + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" + }, + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" + } + }, + "required": [ + "Content", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionContent": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionDynamicCategoryDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionDynamicNumericDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionRepeatConfiguration": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" + }, + "NonRepeatingVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", + "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionRepeatDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" + }, + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionRepeatPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotChartConfiguration": { + "additionalProperties": false, + "properties": { + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotFieldWells": { + "additionalProperties": false, + "properties": { + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotOptions": { + "additionalProperties": false, + "properties": { + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", + "type": "object" + }, + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", + "type": "object" + }, + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of a group by fields.", + "title": "CategorySort", + "type": "array" + }, + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotStyleOptions": { + "additionalProperties": false, + "properties": { + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CalculatedField": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CalculatedMeasureField": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Expression", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CascadingControlConfiguration": { + "additionalProperties": false, + "properties": { + "SourceControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlSource" + }, + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CascadingControlSource": { + "additionalProperties": false, + "properties": { + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" + }, + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CategoricalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CategoricalMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CategoryDrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + } + }, + "required": [ + "CategoryValues", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CategoryFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + } + }, + "required": [ + "Column", + "Configuration", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CategoryFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" + }, + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" + }, + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CategoryInnerFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" + } + }, + "required": [ + "Column", + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ChartAxisLabelOptions": { + "additionalProperties": false, + "properties": { + "AxisLabelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelOptions" + }, + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", + "type": "array" + }, + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", + "type": "object" + }, + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ClusterMarker": { + "additionalProperties": false, + "properties": { + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Template.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ClusterMarkerConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColorScale": { + "additionalProperties": false, + "properties": { + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", + "type": "string" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataColor" + }, + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", + "type": "array" + }, + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" + } + }, + "required": [ + "ColorFillType", + "Colors" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ColorsConfiguration": { + "additionalProperties": false, + "properties": { + "CustomColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomColor" + }, + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnConfiguration": { + "additionalProperties": false, + "properties": { + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column.", + "title": "Column" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" + }, + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", + "type": "string" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ColumnGroupColumnSchema": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the column group's column schema.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnGroupSchema": { + "additionalProperties": false, + "properties": { + "ColumnGroupColumnSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupColumnSchema" + }, + "markdownDescription": "A structure containing the list of schemas for column group columns.", + "title": "ColumnGroupColumnSchemaList", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the column group schema.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnHierarchy": { + "additionalProperties": false, + "properties": { + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" + }, + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" + }, + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnIdentifier": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", + "type": "string" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", + "type": "string" + } + }, + "required": [ + "ColumnName", + "DataSetIdentifier" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ColumnSchema": { + "additionalProperties": false, + "properties": { + "DataType": { + "markdownDescription": "The data type of the column schema.", + "title": "DataType", + "type": "string" + }, + "GeographicRole": { + "markdownDescription": "The geographic role of the column schema.", + "title": "GeographicRole", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the column schema.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnSort": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" + }, + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" + } + }, + "required": [ + "Direction", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ColumnTooltipItem": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "object" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "BarValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", + "type": "array" + }, + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated category field wells of a combo chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", + "type": "array" + }, + "LineValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" + }, + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartFieldWells": { + "additionalProperties": false, + "properties": { + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the color field well in a combo chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ComparisonConfiguration": { + "additionalProperties": false, + "properties": { + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" + }, + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComparisonFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.Computation": { + "additionalProperties": false, + "properties": { + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" + }, + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Template.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" + }, + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Template.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" + }, + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" + }, + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Template.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" + }, + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" + }, + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingColor": { + "additionalProperties": false, + "properties": { + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", + "type": "string" + }, + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" + }, + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", + "type": "string" + }, + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" + } + }, + "required": [ + "Expression", + "IconOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", + "type": "string" + }, + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingGradientColor": { + "additionalProperties": false, + "properties": { + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Template.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" + }, + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Color", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingIcon": { + "additionalProperties": false, + "properties": { + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" + }, + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration": { + "additionalProperties": false, + "properties": { + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingIconSet": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", + "type": "string" + }, + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingSolidColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for solid color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ContextMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ContributionAnalysisDefault": { + "additionalProperties": false, + "properties": { + "ContributorDimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", + "type": "array" + }, + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", + "type": "string" + } + }, + "required": [ + "ContributorDimensions", + "MeasureFieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomActionFilterOperation": { + "additionalProperties": false, + "properties": { + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" + }, + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" + } + }, + "required": [ + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomActionNavigationOperation": { + "additionalProperties": false, + "properties": { + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomActionSetParametersOperation": { + "additionalProperties": false, + "properties": { + "ParameterValueConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SetParameterValueConfiguration" + }, + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", + "type": "array" + } + }, + "required": [ + "ParameterValueConfigurations" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomActionURLOperation": { + "additionalProperties": false, + "properties": { + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", + "type": "string" + }, + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", + "type": "string" + } + }, + "required": [ + "URLTarget", + "URLTemplate" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", + "type": "string" + }, + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomContentConfiguration": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", + "type": "string" + }, + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", + "type": "string" + }, + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomContentVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", + "type": "string" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomFilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomNarrativeOptions": { + "additionalProperties": false, + "properties": { + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", + "type": "string" + } + }, + "required": [ + "Narrative" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomParameterValues": { + "additionalProperties": false, + "properties": { + "DateTimeValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", + "type": "array" + }, + "DecimalValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", + "type": "array" + }, + "IntegerValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", + "type": "array" + }, + "StringValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomValuesConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" + }, + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" + } + }, + "required": [ + "CustomValues" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataBarsOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", + "type": "string" + }, + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", + "type": "string" + }, + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataFieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataLabelOptions": { + "additionalProperties": false, + "properties": { + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", + "type": "object" + }, + "DataLabelTypes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelType" + }, + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", + "type": "array" + }, + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", + "type": "string" + }, + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", + "type": "object" + }, + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", + "type": "string" + }, + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", + "type": "object" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the data labels.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataLabelType": { + "additionalProperties": false, + "properties": { + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" + }, + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" + }, + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" + }, + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" + }, + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataPathColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", + "type": "string" + }, + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Color", + "Element" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataPathLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataPathSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", + "type": "string" + }, + "SortPaths": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + }, + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", + "type": "array" + } + }, + "required": [ + "Direction", + "SortPaths" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataPathType": { + "additionalProperties": false, + "properties": { + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataPathValue": { + "additionalProperties": false, + "properties": { + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataSetConfiguration": { + "additionalProperties": false, + "properties": { + "ColumnGroupSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupSchema" + }, + "markdownDescription": "A structure containing the list of column group schemas.", + "title": "ColumnGroupSchemaList", + "type": "array" + }, + "DataSetSchema": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetSchema", + "markdownDescription": "Dataset schema.", + "title": "DataSetSchema" + }, + "Placeholder": { + "markdownDescription": "Placeholder.", + "title": "Placeholder", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataSetReference": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", + "type": "string" + }, + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", + "type": "string" + } + }, + "required": [ + "DataSetArn", + "DataSetPlaceholder" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataSetSchema": { + "additionalProperties": false, + "properties": { + "ColumnSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSchema" + }, + "markdownDescription": "A structure containing the list of column schemas.", + "title": "ColumnSchemaList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateAxisOptions": { + "additionalProperties": false, + "properties": { + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" + }, + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DateMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DateTimeDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateTimeFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", + "type": "string" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateTimeHierarchy": { + "additionalProperties": false, + "properties": { + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DateTimeParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DateTimePickerControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", + "type": "object" + }, + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", + "type": "object" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DecimalDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DecimalParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DecimalPlacesConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" + } + }, + "required": [ + "DecimalPlaces" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultDateTimePickerControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "Type": { + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultFilterControlConfiguration": { + "additionalProperties": false, + "properties": { + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" + }, + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ControlOptions", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DefaultFilterControlOptions": { + "additionalProperties": false, + "properties": { + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" + }, + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" + }, + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" + }, + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" + }, + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" + }, + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" + }, + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultFilterDropDownControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultFilterListControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DefaultGridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" + }, + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultNewSheetConfiguration": { + "additionalProperties": false, + "properties": { + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" + }, + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" + }, + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DefaultSliderControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "MaximumValue", + "MinimumValue", + "StepSize" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DefaultTextAreaControlOptions": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultTextFieldControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DestinationParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" + }, + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", + "type": "string" + }, + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" + }, + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DimensionField": { + "additionalProperties": false, + "properties": { + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" + }, + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" + }, + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DonutCenterOptions": { + "additionalProperties": false, + "properties": { + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DonutOptions": { + "additionalProperties": false, + "properties": { + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" + }, + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DropDownControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DynamicDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" + }, + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" + }, + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" + } + }, + "required": [ + "DefaultValueColumn" + ], + "type": "object" + }, + "AWS::QuickSight::Template.EmptyVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.Entity": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ExcludePeriodConfiguration": { + "additionalProperties": false, + "properties": { + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", + "type": "number" + }, + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Amount", + "Granularity" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ExplicitHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FieldBasedTooltip": { + "additionalProperties": false, + "properties": { + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", + "type": "object" + }, + "TooltipFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipItem" + }, + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", + "type": "array" + }, + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FieldLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the field label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", + "title": "FieldId", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FieldSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Direction", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FieldSortOptions": { + "additionalProperties": false, + "properties": { + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" + }, + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FieldTooltipItem": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", + "type": "string" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "object" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "required": [ + "ConditionalFormattingOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" + } + }, + "required": [ + "Shape" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapFieldWells": { + "additionalProperties": false, + "properties": { + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapShapeConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", + "type": "string" + }, + "Format": { + "$ref": "#/definitions/AWS::QuickSight::Template.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the location fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.Filter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" + }, + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" + }, + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" + }, + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" + }, + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterControl": { + "additionalProperties": false, + "properties": { + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" + }, + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterCrossSheetControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterDropDownControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterGroup": { + "additionalProperties": false, + "properties": { + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", + "type": "string" + }, + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Filter" + }, + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", + "type": "array" + }, + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" + }, + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterListControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration": { + "additionalProperties": false, + "properties": { + "SelectedColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", + "type": "array" + }, + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", + "type": "string" + }, + "SelectedFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration": { + "additionalProperties": false, + "properties": { + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterRelativeDateTimeControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" + }, + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterSelectableValues": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", + "type": "string" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterTextAreaControl": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FontConfiguration": { + "additionalProperties": false, + "properties": { + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", + "type": "string" + }, + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", + "type": "string" + }, + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", + "type": "string" + }, + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" + }, + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", + "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FontSize": { + "additionalProperties": false, + "properties": { + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", + "type": "string" + }, + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FontWeight": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ForecastComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", + "type": "number" + }, + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ForecastConfiguration": { + "additionalProperties": false, + "properties": { + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" + }, + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ForecastScenario": { + "additionalProperties": false, + "properties": { + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" + }, + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FormatConfiguration": { + "additionalProperties": false, + "properties": { + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" + }, + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" + }, + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutElement": { + "additionalProperties": false, + "properties": { + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" + }, + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", + "type": "string" + }, + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Template.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" + }, + "RenderingRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementRenderingRule" + }, + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", + "type": "array" + }, + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" + }, + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", + "type": "string" + }, + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" + }, + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", + "type": "string" + } + }, + "required": [ + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" + } + }, + "required": [ + "OptimizedViewPortWidth" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", + "title": "CategoryLabelOptions" + }, + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartDataLabelOptions": { + "additionalProperties": false, + "properties": { + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", + "type": "object" + }, + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", + "type": "string" + }, + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "object" + }, + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartFieldWells": { + "additionalProperties": false, + "properties": { + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartArcConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", + "type": "string" + }, + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartConfiguration": { + "additionalProperties": false, + "properties": { + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", + "title": "FieldWells" + }, + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "TooltipOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartOptions": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" + }, + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" + }, + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialCoordinateBounds": { + "additionalProperties": false, + "properties": { + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" + }, + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" + }, + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" + }, + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" + } + }, + "required": [ + "East", + "North", + "South", + "West" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialHeatmapColorScale": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapDataColor" + }, + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialHeatmapConfiguration": { + "additionalProperties": false, + "properties": { + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialHeatmapDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", + "type": "array" + }, + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" + }, + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "", + "title": "VisualPalette" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapFieldWells": { + "additionalProperties": false, + "properties": { + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapStyleOptions": { + "additionalProperties": false, + "properties": { + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialPointStyleOptions": { + "additionalProperties": false, + "properties": { + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" + }, + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" + }, + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialWindowOptions": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" + }, + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GlobalTableBorderOptions": { + "additionalProperties": false, + "properties": { + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" + }, + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GradientColor": { + "additionalProperties": false, + "properties": { + "Stops": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GradientStop" + }, + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GradientStop": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", + "type": "number" + }, + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", + "type": "number" + } + }, + "required": [ + "GradientOffset" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GridLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutElement" + }, + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GridLayoutElement": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" + }, + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" + } + }, + "required": [ + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" + }, + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", + "type": "string" + } + }, + "required": [ + "ResizeOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GrowthRateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", + "type": "number" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.HeaderFooterSectionConfiguration": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" + }, + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" + } + }, + "required": [ + "Layout", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.HeatMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well of a heat map.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HeatMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" + }, + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HeatMapFieldWells": { + "additionalProperties": false, + "properties": { + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HeatMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" + }, + "HeatMapColumnSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", + "type": "array" + }, + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" + }, + "HeatMapRowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HeatMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.HistogramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HistogramBinOptions": { + "additionalProperties": false, + "properties": { + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Template.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" + }, + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Template.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" + }, + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HistogramConfiguration": { + "additionalProperties": false, + "properties": { + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HistogramFieldWells": { + "additionalProperties": false, + "properties": { + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HistogramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ImageCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ImageCustomActionOperation": { + "additionalProperties": false, + "properties": { + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ImageInteractionOptions": { + "additionalProperties": false, + "properties": { + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ImageMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.InnerFilter": { + "additionalProperties": false, + "properties": { + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.InsightConfiguration": { + "additionalProperties": false, + "properties": { + "Computations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Computation" + }, + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", + "type": "array" + }, + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.InsightVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", + "type": "string" + }, + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.IntegerDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `IntegerDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.IntegerParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" + }, + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIActualValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormattingOption" + }, + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" + }, + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", + "type": "array" + }, + "TrendGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIOptions": { + "additionalProperties": false, + "properties": { + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Template.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" + }, + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" + }, + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" + }, + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Template.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIProgressBarConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPISortConfiguration": { + "additionalProperties": false, + "properties": { + "TrendGroupSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPISparklineOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", + "type": "object" + }, + "Type": { + "markdownDescription": "The type of the sparkline.", + "title": "Type", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", + "type": "object" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.KPIVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.KPIVisualLayoutOptions": { + "additionalProperties": false, + "properties": { + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIVisualStandardLayout": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The standard layout type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.LabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the label is visible.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.Layout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.LayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" + }, + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LegendOptions": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", + "type": "string" + }, + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" + }, + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the legend is visible.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartConfiguration": { + "additionalProperties": false, + "properties": { + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" + }, + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" + }, + "ForecastConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastConfiguration" + }, + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", + "type": "array" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", + "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" + }, + "Type": { + "markdownDescription": "Determines the type of the line chart.", + "title": "Type", + "type": "string" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartDefaultSeriesSettings": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", + "type": "string" + }, + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartFieldWells": { + "additionalProperties": false, + "properties": { + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartLineStyleSettings": { + "additionalProperties": false, + "properties": { + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", + "type": "string" + }, + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", + "type": "string" + }, + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", + "type": "object" + }, + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartMarkerStyleSettings": { + "additionalProperties": false, + "properties": { + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", + "type": "string" + }, + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", + "type": "string" + }, + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", + "type": "string" + }, + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.LineSeriesAxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" + }, + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MissingDataConfiguration" + }, + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ListControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ListControlSearchOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ListControlSelectAllOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LoadingAnimation": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LocalNavigationConfiguration": { + "additionalProperties": false, + "properties": { + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", + "type": "string" + } + }, + "required": [ + "TargetSheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.LongFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.MappedDataSetParameter": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", + "title": "DataSetIdentifier", + "type": "string" + }, + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "DataSetParameterName" + ], + "type": "object" + }, + "AWS::QuickSight::Template.MaximumLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.MaximumMinimumComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.MeasureField": { + "additionalProperties": false, + "properties": { + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" + }, + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" + }, + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" + }, + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.MetricComparisonComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.MinimumLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the minimum label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.MissingDataConfiguration": { + "additionalProperties": false, + "properties": { + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NegativeValueConfiguration": { + "additionalProperties": false, + "properties": { + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", + "type": "string" + } + }, + "required": [ + "DisplayMode" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NestedFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" + } + }, + "required": [ + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NullValueFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", + "type": "string" + } + }, + "required": [ + "NullString" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NumberDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the number format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumberFormatConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericAxisOptions": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" + }, + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericEqualityDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Value": { + "markdownDescription": "The value of the double input numeric drill down filter.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Column", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NumericEqualityFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + }, + "Value": { + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Column", + "FilterId", + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NumericFormatConfiguration": { + "additionalProperties": false, + "properties": { + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" + }, + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericRangeFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" + }, + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NumericRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", + "type": "string" + }, + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericSeparatorConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Template.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericalAggregationFunction": { + "additionalProperties": false, + "properties": { + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" + }, + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NumericalMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PaginationConfiguration": { + "additionalProperties": false, + "properties": { + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", + "type": "number" + }, + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", + "type": "number" + } + }, + "required": [ + "PageNumber", + "PageSize" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PanelConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", + "type": "string" + }, + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "object" + }, + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", + "type": "string" + }, + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", + "type": "string" + }, + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", + "type": "string" + }, + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "object" + }, + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", + "type": "string" + }, + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", + "type": "object" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", + "title": "Title" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PanelTitleOptions": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" + }, + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ParameterControl": { + "additionalProperties": false, + "properties": { + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", + "title": "List" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ParameterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" + }, + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" + }, + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" + }, + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ParameterDropDownControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ParameterListControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of `ParameterListControl` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ParameterSelectableValues": { + "additionalProperties": false, + "properties": { + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ParameterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `ParameterSliderControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "MaximumValue", + "MinimumValue", + "ParameterControlId", + "SourceParameterName", + "StepSize", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ParameterTextAreaControl": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ParameterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextFieldControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PercentVisibleRange": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PercentageDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PercentileAggregation": { + "additionalProperties": false, + "properties": { + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PeriodOverPeriodComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PeriodToDateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PieChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PieChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", + "title": "CategoryLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PieChartFieldWells": { + "additionalProperties": false, + "properties": { + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PieChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PieChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotFieldSortOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" + } + }, + "required": [ + "FieldId", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope" + }, + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", + "type": "array" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConditionalFormattingScope": { + "additionalProperties": false, + "properties": { + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", + "title": "SortConfiguration" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableDataPathOption": { + "additionalProperties": false, + "properties": { + "DataPathList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + }, + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", + "type": "array" + }, + "Width": { + "markdownDescription": "The width of the data path option.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "DataPathList" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldCollapseStateOption": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", + "type": "string" + }, + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" + } + }, + "required": [ + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget": { + "additionalProperties": false, + "properties": { + "FieldDataPathValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + }, + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", + "type": "array" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", + "type": "object" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldOptions": { + "additionalProperties": false, + "properties": { + "CollapseStateOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateOption" + }, + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", + "type": "array" + }, + "DataPathOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableDataPathOption" + }, + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", + "type": "array" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOption" + }, + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldSubtotalOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldWells": { + "additionalProperties": false, + "properties": { + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" + }, + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", + "type": "object" + }, + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" + }, + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", + "type": "object" + }, + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", + "type": "string" + }, + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" + }, + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" + }, + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", + "type": "string" + }, + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "object" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "object" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableRowsLabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the rows label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableSortBy": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" + }, + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" + }, + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableSortConfiguration": { + "additionalProperties": false, + "properties": { + "FieldSortOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotFieldSortOptions" + }, + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableTotalOptions": { + "additionalProperties": false, + "properties": { + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" + }, + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" + }, + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "object" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisual": { + "additionalProperties": false, + "properties": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" + }, + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual that you want to use.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "PluginArn", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualFieldWell" + }, + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" + }, + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualFieldWell": { + "additionalProperties": false, + "properties": { + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", + "type": "array" + }, + "Measures": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", + "type": "array" + }, + "Unaggregated": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" + }, + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualOptions": { + "additionalProperties": false, + "properties": { + "VisualProperties": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualProperty" + }, + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualProperty": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualSortConfiguration": { + "additionalProperties": false, + "properties": { + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualTableQuerySort": { + "additionalProperties": false, + "properties": { + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PredefinedHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ProgressBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.QueryExecutionOptions": { + "additionalProperties": false, + "properties": { + "QueryExecutionMode": { + "markdownDescription": "A structure that describes the query execution mode.", + "title": "QueryExecutionMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", + "type": "array" + }, + "Color": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartAreaStyleSettings": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartConfiguration": { + "additionalProperties": false, + "properties": { + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "object" + }, + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", + "type": "string" + }, + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" + }, + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" + }, + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" + }, + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "title": "SortConfiguration" + }, + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartFieldWells": { + "additionalProperties": false, + "properties": { + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.RangeEndsLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLine": { + "additionalProperties": false, + "properties": { + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" + }, + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" + }, + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", + "type": "string" + }, + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" + } + }, + "required": [ + "DataConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The string text of the custom label.", + "title": "CustomLabel", + "type": "string" + } + }, + "required": [ + "CustomLabel" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineDataConfiguration": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", + "type": "string" + }, + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" + }, + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", + "type": "string" + }, + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration": { + "additionalProperties": false, + "properties": { + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" + }, + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" + } + }, + "required": [ + "Calculation", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" + }, + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", + "title": "FontConfiguration" + }, + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", + "type": "string" + }, + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" + }, + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineStyleConfiguration": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color of the reference line.", + "title": "Color", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" + }, + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RelativeDatesFilter": { + "additionalProperties": false, + "properties": { + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", + "type": "string" + }, + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", + "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::Template.RollingDateConfiguration": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.RowAlternateColorOptions": { + "additionalProperties": false, + "properties": { + "RowAlternateColors": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", + "type": "array" + }, + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", + "type": "string" + }, + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SameSheetTargetVisualConfiguration": { + "additionalProperties": false, + "properties": { + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" + }, + "TargetVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Destination": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", + "type": "array" + }, + "Source": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", + "type": "array" + }, + "Weight": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramChartConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a sankey diagram.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramFieldWells": { + "additionalProperties": false, + "properties": { + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramSortConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" + }, + "SourceItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" + }, + "WeightSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" + }, + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", + "title": "YAxisDisplayOptions" + }, + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotFieldWells": { + "additionalProperties": false, + "properties": { + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" + }, + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" + }, + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ScrollBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the data zoom scroll bar.", + "title": "Visibility", + "type": "object" + }, + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SecondaryValueOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines the visibility of the secondary value.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionAfterPageBreak": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "BodySections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionConfiguration" + }, + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", + "type": "array" + }, + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" + }, + "FooterSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", + "type": "array" + }, + "HeaderSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", + "type": "array" + } + }, + "required": [ + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" + }, + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", + "type": "string" + }, + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" + } + }, + "required": [ + "FreeFormLayout" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SectionPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionStyle": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", + "type": "string" + }, + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "SheetVisualScopingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetVisualScopingConfiguration" + }, + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SeriesItem": { + "additionalProperties": false, + "properties": { + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" + }, + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SetParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.DestinationParameterValueConfiguration", + "markdownDescription": "", + "title": "Value" + } + }, + "required": [ + "DestinationParameterName", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ShapeConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" + } + }, + "required": [ + "BackgroundColor" + ], + "type": "object" + }, + "AWS::QuickSight::Template.Sheet": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetControlInfoIconLabelOptions": { + "additionalProperties": false, + "properties": { + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility configuration of info icon label options.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetControlLayout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetControlLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetDefinition": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", + "type": "string" + }, + "FilterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterControl" + }, + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", + "type": "array" + }, + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" + }, + "Layouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Layout" + }, + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "ParameterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterControl" + }, + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", + "type": "array" + }, + "SheetControlLayouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayout" + }, + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", + "type": "array" + }, + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", + "type": "string" + }, + "TextBoxes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetTextBox" + }, + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", + "type": "array" + }, + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", + "type": "string" + }, + "Visuals": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Visual" + }, + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", + "type": "array" + } + }, + "required": [ + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetElementConfigurationOverrides": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetElementRenderingRule": { + "additionalProperties": false, + "properties": { + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" + }, + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "ConfigurationOverrides", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetImage": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageCustomAction" + }, + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", + "type": "array" + }, + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" + }, + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" + }, + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" + } + }, + "required": [ + "SheetImageId", + "Source" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageScalingConfiguration": { + "additionalProperties": false, + "properties": { + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageSource": { + "additionalProperties": false, + "properties": { + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageTooltipConfiguration": { + "additionalProperties": false, + "properties": { + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageTooltipText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetTextBox": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", + "type": "string" + }, + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", + "type": "string" + } + }, + "required": [ + "SheetTextBoxId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetVisualScopingConfiguration": { + "additionalProperties": false, + "properties": { + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", + "type": "string" + }, + "VisualIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", + "type": "array" + } + }, + "required": [ + "Scope", + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ShortFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SimpleClusterMarker": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SingleAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SliderControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SmallMultiplesAxisProperties": { + "additionalProperties": false, + "properties": { + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", + "type": "string" + }, + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SmallMultiplesOptions": { + "additionalProperties": false, + "properties": { + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" + }, + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", + "type": "number" + }, + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" + }, + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" + }, + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.Spacing": { + "additionalProperties": false, + "properties": { + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", + "type": "string" + }, + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", + "type": "string" + }, + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", + "type": "string" + }, + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.StringDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.StringFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.StringParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.StringValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SubtotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", + "type": "string" + }, + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", + "type": "string" + }, + "FieldLevelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldSubtotalOptions" + }, + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", + "type": "array" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" + }, + "StyleTargets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableStyleTarget" + }, + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", + "type": "object" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableBorderOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", + "type": "string" + }, + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", + "type": "string" + }, + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableCellImageSizingConfiguration": { + "additionalProperties": false, + "properties": { + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableCellStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color for the table cells.", + "title": "BackgroundColor", + "type": "string" + }, + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Template.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" + }, + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" + }, + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", + "type": "string" + }, + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" + }, + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", + "title": "SortConfiguration" + }, + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableInlineVisualization" + }, + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldCustomIconContent": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldCustomTextContent": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" + }, + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "FontConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldImageConfiguration": { + "additionalProperties": false, + "properties": { + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldLinkConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" + }, + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Content", + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldLinkContentConfiguration": { + "additionalProperties": false, + "properties": { + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" + }, + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", + "type": "string" + }, + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" + }, + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldOptions": { + "additionalProperties": false, + "properties": { + "Order": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", + "type": "array" + }, + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOption" + }, + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" + }, + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldURLConfiguration": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldWells": { + "additionalProperties": false, + "properties": { + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" + }, + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableInlineVisualization": { + "additionalProperties": false, + "properties": { + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" + }, + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" + }, + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "object" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TablePinnedFieldOptions": { + "additionalProperties": false, + "properties": { + "PinnedLeftFields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableRowConditionalFormatting": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableSideBorderOptions": { + "additionalProperties": false, + "properties": { + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" + }, + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" + }, + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" + }, + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" + }, + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" + }, + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableSortConfiguration": { + "additionalProperties": false, + "properties": { + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableStyleTarget": { + "additionalProperties": false, + "properties": { + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", + "type": "string" + } + }, + "required": [ + "CellType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" + }, + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TemplateError": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Description of the error type.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "Type of error.", + "title": "Type", + "type": "string" + }, + "ViolatedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Entity" + }, + "markdownDescription": "An error path that shows which entities caused the template error.", + "title": "ViolatedEntities", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceAnalysis": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetReference" + }, + "markdownDescription": "A structure containing information about the dataset references used as placeholders in the template.", + "title": "DataSetReferences", + "type": "array" + } + }, + "required": [ + "Arn", + "DataSetReferences" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceEntity": { + "additionalProperties": false, + "properties": { + "SourceAnalysis": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceAnalysis", + "markdownDescription": "The source analysis, if it is based on an analysis.", + "title": "SourceAnalysis" + }, + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceTemplate", + "markdownDescription": "The source template, if it is based on an template.", + "title": "SourceTemplate" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceTemplate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TemplateVersion": { + "additionalProperties": false, + "properties": { + "CreatedTime": { + "markdownDescription": "The time that this template version was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSetConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" + }, + "markdownDescription": "Schema of the dataset identified by the placeholder. Any dashboard created from this template should be bound to new datasets matching the same schema described through this API operation.", + "title": "DataSetConfigurations", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the template.", + "title": "Description", + "type": "string" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateError" + }, + "markdownDescription": "Errors associated with this template version.", + "title": "Errors", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, + "SourceEntityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an analysis or template that was used to create this template.", + "title": "SourceEntityArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The status that is associated with the template.\n\n- `CREATION_IN_PROGRESS`\n- `CREATION_SUCCESSFUL`\n- `CREATION_FAILED`\n- `UPDATE_IN_PROGRESS`\n- `UPDATE_SUCCESSFUL`\n- `UPDATE_FAILED`\n- `DELETED`", + "title": "Status", + "type": "string" + }, + "ThemeArn": { + "markdownDescription": "The ARN of the theme associated with this version of the template.", + "title": "ThemeArn", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "The version number of the template version.", + "title": "VersionNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateVersionDefinition": { + "additionalProperties": false, + "properties": { + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Template.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" + }, + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedField" + }, + "markdownDescription": "An array of calculated field definitions for the template.", + "title": "CalculatedFields", + "type": "array" + }, + "ColumnConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnConfiguration" + }, + "markdownDescription": "An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template.", + "title": "ColumnConfigurations", + "type": "array" + }, + "DataSetConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" + }, + "markdownDescription": "An array of dataset configurations. These configurations define the required columns for each dataset used within a template.", + "title": "DataSetConfigurations", + "type": "array" + }, + "FilterGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterGroup" + }, + "markdownDescription": "Filter definitions for a template.\n\nFor more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Template.AssetOptions", + "markdownDescription": "An array of option definitions for a template.", + "title": "Options" + }, + "ParameterDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDeclaration" + }, + "markdownDescription": "An array of parameter declarations for a template.\n\n*Parameters* are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", + "type": "array" + }, + "QueryExecutionOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.QueryExecutionOptions", + "markdownDescription": "", + "title": "QueryExecutionOptions" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for a template.", + "title": "Sheets", + "type": "array" + } + }, + "required": [ + "DataSetConfigurations" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TextAreaControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TextConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" + }, + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TextControlPlaceholderOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TextFieldControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ThousandSeparatorOptions": { + "additionalProperties": false, + "properties": { + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TimeBasedForecastProperties": { + "additionalProperties": false, + "properties": { + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TimeEqualityFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TimeRangeDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", + "type": "string" + }, + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TimeRangeFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TimeRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TooltipItem": { + "additionalProperties": false, + "properties": { + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" + }, + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TooltipOptions": { + "additionalProperties": false, + "properties": { + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" + }, + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TopBottomFilter": { + "additionalProperties": false, + "properties": { + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationSortConfiguration" + }, + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", + "type": "number" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AggregationSortConfigurations", + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TopBottomMoversComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TopBottomRankedComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TotalAggregationComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TotalAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TotalAggregationOption": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", + "type": "string" + }, + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" + } + }, + "required": [ + "FieldId", + "TotalAggregationFunction" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation settings for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "Cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", + "type": "string" + } + }, + "required": [ + "ColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", + "type": "array" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", + "type": "array" + }, + "Sizes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", + "title": "ColorLabelOptions" + }, + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapFieldWells": { + "additionalProperties": false, + "properties": { + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "TreeMapGroupItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" + }, + "TreeMapSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TrendArrowOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the trend arrows.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.UnaggregatedField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.UniqueValuesComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ValidationStrategy": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::QuickSight::Template.VisibleRangeOptions": { + "additionalProperties": false, + "properties": { + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.Visual": { + "additionalProperties": false, + "properties": { + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" + }, + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" + }, + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" + }, + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" + }, + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" + }, + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" + }, + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" + }, + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" + }, + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" + }, + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" + }, + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" + }, + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" + }, + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" + }, + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" + }, + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" + }, + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Template.VisualCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualInteractionOptions": { + "additionalProperties": false, + "properties": { + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualPalette": { + "additionalProperties": false, + "properties": { + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", + "type": "string" + }, + "ColorMap": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathColor" + }, + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualSubtitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Template.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualTitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Template.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the title label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Breakdowns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", + "type": "array" + }, + "Categories": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a waterfall visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" + }, + "CategoryAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" + }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a waterfall visual.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend configuration of a waterfall visual.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", + "title": "SortConfiguration" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a waterfall visual.", + "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartFieldWells": { + "additionalProperties": false, + "properties": { + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartGroupColorConfiguration": { + "additionalProperties": false, + "properties": { + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" + }, + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartOptions": { + "additionalProperties": false, + "properties": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WhatIfPointScenario": { + "additionalProperties": false, + "properties": { + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Date", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WhatIfRangeScenario": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "EndDate", + "StartDate", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", + "title": "Size", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" + }, + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudFieldWells": { + "additionalProperties": false, + "properties": { + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudOptions": { + "additionalProperties": false, + "properties": { + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", + "type": "string" + }, + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" + }, + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", + "type": "string" + }, + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", + "type": "string" + }, + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", + "type": "string" + }, + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.YAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", + "type": "string" + } + }, + "required": [ + "YAxis" + ], + "type": "object" + }, + "AWS::QuickSight::Theme": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you want to store the new theme.", + "title": "AwsAccountId", + "type": "string" + }, + "BaseThemeId": { + "markdownDescription": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis.", + "title": "BaseThemeId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", + "markdownDescription": "The theme configuration, which contains the theme display properties.", + "title": "Configuration" + }, + "Name": { + "markdownDescription": "A display name for the theme.", + "title": "Name", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ResourcePermission" + }, + "markdownDescription": "A valid grouping of resource permissions to apply to the new theme.", + "title": "Permissions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource.", + "title": "Tags", + "type": "array" + }, + "ThemeId": { + "markdownDescription": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account.", + "title": "ThemeId", + "type": "string" + }, + "VersionDescription": { + "markdownDescription": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field.", + "title": "VersionDescription", + "type": "string" + } + }, + "required": [ + "AwsAccountId", + "BaseThemeId", + "Configuration", + "Name", + "ThemeId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Theme" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::Theme.BorderStyle": { + "additionalProperties": false, + "properties": { + "Show": { + "markdownDescription": "The option to enable display of borders for visuals.", + "title": "Show", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.DataColorPalette": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "type": "string" + }, + "markdownDescription": "The hexadecimal codes for the colors.", + "title": "Colors", + "type": "array" + }, + "EmptyFillColor": { + "markdownDescription": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.", + "title": "EmptyFillColor", + "type": "string" + }, + "MinMaxGradient": { + "items": { + "type": "string" + }, + "markdownDescription": "The minimum and maximum hexadecimal codes that describe a color gradient.", + "title": "MinMaxGradient", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.Font": { + "additionalProperties": false, + "properties": { + "FontFamily": { + "markdownDescription": "Determines the font family settings.", + "title": "FontFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.GutterStyle": { + "additionalProperties": false, + "properties": { + "Show": { + "markdownDescription": "This Boolean value controls whether to display a gutter space between sheet tiles.", + "title": "Show", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.MarginStyle": { + "additionalProperties": false, + "properties": { + "Show": { + "markdownDescription": "This Boolean value controls whether to display sheet margins.", + "title": "Show", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::Theme.SheetStyle": { + "additionalProperties": false, + "properties": { + "Tile": { + "$ref": "#/definitions/AWS::QuickSight::Theme.TileStyle", + "markdownDescription": "The display options for tiles.", + "title": "Tile" + }, + "TileLayout": { + "$ref": "#/definitions/AWS::QuickSight::Theme.TileLayoutStyle", + "markdownDescription": "The layout options for tiles.", + "title": "TileLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ThemeConfiguration": { + "additionalProperties": false, + "properties": { + "DataColorPalette": { + "$ref": "#/definitions/AWS::QuickSight::Theme.DataColorPalette", + "markdownDescription": "Color properties that apply to chart data colors.", + "title": "DataColorPalette" + }, + "Sheet": { + "$ref": "#/definitions/AWS::QuickSight::Theme.SheetStyle", + "markdownDescription": "Display options related to sheets.", + "title": "Sheet" + }, + "Typography": { + "$ref": "#/definitions/AWS::QuickSight::Theme.Typography", + "markdownDescription": "Determines the typography options.", + "title": "Typography" + }, + "UIColorPalette": { + "$ref": "#/definitions/AWS::QuickSight::Theme.UIColorPalette", + "markdownDescription": "Color properties that apply to the UI and to charts, excluding the colors that apply to data.", + "title": "UIColorPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ThemeError": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "The error message.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of error.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ThemeVersion": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "BaseThemeId": { + "markdownDescription": "The Amazon QuickSight-defined ID of the theme that a custom theme inherits from. All themes initially inherit from a default Amazon QuickSight theme.", + "title": "BaseThemeId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", + "markdownDescription": "The theme configuration, which contains all the theme display properties.", + "title": "Configuration" + }, + "CreatedTime": { + "markdownDescription": "The date and time that this theme version was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the theme.", + "title": "Description", + "type": "string" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeError" + }, + "markdownDescription": "Errors associated with the theme.", + "title": "Errors", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of the theme version.", + "title": "Status", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "The version number of the theme.", + "title": "VersionNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.TileLayoutStyle": { + "additionalProperties": false, + "properties": { + "Gutter": { + "$ref": "#/definitions/AWS::QuickSight::Theme.GutterStyle", + "markdownDescription": "The gutter settings that apply between tiles.", + "title": "Gutter" + }, + "Margin": { + "$ref": "#/definitions/AWS::QuickSight::Theme.MarginStyle", + "markdownDescription": "The margin settings that apply around the outside edge of sheets.", + "title": "Margin" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.TileStyle": { + "additionalProperties": false, + "properties": { + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Theme.BorderStyle", + "markdownDescription": "The border around a tile.", + "title": "Border" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.Typography": { + "additionalProperties": false, + "properties": { + "FontFamilies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.Font" + }, + "markdownDescription": "Determines the list of font families.", + "title": "FontFamilies", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.UIColorPalette": { + "additionalProperties": false, + "properties": { + "Accent": { + "markdownDescription": "This color is that applies to selected states and buttons.", + "title": "Accent", + "type": "string" + }, + "AccentForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the accent color.", + "title": "AccentForeground", + "type": "string" + }, + "Danger": { + "markdownDescription": "The color that applies to error messages.", + "title": "Danger", + "type": "string" + }, + "DangerForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the error color.", + "title": "DangerForeground", + "type": "string" + }, + "Dimension": { + "markdownDescription": "The color that applies to the names of fields that are identified as dimensions.", + "title": "Dimension", + "type": "string" + }, + "DimensionForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the dimension color.", + "title": "DimensionForeground", + "type": "string" + }, + "Measure": { + "markdownDescription": "The color that applies to the names of fields that are identified as measures.", + "title": "Measure", + "type": "string" + }, + "MeasureForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the measure color.", + "title": "MeasureForeground", + "type": "string" + }, + "PrimaryBackground": { + "markdownDescription": "The background color that applies to visuals and other high emphasis UI.", + "title": "PrimaryBackground", + "type": "string" + }, + "PrimaryForeground": { + "markdownDescription": "The color of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.", + "title": "PrimaryForeground", + "type": "string" + }, + "SecondaryBackground": { + "markdownDescription": "The background color that applies to the sheet background and sheet controls.", + "title": "SecondaryBackground", + "type": "string" + }, + "SecondaryForeground": { + "markdownDescription": "The foreground color that applies to any sheet title, sheet control text, or UI that appears over the secondary background.", + "title": "SecondaryForeground", + "type": "string" + }, + "Success": { + "markdownDescription": "The color that applies to success messages, for example the check mark for a successful download.", + "title": "Success", + "type": "string" + }, + "SuccessForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the success color.", + "title": "SuccessForeground", + "type": "string" + }, + "Warning": { + "markdownDescription": "This color that applies to warning and informational messages.", + "title": "Warning", + "type": "string" + }, + "WarningForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the warning color.", + "title": "WarningForeground", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account that you want to create a topic in.", + "title": "AwsAccountId", + "type": "string" + }, + "ConfigOptions": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicConfigOptions", + "markdownDescription": "Configuration options for a `Topic` .", + "title": "ConfigOptions" + }, + "DataSets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DatasetMetadata" + }, + "markdownDescription": "The data sets that the topic is associated with.", + "title": "DataSets", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the topic.", + "title": "Description", + "type": "string" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the topic.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "TopicId": { + "markdownDescription": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", + "title": "TopicId", + "type": "string" + }, + "UserExperienceVersion": { + "markdownDescription": "The user experience version of the topic.", + "title": "UserExperienceVersion", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Topic" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.CellValueSynonym": { + "additionalProperties": false, + "properties": { + "CellValue": { + "markdownDescription": "The cell value.", + "title": "CellValue", + "type": "string" + }, + "Synonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "Other names or aliases for the cell value.", + "title": "Synonyms", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.CollectiveConstant": { + "additionalProperties": false, + "properties": { + "ValueList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values for the collective constant.", + "title": "ValueList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.ComparativeOrder": { + "additionalProperties": false, + "properties": { + "SpecifedOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of columns to be used in the ordering.", + "title": "SpecifedOrder", + "type": "array" + }, + "TreatUndefinedSpecifiedValues": { + "markdownDescription": "The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` .", + "title": "TreatUndefinedSpecifiedValues", + "type": "string" + }, + "UseOrdering": { + "markdownDescription": "The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` .", + "title": "UseOrdering", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.DataAggregation": { + "additionalProperties": false, + "properties": { + "DatasetRowDateGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "DatasetRowDateGranularity", + "type": "string" + }, + "DefaultDateColumnName": { + "markdownDescription": "The column name for the default date.", + "title": "DefaultDateColumnName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.DatasetMetadata": { + "additionalProperties": false, + "properties": { + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCalculatedField" + }, + "markdownDescription": "The list of calculated field definitions.", + "title": "CalculatedFields", + "type": "array" + }, + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicColumn" + }, + "markdownDescription": "The list of column definitions.", + "title": "Columns", + "type": "array" + }, + "DataAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DataAggregation", + "markdownDescription": "The definition of a data aggregation.", + "title": "DataAggregation" + }, + "DatasetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset.", + "title": "DatasetArn", + "type": "string" + }, + "DatasetDescription": { + "markdownDescription": "The description of the dataset.", + "title": "DatasetDescription", + "type": "string" + }, + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicFilter" + }, + "markdownDescription": "The list of filter definitions.", + "title": "Filters", + "type": "array" + }, + "NamedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNamedEntity" + }, + "markdownDescription": "The list of named entities definitions.", + "title": "NamedEntities", + "type": "array" + } + }, + "required": [ + "DatasetArn" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.DefaultFormatting": { + "additionalProperties": false, + "properties": { + "DisplayFormat": { + "markdownDescription": "The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` .", + "title": "DisplayFormat", + "type": "string" + }, + "DisplayFormatOptions": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DisplayFormatOptions", + "markdownDescription": "The additional options for display formatting.", + "title": "DisplayFormatOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.DisplayFormatOptions": { + "additionalProperties": false, + "properties": { + "BlankCellFormat": { + "markdownDescription": "Determines the blank cell format.", + "title": "BlankCellFormat", + "type": "string" + }, + "CurrencySymbol": { + "markdownDescription": "The currency symbol, such as `USD` .", + "title": "CurrencySymbol", + "type": "string" + }, + "DateFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateFormat", + "type": "string" + }, + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "FractionDigits": { + "markdownDescription": "Determines the number of fraction digits.", + "title": "FractionDigits", + "type": "number" + }, + "GroupingSeparator": { + "markdownDescription": "Determines the grouping separator.", + "title": "GroupingSeparator", + "type": "string" + }, + "NegativeFormat": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NegativeFormat", + "markdownDescription": "The negative format.", + "title": "NegativeFormat" + }, + "Prefix": { + "markdownDescription": "The prefix value for a display format.", + "title": "Prefix", + "type": "string" + }, + "Suffix": { + "markdownDescription": "The suffix value for a display format.", + "title": "Suffix", + "type": "string" + }, + "UnitScaler": { + "markdownDescription": "The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` .", + "title": "UnitScaler", + "type": "string" + }, + "UseBlankCellFormat": { + "markdownDescription": "A Boolean value that indicates whether to use blank cell format.", + "title": "UseBlankCellFormat", + "type": "boolean" + }, + "UseGrouping": { + "markdownDescription": "A Boolean value that indicates whether to use grouping.", + "title": "UseGrouping", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.NamedEntityDefinition": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the entity.", + "title": "FieldName", + "type": "string" + }, + "Metric": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinitionMetric", + "markdownDescription": "The definition of a metric.", + "title": "Metric" + }, + "PropertyName": { + "markdownDescription": "The property name to be used for the named entity.", + "title": "PropertyName", + "type": "string" + }, + "PropertyRole": { + "markdownDescription": "The property role. Valid values for this structure are `PRIMARY` and `ID` .", + "title": "PropertyRole", + "type": "string" + }, + "PropertyUsage": { + "markdownDescription": "The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` .", + "title": "PropertyUsage", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.NamedEntityDefinitionMetric": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` .", + "title": "Aggregation", + "type": "string" + }, + "AggregationFunctionParameters": { + "additionalProperties": true, + "markdownDescription": "The additional parameters for an aggregation function.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AggregationFunctionParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.NegativeFormat": { + "additionalProperties": false, + "properties": { + "Prefix": { + "markdownDescription": "The prefix for a negative format.", + "title": "Prefix", + "type": "string" + }, + "Suffix": { + "markdownDescription": "The suffix for a negative format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.RangeConstant": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The maximum value for a range constant.", + "title": "Maximum", + "type": "string" + }, + "Minimum": { + "markdownDescription": "The minimum value for a range constant.", + "title": "Minimum", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.SemanticEntityType": { + "additionalProperties": false, + "properties": { + "SubTypeName": { + "markdownDescription": "The semantic entity sub type name.", + "title": "SubTypeName", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The semantic entity type name.", + "title": "TypeName", + "type": "string" + }, + "TypeParameters": { + "additionalProperties": true, + "markdownDescription": "The semantic entity type parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TypeParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.SemanticType": { + "additionalProperties": false, + "properties": { + "FalseyCellValue": { + "markdownDescription": "The semantic type falsey cell value.", + "title": "FalseyCellValue", + "type": "string" + }, + "FalseyCellValueSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the false cell value.", + "title": "FalseyCellValueSynonyms", + "type": "array" + }, + "SubTypeName": { + "markdownDescription": "The semantic type sub type name.", + "title": "SubTypeName", + "type": "string" + }, + "TruthyCellValue": { + "markdownDescription": "The semantic type truthy cell value.", + "title": "TruthyCellValue", + "type": "string" + }, + "TruthyCellValueSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the true cell value.", + "title": "TruthyCellValueSynonyms", + "type": "array" + }, + "TypeName": { + "markdownDescription": "The semantic type name.", + "title": "TypeName", + "type": "string" + }, + "TypeParameters": { + "additionalProperties": true, + "markdownDescription": "The semantic type parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TypeParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicCalculatedField": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", + "title": "Aggregation", + "type": "string" + }, + "AllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "AllowedAggregations", + "type": "array" + }, + "CalculatedFieldDescription": { + "markdownDescription": "The calculated field description.", + "title": "CalculatedFieldDescription", + "type": "string" + }, + "CalculatedFieldName": { + "markdownDescription": "The calculated field name.", + "title": "CalculatedFieldName", + "type": "string" + }, + "CalculatedFieldSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the calculated field.", + "title": "CalculatedFieldSynonyms", + "type": "array" + }, + "CellValueSynonyms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + }, + "markdownDescription": "The other names or aliases for the calculated field cell value.", + "title": "CellValueSynonyms", + "type": "array" + }, + "ColumnDataRole": { + "markdownDescription": "The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` .", + "title": "ColumnDataRole", + "type": "string" + }, + "ComparativeOrder": { + "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", + "markdownDescription": "The order in which data is displayed for the calculated field when it's used in a comparative context.", + "title": "ComparativeOrder" + }, + "DefaultFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", + "markdownDescription": "The default formatting definition.", + "title": "DefaultFormatting" + }, + "DisableIndexing": { + "markdownDescription": "A Boolean value that indicates if a calculated field is visible in the autocomplete.", + "title": "DisableIndexing", + "type": "boolean" + }, + "Expression": { + "markdownDescription": "The calculated field expression.", + "title": "Expression", + "type": "string" + }, + "IsIncludedInTopic": { + "markdownDescription": "A boolean value that indicates if a calculated field is included in the topic.", + "title": "IsIncludedInTopic", + "type": "boolean" + }, + "NeverAggregateInFilter": { + "markdownDescription": "A Boolean value that indicates whether to never aggregate calculated field in filters.", + "title": "NeverAggregateInFilter", + "type": "boolean" + }, + "NonAdditive": { + "markdownDescription": "The non additive for the table style target.", + "title": "NonAdditive", + "type": "boolean" + }, + "NotAllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "NotAllowedAggregations", + "type": "array" + }, + "SemanticType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", + "markdownDescription": "The semantic type.", + "title": "SemanticType" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "CalculatedFieldName", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicCategoryFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilterFunction": { + "markdownDescription": "The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` .", + "title": "CategoryFilterFunction", + "type": "string" + }, + "CategoryFilterType": { + "markdownDescription": "The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter.", + "title": "CategoryFilterType", + "type": "string" + }, + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilterConstant", + "markdownDescription": "The constant used in a category filter.", + "title": "Constant" + }, + "Inverse": { + "markdownDescription": "A Boolean value that indicates if the filter is inverse.", + "title": "Inverse", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicCategoryFilterConstant": { + "additionalProperties": false, + "properties": { + "CollectiveConstant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CollectiveConstant", + "markdownDescription": "A collective constant used in a category filter. This element is used to specify a list of values for the constant.", + "title": "CollectiveConstant" + }, + "ConstantType": { + "markdownDescription": "The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` .", + "title": "ConstantType", + "type": "string" + }, + "SingularConstant": { + "markdownDescription": "A singular constant used in a category filter. This element is used to specify a single value for the constant.", + "title": "SingularConstant", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicColumn": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "The type of aggregation that is performed on the column data when it's queried.", + "title": "Aggregation", + "type": "string" + }, + "AllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "AllowedAggregations", + "type": "array" + }, + "CellValueSynonyms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + }, + "markdownDescription": "The other names or aliases for the column cell value.", + "title": "CellValueSynonyms", + "type": "array" + }, + "ColumnDataRole": { + "markdownDescription": "The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` .", + "title": "ColumnDataRole", + "type": "string" + }, + "ColumnDescription": { + "markdownDescription": "A description of the column and its contents.", + "title": "ColumnDescription", + "type": "string" + }, + "ColumnFriendlyName": { + "markdownDescription": "A user-friendly name for the column.", + "title": "ColumnFriendlyName", + "type": "string" + }, + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", + "type": "string" + }, + "ColumnSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the column.", + "title": "ColumnSynonyms", + "type": "array" + }, + "ComparativeOrder": { + "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", + "markdownDescription": "The order in which data is displayed for the column when it's used in a comparative context.", + "title": "ComparativeOrder" + }, + "DefaultFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", + "markdownDescription": "The default formatting used for values in the column.", + "title": "DefaultFormatting" + }, + "DisableIndexing": { + "markdownDescription": "A Boolean value that indicates whether the column shows in the autocomplete functionality.", + "title": "DisableIndexing", + "type": "boolean" + }, + "IsIncludedInTopic": { + "markdownDescription": "A Boolean value that indicates whether the column is included in the query results.", + "title": "IsIncludedInTopic", + "type": "boolean" + }, + "NeverAggregateInFilter": { + "markdownDescription": "A Boolean value that indicates whether to aggregate the column data when it's used in a filter context.", + "title": "NeverAggregateInFilter", + "type": "boolean" + }, + "NonAdditive": { + "markdownDescription": "The non additive value for the column.", + "title": "NonAdditive", + "type": "boolean" + }, + "NotAllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "NotAllowedAggregations", + "type": "array" + }, + "SemanticType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", + "markdownDescription": "The semantic type of data contained in the column.", + "title": "SemanticType" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "ColumnName" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicConfigOptions": { + "additionalProperties": false, + "properties": { + "QBusinessInsightsEnabled": { + "markdownDescription": "Enables Amazon Q Business Insights for a `Topic` .", + "title": "QBusinessInsightsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicDateRangeFilter": { + "additionalProperties": false, + "properties": { + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", + "markdownDescription": "The constant used in a date range filter.", + "title": "Constant" + }, + "Inclusive": { + "markdownDescription": "A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them.", + "title": "Inclusive", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilter", + "markdownDescription": "The category filter that is associated with this filter.", + "title": "CategoryFilter" + }, + "DateRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicDateRangeFilter", + "markdownDescription": "The date range filter.", + "title": "DateRangeFilter" + }, + "FilterClass": { + "markdownDescription": "The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` .", + "title": "FilterClass", + "type": "string" + }, + "FilterDescription": { + "markdownDescription": "A description of the filter used to select items for a topic.", + "title": "FilterDescription", + "type": "string" + }, + "FilterName": { + "markdownDescription": "The name of the filter.", + "title": "FilterName", + "type": "string" + }, + "FilterSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the filter.", + "title": "FilterSynonyms", + "type": "array" + }, + "FilterType": { + "markdownDescription": "The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` .", + "title": "FilterType", + "type": "string" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericEqualityFilter", + "markdownDescription": "The numeric equality filter.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericRangeFilter", + "markdownDescription": "The numeric range filter.", + "title": "NumericRangeFilter" + }, + "OperandFieldName": { + "markdownDescription": "The name of the field that the filter operates on.", + "title": "OperandFieldName", + "type": "string" + }, + "RelativeDateFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRelativeDateFilter", + "markdownDescription": "The relative date filter.", + "title": "RelativeDateFilter" + } + }, + "required": [ + "FilterName", + "OperandFieldName" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicNamedEntity": { + "additionalProperties": false, + "properties": { + "Definition": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinition" + }, + "markdownDescription": "The definition of a named entity.", + "title": "Definition", + "type": "array" + }, + "EntityDescription": { + "markdownDescription": "The description of the named entity.", + "title": "EntityDescription", + "type": "string" + }, + "EntityName": { + "markdownDescription": "The name of the named entity.", + "title": "EntityName", + "type": "string" + }, + "EntitySynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the named entity.", + "title": "EntitySynonyms", + "type": "array" + }, + "SemanticEntityType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticEntityType", + "markdownDescription": "The type of named entity that a topic represents.", + "title": "SemanticEntityType" + } + }, + "required": [ + "EntityName" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicNumericEqualityFilter": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", + "title": "Aggregation", + "type": "string" + }, + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", + "markdownDescription": "The constant used in a numeric equality filter.", + "title": "Constant" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicNumericRangeFilter": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", + "title": "Aggregation", + "type": "string" + }, + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", + "markdownDescription": "The constant used in a numeric range filter.", + "title": "Constant" + }, + "Inclusive": { + "markdownDescription": "A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter.", + "title": "Inclusive", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicRangeFilterConstant": { + "additionalProperties": false, + "properties": { + "ConstantType": { + "markdownDescription": "The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` .", + "title": "ConstantType", + "type": "string" + }, + "RangeConstant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.RangeConstant", + "markdownDescription": "The value of the constant that is used to specify the endpoints of a range filter.", + "title": "RangeConstant" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicRelativeDateFilter": { + "additionalProperties": false, + "properties": { + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", + "markdownDescription": "The constant used in a relative date filter.", + "title": "Constant" + }, + "RelativeDateFilterFunction": { + "markdownDescription": "The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` .", + "title": "RelativeDateFilterFunction", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicSingularFilterConstant": { + "additionalProperties": false, + "properties": { + "ConstantType": { + "markdownDescription": "The type of the singular filter constant. Valid values for this structure are `SINGULAR` .", + "title": "ConstantType", + "type": "string" + }, + "SingularConstant": { + "markdownDescription": "The value of the singular filter constant.", + "title": "SingularConstant", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::VPCConnection": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the VPC connection.", + "title": "AvailabilityStatus", + "type": "string" + }, + "AwsAccountId": { + "markdownDescription": "The AWS account ID of the account where you want to create a new VPC connection.", + "title": "AwsAccountId", + "type": "string" + }, + "DnsResolvers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IP addresses of DNS resolver endpoints for the VPC connection.", + "title": "DnsResolvers", + "type": "array" + }, + "Name": { + "markdownDescription": "The display name for the VPC connection.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role associated with the VPC connection.", + "title": "RoleArn", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 security group IDs associated with the VPC connection.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs for the VPC connection.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection.", + "title": "Tags", + "type": "array" + }, + "VPCConnectionId": { + "markdownDescription": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account.", + "title": "VPCConnectionId", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::VPCConnection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::VPCConnection.NetworkInterface": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The availability zone that the network interface resides in.", + "title": "AvailabilityZone", + "type": "string" + }, + "ErrorMessage": { + "markdownDescription": "An error message.", + "title": "ErrorMessage", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The network interface ID.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the network interface.", + "title": "Status", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The subnet ID associated with the network interface.", + "title": "SubnetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RAM::Permission": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Specifies the name of the customer managed permission. The name must be unique within the AWS Region .", + "title": "Name", + "type": "string" + }, + "PolicyTemplate": { + "markdownDescription": "A string in JSON format string that contains the following elements of a resource-based policy:\n\n- *Effect* : must be set to `ALLOW` .\n- *Action* : specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *AWS Identity and Access Management User Guide* .\n- *Condition* : (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) in the *AWS Identity and Access Management User Guide* .\n\nThis template can't include either the `Resource` or `Principal` elements. Those are both filled in by AWS RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.", + "title": "PolicyTemplate", + "type": "object" + }, + "ResourceType": { + "markdownDescription": "Specifies the name of the resource type that this customer managed permission applies to.\n\nThe format is `** : **` and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string `ec2:subnet` . To see the list of valid values for this parameter, query the [ListResourceTypes](https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html) operation.", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies a list of one or more tag key and value pairs to attach to the permission.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "PolicyTemplate", + "ResourceType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RAM::Permission" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RAM::ResourceShare": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowExternalPrincipals": { + "markdownDescription": "Specifies whether principals outside your organization in AWS Organizations can be associated with a resource share. A value of `true` lets you share with individual AWS accounts that are *not* in your organization. A value of `false` only has meaning if your account is a member of an AWS Organization. The default value is `true` .", + "title": "AllowExternalPrincipals", + "type": "boolean" + }, + "Name": { + "markdownDescription": "Specifies the name of the resource share.", + "title": "Name", + "type": "string" + }, + "PermissionArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", + "title": "PermissionArns", + "type": "array" + }, + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", + "title": "Principals", + "type": "array" + }, + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", + "title": "ResourceArns", + "type": "array" + }, + "Sources": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies from which source accounts the service principal has access to the resources in this resource share.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RAM::ResourceShare" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::CustomDBEngineVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatabaseInstallationFilesS3BucketName": { + "markdownDescription": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files` .", + "title": "DatabaseInstallationFilesS3BucketName", + "type": "string" + }, + "DatabaseInstallationFilesS3Prefix": { + "markdownDescription": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1` . If this setting isn't specified, no prefix is assumed.", + "title": "DatabaseInstallationFilesS3Prefix", + "type": "string" + }, + "Description": { + "markdownDescription": "An optional description of your CEV.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The database engine to use for your custom engine version (CEV).\n\nValid values:\n\n- `custom-oracle-ee`\n- `custom-oracle-ee-cdb`", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The name of your CEV. The name format is `major version.customized_string` . For example, a valid CEV name is `19.my_cev1` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of `Engine` and `EngineVersion` is unique per customer per Region.\n\n*Constraints:* Minimum length is 1. Maximum length is 60.\n\n*Pattern:* `^[a-z0-9_.-]{1,60$` }", + "title": "EngineVersion", + "type": "string" + }, + "ImageId": { + "markdownDescription": "A value that indicates the ID of the AMI.", + "title": "ImageId", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS.\n\nIf you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in [Creating a symmetric encryption KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk) in the *AWS Key Management Service Developer Guide* .\n\nYou can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.", + "title": "KMSKeyId", + "type": "string" + }, + "Manifest": { + "markdownDescription": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.\n\nThe following JSON fields are valid:\n\n- **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format `YYYY-MM-DD` .\n- **databaseInstallationFileNames** - Ordered list of installation files for the CEV.\n- **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine.\n- **psuRuPatchFileNames** - The PSU and RU patches for this CEV.\n- **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches.\n\nFor more information, see [Creating the CEV manifest](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest) in the *Amazon RDS User Guide* .", + "title": "Manifest", + "type": "string" + }, + "SourceCustomDbEngineVersionIdentifier": { + "markdownDescription": "The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either `Source` or `UseAwsProvidedLatestImage` . You can't specify a different JSON manifest when you specify `SourceCustomDbEngineVersionIdentifier` .", + "title": "SourceCustomDbEngineVersionIdentifier", + "type": "string" + }, + "Status": { + "markdownDescription": "A value that indicates the status of a custom engine version (CEV).", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*", + "title": "Tags", + "type": "array" + }, + "UseAwsProvidedLatestImage": { + "markdownDescription": "Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify `UseAwsProvidedLatestImage` , you can't also specify `ImageId` .", + "title": "UseAwsProvidedLatestImage", + "type": "boolean" + } + }, + "required": [ + "Engine", + "EngineVersion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::CustomDBEngineVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBCluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nThis setting is required to create a Multi-AZ DB cluster.", + "title": "AllocatedStorage", + "type": "number" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBCluster.DBClusterRole" + }, + "markdownDescription": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "AssociatedRoles", + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB cluster.\n\nFor more information about automatic minor version upgrades, see [Automatically upgrading the minor engine version](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html#USER_UpgradeDBInstance.Upgrading.AutoMinorVersionUpgrades) .", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "AvailabilityZones", + "type": "array" + }, + "BacktrackWindow": { + "markdownDescription": "The target backtrack window, in seconds. To disable backtracking, set this value to `0` .\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: `0`\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).", + "title": "BacktrackWindow", + "type": "number" + }, + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "ClusterScalabilityType": { + "markdownDescription": "Specifies the scalability mode of the Aurora DB cluster. When set to `limitless` , the cluster operates as an Aurora Limitless Database, allowing you to create a DB shard group for horizontal scaling (sharding) capabilities. When set to `standard` (the default), the cluster uses normal DB instance creation.\n\n*Important:* Automated backup retention isn't supported with Aurora Limitless Database clusters. If you set this property to `limitless` , you cannot set `DeleteAutomatedBackups` to `false` . To create a backup, use manual snapshots instead.", + "title": "ClusterScalabilityType", + "type": "string" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterInstanceClass": { + "markdownDescription": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", + "title": "DBClusterInstanceClass", + "type": "string" + }, + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the DB cluster parameter group to associate with this DB cluster.\n\n> If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n> \n> If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. \n\nTo list all of the available DB cluster parameter group names, use the following command:\n\n`aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "DBInstanceParameterGroupName": { + "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster.\n\n> When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. \n\nValid for Cluster Type: Aurora DB clusters only\n\nDefault: The existing name setting\n\nConstraints:\n\n- The DB parameter group must be in the same DB parameter group family as this DB cluster.\n- The `DBInstanceParameterGroupName` parameter is valid in combination with the `AllowMajorVersionUpgrade` parameter for a major version upgrade only.", + "title": "DBInstanceParameterGroupName", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group that you want to associate with this DB cluster.\n\nIf you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DBSystemId": { + "markdownDescription": "Reserved for future use.", + "title": "DBSystemId", + "type": "string" + }, + "DatabaseInsightsMode": { + "markdownDescription": "The mode of Database Insights to enable for the DB cluster.\n\nIf you set this value to `advanced` , you must also set the `PerformanceInsightsEnabled` parameter to `true` and the `PerformanceInsightsRetentionPeriod` parameter to 465.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DatabaseInsightsMode", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DatabaseName", + "type": "string" + }, + "DeleteAutomatedBackups": { + "markdownDescription": "Specifies whether to remove automated backups immediately after the DB cluster is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB cluster is deleted, unless the AWS Backup policy specifies a point-in-time restore rule.", + "title": "DeleteAutomatedBackups", + "type": "boolean" + }, + "DeletionProtection": { + "markdownDescription": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DeletionProtection", + "type": "boolean" + }, + "Domain": { + "markdownDescription": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "Domain", + "type": "string" + }, + "DomainIAMRoleName": { + "markdownDescription": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", + "title": "DomainIAMRoleName", + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .\n\n*Aurora MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Aurora PostgreSQL*\n\nValid values: `postgresql`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EnableGlobalWriteForwarding": { + "markdownDescription": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EnableGlobalWriteForwarding", + "type": "boolean" + }, + "EnableHttpEndpoint": { + "markdownDescription": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n\nFor more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EnableHttpEndpoint", + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nFor more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", + "title": "EnableIAMDatabaseAuthentication", + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "markdownDescription": "Specifies whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.\n\nValid for: Aurora DB clusters only", + "title": "EnableLocalWriteForwarding", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this DB cluster.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your DB cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the DB cluster will fail if the DB major version is past its end of standard support date. \n\nYou can use this setting to enroll your DB cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB cluster past the end of standard support for that engine version. For more information, see the following sections:\n\n- Amazon Aurora - [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide*\n- Amazon RDS - [Amazon RDS Extended Support with Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineMode": { + "markdownDescription": "The DB engine mode of the DB cluster, either `provisioned` or `serverless` .\n\nThe `serverless` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the `provisioned` engine mode.\n\nFor information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* :\n\n- [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n- [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EngineMode", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nYou can supply either `5.7` or `8.0` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for MySQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`\n\n*Aurora MySQL*\n\nFor information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide* .\n\n*Aurora PostgreSQL*\n\nFor information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide* .\n\n*MySQL*\n\nFor information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide* .\n\n*PostgreSQL*\n\nFor information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "EngineVersion", + "type": "string" + }, + "GlobalClusterIdentifier": { + "markdownDescription": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.\n\nIf you aren't configuring a global database cluster, don't specify this property.\n\n> To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property. \n\nFor information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "GlobalClusterIdentifier", + "type": "string" + }, + "Iops": { + "markdownDescription": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nConstraints:\n\n- Must be a multiple between .5 and 50 of the storage amount for the DB cluster.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .\n\nIf you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set `KmsKeyId` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "KmsKeyId", + "type": "string" + }, + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" + }, + "MasterUserPassword": { + "markdownDescription": "The master password for the DB instance.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/AWS::RDS::DBCluster.MasterUserSecret", + "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\n> When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the `SecretArn` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret. \n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*", + "title": "MasterUserSecret" + }, + "MasterUsername": { + "markdownDescription": "The name of the master user for the DB cluster.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MasterUsername", + "type": "string" + }, + "MonitoringInterval": { + "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than `0` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", + "title": "MonitoringInterval", + "type": "number" + }, + "MonitoringRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , supply a `MonitoringRoleArn` value.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MonitoringRoleArn", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The network type of the DB cluster.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", + "title": "NetworkType", + "type": "string" + }, + "PerformanceInsightsEnabled": { + "markdownDescription": "Specifies whether to turn on Performance Insights for the DB cluster.\n\nFor more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PerformanceInsightsEnabled", + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PerformanceInsightsKmsKeyId", + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB cluster without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS issues an error.", + "title": "PerformanceInsightsRetentionPeriod", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nDefault:\n\n- When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)\n- When `EngineMode` is `serverless` :\n\n- `3306` when `Engine` is `aurora` or `aurora-mysql`\n- `5432` when `Engine` is `aurora-postgresql`\n\n> The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Port", + "type": "number" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible and you connect from outside of the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) endpoint resolves to the public IP address. When you connect from within the same VPC as the DB cluster, the endpoint resolves to the private IP address. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicationSourceIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n\nValid for: Aurora DB clusters only", + "title": "ReplicationSourceIdentifier", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "The date and time to restore the DB cluster to.\n\nValid Values: Value must be a time in Universal Coordinated Time (UTC) format\n\nConstraints:\n\n- Must be before the latest restorable time for the DB instance\n- Must be specified if `UseLatestRestorableTime` parameter isn't provided\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled\n- Can't be specified if the `RestoreType` parameter is `copy-on-write`\n\nThis property must be used with `SourceDBClusterIdentifier` property. The resulting cluster will have the identifier that matches the value of the `DBclusterIdentifier` property.\n\nExample: `2015-03-07T23:45:00Z`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "RestoreType", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::RDS::DBCluster.ScalingConfiguration", + "markdownDescription": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", + "title": "ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration", + "markdownDescription": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", + "title": "ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "SnapshotIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n- Cannot be specified if `SourceDbClusterResourceId` is specified. You must specify either `SourceDBClusterIdentifier` or `SourceDbClusterResourceId` , but not both.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "SourceRegion": { + "markdownDescription": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", + "title": "SourceRegion", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Tags", + "type": "array" + }, + "UseLatestRestorableTime": { + "markdownDescription": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with this DB cluster.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "VpcSecurityGroupIds", + "type": "array" + } }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", - "type": "array" + "type": "object" }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", + "Type": { + "enum": [ + "AWS::RDS::DBCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataPathList" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldCollapseStateOption": { + "AWS::RDS::DBCluster.DBClusterRole": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", + "FeatureName": { + "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", + "title": "FeatureName", "type": "string" }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "Target" + "RoleArn" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget": { + "AWS::RDS::DBCluster.Endpoint": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" - }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", - "type": "array" + "Address": { + "markdownDescription": "Specifies the connection endpoint for the primary instance of the DB cluster.", + "title": "Address", + "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldOption": { + "AWS::RDS::DBCluster.MasterUserSecret": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", + "title": "KmsKeyId", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values) .", + "title": "SecretArn", "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldOptions": { + "AWS::RDS::DBCluster.ReadEndpoint": { "additionalProperties": false, "properties": { - "CollapseStateOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateOption" - }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", - "type": "array" - }, - "DataPathOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableDataPathOption" - }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", - "type": "array" - }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOption" - }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", - "type": "array" + "Address": { + "markdownDescription": "The host address of the reader endpoint.", + "title": "Address", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldSubtotalOptions": { + "AWS::RDS::DBCluster.ScalingConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", + "AutoPause": { + "markdownDescription": "Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in `serverless` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).\n\n> If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.", + "title": "AutoPause", + "type": "boolean" + }, + "MaxCapacity": { + "markdownDescription": "The maximum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe maximum capacity must be greater than or equal to the minimum capacity.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe minimum capacity must be less than or equal to the maximum capacity.", + "title": "MinCapacity", + "type": "number" + }, + "SecondsBeforeTimeout": { + "markdownDescription": "The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300.\n\nSpecify a value between 60 and 600 seconds.", + "title": "SecondsBeforeTimeout", + "type": "number" + }, + "SecondsUntilAutoPause": { + "markdownDescription": "The time, in seconds, before an Aurora DB cluster in `serverless` mode is paused.\n\nSpecify a value between 300 and 86,400 seconds.", + "title": "SecondsUntilAutoPause", + "type": "number" + }, + "TimeoutAction": { + "markdownDescription": "The action to take when the timeout is reached, either `ForceApplyCapacityChange` or `RollbackCapacityChange` .\n\n`ForceApplyCapacityChange` sets the capacity to the specified value as soon as possible.\n\n`RollbackCapacityChange` , the default, ignores the capacity change if a scaling point isn't found in the timeout period.\n\n> If you specify `ForceApplyCapacityChange` , connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. \n\nFor more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide* .", + "title": "TimeoutAction", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldWells": { + "AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration": { "additionalProperties": false, "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" + "MaxCapacity": { + "markdownDescription": "The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.\n\nThe maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide* .\n\nAurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the `ParameterApplyStatus` value for the DB instance changes to `pending-reboot` . You can update the parameter values by rebooting the DB instance after changing the capacity range.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5.", + "title": "MinCapacity", + "type": "number" + }, + "SecondsUntilAutoPause": { + "markdownDescription": "Specifies the number of seconds an Aurora Serverless v2 DB instance must be idle before Aurora attempts to automatically pause it.\n\nSpecify a value between 300 seconds (five minutes) and 86,400 seconds (one day). The default is 300 seconds.", + "title": "SecondsUntilAutoPause", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableOptions": { + "AWS::RDS::DBClusterParameterGroup": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" + "Condition": { + "type": "string" }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", - "type": "string" + "Metadata": { + "type": "object" }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", + "Properties": { + "additionalProperties": false, + "properties": { + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing DB cluster parameter group.\n\n> This value is stored as a lowercase string.", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description for the DB cluster parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n\n*Aurora MySQL*\n\nExample: `aurora-mysql5.7` , `aurora-mysql8.0`\n\n*Aurora PostgreSQL*\n\nExample: `aurora-postgresql14`\n\n*RDS for MySQL*\n\nExample: `mysql8.0`\n\n*RDS for PostgreSQL*\n\nExample: `postgres13`\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`", + "title": "Family", + "type": "string" + }, + "Parameters": { + "markdownDescription": "Provides a list of parameters for the DB cluster parameter group.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB cluster parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBClusterParameterGroup" + ], "type": "string" }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBInstance": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" + "Metadata": { + "type": "object" }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n\n> If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments). \n\n*Amazon Aurora*\n\nNot applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n\n*Db2*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n\n*MySQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*MariaDB*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*PostgreSQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*Oracle*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 10 to 3072.\n\n*SQL Server*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Provisioned IOPS storage (io1):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Magnetic storage (standard):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 1024.\n- Web and Express editions: Must be an integer from 20 to 1024.", + "title": "AllocatedStorage", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "markdownDescription": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n\nConstraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "ApplyImmediately": { + "markdownDescription": "Specifies whether changes to the DB instance and any pending modifications are applied immediately, regardless of the `PreferredMaintenanceWindow` setting. If set to `false` , changes are applied during the next maintenance window. Until RDS applies the changes, the DB instance remains in a drift state. As a result, the configuration doesn't fully reflect the requested modifications and temporarily diverges from the intended state.\n\nIn addition to the settings described in [Modifying a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html) , this property also determines whether the DB instance reboots when a static parameter is modified in the associated DB parameter group.\n\nDefault: `true`", + "title": "ApplyImmediately", + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBInstance.DBInstanceRole" + }, + "markdownDescription": "The AWS Identity and Access Management (IAM) roles associated with the DB instance.\n\n*Amazon Aurora*\n\nNot applicable. The associated roles are managed by the DB cluster.", + "title": "AssociatedRoles", + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region , for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE` .", + "title": "AutomaticBackupReplicationKmsKeyId", + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "markdownDescription": "The AWS Region associated with the automated backup.", + "title": "AutomaticBackupReplicationRegion", + "type": "string" + }, + "AutomaticBackupReplicationRetentionPeriod": { + "markdownDescription": "The retention period for automated backups in a different AWS Region. Use this parameter to set a unique retention period that only applies to cross-Region automated backups. To enable automated backups in a different Region, specify a positive value for the `AutomaticBackupReplicationRegion` parameter.\n\nIf not specified, this parameter defaults to the value of the `BackupRetentionPeriod` parameter. The maximum allowed value is 35.", + "title": "AutomaticBackupReplicationRetentionPeriod", + "type": "number" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", + "title": "AvailabilityZone", + "type": "string" + }, + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "BackupTarget": { + "markdownDescription": "The location for storing automated backups and manual snapshots.\n\nValid Values:\n\n- `local` (Dedicated Local Zone)\n- `outposts` ( AWS Outposts)\n- `region` ( AWS Region )\n\nDefault: `region`\n\nFor more information, see [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the *Amazon RDS User Guide* .", + "title": "BackupTarget", + "type": "string" + }, + "CACertificateIdentifier": { + "markdownDescription": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", + "title": "CACertificateIdentifier", + "type": "string" + }, + "CertificateRotationRestart": { + "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "CertificateRotationRestart", + "type": "boolean" + }, + "CharacterSetName": { + "markdownDescription": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", + "title": "CharacterSetName", + "type": "string" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "markdownDescription": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n\nThis setting is required for RDS Custom.\n\nConstraints:\n\n- The profile must exist in your account.\n- The profile must have an IAM role that Amazon EC2 has permissions to assume.\n- The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .\n\nFor the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .", + "title": "CustomIAMInstanceProfile", + "type": "string" + }, + "DBClusterIdentifier": { + "markdownDescription": "The identifier of the DB cluster that this DB instance will belong to.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "markdownDescription": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n\nFor more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n- Can't be specified when `DBSnapshotIdentifier` is specified.\n- Must be specified when `DBSnapshotIdentifier` isn't specified.\n- If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.\n- Can't be the identifier of an Aurora DB cluster snapshot.", + "title": "DBClusterSnapshotIdentifier", + "type": "string" + }, + "DBInstanceClass": { + "markdownDescription": "The compute and memory capacity of the DB instance, for example `db.m5.large` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide* .", + "title": "DBInstanceClass", + "type": "string" + }, + "DBInstanceIdentifier": { + "markdownDescription": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DBName": { + "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n> If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle. \n\n*Amazon Aurora*\n\nNot applicable. The database name is managed by the DB cluster.\n\n*Db2*\n\nThe name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Can't be a word reserved by the specified database engine.\n\n*MySQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*MariaDB*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*PostgreSQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.\n\nConstraints:\n\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Must contain 1 to 63 characters.\n- Can't be a word reserved by the specified database engine\n\n*Oracle*\n\nThe Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .\n\nDefault: `ORCL`\n\nConstraints:\n\n- Can't be longer than 8 characters\n\n*SQL Server*\n\nNot applicable. Must be null.", + "title": "DBName", + "type": "string" + }, + "DBParameterGroupName": { + "markdownDescription": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n\nTo list all of the available DB parameter group names, use the following command:\n\n`aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`\n\n> If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot. \n\nIf you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.", + "title": "DBParameterGroupName", + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n\nIf you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n\n> If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n> \n> - `AllocatedStorage`\n> - `AutoMinorVersionUpgrade`\n> - `AvailabilityZone`\n> - `BackupRetentionPeriod`\n> - `CharacterSetName`\n> - `DBInstanceClass`\n> - `DBName`\n> - `DBParameterGroupName`\n> - `DBSecurityGroups`\n> - `DBSubnetGroupName`\n> - `Engine`\n> - `EngineVersion`\n> - `Iops`\n> - `LicenseModel`\n> - `MasterUsername`\n> - `MasterUserPassword`\n> - `MultiAZ`\n> - `OptionGroupName`\n> - `PreferredBackupWindow`\n> - `PreferredMaintenanceWindow`\n> \n> All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.", + "title": "DBSecurityGroups", + "type": "array" + }, + "DBSnapshotIdentifier": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n\nBy specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n\nSome DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties, and the point-in-time recovery properties `RestoreTime` and `UseLatestRestorableTime` . For information about the properties that you can specify, see the [`RestoreDBInstanceFromDBSnapshot`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html) action in the *Amazon RDS API Reference* .\n\nAfter you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.\n\nIf you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n\n- `CharacterSetName`\n- `DBClusterIdentifier`\n- `DBName`\n- `KmsKeyId`\n- `MasterUsername`\n- `MasterUserPassword`\n- `PromotionTier`\n- `SourceDBInstanceIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an unencrypted snapshot)\n- `Timezone`\n\n*Amazon Aurora*\n\nNot applicable. Snapshot restore is managed by the DB cluster.", + "title": "DBSnapshotIdentifier", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC.\n\nIf you don't specify a DB subnet group, RDS uses the default DB subnet group if one exists. If a default DB subnet group does not exist, and you don't specify a `DBSubnetGroupName` , the DB instance fails to launch.\n\nFor more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DBSystemId": { + "markdownDescription": "The Oracle system identifier (SID), which is the name of the Oracle database instance that manages your database files. In this context, the term \"Oracle database instance\" refers exclusively to the system global area (SGA) and Oracle background processes. If you don't specify a SID, the value defaults to `RDSCDB` . The Oracle SID is also the name of your CDB.", + "title": "DBSystemId", + "type": "string" + }, + "DatabaseInsightsMode": { + "markdownDescription": "The mode of Database Insights to enable for the DB instance.\n\n> Aurora DB instances inherit this value from the DB cluster, so you can't change this value.", + "title": "DatabaseInsightsMode", + "type": "string" + }, + "DedicatedLogVolume": { + "markdownDescription": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled.", + "title": "DedicatedLogVolume", + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "markdownDescription": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n\n*Amazon Aurora*\n\nNot applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.", + "title": "DeleteAutomatedBackups", + "type": "boolean" + }, + "DeletionProtection": { + "markdownDescription": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .\n\nThis setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", + "title": "DeletionProtection", + "type": "boolean" + }, + "Domain": { + "markdownDescription": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n\nFor more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .", + "title": "Domain", + "type": "string" + }, + "DomainAuthSecretArn": { + "markdownDescription": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n\nExample: `arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456`", + "title": "DomainAuthSecretArn", + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n\nConstraints:\n\n- Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n\nExample: `123.124.125.126,234.235.236.237`", + "title": "DomainDnsIps", + "type": "array" + }, + "DomainFqdn": { + "markdownDescription": "The fully qualified domain name (FQDN) of an Active Directory domain.\n\nConstraints:\n\n- Can't be longer than 64 characters.\n\nExample: `mymanagedADtest.mymanagedAD.mydomain`", + "title": "DomainFqdn", + "type": "string" + }, + "DomainIAMRoleName": { + "markdownDescription": "The name of the IAM role to use when making API calls to the Directory Service.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (The domain is managed by the DB cluster.)\n- RDS Custom", + "title": "DomainIAMRoleName", + "type": "string" + }, + "DomainOu": { + "markdownDescription": "The Active Directory organizational unit for your DB instance to join.\n\nConstraints:\n\n- Must be in the distinguished name format.\n- Can't be longer than 64 characters.\n\nExample: `OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain`", + "title": "DomainOu", + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. CloudWatch Logs exports are managed by the DB cluster.\n\n*Db2*\n\nValid values: `diag.log` , `notify.log`\n\n*MariaDB*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Microsoft SQL Server*\n\nValid values: `agent` , `error`\n\n*MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Oracle*\n\nValid values: `alert` , `audit` , `listener` , `trace` , `oemagent`\n\n*PostgreSQL*\n\nValid values: `postgresql` , `upgrade`", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nThis property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*\n\n*Amazon Aurora*\n\nNot applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.", + "title": "EnableIAMDatabaseAuthentication", + "type": "boolean" + }, + "EnablePerformanceInsights": { + "markdownDescription": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "EnablePerformanceInsights", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n\nThis property is required when creating a DB instance.\n\n> You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the `Engine` value in your templates from `oracle-ee` to `oracle-ee-cdb` or from `oracle-se2` to `oracle-se2-cdb` . Converting to the CDB architecture requires an interruption. \n\nValid Values:\n\n- `aurora-mysql` (for Aurora MySQL DB instances)\n- `aurora-postgresql` (for Aurora PostgreSQL DB instances)\n- `custom-oracle-ee` (for RDS Custom for Oracle DB instances)\n- `custom-oracle-ee-cdb` (for RDS Custom for Oracle DB instances)\n- `custom-sqlserver-ee` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-se` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-web` (for RDS Custom for SQL Server DB instances)\n- `db2-ae`\n- `db2-se`\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this DB instance.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your DB instance into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the DB instance will fail if the DB major version is past its end of standard support date. \n\nThis setting applies only to RDS for MySQL and RDS for PostgreSQL. For Amazon Aurora DB instances, the life cycle type is managed by the DB cluster.\n\nYou can use this setting to enroll your DB instance into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB instance past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide* .\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use.\n\nFor a list of valid engine versions, use the `DescribeDBEngineVersions` action.\n\nThe following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n\n*Amazon Aurora*\n\nNot applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n\n*Db2*\n\nSee [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*MariaDB*\n\nSee [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Microsoft SQL Server*\n\nSee [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*\n\n*MySQL*\n\nSee [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Oracle*\n\nSee [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*\n\n*PostgreSQL*\n\nSee [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*", + "title": "EngineVersion", + "type": "string" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000.\n\nIf you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\n> If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property. \n\nConstraints:\n\n- For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n- For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n\nIf you specify the `DBSnapshotIdentifier` property, don't specify this property. The `StorageEncrypted` property value is inherited from the snapshot. If the DB instance is encrypted, the specified `KmsKeyId` property is also inherited from the snapshot.\n\nIf you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The KMS key identifier is managed by the DB cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LicenseModel": { + "markdownDescription": "License model information for this DB instance.\n\nValid Values:\n\n- Aurora MySQL - `general-public-license`\n- Aurora PostgreSQL - `postgresql-license`\n- RDS for Db2 - `bring-your-own-license` . For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.*\n- RDS for MariaDB - `general-public-license`\n- RDS for Microsoft SQL Server - `license-included`\n- RDS for MySQL - `general-public-license`\n- RDS for Oracle - `bring-your-own-license` or `license-included`\n- RDS for PostgreSQL - `postgresql-license`\n\n> If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.", + "title": "LicenseModel", + "type": "string" + }, + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" + }, + "MasterUserPassword": { + "markdownDescription": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n\n*Amazon Aurora*\n\nNot applicable. The password for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nMust contain from 8 to 255 characters.\n\n*RDS for MariaDB*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Microsoft SQL Server*\n\nConstraints: Must contain from 8 to 128 characters.\n\n*RDS for MySQL*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Oracle*\n\nConstraints: Must contain from 8 to 30 characters.\n\n*RDS for PostgreSQL*\n\nConstraints: Must contain from 8 to 128 characters.", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/AWS::RDS::DBInstance.MasterUserSecret", + "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*", + "title": "MasterUserSecret" + }, + "MasterUsername": { + "markdownDescription": "The master user name for the DB instance.\n\n> If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n> \n> When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. \n\n*Amazon Aurora*\n\nNot applicable. The name for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MariaDB*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Microsoft SQL Server*\n\nConstraints:\n\n- Must be 1 to 128 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MySQL*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Oracle*\n\nConstraints:\n\n- Must be 1 to 30 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for PostgreSQL*\n\nConstraints:\n\n- Must be 1 to 63 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.", + "title": "MasterUsername", + "type": "string" + }, + "MaxAllocatedStorage": { + "markdownDescription": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (Storage is managed by the DB cluster.)\n- RDS Custom", + "title": "MaxAllocatedStorage", + "type": "number" + }, + "MonitoringInterval": { + "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than `0` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", + "title": "MonitoringInterval", + "type": "number" + }, + "MonitoringRoleArn": { + "markdownDescription": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , then you must supply a `MonitoringRoleArn` value.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "MonitoringRoleArn", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to Amazon Aurora because the DB instance Availability Zones (AZs) are managed by the DB cluster.", + "title": "MultiAZ", + "type": "boolean" + }, + "NcharCharacterSetName": { + "markdownDescription": "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "NcharCharacterSetName", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The network type of the DB instance.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*", + "title": "NetworkType", + "type": "string" + }, + "OptionGroupName": { + "markdownDescription": "Indicates that the DB instance should be associated with the specified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.", + "title": "OptionGroupName", + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n\nFor information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .", + "title": "PerformanceInsightsKMSKeyId", + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB instance without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS returns an error.", + "title": "PerformanceInsightsRetentionPeriod", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which the database accepts connections.\n\nThis setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n\nValid Values: `1150-65535`\n\nDefault:\n\n- RDS for Db2 - `50000`\n- RDS for MariaDB - `3306`\n- RDS for Microsoft SQL Server - `1433`\n- RDS for MySQL - `3306`\n- RDS for Oracle - `1521`\n- RDS for PostgreSQL - `5432`\n\nConstraints:\n\n- For RDS for Microsoft SQL Server, the value can't be `1234` , `1434` , `3260` , `3343` , `3389` , `47001` , or `49152-49156` .", + "title": "Port", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\n*Amazon Aurora*\n\nNot applicable. The daily time range for creating automated backups is managed by the DB cluster.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*\n\n> This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately. \n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBInstance.ProcessorFeature" + }, + "markdownDescription": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances.", + "title": "ProcessorFeatures", + "type": "array" + }, + "PromotionTier": { + "markdownDescription": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nDefault: `1`\n\nValid Values: `0 - 15`", + "title": "PromotionTier", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.\n\nThe default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicaMode": { + "markdownDescription": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .\n\nThis setting is only supported in RDS for Oracle.\n\nDefault: `open-read-only`\n\nValid Values: `open-read-only` or `mounted`", + "title": "ReplicaMode", + "type": "string" + }, + "RestoreTime": { + "markdownDescription": "The date and time to restore from. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must be a time in Universal Coordinated Time (UTC) format.\n- Must be before the latest restorable time for the DB instance.\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled.\n\nExample: `2009-09-07T23:45:00Z`", + "title": "RestoreTime", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n\nConstraints:\n\n- Must be the identifier of an existing Multi-AZ DB cluster.\n- Can't be specified if the `SourceDBInstanceIdentifier` parameter is also specified.\n- The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n- The source DB cluster must be in the same AWS Region as the read replica. Cross-Region replication isn't supported.", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .\n\nThis setting doesn't apply to RDS Custom.", + "title": "SourceDBInstanceAutomatedBackupsArn", + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "markdownDescription": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\nThe `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n\nIf you specify the `UseLatestRestorableTime` or `RestoreTime` properties in conjunction with the `SourceDBInstanceIdentifier` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n\n> - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n> - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n> - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.\n> - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n> - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .\n> - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.", + "title": "SourceDBInstanceIdentifier", + "type": "string" + }, + "SourceDbiResourceId": { + "markdownDescription": "The resource ID of the source DB instance from which to restore.", + "title": "SourceDbiResourceId", + "type": "string" + }, + "SourceRegion": { + "markdownDescription": "The ID of the region that contains the source DB instance for the read replica.", + "title": "SourceRegion", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup.\n\nIf you specify `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the snapshot.\n\n*Amazon Aurora*\n\nNot applicable. The encryption for DB instances is managed by the DB cluster.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageThroughput": { + "markdownDescription": "Specifies the storage throughput value, in mebibyte per second (MiBps), for the DB instance. This setting applies only to the `gp3` storage type.\n\nThis setting doesn't apply to RDS Custom or Amazon Aurora.", + "title": "StorageThroughput", + "type": "number" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB instance.\n\nIf you specify `io1` , `io2` , or `gp3` , you must also include a value for the `Iops` parameter.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n\nValid Values: `gp2 | gp3 | io1 | io2 | standard`\n\nDefault: `io1` , if the `Iops` parameter is specified. Otherwise, `gp3` .", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB instance.", + "title": "Tags", + "type": "array" + }, + "Timezone": { + "markdownDescription": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .", + "title": "Timezone", + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "markdownDescription": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "UseDefaultProcessorFeatures", + "type": "boolean" + }, + "UseLatestRestorableTime": { + "markdownDescription": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Can't be specified if the `RestoreTime` parameter is provided.", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nIf you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.\n\n> You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n> \n> - You can't revert to using an RDS security group after you establish a VPC security group membership.\n> - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n> - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property. \n\nTo avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.\n\n*Amazon Aurora*\n\nNot applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", + "title": "VPCSecurityGroups", + "type": "array" + } + }, + "type": "object" }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", + "Type": { + "enum": [ + "AWS::RDS::DBInstance" + ], "type": "string" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::RDS::DBInstance.CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "markdownDescription": "The CA identifier of the CA certificate used for the DB instance's server certificate.", + "title": "CAIdentifier", "type": "string" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", + "ValidTill": { + "markdownDescription": "The expiration date of the DB instance\u2019s server certificate.", + "title": "ValidTill", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTablePaginatedReportOptions": { + "AWS::RDS::DBInstance.DBInstanceRole": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "FeatureName": { + "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", + "title": "FeatureName", "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "FeatureName", + "RoleArn" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableRowsLabelOptions": { + "AWS::RDS::DBInstance.Endpoint": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", + "Address": { + "markdownDescription": "Specifies the DNS address of the DB instance.", + "title": "Address", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", + "HostedZoneId": { + "markdownDescription": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.", + "title": "HostedZoneId", + "type": "string" + }, + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableSortBy": { + "AWS::RDS::DBInstance.MasterUserSecret": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", - "title": "Column" - }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", + "title": "KmsKeyId", + "type": "string" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values) .", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableSortConfiguration": { + "AWS::RDS::DBInstance.ProcessorFeature": { "additionalProperties": false, "properties": { - "FieldSortOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotFieldSortOptions" - }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", - "type": "array" + "Name": { + "markdownDescription": "The name of the processor feature. Valid names are `coreCount` and `threadsPerCore` .", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a processor feature.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableTotalOptions": { + "AWS::RDS::DBParameterGroup": { "additionalProperties": false, "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" + "Condition": { + "type": "string" }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBParameterGroupName": { + "markdownDescription": "The name of the DB parameter group.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens.\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nIf you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.\n\n> This value is stored as a lowercase string.", + "title": "DBParameterGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `db2-ae`\n- `db2-se`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "Family", + "type": "string" + }, + "Parameters": { + "markdownDescription": "A mapping of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n\nFor more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* , or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .\n\n> AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBParameterGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableVisual": { + "AWS::RDS::DBProxy": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Auth": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxy.AuthFormat" + }, + "markdownDescription": "The authorization mechanism that the proxy uses.", + "title": "Auth", + "type": "array" + }, + "DBProxyName": { + "markdownDescription": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.", + "title": "DBProxyName", + "type": "string" + }, + "DebugLogging": { + "markdownDescription": "Specifies whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.", + "title": "DebugLogging", + "type": "boolean" + }, + "EngineFamily": { + "markdownDescription": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .", + "title": "EngineFamily", + "type": "string" + }, + "IdleClientTimeout": { + "markdownDescription": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.", + "title": "IdleClientTimeout", + "type": "number" + }, + "RequireTLS": { + "markdownDescription": "Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.", + "title": "RequireTLS", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxy.TagFormat" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC security group IDs to associate with the new proxy.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC subnet IDs to associate with the new proxy.", + "title": "VpcSubnetIds", + "type": "array" + } }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "required": [ + "Auth", + "DBProxyName", + "EngineFamily", + "RoleArn", + "VpcSubnetIds" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::RDS::DBProxy" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTotalOptions": { + "AWS::RDS::DBProxy.AuthFormat": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", + "AuthScheme": { + "markdownDescription": "The type of authentication that the proxy uses for connections from the proxy to the underlying database.", + "title": "AuthScheme", "type": "string" }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "ClientPasswordAuthType": { + "markdownDescription": "Specifies the details of authentication used by a proxy to log in as a specific database user.", + "title": "ClientPasswordAuthType", "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "Description": { + "markdownDescription": "A user-specified description about the authentication used by a proxy to log in as a specific database user.", + "title": "Description", "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation options for each value field.", - "title": "TotalAggregationOptions", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "IAMAuth": { + "markdownDescription": "A value that indicates whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. The `ENABLED` value is valid only for proxies with RDS for Microsoft SQL Server.", + "title": "IAMAuth", "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PredefinedHierarchy": { + "AWS::RDS::DBProxy.TagFormat": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" - }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "Key": { + "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Key", + "type": "string" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", + "Value": { + "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Value", "type": "string" } }, - "required": [ - "Columns", - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Template.ProgressBarOptions": { + "AWS::RDS::DBProxyEndpoint": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the progress bar.", - "title": "Visibility", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.RadarChartAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The aggregated field well categories of a radar chart.", - "title": "Category", - "type": "array" }, - "Color": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBProxyEndpointName": { + "markdownDescription": "The name of the DB proxy endpoint to create.", + "title": "DBProxyEndpointName", + "type": "string" + }, + "DBProxyName": { + "markdownDescription": "The name of the DB proxy associated with the DB proxy endpoint that you create.", + "title": "DBProxyName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxyEndpoint.TagFormat" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "title": "Tags", + "type": "array" + }, + "TargetRole": { + "markdownDescription": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.", + "title": "TargetRole", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.", + "title": "VpcSubnetIds", + "type": "array" + } }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", - "title": "Values", - "type": "array" + "required": [ + "DBProxyEndpointName", + "DBProxyName", + "VpcSubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBProxyEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.RadarChartAreaStyleSettings": { + "AWS::RDS::DBProxyEndpoint.TagFormat": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", + "Key": { + "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartConfiguration": { + "AWS::RDS::DBProxyTargetGroup": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" - }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" - }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", + "Condition": { "type": "string" }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", - "title": "CategoryLabelOptions" - }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", - "title": "ColorLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", - "title": "FieldWells" + "Metadata": { + "type": "object" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionPoolConfigurationInfo": { + "$ref": "#/definitions/AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat", + "markdownDescription": "Displays the settings that control the size and behavior of the connection pool associated with a `DBProxyTarget` .", + "title": "ConnectionPoolConfigurationInfo" + }, + "DBClusterIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more DB cluster identifiers.", + "title": "DBClusterIdentifiers", + "type": "array" + }, + "DBInstanceIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more DB instance identifiers.", + "title": "DBInstanceIdentifiers", + "type": "array" + }, + "DBProxyName": { + "markdownDescription": "The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .", + "title": "DBProxyName", + "type": "string" + }, + "TargetGroupName": { + "markdownDescription": "The identifier for the target group.\n\n> Currently, this property must be set to `default` .", + "title": "TargetGroupName", + "type": "string" + } + }, + "required": [ + "DBProxyName", + "TargetGroupName" + ], + "type": "object" }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", + "Type": { + "enum": [ + "AWS::RDS::DBProxyTargetGroup" + ], "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", - "title": "SortConfiguration" - }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.RadarChartFieldWells": { - "additionalProperties": false, - "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.RadarChartSeriesSettings": { - "additionalProperties": false, - "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.RadarChartSortConfiguration": { + "AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", - "title": "CategoryItemsLimit" + "ConnectionBorrowTimeout": { + "markdownDescription": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. This setting only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.\n\nDefault: `120`\n\nConstraints:\n\n- Must be between 0 and 300.", + "title": "ConnectionBorrowTimeout", + "type": "number" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The category sort options of a radar chart.", - "title": "CategorySort", - "type": "array" + "InitQuery": { + "markdownDescription": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query\n\n> Since you can access initialization query as part of target group configuration, it is not protected by authentication or cryptographic methods. Anyone with access to view or manage your proxy target group configuration can view the initialization query. You should not add sensitive data, such as passwords or long-lived encryption keys, to this option.", + "title": "InitQuery", + "type": "string" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", - "title": "ColorItemsLimit" + "MaxConnectionsPercent": { + "markdownDescription": "The maximum size of the connection pool for each target in a target group. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.\n\nIf you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.\n\nDefault: `10` for RDS for Microsoft SQL Server, and `100` for all other engines\n\nConstraints:\n\n- Must be between 1 and 100.", + "title": "MaxConnectionsPercent", + "type": "number" }, - "ColorSort": { + "MaxIdleConnectionsPercent": { + "markdownDescription": "A value that controls how actively the proxy closes idle database connections in the connection pool. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.\n\nIf you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .\n\nDefault: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is `5` , and for all other engines, the default is `50` .\n\nConstraints:\n\n- Must be between 0 and the value of `MaxConnectionsPercent` .", + "title": "MaxIdleConnectionsPercent", + "type": "number" + }, + "SessionPinningFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The color sort configuration of a radar chart.", - "title": "ColorSort", + "markdownDescription": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior.\n\nDefault: no session pinning filters", + "title": "SessionPinningFilters", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartVisual": { + "AWS::RDS::DBSecurityGroup": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "DBSecurityGroupIngress": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBSecurityGroup.Ingress" + }, + "markdownDescription": "Ingress rules to be applied to the DB security group.", + "title": "DBSecurityGroupIngress", + "type": "array" + }, + "EC2VpcId": { + "markdownDescription": "The identifier of an Amazon virtual private cloud (VPC). This property indicates the VPC that this DB security group belongs to.\n\n> This property is included for backwards compatibility and is no longer recommended for providing security information to an RDS DB instance.", + "title": "EC2VpcId", + "type": "string" + }, + "GroupDescription": { + "markdownDescription": "Provides the description of the DB security group.", + "title": "GroupDescription", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSecurityGroupIngress", + "GroupDescription" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::RDS::DBSecurityGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.RangeEndsLabelType": { + "AWS::RDS::DBSecurityGroup.Ingress": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the range ends label.", - "title": "Visibility", + "CIDRIP": { + "markdownDescription": "The IP range to authorize.", + "title": "CIDRIP", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLine": { - "additionalProperties": false, - "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "EC2SecurityGroupId": { + "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupId", + "type": "string" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupName", "type": "string" }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" - } - }, - "required": [ - "DataConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", + "EC2SecurityGroupOwnerId": { + "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupOwnerId", "type": "string" } }, - "required": [ - "CustomLabel" - ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineDataConfiguration": { + "AWS::RDS::DBSecurityGroupIngress": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", + "Condition": { "type": "string" }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" - }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration": { - "additionalProperties": false, - "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" - }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" - } - }, - "required": [ - "Calculation", - "Column" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLineLabelConfiguration": { - "additionalProperties": false, - "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", - "type": "string" + "Metadata": { + "type": "object" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "CIDRIP": { + "markdownDescription": "The IP range to authorize.", + "title": "CIDRIP", + "type": "string" + }, + "DBSecurityGroupName": { + "markdownDescription": "The name of the DB security group to add authorization to.", + "title": "DBSecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupId": { + "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupId", + "type": "string" + }, + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupOwnerId": { + "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" + } + }, + "required": [ + "DBSecurityGroupName" + ], + "type": "object" }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", + "Type": { + "enum": [ + "AWS::RDS::DBSecurityGroupIngress" + ], "type": "string" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" - }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" - } - }, "required": [ - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineStyleConfiguration": { + "AWS::RDS::DBShardGroup": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", + "Condition": { "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration": { - "additionalProperties": false, - "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Metadata": { + "type": "object" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "ComputeRedundancy": { + "markdownDescription": "Specifies whether to create standby standby DB data access shard for the DB shard group. Valid values are the following:\n\n- 0 - Creates a DB shard group without a standby DB data access shard. This is the default value.\n- 1 - Creates a DB shard group with a standby DB data access shard in a different Availability Zone (AZ).\n- 2 - Creates a DB shard group with two standby DB data access shard in two different AZs.", + "title": "ComputeRedundancy", + "type": "number" + }, + "DBClusterIdentifier": { + "markdownDescription": "The name of the primary DB cluster for the DB shard group.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBShardGroupIdentifier": { + "markdownDescription": "The name of the DB shard group.", + "title": "DBShardGroupIdentifier", + "type": "string" + }, + "MaxACU": { + "markdownDescription": "The maximum capacity of the DB shard group in Aurora capacity units (ACUs).", + "title": "MaxACU", + "type": "number" + }, + "MinACU": { + "markdownDescription": "The minimum capacity of the DB shard group in Aurora capacity units (ACUs).", + "title": "MinACU", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the DB shard group is publicly accessible.\n\nWhen the DB shard group is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB shard group's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB shard group's VPC. Access to the DB shard group is ultimately controlled by the security group it uses. That public access is not permitted if the security group assigned to the DB shard group doesn't permit it.\n\nWhen the DB shard group isn't publicly accessible, it is an internal DB shard group with a DNS name that resolves to a private IP address.\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB shard group is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB shard group is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB shard group is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB shard group is public.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the DB shard group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBClusterIdentifier", + "MaxACU" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBShardGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.RelativeDatesFilter": { + "AWS::RDS::DBSubnetGroup": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "Metadata": { + "type": "object" }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DBSubnetGroupDescription": { + "markdownDescription": "The description for the DB subnet group.", + "title": "DBSubnetGroupDescription", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints:\n\n- Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n- Must not be default.\n- First character must be a letter.\n\nExample: `mydbsubnetgroup`", + "title": "DBSubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The EC2 Subnet IDs for the DB subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB subnet group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSubnetGroupDescription", + "SubnetIds" + ], + "type": "object" }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", - "type": "number" + "Type": { + "enum": [ + "AWS::RDS::DBSubnetGroup" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.ResourcePermission": { + "AWS::RDS::EventSubscription": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n\n> RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide* .", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are supplied, `SourceType` must also be provided.\n- If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.\n- If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.\n- If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.\n- If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.\n- If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.\n- If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.\n- If the source type is an RDS Proxy, a `DBProxyName` value must be supplied.", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to `db-instance` . For RDS Proxy events, specify `db-proxy` . If this value isn't specified, all events are returned.\n\nValid Values: `db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment`", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be less than 255 characters.", + "title": "SubscriptionName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional array of key-value pairs to apply to this subscription.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" + "required": [ + "SnsTopicArn" + ], + "type": "object" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "Type": { + "enum": [ + "AWS::RDS::EventSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Actions", - "Principal" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.RollingDateConfiguration": { + "AWS::RDS::GlobalCluster": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "Condition": { "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", - "title": "Expression", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "Expression" - ], - "type": "object" - }, - "AWS::QuickSight::Template.RowAlternateColorOptions": { - "additionalProperties": false, - "properties": { - "RowAlternateColors": { - "items": { - "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "Specifies whether to enable deletion protection for the new global database cluster. The global database can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The database engine to use for this global database cluster.\n\nValid Values: `aurora-mysql | aurora-postgresql`\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine of the source DB cluster.", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this global database cluster.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your global cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the global cluster will fail if the DB major version is past its end of standard support date. \n\nThis setting only applies to Aurora PostgreSQL-based global databases.\n\nYou can use this setting to enroll your global cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your global cluster past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* .\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The engine version to use for this global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine version of the source DB cluster.", + "title": "EngineVersion", + "type": "string" + }, + "GlobalClusterIdentifier": { + "markdownDescription": "The cluster identifier for this global database cluster. This parameter is stored as a lowercase string.", + "title": "GlobalClusterIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database.\n\nIf you provide a value for this parameter, don't specify values for the following settings because Amazon Aurora uses the values from the specified source DB cluster:\n\n- `DatabaseName`\n- `Engine`\n- `EngineVersion`\n- `StorageEncrypted`", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Specifies whether to enable storage encryption for the new global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the setting from the source DB cluster.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", - "type": "array" + "type": "object" }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", + "Type": { + "enum": [ + "AWS::RDS::GlobalCluster" + ], "type": "string" }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.SameSheetTargetVisualConfiguration": { + "AWS::RDS::GlobalCluster.GlobalEndpoint": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", + "Address": { + "markdownDescription": "The writer endpoint for the new global database cluster. This endpoint always points to the writer DB instance in the current primary cluster.", + "title": "Address", "type": "string" - }, - "TargetVisuals": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", - "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells": { + "AWS::RDS::Integration": { "additionalProperties": false, "properties": { - "Destination": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", - "type": "array" + "Condition": { + "type": "string" }, - "Source": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Weight": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *AWS Key Management Service Developer Guide* .\n\nYou can only include this parameter if you specify the `KMSKeyId` parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "DataFilter": { + "markdownDescription": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse.", + "title": "DataFilter", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the integration.", + "title": "Description", + "type": "string" + }, + "IntegrationName": { + "markdownDescription": "The name of the integration.", + "title": "IntegrationName", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS Key Management System ( AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key.", + "title": "KMSKeyId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database to use as the source for replication.", + "title": "SourceArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional array of key-value pairs to apply to this integration.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The ARN of the Redshift data warehouse to use as the target for replication.", + "title": "TargetArn", + "type": "string" + } }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SankeyDiagramChartConfiguration": { - "additionalProperties": false, - "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", - "title": "DataLabels" + "required": [ + "SourceArn", + "TargetArn" + ], + "type": "object" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "FieldWells" + "Type": { + "enum": [ + "AWS::RDS::Integration" + ], + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", - "title": "SortConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SankeyDiagramFieldWells": { - "additionalProperties": false, - "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramSortConfiguration": { + "AWS::RDS::OptionGroup": { "additionalProperties": false, "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" + "Condition": { + "type": "string" }, - "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "WeightSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SankeyDiagramVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", - "title": "ChartConfiguration" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "EngineName": { + "markdownDescription": "Specifies the name of the engine that this option group should be associated with.\n\nValid Values:\n\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "EngineName", + "type": "string" + }, + "MajorEngineVersion": { + "markdownDescription": "Specifies the major version of the engine that this option group should be associated with.", + "title": "MajorEngineVersion", + "type": "string" + }, + "OptionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionConfiguration" + }, + "markdownDescription": "A list of all available options for an option group.", + "title": "OptionConfigurations", + "type": "array" + }, + "OptionGroupDescription": { + "markdownDescription": "The description of the option group.", + "title": "OptionGroupDescription", + "type": "string" + }, + "OptionGroupName": { + "markdownDescription": "The name of the option group to be created.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nExample: `myoptiongroup`\n\nIf you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.\n\n> This value is stored as a lowercase string.", + "title": "OptionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the option group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "EngineName", + "MajorEngineVersion", + "OptionGroupDescription" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::RDS::OptionGroup" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::RDS::OptionGroup.OptionConfiguration": { "additionalProperties": false, "properties": { - "Category": { + "DBSecurityGroupMemberships": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "type": "string" }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", + "markdownDescription": "A list of DB security groups used for this option.", + "title": "DBSecurityGroupMemberships", "type": "array" }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" + "OptionName": { + "markdownDescription": "The configuration of options to include in a group.", + "title": "OptionName", + "type": "string" }, - "Size": { + "OptionSettings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionSetting" }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", + "markdownDescription": "The option settings to include in an option group.", + "title": "OptionSettings", "type": "array" }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", - "type": "array" + "OptionVersion": { + "markdownDescription": "The version for the option.", + "title": "OptionVersion", + "type": "string" }, - "YAxis": { + "Port": { + "markdownDescription": "The optional port for the option.", + "title": "Port", + "type": "number" + }, + "VpcSecurityGroupMemberships": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", + "markdownDescription": "A list of VPC security group names used for this option.", + "title": "VpcSecurityGroupMemberships", "type": "array" } }, + "required": [ + "OptionName" + ], "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotConfiguration": { + "AWS::RDS::OptionGroup.OptionSetting": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" - }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" + "Name": { + "markdownDescription": "The name of the option that has settings that you can set.", + "title": "Name", + "type": "string" }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" + "Value": { + "markdownDescription": "The current value of the option setting.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotFieldWells": { + "AWS::RUM::AppMonitor": { "additionalProperties": false, "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" + "Condition": { + "type": "string" }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppMonitorConfiguration": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.AppMonitorConfiguration", + "markdownDescription": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions.", + "title": "AppMonitorConfiguration" + }, + "CustomEvents": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.CustomEvents", + "markdownDescription": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` .", + "title": "CustomEvents" + }, + "CwLogEnabled": { + "markdownDescription": "Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges.\n\nIf you omit this parameter, the default is `false` .", + "title": "CwLogEnabled", + "type": "boolean" + }, + "DeobfuscationConfiguration": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.DeobfuscationConfiguration", + "markdownDescription": "A structure that contains the configuration for how an app monitor can deobfuscate stack traces.", + "title": "DeobfuscationConfiguration" + }, + "Domain": { + "markdownDescription": "The top-level internet domain name for which your application has administrative authority. This parameter or the `DomainList` parameter is required.", + "title": "Domain", + "type": "string" + }, + "DomainList": { + "items": { + "type": "string" + }, + "markdownDescription": "List the domain names for which your application has administrative authority. This parameter or the `Domain` parameter is required.\n\nYou can have a minimum of 1 and a maximum of 5 `Domain` under `DomainList` . Each `Domain` must be a minimum length of 1 and a maximum of 253 characters.", + "title": "DomainList", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the app monitor. This parameter is required.", + "title": "Name", + "type": "string" + }, + "ResourcePolicy": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.ResourcePolicy", + "markdownDescription": "Use this structure to assign a resource-based policy to a CloudWatch RUM app monitor to control access to it. Each app monitor can have one resource-based policy. The maximum size of the policy is 4 KB. To learn more about using resource policies with RUM, see [Using resource-based policies with CloudWatch RUM](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html) .", + "title": "ResourcePolicy" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RUM::AppMonitor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells": { + "AWS::RUM::AppMonitor.AppMonitorConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" + "AllowCookies": { + "markdownDescription": "If you set this to `true` , the CloudWatch RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the CloudWatch RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page.", + "title": "AllowCookies", + "type": "boolean" }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" + "EnableXRay": { + "markdownDescription": "If you set this to `true` , CloudWatch RUM sends client-side traces to X-Ray for each sampled session. You can then see traces and segments from these user sessions in the RUM dashboard and the CloudWatch ServiceLens console. For more information, see [What is AWS X-Ray ?](https://docs.aws.amazon.com/xray/latest/devguide/aws-xray.html)", + "title": "EnableXRay", + "type": "boolean" }, - "Size": { + "ExcludedPages": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", + "markdownDescription": "A list of URLs in your website or application to exclude from RUM data collection.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", + "title": "ExcludedPages", "type": "array" }, - "XAxis": { + "FavoritePages": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "type": "string" }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", + "markdownDescription": "A list of pages in your application that are to be displayed with a \"favorite\" icon in the CloudWatch RUM console.", + "title": "FavoritePages", "type": "array" }, - "YAxis": { + "GuestRoleArn": { + "markdownDescription": "The ARN of the guest IAM role that is attached to the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", + "title": "GuestRoleArn", + "type": "string" + }, + "IdentityPoolId": { + "markdownDescription": "The ID of the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", + "title": "IdentityPoolId", + "type": "string" + }, + "IncludedPages": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "type": "string" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", + "markdownDescription": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", + "title": "IncludedPages", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ScatterPlotVisual": { - "additionalProperties": false, - "properties": { - "Actions": { + }, + "MetricDestinations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDestination" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "An array of structures that each define a destination that this app monitor will send extended metrics to.", + "title": "MetricDestinations", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "SessionSampleRate": { + "markdownDescription": "Specifies the portion of user sessions to use for CloudWatch RUM data collection. Choosing a higher portion gives you more data but also incurs more costs.\n\nThe range for this value is 0 to 1 inclusive. Setting this to 1 means that 100% of user sessions are sampled, and setting it to 0.1 means that 10% of user sessions are sampled.\n\nIf you omit this parameter, the default of 0.1 is used, and 10% of sessions will be sampled.", + "title": "SessionSampleRate", + "type": "number" }, - "ColumnHierarchies": { + "Telemetries": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "An array that lists the types of telemetry data that this app monitor is to collect.\n\n- `errors` indicates that RUM collects data about unhandled JavaScript errors raised by your application.\n- `performance` indicates that RUM collects performance data about how your application and its resources are loaded and rendered. This includes Core Web Vitals.\n- `http` indicates that RUM collects data about HTTP errors thrown by your application.", + "title": "Telemetries", "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ScrollBarOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", - "type": "string" - }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SecondaryValueOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", - "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SectionAfterPageBreak": { + "AWS::RUM::AppMonitor.CustomEvents": { "additionalProperties": false, "properties": { "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "markdownDescription": "Set this to `ENABLED` to allow the web client to send custom events for this app monitor.\n\nValid values are `ENABLED` and `DISABLED` .", "title": "Status", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions": { + "AWS::RUM::AppMonitor.DeobfuscationConfiguration": { "additionalProperties": false, "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" + "JavaScriptSourceMaps": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.JavaScriptSourceMaps", + "markdownDescription": "A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps.", + "title": "JavaScriptSourceMaps" } }, "type": "object" }, - "AWS::QuickSight::Template.SectionBasedLayoutConfiguration": { + "AWS::RUM::AppMonitor.JavaScriptSourceMaps": { "additionalProperties": false, "properties": { - "BodySections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionConfiguration" - }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", - "type": "array" - }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" - }, - "FooterSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", - "type": "array" + "S3Uri": { + "markdownDescription": "The S3Uri of the bucket or folder that stores the source map files. It is required if status is ENABLED.", + "title": "S3Uri", + "type": "string" }, - "HeaderSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", - "type": "array" + "Status": { + "markdownDescription": "Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be `DISABLED` .", + "title": "Status", + "type": "string" } }, "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" + "Status" ], "type": "object" }, - "AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions": { + "AWS::RUM::AppMonitor.MetricDefinition": { "additionalProperties": false, "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" + "DimensionKeys": { + "additionalProperties": true, + "markdownDescription": "This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch . The value of this field is used only if the metric destination is `CloudWatch` . If the metric destination is `Evidently` , the value of `DimensionKeys` is ignored.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DimensionKeys", + "type": "object" }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", + "EventPattern": { + "markdownDescription": "The pattern that defines the metric. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination.\n\nIf the metrics destination is `CloudWatch` and the event also matches a value in `DimensionKeys` , then the metric is published with the specified dimensions.", + "title": "EventPattern", "type": "string" }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", + "Name": { + "markdownDescription": "The name of the metric that is defined in this structure.", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SectionLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" - } - }, - "required": [ - "FreeFormLayout" - ], - "type": "object" - }, - "AWS::QuickSight::Template.SectionPageBreakConfiguration": { - "additionalProperties": false, - "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SectionStyle": { - "additionalProperties": false, - "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", + }, + "Namespace": { + "markdownDescription": "If you are creating a custom metric instead of an extended metrics, use this parameter to define the metric namespace for that custom metric. Do not specify this parameter if you are creating an extended metric.\n\nYou can't use any string that starts with `AWS/` for your namespace.", + "title": "Namespace", "type": "string" }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration": { - "additionalProperties": false, - "properties": { - "SheetVisualScopingConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetVisualScopingConfiguration" - }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SeriesItem": { - "additionalProperties": false, - "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" + "UnitLabel": { + "markdownDescription": "Use this field only if you are sending this metric to CloudWatch . It defines the CloudWatch metric unit that this metric is measured in.", + "title": "UnitLabel", + "type": "string" }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" + "ValueKey": { + "markdownDescription": "The field within the event object that the metric value is sourced from.", + "title": "ValueKey", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::QuickSight::Template.SetParameterValueConfiguration": { + "AWS::RUM::AppMonitor.MetricDestination": { "additionalProperties": false, "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", + "Destination": { + "markdownDescription": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently` . If you specify `Evidently` , you must also specify the ARN of the CloudWatch Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.", + "title": "Destination", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" + "DestinationArn": { + "markdownDescription": "Use this parameter only if `Destination` is `Evidently` . This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.", + "title": "DestinationArn", + "type": "string" + }, + "IamRoleArn": { + "markdownDescription": "This parameter is required if `Destination` is `Evidently` . If `Destination` is `CloudWatch` , do not use this parameter.\n\nThis parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment.", + "title": "IamRoleArn", + "type": "string" + }, + "MetricDefinitions": { + "items": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDefinition" + }, + "markdownDescription": "An array of structures which define the metrics that you want to send.", + "title": "MetricDefinitions", + "type": "array" } }, "required": [ - "DestinationParameterName", - "Value" + "Destination" ], "type": "object" }, - "AWS::QuickSight::Template.ShapeConditionalFormat": { + "AWS::RUM::AppMonitor.ResourcePolicy": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "PolicyDocument": { + "markdownDescription": "The JSON to use as the resource policy. The document can be up to 4 KB in size. For more information about the contents and syntax for this policy, see [Using resource-based policies with CloudWatch RUM](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html) .", + "title": "PolicyDocument", + "type": "string" + }, + "PolicyRevisionId": { + "markdownDescription": "A string value that you can use to conditionally update your policy. You can provide the revision ID of your existing policy to make mutating requests against that policy.\n\nWhen you assign a policy revision ID, then later requests about that policy will be rejected with an `InvalidPolicyRevisionIdException` error if they don't provide the correct current revision ID.", + "title": "PolicyRevisionId", + "type": "string" } }, "required": [ - "BackgroundColor" + "PolicyDocument" ], "type": "object" }, - "AWS::QuickSight::Template.Sheet": { + "AWS::Rbin::Rule": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "Condition": { "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The retention rule description.", + "title": "Description", + "type": "string" + }, + "ExcludeResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Rbin::Rule.ResourceTag" + }, + "markdownDescription": "[Region-level retention rules only] Specifies the exclusion tags to use to identify resources that are to be excluded, or ignored, by a Region-level retention rule. Resources that have any of these tags are not retained by the retention rule upon deletion.\n\nYou can't specify exclusion tags for tag-level retention rules.", + "title": "ExcludeResourceTags", + "type": "array" + }, + "LockConfiguration": { + "$ref": "#/definitions/AWS::Rbin::Rule.UnlockDelay", + "markdownDescription": "Information about the retention rule lock configuration.", + "title": "LockConfiguration" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Rbin::Rule.ResourceTag" + }, + "markdownDescription": "[Tag-level retention rules only] Specifies the resource tags to use to identify resources that are to be retained by a tag-level retention rule. For tag-level retention rules, only deleted resources, of the specified resource type, that have one or more of the specified tag key and value pairs are retained. If a resource is deleted, but it does not have any of the specified tag key and value pairs, it is immediately deleted without being retained by the retention rule.\n\nYou can add the same tag key and value pair to a maximum or five retention rules.\n\nTo create a Region-level retention rule, omit this parameter. A Region-level retention rule does not have any resource tags specified. It retains all deleted resources of the specified resource type in the Region in which the rule is created, even if the resources are not tagged.", + "title": "ResourceTags", + "type": "array" + }, + "ResourceType": { + "markdownDescription": "The resource type to be retained by the retention rule. Currently, only Amazon EBS snapshots and EBS-backed AMIs are supported. To retain snapshots, specify `EBS_SNAPSHOT` . To retain EBS-backed AMIs, specify `EC2_IMAGE` .", + "title": "ResourceType", + "type": "string" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::Rbin::Rule.RetentionPeriod", + "markdownDescription": "Information about the retention period for which the retention rule is to retain resources.", + "title": "RetentionPeriod" + }, + "Status": { + "markdownDescription": "The state of the retention rule. Only retention rules that are in the `available` state retain resources.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Information about the tags to assign to the retention rule.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ResourceType", + "RetentionPeriod" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rbin::Rule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SheetControlInfoIconLabelOptions": { + "AWS::Rbin::Rule.ResourceTag": { "additionalProperties": false, "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", + "ResourceTagKey": { + "markdownDescription": "The tag key.", + "title": "ResourceTagKey", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", + "ResourceTagValue": { + "markdownDescription": "The tag value.", + "title": "ResourceTagValue", "type": "string" } }, + "required": [ + "ResourceTagKey", + "ResourceTagValue" + ], "type": "object" }, - "AWS::QuickSight::Template.SheetControlLayout": { + "AWS::Rbin::Rule.RetentionPeriod": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" + "RetentionPeriodUnit": { + "markdownDescription": "The unit of time in which the retention period is measured. Currently, only `DAYS` is supported.", + "title": "RetentionPeriodUnit", + "type": "string" + }, + "RetentionPeriodValue": { + "markdownDescription": "The period value for which the retention rule is to retain resources. The period is measured using the unit specified for *RetentionPeriodUnit* .", + "title": "RetentionPeriodValue", + "type": "number" } }, "required": [ - "Configuration" + "RetentionPeriodUnit", + "RetentionPeriodValue" ], "type": "object" }, - "AWS::QuickSight::Template.SheetControlLayoutConfiguration": { + "AWS::Rbin::Rule.UnlockDelay": { "additionalProperties": false, "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" + "UnlockDelayUnit": { + "markdownDescription": "The unit of time in which to measure the unlock delay. Currently, the unlock delay can be measure only in days.", + "title": "UnlockDelayUnit", + "type": "string" + }, + "UnlockDelayValue": { + "markdownDescription": "The unlock delay period, measured in the unit specified for *UnlockDelayUnit* .", + "title": "UnlockDelayValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.SheetDefinition": { + "AWS::Redshift::Cluster": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", + "Condition": { "type": "string" }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FilterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterControl" - }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", - "type": "array" - }, - "Layouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Layout" - }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterControl" - }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", - "type": "array" + "Metadata": { + "type": "object" }, - "SheetControlLayouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayout" + "Properties": { + "additionalProperties": false, + "properties": { + "AllowVersionUpgrade": { + "markdownDescription": "If `true` , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster.\n\nWhen a new major version of the Amazon Redshift engine is released, you can request that the service automatically apply upgrades during the maintenance window to the Amazon Redshift engine that is running on your cluster.\n\nDefault: `true`", + "title": "AllowVersionUpgrade", + "type": "boolean" + }, + "AquaConfigurationStatus": { + "markdownDescription": "This parameter is retired. It does not set the AQUA configuration status. Amazon Redshift automatically determines whether to use AQUA (Advanced Query Accelerator).", + "title": "AquaConfigurationStatus", + "type": "string" + }, + "AutomatedSnapshotRetentionPeriod": { + "markdownDescription": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with [CreateClusterSnapshot](https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html) in the *Amazon Redshift API Reference* .\n\nDefault: `1`\n\nConstraints: Must be a value from 0 to 35.", + "title": "AutomatedSnapshotRetentionPeriod", + "type": "number" + }, + "AvailabilityZone": { + "markdownDescription": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n\nDefault: A random, system-chosen Availability Zone in the region that is specified by the endpoint.\n\nExample: `us-east-2d`\n\nConstraint: The specified Availability Zone must be in the same region as the current endpoint.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneRelocation": { + "markdownDescription": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster is created.", + "title": "AvailabilityZoneRelocation", + "type": "boolean" + }, + "AvailabilityZoneRelocationStatus": { + "markdownDescription": "Describes the status of the Availability Zone relocation operation.", + "title": "AvailabilityZoneRelocationStatus", + "type": "string" + }, + "Classic": { + "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", + "title": "Classic", + "type": "boolean" + }, + "ClusterIdentifier": { + "markdownDescription": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. The identifier also appears in the Amazon Redshift console.\n\nConstraints:\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- Alphabetic characters must be lowercase.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n- Must be unique for all clusters within an AWS account .\n\nExample: `myexamplecluster`", + "title": "ClusterIdentifier", + "type": "string" + }, + "ClusterParameterGroupName": { + "markdownDescription": "The name of the parameter group to be associated with this cluster.\n\nDefault: The default Amazon Redshift cluster parameter group. For information about the default parameter group, go to [Working with Amazon Redshift Parameter Groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n\nConstraints:\n\n- Must be 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ClusterParameterGroupName", + "type": "string" + }, + "ClusterSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security groups to be associated with this cluster.\n\nDefault: The default cluster security group for Amazon Redshift.", + "title": "ClusterSecurityGroups", + "type": "array" + }, + "ClusterSubnetGroupName": { + "markdownDescription": "The name of a cluster subnet group to be associated with this cluster.\n\nIf this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).", + "title": "ClusterSubnetGroupName", + "type": "string" + }, + "ClusterType": { + "markdownDescription": "The type of the cluster. When cluster type is specified as\n\n- `single-node` , the *NumberOfNodes* parameter is not required.\n- `multi-node` , the *NumberOfNodes* parameter is required.\n\nValid Values: `multi-node` | `single-node`\n\nDefault: `multi-node`", + "title": "ClusterType", + "type": "string" + }, + "ClusterVersion": { + "markdownDescription": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\n\nThe version selected runs on all the nodes in the cluster.\n\nConstraints: Only version 1.0 is currently available.\n\nExample: `1.0`", + "title": "ClusterVersion", + "type": "string" + }, + "DBName": { + "markdownDescription": "The name of the first database to be created when the cluster is created.\n\nTo create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. For more information, go to [Create a Database](https://docs.aws.amazon.com/redshift/latest/dg/t_creating_database.html) in the Amazon Redshift Database Developer Guide.\n\nDefault: `dev`\n\nConstraints:\n\n- Must contain 1 to 64 alphanumeric characters.\n- Must contain only lowercase letters.\n- Cannot be a word that is reserved by the service. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "DBName", + "type": "string" + }, + "DeferMaintenance": { + "markdownDescription": "A Boolean indicating whether to enable the deferred maintenance window.", + "title": "DeferMaintenance", + "type": "boolean" + }, + "DeferMaintenanceDuration": { + "markdownDescription": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less.", + "title": "DeferMaintenanceDuration", + "type": "number" + }, + "DeferMaintenanceEndTime": { + "markdownDescription": "A timestamp for the end of the time period when we defer maintenance.", + "title": "DeferMaintenanceEndTime", + "type": "string" + }, + "DeferMaintenanceStartTime": { + "markdownDescription": "A timestamp indicating the start time for the deferred maintenance window.", + "title": "DeferMaintenanceStartTime", + "type": "string" + }, + "DestinationRegion": { + "markdownDescription": "The destination region that snapshots are automatically copied to when cross-region snapshot copy is enabled.", + "title": "DestinationRegion", + "type": "string" + }, + "ElasticIp": { + "markdownDescription": "The Elastic IP (EIP) address for the cluster.\n\nConstraints: The cluster must be provisioned in EC2-VPC and publicly-accessible through an Internet gateway. Don't specify the Elastic IP address for a publicly accessible cluster with availability zone relocation turned on. For more information about provisioning clusters in EC2-VPC, go to [Supported Platforms to Launch Your Cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#cluster-platforms) in the Amazon Redshift Cluster Management Guide.", + "title": "ElasticIp", + "type": "string" + }, + "Encrypted": { + "markdownDescription": "If `true` , the data in the cluster is encrypted at rest. If you set the value on this parameter to `false` , the request will fail.\n\nDefault: true", + "title": "Encrypted", + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::Redshift::Cluster.Endpoint", + "markdownDescription": "The connection endpoint.", + "title": "Endpoint" + }, + "EnhancedVpcRouting": { + "markdownDescription": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see [Enhanced VPC Routing](https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html) in the Amazon Redshift Cluster Management Guide.\n\nIf this option is `true` , enhanced VPC routing is enabled.\n\nDefault: false", + "title": "EnhancedVpcRouting", + "type": "boolean" + }, + "HsmClientCertificateIdentifier": { + "markdownDescription": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.", + "title": "HsmClientCertificateIdentifier", + "type": "string" + }, + "HsmConfigurationIdentifier": { + "markdownDescription": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM.", + "title": "HsmConfigurationIdentifier", + "type": "string" + }, + "IamRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.\n\nThe maximum number of IAM roles that you can associate is subject to a quota. For more information, go to [Quotas and limits](https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html) in the *Amazon Redshift Cluster Management Guide* .", + "title": "IamRoles", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LoggingProperties": { + "$ref": "#/definitions/AWS::Redshift::Cluster.LoggingProperties", + "markdownDescription": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.", + "title": "LoggingProperties" + }, + "MaintenanceTrackName": { + "markdownDescription": "An optional parameter for the name of the maintenance track for the cluster. If you don't provide a maintenance track name, the cluster is assigned to the `current` track.", + "title": "MaintenanceTrackName", + "type": "string" + }, + "ManageMasterPassword": { + "markdownDescription": "If `true` , Amazon Redshift uses AWS Secrets Manager to manage this cluster's admin credentials. You can't use `MasterUserPassword` if `ManageMasterPassword` is true. If `ManageMasterPassword` is false or not set, Amazon Redshift uses `MasterUserPassword` for the admin user account's password.", + "title": "ManageMasterPassword", + "type": "boolean" + }, + "ManualSnapshotRetentionPeriod": { + "markdownDescription": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots.\n\nThe value must be either -1 or an integer between 1 and 3,653.", + "title": "ManualSnapshotRetentionPeriod", + "type": "number" + }, + "MasterPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if `ManageMasterPassword` is true.", + "title": "MasterPasswordSecretKmsKeyId", + "type": "string" + }, + "MasterUserPassword": { + "markdownDescription": "The password associated with the admin user account for the cluster that is being created.\n\nYou can't use `MasterUserPassword` if `ManageMasterPassword` is `true` .\n\nConstraints:\n\n- Must be between 8 and 64 characters in length.\n- Must contain at least one uppercase letter.\n- Must contain at least one lowercase letter.\n- Must contain one number.\n- Can be any printable ASCII character (ASCII code 33-126) except `'` (single quote), `\"` (double quote), `\\` , `/` , or `@` .", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUsername": { + "markdownDescription": "The user name associated with the admin user account for the cluster that is being created.\n\nConstraints:\n\n- Must be 1 - 128 alphanumeric characters or hyphens. The user name can't be `PUBLIC` .\n- Must contain only lowercase letters, numbers, underscore, plus sign, period (dot), at symbol (@), or hyphen.\n- The first character must be a letter.\n- Must not contain a colon (:) or a slash (/).\n- Cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "MasterUsername", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "A boolean indicating whether Amazon Redshift should deploy the cluster in two Availability Zones. The default is false.", + "title": "MultiAZ", + "type": "boolean" + }, + "NamespaceResourcePolicy": { + "markdownDescription": "The policy that is attached to a resource.", + "title": "NamespaceResourcePolicy", + "type": "object" + }, + "NodeType": { + "markdownDescription": "The node type to be provisioned for the cluster. For information about node types, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nValid Values: `dc2.large` | `dc2.8xlarge` | `ra3.large` | `ra3.xlplus` | `ra3.4xlarge` | `ra3.16xlarge`", + "title": "NodeType", + "type": "string" + }, + "NumberOfNodes": { + "markdownDescription": "The number of compute nodes in the cluster. This parameter is required when the *ClusterType* parameter is specified as `multi-node` .\n\nFor information about determining how many nodes you need, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nIf you don't specify this parameter, you get a single-node cluster. When requesting a multi-node cluster, you must specify the number of nodes that you want in the cluster.\n\nDefault: `1`\n\nConstraints: Value must be at least 1 and no more than 100.", + "title": "NumberOfNodes", + "type": "number" + }, + "OwnerAccount": { + "markdownDescription": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.", + "title": "OwnerAccount", + "type": "string" + }, + "Port": { + "markdownDescription": "The port number on which the cluster accepts incoming connections.\n\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections.\n\nDefault: `5439`\n\nValid Values:\n\n- For clusters with ra3 nodes - Select a port within the ranges `5431-5455` or `8191-8215` . (If you have an existing cluster with ra3 nodes, it isn't required that you change the port to these ranges.)\n- For clusters with dc2 nodes - Select a port within the range `1150-65535` .", + "title": "Port", + "type": "number" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nDefault: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see [Maintenance Windows](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#rs-maintenance-windows) in Amazon Redshift Cluster Management Guide.\n\nValid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "If `true` , the cluster can be accessed from a public network.\n\nDefault: false", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ResourceAction": { + "markdownDescription": "The Amazon Redshift operation to be performed. Supported operations are `pause-cluster` , `resume-cluster` , and `failover-primary-compute` .", + "title": "ResourceAction", + "type": "string" + }, + "RevisionTarget": { + "markdownDescription": "Describes a `RevisionTarget` object.", + "title": "RevisionTarget", + "type": "string" + }, + "RotateEncryptionKey": { + "markdownDescription": "Rotates the encryption keys for a cluster.", + "title": "RotateEncryptionKey", + "type": "boolean" + }, + "SnapshotClusterIdentifier": { + "markdownDescription": "The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", + "title": "SnapshotClusterIdentifier", + "type": "string" + }, + "SnapshotCopyGrantName": { + "markdownDescription": "The name of the snapshot copy grant.", + "title": "SnapshotCopyGrantName", + "type": "string" + }, + "SnapshotCopyManual": { + "markdownDescription": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.", + "title": "SnapshotCopyManual", + "type": "boolean" + }, + "SnapshotCopyRetentionPeriod": { + "markdownDescription": "The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region .\n\nBy default, this only changes the retention period of copied automated snapshots.\n\nIf you decrease the retention period for automated snapshots that are copied to a destination AWS Region , Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.\n\nConstraints: Must be at least 1 and no more than 35 for automated snapshots.\n\nIf you specify the `manual` option, only newly copied manual snapshots will have the new retention period.\n\nIf you specify the value of -1 newly copied manual snapshots are retained indefinitely.\n\nConstraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.", + "title": "SnapshotCopyRetentionPeriod", + "type": "number" + }, + "SnapshotIdentifier": { + "markdownDescription": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. You must specify this parameter or `snapshotArn` , but not both.\n\nExample: `my-snapshot-id`", + "title": "SnapshotIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag instances.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n\nDefault: The default VPC security group is associated with the cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" + } }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", - "type": "array" + "required": [ + "ClusterType", + "DBName", + "MasterUsername", + "NodeType" + ], + "type": "object" }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", + "Type": { + "enum": [ + "AWS::Redshift::Cluster" + ], "type": "string" }, - "TextBoxes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetTextBox" - }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", - "type": "array" - }, - "Title": { - "markdownDescription": "The title of the sheet.", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "Visuals": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Visual" - }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", - "type": "array" } }, "required": [ - "SheetId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.SheetElementConfigurationOverrides": { + "AWS::Redshift::Cluster.Endpoint": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", + "Address": { + "markdownDescription": "The DNS address of the cluster. This property is read only.", + "title": "Address", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that the database engine is listening on. This property is read only.", + "title": "Port", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SheetElementRenderingRule": { + "AWS::Redshift::Cluster.LoggingProperties": { "additionalProperties": false, "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" + "BucketName": { + "markdownDescription": "The name of an existing S3 bucket where the log files are to be stored.\n\nConstraints:\n\n- Must be in the same region as the cluster\n- The cluster must have read bucket and put object permissions", + "title": "BucketName", + "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", + "LogDestinationType": { + "markdownDescription": "The log destination type. An enum with possible values of `s3` and `cloudwatch` .", + "title": "LogDestinationType", + "type": "string" + }, + "LogExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The collection of exported log types. Possible values are `connectionlog` , `useractivitylog` , and `userlog` .", + "title": "LogExports", + "type": "array" + }, + "S3KeyPrefix": { + "markdownDescription": "The prefix applied to the log file names.\n\nValid characters are any letter from any language, any whitespace character, any numeric character, and the following characters: underscore ( `_` ), period ( `.` ), colon ( `:` ), slash ( `/` ), equal ( `=` ), plus ( `+` ), backslash ( `\\` ), hyphen ( `-` ), at symbol ( `@` ).", + "title": "S3KeyPrefix", "type": "string" } }, - "required": [ - "ConfigurationOverrides", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Template.SheetTextBox": { + "AWS::Redshift::ClusterParameterGroup": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", + "Condition": { "type": "string" }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the parameter group.", + "title": "Description", + "type": "string" + }, + "ParameterGroupFamily": { + "markdownDescription": "The name of the cluster parameter group family that this cluster parameter group is compatible with. You can create a custom parameter group and then associate your cluster with it. For more information, see [Amazon Redshift parameter groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html) .", + "title": "ParameterGroupFamily", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the cluster parameter group.", + "title": "ParameterGroupName", + "type": "string" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::Redshift::ClusterParameterGroup.Parameter" + }, + "markdownDescription": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.\n\nFor each parameter to be modified, you must supply at least the parameter name and parameter value; other name-value pairs of the parameter are optional.\n\nFor the workload management (WLM) configuration, you must supply all the name-value pairs in the wlm_json_configuration parameter.", + "title": "Parameters", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags for the cluster parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "ParameterGroupFamily" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterParameterGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SheetTextBoxId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.SheetVisualScopingConfiguration": { + "AWS::Redshift::ClusterParameterGroup.Parameter": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", + "ParameterName": { + "markdownDescription": "The name of the parameter.", + "title": "ParameterName", "type": "string" }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", + "ParameterValue": { + "markdownDescription": "The value of the parameter. If `ParameterName` is `wlm_json_configuration` , then the maximum size of `ParameterValue` is 8000 characters.", + "title": "ParameterValue", "type": "string" - }, - "VisualIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", - "type": "array" } }, "required": [ - "Scope", - "SheetId" + "ParameterName", + "ParameterValue" ], "type": "object" }, - "AWS::QuickSight::Template.ShortFormatText": { + "AWS::Redshift::ClusterSecurityGroup": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "Condition": { "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the security group.", + "title": "Description", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this security group. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterSecurityGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SimpleClusterMarker": { + "AWS::Redshift::ClusterSecurityGroupIngress": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CIDRIP": { + "markdownDescription": "The IP range to be added the Amazon Redshift security group.", + "title": "CIDRIP", + "type": "string" + }, + "ClusterSecurityGroupName": { + "markdownDescription": "The name of the security group to which the ingress rule is added.", + "title": "ClusterSecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupName": { + "markdownDescription": "The EC2 security group to be added the Amazon Redshift security group.", + "title": "EC2SecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupOwnerId": { + "markdownDescription": "The AWS account number of the owner of the security group specified by the *EC2SecurityGroupName* parameter. The AWS Access Key ID is not an acceptable value.\n\nExample: `111122223333`\n\nConditional. If you specify the `EC2SecurityGroupName` property, you must specify this property.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" + } + }, + "required": [ + "ClusterSecurityGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterSecurityGroupIngress" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SliderControlDisplayOptions": { + "AWS::Redshift::ClusterSubnetGroup": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Condition": { + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the subnet group.", + "title": "Description", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of VPC subnet IDs. A maximum of 20 subnets can be modified in a single request.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this subnet group. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterSubnetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SmallMultiplesAxisProperties": { + "AWS::Redshift::EndpointAccess": { "additionalProperties": false, "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterIdentifier": { + "markdownDescription": "The cluster identifier of the cluster associated with the endpoint.", + "title": "ClusterIdentifier", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "The name of the endpoint.", + "title": "EndpointName", + "type": "string" + }, + "ResourceOwner": { + "markdownDescription": "The AWS account ID of the owner of the cluster.", + "title": "ResourceOwner", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The subnet group name where Amazon Redshift chooses to deploy the endpoint.", + "title": "SubnetGroupName", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "required": [ + "ClusterIdentifier", + "EndpointName", + "SubnetGroupName", + "VpcSecurityGroupIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::EndpointAccess" + ], "type": "string" }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SmallMultiplesOptions": { + "AWS::Redshift::EndpointAccess.NetworkInterface": { "additionalProperties": false, "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", - "type": "number" - }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", - "type": "number" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.", + "title": "AvailabilityZone", + "type": "string" }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" + "NetworkInterfaceId": { + "markdownDescription": "The network interface identifier.", + "title": "NetworkInterfaceId", + "type": "string" }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" + "PrivateIpAddress": { + "markdownDescription": "The IPv4 address of the network interface within the subnet.", + "title": "PrivateIpAddress", + "type": "string" }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" + "SubnetId": { + "markdownDescription": "The subnet identifier.", + "title": "SubnetId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.Spacing": { + "AWS::Redshift::EndpointAccess.VpcEndpoint": { "additionalProperties": false, "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", - "type": "string" - }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", - "type": "string" + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::Redshift::EndpointAccess.NetworkInterface" + }, + "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", + "title": "NetworkInterfaces", + "type": "array" }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", + "VpcEndpointId": { + "markdownDescription": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.", + "title": "VpcEndpointId", "type": "string" }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", + "VpcId": { + "markdownDescription": "The VPC identifier that the endpoint is associated.", + "title": "VpcId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.StringDefaultValues": { + "AWS::Redshift::EndpointAccess.VpcSecurityGroup": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Status": { + "markdownDescription": "The status of the endpoint.", + "title": "Status", + "type": "string" }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "VpcSecurityGroupId": { + "markdownDescription": "The identifier of the VPC security group.", + "title": "VpcSecurityGroupId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.StringFormatConfiguration": { + "AWS::Redshift::EndpointAuthorization": { "additionalProperties": false, "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "Condition": { + "type": "string" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Account": { + "markdownDescription": "The AWS account ID of either the cluster owner (grantor) or grantee. If `Grantee` parameter is true, then the `Account` value is of the grantor.", + "title": "Account", + "type": "string" + }, + "ClusterIdentifier": { + "markdownDescription": "The cluster identifier.", + "title": "ClusterIdentifier", + "type": "string" + }, + "Force": { + "markdownDescription": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted.", + "title": "Force", + "type": "boolean" + }, + "VpcIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The virtual private cloud (VPC) identifiers to grant access to.", + "title": "VpcIds", + "type": "array" + } + }, + "required": [ + "Account", + "ClusterIdentifier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::EndpointAuthorization" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.StringParameterDeclaration": { + "AWS::Redshift::EventSubscription": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Condition": { + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A boolean value; set to `true` to activate the subscription, and set to `false` to create the subscription but not activate it.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the Amazon Redshift event categories to be published by the event notification subscription.\n\nValues: configuration, management, monitoring, security, pending", + "title": "EventCategories", + "type": "array" + }, + "Severity": { + "markdownDescription": "Specifies the Amazon Redshift event severity to be published by the event notification subscription.\n\nValues: ERROR, INFO", + "title": "Severity", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more identifiers of Amazon Redshift source objects. All of the objects must be of the same type as was specified in the source type parameter. The event subscription will return only events generated by the specified objects. If not specified, then events are returned for all objects within the source type specified.\n\nExample: my-cluster-1, my-cluster-2\n\nExample: my-snapshot-20131010", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of source that will be generating the events. For example, if you want to be notified of events generated by a cluster, you would set this parameter to cluster. If this value is not specified, events are returned for all Amazon Redshift objects in your AWS account . You must specify a source type in order to specify source IDs.\n\nValid values: cluster, cluster-parameter-group, cluster-security-group, cluster-snapshot, and scheduled-action.", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the event subscription to be created.\n\nConstraints:\n\n- Cannot be null, empty, or blank.\n- Must contain from 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "SubscriptionName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag instances.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "required": [ + "SubscriptionName" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Type": { + "enum": [ + "AWS::Redshift::EventSubscription" + ], "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, "required": [ - "Name", - "ParameterValueType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.StringValueWhenUnsetConfiguration": { + "AWS::Redshift::Integration": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "Condition": { "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The encryption context for the integration. For more information, see [Encryption context](https://docs.aws.amazon.com/) in the *AWS Key Management Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "IntegrationName": { + "markdownDescription": "The name of the integration.", + "title": "IntegrationName", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key identifier for the key used to encrypt the integration.", + "title": "KMSKeyId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database used as the source for replication.", + "title": "SourceArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags associated with the integration.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Redshift data warehouse to use as the target for replication.", + "title": "TargetArn", + "type": "string" + } + }, + "required": [ + "SourceArn", + "TargetArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::Integration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SubtotalOptions": { + "AWS::Redshift::ScheduledAction": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldLevelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldSubtotalOptions" - }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" + "Metadata": { + "type": "object" }, - "StyleTargets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableStyleTarget" + "Properties": { + "additionalProperties": false, + "properties": { + "Enable": { + "markdownDescription": "If true, the schedule is enabled. If false, the scheduled action does not trigger. For more information about `state` of the scheduled action, see `ScheduledAction` .", + "title": "Enable", + "type": "boolean" + }, + "EndTime": { + "markdownDescription": "The end time in UTC when the schedule is no longer active. After this time, the scheduled action does not trigger.", + "title": "EndTime", + "type": "string" + }, + "IamRole": { + "markdownDescription": "The IAM role to assume to run the scheduled action. This IAM role must have permission to run the Amazon Redshift API operation in the scheduled action. This IAM role must allow the Amazon Redshift scheduler (Principal scheduler.redshift.amazonaws.com) to assume permissions on your behalf. For more information about the IAM role to use with the Amazon Redshift scheduler, see [Using Identity-Based Policies for Amazon Redshift](https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-identity-based.html) in the *Amazon Redshift Cluster Management Guide* .", + "title": "IamRole", + "type": "string" + }, + "Schedule": { + "markdownDescription": "The schedule for a one-time (at format) or recurring (cron format) scheduled action. Schedule invocations must be separated by at least one hour.\n\nFormat of at expressions is \" `at(yyyy-mm-ddThh:mm:ss)` \". For example, \" `at(2016-03-04T17:27:00)` \".\n\nFormat of cron expressions is \" `cron(Minutes Hours Day-of-month Month Day-of-week Year)` \". For example, \" `cron(0 10 ? * MON *)` \". For more information, see [Cron Expressions](https://docs.aws.amazon.com//AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) in the *Amazon CloudWatch Events User Guide* .", + "title": "Schedule", + "type": "string" + }, + "ScheduledActionDescription": { + "markdownDescription": "The description of the scheduled action.", + "title": "ScheduledActionDescription", + "type": "string" + }, + "ScheduledActionName": { + "markdownDescription": "The name of the scheduled action.", + "title": "ScheduledActionName", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time in UTC when the schedule is active. Before this time, the scheduled action does not trigger.", + "title": "StartTime", + "type": "string" + }, + "TargetAction": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ScheduledActionType", + "markdownDescription": "A JSON format string of the Amazon Redshift API operation with input parameters.\n\n\" `{\\\"ResizeCluster\\\":{\\\"NodeType\\\":\\\"ra3.4xlarge\\\",\\\"ClusterIdentifier\\\":\\\"my-test-cluster\\\",\\\"NumberOfNodes\\\":3}}` \".", + "title": "TargetAction" + } }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" + "required": [ + "ScheduledActionName" + ], + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", + "Type": { + "enum": [ + "AWS::Redshift::ScheduledAction" + ], "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TableAggregatedFieldWells": { + "AWS::Redshift::ScheduledAction.PauseClusterMessage": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "ClusterIdentifier": { + "markdownDescription": "The identifier of the cluster to be paused.", + "title": "ClusterIdentifier", + "type": "string" } }, + "required": [ + "ClusterIdentifier" + ], "type": "object" }, - "AWS::QuickSight::Template.TableBorderOptions": { + "AWS::Redshift::ScheduledAction.ResizeClusterMessage": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", + "Classic": { + "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", + "title": "Classic", + "type": "boolean" + }, + "ClusterIdentifier": { + "markdownDescription": "The unique identifier for the cluster to resize.", + "title": "ClusterIdentifier", "type": "string" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", + "ClusterType": { + "markdownDescription": "The new cluster type for the specified cluster.", + "title": "ClusterType", "type": "string" }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", + "NodeType": { + "markdownDescription": "The new node type for the nodes you are adding. If not specified, the cluster's current node type is used.", + "title": "NodeType", + "type": "string" + }, + "NumberOfNodes": { + "markdownDescription": "The new number of nodes for the cluster. If not specified, the cluster's current number of nodes is used.", + "title": "NumberOfNodes", "type": "number" } }, + "required": [ + "ClusterIdentifier" + ], "type": "object" }, - "AWS::QuickSight::Template.TableCellConditionalFormatting": { + "AWS::Redshift::ScheduledAction.ResumeClusterMessage": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "ClusterIdentifier": { + "markdownDescription": "The identifier of the cluster to be resumed.", + "title": "ClusterIdentifier", "type": "string" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" } }, "required": [ - "FieldId" + "ClusterIdentifier" ], "type": "object" }, - "AWS::QuickSight::Template.TableCellImageSizingConfiguration": { + "AWS::Redshift::ScheduledAction.ScheduledActionType": { "additionalProperties": false, "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", - "type": "string" + "PauseCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.PauseClusterMessage", + "markdownDescription": "An action that runs a `PauseCluster` API operation.", + "title": "PauseCluster" + }, + "ResizeCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResizeClusterMessage", + "markdownDescription": "An action that runs a `ResizeCluster` API operation.", + "title": "ResizeCluster" + }, + "ResumeCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResumeClusterMessage", + "markdownDescription": "An action that runs a `ResumeCluster` API operation.", + "title": "ResumeCluster" } }, "type": "object" }, - "AWS::QuickSight::Template.TableCellStyle": { + "AWS::RedshiftServerless::Namespace": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", - "title": "BackgroundColor", + "Condition": { "type": "string" }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Template.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", - "type": "string" + "Metadata": { + "type": "object" }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AdminPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if `ManageAdminPassword` is `true` .", + "title": "AdminPasswordSecretKmsKeyId", + "type": "string" + }, + "AdminUserPassword": { + "markdownDescription": "The password of the administrator for the primary database created in the namespace.", + "title": "AdminUserPassword", + "type": "string" + }, + "AdminUsername": { + "markdownDescription": "The username of the administrator for the primary database created in the namespace.", + "title": "AdminUsername", + "type": "string" + }, + "DbName": { + "markdownDescription": "The name of the primary database created in the namespace.", + "title": "DbName", + "type": "string" + }, + "DefaultIamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", + "title": "DefaultIamRoleArn", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The name of the snapshot to be created before the namespace is deleted.", + "title": "FinalSnapshotName", + "type": "string" + }, + "FinalSnapshotRetentionPeriod": { + "markdownDescription": "How long to retain the final snapshot.", + "title": "FinalSnapshotRetentionPeriod", + "type": "number" + }, + "IamRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IAM roles to associate with the namespace.", + "title": "IamRoles", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", + "title": "KmsKeyId", + "type": "string" + }, + "LogExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of logs the namespace can export. Available export types are `userlog` , `connectionlog` , and `useractivitylog` .", + "title": "LogExports", + "type": "array" + }, + "ManageAdminPassword": { + "markdownDescription": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use `AdminUserPassword` if `ManageAdminPassword` is true. If `ManageAdminPassword` is `false` or not set, Amazon Redshift uses `AdminUserPassword` for the admin user account's password.", + "title": "ManageAdminPassword", + "type": "boolean" + }, + "NamespaceName": { + "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "NamespaceName", + "type": "string" + }, + "NamespaceResourcePolicy": { + "markdownDescription": "The resource policy that will be attached to the namespace.", + "title": "NamespaceResourcePolicy", + "type": "object" + }, + "RedshiftIdcApplicationArn": { + "markdownDescription": "The ARN for the Redshift application that integrates with IAM Identity Center.", + "title": "RedshiftIdcApplicationArn", + "type": "string" + }, + "SnapshotCopyConfigurations": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration" + }, + "markdownDescription": "", + "title": "SnapshotCopyConfigurations", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The map of the key-value pairs used to tag the namespace.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "NamespaceName" + ], + "type": "object" }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", + "Type": { + "enum": [ + "AWS::RedshiftServerless::Namespace" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableConditionalFormattingOption": { + "AWS::RedshiftServerless::Namespace.Namespace": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" + "AdminPasswordSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the namespace's admin user credentials secret.", + "title": "AdminPasswordSecretArn", + "type": "string" }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableConfiguration": { - "additionalProperties": false, - "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" + "AdminPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret.", + "title": "AdminPasswordSecretKmsKeyId", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "AdminUsername": { + "markdownDescription": "The username of the administrator for the first database created in the namespace.", + "title": "AdminUsername", + "type": "string" }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" + "CreationDate": { + "markdownDescription": "The date of when the namespace was created.", + "title": "CreationDate", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" + "DbName": { + "markdownDescription": "The name of the first database created in the namespace.", + "title": "DbName", + "type": "string" }, - "TableInlineVisualizations": { + "DefaultIamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", + "title": "DefaultIamRoleArn", + "type": "string" + }, + "IamRoles": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableInlineVisualization" + "type": "string" }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", + "markdownDescription": "A list of IAM roles to associate with the namespace.", + "title": "IamRoles", "type": "array" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", + "title": "KmsKeyId", + "type": "string" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldCustomIconContent": { - "additionalProperties": false, - "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", + "LogExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of logs the namespace can export. Available export types are User log, Connection log, and User activity log.", + "title": "LogExports", + "type": "array" + }, + "NamespaceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) associated with a namespace.", + "title": "NamespaceArn", + "type": "string" + }, + "NamespaceId": { + "markdownDescription": "The unique identifier of a namespace.", + "title": "NamespaceId", + "type": "string" + }, + "NamespaceName": { + "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "NamespaceName", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the namespace.", + "title": "Status", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TableFieldCustomTextContent": { + "AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" + "DestinationKmsKeyId": { + "markdownDescription": "The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region .", + "title": "DestinationKmsKeyId", + "type": "string" }, - "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", - "title": "Value", + "DestinationRegion": { + "markdownDescription": "The destination AWS Region to copy snapshots to.", + "title": "DestinationRegion", "type": "string" + }, + "SnapshotRetentionPeriod": { + "markdownDescription": "The retention period of snapshots that are copied to the destination AWS Region .", + "title": "SnapshotRetentionPeriod", + "type": "number" } }, "required": [ - "FontConfiguration" + "DestinationRegion" ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldImageConfiguration": { - "additionalProperties": false, - "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldLinkConfiguration": { + "AWS::RedshiftServerless::Snapshot": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "NamespaceName": { + "markdownDescription": "The name of the namepsace.", + "title": "NamespaceName", + "type": "string" + }, + "RetentionPeriod": { + "markdownDescription": "The retention period of the snapshot created by the scheduled action.", + "title": "RetentionPeriod", + "type": "number" + }, + "SnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "SnapshotName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of [Tag objects](https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_Tag.html) to associate with the snapshot.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SnapshotName" + ], + "type": "object" }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", + "Type": { + "enum": [ + "AWS::RedshiftServerless::Snapshot" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Content", - "Target" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldLinkContentConfiguration": { + "AWS::RedshiftServerless::Snapshot.Snapshot": { "additionalProperties": false, "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" + "AdminUsername": { + "markdownDescription": "The username of the database within a snapshot.", + "title": "AdminUsername", + "type": "string" }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldOption": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", + "KmsKeyId": { + "markdownDescription": "The unique identifier of the KMS key used to encrypt the snapshot.", + "title": "KmsKeyId", "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", + "NamespaceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the namespace the snapshot was created from.", + "title": "NamespaceArn", "type": "string" }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" + "NamespaceName": { + "markdownDescription": "The name of the namepsace.", + "title": "NamespaceName", + "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", + "OwnerAccount": { + "markdownDescription": "The owner AWS ; account of the snapshot.", + "title": "OwnerAccount", "type": "string" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", + "RetentionPeriod": { + "markdownDescription": "", + "title": "RetentionPeriod", + "type": "number" + }, + "SnapshotArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the snapshot.", + "title": "SnapshotArn", + "type": "string" + }, + "SnapshotCreateTime": { + "markdownDescription": "The timestamp of when the snapshot was created.", + "title": "SnapshotCreateTime", + "type": "string" + }, + "SnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "SnapshotName", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the snapshot.", + "title": "Status", "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldOptions": { + "AWS::RedshiftServerless::Workgroup": { "additionalProperties": false, "properties": { - "Order": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", - "type": "array" + "Condition": { + "type": "string" }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOption" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BaseCapacity": { + "markdownDescription": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs).", + "title": "BaseCapacity", + "type": "number" + }, + "ConfigParameters": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" + }, + "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ConfigParameters", + "type": "array" + }, + "EnhancedVpcRouting": { + "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", + "title": "EnhancedVpcRouting", + "type": "boolean" + }, + "MaxCapacity": { + "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", + "title": "MaxCapacity", + "type": "number" + }, + "NamespaceName": { + "markdownDescription": "The namespace the workgroup is associated with.", + "title": "NamespaceName", + "type": "string" + }, + "Port": { + "markdownDescription": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.", + "title": "Port", + "type": "number" + }, + "PricePerformanceTarget": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.PerformanceTarget", + "markdownDescription": "An object that represents the price performance target settings for the workgroup.", + "title": "PricePerformanceTarget" + }, + "PubliclyAccessible": { + "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "RecoveryPointId": { + "markdownDescription": "The recovery point id to restore from.", + "title": "RecoveryPointId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs to associate with the workgroup.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the snapshot to restore from.", + "title": "SnapshotArn", + "type": "string" + }, + "SnapshotName": { + "markdownDescription": "The snapshot name to restore from.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotOwnerAccount": { + "markdownDescription": "The Amazon Web Services account that owns the snapshot.", + "title": "SnapshotOwnerAccount", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs the workgroup is associated with.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The map of the key-value pairs used to tag the workgroup.", + "title": "Tags", + "type": "array" + }, + "TrackName": { + "markdownDescription": "An optional parameter for the name of the track for the workgroup. If you don't provide a track name, the workgroup is assigned to the current track.", + "title": "TrackName", + "type": "string" + }, + "Workgroup": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Workgroup", + "markdownDescription": "The collection of computing resources from which an endpoint is created.", + "title": "Workgroup" + }, + "WorkgroupName": { + "markdownDescription": "The name of the workgroup.", + "title": "WorkgroupName", + "type": "string" + } }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldURLConfiguration": { - "additionalProperties": false, - "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" + "required": [ + "WorkgroupName" + ], + "type": "object" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" + "Type": { + "enum": [ + "AWS::RedshiftServerless::Workgroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldWells": { + "AWS::RedshiftServerless::Workgroup.ConfigParameter": { "additionalProperties": false, "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" + "ParameterKey": { + "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ParameterKey", + "type": "string" }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" + "ParameterValue": { + "markdownDescription": "The value of the parameter to set.", + "title": "ParameterValue", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TableInlineVisualization": { + "AWS::RedshiftServerless::Workgroup.Endpoint": { "additionalProperties": false, "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" + "Address": { + "markdownDescription": "The DNS address of the VPC endpoint.", + "title": "Address", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that Amazon Redshift Serverless listens on.", + "title": "Port", + "type": "number" + }, + "VpcEndpoints": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.VpcEndpoint" + }, + "markdownDescription": "An array of `VpcEndpoint` objects.", + "title": "VpcEndpoints", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.TableOptions": { + "AWS::RedshiftServerless::Workgroup.NetworkInterface": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" + "AvailabilityZone": { + "markdownDescription": "The availability Zone.", + "title": "AvailabilityZone", + "type": "string" }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" + "NetworkInterfaceId": { + "markdownDescription": "The unique identifier of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", + "PrivateIpAddress": { + "markdownDescription": "The IPv4 address of the network interface within the subnet.", + "title": "PrivateIpAddress", "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" + "SubnetId": { + "markdownDescription": "The unique identifier of the subnet.", + "title": "SubnetId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TablePaginatedReportOptions": { + "AWS::RedshiftServerless::Workgroup.PerformanceTarget": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", - "type": "string" + "Level": { + "markdownDescription": "The target price performance level for the workgroup. Valid values include 1, 25, 50, 75, and 100. These correspond to the price performance levels LOW_COST, ECONOMICAL, BALANCED, RESOURCEFUL, and HIGH_PERFORMANCE.", + "title": "Level", + "type": "number" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "Status": { + "markdownDescription": "Whether the price performance target is enabled for the workgroup.", + "title": "Status", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TablePinnedFieldOptions": { + "AWS::RedshiftServerless::Workgroup.VpcEndpoint": { "additionalProperties": false, "properties": { - "PinnedLeftFields": { + "NetworkInterfaces": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.NetworkInterface" }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", + "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", + "title": "NetworkInterfaces", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableRowConditionalFormatting": { - "additionalProperties": false, - "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" + "VpcEndpointId": { + "markdownDescription": "The connection endpoint ID for connecting to Amazon Redshift Serverless.", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC identifier that the endpoint is associated with.", + "title": "VpcId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TableSideBorderOptions": { + "AWS::RedshiftServerless::Workgroup.Workgroup": { "additionalProperties": false, "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" + "BaseCapacity": { + "markdownDescription": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).", + "title": "BaseCapacity", + "type": "number" }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" + "ConfigParameters": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" + }, + "markdownDescription": "An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ConfigParameters", + "type": "array" }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" + "CreationDate": { + "markdownDescription": "The creation date of the workgroup.", + "title": "CreationDate", + "type": "string" }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" + "Endpoint": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Endpoint", + "markdownDescription": "The endpoint that is created from the workgroup.", + "title": "Endpoint" }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" + "EnhancedVpcRouting": { + "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", + "title": "EnhancedVpcRouting", + "type": "boolean" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableSortConfiguration": { - "additionalProperties": false, - "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" + "MaxCapacity": { + "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", + "title": "MaxCapacity", + "type": "number" }, - "RowSort": { + "NamespaceName": { + "markdownDescription": "The namespace the workgroup is associated with.", + "title": "NamespaceName", + "type": "string" + }, + "PricePerformanceTarget": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.PerformanceTarget", + "markdownDescription": "An object that represents the price performance target settings for the workgroup.", + "title": "PricePerformanceTarget" + }, + "PubliclyAccessible": { + "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", + "markdownDescription": "An array of security group IDs to associate with the workgroup.", + "title": "SecurityGroupIds", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableStyleTarget": { - "additionalProperties": false, - "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", + }, + "Status": { + "markdownDescription": "The status of the workgroup.", + "title": "Status", "type": "string" - } - }, - "required": [ - "CellType" - ], - "type": "object" - }, - "AWS::QuickSight::Template.TableUnaggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Values": { + }, + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" + "type": "string" }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", + "markdownDescription": "An array of subnet IDs the workgroup is associated with.", + "title": "SubnetIds", "type": "array" + }, + "TrackName": { + "markdownDescription": "The name of the track for the workgroup.", + "title": "TrackName", + "type": "string" + }, + "WorkgroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that links to the workgroup.", + "title": "WorkgroupArn", + "type": "string" + }, + "WorkgroupId": { + "markdownDescription": "The unique identifier of the workgroup.", + "title": "WorkgroupId", + "type": "string" + }, + "WorkgroupName": { + "markdownDescription": "The name of the workgroup.", + "title": "WorkgroupName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TableVisual": { + "AWS::RefactorSpaces::Application": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "ApiGatewayProxy": { + "$ref": "#/definitions/AWS::RefactorSpaces::Application.ApiGatewayProxyInput", + "markdownDescription": "The endpoint URL of the Amazon API Gateway proxy.", + "title": "ApiGatewayProxy" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", + "type": "string" + }, + "ProxyType": { + "markdownDescription": "The proxy type of the proxy created within the application.", + "title": "ProxyType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the application.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the virtual private cloud (VPC).", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "EnvironmentIdentifier", + "Name", + "ProxyType", + "VpcId" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::RefactorSpaces::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TemplateError": { + "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Description of the error type.", - "title": "Message", + "EndpointType": { + "markdownDescription": "The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default.\n\nIf the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) .", + "title": "EndpointType", "type": "string" }, - "Type": { - "markdownDescription": "Type of error.", - "title": "Type", + "StageName": { + "markdownDescription": "The name of the API Gateway stage. The name defaults to `prod` .", + "title": "StageName", "type": "string" - }, - "ViolatedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Entity" - }, - "markdownDescription": "An error path that shows which entities caused the template error.", - "title": "ViolatedEntities", - "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.TemplateSourceAnalysis": { + "AWS::RefactorSpaces::Environment": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", + "Condition": { "type": "string" }, - "DataSetReferences": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetReference" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the environment.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment.", + "title": "Name", + "type": "string" + }, + "NetworkFabricType": { + "markdownDescription": "The network fabric type of the environment.", + "title": "NetworkFabricType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the environment.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A structure containing information about the dataset references used as placeholders in the template.", - "title": "DataSetReferences", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RefactorSpaces::Environment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Arn", - "DataSetReferences" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.TemplateSourceEntity": { + "AWS::RefactorSpaces::Route": { "additionalProperties": false, "properties": { - "SourceAnalysis": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceAnalysis", - "markdownDescription": "The source analysis, if it is based on an analysis.", - "title": "SourceAnalysis" + "Condition": { + "type": "string" }, - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceTemplate", - "markdownDescription": "The source template, if it is based on an template.", - "title": "SourceTemplate" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationIdentifier": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationIdentifier", + "type": "string" + }, + "DefaultRoute": { + "$ref": "#/definitions/AWS::RefactorSpaces::Route.DefaultRouteInput", + "markdownDescription": "Configuration for the default route type.", + "title": "DefaultRoute" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "RouteType": { + "markdownDescription": "The route type of the route.", + "title": "RouteType", + "type": "string" + }, + "ServiceIdentifier": { + "markdownDescription": "The unique identifier of the service.", + "title": "ServiceIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the route.", + "title": "Tags", + "type": "array" + }, + "UriPathRoute": { + "$ref": "#/definitions/AWS::RefactorSpaces::Route.UriPathRouteInput", + "markdownDescription": "The configuration for the URI path route type.", + "title": "UriPathRoute" + } + }, + "required": [ + "ApplicationIdentifier", + "EnvironmentIdentifier", + "RouteType", + "ServiceIdentifier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RefactorSpaces::Route" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TemplateSourceTemplate": { + "AWS::RefactorSpaces::Route.DefaultRouteInput": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", + "ActivationState": { + "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", + "title": "ActivationState", "type": "string" } }, "required": [ - "Arn" + "ActivationState" ], "type": "object" }, - "AWS::QuickSight::Template.TemplateVersion": { + "AWS::RefactorSpaces::Route.UriPathRouteInput": { "additionalProperties": false, "properties": { - "CreatedTime": { - "markdownDescription": "The time that this template version was created.", - "title": "CreatedTime", + "ActivationState": { + "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", + "title": "ActivationState", "type": "string" }, - "DataSetConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" - }, - "markdownDescription": "Schema of the dataset identified by the placeholder. Any dashboard created from this template should be bound to new datasets matching the same schema described through this API operation.", - "title": "DataSetConfigurations", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the template.", - "title": "Description", - "type": "string" + "AppendSourcePath": { + "markdownDescription": "If set to `true` , this option appends the source path to the service URL endpoint.", + "title": "AppendSourcePath", + "type": "boolean" }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateError" - }, - "markdownDescription": "Errors associated with this template version.", - "title": "Errors", - "type": "array" + "IncludeChildPaths": { + "markdownDescription": "Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service.", + "title": "IncludeChildPaths", + "type": "boolean" }, - "Sheets": { + "Methods": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Sheet" + "type": "string" }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", + "markdownDescription": "A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route\u2019s service.", + "title": "Methods", "type": "array" }, - "SourceEntityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an analysis or template that was used to create this template.", - "title": "SourceEntityArn", - "type": "string" - }, - "Status": { - "markdownDescription": "The status that is associated with the template.\n\n- `CREATION_IN_PROGRESS`\n- `CREATION_SUCCESSFUL`\n- `CREATION_FAILED`\n- `UPDATE_IN_PROGRESS`\n- `UPDATE_SUCCESSFUL`\n- `UPDATE_FAILED`\n- `DELETED`", - "title": "Status", - "type": "string" - }, - "ThemeArn": { - "markdownDescription": "The ARN of the theme associated with this version of the template.", - "title": "ThemeArn", + "SourcePath": { + "markdownDescription": "This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'.", + "title": "SourcePath", "type": "string" - }, - "VersionNumber": { - "markdownDescription": "The version number of the template version.", - "title": "VersionNumber", - "type": "number" } }, + "required": [ + "ActivationState" + ], "type": "object" }, - "AWS::QuickSight::Template.TemplateVersionDefinition": { + "AWS::RefactorSpaces::Service": { "additionalProperties": false, "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Template.AnalysisDefaults", - "markdownDescription": "", - "title": "AnalysisDefaults" + "Condition": { + "type": "string" }, - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedField" - }, - "markdownDescription": "An array of calculated field definitions for the template.", - "title": "CalculatedFields", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnConfiguration" - }, - "markdownDescription": "An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template.", - "title": "ColumnConfigurations", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DataSetConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" - }, - "markdownDescription": "An array of dataset configurations. These configurations define the required columns for each dataset used within a template.", - "title": "DataSetConfigurations", - "type": "array" + "Metadata": { + "type": "object" }, - "FilterGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterGroup" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationIdentifier": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationIdentifier", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the service.", + "title": "Description", + "type": "string" + }, + "EndpointType": { + "markdownDescription": "The endpoint type of the service.", + "title": "EndpointType", + "type": "string" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "LambdaEndpoint": { + "$ref": "#/definitions/AWS::RefactorSpaces::Service.LambdaEndpointInput", + "markdownDescription": "A summary of the configuration for the AWS Lambda endpoint type.", + "title": "LambdaEndpoint" + }, + "Name": { + "markdownDescription": "The name of the service.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the service.", + "title": "Tags", + "type": "array" + }, + "UrlEndpoint": { + "$ref": "#/definitions/AWS::RefactorSpaces::Service.UrlEndpointInput", + "markdownDescription": "The summary of the configuration for the URL endpoint type.", + "title": "UrlEndpoint" + }, + "VpcId": { + "markdownDescription": "The ID of the virtual private cloud (VPC).", + "title": "VpcId", + "type": "string" + } }, - "markdownDescription": "Filter definitions for a template.\n\nFor more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", - "type": "array" - }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Template.AssetOptions", - "markdownDescription": "An array of option definitions for a template.", - "title": "Options" + "required": [ + "ApplicationIdentifier", + "EndpointType", + "EnvironmentIdentifier", + "Name" + ], + "type": "object" }, - "ParameterDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDeclaration" - }, - "markdownDescription": "An array of parameter declarations for a template.\n\n*Parameters* are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", - "type": "array" + "Type": { + "enum": [ + "AWS::RefactorSpaces::Service" + ], + "type": "string" }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetDefinition" - }, - "markdownDescription": "An array of sheet definitions for a template.", - "title": "Sheets", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DataSetConfigurations" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TextAreaControlDisplayOptions": { + "AWS::RefactorSpaces::Service.LambdaEndpointInput": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function or alias.", + "title": "Arn", + "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::QuickSight::Template.TextConditionalFormat": { + "AWS::RefactorSpaces::Service.UrlEndpointInput": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" - }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" + "HealthUrl": { + "markdownDescription": "The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL.", + "title": "HealthUrl", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" + "Url": { + "markdownDescription": "The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) .", + "title": "Url", + "type": "string" } }, + "required": [ + "Url" + ], "type": "object" }, - "AWS::QuickSight::Template.TextControlPlaceholderOptions": { + "AWS::Rekognition::Collection": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CollectionId": { + "markdownDescription": "ID for the collection that you are creating.", + "title": "CollectionId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the collection.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "CollectionId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rekognition::Collection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TextFieldControlDisplayOptions": { + "AWS::Rekognition::Project": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Condition": { + "type": "string" }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ProjectName": { + "markdownDescription": "The name of the project to create.", + "title": "ProjectName", + "type": "string" + } + }, + "required": [ + "ProjectName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rekognition::Project" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.ThousandSeparatorOptions": { + "AWS::Rekognition::StreamProcessor": { "additionalProperties": false, "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", + "Condition": { "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BoundingBoxRegionsOfInterest": { + "items": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.BoundingBox" + }, + "markdownDescription": "List of BoundingBox objects, each of which denotes a region of interest on screen. For more information, see the BoundingBox field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", + "title": "BoundingBoxRegionsOfInterest", + "type": "array" + }, + "ConnectedHomeSettings": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.ConnectedHomeSettings", + "markdownDescription": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) .", + "title": "ConnectedHomeSettings" + }, + "DataSharingPreference": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.DataSharingPreference", + "markdownDescription": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) .", + "title": "DataSharingPreference" + }, + "FaceSearchSettings": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.FaceSearchSettings", + "markdownDescription": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) .", + "title": "FaceSearchSettings" + }, + "KinesisDataStream": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisDataStream", + "markdownDescription": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) .", + "title": "KinesisDataStream" + }, + "KinesisVideoStream": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisVideoStream", + "markdownDescription": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) .", + "title": "KinesisVideoStream" + }, + "KmsKeyId": { + "markdownDescription": "The identifier for your Amazon Key Management Service key (Amazon KMS key). Optional parameter for connected home stream processors used to encrypt results and data published to your Amazon S3 bucket. For more information, see the KMSKeyId section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The Name attribute specifies the name of the stream processor and it must be within the constraints described in the Name section of [StreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessor) . If you don't specify a name, Amazon CloudFormation generates a unique ID and uses that ID for the stream processor name.", + "title": "Name", + "type": "string" + }, + "NotificationChannel": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.NotificationChannel", + "markdownDescription": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) .", + "title": "NotificationChannel" + }, + "PolygonRegionsOfInterest": { + "markdownDescription": "A set of ordered lists of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. Each entry of the set contains a polygon denoting a region of interest on the screen. Each polygon is an ordered list of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. For more information, see the Polygon field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", + "title": "PolygonRegionsOfInterest", + "type": "object" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions to the Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a connected home stream processor. This is required for both face search and connected home stream processors. For information about constraints, see the RoleArn section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "RoleArn", + "type": "string" + }, + "S3Destination": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.S3Destination", + "markdownDescription": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) .", + "title": "S3Destination" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the stream processor. For more information, see the Tags section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "KinesisVideoStream", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rekognition::StreamProcessor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TimeBasedForecastProperties": { + "AWS::Rekognition::StreamProcessor.BoundingBox": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", + "Height": { + "markdownDescription": "Height of the bounding box as a ratio of the overall image height.", + "title": "Height", "type": "number" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", + "Left": { + "markdownDescription": "Left coordinate of the bounding box as a ratio of overall image width.", + "title": "Left", "type": "number" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", + "Top": { + "markdownDescription": "Top coordinate of the bounding box as a ratio of overall image height.", + "title": "Top", "type": "number" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", + "Width": { + "markdownDescription": "Width of the bounding box as a ratio of the overall image width.", + "title": "Width", "type": "number" } }, + "required": [ + "Height", + "Left", + "Top", + "Width" + ], "type": "object" }, - "AWS::QuickSight::Template.TimeEqualityFilter": { + "AWS::Rekognition::StreamProcessor.ConnectedHomeSettings": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", - "type": "string" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "Labels": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: \"PERSON\", \"PET\", \"PACKAGE\", and \"ALL\".", + "title": "Labels", + "type": "array" }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", - "type": "string" + "MinConfidence": { + "markdownDescription": "The minimum confidence required to label an object in the video.", + "title": "MinConfidence", + "type": "number" } }, "required": [ - "Column", - "FilterId" + "Labels" ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeDrillDownFilter": { + "AWS::Rekognition::StreamProcessor.DataSharingPreference": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", - "type": "string" - }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", - "type": "string" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "OptIn": { + "markdownDescription": "Describes the opt-in status applied to a stream processor's data sharing policy.", + "title": "OptIn", + "type": "boolean" } }, "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" + "OptIn" ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeFilter": { + "AWS::Rekognition::StreamProcessor.FaceSearchSettings": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "CollectionId": { + "markdownDescription": "The ID of a collection that contains faces that you want to search for.", + "title": "CollectionId", "type": "string" }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" - }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "FaceMatchThreshold": { + "markdownDescription": "Minimum face match confidence score that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted, and values lower than 80 are set to 80.", + "title": "FaceMatchThreshold", + "type": "number" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "CollectionId" ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeFilterValue": { + "AWS::Rekognition::StreamProcessor.KinesisDataStream": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", - "type": "string" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" - }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", + "Arn": { + "markdownDescription": "ARN of the output Amazon Kinesis Data Streams stream.", + "title": "Arn", "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::QuickSight::Template.TooltipItem": { + "AWS::Rekognition::StreamProcessor.KinesisVideoStream": { "additionalProperties": false, "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" - }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" + "Arn": { + "markdownDescription": "ARN of the Kinesis video stream stream that streams the source video.", + "title": "Arn", + "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::QuickSight::Template.TooltipOptions": { + "AWS::Rekognition::StreamProcessor.NotificationChannel": { "additionalProperties": false, "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" - }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", - "type": "string" - }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", + "Arn": { + "markdownDescription": "The ARN of the SNS topic that receives notifications.", + "title": "Arn", "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::QuickSight::Template.TopBottomFilter": { + "AWS::Rekognition::StreamProcessor.S3Destination": { "additionalProperties": false, "properties": { - "AggregationSortConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationSortConfiguration" - }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "BucketName": { + "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) bucket name of a stream processor's exports.", + "title": "BucketName", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "ObjectKeyPrefix": { + "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) object keys of a stream processor's exports.", + "title": "ObjectKeyPrefix", "type": "string" } }, "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" + "BucketName" ], "type": "object" }, - "AWS::QuickSight::Template.TopBottomMoversComputation": { + "AWS::ResilienceHub::App": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppAssessmentSchedule": { + "markdownDescription": "Assessment execution schedule with 'Daily' or 'Disabled' values.", + "title": "AppAssessmentSchedule", + "type": "string" + }, + "AppTemplateBody": { + "markdownDescription": "A JSON string that provides information about your application structure. To learn more about the `appTemplateBody` template, see the sample template in [Sample appTemplateBody template](https://docs.aws.amazon.com//resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html#API_PutDraftAppVersionTemplate_Examples) .\n\nThe `appTemplateBody` JSON string has the following structure:\n\n- *`resources`*\n\nThe list of logical resources that needs to be included in the AWS Resilience Hub application.\n\nType: Array\n\n> Don't add the resources that you want to exclude. \n\nEach `resources` array item includes the following fields:\n\n- *`logicalResourceId`*\n\nThe logical identifier of the resource.\n\nType: Object\n\nEach `logicalResourceId` object includes the following fields:\n\n- `identifier`\n\nIdentifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`type`*\n\nThe type of resource.\n\nType: string\n- *`name`*\n\nName of the resource.\n\nType: String\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`appComponents`*\n\nThe list of Application Components (AppComponent) that this resource belongs to. If an AppComponent is not part of the AWS Resilience Hub application, it will be added.\n\nType: Array\n\nEach `appComponents` array item includes the following fields:\n\n- `name`\n\nName of the AppComponent.\n\nType: String\n- `type`\n\nThe type of AppComponent. For more information about the types of AppComponent, see [Grouping resources in an AppComponent](https://docs.aws.amazon.com/resilience-hub/latest/userguide/AppComponent.grouping.html) .\n\nType: String\n- `resourceNames`\n\nThe list of included resources that are assigned to the AppComponent.\n\nType: Array of strings\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`excludedResources`*\n\nThe list of logical resource identifiers to be excluded from the application.\n\nType: Array\n\n> Don't add the resources that you want to include. \n\nEach `excludedResources` array item includes the following fields:\n\n- *`logicalResourceIds`*\n\nThe logical identifier of the resource.\n\nType: Object\n\n> You can configure only one of the following fields:\n> \n> - `logicalStackName`\n> - `resourceGroupName`\n> - `terraformSourceName`\n> - `eksSourceName` \n\nEach `logicalResourceIds` object includes the following fields:\n\n- `identifier`\n\nThe identifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`version`*\n\nThe AWS Resilience Hub application version.\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`", + "title": "AppTemplateBody", + "type": "string" + }, + "Description": { + "markdownDescription": "Optional description for an application.", + "title": "Description", + "type": "string" + }, + "EventSubscriptions": { + "items": { + "$ref": "#/definitions/AWS::ResilienceHub::App.EventSubscription" + }, + "markdownDescription": "The list of events you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* and *Scheduled assessment failure* events.", + "title": "EventSubscriptions", + "type": "array" + }, + "Name": { + "markdownDescription": "Name for the application.", + "title": "Name", + "type": "string" + }, + "PermissionModel": { + "$ref": "#/definitions/AWS::ResilienceHub::App.PermissionModel", + "markdownDescription": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.", + "title": "PermissionModel" + }, + "ResiliencyPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resiliency policy.", + "title": "ResiliencyPolicyArn", + "type": "string" + }, + "ResourceMappings": { + "items": { + "$ref": "#/definitions/AWS::ResilienceHub::App.ResourceMapping" + }, + "markdownDescription": "An array of `ResourceMapping` objects.", + "title": "ResourceMappings", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "AppTemplateBody", + "Name", + "ResourceMappings" + ], + "type": "object" }, "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", - "title": "Type", + "enum": [ + "AWS::ResilienceHub::App" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TopBottomRankedComputation": { + "AWS::ResilienceHub::App.EventSubscription": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "EventType": { + "markdownDescription": "The type of event you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* ( `DriftDetected` ) and *Scheduled assessment failure* ( `ScheduledAssessmentFailure` ) events.", + "title": "EventType", "type": "string" }, "Name": { - "markdownDescription": "The name of a computation.", + "markdownDescription": "Unique name to identify an event subscription.", "title": "Name", "type": "string" }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", - "type": "number" - }, - "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", + "SnsTopicArn": { + "markdownDescription": "Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. The format for this ARN is: `arn:partition:sns:region:account:topic-name` . For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* guide.", + "title": "SnsTopicArn", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId", - "Type" + "EventType", + "Name" ], "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationComputation": { + "AWS::ResilienceHub::App.PermissionModel": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "CrossAccountRoleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.\n\n> - These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.\n> - These roles must have a trust policy with `iam:AssumeRole` permission to the invoker role in the primary account.", + "title": "CrossAccountRoleArns", + "type": "array" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "InvokerRoleName": { + "markdownDescription": "Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.\n\nIf your IAM role includes a path, you must include the path in the `invokerRoleName` parameter. For example, if your IAM role's ARN is `arn:aws:iam:123456789012:role/my-path/role-name` , you should pass `my-path/role-name` .\n\n> - You must have `iam:passRole` permission for this role while creating or updating the application.\n> - Currently, `invokerRoleName` accepts only `[A-Za-z0-9_+=,.@-]` characters.", + "title": "InvokerRoleName", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Type": { + "markdownDescription": "Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.", + "title": "Type", + "type": "string" } }, "required": [ - "ComputationId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationFunction": { + "AWS::ResilienceHub::App.PhysicalResourceId": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", + "AwsAccountId": { + "markdownDescription": "The AWS account that owns the physical resource.", + "title": "AwsAccountId", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TotalAggregationOption": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", + }, + "AwsRegion": { + "markdownDescription": "The AWS Region that the physical resource is located in.", + "title": "AwsRegion", "type": "string" }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" + "Identifier": { + "markdownDescription": "Identifier of the physical resource.", + "title": "Identifier", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of physical resource identifier.\n\n- **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:\n\n- `AWS::ECS::Service`\n- `AWS::EFS::FileSystem`\n- `AWS::ElasticLoadBalancingV2::LoadBalancer`\n- `AWS::Lambda::Function`\n- `AWS::SNS::Topic`\n- **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:\n\n- `AWS::ApiGateway::RestApi`\n- `AWS::ApiGatewayV2::Api`\n- `AWS::AutoScaling::AutoScalingGroup`\n- `AWS::DocDB::DBCluster`\n- `AWS::DocDB::DBGlobalCluster`\n- `AWS::DocDB::DBInstance`\n- `AWS::DynamoDB::GlobalTable`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::EC2Fleet`\n- `AWS::EC2::Instance`\n- `AWS::EC2::NatGateway`\n- `AWS::EC2::Volume`\n- `AWS::ElasticLoadBalancing::LoadBalancer`\n- `AWS::RDS::DBCluster`\n- `AWS::RDS::DBInstance`\n- `AWS::RDS::GlobalCluster`\n- `AWS::Route53::RecordSet`\n- `AWS::S3::Bucket`\n- `AWS::SQS::Queue`", + "title": "Type", + "type": "string" } }, "required": [ - "FieldId", - "TotalAggregationFunction" + "Identifier", + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.TotalOptions": { + "AWS::ResilienceHub::App.ResourceMapping": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", + "EksSourceName": { + "markdownDescription": "Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` .\n\n> This parameter accepts values in \"eks-cluster/namespace\" format.", + "title": "EksSourceName", "type": "string" }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "LogicalStackName": { + "markdownDescription": "Name of the AWS CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` .", + "title": "LogicalStackName", "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "MappingType": { + "markdownDescription": "Specifies the type of resource mapping.", + "title": "MappingType", "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" + "PhysicalResourceId": { + "$ref": "#/definitions/AWS::ResilienceHub::App.PhysicalResourceId", + "markdownDescription": "Identifier of the physical resource.", + "title": "PhysicalResourceId" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "ResourceName": { + "markdownDescription": "Name of the resource that this resource is mapped to when the `mappingType` is `Resource` .", + "title": "ResourceName", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TreeMapAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", - "type": "array" }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", - "type": "array" - }, - "Sizes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", - "type": "array" + "TerraformSourceName": { + "markdownDescription": "Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` .", + "title": "TerraformSourceName", + "type": "string" } }, + "required": [ + "MappingType", + "PhysicalResourceId" + ], "type": "object" }, - "AWS::QuickSight::Template.TreeMapConfiguration": { + "AWS::ResilienceHub::ResiliencyPolicy": { "additionalProperties": false, "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" - }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Metadata": { + "type": "object" }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "DataLocationConstraint": { + "markdownDescription": "Specifies a high-level geographical location constraint for where your resilience policy data can be stored.", + "title": "DataLocationConstraint", + "type": "string" + }, + "Policy": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.PolicyMap", + "markdownDescription": "The resiliency policy.", + "title": "Policy" + }, + "PolicyDescription": { + "markdownDescription": "Description of the resiliency policy.", + "title": "PolicyDescription", + "type": "string" + }, + "PolicyName": { + "markdownDescription": "The name of the policy", + "title": "PolicyName", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Tier": { + "markdownDescription": "The tier for this resiliency policy, ranging from the highest severity ( `MissionCritical` ) to lowest ( `NonCritical` ).", + "title": "Tier", + "type": "string" + } + }, + "required": [ + "Policy", + "PolicyName", + "Tier" + ], + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", - "title": "SortConfiguration" + "Type": { + "enum": [ + "AWS::ResilienceHub::ResiliencyPolicy" + ], + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TreeMapFieldWells": { + "AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy": { "additionalProperties": false, "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" + "RpoInSecs": { + "markdownDescription": "Recovery Point Objective (RPO) in seconds.", + "title": "RpoInSecs", + "type": "number" + }, + "RtoInSecs": { + "markdownDescription": "Recovery Time Objective (RTO) in seconds.", + "title": "RtoInSecs", + "type": "number" } }, + "required": [ + "RpoInSecs", + "RtoInSecs" + ], "type": "object" }, - "AWS::QuickSight::Template.TreeMapSortConfiguration": { + "AWS::ResilienceHub::ResiliencyPolicy.PolicyMap": { "additionalProperties": false, "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" + "AZ": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for Availability Zone disruption.", + "title": "AZ" }, - "TreeMapSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", - "type": "array" + "Hardware": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for hardware disruption.", + "title": "Hardware" + }, + "Region": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for Regional disruption.", + "title": "Region" + }, + "Software": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for software disruption.", + "title": "Software" } }, + "required": [ + "AZ", + "Hardware", + "Software" + ], "type": "object" }, - "AWS::QuickSight::Template.TreeMapVisual": { + "AWS::ResourceExplorer2::DefaultViewAssociation": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "ViewArn": { + "markdownDescription": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region.", + "title": "ViewArn", + "type": "string" + } + }, + "required": [ + "ViewArn" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::ResourceExplorer2::DefaultViewAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TrendArrowOptions": { + "AWS::ResourceExplorer2::Index": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", - "title": "Visibility", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.UnaggregatedField": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "additionalProperties": true, + "markdownDescription": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResourceExplorer2::Index" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.UniqueValuesComputation": { + "AWS::ResourceExplorer2::View": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" + "Condition": { + "type": "string" }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Filters": { + "$ref": "#/definitions/AWS::ResourceExplorer2::View.SearchFilter", + "markdownDescription": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", + "title": "Filters" + }, + "IncludedProperties": { + "items": { + "$ref": "#/definitions/AWS::ResourceExplorer2::View.IncludedProperty" + }, + "markdownDescription": "A list of fields that provide additional information about the view.", + "title": "IncludedProperties", + "type": "array" + }, + "Scope": { + "markdownDescription": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account.", + "title": "Scope", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tag key and value pairs that are attached to the view.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "ViewName": { + "markdownDescription": "The name of the new view.", + "title": "ViewName", + "type": "string" + } + }, + "required": [ + "ViewName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResourceExplorer2::View" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ComputationId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.ValidationStrategy": { + "AWS::ResourceExplorer2::View.IncludedProperty": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", + "Name": { + "markdownDescription": "The name of the property that is included in this view.", + "title": "Name", "type": "string" } }, "required": [ - "Mode" + "Name" ], "type": "object" }, - "AWS::QuickSight::Template.VisibleRangeOptions": { + "AWS::ResourceExplorer2::View.SearchFilter": { "additionalProperties": false, "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" + "FilterString": { + "markdownDescription": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation.\n\nFor information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", + "title": "FilterString", + "type": "string" } }, + "required": [ + "FilterString" + ], "type": "object" }, - "AWS::QuickSight::Template.Visual": { + "AWS::ResourceGroups::Group": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" - }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" - }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" - }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" - }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" - }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" - }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" - }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" - }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" - }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" - }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" - }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" - }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" - }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" - }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" - }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" - }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" - }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" + "Condition": { + "type": "string" }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "Metadata": { + "type": "object" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.VisualCustomAction": { - "additionalProperties": false, - "properties": { - "ActionOperations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomActionOperation" + "Properties": { + "additionalProperties": false, + "properties": { + "Configuration": { + "items": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationItem" + }, + "markdownDescription": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n> You can include either a `Configuration` or a `ResourceQuery` , but not both.", + "title": "Configuration", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the resource group.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a resource group. The name must be unique within the AWS Region in which you create the resource. To create multiple resource groups based on the same CloudFormation stack, you must generate unique names for each.", + "title": "Name", + "type": "string" + }, + "ResourceQuery": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ResourceQuery", + "markdownDescription": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n> - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n> - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both.", + "title": "ResourceQuery" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n> - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n> - You can include a `Resources` property only if you also specify a `Configuration` property.", + "title": "Resources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tag key and value pairs that are attached to the resource group.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", - "type": "array" - }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", - "title": "Name", - "type": "string" + "required": [ + "Name" + ], + "type": "object" }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", + "Type": { + "enum": [ + "AWS::ResourceGroups::Group" + ], "type": "string" }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ActionOperations", - "CustomActionId", - "Name", - "Trigger" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.VisualCustomActionOperation": { + "AWS::ResourceGroups::Group.ConfigurationItem": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" - }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" - }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationParameter" + }, + "markdownDescription": "A collection of parameters for this configuration item. For the list of parameters that you can use with each configuration item `Type` , see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Parameters", + "type": "array" }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" + "Type": { + "markdownDescription": "Specifies the type of configuration item. Each item must have a unique value for type. For the list of the types that you can specify for a configuration item, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.VisualPalette": { + "AWS::ResourceGroups::Group.ConfigurationParameter": { "additionalProperties": false, "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", + "Name": { + "markdownDescription": "The name of the group configuration parameter. For the list of parameters that you can use with each configuration item type, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Name", "type": "string" }, - "ColorMap": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathColor" + "type": "string" }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", + "markdownDescription": "The value or values to be used for the specified parameter. For the list of values you can use with each parameter, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) .", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.VisualSubtitleLabelOptions": { + "AWS::ResourceGroups::Group.Query": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Template.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" + "ResourceTypeFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `[\"AWS::EC2::Instance\", \"AWS::DynamoDB::Table\"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `[\"AWS::AllSupported\"]` .", + "title": "ResourceTypeFilters", + "type": "array" }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", + "StackIdentifier": { + "markdownDescription": "Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped.\n\nYou can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.`", + "title": "StackIdentifier", "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.TagFilter" + }, + "markdownDescription": "A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` .\n\nA resource must have a tag that matches every filter that is provided in the `TagFilters` list.", + "title": "TagFilters", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.VisualTitleLabelOptions": { + "AWS::ResourceGroups::Group.ResourceQuery": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Template.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" + "Query": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.Query", + "markdownDescription": "The query that defines the membership of the group. This is a structure with properties that depend on the `Type` .\n\nThe `Query` structure must be included in the following scenarios:\n\n- When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group.\n- When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing.", + "title": "Query" }, - "Visibility": { - "markdownDescription": "The visibility of the title label.", - "title": "Visibility", + "Type": { + "markdownDescription": "Specifies the type of resource query that determines this group's membership. There are two valid query types:\n\n- `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query.\n- `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells": { + "AWS::ResourceGroups::Group.TagFilter": { "additionalProperties": false, "properties": { - "Breakdowns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", - "type": "array" - }, - "Categories": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", - "type": "array" + "Key": { + "markdownDescription": "A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group.\n\nThis field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key.", + "title": "Key", + "type": "string" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a waterfall visual.", + "markdownDescription": "A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartConfiguration": { + "AWS::ResourceGroups::TagSyncTask": { "additionalProperties": false, "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" - }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", - "title": "SortConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "Group": { + "markdownDescription": "The Amazon resource name (ARN) or name of the application group for which you want to create a tag-sync task.", + "title": "Group", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon resource name (ARN) of the role assumed by the service to tag and untag resources on your behalf.", + "title": "RoleArn", + "type": "string" + }, + "TagKey": { + "markdownDescription": "The tag key.", + "title": "TagKey", + "type": "string" + }, + "TagValue": { + "markdownDescription": "The tag value.", + "title": "TagValue", + "type": "string" + } + }, + "required": [ + "Group", + "RoleArn", + "TagKey", + "TagValue" + ], + "type": "object" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", - "title": "VisualPalette" + "Type": { + "enum": [ + "AWS::ResourceGroups::TagSyncTask" + ], + "type": "string" }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.WaterfallChartFieldWells": { - "additionalProperties": false, - "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.WaterfallChartOptions": { - "additionalProperties": false, - "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartSortConfiguration": { + "AWS::RoboMaker::Fleet": { "additionalProperties": false, "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the fleet.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The list of all tags added to the fleet.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::Fleet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.WaterfallVisual": { + "AWS::RoboMaker::Robot": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Architecture": { + "markdownDescription": "The architecture of the robot.", + "title": "Architecture", + "type": "string" + }, + "Fleet": { + "markdownDescription": "The Amazon Resource Name (ARN) of the fleet to which the robot will be registered.", + "title": "Fleet", + "type": "string" + }, + "GreengrassGroupId": { + "markdownDescription": "The Greengrass group associated with the robot.", + "title": "GreengrassGroupId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the robot.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "required": [ + "Architecture", + "GreengrassGroupId" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::RoboMaker::Robot" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.WhatIfPointScenario": { + "AWS::RoboMaker::RobotApplication": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", - "title": "Value", - "type": "number" - } - }, - "required": [ - "Date", - "Value" - ], - "type": "object" - }, - "AWS::QuickSight::Template.WhatIfRangeScenario": { - "additionalProperties": false, - "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", - "title": "Value", - "type": "number" - } - }, - "required": [ - "EndDate", - "StartDate", - "Value" - ], - "type": "object" - }, - "AWS::QuickSight::Template.WordCloudAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" + "Metadata": { + "type": "object" }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "Properties": { + "additionalProperties": false, + "properties": { + "CurrentRevisionId": { + "markdownDescription": "The current revision id.", + "title": "CurrentRevisionId", + "type": "string" + }, + "Environment": { + "markdownDescription": "The environment of the robot application.", + "title": "Environment", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the robot application.", + "title": "Name", + "type": "string" + }, + "RobotSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.RobotSoftwareSuite", + "markdownDescription": "The robot software suite used by the robot application.", + "title": "RobotSoftwareSuite" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.SourceConfig" + }, + "markdownDescription": "The sources of the robot application.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.WordCloudChartConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "required": [ + "RobotSoftwareSuite" + ], + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", - "title": "SortConfiguration" + "Type": { + "enum": [ + "AWS::RoboMaker::RobotApplication" + ], + "type": "string" }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudFieldWells": { + "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { "additionalProperties": false, "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" + "Name": { + "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", + "title": "Version", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudOptions": { + "AWS::RoboMaker::RobotApplication.SourceConfig": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", - "type": "string" - }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" - }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", - "type": "string" - }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", + "Architecture": { + "markdownDescription": "The target processor architecture for the application.", + "title": "Architecture", "type": "string" }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3Bucket", "type": "string" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", + "S3Key": { + "markdownDescription": "The s3 object key.", + "title": "S3Key", "type": "string" } }, + "required": [ + "Architecture", + "S3Bucket", + "S3Key" + ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudSortConfiguration": { + "AWS::RoboMaker::RobotApplicationVersion": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "CategorySort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.WordCloudVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "Application": { + "markdownDescription": "The application information for the robot application.", + "title": "Application", + "type": "string" + }, + "CurrentRevisionId": { + "markdownDescription": "The current revision id for the robot application. If you provide a value and it matches the latest revision ID, a new version will be created.", + "title": "CurrentRevisionId", + "type": "string" + } + }, + "required": [ + "Application" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::RoboMaker::RobotApplicationVersion" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Theme": { + "AWS::RoboMaker::SimulationApplication": { "additionalProperties": false, "properties": { "Condition": { @@ -222409,65 +273738,65 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you want to store the new theme.", - "title": "AwsAccountId", + "CurrentRevisionId": { + "markdownDescription": "The current revision id.", + "title": "CurrentRevisionId", "type": "string" }, - "BaseThemeId": { - "markdownDescription": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis.", - "title": "BaseThemeId", + "Environment": { + "markdownDescription": "The environment of the simulation application.", + "title": "Environment", "type": "string" }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", - "markdownDescription": "The theme configuration, which contains the theme display properties.", - "title": "Configuration" - }, "Name": { - "markdownDescription": "A display name for the theme.", + "markdownDescription": "The name of the simulation application.", "title": "Name", "type": "string" }, - "Permissions": { + "RenderingEngine": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RenderingEngine", + "markdownDescription": "The rendering engine for the simulation application.", + "title": "RenderingEngine" + }, + "RobotSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite", + "markdownDescription": "The robot software suite used by the simulation application.", + "title": "RobotSoftwareSuite" + }, + "SimulationSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite", + "markdownDescription": "The simulation software suite used by the simulation application.", + "title": "SimulationSoftwareSuite" + }, + "Sources": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ResourcePermission" + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SourceConfig" }, - "markdownDescription": "A valid grouping of resource permissions to apply to the new theme.", - "title": "Permissions", + "markdownDescription": "The sources of the simulation application.", + "title": "Sources", "type": "array" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the simulation application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource.", "title": "Tags", - "type": "array" - }, - "ThemeId": { - "markdownDescription": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account.", - "title": "ThemeId", - "type": "string" - }, - "VersionDescription": { - "markdownDescription": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field.", - "title": "VersionDescription", - "type": "string" + "type": "object" } }, "required": [ - "AwsAccountId", - "BaseThemeId", - "Configuration", - "Name", - "ThemeId" + "RobotSoftwareSuite", + "SimulationSoftwareSuite" ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Theme" + "AWS::RoboMaker::SimulationApplication" ], "type": "string" }, @@ -222486,335 +273815,576 @@ ], "type": "object" }, - "AWS::QuickSight::Theme.BorderStyle": { - "additionalProperties": false, - "properties": { - "Show": { - "markdownDescription": "The option to enable display of borders for visuals.", - "title": "Show", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.DataColorPalette": { + "AWS::RoboMaker::SimulationApplication.RenderingEngine": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "type": "string" - }, - "markdownDescription": "The hexadecimal codes for the colors.", - "title": "Colors", - "type": "array" - }, - "EmptyFillColor": { - "markdownDescription": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.", - "title": "EmptyFillColor", + "Name": { + "markdownDescription": "The name of the rendering engine.", + "title": "Name", "type": "string" }, - "MinMaxGradient": { - "items": { - "type": "string" - }, - "markdownDescription": "The minimum and maximum hexadecimal codes that describe a color gradient.", - "title": "MinMaxGradient", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.Font": { - "additionalProperties": false, - "properties": { - "FontFamily": { - "markdownDescription": "Determines the font family settings.", - "title": "FontFamily", + "Version": { + "markdownDescription": "The version of the rendering engine.", + "title": "Version", "type": "string" } }, + "required": [ + "Name", + "Version" + ], "type": "object" }, - "AWS::QuickSight::Theme.GutterStyle": { - "additionalProperties": false, - "properties": { - "Show": { - "markdownDescription": "This Boolean value controls whether to display a gutter space between sheet tiles.", - "title": "Show", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.MarginStyle": { + "AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite": { "additionalProperties": false, "properties": { - "Show": { - "markdownDescription": "This Boolean value controls whether to display sheet margins.", - "title": "Show", - "type": "boolean" + "Name": { + "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", + "title": "Version", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::QuickSight::Theme.ResourcePermission": { + "AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" + "Name": { + "markdownDescription": "The name of the simulation software suite. `SimulationRuntime` is the only supported value.", + "title": "Name", + "type": "string" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "Version": { + "markdownDescription": "The version of the simulation software suite. Not applicable for `SimulationRuntime` .", + "title": "Version", "type": "string" } }, "required": [ - "Actions", - "Principal" + "Name" ], "type": "object" }, - "AWS::QuickSight::Theme.SheetStyle": { + "AWS::RoboMaker::SimulationApplication.SourceConfig": { "additionalProperties": false, "properties": { - "Tile": { - "$ref": "#/definitions/AWS::QuickSight::Theme.TileStyle", - "markdownDescription": "The display options for tiles.", - "title": "Tile" + "Architecture": { + "markdownDescription": "The target processor architecture for the application.", + "title": "Architecture", + "type": "string" }, - "TileLayout": { - "$ref": "#/definitions/AWS::QuickSight::Theme.TileLayoutStyle", - "markdownDescription": "The layout options for tiles.", - "title": "TileLayout" + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3Bucket", + "type": "string" + }, + "S3Key": { + "markdownDescription": "The s3 object key.", + "title": "S3Key", + "type": "string" } }, + "required": [ + "Architecture", + "S3Bucket", + "S3Key" + ], "type": "object" }, - "AWS::QuickSight::Theme.ThemeConfiguration": { + "AWS::RoboMaker::SimulationApplicationVersion": { "additionalProperties": false, "properties": { - "DataColorPalette": { - "$ref": "#/definitions/AWS::QuickSight::Theme.DataColorPalette", - "markdownDescription": "Color properties that apply to chart data colors.", - "title": "DataColorPalette" + "Condition": { + "type": "string" }, - "Sheet": { - "$ref": "#/definitions/AWS::QuickSight::Theme.SheetStyle", - "markdownDescription": "Display options related to sheets.", - "title": "Sheet" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Typography": { - "$ref": "#/definitions/AWS::QuickSight::Theme.Typography", - "markdownDescription": "Determines the typography options.", - "title": "Typography" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "UIColorPalette": { - "$ref": "#/definitions/AWS::QuickSight::Theme.UIColorPalette", - "markdownDescription": "Color properties that apply to the UI and to charts, excluding the colors that apply to data.", - "title": "UIColorPalette" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Application": { + "markdownDescription": "The application information for the simulation application.", + "title": "Application", + "type": "string" + }, + "CurrentRevisionId": { + "markdownDescription": "The current revision id for the simulation application. If you provide a value and it matches the latest revision ID, a new version will be created.", + "title": "CurrentRevisionId", + "type": "string" + } + }, + "required": [ + "Application" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::SimulationApplicationVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Theme.ThemeError": { + "AWS::RolesAnywhere::CRL": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "The error message.", - "title": "Message", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CrlData": { + "markdownDescription": "The x509 v3 specified certificate revocation list (CRL).", + "title": "CrlData", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the certificate revocation list (CRL) is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the certificate revocation list (CRL).", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to attach to the certificate revocation list (CRL).", + "title": "Tags", + "type": "array" + }, + "TrustAnchorArn": { + "markdownDescription": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.", + "title": "TrustAnchorArn", + "type": "string" + } + }, + "required": [ + "CrlData", + "Name" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The type of error.", - "title": "Type", + "enum": [ + "AWS::RolesAnywhere::CRL" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Theme.ThemeVersion": { + "AWS::RolesAnywhere::Profile": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", + "Condition": { "type": "string" }, - "BaseThemeId": { - "markdownDescription": "The Amazon QuickSight-defined ID of the theme that a custom theme inherits from. All themes initially inherit from a default Amazon QuickSight theme.", - "title": "BaseThemeId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", - "markdownDescription": "The theme configuration, which contains all the theme display properties.", - "title": "Configuration" - }, - "CreatedTime": { - "markdownDescription": "The date and time that this theme version was created.", - "title": "CreatedTime", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Description": { - "markdownDescription": "The description of the theme.", - "title": "Description", - "type": "string" + "Metadata": { + "type": "object" }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeError" + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptRoleSessionName": { + "markdownDescription": "Used to determine if a custom role session name will be accepted in a temporary credential request.", + "title": "AcceptRoleSessionName", + "type": "boolean" + }, + "AttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::Profile.AttributeMapping" + }, + "markdownDescription": "A mapping applied to the authenticating end-entity certificate.", + "title": "AttributeMappings", + "type": "array" + }, + "DurationSeconds": { + "markdownDescription": "The number of seconds vended session credentials will be valid for", + "title": "DurationSeconds", + "type": "number" + }, + "Enabled": { + "markdownDescription": "The enabled status of the resource.", + "title": "Enabled", + "type": "boolean" + }, + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", + "title": "ManagedPolicyArns", + "type": "array" + }, + "Name": { + "markdownDescription": "The customer specified name of the resource.", + "title": "Name", + "type": "string" + }, + "RequireInstanceProperties": { + "markdownDescription": "Specifies whether instance properties are required in CreateSession requests with this profile.", + "title": "RequireInstanceProperties", + "type": "boolean" + }, + "RoleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", + "title": "RoleArns", + "type": "array" + }, + "SessionPolicy": { + "markdownDescription": "A session policy that will applied to the trust boundary of the vended session credentials.", + "title": "SessionPolicy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of Tags.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Errors associated with the theme.", - "title": "Errors", - "type": "array" + "required": [ + "Name", + "RoleArns" + ], + "type": "object" }, - "Status": { - "markdownDescription": "The status of the theme version.", - "title": "Status", + "Type": { + "enum": [ + "AWS::RolesAnywhere::Profile" + ], "type": "string" }, - "VersionNumber": { - "markdownDescription": "The version number of the theme.", - "title": "VersionNumber", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Theme.TileLayoutStyle": { + "AWS::RolesAnywhere::Profile.AttributeMapping": { "additionalProperties": false, "properties": { - "Gutter": { - "$ref": "#/definitions/AWS::QuickSight::Theme.GutterStyle", - "markdownDescription": "The gutter settings that apply between tiles.", - "title": "Gutter" + "CertificateField": { + "markdownDescription": "Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.", + "title": "CertificateField", + "type": "string" }, - "Margin": { - "$ref": "#/definitions/AWS::QuickSight::Theme.MarginStyle", - "markdownDescription": "The margin settings that apply around the outside edge of sheets.", - "title": "Margin" - } - }, - "type": "object" - }, - "AWS::QuickSight::Theme.TileStyle": { - "additionalProperties": false, - "properties": { - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Theme.BorderStyle", - "markdownDescription": "The border around a tile.", - "title": "Border" + "MappingRules": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::Profile.MappingRule" + }, + "markdownDescription": "A list of mapping entries for every supported specifier or sub-field.", + "title": "MappingRules", + "type": "array" } }, + "required": [ + "CertificateField", + "MappingRules" + ], "type": "object" }, - "AWS::QuickSight::Theme.Typography": { + "AWS::RolesAnywhere::Profile.MappingRule": { "additionalProperties": false, "properties": { - "FontFamilies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.Font" - }, - "markdownDescription": "Determines the list of font families.", - "title": "FontFamilies", - "type": "array" + "Specifier": { + "markdownDescription": "Specifier within a certificate field, such as CN, OU, or UID from the Subject field.", + "title": "Specifier", + "type": "string" } }, + "required": [ + "Specifier" + ], "type": "object" }, - "AWS::QuickSight::Theme.UIColorPalette": { + "AWS::RolesAnywhere::TrustAnchor": { "additionalProperties": false, "properties": { - "Accent": { - "markdownDescription": "This color is that applies to selected states and buttons.", - "title": "Accent", - "type": "string" - }, - "AccentForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the accent color.", - "title": "AccentForeground", - "type": "string" - }, - "Danger": { - "markdownDescription": "The color that applies to error messages.", - "title": "Danger", + "Condition": { "type": "string" }, - "DangerForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the error color.", - "title": "DangerForeground", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Dimension": { - "markdownDescription": "The color that applies to the names of fields that are identified as dimensions.", - "title": "Dimension", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DimensionForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the dimension color.", - "title": "DimensionForeground", - "type": "string" + "Metadata": { + "type": "object" }, - "Measure": { - "markdownDescription": "The color that applies to the names of fields that are identified as measures.", - "title": "Measure", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether the trust anchor is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the trust anchor.", + "title": "Name", + "type": "string" + }, + "NotificationSettings": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.NotificationSetting" + }, + "markdownDescription": "A list of notification settings to be associated to the trust anchor.", + "title": "NotificationSettings", + "type": "array" + }, + "Source": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.Source", + "markdownDescription": "The trust anchor type and its related certificate data.", + "title": "Source" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to attach to the trust anchor.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "Source" + ], + "type": "object" }, - "MeasureForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the measure color.", - "title": "MeasureForeground", + "Type": { + "enum": [ + "AWS::RolesAnywhere::TrustAnchor" + ], "type": "string" }, - "PrimaryBackground": { - "markdownDescription": "The background color that applies to visuals and other high emphasis UI.", - "title": "PrimaryBackground", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "PrimaryForeground": { - "markdownDescription": "The color of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.", - "title": "PrimaryForeground", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RolesAnywhere::TrustAnchor.NotificationSetting": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and AWS Health Dashboard to notify for an event.\n\n> In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels.", + "title": "Channel", "type": "string" }, - "SecondaryBackground": { - "markdownDescription": "The background color that applies to the sheet background and sheet controls.", - "title": "SecondaryBackground", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether the notification setting is enabled.", + "title": "Enabled", + "type": "boolean" }, - "SecondaryForeground": { - "markdownDescription": "The foreground color that applies to any sheet title, sheet control text, or UI that appears over the secondary background.", - "title": "SecondaryForeground", + "Event": { + "markdownDescription": "The event to which this notification setting is applied.", + "title": "Event", "type": "string" }, - "Success": { - "markdownDescription": "The color that applies to success messages, for example the check mark for a successful download.", - "title": "Success", - "type": "string" + "Threshold": { + "markdownDescription": "The number of days before a notification event. This value is required for a notification setting that is enabled.", + "title": "Threshold", + "type": "number" + } + }, + "required": [ + "Enabled", + "Event" + ], + "type": "object" + }, + "AWS::RolesAnywhere::TrustAnchor.Source": { + "additionalProperties": false, + "properties": { + "SourceData": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.SourceData", + "markdownDescription": "A union object representing the data field of the TrustAnchor depending on its type", + "title": "SourceData" }, - "SuccessForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the success color.", - "title": "SuccessForeground", + "SourceType": { + "markdownDescription": "The type of the TrustAnchor.", + "title": "SourceType", "type": "string" - }, - "Warning": { - "markdownDescription": "This color that applies to warning and informational messages.", - "title": "Warning", + } + }, + "required": [ + "SourceData", + "SourceType" + ], + "type": "object" + }, + "AWS::RolesAnywhere::TrustAnchor.SourceData": { + "additionalProperties": false, + "properties": { + "AcmPcaArn": { + "markdownDescription": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .\n\n> This field is not supported in your region.", + "title": "AcmPcaArn", "type": "string" }, - "WarningForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the warning color.", - "title": "WarningForeground", + "X509CertificateData": { + "markdownDescription": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` .", + "title": "X509CertificateData", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic": { + "AWS::Route53::CidrCollection": { "additionalProperties": false, "properties": { "Condition": { @@ -222849,45 +274419,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account that you want to create a topic in.", - "title": "AwsAccountId", - "type": "string" - }, - "DataSets": { + "Locations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DatasetMetadata" + "$ref": "#/definitions/AWS::Route53::CidrCollection.Location" }, - "markdownDescription": "The data sets that the topic is associated with.", - "title": "DataSets", + "markdownDescription": "A complex type that contains information about the list of CIDR locations.", + "title": "Locations", "type": "array" }, - "Description": { - "markdownDescription": "The description of the topic.", - "title": "Description", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the topic.", + "markdownDescription": "The name of a CIDR collection.", "title": "Name", "type": "string" - }, - "TopicId": { - "markdownDescription": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", - "title": "TopicId", - "type": "string" - }, - "UserExperienceVersion": { - "markdownDescription": "The user experience version of the topic.", - "title": "UserExperienceVersion", - "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Topic" + "AWS::Route53::CidrCollection" ], "type": "string" }, @@ -222901,856 +274454,1105 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.CellValueSynonym": { + "AWS::Route53::CidrCollection.Location": { "additionalProperties": false, "properties": { - "CellValue": { - "markdownDescription": "The cell value.", - "title": "CellValue", - "type": "string" - }, - "Synonyms": { + "CidrList": { "items": { "type": "string" }, - "markdownDescription": "Other names or aliases for the cell value.", - "title": "Synonyms", + "markdownDescription": "List of CIDR blocks.", + "title": "CidrList", "type": "array" + }, + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" } }, + "required": [ + "CidrList", + "LocationName" + ], "type": "object" }, - "AWS::QuickSight::Topic.CollectiveConstant": { + "AWS::Route53::DNSSEC": { "additionalProperties": false, "properties": { - "ValueList": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneId": { + "markdownDescription": "A unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", + "title": "HostedZoneId", + "type": "string" + } }, - "markdownDescription": "A list of values for the collective constant.", - "title": "ValueList", - "type": "array" + "required": [ + "HostedZoneId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::DNSSEC" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.ComparativeOrder": { + "AWS::Route53::HealthCheck": { "additionalProperties": false, "properties": { - "SpecifedOrder": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckConfig", + "markdownDescription": "A complex type that contains detailed information about one health check.\n\nFor the values to enter for `HealthCheckConfig` , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)", + "title": "HealthCheckConfig" + }, + "HealthCheckTags": { + "items": { + "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckTag" + }, + "markdownDescription": "The `HealthCheckTags` property describes key-value pairs that are associated with an `AWS::Route53::HealthCheck` resource.", + "title": "HealthCheckTags", + "type": "array" + } }, - "markdownDescription": "The list of columns to be used in the ordering.", - "title": "SpecifedOrder", - "type": "array" + "required": [ + "HealthCheckConfig" + ], + "type": "object" }, - "TreatUndefinedSpecifiedValues": { - "markdownDescription": "The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` .", - "title": "TreatUndefinedSpecifiedValues", + "Type": { + "enum": [ + "AWS::Route53::HealthCheck" + ], "type": "string" }, - "UseOrdering": { - "markdownDescription": "The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` .", - "title": "UseOrdering", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.DataAggregation": { + "AWS::Route53::HealthCheck.AlarmIdentifier": { "additionalProperties": false, "properties": { - "DatasetRowDateGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "DatasetRowDateGranularity", + "Name": { + "markdownDescription": "The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy.\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.", + "title": "Name", "type": "string" }, - "DefaultDateColumnName": { - "markdownDescription": "The column name for the default date.", - "title": "DefaultDateColumnName", + "Region": { + "markdownDescription": "For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in.\n\nFor the current list of CloudWatch regions, see [Amazon CloudWatch endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/cw_region.html) in the *Amazon Web Services General Reference* .", + "title": "Region", "type": "string" } }, + "required": [ + "Name", + "Region" + ], "type": "object" }, - "AWS::QuickSight::Topic.DatasetMetadata": { + "AWS::Route53::HealthCheck.HealthCheckConfig": { "additionalProperties": false, "properties": { - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCalculatedField" - }, - "markdownDescription": "The list of calculated field definitions.", - "title": "CalculatedFields", - "type": "array" + "AlarmIdentifier": { + "$ref": "#/definitions/AWS::Route53::HealthCheck.AlarmIdentifier", + "markdownDescription": "A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy.", + "title": "AlarmIdentifier" }, - "Columns": { + "ChildHealthChecks": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicColumn" + "type": "string" }, - "markdownDescription": "The list of column definitions.", - "title": "Columns", + "markdownDescription": "(CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check.", + "title": "ChildHealthChecks", "type": "array" }, - "DataAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DataAggregation", - "markdownDescription": "The definition of a data aggregation.", - "title": "DataAggregation" + "EnableSNI": { + "markdownDescription": "Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate.\n\nSome endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid.\n\nThe SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message.", + "title": "EnableSNI", + "type": "boolean" }, - "DatasetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset.", - "title": "DatasetArn", + "FailureThreshold": { + "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .\n\nIf you don't specify a value for `FailureThreshold` , the default value is three health checks.", + "title": "FailureThreshold", + "type": "number" + }, + "FullyQualifiedDomainName": { + "markdownDescription": "Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` .\n\n*If you specify a value for* `IPAddress` :\n\nAmazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.\n\nWhen Route 53 checks the health of an endpoint, here is how it constructs the `Host` header:\n\n- If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header.\n- If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header.\n- If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header.\n\nIf you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases.\n\n*If you don't specify a value for `IPAddress`* :\n\nRoute 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.\n\n> If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a \"DNS resolution failed\" error. \n\nIf you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com).\n\n> In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. \n\nIn addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header.", + "title": "FullyQualifiedDomainName", "type": "string" }, - "DatasetDescription": { - "markdownDescription": "The description of the dataset.", - "title": "DatasetDescription", + "HealthThreshold": { + "markdownDescription": "The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element.\n\nNote the following:\n\n- If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy.\n- If you specify `0` , Route 53 always considers this health check to be healthy.", + "title": "HealthThreshold", + "type": "number" + }, + "IPAddress": { + "markdownDescription": "The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint.\n\nUse one of the following formats for the value of `IPAddress` :\n\n- *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` .\n- *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` .\n\nIf the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change.\n\nFor more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) .\n\nConstraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents:\n\n- [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735)\n- [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598)\n- [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156)\n\nWhen the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` .", + "title": "IPAddress", "type": "string" }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", + "InsufficientDataHealthStatus": { + "markdownDescription": "When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check:\n\n- `Healthy` : Route 53 considers the health check to be healthy.\n- `Unhealthy` : Route 53 considers the health check to be unhealthy.\n- `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy.", + "title": "InsufficientDataHealthStatus", "type": "string" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicFilter" - }, - "markdownDescription": "The list of filter definitions.", - "title": "Filters", - "type": "array" + "Inverted": { + "markdownDescription": "Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy.", + "title": "Inverted", + "type": "boolean" }, - "NamedEntities": { + "MeasureLatency": { + "markdownDescription": "Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.\n\n> You can't change the value of `MeasureLatency` after you create a health check.", + "title": "MeasureLatency", + "type": "boolean" + }, + "Port": { + "markdownDescription": "The port on the endpoint that you want Amazon Route 53 to perform health checks on.\n\n> Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` .", + "title": "Port", + "type": "number" + }, + "Regions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNamedEntity" + "type": "string" }, - "markdownDescription": "The list of named entities definitions.", - "title": "NamedEntities", + "markdownDescription": "A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint.\n\nIf you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* .\n\nIf you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions).", + "title": "Regions", "type": "array" + }, + "RequestInterval": { + "markdownDescription": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.\n\n> You can't change the value of `RequestInterval` after you create a health check. \n\nIf you don't specify a value for `RequestInterval` , the default value is `30` seconds.", + "title": "RequestInterval", + "type": "number" + }, + "ResourcePath": { + "markdownDescription": "The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp&login=y` .", + "title": "ResourcePath", + "type": "string" + }, + "RoutingControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control.\n\nFor more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) .", + "title": "RoutingControlArn", + "type": "string" + }, + "SearchString": { + "markdownDescription": "If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy.\n\nRoute 53 considers case when searching for `SearchString` in the response body.", + "title": "SearchString", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *TCP* : Route 53 tries to establish a TCP connection.\n- *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` .\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.\n- *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` .\n- *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy.\n\nFor more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Type", + "type": "string" } }, "required": [ - "DatasetArn" + "Type" ], "type": "object" }, - "AWS::QuickSight::Topic.DefaultFormatting": { + "AWS::Route53::HealthCheck.HealthCheckTag": { "additionalProperties": false, "properties": { - "DisplayFormat": { - "markdownDescription": "The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` .", - "title": "DisplayFormat", + "Key": { + "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", + "title": "Key", "type": "string" }, - "DisplayFormatOptions": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DisplayFormatOptions", - "markdownDescription": "The additional options for display formatting.", - "title": "DisplayFormatOptions" + "Value": { + "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Topic.DisplayFormatOptions": { + "AWS::Route53::HostedZone": { "additionalProperties": false, "properties": { - "BlankCellFormat": { - "markdownDescription": "Determines the blank cell format.", - "title": "BlankCellFormat", - "type": "string" - }, - "CurrencySymbol": { - "markdownDescription": "The currency symbol, such as `USD` .", - "title": "CurrencySymbol", - "type": "string" - }, - "DateFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateFormat", + "Condition": { "type": "string" }, - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FractionDigits": { - "markdownDescription": "Determines the number of fraction digits.", - "title": "FractionDigits", - "type": "number" - }, - "GroupingSeparator": { - "markdownDescription": "Determines the grouping separator.", - "title": "GroupingSeparator", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NegativeFormat": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NegativeFormat", - "markdownDescription": "The negative format.", - "title": "NegativeFormat" + "Metadata": { + "type": "object" }, - "Prefix": { - "markdownDescription": "The prefix value for a display format.", - "title": "Prefix", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneConfig": { + "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneConfig", + "markdownDescription": "A complex type that contains an optional comment.\n\nIf you don't want to specify a comment, omit the `HostedZoneConfig` and `Comment` elements.", + "title": "HostedZoneConfig" + }, + "HostedZoneTags": { + "items": { + "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneTag" + }, + "markdownDescription": "Adds, edits, or deletes tags for a health check or a hosted zone.\n\nFor information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *Billing and Cost Management User Guide* .", + "title": "HostedZoneTags", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n\nIf you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of `NameServers` that are returned by the `Fn::GetAtt` intrinsic function.", + "title": "Name", + "type": "string" + }, + "QueryLoggingConfig": { + "$ref": "#/definitions/AWS::Route53::HostedZone.QueryLoggingConfig", + "markdownDescription": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n\nDNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n\n- Route 53 edge location that responded to the DNS query\n- Domain or subdomain that was requested\n- DNS record type, such as A or AAAA\n- DNS response code, such as `NoError` or `ServFail`\n\n- **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.\n\n> If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. \n\n- Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:\n\n- You must create the log group in the us-east-1 region.\n- You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for.\n- When you create log groups for query logging, we recommend that you use a consistent prefix, for example:\n\n`/aws/route53/ *hosted zone name*`\n\nIn the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging.\n- Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of `Resource` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with `*` , for example:\n\n`arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`\n\nTo avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:\n\n- For `aws:SourceArn` , supply the hosted zone ARN used in creating the query logging configuration. For example, `aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID` .\n- For `aws:SourceAccount` , supply the account ID for the account that creates the query logging configuration. For example, `aws:SourceAccount:111111111111` .\n\nFor more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .\n\n> You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI .\n- **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:\n\n- Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location.\n- Begins to send query logs to the applicable log stream.\n\nThe name of each log stream is in the following format:\n\n`*hosted zone ID* / *edge location code*`\n\nThe edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page.\n- **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* .\n- **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* .\n- **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) .\n- **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .", + "title": "QueryLoggingConfig" + }, + "VPCs": { + "items": { + "$ref": "#/definitions/AWS::Route53::HostedZone.VPC" + }, + "markdownDescription": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCs", + "type": "array" + } + }, + "type": "object" }, - "Suffix": { - "markdownDescription": "The suffix value for a display format.", - "title": "Suffix", + "Type": { + "enum": [ + "AWS::Route53::HostedZone" + ], "type": "string" }, - "UnitScaler": { - "markdownDescription": "The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` .", - "title": "UnitScaler", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "UseBlankCellFormat": { - "markdownDescription": "A Boolean value that indicates whether to use blank cell format.", - "title": "UseBlankCellFormat", - "type": "boolean" - }, - "UseGrouping": { - "markdownDescription": "A Boolean value that indicates whether to use grouping.", - "title": "UseGrouping", - "type": "boolean" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Topic.NamedEntityDefinition": { + "AWS::Route53::HostedZone.HostedZoneConfig": { "additionalProperties": false, "properties": { - "FieldName": { - "markdownDescription": "The name of the entity.", - "title": "FieldName", - "type": "string" - }, - "Metric": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinitionMetric", - "markdownDescription": "The definition of a metric.", - "title": "Metric" - }, - "PropertyName": { - "markdownDescription": "The property name to be used for the named entity.", - "title": "PropertyName", - "type": "string" - }, - "PropertyRole": { - "markdownDescription": "The property role. Valid values for this structure are `PRIMARY` and `ID` .", - "title": "PropertyRole", - "type": "string" - }, - "PropertyUsage": { - "markdownDescription": "The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` .", - "title": "PropertyUsage", + "Comment": { + "markdownDescription": "Any comments that you want to include about the hosted zone.", + "title": "Comment", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic.NamedEntityDefinitionMetric": { + "AWS::Route53::HostedZone.HostedZoneTag": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` .", - "title": "Aggregation", + "Key": { + "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", + "title": "Key", "type": "string" }, - "AggregationFunctionParameters": { - "additionalProperties": true, - "markdownDescription": "The additional parameters for an aggregation function.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AggregationFunctionParameters", - "type": "object" + "Value": { + "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Topic.NegativeFormat": { + "AWS::Route53::HostedZone.QueryLoggingConfig": { "additionalProperties": false, "properties": { - "Prefix": { - "markdownDescription": "The prefix for a negative format.", - "title": "Prefix", - "type": "string" - }, - "Suffix": { - "markdownDescription": "The suffix for a negative format.", - "title": "Suffix", + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to.", + "title": "CloudWatchLogsLogGroupArn", "type": "string" } }, + "required": [ + "CloudWatchLogsLogGroupArn" + ], "type": "object" }, - "AWS::QuickSight::Topic.RangeConstant": { + "AWS::Route53::HostedZone.VPC": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum value for a range constant.", - "title": "Maximum", + "VPCId": { + "markdownDescription": "*Private hosted zones only:* The ID of an Amazon VPC.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCId", "type": "string" }, - "Minimum": { - "markdownDescription": "The minimum value for a range constant.", - "title": "Minimum", + "VPCRegion": { + "markdownDescription": "*Private hosted zones only:* The region that an Amazon VPC was created in.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCRegion", "type": "string" } }, + "required": [ + "VPCId", + "VPCRegion" + ], "type": "object" }, - "AWS::QuickSight::Topic.SemanticEntityType": { + "AWS::Route53::KeySigningKey": { "additionalProperties": false, "properties": { - "SubTypeName": { - "markdownDescription": "The semantic entity sub type name.", - "title": "SubTypeName", + "Condition": { "type": "string" }, - "TypeName": { - "markdownDescription": "The semantic entity type name.", - "title": "TypeName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TypeParameters": { - "additionalProperties": true, - "markdownDescription": "The semantic entity type parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneId": { + "markdownDescription": "The unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", + "title": "HostedZoneId", + "type": "string" + }, + "KeyManagementServiceArn": { + "markdownDescription": "The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The `KeyManagementServiceArn` must be unique for each key-signing key (KSK) in a single hosted zone. For example: `arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111` .", + "title": "KeyManagementServiceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "A string used to identify a key-signing key (KSK). `Name` can include numbers, letters, and underscores (_). `Name` must be unique for each key-signing key in the same hosted zone.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "A string that represents the current key-signing key (KSK) status.\n\nStatus can have one of the following values:\n\n- **ACTIVE** - The KSK is being used for signing.\n- **INACTIVE** - The KSK is not being used for signing.\n- **DELETING** - The KSK is in the process of being deleted.\n- **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed.\n- **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.", + "title": "Status", "type": "string" } }, - "title": "TypeParameters", + "required": [ + "HostedZoneId", + "KeyManagementServiceArn", + "Name", + "Status" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::KeySigningKey" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.SemanticType": { + "AWS::Route53::RecordSet": { "additionalProperties": false, "properties": { - "FalseyCellValue": { - "markdownDescription": "The semantic type falsey cell value.", - "title": "FalseyCellValue", - "type": "string" - }, - "FalseyCellValueSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the false cell value.", - "title": "FalseyCellValueSynonyms", - "type": "array" - }, - "SubTypeName": { - "markdownDescription": "The semantic type sub type name.", - "title": "SubTypeName", + "Condition": { "type": "string" }, - "TruthyCellValue": { - "markdownDescription": "The semantic type truthy cell value.", - "title": "TruthyCellValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TruthyCellValueSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the true cell value.", - "title": "TruthyCellValueSynonyms", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TypeName": { - "markdownDescription": "The semantic type name.", - "title": "TypeName", - "type": "string" + "Metadata": { + "type": "object" }, - "TypeParameters": { - "additionalProperties": true, - "markdownDescription": "The semantic type parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "AliasTarget": { + "$ref": "#/definitions/AWS::Route53::RecordSet.AliasTarget", + "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", + "title": "AliasTarget" + }, + "CidrRoutingConfig": { + "$ref": "#/definitions/AWS::Route53::RecordSet.CidrRoutingConfig", + "markdownDescription": "The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.\n\nA `LocationName` with an asterisk \u201c*\u201d can be used to create a default CIDR record. `CollectionId` is still required for default record.", + "title": "CidrRoutingConfig" + }, + "Comment": { + "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", + "title": "Comment", + "type": "string" + }, + "Failover": { + "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", + "title": "Failover", + "type": "string" + }, + "GeoLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSet.GeoLocation", + "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", + "title": "GeoLocation" + }, + "GeoProximityLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSet.GeoProximityLocation", + "markdownDescription": "*GeoproximityLocation resource record sets only:* A complex type that lets you control how Route\u00a053 responds to DNS queries based on the geographic origin of the query and your resources.", + "title": "GeoProximityLocation" + }, + "HealthCheckId": { + "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", + "title": "HealthCheckId", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an AWS::Route53::RecordSet that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "MultiValueAnswer": { + "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", + "title": "MultiValueAnswer", + "type": "boolean" + }, + "Name": { + "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", + "title": "Region", + "type": "string" + }, + "ResourceRecords": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more values that correspond with the value that you specified for the `Type` property. For example, if you specified `A` for `Type` , you specify one or more IP addresses in IPv4 format for `ResourceRecords` . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nNote the following:\n\n- You can specify more than one value for all record types except CNAME and SOA.\n- The maximum length of a value is 4000 characters.\n- If you're creating an alias record, omit `ResourceRecords` .", + "title": "ResourceRecords", + "type": "array" + }, + "SetIdentifier": { + "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", + "title": "SetIdentifier", + "type": "string" + }, + "TTL": { + "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", + "title": "TTL", + "type": "string" + }, + "Type": { + "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "Type", "type": "string" + }, + "Weight": { + "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Weight", + "type": "number" } }, - "title": "TypeParameters", + "required": [ + "Name", + "Type" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::RecordSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicCalculatedField": { + "AWS::Route53::RecordSet.AliasTarget": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", - "title": "Aggregation", - "type": "string" - }, - "AllowedAggregations": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "AllowedAggregations", - "type": "array" - }, - "CalculatedFieldDescription": { - "markdownDescription": "The calculated field description.", - "title": "CalculatedFieldDescription", - "type": "string" - }, - "CalculatedFieldName": { - "markdownDescription": "The calculated field name.", - "title": "CalculatedFieldName", - "type": "string" - }, - "CalculatedFieldSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the calculated field.", - "title": "CalculatedFieldSynonyms", - "type": "array" - }, - "CellValueSynonyms": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" - }, - "markdownDescription": "The other names or aliases for the calculated field cell value.", - "title": "CellValueSynonyms", - "type": "array" - }, - "ColumnDataRole": { - "markdownDescription": "The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` .", - "title": "ColumnDataRole", - "type": "string" - }, - "ComparativeOrder": { - "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", - "markdownDescription": "The order in which data is displayed for the calculated field when it's used in a comparative context.", - "title": "ComparativeOrder" - }, - "DefaultFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", - "markdownDescription": "The default formatting definition.", - "title": "DefaultFormatting" - }, - "Expression": { - "markdownDescription": "The calculated field expression.", - "title": "Expression", + "DNSName": { + "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "DNSName", "type": "string" }, - "IsIncludedInTopic": { - "markdownDescription": "A boolean value that indicates if a calculated field is included in the topic.", - "title": "IsIncludedInTopic", - "type": "boolean" - }, - "NeverAggregateInFilter": { - "markdownDescription": "A Boolean value that indicates whether to never aggregate calculated field in filters.", - "title": "NeverAggregateInFilter", - "type": "boolean" - }, - "NonAdditive": { - "markdownDescription": "The non additive for the table style target.", - "title": "NonAdditive", + "EvaluateTargetHealth": { + "markdownDescription": "*Applies only to alias, failover alias, geolocation alias, latency alias, and weighted alias resource record sets:* When `EvaluateTargetHealth` is `true` , an alias resource record set inherits the health of the referenced AWS resource, such as an ELB load balancer or another resource record set in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", + "title": "EvaluateTargetHealth", "type": "boolean" }, - "NotAllowedAggregations": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "NotAllowedAggregations", - "type": "array" - }, - "SemanticType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", - "markdownDescription": "The semantic type.", - "title": "SemanticType" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "HostedZoneId": { + "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing Endpoints and Quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", + "title": "HostedZoneId", "type": "string" } }, "required": [ - "CalculatedFieldName", - "Expression" + "DNSName", + "HostedZoneId" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicCategoryFilter": { + "AWS::Route53::RecordSet.CidrRoutingConfig": { "additionalProperties": false, "properties": { - "CategoryFilterFunction": { - "markdownDescription": "The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` .", - "title": "CategoryFilterFunction", - "type": "string" - }, - "CategoryFilterType": { - "markdownDescription": "The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter.", - "title": "CategoryFilterType", + "CollectionId": { + "markdownDescription": "The CIDR collection ID.", + "title": "CollectionId", "type": "string" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilterConstant", - "markdownDescription": "The constant used in a category filter.", - "title": "Constant" - }, - "Inverse": { - "markdownDescription": "A Boolean value that indicates if the filter is inverse.", - "title": "Inverse", - "type": "boolean" + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" } }, + "required": [ + "CollectionId", + "LocationName" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicCategoryFilterConstant": { + "AWS::Route53::RecordSet.Coordinates": { "additionalProperties": false, "properties": { - "CollectiveConstant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CollectiveConstant", - "markdownDescription": "A collective constant used in a category filter. This element is used to specify a list of values for the constant.", - "title": "CollectiveConstant" - }, - "ConstantType": { - "markdownDescription": "The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` .", - "title": "ConstantType", + "Latitude": { + "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", + "title": "Latitude", "type": "string" }, - "SingularConstant": { - "markdownDescription": "A singular constant used in a category filter. This element is used to specify a single value for the constant.", - "title": "SingularConstant", + "Longitude": { + "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", + "title": "Longitude", "type": "string" } }, + "required": [ + "Latitude", + "Longitude" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicColumn": { + "AWS::Route53::RecordSet.GeoLocation": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "The type of aggregation that is performed on the column data when it's queried.", - "title": "Aggregation", - "type": "string" - }, - "AllowedAggregations": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "AllowedAggregations", - "type": "array" - }, - "CellValueSynonyms": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" - }, - "markdownDescription": "The other names or aliases for the column cell value.", - "title": "CellValueSynonyms", - "type": "array" - }, - "ColumnDataRole": { - "markdownDescription": "The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` .", - "title": "ColumnDataRole", - "type": "string" - }, - "ColumnDescription": { - "markdownDescription": "A description of the column and its contents.", - "title": "ColumnDescription", - "type": "string" - }, - "ColumnFriendlyName": { - "markdownDescription": "A user-friendly name for the column.", - "title": "ColumnFriendlyName", + "ContinentCode": { + "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", + "title": "ContinentCode", "type": "string" }, - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "CountryCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", + "title": "CountryCode", "type": "string" }, - "ColumnSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the column.", - "title": "ColumnSynonyms", - "type": "array" - }, - "ComparativeOrder": { - "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", - "markdownDescription": "The order in which data is displayed for the column when it's used in a comparative context.", - "title": "ComparativeOrder" - }, - "DefaultFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", - "markdownDescription": "The default formatting used for values in the column.", - "title": "DefaultFormatting" - }, - "IsIncludedInTopic": { - "markdownDescription": "A Boolean value that indicates whether the column is included in the query results.", - "title": "IsIncludedInTopic", - "type": "boolean" - }, - "NeverAggregateInFilter": { - "markdownDescription": "A Boolean value that indicates whether to aggregate the column data when it's used in a filter context.", - "title": "NeverAggregateInFilter", - "type": "boolean" - }, - "NonAdditive": { - "markdownDescription": "The non additive value for the column.", - "title": "NonAdditive", - "type": "boolean" - }, - "NotAllowedAggregations": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "NotAllowedAggregations", - "type": "array" - }, - "SemanticType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", - "markdownDescription": "The semantic type of data contained in the column.", - "title": "SemanticType" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "SubdivisionCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", + "title": "SubdivisionCode", "type": "string" } }, - "required": [ - "ColumnName" - ], "type": "object" }, - "AWS::QuickSight::Topic.TopicDateRangeFilter": { + "AWS::Route53::RecordSet.GeoProximityLocation": { "additionalProperties": false, "properties": { - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", - "markdownDescription": "The constant used in a date range filter.", - "title": "Constant" + "AWSRegion": { + "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", + "title": "AWSRegion", + "type": "string" }, - "Inclusive": { - "markdownDescription": "A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them.", - "title": "Inclusive", - "type": "boolean" + "Bias": { + "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", + "title": "Bias", + "type": "number" + }, + "Coordinates": { + "$ref": "#/definitions/AWS::Route53::RecordSet.Coordinates", + "markdownDescription": "Contains the longitude and latitude for a geographic region.", + "title": "Coordinates" + }, + "LocalZoneGroup": { + "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", + "title": "LocalZoneGroup", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicFilter": { + "AWS::Route53::RecordSetGroup": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilter", - "markdownDescription": "The category filter that is associated with this filter.", - "title": "CategoryFilter" - }, - "DateRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicDateRangeFilter", - "markdownDescription": "The date range filter.", - "title": "DateRangeFilter" - }, - "FilterClass": { - "markdownDescription": "The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` .", - "title": "FilterClass", + "Condition": { "type": "string" }, - "FilterDescription": { - "markdownDescription": "A description of the filter used to select items for a topic.", - "title": "FilterDescription", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FilterName": { - "markdownDescription": "The name of the filter.", - "title": "FilterName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterSynonyms": { - "items": { - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", + "title": "Comment", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "RecordSets": { + "items": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" + }, + "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", + "title": "RecordSets", + "type": "array" + } }, - "markdownDescription": "The other names or aliases for the filter.", - "title": "FilterSynonyms", - "type": "array" + "type": "object" }, - "FilterType": { - "markdownDescription": "The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` .", - "title": "FilterType", + "Type": { + "enum": [ + "AWS::Route53::RecordSetGroup" + ], "type": "string" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericEqualityFilter", - "markdownDescription": "The numeric equality filter.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericRangeFilter", - "markdownDescription": "The numeric range filter.", - "title": "NumericRangeFilter" - }, - "OperandFieldName": { - "markdownDescription": "The name of the field that the filter operates on.", - "title": "OperandFieldName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "RelativeDateFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRelativeDateFilter", - "markdownDescription": "The relative date filter.", - "title": "RelativeDateFilter" } }, "required": [ - "FilterName", - "OperandFieldName" + "Type" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicNamedEntity": { + "AWS::Route53::RecordSetGroup.AliasTarget": { "additionalProperties": false, "properties": { - "Definition": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinition" - }, - "markdownDescription": "The definition of a named entity.", - "title": "Definition", - "type": "array" - }, - "EntityDescription": { - "markdownDescription": "The description of the named entity.", - "title": "EntityDescription", - "type": "string" - }, - "EntityName": { - "markdownDescription": "The name of the named entity.", - "title": "EntityName", + "DNSName": { + "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "DNSName", "type": "string" }, - "EntitySynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the named entity.", - "title": "EntitySynonyms", - "type": "array" + "EvaluateTargetHealth": { + "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", + "title": "EvaluateTargetHealth", + "type": "boolean" }, - "SemanticEntityType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticEntityType", - "markdownDescription": "The type of named entity that a topic represents.", - "title": "SemanticEntityType" + "HostedZoneId": { + "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", + "title": "HostedZoneId", + "type": "string" } }, "required": [ - "EntityName" + "DNSName", + "HostedZoneId" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicNumericEqualityFilter": { + "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", - "title": "Aggregation", + "CollectionId": { + "markdownDescription": "The CIDR collection ID.", + "title": "CollectionId", "type": "string" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", - "markdownDescription": "The constant used in a numeric equality filter.", - "title": "Constant" + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" } }, + "required": [ + "CollectionId", + "LocationName" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicNumericRangeFilter": { + "AWS::Route53::RecordSetGroup.Coordinates": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", - "title": "Aggregation", + "Latitude": { + "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", + "title": "Latitude", "type": "string" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", - "markdownDescription": "The constant used in a numeric range filter.", - "title": "Constant" - }, - "Inclusive": { - "markdownDescription": "A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter.", - "title": "Inclusive", - "type": "boolean" + "Longitude": { + "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", + "title": "Longitude", + "type": "string" } }, + "required": [ + "Latitude", + "Longitude" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicRangeFilterConstant": { + "AWS::Route53::RecordSetGroup.GeoLocation": { "additionalProperties": false, "properties": { - "ConstantType": { - "markdownDescription": "The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` .", - "title": "ConstantType", + "ContinentCode": { + "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", + "title": "ContinentCode", "type": "string" }, - "RangeConstant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.RangeConstant", - "markdownDescription": "The value of the constant that is used to specify the endpoints of a range filter.", - "title": "RangeConstant" + "CountryCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", + "title": "CountryCode", + "type": "string" + }, + "SubdivisionCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", + "title": "SubdivisionCode", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicRelativeDateFilter": { + "AWS::Route53::RecordSetGroup.GeoProximityLocation": { "additionalProperties": false, "properties": { - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", - "markdownDescription": "The constant used in a relative date filter.", - "title": "Constant" - }, - "RelativeDateFilterFunction": { - "markdownDescription": "The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` .", - "title": "RelativeDateFilterFunction", + "AWSRegion": { + "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", + "title": "AWSRegion", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Bias": { + "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", + "title": "Bias", + "type": "number" + }, + "Coordinates": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", + "markdownDescription": "Contains the longitude and latitude for a geographic region.", + "title": "Coordinates" + }, + "LocalZoneGroup": { + "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", + "title": "LocalZoneGroup", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicSingularFilterConstant": { + "AWS::Route53::RecordSetGroup.RecordSet": { "additionalProperties": false, "properties": { - "ConstantType": { - "markdownDescription": "The type of the singular filter constant. Valid values for this structure are `SINGULAR` .", - "title": "ConstantType", + "AliasTarget": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", + "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", + "title": "AliasTarget" + }, + "CidrRoutingConfig": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", + "markdownDescription": "", + "title": "CidrRoutingConfig" + }, + "Failover": { + "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", + "title": "Failover", "type": "string" }, - "SingularConstant": { - "markdownDescription": "The value of the singular filter constant.", - "title": "SingularConstant", + "GeoLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", + "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", + "title": "GeoLocation" + }, + "GeoProximityLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", + "markdownDescription": "A complex type that contains information about a geographic location.", + "title": "GeoProximityLocation" + }, + "HealthCheckId": { + "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", + "title": "HealthCheckId", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "MultiValueAnswer": { + "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", + "title": "MultiValueAnswer", + "type": "boolean" + }, + "Name": { + "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", + "title": "Region", + "type": "string" + }, + "ResourceRecords": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", + "title": "ResourceRecords", + "type": "array" + }, + "SetIdentifier": { + "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", + "title": "SetIdentifier", "type": "string" + }, + "TTL": { + "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", + "title": "TTL", + "type": "string" + }, + "Type": { + "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "Type", + "type": "string" + }, + "Weight": { + "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Weight", + "type": "number" } }, + "required": [ + "Name", + "Type" + ], "type": "object" }, - "AWS::QuickSight::VPCConnection": { + "AWS::Route53Profiles::Profile": { "additionalProperties": false, "properties": { "Condition": { @@ -223785,69 +275587,120 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availability status of the VPC connection.", - "title": "AvailabilityStatus", + "Name": { + "markdownDescription": "Name of the Profile.", + "title": "Name", "type": "string" }, - "AwsAccountId": { - "markdownDescription": "The AWS account ID of the account where you want to create a new VPC connection.", - "title": "AwsAccountId", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of the tag keys and values that you want to associate with the profile.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Profiles::Profile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53Profiles::ProfileAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "DnsResolvers": { + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "A list of IP addresses of DNS resolver endpoints for the VPC connection.", - "title": "DnsResolvers", "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the profile association to a VPC.", + "title": "Arn", + "type": "string" }, "Name": { - "markdownDescription": "The display name for the VPC connection.", + "markdownDescription": "Name of the Profile association.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role associated with the VPC connection.", - "title": "RoleArn", + "ProfileId": { + "markdownDescription": "ID of the Profile.\n\nUpdate to this property requires update to the `ResourceId` property as well, because you can only associate one Profile per VPC. For more information, see [Route 53 Profiles](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html) .", + "title": "ProfileId", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 security group IDs associated with the VPC connection.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs for the VPC connection.", - "title": "SubnetIds", - "type": "array" + "ResourceId": { + "markdownDescription": "The ID of the VPC.", + "title": "ResourceId", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "VPCConnectionId": { - "markdownDescription": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account.", - "title": "VPCConnectionId", - "type": "string" } }, + "required": [ + "Name", + "ProfileId", + "ResourceId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::VPCConnection" + "AWS::Route53Profiles::ProfileAssociation" ], "type": "string" }, @@ -223861,42 +275714,96 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::VPCConnection.NetworkInterface": { + "AWS::Route53Profiles::ProfileResourceAssociation": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The availability zone that the network interface resides in.", - "title": "AvailabilityZone", + "Condition": { "type": "string" }, - "ErrorMessage": { - "markdownDescription": "An error message.", - "title": "ErrorMessage", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface ID.", - "title": "NetworkInterfaceId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Status": { - "markdownDescription": "The status of the network interface.", - "title": "Status", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the Profile resource association.", + "title": "Name", + "type": "string" + }, + "ProfileId": { + "markdownDescription": "Profile ID of the Profile that the resources are associated with.", + "title": "ProfileId", + "type": "string" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource association.", + "title": "ResourceArn", + "type": "string" + }, + "ResourceProperties": { + "markdownDescription": "If the DNS resource is a DNS Firewall rule group, this indicates the priority.", + "title": "ResourceProperties", + "type": "string" + } + }, + "required": [ + "Name", + "ProfileId", + "ResourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Profiles::ProfileResourceAssociation" + ], "type": "string" }, - "SubnetId": { - "markdownDescription": "The subnet ID associated with the network interface.", - "title": "SubnetId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::RAM::Permission": { + "AWS::Route53RecoveryControl::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -223932,39 +275839,32 @@ "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "Specifies the name of the customer managed permission. The name must be unique within the AWS Region .", + "markdownDescription": "Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon).", "title": "Name", "type": "string" }, - "PolicyTemplate": { - "markdownDescription": "A string in JSON format string that contains the following elements of a resource-based policy:\n\n- *Effect* : must be set to `ALLOW` .\n- *Action* : specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *AWS Identity and Access Management User Guide* .\n- *Condition* : (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) in the *AWS Identity and Access Management User Guide* .\n\nThis template can't include either the `Resource` or `Principal` elements. Those are both filled in by AWS RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.", - "title": "PolicyTemplate", - "type": "object" - }, - "ResourceType": { - "markdownDescription": "Specifies the name of the resource type that this customer managed permission applies to.\n\nThe format is `** : **` and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string `ec2:subnet` . To see the list of valid values for this parameter, query the [ListResourceTypes](https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html) operation.", - "title": "ResourceType", + "NetworkType": { + "markdownDescription": "The network-type can either be IPV4 or DUALSTACK.", + "title": "NetworkType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies a list of one or more tag key and value pairs to attach to the permission.", + "markdownDescription": "The tags associated with the cluster.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "PolicyTemplate", - "ResourceType" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::RAM::Permission" + "AWS::Route53RecoveryControl::Cluster" ], "type": "string" }, @@ -223983,7 +275883,23 @@ ], "type": "object" }, - "AWS::RAM::ResourceShare": { + "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { + "additionalProperties": false, + "properties": { + "Endpoint": { + "markdownDescription": "A cluster endpoint URL for one of the five redundant clusters that you specify to set or retrieve a routing control state.", + "title": "Endpoint", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region for a cluster endpoint.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryControl::ControlPanel": { "additionalProperties": false, "properties": { "Condition": { @@ -224018,65 +275934,207 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowExternalPrincipals": { - "markdownDescription": "Specifies whether principals outside your organization in AWS Organizations can be associated with a resource share. A value of `true` lets you share with individual AWS accounts that are *not* in your organization. A value of `false` only has meaning if your account is a member of an AWS Organization. The default value is `true` .", - "title": "AllowExternalPrincipals", - "type": "boolean" + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster for the control panel.", + "title": "ClusterArn", + "type": "string" }, "Name": { - "markdownDescription": "Specifies the name of the resource share.", + "markdownDescription": "The name of the control panel. You can use any non-white space character in the name.", "title": "Name", "type": "string" }, - "PermissionArns": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", - "title": "PermissionArns", + "markdownDescription": "The tags associated with the control panel.", + "title": "Tags", "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryControl::ControlPanel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::RoutingControl": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" }, - "Principals": { + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", - "title": "Principals", "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster that hosts the routing control.", + "title": "ClusterArn", + "type": "string" }, - "ResourceArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", - "title": "ResourceArns", - "type": "array" + "ControlPanelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control panel that includes the routing control.", + "title": "ControlPanelArn", + "type": "string" }, - "Sources": { + "Name": { + "markdownDescription": "The name of the routing control. You can use any non-white space character in the name.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryControl::RoutingControl" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::SafetyRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "", - "title": "Sources", "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssertionRule": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.AssertionRule", + "markdownDescription": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.", + "title": "AssertionRule" + }, + "ControlPanelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control panel.", + "title": "ControlPanelArn", + "type": "string" + }, + "GatingRule": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.GatingRule", + "markdownDescription": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.", + "title": "GatingRule" + }, + "Name": { + "markdownDescription": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon)", + "title": "Name", + "type": "string" + }, + "RuleConfig": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.RuleConfig", + "markdownDescription": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them.", + "title": "RuleConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.", + "markdownDescription": "The tags associated with the safety rule.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "ControlPanelArn", + "Name", + "RuleConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::RAM::ResourceShare" + "AWS::Route53RecoveryControl::SafetyRule" ], "type": "string" }, @@ -224090,12 +276148,93 @@ } }, "required": [ - "Type", - "Properties" + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::SafetyRule.AssertionRule": { + "additionalProperties": false, + "properties": { + "AssertedControls": { + "items": { + "type": "string" + }, + "markdownDescription": "The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions.", + "title": "AssertedControls", + "type": "array" + }, + "WaitPeriodMs": { + "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", + "title": "WaitPeriodMs", + "type": "number" + } + }, + "required": [ + "AssertedControls", + "WaitPeriodMs" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::SafetyRule.GatingRule": { + "additionalProperties": false, + "properties": { + "GatingControls": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of gating routing control Amazon Resource Names (ARNs). For a simple on-off switch, specify the ARN for one routing control. The gating routing controls are evaluated by the rule configuration that you specify to determine if the target routing control states can be changed.", + "title": "GatingControls", + "type": "array" + }, + "TargetControls": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of target routing control Amazon Resource Names (ARNs) for which the states can only be updated if the rule configuration that you specify evaluates to true for the gating routing control. As a simple example, if you have a single gating control, it acts as an overall on-off switch for a set of target routing controls. You can use this to manually override automated failover, for example.", + "title": "TargetControls", + "type": "array" + }, + "WaitPeriodMs": { + "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", + "title": "WaitPeriodMs", + "type": "number" + } + }, + "required": [ + "GatingControls", + "TargetControls", + "WaitPeriodMs" + ], + "type": "object" + }, + "AWS::Route53RecoveryControl::SafetyRule.RuleConfig": { + "additionalProperties": false, + "properties": { + "Inverted": { + "markdownDescription": "Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa.", + "title": "Inverted", + "type": "boolean" + }, + "Threshold": { + "markdownDescription": "The value of N, when you specify an `ATLEAST` rule type. That is, `Threshold` is the number of controls that must be set when you specify an `ATLEAST` type.", + "title": "Threshold", + "type": "number" + }, + "Type": { + "markdownDescription": "A rule can be one of the following: `ATLEAST` , `AND` , or `OR` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Inverted", + "Threshold", + "Type" ], "type": "object" }, - "AWS::RDS::CustomDBEngineVersion": { + "AWS::Route53RecoveryReadiness::Cell": { "additionalProperties": false, "properties": { "Condition": { @@ -224130,79 +276269,33 @@ "Properties": { "additionalProperties": false, "properties": { - "DatabaseInstallationFilesS3BucketName": { - "markdownDescription": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files` .", - "title": "DatabaseInstallationFilesS3BucketName", - "type": "string" - }, - "DatabaseInstallationFilesS3Prefix": { - "markdownDescription": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1` . If this setting isn't specified, no prefix is assumed.", - "title": "DatabaseInstallationFilesS3Prefix", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description of your CEV.", - "title": "Description", - "type": "string" - }, - "Engine": { - "markdownDescription": "The database engine to use for your custom engine version (CEV).\n\nValid values:\n\n- `custom-oracle-ee`\n- `custom-oracle-ee-cdb`", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The name of your CEV. The name format is `major version.customized_string` . For example, a valid CEV name is `19.my_cev1` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of `Engine` and `EngineVersion` is unique per customer per Region.\n\n*Constraints:* Minimum length is 1. Maximum length is 60.\n\n*Pattern:* `^[a-z0-9_.-]{1,60$` }", - "title": "EngineVersion", - "type": "string" - }, - "ImageId": { - "markdownDescription": "A value that indicates the ID of the AMI.", - "title": "ImageId", - "type": "string" - }, - "KMSKeyId": { - "markdownDescription": "The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS.\n\nIf you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in [Creating a symmetric encryption KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk) in the *AWS Key Management Service Developer Guide* .\n\nYou can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.", - "title": "KMSKeyId", - "type": "string" - }, - "Manifest": { - "markdownDescription": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.\n\nThe following JSON fields are valid:\n\n- **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format `YYYY-MM-DD` .\n- **databaseInstallationFileNames** - Ordered list of installation files for the CEV.\n- **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine.\n- **psuRuPatchFileNames** - The PSU and RU patches for this CEV.\n- **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches.\n\nFor more information, see [Creating the CEV manifest](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest) in the *Amazon RDS User Guide* .", - "title": "Manifest", - "type": "string" - }, - "SourceCustomDbEngineVersionIdentifier": { - "markdownDescription": "The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either `Source` or `UseAwsProvidedLatestImage` . You can't specify a different JSON manifest when you specify `SourceCustomDbEngineVersionIdentifier` .", - "title": "SourceCustomDbEngineVersionIdentifier", + "CellName": { + "markdownDescription": "The name of the cell to create.", + "title": "CellName", "type": "string" }, - "Status": { - "markdownDescription": "A value that indicates the status of a custom engine version (CEV).", - "title": "Status", - "type": "string" + "Cells": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific AWS Regions .", + "title": "Cells", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*", + "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", "type": "array" - }, - "UseAwsProvidedLatestImage": { - "markdownDescription": "Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify `UseAwsProvidedLatestImage` , you can't also specify `ImageId` .", - "title": "UseAwsProvidedLatestImage", - "type": "boolean" } }, - "required": [ - "Engine", - "EngineVersion" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::CustomDBEngineVersion" + "AWS::Route53RecoveryReadiness::Cell" ], "type": "string" }, @@ -224216,12 +276309,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::DBCluster": { + "AWS::Route53RecoveryReadiness::ReadinessCheck": { "additionalProperties": false, "properties": { "Condition": { @@ -224256,297 +276348,30 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nThis setting is required to create a Multi-AZ DB cluster.", - "title": "AllocatedStorage", - "type": "number" - }, - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBCluster.DBClusterRole" - }, - "markdownDescription": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "AssociatedRoles", - "type": "array" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB cluster.\n\nFor more information about automatic minor version upgrades, see [Automatically upgrading the minor engine version](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html#USER_UpgradeDBInstance.Upgrading.AutoMinorVersionUpgrades) .", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "AvailabilityZones", - "type": "array" - }, - "BacktrackWindow": { - "markdownDescription": "The target backtrack window, in seconds. To disable backtracking, set this value to `0` .\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: `0`\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).", - "title": "BacktrackWindow", - "type": "number" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterInstanceClass": { - "markdownDescription": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", - "title": "DBClusterInstanceClass", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the DB cluster parameter group to associate with this DB cluster.\n\n> If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n> \n> If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. \n\nTo list all of the available DB cluster parameter group names, use the following command:\n\n`aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBInstanceParameterGroupName": { - "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster.\n\n> When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. \n\nValid for Cluster Type: Aurora DB clusters only\n\nDefault: The existing name setting\n\nConstraints:\n\n- The DB parameter group must be in the same DB parameter group family as this DB cluster.\n- The `DBInstanceParameterGroupName` parameter is valid in combination with the `AllowMajorVersionUpgrade` parameter for a major version upgrade only.", - "title": "DBInstanceParameterGroupName", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group that you want to associate with this DB cluster.\n\nIf you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DBSystemId": { - "markdownDescription": "Reserved for future use.", - "title": "DBSystemId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DatabaseName", - "type": "string" - }, - "DeletionProtection": { - "markdownDescription": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DeletionProtection", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "Domain", - "type": "string" - }, - "DomainIAMRoleName": { - "markdownDescription": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", - "title": "DomainIAMRoleName", - "type": "string" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .\n\n*Aurora MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Aurora PostgreSQL*\n\nValid values: `postgresql`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EnableGlobalWriteForwarding": { - "markdownDescription": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EnableGlobalWriteForwarding", - "type": "boolean" - }, - "EnableHttpEndpoint": { - "markdownDescription": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n\nFor more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EnableHttpEndpoint", - "type": "boolean" - }, - "EnableIAMDatabaseAuthentication": { - "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nFor more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", - "title": "EnableIAMDatabaseAuthentication", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "Engine", - "type": "string" - }, - "EngineMode": { - "markdownDescription": "The DB engine mode of the DB cluster, either `provisioned` or `serverless` .\n\nThe `serverless` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the `provisioned` engine mode.\n\nFor information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* :\n\n- [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n- [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EngineMode", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nYou can supply either `5.7` or `8.0` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for MySQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`\n\n*Aurora MySQL*\n\nFor information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide* .\n\n*Aurora PostgreSQL*\n\nFor information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide* .\n\n*MySQL*\n\nFor information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide* .\n\n*PostgreSQL*\n\nFor information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "EngineVersion", - "type": "string" - }, - "GlobalClusterIdentifier": { - "markdownDescription": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.\n\nIf you aren't configuring a global database cluster, don't specify this property.\n\n> To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property. \n\nFor information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "GlobalClusterIdentifier", - "type": "string" - }, - "Iops": { - "markdownDescription": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nConstraints:\n\n- Must be a multiple between .5 and 50 of the storage amount for the DB cluster.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .\n\nIf you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set `KmsKeyId` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "KmsKeyId", - "type": "string" - }, - "ManageMasterUserPassword": { - "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", - "title": "ManageMasterUserPassword", - "type": "boolean" - }, - "MasterUserPassword": { - "markdownDescription": "The master password for the DB instance.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUserSecret": { - "$ref": "#/definitions/AWS::RDS::DBCluster.MasterUserSecret", - "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\n> When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the `SecretArn` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret. \n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*", - "title": "MasterUserSecret" - }, - "MasterUsername": { - "markdownDescription": "The name of the master user for the DB cluster.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MasterUsername", - "type": "string" - }, - "MonitoringInterval": { - "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than `0` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", - "title": "MonitoringInterval", - "type": "number" - }, - "MonitoringRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , supply a `MonitoringRoleArn` value.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MonitoringRoleArn", - "type": "string" - }, - "NetworkType": { - "markdownDescription": "The network type of the DB cluster.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", - "title": "NetworkType", - "type": "string" - }, - "PerformanceInsightsEnabled": { - "markdownDescription": "Specifies whether to turn on Performance Insights for the DB cluster.\n\nFor more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PerformanceInsightsEnabled", - "type": "boolean" - }, - "PerformanceInsightsKmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PerformanceInsightsKmsKeyId", - "type": "string" - }, - "PerformanceInsightsRetentionPeriod": { - "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB cluster without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS issues an error.", - "title": "PerformanceInsightsRetentionPeriod", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nDefault:\n\n- When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)\n- When `EngineMode` is `serverless` :\n\n- `3306` when `Engine` is `aurora` or `aurora-mysql`\n- `5432` when `Engine` is `aurora-postgresql`\n\n> The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "Port", - "type": "number" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "Specifies whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible and you connect from outside of the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) endpoint resolves to the public IP address. When you connect from within the same VPC as the DB cluster, the endpoint resolves to the private IP address. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicationSourceIdentifier": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n\nValid for: Aurora DB clusters only", - "title": "ReplicationSourceIdentifier", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "The date and time to restore the DB cluster to.\n\nValid Values: Value must be a time in Universal Coordinated Time (UTC) format\n\nConstraints:\n\n- Must be before the latest restorable time for the DB instance\n- Must be specified if `UseLatestRestorableTime` parameter isn't provided\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled\n- Can't be specified if the `RestoreType` parameter is `copy-on-write`\n\nThis property must be used with `SourceDBClusterIdentifier` property. The resulting cluster will have the identifier that matches the value of the `DBclusterIdentifier` property.\n\nExample: `2015-03-07T23:45:00Z`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "RestoreType", - "type": "string" - }, - "ScalingConfiguration": { - "$ref": "#/definitions/AWS::RDS::DBCluster.ScalingConfiguration", - "markdownDescription": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", - "title": "ScalingConfiguration" - }, - "ServerlessV2ScalingConfiguration": { - "$ref": "#/definitions/AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration", - "markdownDescription": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", - "title": "ServerlessV2ScalingConfiguration" - }, - "SnapshotIdentifier": { - "markdownDescription": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "SnapshotIdentifier", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "SourceRegion": { - "markdownDescription": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", - "title": "SourceRegion", + "ReadinessCheckName": { + "markdownDescription": "The name of the readiness check to create.", + "title": "ReadinessCheckName", "type": "string" }, - "StorageEncrypted": { - "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", - "title": "StorageType", + "ResourceSetName": { + "markdownDescription": "The name of the resource set to check.", + "title": "ResourceSetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with this DB cluster.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBCluster" + "AWS::Route53RecoveryReadiness::ReadinessCheck" ], "type": "string" }, @@ -224564,121 +276389,7 @@ ], "type": "object" }, - "AWS::RDS::DBCluster.DBClusterRole": { - "additionalProperties": false, - "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", - "title": "FeatureName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "AWS::RDS::DBCluster.Endpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "Specifies the connection endpoint for the primary instance of the DB cluster.", - "title": "Address", - "type": "string" - }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBCluster.MasterUserSecret": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", - "title": "KmsKeyId", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values) .", - "title": "SecretArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBCluster.ReadEndpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The host address of the reader endpoint.", - "title": "Address", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBCluster.ScalingConfiguration": { - "additionalProperties": false, - "properties": { - "AutoPause": { - "markdownDescription": "Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in `serverless` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).\n\n> If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.", - "title": "AutoPause", - "type": "boolean" - }, - "MaxCapacity": { - "markdownDescription": "The maximum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe maximum capacity must be greater than or equal to the minimum capacity.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The minimum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe minimum capacity must be less than or equal to the maximum capacity.", - "title": "MinCapacity", - "type": "number" - }, - "SecondsBeforeTimeout": { - "markdownDescription": "The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300.\n\nSpecify a value between 60 and 600 seconds.", - "title": "SecondsBeforeTimeout", - "type": "number" - }, - "SecondsUntilAutoPause": { - "markdownDescription": "The time, in seconds, before an Aurora DB cluster in `serverless` mode is paused.\n\nSpecify a value between 300 and 86,400 seconds.", - "title": "SecondsUntilAutoPause", - "type": "number" - }, - "TimeoutAction": { - "markdownDescription": "The action to take when the timeout is reached, either `ForceApplyCapacityChange` or `RollbackCapacityChange` .\n\n`ForceApplyCapacityChange` sets the capacity to the specified value as soon as possible.\n\n`RollbackCapacityChange` , the default, ignores the capacity change if a scaling point isn't found in the timeout period.\n\n> If you specify `ForceApplyCapacityChange` , connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. \n\nFor more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide* .", - "title": "TimeoutAction", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.\n\nThe maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide* .\n\nAurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the `ParameterApplyStatus` value for the DB instance changes to `pending-reboot` . You can update the parameter values by rebooting the DB instance after changing the capacity range.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5.", - "title": "MinCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::RDS::DBClusterParameterGroup": { + "AWS::Route53RecoveryReadiness::RecoveryGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -224713,45 +276424,33 @@ "Properties": { "additionalProperties": false, "properties": { - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing DB cluster parameter group.\n\n> This value is stored as a lowercase string.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description for the DB cluster parameter group.", - "title": "Description", - "type": "string" + "Cells": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the cell Amazon Resource Names (ARNs) in the recovery group.", + "title": "Cells", + "type": "array" }, - "Family": { - "markdownDescription": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n\n*Aurora MySQL*\n\nExample: `aurora-mysql5.7` , `aurora-mysql8.0`\n\n*Aurora PostgreSQL*\n\nExample: `aurora-postgresql14`\n\n*RDS for MySQL*\n\nExample: `mysql8.0`\n\n*RDS for PostgreSQL*\n\nExample: `postgres13`\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`", - "title": "Family", + "RecoveryGroupName": { + "markdownDescription": "The name of the recovery group to create.", + "title": "RecoveryGroupName", "type": "string" }, - "Parameters": { - "markdownDescription": "Provides a list of parameters for the DB cluster parameter group.", - "title": "Parameters", - "type": "object" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the DB cluster parameter group.", + "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", "type": "array" } }, - "required": [ - "Description", - "Family", - "Parameters" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBClusterParameterGroup" + "AWS::Route53RecoveryReadiness::RecoveryGroup" ], "type": "string" }, @@ -224765,12 +276464,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::DBInstance": { + "AWS::Route53RecoveryReadiness::ResourceSet": { "additionalProperties": false, "properties": { "Condition": { @@ -224805,404 +276503,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n\n> If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments). \n\n*Amazon Aurora*\n\nNot applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n\n*Db2*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n\n*MySQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*MariaDB*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*PostgreSQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*Oracle*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 10 to 3072.\n\n*SQL Server*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Provisioned IOPS storage (io1):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Magnetic storage (standard):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 1024.\n- Web and Express editions: Must be an integer from 20 to 1024.", - "title": "AllocatedStorage", - "type": "string" - }, - "AllowMajorVersionUpgrade": { - "markdownDescription": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n\nConstraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBInstance.DBInstanceRole" - }, - "markdownDescription": "The AWS Identity and Access Management (IAM) roles associated with the DB instance.\n\n*Amazon Aurora*\n\nNot applicable. The associated roles are managed by the DB cluster.", - "title": "AssociatedRoles", - "type": "array" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AutomaticBackupReplicationKmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region , for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE` .", - "title": "AutomaticBackupReplicationKmsKeyId", - "type": "string" - }, - "AutomaticBackupReplicationRegion": { - "markdownDescription": "The AWS Region associated with the automated backup.", - "title": "AutomaticBackupReplicationRegion", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", - "title": "AvailabilityZone", - "type": "string" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CACertificateIdentifier": { - "markdownDescription": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", - "title": "CACertificateIdentifier", - "type": "string" - }, - "CertificateDetails": { - "$ref": "#/definitions/AWS::RDS::DBInstance.CertificateDetails" - }, - "CertificateRotationRestart": { - "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "CertificateRotationRestart", - "type": "boolean" - }, - "CharacterSetName": { - "markdownDescription": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", - "title": "CharacterSetName", - "type": "string" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "CustomIAMInstanceProfile": { - "markdownDescription": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n\nThis setting is required for RDS Custom.\n\nConstraints:\n\n- The profile must exist in your account.\n- The profile must have an IAM role that Amazon EC2 has permissions to assume.\n- The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .\n\nFor the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .", - "title": "CustomIAMInstanceProfile", - "type": "string" - }, - "DBClusterIdentifier": { - "markdownDescription": "The identifier of the DB cluster that this DB instance will belong to.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterSnapshotIdentifier": { - "markdownDescription": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n\nFor more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n- Can't be specified when `DBSnapshotIdentifier` is specified.\n- Must be specified when `DBSnapshotIdentifier` isn't specified.\n- If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.\n- Can't be the identifier of an Aurora DB cluster snapshot.", - "title": "DBClusterSnapshotIdentifier", - "type": "string" - }, - "DBInstanceClass": { - "markdownDescription": "The compute and memory capacity of the DB instance, for example `db.m5.large` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide* .", - "title": "DBInstanceClass", - "type": "string" - }, - "DBInstanceIdentifier": { - "markdownDescription": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DBInstanceIdentifier", - "type": "string" - }, - "DBName": { - "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n> If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle. \n\n*Amazon Aurora*\n\nNot applicable. The database name is managed by the DB cluster.\n\n*Db2*\n\nThe name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Can't be a word reserved by the specified database engine.\n\n*MySQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*MariaDB*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*PostgreSQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.\n\nConstraints:\n\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Must contain 1 to 63 characters.\n- Can't be a word reserved by the specified database engine\n\n*Oracle*\n\nThe Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .\n\nDefault: `ORCL`\n\nConstraints:\n\n- Can't be longer than 8 characters\n\n*SQL Server*\n\nNot applicable. Must be null.", - "title": "DBName", - "type": "string" - }, - "DBParameterGroupName": { - "markdownDescription": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n\nTo list all of the available DB parameter group names, use the following command:\n\n`aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`\n\n> If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot. \n\nIf you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.", - "title": "DBParameterGroupName", - "type": "string" - }, - "DBSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n\nIf you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n\n> If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n> \n> - `AllocatedStorage`\n> - `AutoMinorVersionUpgrade`\n> - `AvailabilityZone`\n> - `BackupRetentionPeriod`\n> - `CharacterSetName`\n> - `DBInstanceClass`\n> - `DBName`\n> - `DBParameterGroupName`\n> - `DBSecurityGroups`\n> - `DBSubnetGroupName`\n> - `Engine`\n> - `EngineVersion`\n> - `Iops`\n> - `LicenseModel`\n> - `MasterUsername`\n> - `MasterUserPassword`\n> - `MultiAZ`\n> - `OptionGroupName`\n> - `PreferredBackupWindow`\n> - `PreferredMaintenanceWindow`\n> \n> All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.", - "title": "DBSecurityGroups", - "type": "array" - }, - "DBSnapshotIdentifier": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n\nBy specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n\nSome DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties, and the point-in-time recovery properties `RestoreTime` and `UseLatestRestorableTime` . For information about the properties that you can specify, see the [`RestoreDBInstanceFromDBSnapshot`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html) action in the *Amazon RDS API Reference* .\n\nAfter you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.\n\nIf you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n\n- `CharacterSetName`\n- `DBClusterIdentifier`\n- `DBName`\n- `KmsKeyId`\n- `MasterUsername`\n- `MasterUserPassword`\n- `PromotionTier`\n- `SourceDBInstanceIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an unencrypted snapshot)\n- `Timezone`\n\n*Amazon Aurora*\n\nNot applicable. Snapshot restore is managed by the DB cluster.", - "title": "DBSnapshotIdentifier", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC.\n\nIf you don't specify a DB subnet group, RDS uses the default DB subnet group if one exists. If a default DB subnet group does not exist, and you don't specify a `DBSubnetGroupName` , the DB instance fails to launch.\n\nFor more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DedicatedLogVolume": { - "markdownDescription": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled.", - "title": "DedicatedLogVolume", - "type": "boolean" - }, - "DeleteAutomatedBackups": { - "markdownDescription": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n\n*Amazon Aurora*\n\nNot applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.", - "title": "DeleteAutomatedBackups", - "type": "boolean" - }, - "DeletionProtection": { - "markdownDescription": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .\n\nThis setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", - "title": "DeletionProtection", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n\nFor more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .", - "title": "Domain", - "type": "string" - }, - "DomainAuthSecretArn": { - "markdownDescription": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n\nExample: `arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456`", - "title": "DomainAuthSecretArn", - "type": "string" - }, - "DomainDnsIps": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n\nConstraints:\n\n- Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n\nExample: `123.124.125.126,234.235.236.237`", - "title": "DomainDnsIps", - "type": "array" - }, - "DomainFqdn": { - "markdownDescription": "The fully qualified domain name (FQDN) of an Active Directory domain.\n\nConstraints:\n\n- Can't be longer than 64 characters.\n\nExample: `mymanagedADtest.mymanagedAD.mydomain`", - "title": "DomainFqdn", - "type": "string" - }, - "DomainIAMRoleName": { - "markdownDescription": "The name of the IAM role to use when making API calls to the Directory Service.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (The domain is managed by the DB cluster.)\n- RDS Custom", - "title": "DomainIAMRoleName", - "type": "string" - }, - "DomainOu": { - "markdownDescription": "The Active Directory organizational unit for your DB instance to join.\n\nConstraints:\n\n- Must be in the distinguished name format.\n- Can't be longer than 64 characters.\n\nExample: `OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain`", - "title": "DomainOu", - "type": "string" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. CloudWatch Logs exports are managed by the DB cluster.\n\n*Db2*\n\nValid values: `diag.log` , `notify.log`\n\n*MariaDB*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Microsoft SQL Server*\n\nValid values: `agent` , `error`\n\n*MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Oracle*\n\nValid values: `alert` , `audit` , `listener` , `trace` , `oemagent`\n\n*PostgreSQL*\n\nValid values: `postgresql` , `upgrade`", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EnableIAMDatabaseAuthentication": { - "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nThis property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*\n\n*Amazon Aurora*\n\nNot applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.", - "title": "EnableIAMDatabaseAuthentication", - "type": "boolean" - }, - "EnablePerformanceInsights": { - "markdownDescription": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "EnablePerformanceInsights", - "type": "boolean" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::RDS::DBInstance.Endpoint" - }, - "Engine": { - "markdownDescription": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n\nThis property is required when creating a DB instance.\n\n> You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the `Engine` value in your templates from `oracle-ee` to `oracle-ee-cdb` or from `oracle-se2` to `oracle-se2-cdb` . Converting to the CDB architecture requires an interruption. \n\nValid Values:\n\n- `aurora-mysql` (for Aurora MySQL DB instances)\n- `aurora-postgresql` (for Aurora PostgreSQL DB instances)\n- `custom-oracle-ee` (for RDS Custom for Oracle DB instances)\n- `custom-oracle-ee-cdb` (for RDS Custom for Oracle DB instances)\n- `custom-sqlserver-ee` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-se` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-web` (for RDS Custom for SQL Server DB instances)\n- `db2-ae`\n- `db2-se`\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use.\n\nFor a list of valid engine versions, use the `DescribeDBEngineVersions` action.\n\nThe following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n\n*Amazon Aurora*\n\nNot applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n\n*Db2*\n\nSee [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*MariaDB*\n\nSee [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Microsoft SQL Server*\n\nSee [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*\n\n*MySQL*\n\nSee [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Oracle*\n\nSee [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*\n\n*PostgreSQL*\n\nSee [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*", - "title": "EngineVersion", - "type": "string" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000.\n\nIf you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\n> If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property. \n\nConstraints:\n\n- For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n- For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n\nIf you specify the `DBSnapshotIdentifier` property, don't specify this property. The `StorageEncrypted` property value is inherited from the snapshot. If the DB instance is encrypted, the specified `KmsKeyId` property is also inherited from the snapshot.\n\nIf you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The KMS key identifier is managed by the DB cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LicenseModel": { - "markdownDescription": "License model information for this DB instance.\n\nValid Values:\n\n- Aurora MySQL - `general-public-license`\n- Aurora PostgreSQL - `postgresql-license`\n- RDS for Db2 - `bring-your-own-license` . For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.*\n- RDS for MariaDB - `general-public-license`\n- RDS for Microsoft SQL Server - `license-included`\n- RDS for MySQL - `general-public-license`\n- RDS for Oracle - `bring-your-own-license` or `license-included`\n- RDS for PostgreSQL - `postgresql-license`\n\n> If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.", - "title": "LicenseModel", - "type": "string" - }, - "ManageMasterUserPassword": { - "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", - "title": "ManageMasterUserPassword", - "type": "boolean" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n\n*Amazon Aurora*\n\nNot applicable. The password for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nMust contain from 8 to 255 characters.\n\n*RDS for MariaDB*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Microsoft SQL Server*\n\nConstraints: Must contain from 8 to 128 characters.\n\n*RDS for MySQL*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Oracle*\n\nConstraints: Must contain from 8 to 30 characters.\n\n*RDS for PostgreSQL*\n\nConstraints: Must contain from 8 to 128 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUserSecret": { - "$ref": "#/definitions/AWS::RDS::DBInstance.MasterUserSecret", - "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*", - "title": "MasterUserSecret" - }, - "MasterUsername": { - "markdownDescription": "The master user name for the DB instance.\n\n> If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n> \n> When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. \n\n*Amazon Aurora*\n\nNot applicable. The name for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MariaDB*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Microsoft SQL Server*\n\nConstraints:\n\n- Must be 1 to 128 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MySQL*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Oracle*\n\nConstraints:\n\n- Must be 1 to 30 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for PostgreSQL*\n\nConstraints:\n\n- Must be 1 to 63 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.", - "title": "MasterUsername", - "type": "string" - }, - "MaxAllocatedStorage": { - "markdownDescription": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (Storage is managed by the DB cluster.)\n- RDS Custom", - "title": "MaxAllocatedStorage", - "type": "number" - }, - "MonitoringInterval": { - "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than `0` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", - "title": "MonitoringInterval", - "type": "number" - }, - "MonitoringRoleArn": { - "markdownDescription": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , then you must supply a `MonitoringRoleArn` value.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "MonitoringRoleArn", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to Amazon Aurora because the DB instance Availability Zones (AZs) are managed by the DB cluster.", - "title": "MultiAZ", - "type": "boolean" - }, - "NcharCharacterSetName": { - "markdownDescription": "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "NcharCharacterSetName", - "type": "string" - }, - "NetworkType": { - "markdownDescription": "The network type of the DB instance.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*", - "title": "NetworkType", - "type": "string" - }, - "OptionGroupName": { - "markdownDescription": "Indicates that the DB instance should be associated with the specified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.", - "title": "OptionGroupName", - "type": "string" - }, - "PerformanceInsightsKMSKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n\nFor information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .", - "title": "PerformanceInsightsKMSKeyId", - "type": "string" - }, - "PerformanceInsightsRetentionPeriod": { - "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB instance without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS returns an error.", - "title": "PerformanceInsightsRetentionPeriod", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which the database accepts connections.\n\nThis setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n\nValid Values: `1150-65535`\n\nDefault:\n\n- RDS for Db2 - `50000`\n- RDS for MariaDB - `3306`\n- RDS for Microsoft SQL Server - `1433`\n- RDS for MySQL - `3306`\n- RDS for Oracle - `1521`\n- RDS for PostgreSQL - `5432`\n\nConstraints:\n\n- For RDS for Microsoft SQL Server, the value can't be `1234` , `1434` , `3260` , `3343` , `3389` , `47001` , or `49152-49156` .", - "title": "Port", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\n*Amazon Aurora*\n\nNot applicable. The daily time range for creating automated backups is managed by the DB cluster.", - "title": "PreferredBackupWindow", + "ResourceSetName": { + "markdownDescription": "The name of the resource set to create.", + "title": "ResourceSetName", "type": "string" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*\n\n> This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately. \n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", + "ResourceSetType": { + "markdownDescription": "The resource type of the resources in the resource set. Enter one of the following values for resource type:\n\nAWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource.\n\nNote that AWS::Route53RecoveryReadiness::DNSTargetResource is only used for this setting. It isn't an actual AWS CloudFormation resource type.", + "title": "ResourceSetType", "type": "string" }, - "ProcessorFeatures": { + "Resources": { "items": { - "$ref": "#/definitions/AWS::RDS::DBInstance.ProcessorFeature" + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.Resource" }, - "markdownDescription": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances.", - "title": "ProcessorFeatures", + "markdownDescription": "A list of resource objects in the resource set.", + "title": "Resources", "type": "array" }, - "PromotionTier": { - "markdownDescription": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nDefault: `1`\n\nValid Values: `0 - 15`", - "title": "PromotionTier", - "type": "number" - }, - "PubliclyAccessible": { - "markdownDescription": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.\n\nThe default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicaMode": { - "markdownDescription": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .\n\nThis setting is only supported in RDS for Oracle.\n\nDefault: `open-read-only`\n\nValid Values: `open-read-only` or `mounted`", - "title": "ReplicaMode", - "type": "string" - }, - "RestoreTime": { - "markdownDescription": "The date and time to restore from. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must be a time in Universal Coordinated Time (UTC) format.\n- Must be before the latest restorable time for the DB instance.\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled.\n\nExample: `2009-09-07T23:45:00Z`", - "title": "RestoreTime", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n\nConstraints:\n\n- Must be the identifier of an existing Multi-AZ DB cluster.\n- Can't be specified if the `SourceDBInstanceIdentifier` parameter is also specified.\n- The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n- The source DB cluster must be in the same AWS Region as the read replica. Cross-Region replication isn't supported.", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "SourceDBInstanceAutomatedBackupsArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .\n\nThis setting doesn't apply to RDS Custom.", - "title": "SourceDBInstanceAutomatedBackupsArn", - "type": "string" - }, - "SourceDBInstanceIdentifier": { - "markdownDescription": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\nThe `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n\nIf you specify the `UseLatestRestorableTime` or `RestoreTime` properties in conjunction with the `SourceDBInstanceIdentifier` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n\n> - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n> - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n> - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.\n> - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n> - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .\n> - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.", - "title": "SourceDBInstanceIdentifier", - "type": "string" - }, - "SourceDbiResourceId": { - "markdownDescription": "The resource ID of the source DB instance from which to restore.", - "title": "SourceDbiResourceId", - "type": "string" - }, - "SourceRegion": { - "markdownDescription": "The ID of the region that contains the source DB instance for the read replica.", - "title": "SourceRegion", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup.\n\nIf you specify `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the snapshot.\n\n*Amazon Aurora*\n\nNot applicable. The encryption for DB instances is managed by the DB cluster.", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageThroughput": { - "markdownDescription": "Specifies the storage throughput value, in mebibyte per second (MiBps), for the DB instance. This setting applies only to the `gp3` storage type.\n\nThis setting doesn't apply to RDS Custom or Amazon Aurora.", - "title": "StorageThroughput", - "type": "number" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB instance.\n\nIf you specify `io1` , `io2` , or `gp3` , you must also include a value for the `Iops` parameter.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n\nValid Values: `gp2 | gp3 | io1 | io2 | standard`\n\nDefault: `io1` , if the `Iops` parameter is specified. Otherwise, `gp3` .", - "title": "StorageType", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the DB instance.", + "markdownDescription": "A tag to associate with the parameters for a resource set.", "title": "Tags", "type": "array" - }, - "Timezone": { - "markdownDescription": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .", - "title": "Timezone", - "type": "string" - }, - "UseDefaultProcessorFeatures": { - "markdownDescription": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "UseDefaultProcessorFeatures", - "type": "boolean" - }, - "UseLatestRestorableTime": { - "markdownDescription": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Can't be specified if the `RestoreTime` parameter is provided.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VPCSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nIf you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.\n\n> You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n> \n> - You can't revert to using an RDS security group after you establish a VPC security group membership.\n> - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n> - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property. \n\nTo avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.\n\n*Amazon Aurora*\n\nNot applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", - "title": "VPCSecurityGroups", - "type": "array" } }, + "required": [ + "ResourceSetType", + "Resources" + ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBInstance" + "AWS::Route53RecoveryReadiness::ResourceSet" ], "type": "string" }, @@ -225216,100 +276552,115 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::RDS::DBInstance.CertificateDetails": { + "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { "additionalProperties": false, "properties": { - "CAIdentifier": { - "markdownDescription": "The CA identifier of the CA certificate used for the DB instance's server certificate.", - "title": "CAIdentifier", + "DomainName": { + "markdownDescription": "The domain name that acts as an ingress point to a portion of the customer application.", + "title": "DomainName", "type": "string" }, - "ValidTill": { - "markdownDescription": "The expiration date of the DB instance\u2019s server certificate.", - "title": "ValidTill", + "HostedZoneArn": { + "markdownDescription": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.", + "title": "HostedZoneArn", + "type": "string" + }, + "RecordSetId": { + "markdownDescription": "The Amazon Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.", + "title": "RecordSetId", + "type": "string" + }, + "RecordType": { + "markdownDescription": "The type of DNS record of the target resource.", + "title": "RecordType", "type": "string" + }, + "TargetResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.TargetResource", + "markdownDescription": "The target resource that the Route 53 record points to.", + "title": "TargetResource" } }, "type": "object" }, - "AWS::RDS::DBInstance.DBInstanceRole": { + "AWS::Route53RecoveryReadiness::ResourceSet.NLBResource": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", - "title": "FeatureName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.", - "title": "RoleArn", + "Arn": { + "markdownDescription": "The Network Load Balancer resource Amazon Resource Name (ARN).", + "title": "Arn", "type": "string" } }, - "required": [ - "FeatureName", - "RoleArn" - ], "type": "object" }, - "AWS::RDS::DBInstance.Endpoint": { + "AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "Specifies the DNS address of the DB instance.", - "title": "Address", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.", - "title": "HostedZoneId", + "DomainName": { + "markdownDescription": "The DNS target domain name.", + "title": "DomainName", "type": "string" }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", + "RecordSetId": { + "markdownDescription": "The Amazon Route 53 Resource Record Set ID.", + "title": "RecordSetId", "type": "string" } }, "type": "object" }, - "AWS::RDS::DBInstance.MasterUserSecret": { + "AWS::Route53RecoveryReadiness::ResourceSet.Resource": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", - "title": "KmsKeyId", + "ComponentId": { + "markdownDescription": "The component identifier of the resource, generated when DNS target resource is used.", + "title": "ComponentId", "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values) .", - "title": "SecretArn", + "DnsTargetResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource", + "markdownDescription": "A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting.", + "title": "DnsTargetResource" + }, + "ReadinessScopes": { + "items": { + "type": "string" + }, + "markdownDescription": "The recovery group Amazon Resource Name (ARN) or the cell ARN that the readiness checks for this resource set are scoped to.", + "title": "ReadinessScopes", + "type": "array" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS resource. This is a required setting for all `ResourceSet` `ResourceSetType` settings except `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set this when `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` .", + "title": "ResourceArn", "type": "string" } }, "type": "object" }, - "AWS::RDS::DBInstance.ProcessorFeature": { + "AWS::Route53RecoveryReadiness::ResourceSet.TargetResource": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the processor feature. Valid names are `coreCount` and `threadsPerCore` .", - "title": "Name", - "type": "string" + "NLBResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.NLBResource", + "markdownDescription": "The Network Load Balancer resource that a DNS target resource points to.", + "title": "NLBResource" }, - "Value": { - "markdownDescription": "The value of a processor feature.", - "title": "Value", - "type": "string" + "R53Resource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord", + "markdownDescription": "The Route 53 resource that a DNS target resource record points to.", + "title": "R53Resource" } }, "type": "object" }, - "AWS::RDS::DBParameterGroup": { + "AWS::Route53Resolver::FirewallDomainList": { "additionalProperties": false, "properties": { "Condition": { @@ -225344,44 +276695,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DBParameterGroupName": { - "markdownDescription": "The name of the DB parameter group.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens.\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nIf you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.\n\n> This value is stored as a lowercase string.", - "title": "DBParameterGroupName", + "DomainFileUrl": { + "markdownDescription": "The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import.\n\nThe file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line.", + "title": "DomainFileUrl", "type": "string" }, - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB parameter group.", - "title": "Description", - "type": "string" + "Domains": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the domain lists that you have defined.", + "title": "Domains", + "type": "array" }, - "Family": { - "markdownDescription": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `db2-ae`\n- `db2-se`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "Family", + "Name": { + "markdownDescription": "The name of the domain list.", + "title": "Name", "type": "string" }, - "Parameters": { - "markdownDescription": "A mapping of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n\nFor more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* , or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .\n\n> AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.", - "title": "Parameters", - "type": "object" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the DB parameter group.", + "markdownDescription": "A list of the tag keys and values that you want to associate with the domain list.", "title": "Tags", "type": "array" } }, - "required": [ - "Description", - "Family" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBParameterGroup" + "AWS::Route53Resolver::FirewallDomainList" ], "type": "string" }, @@ -225395,12 +276740,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::DBProxy": { + "AWS::Route53Resolver::FirewallRuleGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -225435,81 +276779,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Auth": { + "FirewallRules": { "items": { - "$ref": "#/definitions/AWS::RDS::DBProxy.AuthFormat" + "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroup.FirewallRule" }, - "markdownDescription": "The authorization mechanism that the proxy uses.", - "title": "Auth", + "markdownDescription": "A list of the rules that you have defined.", + "title": "FirewallRules", "type": "array" }, - "DBProxyName": { - "markdownDescription": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.", - "title": "DBProxyName", - "type": "string" - }, - "DebugLogging": { - "markdownDescription": "Specifies whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.", - "title": "DebugLogging", - "type": "boolean" - }, - "EngineFamily": { - "markdownDescription": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .", - "title": "EngineFamily", - "type": "string" - }, - "IdleClientTimeout": { - "markdownDescription": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.", - "title": "IdleClientTimeout", - "type": "number" - }, - "RequireTLS": { - "markdownDescription": "Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.", - "title": "RequireTLS", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name of the rule group.", + "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::RDS::DBProxy.TagFormat" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", "title": "Tags", "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more VPC security group IDs to associate with the new proxy.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.", - "title": "VpcSecurityGroupIds", - "type": "array" - }, - "VpcSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more VPC subnet IDs to associate with the new proxy.", - "title": "VpcSubnetIds", - "type": "array" } }, - "required": [ - "Auth", - "DBProxyName", - "EngineFamily", - "RoleArn", - "VpcSubnetIds" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBProxy" + "AWS::Route53Resolver::FirewallRuleGroup" ], "type": "string" }, @@ -225523,178 +276819,81 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::DBProxy.AuthFormat": { + "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { "additionalProperties": false, "properties": { - "AuthScheme": { - "markdownDescription": "The type of authentication that the proxy uses for connections from the proxy to the underlying database.", - "title": "AuthScheme", + "Action": { + "markdownDescription": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advvanced rule:\n\n- `ALLOW` - Permit the request to go through. Not available for DNS Firewall Advanced rules.\n- `ALERT` - Permit the request to go through but send an alert to the logs.\n- `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified.\n\nif `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified:\n\n- `BlockOverrideDnsType`\n- `BlockOverrideDomain`\n- `BlockOverrideTtl`", + "title": "Action", "type": "string" }, - "ClientPasswordAuthType": { - "markdownDescription": "Specifies the details of authentication used by a proxy to log in as a specific database user.", - "title": "ClientPasswordAuthType", + "BlockOverrideDnsType": { + "markdownDescription": "The DNS record's type. This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideDnsType", "type": "string" }, - "Description": { - "markdownDescription": "A user-specified description about the authentication used by a proxy to log in as a specific database user.", - "title": "Description", + "BlockOverrideDomain": { + "markdownDescription": "The custom DNS record to send back in response to the query. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideDomain", "type": "string" }, - "IAMAuth": { - "markdownDescription": "A value that indicates whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. The `ENABLED` value is valid only for proxies with RDS for Microsoft SQL Server.", - "title": "IAMAuth", - "type": "string" + "BlockOverrideTtl": { + "markdownDescription": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideTtl", + "type": "number" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.", - "title": "SecretArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBProxy.TagFormat": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Key", + "BlockResponse": { + "markdownDescription": "The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` .\n\n- `NODATA` - Respond indicating that the query was successful, but no response is available for it.\n- `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist.\n- `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings.", + "title": "BlockResponse", "type": "string" }, - "Value": { - "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBProxyEndpoint": { - "additionalProperties": false, - "properties": { - "Condition": { + "ConfidenceThreshold": { + "markdownDescription": "The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule. The confidence level values mean:\n\n- `LOW` : Provides the highest detection rate for threats, but also increases false positives.\n- `MEDIUM` : Provides a balance between detecting threats and false positives.\n- `HIGH` : Detects only the most well corroborated threats with a low rate of false positives.", + "title": "ConfidenceThreshold", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DnsThreatProtection": { + "markdownDescription": "The type of the DNS Firewall Advanced rule. Valid values are:\n\n- `DGA` : Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains to to launch malware attacks.\n- `DNS_TUNNELING` : DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without making a network connection to the client.", + "title": "DnsThreatProtection", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "FirewallDomainListId": { + "markdownDescription": "The ID of the domain list that's used in the rule.", + "title": "FirewallDomainListId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBProxyEndpointName": { - "markdownDescription": "The name of the DB proxy endpoint to create.", - "title": "DBProxyEndpointName", - "type": "string" - }, - "DBProxyName": { - "markdownDescription": "The name of the DB proxy associated with the DB proxy endpoint that you create.", - "title": "DBProxyName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBProxyEndpoint.TagFormat" - }, - "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", - "title": "Tags", - "type": "array" - }, - "TargetRole": { - "markdownDescription": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.", - "title": "TargetRole", - "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.", - "title": "VpcSecurityGroupIds", - "type": "array" - }, - "VpcSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.", - "title": "VpcSubnetIds", - "type": "array" - } - }, - "required": [ - "DBProxyEndpointName", - "DBProxyName", - "VpcSubnetIds" - ], - "type": "object" + "FirewallDomainRedirectionAction": { + "markdownDescription": "How you want the the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME, or DNAME.\n\n`Inspect_Redirection_Domain` (Default) inspects all domains in the redirection chain. The individual domains in the redirection chain must be added to the domain list.\n\n`Trust_Redirection_Domain` inspects only the first domain in the redirection chain. You don't need to add the subsequent domains in the domain in the redirection list to the domain list.", + "title": "FirewallDomainRedirectionAction", + "type": "string" }, - "Type": { - "enum": [ - "AWS::RDS::DBProxyEndpoint" - ], + "FirewallThreatProtectionId": { + "markdownDescription": "ID of the DNS Firewall Advanced rule.", + "title": "FirewallThreatProtectionId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Priority": { + "markdownDescription": "The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.", + "title": "Priority", + "type": "number" + }, + "Qtype": { + "markdownDescription": "The DNS query type you want the rule to evaluate. Allowed values are;\n\n- A: Returns an IPv4 address.\n- AAAA: Returns an Ipv6 address.\n- CAA: Restricts CAs that can create SSL/TLS certifications for the domain.\n- CNAME: Returns another domain name.\n- DS: Record that identifies the DNSSEC signing key of a delegated zone.\n- MX: Specifies mail servers.\n- NAPTR: Regular-expression-based rewriting of domain names.\n- NS: Authoritative name servers.\n- PTR: Maps an IP address to a domain name.\n- SOA: Start of authority record for the zone.\n- SPF: Lists the servers authorized to send emails from a domain.\n- SRV: Application specific values that identify servers.\n- TXT: Verifies email senders and application-specific values.\n- A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPE NUMBER , where the NUMBER can be 1-65334, for example, TYPE28. For more information, see [List of DNS record types](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_DNS_record_types) .", + "title": "Qtype", "type": "string" } }, "required": [ - "Type", - "Properties" + "Action", + "Priority" ], "type": "object" }, - "AWS::RDS::DBProxyEndpoint.TagFormat": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBProxyTargetGroup": { + "AWS::Route53Resolver::FirewallRuleGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -225729,47 +276928,50 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionPoolConfigurationInfo": { - "$ref": "#/definitions/AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat", - "markdownDescription": "Displays the settings that control the size and behavior of the connection pool associated with a `DBProxyTarget` .", - "title": "ConnectionPoolConfigurationInfo" + "FirewallRuleGroupId": { + "markdownDescription": "The unique identifier of the firewall rule group.", + "title": "FirewallRuleGroupId", + "type": "string" }, - "DBClusterIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more DB cluster identifiers.", - "title": "DBClusterIdentifiers", - "type": "array" + "MutationProtection": { + "markdownDescription": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.", + "title": "MutationProtection", + "type": "string" }, - "DBInstanceIdentifiers": { + "Name": { + "markdownDescription": "The name of the association.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.\n\nYou must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.\n\nThe allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900).", + "title": "Priority", + "type": "number" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more DB instance identifiers.", - "title": "DBInstanceIdentifiers", + "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", + "title": "Tags", "type": "array" }, - "DBProxyName": { - "markdownDescription": "The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .", - "title": "DBProxyName", - "type": "string" - }, - "TargetGroupName": { - "markdownDescription": "The identifier for the target group.\n\n> Currently, this property must be set to `default` .", - "title": "TargetGroupName", + "VpcId": { + "markdownDescription": "The unique identifier of the VPC that is associated with the rule group.", + "title": "VpcId", "type": "string" } }, "required": [ - "DBProxyName", - "TargetGroupName" + "FirewallRuleGroupId", + "Priority", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBProxyTargetGroup" + "AWS::Route53Resolver::FirewallRuleGroupAssociation" ], "type": "string" }, @@ -225788,41 +276990,7 @@ ], "type": "object" }, - "AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat": { - "additionalProperties": false, - "properties": { - "ConnectionBorrowTimeout": { - "markdownDescription": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. This setting only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.\n\nDefault: `120`\n\nConstraints:\n\n- Must be between 0 and 300.", - "title": "ConnectionBorrowTimeout", - "type": "number" - }, - "InitQuery": { - "markdownDescription": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query\n\n> Since you can access initialization query as part of target group configuration, it is not protected by authentication or cryptographic methods. Anyone with access to view or manage your proxy target group configuration can view the initialization query. You should not add sensitive data, such as passwords or long-lived encryption keys, to this option.", - "title": "InitQuery", - "type": "string" - }, - "MaxConnectionsPercent": { - "markdownDescription": "The maximum size of the connection pool for each target in a target group. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.\n\nIf you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.\n\nDefault: `10` for RDS for Microsoft SQL Server, and `100` for all other engines\n\nConstraints:\n\n- Must be between 1 and 100.", - "title": "MaxConnectionsPercent", - "type": "number" - }, - "MaxIdleConnectionsPercent": { - "markdownDescription": "A value that controls how actively the proxy closes idle database connections in the connection pool. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.\n\nIf you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .\n\nDefault: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is `5` , and for all other engines, the default is `50` .\n\nConstraints:\n\n- Must be between 0 and the value of `MaxConnectionsPercent` .", - "title": "MaxIdleConnectionsPercent", - "type": "number" - }, - "SessionPinningFilters": { - "items": { - "type": "string" - }, - "markdownDescription": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior.\n\nDefault: no session pinning filters", - "title": "SessionPinningFilters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::RDS::DBSecurityGroup": { + "AWS::Route53Resolver::OutpostResolver": { "additionalProperties": false, "properties": { "Condition": { @@ -225857,42 +277025,45 @@ "Properties": { "additionalProperties": false, "properties": { - "DBSecurityGroupIngress": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBSecurityGroup.Ingress" - }, - "markdownDescription": "Ingress rules to be applied to the DB security group.", - "title": "DBSecurityGroupIngress", - "type": "array" + "InstanceCount": { + "markdownDescription": "Amazon EC2 instance count for the Resolver on the Outpost.", + "title": "InstanceCount", + "type": "number" }, - "EC2VpcId": { - "markdownDescription": "The identifier of an Amazon virtual private cloud (VPC). This property indicates the VPC that this DB security group belongs to.\n\n> This property is included for backwards compatibility and is no longer recommended for providing security information to an RDS DB instance.", - "title": "EC2VpcId", + "Name": { + "markdownDescription": "Name of the Resolver.", + "title": "Name", "type": "string" }, - "GroupDescription": { - "markdownDescription": "Provides the description of the DB security group.", - "title": "GroupDescription", + "OutpostArn": { + "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", + "title": "OutpostArn", + "type": "string" + }, + "PreferredInstanceType": { + "markdownDescription": "The Amazon EC2 instance type. If you specify this, you must also specify a value for the `OutpostArn` .", + "title": "PreferredInstanceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "markdownDescription": "A key value pair that helps you identify a Route\u00a053 Resolver .", "title": "Tags", "type": "array" } }, "required": [ - "DBSecurityGroupIngress", - "GroupDescription" + "Name", + "OutpostArn", + "PreferredInstanceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBSecurityGroup" + "AWS::Route53Resolver::OutpostResolver" ], "type": "string" }, @@ -225911,33 +277082,7 @@ ], "type": "object" }, - "AWS::RDS::DBSecurityGroup.Ingress": { - "additionalProperties": false, - "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to authorize.", - "title": "CIDRIP", - "type": "string" - }, - "EC2SecurityGroupId": { - "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupId", - "type": "string" - }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupOwnerId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBSecurityGroupIngress": { + "AWS::Route53Resolver::ResolverConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -225972,40 +277117,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to authorize.", - "title": "CIDRIP", - "type": "string" - }, - "DBSecurityGroupName": { - "markdownDescription": "The name of the DB security group to add authorization to.", - "title": "DBSecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupId": { - "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupId", - "type": "string" - }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupName", + "AutodefinedReverseFlag": { + "markdownDescription": "Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` .", + "title": "AutodefinedReverseFlag", "type": "string" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupOwnerId", + "ResourceId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud VPC or a Route 53 Profile that you're configuring Resolver for.", + "title": "ResourceId", "type": "string" } }, "required": [ - "DBSecurityGroupName" + "AutodefinedReverseFlag", + "ResourceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBSecurityGroupIngress" + "AWS::Route53Resolver::ResolverConfig" ], "type": "string" }, @@ -226024,7 +277155,7 @@ ], "type": "object" }, - "AWS::RDS::DBSubnetGroup": { + "AWS::Route53Resolver::ResolverDNSSECConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -226059,42 +277190,17 @@ "Properties": { "additionalProperties": false, "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "The description for the DB subnet group.", - "title": "DBSubnetGroupDescription", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints:\n\n- Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n- Must not be default.\n- First character must be a letter.\n\nExample: `mydbsubnetgroup`", - "title": "DBSubnetGroupName", + "ResourceId": { + "markdownDescription": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.", + "title": "ResourceId", "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The EC2 Subnet IDs for the DB subnet group.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the DB subnet group.", - "title": "Tags", - "type": "array" } }, - "required": [ - "DBSubnetGroupDescription", - "SubnetIds" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBSubnetGroup" + "AWS::Route53Resolver::ResolverDNSSECConfig" ], "type": "string" }, @@ -226108,12 +277214,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::EventSubscription": { + "AWS::Route53Resolver::ResolverEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -226148,59 +277253,74 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active.", - "title": "Enabled", - "type": "boolean" + "Direction": { + "markdownDescription": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network\n- `INBOUND_DELEGATION` : Resolver delegates queries to Route 53 private hosted zones from your network.", + "title": "Direction", + "type": "string" }, - "EventCategories": { + "IpAddresses": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest" }, - "markdownDescription": "A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.", - "title": "EventCategories", + "markdownDescription": "The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.\n\n> Even though the minimum is 1, Route\u00a053 requires that you create at least two.", + "title": "IpAddresses", "type": "array" }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n\n> RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide* .", - "title": "SnsTopicArn", + "Name": { + "markdownDescription": "A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.", + "title": "Name", "type": "string" }, - "SourceIds": { + "OutpostArn": { + "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", + "title": "OutpostArn", + "type": "string" + }, + "PreferredInstanceType": { + "markdownDescription": "The Amazon EC2 instance type.", + "title": "PreferredInstanceType", + "type": "string" + }, + "Protocols": { "items": { "type": "string" }, - "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are supplied, `SourceType` must also be provided.\n- If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.\n- If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.\n- If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.\n- If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.\n- If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.\n- If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.\n- If the source type is an RDS Proxy, a `DBProxyName` value must be supplied.", - "title": "SourceIds", + "markdownDescription": "Protocols used for the endpoint. DoH-FIPS is applicable for a default inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor a delegation inbound endpoint you can use Do53 only.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", + "title": "Protocols", "type": "array" }, - "SourceType": { - "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to `db-instance` . For RDS Proxy events, specify `db-proxy` . If this value isn't specified, all events are returned.\n\nValid Values: `db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment`", - "title": "SourceType", + "ResolverEndpointType": { + "markdownDescription": "The Resolver endpoint IP address type.", + "title": "ResolverEndpointType", "type": "string" }, - "SubscriptionName": { - "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be less than 255 characters.", - "title": "SubscriptionName", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.", + "title": "SecurityGroupIds", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An optional array of key-value pairs to apply to this subscription.", + "markdownDescription": "Route 53 Resolver doesn't support updating tags through CloudFormation.", "title": "Tags", "type": "array" } }, "required": [ - "SnsTopicArn" + "Direction", + "IpAddresses", + "SecurityGroupIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::EventSubscription" + "AWS::Route53Resolver::ResolverEndpoint" ], "type": "string" }, @@ -226219,7 +277339,31 @@ ], "type": "object" }, - "AWS::RDS::GlobalCluster": { + "AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest": { + "additionalProperties": false, + "properties": { + "Ip": { + "markdownDescription": "The IPv4 address that you want to use for DNS queries.", + "title": "Ip", + "type": "string" + }, + "Ipv6": { + "markdownDescription": "The IPv6 address that you want to use for DNS queries.", + "title": "Ipv6", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet that contains the IP address.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "SubnetId" + ], + "type": "object" + }, + "AWS::Route53Resolver::ResolverQueryLoggingConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -226254,42 +277398,30 @@ "Properties": { "additionalProperties": false, "properties": { - "DeletionProtection": { - "markdownDescription": "Specifies whether to enable deletion protection for the new global database cluster. The global database can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The database engine to use for this global database cluster.\n\nValid Values: `aurora-mysql | aurora-postgresql`\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine of the source DB cluster.", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The engine version to use for this global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine version of the source DB cluster.", - "title": "EngineVersion", - "type": "string" - }, - "GlobalClusterIdentifier": { - "markdownDescription": "The cluster identifier for this global database cluster. This parameter is stored as a lowercase string.", - "title": "GlobalClusterIdentifier", + "DestinationArn": { + "markdownDescription": "The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.", + "title": "DestinationArn", "type": "string" }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database.\n\nIf you provide a value for this parameter, don't specify values for the following settings because Amazon Aurora uses the values from the specified source DB cluster:\n\n- `DatabaseName`\n- `Engine`\n- `EngineVersion`\n- `StorageEncrypted`", - "title": "SourceDBClusterIdentifier", + "Name": { + "markdownDescription": "The name of the query logging configuration.", + "title": "Name", "type": "string" }, - "StorageEncrypted": { - "markdownDescription": "Specifies whether to enable storage encryption for the new global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the setting from the source DB cluster.", - "title": "StorageEncrypted", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::RDS::GlobalCluster" + "AWS::Route53Resolver::ResolverQueryLoggingConfig" ], "type": "string" }, @@ -226307,7 +277439,7 @@ ], "type": "object" }, - "AWS::RDS::Integration": { + "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -226342,65 +277474,22 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalEncryptionContext": { - "additionalProperties": true, - "markdownDescription": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *AWS Key Management Service Developer Guide* .\n\nYou can only include this parameter if you specify the `KMSKeyId` parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalEncryptionContext", - "type": "object" - }, - "DataFilter": { - "markdownDescription": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse.", - "title": "DataFilter", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the integration.", - "title": "Description", - "type": "string" - }, - "IntegrationName": { - "markdownDescription": "The name of the integration.", - "title": "IntegrationName", - "type": "string" - }, - "KMSKeyId": { - "markdownDescription": "The AWS Key Management System ( AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key.", - "title": "KMSKeyId", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the database to use as the source for replication.", - "title": "SourceArn", + "ResolverQueryLogConfigId": { + "markdownDescription": "The ID of the query logging configuration that a VPC is associated with.", + "title": "ResolverQueryLogConfigId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional array of key-value pairs to apply to this integration.", - "title": "Tags", - "type": "array" - }, - "TargetArn": { - "markdownDescription": "The ARN of the Redshift data warehouse to use as the target for replication.", - "title": "TargetArn", + "ResourceId": { + "markdownDescription": "The ID of the Amazon VPC that is associated with the query logging configuration.", + "title": "ResourceId", "type": "string" } }, - "required": [ - "SourceArn", - "TargetArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::Integration" + "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation" ], "type": "string" }, @@ -226414,12 +277503,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::OptionGroup": { + "AWS::Route53Resolver::ResolverRule": { "additionalProperties": false, "properties": { "Condition": { @@ -226454,53 +277542,56 @@ "Properties": { "additionalProperties": false, "properties": { - "EngineName": { - "markdownDescription": "Specifies the name of the engine that this option group should be associated with.\n\nValid Values:\n\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "EngineName", + "DelegationRecord": { + "markdownDescription": "DNS queries with delegation records that point to this domain name are forwarded to resolvers on your network.", + "title": "DelegationRecord", "type": "string" }, - "MajorEngineVersion": { - "markdownDescription": "Specifies the major version of the engine that this option group should be associated with.", - "title": "MajorEngineVersion", + "DomainName": { + "markdownDescription": "DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).", + "title": "DomainName", "type": "string" }, - "OptionConfigurations": { - "items": { - "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionConfiguration" - }, - "markdownDescription": "A list of all available options for an option group.", - "title": "OptionConfigurations", - "type": "array" + "Name": { + "markdownDescription": "The name for the Resolver rule, which you specified when you created the Resolver rule.", + "title": "Name", + "type": "string" }, - "OptionGroupDescription": { - "markdownDescription": "The description of the option group.", - "title": "OptionGroupDescription", + "ResolverEndpointId": { + "markdownDescription": "The ID of the endpoint that the rule is associated with.", + "title": "ResolverEndpointId", "type": "string" }, - "OptionGroupName": { - "markdownDescription": "The name of the option group to be created.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nExample: `myoptiongroup`\n\nIf you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.\n\n> This value is stored as a lowercase string.", - "title": "OptionGroupName", + "RuleType": { + "markdownDescription": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` or `DELEGATE` . If a query matches multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains the most specific domain name (www.example.com).\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", + "title": "RuleType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the option group.", + "markdownDescription": "Tags help organize and categorize your Resolver rules. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" + }, + "TargetIps": { + "items": { + "$ref": "#/definitions/AWS::Route53Resolver::ResolverRule.TargetAddress" + }, + "markdownDescription": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network.", + "title": "TargetIps", + "type": "array" } }, "required": [ - "EngineName", - "MajorEngineVersion", - "OptionGroupDescription" + "RuleType" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::OptionGroup" + "AWS::Route53Resolver::ResolverRule" ], "type": "string" }, @@ -226519,71 +277610,38 @@ ], "type": "object" }, - "AWS::RDS::OptionGroup.OptionConfiguration": { + "AWS::Route53Resolver::ResolverRule.TargetAddress": { "additionalProperties": false, "properties": { - "DBSecurityGroupMemberships": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of DB security groups used for this option.", - "title": "DBSecurityGroupMemberships", - "type": "array" - }, - "OptionName": { - "markdownDescription": "The configuration of options to include in a group.", - "title": "OptionName", + "Ip": { + "markdownDescription": "One IPv4 address that you want to forward DNS queries to.", + "title": "Ip", "type": "string" }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionSetting" - }, - "markdownDescription": "The option settings to include in an option group.", - "title": "OptionSettings", - "type": "array" - }, - "OptionVersion": { - "markdownDescription": "The version for the option.", - "title": "OptionVersion", + "Ipv6": { + "markdownDescription": "One IPv6 address that you want to forward DNS queries to.", + "title": "Ipv6", "type": "string" }, "Port": { - "markdownDescription": "The optional port for the option.", + "markdownDescription": "The port at `Ip` that you want to forward DNS queries to.", "title": "Port", - "type": "number" + "type": "string" }, - "VpcSecurityGroupMemberships": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC security group names used for this option.", - "title": "VpcSecurityGroupMemberships", - "type": "array" - } - }, - "required": [ - "OptionName" - ], - "type": "object" - }, - "AWS::RDS::OptionGroup.OptionSetting": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the option that has settings that you can set.", - "title": "Name", + "Protocol": { + "markdownDescription": "The protocols for the target address. The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.", + "title": "Protocol", "type": "string" }, - "Value": { - "markdownDescription": "The current value of the option setting.", - "title": "Value", + "ServerNameIndication": { + "markdownDescription": "The Server Name Indication of the DoH server that you want to forward queries to. This is only used if the Protocol of the `TargetAddress` is `DoH` .", + "title": "ServerNameIndication", "type": "string" } }, "type": "object" }, - "AWS::RUM::AppMonitor": { + "AWS::Route53Resolver::ResolverRuleAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -226618,49 +277676,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AppMonitorConfiguration": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.AppMonitorConfiguration", - "markdownDescription": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions.", - "title": "AppMonitorConfiguration" - }, - "CustomEvents": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.CustomEvents", - "markdownDescription": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` .", - "title": "CustomEvents" - }, - "CwLogEnabled": { - "markdownDescription": "Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges.\n\nIf you omit this parameter, the default is `false` .", - "title": "CwLogEnabled", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "The top-level internet domain name for which your application has administrative authority. This parameter or the `DomainList` parameter is required.", - "title": "Domain", - "type": "string" - }, "Name": { - "markdownDescription": "A name for the app monitor. This parameter is required.", + "markdownDescription": "The name of an association between a Resolver rule and a VPC.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" + "ResolverRuleId": { + "markdownDescription": "The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` .", + "title": "ResolverRuleId", + "type": "string" + }, + "VPCId": { + "markdownDescription": "The ID of the VPC that you associated the Resolver rule with.", + "title": "VPCId", + "type": "string" } }, "required": [ - "Domain", - "Name" + "ResolverRuleId", + "VPCId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RUM::AppMonitor" + "AWS::Route53Resolver::ResolverRuleAssociation" ], "type": "string" }, @@ -226679,166 +277719,7 @@ ], "type": "object" }, - "AWS::RUM::AppMonitor.AppMonitorConfiguration": { - "additionalProperties": false, - "properties": { - "AllowCookies": { - "markdownDescription": "If you set this to `true` , the CloudWatch RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the CloudWatch RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page.", - "title": "AllowCookies", - "type": "boolean" - }, - "EnableXRay": { - "markdownDescription": "If you set this to `true` , CloudWatch RUM sends client-side traces to X-Ray for each sampled session. You can then see traces and segments from these user sessions in the RUM dashboard and the CloudWatch ServiceLens console. For more information, see [What is AWS X-Ray ?](https://docs.aws.amazon.com/xray/latest/devguide/aws-xray.html)", - "title": "EnableXRay", - "type": "boolean" - }, - "ExcludedPages": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of URLs in your website or application to exclude from RUM data collection.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", - "title": "ExcludedPages", - "type": "array" - }, - "FavoritePages": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of pages in your application that are to be displayed with a \"favorite\" icon in the CloudWatch RUM console.", - "title": "FavoritePages", - "type": "array" - }, - "GuestRoleArn": { - "markdownDescription": "The ARN of the guest IAM role that is attached to the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", - "title": "GuestRoleArn", - "type": "string" - }, - "IdentityPoolId": { - "markdownDescription": "The ID of the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", - "title": "IdentityPoolId", - "type": "string" - }, - "IncludedPages": { - "items": { - "type": "string" - }, - "markdownDescription": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", - "title": "IncludedPages", - "type": "array" - }, - "MetricDestinations": { - "items": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDestination" - }, - "markdownDescription": "An array of structures that each define a destination that this app monitor will send extended metrics to.", - "title": "MetricDestinations", - "type": "array" - }, - "SessionSampleRate": { - "markdownDescription": "Specifies the portion of user sessions to use for CloudWatch RUM data collection. Choosing a higher portion gives you more data but also incurs more costs.\n\nThe range for this value is 0 to 1 inclusive. Setting this to 1 means that 100% of user sessions are sampled, and setting it to 0.1 means that 10% of user sessions are sampled.\n\nIf you omit this parameter, the default of 0.1 is used, and 10% of sessions will be sampled.", - "title": "SessionSampleRate", - "type": "number" - }, - "Telemetries": { - "items": { - "type": "string" - }, - "markdownDescription": "An array that lists the types of telemetry data that this app monitor is to collect.\n\n- `errors` indicates that RUM collects data about unhandled JavaScript errors raised by your application.\n- `performance` indicates that RUM collects performance data about how your application and its resources are loaded and rendered. This includes Core Web Vitals.\n- `http` indicates that RUM collects data about HTTP errors thrown by your application.", - "title": "Telemetries", - "type": "array" - } - }, - "type": "object" - }, - "AWS::RUM::AppMonitor.CustomEvents": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Set this to `ENABLED` to allow the web client to send custom events for this app monitor.\n\nValid values are `ENABLED` and `DISABLED` .", - "title": "Status", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RUM::AppMonitor.MetricDefinition": { - "additionalProperties": false, - "properties": { - "DimensionKeys": { - "additionalProperties": true, - "markdownDescription": "This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch . The value of this field is used only if the metric destination is `CloudWatch` . If the metric destination is `Evidently` , the value of `DimensionKeys` is ignored.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "DimensionKeys", - "type": "object" - }, - "EventPattern": { - "markdownDescription": "The pattern that defines the metric. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination.\n\nIf the metrics destination is `CloudWatch` and the event also matches a value in `DimensionKeys` , then the metric is published with the specified dimensions.", - "title": "EventPattern", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the metric that is defined in this structure.", - "title": "Name", - "type": "string" - }, - "Namespace": { - "markdownDescription": "If you are creating a custom metric instead of an extended metrics, use this parameter to define the metric namespace for that custom metric. Do not specify this parameter if you are creating an extended metric.\n\nYou can't use any string that starts with `AWS/` for your namespace.", - "title": "Namespace", - "type": "string" - }, - "UnitLabel": { - "markdownDescription": "Use this field only if you are sending this metric to CloudWatch . It defines the CloudWatch metric unit that this metric is measured in.", - "title": "UnitLabel", - "type": "string" - }, - "ValueKey": { - "markdownDescription": "The field within the event object that the metric value is sourced from.", - "title": "ValueKey", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::RUM::AppMonitor.MetricDestination": { - "additionalProperties": false, - "properties": { - "Destination": { - "markdownDescription": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently` . If you specify `Evidently` , you must also specify the ARN of the CloudWatch Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.", - "title": "Destination", - "type": "string" - }, - "DestinationArn": { - "markdownDescription": "Use this parameter only if `Destination` is `Evidently` . This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.", - "title": "DestinationArn", - "type": "string" - }, - "IamRoleArn": { - "markdownDescription": "This parameter is required if `Destination` is `Evidently` . If `Destination` is `CloudWatch` , do not use this parameter.\n\nThis parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment.", - "title": "IamRoleArn", - "type": "string" - }, - "MetricDefinitions": { - "items": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDefinition" - }, - "markdownDescription": "An array of structures which define the metrics that you want to send.", - "title": "MetricDefinitions", - "type": "array" - } - }, - "required": [ - "Destination" - ], - "type": "object" - }, - "AWS::Redshift::Cluster": { + "AWS::S3::AccessGrant": { "additionalProperties": false, "properties": { "Condition": { @@ -226873,290 +277754,55 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowVersionUpgrade": { - "markdownDescription": "If `true` , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster.\n\nWhen a new major version of the Amazon Redshift engine is released, you can request that the service automatically apply upgrades during the maintenance window to the Amazon Redshift engine that is running on your cluster.\n\nDefault: `true`", - "title": "AllowVersionUpgrade", - "type": "boolean" - }, - "AquaConfigurationStatus": { - "markdownDescription": "This parameter is retired. It does not set the AQUA configuration status. Amazon Redshift automatically determines whether to use AQUA (Advanced Query Accelerator).", - "title": "AquaConfigurationStatus", - "type": "string" - }, - "AutomatedSnapshotRetentionPeriod": { - "markdownDescription": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with [CreateClusterSnapshot](https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html) in the *Amazon Redshift API Reference* .\n\nDefault: `1`\n\nConstraints: Must be a value from 0 to 35.", - "title": "AutomatedSnapshotRetentionPeriod", - "type": "number" - }, - "AvailabilityZone": { - "markdownDescription": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n\nDefault: A random, system-chosen Availability Zone in the region that is specified by the endpoint.\n\nExample: `us-east-2d`\n\nConstraint: The specified Availability Zone must be in the same region as the current endpoint.", - "title": "AvailabilityZone", - "type": "string" - }, - "AvailabilityZoneRelocation": { - "markdownDescription": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster is created.", - "title": "AvailabilityZoneRelocation", - "type": "boolean" - }, - "AvailabilityZoneRelocationStatus": { - "markdownDescription": "Describes the status of the Availability Zone relocation operation.", - "title": "AvailabilityZoneRelocationStatus", - "type": "string" - }, - "Classic": { - "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", - "title": "Classic", - "type": "boolean" - }, - "ClusterIdentifier": { - "markdownDescription": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. The identifier also appears in the Amazon Redshift console.\n\nConstraints:\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- Alphabetic characters must be lowercase.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n- Must be unique for all clusters within an AWS account .\n\nExample: `myexamplecluster`", - "title": "ClusterIdentifier", - "type": "string" - }, - "ClusterParameterGroupName": { - "markdownDescription": "The name of the parameter group to be associated with this cluster.\n\nDefault: The default Amazon Redshift cluster parameter group. For information about the default parameter group, go to [Working with Amazon Redshift Parameter Groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n\nConstraints:\n\n- Must be 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ClusterParameterGroupName", - "type": "string" - }, - "ClusterSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups to be associated with this cluster.\n\nDefault: The default cluster security group for Amazon Redshift.", - "title": "ClusterSecurityGroups", - "type": "array" - }, - "ClusterSubnetGroupName": { - "markdownDescription": "The name of a cluster subnet group to be associated with this cluster.\n\nIf this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).", - "title": "ClusterSubnetGroupName", - "type": "string" - }, - "ClusterType": { - "markdownDescription": "The type of the cluster. When cluster type is specified as\n\n- `single-node` , the *NumberOfNodes* parameter is not required.\n- `multi-node` , the *NumberOfNodes* parameter is required.\n\nValid Values: `multi-node` | `single-node`\n\nDefault: `multi-node`", - "title": "ClusterType", - "type": "string" - }, - "ClusterVersion": { - "markdownDescription": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\n\nThe version selected runs on all the nodes in the cluster.\n\nConstraints: Only version 1.0 is currently available.\n\nExample: `1.0`", - "title": "ClusterVersion", - "type": "string" - }, - "DBName": { - "markdownDescription": "The name of the first database to be created when the cluster is created.\n\nTo create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. For more information, go to [Create a Database](https://docs.aws.amazon.com/redshift/latest/dg/t_creating_database.html) in the Amazon Redshift Database Developer Guide.\n\nDefault: `dev`\n\nConstraints:\n\n- Must contain 1 to 64 alphanumeric characters.\n- Must contain only lowercase letters.\n- Cannot be a word that is reserved by the service. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "DBName", - "type": "string" - }, - "DeferMaintenance": { - "markdownDescription": "A Boolean indicating whether to enable the deferred maintenance window.", - "title": "DeferMaintenance", - "type": "boolean" - }, - "DeferMaintenanceDuration": { - "markdownDescription": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less.", - "title": "DeferMaintenanceDuration", - "type": "number" - }, - "DeferMaintenanceEndTime": { - "markdownDescription": "A timestamp for the end of the time period when we defer maintenance.", - "title": "DeferMaintenanceEndTime", - "type": "string" - }, - "DeferMaintenanceStartTime": { - "markdownDescription": "A timestamp indicating the start time for the deferred maintenance window.", - "title": "DeferMaintenanceStartTime", - "type": "string" - }, - "DestinationRegion": { - "markdownDescription": "The destination region that snapshots are automatically copied to when cross-region snapshot copy is enabled.", - "title": "DestinationRegion", - "type": "string" - }, - "ElasticIp": { - "markdownDescription": "The Elastic IP (EIP) address for the cluster.\n\nConstraints: The cluster must be provisioned in EC2-VPC and publicly-accessible through an Internet gateway. Don't specify the Elastic IP address for a publicly accessible cluster with availability zone relocation turned on. For more information about provisioning clusters in EC2-VPC, go to [Supported Platforms to Launch Your Cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#cluster-platforms) in the Amazon Redshift Cluster Management Guide.", - "title": "ElasticIp", - "type": "string" - }, - "Encrypted": { - "markdownDescription": "If `true` , the data in the cluster is encrypted at rest. If you set the value on this parameter to `false` , the request will fail.\n\nDefault: true", - "title": "Encrypted", - "type": "boolean" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::Redshift::Cluster.Endpoint", - "markdownDescription": "The connection endpoint.", - "title": "Endpoint" - }, - "EnhancedVpcRouting": { - "markdownDescription": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see [Enhanced VPC Routing](https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html) in the Amazon Redshift Cluster Management Guide.\n\nIf this option is `true` , enhanced VPC routing is enabled.\n\nDefault: false", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "HsmClientCertificateIdentifier": { - "markdownDescription": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.", - "title": "HsmClientCertificateIdentifier", - "type": "string" - }, - "HsmConfigurationIdentifier": { - "markdownDescription": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM.", - "title": "HsmConfigurationIdentifier", - "type": "string" - }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.\n\nThe maximum number of IAM roles that you can associate is subject to a quota. For more information, go to [Quotas and limits](https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html) in the *Amazon Redshift Cluster Management Guide* .", - "title": "IamRoles", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LoggingProperties": { - "$ref": "#/definitions/AWS::Redshift::Cluster.LoggingProperties", - "markdownDescription": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.", - "title": "LoggingProperties" - }, - "MaintenanceTrackName": { - "markdownDescription": "An optional parameter for the name of the maintenance track for the cluster. If you don't provide a maintenance track name, the cluster is assigned to the `current` track.", - "title": "MaintenanceTrackName", - "type": "string" - }, - "ManageMasterPassword": { - "markdownDescription": "If `true` , Amazon Redshift uses AWS Secrets Manager to manage this cluster's admin credentials. You can't use `MasterUserPassword` if `ManageMasterPassword` is true. If `ManageMasterPassword` is false or not set, Amazon Redshift uses `MasterUserPassword` for the admin user account's password.", - "title": "ManageMasterPassword", - "type": "boolean" - }, - "ManualSnapshotRetentionPeriod": { - "markdownDescription": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots.\n\nThe value must be either -1 or an integer between 1 and 3,653.", - "title": "ManualSnapshotRetentionPeriod", - "type": "number" - }, - "MasterPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if `ManageMasterPassword` is true.", - "title": "MasterPasswordSecretKmsKeyId", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password associated with the admin user account for the cluster that is being created.\n\nYou can't use `MasterUserPassword` if `ManageMasterPassword` is `true` .\n\nConstraints:\n\n- Must be between 8 and 64 characters in length.\n- Must contain at least one uppercase letter.\n- Must contain at least one lowercase letter.\n- Must contain one number.\n- Can be any printable ASCII character (ASCII code 33-126) except `'` (single quote), `\"` (double quote), `\\` , `/` , or `@` .", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The user name associated with the admin user account for the cluster that is being created.\n\nConstraints:\n\n- Must be 1 - 128 alphanumeric characters or hyphens. The user name can't be `PUBLIC` .\n- Must contain only lowercase letters, numbers, underscore, plus sign, period (dot), at symbol (@), or hyphen.\n- The first character must be a letter.\n- Must not contain a colon (:) or a slash (/).\n- Cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "MasterUsername", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "A boolean indicating whether Amazon Redshift should deploy the cluster in two Availability Zones. The default is false.", - "title": "MultiAZ", - "type": "boolean" - }, - "NamespaceResourcePolicy": { - "markdownDescription": "The policy that is attached to a resource.", - "title": "NamespaceResourcePolicy", - "type": "object" - }, - "NodeType": { - "markdownDescription": "The node type to be provisioned for the cluster. For information about node types, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nValid Values: `dc2.large` | `dc2.8xlarge` | `ra3.large` | `ra3.xlplus` | `ra3.4xlarge` | `ra3.16xlarge`", - "title": "NodeType", - "type": "string" - }, - "NumberOfNodes": { - "markdownDescription": "The number of compute nodes in the cluster. This parameter is required when the *ClusterType* parameter is specified as `multi-node` .\n\nFor information about determining how many nodes you need, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nIf you don't specify this parameter, you get a single-node cluster. When requesting a multi-node cluster, you must specify the number of nodes that you want in the cluster.\n\nDefault: `1`\n\nConstraints: Value must be at least 1 and no more than 100.", - "title": "NumberOfNodes", - "type": "number" - }, - "OwnerAccount": { - "markdownDescription": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.", - "title": "OwnerAccount", - "type": "string" - }, - "Port": { - "markdownDescription": "The port number on which the cluster accepts incoming connections.\n\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections.\n\nDefault: `5439`\n\nValid Values:\n\n- For clusters with ra3 nodes - Select a port within the ranges `5431-5455` or `8191-8215` . (If you have an existing cluster with ra3 nodes, it isn't required that you change the port to these ranges.)\n- For clusters with dc2 nodes - Select a port within the range `1150-65535` .", - "title": "Port", - "type": "number" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nDefault: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see [Maintenance Windows](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#rs-maintenance-windows) in Amazon Redshift Cluster Management Guide.\n\nValid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "If `true` , the cluster can be accessed from a public network.\n\nDefault: false", - "title": "PubliclyAccessible", - "type": "boolean" + "AccessGrantsLocationConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessGrant.AccessGrantsLocationConfiguration", + "markdownDescription": "The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.", + "title": "AccessGrantsLocationConfiguration" }, - "ResourceAction": { - "markdownDescription": "The Amazon Redshift operation to be performed. Supported operations are `pause-cluster` , `resume-cluster` , and `failover-primary-compute` .", - "title": "ResourceAction", + "AccessGrantsLocationId": { + "markdownDescription": "The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.", + "title": "AccessGrantsLocationId", "type": "string" }, - "RevisionTarget": { - "markdownDescription": "Describes a `RevisionTarget` object.", - "title": "RevisionTarget", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.", + "title": "ApplicationArn", "type": "string" }, - "RotateEncryptionKey": { - "markdownDescription": "Rotates the encryption keys for a cluster.", - "title": "RotateEncryptionKey", - "type": "boolean" - }, - "SnapshotClusterIdentifier": { - "markdownDescription": "The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", - "title": "SnapshotClusterIdentifier", - "type": "string" + "Grantee": { + "$ref": "#/definitions/AWS::S3::AccessGrant.Grantee", + "markdownDescription": "The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.", + "title": "Grantee" }, - "SnapshotCopyGrantName": { - "markdownDescription": "The name of the snapshot copy grant.", - "title": "SnapshotCopyGrantName", + "Permission": { + "markdownDescription": "The type of access that you are granting to your S3 data, which can be set to one of the following values:\n\n- `READ` \u2013 Grant read-only access to the S3 data.\n- `WRITE` \u2013 Grant write-only access to the S3 data.\n- `READWRITE` \u2013 Grant both read and write access to the S3 data.", + "title": "Permission", "type": "string" }, - "SnapshotCopyManual": { - "markdownDescription": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.", - "title": "SnapshotCopyManual", - "type": "boolean" - }, - "SnapshotCopyRetentionPeriod": { - "markdownDescription": "The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region .\n\nBy default, this only changes the retention period of copied automated snapshots.\n\nIf you decrease the retention period for automated snapshots that are copied to a destination AWS Region , Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.\n\nConstraints: Must be at least 1 and no more than 35 for automated snapshots.\n\nIf you specify the `manual` option, only newly copied manual snapshots will have the new retention period.\n\nIf you specify the value of -1 newly copied manual snapshots are retained indefinitely.\n\nConstraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.", - "title": "SnapshotCopyRetentionPeriod", - "type": "number" - }, - "SnapshotIdentifier": { - "markdownDescription": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. You must specify this parameter or `snapshotArn` , but not both.\n\nExample: `my-snapshot-id`", - "title": "SnapshotIdentifier", + "S3PrefixType": { + "markdownDescription": "The type of `S3SubPrefix` . The only possible value is `Object` . Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.", + "title": "S3PrefixType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tag instances.", + "markdownDescription": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", "title": "Tags", "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n\nDefault: The default VPC security group is associated with the cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "required": [ - "ClusterType", - "DBName", - "MasterUsername", - "NodeType" + "AccessGrantsLocationId", + "Grantee", + "Permission" ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::Cluster" + "AWS::S3::AccessGrant" ], "type": "string" }, @@ -227175,39 +277821,41 @@ ], "type": "object" }, - "AWS::Redshift::Cluster.Endpoint": { + "AWS::S3::AccessGrant.AccessGrantsLocationConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The DNS address of the cluster. This property is read only.", - "title": "Address", - "type": "string" - }, - "Port": { - "markdownDescription": "The port that the database engine is listening on. This property is read only.", - "title": "Port", + "S3SubPrefix": { + "markdownDescription": "The `S3SubPrefix` is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default location `s3://` because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default location `s3://` , the `S3SubPrefx` can be a `/*` , so the full grant scope path would be `s3:///*` . Or the `S3SubPrefx` can be `/*` , so the full grant scope path would be `s3:///*` .\n\nIf the `S3SubPrefix` includes a prefix, append the wildcard character `*` after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.", + "title": "S3SubPrefix", "type": "string" } }, + "required": [ + "S3SubPrefix" + ], "type": "object" }, - "AWS::Redshift::Cluster.LoggingProperties": { + "AWS::S3::AccessGrant.Grantee": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of an existing S3 bucket where the log files are to be stored.\n\nConstraints:\n\n- Must be in the same region as the cluster\n- The cluster must have read bucket and put object permissions", - "title": "BucketName", + "GranteeIdentifier": { + "markdownDescription": "The unique identifier of the `Grantee` . If the grantee type is `IAM` , the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . You can obtain this UUID from your AWS IAM Identity Center instance.", + "title": "GranteeIdentifier", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "The prefix applied to the log file names.\n\nValid characters are any letter from any language, any whitespace character, any numeric character, and the following characters: underscore ( `_` ), period ( `.` ), colon ( `:` ), slash ( `/` ), equal ( `=` ), plus ( `+` ), backslash ( `\\` ), hyphen ( `-` ), at symbol ( `@` ).", - "title": "S3KeyPrefix", + "GranteeType": { + "markdownDescription": "The type of the grantee to which access has been granted. It can be one of the following values:\n\n- `IAM` - An IAM user or role.\n- `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.\n- `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.", + "title": "GranteeType", "type": "string" } }, + "required": [ + "GranteeIdentifier", + "GranteeType" + ], "type": "object" }, - "AWS::Redshift::ClusterParameterGroup": { + "AWS::S3::AccessGrantsInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -227242,47 +277890,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the parameter group.", - "title": "Description", - "type": "string" - }, - "ParameterGroupFamily": { - "markdownDescription": "The name of the cluster parameter group family that this cluster parameter group is compatible with. You can create a custom parameter group and then associate your cluster with it. For more information, see [Amazon Redshift parameter groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html) .", - "title": "ParameterGroupFamily", - "type": "string" - }, - "ParameterGroupName": { - "markdownDescription": "The name of the cluster parameter group.", - "title": "ParameterGroupName", + "IdentityCenterArn": { + "markdownDescription": "If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center.", + "title": "IdentityCenterArn", "type": "string" }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::Redshift::ClusterParameterGroup.Parameter" - }, - "markdownDescription": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.\n\nFor each parameter to be modified, you must supply at least the parameter name and parameter value; other name-value pairs of the parameter are optional.\n\nFor the workload management (WLM) configuration, you must supply all the name-value pairs in the wlm_json_configuration parameter.", - "title": "Parameters", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags for the cluster parameter group.", + "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", "title": "Tags", "type": "array" } }, - "required": [ - "Description", - "ParameterGroupFamily" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::ClusterParameterGroup" + "AWS::S3::AccessGrantsInstance" ], "type": "string" }, @@ -227296,32 +277922,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Redshift::ClusterParameterGroup.Parameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "The name of the parameter.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "The value of the parameter. If `ParameterName` is `wlm_json_configuration` , then the maximum size of `ParameterValue` is 8000 characters.", - "title": "ParameterValue", - "type": "string" - } - }, - "required": [ - "ParameterName", - "ParameterValue" + "Type" ], "type": "object" }, - "AWS::Redshift::ClusterSecurityGroup": { + "AWS::S3::AccessGrantsLocation": { "additionalProperties": false, "properties": { "Condition": { @@ -227356,28 +277961,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the security group.", - "title": "Description", + "IamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.", + "title": "IamRoleArn", + "type": "string" + }, + "LocationScope": { + "markdownDescription": "The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://` , the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.", + "title": "LocationScope", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this security group. Use tags to manage your resources.", + "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", "title": "Tags", "type": "array" } }, - "required": [ - "Description" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::ClusterSecurityGroup" + "AWS::S3::AccessGrantsLocation" ], "type": "string" }, @@ -227391,12 +277998,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Redshift::ClusterSecurityGroupIngress": { + "AWS::S3::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -227431,35 +278037,45 @@ "Properties": { "additionalProperties": false, "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to be added the Amazon Redshift security group.", - "title": "CIDRIP", + "Bucket": { + "markdownDescription": "The name of the bucket associated with this access point.", + "title": "Bucket", "type": "string" }, - "ClusterSecurityGroupName": { - "markdownDescription": "The name of the security group to which the ingress rule is added.", - "title": "ClusterSecurityGroupName", + "BucketAccountId": { + "markdownDescription": "The AWS account ID associated with the S3 bucket associated with this access point.", + "title": "BucketAccountId", "type": "string" }, - "EC2SecurityGroupName": { - "markdownDescription": "The EC2 security group to be added the Amazon Redshift security group.", - "title": "EC2SecurityGroupName", + "Name": { + "markdownDescription": "The name of this access point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", + "title": "Name", "type": "string" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "The AWS account number of the owner of the security group specified by the *EC2SecurityGroupName* parameter. The AWS Access Key ID is not an acceptable value.\n\nExample: `111122223333`\n\nConditional. If you specify the `EC2SecurityGroupName` property, you must specify this property.", - "title": "EC2SecurityGroupOwnerId", - "type": "string" + "Policy": { + "markdownDescription": "The access point policy associated with this access point.", + "title": "Policy", + "type": "object" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", + "title": "PublicAccessBlockConfiguration" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessPoint.VpcConfiguration", + "markdownDescription": "The Virtual Private Cloud (VPC) configuration for this access point, if one exists.", + "title": "VpcConfiguration" } }, "required": [ - "ClusterSecurityGroupName" + "Bucket" ], "type": "object" }, "Type": { "enum": [ - "AWS::Redshift::ClusterSecurityGroupIngress" + "AWS::S3::AccessPoint" ], "type": "string" }, @@ -227478,12 +278094,56 @@ ], "type": "object" }, - "AWS::Redshift::ClusterSubnetGroup": { + "AWS::S3::AccessPoint.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::AccessPoint.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "If this field is specified, the access point will only allow connections from the specified VPC ID.", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -227513,1510 +278173,1685 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the subnet group.", - "title": "Description", + "AccelerateConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.AccelerateConfiguration", + "markdownDescription": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide* .", + "title": "AccelerateConfiguration" + }, + "AccessControl": { + "markdownDescription": "> This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide* . \n\nA canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* .\n\nS3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n\nThe majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html) . For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide* .", + "title": "AccessControl", "type": "string" }, - "SubnetIds": { + "AnalyticsConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::S3::Bucket.AnalyticsConfiguration" }, - "markdownDescription": "An array of VPC subnet IDs. A maximum of 20 subnets can be modified in a single request.", - "title": "SubnetIds", + "markdownDescription": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", + "title": "AnalyticsConfigurations", + "type": "array" + }, + "BucketEncryption": { + "$ref": "#/definitions/AWS::S3::Bucket.BucketEncryption", + "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide* .", + "title": "BucketEncryption" + }, + "BucketName": { + "markdownDescription": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", + "type": "string" + }, + "CorsConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", + "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", + "title": "CorsConfiguration" + }, + "IntelligentTieringConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.IntelligentTieringConfiguration" + }, + "markdownDescription": "Defines how Amazon S3 handles Intelligent-Tiering storage.", + "title": "IntelligentTieringConfigurations", + "type": "array" + }, + "InventoryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.InventoryConfiguration" + }, + "markdownDescription": "Specifies the S3 Inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", + "title": "InventoryConfigurations", + "type": "array" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.LifecycleConfiguration", + "markdownDescription": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", + "title": "LifecycleConfiguration" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.LoggingConfiguration", + "markdownDescription": "Settings that define where logs are stored.", + "title": "LoggingConfiguration" + }, + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataConfiguration", + "markdownDescription": "The S3 Metadata configuration for a general purpose bucket.", + "title": "MetadataConfiguration" + }, + "MetadataTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableConfiguration", + "markdownDescription": "The metadata table configuration of an Amazon S3 general purpose bucket.", + "title": "MetadataTableConfiguration" + }, + "MetricsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.MetricsConfiguration" + }, + "markdownDescription": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", + "title": "MetricsConfigurations", "type": "array" }, + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationConfiguration", + "markdownDescription": "Configuration that defines how Amazon S3 handles bucket notifications.", + "title": "NotificationConfiguration" + }, + "ObjectLockConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockConfiguration", + "markdownDescription": "> This operation is not supported for directory buckets. \n\nPlaces an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) .\n\n> - The `DefaultRetention` settings require both a mode and a period.\n> - The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time.\n> - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) .", + "title": "ObjectLockConfiguration" + }, + "ObjectLockEnabled": { + "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", + "title": "ObjectLockEnabled", + "type": "boolean" + }, + "OwnershipControls": { + "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControls", + "markdownDescription": "Configuration that defines how Amazon S3 handles Object Ownership rules.", + "title": "OwnershipControls" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.PublicAccessBlockConfiguration", + "markdownDescription": "Configuration that defines how Amazon S3 handles public access.", + "title": "PublicAccessBlockConfiguration" + }, + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationConfiguration", + "markdownDescription": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the `VersioningConfiguration` property.\n\nAmazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.", + "title": "ReplicationConfiguration" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this subnet group. Use tags to manage your resources.", + "markdownDescription": "An arbitrary set of tags (key-value pairs) for this S3 bucket.", "title": "Tags", "type": "array" + }, + "VersioningConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.VersioningConfiguration", + "markdownDescription": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n\n> When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations ( `PUT` or `DELETE` ) on objects in the bucket.", + "title": "VersioningConfiguration" + }, + "WebsiteConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.WebsiteConfiguration", + "markdownDescription": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) .", + "title": "WebsiteConfiguration" } }, - "required": [ - "Description", - "SubnetIds" - ], "type": "object" }, - "Type": { - "enum": [ - "AWS::Redshift::ClusterSubnetGroup" - ], + "Type": { + "enum": [ + "AWS::S3::Bucket" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::S3::Bucket.AbortIncompleteMultipartUpload": { + "additionalProperties": false, + "properties": { + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.", + "title": "DaysAfterInitiation", + "type": "number" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "AWS::S3::Bucket.AccelerateConfiguration": { + "additionalProperties": false, + "properties": { + "AccelerationStatus": { + "markdownDescription": "Specifies the transfer acceleration status of the bucket.", + "title": "AccelerationStatus", + "type": "string" + } + }, + "required": [ + "AccelerationStatus" + ], + "type": "object" + }, + "AWS::S3::Bucket.AccessControlTranslation": { + "additionalProperties": false, + "properties": { + "Owner": { + "markdownDescription": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference* .", + "title": "Owner", + "type": "string" + } + }, + "required": [ + "Owner" + ], + "type": "object" + }, + "AWS::S3::Bucket.AnalyticsConfiguration": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID that identifies the analytics configuration.", + "title": "Id", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix that an object must have to be included in the analytics results.", + "title": "Prefix", + "type": "string" + }, + "StorageClassAnalysis": { + "$ref": "#/definitions/AWS::S3::Bucket.StorageClassAnalysis", + "markdownDescription": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.", + "title": "StorageClassAnalysis" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "The tags to use when evaluating an analytics filter.\n\nThe analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.", + "title": "TagFilters", + "type": "array" + } + }, + "required": [ + "Id", + "StorageClassAnalysis" + ], + "type": "object" + }, + "AWS::S3::Bucket.BucketEncryption": { + "additionalProperties": false, + "properties": { + "ServerSideEncryptionConfiguration": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionRule" + }, + "markdownDescription": "Specifies the default server-side-encryption configuration.", + "title": "ServerSideEncryptionConfiguration", + "type": "array" + } + }, + "required": [ + "ServerSideEncryptionConfiguration" + ], + "type": "object" + }, + "AWS::S3::Bucket.CorsConfiguration": { + "additionalProperties": false, + "properties": { + "CorsRules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.CorsRule" + }, + "markdownDescription": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.", + "title": "CorsRules", + "type": "array" + } + }, + "required": [ + "CorsRules" + ], + "type": "object" + }, + "AWS::S3::Bucket.CorsRule": { + "additionalProperties": false, + "properties": { + "AllowedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "Headers that are specified in the `Access-Control-Request-Headers` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.", + "title": "AllowedHeaders", + "type": "array" + }, + "AllowedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "An HTTP method that you allow the origin to run.\n\n*Allowed values* : `GET` | `PUT` | `HEAD` | `POST` | `DELETE`", + "title": "AllowedMethods", + "type": "array" + }, + "AllowedOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more origins you want customers to be able to access the bucket from.", + "title": "AllowedOrigins", + "type": "array" + }, + "ExposedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).", + "title": "ExposedHeaders", + "type": "array" + }, + "Id": { + "markdownDescription": "A unique identifier for this rule. The value must be no more than 255 characters.", + "title": "Id", + "type": "string" + }, + "MaxAge": { + "markdownDescription": "The time in seconds that your browser is to cache the preflight response for the specified resource.", + "title": "MaxAge", + "type": "number" + } + }, + "required": [ + "AllowedMethods", + "AllowedOrigins" + ], + "type": "object" + }, + "AWS::S3::Bucket.DataExport": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.Destination", + "markdownDescription": "The place to store the data for an analysis.", + "title": "Destination" + }, + "OutputSchemaVersion": { + "markdownDescription": "The version of the output schema to use when exporting data. Must be `V_1` .", + "title": "OutputSchemaVersion", + "type": "string" + } + }, + "required": [ + "Destination", + "OutputSchemaVersion" + ], + "type": "object" + }, + "AWS::S3::Bucket.DefaultRetention": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Days", + "type": "number" + }, + "Mode": { + "markdownDescription": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Mode", + "type": "string" + }, + "Years": { + "markdownDescription": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Years", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.DeleteMarkerReplication": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Indicates whether to replicate delete markers. Disabled by default.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.Destination": { + "additionalProperties": false, + "properties": { + "BucketAccountId": { + "markdownDescription": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n\n> Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.", + "title": "BucketAccountId", + "type": "string" + }, + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bucket to which data is exported.", + "title": "BucketArn", + "type": "string" + }, + "Format": { + "markdownDescription": "Specifies the file format used when exporting data to Amazon S3.\n\n*Allowed values* : `CSV` | `ORC` | `Parquet`", + "title": "Format", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix to use when exporting data. The prefix is prepended to all results.", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "BucketArn", + "Format" + ], + "type": "object" + }, + "AWS::S3::Bucket.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "ReplicaKmsKeyID": { + "markdownDescription": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "ReplicaKmsKeyID", + "type": "string" + } + }, + "required": [ + "ReplicaKmsKeyID" + ], + "type": "object" + }, + "AWS::S3::Bucket.EventBridgeConfiguration": { + "additionalProperties": false, + "properties": { + "EventBridgeEnabled": { + "markdownDescription": "Enables delivery of events to Amazon EventBridge.", + "title": "EventBridgeEnabled", + "type": "boolean" + } + }, + "required": [ + "EventBridgeEnabled" + ], + "type": "object" + }, + "AWS::S3::Bucket.FilterRule": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that the filter searches for in object key names.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::S3::Bucket.IntelligentTieringConfiguration": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID used to identify the S3 Intelligent-Tiering configuration.", + "title": "Id", + "type": "string" + }, + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", + "title": "Prefix", + "type": "string" + }, + "Status": { + "markdownDescription": "Specifies the status of the configuration.", + "title": "Status", + "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "A container for a key-value pair.", + "title": "TagFilters", + "type": "array" + }, + "Tierings": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Tiering" + }, + "markdownDescription": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` .\n\n> You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.", + "title": "Tierings", + "type": "array" + } + }, + "required": [ + "Id", + "Status", + "Tierings" + ], + "type": "object" + }, + "AWS::S3::Bucket.InventoryConfiguration": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.Destination", + "markdownDescription": "Contains information about where to publish the inventory results.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Specifies whether the inventory is enabled or disabled. If set to `True` , an inventory list is generated. If set to `False` , no inventory list is generated.", + "title": "Enabled", + "type": "boolean" + }, + "Id": { + "markdownDescription": "The ID used to identify the inventory configuration.", + "title": "Id", + "type": "string" + }, + "IncludedObjectVersions": { + "markdownDescription": "Object versions to include in the inventory list. If set to `All` , the list includes all the object versions, which adds the version-related fields `VersionId` , `IsLatest` , and `DeleteMarker` to the list. If set to `Current` , the list does not contain these version-related fields.", + "title": "IncludedObjectVersions", + "type": "string" + }, + "OptionalFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains the optional fields that are included in the inventory results.", + "title": "OptionalFields", + "type": "array" + }, + "Prefix": { + "markdownDescription": "Specifies the inventory filter prefix.", + "title": "Prefix", + "type": "string" + }, + "ScheduleFrequency": { + "markdownDescription": "Specifies the schedule for generating inventory results.", + "title": "ScheduleFrequency", + "type": "string" + } + }, + "required": [ + "Destination", + "Enabled", + "Id", + "IncludedObjectVersions", + "ScheduleFrequency" + ], + "type": "object" + }, + "AWS::S3::Bucket.InventoryTableConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationState": { + "markdownDescription": "The configuration state of the inventory table, indicating whether the inventory table is enabled or disabled.", + "title": "ConfigurationState", + "type": "string" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableEncryptionConfiguration", + "markdownDescription": "The encryption configuration for the inventory table.", + "title": "EncryptionConfiguration" + }, + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the inventory table.", + "title": "TableArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the inventory table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "ConfigurationState" + ], + "type": "object" + }, + "AWS::S3::Bucket.JournalTableConfiguration": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableEncryptionConfiguration", + "markdownDescription": "The encryption configuration for the journal table.", + "title": "EncryptionConfiguration" + }, + "RecordExpiration": { + "$ref": "#/definitions/AWS::S3::Bucket.RecordExpiration", + "markdownDescription": "The journal table record expiration settings for the journal table.", + "title": "RecordExpiration" + }, + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the journal table.", + "title": "TableArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableName": { + "markdownDescription": "The name of the journal table.", + "title": "TableName", "type": "string" } }, "required": [ - "Type", - "Properties" + "RecordExpiration" ], "type": "object" }, - "AWS::Redshift::EndpointAccess": { + "AWS::S3::Bucket.LambdaConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Event": { + "markdownDescription": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterIdentifier": { - "markdownDescription": "The cluster identifier of the cluster associated with the endpoint.", - "title": "ClusterIdentifier", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint.", - "title": "EndpointName", - "type": "string" - }, - "ResourceOwner": { - "markdownDescription": "The AWS account ID of the owner of the cluster.", - "title": "ResourceOwner", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The subnet group name where Amazon Redshift chooses to deploy the endpoint.", - "title": "SubnetGroupName", - "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", - "title": "VpcSecurityGroupIds", - "type": "array" - } - }, - "required": [ - "ClusterIdentifier", - "EndpointName", - "SubnetGroupName", - "VpcSecurityGroupIds" - ], - "type": "object" + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", + "title": "Filter" }, - "Type": { - "enum": [ - "AWS::Redshift::EndpointAccess" - ], + "Function": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.", + "title": "Function", "type": "string" + } + }, + "required": [ + "Event", + "Function" + ], + "type": "object" + }, + "AWS::S3::Bucket.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Rule" + }, + "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 bucket.", + "title": "Rules", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TransitionDefaultMinimumObjectSize": { + "markdownDescription": "Indicates which default minimum object size behavior is applied to the lifecycle configuration.\n\n> This parameter applies to general purpose buckets only. It isn't supported for directory bucket lifecycle configurations. \n\n- `all_storage_classes_128K` - Objects smaller than 128 KB will not transition to any storage class by default.\n- `varies_by_storage_class` - Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes. By default, all other storage classes will prevent transitions smaller than 128 KB.\n\nTo customize the minimum object size for any transition you can add a filter that specifies a custom `ObjectSizeGreaterThan` or `ObjectSizeLessThan` in the body of your transition rule. Custom filters always take precedence over the default transition behavior.", + "title": "TransitionDefaultMinimumObjectSize", "type": "string" } }, "required": [ - "Type", - "Properties" + "Rules" ], "type": "object" }, - "AWS::Redshift::EndpointAccess.NetworkInterface": { + "AWS::S3::Bucket.LoggingConfiguration": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.", - "title": "AvailabilityZone", + "DestinationBucketName": { + "markdownDescription": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the `LoggingConfiguration` property is defined.", + "title": "DestinationBucketName", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface identifier.", - "title": "NetworkInterfaceId", + "LogFilePrefix": { + "markdownDescription": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", + "title": "LogFilePrefix", "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The IPv4 address of the network interface within the subnet.", - "title": "PrivateIpAddress", + "TargetObjectKeyFormat": { + "$ref": "#/definitions/AWS::S3::Bucket.TargetObjectKeyFormat", + "markdownDescription": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.", + "title": "TargetObjectKeyFormat" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.MetadataConfiguration": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataDestination", + "markdownDescription": "The destination information for the S3 Metadata configuration.", + "title": "Destination" + }, + "InventoryTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.InventoryTableConfiguration", + "markdownDescription": "The inventory table configuration for a metadata configuration.", + "title": "InventoryTableConfiguration" + }, + "JournalTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.JournalTableConfiguration", + "markdownDescription": "The journal table configuration for a metadata configuration.", + "title": "JournalTableConfiguration" + } + }, + "required": [ + "JournalTableConfiguration" + ], + "type": "object" + }, + "AWS::S3::Bucket.MetadataDestination": { + "additionalProperties": false, + "properties": { + "TableBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the table bucket where the metadata configuration is stored.", + "title": "TableBucketArn", "type": "string" }, - "SubnetId": { - "markdownDescription": "The subnet identifier.", - "title": "SubnetId", + "TableBucketType": { + "markdownDescription": "The type of the table bucket where the metadata configuration is stored. The `aws` value indicates an AWS managed table bucket, and the `customer` value indicates a customer-managed table bucket. V2 metadata configurations are stored in AWS managed table buckets, and V1 metadata configurations are stored in customer-managed table buckets.", + "title": "TableBucketType", + "type": "string" + }, + "TableNamespace": { + "markdownDescription": "The namespace in the table bucket where the metadata tables for a metadata configuration are stored.", + "title": "TableNamespace", "type": "string" } }, + "required": [ + "TableBucketType" + ], "type": "object" }, - "AWS::Redshift::EndpointAccess.VpcEndpoint": { + "AWS::S3::Bucket.MetadataTableConfiguration": { "additionalProperties": false, "properties": { - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::Redshift::EndpointAccess.NetworkInterface" - }, - "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", - "title": "NetworkInterfaces", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.", - "title": "VpcEndpointId", + "S3TablesDestination": { + "$ref": "#/definitions/AWS::S3::Bucket.S3TablesDestination", + "markdownDescription": "The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "S3TablesDestination" + } + }, + "required": [ + "S3TablesDestination" + ], + "type": "object" + }, + "AWS::S3::Bucket.MetadataTableEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "If server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS) is specified, you must also specify the KMS key Amazon Resource Name (ARN). You must specify a customer-managed KMS key that's located in the same Region as the general purpose bucket that corresponds to the metadata table configuration.", + "title": "KmsKeyArn", "type": "string" }, - "VpcId": { - "markdownDescription": "The VPC identifier that the endpoint is associated.", - "title": "VpcId", + "SseAlgorithm": { + "markdownDescription": "The encryption type specified for a metadata table. To specify server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS), use the `aws:kms` value. To specify server-side encryption with Amazon S3 managed keys (SSE-S3), use the `AES256` value.", + "title": "SseAlgorithm", "type": "string" } }, + "required": [ + "SseAlgorithm" + ], "type": "object" }, - "AWS::Redshift::EndpointAccess.VpcSecurityGroup": { + "AWS::S3::Bucket.Metrics": { "additionalProperties": false, "properties": { + "EventThreshold": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", + "markdownDescription": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", + "title": "EventThreshold" + }, "Status": { - "markdownDescription": "The status of the endpoint.", + "markdownDescription": "Specifies whether the replication metrics are enabled.", "title": "Status", "type": "string" - }, - "VpcSecurityGroupId": { - "markdownDescription": "The identifier of the VPC security group.", - "title": "VpcSecurityGroupId", - "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, - "AWS::Redshift::EndpointAuthorization": { + "AWS::S3::Bucket.MetricsConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AccessPointArn": { + "markdownDescription": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.", + "title": "AccessPointArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Prefix": { + "markdownDescription": "The prefix that an object must have to be included in the metrics results.", + "title": "Prefix", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Account": { - "markdownDescription": "The AWS account ID of either the cluster owner (grantor) or grantee. If `Grantee` parameter is true, then the `Account` value is of the grantor.", - "title": "Account", - "type": "string" - }, - "ClusterIdentifier": { - "markdownDescription": "The cluster identifier.", - "title": "ClusterIdentifier", - "type": "string" - }, - "Force": { - "markdownDescription": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted.", - "title": "Force", - "type": "boolean" - }, - "VpcIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The virtual private cloud (VPC) identifiers to grant access to.", - "title": "VpcIds", - "type": "array" - } + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" }, - "required": [ - "Account", - "ClusterIdentifier" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Redshift::EndpointAuthorization" - ], - "type": "string" + "markdownDescription": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.", + "title": "TagFilters", + "type": "array" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::S3::Bucket.NoncurrentVersionExpiration": { + "additionalProperties": false, + "properties": { + "NewerNoncurrentVersions": { + "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", + "title": "NewerNoncurrentVersions", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "NoncurrentDays": { + "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", + "title": "NoncurrentDays", + "type": "number" } }, "required": [ - "Type", - "Properties" + "NoncurrentDays" ], "type": "object" }, - "AWS::Redshift::EventSubscription": { + "AWS::S3::Bucket.NoncurrentVersionTransition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "NewerNoncurrentVersions": { + "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", + "title": "NewerNoncurrentVersions", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StorageClass": { + "markdownDescription": "The class of storage used to store the object.", + "title": "StorageClass", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TransitionInDays": { + "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", + "title": "TransitionInDays", + "type": "number" + } + }, + "required": [ + "StorageClass", + "TransitionInDays" + ], + "type": "object" + }, + "AWS::S3::Bucket.NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "EventBridgeConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.EventBridgeConfiguration", + "markdownDescription": "Enables delivery of events to Amazon EventBridge.", + "title": "EventBridgeConfiguration" }, - "Metadata": { - "type": "object" + "LambdaConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.LambdaConfiguration" + }, + "markdownDescription": "Describes the AWS Lambda functions to invoke and the events for which to invoke them.", + "title": "LambdaConfigurations", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A boolean value; set to `true` to activate the subscription, and set to `false` to create the subscription but not activate it.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the Amazon Redshift event categories to be published by the event notification subscription.\n\nValues: configuration, management, monitoring, security, pending", - "title": "EventCategories", - "type": "array" - }, - "Severity": { - "markdownDescription": "Specifies the Amazon Redshift event severity to be published by the event notification subscription.\n\nValues: ERROR, INFO", - "title": "Severity", - "type": "string" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", - "title": "SnsTopicArn", - "type": "string" - }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of one or more identifiers of Amazon Redshift source objects. All of the objects must be of the same type as was specified in the source type parameter. The event subscription will return only events generated by the specified objects. If not specified, then events are returned for all objects within the source type specified.\n\nExample: my-cluster-1, my-cluster-2\n\nExample: my-snapshot-20131010", - "title": "SourceIds", - "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of source that will be generating the events. For example, if you want to be notified of events generated by a cluster, you would set this parameter to cluster. If this value is not specified, events are returned for all Amazon Redshift objects in your AWS account . You must specify a source type in order to specify source IDs.\n\nValid values: cluster, cluster-parameter-group, cluster-security-group, cluster-snapshot, and scheduled-action.", - "title": "SourceType", - "type": "string" - }, - "SubscriptionName": { - "markdownDescription": "The name of the event subscription to be created.\n\nConstraints:\n\n- Cannot be null, empty, or blank.\n- Must contain from 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "SubscriptionName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag instances.", - "title": "Tags", - "type": "array" - } + "QueueConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.QueueConfiguration" }, - "required": [ - "SubscriptionName" - ], - "type": "object" + "markdownDescription": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.", + "title": "QueueConfigurations", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Redshift::EventSubscription" - ], + "TopicConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TopicConfiguration" + }, + "markdownDescription": "The topic to which notifications are sent and the events for which notifications are generated.", + "title": "TopicConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.NotificationFilter": { + "additionalProperties": false, + "properties": { + "S3Key": { + "$ref": "#/definitions/AWS::S3::Bucket.S3KeyFilter", + "markdownDescription": "A container for object key name prefix and suffix filtering rules.", + "title": "S3Key" + } + }, + "required": [ + "S3Key" + ], + "type": "object" + }, + "AWS::S3::Bucket.ObjectLockConfiguration": { + "additionalProperties": false, + "properties": { + "ObjectLockEnabled": { + "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", + "title": "ObjectLockEnabled", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Rule": { + "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockRule", + "markdownDescription": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply `ObjectLockConfiguration` to a bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", + "title": "Rule" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ObjectLockRule": { + "additionalProperties": false, + "properties": { + "DefaultRetention": { + "$ref": "#/definitions/AWS::S3::Bucket.DefaultRetention", + "markdownDescription": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", + "title": "DefaultRetention" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.OwnershipControls": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControlsRule" + }, + "markdownDescription": "Specifies the container element for Object Ownership rules.", + "title": "Rules", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Rules" ], "type": "object" }, - "AWS::Redshift::ScheduledAction": { + "AWS::S3::Bucket.OwnershipControlsRule": { "additionalProperties": false, "properties": { - "Condition": { + "ObjectOwnership": { + "markdownDescription": "Specifies an object ownership rule.", + "title": "ObjectOwnership", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::S3::Bucket.PartitionedPrefix": { + "additionalProperties": false, + "properties": { + "PartitionDateSource": { + "markdownDescription": "Specifies the partition date source for the partitioned prefix. `PartitionDateSource` can be `EventTime` or `DeliveryTime` .\n\nFor `DeliveryTime` , the time in the log file names corresponds to the delivery time for the log files.\n\nFor `EventTime` , The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.", + "title": "PartitionDateSource", "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" }, - "Metadata": { - "type": "object" + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "If true, the schedule is enabled. If false, the scheduled action does not trigger. For more information about `state` of the scheduled action, see `ScheduledAction` .", - "title": "Enable", - "type": "boolean" - }, - "EndTime": { - "markdownDescription": "The end time in UTC when the schedule is no longer active. After this time, the scheduled action does not trigger.", - "title": "EndTime", - "type": "string" - }, - "IamRole": { - "markdownDescription": "The IAM role to assume to run the scheduled action. This IAM role must have permission to run the Amazon Redshift API operation in the scheduled action. This IAM role must allow the Amazon Redshift scheduler (Principal scheduler.redshift.amazonaws.com) to assume permissions on your behalf. For more information about the IAM role to use with the Amazon Redshift scheduler, see [Using Identity-Based Policies for Amazon Redshift](https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-identity-based.html) in the *Amazon Redshift Cluster Management Guide* .", - "title": "IamRole", - "type": "string" - }, - "Schedule": { - "markdownDescription": "The schedule for a one-time (at format) or recurring (cron format) scheduled action. Schedule invocations must be separated by at least one hour.\n\nFormat of at expressions is \" `at(yyyy-mm-ddThh:mm:ss)` \". For example, \" `at(2016-03-04T17:27:00)` \".\n\nFormat of cron expressions is \" `cron(Minutes Hours Day-of-month Month Day-of-week Year)` \". For example, \" `cron(0 10 ? * MON *)` \". For more information, see [Cron Expressions](https://docs.aws.amazon.com//AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) in the *Amazon CloudWatch Events User Guide* .", - "title": "Schedule", - "type": "string" - }, - "ScheduledActionDescription": { - "markdownDescription": "The description of the scheduled action.", - "title": "ScheduledActionDescription", - "type": "string" - }, - "ScheduledActionName": { - "markdownDescription": "The name of the scheduled action.", - "title": "ScheduledActionName", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The start time in UTC when the schedule is active. Before this time, the scheduled action does not trigger.", - "title": "StartTime", - "type": "string" - }, - "TargetAction": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ScheduledActionType", - "markdownDescription": "A JSON format string of the Amazon Redshift API operation with input parameters.\n\n\" `{\\\"ResizeCluster\\\":{\\\"NodeType\\\":\\\"ra3.4xlarge\\\",\\\"ClusterIdentifier\\\":\\\"my-test-cluster\\\",\\\"NumberOfNodes\\\":3}}` \".", - "title": "TargetAction" - } - }, - "required": [ - "ScheduledActionName" - ], - "type": "object" + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.QueueConfiguration": { + "additionalProperties": false, + "properties": { + "Event": { + "markdownDescription": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Redshift::ScheduledAction" - ], + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", + "title": "Filter" + }, + "Queue": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.", + "title": "Queue", "type": "string" + } + }, + "required": [ + "Event", + "Queue" + ], + "type": "object" + }, + "AWS::S3::Bucket.RecordExpiration": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "If you enable journal table record expiration, you can set the number of days to retain your journal table records. Journal table records must be retained for a minimum of 7 days. To set this value, specify any whole number from `7` to `2147483647` . For example, to retain your journal table records for one year, set this value to `365` .", + "title": "Days", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expiration": { + "markdownDescription": "Specifies whether journal table record expiration is enabled or disabled.", + "title": "Expiration", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expiration" ], "type": "object" }, - "AWS::Redshift::ScheduledAction.PauseClusterMessage": { + "AWS::S3::Bucket.RedirectAllRequestsTo": { "additionalProperties": false, "properties": { - "ClusterIdentifier": { - "markdownDescription": "The identifier of the cluster to be paused.", - "title": "ClusterIdentifier", + "HostName": { + "markdownDescription": "Name of the host where requests are redirected.", + "title": "HostName", + "type": "string" + }, + "Protocol": { + "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", + "title": "Protocol", "type": "string" } }, "required": [ - "ClusterIdentifier" + "HostName" ], "type": "object" }, - "AWS::Redshift::ScheduledAction.ResizeClusterMessage": { + "AWS::S3::Bucket.RedirectRule": { "additionalProperties": false, "properties": { - "Classic": { - "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", - "title": "Classic", - "type": "boolean" + "HostName": { + "markdownDescription": "The host name to use in the redirect request.", + "title": "HostName", + "type": "string" }, - "ClusterIdentifier": { - "markdownDescription": "The unique identifier for the cluster to resize.", - "title": "ClusterIdentifier", + "HttpRedirectCode": { + "markdownDescription": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.", + "title": "HttpRedirectCode", "type": "string" }, - "ClusterType": { - "markdownDescription": "The new cluster type for the specified cluster.", - "title": "ClusterType", + "Protocol": { + "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", + "title": "Protocol", "type": "string" }, - "NodeType": { - "markdownDescription": "The new node type for the nodes you are adding. If not specified, the cluster's current node type is used.", - "title": "NodeType", + "ReplaceKeyPrefixWith": { + "markdownDescription": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix `docs/` (objects in the `docs/` folder) to `documents/` , you can set a condition block with `KeyPrefixEquals` set to `docs/` and in the Redirect set `ReplaceKeyPrefixWith` to `/documents` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "ReplaceKeyPrefixWith", "type": "string" }, - "NumberOfNodes": { - "markdownDescription": "The new number of nodes for the cluster. If not specified, the cluster's current number of nodes is used.", - "title": "NumberOfNodes", - "type": "number" + "ReplaceKeyWith": { + "markdownDescription": "The specific object key to use in the redirect request. For example, redirect request to `error.html` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyPrefixWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "ReplaceKeyWith", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ReplicaModifications": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Specifies whether Amazon S3 replicates modifications on replicas.\n\n*Allowed values* : `Enabled` | `Disabled`", + "title": "Status", + "type": "string" } }, "required": [ - "ClusterIdentifier" + "Status" ], "type": "object" }, - "AWS::Redshift::ScheduledAction.ResumeClusterMessage": { + "AWS::S3::Bucket.ReplicationConfiguration": { "additionalProperties": false, "properties": { - "ClusterIdentifier": { - "markdownDescription": "The identifier of the cluster to be resumed.", - "title": "ClusterIdentifier", + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide* .", + "title": "Role", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRule" + }, + "markdownDescription": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.", + "title": "Rules", + "type": "array" } }, "required": [ - "ClusterIdentifier" + "Role", + "Rules" ], "type": "object" }, - "AWS::Redshift::ScheduledAction.ScheduledActionType": { + "AWS::S3::Bucket.ReplicationDestination": { "additionalProperties": false, "properties": { - "PauseCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.PauseClusterMessage", - "markdownDescription": "An action that runs a `PauseCluster` API operation.", - "title": "PauseCluster" + "AccessControlTranslation": { + "$ref": "#/definitions/AWS::S3::Bucket.AccessControlTranslation", + "markdownDescription": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.", + "title": "AccessControlTranslation" }, - "ResizeCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResizeClusterMessage", - "markdownDescription": "An action that runs a `ResizeCluster` API operation.", - "title": "ResizeCluster" + "Account": { + "markdownDescription": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS account that owns the destination bucket by specifying the `AccessControlTranslation` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide* .\n\nIf you specify the `AccessControlTranslation` property, the `Account` property is required.", + "title": "Account", + "type": "string" }, - "ResumeCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResumeClusterMessage", - "markdownDescription": "An action that runs a `ResumeCluster` API operation.", - "title": "ResumeCluster" + "Bucket": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.", + "title": "Bucket", + "type": "string" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.EncryptionConfiguration", + "markdownDescription": "Specifies encryption-related information.", + "title": "EncryptionConfiguration" + }, + "Metrics": { + "$ref": "#/definitions/AWS::S3::Bucket.Metrics", + "markdownDescription": "A container specifying replication metrics-related settings enabling replication metrics and events.", + "title": "Metrics" + }, + "ReplicationTime": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTime", + "markdownDescription": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a `Metrics` block.", + "title": "ReplicationTime" + }, + "StorageClass": { + "markdownDescription": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* .\n\n`FSX_OPENZFS` is not an accepted value when replicating objects.", + "title": "StorageClass", + "type": "string" } }, + "required": [ + "Bucket" + ], "type": "object" }, - "AWS::RedshiftServerless::Namespace": { + "AWS::S3::Bucket.ReplicationRule": { "additionalProperties": false, "properties": { - "Condition": { + "DeleteMarkerReplication": { + "$ref": "#/definitions/AWS::S3::Bucket.DeleteMarkerReplication", + "markdownDescription": "Specifies whether Amazon S3 replicates delete markers. If you specify a `Filter` in your replication configuration, you must also include a `DeleteMarkerReplication` element. If your `Filter` includes a `Tag` element, the `DeleteMarkerReplication` `Status` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config) .\n\nFor more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html) .\n\n> If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations) .", + "title": "DeleteMarkerReplication" + }, + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationDestination", + "markdownDescription": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).", + "title": "Destination" + }, + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleFilter", + "markdownDescription": "A filter that identifies the subset of objects to which the replication rule applies. A `Filter` must specify exactly one `Prefix` , `TagFilter` , or an `And` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n\n> V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.", + "title": "Filter" + }, + "Id": { + "markdownDescription": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".", + "title": "Id", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Priority": { + "markdownDescription": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.\n\nFor more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide* .", + "title": "Priority", + "type": "number" }, - "Metadata": { - "type": "object" + "SourceSelectionCriteria": { + "$ref": "#/definitions/AWS::S3::Bucket.SourceSelectionCriteria", + "markdownDescription": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.", + "title": "SourceSelectionCriteria" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdminPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if `ManageAdminPassword` is `true` .", - "title": "AdminPasswordSecretKmsKeyId", - "type": "string" - }, - "AdminUserPassword": { - "markdownDescription": "The password of the administrator for the primary database created in the namespace.", - "title": "AdminUserPassword", - "type": "string" - }, - "AdminUsername": { - "markdownDescription": "The username of the administrator for the primary database created in the namespace.", - "title": "AdminUsername", - "type": "string" - }, - "DbName": { - "markdownDescription": "The name of the primary database created in the namespace.", - "title": "DbName", - "type": "string" - }, - "DefaultIamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", - "title": "DefaultIamRoleArn", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The name of the snapshot to be created before the namespace is deleted.", - "title": "FinalSnapshotName", - "type": "string" - }, - "FinalSnapshotRetentionPeriod": { - "markdownDescription": "How long to retain the final snapshot.", - "title": "FinalSnapshotRetentionPeriod", - "type": "number" - }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM roles to associate with the namespace.", - "title": "IamRoles", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", - "title": "KmsKeyId", - "type": "string" - }, - "LogExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of logs the namespace can export. Available export types are `userlog` , `connectionlog` , and `useractivitylog` .", - "title": "LogExports", - "type": "array" - }, - "ManageAdminPassword": { - "markdownDescription": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use `AdminUserPassword` if `ManageAdminPassword` is true. If `ManageAdminPassword` is `false` or not set, Amazon Redshift uses `AdminUserPassword` for the admin user account's password.", - "title": "ManageAdminPassword", - "type": "boolean" - }, - "NamespaceName": { - "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "NamespaceName", - "type": "string" - }, - "NamespaceResourcePolicy": { - "markdownDescription": "The resource policy that will be attached to the namespace.", - "title": "NamespaceResourcePolicy", - "type": "object" - }, - "RedshiftIdcApplicationArn": { - "markdownDescription": "The ARN for the Redshift application that integrates with IAM Identity Center.", - "title": "RedshiftIdcApplicationArn", - "type": "string" - }, - "SnapshotCopyConfigurations": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration" - }, - "markdownDescription": "", - "title": "SnapshotCopyConfigurations", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The map of the key-value pairs used to tag the namespace.", - "title": "Tags", - "type": "array" - } + "Status": { + "markdownDescription": "Specifies whether the rule is enabled.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Destination", + "Status" + ], + "type": "object" + }, + "AWS::S3::Bucket.ReplicationRuleAndOperator": { + "additionalProperties": false, + "properties": { + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", + "title": "Prefix", + "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" }, - "required": [ - "NamespaceName" - ], - "type": "object" + "markdownDescription": "An array of tags containing key and value pairs.", + "title": "TagFilters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ReplicationRuleFilter": { + "additionalProperties": false, + "properties": { + "And": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleAndOperator", + "markdownDescription": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:\n\n- If you specify both a `Prefix` and a `TagFilter` , wrap these filters in an `And` tag.\n- If you specify a filter based on multiple tags, wrap the `TagFilter` elements in an `And` tag.", + "title": "And" }, - "Type": { - "enum": [ - "AWS::RedshiftServerless::Namespace" - ], + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TagFilter": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter", + "markdownDescription": "A container for specifying a tag key and value.\n\nThe rule applies only to objects that have the tag in their tag set.", + "title": "TagFilter" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ReplicationTime": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Specifies whether the replication time is enabled.", + "title": "Status", "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", + "markdownDescription": "A container specifying the time by which replication should be complete for all objects and operations on objects.", + "title": "Time" } }, "required": [ - "Type", - "Properties" + "Status", + "Time" ], "type": "object" }, - "AWS::RedshiftServerless::Namespace.Namespace": { + "AWS::S3::Bucket.ReplicationTimeValue": { "additionalProperties": false, "properties": { - "AdminPasswordSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the namespace's admin user credentials secret.", - "title": "AdminPasswordSecretArn", - "type": "string" + "Minutes": { + "markdownDescription": "Contains an integer specifying time in minutes.\n\nValid value: 15", + "title": "Minutes", + "type": "number" + } + }, + "required": [ + "Minutes" + ], + "type": "object" + }, + "AWS::S3::Bucket.RoutingRule": { + "additionalProperties": false, + "properties": { + "RedirectRule": { + "$ref": "#/definitions/AWS::S3::Bucket.RedirectRule", + "markdownDescription": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.", + "title": "RedirectRule" }, - "AdminPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret.", - "title": "AdminPasswordSecretKmsKeyId", + "RoutingRuleCondition": { + "$ref": "#/definitions/AWS::S3::Bucket.RoutingRuleCondition", + "markdownDescription": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the `/docs` folder, redirect to the `/documents` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.", + "title": "RoutingRuleCondition" + } + }, + "required": [ + "RedirectRule" + ], + "type": "object" + }, + "AWS::S3::Bucket.RoutingRuleCondition": { + "additionalProperties": false, + "properties": { + "HttpErrorCodeReturnedEquals": { + "markdownDescription": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n\nRequired when parent element `Condition` is specified and sibling `KeyPrefixEquals` is not specified. If both are specified, then both must be true for the redirect to be applied.", + "title": "HttpErrorCodeReturnedEquals", "type": "string" }, - "AdminUsername": { - "markdownDescription": "The username of the administrator for the first database created in the namespace.", - "title": "AdminUsername", + "KeyPrefixEquals": { + "markdownDescription": "The object key name prefix when the redirect is applied. For example, to redirect requests for `ExamplePage.html` , the key prefix will be `ExamplePage.html` . To redirect request for all pages with the prefix `docs/` , the key prefix will be `docs/` , which identifies all objects in the docs/ folder.\n\nRequired when the parent element `Condition` is specified and sibling `HttpErrorCodeReturnedEquals` is not specified. If both conditions are specified, both must be true for the redirect to be applied.", + "title": "KeyPrefixEquals", "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.Rule": { + "additionalProperties": false, + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3::Bucket.AbortIncompleteMultipartUpload", + "markdownDescription": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.", + "title": "AbortIncompleteMultipartUpload" }, - "CreationDate": { - "markdownDescription": "The date of when the namespace was created.", - "title": "CreationDate", + "ExpirationDate": { + "markdownDescription": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationDate", "type": "string" }, - "DbName": { - "markdownDescription": "The name of the first database created in the namespace.", - "title": "DbName", - "type": "string" + "ExpirationInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationInDays", + "type": "number" }, - "DefaultIamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", - "title": "DefaultIamRoleArn", + "ExpiredObjectDeleteMarker": { + "markdownDescription": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with `ExpirationInDays` , `ExpirationDate` , or `TagFilters` .", + "title": "ExpiredObjectDeleteMarker", + "type": "boolean" + }, + "Id": { + "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", + "title": "Id", "type": "string" }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM roles to associate with the namespace.", - "title": "IamRoles", - "type": "array" + "NoncurrentVersionExpiration": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionExpiration", + "markdownDescription": "Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.", + "title": "NoncurrentVersionExpiration" }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", - "title": "KmsKeyId", - "type": "string" + "NoncurrentVersionExpirationInDays": { + "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.", + "title": "NoncurrentVersionExpirationInDays", + "type": "number" }, - "LogExports": { + "NoncurrentVersionTransition": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition", + "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransitions` property.", + "title": "NoncurrentVersionTransition" + }, + "NoncurrentVersionTransitions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition" }, - "markdownDescription": "The types of logs the namespace can export. Available export types are User log, Connection log, and User activity log.", - "title": "LogExports", + "markdownDescription": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransition` property.", + "title": "NoncurrentVersionTransitions", "type": "array" }, - "NamespaceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) associated with a namespace.", - "title": "NamespaceArn", + "ObjectSizeGreaterThan": { + "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeGreaterThan", "type": "string" }, - "NamespaceId": { - "markdownDescription": "The unique identifier of a namespace.", - "title": "NamespaceId", + "ObjectSizeLessThan": { + "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeLessThan", "type": "string" }, - "NamespaceName": { - "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "NamespaceName", + "Prefix": { + "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", "type": "string" }, "Status": { - "markdownDescription": "The status of the namespace.", + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", "title": "Status", "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "Tags to use to identify a subset of objects to which the lifecycle rule applies.", + "title": "TagFilters", + "type": "array" + }, + "Transition": { + "$ref": "#/definitions/AWS::S3::Bucket.Transition", + "markdownDescription": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transitions` property.", + "title": "Transition" + }, + "Transitions": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Transition" + }, + "markdownDescription": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transition` property.", + "title": "Transitions", + "type": "array" } }, + "required": [ + "Status" + ], "type": "object" }, - "AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration": { + "AWS::S3::Bucket.S3KeyFilter": { "additionalProperties": false, "properties": { - "DestinationKmsKeyId": { - "markdownDescription": "The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region .", - "title": "DestinationKmsKeyId", - "type": "string" - }, - "DestinationRegion": { - "markdownDescription": "The destination AWS Region to copy snapshots to.", - "title": "DestinationRegion", - "type": "string" - }, - "SnapshotRetentionPeriod": { - "markdownDescription": "The retention period of snapshots that are copied to the destination AWS Region .", - "title": "SnapshotRetentionPeriod", - "type": "number" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.FilterRule" + }, + "markdownDescription": "A list of containers for the key-value pair that defines the criteria for the filter rule.", + "title": "Rules", + "type": "array" } }, "required": [ - "DestinationRegion" + "Rules" ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup": { + "AWS::S3::Bucket.S3TablesDestination": { "additionalProperties": false, "properties": { - "Condition": { + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the metadata table in the metadata table configuration. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "TableArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the table bucket that's specified as the destination in the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket.", + "title": "TableBucketArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BaseCapacity": { - "markdownDescription": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs).", - "title": "BaseCapacity", - "type": "number" - }, - "ConfigParameters": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" - }, - "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ConfigParameters", - "type": "array" - }, - "EnhancedVpcRouting": { - "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "MaxCapacity": { - "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", - "title": "MaxCapacity", - "type": "number" - }, - "NamespaceName": { - "markdownDescription": "The namespace the workgroup is associated with.", - "title": "NamespaceName", - "type": "string" - }, - "Port": { - "markdownDescription": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.", - "title": "Port", - "type": "number" - }, - "PubliclyAccessible": { - "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to associate with the workgroup.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs the workgroup is associated with.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The map of the key-value pairs used to tag the workgroup.", - "title": "Tags", - "type": "array" - }, - "WorkgroupName": { - "markdownDescription": "The name of the workgroup.", - "title": "WorkgroupName", - "type": "string" - } - }, - "required": [ - "WorkgroupName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RedshiftServerless::Workgroup" - ], + "TableName": { + "markdownDescription": "The name for the metadata table in your metadata table configuration. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "TableName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableNamespace": { + "markdownDescription": "The table bucket namespace for the metadata table in your metadata table configuration. This value is always `aws_s3_metadata` .", + "title": "TableNamespace", "type": "string" } }, "required": [ - "Type", - "Properties" + "TableBucketArn", + "TableName" ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup.ConfigParameter": { + "AWS::S3::Bucket.ServerSideEncryptionByDefault": { "additionalProperties": false, "properties": { - "ParameterKey": { - "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ParameterKey", + "KMSMasterKeyID": { + "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption.\n\n> - *General purpose buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` or `aws:kms:dsse` .\n> - *Directory buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` . \n\nYou can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key Alias: `alias/alias-name`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy) .\n\n> - *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then AWS KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.\n> - *Directory buckets* - When you specify an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KMSMasterKeyID", "type": "string" }, - "ParameterValue": { - "markdownDescription": "The value of the parameter to set.", - "title": "ParameterValue", + "SSEAlgorithm": { + "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", + "title": "SSEAlgorithm", "type": "string" } }, + "required": [ + "SSEAlgorithm" + ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup.Endpoint": { + "AWS::S3::Bucket.ServerSideEncryptionRule": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The DNS address of the VPC endpoint.", - "title": "Address", - "type": "string" - }, - "Port": { - "markdownDescription": "The port that Amazon Redshift Serverless listens on.", - "title": "Port", - "type": "number" + "BucketKeyEnabled": { + "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the `BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide* .", + "title": "BucketKeyEnabled", + "type": "boolean" }, - "VpcEndpoints": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.VpcEndpoint" - }, - "markdownDescription": "An array of `VpcEndpoint` objects.", - "title": "VpcEndpoints", - "type": "array" + "ServerSideEncryptionByDefault": { + "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionByDefault", + "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", + "title": "ServerSideEncryptionByDefault" } }, "type": "object" }, - "AWS::RedshiftServerless::Workgroup.NetworkInterface": { + "AWS::S3::Bucket.SourceSelectionCriteria": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The availability Zone.", - "title": "AvailabilityZone", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The unique identifier of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrivateIpAddress": { - "markdownDescription": "The IPv4 address of the network interface within the subnet.", - "title": "PrivateIpAddress", - "type": "string" + "ReplicaModifications": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicaModifications", + "markdownDescription": "A filter that you can specify for selection for modifications on replicas.", + "title": "ReplicaModifications" }, - "SubnetId": { - "markdownDescription": "The unique identifier of the subnet.", - "title": "SubnetId", - "type": "string" + "SseKmsEncryptedObjects": { + "$ref": "#/definitions/AWS::S3::Bucket.SseKmsEncryptedObjects", + "markdownDescription": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.", + "title": "SseKmsEncryptedObjects" } }, "type": "object" }, - "AWS::RedshiftServerless::Workgroup.VpcEndpoint": { + "AWS::S3::Bucket.SseKmsEncryptedObjects": { "additionalProperties": false, "properties": { - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.NetworkInterface" - }, - "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", - "title": "NetworkInterfaces", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The connection endpoint ID for connecting to Amazon Redshift Serverless.", - "title": "VpcEndpointId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The VPC identifier that the endpoint is associated with.", - "title": "VpcId", + "Status": { + "markdownDescription": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.", + "title": "Status", "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup.Workgroup": { + "AWS::S3::Bucket.StorageClassAnalysis": { "additionalProperties": false, "properties": { - "BaseCapacity": { - "markdownDescription": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).", - "title": "BaseCapacity", - "type": "number" - }, - "ConfigParameters": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" - }, - "markdownDescription": "An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ConfigParameters", - "type": "array" - }, - "CreationDate": { - "markdownDescription": "The creation date of the workgroup.", - "title": "CreationDate", - "type": "string" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Endpoint", - "markdownDescription": "The endpoint that is created from the workgroup.", - "title": "Endpoint" - }, - "EnhancedVpcRouting": { - "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "MaxCapacity": { - "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", - "title": "MaxCapacity", - "type": "number" - }, - "NamespaceName": { - "markdownDescription": "The namespace the workgroup is associated with.", - "title": "NamespaceName", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of security group IDs to associate with the workgroup.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Status": { - "markdownDescription": "The status of the workgroup.", - "title": "Status", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of subnet IDs the workgroup is associated with.", - "title": "SubnetIds", - "type": "array" - }, - "WorkgroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that links to the workgroup.", - "title": "WorkgroupArn", - "type": "string" - }, - "WorkgroupId": { - "markdownDescription": "The unique identifier of the workgroup.", - "title": "WorkgroupId", - "type": "string" - }, - "WorkgroupName": { - "markdownDescription": "The name of the workgroup.", - "title": "WorkgroupName", - "type": "string" + "DataExport": { + "$ref": "#/definitions/AWS::S3::Bucket.DataExport", + "markdownDescription": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.", + "title": "DataExport" } }, "type": "object" }, - "AWS::RefactorSpaces::Application": { + "AWS::S3::Bucket.TagFilter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApiGatewayProxy": { - "$ref": "#/definitions/AWS::RefactorSpaces::Application.ApiGatewayProxyInput", - "markdownDescription": "The endpoint URL of the Amazon API Gateway proxy.", - "title": "ApiGatewayProxy" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", - "type": "string" - }, - "ProxyType": { - "markdownDescription": "The proxy type of the proxy created within the application.", - "title": "ProxyType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the application.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the virtual private cloud (VPC).", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "EnvironmentIdentifier", - "Name", - "ProxyType", - "VpcId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RefactorSpaces::Application" - ], + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key", + "Value" ], "type": "object" }, - "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { + "AWS::S3::Bucket.TargetObjectKeyFormat": { "additionalProperties": false, "properties": { - "EndpointType": { - "markdownDescription": "The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default.\n\nIf the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) .", - "title": "EndpointType", - "type": "string" + "PartitionedPrefix": { + "$ref": "#/definitions/AWS::S3::Bucket.PartitionedPrefix", + "markdownDescription": "Partitioned S3 key for log objects.", + "title": "PartitionedPrefix" }, - "StageName": { - "markdownDescription": "The name of the API Gateway stage. The name defaults to `prod` .", - "title": "StageName", - "type": "string" + "SimplePrefix": { + "markdownDescription": "To use the simple format for S3 keys for log objects. To specify SimplePrefix format, set SimplePrefix to {}.", + "title": "SimplePrefix", + "type": "object" } }, "type": "object" }, - "AWS::RefactorSpaces::Environment": { + "AWS::S3::Bucket.Tiering": { "additionalProperties": false, "properties": { - "Condition": { + "AccessTier": { + "markdownDescription": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.", + "title": "AccessTier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Days": { + "markdownDescription": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).", + "title": "Days", + "type": "number" + } + }, + "required": [ + "AccessTier", + "Days" + ], + "type": "object" + }, + "AWS::S3::Bucket.TopicConfiguration": { + "additionalProperties": false, + "properties": { + "Event": { + "markdownDescription": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the environment.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment.", - "title": "Name", - "type": "string" - }, - "NetworkFabricType": { - "markdownDescription": "The network fabric type of the environment.", - "title": "NetworkFabricType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the environment.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name", - "NetworkFabricType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RefactorSpaces::Environment" - ], - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket.", + "title": "Filter" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Topic": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.", + "title": "Topic", "type": "string" } }, "required": [ - "Type", - "Properties" + "Event", + "Topic" ], "type": "object" }, - "AWS::RefactorSpaces::Route": { + "AWS::S3::Bucket.Transition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StorageClass": { + "markdownDescription": "The storage class to which you want the object to transition.", + "title": "StorageClass", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationIdentifier": { - "markdownDescription": "The unique identifier of the application.", - "title": "ApplicationIdentifier", - "type": "string" - }, - "DefaultRoute": { - "$ref": "#/definitions/AWS::RefactorSpaces::Route.DefaultRouteInput", - "markdownDescription": "Configuration for the default route type.", - "title": "DefaultRoute" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "RouteType": { - "markdownDescription": "The route type of the route.", - "title": "RouteType", - "type": "string" - }, - "ServiceIdentifier": { - "markdownDescription": "The unique identifier of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the route.", - "title": "Tags", - "type": "array" - }, - "UriPathRoute": { - "$ref": "#/definitions/AWS::RefactorSpaces::Route.UriPathRouteInput", - "markdownDescription": "The configuration for the URI path route type.", - "title": "UriPathRoute" - } - }, - "required": [ - "ApplicationIdentifier", - "EnvironmentIdentifier", - "RouteType", - "ServiceIdentifier" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::RefactorSpaces::Route" - ], + "TransitionDate": { + "markdownDescription": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.", + "title": "TransitionDate", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TransitionInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is `INTELLIGENT_TIERING` , `GLACIER_IR` , `GLACIER` , or `DEEP_ARCHIVE` , valid values are `0` or positive integers. If the specified storage class is `STANDARD_IA` or `ONEZONE_IA` , valid values are positive integers greater than `30` . Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide* .", + "title": "TransitionInDays", + "type": "number" } }, "required": [ - "Type", - "Properties" + "StorageClass" ], "type": "object" }, - "AWS::RefactorSpaces::Route.DefaultRouteInput": { + "AWS::S3::Bucket.VersioningConfiguration": { "additionalProperties": false, "properties": { - "ActivationState": { - "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", - "title": "ActivationState", + "Status": { + "markdownDescription": "The versioning state of the bucket.", + "title": "Status", "type": "string" } }, "required": [ - "ActivationState" + "Status" ], "type": "object" }, - "AWS::RefactorSpaces::Route.UriPathRouteInput": { + "AWS::S3::Bucket.WebsiteConfiguration": { "additionalProperties": false, "properties": { - "ActivationState": { - "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", - "title": "ActivationState", + "ErrorDocument": { + "markdownDescription": "The name of the error document for the website.", + "title": "ErrorDocument", "type": "string" }, - "AppendSourcePath": { - "markdownDescription": "If set to `true` , this option appends the source path to the service URL endpoint.", - "title": "AppendSourcePath", - "type": "boolean" + "IndexDocument": { + "markdownDescription": "The name of the index document for the website.", + "title": "IndexDocument", + "type": "string" }, - "IncludeChildPaths": { - "markdownDescription": "Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service.", - "title": "IncludeChildPaths", - "type": "boolean" + "RedirectAllRequestsTo": { + "$ref": "#/definitions/AWS::S3::Bucket.RedirectAllRequestsTo", + "markdownDescription": "The redirect behavior for every request to this bucket's website endpoint.\n\n> If you specify this property, you can't specify any other property.", + "title": "RedirectAllRequestsTo" }, - "Methods": { + "RoutingRules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::S3::Bucket.RoutingRule" }, - "markdownDescription": "A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route\u2019s service.", - "title": "Methods", + "markdownDescription": "Rules that define when a redirect is applied and the redirect behavior.", + "title": "RoutingRules", "type": "array" - }, - "SourcePath": { - "markdownDescription": "This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'.", - "title": "SourcePath", - "type": "string" } }, - "required": [ - "ActivationState" - ], "type": "object" }, - "AWS::RefactorSpaces::Service": { + "AWS::S3::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -229051,66 +279886,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationIdentifier": { - "markdownDescription": "The unique identifier of the application.", - "title": "ApplicationIdentifier", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the service.", - "title": "Description", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The endpoint type of the service.", - "title": "EndpointType", - "type": "string" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "LambdaEndpoint": { - "$ref": "#/definitions/AWS::RefactorSpaces::Service.LambdaEndpointInput", - "markdownDescription": "A summary of the configuration for the AWS Lambda endpoint type.", - "title": "LambdaEndpoint" - }, - "Name": { - "markdownDescription": "The name of the service.", - "title": "Name", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket to which the policy applies.", + "title": "Bucket", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the service.", - "title": "Tags", - "type": "array" - }, - "UrlEndpoint": { - "$ref": "#/definitions/AWS::RefactorSpaces::Service.UrlEndpointInput", - "markdownDescription": "The summary of the configuration for the URL endpoint type.", - "title": "UrlEndpoint" - }, - "VpcId": { - "markdownDescription": "The ID of the virtual private cloud (VPC).", - "title": "VpcId", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", + "title": "PolicyDocument", + "type": "object" } }, "required": [ - "ApplicationIdentifier", - "EndpointType", - "EnvironmentIdentifier", - "Name" + "Bucket", + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::RefactorSpaces::Service" + "AWS::S3::BucketPolicy" ], "type": "string" }, @@ -229129,40 +279924,7 @@ ], "type": "object" }, - "AWS::RefactorSpaces::Service.LambdaEndpointInput": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function or alias.", - "title": "Arn", - "type": "string" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::RefactorSpaces::Service.UrlEndpointInput": { - "additionalProperties": false, - "properties": { - "HealthUrl": { - "markdownDescription": "The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL.", - "title": "HealthUrl", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) .", - "title": "Url", - "type": "string" - } - }, - "required": [ - "Url" - ], - "type": "object" - }, - "AWS::Rekognition::Collection": { + "AWS::S3::MultiRegionAccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -229197,28 +279959,33 @@ "Properties": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "ID for the collection that you are creating.", - "title": "CollectionId", + "Name": { + "markdownDescription": "The name of the Multi-Region Access Point.", + "title": "Name", "type": "string" }, - "Tags": { + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers an object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", + "title": "PublicAccessBlockConfiguration" + }, + "Regions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.Region" }, - "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the collection.", - "title": "Tags", + "markdownDescription": "A collection of the Regions and buckets associated with the Multi-Region Access Point.", + "title": "Regions", "type": "array" } }, "required": [ - "CollectionId" + "Regions" ], "type": "object" }, "Type": { "enum": [ - "AWS::Rekognition::Collection" + "AWS::S3::MultiRegionAccessPoint" ], "type": "string" }, @@ -229232,12 +279999,57 @@ } }, "required": [ - "Type", - "Properties" + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::MultiRegionAccessPoint.Region": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the associated bucket for the Region.", + "title": "Bucket", + "type": "string" + }, + "BucketAccountId": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.", + "title": "BucketAccountId", + "type": "string" + } + }, + "required": [ + "Bucket" ], "type": "object" }, - "AWS::Rekognition::Project": { + "AWS::S3::MultiRegionAccessPointPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -229272,20 +280084,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ProjectName": { - "markdownDescription": "The name of the project to create.", - "title": "ProjectName", + "MrapName": { + "markdownDescription": "The name of the Multi-Region Access Point.", + "title": "MrapName", "type": "string" + }, + "Policy": { + "markdownDescription": "The access policy associated with the Multi-Region Access Point.", + "title": "Policy", + "type": "object" } }, "required": [ - "ProjectName" + "MrapName", + "Policy" ], "type": "object" }, "Type": { "enum": [ - "AWS::Rekognition::Project" + "AWS::S3::MultiRegionAccessPointPolicy" ], "type": "string" }, @@ -229304,7 +280122,21 @@ ], "type": "object" }, - "AWS::Rekognition::StreamProcessor": { + "AWS::S3::MultiRegionAccessPointPolicy.PolicyStatus": { + "additionalProperties": false, + "properties": { + "IsPublic": { + "markdownDescription": "The policy status for this bucket. `TRUE` indicates that this bucket is public. `FALSE` indicates that the bucket is not public.", + "title": "IsPublic", + "type": "string" + } + }, + "required": [ + "IsPublic" + ], + "type": "object" + }, + "AWS::S3::StorageLens": { "additionalProperties": false, "properties": { "Condition": { @@ -229339,87 +280171,28 @@ "Properties": { "additionalProperties": false, "properties": { - "BoundingBoxRegionsOfInterest": { - "items": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.BoundingBox" - }, - "markdownDescription": "List of BoundingBox objects, each of which denotes a region of interest on screen. For more information, see the BoundingBox field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", - "title": "BoundingBoxRegionsOfInterest", - "type": "array" - }, - "ConnectedHomeSettings": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.ConnectedHomeSettings", - "markdownDescription": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) .", - "title": "ConnectedHomeSettings" - }, - "DataSharingPreference": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.DataSharingPreference", - "markdownDescription": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) .", - "title": "DataSharingPreference" - }, - "FaceSearchSettings": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.FaceSearchSettings", - "markdownDescription": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) .", - "title": "FaceSearchSettings" - }, - "KinesisDataStream": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisDataStream", - "markdownDescription": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) .", - "title": "KinesisDataStream" - }, - "KinesisVideoStream": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisVideoStream", - "markdownDescription": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) .", - "title": "KinesisVideoStream" - }, - "KmsKeyId": { - "markdownDescription": "The identifier for your Amazon Key Management Service key (Amazon KMS key). Optional parameter for connected home stream processors used to encrypt results and data published to your Amazon S3 bucket. For more information, see the KMSKeyId section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", - "title": "KmsKeyId", - "type": "string" - }, - "Name": { - "markdownDescription": "The Name attribute specifies the name of the stream processor and it must be within the constraints described in the Name section of [StreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessor) . If you don't specify a name, Amazon CloudFormation generates a unique ID and uses that ID for the stream processor name.", - "title": "Name", - "type": "string" - }, - "NotificationChannel": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.NotificationChannel", - "markdownDescription": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) .", - "title": "NotificationChannel" - }, - "PolygonRegionsOfInterest": { - "markdownDescription": "A set of ordered lists of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. Each entry of the set contains a polygon denoting a region of interest on the screen. Each polygon is an ordered list of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. For more information, see the Polygon field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", - "title": "PolygonRegionsOfInterest", - "type": "object" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions to the Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a connected home stream processor. This is required for both face search and connected home stream processors. For information about constraints, see the RoleArn section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", - "title": "RoleArn", - "type": "string" - }, - "S3Destination": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.S3Destination", - "markdownDescription": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) .", - "title": "S3Destination" + "StorageLensConfiguration": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensConfiguration", + "markdownDescription": "This resource contains the details Amazon S3 Storage Lens configuration.", + "title": "StorageLensConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the stream processor. For more information, see the Tags section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "markdownDescription": "A set of tags (key\u2013value pairs) to associate with the Storage Lens configuration.", "title": "Tags", "type": "array" } }, "required": [ - "KinesisVideoStream", - "RoleArn" + "StorageLensConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Rekognition::StreamProcessor" + "AWS::S3::StorageLens" ], "type": "string" }, @@ -229438,155 +280211,394 @@ ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.BoundingBox": { + "AWS::S3::StorageLens.AccountLevel": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "Height of the bounding box as a ratio of the overall image height.", - "title": "Height", - "type": "number" + "ActivityMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", + "markdownDescription": "This property contains the details of account-level activity metrics for S3 Storage Lens.", + "title": "ActivityMetrics" }, - "Left": { - "markdownDescription": "Left coordinate of the bounding box as a ratio of overall image width.", - "title": "Left", - "type": "number" + "AdvancedCostOptimizationMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", + "markdownDescription": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.", + "title": "AdvancedCostOptimizationMetrics" }, - "Top": { - "markdownDescription": "Top coordinate of the bounding box as a ratio of overall image height.", - "title": "Top", - "type": "number" + "AdvancedDataProtectionMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", + "markdownDescription": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.", + "title": "AdvancedDataProtectionMetrics" }, - "Width": { - "markdownDescription": "Width of the bounding box as a ratio of the overall image width.", - "title": "Width", - "type": "number" + "BucketLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketLevel", + "markdownDescription": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens. To enable bucket-level configurations, make sure to also set the same metrics at the account level.", + "title": "BucketLevel" + }, + "DetailedStatusCodesMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", + "markdownDescription": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens.", + "title": "DetailedStatusCodesMetrics" + }, + "StorageLensGroupLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", + "markdownDescription": "This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard.", + "title": "StorageLensGroupLevel" } }, "required": [ - "Height", - "Left", - "Top", - "Width" + "BucketLevel" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.ConnectedHomeSettings": { + "AWS::S3::StorageLens.ActivityMetrics": { "additionalProperties": false, "properties": { - "Labels": { + "IsEnabled": { + "markdownDescription": "A property that indicates whether the activity metrics is enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AdvancedCostOptimizationMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether advanced cost optimization metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AdvancedDataProtectionMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether advanced data protection metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AwsOrg": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "This resource contains the ARN of the AWS Organization.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::S3::StorageLens.BucketLevel": { + "additionalProperties": false, + "properties": { + "ActivityMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", + "markdownDescription": "A property for bucket-level activity metrics for S3 Storage Lens.", + "title": "ActivityMetrics" + }, + "AdvancedCostOptimizationMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", + "markdownDescription": "A property for bucket-level advanced cost optimization metrics for S3 Storage Lens.", + "title": "AdvancedCostOptimizationMetrics" + }, + "AdvancedDataProtectionMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", + "markdownDescription": "A property for bucket-level advanced data protection metrics for S3 Storage Lens.", + "title": "AdvancedDataProtectionMetrics" + }, + "DetailedStatusCodesMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", + "markdownDescription": "A property for bucket-level detailed status code metrics for S3 Storage Lens.", + "title": "DetailedStatusCodesMetrics" + }, + "PrefixLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevel", + "markdownDescription": "A property for bucket-level prefix-level storage metrics for S3 Storage Lens.", + "title": "PrefixLevel" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.BucketsAndRegions": { + "additionalProperties": false, + "properties": { + "Buckets": { "items": { "type": "string" }, - "markdownDescription": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: \"PERSON\", \"PET\", \"PACKAGE\", and \"ALL\".", - "title": "Labels", + "markdownDescription": "This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* .", + "title": "Buckets", "type": "array" }, - "MinConfidence": { - "markdownDescription": "The minimum confidence required to label an object in the video.", - "title": "MinConfidence", - "type": "number" + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains the details of the Regions for the S3 Storage Lens configuration.", + "title": "Regions", + "type": "array" } }, - "required": [ - "Labels" - ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.DataSharingPreference": { + "AWS::S3::StorageLens.CloudWatchMetrics": { "additionalProperties": false, "properties": { - "OptIn": { - "markdownDescription": "Describes the opt-in status applied to a stream processor's data sharing policy.", - "title": "OptIn", + "IsEnabled": { + "markdownDescription": "This property identifies whether the CloudWatch publishing option for S3 Storage Lens is enabled.", + "title": "IsEnabled", "type": "boolean" } }, "required": [ - "OptIn" + "IsEnabled" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.FaceSearchSettings": { + "AWS::S3::StorageLens.DataExport": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "The ID of a collection that contains faces that you want to search for.", - "title": "CollectionId", - "type": "string" + "CloudWatchMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.CloudWatchMetrics", + "markdownDescription": "This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics.", + "title": "CloudWatchMetrics" }, - "FaceMatchThreshold": { - "markdownDescription": "Minimum face match confidence score that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted, and values lower than 80 are set to 80.", - "title": "FaceMatchThreshold", - "type": "number" + "S3BucketDestination": { + "$ref": "#/definitions/AWS::S3::StorageLens.S3BucketDestination", + "markdownDescription": "This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed.", + "title": "S3BucketDestination" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.DetailedStatusCodesMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether detailed status code metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.Encryption": { + "additionalProperties": false, + "properties": { + "SSEKMS": { + "$ref": "#/definitions/AWS::S3::StorageLens.SSEKMS", + "markdownDescription": "Specifies the use of AWS Key Management Service keys (SSE-KMS) to encrypt the S3 Storage Lens metrics export file.", + "title": "SSEKMS" + }, + "SSES3": { + "markdownDescription": "Specifies the use of an Amazon S3-managed key (SSE-S3) to encrypt the S3 Storage Lens metrics export file.", + "title": "SSES3", + "type": "object" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.PrefixLevel": { + "additionalProperties": false, + "properties": { + "StorageMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevelStorageMetrics", + "markdownDescription": "A property for the prefix-level storage metrics for Amazon S3 Storage Lens.", + "title": "StorageMetrics" } }, "required": [ - "CollectionId" + "StorageMetrics" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.KinesisDataStream": { + "AWS::S3::StorageLens.PrefixLevelStorageMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", + "title": "IsEnabled", + "type": "boolean" + }, + "SelectionCriteria": { + "$ref": "#/definitions/AWS::S3::StorageLens.SelectionCriteria", + "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", + "title": "SelectionCriteria" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.S3BucketDestination": { "additionalProperties": false, "properties": { + "AccountId": { + "markdownDescription": "This property contains the details of the AWS account ID of the S3 Storage Lens export bucket destination.", + "title": "AccountId", + "type": "string" + }, "Arn": { - "markdownDescription": "ARN of the output Amazon Kinesis Data Streams stream.", + "markdownDescription": "This property contains the details of the ARN of the bucket destination of the S3 Storage Lens export.", "title": "Arn", "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::S3::StorageLens.Encryption", + "markdownDescription": "This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export.", + "title": "Encryption" + }, + "Format": { + "markdownDescription": "This property contains the details of the format of the S3 Storage Lens export bucket destination.", + "title": "Format", + "type": "string" + }, + "OutputSchemaVersion": { + "markdownDescription": "This property contains the details of the output schema version of the S3 Storage Lens export bucket destination.", + "title": "OutputSchemaVersion", + "type": "string" + }, + "Prefix": { + "markdownDescription": "This property contains the details of the prefix of the bucket destination of the S3 Storage Lens export .", + "title": "Prefix", + "type": "string" } }, "required": [ - "Arn" + "AccountId", + "Arn", + "Format", + "OutputSchemaVersion" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.KinesisVideoStream": { + "AWS::S3::StorageLens.SSEKMS": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "ARN of the Kinesis video stream stream that streams the source video.", - "title": "Arn", + "KeyId": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the customer managed AWS KMS key to use for encrypting the S3 Storage Lens metrics export file. Amazon S3 only supports symmetric encryption keys. For more information, see [Special-purpose keys](https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KeyId", "type": "string" } }, "required": [ - "Arn" + "KeyId" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.NotificationChannel": { + "AWS::S3::StorageLens.SelectionCriteria": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the SNS topic that receives notifications.", - "title": "Arn", + "Delimiter": { + "markdownDescription": "This property contains the details of the S3 Storage Lens delimiter being used.", + "title": "Delimiter", "type": "string" + }, + "MaxDepth": { + "markdownDescription": "This property contains the details of the max depth that S3 Storage Lens will collect metrics up to.", + "title": "MaxDepth", + "type": "number" + }, + "MinStorageBytesPercentage": { + "markdownDescription": "This property contains the details of the minimum storage bytes percentage threshold that S3 Storage Lens will collect metrics up to.", + "title": "MinStorageBytesPercentage", + "type": "number" } }, - "required": [ - "Arn" - ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.S3Destination": { + "AWS::S3::StorageLens.StorageLensConfiguration": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) bucket name of a stream processor's exports.", - "title": "BucketName", + "AccountLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.AccountLevel", + "markdownDescription": "This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration.", + "title": "AccountLevel" + }, + "AwsOrg": { + "$ref": "#/definitions/AWS::S3::StorageLens.AwsOrg", + "markdownDescription": "This property contains the details of the AWS Organization for the S3 Storage Lens configuration.", + "title": "AwsOrg" + }, + "DataExport": { + "$ref": "#/definitions/AWS::S3::StorageLens.DataExport", + "markdownDescription": "This property contains the details of this S3 Storage Lens configuration's metrics export.", + "title": "DataExport" + }, + "Exclude": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", + "markdownDescription": "This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration.", + "title": "Exclude" + }, + "Id": { + "markdownDescription": "This property contains the details of the ID of the S3 Storage Lens configuration.", + "title": "Id", "type": "string" }, - "ObjectKeyPrefix": { - "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) object keys of a stream processor's exports.", - "title": "ObjectKeyPrefix", + "Include": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", + "markdownDescription": "This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration.", + "title": "Include" + }, + "IsEnabled": { + "markdownDescription": "This property contains the details of whether the Amazon S3 Storage Lens configuration is enabled.", + "title": "IsEnabled", + "type": "boolean" + }, + "StorageLensArn": { + "markdownDescription": "This property contains the details of the ARN of the S3 Storage Lens configuration. This property is read-only.", + "title": "StorageLensArn", "type": "string" } }, "required": [ - "BucketName" + "AccountLevel", + "Id", + "IsEnabled" ], "type": "object" }, - "AWS::ResilienceHub::App": { + "AWS::S3::StorageLens.StorageLensGroupLevel": { + "additionalProperties": false, + "properties": { + "StorageLensGroupSelectionCriteria": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", + "markdownDescription": "This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected.", + "title": "StorageLensGroupSelectionCriteria" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.StorageLensGroupSelectionCriteria": { + "additionalProperties": false, + "properties": { + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation.", + "title": "Exclude", + "type": "array" + }, + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation.", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -229621,74 +280633,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AppAssessmentSchedule": { - "markdownDescription": "Assessment execution schedule with 'Daily' or 'Disabled' values.", - "title": "AppAssessmentSchedule", - "type": "string" - }, - "AppTemplateBody": { - "markdownDescription": "A JSON string that provides information about your application structure. To learn more about the `appTemplateBody` template, see the sample template in [Sample appTemplateBody template](https://docs.aws.amazon.com//resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html#API_PutDraftAppVersionTemplate_Examples) .\n\nThe `appTemplateBody` JSON string has the following structure:\n\n- *`resources`*\n\nThe list of logical resources that needs to be included in the AWS Resilience Hub application.\n\nType: Array\n\n> Don't add the resources that you want to exclude. \n\nEach `resources` array item includes the following fields:\n\n- *`logicalResourceId`*\n\nThe logical identifier of the resource.\n\nType: Object\n\nEach `logicalResourceId` object includes the following fields:\n\n- `identifier`\n\nIdentifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`type`*\n\nThe type of resource.\n\nType: string\n- *`name`*\n\nName of the resource.\n\nType: String\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`appComponents`*\n\nThe list of Application Components (AppComponent) that this resource belongs to. If an AppComponent is not part of the AWS Resilience Hub application, it will be added.\n\nType: Array\n\nEach `appComponents` array item includes the following fields:\n\n- `name`\n\nName of the AppComponent.\n\nType: String\n- `type`\n\nThe type of AppComponent. For more information about the types of AppComponent, see [Grouping resources in an AppComponent](https://docs.aws.amazon.com/resilience-hub/latest/userguide/AppComponent.grouping.html) .\n\nType: String\n- `resourceNames`\n\nThe list of included resources that are assigned to the AppComponent.\n\nType: Array of strings\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`excludedResources`*\n\nThe list of logical resource identifiers to be excluded from the application.\n\nType: Array\n\n> Don't add the resources that you want to include. \n\nEach `excludedResources` array item includes the following fields:\n\n- *`logicalResourceIds`*\n\nThe logical identifier of the resource.\n\nType: Object\n\n> You can configure only one of the following fields:\n> \n> - `logicalStackName`\n> - `resourceGroupName`\n> - `terraformSourceName`\n> - `eksSourceName` \n\nEach `logicalResourceIds` object includes the following fields:\n\n- `identifier`\n\nThe identifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`version`*\n\nThe AWS Resilience Hub application version.\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`", - "title": "AppTemplateBody", - "type": "string" - }, - "Description": { - "markdownDescription": "Optional description for an application.", - "title": "Description", - "type": "string" - }, - "EventSubscriptions": { - "items": { - "$ref": "#/definitions/AWS::ResilienceHub::App.EventSubscription" - }, - "markdownDescription": "The list of events you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* and *Scheduled assessment failure* events.", - "title": "EventSubscriptions", - "type": "array" + "Filter": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.Filter", + "markdownDescription": "This property contains the criteria for the Storage Lens group data that is displayed", + "title": "Filter" }, "Name": { - "markdownDescription": "Name for the application.", + "markdownDescription": "This property contains the Storage Lens group name.", "title": "Name", "type": "string" }, - "PermissionModel": { - "$ref": "#/definitions/AWS::ResilienceHub::App.PermissionModel", - "markdownDescription": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.", - "title": "PermissionModel" - }, - "ResiliencyPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resiliency policy.", - "title": "ResiliencyPolicyArn", - "type": "string" - }, - "ResourceMappings": { - "items": { - "$ref": "#/definitions/AWS::ResilienceHub::App.ResourceMapping" - }, - "markdownDescription": "An array of `ResourceMapping` objects.", - "title": "ResourceMappings", - "type": "array" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "This property contains the AWS resource tags that you're adding to your Storage Lens group. This parameter is optional.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "AppTemplateBody", - "Name", - "ResourceMappings" + "Filter", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResilienceHub::App" + "AWS::S3::StorageLensGroup" ], "type": "string" }, @@ -229707,129 +280679,169 @@ ], "type": "object" }, - "AWS::ResilienceHub::App.EventSubscription": { + "AWS::S3::StorageLensGroup.And": { "additionalProperties": false, "properties": { - "EventType": { - "markdownDescription": "The type of event you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* ( `DriftDetected` ) and *Scheduled assessment failure* ( `ScheduledAssessmentFailure` ) events.", - "title": "EventType", - "type": "string" + "MatchAnyPrefix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", + "type": "array" }, - "Name": { - "markdownDescription": "Unique name to identify an event subscription.", - "title": "Name", - "type": "string" + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" }, - "SnsTopicArn": { - "markdownDescription": "Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. The format for this ARN is: `arn:partition:sns:region:account:topic-name` . For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* guide.", - "title": "SnsTopicArn", - "type": "string" + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" + }, + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days).", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" } }, - "required": [ - "EventType", - "Name" - ], "type": "object" }, - "AWS::ResilienceHub::App.PermissionModel": { + "AWS::S3::StorageLensGroup.Filter": { "additionalProperties": false, "properties": { - "CrossAccountRoleArns": { + "And": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.And", + "markdownDescription": "This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed.", + "title": "And" + }, + "MatchAnyPrefix": { "items": { "type": "string" }, - "markdownDescription": "Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.\n\n> - These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.\n> - These roles must have a trust policy with `iam:AssumeRole` permission to the invoker role in the primary account.", - "title": "CrossAccountRoleArns", + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", "type": "array" }, - "InvokerRoleName": { - "markdownDescription": "Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.\n\nIf your IAM role includes a path, you must include the path in the `invokerRoleName` parameter. For example, if your IAM role's ARN is `arn:aws:iam:123456789012:role/my-path/role-name` , you should pass `my-path/role-name` .\n\n> - You must have `iam:passRole` permission for this role while creating or updating the application.\n> - Currently, `invokerRoleName` accepts only `[A-Za-z0-9_+=,.@-]` characters.", - "title": "InvokerRoleName", - "type": "string" + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" }, - "Type": { - "markdownDescription": "Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.", - "title": "Type", - "type": "string" + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" + }, + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days).", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" + }, + "Or": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.Or", + "markdownDescription": "This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed.", + "title": "Or" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ResilienceHub::App.PhysicalResourceId": { + "AWS::S3::StorageLensGroup.MatchObjectAge": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account that owns the physical resource.", - "title": "AwsAccountId", - "type": "string" - }, - "AwsRegion": { - "markdownDescription": "The AWS Region that the physical resource is located in.", - "title": "AwsRegion", - "type": "string" - }, - "Identifier": { - "markdownDescription": "Identifier of the physical resource.", - "title": "Identifier", - "type": "string" + "DaysGreaterThan": { + "markdownDescription": "This property indicates the minimum object age in days.", + "title": "DaysGreaterThan", + "type": "number" }, - "Type": { - "markdownDescription": "Specifies the type of physical resource identifier.\n\n- **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:\n\n- `AWS::ECS::Service`\n- `AWS::EFS::FileSystem`\n- `AWS::ElasticLoadBalancingV2::LoadBalancer`\n- `AWS::Lambda::Function`\n- `AWS::SNS::Topic`\n- **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:\n\n- `AWS::ApiGateway::RestApi`\n- `AWS::ApiGatewayV2::Api`\n- `AWS::AutoScaling::AutoScalingGroup`\n- `AWS::DocDB::DBCluster`\n- `AWS::DocDB::DBGlobalCluster`\n- `AWS::DocDB::DBInstance`\n- `AWS::DynamoDB::GlobalTable`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::EC2Fleet`\n- `AWS::EC2::Instance`\n- `AWS::EC2::NatGateway`\n- `AWS::EC2::Volume`\n- `AWS::ElasticLoadBalancing::LoadBalancer`\n- `AWS::RDS::DBCluster`\n- `AWS::RDS::DBInstance`\n- `AWS::RDS::GlobalCluster`\n- `AWS::Route53::RecordSet`\n- `AWS::S3::Bucket`\n- `AWS::SQS::Queue`", - "title": "Type", - "type": "string" + "DaysLessThan": { + "markdownDescription": "This property indicates the maximum object age in days.", + "title": "DaysLessThan", + "type": "number" } }, - "required": [ - "Identifier", - "Type" - ], "type": "object" }, - "AWS::ResilienceHub::App.ResourceMapping": { + "AWS::S3::StorageLensGroup.MatchObjectSize": { "additionalProperties": false, "properties": { - "EksSourceName": { - "markdownDescription": "Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` .\n\n> This parameter accepts values in \"eks-cluster/namespace\" format.", - "title": "EksSourceName", - "type": "string" + "BytesGreaterThan": { + "markdownDescription": "This property specifies the minimum object size in bytes. The value must be a positive number, greater than 0 and less than 5 TB.", + "title": "BytesGreaterThan", + "type": "number" }, - "LogicalStackName": { - "markdownDescription": "Name of the AWS CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` .", - "title": "LogicalStackName", - "type": "string" + "BytesLessThan": { + "markdownDescription": "This property specifies the maximum object size in bytes. The value must be a positive number, greater than the minimum object size and less than 5 TB.", + "title": "BytesLessThan", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.Or": { + "additionalProperties": false, + "properties": { + "MatchAnyPrefix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", + "type": "array" }, - "MappingType": { - "markdownDescription": "Specifies the type of resource mapping.", - "title": "MappingType", - "type": "string" + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" }, - "PhysicalResourceId": { - "$ref": "#/definitions/AWS::ResilienceHub::App.PhysicalResourceId", - "markdownDescription": "Identifier of the physical resource.", - "title": "PhysicalResourceId" + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" }, - "ResourceName": { - "markdownDescription": "Name of the resource that this resource is mapped to when the `mappingType` is `Resource` .", - "title": "ResourceName", - "type": "string" + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property filters objects that match the specified object age range.", + "title": "MatchObjectAge" }, - "TerraformSourceName": { - "markdownDescription": "Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` .", - "title": "TerraformSourceName", - "type": "string" + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" } }, - "required": [ - "MappingType", - "PhysicalResourceId" - ], "type": "object" }, - "AWS::ResilienceHub::ResiliencyPolicy": { + "AWS::S3Express::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -229864,53 +280876,50 @@ "Properties": { "additionalProperties": false, "properties": { - "DataLocationConstraint": { - "markdownDescription": "Specifies a high-level geographical location constraint for where your resilience policy data can be stored.", - "title": "DataLocationConstraint", + "Bucket": { + "markdownDescription": "The name of the bucket that you want to associate the access point with.", + "title": "Bucket", "type": "string" }, - "Policy": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.PolicyMap", - "markdownDescription": "The resiliency policy.", - "title": "Policy" - }, - "PolicyDescription": { - "markdownDescription": "Description of the resiliency policy.", - "title": "PolicyDescription", + "BucketAccountId": { + "markdownDescription": "The AWS account ID that owns the bucket associated with this access point.", + "title": "BucketAccountId", "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the policy", - "title": "PolicyName", + "Name": { + "markdownDescription": "An access point name consists of a base name you provide, followed by the zoneID ( AWS Local Zone) followed by the prefix `--xa-s3` . For example, accesspointname--zoneID--xa-s3.", + "title": "Name", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", + "Policy": { + "markdownDescription": "The access point policy associated with the specified access point.", + "title": "Policy", "type": "object" }, - "Tier": { - "markdownDescription": "The tier for this resiliency policy, ranging from the highest severity ( `MissionCritical` ) to lowest ( `NonCritical` ).", - "title": "Tier", - "type": "string" + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3Express::AccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "Public access is blocked by default to access points for directory buckets.", + "title": "PublicAccessBlockConfiguration" + }, + "Scope": { + "$ref": "#/definitions/AWS::S3Express::AccessPoint.Scope", + "markdownDescription": "You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.\n\nFor more information, see [Manage the scope of your access points for directory buckets.](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets-manage-scope.html)", + "title": "Scope" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3Express::AccessPoint.VpcConfiguration", + "markdownDescription": "If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).", + "title": "VpcConfiguration" } }, "required": [ - "Policy", - "PolicyName", - "Tier" + "Bucket" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResilienceHub::ResiliencyPolicy" + "AWS::S3Express::AccessPoint" ], "type": "string" }, @@ -229929,125 +280938,66 @@ ], "type": "object" }, - "AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy": { + "AWS::S3Express::AccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { - "RpoInSecs": { - "markdownDescription": "Recovery Point Objective (RPO) in seconds.", - "title": "RpoInSecs", - "type": "number" + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" }, - "RtoInSecs": { - "markdownDescription": "Recovery Time Objective (RTO) in seconds.", - "title": "RtoInSecs", - "type": "number" + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" } }, - "required": [ - "RpoInSecs", - "RtoInSecs" - ], "type": "object" }, - "AWS::ResilienceHub::ResiliencyPolicy.PolicyMap": { + "AWS::S3Express::AccessPoint.Scope": { "additionalProperties": false, "properties": { - "AZ": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for Availability Zone disruption.", - "title": "AZ" - }, - "Hardware": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for hardware disruption.", - "title": "Hardware" - }, - "Region": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for Regional disruption.", - "title": "Region" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "You can include one or more API operations as permissions.", + "title": "Permissions", + "type": "array" }, - "Software": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for software disruption.", - "title": "Software" + "Prefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.", + "title": "Prefixes", + "type": "array" } }, - "required": [ - "AZ", - "Hardware", - "Software" - ], "type": "object" }, - "AWS::ResourceExplorer2::DefaultViewAssociation": { + "AWS::S3Express::AccessPoint.VpcConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ViewArn": { - "markdownDescription": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region.", - "title": "ViewArn", - "type": "string" - } - }, - "required": [ - "ViewArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ResourceExplorer2::DefaultViewAssociation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VpcId": { + "markdownDescription": "If this field is specified, this access point will only allow connections from the specified VPC ID.", + "title": "VpcId", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::ResourceExplorer2::Index": { + "AWS::S3Express::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -230082,31 +281032,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "additionalProperties": true, - "markdownDescription": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* .", - "title": "Type", + "Bucket": { + "markdownDescription": "The name of the S3 directory bucket to which the policy applies.", + "title": "Bucket", "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Policies and Permissions in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", + "title": "PolicyDocument", + "type": "object" } }, "required": [ - "Type" + "Bucket", + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResourceExplorer2::Index" + "AWS::S3Express::BucketPolicy" ], "type": "string" }, @@ -230125,7 +281070,7 @@ ], "type": "object" }, - "AWS::ResourceExplorer2::View": { + "AWS::S3Express::DirectoryBucket": { "additionalProperties": false, "properties": { "Condition": { @@ -230160,49 +281105,49 @@ "Properties": { "additionalProperties": false, "properties": { - "Filters": { - "$ref": "#/definitions/AWS::ResourceExplorer2::View.SearchFilter", - "markdownDescription": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", - "title": "Filters" + "BucketEncryption": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.BucketEncryption", + "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). For information about default encryption for directory buckets, see [Setting and monitoring default encryption for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html) in the *Amazon S3 User Guide* .", + "title": "BucketEncryption" }, - "IncludedProperties": { - "items": { - "$ref": "#/definitions/AWS::ResourceExplorer2::View.IncludedProperty" - }, - "markdownDescription": "A list of fields that provide additional information about the view.", - "title": "IncludedProperties", - "type": "array" + "BucketName": { + "markdownDescription": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Zone (Availability Zone or Local Zone). The bucket name must also follow the format `*bucket_base_name* -- *zone_id* --x-s3` (for example, `*bucket_base_name* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", + "type": "string" }, - "Scope": { - "markdownDescription": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account.", - "title": "Scope", + "DataRedundancy": { + "markdownDescription": "The number of Zone (Availability Zone or Local Zone) that's used for redundancy for the bucket.", + "title": "DataRedundancy", + "type": "string" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.LifecycleConfiguration", + "markdownDescription": "Container for lifecycle rules. You can add as many as 1000 rules.\n\nFor more information see, [Creating and managing a lifecycle configuration for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-lifecycle.html ) in the *Amazon S3 User Guide* .", + "title": "LifecycleConfiguration" + }, + "LocationName": { + "markdownDescription": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` .", + "title": "LocationName", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tag key and value pairs that are attached to the view.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of tags that you can apply to the S3 directory bucket. Tags are key-value pairs of metadata used to categorize and organize your buckets, track costs, and control access. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) .", "title": "Tags", - "type": "object" - }, - "ViewName": { - "markdownDescription": "The name of the new view.", - "title": "ViewName", - "type": "string" + "type": "array" } }, "required": [ - "ViewName" + "DataRedundancy", + "LocationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResourceExplorer2::View" + "AWS::S3Express::DirectoryBucket" ], "type": "string" }, @@ -230221,35 +281166,134 @@ ], "type": "object" }, - "AWS::ResourceExplorer2::View.IncludedProperty": { + "AWS::S3Express::DirectoryBucket.AbortIncompleteMultipartUpload": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the property that is included in this view.", - "title": "Name", + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.", + "title": "DaysAfterInitiation", + "type": "number" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.BucketEncryption": { + "additionalProperties": false, + "properties": { + "ServerSideEncryptionConfiguration": { + "items": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.ServerSideEncryptionRule" + }, + "markdownDescription": "Specifies the default server-side-encryption configuration.", + "title": "ServerSideEncryptionConfiguration", + "type": "array" + } + }, + "required": [ + "ServerSideEncryptionConfiguration" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.Rule" + }, + "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 Express bucket.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.Rule": { + "additionalProperties": false, + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.AbortIncompleteMultipartUpload", + "markdownDescription": "Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.", + "title": "AbortIncompleteMultipartUpload" + }, + "ExpirationInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationInDays", + "type": "number" + }, + "Id": { + "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", + "title": "Id", + "type": "string" + }, + "ObjectSizeGreaterThan": { + "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeGreaterThan", + "type": "string" + }, + "ObjectSizeLessThan": { + "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeLessThan", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", + "type": "string" + }, + "Status": { + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", + "title": "Status", "type": "string" } }, "required": [ - "Name" + "Status" ], "type": "object" }, - "AWS::ResourceExplorer2::View.SearchFilter": { + "AWS::S3Express::DirectoryBucket.ServerSideEncryptionByDefault": { "additionalProperties": false, "properties": { - "FilterString": { - "markdownDescription": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation.\n\nFor information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", - "title": "FilterString", + "KMSMasterKeyID": { + "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if `SSEAlgorithm` is set to `aws:kms` .\n\nYou can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key. You can\u2019t use the key alias of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html#s3-express-bucket-encryption-update-bucket-policy) .\n\n> Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket for the lifetime of the bucket. [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) ( `aws/s3` ) isn't supported. Also, after you specify a customer managed key for SSE-KMS and upload objects with this configuration, you can't override the customer managed key for your SSE-KMS configuration. To use a new customer manager key for your data, we recommend copying your existing objects to a new directory bucket with a new customer managed key. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KMSMasterKeyID", + "type": "string" + }, + "SSEAlgorithm": { + "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", + "title": "SSEAlgorithm", "type": "string" } }, "required": [ - "FilterString" + "SSEAlgorithm" ], "type": "object" }, - "AWS::ResourceGroups::Group": { + "AWS::S3Express::DirectoryBucket.ServerSideEncryptionRule": { + "additionalProperties": false, + "properties": { + "BucketKeyEnabled": { + "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. S3 Bucket Keys are always enabled for `GET` and `PUT` operations on a directory bucket and can\u2019t be disabled. It's only allowed to set the `BucketKeyEnabled` element to `true` .\n\nS3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) , [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) , [the Copy operation in Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops) , or [the import jobs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job) . In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-UsingKMSEncryption.html#s3-express-sse-kms-bucket-keys) in the *Amazon S3 User Guide* .", + "title": "BucketKeyEnabled", + "type": "boolean" + }, + "ServerSideEncryptionByDefault": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.ServerSideEncryptionByDefault", + "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", + "title": "ServerSideEncryptionByDefault" + } + }, + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -230284,54 +281328,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationItem" - }, - "markdownDescription": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n> You can include either a `Configuration` or a `ResourceQuery` , but not both.", - "title": "Configuration", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the resource group.", - "title": "Description", - "type": "string" - }, "Name": { - "markdownDescription": "The name of a resource group. The name must be unique within the AWS Region in which you create the resource. To create multiple resource groups based on the same CloudFormation stack, you must generate unique names for each.", + "markdownDescription": "The name of this access point.", "title": "Name", "type": "string" }, - "ResourceQuery": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ResourceQuery", - "markdownDescription": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n> - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n> - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both.", - "title": "ResourceQuery" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n> - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n> - You can include a `Resources` property only if you also specify a `Configuration` property.", - "title": "Resources", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tag key and value pairs that are attached to the resource group.", - "title": "Tags", - "type": "array" + "ObjectLambdaConfiguration": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration", + "markdownDescription": "A configuration used when creating an Object Lambda Access Point.", + "title": "ObjectLambdaConfiguration" } }, "required": [ - "Name" + "ObjectLambdaConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResourceGroups::Group" + "AWS::S3ObjectLambda::AccessPoint" ], "type": "string" }, @@ -230350,107 +281365,144 @@ ], "type": "object" }, - "AWS::ResourceGroups::Group.ConfigurationItem": { + "AWS::S3ObjectLambda::AccessPoint.Alias": { "additionalProperties": false, "properties": { - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationParameter" - }, - "markdownDescription": "A collection of parameters for this configuration item. For the list of parameters that you can use with each configuration item `Type` , see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Parameters", - "type": "array" + "Status": { + "markdownDescription": "The status of the Object Lambda Access Point alias. If the status is `PROVISIONING` , the Object Lambda Access Point is provisioning the alias and the alias is not ready for use yet. If the status is `READY` , the Object Lambda Access Point alias is successfully provisioned and ready for use.", + "title": "Status", + "type": "string" }, - "Type": { - "markdownDescription": "Specifies the type of configuration item. Each item must have a unique value for type. For the list of the types that you can specify for a configuration item, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Type", + "Value": { + "markdownDescription": "The alias value of the Object Lambda Access Point.", + "title": "Value", "type": "string" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::ResourceGroups::Group.ConfigurationParameter": { + "AWS::S3ObjectLambda::AccessPoint.AwsLambda": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the group configuration parameter. For the list of parameters that you can use with each configuration item type, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Name", + "FunctionArn": { + "markdownDescription": "", + "title": "FunctionArn", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The value or values to be used for the specified parameter. For the list of values you can use with each parameter, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) .", - "title": "Values", - "type": "array" + "FunctionPayload": { + "markdownDescription": "", + "title": "FunctionPayload", + "type": "string" } }, + "required": [ + "FunctionArn" + ], "type": "object" }, - "AWS::ResourceGroups::Group.Query": { + "AWS::S3ObjectLambda::AccessPoint.ContentTransformation": { "additionalProperties": false, "properties": { - "ResourceTypeFilters": { + "AwsLambda": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.AwsLambda", + "markdownDescription": "", + "title": "AwsLambda" + } + }, + "required": [ + "AwsLambda" + ], + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedFeatures": { "items": { "type": "string" }, - "markdownDescription": "Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `[\"AWS::EC2::Instance\", \"AWS::DynamoDB::Table\"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `[\"AWS::AllSupported\"]` .", - "title": "ResourceTypeFilters", + "markdownDescription": "A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` .", + "title": "AllowedFeatures", "type": "array" }, - "StackIdentifier": { - "markdownDescription": "Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped.\n\nYou can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.`", - "title": "StackIdentifier", + "CloudWatchMetricsEnabled": { + "markdownDescription": "A container for whether the CloudWatch metrics configuration is enabled.", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" + }, + "SupportingAccessPoint": { + "markdownDescription": "Standard access point associated with the Object Lambda Access Point.", + "title": "SupportingAccessPoint", "type": "string" }, - "TagFilters": { + "TransformationConfigurations": { "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.TagFilter" + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration" }, - "markdownDescription": "A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` .\n\nA resource must have a tag that matches every filter that is provided in the `TagFilters` list.", - "title": "TagFilters", + "markdownDescription": "A container for transformation configurations for an Object Lambda Access Point.", + "title": "TransformationConfigurations", "type": "array" } }, + "required": [ + "SupportingAccessPoint", + "TransformationConfigurations" + ], "type": "object" }, - "AWS::ResourceGroups::Group.ResourceQuery": { + "AWS::S3ObjectLambda::AccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { - "Query": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.Query", - "markdownDescription": "The query that defines the membership of the group. This is a structure with properties that depend on the `Type` .\n\nThe `Query` structure must be included in the following scenarios:\n\n- When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group.\n- When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing.", - "title": "Query" + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:\n\n- `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "BlockPublicAcls", + "type": "boolean" }, - "Type": { - "markdownDescription": "Specifies the type of resource query that determines this group's membership. There are two valid query types:\n\n- `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query.\n- `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined.", - "title": "Type", - "type": "string" + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "RestrictPublicBuckets", + "type": "boolean" } }, "type": "object" }, - "AWS::ResourceGroups::Group.TagFilter": { + "AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group.\n\nThis field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key.", - "title": "Key", - "type": "string" - }, - "Values": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member.", - "title": "Values", + "markdownDescription": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` .", + "title": "Actions", "type": "array" + }, + "ContentTransformation": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ContentTransformation", + "markdownDescription": "A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* .", + "title": "ContentTransformation" } }, + "required": [ + "Actions", + "ContentTransformation" + ], "type": "object" }, - "AWS::RoboMaker::Fleet": { + "AWS::S3ObjectLambda::AccessPointPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -230485,28 +281537,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the fleet.", - "title": "Name", + "ObjectLambdaAccessPoint": { + "markdownDescription": "An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.", + "title": "ObjectLambdaAccessPoint", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The list of all tags added to the fleet.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", + "PolicyDocument": { + "markdownDescription": "Object Lambda Access Point resource policy document.", + "title": "PolicyDocument", "type": "object" } }, + "required": [ + "ObjectLambdaAccessPoint", + "PolicyDocument" + ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::Fleet" + "AWS::S3ObjectLambda::AccessPointPolicy" ], "type": "string" }, @@ -230520,11 +281570,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::RoboMaker::Robot": { + "AWS::S3Outposts::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -230559,47 +281610,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Architecture": { - "markdownDescription": "The architecture of the robot.", - "title": "Architecture", - "type": "string" - }, - "Fleet": { - "markdownDescription": "The Amazon Resource Name (ARN) of the fleet to which the robot will be registered.", - "title": "Fleet", - "type": "string" - }, - "GreengrassGroupId": { - "markdownDescription": "The Greengrass group associated with the robot.", - "title": "GreengrassGroupId", + "Bucket": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 on Outposts bucket that is associated with this access point.", + "title": "Bucket", "type": "string" }, "Name": { - "markdownDescription": "The name of the robot.", + "markdownDescription": "The name of this access point.", "title": "Name", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", + "Policy": { + "markdownDescription": "The access point policy associated with this access point.", + "title": "Policy", "type": "object" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3Outposts::AccessPoint.VpcConfiguration", + "markdownDescription": "The virtual private cloud (VPC) configuration for this access point, if one exists.", + "title": "VpcConfiguration" } }, "required": [ - "Architecture", - "GreengrassGroupId" + "Bucket", + "Name", + "VpcConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::Robot" + "AWS::S3Outposts::AccessPoint" ], "type": "string" }, @@ -230618,7 +281659,18 @@ ], "type": "object" }, - "AWS::RoboMaker::RobotApplication": { + "AWS::S3Outposts::AccessPoint.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3Outposts::Bucket": { "additionalProperties": false, "properties": { "Condition": { @@ -230653,54 +281705,39 @@ "Properties": { "additionalProperties": false, "properties": { - "CurrentRevisionId": { - "markdownDescription": "The current revision id.", - "title": "CurrentRevisionId", + "BucketName": { + "markdownDescription": "A name for the S3 on Outposts bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html) . For more information, see [Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", "type": "string" }, - "Environment": { - "markdownDescription": "The environment of the robot application.", - "title": "Environment", - "type": "string" + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.LifecycleConfiguration", + "markdownDescription": "Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.", + "title": "LifecycleConfiguration" }, - "Name": { - "markdownDescription": "The name of the robot application.", - "title": "Name", + "OutpostId": { + "markdownDescription": "The ID of the Outpost of the specified bucket.", + "title": "OutpostId", "type": "string" }, - "RobotSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.RobotSoftwareSuite", - "markdownDescription": "The robot software suite used by the robot application.", - "title": "RobotSoftwareSuite" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.SourceConfig" - }, - "markdownDescription": "The sources of the robot application.", - "title": "Sources", - "type": "array" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) .\n\nUse tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) .\n\n> Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [Using cost allocation and bucket tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html) . \n\nTo use this resource, you must have permissions to perform the `s3-outposts:PutBucketTagging` . The S3 on Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) .", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "RobotSoftwareSuite" + "BucketName", + "OutpostId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::RobotApplication" + "AWS::S3Outposts::Bucket" ], "type": "string" }, @@ -230719,52 +281756,140 @@ ], "type": "object" }, - "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { + "AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", - "title": "Name", + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after initiation that Amazon S3 on Outposts aborts an incomplete multipart upload.", + "title": "DaysAfterInitiation", + "type": "number" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.Filter": { + "additionalProperties": false, + "properties": { + "AndOperator": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterAndOperator", + "markdownDescription": "", + "title": "AndOperator" + }, + "Prefix": { + "markdownDescription": "", + "title": "Prefix", "type": "string" }, - "Version": { - "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", - "title": "Version", + "Tag": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag", + "markdownDescription": "", + "title": "Tag" + } + }, + "type": "object" + }, + "AWS::S3Outposts::Bucket.FilterAndOperator": { + "additionalProperties": false, + "properties": { + "Prefix": { + "markdownDescription": "", + "title": "Prefix", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "Tags" ], "type": "object" }, - "AWS::RoboMaker::RobotApplication.SourceConfig": { + "AWS::S3Outposts::Bucket.FilterTag": { "additionalProperties": false, "properties": { - "Architecture": { - "markdownDescription": "The target processor architecture for the application.", - "title": "Architecture", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3Bucket", + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.Rule" + }, + "markdownDescription": "The container for the lifecycle configuration rules for the objects stored in the S3 on Outposts bucket.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.Rule": { + "additionalProperties": false, + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload", + "markdownDescription": "The container for the abort incomplete multipart upload rule.", + "title": "AbortIncompleteMultipartUpload" + }, + "ExpirationDate": { + "markdownDescription": "Specifies the expiration for the lifecycle of the object by specifying an expiry date.", + "title": "ExpirationDate", "type": "string" }, - "S3Key": { - "markdownDescription": "The s3 object key.", - "title": "S3Key", + "ExpirationInDays": { + "markdownDescription": "Specifies the expiration for the lifecycle of the object in the form of days that the object has been in the S3 on Outposts bucket.", + "title": "ExpirationInDays", + "type": "number" + }, + "Filter": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.Filter", + "markdownDescription": "The container for the filter of the lifecycle rule.", + "title": "Filter" + }, + "Id": { + "markdownDescription": "", + "title": "Id", + "type": "string" + }, + "Status": { + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", + "title": "Status", "type": "string" } }, "required": [ - "Architecture", - "S3Bucket", - "S3Key" + "Status" ], "type": "object" }, - "AWS::RoboMaker::RobotApplicationVersion": { + "AWS::S3Outposts::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -230799,25 +281924,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The application information for the robot application.", - "title": "Application", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 Outposts bucket to which the policy applies.", + "title": "Bucket", "type": "string" }, - "CurrentRevisionId": { - "markdownDescription": "The current revision id for the robot application. If you provide a value and it matches the latest revision ID, a new version will be created.", - "title": "CurrentRevisionId", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .", + "title": "PolicyDocument", + "type": "object" } }, "required": [ - "Application" + "Bucket", + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::RobotApplicationVersion" + "AWS::S3Outposts::BucketPolicy" ], "type": "string" }, @@ -230836,7 +281962,7 @@ ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication": { + "AWS::S3Outposts::Endpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -230871,65 +281997,47 @@ "Properties": { "additionalProperties": false, "properties": { - "CurrentRevisionId": { - "markdownDescription": "The current revision id.", - "title": "CurrentRevisionId", - "type": "string" - }, - "Environment": { - "markdownDescription": "The environment of the simulation application.", - "title": "Environment", + "AccessType": { + "markdownDescription": "The container for the type of connectivity used to access the Amazon S3 on Outposts endpoint. To use the Amazon VPC , choose `Private` . To use the endpoint with an on-premises network, choose `CustomerOwnedIp` . If you choose `CustomerOwnedIp` , you must also provide the customer-owned IP address pool (CoIP pool).\n\n> `Private` is the default access type value.", + "title": "AccessType", "type": "string" }, - "Name": { - "markdownDescription": "The name of the simulation application.", - "title": "Name", + "CustomerOwnedIpv4Pool": { + "markdownDescription": "The ID of the customer-owned IPv4 address pool (CoIP pool) for the endpoint. IP addresses are allocated from this pool for the endpoint.", + "title": "CustomerOwnedIpv4Pool", "type": "string" }, - "RenderingEngine": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RenderingEngine", - "markdownDescription": "The rendering engine for the simulation application.", - "title": "RenderingEngine" - }, - "RobotSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite", - "markdownDescription": "The robot software suite used by the simulation application.", - "title": "RobotSoftwareSuite" + "FailedReason": { + "$ref": "#/definitions/AWS::S3Outposts::Endpoint.FailedReason", + "markdownDescription": "The failure reason, if any, for a create or delete endpoint operation.", + "title": "FailedReason" }, - "SimulationSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite", - "markdownDescription": "The simulation software suite used by the simulation application.", - "title": "SimulationSoftwareSuite" + "OutpostId": { + "markdownDescription": "The ID of the Outpost.", + "title": "OutpostId", + "type": "string" }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SourceConfig" - }, - "markdownDescription": "The sources of the simulation application.", - "title": "Sources", - "type": "array" + "SecurityGroupId": { + "markdownDescription": "The ID of the security group used for the endpoint.", + "title": "SecurityGroupId", + "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the simulation application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "SubnetId": { + "markdownDescription": "The ID of the subnet used for the endpoint.", + "title": "SubnetId", + "type": "string" } }, "required": [ - "RobotSoftwareSuite", - "SimulationSoftwareSuite" + "OutpostId", + "SecurityGroupId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::SimulationApplication" + "AWS::S3Outposts::Endpoint" ], "type": "string" }, @@ -230948,91 +282056,37 @@ ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.RenderingEngine": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the rendering engine.", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of the rendering engine.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Name", - "Version" - ], - "type": "object" - }, - "AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite": { + "AWS::S3Outposts::Endpoint.FailedReason": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the simulation software suite. `SimulationRuntime` is the only supported value.", - "title": "Name", + "ErrorCode": { + "markdownDescription": "The failure code, if any, for a create or delete endpoint operation.", + "title": "ErrorCode", "type": "string" }, - "Version": { - "markdownDescription": "The version of the simulation software suite. Not applicable for `SimulationRuntime` .", - "title": "Version", + "Message": { + "markdownDescription": "Additional error details describing the endpoint failure and recommended action.", + "title": "Message", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.SourceConfig": { + "AWS::S3Outposts::Endpoint.NetworkInterface": { "additionalProperties": false, "properties": { - "Architecture": { - "markdownDescription": "The target processor architecture for the application.", - "title": "Architecture", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The s3 object key.", - "title": "S3Key", + "NetworkInterfaceId": { + "markdownDescription": "The ID for the network interface.", + "title": "NetworkInterfaceId", "type": "string" } }, "required": [ - "Architecture", - "S3Bucket", - "S3Key" + "NetworkInterfaceId" ], "type": "object" }, - "AWS::RoboMaker::SimulationApplicationVersion": { + "AWS::S3Tables::Namespace": { "additionalProperties": false, "properties": { "Condition": { @@ -231067,25 +282121,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The application information for the simulation application.", - "title": "Application", + "Namespace": { + "markdownDescription": "The name of the namespace.", + "title": "Namespace", "type": "string" }, - "CurrentRevisionId": { - "markdownDescription": "The current revision id for the simulation application. If you provide a value and it matches the latest revision ID, a new version will be created.", - "title": "CurrentRevisionId", + "TableBucketARN": { + "markdownDescription": "", + "title": "TableBucketARN", "type": "string" } }, "required": [ - "Application" + "Namespace", + "TableBucketARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::SimulationApplicationVersion" + "AWS::S3Tables::Namespace" ], "type": "string" }, @@ -231104,7 +282159,7 @@ ], "type": "object" }, - "AWS::RolesAnywhere::CRL": { + "AWS::S3Tables::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -231139,44 +282194,58 @@ "Properties": { "additionalProperties": false, "properties": { - "CrlData": { - "markdownDescription": "The x509 v3 specified certificate revocation list (CRL).", - "title": "CrlData", + "Compaction": { + "$ref": "#/definitions/AWS::S3Tables::Table.Compaction", + "markdownDescription": "", + "title": "Compaction" + }, + "IcebergMetadata": { + "$ref": "#/definitions/AWS::S3Tables::Table.IcebergMetadata", + "markdownDescription": "Contains details about the metadata for an Iceberg table.", + "title": "IcebergMetadata" + }, + "Namespace": { + "markdownDescription": "The name of the namespace.", + "title": "Namespace", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the certificate revocation list (CRL) is enabled.", - "title": "Enabled", - "type": "boolean" + "OpenTableFormat": { + "markdownDescription": "", + "title": "OpenTableFormat", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the certificate revocation list (CRL).", - "title": "Name", + "SnapshotManagement": { + "$ref": "#/definitions/AWS::S3Tables::Table.SnapshotManagement", + "markdownDescription": "", + "title": "SnapshotManagement" + }, + "TableBucketARN": { + "markdownDescription": "", + "title": "TableBucketARN", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to attach to the certificate revocation list (CRL).", - "title": "Tags", - "type": "array" + "TableName": { + "markdownDescription": "", + "title": "TableName", + "type": "string" }, - "TrustAnchorArn": { - "markdownDescription": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.", - "title": "TrustAnchorArn", + "WithoutMetadata": { + "markdownDescription": "", + "title": "WithoutMetadata", "type": "string" } }, "required": [ - "CrlData", - "Name" + "Namespace", + "OpenTableFormat", + "TableBucketARN", + "TableName" ], "type": "object" }, "Type": { "enum": [ - "AWS::RolesAnywhere::CRL" + "AWS::S3Tables::Table" ], "type": "string" }, @@ -231195,119 +282264,100 @@ ], "type": "object" }, - "AWS::RolesAnywhere::Profile": { + "AWS::S3Tables::Table.Compaction": { "additionalProperties": false, "properties": { - "Condition": { + "Status": { + "markdownDescription": "", + "title": "Status", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetFileSizeMB": { + "markdownDescription": "", + "title": "TargetFileSizeMB", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3Tables::Table.IcebergMetadata": { + "additionalProperties": false, + "properties": { + "IcebergSchema": { + "$ref": "#/definitions/AWS::S3Tables::Table.IcebergSchema", + "markdownDescription": "", + "title": "IcebergSchema" + } + }, + "required": [ + "IcebergSchema" + ], + "type": "object" + }, + "AWS::S3Tables::Table.IcebergSchema": { + "additionalProperties": false, + "properties": { + "SchemaFieldList": { + "items": { + "$ref": "#/definitions/AWS::S3Tables::Table.SchemaField" + }, + "markdownDescription": "", + "title": "SchemaFieldList", + "type": "array" + } + }, + "required": [ + "SchemaFieldList" + ], + "type": "object" + }, + "AWS::S3Tables::Table.SchemaField": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the field.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DurationSeconds": { - "markdownDescription": "The number of seconds vended session credentials will be valid for", - "title": "DurationSeconds", - "type": "number" - }, - "Enabled": { - "markdownDescription": "The enabled status of the resource.", - "title": "Enabled", - "type": "boolean" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", - "title": "ManagedPolicyArns", - "type": "array" - }, - "Name": { - "markdownDescription": "The customer specified name of the resource.", - "title": "Name", - "type": "string" - }, - "RequireInstanceProperties": { - "markdownDescription": "Specifies whether instance properties are required in CreateSession requests with this profile.", - "title": "RequireInstanceProperties", - "type": "boolean" - }, - "RoleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", - "title": "RoleArns", - "type": "array" - }, - "SessionPolicy": { - "markdownDescription": "A session policy that will applied to the trust boundary of the vended session credentials.", - "title": "SessionPolicy", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of Tags.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name", - "RoleArns" - ], - "type": "object" + "Required": { + "markdownDescription": "A Boolean value that specifies whether values are required for each row in this field. By default, this is `false` and null values are allowed in the field. If this is `true` the field does not allow null values.", + "title": "Required", + "type": "boolean" }, "Type": { - "enum": [ - "AWS::RolesAnywhere::Profile" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The field type. S3 Tables supports all Apache Iceberg primitive types. For more information, see the [Apache Iceberg documentation](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#primitive-types) .", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "Type" ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor": { + "AWS::S3Tables::Table.SnapshotManagement": { + "additionalProperties": false, + "properties": { + "MaxSnapshotAgeHours": { + "markdownDescription": "", + "title": "MaxSnapshotAgeHours", + "type": "number" + }, + "MinSnapshotsToKeep": { + "markdownDescription": "", + "title": "MinSnapshotsToKeep", + "type": "number" + }, + "Status": { + "markdownDescription": "", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3Tables::TableBucket": { "additionalProperties": false, "properties": { "Condition": { @@ -231342,47 +282392,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether the trust anchor is enabled.", - "title": "Enabled", - "type": "boolean" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3Tables::TableBucket.EncryptionConfiguration", + "markdownDescription": "Configuration specifying how data should be encrypted. This structure defines the encryption algorithm and optional KMS key to be used for server-side encryption.", + "title": "EncryptionConfiguration" }, - "Name": { - "markdownDescription": "The name of the trust anchor.", - "title": "Name", + "TableBucketName": { + "markdownDescription": "The name for the table bucket.", + "title": "TableBucketName", "type": "string" }, - "NotificationSettings": { - "items": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.NotificationSetting" - }, - "markdownDescription": "A list of notification settings to be associated to the trust anchor.", - "title": "NotificationSettings", - "type": "array" - }, - "Source": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.Source", - "markdownDescription": "The trust anchor type and its related certificate data.", - "title": "Source" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to attach to the trust anchor.", - "title": "Tags", - "type": "array" + "UnreferencedFileRemoval": { + "$ref": "#/definitions/AWS::S3Tables::TableBucket.UnreferencedFileRemoval", + "markdownDescription": "The unreferenced file removal settings for your table bucket. Unreferenced file removal identifies and deletes all objects that are not referenced by any table snapshots. For more information, see the [*Amazon S3 User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-table-buckets-maintenance.html) .", + "title": "UnreferencedFileRemoval" } }, "required": [ - "Name", - "Source" + "TableBucketName" ], "type": "object" }, "Type": { "enum": [ - "AWS::RolesAnywhere::TrustAnchor" + "AWS::S3Tables::TableBucket" ], "type": "string" }, @@ -231401,69 +282434,44 @@ ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.NotificationSetting": { + "AWS::S3Tables::TableBucket.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and AWS Health Dashboard to notify for an event.\n\n> In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels.", - "title": "Channel", + "KMSKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to use for encryption. This field is required only when `sseAlgorithm` is set to `aws:kms` .", + "title": "KMSKeyArn", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether the notification setting is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Event": { - "markdownDescription": "The event to which this notification setting is applied.", - "title": "Event", + "SSEAlgorithm": { + "markdownDescription": "The server-side encryption algorithm to use. Valid values are `AES256` for S3-managed encryption keys, or `aws:kms` for AWS KMS-managed encryption keys. If you choose SSE-KMS encryption you must grant the S3 Tables maintenance principal access to your KMS key. For more information, see [Permissions requirements for S3 Tables SSE-KMS encryption](https://docs.aws.amazon.com//AmazonS3/latest/userguide/s3-tables-kms-permissions.html) .", + "title": "SSEAlgorithm", "type": "string" - }, - "Threshold": { - "markdownDescription": "The number of days before a notification event. This value is required for a notification setting that is enabled.", - "title": "Threshold", - "type": "number" } }, - "required": [ - "Enabled", - "Event" - ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.Source": { + "AWS::S3Tables::TableBucket.UnreferencedFileRemoval": { "additionalProperties": false, "properties": { - "SourceData": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.SourceData", - "markdownDescription": "A union object representing the data field of the TrustAnchor depending on its type", - "title": "SourceData" + "NoncurrentDays": { + "markdownDescription": "The number of days an object can be noncurrent before Amazon S3 deletes it.", + "title": "NoncurrentDays", + "type": "number" }, - "SourceType": { - "markdownDescription": "The type of the TrustAnchor.", - "title": "SourceType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RolesAnywhere::TrustAnchor.SourceData": { - "additionalProperties": false, - "properties": { - "AcmPcaArn": { - "markdownDescription": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .\n\n> This field is not supported in your region.", - "title": "AcmPcaArn", + "Status": { + "markdownDescription": "The status of the unreferenced file removal configuration for your table bucket.", + "title": "Status", "type": "string" }, - "X509CertificateData": { - "markdownDescription": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` .", - "title": "X509CertificateData", - "type": "string" + "UnreferencedDays": { + "markdownDescription": "The number of days an object must be unreferenced by your table before Amazon S3 marks the object as noncurrent.", + "title": "UnreferencedDays", + "type": "number" } }, "type": "object" }, - "AWS::Route53::CidrCollection": { + "AWS::S3Tables::TableBucketPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -231498,28 +282506,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Locations": { - "items": { - "$ref": "#/definitions/AWS::Route53::CidrCollection.Location" - }, - "markdownDescription": "A complex type that contains information about the list of CIDR locations.", - "title": "Locations", - "type": "array" + "ResourcePolicy": { + "markdownDescription": "The bucket policy JSON for the table bucket.", + "title": "ResourcePolicy", + "type": "object" }, - "Name": { - "markdownDescription": "The name of a CIDR collection.", - "title": "Name", + "TableBucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the table bucket.", + "title": "TableBucketARN", "type": "string" } }, "required": [ - "Name" + "ResourcePolicy", + "TableBucketARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::CidrCollection" + "AWS::S3Tables::TableBucketPolicy" ], "type": "string" }, @@ -231538,30 +282544,80 @@ ], "type": "object" }, - "AWS::Route53::CidrCollection.Location": { + "AWS::S3Tables::TablePolicy": { "additionalProperties": false, "properties": { - "CidrList": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourcePolicy": { + "markdownDescription": "", + "title": "ResourcePolicy", + "type": "object" + }, + "TableARN": { + "markdownDescription": "", + "title": "TableARN", + "type": "string" + } }, - "markdownDescription": "List of CIDR blocks.", - "title": "CidrList", - "type": "array" + "required": [ + "ResourcePolicy", + "TableARN" + ], + "type": "object" }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", + "Type": { + "enum": [ + "AWS::S3Tables::TablePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CidrList", - "LocationName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53::DNSSEC": { + "AWS::SDB::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -231596,20 +282652,17 @@ "Properties": { "additionalProperties": false, "properties": { - "HostedZoneId": { - "markdownDescription": "A unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", - "title": "HostedZoneId", + "Description": { + "markdownDescription": "Information about the SimpleDB domain.", + "title": "Description", "type": "string" } }, - "required": [ - "HostedZoneId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::DNSSEC" + "AWS::SDB::Domain" ], "type": "string" }, @@ -231623,12 +282676,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53::HealthCheck": { + "AWS::SES::ConfigurationSet": { "additionalProperties": false, "properties": { "Condition": { @@ -231663,28 +282715,55 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckConfig", - "markdownDescription": "A complex type that contains detailed information about one health check.\n\nFor the values to enter for `HealthCheckConfig` , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)", - "title": "HealthCheckConfig" + "DeliveryOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.DeliveryOptions", + "markdownDescription": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS).", + "title": "DeliveryOptions" }, - "HealthCheckTags": { + "Name": { + "markdownDescription": "The name of the configuration set. The name must meet the following requirements:\n\n- Contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" + }, + "ReputationOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.ReputationOptions", + "markdownDescription": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", + "title": "ReputationOptions" + }, + "SendingOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.SendingOptions", + "markdownDescription": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", + "title": "SendingOptions" + }, + "SuppressionOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.SuppressionOptions", + "markdownDescription": "An object that contains information about the suppression list preferences for your account.", + "title": "SuppressionOptions" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckTag" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The `HealthCheckTags` property describes key-value pairs that are associated with an `AWS::Route53::HealthCheck` resource.", - "title": "HealthCheckTags", + "markdownDescription": "An array of objects that define the tags (keys and values) that are associated with the configuration set.", + "title": "Tags", "type": "array" + }, + "TrackingOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.TrackingOptions", + "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", + "title": "TrackingOptions" + }, + "VdmOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.VdmOptions", + "markdownDescription": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set.", + "title": "VdmOptions" } }, - "required": [ - "HealthCheckConfig" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::HealthCheck" + "AWS::SES::ConfigurationSet" ], "type": "string" }, @@ -231698,152 +282777,128 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53::HealthCheck.AlarmIdentifier": { + "AWS::SES::ConfigurationSet.DashboardOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy.\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in.\n\nFor the current list of CloudWatch regions, see [Amazon CloudWatch endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/cw_region.html) in the *Amazon Web Services General Reference* .", - "title": "Region", + "EngagementMetrics": { + "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for the configuration set.", + "title": "EngagementMetrics", "type": "string" } }, "required": [ - "Name", - "Region" + "EngagementMetrics" ], "type": "object" }, - "AWS::Route53::HealthCheck.HealthCheckConfig": { + "AWS::SES::ConfigurationSet.DeliveryOptions": { "additionalProperties": false, "properties": { - "AlarmIdentifier": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.AlarmIdentifier", - "markdownDescription": "A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy.", - "title": "AlarmIdentifier" - }, - "ChildHealthChecks": { - "items": { - "type": "string" - }, - "markdownDescription": "(CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check.", - "title": "ChildHealthChecks", - "type": "array" - }, - "EnableSNI": { - "markdownDescription": "Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate.\n\nSome endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid.\n\nThe SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message.", - "title": "EnableSNI", - "type": "boolean" - }, - "FailureThreshold": { - "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .\n\nIf you don't specify a value for `FailureThreshold` , the default value is three health checks.", - "title": "FailureThreshold", + "MaxDeliverySeconds": { + "markdownDescription": "The maximum amount of time, in seconds, that Amazon SES API v2 will attempt delivery of email. If specified, the value must greater than or equal to 300 seconds (5 minutes) and less than or equal to 50400 seconds (840 minutes).", + "title": "MaxDeliverySeconds", "type": "number" }, - "FullyQualifiedDomainName": { - "markdownDescription": "Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` .\n\n*If you specify a value for* `IPAddress` :\n\nAmazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.\n\nWhen Route 53 checks the health of an endpoint, here is how it constructs the `Host` header:\n\n- If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header.\n- If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header.\n- If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header.\n\nIf you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases.\n\n*If you don't specify a value for `IPAddress`* :\n\nRoute 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.\n\n> If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a \"DNS resolution failed\" error. \n\nIf you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com).\n\n> In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. \n\nIn addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header.", - "title": "FullyQualifiedDomainName", + "SendingPoolName": { + "markdownDescription": "The name of the dedicated IP pool to associate with the configuration set.", + "title": "SendingPoolName", "type": "string" }, - "HealthThreshold": { - "markdownDescription": "The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element.\n\nNote the following:\n\n- If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy.\n- If you specify `0` , Route 53 always considers this health check to be healthy.", - "title": "HealthThreshold", - "type": "number" - }, - "IPAddress": { - "markdownDescription": "The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint.\n\nUse one of the following formats for the value of `IPAddress` :\n\n- *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` .\n- *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` .\n\nIf the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change.\n\nFor more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) .\n\nConstraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents:\n\n- [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735)\n- [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598)\n- [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156)\n\nWhen the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` .", - "title": "IPAddress", + "TlsPolicy": { + "markdownDescription": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is `REQUIRE` , messages are only delivered if a TLS connection can be established. If the value is `OPTIONAL` , messages can be delivered in plain text if a TLS connection can't be established.\n\nValid Values: `REQUIRE | OPTIONAL`", + "title": "TlsPolicy", "type": "string" - }, - "InsufficientDataHealthStatus": { - "markdownDescription": "When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check:\n\n- `Healthy` : Route 53 considers the health check to be healthy.\n- `Unhealthy` : Route 53 considers the health check to be unhealthy.\n- `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy.", - "title": "InsufficientDataHealthStatus", + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.GuardianOptions": { + "additionalProperties": false, + "properties": { + "OptimizedSharedDelivery": { + "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for the configuration set.", + "title": "OptimizedSharedDelivery", "type": "string" - }, - "Inverted": { - "markdownDescription": "Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy.", - "title": "Inverted", + } + }, + "required": [ + "OptimizedSharedDelivery" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSet.ReputationOptions": { + "additionalProperties": false, + "properties": { + "ReputationMetricsEnabled": { + "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", + "title": "ReputationMetricsEnabled", "type": "boolean" - }, - "MeasureLatency": { - "markdownDescription": "Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.\n\n> You can't change the value of `MeasureLatency` after you create a health check.", - "title": "MeasureLatency", + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.SendingOptions": { + "additionalProperties": false, + "properties": { + "SendingEnabled": { + "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", + "title": "SendingEnabled", "type": "boolean" - }, - "Port": { - "markdownDescription": "The port on the endpoint that you want Amazon Route 53 to perform health checks on.\n\n> Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` .", - "title": "Port", - "type": "number" - }, - "Regions": { + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.SuppressionOptions": { + "additionalProperties": false, + "properties": { + "SuppressedReasons": { "items": { "type": "string" }, - "markdownDescription": "A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint.\n\nIf you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* .\n\nIf you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions).", - "title": "Regions", + "markdownDescription": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce.", + "title": "SuppressedReasons", "type": "array" - }, - "RequestInterval": { - "markdownDescription": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.\n\n> You can't change the value of `RequestInterval` after you create a health check. \n\nIf you don't specify a value for `RequestInterval` , the default value is `30` seconds.", - "title": "RequestInterval", - "type": "number" - }, - "ResourcePath": { - "markdownDescription": "The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp&login=y` .", - "title": "ResourcePath", - "type": "string" - }, - "RoutingControlArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control.\n\nFor more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) .", - "title": "RoutingControlArn", - "type": "string" - }, - "SearchString": { - "markdownDescription": "If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy.\n\nRoute 53 considers case when searching for `SearchString` in the response body.", - "title": "SearchString", + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.TrackingOptions": { + "additionalProperties": false, + "properties": { + "CustomRedirectDomain": { + "markdownDescription": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", + "title": "CustomRedirectDomain", "type": "string" }, - "Type": { - "markdownDescription": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *TCP* : Route 53 tries to establish a TCP connection.\n- *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` .\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.\n- *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` .\n- *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy.\n\nFor more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Type", + "HttpsPolicy": { + "markdownDescription": "The https policy to use for tracking open and click events.", + "title": "HttpsPolicy", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Route53::HealthCheck.HealthCheckTag": { + "AWS::SES::ConfigurationSet.VdmOptions": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", - "title": "Key", - "type": "string" + "DashboardOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.DashboardOptions", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", + "title": "DashboardOptions" }, - "Value": { - "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", - "title": "Value", - "type": "string" + "GuardianOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.GuardianOptions", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", + "title": "GuardianOptions" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::Route53::HostedZone": { + "AWS::SES::ConfigurationSetEventDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -231878,43 +282933,26 @@ "Properties": { "additionalProperties": false, "properties": { - "HostedZoneConfig": { - "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneConfig", - "markdownDescription": "A complex type that contains an optional comment.\n\nIf you don't want to specify a comment, omit the `HostedZoneConfig` and `Comment` elements.", - "title": "HostedZoneConfig" - }, - "HostedZoneTags": { - "items": { - "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneTag" - }, - "markdownDescription": "Adds, edits, or deletes tags for a health check or a hosted zone.\n\nFor information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *Billing and Cost Management User Guide* .", - "title": "HostedZoneTags", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n\nIf you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of `NameServers` that are returned by the `Fn::GetAtt` intrinsic function.", - "title": "Name", + "ConfigurationSetName": { + "markdownDescription": "The name of the configuration set that contains the event destination.", + "title": "ConfigurationSetName", "type": "string" }, - "QueryLoggingConfig": { - "$ref": "#/definitions/AWS::Route53::HostedZone.QueryLoggingConfig", - "markdownDescription": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n\nDNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n\n- Route 53 edge location that responded to the DNS query\n- Domain or subdomain that was requested\n- DNS record type, such as A or AAAA\n- DNS response code, such as `NoError` or `ServFail`\n\n- **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.\n\n> If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. \n\n- Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:\n\n- You must create the log group in the us-east-1 region.\n- You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for.\n- When you create log groups for query logging, we recommend that you use a consistent prefix, for example:\n\n`/aws/route53/ *hosted zone name*`\n\nIn the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging.\n- Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of `Resource` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with `*` , for example:\n\n`arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`\n\nTo avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:\n\n- For `aws:SourceArn` , supply the hosted zone ARN used in creating the query logging configuration. For example, `aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID` .\n- For `aws:SourceAccount` , supply the account ID for the account that creates the query logging configuration. For example, `aws:SourceAccount:111111111111` .\n\nFor more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .\n\n> You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI .\n- **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:\n\n- Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location.\n- Begins to send query logs to the applicable log stream.\n\nThe name of each log stream is in the following format:\n\n`*hosted zone ID* / *edge location code*`\n\nThe edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page.\n- **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* .\n- **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* .\n- **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) .\n- **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .", - "title": "QueryLoggingConfig" - }, - "VPCs": { - "items": { - "$ref": "#/definitions/AWS::Route53::HostedZone.VPC" - }, - "markdownDescription": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCs", - "type": "array" + "EventDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventDestination", + "markdownDescription": "An object that defines the event destination.", + "title": "EventDestination" } }, + "required": [ + "ConfigurationSetName", + "EventDestination" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::HostedZone" + "AWS::SES::ConfigurationSetEventDestination" ], "type": "string" }, @@ -231928,76 +282966,147 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53::HostedZone.HostedZoneConfig": { + "AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "Any comments that you want to include about the hosted zone.", - "title": "Comment", - "type": "string" + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration" + }, + "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", + "title": "DimensionConfigurations", + "type": "array" } }, "type": "object" }, - "AWS::Route53::HostedZone.HostedZoneTag": { + "AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", - "title": "Key", + "DefaultDimensionValue": { + "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- Can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-), at signs (@), and periods (.).\n- It can contain no more than 256 characters.", + "title": "DefaultDimensionValue", "type": "string" }, - "Value": { - "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", - "title": "Value", + "DimensionName": { + "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DimensionName", + "type": "string" + }, + "DimensionValueSource": { + "markdownDescription": "The location where the Amazon SES API v2 finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` or `SendRawEmail` API, choose `messageTag` . To use your own email headers, choose `emailHeader` . To use link tags, choose `linkTag` .", + "title": "DimensionValueSource", "type": "string" } }, "required": [ - "Key", - "Value" + "DefaultDimensionValue", + "DimensionName", + "DimensionValueSource" ], "type": "object" }, - "AWS::Route53::HostedZone.QueryLoggingConfig": { + "AWS::SES::ConfigurationSetEventDestination.EventBridgeDestination": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to.", - "title": "CloudWatchLogsLogGroupArn", + "EventBusArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EventBridge bus to publish email events to. Only the default bus is supported.", + "title": "EventBusArn", "type": "string" } }, "required": [ - "CloudWatchLogsLogGroupArn" + "EventBusArn" ], "type": "object" }, - "AWS::Route53::HostedZone.VPC": { + "AWS::SES::ConfigurationSetEventDestination.EventDestination": { "additionalProperties": false, "properties": { - "VPCId": { - "markdownDescription": "*Private hosted zones only:* The ID of an Amazon VPC.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCId", + "CloudWatchDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination", + "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", + "title": "CloudWatchDestination" + }, + "Enabled": { + "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", + "title": "Enabled", + "type": "boolean" + }, + "EventBridgeDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventBridgeDestination", + "markdownDescription": "An object that defines an Amazon EventBridge destination for email events. You can use Amazon EventBridge to send notifications when certain email events occur.", + "title": "EventBridgeDestination" + }, + "KinesisFirehoseDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination", + "markdownDescription": "An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination.", + "title": "KinesisFirehoseDestination" + }, + "MatchingEventTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of events that Amazon SES sends to the specified event destinations.\n\n- `SEND` - The send request was successful and SES will attempt to deliver the message to the recipient\u2019s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)\n- `REJECT` - SES accepted the email, but determined that it contained a virus and didn\u2019t attempt to deliver it to the recipient\u2019s mail server.\n- `BOUNCE` - ( *Hard bounce* ) The recipient's mail server permanently rejected the email. ( *Soft bounces* are only included when SES fails to deliver the email after retrying for a period of time.)\n- `COMPLAINT` - The email was successfully delivered to the recipient\u2019s mail server, but the recipient marked it as spam.\n- `DELIVERY` - SES successfully delivered the email to the recipient's mail server.\n- `OPEN` - The recipient received the message and opened it in their email client.\n- `CLICK` - The recipient clicked one or more links in the email.\n- `RENDERING_FAILURE` - The email wasn't sent because of a template rendering issue. This event type can occur when template data is missing, or when there is a mismatch between template parameters and data. (This event type only occurs when you send email using the [`SendEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html) or [`SendBulkEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendBulkEmail.html) API operations.)\n- `DELIVERY_DELAY` - The email couldn't be delivered to the recipient\u2019s mail server because a temporary issue occurred. Delivery delays can occur, for example, when the recipient's inbox is full, or when the receiving email server experiences a transient issue.\n- `SUBSCRIPTION` - The email was successfully delivered, but the recipient updated their subscription preferences by clicking on an *unsubscribe* link as part of your [subscription management](https://docs.aws.amazon.com/ses/latest/dg/sending-email-subscription-management.html) .", + "title": "MatchingEventTypes", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the event destination. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", + "title": "Name", "type": "string" }, - "VPCRegion": { - "markdownDescription": "*Private hosted zones only:* The region that an Amazon VPC was created in.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCRegion", + "SnsDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.SnsDestination", + "markdownDescription": "An object that contains the topic ARN associated with an Amazon Simple Notification Service (Amazon SNS) event destination.", + "title": "SnsDestination" + } + }, + "required": [ + "MatchingEventTypes" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "additionalProperties": false, + "properties": { + "DeliveryStreamARN": { + "markdownDescription": "The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to.", + "title": "DeliveryStreamARN", + "type": "string" + }, + "IAMRoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the Amazon SES API v2 uses to send email events to the Amazon Kinesis Data Firehose stream.", + "title": "IAMRoleARN", "type": "string" } }, "required": [ - "VPCId", - "VPCRegion" + "DeliveryStreamARN", + "IAMRoleARN" ], "type": "object" }, - "AWS::Route53::KeySigningKey": { + "AWS::SES::ConfigurationSetEventDestination.SnsDestination": { + "additionalProperties": false, + "properties": { + "TopicARN": { + "markdownDescription": "The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicARN", + "type": "string" + } + }, + "required": [ + "TopicARN" + ], + "type": "object" + }, + "AWS::SES::ContactList": { "additionalProperties": false, "properties": { "Condition": { @@ -232032,38 +283141,38 @@ "Properties": { "additionalProperties": false, "properties": { - "HostedZoneId": { - "markdownDescription": "The unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", - "title": "HostedZoneId", + "ContactListName": { + "markdownDescription": "The name of the contact list.", + "title": "ContactListName", "type": "string" }, - "KeyManagementServiceArn": { - "markdownDescription": "The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The `KeyManagementServiceArn` must be unique for each key-signing key (KSK) in a single hosted zone. For example: `arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111` .", - "title": "KeyManagementServiceArn", + "Description": { + "markdownDescription": "A description of what the contact list is about.", + "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "A string used to identify a key-signing key (KSK). `Name` can include numbers, letters, and underscores (_). `Name` must be unique for each key-signing key in the same hosted zone.", - "title": "Name", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with a contact list.", + "title": "Tags", + "type": "array" }, - "Status": { - "markdownDescription": "A string that represents the current key-signing key (KSK) status.\n\nStatus can have one of the following values:\n\n- **ACTIVE** - The KSK is being used for signing.\n- **INACTIVE** - The KSK is not being used for signing.\n- **DELETING** - The KSK is in the process of being deleted.\n- **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed.\n- **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.", - "title": "Status", - "type": "string" + "Topics": { + "items": { + "$ref": "#/definitions/AWS::SES::ContactList.Topic" + }, + "markdownDescription": "An interest group, theme, or label within a list. A contact list can have multiple topics.", + "title": "Topics", + "type": "array" } }, - "required": [ - "HostedZoneId", - "KeyManagementServiceArn", - "Name", - "Status" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::KeySigningKey" + "AWS::SES::ContactList" ], "type": "string" }, @@ -232077,12 +283186,42 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53::RecordSet": { + "AWS::SES::ContactList.Topic": { + "additionalProperties": false, + "properties": { + "DefaultSubscriptionStatus": { + "markdownDescription": "The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic.", + "title": "DefaultSubscriptionStatus", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of what the topic is about, which the contact will see.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the topic the contact will see.", + "title": "DisplayName", + "type": "string" + }, + "TopicName": { + "markdownDescription": "The name of the topic.", + "title": "TopicName", + "type": "string" + } + }, + "required": [ + "DefaultSubscriptionStatus", + "DisplayName", + "TopicName" + ], + "type": "object" + }, + "AWS::SES::DedicatedIpPool": { "additionalProperties": false, "properties": { "Condition": { @@ -232117,104 +283256,30 @@ "Properties": { "additionalProperties": false, "properties": { - "AliasTarget": { - "$ref": "#/definitions/AWS::Route53::RecordSet.AliasTarget", - "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", - "title": "AliasTarget" - }, - "CidrRoutingConfig": { - "$ref": "#/definitions/AWS::Route53::RecordSet.CidrRoutingConfig", - "markdownDescription": "The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.\n\nA `LocationName` with an asterisk \u201c*\u201d can be used to create a default CIDR record. `CollectionId` is still required for default record.", - "title": "CidrRoutingConfig" - }, - "Comment": { - "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", - "title": "Comment", - "type": "string" - }, - "Failover": { - "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", - "title": "Failover", - "type": "string" - }, - "GeoLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSet.GeoLocation", - "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", - "title": "GeoLocation" - }, - "GeoProximityLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSet.GeoProximityLocation", - "markdownDescription": "*GeoproximityLocation resource record sets only:* A complex type that lets you control how Route\u00a053 responds to DNS queries based on the geographic origin of the query and your resources.", - "title": "GeoProximityLocation" - }, - "HealthCheckId": { - "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", - "title": "HealthCheckId", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneId", - "type": "string" - }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an AWS::Route53::RecordSet that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", - "type": "string" - }, - "MultiValueAnswer": { - "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", - "title": "MultiValueAnswer", - "type": "boolean" - }, - "Name": { - "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", - "title": "Name", + "PoolName": { + "markdownDescription": "The name of the dedicated IP pool that the IP address is associated with.", + "title": "PoolName", "type": "string" }, - "Region": { - "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", - "title": "Region", + "ScalingMode": { + "markdownDescription": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", + "title": "ScalingMode", "type": "string" }, - "ResourceRecords": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more values that correspond with the value that you specified for the `Type` property. For example, if you specified `A` for `Type` , you specify one or more IP addresses in IPv4 format for `ResourceRecords` . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nNote the following:\n\n- You can specify more than one value for all record types except CNAME and SOA.\n- The maximum length of a value is 4000 characters.\n- If you're creating an alias record, omit `ResourceRecords` .", - "title": "ResourceRecords", + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the pool.", + "title": "Tags", "type": "array" - }, - "SetIdentifier": { - "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", - "title": "SetIdentifier", - "type": "string" - }, - "TTL": { - "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", - "title": "TTL", - "type": "string" - }, - "Type": { - "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "Type", - "type": "string" - }, - "Weight": { - "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Weight", - "type": "number" } }, - "required": [ - "Name", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::RecordSet" + "AWS::SES::DedicatedIpPool" ], "type": "string" }, @@ -232228,124 +283293,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Route53::RecordSet.AliasTarget": { - "additionalProperties": false, - "properties": { - "DNSName": { - "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "DNSName", - "type": "string" - }, - "EvaluateTargetHealth": { - "markdownDescription": "*Applies only to alias, failover alias, geolocation alias, latency alias, and weighted alias resource record sets:* When `EvaluateTargetHealth` is `true` , an alias resource record set inherits the health of the referenced AWS resource, such as an ELB load balancer or another resource record set in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", - "title": "EvaluateTargetHealth", - "type": "boolean" - }, - "HostedZoneId": { - "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing Endpoints and Quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", - "title": "HostedZoneId", - "type": "string" - } - }, - "required": [ - "DNSName", - "HostedZoneId" - ], - "type": "object" - }, - "AWS::Route53::RecordSet.CidrRoutingConfig": { - "additionalProperties": false, - "properties": { - "CollectionId": { - "markdownDescription": "The CIDR collection ID.", - "title": "CollectionId", - "type": "string" - }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", - "type": "string" - } - }, - "required": [ - "CollectionId", - "LocationName" - ], - "type": "object" - }, - "AWS::Route53::RecordSet.Coordinates": { - "additionalProperties": false, - "properties": { - "Latitude": { - "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", - "title": "Longitude", - "type": "string" - } - }, - "required": [ - "Latitude", - "Longitude" + "Type" ], "type": "object" }, - "AWS::Route53::RecordSet.GeoLocation": { - "additionalProperties": false, - "properties": { - "ContinentCode": { - "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", - "title": "ContinentCode", - "type": "string" - }, - "CountryCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", - "title": "CountryCode", - "type": "string" - }, - "SubdivisionCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", - "title": "SubdivisionCode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Route53::RecordSet.GeoProximityLocation": { - "additionalProperties": false, - "properties": { - "AWSRegion": { - "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", - "title": "AWSRegion", - "type": "string" - }, - "Bias": { - "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", - "title": "Bias", - "type": "number" - }, - "Coordinates": { - "$ref": "#/definitions/AWS::Route53::RecordSet.Coordinates", - "markdownDescription": "Contains the longitude and latitude for a geographic region.", - "title": "Coordinates" - }, - "LocalZoneGroup": { - "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", - "title": "LocalZoneGroup", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Route53::RecordSetGroup": { + "AWS::SES::EmailIdentity": { "additionalProperties": false, "properties": { "Condition": { @@ -232380,35 +283332,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", - "title": "Comment", - "type": "string" + "ConfigurationSetAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.ConfigurationSetAttributes", + "markdownDescription": "Used to associate a configuration set with an email identity.", + "title": "ConfigurationSetAttributes" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneId", - "type": "string" + "DkimAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimAttributes", + "markdownDescription": "An object that contains information about the DKIM attributes for the identity.", + "title": "DkimAttributes" }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", + "DkimSigningAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimSigningAttributes", + "markdownDescription": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", + "title": "DkimSigningAttributes" + }, + "EmailIdentity": { + "markdownDescription": "The email address or domain to verify.", + "title": "EmailIdentity", "type": "string" }, - "RecordSets": { + "FeedbackAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.FeedbackAttributes", + "markdownDescription": "Used to enable or disable feedback forwarding for an identity.", + "title": "FeedbackAttributes" + }, + "MailFromAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.MailFromAttributes", + "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", + "title": "MailFromAttributes" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", - "title": "RecordSets", + "markdownDescription": "An array of objects that define the tags (keys and values) to associate with the email identity.", + "title": "Tags", "type": "array" } }, + "required": [ + "EmailIdentity" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::RecordSetGroup" + "AWS::SES::EmailIdentity" ], "type": "string" }, @@ -232422,216 +283392,82 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Route53::RecordSetGroup.AliasTarget": { - "additionalProperties": false, - "properties": { - "DNSName": { - "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "DNSName", - "type": "string" - }, - "EvaluateTargetHealth": { - "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", - "title": "EvaluateTargetHealth", - "type": "boolean" - }, - "HostedZoneId": { - "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", - "title": "HostedZoneId", - "type": "string" - } - }, - "required": [ - "DNSName", - "HostedZoneId" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { + "AWS::SES::EmailIdentity.ConfigurationSetAttributes": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "The CIDR collection ID.", - "title": "CollectionId", - "type": "string" - }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", + "ConfigurationSetName": { + "markdownDescription": "The configuration set to associate with an email identity.", + "title": "ConfigurationSetName", "type": "string" } }, - "required": [ - "CollectionId", - "LocationName" - ], "type": "object" }, - "AWS::Route53::RecordSetGroup.Coordinates": { + "AWS::SES::EmailIdentity.DkimAttributes": { "additionalProperties": false, "properties": { - "Latitude": { - "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", - "title": "Longitude", - "type": "string" + "SigningEnabled": { + "markdownDescription": "Sets the DKIM signing configuration for the identity.\n\nWhen you set this value `true` , then the messages that are sent from the identity are signed using DKIM. If you set this value to `false` , your messages are sent without DKIM signing.", + "title": "SigningEnabled", + "type": "boolean" } }, - "required": [ - "Latitude", - "Longitude" - ], "type": "object" }, - "AWS::Route53::RecordSetGroup.GeoLocation": { + "AWS::SES::EmailIdentity.DkimSigningAttributes": { "additionalProperties": false, "properties": { - "ContinentCode": { - "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", - "title": "ContinentCode", + "DomainSigningPrivateKey": { + "markdownDescription": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature.\n\nThe private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.\n\n> Rather than embedding sensitive information directly in your CFN templates, we recommend you use dynamic parameters in the stack template to reference sensitive information that is stored and managed outside of CFN, such as in the AWS Systems Manager Parameter Store or AWS Secrets Manager.\n> \n> For more information, see the [Do not embed credentials in your templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) best practice.", + "title": "DomainSigningPrivateKey", "type": "string" }, - "CountryCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", - "title": "CountryCode", + "DomainSigningSelector": { + "markdownDescription": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain.", + "title": "DomainSigningSelector", "type": "string" }, - "SubdivisionCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", - "title": "SubdivisionCode", + "NextSigningKeyLength": { + "markdownDescription": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.\n\nValid Values: `RSA_1024_BIT | RSA_2048_BIT`", + "title": "NextSigningKeyLength", "type": "string" } }, "type": "object" }, - "AWS::Route53::RecordSetGroup.GeoProximityLocation": { + "AWS::SES::EmailIdentity.FeedbackAttributes": { "additionalProperties": false, "properties": { - "AWSRegion": { - "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", - "title": "AWSRegion", - "type": "string" - }, - "Bias": { - "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", - "title": "Bias", - "type": "number" - }, - "Coordinates": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", - "markdownDescription": "Contains the longitude and latitude for a geographic region.", - "title": "Coordinates" - }, - "LocalZoneGroup": { - "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", - "title": "LocalZoneGroup", - "type": "string" + "EmailForwardingEnabled": { + "markdownDescription": "Sets the feedback forwarding configuration for the identity.\n\nIf the value is `true` , you receive email notifications when bounce or complaint events occur. These notifications are sent to the address that you specified in the `Return-Path` header of the original email.\n\nYou're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications (for example, by setting up an event destination), you receive an email notification when these events occur (even if this setting is disabled).", + "title": "EmailForwardingEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::Route53::RecordSetGroup.RecordSet": { + "AWS::SES::EmailIdentity.MailFromAttributes": { "additionalProperties": false, "properties": { - "AliasTarget": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", - "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", - "title": "AliasTarget" - }, - "CidrRoutingConfig": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", - "markdownDescription": "", - "title": "CidrRoutingConfig" - }, - "Failover": { - "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", - "title": "Failover", - "type": "string" - }, - "GeoLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", - "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", - "title": "GeoLocation" - }, - "GeoProximityLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", - "markdownDescription": "A complex type that contains information about a geographic location.", - "title": "GeoProximityLocation" - }, - "HealthCheckId": { - "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", - "title": "HealthCheckId", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", - "title": "HostedZoneId", - "type": "string" - }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", - "type": "string" - }, - "MultiValueAnswer": { - "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", - "title": "MultiValueAnswer", - "type": "boolean" - }, - "Name": { - "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", - "title": "Region", - "type": "string" - }, - "ResourceRecords": { - "items": { - "type": "string" - }, - "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", - "title": "ResourceRecords", - "type": "array" - }, - "SetIdentifier": { - "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", - "title": "SetIdentifier", - "type": "string" - }, - "TTL": { - "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", - "title": "TTL", + "BehaviorOnMxFailure": { + "markdownDescription": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", + "title": "BehaviorOnMxFailure", "type": "string" }, - "Type": { - "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "Type", + "MailFromDomain": { + "markdownDescription": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails.", + "title": "MailFromDomain", "type": "string" - }, - "Weight": { - "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Weight", - "type": "number" } }, - "required": [ - "Name", - "Type" - ], "type": "object" }, - "AWS::Route53Profiles::Profile": { + "AWS::SES::MailManagerAddonInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -232666,28 +283502,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the Profile.", - "title": "Name", + "AddonSubscriptionId": { + "markdownDescription": "The subscription ID for the instance.", + "title": "AddonSubscriptionId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the profile.", + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "AddonSubscriptionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Profiles::Profile" + "AWS::SES::MailManagerAddonInstance" ], "type": "string" }, @@ -232706,7 +283542,7 @@ ], "type": "object" }, - "AWS::Route53Profiles::ProfileAssociation": { + "AWS::SES::MailManagerAddonSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -232741,45 +283577,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the profile association to a VPC.", - "title": "Arn", - "type": "string" - }, - "Name": { - "markdownDescription": "Name of the Profile association.", - "title": "Name", - "type": "string" - }, - "ProfileId": { - "markdownDescription": "ID of the Profile.\n\nUpdate to this property requires update to the `ResourceId` property as well, because you can only associate one Profile per VPC. For more information, see [Route 53 Profiles](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html) .", - "title": "ProfileId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the VPC.", - "title": "ResourceId", + "AddonName": { + "markdownDescription": "The name of the Add On to subscribe to. You can only have one subscription for each Add On name.\n\nValid Values: `TRENDMICRO_VSAPI | SPAMHAUS_DBL | ABUSIX_MAIL_INTELLIGENCE`", + "title": "AddonName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "ProfileId", - "ResourceId" + "AddonName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Profiles::ProfileAssociation" + "AWS::SES::MailManagerAddonSubscription" ], "type": "string" }, @@ -232798,7 +283617,7 @@ ], "type": "object" }, - "AWS::Route53Profiles::ProfileResourceAssociation": { + "AWS::SES::MailManagerAddressList": { "additionalProperties": false, "properties": { "Condition": { @@ -232833,37 +283652,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the Profile resource association.", - "title": "Name", - "type": "string" - }, - "ProfileId": { - "markdownDescription": "Profile ID of the Profile that the resources are associated with.", - "title": "ProfileId", - "type": "string" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource association.", - "title": "ResourceArn", + "AddressListName": { + "markdownDescription": "", + "title": "AddressListName", "type": "string" }, - "ResourceProperties": { - "markdownDescription": "If the DNS resource is a DNS Firewall rule group, this indicates the priority.", - "title": "ResourceProperties", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, - "required": [ - "Name", - "ProfileId", - "ResourceArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Profiles::ProfileResourceAssociation" + "AWS::SES::MailManagerAddressList" ], "type": "string" }, @@ -232877,12 +283684,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53RecoveryControl::Cluster": { + "AWS::SES::MailManagerArchive": { "additionalProperties": false, "properties": { "Condition": { @@ -232917,28 +283723,35 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon).", - "title": "Name", + "ArchiveName": { + "markdownDescription": "A unique name for the new archive.", + "title": "ArchiveName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key for encrypting emails in the archive.", + "title": "KmsKeyArn", "type": "string" }, + "Retention": { + "$ref": "#/definitions/AWS::SES::MailManagerArchive.ArchiveRetention", + "markdownDescription": "The period for retaining emails in the archive before automatic deletion.", + "title": "Retention" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the cluster.", + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53RecoveryControl::Cluster" + "AWS::SES::MailManagerArchive" ], "type": "string" }, @@ -232952,28 +283765,25 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { + "AWS::SES::MailManagerArchive.ArchiveRetention": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "A cluster endpoint URL for one of the five redundant clusters that you specify to set or retrieve a routing control state.", - "title": "Endpoint", - "type": "string" - }, - "Region": { - "markdownDescription": "The AWS Region for a cluster endpoint.", - "title": "Region", + "RetentionPeriod": { + "markdownDescription": "The enum value sets the period for retaining emails in an archive.", + "title": "RetentionPeriod", "type": "string" } }, + "required": [ + "RetentionPeriod" + ], "type": "object" }, - "AWS::Route53RecoveryControl::ControlPanel": { + "AWS::SES::MailManagerIngressPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -233008,33 +283818,60 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster for the control panel.", - "title": "ClusterArn", + "IngressPointConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.IngressPointConfiguration", + "markdownDescription": "The configuration of the ingress endpoint resource.", + "title": "IngressPointConfiguration" + }, + "IngressPointName": { + "markdownDescription": "A user friendly name for an ingress endpoint resource.", + "title": "IngressPointName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the control panel. You can use any non-white space character in the name.", - "title": "Name", + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.NetworkConfiguration", + "markdownDescription": "The network type (IPv4-only, Dual-Stack, PrivateLink) of the ingress endpoint resource.", + "title": "NetworkConfiguration" + }, + "RuleSetId": { + "markdownDescription": "The identifier of an existing rule set that you attach to an ingress endpoint resource.", + "title": "RuleSetId", + "type": "string" + }, + "StatusToUpdate": { + "markdownDescription": "The update status of an ingress endpoint.", + "title": "StatusToUpdate", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the control panel.", + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "TrafficPolicyId": { + "markdownDescription": "The identifier of an existing traffic policy that you attach to an ingress endpoint resource.", + "title": "TrafficPolicyId", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the ingress endpoint to create.", + "title": "Type", + "type": "string" } }, "required": [ - "Name" + "RuleSetId", + "TrafficPolicyId", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53RecoveryControl::ControlPanel" + "AWS::SES::MailManagerIngressPoint" ], "type": "string" }, @@ -233053,7 +283890,67 @@ ], "type": "object" }, - "AWS::Route53RecoveryControl::RoutingControl": { + "AWS::SES::MailManagerIngressPoint.IngressPointConfiguration": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "The SecretsManager::Secret ARN of the ingress endpoint resource.", + "title": "SecretArn", + "type": "string" + }, + "SmtpPassword": { + "markdownDescription": "The password of the ingress endpoint resource.", + "title": "SmtpPassword", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerIngressPoint.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "PrivateNetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.PrivateNetworkConfiguration", + "markdownDescription": "Specifies the network configuration for the private ingress point.", + "title": "PrivateNetworkConfiguration" + }, + "PublicNetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.PublicNetworkConfiguration", + "markdownDescription": "Specifies the network configuration for the public ingress point.", + "title": "PublicNetworkConfiguration" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerIngressPoint.PrivateNetworkConfiguration": { + "additionalProperties": false, + "properties": { + "VpcEndpointId": { + "markdownDescription": "The identifier of the VPC endpoint to associate with this private ingress point.", + "title": "VpcEndpointId", + "type": "string" + } + }, + "required": [ + "VpcEndpointId" + ], + "type": "object" + }, + "AWS::SES::MailManagerIngressPoint.PublicNetworkConfiguration": { + "additionalProperties": false, + "properties": { + "IpType": { + "markdownDescription": "The IP address type for the public ingress point. Valid values are IPV4 and DUAL_STACK.", + "title": "IpType", + "type": "object" + } + }, + "required": [ + "IpType" + ], + "type": "object" + }, + "AWS::SES::MailManagerRelay": { "additionalProperties": false, "properties": { "Condition": { @@ -233088,30 +283985,45 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster that hosts the routing control.", - "title": "ClusterArn", - "type": "string" + "Authentication": { + "$ref": "#/definitions/AWS::SES::MailManagerRelay.RelayAuthentication", + "markdownDescription": "Authentication for the relay destination server\u2014specify the secretARN where the SMTP credentials are stored.", + "title": "Authentication" }, - "ControlPanelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control panel that includes the routing control.", - "title": "ControlPanelArn", + "RelayName": { + "markdownDescription": "The unique relay name.", + "title": "RelayName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the routing control. You can use any non-white space character in the name.", - "title": "Name", + "ServerName": { + "markdownDescription": "The destination relay server address.", + "title": "ServerName", "type": "string" + }, + "ServerPort": { + "markdownDescription": "The destination relay server port.", + "title": "ServerPort", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "Authentication", + "ServerName", + "ServerPort" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53RecoveryControl::RoutingControl" + "AWS::SES::MailManagerRelay" ], "type": "string" }, @@ -233130,7 +284042,23 @@ ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule": { + "AWS::SES::MailManagerRelay.RelayAuthentication": { + "additionalProperties": false, + "properties": { + "NoAuthentication": { + "markdownDescription": "Keep an empty structure if the relay destination server does not require SMTP credential authentication.", + "title": "NoAuthentication", + "type": "object" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret created in secrets manager where the relay server's SMTP credentials are stored.", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet": { "additionalProperties": false, "properties": { "Condition": { @@ -233165,50 +284093,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AssertionRule": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.AssertionRule", - "markdownDescription": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.", - "title": "AssertionRule" - }, - "ControlPanelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control panel.", - "title": "ControlPanelArn", - "type": "string" - }, - "GatingRule": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.GatingRule", - "markdownDescription": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.", - "title": "GatingRule" - }, - "Name": { - "markdownDescription": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon)", - "title": "Name", + "RuleSetName": { + "markdownDescription": "A user-friendly name for the rule set.", + "title": "RuleSetName", "type": "string" }, - "RuleConfig": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.RuleConfig", - "markdownDescription": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them.", - "title": "RuleConfig" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Rule" + }, + "markdownDescription": "Conditional rules that are evaluated for determining actions on email.", + "title": "Rules", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the safety rule.", + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "ControlPanelArn", - "Name", - "RuleConfig" + "Rules" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53RecoveryControl::SafetyRule" + "AWS::SES::MailManagerRuleSet" ], "type": "string" }, @@ -233227,322 +284141,644 @@ ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.AssertionRule": { + "AWS::SES::MailManagerRuleSet.AddHeaderAction": { "additionalProperties": false, "properties": { - "AssertedControls": { - "items": { - "type": "string" - }, - "markdownDescription": "The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions.", - "title": "AssertedControls", - "type": "array" + "HeaderName": { + "markdownDescription": "The name of the header to add to an email. The header must be prefixed with \"X-\". Headers are added regardless of whether the header name pre-existed in the email.", + "title": "HeaderName", + "type": "string" }, - "WaitPeriodMs": { - "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", - "title": "WaitPeriodMs", - "type": "number" + "HeaderValue": { + "markdownDescription": "The value of the header to add to the email.", + "title": "HeaderValue", + "type": "string" } }, "required": [ - "AssertedControls", - "WaitPeriodMs" + "HeaderName", + "HeaderValue" ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.GatingRule": { + "AWS::SES::MailManagerRuleSet.Analysis": { "additionalProperties": false, "properties": { - "GatingControls": { + "Analyzer": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Add On.", + "title": "Analyzer", + "type": "string" + }, + "ResultField": { + "markdownDescription": "The returned value from an Add On.", + "title": "ResultField", + "type": "string" + } + }, + "required": [ + "Analyzer", + "ResultField" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.ArchiveAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified archive has been deleted.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "TargetArchive": { + "markdownDescription": "The identifier of the archive to send the email to.", + "title": "TargetArchive", + "type": "string" + } + }, + "required": [ + "TargetArchive" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.DeliverToMailboxAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the mailbox ARN is no longer valid.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "MailboxArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a WorkMail organization to deliver the email to.", + "title": "MailboxArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role to use to execute this action. The role must have access to the workmail:DeliverToMailbox API.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "MailboxArn", + "RoleArn" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.DeliverToQBusinessAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified application has been deleted or the role lacks necessary permissions to call the `qbusiness:BatchPutDocument` API.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application instance where the email content will be delivered.", + "title": "ApplicationId", + "type": "string" + }, + "IndexId": { + "markdownDescription": "The identifier of the knowledge base index within the Amazon Q Business application where the email content will be stored and indexed.", + "title": "IndexId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while delivering to Amazon Q Business. This role must have access to the `qbusiness:BatchPutDocument` API for the given application and index.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "IndexId", + "RoleArn" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RelayAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified relay has been deleted.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "MailFrom": { + "markdownDescription": "This action specifies whether to preserve or replace original mail from address while relaying received emails to a destination server.", + "title": "MailFrom", + "type": "string" + }, + "Relay": { + "markdownDescription": "The identifier of the relay resource to be used when relaying an email.", + "title": "Relay", + "type": "string" + } + }, + "required": [ + "Relay" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.ReplaceRecipientAction": { + "additionalProperties": false, + "properties": { + "ReplaceWith": { "items": { "type": "string" }, - "markdownDescription": "An array of gating routing control Amazon Resource Names (ARNs). For a simple on-off switch, specify the ARN for one routing control. The gating routing controls are evaluated by the rule configuration that you specify to determine if the target routing control states can be changed.", - "title": "GatingControls", + "markdownDescription": "This action specifies the replacement recipient email addresses to insert.", + "title": "ReplaceWith", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.Rule": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleAction" + }, + "markdownDescription": "The list of actions to execute when the conditions match the incoming email, and none of the \"unless conditions\" match.", + "title": "Actions", "type": "array" }, - "TargetControls": { + "Conditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleCondition" }, - "markdownDescription": "An array of target routing control Amazon Resource Names (ARNs) for which the states can only be updated if the rule configuration that you specify evaluates to true for the gating routing control. As a simple example, if you have a single gating control, it acts as an overall on-off switch for a set of target routing controls. You can use this to manually override automated failover, for example.", - "title": "TargetControls", + "markdownDescription": "The conditions of this rule. All conditions must match the email for the actions to be executed. An empty list of conditions means that all emails match, but are still subject to any \"unless conditions\"", + "title": "Conditions", "type": "array" }, - "WaitPeriodMs": { - "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", - "title": "WaitPeriodMs", - "type": "number" + "Name": { + "markdownDescription": "The user-friendly name of the rule.", + "title": "Name", + "type": "string" + }, + "Unless": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleCondition" + }, + "markdownDescription": "The \"unless conditions\" of this rule. None of the conditions can match the email for the actions to be executed. If any of these conditions do match the email, then the actions are not executed.", + "title": "Unless", + "type": "array" } }, "required": [ - "GatingControls", - "TargetControls", - "WaitPeriodMs" + "Actions" ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.RuleConfig": { + "AWS::SES::MailManagerRuleSet.RuleAction": { "additionalProperties": false, "properties": { - "Inverted": { - "markdownDescription": "Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa.", - "title": "Inverted", - "type": "boolean" + "AddHeader": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.AddHeaderAction", + "markdownDescription": "This action adds a header. This can be used to add arbitrary email headers.", + "title": "AddHeader" }, - "Threshold": { - "markdownDescription": "The value of N, when you specify an `ATLEAST` rule type. That is, `Threshold` is the number of controls that must be set when you specify an `ATLEAST` type.", - "title": "Threshold", - "type": "number" + "Archive": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.ArchiveAction", + "markdownDescription": "This action archives the email. This can be used to deliver an email to an archive.", + "title": "Archive" }, - "Type": { - "markdownDescription": "A rule can be one of the following: `ATLEAST` , `AND` , or `OR` .", - "title": "Type", + "DeliverToMailbox": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.DeliverToMailboxAction", + "markdownDescription": "This action delivers an email to a WorkMail mailbox.", + "title": "DeliverToMailbox" + }, + "DeliverToQBusiness": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.DeliverToQBusinessAction", + "markdownDescription": "This action delivers an email to an Amazon Q Business application for ingestion into its knowledge base.", + "title": "DeliverToQBusiness" + }, + "Drop": { + "markdownDescription": "This action terminates the evaluation of rules in the rule set.", + "title": "Drop", + "type": "object" + }, + "PublishToSns": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.SnsAction", + "markdownDescription": "This action publishes the email content to an Amazon SNS topic.", + "title": "PublishToSns" + }, + "Relay": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RelayAction", + "markdownDescription": "This action relays the email to another SMTP server.", + "title": "Relay" + }, + "ReplaceRecipient": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.ReplaceRecipientAction", + "markdownDescription": "The action replaces certain or all recipients with a different set of recipients.", + "title": "ReplaceRecipient" + }, + "Send": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.SendAction", + "markdownDescription": "This action sends the email to the internet.", + "title": "Send" + }, + "WriteToS3": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.S3Action", + "markdownDescription": "This action writes the MIME content of the email to an S3 bucket.", + "title": "WriteToS3" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleBooleanExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleBooleanToEvaluate", + "markdownDescription": "The operand on which to perform a boolean condition operation.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a boolean condition expression.", + "title": "Operator", "type": "string" } }, "required": [ - "Inverted", - "Threshold", - "Type" + "Evaluate", + "Operator" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::Cell": { + "AWS::SES::MailManagerRuleSet.RuleBooleanToEvaluate": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a boolean condition expression.", + "title": "Analysis" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Attribute": { + "markdownDescription": "The boolean type representing the allowed attribute types for an email.", + "title": "Attribute", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "IsInAddressList": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIsInAddressList", + "markdownDescription": "The structure representing the address lists and address list attribute that will be used in evaluation of boolean expression.", + "title": "IsInAddressList" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleCondition": { + "additionalProperties": false, + "properties": { + "BooleanExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleBooleanExpression", + "markdownDescription": "The condition applies to a boolean expression passed in this field.", + "title": "BooleanExpression" }, - "Metadata": { - "type": "object" + "DmarcExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleDmarcExpression", + "markdownDescription": "The condition applies to a DMARC policy expression passed in this field.", + "title": "DmarcExpression" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CellName": { - "markdownDescription": "The name of the cell to create.", - "title": "CellName", - "type": "string" - }, - "Cells": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific AWS Regions .", - "title": "Cells", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } + "IpExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIpExpression", + "markdownDescription": "The condition applies to an IP address expression passed in this field.", + "title": "IpExpression" + }, + "NumberExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleNumberExpression", + "markdownDescription": "The condition applies to a number expression passed in this field.", + "title": "NumberExpression" + }, + "StringExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleStringExpression", + "markdownDescription": "The condition applies to a string expression passed in this field.", + "title": "StringExpression" + }, + "VerdictExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleVerdictExpression", + "markdownDescription": "The condition applies to a verdict expression passed in this field.", + "title": "VerdictExpression" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleDmarcExpression": { + "additionalProperties": false, + "properties": { + "Operator": { + "markdownDescription": "The operator to apply to the DMARC policy of the incoming email.", + "title": "Operator", + "type": "string" + }, + "Values": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "The values to use for the given DMARC policy operator. For the operator EQUALS, if multiple values are given, they are evaluated as an OR. That is, if any of the given values match, the condition is deemed to match. For the operator NOT_EQUALS, if multiple values are given, they are evaluated as an AND. That is, only if the email's DMARC policy is not equal to any of the given values, then the condition is deemed to match.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleIpExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIpToEvaluate", + "markdownDescription": "The IP address to evaluate in this condition.", + "title": "Evaluate" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::Cell" - ], + "Operator": { + "markdownDescription": "The operator to evaluate the IP address.", + "title": "Operator", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The IP CIDR blocks in format \"x.y.z.w/n\" (eg 10.0.0.0/8) to match with the email's IP address. For the operator CIDR_MATCHES, if multiple values are given, they are evaluated as an OR. That is, if the IP address is contained within any of the given CIDR ranges, the condition is deemed to match. For NOT_CIDR_MATCHES, if multiple CIDR ranges are given, the condition is deemed to match if the IP address is not contained in any of the given CIDR ranges.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleIpToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The attribute of the email to evaluate.", + "title": "Attribute", "type": "string" } }, "required": [ - "Type" + "Attribute" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ReadinessCheck": { + "AWS::SES::MailManagerRuleSet.RuleIsInAddressList": { "additionalProperties": false, "properties": { - "Condition": { + "AddressLists": { + "items": { + "type": "string" + }, + "markdownDescription": "The address lists that will be used for evaluation.", + "title": "AddressLists", + "type": "array" + }, + "Attribute": { + "markdownDescription": "The email attribute that needs to be evaluated against the address list.", + "title": "Attribute", "type": "string" + } + }, + "required": [ + "AddressLists", + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleNumberExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleNumberToEvaluate", + "markdownDescription": "The number to evaluate in a numeric condition expression.", + "title": "Evaluate" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Operator": { + "markdownDescription": "The operator for a numeric condition expression.", + "title": "Operator", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Value": { + "markdownDescription": "The value to evaluate in a numeric condition expression.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Evaluate", + "Operator", + "Value" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleNumberToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "An email attribute that is used as the number to evaluate.", + "title": "Attribute", + "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleStringExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleStringToEvaluate", + "markdownDescription": "The string to evaluate in a string condition expression.", + "title": "Evaluate" }, - "Metadata": { - "type": "object" + "Operator": { + "markdownDescription": "The matching operator for a string condition expression.", + "title": "Operator", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ReadinessCheckName": { - "markdownDescription": "The name of the readiness check to create.", - "title": "ReadinessCheckName", - "type": "string" - }, - "ResourceSetName": { - "markdownDescription": "The name of the resource set to check.", - "title": "ResourceSetName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } + "Values": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "The string(s) to be evaluated in a string condition expression. For all operators, except for NOT_EQUALS, if multiple values are given, the values are processed as an OR. That is, if any of the values match the email's string using the given operator, the condition is deemed to match. However, for NOT_EQUALS, the condition is only deemed to match if none of the given strings match the email's string.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleStringToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a string condition expression.", + "title": "Analysis" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::ReadinessCheck" - ], + "Attribute": { + "markdownDescription": "The email attribute to evaluate in a string condition expression.", + "title": "Attribute", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MimeHeaderAttribute": { + "markdownDescription": "The email MIME X-Header attribute to evaluate in a string condition expression.", + "title": "MimeHeaderAttribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleVerdictExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleVerdictToEvaluate", + "markdownDescription": "The verdict to evaluate in a verdict condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a verdict condition expression.", + "title": "Operator", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to match with the email's verdict using the given operator. For the EQUALS operator, if multiple values are given, the condition is deemed to match if any of the given verdicts match that of the email. For the NOT_EQUALS operator, if multiple values are given, the condition is deemed to match of none of the given verdicts match the verdict of the email.", + "title": "Values", + "type": "array" } }, "required": [ - "Type" + "Evaluate", + "Operator", + "Values" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::RecoveryGroup": { + "AWS::SES::MailManagerRuleSet.RuleVerdictToEvaluate": { "additionalProperties": false, "properties": { - "Condition": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a verdict condition expression.", + "title": "Analysis" + }, + "Attribute": { + "markdownDescription": "The email verdict attribute to evaluate in a string verdict expression.", + "title": "Attribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.S3Action": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified the bucket has been deleted.", + "title": "ActionFailurePolicy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while writing to S3. This role must have access to the s3:PutObject, kms:Encrypt, and kms:GenerateDataKey APIs for the given bucket.", + "title": "RoleArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "S3Bucket": { + "markdownDescription": "The bucket name of the S3 bucket to write to.", + "title": "S3Bucket", + "type": "string" }, - "Metadata": { - "type": "object" + "S3Prefix": { + "markdownDescription": "The S3 prefix to use for the write to the s3 bucket.", + "title": "S3Prefix", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cells": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the cell Amazon Resource Names (ARNs) in the recovery group.", - "title": "Cells", - "type": "array" - }, - "RecoveryGroupName": { - "markdownDescription": "The name of the recovery group to create.", - "title": "RecoveryGroupName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "S3SseKmsKeyId": { + "markdownDescription": "The KMS Key ID to use to encrypt the message in S3.", + "title": "S3SseKmsKeyId", + "type": "string" + } + }, + "required": [ + "RoleArn", + "S3Bucket" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.SendAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the caller does not have the permissions to call the sendRawEmail API.", + "title": "ActionFailurePolicy", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::RecoveryGroup" - ], + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role to use for this action. This role must have access to the ses:SendRawEmail API.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.SnsAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, specified SNS topic has been deleted or the role lacks necessary permissions to call the `sns:Publish` API.", + "title": "ActionFailurePolicy", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Encoding": { + "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.", + "title": "Encoding", + "type": "string" + }, + "PayloadType": { + "markdownDescription": "The expected payload type within the Amazon SNS notification. `CONTENT` attempts to publish the full email content with 20KB of headers content. `HEADERS` extracts up to 100KB of header content to include in the notification, email content will not be included to the notification. The default value is `CONTENT` .", + "title": "PayloadType", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while writing to Amazon SNS. This role must have access to the `sns:Publish` API for the given topic.", + "title": "RoleArn", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.", + "title": "TopicArn", "type": "string" } }, "required": [ - "Type" + "RoleArn", + "TopicArn" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet": { + "AWS::SES::MailManagerTrafficPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -233577,42 +284813,47 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceSetName": { - "markdownDescription": "The name of the resource set to create.", - "title": "ResourceSetName", + "DefaultAction": { + "markdownDescription": "Default action instructs the tra\ufb03c policy to either Allow or Deny (block) messages that fall outside of (or not addressed by) the conditions of your policy statements", + "title": "DefaultAction", "type": "string" }, - "ResourceSetType": { - "markdownDescription": "The resource type of the resources in the resource set. Enter one of the following values for resource type:\n\nAWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource.\n\nNote that AWS::Route53RecoveryReadiness::DNSTargetResource is only used for this setting. It isn't an actual AWS CloudFormation resource type.", - "title": "ResourceSetType", - "type": "string" + "MaxMessageSizeBytes": { + "markdownDescription": "The maximum message size in bytes of email which is allowed in by this traffic policy\u2014anything larger will be blocked.", + "title": "MaxMessageSizeBytes", + "type": "number" }, - "Resources": { + "PolicyStatements": { "items": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.Resource" + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.PolicyStatement" }, - "markdownDescription": "A list of resource objects in the resource set.", - "title": "Resources", + "markdownDescription": "Conditional statements for filtering email traffic.", + "title": "PolicyStatements", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A tag to associate with the parameters for a resource set.", + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "TrafficPolicyName": { + "markdownDescription": "The name of the policy.\n\nThe policy name cannot exceed 64 characters and can only include alphanumeric characters, dashes, and underscores.", + "title": "TrafficPolicyName", + "type": "string" } }, "required": [ - "ResourceSetType", - "Resources" + "DefaultAction", + "PolicyStatements" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53RecoveryReadiness::ResourceSet" + "AWS::SES::MailManagerTrafficPolicy" ], "type": "string" }, @@ -233631,110 +284872,311 @@ ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { + "AWS::SES::MailManagerTrafficPolicy.IngressAnalysis": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name that acts as an ingress point to a portion of the customer application.", - "title": "DomainName", + "Analyzer": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Add On.", + "title": "Analyzer", "type": "string" }, - "HostedZoneArn": { - "markdownDescription": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.", - "title": "HostedZoneArn", + "ResultField": { + "markdownDescription": "The returned value from an Add On.", + "title": "ResultField", "type": "string" + } + }, + "required": [ + "Analyzer", + "ResultField" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressBooleanExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressBooleanToEvaluate", + "markdownDescription": "The operand on which to perform a boolean condition operation.", + "title": "Evaluate" }, - "RecordSetId": { - "markdownDescription": "The Amazon Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.", - "title": "RecordSetId", + "Operator": { + "markdownDescription": "The matching operator for a boolean condition expression.", + "title": "Operator", "type": "string" + } + }, + "required": [ + "Evaluate", + "Operator" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressBooleanToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressAnalysis", + "markdownDescription": "The structure type for a boolean condition stating the Add On ARN and its returned value.", + "title": "Analysis" }, - "RecordType": { - "markdownDescription": "The type of DNS record of the target resource.", - "title": "RecordType", + "IsInAddressList": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIsInAddressList", + "markdownDescription": "", + "title": "IsInAddressList" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "An enum type representing the allowed attribute types for an IP condition.", + "title": "Attribute", "type": "string" - }, - "TargetResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.TargetResource", - "markdownDescription": "The target resource that the Route 53 record points to.", - "title": "TargetResource" } }, + "required": [ + "Attribute" + ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.NLBResource": { + "AWS::SES::MailManagerTrafficPolicy.IngressIpv4Expression": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Network Load Balancer resource Amazon Resource Name (ARN).", - "title": "Arn", + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpToEvaluate", + "markdownDescription": "The left hand side argument of an IP condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for an IP condition expression.", + "title": "Operator", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The right hand side argument of an IP condition expression.", + "title": "Values", + "type": "array" } }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord": { + "AWS::SES::MailManagerTrafficPolicy.IngressIpv6Expression": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The DNS target domain name.", - "title": "DomainName", + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv6ToEvaluate", + "markdownDescription": "", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "", + "title": "Operator", "type": "string" }, - "RecordSetId": { - "markdownDescription": "The Amazon Route 53 Resource Record Set ID.", - "title": "RecordSetId", + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpv6ToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "", + "title": "Attribute", "type": "string" } }, + "required": [ + "Attribute" + ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.Resource": { + "AWS::SES::MailManagerTrafficPolicy.IngressIsInAddressList": { "additionalProperties": false, "properties": { - "ComponentId": { - "markdownDescription": "The component identifier of the resource, generated when DNS target resource is used.", - "title": "ComponentId", + "AddressLists": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "AddressLists", + "type": "array" + }, + "Attribute": { + "markdownDescription": "", + "title": "Attribute", "type": "string" + } + }, + "required": [ + "AddressLists", + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressStringExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressStringToEvaluate", + "markdownDescription": "The left hand side argument of a string condition expression.", + "title": "Evaluate" }, - "DnsTargetResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource", - "markdownDescription": "A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting.", - "title": "DnsTargetResource" + "Operator": { + "markdownDescription": "", + "title": "Operator", + "type": "string" }, - "ReadinessScopes": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "The recovery group Amazon Resource Name (ARN) or the cell ARN that the readiness checks for this resource set are scoped to.", - "title": "ReadinessScopes", + "markdownDescription": "The right hand side argument of a string condition expression.", + "title": "Values", "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressStringToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressAnalysis", + "markdownDescription": "", + "title": "Analysis" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS resource. This is a required setting for all `ResourceSet` `ResourceSetType` settings except `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set this when `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` .", - "title": "ResourceArn", + "Attribute": { + "markdownDescription": "The enum type representing the allowed attribute types for a string condition.", + "title": "Attribute", "type": "string" } }, "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.TargetResource": { + "AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolExpression": { "additionalProperties": false, "properties": { - "NLBResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.NLBResource", - "markdownDescription": "The Network Load Balancer resource that a DNS target resource points to.", - "title": "NLBResource" + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolToEvaluate", + "markdownDescription": "The left hand side argument of a TLS condition expression.", + "title": "Evaluate" }, - "R53Resource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord", - "markdownDescription": "The Route 53 resource that a DNS target resource record points to.", - "title": "R53Resource" + "Operator": { + "markdownDescription": "The matching operator for a TLS condition expression.", + "title": "Operator", + "type": "string" + }, + "Value": { + "markdownDescription": "The right hand side argument of a TLS condition expression.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Evaluate", + "Operator", + "Value" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The enum type representing the allowed attribute types for the TLS condition.", + "title": "Attribute", + "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.PolicyCondition": { + "additionalProperties": false, + "properties": { + "BooleanExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressBooleanExpression", + "markdownDescription": "This represents a boolean type condition matching on the incoming mail. It performs the boolean operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "BooleanExpression" + }, + "IpExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv4Expression", + "markdownDescription": "This represents an IP based condition matching on the incoming mail. It performs the operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "IpExpression" + }, + "Ipv6Expression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv6Expression", + "markdownDescription": "", + "title": "Ipv6Expression" + }, + "StringExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressStringExpression", + "markdownDescription": "This represents a string based condition matching on the incoming mail. It performs the string operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "StringExpression" + }, + "TlsExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolExpression", + "markdownDescription": "This represents a TLS based condition matching on the incoming mail. It performs the operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "TlsExpression" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.PolicyStatement": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action that informs a traffic policy resource to either allow or block the email if it matches a condition in the policy statement.", + "title": "Action", + "type": "string" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.PolicyCondition" + }, + "markdownDescription": "The list of conditions to apply to incoming messages for filtering email traffic.", + "title": "Conditions", + "type": "array" } }, + "required": [ + "Action", + "Conditions" + ], "type": "object" }, - "AWS::Route53Resolver::FirewallDomainList": { + "AWS::SES::ReceiptFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -233769,38 +285211,20 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainFileUrl": { - "markdownDescription": "The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import.\n\nThe file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line.", - "title": "DomainFileUrl", - "type": "string" - }, - "Domains": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the domain lists that you have defined.", - "title": "Domains", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the domain list.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the domain list.", - "title": "Tags", - "type": "array" + "Filter": { + "$ref": "#/definitions/AWS::SES::ReceiptFilter.Filter", + "markdownDescription": "A data structure that describes the IP address filter to create, which consists of a name, an IP address range, and whether to allow or block mail from it.", + "title": "Filter" } }, + "required": [ + "Filter" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::FirewallDomainList" + "AWS::SES::ReceiptFilter" ], "type": "string" }, @@ -233814,11 +285238,51 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroup": { + "AWS::SES::ReceiptFilter.Filter": { + "additionalProperties": false, + "properties": { + "IpFilter": { + "$ref": "#/definitions/AWS::SES::ReceiptFilter.IpFilter", + "markdownDescription": "A structure that provides the IP addresses to block or allow, and whether to block or allow incoming mail from them.", + "title": "IpFilter" + }, + "Name": { + "markdownDescription": "The name of the IP address filter. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "IpFilter" + ], + "type": "object" + }, + "AWS::SES::ReceiptFilter.IpFilter": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "A single IP address or a range of IP addresses to block or allow, specified in Classless Inter-Domain Routing (CIDR) notation. An example of a single email address is 10.0.0.1. An example of a range of IP addresses is 10.0.0.1/24. For more information about CIDR notation, see [RFC 2317](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2317) .", + "title": "Cidr", + "type": "string" + }, + "Policy": { + "markdownDescription": "Indicates whether to block or allow incoming mail from the specified IP addresses.", + "title": "Policy", + "type": "string" + } + }, + "required": [ + "Cidr", + "Policy" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule": { "additionalProperties": false, "properties": { "Condition": { @@ -233853,33 +285317,31 @@ "Properties": { "additionalProperties": false, "properties": { - "FirewallRules": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroup.FirewallRule" - }, - "markdownDescription": "A list of the rules that you have defined.", - "title": "FirewallRules", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the rule group.", - "title": "Name", + "After": { + "markdownDescription": "The name of an existing rule after which the new rule is placed. If this parameter is null, the new rule is inserted at the beginning of the rule list.", + "title": "After", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", - "title": "Tags", - "type": "array" + "Rule": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.Rule", + "markdownDescription": "A data structure that contains the specified rule's name, actions, recipients, domains, enabled status, scan status, and TLS policy.", + "title": "Rule" + }, + "RuleSetName": { + "markdownDescription": "The name of the rule set where the receipt rule is added.", + "title": "RuleSetName", + "type": "string" } }, + "required": [ + "Rule", + "RuleSetName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::FirewallRuleGroup" + "AWS::SES::ReceiptRule" ], "type": "string" }, @@ -233893,62 +285355,288 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { + "AWS::SES::ReceiptRule.Action": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advvanced rule:\n\n- `ALLOW` - Permit the request to go through. Not available for DNS Firewall Advanced rules.\n- `ALERT` - Permit the request to go through but send an alert to the logs.\n- `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified.\n\nif `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified:\n\n- `BlockOverrideDnsType`\n- `BlockOverrideDomain`\n- `BlockOverrideTtl`", - "title": "Action", + "AddHeaderAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.AddHeaderAction", + "markdownDescription": "Adds a header to the received email.", + "title": "AddHeaderAction" + }, + "BounceAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.BounceAction", + "markdownDescription": "Rejects the received email by returning a bounce response to the sender and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).", + "title": "BounceAction" + }, + "ConnectAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.ConnectAction", + "markdownDescription": "", + "title": "ConnectAction" + }, + "LambdaAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.LambdaAction", + "markdownDescription": "Calls an AWS Lambda function, and optionally, publishes a notification to Amazon SNS.", + "title": "LambdaAction" + }, + "S3Action": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.S3Action", + "markdownDescription": "Saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon SNS.", + "title": "S3Action" + }, + "SNSAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.SNSAction", + "markdownDescription": "Publishes the email content within a notification to Amazon SNS.", + "title": "SNSAction" + }, + "StopAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.StopAction", + "markdownDescription": "Terminates the evaluation of the receipt rule set and optionally publishes a notification to Amazon SNS.", + "title": "StopAction" + }, + "WorkmailAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.WorkmailAction", + "markdownDescription": "Calls Amazon WorkMail and, optionally, publishes a notification to Amazon SNS.", + "title": "WorkmailAction" + } + }, + "type": "object" + }, + "AWS::SES::ReceiptRule.AddHeaderAction": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "markdownDescription": "The name of the header to add to the incoming message. The name must contain at least one character, and can contain up to 50 characters. It consists of alphanumeric ( `a\u2013z, A\u2013Z, 0\u20139` ) characters and dashes.", + "title": "HeaderName", "type": "string" }, - "BlockOverrideDnsType": { - "markdownDescription": "The DNS record's type. This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideDnsType", + "HeaderValue": { + "markdownDescription": "The content to include in the header. This value can contain up to 2048 characters. It can't contain newline ( `\\n` ) or carriage return ( `\\r` ) characters.", + "title": "HeaderValue", + "type": "string" + } + }, + "required": [ + "HeaderName", + "HeaderValue" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.BounceAction": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Human-readable text to include in the bounce message.", + "title": "Message", "type": "string" }, - "BlockOverrideDomain": { - "markdownDescription": "The custom DNS record to send back in response to the query. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideDomain", + "Sender": { + "markdownDescription": "The email address of the sender of the bounced email. This is the address from which the bounce message is sent.", + "title": "Sender", "type": "string" }, - "BlockOverrideTtl": { - "markdownDescription": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideTtl", - "type": "number" + "SmtpReplyCode": { + "markdownDescription": "The SMTP reply code, as defined by [RFC 5321](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5321) .", + "title": "SmtpReplyCode", + "type": "string" }, - "BlockResponse": { - "markdownDescription": "The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` .\n\n- `NODATA` - Respond indicating that the query was successful, but no response is available for it.\n- `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist.\n- `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings.", - "title": "BlockResponse", + "StatusCode": { + "markdownDescription": "The SMTP enhanced status code, as defined by [RFC 3463](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3463) .", + "title": "StatusCode", "type": "string" }, - "FirewallDomainListId": { - "markdownDescription": "The ID of the domain list that's used in the rule.", - "title": "FirewallDomainListId", + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the bounce action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "Message", + "Sender", + "SmtpReplyCode" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.ConnectAction": { + "additionalProperties": false, + "properties": { + "IAMRoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used by Amazon Simple Email Service while starting email contacts to the Amazon Connect instance. This role should have permission to invoke `connect:StartEmailContact` for the given Amazon Connect instance.", + "title": "IAMRoleARN", "type": "string" }, - "Priority": { - "markdownDescription": "The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.", - "title": "Priority", - "type": "number" + "InstanceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Connect instance that Amazon SES integrates with for starting email contacts.\n\nFor more information about Amazon Connect instances, see the [Amazon Connect Administrator Guide](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-instances.html)", + "title": "InstanceARN", + "type": "string" + } + }, + "required": [ + "IAMRoleARN", + "InstanceARN" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.LambdaAction": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function. An example of an AWS Lambda function ARN is `arn:aws:lambda:us-west-2:account-id:function:MyFunction` . For more information about AWS Lambda, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html) .", + "title": "FunctionArn", + "type": "string" }, - "Qtype": { - "markdownDescription": "The DNS query type you want the rule to evaluate. Allowed values are;\n\n- A: Returns an IPv4 address.\n- AAAA: Returns an Ipv6 address.\n- CAA: Restricts CAs that can create SSL/TLS certifications for the domain.\n- CNAME: Returns another domain name.\n- DS: Record that identifies the DNSSEC signing key of a delegated zone.\n- MX: Specifies mail servers.\n- NAPTR: Regular-expression-based rewriting of domain names.\n- NS: Authoritative name servers.\n- PTR: Maps an IP address to a domain name.\n- SOA: Start of authority record for the zone.\n- SPF: Lists the servers authorized to send emails from a domain.\n- SRV: Application specific values that identify servers.\n- TXT: Verifies email senders and application-specific values.\n- A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPE NUMBER , where the NUMBER can be 1-65334, for example, TYPE28. For more information, see [List of DNS record types](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_DNS_record_types) .", - "title": "Qtype", + "InvocationType": { + "markdownDescription": "The invocation type of the AWS Lambda function. An invocation type of `RequestResponse` means that the execution of the function immediately results in a response, and a value of `Event` means that the function is invoked asynchronously. The default value is `Event` . For information about AWS Lambda invocation types, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html) .\n\n> There is a 30-second timeout on `RequestResponse` invocations. You should use `Event` invocation in most cases. Use `RequestResponse` only to make a mail flow decision, such as whether to stop the receipt rule or the receipt rule set.", + "title": "InvocationType", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the Lambda action is executed. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", "type": "string" } }, "required": [ - "Action", - "FirewallDomainListId", - "Priority" + "FunctionArn" ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroupAssociation": { + "AWS::SES::ReceiptRule.Rule": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.Action" + }, + "markdownDescription": "An ordered list of actions to perform on messages that match at least one of the recipient email addresses or domains specified in the receipt rule.", + "title": "Actions", + "type": "array" + }, + "Enabled": { + "markdownDescription": "If `true` , the receipt rule is active. The default value is `false` .", + "title": "Enabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the receipt rule. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), dashes (-), or periods (.).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" + }, + "Recipients": { + "items": { + "type": "string" + }, + "markdownDescription": "The recipient domains and email addresses that the receipt rule applies to. If this field is not specified, this rule matches all recipients on all verified domains.", + "title": "Recipients", + "type": "array" + }, + "ScanEnabled": { + "markdownDescription": "If `true` , then messages that this receipt rule applies to are scanned for spam and viruses. The default value is `false` .", + "title": "ScanEnabled", + "type": "boolean" + }, + "TlsPolicy": { + "markdownDescription": "Specifies whether Amazon SES should require that incoming email is delivered over a connection encrypted with Transport Layer Security (TLS). If this parameter is set to `Require` , Amazon SES bounces emails that are not received over TLS. The default is `Optional` .\n\nValid Values: `Require | Optional`", + "title": "TlsPolicy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::ReceiptRule.S3Action": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket for incoming email.", + "title": "BucketName", + "type": "string" + }, + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role to be used by Amazon Simple Email Service while writing to the Amazon S3 bucket, optionally encrypting your mail via the provided customer managed key, and publishing to the Amazon SNS topic. This role should have access to the following APIs:\n\n- `s3:PutObject` , `kms:Encrypt` and `kms:GenerateDataKey` for the given Amazon S3 bucket.\n- `kms:GenerateDataKey` for the given AWS KMS customer managed key.\n- `sns:Publish` for the given Amazon SNS topic.\n\n> If an IAM role ARN is provided, the role (and only the role) is used to access all the given resources (Amazon S3 bucket, AWS KMS customer managed key and Amazon SNS topic). Therefore, setting up individual resource access permissions is not required.", + "title": "IamRoleArn", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the AWS managed key or a customer managed key that you created in AWS KMS as follows:\n\n- To use the AWS managed key, provide an ARN in the form of `arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses` . For example, if your AWS account ID is 123456789012 and you want to use the AWS managed key in the US West (Oregon) Region, the ARN of the AWS managed key would be `arn:aws:kms:us-west-2:123456789012:alias/aws/ses` . If you use the AWS managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.\n- To use a customer managed key that you created in AWS KMS, provide the ARN of the customer managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-permissions.html) .\n\nFor more information about key policies, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) . If you do not specify an AWS KMS key, Amazon SES does not encrypt your emails.\n\n> Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your AWS KMS keys for decryption. This encryption client is currently available with the [AWS SDK for Java](https://docs.aws.amazon.com/sdk-for-java/) and [AWS SDK for Ruby](https://docs.aws.amazon.com/sdk-for-ruby/) only. For more information about client-side encryption using AWS KMS managed keys, see the [Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html) .", + "title": "KmsKeyArn", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to store similar data under the same directory in a bucket.", + "title": "ObjectKeyPrefix", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.SNSAction": { + "additionalProperties": false, + "properties": { + "Encoding": { + "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.", + "title": "Encoding", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.", + "title": "TopicArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::ReceiptRule.StopAction": { + "additionalProperties": false, + "properties": { + "Scope": { + "markdownDescription": "The scope of the StopAction. The only acceptable value is `RuleSet` .", + "title": "Scope", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the stop action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "Scope" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.WorkmailAction": { + "additionalProperties": false, + "properties": { + "OrganizationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon WorkMail organization. Amazon WorkMail ARNs use the following format:\n\n`arn:aws:workmail:::organization/`\n\nYou can find the ID of your organization by using the [ListOrganizations](https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListOrganizations.html) operation in Amazon WorkMail. Amazon WorkMail organization IDs begin with \" `m-` \", followed by a string of alphanumeric characters.\n\nFor information about Amazon WorkMail organizations, see the [Amazon WorkMail Administrator Guide](https://docs.aws.amazon.com/workmail/latest/adminguide/organizations_overview.html) .", + "title": "OrganizationArn", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the WorkMail action is called. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "OrganizationArn" + ], + "type": "object" + }, + "AWS::SES::ReceiptRuleSet": { "additionalProperties": false, "properties": { "Condition": { @@ -233983,50 +285671,17 @@ "Properties": { "additionalProperties": false, "properties": { - "FirewallRuleGroupId": { - "markdownDescription": "The unique identifier of the firewall rule group.", - "title": "FirewallRuleGroupId", - "type": "string" - }, - "MutationProtection": { - "markdownDescription": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.", - "title": "MutationProtection", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the association.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.\n\nYou must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.\n\nThe allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900).", - "title": "Priority", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The unique identifier of the VPC that is associated with the rule group.", - "title": "VpcId", + "RuleSetName": { + "markdownDescription": "The name of the receipt rule set to make active. Setting this value to null disables all email receiving.", + "title": "RuleSetName", "type": "string" } }, - "required": [ - "FirewallRuleGroupId", - "Priority", - "VpcId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::FirewallRuleGroupAssociation" + "AWS::SES::ReceiptRuleSet" ], "type": "string" }, @@ -234040,12 +285695,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53Resolver::OutpostResolver": { + "AWS::SES::Template": { "additionalProperties": false, "properties": { "Condition": { @@ -234080,45 +285734,17 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "Amazon EC2 instance count for the Resolver on the Outpost.", - "title": "InstanceCount", - "type": "number" - }, - "Name": { - "markdownDescription": "Name of the Resolver.", - "title": "Name", - "type": "string" - }, - "OutpostArn": { - "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", - "title": "OutpostArn", - "type": "string" - }, - "PreferredInstanceType": { - "markdownDescription": "The Amazon EC2 instance type. If you specify this, you must also specify a value for the `OutpostArn` .", - "title": "PreferredInstanceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A key value pair that helps you identify a Route\u00a053 Resolver .", - "title": "Tags", - "type": "array" + "Template": { + "$ref": "#/definitions/AWS::SES::Template.Template", + "markdownDescription": "The content of the email, composed of a subject line and either an HTML part or a text-only part.", + "title": "Template" } }, - "required": [ - "Name", - "OutpostArn", - "PreferredInstanceType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::OutpostResolver" + "AWS::SES::Template" ], "type": "string" }, @@ -234132,12 +285758,40 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53Resolver::ResolverConfig": { + "AWS::SES::Template.Template": { + "additionalProperties": false, + "properties": { + "HtmlPart": { + "markdownDescription": "The HTML body of the email.", + "title": "HtmlPart", + "type": "string" + }, + "SubjectPart": { + "markdownDescription": "The subject line of the email.", + "title": "SubjectPart", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the template. You will refer to this name when you send email using the `SendEmail` or `SendBulkEmail` operations.", + "title": "TemplateName", + "type": "string" + }, + "TextPart": { + "markdownDescription": "The email body that is visible to recipients whose email clients do not display HTML content.", + "title": "TextPart", + "type": "string" + } + }, + "required": [ + "SubjectPart" + ], + "type": "object" + }, + "AWS::SES::VdmAttributes": { "additionalProperties": false, "properties": { "Condition": { @@ -234172,26 +285826,22 @@ "Properties": { "additionalProperties": false, "properties": { - "AutodefinedReverseFlag": { - "markdownDescription": "Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` .", - "title": "AutodefinedReverseFlag", - "type": "string" + "DashboardAttributes": { + "$ref": "#/definitions/AWS::SES::VdmAttributes.DashboardAttributes", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", + "title": "DashboardAttributes" }, - "ResourceId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud VPC or a Route 53 Profile that you're configuring Resolver for.", - "title": "ResourceId", - "type": "string" + "GuardianAttributes": { + "$ref": "#/definitions/AWS::SES::VdmAttributes.GuardianAttributes", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", + "title": "GuardianAttributes" } }, - "required": [ - "AutodefinedReverseFlag", - "ResourceId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverConfig" + "AWS::SES::VdmAttributes" ], "type": "string" }, @@ -234205,12 +285855,33 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53Resolver::ResolverDNSSECConfig": { + "AWS::SES::VdmAttributes.DashboardAttributes": { + "additionalProperties": false, + "properties": { + "EngagementMetrics": { + "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for your account.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for your account.", + "title": "EngagementMetrics", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::VdmAttributes.GuardianAttributes": { + "additionalProperties": false, + "properties": { + "OptimizedSharedDelivery": { + "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for your account.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for your account.", + "title": "OptimizedSharedDelivery", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SNS::Subscription": { "additionalProperties": false, "properties": { "Condition": { @@ -234245,17 +285916,71 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceId": { - "markdownDescription": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.", - "title": "ResourceId", + "DeliveryPolicy": { + "markdownDescription": "The delivery policy JSON assigned to the subscription. Enables the subscriber to define the message delivery retry strategy in the case of an HTTP/S endpoint subscribed to the topic. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message delivery retries](https://docs.aws.amazon.com/sns/latest/dg/sns-message-delivery-retries.html) in the *Amazon SNS Developer Guide* .", + "title": "DeliveryPolicy", + "type": "object" + }, + "Endpoint": { + "markdownDescription": "The subscription's endpoint. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Endpoint", + "type": "string" + }, + "FilterPolicy": { + "markdownDescription": "The filter policy JSON assigned to the subscription. Enables the subscriber to filter out unwanted messages. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message filtering](https://docs.aws.amazon.com/sns/latest/dg/sns-message-filtering.html) in the *Amazon SNS Developer Guide* .", + "title": "FilterPolicy", + "type": "object" + }, + "FilterPolicyScope": { + "markdownDescription": "This attribute lets you choose the filtering scope by using one of the following string value types:\n\n- `MessageAttributes` (default) - The filter is applied on the message attributes.\n- `MessageBody` - The filter is applied on the message body.\n\n> `Null` is not a valid value for `FilterPolicyScope` . To delete a filter policy, delete the `FilterPolicy` property but keep `FilterPolicyScope` property as is.", + "title": "FilterPolicyScope", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Protocol", + "type": "string" + }, + "RawMessageDelivery": { + "markdownDescription": "When set to `true` , enables raw message delivery. Raw messages don't contain any JSON formatting and can be sent to Amazon SQS and HTTP/S endpoints. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* .", + "title": "RawMessageDelivery", + "type": "boolean" + }, + "RedrivePolicy": { + "markdownDescription": "When specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue. Messages that can't be delivered due to client errors (for example, when the subscribed endpoint is unreachable) or server errors (for example, when the service that powers the subscribed endpoint becomes unavailable) are held in the dead-letter queue for further analysis or reprocessing.\n\nFor more information about the redrive policy and dead-letter queues, see [Amazon SQS dead-letter queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html) in the *Amazon SQS Developer Guide* .", + "title": "RedrivePolicy", + "type": "object" + }, + "Region": { + "markdownDescription": "For cross-region subscriptions, the region in which the topic resides.\n\nIf no region is specified, AWS CloudFormation uses the region of the caller as the default.\n\nIf you perform an update operation that only updates the `Region` property of a `AWS::SNS::Subscription` resource, that operation will fail unless you are either:\n\n- Updating the `Region` from `NULL` to the caller region.\n- Updating the `Region` from the caller region to `NULL` .", + "title": "Region", + "type": "string" + }, + "ReplayPolicy": { + "markdownDescription": "Specifies whether Amazon SNS resends the notification to the subscription when a message's attribute changes.", + "title": "ReplayPolicy", + "type": "object" + }, + "SubscriptionRoleArn": { + "markdownDescription": "This property applies only to Amazon Data Firehose delivery stream subscriptions. Specify the ARN of the IAM role that has the following:\n\n- Permission to write to the Amazon Data Firehose delivery stream\n- Amazon SNS listed as a trusted entity\n\nSpecifying a valid ARN for this attribute is required for Firehose delivery stream subscriptions. For more information, see [Fanout to Amazon Data Firehose delivery streams](https://docs.aws.amazon.com/sns/latest/dg/sns-firehose-as-subscriber.html) in the *Amazon SNS Developer Guide.*", + "title": "SubscriptionRoleArn", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The ARN of the topic to subscribe to.", + "title": "TopicArn", "type": "string" } }, + "required": [ + "Protocol", + "TopicArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverDNSSECConfig" + "AWS::SNS::Subscription" ], "type": "string" }, @@ -234269,16 +285994,24 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53Resolver::ResolverEndpoint": { + "AWS::SNS::Topic": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -234308,74 +286041,86 @@ "Properties": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network\n- `INBOUND_DELEGATION` : Resolver delegates queries to Route 53 private hosted zones from your network.", - "title": "Direction", - "type": "string" + "ArchivePolicy": { + "markdownDescription": "The `ArchivePolicy` determines the number of days Amazon SNS retains messages in FIFO topics. You can set a retention period ranging from 1 to 365 days. This property is only applicable to FIFO topics; attempting to use it with standard topics will result in a creation failure.", + "title": "ArchivePolicy", + "type": "object" }, - "IpAddresses": { + "ContentBasedDeduplication": { + "markdownDescription": "`ContentBasedDeduplication` enables deduplication of messages based on their content for FIFO topics. By default, this property is set to false. If you create a FIFO topic with `ContentBasedDeduplication` set to false, you must provide a `MessageDeduplicationId` for each `Publish` action. When set to true, Amazon SNS automatically generates a `MessageDeduplicationId` using a SHA-256 hash of the message body (excluding message attributes). You can optionally override this generated value by specifying a `MessageDeduplicationId` in the `Publish` action. Note that this property only applies to FIFO topics; using it with standard topics will cause the creation to fail.", + "title": "ContentBasedDeduplication", + "type": "boolean" + }, + "DataProtectionPolicy": { + "markdownDescription": "The body of the policy document you want to use for this topic.\n\nYou can only add one policy per topic.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 30,720.", + "title": "DataProtectionPolicy", + "type": "object" + }, + "DeliveryStatusLogging": { "items": { - "$ref": "#/definitions/AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest" + "$ref": "#/definitions/AWS::SNS::Topic.LoggingConfig" }, - "markdownDescription": "The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.\n\n> Even though the minimum is 1, Route\u00a053 requires that you create at least two.", - "title": "IpAddresses", + "markdownDescription": "The `DeliveryStatusLogging` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:\n\n- HTTP\n- Amazon Kinesis Data Firehose\n- AWS Lambda\n- Platform application endpoint\n- Amazon Simple Queue Service\n\nOnce configured, log entries are sent to Amazon CloudWatch Logs.", + "title": "DeliveryStatusLogging", "type": "array" }, - "Name": { - "markdownDescription": "A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.", - "title": "Name", + "DisplayName": { + "markdownDescription": "The display name to use for an Amazon SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs.", + "title": "DisplayName", "type": "string" }, - "OutpostArn": { - "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", - "title": "OutpostArn", + "FifoThroughputScope": { + "markdownDescription": "Specifies the throughput quota and deduplication behavior to apply for the FIFO topic. Valid values are `Topic` or `MessageGroup` .", + "title": "FifoThroughputScope", "type": "string" }, - "PreferredInstanceType": { - "markdownDescription": "The Amazon EC2 instance type.", - "title": "PreferredInstanceType", - "type": "string" + "FifoTopic": { + "markdownDescription": "Set to true to create a FIFO topic.", + "title": "FifoTopic", + "type": "boolean" }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "Protocols used for the endpoint. DoH-FIPS is applicable for a default inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor a delegation inbound endpoint you can use Do53 only.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", - "title": "Protocols", - "type": "array" + "KmsMasterKeyId": { + "markdownDescription": "The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms) . For more examples, see `[KeyId](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)` in the *AWS Key Management Service API Reference* .\n\nThis property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html) .", + "title": "KmsMasterKeyId", + "type": "string" }, - "ResolverEndpointType": { - "markdownDescription": "The Resolver endpoint IP address type.", - "title": "ResolverEndpointType", + "SignatureVersion": { + "markdownDescription": "The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, `SignatureVersion` is set to `1` .", + "title": "SignatureVersion", "type": "string" }, - "SecurityGroupIds": { + "Subscription": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SNS::Topic.Subscription" }, - "markdownDescription": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.", - "title": "SecurityGroupIds", + "markdownDescription": "The Amazon SNS subscriptions (endpoints) for this topic.\n\n> If you specify the `Subscription` property in the `AWS::SNS::Topic` resource and it creates an associated subscription resource, the associated subscription is not deleted when the `AWS::SNS::Topic` resource is deleted.", + "title": "Subscription", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Route 53 Resolver doesn't support updating tags through CloudFormation.", + "markdownDescription": "The list of tags to add to a new topic.\n\n> To be able to tag a topic on creation, you must have the `sns:CreateTopic` and `sns:TagResource` permissions.", "title": "Tags", "type": "array" + }, + "TopicName": { + "markdownDescription": "The name of the topic you want to create. Topic names must include only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. FIFO topic names must end with `.fifo` .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the topic name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TopicName", + "type": "string" + }, + "TracingConfig": { + "markdownDescription": "Tracing mode of an Amazon SNS topic. By default `TracingConfig` is set to `PassThrough` , and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to `Active` , Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true.", + "title": "TracingConfig", + "type": "string" } }, - "required": [ - "Direction", - "IpAddresses", - "SecurityGroupIds" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverEndpoint" + "AWS::SNS::Topic" ], "type": "string" }, @@ -234389,36 +286134,60 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest": { + "AWS::SNS::Topic.LoggingConfig": { "additionalProperties": false, "properties": { - "Ip": { - "markdownDescription": "The IPv4 address that you want to use for DNS queries.", - "title": "Ip", + "FailureFeedbackRoleArn": { + "markdownDescription": "The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch.", + "title": "FailureFeedbackRoleArn", "type": "string" }, - "Ipv6": { - "markdownDescription": "The IPv6 address that you want to use for DNS queries.", - "title": "Ipv6", + "Protocol": { + "markdownDescription": "Indicates one of the supported protocols for the Amazon SNS topic.\n\n> At least one of the other three `LoggingConfig` properties is recommend along with `Protocol` .", + "title": "Protocol", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet that contains the IP address.", - "title": "SubnetId", + "SuccessFeedbackRoleArn": { + "markdownDescription": "The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch.", + "title": "SuccessFeedbackRoleArn", + "type": "string" + }, + "SuccessFeedbackSampleRate": { + "markdownDescription": "The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100.", + "title": "SuccessFeedbackSampleRate", "type": "string" } }, "required": [ - "SubnetId" + "Protocol" ], "type": "object" }, - "AWS::Route53Resolver::ResolverQueryLoggingConfig": { + "AWS::SNS::Topic.Subscription": { + "additionalProperties": false, + "properties": { + "Endpoint": { + "markdownDescription": "The endpoint that receives notifications from the Amazon SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Endpoint", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Protocol", + "type": "string" + } + }, + "required": [ + "Endpoint", + "Protocol" + ], + "type": "object" + }, + "AWS::SNS::TopicInlinePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -234453,22 +286222,26 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.", - "title": "DestinationArn", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A policy document that contains permissions to add to the specified Amazon SNS topic.", + "title": "PolicyDocument", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the query logging configuration.", - "title": "Name", + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the topic to which you want to add the policy.", + "title": "TopicArn", "type": "string" } }, + "required": [ + "PolicyDocument", + "TopicArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverQueryLoggingConfig" + "AWS::SNS::TopicInlinePolicy" ], "type": "string" }, @@ -234482,11 +286255,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation": { + "AWS::SNS::TopicPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -234521,22 +286295,29 @@ "Properties": { "additionalProperties": false, "properties": { - "ResolverQueryLogConfigId": { - "markdownDescription": "The ID of the query logging configuration that a VPC is associated with.", - "title": "ResolverQueryLogConfigId", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A policy document that contains permissions to add to the specified SNS topics.", + "title": "PolicyDocument", + "type": "object" }, - "ResourceId": { - "markdownDescription": "The ID of the Amazon VPC that is associated with the query logging configuration.", - "title": "ResourceId", - "type": "string" + "Topics": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SNS::Topic](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-topic.html)` resource.", + "title": "Topics", + "type": "array" } }, + "required": [ + "PolicyDocument", + "Topics" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation" + "AWS::SNS::TopicPolicy" ], "type": "string" }, @@ -234550,16 +286331,24 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53Resolver::ResolverRule": { + "AWS::SQS::Queue": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -234589,52 +286378,95 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).", - "title": "DomainName", + "ContentBasedDeduplication": { + "markdownDescription": "For first-in-first-out (FIFO) queues, specifies whether to enable content-based deduplication. During the deduplication interval, Amazon SQS treats messages that are sent with identical content as duplicates and delivers only one copy of the message. For more information, see the `ContentBasedDeduplication` attribute for the `[CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html)` action in the *Amazon SQS API Reference* .", + "title": "ContentBasedDeduplication", + "type": "boolean" + }, + "DeduplicationScope": { + "markdownDescription": "For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. Valid values are `messageGroup` and `queue` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `messageGroup` *and* set the `FifoThroughputLimit` attribute to `perMessageGroupId` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", + "title": "DeduplicationScope", "type": "string" }, - "Name": { - "markdownDescription": "The name for the Resolver rule, which you specified when you created the Resolver rule.", - "title": "Name", + "DelaySeconds": { + "markdownDescription": "The time in seconds for which the delivery of all messages in the queue is delayed. You can specify an integer value of `0` to `900` (15 minutes). The default value is `0` .", + "title": "DelaySeconds", + "type": "number" + }, + "FifoQueue": { + "markdownDescription": "If set to true, creates a FIFO queue. If you don't specify this property, Amazon SQS creates a standard queue. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .", + "title": "FifoQueue", + "type": "boolean" + }, + "FifoThroughputLimit": { + "markdownDescription": "For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are `perQueue` and `perMessageGroupId` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `perMessageGroupId` *and* set the `DeduplicationScope` attribute to `messageGroup` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", + "title": "FifoThroughputLimit", "type": "string" }, - "ResolverEndpointId": { - "markdownDescription": "The ID of the endpoint that the rule is associated with.", - "title": "ResolverEndpointId", + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "The length of time in seconds for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).\n\n> A shorter time period provides better security, but results in more calls to AWS KMS , which might incur charges after Free Tier. For more information, see [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-how-does-the-data-key-reuse-period-work) in the *Amazon SQS Developer Guide* .", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsMasterKeyId": { + "markdownDescription": "The ID of an AWS Key Management Service (KMS) for Amazon SQS , or a custom KMS. To use the AWS managed KMS for Amazon SQS , specify a (default) alias ARN, alias name (for example `alias/aws/sqs` ), key ARN, or key ID. For more information, see the following:\n\n- [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Amazon SQS Developer Guide*\n- [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *Amazon SQS API Reference*\n- [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *AWS Key Management Service API Reference*\n- The Key Management Service (KMS) section of the [Security best practices for AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) in the *AWS Key Management Service Developer Guide*", + "title": "KmsMasterKeyId", "type": "string" }, - "RuleType": { - "markdownDescription": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` or `DELEGATE` . If a query matches multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains the most specific domain name (www.example.com).\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", - "title": "RuleType", + "MaximumMessageSize": { + "markdownDescription": "The limit of how many bytes that a message can contain before Amazon SQS rejects it. You can specify an integer value from `1,024` bytes (1 KiB) to `262,144` bytes (256 KiB). The default value is `262,144` (256 KiB).", + "title": "MaximumMessageSize", + "type": "number" + }, + "MessageRetentionPeriod": { + "markdownDescription": "The number of seconds that Amazon SQS retains a message. You can specify an integer value from `60` seconds (1 minute) to `1,209,600` seconds (14 days). The default value is `345,600` seconds (4 days).", + "title": "MessageRetentionPeriod", + "type": "number" + }, + "QueueName": { + "markdownDescription": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the `.fifo` suffix. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *AWS CloudFormation User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "QueueName", "type": "string" }, + "ReceiveMessageWaitTimeSeconds": { + "markdownDescription": "Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, rather than returning an empty response if a message isn't yet available. You can specify an integer from 1 to 20. Short polling is used as the default or when you specify 0 for this property. For more information, see [Consuming messages using long polling](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-short-and-long-polling.html#sqs-long-polling) in the *Amazon SQS Developer Guide* .", + "title": "ReceiveMessageWaitTimeSeconds", + "type": "number" + }, + "RedriveAllowPolicy": { + "markdownDescription": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n\n- `redrivePermission` : The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n\n- `allowAll` : (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n- `denyAll` : No source queues can specify this queue as the dead-letter queue.\n- `byQueue` : Only queues specified by the `sourceQueueArns` parameter can specify this queue as the dead-letter queue.\n- `sourceQueueArns` : The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the `redrivePermission` parameter is set to `byQueue` . You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the `redrivePermission` parameter to `allowAll` .", + "title": "RedriveAllowPolicy", + "type": "object" + }, + "RedrivePolicy": { + "markdownDescription": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n\n- `deadLetterTargetArn` : The Amazon Resource Name (ARN) of the dead-letter queue to which Amazon SQS moves messages after the value of `maxReceiveCount` is exceeded.\n- `maxReceiveCount` : The number of times a message is received by a consumer of the source queue before being moved to the dead-letter queue. When the `ReceiveCount` for a message exceeds the `maxReceiveCount` for a queue, Amazon SQS moves the message to the dead-letter-queue.\n\n> The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue. \n\n*JSON*\n\n`{ \"deadLetterTargetArn\" : *String* , \"maxReceiveCount\" : *Integer* }`\n\n*YAML*\n\n`deadLetterTargetArn : *String*`\n\n`maxReceiveCount : *Integer*`", + "title": "RedrivePolicy", + "type": "object" + }, + "SqsManagedSseEnabled": { + "markdownDescription": "Enables server-side queue encryption using SQS owned encryption keys. Only one server-side encryption option is supported per queue (for example, [SSE-KMS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sse-existing-queue.html) or [SSE-SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sqs-sse-queue.html) ). When `SqsManagedSseEnabled` is not defined, `SSE-SQS` encryption is enabled by default.", + "title": "SqsManagedSseEnabled", + "type": "boolean" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags help organize and categorize your Resolver rules. Each tag consists of a key and an optional value, both of which you define.", + "markdownDescription": "The tags that you attach to this queue. For more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .", "title": "Tags", "type": "array" }, - "TargetIps": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::ResolverRule.TargetAddress" - }, - "markdownDescription": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network.", - "title": "TargetIps", - "type": "array" + "VisibilityTimeout": { + "markdownDescription": "The length of time during which a message will be unavailable after a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue.\n\nValues must be from 0 to 43,200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.\n\nFor more information about Amazon SQS queue visibility timeouts, see [Visibility timeout](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html) in the *Amazon SQS Developer Guide* .", + "title": "VisibilityTimeout", + "type": "number" } }, - "required": [ - "DomainName", - "RuleType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverRule" + "AWS::SQS::Queue" ], "type": "string" }, @@ -234648,38 +286480,84 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53Resolver::ResolverRule.TargetAddress": { + "AWS::SQS::QueueInlinePolicy": { "additionalProperties": false, "properties": { - "Ip": { - "markdownDescription": "One IPv4 address that you want to forward DNS queries to.", - "title": "Ip", + "Condition": { "type": "string" }, - "Ipv6": { - "markdownDescription": "One IPv6 address that you want to forward DNS queries to.", - "title": "Ipv6", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port at `Ip` that you want to forward DNS queries to.", - "title": "Port", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", + "title": "PolicyDocument", + "type": "object" + }, + "Queue": { + "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html)` resource.", + "title": "Queue", + "type": "string" + } + }, + "required": [ + "PolicyDocument", + "Queue" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SQS::QueueInlinePolicy" + ], "type": "string" }, - "Protocol": { - "markdownDescription": "The protocols for the target address. The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.", - "title": "Protocol", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Route53Resolver::ResolverRuleAssociation": { + "AWS::SQS::QueuePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -234714,31 +286592,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of an association between a Resolver rule and a VPC.", - "title": "Name", - "type": "string" - }, - "ResolverRuleId": { - "markdownDescription": "The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` .", - "title": "ResolverRuleId", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", + "title": "PolicyDocument", + "type": "object" }, - "VPCId": { - "markdownDescription": "The ID of the VPC that you associated the Resolver rule with.", - "title": "VPCId", - "type": "string" + "Queues": { + "items": { + "type": "string" + }, + "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queue.html)` resource.", + "title": "Queues", + "type": "array" } }, "required": [ - "ResolverRuleId", - "VPCId" + "PolicyDocument", + "Queues" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverRuleAssociation" + "AWS::SQS::QueuePolicy" ], "type": "string" }, @@ -234757,7 +286633,7 @@ ], "type": "object" }, - "AWS::S3::AccessGrant": { + "AWS::SSM::Association": { "additionalProperties": false, "properties": { "Condition": { @@ -234792,55 +286668,106 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessGrantsLocationConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessGrant.AccessGrantsLocationConfiguration", - "markdownDescription": "The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.", - "title": "AccessGrantsLocationConfiguration" + "ApplyOnlyAtCronInterval": { + "markdownDescription": "By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.", + "title": "ApplyOnlyAtCronInterval", + "type": "boolean" }, - "AccessGrantsLocationId": { - "markdownDescription": "The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.", - "title": "AccessGrantsLocationId", + "AssociationName": { + "markdownDescription": "Specify a descriptive name for the association.", + "title": "AssociationName", "type": "string" }, - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.", - "title": "ApplicationArn", + "AutomationTargetParameterName": { + "markdownDescription": "Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a tool in AWS Systems Manager .", + "title": "AutomationTargetParameterName", "type": "string" }, - "Grantee": { - "$ref": "#/definitions/AWS::S3::AccessGrant.Grantee", - "markdownDescription": "The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.", - "title": "Grantee" + "CalendarNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) in the *AWS Systems Manager User Guide* .", + "title": "CalendarNames", + "type": "array" }, - "Permission": { - "markdownDescription": "The type of access that you are granting to your S3 data, which can be set to one of the following values:\n\n- `READ` \u2013 Grant read-only access to the S3 data.\n- `WRITE` \u2013 Grant write-only access to the S3 data.\n- `READWRITE` \u2013 Grant both read and write access to the S3 data.", - "title": "Permission", + "ComplianceSeverity": { + "markdownDescription": "The severity level that is assigned to the association.", + "title": "ComplianceSeverity", "type": "string" }, - "S3PrefixType": { - "markdownDescription": "The type of `S3SubPrefix` . The only possible value is `Object` . Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.", - "title": "S3PrefixType", + "DocumentVersion": { + "markdownDescription": "The version of the SSM document to associate with the target.\n\n> Note the following important information.\n> \n> - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the `default` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to `default` .\n> - `DocumentVersion` is not valid for documents owned by AWS , such as `AWS-RunPatchBaseline` or `AWS-UpdateSSMAgent` . If you specify `DocumentVersion` for an AWS document, the system returns the following error: \"Error occurred during operation 'CreateAssociation'.\" (RequestToken: , HandlerErrorCode: GeneralServiceException).", + "title": "DocumentVersion", "type": "string" }, - "Tags": { + "InstanceId": { + "markdownDescription": "> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.\n> \n> Note that in some examples later in this page, `InstanceIds` is used as the tag-key name in a `Targets` filter. `InstanceId` is not used as a parameter. \n\nThe ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.", + "title": "InstanceId", + "type": "string" + }, + "MaxConcurrency": { + "markdownDescription": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` .", + "title": "MaxConcurrency", + "type": "string" + }, + "MaxErrors": { + "markdownDescription": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time.", + "title": "MaxErrors", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the SSM document that contains the configuration information for the instance. You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format:\n\n`arn:partition:ssm:region:account-id:document/document-name`\n\nFor example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`\n\nFor AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, `AWS -ApplyPatchBaseline` or `My-Document` .", + "title": "Name", + "type": "string" + }, + "OutputLocation": { + "$ref": "#/definitions/AWS::SSM::Association.InstanceAssociationOutputLocation", + "markdownDescription": "An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.", + "title": "OutputLocation" + }, + "Parameters": { + "markdownDescription": "The parameters for the runtime configuration of the document.", + "title": "Parameters", + "type": "object" + }, + "ScheduleExpression": { + "markdownDescription": "A cron expression that specifies a schedule when the association runs. The schedule runs in Coordinated Universal Time (UTC).", + "title": "ScheduleExpression", + "type": "string" + }, + "ScheduleOffset": { + "markdownDescription": "Number of days to wait after the scheduled day to run an association.", + "title": "ScheduleOffset", + "type": "number" + }, + "SyncCompliance": { + "markdownDescription": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` .\n\nIn `MANUAL` mode, you must specify the `AssociationId` as a parameter for the `PutComplianceItems` API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the `PutComplianceItems` API action.\n\nBy default, all associations use `AUTO` mode.", + "title": "SyncCompliance", + "type": "string" + }, + "Targets": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::SSM::Association.Target" }, - "markdownDescription": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", - "title": "Tags", + "markdownDescription": "The targets for the association. You must specify the `InstanceId` or `Targets` property. You can target all instances in an AWS account by specifying t he `InstanceIds` key with a value of `*` .\n\nSupported formats include the following.\n\n- `Key=InstanceIds,Values=,,`\n- `Key=tag-key,Values=,`\n\nTo view a JSON and a YAML example that targets all instances, see \"Create an association for all managed instances in an AWS account \" on the Examples page.", + "title": "Targets", "type": "array" + }, + "WaitForSuccessTimeoutSeconds": { + "markdownDescription": "The number of seconds the service should wait for the association status to show \"Success\" before proceeding with the stack execution. If the association status doesn't show \"Success\" after the specified number of seconds, then stack creation fails.\n\n> When you specify a value for the `WaitForSuccessTimeoutSeconds` , [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html) for your AWS CloudFormation stack\u2019s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don\u2019t include `WaitForSuccessTimeoutSeconds` in your template.", + "title": "WaitForSuccessTimeoutSeconds", + "type": "number" } }, "required": [ - "AccessGrantsLocationId", - "Grantee", - "Permission" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::AccessGrant" + "AWS::SSM::Association" ], "type": "string" }, @@ -234859,41 +286786,62 @@ ], "type": "object" }, - "AWS::S3::AccessGrant.AccessGrantsLocationConfiguration": { + "AWS::SSM::Association.InstanceAssociationOutputLocation": { "additionalProperties": false, "properties": { - "S3SubPrefix": { - "markdownDescription": "The `S3SubPrefix` is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default location `s3://` because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default location `s3://` , the `S3SubPrefx` can be a `/*` , so the full grant scope path would be `s3:///*` . Or the `S3SubPrefx` can be `/*` , so the full grant scope path would be `s3:///*` .\n\nIf the `S3SubPrefix` includes a prefix, append the wildcard character `*` after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.", - "title": "S3SubPrefix", - "type": "string" + "S3Location": { + "$ref": "#/definitions/AWS::SSM::Association.S3OutputLocation", + "markdownDescription": "`S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request.", + "title": "S3Location" } }, - "required": [ - "S3SubPrefix" - ], "type": "object" }, - "AWS::S3::AccessGrant.Grantee": { + "AWS::SSM::Association.S3OutputLocation": { "additionalProperties": false, "properties": { - "GranteeIdentifier": { - "markdownDescription": "The unique identifier of the `Grantee` . If the grantee type is `IAM` , the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . You can obtain this UUID from your AWS IAM Identity Center instance.", - "title": "GranteeIdentifier", + "OutputS3BucketName": { + "markdownDescription": "The name of the S3 bucket.", + "title": "OutputS3BucketName", "type": "string" }, - "GranteeType": { - "markdownDescription": "The type of the grantee to which access has been granted. It can be one of the following values:\n\n- `IAM` - An IAM user or role.\n- `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.\n- `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.", - "title": "GranteeType", + "OutputS3KeyPrefix": { + "markdownDescription": "The S3 bucket subfolder.", + "title": "OutputS3KeyPrefix", + "type": "string" + }, + "OutputS3Region": { + "markdownDescription": "The AWS Region of the S3 bucket.", + "title": "OutputS3Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSM::Association.Target": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", + "title": "Key", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", + "title": "Values", + "type": "array" } }, "required": [ - "GranteeIdentifier", - "GranteeType" + "Key", + "Values" ], "type": "object" }, - "AWS::S3::AccessGrantsInstance": { + "AWS::SSM::Document": { "additionalProperties": false, "properties": { "Condition": { @@ -234928,25 +286876,74 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityCenterArn": { - "markdownDescription": "If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center.", - "title": "IdentityCenterArn", + "Attachments": { + "items": { + "$ref": "#/definitions/AWS::SSM::Document.AttachmentsSource" + }, + "markdownDescription": "A list of key-value pairs that describe attachments to a version of a document.", + "title": "Attachments", + "type": "array" + }, + "Content": { + "markdownDescription": "The content for the new SSM document in JSON or YAML. For more information about the schemas for SSM document content, see [SSM document schema features and examples](https://docs.aws.amazon.com/systems-manager/latest/userguide/document-schemas-features.html) in the *AWS Systems Manager User Guide* .\n\n> This parameter also supports `String` data types.", + "title": "Content", + "type": "object" + }, + "DocumentFormat": { + "markdownDescription": "Specify the document format for the request. `JSON` is the default format.", + "title": "DocumentFormat", + "type": "string" + }, + "DocumentType": { + "markdownDescription": "The type of document to create.", + "title": "DocumentType", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the SSM document.\n\n> You can't use the following strings as document name prefixes. These are reserved by AWS for use as document name prefixes:\n> \n> - `aws`\n> - `amazon`\n> - `amzn`\n> - `AWSEC2`\n> - `AWSConfigRemediation`\n> - `AWSSupport`", + "title": "Name", "type": "string" }, + "Requires": { + "items": { + "$ref": "#/definitions/AWS::SSM::Document.DocumentRequires" + }, + "markdownDescription": "A list of SSM documents required by a document. This parameter is used exclusively by AWS AppConfig . When a user creates an AWS AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an `ApplicationConfiguration` document requires an `ApplicationConfigurationSchema` document for validation purposes. For more information, see [What is AWS AppConfig ?](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .", + "title": "Requires", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "markdownDescription": "AWS CloudFormation resource tags to apply to the document. Use tags to help you identify and categorize resources.", "title": "Tags", "type": "array" + }, + "TargetType": { + "markdownDescription": "Specify a target type to define the kinds of resources the document can run on. For example, to run a document on EC2 instances, specify the following value: `/AWS::EC2::Instance` . If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) in the *AWS CloudFormation User Guide* .", + "title": "TargetType", + "type": "string" + }, + "UpdateMethod": { + "markdownDescription": "If the document resource you specify in your template already exists, this parameter determines whether a new version of the existing document is created, or the existing document is replaced. `Replace` is the default method. If you specify `NewVersion` for the `UpdateMethod` parameter, and the `Name` of the document does not match an existing resource, a new document is created. When you specify `NewVersion` , the default version of the document is changed to the newly created version.", + "title": "UpdateMethod", + "type": "string" + }, + "VersionName": { + "markdownDescription": "An optional field specifying the version of the artifact you are creating with the document. For example, `Release12.1` . This value is unique across all versions of a document, and can't be changed.", + "title": "VersionName", + "type": "string" } }, + "required": [ + "Content" + ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::AccessGrantsInstance" + "AWS::SSM::Document" ], "type": "string" }, @@ -234960,11 +286957,52 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::AccessGrantsLocation": { + "AWS::SSM::Document.AttachmentsSource": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a key-value pair that identifies the location of an attachment to a document.", + "title": "Key", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the document attachment file.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The value of a key-value pair that identifies the location of an attachment to a document. The format for *Value* depends on the type of key you specify.\n\n- For the key *SourceUrl* , the value is an S3 bucket location. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix\" ]`\n- For the key *S3FileUrl* , the value is a file in an S3 bucket. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix/my-file.py\" ]`\n- For the key *AttachmentReference* , the value is constructed from the name of another SSM document in your account, a version number of that document, and a file attached to that document version that you want to reuse. For example:\n\n`\"Values\": [ \"MyOtherDocument/3/my-other-file.py\" ]`\n\nHowever, if the SSM document is shared with you from another account, the full SSM document ARN must be specified instead of the document name only. For example:\n\n`\"Values\": [ \"arn:aws:ssm:us-east-2:111122223333:document/OtherAccountDocument/3/their-file.py\" ]`", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSM::Document.DocumentRequires": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the required SSM document. The name can be an Amazon Resource Name (ARN).", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The document version required by the current document.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSM::MaintenanceWindow": { "additionalProperties": false, "properties": { "Condition": { @@ -234999,30 +287037,77 @@ "Properties": { "additionalProperties": false, "properties": { - "IamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.", - "title": "IamRoleArn", + "AllowUnassociatedTargets": { + "markdownDescription": "Enables a maintenance window task to run on managed instances, even if you have not registered those instances as targets. If enabled, then you must specify the unregistered instances (by instance ID) when you register a task with the maintenance window.", + "title": "AllowUnassociatedTargets", + "type": "boolean" + }, + "Cutoff": { + "markdownDescription": "The number of hours before the end of the maintenance window that AWS Systems Manager stops scheduling new tasks for execution.", + "title": "Cutoff", + "type": "number" + }, + "Description": { + "markdownDescription": "A description of the maintenance window.", + "title": "Description", "type": "string" }, - "LocationScope": { - "markdownDescription": "The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://` , the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.", - "title": "LocationScope", + "Duration": { + "markdownDescription": "The duration of the maintenance window in hours.", + "title": "Duration", + "type": "number" + }, + "EndDate": { + "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become inactive.", + "title": "EndDate", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the maintenance window.", + "title": "Name", + "type": "string" + }, + "Schedule": { + "markdownDescription": "The schedule of the maintenance window in the form of a cron or rate expression.", + "title": "Schedule", + "type": "string" + }, + "ScheduleOffset": { + "markdownDescription": "The number of days to wait to run a maintenance window after the scheduled cron expression date and time.", + "title": "ScheduleOffset", + "type": "number" + }, + "ScheduleTimezone": { + "markdownDescription": "The time zone that the scheduled maintenance window executions are based on, in Internet Assigned Numbers Authority (IANA) format.", + "title": "ScheduleTimezone", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become active. `StartDate` allows you to delay activation of the maintenance window until the specified future date.", + "title": "StartDate", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a maintenance window to identify the type of tasks it will run, the types of targets, and the environment it will run in.", "title": "Tags", "type": "array" } }, + "required": [ + "AllowUnassociatedTargets", + "Cutoff", + "Duration", + "Name", + "Schedule" + ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::AccessGrantsLocation" + "AWS::SSM::MaintenanceWindow" ], "type": "string" }, @@ -235036,11 +287121,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::AccessPoint": { + "AWS::SSM::MaintenanceWindowTarget": { "additionalProperties": false, "properties": { "Condition": { @@ -235075,45 +287161,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the bucket associated with this access point.", - "title": "Bucket", - "type": "string" - }, - "BucketAccountId": { - "markdownDescription": "The AWS account ID associated with the S3 bucket associated with this access point.", - "title": "BucketAccountId", + "Description": { + "markdownDescription": "A description for the target.", + "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of this access point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", + "markdownDescription": "The name for the maintenance window target.", "title": "Name", "type": "string" }, - "Policy": { - "markdownDescription": "The access point policy associated with this access point.", - "title": "Policy", - "type": "object" + "OwnerInformation": { + "markdownDescription": "A user-provided value that will be included in any Amazon CloudWatch Events events that are raised while running tasks for these targets in this maintenance window.", + "title": "OwnerInformation", + "type": "string" }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessPoint.PublicAccessBlockConfiguration", - "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", - "title": "PublicAccessBlockConfiguration" + "ResourceType": { + "markdownDescription": "The type of target that is being registered with the maintenance window.", + "title": "ResourceType", + "type": "string" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessPoint.VpcConfiguration", - "markdownDescription": "The Virtual Private Cloud (VPC) configuration for this access point, if one exists.", - "title": "VpcConfiguration" + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTarget.Targets" + }, + "markdownDescription": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs.\n\nYou must specify targets by using the `WindowTargetIds` parameter.", + "title": "Targets", + "type": "array" + }, + "WindowId": { + "markdownDescription": "The ID of the maintenance window to register the target with.", + "title": "WindowId", + "type": "string" } }, "required": [ - "Bucket" + "ResourceType", + "Targets", + "WindowId" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::AccessPoint" + "AWS::SSM::MaintenanceWindowTarget" ], "type": "string" }, @@ -235132,56 +287223,35 @@ ], "type": "object" }, - "AWS::S3::AccessPoint.PublicAccessBlockConfiguration": { - "additionalProperties": false, - "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", - "title": "BlockPublicAcls", - "type": "boolean" - }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", - "title": "BlockPublicPolicy", - "type": "boolean" - }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "title": "IgnorePublicAcls", - "type": "boolean" - }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3::AccessPoint.VpcConfiguration": { + "AWS::SSM::MaintenanceWindowTarget.Targets": { "additionalProperties": false, "properties": { - "VpcId": { - "markdownDescription": "If this field is specified, the access point will only allow connections from the specified VPC ID.", - "title": "VpcId", + "Key": { + "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", + "title": "Key", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", + "title": "Values", + "type": "array" } }, + "required": [ + "Key", + "Values" + ], "type": "object" }, - "AWS::S3::Bucket": { + "AWS::SSM::MaintenanceWindowTask": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -235211,1482 +287281,1248 @@ "Properties": { "additionalProperties": false, "properties": { - "AccelerateConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.AccelerateConfiguration", - "markdownDescription": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide* .", - "title": "AccelerateConfiguration" - }, - "AccessControl": { - "markdownDescription": "> This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide* . \n\nA canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* .\n\nS3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n\nThe majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html) . For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide* .", - "title": "AccessControl", + "CutoffBehavior": { + "markdownDescription": "The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached.", + "title": "CutoffBehavior", "type": "string" }, - "AnalyticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.AnalyticsConfiguration" - }, - "markdownDescription": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", - "title": "AnalyticsConfigurations", - "type": "array" + "Description": { + "markdownDescription": "A description of the task.", + "title": "Description", + "type": "string" }, - "BucketEncryption": { - "$ref": "#/definitions/AWS::S3::Bucket.BucketEncryption", - "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide* .", - "title": "BucketEncryption" + "LoggingInfo": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.LoggingInfo", + "markdownDescription": "> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) . \n\nInformation about an Amazon S3 bucket to write Run Command task-level logs to.", + "title": "LoggingInfo" }, - "BucketName": { - "markdownDescription": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", + "MaxConcurrency": { + "markdownDescription": "The maximum number of targets this task can be run for, in parallel.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", + "title": "MaxConcurrency", "type": "string" }, - "CorsConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", - "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", - "title": "CorsConfiguration" - }, - "IntelligentTieringConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.IntelligentTieringConfiguration" - }, - "markdownDescription": "Defines how Amazon S3 handles Intelligent-Tiering storage.", - "title": "IntelligentTieringConfigurations", - "type": "array" + "MaxErrors": { + "markdownDescription": "The maximum number of errors allowed before this task stops being scheduled.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", + "title": "MaxErrors", + "type": "string" }, - "InventoryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.InventoryConfiguration" - }, - "markdownDescription": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", - "title": "InventoryConfigurations", - "type": "array" + "Name": { + "markdownDescription": "The task name.", + "title": "Name", + "type": "string" }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.LifecycleConfiguration", - "markdownDescription": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", - "title": "LifecycleConfiguration" + "Priority": { + "markdownDescription": "The priority of the task in the maintenance window. The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.", + "title": "Priority", + "type": "number" }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.LoggingConfiguration", - "markdownDescription": "Settings that define where logs are stored.", - "title": "LoggingConfiguration" + "ServiceRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", + "title": "ServiceRoleArn", + "type": "string" }, - "MetricsConfigurations": { + "Targets": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.MetricsConfiguration" + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.Target" }, - "markdownDescription": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", - "title": "MetricsConfigurations", + "markdownDescription": "The targets, either instances or window target IDs.\n\n- Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` .\n- Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` .", + "title": "Targets", "type": "array" }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationConfiguration", - "markdownDescription": "Configuration that defines how Amazon S3 handles bucket notifications.", - "title": "NotificationConfiguration" - }, - "ObjectLockConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockConfiguration", - "markdownDescription": "> This operation is not supported for directory buckets. \n\nPlaces an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) .\n\n> - The `DefaultRetention` settings require both a mode and a period.\n> - The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time.\n> - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) .", - "title": "ObjectLockConfiguration" - }, - "ObjectLockEnabled": { - "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", - "title": "ObjectLockEnabled", - "type": "boolean" - }, - "OwnershipControls": { - "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControls", - "markdownDescription": "Configuration that defines how Amazon S3 handles Object Ownership rules.", - "title": "OwnershipControls" - }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.PublicAccessBlockConfiguration", - "markdownDescription": "Configuration that defines how Amazon S3 handles public access.", - "title": "PublicAccessBlockConfiguration" + "TaskArn": { + "markdownDescription": "The resource that the task uses during execution.\n\nFor `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN).\n\nFor `LAMBDA` tasks, `TaskArn` is the function name or ARN.\n\nFor `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN.", + "title": "TaskArn", + "type": "string" }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationConfiguration", - "markdownDescription": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the `VersioningConfiguration` property.\n\nAmazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.", - "title": "ReplicationConfiguration" + "TaskInvocationParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters", + "markdownDescription": "The parameters to pass to the task when it runs. Populate only the fields that match the task type. All other fields should be empty.\n\n> When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed.", + "title": "TaskInvocationParameters" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for this S3 bucket.", - "title": "Tags", - "type": "array" + "TaskParameters": { + "markdownDescription": "> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) . \n\nThe parameters to pass to the task when it runs.", + "title": "TaskParameters", + "type": "object" }, - "VersioningConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.VersioningConfiguration", - "markdownDescription": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n\n> When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations ( `PUT` or `DELETE` ) on objects in the bucket.", - "title": "VersioningConfiguration" + "TaskType": { + "markdownDescription": "The type of task. Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` .", + "title": "TaskType", + "type": "string" }, - "WebsiteConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.WebsiteConfiguration", - "markdownDescription": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) .", - "title": "WebsiteConfiguration" + "WindowId": { + "markdownDescription": "The ID of the maintenance window where the task is registered.", + "title": "WindowId", + "type": "string" } }, + "required": [ + "Priority", + "TaskArn", + "TaskType", + "WindowId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::Bucket" + "AWS::SSM::MaintenanceWindowTask" ], "type": "string" }, "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::S3::Bucket.AbortIncompleteMultipartUpload": { - "additionalProperties": false, - "properties": { - "DaysAfterInitiation": { - "markdownDescription": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.", - "title": "DaysAfterInitiation", - "type": "number" - } - }, - "required": [ - "DaysAfterInitiation" - ], - "type": "object" - }, - "AWS::S3::Bucket.AccelerateConfiguration": { - "additionalProperties": false, - "properties": { - "AccelerationStatus": { - "markdownDescription": "Specifies the transfer acceleration status of the bucket.", - "title": "AccelerationStatus", - "type": "string" - } - }, - "required": [ - "AccelerationStatus" - ], - "type": "object" - }, - "AWS::S3::Bucket.AccessControlTranslation": { - "additionalProperties": false, - "properties": { - "Owner": { - "markdownDescription": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference* .", - "title": "Owner", - "type": "string" - } - }, - "required": [ - "Owner" - ], - "type": "object" - }, - "AWS::S3::Bucket.AnalyticsConfiguration": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID that identifies the analytics configuration.", - "title": "Id", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The prefix that an object must have to be included in the analytics results.", - "title": "Prefix", - "type": "string" - }, - "StorageClassAnalysis": { - "$ref": "#/definitions/AWS::S3::Bucket.StorageClassAnalysis", - "markdownDescription": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.", - "title": "StorageClassAnalysis" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "The tags to use when evaluating an analytics filter.\n\nThe analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.", - "title": "TagFilters", - "type": "array" - } - }, - "required": [ - "Id", - "StorageClassAnalysis" - ], - "type": "object" - }, - "AWS::S3::Bucket.BucketEncryption": { - "additionalProperties": false, - "properties": { - "ServerSideEncryptionConfiguration": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionRule" - }, - "markdownDescription": "Specifies the default server-side-encryption configuration.", - "title": "ServerSideEncryptionConfiguration", - "type": "array" - } - }, - "required": [ - "ServerSideEncryptionConfiguration" - ], - "type": "object" - }, - "AWS::S3::Bucket.CorsConfiguration": { - "additionalProperties": false, - "properties": { - "CorsRules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.CorsRule" - }, - "markdownDescription": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.", - "title": "CorsRules", - "type": "array" - } - }, - "required": [ - "CorsRules" - ], - "type": "object" - }, - "AWS::S3::Bucket.CorsRule": { - "additionalProperties": false, - "properties": { - "AllowedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Headers that are specified in the `Access-Control-Request-Headers` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.", - "title": "AllowedHeaders", - "type": "array" - }, - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "An HTTP method that you allow the origin to run.\n\n*Allowed values* : `GET` | `PUT` | `HEAD` | `POST` | `DELETE`", - "title": "AllowedMethods", - "type": "array" - }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more origins you want customers to be able to access the bucket from.", - "title": "AllowedOrigins", - "type": "array" - }, - "ExposedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).", - "title": "ExposedHeaders", - "type": "array" - }, - "Id": { - "markdownDescription": "A unique identifier for this rule. The value must be no more than 255 characters.", - "title": "Id", - "type": "string" - }, - "MaxAge": { - "markdownDescription": "The time in seconds that your browser is to cache the preflight response for the specified resource.", - "title": "MaxAge", - "type": "number" - } - }, - "required": [ - "AllowedMethods", - "AllowedOrigins" - ], - "type": "object" - }, - "AWS::S3::Bucket.DataExport": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.Destination", - "markdownDescription": "The place to store the data for an analysis.", - "title": "Destination" - }, - "OutputSchemaVersion": { - "markdownDescription": "The version of the output schema to use when exporting data. Must be `V_1` .", - "title": "OutputSchemaVersion", - "type": "string" - } - }, - "required": [ - "Destination", - "OutputSchemaVersion" - ], - "type": "object" - }, - "AWS::S3::Bucket.DefaultRetention": { - "additionalProperties": false, - "properties": { - "Days": { - "markdownDescription": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Days", - "type": "number" - }, - "Mode": { - "markdownDescription": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Mode", - "type": "string" - }, - "Years": { - "markdownDescription": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Years", - "type": "number" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.DeleteMarkerReplication": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Indicates whether to replicate delete markers. Disabled by default.", - "title": "Status", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.Destination": { - "additionalProperties": false, - "properties": { - "BucketAccountId": { - "markdownDescription": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n\n> Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.", - "title": "BucketAccountId", - "type": "string" - }, - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bucket to which data is exported.", - "title": "BucketArn", - "type": "string" - }, - "Format": { - "markdownDescription": "Specifies the file format used when exporting data to Amazon S3.\n\n*Allowed values* : `CSV` | `ORC` | `Parquet`", - "title": "Format", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The prefix to use when exporting data. The prefix is prepended to all results.", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "BucketArn", - "Format" - ], - "type": "object" - }, - "AWS::S3::Bucket.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "ReplicaKmsKeyID": { - "markdownDescription": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", - "title": "ReplicaKmsKeyID", - "type": "string" - } - }, - "required": [ - "ReplicaKmsKeyID" - ], - "type": "object" - }, - "AWS::S3::Bucket.EventBridgeConfiguration": { - "additionalProperties": false, - "properties": { - "EventBridgeEnabled": { - "markdownDescription": "Enables delivery of events to Amazon EventBridge.", - "title": "EventBridgeEnabled", - "type": "boolean" - } - }, - "required": [ - "EventBridgeEnabled" - ], - "type": "object" - }, - "AWS::S3::Bucket.FilterRule": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value that the filter searches for in object key names.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::S3::Bucket.IntelligentTieringConfiguration": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID used to identify the S3 Intelligent-Tiering configuration.", - "title": "Id", - "type": "string" - }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", - "title": "Prefix", - "type": "string" - }, - "Status": { - "markdownDescription": "Specifies the status of the configuration.", - "title": "Status", - "type": "string" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "A container for a key-value pair.", - "title": "TagFilters", - "type": "array" - }, - "Tierings": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Tiering" - }, - "markdownDescription": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` .\n\n> You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.", - "title": "Tierings", - "type": "array" - } - }, - "required": [ - "Id", - "Status", - "Tierings" - ], - "type": "object" - }, - "AWS::S3::Bucket.InventoryConfiguration": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.Destination", - "markdownDescription": "Contains information about where to publish the inventory results.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Specifies whether the inventory is enabled or disabled. If set to `True` , an inventory list is generated. If set to `False` , no inventory list is generated.", - "title": "Enabled", - "type": "boolean" - }, - "Id": { - "markdownDescription": "The ID used to identify the inventory configuration.", - "title": "Id", - "type": "string" - }, - "IncludedObjectVersions": { - "markdownDescription": "Object versions to include in the inventory list. If set to `All` , the list includes all the object versions, which adds the version-related fields `VersionId` , `IsLatest` , and `DeleteMarker` to the list. If set to `Current` , the list does not contain these version-related fields.", - "title": "IncludedObjectVersions", - "type": "string" - }, - "OptionalFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains the optional fields that are included in the inventory results.", - "title": "OptionalFields", - "type": "array" - }, - "Prefix": { - "markdownDescription": "Specifies the inventory filter prefix.", - "title": "Prefix", - "type": "string" - }, - "ScheduleFrequency": { - "markdownDescription": "Specifies the schedule for generating inventory results.", - "title": "ScheduleFrequency", - "type": "string" - } - }, - "required": [ - "Destination", - "Enabled", - "Id", - "IncludedObjectVersions", - "ScheduleFrequency" - ], - "type": "object" - }, - "AWS::S3::Bucket.LambdaConfiguration": { - "additionalProperties": false, - "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", - "type": "string" - }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", - "title": "Filter" - }, - "Function": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.", - "title": "Function", + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Event", - "Function" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.LifecycleConfiguration": { + "AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig": { "additionalProperties": false, "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Rule" - }, - "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 bucket.", - "title": "Rules", - "type": "array" + "CloudWatchLogGroupName": { + "markdownDescription": "The name of the CloudWatch Logs log group where you want to send command output. If you don't specify a group name, AWS Systems Manager automatically creates a log group for you. The log group uses the following naming format:\n\n`aws/ssm/ *SystemsManagerDocumentName*`", + "title": "CloudWatchLogGroupName", + "type": "string" + }, + "CloudWatchOutputEnabled": { + "markdownDescription": "Enables Systems Manager to send command output to CloudWatch Logs.", + "title": "CloudWatchOutputEnabled", + "type": "boolean" } }, - "required": [ - "Rules" - ], "type": "object" }, - "AWS::S3::Bucket.LoggingConfiguration": { + "AWS::SSM::MaintenanceWindowTask.LoggingInfo": { "additionalProperties": false, "properties": { - "DestinationBucketName": { - "markdownDescription": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the `LoggingConfiguration` property is defined.", - "title": "DestinationBucketName", + "Region": { + "markdownDescription": "The AWS Region where the S3 bucket is located.", + "title": "Region", "type": "string" }, - "LogFilePrefix": { - "markdownDescription": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", - "title": "LogFilePrefix", + "S3Bucket": { + "markdownDescription": "The name of an S3 bucket where execution logs are stored.", + "title": "S3Bucket", "type": "string" }, - "TargetObjectKeyFormat": { - "$ref": "#/definitions/AWS::S3::Bucket.TargetObjectKeyFormat", - "markdownDescription": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.", - "title": "TargetObjectKeyFormat" + "S3Prefix": { + "markdownDescription": "The Amazon S3 bucket subfolder.", + "title": "S3Prefix", + "type": "string" } }, + "required": [ + "Region", + "S3Bucket" + ], "type": "object" }, - "AWS::S3::Bucket.Metrics": { + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters": { "additionalProperties": false, "properties": { - "EventThreshold": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", - "markdownDescription": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", - "title": "EventThreshold" - }, - "Status": { - "markdownDescription": "Specifies whether the replication metrics are enabled.", - "title": "Status", + "DocumentVersion": { + "markdownDescription": "The version of an Automation runbook to use during task execution.", + "title": "DocumentVersion", "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters for the `AUTOMATION` type task.", + "title": "Parameters", + "type": "object" } }, - "required": [ - "Status" - ], "type": "object" }, - "AWS::S3::Bucket.MetricsConfiguration": { + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters": { "additionalProperties": false, "properties": { - "AccessPointArn": { - "markdownDescription": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.", - "title": "AccessPointArn", + "ClientContext": { + "markdownDescription": "Client-specific information to pass to the AWS Lambda function that you're invoking. You can then use the `context` variable to process the client information in your AWS Lambda function.", + "title": "ClientContext", "type": "string" }, - "Id": { - "markdownDescription": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.", - "title": "Id", + "Payload": { + "markdownDescription": "JSON to provide to your AWS Lambda function as input.\n\n> Although `Type` is listed as \"String\" for this property, the payload content must be formatted as a Base64-encoded binary data object. \n\n*Length Constraint:* 4096", + "title": "Payload", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix that an object must have to be included in the metrics results.", - "title": "Prefix", + "Qualifier": { + "markdownDescription": "An AWS Lambda function version or alias name. If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to.", + "title": "Qualifier", "type": "string" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.", - "title": "TagFilters", - "type": "array" } }, - "required": [ - "Id" - ], "type": "object" }, - "AWS::S3::Bucket.NoncurrentVersionExpiration": { + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters": { "additionalProperties": false, "properties": { - "NewerNoncurrentVersions": { - "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", - "title": "NewerNoncurrentVersions", - "type": "number" + "CloudWatchOutputConfig": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig", + "markdownDescription": "Configuration options for sending command output to Amazon CloudWatch Logs.", + "title": "CloudWatchOutputConfig" }, - "NoncurrentDays": { - "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", - "title": "NoncurrentDays", + "Comment": { + "markdownDescription": "Information about the command or commands to run.", + "title": "Comment", + "type": "string" + }, + "DocumentHash": { + "markdownDescription": "The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.", + "title": "DocumentHash", + "type": "string" + }, + "DocumentHashType": { + "markdownDescription": "The SHA-256 or SHA-1 hash type. SHA-1 hashes are deprecated.", + "title": "DocumentHashType", + "type": "string" + }, + "DocumentVersion": { + "markdownDescription": "The AWS Systems Manager document (SSM document) version to use in the request. You can specify `$DEFAULT` , `$LATEST` , or a specific version number. If you run commands by using the AWS CLI, then you must escape the first two options by using a backslash. If you specify a version number, then you don't need to use the backslash. For example:\n\n`--document-version \"\\$DEFAULT\"`\n\n`--document-version \"\\$LATEST\"`\n\n`--document-version \"3\"`", + "title": "DocumentVersion", + "type": "string" + }, + "NotificationConfig": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.NotificationConfig", + "markdownDescription": "Configurations for sending notifications about command status changes on a per-managed node basis.", + "title": "NotificationConfig" + }, + "OutputS3BucketName": { + "markdownDescription": "The name of the Amazon Simple Storage Service (Amazon S3) bucket.", + "title": "OutputS3BucketName", + "type": "string" + }, + "OutputS3KeyPrefix": { + "markdownDescription": "The S3 bucket subfolder.", + "title": "OutputS3KeyPrefix", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters for the `RUN_COMMAND` task execution.\n\nThe supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .", + "title": "Parameters", + "type": "object" + }, + "ServiceRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", + "title": "ServiceRoleArn", + "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "If this time is reached and the command hasn't already started running, it doesn't run.", + "title": "TimeoutSeconds", "type": "number" } }, - "required": [ - "NoncurrentDays" - ], "type": "object" }, - "AWS::S3::Bucket.NoncurrentVersionTransition": { + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters": { "additionalProperties": false, "properties": { - "NewerNoncurrentVersions": { - "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", - "title": "NewerNoncurrentVersions", - "type": "number" - }, - "StorageClass": { - "markdownDescription": "The class of storage used to store the object.", - "title": "StorageClass", + "Input": { + "markdownDescription": "The inputs for the `STEP_FUNCTIONS` task.", + "title": "Input", "type": "string" }, - "TransitionInDays": { - "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", - "title": "TransitionInDays", - "type": "number" + "Name": { + "markdownDescription": "The name of the `STEP_FUNCTIONS` task.", + "title": "Name", + "type": "string" } }, - "required": [ - "StorageClass", - "TransitionInDays" - ], "type": "object" }, - "AWS::S3::Bucket.NotificationConfiguration": { + "AWS::SSM::MaintenanceWindowTask.NotificationConfig": { "additionalProperties": false, "properties": { - "EventBridgeConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.EventBridgeConfiguration", - "markdownDescription": "Enables delivery of events to Amazon EventBridge.", - "title": "EventBridgeConfiguration" - }, - "LambdaConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.LambdaConfiguration" - }, - "markdownDescription": "Describes the AWS Lambda functions to invoke and the events for which to invoke them.", - "title": "LambdaConfigurations", - "type": "array" + "NotificationArn": { + "markdownDescription": "An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic. Run Command pushes notifications about command status changes to this topic.", + "title": "NotificationArn", + "type": "string" }, - "QueueConfigurations": { + "NotificationEvents": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.QueueConfiguration" + "type": "string" }, - "markdownDescription": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.", - "title": "QueueConfigurations", + "markdownDescription": "The different events that you can receive notifications for. These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* .", + "title": "NotificationEvents", "type": "array" }, - "TopicConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TopicConfiguration" - }, - "markdownDescription": "The topic to which notifications are sent and the events for which notifications are generated.", - "title": "TopicConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.NotificationFilter": { - "additionalProperties": false, - "properties": { - "S3Key": { - "$ref": "#/definitions/AWS::S3::Bucket.S3KeyFilter", - "markdownDescription": "A container for object key name prefix and suffix filtering rules.", - "title": "S3Key" + "NotificationType": { + "markdownDescription": "The notification type.\n\n- `Command` : Receive notification when the status of a command changes.\n- `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.", + "title": "NotificationType", + "type": "string" } }, "required": [ - "S3Key" + "NotificationArn" ], "type": "object" }, - "AWS::S3::Bucket.ObjectLockConfiguration": { + "AWS::SSM::MaintenanceWindowTask.Target": { "additionalProperties": false, "properties": { - "ObjectLockEnabled": { - "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", - "title": "ObjectLockEnabled", + "Key": { + "markdownDescription": "User-defined criteria for sending commands that target instances that meet the criteria. `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", + "title": "Key", "type": "string" }, - "Rule": { - "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockRule", - "markdownDescription": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply `ObjectLockConfiguration` to a bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", - "title": "Rule" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.ObjectLockRule": { - "additionalProperties": false, - "properties": { - "DefaultRetention": { - "$ref": "#/definitions/AWS::S3::Bucket.DefaultRetention", - "markdownDescription": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", - "title": "DefaultRetention" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.OwnershipControls": { - "additionalProperties": false, - "properties": { - "Rules": { + "Values": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControlsRule" + "type": "string" }, - "markdownDescription": "Specifies the container element for Object Ownership rules.", - "title": "Rules", + "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", + "title": "Values", "type": "array" } }, "required": [ - "Rules" + "Key", + "Values" ], "type": "object" }, - "AWS::S3::Bucket.OwnershipControlsRule": { - "additionalProperties": false, - "properties": { - "ObjectOwnership": { - "markdownDescription": "Specifies an object ownership rule.", - "title": "ObjectOwnership", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.PartitionedPrefix": { - "additionalProperties": false, - "properties": { - "PartitionDateSource": { - "markdownDescription": "Specifies the partition date source for the partitioned prefix. `PartitionDateSource` can be `EventTime` or `DeliveryTime` .\n\nFor `DeliveryTime` , the time in the log file names corresponds to the delivery time for the log files.\n\nFor `EventTime` , The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.", - "title": "PartitionDateSource", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.PublicAccessBlockConfiguration": { + "AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters": { "additionalProperties": false, "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", - "title": "BlockPublicAcls", - "type": "boolean" + "MaintenanceWindowAutomationParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters", + "markdownDescription": "The parameters for an `AUTOMATION` task type.", + "title": "MaintenanceWindowAutomationParameters" }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", - "title": "BlockPublicPolicy", - "type": "boolean" + "MaintenanceWindowLambdaParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters", + "markdownDescription": "The parameters for a `LAMBDA` task type.", + "title": "MaintenanceWindowLambdaParameters" }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "title": "IgnorePublicAcls", - "type": "boolean" + "MaintenanceWindowRunCommandParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters", + "markdownDescription": "The parameters for a `RUN_COMMAND` task type.", + "title": "MaintenanceWindowRunCommandParameters" }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", - "type": "boolean" + "MaintenanceWindowStepFunctionsParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters", + "markdownDescription": "The parameters for a `STEP_FUNCTIONS` task type.", + "title": "MaintenanceWindowStepFunctionsParameters" } }, "type": "object" }, - "AWS::S3::Bucket.QueueConfiguration": { + "AWS::SSM::Parameter": { "additionalProperties": false, "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", + "Condition": { "type": "string" }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", - "title": "Filter" - }, - "Queue": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.", - "title": "Queue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "Event", - "Queue" - ], - "type": "object" - }, - "AWS::S3::Bucket.RedirectAllRequestsTo": { - "additionalProperties": false, - "properties": { - "HostName": { - "markdownDescription": "Name of the host where requests are redirected.", - "title": "HostName", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowedPattern": { + "markdownDescription": "A regular expression used to validate the parameter value. For example, for `String` types with values restricted to numbers, you can specify the following: `AllowedPattern=^\\d+$`", + "title": "AllowedPattern", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type of the parameter, such as `text` or `aws:ec2:image` . The default is `text` .", + "title": "DataType", + "type": "string" + }, + "Description": { + "markdownDescription": "Information about the parameter.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the parameter.\n\n> The reported maximum length of 2048 characters for a parameter name includes 1037 characters that are reserved for internal use by Systems Manager . The maximum length for a parameter name that you specify is 1011 characters.\n> \n> This count of 1011 characters includes the characters in the ARN that precede the name you specify. This ARN length will vary depending on your partition and Region. For example, the following 45 characters count toward the 1011 character maximum for a parameter created in the US East (Ohio) Region: `arn:aws:ssm:us-east-2:111122223333:parameter/` .", + "title": "Name", + "type": "string" + }, + "Policies": { + "markdownDescription": "Information about the policies assigned to a parameter.\n\n[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* .", + "title": "Policies", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Tier": { + "markdownDescription": "The parameter tier.", + "title": "Tier", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of parameter.\n\n> Parameters of type `SecureString` are not supported by AWS CloudFormation .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The parameter value.\n\n> If type is `StringList` , the system returns a comma-separated string with no spaces between commas in the `Value` field.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::Parameter" + ], "type": "string" }, - "Protocol": { - "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", - "title": "Protocol", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HostName" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.RedirectRule": { + "AWS::SSM::PatchBaseline": { "additionalProperties": false, "properties": { - "HostName": { - "markdownDescription": "The host name to use in the redirect request.", - "title": "HostName", + "Condition": { "type": "string" }, - "HttpRedirectCode": { - "markdownDescription": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.", - "title": "HttpRedirectCode", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Protocol": { - "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", - "title": "Protocol", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ReplaceKeyPrefixWith": { - "markdownDescription": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix `docs/` (objects in the `docs/` folder) to `documents/` , you can set a condition block with `KeyPrefixEquals` set to `docs/` and in the Redirect set `ReplaceKeyPrefixWith` to `/documents` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "ReplaceKeyPrefixWith", - "type": "string" + "Metadata": { + "type": "object" }, - "ReplaceKeyWith": { - "markdownDescription": "The specific object key to use in the redirect request. For example, redirect request to `error.html` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyPrefixWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "ReplaceKeyWith", + "Properties": { + "additionalProperties": false, + "properties": { + "ApprovalRules": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.RuleGroup", + "markdownDescription": "A set of rules used to include patches in the baseline.", + "title": "ApprovalRules" + }, + "ApprovedPatches": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of explicitly approved patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", + "title": "ApprovedPatches", + "type": "array" + }, + "ApprovedPatchesComplianceLevel": { + "markdownDescription": "Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` .", + "title": "ApprovedPatchesComplianceLevel", + "type": "string" + }, + "ApprovedPatchesEnableNonSecurity": { + "markdownDescription": "Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. The default value is `false` . Applies to Linux managed nodes only.", + "title": "ApprovedPatchesEnableNonSecurity", + "type": "boolean" + }, + "AvailableSecurityUpdatesComplianceStatus": { + "markdownDescription": "", + "title": "AvailableSecurityUpdatesComplianceStatus", + "type": "string" + }, + "DefaultBaseline": { + "markdownDescription": "Indicates whether this is the default baseline. AWS Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.", + "title": "DefaultBaseline", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description of the patch baseline.", + "title": "Description", + "type": "string" + }, + "GlobalFilters": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", + "markdownDescription": "A set of global filters used to include patches in the baseline.\n\n> The `GlobalFilters` parameter can be configured only by using the AWS CLI or an AWS SDK. It can't be configured from the Patch Manager console, and its value isn't displayed in the console.", + "title": "GlobalFilters" + }, + "Name": { + "markdownDescription": "The name of the patch baseline.", + "title": "Name", + "type": "string" + }, + "OperatingSystem": { + "markdownDescription": "Defines the operating system the patch baseline applies to. The default value is `WINDOWS` .", + "title": "OperatingSystem", + "type": "string" + }, + "PatchGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the patch group to be registered with the patch baseline.", + "title": "PatchGroups", + "type": "array" + }, + "RejectedPatches": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of explicitly rejected patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", + "title": "RejectedPatches", + "type": "array" + }, + "RejectedPatchesAction": { + "markdownDescription": "The action for Patch Manager to take on patches included in the `RejectedPackages` list.\n\n- **ALLOW_AS_DEPENDENCY** - *Linux and macOS* : A package in the rejected patches list is installed only if it is a dependency of another package. It is considered compliant with the patch baseline, and its status is reported as `INSTALLED_OTHER` . This is the default action if no option is specified.\n\n*Windows Server* : Windows Server doesn't support the concept of package dependencies. If a package in the rejected patches list and already installed on the node, its status is reported as `INSTALLED_OTHER` . Any package not already installed on the node is skipped. This is the default action if no option is specified.\n- **BLOCK** - *All OSs* : Packages in the rejected patches list, and packages that include them as dependencies, aren't installed by Patch Manager under any circumstances. If a package was installed before it was added to the rejected patches list, or is installed outside of Patch Manager afterward, it's considered noncompliant with the patch baseline and its status is reported as `INSTALLED_REJECTED` .", + "title": "RejectedPatchesAction", + "type": "string" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchSource" + }, + "markdownDescription": "Information about the patches to use to update the managed nodes, including target operating systems and source repositories. Applies to Linux managed nodes only.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a patch baseline to identify the severity level of patches it specifies and the operating system family it applies to.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::PatchBaseline" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.ReplicaModifications": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Specifies whether Amazon S3 replicates modifications on replicas.\n\n*Allowed values* : `Enabled` | `Disabled`", - "title": "Status", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Status" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.ReplicationConfiguration": { + "AWS::SSM::PatchBaseline.PatchFilter": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide* .", - "title": "Role", + "Key": { + "markdownDescription": "The key for the filter.\n\nFor information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", + "title": "Key", "type": "string" }, - "Rules": { + "Values": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRule" + "type": "string" }, - "markdownDescription": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.", - "title": "Rules", + "markdownDescription": "The value for the filter key.\n\nFor information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", + "title": "Values", "type": "array" } }, - "required": [ - "Role", - "Rules" - ], "type": "object" }, - "AWS::S3::Bucket.ReplicationDestination": { + "AWS::SSM::PatchBaseline.PatchFilterGroup": { "additionalProperties": false, "properties": { - "AccessControlTranslation": { - "$ref": "#/definitions/AWS::S3::Bucket.AccessControlTranslation", - "markdownDescription": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.", - "title": "AccessControlTranslation" - }, - "Account": { - "markdownDescription": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS account that owns the destination bucket by specifying the `AccessControlTranslation` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide* .\n\nIf you specify the `AccessControlTranslation` property, the `Account` property is required.", - "title": "Account", - "type": "string" - }, - "Bucket": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.", - "title": "Bucket", - "type": "string" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.EncryptionConfiguration", - "markdownDescription": "Specifies encryption-related information.", - "title": "EncryptionConfiguration" - }, - "Metrics": { - "$ref": "#/definitions/AWS::S3::Bucket.Metrics", - "markdownDescription": "A container specifying replication metrics-related settings enabling replication metrics and events.", - "title": "Metrics" - }, - "ReplicationTime": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTime", - "markdownDescription": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a `Metrics` block.", - "title": "ReplicationTime" - }, - "StorageClass": { - "markdownDescription": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* .\n\n`FSX_OPENZFS` is not an accepted value when replicating objects.", - "title": "StorageClass", - "type": "string" + "PatchFilters": { + "items": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilter" + }, + "markdownDescription": "The set of patch filters that make up the group.", + "title": "PatchFilters", + "type": "array" } }, - "required": [ - "Bucket" - ], "type": "object" }, - "AWS::S3::Bucket.ReplicationRule": { + "AWS::SSM::PatchBaseline.PatchSource": { "additionalProperties": false, "properties": { - "DeleteMarkerReplication": { - "$ref": "#/definitions/AWS::S3::Bucket.DeleteMarkerReplication", - "markdownDescription": "Specifies whether Amazon S3 replicates delete markers. If you specify a `Filter` in your replication configuration, you must also include a `DeleteMarkerReplication` element. If your `Filter` includes a `Tag` element, the `DeleteMarkerReplication` `Status` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config) .\n\nFor more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html) .\n\n> If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations) .", - "title": "DeleteMarkerReplication" - }, - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationDestination", - "markdownDescription": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).", - "title": "Destination" - }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleFilter", - "markdownDescription": "A filter that identifies the subset of objects to which the replication rule applies. A `Filter` must specify exactly one `Prefix` , `TagFilter` , or an `And` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n\n> V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.", - "title": "Filter" - }, - "Id": { - "markdownDescription": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".", - "title": "Id", - "type": "string" - }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", + "Configuration": { + "markdownDescription": "The value of the repo configuration.\n\n*Example for yum repositories*\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\nFor information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) on the *man7.org* website.\n\n*Examples for Ubuntu Server and Debian Server*\n\n`deb http://security.ubuntu.com/ubuntu jammy main`\n\n`deb https://site.example.com/debian distribution component1 component2 component3`\n\nRepo information for Ubuntu Server repositories must be specifed in a single line. For more examples and information, see [jammy (5) sources.list.5.gz](https://docs.aws.amazon.com/https://manpages.ubuntu.com/manpages/jammy/man5/sources.list.5.html) on the *Ubuntu Server Manuals* website and [sources.list format](https://docs.aws.amazon.com/https://wiki.debian.org/SourcesList#sources.list_format) on the *Debian Wiki* .", + "title": "Configuration", "type": "string" }, - "Priority": { - "markdownDescription": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.\n\nFor more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide* .", - "title": "Priority", - "type": "number" - }, - "SourceSelectionCriteria": { - "$ref": "#/definitions/AWS::S3::Bucket.SourceSelectionCriteria", - "markdownDescription": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.", - "title": "SourceSelectionCriteria" - }, - "Status": { - "markdownDescription": "Specifies whether the rule is enabled.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Destination", - "Status" - ], - "type": "object" - }, - "AWS::S3::Bucket.ReplicationRuleAndOperator": { - "additionalProperties": false, - "properties": { - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", - "title": "Prefix", + "Name": { + "markdownDescription": "The name specified to identify the patch source.", + "title": "Name", "type": "string" }, - "TagFilters": { + "Products": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + "type": "string" }, - "markdownDescription": "An array of tags containing key and value pairs.", - "title": "TagFilters", + "markdownDescription": "The specific operating system versions a patch repository applies to, such as \"Ubuntu16.04\", \"RedhatEnterpriseLinux7.2\" or \"Suse12.7\". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", + "title": "Products", "type": "array" } }, "type": "object" }, - "AWS::S3::Bucket.ReplicationRuleFilter": { + "AWS::SSM::PatchBaseline.Rule": { "additionalProperties": false, "properties": { - "And": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleAndOperator", - "markdownDescription": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:\n\n- If you specify both a `Prefix` and a `TagFilter` , wrap these filters in an `And` tag.\n- If you specify a filter based on multiple tags, wrap the `TagFilter` elements in an `And` tag.", - "title": "And" + "ApproveAfterDays": { + "markdownDescription": "The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of `7` means that patches are approved seven days after they are released.\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveAfterDays` or `ApproveUntilDate` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", + "title": "ApproveAfterDays", + "type": "number" }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", + "ApproveUntilDate": { + "markdownDescription": "The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically.\n\nEnter dates in the format `YYYY-MM-DD` . For example, `2024-12-31` .\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveUntilDate` or `ApproveAfterDays` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", + "title": "ApproveUntilDate", "type": "string" }, - "TagFilter": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter", - "markdownDescription": "A container for specifying a tag key and value.\n\nThe rule applies only to objects that have the tag in their tag set.", - "title": "TagFilter" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.ReplicationTime": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Specifies whether the replication time is enabled.", - "title": "Status", + "ComplianceLevel": { + "markdownDescription": "A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` .", + "title": "ComplianceLevel", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", - "markdownDescription": "A container specifying the time by which replication should be complete for all objects and operations on objects.", - "title": "Time" - } - }, - "required": [ - "Status", - "Time" - ], - "type": "object" - }, - "AWS::S3::Bucket.ReplicationTimeValue": { - "additionalProperties": false, - "properties": { - "Minutes": { - "markdownDescription": "Contains an integer specifying time in minutes.\n\nValid value: 15", - "title": "Minutes", - "type": "number" - } - }, - "required": [ - "Minutes" - ], - "type": "object" - }, - "AWS::S3::Bucket.RoutingRule": { - "additionalProperties": false, - "properties": { - "RedirectRule": { - "$ref": "#/definitions/AWS::S3::Bucket.RedirectRule", - "markdownDescription": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.", - "title": "RedirectRule" + "EnableNonSecurity": { + "markdownDescription": "For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is `false` . Applies to Linux managed nodes only.", + "title": "EnableNonSecurity", + "type": "boolean" }, - "RoutingRuleCondition": { - "$ref": "#/definitions/AWS::S3::Bucket.RoutingRuleCondition", - "markdownDescription": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the `/docs` folder, redirect to the `/documents` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.", - "title": "RoutingRuleCondition" + "PatchFilterGroup": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", + "markdownDescription": "The patch filter group that defines the criteria for the rule.", + "title": "PatchFilterGroup" } }, - "required": [ - "RedirectRule" - ], "type": "object" }, - "AWS::S3::Bucket.RoutingRuleCondition": { + "AWS::SSM::PatchBaseline.RuleGroup": { "additionalProperties": false, "properties": { - "HttpErrorCodeReturnedEquals": { - "markdownDescription": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n\nRequired when parent element `Condition` is specified and sibling `KeyPrefixEquals` is not specified. If both are specified, then both must be true for the redirect to be applied.", - "title": "HttpErrorCodeReturnedEquals", - "type": "string" - }, - "KeyPrefixEquals": { - "markdownDescription": "The object key name prefix when the redirect is applied. For example, to redirect requests for `ExamplePage.html` , the key prefix will be `ExamplePage.html` . To redirect request for all pages with the prefix `docs/` , the key prefix will be `docs/` , which identifies all objects in the docs/ folder.\n\nRequired when the parent element `Condition` is specified and sibling `HttpErrorCodeReturnedEquals` is not specified. If both conditions are specified, both must be true for the redirect to be applied.", - "title": "KeyPrefixEquals", - "type": "string" + "PatchRules": { + "items": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.Rule" + }, + "markdownDescription": "The rules that make up the rule group.", + "title": "PatchRules", + "type": "array" } }, "type": "object" }, - "AWS::S3::Bucket.Rule": { + "AWS::SSM::ResourceDataSync": { "additionalProperties": false, "properties": { - "AbortIncompleteMultipartUpload": { - "$ref": "#/definitions/AWS::S3::Bucket.AbortIncompleteMultipartUpload", - "markdownDescription": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.", - "title": "AbortIncompleteMultipartUpload" - }, - "ExpirationDate": { - "markdownDescription": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", - "title": "ExpirationDate", - "type": "string" - }, - "ExpirationInDays": { - "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", - "title": "ExpirationInDays", - "type": "number" - }, - "ExpiredObjectDeleteMarker": { - "markdownDescription": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with `ExpirationInDays` , `ExpirationDate` , or `TagFilters` .", - "title": "ExpiredObjectDeleteMarker", - "type": "boolean" - }, - "Id": { - "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", - "title": "Id", - "type": "string" - }, - "NoncurrentVersionExpiration": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionExpiration", - "markdownDescription": "Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.", - "title": "NoncurrentVersionExpiration" - }, - "NoncurrentVersionExpirationInDays": { - "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.", - "title": "NoncurrentVersionExpirationInDays", - "type": "number" - }, - "NoncurrentVersionTransition": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition", - "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransitions` property.", - "title": "NoncurrentVersionTransition" - }, - "NoncurrentVersionTransitions": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition" - }, - "markdownDescription": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransition` property.", - "title": "NoncurrentVersionTransitions", - "type": "array" - }, - "ObjectSizeGreaterThan": { - "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", - "title": "ObjectSizeGreaterThan", + "Condition": { "type": "string" }, - "ObjectSizeLessThan": { - "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", - "title": "ObjectSizeLessThan", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Prefix": { - "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Status": { - "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", - "title": "Status", - "type": "string" + "Metadata": { + "type": "object" }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + "Properties": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", + "title": "BucketName", + "type": "string" + }, + "BucketPrefix": { + "markdownDescription": "An Amazon S3 prefix for the bucket.", + "title": "BucketPrefix", + "type": "string" + }, + "BucketRegion": { + "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", + "title": "BucketRegion", + "type": "string" + }, + "KMSKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key for a destination in Amazon S3 . You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same AWS Region as the destination Amazon S3 bucket.", + "title": "KMSKeyArn", + "type": "string" + }, + "S3Destination": { + "$ref": "#/definitions/AWS::SSM::ResourceDataSync.S3Destination", + "markdownDescription": "Configuration information for the target S3 bucket.", + "title": "S3Destination" + }, + "SyncFormat": { + "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", + "title": "SyncFormat", + "type": "string" + }, + "SyncName": { + "markdownDescription": "A name for the resource data sync.", + "title": "SyncName", + "type": "string" + }, + "SyncSource": { + "$ref": "#/definitions/AWS::SSM::ResourceDataSync.SyncSource", + "markdownDescription": "Information about the source where the data was synchronized.", + "title": "SyncSource" + }, + "SyncType": { + "markdownDescription": "The type of resource data sync. If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions .", + "title": "SyncType", + "type": "string" + } }, - "markdownDescription": "Tags to use to identify a subset of objects to which the lifecycle rule applies.", - "title": "TagFilters", - "type": "array" - }, - "Transition": { - "$ref": "#/definitions/AWS::S3::Bucket.Transition", - "markdownDescription": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transitions` property.", - "title": "Transition" + "required": [ + "SyncName" + ], + "type": "object" }, - "Transitions": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Transition" - }, - "markdownDescription": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transition` property.", - "title": "Transitions", - "type": "array" + "Type": { + "enum": [ + "AWS::SSM::ResourceDataSync" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Status" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.S3KeyFilter": { + "AWS::SSM::ResourceDataSync.AwsOrganizationsSource": { "additionalProperties": false, "properties": { - "Rules": { + "OrganizationSourceType": { + "markdownDescription": "If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` . For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization.", + "title": "OrganizationSourceType", + "type": "string" + }, + "OrganizationalUnits": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.FilterRule" + "type": "string" }, - "markdownDescription": "A list of containers for the key-value pair that defines the criteria for the filter rule.", - "title": "Rules", + "markdownDescription": "The AWS Organizations organization units included in the sync.", + "title": "OrganizationalUnits", "type": "array" } }, "required": [ - "Rules" + "OrganizationSourceType" ], "type": "object" }, - "AWS::S3::Bucket.ServerSideEncryptionByDefault": { + "AWS::SSM::ResourceDataSync.S3Destination": { "additionalProperties": false, "properties": { - "KMSMasterKeyID": { - "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption.\n\n> - *General purpose buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` or `aws:kms:dsse` .\n> - *Directory buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` . \n\nYou can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key Alias: `alias/alias-name`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy) .\n\n> - *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then AWS KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.\n> - *Directory buckets* - When you specify an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KMSMasterKeyID", + "BucketName": { + "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", + "title": "BucketName", "type": "string" }, - "SSEAlgorithm": { - "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", - "title": "SSEAlgorithm", + "BucketPrefix": { + "markdownDescription": "An Amazon S3 prefix for the bucket.", + "title": "BucketPrefix", + "type": "string" + }, + "BucketRegion": { + "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", + "title": "BucketRegion", + "type": "string" + }, + "KMSKeyArn": { + "markdownDescription": "The ARN of an encryption key for a destination in Amazon S3. Must belong to the same Region as the destination S3 bucket.", + "title": "KMSKeyArn", + "type": "string" + }, + "SyncFormat": { + "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", + "title": "SyncFormat", "type": "string" } }, "required": [ - "SSEAlgorithm" + "BucketName", + "BucketRegion", + "SyncFormat" ], "type": "object" }, - "AWS::S3::Bucket.ServerSideEncryptionRule": { + "AWS::SSM::ResourceDataSync.SyncSource": { "additionalProperties": false, "properties": { - "BucketKeyEnabled": { - "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the `BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide* .", - "title": "BucketKeyEnabled", + "AwsOrganizationsSource": { + "$ref": "#/definitions/AWS::SSM::ResourceDataSync.AwsOrganizationsSource", + "markdownDescription": "Information about the AwsOrganizationsSource resource data sync source. A sync source of this type can synchronize data from AWS Organizations .", + "title": "AwsOrganizationsSource" + }, + "IncludeFutureRegions": { + "markdownDescription": "Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online.", + "title": "IncludeFutureRegions", "type": "boolean" }, - "ServerSideEncryptionByDefault": { - "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionByDefault", - "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", - "title": "ServerSideEncryptionByDefault" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.SourceSelectionCriteria": { - "additionalProperties": false, - "properties": { - "ReplicaModifications": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicaModifications", - "markdownDescription": "A filter that you can specify for selection for modifications on replicas.", - "title": "ReplicaModifications" + "SourceRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The `SyncSource` AWS Regions included in the resource data sync.", + "title": "SourceRegions", + "type": "array" }, - "SseKmsEncryptedObjects": { - "$ref": "#/definitions/AWS::S3::Bucket.SseKmsEncryptedObjects", - "markdownDescription": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.", - "title": "SseKmsEncryptedObjects" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.SseKmsEncryptedObjects": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.", - "title": "Status", + "SourceType": { + "markdownDescription": "The type of data source for the resource data sync. `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` .", + "title": "SourceType", "type": "string" } }, "required": [ - "Status" + "SourceRegions", + "SourceType" ], "type": "object" }, - "AWS::S3::Bucket.StorageClassAnalysis": { - "additionalProperties": false, - "properties": { - "DataExport": { - "$ref": "#/definitions/AWS::S3::Bucket.DataExport", - "markdownDescription": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.", - "title": "DataExport" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.TagFilter": { + "AWS::SSM::ResourcePolicy": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Policy": { + "markdownDescription": "A policy you want to associate with a resource.", + "title": "Policy", + "type": "object" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to which you want to attach a policy.", + "title": "ResourceArn", + "type": "string" + } + }, + "required": [ + "Policy", + "ResourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::ResourcePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.TargetObjectKeyFormat": { + "AWS::SSMContacts::Contact": { "additionalProperties": false, "properties": { - "PartitionedPrefix": { - "$ref": "#/definitions/AWS::S3::Bucket.PartitionedPrefix", - "markdownDescription": "Partitioned S3 key for log objects.", - "title": "PartitionedPrefix" + "Condition": { + "type": "string" }, - "SimplePrefix": { - "markdownDescription": "To use the simple format for S3 keys for log objects. To specify SimplePrefix format, set SimplePrefix to {}.", - "title": "SimplePrefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "The unique and identifiable alias of the contact or escalation plan.", + "title": "Alias", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The full name of the contact or escalation plan.", + "title": "DisplayName", + "type": "string" + }, + "Plan": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.Stage" + }, + "markdownDescription": "A list of stages. A contact has an engagement plan with stages that contact specified contact channels. An escalation plan uses stages that contact specified contacts.", + "title": "Plan", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of contact.\n\n- `PERSONAL` : A single, individual contact.\n- `ESCALATION` : An escalation plan.\n- `ONCALL_SCHEDULE` : An on-call schedule.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Alias", + "DisplayName", + "Type" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMContacts::Contact" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::S3::Bucket.Tiering": { + "AWS::SSMContacts::Contact.ChannelTargetInfo": { "additionalProperties": false, "properties": { - "AccessTier": { - "markdownDescription": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.", - "title": "AccessTier", + "ChannelId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", + "title": "ChannelId", "type": "string" }, - "Days": { - "markdownDescription": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).", - "title": "Days", + "RetryIntervalInMinutes": { + "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", + "title": "RetryIntervalInMinutes", "type": "number" } }, "required": [ - "AccessTier", - "Days" + "ChannelId", + "RetryIntervalInMinutes" ], "type": "object" }, - "AWS::S3::Bucket.TopicConfiguration": { + "AWS::SSMContacts::Contact.ContactTargetInfo": { "additionalProperties": false, "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "ContactId", "type": "string" }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket.", - "title": "Filter" - }, - "Topic": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.", - "title": "Topic", - "type": "string" + "IsEssential": { + "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", + "title": "IsEssential", + "type": "boolean" } }, "required": [ - "Event", - "Topic" + "ContactId", + "IsEssential" ], "type": "object" }, - "AWS::S3::Bucket.Transition": { + "AWS::SSMContacts::Contact.Stage": { "additionalProperties": false, "properties": { - "StorageClass": { - "markdownDescription": "The storage class to which you want the object to transition.", - "title": "StorageClass", - "type": "string" + "DurationInMinutes": { + "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", + "title": "DurationInMinutes", + "type": "number" }, - "TransitionDate": { - "markdownDescription": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.", - "title": "TransitionDate", - "type": "string" + "RotationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", + "title": "RotationIds", + "type": "array" }, - "TransitionInDays": { - "markdownDescription": "Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is `INTELLIGENT_TIERING` , `GLACIER_IR` , `GLACIER` , or `DEEP_ARCHIVE` , valid values are `0` or positive integers. If the specified storage class is `STANDARD_IA` or `ONEZONE_IA` , valid values are positive integers greater than `30` . Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide* .", - "title": "TransitionInDays", - "type": "number" + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.Targets" + }, + "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", + "title": "Targets", + "type": "array" } }, - "required": [ - "StorageClass" - ], "type": "object" }, - "AWS::S3::Bucket.VersioningConfiguration": { + "AWS::SSMContacts::Contact.Targets": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The versioning state of the bucket.", - "title": "Status", - "type": "string" + "ChannelTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.ChannelTargetInfo", + "markdownDescription": "Information about the contact channel that Incident Manager engages.", + "title": "ChannelTargetInfo" + }, + "ContactTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.ContactTargetInfo", + "markdownDescription": "The contact that Incident Manager is engaging during an incident.", + "title": "ContactTargetInfo" } }, - "required": [ - "Status" - ], "type": "object" }, - "AWS::S3::Bucket.WebsiteConfiguration": { + "AWS::SSMContacts::ContactChannel": { "additionalProperties": false, "properties": { - "ErrorDocument": { - "markdownDescription": "The name of the error document for the website.", - "title": "ErrorDocument", + "Condition": { "type": "string" }, - "IndexDocument": { - "markdownDescription": "The name of the index document for the website.", - "title": "IndexDocument", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RedirectAllRequestsTo": { - "$ref": "#/definitions/AWS::S3::Bucket.RedirectAllRequestsTo", - "markdownDescription": "The redirect behavior for every request to this bucket's website endpoint.\n\n> If you specify this property, you can't specify any other property.", - "title": "RedirectAllRequestsTo" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RoutingRules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.RoutingRule" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelAddress": { + "markdownDescription": "The details that Incident Manager uses when trying to engage the contact channel.", + "title": "ChannelAddress", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The name of the contact channel.", + "title": "ChannelName", + "type": "string" + }, + "ChannelType": { + "markdownDescription": "The type of the contact channel. Incident Manager supports three contact methods:\n\n- SMS\n- VOICE\n- EMAIL", + "title": "ChannelType", + "type": "string" + }, + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact you are adding the contact channel to.", + "title": "ContactId", + "type": "string" + }, + "DeferActivation": { + "markdownDescription": "If you want to activate the channel at a later time, you can choose to defer activation. Incident Manager can't engage your contact channel until it has been activated.", + "title": "DeferActivation", + "type": "boolean" + } }, - "markdownDescription": "Rules that define when a redirect is applied and the redirect behavior.", - "title": "RoutingRules", - "type": "array" + "required": [ + "ChannelAddress", + "ChannelName", + "ChannelType", + "ContactId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMContacts::ContactChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::S3::BucketPolicy": { + "AWS::SSMContacts::Plan": { "additionalProperties": false, "properties": { "Condition": { @@ -236721,26 +288557,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket to which the policy applies.", - "title": "Bucket", + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "ContactId", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", - "title": "PolicyDocument", - "type": "object" + "RotationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", + "title": "RotationIds", + "type": "array" + }, + "Stages": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.Stage" + }, + "markdownDescription": "A list of stages that the escalation plan or engagement plan uses to engage contacts and contact methods.", + "title": "Stages", + "type": "array" } }, "required": [ - "Bucket", - "PolicyDocument" + "ContactId" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::BucketPolicy" + "AWS::SSMContacts::Plan" ], "type": "string" }, @@ -236759,7 +288605,85 @@ ], "type": "object" }, - "AWS::S3::MultiRegionAccessPoint": { + "AWS::SSMContacts::Plan.ChannelTargetInfo": { + "additionalProperties": false, + "properties": { + "ChannelId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", + "title": "ChannelId", + "type": "string" + }, + "RetryIntervalInMinutes": { + "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", + "title": "RetryIntervalInMinutes", + "type": "number" + } + }, + "required": [ + "ChannelId", + "RetryIntervalInMinutes" + ], + "type": "object" + }, + "AWS::SSMContacts::Plan.ContactTargetInfo": { + "additionalProperties": false, + "properties": { + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "ContactId", + "type": "string" + }, + "IsEssential": { + "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", + "title": "IsEssential", + "type": "boolean" + } + }, + "required": [ + "ContactId", + "IsEssential" + ], + "type": "object" + }, + "AWS::SSMContacts::Plan.Stage": { + "additionalProperties": false, + "properties": { + "DurationInMinutes": { + "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", + "title": "DurationInMinutes", + "type": "number" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.Targets" + }, + "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", + "title": "Targets", + "type": "array" + } + }, + "required": [ + "DurationInMinutes" + ], + "type": "object" + }, + "AWS::SSMContacts::Plan.Targets": { + "additionalProperties": false, + "properties": { + "ChannelTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.ChannelTargetInfo", + "markdownDescription": "Information about the contact channel that Incident Manager engages.", + "title": "ChannelTargetInfo" + }, + "ContactTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.ContactTargetInfo", + "markdownDescription": "Information about the contact that Incident Manager engages.", + "title": "ContactTargetInfo" + } + }, + "type": "object" + }, + "AWS::SSMContacts::Rotation": { "additionalProperties": false, "properties": { "Condition": { @@ -236794,33 +288718,55 @@ "Properties": { "additionalProperties": false, "properties": { + "ContactIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the contacts to add to the rotation.\n\n> Only the `PERSONAL` contact type is supported. The contact types `ESCALATION` and `ONCALL_SCHEDULE` are not supported for this operation. \n\nThe order in which you list the contacts is their shift order in the rotation schedule.", + "title": "ContactIds", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the Multi-Region Access Point.", + "markdownDescription": "The name for the rotation.", "title": "Name", "type": "string" }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration", - "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers an object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", - "title": "PublicAccessBlockConfiguration" + "Recurrence": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.RecurrenceSettings", + "markdownDescription": "Information about the rule that specifies when shift team members rotate.", + "title": "Recurrence" }, - "Regions": { + "StartTime": { + "markdownDescription": "The date and time the rotation goes into effect.", + "title": "StartTime", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.Region" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A collection of the Regions and buckets associated with the Multi-Region Access Point.", - "title": "Regions", + "markdownDescription": "Optional metadata to assign to the rotation. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For more information, see [Tagging Incident Manager resources](https://docs.aws.amazon.com/incident-manager/latest/userguide/tagging.html) in the *Incident Manager User Guide* .", + "title": "Tags", "type": "array" + }, + "TimeZoneId": { + "markdownDescription": "The time zone to base the rotation\u2019s activity on, in Internet Assigned Numbers Authority (IANA) format. For example: \"America/Los_Angeles\", \"UTC\", or \"Asia/Seoul\". For more information, see the [Time Zone Database](https://docs.aws.amazon.com/https://www.iana.org/time-zones) on the IANA website.\n\n> Designators for time zones that don\u2019t support Daylight Savings Time rules, such as Pacific Standard Time (PST), are not supported.", + "title": "TimeZoneId", + "type": "string" } }, "required": [ - "Regions" + "ContactIds", + "Name", + "Recurrence", + "StartTime", + "TimeZoneId" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::MultiRegionAccessPoint" + "AWS::SSMContacts::Rotation" ], "type": "string" }, @@ -236839,52 +288785,142 @@ ], "type": "object" }, - "AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration": { + "AWS::SSMContacts::Rotation.CoverageTime": { "additionalProperties": false, "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", - "title": "BlockPublicAcls", - "type": "boolean" + "EndTime": { + "markdownDescription": "Information about when an on-call rotation shift ends.", + "title": "EndTime", + "type": "string" }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", - "title": "BlockPublicPolicy", - "type": "boolean" + "StartTime": { + "markdownDescription": "Information about when an on-call rotation shift begins.", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "EndTime", + "StartTime" + ], + "type": "object" + }, + "AWS::SSMContacts::Rotation.MonthlySetting": { + "additionalProperties": false, + "properties": { + "DayOfMonth": { + "markdownDescription": "The day of the month when monthly recurring on-call rotations begin.", + "title": "DayOfMonth", + "type": "number" }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "title": "IgnorePublicAcls", - "type": "boolean" + "HandOffTime": { + "markdownDescription": "The time of day when a monthly recurring on-call shift rotation begins.", + "title": "HandOffTime", + "type": "string" + } + }, + "required": [ + "DayOfMonth", + "HandOffTime" + ], + "type": "object" + }, + "AWS::SSMContacts::Rotation.RecurrenceSettings": { + "additionalProperties": false, + "properties": { + "DailySettings": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about on-call rotations that recur daily.", + "title": "DailySettings", + "type": "array" }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", - "type": "boolean" + "MonthlySettings": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.MonthlySetting" + }, + "markdownDescription": "Information about on-call rotations that recur monthly.", + "title": "MonthlySettings", + "type": "array" + }, + "NumberOfOnCalls": { + "markdownDescription": "The number of contacts, or shift team members designated to be on call concurrently during a shift. For example, in an on-call schedule that contains ten contacts, a value of `2` designates that two of them are on call at any given time.", + "title": "NumberOfOnCalls", + "type": "number" + }, + "RecurrenceMultiplier": { + "markdownDescription": "The number of days, weeks, or months a single rotation lasts.", + "title": "RecurrenceMultiplier", + "type": "number" + }, + "ShiftCoverages": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.ShiftCoverage" + }, + "markdownDescription": "Information about the days of the week included in on-call rotation coverage.", + "title": "ShiftCoverages", + "type": "array" + }, + "WeeklySettings": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.WeeklySetting" + }, + "markdownDescription": "Information about on-call rotations that recur weekly.", + "title": "WeeklySettings", + "type": "array" } }, + "required": [ + "NumberOfOnCalls", + "RecurrenceMultiplier" + ], "type": "object" }, - "AWS::S3::MultiRegionAccessPoint.Region": { + "AWS::SSMContacts::Rotation.ShiftCoverage": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the associated bucket for the Region.", - "title": "Bucket", + "CoverageTimes": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.CoverageTime" + }, + "markdownDescription": "The start and end times of the shift.", + "title": "CoverageTimes", + "type": "array" + }, + "DayOfWeek": { + "markdownDescription": "A list of days on which the schedule is active.", + "title": "DayOfWeek", + "type": "string" + } + }, + "required": [ + "CoverageTimes", + "DayOfWeek" + ], + "type": "object" + }, + "AWS::SSMContacts::Rotation.WeeklySetting": { + "additionalProperties": false, + "properties": { + "DayOfWeek": { + "markdownDescription": "The day of the week when weekly recurring on-call shift rotations begins.", + "title": "DayOfWeek", "type": "string" }, - "BucketAccountId": { - "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.", - "title": "BucketAccountId", + "HandOffTime": { + "markdownDescription": "The time of day when a weekly recurring on-call shift rotation begins.", + "title": "HandOffTime", "type": "string" } }, "required": [ - "Bucket" + "DayOfWeek", + "HandOffTime" ], "type": "object" }, - "AWS::S3::MultiRegionAccessPointPolicy": { + "AWS::SSMGuiConnect::Preferences": { "additionalProperties": false, "properties": { "Condition": { @@ -236919,26 +288955,17 @@ "Properties": { "additionalProperties": false, "properties": { - "MrapName": { - "markdownDescription": "The name of the Multi-Region Access Point.", - "title": "MrapName", - "type": "string" - }, - "Policy": { - "markdownDescription": "The access policy associated with the Multi-Region Access Point.", - "title": "Policy", - "type": "object" + "ConnectionRecordingPreferences": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.ConnectionRecordingPreferences", + "markdownDescription": "The set of preferences used for recording RDP connections in the requesting AWS account and AWS Region . This includes details such as which S3 bucket recordings are stored in.", + "title": "ConnectionRecordingPreferences" } }, - "required": [ - "MrapName", - "Policy" - ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::MultiRegionAccessPointPolicy" + "AWS::SSMGuiConnect::Preferences" ], "type": "string" }, @@ -236952,26 +288979,68 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::S3::MultiRegionAccessPointPolicy.PolicyStatus": { + "AWS::SSMGuiConnect::Preferences.ConnectionRecordingPreferences": { "additionalProperties": false, "properties": { - "IsPublic": { - "markdownDescription": "The policy status for this bucket. `TRUE` indicates that this bucket is public. `FALSE` indicates that the bucket is not public.", - "title": "IsPublic", + "KMSKeyArn": { + "markdownDescription": "The ARN of a AWS KMS key that is used to encrypt data while it is being processed by the service. This key must exist in the same AWS Region as the node you start an RDP connection to.", + "title": "KMSKeyArn", "type": "string" + }, + "RecordingDestinations": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.RecordingDestinations", + "markdownDescription": "Determines where recordings of RDP connections are stored.", + "title": "RecordingDestinations" } }, "required": [ - "IsPublic" + "KMSKeyArn", + "RecordingDestinations" ], "type": "object" }, - "AWS::S3::StorageLens": { + "AWS::SSMGuiConnect::Preferences.RecordingDestinations": { + "additionalProperties": false, + "properties": { + "S3Buckets": { + "items": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.S3Bucket" + }, + "markdownDescription": "The S3 bucket where RDP connection recordings are stored.", + "title": "S3Buckets", + "type": "array" + } + }, + "required": [ + "S3Buckets" + ], + "type": "object" + }, + "AWS::SSMGuiConnect::Preferences.S3Bucket": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the S3 bucket where RDP connection recordings are stored.", + "title": "BucketName", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account number that owns the S3 bucket.", + "title": "BucketOwner", + "type": "string" + } + }, + "required": [ + "BucketName", + "BucketOwner" + ], + "type": "object" + }, + "AWS::SSMIncidents::ReplicationSet": { "additionalProperties": false, "properties": { "Condition": { @@ -237006,28 +289075,36 @@ "Properties": { "additionalProperties": false, "properties": { - "StorageLensConfiguration": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensConfiguration", - "markdownDescription": "This resource contains the details Amazon S3 Storage Lens configuration.", - "title": "StorageLensConfiguration" + "DeletionProtected": { + "markdownDescription": "Determines if the replication set deletion protection is enabled or not. If deletion protection is enabled, you can't delete the last Region in the replication set.", + "title": "DeletionProtected", + "type": "boolean" + }, + "Regions": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.ReplicationRegion" + }, + "markdownDescription": "Specifies the Regions of the replication set.", + "title": "Regions", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A set of tags (key\u2013value pairs) to associate with the Storage Lens configuration.", + "markdownDescription": "A list of tags to add to the replication set.", "title": "Tags", "type": "array" } }, "required": [ - "StorageLensConfiguration" + "Regions" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::StorageLens" + "AWS::SSMIncidents::ReplicationSet" ], "type": "string" }, @@ -237046,394 +289123,388 @@ ], "type": "object" }, - "AWS::S3::StorageLens.AccountLevel": { + "AWS::SSMIncidents::ReplicationSet.RegionConfiguration": { "additionalProperties": false, "properties": { - "ActivityMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", - "markdownDescription": "This property contains the details of account-level activity metrics for S3 Storage Lens.", - "title": "ActivityMetrics" - }, - "AdvancedCostOptimizationMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", - "markdownDescription": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.", - "title": "AdvancedCostOptimizationMetrics" - }, - "AdvancedDataProtectionMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", - "markdownDescription": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.", - "title": "AdvancedDataProtectionMetrics" - }, - "BucketLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketLevel", - "markdownDescription": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens. To enable bucket-level configurations, make sure to also set the same metrics at the account level.", - "title": "BucketLevel" - }, - "DetailedStatusCodesMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", - "markdownDescription": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens.", - "title": "DetailedStatusCodesMetrics" - }, - "StorageLensGroupLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", - "markdownDescription": "This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard.", - "title": "StorageLensGroupLevel" + "SseKmsKeyId": { + "markdownDescription": "The AWS Key Management Service key ID to use to encrypt your replication set.", + "title": "SseKmsKeyId", + "type": "string" } }, "required": [ - "BucketLevel" + "SseKmsKeyId" ], "type": "object" }, - "AWS::S3::StorageLens.ActivityMetrics": { - "additionalProperties": false, - "properties": { - "IsEnabled": { - "markdownDescription": "A property that indicates whether the activity metrics is enabled.", - "title": "IsEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.AdvancedCostOptimizationMetrics": { - "additionalProperties": false, - "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether advanced cost optimization metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.AdvancedDataProtectionMetrics": { + "AWS::SSMIncidents::ReplicationSet.ReplicationRegion": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether advanced data protection metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" + "RegionConfiguration": { + "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.RegionConfiguration", + "markdownDescription": "Specifies the Region configuration.", + "title": "RegionConfiguration" + }, + "RegionName": { + "markdownDescription": "Specifies the region name to add to the replication set.", + "title": "RegionName", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLens.AwsOrg": { + "AWS::SSMIncidents::ResponsePlan": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "This resource contains the ARN of the AWS Organization.", - "title": "Arn", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Action" + }, + "markdownDescription": "The actions that the response plan starts at the beginning of an incident.", + "title": "Actions", + "type": "array" + }, + "ChatChannel": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.ChatChannel", + "markdownDescription": "The chat channel used for collaboration during an incident.", + "title": "ChatChannel" + }, + "DisplayName": { + "markdownDescription": "The human readable name of the response plan.", + "title": "DisplayName", + "type": "string" + }, + "Engagements": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) for the contacts and escalation plans that the response plan engages during an incident.", + "title": "Engagements", + "type": "array" + }, + "IncidentTemplate": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.IncidentTemplate", + "markdownDescription": "Details used to create an incident when using this response plan.", + "title": "IncidentTemplate" + }, + "Integrations": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Integration" + }, + "markdownDescription": "Information about third-party services integrated into the response plan.", + "title": "Integrations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the response plan.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "IncidentTemplate", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMIncidents::ResponsePlan" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Arn" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::StorageLens.BucketLevel": { + "AWS::SSMIncidents::ResponsePlan.Action": { "additionalProperties": false, "properties": { - "ActivityMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", - "markdownDescription": "A property for bucket-level activity metrics for S3 Storage Lens.", - "title": "ActivityMetrics" - }, - "AdvancedCostOptimizationMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", - "markdownDescription": "A property for bucket-level advanced cost optimization metrics for S3 Storage Lens.", - "title": "AdvancedCostOptimizationMetrics" - }, - "AdvancedDataProtectionMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", - "markdownDescription": "A property for bucket-level advanced data protection metrics for S3 Storage Lens.", - "title": "AdvancedDataProtectionMetrics" - }, - "DetailedStatusCodesMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", - "markdownDescription": "A property for bucket-level detailed status code metrics for S3 Storage Lens.", - "title": "DetailedStatusCodesMetrics" - }, - "PrefixLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevel", - "markdownDescription": "A property for bucket-level prefix-level storage metrics for S3 Storage Lens.", - "title": "PrefixLevel" + "SsmAutomation": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmAutomation", + "markdownDescription": "Details about the Systems Manager automation document that will be used as a runbook during an incident.", + "title": "SsmAutomation" } }, "type": "object" }, - "AWS::S3::StorageLens.BucketsAndRegions": { + "AWS::SSMIncidents::ResponsePlan.ChatChannel": { "additionalProperties": false, "properties": { - "Buckets": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* .", - "title": "Buckets", - "type": "array" - }, - "Regions": { + "ChatbotSns": { "items": { "type": "string" }, - "markdownDescription": "This property contains the details of the Regions for the S3 Storage Lens configuration.", - "title": "Regions", + "markdownDescription": "The Amazon SNS targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics", + "title": "ChatbotSns", "type": "array" } }, "type": "object" }, - "AWS::S3::StorageLens.CloudWatchMetrics": { + "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "This property identifies whether the CloudWatch publishing option for S3 Storage Lens is enabled.", - "title": "IsEnabled", - "type": "boolean" + "Key": { + "markdownDescription": "The key parameter to use when running the Systems Manager Automation runbook.", + "title": "Key", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue", + "markdownDescription": "The dynamic parameter value.", + "title": "Value" } }, "required": [ - "IsEnabled" + "Key", + "Value" ], "type": "object" }, - "AWS::S3::StorageLens.DataExport": { - "additionalProperties": false, - "properties": { - "CloudWatchMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.CloudWatchMetrics", - "markdownDescription": "This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics.", - "title": "CloudWatchMetrics" - }, - "S3BucketDestination": { - "$ref": "#/definitions/AWS::S3::StorageLens.S3BucketDestination", - "markdownDescription": "This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed.", - "title": "S3BucketDestination" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.DetailedStatusCodesMetrics": { + "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether detailed status code metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" + "Variable": { + "markdownDescription": "Variable dynamic parameters. A parameter value is determined when an incident is created.", + "title": "Variable", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLens.Encryption": { + "AWS::SSMIncidents::ResponsePlan.IncidentTemplate": { "additionalProperties": false, "properties": { - "SSEKMS": { - "$ref": "#/definitions/AWS::S3::StorageLens.SSEKMS", - "markdownDescription": "Specifies the use of AWS Key Management Service keys (SSE-KMS) to encrypt the S3 Storage Lens metrics export file.", - "title": "SSEKMS" + "DedupeString": { + "markdownDescription": "Used to create only one incident record for an incident.", + "title": "DedupeString", + "type": "string" }, - "SSES3": { - "markdownDescription": "Specifies the use of an Amazon S3-managed key (SSE-S3) to encrypt the S3 Storage Lens metrics export file.", - "title": "SSES3", - "type": "object" + "Impact": { + "markdownDescription": "Defines the impact to the customers. Providing an impact overwrites the impact provided by a response plan.\n\n**Possible impacts:** - `1` - Critical impact, this typically relates to full application failure that impacts many to all customers.\n- `2` - High impact, partial application failure with impact to many customers.\n- `3` - Medium impact, the application is providing reduced service to customers.\n- `4` - Low impact, customer might aren't impacted by the problem yet.\n- `5` - No impact, customers aren't currently impacted but urgent action is needed to avoid impact.", + "title": "Impact", + "type": "number" + }, + "IncidentTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the template. When the `StartIncident` API action is called, Incident Manager assigns the tags specified in the template to the incident.", + "title": "IncidentTags", + "type": "array" + }, + "NotificationTargets": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.NotificationTargetItem" + }, + "markdownDescription": "The Amazon Simple Notification Service ( Amazon SNS ) targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel using the Amazon SNS topics.", + "title": "NotificationTargets", + "type": "array" + }, + "Summary": { + "markdownDescription": "The summary describes what has happened during the incident.", + "title": "Summary", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the incident is a brief and easily recognizable.", + "title": "Title", + "type": "string" } }, + "required": [ + "Impact", + "Title" + ], "type": "object" }, - "AWS::S3::StorageLens.PrefixLevel": { + "AWS::SSMIncidents::ResponsePlan.Integration": { "additionalProperties": false, "properties": { - "StorageMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevelStorageMetrics", - "markdownDescription": "A property for the prefix-level storage metrics for Amazon S3 Storage Lens.", - "title": "StorageMetrics" + "PagerDutyConfiguration": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration", + "markdownDescription": "Information about the PagerDuty service where the response plan creates an incident.", + "title": "PagerDutyConfiguration" } }, "required": [ - "StorageMetrics" + "PagerDutyConfiguration" ], "type": "object" }, - "AWS::S3::StorageLens.PrefixLevelStorageMetrics": { + "AWS::SSMIncidents::ResponsePlan.NotificationTargetItem": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", - "title": "IsEnabled", - "type": "boolean" - }, - "SelectionCriteria": { - "$ref": "#/definitions/AWS::S3::StorageLens.SelectionCriteria", - "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", - "title": "SelectionCriteria" + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic.", + "title": "SnsTopicArn", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLens.S3BucketDestination": { + "AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "This property contains the details of the AWS account ID of the S3 Storage Lens export bucket destination.", - "title": "AccountId", - "type": "string" - }, - "Arn": { - "markdownDescription": "This property contains the details of the ARN of the bucket destination of the S3 Storage Lens export.", - "title": "Arn", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::S3::StorageLens.Encryption", - "markdownDescription": "This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export.", - "title": "Encryption" - }, - "Format": { - "markdownDescription": "This property contains the details of the format of the S3 Storage Lens export bucket destination.", - "title": "Format", + "Name": { + "markdownDescription": "The name of the PagerDuty configuration.", + "title": "Name", "type": "string" }, - "OutputSchemaVersion": { - "markdownDescription": "This property contains the details of the output schema version of the S3 Storage Lens export bucket destination.", - "title": "OutputSchemaVersion", - "type": "string" + "PagerDutyIncidentConfiguration": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration", + "markdownDescription": "Details about the PagerDuty service associated with the configuration.", + "title": "PagerDutyIncidentConfiguration" }, - "Prefix": { - "markdownDescription": "This property contains the details of the prefix of the bucket destination of the S3 Storage Lens export .", - "title": "Prefix", + "SecretId": { + "markdownDescription": "The ID of the AWS Secrets Manager secret that stores your PagerDuty key, either a General Access REST API Key or User Token REST API Key, and other user credentials.", + "title": "SecretId", "type": "string" } }, "required": [ - "AccountId", - "Arn", - "Format", - "OutputSchemaVersion" + "Name", + "PagerDutyIncidentConfiguration", + "SecretId" ], "type": "object" }, - "AWS::S3::StorageLens.SSEKMS": { + "AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration": { "additionalProperties": false, "properties": { - "KeyId": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the customer managed AWS KMS key to use for encrypting the S3 Storage Lens metrics export file. Amazon S3 only supports symmetric encryption keys. For more information, see [Special-purpose keys](https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KeyId", + "ServiceId": { + "markdownDescription": "The ID of the PagerDuty service that the response plan associates with an incident when it launches.", + "title": "ServiceId", "type": "string" } }, "required": [ - "KeyId" + "ServiceId" ], "type": "object" }, - "AWS::S3::StorageLens.SelectionCriteria": { + "AWS::SSMIncidents::ResponsePlan.SsmAutomation": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "This property contains the details of the S3 Storage Lens delimiter being used.", - "title": "Delimiter", + "DocumentName": { + "markdownDescription": "The automation document's name.", + "title": "DocumentName", "type": "string" }, - "MaxDepth": { - "markdownDescription": "This property contains the details of the max depth that S3 Storage Lens will collect metrics up to.", - "title": "MaxDepth", - "type": "number" - }, - "MinStorageBytesPercentage": { - "markdownDescription": "This property contains the details of the minimum storage bytes percentage threshold that S3 Storage Lens will collect metrics up to.", - "title": "MinStorageBytesPercentage", - "type": "number" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.StorageLensConfiguration": { - "additionalProperties": false, - "properties": { - "AccountLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.AccountLevel", - "markdownDescription": "This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration.", - "title": "AccountLevel" - }, - "AwsOrg": { - "$ref": "#/definitions/AWS::S3::StorageLens.AwsOrg", - "markdownDescription": "This property contains the details of the AWS Organization for the S3 Storage Lens configuration.", - "title": "AwsOrg" + "DocumentVersion": { + "markdownDescription": "The version of the runbook to use when running.", + "title": "DocumentVersion", + "type": "string" }, - "DataExport": { - "$ref": "#/definitions/AWS::S3::StorageLens.DataExport", - "markdownDescription": "This property contains the details of this S3 Storage Lens configuration's metrics export.", - "title": "DataExport" + "DynamicParameters": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter" + }, + "markdownDescription": "The key-value pairs to resolve dynamic parameter values when processing a Systems Manager Automation runbook.", + "title": "DynamicParameters", + "type": "array" }, - "Exclude": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", - "markdownDescription": "This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration.", - "title": "Exclude" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmParameter" + }, + "markdownDescription": "The key-value pair parameters to use when running the runbook.", + "title": "Parameters", + "type": "array" }, - "Id": { - "markdownDescription": "This property contains the details of the ID of the S3 Storage Lens configuration.", - "title": "Id", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that the automation document will assume when running commands.", + "title": "RoleArn", "type": "string" }, - "Include": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", - "markdownDescription": "This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration.", - "title": "Include" - }, - "IsEnabled": { - "markdownDescription": "This property contains the details of whether the Amazon S3 Storage Lens configuration is enabled.", - "title": "IsEnabled", - "type": "boolean" - }, - "StorageLensArn": { - "markdownDescription": "This property contains the details of the ARN of the S3 Storage Lens configuration. This property is read-only.", - "title": "StorageLensArn", + "TargetAccount": { + "markdownDescription": "The account that the automation document will be run in. This can be in either the management account or an application account.", + "title": "TargetAccount", "type": "string" } }, "required": [ - "AccountLevel", - "Id", - "IsEnabled" + "DocumentName", + "RoleArn" ], "type": "object" }, - "AWS::S3::StorageLens.StorageLensGroupLevel": { - "additionalProperties": false, - "properties": { - "StorageLensGroupSelectionCriteria": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", - "markdownDescription": "This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected.", - "title": "StorageLensGroupSelectionCriteria" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.StorageLensGroupSelectionCriteria": { + "AWS::SSMIncidents::ResponsePlan.SsmParameter": { "additionalProperties": false, "properties": { - "Exclude": { - "items": { - "type": "string" - }, - "markdownDescription": "This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation.", - "title": "Exclude", - "type": "array" + "Key": { + "markdownDescription": "The key parameter to use when running the Automation runbook.", + "title": "Key", + "type": "string" }, - "Include": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation.", - "title": "Include", + "markdownDescription": "The value parameter to use when running the Automation runbook.", + "title": "Values", "type": "array" } }, + "required": [ + "Key", + "Values" + ], "type": "object" }, - "AWS::S3::StorageLensGroup": { + "AWS::SSMQuickSetup::ConfigurationManager": { "additionalProperties": false, "properties": { "Condition": { @@ -237468,34 +289539,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Filter": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.Filter", - "markdownDescription": "This property contains the criteria for the Storage Lens group data that is displayed", - "title": "Filter" + "ConfigurationDefinitions": { + "items": { + "$ref": "#/definitions/AWS::SSMQuickSetup::ConfigurationManager.ConfigurationDefinition" + }, + "markdownDescription": "The definition of the Quick Setup configuration that the configuration manager deploys.", + "title": "ConfigurationDefinitions", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the configuration.", + "title": "Description", + "type": "string" }, "Name": { - "markdownDescription": "This property contains the Storage Lens group name.", + "markdownDescription": "The name of the configuration", "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Key-value pairs of metadata to assign to the configuration manager.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "This property contains the AWS resource tags that you're adding to your Storage Lens group. This parameter is optional.", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "Filter", - "Name" + "ConfigurationDefinitions" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::StorageLensGroup" + "AWS::SSMQuickSetup::ConfigurationManager" ], "type": "string" }, @@ -237514,169 +289595,231 @@ ], "type": "object" }, - "AWS::S3::StorageLensGroup.And": { + "AWS::SSMQuickSetup::ConfigurationManager.ConfigurationDefinition": { "additionalProperties": false, "properties": { - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" + "LocalDeploymentAdministrationRoleArn": { + "markdownDescription": "The ARN of the IAM role used to administrate local configuration deployments.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only for organizational deployments of types other than `AWSQuickSetupType-PatchPolicy` . A value must be provided when you are running an organizational deployment for a patch policy or running any type of deployment for a single account.", + "title": "LocalDeploymentAdministrationRoleArn", + "type": "string" }, - "MatchAnySuffix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", - "type": "array" + "LocalDeploymentExecutionRoleName": { + "markdownDescription": "The name of the IAM role used to deploy local configurations.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only for organizational deployments of types other than `AWSQuickSetupType-PatchPolicy` . A value must be provided when you are running an organizational deployment for a patch policy or running any type of deployment for a single account.", + "title": "LocalDeploymentExecutionRoleName", + "type": "string" }, - "MatchAnyTag": { - "items": { - "$ref": "#/definitions/Tag" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the configuration definition type. Parameters for configuration definitions vary based the configuration type. The following lists outline the parameters for each configuration type.\n\n- **AWS Config Recording (Type: AWS QuickSetupType-CFGRecording)** - - `RecordAllResources`\n\n- Description: (Optional) A boolean value that determines whether all supported resources are recorded. The default value is \" `true` \".\n- `ResourceTypesToRecord`\n\n- Description: (Optional) A comma separated list of resource types you want to record.\n- `RecordGlobalResourceTypes`\n\n- Description: (Optional) A boolean value that determines whether global resources are recorded with all resource configurations. The default value is \" `false` \".\n- `GlobalResourceTypesRegion`\n\n- Description: (Optional) Determines the AWS Region where global resources are recorded.\n- `UseCustomBucket`\n\n- Description: (Optional) A boolean value that determines whether a custom Amazon S3 bucket is used for delivery. The default value is \" `false` \".\n- `DeliveryBucketName`\n\n- Description: (Optional) The name of the Amazon S3 bucket you want AWS Config to deliver configuration snapshots and configuration history files to.\n- `DeliveryBucketPrefix`\n\n- Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket.\n- `NotificationOptions`\n\n- Description: (Optional) Determines the notification configuration for the recorder. The valid values are `NoStreaming` , `UseExistingTopic` , and `CreateTopic` . The default value is `NoStreaming` .\n- `CustomDeliveryTopicAccountId`\n\n- Description: (Optional) The ID of the AWS account where the Amazon SNS topic you want to use for notifications resides. You must specify a value for this parameter if you use the `UseExistingTopic` notification option.\n- `CustomDeliveryTopicName`\n\n- Description: (Optional) The name of the Amazon SNS topic you want to use for notifications. You must specify a value for this parameter if you use the `UseExistingTopic` notification option.\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(7 days)` , `rate(1 days)` , and `none` . The default value is \" `none` \".\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Change Manager (Type: AWS QuickSetupType-SSMChangeMgr)** - - `DelegatedAccountId`\n\n- Description: (Required) The ID of the delegated administrator account.\n- `JobFunction`\n\n- Description: (Required) The name for the Change Manager job function.\n- `PermissionType`\n\n- Description: (Optional) Specifies whether you want to use default administrator permissions for the job function role, or provide a custom IAM policy. The valid values are `CustomPermissions` and `AdminPermissions` . The default value for the parameter is `CustomerPermissions` .\n- `CustomPermissions`\n\n- Description: (Optional) A JSON string containing the IAM policy you want your job function to use. You must provide a value for this parameter if you specify `CustomPermissions` for the `PermissionType` parameter.\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Conformance Packs (Type: AWS QuickSetupType-CFGCPacks)** - - `DelegatedAccountId`\n\n- Description: (Optional) The ID of the delegated administrator account. This parameter is required for Organization deployments.\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(2 days)` , and `none` . The default value is \" `none` \".\n- `CPackNames`\n\n- Description: (Required) A comma separated list of AWS Config conformance packs.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Default Host Management Configuration (Type: AWS QuickSetupType-DHMC)** - - `UpdateSSMAgent`\n\n- Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is \" `true` \".\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) The AWS Regions to deploy the configuration to. For this type, the parameter only accepts a value of `AllRegions` .\n- **DevOps\u00a0Guru (Type: AWS QuickSetupType-DevOpsGuru)** - - `AnalyseAllResources`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru analyzes all AWS CloudFormation stacks in the account. The default value is \" `false` \".\n- `EnableSnsNotifications`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru sends notifications when an insight is created. The default value is \" `true` \".\n- `EnableSsmOpsItems`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru creates an OpsCenter OpsItem when an insight is created. The default value is \" `true` \".\n- `EnableDriftRemediation`\n\n- Description: (Optional) A boolean value that determines whether a drift remediation schedule is used. The default value is \" `false` \".\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(1 days)` , and `none` . The default value is \" `none` \".\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Distributor (Type: AWS QuickSetupType-Distributor)** - - `PackagesToInstall`\n\n- Description: (Required) A comma separated list of packages you want to install on the target instances. The valid values are `AWSEFSTools` , `AWSCWAgent` , and `AWSEC2LaunchAgent` .\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(2 days)` , and `none` . The default value is \" `rate(30 days)` \".\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Host Management (Type: AWS QuickSetupType-SSMHostMgmt)** - - `UpdateSSMAgent`\n\n- Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is \" `true` \".\n- `UpdateEc2LaunchAgent`\n\n- Description: (Optional) A boolean value that determines whether the EC2 Launch agent is updated on the target instances every month. The default value is \" `false` \".\n- `CollectInventory`\n\n- Description: (Optional) A boolean value that determines whether instance metadata is collected on the target instances every 30 minutes. The default value is \" `true` \".\n- `ScanInstances`\n\n- Description: (Optional) A boolean value that determines whether the target instances are scanned daily for available patches. The default value is \" `true` \".\n- `InstallCloudWatchAgent`\n\n- Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is installed on the target instances. The default value is \" `false` \".\n- `UpdateCloudWatchAgent`\n\n- Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is updated on the target instances every month. The default value is \" `false` \".\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Optional) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Optional) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Optional) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **OpsCenter (Type: AWS QuickSetupType-SSMOpsCenter)** - - `DelegatedAccountId`\n\n- Description: (Required) The ID of the delegated administrator account.\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Patch Policy (Type: AWS QuickSetupType-PatchPolicy)** - - `PatchPolicyName`\n\n- Description: (Required) A name for the patch policy. The value you provide is applied to target Amazon EC2 instances as a tag.\n- `SelectedPatchBaselines`\n\n- Description: (Required) An array of JSON objects containing the information for the patch baselines to include in your patch policy.\n- `PatchBaselineUseDefault`\n\n- Description: (Optional) A value that determines whether the selected patch baselines are all AWS provided. Supported values are `default` and `custom` .\n- `PatchBaselineRegion`\n\n- Description: (Required) The AWS Region where the patch baseline exist.\n- `ConfigurationOptionsPatchOperation`\n\n- Description: (Optional) Determines whether target instances scan for available patches, or scan and install available patches. The valid values are `Scan` and `ScanAndInstall` . The default value for the parameter is `Scan` .\n- `ConfigurationOptionsScanValue`\n\n- Description: (Optional) A cron expression that is used as the schedule for when instances scan for available patches.\n- `ConfigurationOptionsInstallValue`\n\n- Description: (Optional) A cron expression that is used as the schedule for when instances install available patches.\n- `ConfigurationOptionsScanNextInterval`\n\n- Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is \" `false` \".\n- `ConfigurationOptionsInstallNextInterval`\n\n- Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is \" `false` \".\n- `RebootOption`\n\n- Description: (Optional) Determines whether instances are rebooted after patches are installed. Valid values are `RebootIfNeeded` and `NoReboot` .\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `OutputLogEnableS3`\n\n- Description: (Optional) A boolean value that determines whether command output logs are sent to Amazon S3.\n- `OutputS3Location`\n\n- Description: (Optional) Information about the Amazon S3 bucket where you want to store the output details of the request.\n\n- `OutputBucketRegion`\n\n- Description: (Optional) The AWS Region where the Amazon S3 bucket you want to deliver command output to is located.\n- `OutputS3BucketName`\n\n- Description: (Optional) The name of the Amazon S3 bucket you want to deliver command output to.\n- `OutputS3KeyPrefix`\n\n- Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket.\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Resource Explorer (Type: AWS QuickSetupType-ResourceExplorer)** - - `SelectedAggregatorRegion`\n\n- Description: (Required) The AWS Region where you want to create the aggregator index.\n- `ReplaceExistingAggregator`\n\n- Description: (Required) A boolean value that determines whether to demote an existing aggregator if it is in a Region that differs from the value you specify for the `SelectedAggregatorRegion` .\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Resource Scheduler (Type: AWS QuickSetupType-Scheduler)** - - `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target.\n- `ICalendarString`\n\n- Description: (Required) An iCalendar formatted string containing the schedule you want Change Manager to use.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", - "type": "array" + "title": "Parameters", + "type": "object" }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days).", - "title": "MatchObjectAge" + "Type": { + "markdownDescription": "The type of the Quick Setup configuration.", + "title": "Type", + "type": "string" }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" + "TypeVersion": { + "markdownDescription": "The version of the Quick Setup type used.", + "title": "TypeVersion", + "type": "string" + }, + "id": { + "markdownDescription": "The ID of the configuration definition.", + "title": "id", + "type": "string" } }, + "required": [ + "Parameters", + "Type" + ], "type": "object" }, - "AWS::S3::StorageLensGroup.Filter": { + "AWS::SSMQuickSetup::ConfigurationManager.StatusSummary": { "additionalProperties": false, "properties": { - "And": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.And", - "markdownDescription": "This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed.", - "title": "And" - }, - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" + "LastUpdatedAt": { + "markdownDescription": "The datetime stamp when the status was last updated.", + "title": "LastUpdatedAt", + "type": "string" }, - "MatchAnySuffix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", - "type": "array" + "Status": { + "markdownDescription": "The current status.", + "title": "Status", + "type": "string" }, - "MatchAnyTag": { - "items": { - "$ref": "#/definitions/Tag" + "StatusDetails": { + "additionalProperties": true, + "markdownDescription": "Details about the status.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", - "type": "array" - }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days).", - "title": "MatchObjectAge" + "title": "StatusDetails", + "type": "object" }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" + "StatusMessage": { + "markdownDescription": "When applicable, returns an informational message relevant to the current status and status type of the status summary object. We don't recommend implementing parsing logic around this value since the messages returned can vary in format.", + "title": "StatusMessage", + "type": "string" }, - "Or": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.Or", - "markdownDescription": "This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed.", - "title": "Or" + "StatusType": { + "markdownDescription": "The type of a status summary.", + "title": "StatusType", + "type": "string" } }, + "required": [ + "LastUpdatedAt", + "StatusType" + ], "type": "object" }, - "AWS::S3::StorageLensGroup.MatchObjectAge": { + "AWS::SSO::Application": { "additionalProperties": false, "properties": { - "DaysGreaterThan": { - "markdownDescription": "This property indicates the minimum object age in days.", - "title": "DaysGreaterThan", - "type": "number" + "Condition": { + "type": "string" }, - "DaysLessThan": { - "markdownDescription": "This property indicates the maximum object age in days.", - "title": "DaysLessThan", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationProviderArn": { + "markdownDescription": "The ARN of the application provider for this application.", + "title": "ApplicationProviderArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the application.", + "title": "Description", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the instance of IAM Identity Center that is configured with this application.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", + "type": "string" + }, + "PortalOptions": { + "$ref": "#/definitions/AWS::SSO::Application.PortalOptionsConfiguration", + "markdownDescription": "A structure that describes the options for the access portal associated with this application.", + "title": "PortalOptions" + }, + "Status": { + "markdownDescription": "The current status of the application in this instance of IAM Identity Center.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies tags to be attached to the application.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ApplicationProviderArn", + "InstanceArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::S3::StorageLensGroup.MatchObjectSize": { + "AWS::SSO::Application.PortalOptionsConfiguration": { "additionalProperties": false, "properties": { - "BytesGreaterThan": { - "markdownDescription": "This property specifies the minimum object size in bytes. The value must be a positive number, greater than 0 and less than 5 TB.", - "title": "BytesGreaterThan", - "type": "number" + "SignInOptions": { + "$ref": "#/definitions/AWS::SSO::Application.SignInOptions", + "markdownDescription": "A structure that describes the sign-in options for the access portal.", + "title": "SignInOptions" }, - "BytesLessThan": { - "markdownDescription": "This property specifies the maximum object size in bytes. The value must be a positive number, greater than the minimum object size and less than 5 TB.", - "title": "BytesLessThan", - "type": "number" + "Visibility": { + "markdownDescription": "Indicates whether this application is visible in the access portal.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLensGroup.Or": { + "AWS::SSO::Application.SignInOptions": { "additionalProperties": false, "properties": { - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" - }, - "MatchAnySuffix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", - "type": "array" - }, - "MatchAnyTag": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", - "type": "array" - }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property filters objects that match the specified object age range.", - "title": "MatchObjectAge" + "ApplicationUrl": { + "markdownDescription": "The URL that accepts authentication requests for an application. This is a required parameter if the `Origin` parameter is `APPLICATION` .", + "title": "ApplicationUrl", + "type": "string" }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" + "Origin": { + "markdownDescription": "This determines how IAM Identity Center navigates the user to the target application. It can be one of the following values:\n\n- `APPLICATION` : IAM Identity Center redirects the customer to the configured `ApplicationUrl` .\n- `IDENTITY_CENTER` : IAM Identity Center uses SAML identity-provider initiated authentication to sign the customer directly into a SAML-based application.", + "title": "Origin", + "type": "string" } }, + "required": [ + "Origin" + ], "type": "object" }, - "AWS::S3Express::BucketPolicy": { + "AWS::SSO::ApplicationAssignment": { "additionalProperties": false, "properties": { "Condition": { @@ -237711,26 +289854,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 directory bucket to which the policy applies.", - "title": "Bucket", + "ApplicationArn": { + "markdownDescription": "The ARN of the application that has principals assigned.", + "title": "ApplicationArn", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Policies and Permissions in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", - "title": "PolicyDocument", - "type": "object" + "PrincipalId": { + "markdownDescription": "The unique identifier of the principal assigned to the application.", + "title": "PrincipalId", + "type": "string" + }, + "PrincipalType": { + "markdownDescription": "The type of the principal assigned to the application.", + "title": "PrincipalType", + "type": "string" } }, "required": [ - "Bucket", - "PolicyDocument" + "ApplicationArn", + "PrincipalId", + "PrincipalType" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Express::BucketPolicy" + "AWS::SSO::ApplicationAssignment" ], "type": "string" }, @@ -237749,7 +289898,7 @@ ], "type": "object" }, - "AWS::S3Express::DirectoryBucket": { + "AWS::SSO::Assignment": { "additionalProperties": false, "properties": { "Condition": { @@ -237784,31 +289933,50 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Zone (Availability Zone or Local Zone). The bucket name must also follow the format `*bucket_base_name* -- *zone_id* --x-s3` (for example, `*bucket_base_name* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "InstanceArn", "type": "string" }, - "DataRedundancy": { - "markdownDescription": "The number of Zone (Availability Zone or Local Zone) that's used for redundancy for the bucket.", - "title": "DataRedundancy", + "PermissionSetArn": { + "markdownDescription": "The ARN of the permission set.", + "title": "PermissionSetArn", "type": "string" }, - "LocationName": { - "markdownDescription": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` .", - "title": "LocationName", + "PrincipalId": { + "markdownDescription": "An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the [IAM Identity Center Identity Store API Reference](https://docs.aws.amazon.com//singlesignon/latest/IdentityStoreAPIReference/welcome.html) .", + "title": "PrincipalId", + "type": "string" + }, + "PrincipalType": { + "markdownDescription": "The entity type for which the assignment will be created.", + "title": "PrincipalType", + "type": "string" + }, + "TargetId": { + "markdownDescription": "TargetID is an AWS account identifier, (For example, 123456789012).", + "title": "TargetId", + "type": "string" + }, + "TargetType": { + "markdownDescription": "The entity type for which the assignment will be created.", + "title": "TargetType", "type": "string" } }, "required": [ - "DataRedundancy", - "LocationName" + "InstanceArn", + "PermissionSetArn", + "PrincipalId", + "PrincipalType", + "TargetId", + "TargetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Express::DirectoryBucket" + "AWS::SSO::Assignment" ], "type": "string" }, @@ -237827,7 +289995,7 @@ ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint": { + "AWS::SSO::Instance": { "additionalProperties": false, "properties": { "Condition": { @@ -237863,24 +290031,24 @@ "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "The name of this access point.", + "markdownDescription": "The name of the Identity Center instance.", "title": "Name", "type": "string" }, - "ObjectLambdaConfiguration": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration", - "markdownDescription": "A configuration used when creating an Object Lambda Access Point.", - "title": "ObjectLambdaConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies tags to be attached to the instance of IAM Identity Center.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ObjectLambdaConfiguration" - ], "type": "object" }, "Type": { "enum": [ - "AWS::S3ObjectLambda::AccessPoint" + "AWS::SSO::Instance" ], "type": "string" }, @@ -237894,149 +290062,123 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.Alias": { + "AWS::SSO::InstanceAccessControlAttributeConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of the Object Lambda Access Point alias. If the status is `PROVISIONING` , the Object Lambda Access Point is provisioning the alias and the alias is not ready for use yet. If the status is `READY` , the Object Lambda Access Point alias is successfully provisioned and ready for use.", - "title": "Status", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The alias value of the Object Lambda Access Point.", - "title": "Value", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "Value" - ], - "type": "object" - }, - "AWS::S3ObjectLambda::AccessPoint.AwsLambda": { - "additionalProperties": false, - "properties": { - "FunctionArn": { - "markdownDescription": "", - "title": "FunctionArn", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessControlAttributes": { + "items": { + "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute" + }, + "markdownDescription": "Lists the attributes that are configured for ABAC in the specified IAM Identity Center instance.", + "title": "AccessControlAttributes", + "type": "array" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed.", + "title": "InstanceArn", + "type": "string" + } + }, + "required": [ + "InstanceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSO::InstanceAccessControlAttributeConfiguration" + ], "type": "string" }, - "FunctionPayload": { - "markdownDescription": "", - "title": "FunctionPayload", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FunctionArn" - ], - "type": "object" - }, - "AWS::S3ObjectLambda::AccessPoint.ContentTransformation": { - "additionalProperties": false, - "properties": { - "AwsLambda": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.AwsLambda", - "markdownDescription": "", - "title": "AwsLambda" - } - }, - "required": [ - "AwsLambda" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { + "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute": { "additionalProperties": false, "properties": { - "AllowedFeatures": { - "items": { - "type": "string" - }, - "markdownDescription": "A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` .", - "title": "AllowedFeatures", - "type": "array" - }, - "CloudWatchMetricsEnabled": { - "markdownDescription": "A container for whether the CloudWatch metrics configuration is enabled.", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" - }, - "SupportingAccessPoint": { - "markdownDescription": "Standard access point associated with the Object Lambda Access Point.", - "title": "SupportingAccessPoint", + "Key": { + "markdownDescription": "The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center .", + "title": "Key", "type": "string" }, - "TransformationConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration" - }, - "markdownDescription": "A container for transformation configurations for an Object Lambda Access Point.", - "title": "TransformationConfigurations", - "type": "array" + "Value": { + "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue", + "markdownDescription": "The value used for mapping a specified attribute to an identity source.", + "title": "Value" } }, "required": [ - "SupportingAccessPoint", - "TransformationConfigurations" + "Key", + "Value" ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.PublicAccessBlockConfiguration": { - "additionalProperties": false, - "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:\n\n- `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "BlockPublicAcls", - "type": "boolean" - }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "BlockPublicPolicy", - "type": "boolean" - }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "IgnorePublicAcls", - "type": "boolean" - }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "RestrictPublicBuckets", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration": { + "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue": { "additionalProperties": false, "properties": { - "Actions": { + "Source": { "items": { "type": "string" }, - "markdownDescription": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` .", - "title": "Actions", + "markdownDescription": "The identity source to use when mapping a specified attribute to IAM Identity Center .", + "title": "Source", "type": "array" - }, - "ContentTransformation": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ContentTransformation", - "markdownDescription": "A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* .", - "title": "ContentTransformation" } }, "required": [ - "Actions", - "ContentTransformation" + "Source" ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPointPolicy": { + "AWS::SSO::PermissionSet": { "additionalProperties": false, "properties": { "Condition": { @@ -238071,26 +290213,75 @@ "Properties": { "additionalProperties": false, "properties": { - "ObjectLambdaAccessPoint": { - "markdownDescription": "An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.", - "title": "ObjectLambdaAccessPoint", + "CustomerManagedPolicyReferences": { + "items": { + "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference" + }, + "markdownDescription": "Specifies the names and paths of the customer managed policies that you have attached to your permission set.", + "title": "CustomerManagedPolicyReferences", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the `PermissionSet` .", + "title": "Description", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "Object Lambda Access Point resource policy document.", - "title": "PolicyDocument", + "InlinePolicy": { + "markdownDescription": "The inline policy that is attached to the permission set.\n\n> For `Length Constraints` , if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.", + "title": "InlinePolicy", "type": "object" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "InstanceArn", + "type": "string" + }, + "ManagedPolicies": { + "items": { + "type": "string" + }, + "markdownDescription": "A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.", + "title": "ManagedPolicies", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the permission set.", + "title": "Name", + "type": "string" + }, + "PermissionsBoundary": { + "$ref": "#/definitions/AWS::SSO::PermissionSet.PermissionsBoundary", + "markdownDescription": "Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\n> Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* .", + "title": "PermissionsBoundary" + }, + "RelayStateType": { + "markdownDescription": "Used to redirect users within the application during the federation authentication process.", + "title": "RelayStateType", + "type": "string" + }, + "SessionDuration": { + "markdownDescription": "The length of time that the application user sessions are valid for in the ISO-8601 standard.", + "title": "SessionDuration", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to attach to the new `PermissionSet` .", + "title": "Tags", + "type": "array" } }, "required": [ - "ObjectLambdaAccessPoint", - "PolicyDocument" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3ObjectLambda::AccessPointPolicy" + "AWS::SSO::PermissionSet" ], "type": "string" }, @@ -238109,7 +290300,42 @@ ], "type": "object" }, - "AWS::S3Outposts::AccessPoint": { + "AWS::SSO::PermissionSet.CustomerManagedPolicyReference": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the IAM policy that you have configured in each account where you want to deploy your permission set.", + "title": "Name", + "type": "string" + }, + "Path": { + "markdownDescription": "The path to the IAM policy that you have configured in each account where you want to deploy your permission set. The default is `/` . For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::SSO::PermissionSet.PermissionsBoundary": { + "additionalProperties": false, + "properties": { + "CustomerManagedPolicyReference": { + "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference", + "markdownDescription": "Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.", + "title": "CustomerManagedPolicyReference" + }, + "ManagedPolicyArn": { + "markdownDescription": "The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.", + "title": "ManagedPolicyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::App": { "additionalProperties": false, "properties": { "Condition": { @@ -238144,37 +290370,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 on Outposts bucket that is associated with this access point.", - "title": "Bucket", + "AppName": { + "markdownDescription": "The name of the app.", + "title": "AppName", "type": "string" }, - "Name": { - "markdownDescription": "The name of this access point.", - "title": "Name", + "AppType": { + "markdownDescription": "The type of app.", + "title": "AppType", + "type": "string" + }, + "DomainId": { + "markdownDescription": "The domain ID.", + "title": "DomainId", "type": "string" }, - "Policy": { - "markdownDescription": "The access point policy associated with this access point.", - "title": "Policy", - "type": "object" + "RecoveryMode": { + "markdownDescription": "", + "title": "RecoveryMode", + "type": "boolean" + }, + "ResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::App.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "ResourceSpec" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::S3Outposts::AccessPoint.VpcConfiguration", - "markdownDescription": "The virtual private cloud (VPC) configuration for this access point, if one exists.", - "title": "VpcConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserProfileName": { + "markdownDescription": "The user profile name.", + "title": "UserProfileName", + "type": "string" } }, "required": [ - "Bucket", - "Name", - "VpcConfiguration" + "AppName", + "AppType", + "DomainId", + "UserProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::AccessPoint" + "AWS::SageMaker::App" ], "type": "string" }, @@ -238193,18 +290438,33 @@ ], "type": "object" }, - "AWS::S3Outposts::AccessPoint.VpcConfiguration": { + "AWS::SageMaker::App.ResourceSpec": { "additionalProperties": false, "properties": { - "VpcId": { - "markdownDescription": "", - "title": "VpcId", + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", + "type": "string" + }, + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" + }, + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", "type": "string" } }, "type": "object" }, - "AWS::S3Outposts::Bucket": { + "AWS::SageMaker::AppImageConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -238239,39 +290499,43 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "A name for the S3 on Outposts bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html) . For more information, see [Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig. Must be unique to your account.", + "title": "AppImageConfigName", "type": "string" }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.LifecycleConfiguration", - "markdownDescription": "Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.", - "title": "LifecycleConfiguration" + "CodeEditorAppImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig", + "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", + "title": "CodeEditorAppImageConfig" }, - "OutpostId": { - "markdownDescription": "The ID of the Outpost of the specified bucket.", - "title": "OutpostId", - "type": "string" + "JupyterLabAppImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig", + "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", + "title": "JupyterLabAppImageConfig" + }, + "KernelGatewayImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig", + "markdownDescription": "The configuration for the file system and kernels in the SageMaker AI image.", + "title": "KernelGatewayImageConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) .\n\nUse tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) .\n\n> Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [Using cost allocation and bucket tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html) . \n\nTo use this resource, you must have permissions to perform the `s3-outposts:PutBucketTagging` . The S3 on Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "BucketName", - "OutpostId" + "AppImageConfigName" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::Bucket" + "AWS::SageMaker::AppImageConfig" ], "type": "string" }, @@ -238290,73 +290554,57 @@ ], "type": "object" }, - "AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload": { - "additionalProperties": false, - "properties": { - "DaysAfterInitiation": { - "markdownDescription": "Specifies the number of days after initiation that Amazon S3 on Outposts aborts an incomplete multipart upload.", - "title": "DaysAfterInitiation", - "type": "number" - } - }, - "required": [ - "DaysAfterInitiation" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.Filter": { + "AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig": { "additionalProperties": false, "properties": { - "AndOperator": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterAndOperator", - "markdownDescription": "", - "title": "AndOperator" - }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" - }, - "Tag": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag", + "ContainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", "markdownDescription": "", - "title": "Tag" + "title": "ContainerConfig" } }, "type": "object" }, - "AWS::S3Outposts::Bucket.FilterAndOperator": { + "AWS::SageMaker::AppImageConfig.ContainerConfig": { "additionalProperties": false, "properties": { - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" + "ContainerArguments": { + "items": { + "type": "string" + }, + "markdownDescription": "The arguments for the container when you're running the application.", + "title": "ContainerArguments", + "type": "array" }, - "Tags": { + "ContainerEntrypoint": { "items": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag" + "type": "string" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "The entrypoint used to run the application in the container.", + "title": "ContainerEntrypoint", + "type": "array" + }, + "ContainerEnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable" + }, + "markdownDescription": "The environment variables to set in the container", + "title": "ContainerEnvironmentVariables", "type": "array" } }, - "required": [ - "Tags" - ], "type": "object" }, - "AWS::S3Outposts::Bucket.FilterTag": { + "AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable": { "additionalProperties": false, "properties": { "Key": { - "markdownDescription": "", + "markdownDescription": "The key that identifies a container environment variable.", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "", + "markdownDescription": "The value of the container environment variable.", "title": "Value", "type": "string" } @@ -238367,63 +290615,80 @@ ], "type": "object" }, - "AWS::S3Outposts::Bucket.LifecycleConfiguration": { + "AWS::SageMaker::AppImageConfig.FileSystemConfig": { "additionalProperties": false, "properties": { - "Rules": { + "DefaultGid": { + "markdownDescription": "The default POSIX group ID (GID). If not specified, defaults to `100` .", + "title": "DefaultGid", + "type": "number" + }, + "DefaultUid": { + "markdownDescription": "The default POSIX user ID (UID). If not specified, defaults to `1000` .", + "title": "DefaultUid", + "type": "number" + }, + "MountPath": { + "markdownDescription": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to */home/sagemaker-user* .", + "title": "MountPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig": { + "additionalProperties": false, + "properties": { + "ContainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", + "markdownDescription": "The configuration used to run the application image container.", + "title": "ContainerConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig": { + "additionalProperties": false, + "properties": { + "FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.FileSystemConfig", + "markdownDescription": "The Amazon Elastic File System storage configuration for a SageMaker AI image.", + "title": "FileSystemConfig" + }, + "KernelSpecs": { "items": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.Rule" + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelSpec" }, - "markdownDescription": "The container for the lifecycle configuration rules for the objects stored in the S3 on Outposts bucket.", - "title": "Rules", + "markdownDescription": "The specification of the Jupyter kernels in the image.", + "title": "KernelSpecs", "type": "array" } }, "required": [ - "Rules" + "KernelSpecs" ], "type": "object" }, - "AWS::S3Outposts::Bucket.Rule": { + "AWS::SageMaker::AppImageConfig.KernelSpec": { "additionalProperties": false, "properties": { - "AbortIncompleteMultipartUpload": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload", - "markdownDescription": "The container for the abort incomplete multipart upload rule.", - "title": "AbortIncompleteMultipartUpload" - }, - "ExpirationDate": { - "markdownDescription": "Specifies the expiration for the lifecycle of the object by specifying an expiry date.", - "title": "ExpirationDate", - "type": "string" - }, - "ExpirationInDays": { - "markdownDescription": "Specifies the expiration for the lifecycle of the object in the form of days that the object has been in the S3 on Outposts bucket.", - "title": "ExpirationInDays", - "type": "number" - }, - "Filter": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.Filter", - "markdownDescription": "The container for the filter of the lifecycle rule.", - "title": "Filter" - }, - "Id": { - "markdownDescription": "", - "title": "Id", + "DisplayName": { + "markdownDescription": "The display name of the kernel.", + "title": "DisplayName", "type": "string" }, - "Status": { - "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", - "title": "Status", + "Name": { + "markdownDescription": "The name of the Jupyter kernel in the image. This value is case sensitive.", + "title": "Name", "type": "string" } }, "required": [ - "Status" + "Name" ], "type": "object" }, - "AWS::S3Outposts::BucketPolicy": { + "AWS::SageMaker::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -238458,26 +290723,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 Outposts bucket to which the policy applies.", - "title": "Bucket", + "ClusterName": { + "markdownDescription": "The name of the SageMaker HyperPod cluster.", + "title": "ClusterName", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .", - "title": "PolicyDocument", - "type": "object" + "InstanceGroups": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterInstanceGroup" + }, + "markdownDescription": "The instance groups of the SageMaker HyperPod cluster. To delete an instance group, remove it from the array.", + "title": "InstanceGroups", + "type": "array" + }, + "NodeRecovery": { + "markdownDescription": "Specifies whether to enable or disable the automatic node recovery feature of SageMaker HyperPod. Available values are `Automatic` for enabling and `None` for disabling.", + "title": "NodeRecovery", + "type": "string" + }, + "Orchestrator": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.Orchestrator", + "markdownDescription": "The orchestrator type for the SageMaker HyperPod cluster. Currently, `'eks'` is the only available option.", + "title": "Orchestrator" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker AWS resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see [AddTags](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html) .\n\nFor more information on adding metadata to your AWS resources with tagging, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) . For advice on best practices for managing AWS resources with tagging, see [Tagging Best Practices: Implement an Effective AWS Resource Tagging Strategy](https://docs.aws.amazon.com/https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf) .", + "title": "Tags", + "type": "array" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.VpcConfig", + "markdownDescription": "Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC. For more information, see [Give SageMaker Access to Resources in your Amazon VPC](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", + "title": "VpcConfig" } }, "required": [ - "Bucket", - "PolicyDocument" + "InstanceGroups" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::BucketPolicy" + "AWS::SageMaker::Cluster" ], "type": "string" }, @@ -238496,131 +290786,172 @@ ], "type": "object" }, - "AWS::S3Outposts::Endpoint": { + "AWS::SageMaker::Cluster.ClusterEbsVolumeConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "VolumeSizeInGB": { + "markdownDescription": "The size in gigabytes (GB) of the additional EBS volume to be attached to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to `/opt/sagemaker` .", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::Cluster.ClusterInstanceGroup": { + "additionalProperties": false, + "properties": { + "CurrentCount": { + "markdownDescription": "The number of instances that are currently in the instance group of a SageMaker HyperPod cluster.", + "title": "CurrentCount", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExecutionRole": { + "markdownDescription": "The execution role for the instance group to assume.", + "title": "ExecutionRole", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InstanceCount": { + "markdownDescription": "The number of instances in an instance group of the SageMaker HyperPod cluster.", + "title": "InstanceCount", + "type": "number" }, - "Metadata": { - "type": "object" + "InstanceGroupName": { + "markdownDescription": "The name of the instance group of a SageMaker HyperPod cluster.", + "title": "InstanceGroupName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessType": { - "markdownDescription": "The container for the type of connectivity used to access the Amazon S3 on Outposts endpoint. To use the Amazon VPC , choose `Private` . To use the endpoint with an on-premises network, choose `CustomerOwnedIp` . If you choose `CustomerOwnedIp` , you must also provide the customer-owned IP address pool (CoIP pool).\n\n> `Private` is the default access type value.", - "title": "AccessType", - "type": "string" - }, - "CustomerOwnedIpv4Pool": { - "markdownDescription": "The ID of the customer-owned IPv4 address pool (CoIP pool) for the endpoint. IP addresses are allocated from this pool for the endpoint.", - "title": "CustomerOwnedIpv4Pool", - "type": "string" - }, - "FailedReason": { - "$ref": "#/definitions/AWS::S3Outposts::Endpoint.FailedReason", - "markdownDescription": "The failure reason, if any, for a create or delete endpoint operation.", - "title": "FailedReason" - }, - "OutpostId": { - "markdownDescription": "The ID of the Outpost.", - "title": "OutpostId", - "type": "string" - }, - "SecurityGroupId": { - "markdownDescription": "The ID of the security group used for the endpoint.", - "title": "SecurityGroupId", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet used for the endpoint.", - "title": "SubnetId", - "type": "string" - } + "InstanceStorageConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterInstanceStorageConfig" }, - "required": [ - "OutpostId", - "SecurityGroupId", - "SubnetId" - ], - "type": "object" + "markdownDescription": "The configurations of additional storage specified to the instance group where the instance (node) is launched.", + "title": "InstanceStorageConfigs", + "type": "array" }, - "Type": { - "enum": [ - "AWS::S3Outposts::Endpoint" - ], + "InstanceType": { + "markdownDescription": "The instance type of the instance group of a SageMaker HyperPod cluster.", + "title": "InstanceType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "LifeCycleConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterLifeCycleConfig", + "markdownDescription": "The lifecycle configuration for a SageMaker HyperPod cluster.", + "title": "LifeCycleConfig" + }, + "OnStartDeepHealthChecks": { + "items": { + "type": "string" + }, + "markdownDescription": "A flag indicating whether deep health checks should be performed when the HyperPod cluster instance group is created or updated. Deep health checks are comprehensive, invasive tests that validate the health of the underlying hardware and infrastructure components.", + "title": "OnStartDeepHealthChecks", + "type": "array" + }, + "OverrideVpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.VpcConfig", + "markdownDescription": "The customized Amazon VPC configuration at the instance group level that overrides the default Amazon VPC configuration of the SageMaker HyperPod cluster.", + "title": "OverrideVpcConfig" + }, + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core you specified under `CreateCluster` .", + "title": "ThreadsPerCore", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ExecutionRole", + "InstanceCount", + "InstanceGroupName", + "InstanceType", + "LifeCycleConfig" ], "type": "object" }, - "AWS::S3Outposts::Endpoint.FailedReason": { + "AWS::SageMaker::Cluster.ClusterInstanceStorageConfig": { "additionalProperties": false, "properties": { - "ErrorCode": { - "markdownDescription": "The failure code, if any, for a create or delete endpoint operation.", - "title": "ErrorCode", + "EbsVolumeConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterEbsVolumeConfig", + "markdownDescription": "Defines the configuration for attaching additional Amazon Elastic Block Store (EBS) volumes to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to `/opt/sagemaker` .", + "title": "EbsVolumeConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::Cluster.ClusterLifeCycleConfig": { + "additionalProperties": false, + "properties": { + "OnCreate": { + "markdownDescription": "The file name of the entrypoint script of lifecycle scripts under `SourceS3Uri` . This entrypoint script runs during cluster creation.", + "title": "OnCreate", "type": "string" }, - "Message": { - "markdownDescription": "Additional error details describing the endpoint failure and recommended action.", - "title": "Message", + "SourceS3Uri": { + "markdownDescription": "An Amazon S3 bucket path where your lifecycle scripts are stored.\n\n> Make sure that the S3 bucket path starts with `s3://sagemaker-` . The [IAM role for SageMaker HyperPod](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-hyperpod-prerequisites.html#sagemaker-hyperpod-prerequisites-iam-role-for-hyperpod) has the managed [`AmazonSageMakerClusterInstanceRolePolicy`](https://docs.aws.amazon.com/sagemaker/latest/dg/security-iam-awsmanpol-cluster.html) attached, which allows access to S3 buckets with the specific prefix `sagemaker-` .", + "title": "SourceS3Uri", "type": "string" } }, + "required": [ + "OnCreate", + "SourceS3Uri" + ], "type": "object" }, - "AWS::S3Outposts::Endpoint.NetworkInterface": { + "AWS::SageMaker::Cluster.ClusterOrchestratorEksConfig": { "additionalProperties": false, "properties": { - "NetworkInterfaceId": { - "markdownDescription": "The ID for the network interface.", - "title": "NetworkInterfaceId", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SageMaker HyperPod cluster.", + "title": "ClusterArn", "type": "string" } }, "required": [ - "NetworkInterfaceId" + "ClusterArn" ], "type": "object" }, - "AWS::SDB::Domain": { + "AWS::SageMaker::Cluster.Orchestrator": { + "additionalProperties": false, + "properties": { + "Eks": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterOrchestratorEksConfig", + "markdownDescription": "The configuration of the Amazon EKS orchestrator cluster for the SageMaker HyperPod cluster.", + "title": "Eks" + } + }, + "required": [ + "Eks" + ], + "type": "object" + }, + "AWS::SageMaker::Cluster.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::CodeRepository": { "additionalProperties": false, "properties": { "Condition": { @@ -238655,17 +290986,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Information about the SimpleDB domain.", - "title": "Description", + "CodeRepositoryName": { + "markdownDescription": "The name of the Git repository.", + "title": "CodeRepositoryName", "type": "string" + }, + "GitConfig": { + "$ref": "#/definitions/AWS::SageMaker::CodeRepository.GitConfig", + "markdownDescription": "Configuration details for the Git repository, including the URL where it is located and the ARN of the AWS Secrets Manager secret that contains the credentials used to access the repository.", + "title": "GitConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "List of tags for Code Repository.", + "title": "Tags", + "type": "array" } }, + "required": [ + "GitConfig" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SDB::Domain" + "AWS::SageMaker::CodeRepository" ], "type": "string" }, @@ -238679,11 +291026,36 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SES::ConfigurationSet": { + "AWS::SageMaker::CodeRepository.GitConfig": { + "additionalProperties": false, + "properties": { + "Branch": { + "markdownDescription": "The default branch for the Git repository.", + "title": "Branch", + "type": "string" + }, + "RepositoryUrl": { + "markdownDescription": "The URL where the Git repository is located.", + "title": "RepositoryUrl", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the credentials used to access the git repository. The secret must have a staging label of `AWSCURRENT` and must be in the following format:\n\n`{\"username\": *UserName* , \"password\": *Password* }`", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -238718,47 +291090,77 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliveryOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.DeliveryOptions", - "markdownDescription": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS).", - "title": "DeliveryOptions" + "DataQualityAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification", + "markdownDescription": "Specifies the container that runs the monitoring job.", + "title": "DataQualityAppSpecification" }, - "Name": { - "markdownDescription": "The name of the configuration set. The name must meet the following requirements:\n\n- Contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", - "title": "Name", + "DataQualityBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig", + "markdownDescription": "Configures the constraints and baselines for the monitoring job.", + "title": "DataQualityBaselineConfig" + }, + "DataQualityJobInput": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput", + "markdownDescription": "A list of inputs for the monitoring job. Currently endpoints are supported as monitoring inputs.", + "title": "DataQualityJobInput" + }, + "DataQualityJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "DataQualityJobOutputConfig" + }, + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", "type": "string" }, - "ReputationOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.ReputationOptions", - "markdownDescription": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", - "title": "ReputationOptions" + "JobDefinitionName": { + "markdownDescription": "The name for the monitoring job definition.", + "title": "JobDefinitionName", + "type": "string" }, - "SendingOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.SendingOptions", - "markdownDescription": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", - "title": "SendingOptions" + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" }, - "SuppressionOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.SuppressionOptions", - "markdownDescription": "An object that contains information about the suppression list preferences for your account.", - "title": "SuppressionOptions" + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.NetworkConfig", + "markdownDescription": "Specifies networking configuration for the monitoring job.", + "title": "NetworkConfig" }, - "TrackingOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.TrackingOptions", - "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", - "title": "TrackingOptions" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", + "type": "string" }, - "VdmOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.VdmOptions", - "markdownDescription": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set.", - "title": "VdmOptions" + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, + "required": [ + "DataQualityAppSpecification", + "DataQualityJobInput", + "DataQualityJobOutputConfig", + "JobResources", + "RoleArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::ConfigurationSet" + "AWS::SageMaker::DataQualityJobDefinition" ], "type": "string" }, @@ -238772,307 +291174,408 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SES::ConfigurationSet.DashboardOptions": { + "AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { - "EngagementMetrics": { - "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for the configuration set.", - "title": "EngagementMetrics", + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", + "type": "string" + }, + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" + }, + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" } }, "required": [ - "EngagementMetrics" + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" ], "type": "object" }, - "AWS::SES::ConfigurationSet.DeliveryOptions": { + "AWS::SageMaker::DataQualityJobDefinition.ClusterConfig": { "additionalProperties": false, "properties": { - "SendingPoolName": { - "markdownDescription": "The name of the dedicated IP pool to associate with the configuration set.", - "title": "SendingPoolName", - "type": "string" + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" }, - "TlsPolicy": { - "markdownDescription": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is `REQUIRE` , messages are only delivered if a TLS connection can be established. If the value is `OPTIONAL` , messages can be delivered in plain text if a TLS connection can't be established.\n\nValid Values: `REQUIRE | OPTIONAL`", - "title": "TlsPolicy", + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", "type": "string" - } - }, - "type": "object" - }, - "AWS::SES::ConfigurationSet.GuardianOptions": { - "additionalProperties": false, - "properties": { - "OptimizedSharedDelivery": { - "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for the configuration set.", - "title": "OptimizedSharedDelivery", + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" } }, "required": [ - "OptimizedSharedDelivery" + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" ], "type": "object" }, - "AWS::SES::ConfigurationSet.ReputationOptions": { + "AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource": { "additionalProperties": false, "properties": { - "ReputationMetricsEnabled": { - "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", - "title": "ReputationMetricsEnabled", - "type": "boolean" + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.SendingOptions": { + "AWS::SageMaker::DataQualityJobDefinition.Csv": { "additionalProperties": false, "properties": { - "SendingEnabled": { - "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", - "title": "SendingEnabled", + "Header": { + "markdownDescription": "", + "title": "Header", "type": "boolean" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.SuppressionOptions": { + "AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification": { "additionalProperties": false, "properties": { - "SuppressedReasons": { + "ContainerArguments": { "items": { "type": "string" }, - "markdownDescription": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce.", - "title": "SuppressedReasons", + "markdownDescription": "The arguments to send to the container that the monitoring job runs.", + "title": "ContainerArguments", + "type": "array" + }, + "ContainerEntrypoint": { + "items": { + "type": "string" + }, + "markdownDescription": "The entrypoint for a container used to run a monitoring job.", + "title": "ContainerEntrypoint", "type": "array" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "ImageUri": { + "markdownDescription": "The container image that the data quality monitoring job runs.", + "title": "ImageUri", + "type": "string" + }, + "PostAnalyticsProcessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", + "title": "PostAnalyticsProcessorSourceUri", + "type": "string" + }, + "RecordPreprocessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", + "title": "RecordPreprocessorSourceUri", + "type": "string" } }, + "required": [ + "ImageUri" + ], "type": "object" }, - "AWS::SES::ConfigurationSet.TrackingOptions": { + "AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig": { "additionalProperties": false, "properties": { - "CustomRedirectDomain": { - "markdownDescription": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", - "title": "CustomRedirectDomain", + "BaseliningJobName": { + "markdownDescription": "The name of the job that performs baselining for the data quality monitoring job.", + "title": "BaseliningJobName", "type": "string" + }, + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a monitoring job.", + "title": "ConstraintsResource" + }, + "StatisticsResource": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StatisticsResource", + "markdownDescription": "Configuration for monitoring constraints and monitoring statistics. These baseline resources are compared against the results of the current job from the series of jobs scheduled to collect data periodically.", + "title": "StatisticsResource" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.VdmOptions": { + "AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput": { "additionalProperties": false, "properties": { - "DashboardOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.DashboardOptions", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", - "title": "DashboardOptions" + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" }, - "GuardianOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.GuardianOptions", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", - "title": "GuardianOptions" + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" } }, "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination": { + "AWS::SageMaker::DataQualityJobDefinition.DatasetFormat": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Json": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Json", + "markdownDescription": "", + "title": "Json" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.EndpointInput": { + "additionalProperties": false, + "properties": { + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", + "type": "string" }, - "Metadata": { - "type": "object" + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationSetName": { - "markdownDescription": "The name of the configuration set that contains the event destination.", - "title": "ConfigurationSetName", - "type": "string" - }, - "EventDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventDestination", - "markdownDescription": "An object that defines the event destination.", - "title": "EventDestination" - } - }, - "required": [ - "ConfigurationSetName", - "EventDestination" - ], - "type": "object" + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SES::ConfigurationSetEventDestination" - ], + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "EndpointName", + "LocalPath" ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination": { + "AWS::SageMaker::DataQualityJobDefinition.Json": { "additionalProperties": false, "properties": { - "DimensionConfigurations": { + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput": { + "additionalProperties": false, + "properties": { + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" + } + }, + "required": [ + "S3Output" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "MonitoringOutputs": { "items": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration" + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput" }, - "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", - "title": "DimensionConfigurations", + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", "type": "array" } }, + "required": [ + "MonitoringOutputs" + ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration": { + "AWS::SageMaker::DataQualityJobDefinition.MonitoringResources": { "additionalProperties": false, "properties": { - "DefaultDimensionValue": { - "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- Can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-), at signs (@), and periods (.).\n- It can contain no more than 256 characters.", - "title": "DefaultDimensionValue", - "type": "string" - }, - "DimensionName": { - "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DimensionName", - "type": "string" - }, - "DimensionValueSource": { - "markdownDescription": "The location where the Amazon SES API v2 finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` or `SendRawEmail` API, choose `messageTag` . To use your own email headers, choose `emailHeader` . To use link tags, choose `linkTag` .", - "title": "DimensionValueSource", - "type": "string" + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" } }, "required": [ - "DefaultDimensionValue", - "DimensionName", - "DimensionValueSource" + "ClusterConfig" ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.EventDestination": { + "AWS::SageMaker::DataQualityJobDefinition.NetworkConfig": { "additionalProperties": false, "properties": { - "CloudWatchDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination", - "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", - "title": "CloudWatchDestination" - }, - "Enabled": { - "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", - "title": "Enabled", + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", "type": "boolean" }, - "KinesisFirehoseDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination", - "markdownDescription": "An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination.", - "title": "KinesisFirehoseDestination" + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" }, - "MatchingEventTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of events that Amazon SES sends to the specified event destinations.\n\n- `SEND` - The send request was successful and SES will attempt to deliver the message to the recipient\u2019s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)\n- `REJECT` - SES accepted the email, but determined that it contained a virus and didn\u2019t attempt to deliver it to the recipient\u2019s mail server.\n- `BOUNCE` - ( *Hard bounce* ) The recipient's mail server permanently rejected the email. ( *Soft bounces* are only included when SES fails to deliver the email after retrying for a period of time.)\n- `COMPLAINT` - The email was successfully delivered to the recipient\u2019s mail server, but the recipient marked it as spam.\n- `DELIVERY` - SES successfully delivered the email to the recipient's mail server.\n- `OPEN` - The recipient received the message and opened it in their email client.\n- `CLICK` - The recipient clicked one or more links in the email.\n- `RENDERING_FAILURE` - The email wasn't sent because of a template rendering issue. This event type can occur when template data is missing, or when there is a mismatch between template parameters and data. (This event type only occurs when you send email using the [`SendEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html) or [`SendBulkEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendBulkEmail.html) API operations.)\n- `DELIVERY_DELAY` - The email couldn't be delivered to the recipient\u2019s mail server because a temporary issue occurred. Delivery delays can occur, for example, when the recipient's inbox is full, or when the receiving email server experiences a transient issue.\n- `SUBSCRIPTION` - The email was successfully delivered, but the recipient updated their subscription preferences by clicking on an *unsubscribe* link as part of your [subscription management](https://docs.aws.amazon.com/ses/latest/dg/sending-email-subscription-management.html) .", - "title": "MatchingEventTypes", - "type": "array" + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.S3Output": { + "additionalProperties": false, + "properties": { + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the event destination. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", - "title": "Name", + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", "type": "string" }, - "SnsDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.SnsDestination", - "markdownDescription": "An object that contains the topic ARN associated with an Amazon Simple Notification Service (Amazon SNS) event destination.", - "title": "SnsDestination" + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", + "type": "string" } }, "required": [ - "MatchingEventTypes" + "LocalPath", + "S3Uri" ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "AWS::SageMaker::DataQualityJobDefinition.StatisticsResource": { "additionalProperties": false, "properties": { - "DeliveryStreamARN": { - "markdownDescription": "The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to.", - "title": "DeliveryStreamARN", - "type": "string" - }, - "IAMRoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the Amazon SES API v2 uses to send email events to the Amazon Kinesis Data Firehose stream.", - "title": "IAMRoleARN", + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the statistics resource.", + "title": "S3Uri", "type": "string" } }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.StoppingCondition": { + "additionalProperties": false, + "properties": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" + } + }, "required": [ - "DeliveryStreamARN", - "IAMRoleARN" + "MaxRuntimeInSeconds" ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.SnsDestination": { + "AWS::SageMaker::DataQualityJobDefinition.VpcConfig": { "additionalProperties": false, "properties": { - "TopicARN": { - "markdownDescription": "The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicARN", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" } }, "required": [ - "TopicARN" + "SecurityGroupIds", + "Subnets" ], "type": "object" }, - "AWS::SES::ContactList": { + "AWS::SageMaker::Device": { "additionalProperties": false, "properties": { "Condition": { @@ -239107,38 +291610,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactListName": { - "markdownDescription": "The name of the contact list.", - "title": "ContactListName", - "type": "string" + "Device": { + "$ref": "#/definitions/AWS::SageMaker::Device.Device", + "markdownDescription": "Edge device you want to create.", + "title": "Device" }, - "Description": { - "markdownDescription": "A description of what the contact list is about.", - "title": "Description", + "DeviceFleetName": { + "markdownDescription": "The name of the fleet the device belongs to.", + "title": "DeviceFleetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with a contact list.", + "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your devices. Each tag consists of a key and a value, both of which you define.", "title": "Tags", "type": "array" - }, - "Topics": { - "items": { - "$ref": "#/definitions/AWS::SES::ContactList.Topic" - }, - "markdownDescription": "An interest group, theme, or label within a list. A contact list can have multiple topics.", - "title": "Topics", - "type": "array" } }, + "required": [ + "DeviceFleetName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::ContactList" + "AWS::SageMaker::Device" ], "type": "string" }, @@ -239152,42 +291650,36 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SES::ContactList.Topic": { + "AWS::SageMaker::Device.Device": { "additionalProperties": false, "properties": { - "DefaultSubscriptionStatus": { - "markdownDescription": "The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic.", - "title": "DefaultSubscriptionStatus", - "type": "string" - }, "Description": { - "markdownDescription": "A description of what the topic is about, which the contact will see.", + "markdownDescription": "Description of the device.", "title": "Description", "type": "string" }, - "DisplayName": { - "markdownDescription": "The name of the topic the contact will see.", - "title": "DisplayName", + "DeviceName": { + "markdownDescription": "The name of the device.", + "title": "DeviceName", "type": "string" }, - "TopicName": { - "markdownDescription": "The name of the topic.", - "title": "TopicName", + "IotThingName": { + "markdownDescription": "AWS Internet of Things (IoT) object name.", + "title": "IotThingName", "type": "string" } }, "required": [ - "DefaultSubscriptionStatus", - "DisplayName", - "TopicName" + "DeviceName" ], "type": "object" }, - "AWS::SES::DedicatedIpPool": { + "AWS::SageMaker::DeviceFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -239222,22 +291714,45 @@ "Properties": { "additionalProperties": false, "properties": { - "PoolName": { - "markdownDescription": "The name of the dedicated IP pool that the IP address is associated with.", - "title": "PoolName", + "Description": { + "markdownDescription": "A description of the fleet.", + "title": "Description", "type": "string" }, - "ScalingMode": { - "markdownDescription": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", - "title": "ScalingMode", + "DeviceFleetName": { + "markdownDescription": "Name of the device fleet.", + "title": "DeviceFleetName", + "type": "string" + }, + "OutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::DeviceFleet.EdgeOutputConfig", + "markdownDescription": "The output configuration for storing sample data collected by the fleet.", + "title": "OutputConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT).", + "title": "RoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your device fleets. Each tag consists of a key and a value, both of which you define.", + "title": "Tags", + "type": "array" } }, + "required": [ + "DeviceFleetName", + "OutputConfig", + "RoleArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::DedicatedIpPool" + "AWS::SageMaker::DeviceFleet" ], "type": "string" }, @@ -239251,11 +291766,31 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SES::EmailIdentity": { + "AWS::SageMaker::DeviceFleet.EdgeOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume after compilation job. If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account.", + "title": "KmsKeyId", + "type": "string" + }, + "S3OutputLocation": { + "markdownDescription": "The Amazon Simple Storage (S3) bucket URI.", + "title": "S3OutputLocation", + "type": "string" + } + }, + "required": [ + "S3OutputLocation" + ], + "type": "object" + }, + "AWS::SageMaker::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -239290,45 +291825,83 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigurationSetAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.ConfigurationSetAttributes", - "markdownDescription": "Used to associate a configuration set with an email identity.", - "title": "ConfigurationSetAttributes" + "AppNetworkAccessType": { + "markdownDescription": "Specifies the VPC used for non-EFS traffic. The default value is `PublicInternetOnly` .\n\n- `PublicInternetOnly` - Non-EFS traffic is through a VPC managed by Amazon SageMaker AI , which allows direct internet access\n- `VpcOnly` - All Studio traffic is through the specified VPC and subnets\n\n*Valid Values* : `PublicInternetOnly | VpcOnly`", + "title": "AppNetworkAccessType", + "type": "string" }, - "DkimAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimAttributes", - "markdownDescription": "An object that contains information about the DKIM attributes for the identity.", - "title": "DkimAttributes" + "AppSecurityGroupManagement": { + "markdownDescription": "The entity that creates and manages the required security groups for inter-app communication in `VpcOnly` mode. Required when `CreateDomain.AppNetworkAccessType` is `VpcOnly` and `DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn` is provided. If setting up the domain for use with RStudio, this value must be set to `Service` .\n\n*Allowed Values* : `Service` | `Customer`", + "title": "AppSecurityGroupManagement", + "type": "string" }, - "DkimSigningAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimSigningAttributes", - "markdownDescription": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", - "title": "DkimSigningAttributes" + "AuthMode": { + "markdownDescription": "The mode of authentication that members use to access the Domain.\n\n*Valid Values* : `SSO | IAM`", + "title": "AuthMode", + "type": "string" }, - "EmailIdentity": { - "markdownDescription": "The email address or domain to verify.", - "title": "EmailIdentity", + "DefaultSpaceSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceSettings", + "markdownDescription": "The default settings for shared spaces that users create in the domain.\n\nSageMaker applies these settings only to shared spaces. It doesn't apply them to private spaces.", + "title": "DefaultSpaceSettings" + }, + "DefaultUserSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.UserSettings", + "markdownDescription": "The default user settings.", + "title": "DefaultUserSettings" + }, + "DomainName": { + "markdownDescription": "The domain name.", + "title": "DomainName", "type": "string" }, - "FeedbackAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.FeedbackAttributes", - "markdownDescription": "Used to enable or disable feedback forwarding for an identity.", - "title": "FeedbackAttributes" + "DomainSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DomainSettings", + "markdownDescription": "A collection of settings that apply to the `SageMaker Domain` . These settings are specified through the `CreateDomain` API call.", + "title": "DomainSettings" }, - "MailFromAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.MailFromAttributes", - "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", - "title": "MailFromAttributes" + "KmsKeyId": { + "markdownDescription": "SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default. For more control, specify a customer managed CMK.\n\n*Length Constraints* : Maximum length of 2048.\n\n*Pattern* : `.*`", + "title": "KmsKeyId", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC subnets that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Array members* : Minimum number of 1 item. Maximum number of 16 items.\n\n*Pattern* : `[-0-9a-zA-Z]+`", + "title": "SubnetIds", + "type": "array" + }, + "TagPropagation": { + "markdownDescription": "", + "title": "TagPropagation", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to associated with the Domain. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.\n\nTags that you specify for the Domain are also added to all apps that are launched in the Domain.\n\n*Array members* : Minimum number of 0 items. Maximum number of 50 items.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Pattern* : `[-0-9a-zA-Z]+`", + "title": "VpcId", + "type": "string" } }, "required": [ - "EmailIdentity" + "AuthMode", + "DefaultUserSettings", + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::EmailIdentity" + "AWS::SageMaker::Domain" ], "type": "string" }, @@ -239347,77 +291920,754 @@ ], "type": "object" }, - "AWS::SES::EmailIdentity.ConfigurationSetAttributes": { + "AWS::SageMaker::Domain.AppLifecycleManagement": { "additionalProperties": false, "properties": { - "ConfigurationSetName": { - "markdownDescription": "The configuration set to associate with an email identity.", - "title": "ConfigurationSetName", + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.IdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.CodeEditorAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Domain.AppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", "type": "string" + }, + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", + "title": "LifecycleConfigArns", + "type": "array" } }, "type": "object" }, - "AWS::SES::EmailIdentity.DkimAttributes": { + "AWS::SageMaker::Domain.CodeRepository": { "additionalProperties": false, "properties": { - "SigningEnabled": { - "markdownDescription": "Sets the DKIM signing configuration for the identity.\n\nWhen you set this value `true` , then the messages that are sent from the identity are signed using DKIM. If you set this value to `false` , your messages are sent without DKIM signing.", - "title": "SigningEnabled", - "type": "boolean" + "RepositoryUrl": { + "markdownDescription": "The URL of the Git repository.", + "title": "RepositoryUrl", + "type": "string" } }, + "required": [ + "RepositoryUrl" + ], "type": "object" }, - "AWS::SES::EmailIdentity.DkimSigningAttributes": { + "AWS::SageMaker::Domain.CustomFileSystemConfig": { "additionalProperties": false, "properties": { - "DomainSigningPrivateKey": { - "markdownDescription": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature.\n\nThe private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.\n\n> Rather than embedding sensitive information directly in your CFN templates, we recommend you use dynamic parameters in the stack template to reference sensitive information that is stored and managed outside of CFN, such as in the AWS Systems Manager Parameter Store or AWS Secrets Manager.\n> \n> For more information, see the [Do not embed credentials in your templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) best practice.", - "title": "DomainSigningPrivateKey", + "EFSFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.EFSFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon EFS file system.", + "title": "EFSFileSystemConfig" + }, + "FSxLustreFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.FSxLustreFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon FSx for Lustre file system.", + "title": "FSxLustreFileSystemConfig" + }, + "S3FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.S3FileSystemConfig", + "markdownDescription": "Configuration settings for a custom Amazon S3 file system.", + "title": "S3FileSystemConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.CustomImage": { + "additionalProperties": false, + "properties": { + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig.", + "title": "AppImageConfigName", "type": "string" }, - "DomainSigningSelector": { - "markdownDescription": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain.", - "title": "DomainSigningSelector", + "ImageName": { + "markdownDescription": "The name of the CustomImage. Must be unique to your account.", + "title": "ImageName", "type": "string" }, - "NextSigningKeyLength": { - "markdownDescription": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.\n\nValid Values: `RSA_1024_BIT | RSA_2048_BIT`", - "title": "NextSigningKeyLength", + "ImageVersionNumber": { + "markdownDescription": "The version number of the CustomImage.", + "title": "ImageVersionNumber", + "type": "number" + } + }, + "required": [ + "AppImageConfigName", + "ImageName" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.CustomPosixUserConfig": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The POSIX group ID.", + "title": "Gid", + "type": "number" + }, + "Uid": { + "markdownDescription": "The POSIX user ID.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.DefaultEbsStorageSettings": { + "additionalProperties": false, + "properties": { + "DefaultEbsVolumeSizeInGb": { + "markdownDescription": "The default size of the EBS storage volume for a space.", + "title": "DefaultEbsVolumeSizeInGb", + "type": "number" + }, + "MaximumEbsVolumeSizeInGb": { + "markdownDescription": "The maximum size of the EBS storage volume for a space.", + "title": "MaximumEbsVolumeSizeInGb", + "type": "number" + } + }, + "required": [ + "DefaultEbsVolumeSizeInGb", + "MaximumEbsVolumeSizeInGb" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.DefaultSpaceSettings": { + "additionalProperties": false, + "properties": { + "CustomFileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" + }, + "markdownDescription": "The settings for assigning a custom file system to a domain. Permitted users can access this file system in Amazon SageMaker AI Studio.", + "title": "CustomFileSystemConfigs", + "type": "array" + }, + "CustomPosixUserConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", + "markdownDescription": "", + "title": "CustomPosixUserConfig" + }, + "ExecutionRole": { + "markdownDescription": "The ARN of the execution role for the space.", + "title": "ExecutionRole", + "type": "string" + }, + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", + "markdownDescription": "", + "title": "JupyterLabAppSettings" + }, + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", + "markdownDescription": "The JupyterServer app settings.", + "title": "JupyterServerAppSettings" + }, + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", + "markdownDescription": "The KernelGateway app settings.", + "title": "KernelGatewayAppSettings" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group IDs for the Amazon VPC that the space uses for communication.", + "title": "SecurityGroups", + "type": "array" + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", + "markdownDescription": "", + "title": "SpaceStorageSettings" + } + }, + "required": [ + "ExecutionRole" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.DefaultSpaceStorageSettings": { + "additionalProperties": false, + "properties": { + "DefaultEbsStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultEbsStorageSettings", + "markdownDescription": "The default EBS storage settings for a space.", + "title": "DefaultEbsStorageSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.DockerSettings": { + "additionalProperties": false, + "properties": { + "EnableDockerAccess": { + "markdownDescription": "Indicates whether the domain can access Docker.", + "title": "EnableDockerAccess", "type": "string" + }, + "VpcOnlyTrustedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of AWS accounts that are trusted when the domain is created in VPC-only mode.", + "title": "VpcOnlyTrustedAccounts", + "type": "array" } }, "type": "object" }, - "AWS::SES::EmailIdentity.FeedbackAttributes": { + "AWS::SageMaker::Domain.DomainSettings": { "additionalProperties": false, "properties": { - "EmailForwardingEnabled": { - "markdownDescription": "Sets the feedback forwarding configuration for the identity.\n\nIf the value is `true` , you receive email notifications when bounce or complaint events occur. These notifications are sent to the address that you specified in the `Return-Path` header of the original email.\n\nYou're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications (for example, by setting up an event destination), you receive an email notification when these events occur (even if this setting is disabled).", - "title": "EmailForwardingEnabled", - "type": "boolean" + "DockerSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DockerSettings", + "markdownDescription": "A collection of settings that configure the domain's Docker interaction.", + "title": "DockerSettings" + }, + "ExecutionRoleIdentityConfig": { + "markdownDescription": "The configuration for attaching a SageMaker AI user profile name to the execution role as a [sts:SourceIdentity key](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) .", + "title": "ExecutionRoleIdentityConfig", + "type": "string" + }, + "RStudioServerProDomainSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProDomainSettings", + "markdownDescription": "A collection of settings that configure the `RStudioServerPro` Domain-level app.", + "title": "RStudioServerProDomainSettings" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the Amazon Virtual Private Cloud that the `Domain` uses for communication between Domain-level apps and user apps.", + "title": "SecurityGroupIds", + "type": "array" + }, + "UnifiedStudioSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.UnifiedStudioSettings", + "markdownDescription": "The settings that apply to an SageMaker AI domain when you use it in Amazon SageMaker Unified Studio.", + "title": "UnifiedStudioSettings" } }, "type": "object" }, - "AWS::SES::EmailIdentity.MailFromAttributes": { + "AWS::SageMaker::Domain.EFSFileSystemConfig": { "additionalProperties": false, "properties": { - "BehaviorOnMxFailure": { - "markdownDescription": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", - "title": "BehaviorOnMxFailure", + "FileSystemId": { + "markdownDescription": "The ID of your Amazon EFS file system.", + "title": "FileSystemId", "type": "string" }, - "MailFromDomain": { - "markdownDescription": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails.", - "title": "MailFromDomain", + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", "type": "string" } }, + "required": [ + "FileSystemId" + ], "type": "object" }, - "AWS::SES::ReceiptFilter": { + "AWS::SageMaker::Domain.FSxLustreFileSystemConfig": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The globally unique, 17-digit, ID of the file system, assigned by Amazon FSx for Lustre.", + "title": "FileSystemId", + "type": "string" + }, + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.HiddenSageMakerImage": { + "additionalProperties": false, + "properties": { + "SageMakerImageName": { + "markdownDescription": "The SageMaker image name that you are hiding from the Studio user interface.", + "title": "SageMakerImageName", + "type": "string" + }, + "VersionAliases": { + "items": { + "type": "string" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "VersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.IdleSettings": { + "additionalProperties": false, + "properties": { + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" + }, + "LifecycleManagement": { + "markdownDescription": "Indicates whether idle shutdown is activated for the application type.", + "title": "LifecycleManagement", + "type": "string" + }, + "MaxIdleTimeoutInMinutes": { + "markdownDescription": "The maximum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MaxIdleTimeoutInMinutes", + "type": "number" + }, + "MinIdleTimeoutInMinutes": { + "markdownDescription": "The minimum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MinIdleTimeoutInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.JupyterLabAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Domain.AppLifecycleManagement", + "markdownDescription": "Indicates whether idle shutdown is activated for JupyterLab applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" + }, + "CodeRepositories": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CodeRepository" + }, + "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", + "title": "CodeRepositories", + "type": "array" + }, + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.JupyterServerAppSettings": { + "additionalProperties": false, + "properties": { + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.KernelGatewayAppSettings": { + "additionalProperties": false, + "properties": { + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.RSessionAppSettings": { + "additionalProperties": false, + "properties": { + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a RSession app.", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "DefaultResourceSpec" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.RStudioServerProAppSettings": { + "additionalProperties": false, + "properties": { + "AccessStatus": { + "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", + "title": "AccessStatus", + "type": "string" + }, + "UserGroup": { + "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", + "title": "UserGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.RStudioServerProDomainSettings": { + "additionalProperties": false, + "properties": { + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "A collection that defines the default `InstanceType` , `SageMakerImageArn` , and `SageMakerImageVersionArn` for the Domain.", + "title": "DefaultResourceSpec" + }, + "DomainExecutionRoleArn": { + "markdownDescription": "The ARN of the execution role for the `RStudioServerPro` Domain-level app.", + "title": "DomainExecutionRoleArn", + "type": "string" + }, + "RStudioConnectUrl": { + "markdownDescription": "A URL pointing to an RStudio Connect server.", + "title": "RStudioConnectUrl", + "type": "string" + }, + "RStudioPackageManagerUrl": { + "markdownDescription": "A URL pointing to an RStudio Package Manager server.", + "title": "RStudioPackageManagerUrl", + "type": "string" + } + }, + "required": [ + "DomainExecutionRoleArn" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.ResourceSpec": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", + "type": "string" + }, + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" + }, + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.S3FileSystemConfig": { + "additionalProperties": false, + "properties": { + "MountPath": { + "markdownDescription": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "title": "MountPath", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "The Amazon S3 URI of the S3 file system configuration.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.SharingSettings": { + "additionalProperties": false, + "properties": { + "NotebookOutputOption": { + "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", + "title": "NotebookOutputOption", + "type": "string" + }, + "S3KmsKeyId": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", + "title": "S3KmsKeyId", + "type": "string" + }, + "S3OutputPath": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", + "title": "S3OutputPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.StudioWebPortalSettings": { + "additionalProperties": false, + "properties": { + "HiddenAppTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The [Applications supported in Studio](https://docs.aws.amazon.com/sagemaker/latest/dg/studio-updated-apps.html) that are hidden from the Studio left navigation pane.", + "title": "HiddenAppTypes", + "type": "array" + }, + "HiddenInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types you are hiding from the Studio user interface.", + "title": "HiddenInstanceTypes", + "type": "array" + }, + "HiddenMlTools": { + "items": { + "type": "string" + }, + "markdownDescription": "The machine learning tools that are hidden from the Studio left navigation pane.", + "title": "HiddenMlTools", + "type": "array" + }, + "HiddenSageMakerImageVersionAliases": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.HiddenSageMakerImage" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "HiddenSageMakerImageVersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.UnifiedStudioSettings": { + "additionalProperties": false, + "properties": { + "DomainAccountId": { + "markdownDescription": "The ID of the AWS account that has the Amazon SageMaker Unified Studio domain. The default value, if you don't specify an ID, is the ID of the account that has the Amazon SageMaker AI domain.", + "title": "DomainAccountId", + "type": "string" + }, + "DomainId": { + "markdownDescription": "The ID of the Amazon SageMaker Unified Studio domain associated with this domain.", + "title": "DomainId", + "type": "string" + }, + "DomainRegion": { + "markdownDescription": "The AWS Region where the domain is located in Amazon SageMaker Unified Studio. The default value, if you don't specify a Region, is the Region where the Amazon SageMaker AI domain is located.", + "title": "DomainRegion", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of the environment that Amazon SageMaker Unified Studio associates with the domain.", + "title": "EnvironmentId", + "type": "string" + }, + "ProjectId": { + "markdownDescription": "The ID of the Amazon SageMaker Unified Studio project that corresponds to the domain.", + "title": "ProjectId", + "type": "string" + }, + "ProjectS3Path": { + "markdownDescription": "The location where Amazon S3 stores temporary execution data and other artifacts for the project that corresponds to the domain.", + "title": "ProjectS3Path", + "type": "string" + }, + "SingleSignOnApplicationArn": { + "markdownDescription": "The ARN of the application managed by SageMaker AI and SageMaker Unified Studio in the AWS IAM Identity Center.", + "title": "SingleSignOnApplicationArn", + "type": "string" + }, + "StudioWebPortalAccess": { + "markdownDescription": "Sets whether you can access the domain in Amazon SageMaker Studio:\n\n- **ENABLED** - You can access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it in both studio interfaces.\n- **DISABLED** - You can't access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it only in that studio interface.\n\nTo migrate a domain to Amazon SageMaker Unified Studio, you specify the UnifiedStudioSettings data type when you use the UpdateDomain action.", + "title": "StudioWebPortalAccess", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.UserSettings": { + "additionalProperties": false, + "properties": { + "AutoMountHomeEFS": { + "markdownDescription": "Indicates whether auto-mounting of an EFS volume is supported for the user profile. The `DefaultAsDomain` value is only supported for user profiles. Do not use the `DefaultAsDomain` value when setting this parameter for a domain.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "AutoMountHomeEFS", + "type": "string" + }, + "CodeEditorAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CodeEditorAppSettings", + "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CodeEditorAppSettings" + }, + "CustomFileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" + }, + "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomFileSystemConfigs", + "type": "array" + }, + "CustomPosixUserConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", + "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomPosixUserConfig" + }, + "DefaultLandingUri": { + "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", + "title": "DefaultLandingUri", + "type": "string" + }, + "ExecutionRole": { + "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "ExecutionRole", + "type": "string" + }, + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", + "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "JupyterLabAppSettings" + }, + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", + "markdownDescription": "The Jupyter server's app settings.", + "title": "JupyterServerAppSettings" + }, + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", + "markdownDescription": "The kernel gateway app settings.", + "title": "KernelGatewayAppSettings" + }, + "RSessionAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.RSessionAppSettings", + "markdownDescription": "A collection of settings that configure the `RSessionGateway` app.", + "title": "RSessionAppSettings" + }, + "RStudioServerProAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProAppSettings", + "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", + "title": "RStudioServerProAppSettings" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SecurityGroups", + "type": "array" + }, + "SharingSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.SharingSettings", + "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", + "title": "SharingSettings" + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", + "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SpaceStorageSettings" + }, + "StudioWebPortal": { + "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", + "title": "StudioWebPortal", + "type": "string" + }, + "StudioWebPortalSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.StudioWebPortalSettings", + "markdownDescription": "Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level.", + "title": "StudioWebPortalSettings" + } + }, + "required": [ + "ExecutionRole" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -239452,20 +292702,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Filter": { - "$ref": "#/definitions/AWS::SES::ReceiptFilter.Filter", - "markdownDescription": "A data structure that describes the IP address filter to create, which consists of a name, an IP address range, and whether to allow or block mail from it.", - "title": "Filter" + "DeploymentConfig": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.DeploymentConfig", + "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", + "title": "DeploymentConfig" + }, + "EndpointConfigName": { + "markdownDescription": "The name of the [AWS::SageMaker::EndpointConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html) resource that specifies the configuration for the endpoint. For more information, see [CreateEndpointConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html) .", + "title": "EndpointConfigName", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "The name of the endpoint. The name must be unique within an AWS Region in your AWS account. The name is case-insensitive in `CreateEndpoint` , but the case is preserved and must be matched in [](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html) .", + "title": "EndpointName", + "type": "string" + }, + "ExcludeRetainedVariantProperties": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.VariantProperty" + }, + "markdownDescription": "When you are updating endpoint resources with [RetainAllVariantProperties](https://docs.aws.amazon.com/sagemaker/latest/dg/API_UpdateEndpoint.html#SageMaker-UpdateEndpoint-request-RetainAllVariantProperties) whose value is set to `true` , `ExcludeRetainedVariantProperties` specifies the list of type [VariantProperty](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-endpoint-variantproperty.html) to override with the values provided by `EndpointConfig` . If you don't specify a value for `ExcludeAllVariantProperties` , no variant properties are overridden. Don't use this property when creating new endpoint resources or when `RetainAllVariantProperties` is set to `false` .", + "title": "ExcludeRetainedVariantProperties", + "type": "array" + }, + "RetainAllVariantProperties": { + "markdownDescription": "When updating endpoint resources, enables or disables the retention of variant properties, such as the instance count or the variant weight. To retain the variant properties of an endpoint when updating it, set `RetainAllVariantProperties` to `true` . To use the variant properties specified in a new `EndpointConfig` call when updating an endpoint, set `RetainAllVariantProperties` to `false` . Use this property only when updating endpoint resources, not when creating new endpoint resources.", + "title": "RetainAllVariantProperties", + "type": "boolean" + }, + "RetainDeploymentConfig": { + "markdownDescription": "Specifies whether to reuse the last deployment configuration. The default value is false (the configuration is not reused).", + "title": "RetainDeploymentConfig", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "Filter" + "EndpointConfigName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::ReceiptFilter" + "AWS::SageMaker::Endpoint" ], "type": "string" }, @@ -239479,51 +292765,178 @@ } }, "required": [ - "Type", - "Properties" + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.Alarm": { + "additionalProperties": false, + "properties": { + "AlarmName": { + "markdownDescription": "The name of a CloudWatch alarm in your account.", + "title": "AlarmName", + "type": "string" + } + }, + "required": [ + "AlarmName" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.AutoRollbackConfig": { + "additionalProperties": false, + "properties": { + "Alarms": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.Alarm" + }, + "markdownDescription": "List of CloudWatch alarms in your account that are configured to monitor metrics on an endpoint. If any alarms are tripped during a deployment, SageMaker rolls back the deployment.", + "title": "Alarms", + "type": "array" + } + }, + "required": [ + "Alarms" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy": { + "additionalProperties": false, + "properties": { + "MaximumExecutionTimeoutInSeconds": { + "markdownDescription": "Maximum execution timeout for the deployment. Note that the timeout value should be larger than the total waiting time specified in `TerminationWaitInSeconds` and `WaitIntervalInSeconds` .", + "title": "MaximumExecutionTimeoutInSeconds", + "type": "number" + }, + "TerminationWaitInSeconds": { + "markdownDescription": "Additional waiting time in seconds after the completion of an endpoint deployment before terminating the old endpoint fleet. Default is 0.", + "title": "TerminationWaitInSeconds", + "type": "number" + }, + "TrafficRoutingConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.TrafficRoutingConfig", + "markdownDescription": "Defines the traffic routing strategy to shift traffic from the old fleet to the new fleet during an endpoint deployment.", + "title": "TrafficRoutingConfiguration" + } + }, + "required": [ + "TrafficRoutingConfiguration" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.CapacitySize": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specifies the endpoint capacity type.\n\n- `INSTANCE_COUNT` : The endpoint activates based on the number of instances.\n- `CAPACITY_PERCENT` : The endpoint activates based on the specified percentage of capacity.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Defines the capacity size, either as a number of instances or a capacity percentage.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.DeploymentConfig": { + "additionalProperties": false, + "properties": { + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.AutoRollbackConfig", + "markdownDescription": "Automatic rollback configuration for handling endpoint deployment failures and recovery.", + "title": "AutoRollbackConfiguration" + }, + "BlueGreenUpdatePolicy": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy", + "markdownDescription": "Update policy for a blue/green deployment. If this update policy is specified, SageMaker creates a new fleet during the deployment while maintaining the old fleet. SageMaker flips traffic to the new fleet according to the specified traffic routing configuration. Only one update policy should be used in the deployment configuration. If no update policy is specified, SageMaker uses a blue/green deployment strategy with all at once traffic shifting by default.", + "title": "BlueGreenUpdatePolicy" + }, + "RollingUpdatePolicy": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.RollingUpdatePolicy", + "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker endpoint.", + "title": "RollingUpdatePolicy" + } + }, + "type": "object" + }, + "AWS::SageMaker::Endpoint.RollingUpdatePolicy": { + "additionalProperties": false, + "properties": { + "MaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for each rolling step to provision capacity and turn on traffic on the new endpoint fleet, and terminate capacity on the old endpoint fleet. Value must be between 5% to 50% of the variant's total instance count.", + "title": "MaximumBatchSize" + }, + "MaximumExecutionTimeoutInSeconds": { + "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", + "title": "MaximumExecutionTimeoutInSeconds", + "type": "number" + }, + "RollbackMaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for rollback to the old endpoint fleet. Each rolling step to provision capacity and turn on traffic on the old endpoint fleet, and terminate capacity on the new endpoint fleet. If this field is absent, the default value will be set to 100% of total capacity which means to bring up the whole capacity of the old fleet at once during rollback.", + "title": "RollbackMaximumBatchSize" + }, + "WaitIntervalInSeconds": { + "markdownDescription": "The length of the baking period, during which SageMaker monitors alarms for each batch on the new fleet.", + "title": "WaitIntervalInSeconds", + "type": "number" + } + }, + "required": [ + "MaximumBatchSize", + "WaitIntervalInSeconds" ], "type": "object" }, - "AWS::SES::ReceiptFilter.Filter": { + "AWS::SageMaker::Endpoint.TrafficRoutingConfig": { "additionalProperties": false, "properties": { - "IpFilter": { - "$ref": "#/definitions/AWS::SES::ReceiptFilter.IpFilter", - "markdownDescription": "A structure that provides the IP addresses to block or allow, and whether to block or allow incoming mail from them.", - "title": "IpFilter" + "CanarySize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for the first step to turn on traffic on the new endpoint fleet. `Value` must be less than or equal to 50% of the variant's total instance count.", + "title": "CanarySize" }, - "Name": { - "markdownDescription": "The name of the IP address filter. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", - "title": "Name", + "LinearStepSize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for each step to turn on traffic on the new endpoint fleet. `Value` must be 10-50% of the variant's total instance count.", + "title": "LinearStepSize" + }, + "Type": { + "markdownDescription": "Traffic routing strategy type.\n\n- `ALL_AT_ONCE` : Endpoint traffic shifts to the new fleet in a single step.\n- `CANARY` : Endpoint traffic shifts to the new fleet in two steps. The first step is the canary, which is a small portion of the traffic. The second step is the remainder of the traffic.\n- `LINEAR` : Endpoint traffic shifts to the new fleet in n steps of a configurable size.", + "title": "Type", "type": "string" + }, + "WaitIntervalInSeconds": { + "markdownDescription": "The waiting time (in seconds) between incremental steps to turn on traffic on the new endpoint fleet.", + "title": "WaitIntervalInSeconds", + "type": "number" } }, "required": [ - "IpFilter" + "Type" ], "type": "object" }, - "AWS::SES::ReceiptFilter.IpFilter": { + "AWS::SageMaker::Endpoint.VariantProperty": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "A single IP address or a range of IP addresses to block or allow, specified in Classless Inter-Domain Routing (CIDR) notation. An example of a single email address is 10.0.0.1. An example of a range of IP addresses is 10.0.0.1/24. For more information about CIDR notation, see [RFC 2317](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2317) .", - "title": "Cidr", - "type": "string" - }, - "Policy": { - "markdownDescription": "Indicates whether to block or allow incoming mail from the specified IP addresses.", - "title": "Policy", + "VariantPropertyType": { + "markdownDescription": "The type of variant property. The supported values are:\n\n- `DesiredInstanceCount` : Overrides the existing variant instance counts using the [InitialInstanceCount](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialInstanceCount) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DesiredWeight` : Overrides the existing variant weights using the [InitialVariantWeight](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialVariantWeight) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DataCaptureConfig` : (Not currently supported.)", + "title": "VariantPropertyType", "type": "string" } }, - "required": [ - "Cidr", - "Policy" - ], "type": "object" }, - "AWS::SES::ReceiptRule": { + "AWS::SageMaker::EndpointConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -239558,31 +292971,73 @@ "Properties": { "additionalProperties": false, "properties": { - "After": { - "markdownDescription": "The name of an existing rule after which the new rule is placed. If this parameter is null, the new rule is inserted at the beginning of the rule list.", - "title": "After", + "AsyncInferenceConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceConfig", + "markdownDescription": "Specifies configuration for how an endpoint performs asynchronous inference.", + "title": "AsyncInferenceConfig" + }, + "DataCaptureConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.DataCaptureConfig", + "markdownDescription": "Specifies how to capture endpoint data for model monitor. The data capture configuration applies to all production variants hosted at the endpoint.", + "title": "DataCaptureConfig" + }, + "EnableNetworkIsolation": { + "type": "boolean" + }, + "EndpointConfigName": { + "markdownDescription": "The name of the endpoint configuration.", + "title": "EndpointConfigName", "type": "string" }, - "Rule": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.Rule", - "markdownDescription": "A data structure that contains the specified rule's name, actions, recipients, domains, enabled status, scan status, and TLS policy.", - "title": "Rule" + "ExecutionRoleArn": { + "type": "string" }, - "RuleSetName": { - "markdownDescription": "The name of the rule set where the receipt rule is added.", - "title": "RuleSetName", + "ExplainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ExplainerConfig", + "markdownDescription": "A parameter to activate explainers.", + "title": "ExplainerConfig" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nThe KMS key policy must grant permission to the IAM role that you specify in your `CreateEndpoint` , `UpdateEndpoint` requests. For more information, refer to the AWS Key Management Service section [Using Key Policies in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/key-policies.html)\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `KmsKeyId` when using an instance type with local storage. If any of the models that you specify in the `ProductionVariants` parameter use nitro-based instances with local storage, do not specify a value for the `KmsKeyId` parameter. If you specify a value for `KmsKeyId` when using any nitro-based instances with local storage, the call to `CreateEndpointConfig` fails.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) .", + "title": "KmsKeyId", "type": "string" + }, + "ProductionVariants": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" + }, + "markdownDescription": "A list of `ProductionVariant` objects, one for each model that you want to host at this endpoint.", + "title": "ProductionVariants", + "type": "array" + }, + "ShadowProductionVariants": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" + }, + "markdownDescription": "Array of `ProductionVariant` objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on `ProductionVariants` . If you use this field, you can only specify one variant for `ProductionVariants` and one variant for `ShadowProductionVariants` .", + "title": "ShadowProductionVariants", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .", + "title": "Tags", + "type": "array" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.VpcConfig" } }, "required": [ - "Rule", - "RuleSetName" + "ProductionVariants" ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::ReceiptRule" + "AWS::SageMaker::EndpointConfig" ], "type": "string" }, @@ -239601,498 +293056,496 @@ ], "type": "object" }, - "AWS::SES::ReceiptRule.Action": { + "AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig": { "additionalProperties": false, "properties": { - "AddHeaderAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.AddHeaderAction", - "markdownDescription": "Adds a header to the received email.", - "title": "AddHeaderAction" - }, - "BounceAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.BounceAction", - "markdownDescription": "Rejects the received email by returning a bounce response to the sender and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).", - "title": "BounceAction" - }, - "LambdaAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.LambdaAction", - "markdownDescription": "Calls an AWS Lambda function, and optionally, publishes a notification to Amazon SNS.", - "title": "LambdaAction" - }, - "S3Action": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.S3Action", - "markdownDescription": "Saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon SNS.", - "title": "S3Action" - }, - "SNSAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.SNSAction", - "markdownDescription": "Publishes the email content within a notification to Amazon SNS.", - "title": "SNSAction" - }, - "StopAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.StopAction", - "markdownDescription": "Terminates the evaluation of the receipt rule set and optionally publishes a notification to Amazon SNS.", - "title": "StopAction" - }, - "WorkmailAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.WorkmailAction", - "markdownDescription": "Calls Amazon WorkMail and, optionally, publishes a notification to Amazon SNS.", - "title": "WorkmailAction" + "MaxConcurrentInvocationsPerInstance": { + "markdownDescription": "The maximum number of concurrent requests sent by the SageMaker client to the model container. If no value is provided, SageMaker will choose an optimal value for you.", + "title": "MaxConcurrentInvocationsPerInstance", + "type": "number" } }, "type": "object" }, - "AWS::SES::ReceiptRule.AddHeaderAction": { + "AWS::SageMaker::EndpointConfig.AsyncInferenceConfig": { "additionalProperties": false, "properties": { - "HeaderName": { - "markdownDescription": "The name of the header to add to the incoming message. The name must contain at least one character, and can contain up to 50 characters. It consists of alphanumeric ( `a\u2013z, A\u2013Z, 0\u20139` ) characters and dashes.", - "title": "HeaderName", - "type": "string" + "ClientConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig", + "markdownDescription": "Configures the behavior of the client used by SageMaker to interact with the model container during asynchronous inference.", + "title": "ClientConfig" }, - "HeaderValue": { - "markdownDescription": "The content to include in the header. This value can contain up to 2048 characters. It can't contain newline ( `\\n` ) or carriage return ( `\\r` ) characters.", - "title": "HeaderValue", - "type": "string" + "OutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig", + "markdownDescription": "Specifies the configuration for asynchronous inference invocation outputs.", + "title": "OutputConfig" } }, "required": [ - "HeaderName", - "HeaderValue" + "OutputConfig" ], "type": "object" }, - "AWS::SES::ReceiptRule.BounceAction": { + "AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Human-readable text to include in the bounce message.", - "title": "Message", - "type": "string" - }, - "Sender": { - "markdownDescription": "The email address of the sender of the bounced email. This is the address from which the bounce message is sent.", - "title": "Sender", - "type": "string" - }, - "SmtpReplyCode": { - "markdownDescription": "The SMTP reply code, as defined by [RFC 5321](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5321) .", - "title": "SmtpReplyCode", + "ErrorTopic": { + "markdownDescription": "Amazon SNS topic to post a notification to when an inference fails. If no topic is provided, no notification is sent on failure.", + "title": "ErrorTopic", "type": "string" }, - "StatusCode": { - "markdownDescription": "The SMTP enhanced status code, as defined by [RFC 3463](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3463) .", - "title": "StatusCode", - "type": "string" + "IncludeInferenceResponseIn": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon SNS topics where you want the inference response to be included.\n\n> The inference response is included only if the response size is less than or equal to 128 KB.", + "title": "IncludeInferenceResponseIn", + "type": "array" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the bounce action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + "SuccessTopic": { + "markdownDescription": "Amazon SNS topic to post a notification to when an inference completes successfully. If no topic is provided, no notification is sent on success.", + "title": "SuccessTopic", "type": "string" } }, - "required": [ - "Message", - "Sender", - "SmtpReplyCode" - ], "type": "object" }, - "AWS::SES::ReceiptRule.LambdaAction": { + "AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function. An example of an AWS Lambda function ARN is `arn:aws:lambda:us-west-2:account-id:function:MyFunction` . For more information about AWS Lambda, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html) .", - "title": "FunctionArn", + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the asynchronous inference output in Amazon S3.", + "title": "KmsKeyId", "type": "string" }, - "InvocationType": { - "markdownDescription": "The invocation type of the AWS Lambda function. An invocation type of `RequestResponse` means that the execution of the function immediately results in a response, and a value of `Event` means that the function is invoked asynchronously. The default value is `Event` . For information about AWS Lambda invocation types, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html) .\n\n> There is a 30-second timeout on `RequestResponse` invocations. You should use `Event` invocation in most cases. Use `RequestResponse` only to make a mail flow decision, such as whether to stop the receipt rule or the receipt rule set.", - "title": "InvocationType", + "NotificationConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig", + "markdownDescription": "Specifies the configuration for notifications of inference results for asynchronous inference.", + "title": "NotificationConfig" + }, + "S3FailurePath": { + "markdownDescription": "The Amazon S3 location to upload failure inference responses to.", + "title": "S3FailurePath", "type": "string" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the Lambda action is executed. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + "S3OutputPath": { + "markdownDescription": "The Amazon S3 location to upload inference responses to.", + "title": "S3OutputPath", "type": "string" } }, - "required": [ - "FunctionArn" - ], "type": "object" }, - "AWS::SES::ReceiptRule.Rule": { + "AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader": { "additionalProperties": false, "properties": { - "Actions": { + "CsvContentTypes": { "items": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.Action" + "type": "string" }, - "markdownDescription": "An ordered list of actions to perform on messages that match at least one of the recipient email addresses or domains specified in the receipt rule.", - "title": "Actions", + "markdownDescription": "A list of the CSV content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", + "title": "CsvContentTypes", "type": "array" }, - "Enabled": { - "markdownDescription": "If `true` , the receipt rule is active. The default value is `false` .", - "title": "Enabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the receipt rule. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), dashes (-), or periods (.).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", - "title": "Name", - "type": "string" - }, - "Recipients": { + "JsonContentTypes": { "items": { "type": "string" }, - "markdownDescription": "The recipient domains and email addresses that the receipt rule applies to. If this field is not specified, this rule matches all recipients on all verified domains.", - "title": "Recipients", + "markdownDescription": "A list of the JSON content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", + "title": "JsonContentTypes", "type": "array" - }, - "ScanEnabled": { - "markdownDescription": "If `true` , then messages that this receipt rule applies to are scanned for spam and viruses. The default value is `false` .", - "title": "ScanEnabled", - "type": "boolean" - }, - "TlsPolicy": { - "markdownDescription": "Specifies whether Amazon SES should require that incoming email is delivered over a connection encrypted with Transport Layer Security (TLS). If this parameter is set to `Require` , Amazon SES bounces emails that are not received over TLS. The default is `Optional` .\n\nValid Values: `Require | Optional`", - "title": "TlsPolicy", - "type": "string" } }, "type": "object" }, - "AWS::SES::ReceiptRule.S3Action": { + "AWS::SageMaker::EndpointConfig.CaptureOption": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket for incoming email.", - "title": "BucketName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the AWS managed key or a customer managed key that you created in AWS KMS as follows:\n\n- To use the AWS managed key, provide an ARN in the form of `arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses` . For example, if your AWS account ID is 123456789012 and you want to use the AWS managed key in the US West (Oregon) Region, the ARN of the AWS managed key would be `arn:aws:kms:us-west-2:123456789012:alias/aws/ses` . If you use the AWS managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.\n- To use a customer managed key that you created in AWS KMS, provide the ARN of the customer managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-permissions.html) .\n\nFor more information about key policies, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) . If you do not specify an AWS KMS key, Amazon SES does not encrypt your emails.\n\n> Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your AWS KMS keys for decryption. This encryption client is currently available with the [AWS SDK for Java](https://docs.aws.amazon.com/sdk-for-java/) and [AWS SDK for Ruby](https://docs.aws.amazon.com/sdk-for-ruby/) only. For more information about client-side encryption using AWS KMS managed keys, see the [Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html) .", - "title": "KmsKeyArn", - "type": "string" - }, - "ObjectKeyPrefix": { - "markdownDescription": "The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to store similar data under the same directory in a bucket.", - "title": "ObjectKeyPrefix", - "type": "string" - }, - "TopicArn": { - "markdownDescription": "The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + "CaptureMode": { + "markdownDescription": "Specifies whether the endpoint captures input data or output data.", + "title": "CaptureMode", "type": "string" } }, "required": [ - "BucketName" + "CaptureMode" ], "type": "object" }, - "AWS::SES::ReceiptRule.SNSAction": { + "AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig": { "additionalProperties": false, "properties": { - "Encoding": { - "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.", - "title": "Encoding", + "EnableExplanations": { + "markdownDescription": "A JMESPath boolean expression used to filter which records to explain. Explanations are activated by default. See [`EnableExplanations`](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-enable) for additional information.", + "title": "EnableExplanations", "type": "string" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.", - "title": "TopicArn", - "type": "string" + "InferenceConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig", + "markdownDescription": "The inference configuration parameter for the model container.", + "title": "InferenceConfig" + }, + "ShapConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapConfig", + "markdownDescription": "The configuration for SHAP analysis.", + "title": "ShapConfig" } }, + "required": [ + "ShapConfig" + ], "type": "object" }, - "AWS::SES::ReceiptRule.StopAction": { + "AWS::SageMaker::EndpointConfig.ClarifyFeatureType": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyHeader": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the StopAction. The only acceptable value is `RuleSet` .", - "title": "Scope", + "ContentTemplate": { + "markdownDescription": "A template string used to format a JSON record into an acceptable model container input. For example, a `ContentTemplate` string `'{\"myfeatures\":$features}'` will format a list of features `[1,2,3]` into the record string `'{\"myfeatures\":[1,2,3]}'` . Required only when the model container input is in JSON Lines format.", + "title": "ContentTemplate", "type": "string" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the stop action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + "FeatureHeaders": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" + }, + "markdownDescription": "The names of the features. If provided, these are included in the endpoint response payload to help readability of the `InvokeEndpoint` output. See the [Response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", + "title": "FeatureHeaders", + "type": "array" + }, + "FeatureTypes": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyFeatureType" + }, + "markdownDescription": "A list of data types of the features (optional). Applicable only to NLP explainability. If provided, `FeatureTypes` must have at least one `'text'` string (for example, `['text']` ). If `FeatureTypes` is not provided, the explainer infers the feature types based on the baseline data. The feature types are included in the endpoint response payload. For additional information see the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", + "title": "FeatureTypes", + "type": "array" + }, + "FeaturesAttribute": { + "markdownDescription": "Provides the JMESPath expression to extract the features from a model container input in JSON Lines format. For example, if `FeaturesAttribute` is the JMESPath expression `'myfeatures'` , it extracts a list of features `[1,2,3]` from request data `'{\"myfeatures\":[1,2,3]}'` .", + "title": "FeaturesAttribute", + "type": "string" + }, + "LabelAttribute": { + "markdownDescription": "A JMESPath expression used to locate the list of label headers in the model container output.\n\n*Example* : If the model container output of a batch request is `'{\"labels\":[\"cat\",\"dog\",\"fish\"],\"probability\":[0.6,0.3,0.1]}'` , then set `LabelAttribute` to `'labels'` to extract the list of label headers `[\"cat\",\"dog\",\"fish\"]`", + "title": "LabelAttribute", + "type": "string" + }, + "LabelHeaders": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" + }, + "markdownDescription": "For multiclass classification problems, the label headers are the names of the classes. Otherwise, the label header is the name of the predicted label. These are used to help readability for the output of the `InvokeEndpoint` API. See the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information. If there are no label headers in the model container output, provide them manually using this parameter.", + "title": "LabelHeaders", + "type": "array" + }, + "LabelIndex": { + "markdownDescription": "A zero-based index used to extract a label header or list of label headers from model container output in CSV format.\n\n*Example for a multiclass model:* If the model container output consists of label headers followed by probabilities: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `LabelIndex` to `0` to select the label headers `['cat','dog','fish']` .", + "title": "LabelIndex", + "type": "number" + }, + "MaxPayloadInMB": { + "markdownDescription": "The maximum payload size (MB) allowed of a request from the explainer to the model container. Defaults to `6` MB.", + "title": "MaxPayloadInMB", + "type": "number" + }, + "MaxRecordCount": { + "markdownDescription": "The maximum number of records in a request that the model container can process when querying the model container for the predictions of a [synthetic dataset](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-synthetic) . A record is a unit of input data that inference can be made on, for example, a single line in CSV data. If `MaxRecordCount` is `1` , the model container expects one record per request. A value of 2 or greater means that the model expects batch requests, which can reduce overhead and speed up the inferencing process. If this parameter is not provided, the explainer will tune the record count per request according to the model container's capacity at runtime.", + "title": "MaxRecordCount", + "type": "number" + }, + "ProbabilityAttribute": { + "markdownDescription": "A JMESPath expression used to extract the probability (or score) from the model container output if the model container is in JSON Lines format.\n\n*Example* : If the model container output of a single request is `'{\"predicted_label\":1,\"probability\":0.6}'` , then set `ProbabilityAttribute` to `'probability'` .", + "title": "ProbabilityAttribute", "type": "string" + }, + "ProbabilityIndex": { + "markdownDescription": "A zero-based index used to extract a probability value (score) or list from model container output in CSV format. If this value is not provided, the entire model container output will be treated as a probability value (score) or list.\n\n*Example for a single class model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'1,0.6'` , set `ProbabilityIndex` to `1` to select the probability value `0.6` .\n\n*Example for a multiclass model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `ProbabilityIndex` to `1` to select the probability values `[0.1,0.6,0.3]` .", + "title": "ProbabilityIndex", + "type": "number" } }, - "required": [ - "Scope" - ], "type": "object" }, - "AWS::SES::ReceiptRule.WorkmailAction": { + "AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig": { "additionalProperties": false, "properties": { - "OrganizationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon WorkMail organization. Amazon WorkMail ARNs use the following format:\n\n`arn:aws:workmail:::organization/`\n\nYou can find the ID of your organization by using the [ListOrganizations](https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListOrganizations.html) operation in Amazon WorkMail. Amazon WorkMail organization IDs begin with \" `m-` \", followed by a string of alphanumeric characters.\n\nFor information about Amazon WorkMail organizations, see the [Amazon WorkMail Administrator Guide](https://docs.aws.amazon.com/workmail/latest/adminguide/organizations_overview.html) .", - "title": "OrganizationArn", + "MimeType": { + "markdownDescription": "The MIME type of the baseline data. Choose from `'text/csv'` or `'application/jsonlines'` . Defaults to `'text/csv'` .", + "title": "MimeType", "type": "string" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the WorkMail action is called. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + "ShapBaseline": { + "markdownDescription": "The inline SHAP baseline data in string format. `ShapBaseline` can have one or multiple records to be used as the baseline dataset. The format of the SHAP baseline file should be the same format as the training dataset. For example, if the training dataset is in CSV format and each record contains four features, and all features are numerical, then the format of the baseline data should also share these characteristics. For natural language processing (NLP) of text columns, the baseline value should be the value used to replace the unit of text specified by the `Granularity` of the `TextConfig` parameter. The size limit for `ShapBasline` is 4 KB. Use the `ShapBaselineUri` parameter if you want to provide more than 4 KB of baseline data.", + "title": "ShapBaseline", + "type": "string" + }, + "ShapBaselineUri": { + "markdownDescription": "The uniform resource identifier (URI) of the S3 bucket where the SHAP baseline file is stored. The format of the SHAP baseline file should be the same format as the format of the training dataset. For example, if the training dataset is in CSV format, and each record in the training dataset has four features, and all features are numerical, then the baseline file should also have this same format. Each record should contain only the features. If you are using a virtual private cloud (VPC), the `ShapBaselineUri` should be accessible to the VPC. For more information about setting up endpoints with Amazon Virtual Private Cloud, see [Give SageMaker access to Resources in your Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", + "title": "ShapBaselineUri", "type": "string" } }, - "required": [ - "OrganizationArn" - ], "type": "object" }, - "AWS::SES::ReceiptRuleSet": { + "AWS::SageMaker::EndpointConfig.ClarifyShapConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NumberOfSamples": { + "markdownDescription": "The number of samples to be used for analysis by the Kernal SHAP algorithm.\n\n> The number of samples determines the size of the synthetic dataset, which has an impact on latency of explainability requests. For more information, see the *Synthetic data* of [Configure and create an endpoint](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html) .", + "title": "NumberOfSamples", + "type": "number" }, - "Metadata": { - "type": "object" + "Seed": { + "markdownDescription": "The starting value used to initialize the random number generator in the explainer. Provide a value for this parameter to obtain a deterministic SHAP result.", + "title": "Seed", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "RuleSetName": { - "markdownDescription": "The name of the receipt rule set to make active. Setting this value to null disables all email receiving.", - "title": "RuleSetName", - "type": "string" - } - }, - "type": "object" + "ShapBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig", + "markdownDescription": "The configuration for the SHAP baseline of the Kernal SHAP algorithm.", + "title": "ShapBaselineConfig" }, - "Type": { - "enum": [ - "AWS::SES::ReceiptRuleSet" - ], - "type": "string" + "TextConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyTextConfig", + "markdownDescription": "A parameter that indicates if text features are treated as text and explanations are provided for individual units of text. Required for natural language processing (NLP) explainability only.", + "title": "TextConfig" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "UseLogit": { + "markdownDescription": "A Boolean toggle to indicate if you want to use the logit function (true) or log-odds units (false) for model predictions. Defaults to false.", + "title": "UseLogit", + "type": "boolean" } }, "required": [ - "Type" + "ShapBaselineConfig" ], "type": "object" }, - "AWS::SES::Template": { + "AWS::SageMaker::EndpointConfig.ClarifyTextConfig": { "additionalProperties": false, "properties": { - "Condition": { + "Granularity": { + "markdownDescription": "The unit of granularity for the analysis of text features. For example, if the unit is `'token'` , then each token (like a word in English) of the text is treated as a feature. SHAP values are computed for each unit/feature.", + "title": "Granularity", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Language": { + "markdownDescription": "Specifies the language of the text features in [ISO 639-1](https://docs.aws.amazon.com/ https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes) or [ISO 639-3](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_639-3) code of a supported language.\n\n> For a mix of multiple languages, use code `'xx'` .", + "title": "Language", "type": "string" + } + }, + "required": [ + "Granularity", + "Language" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.DataCaptureConfig": { + "additionalProperties": false, + "properties": { + "CaptureContentTypeHeader": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader", + "markdownDescription": "A list of the JSON and CSV content type that the endpoint captures.", + "title": "CaptureContentTypeHeader" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Template": { - "$ref": "#/definitions/AWS::SES::Template.Template", - "markdownDescription": "The content of the email, composed of a subject line and either an HTML part or a text-only part.", - "title": "Template" - } + "CaptureOptions": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureOption" }, - "type": "object" + "markdownDescription": "Specifies whether the endpoint captures input data to your model, output data from your model, or both.", + "title": "CaptureOptions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SES::Template" - ], + "DestinationS3Uri": { + "markdownDescription": "The S3 bucket where model monitor stores captured data.", + "title": "DestinationS3Uri", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EnableCapture": { + "markdownDescription": "Set to `True` to enable data capture.", + "title": "EnableCapture", + "type": "boolean" + }, + "InitialSamplingPercentage": { + "markdownDescription": "The percentage of data to capture.", + "title": "InitialSamplingPercentage", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the captured data at rest using Amazon S3 server-side encryption. The KmsKeyId can be any of the following formats: Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab Alias name: alias/ExampleAlias Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see KMS-Managed Encryption Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the Amazon Simple Storage Service Developer Guide. The KMS key policy must grant permission to the IAM role that you specify in your CreateModel (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see Using Key Policies in AWS KMS (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the AWS Key Management Service Developer Guide.", + "title": "KmsKeyId", "type": "string" } }, "required": [ - "Type" + "CaptureOptions", + "DestinationS3Uri", + "InitialSamplingPercentage" ], "type": "object" }, - "AWS::SES::Template.Template": { + "AWS::SageMaker::EndpointConfig.ExplainerConfig": { "additionalProperties": false, "properties": { - "HtmlPart": { - "markdownDescription": "The HTML body of the email.", - "title": "HtmlPart", - "type": "string" - }, - "SubjectPart": { - "markdownDescription": "The subject line of the email.", - "title": "SubjectPart", - "type": "string" + "ClarifyExplainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig", + "markdownDescription": "A member of `ExplainerConfig` that contains configuration parameters for the SageMaker Clarify explainer.", + "title": "ClarifyExplainerConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ManagedInstanceScaling": { + "additionalProperties": false, + "properties": { + "MaxInstanceCount": { + "type": "number" }, - "TemplateName": { - "markdownDescription": "The name of the template. You will refer to this name when you send email using the `SendEmail` or `SendBulkEmail` operations.", - "title": "TemplateName", - "type": "string" + "MinInstanceCount": { + "type": "number" }, - "TextPart": { - "markdownDescription": "The email body that is visible to recipients whose email clients do not display HTML content.", - "title": "TextPart", + "Status": { "type": "string" } }, - "required": [ - "SubjectPart" - ], "type": "object" }, - "AWS::SES::VdmAttributes": { + "AWS::SageMaker::EndpointConfig.ProductionVariant": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ContainerStartupHealthCheckTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by SageMaker Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", + "title": "ContainerStartupHealthCheckTimeoutInSeconds", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EnableSSMAccess": { + "markdownDescription": "You can use this parameter to turn on native AWS Systems Manager (SSM) access for a production variant behind an endpoint. By default, SSM access is disabled for all production variants behind an endpoint. You can turn on or turn off SSM access for a production variant behind an existing endpoint by creating a new endpoint configuration and calling `UpdateEndpoint` .", + "title": "EnableSSMAccess", + "type": "boolean" + }, + "InferenceAmiVersion": { "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InitialInstanceCount": { + "markdownDescription": "Number of instances to launch initially.", + "title": "InitialInstanceCount", + "type": "number" }, - "Metadata": { - "type": "object" + "InitialVariantWeight": { + "markdownDescription": "Determines initial traffic distribution among all of the models that you specify in the endpoint configuration. The traffic to a production variant is determined by the ratio of the `VariantWeight` to the sum of all `VariantWeight` values across all ProductionVariants. If unspecified, it defaults to 1.0.", + "title": "InitialVariantWeight", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DashboardAttributes": { - "$ref": "#/definitions/AWS::SES::VdmAttributes.DashboardAttributes", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", - "title": "DashboardAttributes" - }, - "GuardianAttributes": { - "$ref": "#/definitions/AWS::SES::VdmAttributes.GuardianAttributes", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", - "title": "GuardianAttributes" - } - }, - "type": "object" + "InstanceType": { + "markdownDescription": "The ML compute instance type.", + "title": "InstanceType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SES::VdmAttributes" - ], + "ManagedInstanceScaling": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ManagedInstanceScaling" + }, + "ModelDataDownloadTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this production variant.", + "title": "ModelDataDownloadTimeoutInSeconds", + "type": "number" + }, + "ModelName": { + "markdownDescription": "The name of the model that you want to host. This is the name that you specified when creating the model.", + "title": "ModelName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoutingConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.RoutingConfig" + }, + "ServerlessConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ServerlessConfig", + "markdownDescription": "The serverless configuration for an endpoint. Specifies a serverless endpoint configuration instead of an instance-based endpoint configuration.", + "title": "ServerlessConfig" + }, + "VariantName": { + "markdownDescription": "The name of the production variant.", + "title": "VariantName", "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size, in GB, of the ML storage volume attached to individual inference instance associated with the production variant. Currently only Amazon EBS gp2 storage volumes are supported.", + "title": "VolumeSizeInGB", + "type": "number" } }, "required": [ - "Type" + "VariantName" ], "type": "object" }, - "AWS::SES::VdmAttributes.DashboardAttributes": { + "AWS::SageMaker::EndpointConfig.RoutingConfig": { "additionalProperties": false, "properties": { - "EngagementMetrics": { - "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for your account.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for your account.", - "title": "EngagementMetrics", + "RoutingStrategy": { "type": "string" } }, "type": "object" }, - "AWS::SES::VdmAttributes.GuardianAttributes": { + "AWS::SageMaker::EndpointConfig.ServerlessConfig": { "additionalProperties": false, "properties": { - "OptimizedSharedDelivery": { - "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for your account.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for your account.", - "title": "OptimizedSharedDelivery", - "type": "string" + "MaxConcurrency": { + "markdownDescription": "The maximum number of concurrent invocations your serverless endpoint can process.", + "title": "MaxConcurrency", + "type": "number" + }, + "MemorySizeInMB": { + "markdownDescription": "The memory size of your serverless endpoint. Valid values are in 1 GB increments: 1024 MB, 2048 MB, 3072 MB, 4096 MB, 5120 MB, or 6144 MB.", + "title": "MemorySizeInMB", + "type": "number" + }, + "ProvisionedConcurrency": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the serverless endpoint. Should be less than or equal to `MaxConcurrency` .\n\n> This field is not supported for serverless endpoint recommendations for Inference Recommender jobs. For more information about creating an Inference Recommender job, see [CreateInferenceRecommendationsJobs](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html) .", + "title": "ProvisionedConcurrency", + "type": "number" } }, + "required": [ + "MaxConcurrency", + "MemorySizeInMB" + ], "type": "object" }, - "AWS::SNS::Subscription": { + "AWS::SageMaker::EndpointConfig.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -240127,71 +293580,74 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliveryPolicy": { - "markdownDescription": "The delivery policy JSON assigned to the subscription. Enables the subscriber to define the message delivery retry strategy in the case of an HTTP/S endpoint subscribed to the topic. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message delivery retries](https://docs.aws.amazon.com/sns/latest/dg/sns-message-delivery-retries.html) in the *Amazon SNS Developer Guide* .", - "title": "DeliveryPolicy", - "type": "object" - }, - "Endpoint": { - "markdownDescription": "The subscription's endpoint. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Endpoint", + "Description": { + "markdownDescription": "A free form description of a `FeatureGroup` .", + "title": "Description", "type": "string" }, - "FilterPolicy": { - "markdownDescription": "The filter policy JSON assigned to the subscription. Enables the subscriber to filter out unwanted messages. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message filtering](https://docs.aws.amazon.com/sns/latest/dg/sns-message-filtering.html) in the *Amazon SNS Developer Guide* .", - "title": "FilterPolicy", - "type": "object" - }, - "FilterPolicyScope": { - "markdownDescription": "This attribute lets you choose the filtering scope by using one of the following string value types:\n\n- `MessageAttributes` (default) - The filter is applied on the message attributes.\n- `MessageBody` - The filter is applied on the message body.\n\n> `Null` is not a valid value for `FilterPolicyScope` . To delete a filter policy, delete the `FilterPolicy` property but keep `FilterPolicyScope` property as is.", - "title": "FilterPolicyScope", + "EventTimeFeatureName": { + "markdownDescription": "The name of the feature that stores the `EventTime` of a Record in a `FeatureGroup` .\n\nA `EventTime` is point in time when a new event occurs that corresponds to the creation or update of a `Record` in `FeatureGroup` . All `Records` in the `FeatureGroup` must have a corresponding `EventTime` .", + "title": "EventTimeFeatureName", "type": "string" }, - "Protocol": { - "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Protocol", + "FeatureDefinitions": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.FeatureDefinition" + }, + "markdownDescription": "A list of `Feature` s. Each `Feature` must include a `FeatureName` and a `FeatureType` .\n\nValid `FeatureType` s are `Integral` , `Fractional` and `String` .\n\n`FeatureName` s cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nYou can create up to 2,500 `FeatureDefinition` s per `FeatureGroup` .", + "title": "FeatureDefinitions", + "type": "array" + }, + "FeatureGroupName": { + "markdownDescription": "The name of the `FeatureGroup` .", + "title": "FeatureGroupName", "type": "string" }, - "RawMessageDelivery": { - "markdownDescription": "When set to `true` , enables raw message delivery. Raw messages don't contain any JSON formatting and can be sent to Amazon SQS and HTTP/S endpoints. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* .", - "title": "RawMessageDelivery", - "type": "boolean" + "OfflineStoreConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OfflineStoreConfig", + "markdownDescription": "The configuration of an `OfflineStore` .", + "title": "OfflineStoreConfig" }, - "RedrivePolicy": { - "markdownDescription": "When specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue. Messages that can't be delivered due to client errors (for example, when the subscribed endpoint is unreachable) or server errors (for example, when the service that powers the subscribed endpoint becomes unavailable) are held in the dead-letter queue for further analysis or reprocessing.\n\nFor more information about the redrive policy and dead-letter queues, see [Amazon SQS dead-letter queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html) in the *Amazon SQS Developer Guide* .", - "title": "RedrivePolicy", - "type": "object" + "OnlineStoreConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreConfig", + "markdownDescription": "The configuration of an `OnlineStore` .", + "title": "OnlineStoreConfig" }, - "Region": { - "markdownDescription": "For cross-region subscriptions, the region in which the topic resides.\n\nIf no region is specified, AWS CloudFormation uses the region of the caller as the default.\n\nIf you perform an update operation that only updates the `Region` property of a `AWS::SNS::Subscription` resource, that operation will fail unless you are either:\n\n- Updating the `Region` from `NULL` to the caller region.\n- Updating the `Region` from the caller region to `NULL` .", - "title": "Region", + "RecordIdentifierFeatureName": { + "markdownDescription": "The name of the `Feature` whose value uniquely identifies a `Record` defined in the `FeatureGroup` `FeatureDefinitions` .", + "title": "RecordIdentifierFeatureName", "type": "string" }, - "ReplayPolicy": { - "markdownDescription": "Specifies whether Amazon SNS resends the notification to the subscription when a message's attribute changes.", - "title": "ReplayPolicy", - "type": "object" - }, - "SubscriptionRoleArn": { - "markdownDescription": "This property applies only to Amazon Data Firehose delivery stream subscriptions. Specify the ARN of the IAM role that has the following:\n\n- Permission to write to the Amazon Data Firehose delivery stream\n- Amazon SNS listed as a trusted entity\n\nSpecifying a valid ARN for this attribute is required for Firehose delivery stream subscriptions. For more information, see [Fanout to Amazon Data Firehose delivery streams](https://docs.aws.amazon.com/sns/latest/dg/sns-firehose-as-subscriber.html) in the *Amazon SNS Developer Guide.*", - "title": "SubscriptionRoleArn", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM execution role used to create the feature group.", + "title": "RoleArn", "type": "string" }, - "TopicArn": { - "markdownDescription": "The ARN of the topic to subscribe to.", - "title": "TopicArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags used to define a `FeatureGroup` .", + "title": "Tags", + "type": "array" + }, + "ThroughputConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.ThroughputConfig", + "markdownDescription": "Used to set feature group throughput configuration. There are two modes: `ON_DEMAND` and `PROVISIONED` . With on-demand mode, you are charged for data reads and writes that your application performs on your feature group. You do not need to specify read and write throughput because Feature Store accommodates your workloads as they ramp up and down. You can switch a feature group to on-demand only once in a 24 hour period. With provisioned throughput mode, you specify the read and write capacity per second that you expect your application to require, and you are billed based on those limits. Exceeding provisioned throughput will result in your requests being throttled.\n\nNote: `PROVISIONED` throughput mode is supported only for feature groups that are offline-only, or use the [`Standard`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) tier online store.", + "title": "ThroughputConfig" } }, "required": [ - "Protocol", - "TopicArn" + "EventTimeFeatureName", + "FeatureDefinitions", + "FeatureGroupName", + "RecordIdentifierFeatureName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SNS::Subscription" + "AWS::SageMaker::FeatureGroup" ], "type": "string" }, @@ -240210,190 +293666,178 @@ ], "type": "object" }, - "AWS::SNS::Topic": { + "AWS::SageMaker::FeatureGroup.DataCatalogConfig": { "additionalProperties": false, "properties": { - "Condition": { + "Catalog": { + "markdownDescription": "The name of the Glue table catalog.", + "title": "Catalog", "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Database": { + "markdownDescription": "The name of the Glue table database.", + "title": "Database", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ArchivePolicy": { - "markdownDescription": "The `ArchivePolicy` determines the number of days Amazon SNS retains messages in FIFO topics. You can set a retention period ranging from 1 to 365 days. This property is only applicable to FIFO topics; attempting to use it with standard topics will result in a creation failure.", - "title": "ArchivePolicy", - "type": "object" - }, - "ContentBasedDeduplication": { - "markdownDescription": "`ContentBasedDeduplication` enables deduplication of messages based on their content for FIFO topics. By default, this property is set to false. If you create a FIFO topic with `ContentBasedDeduplication` set to false, you must provide a `MessageDeduplicationId` for each `Publish` action. When set to true, Amazon SNS automatically generates a `MessageDeduplicationId` using a SHA-256 hash of the message body (excluding message attributes). You can optionally override this generated value by specifying a `MessageDeduplicationId` in the `Publish` action. Note that this property only applies to FIFO topics; using it with standard topics will cause the creation to fail.", - "title": "ContentBasedDeduplication", - "type": "boolean" - }, - "DataProtectionPolicy": { - "markdownDescription": "The body of the policy document you want to use for this topic.\n\nYou can only add one policy per topic.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 30,720.", - "title": "DataProtectionPolicy", - "type": "object" - }, - "DeliveryStatusLogging": { - "items": { - "$ref": "#/definitions/AWS::SNS::Topic.LoggingConfig" - }, - "markdownDescription": "The `DeliveryStatusLogging` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:\n\n- HTTP\n- Amazon Kinesis Data Firehose\n- AWS Lambda\n- Platform application endpoint\n- Amazon Simple Queue Service\n\nOnce configured, log entries are sent to Amazon CloudWatch Logs.", - "title": "DeliveryStatusLogging", - "type": "array" - }, - "DisplayName": { - "markdownDescription": "The display name to use for an Amazon SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs.", - "title": "DisplayName", - "type": "string" - }, - "FifoTopic": { - "markdownDescription": "Set to true to create a FIFO topic.", - "title": "FifoTopic", - "type": "boolean" - }, - "KmsMasterKeyId": { - "markdownDescription": "The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms) . For more examples, see `[KeyId](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)` in the *AWS Key Management Service API Reference* .\n\nThis property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html) .", - "title": "KmsMasterKeyId", - "type": "string" - }, - "SignatureVersion": { - "markdownDescription": "The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, `SignatureVersion` is set to `1` .", - "title": "SignatureVersion", - "type": "string" - }, - "Subscription": { - "items": { - "$ref": "#/definitions/AWS::SNS::Topic.Subscription" - }, - "markdownDescription": "The Amazon SNS subscriptions (endpoints) for this topic.\n\n> If you specify the `Subscription` property in the `AWS::SNS::Topic` resource and it creates an associated subscription resource, the associated subscription is not deleted when the `AWS::SNS::Topic` resource is deleted.", - "title": "Subscription", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags to add to a new topic.\n\n> To be able to tag a topic on creation, you must have the `sns:CreateTopic` and `sns:TagResource` permissions.", - "title": "Tags", - "type": "array" - }, - "TopicName": { - "markdownDescription": "The name of the topic you want to create. Topic names must include only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. FIFO topic names must end with `.fifo` .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the topic name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TopicName", - "type": "string" - }, - "TracingConfig": { - "markdownDescription": "Tracing mode of an Amazon SNS topic. By default `TracingConfig` is set to `PassThrough` , and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to `Active` , Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true.", - "title": "TracingConfig", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SNS::Topic" - ], + "TableName": { + "markdownDescription": "The name of the Glue table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "Catalog", + "Database", + "TableName" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.FeatureDefinition": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "markdownDescription": "The name of a feature. The type must be a string. `FeatureName` cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nThe name:\n\n- Must start with an alphanumeric character.\n- Can only include alphanumeric characters, underscores, and hyphens. Spaces are not allowed.", + "title": "FeatureName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FeatureType": { + "markdownDescription": "The value type of a feature. Valid values are Integral, Fractional, or String.", + "title": "FeatureType", "type": "string" } }, "required": [ - "Type" + "FeatureName", + "FeatureType" ], "type": "object" }, - "AWS::SNS::Topic.LoggingConfig": { + "AWS::SageMaker::FeatureGroup.OfflineStoreConfig": { "additionalProperties": false, "properties": { - "FailureFeedbackRoleArn": { - "markdownDescription": "The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch.", - "title": "FailureFeedbackRoleArn", + "DataCatalogConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.DataCatalogConfig", + "markdownDescription": "The meta data of the Glue table that is autogenerated when an `OfflineStore` is created.", + "title": "DataCatalogConfig" + }, + "DisableGlueTableCreation": { + "markdownDescription": "Set to `True` to disable the automatic creation of an AWS Glue table when configuring an `OfflineStore` . If set to `False` , Feature Store will name the `OfflineStore` Glue table following [Athena's naming recommendations](https://docs.aws.amazon.com/athena/latest/ug/tables-databases-columns-names.html) .\n\nThe default value is `False` .", + "title": "DisableGlueTableCreation", + "type": "boolean" + }, + "S3StorageConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.S3StorageConfig", + "markdownDescription": "The Amazon Simple Storage (Amazon S3) location of `OfflineStore` .", + "title": "S3StorageConfig" + }, + "TableFormat": { + "markdownDescription": "Format for the offline store table. Supported formats are Glue (Default) and [Apache Iceberg](https://docs.aws.amazon.com/https://iceberg.apache.org/) .", + "title": "TableFormat", "type": "string" + } + }, + "required": [ + "S3StorageConfig" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.OnlineStoreConfig": { + "additionalProperties": false, + "properties": { + "EnableOnlineStore": { + "markdownDescription": "Turn `OnlineStore` off by specifying `False` for the `EnableOnlineStore` flag. Turn `OnlineStore` on by specifying `True` for the `EnableOnlineStore` flag.\n\nThe default value is `False` .", + "title": "EnableOnlineStore", + "type": "boolean" }, - "Protocol": { - "markdownDescription": "Indicates one of the supported protocols for the Amazon SNS topic.\n\n> At least one of the other three `LoggingConfig` properties is recommend along with `Protocol` .", - "title": "Protocol", + "SecurityConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig", + "markdownDescription": "Use to specify KMS Key ID ( `KMSKeyId` ) for at-rest encryption of your `OnlineStore` .", + "title": "SecurityConfig" + }, + "StorageType": { + "markdownDescription": "Option for different tiers of low latency storage for real-time data retrieval.\n\n- `Standard` : A managed low latency data store for feature groups.\n- `InMemory` : A managed data store for feature groups that supports very low latency retrieval.", + "title": "StorageType", "type": "string" }, - "SuccessFeedbackRoleArn": { - "markdownDescription": "The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch.", - "title": "SuccessFeedbackRoleArn", + "TtlDuration": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.TtlDuration", + "markdownDescription": "Time to live duration, where the record is hard deleted after the expiration time is reached; `ExpiresAt` = `EventTime` + `TtlDuration` . For information on HardDelete, see the [DeleteRecord](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html) API in the Amazon SageMaker API Reference guide.", + "title": "TtlDuration" + } + }, + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.\n\nThe caller (either user or IAM role) of `CreateFeatureGroup` must have below permissions to the `OnlineStore` `KmsKeyId` :\n\n- `\"kms:Encrypt\"`\n- `\"kms:Decrypt\"`\n- `\"kms:DescribeKey\"`\n- `\"kms:CreateGrant\"`\n- `\"kms:RetireGrant\"`\n- `\"kms:ReEncryptFrom\"`\n- `\"kms:ReEncryptTo\"`\n- `\"kms:GenerateDataKey\"`\n- `\"kms:ListAliases\"`\n- `\"kms:ListGrants\"`\n- `\"kms:RevokeGrant\"`\n\nThe caller (either user or IAM role) to all DataPlane operations ( `PutRecord` , `GetRecord` , `DeleteRecord` ) must have the following permissions to the `KmsKeyId` :\n\n- `\"kms:Decrypt\"`", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.S3StorageConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service (KMS) key ARN of the key used to encrypt any objects written into the `OfflineStore` S3 location.\n\nThe IAM `roleARN` that is passed as a parameter to `CreateFeatureGroup` must have below permissions to the `KmsKeyId` :\n\n- `\"kms:GenerateDataKey\"`", + "title": "KmsKeyId", "type": "string" }, - "SuccessFeedbackSampleRate": { - "markdownDescription": "The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100.", - "title": "SuccessFeedbackSampleRate", + "S3Uri": { + "markdownDescription": "The S3 URI, or location in Amazon S3, of `OfflineStore` .\n\nS3 URIs have a format similar to the following: `s3://example-bucket/prefix/` .", + "title": "S3Uri", "type": "string" } }, "required": [ - "Protocol" + "S3Uri" ], "type": "object" }, - "AWS::SNS::Topic.Subscription": { + "AWS::SageMaker::FeatureGroup.ThroughputConfig": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "The endpoint that receives notifications from the Amazon SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Endpoint", - "type": "string" + "ProvisionedReadCapacityUnits": { + "markdownDescription": "For provisioned feature groups with online store enabled, this indicates the read throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", + "title": "ProvisionedReadCapacityUnits", + "type": "number" }, - "Protocol": { - "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Protocol", + "ProvisionedWriteCapacityUnits": { + "markdownDescription": "For provisioned feature groups, this indicates the write throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", + "title": "ProvisionedWriteCapacityUnits", + "type": "number" + }, + "ThroughputMode": { + "markdownDescription": "The mode used for your feature group throughput: `ON_DEMAND` or `PROVISIONED` .", + "title": "ThroughputMode", "type": "string" } }, "required": [ - "Endpoint", - "Protocol" + "ThroughputMode" ], "type": "object" }, - "AWS::SNS::TopicInlinePolicy": { + "AWS::SageMaker::FeatureGroup.TtlDuration": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "`TtlDuration` time unit.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "`TtlDuration` time value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::Image": { "additionalProperties": false, "properties": { "Condition": { @@ -240428,26 +293872,44 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains permissions to add to the specified Amazon SNS topic.", - "title": "PolicyDocument", - "type": "object" + "ImageDescription": { + "markdownDescription": "The description of the image.", + "title": "ImageDescription", + "type": "string" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the topic to which you want to add the policy.", - "title": "TopicArn", + "ImageDisplayName": { + "markdownDescription": "The display name of the image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.\n\n*Pattern* : `^\\S(.*\\S)?$`", + "title": "ImageDisplayName", + "type": "string" + }, + "ImageName": { + "markdownDescription": "The name of the Image. Must be unique by region in your account.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", + "title": "ImageName", + "type": "string" + }, + "ImageRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n\n*Length Constraints* : Minimum length of 20. Maximum length of 2048.\n\n*Pattern* : `^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$`", + "title": "ImageRoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\n*Array Members* : Minimum number of 0 items. Maximum number of 50 items.", + "title": "Tags", + "type": "array" } }, "required": [ - "PolicyDocument", - "TopicArn" + "ImageName", + "ImageRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SNS::TopicInlinePolicy" + "AWS::SageMaker::Image" ], "type": "string" }, @@ -240466,7 +293928,7 @@ ], "type": "object" }, - "AWS::SNS::TopicPolicy": { + "AWS::SageMaker::ImageVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -240501,29 +293963,74 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains permissions to add to the specified SNS topics.", - "title": "PolicyDocument", - "type": "object" + "Alias": { + "markdownDescription": "", + "title": "Alias", + "type": "string" }, - "Topics": { + "Aliases": { "items": { "type": "string" }, - "markdownDescription": "The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SNS::Topic](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-topic.html)` resource.", - "title": "Topics", + "markdownDescription": "", + "title": "Aliases", "type": "array" + }, + "BaseImage": { + "markdownDescription": "The container image that the SageMaker image version is based on.", + "title": "BaseImage", + "type": "string" + }, + "Horovod": { + "markdownDescription": "", + "title": "Horovod", + "type": "boolean" + }, + "ImageName": { + "markdownDescription": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", + "title": "ImageName", + "type": "string" + }, + "JobType": { + "markdownDescription": "", + "title": "JobType", + "type": "string" + }, + "MLFramework": { + "markdownDescription": "", + "title": "MLFramework", + "type": "string" + }, + "Processor": { + "markdownDescription": "", + "title": "Processor", + "type": "string" + }, + "ProgrammingLang": { + "markdownDescription": "", + "title": "ProgrammingLang", + "type": "string" + }, + "ReleaseNotes": { + "markdownDescription": "", + "title": "ReleaseNotes", + "type": "string" + }, + "VendorGuidance": { + "markdownDescription": "", + "title": "VendorGuidance", + "type": "string" } }, "required": [ - "PolicyDocument", - "Topics" + "BaseImage", + "ImageName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SNS::TopicPolicy" + "AWS::SageMaker::ImageVersion" ], "type": "string" }, @@ -240542,19 +294049,12 @@ ], "type": "object" }, - "AWS::SQS::Queue": { + "AWS::SageMaker::InferenceComponent": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -240584,95 +294084,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ContentBasedDeduplication": { - "markdownDescription": "For first-in-first-out (FIFO) queues, specifies whether to enable content-based deduplication. During the deduplication interval, Amazon SQS treats messages that are sent with identical content as duplicates and delivers only one copy of the message. For more information, see the `ContentBasedDeduplication` attribute for the `[CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html)` action in the *Amazon SQS API Reference* .", - "title": "ContentBasedDeduplication", - "type": "boolean" - }, - "DeduplicationScope": { - "markdownDescription": "For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. Valid values are `messageGroup` and `queue` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `messageGroup` *and* set the `FifoThroughputLimit` attribute to `perMessageGroupId` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", - "title": "DeduplicationScope", - "type": "string" - }, - "DelaySeconds": { - "markdownDescription": "The time in seconds for which the delivery of all messages in the queue is delayed. You can specify an integer value of `0` to `900` (15 minutes). The default value is `0` .", - "title": "DelaySeconds", - "type": "number" - }, - "FifoQueue": { - "markdownDescription": "If set to true, creates a FIFO queue. If you don't specify this property, Amazon SQS creates a standard queue. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .", - "title": "FifoQueue", - "type": "boolean" + "DeploymentConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentDeploymentConfig", + "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", + "title": "DeploymentConfig" }, - "FifoThroughputLimit": { - "markdownDescription": "For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are `perQueue` and `perMessageGroupId` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `perMessageGroupId` *and* set the `DeduplicationScope` attribute to `messageGroup` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", - "title": "FifoThroughputLimit", + "EndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the endpoint that hosts the inference component.", + "title": "EndpointArn", "type": "string" }, - "KmsDataKeyReusePeriodSeconds": { - "markdownDescription": "The length of time in seconds for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).\n\n> A shorter time period provides better security, but results in more calls to AWS KMS , which might incur charges after Free Tier. For more information, see [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-how-does-the-data-key-reuse-period-work) in the *Amazon SQS Developer Guide* .", - "title": "KmsDataKeyReusePeriodSeconds", - "type": "number" - }, - "KmsMasterKeyId": { - "markdownDescription": "The ID of an AWS Key Management Service (KMS) for Amazon SQS , or a custom KMS. To use the AWS managed KMS for Amazon SQS , specify a (default) alias ARN, alias name (for example `alias/aws/sqs` ), key ARN, or key ID. For more information, see the following:\n\n- [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Amazon SQS Developer Guide*\n- [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *Amazon SQS API Reference*\n- [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *AWS Key Management Service API Reference*\n- The Key Management Service (KMS) section of the [Security best practices for AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) in the *AWS Key Management Service Developer Guide*", - "title": "KmsMasterKeyId", + "EndpointName": { + "markdownDescription": "The name of the endpoint that hosts the inference component.", + "title": "EndpointName", "type": "string" }, - "MaximumMessageSize": { - "markdownDescription": "The limit of how many bytes that a message can contain before Amazon SQS rejects it. You can specify an integer value from `1,024` bytes (1 KiB) to `262,144` bytes (256 KiB). The default value is `262,144` (256 KiB).", - "title": "MaximumMessageSize", - "type": "number" - }, - "MessageRetentionPeriod": { - "markdownDescription": "The number of seconds that Amazon SQS retains a message. You can specify an integer value from `60` seconds (1 minute) to `1,209,600` seconds (14 days). The default value is `345,600` seconds (4 days).", - "title": "MessageRetentionPeriod", - "type": "number" - }, - "QueueName": { - "markdownDescription": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the `.fifo` suffix. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *AWS CloudFormation User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "QueueName", + "InferenceComponentName": { + "markdownDescription": "The name of the inference component.", + "title": "InferenceComponentName", "type": "string" }, - "ReceiveMessageWaitTimeSeconds": { - "markdownDescription": "Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, rather than returning an empty response if a message isn't yet available. You can specify an integer from 1 to 20. Short polling is used as the default or when you specify 0 for this property. For more information, see [Consuming messages using long polling](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-short-and-long-polling.html#sqs-long-polling) in the *Amazon SQS Developer Guide* .", - "title": "ReceiveMessageWaitTimeSeconds", - "type": "number" - }, - "RedriveAllowPolicy": { - "markdownDescription": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n\n- `redrivePermission` : The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n\n- `allowAll` : (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n- `denyAll` : No source queues can specify this queue as the dead-letter queue.\n- `byQueue` : Only queues specified by the `sourceQueueArns` parameter can specify this queue as the dead-letter queue.\n- `sourceQueueArns` : The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the `redrivePermission` parameter is set to `byQueue` . You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the `redrivePermission` parameter to `allowAll` .", - "title": "RedriveAllowPolicy", - "type": "object" - }, - "RedrivePolicy": { - "markdownDescription": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n\n- `deadLetterTargetArn` : The Amazon Resource Name (ARN) of the dead-letter queue to which Amazon SQS moves messages after the value of `maxReceiveCount` is exceeded.\n- `maxReceiveCount` : The number of times a message is received by a consumer of the source queue before being moved to the dead-letter queue. When the `ReceiveCount` for a message exceeds the `maxReceiveCount` for a queue, Amazon SQS moves the message to the dead-letter-queue.\n\n> The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue. \n\n*JSON*\n\n`{ \"deadLetterTargetArn\" : *String* , \"maxReceiveCount\" : *Integer* }`\n\n*YAML*\n\n`deadLetterTargetArn : *String*`\n\n`maxReceiveCount : *Integer*`", - "title": "RedrivePolicy", - "type": "object" + "RuntimeConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig", + "markdownDescription": "", + "title": "RuntimeConfig" }, - "SqsManagedSseEnabled": { - "markdownDescription": "Enables server-side queue encryption using SQS owned encryption keys. Only one server-side encryption option is supported per queue (for example, [SSE-KMS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sse-existing-queue.html) or [SSE-SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sqs-sse-queue.html) ). When `SqsManagedSseEnabled` is not defined, `SSE-SQS` encryption is enabled by default.", - "title": "SqsManagedSseEnabled", - "type": "boolean" + "Specification": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentSpecification", + "markdownDescription": "", + "title": "Specification" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags that you attach to this queue. For more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "VisibilityTimeout": { - "markdownDescription": "The length of time during which a message will be unavailable after a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue.\n\nValues must be from 0 to 43,200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.\n\nFor more information about Amazon SQS queue visibility timeouts, see [Visibility timeout](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html) in the *Amazon SQS Developer Guide* .", - "title": "VisibilityTimeout", - "type": "number" + "VariantName": { + "markdownDescription": "The name of the production variant that hosts the inference component.", + "title": "VariantName", + "type": "string" } }, + "required": [ + "EndpointName", + "Specification" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SQS::Queue" + "AWS::SageMaker::InferenceComponent" ], "type": "string" }, @@ -240686,160 +294150,252 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SQS::QueueInlinePolicy": { + "AWS::SageMaker::InferenceComponent.Alarm": { "additionalProperties": false, "properties": { - "Condition": { + "AlarmName": { + "markdownDescription": "The name of a CloudWatch alarm in your account.", + "title": "AlarmName", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "AlarmName" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.AutoRollbackConfiguration": { + "additionalProperties": false, + "properties": { + "Alarms": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.Alarm" + }, + "markdownDescription": "", + "title": "Alarms", + "type": "array" + } + }, + "required": [ + "Alarms" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.DeployedImage": { + "additionalProperties": false, + "properties": { + "ResolutionTime": { + "markdownDescription": "The date and time when the image path for the model resolved to the `ResolvedImage`", + "title": "ResolutionTime", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", - "title": "PolicyDocument", - "type": "object" - }, - "Queue": { - "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html)` resource.", - "title": "Queue", - "type": "string" - } - }, - "required": [ - "PolicyDocument", - "Queue" - ], - "type": "object" + "ResolvedImage": { + "markdownDescription": "The specific digest path of the image hosted in this `ProductionVariant` .", + "title": "ResolvedImage", + "type": "string" }, + "SpecifiedImage": { + "markdownDescription": "The image path you specified when you created the model.", + "title": "SpecifiedImage", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize": { + "additionalProperties": false, + "properties": { "Type": { - "enum": [ - "AWS::SQS::QueueInlinePolicy" - ], + "markdownDescription": "Specifies the endpoint capacity type.\n\n- **COPY_COUNT** - The endpoint activates based on the number of inference component copies.\n- **CAPACITY_PERCENT** - The endpoint activates based on the specified percentage of capacity.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "markdownDescription": "Defines the capacity size, either as a number of inference component copies or a capacity percentage.", + "title": "Value", + "type": "number" } }, "required": [ "Type", - "Properties" + "Value" ], "type": "object" }, - "AWS::SQS::QueuePolicy": { + "AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "MaxMemoryRequiredInMb": { + "markdownDescription": "The maximum MB of memory to allocate to run a model that you assign to an inference component.", + "title": "MaxMemoryRequiredInMb", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MinMemoryRequiredInMb": { + "markdownDescription": "The minimum MB of memory to allocate to run a model that you assign to an inference component.", + "title": "MinMemoryRequiredInMb", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NumberOfAcceleratorDevicesRequired": { + "markdownDescription": "The number of accelerators to allocate to run a model that you assign to an inference component. Accelerators include GPUs and AWS Inferentia.", + "title": "NumberOfAcceleratorDevicesRequired", + "type": "number" }, - "Metadata": { - "type": "object" + "NumberOfCpuCoresRequired": { + "markdownDescription": "The number of CPU cores to allocate to run a model that you assign to an inference component.", + "title": "NumberOfCpuCoresRequired", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification": { + "additionalProperties": false, + "properties": { + "ArtifactUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", + "title": "ArtifactUrl", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", - "title": "PolicyDocument", - "type": "object" - }, - "Queues": { - "items": { - "type": "string" - }, - "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queue.html)` resource.", - "title": "Queues", - "type": "array" + "DeployedImage": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.DeployedImage", + "markdownDescription": "", + "title": "DeployedImage" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the Environment string-to-string map can have length of up to 1024. We support up to 16 entries in the map.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" } }, - "required": [ - "PolicyDocument", - "Queues" - ], + "title": "Environment", "type": "object" }, - "Type": { - "enum": [ - "AWS::SQS::QueuePolicy" - ], + "Image": { + "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where the Docker image for the model is stored.", + "title": "Image", "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentDeploymentConfig": { + "additionalProperties": false, + "properties": { + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.AutoRollbackConfiguration", + "markdownDescription": "", + "title": "AutoRollbackConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RollingUpdatePolicy": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRollingUpdatePolicy", + "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker AI endpoint.", + "title": "RollingUpdatePolicy" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentRollingUpdatePolicy": { + "additionalProperties": false, + "properties": { + "MaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize", + "markdownDescription": "The batch size for each rolling step in the deployment process. For each step, SageMaker AI provisions capacity on the new endpoint fleet, routes traffic to that fleet, and terminates capacity on the old endpoint fleet. The value must be between 5% to 50% of the copy count of the inference component.", + "title": "MaximumBatchSize" + }, + "MaximumExecutionTimeoutInSeconds": { + "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", + "title": "MaximumExecutionTimeoutInSeconds", + "type": "number" + }, + "RollbackMaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize", + "markdownDescription": "The batch size for a rollback to the old endpoint fleet. If this field is absent, the value is set to the default, which is 100% of the total capacity. When the default is used, SageMaker AI provisions the entire capacity of the old fleet at once during rollback.", + "title": "RollbackMaximumBatchSize" + }, + "WaitIntervalInSeconds": { + "markdownDescription": "The length of the baking period, during which SageMaker AI monitors alarms for each batch on the new fleet.", + "title": "WaitIntervalInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig": { + "additionalProperties": false, + "properties": { + "CopyCount": { + "markdownDescription": "The number of runtime copies of the model container to deploy with the inference component. Each copy can serve inference requests.", + "title": "CopyCount", + "type": "number" + }, + "CurrentCopyCount": { + "markdownDescription": "", + "title": "CurrentCopyCount", + "type": "number" + }, + "DesiredCopyCount": { + "markdownDescription": "", + "title": "DesiredCopyCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentSpecification": { + "additionalProperties": false, + "properties": { + "BaseInferenceComponentName": { + "markdownDescription": "The name of an existing inference component that is to contain the inference component that you're creating with your request.\n\nSpecify this parameter only if your request is meant to create an adapter inference component. An adapter inference component contains the path to an adapter model. The purpose of the adapter model is to tailor the inference output of a base foundation model, which is hosted by the base inference component. The adapter inference component uses the compute resources that you assigned to the base inference component.\n\nWhen you create an adapter inference component, use the `Container` parameter to specify the location of the adapter artifacts. In the parameter value, use the `ArtifactUrl` parameter of the `InferenceComponentContainerSpecification` data type.\n\nBefore you can create an adapter inference component, you must have an existing inference component that contains the foundation model that you want to adapt.", + "title": "BaseInferenceComponentName", + "type": "string" + }, + "ComputeResourceRequirements": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements", + "markdownDescription": "The compute resources allocated to run the model, plus any adapter models, that you assign to the inference component.\n\nOmit this parameter if your request is meant to create an adapter inference component. An adapter inference component is loaded by a base inference component, and it uses the compute resources of the base inference component.", + "title": "ComputeResourceRequirements" + }, + "Container": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification", + "markdownDescription": "Defines a container that provides the runtime environment for a model that you deploy with an inference component.", + "title": "Container" + }, + "ModelName": { + "markdownDescription": "The name of an existing SageMaker AI model object in your account that you want to deploy with the inference component.", + "title": "ModelName", "type": "string" + }, + "StartupParameters": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters", + "markdownDescription": "Settings that take effect while the model container starts up.", + "title": "StartupParameters" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSM::Association": { + "AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters": { + "additionalProperties": false, + "properties": { + "ContainerStartupHealthCheckTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by Amazon S3 Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", + "title": "ContainerStartupHealthCheckTimeoutInSeconds", + "type": "number" + }, + "ModelDataDownloadTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this inference component.", + "title": "ModelDataDownloadTimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment": { "additionalProperties": false, "properties": { "Condition": { @@ -240874,106 +294430,90 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplyOnlyAtCronInterval": { - "markdownDescription": "By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.", - "title": "ApplyOnlyAtCronInterval", - "type": "boolean" - }, - "AssociationName": { - "markdownDescription": "Specify a descriptive name for the association.", - "title": "AssociationName", - "type": "string" - }, - "AutomationTargetParameterName": { - "markdownDescription": "Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a tool in AWS Systems Manager .", - "title": "AutomationTargetParameterName", - "type": "string" - }, - "CalendarNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) in the *AWS Systems Manager User Guide* .", - "title": "CalendarNames", - "type": "array" + "DataStorageConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.DataStorageConfig", + "markdownDescription": "The Amazon S3 location and configuration for storing inference request and response data.", + "title": "DataStorageConfig" }, - "ComplianceSeverity": { - "markdownDescription": "The severity level that is assigned to the association.", - "title": "ComplianceSeverity", + "Description": { + "markdownDescription": "The description of the inference experiment.", + "title": "Description", "type": "string" }, - "DocumentVersion": { - "markdownDescription": "The version of the SSM document to associate with the target.\n\n> Note the following important information.\n> \n> - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the `default` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to `default` .\n> - `DocumentVersion` is not valid for documents owned by AWS , such as `AWS-RunPatchBaseline` or `AWS-UpdateSSMAgent` . If you specify `DocumentVersion` for an AWS document, the system returns the following error: \"Error occurred during operation 'CreateAssociation'.\" (RequestToken: , HandlerErrorCode: GeneralServiceException).", - "title": "DocumentVersion", + "DesiredState": { + "markdownDescription": "The desired state of the experiment after stopping. The possible states are the following:\n\n- `Completed` : The experiment completed successfully\n- `Cancelled` : The experiment was canceled", + "title": "DesiredState", "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.\n\n> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.", - "title": "InstanceId", + "EndpointName": { + "markdownDescription": "The name of the endpoint.", + "title": "EndpointName", "type": "string" }, - "MaxConcurrency": { - "markdownDescription": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` .", - "title": "MaxConcurrency", + "KmsKey": { + "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", + "title": "KmsKey", "type": "string" }, - "MaxErrors": { - "markdownDescription": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time.", - "title": "MaxErrors", - "type": "string" + "ModelVariants": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelVariantConfig" + }, + "markdownDescription": "An array of `ModelVariantConfigSummary` objects. There is one for each variant in the inference experiment. Each `ModelVariantConfigSummary` object in the array describes the infrastructure configuration for deploying the corresponding variant.", + "title": "ModelVariants", + "type": "array" }, "Name": { - "markdownDescription": "The name of the SSM document that contains the configuration information for the instance. You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format:\n\n`arn:partition:ssm:region:account-id:document/document-name`\n\nFor example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`\n\nFor AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, `AWS -ApplyPatchBaseline` or `My-Document` .", + "markdownDescription": "The name of the inference experiment.", "title": "Name", "type": "string" }, - "OutputLocation": { - "$ref": "#/definitions/AWS::SSM::Association.InstanceAssociationOutputLocation", - "markdownDescription": "An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.", - "title": "OutputLocation" - }, - "Parameters": { - "markdownDescription": "The parameters for the runtime configuration of the document.", - "title": "Parameters", - "type": "object" - }, - "ScheduleExpression": { - "markdownDescription": "A cron expression that specifies a schedule when the association runs. The schedule runs in Coordinated Universal Time (UTC).", - "title": "ScheduleExpression", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Amazon SageMaker can assume to access model artifacts and container images, and manage Amazon SageMaker Inference endpoints for model deployment.", + "title": "RoleArn", "type": "string" }, - "ScheduleOffset": { - "markdownDescription": "Number of days to wait after the scheduled day to run an association.", - "title": "ScheduleOffset", - "type": "number" + "Schedule": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule", + "markdownDescription": "The duration for which the inference experiment ran or will run.\n\nThe maximum duration that you can set for an inference experiment is 30 days.", + "title": "Schedule" }, - "SyncCompliance": { - "markdownDescription": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` .\n\nIn `MANUAL` mode, you must specify the `AssociationId` as a parameter for the `PutComplianceItems` API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the `PutComplianceItems` API action.\n\nBy default, all associations use `AUTO` mode.", - "title": "SyncCompliance", + "ShadowModeConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModeConfig", + "markdownDescription": "The configuration of `ShadowMode` inference experiment type, which shows the production variant that takes all the inference requests, and the shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant it also shows the percentage of requests that Amazon SageMaker replicates.", + "title": "ShadowModeConfig" + }, + "StatusReason": { + "markdownDescription": "The error message for the inference experiment status result.", + "title": "StatusReason", "type": "string" }, - "Targets": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::SSM::Association.Target" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The targets for the association. You must specify the `InstanceId` or `Targets` property. You can target all instances in an AWS account by specifying t he `InstanceIds` key with a value of `*` .\n\nSupported formats include the following.\n\n- `Key=InstanceIds,Values=,,`\n- `Key=tag-key,Values=,`\n\nTo view a JSON and a YAML example that targets all instances, see \"Create an association for all managed instances in an AWS account \" on the Examples page.", - "title": "Targets", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" }, - "WaitForSuccessTimeoutSeconds": { - "markdownDescription": "The number of seconds the service should wait for the association status to show \"Success\" before proceeding with the stack execution. If the association status doesn't show \"Success\" after the specified number of seconds, then stack creation fails.\n\n> When you specify a value for the `WaitForSuccessTimeoutSeconds` , [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html) for your AWS CloudFormation stack\u2019s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don\u2019t include `WaitForSuccessTimeoutSeconds` in your template.", - "title": "WaitForSuccessTimeoutSeconds", - "type": "number" + "Type": { + "markdownDescription": "The type of the inference experiment.", + "title": "Type", + "type": "string" } }, "required": [ - "Name" + "EndpointName", + "ModelVariants", + "Name", + "RoleArn", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::Association" + "AWS::SageMaker::InferenceExperiment" ], "type": "string" }, @@ -240992,223 +294532,202 @@ ], "type": "object" }, - "AWS::SSM::Association.InstanceAssociationOutputLocation": { + "AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader": { "additionalProperties": false, "properties": { - "S3Location": { - "$ref": "#/definitions/AWS::SSM::Association.S3OutputLocation", - "markdownDescription": "`S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request.", - "title": "S3Location" + "CsvContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of all content type headers that Amazon SageMaker AI will treat as CSV and capture accordingly.", + "title": "CsvContentTypes", + "type": "array" + }, + "JsonContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of all content type headers that SageMaker AI will treat as JSON and capture accordingly.", + "title": "JsonContentTypes", + "type": "array" } }, "type": "object" }, - "AWS::SSM::Association.S3OutputLocation": { + "AWS::SageMaker::InferenceExperiment.DataStorageConfig": { "additionalProperties": false, "properties": { - "OutputS3BucketName": { - "markdownDescription": "The name of the S3 bucket.", - "title": "OutputS3BucketName", - "type": "string" + "ContentType": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader", + "markdownDescription": "Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data.", + "title": "ContentType" }, - "OutputS3KeyPrefix": { - "markdownDescription": "The S3 bucket subfolder.", - "title": "OutputS3KeyPrefix", + "Destination": { + "markdownDescription": "The Amazon S3 bucket where the inference request and response data is stored.", + "title": "Destination", "type": "string" }, - "OutputS3Region": { - "markdownDescription": "The AWS Region of the S3 bucket.", - "title": "OutputS3Region", + "KmsKey": { + "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", + "title": "KmsKey", "type": "string" } }, + "required": [ + "Destination" + ], "type": "object" }, - "AWS::SSM::Association.Target": { + "AWS::SageMaker::InferenceExperiment.EndpointMetadata": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", - "title": "Key", + "EndpointConfigName": { + "markdownDescription": "The name of the endpoint configuration.", + "title": "EndpointConfigName", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", - "title": "Values", - "type": "array" + "EndpointName": { + "markdownDescription": "The name of the endpoint.", + "title": "EndpointName", + "type": "string" + }, + "EndpointStatus": { + "markdownDescription": "The status of the endpoint. For possible values of the status of an endpoint, see [](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-inferenceexperiment-endpointmetadata.html#cfn-sagemaker-inferenceexperiment-endpointmetadata-endpointstatus) .", + "title": "EndpointStatus", + "type": "string" } }, "required": [ - "Key", - "Values" + "EndpointName" ], "type": "object" }, - "AWS::SSM::Document": { + "AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule": { "additionalProperties": false, "properties": { - "Condition": { + "EndTime": { + "markdownDescription": "The timestamp at which the inference experiment ended or will end.", + "title": "EndTime", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StartTime": { + "markdownDescription": "The timestamp at which the inference experiment started or will start.", + "title": "StartTime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig": { + "additionalProperties": false, + "properties": { + "InfrastructureType": { + "markdownDescription": "The inference option to which to deploy your model. Possible values are the following:\n\n- `RealTime` : Deploy to real-time inference.", + "title": "InfrastructureType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "RealTimeInferenceConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig", + "markdownDescription": "The infrastructure configuration for deploying the model to real-time inference.", + "title": "RealTimeInferenceConfig" + } + }, + "required": [ + "InfrastructureType", + "RealTimeInferenceConfig" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.ModelVariantConfig": { + "additionalProperties": false, + "properties": { + "InfrastructureConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig", + "markdownDescription": "The configuration for the infrastructure that the model will be deployed to.", + "title": "InfrastructureConfig" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Attachments": { - "items": { - "$ref": "#/definitions/AWS::SSM::Document.AttachmentsSource" - }, - "markdownDescription": "A list of key-value pairs that describe attachments to a version of a document.", - "title": "Attachments", - "type": "array" - }, - "Content": { - "markdownDescription": "The content for the new SSM document in JSON or YAML. For more information about the schemas for SSM document content, see [SSM document schema features and examples](https://docs.aws.amazon.com/systems-manager/latest/userguide/document-schemas-features.html) in the *AWS Systems Manager User Guide* .\n\n> This parameter also supports `String` data types.", - "title": "Content", - "type": "object" - }, - "DocumentFormat": { - "markdownDescription": "Specify the document format for the request. `JSON` is the default format.", - "title": "DocumentFormat", - "type": "string" - }, - "DocumentType": { - "markdownDescription": "The type of document to create.", - "title": "DocumentType", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the SSM document.\n\n> You can't use the following strings as document name prefixes. These are reserved by AWS for use as document name prefixes:\n> \n> - `aws`\n> - `amazon`\n> - `amzn`\n> - `AWSEC2`\n> - `AWSConfigRemediation`\n> - `AWSSupport`", - "title": "Name", - "type": "string" - }, - "Requires": { - "items": { - "$ref": "#/definitions/AWS::SSM::Document.DocumentRequires" - }, - "markdownDescription": "A list of SSM documents required by a document. This parameter is used exclusively by AWS AppConfig . When a user creates an AWS AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an `ApplicationConfiguration` document requires an `ApplicationConfigurationSchema` document for validation purposes. For more information, see [What is AWS AppConfig ?](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .", - "title": "Requires", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "AWS CloudFormation resource tags to apply to the document. Use tags to help you identify and categorize resources.", - "title": "Tags", - "type": "array" - }, - "TargetType": { - "markdownDescription": "Specify a target type to define the kinds of resources the document can run on. For example, to run a document on EC2 instances, specify the following value: `/AWS::EC2::Instance` . If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) in the *AWS CloudFormation User Guide* .", - "title": "TargetType", - "type": "string" - }, - "UpdateMethod": { - "markdownDescription": "If the document resource you specify in your template already exists, this parameter determines whether a new version of the existing document is created, or the existing document is replaced. `Replace` is the default method. If you specify `NewVersion` for the `UpdateMethod` parameter, and the `Name` of the document does not match an existing resource, a new document is created. When you specify `NewVersion` , the default version of the document is changed to the newly created version.", - "title": "UpdateMethod", - "type": "string" - }, - "VersionName": { - "markdownDescription": "An optional field specifying the version of the artifact you are creating with the document. For example, `Release12.1` . This value is unique across all versions of a document, and can't be changed.", - "title": "VersionName", - "type": "string" - } - }, - "required": [ - "Content" - ], - "type": "object" + "ModelName": { + "markdownDescription": "The name of the Amazon SageMaker Model entity.", + "title": "ModelName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SSM::Document" - ], + "VariantName": { + "markdownDescription": "The name of the variant.", + "title": "VariantName", "type": "string" + } + }, + "required": [ + "InfrastructureConfig", + "ModelName", + "VariantName" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of instances of the type specified by `InstanceType` .", + "title": "InstanceCount", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InstanceType": { + "markdownDescription": "The instance type the model is deployed to.", + "title": "InstanceType", "type": "string" } }, "required": [ - "Type", - "Properties" + "InstanceCount", + "InstanceType" ], "type": "object" }, - "AWS::SSM::Document.AttachmentsSource": { + "AWS::SageMaker::InferenceExperiment.ShadowModeConfig": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair that identifies the location of an attachment to a document.", - "title": "Key", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the document attachment file.", - "title": "Name", - "type": "string" - }, - "Values": { + "ShadowModelVariants": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig" }, - "markdownDescription": "The value of a key-value pair that identifies the location of an attachment to a document. The format for *Value* depends on the type of key you specify.\n\n- For the key *SourceUrl* , the value is an S3 bucket location. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix\" ]`\n- For the key *S3FileUrl* , the value is a file in an S3 bucket. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix/my-file.py\" ]`\n- For the key *AttachmentReference* , the value is constructed from the name of another SSM document in your account, a version number of that document, and a file attached to that document version that you want to reuse. For example:\n\n`\"Values\": [ \"MyOtherDocument/3/my-other-file.py\" ]`\n\nHowever, if the SSM document is shared with you from another account, the full SSM document ARN must be specified instead of the document name only. For example:\n\n`\"Values\": [ \"arn:aws:ssm:us-east-2:111122223333:document/OtherAccountDocument/3/their-file.py\" ]`", - "title": "Values", + "markdownDescription": "List of shadow variant configurations.", + "title": "ShadowModelVariants", "type": "array" + }, + "SourceModelVariantName": { + "markdownDescription": "The name of the production variant, which takes all the inference requests.", + "title": "SourceModelVariantName", + "type": "string" } }, + "required": [ + "ShadowModelVariants", + "SourceModelVariantName" + ], "type": "object" }, - "AWS::SSM::Document.DocumentRequires": { + "AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the required SSM document. The name can be an Amazon Resource Name (ARN).", - "title": "Name", - "type": "string" + "SamplingPercentage": { + "markdownDescription": "The percentage of inference requests that Amazon SageMaker replicates from the production variant to the shadow variant.", + "title": "SamplingPercentage", + "type": "number" }, - "Version": { - "markdownDescription": "The document version required by the current document.", - "title": "Version", + "ShadowModelVariantName": { + "markdownDescription": "The name of the shadow variant.", + "title": "ShadowModelVariantName", "type": "string" } }, + "required": [ + "SamplingPercentage", + "ShadowModelVariantName" + ], "type": "object" }, - "AWS::SSM::MaintenanceWindow": { + "AWS::SageMaker::MlflowTrackingServer": { "additionalProperties": false, "properties": { "Condition": { @@ -241243,77 +294762,60 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowUnassociatedTargets": { - "markdownDescription": "Enables a maintenance window task to run on managed instances, even if you have not registered those instances as targets. If enabled, then you must specify the unregistered instances (by instance ID) when you register a task with the maintenance window.", - "title": "AllowUnassociatedTargets", - "type": "boolean" - }, - "Cutoff": { - "markdownDescription": "The number of hours before the end of the maintenance window that AWS Systems Manager stops scheduling new tasks for execution.", - "title": "Cutoff", - "type": "number" - }, - "Description": { - "markdownDescription": "A description of the maintenance window.", - "title": "Description", - "type": "string" - }, - "Duration": { - "markdownDescription": "The duration of the maintenance window in hours.", - "title": "Duration", - "type": "number" - }, - "EndDate": { - "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become inactive.", - "title": "EndDate", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the maintenance window.", - "title": "Name", - "type": "string" - }, - "Schedule": { - "markdownDescription": "The schedule of the maintenance window in the form of a cron or rate expression.", - "title": "Schedule", + "ArtifactStoreUri": { + "markdownDescription": "", + "title": "ArtifactStoreUri", "type": "string" }, - "ScheduleOffset": { - "markdownDescription": "The number of days to wait to run a maintenance window after the scheduled cron expression date and time.", - "title": "ScheduleOffset", - "type": "number" + "AutomaticModelRegistration": { + "markdownDescription": "", + "title": "AutomaticModelRegistration", + "type": "boolean" }, - "ScheduleTimezone": { - "markdownDescription": "The time zone that the scheduled maintenance window executions are based on, in Internet Assigned Numbers Authority (IANA) format.", - "title": "ScheduleTimezone", + "MlflowVersion": { + "markdownDescription": "", + "title": "MlflowVersion", "type": "string" }, - "StartDate": { - "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become active. `StartDate` allows you to delay activation of the maintenance window until the specified future date.", - "title": "StartDate", + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a maintenance window to identify the type of tasks it will run, the types of targets, and the environment it will run in.", + "markdownDescription": "", "title": "Tags", "type": "array" + }, + "TrackingServerName": { + "markdownDescription": "", + "title": "TrackingServerName", + "type": "string" + }, + "TrackingServerSize": { + "markdownDescription": "", + "title": "TrackingServerSize", + "type": "string" + }, + "WeeklyMaintenanceWindowStart": { + "markdownDescription": "", + "title": "WeeklyMaintenanceWindowStart", + "type": "string" } }, "required": [ - "AllowUnassociatedTargets", - "Cutoff", - "Duration", - "Name", - "Schedule" + "ArtifactStoreUri", + "RoleArn", + "TrackingServerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::MaintenanceWindow" + "AWS::SageMaker::MlflowTrackingServer" ], "type": "string" }, @@ -241332,7 +294834,7 @@ ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTarget": { + "AWS::SageMaker::Model": { "additionalProperties": false, "properties": { "Condition": { @@ -241367,50 +294869,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the target.", - "title": "Description", - "type": "string" + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition" + }, + "markdownDescription": "Specifies the containers in the inference pipeline.", + "title": "Containers", + "type": "array" }, - "Name": { - "markdownDescription": "The name for the maintenance window target.", - "title": "Name", - "type": "string" + "EnableNetworkIsolation": { + "markdownDescription": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.", + "title": "EnableNetworkIsolation", + "type": "boolean" }, - "OwnerInformation": { - "markdownDescription": "A user-provided value that will be included in any Amazon CloudWatch Events events that are raised while running tasks for these targets in this maintenance window.", - "title": "OwnerInformation", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume to access model artifacts and docker image for deployment on ML compute instances or for batch transform jobs. Deploying on ML compute instances is part of model hosting. For more information, see [SageMaker Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker, the caller of this API must have the `iam:PassRole` permission.", + "title": "ExecutionRoleArn", "type": "string" }, - "ResourceType": { - "markdownDescription": "The type of target that is being registered with the maintenance window.", - "title": "ResourceType", + "InferenceExecutionConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.InferenceExecutionConfig", + "markdownDescription": "Specifies details of how containers in a multi-container endpoint are called.", + "title": "InferenceExecutionConfig" + }, + "ModelName": { + "markdownDescription": "The name of the new model.", + "title": "ModelName", "type": "string" }, - "Targets": { + "PrimaryContainer": { + "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition", + "markdownDescription": "The location of the primary docker image containing inference code, associated artifacts, and custom environment map that the inference code uses when the model is deployed for predictions.", + "title": "PrimaryContainer" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTarget.Targets" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs.\n\nYou must specify targets by using the `WindowTargetIds` parameter.", - "title": "Targets", + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", + "title": "Tags", "type": "array" }, - "WindowId": { - "markdownDescription": "The ID of the maintenance window to register the target with.", - "title": "WindowId", - "type": "string" + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.VpcConfig", + "markdownDescription": "A [VpcConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_VpcConfig.html) object that specifies the VPC that you want your model to connect to. Control access to and from your model container by configuring the VPC. `VpcConfig` is used in hosting services and in batch transform. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Data in Batch Transform Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/batch-vpc.html) .", + "title": "VpcConfig" } }, - "required": [ - "ResourceType", - "Targets", - "WindowId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::MaintenanceWindowTarget" + "AWS::SageMaker::Model" ], "type": "string" }, @@ -241424,404 +294934,245 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTarget.Targets": { + "AWS::SageMaker::Model.AdditionalModelDataSource": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", - "title": "Key", + "ChannelName": { "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", - "title": "Values", - "type": "array" + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource" } }, "required": [ - "Key", - "Values" + "ChannelName", + "S3DataSource" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask": { + "AWS::SageMaker::Model.ContainerDefinition": { "additionalProperties": false, "properties": { - "Condition": { + "ContainerHostname": { + "markdownDescription": "This parameter is ignored for models that contain only a `PrimaryContainer` .\n\nWhen a `ContainerDefinition` is part of an inference pipeline, the value of the parameter uniquely identifies the container for the purposes of logging and metrics. For information, see [Use Logs and Metrics to Monitor an Inference Pipeline](https://docs.aws.amazon.com/sagemaker/latest/dg/inference-pipeline-logs-metrics.html) . If you don't specify a value for this parameter for a `ContainerDefinition` that is part of an inference pipeline, a unique name is automatically assigned based on the position of the `ContainerDefinition` in the pipeline. If you specify a value for the `ContainerHostName` for any `ContainerDefinition` that is part of an inference pipeline, you must specify a value for the `ContainerHostName` parameter of every `ContainerDefinition` in that pipeline.", + "title": "ContainerHostname", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Environment": { + "markdownDescription": "The environment variables to set in the Docker container. Don't include any sensitive data in your environment variables.\n\nThe maximum length of each key and value in the `Environment` map is 1024 bytes. The maximum length of all keys and values in the map, combined, is 32 KB. If you pass multiple containers to a `CreateModel` request, then the maximum length of all of their maps, combined, is also 32 KB.", + "title": "Environment", + "type": "object" + }, + "Image": { + "markdownDescription": "The path where inference code is stored. This can be either in Amazon EC2 Container Registry or in a Docker registry that is accessible from the same VPC that you configure for your endpoint. If you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", + "title": "Image", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.ImageConfig", + "markdownDescription": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For information about storing containers in a private Docker registry, see [Use a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", + "title": "ImageConfig" }, - "Metadata": { - "type": "object" + "InferenceSpecificationName": { + "markdownDescription": "The inference specification name in the model package version.", + "title": "InferenceSpecificationName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CutoffBehavior": { - "markdownDescription": "The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached.", - "title": "CutoffBehavior", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the task.", - "title": "Description", - "type": "string" - }, - "LoggingInfo": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.LoggingInfo", - "markdownDescription": "Information about an Amazon S3 bucket to write Run Command task-level logs to.\n\n> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) .", - "title": "LoggingInfo" - }, - "MaxConcurrency": { - "markdownDescription": "The maximum number of targets this task can be run for, in parallel.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", - "title": "MaxConcurrency", - "type": "string" - }, - "MaxErrors": { - "markdownDescription": "The maximum number of errors allowed before this task stops being scheduled.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", - "title": "MaxErrors", - "type": "string" - }, - "Name": { - "markdownDescription": "The task name.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "The priority of the task in the maintenance window. The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.", - "title": "Priority", - "type": "number" - }, - "ServiceRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", - "title": "ServiceRoleArn", - "type": "string" - }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.Target" - }, - "markdownDescription": "The targets, either instances or window target IDs.\n\n- Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` .\n- Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` .", - "title": "Targets", - "type": "array" - }, - "TaskArn": { - "markdownDescription": "The resource that the task uses during execution.\n\nFor `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN).\n\nFor `LAMBDA` tasks, `TaskArn` is the function name or ARN.\n\nFor `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN.", - "title": "TaskArn", - "type": "string" - }, - "TaskInvocationParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters", - "markdownDescription": "The parameters to pass to the task when it runs. Populate only the fields that match the task type. All other fields should be empty.\n\n> When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed.", - "title": "TaskInvocationParameters" - }, - "TaskParameters": { - "markdownDescription": "The parameters to pass to the task when it runs.\n\n> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) .", - "title": "TaskParameters", - "type": "object" - }, - "TaskType": { - "markdownDescription": "The type of task. Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` .", - "title": "TaskType", - "type": "string" - }, - "WindowId": { - "markdownDescription": "The ID of the maintenance window where the task is registered.", - "title": "WindowId", - "type": "string" - } - }, - "required": [ - "Priority", - "TaskArn", - "TaskType", - "WindowId" - ], - "type": "object" + "Mode": { + "markdownDescription": "Whether the container hosts a single model or multiple models.", + "title": "Mode", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SSM::MaintenanceWindowTask" - ], + "ModelDataSource": { + "$ref": "#/definitions/AWS::SageMaker::Model.ModelDataSource", + "markdownDescription": "Specifies the location of ML model data to deploy.\n\n> Currently you cannot use `ModelDataSource` in conjunction with SageMaker batch transform, SageMaker serverless endpoints, SageMaker multi-model endpoints, and SageMaker Marketplace.", + "title": "ModelDataSource" + }, + "ModelDataUrl": { + "markdownDescription": "The S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). The S3 path is required for SageMaker built-in algorithms, but not if you use your own algorithms. For more information on built-in algorithms, see [Common Parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-algo-docker-registry-paths.html) .\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model or endpoint you are creating. \n\nIf you provide a value for this parameter, SageMaker uses AWS Security Token Service to download model artifacts from the S3 path you provide. AWS STS is activated in your AWS account by default. If you previously deactivated AWS STS for a region, you need to reactivate AWS STS for that region. For more information, see [Activating and Deactivating AWS STS in an AWS Region](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the *AWS Identity and Access Management User Guide* .\n\n> If you use a built-in algorithm to create a model, SageMaker requires that you provide a S3 path to the model artifacts in `ModelDataUrl` .", + "title": "ModelDataUrl", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelPackageName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the model package to use to create the model.", + "title": "ModelPackageName", + "type": "string" + }, + "MultiModelConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.MultiModelConfig", + "markdownDescription": "Specifies additional configuration for multi-model endpoints.", + "title": "MultiModelConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::Model.HubAccessConfig": { + "additionalProperties": false, + "properties": { + "HubContentArn": { + "markdownDescription": "The ARN of your private model hub content. This should be a `ModelReference` resource type that points to a SageMaker JumpStart public hub model.", + "title": "HubContentArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "HubContentArn" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig": { + "AWS::SageMaker::Model.ImageConfig": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupName": { - "markdownDescription": "The name of the CloudWatch Logs log group where you want to send command output. If you don't specify a group name, AWS Systems Manager automatically creates a log group for you. The log group uses the following naming format:\n\n`aws/ssm/ *SystemsManagerDocumentName*`", - "title": "CloudWatchLogGroupName", + "RepositoryAccessMode": { + "markdownDescription": "Set this to one of the following values:\n\n- `Platform` - The model image is hosted in Amazon ECR.\n- `Vpc` - The model image is hosted in a private Docker registry in your VPC.", + "title": "RepositoryAccessMode", "type": "string" }, - "CloudWatchOutputEnabled": { - "markdownDescription": "Enables Systems Manager to send command output to CloudWatch Logs.", - "title": "CloudWatchOutputEnabled", - "type": "boolean" + "RepositoryAuthConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.RepositoryAuthConfig", + "markdownDescription": "(Optional) Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified `Vpc` as the value for the `RepositoryAccessMode` field, and the private Docker registry where the model image is hosted requires authentication.", + "title": "RepositoryAuthConfig" } }, + "required": [ + "RepositoryAccessMode" + ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.LoggingInfo": { + "AWS::SageMaker::Model.InferenceExecutionConfig": { "additionalProperties": false, "properties": { - "Region": { - "markdownDescription": "The AWS Region where the S3 bucket is located.", - "title": "Region", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The name of an S3 bucket where execution logs are stored.", - "title": "S3Bucket", - "type": "string" - }, - "S3Prefix": { - "markdownDescription": "The Amazon S3 bucket subfolder.", - "title": "S3Prefix", + "Mode": { + "markdownDescription": "How containers in a multi-container are run. The following values are valid.\n\n- `Serial` - Containers run as a serial pipeline.\n- `Direct` - Only the individual container that you specify is run.", + "title": "Mode", "type": "string" } }, "required": [ - "Region", - "S3Bucket" + "Mode" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters": { + "AWS::SageMaker::Model.ModelAccessConfig": { "additionalProperties": false, "properties": { - "DocumentVersion": { - "markdownDescription": "The version of an Automation runbook to use during task execution.", - "title": "DocumentVersion", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters for the `AUTOMATION` type task.", - "title": "Parameters", - "type": "object" + "AcceptEula": { + "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "AcceptEula", + "type": "boolean" } }, + "required": [ + "AcceptEula" + ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters": { + "AWS::SageMaker::Model.ModelDataSource": { "additionalProperties": false, "properties": { - "ClientContext": { - "markdownDescription": "Client-specific information to pass to the AWS Lambda function that you're invoking. You can then use the `context` variable to process the client information in your AWS Lambda function.", - "title": "ClientContext", - "type": "string" - }, - "Payload": { - "markdownDescription": "JSON to provide to your AWS Lambda function as input.\n\n> Although `Type` is listed as \"String\" for this property, the payload content must be formatted as a Base64-encoded binary data object. \n\n*Length Constraint:* 4096", - "title": "Payload", - "type": "string" - }, - "Qualifier": { - "markdownDescription": "An AWS Lambda function version or alias name. If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to.", - "title": "Qualifier", - "type": "string" + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource", + "markdownDescription": "Specifies the S3 location of ML model data to deploy.", + "title": "S3DataSource" } }, + "required": [ + "S3DataSource" + ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters": { + "AWS::SageMaker::Model.MultiModelConfig": { "additionalProperties": false, "properties": { - "CloudWatchOutputConfig": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig", - "markdownDescription": "Configuration options for sending command output to Amazon CloudWatch Logs.", - "title": "CloudWatchOutputConfig" - }, - "Comment": { - "markdownDescription": "Information about the command or commands to run.", - "title": "Comment", - "type": "string" - }, - "DocumentHash": { - "markdownDescription": "The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.", - "title": "DocumentHash", - "type": "string" - }, - "DocumentHashType": { - "markdownDescription": "The SHA-256 or SHA-1 hash type. SHA-1 hashes are deprecated.", - "title": "DocumentHashType", - "type": "string" - }, - "DocumentVersion": { - "markdownDescription": "The AWS Systems Manager document (SSM document) version to use in the request. You can specify `$DEFAULT` , `$LATEST` , or a specific version number. If you run commands by using the AWS CLI, then you must escape the first two options by using a backslash. If you specify a version number, then you don't need to use the backslash. For example:\n\n`--document-version \"\\$DEFAULT\"`\n\n`--document-version \"\\$LATEST\"`\n\n`--document-version \"3\"`", - "title": "DocumentVersion", - "type": "string" - }, - "NotificationConfig": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.NotificationConfig", - "markdownDescription": "Configurations for sending notifications about command status changes on a per-managed node basis.", - "title": "NotificationConfig" - }, - "OutputS3BucketName": { - "markdownDescription": "The name of the Amazon Simple Storage Service (Amazon S3) bucket.", - "title": "OutputS3BucketName", - "type": "string" - }, - "OutputS3KeyPrefix": { - "markdownDescription": "The S3 bucket subfolder.", - "title": "OutputS3KeyPrefix", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters for the `RUN_COMMAND` task execution.\n\nThe supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .", - "title": "Parameters", - "type": "object" - }, - "ServiceRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", - "title": "ServiceRoleArn", + "ModelCacheSetting": { + "markdownDescription": "Whether to cache models for a multi-model endpoint. By default, multi-model endpoints cache models so that a model does not have to be loaded into memory each time it is invoked. Some use cases do not benefit from model caching. For example, if an endpoint hosts a large number of models that are each invoked infrequently, the endpoint might perform better if you disable model caching. To disable model caching, set the value of this parameter to Disabled.", + "title": "ModelCacheSetting", "type": "string" - }, - "TimeoutSeconds": { - "markdownDescription": "If this time is reached and the command hasn't already started running, it doesn't run.", - "title": "TimeoutSeconds", - "type": "number" } }, "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters": { + "AWS::SageMaker::Model.RepositoryAuthConfig": { "additionalProperties": false, "properties": { - "Input": { - "markdownDescription": "The inputs for the `STEP_FUNCTIONS` task.", - "title": "Input", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `STEP_FUNCTIONS` task.", - "title": "Name", + "RepositoryCredentialsProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the *AWS Lambda Developer Guide* .", + "title": "RepositoryCredentialsProviderArn", "type": "string" } }, + "required": [ + "RepositoryCredentialsProviderArn" + ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.NotificationConfig": { + "AWS::SageMaker::Model.S3DataSource": { "additionalProperties": false, "properties": { - "NotificationArn": { - "markdownDescription": "An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic. Run Command pushes notifications about command status changes to this topic.", - "title": "NotificationArn", + "CompressionType": { + "markdownDescription": "", + "title": "CompressionType", "type": "string" }, - "NotificationEvents": { - "items": { - "type": "string" - }, - "markdownDescription": "The different events that you can receive notifications for. These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* .", - "title": "NotificationEvents", - "type": "array" + "HubAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.HubAccessConfig", + "markdownDescription": "The configuration for a private hub model reference that points to a SageMaker JumpStart public hub model.", + "title": "HubAccessConfig" }, - "NotificationType": { - "markdownDescription": "The notification type.\n\n- `Command` : Receive notification when the status of a command changes.\n- `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.", - "title": "NotificationType", + "ModelAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.ModelAccessConfig", + "markdownDescription": "", + "title": "ModelAccessConfig" + }, + "S3DataType": { + "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", + "title": "S3DataType", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", + "title": "S3Uri", "type": "string" } }, "required": [ - "NotificationArn" + "CompressionType", + "S3DataType", + "S3Uri" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.Target": { + "AWS::SageMaker::Model.VpcConfig": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "User-defined criteria for sending commands that target instances that meet the criteria. `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", - "title": "Key", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" }, - "Values": { + "Subnets": { "items": { "type": "string" }, - "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", - "title": "Values", + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", "type": "array" } }, "required": [ - "Key", - "Values" + "SecurityGroupIds", + "Subnets" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters": { - "additionalProperties": false, - "properties": { - "MaintenanceWindowAutomationParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters", - "markdownDescription": "The parameters for an `AUTOMATION` task type.", - "title": "MaintenanceWindowAutomationParameters" - }, - "MaintenanceWindowLambdaParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters", - "markdownDescription": "The parameters for a `LAMBDA` task type.", - "title": "MaintenanceWindowLambdaParameters" - }, - "MaintenanceWindowRunCommandParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters", - "markdownDescription": "The parameters for a `RUN_COMMAND` task type.", - "title": "MaintenanceWindowRunCommandParameters" - }, - "MaintenanceWindowStepFunctionsParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters", - "markdownDescription": "The parameters for a `STEP_FUNCTIONS` task type.", - "title": "MaintenanceWindowStepFunctionsParameters" - } - }, - "type": "object" - }, - "AWS::SSM::Parameter": { + "AWS::SageMaker::ModelBiasJobDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -241856,67 +295207,77 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedPattern": { - "markdownDescription": "A regular expression used to validate the parameter value. For example, for `String` types with values restricted to numbers, you can specify the following: `AllowedPattern=^\\d+$`", - "title": "AllowedPattern", + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", "type": "string" }, - "DataType": { - "markdownDescription": "The data type of the parameter, such as `text` or `aws:ec2:image` . The default is `text` .", - "title": "DataType", + "JobDefinitionName": { + "markdownDescription": "The name of the bias job definition. The name must be unique within an AWS Region in the AWS account.", + "title": "JobDefinitionName", "type": "string" }, - "Description": { - "markdownDescription": "Information about the parameter.", - "title": "Description", - "type": "string" + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" }, - "Name": { - "markdownDescription": "The name of the parameter.\n\n> The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: `arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName`", - "title": "Name", - "type": "string" + "ModelBiasAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification", + "markdownDescription": "Configures the model bias job to run a specified Docker container image.", + "title": "ModelBiasAppSpecification" }, - "Policies": { - "markdownDescription": "Information about the policies assigned to a parameter.\n\n[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* .", - "title": "Policies", - "type": "string" + "ModelBiasBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig", + "markdownDescription": "The baseline configuration for a model bias job.", + "title": "ModelBiasBaselineConfig" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "ModelBiasJobInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput", + "markdownDescription": "Inputs for the model bias job.", + "title": "ModelBiasJobInput" }, - "Tier": { - "markdownDescription": "The parameter tier.", - "title": "Tier", - "type": "string" + "ModelBiasJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "ModelBiasJobOutputConfig" }, - "Type": { - "markdownDescription": "The type of parameter.\n\n> Parameters of type `SecureString` are not supported by AWS CloudFormation .", - "title": "Type", - "type": "string" + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig", + "markdownDescription": "Networking options for a model bias job.", + "title": "NetworkConfig" }, - "Value": { - "markdownDescription": "The parameter value.\n\n> If type is `StringList` , the system returns a comma-separated string with no spaces between commas in the `Value` field.", - "title": "Value", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "Type", - "Value" + "JobResources", + "ModelBiasAppSpecification", + "ModelBiasJobInput", + "ModelBiasJobOutputConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::Parameter" + "AWS::SageMaker::ModelBiasJobDefinition" ], "type": "string" }, @@ -241935,256 +295296,439 @@ ], "type": "object" }, - "AWS::SSM::PatchBaseline": { + "AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { - "Condition": { + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" + }, + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" }, - "Metadata": { - "type": "object" + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApprovalRules": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.RuleGroup", - "markdownDescription": "A set of rules used to include patches in the baseline.", - "title": "ApprovalRules" - }, - "ApprovedPatches": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of explicitly approved patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", - "title": "ApprovedPatches", - "type": "array" - }, - "ApprovedPatchesComplianceLevel": { - "markdownDescription": "Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` .", - "title": "ApprovedPatchesComplianceLevel", - "type": "string" - }, - "ApprovedPatchesEnableNonSecurity": { - "markdownDescription": "Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. The default value is `false` . Applies to Linux managed nodes only.", - "title": "ApprovedPatchesEnableNonSecurity", - "type": "boolean" - }, - "DefaultBaseline": { - "markdownDescription": "Indicates whether this is the default baseline. AWS Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.", - "title": "DefaultBaseline", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description of the patch baseline.", - "title": "Description", - "type": "string" - }, - "GlobalFilters": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", - "markdownDescription": "A set of global filters used to include patches in the baseline.\n\n> The `GlobalFilters` parameter can be configured only by using the AWS CLI or an AWS SDK. It can't be configured from the Patch Manager console, and its value isn't displayed in the console.", - "title": "GlobalFilters" - }, - "Name": { - "markdownDescription": "The name of the patch baseline.", - "title": "Name", - "type": "string" - }, - "OperatingSystem": { - "markdownDescription": "Defines the operating system the patch baseline applies to. The default value is `WINDOWS` .", - "title": "OperatingSystem", - "type": "string" - }, - "PatchGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the patch group to be registered with the patch baseline.", - "title": "PatchGroups", - "type": "array" - }, - "RejectedPatches": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of explicitly rejected patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", - "title": "RejectedPatches", - "type": "array" - }, - "RejectedPatchesAction": { - "markdownDescription": "The action for Patch Manager to take on patches included in the `RejectedPackages` list.\n\n- **ALLOW_AS_DEPENDENCY** - *Linux and macOS* : A package in the rejected patches list is installed only if it is a dependency of another package. It is considered compliant with the patch baseline, and its status is reported as `INSTALLED_OTHER` . This is the default action if no option is specified.\n\n*Windows Server* : Windows Server doesn't support the concept of package dependencies. If a package in the rejected patches list and already installed on the node, its status is reported as `INSTALLED_OTHER` . Any package not already installed on the node is skipped. This is the default action if no option is specified.\n- **BLOCK** - *All OSs* : Packages in the rejected patches list, and packages that include them as dependencies, aren't installed by Patch Manager under any circumstances. If a package was installed before it was added to the rejected patches list, or is installed outside of Patch Manager afterward, it's considered noncompliant with the patch baseline and its status is reported as `INSTALLED_REJECTED` .", - "title": "RejectedPatchesAction", - "type": "string" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchSource" - }, - "markdownDescription": "Information about the patches to use to update the managed nodes, including target operating systems and source repositories. Applies to Linux managed nodes only.", - "title": "Sources", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a patch baseline to identify the severity level of patches it specifies and the operating system family it applies to.", - "title": "Tags", - "type": "array" + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", + "type": "number" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + }, + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", + "type": "string" + } + }, + "required": [ + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.Csv": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" + }, + "Json": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Json", + "markdownDescription": "", + "title": "Json" + }, + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.EndpointInput": { + "additionalProperties": false, + "properties": { + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", + "type": "string" + }, + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", + "type": "number" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + }, + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", + "type": "string" + } + }, + "required": [ + "EndpointName", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.Json": { + "additionalProperties": false, + "properties": { + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification": { + "additionalProperties": false, + "properties": { + "ConfigUri": { + "markdownDescription": "JSON formatted S3 file that defines bias parameters. For more information on this JSON configuration file, see [Configure bias parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-bias-parameters.html) .", + "title": "ConfigUri", + "type": "string" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the Docker container.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" } }, - "required": [ - "Name" - ], + "title": "Environment", "type": "object" }, - "Type": { - "enum": [ - "AWS::SSM::PatchBaseline" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ImageUri": { + "markdownDescription": "The container image to be run by the model bias job.", + "title": "ImageUri", "type": "string" } }, "required": [ - "Type", - "Properties" + "ConfigUri", + "ImageUri" ], "type": "object" }, - "AWS::SSM::PatchBaseline.PatchFilter": { + "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key for the filter.\n\nFor information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", - "title": "Key", + "BaseliningJobName": { + "markdownDescription": "The name of the baseline model bias job.", + "title": "BaseliningJobName", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The value for the filter key.\n\nFor information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", - "title": "Values", - "type": "array" + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a monitoring job.", + "title": "ConstraintsResource" } }, "type": "object" }, - "AWS::SSM::PatchBaseline.PatchFilterGroup": { + "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput": { "additionalProperties": false, "properties": { - "PatchFilters": { - "items": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilter" - }, - "markdownDescription": "The set of patch filters that make up the group.", - "title": "PatchFilters", - "type": "array" + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" + }, + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" + }, + "GroundTruthS3Input": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input", + "markdownDescription": "Location of ground truth labels to use in model bias job.", + "title": "GroundTruthS3Input" } }, + "required": [ + "GroundTruthS3Input" + ], "type": "object" }, - "AWS::SSM::PatchBaseline.PatchSource": { + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input": { "additionalProperties": false, "properties": { - "Configuration": { - "markdownDescription": "The value of the yum repo configuration. For example:\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\n> For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) .", - "title": "Configuration", + "S3Uri": { + "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", + "title": "S3Uri", "type": "string" - }, - "Name": { - "markdownDescription": "The name specified to identify the patch source.", - "title": "Name", + } + }, + "required": [ + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput": { + "additionalProperties": false, + "properties": { + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" + } + }, + "required": [ + "S3Output" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", "type": "string" }, - "Products": { + "MonitoringOutputs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput" }, - "markdownDescription": "The specific operating system versions a patch repository applies to, such as \"Ubuntu16.04\", \"RedhatEnterpriseLinux7.2\" or \"Suse12.7\". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", - "title": "Products", + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", "type": "array" } }, + "required": [ + "MonitoringOutputs" + ], "type": "object" }, - "AWS::SSM::PatchBaseline.Rule": { + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources": { "additionalProperties": false, "properties": { - "ApproveAfterDays": { - "markdownDescription": "The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of `7` means that patches are approved seven days after they are released.\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveAfterDays` or `ApproveUntilDate` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", - "title": "ApproveAfterDays", - "type": "number" + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" + } + }, + "required": [ + "ClusterConfig" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig": { + "additionalProperties": false, + "properties": { + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" }, - "ApproveUntilDate": { - "markdownDescription": "The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically.\n\nEnter dates in the format `YYYY-MM-DD` . For example, `2024-12-31` .\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveUntilDate` or `ApproveAfterDays` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", - "title": "ApproveUntilDate", - "type": "string" + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" }, - "ComplianceLevel": { - "markdownDescription": "A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` .", - "title": "ComplianceLevel", + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.S3Output": { + "additionalProperties": false, + "properties": { + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. `LocalPath` is an absolute path for the output data.", + "title": "LocalPath", "type": "string" }, - "EnableNonSecurity": { - "markdownDescription": "For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is `false` . Applies to Linux managed nodes only.", - "title": "EnableNonSecurity", - "type": "boolean" + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", + "type": "string" }, - "PatchFilterGroup": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", - "markdownDescription": "The patch filter group that defines the criteria for the rule.", - "title": "PatchFilterGroup" + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", + "type": "string" } }, + "required": [ + "LocalPath", + "S3Uri" + ], "type": "object" }, - "AWS::SSM::PatchBaseline.RuleGroup": { + "AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition": { "additionalProperties": false, "properties": { - "PatchRules": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" + } + }, + "required": [ + "MaxRuntimeInSeconds" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.Rule" + "type": "string" }, - "markdownDescription": "The rules that make up the rule group.", - "title": "PatchRules", + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", "type": "array" } }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], "type": "object" }, - "AWS::SSM::ResourceDataSync": { + "AWS::SageMaker::ModelCard": { "additionalProperties": false, "properties": { "Condition": { @@ -242219,60 +295763,55 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", - "title": "BucketName", - "type": "string" - }, - "BucketPrefix": { - "markdownDescription": "An Amazon S3 prefix for the bucket.", - "title": "BucketPrefix", - "type": "string" - }, - "BucketRegion": { - "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", - "title": "BucketRegion", - "type": "string" + "Content": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.Content", + "markdownDescription": "The content of the model card. Content uses the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", + "title": "Content" }, - "KMSKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key for a destination in Amazon S3 . You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same AWS Region as the destination Amazon S3 bucket.", - "title": "KMSKeyArn", - "type": "string" + "CreatedBy": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", + "markdownDescription": "Information about the user who created or modified one or more of the following:\n\n- Experiment\n- Trial\n- Trial component\n- Lineage group\n- Project\n- Model Card", + "title": "CreatedBy" }, - "S3Destination": { - "$ref": "#/definitions/AWS::SSM::ResourceDataSync.S3Destination", - "markdownDescription": "Configuration information for the target S3 bucket.", - "title": "S3Destination" + "LastModifiedBy": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", + "markdownDescription": "", + "title": "LastModifiedBy" }, - "SyncFormat": { - "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", - "title": "SyncFormat", + "ModelCardName": { + "markdownDescription": "The unique name of the model card.", + "title": "ModelCardName", "type": "string" }, - "SyncName": { - "markdownDescription": "A name for the resource data sync.", - "title": "SyncName", + "ModelCardStatus": { + "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", + "title": "ModelCardStatus", "type": "string" }, - "SyncSource": { - "$ref": "#/definitions/AWS::SSM::ResourceDataSync.SyncSource", - "markdownDescription": "Information about the source where the data was synchronized.", - "title": "SyncSource" + "SecurityConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.SecurityConfig", + "markdownDescription": "The security configuration used to protect model card data.", + "title": "SecurityConfig" }, - "SyncType": { - "markdownDescription": "The type of resource data sync. If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions .", - "title": "SyncType", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs used to manage metadata for the model card.", + "title": "Tags", + "type": "array" } }, "required": [ - "SyncName" + "Content", + "ModelCardName", + "ModelCardStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::ResourceDataSync" + "AWS::SageMaker::ModelCard" ], "type": "string" }, @@ -242291,829 +295830,662 @@ ], "type": "object" }, - "AWS::SSM::ResourceDataSync.AwsOrganizationsSource": { + "AWS::SageMaker::ModelCard.AdditionalInformation": { "additionalProperties": false, "properties": { - "OrganizationSourceType": { - "markdownDescription": "If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` . For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization.", - "title": "OrganizationSourceType", + "CaveatsAndRecommendations": { + "markdownDescription": "Caveats and recommendations for those who might use this model in their applications.", + "title": "CaveatsAndRecommendations", "type": "string" }, - "OrganizationalUnits": { - "items": { - "type": "string" + "CustomDetails": { + "additionalProperties": true, + "markdownDescription": "Any additional information to document about the model.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The AWS Organizations organization units included in the sync.", - "title": "OrganizationalUnits", - "type": "array" + "title": "CustomDetails", + "type": "object" + }, + "EthicalConsiderations": { + "markdownDescription": "Any ethical considerations documented by the model card author.", + "title": "EthicalConsiderations", + "type": "string" } }, - "required": [ - "OrganizationSourceType" - ], "type": "object" }, - "AWS::SSM::ResourceDataSync.S3Destination": { + "AWS::SageMaker::ModelCard.BusinessDetails": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", - "title": "BucketName", - "type": "string" - }, - "BucketPrefix": { - "markdownDescription": "An Amazon S3 prefix for the bucket.", - "title": "BucketPrefix", - "type": "string" - }, - "BucketRegion": { - "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", - "title": "BucketRegion", + "BusinessProblem": { + "markdownDescription": "The specific business problem that the model is trying to solve.", + "title": "BusinessProblem", "type": "string" }, - "KMSKeyArn": { - "markdownDescription": "The ARN of an encryption key for a destination in Amazon S3. Must belong to the same Region as the destination S3 bucket.", - "title": "KMSKeyArn", + "BusinessStakeholders": { + "markdownDescription": "The relevant stakeholders for the model.", + "title": "BusinessStakeholders", "type": "string" }, - "SyncFormat": { - "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", - "title": "SyncFormat", + "LineOfBusiness": { + "markdownDescription": "The broader business need that the model is serving.", + "title": "LineOfBusiness", "type": "string" } }, - "required": [ - "BucketName", - "BucketRegion", - "SyncFormat" - ], "type": "object" }, - "AWS::SSM::ResourceDataSync.SyncSource": { + "AWS::SageMaker::ModelCard.Container": { "additionalProperties": false, "properties": { - "AwsOrganizationsSource": { - "$ref": "#/definitions/AWS::SSM::ResourceDataSync.AwsOrganizationsSource", - "markdownDescription": "Information about the AwsOrganizationsSource resource data sync source. A sync source of this type can synchronize data from AWS Organizations .", - "title": "AwsOrganizationsSource" - }, - "IncludeFutureRegions": { - "markdownDescription": "Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online.", - "title": "IncludeFutureRegions", - "type": "boolean" + "Image": { + "markdownDescription": "", + "title": "Image", + "type": "string" }, - "SourceRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The `SyncSource` AWS Regions included in the resource data sync.", - "title": "SourceRegions", - "type": "array" + "ModelDataUrl": { + "markdownDescription": "", + "title": "ModelDataUrl", + "type": "string" }, - "SourceType": { - "markdownDescription": "The type of data source for the resource data sync. `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` .", - "title": "SourceType", + "NearestModelName": { + "markdownDescription": "", + "title": "NearestModelName", "type": "string" } }, "required": [ - "SourceRegions", - "SourceType" + "Image" ], "type": "object" }, - "AWS::SSM::ResourcePolicy": { + "AWS::SageMaker::ModelCard.Content": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AdditionalInformation": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.AdditionalInformation", + "markdownDescription": "Additional information about the model.", + "title": "AdditionalInformation" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BusinessDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.BusinessDetails", + "markdownDescription": "Information about how the model supports business goals.", + "title": "BusinessDetails" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EvaluationDetails": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.EvaluationDetail" + }, + "markdownDescription": "An overview about the model's evaluation.", + "title": "EvaluationDetails", + "type": "array" }, - "Metadata": { - "type": "object" + "IntendedUses": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.IntendedUses", + "markdownDescription": "The intended usage of the model.", + "title": "IntendedUses" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Policy": { - "markdownDescription": "A policy you want to associate with a resource.", - "title": "Policy", - "type": "object" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to which you want to attach a policy.", - "title": "ResourceArn", - "type": "string" - } - }, - "required": [ - "Policy", - "ResourceArn" - ], - "type": "object" + "ModelOverview": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelOverview", + "markdownDescription": "An overview about the model", + "title": "ModelOverview" }, - "Type": { - "enum": [ - "AWS::SSM::ResourcePolicy" - ], - "type": "string" + "ModelPackageDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageDetails", + "markdownDescription": "", + "title": "ModelPackageDetails" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TrainingDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingDetails", + "markdownDescription": "An overview about model training.", + "title": "TrainingDetails" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSMContacts::Contact": { + "AWS::SageMaker::ModelCard.EvaluationDetail": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Datasets": { + "items": { + "type": "string" + }, + "markdownDescription": "The location of the datasets used to evaluate the model.", + "title": "Datasets", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EvaluationJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the evaluation job.", + "title": "EvaluationJobArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EvaluationObservation": { + "markdownDescription": "Any observations made during the model evaluation.", + "title": "EvaluationObservation", + "type": "string" }, "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Alias": { - "markdownDescription": "The unique and identifiable alias of the contact or escalation plan.", - "title": "Alias", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The full name of the contact or escalation plan.", - "title": "DisplayName", - "type": "string" - }, - "Plan": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.Stage" - }, - "markdownDescription": "A list of stages. A contact has an engagement plan with stages that contact specified contact channels. An escalation plan uses stages that contact specified contacts.", - "title": "Plan", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of contact.\n\n- `PERSONAL` : A single, individual contact.\n- `ESCALATION` : An escalation plan.\n- `ONCALL_SCHEDULE` : An on-call schedule.", - "title": "Type", + "additionalProperties": true, + "markdownDescription": "Additional attributes associated with the evaluation results.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "Alias", - "DisplayName", - "Type" - ], + "title": "Metadata", "type": "object" }, - "Type": { - "enum": [ - "AWS::SSMContacts::Contact" - ], - "type": "string" + "MetricGroups": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricGroup" + }, + "markdownDescription": "An evaluation Metric Group object.", + "title": "MetricGroups", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The evaluation job name.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::SSMContacts::Contact.ChannelTargetInfo": { + "AWS::SageMaker::ModelCard.Function": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", - "title": "ChannelId", + "Condition": { + "markdownDescription": "An optional description of any conditions of your objective function metric.", + "title": "Condition", "type": "string" }, - "RetryIntervalInMinutes": { - "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", - "title": "RetryIntervalInMinutes", - "type": "number" - } - }, - "required": [ - "ChannelId", - "RetryIntervalInMinutes" - ], - "type": "object" - }, - "AWS::SSMContacts::Contact.ContactTargetInfo": { - "additionalProperties": false, - "properties": { - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", - "title": "ContactId", + "Facet": { + "markdownDescription": "The metric of the model's objective function. For example, *loss* or *rmse* . The following list shows examples of the values that you can specify for the metric:\n\n- `ACCURACY`\n- `AUC`\n- `LOSS`\n- `MAE`\n- `RMSE`", + "title": "Facet", "type": "string" }, - "IsEssential": { - "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", - "title": "IsEssential", - "type": "boolean" + "Function": { + "markdownDescription": "The optimization direction of the model's objective function. You must specify one of the following values:\n\n- `Maximize`\n- `Minimize`", + "title": "Function", + "type": "string" } }, - "required": [ - "ContactId", - "IsEssential" - ], "type": "object" }, - "AWS::SSMContacts::Contact.Stage": { + "AWS::SageMaker::ModelCard.InferenceEnvironment": { "additionalProperties": false, "properties": { - "DurationInMinutes": { - "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", - "title": "DurationInMinutes", - "type": "number" - }, - "RotationIds": { + "ContainerImage": { "items": { "type": "string" }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", - "title": "RotationIds", - "type": "array" - }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.Targets" - }, - "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", - "title": "Targets", + "markdownDescription": "The container used to run the inference environment.", + "title": "ContainerImage", "type": "array" } }, "type": "object" }, - "AWS::SSMContacts::Contact.Targets": { + "AWS::SageMaker::ModelCard.InferenceSpecification": { "additionalProperties": false, "properties": { - "ChannelTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.ChannelTargetInfo", - "markdownDescription": "Information about the contact channel that Incident Manager engages.", - "title": "ChannelTargetInfo" - }, - "ContactTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.ContactTargetInfo", - "markdownDescription": "The contact that Incident Manager is engaging during an incident.", - "title": "ContactTargetInfo" + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.Container" + }, + "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", + "title": "Containers", + "type": "array" } }, + "required": [ + "Containers" + ], "type": "object" }, - "AWS::SSMContacts::ContactChannel": { + "AWS::SageMaker::ModelCard.IntendedUses": { "additionalProperties": false, "properties": { - "Condition": { + "ExplanationsForRiskRating": { + "markdownDescription": "An explanation of why your organization categorizes the model with its risk rating.", + "title": "ExplanationsForRiskRating", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FactorsAffectingModelEfficiency": { + "markdownDescription": "Factors affecting model efficacy.", + "title": "FactorsAffectingModelEfficiency", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelAddress": { - "markdownDescription": "The details that Incident Manager uses when trying to engage the contact channel.", - "title": "ChannelAddress", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The name of the contact channel.", - "title": "ChannelName", - "type": "string" - }, - "ChannelType": { - "markdownDescription": "The type of the contact channel. Incident Manager supports three contact methods:\n\n- SMS\n- VOICE\n- EMAIL", - "title": "ChannelType", - "type": "string" - }, - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact you are adding the contact channel to.", - "title": "ContactId", - "type": "string" - }, - "DeferActivation": { - "markdownDescription": "If you want to activate the channel at a later time, you can choose to defer activation. Incident Manager can't engage your contact channel until it has been activated.", - "title": "DeferActivation", - "type": "boolean" - } - }, - "required": [ - "ChannelAddress", - "ChannelName", - "ChannelType", - "ContactId" - ], - "type": "object" + "IntendedUses": { + "markdownDescription": "The intended use cases for the model.", + "title": "IntendedUses", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SSMContacts::ContactChannel" - ], + "PurposeOfModel": { + "markdownDescription": "The general purpose of the model.", + "title": "PurposeOfModel", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RiskRating": { + "markdownDescription": "Your organization's risk rating. You can specify one the following values as the risk rating:\n\n- High\n- Medium\n- Low\n- Unknown", + "title": "RiskRating", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSMContacts::Plan": { + "AWS::SageMaker::ModelCard.MetricDataItems": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Notes": { "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Type": { + "type": "string" }, - "Metadata": { + "Value": { "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", - "title": "ContactId", - "type": "string" - }, - "RotationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", - "title": "RotationIds", - "type": "array" - }, - "Stages": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.Stage" - }, - "markdownDescription": "A list of stages that the escalation plan or engagement plan uses to engage contacts and contact methods.", - "title": "Stages", - "type": "array" - } + "XAxisName": { + "items": { + "type": "string" }, - "required": [ - "ContactId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSMContacts::Plan" - ], - "type": "string" + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "YAxisName": { + "items": { + "type": "string" + }, + "type": "array" } }, "required": [ + "Name", "Type", - "Properties" + "Value" ], "type": "object" }, - "AWS::SSMContacts::Plan.ChannelTargetInfo": { + "AWS::SageMaker::ModelCard.MetricGroup": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", - "title": "ChannelId", - "type": "string" + "MetricData": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricDataItems" + }, + "markdownDescription": "A list of metric objects. The `MetricDataItems` list can have one of the following values:\n\n- `bar_chart_metric`\n- `matrix_metric`\n- `simple_metric`\n- `linear_graph_metric`\n\nFor more information about the metric schema, see the definition section of the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", + "title": "MetricData", + "type": "array" }, - "RetryIntervalInMinutes": { - "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", - "title": "RetryIntervalInMinutes", - "type": "number" + "Name": { + "markdownDescription": "The metric group name.", + "title": "Name", + "type": "string" } }, "required": [ - "ChannelId", - "RetryIntervalInMinutes" + "MetricData", + "Name" ], "type": "object" }, - "AWS::SSMContacts::Plan.ContactTargetInfo": { + "AWS::SageMaker::ModelCard.ModelOverview": { "additionalProperties": false, "properties": { - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", - "title": "ContactId", + "AlgorithmType": { + "markdownDescription": "The algorithm used to solve the problem.", + "title": "AlgorithmType", "type": "string" }, - "IsEssential": { - "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", - "title": "IsEssential", - "type": "boolean" + "InferenceEnvironment": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceEnvironment", + "markdownDescription": "An overview about model inference.", + "title": "InferenceEnvironment" + }, + "ModelArtifact": { + "items": { + "type": "string" + }, + "markdownDescription": "The location of the model artifact.", + "title": "ModelArtifact", + "type": "array" + }, + "ModelCreator": { + "markdownDescription": "The creator of the model.", + "title": "ModelCreator", + "type": "string" + }, + "ModelDescription": { + "markdownDescription": "A description of the model.", + "title": "ModelDescription", + "type": "string" + }, + "ModelId": { + "markdownDescription": "The SageMaker AI Model ARN or non- SageMaker AI Model ID.", + "title": "ModelId", + "type": "string" + }, + "ModelName": { + "markdownDescription": "The name of the model.", + "title": "ModelName", + "type": "string" + }, + "ModelOwner": { + "markdownDescription": "The owner of the model.", + "title": "ModelOwner", + "type": "string" + }, + "ModelVersion": { + "markdownDescription": "The version of the model.", + "title": "ModelVersion", + "type": "number" + }, + "ProblemType": { + "markdownDescription": "The problem being solved with the model.", + "title": "ProblemType", + "type": "string" } }, - "required": [ - "ContactId", - "IsEssential" - ], "type": "object" }, - "AWS::SSMContacts::Plan.Stage": { + "AWS::SageMaker::ModelCard.ModelPackageCreator": { "additionalProperties": false, "properties": { - "DurationInMinutes": { - "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", - "title": "DurationInMinutes", + "UserProfileName": { + "markdownDescription": "", + "title": "UserProfileName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.ModelPackageDetails": { + "additionalProperties": false, + "properties": { + "ApprovalDescription": { + "markdownDescription": "", + "title": "ApprovalDescription", + "type": "string" + }, + "CreatedBy": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageCreator", + "markdownDescription": "", + "title": "CreatedBy" + }, + "Domain": { + "markdownDescription": "", + "title": "Domain", + "type": "string" + }, + "InferenceSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceSpecification", + "markdownDescription": "", + "title": "InferenceSpecification" + }, + "ModelApprovalStatus": { + "markdownDescription": "", + "title": "ModelApprovalStatus", + "type": "string" + }, + "ModelPackageArn": { + "markdownDescription": "", + "title": "ModelPackageArn", + "type": "string" + }, + "ModelPackageDescription": { + "markdownDescription": "", + "title": "ModelPackageDescription", + "type": "string" + }, + "ModelPackageGroupName": { + "markdownDescription": "", + "title": "ModelPackageGroupName", + "type": "string" + }, + "ModelPackageName": { + "markdownDescription": "", + "title": "ModelPackageName", + "type": "string" + }, + "ModelPackageStatus": { + "markdownDescription": "", + "title": "ModelPackageStatus", + "type": "string" + }, + "ModelPackageVersion": { + "markdownDescription": "", + "title": "ModelPackageVersion", "type": "number" }, - "Targets": { + "SourceAlgorithms": { "items": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.Targets" - }, - "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", - "title": "Targets", + "$ref": "#/definitions/AWS::SageMaker::ModelCard.SourceAlgorithm" + }, + "markdownDescription": "", + "title": "SourceAlgorithms", "type": "array" + }, + "Task": { + "markdownDescription": "", + "title": "Task", + "type": "string" } }, - "required": [ - "DurationInMinutes" - ], "type": "object" }, - "AWS::SSMContacts::Plan.Targets": { + "AWS::SageMaker::ModelCard.ObjectiveFunction": { "additionalProperties": false, "properties": { - "ChannelTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.ChannelTargetInfo", - "markdownDescription": "Information about the contact channel that Incident Manager engages.", - "title": "ChannelTargetInfo" + "Function": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.Function", + "markdownDescription": "A function object that details optimization direction, metric, and additional descriptions.", + "title": "Function" }, - "ContactTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.ContactTargetInfo", - "markdownDescription": "Information about the contact that Incident Manager engages.", - "title": "ContactTargetInfo" + "Notes": { + "markdownDescription": "Notes about the object function, including other considerations for possible objective functions.", + "title": "Notes", + "type": "string" } }, "type": "object" }, - "AWS::SSMContacts::Rotation": { + "AWS::SageMaker::ModelCard.SecurityConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KmsKeyId": { + "markdownDescription": "A AWS Key Management Service [key ID](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id) used to encrypt a model card.", + "title": "KmsKeyId", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContactIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the contacts to add to the rotation.\n\n> Only the `PERSONAL` contact type is supported. The contact types `ESCALATION` and `ONCALL_SCHEDULE` are not supported for this operation. \n\nThe order in which you list the contacts is their shift order in the rotation schedule.", - "title": "ContactIds", - "type": "array" - }, - "Name": { - "markdownDescription": "The name for the rotation.", - "title": "Name", - "type": "string" - }, - "Recurrence": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.RecurrenceSettings", - "markdownDescription": "Information about the rule that specifies when shift team members rotate.", - "title": "Recurrence" - }, - "StartTime": { - "markdownDescription": "The date and time the rotation goes into effect.", - "title": "StartTime", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Optional metadata to assign to the rotation. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For more information, see [Tagging Incident Manager resources](https://docs.aws.amazon.com/incident-manager/latest/userguide/tagging.html) in the *Incident Manager User Guide* .", - "title": "Tags", - "type": "array" - }, - "TimeZoneId": { - "markdownDescription": "The time zone to base the rotation\u2019s activity on, in Internet Assigned Numbers Authority (IANA) format. For example: \"America/Los_Angeles\", \"UTC\", or \"Asia/Seoul\". For more information, see the [Time Zone Database](https://docs.aws.amazon.com/https://www.iana.org/time-zones) on the IANA website.\n\n> Designators for time zones that don\u2019t support Daylight Savings Time rules, such as Pacific Standard Time (PST), are not supported.", - "title": "TimeZoneId", - "type": "string" - } - }, - "required": [ - "ContactIds", - "Name", - "Recurrence", - "StartTime", - "TimeZoneId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSMContacts::Rotation" - ], + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.SourceAlgorithm": { + "additionalProperties": false, + "properties": { + "AlgorithmName": { + "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", + "title": "AlgorithmName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelDataUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", + "title": "ModelDataUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AlgorithmName" ], "type": "object" }, - "AWS::SSMContacts::Rotation.CoverageTime": { + "AWS::SageMaker::ModelCard.TrainingDetails": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "Information about when an on-call rotation shift ends.", - "title": "EndTime", - "type": "string" + "ObjectiveFunction": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ObjectiveFunction", + "markdownDescription": "The function that is optimized during model training.", + "title": "ObjectiveFunction" }, - "StartTime": { - "markdownDescription": "Information about when an on-call rotation shift begins.", - "title": "StartTime", + "TrainingJobDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingJobDetails", + "markdownDescription": "Details about any associated training jobs.", + "title": "TrainingJobDetails" + }, + "TrainingObservations": { + "markdownDescription": "Any observations about training.", + "title": "TrainingObservations", "type": "string" } }, - "required": [ - "EndTime", - "StartTime" - ], "type": "object" }, - "AWS::SSMContacts::Rotation.MonthlySetting": { + "AWS::SageMaker::ModelCard.TrainingEnvironment": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month when monthly recurring on-call rotations begin.", - "title": "DayOfMonth", - "type": "number" + "ContainerImage": { + "items": { + "type": "string" + }, + "markdownDescription": "SageMaker AI inference image URI.", + "title": "ContainerImage", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.TrainingHyperParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the hyper parameter.", + "title": "Name", + "type": "string" }, - "HandOffTime": { - "markdownDescription": "The time of day when a monthly recurring on-call shift rotation begins.", - "title": "HandOffTime", + "Value": { + "markdownDescription": "The value specified for the hyper parameter.", + "title": "Value", "type": "string" } }, "required": [ - "DayOfMonth", - "HandOffTime" + "Name", + "Value" ], "type": "object" }, - "AWS::SSMContacts::Rotation.RecurrenceSettings": { + "AWS::SageMaker::ModelCard.TrainingJobDetails": { "additionalProperties": false, "properties": { - "DailySettings": { + "HyperParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" }, - "markdownDescription": "Information about on-call rotations that recur daily.", - "title": "DailySettings", + "markdownDescription": "The hyper parameters used in the training job.", + "title": "HyperParameters", "type": "array" }, - "MonthlySettings": { + "TrainingArn": { + "markdownDescription": "The SageMaker AI training job Amazon Resource Name (ARN)", + "title": "TrainingArn", + "type": "string" + }, + "TrainingDatasets": { "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.MonthlySetting" + "type": "string" }, - "markdownDescription": "Information about on-call rotations that recur monthly.", - "title": "MonthlySettings", + "markdownDescription": "The location of the datasets used to train the model.", + "title": "TrainingDatasets", "type": "array" }, - "NumberOfOnCalls": { - "markdownDescription": "The number of contacts, or shift team members designated to be on call concurrently during a shift. For example, in an on-call schedule that contains ten contacts, a value of `2` designates that two of them are on call at any given time.", - "title": "NumberOfOnCalls", - "type": "number" + "TrainingEnvironment": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingEnvironment", + "markdownDescription": "The SageMaker AI training job image URI.", + "title": "TrainingEnvironment" }, - "RecurrenceMultiplier": { - "markdownDescription": "The number of days, weeks, or months a single rotation lasts.", - "title": "RecurrenceMultiplier", - "type": "number" + "TrainingMetrics": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" + }, + "markdownDescription": "The SageMaker AI training job results.", + "title": "TrainingMetrics", + "type": "array" }, - "ShiftCoverages": { + "UserProvidedHyperParameters": { "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.ShiftCoverage" + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" }, - "markdownDescription": "Information about the days of the week included in on-call rotation coverage.", - "title": "ShiftCoverages", + "markdownDescription": "Additional hyper parameters that you've specified when training the model.", + "title": "UserProvidedHyperParameters", "type": "array" }, - "WeeklySettings": { + "UserProvidedTrainingMetrics": { "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.WeeklySetting" + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" }, - "markdownDescription": "Information about on-call rotations that recur weekly.", - "title": "WeeklySettings", + "markdownDescription": "Custom training job results.", + "title": "UserProvidedTrainingMetrics", "type": "array" } }, - "required": [ - "NumberOfOnCalls", - "RecurrenceMultiplier" - ], "type": "object" }, - "AWS::SSMContacts::Rotation.ShiftCoverage": { + "AWS::SageMaker::ModelCard.TrainingMetric": { "additionalProperties": false, "properties": { - "CoverageTimes": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.CoverageTime" - }, - "markdownDescription": "The start and end times of the shift.", - "title": "CoverageTimes", - "type": "array" + "Name": { + "markdownDescription": "The name of the result from the SageMaker AI training job.", + "title": "Name", + "type": "string" }, - "DayOfWeek": { - "markdownDescription": "A list of days on which the schedule is active.", - "title": "DayOfWeek", + "Notes": { + "markdownDescription": "Any additional notes describing the result of the training job.", + "title": "Notes", "type": "string" + }, + "Value": { + "markdownDescription": "The value of a result from the SageMaker AI training job.", + "title": "Value", + "type": "number" } }, "required": [ - "CoverageTimes", - "DayOfWeek" + "Name", + "Value" ], "type": "object" }, - "AWS::SSMContacts::Rotation.WeeklySetting": { + "AWS::SageMaker::ModelCard.UserContext": { "additionalProperties": false, "properties": { - "DayOfWeek": { - "markdownDescription": "The day of the week when weekly recurring on-call shift rotations begins.", - "title": "DayOfWeek", + "DomainId": { + "markdownDescription": "The domain associated with the user.", + "title": "DomainId", "type": "string" }, - "HandOffTime": { - "markdownDescription": "The time of day when a weekly recurring on-call shift rotation begins.", - "title": "HandOffTime", + "UserProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's profile.", + "title": "UserProfileArn", + "type": "string" + }, + "UserProfileName": { + "markdownDescription": "The name of the user's profile.", + "title": "UserProfileName", "type": "string" } }, - "required": [ - "DayOfWeek", - "HandOffTime" - ], "type": "object" }, - "AWS::SSMIncidents::ReplicationSet": { + "AWS::SageMaker::ModelExplainabilityJobDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -243148,36 +296520,77 @@ "Properties": { "additionalProperties": false, "properties": { - "DeletionProtected": { - "markdownDescription": "Determines if the replication set deletion protection is enabled or not. If deletion protection is enabled, you can't delete the last Region in the replication set.", - "title": "DeletionProtected", - "type": "boolean" + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", + "type": "string" }, - "Regions": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.ReplicationRegion" - }, - "markdownDescription": "Specifies the Regions of the replication set.", - "title": "Regions", - "type": "array" + "JobDefinitionName": { + "markdownDescription": "The name of the model explainability job definition. The name must be unique within an AWS Region in the AWS account.", + "title": "JobDefinitionName", + "type": "string" + }, + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" + }, + "ModelExplainabilityAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification", + "markdownDescription": "Configures the model explainability job to run a specified Docker container image.", + "title": "ModelExplainabilityAppSpecification" + }, + "ModelExplainabilityBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig", + "markdownDescription": "The baseline configuration for a model explainability job.", + "title": "ModelExplainabilityBaselineConfig" + }, + "ModelExplainabilityJobInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput", + "markdownDescription": "Inputs for the model explainability job.", + "title": "ModelExplainabilityJobInput" + }, + "ModelExplainabilityJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "ModelExplainabilityJobOutputConfig" + }, + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig", + "markdownDescription": "Networking options for a model explainability job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", + "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to add to the replication set.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "Regions" + "JobResources", + "ModelExplainabilityAppSpecification", + "ModelExplainabilityJobInput", + "ModelExplainabilityJobOutputConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSMIncidents::ReplicationSet" + "AWS::SageMaker::ModelExplainabilityJobDefinition" ], "type": "string" }, @@ -243196,597 +296609,387 @@ ], "type": "object" }, - "AWS::SSMIncidents::ReplicationSet.RegionConfiguration": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { - "SseKmsKeyId": { - "markdownDescription": "The AWS Key Management Service key ID to use to encrypt your replication set.", - "title": "SseKmsKeyId", + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", "type": "string" - } - }, - "required": [ - "SseKmsKeyId" - ], - "type": "object" - }, - "AWS::SSMIncidents::ReplicationSet.ReplicationRegion": { - "additionalProperties": false, - "properties": { - "RegionConfiguration": { - "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.RegionConfiguration", - "markdownDescription": "Specifies the Region configuration.", - "title": "RegionConfiguration" }, - "RegionName": { - "markdownDescription": "Specifies the region name to add to the replication set.", - "title": "RegionName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SSMIncidents::ResponsePlan": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" }, - "Metadata": { - "type": "object" + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Action" - }, - "markdownDescription": "The actions that the response plan starts at the beginning of an incident.", - "title": "Actions", - "type": "array" - }, - "ChatChannel": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.ChatChannel", - "markdownDescription": "The chat channel used for collaboration during an incident.", - "title": "ChatChannel" - }, - "DisplayName": { - "markdownDescription": "The human readable name of the response plan.", - "title": "DisplayName", - "type": "string" - }, - "Engagements": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) for the contacts and escalation plans that the response plan engages during an incident.", - "title": "Engagements", - "type": "array" - }, - "IncidentTemplate": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.IncidentTemplate", - "markdownDescription": "Details used to create an incident when using this response plan.", - "title": "IncidentTemplate" - }, - "Integrations": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Integration" - }, - "markdownDescription": "Information about third-party services integrated into the response plan.", - "title": "Integrations", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the response plan.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "IncidentTemplate", - "Name" - ], - "type": "object" + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SSMIncidents::ResponsePlan" - ], + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.Action": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig": { "additionalProperties": false, "properties": { - "SsmAutomation": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmAutomation", - "markdownDescription": "Details about the Systems Manager automation document that will be used as a runbook during an incident.", - "title": "SsmAutomation" + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" } }, + "required": [ + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" + ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.ChatChannel": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource": { "additionalProperties": false, "properties": { - "ChatbotSns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon SNS targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics", - "title": "ChatbotSns", - "type": "array" + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" } }, "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.Csv": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key parameter to use when running the Systems Manager Automation runbook.", - "title": "Key", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue", - "markdownDescription": "The dynamic parameter value.", - "title": "Value" + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat": { "additionalProperties": false, "properties": { - "Variable": { - "markdownDescription": "Variable dynamic parameters. A parameter value is determined when an incident is created.", - "title": "Variable", - "type": "string" + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" + }, + "Json": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Json", + "markdownDescription": "", + "title": "Json" + }, + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" } }, "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.IncidentTemplate": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput": { "additionalProperties": false, "properties": { - "DedupeString": { - "markdownDescription": "Used to create only one incident record for an incident.", - "title": "DedupeString", + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", "type": "string" }, - "Impact": { - "markdownDescription": "Defines the impact to the customers. Providing an impact overwrites the impact provided by a response plan.\n\n**Possible impacts:** - `1` - Critical impact, this typically relates to full application failure that impacts many to all customers.\n- `2` - High impact, partial application failure with impact to many customers.\n- `3` - Medium impact, the application is providing reduced service to customers.\n- `4` - Low impact, customer might aren't impacted by the problem yet.\n- `5` - No impact, customers aren't currently impacted but urgent action is needed to avoid impact.", - "title": "Impact", - "type": "number" + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" }, - "IncidentTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the template. When the `StartIncident` API action is called, Incident Manager assigns the tags specified in the template to the incident.", - "title": "IncidentTags", - "type": "array" + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" }, - "NotificationTargets": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.NotificationTargetItem" - }, - "markdownDescription": "The Amazon Simple Notification Service ( Amazon SNS ) targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel using the Amazon SNS topics.", - "title": "NotificationTargets", - "type": "array" + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" }, - "Summary": { - "markdownDescription": "The summary describes what has happened during the incident.", - "title": "Summary", + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", "type": "string" }, - "Title": { - "markdownDescription": "The title of the incident is a brief and easily recognizable.", - "title": "Title", + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" } }, "required": [ - "Impact", - "Title" + "EndpointName", + "LocalPath" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.Integration": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.Json": { "additionalProperties": false, "properties": { - "PagerDutyConfiguration": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration", - "markdownDescription": "Information about the PagerDuty service where the response plan creates an incident.", - "title": "PagerDutyConfiguration" + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" } }, - "required": [ - "PagerDutyConfiguration" - ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.NotificationTargetItem": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification": { "additionalProperties": false, "properties": { - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic.", - "title": "SnsTopicArn", + "ConfigUri": { + "markdownDescription": "JSON formatted Amazon S3 file that defines explainability parameters. For more information on this JSON configuration file, see [Configure model explainability parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-model-explainability-parameters.html) .", + "title": "ConfigUri", + "type": "string" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the Docker container.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "ImageUri": { + "markdownDescription": "The container image to be run by the model explainability job.", + "title": "ImageUri", "type": "string" } }, + "required": [ + "ConfigUri", + "ImageUri" + ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the PagerDuty configuration.", - "title": "Name", + "BaseliningJobName": { + "markdownDescription": "The name of the baseline model explainability job.", + "title": "BaseliningJobName", "type": "string" }, - "PagerDutyIncidentConfiguration": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration", - "markdownDescription": "Details about the PagerDuty service associated with the configuration.", - "title": "PagerDutyIncidentConfiguration" + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a model explainability job.", + "title": "ConstraintsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" }, - "SecretId": { - "markdownDescription": "The ID of the AWS Secrets Manager secret that stores your PagerDuty key, either a General Access REST API Key or User Token REST API Key, and other user credentials.", - "title": "SecretId", - "type": "string" + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" } }, - "required": [ - "Name", - "PagerDutyIncidentConfiguration", - "SecretId" - ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput": { "additionalProperties": false, "properties": { - "ServiceId": { - "markdownDescription": "The ID of the PagerDuty service that the response plan associates with an incident when it launches.", - "title": "ServiceId", - "type": "string" + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" } }, "required": [ - "ServiceId" + "S3Output" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.SsmAutomation": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig": { "additionalProperties": false, "properties": { - "DocumentName": { - "markdownDescription": "The automation document's name.", - "title": "DocumentName", - "type": "string" - }, - "DocumentVersion": { - "markdownDescription": "The version of the runbook to use when running.", - "title": "DocumentVersion", + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", "type": "string" }, - "DynamicParameters": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter" - }, - "markdownDescription": "The key-value pairs to resolve dynamic parameter values when processing a Systems Manager Automation runbook.", - "title": "DynamicParameters", - "type": "array" - }, - "Parameters": { + "MonitoringOutputs": { "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmParameter" + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput" }, - "markdownDescription": "The key-value pair parameters to use when running the runbook.", - "title": "Parameters", + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that the automation document will assume when running commands.", - "title": "RoleArn", - "type": "string" - }, - "TargetAccount": { - "markdownDescription": "The account that the automation document will be run in. This can be in either the management account or an application account.", - "title": "TargetAccount", - "type": "string" } }, "required": [ - "DocumentName", - "RoleArn" + "MonitoringOutputs" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.SsmParameter": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key parameter to use when running the Automation runbook.", - "title": "Key", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The value parameter to use when running the Automation runbook.", - "title": "Values", - "type": "array" + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" } }, "required": [ - "Key", - "Values" + "ClusterConfig" ], "type": "object" }, - "AWS::SSO::Assignment": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "InstanceArn", - "type": "string" - }, - "PermissionSetArn": { - "markdownDescription": "The ARN of the permission set.", - "title": "PermissionSetArn", - "type": "string" - }, - "PrincipalId": { - "markdownDescription": "An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the [IAM Identity Center Identity Store API Reference](https://docs.aws.amazon.com//singlesignon/latest/IdentityStoreAPIReference/welcome.html) .", - "title": "PrincipalId", - "type": "string" - }, - "PrincipalType": { - "markdownDescription": "The entity type for which the assignment will be created.", - "title": "PrincipalType", - "type": "string" - }, - "TargetId": { - "markdownDescription": "TargetID is an AWS account identifier, (For example, 123456789012).", - "title": "TargetId", - "type": "string" - }, - "TargetType": { - "markdownDescription": "The entity type for which the assignment will be created.", - "title": "TargetType", - "type": "string" - } - }, - "required": [ - "InstanceArn", - "PermissionSetArn", - "PrincipalId", - "PrincipalType", - "TargetId", - "TargetType" - ], - "type": "object" + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::SSO::Assignment" - ], - "type": "string" + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSO::InstanceAccessControlAttributeConfiguration": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessControlAttributes": { - "items": { - "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute" - }, - "markdownDescription": "Lists the attributes that are configured for ABAC in the specified IAM Identity Center instance.", - "title": "AccessControlAttributes", - "type": "array" - }, - "InstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed.", - "title": "InstanceArn", - "type": "string" - } - }, - "required": [ - "InstanceArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSO::InstanceAccessControlAttributeConfiguration" - ], + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", "type": "string" } }, "required": [ - "Type", - "Properties" + "LocalPath", + "S3Uri" ], "type": "object" }, - "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center .", - "title": "Key", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue", - "markdownDescription": "The value used for mapping a specified attribute to an identity source.", - "title": "Value" + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" } }, "required": [ - "Key", - "Value" + "MaxRuntimeInSeconds" ], "type": "object" }, - "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig": { "additionalProperties": false, "properties": { - "Source": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "The identity source to use when mapping a specified attribute to IAM Identity Center .", - "title": "Source", + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", "type": "array" } }, "required": [ - "Source" + "SecurityGroupIds", + "Subnets" ], "type": "object" }, - "AWS::SSO::PermissionSet": { + "AWS::SageMaker::ModelPackage": { "additionalProperties": false, "properties": { "Condition": { @@ -243821,75 +297024,162 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomerManagedPolicyReferences": { + "AdditionalInferenceSpecifications": { "items": { - "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference" + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" }, - "markdownDescription": "Specifies the names and paths of the customer managed policies that you have attached to your permission set.", - "title": "CustomerManagedPolicyReferences", + "markdownDescription": "An array of additional Inference Specification objects.", + "title": "AdditionalInferenceSpecifications", "type": "array" }, - "Description": { - "markdownDescription": "The description of the `PermissionSet` .", - "title": "Description", + "AdditionalInferenceSpecificationsToAdd": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" + }, + "markdownDescription": "An array of additional Inference Specification objects to be added to the existing array. The total number of additional Inference Specification objects cannot exceed 15. Each additional Inference Specification object specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts.", + "title": "AdditionalInferenceSpecificationsToAdd", + "type": "array" + }, + "ApprovalDescription": { + "markdownDescription": "A description provided when the model approval is set.", + "title": "ApprovalDescription", "type": "string" }, - "InlinePolicy": { - "markdownDescription": "The inline policy that is attached to the permission set.\n\n> For `Length Constraints` , if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.", - "title": "InlinePolicy", - "type": "object" + "CertifyForMarketplace": { + "markdownDescription": "Whether the model package is to be certified to be listed on AWS Marketplace. For information about listing model packages on AWS Marketplace, see [List Your Algorithm or Model Package on AWS Marketplace](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-mkt-list.html) .", + "title": "CertifyForMarketplace", + "type": "boolean" }, - "InstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "InstanceArn", + "ClientToken": { + "markdownDescription": "A unique token that guarantees that the call to this API is idempotent.", + "title": "ClientToken", "type": "string" }, - "ManagedPolicies": { - "items": { - "type": "string" + "CustomerMetadataProperties": { + "additionalProperties": true, + "markdownDescription": "The metadata properties for the model package.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.", - "title": "ManagedPolicies", - "type": "array" + "title": "CustomerMetadataProperties", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the permission set.", - "title": "Name", + "Domain": { + "markdownDescription": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing.", + "title": "Domain", "type": "string" }, - "PermissionsBoundary": { - "$ref": "#/definitions/AWS::SSO::PermissionSet.PermissionsBoundary", - "markdownDescription": "Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\n> Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* .", - "title": "PermissionsBoundary" + "DriftCheckBaselines": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBaselines", + "markdownDescription": "Represents the drift check baselines that can be used when the model monitor is set using the model package.", + "title": "DriftCheckBaselines" }, - "RelayStateType": { - "markdownDescription": "Used to redirect users within the application during the federation authentication process.", - "title": "RelayStateType", + "InferenceSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.InferenceSpecification", + "markdownDescription": "Defines how to perform inference generation after a training job is run.", + "title": "InferenceSpecification" + }, + "LastModifiedTime": { + "markdownDescription": "The last time the model package was modified.", + "title": "LastModifiedTime", "type": "string" }, - "SessionDuration": { - "markdownDescription": "The length of time that the application user sessions are valid for in the ISO-8601 standard.", - "title": "SessionDuration", + "MetadataProperties": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetadataProperties", + "markdownDescription": "Metadata properties of the tracking entity, trial, or trial component.", + "title": "MetadataProperties" + }, + "ModelApprovalStatus": { + "markdownDescription": "The approval status of the model. This can be one of the following values.\n\n- `APPROVED` - The model is approved\n- `REJECTED` - The model is rejected.\n- `PENDING_MANUAL_APPROVAL` - The model is waiting for manual approval.", + "title": "ModelApprovalStatus", + "type": "string" + }, + "ModelCard": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelCard", + "markdownDescription": "An Amazon SageMaker Model Card.", + "title": "ModelCard" + }, + "ModelMetrics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelMetrics", + "markdownDescription": "Metrics for the model.", + "title": "ModelMetrics" + }, + "ModelPackageDescription": { + "markdownDescription": "The description of the model package.", + "title": "ModelPackageDescription", + "type": "string" + }, + "ModelPackageGroupName": { + "markdownDescription": "The model group to which the model belongs.", + "title": "ModelPackageGroupName", + "type": "string" + }, + "ModelPackageName": { + "markdownDescription": "The name of the model package. The name can be as follows:\n\n- For a versioned model, the name is automatically generated by SageMaker Model Registry and follows the format ' `ModelPackageGroupName/ModelPackageVersion` '.\n- For an unversioned model, you must provide the name.", + "title": "ModelPackageName", + "type": "string" + }, + "ModelPackageStatusDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusDetails", + "markdownDescription": "Specifies the validation and image scan statuses of the model package.", + "title": "ModelPackageStatusDetails" + }, + "ModelPackageVersion": { + "markdownDescription": "The version number of a versioned model.", + "title": "ModelPackageVersion", + "type": "number" + }, + "SamplePayloadUrl": { + "markdownDescription": "The Amazon Simple Storage Service path where the sample payload are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", + "title": "SamplePayloadUrl", + "type": "string" + }, + "SecurityConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SecurityConfig", + "markdownDescription": "", + "title": "SecurityConfig" + }, + "SkipModelValidation": { + "markdownDescription": "Indicates if you want to skip model validation.", + "title": "SkipModelValidation", + "type": "string" + }, + "SourceAlgorithmSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification", + "markdownDescription": "A list of algorithms that were used to create a model package.", + "title": "SourceAlgorithmSpecification" + }, + "SourceUri": { + "markdownDescription": "The URI of the source for the model package.", + "title": "SourceUri", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to attach to the new `PermissionSet` .", + "markdownDescription": "A list of the tags associated with the model package. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", "title": "Tags", "type": "array" + }, + "Task": { + "markdownDescription": "The machine learning task your model package accomplishes. Common machine learning tasks include object detection and image classification.", + "title": "Task", + "type": "string" + }, + "ValidationSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationSpecification", + "markdownDescription": "Specifies batch transform jobs that SageMaker runs to validate your model package.", + "title": "ValidationSpecification" } }, - "required": [ - "InstanceArn", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SSO::PermissionSet" + "AWS::SageMaker::ModelPackage" ], "type": "string" }, @@ -243903,733 +297193,449 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SSO::PermissionSet.CustomerManagedPolicyReference": { + "AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition": { "additionalProperties": false, "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" + }, + "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", + "title": "Containers", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the additional Inference specification", + "title": "Description", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the IAM policy that you have configured in each account where you want to deploy your permission set.", + "markdownDescription": "A unique name to identify the additional inference specification. The name must be unique within the list of your additional inference specifications for a particular model package.", "title": "Name", "type": "string" }, - "Path": { - "markdownDescription": "The path to the IAM policy that you have configured in each account where you want to deploy your permission set. The default is `/` . For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", - "title": "Path", - "type": "string" + "SupportedContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported MIME types for the input data.", + "title": "SupportedContentTypes", + "type": "array" + }, + "SupportedRealtimeInferenceInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.", + "title": "SupportedRealtimeInferenceInstanceTypes", + "type": "array" + }, + "SupportedResponseMIMETypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported MIME types for the output data.", + "title": "SupportedResponseMIMETypes", + "type": "array" + }, + "SupportedTransformInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.", + "title": "SupportedTransformInstanceTypes", + "type": "array" } }, "required": [ + "Containers", "Name" ], "type": "object" }, - "AWS::SSO::PermissionSet.PermissionsBoundary": { + "AWS::SageMaker::ModelPackage.Bias": { "additionalProperties": false, "properties": { - "CustomerManagedPolicyReference": { - "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference", - "markdownDescription": "Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.", - "title": "CustomerManagedPolicyReference" + "PostTrainingReport": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The post-training bias report for a model.", + "title": "PostTrainingReport" }, - "ManagedPolicyArn": { - "markdownDescription": "The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.", - "title": "ManagedPolicyArn", - "type": "string" + "PreTrainingReport": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The pre-training bias report for a model.", + "title": "PreTrainingReport" + }, + "Report": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The bias report for a model", + "title": "Report" } }, "type": "object" }, - "AWS::SageMaker::App": { + "AWS::SageMaker::ModelPackage.DataSource": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppName": { - "markdownDescription": "The name of the app.", - "title": "AppName", - "type": "string" - }, - "AppType": { - "markdownDescription": "The type of app.", - "title": "AppType", - "type": "string" - }, - "DomainId": { - "markdownDescription": "The domain ID.", - "title": "DomainId", - "type": "string" - }, - "ResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::App.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "ResourceSpec" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "UserProfileName": { - "markdownDescription": "The user profile name.", - "title": "UserProfileName", - "type": "string" - } - }, - "required": [ - "AppName", - "AppType", - "DomainId", - "UserProfileName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::App" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3DataSource", + "markdownDescription": "The S3 location of the data source that is associated with a channel.", + "title": "S3DataSource" } }, "required": [ - "Type", - "Properties" + "S3DataSource" ], "type": "object" }, - "AWS::SageMaker::App.ResourceSpec": { + "AWS::SageMaker::ModelPackage.DriftCheckBaselines": { "additionalProperties": false, "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", - "type": "string" + "Bias": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBias", + "markdownDescription": "Represents the drift check bias baselines that can be used when the model monitor is set using the model package.", + "title": "Bias" }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", - "type": "string" + "Explainability": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckExplainability", + "markdownDescription": "Represents the drift check explainability baselines that can be used when the model monitor is set using the model package.", + "title": "Explainability" }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", - "type": "string" + "ModelDataQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality", + "markdownDescription": "Represents the drift check model data quality baselines that can be used when the model monitor is set using the model package.", + "title": "ModelDataQuality" + }, + "ModelQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelQuality", + "markdownDescription": "Represents the drift check model quality baselines that can be used when the model monitor is set using the model package.", + "title": "ModelQuality" } }, "type": "object" }, - "AWS::SageMaker::AppImageConfig": { + "AWS::SageMaker::ModelPackage.DriftCheckBias": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig. Must be unique to your account.", - "title": "AppImageConfigName", - "type": "string" - }, - "CodeEditorAppImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig", - "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", - "title": "CodeEditorAppImageConfig" - }, - "JupyterLabAppImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig", - "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", - "title": "JupyterLabAppImageConfig" - }, - "KernelGatewayImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig", - "markdownDescription": "The configuration for the file system and kernels in the SageMaker AI image.", - "title": "KernelGatewayImageConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AppImageConfigName" - ], - "type": "object" + "ConfigFile": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", + "markdownDescription": "The bias config file for a model.", + "title": "ConfigFile" }, - "Type": { - "enum": [ - "AWS::SageMaker::AppImageConfig" - ], - "type": "string" + "PostTrainingConstraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The post-training constraints.", + "title": "PostTrainingConstraints" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "PreTrainingConstraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The pre-training constraints.", + "title": "PreTrainingConstraints" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig": { + "AWS::SageMaker::ModelPackage.DriftCheckExplainability": { "additionalProperties": false, "properties": { - "ContainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", - "markdownDescription": "", - "title": "ContainerConfig" + "ConfigFile": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", + "markdownDescription": "The explainability config file for the model.", + "title": "ConfigFile" + }, + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check explainability constraints.", + "title": "Constraints" } }, "type": "object" }, - "AWS::SageMaker::AppImageConfig.ContainerConfig": { + "AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality": { "additionalProperties": false, "properties": { - "ContainerArguments": { - "items": { - "type": "string" - }, - "markdownDescription": "The arguments for the container when you're running the application.", - "title": "ContainerArguments", - "type": "array" - }, - "ContainerEntrypoint": { - "items": { - "type": "string" - }, - "markdownDescription": "The entrypoint used to run the application in the container.", - "title": "ContainerEntrypoint", - "type": "array" + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model data quality constraints.", + "title": "Constraints" }, - "ContainerEnvironmentVariables": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable" - }, - "markdownDescription": "The environment variables to set in the container", - "title": "ContainerEnvironmentVariables", - "type": "array" + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model data quality statistics.", + "title": "Statistics" } }, "type": "object" }, - "AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable": { + "AWS::SageMaker::ModelPackage.DriftCheckModelQuality": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that identifies a container environment variable.", - "title": "Key", - "type": "string" + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model quality constraints.", + "title": "Constraints" }, - "Value": { - "markdownDescription": "The value of the container environment variable.", - "title": "Value", - "type": "string" + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model quality statistics.", + "title": "Statistics" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.FileSystemConfig": { + "AWS::SageMaker::ModelPackage.Explainability": { "additionalProperties": false, "properties": { - "DefaultGid": { - "markdownDescription": "The default POSIX group ID (GID). If not specified, defaults to `100` .", - "title": "DefaultGid", - "type": "number" - }, - "DefaultUid": { - "markdownDescription": "The default POSIX user ID (UID). If not specified, defaults to `1000` .", - "title": "DefaultUid", - "type": "number" - }, - "MountPath": { - "markdownDescription": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to */home/sagemaker-user* .", - "title": "MountPath", - "type": "string" + "Report": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The explainability report for a model.", + "title": "Report" } }, "type": "object" }, - "AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig": { + "AWS::SageMaker::ModelPackage.FileSource": { "additionalProperties": false, "properties": { - "ContainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", - "markdownDescription": "The configuration used to run the application image container.", - "title": "ContainerConfig" + "ContentDigest": { + "markdownDescription": "The digest of the file source.", + "title": "ContentDigest", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The type of content stored in the file source.", + "title": "ContentType", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the file source.", + "title": "S3Uri", + "type": "string" } }, + "required": [ + "S3Uri" + ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig": { + "AWS::SageMaker::ModelPackage.InferenceSpecification": { "additionalProperties": false, "properties": { - "FileSystemConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.FileSystemConfig", - "markdownDescription": "The Amazon Elastic File System storage configuration for a SageMaker AI image.", - "title": "FileSystemConfig" + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" + }, + "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", + "title": "Containers", + "type": "array" }, - "KernelSpecs": { + "SupportedContentTypes": { "items": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelSpec" + "type": "string" }, - "markdownDescription": "The specification of the Jupyter kernels in the image.", - "title": "KernelSpecs", + "markdownDescription": "The supported MIME types for the input data.", + "title": "SupportedContentTypes", + "type": "array" + }, + "SupportedRealtimeInferenceInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.\n\nThis parameter is required for unversioned models, and optional for versioned models.", + "title": "SupportedRealtimeInferenceInstanceTypes", + "type": "array" + }, + "SupportedResponseMIMETypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported MIME types for the output data.", + "title": "SupportedResponseMIMETypes", + "type": "array" + }, + "SupportedTransformInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.\n\nThis parameter is required for unversioned models, and optional for versioned models.", + "title": "SupportedTransformInstanceTypes", "type": "array" } }, "required": [ - "KernelSpecs" + "Containers", + "SupportedContentTypes", + "SupportedResponseMIMETypes" ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.KernelSpec": { + "AWS::SageMaker::ModelPackage.MetadataProperties": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The display name of the kernel.", - "title": "DisplayName", + "CommitId": { + "markdownDescription": "The commit ID.", + "title": "CommitId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the Jupyter kernel in the image. This value is case sensitive.", - "title": "Name", + "GeneratedBy": { + "markdownDescription": "The entity this entity was generated by.", + "title": "GeneratedBy", + "type": "string" + }, + "ProjectId": { + "markdownDescription": "The project ID.", + "title": "ProjectId", + "type": "string" + }, + "Repository": { + "markdownDescription": "The repository.", + "title": "Repository", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::SageMaker::CodeRepository": { + "AWS::SageMaker::ModelPackage.MetricsSource": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ContentDigest": { + "markdownDescription": "The hash key used for the metrics source.", + "title": "ContentDigest", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CodeRepositoryName": { - "markdownDescription": "The name of the Git repository.", - "title": "CodeRepositoryName", - "type": "string" - }, - "GitConfig": { - "$ref": "#/definitions/AWS::SageMaker::CodeRepository.GitConfig", - "markdownDescription": "Configuration details for the Git repository, including the URL where it is located and the ARN of the AWS Secrets Manager secret that contains the credentials used to access the repository.", - "title": "GitConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "List of tags for Code Repository.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "GitConfig" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::CodeRepository" - ], + "ContentType": { + "markdownDescription": "The metric source content type.", + "title": "ContentType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Uri": { + "markdownDescription": "The S3 URI for the metrics source.", + "title": "S3Uri", "type": "string" } }, "required": [ - "Type", - "Properties" + "ContentType", + "S3Uri" ], "type": "object" }, - "AWS::SageMaker::CodeRepository.GitConfig": { + "AWS::SageMaker::ModelPackage.ModelAccessConfig": { "additionalProperties": false, "properties": { - "Branch": { - "markdownDescription": "The default branch for the Git repository.", - "title": "Branch", - "type": "string" - }, - "RepositoryUrl": { - "markdownDescription": "The URL where the Git repository is located.", - "title": "RepositoryUrl", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the credentials used to access the git repository. The secret must have a staging label of `AWSCURRENT` and must be in the following format:\n\n`{\"username\": *UserName* , \"password\": *Password* }`", - "title": "SecretArn", - "type": "string" + "AcceptEula": { + "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "AcceptEula", + "type": "boolean" } }, "required": [ - "RepositoryUrl" + "AcceptEula" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition": { + "AWS::SageMaker::ModelPackage.ModelCard": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataQualityAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification", - "markdownDescription": "Specifies the container that runs the monitoring job.", - "title": "DataQualityAppSpecification" - }, - "DataQualityBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig", - "markdownDescription": "Configures the constraints and baselines for the monitoring job.", - "title": "DataQualityBaselineConfig" - }, - "DataQualityJobInput": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput", - "markdownDescription": "A list of inputs for the monitoring job. Currently endpoints are supported as monitoring inputs.", - "title": "DataQualityJobInput" - }, - "DataQualityJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "DataQualityJobOutputConfig" - }, - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", - "type": "string" - }, - "JobDefinitionName": { - "markdownDescription": "The name for the monitoring job definition.", - "title": "JobDefinitionName", - "type": "string" - }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.NetworkConfig", - "markdownDescription": "Specifies networking configuration for the monitoring job.", - "title": "NetworkConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", - "type": "string" - }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DataQualityAppSpecification", - "DataQualityJobInput", - "DataQualityJobOutputConfig", - "JobResources", - "RoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::DataQualityJobDefinition" - ], + "ModelCardContent": { + "markdownDescription": "", + "title": "ModelCardContent", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelCardStatus": { + "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", + "title": "ModelCardStatus", "type": "string" } }, "required": [ - "Type", - "Properties" + "ModelCardContent", + "ModelCardStatus" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput": { + "AWS::SageMaker::ModelPackage.ModelDataQuality": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" - }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" - }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Data quality constraints for a model.", + "title": "Constraints" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Data quality statistics for a model.", + "title": "Statistics" } }, - "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" - ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.ClusterConfig": { + "AWS::SageMaker::ModelPackage.ModelDataSource": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", - "type": "string" - }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", - "type": "string" - }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3ModelDataSource", + "markdownDescription": "Specifies the S3 location of ML model data to deploy.", + "title": "S3DataSource" } }, - "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" - ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource": { + "AWS::SageMaker::ModelPackage.ModelInput": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", + "DataInputConfig": { + "markdownDescription": "The input configuration object for the model.", + "title": "DataInputConfig", "type": "string" } }, + "required": [ + "DataInputConfig" + ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.Csv": { + "AWS::SageMaker::ModelPackage.ModelMetrics": { "additionalProperties": false, "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" + "Bias": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Bias", + "markdownDescription": "Metrics that measure bias in a model.", + "title": "Bias" + }, + "Explainability": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Explainability", + "markdownDescription": "Metrics that help explain a model.", + "title": "Explainability" + }, + "ModelDataQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataQuality", + "markdownDescription": "Metrics that measure the quality of the input data for a model.", + "title": "ModelDataQuality" + }, + "ModelQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelQuality", + "markdownDescription": "Metrics that measure the quality of a model.", + "title": "ModelQuality" } }, "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification": { + "AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition": { "additionalProperties": false, "properties": { - "ContainerArguments": { - "items": { - "type": "string" - }, - "markdownDescription": "The arguments to send to the container that the monitoring job runs.", - "title": "ContainerArguments", - "type": "array" - }, - "ContainerEntrypoint": { - "items": { - "type": "string" - }, - "markdownDescription": "The entrypoint for a container used to run a monitoring job.", - "title": "ContainerEntrypoint", - "type": "array" + "ContainerHostname": { + "markdownDescription": "The DNS host name for the Docker container.", + "title": "ContainerHostname", + "type": "string" }, "Environment": { "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", + "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the `Environment` string to string map can have length of up to 1024. We support up to 16 entries in the map.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -244638,383 +297644,387 @@ "title": "Environment", "type": "object" }, - "ImageUri": { - "markdownDescription": "The container image that the data quality monitoring job runs.", - "title": "ImageUri", + "Framework": { + "markdownDescription": "The machine learning framework of the model package container image.", + "title": "Framework", + "type": "string" + }, + "FrameworkVersion": { + "markdownDescription": "The framework version of the Model Package Container Image.", + "title": "FrameworkVersion", + "type": "string" + }, + "Image": { + "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where inference code is stored.\n\nIf you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .", + "title": "Image", "type": "string" }, - "PostAnalyticsProcessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", - "title": "PostAnalyticsProcessorSourceUri", + "ImageDigest": { + "markdownDescription": "An MD5 hash of the training algorithm that identifies the Docker image used for training.", + "title": "ImageDigest", "type": "string" }, - "RecordPreprocessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", - "title": "RecordPreprocessorSourceUri", + "ModelDataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataSource", + "markdownDescription": "Specifies the location of ML model data to deploy during endpoint creation.", + "title": "ModelDataSource" + }, + "ModelDataUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model package.", + "title": "ModelDataUrl", + "type": "string" + }, + "ModelInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelInput", + "markdownDescription": "A structure with Model Input details.", + "title": "ModelInput" + }, + "NearestModelName": { + "markdownDescription": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. You can find a list of benchmarked models by calling `ListModelMetadata` .", + "title": "NearestModelName", "type": "string" } }, "required": [ - "ImageUri" + "Image" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig": { + "AWS::SageMaker::ModelPackage.ModelPackageStatusDetails": { "additionalProperties": false, "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the job that performs baselining for the data quality monitoring job.", - "title": "BaseliningJobName", + "ValidationStatuses": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusItem" + }, + "markdownDescription": "The validation status of the model package.", + "title": "ValidationStatuses", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelPackageStatusItem": { + "additionalProperties": false, + "properties": { + "FailureReason": { + "markdownDescription": "if the overall status is `Failed` , the reason for the failure.", + "title": "FailureReason", "type": "string" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a monitoring job.", - "title": "ConstraintsResource" + "Name": { + "markdownDescription": "The name of the model package for which the overall status is being reported.", + "title": "Name", + "type": "string" }, - "StatisticsResource": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StatisticsResource", - "markdownDescription": "Configuration for monitoring constraints and monitoring statistics. These baseline resources are compared against the results of the current job from the series of jobs scheduled to collect data periodically.", - "title": "StatisticsResource" + "Status": { + "markdownDescription": "The current status.", + "title": "Status", + "type": "string" } }, + "required": [ + "Name", + "Status" + ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput": { + "AWS::SageMaker::ModelPackage.ModelQuality": { "additionalProperties": false, "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Model quality constraints.", + "title": "Constraints" }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Model quality statistics.", + "title": "Statistics" } }, "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.DatasetFormat": { + "AWS::SageMaker::ModelPackage.S3DataSource": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" - }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Json", - "markdownDescription": "", - "title": "Json" + "S3DataType": { + "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", + "title": "S3DataType", + "type": "string" }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" + "S3Uri": { + "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", + "title": "S3Uri", + "type": "string" } }, + "required": [ + "S3DataType", + "S3Uri" + ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.EndpointInput": { + "AWS::SageMaker::ModelPackage.S3ModelDataSource": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" - }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", + "CompressionType": { + "markdownDescription": "Specifies how the ML model data is prepared.\n\nIf you choose `Gzip` and choose `S3Object` as the value of `S3DataType` , `S3Uri` identifies an object that is a gzip-compressed TAR archive. SageMaker will attempt to decompress and untar the object during model deployment.\n\nIf you choose `None` and chooose `S3Object` as the value of `S3DataType` , `S3Uri` identifies an object that represents an uncompressed ML model to deploy.\n\nIf you choose None and choose `S3Prefix` as the value of `S3DataType` , `S3Uri` identifies a key name prefix, under which all objects represents the uncompressed ML model to deploy.\n\nIf you choose None, then SageMaker will follow rules below when creating model data files under /opt/ml/model directory for use by your inference code:\n\n- If you choose `S3Object` as the value of `S3DataType` , then SageMaker will split the key of the S3 object referenced by `S3Uri` by slash (/), and use the last part as the filename of the file holding the content of the S3 object.\n- If you choose `S3Prefix` as the value of `S3DataType` , then for each S3 object under the key name pefix referenced by `S3Uri` , SageMaker will trim its key by the prefix, and use the remainder as the path (relative to `/opt/ml/model` ) of the file holding the content of the S3 object. SageMaker will split the remainder by slash (/), using intermediate parts as directory names and the last part as filename of the file holding the content of the S3 object.\n- Do not use any of the following as file names or directory names:\n\n- An empty or blank string\n- A string which contains null bytes\n- A string longer than 255 bytes\n- A single dot ( `.` )\n- A double dot ( `..` )\n- Ambiguous file names will result in model deployment failure. For example, if your uncompressed ML model consists of two S3 objects `s3://mybucket/model/weights` and `s3://mybucket/model/weights/part1` and you specify `s3://mybucket/model/` as the value of `S3Uri` and `S3Prefix` as the value of `S3DataType` , then it will result in name clash between `/opt/ml/model/weights` (a regular file) and `/opt/ml/model/weights/` (a directory).\n- Do not organize the model artifacts in [S3 console using folders](https://docs.aws.amazon.com//AmazonS3/latest/userguide/using-folders.html) . When you create a folder in S3 console, S3 creates a 0-byte object with a key set to the folder name you provide. They key of the 0-byte object ends with a slash (/) which violates SageMaker restrictions on model artifact file names, leading to model deployment failure.", + "title": "CompressionType", "type": "string" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" + "ModelAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelAccessConfig", + "markdownDescription": "Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the `ModelAccessConfig` . You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "ModelAccessConfig" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "S3DataType": { + "markdownDescription": "Specifies the type of ML model data to deploy.\n\nIf you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix as part of the ML model data to deploy. A valid key name prefix identified by `S3Uri` always ends with a forward slash (/).\n\nIf you choose `S3Object` , `S3Uri` identifies an object that is the ML model data to deploy.", + "title": "S3DataType", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "S3Uri": { + "markdownDescription": "Specifies the S3 path of ML model data to deploy.", + "title": "S3Uri", "type": "string" } }, "required": [ - "EndpointName", - "LocalPath" + "CompressionType", + "S3DataType", + "S3Uri" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.Json": { + "AWS::SageMaker::ModelPackage.SecurityConfig": { "additionalProperties": false, "properties": { - "Line": { + "KmsKeyId": { "markdownDescription": "", - "title": "Line", - "type": "boolean" + "title": "KmsKeyId", + "type": "string" } }, + "required": [ + "KmsKeyId" + ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput": { + "AWS::SageMaker::ModelPackage.SourceAlgorithm": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "AlgorithmName": { + "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", + "title": "AlgorithmName", + "type": "string" + }, + "ModelDataUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", + "title": "ModelDataUrl", + "type": "string" } }, "required": [ - "S3Output" + "AlgorithmName" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig": { + "AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", - "type": "string" - }, - "MonitoringOutputs": { + "SourceAlgorithms": { "items": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput" + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithm" }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", + "markdownDescription": "A list of the algorithms that were used to create a model package.", + "title": "SourceAlgorithms", "type": "array" } }, "required": [ - "MonitoringOutputs" + "SourceAlgorithms" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.MonitoringResources": { + "AWS::SageMaker::ModelPackage.TransformInput": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "CompressionType": { + "markdownDescription": "If your transform data is compressed, specify the compression type. Amazon SageMaker automatically decompresses the data for the transform job accordingly. The default value is `None` .", + "title": "CompressionType", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The multipurpose internet mail extension (MIME) type of the data. Amazon SageMaker uses the MIME type with each http call to transfer data to the transform job.", + "title": "ContentType", + "type": "string" + }, + "DataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DataSource", + "markdownDescription": "Describes the location of the channel data, which is, the S3 location of the input data that the model can consume.", + "title": "DataSource" + }, + "SplitType": { + "markdownDescription": "The method to use to split the transform job's data files into smaller batches. Splitting is necessary when the total size of each object is too large to fit in a single request. You can also use data splitting to improve performance by processing multiple concurrent mini-batches. The default value for `SplitType` is `None` , which indicates that input data files are not split, and request payloads contain the entire contents of an input object. Set the value of this parameter to `Line` to split records on a newline character boundary. `SplitType` also supports a number of record-oriented binary data formats. Currently, the supported record formats are:\n\n- RecordIO\n- TFRecord\n\nWhen splitting is enabled, the size of a mini-batch depends on the values of the `BatchStrategy` and `MaxPayloadInMB` parameters. When the value of `BatchStrategy` is `MultiRecord` , Amazon SageMaker sends the maximum number of records in each request, up to the `MaxPayloadInMB` limit. If the value of `BatchStrategy` is `SingleRecord` , Amazon SageMaker sends individual records in each request.\n\n> Some data formats represent a record as a binary payload wrapped with extra padding bytes. When splitting is applied to a binary data format, padding is removed if the value of `BatchStrategy` is set to `SingleRecord` . Padding is not removed if the value of `BatchStrategy` is set to `MultiRecord` .\n> \n> For more information about `RecordIO` , see [Create a Dataset Using RecordIO](https://docs.aws.amazon.com/https://mxnet.apache.org/api/faq/recordio) in the MXNet documentation. For more information about `TFRecord` , see [Consuming TFRecord data](https://docs.aws.amazon.com/https://www.tensorflow.org/guide/data#consuming_tfrecord_data) in the TensorFlow documentation.", + "title": "SplitType", + "type": "string" } }, "required": [ - "ClusterConfig" + "DataSource" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.NetworkConfig": { + "AWS::SageMaker::ModelPackage.TransformJobDefinition": { "additionalProperties": false, "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" + "BatchStrategy": { + "markdownDescription": "A string that determines the number of records included in a single mini-batch.\n\n`SingleRecord` means only one record is used per mini-batch. `MultiRecord` means a mini-batch is set to contain as many records that can fit within the `MaxPayloadInMB` limit.", + "title": "BatchStrategy", + "type": "string" }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "Environment": { + "additionalProperties": true, + "markdownDescription": "The environment variables to set in the Docker container. We support up to 16 key and values entries in the map.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" + "MaxConcurrentTransforms": { + "markdownDescription": "The maximum number of parallel requests that can be sent to each instance in a transform job. The default value is 1.", + "title": "MaxConcurrentTransforms", + "type": "number" + }, + "MaxPayloadInMB": { + "markdownDescription": "The maximum payload size allowed, in MB. A payload is the data portion of a record (without metadata).", + "title": "MaxPayloadInMB", + "type": "number" + }, + "TransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformInput", + "markdownDescription": "A description of the input source and the way the transform job consumes it.", + "title": "TransformInput" + }, + "TransformOutput": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformOutput", + "markdownDescription": "Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the transform job.", + "title": "TransformOutput" + }, + "TransformResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformResources", + "markdownDescription": "Identifies the ML compute instances for the transform job.", + "title": "TransformResources" } }, + "required": [ + "TransformInput", + "TransformOutput", + "TransformResources" + ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.S3Output": { + "AWS::SageMaker::ModelPackage.TransformOutput": { "additionalProperties": false, "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", + "Accept": { + "markdownDescription": "The MIME type used to specify the output data. Amazon SageMaker uses the MIME type with each http call to transfer data from the transform job.", + "title": "Accept", "type": "string" }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", + "AssembleWith": { + "markdownDescription": "Defines how to assemble the results of the transform job as a single S3 object. Choose a format that is most convenient to you. To concatenate the results in binary format, specify `None` . To add a newline character at the end of every transformed record, specify `Line` .", + "title": "AssembleWith", "type": "string" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. The `KmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nIf you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see [KMS-Managed Encryption Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Developer Guide.*\n\nThe KMS key policy must grant permission to the IAM role that you specify in your [CreateModel](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see [Using Key Policies in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyId", "type": "string" - } - }, - "required": [ - "LocalPath", - "S3Uri" - ], - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.StatisticsResource": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the statistics resource.", - "title": "S3Uri", + }, + "S3OutputPath": { + "markdownDescription": "The Amazon S3 path where you want Amazon SageMaker to store the results of the transform job. For example, `s3://bucket-name/key-name-prefix` .\n\nFor every S3 object used as input for the transform job, batch transform stores the transformed data with an . `out` suffix in a corresponding subfolder in the location in the output prefix. For example, for the input data stored at `s3://bucket-name/input-name-prefix/dataset01/data.csv` , batch transform stores the transformed data at `s3://bucket-name/output-name-prefix/input-name-prefix/data.csv.out` . Batch transform doesn't upload partially processed objects. For an input S3 object that contains multiple records, it creates an . `out` file only if the transform job succeeds on the entire file. When the input contains multiple S3 objects, the batch transform job processes the listed S3 objects and uploads only the output for successfully processed objects. If any object fails in the transform job batch transform marks the job as failed to prompt investigation.", + "title": "S3OutputPath", "type": "string" } }, - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.StoppingCondition": { - "additionalProperties": false, - "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" - } - }, "required": [ - "MaxRuntimeInSeconds" + "S3OutputPath" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.VpcConfig": { + "AWS::SageMaker::ModelPackage.TransformResources": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the transform job. The default value is `1` , and the maximum is `100` . For distributed transform jobs, specify a value greater than `1` .", + "title": "InstanceCount", + "type": "number" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "InstanceType": { + "markdownDescription": "The ML compute instance type for the transform job. If you are using built-in algorithms to transform moderately sized datasets, we recommend using ml.m4.xlarge or `ml.m5.large` instance types.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt model data on the storage volume attached to the ML compute instance(s) that run the batch transform job.\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `VolumeKmsKeyId` when using an instance type with local storage.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) . \n\nThe `VolumeKmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`", + "title": "VolumeKmsKeyId", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "InstanceCount", + "InstanceType" ], "type": "object" }, - "AWS::SageMaker::Device": { + "AWS::SageMaker::ModelPackage.ValidationProfile": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Device": { - "$ref": "#/definitions/AWS::SageMaker::Device.Device", - "markdownDescription": "Edge device you want to create.", - "title": "Device" - }, - "DeviceFleetName": { - "markdownDescription": "The name of the fleet the device belongs to.", - "title": "DeviceFleetName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your devices. Each tag consists of a key and a value, both of which you define.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DeviceFleetName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::Device" - ], + "ProfileName": { + "markdownDescription": "The name of the profile for the model package.", + "title": "ProfileName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TransformJobDefinition": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformJobDefinition", + "markdownDescription": "The `TransformJobDefinition` object that describes the transform job used for the validation of the model package.", + "title": "TransformJobDefinition" } }, "required": [ - "Type", - "Properties" + "ProfileName", + "TransformJobDefinition" ], "type": "object" }, - "AWS::SageMaker::Device.Device": { + "AWS::SageMaker::ModelPackage.ValidationSpecification": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Description of the device.", - "title": "Description", - "type": "string" - }, - "DeviceName": { - "markdownDescription": "The name of the device.", - "title": "DeviceName", - "type": "string" + "ValidationProfiles": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationProfile" + }, + "markdownDescription": "An array of `ModelPackageValidationProfile` objects, each of which specifies a batch transform job that SageMaker runs to validate your model package.", + "title": "ValidationProfiles", + "type": "array" }, - "IotThingName": { - "markdownDescription": "AWS Internet of Things (IoT) object name.", - "title": "IotThingName", + "ValidationRole": { + "markdownDescription": "The IAM roles to be used for the validation of the model package.", + "title": "ValidationRole", "type": "string" } }, "required": [ - "DeviceName" + "ValidationProfiles", + "ValidationRole" ], "type": "object" }, - "AWS::SageMaker::DeviceFleet": { + "AWS::SageMaker::ModelPackageGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -245049,45 +298059,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the fleet.", - "title": "Description", + "ModelPackageGroupDescription": { + "markdownDescription": "The description for the model group.", + "title": "ModelPackageGroupDescription", "type": "string" }, - "DeviceFleetName": { - "markdownDescription": "Name of the device fleet.", - "title": "DeviceFleetName", + "ModelPackageGroupName": { + "markdownDescription": "The name of the model group.", + "title": "ModelPackageGroupName", "type": "string" }, - "OutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::DeviceFleet.EdgeOutputConfig", - "markdownDescription": "The output configuration for storing sample data collected by the fleet.", - "title": "OutputConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT).", - "title": "RoleArn", - "type": "string" + "ModelPackageGroupPolicy": { + "markdownDescription": "A resouce policy to control access to a model group. For information about resoure policies, see [Identity-based policies and resource-based policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html) in the *AWS Identity and Access Management User Guide.* .", + "title": "ModelPackageGroupPolicy", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your device fleets. Each tag consists of a key and a value, both of which you define.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "DeviceFleetName", - "OutputConfig", - "RoleArn" + "ModelPackageGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::DeviceFleet" + "AWS::SageMaker::ModelPackageGroup" ], "type": "string" }, @@ -245106,26 +298109,7 @@ ], "type": "object" }, - "AWS::SageMaker::DeviceFleet.EdgeOutputConfig": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume after compilation job. If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account.", - "title": "KmsKeyId", - "type": "string" - }, - "S3OutputLocation": { - "markdownDescription": "The Amazon Simple Storage (S3) bucket URI.", - "title": "S3OutputLocation", - "type": "string" - } - }, - "required": [ - "S3OutputLocation" - ], - "type": "object" - }, - "AWS::SageMaker::Domain": { + "AWS::SageMaker::ModelQualityJobDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -245160,80 +298144,77 @@ "Properties": { "additionalProperties": false, "properties": { - "AppNetworkAccessType": { - "markdownDescription": "Specifies the VPC used for non-EFS traffic. The default value is `PublicInternetOnly` .\n\n- `PublicInternetOnly` - Non-EFS traffic is through a VPC managed by Amazon SageMaker AI , which allows direct internet access\n- `VpcOnly` - All Studio traffic is through the specified VPC and subnets\n\n*Valid Values* : `PublicInternetOnly | VpcOnly`", - "title": "AppNetworkAccessType", + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", "type": "string" }, - "AppSecurityGroupManagement": { - "markdownDescription": "The entity that creates and manages the required security groups for inter-app communication in `VpcOnly` mode. Required when `CreateDomain.AppNetworkAccessType` is `VpcOnly` and `DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn` is provided. If setting up the domain for use with RStudio, this value must be set to `Service` .\n\n*Allowed Values* : `Service` | `Customer`", - "title": "AppSecurityGroupManagement", + "JobDefinitionName": { + "markdownDescription": "The name of the monitoring job definition.", + "title": "JobDefinitionName", "type": "string" }, - "AuthMode": { - "markdownDescription": "The mode of authentication that members use to access the Domain.\n\n*Valid Values* : `SSO | IAM`", - "title": "AuthMode", - "type": "string" + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" }, - "DefaultSpaceSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceSettings", - "markdownDescription": "The default settings for shared spaces that users create in the domain.\n\nSageMaker applies these settings only to shared spaces. It doesn't apply them to private spaces.", - "title": "DefaultSpaceSettings" + "ModelQualityAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification", + "markdownDescription": "Container image configuration object for the monitoring job.", + "title": "ModelQualityAppSpecification" }, - "DefaultUserSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.UserSettings", - "markdownDescription": "The default user settings.", - "title": "DefaultUserSettings" + "ModelQualityBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig", + "markdownDescription": "Specifies the constraints and baselines for the monitoring job.", + "title": "ModelQualityBaselineConfig" }, - "DomainName": { - "markdownDescription": "The domain name.", - "title": "DomainName", - "type": "string" + "ModelQualityJobInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput", + "markdownDescription": "A list of the inputs that are monitored. Currently endpoints are supported.", + "title": "ModelQualityJobInput" }, - "DomainSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DomainSettings", - "markdownDescription": "A collection of settings that apply to the `SageMaker Domain` . These settings are specified through the `CreateDomain` API call.", - "title": "DomainSettings" + "ModelQualityJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "ModelQualityJobOutputConfig" }, - "KmsKeyId": { - "markdownDescription": "SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default. For more control, specify a customer managed CMK.\n\n*Length Constraints* : Maximum length of 2048.\n\n*Pattern* : `.*`", - "title": "KmsKeyId", + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig", + "markdownDescription": "Specifies the network configuration for the monitoring job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC subnets that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Array members* : Minimum number of 1 item. Maximum number of 16 items.\n\n*Pattern* : `[-0-9a-zA-Z]+`", - "title": "SubnetIds", - "type": "array" + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to associated with the Domain. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.\n\nTags that you specify for the Domain are also added to all apps that are launched in the Domain.\n\n*Array members* : Minimum number of 0 items. Maximum number of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Pattern* : `[-0-9a-zA-Z]+`", - "title": "VpcId", - "type": "string" } }, "required": [ - "AuthMode", - "DefaultUserSettings", - "DomainName", - "SubnetIds", - "VpcId" + "JobResources", + "ModelQualityAppSpecification", + "ModelQualityJobInput", + "ModelQualityJobOutputConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Domain" + "AWS::SageMaker::ModelQualityJobDefinition" ], "type": "string" }, @@ -245252,759 +298233,455 @@ ], "type": "object" }, - "AWS::SageMaker::Domain.CodeEditorAppSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", - "title": "CustomImages", - "type": "array" + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", + "type": "string" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", - "title": "DefaultResourceSpec" + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" }, - "LifecycleConfigArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", - "title": "LifecycleConfigArns", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.CodeRepository": { - "additionalProperties": false, - "properties": { - "RepositoryUrl": { - "markdownDescription": "The URL of the Git repository.", - "title": "RepositoryUrl", + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", "type": "string" - } - }, - "required": [ - "RepositoryUrl" - ], - "type": "object" - }, - "AWS::SageMaker::Domain.CustomFileSystemConfig": { - "additionalProperties": false, - "properties": { - "EFSFileSystemConfig": { - "$ref": "#/definitions/AWS::SageMaker::Domain.EFSFileSystemConfig", - "markdownDescription": "The settings for a custom Amazon EFS file system.", - "title": "EFSFileSystemConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.CustomImage": { - "additionalProperties": false, - "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig.", - "title": "AppImageConfigName", + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", "type": "string" }, - "ImageName": { - "markdownDescription": "The name of the CustomImage. Must be unique to your account.", - "title": "ImageName", + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", "type": "string" }, - "ImageVersionNumber": { - "markdownDescription": "The version number of the CustomImage.", - "title": "ImageVersionNumber", - "type": "number" - } - }, - "required": [ - "AppImageConfigName", - "ImageName" - ], - "type": "object" - }, - "AWS::SageMaker::Domain.CustomPosixUserConfig": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID.", - "title": "Gid", - "type": "number" + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" }, - "Uid": { - "markdownDescription": "The POSIX user ID.", - "title": "Uid", - "type": "number" - } - }, - "required": [ - "Gid", - "Uid" - ], - "type": "object" - }, - "AWS::SageMaker::Domain.DefaultEbsStorageSettings": { - "additionalProperties": false, - "properties": { - "DefaultEbsVolumeSizeInGb": { - "markdownDescription": "The default size of the EBS storage volume for a space.", - "title": "DefaultEbsVolumeSizeInGb", + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", "type": "number" }, - "MaximumEbsVolumeSizeInGb": { - "markdownDescription": "The maximum size of the EBS storage volume for a space.", - "title": "MaximumEbsVolumeSizeInGb", - "type": "number" - } - }, - "required": [ - "DefaultEbsVolumeSizeInGb", - "MaximumEbsVolumeSizeInGb" - ], - "type": "object" - }, - "AWS::SageMaker::Domain.DefaultSpaceSettings": { - "additionalProperties": false, - "properties": { - "ExecutionRole": { - "markdownDescription": "The ARN of the execution role for the space.", - "title": "ExecutionRole", + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", "type": "string" }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", - "markdownDescription": "The JupyterServer app settings.", - "title": "JupyterServerAppSettings" - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", - "markdownDescription": "The KernelGateway app settings.", - "title": "KernelGatewayAppSettings" + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group IDs for the Amazon VPC that the space uses for communication.", - "title": "SecurityGroups", - "type": "array" + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", + "type": "string" } }, "required": [ - "ExecutionRole" + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" ], "type": "object" }, - "AWS::SageMaker::Domain.DefaultSpaceStorageSettings": { - "additionalProperties": false, - "properties": { - "DefaultEbsStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultEbsStorageSettings", - "markdownDescription": "The default EBS storage settings for a space.", - "title": "DefaultEbsStorageSettings" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.DockerSettings": { - "additionalProperties": false, - "properties": { - "EnableDockerAccess": { - "markdownDescription": "Indicates whether the domain can access Docker.", - "title": "EnableDockerAccess", - "type": "string" - }, - "VpcOnlyTrustedAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of AWS accounts that are trusted when the domain is created in VPC-only mode.", - "title": "VpcOnlyTrustedAccounts", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.DomainSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig": { "additionalProperties": false, "properties": { - "DockerSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DockerSettings", - "markdownDescription": "A collection of settings that configure the domain's Docker interaction.", - "title": "DockerSettings" - }, - "RStudioServerProDomainSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProDomainSettings", - "markdownDescription": "A collection of settings that configure the `RStudioServerPro` Domain-level app.", - "title": "RStudioServerProDomainSettings" + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups for the Amazon Virtual Private Cloud that the `Domain` uses for communication between Domain-level apps and user apps.", - "title": "SecurityGroupIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.EFSFileSystemConfig": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "markdownDescription": "The ID of your Amazon EFS file system.", - "title": "FileSystemId", + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", "type": "string" }, - "FileSystemPath": { - "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", - "title": "FileSystemPath", + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" } }, "required": [ - "FileSystemId" + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" ], "type": "object" }, - "AWS::SageMaker::Domain.JupyterLabAppSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource": { "additionalProperties": false, "properties": { - "CodeRepositories": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CodeRepository" - }, - "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", - "title": "CodeRepositories", - "type": "array" - }, - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", - "title": "CustomImages", - "type": "array" - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", - "title": "DefaultResourceSpec" - }, - "LifecycleConfigArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", - "title": "LifecycleConfigArns", - "type": "array" + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::Domain.JupyterServerAppSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.Csv": { "additionalProperties": false, "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", - "title": "DefaultResourceSpec" + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::Domain.KernelGatewayAppSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", - "title": "CustomImages", - "type": "array" + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.RSessionAppSettings": { - "additionalProperties": false, - "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a RSession app.", - "title": "CustomImages", - "type": "array" + "Json": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Json", + "markdownDescription": "", + "title": "Json" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "DefaultResourceSpec" + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::Domain.RStudioServerProAppSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.EndpointInput": { "additionalProperties": false, "properties": { - "AccessStatus": { - "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", - "title": "AccessStatus", + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", "type": "string" }, - "UserGroup": { - "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", - "title": "UserGroup", + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.RStudioServerProDomainSettings": { - "additionalProperties": false, - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "A collection that defines the default `InstanceType` , `SageMakerImageArn` , and `SageMakerImageVersionArn` for the Domain.", - "title": "DefaultResourceSpec" }, - "DomainExecutionRoleArn": { - "markdownDescription": "The ARN of the execution role for the `RStudioServerPro` Domain-level app.", - "title": "DomainExecutionRoleArn", + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", "type": "string" }, - "RStudioConnectUrl": { - "markdownDescription": "A URL pointing to an RStudio Connect server.", - "title": "RStudioConnectUrl", + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", "type": "string" }, - "RStudioPackageManagerUrl": { - "markdownDescription": "A URL pointing to an RStudio Package Manager server.", - "title": "RStudioPackageManagerUrl", - "type": "string" - } - }, - "required": [ - "DomainExecutionRoleArn" - ], - "type": "object" - }, - "AWS::SageMaker::Domain.ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", "type": "string" }, - "LifecycleConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", - "title": "LifecycleConfigArn", + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", + "type": "number" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", "type": "string" }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", "type": "string" } }, + "required": [ + "EndpointName", + "LocalPath" + ], "type": "object" }, - "AWS::SageMaker::Domain.SharingSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.Json": { "additionalProperties": false, "properties": { - "NotebookOutputOption": { - "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", - "title": "NotebookOutputOption", - "type": "string" - }, - "S3KmsKeyId": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", - "title": "S3KmsKeyId", - "type": "string" - }, - "S3OutputPath": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", - "title": "S3OutputPath", - "type": "string" + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::Domain.UserSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification": { "additionalProperties": false, "properties": { - "CodeEditorAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CodeEditorAppSettings", - "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CodeEditorAppSettings" - }, - "CustomFileSystemConfigs": { + "ContainerArguments": { "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" + "type": "string" }, - "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomFileSystemConfigs", + "markdownDescription": "An array of arguments for the container used to run the monitoring job.", + "title": "ContainerArguments", "type": "array" }, - "CustomPosixUserConfig": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", - "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomPosixUserConfig" - }, - "DefaultLandingUri": { - "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", - "title": "DefaultLandingUri", - "type": "string" - }, - "ExecutionRole": { - "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", - "title": "ExecutionRole", - "type": "string" - }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", - "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "JupyterLabAppSettings" - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", - "markdownDescription": "The Jupyter server's app settings.", - "title": "JupyterServerAppSettings" - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", - "markdownDescription": "The kernel gateway app settings.", - "title": "KernelGatewayAppSettings" - }, - "RSessionAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.RSessionAppSettings", - "markdownDescription": "A collection of settings that configure the `RSessionGateway` app.", - "title": "RSessionAppSettings" - }, - "RStudioServerProAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProAppSettings", - "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", - "title": "RStudioServerProAppSettings" - }, - "SecurityGroups": { + "ContainerEntrypoint": { "items": { "type": "string" }, - "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SecurityGroups", + "markdownDescription": "Specifies the entrypoint for a container that the monitoring job runs.", + "title": "ContainerEntrypoint", "type": "array" }, - "SharingSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.SharingSettings", - "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", - "title": "SharingSettings" + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" }, - "SpaceStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", - "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SpaceStorageSettings" + "ImageUri": { + "markdownDescription": "The address of the container image that the monitoring job runs.", + "title": "ImageUri", + "type": "string" }, - "StudioWebPortal": { - "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", - "title": "StudioWebPortal", + "PostAnalyticsProcessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", + "title": "PostAnalyticsProcessorSourceUri", + "type": "string" + }, + "ProblemType": { + "markdownDescription": "The machine learning problem type of the model that the monitoring job monitors.", + "title": "ProblemType", + "type": "string" + }, + "RecordPreprocessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", + "title": "RecordPreprocessorSourceUri", "type": "string" } }, "required": [ - "ExecutionRole" + "ImageUri", + "ProblemType" ], "type": "object" }, - "AWS::SageMaker::Endpoint": { + "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BaseliningJobName": { + "markdownDescription": "The name of the job that performs baselining for the monitoring job.", + "title": "BaseliningJobName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeploymentConfig": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.DeploymentConfig", - "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", - "title": "DeploymentConfig" - }, - "EndpointConfigName": { - "markdownDescription": "The name of the [AWS::SageMaker::EndpointConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html) resource that specifies the configuration for the endpoint. For more information, see [CreateEndpointConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html) .", - "title": "EndpointConfigName", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint. The name must be unique within an AWS Region in your AWS account. The name is case-insensitive in `CreateEndpoint` , but the case is preserved and must be matched in [](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html) .", - "title": "EndpointName", - "type": "string" - }, - "ExcludeRetainedVariantProperties": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.VariantProperty" - }, - "markdownDescription": "When you are updating endpoint resources with [RetainAllVariantProperties](https://docs.aws.amazon.com/sagemaker/latest/dg/API_UpdateEndpoint.html#SageMaker-UpdateEndpoint-request-RetainAllVariantProperties) whose value is set to `true` , `ExcludeRetainedVariantProperties` specifies the list of type [VariantProperty](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-endpoint-variantproperty.html) to override with the values provided by `EndpointConfig` . If you don't specify a value for `ExcludeAllVariantProperties` , no variant properties are overridden. Don't use this property when creating new endpoint resources or when `RetainAllVariantProperties` is set to `false` .", - "title": "ExcludeRetainedVariantProperties", - "type": "array" - }, - "RetainAllVariantProperties": { - "markdownDescription": "When updating endpoint resources, enables or disables the retention of variant properties, such as the instance count or the variant weight. To retain the variant properties of an endpoint when updating it, set `RetainAllVariantProperties` to `true` . To use the variant properties specified in a new `EndpointConfig` call when updating an endpoint, set `RetainAllVariantProperties` to `false` . Use this property only when updating endpoint resources, not when creating new endpoint resources.", - "title": "RetainAllVariantProperties", - "type": "boolean" - }, - "RetainDeploymentConfig": { - "markdownDescription": "Specifies whether to reuse the last deployment configuration. The default value is false (the configuration is not reused).", - "title": "RetainDeploymentConfig", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "EndpointConfigName" - ], - "type": "object" + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a monitoring job.", + "title": "ConstraintsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" }, - "Type": { - "enum": [ - "AWS::SageMaker::Endpoint" - ], - "type": "string" + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "GroundTruthS3Input": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input", + "markdownDescription": "The ground truth label provided for the model.", + "title": "GroundTruthS3Input" } }, "required": [ - "Type", - "Properties" + "GroundTruthS3Input" ], "type": "object" }, - "AWS::SageMaker::Endpoint.Alarm": { + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input": { "additionalProperties": false, "properties": { - "AlarmName": { - "markdownDescription": "The name of a CloudWatch alarm in your account.", - "title": "AlarmName", + "S3Uri": { + "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", + "title": "S3Uri", "type": "string" } }, "required": [ - "AlarmName" + "S3Uri" ], "type": "object" }, - "AWS::SageMaker::Endpoint.AutoRollbackConfig": { + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput": { "additionalProperties": false, "properties": { - "Alarms": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.Alarm" - }, - "markdownDescription": "List of CloudWatch alarms in your account that are configured to monitor metrics on an endpoint. If any alarms are tripped during a deployment, SageMaker rolls back the deployment.", - "title": "Alarms", - "type": "array" + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" } }, "required": [ - "Alarms" + "S3Output" ], "type": "object" }, - "AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy": { + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig": { "additionalProperties": false, "properties": { - "MaximumExecutionTimeoutInSeconds": { - "markdownDescription": "Maximum execution timeout for the deployment. Note that the timeout value should be larger than the total waiting time specified in `TerminationWaitInSeconds` and `WaitIntervalInSeconds` .", - "title": "MaximumExecutionTimeoutInSeconds", - "type": "number" - }, - "TerminationWaitInSeconds": { - "markdownDescription": "Additional waiting time in seconds after the completion of an endpoint deployment before terminating the old endpoint fleet. Default is 0.", - "title": "TerminationWaitInSeconds", - "type": "number" + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", + "type": "string" }, - "TrafficRoutingConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.TrafficRoutingConfig", - "markdownDescription": "Defines the traffic routing strategy to shift traffic from the old fleet to the new fleet during an endpoint deployment.", - "title": "TrafficRoutingConfiguration" + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" } }, "required": [ - "TrafficRoutingConfiguration" + "MonitoringOutputs" ], "type": "object" }, - "AWS::SageMaker::Endpoint.CapacitySize": { + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Specifies the endpoint capacity type.\n\n- `INSTANCE_COUNT` : The endpoint activates based on the number of instances.\n- `CAPACITY_PERCENT` : The endpoint activates based on the specified percentage of capacity.", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Defines the capacity size, either as a number of instances or a capacity percentage.", - "title": "Value", - "type": "number" + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" } }, "required": [ - "Type", - "Value" + "ClusterConfig" ], "type": "object" }, - "AWS::SageMaker::Endpoint.DeploymentConfig": { + "AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig": { "additionalProperties": false, "properties": { - "AutoRollbackConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.AutoRollbackConfig", - "markdownDescription": "Automatic rollback configuration for handling endpoint deployment failures and recovery.", - "title": "AutoRollbackConfiguration" + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" }, - "BlueGreenUpdatePolicy": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy", - "markdownDescription": "Update policy for a blue/green deployment. If this update policy is specified, SageMaker creates a new fleet during the deployment while maintaining the old fleet. SageMaker flips traffic to the new fleet according to the specified traffic routing configuration. Only one update policy should be used in the deployment configuration. If no update policy is specified, SageMaker uses a blue/green deployment strategy with all at once traffic shifting by default.", - "title": "BlueGreenUpdatePolicy" + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" }, - "RollingUpdatePolicy": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.RollingUpdatePolicy", - "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker endpoint.", - "title": "RollingUpdatePolicy" + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" } }, "type": "object" }, - "AWS::SageMaker::Endpoint.RollingUpdatePolicy": { + "AWS::SageMaker::ModelQualityJobDefinition.S3Output": { "additionalProperties": false, "properties": { - "MaximumBatchSize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for each rolling step to provision capacity and turn on traffic on the new endpoint fleet, and terminate capacity on the old endpoint fleet. Value must be between 5% to 50% of the variant's total instance count.", - "title": "MaximumBatchSize" - }, - "MaximumExecutionTimeoutInSeconds": { - "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", - "title": "MaximumExecutionTimeoutInSeconds", - "type": "number" + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" }, - "RollbackMaximumBatchSize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for rollback to the old endpoint fleet. Each rolling step to provision capacity and turn on traffic on the old endpoint fleet, and terminate capacity on the new endpoint fleet. If this field is absent, the default value will be set to 100% of total capacity which means to bring up the whole capacity of the old fleet at once during rollback.", - "title": "RollbackMaximumBatchSize" + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", + "type": "string" }, - "WaitIntervalInSeconds": { - "markdownDescription": "The length of the baking period, during which SageMaker monitors alarms for each batch on the new fleet.", - "title": "WaitIntervalInSeconds", - "type": "number" + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", + "type": "string" } }, "required": [ - "MaximumBatchSize", - "WaitIntervalInSeconds" + "LocalPath", + "S3Uri" ], "type": "object" }, - "AWS::SageMaker::Endpoint.TrafficRoutingConfig": { + "AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition": { "additionalProperties": false, "properties": { - "CanarySize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for the first step to turn on traffic on the new endpoint fleet. `Value` must be less than or equal to 50% of the variant's total instance count.", - "title": "CanarySize" - }, - "LinearStepSize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for each step to turn on traffic on the new endpoint fleet. `Value` must be 10-50% of the variant's total instance count.", - "title": "LinearStepSize" - }, - "Type": { - "markdownDescription": "Traffic routing strategy type.\n\n- `ALL_AT_ONCE` : Endpoint traffic shifts to the new fleet in a single step.\n- `CANARY` : Endpoint traffic shifts to the new fleet in two steps. The first step is the canary, which is a small portion of the traffic. The second step is the remainder of the traffic.\n- `LINEAR` : Endpoint traffic shifts to the new fleet in n steps of a configurable size.", - "title": "Type", - "type": "string" - }, - "WaitIntervalInSeconds": { - "markdownDescription": "The waiting time (in seconds) between incremental steps to turn on traffic on the new endpoint fleet.", - "title": "WaitIntervalInSeconds", + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", "type": "number" } }, "required": [ - "Type" + "MaxRuntimeInSeconds" ], "type": "object" }, - "AWS::SageMaker::Endpoint.VariantProperty": { + "AWS::SageMaker::ModelQualityJobDefinition.VpcConfig": { "additionalProperties": false, "properties": { - "VariantPropertyType": { - "markdownDescription": "The type of variant property. The supported values are:\n\n- `DesiredInstanceCount` : Overrides the existing variant instance counts using the [InitialInstanceCount](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialInstanceCount) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DesiredWeight` : Overrides the existing variant weights using the [InitialVariantWeight](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialVariantWeight) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DataCaptureConfig` : (Not currently supported.)", - "title": "VariantPropertyType", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], "type": "object" }, - "AWS::SageMaker::EndpointConfig": { + "AWS::SageMaker::MonitoringSchedule": { "additionalProperties": false, "properties": { "Condition": { @@ -246039,73 +298716,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AsyncInferenceConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceConfig", - "markdownDescription": "Specifies configuration for how an endpoint performs asynchronous inference.", - "title": "AsyncInferenceConfig" - }, - "DataCaptureConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.DataCaptureConfig", - "markdownDescription": "Specifies how to capture endpoint data for model monitor. The data capture configuration applies to all production variants hosted at the endpoint.", - "title": "DataCaptureConfig" - }, - "EnableNetworkIsolation": { - "type": "boolean" - }, - "EndpointConfigName": { - "markdownDescription": "The name of the endpoint configuration.", - "title": "EndpointConfigName", + "EndpointName": { + "markdownDescription": "The name of the endpoint using the monitoring schedule.", + "title": "EndpointName", "type": "string" }, - "ExecutionRoleArn": { + "FailureReason": { + "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", + "title": "FailureReason", "type": "string" }, - "ExplainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ExplainerConfig", - "markdownDescription": "A parameter to activate explainers.", - "title": "ExplainerConfig" + "LastMonitoringExecutionSummary": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary", + "markdownDescription": "Describes metadata on the last execution to run, if there was one.", + "title": "LastMonitoringExecutionSummary" }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nThe KMS key policy must grant permission to the IAM role that you specify in your `CreateEndpoint` , `UpdateEndpoint` requests. For more information, refer to the AWS Key Management Service section [Using Key Policies in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/key-policies.html)\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `KmsKeyId` when using an instance type with local storage. If any of the models that you specify in the `ProductionVariants` parameter use nitro-based instances with local storage, do not specify a value for the `KmsKeyId` parameter. If you specify a value for `KmsKeyId` when using any nitro-based instances with local storage, the call to `CreateEndpointConfig` fails.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) .", - "title": "KmsKeyId", - "type": "string" + "MonitoringScheduleConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig", + "markdownDescription": "The configuration object that specifies the monitoring schedule and defines the monitoring job.", + "title": "MonitoringScheduleConfig" }, - "ProductionVariants": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" - }, - "markdownDescription": "A list of `ProductionVariant` objects, one for each model that you want to host at this endpoint.", - "title": "ProductionVariants", - "type": "array" + "MonitoringScheduleName": { + "markdownDescription": "The name of the monitoring schedule.", + "title": "MonitoringScheduleName", + "type": "string" }, - "ShadowProductionVariants": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" - }, - "markdownDescription": "Array of `ProductionVariant` objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on `ProductionVariants` . If you use this field, you can only specify one variant for `ProductionVariants` and one variant for `ShadowProductionVariants` .", - "title": "ShadowProductionVariants", - "type": "array" + "MonitoringScheduleStatus": { + "markdownDescription": "The status of the monitoring schedule.", + "title": "MonitoringScheduleStatus", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.VpcConfig" } }, "required": [ - "ProductionVariants" + "MonitoringScheduleConfig", + "MonitoringScheduleName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::EndpointConfig" + "AWS::SageMaker::MonitoringSchedule" ], "type": "string" }, @@ -246124,881 +298782,557 @@ ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig": { - "additionalProperties": false, - "properties": { - "MaxConcurrentInvocationsPerInstance": { - "markdownDescription": "The maximum number of concurrent requests sent by the SageMaker client to the model container. If no value is provided, SageMaker will choose an optimal value for you.", - "title": "MaxConcurrentInvocationsPerInstance", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceConfig": { + "AWS::SageMaker::MonitoringSchedule.BaselineConfig": { "additionalProperties": false, "properties": { - "ClientConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig", - "markdownDescription": "Configures the behavior of the client used by SageMaker to interact with the model container during asynchronous inference.", - "title": "ClientConfig" + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ConstraintsResource", + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "ConstraintsResource" }, - "OutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig", - "markdownDescription": "Specifies the configuration for asynchronous inference invocation outputs.", - "title": "OutputConfig" + "StatisticsResource": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StatisticsResource", + "markdownDescription": "The baseline statistics file in Amazon S3 that the current monitoring job should be validated against.", + "title": "StatisticsResource" } }, - "required": [ - "OutputConfig" - ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig": { + "AWS::SageMaker::MonitoringSchedule.BatchTransformInput": { "additionalProperties": false, "properties": { - "ErrorTopic": { - "markdownDescription": "Amazon SNS topic to post a notification to when an inference fails. If no topic is provided, no notification is sent on failure.", - "title": "ErrorTopic", + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", "type": "string" }, - "IncludeInferenceResponseIn": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon SNS topics where you want the inference response to be included.\n\n> The inference response is included only if the response size is less than or equal to 128 KB.", - "title": "IncludeInferenceResponseIn", - "type": "array" + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" }, - "SuccessTopic": { - "markdownDescription": "Amazon SNS topic to post a notification to when an inference completes successfully. If no topic is provided, no notification is sent on success.", - "title": "SuccessTopic", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the asynchronous inference output in Amazon S3.", - "title": "KmsKeyId", + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", "type": "string" }, - "NotificationConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig", - "markdownDescription": "Specifies the configuration for notifications of inference results for asynchronous inference.", - "title": "NotificationConfig" - }, - "S3FailurePath": { - "markdownDescription": "The Amazon S3 location to upload failure inference responses to.", - "title": "S3FailurePath", + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", "type": "string" }, - "S3OutputPath": { - "markdownDescription": "The Amazon S3 location to upload inference responses to.", - "title": "S3OutputPath", + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader": { - "additionalProperties": false, - "properties": { - "CsvContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the CSV content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", - "title": "CsvContentTypes", - "type": "array" }, - "JsonContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the JSON content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", - "title": "JsonContentTypes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.CaptureOption": { - "additionalProperties": false, - "properties": { - "CaptureMode": { - "markdownDescription": "Specifies whether the endpoint captures input data or output data.", - "title": "CaptureMode", + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" } }, "required": [ - "CaptureMode" + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig": { + "AWS::SageMaker::MonitoringSchedule.ClusterConfig": { "additionalProperties": false, "properties": { - "EnableExplanations": { - "markdownDescription": "A JMESPath boolean expression used to filter which records to explain. Explanations are activated by default. See [`EnableExplanations`](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-enable) for additional information.", - "title": "EnableExplanations", + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", "type": "string" }, - "InferenceConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig", - "markdownDescription": "The inference configuration parameter for the model container.", - "title": "InferenceConfig" + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" }, - "ShapConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapConfig", - "markdownDescription": "The configuration for SHAP analysis.", - "title": "ShapConfig" + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" } }, "required": [ - "ShapConfig" + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyFeatureType": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.ClarifyHeader": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig": { + "AWS::SageMaker::MonitoringSchedule.ConstraintsResource": { "additionalProperties": false, "properties": { - "ContentTemplate": { - "markdownDescription": "A template string used to format a JSON record into an acceptable model container input. For example, a `ContentTemplate` string `'{\"myfeatures\":$features}'` will format a list of features `[1,2,3]` into the record string `'{\"myfeatures\":[1,2,3]}'` . Required only when the model container input is in JSON Lines format.", - "title": "ContentTemplate", - "type": "string" - }, - "FeatureHeaders": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" - }, - "markdownDescription": "The names of the features. If provided, these are included in the endpoint response payload to help readability of the `InvokeEndpoint` output. See the [Response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", - "title": "FeatureHeaders", - "type": "array" - }, - "FeatureTypes": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyFeatureType" - }, - "markdownDescription": "A list of data types of the features (optional). Applicable only to NLP explainability. If provided, `FeatureTypes` must have at least one `'text'` string (for example, `['text']` ). If `FeatureTypes` is not provided, the explainer infers the feature types based on the baseline data. The feature types are included in the endpoint response payload. For additional information see the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", - "title": "FeatureTypes", - "type": "array" - }, - "FeaturesAttribute": { - "markdownDescription": "Provides the JMESPath expression to extract the features from a model container input in JSON Lines format. For example, if `FeaturesAttribute` is the JMESPath expression `'myfeatures'` , it extracts a list of features `[1,2,3]` from request data `'{\"myfeatures\":[1,2,3]}'` .", - "title": "FeaturesAttribute", - "type": "string" - }, - "LabelAttribute": { - "markdownDescription": "A JMESPath expression used to locate the list of label headers in the model container output.\n\n*Example* : If the model container output of a batch request is `'{\"labels\":[\"cat\",\"dog\",\"fish\"],\"probability\":[0.6,0.3,0.1]}'` , then set `LabelAttribute` to `'labels'` to extract the list of label headers `[\"cat\",\"dog\",\"fish\"]`", - "title": "LabelAttribute", - "type": "string" - }, - "LabelHeaders": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" - }, - "markdownDescription": "For multiclass classification problems, the label headers are the names of the classes. Otherwise, the label header is the name of the predicted label. These are used to help readability for the output of the `InvokeEndpoint` API. See the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information. If there are no label headers in the model container output, provide them manually using this parameter.", - "title": "LabelHeaders", - "type": "array" - }, - "LabelIndex": { - "markdownDescription": "A zero-based index used to extract a label header or list of label headers from model container output in CSV format.\n\n*Example for a multiclass model:* If the model container output consists of label headers followed by probabilities: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `LabelIndex` to `0` to select the label headers `['cat','dog','fish']` .", - "title": "LabelIndex", - "type": "number" - }, - "MaxPayloadInMB": { - "markdownDescription": "The maximum payload size (MB) allowed of a request from the explainer to the model container. Defaults to `6` MB.", - "title": "MaxPayloadInMB", - "type": "number" - }, - "MaxRecordCount": { - "markdownDescription": "The maximum number of records in a request that the model container can process when querying the model container for the predictions of a [synthetic dataset](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-synthetic) . A record is a unit of input data that inference can be made on, for example, a single line in CSV data. If `MaxRecordCount` is `1` , the model container expects one record per request. A value of 2 or greater means that the model expects batch requests, which can reduce overhead and speed up the inferencing process. If this parameter is not provided, the explainer will tune the record count per request according to the model container's capacity at runtime.", - "title": "MaxRecordCount", - "type": "number" - }, - "ProbabilityAttribute": { - "markdownDescription": "A JMESPath expression used to extract the probability (or score) from the model container output if the model container is in JSON Lines format.\n\n*Example* : If the model container output of a single request is `'{\"predicted_label\":1,\"probability\":0.6}'` , then set `ProbabilityAttribute` to `'probability'` .", - "title": "ProbabilityAttribute", + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", "type": "string" - }, - "ProbabilityIndex": { - "markdownDescription": "A zero-based index used to extract a probability value (score) or list from model container output in CSV format. If this value is not provided, the entire model container output will be treated as a probability value (score) or list.\n\n*Example for a single class model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'1,0.6'` , set `ProbabilityIndex` to `1` to select the probability value `0.6` .\n\n*Example for a multiclass model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `ProbabilityIndex` to `1` to select the probability values `[0.1,0.6,0.3]` .", - "title": "ProbabilityIndex", - "type": "number" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig": { + "AWS::SageMaker::MonitoringSchedule.Csv": { "additionalProperties": false, "properties": { - "MimeType": { - "markdownDescription": "The MIME type of the baseline data. Choose from `'text/csv'` or `'application/jsonlines'` . Defaults to `'text/csv'` .", - "title": "MimeType", - "type": "string" - }, - "ShapBaseline": { - "markdownDescription": "The inline SHAP baseline data in string format. `ShapBaseline` can have one or multiple records to be used as the baseline dataset. The format of the SHAP baseline file should be the same format as the training dataset. For example, if the training dataset is in CSV format and each record contains four features, and all features are numerical, then the format of the baseline data should also share these characteristics. For natural language processing (NLP) of text columns, the baseline value should be the value used to replace the unit of text specified by the `Granularity` of the `TextConfig` parameter. The size limit for `ShapBasline` is 4 KB. Use the `ShapBaselineUri` parameter if you want to provide more than 4 KB of baseline data.", - "title": "ShapBaseline", - "type": "string" - }, - "ShapBaselineUri": { - "markdownDescription": "The uniform resource identifier (URI) of the S3 bucket where the SHAP baseline file is stored. The format of the SHAP baseline file should be the same format as the format of the training dataset. For example, if the training dataset is in CSV format, and each record in the training dataset has four features, and all features are numerical, then the baseline file should also have this same format. Each record should contain only the features. If you are using a virtual private cloud (VPC), the `ShapBaselineUri` should be accessible to the VPC. For more information about setting up endpoints with Amazon Virtual Private Cloud, see [Give SageMaker access to Resources in your Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", - "title": "ShapBaselineUri", - "type": "string" + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyShapConfig": { + "AWS::SageMaker::MonitoringSchedule.DatasetFormat": { "additionalProperties": false, "properties": { - "NumberOfSamples": { - "markdownDescription": "The number of samples to be used for analysis by the Kernal SHAP algorithm.\n\n> The number of samples determines the size of the synthetic dataset, which has an impact on latency of explainability requests. For more information, see the *Synthetic data* of [Configure and create an endpoint](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html) .", - "title": "NumberOfSamples", - "type": "number" - }, - "Seed": { - "markdownDescription": "The starting value used to initialize the random number generator in the explainer. Provide a value for this parameter to obtain a deterministic SHAP result.", - "title": "Seed", - "type": "number" - }, - "ShapBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig", - "markdownDescription": "The configuration for the SHAP baseline of the Kernal SHAP algorithm.", - "title": "ShapBaselineConfig" + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Csv", + "markdownDescription": "", + "title": "Csv" }, - "TextConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyTextConfig", - "markdownDescription": "A parameter that indicates if text features are treated as text and explanations are provided for individual units of text. Required for natural language processing (NLP) explainability only.", - "title": "TextConfig" + "Json": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Json", + "markdownDescription": "", + "title": "Json" }, - "UseLogit": { - "markdownDescription": "A Boolean toggle to indicate if you want to use the logit function (true) or log-odds units (false) for model predictions. Defaults to false.", - "title": "UseLogit", + "Parquet": { + "markdownDescription": "", + "title": "Parquet", "type": "boolean" } }, - "required": [ - "ShapBaselineConfig" - ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyTextConfig": { + "AWS::SageMaker::MonitoringSchedule.EndpointInput": { "additionalProperties": false, "properties": { - "Granularity": { - "markdownDescription": "The unit of granularity for the analysis of text features. For example, if the unit is `'token'` , then each token (like a word in English) of the text is treated as a feature. SHAP values are computed for each unit/feature.", - "title": "Granularity", + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", "type": "string" }, - "Language": { - "markdownDescription": "Specifies the language of the text features in [ISO 639-1](https://docs.aws.amazon.com/ https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes) or [ISO 639-3](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_639-3) code of a supported language.\n\n> For a mix of multiple languages, use code `'xx'` .", - "title": "Language", + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", "type": "string" - } - }, - "required": [ - "Granularity", - "Language" - ], - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.DataCaptureConfig": { - "additionalProperties": false, - "properties": { - "CaptureContentTypeHeader": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader", - "markdownDescription": "A list of the JSON and CSV content type that the endpoint captures.", - "title": "CaptureContentTypeHeader" }, - "CaptureOptions": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureOption" - }, - "markdownDescription": "Specifies whether the endpoint captures input data to your model, output data from your model, or both.", - "title": "CaptureOptions", - "type": "array" - }, - "DestinationS3Uri": { - "markdownDescription": "The S3 bucket where model monitor stores captured data.", - "title": "DestinationS3Uri", + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", "type": "string" }, - "EnableCapture": { - "markdownDescription": "Set to `True` to enable data capture.", - "title": "EnableCapture", - "type": "boolean" - }, - "InitialSamplingPercentage": { - "markdownDescription": "The percentage of data to capture.", - "title": "InitialSamplingPercentage", - "type": "number" + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the captured data at rest using Amazon S3 server-side encryption. The KmsKeyId can be any of the following formats: Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab Alias name: alias/ExampleAlias Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see KMS-Managed Encryption Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the Amazon Simple Storage Service Developer Guide. The KMS key policy must grant permission to the IAM role that you specify in your CreateModel (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see Using Key Policies in AWS KMS (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the AWS Key Management Service Developer Guide.", - "title": "KmsKeyId", + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" } }, "required": [ - "CaptureOptions", - "DestinationS3Uri", - "InitialSamplingPercentage" + "EndpointName", + "LocalPath" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ExplainerConfig": { + "AWS::SageMaker::MonitoringSchedule.Json": { "additionalProperties": false, "properties": { - "ClarifyExplainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig", - "markdownDescription": "A member of `ExplainerConfig` that contains configuration parameters for the SageMaker Clarify explainer.", - "title": "ClarifyExplainerConfig" + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.ManagedInstanceScaling": { + "AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification": { "additionalProperties": false, "properties": { - "MaxInstanceCount": { - "type": "number" + "ContainerArguments": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of arguments for the container used to run the monitoring job.", + "title": "ContainerArguments", + "type": "array" }, - "MinInstanceCount": { - "type": "number" + "ContainerEntrypoint": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the entrypoint for a container used to run the monitoring job.", + "title": "ContainerEntrypoint", + "type": "array" }, - "Status": { + "ImageUri": { + "markdownDescription": "The container image to be run by the monitoring job.", + "title": "ImageUri", + "type": "string" + }, + "PostAnalyticsProcessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", + "title": "PostAnalyticsProcessorSourceUri", + "type": "string" + }, + "RecordPreprocessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", + "title": "RecordPreprocessorSourceUri", "type": "string" } }, + "required": [ + "ImageUri" + ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ProductionVariant": { + "AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary": { "additionalProperties": false, "properties": { - "AcceleratorType": { - "markdownDescription": "The size of the Elastic Inference (EI) instance to use for the production variant. EI instances provide on-demand GPU computing for inference. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) . For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .", - "title": "AcceleratorType", + "CreationTime": { + "markdownDescription": "The time at which the monitoring job was created.", + "title": "CreationTime", "type": "string" }, - "ContainerStartupHealthCheckTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by SageMaker Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", - "title": "ContainerStartupHealthCheckTimeoutInSeconds", - "type": "number" - }, - "EnableSSMAccess": { - "markdownDescription": "You can use this parameter to turn on native AWS Systems Manager (SSM) access for a production variant behind an endpoint. By default, SSM access is disabled for all production variants behind an endpoint. You can turn on or turn off SSM access for a production variant behind an existing endpoint by creating a new endpoint configuration and calling `UpdateEndpoint` .", - "title": "EnableSSMAccess", - "type": "boolean" - }, - "InitialInstanceCount": { - "markdownDescription": "Number of instances to launch initially.", - "title": "InitialInstanceCount", - "type": "number" - }, - "InitialVariantWeight": { - "markdownDescription": "Determines initial traffic distribution among all of the models that you specify in the endpoint configuration. The traffic to a production variant is determined by the ratio of the `VariantWeight` to the sum of all `VariantWeight` values across all ProductionVariants. If unspecified, it defaults to 1.0.", - "title": "InitialVariantWeight", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The ML compute instance type.", - "title": "InstanceType", + "EndpointName": { + "markdownDescription": "The name of the endpoint used to run the monitoring job.", + "title": "EndpointName", "type": "string" }, - "ManagedInstanceScaling": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ManagedInstanceScaling" - }, - "ModelDataDownloadTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this production variant.", - "title": "ModelDataDownloadTimeoutInSeconds", - "type": "number" - }, - "ModelName": { - "markdownDescription": "The name of the model that you want to host. This is the name that you specified when creating the model.", - "title": "ModelName", + "FailureReason": { + "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", + "title": "FailureReason", "type": "string" }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.RoutingConfig" - }, - "ServerlessConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ServerlessConfig", - "markdownDescription": "The serverless configuration for an endpoint. Specifies a serverless endpoint configuration instead of an instance-based endpoint configuration.", - "title": "ServerlessConfig" + "LastModifiedTime": { + "markdownDescription": "A timestamp that indicates the last time the monitoring job was modified.", + "title": "LastModifiedTime", + "type": "string" }, - "VariantName": { - "markdownDescription": "The name of the production variant.", - "title": "VariantName", + "MonitoringExecutionStatus": { + "markdownDescription": "The status of the monitoring job.", + "title": "MonitoringExecutionStatus", "type": "string" }, - "VolumeSizeInGB": { - "markdownDescription": "The size, in GB, of the ML storage volume attached to individual inference instance associated with the production variant. Currently only Amazon EBS gp2 storage volumes are supported.", - "title": "VolumeSizeInGB", - "type": "number" - } - }, - "required": [ - "VariantName" - ], - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.RoutingConfig": { - "additionalProperties": false, - "properties": { - "RoutingStrategy": { + "MonitoringScheduleName": { + "markdownDescription": "The name of the monitoring schedule.", + "title": "MonitoringScheduleName", "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.ServerlessConfig": { - "additionalProperties": false, - "properties": { - "MaxConcurrency": { - "markdownDescription": "The maximum number of concurrent invocations your serverless endpoint can process.", - "title": "MaxConcurrency", - "type": "number" }, - "MemorySizeInMB": { - "markdownDescription": "The memory size of your serverless endpoint. Valid values are in 1 GB increments: 1024 MB, 2048 MB, 3072 MB, 4096 MB, 5120 MB, or 6144 MB.", - "title": "MemorySizeInMB", - "type": "number" + "ProcessingJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the monitoring job.", + "title": "ProcessingJobArn", + "type": "string" }, - "ProvisionedConcurrency": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the serverless endpoint. Should be less than or equal to `MaxConcurrency` .\n\n> This field is not supported for serverless endpoint recommendations for Inference Recommender jobs. For more information about creating an Inference Recommender job, see [CreateInferenceRecommendationsJobs](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html) .", - "title": "ProvisionedConcurrency", - "type": "number" + "ScheduledTime": { + "markdownDescription": "The time the monitoring job was scheduled.", + "title": "ScheduledTime", + "type": "string" } }, "required": [ - "MaxConcurrency", - "MemorySizeInMB" + "CreationTime", + "LastModifiedTime", + "MonitoringExecutionStatus", + "MonitoringScheduleName", + "ScheduledTime" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.VpcConfig": { + "AWS::SageMaker::MonitoringSchedule.MonitoringInput": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "type": "array" + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" }, - "Subnets": { - "items": { - "type": "string" - }, - "type": "array" + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.EndpointInput", + "markdownDescription": "The endpoint for a monitoring job.", + "title": "EndpointInput" } }, - "required": [ - "SecurityGroupIds", - "Subnets" - ], "type": "object" }, - "AWS::SageMaker::FeatureGroup": { + "AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BaselineConfig", + "markdownDescription": "Baseline configuration used to validate that the data conforms to the specified constraints and statistics", + "title": "BaselineConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the Docker container.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "Environment", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A free form description of a `FeatureGroup` .", - "title": "Description", - "type": "string" - }, - "EventTimeFeatureName": { - "markdownDescription": "The name of the feature that stores the `EventTime` of a Record in a `FeatureGroup` .\n\nA `EventTime` is point in time when a new event occurs that corresponds to the creation or update of a `Record` in `FeatureGroup` . All `Records` in the `FeatureGroup` must have a corresponding `EventTime` .", - "title": "EventTimeFeatureName", - "type": "string" - }, - "FeatureDefinitions": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.FeatureDefinition" - }, - "markdownDescription": "A list of `Feature` s. Each `Feature` must include a `FeatureName` and a `FeatureType` .\n\nValid `FeatureType` s are `Integral` , `Fractional` and `String` .\n\n`FeatureName` s cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nYou can create up to 2,500 `FeatureDefinition` s per `FeatureGroup` .", - "title": "FeatureDefinitions", - "type": "array" - }, - "FeatureGroupName": { - "markdownDescription": "The name of the `FeatureGroup` .", - "title": "FeatureGroupName", - "type": "string" - }, - "OfflineStoreConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OfflineStoreConfig", - "markdownDescription": "The configuration of an `OfflineStore` .", - "title": "OfflineStoreConfig" - }, - "OnlineStoreConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreConfig", - "markdownDescription": "The configuration of an `OnlineStore` .", - "title": "OnlineStoreConfig" - }, - "RecordIdentifierFeatureName": { - "markdownDescription": "The name of the `Feature` whose value uniquely identifies a `Record` defined in the `FeatureGroup` `FeatureDefinitions` .", - "title": "RecordIdentifierFeatureName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM execution role used to create the feature group.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags used to define a `FeatureGroup` .", - "title": "Tags", - "type": "array" - }, - "ThroughputConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.ThroughputConfig", - "markdownDescription": "Used to set feature group throughput configuration. There are two modes: `ON_DEMAND` and `PROVISIONED` . With on-demand mode, you are charged for data reads and writes that your application performs on your feature group. You do not need to specify read and write throughput because Feature Store accommodates your workloads as they ramp up and down. You can switch a feature group to on-demand only once in a 24 hour period. With provisioned throughput mode, you specify the read and write capacity per second that you expect your application to require, and you are billed based on those limits. Exceeding provisioned throughput will result in your requests being throttled.\n\nNote: `PROVISIONED` throughput mode is supported only for feature groups that are offline-only, or use the [`Standard`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) tier online store.", - "title": "ThroughputConfig" - } + "MonitoringAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification", + "markdownDescription": "Configures the monitoring job to run a specified Docker container image.", + "title": "MonitoringAppSpecification" + }, + "MonitoringInputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringInput" }, - "required": [ - "EventTimeFeatureName", - "FeatureDefinitions", - "FeatureGroupName", - "RecordIdentifierFeatureName" - ], - "type": "object" + "markdownDescription": "The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker AI Endpoint.", + "title": "MonitoringInputs", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SageMaker::FeatureGroup" - ], - "type": "string" + "MonitoringOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig", + "markdownDescription": "The array of outputs from the monitoring job to be uploaded to Amazon S3.", + "title": "MonitoringOutputConfig" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MonitoringResources": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringResources", + "markdownDescription": "Identifies the resources, ML compute instances, and ML storage volumes to deploy for a monitoring job. In distributed processing, you specify more than one instance.", + "title": "MonitoringResources" + }, + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.NetworkConfig", + "markdownDescription": "Specifies networking options for an monitoring job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can assume to perform tasks on your behalf.", + "title": "RoleArn", "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StoppingCondition", + "markdownDescription": "Specifies a time limit for how long the monitoring job is allowed to run.", + "title": "StoppingCondition" } }, "required": [ - "Type", - "Properties" + "MonitoringAppSpecification", + "MonitoringInputs", + "MonitoringOutputConfig", + "MonitoringResources", + "RoleArn" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.DataCatalogConfig": { + "AWS::SageMaker::MonitoringSchedule.MonitoringOutput": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The name of the Glue table catalog.", - "title": "Catalog", - "type": "string" - }, - "Database": { - "markdownDescription": "The name of the Glue table database.", - "title": "Database", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of the Glue table.", - "title": "TableName", - "type": "string" + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" } }, "required": [ - "Catalog", - "Database", - "TableName" + "S3Output" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.FeatureDefinition": { + "AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of a feature. The type must be a string. `FeatureName` cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nThe name:\n\n- Must start with an alphanumeric character.\n- Can only include alphanumeric characters, underscores, and hyphens. Spaces are not allowed.", - "title": "FeatureName", + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", "type": "string" }, - "FeatureType": { - "markdownDescription": "The value type of a feature. Valid values are Integral, Fractional, or String.", - "title": "FeatureType", - "type": "string" + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" } }, "required": [ - "FeatureName", - "FeatureType" + "MonitoringOutputs" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.OfflineStoreConfig": { + "AWS::SageMaker::MonitoringSchedule.MonitoringResources": { "additionalProperties": false, "properties": { - "DataCatalogConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.DataCatalogConfig", - "markdownDescription": "The meta data of the Glue table that is autogenerated when an `OfflineStore` is created.", - "title": "DataCatalogConfig" - }, - "DisableGlueTableCreation": { - "markdownDescription": "Set to `True` to disable the automatic creation of an AWS Glue table when configuring an `OfflineStore` . If set to `False` , Feature Store will name the `OfflineStore` Glue table following [Athena's naming recommendations](https://docs.aws.amazon.com/athena/latest/ug/tables-databases-columns-names.html) .\n\nThe default value is `False` .", - "title": "DisableGlueTableCreation", - "type": "boolean" - }, - "S3StorageConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.S3StorageConfig", - "markdownDescription": "The Amazon Simple Storage (Amazon S3) location of `OfflineStore` .", - "title": "S3StorageConfig" - }, - "TableFormat": { - "markdownDescription": "Format for the offline store table. Supported formats are Glue (Default) and [Apache Iceberg](https://docs.aws.amazon.com/https://iceberg.apache.org/) .", - "title": "TableFormat", - "type": "string" + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" } }, "required": [ - "S3StorageConfig" + "ClusterConfig" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.OnlineStoreConfig": { + "AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig": { "additionalProperties": false, "properties": { - "EnableOnlineStore": { - "markdownDescription": "Turn `OnlineStore` off by specifying `False` for the `EnableOnlineStore` flag. Turn `OnlineStore` on by specifying `True` for the `EnableOnlineStore` flag.\n\nThe default value is `False` .", - "title": "EnableOnlineStore", - "type": "boolean" + "MonitoringJobDefinition": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition", + "markdownDescription": "Defines the monitoring job.", + "title": "MonitoringJobDefinition" }, - "SecurityConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig", - "markdownDescription": "Use to specify KMS Key ID ( `KMSKeyId` ) for at-rest encryption of your `OnlineStore` .", - "title": "SecurityConfig" + "MonitoringJobDefinitionName": { + "markdownDescription": "The name of the monitoring job definition to schedule.", + "title": "MonitoringJobDefinitionName", + "type": "string" }, - "StorageType": { - "markdownDescription": "Option for different tiers of low latency storage for real-time data retrieval.\n\n- `Standard` : A managed low latency data store for feature groups.\n- `InMemory` : A managed data store for feature groups that supports very low latency retrieval.", - "title": "StorageType", + "MonitoringType": { + "markdownDescription": "The type of the monitoring job definition to schedule.", + "title": "MonitoringType", "type": "string" }, - "TtlDuration": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.TtlDuration", - "markdownDescription": "Time to live duration, where the record is hard deleted after the expiration time is reached; `ExpiresAt` = `EventTime` + `TtlDuration` . For information on HardDelete, see the [DeleteRecord](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html) API in the Amazon SageMaker API Reference guide.", - "title": "TtlDuration" + "ScheduleConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ScheduleConfig", + "markdownDescription": "Configures the monitoring schedule.", + "title": "ScheduleConfig" } }, "type": "object" }, - "AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig": { + "AWS::SageMaker::MonitoringSchedule.NetworkConfig": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.\n\nThe caller (either user or IAM role) of `CreateFeatureGroup` must have below permissions to the `OnlineStore` `KmsKeyId` :\n\n- `\"kms:Encrypt\"`\n- `\"kms:Decrypt\"`\n- `\"kms:DescribeKey\"`\n- `\"kms:CreateGrant\"`\n- `\"kms:RetireGrant\"`\n- `\"kms:ReEncryptFrom\"`\n- `\"kms:ReEncryptTo\"`\n- `\"kms:GenerateDataKey\"`\n- `\"kms:ListAliases\"`\n- `\"kms:ListGrants\"`\n- `\"kms:RevokeGrant\"`\n\nThe caller (either user or IAM role) to all DataPlane operations ( `PutRecord` , `GetRecord` , `DeleteRecord` ) must have the following permissions to the `KmsKeyId` :\n\n- `\"kms:Decrypt\"`", - "title": "KmsKeyId", - "type": "string" + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" + }, + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Training Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html) .", + "title": "VpcConfig" } }, "type": "object" }, - "AWS::SageMaker::FeatureGroup.S3StorageConfig": { + "AWS::SageMaker::MonitoringSchedule.S3Output": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service (KMS) key ARN of the key used to encrypt any objects written into the `OfflineStore` S3 location.\n\nThe IAM `roleARN` that is passed as a parameter to `CreateFeatureGroup` must have below permissions to the `KmsKeyId` :\n\n- `\"kms:GenerateDataKey\"`", - "title": "KmsKeyId", + "LocalPath": { + "markdownDescription": "The local path to the S3 storage location where SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" + }, + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", "type": "string" }, "S3Uri": { - "markdownDescription": "The S3 URI, or location in Amazon S3, of `OfflineStore` .\n\nS3 URIs have a format similar to the following: `s3://example-bucket/prefix/` .", + "markdownDescription": "A URI that identifies the S3 storage location where SageMaker saves the results of a monitoring job.", "title": "S3Uri", "type": "string" } }, "required": [ + "LocalPath", "S3Uri" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.ThroughputConfig": { + "AWS::SageMaker::MonitoringSchedule.ScheduleConfig": { "additionalProperties": false, "properties": { - "ProvisionedReadCapacityUnits": { - "markdownDescription": "For provisioned feature groups with online store enabled, this indicates the read throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", - "title": "ProvisionedReadCapacityUnits", - "type": "number" + "DataAnalysisEndTime": { + "markdownDescription": "Sets the end time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to end the window one hour before the start of each monitoring job, you would specify: `\"-PT1H\"` .\n\nThe end time that you specify must not follow the start time that you specify by more than 24 hours. You specify the start time with the `DataAnalysisStartTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", + "title": "DataAnalysisEndTime", + "type": "string" }, - "ProvisionedWriteCapacityUnits": { - "markdownDescription": "For provisioned feature groups, this indicates the write throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", - "title": "ProvisionedWriteCapacityUnits", - "type": "number" + "DataAnalysisStartTime": { + "markdownDescription": "Sets the start time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to monitor the five hours of data in your dataset that precede the start of each monitoring job, you would specify: `\"-PT5H\"` .\n\nThe start time that you specify must not precede the end time that you specify by more than 24 hours. You specify the end time with the `DataAnalysisEndTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", + "title": "DataAnalysisStartTime", + "type": "string" }, - "ThroughputMode": { - "markdownDescription": "The mode used for your feature group throughput: `ON_DEMAND` or `PROVISIONED` .", - "title": "ThroughputMode", + "ScheduleExpression": { + "markdownDescription": "A cron expression that describes details about the monitoring schedule.\n\nThe supported cron expressions are:\n\n- If you want to set the job to start every hour, use the following:\n\n`Hourly: cron(0 * ? * * *)`\n- If you want to start the job daily:\n\n`cron(0 [00-23] ? * * *)`\n- If you want to run the job one time, immediately, use the following keyword:\n\n`NOW`\n\nFor example, the following are valid cron expressions:\n\n- Daily at noon UTC: `cron(0 12 ? * * *)`\n- Daily at midnight UTC: `cron(0 0 ? * * *)`\n\nTo support running every 6, 12 hours, the following are also supported:\n\n`cron(0 [00-23]/[01-24] ? * * *)`\n\nFor example, the following are valid cron expressions:\n\n- Every 12 hours, starting at 5pm UTC: `cron(0 17/12 ? * * *)`\n- Every two hours starting at midnight: `cron(0 0/2 ? * * *)`\n\n> - Even though the cron expression is set to start at 5PM UTC, note that there could be a delay of 0-20 minutes from the actual requested time to run the execution.\n> - We recommend that if you would like a daily schedule, you do not provide this parameter. Amazon SageMaker AI will pick a time for running every day. \n\nYou can also specify the keyword `NOW` to run the monitoring job immediately, one time, without recurring.", + "title": "ScheduleExpression", "type": "string" } }, "required": [ - "ThroughputMode" + "ScheduleExpression" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.TtlDuration": { + "AWS::SageMaker::MonitoringSchedule.StatisticsResource": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "`TtlDuration` time unit.", - "title": "Unit", + "S3Uri": { + "markdownDescription": "The S3 URI for the statistics resource.", + "title": "S3Uri", "type": "string" - }, - "Value": { - "markdownDescription": "`TtlDuration` time value.", - "title": "Value", + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.StoppingCondition": { + "additionalProperties": false, + "properties": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", "type": "number" } }, + "required": [ + "MaxRuntimeInSeconds" + ], "type": "object" }, - "AWS::SageMaker::Image": { + "AWS::SageMaker::MonitoringSchedule.VpcConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ImageDescription": { - "markdownDescription": "The description of the image.", - "title": "ImageDescription", - "type": "string" - }, - "ImageDisplayName": { - "markdownDescription": "The display name of the image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.\n\n*Pattern* : `^\\S(.*\\S)?$`", - "title": "ImageDisplayName", - "type": "string" - }, - "ImageName": { - "markdownDescription": "The name of the Image. Must be unique by region in your account.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", - "title": "ImageName", - "type": "string" - }, - "ImageRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n\n*Length Constraints* : Minimum length of 20. Maximum length of 2048.\n\n*Pattern* : `^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$`", - "title": "ImageRoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\n*Array Members* : Minimum number of 0 items. Maximum number of 50 items.", - "title": "Tags", - "type": "array" - } + "SecurityGroupIds": { + "items": { + "type": "string" }, - "required": [ - "ImageName", - "ImageRoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::Image" - ], - "type": "string" + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" } }, "required": [ - "Type", - "Properties" + "SecurityGroupIds", + "Subnets" ], "type": "object" }, - "AWS::SageMaker::ImageVersion": { + "AWS::SageMaker::NotebookInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -247033,74 +299367,108 @@ "Properties": { "additionalProperties": false, "properties": { - "Alias": { - "markdownDescription": "", - "title": "Alias", - "type": "string" + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Elastic Inference (EI) instance types to associate with the notebook instance. Currently, only one instance type can be associated with a notebook instance. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .\n\n*Valid Values:* `ml.eia1.medium | ml.eia1.large | ml.eia1.xlarge | ml.eia2.medium | ml.eia2.large | ml.eia2.xlarge` .", + "title": "AcceleratorTypes", + "type": "array" }, - "Aliases": { + "AdditionalCodeRepositories": { "items": { "type": "string" }, - "markdownDescription": "", - "title": "Aliases", + "markdownDescription": "An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", + "title": "AdditionalCodeRepositories", "type": "array" }, - "BaseImage": { - "markdownDescription": "The container image that the SageMaker image version is based on.", - "title": "BaseImage", + "DefaultCodeRepository": { + "markdownDescription": "The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. When you open a notebook instance, it opens in the directory that contains this repository. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", + "title": "DefaultCodeRepository", "type": "string" }, - "Horovod": { - "markdownDescription": "", - "title": "Horovod", - "type": "boolean" + "DirectInternetAccess": { + "markdownDescription": "Sets whether SageMaker AI provides internet access to the notebook instance. If you set this to `Disabled` this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker AI training and endpoint services unless you configure a NAT Gateway in your VPC.\n\nFor more information, see [Notebook Instances Are Internet-Enabled by Default](https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access) . You can set the value of this parameter to `Disabled` only if you set a value for the `SubnetId` parameter.", + "title": "DirectInternetAccess", + "type": "string" }, - "ImageName": { - "markdownDescription": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", - "title": "ImageName", + "InstanceMetadataServiceConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration", + "markdownDescription": "Information on the IMDS configuration of the notebook instance", + "title": "InstanceMetadataServiceConfiguration" + }, + "InstanceType": { + "markdownDescription": "The type of ML compute instance to launch for the notebook instance.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", + "title": "InstanceType", "type": "string" }, - "JobType": { - "markdownDescription": "", - "title": "JobType", + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Key Management Service key that SageMaker AI uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see [Enabling and Disabling Keys](https://docs.aws.amazon.com/kms/latest/developerguide/enabling-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyId", "type": "string" }, - "MLFramework": { - "markdownDescription": "", - "title": "MLFramework", + "LifecycleConfigName": { + "markdownDescription": "The name of a lifecycle configuration to associate with the notebook instance. For information about lifecycle configurations, see [Customize a Notebook Instance](https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html) in the *Amazon SageMaker Developer Guide* .", + "title": "LifecycleConfigName", "type": "string" }, - "Processor": { - "markdownDescription": "", - "title": "Processor", + "NotebookInstanceName": { + "markdownDescription": "The name of the new notebook instance.", + "title": "NotebookInstanceName", "type": "string" }, - "ProgrammingLang": { - "markdownDescription": "", - "title": "ProgrammingLang", + "PlatformIdentifier": { + "markdownDescription": "The platform identifier of the notebook instance runtime environment.", + "title": "PlatformIdentifier", "type": "string" }, - "ReleaseNotes": { - "markdownDescription": "", - "title": "ReleaseNotes", + "RoleArn": { + "markdownDescription": "When you send any requests to AWS resources from the notebook instance, SageMaker AI assumes this role to perform tasks on your behalf. You must grant this role necessary permissions so SageMaker AI can perform these tasks. The policy must allow the SageMaker AI service principal (sagemaker.amazonaws.com) permissions to assume this role. For more information, see [SageMaker AI Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker AI, the caller of this API must have the `iam:PassRole` permission.", + "title": "RoleArn", "type": "string" }, - "VendorGuidance": { - "markdownDescription": "", - "title": "VendorGuidance", + "RootAccess": { + "markdownDescription": "Whether root access is enabled or disabled for users of the notebook instance. The default value is `Enabled` .\n\n> Lifecycle configurations need root access to be able to set up a notebook instance. Because of this, lifecycle configurations associated with a notebook instance always run with root access even if you disable root access for users.", + "title": "RootAccess", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form sg-xxxxxxxx. The security groups must be for the same VPC as specified in the subnet.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in a VPC to which you would like to have a connectivity from your ML compute instance.", + "title": "SubnetId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .\n\nYou can add tags later by using the `CreateTags` API.", + "title": "Tags", + "type": "array" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", + "title": "VolumeSizeInGB", + "type": "number" } }, "required": [ - "BaseImage", - "ImageName" + "InstanceType", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ImageVersion" + "AWS::SageMaker::NotebookInstance" ], "type": "string" }, @@ -247119,7 +299487,21 @@ ], "type": "object" }, - "AWS::SageMaker::InferenceComponent": { + "AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration": { + "additionalProperties": false, + "properties": { + "MinimumInstanceMetadataServiceVersion": { + "markdownDescription": "Indicates the minimum IMDS version that the notebook instance supports. When passed as part of `CreateNotebookInstance` , if no value is selected, then it defaults to IMDSv1. This means that both IMDSv1 and IMDSv2 are supported. If passed as part of `UpdateNotebookInstance` , there is no default.", + "title": "MinimumInstanceMetadataServiceVersion", + "type": "string" + } + }, + "required": [ + "MinimumInstanceMetadataServiceVersion" + ], + "type": "object" + }, + "AWS::SageMaker::NotebookInstanceLifecycleConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -247154,56 +299536,33 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the endpoint that hosts the inference component.", - "title": "EndpointArn", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint that hosts the inference component.", - "title": "EndpointName", - "type": "string" - }, - "InferenceComponentName": { - "markdownDescription": "The name of the inference component.", - "title": "InferenceComponentName", + "NotebookInstanceLifecycleConfigName": { + "markdownDescription": "The name of the lifecycle configuration.", + "title": "NotebookInstanceLifecycleConfigName", "type": "string" }, - "RuntimeConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig", - "markdownDescription": "", - "title": "RuntimeConfig" - }, - "Specification": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentSpecification", - "markdownDescription": "", - "title": "Specification" - }, - "Tags": { + "OnCreate": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "A shell script that runs only once, when you create a notebook instance. The shell script must be a base64-encoded string.", + "title": "OnCreate", "type": "array" }, - "VariantName": { - "markdownDescription": "The name of the production variant that hosts the inference component.", - "title": "VariantName", - "type": "string" + "OnStart": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" + }, + "markdownDescription": "A shell script that runs every time you start a notebook instance, including when you create the notebook instance. The shell script must be a base64-encoded string.", + "title": "OnStart", + "type": "array" } }, - "required": [ - "EndpointName", - "RuntimeConfig", - "Specification", - "VariantName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::InferenceComponent" + "AWS::SageMaker::NotebookInstanceLifecycleConfig" ], "type": "string" }, @@ -247217,157 +299576,22 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SageMaker::InferenceComponent.DeployedImage": { - "additionalProperties": false, - "properties": { - "ResolutionTime": { - "markdownDescription": "The date and time when the image path for the model resolved to the `ResolvedImage`", - "title": "ResolutionTime", - "type": "string" - }, - "ResolvedImage": { - "markdownDescription": "The specific digest path of the image hosted in this `ProductionVariant` .", - "title": "ResolvedImage", - "type": "string" - }, - "SpecifiedImage": { - "markdownDescription": "The image path you specified when you created the model.", - "title": "SpecifiedImage", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements": { - "additionalProperties": false, - "properties": { - "MaxMemoryRequiredInMb": { - "markdownDescription": "The maximum MB of memory to allocate to run a model that you assign to an inference component.", - "title": "MaxMemoryRequiredInMb", - "type": "number" - }, - "MinMemoryRequiredInMb": { - "markdownDescription": "The minimum MB of memory to allocate to run a model that you assign to an inference component.", - "title": "MinMemoryRequiredInMb", - "type": "number" - }, - "NumberOfAcceleratorDevicesRequired": { - "markdownDescription": "The number of accelerators to allocate to run a model that you assign to an inference component. Accelerators include GPUs and AWS Inferentia.", - "title": "NumberOfAcceleratorDevicesRequired", - "type": "number" - }, - "NumberOfCpuCoresRequired": { - "markdownDescription": "The number of CPU cores to allocate to run a model that you assign to an inference component.", - "title": "NumberOfCpuCoresRequired", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification": { - "additionalProperties": false, - "properties": { - "ArtifactUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", - "title": "ArtifactUrl", - "type": "string" - }, - "DeployedImage": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.DeployedImage", - "markdownDescription": "", - "title": "DeployedImage" - }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the Environment string-to-string map can have length of up to 1024. We support up to 16 entries in the map.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "Image": { - "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where the Docker image for the model is stored.", - "title": "Image", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig": { - "additionalProperties": false, - "properties": { - "CopyCount": { - "markdownDescription": "The number of runtime copies of the model container to deploy with the inference component. Each copy can serve inference requests.", - "title": "CopyCount", - "type": "number" - }, - "CurrentCopyCount": { - "markdownDescription": "", - "title": "CurrentCopyCount", - "type": "number" - }, - "DesiredCopyCount": { - "markdownDescription": "", - "title": "DesiredCopyCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceComponent.InferenceComponentSpecification": { + "AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook": { "additionalProperties": false, "properties": { - "ComputeResourceRequirements": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements", - "markdownDescription": "The compute resources allocated to run the model, plus any adapter models, that you assign to the inference component.\n\nOmit this parameter if your request is meant to create an adapter inference component. An adapter inference component is loaded by a base inference component, and it uses the compute resources of the base inference component.", - "title": "ComputeResourceRequirements" - }, - "Container": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification", - "markdownDescription": "Defines a container that provides the runtime environment for a model that you deploy with an inference component.", - "title": "Container" - }, - "ModelName": { - "markdownDescription": "The name of an existing SageMaker AI model object in your account that you want to deploy with the inference component.", - "title": "ModelName", + "Content": { + "markdownDescription": "A base64-encoded string that contains a shell script for a notebook instance lifecycle configuration.", + "title": "Content", "type": "string" - }, - "StartupParameters": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters", - "markdownDescription": "Settings that take effect while the model container starts up.", - "title": "StartupParameters" - } - }, - "required": [ - "ComputeResourceRequirements" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters": { - "additionalProperties": false, - "properties": { - "ContainerStartupHealthCheckTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by Amazon S3 Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", - "title": "ContainerStartupHealthCheckTimeoutInSeconds", - "type": "number" - }, - "ModelDataDownloadTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this inference component.", - "title": "ModelDataDownloadTimeoutInSeconds", - "type": "number" } }, "type": "object" }, - "AWS::SageMaker::InferenceExperiment": { + "AWS::SageMaker::PartnerApp": { "additionalProperties": false, "properties": { "Condition": { @@ -247402,304 +299626,130 @@ "Properties": { "additionalProperties": false, "properties": { - "DataStorageConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.DataStorageConfig", - "markdownDescription": "The Amazon S3 location and configuration for storing inference request and response data.", - "title": "DataStorageConfig" + "ApplicationConfig": { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp.PartnerAppConfig", + "markdownDescription": "Configuration settings for the Partner AI App.", + "title": "ApplicationConfig" }, - "Description": { - "markdownDescription": "The description of the inference experiment.", - "title": "Description", + "AuthType": { + "markdownDescription": "Defines the authentication type used for the Partner AI App.", + "title": "AuthType", "type": "string" }, - "DesiredState": { - "markdownDescription": "The desired state of the experiment after stopping. The possible states are the following:\n\n- `Completed` : The experiment completed successfully\n- `Cancelled` : The experiment was canceled", - "title": "DesiredState", - "type": "string" + "EnableIamSessionBasedIdentity": { + "markdownDescription": "Enables IAM Session based Identity for PartnerApp.", + "title": "EnableIamSessionBasedIdentity", + "type": "boolean" }, - "EndpointName": { - "markdownDescription": "The name of the endpoint.", - "title": "EndpointName", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role of the user.", + "title": "ExecutionRoleArn", "type": "string" }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", - "title": "KmsKey", + "KmsKeyId": { + "markdownDescription": "The AWS KMS customer managed key used to encrypt the data associated with the PartnerApp.", + "title": "KmsKeyId", "type": "string" }, - "ModelVariants": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelVariantConfig" - }, - "markdownDescription": "An array of `ModelVariantConfigSummary` objects. There is one for each variant in the inference experiment. Each `ModelVariantConfigSummary` object in the array describes the infrastructure configuration for deploying the corresponding variant.", - "title": "ModelVariants", - "type": "array" + "MaintenanceConfig": { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp.PartnerAppMaintenanceConfig", + "markdownDescription": "A collection of settings that specify the maintenance schedule for the PartnerApp.", + "title": "MaintenanceConfig" }, "Name": { - "markdownDescription": "The name of the inference experiment.", + "markdownDescription": "The name of the Partner AI App. This name must be unique within your account and region.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Amazon SageMaker can assume to access model artifacts and container images, and manage Amazon SageMaker Inference endpoints for model deployment.", - "title": "RoleArn", - "type": "string" - }, - "Schedule": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule", - "markdownDescription": "The duration for which the inference experiment ran or will run.\n\nThe maximum duration that you can set for an inference experiment is 30 days.", - "title": "Schedule" - }, - "ShadowModeConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModeConfig", - "markdownDescription": "The configuration of `ShadowMode` inference experiment type, which shows the production variant that takes all the inference requests, and the shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant it also shows the percentage of requests that Amazon SageMaker replicates.", - "title": "ShadowModeConfig" - }, - "StatusReason": { - "markdownDescription": "The error message for the inference experiment status result.", - "title": "StatusReason", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of tags to apply to the PartnerApp.", "title": "Tags", "type": "array" }, + "Tier": { + "markdownDescription": "Specifies the tier or level of the Partner AI App. The tier size impacts the speed and capabilities of the application. For more information, see [Set up Partner AI Apps](https://docs.aws.amazon.com/sagemaker/latest/dg/partner-app-onboard.html) .", + "title": "Tier", + "type": "string" + }, "Type": { - "markdownDescription": "The type of the inference experiment.", + "markdownDescription": "Specifies the type of Partner AI App being created.", "title": "Type", "type": "string" } }, "required": [ - "EndpointName", - "ModelVariants", + "AuthType", + "ExecutionRoleArn", "Name", - "RoleArn", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::InferenceExperiment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader": { - "additionalProperties": false, - "properties": { - "CsvContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of all content type headers that Amazon SageMaker AI will treat as CSV and capture accordingly.", - "title": "CsvContentTypes", - "type": "array" - }, - "JsonContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of all content type headers that SageMaker AI will treat as JSON and capture accordingly.", - "title": "JsonContentTypes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.DataStorageConfig": { - "additionalProperties": false, - "properties": { - "ContentType": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader", - "markdownDescription": "Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data.", - "title": "ContentType" - }, - "Destination": { - "markdownDescription": "The Amazon S3 bucket where the inference request and response data is stored.", - "title": "Destination", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", - "title": "KmsKey", - "type": "string" - } - }, - "required": [ - "Destination" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.EndpointMetadata": { - "additionalProperties": false, - "properties": { - "EndpointConfigName": { - "markdownDescription": "The name of the endpoint configuration.", - "title": "EndpointConfigName", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint.", - "title": "EndpointName", - "type": "string" - }, - "EndpointStatus": { - "markdownDescription": "The status of the endpoint. For possible values of the status of an endpoint, see [](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-inferenceexperiment-endpointmetadata.html#cfn-sagemaker-inferenceexperiment-endpointmetadata-endpointstatus) .", - "title": "EndpointStatus", - "type": "string" - } - }, - "required": [ - "EndpointName" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule": { - "additionalProperties": false, - "properties": { - "EndTime": { - "markdownDescription": "The timestamp at which the inference experiment ended or will end.", - "title": "EndTime", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The timestamp at which the inference experiment started or will start.", - "title": "StartTime", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig": { - "additionalProperties": false, - "properties": { - "InfrastructureType": { - "markdownDescription": "The inference option to which to deploy your model. Possible values are the following:\n\n- `RealTime` : Deploy to real-time inference.", - "title": "InfrastructureType", - "type": "string" - }, - "RealTimeInferenceConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig", - "markdownDescription": "The infrastructure configuration for deploying the model to real-time inference.", - "title": "RealTimeInferenceConfig" - } - }, - "required": [ - "InfrastructureType", - "RealTimeInferenceConfig" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.ModelVariantConfig": { - "additionalProperties": false, - "properties": { - "InfrastructureConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig", - "markdownDescription": "The configuration for the infrastructure that the model will be deployed to.", - "title": "InfrastructureConfig" - }, - "ModelName": { - "markdownDescription": "The name of the Amazon SageMaker Model entity.", - "title": "ModelName", - "type": "string" - }, - "VariantName": { - "markdownDescription": "The name of the variant.", - "title": "VariantName", - "type": "string" - } - }, - "required": [ - "InfrastructureConfig", - "ModelName", - "VariantName" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig": { - "additionalProperties": false, - "properties": { - "InstanceCount": { - "markdownDescription": "The number of instances of the type specified by `InstanceType` .", - "title": "InstanceCount", - "type": "number" + "Tier", + "Type" + ], + "type": "object" }, - "InstanceType": { - "markdownDescription": "The instance type the model is deployed to.", - "title": "InstanceType", + "Type": { + "enum": [ + "AWS::SageMaker::PartnerApp" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InstanceCount", - "InstanceType" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.ShadowModeConfig": { + "AWS::SageMaker::PartnerApp.PartnerAppConfig": { "additionalProperties": false, "properties": { - "ShadowModelVariants": { + "AdminUsers": { "items": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig" + "type": "string" }, - "markdownDescription": "List of shadow variant configurations.", - "title": "ShadowModelVariants", + "markdownDescription": "A list of users that will have administrative access to the Partner AI App.", + "title": "AdminUsers", "type": "array" }, - "SourceModelVariantName": { - "markdownDescription": "The name of the production variant, which takes all the inference requests.", - "title": "SourceModelVariantName", - "type": "string" + "Arguments": { + "additionalProperties": true, + "markdownDescription": "Additional arguments passed to the Partner AI App during initialization or runtime.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Arguments", + "type": "object" } }, - "required": [ - "ShadowModelVariants", - "SourceModelVariantName" - ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig": { + "AWS::SageMaker::PartnerApp.PartnerAppMaintenanceConfig": { "additionalProperties": false, "properties": { - "SamplingPercentage": { - "markdownDescription": "The percentage of inference requests that Amazon SageMaker replicates from the production variant to the shadow variant.", - "title": "SamplingPercentage", - "type": "number" - }, - "ShadowModelVariantName": { - "markdownDescription": "The name of the shadow variant.", - "title": "ShadowModelVariantName", + "MaintenanceWindowStart": { + "markdownDescription": "The maintenance window start day and time for the PartnerApp.", + "title": "MaintenanceWindowStart", "type": "string" } }, "required": [ - "SamplingPercentage", - "ShadowModelVariantName" + "MaintenanceWindowStart" ], "type": "object" }, - "AWS::SageMaker::Model": { + "AWS::SageMaker::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -247734,58 +299784,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition" - }, - "markdownDescription": "Specifies the containers in the inference pipeline.", - "title": "Containers", - "type": "array" + "ParallelismConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Pipeline.ParallelismConfiguration", + "markdownDescription": "The parallelism configuration applied to the pipeline.", + "title": "ParallelismConfiguration" }, - "EnableNetworkIsolation": { - "markdownDescription": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "PipelineDefinition": { + "$ref": "#/definitions/AWS::SageMaker::Pipeline.PipelineDefinition", + "markdownDescription": "The definition of the pipeline. This can be either a JSON string or an Amazon S3 location.", + "title": "PipelineDefinition" }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume to access model artifacts and docker image for deployment on ML compute instances or for batch transform jobs. Deploying on ML compute instances is part of model hosting. For more information, see [SageMaker Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker, the caller of this API must have the `iam:PassRole` permission.", - "title": "ExecutionRoleArn", + "PipelineDescription": { + "markdownDescription": "The description of the pipeline.", + "title": "PipelineDescription", "type": "string" }, - "InferenceExecutionConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.InferenceExecutionConfig", - "markdownDescription": "Specifies details of how containers in a multi-container endpoint are called.", - "title": "InferenceExecutionConfig" + "PipelineDisplayName": { + "markdownDescription": "The display name of the pipeline.", + "title": "PipelineDisplayName", + "type": "string" }, - "ModelName": { - "markdownDescription": "The name of the new model.", - "title": "ModelName", + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", "type": "string" }, - "PrimaryContainer": { - "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition", - "markdownDescription": "The location of the primary docker image containing inference code, associated artifacts, and custom environment map that the inference code uses when the model is deployed for predictions.", - "title": "PrimaryContainer" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to execute the pipeline.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", + "markdownDescription": "The tags of the pipeline.", "title": "Tags", "type": "array" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.VpcConfig", - "markdownDescription": "A [VpcConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_VpcConfig.html) object that specifies the VPC that you want your model to connect to. Control access to and from your model container by configuring the VPC. `VpcConfig` is used in hosting services and in batch transform. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Data in Batch Transform Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/batch-vpc.html) .", - "title": "VpcConfig" } }, + "required": [ + "PipelineDefinition", + "PipelineName", + "RoleArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Model" + "AWS::SageMaker::Pipeline" ], "type": "string" }, @@ -247799,210 +299846,72 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::SageMaker::Model.ContainerDefinition": { - "additionalProperties": false, - "properties": { - "ContainerHostname": { - "markdownDescription": "This parameter is ignored for models that contain only a `PrimaryContainer` .\n\nWhen a `ContainerDefinition` is part of an inference pipeline, the value of the parameter uniquely identifies the container for the purposes of logging and metrics. For information, see [Use Logs and Metrics to Monitor an Inference Pipeline](https://docs.aws.amazon.com/sagemaker/latest/dg/inference-pipeline-logs-metrics.html) . If you don't specify a value for this parameter for a `ContainerDefinition` that is part of an inference pipeline, a unique name is automatically assigned based on the position of the `ContainerDefinition` in the pipeline. If you specify a value for the `ContainerHostName` for any `ContainerDefinition` that is part of an inference pipeline, you must specify a value for the `ContainerHostName` parameter of every `ContainerDefinition` in that pipeline.", - "title": "ContainerHostname", - "type": "string" - }, - "Environment": { - "markdownDescription": "The environment variables to set in the Docker container. Don't include any sensitive data in your environment variables.\n\nThe maximum length of each key and value in the `Environment` map is 1024 bytes. The maximum length of all keys and values in the map, combined, is 32 KB. If you pass multiple containers to a `CreateModel` request, then the maximum length of all of their maps, combined, is also 32 KB.", - "title": "Environment", - "type": "object" - }, - "Image": { - "markdownDescription": "The path where inference code is stored. This can be either in Amazon EC2 Container Registry or in a Docker registry that is accessible from the same VPC that you configure for your endpoint. If you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", - "title": "Image", - "type": "string" - }, - "ImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.ImageConfig", - "markdownDescription": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For information about storing containers in a private Docker registry, see [Use a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", - "title": "ImageConfig" - }, - "InferenceSpecificationName": { - "markdownDescription": "The inference specification name in the model package version.", - "title": "InferenceSpecificationName", - "type": "string" - }, - "Mode": { - "markdownDescription": "Whether the container hosts a single model or multiple models.", - "title": "Mode", - "type": "string" - }, - "ModelDataSource": { - "$ref": "#/definitions/AWS::SageMaker::Model.ModelDataSource", - "markdownDescription": "Specifies the location of ML model data to deploy.\n\n> Currently you cannot use `ModelDataSource` in conjunction with SageMaker batch transform, SageMaker serverless endpoints, SageMaker multi-model endpoints, and SageMaker Marketplace.", - "title": "ModelDataSource" - }, - "ModelDataUrl": { - "markdownDescription": "The S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). The S3 path is required for SageMaker built-in algorithms, but not if you use your own algorithms. For more information on built-in algorithms, see [Common Parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-algo-docker-registry-paths.html) .\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model or endpoint you are creating. \n\nIf you provide a value for this parameter, SageMaker uses AWS Security Token Service to download model artifacts from the S3 path you provide. AWS STS is activated in your AWS account by default. If you previously deactivated AWS STS for a region, you need to reactivate AWS STS for that region. For more information, see [Activating and Deactivating AWS STS in an AWS Region](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the *AWS Identity and Access Management User Guide* .\n\n> If you use a built-in algorithm to create a model, SageMaker requires that you provide a S3 path to the model artifacts in `ModelDataUrl` .", - "title": "ModelDataUrl", - "type": "string" - }, - "ModelPackageName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the model package to use to create the model.", - "title": "ModelPackageName", - "type": "string" - }, - "MultiModelConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.MultiModelConfig", - "markdownDescription": "Specifies additional configuration for multi-model endpoints.", - "title": "MultiModelConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::Model.ImageConfig": { - "additionalProperties": false, - "properties": { - "RepositoryAccessMode": { - "markdownDescription": "Set this to one of the following values:\n\n- `Platform` - The model image is hosted in Amazon ECR.\n- `Vpc` - The model image is hosted in a private Docker registry in your VPC.", - "title": "RepositoryAccessMode", - "type": "string" - }, - "RepositoryAuthConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.RepositoryAuthConfig", - "markdownDescription": "(Optional) Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified `Vpc` as the value for the `RepositoryAccessMode` field, and the private Docker registry where the model image is hosted requires authentication.", - "title": "RepositoryAuthConfig" - } - }, - "required": [ - "RepositoryAccessMode" - ], - "type": "object" - }, - "AWS::SageMaker::Model.InferenceExecutionConfig": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "How containers in a multi-container are run. The following values are valid.\n\n- `Serial` - Containers run as a serial pipeline.\n- `Direct` - Only the individual container that you specify is run.", - "title": "Mode", - "type": "string" - } - }, - "required": [ - "Mode" - ], - "type": "object" - }, - "AWS::SageMaker::Model.ModelAccessConfig": { - "additionalProperties": false, - "properties": { - "AcceptEula": { - "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", - "title": "AcceptEula", - "type": "boolean" - } - }, - "required": [ - "AcceptEula" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::Model.ModelDataSource": { + "AWS::SageMaker::Pipeline.ParallelismConfiguration": { "additionalProperties": false, "properties": { - "S3DataSource": { - "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource", - "markdownDescription": "Specifies the S3 location of ML model data to deploy.", - "title": "S3DataSource" + "MaxParallelExecutionSteps": { + "markdownDescription": "The max number of steps that can be executed in parallel.", + "title": "MaxParallelExecutionSteps", + "type": "number" } }, "required": [ - "S3DataSource" + "MaxParallelExecutionSteps" ], "type": "object" }, - "AWS::SageMaker::Model.MultiModelConfig": { - "additionalProperties": false, - "properties": { - "ModelCacheSetting": { - "markdownDescription": "Whether to cache models for a multi-model endpoint. By default, multi-model endpoints cache models so that a model does not have to be loaded into memory each time it is invoked. Some use cases do not benefit from model caching. For example, if an endpoint hosts a large number of models that are each invoked infrequently, the endpoint might perform better if you disable model caching. To disable model caching, set the value of this parameter to Disabled.", - "title": "ModelCacheSetting", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Model.RepositoryAuthConfig": { + "AWS::SageMaker::Pipeline.PipelineDefinition": { "additionalProperties": false, "properties": { - "RepositoryCredentialsProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the *AWS Lambda Developer Guide* .", - "title": "RepositoryCredentialsProviderArn", + "PipelineDefinitionBody": { + "markdownDescription": "The [JSON pipeline definition](https://docs.aws.amazon.com/https://aws-sagemaker-mlops.github.io/sagemaker-model-building-pipeline-definition-JSON-schema/) of the pipeline.", + "title": "PipelineDefinitionBody", "type": "string" + }, + "PipelineDefinitionS3Location": { + "$ref": "#/definitions/AWS::SageMaker::Pipeline.S3Location", + "markdownDescription": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker retrieves the pipeline definition from this location.", + "title": "PipelineDefinitionS3Location" } }, - "required": [ - "RepositoryCredentialsProviderArn" - ], "type": "object" }, - "AWS::SageMaker::Model.S3DataSource": { + "AWS::SageMaker::Pipeline.S3Location": { "additionalProperties": false, "properties": { - "CompressionType": { - "markdownDescription": "", - "title": "CompressionType", + "Bucket": { + "markdownDescription": "The name of the S3 bucket.", + "title": "Bucket", "type": "string" }, - "ModelAccessConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.ModelAccessConfig", - "markdownDescription": "", - "title": "ModelAccessConfig" - }, - "S3DataType": { - "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", - "title": "S3DataType", + "ETag": { + "markdownDescription": "A file checksum of the pipeline definition file.", + "title": "ETag", "type": "string" }, - "S3Uri": { - "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", - "title": "S3Uri", + "Key": { + "markdownDescription": "The object key (or key name) which uniquely identifies the object in an S3 bucket.", + "title": "Key", "type": "string" - } - }, - "required": [ - "CompressionType", - "S3DataType", - "S3Uri" - ], - "type": "object" - }, - "AWS::SageMaker::Model.VpcConfig": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "Version": { + "markdownDescription": "The version ID of the pipeline definition file. If not specified, Amazon SageMaker will retrieve the latest version.", + "title": "Version", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "Bucket", + "Key" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition": { + "AWS::SageMaker::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -248037,77 +299946,51 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", + "ProjectDescription": { + "markdownDescription": "The description of the project.", + "title": "ProjectDescription", "type": "string" }, - "JobDefinitionName": { - "markdownDescription": "The name of the bias job definition. The name must be unique within an AWS Region in the AWS account.", - "title": "JobDefinitionName", + "ProjectName": { + "markdownDescription": "The name of the project.", + "title": "ProjectName", "type": "string" }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" - }, - "ModelBiasAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification", - "markdownDescription": "Configures the model bias job to run a specified Docker container image.", - "title": "ModelBiasAppSpecification" - }, - "ModelBiasBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig", - "markdownDescription": "The baseline configuration for a model bias job.", - "title": "ModelBiasBaselineConfig" - }, - "ModelBiasJobInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput", - "markdownDescription": "Inputs for the model bias job.", - "title": "ModelBiasJobInput" - }, - "ModelBiasJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "ModelBiasJobOutputConfig" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig", - "markdownDescription": "Networking options for a model bias job.", - "title": "NetworkConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", - "type": "string" + "ServiceCatalogProvisionedProductDetails": { + "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails", + "markdownDescription": "Details of a provisioned service catalog product. For information about service catalog, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", + "title": "ServiceCatalogProvisionedProductDetails" }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" + "ServiceCatalogProvisioningDetails": { + "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisioningDetails", + "markdownDescription": "The product ID and provisioning artifact ID to provision a service catalog. For information, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", + "title": "ServiceCatalogProvisioningDetails" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", "title": "Tags", "type": "array" + }, + "TemplateProviderDetails": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Project.TemplateProviderDetail" + }, + "markdownDescription": "An array of template providers associated with the project.", + "title": "TemplateProviderDetails", + "type": "array" } }, "required": [ - "JobResources", - "ModelBiasAppSpecification", - "ModelBiasJobInput", - "ModelBiasJobOutputConfig", - "RoleArn" + "ProjectName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelBiasJobDefinition" + "AWS::SageMaker::Project" ], "type": "string" }, @@ -248126,439 +300009,142 @@ ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput": { + "AWS::SageMaker::Project.CfnStackParameter": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" - }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" - }, - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" - }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", - "type": "string" - }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" - }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" - }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" - }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "Key": { + "markdownDescription": "The name of the CloudFormation parameter.", + "title": "Key", "type": "string" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", + "Value": { + "markdownDescription": "The value of the CloudFormation parameter.", + "title": "Value", "type": "string" } }, "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" + "Key", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig": { + "AWS::SageMaker::Project.CfnTemplateProviderDetail": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Project.CfnStackParameter" + }, + "markdownDescription": "An array of CloudFormation stack parameters.", + "title": "Parameters", + "type": "array" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", + "RoleARN": { + "markdownDescription": "The IAM role used by CloudFormation to create the stack.", + "title": "RoleARN", "type": "string" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", + "TemplateName": { + "markdownDescription": "The unique identifier of the template within the project.", + "title": "TemplateName", "type": "string" }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" + "TemplateURL": { + "markdownDescription": "The Amazon S3 URL of the CloudFormation template.", + "title": "TemplateURL", + "type": "string" } }, "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" + "TemplateName", + "TemplateURL" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.Csv": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" - }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Json", - "markdownDescription": "", - "title": "Json" - }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.EndpointInput": { + "AWS::SageMaker::Project.ProvisioningParameter": { "additionalProperties": false, "properties": { - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" - }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", - "type": "string" - }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" - }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" - }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" - }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "Key": { + "markdownDescription": "The key that identifies a provisioning parameter.", + "title": "Key", "type": "string" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", + "Value": { + "markdownDescription": "The value of the provisioning parameter.", + "title": "Value", "type": "string" } }, "required": [ - "EndpointName", - "LocalPath" + "Key", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.Json": { - "additionalProperties": false, - "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification": { + "AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails": { "additionalProperties": false, "properties": { - "ConfigUri": { - "markdownDescription": "JSON formatted S3 file that defines bias parameters. For more information on this JSON configuration file, see [Configure bias parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-bias-parameters.html) .", - "title": "ConfigUri", + "ProvisionedProductId": { + "markdownDescription": "The ID of the provisioned product.", + "title": "ProvisionedProductId", "type": "string" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the Docker container.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "ImageUri": { - "markdownDescription": "The container image to be run by the model bias job.", - "title": "ImageUri", + "ProvisionedProductStatusMessage": { + "markdownDescription": "The current status of the product.\n\n- `AVAILABLE` - Stable state, ready to perform any operation. The most recent operation succeeded and completed.\n- `UNDER_CHANGE` - Transitive state. Operations performed might not have valid results. Wait for an AVAILABLE status before performing operations.\n- `TAINTED` - Stable state, ready to perform any operation. The stack has completed the requested operation but is not exactly what was requested. For example, a request to update to a new version failed and the stack rolled back to the current version.\n- `ERROR` - An unexpected error occurred. The provisioned product exists but the stack is not running. For example, CloudFormation received a parameter value that was not valid and could not launch the stack.\n- `PLAN_IN_PROGRESS` - Transitive state. The plan operations were performed to provision a new product, but resources have not yet been created. After reviewing the list of resources to be created, execute the plan. Wait for an AVAILABLE status before performing operations.", + "title": "ProvisionedProductStatusMessage", "type": "string" } }, - "required": [ - "ConfigUri", - "ImageUri" - ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig": { + "AWS::SageMaker::Project.ServiceCatalogProvisioningDetails": { "additionalProperties": false, "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the baseline model bias job.", - "title": "BaseliningJobName", + "PathId": { + "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path.", + "title": "PathId", "type": "string" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a monitoring job.", - "title": "ConstraintsResource" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput": { - "additionalProperties": false, - "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" - }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" - }, - "GroundTruthS3Input": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input", - "markdownDescription": "Location of ground truth labels to use in model bias job.", - "title": "GroundTruthS3Input" - } - }, - "required": [ - "GroundTruthS3Input" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", - "title": "S3Uri", + "ProductId": { + "markdownDescription": "The ID of the product to provision.", + "title": "ProductId", "type": "string" - } - }, - "required": [ - "S3Uri" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput": { - "additionalProperties": false, - "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" - } - }, - "required": [ - "S3Output" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", + }, + "ProvisioningArtifactId": { + "markdownDescription": "The ID of the provisioning artifact.", + "title": "ProvisioningArtifactId", "type": "string" }, - "MonitoringOutputs": { + "ProvisioningParameters": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput" + "$ref": "#/definitions/AWS::SageMaker::Project.ProvisioningParameter" }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", + "markdownDescription": "A list of key value pairs that you specify when you provision a product.", + "title": "ProvisioningParameters", "type": "array" } }, "required": [ - "MonitoringOutputs" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources": { - "additionalProperties": false, - "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" - } - }, - "required": [ - "ClusterConfig" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig": { - "additionalProperties": false, - "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" - }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.S3Output": { - "additionalProperties": false, - "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. `LocalPath` is an absolute path for the output data.", - "title": "LocalPath", - "type": "string" - }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", - "type": "string" - }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", - "type": "string" - } - }, - "required": [ - "LocalPath", - "S3Uri" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition": { - "additionalProperties": false, - "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" - } - }, - "required": [ - "MaxRuntimeInSeconds" + "ProductId" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.VpcConfig": { + "AWS::SageMaker::Project.TemplateProviderDetail": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "CfnTemplateProviderDetail": { + "$ref": "#/definitions/AWS::SageMaker::Project.CfnTemplateProviderDetail", + "markdownDescription": "Details about a CloudFormation template provider configuration and associated provisioning information.", + "title": "CfnTemplateProviderDetail" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "CfnTemplateProviderDetail" ], "type": "object" }, - "AWS::SageMaker::ModelCard": { + "AWS::SageMaker::Space": { "additionalProperties": false, "properties": { "Condition": { @@ -248593,55 +300179,54 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.Content", - "markdownDescription": "The content of the model card. Content uses the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", - "title": "Content" - }, - "CreatedBy": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", - "markdownDescription": "Information about the user who created or modified one or more of the following:\n\n- Experiment\n- Trial\n- Trial component\n- Lineage group\n- Project\n- Model Card", - "title": "CreatedBy" + "DomainId": { + "markdownDescription": "The ID of the associated domain.", + "title": "DomainId", + "type": "string" }, - "LastModifiedBy": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", - "markdownDescription": "", - "title": "LastModifiedBy" + "OwnershipSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.OwnershipSettings", + "markdownDescription": "The collection of ownership settings for a space.", + "title": "OwnershipSettings" }, - "ModelCardName": { - "markdownDescription": "The unique name of the model card.", - "title": "ModelCardName", + "SpaceDisplayName": { + "markdownDescription": "The name of the space that appears in the Studio UI.", + "title": "SpaceDisplayName", "type": "string" }, - "ModelCardStatus": { - "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", - "title": "ModelCardStatus", + "SpaceName": { + "markdownDescription": "The name of the space.", + "title": "SpaceName", "type": "string" }, - "SecurityConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.SecurityConfig", - "markdownDescription": "The security configuration used to protect model card data.", - "title": "SecurityConfig" + "SpaceSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSettings", + "markdownDescription": "A collection of space settings.", + "title": "SpaceSettings" + }, + "SpaceSharingSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSharingSettings", + "markdownDescription": "A collection of space sharing settings.", + "title": "SpaceSharingSettings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs used to manage metadata for the model card.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "Content", - "ModelCardName", - "ModelCardStatus" + "DomainId", + "SpaceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelCard" + "AWS::SageMaker::Space" ], "type": "string" }, @@ -248660,662 +300245,434 @@ ], "type": "object" }, - "AWS::SageMaker::ModelCard.AdditionalInformation": { - "additionalProperties": false, - "properties": { - "CaveatsAndRecommendations": { - "markdownDescription": "Caveats and recommendations for those who might use this model in their applications.", - "title": "CaveatsAndRecommendations", - "type": "string" - }, - "CustomDetails": { - "additionalProperties": true, - "markdownDescription": "Any additional information to document about the model.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "CustomDetails", - "type": "object" - }, - "EthicalConsiderations": { - "markdownDescription": "Any ethical considerations documented by the model card author.", - "title": "EthicalConsiderations", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelCard.BusinessDetails": { - "additionalProperties": false, - "properties": { - "BusinessProblem": { - "markdownDescription": "The specific business problem that the model is trying to solve.", - "title": "BusinessProblem", - "type": "string" - }, - "BusinessStakeholders": { - "markdownDescription": "The relevant stakeholders for the model.", - "title": "BusinessStakeholders", - "type": "string" - }, - "LineOfBusiness": { - "markdownDescription": "The broader business need that the model is serving.", - "title": "LineOfBusiness", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelCard.Container": { - "additionalProperties": false, - "properties": { - "Image": { - "markdownDescription": "", - "title": "Image", - "type": "string" - }, - "ModelDataUrl": { - "markdownDescription": "", - "title": "ModelDataUrl", - "type": "string" - }, - "NearestModelName": { - "markdownDescription": "", - "title": "NearestModelName", - "type": "string" - } - }, - "required": [ - "Image" - ], - "type": "object" - }, - "AWS::SageMaker::ModelCard.Content": { - "additionalProperties": false, - "properties": { - "AdditionalInformation": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.AdditionalInformation", - "markdownDescription": "Additional information about the model.", - "title": "AdditionalInformation" - }, - "BusinessDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.BusinessDetails", - "markdownDescription": "Information about how the model supports business goals.", - "title": "BusinessDetails" - }, - "EvaluationDetails": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.EvaluationDetail" - }, - "markdownDescription": "An overview about the model's evaluation.", - "title": "EvaluationDetails", - "type": "array" - }, - "IntendedUses": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.IntendedUses", - "markdownDescription": "The intended usage of the model.", - "title": "IntendedUses" - }, - "ModelOverview": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelOverview", - "markdownDescription": "An overview about the model", - "title": "ModelOverview" - }, - "ModelPackageDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageDetails", - "markdownDescription": "", - "title": "ModelPackageDetails" - }, - "TrainingDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingDetails", - "markdownDescription": "An overview about model training.", - "title": "TrainingDetails" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelCard.EvaluationDetail": { + "AWS::SageMaker::Space.CodeRepository": { "additionalProperties": false, "properties": { - "Datasets": { - "items": { - "type": "string" - }, - "markdownDescription": "The location of the datasets used to evaluate the model.", - "title": "Datasets", - "type": "array" - }, - "EvaluationJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the evaluation job.", - "title": "EvaluationJobArn", - "type": "string" - }, - "EvaluationObservation": { - "markdownDescription": "Any observations made during the model evaluation.", - "title": "EvaluationObservation", - "type": "string" - }, - "Metadata": { - "additionalProperties": true, - "markdownDescription": "Additional attributes associated with the evaluation results.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Metadata", - "type": "object" - }, - "MetricGroups": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricGroup" - }, - "markdownDescription": "An evaluation Metric Group object.", - "title": "MetricGroups", - "type": "array" - }, - "Name": { - "markdownDescription": "The evaluation job name.", - "title": "Name", + "RepositoryUrl": { + "markdownDescription": "The URL of the Git repository.", + "title": "RepositoryUrl", "type": "string" } }, "required": [ - "Name" + "RepositoryUrl" ], "type": "object" }, - "AWS::SageMaker::ModelCard.Function": { + "AWS::SageMaker::Space.CustomFileSystem": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "An optional description of any conditions of your objective function metric.", - "title": "Condition", - "type": "string" + "EFSFileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.EFSFileSystem", + "markdownDescription": "A custom file system in Amazon EFS.", + "title": "EFSFileSystem" }, - "Facet": { - "markdownDescription": "The metric of the model's objective function. For example, *loss* or *rmse* . The following list shows examples of the values that you can specify for the metric:\n\n- `ACCURACY`\n- `AUC`\n- `LOSS`\n- `MAE`\n- `RMSE`", - "title": "Facet", - "type": "string" + "FSxLustreFileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.FSxLustreFileSystem", + "markdownDescription": "A custom file system in Amazon FSx for Lustre.", + "title": "FSxLustreFileSystem" }, - "Function": { - "markdownDescription": "The optimization direction of the model's objective function. You must specify one of the following values:\n\n- `Maximize`\n- `Minimize`", - "title": "Function", - "type": "string" + "S3FileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.S3FileSystem", + "markdownDescription": "A custom file system in Amazon S3. This is only supported in Amazon SageMaker Unified Studio.", + "title": "S3FileSystem" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.InferenceEnvironment": { + "AWS::SageMaker::Space.CustomImage": { "additionalProperties": false, "properties": { - "ContainerImage": { - "items": { - "type": "string" - }, - "markdownDescription": "The container used to run the inference environment.", - "title": "ContainerImage", - "type": "array" + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig.", + "title": "AppImageConfigName", + "type": "string" + }, + "ImageName": { + "markdownDescription": "The name of the CustomImage. Must be unique to your account.", + "title": "ImageName", + "type": "string" + }, + "ImageVersionNumber": { + "markdownDescription": "The version number of the CustomImage.", + "title": "ImageVersionNumber", + "type": "number" } }, + "required": [ + "AppImageConfigName", + "ImageName" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.InferenceSpecification": { + "AWS::SageMaker::Space.EFSFileSystem": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.Container" - }, - "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", - "title": "Containers", - "type": "array" + "FileSystemId": { + "markdownDescription": "The ID of your Amazon EFS file system.", + "title": "FileSystemId", + "type": "string" } }, "required": [ - "Containers" + "FileSystemId" ], "type": "object" }, - "AWS::SageMaker::ModelCard.IntendedUses": { + "AWS::SageMaker::Space.EbsStorageSettings": { "additionalProperties": false, "properties": { - "ExplanationsForRiskRating": { - "markdownDescription": "An explanation of why your organization categorizes the model with its risk rating.", - "title": "ExplanationsForRiskRating", - "type": "string" - }, - "FactorsAffectingModelEfficiency": { - "markdownDescription": "Factors affecting model efficacy.", - "title": "FactorsAffectingModelEfficiency", - "type": "string" - }, - "IntendedUses": { - "markdownDescription": "The intended use cases for the model.", - "title": "IntendedUses", - "type": "string" - }, - "PurposeOfModel": { - "markdownDescription": "The general purpose of the model.", - "title": "PurposeOfModel", - "type": "string" - }, - "RiskRating": { - "markdownDescription": "Your organization's risk rating. You can specify one the following values as the risk rating:\n\n- High\n- Medium\n- Low\n- Unknown", - "title": "RiskRating", - "type": "string" + "EbsVolumeSizeInGb": { + "markdownDescription": "The size of an EBS storage volume for a space.", + "title": "EbsVolumeSizeInGb", + "type": "number" } }, + "required": [ + "EbsVolumeSizeInGb" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.MetricDataItems": { + "AWS::SageMaker::Space.FSxLustreFileSystem": { "additionalProperties": false, "properties": { - "Name": { - "type": "string" - }, - "Notes": { - "type": "string" - }, - "Type": { + "FileSystemId": { + "markdownDescription": "Amazon FSx for Lustre file system ID.", + "title": "FileSystemId", "type": "string" - }, - "Value": { - "type": "object" - }, - "XAxisName": { - "items": { - "type": "string" - }, - "type": "array" - }, - "YAxisName": { - "items": { - "type": "string" - }, - "type": "array" } }, "required": [ - "Name", - "Type", - "Value" + "FileSystemId" ], "type": "object" }, - "AWS::SageMaker::ModelCard.MetricGroup": { + "AWS::SageMaker::Space.JupyterServerAppSettings": { "additionalProperties": false, "properties": { - "MetricData": { + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the JupyterServer app. If you use the `LifecycleConfigArns` parameter, then this parameter is also required.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricDataItems" + "type": "string" }, - "markdownDescription": "A list of metric objects. The `MetricDataItems` list can have one of the following values:\n\n- `bar_chart_metric`\n- `matrix_metric`\n- `simple_metric`\n- `linear_graph_metric`\n\nFor more information about the metric schema, see the definition section of the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", - "title": "MetricData", + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", "type": "array" - }, - "Name": { - "markdownDescription": "The metric group name.", - "title": "Name", - "type": "string" } }, - "required": [ - "MetricData", - "Name" - ], "type": "object" }, - "AWS::SageMaker::ModelCard.ModelOverview": { + "AWS::SageMaker::Space.KernelGatewayAppSettings": { "additionalProperties": false, "properties": { - "AlgorithmType": { - "markdownDescription": "The algorithm used to solve the problem.", - "title": "AlgorithmType", - "type": "string" + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Space.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", + "title": "CustomImages", + "type": "array" }, - "InferenceEnvironment": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceEnvironment", - "markdownDescription": "An overview about model inference.", - "title": "InferenceEnvironment" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", + "title": "DefaultResourceSpec" }, - "ModelArtifact": { + "LifecycleConfigArns": { "items": { "type": "string" }, - "markdownDescription": "The location of the model artifact.", - "title": "ModelArtifact", + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", "type": "array" - }, - "ModelCreator": { - "markdownDescription": "The creator of the model.", - "title": "ModelCreator", - "type": "string" - }, - "ModelDescription": { - "markdownDescription": "A description of the model.", - "title": "ModelDescription", - "type": "string" - }, - "ModelId": { - "markdownDescription": "The SageMaker AI Model ARN or non- SageMaker AI Model ID.", - "title": "ModelId", - "type": "string" - }, - "ModelName": { - "markdownDescription": "The name of the model.", - "title": "ModelName", - "type": "string" - }, - "ModelOwner": { - "markdownDescription": "The owner of the model.", - "title": "ModelOwner", - "type": "string" - }, - "ModelVersion": { - "markdownDescription": "The version of the model.", - "title": "ModelVersion", - "type": "number" - }, - "ProblemType": { - "markdownDescription": "The problem being solved with the model.", - "title": "ProblemType", - "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.ModelPackageCreator": { + "AWS::SageMaker::Space.OwnershipSettings": { "additionalProperties": false, "properties": { - "UserProfileName": { - "markdownDescription": "", - "title": "UserProfileName", + "OwnerUserProfileName": { + "markdownDescription": "The user profile who is the owner of the space.", + "title": "OwnerUserProfileName", "type": "string" } }, + "required": [ + "OwnerUserProfileName" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.ModelPackageDetails": { + "AWS::SageMaker::Space.ResourceSpec": { "additionalProperties": false, "properties": { - "ApprovalDescription": { - "markdownDescription": "", - "title": "ApprovalDescription", - "type": "string" - }, - "CreatedBy": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageCreator", - "markdownDescription": "", - "title": "CreatedBy" - }, - "Domain": { - "markdownDescription": "", - "title": "Domain", - "type": "string" - }, - "InferenceSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceSpecification", - "markdownDescription": "", - "title": "InferenceSpecification" - }, - "ModelApprovalStatus": { - "markdownDescription": "", - "title": "ModelApprovalStatus", - "type": "string" - }, - "ModelPackageArn": { - "markdownDescription": "", - "title": "ModelPackageArn", - "type": "string" - }, - "ModelPackageDescription": { - "markdownDescription": "", - "title": "ModelPackageDescription", - "type": "string" - }, - "ModelPackageGroupName": { - "markdownDescription": "", - "title": "ModelPackageGroupName", + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", "type": "string" }, - "ModelPackageName": { - "markdownDescription": "", - "title": "ModelPackageName", + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", "type": "string" }, - "ModelPackageStatus": { - "markdownDescription": "", - "title": "ModelPackageStatus", + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", "type": "string" }, - "ModelPackageVersion": { - "markdownDescription": "", - "title": "ModelPackageVersion", - "type": "number" - }, - "SourceAlgorithms": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.SourceAlgorithm" - }, - "markdownDescription": "", - "title": "SourceAlgorithms", - "type": "array" - }, - "Task": { - "markdownDescription": "", - "title": "Task", + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.ObjectiveFunction": { + "AWS::SageMaker::Space.S3FileSystem": { "additionalProperties": false, "properties": { - "Function": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.Function", - "markdownDescription": "A function object that details optimization direction, metric, and additional descriptions.", - "title": "Function" - }, - "Notes": { - "markdownDescription": "Notes about the object function, including other considerations for possible objective functions.", - "title": "Notes", + "S3Uri": { + "markdownDescription": "The Amazon S3 URI that specifies the location in S3 where files are stored, which is mounted within the Studio environment. For example: `s3:////` .", + "title": "S3Uri", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.SecurityConfig": { + "AWS::SageMaker::Space.SpaceAppLifecycleManagement": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "A AWS Key Management Service [key ID](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id) used to encrypt a model card.", - "title": "KmsKeyId", - "type": "string" + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceIdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.SourceAlgorithm": { + "AWS::SageMaker::Space.SpaceCodeEditorAppSettings": { "additionalProperties": false, "properties": { - "AlgorithmName": { - "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", - "title": "AlgorithmName", - "type": "string" + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceAppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications in a space.", + "title": "AppLifecycleManagement" }, - "ModelDataUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", - "title": "ModelDataUrl", - "type": "string" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "DefaultResourceSpec" } }, - "required": [ - "AlgorithmName" - ], "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingDetails": { + "AWS::SageMaker::Space.SpaceIdleSettings": { "additionalProperties": false, "properties": { - "ObjectiveFunction": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ObjectiveFunction", - "markdownDescription": "The function that is optimized during model training.", - "title": "ObjectiveFunction" - }, - "TrainingJobDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingJobDetails", - "markdownDescription": "Details about any associated training jobs.", - "title": "TrainingJobDetails" - }, - "TrainingObservations": { - "markdownDescription": "Any observations about training.", - "title": "TrainingObservations", - "type": "string" + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingEnvironment": { + "AWS::SageMaker::Space.SpaceJupyterLabAppSettings": { "additionalProperties": false, "properties": { - "ContainerImage": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceAppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of JupyterLab applications in a space.", + "title": "AppLifecycleManagement" + }, + "CodeRepositories": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::Space.CodeRepository" }, - "markdownDescription": "SageMaker AI inference image URI.", - "title": "ContainerImage", + "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", + "title": "CodeRepositories", "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "DefaultResourceSpec" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingHyperParameter": { + "AWS::SageMaker::Space.SpaceSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the hyper parameter.", - "title": "Name", + "AppType": { + "markdownDescription": "The type of app created within the space.\n\nIf using the [UpdateSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateSpace.html) API, you can't change the app type of your space by specifying a different value for this field.", + "title": "AppType", "type": "string" }, - "Value": { - "markdownDescription": "The value specified for the hyper parameter.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::SageMaker::ModelCard.TrainingJobDetails": { - "additionalProperties": false, - "properties": { - "HyperParameters": { + "CodeEditorAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceCodeEditorAppSettings", + "markdownDescription": "The Code Editor application settings.", + "title": "CodeEditorAppSettings" + }, + "CustomFileSystems": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" + "$ref": "#/definitions/AWS::SageMaker::Space.CustomFileSystem" }, - "markdownDescription": "The hyper parameters used in the training job.", - "title": "HyperParameters", + "markdownDescription": "A file system, created by you, that you assign to a space for an Amazon SageMaker AI Domain. Permitted users can access this file system in Amazon SageMaker AI Studio.", + "title": "CustomFileSystems", "type": "array" }, - "TrainingArn": { - "markdownDescription": "The SageMaker AI training job Amazon Resource Name (ARN)", - "title": "TrainingArn", - "type": "string" + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceJupyterLabAppSettings", + "markdownDescription": "The settings for the JupyterLab application.", + "title": "JupyterLabAppSettings" }, - "TrainingDatasets": { - "items": { - "type": "string" - }, - "markdownDescription": "The location of the datasets used to train the model.", - "title": "TrainingDatasets", - "type": "array" + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.JupyterServerAppSettings", + "markdownDescription": "The JupyterServer app settings.", + "title": "JupyterServerAppSettings" }, - "TrainingEnvironment": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingEnvironment", - "markdownDescription": "The SageMaker AI training job image URI.", - "title": "TrainingEnvironment" + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.KernelGatewayAppSettings", + "markdownDescription": "The KernelGateway app settings.", + "title": "KernelGatewayAppSettings" }, - "TrainingMetrics": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" - }, - "markdownDescription": "The SageMaker AI training job results.", - "title": "TrainingMetrics", - "type": "array" + "RemoteAccess": { + "markdownDescription": "A setting that enables or disables remote access for a SageMaker space. When enabled, this allows you to connect to the remote space from your local IDE.", + "title": "RemoteAccess", + "type": "string" }, - "UserProvidedHyperParameters": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" - }, - "markdownDescription": "Additional hyper parameters that you've specified when training the model.", - "title": "UserProvidedHyperParameters", - "type": "array" + "SpaceManagedResources": { + "markdownDescription": "If you enable this option, SageMaker AI creates the following resources on your behalf when you create the space:\n\n- The user profile that possesses the space.\n- The app that the space contains.", + "title": "SpaceManagedResources", + "type": "string" }, - "UserProvidedTrainingMetrics": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" - }, - "markdownDescription": "Custom training job results.", - "title": "UserProvidedTrainingMetrics", - "type": "array" + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceStorageSettings", + "markdownDescription": "The storage settings for a space.", + "title": "SpaceStorageSettings" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingMetric": { + "AWS::SageMaker::Space.SpaceSharingSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the result from the SageMaker AI training job.", - "title": "Name", - "type": "string" - }, - "Notes": { - "markdownDescription": "Any additional notes describing the result of the training job.", - "title": "Notes", + "SharingType": { + "markdownDescription": "Specifies the sharing type of the space.", + "title": "SharingType", "type": "string" - }, - "Value": { - "markdownDescription": "The value of a result from the SageMaker AI training job.", - "title": "Value", - "type": "number" } }, "required": [ - "Name", - "Value" + "SharingType" ], "type": "object" }, - "AWS::SageMaker::ModelCard.UserContext": { + "AWS::SageMaker::Space.SpaceStorageSettings": { "additionalProperties": false, "properties": { - "DomainId": { - "markdownDescription": "The domain associated with the user.", - "title": "DomainId", + "EbsStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.EbsStorageSettings", + "markdownDescription": "A collection of EBS storage settings for a space.", + "title": "EbsStorageSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::StudioLifecycleConfig": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "UserProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's profile.", - "title": "UserProfileArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "UserProfileName": { - "markdownDescription": "The name of the user's profile.", - "title": "UserProfileName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "StudioLifecycleConfigAppType": { + "markdownDescription": "The App type to which the Lifecycle Configuration is attached.", + "title": "StudioLifecycleConfigAppType", + "type": "string" + }, + "StudioLifecycleConfigContent": { + "markdownDescription": "", + "title": "StudioLifecycleConfigContent", + "type": "string" + }, + "StudioLifecycleConfigName": { + "markdownDescription": "The name of the Amazon SageMaker AI Studio Lifecycle Configuration.", + "title": "StudioLifecycleConfigName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "StudioLifecycleConfigAppType", + "StudioLifecycleConfigContent", + "StudioLifecycleConfigName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::StudioLifecycleConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition": { + "AWS::SageMaker::UserProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -249350,77 +300707,49 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", + "DomainId": { + "markdownDescription": "The domain ID.", + "title": "DomainId", "type": "string" }, - "JobDefinitionName": { - "markdownDescription": "The name of the model explainability job definition. The name must be unique within an AWS Region in the AWS account.", - "title": "JobDefinitionName", + "SingleSignOnUserIdentifier": { + "markdownDescription": "A specifier for the type of value specified in SingleSignOnUserValue. Currently, the only supported value is \"UserName\". If the Domain's AuthMode is IAM Identity Center , this field is required. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", + "title": "SingleSignOnUserIdentifier", "type": "string" }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" - }, - "ModelExplainabilityAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification", - "markdownDescription": "Configures the model explainability job to run a specified Docker container image.", - "title": "ModelExplainabilityAppSpecification" - }, - "ModelExplainabilityBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig", - "markdownDescription": "The baseline configuration for a model explainability job.", - "title": "ModelExplainabilityBaselineConfig" - }, - "ModelExplainabilityJobInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput", - "markdownDescription": "Inputs for the model explainability job.", - "title": "ModelExplainabilityJobInput" - }, - "ModelExplainabilityJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "ModelExplainabilityJobOutputConfig" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig", - "markdownDescription": "Networking options for a model explainability job.", - "title": "NetworkConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", + "SingleSignOnUserValue": { + "markdownDescription": "The username of the associated AWS Single Sign-On User for this UserProfile. If the Domain's AuthMode is IAM Identity Center , this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", + "title": "SingleSignOnUserValue", "type": "string" }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nTags that you specify for the User Profile are also added to all apps that the User Profile launches.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "UserProfileName": { + "markdownDescription": "The user profile name.", + "title": "UserProfileName", + "type": "string" + }, + "UserSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.UserSettings", + "markdownDescription": "A collection of settings that apply to users of Amazon SageMaker Studio.", + "title": "UserSettings" } }, "required": [ - "JobResources", - "ModelExplainabilityAppSpecification", - "ModelExplainabilityJobInput", - "ModelExplainabilityJobOutputConfig", - "RoleArn" + "DomainId", + "UserProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelExplainabilityJobDefinition" + "AWS::SageMaker::UserProfile" ], "type": "string" }, @@ -249439,387 +300768,711 @@ ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput": { + "AWS::SageMaker::UserProfile.AppLifecycleManagement": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.IdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.CodeEditorAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.AppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", "type": "string" }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", + "title": "CustomImages", + "type": "array" }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", - "type": "string" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", + "title": "DefaultResourceSpec" }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.CodeRepository": { + "additionalProperties": false, + "properties": { + "RepositoryUrl": { + "markdownDescription": "The URL of the Git repository.", + "title": "RepositoryUrl", "type": "string" + } + }, + "required": [ + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.CustomFileSystemConfig": { + "additionalProperties": false, + "properties": { + "EFSFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.EFSFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon EFS file system.", + "title": "EFSFileSystemConfig" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" + "FSxLustreFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.FSxLustreFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon FSx for Lustre file system.", + "title": "FSxLustreFileSystemConfig" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", + "S3FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.S3FileSystemConfig", + "markdownDescription": "Configuration settings for a custom Amazon S3 file system.", + "title": "S3FileSystemConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.CustomImage": { + "additionalProperties": false, + "properties": { + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig.", + "title": "AppImageConfigName", "type": "string" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "ImageName": { + "markdownDescription": "The name of the CustomImage. Must be unique to your account.", + "title": "ImageName", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "ImageVersionNumber": { + "markdownDescription": "The version number of the CustomImage.", + "title": "ImageVersionNumber", + "type": "number" } }, "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" + "AppImageConfigName", + "ImageName" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig": { + "AWS::SageMaker::UserProfile.CustomPosixUserConfig": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", + "Gid": { + "markdownDescription": "The POSIX group ID.", + "title": "Gid", "type": "number" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", - "type": "string" + "Uid": { + "markdownDescription": "The POSIX user ID.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.DefaultEbsStorageSettings": { + "additionalProperties": false, + "properties": { + "DefaultEbsVolumeSizeInGb": { + "markdownDescription": "The default size of the EBS storage volume for a space.", + "title": "DefaultEbsVolumeSizeInGb", + "type": "number" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", + "MaximumEbsVolumeSizeInGb": { + "markdownDescription": "The maximum size of the EBS storage volume for a space.", + "title": "MaximumEbsVolumeSizeInGb", + "type": "number" + } + }, + "required": [ + "DefaultEbsVolumeSizeInGb", + "MaximumEbsVolumeSizeInGb" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings": { + "additionalProperties": false, + "properties": { + "DefaultEbsStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultEbsStorageSettings", + "markdownDescription": "The default EBS storage settings for a space.", + "title": "DefaultEbsStorageSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.EFSFileSystemConfig": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The ID of your Amazon EFS file system.", + "title": "FileSystemId", "type": "string" }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", + "type": "string" } }, "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" + "FileSystemId" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource": { + "AWS::SageMaker::UserProfile.FSxLustreFileSystemConfig": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", + "FileSystemId": { + "markdownDescription": "The globally unique, 17-digit, ID of the file system, assigned by Amazon FSx for Lustre.", + "title": "FileSystemId", + "type": "string" + }, + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", "type": "string" } }, + "required": [ + "FileSystemId" + ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.Csv": { + "AWS::SageMaker::UserProfile.HiddenSageMakerImage": { "additionalProperties": false, "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" + "SageMakerImageName": { + "markdownDescription": "The SageMaker image name that you are hiding from the Studio user interface.", + "title": "SageMakerImageName", + "type": "string" + }, + "VersionAliases": { + "items": { + "type": "string" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "VersionAliases", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat": { + "AWS::SageMaker::UserProfile.IdleSettings": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Json", - "markdownDescription": "", - "title": "Json" + "LifecycleManagement": { + "markdownDescription": "Indicates whether idle shutdown is activated for the application type.", + "title": "LifecycleManagement", + "type": "string" }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" + "MaxIdleTimeoutInMinutes": { + "markdownDescription": "The maximum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MaxIdleTimeoutInMinutes", + "type": "number" + }, + "MinIdleTimeoutInMinutes": { + "markdownDescription": "The minimum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MinIdleTimeoutInMinutes", + "type": "number" } }, "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput": { + "AWS::SageMaker::UserProfile.JupyterLabAppSettings": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.AppLifecycleManagement", + "markdownDescription": "Indicates whether idle shutdown is activated for JupyterLab applications.", + "title": "AppLifecycleManagement" }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", "type": "string" }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" + "CodeRepositories": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeRepository" + }, + "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", + "title": "CodeRepositories", + "type": "array" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", + "title": "CustomImages", + "type": "array" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", + "title": "DefaultResourceSpec" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.JupyterServerAppSettings": { + "additionalProperties": false, + "properties": { + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", + "title": "DefaultResourceSpec" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, - "required": [ - "EndpointName", - "LocalPath" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.Json": { + "AWS::SageMaker::UserProfile.KernelGatewayAppSettings": { "additionalProperties": false, "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification": { + "AWS::SageMaker::UserProfile.RStudioServerProAppSettings": { "additionalProperties": false, "properties": { - "ConfigUri": { - "markdownDescription": "JSON formatted Amazon S3 file that defines explainability parameters. For more information on this JSON configuration file, see [Configure model explainability parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-model-explainability-parameters.html) .", - "title": "ConfigUri", + "AccessStatus": { + "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", + "title": "AccessStatus", "type": "string" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the Docker container.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" + "UserGroup": { + "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", + "title": "UserGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.ResourceSpec": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", + "type": "string" }, - "ImageUri": { - "markdownDescription": "The container image to be run by the model explainability job.", - "title": "ImageUri", + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" + }, + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", "type": "string" } }, - "required": [ - "ConfigUri", - "ImageUri" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig": { + "AWS::SageMaker::UserProfile.S3FileSystemConfig": { "additionalProperties": false, "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the baseline model explainability job.", - "title": "BaseliningJobName", + "MountPath": { + "markdownDescription": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "title": "MountPath", "type": "string" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a model explainability job.", - "title": "ConstraintsResource" + "S3Uri": { + "markdownDescription": "The Amazon S3 URI of the S3 file system configuration.", + "title": "S3Uri", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput": { + "AWS::SageMaker::UserProfile.SharingSettings": { "additionalProperties": false, "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" + "NotebookOutputOption": { + "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", + "title": "NotebookOutputOption", + "type": "string" }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" + "S3KmsKeyId": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", + "title": "S3KmsKeyId", + "type": "string" + }, + "S3OutputPath": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", + "title": "S3OutputPath", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput": { + "AWS::SageMaker::UserProfile.StudioWebPortalSettings": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "HiddenAppTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The [Applications supported in Studio](https://docs.aws.amazon.com/sagemaker/latest/dg/studio-updated-apps.html) that are hidden from the Studio left navigation pane.", + "title": "HiddenAppTypes", + "type": "array" + }, + "HiddenInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types you are hiding from the Studio user interface.", + "title": "HiddenInstanceTypes", + "type": "array" + }, + "HiddenMlTools": { + "items": { + "type": "string" + }, + "markdownDescription": "The machine learning tools that are hidden from the Studio left navigation pane.", + "title": "HiddenMlTools", + "type": "array" + }, + "HiddenSageMakerImageVersionAliases": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.HiddenSageMakerImage" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "HiddenSageMakerImageVersionAliases", + "type": "array" } }, - "required": [ - "S3Output" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig": { + "AWS::SageMaker::UserProfile.UserSettings": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", + "AutoMountHomeEFS": { + "markdownDescription": "Indicates whether auto-mounting of an EFS volume is supported for the user profile. The `DefaultAsDomain` value is only supported for user profiles. Do not use the `DefaultAsDomain` value when setting this parameter for a domain.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "AutoMountHomeEFS", "type": "string" }, - "MonitoringOutputs": { + "CodeEditorAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeEditorAppSettings", + "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CodeEditorAppSettings" + }, + "CustomFileSystemConfigs": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput" + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomFileSystemConfig" }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", + "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomFileSystemConfigs", + "type": "array" + }, + "CustomPosixUserConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomPosixUserConfig", + "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomPosixUserConfig" + }, + "DefaultLandingUri": { + "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", + "title": "DefaultLandingUri", + "type": "string" + }, + "ExecutionRole": { + "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "ExecutionRole", + "type": "string" + }, + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterLabAppSettings", + "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "JupyterLabAppSettings" + }, + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterServerAppSettings", + "markdownDescription": "The Jupyter server's app settings.", + "title": "JupyterServerAppSettings" + }, + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.KernelGatewayAppSettings", + "markdownDescription": "The kernel gateway app settings.", + "title": "KernelGatewayAppSettings" + }, + "RStudioServerProAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.RStudioServerProAppSettings", + "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", + "title": "RStudioServerProAppSettings" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SecurityGroups", "type": "array" + }, + "SharingSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.SharingSettings", + "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", + "title": "SharingSettings" + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings", + "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SpaceStorageSettings" + }, + "StudioWebPortal": { + "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", + "title": "StudioWebPortal", + "type": "string" + }, + "StudioWebPortalSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.StudioWebPortalSettings", + "markdownDescription": "Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level.", + "title": "StudioWebPortalSettings" } }, - "required": [ - "MonitoringOutputs" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources": { + "AWS::SageMaker::Workteam": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the work team.", + "title": "Description", + "type": "string" + }, + "MemberDefinitions": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.MemberDefinition" + }, + "markdownDescription": "A list of `MemberDefinition` objects that contains objects that identify the workers that make up the work team.\n\nWorkforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use `CognitoMemberDefinition` . For workforces created using your own OIDC identity provider (IdP) use `OidcMemberDefinition` .", + "title": "MemberDefinitions", + "type": "array" + }, + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.NotificationConfiguration", + "markdownDescription": "Configures SNS notifications of available or expiring work items for work teams.", + "title": "NotificationConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs.", + "title": "Tags", + "type": "array" + }, + "WorkforceName": { + "markdownDescription": "The name of the workforce.", + "title": "WorkforceName", + "type": "string" + }, + "WorkteamName": { + "markdownDescription": "The name of the work team.", + "title": "WorkteamName", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Workteam" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ClusterConfig" + "Type" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig": { + "AWS::SageMaker::Workteam.CognitoMemberDefinition": { "additionalProperties": false, "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" + "CognitoClientId": { + "markdownDescription": "An identifier for an application client. You must create the app client ID using Amazon Cognito .", + "title": "CognitoClientId", + "type": "string" }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "CognitoUserGroup": { + "markdownDescription": "An identifier for a user group.", + "title": "CognitoUserGroup", + "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" + "CognitoUserPool": { + "markdownDescription": "An identifier for a user pool. The user pool must be in the same region as the service that you are calling.", + "title": "CognitoUserPool", + "type": "string" } }, + "required": [ + "CognitoClientId", + "CognitoUserGroup", + "CognitoUserPool" + ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output": { + "AWS::SageMaker::Workteam.MemberDefinition": { "additionalProperties": false, "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", - "type": "string" - }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", - "type": "string" + "CognitoMemberDefinition": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.CognitoMemberDefinition", + "markdownDescription": "The Amazon Cognito user group that is part of the work team.", + "title": "CognitoMemberDefinition" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", - "type": "string" + "OidcMemberDefinition": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.OidcMemberDefinition", + "markdownDescription": "A list user groups that exist in your OIDC Identity Provider (IdP). One to ten groups can be used to create a single private work team. When you add a user group to the list of `Groups` , you can add that user group to one or more private work teams. If you add a user group to a private work team, all workers in that user group are added to the work team.", + "title": "OidcMemberDefinition" } }, - "required": [ - "LocalPath", - "S3Uri" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition": { + "AWS::SageMaker::Workteam.NotificationConfiguration": { "additionalProperties": false, "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" + "NotificationTopicArn": { + "markdownDescription": "The ARN for the Amazon SNS topic to which notifications should be published.", + "title": "NotificationTopicArn", + "type": "string" } }, "required": [ - "MaxRuntimeInSeconds" + "NotificationTopicArn" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig": { + "AWS::SageMaker::Workteam.OidcMemberDefinition": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { + "OidcGroups": { "items": { "type": "string" }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", + "markdownDescription": "", + "title": "OidcGroups", "type": "array" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "OidcGroups" ], "type": "object" }, - "AWS::SageMaker::ModelPackage": { + "AWS::Scheduler::Schedule": { "additionalProperties": false, "properties": { "Condition": { @@ -249854,147 +301507,72 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInferenceSpecifications": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" - }, - "markdownDescription": "An array of additional Inference Specification objects.", - "title": "AdditionalInferenceSpecifications", - "type": "array" - }, - "AdditionalInferenceSpecificationsToAdd": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" - }, - "markdownDescription": "An array of additional Inference Specification objects to be added to the existing array. The total number of additional Inference Specification objects cannot exceed 15. Each additional Inference Specification object specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts.", - "title": "AdditionalInferenceSpecificationsToAdd", - "type": "array" - }, - "ApprovalDescription": { - "markdownDescription": "A description provided when the model approval is set.", - "title": "ApprovalDescription", - "type": "string" - }, - "CertifyForMarketplace": { - "markdownDescription": "Whether the model package is to be certified to be listed on AWS Marketplace. For information about listing model packages on AWS Marketplace, see [List Your Algorithm or Model Package on AWS Marketplace](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-mkt-list.html) .", - "title": "CertifyForMarketplace", - "type": "boolean" - }, - "ClientToken": { - "markdownDescription": "A unique token that guarantees that the call to this API is idempotent.", - "title": "ClientToken", - "type": "string" - }, - "CustomerMetadataProperties": { - "additionalProperties": true, - "markdownDescription": "The metadata properties for the model package.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "CustomerMetadataProperties", - "type": "object" - }, - "Domain": { - "markdownDescription": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing.", - "title": "Domain", + "Description": { + "markdownDescription": "The description you specify for the schedule.", + "title": "Description", "type": "string" }, - "DriftCheckBaselines": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBaselines", - "markdownDescription": "Represents the drift check baselines that can be used when the model monitor is set using the model package.", - "title": "DriftCheckBaselines" - }, - "InferenceSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.InferenceSpecification", - "markdownDescription": "Defines how to perform inference generation after a training job is run.", - "title": "InferenceSpecification" - }, - "LastModifiedTime": { - "markdownDescription": "The last time the model package was modified.", - "title": "LastModifiedTime", + "EndDate": { + "markdownDescription": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the `EndDate` you specify.\nEventBridge Scheduler ignores `EndDate` for one-time schedules.", + "title": "EndDate", "type": "string" }, - "MetadataProperties": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetadataProperties", - "markdownDescription": "Metadata properties of the tracking entity, trial, or trial component.", - "title": "MetadataProperties" + "FlexibleTimeWindow": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.FlexibleTimeWindow", + "markdownDescription": "Allows you to configure a time window during which EventBridge Scheduler invokes the schedule.", + "title": "FlexibleTimeWindow" }, - "ModelApprovalStatus": { - "markdownDescription": "The approval status of the model. This can be one of the following values.\n\n- `APPROVED` - The model is approved\n- `REJECTED` - The model is rejected.\n- `PENDING_MANUAL_APPROVAL` - The model is waiting for manual approval.", - "title": "ModelApprovalStatus", + "GroupName": { + "markdownDescription": "The name of the schedule group associated with this schedule.", + "title": "GroupName", "type": "string" }, - "ModelMetrics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelMetrics", - "markdownDescription": "Metrics for the model.", - "title": "ModelMetrics" - }, - "ModelPackageDescription": { - "markdownDescription": "The description of the model package.", - "title": "ModelPackageDescription", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the customer managed KMS key that EventBridge Scheduler will use to encrypt and decrypt your data.", + "title": "KmsKeyArn", "type": "string" }, - "ModelPackageGroupName": { - "markdownDescription": "The model group to which the model belongs.", - "title": "ModelPackageGroupName", + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", "type": "string" }, - "ModelPackageName": { - "markdownDescription": "The name of the model package. The name can be as follows:\n\n- For a versioned model, the name is automatically generated by SageMaker Model Registry and follows the format ' `ModelPackageGroupName/ModelPackageVersion` '.\n- For an unversioned model, you must provide the name.", - "title": "ModelPackageName", + "ScheduleExpression": { + "markdownDescription": "The expression that defines when the schedule runs. The following formats are supported.\n\n- `at` expression - `at(yyyy-mm-ddThh:mm:ss)`\n- `rate` expression - `rate(value unit)`\n- `cron` expression - `cron(fields)`\n\nYou can use `at` expressions to create one-time schedules that invoke a target once, at the time and in the time zone, that you specify. You can use `rate` and `cron` expressions to create recurring schedules. Rate-based schedules are useful when you want to invoke a target at regular intervals, such as every 15 minutes or every five days. Cron-based schedules are useful when you want to invoke a target periodically at a specific time, such as at 8:00 am (UTC+0) every 1st day of the month.\n\nA `cron` expression consists of six fields separated by white spaces: `(minutes hours day_of_month month day_of_week year)` .\n\nA `rate` expression consists of a *value* as a positive integer, and a *unit* with the following options: `minute` | `minutes` | `hour` | `hours` | `day` | `days`\n\nFor more information and examples, see [Schedule types on EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html) in the *EventBridge Scheduler User Guide* .", + "title": "ScheduleExpression", "type": "string" }, - "ModelPackageStatusDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusDetails", - "markdownDescription": "Specifies the validation and image scan statuses of the model package.", - "title": "ModelPackageStatusDetails" - }, - "ModelPackageVersion": { - "markdownDescription": "The version number of a versioned model.", - "title": "ModelPackageVersion", - "type": "number" - }, - "SamplePayloadUrl": { - "markdownDescription": "The Amazon Simple Storage Service path where the sample payload are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", - "title": "SamplePayloadUrl", + "ScheduleExpressionTimezone": { + "markdownDescription": "The timezone in which the scheduling expression is evaluated.", + "title": "ScheduleExpressionTimezone", "type": "string" }, - "SkipModelValidation": { - "markdownDescription": "Indicates if you want to skip model validation.", - "title": "SkipModelValidation", + "StartDate": { + "markdownDescription": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the `StartDate` you specify.\nEventBridge Scheduler ignores `StartDate` for one-time schedules.", + "title": "StartDate", "type": "string" }, - "SourceAlgorithmSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification", - "markdownDescription": "A list of algorithms that were used to create a model package.", - "title": "SourceAlgorithmSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tags associated with the model package. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", - "title": "Tags", - "type": "array" - }, - "Task": { - "markdownDescription": "The machine learning task your model package accomplishes. Common machine learning tasks include object detection and image classification.", - "title": "Task", + "State": { + "markdownDescription": "Specifies whether the schedule is enabled or disabled.\n\n*Allowed Values* : `ENABLED` | `DISABLED`", + "title": "State", "type": "string" }, - "ValidationSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationSpecification", - "markdownDescription": "Specifies batch transform jobs that SageMaker runs to validate your model package.", - "title": "ValidationSpecification" + "Target": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.Target", + "markdownDescription": "The schedule's target details.", + "title": "Target" } }, + "required": [ + "FlexibleTimeWindow", + "ScheduleExpression", + "Target" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelPackage" + "AWS::Scheduler::Schedule" ], "type": "string" }, @@ -250008,743 +301586,956 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition": { + "AWS::Scheduler::Schedule.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "Containers": { + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", + "type": "string" + }, + "SecurityGroups": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" + "type": "string" }, - "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", - "title": "Containers", + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", "type": "array" }, - "Description": { - "markdownDescription": "A description of the additional Inference specification", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A unique name to identify the additional inference specification. The name must be unique within the list of your additional inference specifications for a particular model package.", - "title": "Name", - "type": "string" - }, - "SupportedContentTypes": { + "Subnets": { "items": { "type": "string" }, - "markdownDescription": "The supported MIME types for the input data.", - "title": "SupportedContentTypes", + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", "type": "array" + } + }, + "required": [ + "Subnets" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.CapacityProviderStrategyItem": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" }, - "SupportedRealtimeInferenceInstanceTypes": { + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", + "type": "string" + }, + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "CapacityProvider" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.DeadLetterConfig": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SQS queue specified as the destination for the dead-letter queue.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Scheduler::Schedule.EcsParameters": { + "additionalProperties": false, + "properties": { + "CapacityProviderStrategy": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Scheduler::Schedule.CapacityProviderStrategyItem" }, - "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.", - "title": "SupportedRealtimeInferenceInstanceTypes", + "markdownDescription": "The capacity provider strategy to use for the task.", + "title": "CapacityProviderStrategy", "type": "array" }, - "SupportedResponseMIMETypes": { + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon ECS Developer Guide* .", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Group": { + "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", + "type": "string" + }, + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html) in the *Amazon ECS Developer Guide* .", + "title": "LaunchType", + "type": "string" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.NetworkConfiguration", + "markdownDescription": "This structure specifies the network configuration for an ECS task.", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementConstraint" }, - "markdownDescription": "The supported MIME types for the output data.", - "title": "SupportedResponseMIMETypes", + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", "type": "array" }, - "SupportedTransformInstanceTypes": { + "PlacementStrategy": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementStrategy" }, - "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.", - "title": "SupportedTransformInstanceTypes", + "markdownDescription": "The task placement strategy for a task or service.", + "title": "PlacementStrategy", "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .", + "title": "PlatformVersion", + "type": "string" + }, + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the Amazon ECS [`TagResource`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.", + "title": "PropagateTags", + "type": "string" + }, + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "Tags": { + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. For more information, see [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) in the *Amazon ECS API Reference* .", + "title": "Tags", + "type": "object" + }, + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is `1` .", + "title": "TaskCount", + "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", + "type": "string" } }, "required": [ - "Containers", - "Name" + "TaskDefinitionArn" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.Bias": { + "AWS::Scheduler::Schedule.EventBridgeParameters": { "additionalProperties": false, "properties": { - "PostTrainingReport": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The post-training bias report for a model.", - "title": "PostTrainingReport" + "DetailType": { + "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", + "title": "DetailType", + "type": "string" }, - "PreTrainingReport": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The pre-training bias report for a model.", - "title": "PreTrainingReport" + "Source": { + "markdownDescription": "The source of the event.", + "title": "Source", + "type": "string" + } + }, + "required": [ + "DetailType", + "Source" + ], + "type": "object" + }, + "AWS::Scheduler::Schedule.FlexibleTimeWindow": { + "additionalProperties": false, + "properties": { + "MaximumWindowInMinutes": { + "markdownDescription": "The maximum time window during which a schedule can be invoked.\n\n*Minimum* : `1`\n\n*Maximum* : `1440`", + "title": "MaximumWindowInMinutes", + "type": "number" }, - "Report": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The bias report for a model", - "title": "Report" + "Mode": { + "markdownDescription": "Determines whether the schedule is invoked within a flexible time window. You must use quotation marks when you specify this value in your JSON or YAML template.\n\n*Allowed Values* : `\"OFF\"` | `\"FLEXIBLE\"`", + "title": "Mode", + "type": "string" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.DataSource": { + "AWS::Scheduler::Schedule.KinesisParameters": { "additionalProperties": false, "properties": { - "S3DataSource": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3DataSource", - "markdownDescription": "The S3 location of the data source that is associated with a channel.", - "title": "S3DataSource" + "PartitionKey": { + "markdownDescription": "Specifies the shard to which EventBridge Scheduler sends the event. For more information, see [Amazon Kinesis Data Streams terminology and concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html) in the *Amazon Kinesis Streams Developer Guide* .", + "title": "PartitionKey", + "type": "string" } }, "required": [ - "S3DataSource" + "PartitionKey" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckBaselines": { + "AWS::Scheduler::Schedule.NetworkConfiguration": { "additionalProperties": false, "properties": { - "Bias": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBias", - "markdownDescription": "Represents the drift check bias baselines that can be used when the model monitor is set using the model package.", - "title": "Bias" - }, - "Explainability": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckExplainability", - "markdownDescription": "Represents the drift check explainability baselines that can be used when the model monitor is set using the model package.", - "title": "Explainability" - }, - "ModelDataQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality", - "markdownDescription": "Represents the drift check model data quality baselines that can be used when the model monitor is set using the model package.", - "title": "ModelDataQuality" - }, - "ModelQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelQuality", - "markdownDescription": "Represents the drift check model quality baselines that can be used when the model monitor is set using the model package.", - "title": "ModelQuality" + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.AwsVpcConfiguration", + "markdownDescription": "Specifies the Amazon VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode.", + "title": "AwsvpcConfiguration" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckBias": { + "AWS::Scheduler::Schedule.PlacementConstraint": { "additionalProperties": false, "properties": { - "ConfigFile": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", - "markdownDescription": "The bias config file for a model.", - "title": "ConfigFile" - }, - "PostTrainingConstraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The post-training constraints.", - "title": "PostTrainingConstraints" + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/latest/developerguide/cluster-query-language.html) in the *Amazon ECS Developer Guide* .", + "title": "Expression", + "type": "string" }, - "PreTrainingConstraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The pre-training constraints.", - "title": "PreTrainingConstraints" + "Type": { + "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckExplainability": { + "AWS::Scheduler::Schedule.PlacementStrategy": { "additionalProperties": false, "properties": { - "ConfigFile": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", - "markdownDescription": "The explainability config file for the model.", - "title": "ConfigFile" + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are `instanceId` (or `instanceId` , which has the same effect), or any platform or custom attribute that is applied to a container instance, such as `attribute:ecs.availability-zone` . For the binpack placement strategy, valid values are `cpu` and `memory` . For the random placement strategy, this field is not used.", + "title": "Field", + "type": "string" }, - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check explainability constraints.", - "title": "Constraints" + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality": { + "AWS::Scheduler::Schedule.RetryPolicy": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model data quality constraints.", - "title": "Constraints" + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", + "title": "MaximumEventAgeInSeconds", + "type": "number" }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model data quality statistics.", - "title": "Statistics" + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts with exponential backoff continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is reached.", + "title": "MaximumRetryAttempts", + "type": "number" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckModelQuality": { + "AWS::Scheduler::Schedule.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model quality constraints.", - "title": "Constraints" + "Name": { + "markdownDescription": "Name of parameter to start execution of a SageMaker Model Building Pipeline.", + "title": "Name", + "type": "string" }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model quality statistics.", - "title": "Statistics" + "Value": { + "markdownDescription": "Value of parameter to start execution of a SageMaker Model Building Pipeline.", + "title": "Value", + "type": "string" } }, + "required": [ + "Name", + "Value" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.Explainability": { + "AWS::Scheduler::Schedule.SageMakerPipelineParameters": { "additionalProperties": false, "properties": { - "Report": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The explainability report for a model.", - "title": "Report" + "PipelineParameterList": { + "items": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameter" + }, + "markdownDescription": "List of parameter names and values to use when executing the SageMaker Model Building Pipeline.", + "title": "PipelineParameterList", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.FileSource": { + "AWS::Scheduler::Schedule.SqsParameters": { "additionalProperties": false, "properties": { - "ContentDigest": { - "markdownDescription": "The digest of the file source.", - "title": "ContentDigest", - "type": "string" - }, - "ContentType": { - "markdownDescription": "The type of content stored in the file source.", - "title": "ContentType", - "type": "string" - }, - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the file source.", - "title": "S3Uri", + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", "type": "string" } }, - "required": [ - "S3Uri" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.InferenceSpecification": { + "AWS::Scheduler::Schedule.Target": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" - }, - "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", - "title": "Containers", - "type": "array" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target.", + "title": "Arn", + "type": "string" }, - "SupportedContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The supported MIME types for the input data.", - "title": "SupportedContentTypes", - "type": "array" + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.DeadLetterConfig", + "markdownDescription": "An object that contains information about an Amazon SQS queue that EventBridge Scheduler uses as a dead-letter queue for your schedule. If specified, EventBridge Scheduler delivers failed events that could not be successfully delivered to a target to the queue.", + "title": "DeadLetterConfig" }, - "SupportedRealtimeInferenceInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.\n\nThis parameter is required for unversioned models, and optional for versioned models.", - "title": "SupportedRealtimeInferenceInstanceTypes", - "type": "array" + "EcsParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.EcsParameters", + "markdownDescription": "The templated target type for the Amazon ECS [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API operation.", + "title": "EcsParameters" }, - "SupportedResponseMIMETypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The supported MIME types for the output data.", - "title": "SupportedResponseMIMETypes", - "type": "array" + "EventBridgeParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.EventBridgeParameters", + "markdownDescription": "The templated target type for the EventBridge [`PutEvents`](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) API operation.", + "title": "EventBridgeParameters" }, - "SupportedTransformInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.\n\nThis parameter is required for unversioned models, and optional for versioned models.", - "title": "SupportedTransformInstanceTypes", - "type": "array" + "Input": { + "markdownDescription": "The text, or well-formed JSON, passed to the target. If you are configuring a templated Lambda , AWS Step Functions , or Amazon EventBridge target, the input must be a well-formed JSON. For all other target types, a JSON is not required. If you do not specify anything for this field, Amazon EventBridge Scheduler delivers a default notification to the target.", + "title": "Input", + "type": "string" + }, + "KinesisParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.KinesisParameters", + "markdownDescription": "The templated target type for the Amazon Kinesis [`PutRecord`](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html) API operation.", + "title": "KinesisParameters" + }, + "RetryPolicy": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.RetryPolicy", + "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings, including the maximum age of an event, and the maximum number of times EventBridge Scheduler will try to deliver the event to a target.", + "title": "RetryPolicy" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that EventBridge Scheduler will use for this target when the schedule is invoked.", + "title": "RoleArn", + "type": "string" + }, + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameters", + "markdownDescription": "The templated target type for the Amazon SageMaker [`StartPipelineExecution`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) API operation.", + "title": "SageMakerPipelineParameters" + }, + "SqsParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.SqsParameters", + "markdownDescription": "The templated target type for the Amazon SQS [`SendMessage`](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html) API operation. Contains the message group ID to use when the target is a FIFO queue. If you specify an Amazon SQS FIFO queue as a target, the queue must have content-based deduplication enabled. For more information, see [Using the Amazon SQS message deduplication ID](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/using-messagededuplicationid-property.html) in the *Amazon SQS Developer Guide* .", + "title": "SqsParameters" } }, "required": [ - "Containers", - "SupportedContentTypes", - "SupportedResponseMIMETypes" + "Arn", + "RoleArn" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.MetadataProperties": { + "AWS::Scheduler::ScheduleGroup": { "additionalProperties": false, "properties": { - "CommitId": { - "markdownDescription": "The commit ID.", - "title": "CommitId", + "Condition": { "type": "string" }, - "GeneratedBy": { - "markdownDescription": "The entity this entity was generated by.", - "title": "GeneratedBy", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProjectId": { - "markdownDescription": "The project ID.", - "title": "ProjectId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the schedule group.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Scheduler::ScheduleGroup" + ], "type": "string" }, - "Repository": { - "markdownDescription": "The repository.", - "title": "Repository", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.MetricsSource": { + "AWS::SecretsManager::ResourcePolicy": { "additionalProperties": false, "properties": { - "ContentDigest": { - "markdownDescription": "The hash key used for the metrics source.", - "title": "ContentDigest", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ContentType": { - "markdownDescription": "The metric source content type.", - "title": "ContentType", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether to block resource-based policies that allow broad access to the secret. By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "ResourcePolicy": { + "markdownDescription": "A JSON-formatted string for an AWS resource-based policy. For example policies, see [Permissions policy examples](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html) .", + "title": "ResourcePolicy", + "type": "object" + }, + "SecretId": { + "markdownDescription": "The ARN or name of the secret to attach the resource-based policy.\n\nFor an ARN, we recommend that you specify a complete ARN rather than a partial ARN.", + "title": "SecretId", + "type": "string" + } + }, + "required": [ + "ResourcePolicy", + "SecretId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecretsManager::ResourcePolicy" + ], "type": "string" }, - "S3Uri": { - "markdownDescription": "The S3 URI for the metrics source.", - "title": "S3Uri", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ContentType", - "S3Uri" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelDataQuality": { + "AWS::SecretsManager::RotationSchedule": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Data quality constraints for a model.", - "title": "Constraints" + "Condition": { + "type": "string" }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Data quality statistics for a model.", - "title": "Statistics" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelPackage.ModelInput": { - "additionalProperties": false, - "properties": { - "DataInputConfig": { - "markdownDescription": "The input configuration object for the model.", - "title": "DataInputConfig", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "DataInputConfig" - ], - "type": "object" - }, - "AWS::SageMaker::ModelPackage.ModelMetrics": { - "additionalProperties": false, - "properties": { - "Bias": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Bias", - "markdownDescription": "Metrics that measure bias in a model.", - "title": "Bias" }, - "Explainability": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Explainability", - "markdownDescription": "Metrics that help explain a model.", - "title": "Explainability" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ModelDataQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataQuality", - "markdownDescription": "Metrics that measure the quality of the input data for a model.", - "title": "ModelDataQuality" + "Metadata": { + "type": "object" }, - "ModelQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelQuality", - "markdownDescription": "Metrics that measure the quality of a model.", - "title": "ModelQuality" + "Properties": { + "additionalProperties": false, + "properties": { + "HostedRotationLambda": { + "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.HostedRotationLambda", + "markdownDescription": "Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) . To use a rotation function that already exists, specify `RotationLambdaARN` instead.\n\nYou must specify `Transform: AWS::SecretsManager-2024-09-16` at the beginning of the CloudFormation template. Transforms are macros hosted by AWS CloudFormation that help you create and manage complex infrastructure. The `Transform: AWS::SecretsManager-2024-09-16` transform automatically extends the CloudFormation stack to include a nested stack (of type `AWS::CloudFormation::Stack` ), which then creates and updates on your behalf during subsequent stack operations, the appropriate rotation Lambda function for your database or service. For general information on transforms, see the [AWS CloudFormation documentation.](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-reference.html)\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .", + "title": "HostedRotationLambda" + }, + "RotateImmediatelyOnUpdate": { + "markdownDescription": "Determines whether to rotate the secret immediately or wait until the next scheduled rotation window when the rotation schedule is updated. The rotation schedule is defined in `RotationRules` .\n\nThe default for `RotateImmediatelyOnUpdate` is `true` . If you don't specify this value, Secrets Manager rotates the secret immediately.\n\nIf you set `RotateImmediatelyOnUpdate` to `false` , Secrets Manager tests the rotation configuration by running the [`testSecret` step](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) of the Lambda rotation function. This test creates an `AWSPENDING` version of the secret and then removes it.\n\n> When changing an existing rotation schedule and setting `RotateImmediatelyOnUpdate` to `false` :\n> \n> - If using `AutomaticallyAfterDays` or a `ScheduleExpression` with `rate()` , the previously scheduled rotation might still occur.\n> - To prevent unintended rotations, use a `ScheduleExpression` with `cron()` for granular control over rotation windows. \n\nRotation is an asynchronous process. For more information, see [How rotation works](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) .", + "title": "RotateImmediatelyOnUpdate", + "type": "boolean" + }, + "RotationLambdaARN": { + "markdownDescription": "The ARN of an existing Lambda rotation function. To specify a rotation function that is also defined in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function.\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .\n\nTo create a new rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) , specify `HostedRotationLambda` instead.", + "title": "RotationLambdaARN", + "type": "string" + }, + "RotationRules": { + "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.RotationRules", + "markdownDescription": "A structure that defines the rotation configuration for this secret.", + "title": "RotationRules" + }, + "SecretId": { + "markdownDescription": "The ARN or name of the secret to rotate. This is unique for each rotation schedule definition.\n\nTo reference a secret also created in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID.", + "title": "SecretId", + "type": "string" + } + }, + "required": [ + "SecretId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecretsManager::RotationSchedule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition": { + "AWS::SecretsManager::RotationSchedule.HostedRotationLambda": { "additionalProperties": false, "properties": { - "ContainerHostname": { - "markdownDescription": "The DNS host name for the Docker container.", - "title": "ContainerHostname", + "ExcludeCharacters": { + "markdownDescription": "A string of the characters that you don't want in the password.", + "title": "ExcludeCharacters", "type": "string" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the `Environment` string to string map can have length of up to 1024. We support up to 16 entries in the map.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "Framework": { - "markdownDescription": "The machine learning framework of the model package container image.", - "title": "Framework", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key that Secrets Manager uses to encrypt the secret. If you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.", + "title": "KmsKeyArn", "type": "string" }, - "FrameworkVersion": { - "markdownDescription": "The framework version of the Model Package Container Image.", - "title": "FrameworkVersion", + "MasterSecretArn": { + "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", + "title": "MasterSecretArn", "type": "string" }, - "Image": { - "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where inference code is stored.\n\nIf you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .", - "title": "Image", + "MasterSecretKmsKeyArn": { + "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", + "title": "MasterSecretKmsKeyArn", "type": "string" }, - "ImageDigest": { - "markdownDescription": "An MD5 hash of the training algorithm that identifies the Docker image used for training.", - "title": "ImageDigest", + "RotationLambdaName": { + "markdownDescription": "The name of the Lambda rotation function.", + "title": "RotationLambdaName", "type": "string" }, - "ModelDataUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model package.", - "title": "ModelDataUrl", + "RotationType": { + "markdownDescription": "The rotation template to base the rotation function on, one of the following:\n\n- `Db2SingleUser` to use the template [SecretsManagerRDSDb2RotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-singleuser) .\n- `Db2MultiUser` to use the template [SecretsManagerRDSDb2RotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-multiuser) .\n- `MySQLSingleUser` to use the template [SecretsManagerRDSMySQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-singleuser) .\n- `MySQLMultiUser` to use the template [SecretsManagerRDSMySQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-multiuser) .\n- `PostgreSQLSingleUser` to use the template [SecretsManagerRDSPostgreSQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-singleuser)\n- `PostgreSQLMultiUser` to use the template [SecretsManagerRDSPostgreSQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-multiuser) .\n- `OracleSingleUser` to use the template [SecretsManagerRDSOracleRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-singleuser) .\n- `OracleMultiUser` to use the template [SecretsManagerRDSOracleRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-multiuser) .\n- `MariaDBSingleUser` to use the template [SecretsManagerRDSMariaDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-singleuser) .\n- `MariaDBMultiUser` to use the template [SecretsManagerRDSMariaDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-multiuser) .\n- `SQLServerSingleUser` to use the template [SecretsManagerRDSSQLServerRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-singleuser) .\n- `SQLServerMultiUser` to use the template [SecretsManagerRDSSQLServerRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-multiuser) .\n- `RedshiftSingleUser` to use the template [SecretsManagerRedshiftRotationSingleUsr](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-singleuser) .\n- `RedshiftMultiUser` to use the template [SecretsManagerRedshiftRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-multiuser) .\n- `MongoDBSingleUser` to use the template [SecretsManagerMongoDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-singleuser) .\n- `MongoDBMultiUser` to use the template [SecretsManagerMongoDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-multiuser) .", + "title": "RotationType", "type": "string" }, - "ModelInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelInput", - "markdownDescription": "A structure with Model Input details.", - "title": "ModelInput" - }, - "NearestModelName": { - "markdownDescription": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. You can find a list of benchmarked models by calling `ListModelMetadata` .", - "title": "NearestModelName", - "type": "string" - } - }, - "required": [ - "Image" - ], - "type": "object" - }, - "AWS::SageMaker::ModelPackage.ModelPackageStatusDetails": { - "additionalProperties": false, - "properties": { - "ValidationStatuses": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusItem" - }, - "markdownDescription": "The validation status of the model package.", - "title": "ValidationStatuses", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelPackage.ModelPackageStatusItem": { - "additionalProperties": false, - "properties": { - "FailureReason": { - "markdownDescription": "if the overall status is `Failed` , the reason for the failure.", - "title": "FailureReason", + "Runtime": { + "markdownDescription": "> Do not set this value if you are using `Transform: AWS::SecretsManager-2024-09-16` . Over time, the updated rotation lambda artifacts vended by AWS may not be compatible with the code or shared object files defined in the rotation function deployment package.\n> \n> Only define the `Runtime` key if:\n> \n> - You are using `Transform: AWS::SecretsManager-2020-07-23` .\n> - The code or shared object files defined in the rotation function deployment package are incompatible with Python 3.9. \n\nThe Python Runtime version for with the rotation function. By default, CloudFormation deploys Python 3.9 binaries for the rotation function. To use a different version of Python, you must do the following two steps:\n\n- Deploy the matching version Python binaries with your rotation function.\n- Set the version number in this field. For example, for Python 3.7, enter *python3.7* .\n\nIf you only do one of the steps, your rotation function will be incompatible with the binaries. For more information, see [Why did my Lambda rotation function fail with a \"pg module not found\" error](https://docs.aws.amazon.com/https://repost.aws/knowledge-center/secrets-manager-lambda-rotation) .", + "title": "Runtime", "type": "string" }, - "Name": { - "markdownDescription": "The name of the model package for which the overall status is being reported.", - "title": "Name", + "SuperuserSecretArn": { + "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", + "title": "SuperuserSecretArn", "type": "string" }, - "Status": { - "markdownDescription": "The current status.", - "title": "Status", + "SuperuserSecretKmsKeyArn": { + "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", + "title": "SuperuserSecretKmsKeyArn", "type": "string" - } - }, - "required": [ - "Name", - "Status" - ], - "type": "object" - }, - "AWS::SageMaker::ModelPackage.ModelQuality": { - "additionalProperties": false, - "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Model quality constraints.", - "title": "Constraints" }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Model quality statistics.", - "title": "Statistics" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelPackage.S3DataSource": { - "additionalProperties": false, - "properties": { - "S3DataType": { - "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", - "title": "S3DataType", + "VpcSecurityGroupIds": { + "markdownDescription": "A comma-separated list of security group IDs applied to the target database.\n\nThe template applies the same security groups as on the Lambda rotation function that is created as part of this stack.", + "title": "VpcSecurityGroupIds", "type": "string" }, - "S3Uri": { - "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", - "title": "S3Uri", + "VpcSubnetIds": { + "markdownDescription": "A comma separated list of VPC subnet IDs of the target database network. The Lambda rotation function is in the same subnet group.", + "title": "VpcSubnetIds", "type": "string" } }, "required": [ - "S3DataType", - "S3Uri" + "RotationType" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.SourceAlgorithm": { + "AWS::SecretsManager::RotationSchedule.RotationRules": { "additionalProperties": false, "properties": { - "AlgorithmName": { - "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", - "title": "AlgorithmName", + "AutomaticallyAfterDays": { + "markdownDescription": "The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.\n\nIn `DescribeSecret` and `ListSecrets` , this value is calculated from the rotation schedule after every successful rotation. In `RotateSecret` , you can set the rotation schedule in `RotationRules` with `AutomaticallyAfterDays` or `ScheduleExpression` , but not both.", + "title": "AutomaticallyAfterDays", + "type": "number" + }, + "Duration": { + "markdownDescription": "The length of the rotation window in hours, for example `3h` for a three hour window. Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the `ScheduleExpression` . If you don't specify a `Duration` , for a `ScheduleExpression` in hours, the window automatically closes after one hour. For a `ScheduleExpression` in days, the window automatically closes at the end of the UTC day. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* .", + "title": "Duration", "type": "string" }, - "ModelDataUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", - "title": "ModelDataUrl", + "ScheduleExpression": { + "markdownDescription": "A `cron()` or `rate()` expression that defines the schedule for rotating your secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager rotates your secret any time during a rotation window.\n\nSecrets Manager `rate()` expressions represent the interval in hours or days that you want to rotate your secret, for example `rate(12 hours)` or `rate(10 days)` . You can rotate a secret as often as every four hours. If you use a `rate()` expression, the rotation window starts at midnight. For a rate in hours, the default rotation window closes after one hour. For a rate in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.\n\nYou can use a `cron()` expression to create a rotation schedule that is more detailed than a rotation interval. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* . For a cron expression that represents a schedule in hours, the default rotation window closes after one hour. For a cron expression that represents a schedule in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.", + "title": "ScheduleExpression", "type": "string" } }, - "required": [ - "AlgorithmName" - ], - "type": "object" - }, - "AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification": { - "additionalProperties": false, - "properties": { - "SourceAlgorithms": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithm" - }, - "markdownDescription": "A list of the algorithms that were used to create a model package.", - "title": "SourceAlgorithms", - "type": "array" - } - }, - "required": [ - "SourceAlgorithms" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.TransformInput": { + "AWS::SecretsManager::Secret": { "additionalProperties": false, "properties": { - "CompressionType": { - "markdownDescription": "If your transform data is compressed, specify the compression type. Amazon SageMaker automatically decompresses the data for the transform job accordingly. The default value is `None` .", - "title": "CompressionType", + "Condition": { "type": "string" }, - "ContentType": { - "markdownDescription": "The multipurpose internet mail extension (MIME) type of the data. Amazon SageMaker uses the MIME type with each http call to transfer data to the transform job.", - "title": "ContentType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DataSource": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DataSource", - "markdownDescription": "Describes the location of the channel data, which is, the S3 location of the input data that the model can consume.", - "title": "DataSource" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SplitType": { - "markdownDescription": "The method to use to split the transform job's data files into smaller batches. Splitting is necessary when the total size of each object is too large to fit in a single request. You can also use data splitting to improve performance by processing multiple concurrent mini-batches. The default value for `SplitType` is `None` , which indicates that input data files are not split, and request payloads contain the entire contents of an input object. Set the value of this parameter to `Line` to split records on a newline character boundary. `SplitType` also supports a number of record-oriented binary data formats. Currently, the supported record formats are:\n\n- RecordIO\n- TFRecord\n\nWhen splitting is enabled, the size of a mini-batch depends on the values of the `BatchStrategy` and `MaxPayloadInMB` parameters. When the value of `BatchStrategy` is `MultiRecord` , Amazon SageMaker sends the maximum number of records in each request, up to the `MaxPayloadInMB` limit. If the value of `BatchStrategy` is `SingleRecord` , Amazon SageMaker sends individual records in each request.\n\n> Some data formats represent a record as a binary payload wrapped with extra padding bytes. When splitting is applied to a binary data format, padding is removed if the value of `BatchStrategy` is set to `SingleRecord` . Padding is not removed if the value of `BatchStrategy` is set to `MultiRecord` .\n> \n> For more information about `RecordIO` , see [Create a Dataset Using RecordIO](https://docs.aws.amazon.com/https://mxnet.apache.org/api/faq/recordio) in the MXNet documentation. For more information about `TFRecord` , see [Consuming TFRecord data](https://docs.aws.amazon.com/https://www.tensorflow.org/guide/data#consuming_tfrecord_data) in the TensorFlow documentation.", - "title": "SplitType", - "type": "string" - } - }, - "required": [ - "DataSource" - ], - "type": "object" - }, - "AWS::SageMaker::ModelPackage.TransformJobDefinition": { - "additionalProperties": false, - "properties": { - "BatchStrategy": { - "markdownDescription": "A string that determines the number of records included in a single mini-batch.\n\n`SingleRecord` means only one record is used per mini-batch. `MultiRecord` means a mini-batch is set to contain as many records that can fit within the `MaxPayloadInMB` limit.", - "title": "BatchStrategy", - "type": "string" + "Metadata": { + "type": "object" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "The environment variables to set in the Docker container. We support up to 16 key and values entries in the map.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the secret.", + "title": "Description", + "type": "string" + }, + "GenerateSecretString": { + "$ref": "#/definitions/AWS::SecretsManager::Secret.GenerateSecretString", + "markdownDescription": "A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use `SecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.\n\nWe recommend that you specify the maximum length and include every character type that the system you are generating a password for can support.", + "title": "GenerateSecretString" + }, + "KmsKeyId": { + "markdownDescription": "The ARN, key ID, or alias of the AWS KMS key that Secrets Manager uses to encrypt the secret value in the secret. An alias is always prefixed by `alias/` , for example `alias/aws/secretsmanager` . For more information, see [About aliases](https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html) .\n\nTo use a AWS KMS key in a different account, use the key ARN or the alias ARN.\n\nIf you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If that key doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.\n\nIf the secret is in a different AWS account from the credentials calling the API, then you can't use `aws/secretsmanager` to encrypt the secret, and you must create and use a customer managed AWS KMS key.", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the new secret.\n\nThe secret name can contain ASCII letters, numbers, and the following characters: /_+=.@-\n\nDo not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN.", + "title": "Name", + "type": "string" + }, + "ReplicaRegions": { + "items": { + "$ref": "#/definitions/AWS::SecretsManager::Secret.ReplicaRegion" + }, + "markdownDescription": "A custom type that specifies a `Region` and the `KmsKeyId` for a replica secret.", + "title": "ReplicaRegions", + "type": "array" + }, + "SecretString": { + "markdownDescription": "The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use `GenerateSecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.", + "title": "SecretString", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nStack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret.\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", + "title": "Tags", + "type": "array" } }, - "title": "Environment", "type": "object" }, - "MaxConcurrentTransforms": { - "markdownDescription": "The maximum number of parallel requests that can be sent to each instance in a transform job. The default value is 1.", - "title": "MaxConcurrentTransforms", - "type": "number" - }, - "MaxPayloadInMB": { - "markdownDescription": "The maximum payload size allowed, in MB. A payload is the data portion of a record (without metadata).", - "title": "MaxPayloadInMB", - "type": "number" - }, - "TransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformInput", - "markdownDescription": "A description of the input source and the way the transform job consumes it.", - "title": "TransformInput" - }, - "TransformOutput": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformOutput", - "markdownDescription": "Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the transform job.", - "title": "TransformOutput" + "Type": { + "enum": [ + "AWS::SecretsManager::Secret" + ], + "type": "string" }, - "TransformResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformResources", - "markdownDescription": "Identifies the ML compute instances for the transform job.", - "title": "TransformResources" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "TransformInput", - "TransformOutput", - "TransformResources" + "Type" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.TransformOutput": { + "AWS::SecretsManager::Secret.GenerateSecretString": { "additionalProperties": false, "properties": { - "Accept": { - "markdownDescription": "The MIME type used to specify the output data. Amazon SageMaker uses the MIME type with each http call to transfer data from the transform job.", - "title": "Accept", + "ExcludeCharacters": { + "markdownDescription": "A string of the characters that you don't want in the password.", + "title": "ExcludeCharacters", "type": "string" }, - "AssembleWith": { - "markdownDescription": "Defines how to assemble the results of the transform job as a single S3 object. Choose a format that is most convenient to you. To concatenate the results in binary format, specify `None` . To add a newline character at the end of every transformed record, specify `Line` .", - "title": "AssembleWith", - "type": "string" + "ExcludeLowercase": { + "markdownDescription": "Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters.", + "title": "ExcludeLowercase", + "type": "boolean" }, - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. The `KmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nIf you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see [KMS-Managed Encryption Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Developer Guide.*\n\nThe KMS key policy must grant permission to the IAM role that you specify in your [CreateModel](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see [Using Key Policies in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKeyId", - "type": "string" + "ExcludeNumbers": { + "markdownDescription": "Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers.", + "title": "ExcludeNumbers", + "type": "boolean" }, - "S3OutputPath": { - "markdownDescription": "The Amazon S3 path where you want Amazon SageMaker to store the results of the transform job. For example, `s3://bucket-name/key-name-prefix` .\n\nFor every S3 object used as input for the transform job, batch transform stores the transformed data with an . `out` suffix in a corresponding subfolder in the location in the output prefix. For example, for the input data stored at `s3://bucket-name/input-name-prefix/dataset01/data.csv` , batch transform stores the transformed data at `s3://bucket-name/output-name-prefix/input-name-prefix/data.csv.out` . Batch transform doesn't upload partially processed objects. For an input S3 object that contains multiple records, it creates an . `out` file only if the transform job succeeds on the entire file. When the input contains multiple S3 objects, the batch transform job processes the listed S3 objects and uploads only the output for successfully processed objects. If any object fails in the transform job batch transform marks the job as failed to prompt investigation.", - "title": "S3OutputPath", + "ExcludePunctuation": { + "markdownDescription": "Specifies whether to exclude the following punctuation characters from the password: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~` . If you don't include this switch, the password can contain punctuation.", + "title": "ExcludePunctuation", + "type": "boolean" + }, + "ExcludeUppercase": { + "markdownDescription": "Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters.", + "title": "ExcludeUppercase", + "type": "boolean" + }, + "GenerateStringKey": { + "markdownDescription": "The JSON key name for the key/value pair, where the value is the generated password. This pair is added to the JSON structure specified by the `SecretStringTemplate` parameter. If you specify this parameter, then you must also specify `SecretStringTemplate` .", + "title": "GenerateStringKey", "type": "string" - } - }, - "required": [ - "S3OutputPath" - ], - "type": "object" - }, - "AWS::SageMaker::ModelPackage.TransformResources": { - "additionalProperties": false, - "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the transform job. The default value is `1` , and the maximum is `100` . For distributed transform jobs, specify a value greater than `1` .", - "title": "InstanceCount", + }, + "IncludeSpace": { + "markdownDescription": "Specifies whether to include the space character. If you include this switch, the password can contain space characters.", + "title": "IncludeSpace", + "type": "boolean" + }, + "PasswordLength": { + "markdownDescription": "The length of the password. If you don't include this parameter, the default length is 32 characters.", + "title": "PasswordLength", "type": "number" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the transform job. If you are using built-in algorithms to transform moderately sized datasets, we recommend using ml.m4.xlarge or `ml.m5.large` instance types.", - "title": "InstanceType", - "type": "string" + "RequireEachIncludedType": { + "markdownDescription": "Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type.", + "title": "RequireEachIncludedType", + "type": "boolean" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt model data on the storage volume attached to the ML compute instance(s) that run the batch transform job.\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `VolumeKmsKeyId` when using an instance type with local storage.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) . \n\nThe `VolumeKmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`", - "title": "VolumeKmsKeyId", + "SecretStringTemplate": { + "markdownDescription": "A template that the generated string must match. When you make a change to this property, a new secret version is created.", + "title": "SecretStringTemplate", "type": "string" } }, - "required": [ - "InstanceCount", - "InstanceType" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ValidationProfile": { + "AWS::SecretsManager::Secret.ReplicaRegion": { "additionalProperties": false, "properties": { - "ProfileName": { - "markdownDescription": "The name of the profile for the model package.", - "title": "ProfileName", + "KmsKeyId": { + "markdownDescription": "The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't include this field, Secrets Manager uses `aws/secretsmanager` .", + "title": "KmsKeyId", "type": "string" }, - "TransformJobDefinition": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformJobDefinition", - "markdownDescription": "The `TransformJobDefinition` object that describes the transform job used for the validation of the model package.", - "title": "TransformJobDefinition" + "Region": { + "markdownDescription": "A string that represents a `Region` , for example \"us-east-1\".", + "title": "Region", + "type": "string" } }, "required": [ - "ProfileName", - "TransformJobDefinition" + "Region" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ValidationSpecification": { + "AWS::SecretsManager::SecretTargetAttachment": { "additionalProperties": false, "properties": { - "ValidationProfiles": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationProfile" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "SecretId": { + "markdownDescription": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition.", + "title": "SecretId", + "type": "string" + }, + "TargetId": { + "markdownDescription": "The ID of the database or cluster.", + "title": "TargetId", + "type": "string" + }, + "TargetType": { + "markdownDescription": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster", + "title": "TargetType", + "type": "string" + } }, - "markdownDescription": "An array of `ModelPackageValidationProfile` objects, each of which specifies a batch transform job that SageMaker runs to validate your model package.", - "title": "ValidationProfiles", - "type": "array" + "required": [ + "SecretId", + "TargetId", + "TargetType" + ], + "type": "object" }, - "ValidationRole": { - "markdownDescription": "The IAM roles to be used for the validation of the model package.", - "title": "ValidationRole", + "Type": { + "enum": [ + "AWS::SecretsManager::SecretTargetAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ValidationProfiles", - "ValidationRole" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::ModelPackageGroup": { + "AWS::SecurityHub::AggregatorV2": { "additionalProperties": false, "properties": { "Condition": { @@ -250779,38 +302570,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ModelPackageGroupDescription": { - "markdownDescription": "The description for the model group.", - "title": "ModelPackageGroupDescription", - "type": "string" + "LinkedRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Regions that are linked to the aggregation Region.", + "title": "LinkedRegions", + "type": "array" }, - "ModelPackageGroupName": { - "markdownDescription": "The name of the model group.", - "title": "ModelPackageGroupName", + "RegionLinkingMode": { + "markdownDescription": "Determines how Regions are linked to an Aggregator V2.", + "title": "RegionLinkingMode", "type": "string" }, - "ModelPackageGroupPolicy": { - "markdownDescription": "A resouce policy to control access to a model group. For information about resoure policies, see [Identity-based policies and resource-based policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html) in the *AWS Identity and Access Management User Guide.* .", - "title": "ModelPackageGroupPolicy", - "type": "object" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "A list of key-value pairs to be applied to the AggregatorV2.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "ModelPackageGroupName" + "LinkedRegions", + "RegionLinkingMode" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelPackageGroup" + "AWS::SecurityHub::AggregatorV2" ], "type": "string" }, @@ -250829,7 +302622,7 @@ ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition": { + "AWS::SecurityHub::AutomationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -250864,77 +302657,68 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", - "type": "string" - }, - "JobDefinitionName": { - "markdownDescription": "The name of the monitoring job definition.", - "title": "JobDefinitionName", - "type": "string" - }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesAction" + }, + "markdownDescription": "One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .", + "title": "Actions", + "type": "array" }, - "ModelQualityAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification", - "markdownDescription": "Container image configuration object for the monitoring job.", - "title": "ModelQualityAppSpecification" + "Criteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters", + "markdownDescription": "A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.", + "title": "Criteria" }, - "ModelQualityBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig", - "markdownDescription": "Specifies the constraints and baselines for the monitoring job.", - "title": "ModelQualityBaselineConfig" + "Description": { + "markdownDescription": "A description of the rule.", + "title": "Description", + "type": "string" }, - "ModelQualityJobInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput", - "markdownDescription": "A list of the inputs that are monitored. Currently endpoints are supported.", - "title": "ModelQualityJobInput" + "IsTerminal": { + "markdownDescription": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.", + "title": "IsTerminal", + "type": "boolean" }, - "ModelQualityJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "ModelQualityJobOutputConfig" + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", + "type": "string" }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig", - "markdownDescription": "Specifies the network configuration for the monitoring job.", - "title": "NetworkConfig" + "RuleOrder": { + "markdownDescription": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.", + "title": "RuleOrder", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", + "RuleStatus": { + "markdownDescription": "Whether the rule is active after it is created. If this parameter is equal to `ENABLED` , Security Hub applies the rule to findings and finding updates after the rule is created.", + "title": "RuleStatus", "type": "string" }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "User-defined tags associated with an automation rule.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "JobResources", - "ModelQualityAppSpecification", - "ModelQualityJobInput", - "ModelQualityJobOutputConfig", - "RoleArn" + "Actions", + "Criteria", + "Description", + "RuleName", + "RuleOrder" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelQualityJobDefinition" + "AWS::SecurityHub::AutomationRule" ], "type": "string" }, @@ -250953,455 +302737,559 @@ ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput": { + "AWS::SecurityHub::AutomationRule.AutomationRulesAction": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" - }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" + "FindingFieldsUpdate": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate", + "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", + "title": "FindingFieldsUpdate" }, - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", + "Type": { + "markdownDescription": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.", + "title": "Type", "type": "string" + } + }, + "required": [ + "FindingFieldsUpdate", + "Type" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate": { + "additionalProperties": false, + "properties": { + "Confidence": { + "markdownDescription": "The rule action updates the `Confidence` field of a finding.", + "title": "Confidence", + "type": "number" }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" + "Criticality": { + "markdownDescription": "The rule action updates the `Criticality` field of a finding.", + "title": "Criticality", + "type": "number" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" + "Note": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NoteUpdate", + "markdownDescription": "The rule action will update the `Note` field of a finding.", + "title": "Note" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" + "RelatedFindings": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.RelatedFinding" + }, + "markdownDescription": "The rule action will update the `RelatedFindings` field of a finding.", + "title": "RelatedFindings", + "type": "array" }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" + "Severity": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.SeverityUpdate", + "markdownDescription": "The rule action will update the `Severity` field of a finding.", + "title": "Severity" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The rule action updates the `Types` field of a finding.", + "title": "Types", + "type": "array" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "UserDefinedFields": { + "additionalProperties": true, + "markdownDescription": "The rule action updates the `UserDefinedFields` field of a finding.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserDefinedFields", + "type": "object" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", + "VerificationState": { + "markdownDescription": "The rule action updates the `VerificationState` field of a finding.", + "title": "VerificationState", "type": "string" + }, + "Workflow": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.WorkflowUpdate", + "markdownDescription": "The rule action will update the `Workflow` field of a finding.", + "title": "Workflow" } }, - "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig": { + "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" + "AwsAccountId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The AWS account ID in which a finding was generated.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "AwsAccountId", + "type": "array" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", - "type": "string" + "CompanyName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The name of the company for the product that generated the finding. For control-based findings, the company is AWS .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "CompanyName", + "type": "array" + }, + "ComplianceAssociatedStandardsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ComplianceAssociatedStandardsId", + "type": "array" + }, + "ComplianceSecurityControlId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The security control ID for which a finding was generated. Security control IDs are the same across standards.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ComplianceSecurityControlId", + "type": "array" + }, + "ComplianceStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The result of a security check. This field is only used for findings generated from controls.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ComplianceStatus", + "type": "array" + }, + "Confidence": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" + }, + "markdownDescription": "The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. `Confidence` is scored on a 0\u2013100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Confidence", + "type": "array" + }, + "CreatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when this finding record was created.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "CreatedAt", + "type": "array" + }, + "Criticality": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" + }, + "markdownDescription": "The level of importance that is assigned to the resources that are associated with a finding. `Criticality` is scored on a 0\u2013100 basis, using a ratio scale that supports only full integers. A score of `0` means that the underlying resources have no criticality, and a score of `100` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Criticality", + "type": "array" + }, + "Description": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "A finding's description.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Description", + "type": "array" + }, + "FirstObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "FirstObservedAt", + "type": "array" + }, + "GeneratorId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The identifier for the solution-specific component that generated a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "GeneratorId", + "type": "array" + }, + "Id": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The product-specific identifier for a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Id", + "type": "array" + }, + "LastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "LastObservedAt", + "type": "array" + }, + "NoteText": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The text of a user-defined note that's added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "NoteText", + "type": "array" + }, + "NoteUpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "The timestamp of when the note was updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "NoteUpdatedAt", + "type": "array" + }, + "NoteUpdatedBy": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The principal that created a note.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "NoteUpdatedBy", + "type": "array" + }, + "ProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ProductArn", + "type": "array" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", - "type": "string" + "ProductName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ProductName", + "type": "array" }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" - } - }, - "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" - ], - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.Csv": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" + "RecordState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides the current state of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "RecordState", + "type": "array" }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Json", - "markdownDescription": "", - "title": "Json" + "RelatedFindingsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "RelatedFindingsId", + "type": "array" }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.EndpointInput": { - "additionalProperties": false, - "properties": { - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" + "RelatedFindingsProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The ARN for the product that generated a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "RelatedFindingsProductArn", + "type": "array" }, - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" + "ResourceDetailsOther": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" + }, + "markdownDescription": "Custom fields and values about the resource that a finding pertains to.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourceDetailsOther", + "type": "array" }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" + "ResourceId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non- AWS resources, this is a unique identifier that is associated with the resource.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "ResourceId", + "type": "array" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" + "ResourcePartition": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions . Each AWS account is scoped to one partition.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourcePartition", + "type": "array" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" + "ResourceRegion": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The AWS Region where the resource that a finding pertains to is located.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourceRegion", + "type": "array" }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" + }, + "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourceTags", + "type": "array" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "ResourceType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "ResourceType", + "type": "array" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "SeverityLabel": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The severity value of the finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "SeverityLabel", + "type": "array" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", - "type": "string" - } - }, - "required": [ - "EndpointName", - "LocalPath" - ], - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.Json": { - "additionalProperties": false, - "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification": { - "additionalProperties": false, - "properties": { - "ContainerArguments": { + "SourceUrl": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, - "markdownDescription": "An array of arguments for the container used to run the monitoring job.", - "title": "ContainerArguments", + "markdownDescription": "Provides a URL that links to a page about the current finding in the finding product.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "SourceUrl", "type": "array" }, - "ContainerEntrypoint": { + "Title": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, - "markdownDescription": "Specifies the entrypoint for a container that the monitoring job runs.", - "title": "ContainerEntrypoint", + "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "Title", "type": "array" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Type": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, - "title": "Environment", - "type": "object" + "markdownDescription": "One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Type", + "type": "array" }, - "ImageUri": { - "markdownDescription": "The address of the container image that the monitoring job runs.", - "title": "ImageUri", - "type": "string" + "UpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the finding record was most recently updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "UpdatedAt", + "type": "array" }, - "PostAnalyticsProcessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", - "title": "PostAnalyticsProcessorSourceUri", - "type": "string" + "UserDefinedFields": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" + }, + "markdownDescription": "A list of user-defined name and value string pairs added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "UserDefinedFields", + "type": "array" }, - "ProblemType": { - "markdownDescription": "The machine learning problem type of the model that the monitoring job monitors.", - "title": "ProblemType", - "type": "string" + "VerificationState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides the veracity of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "VerificationState", + "type": "array" }, - "RecordPreprocessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", - "title": "RecordPreprocessorSourceUri", - "type": "string" + "WorkflowStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides information about the status of the investigation into a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "WorkflowStatus", + "type": "array" } }, - "required": [ - "ImageUri", - "ProblemType" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig": { + "AWS::SecurityHub::AutomationRule.DateFilter": { "additionalProperties": false, "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the job that performs baselining for the monitoring job.", - "title": "BaseliningJobName", + "DateRange": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateRange", + "markdownDescription": "A date range for the date filter.", + "title": "DateRange" + }, + "End": { + "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "End", "type": "string" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a monitoring job.", - "title": "ConstraintsResource" + "Start": { + "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "Start", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput": { + "AWS::SecurityHub::AutomationRule.DateRange": { "additionalProperties": false, "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" - }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" + "Unit": { + "markdownDescription": "A date range unit for the date filter.", + "title": "Unit", + "type": "string" }, - "GroundTruthS3Input": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input", - "markdownDescription": "The ground truth label provided for the model.", - "title": "GroundTruthS3Input" + "Value": { + "markdownDescription": "A date range value for the date filter.", + "title": "Value", + "type": "number" } }, "required": [ - "GroundTruthS3Input" + "Unit", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input": { + "AWS::SecurityHub::AutomationRule.MapFilter": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", - "title": "S3Uri", + "Comparison": { + "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Key": { + "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "title": "Value", "type": "string" } }, "required": [ - "S3Uri" + "Comparison", + "Key", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput": { + "AWS::SecurityHub::AutomationRule.NoteUpdate": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "Text": { + "markdownDescription": "The updated note text.", + "title": "Text", + "type": "string" + }, + "UpdatedBy": { + "markdownDescription": "The principal that updated the note.", + "title": "UpdatedBy", + "type": "object" } }, "required": [ - "S3Output" + "Text", + "UpdatedBy" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig": { + "AWS::SecurityHub::AutomationRule.NumberFilter": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", - "type": "string" + "Eq": { + "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", + "title": "Eq", + "type": "number" }, - "MonitoringOutputs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput" - }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", - "type": "array" + "Gte": { + "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "title": "Gte", + "type": "number" + }, + "Lte": { + "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", + "title": "Lte", + "type": "number" } }, - "required": [ - "MonitoringOutputs" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources": { + "AWS::SecurityHub::AutomationRule.RelatedFinding": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "Id": { + "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Id", + "type": "object" + }, + "ProductArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the product that generated a related finding.", + "title": "ProductArn", + "type": "string" } }, "required": [ - "ClusterConfig" + "Id", + "ProductArn" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig": { + "AWS::SecurityHub::AutomationRule.SeverityUpdate": { "additionalProperties": false, "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" + "Label": { + "markdownDescription": "The severity value of the finding. The allowed values are the following.\n\n- `INFORMATIONAL` - No issue was found.\n- `LOW` - The issue does not require action on its own.\n- `MEDIUM` - The issue must be addressed but not urgently.\n- `HIGH` - The issue must be addressed as a priority.\n- `CRITICAL` - The issue must be remediated immediately to avoid it escalating.", + "title": "Label", + "type": "string" }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "Normalized": { + "markdownDescription": "The normalized severity for the finding. This attribute is to be deprecated in favor of `Label` .\n\nIf you provide `Normalized` and don't provide `Label` , `Label` is set automatically as follows.\n\n- 0 - `INFORMATIONAL`\n- 1\u201339 - `LOW`\n- 40\u201369 - `MEDIUM`\n- 70\u201389 - `HIGH`\n- 90\u2013100 - `CRITICAL`", + "title": "Normalized", + "type": "number" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" + "Product": { + "markdownDescription": "The native severity as defined by the AWS service or integrated partner product that generated the finding.", + "title": "Product", + "type": "number" } }, "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.S3Output": { + "AWS::SecurityHub::AutomationRule.StringFilter": { "additionalProperties": false, "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", - "type": "string" - }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", + "Comparison": { + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", "type": "string" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", + "Value": { + "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", + "title": "Value", "type": "string" } }, "required": [ - "LocalPath", - "S3Uri" - ], - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition": { - "additionalProperties": false, - "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" - } - }, - "required": [ - "MaxRuntimeInSeconds" + "Comparison", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.VpcConfig": { + "AWS::SecurityHub::AutomationRule.WorkflowUpdate": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "Status": { + "markdownDescription": "The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the same issue.\n\nThe allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets `WorkFlowStatus` from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- The record state changes from `ARCHIVED` to `ACTIVE` .\n- The compliance status changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated.", + "title": "Status", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "Status" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule": { + "AWS::SecurityHub::AutomationRuleV2": { "additionalProperties": false, "properties": { "Condition": { @@ -251436,54 +303324,63 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "The name of the endpoint using the monitoring schedule.", - "title": "EndpointName", - "type": "string" - }, - "FailureReason": { - "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", - "title": "FailureReason", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.AutomationRulesActionV2" + }, + "markdownDescription": "A list of actions to be performed when the rule criteria is met.", + "title": "Actions", + "type": "array" }, - "LastMonitoringExecutionSummary": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary", - "markdownDescription": "Describes metadata on the last execution to run, if there was one.", - "title": "LastMonitoringExecutionSummary" + "Criteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.Criteria", + "markdownDescription": "The filtering type and configuration of the automation rule.", + "title": "Criteria" }, - "MonitoringScheduleConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig", - "markdownDescription": "The configuration object that specifies the monitoring schedule and defines the monitoring job.", - "title": "MonitoringScheduleConfig" + "Description": { + "markdownDescription": "A description of the V2 automation rule.", + "title": "Description", + "type": "string" }, - "MonitoringScheduleName": { - "markdownDescription": "The name of the monitoring schedule.", - "title": "MonitoringScheduleName", + "RuleName": { + "markdownDescription": "The name of the V2 automation rule.", + "title": "RuleName", "type": "string" }, - "MonitoringScheduleStatus": { - "markdownDescription": "The status of the monitoring schedule.", - "title": "MonitoringScheduleStatus", + "RuleOrder": { + "markdownDescription": "The value for the rule priority.", + "title": "RuleOrder", + "type": "number" + }, + "RuleStatus": { + "markdownDescription": "The status of the V2 automation rule.", + "title": "RuleStatus", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "A list of key-value pairs associated with the V2 automation rule.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "MonitoringScheduleConfig", - "MonitoringScheduleName" + "Actions", + "Criteria", + "Description", + "RuleName", + "RuleOrder" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::MonitoringSchedule" + "AWS::SecurityHub::AutomationRuleV2" ], "type": "string" }, @@ -251502,557 +303399,616 @@ ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.BaselineConfig": { + "AWS::SecurityHub::AutomationRuleV2.AutomationRulesActionV2": { "additionalProperties": false, "properties": { - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ConstraintsResource", - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "ConstraintsResource" + "ExternalIntegrationConfiguration": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.ExternalIntegrationConfiguration", + "markdownDescription": "The settings for integrating automation rule actions with external systems or service.", + "title": "ExternalIntegrationConfiguration" }, - "StatisticsResource": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StatisticsResource", - "markdownDescription": "The baseline statistics file in Amazon S3 that the current monitoring job should be validated against.", - "title": "StatisticsResource" + "FindingFieldsUpdate": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.AutomationRulesFindingFieldsUpdateV2", + "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", + "title": "FindingFieldsUpdate" + }, + "Type": { + "markdownDescription": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.BatchTransformInput": { + "AWS::SecurityHub::AutomationRuleV2.AutomationRulesFindingFieldsUpdateV2": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" - }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" - }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", + "Comment": { + "markdownDescription": "Notes or contextual information for findings that are modified by the automation rule.", + "title": "Comment", "type": "string" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "SeverityId": { + "markdownDescription": "The severity level to be assigned to findings that match the automation rule criteria.", + "title": "SeverityId", + "type": "number" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "StatusId": { + "markdownDescription": "The status to be applied to findings that match automation rule criteria.", + "title": "StatusId", + "type": "number" } }, - "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.ClusterConfig": { + "AWS::SecurityHub::AutomationRuleV2.BooleanFilter": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", - "type": "string" - }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", - "type": "string" - }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" + "Value": { + "markdownDescription": "The value of the boolean.", + "title": "Value", + "type": "boolean" } }, "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" + "Value" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.ConstraintsResource": { + "AWS::SecurityHub::AutomationRuleV2.CompositeFilter": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", + "BooleanFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfBooleanFilter" + }, + "markdownDescription": "Enables filtering based on boolean field values.", + "title": "BooleanFilters", + "type": "array" + }, + "DateFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfDateFilter" + }, + "markdownDescription": "Enables filtering based on date and timestamp fields.", + "title": "DateFilters", + "type": "array" + }, + "MapFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfMapFilter" + }, + "markdownDescription": "Enables the creation of filtering criteria for security findings.", + "title": "MapFilters", + "type": "array" + }, + "NumberFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfNumberFilter" + }, + "markdownDescription": "Enables filtering based on numerical field values.", + "title": "NumberFilters", + "type": "array" + }, + "Operator": { + "markdownDescription": "The logical operator used to combine multiple filter conditions.", + "title": "Operator", "type": "string" + }, + "StringFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfStringFilter" + }, + "markdownDescription": "Enables filtering based on string field values.", + "title": "StringFilters", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.Csv": { + "AWS::SecurityHub::AutomationRuleV2.Criteria": { "additionalProperties": false, "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" + "OcsfFindingCriteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfFindingFilters", + "markdownDescription": "The filtering conditions that align with OCSF standards.", + "title": "OcsfFindingCriteria" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.DatasetFormat": { + "AWS::SecurityHub::AutomationRuleV2.DateFilter": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Csv", - "markdownDescription": "", - "title": "Csv" + "DateRange": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.DateRange", + "markdownDescription": "A date range for the date filter.", + "title": "DateRange" }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Json", - "markdownDescription": "", - "title": "Json" + "End": { + "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "End", + "type": "string" }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" + "Start": { + "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "Start", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.EndpointInput": { + "AWS::SecurityHub::AutomationRuleV2.DateRange": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" - }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "Unit": { + "markdownDescription": "A date range unit for the date filter.", + "title": "Unit", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "Value": { + "markdownDescription": "A date range value for the date filter.", + "title": "Value", + "type": "number" } }, "required": [ - "EndpointName", - "LocalPath" + "Unit", + "Value" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.Json": { + "AWS::SecurityHub::AutomationRuleV2.ExternalIntegrationConfiguration": { "additionalProperties": false, "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" + "ConnectorArn": { + "markdownDescription": "The ARN of the connector that establishes the integration.", + "title": "ConnectorArn", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification": { + "AWS::SecurityHub::AutomationRuleV2.MapFilter": { "additionalProperties": false, "properties": { - "ContainerArguments": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of arguments for the container used to run the monitoring job.", - "title": "ContainerArguments", - "type": "array" - }, - "ContainerEntrypoint": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the entrypoint for a container used to run the monitoring job.", - "title": "ContainerEntrypoint", - "type": "array" - }, - "ImageUri": { - "markdownDescription": "The container image to be run by the monitoring job.", - "title": "ImageUri", + "Comparison": { + "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", "type": "string" }, - "PostAnalyticsProcessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", - "title": "PostAnalyticsProcessorSourceUri", + "Key": { + "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "title": "Key", "type": "string" }, - "RecordPreprocessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", - "title": "RecordPreprocessorSourceUri", + "Value": { + "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "title": "Value", "type": "string" } }, "required": [ - "ImageUri" + "Comparison", + "Key", + "Value" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary": { + "AWS::SecurityHub::AutomationRuleV2.NumberFilter": { "additionalProperties": false, "properties": { - "CreationTime": { - "markdownDescription": "The time at which the monitoring job was created.", - "title": "CreationTime", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint used to run the monitoring job.", - "title": "EndpointName", - "type": "string" - }, - "FailureReason": { - "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", - "title": "FailureReason", - "type": "string" - }, - "LastModifiedTime": { - "markdownDescription": "A timestamp that indicates the last time the monitoring job was modified.", - "title": "LastModifiedTime", - "type": "string" - }, - "MonitoringExecutionStatus": { - "markdownDescription": "The status of the monitoring job.", - "title": "MonitoringExecutionStatus", - "type": "string" + "Eq": { + "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", + "title": "Eq", + "type": "number" }, - "MonitoringScheduleName": { - "markdownDescription": "The name of the monitoring schedule.", - "title": "MonitoringScheduleName", - "type": "string" + "Gte": { + "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "title": "Gte", + "type": "number" }, - "ProcessingJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the monitoring job.", - "title": "ProcessingJobArn", + "Lte": { + "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", + "title": "Lte", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfBooleanFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", "type": "string" }, - "ScheduledTime": { - "markdownDescription": "The time the monitoring job was scheduled.", - "title": "ScheduledTime", - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.BooleanFilter", + "markdownDescription": "Enables filtering of security findings based on boolean field values in OCSF.", + "title": "Filter" } }, "required": [ - "CreationTime", - "LastModifiedTime", - "MonitoringExecutionStatus", - "MonitoringScheduleName", - "ScheduledTime" + "FieldName", + "Filter" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringInput": { + "AWS::SecurityHub::AutomationRuleV2.OcsfDateFilter": { "additionalProperties": false, "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.EndpointInput", - "markdownDescription": "The endpoint for a monitoring job.", - "title": "EndpointInput" + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.DateFilter", + "markdownDescription": "Enables filtering of security findings based on date and timestamp fields in OCSF.", + "title": "Filter" } }, + "required": [ + "FieldName", + "Filter" + ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition": { + "AWS::SecurityHub::AutomationRuleV2.OcsfFindingFilters": { "additionalProperties": false, "properties": { - "BaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BaselineConfig", - "markdownDescription": "Baseline configuration used to validate that the data conforms to the specified constraints and statistics", - "title": "BaselineConfig" - }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the Docker container.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "MonitoringAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification", - "markdownDescription": "Configures the monitoring job to run a specified Docker container image.", - "title": "MonitoringAppSpecification" - }, - "MonitoringInputs": { + "CompositeFilters": { "items": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringInput" + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.CompositeFilter" }, - "markdownDescription": "The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker AI Endpoint.", - "title": "MonitoringInputs", + "markdownDescription": "Enables the creation of complex filtering conditions by combining filter criteria.", + "title": "CompositeFilters", "type": "array" }, - "MonitoringOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig", - "markdownDescription": "The array of outputs from the monitoring job to be uploaded to Amazon S3.", - "title": "MonitoringOutputConfig" - }, - "MonitoringResources": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringResources", - "markdownDescription": "Identifies the resources, ML compute instances, and ML storage volumes to deploy for a monitoring job. In distributed processing, you specify more than one instance.", - "title": "MonitoringResources" + "CompositeOperator": { + "markdownDescription": "The logical operators used to combine the filtering on multiple `CompositeFilters` .", + "title": "CompositeOperator", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfMapFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.NetworkConfig", - "markdownDescription": "Specifies networking options for an monitoring job.", - "title": "NetworkConfig" + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.MapFilter", + "markdownDescription": "Enables filtering of security findings based on map field values in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfNumberFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can assume to perform tasks on your behalf.", - "title": "RoleArn", + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.NumberFilter", + "markdownDescription": "Enables filtering of security findings based on numerical field values in OCSF.", + "title": "Filter" + } + }, + "required": [ + "FieldName", + "Filter" + ], + "type": "object" + }, + "AWS::SecurityHub::AutomationRuleV2.OcsfStringFilter": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", "type": "string" }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StoppingCondition", - "markdownDescription": "Specifies a time limit for how long the monitoring job is allowed to run.", - "title": "StoppingCondition" + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.StringFilter", + "markdownDescription": "Enables filtering of security findings based on string field values in OCSF.", + "title": "Filter" } }, "required": [ - "MonitoringAppSpecification", - "MonitoringInputs", - "MonitoringOutputConfig", - "MonitoringResources", - "RoleArn" + "FieldName", + "Filter" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringOutput": { + "AWS::SecurityHub::AutomationRuleV2.StringFilter": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "Comparison": { + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Value": { + "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", + "title": "Value", + "type": "string" } }, "required": [ - "S3Output" + "Comparison", + "Value" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig": { + "AWS::SecurityHub::ConfigurationPolicy": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationPolicy": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.Policy", + "markdownDescription": "An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).", + "title": "ConfigurationPolicy" + }, + "Description": { + "markdownDescription": "The description of the configuration policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted: `-, ., !, *, /` .", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "User-defined tags associated with a configuration policy. For more information, see [Tagging AWS Security Hub resources](https://docs.aws.amazon.com/securityhub/latest/userguide/tagging-resources.html) in the *Security Hub user guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConfigurationPolicy", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::ConfigurationPolicy" + ], "type": "string" }, - "MonitoringOutputs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutput" - }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "MonitoringOutputs" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringResources": { + "AWS::SecurityHub::ConfigurationPolicy.ParameterConfiguration": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "Value": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.ParameterValue", + "markdownDescription": "The current value of a control parameter.", + "title": "Value" + }, + "ValueType": { + "markdownDescription": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.\n\nWhen `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.\n\nWhen `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty.", + "title": "ValueType", + "type": "string" } }, "required": [ - "ClusterConfig" + "ValueType" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig": { + "AWS::SecurityHub::ConfigurationPolicy.ParameterValue": { "additionalProperties": false, "properties": { - "MonitoringJobDefinition": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition", - "markdownDescription": "Defines the monitoring job.", - "title": "MonitoringJobDefinition" + "Boolean": { + "markdownDescription": "A control parameter that is a boolean.", + "title": "Boolean", + "type": "boolean" }, - "MonitoringJobDefinitionName": { - "markdownDescription": "The name of the monitoring job definition to schedule.", - "title": "MonitoringJobDefinitionName", - "type": "string" + "Double": { + "markdownDescription": "A control parameter that is a double.", + "title": "Double", + "type": "number" }, - "MonitoringType": { - "markdownDescription": "The type of the monitoring job definition to schedule.", - "title": "MonitoringType", + "Enum": { + "markdownDescription": "A control parameter that is an enum.", + "title": "Enum", "type": "string" }, - "ScheduleConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ScheduleConfig", - "markdownDescription": "Configures the monitoring schedule.", - "title": "ScheduleConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::MonitoringSchedule.NetworkConfig": { - "additionalProperties": false, - "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" + "EnumList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of enums.", + "title": "EnumList", + "type": "array" }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "Integer": { + "markdownDescription": "A control parameter that is an integer.", + "title": "Integer", + "type": "number" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Training Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html) .", - "title": "VpcConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::MonitoringSchedule.S3Output": { - "additionalProperties": false, - "properties": { - "LocalPath": { - "markdownDescription": "The local path to the S3 storage location where SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", - "type": "string" + "IntegerList": { + "items": { + "type": "number" + }, + "markdownDescription": "A control parameter that is a list of integers.", + "title": "IntegerList", + "type": "array" }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", + "String": { + "markdownDescription": "A control parameter that is a string.", + "title": "String", "type": "string" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the S3 storage location where SageMaker saves the results of a monitoring job.", - "title": "S3Uri", - "type": "string" + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of strings.", + "title": "StringList", + "type": "array" } }, - "required": [ - "LocalPath", - "S3Uri" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.ScheduleConfig": { + "AWS::SecurityHub::ConfigurationPolicy.Policy": { "additionalProperties": false, "properties": { - "DataAnalysisEndTime": { - "markdownDescription": "Sets the end time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to end the window one hour before the start of each monitoring job, you would specify: `\"-PT1H\"` .\n\nThe end time that you specify must not follow the start time that you specify by more than 24 hours. You specify the start time with the `DataAnalysisStartTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", - "title": "DataAnalysisEndTime", - "type": "string" - }, - "DataAnalysisStartTime": { - "markdownDescription": "Sets the start time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to monitor the five hours of data in your dataset that precede the start of each monitoring job, you would specify: `\"-PT5H\"` .\n\nThe start time that you specify must not precede the end time that you specify by more than 24 hours. You specify the end time with the `DataAnalysisEndTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", - "title": "DataAnalysisStartTime", - "type": "string" - }, - "ScheduleExpression": { - "markdownDescription": "A cron expression that describes details about the monitoring schedule.\n\nThe supported cron expressions are:\n\n- If you want to set the job to start every hour, use the following:\n\n`Hourly: cron(0 * ? * * *)`\n- If you want to start the job daily:\n\n`cron(0 [00-23] ? * * *)`\n- If you want to run the job one time, immediately, use the following keyword:\n\n`NOW`\n\nFor example, the following are valid cron expressions:\n\n- Daily at noon UTC: `cron(0 12 ? * * *)`\n- Daily at midnight UTC: `cron(0 0 ? * * *)`\n\nTo support running every 6, 12 hours, the following are also supported:\n\n`cron(0 [00-23]/[01-24] ? * * *)`\n\nFor example, the following are valid cron expressions:\n\n- Every 12 hours, starting at 5pm UTC: `cron(0 17/12 ? * * *)`\n- Every two hours starting at midnight: `cron(0 0/2 ? * * *)`\n\n> - Even though the cron expression is set to start at 5PM UTC, note that there could be a delay of 0-20 minutes from the actual requested time to run the execution.\n> - We recommend that if you would like a daily schedule, you do not provide this parameter. Amazon SageMaker AI will pick a time for running every day. \n\nYou can also specify the keyword `NOW` to run the monitoring job immediately, one time, without recurring.", - "title": "ScheduleExpression", - "type": "string" + "SecurityHub": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityHubPolicy", + "markdownDescription": "The AWS service that the configuration policy applies to.", + "title": "SecurityHub" } }, - "required": [ - "ScheduleExpression" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.StatisticsResource": { + "AWS::SecurityHub::ConfigurationPolicy.SecurityControlCustomParameter": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The S3 URI for the statistics resource.", - "title": "S3Uri", + "Parameters": { + "additionalProperties": false, + "markdownDescription": "An object that specifies parameter values for a control in a configuration policy.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.ParameterConfiguration" + } + }, + "title": "Parameters", + "type": "object" + }, + "SecurityControlId": { + "markdownDescription": "The ID of the security control.", + "title": "SecurityControlId", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.StoppingCondition": { + "AWS::SecurityHub::ConfigurationPolicy.SecurityControlsConfiguration": { "additionalProperties": false, "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" + "DisabledSecurityControlIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security controls that are disabled in the configuration policy.\n\nProvide only one of `EnabledSecurityControlIdentifiers` or `DisabledSecurityControlIdentifiers` .\n\nIf you provide `DisabledSecurityControlIdentifiers` , Security Hub enables all other controls not in the list, and enables [AutoEnableControls](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateSecurityHubConfiguration.html#securityhub-UpdateSecurityHubConfiguration-request-AutoEnableControls) .", + "title": "DisabledSecurityControlIdentifiers", + "type": "array" + }, + "EnabledSecurityControlIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security controls that are enabled in the configuration policy.\n\nProvide only one of `EnabledSecurityControlIdentifiers` or `DisabledSecurityControlIdentifiers` .\n\nIf you provide `EnabledSecurityControlIdentifiers` , Security Hub disables all other controls not in the list, and disables [AutoEnableControls](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateSecurityHubConfiguration.html#securityhub-UpdateSecurityHubConfiguration-request-AutoEnableControls) .", + "title": "EnabledSecurityControlIdentifiers", + "type": "array" + }, + "SecurityControlCustomParameters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityControlCustomParameter" + }, + "markdownDescription": "A list of security controls and control parameter values that are included in a configuration policy.", + "title": "SecurityControlCustomParameters", + "type": "array" } }, - "required": [ - "MaxRuntimeInSeconds" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.VpcConfig": { + "AWS::SecurityHub::ConfigurationPolicy.SecurityHubPolicy": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "EnabledStandardIdentifiers": { "items": { "type": "string" }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", + "markdownDescription": "A list that defines which security standards are enabled in the configuration policy.\n\nThis property is required only if `ServiceEnabled` is set to `true` in your configuration policy.", + "title": "EnabledStandardIdentifiers", "type": "array" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "SecurityControlsConfiguration": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityControlsConfiguration", + "markdownDescription": "An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.\n\nThis property is required only if `ServiceEnabled` is set to true in your configuration policy.", + "title": "SecurityControlsConfiguration" + }, + "ServiceEnabled": { + "markdownDescription": "Indicates whether Security Hub is enabled in the policy.", + "title": "ServiceEnabled", + "type": "boolean" } }, - "required": [ - "SecurityGroupIds", - "Subnets" - ], "type": "object" }, - "AWS::SageMaker::NotebookInstance": { + "AWS::SecurityHub::DelegatedAdmin": { "additionalProperties": false, "properties": { "Condition": { @@ -252087,108 +304043,20 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Elastic Inference (EI) instance types to associate with the notebook instance. Currently, only one instance type can be associated with a notebook instance. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .\n\n*Valid Values:* `ml.eia1.medium | ml.eia1.large | ml.eia1.xlarge | ml.eia2.medium | ml.eia2.large | ml.eia2.xlarge` .", - "title": "AcceleratorTypes", - "type": "array" - }, - "AdditionalCodeRepositories": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", - "title": "AdditionalCodeRepositories", - "type": "array" - }, - "DefaultCodeRepository": { - "markdownDescription": "The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. When you open a notebook instance, it opens in the directory that contains this repository. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", - "title": "DefaultCodeRepository", - "type": "string" - }, - "DirectInternetAccess": { - "markdownDescription": "Sets whether SageMaker AI provides internet access to the notebook instance. If you set this to `Disabled` this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker AI training and endpoint services unless you configure a NAT Gateway in your VPC.\n\nFor more information, see [Notebook Instances Are Internet-Enabled by Default](https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access) . You can set the value of this parameter to `Disabled` only if you set a value for the `SubnetId` parameter.", - "title": "DirectInternetAccess", - "type": "string" - }, - "InstanceMetadataServiceConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration", - "markdownDescription": "Information on the IMDS configuration of the notebook instance", - "title": "InstanceMetadataServiceConfiguration" - }, - "InstanceType": { - "markdownDescription": "The type of ML compute instance to launch for the notebook instance.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", - "title": "InstanceType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Key Management Service key that SageMaker AI uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see [Enabling and Disabling Keys](https://docs.aws.amazon.com/kms/latest/developerguide/enabling-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKeyId", - "type": "string" - }, - "LifecycleConfigName": { - "markdownDescription": "The name of a lifecycle configuration to associate with the notebook instance. For information about lifecycle configurations, see [Customize a Notebook Instance](https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html) in the *Amazon SageMaker Developer Guide* .", - "title": "LifecycleConfigName", - "type": "string" - }, - "NotebookInstanceName": { - "markdownDescription": "The name of the new notebook instance.", - "title": "NotebookInstanceName", - "type": "string" - }, - "PlatformIdentifier": { - "markdownDescription": "The platform identifier of the notebook instance runtime environment.", - "title": "PlatformIdentifier", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "When you send any requests to AWS resources from the notebook instance, SageMaker AI assumes this role to perform tasks on your behalf. You must grant this role necessary permissions so SageMaker AI can perform these tasks. The policy must allow the SageMaker AI service principal (sagemaker.amazonaws.com) permissions to assume this role. For more information, see [SageMaker AI Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker AI, the caller of this API must have the `iam:PassRole` permission.", - "title": "RoleArn", - "type": "string" - }, - "RootAccess": { - "markdownDescription": "Whether root access is enabled or disabled for users of the notebook instance. The default value is `Enabled` .\n\n> Lifecycle configurations need root access to be able to set up a notebook instance. Because of this, lifecycle configurations associated with a notebook instance always run with root access even if you disable root access for users.", - "title": "RootAccess", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form sg-xxxxxxxx. The security groups must be for the same VPC as specified in the subnet.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in a VPC to which you would like to have a connectivity from your ML compute instance.", - "title": "SubnetId", + "AdminAccountId": { + "markdownDescription": "The AWS account identifier of the account to designate as the Security Hub administrator account.", + "title": "AdminAccountId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .\n\nYou can add tags later by using the `CreateTags` API.", - "title": "Tags", - "type": "array" - }, - "VolumeSizeInGB": { - "markdownDescription": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", - "title": "VolumeSizeInGB", - "type": "number" } }, "required": [ - "InstanceType", - "RoleArn" + "AdminAccountId" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::NotebookInstance" + "AWS::SecurityHub::DelegatedAdmin" ], "type": "string" }, @@ -252207,21 +304075,7 @@ ], "type": "object" }, - "AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration": { - "additionalProperties": false, - "properties": { - "MinimumInstanceMetadataServiceVersion": { - "markdownDescription": "Indicates the minimum IMDS version that the notebook instance supports. When passed as part of `CreateNotebookInstance` , if no value is selected, then it defaults to IMDSv1. This means that both IMDSv1 and IMDSv2 are supported. If passed as part of `UpdateNotebookInstance` , there is no default.", - "title": "MinimumInstanceMetadataServiceVersion", - "type": "string" - } - }, - "required": [ - "MinimumInstanceMetadataServiceVersion" - ], - "type": "object" - }, - "AWS::SageMaker::NotebookInstanceLifecycleConfig": { + "AWS::SecurityHub::FindingAggregator": { "additionalProperties": false, "properties": { "Condition": { @@ -252256,33 +304110,28 @@ "Properties": { "additionalProperties": false, "properties": { - "NotebookInstanceLifecycleConfigName": { - "markdownDescription": "The name of the lifecycle configuration.", - "title": "NotebookInstanceLifecycleConfigName", + "RegionLinkingMode": { + "markdownDescription": "Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.\n\nThe selected option also determines how to use the Regions provided in the Regions list.\n\nIn AWS CloudFormation , the options for this property are as follows:\n\n- `ALL_REGIONS` - Indicates to aggregate findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.\n- `ALL_REGIONS_EXCEPT_SPECIFIED` - Indicates to aggregate findings from all of the Regions where Security Hub is enabled, except for the Regions listed in the `Regions` parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.\n- `SPECIFIED_REGIONS` - Indicates to aggregate findings only from the Regions listed in the `Regions` parameter. Security Hub does not automatically aggregate findings from new Regions.", + "title": "RegionLinkingMode", "type": "string" }, - "OnCreate": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" - }, - "markdownDescription": "A shell script that runs only once, when you create a notebook instance. The shell script must be a base64-encoded string.", - "title": "OnCreate", - "type": "array" - }, - "OnStart": { + "Regions": { "items": { - "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" + "type": "string" }, - "markdownDescription": "A shell script that runs every time you start a notebook instance, including when you create the notebook instance. The shell script must be a base64-encoded string.", - "title": "OnStart", + "markdownDescription": "If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED` , then this is a space-separated list of Regions that do not aggregate findings to the aggregation Region.\n\nIf `RegionLinkingMode` is `SPECIFIED_REGIONS` , then this is a space-separated list of Regions that do aggregate findings to the aggregation Region.", + "title": "Regions", "type": "array" } }, + "required": [ + "RegionLinkingMode" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::NotebookInstanceLifecycleConfig" + "AWS::SecurityHub::FindingAggregator" ], "type": "string" }, @@ -252296,22 +304145,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook": { - "additionalProperties": false, - "properties": { - "Content": { - "markdownDescription": "A base64-encoded string that contains a shell script for a notebook instance lifecycle configuration.", - "title": "Content", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Pipeline": { + "AWS::SecurityHub::Hub": { "additionalProperties": false, "properties": { "Condition": { @@ -252346,55 +304185,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ParallelismConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Pipeline.ParallelismConfiguration", - "markdownDescription": "The parallelism configuration applied to the pipeline.", - "title": "ParallelismConfiguration" - }, - "PipelineDefinition": { - "$ref": "#/definitions/AWS::SageMaker::Pipeline.PipelineDefinition", - "markdownDescription": "The definition of the pipeline. This can be either a JSON string or an Amazon S3 location.", - "title": "PipelineDefinition" - }, - "PipelineDescription": { - "markdownDescription": "The description of the pipeline.", - "title": "PipelineDescription", - "type": "string" - }, - "PipelineDisplayName": { - "markdownDescription": "The display name of the pipeline.", - "title": "PipelineDisplayName", - "type": "string" + "AutoEnableControls": { + "markdownDescription": "Whether to automatically enable new controls when they are added to standards that are enabled.\n\nBy default, this is set to `true` , and new controls are enabled automatically. To not automatically enable new controls, set this to `false` .\n\nWhen you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of `DISABLED` . It can take up to several days for Security Hub to process the control release and designate the control as `ENABLED` in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have `AutoEnableControls` set to `true` .", + "title": "AutoEnableControls", + "type": "boolean" }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", + "ControlFindingGenerator": { + "markdownDescription": "Specifies whether an account has consolidated control findings turned on or off. If the value for this field is set to `SECURITY_CONTROL` , Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards.\n\nIf the value for this field is set to `STANDARD_CONTROL` , Security Hub generates separate findings for a control check when the check applies to multiple enabled standards.\n\nThe value for this field in a member account matches the value in the administrator account. For accounts that aren't part of an organization, the default value of this field is `SECURITY_CONTROL` if you enabled Security Hub on or after February 23, 2023.", + "title": "ControlFindingGenerator", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to execute the pipeline.", - "title": "RoleArn", - "type": "string" + "EnableDefaultStandards": { + "markdownDescription": "Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for `EnableDefaultStandards` , it is set to `true` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set `EnableDefaultStandards` to `false` .\n\nCurrently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).", + "title": "EnableDefaultStandards", + "type": "boolean" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The tags of the pipeline.", "title": "Tags", - "type": "array" + "type": "object" } }, - "required": [ - "PipelineDefinition", - "PipelineName", - "RoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Pipeline" + "AWS::SecurityHub::Hub" ], "type": "string" }, @@ -252408,72 +304230,80 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SageMaker::Pipeline.ParallelismConfiguration": { - "additionalProperties": false, - "properties": { - "MaxParallelExecutionSteps": { - "markdownDescription": "The max number of steps that can be executed in parallel.", - "title": "MaxParallelExecutionSteps", - "type": "number" - } - }, - "required": [ - "MaxParallelExecutionSteps" + "Type" ], "type": "object" }, - "AWS::SageMaker::Pipeline.PipelineDefinition": { + "AWS::SecurityHub::HubV2": { "additionalProperties": false, "properties": { - "PipelineDefinitionBody": { - "markdownDescription": "The [JSON pipeline definition](https://docs.aws.amazon.com/https://aws-sagemaker-mlops.github.io/sagemaker-model-building-pipeline-definition-JSON-schema/) of the pipeline.", - "title": "PipelineDefinitionBody", + "Condition": { "type": "string" }, - "PipelineDefinitionS3Location": { - "$ref": "#/definitions/AWS::SageMaker::Pipeline.S3Location", - "markdownDescription": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker retrieves the pipeline definition from this location.", - "title": "PipelineDefinitionS3Location" - } - }, - "type": "object" - }, - "AWS::SageMaker::Pipeline.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket.", - "title": "Bucket", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ETag": { - "markdownDescription": "A file checksum of the pipeline definition file.", - "title": "ETag", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Key": { - "markdownDescription": "The object key (or key name) which uniquely identifies the object in an S3 bucket.", - "title": "Key", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags to add to the hub V2 resource when you enable Security Hub.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::HubV2" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version ID of the pipeline definition file. If not specified, Amazon SageMaker will retrieve the latest version.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket", - "Key" + "Type" ], "type": "object" }, - "AWS::SageMaker::Project": { + "AWS::SecurityHub::Insight": { "additionalProperties": false, "properties": { "Condition": { @@ -252508,44 +304338,32 @@ "Properties": { "additionalProperties": false, "properties": { - "ProjectDescription": { - "markdownDescription": "The description of the project.", - "title": "ProjectDescription", - "type": "string" + "Filters": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.AwsSecurityFindingFilters", + "markdownDescription": "One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters. You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.", + "title": "Filters" }, - "ProjectName": { - "markdownDescription": "The name of the project.", - "title": "ProjectName", + "GroupByAttribute": { + "markdownDescription": "The grouping attribute for the insight's findings. Indicates how to group the matching findings, and identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.", + "title": "GroupByAttribute", "type": "string" }, - "ServiceCatalogProvisionedProductDetails": { - "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails", - "markdownDescription": "Details of a provisioned service catalog product. For information about service catalog, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", - "title": "ServiceCatalogProvisionedProductDetails" - }, - "ServiceCatalogProvisioningDetails": { - "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisioningDetails", - "markdownDescription": "The product ID and provisioning artifact ID to provision a service catalog. For information, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", - "title": "ServiceCatalogProvisioningDetails" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "The name of a Security Hub insight.", + "title": "Name", + "type": "string" } }, "required": [ - "ProjectName", - "ServiceCatalogProvisioningDetails" + "Filters", + "GroupByAttribute", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Project" + "AWS::SecurityHub::Insight" ], "type": "string" }, @@ -252564,861 +304382,949 @@ ], "type": "object" }, - "AWS::SageMaker::Project.ProvisioningParameter": { + "AWS::SecurityHub::Insight.AwsSecurityFindingFilters": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that identifies a provisioning parameter.", - "title": "Key", - "type": "string" + "AwsAccountId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The AWS account ID in which a finding is generated.", + "title": "AwsAccountId", + "type": "array" + }, + "AwsAccountName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the AWS account in which a finding is generated.", + "title": "AwsAccountName", + "type": "array" + }, + "CompanyName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the findings provider (company) that owns the solution (product) that generates findings.", + "title": "CompanyName", + "type": "array" + }, + "ComplianceAssociatedStandardsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.", + "title": "ComplianceAssociatedStandardsId", + "type": "array" + }, + "ComplianceSecurityControlId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The unique identifier of a control across standards. Values for this field typically consist of an AWS service and a number, such as APIGateway.5.", + "title": "ComplianceSecurityControlId", + "type": "array" + }, + "ComplianceSecurityControlParametersName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of a security control parameter.", + "title": "ComplianceSecurityControlParametersName", + "type": "array" + }, + "ComplianceSecurityControlParametersValue": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The current value of a security control parameter.", + "title": "ComplianceSecurityControlParametersValue", + "type": "array" + }, + "ComplianceStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details.", + "title": "ComplianceStatus", + "type": "array" + }, + "Confidence": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", + "title": "Confidence", + "type": "array" + }, + "CreatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "CreatedAt", + "type": "array" + }, + "Criticality": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The level of importance assigned to the resources associated with the finding.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", + "title": "Criticality", + "type": "array" + }, + "Description": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A finding's description.", + "title": "Description", + "type": "array" + }, + "FindingProviderFieldsConfidence": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", + "title": "FindingProviderFieldsConfidence", + "type": "array" + }, + "FindingProviderFieldsCriticality": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The finding provider value for the level of importance assigned to the resources associated with the findings.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", + "title": "FindingProviderFieldsCriticality", + "type": "array" + }, + "FindingProviderFieldsRelatedFindingsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The finding identifier of a related finding that is identified by the finding provider.", + "title": "FindingProviderFieldsRelatedFindingsId", + "type": "array" + }, + "FindingProviderFieldsRelatedFindingsProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN of the solution that generated a related finding that is identified by the finding provider.", + "title": "FindingProviderFieldsRelatedFindingsProductArn", + "type": "array" + }, + "FindingProviderFieldsSeverityLabel": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The finding provider value for the severity label.", + "title": "FindingProviderFieldsSeverityLabel", + "type": "array" + }, + "FindingProviderFieldsSeverityOriginal": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The finding provider's original value for the severity.", + "title": "FindingProviderFieldsSeverityOriginal", + "type": "array" + }, + "FindingProviderFieldsTypes": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "One or more finding types that the finding provider assigned to the finding. Uses the format of `namespace/category/classifier` that classify a finding.\n\nValid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications", + "title": "FindingProviderFieldsTypes", + "type": "array" + }, + "FirstObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "FirstObservedAt", + "type": "array" + }, + "GeneratorId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.", + "title": "GeneratorId", + "type": "array" + }, + "Id": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The security findings provider-specific identifier for a finding.", + "title": "Id", + "type": "array" + }, + "LastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "LastObservedAt", + "type": "array" + }, + "MalwareName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the malware that was observed.", + "title": "MalwareName", + "type": "array" + }, + "MalwarePath": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The filesystem path of the malware that was observed.", + "title": "MalwarePath", + "type": "array" + }, + "MalwareState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The state of the malware that was observed.", + "title": "MalwareState", + "type": "array" + }, + "MalwareType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The type of the malware that was observed.", + "title": "MalwareType", + "type": "array" + }, + "NetworkDestinationDomain": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The destination domain of network-related information about a finding.", + "title": "NetworkDestinationDomain", + "type": "array" + }, + "NetworkDestinationIpV4": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The destination IPv4 address of network-related information about a finding.", + "title": "NetworkDestinationIpV4", + "type": "array" + }, + "NetworkDestinationIpV6": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The destination IPv6 address of network-related information about a finding.", + "title": "NetworkDestinationIpV6", + "type": "array" + }, + "NetworkDestinationPort": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The destination port of network-related information about a finding.", + "title": "NetworkDestinationPort", + "type": "array" + }, + "NetworkDirection": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Indicates the direction of network traffic associated with a finding.", + "title": "NetworkDirection", + "type": "array" + }, + "NetworkProtocol": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The protocol of network-related information about a finding.", + "title": "NetworkProtocol", + "type": "array" + }, + "NetworkSourceDomain": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The source domain of network-related information about a finding.", + "title": "NetworkSourceDomain", + "type": "array" + }, + "NetworkSourceIpV4": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The source IPv4 address of network-related information about a finding.", + "title": "NetworkSourceIpV4", + "type": "array" + }, + "NetworkSourceIpV6": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The source IPv6 address of network-related information about a finding.", + "title": "NetworkSourceIpV6", + "type": "array" + }, + "NetworkSourceMac": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The source media access control (MAC) address of network-related information about a finding.", + "title": "NetworkSourceMac", + "type": "array" + }, + "NetworkSourcePort": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The source port of network-related information about a finding.", + "title": "NetworkSourcePort", + "type": "array" + }, + "NoteText": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The text of a note.", + "title": "NoteText", + "type": "array" + }, + "NoteUpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "The timestamp of when the note was updated.", + "title": "NoteUpdatedAt", + "type": "array" + }, + "NoteUpdatedBy": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The principal that created a note.", + "title": "NoteUpdatedBy", + "type": "array" + }, + "ProcessLaunchedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that identifies when the process was launched.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ProcessLaunchedAt", + "type": "array" + }, + "ProcessName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the process.", + "title": "ProcessName", + "type": "array" + }, + "ProcessParentPid": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The parent process ID. This field accepts positive integers between `O` and `2147483647` .", + "title": "ProcessParentPid", + "type": "array" + }, + "ProcessPath": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The path to the process executable.", + "title": "ProcessPath", + "type": "array" + }, + "ProcessPid": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The process ID.", + "title": "ProcessPid", + "type": "array" + }, + "ProcessTerminatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that identifies when the process was terminated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ProcessTerminatedAt", + "type": "array" + }, + "ProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.", + "title": "ProductArn", + "type": "array" + }, + "ProductFields": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + }, + "markdownDescription": "A data type where security findings providers can include additional solution-specific details that aren't part of the defined `AwsSecurityFinding` format.", + "title": "ProductFields", + "type": "array" + }, + "ProductName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the solution (product) that generates findings.", + "title": "ProductName", + "type": "array" + }, + "RecommendationText": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The recommendation of what to do about the issue described in a finding.", + "title": "RecommendationText", + "type": "array" + }, + "RecordState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The updated record state for the finding.", + "title": "RecordState", + "type": "array" + }, + "Region": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The Region from which the finding was generated.", + "title": "Region", + "type": "array" + }, + "RelatedFindingsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The solution-generated identifier for a related finding.", + "title": "RelatedFindingsId", + "type": "array" + }, + "RelatedFindingsProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN of the solution that generated a related finding.", + "title": "RelatedFindingsProductArn", + "type": "array" + }, + "ResourceApplicationArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN of the application that is related to a finding.", + "title": "ResourceApplicationArn", + "type": "array" + }, + "ResourceApplicationName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the application that is related to a finding.", + "title": "ResourceApplicationName", + "type": "array" + }, + "ResourceAwsEc2InstanceIamInstanceProfileArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The IAM profile ARN of the instance.", + "title": "ResourceAwsEc2InstanceIamInstanceProfileArn", + "type": "array" + }, + "ResourceAwsEc2InstanceImageId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The Amazon Machine Image (AMI) ID of the instance.", + "title": "ResourceAwsEc2InstanceImageId", + "type": "array" + }, + "ResourceAwsEc2InstanceIpV4Addresses": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The IPv4 addresses associated with the instance.", + "title": "ResourceAwsEc2InstanceIpV4Addresses", + "type": "array" + }, + "ResourceAwsEc2InstanceIpV6Addresses": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The IPv6 addresses associated with the instance.", + "title": "ResourceAwsEc2InstanceIpV6Addresses", + "type": "array" }, - "Value": { - "markdownDescription": "The value of the provisioning parameter.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails": { - "additionalProperties": false, - "properties": { - "ProvisionedProductId": { - "markdownDescription": "The ID of the provisioned product.", - "title": "ProvisionedProductId", - "type": "string" + "ResourceAwsEc2InstanceKeyName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The key name associated with the instance.", + "title": "ResourceAwsEc2InstanceKeyName", + "type": "array" }, - "ProvisionedProductStatusMessage": { - "markdownDescription": "The current status of the product.\n\n- `AVAILABLE` - Stable state, ready to perform any operation. The most recent operation succeeded and completed.\n- `UNDER_CHANGE` - Transitive state. Operations performed might not have valid results. Wait for an AVAILABLE status before performing operations.\n- `TAINTED` - Stable state, ready to perform any operation. The stack has completed the requested operation but is not exactly what was requested. For example, a request to update to a new version failed and the stack rolled back to the current version.\n- `ERROR` - An unexpected error occurred. The provisioned product exists but the stack is not running. For example, CloudFormation received a parameter value that was not valid and could not launch the stack.\n- `PLAN_IN_PROGRESS` - Transitive state. The plan operations were performed to provision a new product, but resources have not yet been created. After reviewing the list of resources to be created, execute the plan. Wait for an AVAILABLE status before performing operations.", - "title": "ProvisionedProductStatusMessage", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Project.ServiceCatalogProvisioningDetails": { - "additionalProperties": false, - "properties": { - "PathId": { - "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path.", - "title": "PathId", - "type": "string" + "ResourceAwsEc2InstanceLaunchedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "The date and time the instance was launched.", + "title": "ResourceAwsEc2InstanceLaunchedAt", + "type": "array" }, - "ProductId": { - "markdownDescription": "The ID of the product to provision.", - "title": "ProductId", - "type": "string" + "ResourceAwsEc2InstanceSubnetId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The identifier of the subnet that the instance was launched in.", + "title": "ResourceAwsEc2InstanceSubnetId", + "type": "array" }, - "ProvisioningArtifactId": { - "markdownDescription": "The ID of the provisioning artifact.", - "title": "ProvisioningArtifactId", - "type": "string" + "ResourceAwsEc2InstanceType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The instance type of the instance.", + "title": "ResourceAwsEc2InstanceType", + "type": "array" }, - "ProvisioningParameters": { + "ResourceAwsEc2InstanceVpcId": { "items": { - "$ref": "#/definitions/AWS::SageMaker::Project.ProvisioningParameter" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "A list of key value pairs that you specify when you provision a product.", - "title": "ProvisioningParameters", + "markdownDescription": "The identifier of the VPC that the instance was launched in.", + "title": "ResourceAwsEc2InstanceVpcId", "type": "array" - } - }, - "required": [ - "ProductId" - ], - "type": "object" - }, - "AWS::SageMaker::Space": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ResourceAwsIamAccessKeyCreatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "The creation date/time of the IAM access key related to a finding.", + "title": "ResourceAwsIamAccessKeyCreatedAt", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ResourceAwsIamAccessKeyPrincipalName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the principal that is associated with an IAM access key.", + "title": "ResourceAwsIamAccessKeyPrincipalName", + "type": "array" }, - "Metadata": { - "type": "object" + "ResourceAwsIamAccessKeyStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The status of the IAM access key related to a finding.", + "title": "ResourceAwsIamAccessKeyStatus", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainId": { - "markdownDescription": "The ID of the associated domain.", - "title": "DomainId", - "type": "string" - }, - "OwnershipSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.OwnershipSettings", - "markdownDescription": "The collection of ownership settings for a space.", - "title": "OwnershipSettings" - }, - "SpaceDisplayName": { - "markdownDescription": "The name of the space that appears in the Studio UI.", - "title": "SpaceDisplayName", - "type": "string" - }, - "SpaceName": { - "markdownDescription": "The name of the space.", - "title": "SpaceName", - "type": "string" - }, - "SpaceSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSettings", - "markdownDescription": "A collection of space settings.", - "title": "SpaceSettings" - }, - "SpaceSharingSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSharingSettings", - "markdownDescription": "A collection of space sharing settings.", - "title": "SpaceSharingSettings" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "ResourceAwsIamUserUserName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "required": [ - "DomainId", - "SpaceName" - ], - "type": "object" + "markdownDescription": "The name of an IAM user.", + "title": "ResourceAwsIamUserUserName", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SageMaker::Space" - ], - "type": "string" + "ResourceAwsS3BucketOwnerId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The canonical user ID of the owner of the S3 bucket.", + "title": "ResourceAwsS3BucketOwnerId", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SageMaker::Space.CodeRepository": { - "additionalProperties": false, - "properties": { - "RepositoryUrl": { - "markdownDescription": "The URL of the Git repository.", - "title": "RepositoryUrl", - "type": "string" - } - }, - "required": [ - "RepositoryUrl" - ], - "type": "object" - }, - "AWS::SageMaker::Space.CustomFileSystem": { - "additionalProperties": false, - "properties": { - "EFSFileSystem": { - "$ref": "#/definitions/AWS::SageMaker::Space.EFSFileSystem", - "markdownDescription": "A custom file system in Amazon EFS.", - "title": "EFSFileSystem" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.CustomImage": { - "additionalProperties": false, - "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig.", - "title": "AppImageConfigName", - "type": "string" + "ResourceAwsS3BucketOwnerName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The display name of the owner of the S3 bucket.", + "title": "ResourceAwsS3BucketOwnerName", + "type": "array" }, - "ImageName": { - "markdownDescription": "The name of the CustomImage. Must be unique to your account.", - "title": "ImageName", - "type": "string" + "ResourceContainerImageId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The identifier of the image related to a finding.", + "title": "ResourceContainerImageId", + "type": "array" }, - "ImageVersionNumber": { - "markdownDescription": "The version number of the CustomImage.", - "title": "ImageVersionNumber", - "type": "number" - } - }, - "required": [ - "AppImageConfigName", - "ImageName" - ], - "type": "object" - }, - "AWS::SageMaker::Space.EFSFileSystem": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "markdownDescription": "The ID of your Amazon EFS file system.", - "title": "FileSystemId", - "type": "string" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, - "AWS::SageMaker::Space.EbsStorageSettings": { - "additionalProperties": false, - "properties": { - "EbsVolumeSizeInGb": { - "markdownDescription": "The size of an EBS storage volume for a space.", - "title": "EbsVolumeSizeInGb", - "type": "number" - } - }, - "required": [ - "EbsVolumeSizeInGb" - ], - "type": "object" - }, - "AWS::SageMaker::Space.JupyterServerAppSettings": { - "additionalProperties": false, - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the JupyterServer app. If you use the `LifecycleConfigArns` parameter, then this parameter is also required.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.KernelGatewayAppSettings": { - "additionalProperties": false, - "properties": { - "CustomImages": { + "ResourceContainerImageName": { "items": { - "$ref": "#/definitions/AWS::SageMaker::Space.CustomImage" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", - "title": "CustomImages", + "markdownDescription": "The name of the image related to a finding.", + "title": "ResourceContainerImageName", "type": "array" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.OwnershipSettings": { - "additionalProperties": false, - "properties": { - "OwnerUserProfileName": { - "markdownDescription": "The user profile who is the owner of the space.", - "title": "OwnerUserProfileName", - "type": "string" - } - }, - "required": [ - "OwnerUserProfileName" - ], - "type": "object" - }, - "AWS::SageMaker::Space.ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", - "type": "string" + "ResourceContainerLaunchedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that identifies when the container was started.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ResourceContainerLaunchedAt", + "type": "array" }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", - "type": "string" + "ResourceContainerName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the container related to a finding.", + "title": "ResourceContainerName", + "type": "array" }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.SpaceCodeEditorAppSettings": { - "additionalProperties": false, - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.SpaceJupyterLabAppSettings": { - "additionalProperties": false, - "properties": { - "CodeRepositories": { + "ResourceDetailsOther": { "items": { - "$ref": "#/definitions/AWS::SageMaker::Space.CodeRepository" + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" }, - "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", - "title": "CodeRepositories", + "markdownDescription": "The details of a resource that doesn't have a specific subfield for the resource type defined.", + "title": "ResourceDetailsOther", "type": "array" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.SpaceSettings": { - "additionalProperties": false, - "properties": { - "AppType": { - "markdownDescription": "The type of app created within the space.\n\nIf using the [UpdateSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateSpace.html) API, you can't change the app type of your space by specifying a different value for this field.", - "title": "AppType", - "type": "string" + "ResourceId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The canonical identifier for the given resource type.", + "title": "ResourceId", + "type": "array" }, - "CodeEditorAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceCodeEditorAppSettings", - "markdownDescription": "The Code Editor application settings.", - "title": "CodeEditorAppSettings" + "ResourcePartition": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The canonical AWS partition name that the Region is assigned to.", + "title": "ResourcePartition", + "type": "array" }, - "CustomFileSystems": { + "ResourceRegion": { "items": { - "$ref": "#/definitions/AWS::SageMaker::Space.CustomFileSystem" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "A file system, created by you, that you assign to a space for an Amazon SageMaker AI Domain. Permitted users can access this file system in Amazon SageMaker AI Studio.", - "title": "CustomFileSystems", + "markdownDescription": "The canonical AWS external Region name where this resource is located.", + "title": "ResourceRegion", "type": "array" }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceJupyterLabAppSettings", - "markdownDescription": "The settings for the JupyterLab application.", - "title": "JupyterLabAppSettings" + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + }, + "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.", + "title": "ResourceTags", + "type": "array" }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.JupyterServerAppSettings", - "markdownDescription": "The JupyterServer app settings.", - "title": "JupyterServerAppSettings" + "ResourceType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Specifies the type of the resource that details are provided for.", + "title": "ResourceType", + "type": "array" }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.KernelGatewayAppSettings", - "markdownDescription": "The KernelGateway app settings.", - "title": "KernelGatewayAppSettings" + "Sample": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.BooleanFilter" + }, + "markdownDescription": "Indicates whether or not sample findings are included in the filter results.", + "title": "Sample", + "type": "array" }, - "SpaceStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceStorageSettings", - "markdownDescription": "The storage settings for a space.", - "title": "SpaceStorageSettings" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.SpaceSharingSettings": { - "additionalProperties": false, - "properties": { - "SharingType": { - "markdownDescription": "Specifies the sharing type of the space.", - "title": "SharingType", - "type": "string" - } - }, - "required": [ - "SharingType" - ], - "type": "object" - }, - "AWS::SageMaker::Space.SpaceStorageSettings": { - "additionalProperties": false, - "properties": { - "EbsStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.EbsStorageSettings", - "markdownDescription": "A collection of EBS storage settings for a space.", - "title": "EbsStorageSettings" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "SeverityLabel": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The label of a finding's severity.", + "title": "SeverityLabel", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SourceUrl": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A URL that links to a page about the current finding in the security findings provider's solution.", + "title": "SourceUrl", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ThreatIntelIndicatorCategory": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The category of a threat intelligence indicator.", + "title": "ThreatIntelIndicatorCategory", + "type": "array" }, - "Metadata": { - "type": "object" + "ThreatIntelIndicatorLastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that identifies the last observation of a threat intelligence indicator.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ThreatIntelIndicatorLastObservedAt", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainId": { - "markdownDescription": "The domain ID.", - "title": "DomainId", - "type": "string" - }, - "SingleSignOnUserIdentifier": { - "markdownDescription": "A specifier for the type of value specified in SingleSignOnUserValue. Currently, the only supported value is \"UserName\". If the Domain's AuthMode is IAM Identity Center , this field is required. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", - "title": "SingleSignOnUserIdentifier", - "type": "string" - }, - "SingleSignOnUserValue": { - "markdownDescription": "The username of the associated AWS Single Sign-On User for this UserProfile. If the Domain's AuthMode is IAM Identity Center , this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", - "title": "SingleSignOnUserValue", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nTags that you specify for the User Profile are also added to all apps that the User Profile launches.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "UserProfileName": { - "markdownDescription": "The user profile name.", - "title": "UserProfileName", - "type": "string" - }, - "UserSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.UserSettings", - "markdownDescription": "A collection of settings that apply to users of Amazon SageMaker Studio.", - "title": "UserSettings" - } + "ThreatIntelIndicatorSource": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "required": [ - "DomainId", - "UserProfileName" - ], - "type": "object" + "markdownDescription": "The source of the threat intelligence.", + "title": "ThreatIntelIndicatorSource", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SageMaker::UserProfile" - ], - "type": "string" + "ThreatIntelIndicatorSourceUrl": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The URL for more details from the source of the threat intelligence.", + "title": "ThreatIntelIndicatorSourceUrl", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.CodeEditorAppSettings": { - "additionalProperties": false, - "properties": { - "CustomImages": { + "ThreatIntelIndicatorType": { "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", - "title": "CustomImages", + "markdownDescription": "The type of a threat intelligence indicator.", + "title": "ThreatIntelIndicatorType", "type": "array" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", - "title": "DefaultResourceSpec" + "ThreatIntelIndicatorValue": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The value of a threat intelligence indicator.", + "title": "ThreatIntelIndicatorValue", + "type": "array" }, - "LifecycleConfigArns": { + "Title": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", - "title": "LifecycleConfigArns", + "markdownDescription": "A finding's title.", + "title": "Title", "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.CodeRepository": { - "additionalProperties": false, - "properties": { - "RepositoryUrl": { - "markdownDescription": "The URL of the Git repository.", - "title": "RepositoryUrl", - "type": "string" - } - }, - "required": [ - "RepositoryUrl" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.CustomFileSystemConfig": { - "additionalProperties": false, - "properties": { - "EFSFileSystemConfig": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.EFSFileSystemConfig", - "markdownDescription": "The settings for a custom Amazon EFS file system.", - "title": "EFSFileSystemConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.CustomImage": { - "additionalProperties": false, - "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig.", - "title": "AppImageConfigName", - "type": "string" }, - "ImageName": { - "markdownDescription": "The name of the CustomImage. Must be unique to your account.", - "title": "ImageName", - "type": "string" + "Type": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A finding type in the format of `namespace/category/classifier` that classifies a finding.", + "title": "Type", + "type": "array" }, - "ImageVersionNumber": { - "markdownDescription": "The version number of the CustomImage.", - "title": "ImageVersionNumber", - "type": "number" - } - }, - "required": [ - "AppImageConfigName", - "ImageName" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.CustomPosixUserConfig": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID.", - "title": "Gid", - "type": "number" + "UpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider last updated the finding record.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "UpdatedAt", + "type": "array" }, - "Uid": { - "markdownDescription": "The POSIX user ID.", - "title": "Uid", - "type": "number" - } - }, - "required": [ - "Gid", - "Uid" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.DefaultEbsStorageSettings": { - "additionalProperties": false, - "properties": { - "DefaultEbsVolumeSizeInGb": { - "markdownDescription": "The default size of the EBS storage volume for a space.", - "title": "DefaultEbsVolumeSizeInGb", - "type": "number" + "UserDefinedFields": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + }, + "markdownDescription": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.", + "title": "UserDefinedFields", + "type": "array" }, - "MaximumEbsVolumeSizeInGb": { - "markdownDescription": "The maximum size of the EBS storage volume for a space.", - "title": "MaximumEbsVolumeSizeInGb", - "type": "number" - } - }, - "required": [ - "DefaultEbsVolumeSizeInGb", - "MaximumEbsVolumeSizeInGb" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings": { - "additionalProperties": false, - "properties": { - "DefaultEbsStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultEbsStorageSettings", - "markdownDescription": "The default EBS storage settings for a space.", - "title": "DefaultEbsStorageSettings" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.EFSFileSystemConfig": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "markdownDescription": "The ID of your Amazon EFS file system.", - "title": "FileSystemId", - "type": "string" + "VerificationState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The veracity of a finding.", + "title": "VerificationState", + "type": "array" }, - "FileSystemPath": { - "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", - "title": "FileSystemPath", - "type": "string" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.JupyterLabAppSettings": { - "additionalProperties": false, - "properties": { - "CodeRepositories": { + "VulnerabilitiesExploitAvailable": { "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeRepository" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", - "title": "CodeRepositories", + "markdownDescription": "Indicates whether a software vulnerability in your environment has a known exploit. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", + "title": "VulnerabilitiesExploitAvailable", "type": "array" }, - "CustomImages": { + "VulnerabilitiesFixAvailable": { "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", - "title": "CustomImages", + "markdownDescription": "Indicates whether a vulnerability is fixed in a newer version of the affected software packages. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", + "title": "VulnerabilitiesFixAvailable", "type": "array" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", - "title": "DefaultResourceSpec" + "WorkflowState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The workflow state of a finding.\n\nNote that this field is deprecated. To search for a finding based on its workflow status, use `WorkflowStatus` .", + "title": "WorkflowState", + "type": "array" }, - "LifecycleConfigArns": { + "WorkflowStatus": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", - "title": "LifecycleConfigArns", + "markdownDescription": "The status of the investigation into a finding. Allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets the workflow status from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n\nIf one of the following occurs, the workflow status is changed automatically from `NOTIFIED` to `NEW` :\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed.\n\nThe workflow status of a `SUPPRESSED` finding does not change if `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n\nThe finding remains `RESOLVED` unless one of the following occurs:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n\nIn those cases, the workflow status is automatically reset to `NEW` .\n\nFor findings from controls, if `Compliance.Status` is `PASSED` , then Security Hub automatically sets the workflow status to `RESOLVED` .", + "title": "WorkflowStatus", "type": "array" } }, "type": "object" }, - "AWS::SageMaker::UserProfile.JupyterServerAppSettings": { + "AWS::SecurityHub::Insight.BooleanFilter": { "additionalProperties": false, "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", - "title": "DefaultResourceSpec" + "Value": { + "markdownDescription": "The value of the boolean.", + "title": "Value", + "type": "boolean" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::SageMaker::UserProfile.KernelGatewayAppSettings": { + "AWS::SecurityHub::Insight.DateFilter": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", - "title": "CustomImages", - "type": "array" + "DateRange": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateRange", + "markdownDescription": "A date range for the date filter.", + "title": "DateRange" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", - "title": "DefaultResourceSpec" + "End": { + "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "End", + "type": "string" + }, + "Start": { + "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "Start", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::UserProfile.RStudioServerProAppSettings": { + "AWS::SecurityHub::Insight.DateRange": { "additionalProperties": false, "properties": { - "AccessStatus": { - "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", - "title": "AccessStatus", + "Unit": { + "markdownDescription": "A date range unit for the date filter.", + "title": "Unit", "type": "string" }, - "UserGroup": { - "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", - "title": "UserGroup", - "type": "string" + "Value": { + "markdownDescription": "A date range value for the date filter.", + "title": "Value", + "type": "number" } }, + "required": [ + "Unit", + "Value" + ], "type": "object" }, - "AWS::SageMaker::UserProfile.ResourceSpec": { + "AWS::SecurityHub::Insight.IpFilter": { "additionalProperties": false, "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", - "type": "string" - }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", - "type": "string" - }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", + "Cidr": { + "markdownDescription": "A finding's CIDR value.", + "title": "Cidr", "type": "string" } }, + "required": [ + "Cidr" + ], "type": "object" }, - "AWS::SageMaker::UserProfile.SharingSettings": { + "AWS::SecurityHub::Insight.MapFilter": { "additionalProperties": false, "properties": { - "NotebookOutputOption": { - "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", - "title": "NotebookOutputOption", + "Comparison": { + "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", "type": "string" }, - "S3KmsKeyId": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", - "title": "S3KmsKeyId", + "Key": { + "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "title": "Key", "type": "string" }, - "S3OutputPath": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", - "title": "S3OutputPath", + "Value": { + "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "title": "Value", "type": "string" } }, + "required": [ + "Comparison", + "Key", + "Value" + ], "type": "object" }, - "AWS::SageMaker::UserProfile.UserSettings": { - "additionalProperties": false, - "properties": { - "CodeEditorAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeEditorAppSettings", - "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CodeEditorAppSettings" - }, - "CustomFileSystemConfigs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomFileSystemConfig" - }, - "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomFileSystemConfigs", - "type": "array" - }, - "CustomPosixUserConfig": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomPosixUserConfig", - "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomPosixUserConfig" - }, - "DefaultLandingUri": { - "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", - "title": "DefaultLandingUri", - "type": "string" - }, - "ExecutionRole": { - "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", - "title": "ExecutionRole", - "type": "string" - }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterLabAppSettings", - "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "JupyterLabAppSettings" - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterServerAppSettings", - "markdownDescription": "The Jupyter server's app settings.", - "title": "JupyterServerAppSettings" - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.KernelGatewayAppSettings", - "markdownDescription": "The kernel gateway app settings.", - "title": "KernelGatewayAppSettings" - }, - "RStudioServerProAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.RStudioServerProAppSettings", - "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", - "title": "RStudioServerProAppSettings" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SecurityGroups", - "type": "array" + "AWS::SecurityHub::Insight.NumberFilter": { + "additionalProperties": false, + "properties": { + "Eq": { + "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", + "title": "Eq", + "type": "number" }, - "SharingSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.SharingSettings", - "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", - "title": "SharingSettings" + "Gte": { + "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "title": "Gte", + "type": "number" }, - "SpaceStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings", - "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SpaceStorageSettings" + "Lte": { + "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", + "title": "Lte", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityHub::Insight.StringFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" }, - "StudioWebPortal": { - "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", - "title": "StudioWebPortal", + "Value": { + "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", + "title": "Value", "type": "string" } }, + "required": [ + "Comparison", + "Value" + ], "type": "object" }, - "AWS::SageMaker::Workteam": { + "AWS::SecurityHub::OrganizationConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -253453,48 +305359,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the work team.", - "title": "Description", - "type": "string" - }, - "MemberDefinitions": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.MemberDefinition" - }, - "markdownDescription": "A list of `MemberDefinition` objects that contains objects that identify the workers that make up the work team.\n\nWorkforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use `CognitoMemberDefinition` . For workforces created using your own OIDC identity provider (IdP) use `OidcMemberDefinition` .", - "title": "MemberDefinitions", - "type": "array" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.NotificationConfiguration", - "markdownDescription": "Configures SNS notifications of available or expiring work items for work teams.", - "title": "NotificationConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs.", - "title": "Tags", - "type": "array" + "AutoEnable": { + "markdownDescription": "Whether to automatically enable Security Hub in new member accounts when they join the organization.\n\nIf set to `true` , then Security Hub is automatically enabled in new accounts. If set to `false` , then Security Hub isn't enabled in new accounts automatically. The default value is `false` .\n\nIf the `ConfigurationType` of your organization is set to `CENTRAL` , then this field is set to `false` and can't be changed in the home Region and linked Regions. However, in that case, the delegated administrator can create a configuration policy in which Security Hub is enabled and associate the policy with new organization accounts.", + "title": "AutoEnable", + "type": "boolean" }, - "WorkforceName": { - "markdownDescription": "The name of the workforce.", - "title": "WorkforceName", + "AutoEnableStandards": { + "markdownDescription": "Whether to automatically enable Security Hub [default standards](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-enable-disable.html) in new member accounts when they join the organization.\n\nThe default value of this parameter is equal to `DEFAULT` .\n\nIf equal to `DEFAULT` , then Security Hub default standards are automatically enabled for new member accounts. If equal to `NONE` , then default standards are not automatically enabled for new member accounts.\n\nIf the `ConfigurationType` of your organization is set to `CENTRAL` , then this field is set to `NONE` and can't be changed in the home Region and linked Regions. However, in that case, the delegated administrator can create a configuration policy in which specific security standards are enabled and associate the policy with new organization accounts.", + "title": "AutoEnableStandards", "type": "string" }, - "WorkteamName": { - "markdownDescription": "The name of the work team.", - "title": "WorkteamName", + "ConfigurationType": { + "markdownDescription": "Indicates whether the organization uses local or central configuration.\n\nIf you use local configuration, the Security Hub delegated administrator can set `AutoEnable` to `true` and `AutoEnableStandards` to `DEFAULT` . This automatically enables Security Hub and default security standards in new organization accounts. These new account settings must be set separately in each AWS Region , and settings may be different in each Region.\n\nIf you use central configuration, the delegated administrator can create configuration policies. Configuration policies can be used to configure Security Hub, security standards, and security controls in multiple accounts and Regions. If you want new organization accounts to use a specific configuration, you can create a configuration policy and associate it with the root or specific organizational units (OUs). New accounts will inherit the policy from the root or their assigned OU.", + "title": "ConfigurationType", "type": "string" } }, + "required": [ + "AutoEnable" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Workteam" + "AWS::SecurityHub::OrganizationConfiguration" ], "type": "string" }, @@ -253508,84 +305396,158 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::Workteam.CognitoMemberDefinition": { + "AWS::SecurityHub::PolicyAssociation": { "additionalProperties": false, "properties": { - "CognitoClientId": { - "markdownDescription": "An identifier for an application client. You must create the app client ID using Amazon Cognito .", - "title": "CognitoClientId", + "Condition": { "type": "string" }, - "CognitoUserGroup": { - "markdownDescription": "An identifier for a user group.", - "title": "CognitoUserGroup", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CognitoUserPool": { - "markdownDescription": "An identifier for a user pool. The user pool must be in the same region as the service that you are calling.", - "title": "CognitoUserPool", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationPolicyId": { + "markdownDescription": "The universally unique identifier (UUID) of the configuration policy. A self-managed configuration has no UUID. The identifier of a self-managed configuration is `SELF_MANAGED_SECURITY_HUB` .", + "title": "ConfigurationPolicyId", + "type": "string" + }, + "TargetId": { + "markdownDescription": "The identifier of the target account, organizational unit, or the root.", + "title": "TargetId", + "type": "string" + }, + "TargetType": { + "markdownDescription": "Specifies whether the target is an AWS account , organizational unit, or the root.", + "title": "TargetType", + "type": "string" + } + }, + "required": [ + "ConfigurationPolicyId", + "TargetId", + "TargetType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::PolicyAssociation" + ], "type": "string" - } - }, - "required": [ - "CognitoClientId", - "CognitoUserGroup", - "CognitoUserPool" - ], - "type": "object" - }, - "AWS::SageMaker::Workteam.MemberDefinition": { - "additionalProperties": false, - "properties": { - "CognitoMemberDefinition": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.CognitoMemberDefinition", - "markdownDescription": "The Amazon Cognito user group that is part of the work team.", - "title": "CognitoMemberDefinition" }, - "OidcMemberDefinition": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.OidcMemberDefinition", - "markdownDescription": "A list user groups that exist in your OIDC Identity Provider (IdP). One to ten groups can be used to create a single private work team. When you add a user group to the list of `Groups` , you can add that user group to one or more private work teams. If you add a user group to a private work team, all workers in that user group are added to the work team.", - "title": "OidcMemberDefinition" - } - }, - "type": "object" - }, - "AWS::SageMaker::Workteam.NotificationConfiguration": { - "additionalProperties": false, - "properties": { - "NotificationTopicArn": { - "markdownDescription": "The ARN for the Amazon SNS topic to which notifications should be published.", - "title": "NotificationTopicArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "NotificationTopicArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::Workteam.OidcMemberDefinition": { + "AWS::SecurityHub::ProductSubscription": { "additionalProperties": false, "properties": { - "OidcGroups": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ProductArn": { + "markdownDescription": "The ARN of the product to enable the integration for.", + "title": "ProductArn", + "type": "string" + } }, - "markdownDescription": "", - "title": "OidcGroups", - "type": "array" + "required": [ + "ProductArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::ProductSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "OidcGroups" + "Type", + "Properties" ], "type": "object" }, - "AWS::Scheduler::Schedule": { + "AWS::SecurityHub::SecurityControl": { "additionalProperties": false, "properties": { "Condition": { @@ -253620,72 +305582,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description you specify for the schedule.", - "title": "Description", - "type": "string" - }, - "EndDate": { - "markdownDescription": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the `EndDate` you specify.\nEventBridge Scheduler ignores `EndDate` for one-time schedules.", - "title": "EndDate", - "type": "string" - }, - "FlexibleTimeWindow": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.FlexibleTimeWindow", - "markdownDescription": "Allows you to configure a time window during which EventBridge Scheduler invokes the schedule.", - "title": "FlexibleTimeWindow" - }, - "GroupName": { - "markdownDescription": "The name of the schedule group associated with this schedule.", - "title": "GroupName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the customer managed KMS key that EventBridge Scheduler will use to encrypt and decrypt your data.", - "title": "KmsKeyArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the schedule.", - "title": "Name", - "type": "string" - }, - "ScheduleExpression": { - "markdownDescription": "The expression that defines when the schedule runs. The following formats are supported.\n\n- `at` expression - `at(yyyy-mm-ddThh:mm:ss)`\n- `rate` expression - `rate(value unit)`\n- `cron` expression - `cron(fields)`\n\nYou can use `at` expressions to create one-time schedules that invoke a target once, at the time and in the time zone, that you specify. You can use `rate` and `cron` expressions to create recurring schedules. Rate-based schedules are useful when you want to invoke a target at regular intervals, such as every 15 minutes or every five days. Cron-based schedules are useful when you want to invoke a target periodically at a specific time, such as at 8:00 am (UTC+0) every 1st day of the month.\n\nA `cron` expression consists of six fields separated by white spaces: `(minutes hours day_of_month month day_of_week year)` .\n\nA `rate` expression consists of a *value* as a positive integer, and a *unit* with the following options: `minute` | `minutes` | `hour` | `hours` | `day` | `days`\n\nFor more information and examples, see [Schedule types on EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html) in the *EventBridge Scheduler User Guide* .", - "title": "ScheduleExpression", + "LastUpdateReason": { + "markdownDescription": "The most recent reason for updating the customizable properties of a security control. This differs from the `UpdateReason` field of the [`BatchUpdateStandardsControlAssociations`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html) API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.", + "title": "LastUpdateReason", "type": "string" }, - "ScheduleExpressionTimezone": { - "markdownDescription": "The timezone in which the scheduling expression is evaluated.", - "title": "ScheduleExpressionTimezone", - "type": "string" + "Parameters": { + "additionalProperties": false, + "markdownDescription": "An object that identifies the name of a control parameter, its current value, and whether it has been customized.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl.ParameterConfiguration" + } + }, + "title": "Parameters", + "type": "object" }, - "StartDate": { - "markdownDescription": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the `StartDate` you specify.\nEventBridge Scheduler ignores `StartDate` for one-time schedules.", - "title": "StartDate", + "SecurityControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for a security control across standards, such as `arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1` . This parameter doesn't mention a specific standard.", + "title": "SecurityControlArn", "type": "string" }, - "State": { - "markdownDescription": "Specifies whether the schedule is enabled or disabled.\n\n*Allowed Values* : `ENABLED` | `DISABLED`", - "title": "State", + "SecurityControlId": { + "markdownDescription": "The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.", + "title": "SecurityControlId", "type": "string" - }, - "Target": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.Target", - "markdownDescription": "The schedule's target details.", - "title": "Target" } }, "required": [ - "FlexibleTimeWindow", - "ScheduleExpression", - "Target" + "Parameters" ], "type": "object" }, "Type": { "enum": [ - "AWS::Scheduler::Schedule" + "AWS::SecurityHub::SecurityControl" ], "type": "string" }, @@ -253704,377 +305635,175 @@ ], "type": "object" }, - "AWS::Scheduler::Schedule.AwsVpcConfiguration": { - "additionalProperties": false, - "properties": { - "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", - "title": "AssignPublicIp", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.CapacityProviderStrategyItem": { + "AWS::SecurityHub::SecurityControl.ParameterConfiguration": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of `0` is used.", - "title": "Base", - "type": "number" + "Value": { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl.ParameterValue", + "markdownDescription": "The current value of a control parameter.", + "title": "Value" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "ValueType": { + "markdownDescription": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.\n\nWhen `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.\n\nWhen `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty.", + "title": "ValueType", "type": "string" - }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", - "type": "number" } }, "required": [ - "CapacityProvider" + "ValueType" ], "type": "object" }, - "AWS::Scheduler::Schedule.DeadLetterConfig": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SQS queue specified as the destination for the dead-letter queue.", - "title": "Arn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.EcsParameters": { + "AWS::SecurityHub::SecurityControl.ParameterValue": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the task.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon ECS Developer Guide* .", - "title": "EnableECSManagedTags", - "type": "boolean" - }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", + "Boolean": { + "markdownDescription": "A control parameter that is a boolean.", + "title": "Boolean", "type": "boolean" }, - "Group": { - "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", - "type": "string" + "Double": { + "markdownDescription": "A control parameter that is a double.", + "title": "Double", + "type": "number" }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html) in the *Amazon ECS Developer Guide* .", - "title": "LaunchType", + "Enum": { + "markdownDescription": "A control parameter that is an enum.", + "title": "Enum", "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.NetworkConfiguration", - "markdownDescription": "This structure specifies the network configuration for an ECS task.", - "title": "NetworkConfiguration" - }, - "PlacementConstraints": { + "EnumList": { "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementConstraint" + "type": "string" }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", + "markdownDescription": "A control parameter that is a list of enums.", + "title": "EnumList", "type": "array" }, - "PlacementStrategy": { + "Integer": { + "markdownDescription": "A control parameter that is an integer.", + "title": "Integer", + "type": "number" + }, + "IntegerList": { "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementStrategy" + "type": "number" }, - "markdownDescription": "The task placement strategy for a task or service.", - "title": "PlacementStrategy", + "markdownDescription": "A control parameter that is a list of integers.", + "title": "IntegerList", "type": "array" }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .", - "title": "PlatformVersion", - "type": "string" - }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the Amazon ECS [`TagResource`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.", - "title": "PropagateTags", - "type": "string" - }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", + "String": { + "markdownDescription": "A control parameter that is a string.", + "title": "String", "type": "string" }, - "Tags": { - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. For more information, see [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) in the *Amazon ECS API Reference* .", - "title": "Tags", - "type": "object" - }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is `1` .", - "title": "TaskCount", - "type": "number" - }, - "TaskDefinitionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", - "type": "string" + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of strings.", + "title": "StringList", + "type": "array" } }, - "required": [ - "TaskDefinitionArn" - ], "type": "object" }, - "AWS::Scheduler::Schedule.EventBridgeParameters": { + "AWS::SecurityHub::Standard": { "additionalProperties": false, "properties": { - "DetailType": { - "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", - "title": "DetailType", + "Condition": { "type": "string" }, - "Source": { - "markdownDescription": "The source of the event.", - "title": "Source", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "DetailType", - "Source" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.FlexibleTimeWindow": { - "additionalProperties": false, - "properties": { - "MaximumWindowInMinutes": { - "markdownDescription": "The maximum time window during which a schedule can be invoked.\n\n*Minimum* : `1`\n\n*Maximum* : `1440`", - "title": "MaximumWindowInMinutes", - "type": "number" }, - "Mode": { - "markdownDescription": "Determines whether the schedule is invoked within a flexible time window. You must use quotation marks when you specify this value in your JSON or YAML template.\n\n*Allowed Values* : `\"OFF\"` | `\"FLEXIBLE\"`", - "title": "Mode", - "type": "string" - } - }, - "required": [ - "Mode" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.KinesisParameters": { - "additionalProperties": false, - "properties": { - "PartitionKey": { - "markdownDescription": "Specifies the shard to which EventBridge Scheduler sends the event. For more information, see [Amazon Kinesis Data Streams terminology and concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html) in the *Amazon Kinesis Streams Developer Guide* .", - "title": "PartitionKey", - "type": "string" - } - }, - "required": [ - "PartitionKey" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.AwsVpcConfiguration", - "markdownDescription": "Specifies the Amazon VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode.", - "title": "AwsvpcConfiguration" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.PlacementConstraint": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/latest/developerguide/cluster-query-language.html) in the *Amazon ECS Developer Guide* .", - "title": "Expression", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Type": { - "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.PlacementStrategy": { - "additionalProperties": false, - "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are `instanceId` (or `instanceId` , which has the same effect), or any platform or custom attribute that is applied to a container instance, such as `attribute:ecs.availability-zone` . For the binpack placement strategy, valid values are `cpu` and `memory` . For the random placement strategy, this field is not used.", - "title": "Field", - "type": "string" + "Metadata": { + "type": "object" }, - "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.RetryPolicy": { - "additionalProperties": false, - "properties": { - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", - "title": "MaximumEventAgeInSeconds", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "DisabledStandardsControls": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Standard.StandardsControl" + }, + "markdownDescription": "Specifies which controls are to be disabled in a standard.\n\n*Maximum* : `100`", + "title": "DisabledStandardsControls", + "type": "array" + }, + "StandardsArn": { + "markdownDescription": "The ARN of the standard that you want to enable. To view a list of available Security Hub standards and their ARNs, use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.", + "title": "StandardsArn", + "type": "string" + } + }, + "required": [ + "StandardsArn" + ], + "type": "object" }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts with exponential backoff continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is reached.", - "title": "MaximumRetryAttempts", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.SageMakerPipelineParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker Model Building Pipeline.", - "title": "Name", + "Type": { + "enum": [ + "AWS::SecurityHub::Standard" + ], "type": "string" }, - "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker Model Building Pipeline.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::Scheduler::Schedule.SageMakerPipelineParameters": { - "additionalProperties": false, - "properties": { - "PipelineParameterList": { - "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameter" - }, - "markdownDescription": "List of parameter names and values to use when executing the SageMaker Model Building Pipeline.", - "title": "PipelineParameterList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.SqsParameters": { - "additionalProperties": false, - "properties": { - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.Target": { + "AWS::SecurityHub::Standard.StandardsControl": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target.", - "title": "Arn", - "type": "string" - }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.DeadLetterConfig", - "markdownDescription": "An object that contains information about an Amazon SQS queue that EventBridge Scheduler uses as a dead-letter queue for your schedule. If specified, EventBridge Scheduler delivers failed events that could not be successfully delivered to a target to the queue.", - "title": "DeadLetterConfig" - }, - "EcsParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.EcsParameters", - "markdownDescription": "The templated target type for the Amazon ECS [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API operation.", - "title": "EcsParameters" - }, - "EventBridgeParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.EventBridgeParameters", - "markdownDescription": "The templated target type for the EventBridge [`PutEvents`](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) API operation.", - "title": "EventBridgeParameters" - }, - "Input": { - "markdownDescription": "The text, or well-formed JSON, passed to the target. If you are configuring a templated Lambda , AWS Step Functions , or Amazon EventBridge target, the input must be a well-formed JSON. For all other target types, a JSON is not required. If you do not specify anything for this field, Amazon EventBridge Scheduler delivers a default notification to the target.", - "title": "Input", + "Reason": { + "markdownDescription": "A user-defined reason for changing a control's enablement status in a specified standard. If you are disabling a control, then this property is required.", + "title": "Reason", "type": "string" }, - "KinesisParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.KinesisParameters", - "markdownDescription": "The templated target type for the Amazon Kinesis [`PutRecord`](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html) API operation.", - "title": "KinesisParameters" - }, - "RetryPolicy": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.RetryPolicy", - "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings, including the maximum age of an event, and the maximum number of times EventBridge Scheduler will try to deliver the event to a target.", - "title": "RetryPolicy" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that EventBridge Scheduler will use for this target when the schedule is invoked.", - "title": "RoleArn", + "StandardsControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control.", + "title": "StandardsControlArn", "type": "string" - }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameters", - "markdownDescription": "The templated target type for the Amazon SageMaker [`StartPipelineExecution`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) API operation.", - "title": "SageMakerPipelineParameters" - }, - "SqsParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.SqsParameters", - "markdownDescription": "The templated target type for the Amazon SQS [`SendMessage`](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html) API operation. Contains the message group ID to use when the target is a FIFO queue. If you specify an Amazon SQS FIFO queue as a target, the queue must have content-based deduplication enabled. For more information, see [Using the Amazon SQS message deduplication ID](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/using-messagededuplicationid-property.html) in the *Amazon SQS Developer Guide* .", - "title": "SqsParameters" } }, "required": [ - "Arn", - "RoleArn" + "StandardsControlArn" ], "type": "object" }, - "AWS::Scheduler::ScheduleGroup": { + "AWS::SecurityLake::AwsLogSource": { "additionalProperties": false, "properties": { "Condition": { @@ -254109,25 +305838,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the schedule group.", - "title": "Name", - "type": "string" - }, - "Tags": { + "Accounts": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "Specify the AWS account information where you want to enable Security Lake.", + "title": "Accounts", "type": "array" + }, + "DataLakeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", + "title": "DataLakeArn", + "type": "string" + }, + "SourceName": { + "markdownDescription": "The name for a AWS source. This must be a Regionally unique value. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", + "title": "SourceName", + "type": "string" + }, + "SourceVersion": { + "markdownDescription": "The version for a AWS source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide. This must be a Regionally unique value.", + "title": "SourceVersion", + "type": "string" } }, + "required": [ + "DataLakeArn", + "SourceName", + "SourceVersion" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Scheduler::ScheduleGroup" + "AWS::SecurityLake::AwsLogSource" ], "type": "string" }, @@ -254141,11 +305885,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecretsManager::ResourcePolicy": { + "AWS::SecurityLake::DataLake": { "additionalProperties": false, "properties": { "Condition": { @@ -254180,31 +305925,40 @@ "Properties": { "additionalProperties": false, "properties": { - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether to block resource-based policies that allow broad access to the secret. By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.", - "title": "BlockPublicPolicy", - "type": "boolean" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.EncryptionConfiguration", + "markdownDescription": "Provides encryption details of the Amazon Security Lake object.", + "title": "EncryptionConfiguration" }, - "ResourcePolicy": { - "markdownDescription": "A JSON-formatted string for an AWS resource-based policy. For example policies, see [Permissions policy examples](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html) .", - "title": "ResourcePolicy", - "type": "object" + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.LifecycleConfiguration", + "markdownDescription": "You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see [Lifecycle management](https://docs.aws.amazon.com//security-lake/latest/userguide/lifecycle-management.html) in the Amazon Security Lake User Guide.", + "title": "LifecycleConfiguration" }, - "SecretId": { - "markdownDescription": "The ARN or name of the secret to attach the resource-based policy.\n\nFor an ARN, we recommend that you specify a complete ARN rather than a partial ARN.", - "title": "SecretId", + "MetaStoreManagerRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.", + "title": "MetaStoreManagerRoleArn", "type": "string" + }, + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.ReplicationConfiguration", + "markdownDescription": "Provides replication details of Amazon Security Lake object.", + "title": "ReplicationConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", + "title": "Tags", + "type": "array" } }, - "required": [ - "ResourcePolicy", - "SecretId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SecretsManager::ResourcePolicy" + "AWS::SecurityLake::DataLake" ], "type": "string" }, @@ -254218,12 +305972,87 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SecretsManager::RotationSchedule": { + "AWS::SecurityLake::DataLake.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The ID of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.Expiration": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "The number of days before data expires in the Amazon Security Lake object.", + "title": "Days", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Expiration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.Expiration", + "markdownDescription": "Provides data expiration details of the Amazon Security Lake object.", + "title": "Expiration" + }, + "Transitions": { + "items": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.Transitions" + }, + "markdownDescription": "Provides data storage transition details of Amazon Security Lake object. By configuring these settings, you can specify your preferred Amazon S3 storage class and the time period for S3 objects to stay in that storage class before they transition to a different storage class.", + "title": "Transitions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.ReplicationConfiguration": { + "additionalProperties": false, + "properties": { + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the `CreateDataLake` or `UpdateDataLake` operations contributes data to the rollup Region or Regions specified in this parameter.\n\nReplication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.", + "title": "Regions", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake , to ensure the replication setting is correct.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.Transitions": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "The number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.", + "title": "Days", + "type": "number" + }, + "StorageClass": { + "markdownDescription": "The list of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads. The default storage class is *S3 Standard* . For information about other storage classes, see [Setting the storage class of an object](https://docs.aws.amazon.com/AmazonS3/latest/userguide/sc-howtoset.html) in the *Amazon S3 User Guide* .", + "title": "StorageClass", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber": { "additionalProperties": false, "properties": { "Condition": { @@ -254258,40 +306087,63 @@ "Properties": { "additionalProperties": false, "properties": { - "HostedRotationLambda": { - "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.HostedRotationLambda", - "markdownDescription": "Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) . To use a rotation function that already exists, specify `RotationLambdaARN` instead.\n\nYou must specify `Transform: AWS::SecretsManager-2024-09-16` at the beginning of the CloudFormation template. Transforms are macros hosted by AWS CloudFormation that help you create and manage complex infrastructure. The `Transform: AWS::SecretsManager-2024-09-16` transform automatically extends the CloudFormation stack to include a nested stack (of type `AWS::CloudFormation::Stack` ), which then creates and updates on your behalf during subsequent stack operations, the appropriate rotation Lambda function for your database or service. For general information on transforms, see the [AWS CloudFormation documentation.](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-reference.html)\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .", - "title": "HostedRotationLambda" + "AccessTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "You can choose to notify subscribers of new objects with an Amazon Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the subscriber.\n\nSubscribers can consume data by directly querying AWS Lake Formation tables in your Amazon S3 bucket through services like Amazon Athena. This subscription type is defined as `LAKEFORMATION` .", + "title": "AccessTypes", + "type": "array" }, - "RotateImmediatelyOnUpdate": { - "markdownDescription": "Determines whether to rotate the secret immediately or wait until the next scheduled rotation window when the rotation schedule is updated. The rotation schedule is defined in `RotationRules` .\n\nThe default for `RotateImmediatelyOnUpdate` is `true` . If you don't specify this value, Secrets Manager rotates the secret immediately.\n\nIf you set `RotateImmediatelyOnUpdate` to `false` , Secrets Manager tests the rotation configuration by running the [`testSecret` step](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) of the Lambda rotation function. This test creates an `AWSPENDING` version of the secret and then removes it.\n\n> When changing an existing rotation schedule and setting `RotateImmediatelyOnUpdate` to `false` :\n> \n> - If using `AutomaticallyAfterDays` or a `ScheduleExpression` with `rate()` , the previously scheduled rotation might still occur.\n> - To prevent unintended rotations, use a `ScheduleExpression` with `cron()` for granular control over rotation windows. \n\nRotation is an asynchronous process. For more information, see [How rotation works](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) .", - "title": "RotateImmediatelyOnUpdate", - "type": "boolean" + "DataLakeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", + "title": "DataLakeArn", + "type": "string" }, - "RotationLambdaARN": { - "markdownDescription": "The ARN of an existing Lambda rotation function. To specify a rotation function that is also defined in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function.\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .\n\nTo create a new rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) , specify `HostedRotationLambda` instead.", - "title": "RotationLambdaARN", + "Sources": { + "items": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.Source" + }, + "markdownDescription": "Amazon Security Lake supports log and event collection for natively supported AWS services . For more information, see the [Amazon Security Lake User Guide](https://docs.aws.amazon.com//security-lake/latest/userguide/source-management.html) .", + "title": "Sources", + "type": "array" + }, + "SubscriberDescription": { + "markdownDescription": "The subscriber descriptions for a subscriber account. The description for a subscriber includes `subscriberName` , `accountID` , `externalID` , and `subscriberId` .", + "title": "SubscriberDescription", "type": "string" }, - "RotationRules": { - "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.RotationRules", - "markdownDescription": "A structure that defines the rotation configuration for this secret.", - "title": "RotationRules" + "SubscriberIdentity": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.SubscriberIdentity", + "markdownDescription": "The AWS identity used to access your data.", + "title": "SubscriberIdentity" }, - "SecretId": { - "markdownDescription": "The ARN or name of the secret to rotate. This is unique for each rotation schedule definition.\n\nTo reference a secret also created in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID.", - "title": "SecretId", + "SubscriberName": { + "markdownDescription": "The name of your Amazon Security Lake subscriber account.", + "title": "SubscriberName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of objects, one for each tag to associate with the subscriber. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", + "title": "Tags", + "type": "array" } }, "required": [ - "SecretId" + "AccessTypes", + "DataLakeArn", + "Sources", + "SubscriberIdentity", + "SubscriberName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecretsManager::RotationSchedule" + "AWS::SecurityLake::Subscriber" ], "type": "string" }, @@ -254310,92 +306162,75 @@ ], "type": "object" }, - "AWS::SecretsManager::RotationSchedule.HostedRotationLambda": { + "AWS::SecurityLake::Subscriber.AwsLogSource": { "additionalProperties": false, "properties": { - "ExcludeCharacters": { - "markdownDescription": "A string of the characters that you don't want in the password.", - "title": "ExcludeCharacters", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key that Secrets Manager uses to encrypt the secret. If you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.", - "title": "KmsKeyArn", - "type": "string" - }, - "MasterSecretArn": { - "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", - "title": "MasterSecretArn", - "type": "string" - }, - "MasterSecretKmsKeyArn": { - "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", - "title": "MasterSecretKmsKeyArn", - "type": "string" - }, - "RotationLambdaName": { - "markdownDescription": "The name of the Lambda rotation function.", - "title": "RotationLambdaName", - "type": "string" - }, - "RotationType": { - "markdownDescription": "The rotation template to base the rotation function on, one of the following:\n\n- `Db2SingleUser` to use the template [SecretsManagerRDSDb2RotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-singleuser) .\n- `Db2MultiUser` to use the template [SecretsManagerRDSDb2RotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-multiuser) .\n- `MySQLSingleUser` to use the template [SecretsManagerRDSMySQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-singleuser) .\n- `MySQLMultiUser` to use the template [SecretsManagerRDSMySQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-multiuser) .\n- `PostgreSQLSingleUser` to use the template [SecretsManagerRDSPostgreSQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-singleuser)\n- `PostgreSQLMultiUser` to use the template [SecretsManagerRDSPostgreSQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-multiuser) .\n- `OracleSingleUser` to use the template [SecretsManagerRDSOracleRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-singleuser) .\n- `OracleMultiUser` to use the template [SecretsManagerRDSOracleRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-multiuser) .\n- `MariaDBSingleUser` to use the template [SecretsManagerRDSMariaDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-singleuser) .\n- `MariaDBMultiUser` to use the template [SecretsManagerRDSMariaDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-multiuser) .\n- `SQLServerSingleUser` to use the template [SecretsManagerRDSSQLServerRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-singleuser) .\n- `SQLServerMultiUser` to use the template [SecretsManagerRDSSQLServerRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-multiuser) .\n- `RedshiftSingleUser` to use the template [SecretsManagerRedshiftRotationSingleUsr](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-singleuser) .\n- `RedshiftMultiUser` to use the template [SecretsManagerRedshiftRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-multiuser) .\n- `MongoDBSingleUser` to use the template [SecretsManagerMongoDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-singleuser) .\n- `MongoDBMultiUser` to use the template [SecretsManagerMongoDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-multiuser) .", - "title": "RotationType", - "type": "string" - }, - "Runtime": { - "markdownDescription": "> Do not set this value if you are using `Transform: AWS::SecretsManager-2024-09-16` . Over time, the updated rotation lambda artifacts vended by AWS may not be compatible with the code or shared object files defined in the rotation function deployment package.\n> \n> Only define the `Runtime` key if:\n> \n> - You are using `Transform: AWS::SecretsManager-2020-07-23` .\n> - The code or shared object files defined in the rotation function deployment package are incompatible with Python 3.9. \n\nThe Python Runtime version for with the rotation function. By default, CloudFormation deploys Python 3.9 binaries for the rotation function. To use a different version of Python, you must do the following two steps:\n\n- Deploy the matching version Python binaries with your rotation function.\n- Set the version number in this field. For example, for Python 3.7, enter *python3.7* .\n\nIf you only do one of the steps, your rotation function will be incompatible with the binaries. For more information, see [Why did my Lambda rotation function fail with a \"pg module not found\" error](https://docs.aws.amazon.com/https://repost.aws/knowledge-center/secrets-manager-lambda-rotation) .", - "title": "Runtime", - "type": "string" - }, - "SuperuserSecretArn": { - "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", - "title": "SuperuserSecretArn", + "SourceName": { + "markdownDescription": "Source name of the natively supported AWS service that is supported as an Amazon Security Lake source. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", + "title": "SourceName", "type": "string" }, - "SuperuserSecretKmsKeyArn": { - "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", - "title": "SuperuserSecretKmsKeyArn", + "SourceVersion": { + "markdownDescription": "Source version of the natively supported AWS service that is supported as an Amazon Security Lake source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide.", + "title": "SourceVersion", "type": "string" - }, - "VpcSecurityGroupIds": { - "markdownDescription": "A comma-separated list of security group IDs applied to the target database.\n\nThe template applies the same security groups as on the Lambda rotation function that is created as part of this stack.", - "title": "VpcSecurityGroupIds", + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber.CustomLogSource": { + "additionalProperties": false, + "properties": { + "SourceName": { + "markdownDescription": "The name of the custom log source.", + "title": "SourceName", "type": "string" }, - "VpcSubnetIds": { - "markdownDescription": "A comma separated list of VPC subnet IDs of the target database network. The Lambda rotation function is in the same subnet group.", - "title": "VpcSubnetIds", + "SourceVersion": { + "markdownDescription": "The source version of the custom log source.", + "title": "SourceVersion", "type": "string" } }, - "required": [ - "RotationType" - ], "type": "object" }, - "AWS::SecretsManager::RotationSchedule.RotationRules": { + "AWS::SecurityLake::Subscriber.Source": { "additionalProperties": false, "properties": { - "AutomaticallyAfterDays": { - "markdownDescription": "The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.\n\nIn `DescribeSecret` and `ListSecrets` , this value is calculated from the rotation schedule after every successful rotation. In `RotateSecret` , you can set the rotation schedule in `RotationRules` with `AutomaticallyAfterDays` or `ScheduleExpression` , but not both.", - "title": "AutomaticallyAfterDays", - "type": "number" + "AwsLogSource": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.AwsLogSource", + "markdownDescription": "The natively supported AWS service which is used a Amazon Security Lake source to collect logs and events from.", + "title": "AwsLogSource" }, - "Duration": { - "markdownDescription": "The length of the rotation window in hours, for example `3h` for a three hour window. Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the `ScheduleExpression` . If you don't specify a `Duration` , for a `ScheduleExpression` in hours, the window automatically closes after one hour. For a `ScheduleExpression` in days, the window automatically closes at the end of the UTC day. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* .", - "title": "Duration", + "CustomLogSource": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.CustomLogSource", + "markdownDescription": "The custom log source AWS which is used a Amazon Security Lake source to collect logs and events from.", + "title": "CustomLogSource" + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber.SubscriberIdentity": { + "additionalProperties": false, + "properties": { + "ExternalId": { + "markdownDescription": "The external ID is a unique identifier that the subscriber provides to you.", + "title": "ExternalId", "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "A `cron()` or `rate()` expression that defines the schedule for rotating your secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager rotates your secret any time during a rotation window.\n\nSecrets Manager `rate()` expressions represent the interval in hours or days that you want to rotate your secret, for example `rate(12 hours)` or `rate(10 days)` . You can rotate a secret as often as every four hours. If you use a `rate()` expression, the rotation window starts at midnight. For a rate in hours, the default rotation window closes after one hour. For a rate in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.\n\nYou can use a `cron()` expression to create a rotation schedule that is more detailed than a rotation interval. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* . For a cron expression that represents a schedule in hours, the default rotation window closes after one hour. For a cron expression that represents a schedule in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.", - "title": "ScheduleExpression", + "Principal": { + "markdownDescription": "Principals can include accounts, users, roles, federated users, or AWS services.", + "title": "Principal", "type": "string" } }, + "required": [ + "ExternalId", + "Principal" + ], "type": "object" }, - "AWS::SecretsManager::Secret": { + "AWS::SecurityLake::SubscriberNotification": { "additionalProperties": false, "properties": { "Condition": { @@ -254430,53 +306265,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the secret.", - "title": "Description", - "type": "string" - }, - "GenerateSecretString": { - "$ref": "#/definitions/AWS::SecretsManager::Secret.GenerateSecretString", - "markdownDescription": "A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use `SecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.\n\nWe recommend that you specify the maximum length and include every character type that the system you are generating a password for can support.", - "title": "GenerateSecretString" - }, - "KmsKeyId": { - "markdownDescription": "The ARN, key ID, or alias of the AWS KMS key that Secrets Manager uses to encrypt the secret value in the secret. An alias is always prefixed by `alias/` , for example `alias/aws/secretsmanager` . For more information, see [About aliases](https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html) .\n\nTo use a AWS KMS key in a different account, use the key ARN or the alias ARN.\n\nIf you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If that key doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.\n\nIf the secret is in a different AWS account from the credentials calling the API, then you can't use `aws/secretsmanager` to encrypt the secret, and you must create and use a customer managed AWS KMS key.", - "title": "KmsKeyId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the new secret.\n\nThe secret name can contain ASCII letters, numbers, and the following characters: /_+=.@-\n\nDo not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN.", - "title": "Name", - "type": "string" - }, - "ReplicaRegions": { - "items": { - "$ref": "#/definitions/AWS::SecretsManager::Secret.ReplicaRegion" - }, - "markdownDescription": "A custom type that specifies a `Region` and the `KmsKeyId` for a replica secret.", - "title": "ReplicaRegions", - "type": "array" + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification.NotificationConfiguration", + "markdownDescription": "Specify the configurations you want to use for subscriber notification. The subscriber is notified when new data is written to the data lake for sources that the subscriber consumes in Security Lake .", + "title": "NotificationConfiguration" }, - "SecretString": { - "markdownDescription": "The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use `GenerateSecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.", - "title": "SecretString", + "SubscriberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Security Lake subscriber.", + "title": "SubscriberArn", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nStack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret.\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", - "title": "Tags", - "type": "array" } }, + "required": [ + "NotificationConfiguration", + "SubscriberArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SecretsManager::Secret" + "AWS::SecurityLake::SubscriberNotification" ], "type": "string" }, @@ -254490,86 +306298,63 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecretsManager::Secret.GenerateSecretString": { + "AWS::SecurityLake::SubscriberNotification.HttpsNotificationConfiguration": { "additionalProperties": false, "properties": { - "ExcludeCharacters": { - "markdownDescription": "A string of the characters that you don't want in the password.", - "title": "ExcludeCharacters", + "AuthorizationApiKeyName": { + "markdownDescription": "The key name for the notification subscription.", + "title": "AuthorizationApiKeyName", "type": "string" }, - "ExcludeLowercase": { - "markdownDescription": "Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters.", - "title": "ExcludeLowercase", - "type": "boolean" - }, - "ExcludeNumbers": { - "markdownDescription": "Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers.", - "title": "ExcludeNumbers", - "type": "boolean" - }, - "ExcludePunctuation": { - "markdownDescription": "Specifies whether to exclude the following punctuation characters from the password: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~` . If you don't include this switch, the password can contain punctuation.", - "title": "ExcludePunctuation", - "type": "boolean" - }, - "ExcludeUppercase": { - "markdownDescription": "Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters.", - "title": "ExcludeUppercase", - "type": "boolean" - }, - "GenerateStringKey": { - "markdownDescription": "The JSON key name for the key/value pair, where the value is the generated password. This pair is added to the JSON structure specified by the `SecretStringTemplate` parameter. If you specify this parameter, then you must also specify `SecretStringTemplate` .", - "title": "GenerateStringKey", + "AuthorizationApiKeyValue": { + "markdownDescription": "The key value for the notification subscription.", + "title": "AuthorizationApiKeyValue", "type": "string" }, - "IncludeSpace": { - "markdownDescription": "Specifies whether to include the space character. If you include this switch, the password can contain space characters.", - "title": "IncludeSpace", - "type": "boolean" - }, - "PasswordLength": { - "markdownDescription": "The length of the password. If you don't include this parameter, the default length is 32 characters.", - "title": "PasswordLength", - "type": "number" + "Endpoint": { + "markdownDescription": "The subscription endpoint in Security Lake . If you prefer notification with an HTTPS endpoint, populate this field.", + "title": "Endpoint", + "type": "string" }, - "RequireEachIncludedType": { - "markdownDescription": "Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type.", - "title": "RequireEachIncludedType", - "type": "boolean" + "HttpMethod": { + "markdownDescription": "The HTTPS method used for the notification subscription.", + "title": "HttpMethod", + "type": "string" }, - "SecretStringTemplate": { - "markdownDescription": "A template that the generated string must match. When you make a change to this property, a new secret version is created.", - "title": "SecretStringTemplate", + "TargetRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the EventBridge API destinations IAM role that you created. For more information about ARNs and how to use them in policies, see [Managing data access](https://docs.aws.amazon.com///security-lake/latest/userguide/subscriber-data-access.html) and [AWS Managed Policies](https://docs.aws.amazon.com//security-lake/latest/userguide/security-iam-awsmanpol.html) in the *Amazon Security Lake User Guide* .", + "title": "TargetRoleArn", "type": "string" } }, + "required": [ + "Endpoint", + "TargetRoleArn" + ], "type": "object" }, - "AWS::SecretsManager::Secret.ReplicaRegion": { + "AWS::SecurityLake::SubscriberNotification.NotificationConfiguration": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't include this field, Secrets Manager uses `aws/secretsmanager` .", - "title": "KmsKeyId", - "type": "string" + "HttpsNotificationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification.HttpsNotificationConfiguration", + "markdownDescription": "The configurations used for HTTPS subscriber notification.", + "title": "HttpsNotificationConfiguration" }, - "Region": { - "markdownDescription": "A string that represents a `Region` , for example \"us-east-1\".", - "title": "Region", - "type": "string" + "SqsNotificationConfiguration": { + "markdownDescription": "The configurations for SQS subscriber notification. The members of this structure are context-dependent.", + "title": "SqsNotificationConfiguration", + "type": "object" } }, - "required": [ - "Region" - ], "type": "object" }, - "AWS::SecretsManager::SecretTargetAttachment": { + "AWS::ServiceCatalog::AcceptedPortfolioShare": { "additionalProperties": false, "properties": { "Condition": { @@ -254604,32 +306389,25 @@ "Properties": { "additionalProperties": false, "properties": { - "SecretId": { - "markdownDescription": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition.", - "title": "SecretId", - "type": "string" - }, - "TargetId": { - "markdownDescription": "The ID of the database or cluster.", - "title": "TargetId", + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", "type": "string" }, - "TargetType": { - "markdownDescription": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster", - "title": "TargetType", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", "type": "string" } }, "required": [ - "SecretId", - "TargetId", - "TargetType" + "PortfolioId" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecretsManager::SecretTargetAttachment" + "AWS::ServiceCatalog::AcceptedPortfolioShare" ], "type": "string" }, @@ -254648,7 +306426,7 @@ ], "type": "object" }, - "AWS::SecurityHub::AutomationRule": { + "AWS::ServiceCatalog::CloudFormationProduct": { "additionalProperties": false, "properties": { "Condition": { @@ -254683,61 +306461,87 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesAction" - }, - "markdownDescription": "One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .", - "title": "Actions", - "type": "array" - }, - "Criteria": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters", - "markdownDescription": "A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.", - "title": "Criteria" + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" }, "Description": { - "markdownDescription": "A description of the rule.", + "markdownDescription": "The description of the product.", "title": "Description", "type": "string" }, - "IsTerminal": { - "markdownDescription": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.", - "title": "IsTerminal", + "Distributor": { + "markdownDescription": "The distributor of the product.", + "title": "Distributor", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the product.", + "title": "Name", + "type": "string" + }, + "Owner": { + "markdownDescription": "The owner of the product.", + "title": "Owner", + "type": "string" + }, + "ProductType": { + "markdownDescription": "The type of product.", + "title": "ProductType", + "type": "string" + }, + "ProvisioningArtifactParameters": { + "items": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties" + }, + "markdownDescription": "The configuration of the provisioning artifact (also known as a version).", + "title": "ProvisioningArtifactParameters", + "type": "array" + }, + "ReplaceProvisioningArtifacts": { + "markdownDescription": "This property is turned off by default. If turned off, you can update provisioning artifacts or product attributes (such as description, distributor, name, owner, and more) and the associated provisioning artifacts will retain the same unique identifier. Provisioning artifacts are matched within the CloudFormationProduct resource, and only those that have been updated will be changed. Provisioning artifacts are matched by a combinaton of provisioning artifact template URL and name.\n\nIf turned on, provisioning artifacts will be given a new unique identifier when you update the product or provisioning artifacts.", + "title": "ReplaceProvisioningArtifacts", "type": "boolean" }, - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", + "SourceConnection": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.SourceConnection", + "markdownDescription": "A top level `ProductViewDetail` response containing details about the product\u2019s connection. AWS Service Catalog returns this field for the `CreateProduct` , `UpdateProduct` , `DescribeProductAsAdmin` , and `SearchProductAsAdmin` APIs. This response contains the same fields as the `ConnectionParameters` request, with the addition of the `LastSync` response.", + "title": "SourceConnection" + }, + "SupportDescription": { + "markdownDescription": "The support information about the product.", + "title": "SupportDescription", "type": "string" }, - "RuleOrder": { - "markdownDescription": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.", - "title": "RuleOrder", - "type": "number" + "SupportEmail": { + "markdownDescription": "The contact email for product support.", + "title": "SupportEmail", + "type": "string" }, - "RuleStatus": { - "markdownDescription": "Whether the rule is active after it is created. If this parameter is equal to `ENABLED` , Security Hub applies the rule to findings and finding updates after the rule is created.", - "title": "RuleStatus", + "SupportUrl": { + "markdownDescription": "The contact URL for product support.\n\n`^https?:\\/\\//` / is the pattern used to validate SupportUrl.", + "title": "SupportUrl", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "User-defined tags associated with an automation rule.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "One or more tags.", "title": "Tags", - "type": "object" + "type": "array" } }, + "required": [ + "Name", + "Owner" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::AutomationRule" + "AWS::ServiceCatalog::CloudFormationProduct" ], "type": "string" }, @@ -254751,563 +306555,395 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.AutomationRulesAction": { + "AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters": { "additionalProperties": false, "properties": { - "FindingFieldsUpdate": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate", - "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", - "title": "FindingFieldsUpdate" + "ArtifactPath": { + "markdownDescription": "The absolute path wehre the artifact resides within the repo and branch, formatted as \"folder/file.json.\"", + "title": "ArtifactPath", + "type": "string" }, - "Type": { - "markdownDescription": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.", - "title": "Type", + "Branch": { + "markdownDescription": "The specific branch where the artifact resides.", + "title": "Branch", + "type": "string" + }, + "ConnectionArn": { + "markdownDescription": "The CodeStar ARN, which is the connection between AWS Service Catalog and the external repository.", + "title": "ConnectionArn", + "type": "string" + }, + "Repository": { + "markdownDescription": "The specific repository where the product\u2019s artifact-to-be-synced resides, formatted as \"Account/Repo.\"", + "title": "Repository", "type": "string" } }, "required": [ - "FindingFieldsUpdate", - "Type" + "ArtifactPath", + "Branch", + "ConnectionArn", + "Repository" ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate": { + "AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters": { "additionalProperties": false, "properties": { - "Confidence": { - "markdownDescription": "The rule action updates the `Confidence` field of a finding.", - "title": "Confidence", - "type": "number" - }, - "Criticality": { - "markdownDescription": "The rule action updates the `Criticality` field of a finding.", - "title": "Criticality", - "type": "number" - }, - "Note": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NoteUpdate", - "markdownDescription": "The rule action will update the `Note` field of a finding.", - "title": "Note" - }, - "RelatedFindings": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.RelatedFinding" - }, - "markdownDescription": "The rule action will update the `RelatedFindings` field of a finding.", - "title": "RelatedFindings", - "type": "array" - }, - "Severity": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.SeverityUpdate", - "markdownDescription": "The rule action will update the `Severity` field of a finding.", - "title": "Severity" - }, - "Types": { - "items": { - "type": "string" - }, - "markdownDescription": "The rule action updates the `Types` field of a finding.", - "title": "Types", - "type": "array" - }, - "UserDefinedFields": { - "additionalProperties": true, - "markdownDescription": "The rule action updates the `UserDefinedFields` field of a finding.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "UserDefinedFields", - "type": "object" - }, - "VerificationState": { - "markdownDescription": "The rule action updates the `VerificationState` field of a finding.", - "title": "VerificationState", - "type": "string" - }, - "Workflow": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.WorkflowUpdate", - "markdownDescription": "The rule action will update the `Workflow` field of a finding.", - "title": "Workflow" + "CodeStar": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters", + "markdownDescription": "Provides `ConnectionType` details.", + "title": "CodeStar" } }, "type": "object" }, - "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters": { + "AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The AWS account ID in which a finding was generated.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "AwsAccountId", - "type": "array" - }, - "CompanyName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The name of the company for the product that generated the finding. For control-based findings, the company is AWS .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "CompanyName", - "type": "array" - }, - "ComplianceAssociatedStandardsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ComplianceAssociatedStandardsId", - "type": "array" - }, - "ComplianceSecurityControlId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The security control ID for which a finding was generated. Security control IDs are the same across standards.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ComplianceSecurityControlId", - "type": "array" - }, - "ComplianceStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The result of a security check. This field is only used for findings generated from controls.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ComplianceStatus", - "type": "array" - }, - "Confidence": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" - }, - "markdownDescription": "The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. `Confidence` is scored on a 0\u2013100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Confidence", - "type": "array" - }, - "CreatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when this finding record was created.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "CreatedAt", - "type": "array" - }, - "Criticality": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" - }, - "markdownDescription": "The level of importance that is assigned to the resources that are associated with a finding. `Criticality` is scored on a 0\u2013100 basis, using a ratio scale that supports only full integers. A score of `0` means that the underlying resources have no criticality, and a score of `100` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Criticality", - "type": "array" - }, "Description": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "A finding's description.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "markdownDescription": "The description of the provisioning artifact, including how it differs from the previous provisioning artifact.", "title": "Description", - "type": "array" - }, - "FirstObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "FirstObservedAt", - "type": "array" - }, - "GeneratorId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The identifier for the solution-specific component that generated a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "GeneratorId", - "type": "array" - }, - "Id": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The product-specific identifier for a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Id", - "type": "array" - }, - "LastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "LastObservedAt", - "type": "array" - }, - "NoteText": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The text of a user-defined note that's added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "NoteText", - "type": "array" - }, - "NoteUpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "The timestamp of when the note was updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "NoteUpdatedAt", - "type": "array" - }, - "NoteUpdatedBy": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The principal that created a note.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "NoteUpdatedBy", - "type": "array" - }, - "ProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ProductArn", - "type": "array" - }, - "ProductName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ProductName", - "type": "array" - }, - "RecordState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides the current state of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "RecordState", - "type": "array" - }, - "RelatedFindingsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "RelatedFindingsId", - "type": "array" - }, - "RelatedFindingsProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The ARN for the product that generated a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "RelatedFindingsProductArn", - "type": "array" - }, - "ResourceDetailsOther": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" - }, - "markdownDescription": "Custom fields and values about the resource that a finding pertains to.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourceDetailsOther", - "type": "array" - }, - "ResourceId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non- AWS resources, this is a unique identifier that is associated with the resource.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "ResourceId", - "type": "array" - }, - "ResourcePartition": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions . Each AWS account is scoped to one partition.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourcePartition", - "type": "array" - }, - "ResourceRegion": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The AWS Region where the resource that a finding pertains to is located.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourceRegion", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" - }, - "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourceTags", - "type": "array" - }, - "ResourceType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "ResourceType", - "type": "array" + "type": "string" }, - "SeverityLabel": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The severity value of the finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "SeverityLabel", - "type": "array" + "DisableTemplateValidation": { + "markdownDescription": "If set to true, AWS Service Catalog stops validating the specified provisioning artifact even if it is invalid.", + "title": "DisableTemplateValidation", + "type": "boolean" }, - "SourceUrl": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides a URL that links to a page about the current finding in the finding product.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "SourceUrl", - "type": "array" + "Info": { + "markdownDescription": "Specify the template source with one of the following options, but not both. Keys accepted: [ `LoadTemplateFromURL` , `ImportFromPhysicalId` ]\n\nThe URL of the AWS CloudFormation template in Amazon S3 in JSON format. Specify the URL in JSON format as follows:\n\n`\"LoadTemplateFromURL\": \"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/...\"`\n\n`ImportFromPhysicalId` : The physical id of the resource that contains the template. Currently only supports AWS CloudFormation stack arn. Specify the physical id in JSON format as follows: `ImportFromPhysicalId: \u201carn:aws:cloudformation:[us-east-1]:[accountId]:stack/[StackName]/[resourceId]`", + "title": "Info", + "type": "object" }, - "Title": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "Title", - "type": "array" + "Name": { + "markdownDescription": "The name of the provisioning artifact (for example, v1 v2beta). No spaces are allowed.", + "title": "Name", + "type": "string" }, "Type": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "markdownDescription": "The type of provisioning artifact.\n\n- `CLOUD_FORMATION_TEMPLATE` - AWS CloudFormation template\n- `TERRAFORM_OPEN_SOURCE` - Terraform Open Source configuration file\n- `TERRAFORM_CLOUD` - Terraform Cloud configuration file\n- `EXTERNAL` - External configuration file", "title": "Type", - "type": "array" - }, - "UpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the finding record was most recently updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "UpdatedAt", - "type": "array" - }, - "UserDefinedFields": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" - }, - "markdownDescription": "A list of user-defined name and value string pairs added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "UserDefinedFields", - "type": "array" - }, - "VerificationState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides the veracity of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "VerificationState", - "type": "array" - }, - "WorkflowStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides information about the status of the investigation into a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "WorkflowStatus", - "type": "array" + "type": "string" } }, + "required": [ + "Info" + ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.DateFilter": { + "AWS::ServiceCatalog::CloudFormationProduct.SourceConnection": { "additionalProperties": false, "properties": { - "DateRange": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateRange", - "markdownDescription": "A date range for the date filter.", - "title": "DateRange" - }, - "End": { - "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "End", - "type": "string" + "ConnectionParameters": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters", + "markdownDescription": "The connection details based on the connection `Type` .", + "title": "ConnectionParameters" }, - "Start": { - "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "Start", + "Type": { + "markdownDescription": "The only supported `SourceConnection` type is Codestar.", + "title": "Type", "type": "string" } }, + "required": [ + "ConnectionParameters", + "Type" + ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.DateRange": { + "AWS::ServiceCatalog::CloudFormationProvisionedProduct": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "A date range unit for the date filter.", - "title": "Unit", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "A date range value for the date filter.", - "title": "Value", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "NotificationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Passed to AWS CloudFormation . The SNS topic ARNs to which to publish stack-related events.", + "title": "NotificationArns", + "type": "array" + }, + "PathId": { + "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", + "title": "PathId", + "type": "string" + }, + "PathName": { + "markdownDescription": "The name of the path. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", + "title": "PathName", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.\n\n> You must specify either the ID or the name of the product, but not both.", + "title": "ProductId", + "type": "string" + }, + "ProductName": { + "markdownDescription": "The name of the Service Catalog product.\n\nEach time a stack is created or updated, if `ProductName` is provided it will successfully resolve to `ProductId` as long as only one product exists in the account or Region with that `ProductName` .\n\n> You must specify either the name or the ID of the product, but not both.", + "title": "ProductName", + "type": "string" + }, + "ProvisionedProductName": { + "markdownDescription": "A user-friendly name for the provisioned product. This value must be unique for the AWS account and cannot be updated after the product is provisioned.", + "title": "ProvisionedProductName", + "type": "string" + }, + "ProvisioningArtifactId": { + "markdownDescription": "The identifier of the provisioning artifact (also known as a version).\n\n> You must specify either the ID or the name of the provisioning artifact, but not both.", + "title": "ProvisioningArtifactId", + "type": "string" + }, + "ProvisioningArtifactName": { + "markdownDescription": "The name of the provisioning artifact (also known as a version) for the product. This name must be unique for the product.\n\n> You must specify either the name or the ID of the provisioning artifact, but not both. You must also specify either the name or the ID of the product, but not both.", + "title": "ProvisioningArtifactName", + "type": "string" + }, + "ProvisioningParameters": { + "items": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter" + }, + "markdownDescription": "Parameters specified by the administrator that are required for provisioning the product.", + "title": "ProvisioningParameters", + "type": "array" + }, + "ProvisioningPreferences": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences", + "markdownDescription": "StackSet preferences that are required for provisioning the product or updating a provisioned product.", + "title": "ProvisioningPreferences" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags.\n\n> Requires the provisioned product to have an [ResourceUpdateConstraint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-resourceupdateconstraint.html) resource with `TagUpdatesOnProvisionedProduct` set to `ALLOWED` to allow tag updates. If `RESOURCE_UPDATE` constraint is not present, tags updates are ignored.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::CloudFormationProvisionedProduct" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Unit", - "Value" + "Type" ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.MapFilter": { + "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", - "type": "string" - }, "Key": { - "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "markdownDescription": "The parameter key.", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "markdownDescription": "The parameter value.", "title": "Value", "type": "string" } }, "required": [ - "Comparison", "Key", "Value" ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.NoteUpdate": { + "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The updated note text.", - "title": "Text", - "type": "string" + "StackSetAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more AWS accounts where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified accounts should be within the list of accounts from the `STACKSET` constraint. To get the list of accounts in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all acounts from the `STACKSET` constraint.", + "title": "StackSetAccounts", + "type": "array" }, - "UpdatedBy": { - "markdownDescription": "The principal that updated the note.", - "title": "UpdatedBy", - "type": "object" - } - }, - "required": [ - "Text", - "UpdatedBy" - ], - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.NumberFilter": { - "additionalProperties": false, - "properties": { - "Eq": { - "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", - "title": "Eq", + "StackSetFailureToleranceCount": { + "markdownDescription": "The number of accounts, per Region, for which this operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.\n\nThe default value is `0` if no value is specified.", + "title": "StackSetFailureToleranceCount", "type": "number" }, - "Gte": { - "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", - "title": "Gte", + "StackSetFailureTolerancePercentage": { + "markdownDescription": "The percentage of accounts, per Region, for which this stack operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.", + "title": "StackSetFailureTolerancePercentage", "type": "number" }, - "Lte": { - "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", - "title": "Lte", + "StackSetMaxConcurrencyCount": { + "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `StackSetFailureToleranceCount` . `StackSetMaxConcurrentCount` is at most one more than the `StackSetFailureToleranceCount` .\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", + "title": "StackSetMaxConcurrencyCount", "type": "number" - } - }, - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.RelatedFinding": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Id", - "type": "object" }, - "ProductArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the product that generated a related finding.", - "title": "ProductArn", + "StackSetMaxConcurrencyPercentage": { + "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, AWS Service Catalog sets the number as `1` instead.\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", + "title": "StackSetMaxConcurrencyPercentage", + "type": "number" + }, + "StackSetOperationType": { + "markdownDescription": "Determines what action AWS Service Catalog performs to a stack set or a stack instance represented by the provisioned product. The default value is `UPDATE` if nothing is specified.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\n- **CREATE** - Creates a new stack instance in the stack set represented by the provisioned product. In this case, only new stack instances are created based on accounts and Regions; if new ProductId or ProvisioningArtifactID are passed, they will be ignored.\n- **UPDATE** - Updates the stack set represented by the provisioned product and also its stack instances.\n- **DELETE** - Deletes a stack instance in the stack set represented by the provisioned product.", + "title": "StackSetOperationType", "type": "string" + }, + "StackSetRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", + "title": "StackSetRegions", + "type": "array" } }, - "required": [ - "Id", - "ProductArn" - ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.SeverityUpdate": { + "AWS::ServiceCatalog::LaunchNotificationConstraint": { "additionalProperties": false, "properties": { - "Label": { - "markdownDescription": "The severity value of the finding. The allowed values are the following.\n\n- `INFORMATIONAL` - No issue was found.\n- `LOW` - The issue does not require action on its own.\n- `MEDIUM` - The issue must be addressed but not urgently.\n- `HIGH` - The issue must be addressed as a priority.\n- `CRITICAL` - The issue must be remediated immediately to avoid it escalating.", - "title": "Label", + "Condition": { "type": "string" }, - "Normalized": { - "markdownDescription": "The normalized severity for the finding. This attribute is to be deprecated in favor of `Label` .\n\nIf you provide `Normalized` and don't provide `Label` , `Label` is set automatically as follows.\n\n- 0 - `INFORMATIONAL`\n- 1\u201339 - `LOW`\n- 40\u201369 - `MEDIUM`\n- 70\u201389 - `HIGH`\n- 90\u2013100 - `CRITICAL`", - "title": "Normalized", - "type": "number" - }, - "Product": { - "markdownDescription": "The native severity as defined by the AWS service or integrated partner product that generated the finding.", - "title": "Product", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.StringFilter": { - "additionalProperties": false, - "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Value": { - "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", - "title": "Value", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "NotificationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The notification ARNs.", + "title": "NotificationArns", + "type": "array" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + } + }, + "required": [ + "NotificationArns", + "PortfolioId", + "ProductId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::LaunchNotificationConstraint" + ], "type": "string" - } - }, - "required": [ - "Comparison", - "Value" - ], - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.WorkflowUpdate": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the same issue.\n\nThe allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets `WorkFlowStatus` from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- The record state changes from `ARCHIVED` to `ACTIVE` .\n- The compliance status changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated.", - "title": "Status", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Status" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityHub::DelegatedAdmin": { + "AWS::ServiceCatalog::LaunchRoleConstraint": { "additionalProperties": false, "properties": { "Condition": { @@ -255342,20 +306978,46 @@ "Properties": { "additionalProperties": false, "properties": { - "AdminAccountId": { - "markdownDescription": "The AWS account identifier of the account to designate as the Security Hub administrator account.", - "title": "AdminAccountId", + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "LocalRoleName": { + "markdownDescription": "You are required to specify either the `RoleArn` or the `LocalRoleName` but can't use both.\n\nIf you specify the `LocalRoleName` property, when an account uses the launch constraint, the IAM role with that name in the account will be used. This allows launch-role constraints to be account-agnostic so the administrator can create fewer resources per shared account.\n\nThe given role name must exist in the account used to create the launch constraint and the account of the user who launches a product with this launch constraint.", + "title": "LocalRoleName", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the launch role.\n\nYou are required to specify `RoleArn` or `LocalRoleName` but can't use both.", + "title": "RoleArn", "type": "string" } }, "required": [ - "AdminAccountId" + "PortfolioId", + "ProductId" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::DelegatedAdmin" + "AWS::ServiceCatalog::LaunchRoleConstraint" ], "type": "string" }, @@ -255374,7 +307036,7 @@ ], "type": "object" }, - "AWS::SecurityHub::Hub": { + "AWS::ServiceCatalog::LaunchTemplateConstraint": { "additionalProperties": false, "properties": { "Condition": { @@ -255409,38 +307071,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoEnableControls": { - "markdownDescription": "Whether to automatically enable new controls when they are added to standards that are enabled.\n\nBy default, this is set to `true` , and new controls are enabled automatically. To not automatically enable new controls, set this to `false` .\n\nWhen you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of `DISABLED` . It can take up to several days for Security Hub to process the control release and designate the control as `ENABLED` in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have `AutoEnableControls` set to `true` .", - "title": "AutoEnableControls", - "type": "boolean" + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" }, - "ControlFindingGenerator": { - "markdownDescription": "Specifies whether an account has consolidated control findings turned on or off. If the value for this field is set to `SECURITY_CONTROL` , Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards.\n\nIf the value for this field is set to `STANDARD_CONTROL` , Security Hub generates separate findings for a control check when the check applies to multiple enabled standards.\n\nThe value for this field in a member account matches the value in the administrator account. For accounts that aren't part of an organization, the default value of this field is `SECURITY_CONTROL` if you enabled Security Hub on or after February 23, 2023.", - "title": "ControlFindingGenerator", + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", "type": "string" }, - "EnableDefaultStandards": { - "markdownDescription": "Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for `EnableDefaultStandards` , it is set to `true` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set `EnableDefaultStandards` to `false` .\n\nCurrently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).", - "title": "EnableDefaultStandards", - "type": "boolean" + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "Rules": { + "markdownDescription": "The constraint rules.", + "title": "Rules", + "type": "string" } }, + "required": [ + "PortfolioId", + "ProductId", + "Rules" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::Hub" + "AWS::ServiceCatalog::LaunchTemplateConstraint" ], "type": "string" }, @@ -255454,11 +307120,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityHub::Insight": { + "AWS::ServiceCatalog::Portfolio": { "additionalProperties": false, "properties": { "Condition": { @@ -255493,993 +307160,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Filters": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.AwsSecurityFindingFilters", - "markdownDescription": "One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters. You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.", - "title": "Filters" - }, - "GroupByAttribute": { - "markdownDescription": "The grouping attribute for the insight's findings. Indicates how to group the matching findings, and identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.", - "title": "GroupByAttribute", + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", "type": "string" }, - "Name": { - "markdownDescription": "The name of a Security Hub insight.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Filters", - "GroupByAttribute", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SecurityHub::Insight" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SecurityHub::Insight.AwsSecurityFindingFilters": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The AWS account ID in which a finding is generated.", - "title": "AwsAccountId", - "type": "array" - }, - "AwsAccountName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the AWS account in which a finding is generated.", - "title": "AwsAccountName", - "type": "array" - }, - "CompanyName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the findings provider (company) that owns the solution (product) that generates findings.", - "title": "CompanyName", - "type": "array" - }, - "ComplianceAssociatedStandardsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.", - "title": "ComplianceAssociatedStandardsId", - "type": "array" - }, - "ComplianceSecurityControlId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The unique identifier of a control across standards. Values for this field typically consist of an AWS service and a number, such as APIGateway.5.", - "title": "ComplianceSecurityControlId", - "type": "array" - }, - "ComplianceSecurityControlParametersName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of a security control parameter.", - "title": "ComplianceSecurityControlParametersName", - "type": "array" - }, - "ComplianceSecurityControlParametersValue": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The current value of a security control parameter.", - "title": "ComplianceSecurityControlParametersValue", - "type": "array" - }, - "ComplianceStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details.", - "title": "ComplianceStatus", - "type": "array" - }, - "Confidence": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", - "title": "Confidence", - "type": "array" - }, - "CreatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "CreatedAt", - "type": "array" - }, - "Criticality": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The level of importance assigned to the resources associated with the finding.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", - "title": "Criticality", - "type": "array" - }, - "Description": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "A finding's description.", - "title": "Description", - "type": "array" - }, - "FindingProviderFieldsConfidence": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", - "title": "FindingProviderFieldsConfidence", - "type": "array" - }, - "FindingProviderFieldsCriticality": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The finding provider value for the level of importance assigned to the resources associated with the findings.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", - "title": "FindingProviderFieldsCriticality", - "type": "array" - }, - "FindingProviderFieldsRelatedFindingsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The finding identifier of a related finding that is identified by the finding provider.", - "title": "FindingProviderFieldsRelatedFindingsId", - "type": "array" - }, - "FindingProviderFieldsRelatedFindingsProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The ARN of the solution that generated a related finding that is identified by the finding provider.", - "title": "FindingProviderFieldsRelatedFindingsProductArn", - "type": "array" - }, - "FindingProviderFieldsSeverityLabel": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The finding provider value for the severity label.", - "title": "FindingProviderFieldsSeverityLabel", - "type": "array" - }, - "FindingProviderFieldsSeverityOriginal": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The finding provider's original value for the severity.", - "title": "FindingProviderFieldsSeverityOriginal", - "type": "array" - }, - "FindingProviderFieldsTypes": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "One or more finding types that the finding provider assigned to the finding. Uses the format of `namespace/category/classifier` that classify a finding.\n\nValid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications", - "title": "FindingProviderFieldsTypes", - "type": "array" - }, - "FirstObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "FirstObservedAt", - "type": "array" - }, - "GeneratorId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.", - "title": "GeneratorId", - "type": "array" - }, - "Id": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The security findings provider-specific identifier for a finding.", - "title": "Id", - "type": "array" - }, - "LastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "LastObservedAt", - "type": "array" - }, - "MalwareName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the malware that was observed.", - "title": "MalwareName", - "type": "array" - }, - "MalwarePath": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The filesystem path of the malware that was observed.", - "title": "MalwarePath", - "type": "array" - }, - "MalwareState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The state of the malware that was observed.", - "title": "MalwareState", - "type": "array" - }, - "MalwareType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The type of the malware that was observed.", - "title": "MalwareType", - "type": "array" - }, - "NetworkDestinationDomain": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The destination domain of network-related information about a finding.", - "title": "NetworkDestinationDomain", - "type": "array" - }, - "NetworkDestinationIpV4": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The destination IPv4 address of network-related information about a finding.", - "title": "NetworkDestinationIpV4", - "type": "array" - }, - "NetworkDestinationIpV6": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The destination IPv6 address of network-related information about a finding.", - "title": "NetworkDestinationIpV6", - "type": "array" - }, - "NetworkDestinationPort": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The destination port of network-related information about a finding.", - "title": "NetworkDestinationPort", - "type": "array" - }, - "NetworkDirection": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Indicates the direction of network traffic associated with a finding.", - "title": "NetworkDirection", - "type": "array" - }, - "NetworkProtocol": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The protocol of network-related information about a finding.", - "title": "NetworkProtocol", - "type": "array" - }, - "NetworkSourceDomain": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The source domain of network-related information about a finding.", - "title": "NetworkSourceDomain", - "type": "array" - }, - "NetworkSourceIpV4": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The source IPv4 address of network-related information about a finding.", - "title": "NetworkSourceIpV4", - "type": "array" - }, - "NetworkSourceIpV6": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The source IPv6 address of network-related information about a finding.", - "title": "NetworkSourceIpV6", - "type": "array" - }, - "NetworkSourceMac": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The source media access control (MAC) address of network-related information about a finding.", - "title": "NetworkSourceMac", - "type": "array" - }, - "NetworkSourcePort": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The source port of network-related information about a finding.", - "title": "NetworkSourcePort", - "type": "array" - }, - "NoteText": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The text of a note.", - "title": "NoteText", - "type": "array" - }, - "NoteUpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "The timestamp of when the note was updated.", - "title": "NoteUpdatedAt", - "type": "array" - }, - "NoteUpdatedBy": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The principal that created a note.", - "title": "NoteUpdatedBy", - "type": "array" - }, - "ProcessLaunchedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that identifies when the process was launched.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ProcessLaunchedAt", - "type": "array" - }, - "ProcessName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the process.", - "title": "ProcessName", - "type": "array" - }, - "ProcessParentPid": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The parent process ID. This field accepts positive integers between `O` and `2147483647` .", - "title": "ProcessParentPid", - "type": "array" - }, - "ProcessPath": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The path to the process executable.", - "title": "ProcessPath", - "type": "array" - }, - "ProcessPid": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The process ID.", - "title": "ProcessPid", - "type": "array" - }, - "ProcessTerminatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that identifies when the process was terminated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ProcessTerminatedAt", - "type": "array" - }, - "ProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.", - "title": "ProductArn", - "type": "array" - }, - "ProductFields": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" - }, - "markdownDescription": "A data type where security findings providers can include additional solution-specific details that aren't part of the defined `AwsSecurityFinding` format.", - "title": "ProductFields", - "type": "array" - }, - "ProductName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the solution (product) that generates findings.", - "title": "ProductName", - "type": "array" - }, - "RecommendationText": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The recommendation of what to do about the issue described in a finding.", - "title": "RecommendationText", - "type": "array" - }, - "RecordState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The updated record state for the finding.", - "title": "RecordState", - "type": "array" - }, - "Region": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The Region from which the finding was generated.", - "title": "Region", - "type": "array" - }, - "RelatedFindingsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The solution-generated identifier for a related finding.", - "title": "RelatedFindingsId", - "type": "array" - }, - "RelatedFindingsProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The ARN of the solution that generated a related finding.", - "title": "RelatedFindingsProductArn", - "type": "array" - }, - "ResourceApplicationArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The ARN of the application that is related to a finding.", - "title": "ResourceApplicationArn", - "type": "array" - }, - "ResourceApplicationName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the application that is related to a finding.", - "title": "ResourceApplicationName", - "type": "array" - }, - "ResourceAwsEc2InstanceIamInstanceProfileArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The IAM profile ARN of the instance.", - "title": "ResourceAwsEc2InstanceIamInstanceProfileArn", - "type": "array" - }, - "ResourceAwsEc2InstanceImageId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The Amazon Machine Image (AMI) ID of the instance.", - "title": "ResourceAwsEc2InstanceImageId", - "type": "array" - }, - "ResourceAwsEc2InstanceIpV4Addresses": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The IPv4 addresses associated with the instance.", - "title": "ResourceAwsEc2InstanceIpV4Addresses", - "type": "array" - }, - "ResourceAwsEc2InstanceIpV6Addresses": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The IPv6 addresses associated with the instance.", - "title": "ResourceAwsEc2InstanceIpV6Addresses", - "type": "array" - }, - "ResourceAwsEc2InstanceKeyName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The key name associated with the instance.", - "title": "ResourceAwsEc2InstanceKeyName", - "type": "array" - }, - "ResourceAwsEc2InstanceLaunchedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "The date and time the instance was launched.", - "title": "ResourceAwsEc2InstanceLaunchedAt", - "type": "array" - }, - "ResourceAwsEc2InstanceSubnetId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier of the subnet that the instance was launched in.", - "title": "ResourceAwsEc2InstanceSubnetId", - "type": "array" - }, - "ResourceAwsEc2InstanceType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The instance type of the instance.", - "title": "ResourceAwsEc2InstanceType", - "type": "array" - }, - "ResourceAwsEc2InstanceVpcId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier of the VPC that the instance was launched in.", - "title": "ResourceAwsEc2InstanceVpcId", - "type": "array" - }, - "ResourceAwsIamAccessKeyCreatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "The creation date/time of the IAM access key related to a finding.", - "title": "ResourceAwsIamAccessKeyCreatedAt", - "type": "array" - }, - "ResourceAwsIamAccessKeyPrincipalName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the principal that is associated with an IAM access key.", - "title": "ResourceAwsIamAccessKeyPrincipalName", - "type": "array" - }, - "ResourceAwsIamAccessKeyStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The status of the IAM access key related to a finding.", - "title": "ResourceAwsIamAccessKeyStatus", - "type": "array" - }, - "ResourceAwsIamUserUserName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of an IAM user.", - "title": "ResourceAwsIamUserUserName", - "type": "array" - }, - "ResourceAwsS3BucketOwnerId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The canonical user ID of the owner of the S3 bucket.", - "title": "ResourceAwsS3BucketOwnerId", - "type": "array" - }, - "ResourceAwsS3BucketOwnerName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The display name of the owner of the S3 bucket.", - "title": "ResourceAwsS3BucketOwnerName", - "type": "array" - }, - "ResourceContainerImageId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier of the image related to a finding.", - "title": "ResourceContainerImageId", - "type": "array" - }, - "ResourceContainerImageName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the image related to a finding.", - "title": "ResourceContainerImageName", - "type": "array" - }, - "ResourceContainerLaunchedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that identifies when the container was started.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ResourceContainerLaunchedAt", - "type": "array" - }, - "ResourceContainerName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the container related to a finding.", - "title": "ResourceContainerName", - "type": "array" - }, - "ResourceDetailsOther": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" - }, - "markdownDescription": "The details of a resource that doesn't have a specific subfield for the resource type defined.", - "title": "ResourceDetailsOther", - "type": "array" - }, - "ResourceId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The canonical identifier for the given resource type.", - "title": "ResourceId", - "type": "array" - }, - "ResourcePartition": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The canonical AWS partition name that the Region is assigned to.", - "title": "ResourcePartition", - "type": "array" - }, - "ResourceRegion": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The canonical AWS external Region name where this resource is located.", - "title": "ResourceRegion", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" - }, - "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.", - "title": "ResourceTags", - "type": "array" - }, - "ResourceType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Specifies the type of the resource that details are provided for.", - "title": "ResourceType", - "type": "array" - }, - "Sample": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.BooleanFilter" - }, - "markdownDescription": "Indicates whether or not sample findings are included in the filter results.", - "title": "Sample", - "type": "array" - }, - "SeverityLabel": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The label of a finding's severity.", - "title": "SeverityLabel", - "type": "array" - }, - "SourceUrl": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "A URL that links to a page about the current finding in the security findings provider's solution.", - "title": "SourceUrl", - "type": "array" - }, - "ThreatIntelIndicatorCategory": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The category of a threat intelligence indicator.", - "title": "ThreatIntelIndicatorCategory", - "type": "array" - }, - "ThreatIntelIndicatorLastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that identifies the last observation of a threat intelligence indicator.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ThreatIntelIndicatorLastObservedAt", - "type": "array" - }, - "ThreatIntelIndicatorSource": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The source of the threat intelligence.", - "title": "ThreatIntelIndicatorSource", - "type": "array" - }, - "ThreatIntelIndicatorSourceUrl": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The URL for more details from the source of the threat intelligence.", - "title": "ThreatIntelIndicatorSourceUrl", - "type": "array" - }, - "ThreatIntelIndicatorType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The type of a threat intelligence indicator.", - "title": "ThreatIntelIndicatorType", - "type": "array" - }, - "ThreatIntelIndicatorValue": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The value of a threat intelligence indicator.", - "title": "ThreatIntelIndicatorValue", - "type": "array" - }, - "Title": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "A finding's title.", - "title": "Title", - "type": "array" - }, - "Type": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "A finding type in the format of `namespace/category/classifier` that classifies a finding.", - "title": "Type", - "type": "array" - }, - "UpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider last updated the finding record.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "UpdatedAt", - "type": "array" - }, - "UserDefinedFields": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" - }, - "markdownDescription": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.", - "title": "UserDefinedFields", - "type": "array" - }, - "VerificationState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The veracity of a finding.", - "title": "VerificationState", - "type": "array" - }, - "VulnerabilitiesExploitAvailable": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Indicates whether a software vulnerability in your environment has a known exploit. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", - "title": "VulnerabilitiesExploitAvailable", - "type": "array" - }, - "VulnerabilitiesFixAvailable": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Indicates whether a vulnerability is fixed in a newer version of the affected software packages. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", - "title": "VulnerabilitiesFixAvailable", - "type": "array" - }, - "WorkflowState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The workflow state of a finding.\n\nNote that this field is deprecated. To search for a finding based on its workflow status, use `WorkflowStatus` .", - "title": "WorkflowState", - "type": "array" - }, - "WorkflowStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The status of the investigation into a finding. Allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets the workflow status from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n\nIf one of the following occurs, the workflow status is changed automatically from `NOTIFIED` to `NEW` :\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed.\n\nThe workflow status of a `SUPPRESSED` finding does not change if `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n\nThe finding remains `RESOLVED` unless one of the following occurs:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n\nIn those cases, the workflow status is automatically reset to `NEW` .\n\nFor findings from controls, if `Compliance.Status` is `PASSED` , then Security Hub automatically sets the workflow status to `RESOLVED` .", - "title": "WorkflowStatus", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SecurityHub::Insight.BooleanFilter": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The value of the boolean.", - "title": "Value", - "type": "boolean" - } - }, - "required": [ - "Value" - ], - "type": "object" - }, - "AWS::SecurityHub::Insight.DateFilter": { - "additionalProperties": false, - "properties": { - "DateRange": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateRange", - "markdownDescription": "A date range for the date filter.", - "title": "DateRange" - }, - "End": { - "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "Start", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityHub::Insight.DateRange": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "A date range unit for the date filter.", - "title": "Unit", - "type": "string" - }, - "Value": { - "markdownDescription": "A date range value for the date filter.", - "title": "Value", - "type": "number" - } - }, - "required": [ - "Unit", - "Value" - ], - "type": "object" - }, - "AWS::SecurityHub::Insight.IpFilter": { - "additionalProperties": false, - "properties": { - "Cidr": { - "markdownDescription": "A finding's CIDR value.", - "title": "Cidr", - "type": "string" - } - }, - "required": [ - "Cidr" - ], - "type": "object" - }, - "AWS::SecurityHub::Insight.MapFilter": { - "additionalProperties": false, - "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", - "type": "string" - }, - "Key": { - "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Comparison", - "Key", - "Value" - ], - "type": "object" - }, - "AWS::SecurityHub::Insight.NumberFilter": { - "additionalProperties": false, - "properties": { - "Eq": { - "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", - "title": "Eq", - "type": "number" - }, - "Gte": { - "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", - "title": "Gte", - "type": "number" + "Description": { + "markdownDescription": "The description of the portfolio.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name to use for display purposes.", + "title": "DisplayName", + "type": "string" + }, + "ProviderName": { + "markdownDescription": "The name of the portfolio provider.", + "title": "ProviderName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DisplayName", + "ProviderName" + ], + "type": "object" }, - "Lte": { - "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", - "title": "Lte", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SecurityHub::Insight.StringFilter": { - "additionalProperties": false, - "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", + "Type": { + "enum": [ + "AWS::ServiceCatalog::Portfolio" + ], "type": "string" }, - "Value": { - "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Comparison", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityHub::ProductSubscription": { + "AWS::ServiceCatalog::PortfolioPrincipalAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -256514,20 +307251,37 @@ "Properties": { "additionalProperties": false, "properties": { - "ProductArn": { - "markdownDescription": "The ARN of the product to enable the integration for.", - "title": "ProductArn", + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "PrincipalARN": { + "markdownDescription": "The ARN of the principal ( IAM user, role, or group).", + "title": "PrincipalARN", + "type": "string" + }, + "PrincipalType": { + "markdownDescription": "The principal type. The supported values are `IAM` and `IAM_PATTERN` .", + "title": "PrincipalType", "type": "string" } }, "required": [ - "ProductArn" + "PortfolioId", + "PrincipalARN", + "PrincipalType" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::ProductSubscription" + "AWS::ServiceCatalog::PortfolioPrincipalAssociation" ], "type": "string" }, @@ -256546,7 +307300,7 @@ ], "type": "object" }, - "AWS::SecurityHub::Standard": { + "AWS::ServiceCatalog::PortfolioProductAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -256581,28 +307335,36 @@ "Properties": { "additionalProperties": false, "properties": { - "DisabledStandardsControls": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Standard.StandardsControl" - }, - "markdownDescription": "Specifies which controls are to be disabled in a standard.\n\n*Maximum* : `100`", - "title": "DisabledStandardsControls", - "type": "array" + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" }, - "StandardsArn": { - "markdownDescription": "The ARN of the standard that you want to enable. To view a list of available Security Hub standards and their ARNs, use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.", - "title": "StandardsArn", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "SourcePortfolioId": { + "markdownDescription": "The identifier of the source portfolio.", + "title": "SourcePortfolioId", "type": "string" } }, "required": [ - "StandardsArn" + "PortfolioId", + "ProductId" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::Standard" + "AWS::ServiceCatalog::PortfolioProductAssociation" ], "type": "string" }, @@ -256621,26 +307383,7 @@ ], "type": "object" }, - "AWS::SecurityHub::Standard.StandardsControl": { - "additionalProperties": false, - "properties": { - "Reason": { - "markdownDescription": "A user-defined reason for changing a control's enablement status in a specified standard. If you are disabling a control, then this property is required.", - "title": "Reason", - "type": "string" - }, - "StandardsControlArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control.", - "title": "StandardsControlArn", - "type": "string" - } - }, - "required": [ - "StandardsControlArn" - ], - "type": "object" - }, - "AWS::SecurityLake::AwsLogSource": { + "AWS::ServiceCatalog::PortfolioShare": { "additionalProperties": false, "properties": { "Condition": { @@ -256675,40 +307418,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Accounts": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify the AWS account information where you want to enable Security Lake.", - "title": "Accounts", - "type": "array" - }, - "DataLakeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", - "title": "DataLakeArn", + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", "type": "string" }, - "SourceName": { - "markdownDescription": "The name for a AWS source. This must be a Regionally unique value. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", - "title": "SourceName", + "AccountId": { + "markdownDescription": "The AWS account ID. For example, `123456789012` .", + "title": "AccountId", "type": "string" }, - "SourceVersion": { - "markdownDescription": "The version for a AWS source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide. This must be a Regionally unique value.", - "title": "SourceVersion", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", "type": "string" + }, + "ShareTagOptions": { + "markdownDescription": "Indicates whether TagOptions sharing is enabled or disabled for the portfolio share.", + "title": "ShareTagOptions", + "type": "boolean" } }, "required": [ - "DataLakeArn", - "SourceName", - "SourceVersion" + "AccountId", + "PortfolioId" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityLake::AwsLogSource" + "AWS::ServiceCatalog::PortfolioShare" ], "type": "string" }, @@ -256727,7 +307466,7 @@ ], "type": "object" }, - "AWS::SecurityLake::DataLake": { + "AWS::ServiceCatalog::ResourceUpdateConstraint": { "additionalProperties": false, "properties": { "Condition": { @@ -256762,40 +307501,42 @@ "Properties": { "additionalProperties": false, "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.EncryptionConfiguration", - "markdownDescription": "Provides encryption details of the Amazon Security Lake object.", - "title": "EncryptionConfiguration" + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.LifecycleConfiguration", - "markdownDescription": "You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see [Lifecycle management](https://docs.aws.amazon.com//security-lake/latest/userguide/lifecycle-management.html) in the Amazon Security Lake User Guide.", - "title": "LifecycleConfiguration" + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" }, - "MetaStoreManagerRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.", - "title": "MetaStoreManagerRoleArn", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", "type": "string" }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.ReplicationConfiguration", - "markdownDescription": "Provides replication details of Amazon Security Lake object.", - "title": "ReplicationConfiguration" + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", - "title": "Tags", - "type": "array" + "TagUpdateOnProvisionedProduct": { + "markdownDescription": "If set to `ALLOWED` , lets users change tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.\n\nIf set to `NOT_ALLOWED` , prevents users from changing tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.", + "title": "TagUpdateOnProvisionedProduct", + "type": "string" } }, + "required": [ + "PortfolioId", + "ProductId", + "TagUpdateOnProvisionedProduct" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityLake::DataLake" + "AWS::ServiceCatalog::ResourceUpdateConstraint" ], "type": "string" }, @@ -256809,87 +307550,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityLake::DataLake.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The ID of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.", - "title": "KmsKeyId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.Expiration": { - "additionalProperties": false, - "properties": { - "Days": { - "markdownDescription": "The number of days before data expires in the Amazon Security Lake object.", - "title": "Days", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.LifecycleConfiguration": { - "additionalProperties": false, - "properties": { - "Expiration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.Expiration", - "markdownDescription": "Provides data expiration details of the Amazon Security Lake object.", - "title": "Expiration" - }, - "Transitions": { - "items": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.Transitions" - }, - "markdownDescription": "Provides data storage transition details of Amazon Security Lake object. By configuring these settings, you can specify your preferred Amazon S3 storage class and the time period for S3 objects to stay in that storage class before they transition to a different storage class.", - "title": "Transitions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.ReplicationConfiguration": { - "additionalProperties": false, - "properties": { - "Regions": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the `CreateDataLake` or `UpdateDataLake` operations contributes data to the rollup Region or Regions specified in this parameter.\n\nReplication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.", - "title": "Regions", - "type": "array" - }, - "RoleArn": { - "markdownDescription": "Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake , to ensure the replication setting is correct.", - "title": "RoleArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.Transitions": { - "additionalProperties": false, - "properties": { - "Days": { - "markdownDescription": "The number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.", - "title": "Days", - "type": "number" - }, - "StorageClass": { - "markdownDescription": "The list of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads. The default storage class is *S3 Standard* . For information about other storage classes, see [Setting the storage class of an object](https://docs.aws.amazon.com/AmazonS3/latest/userguide/sc-howtoset.html) in the *Amazon S3 User Guide* .", - "title": "StorageClass", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::Subscriber": { + "AWS::ServiceCatalog::ServiceAction": { "additionalProperties": false, "properties": { "Condition": { @@ -256924,63 +307590,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "You can choose to notify subscribers of new objects with an Amazon Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the subscriber.\n\nSubscribers can consume data by directly querying AWS Lake Formation tables in your Amazon S3 bucket through services like Amazon Athena. This subscription type is defined as `LAKEFORMATION` .", - "title": "AccessTypes", - "type": "array" - }, - "DataLakeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", - "title": "DataLakeArn", + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", "type": "string" }, - "Sources": { + "Definition": { "items": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.Source" + "$ref": "#/definitions/AWS::ServiceCatalog::ServiceAction.DefinitionParameter" }, - "markdownDescription": "Amazon Security Lake supports log and event collection for natively supported AWS services . For more information, see the [Amazon Security Lake User Guide](https://docs.aws.amazon.com//security-lake/latest/userguide/source-management.html) .", - "title": "Sources", + "markdownDescription": "A map that defines the self-service action.", + "title": "Definition", "type": "array" }, - "SubscriberDescription": { - "markdownDescription": "The subscriber descriptions for a subscriber account. The description for a subscriber includes `subscriberName` , `accountID` , `externalID` , and `subscriberId` .", - "title": "SubscriberDescription", + "DefinitionType": { + "markdownDescription": "The self-service action definition type. For example, `SSM_AUTOMATION` .", + "title": "DefinitionType", "type": "string" }, - "SubscriberIdentity": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.SubscriberIdentity", - "markdownDescription": "The AWS identity used to access your data.", - "title": "SubscriberIdentity" - }, - "SubscriberName": { - "markdownDescription": "The name of your Amazon Security Lake subscriber account.", - "title": "SubscriberName", + "Description": { + "markdownDescription": "The self-service action description.", + "title": "Description", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of objects, one for each tag to associate with the subscriber. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "The self-service action name.", + "title": "Name", + "type": "string" } }, "required": [ - "AccessTypes", - "DataLakeArn", - "Sources", - "SubscriberIdentity", - "SubscriberName" + "Definition", + "DefinitionType", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityLake::Subscriber" + "AWS::ServiceCatalog::ServiceAction" ], "type": "string" }, @@ -256999,75 +307647,27 @@ ], "type": "object" }, - "AWS::SecurityLake::Subscriber.AwsLogSource": { - "additionalProperties": false, - "properties": { - "SourceName": { - "markdownDescription": "Source name of the natively supported AWS service that is supported as an Amazon Security Lake source. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", - "title": "SourceName", - "type": "string" - }, - "SourceVersion": { - "markdownDescription": "Source version of the natively supported AWS service that is supported as an Amazon Security Lake source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide.", - "title": "SourceVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::Subscriber.CustomLogSource": { - "additionalProperties": false, - "properties": { - "SourceName": { - "markdownDescription": "The name of the custom log source.", - "title": "SourceName", - "type": "string" - }, - "SourceVersion": { - "markdownDescription": "The source version of the custom log source.", - "title": "SourceVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::Subscriber.Source": { - "additionalProperties": false, - "properties": { - "AwsLogSource": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.AwsLogSource", - "markdownDescription": "The natively supported AWS service which is used a Amazon Security Lake source to collect logs and events from.", - "title": "AwsLogSource" - }, - "CustomLogSource": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.CustomLogSource", - "markdownDescription": "The custom log source AWS which is used a Amazon Security Lake source to collect logs and events from.", - "title": "CustomLogSource" - } - }, - "type": "object" - }, - "AWS::SecurityLake::Subscriber.SubscriberIdentity": { + "AWS::ServiceCatalog::ServiceAction.DefinitionParameter": { "additionalProperties": false, "properties": { - "ExternalId": { - "markdownDescription": "The external ID is a unique identifier that the subscriber provides to you.", - "title": "ExternalId", + "Key": { + "markdownDescription": "The parameter key.", + "title": "Key", "type": "string" }, - "Principal": { - "markdownDescription": "Principals can include accounts, users, roles, federated users, or AWS services.", - "title": "Principal", + "Value": { + "markdownDescription": "The value of the parameter.", + "title": "Value", "type": "string" } }, "required": [ - "ExternalId", - "Principal" + "Key", + "Value" ], "type": "object" }, - "AWS::ServiceCatalog::AcceptedPortfolioShare": { + "AWS::ServiceCatalog::ServiceActionAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -257102,25 +307702,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", + "ProductId": { + "markdownDescription": "The product identifier. For example, `prod-abcdzk7xy33qa` .", + "title": "ProductId", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "ProvisioningArtifactId": { + "markdownDescription": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` .", + "title": "ProvisioningArtifactId", + "type": "string" + }, + "ServiceActionId": { + "markdownDescription": "The self-service action identifier. For example, `act-fs7abcd89wxyz` .", + "title": "ServiceActionId", "type": "string" } }, "required": [ - "PortfolioId" + "ProductId", + "ProvisioningArtifactId", + "ServiceActionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::AcceptedPortfolioShare" + "AWS::ServiceCatalog::ServiceActionAssociation" ], "type": "string" }, @@ -257139,7 +307746,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProduct": { + "AWS::ServiceCatalog::StackSetConstraint": { "additionalProperties": false, "properties": { "Condition": { @@ -257179,82 +307786,68 @@ "title": "AcceptLanguage", "type": "string" }, - "Description": { - "markdownDescription": "The description of the product.", - "title": "Description", - "type": "string" - }, - "Distributor": { - "markdownDescription": "The distributor of the product.", - "title": "Distributor", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the product.", - "title": "Name", - "type": "string" - }, - "Owner": { - "markdownDescription": "The owner of the product.", - "title": "Owner", - "type": "string" - }, - "ProductType": { - "markdownDescription": "The type of product.", - "title": "ProductType", - "type": "string" - }, - "ProvisioningArtifactParameters": { + "AccountList": { "items": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties" + "type": "string" }, - "markdownDescription": "The configuration of the provisioning artifact (also known as a version).", - "title": "ProvisioningArtifactParameters", + "markdownDescription": "One or more AWS accounts that will have access to the provisioned product.", + "title": "AccountList", "type": "array" }, - "ReplaceProvisioningArtifacts": { - "markdownDescription": "This property is turned off by default. If turned off, you can update provisioning artifacts or product attributes (such as description, distributor, name, owner, and more) and the associated provisioning artifacts will retain the same unique identifier. Provisioning artifacts are matched within the CloudFormationProduct resource, and only those that have been updated will be changed. Provisioning artifacts are matched by a combinaton of provisioning artifact template URL and name.\n\nIf turned on, provisioning artifacts will be given a new unique identifier when you update the product or provisioning artifacts.", - "title": "ReplaceProvisioningArtifacts", - "type": "boolean" + "AdminRole": { + "markdownDescription": "AdminRole ARN", + "title": "AdminRole", + "type": "string" }, - "SourceConnection": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.SourceConnection", - "markdownDescription": "A top level `ProductViewDetail` response containing details about the product\u2019s connection. AWS Service Catalog returns this field for the `CreateProduct` , `UpdateProduct` , `DescribeProductAsAdmin` , and `SearchProductAsAdmin` APIs. This response contains the same fields as the `ConnectionParameters` request, with the addition of the `LastSync` response.", - "title": "SourceConnection" + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" }, - "SupportDescription": { - "markdownDescription": "The support information about the product.", - "title": "SupportDescription", + "ExecutionRole": { + "markdownDescription": "ExecutionRole name", + "title": "ExecutionRole", "type": "string" }, - "SupportEmail": { - "markdownDescription": "The contact email for product support.", - "title": "SupportEmail", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", "type": "string" }, - "SupportUrl": { - "markdownDescription": "The contact URL for product support.\n\n`^https?:\\/\\//` / is the pattern used to validate SupportUrl.", - "title": "SupportUrl", + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", "type": "string" }, - "Tags": { + "RegionList": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "One or more tags.", - "title": "Tags", + "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", + "title": "RegionList", "type": "array" + }, + "StackInstanceControl": { + "markdownDescription": "Permission to create, update, and delete stack instances. Choose from ALLOWED and NOT_ALLOWED.", + "title": "StackInstanceControl", + "type": "string" } }, "required": [ - "Name", - "Owner" + "AccountList", + "AdminRole", + "Description", + "ExecutionRole", + "PortfolioId", + "ProductId", + "RegionList", + "StackInstanceControl" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::CloudFormationProduct" + "AWS::ServiceCatalog::StackSetConstraint" ], "type": "string" }, @@ -257273,104 +307866,158 @@ ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters": { + "AWS::ServiceCatalog::TagOption": { "additionalProperties": false, "properties": { - "ArtifactPath": { - "markdownDescription": "The absolute path wehre the artifact resides within the repo and branch, formatted as \"folder/file.json.\"", - "title": "ArtifactPath", + "Condition": { "type": "string" }, - "Branch": { - "markdownDescription": "The specific branch where the artifact resides.", - "title": "Branch", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ConnectionArn": { - "markdownDescription": "The CodeStar ARN, which is the connection between AWS Service Catalog and the external repository.", - "title": "ConnectionArn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Active": { + "markdownDescription": "The TagOption active state.", + "title": "Active", + "type": "boolean" + }, + "Key": { + "markdownDescription": "The TagOption key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The TagOption value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::TagOption" + ], "type": "string" }, - "Repository": { - "markdownDescription": "The specific repository where the product\u2019s artifact-to-be-synced resides, formatted as \"Account/Repo.\"", - "title": "Repository", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ArtifactPath", - "Branch", - "ConnectionArn", - "Repository" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters": { - "additionalProperties": false, - "properties": { - "CodeStar": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters", - "markdownDescription": "Provides `ConnectionType` details.", - "title": "CodeStar" - } - }, - "type": "object" - }, - "AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties": { + "AWS::ServiceCatalog::TagOptionAssociation": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the provisioning artifact, including how it differs from the previous provisioning artifact.", - "title": "Description", + "Condition": { "type": "string" }, - "DisableTemplateValidation": { - "markdownDescription": "If set to true, AWS Service Catalog stops validating the specified provisioning artifact even if it is invalid.", - "title": "DisableTemplateValidation", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Info": { - "markdownDescription": "Specify the template source with one of the following options, but not both. Keys accepted: [ `LoadTemplateFromURL` , `ImportFromPhysicalId` ]\n\nThe URL of the AWS CloudFormation template in Amazon S3 in JSON format. Specify the URL in JSON format as follows:\n\n`\"LoadTemplateFromURL\": \"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/...\"`\n\n`ImportFromPhysicalId` : The physical id of the resource that contains the template. Currently only supports AWS CloudFormation stack arn. Specify the physical id in JSON format as follows: `ImportFromPhysicalId: \u201carn:aws:cloudformation:[us-east-1]:[accountId]:stack/[StackName]/[resourceId]`", - "title": "Info", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { "type": "object" }, - "Name": { - "markdownDescription": "The name of the provisioning artifact (for example, v1 v2beta). No spaces are allowed.", - "title": "Name", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceId": { + "markdownDescription": "The resource identifier.", + "title": "ResourceId", + "type": "string" + }, + "TagOptionId": { + "markdownDescription": "The TagOption identifier.", + "title": "TagOptionId", + "type": "string" + } + }, + "required": [ + "ResourceId", + "TagOptionId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of provisioning artifact.\n\n- `CLOUD_FORMATION_TEMPLATE` - AWS CloudFormation template\n- `TERRAFORM_OPEN_SOURCE` - Terraform Open Source configuration file\n- `TERRAFORM_CLOUD` - Terraform Cloud configuration file\n- `EXTERNAL` - External configuration file", - "title": "Type", + "enum": [ + "AWS::ServiceCatalog::TagOptionAssociation" + ], "type": "string" - } - }, - "required": [ - "Info" - ], - "type": "object" - }, - "AWS::ServiceCatalog::CloudFormationProduct.SourceConnection": { - "additionalProperties": false, - "properties": { - "ConnectionParameters": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters", - "markdownDescription": "The connection details based on the connection `Type` .", - "title": "ConnectionParameters" }, - "Type": { - "markdownDescription": "The only supported `SourceConnection` type is Codestar.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ConnectionParameters", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProvisionedProduct": { + "AWS::ServiceCatalogAppRegistry::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -257405,81 +308052,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "NotificationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Passed to AWS CloudFormation . The SNS topic ARNs to which to publish stack-related events.", - "title": "NotificationArns", - "type": "array" - }, - "PathId": { - "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", - "title": "PathId", - "type": "string" - }, - "PathName": { - "markdownDescription": "The name of the path. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", - "title": "PathName", - "type": "string" - }, - "ProductId": { - "markdownDescription": "The product identifier.\n\n> You must specify either the ID or the name of the product, but not both.", - "title": "ProductId", - "type": "string" - }, - "ProductName": { - "markdownDescription": "The name of the Service Catalog product.\n\nEach time a stack is created or updated, if `ProductName` is provided it will successfully resolve to `ProductId` as long as only one product exists in the account or Region with that `ProductName` .\n\n> You must specify either the name or the ID of the product, but not both.", - "title": "ProductName", - "type": "string" - }, - "ProvisionedProductName": { - "markdownDescription": "A user-friendly name for the provisioned product. This value must be unique for the AWS account and cannot be updated after the product is provisioned.", - "title": "ProvisionedProductName", - "type": "string" - }, - "ProvisioningArtifactId": { - "markdownDescription": "The identifier of the provisioning artifact (also known as a version).\n\n> You must specify either the ID or the name of the provisioning artifact, but not both.", - "title": "ProvisioningArtifactId", + "Description": { + "markdownDescription": "The description of the application.", + "title": "Description", "type": "string" }, - "ProvisioningArtifactName": { - "markdownDescription": "The name of the provisioning artifact (also known as a version) for the product. This name must be unique for the product.\n\n> You must specify either the name or the ID of the provisioning artifact, but not both. You must also specify either the name or the ID of the product, but not both.", - "title": "ProvisioningArtifactName", + "Name": { + "markdownDescription": "The name of the application. The name must be unique in the region in which you are creating the application.", + "title": "Name", "type": "string" }, - "ProvisioningParameters": { - "items": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter" - }, - "markdownDescription": "Parameters specified by the administrator that are required for provisioning the product.", - "title": "ProvisioningParameters", - "type": "array" - }, - "ProvisioningPreferences": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences", - "markdownDescription": "StackSet preferences that are required for provisioning the product or updating a provisioned product.", - "title": "ProvisioningPreferences" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Key-value pairs you can use to associate with the application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "One or more tags.\n\n> Requires the provisioned product to have an [ResourceUpdateConstraint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-resourceupdateconstraint.html) resource with `TagUpdatesOnProvisionedProduct` set to `ALLOWED` to allow tag updates. If `RESOURCE_UPDATE` constraint is not present, tags updates are ignored.", "title": "Tags", - "type": "array" + "type": "object" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::CloudFormationProvisionedProduct" + "AWS::ServiceCatalogAppRegistry::Application" ], "type": "string" }, @@ -257493,78 +308095,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The parameter key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The parameter value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences": { - "additionalProperties": false, - "properties": { - "StackSetAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more AWS accounts where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified accounts should be within the list of accounts from the `STACKSET` constraint. To get the list of accounts in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all acounts from the `STACKSET` constraint.", - "title": "StackSetAccounts", - "type": "array" - }, - "StackSetFailureToleranceCount": { - "markdownDescription": "The number of accounts, per Region, for which this operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.\n\nThe default value is `0` if no value is specified.", - "title": "StackSetFailureToleranceCount", - "type": "number" - }, - "StackSetFailureTolerancePercentage": { - "markdownDescription": "The percentage of accounts, per Region, for which this stack operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.", - "title": "StackSetFailureTolerancePercentage", - "type": "number" - }, - "StackSetMaxConcurrencyCount": { - "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `StackSetFailureToleranceCount` . `StackSetMaxConcurrentCount` is at most one more than the `StackSetFailureToleranceCount` .\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", - "title": "StackSetMaxConcurrencyCount", - "type": "number" - }, - "StackSetMaxConcurrencyPercentage": { - "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, AWS Service Catalog sets the number as `1` instead.\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", - "title": "StackSetMaxConcurrencyPercentage", - "type": "number" - }, - "StackSetOperationType": { - "markdownDescription": "Determines what action AWS Service Catalog performs to a stack set or a stack instance represented by the provisioned product. The default value is `UPDATE` if nothing is specified.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\n- **CREATE** - Creates a new stack instance in the stack set represented by the provisioned product. In this case, only new stack instances are created based on accounts and Regions; if new ProductId or ProvisioningArtifactID are passed, they will be ignored.\n- **UPDATE** - Updates the stack set represented by the provisioned product and also its stack instances.\n- **DELETE** - Deletes a stack instance in the stack set represented by the provisioned product.", - "title": "StackSetOperationType", - "type": "string" - }, - "StackSetRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", - "title": "StackSetRegions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ServiceCatalog::LaunchNotificationConstraint": { + "AWS::ServiceCatalogAppRegistry::AttributeGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -257599,45 +308135,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" + "Attributes": { + "markdownDescription": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.", + "title": "Attributes", + "type": "object" }, "Description": { - "markdownDescription": "The description of the constraint.", + "markdownDescription": "The description of the attribute group that the user provides.", "title": "Description", "type": "string" }, - "NotificationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The notification ARNs.", - "title": "NotificationArns", - "type": "array" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Name": { + "markdownDescription": "The name of the attribute group.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", - "type": "string" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs you can use to associate with the attribute group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "NotificationArns", - "PortfolioId", - "ProductId" + "Attributes", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchNotificationConstraint" + "AWS::ServiceCatalogAppRegistry::AttributeGroup" ], "type": "string" }, @@ -257656,7 +308189,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::LaunchRoleConstraint": { + "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -257691,46 +308224,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the constraint.", - "title": "Description", - "type": "string" - }, - "LocalRoleName": { - "markdownDescription": "You are required to specify either the `RoleArn` or the `LocalRoleName` but can't use both.\n\nIf you specify the `LocalRoleName` property, when an account uses the launch constraint, the IAM role with that name in the account will be used. This allows launch-role constraints to be account-agnostic so the administrator can create fewer resources per shared account.\n\nThe given role name must exist in the account used to create the launch constraint and the account of the user who launches a product with this launch constraint.", - "title": "LocalRoleName", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" - }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "Application": { + "markdownDescription": "The name or ID of the application.", + "title": "Application", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the launch role.\n\nYou are required to specify `RoleArn` or `LocalRoleName` but can't use both.", - "title": "RoleArn", + "AttributeGroup": { + "markdownDescription": "The name or ID of the attribute group which holds the attributes that describe the application.", + "title": "AttributeGroup", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId" + "Application", + "AttributeGroup" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchRoleConstraint" + "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation" ], "type": "string" }, @@ -257749,7 +308262,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::LaunchTemplateConstraint": { + "AWS::ServiceCatalogAppRegistry::ResourceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -257784,42 +308297,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the constraint.", - "title": "Description", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Application": { + "markdownDescription": "The name or ID of the application.", + "title": "Application", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "Resource": { + "markdownDescription": "The name or ID of the resource of which the application will be associated.", + "title": "Resource", "type": "string" }, - "Rules": { - "markdownDescription": "The constraint rules.", - "title": "Rules", + "ResourceType": { + "markdownDescription": "The type of resource of which the application will be associated.", + "title": "ResourceType", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId", - "Rules" + "Application", + "Resource", + "ResourceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchTemplateConstraint" + "AWS::ServiceCatalogAppRegistry::ResourceAssociation" ], "type": "string" }, @@ -257838,7 +308341,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::Portfolio": { + "AWS::ServiceDiscovery::HttpNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -257873,44 +308376,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the portfolio.", + "markdownDescription": "A description for the namespace.", "title": "Description", "type": "string" }, - "DisplayName": { - "markdownDescription": "The name to use for display purposes.", - "title": "DisplayName", - "type": "string" - }, - "ProviderName": { - "markdownDescription": "The name of the portfolio provider.", - "title": "ProviderName", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags.", + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" } }, "required": [ - "DisplayName", - "ProviderName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::Portfolio" + "AWS::ServiceDiscovery::HttpNamespace" ], "type": "string" }, @@ -257929,7 +308421,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioPrincipalAssociation": { + "AWS::ServiceDiscovery::Instance": { "additionalProperties": false, "properties": { "Condition": { @@ -257964,37 +308456,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" + "InstanceAttributes": { + "markdownDescription": "A string map that contains the following information for the service that you specify in `ServiceId` :\n\n- The attributes that apply to the records that are defined in the service.\n- For each attribute, the applicable value.\n\nSupported attribute keys include the following:\n\n- **AWS_ALIAS_DNS_NAME** - If you want AWS Cloud Map to create a Route\u00a053 alias record that routes traffic to an Elastic Load Balancing load balancer, specify the DNS name that is associated with the load balancer. For information about how to get the DNS name, see [AliasTarget->DNSName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html#Route53-Type-AliasTarget-DNSName) in the *Route\u00a053 API Reference* .\n\nNote the following:\n\n- The configuration for the service that is specified by `ServiceId` must include settings for an `A` record, an `AAAA` record, or both.\n- In the service that is specified by `ServiceId` , the value of `RoutingPolicy` must be `WEIGHTED` .\n- If the service that is specified by `ServiceId` includes `HealthCheckConfig` settings, AWS Cloud Map will create the health check, but it won't associate the health check with the alias record.\n- Auto naming currently doesn't support creating alias records that route traffic to AWS resources other than ELB load balancers.\n- If you specify a value for `AWS_ALIAS_DNS_NAME` , don't specify values for any of the `AWS_INSTANCE` attributes.\n- **AWS_EC2_INSTANCE_ID** - *HTTP namespaces only.* The Amazon EC2 instance ID for the instance. The `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address. When creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) , if the `AWS_EC2_INSTANCE_ID` attribute is specified, the only other attribute that can be specified is `AWS_INIT_HEALTH_STATUS` . After the resource has been created, the `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address.\n- **AWS_INIT_HEALTH_STATUS** - If the service configuration includes `HealthCheckCustomConfig` , when creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) you can optionally use `AWS_INIT_HEALTH_STATUS` to specify the initial status of the custom health check, `HEALTHY` or `UNHEALTHY` . If you don't specify a value for `AWS_INIT_HEALTH_STATUS` , the initial status is `HEALTHY` . This attribute can only be used when creating resources and will not be seen on existing resources.\n- **AWS_INSTANCE_CNAME** - If the service configuration includes a `CNAME` record, the domain name that you want Route\u00a053 to return in response to DNS queries, for example, `example.com` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `CNAME` record.\n- **AWS_INSTANCE_IPV4** - If the service configuration includes an `A` record, the IPv4 address that you want Route\u00a053 to return in response to DNS queries, for example, `192.0.2.44` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `A` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_IPV6** - If the service configuration includes an `AAAA` record, the IPv6 address that you want Route\u00a053 to return in response to DNS queries, for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `AAAA` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_PORT** - If the service includes an `SRV` record, the value that you want Route\u00a053 to return for the port.\n\nIf the service includes `HealthCheckConfig` , the port on the endpoint that you want Route\u00a053 to send requests to.\n\nThis value is required if you specified settings for an `SRV` record or a Route\u00a053 health check when you created the service.", + "title": "InstanceAttributes", + "type": "object" }, - "PrincipalARN": { - "markdownDescription": "The ARN of the principal ( IAM user, role, or group).", - "title": "PrincipalARN", + "InstanceId": { + "markdownDescription": "An identifier that you want to associate with the instance. Note the following:\n\n- If the service that's specified by `ServiceId` includes settings for an `SRV` record, the value of `InstanceId` is automatically included as part of the value for the `SRV` record. For more information, see [DnsRecord > Type](https://docs.aws.amazon.com/cloud-map/latest/api/API_DnsRecord.html#cloudmap-Type-DnsRecord-Type) .\n- You can use this value to update an existing instance.\n- To register a new instance, you must specify a value that's unique among instances that you register by using the same service.\n- If you specify an existing `InstanceId` and `ServiceId` , AWS Cloud Map updates the existing DNS records, if any. If there's also an existing health check, AWS Cloud Map deletes the old health check and creates a new one.\n\n> The health check isn't deleted immediately, so it will still appear for a while if you submit a `ListHealthChecks` request, for example.\n\n> Do not include sensitive information in `InstanceId` if the namespace is discoverable by public DNS queries and any `Type` member of `DnsRecord` for the service contains `SRV` because the `InstanceId` is discoverable by public DNS queries.", + "title": "InstanceId", "type": "string" }, - "PrincipalType": { - "markdownDescription": "The principal type. The supported values are `IAM` and `IAM_PATTERN` .", - "title": "PrincipalType", + "ServiceId": { + "markdownDescription": "The ID of the service that you want to use for settings for the instance.", + "title": "ServiceId", "type": "string" } }, "required": [ - "PortfolioId", - "PrincipalARN", - "PrincipalType" + "InstanceAttributes", + "ServiceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioPrincipalAssociation" + "AWS::ServiceDiscovery::Instance" ], "type": "string" }, @@ -258013,7 +308499,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioProductAssociation": { + "AWS::ServiceDiscovery::PrivateDnsNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -258048,36 +308534,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", + "Description": { + "markdownDescription": "A description for the namespace.", + "title": "Description", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace. When you create a private DNS namespace, AWS Cloud Map automatically creates an Amazon Route\u00a053 private hosted zone that has the same name as the namespace.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", - "type": "string" + "Properties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.Properties", + "markdownDescription": "Properties for the private DNS namespace.", + "title": "Properties" }, - "SourcePortfolioId": { - "markdownDescription": "The identifier of the source portfolio.", - "title": "SourcePortfolioId", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" + }, + "Vpc": { + "markdownDescription": "The ID of the Amazon VPC that you want to associate the namespace with.", + "title": "Vpc", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId" + "Name", + "Vpc" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioProductAssociation" + "AWS::ServiceDiscovery::PrivateDnsNamespace" ], "type": "string" }, @@ -258096,7 +308590,40 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioShare": { + "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { + "additionalProperties": false, + "properties": { + "SOA": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.SOA", + "markdownDescription": "Fields for the Start of Authority (SOA) record for the hosted zone for the private DNS namespace.", + "title": "SOA" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PrivateDnsNamespace.Properties": { + "additionalProperties": false, + "properties": { + "DnsProperties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable", + "markdownDescription": "DNS properties for the private DNS namespace.", + "title": "DnsProperties" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PrivateDnsNamespace.SOA": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The time to live (TTL) for purposes of negative caching.", + "title": "TTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -258131,36 +308658,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", + "Description": { + "markdownDescription": "A description for the namespace.", + "title": "Description", "type": "string" }, - "AccountId": { - "markdownDescription": "The AWS account ID. For example, `123456789012` .", - "title": "AccountId", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace.\n\n> Do not include sensitive information in the name. The name is publicly available using DNS queries.", + "title": "Name", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" + "Properties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.Properties", + "markdownDescription": "Properties for the public DNS namespace.", + "title": "Properties" }, - "ShareTagOptions": { - "markdownDescription": "Indicates whether TagOptions sharing is enabled or disabled for the portfolio share.", - "title": "ShareTagOptions", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" } }, "required": [ - "AccountId", - "PortfolioId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioShare" + "AWS::ServiceDiscovery::PublicDnsNamespace" ], "type": "string" }, @@ -258179,7 +308708,40 @@ ], "type": "object" }, - "AWS::ServiceCatalog::ResourceUpdateConstraint": { + "AWS::ServiceDiscovery::PublicDnsNamespace.Properties": { + "additionalProperties": false, + "properties": { + "DnsProperties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable", + "markdownDescription": "DNS properties for the public DNS namespace.", + "title": "DnsProperties" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable": { + "additionalProperties": false, + "properties": { + "SOA": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.SOA", + "markdownDescription": "Start of Authority (SOA) record for the hosted zone for the public DNS namespace.", + "title": "SOA" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace.SOA": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The time to live (TTL) for purposes of negative caching.", + "title": "TTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -258214,42 +308776,60 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the constraint.", + "markdownDescription": "The description of the service.", "title": "Description", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "DnsConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsConfig", + "markdownDescription": "A complex type that contains information about the Route\u00a053 DNS records that you want AWS Cloud Map to create when you register an instance.\n\n> The record types of a service can only be changed by deleting the service and recreating it with a new `Dnsconfig` .", + "title": "DnsConfig" + }, + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckConfig", + "markdownDescription": "*Public DNS and HTTP namespaces only.* A complex type that contains settings for an optional health check. If you specify settings for a health check, AWS Cloud Map associates the health check with the records that you specify in `DnsConfig` .\n\nFor information about the charges for health checks, see [Amazon Route\u00a053 Pricing](https://docs.aws.amazon.com/route53/pricing/) .", + "title": "HealthCheckConfig" + }, + "HealthCheckCustomConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckCustomConfig", + "markdownDescription": "A complex type that contains information about an optional custom health check.\n\n> If you specify a health check configuration, you can specify either `HealthCheckCustomConfig` or `HealthCheckConfig` but not both.", + "title": "HealthCheckCustomConfig" + }, + "Name": { + "markdownDescription": "The name of the service.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "NamespaceId": { + "markdownDescription": "The ID of the namespace that was used to create the service.\n\n> You must specify a value for `NamespaceId` either for the service properties or for [DnsConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html) . Don't specify a value in both places.", + "title": "NamespaceId", "type": "string" }, - "TagUpdateOnProvisionedProduct": { - "markdownDescription": "If set to `ALLOWED` , lets users change tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.\n\nIf set to `NOT_ALLOWED` , prevents users from changing tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.", - "title": "TagUpdateOnProvisionedProduct", + "ServiceAttributes": { + "markdownDescription": "A string map that contains the following information for the service:\n\n- The attributes that apply to the service\n- For each attribute, the applicable value.\n\nYou can specify a total of 30 attributes.", + "title": "ServiceAttributes", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP` .", + "title": "Type", "type": "string" } }, - "required": [ - "PortfolioId", - "ProductId", - "TagUpdateOnProvisionedProduct" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ResourceUpdateConstraint" + "AWS::ServiceDiscovery::Service" ], "type": "string" }, @@ -258263,12 +308843,93 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ServiceCatalog::ServiceAction": { + "AWS::ServiceDiscovery::Service.DnsConfig": { + "additionalProperties": false, + "properties": { + "DnsRecords": { + "items": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsRecord" + }, + "markdownDescription": "An array that contains one `DnsRecord` object for each Route\u00a053 DNS record that you want AWS Cloud Map to create when you register an instance.\n\n> The record type of a service can't be updated directly and can only be changed by deleting the service and recreating it with a new `DnsConfig` .", + "title": "DnsRecords", + "type": "array" + }, + "NamespaceId": { + "markdownDescription": "The ID of the namespace to use for DNS configuration.\n\n> You must specify a value for `NamespaceId` either for `DnsConfig` or for the [service properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html) . Don't specify a value in both places.", + "title": "NamespaceId", + "type": "string" + }, + "RoutingPolicy": { + "markdownDescription": "The routing policy that you want to apply to all Route\u00a053 DNS records that AWS Cloud Map creates when you register an instance and specify this service.\n\n> If you want to use this service to register instances that create alias records, specify `WEIGHTED` for the routing policy. \n\nYou can specify the following values:\n\n- **MULTIVALUE** - If you define a health check for the service and the health check is healthy, Route\u00a053 returns the applicable value for up to eight instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with IP addresses for up to eight healthy instances. If fewer than eight instances are healthy, Route\u00a053 responds to every DNS query with the IP addresses for all of the healthy instances.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the values for up to eight instances.\n\nFor more information about the multivalue routing policy, see [Multivalue Answer Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue) in the *Route\u00a053 Developer Guide* .\n- **WEIGHTED** - Route\u00a053 returns the applicable value from one randomly selected instance from among the instances that you registered using the same service. Currently, all records have the same weight, so you can't route more or less traffic to any instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with the IP address for one randomly selected instance from among the healthy instances. If no instances are healthy, Route\u00a053 responds to DNS queries as if all of the instances were healthy.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the applicable value for one randomly selected instance.\n\nFor more information about the weighted routing policy, see [Weighted Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted) in the *Route\u00a053 Developer Guide* .", + "title": "RoutingPolicy", + "type": "string" + } + }, + "required": [ + "DnsRecords" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.DnsRecord": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this record.\n\n> Alias records don't include a TTL because Route\u00a053 uses the TTL for the AWS resource that an alias record routes traffic to. If you include the `AWS_ALIAS_DNS_NAME` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request, the `TTL` value is ignored. Always specify a TTL for the service; you can use a service to register instances that create either alias or non-alias records.", + "title": "TTL", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of the resource, which indicates the type of value that Route 53 returns in response to DNS queries. You can specify values for `Type` in the following combinations:\n\n- `A`\n- `AAAA`\n- `A` and `AAAA`\n- `SRV`\n- `CNAME`\n\nIf you want AWS Cloud Map to create a Route 53 alias record when you register an instance, specify `A` or `AAAA` for `Type` .\n\nYou specify other settings, such as the IP address for `A` and `AAAA` records, when you register an instance. For more information, see [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n\nThe following values are supported:\n\n- **A** - Route 53 returns the IP address of the resource in IPv4 format, such as 192.0.2.44.\n- **AAAA** - Route 53 returns the IP address of the resource in IPv6 format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345.\n- **CNAME** - Route 53 returns the domain name of the resource, such as www.example.com. Note the following:\n\n- You specify the domain name that you want to route traffic to when you register an instance. For more information, see [Attributes](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#cloudmap-RegisterInstance-request-Attributes) in the topic [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n- You must specify `WEIGHTED` for the value of `RoutingPolicy` .\n- You can't specify both `CNAME` for `Type` and settings for `HealthCheckConfig` . If you do, the request will fail with an `InvalidInput` error.\n- **SRV** - Route 53 returns the value for an `SRV` record. The value for an `SRV` record uses the following values:\n\n`priority weight port service-hostname`\n\nNote the following about the values:\n\n- The values of `priority` and `weight` are both set to `1` and can't be changed.\n- The value of `port` comes from the value that you specify for the `AWS_INSTANCE_PORT` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request.\n- The value of `service-hostname` is a concatenation of the following values:\n\n- The value that you specify for `InstanceId` when you register an instance.\n- The name of the service.\n- The name of the namespace.\n\nFor example, if the value of `InstanceId` is `test` , the name of the service is `backend` , and the name of the namespace is `example.com` , the value of `service-hostname` is:\n\n`test.backend.example.com`\n\nIf you specify settings for an `SRV` record and if you specify values for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both in the `RegisterInstance` request, AWS Cloud Map automatically creates `A` and/or `AAAA` records that have the same name as the value of `service-hostname` in the `SRV` record. You can ignore these records.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "TTL", + "Type" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.HealthCheckConfig": { + "additionalProperties": false, + "properties": { + "FailureThreshold": { + "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Route\u00a053 to change the current status of the endpoint from unhealthy to healthy or the other way around. For more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", + "title": "FailureThreshold", + "type": "number" + }, + "ResourcePath": { + "markdownDescription": "The path that you want Route\u00a053 to request when performing health checks. The path can be any value that your endpoint returns an HTTP status code of a 2xx or 3xx format for when the endpoint is healthy. An example file is `/docs/route53-health-check.html` . Route\u00a053 automatically adds the DNS name for the service. If you don't specify a value for `ResourcePath` , the default value is `/` .\n\nIf you specify `TCP` for `Type` , you must *not* specify a value for `ResourcePath` .", + "title": "ResourcePath", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of health check that you want to create, which indicates how Route\u00a053 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify HTTPS for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *TCP* : Route\u00a053 tries to establish a TCP connection.\n\nIf you specify `TCP` for `Type` , don't specify a value for `ResourcePath` .\n\nFor more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.HealthCheckCustomConfig": { + "additionalProperties": false, + "properties": { + "FailureThreshold": { + "markdownDescription": "> This parameter is no longer supported and is always set to 1. AWS Cloud Map waits for approximately 30 seconds after receiving an `UpdateInstanceCustomHealthStatus` request before changing the status of the service instance. \n\nThe number of 30-second intervals that you want AWS Cloud Map to wait after receiving an `UpdateInstanceCustomHealthStatus` request before it changes the health status of a service instance.\n\nSending a second or subsequent `UpdateInstanceCustomHealthStatus` request with the same value before 30 seconds has passed doesn't accelerate the change. AWS Cloud Map still waits `30` seconds after the first request to make the change.", + "title": "FailureThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Shield::DRTAccess": { "additionalProperties": false, "properties": { "Condition": { @@ -258303,45 +308964,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Definition": { + "LogBucketList": { "items": { - "$ref": "#/definitions/AWS::ServiceCatalog::ServiceAction.DefinitionParameter" + "type": "string" }, - "markdownDescription": "A map that defines the self-service action.", - "title": "Definition", + "markdownDescription": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.\n\nUse this to share information with the SRT that's not available in AWS WAF logs.\n\nTo use the services of the SRT, you must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .", + "title": "LogBucketList", "type": "array" }, - "DefinitionType": { - "markdownDescription": "The self-service action definition type. For example, `SSM_AUTOMATION` .", - "title": "DefinitionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The self-service action description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The self-service action name.", - "title": "Name", + "RoleArn": { + "markdownDescription": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and logs and to create or update AWS WAF rules and web ACLs.\n\nYou can associate only one `RoleArn` with your subscription. If you submit this update for an account that already has an associated role, the new `RoleArn` will replace the existing `RoleArn` .\n\nThis change requires the following:\n\n- You must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .\n- The `AWSShieldDRTAccessPolicy` managed policy must be attached to the role that you specify in the request. You can access this policy in the IAM console at [AWSShieldDRTAccessPolicy](https://docs.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy) . For information, see [Adding and removing IAM identity permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) .\n- The role must trust the service principal `drt.shield.amazonaws.com` . For information, see [IAM JSON policy elements: Principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) .\n\nThe SRT will have access only to your AWS WAF and Shield resources. By submitting this request, you provide permissions to the SRT to inspect your AWS WAF and Shield configuration and logs, and to create and update AWS WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Definition", - "DefinitionType", - "Name" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ServiceAction" + "AWS::Shield::DRTAccess" ], "type": "string" }, @@ -258360,27 +309004,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::ServiceAction.DefinitionParameter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The parameter key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the parameter.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::ServiceCatalog::ServiceActionAssociation": { + "AWS::Shield::ProactiveEngagement": { "additionalProperties": false, "properties": { "Condition": { @@ -258415,32 +309039,29 @@ "Properties": { "additionalProperties": false, "properties": { - "ProductId": { - "markdownDescription": "The product identifier. For example, `prod-abcdzk7xy33qa` .", - "title": "ProductId", - "type": "string" - }, - "ProvisioningArtifactId": { - "markdownDescription": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` .", - "title": "ProvisioningArtifactId", - "type": "string" + "EmergencyContactList": { + "items": { + "$ref": "#/definitions/AWS::Shield::ProactiveEngagement.EmergencyContact" + }, + "markdownDescription": "The list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support, plus any relevant notes.\n\nTo enable proactive engagement, the contact list must include at least one phone number.\n\nIf you provide more than one contact, in the notes, indicate the circumstances under which each contact should be used. Include primary and secondary contact designations, and provide the hours of availability and time zones for each contact.\n\nExample contact notes:\n\n- This is a hotline that's staffed 24x7x365. Please work with the responding analyst and they will get the appropriate person on the call.\n- Please contact the secondary phone number if the hotline doesn't respond within 5 minutes.", + "title": "EmergencyContactList", + "type": "array" }, - "ServiceActionId": { - "markdownDescription": "The self-service action identifier. For example, `act-fs7abcd89wxyz` .", - "title": "ServiceActionId", + "ProactiveEngagementStatus": { + "markdownDescription": "Specifies whether proactive engagement is enabled or disabled.\n\nValid values:\n\n`ENABLED` - The Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n`DISABLED` - The SRT will not proactively notify contacts about escalations or to initiate proactive customer support.", + "title": "ProactiveEngagementStatus", "type": "string" } }, "required": [ - "ProductId", - "ProvisioningArtifactId", - "ServiceActionId" + "EmergencyContactList", + "ProactiveEngagementStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ServiceActionAssociation" + "AWS::Shield::ProactiveEngagement" ], "type": "string" }, @@ -258459,7 +309080,31 @@ ], "type": "object" }, - "AWS::ServiceCatalog::StackSetConstraint": { + "AWS::Shield::ProactiveEngagement.EmergencyContact": { + "additionalProperties": false, + "properties": { + "ContactNotes": { + "markdownDescription": "Additional notes regarding the contact.", + "title": "ContactNotes", + "type": "string" + }, + "EmailAddress": { + "markdownDescription": "The email address for the contact.", + "title": "EmailAddress", + "type": "string" + }, + "PhoneNumber": { + "markdownDescription": "The phone number for the contact.", + "title": "PhoneNumber", + "type": "string" + } + }, + "required": [ + "EmailAddress" + ], + "type": "object" + }, + "AWS::Shield::Protection": { "additionalProperties": false, "properties": { "Condition": { @@ -258494,73 +309139,47 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" + "ApplicationLayerAutomaticResponseConfiguration": { + "$ref": "#/definitions/AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration", + "markdownDescription": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description.", + "title": "ApplicationLayerAutomaticResponseConfiguration" }, - "AccountList": { + "HealthCheckArns": { "items": { "type": "string" }, - "markdownDescription": "One or more AWS accounts that will have access to the provisioned product.", - "title": "AccountList", + "markdownDescription": "The ARN (Amazon Resource Name) of the health check to associate with the protection. Health-based detection provides improved responsiveness and accuracy in attack detection and mitigation.\n\nYou can use this option with any resource type except for Route\u00a053 hosted zones.\n\nFor more information, see [Configuring health-based detection using health checks](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-health-checks.html) in the *AWS Shield Advanced Developer Guide* .", + "title": "HealthCheckArns", "type": "array" }, - "AdminRole": { - "markdownDescription": "AdminRole ARN", - "title": "AdminRole", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the constraint.", - "title": "Description", - "type": "string" - }, - "ExecutionRole": { - "markdownDescription": "ExecutionRole name", - "title": "ExecutionRole", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Name": { + "markdownDescription": "The name of the protection. For example, `My CloudFront distributions` .\n\n> If you change the name of an existing protection, Shield Advanced deletes the protection and replaces it with a new one. While this is happening, the protection isn't available on the AWS resource.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "ResourceArn": { + "markdownDescription": "The ARN (Amazon Resource Name) of the AWS resource that is protected.", + "title": "ResourceArn", "type": "string" }, - "RegionList": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", - "title": "RegionList", + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "title": "Tags", "type": "array" - }, - "StackInstanceControl": { - "markdownDescription": "Permission to create, update, and delete stack instances. Choose from ALLOWED and NOT_ALLOWED.", - "title": "StackInstanceControl", - "type": "string" } }, "required": [ - "AccountList", - "AdminRole", - "Description", - "ExecutionRole", - "PortfolioId", - "ProductId", - "RegionList", - "StackInstanceControl" + "Name", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::StackSetConstraint" + "AWS::Shield::Protection" ], "type": "string" }, @@ -258579,7 +309198,43 @@ ], "type": "object" }, - "AWS::ServiceCatalog::TagOption": { + "AWS::Shield::Protection.Action": { + "additionalProperties": false, + "properties": { + "Block": { + "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Block\": {} }`\n\nExample YAML: `Block: {}`", + "title": "Block", + "type": "object" + }, + "Count": { + "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Count\": {} }`\n\nExample YAML: `Count: {}`", + "title": "Count", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::Shield::Protection.Action", + "markdownDescription": "Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.", + "title": "Action" + }, + "Status": { + "markdownDescription": "Indicates whether automatic application layer DDoS mitigation is enabled for the protection.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Action", + "Status" + ], + "type": "object" + }, + "AWS::Shield::ProtectionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -258614,31 +309269,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "The TagOption active state.", - "title": "Active", - "type": "boolean" + "Aggregation": { + "markdownDescription": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n\n- `Sum` - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n- `Mean` - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n- `Max` - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.", + "title": "Aggregation", + "type": "string" }, - "Key": { - "markdownDescription": "The TagOption key.", - "title": "Key", + "Members": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting.", + "title": "Members", + "type": "array" + }, + "Pattern": { + "markdownDescription": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.", + "title": "Pattern", "type": "string" }, - "Value": { - "markdownDescription": "The TagOption value.", - "title": "Value", + "ProtectionGroupId": { + "markdownDescription": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.", + "title": "ProtectionGroupId", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting.", + "title": "ResourceType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "Key", - "Value" + "Aggregation", + "Pattern", + "ProtectionGroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::TagOption" + "AWS::Shield::ProtectionGroup" ], "type": "string" }, @@ -258657,7 +309334,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::TagOptionAssociation": { + "AWS::Signer::ProfilePermission": { "additionalProperties": false, "properties": { "Condition": { @@ -258692,26 +309369,43 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceId": { - "markdownDescription": "The resource identifier.", - "title": "ResourceId", + "Action": { + "markdownDescription": "The AWS Signer action permitted as part of cross-account permissions.", + "title": "Action", "type": "string" }, - "TagOptionId": { - "markdownDescription": "The TagOption identifier.", - "title": "TagOptionId", + "Principal": { + "markdownDescription": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID.", + "title": "Principal", + "type": "string" + }, + "ProfileName": { + "markdownDescription": "The human-readable name of the signing profile.", + "title": "ProfileName", + "type": "string" + }, + "ProfileVersion": { + "markdownDescription": "The version of the signing profile.", + "title": "ProfileVersion", + "type": "string" + }, + "StatementId": { + "markdownDescription": "A unique identifier for the cross-account permission statement.", + "title": "StatementId", "type": "string" } }, "required": [ - "ResourceId", - "TagOptionId" + "Action", + "Principal", + "ProfileName", + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::TagOptionAssociation" + "AWS::Signer::ProfilePermission" ], "type": "string" }, @@ -258730,7 +309424,7 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::Application": { + "AWS::Signer::SigningProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -258765,36 +309459,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the application.", - "title": "Description", + "PlatformId": { + "markdownDescription": "The ID of a platform that is available for use by a signing profile.", + "title": "PlatformId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the application. The name must be unique in the region in which you are creating the application.", - "title": "Name", - "type": "string" + "SignatureValidityPeriod": { + "$ref": "#/definitions/AWS::Signer::SigningProfile.SignatureValidityPeriod", + "markdownDescription": "The validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months.", + "title": "SignatureValidityPeriod" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Key-value pairs you can use to associate with the application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of tags associated with the signing profile.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "PlatformId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::Application" + "AWS::Signer::SigningProfile" ], "type": "string" }, @@ -258813,7 +309504,23 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::AttributeGroup": { + "AWS::Signer::SigningProfile.SignatureValidityPeriod": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The time unit for signature validity: DAYS | MONTHS | YEARS.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The numerical value of the time unit for signature validity.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SimSpaceWeaver::Simulation": { "additionalProperties": false, "properties": { "Condition": { @@ -258848,42 +309555,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "markdownDescription": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.", - "title": "Attributes", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the attribute group that the user provides.", - "title": "Description", + "MaximumDuration": { + "markdownDescription": "The maximum running time of the simulation, specified as a number of minutes (m or M), hours (h or H), or days (d or D). The simulation stops when it reaches this limit. The maximum value is `14D` , or its equivalent in the other units. The default value is `14D` . A value equivalent to `0` makes the simulation immediately transition to `STOPPING` as soon as it reaches `STARTED` .", + "title": "MaximumDuration", "type": "string" }, "Name": { - "markdownDescription": "The name of the attribute group.", + "markdownDescription": "The name of the simulation.", "title": "Name", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Key-value pairs you can use to associate with the attribute group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management ( IAM ) role that the simulation assumes to perform actions. For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* . For more information about IAM roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *AWS Identity and Access Management User Guide* .", + "title": "RoleArn", + "type": "string" + }, + "SchemaS3Location": { + "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", + "markdownDescription": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` .", + "title": "SchemaS3Location" + }, + "SnapshotS3Location": { + "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", + "markdownDescription": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` .", + "title": "SnapshotS3Location" } }, "required": [ - "Attributes", - "Name" + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::AttributeGroup" + "AWS::SimSpaceWeaver::Simulation" ], "type": "string" }, @@ -258902,7 +309608,27 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation": { + "AWS::SimSpaceWeaver::Simulation.S3Location": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of an Amazon S3 bucket. For more information about buckets, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "BucketName", + "type": "string" + }, + "ObjectKey": { + "markdownDescription": "The key name of an object in Amazon S3. For more information about Amazon S3 objects and object keys, see [Uploading, downloading, and working with objects in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/uploading-downloading-objects.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "ObjectKey", + "type": "string" + } + }, + "required": [ + "BucketName", + "ObjectKey" + ], + "type": "object" + }, + "AWS::StepFunctions::Activity": { "additionalProperties": false, "properties": { "Condition": { @@ -258937,26 +309663,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The name or ID of the application.", - "title": "Application", - "type": "string" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::Activity.EncryptionConfiguration", + "markdownDescription": "Encryption configuration for the activity.\n\nActivity configuration is immutable, and resource names must be unique. To set customer managed keys for encryption, you must create a *new Activity* . If you attempt to change the configuration in your CFN template for an existing activity, you will receive an `ActivityAlreadyExists` exception.\n\nTo update your activity to include customer managed keys, set a new activity name within your AWS CloudFormation template.", + "title": "EncryptionConfiguration" }, - "AttributeGroup": { - "markdownDescription": "The name or ID of the attribute group which holds the attributes that describe the application.", - "title": "AttributeGroup", + "Name": { + "markdownDescription": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` , `U+FFFE-FFFF` )\n- surrogates ( `U+D800-DFFF` )\n- invalid characters ( `U+10FFFF` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::StepFunctions::Activity.TagsEntry" + }, + "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "title": "Tags", + "type": "array" } }, "required": [ - "Application", - "AttributeGroup" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation" + "AWS::StepFunctions::Activity" ], "type": "string" }, @@ -258975,12 +309708,63 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::ResourceAssociation": { + "AWS::StepFunctions::Activity.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys.", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN.", + "title": "KmsKeyId", + "type": "string" + }, + "Type": { + "markdownDescription": "Encryption option for an activity.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::StepFunctions::Activity.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The `key` for a key-value pair in a tag entry.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The `value` for a key-value pair in a tag entry.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "Connectors": { + "additionalProperties": { + "$ref": "#/definitions/EmbeddedConnector" + }, + "title": "Connectors", + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -259010,32 +309794,79 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The name or ID of the application.", - "title": "Application", + "Definition": { + "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", + "title": "Definition", + "type": "object" + }, + "DefinitionS3Location": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.S3Location", + "markdownDescription": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file.", + "title": "DefinitionS3Location" + }, + "DefinitionString": { + "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", + "title": "DefinitionString", "type": "string" }, - "Resource": { - "markdownDescription": "The name or ID of the resource of which the application will be associated.", - "title": "Resource", + "DefinitionSubstitutions": { + "additionalProperties": true, + "markdownDescription": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "DefinitionSubstitutions", + "type": "object" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.EncryptionConfiguration", + "markdownDescription": "Encryption configuration for the state machine.", + "title": "EncryptionConfiguration" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LoggingConfiguration", + "markdownDescription": "Defines what execution history events are logged and where they are logged.\n\n> By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.", + "title": "LoggingConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.", + "title": "RoleArn", "type": "string" }, - "ResourceType": { - "markdownDescription": "The type of resource of which the application will be associated.", - "title": "ResourceType", + "StateMachineName": { + "markdownDescription": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "StateMachineName", + "type": "string" + }, + "StateMachineType": { + "markdownDescription": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide.", + "title": "StateMachineType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TagsEntry" + }, + "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "title": "Tags", + "type": "array" + }, + "TracingConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TracingConfiguration", + "markdownDescription": "Selects whether or not the state machine's AWS X-Ray tracing is enabled.", + "title": "TracingConfiguration" } }, "required": [ - "Application", - "Resource", - "ResourceType" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::ResourceAssociation" + "AWS::StepFunctions::StateMachine" ], "type": "string" }, @@ -259048,13 +309879,139 @@ "type": "string" } }, - "required": [ - "Type", - "Properties" - ], + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*`", + "title": "LogGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachine.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys.", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN.", + "title": "KmsKeyId", + "type": "string" + }, + "Type": { + "markdownDescription": "Encryption option for a state machine.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.LogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsLogGroup": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup", + "markdownDescription": "An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the AWS CloudFormation User Guide.", + "title": "CloudWatchLogsLogGroup" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachine.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LogDestination" + }, + "markdownDescription": "An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` .", + "title": "Destinations", + "type": "array" + }, + "IncludeExecutionData": { + "markdownDescription": "Determines whether execution data is included in your log. When set to `false` , data is excluded.", + "title": "IncludeExecutionData", + "type": "boolean" + }, + "Level": { + "markdownDescription": "Defines which category of execution history events are logged.", + "title": "Level", + "type": "string" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachine.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket where the state machine definition JSON or YAML file is stored.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name of the state machine definition file (Amazon S3 object name).", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "For versioning-enabled buckets, a specific version of the state machine definition.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The `key` for a key-value pair in a tag entry.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The `value` for a key-value pair in a tag entry.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.TracingConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "When set to `true` , X-Ray tracing is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, "type": "object" }, - "AWS::ServiceDiscovery::HttpNamespace": { + "AWS::StepFunctions::StateMachineAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -259089,33 +310046,35 @@ "Properties": { "additionalProperties": false, "properties": { + "DeploymentPreference": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.DeploymentPreference", + "markdownDescription": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "title": "DeploymentPreference" + }, "Description": { - "markdownDescription": "A description for the namespace.", + "markdownDescription": "An optional description of the state machine alias.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name that you want to assign to this namespace.", + "markdownDescription": "The name of the state machine alias. If you don't provide a name, it uses an automatically generated name based on the logical ID.", "title": "Name", "type": "string" }, - "Tags": { + "RoutingConfiguration": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion" }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", + "markdownDescription": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties.", + "title": "RoutingConfiguration", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::HttpNamespace" + "AWS::StepFunctions::StateMachineAlias" ], "type": "string" }, @@ -259129,90 +310088,69 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ServiceDiscovery::Instance": { + "AWS::StepFunctions::StateMachineAlias.DeploymentPreference": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Alarms": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon CloudWatch alarm names to be monitored during the deployment. The deployment fails and rolls back if any of these alarms go into the `ALARM` state.\n\n> Amazon CloudWatch considers nonexistent alarms to have an `OK` state. If you provide an invalid alarm name or provide the ARN of an alarm instead of its name, your deployment may not roll back correctly.", + "title": "Alarms", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Interval": { + "markdownDescription": "The time in minutes between each traffic shifting increment.", + "title": "Interval", + "type": "number" }, - "Metadata": { - "type": "object" + "Percentage": { + "markdownDescription": "The percentage of traffic to shift to the new version in each increment.", + "title": "Percentage", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceAttributes": { - "markdownDescription": "A string map that contains the following information for the service that you specify in `ServiceId` :\n\n- The attributes that apply to the records that are defined in the service.\n- For each attribute, the applicable value.\n\nSupported attribute keys include the following:\n\n- **AWS_ALIAS_DNS_NAME** - If you want AWS Cloud Map to create a Route\u00a053 alias record that routes traffic to an Elastic Load Balancing load balancer, specify the DNS name that is associated with the load balancer. For information about how to get the DNS name, see [AliasTarget->DNSName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html#Route53-Type-AliasTarget-DNSName) in the *Route\u00a053 API Reference* .\n\nNote the following:\n\n- The configuration for the service that is specified by `ServiceId` must include settings for an `A` record, an `AAAA` record, or both.\n- In the service that is specified by `ServiceId` , the value of `RoutingPolicy` must be `WEIGHTED` .\n- If the service that is specified by `ServiceId` includes `HealthCheckConfig` settings, AWS Cloud Map will create the health check, but it won't associate the health check with the alias record.\n- Auto naming currently doesn't support creating alias records that route traffic to AWS resources other than ELB load balancers.\n- If you specify a value for `AWS_ALIAS_DNS_NAME` , don't specify values for any of the `AWS_INSTANCE` attributes.\n- **AWS_EC2_INSTANCE_ID** - *HTTP namespaces only.* The Amazon EC2 instance ID for the instance. The `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address. When creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) , if the `AWS_EC2_INSTANCE_ID` attribute is specified, the only other attribute that can be specified is `AWS_INIT_HEALTH_STATUS` . After the resource has been created, the `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address.\n- **AWS_INIT_HEALTH_STATUS** - If the service configuration includes `HealthCheckCustomConfig` , when creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) you can optionally use `AWS_INIT_HEALTH_STATUS` to specify the initial status of the custom health check, `HEALTHY` or `UNHEALTHY` . If you don't specify a value for `AWS_INIT_HEALTH_STATUS` , the initial status is `HEALTHY` . This attribute can only be used when creating resources and will not be seen on existing resources.\n- **AWS_INSTANCE_CNAME** - If the service configuration includes a `CNAME` record, the domain name that you want Route\u00a053 to return in response to DNS queries, for example, `example.com` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `CNAME` record.\n- **AWS_INSTANCE_IPV4** - If the service configuration includes an `A` record, the IPv4 address that you want Route\u00a053 to return in response to DNS queries, for example, `192.0.2.44` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `A` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_IPV6** - If the service configuration includes an `AAAA` record, the IPv6 address that you want Route\u00a053 to return in response to DNS queries, for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `AAAA` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_PORT** - If the service includes an `SRV` record, the value that you want Route\u00a053 to return for the port.\n\nIf the service includes `HealthCheckConfig` , the port on the endpoint that you want Route\u00a053 to send requests to.\n\nThis value is required if you specified settings for an `SRV` record or a Route\u00a053 health check when you created the service.", - "title": "InstanceAttributes", - "type": "object" - }, - "InstanceId": { - "markdownDescription": "An identifier that you want to associate with the instance. Note the following:\n\n- If the service that's specified by `ServiceId` includes settings for an `SRV` record, the value of `InstanceId` is automatically included as part of the value for the `SRV` record. For more information, see [DnsRecord > Type](https://docs.aws.amazon.com/cloud-map/latest/api/API_DnsRecord.html#cloudmap-Type-DnsRecord-Type) .\n- You can use this value to update an existing instance.\n- To register a new instance, you must specify a value that's unique among instances that you register by using the same service.\n- If you specify an existing `InstanceId` and `ServiceId` , AWS Cloud Map updates the existing DNS records, if any. If there's also an existing health check, AWS Cloud Map deletes the old health check and creates a new one.\n\n> The health check isn't deleted immediately, so it will still appear for a while if you submit a `ListHealthChecks` request, for example.\n\n> Do not include sensitive information in `InstanceId` if the namespace is discoverable by public DNS queries and any `Type` member of `DnsRecord` for the service contains `SRV` because the `InstanceId` is discoverable by public DNS queries.", - "title": "InstanceId", - "type": "string" - }, - "ServiceId": { - "markdownDescription": "The ID of the service that you want to use for settings for the instance.", - "title": "ServiceId", - "type": "string" - } - }, - "required": [ - "InstanceAttributes", - "ServiceId" - ], - "type": "object" + "StateMachineVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete.\n\nWhile performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead.", + "title": "StateMachineVersionArn", + "type": "string" }, "Type": { - "enum": [ - "AWS::ServiceDiscovery::Instance" - ], + "markdownDescription": "The type of deployment you want to perform. You can specify one of the following types:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "title": "Type", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "StateMachineVersionArn", + "Type" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion": { + "additionalProperties": false, + "properties": { + "StateMachineVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration.\n\nIf you specify the ARN of a second version, it must belong to the same state machine as the first version.", + "title": "StateMachineVersionArn", "type": "string" + }, + "Weight": { + "markdownDescription": "The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100.", + "title": "Weight", + "type": "number" } }, "required": [ - "Type", - "Properties" + "StateMachineVersionArn", + "Weight" ], "type": "object" }, - "AWS::ServiceDiscovery::PrivateDnsNamespace": { + "AWS::StepFunctions::StateMachineVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -259248,43 +310186,29 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description for the namespace.", + "markdownDescription": "An optional description of the state machine version.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name that you want to assign to this namespace. When you create a private DNS namespace, AWS Cloud Map automatically creates an Amazon Route\u00a053 private hosted zone that has the same name as the namespace.", - "title": "Name", + "StateMachineArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the state machine.", + "title": "StateMachineArn", "type": "string" }, - "Properties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.Properties", - "markdownDescription": "Properties for the private DNS namespace.", - "title": "Properties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", - "type": "array" - }, - "Vpc": { - "markdownDescription": "The ID of the Amazon VPC that you want to associate the namespace with.", - "title": "Vpc", + "StateMachineRevisionId": { + "markdownDescription": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine\u2019s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` .", + "title": "StateMachineRevisionId", "type": "string" } }, "required": [ - "Name", - "Vpc" + "StateMachineArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::PrivateDnsNamespace" + "AWS::StepFunctions::StateMachineVersion" ], "type": "string" }, @@ -259303,40 +310227,7 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { - "additionalProperties": false, - "properties": { - "SOA": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.SOA", - "markdownDescription": "Fields for the Start of Authority (SOA) record for the hosted zone for the private DNS namespace.", - "title": "SOA" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.Properties": { - "additionalProperties": false, - "properties": { - "DnsProperties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable", - "markdownDescription": "DNS properties for the private DNS namespace.", - "title": "DnsProperties" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.SOA": { - "additionalProperties": false, - "properties": { - "TTL": { - "markdownDescription": "The time to live (TTL) for purposes of negative caching.", - "title": "TTL", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PublicDnsNamespace": { + "AWS::SupportApp::AccountAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -259371,38 +310262,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the namespace.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name that you want to assign to this namespace.\n\n> Do not include sensitive information in the name. The name is publicly available using DNS queries.", - "title": "Name", + "AccountAlias": { + "markdownDescription": "An alias or short name for an AWS account .", + "title": "AccountAlias", "type": "string" - }, - "Properties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.Properties", - "markdownDescription": "Properties for the public DNS namespace.", - "title": "Properties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", - "type": "array" } }, "required": [ - "Name" + "AccountAlias" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::PublicDnsNamespace" + "AWS::SupportApp::AccountAlias" ], "type": "string" }, @@ -259421,40 +310294,7 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::PublicDnsNamespace.Properties": { - "additionalProperties": false, - "properties": { - "DnsProperties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable", - "markdownDescription": "DNS properties for the public DNS namespace.", - "title": "DnsProperties" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable": { - "additionalProperties": false, - "properties": { - "SOA": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.SOA", - "markdownDescription": "Start of Authority (SOA) record for the hosted zone for the public DNS namespace.", - "title": "SOA" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PublicDnsNamespace.SOA": { - "additionalProperties": false, - "properties": { - "TTL": { - "markdownDescription": "The time to live (TTL) for purposes of negative caching.", - "title": "TTL", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::Service": { + "AWS::SupportApp::SlackChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -259489,55 +310329,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the service.", - "title": "Description", + "ChannelId": { + "markdownDescription": "The channel ID in Slack. This ID identifies a channel within a Slack workspace.", + "title": "ChannelId", "type": "string" }, - "DnsConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsConfig", - "markdownDescription": "A complex type that contains information about the Route\u00a053 DNS records that you want AWS Cloud Map to create when you register an instance.\n\n> The record types of a service can only be changed by deleting the service and recreating it with a new `Dnsconfig` .", - "title": "DnsConfig" + "ChannelName": { + "markdownDescription": "The channel name in Slack. This is the channel where you invite the AWS Support App .", + "title": "ChannelName", + "type": "string" }, - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckConfig", - "markdownDescription": "*Public DNS and HTTP namespaces only.* A complex type that contains settings for an optional health check. If you specify settings for a health check, AWS Cloud Map associates the health check with the records that you specify in `DnsConfig` .\n\nFor information about the charges for health checks, see [Amazon Route\u00a053 Pricing](https://docs.aws.amazon.com/route53/pricing/) .", - "title": "HealthCheckConfig" + "ChannelRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for this Slack channel configuration. The App uses this role to perform and Service Quotas actions on your behalf.", + "title": "ChannelRoleArn", + "type": "string" }, - "HealthCheckCustomConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckCustomConfig", - "markdownDescription": "A complex type that contains information about an optional custom health check.\n\n> If you specify a health check configuration, you can specify either `HealthCheckCustomConfig` or `HealthCheckConfig` but not both.", - "title": "HealthCheckCustomConfig" + "NotifyOnAddCorrespondenceToCase": { + "markdownDescription": "Whether to get notified when a correspondence is added to your support cases.", + "title": "NotifyOnAddCorrespondenceToCase", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the service.", - "title": "Name", + "NotifyOnCaseSeverity": { + "markdownDescription": "The case severity for your support cases that you want to receive notifications. You can specify `none` , `all` , or `high` .", + "title": "NotifyOnCaseSeverity", "type": "string" }, - "NamespaceId": { - "markdownDescription": "The ID of the namespace that was used to create the service.\n\n> You must specify a value for `NamespaceId` either for the service properties or for [DnsConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html) . Don't specify a value in both places.", - "title": "NamespaceId", - "type": "string" + "NotifyOnCreateOrReopenCase": { + "markdownDescription": "Whether to get notified when your support cases are created or reopened", + "title": "NotifyOnCreateOrReopenCase", + "type": "boolean" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", - "type": "array" + "NotifyOnResolveCase": { + "markdownDescription": "Whether to get notified when your support cases are resolved.", + "title": "NotifyOnResolveCase", + "type": "boolean" }, - "Type": { - "markdownDescription": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP` .", - "title": "Type", + "TeamId": { + "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace.", + "title": "TeamId", "type": "string" } }, + "required": [ + "ChannelId", + "ChannelRoleArn", + "NotifyOnCaseSeverity", + "TeamId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::Service" + "AWS::SupportApp::SlackChannelConfiguration" ], "type": "string" }, @@ -259551,93 +310394,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.DnsConfig": { - "additionalProperties": false, - "properties": { - "DnsRecords": { - "items": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsRecord" - }, - "markdownDescription": "An array that contains one `DnsRecord` object for each Route\u00a053 DNS record that you want AWS Cloud Map to create when you register an instance.\n\n> The record type of a service can't be updated directly and can only be changed by deleting the service and recreating it with a new `DnsConfig` .", - "title": "DnsRecords", - "type": "array" - }, - "NamespaceId": { - "markdownDescription": "The ID of the namespace to use for DNS configuration.\n\n> You must specify a value for `NamespaceId` either for `DnsConfig` or for the [service properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html) . Don't specify a value in both places.", - "title": "NamespaceId", - "type": "string" - }, - "RoutingPolicy": { - "markdownDescription": "The routing policy that you want to apply to all Route\u00a053 DNS records that AWS Cloud Map creates when you register an instance and specify this service.\n\n> If you want to use this service to register instances that create alias records, specify `WEIGHTED` for the routing policy. \n\nYou can specify the following values:\n\n- **MULTIVALUE** - If you define a health check for the service and the health check is healthy, Route\u00a053 returns the applicable value for up to eight instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with IP addresses for up to eight healthy instances. If fewer than eight instances are healthy, Route\u00a053 responds to every DNS query with the IP addresses for all of the healthy instances.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the values for up to eight instances.\n\nFor more information about the multivalue routing policy, see [Multivalue Answer Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue) in the *Route\u00a053 Developer Guide* .\n- **WEIGHTED** - Route\u00a053 returns the applicable value from one randomly selected instance from among the instances that you registered using the same service. Currently, all records have the same weight, so you can't route more or less traffic to any instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with the IP address for one randomly selected instance from among the healthy instances. If no instances are healthy, Route\u00a053 responds to DNS queries as if all of the instances were healthy.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the applicable value for one randomly selected instance.\n\nFor more information about the weighted routing policy, see [Weighted Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted) in the *Route\u00a053 Developer Guide* .", - "title": "RoutingPolicy", - "type": "string" - } - }, - "required": [ - "DnsRecords" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.DnsRecord": { - "additionalProperties": false, - "properties": { - "TTL": { - "markdownDescription": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this record.\n\n> Alias records don't include a TTL because Route\u00a053 uses the TTL for the AWS resource that an alias record routes traffic to. If you include the `AWS_ALIAS_DNS_NAME` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request, the `TTL` value is ignored. Always specify a TTL for the service; you can use a service to register instances that create either alias or non-alias records.", - "title": "TTL", - "type": "number" - }, - "Type": { - "markdownDescription": "The type of the resource, which indicates the type of value that Route 53 returns in response to DNS queries. You can specify values for `Type` in the following combinations:\n\n- `A`\n- `AAAA`\n- `A` and `AAAA`\n- `SRV`\n- `CNAME`\n\nIf you want AWS Cloud Map to create a Route 53 alias record when you register an instance, specify `A` or `AAAA` for `Type` .\n\nYou specify other settings, such as the IP address for `A` and `AAAA` records, when you register an instance. For more information, see [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n\nThe following values are supported:\n\n- **A** - Route 53 returns the IP address of the resource in IPv4 format, such as 192.0.2.44.\n- **AAAA** - Route 53 returns the IP address of the resource in IPv6 format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345.\n- **CNAME** - Route 53 returns the domain name of the resource, such as www.example.com. Note the following:\n\n- You specify the domain name that you want to route traffic to when you register an instance. For more information, see [Attributes](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#cloudmap-RegisterInstance-request-Attributes) in the topic [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n- You must specify `WEIGHTED` for the value of `RoutingPolicy` .\n- You can't specify both `CNAME` for `Type` and settings for `HealthCheckConfig` . If you do, the request will fail with an `InvalidInput` error.\n- **SRV** - Route 53 returns the value for an `SRV` record. The value for an `SRV` record uses the following values:\n\n`priority weight port service-hostname`\n\nNote the following about the values:\n\n- The values of `priority` and `weight` are both set to `1` and can't be changed.\n- The value of `port` comes from the value that you specify for the `AWS_INSTANCE_PORT` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request.\n- The value of `service-hostname` is a concatenation of the following values:\n\n- The value that you specify for `InstanceId` when you register an instance.\n- The name of the service.\n- The name of the namespace.\n\nFor example, if the value of `InstanceId` is `test` , the name of the service is `backend` , and the name of the namespace is `example.com` , the value of `service-hostname` is:\n\n`test.backend.example.com`\n\nIf you specify settings for an `SRV` record and if you specify values for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both in the `RegisterInstance` request, AWS Cloud Map automatically creates `A` and/or `AAAA` records that have the same name as the value of `service-hostname` in the `SRV` record. You can ignore these records.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "TTL", - "Type" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.HealthCheckConfig": { - "additionalProperties": false, - "properties": { - "FailureThreshold": { - "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Route\u00a053 to change the current status of the endpoint from unhealthy to healthy or the other way around. For more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", - "title": "FailureThreshold", - "type": "number" - }, - "ResourcePath": { - "markdownDescription": "The path that you want Route\u00a053 to request when performing health checks. The path can be any value that your endpoint returns an HTTP status code of a 2xx or 3xx format for when the endpoint is healthy. An example file is `/docs/route53-health-check.html` . Route\u00a053 automatically adds the DNS name for the service. If you don't specify a value for `ResourcePath` , the default value is `/` .\n\nIf you specify `TCP` for `Type` , you must *not* specify a value for `ResourcePath` .", - "title": "ResourcePath", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of health check that you want to create, which indicates how Route\u00a053 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify HTTPS for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *TCP* : Route\u00a053 tries to establish a TCP connection.\n\nIf you specify `TCP` for `Type` , don't specify a value for `ResourcePath` .\n\nFor more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceDiscovery::Service.HealthCheckCustomConfig": { - "additionalProperties": false, - "properties": { - "FailureThreshold": { - "markdownDescription": "> This parameter is no longer supported and is always set to 1. AWS Cloud Map waits for approximately 30 seconds after receiving an `UpdateInstanceCustomHealthStatus` request before changing the status of the service instance. \n\nThe number of 30-second intervals that you want AWS Cloud Map to wait after receiving an `UpdateInstanceCustomHealthStatus` request before it changes the health status of a service instance.\n\nSending a second or subsequent `UpdateInstanceCustomHealthStatus` request with the same value before 30 seconds has passed doesn't accelerate the change. AWS Cloud Map still waits `30` seconds after the first request to make the change.", - "title": "FailureThreshold", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Shield::DRTAccess": { + "AWS::SupportApp::SlackWorkspaceConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -259672,28 +310434,25 @@ "Properties": { "additionalProperties": false, "properties": { - "LogBucketList": { - "items": { - "type": "string" - }, - "markdownDescription": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.\n\nUse this to share information with the SRT that's not available in AWS WAF logs.\n\nTo use the services of the SRT, you must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .", - "title": "LogBucketList", - "type": "array" + "TeamId": { + "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace, such as `T012ABCDEFG` .", + "title": "TeamId", + "type": "string" }, - "RoleArn": { - "markdownDescription": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and logs and to create or update AWS WAF rules and web ACLs.\n\nYou can associate only one `RoleArn` with your subscription. If you submit this update for an account that already has an associated role, the new `RoleArn` will replace the existing `RoleArn` .\n\nThis change requires the following:\n\n- You must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .\n- The `AWSShieldDRTAccessPolicy` managed policy must be attached to the role that you specify in the request. You can access this policy in the IAM console at [AWSShieldDRTAccessPolicy](https://docs.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy) . For information, see [Adding and removing IAM identity permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) .\n- The role must trust the service principal `drt.shield.amazonaws.com` . For information, see [IAM JSON policy elements: Principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) .\n\nThe SRT will have access only to your AWS WAF and Shield resources. By submitting this request, you provide permissions to the SRT to inspect your AWS WAF and Shield configuration and logs, and to create and update AWS WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.", - "title": "RoleArn", + "VersionId": { + "markdownDescription": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation , such as `100` .", + "title": "VersionId", "type": "string" } }, "required": [ - "RoleArn" + "TeamId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::DRTAccess" + "AWS::SupportApp::SlackWorkspaceConfiguration" ], "type": "string" }, @@ -259712,7 +310471,7 @@ ], "type": "object" }, - "AWS::Shield::ProactiveEngagement": { + "AWS::Synthetics::Canary": { "additionalProperties": false, "properties": { "Condition": { @@ -259747,29 +310506,111 @@ "Properties": { "additionalProperties": false, "properties": { - "EmergencyContactList": { + "ArtifactConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.ArtifactConfig", + "markdownDescription": "A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.", + "title": "ArtifactConfig" + }, + "ArtifactS3Location": { + "markdownDescription": "The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files. Specify the full location path, including `s3://` at the beginning of the path.", + "title": "ArtifactS3Location", + "type": "string" + }, + "Code": { + "$ref": "#/definitions/AWS::Synthetics::Canary.Code", + "markdownDescription": "Use this structure to input your script code for the canary. This structure contains the Lambda handler with the location where the canary should start running the script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included. If the script is passed into the canary directly, the script code is contained in the value of `Script` .", + "title": "Code" + }, + "DryRunAndUpdate": { + "markdownDescription": "Specifies whether to perform a dry run before updating the canary. If set to `true` , CloudFormation will execute a dry run to validate the changes before applying them to the canary. If the dry run succeeds, the canary will be updated with the changes. If the dry run fails, the CloudFormation deployment will fail with the dry run\u2019s failure reason.\n\nIf set to `false` or omitted, the canary will be updated directly without first performing a dry run. The default value is `false` .\n\nFor more information, see [Performing safe canary updates](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/performing-safe-canary-upgrades.html) .", + "title": "DryRunAndUpdate", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the IAM role to be used to run the canary. This role must already exist, and must include `lambda.amazonaws.com` as a principal in the trust policy. The role must also have the following permissions:\n\n- `s3:PutObject`\n- `s3:GetBucketLocation`\n- `s3:ListAllMyBuckets`\n- `cloudwatch:PutMetricData`\n- `logs:CreateLogGroup`\n- `logs:CreateLogStream`\n- `logs:PutLogEvents`", + "title": "ExecutionRoleArn", + "type": "string" + }, + "FailureRetentionPeriod": { + "markdownDescription": "The number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", + "title": "FailureRetentionPeriod", + "type": "number" + }, + "Name": { + "markdownDescription": "The name for this canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account.\n\nDo not include secrets or proprietary information in your canary names. The canary name makes up part of the canary ARN, and the ARN is included in outbound calls over the internet. For more information, see [Security Considerations for Synthetics Canaries](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html) .", + "title": "Name", + "type": "string" + }, + "ProvisionedResourceCleanup": { + "markdownDescription": "Specifies whether to also delete the Lambda functions and layers used by this canary when the canary is deleted. If it is `AUTOMATIC` , the Lambda functions and layers will be deleted when the canary is deleted.\n\nIf the value of this parameter is `OFF` , then the value of the `DeleteLambda` parameter of the [DeleteCanary](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DeleteCanary.html) operation determines whether the Lambda functions and layers will be deleted.", + "title": "ProvisionedResourceCleanup", + "type": "string" + }, + "ResourcesToReplicateTags": { "items": { - "$ref": "#/definitions/AWS::Shield::ProactiveEngagement.EmergencyContact" + "type": "string" }, - "markdownDescription": "The list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support, plus any relevant notes.\n\nTo enable proactive engagement, the contact list must include at least one phone number.\n\nIf you provide more than one contact, in the notes, indicate the circumstances under which each contact should be used. Include primary and secondary contact designations, and provide the hours of availability and time zones for each contact.\n\nExample contact notes:\n\n- This is a hotline that's staffed 24x7x365. Please work with the responding analyst and they will get the appropriate person on the call.\n- Please contact the secondary phone number if the hotline doesn't respond within 5 minutes.", - "title": "EmergencyContactList", + "markdownDescription": "To have the tags that you apply to this canary also be applied to the Lambda function that the canary uses, specify this property with the value `lambda-function` . If you do this, CloudWatch Synthetics will keep the tags of the canary and the Lambda function synchronized. Any future changes you make to the canary's tags will also be applied to the function.", + "title": "ResourcesToReplicateTags", "type": "array" }, - "ProactiveEngagementStatus": { - "markdownDescription": "Specifies whether proactive engagement is enabled or disabled.\n\nValid values:\n\n`ENABLED` - The Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n`DISABLED` - The SRT will not proactively notify contacts about escalations or to initiate proactive customer support.", - "title": "ProactiveEngagementStatus", + "RunConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.RunConfig", + "markdownDescription": "A structure that contains input information for a canary run. If you omit this structure, the frequency of the canary is used as canary's timeout value, up to a maximum of 900 seconds.", + "title": "RunConfig" + }, + "RuntimeVersion": { + "markdownDescription": "Specifies the runtime version to use for the canary. For more information about runtime versions, see [Canary Runtime Versions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) .", + "title": "RuntimeVersion", "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::Synthetics::Canary.Schedule", + "markdownDescription": "A structure that contains information about how often the canary is to run, and when these runs are to stop.", + "title": "Schedule" + }, + "StartCanaryAfterCreation": { + "markdownDescription": "Specify TRUE to have the canary start making runs immediately after it is created.\n\nA canary that you create using CloudFormation can't be used to monitor the CloudFormation stack that creates the canary or to roll back that stack if there is a failure.", + "title": "StartCanaryAfterCreation", + "type": "boolean" + }, + "SuccessRetentionPeriod": { + "markdownDescription": "The number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", + "title": "SuccessRetentionPeriod", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value pairs that are associated with the canary.", + "title": "Tags", + "type": "array" + }, + "VPCConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.VPCConfig", + "markdownDescription": "If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see [Running a Canary in a VPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html) .", + "title": "VPCConfig" + }, + "VisualReference": { + "$ref": "#/definitions/AWS::Synthetics::Canary.VisualReference", + "markdownDescription": "If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.", + "title": "VisualReference" } }, "required": [ - "EmergencyContactList", - "ProactiveEngagementStatus" + "ArtifactS3Location", + "Code", + "ExecutionRoleArn", + "Name", + "RuntimeVersion", + "Schedule" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::ProactiveEngagement" + "AWS::Synthetics::Canary" ], "type": "string" }, @@ -259788,161 +310629,228 @@ ], "type": "object" }, - "AWS::Shield::ProactiveEngagement.EmergencyContact": { + "AWS::Synthetics::Canary.ArtifactConfig": { "additionalProperties": false, "properties": { - "ContactNotes": { - "markdownDescription": "Additional notes regarding the contact.", - "title": "ContactNotes", - "type": "string" - }, - "EmailAddress": { - "markdownDescription": "The email address for the contact.", - "title": "EmailAddress", - "type": "string" + "S3Encryption": { + "$ref": "#/definitions/AWS::Synthetics::Canary.S3Encryption", + "markdownDescription": "A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3 . Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see [Encrypting canary artifacts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_artifact_encryption.html) .", + "title": "S3Encryption" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.BaseScreenshot": { + "additionalProperties": false, + "properties": { + "IgnoreCoordinates": { + "items": { + "type": "string" + }, + "markdownDescription": "Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch console to draw the boundaries on the screen. For more information, see [Edit or delete a canary](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/synthetics_canaries_deletion.html) .", + "title": "IgnoreCoordinates", + "type": "array" }, - "PhoneNumber": { - "markdownDescription": "The phone number for the contact.", - "title": "PhoneNumber", + "ScreenshotName": { + "markdownDescription": "The name of the screenshot. This is generated the first time the canary is run after the `UpdateCanary` operation that specified for this canary to perform visual monitoring.", + "title": "ScreenshotName", "type": "string" } }, "required": [ - "EmailAddress" + "ScreenshotName" ], "type": "object" }, - "AWS::Shield::Protection": { + "AWS::Synthetics::Canary.Code": { "additionalProperties": false, "properties": { - "Condition": { + "Handler": { + "markdownDescription": "The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` .", + "title": "Handler", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Bucket": { + "markdownDescription": "If your canary script is located in S3, specify the bucket name here. The bucket must already exist.", + "title": "S3Bucket", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "S3Key": { + "markdownDescription": "The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .", + "title": "S3Key", + "type": "string" }, - "Metadata": { - "type": "object" + "S3ObjectVersion": { + "markdownDescription": "The Amazon S3 version ID of your script.", + "title": "S3ObjectVersion", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationLayerAutomaticResponseConfiguration": { - "$ref": "#/definitions/AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration", - "markdownDescription": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description.", - "title": "ApplicationLayerAutomaticResponseConfiguration" - }, - "HealthCheckArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN (Amazon Resource Name) of the health check to associate with the protection. Health-based detection provides improved responsiveness and accuracy in attack detection and mitigation.\n\nYou can use this option with any resource type except for Route\u00a053 hosted zones.\n\nFor more information, see [Configuring health-based detection using health checks](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-health-checks.html) in the *AWS Shield Advanced Developer Guide* .", - "title": "HealthCheckArns", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the protection. For example, `My CloudFront distributions` .\n\n> If you change the name of an existing protection, Shield Advanced deletes the protection and replaces it with a new one. While this is happening, the protection isn't available on the AWS resource.", - "title": "Name", - "type": "string" - }, - "ResourceArn": { - "markdownDescription": "The ARN (Amazon Resource Name) of the AWS resource that is protected.", - "title": "ResourceArn", + "Script": { + "markdownDescription": "If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB.", + "title": "Script", + "type": "string" + }, + "SourceLocationArn": { + "markdownDescription": "The ARN of the Lambda layer where Synthetics stores the canary script code.", + "title": "SourceLocationArn", + "type": "string" + } + }, + "required": [ + "Handler" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.RetryConfig": { + "additionalProperties": false, + "properties": { + "MaxRetries": { + "markdownDescription": "The maximum number of retries. The value must be less than or equal to two.", + "title": "MaxRetries", + "type": "number" + } + }, + "required": [ + "MaxRetries" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.RunConfig": { + "additionalProperties": false, + "properties": { + "ActiveTracing": { + "markdownDescription": "Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see [Canaries and X-Ray tracing](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html) .\n\nYou can enable active tracing only for canaries that use version `syn-nodejs-2.0` or later for their canary runtime.", + "title": "ActiveTracing", + "type": "boolean" + }, + "EnvironmentVariables": { + "additionalProperties": true, + "markdownDescription": "Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:\n\n{ \"key1\" : \"value1\", \"key2\" : \"value2\", ...}\n\nKeys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see [Runtime environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", - "title": "Tags", - "type": "array" } }, - "required": [ - "Name", - "ResourceArn" - ], + "title": "EnvironmentVariables", "type": "object" }, - "Type": { - "enum": [ - "AWS::Shield::Protection" - ], + "EphemeralStorage": { + "markdownDescription": "Specifies the amount of ephemeral storage (in MB) to allocate for the canary run during execution. This temporary storage is used for storing canary run artifacts (which are uploaded to an Amazon S3 bucket at the end of the run), and any canary browser operations. This temporary storage is cleared after the run is completed. Default storage value is 1024 MB.", + "title": "EphemeralStorage", + "type": "number" + }, + "MemoryInMB": { + "markdownDescription": "The maximum amount of memory that the canary can use while running. This value must be a multiple of 64. The range is 960 to 3008.", + "title": "MemoryInMB", + "type": "number" + }, + "TimeoutInSeconds": { + "markdownDescription": "How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.\n\nIf you omit this field, the frequency of the canary is used as this value, up to a maximum of 900 seconds.", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.S3Encryption": { + "additionalProperties": false, + "properties": { + "EncryptionMode": { + "markdownDescription": "The encryption method to use for artifacts created by this canary. Specify `SSE_S3` to use server-side encryption (SSE) with an Amazon S3-managed key. Specify `SSE-KMS` to use server-side encryption with a customer-managed AWS KMS key.\n\nIf you omit this parameter, an AWS -managed AWS KMS key is used.", + "title": "EncryptionMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KmsKeyArn": { + "markdownDescription": "The ARN of the customer-managed AWS KMS key to use, if you specify `SSE-KMS` for `EncryptionMode`", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.Schedule": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.", + "title": "DurationInSeconds", + "type": "string" + }, + "Expression": { + "markdownDescription": "A `rate` expression or a `cron` expression that defines how often the canary is to run.\n\nFor a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` .\n\nFor example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` .\n\nSpecifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started.\n\nUse `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) .", + "title": "Expression", "type": "string" + }, + "RetryConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.RetryConfig", + "markdownDescription": "The canary's retry configuration information.", + "title": "RetryConfig" } }, "required": [ - "Type", - "Properties" + "Expression" ], "type": "object" }, - "AWS::Shield::Protection.Action": { + "AWS::Synthetics::Canary.VPCConfig": { "additionalProperties": false, "properties": { - "Block": { - "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Block\": {} }`\n\nExample YAML: `Block: {}`", - "title": "Block", - "type": "object" + "Ipv6AllowedForDualStack": { + "markdownDescription": "Set this to `true` to allow outbound IPv6 traffic on VPC canaries that are connected to dual-stack subnets. The default is `false` .", + "title": "Ipv6AllowedForDualStack", + "type": "boolean" }, - "Count": { - "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Count\": {} }`\n\nExample YAML: `Count: {}`", - "title": "Count", - "type": "object" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for this canary.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets where this canary is to run.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC where this canary is to run.", + "title": "VpcId", + "type": "string" } }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], "type": "object" }, - "AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration": { + "AWS::Synthetics::Canary.VisualReference": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::Shield::Protection.Action", - "markdownDescription": "Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.", - "title": "Action" - }, - "Status": { - "markdownDescription": "Indicates whether automatic application layer DDoS mitigation is enabled for the protection.", - "title": "Status", + "BaseCanaryRunId": { + "markdownDescription": "Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are `nextrun` to use the screenshots from the next run after this update is made, `lastrun` to use the screenshots from the most recent run before this update was made, or the value of `Id` in the [CanaryRun](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CanaryRun.html) from any past run of this canary.", + "title": "BaseCanaryRunId", "type": "string" + }, + "BaseScreenshots": { + "items": { + "$ref": "#/definitions/AWS::Synthetics::Canary.BaseScreenshot" + }, + "markdownDescription": "An array of screenshots that are used as the baseline for comparisons during visual monitoring.", + "title": "BaseScreenshots", + "type": "array" } }, "required": [ - "Action", - "Status" + "BaseCanaryRunId" ], "type": "object" }, - "AWS::Shield::ProtectionGroup": { + "AWS::Synthetics::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -259977,53 +310885,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n\n- `Sum` - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n- `Mean` - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n- `Max` - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.", - "title": "Aggregation", + "Name": { + "markdownDescription": "A name for the group. It can include any Unicode characters.\n\nThe names for all groups in your account, across all Regions, must be unique.", + "title": "Name", "type": "string" }, - "Members": { + "ResourceArns": { "items": { "type": "string" }, - "markdownDescription": "The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting.", - "title": "Members", + "markdownDescription": "The ARNs of the canaries that you want to associate with this group.", + "title": "ResourceArns", "type": "array" }, - "Pattern": { - "markdownDescription": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.", - "title": "Pattern", - "type": "string" - }, - "ProtectionGroupId": { - "markdownDescription": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.", - "title": "ProtectionGroupId", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting.", - "title": "ResourceType", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "markdownDescription": "The list of key-value pairs that are associated with the group.", "title": "Tags", "type": "array" } }, "required": [ - "Aggregation", - "Pattern", - "ProtectionGroupId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::ProtectionGroup" + "AWS::Synthetics::Group" ], "type": "string" }, @@ -260042,7 +310933,7 @@ ], "type": "object" }, - "AWS::Signer::ProfilePermission": { + "AWS::SystemsManagerSAP::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -260077,123 +310968,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The AWS Signer action permitted as part of cross-account permissions.", - "title": "Action", + "ApplicationId": { + "markdownDescription": "The ID of the application.", + "title": "ApplicationId", "type": "string" }, - "Principal": { - "markdownDescription": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID.", - "title": "Principal", + "ApplicationType": { + "markdownDescription": "The type of the application.", + "title": "ApplicationType", "type": "string" }, - "ProfileName": { - "markdownDescription": "The human-readable name of the signing profile.", - "title": "ProfileName", - "type": "string" + "ComponentsInfo": { + "items": { + "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.ComponentInfo" + }, + "markdownDescription": "", + "title": "ComponentsInfo", + "type": "array" }, - "ProfileVersion": { - "markdownDescription": "The version of the signing profile.", - "title": "ProfileVersion", - "type": "string" + "Credentials": { + "items": { + "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.Credential" + }, + "markdownDescription": "The credentials of the SAP application.", + "title": "Credentials", + "type": "array" }, - "StatementId": { - "markdownDescription": "A unique identifier for the cross-account permission statement.", - "title": "StatementId", - "type": "string" - } - }, - "required": [ - "Action", - "Principal", - "ProfileName", - "StatementId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Signer::ProfilePermission" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Signer::SigningProfile": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "DatabaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database.", + "title": "DatabaseArn", "type": "string" }, - { + "Instances": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The Amazon EC2 instances on which your SAP application is running.", + "title": "Instances", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PlatformId": { - "markdownDescription": "The ID of a platform that is available for use by a signing profile.", - "title": "PlatformId", + }, + "SapInstanceNumber": { + "markdownDescription": "The SAP instance number of the application.", + "title": "SapInstanceNumber", "type": "string" }, - "SignatureValidityPeriod": { - "$ref": "#/definitions/AWS::Signer::SigningProfile.SignatureValidityPeriod", - "markdownDescription": "The validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months.", - "title": "SignatureValidityPeriod" + "Sid": { + "markdownDescription": "The System ID of the application.", + "title": "Sid", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags associated with the signing profile.", + "markdownDescription": "The tags on the application.", "title": "Tags", "type": "array" } }, "required": [ - "PlatformId" + "ApplicationId", + "ApplicationType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Signer::SigningProfile" + "AWS::SystemsManagerSAP::Application" ], "type": "string" }, @@ -260212,23 +311053,49 @@ ], "type": "object" }, - "AWS::Signer::SigningProfile.SignatureValidityPeriod": { + "AWS::SystemsManagerSAP::Application.ComponentInfo": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The time unit for signature validity: DAYS | MONTHS | YEARS.", - "title": "Type", + "ComponentType": { + "markdownDescription": "This string is the type of the component.\n\nAccepted value is `WD` .", + "title": "ComponentType", "type": "string" }, - "Value": { - "markdownDescription": "The numerical value of the time unit for signature validity.", - "title": "Value", - "type": "number" + "Ec2InstanceId": { + "markdownDescription": "This is the Amazon EC2 instance on which your SAP component is running.\n\nAccepted values are alphanumeric.", + "title": "Ec2InstanceId", + "type": "string" + }, + "Sid": { + "markdownDescription": "This string is the SAP System ID of the component.\n\nAccepted values are alphanumeric.", + "title": "Sid", + "type": "string" } }, "type": "object" }, - "AWS::SimSpaceWeaver::Simulation": { + "AWS::SystemsManagerSAP::Application.Credential": { + "additionalProperties": false, + "properties": { + "CredentialType": { + "markdownDescription": "The type of the application credentials.", + "title": "CredentialType", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the SAP HANA database.", + "title": "DatabaseName", + "type": "string" + }, + "SecretId": { + "markdownDescription": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application.", + "title": "SecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Timestream::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -260263,41 +311130,30 @@ "Properties": { "additionalProperties": false, "properties": { - "MaximumDuration": { - "markdownDescription": "The maximum running time of the simulation, specified as a number of minutes (m or M), hours (h or H), or days (d or D). The simulation stops when it reaches this limit. The maximum value is `14D` , or its equivalent in the other units. The default value is `14D` . A value equivalent to `0` makes the simulation immediately transition to `STOPPING` as soon as it reaches `STARTED` .", - "title": "MaximumDuration", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the simulation.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management ( IAM ) role that the simulation assumes to perform actions. For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* . For more information about IAM roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *AWS Identity and Access Management User Guide* .", - "title": "RoleArn", + "DatabaseName": { + "markdownDescription": "The name of the Timestream database.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "DatabaseName", "type": "string" }, - "SchemaS3Location": { - "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", - "markdownDescription": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` .", - "title": "SchemaS3Location" + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key used to encrypt the data stored in the database.", + "title": "KmsKeyId", + "type": "string" }, - "SnapshotS3Location": { - "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", - "markdownDescription": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` .", - "title": "SnapshotS3Location" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the database.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Name", - "RoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SimSpaceWeaver::Simulation" + "AWS::Timestream::Database" ], "type": "string" }, @@ -260311,32 +311167,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SimSpaceWeaver::Simulation.S3Location": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The name of an Amazon S3 bucket. For more information about buckets, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "BucketName", - "type": "string" - }, - "ObjectKey": { - "markdownDescription": "The key name of an object in Amazon S3. For more information about Amazon S3 objects and object keys, see [Uploading, downloading, and working with objects in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/uploading-downloading-objects.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "ObjectKey", - "type": "string" - } - }, - "required": [ - "BucketName", - "ObjectKey" + "Type" ], "type": "object" }, - "AWS::StepFunctions::Activity": { + "AWS::Timestream::InfluxDBInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -260371,28 +311206,106 @@ "Properties": { "additionalProperties": false, "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage to allocate for your DB storage type in GiB (gibibytes).", + "title": "AllocatedStorage", + "type": "number" + }, + "Bucket": { + "markdownDescription": "The name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization.", + "title": "Bucket", + "type": "string" + }, + "DbInstanceType": { + "markdownDescription": "The Timestream for InfluxDB DB instance type to run on.", + "title": "DbInstanceType", + "type": "string" + }, + "DbParameterGroupIdentifier": { + "markdownDescription": "The name or id of the DB parameter group to assign to your DB instance. DB parameter groups specify how the database is configured. For example, DB parameter groups can specify the limit for query concurrency.", + "title": "DbParameterGroupIdentifier", + "type": "string" + }, + "DbStorageType": { + "markdownDescription": "The Timestream for InfluxDB DB storage type to read and write InfluxDB data.\n\nYou can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements:\n\n- Influx IO Included 3000 IOPS\n- Influx IO Included 12000 IOPS\n- Influx IO Included 16000 IOPS", + "title": "DbStorageType", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Specifies whether the Timestream for InfluxDB is deployed as Single-AZ or with a MultiAZ Standby for High availability.", + "title": "DeploymentType", + "type": "string" + }, + "LogDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration", + "markdownDescription": "Configuration for sending InfluxDB engine logs to a specified S3 bucket.", + "title": "LogDeliveryConfiguration" + }, "Name": { - "markdownDescription": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` , `U+FFFE-FFFF` )\n- surrogates ( `U+D800-DFFF` )\n- invalid characters ( `U+10FFFF` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", + "markdownDescription": "The name that uniquely identifies the DB instance when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. DB instance names must be unique per customer and per region.", "title": "Name", "type": "string" }, + "NetworkType": { + "markdownDescription": "", + "title": "NetworkType", + "type": "string" + }, + "Organization": { + "markdownDescription": "The name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users.", + "title": "Organization", + "type": "string" + }, + "Password": { + "markdownDescription": "The password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon SecretManager in your account.", + "title": "Password", + "type": "string" + }, + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Configures the DB instance with a public IP to facilitate access.", + "title": "PubliclyAccessible", + "type": "boolean" + }, "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::Activity.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "markdownDescription": "A list of key-value pairs to associate with the DB instance.", "title": "Tags", "type": "array" + }, + "Username": { + "markdownDescription": "The username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. For example, my-user1. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon Secrets Manager in your account.", + "title": "Username", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC security group IDs to associate with the DB instance.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs to associate with the DB instance. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.", + "title": "VpcSubnetIds", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::Activity" + "AWS::Timestream::InfluxDBInstance" ], "type": "string" }, @@ -260406,44 +311319,50 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::StepFunctions::Activity.TagsEntry": { + "AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The `key` for a key-value pair in a tag entry.", - "title": "Key", + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.S3Configuration", + "markdownDescription": "Configuration for S3 bucket log delivery", + "title": "S3Configuration" + } + }, + "required": [ + "S3Configuration" + ], + "type": "object" + }, + "AWS::Timestream::InfluxDBInstance.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name of the customer S3 bucket.", + "title": "BucketName", "type": "string" }, - "Value": { - "markdownDescription": "The `value` for a key-value pair in a tag entry.", - "title": "Value", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether log delivery to the S3 bucket is enabled.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Key", - "Value" + "BucketName", + "Enabled" ], "type": "object" }, - "AWS::StepFunctions::StateMachine": { + "AWS::Timestream::ScheduledQuery": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "Connectors": { - "additionalProperties": { - "$ref": "#/definitions/EmbeddedConnector" - }, - "title": "Connectors", - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -260473,74 +311392,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", - "title": "Definition", - "type": "object" + "ClientToken": { + "markdownDescription": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request.", + "title": "ClientToken", + "type": "string" }, - "DefinitionS3Location": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.S3Location", - "markdownDescription": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file.", - "title": "DefinitionS3Location" + "ErrorReportConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ErrorReportConfiguration", + "markdownDescription": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results.", + "title": "ErrorReportConfiguration" }, - "DefinitionString": { - "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", - "title": "DefinitionString", + "KmsKeyId": { + "markdownDescription": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest.", + "title": "KmsKeyId", "type": "string" }, - "DefinitionSubstitutions": { - "additionalProperties": true, - "markdownDescription": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "object" - } - }, - "title": "DefinitionSubstitutions", - "type": "object" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LoggingConfiguration", - "markdownDescription": "Defines what execution history events are logged and where they are logged.\n\n> By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.", - "title": "LoggingConfiguration" + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.NotificationConfiguration", + "markdownDescription": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it.", + "title": "NotificationConfiguration" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.", - "title": "RoleArn", + "QueryString": { + "markdownDescription": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query.", + "title": "QueryString", "type": "string" }, - "StateMachineName": { - "markdownDescription": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "StateMachineName", + "ScheduleConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ScheduleConfiguration", + "markdownDescription": "Schedule configuration.", + "title": "ScheduleConfiguration" + }, + "ScheduledQueryExecutionRoleArn": { + "markdownDescription": "The ARN for the IAM role that Timestream will assume when running the scheduled query.", + "title": "ScheduledQueryExecutionRoleArn", "type": "string" }, - "StateMachineType": { - "markdownDescription": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide.", - "title": "StateMachineType", + "ScheduledQueryName": { + "markdownDescription": "A name for the query. Scheduled query names must be unique within each Region.", + "title": "ScheduledQueryName", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "markdownDescription": "A list of key-value pairs to label the scheduled query.", "title": "Tags", "type": "array" }, - "TracingConfiguration": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TracingConfiguration", - "markdownDescription": "Selects whether or not the state machine's AWS X-Ray tracing is enabled.", - "title": "TracingConfiguration" + "TargetConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TargetConfiguration", + "markdownDescription": "Scheduled query target store configuration.", + "title": "TargetConfiguration" } }, "required": [ - "RoleArn" + "ErrorReportConfiguration", + "NotificationConfiguration", + "QueryString", + "ScheduleConfiguration", + "ScheduledQueryExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachine" + "AWS::Timestream::ScheduledQuery" ], "type": "string" }, @@ -260559,109 +311476,258 @@ ], "type": "object" }, - "AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup": { + "AWS::Timestream::ScheduledQuery.DimensionMapping": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*`", - "title": "LogGroupArn", + "DimensionValueType": { + "markdownDescription": "Type for the dimension: VARCHAR", + "title": "DimensionValueType", + "type": "string" + }, + "Name": { + "markdownDescription": "Column name from query result.", + "title": "Name", "type": "string" } }, + "required": [ + "DimensionValueType", + "Name" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.LogDestination": { + "AWS::Timestream::ScheduledQuery.ErrorReportConfiguration": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroup": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup", - "markdownDescription": "An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the AWS CloudFormation User Guide.", - "title": "CloudWatchLogsLogGroup" + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.S3Configuration", + "markdownDescription": "The S3 configuration for the error reports.", + "title": "S3Configuration" } }, + "required": [ + "S3Configuration" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.LoggingConfiguration": { + "AWS::Timestream::ScheduledQuery.MixedMeasureMapping": { "additionalProperties": false, "properties": { - "Destinations": { + "MeasureName": { + "markdownDescription": "Refers to the value of measure_name in a result row. This field is required if MeasureNameColumn is provided.", + "title": "MeasureName", + "type": "string" + }, + "MeasureValueType": { + "markdownDescription": "Type of the value that is to be read from sourceColumn. If the mapping is for MULTI, use MeasureValueType.MULTI.", + "title": "MeasureValueType", + "type": "string" + }, + "MultiMeasureAttributeMappings": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LogDestination" + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" }, - "markdownDescription": "An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` .", - "title": "Destinations", + "markdownDescription": "Required when measureValueType is MULTI. Attribute mappings for MULTI value measures.", + "title": "MultiMeasureAttributeMappings", "type": "array" }, - "IncludeExecutionData": { - "markdownDescription": "Determines whether execution data is included in your log. When set to `false` , data is excluded.", - "title": "IncludeExecutionData", - "type": "boolean" + "SourceColumn": { + "markdownDescription": "This field refers to the source column from which measure-value is to be read for result materialization.", + "title": "SourceColumn", + "type": "string" }, - "Level": { - "markdownDescription": "Defines which category of execution history events are logged.", - "title": "Level", + "TargetMeasureName": { + "markdownDescription": "Target measure name to be used. If not provided, the target measure name by default would be measure-name if provided, or sourceColumn otherwise.", + "title": "TargetMeasureName", "type": "string" } }, + "required": [ + "MeasureValueType" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.S3Location": { + "AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket where the state machine definition JSON or YAML file is stored.", - "title": "Bucket", + "MeasureValueType": { + "markdownDescription": "Type of the attribute to be read from the source column.", + "title": "MeasureValueType", "type": "string" }, - "Key": { - "markdownDescription": "The name of the state machine definition file (Amazon S3 object name).", - "title": "Key", + "SourceColumn": { + "markdownDescription": "Source column from where the attribute value is to be read.", + "title": "SourceColumn", "type": "string" }, - "Version": { - "markdownDescription": "For versioning-enabled buckets, a specific version of the state machine definition.", - "title": "Version", + "TargetMultiMeasureAttributeName": { + "markdownDescription": "Custom name to be used for attribute name in derived table. If not provided, source column name would be used.", + "title": "TargetMultiMeasureAttributeName", "type": "string" } }, "required": [ - "Bucket", - "Key" + "MeasureValueType", + "SourceColumn" ], "type": "object" }, - "AWS::StepFunctions::StateMachine.TagsEntry": { + "AWS::Timestream::ScheduledQuery.MultiMeasureMappings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The `key` for a key-value pair in a tag entry.", - "title": "Key", + "MultiMeasureAttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + }, + "markdownDescription": "Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes.", + "title": "MultiMeasureAttributeMappings", + "type": "array" + }, + "TargetMultiMeasureName": { + "markdownDescription": "The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name.", + "title": "TargetMultiMeasureName", + "type": "string" + } + }, + "required": [ + "MultiMeasureAttributeMappings" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "SnsConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.SnsConfiguration", + "markdownDescription": "Details on SNS configuration.", + "title": "SnsConfiguration" + } + }, + "required": [ + "SnsConfiguration" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "Name of the S3 bucket under which error reports will be created.", + "title": "BucketName", "type": "string" }, - "Value": { - "markdownDescription": "The `value` for a key-value pair in a tag entry.", - "title": "Value", + "EncryptionOption": { + "markdownDescription": "Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default.", + "title": "EncryptionOption", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "Prefix for the error report key. Timestream by default adds the following prefix to the error report path.", + "title": "ObjectKeyPrefix", "type": "string" } }, "required": [ - "Key", - "Value" + "BucketName" ], "type": "object" }, - "AWS::StepFunctions::StateMachine.TracingConfiguration": { + "AWS::Timestream::ScheduledQuery.ScheduleConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "When set to `true` , X-Ray tracing is enabled.", - "title": "Enabled", - "type": "boolean" + "ScheduleExpression": { + "markdownDescription": "An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression.", + "title": "ScheduleExpression", + "type": "string" } }, + "required": [ + "ScheduleExpression" + ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias": { + "AWS::Timestream::ScheduledQuery.SnsConfiguration": { + "additionalProperties": false, + "properties": { + "TopicArn": { + "markdownDescription": "SNS topic ARN that the scheduled query status notifications will be sent to.", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "TopicArn" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.TargetConfiguration": { + "additionalProperties": false, + "properties": { + "TimestreamConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TimestreamConfiguration", + "markdownDescription": "Configuration needed to write data into the Timestream database and table.", + "title": "TimestreamConfiguration" + } + }, + "required": [ + "TimestreamConfiguration" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.TimestreamConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "Name of Timestream database to which the query result will be written.", + "title": "DatabaseName", + "type": "string" + }, + "DimensionMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.DimensionMapping" + }, + "markdownDescription": "This is to allow mapping column(s) from the query result to the dimension in the destination table.", + "title": "DimensionMappings", + "type": "array" + }, + "MeasureNameColumn": { + "markdownDescription": "Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` .", + "title": "MeasureNameColumn", + "type": "string" + }, + "MixedMeasureMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MixedMeasureMapping" + }, + "markdownDescription": "Specifies how to map measures to multi-measure records.", + "title": "MixedMeasureMappings", + "type": "array" + }, + "MultiMeasureMappings": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureMappings", + "markdownDescription": "Multi-measure mappings.", + "title": "MultiMeasureMappings" + }, + "TableName": { + "markdownDescription": "Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration.", + "title": "TableName", + "type": "string" + }, + "TimeColumn": { + "markdownDescription": "Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP.", + "title": "TimeColumn", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "DimensionMappings", + "TableName", + "TimeColumn" + ], + "type": "object" + }, + "AWS::Timestream::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -260696,35 +311762,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DeploymentPreference": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.DeploymentPreference", - "markdownDescription": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", - "title": "DeploymentPreference" - }, - "Description": { - "markdownDescription": "An optional description of the state machine alias.", - "title": "Description", + "DatabaseName": { + "markdownDescription": "The name of the Timestream database that contains this table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "DatabaseName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the state machine alias. If you don't provide a name, it uses an automatically generated name based on the logical ID.", - "title": "Name", + "MagneticStoreWriteProperties": { + "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreWriteProperties", + "markdownDescription": "Contains properties to set on the table when enabling magnetic store writes.\n\nThis object has the following attributes:\n\n- *EnableMagneticStoreWrites* : A `boolean` flag to enable magnetic store writes.\n- *MagneticStoreRejectedDataLocation* : The location to write error reports for records rejected, asynchronously, during magnetic store writes. Only `S3Configuration` objects are allowed. The `S3Configuration` object has the following attributes:\n\n- *BucketName* : The name of the S3 bucket.\n- *EncryptionOption* : The encryption option for the S3 location. Valid values are S3 server-side encryption with an S3 managed key ( `SSE_S3` ) or AWS managed key ( `SSE_KMS` ).\n- *KmsKeyId* : The AWS KMS key ID to use when encrypting with an AWS managed key.\n- *ObjectKeyPrefix* : The prefix to use option for the objects stored in S3.\n\nBoth `BucketName` and `EncryptionOption` are *required* when `S3Configuration` is specified. If you specify `SSE_KMS` as your `EncryptionOption` then `KmsKeyId` is *required* .\n\n`EnableMagneticStoreWrites` attribute is *required* when `MagneticStoreWriteProperties` is specified. `MagneticStoreRejectedDataLocation` attribute is *required* when `EnableMagneticStoreWrites` is set to `true` .\n\nSee the following examples:\n\n*JSON*\n\n```json\n{ \"Type\" : AWS::Timestream::Table\", \"Properties\":{ \"DatabaseName\":\"TestDatabase\", \"TableName\":\"TestTable\", \"MagneticStoreWriteProperties\":{ \"EnableMagneticStoreWrites\":true, \"MagneticStoreRejectedDataLocation\":{ \"S3Configuration\":{ \"BucketName\":\" amzn-s3-demo-bucket \", \"EncryptionOption\":\"SSE_KMS\", \"KmsKeyId\":\"1234abcd-12ab-34cd-56ef-1234567890ab\", \"ObjectKeyPrefix\":\"prefix\" } } } }\n}\n```\n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" MagneticStoreWriteProperties: EnableMagneticStoreWrites: true MagneticStoreRejectedDataLocation: S3Configuration: BucketName: \" amzn-s3-demo-bucket \" EncryptionOption: \"SSE_KMS\" KmsKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\" ObjectKeyPrefix: \"prefix\"\n```", + "title": "MagneticStoreWriteProperties" + }, + "RetentionProperties": { + "$ref": "#/definitions/AWS::Timestream::Table.RetentionProperties", + "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", + "title": "RetentionProperties" + }, + "Schema": { + "$ref": "#/definitions/AWS::Timestream::Table.Schema", + "markdownDescription": "The schema of the table.", + "title": "Schema" + }, + "TableName": { + "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "TableName", "type": "string" }, - "RoutingConfiguration": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties.", - "title": "RoutingConfiguration", + "markdownDescription": "The tags to add to the table", + "title": "Tags", "type": "array" } }, + "required": [ + "DatabaseName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachineAlias" + "AWS::Timestream::Table" ], "type": "string" }, @@ -260738,69 +311817,126 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias.DeploymentPreference": { + "AWS::Timestream::Table.MagneticStoreRejectedDataLocation": { "additionalProperties": false, "properties": { - "Alarms": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon CloudWatch alarm names to be monitored during the deployment. The deployment fails and rolls back if any of these alarms go into the `ALARM` state.\n\n> Amazon CloudWatch considers nonexistent alarms to have an `OK` state. If you provide an invalid alarm name or provide the ARN of an alarm instead of its name, your deployment may not roll back correctly.", - "title": "Alarms", - "type": "array" - }, - "Interval": { - "markdownDescription": "The time in minutes between each traffic shifting increment.", - "title": "Interval", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::Table.S3Configuration", + "markdownDescription": "Configuration of an S3 location to write error reports for records rejected, asynchronously, during magnetic store writes.", + "title": "S3Configuration" + } + }, + "type": "object" + }, + "AWS::Timestream::Table.MagneticStoreWriteProperties": { + "additionalProperties": false, + "properties": { + "EnableMagneticStoreWrites": { + "markdownDescription": "A flag to enable magnetic store writes.", + "title": "EnableMagneticStoreWrites", + "type": "boolean" }, - "Percentage": { - "markdownDescription": "The percentage of traffic to shift to the new version in each increment.", - "title": "Percentage", - "type": "number" + "MagneticStoreRejectedDataLocation": { + "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreRejectedDataLocation", + "markdownDescription": "The location to write error reports for records rejected asynchronously during magnetic store writes.", + "title": "MagneticStoreRejectedDataLocation" + } + }, + "required": [ + "EnableMagneticStoreWrites" + ], + "type": "object" + }, + "AWS::Timestream::Table.PartitionKey": { + "additionalProperties": false, + "properties": { + "EnforcementInRecord": { + "markdownDescription": "The level of enforcement for the specification of a dimension key in ingested records. Options are REQUIRED (dimension key must be specified) and OPTIONAL (dimension key does not have to be specified).", + "title": "EnforcementInRecord", + "type": "string" }, - "StateMachineVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete.\n\nWhile performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead.", - "title": "StateMachineVersionArn", + "Name": { + "markdownDescription": "The name of the attribute used for a dimension key.", + "title": "Name", "type": "string" }, "Type": { - "markdownDescription": "The type of deployment you want to perform. You can specify one of the following types:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "markdownDescription": "The type of the partition key. Options are DIMENSION (dimension key) and MEASURE (measure key).", "title": "Type", "type": "string" } }, "required": [ - "StateMachineVersionArn", "Type" ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion": { + "AWS::Timestream::Table.RetentionProperties": { "additionalProperties": false, "properties": { - "StateMachineVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration.\n\nIf you specify the ARN of a second version, it must belong to the same state machine as the first version.", - "title": "StateMachineVersionArn", + "MagneticStoreRetentionPeriodInDays": { + "markdownDescription": "The duration for which data must be stored in the magnetic store.", + "title": "MagneticStoreRetentionPeriodInDays", "type": "string" }, - "Weight": { - "markdownDescription": "The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100.", - "title": "Weight", - "type": "number" + "MemoryStoreRetentionPeriodInHours": { + "markdownDescription": "The duration for which data must be stored in the memory store.", + "title": "MemoryStoreRetentionPeriodInHours", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Timestream::Table.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name of the customer S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "EncryptionOption": { + "markdownDescription": "The encryption option for the customer S3 location. Options are S3 server-side encryption with an S3 managed key or AWS managed key.", + "title": "EncryptionOption", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key ID for the customer S3 location when encrypting with an AWS managed key.", + "title": "KmsKeyId", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "The object key preview for the customer S3 location.", + "title": "ObjectKeyPrefix", + "type": "string" } }, "required": [ - "StateMachineVersionArn", - "Weight" + "BucketName", + "EncryptionOption" ], "type": "object" }, - "AWS::StepFunctions::StateMachineVersion": { + "AWS::Timestream::Table.Schema": { + "additionalProperties": false, + "properties": { + "CompositePartitionKey": { + "items": { + "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" + }, + "markdownDescription": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed.", + "title": "CompositePartitionKey", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Transfer::Agreement": { "additionalProperties": false, "properties": { "Condition": { @@ -260835,30 +311971,76 @@ "Properties": { "additionalProperties": false, "properties": { + "AccessRole": { + "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", + "title": "AccessRole", + "type": "string" + }, + "BaseDirectory": { + "markdownDescription": "The landing directory (folder) for files that are transferred by using the AS2 protocol.", + "title": "BaseDirectory", + "type": "string" + }, + "CustomDirectories": { + "$ref": "#/definitions/AWS::Transfer::Agreement.CustomDirectories", + "markdownDescription": "A `CustomDirectoriesType` structure. This structure specifies custom directories for storing various AS2 message files. You can specify directories for the following types of files.\n\n- Failed files\n- MDN files\n- Payload files\n- Status files\n- Temporary files", + "title": "CustomDirectories" + }, "Description": { - "markdownDescription": "An optional description of the state machine version.", + "markdownDescription": "The name or short description that's used to identify the agreement.", "title": "Description", "type": "string" }, - "StateMachineArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the state machine.", - "title": "StateMachineArn", + "EnforceMessageSigning": { + "markdownDescription": "Determines whether or not unsigned messages from your trading partners will be accepted.\n\n- `ENABLED` : Transfer Family rejects unsigned messages from your trading partner.\n- `DISABLED` (default value): Transfer Family accepts unsigned messages from your trading partner.", + "title": "EnforceMessageSigning", "type": "string" }, - "StateMachineRevisionId": { - "markdownDescription": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine\u2019s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` .", - "title": "StateMachineRevisionId", + "LocalProfileId": { + "markdownDescription": "A unique identifier for the AS2 local profile.", + "title": "LocalProfileId", + "type": "string" + }, + "PartnerProfileId": { + "markdownDescription": "A unique identifier for the partner profile used in the agreement.", + "title": "PartnerProfileId", + "type": "string" + }, + "PreserveFilename": { + "markdownDescription": "Determines whether or not Transfer Family appends a unique string of characters to the end of the AS2 message payload filename when saving it.\n\n- `ENABLED` : the filename provided by your trading parter is preserved when the file is saved.\n- `DISABLED` (default value): when Transfer Family saves the file, the filename is adjusted, as described in [File names and locations](https://docs.aws.amazon.com/transfer/latest/userguide/send-as2-messages.html#file-names-as2) .", + "title": "PreserveFilename", + "type": "string" + }, + "ServerId": { + "markdownDescription": "A system-assigned unique identifier for a server instance. This identifier indicates the specific server that the agreement uses.", + "title": "ServerId", + "type": "string" + }, + "Status": { + "markdownDescription": "The current status of the agreement, either `ACTIVE` or `INACTIVE` .", + "title": "Status", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for agreements.", + "title": "Tags", + "type": "array" } }, "required": [ - "StateMachineArn" + "AccessRole", + "LocalProfileId", + "PartnerProfileId", + "ServerId" ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachineVersion" + "AWS::Transfer::Agreement" ], "type": "string" }, @@ -260877,7 +312059,45 @@ ], "type": "object" }, - "AWS::SupportApp::AccountAlias": { + "AWS::Transfer::Agreement.CustomDirectories": { + "additionalProperties": false, + "properties": { + "FailedFilesDirectory": { + "markdownDescription": "", + "title": "FailedFilesDirectory", + "type": "string" + }, + "MdnFilesDirectory": { + "markdownDescription": "", + "title": "MdnFilesDirectory", + "type": "string" + }, + "PayloadFilesDirectory": { + "markdownDescription": "", + "title": "PayloadFilesDirectory", + "type": "string" + }, + "StatusFilesDirectory": { + "markdownDescription": "", + "title": "StatusFilesDirectory", + "type": "string" + }, + "TemporaryFilesDirectory": { + "markdownDescription": "", + "title": "TemporaryFilesDirectory", + "type": "string" + } + }, + "required": [ + "FailedFilesDirectory", + "MdnFilesDirectory", + "PayloadFilesDirectory", + "StatusFilesDirectory", + "TemporaryFilesDirectory" + ], + "type": "object" + }, + "AWS::Transfer::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -260912,20 +312132,59 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAlias": { - "markdownDescription": "An alias or short name for an AWS account .", - "title": "AccountAlias", + "ActiveDate": { + "markdownDescription": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", + "title": "ActiveDate", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The file name for the certificate.", + "title": "Certificate", + "type": "string" + }, + "CertificateChain": { + "markdownDescription": "The list of certificates that make up the chain for the certificate.", + "title": "CertificateChain", + "type": "string" + }, + "Description": { + "markdownDescription": "The name or description that's used to identity the certificate.", + "title": "Description", + "type": "string" + }, + "InactiveDate": { + "markdownDescription": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", + "title": "InactiveDate", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The file that contains the private key for the certificate that's being imported.", + "title": "PrivateKey", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for certificates.", + "title": "Tags", + "type": "array" + }, + "Usage": { + "markdownDescription": "Specifies how this certificate is used. It can be used in the following ways:\n\n- `SIGNING` : For signing AS2 messages\n- `ENCRYPTION` : For encrypting AS2 messages\n- `TLS` : For securing AS2 communications sent over HTTPS", + "title": "Usage", "type": "string" } }, "required": [ - "AccountAlias" + "Certificate", + "Usage" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::AccountAlias" + "AWS::Transfer::Certificate" ], "type": "string" }, @@ -260944,7 +312203,7 @@ ], "type": "object" }, - "AWS::SupportApp::SlackChannelConfiguration": { + "AWS::Transfer::Connector": { "additionalProperties": false, "properties": { "Condition": { @@ -260979,58 +312238,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The channel ID in Slack. This ID identifies a channel within a Slack workspace.", - "title": "ChannelId", + "AccessRole": { + "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", + "title": "AccessRole", "type": "string" }, - "ChannelName": { - "markdownDescription": "The channel name in Slack. This is the channel where you invite the AWS Support App .", - "title": "ChannelName", - "type": "string" + "As2Config": { + "$ref": "#/definitions/AWS::Transfer::Connector.As2Config", + "markdownDescription": "A structure that contains the parameters for an AS2 connector object.", + "title": "As2Config" }, - "ChannelRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for this Slack channel configuration. The App uses this role to perform and Service Quotas actions on your behalf.", - "title": "ChannelRoleArn", + "LoggingRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.", + "title": "LoggingRole", "type": "string" }, - "NotifyOnAddCorrespondenceToCase": { - "markdownDescription": "Whether to get notified when a correspondence is added to your support cases.", - "title": "NotifyOnAddCorrespondenceToCase", - "type": "boolean" - }, - "NotifyOnCaseSeverity": { - "markdownDescription": "The case severity for your support cases that you want to receive notifications. You can specify `none` , `all` , or `high` .", - "title": "NotifyOnCaseSeverity", + "SecurityPolicyName": { + "markdownDescription": "The text name of the security policy for the specified connector.", + "title": "SecurityPolicyName", "type": "string" }, - "NotifyOnCreateOrReopenCase": { - "markdownDescription": "Whether to get notified when your support cases are created or reopened", - "title": "NotifyOnCreateOrReopenCase", - "type": "boolean" + "SftpConfig": { + "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig", + "markdownDescription": "A structure that contains the parameters for an SFTP connector object.", + "title": "SftpConfig" }, - "NotifyOnResolveCase": { - "markdownDescription": "Whether to get notified when your support cases are resolved.", - "title": "NotifyOnResolveCase", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for connectors.", + "title": "Tags", + "type": "array" }, - "TeamId": { - "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace.", - "title": "TeamId", + "Url": { + "markdownDescription": "The URL of the partner's AS2 or SFTP endpoint.", + "title": "Url", "type": "string" } }, "required": [ - "ChannelId", - "ChannelRoleArn", - "NotifyOnCaseSeverity", - "TeamId" + "AccessRole", + "Url" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::SlackChannelConfiguration" + "AWS::Transfer::Connector" ], "type": "string" }, @@ -261049,7 +312304,87 @@ ], "type": "object" }, - "AWS::SupportApp::SlackWorkspaceConfiguration": { + "AWS::Transfer::Connector.As2Config": { + "additionalProperties": false, + "properties": { + "BasicAuthSecretId": { + "markdownDescription": "Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication, you must provide the name or Amazon Resource Name (ARN) of a secret in AWS Secrets Manager .\n\nThe default value for this parameter is `null` , which indicates that Basic authentication is not enabled for the connector.\n\nIf the connector should use Basic authentication, the secret needs to be in the following format:\n\n`{ \"Username\": \"user-name\", \"Password\": \"user-password\" }`\n\nReplace `user-name` and `user-password` with the credentials for the actual user that is being authenticated.\n\nNote the following:\n\n- You are storing these credentials in Secrets Manager, *not passing them directly* into this API.\n- If you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication. However, if you are using the AWS management console, you can have the system create the secret for you.\n\nIf you have previously enabled Basic authentication for a connector, you can disable it by using the `UpdateConnector` API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:\n\n`update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=\"\"'`", + "title": "BasicAuthSecretId", + "type": "string" + }, + "Compression": { + "markdownDescription": "Specifies whether the AS2 file is compressed.", + "title": "Compression", + "type": "string" + }, + "EncryptionAlgorithm": { + "markdownDescription": "The algorithm that is used to encrypt the file.\n\nNote the following:\n\n- Do not use the `DES_EDE3_CBC` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.\n- You can only specify `NONE` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.", + "title": "EncryptionAlgorithm", + "type": "string" + }, + "LocalProfileId": { + "markdownDescription": "A unique identifier for the AS2 local profile.", + "title": "LocalProfileId", + "type": "string" + }, + "MdnResponse": { + "markdownDescription": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", + "title": "MdnResponse", + "type": "string" + }, + "MdnSigningAlgorithm": { + "markdownDescription": "The signing algorithm for the MDN response.\n\n> If set to DEFAULT (or not set at all), the value for `SigningAlgorithm` is used.", + "title": "MdnSigningAlgorithm", + "type": "string" + }, + "MessageSubject": { + "markdownDescription": "Used as the `Subject` HTTP header attribute in AS2 messages that are being sent with the connector.", + "title": "MessageSubject", + "type": "string" + }, + "PartnerProfileId": { + "markdownDescription": "A unique identifier for the partner profile for the connector.", + "title": "PartnerProfileId", + "type": "string" + }, + "PreserveContentType": { + "markdownDescription": "", + "title": "PreserveContentType", + "type": "string" + }, + "SigningAlgorithm": { + "markdownDescription": "The algorithm that is used to sign the AS2 messages sent with the connector.", + "title": "SigningAlgorithm", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Connector.SftpConfig": { + "additionalProperties": false, + "properties": { + "MaxConcurrentConnections": { + "markdownDescription": "Specify the number of concurrent connections that your connector creates to the remote server. The default value is `1` . The maximum values is `5` .\n\n> If you are using the AWS Management Console , the default value is `5` . \n\nThis parameter specifies the number of active connections that your connector can establish with the remote server at the same time. Increasing this value can enhance connector performance when transferring large file batches by enabling parallel operations.", + "title": "MaxConcurrentConnections", + "type": "number" + }, + "TrustedHostKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\n> `TrustedHostKeys` is optional for `CreateConnector` . If not provided, you can use `TestConnection` to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key. \n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... - Required when creating an SFTP connector\n> - Optional when updating an existing SFTP connector", + "title": "UserSecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Profile": { "additionalProperties": false, "properties": { "Condition": { @@ -261084,25 +312419,42 @@ "Properties": { "additionalProperties": false, "properties": { - "TeamId": { - "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace, such as `T012ABCDEFG` .", - "title": "TeamId", + "As2Id": { + "markdownDescription": "The `As2Id` is the *AS2-name* , as defined in the [RFC 4130](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc4130) . For inbound transfers, this is the `AS2-From` header for the AS2 messages sent from the partner. For outbound connectors, this is the `AS2-To` header for the AS2 messages sent to the partner using the `StartFileTransfer` API operation. This ID cannot include spaces.", + "title": "As2Id", "type": "string" }, - "VersionId": { - "markdownDescription": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation , such as `100` .", - "title": "VersionId", + "CertificateIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.", + "title": "CertificateIds", + "type": "array" + }, + "ProfileType": { + "markdownDescription": "Indicates whether to list only `LOCAL` type profiles or only `PARTNER` type profiles. If not supplied in the request, the command lists all types of profiles.", + "title": "ProfileType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for profiles.", + "title": "Tags", + "type": "array" } }, "required": [ - "TeamId" + "As2Id", + "ProfileType" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::SlackWorkspaceConfiguration" + "AWS::Transfer::Profile" ], "type": "string" }, @@ -261121,7 +312473,7 @@ ], "type": "object" }, - "AWS::Synthetics::Canary": { + "AWS::Transfer::Server": { "additionalProperties": false, "properties": { "Condition": { @@ -261156,93 +312508,106 @@ "Properties": { "additionalProperties": false, "properties": { - "ArtifactConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.ArtifactConfig", - "markdownDescription": "A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.", - "title": "ArtifactConfig" + "Certificate": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. Required when `Protocols` is set to `FTPS` .\n\nTo request a new public certificate, see [Request a public certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html) in the *AWS Certificate Manager User Guide* .\n\nTo import an existing certificate into ACM, see [Importing certificates into ACM](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .\n\nTo request a private certificate to use FTPS through private IP addresses, see [Request a private certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html) in the *AWS Certificate Manager User Guide* .\n\nCertificates with the following cryptographic algorithms and key sizes are supported:\n\n- 2048-bit RSA (RSA_2048)\n- 4096-bit RSA (RSA_4096)\n- Elliptic Prime Curve 256 bit (EC_prime256v1)\n- Elliptic Prime Curve 384 bit (EC_secp384r1)\n- Elliptic Prime Curve 521 bit (EC_secp521r1)\n\n> The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.", + "title": "Certificate", + "type": "string" }, - "ArtifactS3Location": { - "markdownDescription": "The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files. Specify the full location path, including `s3://` at the beginning of the path.", - "title": "ArtifactS3Location", + "Domain": { + "markdownDescription": "Specifies the domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.", + "title": "Domain", + "type": "string" + }, + "EndpointDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.EndpointDetails", + "markdownDescription": "The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.", + "title": "EndpointDetails" + }, + "EndpointType": { + "markdownDescription": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", + "title": "EndpointType", + "type": "string" + }, + "IdentityProviderDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.IdentityProviderDetails", + "markdownDescription": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", + "title": "IdentityProviderDetails" + }, + "IdentityProviderType": { + "markdownDescription": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", + "title": "IdentityProviderType", "type": "string" }, - "Code": { - "$ref": "#/definitions/AWS::Synthetics::Canary.Code", - "markdownDescription": "Use this structure to input your script code for the canary. This structure contains the Lambda handler with the location where the canary should start running the script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included. If the script is passed into the canary directly, the script code is contained in the value of `Script` .", - "title": "Code" + "IpAddressType": { + "markdownDescription": "Specifies whether to use IPv4 only, or to use dual-stack (IPv4 and IPv6) for your AWS Transfer Family endpoint. The default value is `IPV4` .\n\n> The `IpAddressType` parameter has the following limitations:\n> \n> - It cannot be changed while the server is online. You must stop the server before modifying this parameter.\n> - It cannot be updated to `DUALSTACK` if the server has `AddressAllocationIds` specified. > When using `DUALSTACK` as the `IpAddressType` , you cannot set the `AddressAllocationIds` parameter for the [EndpointDetails](https://docs.aws.amazon.com/transfer/latest/APIReference/API_EndpointDetails.html) for the server.", + "title": "IpAddressType", + "type": "string" }, - "ExecutionRoleArn": { - "markdownDescription": "The ARN of the IAM role to be used to run the canary. This role must already exist, and must include `lambda.amazonaws.com` as a principal in the trust policy. The role must also have the following permissions:\n\n- `s3:PutObject`\n- `s3:GetBucketLocation`\n- `s3:ListAllMyBuckets`\n- `cloudwatch:PutMetricData`\n- `logs:CreateLogGroup`\n- `logs:CreateLogStream`\n- `logs:PutLogEvents`", - "title": "ExecutionRoleArn", + "LoggingRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", + "title": "LoggingRole", "type": "string" }, - "FailureRetentionPeriod": { - "markdownDescription": "The number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", - "title": "FailureRetentionPeriod", - "type": "number" + "PostAuthenticationLoginBanner": { + "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", + "title": "PostAuthenticationLoginBanner", + "type": "string" }, - "Name": { - "markdownDescription": "The name for this canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account.\n\nDo not include secrets or proprietary information in your canary names. The canary name makes up part of the canary ARN, and the ARN is included in outbound calls over the internet. For more information, see [Security Considerations for Synthetics Canaries](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html) .", - "title": "Name", + "PreAuthenticationLoginBanner": { + "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", + "title": "PreAuthenticationLoginBanner", "type": "string" }, - "RunConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.RunConfig", - "markdownDescription": "A structure that contains input information for a canary run. If you omit this structure, the frequency of the canary is used as canary's timeout value, up to a maximum of 900 seconds.", - "title": "RunConfig" + "ProtocolDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.ProtocolDetails", + "markdownDescription": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", + "title": "ProtocolDetails" }, - "RuntimeVersion": { - "markdownDescription": "Specifies the runtime version to use for the canary. For more information about runtime versions, see [Canary Runtime Versions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) .", - "title": "RuntimeVersion", - "type": "string" + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", + "title": "Protocols", + "type": "array" }, - "Schedule": { - "$ref": "#/definitions/AWS::Synthetics::Canary.Schedule", - "markdownDescription": "A structure that contains information about how often the canary is to run, and when these runs are to stop.", - "title": "Schedule" + "S3StorageOptions": { + "$ref": "#/definitions/AWS::Transfer::Server.S3StorageOptions", + "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", + "title": "S3StorageOptions" }, - "StartCanaryAfterCreation": { - "markdownDescription": "Specify TRUE to have the canary start making runs immediately after it is created.\n\nA canary that you create using CloudFormation can't be used to monitor the CloudFormation stack that creates the canary or to roll back that stack if there is a failure.", - "title": "StartCanaryAfterCreation", - "type": "boolean" + "SecurityPolicyName": { + "markdownDescription": "Specifies the name of the security policy for the server.", + "title": "SecurityPolicyName", + "type": "string" }, - "SuccessRetentionPeriod": { - "markdownDescription": "The number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", - "title": "SuccessRetentionPeriod", - "type": "number" + "StructuredLogDestinations": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", + "title": "StructuredLogDestinations", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value pairs that are associated with the canary.", + "markdownDescription": "Key-value pairs that can be used to group and search for servers.", "title": "Tags", "type": "array" }, - "VPCConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.VPCConfig", - "markdownDescription": "If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see [Running a Canary in a VPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html) .", - "title": "VPCConfig" - }, - "VisualReference": { - "$ref": "#/definitions/AWS::Synthetics::Canary.VisualReference", - "markdownDescription": "If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.", - "title": "VisualReference" + "WorkflowDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetails", + "markdownDescription": "Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.\n\nIn addition to a workflow to execute when a file is uploaded completely, `WorkflowDetails` can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.", + "title": "WorkflowDetails" } }, - "required": [ - "ArtifactS3Location", - "Code", - "ExecutionRoleArn", - "Name", - "RuntimeVersion", - "Schedule" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Synthetics::Canary" + "AWS::Transfer::Server" ], "type": "string" }, @@ -261256,204 +312621,164 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Synthetics::Canary.ArtifactConfig": { - "additionalProperties": false, - "properties": { - "S3Encryption": { - "$ref": "#/definitions/AWS::Synthetics::Canary.S3Encryption", - "markdownDescription": "A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3 . Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see [Encrypting canary artifacts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_artifact_encryption.html) .", - "title": "S3Encryption" - } - }, - "type": "object" - }, - "AWS::Synthetics::Canary.BaseScreenshot": { + "AWS::Transfer::Server.EndpointDetails": { "additionalProperties": false, "properties": { - "IgnoreCoordinates": { + "AddressAllocationIds": { "items": { "type": "string" }, - "markdownDescription": "Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch console to draw the boundaries on the screen. For more information, see [Edit or delete a canary](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/synthetics_canaries_deletion.html) .", - "title": "IgnoreCoordinates", + "markdownDescription": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.\n> - You can't set address allocation IDs for servers that have an `IpAddressType` set to `DUALSTACK` You can only set this property if `IpAddressType` is set to `IPV4` .", + "title": "AddressAllocationIds", "type": "array" }, - "ScreenshotName": { - "markdownDescription": "The name of the screenshot. This is generated the first time the canary is run after the `UpdateCanary` operation that specified for this canary to perform visual monitoring.", - "title": "ScreenshotName", + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security groups IDs that are available to attach to your server's endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC` .\n> \n> You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs that are required to host your server endpoint in your VPC.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", + "title": "SubnetIds", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The ID of the VPC endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` .", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC ID of the virtual private cloud in which the server's endpoint will be hosted.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", + "title": "VpcId", "type": "string" } }, - "required": [ - "ScreenshotName" - ], "type": "object" }, - "AWS::Synthetics::Canary.Code": { + "AWS::Transfer::Server.IdentityProviderDetails": { "additionalProperties": false, "properties": { - "Handler": { - "markdownDescription": "The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` .", - "title": "Handler", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "If your canary script is located in S3, specify the bucket name here. The bucket must already exist.", - "title": "S3Bucket", + "DirectoryId": { + "markdownDescription": "The identifier of the AWS Directory Service directory that you want to use as your identity provider.", + "title": "DirectoryId", "type": "string" }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .", - "title": "S3Key", + "Function": { + "markdownDescription": "The ARN for a Lambda function to use for the Identity provider.", + "title": "Function", "type": "string" }, - "S3ObjectVersion": { - "markdownDescription": "The Amazon S3 version ID of your script.", - "title": "S3ObjectVersion", + "InvocationRole": { + "markdownDescription": "This parameter is only applicable if your `IdentityProviderType` is `API_GATEWAY` . Provides the type of `InvocationRole` used to authenticate the user account.", + "title": "InvocationRole", "type": "string" }, - "Script": { - "markdownDescription": "If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB.", - "title": "Script", + "SftpAuthenticationMethods": { + "markdownDescription": "For SFTP-enabled servers, and for custom identity providers *only* , you can specify whether to authenticate using a password, SSH key pair, or both.\n\n- `PASSWORD` - users must provide their password to connect.\n- `PUBLIC_KEY` - users must provide their private key to connect.\n- `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either their password or their key. This is the default value.\n- `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private key and their password to connect. The server checks the key first, and then if the key is valid, the system prompts for a password. If the private key provided does not match the public key that is stored, authentication fails.", + "title": "SftpAuthenticationMethods", "type": "string" }, - "SourceLocationArn": { - "markdownDescription": "The ARN of the Lambda layer where Synthetics stores the canary script code.", - "title": "SourceLocationArn", + "Url": { + "markdownDescription": "Provides the location of the service endpoint used to authenticate users.", + "title": "Url", "type": "string" } }, - "required": [ - "Handler" - ], "type": "object" }, - "AWS::Synthetics::Canary.RunConfig": { + "AWS::Transfer::Server.ProtocolDetails": { "additionalProperties": false, "properties": { - "ActiveTracing": { - "markdownDescription": "Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see [Canaries and X-Ray tracing](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html) .\n\nYou can enable active tracing only for canaries that use version `syn-nodejs-2.0` or later for their canary runtime.", - "title": "ActiveTracing", - "type": "boolean" - }, - "EnvironmentVariables": { - "additionalProperties": true, - "markdownDescription": "Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:\n\n{ \"key1\" : \"value1\", \"key2\" : \"value2\", ...}\n\nKeys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see [Runtime environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "As2Transports": { + "items": { + "type": "string" }, - "title": "EnvironmentVariables", - "type": "object" + "markdownDescription": "List of `As2Transport` objects.", + "title": "As2Transports", + "type": "array" }, - "MemoryInMB": { - "markdownDescription": "The maximum amount of memory that the canary can use while running. This value must be a multiple of 64. The range is 960 to 3008.", - "title": "MemoryInMB", - "type": "number" + "PassiveIp": { + "markdownDescription": "Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:\n\n`aws transfer update-server --protocol-details PassiveIp=0.0.0.0`\n\nReplace `0.0.0.0` in the example above with the actual IP address you want to use.\n\n> If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) . \n\n*Special values*\n\nThe `AUTO` and `0.0.0.0` are special values for the `PassiveIp` parameter. The value `PassiveIp=AUTO` is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. `PassiveIp=0.0.0.0` has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the `PassiveIp` parameter. This reduces the effectiveness of having High Availability. In this case, you can specify `PassiveIp=0.0.0.0` . This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the `PassiveIp=0.0.0.0` response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the `PassiveIp=0.0.0.0` response.", + "title": "PassiveIp", + "type": "string" }, - "TimeoutInSeconds": { - "markdownDescription": "How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.\n\nIf you omit this field, the frequency of the canary is used as this value, up to a maximum of 900 seconds.", - "title": "TimeoutInSeconds", - "type": "number" + "SetStatOption": { + "markdownDescription": "Use the `SetStatOption` to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket.\n\nSome SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as `SETSTAT` when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.\n\nSet the value to `ENABLE_NO_OP` to have the Transfer Family server ignore the `SETSTAT` command, and upload files without needing to make any changes to your SFTP client. While the `SetStatOption` `ENABLE_NO_OP` setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a `SETSTAT` call.\n\n> If you want to preserve the original timestamp for your file, and modify other file attributes using `SETSTAT` , you can use Amazon EFS as backend storage with Transfer Family.", + "title": "SetStatOption", + "type": "string" + }, + "TlsSessionResumptionMode": { + "markdownDescription": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients.", + "title": "TlsSessionResumptionMode", + "type": "string" } }, "type": "object" }, - "AWS::Synthetics::Canary.S3Encryption": { + "AWS::Transfer::Server.S3StorageOptions": { "additionalProperties": false, "properties": { - "EncryptionMode": { - "markdownDescription": "The encryption method to use for artifacts created by this canary. Specify `SSE_S3` to use server-side encryption (SSE) with an Amazon S3-managed key. Specify `SSE-KMS` to use server-side encryption with a customer-managed AWS KMS key.\n\nIf you omit this parameter, an AWS -managed AWS KMS key is used.", - "title": "EncryptionMode", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the customer-managed AWS KMS key to use, if you specify `SSE-KMS` for `EncryptionMode`", - "title": "KmsKeyArn", + "DirectoryListingOptimization": { + "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", + "title": "DirectoryListingOptimization", "type": "string" } }, "type": "object" }, - "AWS::Synthetics::Canary.Schedule": { + "AWS::Transfer::Server.WorkflowDetail": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.", - "title": "DurationInSeconds", + "ExecutionRole": { + "markdownDescription": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources", + "title": "ExecutionRole", "type": "string" }, - "Expression": { - "markdownDescription": "A `rate` expression or a `cron` expression that defines how often the canary is to run.\n\nFor a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` .\n\nFor example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` .\n\nSpecifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started.\n\nUse `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) .", - "title": "Expression", + "WorkflowId": { + "markdownDescription": "A unique identifier for the workflow.", + "title": "WorkflowId", "type": "string" } }, "required": [ - "Expression" + "ExecutionRole", + "WorkflowId" ], "type": "object" }, - "AWS::Synthetics::Canary.VPCConfig": { + "AWS::Transfer::Server.WorkflowDetails": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for this canary.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { + "OnPartialUpload": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" }, - "markdownDescription": "The IDs of the subnets where this canary is to run.", - "title": "SubnetIds", + "markdownDescription": "A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload.\n\nA *partial upload* occurs when a file is open when the session disconnects.\n\n> `OnPartialUpload` can contain a maximum of one `WorkflowDetail` object.", + "title": "OnPartialUpload", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC where this canary is to run.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "SecurityGroupIds", - "SubnetIds" - ], - "type": "object" - }, - "AWS::Synthetics::Canary.VisualReference": { - "additionalProperties": false, - "properties": { - "BaseCanaryRunId": { - "markdownDescription": "Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are `nextrun` to use the screenshots from the next run after this update is made, `lastrun` to use the screenshots from the most recent run before this update was made, or the value of `Id` in the [CanaryRun](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CanaryRun.html) from any past run of this canary.", - "title": "BaseCanaryRunId", - "type": "string" - }, - "BaseScreenshots": { + "OnUpload": { "items": { - "$ref": "#/definitions/AWS::Synthetics::Canary.BaseScreenshot" + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" }, - "markdownDescription": "An array of screenshots that are used as the baseline for comparisons during visual monitoring.", - "title": "BaseScreenshots", + "markdownDescription": "A trigger that starts a workflow: the workflow begins to execute after a file is uploaded.\n\nTo remove an associated workflow from a server, you can provide an empty `OnUpload` object, as in the following example.\n\n`aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{\"OnUpload\":[]}'`\n\n> `OnUpload` can contain a maximum of one `WorkflowDetail` object.", + "title": "OnUpload", "type": "array" } }, - "required": [ - "BaseCanaryRunId" - ], "type": "object" }, - "AWS::Synthetics::Group": { + "AWS::Transfer::User": { "additionalProperties": false, "properties": { "Condition": { @@ -261488,36 +312813,76 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A name for the group. It can include any Unicode characters.\n\nThe names for all groups in your account, across all Regions, must be unique.", - "title": "Name", + "HomeDirectory": { + "markdownDescription": "The landing directory (folder) for a user when they log in to the server using the client.\n\nA `HomeDirectory` example is `/bucket_name/home/mydirectory` .\n\n> You can use the `HomeDirectory` parameter for `HomeDirectoryType` when it is set to either `PATH` or `LOGICAL` .", + "title": "HomeDirectory", "type": "string" }, - "ResourceArns": { + "HomeDirectoryMappings": { + "items": { + "$ref": "#/definitions/AWS::Transfer::User.HomeDirectoryMapEntry" + }, + "markdownDescription": "Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the `Entry` and `Target` pair, where `Entry` shows how the path is made visible and `Target` is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in `Target` . This value can be set only when `HomeDirectoryType` is set to *LOGICAL* .\n\nThe following is an `Entry` and `Target` pair example.\n\n`[ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`\n\nIn most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (\" `chroot` \"). To do this, you can set `Entry` to `/` and set `Target` to the value the user should see for their home directory when they log in.\n\nThe following is an `Entry` and `Target` pair example for `chroot` .\n\n`[ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`", + "title": "HomeDirectoryMappings", + "type": "array" + }, + "HomeDirectoryType": { + "markdownDescription": "The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to `PATH` , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to `LOGICAL` , you need to provide mappings in the `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon EFS paths visible to your users.\n\n> If `HomeDirectoryType` is `LOGICAL` , you must provide mappings, using the `HomeDirectoryMappings` parameter. If, on the other hand, `HomeDirectoryType` is `PATH` , you provide an absolute path using the `HomeDirectory` parameter. You cannot have both `HomeDirectory` and `HomeDirectoryMappings` in your template.", + "title": "HomeDirectoryType", + "type": "string" + }, + "Policy": { + "markdownDescription": "A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include `${Transfer:UserName}` , `${Transfer:HomeDirectory}` , and `${Transfer:HomeBucket}` .\n\n> For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the `Policy` argument.\n> \n> For an example of a session policy, see [Example session policy](https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html) .\n> \n> For more information, see [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) in the *AWS Security Token Service API Reference* .", + "title": "Policy", + "type": "string" + }, + "PosixProfile": { + "$ref": "#/definitions/AWS::Transfer::User.PosixProfile", + "markdownDescription": "Specifies the full POSIX identity, including user ID ( `Uid` ), group ID ( `Gid` ), and any secondary groups IDs ( `SecondaryGids` ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.", + "title": "PosixProfile" + }, + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.", + "title": "Role", + "type": "string" + }, + "ServerId": { + "markdownDescription": "A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.", + "title": "ServerId", + "type": "string" + }, + "SshPublicKeys": { "items": { "type": "string" }, - "markdownDescription": "The ARNs of the canaries that you want to associate with this group.", - "title": "ResourceArns", + "markdownDescription": "Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.\n\n> To delete the public key body, set its value to zero keys, as shown here:\n> \n> `SshPublicKeys: []`", + "title": "SshPublicKeys", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value pairs that are associated with the group.", + "markdownDescription": "Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.", "title": "Tags", "type": "array" + }, + "UserName": { + "markdownDescription": "A unique string that identifies a user and is associated with a `ServerId` . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.", + "title": "UserName", + "type": "string" } }, "required": [ - "Name" + "Role", + "ServerId", + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Synthetics::Group" + "AWS::Transfer::User" ], "type": "string" }, @@ -261536,7 +312901,60 @@ ], "type": "object" }, - "AWS::SystemsManagerSAP::Application": { + "AWS::Transfer::User.HomeDirectoryMapEntry": { + "additionalProperties": false, + "properties": { + "Entry": { + "markdownDescription": "Represents an entry for `HomeDirectoryMappings` .", + "title": "Entry", + "type": "string" + }, + "Target": { + "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", + "title": "Target", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of mapping. Set the type to `FILE` if you want the mapping to point to a file, or `DIRECTORY` for the directory to point to a directory.\n\n> By default, home directory mappings have a `Type` of `DIRECTORY` when you create a Transfer Family server. You would need to explicitly set `Type` to `FILE` if you want a mapping to have a file target.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Entry", + "Target" + ], + "type": "object" + }, + "AWS::Transfer::User.PosixProfile": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The POSIX group ID used for all EFS operations by this user.", + "title": "Gid", + "type": "number" + }, + "SecondaryGids": { + "items": { + "type": "number" + }, + "markdownDescription": "The secondary POSIX group IDs used for all EFS operations by this user.", + "title": "SecondaryGids", + "type": "array" + }, + "Uid": { + "markdownDescription": "The POSIX user ID used for all EFS operations by this user.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::Transfer::WebApp": { "additionalProperties": false, "properties": { "Condition": { @@ -261571,60 +312989,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The ID of the application.", - "title": "ApplicationId", - "type": "string" - }, - "ApplicationType": { - "markdownDescription": "The type of the application.", - "title": "ApplicationType", + "AccessEndpoint": { + "markdownDescription": "The `AccessEndpoint` is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value.\n\nBefore you enter a custom URL for this parameter, follow the steps described in [Update your access endpoint with a custom URL](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-customize.html) .", + "title": "AccessEndpoint", "type": "string" }, - "Credentials": { - "items": { - "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.Credential" - }, - "markdownDescription": "The credentials of the SAP application.", - "title": "Credentials", - "type": "array" + "IdentityProviderDetails": { + "$ref": "#/definitions/AWS::Transfer::WebApp.IdentityProviderDetails", + "markdownDescription": "You can provide a structure that contains the details for the identity provider to use with your web app.\n\nFor more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) .", + "title": "IdentityProviderDetails" }, - "Instances": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The Amazon EC2 instances on which your SAP application is running.", - "title": "Instances", + "markdownDescription": "Key-value pairs that can be used to group and search for web apps. Tags are metadata attached to web apps for any purpose.", + "title": "Tags", "type": "array" }, - "SapInstanceNumber": { - "markdownDescription": "The SAP instance number of the application.", - "title": "SapInstanceNumber", - "type": "string" + "WebAppCustomization": { + "$ref": "#/definitions/AWS::Transfer::WebApp.WebAppCustomization", + "markdownDescription": "A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app.", + "title": "WebAppCustomization" }, - "Sid": { - "markdownDescription": "The System ID of the application.", - "title": "Sid", + "WebAppEndpointPolicy": { + "markdownDescription": "Setting for the type of endpoint policy for the web app. The default value is `STANDARD` .\n\nIf your web app was created in an AWS GovCloud (US) Region , the value of this parameter can be `FIPS` , which indicates the web app endpoint is FIPS-compliant.", + "title": "WebAppEndpointPolicy", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags on the application.", - "title": "Tags", - "type": "array" + "WebAppUnits": { + "$ref": "#/definitions/AWS::Transfer::WebApp.WebAppUnits", + "markdownDescription": "A union that contains the value for number of concurrent connections or the user sessions on your web app.", + "title": "WebAppUnits" } }, "required": [ - "ApplicationId", - "ApplicationType" + "IdentityProviderDetails" ], "type": "object" }, "Type": { "enum": [ - "AWS::SystemsManagerSAP::Application" + "AWS::Transfer::WebApp" ], "type": "string" }, @@ -261643,104 +313049,63 @@ ], "type": "object" }, - "AWS::SystemsManagerSAP::Application.Credential": { + "AWS::Transfer::WebApp.IdentityProviderDetails": { "additionalProperties": false, "properties": { - "CredentialType": { - "markdownDescription": "The type of the application credentials.", - "title": "CredentialType", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app.", + "title": "ApplicationArn", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the SAP HANA database.", - "title": "DatabaseName", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app.", + "title": "InstanceArn", "type": "string" }, - "SecretId": { - "markdownDescription": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application.", - "title": "SecretId", + "Role": { + "markdownDescription": "The IAM role in IAM Identity Center used for the web app.", + "title": "Role", "type": "string" } }, "type": "object" }, - "AWS::Timestream::Database": { + "AWS::Transfer::WebApp.WebAppCustomization": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FaviconFile": { + "markdownDescription": "Returns an icon file data string (in base64 encoding).", + "title": "FaviconFile", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The name of the Timestream database.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "DatabaseName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key used to encrypt the data stored in the database.", - "title": "KmsKeyId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to add to the database.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Timestream::Database" - ], + "LogoFile": { + "markdownDescription": "Returns a logo file data string (in base64 encoding).", + "title": "LogoFile", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "Returns the page title that you defined for your web app.", + "title": "Title", "type": "string" } }, + "type": "object" + }, + "AWS::Transfer::WebApp.WebAppUnits": { + "additionalProperties": false, + "properties": { + "Provisioned": { + "markdownDescription": "An integer that represents the number of units for your desired number of concurrent connections, or the number of user sessions on your web app at the same time.\n\nEach increment allows an additional 250 concurrent sessions: a value of `1` sets the number of concurrent sessions to 250; `2` sets a value of 500, and so on.", + "title": "Provisioned", + "type": "number" + } + }, "required": [ - "Type" + "Provisioned" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance": { + "AWS::Transfer::Workflow": { "additionalProperties": false, "properties": { "Condition": { @@ -261775,96 +313140,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage to allocate for your DB storage type in GiB (gibibytes).", - "title": "AllocatedStorage", - "type": "number" - }, - "Bucket": { - "markdownDescription": "The name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization.", - "title": "Bucket", - "type": "string" - }, - "DbInstanceType": { - "markdownDescription": "The Timestream for InfluxDB DB instance type to run on.", - "title": "DbInstanceType", - "type": "string" - }, - "DbParameterGroupIdentifier": { - "markdownDescription": "The name or id of the DB parameter group to assign to your DB instance. DB parameter groups specify how the database is configured. For example, DB parameter groups can specify the limit for query concurrency.", - "title": "DbParameterGroupIdentifier", - "type": "string" - }, - "DbStorageType": { - "markdownDescription": "The Timestream for InfluxDB DB storage type to read and write InfluxDB data.\n\nYou can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements:\n\n- Influx IO Included 3000 IOPS\n- Influx IO Included 12000 IOPS\n- Influx IO Included 16000 IOPS", - "title": "DbStorageType", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies whether the Timestream for InfluxDB is deployed as Single-AZ or with a MultiAZ Standby for High availability.", - "title": "DeploymentType", - "type": "string" - }, - "LogDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration", - "markdownDescription": "Configuration for sending InfluxDB engine logs to a specified S3 bucket.", - "title": "LogDeliveryConfiguration" - }, - "Name": { - "markdownDescription": "The name that uniquely identifies the DB instance when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. DB instance names must be unique per customer and per region.", - "title": "Name", - "type": "string" - }, - "Organization": { - "markdownDescription": "The name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users.", - "title": "Organization", - "type": "string" - }, - "Password": { - "markdownDescription": "The password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon SecretManager in your account.", - "title": "Password", + "Description": { + "markdownDescription": "Specifies the text description for the workflow.", + "title": "Description", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Configures the DB instance with a public IP to facilitate access.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "Tags": { + "OnExceptionSteps": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" }, - "markdownDescription": "A list of key-value pairs to associate with the DB instance.", - "title": "Tags", + "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", + "title": "OnExceptionSteps", "type": "array" }, - "Username": { - "markdownDescription": "The username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. For example, my-user1. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon Secrets Manager in your account.", - "title": "Username", - "type": "string" - }, - "VpcSecurityGroupIds": { + "Steps": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" }, - "markdownDescription": "A list of VPC security group IDs to associate with the DB instance.", - "title": "VpcSecurityGroupIds", + "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", + "title": "Steps", "type": "array" }, - "VpcSubnetIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of VPC subnet IDs to associate with the DB instance. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.", - "title": "VpcSubnetIds", + "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", + "title": "Tags", "type": "array" } }, + "required": [ + "Steps" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::InfluxDBInstance" + "AWS::Transfer::Workflow" ], "type": "string" }, @@ -261878,45 +313191,254 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration": { + "AWS::Transfer::Workflow.CopyStepDetails": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.S3Configuration", - "markdownDescription": "Configuration for S3 bucket log delivery", - "title": "S3Configuration" + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", + "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.CustomStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Target": { + "markdownDescription": "The ARN for the Lambda function that is being called.", + "title": "Target", + "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "Timeout, in seconds, for the step.", + "title": "TimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.DecryptStepDetails": { + "additionalProperties": false, + "properties": { + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", + "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", + "title": "Type", + "type": "string" } }, "required": [ - "S3Configuration" + "DestinationFileLocation", + "Type" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance.S3Configuration": { + "AWS::Transfer::Workflow.DeleteStepDetails": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The bucket name of the customer S3 bucket.", - "title": "BucketName", + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether log delivery to the S3 bucket is enabled.", - "title": "Enabled", - "type": "boolean" + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.EfsInputFileLocation": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", + "title": "FileSystemId", + "type": "string" + }, + "Path": { + "markdownDescription": "The pathname for the folder being used by a workflow.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.InputFileLocation": { + "additionalProperties": false, + "properties": { + "EfsFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", + "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", + "title": "EfsFileLocation" + }, + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3FileLocation": { + "additionalProperties": false, + "properties": { + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3InputFileLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "Specifies the S3 bucket for the customer input file.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", + "title": "Key", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name assigned to the tag that you create.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that corresponds to the key.", + "title": "Value", + "type": "string" } }, "required": [ - "BucketName", - "Enabled" + "Key", + "Value" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery": { + "AWS::Transfer::Workflow.TagStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" + }, + "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.WorkflowStep": { + "additionalProperties": false, + "properties": { + "CopyStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", + "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", + "title": "CopyStepDetails" + }, + "CustomStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", + "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", + "title": "CustomStepDetails" + }, + "DecryptStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", + "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", + "title": "DecryptStepDetails" + }, + "DeleteStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", + "markdownDescription": "Details for a step that deletes the file.", + "title": "DeleteStepDetails" + }, + "TagStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", + "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", + "title": "TagStepDetails" + }, + "Type": { + "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource": { "additionalProperties": false, "properties": { "Condition": { @@ -261951,72 +313473,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request.", - "title": "ClientToken", - "type": "string" - }, - "ErrorReportConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ErrorReportConfiguration", - "markdownDescription": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results.", - "title": "ErrorReportConfiguration" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest.", - "title": "KmsKeyId", - "type": "string" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.NotificationConfiguration", - "markdownDescription": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it.", - "title": "NotificationConfiguration" - }, - "QueryString": { - "markdownDescription": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query.", - "title": "QueryString", - "type": "string" - }, - "ScheduleConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ScheduleConfiguration", - "markdownDescription": "Schedule configuration.", - "title": "ScheduleConfiguration" + "Configuration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration", + "markdownDescription": "Contains configuration information used when creating a new identity source.", + "title": "Configuration" }, - "ScheduledQueryExecutionRoleArn": { - "markdownDescription": "The ARN for the IAM role that Timestream will assume when running the scheduled query.", - "title": "ScheduledQueryExecutionRoleArn", + "PolicyStoreId": { + "markdownDescription": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", + "title": "PolicyStoreId", "type": "string" }, - "ScheduledQueryName": { - "markdownDescription": "A name for the query. Scheduled query names must be unique within each Region.", - "title": "ScheduledQueryName", + "PrincipalEntityType": { + "markdownDescription": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.", + "title": "PrincipalEntityType", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to label the scheduled query.", - "title": "Tags", - "type": "array" - }, - "TargetConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TargetConfiguration", - "markdownDescription": "Scheduled query target store configuration.", - "title": "TargetConfiguration" } }, "required": [ - "ErrorReportConfiguration", - "NotificationConfiguration", - "QueryString", - "ScheduleConfiguration", - "ScheduledQueryExecutionRoleArn" + "Configuration", + "PolicyStoreId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::ScheduledQuery" + "AWS::VerifiedPermissions::IdentitySource" ], "type": "string" }, @@ -262035,258 +313516,320 @@ ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.DimensionMapping": { + "AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration": { "additionalProperties": false, "properties": { - "DimensionValueType": { - "markdownDescription": "Type for the dimension: VARCHAR", - "title": "DimensionValueType", - "type": "string" - }, - "Name": { - "markdownDescription": "Column name from query result.", - "title": "Name", + "GroupEntityType": { + "markdownDescription": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup` .", + "title": "GroupEntityType", "type": "string" } }, "required": [ - "DimensionValueType", - "Name" + "GroupEntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.ErrorReportConfiguration": { + "AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.S3Configuration", - "markdownDescription": "The S3 configuration for the error reports.", - "title": "S3Configuration" + "ClientIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n\nExample: `\"ClientIds\": [\"&ExampleCogClientId;\"]`", + "title": "ClientIds", + "type": "array" + }, + "GroupConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration", + "markdownDescription": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.", + "title": "GroupConfiguration" + }, + "UserPoolArn": { + "markdownDescription": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool that contains the identities to be authorized.", + "title": "UserPoolArn", + "type": "string" } }, "required": [ - "S3Configuration" + "UserPoolArn" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MixedMeasureMapping": { + "AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration": { "additionalProperties": false, "properties": { - "MeasureName": { - "markdownDescription": "Refers to the value of measure_name in a result row. This field is required if MeasureNameColumn is provided.", - "title": "MeasureName", - "type": "string" - }, - "MeasureValueType": { - "markdownDescription": "Type of the value that is to be read from sourceColumn. If the mapping is for MULTI, use MeasureValueType.MULTI.", - "title": "MeasureValueType", - "type": "string" + "CognitoUserPoolConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration", + "markdownDescription": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions .", + "title": "CognitoUserPoolConfiguration" }, - "MultiMeasureAttributeMappings": { + "OpenIdConnectConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectConfiguration", + "markdownDescription": "", + "title": "OpenIdConnectConfiguration" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectAccessTokenConfiguration": { + "additionalProperties": false, + "properties": { + "Audiences": { "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + "type": "string" }, - "markdownDescription": "Required when measureValueType is MULTI. Attribute mappings for MULTI value measures.", - "title": "MultiMeasureAttributeMappings", + "markdownDescription": "The access token `aud` claim values that you want to accept in your policy store. For example, `https://myapp.example.com, https://myapp2.example.com` .", + "title": "Audiences", "type": "array" }, - "SourceColumn": { - "markdownDescription": "This field refers to the source column from which measure-value is to be read for result materialization.", - "title": "SourceColumn", + "PrincipalIdClaim": { + "markdownDescription": "The claim that determines the principal in OIDC access tokens. For example, `sub` .", + "title": "PrincipalIdClaim", + "type": "string" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectConfiguration": { + "additionalProperties": false, + "properties": { + "EntityIdPrefix": { + "markdownDescription": "A descriptive string that you want to prefix to user entities from your OIDC identity provider. For example, if you set an `entityIdPrefix` of `MyOIDCProvider` , you can reference principals in your policies in the format `MyCorp::User::MyOIDCProvider|Carlos` .", + "title": "EntityIdPrefix", "type": "string" }, - "TargetMeasureName": { - "markdownDescription": "Target measure name to be used. If not provided, the target measure name by default would be measure-name if provided, or sourceColumn otherwise.", - "title": "TargetMeasureName", + "GroupConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectGroupConfiguration", + "markdownDescription": "The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to. For example, this object can map the contents of a `groups` claim to `MyCorp::UserGroup` .", + "title": "GroupConfiguration" + }, + "Issuer": { + "markdownDescription": "The issuer URL of an OIDC identity provider. This URL must have an OIDC discovery endpoint at the path `.well-known/openid-configuration` .", + "title": "Issuer", "type": "string" + }, + "TokenSelection": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectTokenSelection", + "markdownDescription": "The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.", + "title": "TokenSelection" } }, "required": [ - "MeasureValueType" + "Issuer", + "TokenSelection" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectGroupConfiguration": { "additionalProperties": false, "properties": { - "MeasureValueType": { - "markdownDescription": "Type of the attribute to be read from the source column.", - "title": "MeasureValueType", - "type": "string" - }, - "SourceColumn": { - "markdownDescription": "Source column from where the attribute value is to be read.", - "title": "SourceColumn", + "GroupClaim": { + "markdownDescription": "The token claim that you want Verified Permissions to interpret as group membership. For example, `groups` .", + "title": "GroupClaim", "type": "string" }, - "TargetMultiMeasureAttributeName": { - "markdownDescription": "Custom name to be used for attribute name in derived table. If not provided, source column name would be used.", - "title": "TargetMultiMeasureAttributeName", + "GroupEntityType": { + "markdownDescription": "The policy store entity type that you want to map your users' group claim to. For example, `MyCorp::UserGroup` . A group entity type is an entity that can have a user entity type as a member.", + "title": "GroupEntityType", "type": "string" } }, "required": [ - "MeasureValueType", - "SourceColumn" + "GroupClaim", + "GroupEntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MultiMeasureMappings": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectIdentityTokenConfiguration": { "additionalProperties": false, "properties": { - "MultiMeasureAttributeMappings": { + "ClientIds": { "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + "type": "string" }, - "markdownDescription": "Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes.", - "title": "MultiMeasureAttributeMappings", + "markdownDescription": "The ID token audience, or client ID, claim values that you want to accept in your policy store from an OIDC identity provider. For example, `1example23456789, 2example10111213` .", + "title": "ClientIds", "type": "array" }, - "TargetMultiMeasureName": { - "markdownDescription": "The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name.", - "title": "TargetMultiMeasureName", + "PrincipalIdClaim": { + "markdownDescription": "The claim that determines the principal in OIDC access tokens. For example, `sub` .", + "title": "PrincipalIdClaim", "type": "string" } }, - "required": [ - "MultiMeasureAttributeMappings" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.NotificationConfiguration": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectTokenSelection": { "additionalProperties": false, "properties": { - "SnsConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.SnsConfiguration", - "markdownDescription": "Details on SNS configuration.", - "title": "SnsConfiguration" + "AccessTokenOnly": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectAccessTokenConfiguration", + "markdownDescription": "The OIDC configuration for processing access tokens. Contains allowed audience claims, for example `https://auth.example.com` , and the claim that you want to map to the principal, for example `sub` .", + "title": "AccessTokenOnly" + }, + "IdentityTokenOnly": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectIdentityTokenConfiguration", + "markdownDescription": "The OIDC configuration for processing identity (ID) tokens. Contains allowed client ID claims, for example `1example23456789` , and the claim that you want to map to the principal, for example `sub` .", + "title": "IdentityTokenOnly" } }, - "required": [ - "SnsConfiguration" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.S3Configuration": { + "AWS::VerifiedPermissions::Policy": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the S3 bucket under which error reports will be created.", - "title": "BucketName", + "Condition": { "type": "string" }, - "EncryptionOption": { - "markdownDescription": "Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default.", - "title": "EncryptionOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ObjectKeyPrefix": { - "markdownDescription": "Prefix for the error report key. Timestream by default adds the following prefix to the error report path.", - "title": "ObjectKeyPrefix", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.PolicyDefinition", + "markdownDescription": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element.", + "title": "Definition" + }, + "PolicyStoreId": { + "markdownDescription": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in.", + "title": "PolicyStoreId", + "type": "string" + } + }, + "required": [ + "Definition", + "PolicyStoreId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::VerifiedPermissions::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.ScheduleConfiguration": { + "AWS::VerifiedPermissions::Policy.EntityIdentifier": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression.", - "title": "ScheduleExpression", + "EntityId": { + "markdownDescription": "The identifier of an entity.\n\n`\"entityId\":\" *identifier* \"`", + "title": "EntityId", + "type": "string" + }, + "EntityType": { + "markdownDescription": "The type of an entity.\n\nExample: `\"entityType\":\" *typeName* \"`", + "title": "EntityType", "type": "string" } }, "required": [ - "ScheduleExpression" + "EntityId", + "EntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.SnsConfiguration": { + "AWS::VerifiedPermissions::Policy.PolicyDefinition": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "SNS topic ARN that the scheduled query status notifications will be sent to.", - "title": "TopicArn", - "type": "string" + "Static": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.StaticPolicyDefinition", + "markdownDescription": "A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.", + "title": "Static" + }, + "TemplateLinked": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition", + "markdownDescription": "A structure that describes a policy that was instantiated from a template. The template can specify placeholders for `principal` and `resource` . When you use [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy.", + "title": "TemplateLinked" } }, - "required": [ - "TopicArn" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.TargetConfiguration": { + "AWS::VerifiedPermissions::Policy.StaticPolicyDefinition": { "additionalProperties": false, "properties": { - "TimestreamConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TimestreamConfiguration", - "markdownDescription": "Configuration needed to write data into the Timestream database and table.", - "title": "TimestreamConfiguration" + "Description": { + "markdownDescription": "The description of the static policy.", + "title": "Description", + "type": "string" + }, + "Statement": { + "markdownDescription": "The policy content of the static policy, written in the Cedar policy language.", + "title": "Statement", + "type": "string" } }, "required": [ - "TimestreamConfiguration" + "Statement" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.TimestreamConfiguration": { + "AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "Name of Timestream database to which the query result will be written.", - "title": "DatabaseName", - "type": "string" - }, - "DimensionMappings": { - "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.DimensionMapping" - }, - "markdownDescription": "This is to allow mapping column(s) from the query result to the dimension in the destination table.", - "title": "DimensionMappings", - "type": "array" - }, - "MeasureNameColumn": { - "markdownDescription": "Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` .", - "title": "MeasureNameColumn", + "PolicyTemplateId": { + "markdownDescription": "The unique identifier of the policy template used to create this policy.", + "title": "PolicyTemplateId", "type": "string" }, - "MixedMeasureMappings": { - "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MixedMeasureMapping" - }, - "markdownDescription": "Specifies how to map measures to multi-measure records.", - "title": "MixedMeasureMappings", - "type": "array" - }, - "MultiMeasureMappings": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureMappings", - "markdownDescription": "Multi-measure mappings.", - "title": "MultiMeasureMappings" - }, - "TableName": { - "markdownDescription": "Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration.", - "title": "TableName", - "type": "string" + "Principal": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", + "markdownDescription": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the `?principal` placeholder in the policy template when it evaluates an authorization request.", + "title": "Principal" }, - "TimeColumn": { - "markdownDescription": "Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP.", - "title": "TimeColumn", - "type": "string" + "Resource": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", + "markdownDescription": "The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the `?resource` placeholder in the policy template when it evaluates an authorization request.", + "title": "Resource" } }, "required": [ - "DatabaseName", - "DimensionMappings", - "TableName", - "TimeColumn" + "PolicyTemplateId" ], "type": "object" }, - "AWS::Timestream::Table": { + "AWS::VerifiedPermissions::PolicyStore": { "additionalProperties": false, "properties": { "Condition": { @@ -262321,48 +313864,43 @@ "Properties": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the Timestream database that contains this table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "DatabaseName", - "type": "string" - }, - "MagneticStoreWriteProperties": { - "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreWriteProperties", - "markdownDescription": "Contains properties to set on the table when enabling magnetic store writes.\n\nThis object has the following attributes:\n\n- *EnableMagneticStoreWrites* : A `boolean` flag to enable magnetic store writes.\n- *MagneticStoreRejectedDataLocation* : The location to write error reports for records rejected, asynchronously, during magnetic store writes. Only `S3Configuration` objects are allowed. The `S3Configuration` object has the following attributes:\n\n- *BucketName* : The name of the S3 bucket.\n- *EncryptionOption* : The encryption option for the S3 location. Valid values are S3 server-side encryption with an S3 managed key ( `SSE_S3` ) or AWS managed key ( `SSE_KMS` ).\n- *KmsKeyId* : The AWS KMS key ID to use when encrypting with an AWS managed key.\n- *ObjectKeyPrefix* : The prefix to use option for the objects stored in S3.\n\nBoth `BucketName` and `EncryptionOption` are *required* when `S3Configuration` is specified. If you specify `SSE_KMS` as your `EncryptionOption` then `KmsKeyId` is *required* .\n\n`EnableMagneticStoreWrites` attribute is *required* when `MagneticStoreWriteProperties` is specified. `MagneticStoreRejectedDataLocation` attribute is *required* when `EnableMagneticStoreWrites` is set to `true` .\n\nSee the following examples:\n\n*JSON*\n\n```json\n{ \"Type\" : AWS::Timestream::Table\", \"Properties\":{ \"DatabaseName\":\"TestDatabase\", \"TableName\":\"TestTable\", \"MagneticStoreWriteProperties\":{ \"EnableMagneticStoreWrites\":true, \"MagneticStoreRejectedDataLocation\":{ \"S3Configuration\":{ \"BucketName\":\" amzn-s3-demo-bucket \", \"EncryptionOption\":\"SSE_KMS\", \"KmsKeyId\":\"1234abcd-12ab-34cd-56ef-1234567890ab\", \"ObjectKeyPrefix\":\"prefix\" } } } }\n}\n```\n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" MagneticStoreWriteProperties: EnableMagneticStoreWrites: true MagneticStoreRejectedDataLocation: S3Configuration: BucketName: \" amzn-s3-demo-bucket \" EncryptionOption: \"SSE_KMS\" KmsKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\" ObjectKeyPrefix: \"prefix\"\n```", - "title": "MagneticStoreWriteProperties" + "DeletionProtection": { + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.DeletionProtection", + "markdownDescription": "Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.\n\nThe default state is `DISABLED` .", + "title": "DeletionProtection" }, - "RetentionProperties": { - "$ref": "#/definitions/AWS::Timestream::Table.RetentionProperties", - "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", - "title": "RetentionProperties" + "Description": { + "markdownDescription": "Descriptive text that you can provide to help with identification of the current policy store.", + "title": "Description", + "type": "string" }, "Schema": { - "$ref": "#/definitions/AWS::Timestream::Table.Schema", - "markdownDescription": "The schema of the table.", + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.SchemaDefinition", + "markdownDescription": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.", "title": "Schema" }, - "TableName": { - "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "TableName", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the table", + "markdownDescription": "The list of key-value pairs to associate with the policy store.", "title": "Tags", "type": "array" + }, + "ValidationSettings": { + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.ValidationSettings", + "markdownDescription": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n> We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on.", + "title": "ValidationSettings" } }, "required": [ - "DatabaseName" + "ValidationSettings" ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::Table" + "AWS::VerifiedPermissions::PolicyStore" ], "type": "string" }, @@ -262381,121 +313919,46 @@ ], "type": "object" }, - "AWS::Timestream::Table.MagneticStoreRejectedDataLocation": { - "additionalProperties": false, - "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::Table.S3Configuration", - "markdownDescription": "Configuration of an S3 location to write error reports for records rejected, asynchronously, during magnetic store writes.", - "title": "S3Configuration" - } - }, - "type": "object" - }, - "AWS::Timestream::Table.MagneticStoreWriteProperties": { - "additionalProperties": false, - "properties": { - "EnableMagneticStoreWrites": { - "markdownDescription": "A flag to enable magnetic store writes.", - "title": "EnableMagneticStoreWrites", - "type": "boolean" - }, - "MagneticStoreRejectedDataLocation": { - "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreRejectedDataLocation", - "markdownDescription": "The location to write error reports for records rejected asynchronously during magnetic store writes.", - "title": "MagneticStoreRejectedDataLocation" - } - }, - "required": [ - "EnableMagneticStoreWrites" - ], - "type": "object" - }, - "AWS::Timestream::Table.PartitionKey": { + "AWS::VerifiedPermissions::PolicyStore.DeletionProtection": { "additionalProperties": false, "properties": { - "EnforcementInRecord": { - "markdownDescription": "The level of enforcement for the specification of a dimension key in ingested records. Options are REQUIRED (dimension key must be specified) and OPTIONAL (dimension key does not have to be specified).", - "title": "EnforcementInRecord", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the attribute used for a dimension key.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the partition key. Options are DIMENSION (dimension key) and MEASURE (measure key).", - "title": "Type", + "Mode": { + "markdownDescription": "Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.\n\nThe default state is `DISABLED` .", + "title": "Mode", "type": "string" } }, "required": [ - "Type" + "Mode" ], "type": "object" }, - "AWS::Timestream::Table.RetentionProperties": { + "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { "additionalProperties": false, "properties": { - "MagneticStoreRetentionPeriodInDays": { - "markdownDescription": "The duration for which data must be stored in the magnetic store.", - "title": "MagneticStoreRetentionPeriodInDays", - "type": "string" - }, - "MemoryStoreRetentionPeriodInHours": { - "markdownDescription": "The duration for which data must be stored in the memory store.", - "title": "MemoryStoreRetentionPeriodInHours", + "CedarJson": { + "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", + "title": "CedarJson", "type": "string" } }, "type": "object" }, - "AWS::Timestream::Table.S3Configuration": { + "AWS::VerifiedPermissions::PolicyStore.ValidationSettings": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The bucket name of the customer S3 bucket.", - "title": "BucketName", - "type": "string" - }, - "EncryptionOption": { - "markdownDescription": "The encryption option for the customer S3 location. Options are S3 server-side encryption with an S3 managed key or AWS managed key.", - "title": "EncryptionOption", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The AWS KMS key ID for the customer S3 location when encrypting with an AWS managed key.", - "title": "KmsKeyId", - "type": "string" - }, - "ObjectKeyPrefix": { - "markdownDescription": "The object key preview for the customer S3 location.", - "title": "ObjectKeyPrefix", + "Mode": { + "markdownDescription": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* \u2013 Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* \u2013 Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n> If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n> \n> To submit a static policy or policy template without a schema, you must turn off validation.", + "title": "Mode", "type": "string" } }, "required": [ - "BucketName", - "EncryptionOption" + "Mode" ], "type": "object" }, - "AWS::Timestream::Table.Schema": { - "additionalProperties": false, - "properties": { - "CompositePartitionKey": { - "items": { - "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" - }, - "markdownDescription": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed.", - "title": "CompositePartitionKey", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Transfer::Agreement": { + "AWS::VerifiedPermissions::PolicyTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -262530,62 +313993,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRole": { - "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", - "title": "AccessRole", - "type": "string" - }, - "BaseDirectory": { - "markdownDescription": "The landing directory (folder) for files that are transferred by using the AS2 protocol.", - "title": "BaseDirectory", - "type": "string" - }, "Description": { - "markdownDescription": "The name or short description that's used to identify the agreement.", + "markdownDescription": "The description to attach to the new or updated policy template.", "title": "Description", "type": "string" }, - "LocalProfileId": { - "markdownDescription": "A unique identifier for the AS2 local profile.", - "title": "LocalProfileId", - "type": "string" - }, - "PartnerProfileId": { - "markdownDescription": "A unique identifier for the partner profile used in the agreement.", - "title": "PartnerProfileId", - "type": "string" - }, - "ServerId": { - "markdownDescription": "A system-assigned unique identifier for a server instance. This identifier indicates the specific server that the agreement uses.", - "title": "ServerId", + "PolicyStoreId": { + "markdownDescription": "The unique identifier of the policy store that contains the template.", + "title": "PolicyStoreId", "type": "string" }, - "Status": { - "markdownDescription": "The current status of the agreement, either `ACTIVE` or `INACTIVE` .", - "title": "Status", + "Statement": { + "markdownDescription": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language.", + "title": "Statement", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs that can be used to group and search for agreements.", - "title": "Tags", - "type": "array" } }, "required": [ - "AccessRole", - "BaseDirectory", - "LocalProfileId", - "PartnerProfileId", - "ServerId" + "PolicyStoreId", + "Statement" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Agreement" + "AWS::VerifiedPermissions::PolicyTemplate" ], "type": "string" }, @@ -262604,7 +314036,7 @@ ], "type": "object" }, - "AWS::Transfer::Certificate": { + "AWS::VoiceID::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -262639,59 +314071,39 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", - "title": "ActiveDate", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The file name for the certificate.", - "title": "Certificate", - "type": "string" - }, - "CertificateChain": { - "markdownDescription": "The list of certificates that make up the chain for the certificate.", - "title": "CertificateChain", - "type": "string" - }, "Description": { - "markdownDescription": "The name or description that's used to identity the certificate.", + "markdownDescription": "The description of the domain.", "title": "Description", "type": "string" }, - "InactiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", - "title": "InactiveDate", + "Name": { + "markdownDescription": "The name for the domain.", + "title": "Name", "type": "string" }, - "PrivateKey": { - "markdownDescription": "The file that contains the private key for the certificate that's being imported.", - "title": "PrivateKey", - "type": "string" + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::VoiceID::Domain.ServerSideEncryptionConfiguration", + "markdownDescription": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data.", + "title": "ServerSideEncryptionConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for certificates.", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" - }, - "Usage": { - "markdownDescription": "Specifies how this certificate is used. It can be used in the following ways:\n\n- `SIGNING` : For signing AS2 messages\n- `ENCRYPTION` : For encrypting AS2 messages\n- `TLS` : For securing AS2 communications sent over HTTPS", - "title": "Usage", - "type": "string" } }, "required": [ - "Certificate", - "Usage" + "Name", + "ServerSideEncryptionConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Certificate" + "AWS::VoiceID::Domain" ], "type": "string" }, @@ -262710,7 +314122,21 @@ ], "type": "object" }, - "AWS::Transfer::Connector": { + "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys.", + "title": "KmsKeyId", + "type": "string" + } + }, + "required": [ + "KmsKeyId" + ], + "type": "object" + }, + "AWS::VpcLattice::AccessLogSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -262745,49 +314171,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRole": { - "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", - "title": "AccessRole", + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.", + "title": "DestinationArn", "type": "string" }, - "As2Config": { - "$ref": "#/definitions/AWS::Transfer::Connector.As2Config", - "markdownDescription": "A structure that contains the parameters for an AS2 connector object.", - "title": "As2Config" - }, - "LoggingRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.", - "title": "LoggingRole", + "ResourceIdentifier": { + "markdownDescription": "The ID or ARN of the service network or service.", + "title": "ResourceIdentifier", "type": "string" }, - "SftpConfig": { - "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig", - "markdownDescription": "A structure that contains the parameters for an SFTP connector object.", - "title": "SftpConfig" + "ServiceNetworkLogType": { + "markdownDescription": "Log type of the service network.", + "title": "ServiceNetworkLogType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for connectors.", + "markdownDescription": "The tags for the access log subscription.", "title": "Tags", "type": "array" - }, - "Url": { - "markdownDescription": "The URL of the partner's AS2 or SFTP endpoint.", - "title": "Url", - "type": "string" } }, "required": [ - "AccessRole", - "Url" + "DestinationArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Connector" + "AWS::VpcLattice::AccessLogSubscription" ], "type": "string" }, @@ -262806,77 +314221,80 @@ ], "type": "object" }, - "AWS::Transfer::Connector.As2Config": { + "AWS::VpcLattice::AuthPolicy": { "additionalProperties": false, "properties": { - "BasicAuthSecretId": { - "markdownDescription": "Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication, you must provide the name or Amazon Resource Name (ARN) of a secret in AWS Secrets Manager .\n\nThe default value for this parameter is `null` , which indicates that Basic authentication is not enabled for the connector.\n\nIf the connector should use Basic authentication, the secret needs to be in the following format:\n\n`{ \"Username\": \"user-name\", \"Password\": \"user-password\" }`\n\nReplace `user-name` and `user-password` with the credentials for the actual user that is being authenticated.\n\nNote the following:\n\n- You are storing these credentials in Secrets Manager, *not passing them directly* into this API.\n- If you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication. However, if you are using the AWS management console, you can have the system create the secret for you.\n\nIf you have previously enabled Basic authentication for a connector, you can disable it by using the `UpdateConnector` API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:\n\n`update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=\"\"'`", - "title": "BasicAuthSecretId", - "type": "string" - }, - "Compression": { - "markdownDescription": "Specifies whether the AS2 file is compressed.", - "title": "Compression", - "type": "string" - }, - "EncryptionAlgorithm": { - "markdownDescription": "The algorithm that is used to encrypt the file.\n\nNote the following:\n\n- Do not use the `DES_EDE3_CBC` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.\n- You can only specify `NONE` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.", - "title": "EncryptionAlgorithm", - "type": "string" - }, - "LocalProfileId": { - "markdownDescription": "A unique identifier for the AS2 local profile.", - "title": "LocalProfileId", + "Condition": { "type": "string" }, - "MdnResponse": { - "markdownDescription": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", - "title": "MdnResponse", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MdnSigningAlgorithm": { - "markdownDescription": "The signing algorithm for the MDN response.\n\n> If set to DEFAULT (or not set at all), the value for `SigningAlgorithm` is used.", - "title": "MdnSigningAlgorithm", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MessageSubject": { - "markdownDescription": "Used as the `Subject` HTTP header attribute in AS2 messages that are being sent with the connector.", - "title": "MessageSubject", - "type": "string" + "Metadata": { + "type": "object" }, - "PartnerProfileId": { - "markdownDescription": "A unique identifier for the partner profile for the connector.", - "title": "PartnerProfileId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Policy": { + "markdownDescription": "The auth policy.", + "title": "Policy", + "type": "object" + }, + "ResourceIdentifier": { + "markdownDescription": "The ID or ARN of the service network or service for which the policy is created.", + "title": "ResourceIdentifier", + "type": "string" + } + }, + "required": [ + "Policy", + "ResourceIdentifier" + ], + "type": "object" }, - "SigningAlgorithm": { - "markdownDescription": "The algorithm that is used to sign the AS2 messages sent with the connector.", - "title": "SigningAlgorithm", + "Type": { + "enum": [ + "AWS::VpcLattice::AuthPolicy" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Connector.SftpConfig": { - "additionalProperties": false, - "properties": { - "TrustedHostKeys": { - "items": { - "type": "string" - }, - "markdownDescription": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\n> `TrustedHostKeys` is optional for `CreateConnector` . If not provided, you can use `TestConnection` to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key. \n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... - Required when creating an SFTP connector\n> - Optional when updating an existing SFTP connector", - "title": "UserSecretId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Transfer::Profile": { + "AWS::VpcLattice::Listener": { "additionalProperties": false, "properties": { "Condition": { @@ -262911,42 +314329,49 @@ "Properties": { "additionalProperties": false, "properties": { - "As2Id": { - "markdownDescription": "The `As2Id` is the *AS2-name* , as defined in the [RFC 4130](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc4130) . For inbound transfers, this is the `AS2-From` header for the AS2 messages sent from the partner. For outbound connectors, this is the `AS2-To` header for the AS2 messages sent to the partner using the `StartFileTransfer` API operation. This ID cannot include spaces.", - "title": "As2Id", + "DefaultAction": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.DefaultAction", + "markdownDescription": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match.", + "title": "DefaultAction" + }, + "Name": { + "markdownDescription": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" }, - "CertificateIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.", - "title": "CertificateIds", - "type": "array" + "Port": { + "markdownDescription": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.", + "title": "Port", + "type": "number" }, - "ProfileType": { - "markdownDescription": "Indicates whether to list only `LOCAL` type profiles or only `PARTNER` type profiles. If not supplied in the request, the command lists all types of profiles.", - "title": "ProfileType", + "Protocol": { + "markdownDescription": "The listener protocol.", + "title": "Protocol", + "type": "string" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for profiles.", + "markdownDescription": "The tags for the listener.", "title": "Tags", "type": "array" } }, "required": [ - "As2Id", - "ProfileType" + "DefaultAction", + "Protocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Profile" + "AWS::VpcLattice::Listener" ], "type": "string" }, @@ -262965,7 +314390,73 @@ ], "type": "object" }, - "AWS::Transfer::Server": { + "AWS::VpcLattice::Listener.DefaultAction": { + "additionalProperties": false, + "properties": { + "FixedResponse": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.FixedResponse", + "markdownDescription": "Describes an action that returns a custom HTTP response.", + "title": "FixedResponse" + }, + "Forward": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.Forward", + "markdownDescription": "Describes a forward action. You can use forward actions to route requests to one or more target groups.", + "title": "Forward" + } + }, + "type": "object" + }, + "AWS::VpcLattice::Listener.FixedResponse": { + "additionalProperties": false, + "properties": { + "StatusCode": { + "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", + "title": "StatusCode", + "type": "number" + } + }, + "required": [ + "StatusCode" + ], + "type": "object" + }, + "AWS::VpcLattice::Listener.Forward": { + "additionalProperties": false, + "properties": { + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.WeightedTargetGroup" + }, + "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", + "title": "TargetGroups", + "type": "array" + } + }, + "required": [ + "TargetGroups" + ], + "type": "object" + }, + "AWS::VpcLattice::Listener.WeightedTargetGroup": { + "additionalProperties": false, + "properties": { + "TargetGroupIdentifier": { + "markdownDescription": "The ID of the target group.", + "title": "TargetGroupIdentifier", + "type": "string" + }, + "Weight": { + "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "TargetGroupIdentifier" + ], + "type": "object" + }, + "AWS::VpcLattice::ResourceConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -263000,101 +314491,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Certificate": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. Required when `Protocols` is set to `FTPS` .\n\nTo request a new public certificate, see [Request a public certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html) in the *AWS Certificate Manager User Guide* .\n\nTo import an existing certificate into ACM, see [Importing certificates into ACM](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .\n\nTo request a private certificate to use FTPS through private IP addresses, see [Request a private certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html) in the *AWS Certificate Manager User Guide* .\n\nCertificates with the following cryptographic algorithms and key sizes are supported:\n\n- 2048-bit RSA (RSA_2048)\n- 4096-bit RSA (RSA_4096)\n- Elliptic Prime Curve 256 bit (EC_prime256v1)\n- Elliptic Prime Curve 384 bit (EC_secp384r1)\n- Elliptic Prime Curve 521 bit (EC_secp521r1)\n\n> The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.", - "title": "Certificate", - "type": "string" + "AllowAssociationToSharableServiceNetwork": { + "markdownDescription": "Specifies whether the resource configuration can be associated with a sharable service network.", + "title": "AllowAssociationToSharableServiceNetwork", + "type": "boolean" }, - "Domain": { - "markdownDescription": "Specifies the domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.", - "title": "Domain", + "Name": { + "markdownDescription": "The name of the resource configuration.", + "title": "Name", "type": "string" }, - "EndpointDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.EndpointDetails", - "markdownDescription": "The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.", - "title": "EndpointDetails" + "PortRanges": { + "items": { + "type": "string" + }, + "markdownDescription": "(SINGLE, GROUP, CHILD) The TCP port ranges that a consumer can use to access a resource configuration (for example: 1-65535). You can separate port ranges using commas (for example: 1,2,22-30).", + "title": "PortRanges", + "type": "array" }, - "EndpointType": { - "markdownDescription": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", - "title": "EndpointType", + "ProtocolType": { + "markdownDescription": "(SINGLE, GROUP) The protocol accepted by the resource configuration.", + "title": "ProtocolType", "type": "string" }, - "IdentityProviderDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.IdentityProviderDetails", - "markdownDescription": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", - "title": "IdentityProviderDetails" - }, - "IdentityProviderType": { - "markdownDescription": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", - "title": "IdentityProviderType", + "ResourceConfigurationAuthType": { + "markdownDescription": "The auth type for the resource configuration.", + "title": "ResourceConfigurationAuthType", "type": "string" }, - "LoggingRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", - "title": "LoggingRole", - "type": "string" + "ResourceConfigurationDefinition": { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration.ResourceConfigurationDefinition", + "markdownDescription": "Identifies the resource configuration in one of the following ways:\n\n- *Amazon Resource Name (ARN)* - Supported resource-types that are provisioned by AWS services, such as RDS databases, can be identified by their ARN.\n- *Domain name* - Any domain name that is publicly resolvable.\n- *IP address* - For IPv4 and IPv6, only IP addresses in the VPC are supported.", + "title": "ResourceConfigurationDefinition" }, - "PostAuthenticationLoginBanner": { - "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", - "title": "PostAuthenticationLoginBanner", + "ResourceConfigurationGroupId": { + "markdownDescription": "The ID of the group resource configuration.", + "title": "ResourceConfigurationGroupId", "type": "string" }, - "PreAuthenticationLoginBanner": { - "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", - "title": "PreAuthenticationLoginBanner", + "ResourceConfigurationType": { + "markdownDescription": "The type of resource configuration. A resource configuration can be one of the following types:\n\n- *SINGLE* - A single resource.\n- *GROUP* - A group of resources. You must create a group resource configuration before you create a child resource configuration.\n- *CHILD* - A single resource that is part of a group resource configuration.\n- *ARN* - An AWS resource.", + "title": "ResourceConfigurationType", "type": "string" }, - "ProtocolDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.ProtocolDetails", - "markdownDescription": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", - "title": "ProtocolDetails" - }, - "Protocols": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.Protocol" - }, - "markdownDescription": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", - "title": "Protocols", - "type": "array" - }, - "S3StorageOptions": { - "$ref": "#/definitions/AWS::Transfer::Server.S3StorageOptions", - "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", - "title": "S3StorageOptions" - }, - "SecurityPolicyName": { - "markdownDescription": "Specifies the name of the security policy for the server.", - "title": "SecurityPolicyName", + "ResourceGatewayId": { + "markdownDescription": "The ID of the resource gateway.", + "title": "ResourceGatewayId", "type": "string" }, - "StructuredLogDestinations": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.StructuredLogDestination" - }, - "markdownDescription": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", - "title": "StructuredLogDestinations", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for servers.", + "markdownDescription": "The tags for the resource configuration.", "title": "Tags", "type": "array" - }, - "WorkflowDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetails", - "markdownDescription": "Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.\n\nIn addition to a workflow to execute when a file is uploaded completely, `WorkflowDetails` can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.", - "title": "WorkflowDetails" } }, + "required": [ + "Name", + "ResourceConfigurationType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Server" + "AWS::VpcLattice::ResourceConfiguration" ], "type": "string" }, @@ -263108,179 +314570,156 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Transfer::Server.As2Transport": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.EndpointDetails": { + "AWS::VpcLattice::ResourceConfiguration.DnsResource": { "additionalProperties": false, "properties": { - "AddressAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.\n> - You can't set address allocation IDs for servers that have an `IpAddressType` set to `DUALSTACK` You can only set this property if `IpAddressType` is set to `IPV4` .", - "title": "AddressAllocationIds", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups IDs that are available to attach to your server's endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC` .\n> \n> You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs that are required to host your server endpoint in your VPC.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", - "title": "SubnetIds", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The ID of the VPC endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` .", - "title": "VpcEndpointId", + "DomainName": { + "markdownDescription": "The domain name of the resource configuration.", + "title": "DomainName", "type": "string" }, - "VpcId": { - "markdownDescription": "The VPC ID of the virtual private cloud in which the server's endpoint will be hosted.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", - "title": "VpcId", + "IpAddressType": { + "markdownDescription": "The IP address type for the resource configuration. Dualstack is not currently supported.", + "title": "IpAddressType", "type": "string" } }, + "required": [ + "DomainName", + "IpAddressType" + ], "type": "object" }, - "AWS::Transfer::Server.IdentityProviderDetails": { + "AWS::VpcLattice::ResourceConfiguration.ResourceConfigurationDefinition": { "additionalProperties": false, "properties": { - "DirectoryId": { - "markdownDescription": "The identifier of the AWS Directory Service directory that you want to use as your identity provider.", - "title": "DirectoryId", - "type": "string" - }, - "Function": { - "markdownDescription": "The ARN for a Lambda function to use for the Identity provider.", - "title": "Function", + "ArnResource": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource configuration. For the ARN syntax and format, see [ARN format](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html#arns-syntax) in the *AWS Identity and Access Management user guide* .", + "title": "ArnResource", "type": "string" }, - "InvocationRole": { - "markdownDescription": "This parameter is only applicable if your `IdentityProviderType` is `API_GATEWAY` . Provides the type of `InvocationRole` used to authenticate the user account.", - "title": "InvocationRole", - "type": "string" - }, - "SftpAuthenticationMethods": { - "markdownDescription": "For SFTP-enabled servers, and for custom identity providers *only* , you can specify whether to authenticate using a password, SSH key pair, or both.\n\n- `PASSWORD` - users must provide their password to connect.\n- `PUBLIC_KEY` - users must provide their private key to connect.\n- `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either their password or their key. This is the default value.\n- `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private key and their password to connect. The server checks the key first, and then if the key is valid, the system prompts for a password. If the private key provided does not match the public key that is stored, authentication fails.", - "title": "SftpAuthenticationMethods", - "type": "string" + "DnsResource": { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration.DnsResource", + "markdownDescription": "The DNS name of the resource configuration.", + "title": "DnsResource" }, - "Url": { - "markdownDescription": "Provides the location of the service endpoint used to authenticate users.", - "title": "Url", + "IpResource": { + "markdownDescription": "The IP address of the resource configuration.", + "title": "IpResource", "type": "string" } }, "type": "object" }, - "AWS::Transfer::Server.Protocol": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.ProtocolDetails": { + "AWS::VpcLattice::ResourceGateway": { "additionalProperties": false, "properties": { - "As2Transports": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.As2Transport" - }, - "markdownDescription": "List of `As2Transport` objects.", - "title": "As2Transports", - "type": "array" - }, - "PassiveIp": { - "markdownDescription": "Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:\n\n`aws transfer update-server --protocol-details PassiveIp=0.0.0.0`\n\nReplace `0.0.0.0` in the example above with the actual IP address you want to use.\n\n> If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) . \n\n*Special values*\n\nThe `AUTO` and `0.0.0.0` are special values for the `PassiveIp` parameter. The value `PassiveIp=AUTO` is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. `PassiveIp=0.0.0.0` has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the `PassiveIp` parameter. This reduces the effectiveness of having High Availability. In this case, you can specify `PassiveIp=0.0.0.0` . This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the `PassiveIp=0.0.0.0` response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the `PassiveIp=0.0.0.0` response.", - "title": "PassiveIp", + "Condition": { "type": "string" }, - "SetStatOption": { - "markdownDescription": "Use the `SetStatOption` to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket.\n\nSome SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as `SETSTAT` when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.\n\nSet the value to `ENABLE_NO_OP` to have the Transfer Family server ignore the `SETSTAT` command, and upload files without needing to make any changes to your SFTP client. While the `SetStatOption` `ENABLE_NO_OP` setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a `SETSTAT` call.\n\n> If you want to preserve the original timestamp for your file, and modify other file attributes using `SETSTAT` , you can use Amazon EFS as backend storage with Transfer Family.", - "title": "SetStatOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TlsSessionResumptionMode": { - "markdownDescription": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients.", - "title": "TlsSessionResumptionMode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Server.S3StorageOptions": { - "additionalProperties": false, - "properties": { - "DirectoryListingOptimization": { - "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", - "title": "DirectoryListingOptimization", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Server.StructuredLogDestination": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.WorkflowDetail": { - "additionalProperties": false, - "properties": { - "ExecutionRole": { - "markdownDescription": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources", - "title": "ExecutionRole", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "WorkflowId": { - "markdownDescription": "A unique identifier for the workflow.", - "title": "WorkflowId", - "type": "string" - } - }, - "required": [ - "ExecutionRole", - "WorkflowId" - ], - "type": "object" - }, - "AWS::Transfer::Server.WorkflowDetails": { - "additionalProperties": false, - "properties": { - "OnPartialUpload": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IpAddressType": { + "markdownDescription": "The type of IP address used by the resource gateway.", + "title": "IpAddressType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the resource gateway.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups applied to the resource gateway.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the VPC subnets for the resource gateway.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the resource gateway.", + "title": "Tags", + "type": "array" + }, + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC for the resource gateway.", + "title": "VpcIdentifier", + "type": "string" + } }, - "markdownDescription": "A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload.\n\nA *partial upload* occurs when a file is open when the session disconnects.\n\n> `OnPartialUpload` can contain a maximum of one `WorkflowDetail` object.", - "title": "OnPartialUpload", - "type": "array" + "required": [ + "Name", + "SubnetIds", + "VpcIdentifier" + ], + "type": "object" }, - "OnUpload": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" - }, - "markdownDescription": "A trigger that starts a workflow: the workflow begins to execute after a file is uploaded.\n\nTo remove an associated workflow from a server, you can provide an empty `OnUpload` object, as in the following example.\n\n`aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{\"OnUpload\":[]}'`\n\n> `OnUpload` can contain a maximum of one `WorkflowDetail` object.", - "title": "OnUpload", - "type": "array" + "Type": { + "enum": [ + "AWS::VpcLattice::ResourceGateway" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Transfer::User": { + "AWS::VpcLattice::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -263315,76 +314754,26 @@ "Properties": { "additionalProperties": false, "properties": { - "HomeDirectory": { - "markdownDescription": "The landing directory (folder) for a user when they log in to the server using the client.\n\nA `HomeDirectory` example is `/bucket_name/home/mydirectory` .\n\n> You can use the `HomeDirectory` parameter for `HomeDirectoryType` when it is set to either `PATH` or `LOGICAL` .", - "title": "HomeDirectory", - "type": "string" - }, - "HomeDirectoryMappings": { - "items": { - "$ref": "#/definitions/AWS::Transfer::User.HomeDirectoryMapEntry" - }, - "markdownDescription": "Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the `Entry` and `Target` pair, where `Entry` shows how the path is made visible and `Target` is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in `Target` . This value can be set only when `HomeDirectoryType` is set to *LOGICAL* .\n\nThe following is an `Entry` and `Target` pair example.\n\n`[ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`\n\nIn most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (\" `chroot` \"). To do this, you can set `Entry` to `/` and set `Target` to the value the user should see for their home directory when they log in.\n\nThe following is an `Entry` and `Target` pair example for `chroot` .\n\n`[ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`", - "title": "HomeDirectoryMappings", - "type": "array" - }, - "HomeDirectoryType": { - "markdownDescription": "The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to `PATH` , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to `LOGICAL` , you need to provide mappings in the `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon EFS paths visible to your users.\n\n> If `HomeDirectoryType` is `LOGICAL` , you must provide mappings, using the `HomeDirectoryMappings` parameter. If, on the other hand, `HomeDirectoryType` is `PATH` , you provide an absolute path using the `HomeDirectory` parameter. You cannot have both `HomeDirectory` and `HomeDirectoryMappings` in your template.", - "title": "HomeDirectoryType", - "type": "string" - }, "Policy": { - "markdownDescription": "A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include `${Transfer:UserName}` , `${Transfer:HomeDirectory}` , and `${Transfer:HomeBucket}` .\n\n> For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the `Policy` argument.\n> \n> For an example of a session policy, see [Example session policy](https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html) .\n> \n> For more information, see [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) in the *AWS Security Token Service API Reference* .", + "markdownDescription": "The Amazon Resource Name (ARN) of the service network or service.", "title": "Policy", - "type": "string" - }, - "PosixProfile": { - "$ref": "#/definitions/AWS::Transfer::User.PosixProfile", - "markdownDescription": "Specifies the full POSIX identity, including user ID ( `Uid` ), group ID ( `Gid` ), and any secondary groups IDs ( `SecondaryGids` ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.", - "title": "PosixProfile" - }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.", - "title": "Role", - "type": "string" - }, - "ServerId": { - "markdownDescription": "A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.", - "title": "ServerId", - "type": "string" - }, - "SshPublicKeys": { - "items": { - "$ref": "#/definitions/AWS::Transfer::User.SshPublicKey" - }, - "markdownDescription": "Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.\n\n> To delete the public key body, set its value to zero keys, as shown here:\n> \n> `SshPublicKeys: []`", - "title": "SshPublicKeys", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.", - "title": "Tags", - "type": "array" + "type": "object" }, - "UserName": { - "markdownDescription": "A unique string that identifies a user and is associated with a `ServerId` . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.", - "title": "UserName", + "ResourceArn": { + "markdownDescription": "An IAM policy.", + "title": "ResourceArn", "type": "string" } }, "required": [ - "Role", - "ServerId", - "UserName" + "Policy", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::User" + "AWS::VpcLattice::ResourcePolicy" ], "type": "string" }, @@ -263403,65 +314792,7 @@ ], "type": "object" }, - "AWS::Transfer::User.HomeDirectoryMapEntry": { - "additionalProperties": false, - "properties": { - "Entry": { - "markdownDescription": "Represents an entry for `HomeDirectoryMappings` .", - "title": "Entry", - "type": "string" - }, - "Target": { - "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", - "title": "Target", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies the type of mapping. Set the type to `FILE` if you want the mapping to point to a file, or `DIRECTORY` for the directory to point to a directory.\n\n> By default, home directory mappings have a `Type` of `DIRECTORY` when you create a Transfer Family server. You would need to explicitly set `Type` to `FILE` if you want a mapping to have a file target.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Entry", - "Target" - ], - "type": "object" - }, - "AWS::Transfer::User.PosixProfile": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID used for all EFS operations by this user.", - "title": "Gid", - "type": "number" - }, - "SecondaryGids": { - "items": { - "type": "number" - }, - "markdownDescription": "The secondary POSIX group IDs used for all EFS operations by this user.", - "title": "SecondaryGids", - "type": "array" - }, - "Uid": { - "markdownDescription": "The POSIX user ID used for all EFS operations by this user.", - "title": "Uid", - "type": "number" - } - }, - "required": [ - "Gid", - "Uid" - ], - "type": "object" - }, - "AWS::Transfer::User.SshPublicKey": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Workflow": { + "AWS::VpcLattice::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -263496,44 +314827,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Specifies the text description for the workflow.", - "title": "Description", + "Action": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Action", + "markdownDescription": "Describes the action for a rule.", + "title": "Action" + }, + "ListenerIdentifier": { + "markdownDescription": "The ID or ARN of the listener.", + "title": "ListenerIdentifier", "type": "string" }, - "OnExceptionSteps": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" - }, - "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", - "title": "OnExceptionSteps", - "type": "array" + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Match", + "markdownDescription": "The rule match.", + "title": "Match" }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" - }, - "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", - "title": "Steps", - "type": "array" + "Name": { + "markdownDescription": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.", + "title": "Priority", + "type": "number" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", + "markdownDescription": "The tags for the rule.", "title": "Tags", "type": "array" } }, "required": [ - "Steps" + "Action", + "Match", + "Priority" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Workflow" + "AWS::VpcLattice::Rule" ], "type": "string" }, @@ -263552,245 +314894,192 @@ ], "type": "object" }, - "AWS::Transfer::Workflow.CopyStepDetails": { + "AWS::VpcLattice::Rule.Action": { "additionalProperties": false, "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", - "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" + "FixedResponse": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.FixedResponse", + "markdownDescription": "The fixed response action. The rule returns a custom HTTP response.", + "title": "FixedResponse" }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" + "Forward": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Forward", + "markdownDescription": "The forward action. Traffic that matches the rule is forwarded to the specified target groups.", + "title": "Forward" } }, "type": "object" }, - "AWS::Transfer::Workflow.CustomStepDetails": { + "AWS::VpcLattice::Rule.FixedResponse": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Target": { - "markdownDescription": "The ARN for the Lambda function that is being called.", - "title": "Target", - "type": "string" - }, - "TimeoutSeconds": { - "markdownDescription": "Timeout, in seconds, for the step.", - "title": "TimeoutSeconds", + "StatusCode": { + "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", + "title": "StatusCode", "type": "number" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::Transfer::Workflow.DecryptStepDetails": { + "AWS::VpcLattice::Rule.Forward": { "additionalProperties": false, "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", - "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", - "title": "Type", - "type": "string" + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.WeightedTargetGroup" + }, + "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", + "title": "TargetGroups", + "type": "array" } }, + "required": [ + "TargetGroups" + ], "type": "object" }, - "AWS::Transfer::Workflow.DeleteStepDetails": { + "AWS::VpcLattice::Rule.HeaderMatch": { "additionalProperties": false, "properties": { + "CaseSensitive": { + "markdownDescription": "Indicates whether the match is case sensitive.", + "title": "CaseSensitive", + "type": "boolean" + }, + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatchType", + "markdownDescription": "The header match type.", + "title": "Match" + }, "Name": { - "markdownDescription": "The name of the step, used as an identifier.", + "markdownDescription": "The name of the header.", "title": "Name", "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" } }, + "required": [ + "Match", + "Name" + ], "type": "object" }, - "AWS::Transfer::Workflow.EfsInputFileLocation": { + "AWS::VpcLattice::Rule.HeaderMatchType": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", - "title": "FileSystemId", + "Contains": { + "markdownDescription": "A contains type match.", + "title": "Contains", "type": "string" }, - "Path": { - "markdownDescription": "The pathname for the folder being used by a workflow.", - "title": "Path", + "Exact": { + "markdownDescription": "An exact type match.", + "title": "Exact", "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.InputFileLocation": { - "additionalProperties": false, - "properties": { - "EfsFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", - "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", - "title": "EfsFileLocation" }, - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", - "title": "S3FileLocation" + "Prefix": { + "markdownDescription": "A prefix type match. Matches the value with the prefix.", + "title": "Prefix", + "type": "string" } }, "type": "object" }, - "AWS::Transfer::Workflow.S3FileLocation": { + "AWS::VpcLattice::Rule.HttpMatch": { "additionalProperties": false, "properties": { - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", - "title": "S3FileLocation" + "HeaderMatches": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatch" + }, + "markdownDescription": "The header matches. Matches incoming requests with rule based on request header value before applying rule action.", + "title": "HeaderMatches", + "type": "array" + }, + "Method": { + "markdownDescription": "The HTTP method type.", + "title": "Method", + "type": "string" + }, + "PathMatch": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatch", + "markdownDescription": "The path match.", + "title": "PathMatch" } }, "type": "object" }, - "AWS::Transfer::Workflow.S3InputFileLocation": { + "AWS::VpcLattice::Rule.Match": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "Specifies the S3 bucket for the customer input file.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", - "title": "Key", - "type": "string" + "HttpMatch": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HttpMatch", + "markdownDescription": "The HTTP criteria that a rule must match.", + "title": "HttpMatch" } }, + "required": [ + "HttpMatch" + ], "type": "object" }, - "AWS::Transfer::Workflow.S3Tag": { + "AWS::VpcLattice::Rule.PathMatch": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name assigned to the tag that you create.", - "title": "Key", - "type": "string" + "CaseSensitive": { + "markdownDescription": "Indicates whether the match is case sensitive.", + "title": "CaseSensitive", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value that corresponds to the key.", - "title": "Value", - "type": "string" + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatchType", + "markdownDescription": "The type of path match.", + "title": "Match" } }, "required": [ - "Key", - "Value" + "Match" ], "type": "object" }, - "AWS::Transfer::Workflow.TagStepDetails": { + "AWS::VpcLattice::Rule.PathMatchType": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", + "Exact": { + "markdownDescription": "An exact match of the path.", + "title": "Exact", "type": "string" }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", + "Prefix": { + "markdownDescription": "A prefix match of the path.", + "title": "Prefix", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" - }, - "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::Transfer::Workflow.WorkflowStep": { + "AWS::VpcLattice::Rule.WeightedTargetGroup": { "additionalProperties": false, "properties": { - "CopyStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", - "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", - "title": "CopyStepDetails" - }, - "CustomStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", - "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", - "title": "CustomStepDetails" - }, - "DecryptStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", - "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", - "title": "DecryptStepDetails" - }, - "DeleteStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", - "markdownDescription": "Details for a step that deletes the file.", - "title": "DeleteStepDetails" - }, - "TagStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", - "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", - "title": "TagStepDetails" - }, - "Type": { - "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", - "title": "Type", + "TargetGroupIdentifier": { + "markdownDescription": "The ID of the target group.", + "title": "TargetGroupIdentifier", "type": "string" + }, + "Weight": { + "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", + "title": "Weight", + "type": "number" } }, + "required": [ + "TargetGroupIdentifier" + ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource": { + "AWS::VpcLattice::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -263825,31 +315114,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration", - "markdownDescription": "Contains configuration information used when creating a new identity source.", - "title": "Configuration" + "AuthType": { + "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", + "title": "AuthType", + "type": "string" }, - "PolicyStoreId": { - "markdownDescription": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", - "title": "PolicyStoreId", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", "type": "string" }, - "PrincipalEntityType": { - "markdownDescription": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.", - "title": "PrincipalEntityType", + "CustomDomainName": { + "markdownDescription": "The custom domain name of the service.", + "title": "CustomDomainName", + "type": "string" + }, + "DnsEntry": { + "$ref": "#/definitions/AWS::VpcLattice::Service.DnsEntry", + "markdownDescription": "Describes the DNS information of the service. This field is read-only.", + "title": "DnsEntry" + }, + "Name": { + "markdownDescription": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Configuration", - "PolicyStoreId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::IdentitySource" + "AWS::VpcLattice::Service" ], "type": "string" }, @@ -263863,67 +315166,122 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration": { + "AWS::VpcLattice::Service.DnsEntry": { "additionalProperties": false, "properties": { - "GroupEntityType": { - "markdownDescription": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup` .", - "title": "GroupEntityType", + "DomainName": { + "markdownDescription": "The domain name of the service.", + "title": "DomainName", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone.", + "title": "HostedZoneId", "type": "string" } }, - "required": [ - "GroupEntityType" - ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration": { + "AWS::VpcLattice::ServiceNetwork": { "additionalProperties": false, "properties": { - "ClientIds": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", + "title": "AuthType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", + "type": "string" + }, + "SharingConfig": { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetwork.SharingConfig", + "markdownDescription": "Specify if the service network should be enabled for sharing.", + "title": "SharingConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service network.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n\nExample: `\"ClientIds\": [\"&ExampleCogClientId;\"]`", - "title": "ClientIds", - "type": "array" + "type": "object" }, - "GroupConfiguration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration", - "markdownDescription": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.", - "title": "GroupConfiguration" + "Type": { + "enum": [ + "AWS::VpcLattice::ServiceNetwork" + ], + "type": "string" }, - "UserPoolArn": { - "markdownDescription": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool that contains the identities to be authorized.", - "title": "UserPoolArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "UserPoolArn" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration": { + "AWS::VpcLattice::ServiceNetwork.SharingConfig": { "additionalProperties": false, "properties": { - "CognitoUserPoolConfiguration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration", - "markdownDescription": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions .", - "title": "CognitoUserPoolConfiguration" + "enabled": { + "markdownDescription": "Specify if the service network should be enabled for sharing.", + "title": "enabled", + "type": "boolean" } }, "required": [ - "CognitoUserPoolConfiguration" + "enabled" ], "type": "object" }, - "AWS::VerifiedPermissions::Policy": { + "AWS::VpcLattice::ServiceNetworkResourceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -263958,26 +315316,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.PolicyDefinition", - "markdownDescription": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element.", - "title": "Definition" + "ResourceConfigurationId": { + "markdownDescription": "The ID of the resource configuration associated with the service network.", + "title": "ResourceConfigurationId", + "type": "string" }, - "PolicyStoreId": { - "markdownDescription": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in.", - "title": "PolicyStoreId", + "ServiceNetworkId": { + "markdownDescription": "The ID of the service network associated with the resource configuration.", + "title": "ServiceNetworkId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A key-value pair to associate with a resource.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Definition", - "PolicyStoreId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::Policy" + "AWS::VpcLattice::ServiceNetworkResourceAssociation" ], "type": "string" }, @@ -263991,91 +315353,108 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::Policy.EntityIdentifier": { + "AWS::VpcLattice::ServiceNetworkServiceAssociation": { "additionalProperties": false, "properties": { - "EntityId": { - "markdownDescription": "The identifier of an entity.\n\n`\"entityId\":\" *identifier* \"`", - "title": "EntityId", + "Condition": { "type": "string" }, - "EntityType": { - "markdownDescription": "The type of an entity.\n\nExample: `\"entityType\":\" *typeName* \"`", - "title": "EntityType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "EntityId", - "EntityType" - ], - "type": "object" - }, - "AWS::VerifiedPermissions::Policy.PolicyDefinition": { - "additionalProperties": false, - "properties": { - "Static": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.StaticPolicyDefinition", - "markdownDescription": "A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.", - "title": "Static" }, - "TemplateLinked": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition", - "markdownDescription": "A structure that describes a policy that was instantiated from a template. The template can specify placeholders for `principal` and `resource` . When you use [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy.", - "title": "TemplateLinked" - } - }, - "type": "object" - }, - "AWS::VerifiedPermissions::Policy.StaticPolicyDefinition": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the static policy.", - "title": "Description", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DnsEntry": { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry", + "markdownDescription": "The DNS information of the service.", + "title": "DnsEntry" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", + "type": "string" + }, + "ServiceNetworkIdentifier": { + "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", + "title": "ServiceNetworkIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the association.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::VpcLattice::ServiceNetworkServiceAssociation" + ], "type": "string" }, - "Statement": { - "markdownDescription": "The policy content of the static policy, written in the Cedar policy language.", - "title": "Statement", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Statement" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition": { + "AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry": { "additionalProperties": false, "properties": { - "PolicyTemplateId": { - "markdownDescription": "The unique identifier of the policy template used to create this policy.", - "title": "PolicyTemplateId", + "DomainName": { + "markdownDescription": "The domain name of the service.", + "title": "DomainName", "type": "string" }, - "Principal": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", - "markdownDescription": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the `?principal` placeholder in the policy template when it evaluates an authorization request.", - "title": "Principal" - }, - "Resource": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", - "markdownDescription": "The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the `?resource` placeholder in the policy template when it evaluates an authorization request.", - "title": "Resource" + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone.", + "title": "HostedZoneId", + "type": "string" } }, - "required": [ - "PolicyTemplateId" - ], "type": "object" }, - "AWS::VerifiedPermissions::PolicyStore": { + "AWS::VpcLattice::ServiceNetworkVpcAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -264110,30 +315489,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Descriptive text that you can provide to help with identification of the current policy store.", - "title": "Description", + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServiceNetworkIdentifier": { + "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", + "title": "ServiceNetworkIdentifier", "type": "string" }, - "Schema": { - "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.SchemaDefinition", - "markdownDescription": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.", - "title": "Schema" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the association.", + "title": "Tags", + "type": "array" }, - "ValidationSettings": { - "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.ValidationSettings", - "markdownDescription": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n> We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on.", - "title": "ValidationSettings" + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcIdentifier", + "type": "string" } }, - "required": [ - "ValidationSettings" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::PolicyStore" + "AWS::VpcLattice::ServiceNetworkVpcAssociation" ], "type": "string" }, @@ -264147,37 +315534,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { - "additionalProperties": false, - "properties": { - "CedarJson": { - "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", - "title": "CedarJson", - "type": "string" - } - }, - "type": "object" - }, - "AWS::VerifiedPermissions::PolicyStore.ValidationSettings": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* \u2013 Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* \u2013 Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n> If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n> \n> To submit a static policy or policy template without a schema, you must turn off validation.", - "title": "Mode", - "type": "string" - } - }, - "required": [ - "Mode" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::PolicyTemplate": { + "AWS::VpcLattice::TargetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -264212,50 +315573,195 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description to attach to the new or updated policy template.", - "title": "Description", - "type": "string" + "Config": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.TargetGroupConfig", + "markdownDescription": "The target group configuration.", + "title": "Config" }, - "PolicyStoreId": { - "markdownDescription": "The unique identifier of the policy store that contains the template.", - "title": "PolicyStoreId", + "Name": { + "markdownDescription": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" }, - "Statement": { - "markdownDescription": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language.", - "title": "Statement", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the target group.", + "title": "Tags", + "type": "array" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Target" + }, + "markdownDescription": "Describes a target.", + "title": "Targets", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of target group.", + "title": "Type", "type": "string" } }, "required": [ - "PolicyStoreId", - "Statement" + "Type" ], "type": "object" }, - "Type": { - "enum": [ - "AWS::VerifiedPermissions::PolicyTemplate" - ], + "Type": { + "enum": [ + "AWS::VpcLattice::TargetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.HealthCheckConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether health checking is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "HealthCheckIntervalSeconds": { + "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5\u2013300 seconds. The default is 30 seconds.", + "title": "HealthCheckIntervalSeconds", + "type": "number" + }, + "HealthCheckTimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1\u2013120 seconds. The default is 5 seconds.", + "title": "HealthCheckTimeoutSeconds", + "type": "number" + }, + "HealthyThresholdCount": { + "markdownDescription": "The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2\u201310. The default is 5.", + "title": "HealthyThresholdCount", + "type": "number" + }, + "Matcher": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Matcher", + "markdownDescription": "The codes to use when checking for a successful response from a target.", + "title": "Matcher" + }, + "Path": { + "markdownDescription": "The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI.", + "title": "Path", + "type": "string" + }, + "Port": { + "markdownDescription": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` .", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` .", + "title": "ProtocolVersion", + "type": "string" + }, + "UnhealthyThresholdCount": { + "markdownDescription": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2\u201310. The default is 2.", + "title": "UnhealthyThresholdCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.Matcher": { + "additionalProperties": false, + "properties": { + "HttpCode": { + "markdownDescription": "The HTTP code to use when checking for a successful response from a target.", + "title": "HttpCode", + "type": "string" + } + }, + "required": [ + "HttpCode" + ], + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.Target": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer.", + "title": "Id", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.TargetGroupConfig": { + "additionalProperties": false, + "properties": { + "HealthCheck": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.HealthCheckConfig", + "markdownDescription": "The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` .", + "title": "HealthCheck" + }, + "IpAddressType": { + "markdownDescription": "The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` .", + "title": "IpAddressType", + "type": "string" + }, + "LambdaEventStructureVersion": { + "markdownDescription": "The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` .", + "title": "LambdaEventStructureVersion", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` .", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` .", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` .", + "title": "ProtocolVersion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC. Not supported if the target group type is `LAMBDA` .", + "title": "VpcIdentifier", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::VoiceID::Domain": { + "AWS::WAF::ByteMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264290,39 +315796,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the domain.", - "title": "Description", - "type": "string" + "ByteMatchTuples": { + "items": { + "$ref": "#/definitions/AWS::WAF::ByteMatchSet.ByteMatchTuple" + }, + "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", + "title": "ByteMatchTuples", + "type": "array" }, "Name": { - "markdownDescription": "The name for the domain.", + "markdownDescription": "The name of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", "title": "Name", "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::VoiceID::Domain.ServerSideEncryptionConfiguration", - "markdownDescription": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data.", - "title": "ServerSideEncryptionConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" } }, "required": [ - "Name", - "ServerSideEncryptionConfiguration" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VoiceID::Domain" + "AWS::WAF::ByteMatchSet" ], "type": "string" }, @@ -264341,21 +315836,62 @@ ], "type": "object" }, - "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { + "AWS::WAF::ByteMatchSet.ByteMatchTuple": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys.", - "title": "KmsKeyId", + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::ByteMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "PositionalConstraint": { + "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", + "type": "string" + }, + "TargetString": { + "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", + "title": "TargetString", + "type": "string" + }, + "TargetStringBase64": { + "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", + "title": "TargetStringBase64", + "type": "string" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", "type": "string" } }, "required": [ - "KmsKeyId" + "FieldToMatch", + "PositionalConstraint", + "TextTransformation" ], "type": "object" }, - "AWS::VpcLattice::AccessLogSubscription": { + "AWS::WAF::ByteMatchSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" + }, + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAF::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264390,33 +315926,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.", - "title": "DestinationArn", - "type": "string" - }, - "ResourceIdentifier": { - "markdownDescription": "The ID or ARN of the service network or service.", - "title": "ResourceIdentifier", - "type": "string" - }, - "Tags": { + "IPSetDescriptors": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::IPSet.IPSetDescriptor" }, - "markdownDescription": "The tags for the access log subscription.", - "title": "Tags", + "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from. If the `WebACL` is associated with an Amazon CloudFront distribution and the viewer did not use an HTTP proxy or a load balancer to send the request, this is the value of the c-ip field in the CloudFront access logs.", + "title": "IPSetDescriptors", "type": "array" + }, + "Name": { + "markdownDescription": "The name of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "title": "Name", + "type": "string" } }, "required": [ - "DestinationArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::AccessLogSubscription" + "AWS::WAF::IPSet" ], "type": "string" }, @@ -264435,7 +315966,27 @@ ], "type": "object" }, - "AWS::VpcLattice::AuthPolicy": { + "AWS::WAF::IPSet.IPSetDescriptor": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specify `IPV4` or `IPV6` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::WAF::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -264470,26 +316021,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "The auth policy.", - "title": "Policy", - "type": "object" + "MetricName": { + "markdownDescription": "The name of the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", + "title": "MetricName", + "type": "string" }, - "ResourceIdentifier": { - "markdownDescription": "The ID or ARN of the service network or service for which the policy is created.", - "title": "ResourceIdentifier", + "Name": { + "markdownDescription": "The friendly name or description for the `Rule` . You can't change the name of a `Rule` after you create it.", + "title": "Name", "type": "string" + }, + "Predicates": { + "items": { + "$ref": "#/definitions/AWS::WAF::Rule.Predicate" + }, + "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", + "title": "Predicates", + "type": "array" } }, "required": [ - "Policy", - "ResourceIdentifier" + "MetricName", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::AuthPolicy" + "AWS::WAF::Rule" ], "type": "string" }, @@ -264508,7 +316067,33 @@ ], "type": "object" }, - "AWS::VpcLattice::Listener": { + "AWS::WAF::Rule.Predicate": { + "additionalProperties": false, + "properties": { + "DataId": { + "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", + "title": "DataId", + "type": "string" + }, + "Negated": { + "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", + "title": "Negated", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "DataId", + "Negated", + "Type" + ], + "type": "object" + }, + "AWS::WAF::SizeConstraintSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264543,49 +316128,29 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultAction": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.DefaultAction", - "markdownDescription": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match.", - "title": "DefaultAction" - }, "Name": { - "markdownDescription": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "The name, if any, of the `SizeConstraintSet` .", "title": "Name", "type": "string" }, - "Port": { - "markdownDescription": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The listener protocol.", - "title": "Protocol", - "type": "string" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "Tags": { + "SizeConstraints": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.SizeConstraint" }, - "markdownDescription": "The tags for the listener.", - "title": "Tags", + "markdownDescription": "The size constraint and the part of the web request to check.", + "title": "SizeConstraints", "type": "array" } }, "required": [ - "DefaultAction", - "Protocol" + "Name", + "SizeConstraints" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Listener" + "AWS::WAF::SizeConstraintSet" ], "type": "string" }, @@ -264604,73 +316169,58 @@ ], "type": "object" }, - "AWS::VpcLattice::Listener.DefaultAction": { + "AWS::WAF::SizeConstraintSet.FieldToMatch": { "additionalProperties": false, "properties": { - "FixedResponse": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.FixedResponse", - "markdownDescription": "Describes an action that returns a custom HTTP response.", - "title": "FixedResponse" + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" }, - "Forward": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.Forward", - "markdownDescription": "Describes a forward action. You can use forward actions to route requests to one or more target groups.", - "title": "Forward" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Listener.FixedResponse": { - "additionalProperties": false, - "properties": { - "StatusCode": { - "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", - "title": "StatusCode", - "type": "number" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::VpcLattice::Listener.Forward": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.WeightedTargetGroup" - }, - "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", - "title": "TargetGroups", - "type": "array" + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" } }, "required": [ - "TargetGroups" + "Type" ], "type": "object" }, - "AWS::VpcLattice::Listener.WeightedTargetGroup": { + "AWS::WAF::SizeConstraintSet.SizeConstraint": { "additionalProperties": false, "properties": { - "TargetGroupIdentifier": { - "markdownDescription": "The ID of the target group.", - "title": "TargetGroupIdentifier", + "ComparisonOperator": { + "markdownDescription": "The type of comparison you want AWS WAF to perform. AWS WAF uses this in combination with the provided `Size` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\n*EQ* : Used to test if the `Size` is equal to the size of the `FieldToMatch`\n\n*NE* : Used to test if the `Size` is not equal to the size of the `FieldToMatch`\n\n*LE* : Used to test if the `Size` is less than or equal to the size of the `FieldToMatch`\n\n*LT* : Used to test if the `Size` is strictly less than the size of the `FieldToMatch`\n\n*GE* : Used to test if the `Size` is greater than or equal to the size of the `FieldToMatch`\n\n*GT* : Used to test if the `Size` is strictly greater than the size of the `FieldToMatch`", + "title": "ComparisonOperator", "type": "string" }, - "Weight": { - "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", - "title": "Weight", + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "Size": { + "markdownDescription": "The size in bytes that you want AWS WAF to compare against the size of the specified `FieldToMatch` . AWS WAF uses this in combination with `ComparisonOperator` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\nValid values for size are 0 - 21474836480 bytes (0 - 20 GB).\n\nIf you specify `URI` for the value of `Type` , the / in the URI path that you specify counts as one character. For example, the URI `/logo.jpg` is nine characters long.", + "title": "Size", "type": "number" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because Amazon CloudFront forwards only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", + "title": "TextTransformation", + "type": "string" } }, "required": [ - "TargetGroupIdentifier" + "ComparisonOperator", + "FieldToMatch", + "Size", + "TextTransformation" ], "type": "object" }, - "AWS::VpcLattice::ResourcePolicy": { + "AWS::WAF::SqlInjectionMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264705,26 +316255,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service network or service.", - "title": "Policy", - "type": "object" - }, - "ResourceArn": { - "markdownDescription": "An IAM policy.", - "title": "ResourceArn", + "Name": { + "markdownDescription": "The name, if any, of the `SqlInjectionMatchSet` .", + "title": "Name", "type": "string" + }, + "SqlInjectionMatchTuples": { + "items": { + "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple" + }, + "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", + "title": "SqlInjectionMatchTuples", + "type": "array" } }, "required": [ - "Policy", - "ResourceArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ResourcePolicy" + "AWS::WAF::SqlInjectionMatchSet" ], "type": "string" }, @@ -264743,7 +316295,46 @@ ], "type": "object" }, - "AWS::VpcLattice::Rule": { + "AWS::WAF::SqlInjectionMatchSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" + }, + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", + "type": "string" + } + }, + "required": [ + "FieldToMatch", + "TextTransformation" + ], + "type": "object" + }, + "AWS::WAF::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -264778,55 +316369,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Action", - "markdownDescription": "Describes the action for a rule.", - "title": "Action" + "DefaultAction": { + "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", + "title": "DefaultAction" }, - "ListenerIdentifier": { - "markdownDescription": "The ID or ARN of the listener.", - "title": "ListenerIdentifier", + "MetricName": { + "markdownDescription": "The name of the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", + "title": "MetricName", "type": "string" }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Match", - "markdownDescription": "The rule match.", - "title": "Match" - }, "Name": { - "markdownDescription": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "A friendly name or description of the `WebACL` . You can't change the name of a `WebACL` after you create it.", "title": "Name", "type": "string" }, - "Priority": { - "markdownDescription": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.", - "title": "Priority", - "type": "number" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "Tags": { + "Rules": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::WebACL.ActivatedRule" }, - "markdownDescription": "The tags for the rule.", - "title": "Tags", + "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", + "title": "Rules", "type": "array" } }, "required": [ - "Action", - "Match", - "Priority" + "DefaultAction", + "MetricName", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Rule" + "AWS::WAF::WebACL" ], "type": "string" }, @@ -264845,192 +316421,46 @@ ], "type": "object" }, - "AWS::VpcLattice::Rule.Action": { + "AWS::WAF::WebACL.ActivatedRule": { "additionalProperties": false, "properties": { - "FixedResponse": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.FixedResponse", - "markdownDescription": "The fixed response action. The rule returns a custom HTTP response.", - "title": "FixedResponse" + "Action": { + "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "markdownDescription": "Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the `Rule` . Valid values for `Action` include the following:\n\n- `ALLOW` : CloudFront responds with the requested object.\n- `BLOCK` : CloudFront responds with an HTTP 403 (Forbidden) status code.\n- `COUNT` : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.\n\n`ActivatedRule|OverrideAction` applies only when updating or adding a `RuleGroup` to a `WebACL` . In this case, you do not use `ActivatedRule|Action` . For all other update requests, `ActivatedRule|Action` is used instead of `ActivatedRule|OverrideAction` .", + "title": "Action" }, - "Forward": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Forward", - "markdownDescription": "The forward action. Traffic that matches the rule is forwarded to the specified target groups.", - "title": "Forward" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.FixedResponse": { - "additionalProperties": false, - "properties": { - "StatusCode": { - "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", - "title": "StatusCode", + "Priority": { + "markdownDescription": "Specifies the order in which the `Rules` in a `WebACL` are evaluated. Rules with a lower value for `Priority` are evaluated before `Rules` with a higher value. The value must be a unique integer. If you add multiple `Rules` to a `WebACL` , the values don't need to be consecutive.", + "title": "Priority", "type": "number" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.Forward": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.WeightedTargetGroup" - }, - "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", - "title": "TargetGroups", - "type": "array" - } - }, - "required": [ - "TargetGroups" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.HeaderMatch": { - "additionalProperties": false, - "properties": { - "CaseSensitive": { - "markdownDescription": "Indicates whether the match is case sensitive.", - "title": "CaseSensitive", - "type": "boolean" - }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatchType", - "markdownDescription": "The header match type.", - "title": "Match" - }, - "Name": { - "markdownDescription": "The name of the header.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Match", - "Name" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.HeaderMatchType": { - "additionalProperties": false, - "properties": { - "Contains": { - "markdownDescription": "A contains type match.", - "title": "Contains", - "type": "string" - }, - "Exact": { - "markdownDescription": "An exact type match.", - "title": "Exact", - "type": "string" - }, - "Prefix": { - "markdownDescription": "A prefix type match. Matches the value with the prefix.", - "title": "Prefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.HttpMatch": { - "additionalProperties": false, - "properties": { - "HeaderMatches": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatch" - }, - "markdownDescription": "The header matches. Matches incoming requests with rule based on request header value before applying rule action.", - "title": "HeaderMatches", - "type": "array" }, - "Method": { - "markdownDescription": "The HTTP method type.", - "title": "Method", + "RuleId": { + "markdownDescription": "The `RuleId` for a `Rule` . You use `RuleId` to get more information about a `Rule` , update a `Rule` , insert a `Rule` into a `WebACL` or delete a one from a `WebACL` , or delete a `Rule` from AWS WAF .\n\n`RuleId` is returned by `CreateRule` and by `ListRules` .", + "title": "RuleId", "type": "string" - }, - "PathMatch": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatch", - "markdownDescription": "The path match.", - "title": "PathMatch" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.Match": { - "additionalProperties": false, - "properties": { - "HttpMatch": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HttpMatch", - "markdownDescription": "The HTTP criteria that a rule must match.", - "title": "HttpMatch" - } - }, - "required": [ - "HttpMatch" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.PathMatch": { - "additionalProperties": false, - "properties": { - "CaseSensitive": { - "markdownDescription": "Indicates whether the match is case sensitive.", - "title": "CaseSensitive", - "type": "boolean" - }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatchType", - "markdownDescription": "The type of path match.", - "title": "Match" } }, "required": [ - "Match" + "Priority", + "RuleId" ], "type": "object" }, - "AWS::VpcLattice::Rule.PathMatchType": { - "additionalProperties": false, - "properties": { - "Exact": { - "markdownDescription": "An exact match of the path.", - "title": "Exact", - "type": "string" - }, - "Prefix": { - "markdownDescription": "A prefix match of the path.", - "title": "Prefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.WeightedTargetGroup": { + "AWS::WAF::WebACL.WafAction": { "additionalProperties": false, "properties": { - "TargetGroupIdentifier": { - "markdownDescription": "The ID of the target group.", - "title": "TargetGroupIdentifier", + "Type": { + "markdownDescription": "Specifies how you want AWS WAF to respond to requests that match the settings in a `Rule` . Valid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a `WebACL` .", + "title": "Type", "type": "string" - }, - "Weight": { - "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", - "title": "Weight", - "type": "number" } }, "required": [ - "TargetGroupIdentifier" + "Type" ], "type": "object" }, - "AWS::VpcLattice::Service": { + "AWS::WAF::XssMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265065,45 +316495,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", - "title": "AuthType", - "type": "string" - }, - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", - "type": "string" - }, - "CustomDomainName": { - "markdownDescription": "The custom domain name of the service.", - "title": "CustomDomainName", - "type": "string" - }, - "DnsEntry": { - "$ref": "#/definitions/AWS::VpcLattice::Service.DnsEntry", - "markdownDescription": "Describes the DNS information of the service. This field is read-only.", - "title": "DnsEntry" - }, "Name": { - "markdownDescription": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "The name, if any, of the `XssMatchSet` .", "title": "Name", "type": "string" }, - "Tags": { + "XssMatchTuples": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::XssMatchSet.XssMatchTuple" }, - "markdownDescription": "The tags for the service.", - "title": "Tags", + "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", + "title": "XssMatchTuples", "type": "array" } }, + "required": [ + "Name", + "XssMatchTuples" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Service" + "AWS::WAF::XssMatchSet" ], "type": "string" }, @@ -265117,27 +316531,51 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::Service.DnsEntry": { + "AWS::WAF::XssMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name of the service.", - "title": "DomainName", + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", "type": "string" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone.", - "title": "HostedZoneId", + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::VpcLattice::ServiceNetwork": { + "AWS::WAF::XssMatchSet.XssMatchTuple": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::XssMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", + "type": "string" + } + }, + "required": [ + "FieldToMatch", + "TextTransformation" + ], + "type": "object" + }, + "AWS::WAFRegional::ByteMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265172,30 +316610,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", - "title": "AuthType", - "type": "string" + "ByteMatchTuples": { + "items": { + "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.ByteMatchTuple" + }, + "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", + "title": "ByteMatchTuples", + "type": "array" }, "Name": { - "markdownDescription": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "A friendly name or description of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", "title": "Name", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the service network.", - "title": "Tags", - "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ServiceNetwork" + "AWS::WAFRegional::ByteMatchSet" ], "type": "string" }, @@ -265209,108 +316645,67 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkServiceAssociation": { + "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", + "title": "FieldToMatch" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PositionalConstraint": { + "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DnsEntry": { - "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry", - "markdownDescription": "The DNS information of the service.", - "title": "DnsEntry" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "ServiceNetworkIdentifier": { - "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", - "title": "ServiceNetworkIdentifier", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the association.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "TargetString": { + "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request.\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", + "title": "TargetString", + "type": "string" }, - "Type": { - "enum": [ - "AWS::VpcLattice::ServiceNetworkServiceAssociation" - ], + "TargetStringBase64": { + "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", + "title": "TargetStringBase64", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", "type": "string" } }, "required": [ - "Type" + "FieldToMatch", + "PositionalConstraint", + "TextTransformation" ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry": { + "AWS::WAFRegional::ByteMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name of the service.", - "title": "DomainName", + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", "type": "string" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone.", - "title": "HostedZoneId", + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkVpcAssociation": { + "AWS::WAFRegional::GeoMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265345,38 +316740,28 @@ "Properties": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServiceNetworkIdentifier": { - "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", - "title": "ServiceNetworkIdentifier", - "type": "string" - }, - "Tags": { + "GeoMatchConstraints": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint" }, - "markdownDescription": "The tags for the association.", - "title": "Tags", + "markdownDescription": "An array of `GeoMatchConstraint` objects, which contain the country that you want AWS WAF to search for.", + "title": "GeoMatchConstraints", "type": "array" }, - "VpcIdentifier": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcIdentifier", + "Name": { + "markdownDescription": "A friendly name or description of the `GeoMatchSet` . You can't change the name of an `GeoMatchSet` after you create it.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ServiceNetworkVpcAssociation" + "AWS::WAFRegional::GeoMatchSet" ], "type": "string" }, @@ -265390,11 +316775,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::TargetGroup": { + "AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of geographical area you want AWS WAF to search for. Currently `Country` is the only valid value.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The country that you want AWS WAF to search for.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::WAFRegional::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265429,195 +316835,67 @@ "Properties": { "additionalProperties": false, "properties": { - "Config": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.TargetGroupConfig", - "markdownDescription": "The target group configuration.", - "title": "Config" - }, - "Name": { - "markdownDescription": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the target group.", - "title": "Tags", - "type": "array" - }, - "Targets": { + "IPSetDescriptors": { "items": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Target" + "$ref": "#/definitions/AWS::WAFRegional::IPSet.IPSetDescriptor" }, - "markdownDescription": "Describes a target.", - "title": "Targets", + "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from.", + "title": "IPSetDescriptors", "type": "array" }, - "Type": { - "markdownDescription": "The type of target group.", - "title": "Type", + "Name": { + "markdownDescription": "A friendly name or description of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" - }, - "Type": { - "enum": [ - "AWS::VpcLattice::TargetGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::VpcLattice::TargetGroup.HealthCheckConfig": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether health checking is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5\u2013300 seconds. The default is 30 seconds.", - "title": "HealthCheckIntervalSeconds", - "type": "number" - }, - "HealthCheckTimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1\u2013120 seconds. The default is 5 seconds.", - "title": "HealthCheckTimeoutSeconds", - "type": "number" - }, - "HealthyThresholdCount": { - "markdownDescription": "The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2\u201310. The default is 5.", - "title": "HealthyThresholdCount", - "type": "number" - }, - "Matcher": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Matcher", - "markdownDescription": "The codes to use when checking for a successful response from a target.", - "title": "Matcher" - }, - "Path": { - "markdownDescription": "The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI.", - "title": "Path", - "type": "string" - }, - "Port": { - "markdownDescription": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` .", - "title": "Protocol", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` .", - "title": "ProtocolVersion", - "type": "string" - }, - "UnhealthyThresholdCount": { - "markdownDescription": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2\u201310. The default is 2.", - "title": "UnhealthyThresholdCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::VpcLattice::TargetGroup.Matcher": { - "additionalProperties": false, - "properties": { - "HttpCode": { - "markdownDescription": "The HTTP code to use when checking for a successful response from a target.", - "title": "HttpCode", - "type": "string" - } - }, - "required": [ - "HttpCode" - ], - "type": "object" - }, - "AWS::VpcLattice::TargetGroup.Target": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer.", - "title": "Id", + }, + "Type": { + "enum": [ + "AWS::WAFRegional::IPSet" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.", - "title": "Port", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Id" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::TargetGroup.TargetGroupConfig": { + "AWS::WAFRegional::IPSet.IPSetDescriptor": { "additionalProperties": false, "properties": { - "HealthCheck": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.HealthCheckConfig", - "markdownDescription": "The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` .", - "title": "HealthCheck" - }, - "IpAddressType": { - "markdownDescription": "The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` .", - "title": "IpAddressType", - "type": "string" - }, - "LambdaEventStructureVersion": { - "markdownDescription": "The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` .", - "title": "LambdaEventStructureVersion", - "type": "string" - }, - "Port": { - "markdownDescription": "The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` .", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` .", - "title": "Protocol", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` .", - "title": "ProtocolVersion", + "Type": { + "markdownDescription": "Specify `IPV4` or `IPV6` .", + "title": "Type", "type": "string" }, - "VpcIdentifier": { - "markdownDescription": "The ID of the VPC. Not supported if the target group type is `LAMBDA` .", - "title": "VpcIdentifier", + "Value": { + "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", + "title": "Value", "type": "string" } }, + "required": [ + "Type", + "Value" + ], "type": "object" }, - "AWS::WAF::ByteMatchSet": { + "AWS::WAFRegional::RateBasedRule": { "additionalProperties": false, "properties": { "Condition": { @@ -265652,28 +316930,46 @@ "Properties": { "additionalProperties": false, "properties": { - "ByteMatchTuples": { + "MatchPredicates": { "items": { - "$ref": "#/definitions/AWS::WAF::ByteMatchSet.ByteMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::RateBasedRule.Predicate" }, - "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", - "title": "ByteMatchTuples", + "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet>` object that you want to include in a `RateBasedRule` .", + "title": "MatchPredicates", "type": "array" }, + "MetricName": { + "markdownDescription": "A name for the metrics for a `RateBasedRule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change the name of the metric after you create the `RateBasedRule` .", + "title": "MetricName", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "markdownDescription": "A friendly name or description for a `RateBasedRule` . You can't change the name of a `RateBasedRule` after you create it.", "title": "Name", "type": "string" + }, + "RateKey": { + "markdownDescription": "The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. The only valid value for `RateKey` is `IP` . `IP` indicates that requests arriving from the same IP address are subject to the `RateLimit` that is specified in the `RateBasedRule` .", + "title": "RateKey", + "type": "string" + }, + "RateLimit": { + "markdownDescription": "The maximum number of requests, which have an identical value in the field specified by the `RateKey` , allowed in a five-minute period. If the number of requests exceeds the `RateLimit` and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.", + "title": "RateLimit", + "type": "number" } }, "required": [ - "Name" + "MetricName", + "Name", + "RateKey", + "RateLimit" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::ByteMatchSet" + "AWS::WAFRegional::RateBasedRule" ], "type": "string" }, @@ -265692,62 +316988,33 @@ ], "type": "object" }, - "AWS::WAF::ByteMatchSet.ByteMatchTuple": { + "AWS::WAFRegional::RateBasedRule.Predicate": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::ByteMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", - "title": "FieldToMatch" - }, - "PositionalConstraint": { - "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", - "type": "string" - }, - "TargetString": { - "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", - "title": "TargetString", - "type": "string" - }, - "TargetStringBase64": { - "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", - "title": "TargetStringBase64", + "DataId": { + "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", + "title": "DataId", "type": "string" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", - "type": "string" - } - }, - "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformation" - ], - "type": "object" - }, - "AWS::WAF::ByteMatchSet.FieldToMatch": { - "additionalProperties": false, - "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" + "Negated": { + "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` >. For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", + "title": "Negated", + "type": "boolean" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", "title": "Type", "type": "string" } }, "required": [ + "DataId", + "Negated", "Type" ], "type": "object" }, - "AWS::WAF::IPSet": { + "AWS::WAFRegional::RegexPatternSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265782,28 +317049,29 @@ "Properties": { "additionalProperties": false, "properties": { - "IPSetDescriptors": { - "items": { - "$ref": "#/definitions/AWS::WAF::IPSet.IPSetDescriptor" - }, - "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from. If the `WebACL` is associated with an Amazon CloudFront distribution and the viewer did not use an HTTP proxy or a load balancer to send the request, this is the value of the c-ip field in the CloudFront access logs.", - "title": "IPSetDescriptors", - "type": "array" - }, "Name": { - "markdownDescription": "The name of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "markdownDescription": "A friendly name or description of the `RegexPatternSet` . You can't change `Name` after you create a `RegexPatternSet` .", "title": "Name", "type": "string" + }, + "RegexPatternStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t` .", + "title": "RegexPatternStrings", + "type": "array" } }, "required": [ - "Name" + "Name", + "RegexPatternStrings" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::IPSet" + "AWS::WAFRegional::RegexPatternSet" ], "type": "string" }, @@ -265822,27 +317090,7 @@ ], "type": "object" }, - "AWS::WAF::IPSet.IPSetDescriptor": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Specify `IPV4` or `IPV6` .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::WAF::Rule": { + "AWS::WAFRegional::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -265878,7 +317126,7 @@ "additionalProperties": false, "properties": { "MetricName": { - "markdownDescription": "The name of the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", + "markdownDescription": "A name for the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", "title": "MetricName", "type": "string" }, @@ -265889,7 +317137,7 @@ }, "Predicates": { "items": { - "$ref": "#/definitions/AWS::WAF::Rule.Predicate" + "$ref": "#/definitions/AWS::WAFRegional::Rule.Predicate" }, "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", "title": "Predicates", @@ -265904,7 +317152,7 @@ }, "Type": { "enum": [ - "AWS::WAF::Rule" + "AWS::WAFRegional::Rule" ], "type": "string" }, @@ -265923,7 +317171,7 @@ ], "type": "object" }, - "AWS::WAF::Rule.Predicate": { + "AWS::WAFRegional::Rule.Predicate": { "additionalProperties": false, "properties": { "DataId": { @@ -265949,7 +317197,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet": { + "AWS::WAFRegional::SizeConstraintSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265991,7 +317239,7 @@ }, "SizeConstraints": { "items": { - "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.SizeConstraint" + "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.SizeConstraint" }, "markdownDescription": "The size constraint and the part of the web request to check.", "title": "SizeConstraints", @@ -265999,14 +317247,13 @@ } }, "required": [ - "Name", - "SizeConstraints" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::SizeConstraintSet" + "AWS::WAFRegional::SizeConstraintSet" ], "type": "string" }, @@ -266025,7 +317272,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet.FieldToMatch": { + "AWS::WAFRegional::SizeConstraintSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266034,7 +317281,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266044,7 +317291,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet.SizeConstraint": { + "AWS::WAFRegional::SizeConstraintSet.SizeConstraint": { "additionalProperties": false, "properties": { "ComparisonOperator": { @@ -266053,8 +317300,8 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "Size": { @@ -266063,7 +317310,7 @@ "type": "number" }, "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because Amazon CloudFront forwards only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting a request for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because the API Gateway API or Application Load Balancer forward only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", "title": "TextTransformation", "type": "string" } @@ -266076,7 +317323,7 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet": { + "AWS::WAFRegional::SqlInjectionMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266118,7 +317365,7 @@ }, "SqlInjectionMatchTuples": { "items": { - "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", "title": "SqlInjectionMatchTuples", @@ -266132,7 +317379,7 @@ }, "Type": { "enum": [ - "AWS::WAF::SqlInjectionMatchSet" + "AWS::WAFRegional::SqlInjectionMatchSet" ], "type": "string" }, @@ -266151,7 +317398,7 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet.FieldToMatch": { + "AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266160,7 +317407,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266170,12 +317417,12 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple": { + "AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { @@ -266190,7 +317437,7 @@ ], "type": "object" }, - "AWS::WAF::WebACL": { + "AWS::WAFRegional::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -266226,12 +317473,12 @@ "additionalProperties": false, "properties": { "DefaultAction": { - "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", "title": "DefaultAction" }, "MetricName": { - "markdownDescription": "The name of the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", + "markdownDescription": "A name for the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", "title": "MetricName", "type": "string" }, @@ -266242,7 +317489,7 @@ }, "Rules": { "items": { - "$ref": "#/definitions/AWS::WAF::WebACL.ActivatedRule" + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Rule" }, "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", "title": "Rules", @@ -266258,7 +317505,7 @@ }, "Type": { "enum": [ - "AWS::WAF::WebACL" + "AWS::WAFRegional::WebACL" ], "type": "string" }, @@ -266277,46 +317524,120 @@ ], "type": "object" }, - "AWS::WAF::WebACL.ActivatedRule": { + "AWS::WAFRegional::WebACL.Action": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "For actions that are associated with a rule, the action that AWS WAF takes when a web request matches all conditions in a rule.\n\nFor the default action of a web access control list (ACL), the action that AWS WAF takes when a web request doesn't match all conditions in any rule.\n\nValid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a WebACL.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAFRegional::WebACL.Rule": { "additionalProperties": false, "properties": { "Action": { - "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", - "markdownDescription": "Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the `Rule` . Valid values for `Action` include the following:\n\n- `ALLOW` : CloudFront responds with the requested object.\n- `BLOCK` : CloudFront responds with an HTTP 403 (Forbidden) status code.\n- `COUNT` : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.\n\n`ActivatedRule|OverrideAction` applies only when updating or adding a `RuleGroup` to a `WebACL` . In this case, you do not use `ActivatedRule|Action` . For all other update requests, `ActivatedRule|Action` is used instead of `ActivatedRule|OverrideAction` .", + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", + "markdownDescription": "The action that AWS WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.", "title": "Action" }, "Priority": { - "markdownDescription": "Specifies the order in which the `Rules` in a `WebACL` are evaluated. Rules with a lower value for `Priority` are evaluated before `Rules` with a higher value. The value must be a unique integer. If you add multiple `Rules` to a `WebACL` , the values don't need to be consecutive.", + "markdownDescription": "The order in which AWS WAF evaluates the rules in a web ACL. AWS WAF evaluates rules with a lower value before rules with a higher value. The value must be a unique integer. If you have multiple rules in a web ACL, the priority numbers do not need to be consecutive.", "title": "Priority", "type": "number" }, "RuleId": { - "markdownDescription": "The `RuleId` for a `Rule` . You use `RuleId` to get more information about a `Rule` , update a `Rule` , insert a `Rule` into a `WebACL` or delete a one from a `WebACL` , or delete a `Rule` from AWS WAF .\n\n`RuleId` is returned by `CreateRule` and by `ListRules` .", + "markdownDescription": "The ID of an AWS WAF Regional rule to associate with a web ACL.", "title": "RuleId", "type": "string" } }, "required": [ + "Action", "Priority", "RuleId" ], "type": "object" }, - "AWS::WAF::WebACL.WafAction": { + "AWS::WAFRegional::WebACLAssociation": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to protect with the web ACL.", + "title": "ResourceArn", + "type": "string" + }, + "WebACLId": { + "markdownDescription": "A unique identifier (ID) for the web ACL.", + "title": "WebACLId", + "type": "string" + } + }, + "required": [ + "ResourceArn", + "WebACLId" + ], + "type": "object" + }, "Type": { - "markdownDescription": "Specifies how you want AWS WAF to respond to requests that match the settings in a `Rule` . Valid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a `WebACL` .", - "title": "Type", + "enum": [ + "AWS::WAFRegional::WebACLAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAF::XssMatchSet": { + "AWS::WAFRegional::XssMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266358,7 +317679,7 @@ }, "XssMatchTuples": { "items": { - "$ref": "#/definitions/AWS::WAF::XssMatchSet.XssMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.XssMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", "title": "XssMatchTuples", @@ -266366,14 +317687,13 @@ } }, "required": [ - "Name", - "XssMatchTuples" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::XssMatchSet" + "AWS::WAFRegional::XssMatchSet" ], "type": "string" }, @@ -266392,7 +317712,7 @@ ], "type": "object" }, - "AWS::WAF::XssMatchSet.FieldToMatch": { + "AWS::WAFRegional::XssMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266401,7 +317721,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266411,12 +317731,12 @@ ], "type": "object" }, - "AWS::WAF::XssMatchSet.XssMatchTuple": { + "AWS::WAFRegional::XssMatchSet.XssMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::XssMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specified header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { @@ -266431,7 +317751,7 @@ ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet": { + "AWS::WAFv2::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266466,28 +317786,53 @@ "Properties": { "additionalProperties": false, "properties": { - "ByteMatchTuples": { + "Addresses": { "items": { - "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.ByteMatchTuple" + "type": "string" }, - "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", - "title": "ByteMatchTuples", + "markdownDescription": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want AWS WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all IPv4 and IPv6 CIDR ranges except for `/0` .\n\nExample address strings:\n\n- For requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nExample JSON `Addresses` specifications:\n\n- Empty array: `\"Addresses\": []`\n- Array with one address: `\"Addresses\": [\"192.0.2.44/32\"]`\n- Array with three addresses: `\"Addresses\": [\"192.0.2.44/32\", \"192.0.2.0/24\", \"192.0.0.0/16\"]`\n- INVALID specification: `\"Addresses\": [\"\"]` INVALID", + "title": "Addresses", "type": "array" }, + "Description": { + "markdownDescription": "A description of the IP set that helps with identification.", + "title": "Description", + "type": "string" + }, + "IPAddressVersion": { + "markdownDescription": "The version of the IP addresses, either `IPV4` or `IPV6` .", + "title": "IPAddressVersion", + "type": "string" + }, "Name": { - "markdownDescription": "A friendly name or description of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "markdownDescription": "The name of the IP set. You cannot change the name of an `IPSet` after you create it.", "title": "Name", "type": "string" + }, + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "Addresses", + "IPAddressVersion", + "Scope" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFRegional::ByteMatchSet" + "AWS::WAFv2::IPSet" ], "type": "string" }, @@ -266506,62 +317851,232 @@ ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { + "AWS::WAFv2::LoggingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" + "Condition": { + "type": "string" }, - "PositionalConstraint": { - "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TargetString": { - "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request.\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", - "title": "TargetString", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LogDestinationConfigs": { + "items": { + "type": "string" + }, + "markdownDescription": "The logging destination configuration that you want to associate with the web ACL.\n\n> You can associate one logging destination to a web ACL.", + "title": "LogDestinationConfigs", + "type": "array" + }, + "LoggingFilter": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LoggingFilter", + "markdownDescription": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", + "title": "LoggingFilter" + }, + "RedactedFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.FieldToMatch" + }, + "markdownDescription": "The parts of the request that you want to keep out of the logs.\n\nFor example, if you redact the `SingleHeader` field, the `HEADER` field in the logs will be `REDACTED` for all rules that use the `SingleHeader` `FieldToMatch` setting.\n\nIf you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs.\n\nRedaction applies only to the component that's specified in the rule's `FieldToMatch` setting, so the `SingleHeader` redaction doesn't apply to rules that use the `Headers` `FieldToMatch` .\n\n> You can specify only the following fields for redaction: `UriPath` , `QueryString` , `SingleHeader` , and `Method` . > This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", + "title": "RedactedFields", + "type": "array" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with `LogDestinationConfigs` .", + "title": "ResourceArn", + "type": "string" + } + }, + "required": [ + "LogDestinationConfigs", + "ResourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WAFv2::LoggingConfiguration" + ], "type": "string" }, - "TargetStringBase64": { - "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", - "title": "TargetStringBase64", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.ActionCondition": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action setting that a log record must contain in order to meet the condition. This is the action that AWS WAF applied to the web request.\n\nFor rule groups, this is either the configured rule action setting, or if you've applied a rule action override to the rule, it's the override action. The value `EXCLUDED_AS_COUNT` matches on excluded rules and also on rules that have a rule action override of Count.", + "title": "Action", + "type": "string" + } + }, + "required": [ + "Action" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.Condition": { + "additionalProperties": false, + "properties": { + "ActionCondition": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.ActionCondition", + "markdownDescription": "A single action condition. This is the action setting that a log record must contain in order to meet the condition.", + "title": "ActionCondition" + }, + "LabelNameCondition": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LabelNameCondition", + "markdownDescription": "A single label name condition. This is the fully qualified label name that a log record must contain in order to meet the condition. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", + "title": "LabelNameCondition" + } + }, + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Method": { + "markdownDescription": "Redact the indicated HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", + "title": "Method", + "type": "object" + }, + "QueryString": { + "markdownDescription": "Redact the query string. This is the part of a URL that appears after a `?` character, if any.", + "title": "QueryString", + "type": "object" + }, + "SingleHeader": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.SingleHeader", + "markdownDescription": "Redact a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`", + "title": "SingleHeader" + }, + "UriPath": { + "markdownDescription": "Redact the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", + "title": "UriPath", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.Filter": { + "additionalProperties": false, + "properties": { + "Behavior": { + "markdownDescription": "How to handle logs that satisfy the filter's conditions and requirement.", + "title": "Behavior", "type": "string" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Condition" + }, + "markdownDescription": "Match conditions for the filter.", + "title": "Conditions", + "type": "array" + }, + "Requirement": { + "markdownDescription": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", + "title": "Requirement", "type": "string" } }, "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformation" + "Behavior", + "Conditions", + "Requirement" ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet.FieldToMatch": { + "AWS::WAFv2::LoggingConfiguration.LabelNameCondition": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", + "LabelName": { + "markdownDescription": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", + "title": "LabelName", + "type": "string" + } + }, + "required": [ + "LabelName" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.LoggingFilter": { + "additionalProperties": false, + "properties": { + "DefaultBehavior": { + "markdownDescription": "Default handling for logs that don't match any of the specified filtering conditions.", + "title": "DefaultBehavior", "type": "string" }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", + "Filters": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Filter" + }, + "markdownDescription": "The filters that you want to apply to the logs.", + "title": "Filters", + "type": "array" + } + }, + "required": [ + "DefaultBehavior", + "Filters" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the query header to inspect.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" }, - "AWS::WAFRegional::GeoMatchSet": { + "AWS::WAFv2::RegexPatternSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266596,28 +318111,47 @@ "Properties": { "additionalProperties": false, "properties": { - "GeoMatchConstraints": { + "Description": { + "markdownDescription": "A description of the set that helps with identification.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the set. You cannot change the name after you create the set.", + "title": "Name", + "type": "string" + }, + "RegularExpressionList": { "items": { - "$ref": "#/definitions/AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint" + "type": "string" }, - "markdownDescription": "An array of `GeoMatchConstraint` objects, which contain the country that you want AWS WAF to search for.", - "title": "GeoMatchConstraints", + "markdownDescription": "The regular expression patterns in the set.", + "title": "RegularExpressionList", "type": "array" }, - "Name": { - "markdownDescription": "A friendly name or description of the `GeoMatchSet` . You can't change the name of an `GeoMatchSet` after you create it.", - "title": "Name", + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "RegularExpressionList", + "Scope" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFRegional::GeoMatchSet" + "AWS::WAFv2::RegexPatternSet" ], "type": "string" }, @@ -266636,27 +318170,7 @@ ], "type": "object" }, - "AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of geographical area you want AWS WAF to search for. Currently `Country` is the only valid value.", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The country that you want AWS WAF to search for.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::WAFRegional::IPSet": { + "AWS::WAFv2::RuleGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -266691,28 +318205,85 @@ "Properties": { "additionalProperties": false, "properties": { - "IPSetDescriptors": { + "AvailableLabels": { "items": { - "$ref": "#/definitions/AWS::WAFRegional::IPSet.IPSetDescriptor" + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" }, - "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from.", - "title": "IPSetDescriptors", + "markdownDescription": "The labels that one or more rules in this rule group add to matching web requests. These labels are defined in the `RuleLabels` for a `Rule` .", + "title": "AvailableLabels", + "type": "array" + }, + "Capacity": { + "markdownDescription": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.", + "title": "Capacity", + "type": "number" + }, + "ConsumedLabels": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" + }, + "markdownDescription": "The labels that one or more rules in this rule group match against in label match statements. These labels are defined in a `LabelMatchStatement` specification, in the `Statement` definition of a rule.", + "title": "ConsumedLabels", "type": "array" }, + "CustomResponseBodies": { + "additionalProperties": false, + "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponseBody" + } + }, + "title": "CustomResponseBodies", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the rule group that helps with identification.", + "title": "Description", + "type": "string" + }, "Name": { - "markdownDescription": "A friendly name or description of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "markdownDescription": "The name of the rule group. You cannot change the name of a rule group after you create it.", "title": "Name", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Rule" + }, + "markdownDescription": "The rule statements used to identify the web requests that you want to allow, block, or count. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", + "title": "Rules", + "type": "array" + }, + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" + }, + "VisibilityConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", + "title": "VisibilityConfig" } }, "required": [ - "Name" + "Capacity", + "Scope", + "VisibilityConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFRegional::IPSet" + "AWS::WAFv2::RuleGroup" ], "type": "string" }, @@ -266726,1307 +318297,1332 @@ } }, "required": [ - "Type", - "Properties" + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AllowAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AndStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + }, + "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", + "title": "Statements", + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AsnMatchStatement": { + "additionalProperties": false, + "properties": { + "AsnList": { + "items": { + "type": "number" + }, + "markdownDescription": "Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies.", + "title": "AsnList", + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.", + "title": "ForwardedIPConfig" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.BlockAction": { + "additionalProperties": false, + "properties": { + "CustomResponse": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponse", + "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomResponse" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Body": { + "additionalProperties": false, + "properties": { + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", + "title": "OversizeHandling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ByteMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" + }, + "PositionalConstraint": { + "markdownDescription": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", + "type": "string" + }, + "SearchString": { + "markdownDescription": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", + "title": "SearchString", + "type": "string" + }, + "SearchStringBase64": { + "markdownDescription": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", + "title": "SearchStringBase64", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CaptchaAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CaptchaConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", + "title": "ImmunityTimeProperty" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ChallengeAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ChallengeConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", + "title": "ImmunityTimeProperty" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CookieMatchPattern": { + "additionalProperties": false, + "properties": { + "All": { + "markdownDescription": "Inspect all cookies.", + "title": "All", + "type": "object" + }, + "ExcludedCookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the cookies whose keys don't match any of the strings specified here.", + "title": "ExcludedCookies", + "type": "array" + }, + "IncludedCookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the cookies that have a key that matches one of the strings specified here.", + "title": "IncludedCookies", + "type": "array" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Cookies": { + "additionalProperties": false, + "properties": { + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CookieMatchPattern", + "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", + "title": "MatchPattern" + }, + "MatchScope": { + "markdownDescription": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", + "type": "string" + }, + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "OversizeHandling", + "type": "string" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CountAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomHTTPHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` .", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the custom header.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomRequestHandling": { + "additionalProperties": false, + "properties": { + "InsertHeaders": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + }, + "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "InsertHeaders", + "type": "array" + } + }, + "required": [ + "InsertHeaders" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomResponse": { + "additionalProperties": false, + "properties": { + "CustomResponseBodyKey": { + "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", + "title": "CustomResponseBodyKey", + "type": "string" + }, + "ResponseCode": { + "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseCode", + "type": "number" + }, + "ResponseHeaders": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + }, + "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseHeaders", + "type": "array" + } + }, + "required": [ + "ResponseCode" ], "type": "object" }, - "AWS::WAFRegional::IPSet.IPSetDescriptor": { + "AWS::WAFv2::RuleGroup.CustomResponseBody": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Specify `IPV4` or `IPV6` .", - "title": "Type", + "Content": { + "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "Content", "type": "string" }, - "Value": { - "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", - "title": "Value", + "ContentType": { + "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", + "title": "ContentType", "type": "string" } }, "required": [ - "Type", - "Value" + "Content", + "ContentType" ], "type": "object" }, - "AWS::WAFRegional::RateBasedRule": { + "AWS::WAFv2::RuleGroup.FieldToMatch": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AllQueryArguments": { + "markdownDescription": "Inspect all query arguments.", + "title": "AllQueryArguments", + "type": "object" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Body": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Body", + "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", + "title": "Body" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Cookies": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Cookies", + "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "Cookies" }, - "Metadata": { + "Headers": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Headers", + "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", + "title": "Headers" + }, + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA3Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA3Fingerprint" + }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA4Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA4 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA4 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA4Fingerprint" + }, + "JsonBody": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonBody", + "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", + "title": "JsonBody" + }, + "Method": { + "markdownDescription": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", + "title": "Method", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MatchPredicates": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::RateBasedRule.Predicate" - }, - "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet>` object that you want to include in a `RateBasedRule` .", - "title": "MatchPredicates", - "type": "array" - }, - "MetricName": { - "markdownDescription": "A name for the metrics for a `RateBasedRule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change the name of the metric after you create the `RateBasedRule` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "A friendly name or description for a `RateBasedRule` . You can't change the name of a `RateBasedRule` after you create it.", - "title": "Name", - "type": "string" - }, - "RateKey": { - "markdownDescription": "The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. The only valid value for `RateKey` is `IP` . `IP` indicates that requests arriving from the same IP address are subject to the `RateLimit` that is specified in the `RateBasedRule` .", - "title": "RateKey", - "type": "string" - }, - "RateLimit": { - "markdownDescription": "The maximum number of requests, which have an identical value in the field specified by the `RateKey` , allowed in a five-minute period. If the number of requests exceeds the `RateLimit` and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.", - "title": "RateLimit", - "type": "number" - } - }, - "required": [ - "MetricName", - "Name", - "RateKey", - "RateLimit" - ], + "QueryString": { + "markdownDescription": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.", + "title": "QueryString", "type": "object" }, - "Type": { - "enum": [ - "AWS::WAFRegional::RateBasedRule" - ], - "type": "string" + "SingleHeader": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleHeader", + "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", + "title": "SingleHeader" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SingleQueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleQueryArgument", + "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", + "title": "SingleQueryArgument" + }, + "UriFragment": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.UriFragment", + "markdownDescription": "Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "UriFragment" + }, + "UriPath": { + "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", + "title": "UriPath", + "type": "object" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::WAFRegional::RateBasedRule.Predicate": { + "AWS::WAFv2::RuleGroup.ForwardedIPConfiguration": { "additionalProperties": false, "properties": { - "DataId": { - "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", - "title": "DataId", + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" }, - "Negated": { - "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` >. For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", - "title": "Negated", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", - "title": "Type", + "HeaderName": { + "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "HeaderName", "type": "string" } }, "required": [ - "DataId", - "Negated", - "Type" + "FallbackBehavior", + "HeaderName" ], "type": "object" }, - "AWS::WAFRegional::RegexPatternSet": { + "AWS::WAFv2::RuleGroup.GeoMatchStatement": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CountryCodes": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.", + "title": "CountryCodes", + "type": "array" }, - "Metadata": { + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "ForwardedIPConfig" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.HeaderMatchPattern": { + "additionalProperties": false, + "properties": { + "All": { + "markdownDescription": "Inspect all headers.", + "title": "All", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A friendly name or description of the `RegexPatternSet` . You can't change `Name` after you create a `RegexPatternSet` .", - "title": "Name", - "type": "string" - }, - "RegexPatternStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t` .", - "title": "RegexPatternStrings", - "type": "array" - } + "ExcludedHeaders": { + "items": { + "type": "string" }, - "required": [ - "Name", - "RegexPatternStrings" - ], - "type": "object" + "markdownDescription": "Inspect only the headers whose keys don't match any of the strings specified here.", + "title": "ExcludedHeaders", + "type": "array" }, - "Type": { - "enum": [ - "AWS::WAFRegional::RegexPatternSet" - ], + "IncludedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the headers that have a key that matches one of the strings specified here.", + "title": "IncludedHeaders", + "type": "array" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Headers": { + "additionalProperties": false, + "properties": { + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.HeaderMatchPattern", + "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", + "title": "MatchPattern" + }, + "MatchScope": { + "markdownDescription": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "OversizeHandling", "type": "string" } }, "required": [ - "Type", - "Properties" + "MatchPattern", + "MatchScope", + "OversizeHandling" ], "type": "object" }, - "AWS::WAFRegional::Rule": { + "AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "MetricName": { - "markdownDescription": "A name for the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "The friendly name or description for the `Rule` . You can't change the name of a `Rule` after you create it.", - "title": "Name", - "type": "string" - }, - "Predicates": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::Rule.Predicate" - }, - "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", - "title": "Predicates", - "type": "array" - } - }, - "required": [ - "MetricName", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::Rule" - ], + "HeaderName": { + "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "HeaderName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Position": { + "markdownDescription": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10.", + "title": "Position", "type": "string" } }, "required": [ - "Type", - "Properties" + "FallbackBehavior", + "HeaderName", + "Position" ], "type": "object" }, - "AWS::WAFRegional::Rule.Predicate": { + "AWS::WAFv2::RuleGroup.IPSetReferenceStatement": { "additionalProperties": false, "properties": { - "DataId": { - "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", - "title": "DataId", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references.", + "title": "Arn", "type": "string" }, - "Negated": { - "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", - "title": "Negated", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", - "title": "Type", - "type": "string" + "IPSetForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "IPSetForwardedIPConfig" } }, "required": [ - "DataId", - "Negated", - "Type" + "Arn" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet": { + "AWS::WAFv2::RuleGroup.ImmunityTimeProperty": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `SizeConstraintSet` .", - "title": "Name", - "type": "string" - }, - "SizeConstraints": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.SizeConstraint" - }, - "markdownDescription": "The size constraint and the part of the web request to check.", - "title": "SizeConstraints", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::SizeConstraintSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ImmunityTime": { + "markdownDescription": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300.", + "title": "ImmunityTime", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ImmunityTime" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.JA3Fingerprint": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" - }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "Type" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet.SizeConstraint": { + "AWS::WAFv2::RuleGroup.JA4Fingerprint": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The type of comparison you want AWS WAF to perform. AWS WAF uses this in combination with the provided `Size` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\n*EQ* : Used to test if the `Size` is equal to the size of the `FieldToMatch`\n\n*NE* : Used to test if the `Size` is not equal to the size of the `FieldToMatch`\n\n*LE* : Used to test if the `Size` is less than or equal to the size of the `FieldToMatch`\n\n*LT* : Used to test if the `Size` is strictly less than the size of the `FieldToMatch`\n\n*GE* : Used to test if the `Size` is greater than or equal to the size of the `FieldToMatch`\n\n*GT* : Used to test if the `Size` is strictly greater than the size of the `FieldToMatch`", - "title": "ComparisonOperator", - "type": "string" - }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" - }, - "Size": { - "markdownDescription": "The size in bytes that you want AWS WAF to compare against the size of the specified `FieldToMatch` . AWS WAF uses this in combination with `ComparisonOperator` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\nValid values for size are 0 - 21474836480 bytes (0 - 20 GB).\n\nIf you specify `URI` for the value of `Type` , the / in the URI path that you specify counts as one character. For example, the URI `/logo.jpg` is nine characters long.", - "title": "Size", - "type": "number" - }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting a request for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because the API Gateway API or Application Load Balancer forward only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", - "title": "TextTransformation", + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "ComparisonOperator", - "FieldToMatch", - "Size", - "TextTransformation" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet": { + "AWS::WAFv2::RuleGroup.JsonBody": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InvalidFallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "InvalidFallbackBehavior", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `SqlInjectionMatchSet` .", - "title": "Name", - "type": "string" - }, - "SqlInjectionMatchTuples": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple" - }, - "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", - "title": "SqlInjectionMatchTuples", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonMatchPattern", + "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", + "title": "MatchPattern" }, - "Type": { - "enum": [ - "AWS::WAFRegional::SqlInjectionMatchSet" - ], + "MatchScope": { + "markdownDescription": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", + "title": "OversizeHandling", "type": "string" } }, "required": [ - "Type", - "Properties" + "MatchPattern", + "MatchScope" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.JsonMatchPattern": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" + "All": { + "markdownDescription": "Match all of the elements. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nYou must specify either this setting or the `IncludedPaths` setting, but not both.", + "title": "All", + "type": "object" }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", + "IncludedPaths": { + "items": { + "type": "string" + }, + "markdownDescription": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n> Don't use this option to include all paths. Instead, use the `All` setting.", + "title": "IncludedPaths", + "type": "array" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Label": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The label string.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple": { + "AWS::WAFv2::RuleGroup.LabelMatchStatement": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" + "Key": { + "markdownDescription": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` .", + "title": "Key", + "type": "string" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "Scope": { + "markdownDescription": "Specify whether you want to match using the label name or just the namespace.", + "title": "Scope", "type": "string" } }, "required": [ - "FieldToMatch", - "TextTransformation" + "Key", + "Scope" ], "type": "object" }, - "AWS::WAFRegional::WebACL": { + "AWS::WAFv2::RuleGroup.LabelSummary": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultAction": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", - "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", - "title": "DefaultAction" - }, - "MetricName": { - "markdownDescription": "A name for the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "A friendly name or description of the `WebACL` . You can't change the name of a `WebACL` after you create it.", - "title": "Name", - "type": "string" - }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Rule" - }, - "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "DefaultAction", - "MetricName", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::WebACL" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "An individual label specification.", + "title": "Name", "type": "string" } }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.NotStatement": { + "additionalProperties": false, + "properties": { + "Statement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "The statement to negate. You can use any statement that can be nested.", + "title": "Statement" + } + }, "required": [ - "Type", - "Properties" + "Statement" ], "type": "object" }, - "AWS::WAFRegional::WebACL.Action": { + "AWS::WAFv2::RuleGroup.OrStatement": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "For actions that are associated with a rule, the action that AWS WAF takes when a web request matches all conditions in a rule.\n\nFor the default action of a web access control list (ACL), the action that AWS WAF takes when a web request doesn't match all conditions in any rule.\n\nValid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a WebACL.", - "title": "Type", - "type": "string" + "Statements": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + }, + "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", + "title": "Statements", + "type": "array" } }, "required": [ - "Type" + "Statements" ], "type": "object" }, - "AWS::WAFRegional::WebACL.Rule": { + "AWS::WAFv2::RuleGroup.RateBasedStatement": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", - "markdownDescription": "The action that AWS WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.", - "title": "Action" + "AggregateKeyType": { + "markdownDescription": "Setting that indicates how to aggregate the request counts.\n\n> Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` .", + "title": "AggregateKeyType", + "type": "string" }, - "Priority": { - "markdownDescription": "The order in which AWS WAF evaluates the rules in a web ACL. AWS WAF evaluates rules with a lower value before rules with a higher value. The value must be a unique integer. If you have multiple rules in a web ACL, the priority numbers do not need to be consecutive.", - "title": "Priority", + "CustomKeys": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" + }, + "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", + "title": "CustomKeys", + "type": "array" + }, + "EvaluationWindowSec": { + "markdownDescription": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)", + "title": "EvaluationWindowSec", "type": "number" }, - "RuleId": { - "markdownDescription": "The ID of an AWS WAF Regional rule to associate with a web ACL.", - "title": "RuleId", - "type": "string" + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", + "title": "ForwardedIPConfig" + }, + "Limit": { + "markdownDescription": "The limit on requests during the specified evaluation window for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair.", + "title": "Limit", + "type": "number" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", + "title": "ScopeDownStatement" } }, "required": [ - "Action", - "Priority", - "RuleId" + "AggregateKeyType", + "Limit" ], "type": "object" }, - "AWS::WAFRegional::WebACLAssociation": { + "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ASN": { + "markdownDescription": "Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance.", + "title": "ASN", + "type": "object" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Cookie": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie", + "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", + "title": "Cookie" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ForwardedIP": { + "markdownDescription": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", + "title": "ForwardedIP", + "type": "object" }, - "Metadata": { + "HTTPMethod": { + "markdownDescription": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", + "title": "HTTPMethod", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to protect with the web ACL.", - "title": "ResourceArn", - "type": "string" - }, - "WebACLId": { - "markdownDescription": "A unique identifier (ID) for the web ACL.", - "title": "WebACLId", - "type": "string" - } - }, - "required": [ - "ResourceArn", - "WebACLId" - ], + "Header": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader", + "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", + "title": "Header" + }, + "IP": { + "markdownDescription": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` .", + "title": "IP", "type": "object" }, - "Type": { - "enum": [ - "AWS::WAFRegional::WebACLAssociation" - ], - "type": "string" + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitJA3Fingerprint", + "markdownDescription": "Use the request's JA3 fingerprint as an aggregate key. If you use a single JA3 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA3Fingerprint" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitJA4Fingerprint", + "markdownDescription": "Use the request's JA4 fingerprint as an aggregate key. If you use a single JA4 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA4Fingerprint" + }, + "LabelNamespace": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace", + "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", + "title": "LabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument", + "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", + "title": "QueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString", + "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", + "title": "QueryString" + }, + "UriPath": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath", + "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", + "title": "UriPath" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitCookie": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the cookie to use.", + "title": "Name", "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Name", + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet": { + "AWS::WAFv2::RuleGroup.RateLimitHeader": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the header to use.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `XssMatchSet` .", - "title": "Name", - "type": "string" - }, - "XssMatchTuples": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.XssMatchTuple" - }, - "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", - "title": "XssMatchTuples", - "type": "array" - } + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::XssMatchSet" - ], + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitJA3Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitJA4Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { + "additionalProperties": false, + "properties": { + "Namespace": { + "markdownDescription": "The namespace to use for aggregation.", + "title": "Namespace", "type": "string" } }, "required": [ - "Type", - "Properties" + "Namespace" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", + "Name": { + "markdownDescription": "The name of the query argument to use.", + "title": "Name", "type": "string" }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", - "type": "string" + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type" + "Name", + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet.XssMatchTuple": { + "AWS::WAFv2::RuleGroup.RateLimitQueryString": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitUriPath": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RegexMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "RegexString": { + "markdownDescription": "The string representing the regular expression.", + "title": "RegexString", "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ "FieldToMatch", - "TextTransformation" + "RegexString", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::IPSet": { + "AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references.", + "title": "Arn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Addresses": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want AWS WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all IPv4 and IPv6 CIDR ranges except for `/0` .\n\nExample address strings:\n\n- For requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nExample JSON `Addresses` specifications:\n\n- Empty array: `\"Addresses\": []`\n- Array with one address: `\"Addresses\": [\"192.0.2.44/32\"]`\n- Array with three addresses: `\"Addresses\": [\"192.0.2.44/32\", \"192.0.2.0/24\", \"192.0.0.0/16\"]`\n- INVALID specification: `\"Addresses\": [\"\"]` INVALID", - "title": "Addresses", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the IP set that helps with identification.", - "title": "Description", - "type": "string" - }, - "IPAddressVersion": { - "markdownDescription": "The version of the IP addresses, either `IPV4` or `IPV6` .", - "title": "IPAddressVersion", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the IP set. You cannot change the name of an `IPSet` after you create it.", - "title": "Name", - "type": "string" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", - "title": "Scope", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - } + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "required": [ - "Addresses", - "IPAddressVersion", - "Scope" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::IPSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Arn", + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration": { + "AWS::WAFv2::RuleGroup.Rule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RuleAction", + "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting.", + "title": "Action" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CaptchaConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaConfig", + "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", + "title": "CaptchaConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ChallengeConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeConfig", + "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", + "title": "ChallengeConfig" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name.", + "title": "Name", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogDestinationConfigs": { - "items": { - "type": "string" - }, - "markdownDescription": "The logging destination configuration that you want to associate with the web ACL.\n\n> You can associate one logging destination to a web ACL.", - "title": "LogDestinationConfigs", - "type": "array" - }, - "LoggingFilter": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LoggingFilter", - "markdownDescription": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", - "title": "LoggingFilter" - }, - "RedactedFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.FieldToMatch" - }, - "markdownDescription": "The parts of the request that you want to keep out of the logs.\n\nFor example, if you redact the `SingleHeader` field, the `HEADER` field in the logs will be `REDACTED` for all rules that use the `SingleHeader` `FieldToMatch` setting.\n\nIf you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs.\n\nRedaction applies only to the component that's specified in the rule's `FieldToMatch` setting, so the `SingleHeader` redaction doesn't apply to rules that use the `Headers` `FieldToMatch` .\n\n> You can specify only the following fields for redaction: `UriPath` , `QueryString` , `SingleHeader` , and `Method` . > This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", - "title": "RedactedFields", - "type": "array" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with `LogDestinationConfigs` .", - "title": "ResourceArn", - "type": "string" - } + "Priority": { + "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", + "title": "Priority", + "type": "number" + }, + "RuleLabels": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Label" }, - "required": [ - "LogDestinationConfigs", - "ResourceArn" - ], - "type": "object" + "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", + "title": "RuleLabels", + "type": "array" }, - "Type": { - "enum": [ - "AWS::WAFv2::LoggingConfiguration" - ], - "type": "string" + "Statement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", + "title": "Statement" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VisibilityConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", + "title": "VisibilityConfig" } }, "required": [ - "Type", - "Properties" + "Name", + "Priority", + "Statement", + "VisibilityConfig" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.ActionCondition": { + "AWS::WAFv2::RuleGroup.RuleAction": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action setting that a log record must contain in order to meet the condition. This is the action that AWS WAF applied to the web request.\n\nFor rule groups, this is either the configured rule action setting, or if you've applied a rule action override to the rule, it's the override action. The value `EXCLUDED_AS_COUNT` matches on excluded rules and also on rules that have a rule action override of Count.", - "title": "Action", + "Allow": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AllowAction", + "markdownDescription": "Instructs AWS WAF to allow the web request.", + "title": "Allow" + }, + "Block": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.BlockAction", + "markdownDescription": "Instructs AWS WAF to block the web request.", + "title": "Block" + }, + "Captcha": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaAction", + "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", + "title": "Captcha" + }, + "Challenge": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeAction", + "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", + "title": "Challenge" + }, + "Count": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CountAction", + "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", + "title": "Count" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the query header to inspect.", + "title": "Name", "type": "string" } }, "required": [ - "Action" + "Name" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.Condition": { + "AWS::WAFv2::RuleGroup.SingleQueryArgument": { "additionalProperties": false, "properties": { - "ActionCondition": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.ActionCondition", - "markdownDescription": "A single action condition. This is the action setting that a log record must contain in order to meet the condition.", - "title": "ActionCondition" - }, - "LabelNameCondition": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LabelNameCondition", - "markdownDescription": "A single label name condition. This is the fully qualified label name that a log record must contain in order to meet the condition. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", - "title": "LabelNameCondition" + "Name": { + "markdownDescription": "The name of the query argument to inspect.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.FieldToMatch": { + "AWS::WAFv2::RuleGroup.SizeConstraintStatement": { "additionalProperties": false, "properties": { - "Method": { - "markdownDescription": "Redact the indicated HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", - "title": "Method", - "type": "object" + "ComparisonOperator": { + "markdownDescription": "The operator to use to compare the request part to the size setting.", + "title": "ComparisonOperator", + "type": "string" }, - "QueryString": { - "markdownDescription": "Redact the query string. This is the part of a URL that appears after a `?` character, if any.", - "title": "QueryString", - "type": "object" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.SingleHeader", - "markdownDescription": "Redact a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`", - "title": "SingleHeader" + "Size": { + "markdownDescription": "The size, in byte, to compare to the request part, after any transformations.", + "title": "Size", + "type": "number" }, - "UriPath": { - "markdownDescription": "Redact the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", - "title": "UriPath", - "type": "object" + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, + "required": [ + "ComparisonOperator", + "FieldToMatch", + "Size", + "TextTransformations" + ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.Filter": { + "AWS::WAFv2::RuleGroup.SqliMatchStatement": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "How to handle logs that satisfy the filter's conditions and requirement.", - "title": "Behavior", + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" + }, + "SensitivityLevel": { + "markdownDescription": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`", + "title": "SensitivityLevel", "type": "string" }, - "Conditions": { + "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Condition" + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "markdownDescription": "Match conditions for the filter.", - "title": "Conditions", + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", "type": "array" - }, - "Requirement": { - "markdownDescription": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", - "title": "Requirement", - "type": "string" } }, "required": [ - "Behavior", - "Conditions", - "Requirement" + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.LabelNameCondition": { + "AWS::WAFv2::RuleGroup.Statement": { "additionalProperties": false, "properties": { - "LabelName": { - "markdownDescription": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", - "title": "LabelName", - "type": "string" + "AndStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AndStatement", + "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", + "title": "AndStatement" + }, + "AsnMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AsnMatchStatement", + "markdownDescription": "A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.\n\nFor additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "AsnMatchStatement" + }, + "ByteMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ByteMatchStatement", + "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", + "title": "ByteMatchStatement" + }, + "GeoMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.GeoMatchStatement", + "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "GeoMatchStatement" + }, + "IPSetReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetReferenceStatement", + "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", + "title": "IPSetReferenceStatement" + }, + "LabelMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelMatchStatement", + "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", + "title": "LabelMatchStatement" + }, + "NotStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.NotStatement", + "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", + "title": "NotStatement" + }, + "OrStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.OrStatement", + "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", + "title": "OrStatement" + }, + "RateBasedStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatement", + "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", + "title": "RateBasedStatement" + }, + "RegexMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexMatchStatement", + "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", + "title": "RegexMatchStatement" + }, + "RegexPatternSetReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement", + "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", + "title": "RegexPatternSetReferenceStatement" + }, + "SizeConstraintStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SizeConstraintStatement", + "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", + "title": "SizeConstraintStatement" + }, + "SqliMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SqliMatchStatement", + "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", + "title": "SqliMatchStatement" + }, + "XssMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.XssMatchStatement", + "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", + "title": "XssMatchStatement" } }, - "required": [ - "LabelName" - ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.LoggingFilter": { + "AWS::WAFv2::RuleGroup.TextTransformation": { "additionalProperties": false, "properties": { - "DefaultBehavior": { - "markdownDescription": "Default handling for logs that don't match any of the specified filtering conditions.", - "title": "DefaultBehavior", - "type": "string" + "Priority": { + "markdownDescription": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different.", + "title": "Priority", + "type": "number" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Filter" - }, - "markdownDescription": "The filters that you want to apply to the logs.", - "title": "Filters", - "type": "array" + "Type": { + "markdownDescription": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* .", + "title": "Type", + "type": "string" } }, "required": [ - "DefaultBehavior", - "Filters" + "Priority", + "Type" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.SingleHeader": { + "AWS::WAFv2::RuleGroup.UriFragment": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the query header to inspect.", - "title": "Name", + "FallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\nExample JSON: `{ \"UriFragment\": { \"FallbackBehavior\": \"MATCH\"} }`\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "FallbackBehavior", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::WAFv2::RegexPatternSet": { + "AWS::WAFv2::RuleGroup.VisibilityConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CloudWatchMetricsEnabled": { + "markdownDescription": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* .", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MetricName": { + "markdownDescription": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` .", + "title": "MetricName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "SampledRequestsEnabled": { + "markdownDescription": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\nIf you configure data protection for the web ACL, the protection applies to the web ACL's sampled web request data.\n\n> Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", + "title": "SampledRequestsEnabled", + "type": "boolean" + } + }, + "required": [ + "CloudWatchMetricsEnabled", + "MetricName", + "SampledRequestsEnabled" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.XssMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the set that helps with identification.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the set. You cannot change the name after you create the set.", - "title": "Name", - "type": "string" - }, - "RegularExpressionList": { - "items": { - "type": "string" - }, - "markdownDescription": "The regular expression patterns in the set.", - "title": "RegularExpressionList", - "type": "array" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", - "title": "Scope", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - } + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "required": [ - "RegularExpressionList", - "Scope" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::RegexPatternSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::RuleGroup": { + "AWS::WAFv2::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -268061,58 +319657,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailableLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" - }, - "markdownDescription": "The labels that one or more rules in this rule group add to matching web requests. These labels are defined in the `RuleLabels` for a `Rule` .", - "title": "AvailableLabels", - "type": "array" + "AssociationConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AssociationConfig", + "markdownDescription": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", + "title": "AssociationConfig" }, - "Capacity": { - "markdownDescription": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.", - "title": "Capacity", - "type": "number" + "CaptchaConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", + "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .", + "title": "CaptchaConfig" }, - "ConsumedLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" - }, - "markdownDescription": "The labels that one or more rules in this rule group match against in label match statements. These labels are defined in a `LabelMatchStatement` specification, in the `Statement` definition of a rule.", - "title": "ConsumedLabels", - "type": "array" + "ChallengeConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", + "markdownDescription": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .", + "title": "ChallengeConfig" }, "CustomResponseBodies": { "additionalProperties": false, - "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "patternProperties": { "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponseBody" + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponseBody" } }, "title": "CustomResponseBodies", "type": "object" }, + "DataProtectionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DataProtectionConfig", + "markdownDescription": "Specifies data protection to apply to the web request data for the web ACL. This is a web ACL level data protection option.\n\nThe data protection that you configure for the web ACL alters the data that's available for any other data collection activity, including your AWS WAF logging destinations, web ACL request sampling, and Amazon Security Lake data collection and management. Your other option for data protection is in the logging configuration, which only affects logging.", + "title": "DataProtectionConfig" + }, + "DefaultAction": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DefaultAction", + "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match.", + "title": "DefaultAction" + }, "Description": { - "markdownDescription": "A description of the rule group that helps with identification.", + "markdownDescription": "A description of the web ACL that helps with identification.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the rule group. You cannot change the name of a rule group after you create it.", + "markdownDescription": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", "title": "Name", "type": "string" }, + "OnSourceDDoSProtectionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.OnSourceDDoSProtectionConfig", + "markdownDescription": "Configures the level of DDoS protection that applies to web ACLs associated with Application Load Balancers.", + "title": "OnSourceDDoSProtectionConfig" + }, "Rules": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Rule" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Rule" }, - "markdownDescription": "The rule statements used to identify the web requests that you want to allow, block, or count. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", + "markdownDescription": "The rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", "title": "Rules", "type": "array" }, "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", "title": "Scope", "type": "string" }, @@ -268124,14 +319729,22 @@ "title": "Tags", "type": "array" }, + "TokenDomains": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.", + "title": "TokenDomains", + "type": "array" + }, "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", "title": "VisibilityConfig" } }, "required": [ - "Capacity", + "DefaultAction", "Scope", "VisibilityConfig" ], @@ -268139,7 +319752,7 @@ }, "Type": { "enum": [ - "AWS::WAFv2::RuleGroup" + "AWS::WAFv2::WebACL" ], "type": "string" }, @@ -268158,23 +319771,126 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.AllowAction": { + "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { + "additionalProperties": false, + "properties": { + "CreationPath": { + "markdownDescription": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests.\n\nFor example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` .", + "title": "CreationPath", + "type": "string" + }, + "EnableRegexInPath": { + "markdownDescription": "Allow the use of regular expressions in the registration page path and the account creation path.", + "title": "EnableRegexInPath", + "type": "boolean" + }, + "RegistrationPagePath": { + "markdownDescription": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.\n\n> This page must accept `GET` text/html requests. \n\nFor example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` .", + "title": "RegistrationPagePath", + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP", + "markdownDescription": "The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.", + "title": "RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", + "markdownDescription": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.", + "title": "ResponseInspection" + } + }, + "required": [ + "CreationPath", + "RegistrationPagePath", + "RequestInspection" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { + "additionalProperties": false, + "properties": { + "EnableRegexInPath": { + "markdownDescription": "Allow the use of regular expressions in the login page path.", + "title": "EnableRegexInPath", + "type": "boolean" + }, + "LoginPath": { + "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", + "title": "LoginPath", + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspection", + "markdownDescription": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", + "title": "RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", + "markdownDescription": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.", + "title": "ResponseInspection" + } + }, + "required": [ + "LoginPath" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesAntiDDoSRuleSet": { + "additionalProperties": false, + "properties": { + "ClientSideActionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ClientSideActionConfig", + "markdownDescription": "Configures the request handling that's applied by the managed rule group rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` during a distributed denial of service (DDoS) attack.", + "title": "ClientSideActionConfig" + }, + "SensitivityToBlock": { + "markdownDescription": "The sensitivity that the rule group rule `DDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `DDoSRequests` rule runs.\n\nThe higher the sensitivity, the more levels of labeling that the rule matches:\n\n- Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` .\n- Medium sensitivity causes the rule to match on the medium and high suspicion labels.\n- High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high.\n\nDefault: `LOW`", + "title": "SensitivityToBlock", + "type": "string" + } + }, + "required": [ + "ClientSideActionConfig" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet": { + "additionalProperties": false, + "properties": { + "EnableMachineLearning": { + "markdownDescription": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`", + "title": "EnableMachineLearning", + "type": "boolean" + }, + "InspectionLevel": { + "markdownDescription": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* .", + "title": "InspectionLevel", + "type": "string" + } + }, + "required": [ + "InspectionLevel" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AllowAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.AndStatement": { + "AWS::WAFv2::WebACL.AndStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" }, "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", "title": "Statements", @@ -268186,18 +319902,54 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.BlockAction": { + "AWS::WAFv2::WebACL.AsnMatchStatement": { + "additionalProperties": false, + "properties": { + "AsnList": { + "items": { + "type": "number" + }, + "markdownDescription": "Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies.", + "title": "AsnList", + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.", + "title": "ForwardedIPConfig" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.AssociationConfig": { + "additionalProperties": false, + "properties": { + "RequestBody": { + "additionalProperties": false, + "markdownDescription": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig" + } + }, + "title": "RequestBody", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.BlockAction": { "additionalProperties": false, "properties": { "CustomResponse": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponse", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponse", "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomResponse" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Body": { + "AWS::WAFv2::WebACL.Body": { "additionalProperties": false, "properties": { "OversizeHandling": { @@ -268208,11 +319960,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ByteMatchStatement": { + "AWS::WAFv2::WebACL.ByteMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -268233,7 +319985,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -268247,51 +319999,92 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CaptchaAction": { + "AWS::WAFv2::WebACL.CaptchaAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CaptchaConfig": { + "AWS::WAFv2::WebACL.CaptchaConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", "title": "ImmunityTimeProperty" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ChallengeAction": { + "AWS::WAFv2::WebACL.ChallengeAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ChallengeConfig": { + "AWS::WAFv2::WebACL.ChallengeConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", "title": "ImmunityTimeProperty" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CookieMatchPattern": { + "AWS::WAFv2::WebACL.ClientSideAction": { + "additionalProperties": false, + "properties": { + "ExemptUriRegularExpressions": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.Regex" + }, + "markdownDescription": "The regular expression to match against the web request URI, used to identify requests that can't handle a silent browser challenge. When the `ClientSideAction` setting `UsageOfAction` is enabled, the managed rule group uses this setting to determine which requests to label with `awswaf:managed:aws:anti-ddos:challengeable-request` . If `UsageOfAction` is disabled, this setting has no effect and the managed rule group doesn't add the label to any requests.\n\nThe anti-DDoS managed rule group doesn't evaluate the rules `ChallengeDDoSRequests` or `ChallengeAllDuringEvent` for web requests whose URIs match this regex. This is true regardless of whether you override the rule action for either of the rules in your web ACL configuration.\n\nAWS recommends using a regular expression.\n\nThis setting is required if `UsageOfAction` is set to `ENABLED` . If required, you can provide between 1 and 5 regex objects in the array of settings.\n\nAWS recommends starting with the following setting. Review and update it for your application's needs:\n\n`\\/api\\/|\\.(acc|avi|css|gif|jpe?g|js|mp[34]|ogg|otf|pdf|png|tiff?|ttf|webm|webp|woff2?)$`", + "title": "ExemptUriRegularExpressions", + "type": "array" + }, + "Sensitivity": { + "markdownDescription": "The sensitivity that the rule group rule `ChallengeDDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `ChallengeDDoSRequests` rule runs.\n\nThe higher the sensitivity, the more levels of labeling that the rule matches:\n\n- Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` .\n- Medium sensitivity causes the rule to match on the medium and high suspicion labels.\n- High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high.\n\nDefault: `HIGH`", + "title": "Sensitivity", + "type": "string" + }, + "UsageOfAction": { + "markdownDescription": "Determines whether to use the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the rule group evaluation and the related label `awswaf:managed:aws:anti-ddos:challengeable-request` .\n\n- If usage is enabled:\n\n- The managed rule group adds the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web request whose URL does *NOT* match the regular expressions provided in the `ClientSideAction` setting `ExemptUriRegularExpressions` .\n- The two rules are evaluated against web requests for protected resources that are experiencing a DDoS attack. The two rules only apply their action to matching requests that have the label `awswaf:managed:aws:anti-ddos:challengeable-request` .\n- If usage is disabled:\n\n- The managed rule group doesn't add the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web requests.\n- The two rules are not evaluated.\n- None of the other `ClientSideAction` settings have any effect.\n\n> This setting only enables or disables the use of the two anti-DDOS rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the anti-DDoS managed rule group.\n> \n> This setting doesn't alter the action setting in the two rules. To override the actions used by the rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` , enable this setting, and then override the rule actions in the usual way, in your managed rule group configuration.", + "title": "UsageOfAction", + "type": "string" + } + }, + "required": [ + "UsageOfAction" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ClientSideActionConfig": { + "additionalProperties": false, + "properties": { + "Challenge": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ClientSideAction", + "markdownDescription": "Configuration for the use of the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` .\n\n> This setting isn't related to the configuration of the `Challenge` action itself. It only configures the use of the two anti-DDoS rules named here. \n\nYou can enable or disable the use of these rules, and you can configure how to use them when they are enabled.", + "title": "Challenge" + } + }, + "required": [ + "Challenge" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.CookieMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268318,11 +320111,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Cookies": { + "AWS::WAFv2::WebACL.Cookies": { "additionalProperties": false, "properties": { "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CookieMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CookieMatchPattern", "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", "title": "MatchPattern" }, @@ -268344,18 +320137,18 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CountAction": { + "AWS::WAFv2::WebACL.CountAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomHTTPHeader": { + "AWS::WAFv2::WebACL.CustomHTTPHeader": { "additionalProperties": false, "properties": { "Name": { @@ -268375,12 +320168,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomRequestHandling": { + "AWS::WAFv2::WebACL.CustomRequestHandling": { "additionalProperties": false, "properties": { "InsertHeaders": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" }, "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "InsertHeaders", @@ -268392,7 +320185,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomResponse": { + "AWS::WAFv2::WebACL.CustomResponse": { "additionalProperties": false, "properties": { "CustomResponseBodyKey": { @@ -268407,7 +320200,7 @@ }, "ResponseHeaders": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" }, "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "ResponseHeaders", @@ -268415,31 +320208,122 @@ } }, "required": [ - "ResponseCode" + "ResponseCode" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.CustomResponseBody": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "Content", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", + "title": "ContentType", + "type": "string" + } + }, + "required": [ + "Content", + "ContentType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DataProtect": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "", + "title": "Action", + "type": "string" + }, + "ExcludeRateBasedDetails": { + "markdownDescription": "", + "title": "ExcludeRateBasedDetails", + "type": "boolean" + }, + "ExcludeRuleMatchDetails": { + "markdownDescription": "", + "title": "ExcludeRuleMatchDetails", + "type": "boolean" + }, + "Field": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToProtect", + "markdownDescription": "", + "title": "Field" + } + }, + "required": [ + "Action", + "Field" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DataProtectionConfig": { + "additionalProperties": false, + "properties": { + "DataProtections": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DataProtect" + }, + "markdownDescription": "An array of data protection configurations for specific web request field types. This is defined for each web ACL. AWS WAF applies the specified protection to all web requests that the web ACL inspects.", + "title": "DataProtections", + "type": "array" + } + }, + "required": [ + "DataProtections" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DefaultAction": { + "additionalProperties": false, + "properties": { + "Allow": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", + "markdownDescription": "Specifies that AWS WAF should allow requests by default.", + "title": "Allow" + }, + "Block": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", + "markdownDescription": "Specifies that AWS WAF should block requests by default.", + "title": "Block" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ExcludedRule": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the rule whose action you want to override to `Count` .", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomResponseBody": { + "AWS::WAFv2::WebACL.FieldIdentifier": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "Content", - "type": "string" - }, - "ContentType": { - "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", - "title": "ContentType", + "Identifier": { + "markdownDescription": "The name of the field.\n\nWhen the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nWhen the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` .\n\nFor more information, see the descriptions for each field type in the request inspection properties.", + "title": "Identifier", "type": "string" } }, "required": [ - "Content", - "ContentType" + "Identifier" ], "type": "object" }, - "AWS::WAFv2::RuleGroup.FieldToMatch": { + "AWS::WAFv2::WebACL.FieldToMatch": { "additionalProperties": false, "properties": { "AllQueryArguments": { @@ -268448,27 +320332,32 @@ "type": "object" }, "Body": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Body", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Body", "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", "title": "Body" }, "Cookies": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Cookies", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Cookies", "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", "title": "Cookies" }, "Headers": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Headers", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Headers", "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", "title": "Headers" }, "JA3Fingerprint": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA3Fingerprint", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JA3Fingerprint", "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", "title": "JA3Fingerprint" }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.JA4Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA4 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA4 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA4Fingerprint" + }, "JsonBody": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonBody", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonBody", "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", "title": "JsonBody" }, @@ -268483,15 +320372,20 @@ "type": "object" }, "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleHeader", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleHeader", "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", "title": "SingleHeader" }, "SingleQueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleQueryArgument", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleQueryArgument", "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", "title": "SingleQueryArgument" }, + "UriFragment": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.UriFragment", + "markdownDescription": "Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "UriFragment" + }, "UriPath": { "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", "title": "UriPath", @@ -268500,7 +320394,29 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ForwardedIPConfiguration": { + "AWS::WAFv2::WebACL.FieldToProtect": { + "additionalProperties": false, + "properties": { + "FieldKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the keys to protect for the specified field type. If you don't specify any key, then all keys for the field type are protected.", + "title": "FieldKeys", + "type": "array" + }, + "FieldType": { + "markdownDescription": "Specifies the web request component type to protect.", + "title": "FieldType", + "type": "string" + } + }, + "required": [ + "FieldType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268520,7 +320436,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.GeoMatchStatement": { + "AWS::WAFv2::WebACL.GeoMatchStatement": { "additionalProperties": false, "properties": { "CountryCodes": { @@ -268532,14 +320448,14 @@ "type": "array" }, "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "ForwardedIPConfig" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.HeaderMatchPattern": { + "AWS::WAFv2::WebACL.HeaderMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268566,11 +320482,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Headers": { + "AWS::WAFv2::WebACL.Headers": { "additionalProperties": false, "properties": { "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.HeaderMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.HeaderMatchPattern", "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", "title": "MatchPattern" }, @@ -268592,7 +320508,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration": { + "AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268618,7 +320534,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.IPSetReferenceStatement": { + "AWS::WAFv2::WebACL.IPSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { @@ -268627,7 +320543,7 @@ "type": "string" }, "IPSetForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "IPSetForwardedIPConfig" } @@ -268637,7 +320553,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.ImmunityTimeProperty": { + "AWS::WAFv2::WebACL.ImmunityTimeProperty": { "additionalProperties": false, "properties": { "ImmunityTime": { @@ -268651,7 +320567,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JA3Fingerprint": { + "AWS::WAFv2::WebACL.JA3Fingerprint": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268665,7 +320581,21 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JsonBody": { + "AWS::WAFv2::WebACL.JA4Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.JsonBody": { "additionalProperties": false, "properties": { "InvalidFallbackBehavior": { @@ -268674,7 +320604,7 @@ "type": "string" }, "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonMatchPattern", "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", "title": "MatchPattern" }, @@ -268695,7 +320625,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JsonMatchPattern": { + "AWS::WAFv2::WebACL.JsonMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268714,7 +320644,7 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Label": { + "AWS::WAFv2::WebACL.Label": { "additionalProperties": false, "properties": { "Name": { @@ -268728,7 +320658,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.LabelMatchStatement": { + "AWS::WAFv2::WebACL.LabelMatchStatement": { "additionalProperties": false, "properties": { "Key": { @@ -268748,22 +320678,111 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.LabelSummary": { + "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { + "additionalProperties": false, + "properties": { + "AWSManagedRulesACFPRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet", + "markdownDescription": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesACFPRuleSet" + }, + "AWSManagedRulesATPRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", + "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesATPRuleSet" + }, + "AWSManagedRulesAntiDDoSRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesAntiDDoSRuleSet", + "markdownDescription": "Additional configuration for using the anti-DDoS managed rule group, `AWSManagedRulesAntiDDoSRuleSet` . Use this to configure anti-DDoS behavior for the rule group.\n\nFor information about using the anti-DDoS managed rule group, see [AWS WAF Anti-DDoS rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-anti-ddos.html) and [Distributed Denial of Service (DDoS) prevention](https://docs.aws.amazon.com/waf/latest/developerguide/waf-anti-ddos.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesAntiDDoSRuleSet" + }, + "AWSManagedRulesBotControlRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet", + "markdownDescription": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesBotControlRuleSet" + }, + "LoginPath": { + "markdownDescription": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", + "title": "LoginPath", + "type": "string" + }, + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "PayloadType", + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "UsernameField" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ManagedRuleGroupStatement": { "additionalProperties": false, "properties": { + "ExcludedRules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" + }, + "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", + "title": "ExcludedRules", + "type": "array" + }, + "ManagedRuleGroupConfigs": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupConfig" + }, + "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesAntiDDoSRuleSet` configuration object to configure the anti-DDoS managed rule group. The configuration includes the sensitivity levels to use in the rules that typically block and challenge requests that might be participating in DDoS attacks and the specification to use to indicate whether a request can handle a silent browser challenge.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", + "title": "ManagedRuleGroupConfigs", + "type": "array" + }, "Name": { - "markdownDescription": "An individual label specification.", + "markdownDescription": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.", "title": "Name", "type": "string" + }, + "RuleActionOverrides": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" + }, + "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", + "title": "RuleActionOverrides", + "type": "array" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", + "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", + "title": "ScopeDownStatement" + }, + "VendorName": { + "markdownDescription": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.", + "title": "VendorName", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.", + "title": "Version", + "type": "string" } }, + "required": [ + "Name", + "VendorName" + ], "type": "object" }, - "AWS::WAFv2::RuleGroup.NotStatement": { + "AWS::WAFv2::WebACL.NotStatement": { "additionalProperties": false, "properties": { "Statement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "The statement to negate. You can use any statement that can be nested.", "title": "Statement" } @@ -268773,12 +320792,26 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.OrStatement": { + "AWS::WAFv2::WebACL.OnSourceDDoSProtectionConfig": { + "additionalProperties": false, + "properties": { + "ALBLowReputationMode": { + "markdownDescription": "The level of DDoS protection that applies to web ACLs associated with Application Load Balancers. `ACTIVE_UNDER_DDOS` protection is enabled by default whenever a web ACL is associated with an Application Load Balancer. In the event that an Application Load Balancer experiences high-load conditions or suspected DDoS attacks, the `ACTIVE_UNDER_DDOS` protection automatically rate limits traffic from known low reputation sources without disrupting Application Load Balancer availability. `ALWAYS_ON` protection provides constant, always-on monitoring of known low reputation sources for suspected DDoS attacks. While this provides a higher level of protection, there may be potential impacts on legitimate traffic.", + "title": "ALBLowReputationMode", + "type": "string" + } + }, + "required": [ + "ALBLowReputationMode" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.OrStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" }, "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", "title": "Statements", @@ -268790,7 +320823,23 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateBasedStatement": { + "AWS::WAFv2::WebACL.OverrideAction": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "Override the rule group evaluation result to count only.\n\n> This option is usually set to none. It does not affect how the rules in the rule group are evaluated. If you want the rules in the rule group to only count matches, do not use this and instead use the rule action override option, with `Count` action, in your rule group reference statement settings.", + "title": "Count", + "type": "object" + }, + "None": { + "markdownDescription": "Don't override the rule group evaluation result. This is the most common setting.", + "title": "None", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.RateBasedStatement": { "additionalProperties": false, "properties": { "AggregateKeyType": { @@ -268800,7 +320849,7 @@ }, "CustomKeys": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" }, "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", "title": "CustomKeys", @@ -268812,7 +320861,7 @@ "type": "number" }, "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", "title": "ForwardedIPConfig" }, @@ -268822,7 +320871,7 @@ "type": "number" }, "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", "title": "ScopeDownStatement" } @@ -268833,11 +320882,16 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { + "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { "additionalProperties": false, "properties": { + "ASN": { + "markdownDescription": "Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance.", + "title": "ASN", + "type": "object" + }, "Cookie": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie", "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", "title": "Cookie" }, @@ -268852,7 +320906,7 @@ "type": "object" }, "Header": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader", "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", "title": "Header" }, @@ -268861,30 +320915,40 @@ "title": "IP", "type": "object" }, + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitJA3Fingerprint", + "markdownDescription": "Use the request's JA3 fingerprint as an aggregate key. If you use a single JA3 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA3Fingerprint" + }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitJA4Fingerprint", + "markdownDescription": "Use the request's JA4 fingerprint as an aggregate key. If you use a single JA4 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA4Fingerprint" + }, "LabelNamespace": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace", "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", "title": "LabelNamespace" }, "QueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument", "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", "title": "QueryArgument" }, "QueryString": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString", "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", "title": "QueryString" }, "UriPath": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath", "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", "title": "UriPath" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitCookie": { + "AWS::WAFv2::WebACL.RateLimitCookie": { "additionalProperties": false, "properties": { "Name": { @@ -268894,7 +320958,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268907,7 +320971,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitHeader": { + "AWS::WAFv2::WebACL.RateLimitHeader": { "additionalProperties": false, "properties": { "Name": { @@ -268917,7 +320981,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268930,7 +320994,35 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { + "AWS::WAFv2::WebACL.RateLimitJA3Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitJA4Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { "additionalProperties": false, "properties": { "Namespace": { @@ -268944,7 +321036,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { + "AWS::WAFv2::WebACL.RateLimitQueryArgument": { "additionalProperties": false, "properties": { "Name": { @@ -268954,7 +321046,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268967,12 +321059,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitQueryString": { + "AWS::WAFv2::WebACL.RateLimitQueryString": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268984,12 +321076,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitUriPath": { + "AWS::WAFv2::WebACL.RateLimitUriPath": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -269001,11 +321093,22 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RegexMatchStatement": { + "AWS::WAFv2::WebACL.Regex": { + "additionalProperties": false, + "properties": { + "RegexString": { + "markdownDescription": "The string representing the regular expression.", + "title": "RegexString", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.RegexMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269016,7 +321119,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269030,7 +321133,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement": { + "AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { @@ -269039,13 +321142,13 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269059,21 +321162,248 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.Rule": { + "AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig": { + "additionalProperties": false, + "properties": { + "DefaultSizeInspectionLimit": { + "markdownDescription": "Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 bytes)`", + "title": "DefaultSizeInspectionLimit", + "type": "string" + } + }, + "required": [ + "DefaultSizeInspectionLimit" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RequestInspection": { + "additionalProperties": false, + "properties": { + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "The payload type for your login endpoint, either JSON or form encoded.", + "title": "PayloadType", + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", + "title": "UsernameField" + } + }, + "required": [ + "PasswordField", + "PayloadType", + "UsernameField" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RequestInspectionACFP": { + "additionalProperties": false, + "properties": { + "AddressFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "markdownDescription": "The names of the fields in the request payload that contain your customer's primary physical address.\n\nOrder the address fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the address fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` .", + "title": "AddressFields", + "type": "array" + }, + "EmailField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's email.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"email\": \"THE_EMAIL\" } }` , the email field specification is `/form/email` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `email1` , the email field specification is `email1` .", + "title": "EmailField" + }, + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "The payload type for your account creation endpoint, either JSON or form encoded.", + "title": "PayloadType", + "type": "string" + }, + "PhoneNumberFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "markdownDescription": "The names of the fields in the request payload that contain your customer's primary phone number.\n\nOrder the phone number fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the phone number fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` .", + "title": "PhoneNumberFields", + "type": "array" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", + "title": "UsernameField" + } + }, + "required": [ + "PayloadType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspection": { + "additionalProperties": false, + "properties": { + "BodyContains": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionBodyContains", + "markdownDescription": "Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.", + "title": "BodyContains" + }, + "Header": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionHeader", + "markdownDescription": "Configures inspection of the response header for success and failure indicators.", + "title": "Header" + }, + "Json": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionJson", + "markdownDescription": "Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.", + "title": "Json" + }, + "StatusCode": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionStatusCode", + "markdownDescription": "Configures inspection of the response status code for success and failure indicators.", + "title": "StatusCode" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionBodyContains": { + "additionalProperties": false, + "properties": { + "FailureStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Request failed\" ]`", + "title": "FailureStrings", + "type": "array" + }, + "SuccessStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON examples: `\"SuccessStrings\": [ \"Login successful\" ]` and `\"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]`", + "title": "SuccessStrings", + "type": "array" + } + }, + "required": [ + "FailureStrings", + "SuccessStrings" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionHeader": { + "additionalProperties": false, + "properties": { + "FailureValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]` and `\"FailureValues\": [ \"AccountCreationFailed\" ]`", + "title": "FailureValues", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"RequestResult\" ]`", + "title": "Name", + "type": "string" + }, + "SuccessValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]` and `\"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]`", + "title": "SuccessValues", + "type": "array" + } + }, + "required": [ + "FailureValues", + "Name", + "SuccessValues" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionJson": { + "additionalProperties": false, + "properties": { + "FailureValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`", + "title": "FailureValues", + "type": "array" + }, + "Identifier": { + "markdownDescription": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON examples: `\"Identifier\": [ \"/login/success\" ]` and `\"Identifier\": [ \"/sign-up/success\" ]`", + "title": "Identifier", + "type": "string" + }, + "SuccessValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`", + "title": "SuccessValues", + "type": "array" + } + }, + "required": [ + "FailureValues", + "Identifier", + "SuccessValues" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionStatusCode": { + "additionalProperties": false, + "properties": { + "FailureCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`", + "title": "FailureCodes", + "type": "array" + }, + "SuccessCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`", + "title": "SuccessCodes", + "type": "array" + } + }, + "required": [ + "FailureCodes", + "SuccessCodes" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.Rule": { "additionalProperties": false, "properties": { "Action": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RuleAction", - "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting.", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", + "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting.\n\nThis is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nYou must set either this `Action` setting or the rule's `OverrideAction` , but not both:\n\n- If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting.\n- If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group.", "title": "Action" }, "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", "title": "CaptchaConfig" }, "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", "title": "ChallengeConfig" }, @@ -269082,6 +321412,11 @@ "title": "Name", "type": "string" }, + "OverrideAction": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.OverrideAction", + "markdownDescription": "The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nSet the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.\n\nYou must set either this `OverrideAction` setting or the `Action` setting, but not both:\n\n- If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting.\n- If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting.", + "title": "OverrideAction" + }, "Priority": { "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", "title": "Priority", @@ -269089,19 +321424,19 @@ }, "RuleLabels": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Label" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Label" }, "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", "title": "RuleLabels", "type": "array" }, "Statement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", "title": "Statement" }, "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", "title": "VisibilityConfig" } @@ -269114,38 +321449,88 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RuleAction": { + "AWS::WAFv2::WebACL.RuleAction": { "additionalProperties": false, "properties": { "Allow": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AllowAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", "markdownDescription": "Instructs AWS WAF to allow the web request.", "title": "Allow" }, "Block": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.BlockAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", "markdownDescription": "Instructs AWS WAF to block the web request.", "title": "Block" }, "Captcha": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaAction", "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", "title": "Captcha" }, "Challenge": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeAction", "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", "title": "Challenge" }, "Count": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CountAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CountAction", "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", "title": "Count" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.SingleHeader": { + "AWS::WAFv2::WebACL.RuleActionOverride": { + "additionalProperties": false, + "properties": { + "ActionToUse": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", + "markdownDescription": "The override action to use, in place of the configured action of the rule in the rule group.", + "title": "ActionToUse" + }, + "Name": { + "markdownDescription": "The name of the rule to override.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ActionToUse", + "Name" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RuleGroupReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the entity.", + "title": "Arn", + "type": "string" + }, + "ExcludedRules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" + }, + "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", + "title": "ExcludedRules", + "type": "array" + }, + "RuleActionOverrides": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" + }, + "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", + "title": "RuleActionOverrides", + "type": "array" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.SingleHeader": { "additionalProperties": false, "properties": { "Name": { @@ -269159,7 +321544,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SingleQueryArgument": { + "AWS::WAFv2::WebACL.SingleQueryArgument": { "additionalProperties": false, "properties": { "Name": { @@ -269173,7 +321558,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SizeConstraintStatement": { + "AWS::WAFv2::WebACL.SizeConstraintStatement": { "additionalProperties": false, "properties": { "ComparisonOperator": { @@ -269182,7 +321567,7 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269193,7 +321578,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269208,11 +321593,11 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SqliMatchStatement": { + "AWS::WAFv2::WebACL.SqliMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269223,7 +321608,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269236,78 +321621,93 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.Statement": { + "AWS::WAFv2::WebACL.Statement": { "additionalProperties": false, "properties": { "AndStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AndStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.AndStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", "title": "AndStatement" }, + "AsnMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AsnMatchStatement", + "markdownDescription": "A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.\n\nFor additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "AsnMatchStatement" + }, "ByteMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ByteMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ByteMatchStatement", "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", "title": "ByteMatchStatement" }, "GeoMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.GeoMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.GeoMatchStatement", "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "GeoMatchStatement" }, "IPSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetReferenceStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetReferenceStatement", "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "IPSetReferenceStatement" }, "LabelMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.LabelMatchStatement", "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", "title": "LabelMatchStatement" }, + "ManagedRuleGroupStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupStatement", + "markdownDescription": "A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` .\n\nYou cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule.\n\n> You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", + "title": "ManagedRuleGroupStatement" + }, "NotStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.NotStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.NotStatement", "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", "title": "NotStatement" }, "OrStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.OrStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.OrStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", "title": "OrStatement" }, "RateBasedStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatement", "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", "title": "RateBasedStatement" }, "RegexMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexMatchStatement", "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", "title": "RegexMatchStatement" }, "RegexPatternSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement", "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "RegexPatternSetReferenceStatement" }, + "RuleGroupReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleGroupReferenceStatement", + "markdownDescription": "A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.\n\nYou cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL.", + "title": "RuleGroupReferenceStatement" + }, "SizeConstraintStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SizeConstraintStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SizeConstraintStatement", "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", "title": "SizeConstraintStatement" }, "SqliMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SqliMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SqliMatchStatement", "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", "title": "SqliMatchStatement" }, "XssMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.XssMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.XssMatchStatement", "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", "title": "XssMatchStatement" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.TextTransformation": { + "AWS::WAFv2::WebACL.TextTransformation": { "additionalProperties": false, "properties": { "Priority": { @@ -269327,7 +321727,18 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.VisibilityConfig": { + "AWS::WAFv2::WebACL.UriFragment": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\nExample JSON: `{ \"UriFragment\": { \"FallbackBehavior\": \"MATCH\"} }`\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "FallbackBehavior", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.VisibilityConfig": { "additionalProperties": false, "properties": { "CloudWatchMetricsEnabled": { @@ -269353,17 +321764,17 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.XssMatchStatement": { + "AWS::WAFv2::WebACL.XssMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269376,7 +321787,7 @@ ], "type": "object" }, - "AWS::WAFv2::WebACL": { + "AWS::WAFv2::WebACLAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -269411,92 +321822,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociationConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AssociationConfig", - "markdownDescription": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", - "title": "AssociationConfig" - }, - "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", - "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .", - "title": "CaptchaConfig" - }, - "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", - "markdownDescription": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .", - "title": "ChallengeConfig" - }, - "CustomResponseBodies": { - "additionalProperties": false, - "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponseBody" - } - }, - "title": "CustomResponseBodies", - "type": "object" - }, - "DefaultAction": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.DefaultAction", - "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match.", - "title": "DefaultAction" - }, - "Description": { - "markdownDescription": "A description of the web ACL that helps with identification.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", - "title": "Name", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`\n- For an AWS Amplify instance: `arn: *partition* :amplify: *region* : *account-id* :apps/ *app-id*`", + "title": "ResourceArn", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Rule" - }, - "markdownDescription": "The rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", - "title": "Rules", - "type": "array" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", - "title": "Scope", + "WebACLArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.", + "title": "WebACLArn", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - }, - "TokenDomains": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.", - "title": "TokenDomains", - "type": "array" - }, - "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", - "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", - "title": "VisibilityConfig" } }, "required": [ - "DefaultAction", - "Scope", - "VisibilityConfig" + "ResourceArn", + "WebACLArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFv2::WebACL" + "AWS::WAFv2::WebACLAssociation" ], "type": "string" }, @@ -269515,1937 +321860,2407 @@ ], "type": "object" }, - "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { + "AWS::Wisdom::AIAgent": { "additionalProperties": false, "properties": { - "CreationPath": { - "markdownDescription": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests.\n\nFor example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` .", - "title": "CreationPath", - "type": "string" - }, - "EnableRegexInPath": { - "markdownDescription": "Allow the use of regular expressions in the registration page path and the account creation path.", - "title": "EnableRegexInPath", - "type": "boolean" - }, - "RegistrationPagePath": { - "markdownDescription": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.\n\n> This page must accept `GET` text/html requests. \n\nFor example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` .", - "title": "RegistrationPagePath", + "Condition": { "type": "string" }, - "RequestInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP", - "markdownDescription": "The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.", - "title": "RequestInspection" - }, - "ResponseInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", - "markdownDescription": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.", - "title": "ResponseInspection" - } - }, - "required": [ - "CreationPath", - "RegistrationPagePath", - "RequestInspection" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { - "additionalProperties": false, - "properties": { - "EnableRegexInPath": { - "markdownDescription": "Allow the use of regular expressions in the login page path.", - "title": "EnableRegexInPath", - "type": "boolean" - }, - "LoginPath": { - "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", - "title": "LoginPath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RequestInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspection", - "markdownDescription": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", - "title": "RequestInspection" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ResponseInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", - "markdownDescription": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.", - "title": "ResponseInspection" - } - }, - "required": [ - "LoginPath" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet": { - "additionalProperties": false, - "properties": { - "EnableMachineLearning": { - "markdownDescription": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`", - "title": "EnableMachineLearning", - "type": "boolean" + "Metadata": { + "type": "object" }, - "InspectionLevel": { - "markdownDescription": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* .", - "title": "InspectionLevel", - "type": "string" - } - }, - "required": [ - "InspectionLevel" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AllowAction": { - "additionalProperties": false, - "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.AndStatement": { - "additionalProperties": false, - "properties": { - "Statements": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" - }, - "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", - "title": "Statements", - "type": "array" - } - }, - "required": [ - "Statements" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AssociationConfig": { - "additionalProperties": false, - "properties": { - "RequestBody": { + "Properties": { "additionalProperties": false, - "markdownDescription": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig" + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AIAgentConfiguration", + "markdownDescription": "Configuration for the AI Agent.", + "title": "Configuration" + }, + "Description": { + "markdownDescription": "The description of the AI Agent.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Agent.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The type of the AI Agent.", + "title": "Type", + "type": "string" } }, - "title": "RequestBody", + "required": [ + "AssistantId", + "Configuration", + "Type" + ], "type": "object" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.BlockAction": { - "additionalProperties": false, - "properties": { - "CustomResponse": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponse", - "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomResponse" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.Body": { - "additionalProperties": false, - "properties": { - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", - "title": "OversizeHandling", + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIAgent" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ByteMatchStatement": { + "AWS::Wisdom::AIAgent.AIAgentConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" - }, - "PositionalConstraint": { - "markdownDescription": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", - "type": "string" - }, - "SearchString": { - "markdownDescription": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", - "title": "SearchString", - "type": "string" + "AnswerRecommendationAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AnswerRecommendationAIAgentConfiguration", + "markdownDescription": "The configuration for AI Agents of type `ANSWER_RECOMMENDATION` .", + "title": "AnswerRecommendationAIAgentConfiguration" }, - "SearchStringBase64": { - "markdownDescription": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", - "title": "SearchStringBase64", - "type": "string" + "ManualSearchAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.ManualSearchAIAgentConfiguration", + "markdownDescription": "The configuration for AI Agents of type `MANUAL_SEARCH` .", + "title": "ManualSearchAIAgentConfiguration" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" + "SelfServiceAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.SelfServiceAIAgentConfiguration", + "markdownDescription": "The self-service AI agent configuration.", + "title": "SelfServiceAIAgentConfiguration" } }, - "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformations" - ], "type": "object" }, - "AWS::WAFv2::WebACL.CaptchaAction": { + "AWS::Wisdom::AIAgent.AnswerRecommendationAIAgentConfiguration": { "additionalProperties": false, "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" + "AnswerGenerationAIGuardrailId": { + "markdownDescription": "The ID of the answer generation AI guardrail.", + "title": "AnswerGenerationAIGuardrailId", + "type": "string" + }, + "AnswerGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Answer Generation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "AnswerGenerationAIPromptId", + "type": "string" + }, + "AssociationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" + }, + "markdownDescription": "The association configurations for overriding behavior on this AI Agent.", + "title": "AssociationConfigurations", + "type": "array" + }, + "IntentLabelingGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Intent Labeling prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "IntentLabelingGenerationAIPromptId", + "type": "string" + }, + "Locale": { + "markdownDescription": "The locale to which specifies the language and region settings that determine the response language for [QueryAssistant](https://docs.aws.amazon.com/connect/latest/APIReference/API_amazon-q-connect_QueryAssistant.html) .", + "title": "Locale", + "type": "string" + }, + "QueryReformulationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Query Reformulation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "QueryReformulationAIPromptId", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CaptchaConfig": { + "AWS::Wisdom::AIAgent.AssociationConfiguration": { "additionalProperties": false, "properties": { - "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", - "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", - "title": "ImmunityTimeProperty" + "AssociationConfigurationData": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfigurationData", + "markdownDescription": "A typed union of the data of the configuration for an Amazon Q in Connect Assistant Association.", + "title": "AssociationConfigurationData" + }, + "AssociationId": { + "markdownDescription": "The identifier of the association for this Association Configuration.", + "title": "AssociationId", + "type": "string" + }, + "AssociationType": { + "markdownDescription": "The type of the association for this Association Configuration.", + "title": "AssociationType", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ChallengeAction": { + "AWS::Wisdom::AIAgent.AssociationConfigurationData": { "additionalProperties": false, "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", - "title": "CustomRequestHandling" + "KnowledgeBaseAssociationConfigurationData": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.KnowledgeBaseAssociationConfigurationData", + "markdownDescription": "The data of the configuration for a `KNOWLEDGE_BASE` type Amazon Q in Connect Assistant Association.", + "title": "KnowledgeBaseAssociationConfigurationData" } }, + "required": [ + "KnowledgeBaseAssociationConfigurationData" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ChallengeConfig": { + "AWS::Wisdom::AIAgent.KnowledgeBaseAssociationConfigurationData": { "additionalProperties": false, "properties": { - "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", - "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", - "title": "ImmunityTimeProperty" + "ContentTagFilter": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagFilter", + "markdownDescription": "An object that can be used to specify Tag conditions.", + "title": "ContentTagFilter" + }, + "MaxResults": { + "markdownDescription": "The maximum number of results to return per page.", + "title": "MaxResults", + "type": "number" + }, + "OverrideKnowledgeBaseSearchType": { + "markdownDescription": "", + "title": "OverrideKnowledgeBaseSearchType", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CookieMatchPattern": { + "AWS::Wisdom::AIAgent.ManualSearchAIAgentConfiguration": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Inspect all cookies.", - "title": "All", - "type": "object" + "AnswerGenerationAIGuardrailId": { + "markdownDescription": "The ID of the answer generation AI guardrail.", + "title": "AnswerGenerationAIGuardrailId", + "type": "string" }, - "ExcludedCookies": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the cookies whose keys don't match any of the strings specified here.", - "title": "ExcludedCookies", - "type": "array" + "AnswerGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Answer Generation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "AnswerGenerationAIPromptId", + "type": "string" }, - "IncludedCookies": { + "AssociationConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" }, - "markdownDescription": "Inspect only the cookies that have a key that matches one of the strings specified here.", - "title": "IncludedCookies", + "markdownDescription": "The association configurations for overriding behavior on this AI Agent.", + "title": "AssociationConfigurations", "type": "array" + }, + "Locale": { + "markdownDescription": "The locale to which specifies the language and region settings that determine the response language for [QueryAssistant](https://docs.aws.amazon.com/connect/latest/APIReference/API_amazon-q-connect_QueryAssistant.html) .", + "title": "Locale", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.Cookies": { + "AWS::Wisdom::AIAgent.OrCondition": { "additionalProperties": false, "properties": { - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CookieMatchPattern", - "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", - "title": "MatchPattern" - }, - "MatchScope": { - "markdownDescription": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", - "type": "string" + "AndConditions": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition" + }, + "markdownDescription": "", + "title": "AndConditions", + "type": "array" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "OversizeHandling", - "type": "string" + "TagCondition": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition", + "markdownDescription": "A leaf node condition which can be used to specify a tag condition.", + "title": "TagCondition" } }, - "required": [ - "MatchPattern", - "MatchScope", - "OversizeHandling" - ], "type": "object" }, - "AWS::WAFv2::WebACL.CountAction": { + "AWS::Wisdom::AIAgent.SelfServiceAIAgentConfiguration": { "additionalProperties": false, "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" + "AssociationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" + }, + "markdownDescription": "The association configuration of the self-service AI agent.", + "title": "AssociationConfigurations", + "type": "array" + }, + "SelfServiceAIGuardrailId": { + "markdownDescription": "The ID of the self-service AI guardrail.", + "title": "SelfServiceAIGuardrailId", + "type": "string" + }, + "SelfServiceAnswerGenerationAIPromptId": { + "markdownDescription": "The ID of the self-service answer generation AI prompt.", + "title": "SelfServiceAnswerGenerationAIPromptId", + "type": "string" + }, + "SelfServicePreProcessingAIPromptId": { + "markdownDescription": "The ID of the self-service preprocessing AI prompt.", + "title": "SelfServicePreProcessingAIPromptId", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CustomHTTPHeader": { + "AWS::Wisdom::AIAgent.TagCondition": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` .", - "title": "Name", + "Key": { + "markdownDescription": "The tag key in the tag condition.", + "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value of the custom header.", + "markdownDescription": "The tag value in the tag condition.", "title": "Value", "type": "string" } }, "required": [ - "Name", - "Value" + "Key" ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomRequestHandling": { + "AWS::Wisdom::AIAgent.TagFilter": { "additionalProperties": false, "properties": { - "InsertHeaders": { + "AndConditions": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition" }, - "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "InsertHeaders", + "markdownDescription": "A list of conditions which would be applied together with an `AND` condition.", + "title": "AndConditions", + "type": "array" + }, + "OrConditions": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.OrCondition" + }, + "markdownDescription": "A list of conditions which would be applied together with an `OR` condition.", + "title": "OrConditions", "type": "array" + }, + "TagCondition": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition", + "markdownDescription": "A leaf node condition which can be used to specify a tag condition.", + "title": "TagCondition" } }, - "required": [ - "InsertHeaders" - ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomResponse": { + "AWS::Wisdom::AIAgentVersion": { "additionalProperties": false, "properties": { - "CustomResponseBodyKey": { - "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", - "title": "CustomResponseBodyKey", + "Condition": { "type": "string" }, - "ResponseCode": { - "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseCode", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ResponseHeaders": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIAgentId": { + "markdownDescription": "The identifier of the AI Agent.", + "title": "AIAgentId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The time the AI Agent version was last modified in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } }, - "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseHeaders", - "type": "array" + "required": [ + "AIAgentId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIAgentVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ResponseCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomResponseBody": { + "AWS::Wisdom::AIGuardrail": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "Content", + "Condition": { "type": "string" }, - "ContentType": { - "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", - "title": "ContentType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "BlockedInputMessaging": { + "markdownDescription": "The message to return when the AI Guardrail blocks a prompt.", + "title": "BlockedInputMessaging", + "type": "string" + }, + "BlockedOutputsMessaging": { + "markdownDescription": "The message to return when the AI Guardrail blocks a model response.", + "title": "BlockedOutputsMessaging", + "type": "string" + }, + "ContentPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailContentPolicyConfig", + "markdownDescription": "Contains details about how to handle harmful content.", + "title": "ContentPolicyConfig" + }, + "ContextualGroundingPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailContextualGroundingPolicyConfig", + "markdownDescription": "The policy configuration details for the AI Guardrail's contextual grounding policy.", + "title": "ContextualGroundingPolicyConfig" + }, + "Description": { + "markdownDescription": "A description of the AI Guardrail.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Guardrail.", + "title": "Name", + "type": "string" + }, + "SensitiveInformationPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailSensitiveInformationPolicyConfig", + "markdownDescription": "Contains details about PII entities and regular expressions to configure for the AI Guardrail.", + "title": "SensitiveInformationPolicyConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TopicPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailTopicPolicyConfig", + "markdownDescription": "Contains details about topics that the AI Guardrail should identify and deny.", + "title": "TopicPolicyConfig" + }, + "WordPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailWordPolicyConfig", + "markdownDescription": "Contains details about the word policy to configured for the AI Guardrail.", + "title": "WordPolicyConfig" + } + }, + "required": [ + "AssistantId", + "BlockedInputMessaging", + "BlockedOutputsMessaging" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIGuardrail" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Content", - "ContentType" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.DefaultAction": { + "AWS::Wisdom::AIGuardrail.AIGuardrailContentPolicyConfig": { "additionalProperties": false, "properties": { - "Allow": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", - "markdownDescription": "Specifies that AWS WAF should allow requests by default.", - "title": "Allow" - }, - "Block": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", - "markdownDescription": "Specifies that AWS WAF should block requests by default.", - "title": "Block" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailContentFilterConfig" + }, + "markdownDescription": "List of content filter configurations in a content policy.", + "title": "FiltersConfig", + "type": "array" } }, + "required": [ + "FiltersConfig" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ExcludedRule": { + "AWS::Wisdom::AIGuardrail.AIGuardrailContextualGroundingPolicyConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the rule whose action you want to override to `Count` .", - "title": "Name", - "type": "string" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailContextualGroundingFilterConfig" + }, + "markdownDescription": "List of contextual grounding filter configs.", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "Name" + "FiltersConfig" ], "type": "object" }, - "AWS::WAFv2::WebACL.FieldIdentifier": { + "AWS::Wisdom::AIGuardrail.AIGuardrailSensitiveInformationPolicyConfig": { "additionalProperties": false, "properties": { - "Identifier": { - "markdownDescription": "The name of the field.\n\nWhen the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nWhen the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` .\n\nFor more information, see the descriptions for each field type in the request inspection properties.", - "title": "Identifier", - "type": "string" + "PiiEntitiesConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailPiiEntityConfig" + }, + "markdownDescription": "List of entities.", + "title": "PiiEntitiesConfig", + "type": "array" + }, + "RegexesConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailRegexConfig" + }, + "markdownDescription": "List of regex.", + "title": "RegexesConfig", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Wisdom::AIGuardrail.AIGuardrailTopicPolicyConfig": { + "additionalProperties": false, + "properties": { + "TopicsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailTopicConfig" + }, + "markdownDescription": "List of topic configs in topic policy.", + "title": "TopicsConfig", + "type": "array" } }, "required": [ - "Identifier" + "TopicsConfig" ], "type": "object" }, - "AWS::WAFv2::WebACL.FieldToMatch": { + "AWS::Wisdom::AIGuardrail.AIGuardrailWordPolicyConfig": { "additionalProperties": false, "properties": { - "AllQueryArguments": { - "markdownDescription": "Inspect all query arguments.", - "title": "AllQueryArguments", - "type": "object" - }, - "Body": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Body", - "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", - "title": "Body" - }, - "Cookies": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Cookies", - "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", - "title": "Cookies" - }, - "Headers": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Headers", - "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", - "title": "Headers" - }, - "JA3Fingerprint": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JA3Fingerprint", - "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", - "title": "JA3Fingerprint" - }, - "JsonBody": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonBody", - "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", - "title": "JsonBody" - }, - "Method": { - "markdownDescription": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", - "title": "Method", - "type": "object" - }, - "QueryString": { - "markdownDescription": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.", - "title": "QueryString", - "type": "object" - }, - "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleHeader", - "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", - "title": "SingleHeader" - }, - "SingleQueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleQueryArgument", - "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", - "title": "SingleQueryArgument" + "ManagedWordListsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailManagedWordsConfig" + }, + "markdownDescription": "A config for the list of managed words.", + "title": "ManagedWordListsConfig", + "type": "array" }, - "UriPath": { - "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", - "title": "UriPath", - "type": "object" + "WordsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailWordConfig" + }, + "markdownDescription": "List of custom word configurations.", + "title": "WordsConfig", + "type": "array" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ForwardedIPConfiguration": { + "AWS::Wisdom::AIGuardrail.GuardrailContentFilterConfig": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "InputStrength": { + "markdownDescription": "The strength of the input for the guardrail content filter.", + "title": "InputStrength", "type": "string" }, - "HeaderName": { - "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "HeaderName", + "OutputStrength": { + "markdownDescription": "The output strength of the guardrail content filter.", + "title": "OutputStrength", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the guardrail content filter.", + "title": "Type", "type": "string" } }, "required": [ - "FallbackBehavior", - "HeaderName" + "InputStrength", + "OutputStrength", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.GeoMatchStatement": { + "AWS::Wisdom::AIGuardrail.GuardrailContextualGroundingFilterConfig": { "additionalProperties": false, "properties": { - "CountryCodes": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.", - "title": "CountryCodes", - "type": "array" + "Threshold": { + "markdownDescription": "The threshold for this filter.", + "title": "Threshold", + "type": "number" }, - "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "ForwardedIPConfig" + "Type": { + "markdownDescription": "The type of this filter.", + "title": "Type", + "type": "string" } }, + "required": [ + "Threshold", + "Type" + ], "type": "object" }, - "AWS::WAFv2::WebACL.HeaderMatchPattern": { + "AWS::Wisdom::AIGuardrail.GuardrailManagedWordsConfig": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Inspect all headers.", - "title": "All", - "type": "object" - }, - "ExcludedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the headers whose keys don't match any of the strings specified here.", - "title": "ExcludedHeaders", - "type": "array" - }, - "IncludedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the headers that have a key that matches one of the strings specified here.", - "title": "IncludedHeaders", - "type": "array" + "Type": { + "markdownDescription": "The type of guardrail managed words.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::WAFv2::WebACL.Headers": { + "AWS::Wisdom::AIGuardrail.GuardrailPiiEntityConfig": { "additionalProperties": false, "properties": { - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.HeaderMatchPattern", - "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", - "title": "MatchPattern" - }, - "MatchScope": { - "markdownDescription": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", + "Action": { + "markdownDescription": "The action of guardrail PII entity configuration.", + "title": "Action", "type": "string" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "OversizeHandling", + "Type": { + "markdownDescription": "", + "title": "Type", "type": "string" } }, "required": [ - "MatchPattern", - "MatchScope", - "OversizeHandling" + "Action", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration": { + "AWS::Wisdom::AIGuardrail.GuardrailRegexConfig": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "Action": { + "markdownDescription": "The action of the guardrail regex configuration.", + "title": "Action", "type": "string" }, - "HeaderName": { - "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "HeaderName", + "Description": { + "markdownDescription": "The regex description.", + "title": "Description", "type": "string" }, - "Position": { - "markdownDescription": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10.", - "title": "Position", + "Name": { + "markdownDescription": "A regex configuration.", + "title": "Name", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The regex pattern.", + "title": "Pattern", "type": "string" } }, "required": [ - "FallbackBehavior", - "HeaderName", - "Position" + "Action", + "Name", + "Pattern" ], "type": "object" }, - "AWS::WAFv2::WebACL.IPSetReferenceStatement": { + "AWS::Wisdom::AIGuardrail.GuardrailTopicConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references.", - "title": "Arn", + "Definition": { + "markdownDescription": "Definition of topic in topic policy.", + "title": "Definition", "type": "string" }, - "IPSetForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "IPSetForwardedIPConfig" + "Examples": { + "items": { + "type": "string" + }, + "markdownDescription": "Text example in topic policy.", + "title": "Examples", + "type": "array" + }, + "Name": { + "markdownDescription": "Name of topic in topic policy.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Type of topic in a policy.", + "title": "Type", + "type": "string" } }, "required": [ - "Arn" + "Definition", + "Name", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.ImmunityTimeProperty": { + "AWS::Wisdom::AIGuardrail.GuardrailWordConfig": { "additionalProperties": false, "properties": { - "ImmunityTime": { - "markdownDescription": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300.", - "title": "ImmunityTime", - "type": "number" + "Text": { + "markdownDescription": "The custom word text.", + "title": "Text", + "type": "string" } }, "required": [ - "ImmunityTime" + "Text" ], "type": "object" }, - "AWS::WAFv2::WebACL.JA3Fingerprint": { + "AWS::Wisdom::AIGuardrailVersion": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIGuardrailId": { + "markdownDescription": "The ID of the AI guardrail version.", + "title": "AIGuardrailId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The ID of the AI guardrail version assistant.", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The modified time of the AI guardrail version in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } + }, + "required": [ + "AIGuardrailId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIGuardrailVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FallbackBehavior" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.JsonBody": { + "AWS::Wisdom::AIPrompt": { "additionalProperties": false, "properties": { - "InvalidFallbackBehavior": { - "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", - "title": "InvalidFallbackBehavior", + "Condition": { "type": "string" }, - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonMatchPattern", - "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", - "title": "MatchPattern" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MatchScope": { - "markdownDescription": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiFormat": { + "markdownDescription": "The API format used for this AI Prompt.", + "title": "ApiFormat", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the AI Prompt.", + "title": "Description", + "type": "string" + }, + "ModelId": { + "markdownDescription": "The identifier of the model used for this AI Prompt. The following model Ids are supported:\n\n- `anthropic.claude-3-haiku--v1:0`\n- `apac.amazon.nova-lite-v1:0`\n- `apac.amazon.nova-micro-v1:0`\n- `apac.amazon.nova-pro-v1:0`\n- `apac.anthropic.claude-3-5-sonnet--v2:0`\n- `apac.anthropic.claude-3-haiku-20240307-v1:0`\n- `eu.amazon.nova-lite-v1:0`\n- `eu.amazon.nova-micro-v1:0`\n- `eu.amazon.nova-pro-v1:0`\n- `eu.anthropic.claude-3-7-sonnet-20250219-v1:0`\n- `eu.anthropic.claude-3-haiku-20240307-v1:0`\n- `us.amazon.nova-lite-v1:0`\n- `us.amazon.nova-micro-v1:0`\n- `us.amazon.nova-pro-v1:0`\n- `us.anthropic.claude-3-5-haiku-20241022-v1:0`\n- `us.anthropic.claude-3-7-sonnet-20250219-v1:0`\n- `us.anthropic.claude-3-haiku-20240307-v1:0`", + "title": "ModelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Prompt", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt.AIPromptTemplateConfiguration", + "markdownDescription": "The configuration of the prompt template for this AI Prompt.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of the prompt template for this AI Prompt.", + "title": "TemplateType", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of this AI Prompt.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ApiFormat", + "ModelId", + "TemplateConfiguration", + "TemplateType", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIPrompt" + ], "type": "string" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", - "title": "OversizeHandling", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MatchPattern", - "MatchScope" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.JsonMatchPattern": { + "AWS::Wisdom::AIPrompt.AIPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Match all of the elements. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nYou must specify either this setting or the `IncludedPaths` setting, but not both.", - "title": "All", - "type": "object" - }, - "IncludedPaths": { - "items": { - "type": "string" - }, - "markdownDescription": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n> Don't use this option to include all paths. Instead, use the `All` setting.", - "title": "IncludedPaths", - "type": "array" + "TextFullAIPromptEditTemplateConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt.TextFullAIPromptEditTemplateConfiguration", + "markdownDescription": "The configuration for a prompt template that supports full textual prompt configuration using a YAML prompt.", + "title": "TextFullAIPromptEditTemplateConfiguration" } }, + "required": [ + "TextFullAIPromptEditTemplateConfiguration" + ], "type": "object" }, - "AWS::WAFv2::WebACL.Label": { + "AWS::Wisdom::AIPrompt.TextFullAIPromptEditTemplateConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The label string.", - "title": "Name", + "Text": { + "markdownDescription": "The YAML text for the AI Prompt template.", + "title": "Text", "type": "string" } }, "required": [ - "Name" + "Text" ], "type": "object" }, - "AWS::WAFv2::WebACL.LabelMatchStatement": { + "AWS::Wisdom::AIPromptVersion": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` .", - "title": "Key", + "Condition": { "type": "string" }, - "Scope": { - "markdownDescription": "Specify whether you want to match using the label name or just the namespace.", - "title": "Scope", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIPromptId": { + "markdownDescription": "The identifier of the Amazon Q in Connect AI prompt.", + "title": "AIPromptId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The time the AI Prompt version was last modified in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } + }, + "required": [ + "AIPromptId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIPromptVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Scope" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { + "AWS::Wisdom::Assistant": { "additionalProperties": false, "properties": { - "AWSManagedRulesACFPRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet", - "markdownDescription": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesACFPRuleSet" + "Condition": { + "type": "string" }, - "AWSManagedRulesATPRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", - "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesATPRuleSet" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AWSManagedRulesBotControlRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet", - "markdownDescription": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesBotControlRuleSet" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LoginPath": { - "markdownDescription": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", - "title": "LoginPath", - "type": "string" + "Metadata": { + "type": "object" }, - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "PasswordField" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the assistant.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the assistant.", + "title": "Name", + "type": "string" + }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration", + "markdownDescription": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) .", + "title": "ServerSideEncryptionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of assistant.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" }, - "PayloadType": { - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "PayloadType", + "Type": { + "enum": [ + "AWS::Wisdom::Assistant" + ], "type": "string" }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "UsernameField" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ManagedRuleGroupStatement": { + "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "ExcludedRules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" - }, - "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", - "title": "ExcludedRules", - "type": "array" - }, - "ManagedRuleGroupConfigs": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupConfig" - }, - "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesAntiDDoSRuleSet` configuration object to configure the anti-DDoS managed rule group. The configuration includes the sensitivity levels to use in the rules that typically block and challenge requests that might be participating in DDoS attacks and the specification to use to indicate whether a request can handle a silent browser challenge.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", - "title": "ManagedRuleGroupConfigs", - "type": "array" + "KmsKeyId": { + "markdownDescription": "The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Wisdom::AssistantAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "Name": { - "markdownDescription": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RuleActionOverrides": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" - }, - "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", - "title": "RuleActionOverrides", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", - "title": "ScopeDownStatement" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Wisdom assistant.", + "title": "AssistantId", + "type": "string" + }, + "Association": { + "$ref": "#/definitions/AWS::Wisdom::AssistantAssociation.AssociationData", + "markdownDescription": "The identifier of the associated resource.", + "title": "Association" + }, + "AssociationType": { + "markdownDescription": "The type of association.", + "title": "AssociationType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AssistantId", + "Association", + "AssociationType" + ], + "type": "object" }, - "VendorName": { - "markdownDescription": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.", - "title": "VendorName", + "Type": { + "enum": [ + "AWS::Wisdom::AssistantAssociation" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "VendorName" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.NotStatement": { - "additionalProperties": false, - "properties": { - "Statement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "The statement to negate. You can use any statement that can be nested.", - "title": "Statement" - } - }, - "required": [ - "Statement" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.OrStatement": { + "AWS::Wisdom::AssistantAssociation.AssociationData": { "additionalProperties": false, "properties": { - "Statements": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" - }, - "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", - "title": "Statements", - "type": "array" + "KnowledgeBaseId": { + "markdownDescription": "The identifier of the knowledge base.", + "title": "KnowledgeBaseId", + "type": "string" } }, "required": [ - "Statements" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::WAFv2::WebACL.OverrideAction": { + "AWS::Wisdom::KnowledgeBase": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "Override the rule group evaluation result to count only.\n\n> This option is usually set to none. It does not affect how the rules in the rule group are evaluated. If you want the rules in the rule group to only count matches, do not use this and instead use the rule action override option, with `Count` action, in your rule group reference statement settings.", - "title": "Count", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { "type": "object" }, - "None": { - "markdownDescription": "Don't override the rule group evaluation result. This is the most common setting.", - "title": "None", + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description.", + "title": "Description", + "type": "string" + }, + "KnowledgeBaseType": { + "markdownDescription": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically.", + "title": "KnowledgeBaseType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the knowledge base.", + "title": "Name", + "type": "string" + }, + "RenderingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.RenderingConfiguration", + "markdownDescription": "Information about how to render the content.", + "title": "RenderingConfiguration" + }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration", + "markdownDescription": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "ServerSideEncryptionConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SourceConfiguration", + "markdownDescription": "The source of the knowledge base content. Only set this argument for EXTERNAL or Managed knowledge bases.", + "title": "SourceConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "VectorIngestionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.VectorIngestionConfiguration", + "markdownDescription": "Contains details about how to ingest the documents in a data source.", + "title": "VectorIngestionConfiguration" + } + }, + "required": [ + "KnowledgeBaseType", + "Name" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::KnowledgeBase" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::WAFv2::WebACL.RateBasedStatement": { + "AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration": { "additionalProperties": false, "properties": { - "AggregateKeyType": { - "markdownDescription": "Setting that indicates how to aggregate the request counts.\n\n> Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` .", - "title": "AggregateKeyType", + "AppIntegrationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AppIntegrations DataIntegration to use for ingesting content.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` as source fields.\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` as source fields.\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , your AppIntegrations DataIntegration must have an ObjectConfiguration if `objectFields` is not provided, including at least `id` , `title` , `updated_at` , and `draft` as source fields.\n- For [SharePoint](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-net-server-csom-jsom-and-rest-api-index) , your AppIntegrations DataIntegration must have a FileConfiguration, including only file extensions that are among `docx` , `pdf` , `html` , `htm` , and `txt` .\n- For [Amazon S3](https://docs.aws.amazon.com/s3/) , the ObjectConfiguration and FileConfiguration of your AppIntegrations DataIntegration must be null. The `SourceURI` of your DataIntegration must use the following format: `s3://your_s3_bucket_name` .\n\n> The bucket policy of the corresponding S3 bucket must allow the AWS principal `app-integrations.amazonaws.com` to perform `s3:ListBucket` , `s3:GetObject` , and `s3:GetBucketLocation` against the bucket.", + "title": "AppIntegrationArn", "type": "string" }, - "CustomKeys": { + "ObjectFields": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" + "type": "string" }, - "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", - "title": "CustomKeys", + "markdownDescription": "The fields from the source that are made available to your agents in Amazon Q in Connect. Optional if ObjectConfiguration is included in the provided DataIntegration.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , you must include at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` .\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , you must include at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` .\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , you must include at least `id` , `title` , `updated_at` , and `draft` .\n\nMake sure to include additional fields. These fields are indexed and used to source recommendations.", + "title": "ObjectFields", "type": "array" - }, - "EvaluationWindowSec": { - "markdownDescription": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)", - "title": "EvaluationWindowSec", - "type": "number" - }, - "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", - "title": "ForwardedIPConfig" - }, - "Limit": { - "markdownDescription": "The limit on requests during the specified evaluation window for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair.", - "title": "Limit", - "type": "number" - }, - "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", - "title": "ScopeDownStatement" } }, "required": [ - "AggregateKeyType", - "Limit" + "AppIntegrationArn" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { + "AWS::Wisdom::KnowledgeBase.BedrockFoundationModelConfiguration": { "additionalProperties": false, "properties": { - "Cookie": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie", - "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", - "title": "Cookie" - }, - "ForwardedIP": { - "markdownDescription": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", - "title": "ForwardedIP", - "type": "object" - }, - "HTTPMethod": { - "markdownDescription": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", - "title": "HTTPMethod", - "type": "object" - }, - "Header": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader", - "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", - "title": "Header" - }, - "IP": { - "markdownDescription": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` .", - "title": "IP", - "type": "object" - }, - "LabelNamespace": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace", - "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", - "title": "LabelNamespace" - }, - "QueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument", - "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", - "title": "QueryArgument" - }, - "QueryString": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString", - "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", - "title": "QueryString" + "ModelArn": { + "markdownDescription": "The model ARN of the Bedrock foundation model.", + "title": "ModelArn", + "type": "string" }, - "UriPath": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath", - "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", - "title": "UriPath" + "ParsingPrompt": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ParsingPrompt", + "markdownDescription": "The parsing prompt of the Bedrock foundation model configuration.", + "title": "ParsingPrompt" } }, + "required": [ + "ModelArn" + ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitCookie": { + "AWS::Wisdom::KnowledgeBase.ChunkingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the cookie to use.", - "title": "Name", + "ChunkingStrategy": { + "markdownDescription": "Knowledge base can split your source data into chunks. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.", + "title": "ChunkingStrategy", "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "FixedSizeChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.FixedSizeChunkingConfiguration", + "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", + "title": "FixedSizeChunkingConfiguration" + }, + "HierarchicalChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.HierarchicalChunkingConfiguration", + "markdownDescription": "Settings for hierarchical document chunking for a data source. Hierarchical chunking splits documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.", + "title": "HierarchicalChunkingConfiguration" + }, + "SemanticChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SemanticChunkingConfiguration", + "markdownDescription": "Settings for semantic document chunking for a data source. Semantic chunking splits a document into smaller documents based on groups of similar content derived from the text with natural language processing.", + "title": "SemanticChunkingConfiguration" } }, "required": [ - "Name", - "TextTransformations" + "ChunkingStrategy" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitHeader": { + "AWS::Wisdom::KnowledgeBase.CrawlerLimits": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the header to use.", - "title": "Name", - "type": "string" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "RateLimit": { + "markdownDescription": "The limit rate at which the crawler is configured.", + "title": "RateLimit", + "type": "number" } }, - "required": [ - "Name", - "TextTransformations" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { + "AWS::Wisdom::KnowledgeBase.FixedSizeChunkingConfiguration": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "The namespace to use for aggregation.", - "title": "Namespace", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to include in a chunk.", + "title": "MaxTokens", + "type": "number" + }, + "OverlapPercentage": { + "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", + "title": "OverlapPercentage", + "type": "number" } }, "required": [ - "Namespace" + "MaxTokens", + "OverlapPercentage" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitQueryArgument": { + "AWS::Wisdom::KnowledgeBase.HierarchicalChunkingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the query argument to use.", - "title": "Name", - "type": "string" - }, - "TextTransformations": { + "LevelConfigurations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.HierarchicalChunkingLevelConfiguration" }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", + "markdownDescription": "Token settings for each layer.", + "title": "LevelConfigurations", "type": "array" + }, + "OverlapTokens": { + "markdownDescription": "The number of tokens to repeat across chunks in the same layer.", + "title": "OverlapTokens", + "type": "number" } }, "required": [ - "Name", - "TextTransformations" + "LevelConfigurations", + "OverlapTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitQueryString": { + "AWS::Wisdom::KnowledgeBase.HierarchicalChunkingLevelConfiguration": { "additionalProperties": false, "properties": { - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain in this layer.", + "title": "MaxTokens", + "type": "number" } }, "required": [ - "TextTransformations" + "MaxTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitUriPath": { + "AWS::Wisdom::KnowledgeBase.ManagedSourceConfiguration": { "additionalProperties": false, "properties": { - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "WebCrawlerConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.WebCrawlerConfiguration", + "markdownDescription": "Configuration data for web crawler data source.", + "title": "WebCrawlerConfiguration" } }, "required": [ - "TextTransformations" + "WebCrawlerConfiguration" ], "type": "object" }, - "AWS::WAFv2::WebACL.RegexMatchStatement": { + "AWS::Wisdom::KnowledgeBase.ParsingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.BedrockFoundationModelConfiguration", + "markdownDescription": "Settings for a foundation model used to parse documents for a data source.", + "title": "BedrockFoundationModelConfiguration" }, - "RegexString": { - "markdownDescription": "The string representing the regular expression.", - "title": "RegexString", + "ParsingStrategy": { + "markdownDescription": "The parsing strategy for the data source.", + "title": "ParsingStrategy", "type": "string" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" } }, "required": [ - "FieldToMatch", - "RegexString", - "TextTransformations" + "ParsingStrategy" ], "type": "object" }, - "AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement": { + "AWS::Wisdom::KnowledgeBase.ParsingPrompt": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references.", - "title": "Arn", + "ParsingPromptText": { + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPromptText", "type": "string" - }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" } }, "required": [ - "Arn", - "FieldToMatch", - "TextTransformations" + "ParsingPromptText" ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig": { + "AWS::Wisdom::KnowledgeBase.RenderingConfiguration": { "additionalProperties": false, "properties": { - "DefaultSizeInspectionLimit": { - "markdownDescription": "Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 bytes)`", - "title": "DefaultSizeInspectionLimit", + "TemplateUri": { + "markdownDescription": "A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following:\n\n- Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted`\n- ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active`\n- Zendesk: `id` , `title` , `updated_at` , or `draft`\n\nThe variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) .", + "title": "TemplateUri", "type": "string" } }, - "required": [ - "DefaultSizeInspectionLimit" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestInspection": { + "AWS::Wisdom::KnowledgeBase.SeedUrl": { "additionalProperties": false, "properties": { - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", - "title": "PasswordField" - }, - "PayloadType": { - "markdownDescription": "The payload type for your login endpoint, either JSON or form encoded.", - "title": "PayloadType", + "Url": { + "markdownDescription": "URL for crawling", + "title": "Url", "type": "string" - }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", - "title": "UsernameField" } }, - "required": [ - "PasswordField", - "PayloadType", - "UsernameField" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestInspectionACFP": { + "AWS::Wisdom::KnowledgeBase.SemanticChunkingConfiguration": { "additionalProperties": false, "properties": { - "AddressFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" - }, - "markdownDescription": "The names of the fields in the request payload that contain your customer's primary physical address.\n\nOrder the address fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the address fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` .", - "title": "AddressFields", - "type": "array" - }, - "EmailField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's email.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"email\": \"THE_EMAIL\" } }` , the email field specification is `/form/email` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `email1` , the email field specification is `email1` .", - "title": "EmailField" - }, - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", - "title": "PasswordField" - }, - "PayloadType": { - "markdownDescription": "The payload type for your account creation endpoint, either JSON or form encoded.", - "title": "PayloadType", - "type": "string" + "BreakpointPercentileThreshold": { + "markdownDescription": "The dissimilarity threshold for splitting chunks.", + "title": "BreakpointPercentileThreshold", + "type": "number" }, - "PhoneNumberFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" - }, - "markdownDescription": "The names of the fields in the request payload that contain your customer's primary phone number.\n\nOrder the phone number fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the phone number fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` .", - "title": "PhoneNumberFields", - "type": "array" + "BufferSize": { + "markdownDescription": "The buffer size.", + "title": "BufferSize", + "type": "number" }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", - "title": "UsernameField" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain.", + "title": "MaxTokens", + "type": "number" } }, "required": [ - "PayloadType" + "BreakpointPercentileThreshold", + "BufferSize", + "MaxTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspection": { + "AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "BodyContains": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionBodyContains", - "markdownDescription": "Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.", - "title": "BodyContains" - }, - "Header": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionHeader", - "markdownDescription": "Configures inspection of the response header for success and failure indicators.", - "title": "Header" - }, - "Json": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionJson", - "markdownDescription": "Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.", - "title": "Json" - }, - "StatusCode": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionStatusCode", - "markdownDescription": "Configures inspection of the response status code for success and failure indicators.", - "title": "StatusCode" + "KmsKeyId": { + "markdownDescription": "The customer managed key used for encryption.\n\nThis customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom.\n\nFor more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) .", + "title": "KmsKeyId", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionBodyContains": { + "AWS::Wisdom::KnowledgeBase.SourceConfiguration": { "additionalProperties": false, "properties": { - "FailureStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Request failed\" ]`", - "title": "FailureStrings", - "type": "array" + "AppIntegrations": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration", + "markdownDescription": "Configuration information for Amazon AppIntegrations to automatically ingest content.", + "title": "AppIntegrations" }, - "SuccessStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON examples: `\"SuccessStrings\": [ \"Login successful\" ]` and `\"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]`", - "title": "SuccessStrings", - "type": "array" + "ManagedSourceConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ManagedSourceConfiguration", + "markdownDescription": "Source configuration for managed resources.", + "title": "ManagedSourceConfiguration" } }, - "required": [ - "FailureStrings", - "SuccessStrings" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionHeader": { + "AWS::Wisdom::KnowledgeBase.UrlConfiguration": { "additionalProperties": false, "properties": { - "FailureValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]` and `\"FailureValues\": [ \"AccountCreationFailed\" ]`", - "title": "FailureValues", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"RequestResult\" ]`", - "title": "Name", - "type": "string" - }, - "SuccessValues": { + "SeedUrls": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SeedUrl" }, - "markdownDescription": "Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]` and `\"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]`", - "title": "SuccessValues", + "markdownDescription": "List of URLs for crawling.", + "title": "SeedUrls", "type": "array" } }, - "required": [ - "FailureValues", - "Name", - "SuccessValues" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionJson": { + "AWS::Wisdom::KnowledgeBase.VectorIngestionConfiguration": { "additionalProperties": false, "properties": { - "FailureValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`", - "title": "FailureValues", - "type": "array" - }, - "Identifier": { - "markdownDescription": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON examples: `\"Identifier\": [ \"/login/success\" ]` and `\"Identifier\": [ \"/sign-up/success\" ]`", - "title": "Identifier", - "type": "string" + "ChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ChunkingConfiguration", + "markdownDescription": "Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", + "title": "ChunkingConfiguration" }, - "SuccessValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`", - "title": "SuccessValues", - "type": "array" + "ParsingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ParsingConfiguration", + "markdownDescription": "A custom parser for data source documents.", + "title": "ParsingConfiguration" } }, - "required": [ - "FailureValues", - "Identifier", - "SuccessValues" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionStatusCode": { + "AWS::Wisdom::KnowledgeBase.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "FailureCodes": { + "CrawlerLimits": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.CrawlerLimits", + "markdownDescription": "The configuration of crawl limits for the web URLs.", + "title": "CrawlerLimits" + }, + "ExclusionFilters": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`", - "title": "FailureCodes", + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "ExclusionFilters", "type": "array" }, - "SuccessCodes": { + "InclusionFilters": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`", - "title": "SuccessCodes", + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "InclusionFilters", "type": "array" + }, + "Scope": { + "markdownDescription": "The scope of what is crawled for your URLs. You can choose to crawl only web pages that belong to the same host or primary domain. For example, only web pages that contain the seed URL `https://docs.aws.amazon.com/bedrock/latest/userguide/` and no other domains. You can choose to include sub domains in addition to the host or primary domain. For example, web pages that contain `aws.amazon.com` can also include sub domain `docs.aws.amazon.com` .", + "title": "Scope", + "type": "string" + }, + "UrlConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.UrlConfiguration", + "markdownDescription": "The configuration of the URL/URLs for the web content that you want to crawl. You should be authorized to crawl the URLs.", + "title": "UrlConfiguration" } }, "required": [ - "FailureCodes", - "SuccessCodes" + "UrlConfiguration" ], "type": "object" }, - "AWS::WAFv2::WebACL.Rule": { + "AWS::Wisdom::MessageTemplate": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", - "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting.\n\nThis is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nYou must set either this `Action` setting or the rule's `OverrideAction` , but not both:\n\n- If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting.\n- If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group.", - "title": "Action" - }, - "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", - "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", - "title": "CaptchaConfig" - }, - "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", - "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", - "title": "ChallengeConfig" + "Condition": { + "type": "string" }, - "Name": { - "markdownDescription": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "OverrideAction": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.OverrideAction", - "markdownDescription": "The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nSet the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.\n\nYou must set either this `OverrideAction` setting or the `Action` setting, but not both:\n\n- If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting.\n- If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting.", - "title": "OverrideAction" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Priority": { - "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", - "title": "Priority", - "type": "number" + "Metadata": { + "type": "object" }, - "RuleLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Label" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelSubtype": { + "markdownDescription": "The channel subtype this message template applies to.", + "title": "ChannelSubtype", + "type": "string" + }, + "Content": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.Content", + "markdownDescription": "The content of the message template.", + "title": "Content" + }, + "DefaultAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateAttributes", + "markdownDescription": "An object that specifies the default values to use for variables in the message template. This object contains different categories of key-value pairs. Each key defines a variable or placeholder in the message template. The corresponding value defines the default value for that variable.", + "title": "DefaultAttributes" + }, + "Description": { + "markdownDescription": "The description of the message template.", + "title": "Description", + "type": "string" + }, + "GroupingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.GroupingConfiguration", + "markdownDescription": "The configuration information of the external data source.", + "title": "GroupingConfiguration" + }, + "KnowledgeBaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the knowledge base.", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "Language": { + "markdownDescription": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "title": "Language", + "type": "string" + }, + "MessageTemplateAttachments": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateAttachment" + }, + "markdownDescription": "List of message template attachments.", + "title": "MessageTemplateAttachments", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the message template.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", - "title": "RuleLabels", - "type": "array" + "required": [ + "ChannelSubtype", + "Content", + "KnowledgeBaseArn", + "Name" + ], + "type": "object" }, - "Statement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", - "title": "Statement" + "Type": { + "enum": [ + "AWS::Wisdom::MessageTemplate" + ], + "type": "string" }, - "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", - "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", - "title": "VisibilityConfig" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "Priority", - "Statement", - "VisibilityConfig" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.RuleAction": { + "AWS::Wisdom::MessageTemplate.AgentAttributes": { "additionalProperties": false, "properties": { - "Allow": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", - "markdownDescription": "Instructs AWS WAF to allow the web request.", - "title": "Allow" - }, - "Block": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", - "markdownDescription": "Instructs AWS WAF to block the web request.", - "title": "Block" - }, - "Captcha": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaAction", - "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", - "title": "Captcha" - }, - "Challenge": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeAction", - "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", - "title": "Challenge" + "FirstName": { + "markdownDescription": "The agent\u2019s first name as entered in their Amazon Connect user account.", + "title": "FirstName", + "type": "string" }, - "Count": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CountAction", - "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", - "title": "Count" + "LastName": { + "markdownDescription": "The agent\u2019s last name as entered in their Amazon Connect user account.", + "title": "LastName", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.RuleActionOverride": { + "AWS::Wisdom::MessageTemplate.Content": { "additionalProperties": false, "properties": { - "ActionToUse": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", - "markdownDescription": "The override action to use, in place of the configured action of the rule in the rule group.", - "title": "ActionToUse" + "EmailMessageTemplateContent": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateContent", + "markdownDescription": "The content of the message template that applies to the email channel subtype.", + "title": "EmailMessageTemplateContent" }, - "Name": { - "markdownDescription": "The name of the rule to override.", - "title": "Name", - "type": "string" + "SmsMessageTemplateContent": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SmsMessageTemplateContent", + "markdownDescription": "The content of message template that applies to SMS channel subtype.", + "title": "SmsMessageTemplateContent" } }, - "required": [ - "ActionToUse", - "Name" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RuleGroupReferenceStatement": { + "AWS::Wisdom::MessageTemplate.CustomerProfileAttributes": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the entity.", - "title": "Arn", + "AccountNumber": { + "markdownDescription": "A unique account number that you have given to the customer.", + "title": "AccountNumber", "type": "string" }, - "ExcludedRules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" - }, - "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", - "title": "ExcludedRules", - "type": "array" + "AdditionalInformation": { + "markdownDescription": "Any additional information relevant to the customer's profile.", + "title": "AdditionalInformation", + "type": "string" }, - "RuleActionOverrides": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" - }, - "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", - "title": "RuleActionOverrides", - "type": "array" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SingleHeader": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the query header to inspect.", - "title": "Name", + "Address1": { + "markdownDescription": "The first line of a customer address.", + "title": "Address1", "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SingleQueryArgument": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the query argument to inspect.", - "title": "Name", + }, + "Address2": { + "markdownDescription": "The second line of a customer address.", + "title": "Address2", "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SizeConstraintStatement": { - "additionalProperties": false, - "properties": { - "ComparisonOperator": { - "markdownDescription": "The operator to use to compare the request part to the size setting.", - "title": "ComparisonOperator", + }, + "Address3": { + "markdownDescription": "The third line of a customer address.", + "title": "Address3", "type": "string" }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "Address4": { + "markdownDescription": "The fourth line of a customer address.", + "title": "Address4", + "type": "string" }, - "Size": { - "markdownDescription": "The size, in byte, to compare to the request part, after any transformations.", - "title": "Size", - "type": "number" + "BillingAddress1": { + "markdownDescription": "The first line of a customer\u2019s billing address.", + "title": "BillingAddress1", + "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" - } - }, - "required": [ - "ComparisonOperator", - "FieldToMatch", - "Size", - "TextTransformations" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SqliMatchStatement": { - "additionalProperties": false, - "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "BillingAddress2": { + "markdownDescription": "The second line of a customer\u2019s billing address.", + "title": "BillingAddress2", + "type": "string" }, - "SensitivityLevel": { - "markdownDescription": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`", - "title": "SensitivityLevel", + "BillingAddress3": { + "markdownDescription": "The third line of a customer\u2019s billing address.", + "title": "BillingAddress3", "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "BillingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s billing address.", + "title": "BillingAddress4", + "type": "string" + }, + "BillingCity": { + "markdownDescription": "The city of a customer\u2019s billing address.", + "title": "BillingCity", + "type": "string" + }, + "BillingCountry": { + "markdownDescription": "The country of a customer\u2019s billing address.", + "title": "BillingCountry", + "type": "string" + }, + "BillingCounty": { + "markdownDescription": "The county of a customer\u2019s billing address.", + "title": "BillingCounty", + "type": "string" + }, + "BillingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s billing address.", + "title": "BillingPostalCode", + "type": "string" + }, + "BillingProvince": { + "markdownDescription": "The province of a customer\u2019s billing address.", + "title": "BillingProvince", + "type": "string" + }, + "BillingState": { + "markdownDescription": "The state of a customer\u2019s billing address.", + "title": "BillingState", + "type": "string" + }, + "BirthDate": { + "markdownDescription": "The customer's birth date.", + "title": "BirthDate", + "type": "string" + }, + "BusinessEmailAddress": { + "markdownDescription": "The customer's business email address.", + "title": "BusinessEmailAddress", + "type": "string" + }, + "BusinessName": { + "markdownDescription": "The name of the customer's business.", + "title": "BusinessName", + "type": "string" + }, + "BusinessPhoneNumber": { + "markdownDescription": "The customer's business phone number.", + "title": "BusinessPhoneNumber", + "type": "string" + }, + "City": { + "markdownDescription": "The city in which a customer lives.", + "title": "City", + "type": "string" + }, + "Country": { + "markdownDescription": "The country in which a customer lives.", + "title": "Country", + "type": "string" + }, + "County": { + "markdownDescription": "The county in which a customer lives.", + "title": "County", + "type": "string" + }, + "Custom": { + "additionalProperties": true, + "markdownDescription": "The custom attributes in customer profile attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" - } - }, - "required": [ - "FieldToMatch", - "TextTransformations" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.Statement": { - "additionalProperties": false, - "properties": { - "AndStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AndStatement", - "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", - "title": "AndStatement" + "title": "Custom", + "type": "object" }, - "ByteMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ByteMatchStatement", - "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", - "title": "ByteMatchStatement" + "EmailAddress": { + "markdownDescription": "The customer's email address, which has not been specified as a personal or business address.", + "title": "EmailAddress", + "type": "string" }, - "GeoMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.GeoMatchStatement", - "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", - "title": "GeoMatchStatement" + "FirstName": { + "markdownDescription": "The customer's first name.", + "title": "FirstName", + "type": "string" }, - "IPSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetReferenceStatement", - "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", - "title": "IPSetReferenceStatement" + "Gender": { + "markdownDescription": "The customer's gender.", + "title": "Gender", + "type": "string" }, - "LabelMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.LabelMatchStatement", - "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", - "title": "LabelMatchStatement" + "HomePhoneNumber": { + "markdownDescription": "The customer's mobile phone number.", + "title": "HomePhoneNumber", + "type": "string" }, - "ManagedRuleGroupStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupStatement", - "markdownDescription": "A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` .\n\nYou cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule.\n\n> You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", - "title": "ManagedRuleGroupStatement" + "LastName": { + "markdownDescription": "The customer's last name.", + "title": "LastName", + "type": "string" }, - "NotStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.NotStatement", - "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", - "title": "NotStatement" + "MailingAddress1": { + "markdownDescription": "The first line of a customer\u2019s mailing address.", + "title": "MailingAddress1", + "type": "string" }, - "OrStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.OrStatement", - "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", - "title": "OrStatement" + "MailingAddress2": { + "markdownDescription": "The second line of a customer\u2019s mailing address.", + "title": "MailingAddress2", + "type": "string" }, - "RateBasedStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatement", - "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", - "title": "RateBasedStatement" + "MailingAddress3": { + "markdownDescription": "The third line of a customer\u2019s mailing address.", + "title": "MailingAddress3", + "type": "string" }, - "RegexMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexMatchStatement", - "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", - "title": "RegexMatchStatement" + "MailingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s mailing address.", + "title": "MailingAddress4", + "type": "string" }, - "RegexPatternSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement", - "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", - "title": "RegexPatternSetReferenceStatement" + "MailingCity": { + "markdownDescription": "The city of a customer\u2019s mailing address.", + "title": "MailingCity", + "type": "string" }, - "RuleGroupReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleGroupReferenceStatement", - "markdownDescription": "A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.\n\nYou cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL.", - "title": "RuleGroupReferenceStatement" + "MailingCountry": { + "markdownDescription": "The country of a customer\u2019s mailing address.", + "title": "MailingCountry", + "type": "string" }, - "SizeConstraintStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SizeConstraintStatement", - "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", - "title": "SizeConstraintStatement" + "MailingCounty": { + "markdownDescription": "The county of a customer\u2019s mailing address.", + "title": "MailingCounty", + "type": "string" }, - "SqliMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SqliMatchStatement", - "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", - "title": "SqliMatchStatement" + "MailingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s mailing address.", + "title": "MailingPostalCode", + "type": "string" }, - "XssMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.XssMatchStatement", - "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", - "title": "XssMatchStatement" + "MailingProvince": { + "markdownDescription": "The province of a customer\u2019s mailing address.", + "title": "MailingProvince", + "type": "string" + }, + "MailingState": { + "markdownDescription": "The state of a customer\u2019s mailing address.", + "title": "MailingState", + "type": "string" + }, + "MiddleName": { + "markdownDescription": "The customer's middle name.", + "title": "MiddleName", + "type": "string" + }, + "MobilePhoneNumber": { + "markdownDescription": "The customer's mobile phone number.", + "title": "MobilePhoneNumber", + "type": "string" + }, + "PartyType": { + "markdownDescription": "The customer's party type.", + "title": "PartyType", + "type": "string" + }, + "PhoneNumber": { + "markdownDescription": "The customer's phone number, which has not been specified as a mobile, home, or business number.", + "title": "PhoneNumber", + "type": "string" + }, + "PostalCode": { + "markdownDescription": "The postal code of a customer address.", + "title": "PostalCode", + "type": "string" + }, + "ProfileARN": { + "markdownDescription": "The ARN of a customer profile.", + "title": "ProfileARN", + "type": "string" + }, + "ProfileId": { + "markdownDescription": "The unique identifier of a customer profile.", + "title": "ProfileId", + "type": "string" + }, + "Province": { + "markdownDescription": "The province in which a customer lives.", + "title": "Province", + "type": "string" + }, + "ShippingAddress1": { + "markdownDescription": "The first line of a customer\u2019s shipping address.", + "title": "ShippingAddress1", + "type": "string" + }, + "ShippingAddress2": { + "markdownDescription": "The second line of a customer\u2019s shipping address.", + "title": "ShippingAddress2", + "type": "string" + }, + "ShippingAddress3": { + "markdownDescription": "The third line of a customer\u2019s shipping address.", + "title": "ShippingAddress3", + "type": "string" + }, + "ShippingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s shipping address.", + "title": "ShippingAddress4", + "type": "string" + }, + "ShippingCity": { + "markdownDescription": "The city of a customer\u2019s shipping address.", + "title": "ShippingCity", + "type": "string" + }, + "ShippingCountry": { + "markdownDescription": "The country of a customer\u2019s shipping address.", + "title": "ShippingCountry", + "type": "string" + }, + "ShippingCounty": { + "markdownDescription": "The county of a customer\u2019s shipping address.", + "title": "ShippingCounty", + "type": "string" + }, + "ShippingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s shipping address.", + "title": "ShippingPostalCode", + "type": "string" + }, + "ShippingProvince": { + "markdownDescription": "The province of a customer\u2019s shipping address.", + "title": "ShippingProvince", + "type": "string" + }, + "ShippingState": { + "markdownDescription": "The state of a customer\u2019s shipping address.", + "title": "ShippingState", + "type": "string" + }, + "State": { + "markdownDescription": "The state in which a customer lives.", + "title": "State", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.TextTransformation": { + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateContent": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different.", - "title": "Priority", - "type": "number" + "Body": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateContentBody", + "markdownDescription": "The body to use in email messages.", + "title": "Body" + }, + "Headers": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateHeader" + }, + "markdownDescription": "The email headers to include in email messages.", + "title": "Headers", + "type": "array" }, - "Type": { - "markdownDescription": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* .", - "title": "Type", + "Subject": { + "markdownDescription": "The subject line, or title, to use in email messages.", + "title": "Subject", "type": "string" } }, "required": [ - "Priority", - "Type" + "Body", + "Headers", + "Subject" ], "type": "object" }, - "AWS::WAFv2::WebACL.VisibilityConfig": { + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateContentBody": { "additionalProperties": false, "properties": { - "CloudWatchMetricsEnabled": { - "markdownDescription": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* .", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" + "Html": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", + "title": "Html" }, - "MetricName": { - "markdownDescription": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` .", - "title": "MetricName", + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", + "title": "PlainText" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the email header.", + "title": "Name", "type": "string" }, - "SampledRequestsEnabled": { - "markdownDescription": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\nIf you configure data protection for the web ACL, the protection applies to the web ACL's sampled web request data.\n\n> Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", - "title": "SampledRequestsEnabled", - "type": "boolean" + "Value": { + "markdownDescription": "The value of the email header.", + "title": "Value", + "type": "string" } }, - "required": [ - "CloudWatchMetricsEnabled", - "MetricName", - "SampledRequestsEnabled" - ], "type": "object" }, - "AWS::WAFv2::WebACL.XssMatchStatement": { + "AWS::Wisdom::MessageTemplate.GroupingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "Criteria": { + "markdownDescription": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", + "title": "Criteria", + "type": "string" }, - "TextTransformations": { + "Values": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "type": "string" }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", + "markdownDescription": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter.", + "title": "Values", "type": "array" } }, "required": [ - "FieldToMatch", - "TextTransformations" + "Criteria", + "Values" ], "type": "object" }, - "AWS::WAFv2::WebACLAssociation": { + "AWS::Wisdom::MessageTemplate.MessageTemplateAttachment": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttachmentId": { + "markdownDescription": "The identifier of the attachment file.", + "title": "AttachmentId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`\n- For an AWS Amplify instance: `arn: *partition* :amplify: *region* : *account-id* :apps/ *app-id*`", - "title": "ResourceArn", - "type": "string" - }, - "WebACLArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.", - "title": "WebACLArn", - "type": "string" - } - }, - "required": [ - "ResourceArn", - "WebACLArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::WebACLAssociation" - ], + "AttachmentName": { + "markdownDescription": "The name of the attachment file being uploaded. The name should include the file extension.", + "title": "AttachmentName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3PresignedUrl": { + "markdownDescription": "The S3 Presigned URL for the attachment file. When generating the PreSignedUrl, please ensure that the expires-in time is set to 30 minutes. The URL can be generated through the AWS Console or through the AWS CLI. For more information, see [Sharing objects with presigned URLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html) .", + "title": "S3PresignedUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AttachmentName", + "S3PresignedUrl" ], "type": "object" }, - "AWS::Wisdom::Assistant": { + "AWS::Wisdom::MessageTemplate.MessageTemplateAttributes": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AgentAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.AgentAttributes", + "markdownDescription": "The agent attributes that are used with the message template.", + "title": "AgentAttributes" }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the assistant.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the assistant.", - "title": "Name", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration", - "markdownDescription": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) .", - "title": "ServerSideEncryptionConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of assistant.", - "title": "Type", + "CustomAttributes": { + "additionalProperties": true, + "markdownDescription": "The custom attributes that are used with the message template.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "Name", - "Type" - ], + "title": "CustomAttributes", "type": "object" }, - "Type": { - "enum": [ - "AWS::Wisdom::Assistant" - ], - "type": "string" + "CustomerProfileAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.CustomerProfileAttributes", + "markdownDescription": "The customer profile attributes that are used with the message template.", + "title": "CustomerProfileAttributes" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SystemAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemAttributes", + "markdownDescription": "The system attributes that are used with the message template.", + "title": "SystemAttributes" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content of the message template.", + "title": "Content", "type": "string" } }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.SmsMessageTemplateContent": { + "additionalProperties": false, + "properties": { + "Body": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SmsMessageTemplateContentBody", + "markdownDescription": "The body to use in SMS messages.", + "title": "Body" + } + }, "required": [ - "Type", - "Properties" + "Body" ], "type": "object" }, - "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { + "AWS::Wisdom::MessageTemplate.SmsMessageTemplateContentBody": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKeyId", + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body to use in SMS messages.", + "title": "PlainText" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.SystemAttributes": { + "additionalProperties": false, + "properties": { + "CustomerEndpoint": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemEndpointAttributes", + "markdownDescription": "The CustomerEndpoint attribute.", + "title": "CustomerEndpoint" + }, + "Name": { + "markdownDescription": "The name of the task.", + "title": "Name", "type": "string" + }, + "SystemEndpoint": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemEndpointAttributes", + "markdownDescription": "The SystemEndpoint attribute.", + "title": "SystemEndpoint" } }, "type": "object" }, - "AWS::Wisdom::AssistantAssociation": { + "AWS::Wisdom::MessageTemplate.SystemEndpointAttributes": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The customer's phone number if used with `customerEndpoint` , or the number the customer dialed to call your contact center if used with `systemEndpoint` .", + "title": "Address", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplateVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -271480,40 +324295,25 @@ "Properties": { "additionalProperties": false, "properties": { - "AssistantId": { - "markdownDescription": "The identifier of the Wisdom assistant.", - "title": "AssistantId", + "MessageTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the message template.", + "title": "MessageTemplateArn", "type": "string" }, - "Association": { - "$ref": "#/definitions/AWS::Wisdom::AssistantAssociation.AssociationData", - "markdownDescription": "The identifier of the associated resource.", - "title": "Association" - }, - "AssociationType": { - "markdownDescription": "The type of association.", - "title": "AssociationType", + "MessageTemplateContentSha256": { + "markdownDescription": "The content SHA256 of the message template.", + "title": "MessageTemplateContentSha256", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" } }, "required": [ - "AssistantId", - "Association", - "AssociationType" + "MessageTemplateArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Wisdom::AssistantAssociation" + "AWS::Wisdom::MessageTemplateVersion" ], "type": "string" }, @@ -271532,21 +324332,7 @@ ], "type": "object" }, - "AWS::Wisdom::AssistantAssociation.AssociationData": { - "additionalProperties": false, - "properties": { - "KnowledgeBaseId": { - "markdownDescription": "The identifier of the knowledge base.", - "title": "KnowledgeBaseId", - "type": "string" - } - }, - "required": [ - "KnowledgeBaseId" - ], - "type": "object" - }, - "AWS::Wisdom::KnowledgeBase": { + "AWS::Wisdom::QuickResponse": { "additionalProperties": false, "properties": { "Condition": { @@ -271581,35 +324367,58 @@ "Properties": { "additionalProperties": false, "properties": { + "Channels": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Connect contact channels this quick response applies to. The supported contact channel types include `Chat` .", + "title": "Channels", + "type": "array" + }, + "Content": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The content of the quick response.", + "title": "Content" + }, + "ContentType": { + "markdownDescription": "The media type of the quick response content.\n\n- Use `application/x.quickresponse;format=plain` for quick response written in plain text.\n- Use `application/x.quickresponse;format=markdown` for quick response written in richtext.", + "title": "ContentType", + "type": "string" + }, "Description": { - "markdownDescription": "The description.", + "markdownDescription": "The description of the quick response.", "title": "Description", "type": "string" }, - "KnowledgeBaseType": { - "markdownDescription": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically.", - "title": "KnowledgeBaseType", + "GroupingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.GroupingConfiguration", + "markdownDescription": "The configuration information of the user groups that the quick response is accessible to.", + "title": "GroupingConfiguration" + }, + "IsActive": { + "markdownDescription": "Whether the quick response is active.", + "title": "IsActive", + "type": "boolean" + }, + "KnowledgeBaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the knowledge base.", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "Language": { + "markdownDescription": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "title": "Language", "type": "string" }, "Name": { - "markdownDescription": "The name of the knowledge base.", + "markdownDescription": "The name of the quick response.", "title": "Name", "type": "string" }, - "RenderingConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.RenderingConfiguration", - "markdownDescription": "Information about how to render the content.", - "title": "RenderingConfiguration" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration", - "markdownDescription": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "ServerSideEncryptionConfiguration" - }, - "SourceConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SourceConfiguration", - "markdownDescription": "The source of the knowledge base content. Only set this argument for EXTERNAL or Managed knowledge bases.", - "title": "SourceConfiguration" + "ShortcutKey": { + "markdownDescription": "The shortcut key of the quick response. The value should be unique across the knowledge base.", + "title": "ShortcutKey", + "type": "string" }, "Tags": { "items": { @@ -271621,14 +324430,15 @@ } }, "required": [ - "KnowledgeBaseType", + "Content", + "KnowledgeBaseArn", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Wisdom::KnowledgeBase" + "AWS::Wisdom::QuickResponse" ], "type": "string" }, @@ -271647,62 +324457,54 @@ ], "type": "object" }, - "AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration": { + "AWS::Wisdom::QuickResponse.GroupingConfiguration": { "additionalProperties": false, "properties": { - "AppIntegrationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AppIntegrations DataIntegration to use for ingesting content.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` as source fields.\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` as source fields.\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , your AppIntegrations DataIntegration must have an ObjectConfiguration if `objectFields` is not provided, including at least `id` , `title` , `updated_at` , and `draft` as source fields.\n- For [SharePoint](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-net-server-csom-jsom-and-rest-api-index) , your AppIntegrations DataIntegration must have a FileConfiguration, including only file extensions that are among `docx` , `pdf` , `html` , `htm` , and `txt` .\n- For [Amazon S3](https://docs.aws.amazon.com/s3/) , the ObjectConfiguration and FileConfiguration of your AppIntegrations DataIntegration must be null. The `SourceURI` of your DataIntegration must use the following format: `s3://your_s3_bucket_name` .\n\n> The bucket policy of the corresponding S3 bucket must allow the AWS principal `app-integrations.amazonaws.com` to perform `s3:ListBucket` , `s3:GetObject` , and `s3:GetBucketLocation` against the bucket.", - "title": "AppIntegrationArn", + "Criteria": { + "markdownDescription": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", + "title": "Criteria", "type": "string" }, - "ObjectFields": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "The fields from the source that are made available to your agents in Amazon Q in Connect. Optional if ObjectConfiguration is included in the provided DataIntegration.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , you must include at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` .\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , you must include at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` .\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , you must include at least `id` , `title` , `updated_at` , and `draft` .\n\nMake sure to include additional fields. These fields are indexed and used to source recommendations.", - "title": "ObjectFields", + "markdownDescription": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter.", + "title": "Values", "type": "array" } }, "required": [ - "AppIntegrationArn" + "Criteria", + "Values" ], "type": "object" }, - "AWS::Wisdom::KnowledgeBase.RenderingConfiguration": { - "additionalProperties": false, - "properties": { - "TemplateUri": { - "markdownDescription": "A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following:\n\n- Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted`\n- ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active`\n- Zendesk: `id` , `title` , `updated_at` , or `draft`\n\nThe variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) .", - "title": "TemplateUri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration": { + "AWS::Wisdom::QuickResponse.QuickResponseContentProvider": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The customer managed key used for encryption.\n\nThis customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom.\n\nFor more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) .", - "title": "KmsKeyId", + "Content": { + "markdownDescription": "The content of the quick response.", + "title": "Content", "type": "string" } }, "type": "object" }, - "AWS::Wisdom::KnowledgeBase.SourceConfiguration": { + "AWS::Wisdom::QuickResponse.QuickResponseContents": { "additionalProperties": false, "properties": { - "AppIntegrations": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration", - "markdownDescription": "Configuration information for Amazon AppIntegrations to automatically ingest content.", - "title": "AppIntegrations" + "Markdown": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The quick response content in markdown format.", + "title": "Markdown" + }, + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The quick response content in plaintext format.", + "title": "PlainText" } }, - "required": [ - "AppIntegrations" - ], "type": "object" }, "AWS::WorkSpaces::ConnectionAlias": { @@ -271944,6 +324746,165 @@ }, "type": "object" }, + "AWS::WorkSpaces::WorkspacesPool": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationSettings": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.ApplicationSettings", + "markdownDescription": "The persistent application settings for users of the pool.", + "title": "ApplicationSettings" + }, + "BundleId": { + "markdownDescription": "The identifier of the bundle used by the pool.", + "title": "BundleId", + "type": "string" + }, + "Capacity": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.Capacity", + "markdownDescription": "Describes the user capacity for the pool.", + "title": "Capacity" + }, + "Description": { + "markdownDescription": "The description of the pool.", + "title": "Description", + "type": "string" + }, + "DirectoryId": { + "markdownDescription": "The identifier of the directory used by the pool.", + "title": "DirectoryId", + "type": "string" + }, + "PoolName": { + "markdownDescription": "The name of the pool.", + "title": "PoolName", + "type": "string" + }, + "RunningMode": { + "markdownDescription": "The running mode of the pool.", + "title": "RunningMode", + "type": "string" + }, + "TimeoutSettings": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.TimeoutSettings", + "markdownDescription": "The amount of time that a pool session remains active after users disconnect. If they try to reconnect to the pool session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new pool instance.", + "title": "TimeoutSettings" + } + }, + "required": [ + "BundleId", + "Capacity", + "DirectoryId", + "PoolName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpaces::WorkspacesPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.ApplicationSettings": { + "additionalProperties": false, + "properties": { + "SettingsGroup": { + "markdownDescription": "The path prefix for the S3 bucket where users\u2019 persistent application settings are stored.", + "title": "SettingsGroup", + "type": "string" + }, + "Status": { + "markdownDescription": "Enables or disables persistent application settings for users during their pool sessions.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.Capacity": { + "additionalProperties": false, + "properties": { + "DesiredUserSessions": { + "markdownDescription": "The desired number of user sessions for the WorkSpaces in the pool.", + "title": "DesiredUserSessions", + "type": "number" + } + }, + "required": [ + "DesiredUserSessions" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.TimeoutSettings": { + "additionalProperties": false, + "properties": { + "DisconnectTimeoutInSeconds": { + "markdownDescription": "Specifies the amount of time, in seconds, that a streaming session remains active after users disconnect. If users try to reconnect to the streaming session after a disconnection or network interruption within the time set, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance.", + "title": "DisconnectTimeoutInSeconds", + "type": "number" + }, + "IdleDisconnectTimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds a connection will stay active while idle.", + "title": "IdleDisconnectTimeoutInSeconds", + "type": "number" + }, + "MaxUserDurationInSeconds": { + "markdownDescription": "Specifies the maximum amount of time, in seconds, that a streaming session can remain active. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.", + "title": "MaxUserDurationInSeconds", + "type": "number" + } + }, + "type": "object" + }, "AWS::WorkSpacesThinClient::Environment": { "additionalProperties": false, "properties": { @@ -271994,6 +324955,14 @@ "title": "DesktopEndpoint", "type": "string" }, + "DeviceCreationTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the newly created devices for this environment.", + "title": "DeviceCreationTags", + "type": "array" + }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service key used to encrypt the environment.", "title": "KmsKeyArn", @@ -272188,6 +325157,235 @@ ], "type": "object" }, + "AWS::WorkSpacesWeb::DataProtectionSettings": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The additional encryption context of the data protection settings.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "CustomerManagedKey": { + "markdownDescription": "The customer managed key used to encrypt sensitive information in the data protection settings.", + "title": "CustomerManagedKey", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the data protection settings.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the data protection settings.", + "title": "DisplayName", + "type": "string" + }, + "InlineRedactionConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionConfiguration", + "markdownDescription": "The inline redaction configuration for the data protection settings.", + "title": "InlineRedactionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags of the data protection settings.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpacesWeb::DataProtectionSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.CustomPattern": { + "additionalProperties": false, + "properties": { + "KeywordRegex": { + "markdownDescription": "The keyword regex for the customer pattern. After there is a match to the pattern regex, the keyword regex is used to search within the proximity of the match. If there is a keyword match, then the match is confirmed. If no keyword regex is provided, the pattern regex match will automatically be confirmed. The format must follow JavaScript regex format. The pattern must be enclosed between slashes, and can have flags behind the second slash. For example, \u201c/ab+c/gi\u201d", + "title": "KeywordRegex", + "type": "string" + }, + "PatternDescription": { + "markdownDescription": "The pattern description for the customer pattern.", + "title": "PatternDescription", + "type": "string" + }, + "PatternName": { + "markdownDescription": "The pattern name for the custom pattern.", + "title": "PatternName", + "type": "string" + }, + "PatternRegex": { + "markdownDescription": "The pattern regex for the customer pattern. The format must follow JavaScript regex format. The pattern must be enclosed between slashes, and can have flags behind the second slash. For example: \u201c/ab+c/gi\u201d.", + "title": "PatternRegex", + "type": "string" + } + }, + "required": [ + "PatternName", + "PatternRegex" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionConfiguration": { + "additionalProperties": false, + "properties": { + "GlobalConfidenceLevel": { + "markdownDescription": "The global confidence level for the inline redaction configuration. This indicates the certainty of data type matches in the redaction process. Confidence level 3 means high confidence, and requires a formatted text pattern match in order for content to be redacted. Confidence level 2 means medium confidence, and redaction considers both formatted and unformatted text, and adds keyword associate to the logic. Confidence level 1 means low confidence, and redaction is enforced for both formatted pattern + unformatted pattern without keyword. This is applied to patterns that do not have a pattern-level confidence level. Defaults to confidence level 2.", + "title": "GlobalConfidenceLevel", + "type": "number" + }, + "GlobalEnforcedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The global enforced URL configuration for the inline redaction configuration. This is applied to patterns that do not have a pattern-level enforced URL list.", + "title": "GlobalEnforcedUrls", + "type": "array" + }, + "GlobalExemptUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The global exempt URL configuration for the inline redaction configuration. This is applied to patterns that do not have a pattern-level exempt URL list.", + "title": "GlobalExemptUrls", + "type": "array" + }, + "InlineRedactionPatterns": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionPattern" + }, + "markdownDescription": "The inline redaction patterns to be enabled for the inline redaction configuration.", + "title": "InlineRedactionPatterns", + "type": "array" + } + }, + "required": [ + "InlineRedactionPatterns" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionPattern": { + "additionalProperties": false, + "properties": { + "BuiltInPatternId": { + "markdownDescription": "The built-in pattern from the list of preconfigured patterns. Either a customPattern or builtInPatternId is required. To view the entire list of data types and their corresponding built-in pattern IDs, see [Base inline redaction](https://docs.aws.amazon.com/workspaces-web/latest/adminguide/base-inline-redaction.html) .", + "title": "BuiltInPatternId", + "type": "string" + }, + "ConfidenceLevel": { + "markdownDescription": "The confidence level for inline redaction pattern. This indicates the certainty of data type matches in the redaction process. Confidence level 3 means high confidence, and requires a formatted text pattern match in order for content to be redacted. Confidence level 2 means medium confidence, and redaction considers both formatted and unformatted text, and adds keyword associate to the logic. Confidence level 1 means low confidence, and redaction is enforced for both formatted pattern + unformatted pattern without keyword. This overrides the global confidence level.", + "title": "ConfidenceLevel", + "type": "number" + }, + "CustomPattern": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.CustomPattern", + "markdownDescription": "The configuration for a custom pattern. Either a customPattern or builtInPatternId is required.", + "title": "CustomPattern" + }, + "EnforcedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The enforced URL configuration for the inline redaction pattern. This will override the global enforced URL configuration.", + "title": "EnforcedUrls", + "type": "array" + }, + "ExemptUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The exempt URL configuration for the inline redaction pattern. This will override the global exempt URL configuration for the inline redaction pattern.", + "title": "ExemptUrls", + "type": "array" + }, + "RedactionPlaceHolder": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.RedactionPlaceHolder", + "markdownDescription": "The redaction placeholder that will replace the redacted text in session for the inline redaction pattern.", + "title": "RedactionPlaceHolder" + } + }, + "required": [ + "RedactionPlaceHolder" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.RedactionPlaceHolder": { + "additionalProperties": false, + "properties": { + "RedactionPlaceHolderText": { + "markdownDescription": "The redaction placeholder text that will replace the redacted text in session for the custom text redaction placeholder type.", + "title": "RedactionPlaceHolderText", + "type": "string" + }, + "RedactionPlaceHolderType": { + "markdownDescription": "The redaction placeholder type that will replace the redacted text in session.", + "title": "RedactionPlaceHolderType", + "type": "string" + } + }, + "required": [ + "RedactionPlaceHolderType" + ], + "type": "object" + }, "AWS::WorkSpacesWeb::IdentityProvider": { "additionalProperties": false, "properties": { @@ -272248,6 +325446,14 @@ "markdownDescription": "The ARN of the identity provider.", "title": "PortalArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ @@ -272555,6 +325761,11 @@ "title": "CustomerManagedKey", "type": "string" }, + "DataProtectionSettingsArn": { + "markdownDescription": "The ARN of the data protection settings.", + "title": "DataProtectionSettingsArn", + "type": "string" + }, "DisplayName": { "markdownDescription": "The name of the web portal.", "title": "DisplayName", @@ -272814,83 +326025,422 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalEncryptionContext": { - "additionalProperties": true, - "markdownDescription": "The additional encryption context of the user settings.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalEncryptionContext", - "type": "object" - }, - "CookieSynchronizationConfiguration": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration", - "markdownDescription": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.", - "title": "CookieSynchronizationConfiguration" - }, - "CopyAllowed": { - "markdownDescription": "Specifies whether the user can copy text from the streaming session to the local device.", - "title": "CopyAllowed", - "type": "string" - }, - "CustomerManagedKey": { - "markdownDescription": "The customer managed key used to encrypt sensitive information in the user settings.", - "title": "CustomerManagedKey", - "type": "string" - }, - "DisconnectTimeoutInMinutes": { - "markdownDescription": "The amount of time that a streaming session remains active after users disconnect.", - "title": "DisconnectTimeoutInMinutes", - "type": "number" - }, - "DownloadAllowed": { - "markdownDescription": "Specifies whether the user can download files from the streaming session to the local device.", - "title": "DownloadAllowed", - "type": "string" - }, - "IdleDisconnectTimeoutInMinutes": { - "markdownDescription": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins.", - "title": "IdleDisconnectTimeoutInMinutes", - "type": "number" - }, - "PasteAllowed": { - "markdownDescription": "Specifies whether the user can paste text from the local device to the streaming session.", - "title": "PasteAllowed", - "type": "string" - }, - "PrintAllowed": { - "markdownDescription": "Specifies whether the user can print to the local device.", - "title": "PrintAllowed", - "type": "string" + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The additional encryption context of the user settings.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "CookieSynchronizationConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration", + "markdownDescription": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.", + "title": "CookieSynchronizationConfiguration" + }, + "CopyAllowed": { + "markdownDescription": "Specifies whether the user can copy text from the streaming session to the local device.", + "title": "CopyAllowed", + "type": "string" + }, + "CustomerManagedKey": { + "markdownDescription": "The customer managed key used to encrypt sensitive information in the user settings.", + "title": "CustomerManagedKey", + "type": "string" + }, + "DeepLinkAllowed": { + "markdownDescription": "Specifies whether the user can use deep links that open automatically when connecting to a session.", + "title": "DeepLinkAllowed", + "type": "string" + }, + "DisconnectTimeoutInMinutes": { + "markdownDescription": "The amount of time that a streaming session remains active after users disconnect.", + "title": "DisconnectTimeoutInMinutes", + "type": "number" + }, + "DownloadAllowed": { + "markdownDescription": "Specifies whether the user can download files from the streaming session to the local device.", + "title": "DownloadAllowed", + "type": "string" + }, + "IdleDisconnectTimeoutInMinutes": { + "markdownDescription": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins.", + "title": "IdleDisconnectTimeoutInMinutes", + "type": "number" + }, + "PasteAllowed": { + "markdownDescription": "Specifies whether the user can paste text from the local device to the streaming session.", + "title": "PasteAllowed", + "type": "string" + }, + "PrintAllowed": { + "markdownDescription": "Specifies whether the user can print to the local device.", + "title": "PrintAllowed", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the user settings resource. A tag is a key-value pair.", + "title": "Tags", + "type": "array" + }, + "ToolbarConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.ToolbarConfiguration", + "markdownDescription": "The configuration of the toolbar. This allows administrators to select the toolbar type and visual mode, set maximum display resolution for sessions, and choose which items are visible to end users during their sessions. If administrators do not modify these settings, end users retain control over their toolbar preferences.", + "title": "ToolbarConfiguration" + }, + "UploadAllowed": { + "markdownDescription": "Specifies whether the user can upload files from the local device to the streaming session.", + "title": "UploadAllowed", + "type": "string" + } + }, + "required": [ + "CopyAllowed", + "DownloadAllowed", + "PasteAllowed", + "PrintAllowed", + "UploadAllowed" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpacesWeb::UserSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.CookieSpecification": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of the cookie.", + "title": "Domain", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the cookie.", + "title": "Name", + "type": "string" + }, + "Path": { + "markdownDescription": "The path of the cookie.", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Domain" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration": { + "additionalProperties": false, + "properties": { + "Allowlist": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + }, + "markdownDescription": "The list of cookie specifications that are allowed to be synchronized to the remote browser.", + "title": "Allowlist", + "type": "array" + }, + "Blocklist": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + }, + "markdownDescription": "The list of cookie specifications that are blocked from being synchronized to the remote browser.", + "title": "Blocklist", + "type": "array" + } + }, + "required": [ + "Allowlist" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.ToolbarConfiguration": { + "additionalProperties": false, + "properties": { + "HiddenToolbarItems": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of toolbar items to be hidden.", + "title": "HiddenToolbarItems", + "type": "array" + }, + "MaxDisplayResolution": { + "markdownDescription": "The maximum display resolution that is allowed for the session.", + "title": "MaxDisplayResolution", + "type": "string" + }, + "ToolbarType": { + "markdownDescription": "The type of toolbar displayed during the session.", + "title": "ToolbarType", + "type": "string" + }, + "VisualMode": { + "markdownDescription": "The visual mode of the toolbar.", + "title": "VisualMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::Volume": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "Encrypted": { + "type": "boolean" + }, + "Iops": { + "type": "number" + }, + "KmsKeyId": { + "type": "string" + }, + "SizeInGB": { + "type": "number" + }, + "SnapshotId": { + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::Volume.TagSpecification" + }, + "type": "array" + }, + "Throughput": { + "type": "number" + }, + "VolumeType": { + "type": "string" + } + }, + "required": [ + "AvailabilityZone" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkspacesInstances::Volume" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkspacesInstances::Volume.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::VolumeAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Device": { + "type": "string" + }, + "DisassociateMode": { + "type": "string" + }, + "VolumeId": { + "type": "string" + }, + "WorkspaceInstanceId": { + "type": "string" + } + }, + "required": [ + "Device", + "VolumeId", + "WorkspaceInstanceId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkspacesInstances::VolumeAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ManagedInstance": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.ManagedInstance" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the user settings resource. A tag is a key-value pair.", - "title": "Tags", "type": "array" - }, - "UploadAllowed": { - "markdownDescription": "Specifies whether the user can upload files from the local device to the streaming session.", - "title": "UploadAllowed", - "type": "string" } }, - "required": [ - "CopyAllowed", - "DownloadAllowed", - "PasteAllowed", - "PrintAllowed", - "UploadAllowed" - ], "type": "object" }, "Type": { "enum": [ - "AWS::WorkSpacesWeb::UserSettings" + "AWS::WorkspacesInstances::WorkspaceInstance" ], "type": "string" }, @@ -272904,60 +326454,302 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::WorkSpacesWeb::UserSettings.CookieSpecification": { + "AWS::WorkspacesInstances::WorkspaceInstance.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of the cookie.", - "title": "Domain", + "DeviceName": { + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.EbsBlockDevice" + }, + "NoDevice": { "type": "string" }, + "VirtualName": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.CpuOptionsRequest": { + "additionalProperties": false, + "properties": { + "CoreCount": { + "type": "number" + }, + "ThreadsPerCore": { + "type": "number" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.CreditSpecificationRequest": { + "additionalProperties": false, + "properties": { + "CpuCredits": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EC2ManagedInstance": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EbsBlockDevice": { + "additionalProperties": false, + "properties": { + "Encrypted": { + "type": "boolean" + }, + "Iops": { + "type": "number" + }, + "KmsKeyId": { + "type": "string" + }, + "Throughput": { + "type": "number" + }, + "VolumeSize": { + "type": "number" + }, + "VolumeType": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EnclaveOptionsRequest": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.HibernationOptionsRequest": { + "additionalProperties": false, + "properties": { + "Configured": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.IamInstanceProfileSpecification": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The name of the cookie.", - "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMaintenanceOptionsRequest": { + "additionalProperties": false, + "properties": { + "AutoRecovery": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMetadataOptionsRequest": { + "additionalProperties": false, + "properties": { + "HttpEndpoint": { "type": "string" }, - "Path": { - "markdownDescription": "The path of the cookie.", - "title": "Path", + "HttpProtocolIpv6": { + "type": "string" + }, + "HttpPutResponseHopLimit": { + "type": "number" + }, + "HttpTokens": { + "type": "string" + }, + "InstanceMetadataTags": { "type": "string" } }, - "required": [ - "Domain" - ], "type": "object" }, - "AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration": { + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkInterfaceSpecification": { "additionalProperties": false, "properties": { - "Allowlist": { + "Description": { + "type": "string" + }, + "DeviceIndex": { + "type": "number" + }, + "Groups": { "items": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + "type": "string" }, - "markdownDescription": "The list of cookie specifications that are allowed to be synchronized to the remote browser.", - "title": "Allowlist", "type": "array" }, - "Blocklist": { + "SubnetId": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkPerformanceOptionsRequest": { + "additionalProperties": false, + "properties": { + "BandwidthWeighting": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.ManagedInstance": { + "additionalProperties": false, + "properties": { + "BlockDeviceMappings": { "items": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.BlockDeviceMapping" }, - "markdownDescription": "The list of cookie specifications that are blocked from being synchronized to the remote browser.", - "title": "Blocklist", "type": "array" + }, + "CpuOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.CpuOptionsRequest" + }, + "CreditSpecification": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.CreditSpecificationRequest" + }, + "DisableApiStop": { + "type": "boolean" + }, + "EbsOptimized": { + "type": "boolean" + }, + "EnclaveOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.EnclaveOptionsRequest" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.HibernationOptionsRequest" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.IamInstanceProfileSpecification" + }, + "ImageId": { + "type": "string" + }, + "InstanceType": { + "type": "string" + }, + "KeyName": { + "type": "string" + }, + "MaintenanceOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceMaintenanceOptionsRequest" + }, + "MetadataOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceMetadataOptionsRequest" + }, + "Monitoring": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.RunInstancesMonitoringEnabled" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkInterfaceSpecification" + }, + "type": "array" + }, + "NetworkPerformanceOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkPerformanceOptionsRequest" + }, + "Placement": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.PrivateDnsNameOptionsRequest" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.TagSpecification" + }, + "type": "array" + }, + "UserData": { + "type": "string" } }, "required": [ - "Allowlist" + "ImageId", + "InstanceType" ], "type": "object" }, + "AWS::WorkspacesInstances::WorkspaceInstance.Placement": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "GroupName": { + "type": "string" + }, + "Tenancy": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.PrivateDnsNameOptionsRequest": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "type": "boolean" + }, + "HostnameType": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.RunInstancesMonitoringEnabled": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::XRay::Group": { "additionalProperties": false, "properties": { @@ -273296,6 +327088,69 @@ ], "type": "object" }, + "AWS::XRay::TransactionSearchConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IndexingPercentage": { + "markdownDescription": "", + "title": "IndexingPercentage", + "type": "number" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::XRay::TransactionSearchConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AccessAssociation": { "additionalProperties": false, "properties": { @@ -281287,6 +335142,9 @@ { "$ref": "#/definitions/AWS::ACMPCA::Permission" }, + { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup" + }, { "$ref": "#/definitions/AWS::APS::RuleGroupsNamespace" }, @@ -281296,6 +335154,9 @@ { "$ref": "#/definitions/AWS::APS::Workspace" }, + { + "$ref": "#/definitions/AWS::ARCZonalShift::AutoshiftObserverNotificationStatus" + }, { "$ref": "#/definitions/AWS::ARCZonalShift::ZonalAutoshiftConfiguration" }, @@ -281341,6 +335202,9 @@ { "$ref": "#/definitions/AWS::ApiGateway::BasePathMapping" }, + { + "$ref": "#/definitions/AWS::ApiGateway::BasePathMappingV2" + }, { "$ref": "#/definitions/AWS::ApiGateway::ClientCertificate" }, @@ -281356,6 +335220,12 @@ { "$ref": "#/definitions/AWS::ApiGateway::DomainName" }, + { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameAccessAssociation" + }, + { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameV2" + }, { "$ref": "#/definitions/AWS::ApiGateway::GatewayResponse" }, @@ -281419,6 +335289,9 @@ { "$ref": "#/definitions/AWS::ApiGatewayV2::RouteResponse" }, + { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule" + }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Stage" }, @@ -281542,12 +335415,18 @@ { "$ref": "#/definitions/AWS::AppStream::User" }, + { + "$ref": "#/definitions/AWS::AppSync::Api" + }, { "$ref": "#/definitions/AWS::AppSync::ApiCache" }, { "$ref": "#/definitions/AWS::AppSync::ApiKey" }, + { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace" + }, { "$ref": "#/definitions/AWS::AppSync::DataSource" }, @@ -281572,6 +335451,9 @@ { "$ref": "#/definitions/AWS::AppSync::SourceApiAssociation" }, + { + "$ref": "#/definitions/AWS::AppTest::TestCase" + }, { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget" }, @@ -281581,6 +335463,12 @@ { "$ref": "#/definitions/AWS::ApplicationInsights::Application" }, + { + "$ref": "#/definitions/AWS::ApplicationSignals::Discovery" + }, + { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective" + }, { "$ref": "#/definitions/AWS::Athena::CapacityReservation" }, @@ -281647,6 +335535,9 @@ { "$ref": "#/definitions/AWS::Backup::Framework" }, + { + "$ref": "#/definitions/AWS::Backup::LogicallyAirGappedBackupVault" + }, { "$ref": "#/definitions/AWS::Backup::ReportPlan" }, @@ -281662,6 +335553,9 @@ { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment" }, + { + "$ref": "#/definitions/AWS::Batch::ConsumableResource" + }, { "$ref": "#/definitions/AWS::Batch::JobDefinition" }, @@ -281677,15 +335571,48 @@ { "$ref": "#/definitions/AWS::Bedrock::AgentAlias" }, + { + "$ref": "#/definitions/AWS::Bedrock::ApplicationInferenceProfile" + }, + { + "$ref": "#/definitions/AWS::Bedrock::Blueprint" + }, + { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject" + }, { "$ref": "#/definitions/AWS::Bedrock::DataSource" }, + { + "$ref": "#/definitions/AWS::Bedrock::Flow" + }, + { + "$ref": "#/definitions/AWS::Bedrock::FlowAlias" + }, + { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion" + }, { "$ref": "#/definitions/AWS::Bedrock::Guardrail" }, + { + "$ref": "#/definitions/AWS::Bedrock::GuardrailVersion" + }, + { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter" + }, { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase" }, + { + "$ref": "#/definitions/AWS::Bedrock::Prompt" + }, + { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion" + }, + { + "$ref": "#/definitions/AWS::Billing::BillingView" + }, { "$ref": "#/definitions/AWS::BillingConductor::BillingGroup" }, @@ -281722,12 +335649,18 @@ { "$ref": "#/definitions/AWS::Cassandra::Table" }, + { + "$ref": "#/definitions/AWS::Cassandra::Type" + }, { "$ref": "#/definitions/AWS::CertificateManager::Account" }, { "$ref": "#/definitions/AWS::CertificateManager::Certificate" }, + { + "$ref": "#/definitions/AWS::Chatbot::CustomAction" + }, { "$ref": "#/definitions/AWS::Chatbot::MicrosoftTeamsChannelConfiguration" }, @@ -281746,6 +335679,12 @@ { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation" }, + { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable" + }, + { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation" + }, { "$ref": "#/definitions/AWS::CleanRooms::Membership" }, @@ -281761,6 +335700,9 @@ { "$ref": "#/definitions/AWS::CloudFormation::CustomResource" }, + { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook" + }, { "$ref": "#/definitions/AWS::CloudFormation::HookDefaultVersion" }, @@ -281770,6 +335712,9 @@ { "$ref": "#/definitions/AWS::CloudFormation::HookVersion" }, + { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook" + }, { "$ref": "#/definitions/AWS::CloudFormation::Macro" }, @@ -281806,18 +335751,27 @@ { "$ref": "#/definitions/AWS::CloudFormation::WaitConditionHandle" }, + { + "$ref": "#/definitions/AWS::CloudFront::AnycastIpList" + }, { "$ref": "#/definitions/AWS::CloudFront::CachePolicy" }, { "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity" }, + { + "$ref": "#/definitions/AWS::CloudFront::ConnectionGroup" + }, { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy" }, { "$ref": "#/definitions/AWS::CloudFront::Distribution" }, + { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant" + }, { "$ref": "#/definitions/AWS::CloudFront::Function" }, @@ -281848,9 +335802,15 @@ { "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution" }, + { + "$ref": "#/definitions/AWS::CloudFront::VpcOrigin" + }, { "$ref": "#/definitions/AWS::CloudTrail::Channel" }, + { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard" + }, { "$ref": "#/definitions/AWS::CloudTrail::EventDataStore" }, @@ -281956,6 +335916,9 @@ { "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration" }, + { + "$ref": "#/definitions/AWS::Cognito::ManagedLoginBranding" + }, { "$ref": "#/definitions/AWS::Cognito::UserPool" }, @@ -282022,6 +335985,9 @@ { "$ref": "#/definitions/AWS::Config::StoredQuery" }, + { + "$ref": "#/definitions/AWS::Connect::AgentStatus" + }, { "$ref": "#/definitions/AWS::Connect::ApprovedOrigin" }, @@ -282031,6 +335997,12 @@ { "$ref": "#/definitions/AWS::Connect::ContactFlowModule" }, + { + "$ref": "#/definitions/AWS::Connect::ContactFlowVersion" + }, + { + "$ref": "#/definitions/AWS::Connect::EmailAddress" + }, { "$ref": "#/definitions/AWS::Connect::EvaluationForm" }, @@ -282085,6 +336057,9 @@ { "$ref": "#/definitions/AWS::Connect::UserHierarchyGroup" }, + { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure" + }, { "$ref": "#/definitions/AWS::Connect::View" }, @@ -282094,6 +336069,9 @@ { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign" }, + { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign" + }, { "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline" }, @@ -282112,12 +336090,18 @@ { "$ref": "#/definitions/AWS::CustomerProfiles::EventStream" }, + { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger" + }, { "$ref": "#/definitions/AWS::CustomerProfiles::Integration" }, { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType" }, + { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition" + }, { "$ref": "#/definitions/AWS::DAX::Cluster" }, @@ -282133,6 +336117,9 @@ { "$ref": "#/definitions/AWS::DMS::Certificate" }, + { + "$ref": "#/definitions/AWS::DMS::DataMigration" + }, { "$ref": "#/definitions/AWS::DMS::DataProvider" }, @@ -282160,6 +336147,9 @@ { "$ref": "#/definitions/AWS::DMS::ReplicationTask" }, + { + "$ref": "#/definitions/AWS::DSQL::Cluster" + }, { "$ref": "#/definitions/AWS::DataBrew::Dataset" }, @@ -282218,10 +336208,10 @@ "$ref": "#/definitions/AWS::DataSync::LocationSMB" }, { - "$ref": "#/definitions/AWS::DataSync::StorageSystem" + "$ref": "#/definitions/AWS::DataSync::Task" }, { - "$ref": "#/definitions/AWS::DataSync::Task" + "$ref": "#/definitions/AWS::DataZone::Connection" }, { "$ref": "#/definitions/AWS::DataZone::DataSource" @@ -282229,21 +336219,42 @@ { "$ref": "#/definitions/AWS::DataZone::Domain" }, + { + "$ref": "#/definitions/AWS::DataZone::DomainUnit" + }, { "$ref": "#/definitions/AWS::DataZone::Environment" }, + { + "$ref": "#/definitions/AWS::DataZone::EnvironmentActions" + }, { "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration" }, { "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile" }, + { + "$ref": "#/definitions/AWS::DataZone::GroupProfile" + }, + { + "$ref": "#/definitions/AWS::DataZone::Owner" + }, { "$ref": "#/definitions/AWS::DataZone::Project" }, + { + "$ref": "#/definitions/AWS::DataZone::ProjectMembership" + }, + { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile" + }, { "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget" }, + { + "$ref": "#/definitions/AWS::DataZone::UserProfile" + }, { "$ref": "#/definitions/AWS::Deadline::Farm" }, @@ -282253,9 +336264,15 @@ { "$ref": "#/definitions/AWS::Deadline::LicenseEndpoint" }, + { + "$ref": "#/definitions/AWS::Deadline::Limit" + }, { "$ref": "#/definitions/AWS::Deadline::MeteredProduct" }, + { + "$ref": "#/definitions/AWS::Deadline::Monitor" + }, { "$ref": "#/definitions/AWS::Deadline::Queue" }, @@ -282265,6 +336282,9 @@ { "$ref": "#/definitions/AWS::Deadline::QueueFleetAssociation" }, + { + "$ref": "#/definitions/AWS::Deadline::QueueLimitAssociation" + }, { "$ref": "#/definitions/AWS::Deadline::StorageProfile" }, @@ -282457,6 +336477,21 @@ { "$ref": "#/definitions/AWS::EC2::Route" }, + { + "$ref": "#/definitions/AWS::EC2::RouteServer" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerAssociation" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerEndpoint" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerPeer" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerPropagation" + }, { "$ref": "#/definitions/AWS::EC2::RouteTable" }, @@ -282469,6 +336504,9 @@ { "$ref": "#/definitions/AWS::EC2::SecurityGroupIngress" }, + { + "$ref": "#/definitions/AWS::EC2::SecurityGroupVpcAssociation" + }, { "$ref": "#/definitions/AWS::EC2::SnapshotBlockPublicAccess" }, @@ -282541,6 +336579,12 @@ { "$ref": "#/definitions/AWS::EC2::VPC" }, + { + "$ref": "#/definitions/AWS::EC2::VPCBlockPublicAccessExclusion" + }, + { + "$ref": "#/definitions/AWS::EC2::VPCBlockPublicAccessOptions" + }, { "$ref": "#/definitions/AWS::EC2::VPCCidrBlock" }, @@ -282604,6 +336648,9 @@ { "$ref": "#/definitions/AWS::ECR::RegistryPolicy" }, + { + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration" + }, { "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration" }, @@ -282694,6 +336741,9 @@ { "$ref": "#/definitions/AWS::EMRServerless::Application" }, + { + "$ref": "#/definitions/AWS::EVS::Environment" + }, { "$ref": "#/definitions/AWS::ElastiCache::CacheCluster" }, @@ -282847,6 +336897,9 @@ { "$ref": "#/definitions/AWS::FSx::FileSystem" }, + { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment" + }, { "$ref": "#/definitions/AWS::FSx::Snapshot" }, @@ -282892,6 +336945,9 @@ { "$ref": "#/definitions/AWS::GameLift::Build" }, + { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet" + }, { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition" }, @@ -282985,6 +337041,9 @@ { "$ref": "#/definitions/AWS::Glue::Trigger" }, + { + "$ref": "#/definitions/AWS::Glue::UsageProfile" + }, { "$ref": "#/definitions/AWS::Glue::Workflow" }, @@ -283063,12 +337122,18 @@ { "$ref": "#/definitions/AWS::GuardDuty::IPSet" }, + { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan" + }, { "$ref": "#/definitions/AWS::GuardDuty::Master" }, { "$ref": "#/definitions/AWS::GuardDuty::Member" }, + { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination" + }, { "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet" }, @@ -283132,12 +337197,18 @@ { "$ref": "#/definitions/AWS::IVS::EncoderConfiguration" }, + { + "$ref": "#/definitions/AWS::IVS::IngestConfiguration" + }, { "$ref": "#/definitions/AWS::IVS::PlaybackKeyPair" }, { "$ref": "#/definitions/AWS::IVS::PlaybackRestrictionPolicy" }, + { + "$ref": "#/definitions/AWS::IVS::PublicKey" + }, { "$ref": "#/definitions/AWS::IVS::RecordingConfiguration" }, @@ -283208,13 +337279,7 @@ "$ref": "#/definitions/AWS::InternetMonitor::Monitor" }, { - "$ref": "#/definitions/AWS::IoT1Click::Device" - }, - { - "$ref": "#/definitions/AWS::IoT1Click::Placement" - }, - { - "$ref": "#/definitions/AWS::IoT1Click::Project" + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit" }, { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration" @@ -283234,6 +337299,9 @@ { "$ref": "#/definitions/AWS::IoT::CertificateProvider" }, + { + "$ref": "#/definitions/AWS::IoT::Command" + }, { "$ref": "#/definitions/AWS::IoT::CustomMetric" }, @@ -283342,6 +337410,9 @@ { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog" }, + { + "$ref": "#/definitions/AWS::IoTFleetWise::StateTemplate" + }, { "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle" }, @@ -283357,6 +337428,9 @@ { "$ref": "#/definitions/AWS::IoTSiteWise::Dashboard" }, + { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset" + }, { "$ref": "#/definitions/AWS::IoTSiteWise::Gateway" }, @@ -283447,6 +337521,9 @@ { "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan" }, + { + "$ref": "#/definitions/AWS::Kinesis::ResourcePolicy" + }, { "$ref": "#/definitions/AWS::Kinesis::Stream" }, @@ -283534,6 +337611,9 @@ { "$ref": "#/definitions/AWS::Lambda::Version" }, + { + "$ref": "#/definitions/AWS::LaunchWizard::Deployment" + }, { "$ref": "#/definitions/AWS::Lex::Bot" }, @@ -283576,6 +337656,9 @@ { "$ref": "#/definitions/AWS::Lightsail::Instance" }, + { + "$ref": "#/definitions/AWS::Lightsail::InstanceSnapshot" + }, { "$ref": "#/definitions/AWS::Lightsail::LoadBalancer" }, @@ -283621,6 +337704,9 @@ { "$ref": "#/definitions/AWS::Logs::Destination" }, + { + "$ref": "#/definitions/AWS::Logs::Integration" + }, { "$ref": "#/definitions/AWS::Logs::LogAnomalyDetector" }, @@ -283642,6 +337728,9 @@ { "$ref": "#/definitions/AWS::Logs::SubscriptionFilter" }, + { + "$ref": "#/definitions/AWS::Logs::Transformer" + }, { "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler" }, @@ -283657,9 +337746,18 @@ { "$ref": "#/definitions/AWS::M2::Application" }, + { + "$ref": "#/definitions/AWS::M2::Deployment" + }, { "$ref": "#/definitions/AWS::M2::Environment" }, + { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam" + }, + { + "$ref": "#/definitions/AWS::MPA::IdentitySource" + }, { "$ref": "#/definitions/AWS::MSK::BatchScramSecret" }, @@ -283744,6 +337842,24 @@ { "$ref": "#/definitions/AWS::MediaLive::Channel" }, + { + "$ref": "#/definitions/AWS::MediaLive::ChannelPlacementGroup" + }, + { + "$ref": "#/definitions/AWS::MediaLive::CloudWatchAlarmTemplate" + }, + { + "$ref": "#/definitions/AWS::MediaLive::CloudWatchAlarmTemplateGroup" + }, + { + "$ref": "#/definitions/AWS::MediaLive::Cluster" + }, + { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplate" + }, + { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplateGroup" + }, { "$ref": "#/definitions/AWS::MediaLive::Input" }, @@ -283756,6 +337872,15 @@ { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram" }, + { + "$ref": "#/definitions/AWS::MediaLive::Network" + }, + { + "$ref": "#/definitions/AWS::MediaLive::SdiSource" + }, + { + "$ref": "#/definitions/AWS::MediaLive::SignalMap" + }, { "$ref": "#/definitions/AWS::MediaPackage::Asset" }, @@ -283813,6 +337938,9 @@ { "$ref": "#/definitions/AWS::MemoryDB::Cluster" }, + { + "$ref": "#/definitions/AWS::MemoryDB::MultiRegionCluster" + }, { "$ref": "#/definitions/AWS::MemoryDB::ParameterGroup" }, @@ -283837,6 +337965,9 @@ { "$ref": "#/definitions/AWS::Neptune::DBSubnetGroup" }, + { + "$ref": "#/definitions/AWS::Neptune::EventSubscription" + }, { "$ref": "#/definitions/AWS::NeptuneGraph::Graph" }, @@ -283858,6 +337989,9 @@ { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration" }, + { + "$ref": "#/definitions/AWS::NetworkFirewall::VpcEndpointAssociation" + }, { "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment" }, @@ -283873,6 +338007,9 @@ { "$ref": "#/definitions/AWS::NetworkManager::Device" }, + { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment" + }, { "$ref": "#/definitions/AWS::NetworkManager::GlobalNetwork" }, @@ -283901,16 +338038,37 @@ "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment" }, { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile" + "$ref": "#/definitions/AWS::Notifications::ChannelAssociation" + }, + { + "$ref": "#/definitions/AWS::Notifications::EventRule" }, { - "$ref": "#/definitions/AWS::NimbleStudio::StreamingImage" + "$ref": "#/definitions/AWS::Notifications::ManagedNotificationAccountContactAssociation" }, { - "$ref": "#/definitions/AWS::NimbleStudio::Studio" + "$ref": "#/definitions/AWS::Notifications::ManagedNotificationAdditionalChannelAssociation" }, { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent" + "$ref": "#/definitions/AWS::Notifications::NotificationConfiguration" + }, + { + "$ref": "#/definitions/AWS::Notifications::NotificationHub" + }, + { + "$ref": "#/definitions/AWS::NotificationsContacts::EmailContact" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudAutonomousVmCluster" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudExadataInfrastructure" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudVmCluster" + }, + { + "$ref": "#/definitions/AWS::ODB::OdbNetwork" }, { "$ref": "#/definitions/AWS::OSIS::Pipeline" @@ -283939,12 +338097,18 @@ { "$ref": "#/definitions/AWS::Omics::Workflow" }, + { + "$ref": "#/definitions/AWS::Omics::WorkflowVersion" + }, { "$ref": "#/definitions/AWS::OpenSearchServerless::AccessPolicy" }, { "$ref": "#/definitions/AWS::OpenSearchServerless::Collection" }, + { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index" + }, { "$ref": "#/definitions/AWS::OpenSearchServerless::LifecyclePolicy" }, @@ -283957,6 +338121,9 @@ { "$ref": "#/definitions/AWS::OpenSearchServerless::VpcEndpoint" }, + { + "$ref": "#/definitions/AWS::OpenSearchService::Application" + }, { "$ref": "#/definitions/AWS::OpenSearchService::Domain" }, @@ -284014,6 +338181,21 @@ { "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" }, + { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Challenge" + }, + { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector" + }, + { + "$ref": "#/definitions/AWS::PCS::Cluster" + }, + { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup" + }, + { + "$ref": "#/definitions/AWS::PCS::Queue" + }, { "$ref": "#/definitions/AWS::Panorama::ApplicationInstance" }, @@ -284122,6 +338304,30 @@ { "$ref": "#/definitions/AWS::Proton::ServiceTemplate" }, + { + "$ref": "#/definitions/AWS::QBusiness::Application" + }, + { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor" + }, + { + "$ref": "#/definitions/AWS::QBusiness::DataSource" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Index" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Permission" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Plugin" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Retriever" + }, + { + "$ref": "#/definitions/AWS::QBusiness::WebExperience" + }, { "$ref": "#/definitions/AWS::QLDB::Ledger" }, @@ -284131,6 +338337,9 @@ { "$ref": "#/definitions/AWS::QuickSight::Analysis" }, + { + "$ref": "#/definitions/AWS::QuickSight::CustomPermissions" + }, { "$ref": "#/definitions/AWS::QuickSight::Dashboard" }, @@ -284140,6 +338349,9 @@ { "$ref": "#/definitions/AWS::QuickSight::DataSource" }, + { + "$ref": "#/definitions/AWS::QuickSight::Folder" + }, { "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule" }, @@ -284191,6 +338403,9 @@ { "$ref": "#/definitions/AWS::RDS::DBSecurityGroupIngress" }, + { + "$ref": "#/definitions/AWS::RDS::DBShardGroup" + }, { "$ref": "#/definitions/AWS::RDS::DBSubnetGroup" }, @@ -284209,6 +338424,9 @@ { "$ref": "#/definitions/AWS::RUM::AppMonitor" }, + { + "$ref": "#/definitions/AWS::Rbin::Rule" + }, { "$ref": "#/definitions/AWS::Redshift::Cluster" }, @@ -284233,12 +338451,18 @@ { "$ref": "#/definitions/AWS::Redshift::EventSubscription" }, + { + "$ref": "#/definitions/AWS::Redshift::Integration" + }, { "$ref": "#/definitions/AWS::Redshift::ScheduledAction" }, { "$ref": "#/definitions/AWS::RedshiftServerless::Namespace" }, + { + "$ref": "#/definitions/AWS::RedshiftServerless::Snapshot" + }, { "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup" }, @@ -284281,6 +338505,9 @@ { "$ref": "#/definitions/AWS::ResourceGroups::Group" }, + { + "$ref": "#/definitions/AWS::ResourceGroups::TagSyncTask" + }, { "$ref": "#/definitions/AWS::RoboMaker::Fleet" }, @@ -284425,6 +338652,9 @@ { "$ref": "#/definitions/AWS::S3::StorageLensGroup" }, + { + "$ref": "#/definitions/AWS::S3Express::AccessPoint" + }, { "$ref": "#/definitions/AWS::S3Express::BucketPolicy" }, @@ -284449,6 +338679,21 @@ { "$ref": "#/definitions/AWS::S3Outposts::Endpoint" }, + { + "$ref": "#/definitions/AWS::S3Tables::Namespace" + }, + { + "$ref": "#/definitions/AWS::S3Tables::Table" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TableBucket" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TableBucketPolicy" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TablePolicy" + }, { "$ref": "#/definitions/AWS::SDB::Domain" }, @@ -284467,6 +338712,30 @@ { "$ref": "#/definitions/AWS::SES::EmailIdentity" }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddonInstance" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddonSubscription" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddressList" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerArchive" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerRelay" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy" + }, { "$ref": "#/definitions/AWS::SES::ReceiptFilter" }, @@ -284542,15 +338811,30 @@ { "$ref": "#/definitions/AWS::SSMContacts::Rotation" }, + { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences" + }, { "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet" }, { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan" }, + { + "$ref": "#/definitions/AWS::SSMQuickSetup::ConfigurationManager" + }, + { + "$ref": "#/definitions/AWS::SSO::Application" + }, + { + "$ref": "#/definitions/AWS::SSO::ApplicationAssignment" + }, { "$ref": "#/definitions/AWS::SSO::Assignment" }, + { + "$ref": "#/definitions/AWS::SSO::Instance" + }, { "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration" }, @@ -284563,6 +338847,9 @@ { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig" }, + { + "$ref": "#/definitions/AWS::SageMaker::Cluster" + }, { "$ref": "#/definitions/AWS::SageMaker::CodeRepository" }, @@ -284599,6 +338886,9 @@ { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment" }, + { + "$ref": "#/definitions/AWS::SageMaker::MlflowTrackingServer" + }, { "$ref": "#/definitions/AWS::SageMaker::Model" }, @@ -284629,6 +338919,9 @@ { "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig" }, + { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp" + }, { "$ref": "#/definitions/AWS::SageMaker::Pipeline" }, @@ -284638,6 +338931,9 @@ { "$ref": "#/definitions/AWS::SageMaker::Space" }, + { + "$ref": "#/definitions/AWS::SageMaker::StudioLifecycleConfig" + }, { "$ref": "#/definitions/AWS::SageMaker::UserProfile" }, @@ -284662,21 +338958,45 @@ { "$ref": "#/definitions/AWS::SecretsManager::SecretTargetAttachment" }, + { + "$ref": "#/definitions/AWS::SecurityHub::AggregatorV2" + }, { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule" }, + { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2" + }, + { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy" + }, { "$ref": "#/definitions/AWS::SecurityHub::DelegatedAdmin" }, + { + "$ref": "#/definitions/AWS::SecurityHub::FindingAggregator" + }, { "$ref": "#/definitions/AWS::SecurityHub::Hub" }, + { + "$ref": "#/definitions/AWS::SecurityHub::HubV2" + }, { "$ref": "#/definitions/AWS::SecurityHub::Insight" }, + { + "$ref": "#/definitions/AWS::SecurityHub::OrganizationConfiguration" + }, + { + "$ref": "#/definitions/AWS::SecurityHub::PolicyAssociation" + }, { "$ref": "#/definitions/AWS::SecurityHub::ProductSubscription" }, + { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl" + }, { "$ref": "#/definitions/AWS::SecurityHub::Standard" }, @@ -284689,6 +339009,9 @@ { "$ref": "#/definitions/AWS::SecurityLake::Subscriber" }, + { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification" + }, { "$ref": "#/definitions/AWS::ServiceCatalog::AcceptedPortfolioShare" }, @@ -284845,6 +339168,9 @@ { "$ref": "#/definitions/AWS::Transfer::User" }, + { + "$ref": "#/definitions/AWS::Transfer::WebApp" + }, { "$ref": "#/definitions/AWS::Transfer::Workflow" }, @@ -284872,6 +339198,12 @@ { "$ref": "#/definitions/AWS::VpcLattice::Listener" }, + { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration" + }, + { + "$ref": "#/definitions/AWS::VpcLattice::ResourceGateway" + }, { "$ref": "#/definitions/AWS::VpcLattice::ResourcePolicy" }, @@ -284884,6 +339216,9 @@ { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetwork" }, + { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkResourceAssociation" + }, { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation" }, @@ -284965,6 +339300,24 @@ { "$ref": "#/definitions/AWS::WAFv2::WebACLAssociation" }, + { + "$ref": "#/definitions/AWS::Wisdom::AIAgent" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIAgentVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrailVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIPromptVersion" + }, { "$ref": "#/definitions/AWS::Wisdom::Assistant" }, @@ -284974,18 +339327,33 @@ { "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase" }, + { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate" + }, + { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplateVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse" + }, { "$ref": "#/definitions/AWS::WorkSpaces::ConnectionAlias" }, { "$ref": "#/definitions/AWS::WorkSpaces::Workspace" }, + { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool" + }, { "$ref": "#/definitions/AWS::WorkSpacesThinClient::Environment" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::BrowserSettings" }, + { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings" + }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::IdentityProvider" }, @@ -285007,6 +339375,15 @@ { "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings" }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::Volume" + }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::VolumeAssociation" + }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance" + }, { "$ref": "#/definitions/AWS::XRay::Group" }, @@ -285016,6 +339393,9 @@ { "$ref": "#/definitions/AWS::XRay::SamplingRule" }, + { + "$ref": "#/definitions/AWS::XRay::TransactionSearchConfig" + }, { "$ref": "#/definitions/Alexa::ASK::Skill" }, diff --git a/schema_source/cloudformation-docs.json b/schema_source/cloudformation-docs.json index 47eb3081dc..da10bf50bf 100644 --- a/schema_source/cloudformation-docs.json +++ b/schema_source/cloudformation-docs.json @@ -205,31 +205,31 @@ "SourceAccount": "The ID of the account that assigned the permission." }, "AWS::AIOps::InvestigationGroup": { - "ChatbotNotificationChannels": "Use this property to integrate Amazon Q Developer operational investigations with Amazon Q in chat applications. This property is an array. For the first string, specify the ARN of an Amazon SNS topic. For the array of strings, specify the ARNs of one or more Amazon Q in chat applications configurations that you want to associate with that topic. For more information about these configuration ARNs, see [Getting started with Amazon Q in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html) and [Resource type defined by AWS Chatbot](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html#awschatbot-resources-for-iam-policies) .", - "CrossAccountConfigurations": "", - "EncryptionConfig": "Use this property to specify a customer managed AWS KMS key to encrypt your investigation data. If you omit this property, Amazon Q Developer operational investigations will use an AWS key to encrypt the data. For more information, see [Encryption of investigation data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Investigations-Security.html#Investigations-KMS) .", - "InvestigationGroupPolicy": "", - "IsCloudTrailEventHistoryEnabled": "Specify `true` to enable Amazon Q Developer operational investigations to have access to change events that are recorded by CloudTrail . The default is `true` .", - "Name": "A name for the investigation group.", - "RetentionInDays": "Specify how long that investigation data is kept. For more information, see [Operational investigation data retention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Investigations-Retention.html) .\n\nIf you omit this parameter, the default of 90 days is used.", - "RoleArn": "Specify the ARN of the IAM role that Amazon Q Developer operational investigations will use when it gathers investigation data. The permissions in this role determine which of your resources that Amazon Q Developer operational investigations will have access to during investigations.\n\nFor more information, see [How to control what data Amazon Q has access to during investigations](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Investigations-Security.html#Investigations-Security-Data) .", - "TagKeyBoundaries": "Enter the existing custom tag keys for custom applications in your system. Resource tags help Amazon Q narrow the search space when it is unable to discover definite relationships between resources. For example, to discover that an Amazon ECS service depends on an Amazon RDS database, Amazon Q can discover this relationship using data sources such as X-Ray and CloudWatch Application Signals. However, if you haven't deployed these features, Amazon Q will attempt to identify possible relationships. Tag boundaries can be used to narrow the resources that will be discovered by Amazon Q in these cases.\n\nYou don't need to enter tags created by myApplications or AWS CloudFormation , because Amazon Q can automatically detect those tags.", - "Tags": "A list of key-value pairs to associate with the investigation group. You can associate as many as 50 tags with an investigation group.\n\nTags can help you organize and categorize your resources." + "ChatbotNotificationChannels": "Use this property to integrate CloudWatch investigations with chat applications. This property is an array. For the first string, specify the ARN of an Amazon SNS topic. For the array of strings, specify the ARNs of one or more chat applications configurations that you want to associate with that topic. For more information about these configuration ARNs, see [Getting started with Amazon Q in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html) and [Resource type defined by AWS Chatbot](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html#awschatbot-resources-for-iam-policies) .", + "CrossAccountConfigurations": "List of `sourceRoleArn` values that have been configured for cross-account access.", + "EncryptionConfig": "Specifies the customer managed AWS KMS key that the investigation group uses to encrypt data, if there is one. If not, the investigation group uses an AWS key to encrypt the data.", + "InvestigationGroupPolicy": "Returns the JSON of the IAM resource policy associated with the specified investigation group in a string. For example, `{\\\"Version\\\":\\\"2012-10-17\\\",\\\"Statement\\\":[{\\\"Effect\\\":\\\"Allow\\\",\\\"Principal\\\":{\\\"Service\\\":\\\"aiops.alarms.cloudwatch.amazonaws.com\\\"},\\\"Action\\\":[\\\"aiops:CreateInvestigation\\\",\\\"aiops:CreateInvestigationEvent\\\"],\\\"Resource\\\":\\\"*\\\",\\\"Condition\\\":{\\\"StringEquals\\\":{\\\"aws:SourceAccount\\\":\\\"111122223333\\\"},\\\"ArnLike\\\":{\\\"aws:SourceArn\\\":\\\"arn:aws:cloudwatch:us-east-1:111122223333:alarm:*\\\"}}}]}` .", + "IsCloudTrailEventHistoryEnabled": "Specify `true` to enable CloudWatch investigations to have access to change events that are recorded by CloudTrail. The default is `true` .", + "Name": "Specify either the name or the ARN of the investigation group that you want to view. This is used to set the name of the investigation group.", + "RetentionInDays": "Specifies how long that investigation data is kept.", + "RoleArn": "The ARN of the IAM role that the investigation group uses for permissions to gather data.", + "TagKeyBoundaries": "Displays the custom tag keys for custom applications in your system that you have specified in the investigation group. Resource tags help CloudWatch investigations narrow the search space when it is unable to discover definite relationships between resources.", + "Tags": "The list of key-value pairs to associate with the resource." }, "AWS::AIOps::InvestigationGroup ChatbotNotificationChannel": { - "ChatConfigurationArns": "", - "SNSTopicArn": "" + "ChatConfigurationArns": "Returns the Amazon Resource Name (ARN) of any third-party chat integrations configured for the account.", + "SNSTopicArn": "Returns the ARN of an Amazon SNS topic used for third-party chat integrations." }, "AWS::AIOps::InvestigationGroup CrossAccountConfiguration": { - "SourceRoleArn": "" + "SourceRoleArn": "The ARN of an existing role which will be used to do investigations on your behalf." }, "AWS::AIOps::InvestigationGroup EncryptionConfigMap": { - "EncryptionConfigurationType": "", + "EncryptionConfigurationType": "Displays whether investigation data is encrypted by a customer managed key or an AWS owned key.", "KmsKeyId": "If the investigation group uses a customer managed key for encryption, this field displays the ID of that key." }, "AWS::AIOps::InvestigationGroup Tag": { - "Key": "A string that you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources, including investigation groups.", - "Value": "The value for the specified tag key." + "Key": "Assigns one or more tags (key-value pairs) to the specified resource.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a resource.", + "Value": "A list of key-value pairs to associate with the investigation group. You can associate as many as 50 tags with an investigation group. To be able to associate tags when you create the investigation group, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values." }, "AWS::APS::RuleGroupsNamespace": { "Data": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", @@ -443,7 +443,6 @@ "AWS::AmazonMQ::Broker User": { "ConsoleAccess": "Enables access to the ActiveMQ web console for the ActiveMQ user. Does not apply to RabbitMQ brokers.", "Groups": "The list of groups (20 maximum) to which the ActiveMQ user belongs. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long. Does not apply to RabbitMQ brokers.", - "JolokiaApiAccess": "", "Password": "The password of the user. This value must be at least 12 characters long, must contain at least 4 unique characters, and must not contain commas, colons, or equal signs (,:=).", "ReplicationUser": "Defines if this user is intended for CRDR replication purposes.", "Username": "The username of the broker user. For Amazon MQ for ActiveMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). For Amazon MQ for RabbitMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores (- . _). This value must not contain a tilde (~) character. Amazon MQ prohibts using guest as a valid usename. This value must be 2-100 characters long.\n\n> Do not add personally identifiable information (PII) or other confidential or sensitive information in broker usernames. Broker usernames are accessible to other AWS services, including CloudWatch Logs . Broker usernames are not intended to be used for private or sensitive data." @@ -2971,8 +2970,8 @@ "TagItems": "The items of the tag." }, "AWS::AppStream::AppBlock TagItems": { - "Key": "", - "Value": "" + "Key": "The key of the tag items.", + "Value": "The value of the tag items." }, "AWS::AppStream::AppBlockBuilder": { "AccessEndpoints": "The access endpoints of the app block builder.", @@ -3021,8 +3020,8 @@ "TagItems": "The items of the tag." }, "AWS::AppStream::Application TagItems": { - "Key": "", - "Value": "" + "Key": "The key of the tag items.", + "Value": "The value of the tag items." }, "AWS::AppStream::ApplicationEntitlementAssociation": { "ApplicationIdentifier": "The identifier of the application.", @@ -3070,7 +3069,7 @@ "IdleDisconnectTimeoutInSeconds": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the `DisconnectTimeoutInSeconds` time interval begins. Users are notified before they are disconnected due to inactivity. If they try to reconnect to the streaming session before the time interval specified in `DisconnectTimeoutInSeconds` elapses, they are connected to their previous session. Users are considered idle when they stop providing keyboard or mouse input during their streaming session. File uploads and downloads, audio in, audio out, and pixels changing do not qualify as user activity. If users continue to be idle after the time interval in `IdleDisconnectTimeoutInSeconds` elapses, they are disconnected.\n\nTo prevent users from being disconnected due to inactivity, specify a value of 0. Otherwise, specify a value between 60 and 36000.\n\nIf you enable this feature, we recommend that you specify a value that corresponds exactly to a whole number of minutes (for example, 60, 120, and 180). If you don't do this, the value is rounded to the nearest minute. For example, if you specify a value of 70, users are disconnected after 1 minute of inactivity. If you specify a value that is at the midpoint between two different minutes, the value is rounded up. For example, if you specify a value of 90, users are disconnected after 2 minutes of inactivity.", "ImageArn": "The ARN of the public, private, or shared image to use.", "ImageName": "The name of the image used to create the fleet.", - "InstanceType": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", + "InstanceType": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", "MaxConcurrentSessions": "The maximum number of concurrent sessions that can be run on an Elastic fleet. This setting is required for Elastic fleets, but is not used for other fleet types.", "MaxSessionsPerInstance": "Max number of user sessions on an instance. This is applicable only for multi-session fleets.", "MaxUserDurationInSeconds": "The maximum amount of time that a streaming session can remain active, in seconds. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.\n\nSpecify a value between 600 and 432000.", @@ -3112,7 +3111,7 @@ "IamRoleArn": "The ARN of the IAM role that is applied to the image builder. To assume a role, the image builder calls the AWS Security Token Service `AssumeRole` API operation and passes the ARN of the role to use. The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary credentials and creates the *appstream_machine_role* credential profile on the instance.\n\nFor more information, see [Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances](https://docs.aws.amazon.com/appstream2/latest/developerguide/using-iam-roles-to-grant-permissions-to-applications-scripts-streaming-instances.html) in the *Amazon AppStream 2.0 Administration Guide* .", "ImageArn": "The ARN of the public, private, or shared image to use.", "ImageName": "The name of the image used to create the image builder.", - "InstanceType": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge", + "InstanceType": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge", "Name": "A unique name for the image builder.", "Tags": "An array of key-value pairs.", "VpcConfig": "The VPC configuration for the image builder. You can specify only one subnet." @@ -5852,7 +5851,7 @@ "Conditions": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition." }, "AWS::Bedrock::Flow FieldForReranking": { - "FieldName": "The name of a metadata field to include in or exclude from consideration when reranking." + "FieldName": "The name of the metadata field to be used during the reranking process." }, "AWS::Bedrock::Flow FlowCondition": { "Expression": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", @@ -5960,8 +5959,8 @@ "Definition": "The definition of the DoWhile loop nodes and connections between nodes in the flow." }, "AWS::Bedrock::Flow MetadataConfigurationForReranking": { - "SelectionMode": "Specifies whether to consider all metadata when reranking, or only the metadata that you select. If you specify `SELECTIVE` , include the `selectiveModeConfiguration` field.", - "SelectiveModeConfiguration": "Contains configurations for the metadata fields to include or exclude when considering reranking." + "SelectionMode": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "SelectiveModeConfiguration": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE." }, "AWS::Bedrock::Flow PerformanceConfiguration": { "Latency": "To use a latency-optimized version of the model, set to `optimized` ." @@ -5999,8 +5998,8 @@ "Text": "Contains configurations for the text in a message for a prompt." }, "AWS::Bedrock::Flow RerankingMetadataSelectiveModeConfiguration": { - "FieldsToExclude": "An array of objects, each of which specifies a metadata field to exclude from consideration when reranking.", - "FieldsToInclude": "An array of objects, each of which specifies a metadata field to include in consideration when reranking. The remaining metadata fields are ignored." + "FieldsToExclude": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "FieldsToInclude": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude." }, "AWS::Bedrock::Flow RetrievalFlowNodeConfiguration": { "ServiceConfiguration": "Contains configurations for the service to use for retrieving data to return as the output from the node." @@ -6030,17 +6029,17 @@ "Text": "The message for the prompt." }, "AWS::Bedrock::Flow VectorSearchBedrockRerankingConfiguration": { - "MetadataConfiguration": "Contains configurations for the metadata to use in reranking.", - "ModelConfiguration": "Contains configurations for the reranker model.", - "NumberOfRerankedResults": "The number of results to return after reranking." + "MetadataConfiguration": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "ModelConfiguration": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "NumberOfRerankedResults": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results." }, "AWS::Bedrock::Flow VectorSearchBedrockRerankingModelConfiguration": { - "AdditionalModelRequestFields": "A JSON object whose keys are request fields for the model and whose values are values for those fields.", - "ModelArn": "The ARN of the reranker model to use." + "AdditionalModelRequestFields": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "ModelArn": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering." }, "AWS::Bedrock::Flow VectorSearchRerankingConfiguration": { - "BedrockRerankingConfiguration": "Contains configurations for an Amazon Bedrock reranker model.", - "Type": "The type of reranker model." + "BedrockRerankingConfiguration": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "Type": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking." }, "AWS::Bedrock::FlowAlias": { "ConcurrencyConfiguration": "The configuration that specifies how nodes in the flow are executed concurrently.", @@ -6068,7 +6067,7 @@ "Conditions": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition." }, "AWS::Bedrock::FlowVersion FieldForReranking": { - "FieldName": "The name of a metadata field to include in or exclude from consideration when reranking." + "FieldName": "The name of the metadata field to be used during the reranking process." }, "AWS::Bedrock::FlowVersion FlowCondition": { "Expression": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", @@ -6172,8 +6171,8 @@ "Definition": "The definition of the DoWhile loop nodes and connections between nodes in the flow." }, "AWS::Bedrock::FlowVersion MetadataConfigurationForReranking": { - "SelectionMode": "Specifies whether to consider all metadata when reranking, or only the metadata that you select. If you specify `SELECTIVE` , include the `selectiveModeConfiguration` field.", - "SelectiveModeConfiguration": "Contains configurations for the metadata fields to include or exclude when considering reranking." + "SelectionMode": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "SelectiveModeConfiguration": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE." }, "AWS::Bedrock::FlowVersion PerformanceConfiguration": { "Latency": "To use a latency-optimized version of the model, set to `optimized` ." @@ -6211,8 +6210,8 @@ "Text": "Contains configurations for the text in a message for a prompt." }, "AWS::Bedrock::FlowVersion RerankingMetadataSelectiveModeConfiguration": { - "FieldsToExclude": "An array of objects, each of which specifies a metadata field to exclude from consideration when reranking.", - "FieldsToInclude": "An array of objects, each of which specifies a metadata field to include in consideration when reranking. The remaining metadata fields are ignored." + "FieldsToExclude": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "FieldsToInclude": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude." }, "AWS::Bedrock::FlowVersion RetrievalFlowNodeConfiguration": { "ServiceConfiguration": "Contains configurations for the service to use for retrieving data to return as the output from the node." @@ -6237,24 +6236,24 @@ "Text": "The message for the prompt." }, "AWS::Bedrock::FlowVersion VectorSearchBedrockRerankingConfiguration": { - "MetadataConfiguration": "Contains configurations for the metadata to use in reranking.", - "ModelConfiguration": "Contains configurations for the reranker model.", - "NumberOfRerankedResults": "The number of results to return after reranking." + "MetadataConfiguration": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "ModelConfiguration": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "NumberOfRerankedResults": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results." }, "AWS::Bedrock::FlowVersion VectorSearchBedrockRerankingModelConfiguration": { - "AdditionalModelRequestFields": "A JSON object whose keys are request fields for the model and whose values are values for those fields.", - "ModelArn": "The ARN of the reranker model to use." + "AdditionalModelRequestFields": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "ModelArn": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering." }, "AWS::Bedrock::FlowVersion VectorSearchRerankingConfiguration": { - "BedrockRerankingConfiguration": "Contains configurations for an Amazon Bedrock reranker model.", - "Type": "The type of reranker model." + "BedrockRerankingConfiguration": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "Type": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking." }, "AWS::Bedrock::Guardrail": { "BlockedInputMessaging": "The message to return when the guardrail blocks a prompt.", "BlockedOutputsMessaging": "The message to return when the guardrail blocks a model response.", "ContentPolicyConfig": "The content filter policies to configure for the guardrail.", "ContextualGroundingPolicyConfig": "", - "CrossRegionConfig": "", + "CrossRegionConfig": "The system-defined guardrail profile that you're using with your guardrail. Guardrail profiles define the destination AWS Regions where guardrail inference requests can be automatically routed. Using guardrail profiles helps maintain guardrail performance and reliability when demand increases.\n\nFor more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", "Description": "A description of the guardrail.", "KmsKeyArn": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", "Name": "The name of the guardrail.", @@ -6264,26 +6263,26 @@ "WordPolicyConfig": "The word policy you configure for the guardrail." }, "AWS::Bedrock::Guardrail ContentFilterConfig": { - "InputAction": "", - "InputEnabled": "", - "InputModalities": "", + "InputAction": "Specifies the action to take when harmful content is detected. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "InputModalities": "The input modalities selected for the guardrail content filter configuration.", "InputStrength": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", - "OutputAction": "", - "OutputEnabled": "", - "OutputModalities": "", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "OutputModalities": "The output modalities selected for the guardrail content filter configuration.", "OutputStrength": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", "Type": "The harmful category that the content filter is applied to." }, "AWS::Bedrock::Guardrail ContentFiltersTierConfig": { - "TierName": "" + "TierName": "The tier that your guardrail uses for content filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) ." }, "AWS::Bedrock::Guardrail ContentPolicyConfig": { - "ContentFiltersTierConfig": "", + "ContentFiltersTierConfig": "The tier that your guardrail uses for content filters. Consider using a tier that balances performance, accuracy, and compatibility with your existing generative AI workflows.", "FiltersConfig": "Contains the type of the content filter and how strongly it should apply to prompts and model responses." }, "AWS::Bedrock::Guardrail ContextualGroundingFilterConfig": { - "Action": "", - "Enabled": "", + "Action": "Specifies the action to take when content fails the contextual grounding evaluation. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "Enabled": "Specifies whether to enable contextual grounding evaluation. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Threshold": "The threshold details for the guardrails contextual grounding filter.", "Type": "The filter details for the guardrails contextual grounding filter." }, @@ -6291,31 +6290,31 @@ "FiltersConfig": "" }, "AWS::Bedrock::Guardrail GuardrailCrossRegionConfig": { - "GuardrailProfileArn": "" + "GuardrailProfileArn": "The Amazon Resource Name (ARN) of the guardrail profile that your guardrail is using. Guardrail profile availability depends on your current AWS Region . For more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region-support.html) ." }, "AWS::Bedrock::Guardrail ManagedWordsConfig": { - "InputAction": "", - "InputEnabled": "", - "OutputAction": "", - "OutputEnabled": "", + "InputAction": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Type": "The managed word type to configure for the guardrail." }, "AWS::Bedrock::Guardrail PiiEntityConfig": { "Action": "Configure guardrail action when the PII entity is detected.", - "InputAction": "", - "InputEnabled": "", - "OutputAction": "", - "OutputEnabled": "", + "InputAction": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Indicates whether guardrail evaluation is enabled on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Type": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guardrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *CREDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc.." }, "AWS::Bedrock::Guardrail RegexConfig": { "Action": "The guardrail action to configure when matching regular expression is detected.", "Description": "The description of the regular expression to configure for the guardrail.", - "InputAction": "", - "InputEnabled": "", + "InputAction": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Name": "The name of the regular expression to configure for the guardrail.", - "OutputAction": "", - "OutputEnabled": "", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Pattern": "The regular expression pattern to configure for the guardrail." }, "AWS::Bedrock::Guardrail SensitiveInformationPolicyConfig": { @@ -6329,25 +6328,25 @@ "AWS::Bedrock::Guardrail TopicConfig": { "Definition": "A definition of the topic to deny.", "Examples": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", - "InputAction": "", - "InputEnabled": "", + "InputAction": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Name": "The name of the topic to deny.", - "OutputAction": "", - "OutputEnabled": "", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Type": "Specifies to deny the topic." }, "AWS::Bedrock::Guardrail TopicPolicyConfig": { "TopicsConfig": "A list of policies related to topics that the guardrail should deny.", - "TopicsTierConfig": "" + "TopicsTierConfig": "The tier that your guardrail uses for denied topic filters." }, "AWS::Bedrock::Guardrail TopicsTierConfig": { - "TierName": "" + "TierName": "The tier that your guardrail uses for denied topic filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) ." }, "AWS::Bedrock::Guardrail WordConfig": { - "InputAction": "", - "InputEnabled": "", - "OutputAction": "", - "OutputEnabled": "", + "InputAction": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "InputEnabled": "Specifies whether to enable guardrail evaluation on the intput. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "OutputAction": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "OutputEnabled": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", "Text": "Text of the word configured for the guardrail to block." }, "AWS::Bedrock::Guardrail WordPolicyConfig": { @@ -6643,7 +6642,7 @@ "AWS::Bedrock::Prompt ToolChoice": { "Any": "The model must request at least one tool (no text is generated).", "Auto": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", - "Tool": "The Model must request the specified tool. Only supported by Anthropic Claude 3 models." + "Tool": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models." }, "AWS::Bedrock::Prompt ToolConfiguration": { "ToolChoice": "If supported by model, forces the model to request a tool.", @@ -6734,7 +6733,7 @@ "AWS::Bedrock::PromptVersion ToolChoice": { "Any": "The model must request at least one tool (no text is generated).", "Auto": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", - "Tool": "The Model must request the specified tool. Only supported by Anthropic Claude 3 models." + "Tool": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models." }, "AWS::Bedrock::PromptVersion ToolConfiguration": { "ToolChoice": "If supported by model, forces the model to request a tool.", @@ -6748,6 +6747,29 @@ "InputSchema": "The input schema for the tool in JSON format.", "Name": "The name for the tool." }, + "AWS::Billing::BillingView": { + "DataFilterExpression": "See [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_billing_Expression.html) . Billing view only supports `LINKED_ACCOUNT` and `Tags` .", + "Description": "The description of the billing view.", + "Name": "The name of the billing view.", + "SourceViews": "A list of billing views used as the data source for the custom billing view.", + "Tags": "A list of key value map specifying tags associated to the billing view being created." + }, + "AWS::Billing::BillingView DataFilterExpression": { + "Dimensions": "The specific `Dimension` to use for `Expression` .", + "Tags": "The specific `Tag` to use for `Expression` ." + }, + "AWS::Billing::BillingView Dimensions": { + "Key": "The key that's associated with the tag.", + "Values": "The metadata that you can use to filter and group your results." + }, + "AWS::Billing::BillingView Tag": { + "Key": "A list of tag key value pairs that are associated with the resource.", + "Value": "The metadata that you can use to filter and group your results." + }, + "AWS::Billing::BillingView Tags": { + "Key": "A list of tag key value pairs that are associated with the resource.", + "Values": "The metadata values that you can use to filter and group your results." + }, "AWS::BillingConductor::BillingGroup": { "AccountGrouping": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", "ComputationPreference": "The preferences and settings that will be used to compute the AWS charges for a billing group.", @@ -7066,6 +7088,7 @@ }, "AWS::Cassandra::Table CdcSpecification": { "Status": "The status of the CDC stream. You can enable or disable a stream for a table.", + "Tags": "The tags (key-value pairs) that you want to apply to the stream.", "ViewType": "The view type specifies the changes Amazon Keyspaces records for each changed row in the stream. After you create the stream, you can't make changes to this selection.\n\nThe options are:\n\n- `NEW_AND_OLD_IMAGES` - both versions of the row, before and after the change. This is the default.\n- `NEW_IMAGE` - the version of the row after the change.\n- `OLD_IMAGE` - the version of the row before the change.\n- `KEYS_ONLY` - the partition and clustering keys of the row that was changed." }, "AWS::Cassandra::Table ClusteringKeyColumn": { @@ -7119,10 +7142,11 @@ }, "AWS::CertificateManager::Certificate": { "CertificateAuthorityArn": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", + "CertificateExport": "You can opt out of allowing export of your certificate by specifying the `DISABLED` option. Allow export of your certificate by specifying the `ENABLED` option.\n\nIf you do not specify an export preference in a new CloudFormation template, it is the same as explicitly denying export of your certificate.", "CertificateTransparencyLoggingPreference": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", "DomainName": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", "DomainValidationOptions": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", - "KeyAlgorithm": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", + "KeyAlgorithm": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate-characteristics.html#algorithms-term) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", "SubjectAlternativeNames": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", "Tags": "Key-value pairs that can identify the certificate.", "ValidationMethod": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation." @@ -7245,7 +7269,7 @@ "Value": "The value of the tag." }, "AWS::CleanRooms::Collaboration": { - "AnalyticsEngine": "The analytics engine for the collaboration.", + "AnalyticsEngine": "The analytics engine for the collaboration.\n\n> After July 16, 2025, the `CLEAN_ROOMS_SQL` parameter will no longer be available.", "CreatorDisplayName": "A display name of the collaboration creator.", "CreatorMLMemberAbilities": "The ML member abilities for a collaboration member.", "CreatorMemberAbilities": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS` | `CAN_RUN_JOB`", @@ -7795,13 +7819,13 @@ "RetainStacksOnAccountRemoval": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` ." }, "AWS::CloudFormation::StackSet DeploymentTargets": { - "AccountFilterType": "Limit deployment targets to individual accounts or include additional accounts with provided OUs.\n\nThe following is a list of possible values for the `AccountFilterType` operation.\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` parameter.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` parameter.\n- `UNION` StackSet deploys to the OU, and the accounts specified in the `Accounts` parameter. `UNION` is not supported for create operations when using StackSet as a resource.", + "AccountFilterType": "Refines which accounts to deploy stacks to by specifying how to use the `Accounts` and `OrganizationalUnitIds` properties together.\n\nThe following values determine how CloudFormation selects target accounts:\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` property.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` property.\n- `UNION` : StackSet deploys to the OU, and the accounts specified in the `Accounts` property. `UNION` is not supported for create operations when using StackSet as a resource or the `CreateStackInstances` API.", "Accounts": "The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the `AccountsUrl` property instead.\n\n*Pattern* : `^[0-9]{12}$`", - "AccountsUrl": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).", + "AccountsUrl": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).\n\nThis property serves the same purpose as `Accounts` but allows you to specify a large number of accounts.", "OrganizationalUnitIds": "The organization root ID or organizational unit (OU) IDs.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`" }, "AWS::CloudFormation::StackSet ManagedExecution": { - "Active": "When `true` , StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen `false` (default), StackSets performs one operation at a time in request order." + "Active": "When `true` , CloudFormation performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, CloudFormation starts queued operations in request order.\n\n> If there are already running or queued operations, CloudFormation queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen `false` (default), StackSets performs one operation at a time in request order." }, "AWS::CloudFormation::StackSet OperationPreferences": { "ConcurrencyMode": "Specifies how the concurrency level behaves during the operation execution.\n\n- `STRICT_FAILURE_TOLERANCE` : This option dynamically lowers the concurrency level to ensure the number of failed accounts never exceeds the value of `FailureToleranceCount` +1. The initial actual concurrency is set to the lower of either the value of the `MaxConcurrentCount` , or the value of `FailureToleranceCount` +1. The actual concurrency is then reduced proportionally by the number of failures. This is the default behavior.\n\nIf failure tolerance or Maximum concurrent accounts are set to percentages, the behavior is similar.\n- `SOFT_FAILURE_TOLERANCE` : This option decouples `FailureToleranceCount` from the actual concurrency. This allows StackSet operations to run at the concurrency level set by the `MaxConcurrentCount` value, or `MaxConcurrentPercentage` , regardless of the number of failures.", @@ -7817,7 +7841,7 @@ "ParameterValue": "The input value associated with the parameter." }, "AWS::CloudFormation::StackSet StackInstances": { - "DeploymentTargets": "The AWS `OrganizationalUnitIds` or `Accounts` for which to create stack instances in the specified Regions.", + "DeploymentTargets": "The AWS Organizations accounts or AWS accounts to deploy stacks to in the specified Regions.", "ParameterOverrides": "A list of StackSet parameters whose values you want to override in the selected stack instances.", "Regions": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts ." }, @@ -8027,7 +8051,7 @@ "CNAMEs": "An alias for the CloudFront distribution's domain name.\n\n> This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead.", "CacheBehaviors": "A complex type that contains zero or more `CacheBehavior` elements.", "Comment": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", - "ConnectionMode": "This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants(tenant-only).", + "ConnectionMode": "This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants (tenant-only).", "ContinuousDeploymentPolicyId": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", "CustomErrorResponses": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", "CustomOrigin": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", @@ -10397,7 +10421,12 @@ "ContactLens": "", "ContactflowLogs": "", "EarlyMedia": "", + "EnhancedChatMonitoring": "", + "EnhancedContactMonitoring": "", + "HighVolumeOutBound": "", "InboundCalls": "", + "MultiPartyChatConference": "", + "MultiPartyConference": "", "OutboundCalls": "", "UseCustomTTSVoices": "" }, @@ -11028,15 +11057,15 @@ "Threshold": "The threshold for the calculated attribute." }, "AWS::CustomerProfiles::CalculatedAttributeDefinition Range": { - "TimestampFormat": "", - "TimestampSource": "", + "TimestampFormat": "The format the timestamp field in your JSON object is specified. This value should be one of EPOCHMILLI (for Unix epoch timestamps with second/millisecond level precision) or ISO_8601 (following ISO_8601 format with second/millisecond level precision, with an optional offset of Z or in the format HH:MM or HHMM.). E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"2001-07-04T12:08:56.235-0700\"}}, then TimestampFormat should be \"ISO_8601\"", + "TimestampSource": "An expression specifying the field in your JSON object from which the date should be parsed. The expression should follow the structure of \\\"{ObjectTypeName.}\\\". E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"1737587945945\"}}, then TimestampSource should be \"{MyType.generatedAt.timestamp}\"", "Unit": "The unit of time.", "Value": "The amount of time of the specified unit.", - "ValueRange": "" + "ValueRange": "A structure letting customers specify a relative time window over which over which data is included in the Calculated Attribute. Use positive numbers to indicate that the endpoint is in the past, and negative numbers to indicate it is in the future. ValueRange overrides Value." }, "AWS::CustomerProfiles::CalculatedAttributeDefinition Readiness": { - "Message": "", - "ProgressPercentage": "" + "Message": "Any customer messaging.", + "ProgressPercentage": "Approximately how far the Calculated Attribute creation is from completion." }, "AWS::CustomerProfiles::CalculatedAttributeDefinition Tag": { "Key": "", @@ -11047,8 +11076,8 @@ "Value": "The value of the threshold." }, "AWS::CustomerProfiles::CalculatedAttributeDefinition ValueRange": { - "End": "", - "Start": "" + "End": "The ending point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future.", + "Start": "The starting point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future." }, "AWS::CustomerProfiles::Domain": { "DeadLetterQueueUrl": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", @@ -11364,7 +11393,7 @@ "PartyTypeString": "A field to describe values to segment on within partyTypeString.", "PersonalEmailAddress": "A field to describe values to segment on within personal email address.", "PhoneNumber": "A field to describe values to segment on within phone number.", - "ProfileType": "", + "ProfileType": "The type of profile.", "ShippingAddress": "A field to describe values to segment on within shipping address." }, "AWS::CustomerProfiles::SegmentDefinition ProfileDimension": { @@ -11372,8 +11401,8 @@ "Values": "" }, "AWS::CustomerProfiles::SegmentDefinition ProfileTypeDimension": { - "DimensionType": "", - "Values": "" + "DimensionType": "The action to segment on.", + "Values": "The values to apply the DimensionType on." }, "AWS::CustomerProfiles::SegmentDefinition RangeOverride": { "End": "The end time of when to include objects.", @@ -12758,7 +12787,7 @@ "AWS::DataSync::LocationNFS": { "MountOptions": "Specifies the options that DataSync can use to mount your NFS file server.", "OnPremConfig": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", - "ServerHostname": "Specifies the DNS name or IP version 4 address of the NFS file server that your DataSync agent connects to.", + "ServerHostname": "Specifies the DNS name or IP address (IPv4 or IPv6) of the NFS file server that your DataSync agent connects to.", "Subdirectory": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", "Tags": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location." }, @@ -12780,7 +12809,7 @@ "CustomSecretConfig": "Specifies configuration information for a customer-managed Secrets Manager secret where the secret key for a specific object storage location is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.\n\n> You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.", "SecretKey": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.\n\n> If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.", "ServerCertificate": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", - "ServerHostname": "Specifies the domain name or IP version 4 (IPv4) address of the object storage server that your DataSync agent connects to.", + "ServerHostname": "Specifies the domain name or IP address (IPv4 or IPv6) of the object storage server that your DataSync agent connects to.", "ServerPort": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", "ServerProtocol": "Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .", "Subdirectory": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", @@ -12825,7 +12854,7 @@ "KerberosPrincipal": "", "MountOptions": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", "Password": "Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if `AuthenticationType` is set to `NTLM` .", - "ServerHostname": "Specifies the domain name or IP address of the SMB file server that your DataSync agent connects to.\n\nRemember the following when configuring this parameter:\n\n- You can't specify an IP version 6 (IPv6) address.\n- If you're using Kerberos authentication, you must specify a domain name.", + "ServerHostname": "Specifies the domain name or IP address (IPv4 or IPv6) of the SMB file server that your DataSync agent connects to.\n\n> If you're using Kerberos authentication, you must specify a domain name.", "Subdirectory": "Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, `/path/to/subdirectory` ). Make sure that other SMB clients in your network can also mount this path.\n\nTo copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", "Tags": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "User": "Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nFor information about choosing a user with the right level of access for your transfer, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) ." @@ -13198,11 +13227,11 @@ "RegionalParameters": "The regional parameters of the environment blueprint." }, "AWS::DataZone::EnvironmentBlueprintConfiguration LakeFormationConfiguration": { - "LocationRegistrationExcludeS3Locations": "", - "LocationRegistrationRole": "" + "LocationRegistrationExcludeS3Locations": "Specifies certain Amazon S3 locations if you do not want Amazon DataZone to automatically register them in hybrid mode.", + "LocationRegistrationRole": "The role that is used to manage read/write access to the chosen Amazon S3 bucket(s) for Data Lake using AWS Lake Formation hybrid access mode." }, "AWS::DataZone::EnvironmentBlueprintConfiguration ProvisioningConfiguration": { - "LakeFormationConfiguration": "" + "LakeFormationConfiguration": "The Lake Formation configuration of the Data Lake blueprint." }, "AWS::DataZone::EnvironmentBlueprintConfiguration RegionalParameter": { "Parameters": "A string to string map containing parameters for the region.", @@ -13249,18 +13278,18 @@ "DomainUnitId": "The ID of the domain unit. This parameter is not required and if it is not specified, then the project is created at the root domain unit level.", "GlossaryTerms": "The glossary terms that can be used in this Amazon DataZone project.", "Name": "The name of a project.", - "ProjectProfileId": "", - "ProjectProfileVersion": "", - "UserParameters": "" + "ProjectProfileId": "The ID of the project profile.", + "ProjectProfileVersion": "The project profile version to which the project should be updated. You can only specify the following string for this parameter: `latest` .", + "UserParameters": "The user parameters of the project." }, "AWS::DataZone::Project EnvironmentConfigurationUserParameter": { - "EnvironmentConfigurationName": "", - "EnvironmentId": "", - "EnvironmentParameters": "" + "EnvironmentConfigurationName": "The environment configuration name.", + "EnvironmentId": "The ID of the environment.", + "EnvironmentParameters": "The environment parameters." }, "AWS::DataZone::Project EnvironmentParameter": { - "Name": "", - "Value": "" + "Name": "The name of an environment profile parameter.", + "Value": "The value of an environment profile parameter." }, "AWS::DataZone::ProjectMembership": { "Designation": "The designated role of a project member.", @@ -13274,38 +13303,38 @@ }, "AWS::DataZone::ProjectProfile": { "Description": "The description of the project profile.", - "DomainIdentifier": "", - "DomainUnitIdentifier": "", - "EnvironmentConfigurations": "", + "DomainIdentifier": "A domain ID of the project profile.", + "DomainUnitIdentifier": "A domain unit ID of the project profile.", + "EnvironmentConfigurations": "Environment configurations of a project profile.", "Name": "The name of a project profile.", "Status": "The status of a project profile." }, "AWS::DataZone::ProjectProfile AwsAccount": { - "AwsAccountId": "" + "AwsAccountId": "The account ID of a project." }, "AWS::DataZone::ProjectProfile EnvironmentConfiguration": { - "AwsAccount": "", - "AwsRegion": "", - "ConfigurationParameters": "", - "DeploymentMode": "", - "DeploymentOrder": "", - "Description": "", - "EnvironmentBlueprintId": "", - "Id": "", - "Name": "" + "AwsAccount": "The AWS account of the environment.", + "AwsRegion": "The AWS Region of the environment.", + "ConfigurationParameters": "The configuration parameters of the environment.", + "DeploymentMode": "The deployment mode of the environment.", + "DeploymentOrder": "The deployment order of the environment.", + "Description": "The environment description.", + "EnvironmentBlueprintId": "The environment blueprint ID.", + "Id": "The environment ID.", + "Name": "The environment name." }, "AWS::DataZone::ProjectProfile EnvironmentConfigurationParameter": { - "IsEditable": "", - "Name": "", - "Value": "" + "IsEditable": "Specifies whether the environment parameter is editable.", + "Name": "The name of the environment configuration parameter.", + "Value": "The value of the environment configuration parameter." }, "AWS::DataZone::ProjectProfile EnvironmentConfigurationParametersDetails": { - "ParameterOverrides": "", - "ResolvedParameters": "", - "SsmPath": "" + "ParameterOverrides": "The parameter overrides.", + "ResolvedParameters": "The resolved environment configuration parameters.", + "SsmPath": "Ssm path environment configuration parameters." }, "AWS::DataZone::ProjectProfile Region": { - "RegionName": "" + "RegionName": "The AWS Region name." }, "AWS::DataZone::SubscriptionTarget": { "ApplicableAssetTypes": "The asset types included in the subscription target.", @@ -13712,11 +13741,13 @@ "DeletionProtection": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", "EnableCloudwatchLogsExports": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", "EngineVersion": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.\n\nIf you intend to trigger an in-place upgrade, please refer to [Amazon DocumentDB in-place major version upgrade](https://docs.aws.amazon.com/documentdb/latest/developerguide/docdb-mvu.html) . Note that for an in-place engine version upgrade, you need to remove other cluster properties changes (e.g. SecurityGroupId) from the CFN template.", + "GlobalClusterIdentifier": "The cluster identifier of the new global cluster.", "KmsKeyId": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", "ManageMasterUserPassword": "Specifies whether to manage the master user password with Amazon Web Services Secrets Manager.\n\nConstraint: You can't manage the master user password with Amazon Web Services Secrets Manager if `MasterUserPassword` is specified.", "MasterUserPassword": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", "MasterUserSecretKmsKeyId": "The Amazon Web Services KMS key identifier to encrypt a secret that is automatically generated and managed in Amazon Web Services Secrets Manager. This setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the DB cluster.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.\n\nIf you don't specify `MasterUserSecretKmsKeyId` , then the `aws/secretsmanager` KMS key is used to encrypt the secret. If the secret is in a different Amazon Web Services account, then you can't use the `aws/secretsmanager` KMS key to encrypt the secret, and you must use a customer managed KMS key.\n\nThere is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.", "MasterUsername": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", + "NetworkType": "", "Port": "Specifies the port that the database engine is listening on.", "PreferredBackupWindow": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", "PreferredMaintenanceWindow": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", @@ -14051,10 +14082,10 @@ "EndDate": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.\n\nIf you are requesting a future-dated Capacity Reservation, you can't specify an end date and time that is within the commitment duration.", "EndDateType": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", "EphemeralStorage": "*Deprecated.*", - "InstanceCount": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 100 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *25 * m5.xlarge = 100 vCPUs* ). \n\nValid range: 1 - 1000", + "InstanceCount": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 64 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *16 * m5.xlarge = 64 vCPUs* ). \n\nValid range: 1 - 1000", "InstanceMatchCriteria": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\n> If you are requesting a future-dated Capacity Reservation, you must specify `targeted` . \n\nDefault: `open`", "InstancePlatform": "The type of operating system for which to reserve capacity.", - "InstanceType": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, and T instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", + "InstanceType": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, T, and G instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", "OutPostArn": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", "PlacementGroupArn": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", "TagSpecifications": "The tags to apply to the Capacity Reservation during launch.", @@ -14263,7 +14294,7 @@ }, "AWS::EC2::EC2Fleet EbsBlockDevice": { "DeleteOnTermination": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", - "Encrypted": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS encryption](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) in the *Amazon EBS User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .\n\nThis parameter is not returned by `DescribeImageAttribute` .\n\nFor `CreateImage` and `RegisterImage` , whether you can include this parameter, and the allowed values differ depending on the type of block device mapping you are creating.\n\n- If you are creating a block device mapping for a *new (empty) volume* , you can include this parameter, and specify either `true` for an encrypted volume, or `false` for an unencrypted volume. If you omit this parameter, it defaults to `false` (unencrypted).\n- If you are creating a block device mapping from an *existing encrypted or unencrypted snapshot* , you must omit this parameter. If you include this parameter, the request will fail, regardless of the value that you specify.\n- If you are creating a block device mapping from an *existing unencrypted volume* , you can include this parameter, but you must specify `false` . If you specify `true` , the request will fail. In this case, we recommend that you omit the parameter.\n- If you are creating a block device mapping from an *existing encrypted volume* , you can include this parameter, and specify either `true` or `false` . However, if you specify `false` , the parameter is ignored and the block device mapping is always encrypted. In this case, we recommend that you omit the parameter.", + "Encrypted": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS encryption](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) in the *Amazon EBS User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .\n\n- If you are creating a block device mapping for a *new (empty) volume* , you can include this parameter, and specify either `true` for an encrypted volume, or `false` for an unencrypted volume. If you omit this parameter, it defaults to `false` (unencrypted).\n- If you are creating a block device mapping from an *existing encrypted or unencrypted snapshot* , you must omit this parameter. If you include this parameter, the request will fail, regardless of the value that you specify.\n- If you are creating a block device mapping from an *existing unencrypted volume* , you can include this parameter, but you must specify `false` . If you specify `true` , the request will fail. In this case, we recommend that you omit the parameter.\n- If you are creating a block device mapping from an *existing encrypted volume* , you can include this parameter, and specify either `true` or `false` . However, if you specify `false` , the parameter is ignored and the block device mapping is always encrypted. In this case, we recommend that you omit the parameter.", "Iops": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", "KmsKeyId": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.\n\nThis parameter is only supported on `BlockDeviceMapping` objects called by [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , and [RequestSpotInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html) .", "SnapshotId": "The ID of the snapshot.", @@ -14468,7 +14499,7 @@ "DefaultResourceDiscoveryOrganizationalUnitExclusions": "If your IPAM is integrated with AWS Organizations, you can exclude an [organizational unit (OU)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#organizationalunit) from being managed by IPAM. When you exclude an OU, IPAM will not manage the IP addresses in accounts in that OU. For more information, see [Exclude organizational units from IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/exclude-ous.html) in the *Amazon Virtual Private Cloud IP Address Manager User Guide* .", "Description": "The description for the IPAM.", "EnablePrivateGua": "Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.", - "MeteredAccount": "", + "MeteredAccount": "A metered account is an AWS account that is charged for active IP addresses managed in IPAM. For more information, see [Enable cost distribution](https://docs.aws.amazon.com/vpc/latest/ipam/ipam-enable-cost-distro.html) in the *Amazon VPC IPAM User Guide* .\n\nPossible values:\n\n- `ipam-owner` (default): The AWS account which owns the IPAM is charged for all active IP addresses managed in IPAM.\n- `resource-owner` : The AWS account that owns the IP address is charged for the active IP address.", "OperatingRegions": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", "Tags": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", "Tier": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) ." @@ -14581,7 +14612,7 @@ "Ipv6AddressCount": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", "Ipv6Addresses": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", "KernelId": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "KeyName": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "KeyName": "The name of the key pair. For more information, see [Create a key pair for your EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", "LaunchTemplate": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", "LicenseSpecifications": "The license configurations.", "MetadataOptions": "The metadata options for the instance.", @@ -14709,7 +14740,7 @@ }, "AWS::EC2::InstanceConnectEndpoint": { "ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", - "PreserveClientIp": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\nDefault: `false`", + "PreserveClientIp": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\n> `PreserveClientIp` is only supported on IPv4 EC2 Instance Connect Endpoints. To use `PreserveClientIp` , the value for `IpAddressType` must be `ipv4` . \n\nDefault: `false`", "SecurityGroupIds": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", "SubnetId": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", "Tags": "The tags to apply to the EC2 Instance Connect Endpoint during creation." @@ -15822,6 +15853,7 @@ "AWS::EC2::TrafficMirrorSession": { "Description": "The description of the Traffic Mirror session.", "NetworkInterfaceId": "The ID of the source network interface.", + "OwnerId": "The ID of the account that owns the Traffic Mirror session.", "PacketLength": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", "SessionNumber": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", "Tags": "The tags to assign to a Traffic Mirror session.", @@ -16544,9 +16576,9 @@ "CapacityProviderStrategy": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy can contain a maximum of 20 capacity providers.\n\n> To remove this property from your service resource, specify an empty `CapacityProviderStrategyItem` array.", "Cluster": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", "DeploymentConfiguration": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", - "DeploymentController": "The deployment controller to use for the service. If no deployment controller is specified, the default value of `ECS` is used.", + "DeploymentController": "The deployment controller to use for the service.", "DesiredCount": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", - "EnableECSManagedTags": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you need to set the `propagateTags` request parameter.", + "EnableECSManagedTags": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you must set the `propagateTags` request parameter.", "EnableExecuteCommand": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", "HealthCheckGracePeriodSeconds": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of `0` is used. If you don't use any of the health checks, then `healthCheckGracePeriodSeconds` is unused.\n\nIf your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", "LaunchType": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", @@ -16566,6 +16598,12 @@ "VolumeConfigurations": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n\n> To remove this property from your service resource, specify an empty `ServiceVolumeConfiguration` array.", "VpcLatticeConfigurations": "The VPC Lattice configuration for the service being created." }, + "AWS::ECS::Service AdvancedConfiguration": { + "AlternateTargetGroupArn": "The Amazon Resource Name (ARN) of the alternate target group for Amazon ECS blue/green deployments.", + "ProductionListenerRule": "The Amazon Resource Name (ARN) that that identifies the production listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing production traffic.", + "RoleArn": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call the Elastic Load Balancing APIs for you.", + "TestListenerRule": "The Amazon Resource Name (ARN) that identifies ) that identifies the test listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing test traffic." + }, "AWS::ECS::Service AwsVpcConfiguration": { "AssignPublicIp": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", "SecurityGroups": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", @@ -16587,12 +16625,20 @@ }, "AWS::ECS::Service DeploymentConfiguration": { "Alarms": "Information about the CloudWatch alarms.", + "BakeTimeInMinutes": "The duration when both blue and green service revisions are running simultaneously after the production traffic has shifted.\n\nThe following rules apply when you don't specify a value:\n\n- For rolling deployments, the value is set to 3 hours (180 minutes).\n- When you use an external deployment controller ( `EXTERNAL` ), or the CodeDeploy blue/green deployment controller ( `CODE_DEPLOY` ), the value is set to 3 hours (180 minutes).\n- For all other cases, the value is set to 36 hours (2160 minutes).", "DeploymentCircuitBreaker": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", + "LifecycleHooks": "An array of deployment lifecycle hook objects to run custom logic at specific stages of the deployment lifecycle.", "MaximumPercent": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nThe Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `maximumPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf the service uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service.", - "MinimumHealthyPercent": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service." + "MinimumHealthyPercent": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", + "Strategy": "The deployment strategy for the service. Choose from these valid values:\n\n- `ROLLING` - When you create a service which uses the rolling update ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n- `BLUE_GREEN` - A blue/green deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed." }, "AWS::ECS::Service DeploymentController": { - "Type": "The deployment controller type to use. There are three deployment controller types available:\n\n- **ECS** - The rolling update ( `ECS` ) deployment type involves replacing the current running version of the container with the latest version. The number of containers Amazon ECS adds or removes from the service during a rolling update is controlled by adjusting the minimum and maximum number of healthy tasks allowed during a service deployment, as specified in the [DeploymentConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeploymentConfiguration.html) .\n- **CODE_DEPLOY** - The blue/green ( `CODE_DEPLOY` ) deployment type uses the blue/green deployment model powered by AWS CodeDeploy , which allows you to verify a new deployment of a service before sending production traffic to it.\n- **EXTERNAL** - The external ( `EXTERNAL` ) deployment type enables you to use any third-party deployment controller for full control over the deployment process for an Amazon ECS service." + "Type": "The deployment controller type to use.\n\nThe deployment controller is the mechanism that determines how tasks are deployed for your service. The valid options are:\n\n- ECS\n\nWhen you create a service which uses the `ECS` deployment controller, you can choose between the following deployment strategies:\n\n- `ROLLING` : When you create a service which uses the *rolling update* ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n\nRolling update deployments are best suited for the following scenarios:\n\n- Gradual service updates: You need to update your service incrementally without taking the entire service offline at once.\n- Limited resource requirements: You want to avoid the additional resource costs of running two complete environments simultaneously (as required by blue/green deployments).\n- Acceptable deployment time: Your application can tolerate a longer deployment process, as rolling updates replace tasks one by one.\n- No need for instant roll back: Your service can tolerate a rollback process that takes minutes rather than seconds.\n- Simple deployment process: You prefer a straightforward deployment approach without the complexity of managing multiple environments, target groups, and listeners.\n- No load balancer requirement: Your service doesn't use or require a load balancer, Application Load Balancer , Network Load Balancer , or Service Connect (which are required for blue/green deployments).\n- Stateful applications: Your application maintains state that makes it difficult to run two parallel environments.\n- Cost sensitivity: You want to minimize deployment costs by not running duplicate environments during deployment.\n\nRolling updates are the default deployment strategy for services and provide a balance between deployment safety and resource efficiency for many common application scenarios.\n- `BLUE_GREEN` : A *blue/green* deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.\n\nAmazon ECS blue/green deployments are best suited for the following scenarios:\n\n- Service validation: When you need to validate new service revisions before directing production traffic to them\n- Zero downtime: When your service requires zero-downtime deployments\n- Instant roll back: When you need the ability to quickly roll back if issues are detected\n- Load balancer requirement: When your service uses Application Load Balancer , Network Load Balancer , or Service Connect\n- External\n\nUse a third-party deployment controller.\n- Blue/green deployment (powered by CodeDeploy )\n\nCodeDeploy installs an updated version of the application as a new replacement task set and reroutes production traffic from the original application task set to the replacement task set. The original task set is terminated after a successful deployment. Use this deployment controller to verify a new deployment of a service before sending production traffic to it.\n\nWhen updating the deployment controller for a service, consider the following depending on the type of migration you're performing.\n\n- If you have a template that contains the `EXTERNAL` deployment controller information as well as `TaskSet` and `PrimaryTaskSet` resources, and you remove the task set resources from the template when updating from `EXTERNAL` to `ECS` , the `DescribeTaskSet` and `DeleteTaskSet` API calls will return a 400 error after the deployment controller is updated to `ECS` . This results in a delete failure on the task set resources, even though the stack transitions to `UPDATE_COMPLETE` status. For more information, see [Resource removed from stack but not deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html#troubleshooting-errors-resource-removed-not-deleted) in the AWS CloudFormation User Guide. To fix this issue, delete the task sets directly using the Amazon ECS `DeleteTaskSet` API. For more information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference.\n- If you're migrating from `CODE_DEPLOY` to `ECS` with a new task definition and AWS CloudFormation performs a rollback operation, the Amazon ECS `UpdateService` request fails with the following error:\n\nResource handler returned message: \"Invalid request provided: Unable to update task definition on services with a CODE_DEPLOY deployment controller.\n- After a successful migration from `ECS` to `EXTERNAL` deployment controller, you need to manually remove the `ACTIVE` task set, because Amazon ECS no longer manages the deployment. For information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference." + }, + "AWS::ECS::Service DeploymentLifecycleHook": { + "HookTargetArn": "The Amazon Resource Name (ARN) of the hook target. Currently, only Lambda function ARNs are supported.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "LifecycleStages": "The lifecycle stages at which to run the hook. Choose from these valid values:\n\n- RECONCILE_SERVICE\n\nThe reconciliation stage that only happens when you start a new service deployment with more than 1 service revision in an ACTIVE state.\n\nYou can use a lifecycle hook for this stage.\n- PRE_SCALE_UP\n\nThe green service revision has not started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_SCALE_UP\n\nThe green service revision has started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- TEST_TRAFFIC_SHIFT\n\nThe blue and green service revisions are running. The blue service revision handles 100% of the production traffic. The green service revision is migrating from 0% to 100% of test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_TEST_TRAFFIC_SHIFT\n\nThe test traffic shift is complete. The green service revision handles 100% of the test traffic.\n\nYou can use a lifecycle hook for this stage.\n- PRODUCTION_TRAFFIC_SHIFT\n\nProduction traffic is shifting to the green service revision. The green service revision is migrating from 0% to 100% of production traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_PRODUCTION_TRAFFIC_SHIFT\n\nThe production traffic shift is complete.\n\nYou can use a lifecycle hook for this stage.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "RoleArn": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call Lambda functions on your behalf.\n\nFor more information, see [Permissions required for Lambda functions in Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/blue-green-permissions.html) in the *Amazon Elastic Container Service Developer Guide* ." }, "AWS::ECS::Service EBSTagSpecification": { "PropagateTags": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", @@ -16600,6 +16646,7 @@ "Tags": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used." }, "AWS::ECS::Service LoadBalancer": { + "AdvancedConfiguration": "The advanced settings for the load balancer used in blue/green deployments. Specify the alternate target group, listener rules, and IAM role required for traffic shifting during blue/green deployments.", "ContainerName": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", "ContainerPort": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", "LoadBalancerName": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", @@ -16627,7 +16674,8 @@ }, "AWS::ECS::Service ServiceConnectClientAlias": { "DnsName": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "Port": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* ." + "Port": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "TestTrafficRules": "The configuration for test traffic routing rules used during blue/green deployments with Amazon ECS Service Connect. This allows you to route a portion of traffic to the new service revision of your service for testing before shifting all production traffic." }, "AWS::ECS::Service ServiceConnectConfiguration": { "Enabled": "Specifies whether to use Service Connect with this service.", @@ -16643,6 +16691,16 @@ "Timeout": "A reference to an object that represents the configured timeouts for Service Connect.", "Tls": "A reference to an object that represents a Transport Layer Security (TLS) configuration." }, + "AWS::ECS::Service ServiceConnectTestTrafficRules": { + "Header": "The HTTP header-based routing rules that determine which requests should be routed to the new service version during blue/green deployment testing. These rules provide fine-grained control over test traffic routing based on request headers." + }, + "AWS::ECS::Service ServiceConnectTestTrafficRulesHeader": { + "Name": "", + "Value": "" + }, + "AWS::ECS::Service ServiceConnectTestTrafficRulesHeaderValue": { + "Exact": "" + }, "AWS::ECS::Service ServiceConnectTlsCertificateAuthority": { "AwsPcaAuthorityArn": "The ARN of the AWS Private Certificate Authority certificate." }, @@ -18952,6 +19010,7 @@ "Description": "The event bus description.", "EventSourceName": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", "KmsKeyIdentifier": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt events on the event bus.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n> Schema discovery is not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:\n> \n> - You call `[CreateDiscoverer](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer)` on an event bus set to use a customer managed key for encryption.\n> - You call `[UpdatedEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html)` to set a customer managed key on an event bus with schema discovery enabled.\n> \n> To enable schema discovery on an event bus, choose to use an AWS owned key . For more information, see [Encrypting events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption-event-bus-cmkey.html) in the *Amazon EventBridge User Guide* . > If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.\n> \n> For more information, see [Encrypting archives](https://docs.aws.amazon.com/eventbridge/latest/userguide/encryption-archives.html) in the *Amazon EventBridge User Guide* .", + "LogConfig": "The logging configuration settings for the event bus.\n\nFor more information, see [Configuring logs for event buses](https://docs.aws.amazon.com/eb-event-bus-logs.html) in the *EventBridge User Guide* .", "Name": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", "Policy": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", "Tags": "Tags to associate with the event bus." @@ -18959,6 +19018,10 @@ "AWS::Events::EventBus DeadLetterConfig": { "Arn": "The ARN of the SQS queue specified as the target for the dead-letter queue." }, + "AWS::Events::EventBus LogConfig": { + "IncludeDetail": "Whether EventBridge include detailed event information in the records it generates. Detailed data can be useful for troubleshooting and debugging. This information includes details of the event itself, as well as target details.\n\nFor more information, see [Including detail data in event bus logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-logs-data) in the *EventBridge User Guide* .", + "Level": "The level of logging detail to include. This applies to all log destinations for the event bus.\n\nFor more information, see [Specifying event bus log level](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-bus-logs-level) in the *EventBridge User Guide* ." + }, "AWS::Events::EventBus Tag": { "Key": "A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources.", "Value": "The value for the specified tag key." @@ -21780,6 +21843,7 @@ "AWS::GuardDuty::IPSet": { "Activate": "Indicates whether or not GuardDuty uses the `IPSet` .", "DetectorId": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "ExpectedBucketOwner": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", "Format": "The format of the file that contains the IPSet.", "Location": "The URI of the file that contains the IPSet.", "Name": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", @@ -21846,6 +21910,7 @@ "AWS::GuardDuty::ThreatIntelSet": { "Activate": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", "DetectorId": "The unique ID of the detector of the GuardDuty account for which you want to create a `ThreatIntelSet` .\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "ExpectedBucketOwner": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", "Format": "The format of the file that contains the ThreatIntelSet.", "Location": "The URI of the file that contains the ThreatIntelSet.", "Name": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", @@ -24438,6 +24503,49 @@ "Unit": "A unit of time.", "Value": "A number of time units." }, + "AWS::IoTManagedIntegrations::CredentialLocker": { + "Name": "The name of the credential locker.", + "Tags": "A set of key/value pairs that are used to manage the credential locker." + }, + "AWS::IoTManagedIntegrations::ManagedThing": { + "AuthenticationMaterial": "The authentication material defining the device connectivity setup requests. The authentication materials used are the device bar code.", + "AuthenticationMaterialType": "The type of authentication material used for device connectivity setup requests.", + "Brand": "The brand of the device.", + "CapabilityReport": "A report of the capabilities for the managed thing.", + "Classification": "The classification of the managed thing such as light bulb or thermostat.", + "CredentialLockerId": "The identifier of the credential locker for the managed thing.", + "MetaData": "The metadata for the managed thing.\n\n> The `managedThing metadata` parameter is used for associating attributes with a `managedThing` that can be used for grouping over-the-air (OTA) tasks. Name value pairs in `metadata` can be used in the `OtaTargetQueryString` parameter for the `CreateOtaTask` API operation.", + "Model": "The model of the device.", + "Name": "The name of the managed thing representing the physical device.", + "Owner": "Owner of the device, usually an indication of whom the device belongs to. This value should not contain personal identifiable information.", + "Role": "The type of device used. This will be the hub controller, cloud device, or IoT device.", + "SerialNumber": "The serial number of the device.", + "Tags": "A set of key/value pairs that are used to manage the managed thing." + }, + "AWS::IoTManagedIntegrations::ManagedThing CapabilityReport": { + "Endpoints": "The endpoints used in the capability report.", + "NodeId": "The numeric identifier of the node.", + "Version": "The version of the capability report." + }, + "AWS::IoTManagedIntegrations::ManagedThing CapabilityReportCapability": { + "Actions": "The capability actions used in the capability report.", + "Events": "The capability events used in the capability report.", + "Id": "The id of the schema version.", + "Name": "The name of the capability.", + "Properties": "The capability properties used in the capability report.", + "Version": "The version of the capability." + }, + "AWS::IoTManagedIntegrations::ManagedThing CapabilityReportEndpoint": { + "Capabilities": "The capabilities used in the capability report.", + "DeviceTypes": "The type of device.", + "Id": "The id of the endpoint used in the capability report." + }, + "AWS::IoTManagedIntegrations::ProvisioningProfile": { + "CaCertificate": "The id of the certificate authority (CA) certificate.", + "Name": "The name of the provisioning template.", + "ProvisioningType": "The type of provisioning workflow the device uses for onboarding to IoT managed integrations.", + "Tags": "A set of key/value pairs that are used to manage the provisioning profile." + }, "AWS::IoTSiteWise::AccessPolicy": { "AccessPolicyIdentity": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", "AccessPolicyPermission": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", @@ -24614,12 +24722,12 @@ "GatewayCapabilitySummaries": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", "GatewayName": "A unique name for the gateway.", "GatewayPlatform": "The gateway's platform. You can only specify one platform in a gateway.", - "GatewayVersion": "The version of the gateway. A value of `3` indicates an MQTT-enabled, V3 gateway, while `2` indicates a Classic streams, V2 gateway.", + "GatewayVersion": "", "Tags": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* ." }, "AWS::IoTSiteWise::Gateway GatewayCapabilitySummary": { "CapabilityConfiguration": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", - "CapabilityNamespace": "The namespace of the capability configuration. For example, if you configure OPC-UA sources from the AWS IoT SiteWise console, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:version` , where `version` is a number such as `1` ." + "CapabilityNamespace": "The namespace of the capability configuration. For example, if you configure OPC UA sources for an MQTT-enabled gateway, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:3` ." }, "AWS::IoTSiteWise::Gateway GatewayPlatform": { "GreengrassV2": "A gateway that runs on AWS IoT Greengrass V2 .", @@ -26156,7 +26264,8 @@ "SizeInMBs": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." }, "AWS::KinesisFirehose::DeliveryStream CatalogConfiguration": { - "CatalogArn": "Specifies the Glue catalog ARN identifier of the destination Apache Iceberg Tables. You must specify the ARN in the format `arn:aws:glue:region:account-id:catalog` ." + "CatalogArn": "Specifies the Glue catalog ARN identifier of the destination Apache Iceberg Tables. You must specify the ARN in the format `arn:aws:glue:region:account-id:catalog` .", + "WarehouseLocation": "The warehouse location for Apache Iceberg tables. You must configure this when schema evolution and table creation is enabled.\n\nAmazon Data Firehose is in preview release and is subject to change." }, "AWS::KinesisFirehose::DeliveryStream CloudWatchLoggingOptions": { "Enabled": "Indicates whether CloudWatch Logs logging is enabled.", @@ -26218,6 +26327,7 @@ "AWS::KinesisFirehose::DeliveryStream DestinationTableConfiguration": { "DestinationDatabaseName": "The name of the Apache Iceberg database.", "DestinationTableName": "Specifies the name of the Apache Iceberg Table.", + "PartitionSpec": "The partition spec configuration for a table that is used by automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", "S3ErrorOutputPrefix": "The table specific S3 error output prefix. All the errors that occurred while delivering to this table will be prefixed with this value in S3 destination.", "UniqueKeys": "A list of unique keys for a given Apache Iceberg table. Firehose will use these for running Create, Update, or Delete operations on the given Iceberg table." }, @@ -26313,6 +26423,8 @@ "RetryOptions": "", "RoleARN": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling Apache Iceberg Tables.", "S3Configuration": "", + "SchemaEvolutionConfiguration": "The configuration to enable automatic schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "TableCreationConfiguration": "The configuration to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", "s3BackupMode": "Describes how Firehose will backup records. Currently,S3 backup only supports `FailedDataOnly` ." }, "AWS::KinesisFirehose::DeliveryStream InputFormatConfiguration": { @@ -26359,6 +26471,12 @@ "PageSizeBytes": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", "WriterVersion": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` ." }, + "AWS::KinesisFirehose::DeliveryStream PartitionField": { + "SourceName": "The column name to be configured in partition spec.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, + "AWS::KinesisFirehose::DeliveryStream PartitionSpec": { + "Identity": "List of identity [transforms](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#partition-transforms) that performs an identity transformation. The transform takes the source value, and does not modify it. Result type is the source type.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, "AWS::KinesisFirehose::DeliveryStream ProcessingConfiguration": { "Enabled": "Indicates whether data processing is enabled (true) or disabled (false).", "Processors": "The data processors." @@ -26409,6 +26527,9 @@ "TableName": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", "VersionId": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up." }, + "AWS::KinesisFirehose::DeliveryStream SchemaEvolutionConfiguration": { + "Enabled": "Specify whether you want to enable schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, "AWS::KinesisFirehose::DeliveryStream SecretsManagerConfiguration": { "Enabled": "Specifies whether you want to use the secrets manager feature. When set as `True` the secrets manager configuration overwrites the existing secrets in the destination configuration. When it's set to `False` Firehose falls back to the credentials in the destination configuration.", "RoleARN": "Specifies the role that Firehose assumes when calling the Secrets Manager API operation. When you provide the role, it overrides any destination specific role defined in the destination configuration. If you do not provide the then we use the destination specific role. This parameter is required for Splunk.", @@ -26474,6 +26595,9 @@ "AWS::KinesisFirehose::DeliveryStream SplunkRetryOptions": { "DurationInSeconds": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt." }, + "AWS::KinesisFirehose::DeliveryStream TableCreationConfiguration": { + "Enabled": "Specify whether you want to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, "AWS::KinesisFirehose::DeliveryStream Tag": { "Key": "A unique identifier for the tag. Maximum length: 128 characters. Valid characters: Unicode letters, digits, white space, _ . / = + - % @", "Value": "An optional string, which you can use to describe or define the tag. Maximum length: 256 characters. Valid characters: Unicode letters, digits, white space, _ . / = + - % @" @@ -28284,7 +28408,7 @@ "ParseKeyValue": "Use this parameter to include the [parseKeyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseKeyValue) processor in your transformer.", "ParsePostgres": "Use this parameter to include the [parsePostGres](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parsePostGres) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", "ParseRoute53": "Use this parameter to include the [parseRoute53](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseRoute53) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", - "ParseToOCSF": "Use this processor to convert logs into Open Cybersecurity Schema Framework (OCSF) format", + "ParseToOCSF": "Use this parameter to convert logs into Open Cybersecurity Schema (OCSF) format.", "ParseVPC": "Use this parameter to include the [parseVPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseVPC) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", "ParseWAF": "Use this parameter to include the [parseWAF](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseWAF) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", "RenameKeys": "Use this parameter to include the [renameKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-renameKeys) processor in your transformer.", @@ -31029,7 +31153,7 @@ "InputSwitchConfiguration": "The configuration for input switching based on the media quality confidence score (MQCS) as provided from AWS Elemental MediaLive.", "InputType": "The input type will be an immutable field which will be used to define whether the channel will allow CMAF ingest or HLS ingest. If unprovided, it will default to HLS to preserve current behavior.\n\nThe allowed values are:\n\n- `HLS` - The HLS streaming specification (which defines M3U8 manifests and TS segments).\n- `CMAF` - The DASH-IF CMAF Ingest specification (which defines CMAF segments with optional DASH manifests).", "OutputHeaderConfiguration": "The settings for what common media server data (CMSD) headers AWS Elemental MediaPackage includes in responses to the CDN.", - "Tags": "The tags associated with the channel." + "Tags": "" }, "AWS::MediaPackageV2::Channel IngestEndpoint": { "Id": "The identifier associated with the ingest endpoint of the channel.", @@ -31042,8 +31166,8 @@ "PublishMQCS": "When true, AWS Elemental MediaPackage includes the MQCS in responses to the CDN. This setting is valid only when `InputType` is `CMAF` ." }, "AWS::MediaPackageV2::Channel Tag": { - "Key": "", - "Value": "" + "Key": "The key in the key:value pair for the tag.", + "Value": "The value in the key:value pair for the tag." }, "AWS::MediaPackageV2::ChannelGroup": { "ChannelGroupName": "The name of the channel group.", @@ -31051,8 +31175,8 @@ "Tags": "The tags associated with the channel group." }, "AWS::MediaPackageV2::ChannelGroup Tag": { - "Key": "", - "Value": "" + "Key": "The key in the key:value pair for the tag.", + "Value": "The value in the key:value pair for the tag." }, "AWS::MediaPackageV2::ChannelPolicy": { "ChannelGroupName": "The name of the channel group associated with the channel policy.", @@ -31073,18 +31197,56 @@ "StartoverWindowSeconds": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", "Tags": "The tags associated with the origin endpoint." }, + "AWS::MediaPackageV2::OriginEndpoint DashBaseUrl": { + "DvbPriority": "For use with DVB-DASH profiles only. The priority of this location for servings segments. The lower the number, the higher the priority.", + "DvbWeight": "For use with DVB-DASH profiles only. The weighting for source locations that have the same priority.", + "ServiceLocation": "The name of the source location.", + "Url": "A source location for segments." + }, + "AWS::MediaPackageV2::OriginEndpoint DashDvbFontDownload": { + "FontFamily": "The `fontFamily` name for subtitles, as described in [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) .", + "MimeType": "The `mimeType` of the resource that's at the font download URL.\n\nFor information about font MIME types, see the [MPEG-DASH Profile for Transport of ISO BMFF Based DVB Services over IP Based Networks](https://docs.aws.amazon.com/https://dvb.org/wp-content/uploads/2021/06/A168r4_MPEG-DASH-Profile-for-Transport-of-ISO-BMFF-Based-DVB-Services_Draft-ts_103-285-v140_November_2021.pdf) document.", + "Url": "The URL for downloading fonts for subtitles." + }, + "AWS::MediaPackageV2::OriginEndpoint DashDvbMetricsReporting": { + "Probability": "The number of playback devices per 1000 that will send error reports to the reporting URL. This represents the probability that a playback device will be a reporting player for this session.", + "ReportingUrl": "The URL where playback devices send error reports." + }, + "AWS::MediaPackageV2::OriginEndpoint DashDvbSettings": { + "ErrorMetrics": "Playback device error reporting settings.", + "FontDownload": "Subtitle font settings." + }, "AWS::MediaPackageV2::OriginEndpoint DashManifestConfiguration": { - "DrmSignaling": "", - "FilterConfiguration": "", - "ManifestName": "", - "ManifestWindowSeconds": "", - "MinBufferTimeSeconds": "", - "MinUpdatePeriodSeconds": "", - "PeriodTriggers": "", - "ScteDash": "", - "SegmentTemplateFormat": "", - "SuggestedPresentationDelaySeconds": "", - "UtcTiming": "" + "BaseUrls": "The base URLs to use for retrieving segments.", + "Compactness": "The layout of the DASH manifest that MediaPackage produces. `STANDARD` indicates a default manifest, which is compacted. `NONE` indicates a full manifest.\n\nFor information about compactness, see [DASH manifest compactness](https://docs.aws.amazon.com/mediapackage/latest/userguide/compacted.html) in the *AWS Elemental MediaPackage v2 User Guide* .", + "DrmSignaling": "Determines how the DASH manifest signals the DRM content.", + "DvbSettings": "For endpoints that use the DVB-DASH profile only. The font download and error reporting information that you want MediaPackage to pass through to the manifest.", + "FilterConfiguration": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "ManifestName": "A short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint.", + "ManifestWindowSeconds": "The total duration (in seconds) of the manifest's content.", + "MinBufferTimeSeconds": "Minimum amount of content (in seconds) that a player must keep available in the buffer.", + "MinUpdatePeriodSeconds": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", + "PeriodTriggers": "A list of triggers that controls when AWS Elemental MediaPackage separates the MPEG-DASH manifest into multiple periods. Type `ADS` to indicate that AWS Elemental MediaPackage must create periods in the output manifest that correspond to SCTE-35 ad markers in the input source. Leave this value empty to indicate that the manifest is contained all in one period. For more information about periods in the DASH manifest, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/userguide/multi-period.html) .", + "Profiles": "The profile that the output is compliant with.", + "ProgramInformation": "Details about the content that you want MediaPackage to pass through in the manifest to the playback device.", + "ScteDash": "The SCTE configuration.", + "SegmentTemplateFormat": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValue description:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", + "SubtitleConfiguration": "The configuration for DASH subtitles.", + "SuggestedPresentationDelaySeconds": "The amount of time (in seconds) that the player should be from the end of the manifest.", + "UtcTiming": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD)." + }, + "AWS::MediaPackageV2::OriginEndpoint DashProgramInformation": { + "Copyright": "A copyright statement about the content.", + "LanguageCode": "The language code for this manifest.", + "MoreInformationUrl": "An absolute URL that contains more information about this content.", + "Source": "Information about the content provider.", + "Title": "The title for the manifest." + }, + "AWS::MediaPackageV2::OriginEndpoint DashSubtitleConfiguration": { + "TtmlConfiguration": "Settings for TTML subtitles." + }, + "AWS::MediaPackageV2::OriginEndpoint DashTtmlConfiguration": { + "TtmlProfile": "The profile that MediaPackage uses when signaling subtitles in the manifest. `IMSC` is the default profile. `EBU-TT-D` produces subtitles that are compliant with the EBU-TT-D TTML profile. MediaPackage passes through subtitle styles to the manifest. For more information about EBU-TT-D subtitles, see [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) ." }, "AWS::MediaPackageV2::OriginEndpoint DashUtcTiming": { "TimingMode": "The UTC timing mode.", @@ -31116,25 +31278,25 @@ }, "AWS::MediaPackageV2::OriginEndpoint HlsManifestConfiguration": { "ChildManifestName": "The name of the child manifest associated with the HLS manifest configuration.", - "FilterConfiguration": "", + "FilterConfiguration": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", "ManifestName": "The name of the manifest associated with the HLS manifest configuration.", "ManifestWindowSeconds": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", "ProgramDateTimeIntervalSeconds": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", "ScteHls": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", - "StartTag": "", + "StartTag": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", "Url": "The URL of the HLS manifest configuration.", - "UrlEncodeChildManifest": "" + "UrlEncodeChildManifest": "When enabled, MediaPackage URL-encodes the query string for API requests for HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* ." }, "AWS::MediaPackageV2::OriginEndpoint LowLatencyHlsManifestConfiguration": { "ChildManifestName": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "FilterConfiguration": "", + "FilterConfiguration": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", "ManifestName": "A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", "ManifestWindowSeconds": "The total duration (in seconds) of the manifest's content.", "ProgramDateTimeIntervalSeconds": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", "ScteHls": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "StartTag": "", + "StartTag": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", "Url": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "UrlEncodeChildManifest": "" + "UrlEncodeChildManifest": "When enabled, MediaPackage URL-encodes the query string for API requests for LL-HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* ." }, "AWS::MediaPackageV2::OriginEndpoint Scte": { "ScteFilter": "The filter associated with the SCTE-35 configuration." @@ -31166,8 +31328,8 @@ "TimeOffset": "Specify the value for TIME-OFFSET within your EXT-X-START tag. Enter a signed floating point value which, if positive, must be less than the configured manifest duration minus three times the configured segment target duration. If negative, the absolute value must be larger than three times the configured segment target duration, and the absolute value must be smaller than the configured manifest duration." }, "AWS::MediaPackageV2::OriginEndpoint Tag": { - "Key": "", - "Value": "" + "Key": "The key in the key:value pair for the tag.", + "Value": "The value in the key:value pair for the tag." }, "AWS::MediaPackageV2::OriginEndpointPolicy": { "ChannelGroupName": "The name of the channel group associated with the origin endpoint policy.", @@ -32417,7 +32579,7 @@ "Main": "The path of the main definition file for the workflow.", "Name": "The workflow's name.", "ParameterTemplate": "The workflow's parameter template.", - "StorageCapacity": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version.", + "StorageCapacity": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version. The `storageCapacity` can be overwritten at run time. The storage capacity is not required for runs with a `DYNAMIC` storage type.", "StorageType": "", "Tags": "Tags for the workflow." }, @@ -32953,7 +33115,7 @@ "PreferredMaintenanceWindow": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", "SecurityGroupIds": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", "ServerName": "The name of the server. The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters.", - "ServiceRoleArn": "The service role that the AWS OpsWorks CM service backend uses to work with your account. Although the AWS OpsWorks management console typically creates the service role for you, if you are using the AWS CLI or API commands, run the service-role-creation.yaml AWS CloudFormation template, located at https://s3.amazonaws.com/opsworks-cm-us-east-1-prod-default-assets/misc/opsworks-cm-roles.yaml. This template creates a CloudFormation stack that includes the service role and instance profile that you need.", + "ServiceRoleArn": "The service role that the AWS OpsWorks CM service backend uses to work with your account.", "SubnetIds": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", "Tags": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server." }, @@ -41029,6 +41191,7 @@ "Domain": "The OpenSearch domain." }, "AWS::QuickSight::DataSource AthenaParameters": { + "IdentityCenterConfiguration": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your workgroup.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center.", "RoleArn": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", "WorkGroup": "The workgroup that Amazon Athena uses." }, @@ -41109,7 +41272,8 @@ "AWS::QuickSight::DataSource OracleParameters": { "Database": "Database.", "Host": "Host.", - "Port": "Port." + "Port": "Port.", + "UseServiceName": "A Boolean value that indicates whether the `Database` uses a service name or an SID. If this value is left blank, the default value is `SID` . If this value is set to `false` , the value is `SID` ." }, "AWS::QuickSight::DataSource PostgreSqlParameters": { "Database": "Database.", @@ -44124,6 +44288,7 @@ "Description": "The description of the topic.", "FolderArns": "", "Name": "The name of the topic.", + "Tags": "", "TopicId": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", "UserExperienceVersion": "The user experience version of the topic." }, @@ -44204,6 +44369,10 @@ "TypeName": "The semantic type name.", "TypeParameters": "The semantic type parameters." }, + "AWS::QuickSight::Topic Tag": { + "Key": "", + "Value": "" + }, "AWS::QuickSight::Topic TopicCalculatedField": { "Aggregation": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", "AllowedAggregations": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", @@ -44340,7 +44509,7 @@ "PermissionArns": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", "Principals": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", "ResourceArns": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", - "Sources": "", + "Sources": "Specifies from which source accounts the service principal has access to the resources in this resource share.", "Tags": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share." }, "AWS::RAM::ResourceShare Tag": { @@ -44372,7 +44541,7 @@ "AvailabilityZones": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", "BacktrackWindow": "The target backtrack window, in seconds. To disable backtracking, set this value to `0` .\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: `0`\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).", "BackupRetentionPeriod": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "ClusterScalabilityType": "Specifies the scalability mode of the Aurora DB cluster. When set to `limitless` , the cluster operates as an Aurora Limitless Database, allowing you to create a DB shard group for horizontal scaling (sharding) capabilities. When set to `standard` (the default), the cluster uses normal DB instance creation.", + "ClusterScalabilityType": "Specifies the scalability mode of the Aurora DB cluster. When set to `limitless` , the cluster operates as an Aurora Limitless Database, allowing you to create a DB shard group for horizontal scaling (sharding) capabilities. When set to `standard` (the default), the cluster uses normal DB instance creation.\n\n*Important:* Automated backup retention isn't supported with Aurora Limitless Database clusters. If you set this property to `limitless` , you cannot set `DeleteAutomatedBackups` to `false` . To create a backup, use manual snapshots instead.", "CopyTagsToSnapshot": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "DBClusterIdentifier": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "DBClusterInstanceClass": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", @@ -44382,6 +44551,7 @@ "DBSystemId": "Reserved for future use.", "DatabaseInsightsMode": "The mode of Database Insights to enable for the DB cluster.\n\nIf you set this value to `advanced` , you must also set the `PerformanceInsightsEnabled` parameter to `true` and the `PerformanceInsightsRetentionPeriod` parameter to 465.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", "DatabaseName": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "DeleteAutomatedBackups": "Specifies whether to remove automated backups immediately after the DB cluster is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB cluster is deleted, unless the AWS Backup policy specifies a point-in-time restore rule.", "DeletionProtection": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "Domain": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", "DomainIAMRoleName": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", @@ -44417,7 +44587,7 @@ "ScalingConfiguration": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", "ServerlessV2ScalingConfiguration": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", "SnapshotIdentifier": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "SourceDBClusterIdentifier": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "SourceDBClusterIdentifier": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n- Cannot be specified if `SourceDbClusterResourceId` is specified. You must specify either `SourceDBClusterIdentifier` or `SourceDbClusterResourceId` , but not both.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "SourceRegion": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", "StorageEncrypted": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "StorageType": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", @@ -44479,6 +44649,7 @@ "AutomaticBackupReplicationRetentionPeriod": "The retention period for automated backups in a different AWS Region. Use this parameter to set a unique retention period that only applies to cross-Region automated backups. To enable automated backups in a different Region, specify a positive value for the `AutomaticBackupReplicationRegion` parameter.\n\nIf not specified, this parameter defaults to the value of the `BackupRetentionPeriod` parameter. The maximum allowed value is 35.", "AvailabilityZone": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", "BackupRetentionPeriod": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", + "BackupTarget": "The location for storing automated backups and manual snapshots.\n\nValid Values:\n\n- `local` (Dedicated Local Zone)\n- `outposts` ( AWS Outposts)\n- `region` ( AWS Region )\n\nDefault: `region`\n\nFor more information, see [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the *Amazon RDS User Guide* .", "CACertificateIdentifier": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", "CertificateRotationRestart": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", "CharacterSetName": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", @@ -45997,9 +46168,10 @@ "BucketName": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", "CorsConfiguration": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", "IntelligentTieringConfigurations": "Defines how Amazon S3 handles Intelligent-Tiering storage.", - "InventoryConfigurations": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", + "InventoryConfigurations": "Specifies the S3 Inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", "LifecycleConfiguration": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", "LoggingConfiguration": "Settings that define where logs are stored.", + "MetadataConfiguration": "The S3 Metadata configuration for a general purpose bucket.", "MetadataTableConfiguration": "The metadata table configuration of an Amazon S3 general purpose bucket.", "MetricsConfigurations": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", "NotificationConfiguration": "Configuration that defines how Amazon S3 handles bucket notifications.", @@ -46085,6 +46257,18 @@ "Prefix": "Specifies the inventory filter prefix.", "ScheduleFrequency": "Specifies the schedule for generating inventory results." }, + "AWS::S3::Bucket InventoryTableConfiguration": { + "ConfigurationState": "The configuration state of the inventory table, indicating whether the inventory table is enabled or disabled.", + "EncryptionConfiguration": "The encryption configuration for the inventory table.", + "TableArn": "The Amazon Resource Name (ARN) for the inventory table.", + "TableName": "The name of the inventory table." + }, + "AWS::S3::Bucket JournalTableConfiguration": { + "EncryptionConfiguration": "The encryption configuration for the journal table.", + "RecordExpiration": "The journal table record expiration settings for the journal table.", + "TableArn": "The Amazon Resource Name (ARN) for the journal table.", + "TableName": "The name of the journal table." + }, "AWS::S3::Bucket LambdaConfiguration": { "Event": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", "Filter": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", @@ -46099,9 +46283,23 @@ "LogFilePrefix": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", "TargetObjectKeyFormat": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed." }, + "AWS::S3::Bucket MetadataConfiguration": { + "Destination": "The destination information for the S3 Metadata configuration.", + "InventoryTableConfiguration": "The inventory table configuration for a metadata configuration.", + "JournalTableConfiguration": "The journal table configuration for a metadata configuration." + }, + "AWS::S3::Bucket MetadataDestination": { + "TableBucketArn": "The Amazon Resource Name (ARN) of the table bucket where the metadata configuration is stored.", + "TableBucketType": "The type of the table bucket where the metadata configuration is stored. The `aws` value indicates an AWS managed table bucket, and the `customer` value indicates a customer-managed table bucket. V2 metadata configurations are stored in AWS managed table buckets, and V1 metadata configurations are stored in customer-managed table buckets.", + "TableNamespace": "The namespace in the table bucket where the metadata tables for a metadata configuration are stored." + }, "AWS::S3::Bucket MetadataTableConfiguration": { "S3TablesDestination": "The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket." }, + "AWS::S3::Bucket MetadataTableEncryptionConfiguration": { + "KmsKeyArn": "If server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS) is specified, you must also specify the KMS key Amazon Resource Name (ARN). You must specify a customer-managed KMS key that's located in the same Region as the general purpose bucket that corresponds to the metadata table configuration.", + "SseAlgorithm": "The encryption type specified for a metadata table. To specify server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS), use the `aws:kms` value. To specify server-side encryption with Amazon S3 managed keys (SSE-S3), use the `AES256` value." + }, "AWS::S3::Bucket Metrics": { "EventThreshold": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", "Status": "Specifies whether the replication metrics are enabled." @@ -46157,6 +46355,10 @@ "Filter": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", "Queue": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination." }, + "AWS::S3::Bucket RecordExpiration": { + "Days": "If you enable journal table record expiration, you can set the number of days to retain your journal table records. Journal table records must be retained for a minimum of 7 days. To set this value, specify any whole number from `7` to `2147483647` . For example, to retain your journal table records for one year, set this value to `365` .", + "Expiration": "Specifies whether journal table record expiration is enabled or disabled." + }, "AWS::S3::Bucket RedirectAllRequestsTo": { "HostName": "Name of the host where requests are redirected.", "Protocol": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request." @@ -46488,7 +46690,8 @@ "BucketName": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Zone (Availability Zone or Local Zone). The bucket name must also follow the format `*bucket_base_name* -- *zone_id* --x-s3` (for example, `*bucket_base_name* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", "DataRedundancy": "The number of Zone (Availability Zone or Local Zone) that's used for redundancy for the bucket.", "LifecycleConfiguration": "Container for lifecycle rules. You can add as many as 1000 rules.\n\nFor more information see, [Creating and managing a lifecycle configuration for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-lifecycle.html ) in the *Amazon S3 User Guide* .", - "LocationName": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` ." + "LocationName": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` .", + "Tags": "An array of tags that you can apply to the S3 directory bucket. Tags are key-value pairs of metadata used to categorize and organize your buckets, track costs, and control access. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) ." }, "AWS::S3Express::DirectoryBucket AbortIncompleteMultipartUpload": { "DaysAfterInitiation": "Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload." @@ -46516,6 +46719,10 @@ "BucketKeyEnabled": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. S3 Bucket Keys are always enabled for `GET` and `PUT` operations on a directory bucket and can\u2019t be disabled. It's only allowed to set the `BucketKeyEnabled` element to `true` .\n\nS3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) , [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) , [the Copy operation in Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops) , or [the import jobs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job) . In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-UsingKMSEncryption.html#s3-express-sse-kms-bucket-keys) in the *Amazon S3 User Guide* .", "ServerSideEncryptionByDefault": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied." }, + "AWS::S3Express::DirectoryBucket Tag": { + "Key": "The key of the tag. Tags are key-value pairs that you use to label your directory buckets. Tags can help you organize, track costs for, and control access to directory buckets. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) .", + "Value": "The value of the tag. Tags are key-value pairs that you use to label your directory buckets. Tags can help you organize, track costs for, and control access to directory buckets. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) ." + }, "AWS::S3ObjectLambda::AccessPoint": { "Name": "The name of this access point.", "ObjectLambdaConfiguration": "A configuration used when creating an Object Lambda Access Point." @@ -46668,6 +46875,10 @@ "ResourcePolicy": "The bucket policy JSON for the table bucket.", "TableBucketARN": "The Amazon Resource Name (ARN) of the table bucket." }, + "AWS::S3Tables::TablePolicy": { + "ResourcePolicy": "", + "TableARN": "" + }, "AWS::SDB::Domain": { "Description": "Information about the SimpleDB domain." }, @@ -46677,6 +46888,7 @@ "ReputationOptions": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", "SendingOptions": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", "SuppressionOptions": "An object that contains information about the suppression list preferences for your account.", + "Tags": "An array of objects that define the tags (keys and values) that are associated with the configuration set.", "TrackingOptions": "An object that defines the open and click tracking options for emails that you send using the configuration set.", "VdmOptions": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set." }, @@ -46700,6 +46912,10 @@ "AWS::SES::ConfigurationSet SuppressionOptions": { "SuppressedReasons": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce." }, + "AWS::SES::ConfigurationSet Tag": { + "Key": "", + "Value": "" + }, "AWS::SES::ConfigurationSet TrackingOptions": { "CustomRedirectDomain": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", "HttpsPolicy": "The https policy to use for tracking open and click events." @@ -46757,7 +46973,12 @@ }, "AWS::SES::DedicatedIpPool": { "PoolName": "The name of the dedicated IP pool that the IP address is associated with.", - "ScalingMode": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported." + "ScalingMode": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", + "Tags": "An object that defines the tags (keys and values) that you want to associate with the pool." + }, + "AWS::SES::DedicatedIpPool Tag": { + "Key": "", + "Value": "" }, "AWS::SES::EmailIdentity": { "ConfigurationSetAttributes": "Used to associate a configuration set with an email identity.", @@ -46765,7 +46986,8 @@ "DkimSigningAttributes": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", "EmailIdentity": "The email address or domain to verify.", "FeedbackAttributes": "Used to enable or disable feedback forwarding for an identity.", - "MailFromAttributes": "Used to enable or disable the custom Mail-From domain configuration for an email identity." + "MailFromAttributes": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", + "Tags": "An array of objects that define the tags (keys and values) to associate with the email identity." }, "AWS::SES::EmailIdentity ConfigurationSetAttributes": { "ConfigurationSetName": "The configuration set to associate with an email identity." @@ -46785,6 +47007,10 @@ "BehaviorOnMxFailure": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", "MailFromDomain": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails." }, + "AWS::SES::EmailIdentity Tag": { + "Key": "", + "Value": "" + }, "AWS::SES::MailManagerAddonInstance": { "AddonSubscriptionId": "The subscription ID for the instance.", "Tags": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." @@ -47254,7 +47480,7 @@ "CalendarNames": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) in the *AWS Systems Manager User Guide* .", "ComplianceSeverity": "The severity level that is assigned to the association.", "DocumentVersion": "The version of the SSM document to associate with the target.\n\n> Note the following important information.\n> \n> - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the `default` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to `default` .\n> - `DocumentVersion` is not valid for documents owned by AWS , such as `AWS-RunPatchBaseline` or `AWS-UpdateSSMAgent` . If you specify `DocumentVersion` for an AWS document, the system returns the following error: \"Error occurred during operation 'CreateAssociation'.\" (RequestToken: , HandlerErrorCode: GeneralServiceException).", - "InstanceId": "The ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.\n\n> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.", + "InstanceId": "> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.\n> \n> Note that in some examples later in this page, `InstanceIds` is used as the tag-key name in a `Targets` filter. `InstanceId` is not used as a parameter. \n\nThe ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.", "MaxConcurrency": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` .", "MaxErrors": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time.", "Name": "The name of the SSM document that contains the configuration information for the instance. You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format:\n\n`arn:partition:ssm:region:account-id:document/document-name`\n\nFor example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`\n\nFor AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, `AWS -ApplyPatchBaseline` or `My-Document` .", @@ -47335,7 +47561,7 @@ "AWS::SSM::MaintenanceWindowTask": { "CutoffBehavior": "The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached.", "Description": "A description of the task.", - "LoggingInfo": "Information about an Amazon S3 bucket to write Run Command task-level logs to.\n\n> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) .", + "LoggingInfo": "> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) . \n\nInformation about an Amazon S3 bucket to write Run Command task-level logs to.", "MaxConcurrency": "The maximum number of targets this task can be run for, in parallel.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", "MaxErrors": "The maximum number of errors allowed before this task stops being scheduled.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", "Name": "The task name.", @@ -47344,7 +47570,7 @@ "Targets": "The targets, either instances or window target IDs.\n\n- Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` .\n- Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` .", "TaskArn": "The resource that the task uses during execution.\n\nFor `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN).\n\nFor `LAMBDA` tasks, `TaskArn` is the function name or ARN.\n\nFor `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN.", "TaskInvocationParameters": "The parameters to pass to the task when it runs. Populate only the fields that match the task type. All other fields should be empty.\n\n> When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed.", - "TaskParameters": "The parameters to pass to the task when it runs.\n\n> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) .", + "TaskParameters": "> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) . \n\nThe parameters to pass to the task when it runs.", "TaskType": "The type of task. Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` .", "WindowId": "The ID of the maintenance window where the task is registered." }, @@ -47402,7 +47628,7 @@ "AllowedPattern": "A regular expression used to validate the parameter value. For example, for `String` types with values restricted to numbers, you can specify the following: `AllowedPattern=^\\d+$`", "DataType": "The data type of the parameter, such as `text` or `aws:ec2:image` . The default is `text` .", "Description": "Information about the parameter.", - "Name": "The name of the parameter.\n\n> The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: `arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName`", + "Name": "The name of the parameter.\n\n> The reported maximum length of 2048 characters for a parameter name includes 1037 characters that are reserved for internal use by Systems Manager . The maximum length for a parameter name that you specify is 1011 characters.\n> \n> This count of 1011 characters includes the characters in the ARN that precede the name you specify. This ARN length will vary depending on your partition and Region. For example, the following 45 characters count toward the 1011 character maximum for a parameter created in the US East (Ohio) Region: `arn:aws:ssm:us-east-2:111122223333:parameter/` .", "Policies": "Information about the policies assigned to a parameter.\n\n[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* .", "Tags": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.", "Tier": "The parameter tier.", @@ -47414,6 +47640,7 @@ "ApprovedPatches": "A list of explicitly approved patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", "ApprovedPatchesComplianceLevel": "Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` .", "ApprovedPatchesEnableNonSecurity": "Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. The default value is `false` . Applies to Linux managed nodes only.", + "AvailableSecurityUpdatesComplianceStatus": "", "DefaultBaseline": "Indicates whether this is the default baseline. AWS Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.", "Description": "A description of the patch baseline.", "GlobalFilters": "A set of global filters used to include patches in the baseline.\n\n> The `GlobalFilters` parameter can be configured only by using the AWS CLI or an AWS SDK. It can't be configured from the Patch Manager console, and its value isn't displayed in the console.", @@ -47433,7 +47660,7 @@ "PatchFilters": "The set of patch filters that make up the group." }, "AWS::SSM::PatchBaseline PatchSource": { - "Configuration": "The value of the yum repo configuration. For example:\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\n> For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) .", + "Configuration": "The value of the repo configuration.\n\n*Example for yum repositories*\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\nFor information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) on the *man7.org* website.\n\n*Examples for Ubuntu Server and Debian Server*\n\n`deb http://security.ubuntu.com/ubuntu jammy main`\n\n`deb https://site.example.com/debian distribution component1 component2 component3`\n\nRepo information for Ubuntu Server repositories must be specifed in a single line. For more examples and information, see [jammy (5) sources.list.5.gz](https://docs.aws.amazon.com/https://manpages.ubuntu.com/manpages/jammy/man5/sources.list.5.html) on the *Ubuntu Server Manuals* website and [sources.list format](https://docs.aws.amazon.com/https://wiki.debian.org/SourcesList#sources.list_format) on the *Debian Wiki* .", "Name": "The name specified to identify the patch source.", "Products": "The specific operating system versions a patch repository applies to, such as \"Ubuntu16.04\", \"RedhatEnterpriseLinux7.2\" or \"Suse12.7\". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* ." }, @@ -48037,7 +48264,8 @@ }, "AWS::SageMaker::Domain CustomFileSystemConfig": { "EFSFileSystemConfig": "The settings for a custom Amazon EFS file system.", - "FSxLustreFileSystemConfig": "The settings for a custom Amazon FSx for Lustre file system." + "FSxLustreFileSystemConfig": "The settings for a custom Amazon FSx for Lustre file system.", + "S3FileSystemConfig": "Configuration settings for a custom Amazon S3 file system." }, "AWS::SageMaker::Domain CustomImage": { "AppImageConfigName": "The name of the AppImageConfig.", @@ -48131,6 +48359,10 @@ "SageMakerImageArn": "The ARN of the SageMaker AI image that the image version belongs to.", "SageMakerImageVersionArn": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value." }, + "AWS::SageMaker::Domain S3FileSystemConfig": { + "MountPath": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "S3Uri": "The Amazon S3 URI of the S3 file system configuration." + }, "AWS::SageMaker::Domain SharingSettings": { "NotebookOutputOption": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", "S3KmsKeyId": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", @@ -48153,6 +48385,7 @@ "EnvironmentId": "The ID of the environment that Amazon SageMaker Unified Studio associates with the domain.", "ProjectId": "The ID of the Amazon SageMaker Unified Studio project that corresponds to the domain.", "ProjectS3Path": "The location where Amazon S3 stores temporary execution data and other artifacts for the project that corresponds to the domain.", + "SingleSignOnApplicationArn": "The ARN of the application managed by SageMaker AI and SageMaker Unified Studio in the AWS IAM Identity Center.", "StudioWebPortalAccess": "Sets whether you can access the domain in Amazon SageMaker Studio:\n\n- **ENABLED** - You can access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it in both studio interfaces.\n- **DISABLED** - You can't access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it only in that studio interface.\n\nTo migrate a domain to Amazon SageMaker Unified Studio, you specify the UnifiedStudioSettings data type when you use the UpdateDomain action." }, "AWS::SageMaker::Domain UserSettings": { @@ -49480,7 +49713,18 @@ "ProjectName": "The name of the project.", "ServiceCatalogProvisionedProductDetails": "Details of a provisioned service catalog product. For information about service catalog, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", "ServiceCatalogProvisioningDetails": "The product ID and provisioning artifact ID to provision a service catalog. For information, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", - "Tags": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* ." + "Tags": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", + "TemplateProviderDetails": "An array of template providers associated with the project." + }, + "AWS::SageMaker::Project CfnStackParameter": { + "Key": "The name of the CloudFormation parameter.", + "Value": "The value of the CloudFormation parameter." + }, + "AWS::SageMaker::Project CfnTemplateProviderDetail": { + "Parameters": "An array of CloudFormation stack parameters.", + "RoleARN": "The IAM role used by CloudFormation to create the stack.", + "TemplateName": "The unique identifier of the template within the project.", + "TemplateURL": "The Amazon S3 URL of the CloudFormation template." }, "AWS::SageMaker::Project ProvisioningParameter": { "Key": "The key that identifies a provisioning parameter.", @@ -49500,6 +49744,9 @@ "Key": "The tag key. Tag keys must be unique per resource.", "Value": "The tag value." }, + "AWS::SageMaker::Project TemplateProviderDetail": { + "CfnTemplateProviderDetail": "Details about a CloudFormation template provider configuration and associated provisioning information." + }, "AWS::SageMaker::Space": { "DomainId": "The ID of the associated domain.", "OwnershipSettings": "The collection of ownership settings for a space.", @@ -49514,7 +49761,8 @@ }, "AWS::SageMaker::Space CustomFileSystem": { "EFSFileSystem": "A custom file system in Amazon EFS.", - "FSxLustreFileSystem": "A custom file system in Amazon FSx for Lustre." + "FSxLustreFileSystem": "A custom file system in Amazon FSx for Lustre.", + "S3FileSystem": "A custom file system in Amazon S3. This is only supported in Amazon SageMaker Unified Studio." }, "AWS::SageMaker::Space CustomImage": { "AppImageConfigName": "The name of the AppImageConfig.", @@ -49548,6 +49796,9 @@ "SageMakerImageArn": "The ARN of the SageMaker AI image that the image version belongs to.", "SageMakerImageVersionArn": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value." }, + "AWS::SageMaker::Space S3FileSystem": { + "S3Uri": "The Amazon S3 URI that specifies the location in S3 where files are stored, which is mounted within the Studio environment. For example: `s3:////` ." + }, "AWS::SageMaker::Space SpaceAppLifecycleManagement": { "IdleSettings": "Settings related to idle shutdown of Studio applications." }, @@ -49570,6 +49821,8 @@ "JupyterLabAppSettings": "The settings for the JupyterLab application.", "JupyterServerAppSettings": "The JupyterServer app settings.", "KernelGatewayAppSettings": "The KernelGateway app settings.", + "RemoteAccess": "A setting that enables or disables remote access for a SageMaker space. When enabled, this allows you to connect to the remote space from your local IDE.", + "SpaceManagedResources": "If you enable this option, SageMaker AI creates the following resources on your behalf when you create the space:\n\n- The user profile that possesses the space.\n- The app that the space contains.", "SpaceStorageSettings": "The storage settings for a space." }, "AWS::SageMaker::Space SpaceSharingSettings": { @@ -49615,7 +49868,8 @@ }, "AWS::SageMaker::UserProfile CustomFileSystemConfig": { "EFSFileSystemConfig": "The settings for a custom Amazon EFS file system.", - "FSxLustreFileSystemConfig": "The settings for a custom Amazon FSx for Lustre file system." + "FSxLustreFileSystemConfig": "The settings for a custom Amazon FSx for Lustre file system.", + "S3FileSystemConfig": "Configuration settings for a custom Amazon S3 file system." }, "AWS::SageMaker::UserProfile CustomImage": { "AppImageConfigName": "The name of the AppImageConfig.", @@ -49678,6 +49932,10 @@ "SageMakerImageArn": "The ARN of the SageMaker AI image that the image version belongs to.", "SageMakerImageVersionArn": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value." }, + "AWS::SageMaker::UserProfile S3FileSystemConfig": { + "MountPath": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "S3Uri": "The Amazon S3 URI of the S3 file system configuration." + }, "AWS::SageMaker::UserProfile SharingSettings": { "NotebookOutputOption": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", "S3KmsKeyId": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", @@ -51149,6 +51407,7 @@ "SigningAlgorithm": "The algorithm that is used to sign the AS2 messages sent with the connector." }, "AWS::Transfer::Connector SftpConfig": { + "MaxConcurrentConnections": "Specify the number of concurrent connections that your connector creates to the remote server. The default value is `1` . The maximum values is `5` .\n\n> If you are using the AWS Management Console , the default value is `5` . \n\nThis parameter specifies the number of active connections that your connector can establish with the remote server at the same time. Increasing this value can enhance connector performance when transferring large file batches by enabling parallel operations.", "TrustedHostKeys": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\n> `TrustedHostKeys` is optional for `CreateConnector` . If not provided, you can use `TestConnection` to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key. \n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... - Required when creating an SFTP connector\n> - Optional when updating an existing SFTP connector" }, @@ -51173,12 +51432,13 @@ "EndpointType": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", "IdentityProviderDetails": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", "IdentityProviderType": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", + "IpAddressType": "Specifies whether to use IPv4 only, or to use dual-stack (IPv4 and IPv6) for your AWS Transfer Family endpoint. The default value is `IPV4` .\n\n> The `IpAddressType` parameter has the following limitations:\n> \n> - It cannot be changed while the server is online. You must stop the server before modifying this parameter.\n> - It cannot be updated to `DUALSTACK` if the server has `AddressAllocationIds` specified. > When using `DUALSTACK` as the `IpAddressType` , you cannot set the `AddressAllocationIds` parameter for the [EndpointDetails](https://docs.aws.amazon.com/transfer/latest/APIReference/API_EndpointDetails.html) for the server.", "LoggingRole": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", "PostAuthenticationLoginBanner": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", "PreAuthenticationLoginBanner": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", "ProtocolDetails": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", "Protocols": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", - "S3StorageOptions": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", + "S3StorageOptions": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", "SecurityPolicyName": "Specifies the name of the security policy for the server.", "StructuredLogDestinations": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", "Tags": "Key-value pairs that can be used to group and search for servers.", @@ -51205,7 +51465,7 @@ "TlsSessionResumptionMode": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients." }, "AWS::Transfer::Server S3StorageOptions": { - "DirectoryListingOptimization": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target." + "DirectoryListingOptimization": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target." }, "AWS::Transfer::Server Tag": { "Key": "The name assigned to the tag that you create.", @@ -52899,6 +53159,7 @@ "GroupingConfiguration": "The configuration information of the external data source.", "KnowledgeBaseArn": "The Amazon Resource Name (ARN) of the knowledge base.", "Language": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "MessageTemplateAttachments": "List of message template attachments.", "Name": "The name of the message template.", "Tags": "The tags used to organize, track, or control access for this resource." }, @@ -52987,6 +53248,11 @@ "Criteria": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", "Values": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter." }, + "AWS::Wisdom::MessageTemplate MessageTemplateAttachment": { + "AttachmentId": "The identifier of the attachment file.", + "AttachmentName": "The name of the attachment file being uploaded. The name should include the file extension.", + "S3PresignedUrl": "The S3 Presigned URL for the attachment file. When generating the PreSignedUrl, please ensure that the expires-in time is set to 30 minutes. The URL can be generated through the AWS Console or through the AWS CLI. For more information, see [Sharing objects with presigned URLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html) ." + }, "AWS::Wisdom::MessageTemplate MessageTemplateAttributes": { "AgentAttributes": "The agent attributes that are used with the message template.", "CustomAttributes": "The custom attributes that are used with the message template.", @@ -53018,6 +53284,34 @@ "MessageTemplateArn": "The Amazon Resource Name (ARN) of the message template.", "MessageTemplateContentSha256": "The content SHA256 of the message template." }, + "AWS::Wisdom::QuickResponse": { + "Channels": "The Amazon Connect contact channels this quick response applies to. The supported contact channel types include `Chat` .", + "Content": "The content of the quick response.", + "ContentType": "The media type of the quick response content.\n\n- Use `application/x.quickresponse;format=plain` for quick response written in plain text.\n- Use `application/x.quickresponse;format=markdown` for quick response written in richtext.", + "Description": "The description of the quick response.", + "GroupingConfiguration": "The configuration information of the user groups that the quick response is accessible to.", + "IsActive": "Whether the quick response is active.", + "KnowledgeBaseArn": "The Amazon Resource Name (ARN) of the knowledge base.", + "Language": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "Name": "The name of the quick response.", + "ShortcutKey": "The shortcut key of the quick response. The value should be unique across the knowledge base.", + "Tags": "The tags used to organize, track, or control access for this resource." + }, + "AWS::Wisdom::QuickResponse GroupingConfiguration": { + "Criteria": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", + "Values": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter." + }, + "AWS::Wisdom::QuickResponse QuickResponseContentProvider": { + "Content": "The content of the quick response." + }, + "AWS::Wisdom::QuickResponse QuickResponseContents": { + "Markdown": "The quick response content in markdown format.", + "PlainText": "The quick response content in plaintext format." + }, + "AWS::Wisdom::QuickResponse Tag": { + "Key": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -", + "Value": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -" + }, "AWS::WorkSpaces::ConnectionAlias": { "ConnectionString": "The connection string specified for the connection alias. The connection string must be in the form of a fully qualified domain name (FQDN), such as `www.example.com` .", "Tags": "The tags to associate with the connection alias." diff --git a/schema_source/cloudformation.schema.json b/schema_source/cloudformation.schema.json index 511bc24c04..bff23c9833 100644 --- a/schema_source/cloudformation.schema.json +++ b/schema_source/cloudformation.schema.json @@ -676,11 +676,21 @@ "markdownDescription": "Configures the default behavior of the CRL Distribution Point extension for certificates issued by your CA. If this field is not provided, then the CRL Distribution Point extension will be present and contain the default CRL URL.", "title": "CrlDistributionPointExtensionConfiguration" }, + "CrlType": { + "markdownDescription": "Specifies the type of CRL. This setting determines the maximum number of certificates that the certificate authority can issue and revoke. For more information, see [AWS Private CA quotas](https://docs.aws.amazon.com/general/latest/gr/pca.html#limits_pca) .\n\n- `COMPLETE` - The default setting. AWS Private CA maintains a single CRL file for all unexpired certificates issued by a CA that have been revoked for any reason. Each certificate that AWS Private CA issues is bound to a specific CRL through the CRL distribution point (CDP) defined in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280) .\n- `PARTITIONED` - Compared to complete CRLs, partitioned CRLs dramatically increase the number of certificates your private CA can issue.\n\n> When using partitioned CRLs, you must validate that the CRL's associated issuing distribution point (IDP) URI matches the certi\ufb01cate's CDP URI to ensure the right CRL has been fetched. AWS Private CA marks the IDP extension as critical, which your client must be able to process.", + "title": "CrlType", + "type": "string" + }, "CustomCname": { "markdownDescription": "Name inserted into the certificate *CRL Distribution Points* extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.\n\n> The content of a Canonical Name (CNAME) record must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as \"http://\" or \"https://\".", "title": "CustomCname", "type": "string" }, + "CustomPath": { + "markdownDescription": "Designates a custom file path in S3 for CRL(s). For example, `http:////.crl` .", + "title": "CustomPath", + "type": "string" + }, "Enabled": { "markdownDescription": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the `CreateCertificateAuthority` operation or for an existing CA when you call the `UpdateCertificateAuthority` operation.", "title": "Enabled", @@ -702,6 +712,9 @@ "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.CrlDistributionPointExtensionConfiguration": { @@ -772,7 +785,6 @@ } }, "required": [ - "NameAssigner", "PartyName" ], "type": "object" @@ -888,6 +900,9 @@ "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.OtherName": { @@ -1180,7 +1195,7 @@ ], "type": "object" }, - "AWS::APS::RuleGroupsNamespace": { + "AWS::AIOps::InvestigationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -1215,132 +1230,77 @@ "Properties": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", - "title": "Data", + "ChatbotNotificationChannels": { + "items": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.ChatbotNotificationChannel" + }, + "markdownDescription": "Use this property to integrate CloudWatch investigations with chat applications. This property is an array. For the first string, specify the ARN of an Amazon SNS topic. For the array of strings, specify the ARNs of one or more chat applications configurations that you want to associate with that topic. For more information about these configuration ARNs, see [Getting started with Amazon Q in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html) and [Resource type defined by AWS Chatbot](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awschatbot.html#awschatbot-resources-for-iam-policies) .", + "title": "ChatbotNotificationChannels", + "type": "array" + }, + "CrossAccountConfigurations": { + "items": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.CrossAccountConfiguration" + }, + "markdownDescription": "List of `sourceRoleArn` values that have been configured for cross-account access.", + "title": "CrossAccountConfigurations", + "type": "array" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup.EncryptionConfigMap", + "markdownDescription": "Specifies the customer managed AWS KMS key that the investigation group uses to encrypt data, if there is one. If not, the investigation group uses an AWS key to encrypt the data.", + "title": "EncryptionConfig" + }, + "InvestigationGroupPolicy": { + "markdownDescription": "Returns the JSON of the IAM resource policy associated with the specified investigation group in a string. For example, `{\\\"Version\\\":\\\"2012-10-17\\\",\\\"Statement\\\":[{\\\"Effect\\\":\\\"Allow\\\",\\\"Principal\\\":{\\\"Service\\\":\\\"aiops.alarms.cloudwatch.amazonaws.com\\\"},\\\"Action\\\":[\\\"aiops:CreateInvestigation\\\",\\\"aiops:CreateInvestigationEvent\\\"],\\\"Resource\\\":\\\"*\\\",\\\"Condition\\\":{\\\"StringEquals\\\":{\\\"aws:SourceAccount\\\":\\\"111122223333\\\"},\\\"ArnLike\\\":{\\\"aws:SourceArn\\\":\\\"arn:aws:cloudwatch:us-east-1:111122223333:alarm:*\\\"}}}]}` .", + "title": "InvestigationGroupPolicy", "type": "string" }, + "IsCloudTrailEventHistoryEnabled": { + "markdownDescription": "Specify `true` to enable CloudWatch investigations to have access to change events that are recorded by CloudTrail. The default is `true` .", + "title": "IsCloudTrailEventHistoryEnabled", + "type": "boolean" + }, "Name": { - "markdownDescription": "The name of the rule groups namespace.", + "markdownDescription": "Specify either the name or the ARN of the investigation group that you want to view. This is used to set the name of the investigation group.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tag keys and values that are associated with the rule groups namespace.", - "title": "Tags", - "type": "array" + "RetentionInDays": { + "markdownDescription": "Specifies how long that investigation data is kept.", + "title": "RetentionInDays", + "type": "number" }, - "Workspace": { - "markdownDescription": "The ID of the workspace to add the rule groups namespace.", - "title": "Workspace", - "type": "string" - } - }, - "required": [ - "Data", - "Name", - "Workspace" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::APS::RuleGroupsNamespace" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::APS::Scraper": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that the investigation group uses for permissions to gather data.", + "title": "RoleArn", "type": "string" }, - { + "TagKeyBoundaries": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "Displays the custom tag keys for custom applications in your system that you have specified in the investigation group. Resource tags help CloudWatch investigations narrow the search space when it is unable to discover definite relationships between resources.", + "title": "TagKeyBoundaries", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Alias": { - "markdownDescription": "An optional user-assigned scraper alias.", - "title": "Alias", - "type": "string" - }, - "Destination": { - "$ref": "#/definitions/AWS::APS::Scraper.Destination", - "markdownDescription": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to.", - "title": "Destination" - }, - "ScrapeConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.ScrapeConfiguration", - "markdownDescription": "The configuration in use by the scraper.", - "title": "ScrapeConfiguration" - }, - "Source": { - "$ref": "#/definitions/AWS::APS::Scraper.Source", - "markdownDescription": "The Amazon EKS cluster from which the scraper collects metrics.", - "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "(Optional) The list of tag keys and values associated with the scraper.", + "markdownDescription": "The list of key-value pairs to associate with the resource.", "title": "Tags", "type": "array" } }, "required": [ - "Destination", - "ScrapeConfiguration", - "Source" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::APS::Scraper" + "AWS::AIOps::InvestigationGroup" ], "type": "string" }, @@ -1359,191 +1319,652 @@ ], "type": "object" }, - "AWS::APS::Scraper.AmpConfiguration": { - "additionalProperties": false, - "properties": { - "WorkspaceArn": { - "markdownDescription": "ARN of the Amazon Managed Service for Prometheus workspace.", - "title": "WorkspaceArn", - "type": "string" - } - }, - "required": [ - "WorkspaceArn" - ], - "type": "object" - }, - "AWS::APS::Scraper.Destination": { + "AWS::AIOps::InvestigationGroup.ChatbotNotificationChannel": { "additionalProperties": false, "properties": { - "AmpConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.AmpConfiguration", - "markdownDescription": "The Amazon Managed Service for Prometheus workspace to send metrics to.", - "title": "AmpConfiguration" - } - }, - "required": [ - "AmpConfiguration" - ], - "type": "object" - }, - "AWS::APS::Scraper.EksConfiguration": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "ARN of the Amazon EKS cluster.", - "title": "ClusterArn", - "type": "string" - }, - "SecurityGroupIds": { + "ChatConfigurationArns": { "items": { "type": "string" }, - "markdownDescription": "A list of the security group IDs for the Amazon EKS cluster VPC configuration.", - "title": "SecurityGroupIds", + "markdownDescription": "Returns the Amazon Resource Name (ARN) of any third-party chat integrations configured for the account.", + "title": "ChatConfigurationArns", "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs for the Amazon EKS cluster VPC configuration.", - "title": "SubnetIds", - "type": "array" - } - }, - "required": [ - "ClusterArn", - "SubnetIds" - ], - "type": "object" - }, - "AWS::APS::Scraper.ScrapeConfiguration": { - "additionalProperties": false, - "properties": { - "ConfigurationBlob": { - "markdownDescription": "The base 64 encoded scrape configuration file.", - "title": "ConfigurationBlob", + "SNSTopicArn": { + "markdownDescription": "Returns the ARN of an Amazon SNS topic used for third-party chat integrations.", + "title": "SNSTopicArn", "type": "string" } }, - "required": [ - "ConfigurationBlob" - ], "type": "object" }, - "AWS::APS::Scraper.Source": { + "AWS::AIOps::InvestigationGroup.CrossAccountConfiguration": { "additionalProperties": false, "properties": { - "EksConfiguration": { - "$ref": "#/definitions/AWS::APS::Scraper.EksConfiguration", - "markdownDescription": "The Amazon EKS cluster from which a scraper collects metrics.", - "title": "EksConfiguration" + "SourceRoleArn": { + "markdownDescription": "The ARN of an existing role which will be used to do investigations on your behalf.", + "title": "SourceRoleArn", + "type": "string" } }, - "required": [ - "EksConfiguration" - ], "type": "object" }, - "AWS::APS::Workspace": { + "AWS::AIOps::InvestigationGroup.EncryptionConfigMap": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlertManagerDefinition": { - "markdownDescription": "The alert manager definition, a YAML configuration for the alert manager in your Amazon Managed Service for Prometheus workspace.\n\nFor details about the alert manager definition, see [Creating an alert manager configuration files](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alertmanager-config.html) in the *Amazon Managed Service for Prometheus User Guide* .\n\nThe following example shows part of a CloudFormation YAML file with an embedded alert manager definition (following the `- |-` ).\n\n`Workspace: Type: AWS::APS::Workspace .... Properties: .... AlertManagerDefinition: Fn::Sub: - |- alertmanager_config: | templates: - 'default_template' route: receiver: example-sns receivers: - name: example-sns sns_configs: - topic_arn: 'arn:aws:sns:${AWS::Region}:${AWS::AccountId}:${TopicName}' -`", - "title": "AlertManagerDefinition", - "type": "string" - }, - "Alias": { - "markdownDescription": "The alias that is assigned to this workspace to help identify it. It does not need to be unique.", - "title": "Alias", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "(optional) The ARN for a customer managed AWS KMS key to use for encrypting data within your workspace. For more information about using your own key in your workspace, see [Encryption at rest](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html) in the *Amazon Managed Service for Prometheus User Guide* .", - "title": "KmsKeyArn", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::APS::Workspace.LoggingConfiguration", - "markdownDescription": "Contains information about the current rules and alerting logging configuration for the workspace.\n\n> These logging configurations are only for rules and alerting logs.", - "title": "LoggingConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tag keys and values that are associated with the workspace.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::APS::Workspace" - ], + "EncryptionConfigurationType": { + "markdownDescription": "Displays whether investigation data is encrypted by a customer managed key or an AWS owned key.", + "title": "EncryptionConfigurationType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::APS::Workspace.LoggingConfiguration": { - "additionalProperties": false, - "properties": { - "LogGroupArn": { - "markdownDescription": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist prior to calling this operation.", - "title": "LogGroupArn", + "KmsKeyId": { + "markdownDescription": "If the investigation group uses a customer managed key for encryption, this field displays the ID of that key.", + "title": "KmsKeyId", "type": "string" } }, "type": "object" }, - "AWS::ARCZonalShift::ZonalAutoshiftConfiguration": { + "AWS::APS::RuleGroupsNamespace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", + "title": "Data", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the rule groups namespace.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tag keys and values that are associated with the rule groups namespace.", + "title": "Tags", + "type": "array" + }, + "Workspace": { + "markdownDescription": "The ID of the workspace to add the rule groups namespace.", + "title": "Workspace", + "type": "string" + } + }, + "required": [ + "Data", + "Name", + "Workspace" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::RuleGroupsNamespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::APS::Scraper": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "An optional user-assigned scraper alias.", + "title": "Alias", + "type": "string" + }, + "Destination": { + "$ref": "#/definitions/AWS::APS::Scraper.Destination", + "markdownDescription": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to.", + "title": "Destination" + }, + "RoleConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.RoleConfiguration", + "markdownDescription": "The role configuration in an Amazon Managed Service for Prometheus scraper.", + "title": "RoleConfiguration" + }, + "ScrapeConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.ScrapeConfiguration", + "markdownDescription": "The configuration in use by the scraper.", + "title": "ScrapeConfiguration" + }, + "Source": { + "$ref": "#/definitions/AWS::APS::Scraper.Source", + "markdownDescription": "The Amazon EKS cluster from which the scraper collects metrics.", + "title": "Source" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "(Optional) The list of tag keys and values associated with the scraper.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Destination", + "ScrapeConfiguration", + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::Scraper" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::APS::Scraper.AmpConfiguration": { + "additionalProperties": false, + "properties": { + "WorkspaceArn": { + "markdownDescription": "ARN of the Amazon Managed Service for Prometheus workspace.", + "title": "WorkspaceArn", + "type": "string" + } + }, + "required": [ + "WorkspaceArn" + ], + "type": "object" + }, + "AWS::APS::Scraper.Destination": { + "additionalProperties": false, + "properties": { + "AmpConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.AmpConfiguration", + "markdownDescription": "The Amazon Managed Service for Prometheus workspace to send metrics to.", + "title": "AmpConfiguration" + } + }, + "required": [ + "AmpConfiguration" + ], + "type": "object" + }, + "AWS::APS::Scraper.EksConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "ARN of the Amazon EKS cluster.", + "title": "ClusterArn", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the security group IDs for the Amazon EKS cluster VPC configuration.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs for the Amazon EKS cluster VPC configuration.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "ClusterArn", + "SubnetIds" + ], + "type": "object" + }, + "AWS::APS::Scraper.RoleConfiguration": { + "additionalProperties": false, + "properties": { + "SourceRoleArn": { + "markdownDescription": "The ARN of the source role.", + "title": "SourceRoleArn", + "type": "string" + }, + "TargetRoleArn": { + "markdownDescription": "The ARN of the target role.", + "title": "TargetRoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::APS::Scraper.ScrapeConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationBlob": { + "markdownDescription": "The base 64 encoded scrape configuration file.", + "title": "ConfigurationBlob", + "type": "string" + } + }, + "required": [ + "ConfigurationBlob" + ], + "type": "object" + }, + "AWS::APS::Scraper.Source": { + "additionalProperties": false, + "properties": { + "EksConfiguration": { + "$ref": "#/definitions/AWS::APS::Scraper.EksConfiguration", + "markdownDescription": "The Amazon EKS cluster from which a scraper collects metrics.", + "title": "EksConfiguration" + } + }, + "required": [ + "EksConfiguration" + ], + "type": "object" + }, + "AWS::APS::Workspace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AlertManagerDefinition": { + "markdownDescription": "The alert manager definition, a YAML configuration for the alert manager in your Amazon Managed Service for Prometheus workspace.\n\nFor details about the alert manager definition, see [Creating an alert manager configuration files](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alertmanager-config.html) in the *Amazon Managed Service for Prometheus User Guide* .\n\nThe following example shows part of a CloudFormation YAML file with an embedded alert manager definition (following the `- |-` ).\n\n`Workspace: Type: AWS::APS::Workspace .... Properties: .... AlertManagerDefinition: Fn::Sub: - |- alertmanager_config: | templates: - 'default_template' route: receiver: example-sns receivers: - name: example-sns sns_configs: - topic_arn: 'arn:aws:sns:${AWS::Region}:${AWS::AccountId}:${TopicName}' -`", + "title": "AlertManagerDefinition", + "type": "string" + }, + "Alias": { + "markdownDescription": "The alias that is assigned to this workspace to help identify it. It does not need to be unique.", + "title": "Alias", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "(optional) The ARN for a customer managed AWS KMS key to use for encrypting data within your workspace. For more information about using your own key in your workspace, see [Encryption at rest](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html) in the *Amazon Managed Service for Prometheus User Guide* .", + "title": "KmsKeyArn", + "type": "string" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingConfiguration", + "markdownDescription": "Contains information about the current rules and alerting logging configuration for the workspace.\n\n> These logging configurations are only for rules and alerting logs.", + "title": "LoggingConfiguration" + }, + "QueryLoggingConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.QueryLoggingConfiguration", + "markdownDescription": "The definition of logging configuration in an Amazon Managed Service for Prometheus workspace.", + "title": "QueryLoggingConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tag keys and values that are associated with the workspace.", + "title": "Tags", + "type": "array" + }, + "WorkspaceConfiguration": { + "$ref": "#/definitions/AWS::APS::Workspace.WorkspaceConfiguration", + "markdownDescription": "Use this structure to define label sets and the ingestion limits for time series that match label sets, and to specify the retention period of the workspace.", + "title": "WorkspaceConfiguration" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::APS::Workspace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::APS::Workspace.CloudWatchLogDestination": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch log group.", + "title": "LogGroupArn", + "type": "string" + } + }, + "required": [ + "LogGroupArn" + ], + "type": "object" + }, + "AWS::APS::Workspace.Label": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name for this label.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for this label.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::APS::Workspace.LimitsPerLabelSet": { + "additionalProperties": false, + "properties": { + "LabelSet": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.Label" + }, + "markdownDescription": "This defines one label set that will have an enforced ingestion limit. You can set ingestion limits on time series that match defined label sets, to help prevent a workspace from being overwhelmed with unexpected spikes in time series ingestion.\n\nLabel values accept all UTF-8 characters with one exception. If the label name is metric name label `__ *name* __` , then the *metric* part of the name must conform to the following pattern: `[a-zA-Z_:][a-zA-Z0-9_:]*`", + "title": "LabelSet", + "type": "array" + }, + "Limits": { + "$ref": "#/definitions/AWS::APS::Workspace.LimitsPerLabelSetEntry", + "markdownDescription": "This structure contains the information about the limits that apply to time series that match this label set.", + "title": "Limits" + } + }, + "required": [ + "LabelSet", + "Limits" + ], + "type": "object" + }, + "AWS::APS::Workspace.LimitsPerLabelSetEntry": { + "additionalProperties": false, + "properties": { + "MaxSeries": { + "markdownDescription": "The maximum number of active series that can be ingested that match this label set.\n\nSetting this to 0 causes no label set limit to be enforced, but it does cause Amazon Managed Service for Prometheus to vend label set metrics to CloudWatch", + "title": "MaxSeries", + "type": "number" + } + }, + "type": "object" + }, + "AWS::APS::Workspace.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist prior to calling this operation.", + "title": "LogGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::APS::Workspace.LoggingDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::APS::Workspace.CloudWatchLogDestination", + "markdownDescription": "Configuration details for logging to CloudWatch Logs.", + "title": "CloudWatchLogs" + }, + "Filters": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingFilter", + "markdownDescription": "Filtering criteria that determine which queries are logged.", + "title": "Filters" + } + }, + "required": [ + "CloudWatchLogs", + "Filters" + ], + "type": "object" + }, + "AWS::APS::Workspace.LoggingFilter": { + "additionalProperties": false, + "properties": { + "QspThreshold": { + "markdownDescription": "", + "title": "QspThreshold", + "type": "number" + } + }, + "required": [ + "QspThreshold" + ], + "type": "object" + }, + "AWS::APS::Workspace.QueryLoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.LoggingDestination" + }, + "markdownDescription": "Defines a destination and its associated filtering criteria for query logging.", + "title": "Destinations", + "type": "array" + } + }, + "required": [ + "Destinations" + ], + "type": "object" + }, + "AWS::APS::Workspace.WorkspaceConfiguration": { + "additionalProperties": false, + "properties": { + "LimitsPerLabelSets": { + "items": { + "$ref": "#/definitions/AWS::APS::Workspace.LimitsPerLabelSet" + }, + "markdownDescription": "This is an array of structures, where each structure defines a label set for the workspace, and defines the ingestion limit for active time series for each of those label sets. Each label name in a label set must be unique.", + "title": "LimitsPerLabelSets", + "type": "array" + }, + "RetentionPeriodInDays": { + "markdownDescription": "Specifies how many days that metrics will be retained in the workspace.", + "title": "RetentionPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ARCZonalShift::ZonalAutoshiftConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -1774,9 +2195,47 @@ ], "type": "object" }, + "AWS::AccessAnalyzer::Analyzer.AnalysisRule": { + "additionalProperties": false, + "properties": { + "Exclusions": { + "items": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.AnalysisRuleCriteria" + }, + "markdownDescription": "A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.", + "title": "Exclusions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.AnalysisRuleCriteria": { + "additionalProperties": false, + "properties": { + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers. The list cannot include more than 2,000 account IDs.", + "title": "AccountIds", + "type": "array" + }, + "ResourceTags": { + "markdownDescription": "An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with `aws:` .\n\nFor the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.", + "title": "ResourceTags", + "type": "object" + } + }, + "type": "object" + }, "AWS::AccessAnalyzer::Analyzer.AnalyzerConfiguration": { "additionalProperties": false, "properties": { + "InternalAccessConfiguration": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessConfiguration", + "markdownDescription": "Specifies the configuration of an internal access analyzer for an AWS organization or account. This configuration determines how the analyzer evaluates access within your AWS environment.", + "title": "InternalAccessConfiguration" + }, "UnusedAccessConfiguration": { "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.UnusedAccessConfiguration", "markdownDescription": "Specifies the configuration of an unused access analyzer for an AWS organization or account.", @@ -1851,9 +2310,69 @@ ], "type": "object" }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRule": { + "additionalProperties": false, + "properties": { + "Inclusions": { + "items": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRuleCriteria" + }, + "markdownDescription": "A list of rules for the internal access analyzer containing criteria to include in analysis. Only resources that meet the rule criteria will generate findings.", + "title": "Inclusions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRuleCriteria": { + "additionalProperties": false, + "properties": { + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS account IDs to apply to the internal access analysis rule criteria. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.", + "title": "AccountIds", + "type": "array" + }, + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of resource ARNs to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources that match these ARNs.", + "title": "ResourceArns", + "type": "array" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of resource types to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources of these types. These resource types are currently supported for internal access analyzers:\n\n- `AWS::S3::Bucket`\n- `AWS::RDS::DBSnapshot`\n- `AWS::RDS::DBClusterSnapshot`\n- `AWS::S3Express::DirectoryBucket`\n- `AWS::DynamoDB::Table`\n- `AWS::DynamoDB::Stream`", + "title": "ResourceTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AccessAnalyzer::Analyzer.InternalAccessConfiguration": { + "additionalProperties": false, + "properties": { + "InternalAccessAnalysisRule": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.InternalAccessAnalysisRule", + "markdownDescription": "Contains information about analysis rules for the internal access analyzer. These rules determine which resources and access patterns will be analyzed.", + "title": "InternalAccessAnalysisRule" + } + }, + "type": "object" + }, "AWS::AccessAnalyzer::Analyzer.UnusedAccessConfiguration": { "additionalProperties": false, "properties": { + "AnalysisRule": { + "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.AnalysisRule", + "markdownDescription": "Contains information about analysis rules for the analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule.", + "title": "AnalysisRule" + }, "UnusedAccessAge": { "markdownDescription": "The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.", "title": "UnusedAccessAge", @@ -2011,11 +2530,9 @@ } }, "required": [ - "AutoMinorVersionUpgrade", "BrokerName", "DeploymentMode", "EngineType", - "EngineVersion", "HostInstanceType", "PubliclyAccessible", "Users" @@ -2330,9 +2847,7 @@ } }, "required": [ - "Data", "EngineType", - "EngineVersion", "Name" ], "type": "object" @@ -2526,6 +3041,16 @@ "title": "BuildSpec", "type": "string" }, + "CacheConfig": { + "$ref": "#/definitions/AWS::Amplify::App.CacheConfig", + "markdownDescription": "The cache configuration for the Amplify app. If you don't specify the cache configuration `type` , Amplify uses the default `AMPLIFY_MANAGED` setting.", + "title": "CacheConfig" + }, + "ComputeRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for an SSR app. The Compute role allows the Amplify Hosting compute service to securely access specific AWS resources based on the role's permissions. For more information about the SSR Compute role, see [Adding an SSR Compute role](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-SSR-compute-role.html) in the *Amplify User Guide* .", + "title": "ComputeRoleArn", + "type": "string" + }, "CustomHeaders": { "markdownDescription": "The custom HTTP headers for an Amplify app.", "title": "CustomHeaders", @@ -2562,6 +3087,11 @@ "title": "IAMServiceRole", "type": "string" }, + "JobConfig": { + "$ref": "#/definitions/AWS::Amplify::App.JobConfig", + "markdownDescription": "The configuration details that apply to the jobs for an Amplify app.", + "title": "JobConfig" + }, "Name": { "markdownDescription": "The name of the Amplify app.", "title": "Name", @@ -2705,6 +3235,17 @@ }, "type": "object" }, + "AWS::Amplify::App.CacheConfig": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of cache configuration to use for an Amplify app.\n\nThe `AMPLIFY_MANAGED` cache configuration automatically applies an optimized cache configuration for your app based on its platform, routing rules, and rewrite rules.\n\nThe `AMPLIFY_MANAGED_NO_COOKIES` cache configuration type is the same as `AMPLIFY_MANAGED` , except that it excludes all cookies from the cache key. This is the default setting.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, "AWS::Amplify::App.CustomRule": { "additionalProperties": false, "properties": { @@ -2755,6 +3296,20 @@ ], "type": "object" }, + "AWS::Amplify::App.JobConfig": { + "additionalProperties": false, + "properties": { + "BuildComputeType": { + "markdownDescription": "Specifies the size of the build instance. Amplify supports three instance sizes: `STANDARD_8GB` , `LARGE_16GB` , and `XLARGE_72GB` . If you don't specify a value, Amplify uses the `STANDARD_8GB` default.\n\nThe following list describes the CPU, memory, and storage capacity for each build instance type:\n\n- **STANDARD_8GB** - - vCPUs: 4\n- Memory: 8 GiB\n- Disk space: 128 GB\n- **LARGE_16GB** - - vCPUs: 8\n- Memory: 16 GiB\n- Disk space: 128 GB\n- **XLARGE_72GB** - - vCPUs: 36\n- Memory: 72 GiB\n- Disk space: 256 GB", + "title": "BuildComputeType", + "type": "string" + } + }, + "required": [ + "BuildComputeType" + ], + "type": "object" + }, "AWS::Amplify::Branch": { "additionalProperties": false, "properties": { @@ -2815,6 +3370,11 @@ "title": "BuildSpec", "type": "string" }, + "ComputeRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to assign to a branch of an SSR app. The SSR Compute role allows the Amplify Hosting compute service to securely access specific AWS resources based on the role's permissions. For more information about the SSR Compute role, see [Adding an SSR Compute role](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-SSR-compute-role.html) in the *Amplify User Guide* .", + "title": "ComputeRoleArn", + "type": "string" + }, "Description": { "markdownDescription": "The description for the branch that is part of an Amplify app.", "title": "Description", @@ -2835,6 +3395,11 @@ "title": "EnablePullRequestPreview", "type": "boolean" }, + "EnableSkewProtection": { + "markdownDescription": "Specifies whether the skew protection feature is enabled for the branch.\n\nDeployment skew protection is available to Amplify applications to eliminate version skew issues between client and servers in web applications. When you apply skew protection to a branch, you can ensure that your clients always interact with the correct version of server-side assets, regardless of when a deployment occurs. For more information about skew protection, see [Skew protection for Amplify deployments](https://docs.aws.amazon.com/amplify/latest/userguide/skew-protection.html) in the *Amplify User Guide* .", + "title": "EnableSkewProtection", + "type": "boolean" + }, "EnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::Amplify::Branch.EnvironmentVariable" @@ -4933,6 +5498,89 @@ ], "type": "object" }, + "AWS::ApiGateway::BasePathMappingV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BasePath": { + "markdownDescription": "The base path name that callers of the private API must provide as part of the URL after the domain name.", + "title": "BasePath", + "type": "string" + }, + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name for the BasePathMappingV2 resource to be described.", + "title": "DomainNameArn", + "type": "string" + }, + "RestApiId": { + "markdownDescription": "The private API's identifier. This identifier is unique across all of your APIs in API Gateway.", + "title": "RestApiId", + "type": "string" + }, + "Stage": { + "markdownDescription": "Represents a unique identifier for a version of a deployed private RestApi that is callable by users. The Stage must depend on the `RestApi` 's stage. To create a dependency, add a DependsOn attribute to the BasePathMappingV2 resource.", + "title": "Stage", + "type": "string" + } + }, + "required": [ + "DomainNameArn", + "RestApiId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::BasePathMappingV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::ApiGateway::ClientCertificate": { "additionalProperties": false, "properties": { @@ -5583,6 +6231,11 @@ "title": "RegionalCertificateArn", "type": "string" }, + "RoutingMode": { + "markdownDescription": "The routing mode for this domain name. The routing mode determines how API Gateway sends traffic from your custom domain name to your public APIs.", + "title": "RoutingMode", + "type": "string" + }, "SecurityPolicy": { "markdownDescription": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are `TLS_1_0` and `TLS_1_2` .", "title": "SecurityPolicy", @@ -5622,6 +6275,11 @@ "AWS::ApiGateway::DomainName.EndpointConfiguration": { "additionalProperties": false, "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke this DomainName. Use `ipv4` to allow only IPv4 addresses to invoke this DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke this DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, "Types": { "items": { "type": "string" @@ -5649,6 +6307,208 @@ }, "type": "object" }, + "AWS::ApiGateway::DomainNameAccessAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessAssociationSource": { + "markdownDescription": "The identifier of the domain name access association source. For a `VPCE` , the value is the VPC endpoint ID.", + "title": "AccessAssociationSource", + "type": "string" + }, + "AccessAssociationSourceType": { + "markdownDescription": "The type of the domain name access association source. Only `VPCE` is currently supported.", + "title": "AccessAssociationSourceType", + "type": "string" + }, + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name.", + "title": "DomainNameArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccessAssociationSource", + "AccessAssociationSourceType", + "DomainNameArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::DomainNameAccessAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApiGateway::DomainNameV2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The reference to an AWS -managed certificate that will be used by the private endpoint for this domain name. AWS Certificate Manager is the only supported source.", + "title": "CertificateArn", + "type": "string" + }, + "DomainName": { + "markdownDescription": "Represents a custom domain name as a user-friendly host name of an API (RestApi).", + "title": "DomainName", + "type": "string" + }, + "EndpointConfiguration": { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameV2.EndpointConfiguration", + "markdownDescription": "The endpoint configuration to indicate the types of endpoints an API (RestApi) or its custom domain name (DomainName) has and the IP address types that can invoke it.", + "title": "EndpointConfiguration" + }, + "Policy": { + "markdownDescription": "A stringified JSON policy document that applies to the `execute-api` service for this DomainName regardless of the caller and Method configuration. You can use `Fn::ToJsonString` to enter your `policy` . For more information, see [Fn::ToJsonString](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ToJsonString.html) .", + "title": "Policy", + "type": "object" + }, + "RoutingMode": { + "markdownDescription": "The routing mode for this domain name. The routing mode determines how API Gateway sends traffic from your custom domain name to your private APIs.", + "title": "RoutingMode", + "type": "string" + }, + "SecurityPolicy": { + "markdownDescription": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. Only `TLS_1_2` is supported.", + "title": "SecurityPolicy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGateway::DomainNameV2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ApiGateway::DomainNameV2.EndpointConfiguration": { + "additionalProperties": false, + "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke an API (RestApi) or a DomainName. Use `ipv4` to allow only IPv4 addresses to invoke an API or DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API or a DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `\"EDGE\"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` .", + "title": "Types", + "type": "array" + } + }, + "type": "object" + }, "AWS::ApiGateway::GatewayResponse": { "additionalProperties": false, "properties": { @@ -6471,6 +7331,11 @@ "AWS::ApiGateway::RestApi.EndpointConfiguration": { "additionalProperties": false, "properties": { + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke an API (RestApi). Use `ipv4` to allow only IPv4 addresses to invoke an API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API. For the `PRIVATE` endpoint type, only `dualstack` is supported.", + "title": "IpAddressType", + "type": "string" + }, "Types": { "items": { "type": "string" @@ -7175,6 +8040,11 @@ "title": "FailOnWarnings", "type": "boolean" }, + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke the API. Use `ipv4` to allow only IPv4 addresses to invoke your API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your API.\n\nDon\u2019t use IP address type for an HTTP API based on an OpenAPI specification. Instead, specify the IP address type in the OpenAPI specification.", + "title": "IpAddressType", + "type": "string" + }, "Name": { "markdownDescription": "The name of the API. Required unless you specify an OpenAPI definition for `Body` or `S3BodyLocation` .", "title": "Name", @@ -7893,6 +8763,11 @@ "markdownDescription": "The mutual TLS authentication configuration for a custom domain name.", "title": "MutualTlsAuthentication" }, + "RoutingMode": { + "markdownDescription": "The routing mode API Gateway uses to route traffic to your APIs.", + "title": "RoutingMode", + "type": "string" + }, "Tags": { "additionalProperties": true, "markdownDescription": "The collection of tags associated with a domain name.", @@ -7949,6 +8824,11 @@ "title": "EndpointType", "type": "string" }, + "IpAddressType": { + "markdownDescription": "The IP address types that can invoke the domain name. Use `ipv4` to allow only IPv4 addresses to invoke your domain name, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your domain name.", + "title": "IpAddressType", + "type": "string" + }, "OwnershipVerificationCertificateArn": { "markdownDescription": "The Amazon resource name (ARN) for the public certificate issued by AWS Certificate Manager . This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn.", "title": "OwnershipVerificationCertificateArn", @@ -8074,17 +8954,35 @@ "type": "string" }, "RequestParameters": { + "additionalProperties": true, "markdownDescription": "For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of `method.request. {location} . {name}` , where `{location}` is `querystring` , `path` , or `header` ; and `{name}` must be a valid and unique method request parameter name.\n\nFor HTTP API integrations with a specified `integrationSubtype` , request parameters are a key-value map specifying parameters that are passed to `AWS_PROXY` integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Working with AWS service integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services.html) .\n\nFor HTTP API integrations without a specified `integrationSubtype` request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern :. where action can be `append` , `overwrite` or `remove` . For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "RequestParameters", "type": "object" }, "RequestTemplates": { + "additionalProperties": true, "markdownDescription": "Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "RequestTemplates", "type": "object" }, "ResponseParameters": { + "additionalProperties": false, "markdownDescription": "Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. The value is of type [`ResponseParameterList`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameterlist.html) . To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameterMap" + } + }, "title": "ResponseParameters", "type": "object" }, @@ -8145,19 +9043,17 @@ "type": "string" } }, - "required": [ - "Destination", - "Source" - ], "type": "object" }, - "AWS::ApiGatewayV2::Integration.ResponseParameterList": { + "AWS::ApiGatewayV2::Integration.ResponseParameterMap": { "additionalProperties": false, "properties": { "ResponseParameters": { "items": { "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameter" }, + "markdownDescription": "", + "title": "ResponseParameters", "type": "array" } }, @@ -8602,7 +9498,7 @@ ], "type": "object" }, - "AWS::ApiGatewayV2::Stage": { + "AWS::ApiGatewayV2::RoutingRule": { "additionalProperties": false, "properties": { "Condition": { @@ -8637,76 +9533,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessLogSettings": { - "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.AccessLogSettings", - "markdownDescription": "Settings for logging access in this stage.", - "title": "AccessLogSettings" - }, - "AccessPolicyId": { - "markdownDescription": "This parameter is not currently supported.", - "title": "AccessPolicyId", - "type": "string" - }, - "ApiId": { - "markdownDescription": "The API identifier.", - "title": "ApiId", - "type": "string" - }, - "AutoDeploy": { - "markdownDescription": "Specifies whether updates to an API automatically trigger a new deployment. The default value is `false` .", - "title": "AutoDeploy", - "type": "boolean" - }, - "ClientCertificateId": { - "markdownDescription": "The identifier of a client certificate for a `Stage` . Supported only for WebSocket APIs.", - "title": "ClientCertificateId", - "type": "string" - }, - "DefaultRouteSettings": { - "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.RouteSettings", - "markdownDescription": "The default route settings for the stage.", - "title": "DefaultRouteSettings" - }, - "DeploymentId": { - "markdownDescription": "The deployment identifier for the API stage. Can't be updated if `autoDeploy` is enabled.", - "title": "DeploymentId", - "type": "string" - }, - "Description": { - "markdownDescription": "The description for the API stage.", - "title": "Description", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.Action" + }, + "markdownDescription": "The resulting action based on matching a routing rules condition. Only InvokeApi is supported.", + "title": "Actions", + "type": "array" }, - "RouteSettings": { - "markdownDescription": "Route settings for the stage.", - "title": "RouteSettings", - "type": "object" + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.Condition" + }, + "markdownDescription": "The conditions of the routing rule.", + "title": "Conditions", + "type": "array" }, - "StageName": { - "markdownDescription": "The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be `$default` . Maximum length is 128 characters.", - "title": "StageName", + "DomainNameArn": { + "markdownDescription": "The ARN of the domain name.", + "title": "DomainNameArn", "type": "string" }, - "StageVariables": { - "markdownDescription": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.", - "title": "StageVariables", - "type": "object" - }, - "Tags": { - "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", - "title": "Tags", - "type": "object" + "Priority": { + "markdownDescription": "The order in which API Gateway evaluates a rule. Priority is evaluated from the lowest value to the highest value. Rules can't have the same priority. Priority values 1-1,000,000 are supported.", + "title": "Priority", + "type": "number" } }, "required": [ - "ApiId", - "StageName" + "Actions", + "Conditions", + "DomainNameArn", + "Priority" ], "type": "object" }, "Type": { "enum": [ - "AWS::ApiGatewayV2::Stage" + "AWS::ApiGatewayV2::RoutingRule" ], "type": "string" }, @@ -8725,149 +9589,381 @@ ], "type": "object" }, - "AWS::ApiGatewayV2::Stage.AccessLogSettings": { + "AWS::ApiGatewayV2::RoutingRule.Action": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The ARN of the CloudWatch Logs log group to receive access logs. This parameter is required to enable access logging.", - "title": "DestinationArn", - "type": "string" - }, - "Format": { - "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId. This parameter is required to enable access logging.", - "title": "Format", - "type": "string" + "InvokeApi": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.ActionInvokeApi", + "markdownDescription": "Represents an InvokeApi action.", + "title": "InvokeApi" } }, + "required": [ + "InvokeApi" + ], "type": "object" }, - "AWS::ApiGatewayV2::Stage.RouteSettings": { + "AWS::ApiGatewayV2::RoutingRule.ActionInvokeApi": { "additionalProperties": false, "properties": { - "DataTraceEnabled": { - "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", - "title": "DataTraceEnabled", - "type": "boolean" - }, - "DetailedMetricsEnabled": { - "markdownDescription": "Specifies whether detailed metrics are enabled.", - "title": "DetailedMetricsEnabled", - "type": "boolean" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", - "title": "LoggingLevel", + "ApiId": { + "markdownDescription": "The API identifier of the target API.", + "title": "ApiId", "type": "string" }, - "ThrottlingBurstLimit": { - "markdownDescription": "Specifies the throttling burst limit.", - "title": "ThrottlingBurstLimit", - "type": "number" + "Stage": { + "markdownDescription": "The name of the target stage.", + "title": "Stage", + "type": "string" }, - "ThrottlingRateLimit": { - "markdownDescription": "Specifies the throttling rate limit.", - "title": "ThrottlingRateLimit", - "type": "number" + "StripBasePath": { + "markdownDescription": "The strip base path setting. When true, API Gateway strips the incoming matched base path when forwarding the request to the target API.", + "title": "StripBasePath", + "type": "boolean" } }, + "required": [ + "ApiId", + "Stage" + ], "type": "object" }, - "AWS::ApiGatewayV2::VpcLink": { + "AWS::ApiGatewayV2::RoutingRule.Condition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "MatchBasePaths": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchBasePaths", + "markdownDescription": "The base path to be matched.", + "title": "MatchBasePaths" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the VPC link.", - "title": "Name", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs for the VPC link.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs to include in the VPC link.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "MatchHeaders": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchHeaders", + "markdownDescription": "The headers to be matched.", + "title": "MatchHeaders" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::RoutingRule.MatchBasePaths": { + "additionalProperties": false, + "properties": { + "AnyOf": { + "items": { + "type": "string" }, - "required": [ - "Name", - "SubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ApiGatewayV2::VpcLink" - ], + "markdownDescription": "The string of the case sensitive base path to be matched.", + "title": "AnyOf", + "type": "array" + } + }, + "required": [ + "AnyOf" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::RoutingRule.MatchHeaderValue": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "The case insensitive header name to be matched. The header name must be less than 40 characters and the only allowed characters are `a-z` , `A-Z` , `0-9` , and the following special characters: `*?-!#$%&'.^_`|~.` .", + "title": "Header", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValueGlob": { + "markdownDescription": "The case sensitive header glob value to be matched against entire header value. The header glob value must be less than 128 characters and the only allowed characters are `a-z` , `A-Z` , `0-9` , and the following special characters: `*?-!#$%&'.^_`|~` . Wildcard matching is supported for header glob values but must be for `*prefix-match` , `suffix-match*` , or `*infix*-match` .", + "title": "ValueGlob", "type": "string" } }, "required": [ - "Type", - "Properties" + "Header", + "ValueGlob" ], "type": "object" }, - "AWS::AppConfig::Application": { + "AWS::ApiGatewayV2::RoutingRule.MatchHeaders": { + "additionalProperties": false, + "properties": { + "AnyOf": { + "items": { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule.MatchHeaderValue" + }, + "markdownDescription": "The header name and header value glob to be matched. The matchHeaders condition is matched if any of the header name and header value globs are matched.", + "title": "AnyOf", + "type": "array" + } + }, + "required": [ + "AnyOf" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::Stage": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLogSettings": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.AccessLogSettings", + "markdownDescription": "Settings for logging access in this stage.", + "title": "AccessLogSettings" + }, + "AccessPolicyId": { + "markdownDescription": "This parameter is not currently supported.", + "title": "AccessPolicyId", + "type": "string" + }, + "ApiId": { + "markdownDescription": "The API identifier.", + "title": "ApiId", + "type": "string" + }, + "AutoDeploy": { + "markdownDescription": "Specifies whether updates to an API automatically trigger a new deployment. The default value is `false` .", + "title": "AutoDeploy", + "type": "boolean" + }, + "ClientCertificateId": { + "markdownDescription": "The identifier of a client certificate for a `Stage` . Supported only for WebSocket APIs.", + "title": "ClientCertificateId", + "type": "string" + }, + "DefaultRouteSettings": { + "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.RouteSettings", + "markdownDescription": "The default route settings for the stage.", + "title": "DefaultRouteSettings" + }, + "DeploymentId": { + "markdownDescription": "The deployment identifier for the API stage. Can't be updated if `autoDeploy` is enabled.", + "title": "DeploymentId", + "type": "string" + }, + "Description": { + "markdownDescription": "The description for the API stage.", + "title": "Description", + "type": "string" + }, + "RouteSettings": { + "markdownDescription": "Route settings for the stage.", + "title": "RouteSettings", + "type": "object" + }, + "StageName": { + "markdownDescription": "The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be `$default` . Maximum length is 128 characters.", + "title": "StageName", + "type": "string" + }, + "StageVariables": { + "markdownDescription": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.", + "title": "StageVariables", + "type": "object" + }, + "Tags": { + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ApiId", + "StageName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGatewayV2::Stage" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApiGatewayV2::Stage.AccessLogSettings": { + "additionalProperties": false, + "properties": { + "DestinationArn": { + "markdownDescription": "The ARN of the CloudWatch Logs log group to receive access logs. This parameter is required to enable access logging.", + "title": "DestinationArn", + "type": "string" + }, + "Format": { + "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId. This parameter is required to enable access logging.", + "title": "Format", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::Stage.RouteSettings": { + "additionalProperties": false, + "properties": { + "DataTraceEnabled": { + "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", + "title": "DataTraceEnabled", + "type": "boolean" + }, + "DetailedMetricsEnabled": { + "markdownDescription": "Specifies whether detailed metrics are enabled.", + "title": "DetailedMetricsEnabled", + "type": "boolean" + }, + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", + "title": "LoggingLevel", + "type": "string" + }, + "ThrottlingBurstLimit": { + "markdownDescription": "Specifies the throttling burst limit.", + "title": "ThrottlingBurstLimit", + "type": "number" + }, + "ThrottlingRateLimit": { + "markdownDescription": "Specifies the throttling rate limit.", + "title": "ThrottlingRateLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApiGatewayV2::VpcLink": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the VPC link.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs for the VPC link.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs to include in the VPC link.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApiGatewayV2::VpcLink" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppConfig::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -9007,6 +10103,11 @@ "title": "ApplicationId", "type": "string" }, + "DeletionProtectionCheck": { + "markdownDescription": "A parameter to configure deletion protection. Deletion protection prevents a user from deleting a configuration profile if your application has called either [GetLatestConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html) or [GetConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html) for the configuration profile during the specified interval.\n\nThis parameter supports the following values:\n\n- `BYPASS` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it.\n- `APPLY` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. `APPLY` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks.\n- `ACCOUNT_DEFAULT` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the `UpdateAccountSettings` API.", + "title": "DeletionProtectionCheck", + "type": "string" + }, "Description": { "markdownDescription": "A description of the configuration profile.", "title": "Description", @@ -9194,7 +10295,7 @@ }, "Tags": { "items": { - "$ref": "#/definitions/AWS::AppConfig::Deployment.Tags" + "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata to assign to the deployment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", @@ -9252,18 +10353,6 @@ }, "type": "object" }, - "AWS::AppConfig::Deployment.Tags": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, "AWS::AppConfig::DeploymentStrategy": { "additionalProperties": false, "properties": { @@ -9336,7 +10425,7 @@ }, "Tags": { "items": { - "$ref": "#/definitions/AWS::AppConfig::DeploymentStrategy.Tags" + "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns metadata to an AWS AppConfig resource. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. You can specify a maximum of 50 tags for a resource.", "title": "Tags", @@ -9372,18 +10461,6 @@ ], "type": "object" }, - "AWS::AppConfig::DeploymentStrategy.Tags": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, "AWS::AppConfig::Environment": { "additionalProperties": false, "properties": { @@ -9424,6 +10501,11 @@ "title": "ApplicationId", "type": "string" }, + "DeletionProtectionCheck": { + "markdownDescription": "A parameter to configure deletion protection. Deletion protection prevents a user from deleting an environment if your application called either [GetLatestConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html) or [GetConfiguration](https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html) in the environment during the specified interval.\n\nThis parameter supports the following values:\n\n- `BYPASS` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it.\n- `APPLY` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. `APPLY` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks.\n- `ACCOUNT_DEFAULT` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the `UpdateAccountSettings` API.", + "title": "DeletionProtectionCheck", + "type": "string" + }, "Description": { "markdownDescription": "A description of the environment.", "title": "Description", @@ -12640,7 +13722,8 @@ "required": [ "ApplicationSourceConfig", "Description", - "Name" + "Name", + "Namespace" ], "type": "object" }, @@ -18086,7 +19169,7 @@ "type": "string" }, "InstanceType": { - "markdownDescription": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", + "markdownDescription": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", "title": "InstanceType", "type": "string" }, @@ -18332,7 +19415,7 @@ "type": "string" }, "InstanceType": { - "markdownDescription": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge", + "markdownDescription": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n- stream.graphics.g5.xlarge\n- stream.graphics.g5.2xlarge\n- stream.graphics.g5.4xlarge\n- stream.graphics.g5.8xlarge\n- stream.graphics.g5.16xlarge\n- stream.graphics.g5.12xlarge\n- stream.graphics.g5.24xlarge\n- stream.graphics.g6.xlarge\n- stream.graphics.g6.2xlarge\n- stream.graphics.g6.4xlarge\n- stream.graphics.g6.8xlarge\n- stream.graphics.g6.16xlarge\n- stream.graphics.g6.12xlarge\n- stream.graphics.g6.24xlarge\n- stream.graphics.gr6.4xlarge\n- stream.graphics.gr6.8xlarge", "title": "InstanceType", "type": "string" }, @@ -18933,6 +20016,294 @@ ], "type": "object" }, + "AWS::AppSync::Api": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EventConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.EventConfig", + "markdownDescription": "Describes the authorization configuration for connections, message publishing, message subscriptions, and logging for an Event API.", + "title": "EventConfig" + }, + "Name": { + "markdownDescription": "The name of the `Api` .", + "title": "Name", + "type": "string" + }, + "OwnerContact": { + "markdownDescription": "The owner contact information for an API resource.\n\nThis field accepts any string input with a length of 0 - 256 characters.", + "title": "OwnerContact", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this API.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AppSync::Api" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppSync::Api.AuthMode": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::Api.AuthProvider": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + }, + "CognitoConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.CognitoConfig", + "markdownDescription": "Describes an Amazon Cognito user pool configuration.", + "title": "CognitoConfig" + }, + "LambdaAuthorizerConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.LambdaAuthorizerConfig", + "markdownDescription": "A `LambdaAuthorizerConfig` specifies how to authorize AWS AppSync API access when using the `AWS_LAMBDA` authorizer mode. Be aware that an AWS AppSync API can have only one AWS Lambda authorizer configured at a time.", + "title": "LambdaAuthorizerConfig" + }, + "OpenIDConnectConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.OpenIDConnectConfig", + "markdownDescription": "Describes an OpenID Connect (OIDC) configuration.", + "title": "OpenIDConnectConfig" + } + }, + "required": [ + "AuthType" + ], + "type": "object" + }, + "AWS::AppSync::Api.CognitoConfig": { + "additionalProperties": false, + "properties": { + "AppIdClientRegex": { + "markdownDescription": "A regular expression for validating the incoming Amazon Cognito user pool app client ID. If this value isn't set, no filtering is applied.", + "title": "AppIdClientRegex", + "type": "string" + }, + "AwsRegion": { + "markdownDescription": "The AWS Region in which the user pool was created.", + "title": "AwsRegion", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The user pool ID.", + "title": "UserPoolId", + "type": "string" + } + }, + "required": [ + "AwsRegion", + "UserPoolId" + ], + "type": "object" + }, + "AWS::AppSync::Api.DnsMap": { + "additionalProperties": false, + "properties": { + "Http": { + "markdownDescription": "The domain name of the Api's HTTP endpoint.", + "title": "Http", + "type": "string" + }, + "Realtime": { + "markdownDescription": "The domain name of the Api's real-time endpoint.", + "title": "Realtime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::Api.EventConfig": { + "additionalProperties": false, + "properties": { + "AuthProviders": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthProvider" + }, + "markdownDescription": "A list of authorization providers.", + "title": "AuthProviders", + "type": "array" + }, + "ConnectionAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API connections.", + "title": "ConnectionAuthModes", + "type": "array" + }, + "DefaultPublishAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API publishing.", + "title": "DefaultPublishAuthModes", + "type": "array" + }, + "DefaultSubscribeAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::Api.AuthMode" + }, + "markdownDescription": "A list of valid authorization modes for the Event API subscriptions.", + "title": "DefaultSubscribeAuthModes", + "type": "array" + }, + "LogConfig": { + "$ref": "#/definitions/AWS::AppSync::Api.EventLogConfig", + "markdownDescription": "The CloudWatch Logs configuration for the Event API.", + "title": "LogConfig" + } + }, + "required": [ + "AuthProviders", + "ConnectionAuthModes", + "DefaultPublishAuthModes", + "DefaultSubscribeAuthModes" + ], + "type": "object" + }, + "AWS::AppSync::Api.EventLogConfig": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsRoleArn": { + "markdownDescription": "The IAM service role that AWS AppSync assumes to publish CloudWatch Logs in your account.", + "title": "CloudWatchLogsRoleArn", + "type": "string" + }, + "LogLevel": { + "markdownDescription": "The type of information to log for the Event API.", + "title": "LogLevel", + "type": "string" + } + }, + "required": [ + "CloudWatchLogsRoleArn", + "LogLevel" + ], + "type": "object" + }, + "AWS::AppSync::Api.LambdaAuthorizerConfig": { + "additionalProperties": false, + "properties": { + "AuthorizerResultTtlInSeconds": { + "markdownDescription": "The number of seconds a response should be cached for. The default is 0 seconds, which disables caching. If you don't specify a value for `authorizerResultTtlInSeconds` , the default value is used. The maximum value is one hour (3600 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response.", + "title": "AuthorizerResultTtlInSeconds", + "type": "number" + }, + "AuthorizerUri": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN ( `.../v3` ), or an alias ARN.\n\n*Note* : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the AWS Command Line Interface ( AWS CLI ), run the following:\n\n`aws lambda add-permission --function-name \"arn:aws:lambda:us-east-2:111122223333:function:my-function\" --statement-id \"appsync\" --principal appsync.amazonaws.com --action lambda:InvokeFunction`", + "title": "AuthorizerUri", + "type": "string" + }, + "IdentityValidationExpression": { + "markdownDescription": "A regular expression for validation of tokens before the Lambda function is called.", + "title": "IdentityValidationExpression", + "type": "string" + } + }, + "required": [ + "AuthorizerUri" + ], + "type": "object" + }, + "AWS::AppSync::Api.OpenIDConnectConfig": { + "additionalProperties": false, + "properties": { + "AuthTTL": { + "markdownDescription": "The number of milliseconds that a token is valid after being authenticated.", + "title": "AuthTTL", + "type": "number" + }, + "ClientId": { + "markdownDescription": "The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AWS AppSync can validate against multiple client identifiers at a time.", + "title": "ClientId", + "type": "string" + }, + "IatTTL": { + "markdownDescription": "The number of milliseconds that a token is valid after it's issued to a user.", + "title": "IatTTL", + "type": "number" + }, + "Issuer": { + "markdownDescription": "The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of `iss` in the ID token.", + "title": "Issuer", + "type": "string" + } + }, + "required": [ + "Issuer" + ], + "type": "object" + }, "AWS::AppSync::ApiCache": { "additionalProperties": false, "properties": { @@ -19113,6 +20484,198 @@ ], "type": "object" }, + "AWS::AppSync::ChannelNamespace": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiId": { + "markdownDescription": "The `Api` ID.", + "title": "ApiId", + "type": "string" + }, + "CodeHandlers": { + "markdownDescription": "The event handler functions that run custom business logic to process published events and subscribe requests.", + "title": "CodeHandlers", + "type": "string" + }, + "CodeS3Location": { + "markdownDescription": "The Amazon S3 endpoint where the code is located.", + "title": "CodeS3Location", + "type": "string" + }, + "HandlerConfigs": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfigs", + "markdownDescription": "The configuration for the `OnPublish` and `OnSubscribe` handlers.", + "title": "HandlerConfigs" + }, + "Name": { + "markdownDescription": "The name of the channel namespace. This name must be unique within the `Api` .", + "title": "Name", + "type": "string" + }, + "PublishAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.AuthMode" + }, + "markdownDescription": "The authorization mode to use for publishing messages on the channel namespace. This configuration overrides the default `Api` authorization configuration.", + "title": "PublishAuthModes", + "type": "array" + }, + "SubscribeAuthModes": { + "items": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.AuthMode" + }, + "markdownDescription": "The authorization mode to use for subscribing to messages on the channel namespace. This configuration overrides the default `Api` authorization configuration.", + "title": "SubscribeAuthModes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this channel namespace.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ApiId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AppSync::ChannelNamespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.AuthMode": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The authorization type.", + "title": "AuthType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.HandlerConfig": { + "additionalProperties": false, + "properties": { + "Behavior": { + "markdownDescription": "The behavior for the handler.", + "title": "Behavior", + "type": "string" + }, + "Integration": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.Integration", + "markdownDescription": "The integration data source configuration for the handler.", + "title": "Integration" + } + }, + "required": [ + "Behavior", + "Integration" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.HandlerConfigs": { + "additionalProperties": false, + "properties": { + "OnPublish": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfig", + "markdownDescription": "The configuration for the `OnPublish` handler.", + "title": "OnPublish" + }, + "OnSubscribe": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.HandlerConfig", + "markdownDescription": "The configuration for the `OnSubscribe` handler.", + "title": "OnSubscribe" + } + }, + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.Integration": { + "additionalProperties": false, + "properties": { + "DataSourceName": { + "markdownDescription": "The unique name of the data source that has been configured on the API.", + "title": "DataSourceName", + "type": "string" + }, + "LambdaConfig": { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace.LambdaConfig", + "markdownDescription": "The configuration for a Lambda data source.", + "title": "LambdaConfig" + } + }, + "required": [ + "DataSourceName" + ], + "type": "object" + }, + "AWS::AppSync::ChannelNamespace.LambdaConfig": { + "additionalProperties": false, + "properties": { + "InvokeType": { + "markdownDescription": "The invocation type for a Lambda data source.", + "title": "InvokeType", + "type": "string" + } + }, + "required": [ + "InvokeType" + ], + "type": "object" + }, "AWS::AppSync::DataSource": { "additionalProperties": false, "properties": { @@ -19523,6 +21086,14 @@ "markdownDescription": "The domain name.", "title": "DomainName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) for this domain name.", + "title": "Tags", + "type": "array" } }, "required": [ @@ -20549,7 +22120,7 @@ }, "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget": { + "AWS::AppTest::TestCase": { "additionalProperties": false, "properties": { "Condition": { @@ -20584,62 +22155,45 @@ "Properties": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand.", - "title": "MinCapacity", - "type": "number" - }, - "ResourceId": { - "markdownDescription": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", - "title": "ResourceId", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide* .\n\nTo automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide* . Look for the ARN in the table at the bottom of the page.", - "title": "RoleARN", + "Description": { + "markdownDescription": "The description of the test case.", + "title": "Description", "type": "string" }, - "ScalableDimension": { - "markdownDescription": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n\n- `ecs:service:DesiredCount` - The task count of an ECS service.\n- `elasticmapreduce:instancegroup:InstanceCount` - The instance count of an EMR Instance Group.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet.\n- `appstream:fleet:DesiredCapacity` - The capacity of an AppStream 2.0 fleet.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n- `sagemaker:variant:DesiredInstanceCount` - The number of EC2 instances for a SageMaker model endpoint variant.\n- `custom-resource:ResourceType:Property` - The scalable dimension for a custom resource provided by your own application or service.\n- `comprehend:document-classifier-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend document classification endpoint.\n- `comprehend:entity-recognizer-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n- `lambda:function:ProvisionedConcurrency` - The provisioned concurrency for a Lambda function.\n- `cassandra:table:ReadCapacityUnits` - The provisioned read capacity for an Amazon Keyspaces table.\n- `cassandra:table:WriteCapacityUnits` - The provisioned write capacity for an Amazon Keyspaces table.\n- `kafka:broker-storage:VolumeSize` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n- `elasticache:cache-cluster:Nodes` - The number of nodes for an Amazon ElastiCache cache cluster.\n- `elasticache:replication-group:NodeGroups` - The number of node groups for an Amazon ElastiCache replication group.\n- `elasticache:replication-group:Replicas` - The number of replicas per node group for an Amazon ElastiCache replication group.\n- `neptune:cluster:ReadReplicaCount` - The count of read replicas in an Amazon Neptune DB cluster.\n- `sagemaker:variant:DesiredProvisionedConcurrency` - The provisioned concurrency for a SageMaker serverless endpoint.\n- `sagemaker:inference-component:DesiredCopyCount` - The number of copies across an endpoint for a SageMaker inference component.\n- `workspaces:workspacespool:DesiredUserSessions` - The number of user sessions for the WorkSpaces in the pool.", - "title": "ScalableDimension", + "Name": { + "markdownDescription": "The name of the test case.", + "title": "Name", "type": "string" }, - "ScheduledActions": { + "Steps": { "items": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction" + "$ref": "#/definitions/AWS::AppTest::TestCase.Step" }, - "markdownDescription": "The scheduled actions for the scalable target. Duplicates aren't allowed.", - "title": "ScheduledActions", + "markdownDescription": "The steps in the test case.", + "title": "Steps", "type": "array" }, - "ServiceNamespace": { - "markdownDescription": "The namespace of the AWS service that provides the resource, or a `custom-resource` .", - "title": "ServiceNamespace", - "type": "string" - }, - "SuspendedState": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState", - "markdownDescription": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to `true` suspends the specified scaling activities. Setting it to `false` (default) resumes the specified scaling activities.\n\n*Suspension Outcomes*\n\n- For `DynamicScalingInSuspended` , while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n- For `DynamicScalingOutSuspended` , while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n- For `ScheduledScalingSuspended` , while a suspension is in effect, all scaling activities that involve scheduled actions are suspended.", - "title": "SuspendedState" + "Tags": { + "additionalProperties": true, + "markdownDescription": "The specified tags of the test case.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "MaxCapacity", - "MinCapacity", - "ResourceId", - "ScalableDimension", - "ServiceNamespace" + "Name", + "Steps" ], "type": "object" }, "Type": { "enum": [ - "AWS::ApplicationAutoScaling::ScalableTarget" + "AWS::AppTest::TestCase" ], "type": "string" }, @@ -20658,84 +22212,688 @@ ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { + "AWS::AppTest::TestCase.Batch": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum capacity.", - "title": "MaxCapacity", - "type": "number" + "BatchJobName": { + "markdownDescription": "The job name of the batch.", + "title": "BatchJobName", + "type": "string" }, - "MinCapacity": { - "markdownDescription": "The minimum capacity.", - "title": "MinCapacity", - "type": "number" + "BatchJobParameters": { + "additionalProperties": true, + "markdownDescription": "The batch job parameters of the batch.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "BatchJobParameters", + "type": "object" + }, + "ExportDataSetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The export data set names of the batch.", + "title": "ExportDataSetNames", + "type": "array" } }, + "required": [ + "BatchJobName" + ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction": { + "AWS::AppTest::TestCase.CloudFormationAction": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The date and time that the action is scheduled to end, in UTC.", - "title": "EndTime", + "ActionType": { + "markdownDescription": "The action type of the CloudFormation action.", + "title": "ActionType", "type": "string" }, - "ScalableTargetAction": { - "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction", - "markdownDescription": "The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.", - "title": "ScalableTargetAction" + "Resource": { + "markdownDescription": "The resource of the CloudFormation action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.CompareAction": { + "additionalProperties": false, + "properties": { + "Input": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Input", + "markdownDescription": "The input of the compare action.", + "title": "Input" }, - "Schedule": { - "markdownDescription": "The schedule for this action. The following formats are supported:\n\n- At expressions - \" `at( *yyyy* - *mm* - *dd* T *hh* : *mm* : *ss* )` \"\n- Rate expressions - \" `rate( *value* *unit* )` \"\n- Cron expressions - \" `cron( *fields* )` \"\n\nAt expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.\n\nAt and cron expressions use Universal Coordinated Time (UTC) by default.\n\nThe cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].\n\nFor rate expressions, *value* is a positive integer and *unit* is `minute` | `minutes` | `hour` | `hours` | `day` | `days` .", - "title": "Schedule", + "Output": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Output", + "markdownDescription": "The output of the compare action.", + "title": "Output" + } + }, + "required": [ + "Input" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.DataSet": { + "additionalProperties": false, + "properties": { + "Ccsid": { + "markdownDescription": "The CCSID of the data set.", + "title": "Ccsid", "type": "string" }, - "ScheduledActionName": { - "markdownDescription": "The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target.", - "title": "ScheduledActionName", + "Format": { + "markdownDescription": "The format of the data set.", + "title": "Format", "type": "string" }, - "StartTime": { - "markdownDescription": "The date and time that the action is scheduled to begin, in UTC.", - "title": "StartTime", + "Length": { + "markdownDescription": "The length of the data set.", + "title": "Length", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the data set.", + "title": "Name", "type": "string" }, - "Timezone": { - "markdownDescription": "The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression.", - "title": "Timezone", + "Type": { + "markdownDescription": "The type of the data set.", + "title": "Type", "type": "string" } }, "required": [ - "Schedule", - "ScheduledActionName" + "Ccsid", + "Format", + "Length", + "Name", + "Type" ], "type": "object" }, - "AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState": { + "AWS::AppTest::TestCase.DatabaseCDC": { "additionalProperties": false, "properties": { - "DynamicScalingInSuspended": { - "markdownDescription": "Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is `false` .", - "title": "DynamicScalingInSuspended", - "type": "boolean" + "SourceMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.SourceDatabaseMetadata", + "markdownDescription": "The source metadata of the database CDC.", + "title": "SourceMetadata" }, - "DynamicScalingOutSuspended": { - "markdownDescription": "Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is `false` .", - "title": "DynamicScalingOutSuspended", - "type": "boolean" + "TargetMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.TargetDatabaseMetadata", + "markdownDescription": "The target metadata of the database CDC.", + "title": "TargetMetadata" + } + }, + "required": [ + "SourceMetadata", + "TargetMetadata" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.FileMetadata": { + "additionalProperties": false, + "properties": { + "DataSets": { + "items": { + "$ref": "#/definitions/AWS::AppTest::TestCase.DataSet" + }, + "markdownDescription": "The data sets of the file metadata.", + "title": "DataSets", + "type": "array" }, - "ScheduledScalingSuspended": { - "markdownDescription": "Whether scheduled scaling is suspended. Set the value to `true` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is `false` .", - "title": "ScheduledScalingSuspended", + "DatabaseCDC": { + "$ref": "#/definitions/AWS::AppTest::TestCase.DatabaseCDC", + "markdownDescription": "The database CDC of the file metadata.", + "title": "DatabaseCDC" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Input": { + "additionalProperties": false, + "properties": { + "File": { + "$ref": "#/definitions/AWS::AppTest::TestCase.InputFile", + "markdownDescription": "The file in the input.", + "title": "File" + } + }, + "required": [ + "File" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.InputFile": { + "additionalProperties": false, + "properties": { + "FileMetadata": { + "$ref": "#/definitions/AWS::AppTest::TestCase.FileMetadata", + "markdownDescription": "The file metadata of the input file.", + "title": "FileMetadata" + }, + "SourceLocation": { + "markdownDescription": "The source location of the input file.", + "title": "SourceLocation", + "type": "string" + }, + "TargetLocation": { + "markdownDescription": "The target location of the input file.", + "title": "TargetLocation", + "type": "string" + } + }, + "required": [ + "FileMetadata", + "SourceLocation", + "TargetLocation" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.M2ManagedActionProperties": { + "additionalProperties": false, + "properties": { + "ForceStop": { + "markdownDescription": "Force stops the Mainframe Modernization managed action properties.", + "title": "ForceStop", "type": "boolean" + }, + "ImportDataSetLocation": { + "markdownDescription": "The import data set location of the Mainframe Modernization managed action properties.", + "title": "ImportDataSetLocation", + "type": "string" } }, "type": "object" }, - "AWS::ApplicationAutoScaling::ScalingPolicy": { + "AWS::AppTest::TestCase.M2ManagedApplicationAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "markdownDescription": "The action type of the Mainframe Modernization managed application action.", + "title": "ActionType", + "type": "string" + }, + "Properties": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2ManagedActionProperties", + "markdownDescription": "The properties of the Mainframe Modernization managed application action.", + "title": "Properties" + }, + "Resource": { + "markdownDescription": "The resource of the Mainframe Modernization managed application action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.M2NonManagedApplicationAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "markdownDescription": "The action type of the Mainframe Modernization non-managed application action.", + "title": "ActionType", + "type": "string" + }, + "Resource": { + "markdownDescription": "The resource of the Mainframe Modernization non-managed application action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeAction": { + "additionalProperties": false, + "properties": { + "ActionType": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeActionType", + "markdownDescription": "The action type of the mainframe action.", + "title": "ActionType" + }, + "Properties": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeActionProperties", + "markdownDescription": "The properties of the mainframe action.", + "title": "Properties" + }, + "Resource": { + "markdownDescription": "The resource of the mainframe action.", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "ActionType", + "Resource" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeActionProperties": { + "additionalProperties": false, + "properties": { + "DmsTaskArn": { + "markdownDescription": "The DMS task ARN of the mainframe action properties.", + "title": "DmsTaskArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.MainframeActionType": { + "additionalProperties": false, + "properties": { + "Batch": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Batch", + "markdownDescription": "The batch of the mainframe action type.", + "title": "Batch" + }, + "Tn3270": { + "$ref": "#/definitions/AWS::AppTest::TestCase.TN3270", + "markdownDescription": "The tn3270 port of the mainframe action type.", + "title": "Tn3270" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Output": { + "additionalProperties": false, + "properties": { + "File": { + "$ref": "#/definitions/AWS::AppTest::TestCase.OutputFile", + "markdownDescription": "The file of the output.", + "title": "File" + } + }, + "required": [ + "File" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.OutputFile": { + "additionalProperties": false, + "properties": { + "FileLocation": { + "markdownDescription": "The file location of the output file.", + "title": "FileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.ResourceAction": { + "additionalProperties": false, + "properties": { + "CloudFormationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.CloudFormationAction", + "markdownDescription": "The CloudFormation action of the resource action.", + "title": "CloudFormationAction" + }, + "M2ManagedApplicationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2ManagedApplicationAction", + "markdownDescription": "The Mainframe Modernization managed application action of the resource action.", + "title": "M2ManagedApplicationAction" + }, + "M2NonManagedApplicationAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.M2NonManagedApplicationAction", + "markdownDescription": "The Mainframe Modernization non-managed application action of the resource action.", + "title": "M2NonManagedApplicationAction" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.Script": { + "additionalProperties": false, + "properties": { + "ScriptLocation": { + "markdownDescription": "The script location of the scripts.", + "title": "ScriptLocation", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the scripts.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ScriptLocation", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.SourceDatabaseMetadata": { + "additionalProperties": false, + "properties": { + "CaptureTool": { + "markdownDescription": "The capture tool of the source database metadata.", + "title": "CaptureTool", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the source database metadata.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "CaptureTool", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.Step": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::AppTest::TestCase.StepAction", + "markdownDescription": "The action of the step.", + "title": "Action" + }, + "Description": { + "markdownDescription": "The description of the step.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the step.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Action", + "Name" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.StepAction": { + "additionalProperties": false, + "properties": { + "CompareAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.CompareAction", + "markdownDescription": "The compare action of the step action.", + "title": "CompareAction" + }, + "MainframeAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.MainframeAction", + "markdownDescription": "The mainframe action of the step action.", + "title": "MainframeAction" + }, + "ResourceAction": { + "$ref": "#/definitions/AWS::AppTest::TestCase.ResourceAction", + "markdownDescription": "The resource action of the step action.", + "title": "ResourceAction" + } + }, + "type": "object" + }, + "AWS::AppTest::TestCase.TN3270": { + "additionalProperties": false, + "properties": { + "ExportDataSetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The data set names of the TN3270 protocol.", + "title": "ExportDataSetNames", + "type": "array" + }, + "Script": { + "$ref": "#/definitions/AWS::AppTest::TestCase.Script", + "markdownDescription": "The script of the TN3270 protocol.", + "title": "Script" + } + }, + "required": [ + "Script" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.TargetDatabaseMetadata": { + "additionalProperties": false, + "properties": { + "CaptureTool": { + "markdownDescription": "The capture tool of the target database metadata.", + "title": "CaptureTool", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the target database metadata.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "CaptureTool", + "Type" + ], + "type": "object" + }, + "AWS::AppTest::TestCase.TestCaseLatestVersion": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of the test case latest version.", + "title": "Status", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the test case latest version.", + "title": "Version", + "type": "number" + } + }, + "required": [ + "Status", + "Version" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand.", + "title": "MinCapacity", + "type": "number" + }, + "ResourceId": { + "markdownDescription": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", + "title": "ResourceId", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide* .\n\nTo automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide* . Look for the ARN in the table at the bottom of the page.", + "title": "RoleARN", + "type": "string" + }, + "ScalableDimension": { + "markdownDescription": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n\n- `ecs:service:DesiredCount` - The task count of an ECS service.\n- `elasticmapreduce:instancegroup:InstanceCount` - The instance count of an EMR Instance Group.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet.\n- `appstream:fleet:DesiredCapacity` - The capacity of an AppStream 2.0 fleet.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n- `sagemaker:variant:DesiredInstanceCount` - The number of EC2 instances for a SageMaker model endpoint variant.\n- `custom-resource:ResourceType:Property` - The scalable dimension for a custom resource provided by your own application or service.\n- `comprehend:document-classifier-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend document classification endpoint.\n- `comprehend:entity-recognizer-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n- `lambda:function:ProvisionedConcurrency` - The provisioned concurrency for a Lambda function.\n- `cassandra:table:ReadCapacityUnits` - The provisioned read capacity for an Amazon Keyspaces table.\n- `cassandra:table:WriteCapacityUnits` - The provisioned write capacity for an Amazon Keyspaces table.\n- `kafka:broker-storage:VolumeSize` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n- `elasticache:cache-cluster:Nodes` - The number of nodes for an Amazon ElastiCache cache cluster.\n- `elasticache:replication-group:NodeGroups` - The number of node groups for an Amazon ElastiCache replication group.\n- `elasticache:replication-group:Replicas` - The number of replicas per node group for an Amazon ElastiCache replication group.\n- `neptune:cluster:ReadReplicaCount` - The count of read replicas in an Amazon Neptune DB cluster.\n- `sagemaker:variant:DesiredProvisionedConcurrency` - The provisioned concurrency for a SageMaker serverless endpoint.\n- `sagemaker:inference-component:DesiredCopyCount` - The number of copies across an endpoint for a SageMaker inference component.\n- `workspaces:workspacespool:DesiredUserSessions` - The number of user sessions for the WorkSpaces in the pool.", + "title": "ScalableDimension", + "type": "string" + }, + "ScheduledActions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction" + }, + "markdownDescription": "The scheduled actions for the scalable target. Duplicates aren't allowed.", + "title": "ScheduledActions", + "type": "array" + }, + "ServiceNamespace": { + "markdownDescription": "The namespace of the AWS service that provides the resource, or a `custom-resource` .", + "title": "ServiceNamespace", + "type": "string" + }, + "SuspendedState": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState", + "markdownDescription": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to `true` suspends the specified scaling activities. Setting it to `false` (default) resumes the specified scaling activities.\n\n*Suspension Outcomes*\n\n- For `DynamicScalingInSuspended` , while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n- For `DynamicScalingOutSuspended` , while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n- For `ScheduledScalingSuspended` , while a suspension is in effect, all scaling activities that involve scheduled actions are suspended.", + "title": "SuspendedState" + } + }, + "required": [ + "MaxCapacity", + "MinCapacity", + "ResourceId", + "ScalableDimension", + "ServiceNamespace" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationAutoScaling::ScalableTarget" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum capacity.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum capacity.", + "title": "MinCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The date and time that the action is scheduled to end, in UTC.", + "title": "EndTime", + "type": "string" + }, + "ScalableTargetAction": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction", + "markdownDescription": "The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.", + "title": "ScalableTargetAction" + }, + "Schedule": { + "markdownDescription": "The schedule for this action. The following formats are supported:\n\n- At expressions - \" `at( *yyyy* - *mm* - *dd* T *hh* : *mm* : *ss* )` \"\n- Rate expressions - \" `rate( *value* *unit* )` \"\n- Cron expressions - \" `cron( *fields* )` \"\n\nAt expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.\n\nAt and cron expressions use Universal Coordinated Time (UTC) by default.\n\nThe cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].\n\nFor rate expressions, *value* is a positive integer and *unit* is `minute` | `minutes` | `hour` | `hours` | `day` | `days` .", + "title": "Schedule", + "type": "string" + }, + "ScheduledActionName": { + "markdownDescription": "The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target.", + "title": "ScheduledActionName", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time that the action is scheduled to begin, in UTC.", + "title": "StartTime", + "type": "string" + }, + "Timezone": { + "markdownDescription": "The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression.", + "title": "Timezone", + "type": "string" + } + }, + "required": [ + "Schedule", + "ScheduledActionName" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState": { + "additionalProperties": false, + "properties": { + "DynamicScalingInSuspended": { + "markdownDescription": "Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is `false` .", + "title": "DynamicScalingInSuspended", + "type": "boolean" + }, + "DynamicScalingOutSuspended": { + "markdownDescription": "Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is `false` .", + "title": "DynamicScalingOutSuspended", + "type": "boolean" + }, + "ScheduledScalingSuspended": { + "markdownDescription": "Whether scheduled scaling is suspended. Set the value to `true` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is `false` .", + "title": "ScheduledScalingSuspended", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -20780,6 +22938,11 @@ "title": "PolicyType", "type": "string" }, + "PredictiveScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPolicyConfiguration", + "markdownDescription": "The predictive scaling policy configuration.", + "title": "PredictiveScalingPolicyConfiguration" + }, "ResourceId": { "markdownDescription": "The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Amazon ElastiCache cache cluster - The resource type is `cache-cluster` and the unique identifier is the cache cluster name. Example: `cache-cluster/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", "title": "ResourceId", @@ -20919,6 +23082,287 @@ ], "type": "object" }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedCapacityMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "One or more metric data queries to provide data points for a metric specification.", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedLoadMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedScalingMetric": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery" + }, + "markdownDescription": "One or more metric data queries to provide data points for a metric specification.", + "title": "MetricDataQueries", + "type": "array" + } + }, + "required": [ + "MetricDataQueries" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetric": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDimension" + }, + "markdownDescription": "Describes the dimensions of the metric.", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDataQuery": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name that identifies the object's results in the response. This name must be unique among all `MetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.", + "title": "Label", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricStat", + "markdownDescription": "Information about the metric data to return.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "MetricStat" + }, + "ReturnData": { + "markdownDescription": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ).", + "title": "ReturnData", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricDimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the dimension.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricSpecification": { + "additionalProperties": false, + "properties": { + "CustomizedCapacityMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedCapacityMetric", + "markdownDescription": "The customized capacity metric specification.", + "title": "CustomizedCapacityMetricSpecification" + }, + "CustomizedLoadMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedLoadMetric", + "markdownDescription": "The customized load metric specification.", + "title": "CustomizedLoadMetricSpecification" + }, + "CustomizedScalingMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingCustomizedScalingMetric", + "markdownDescription": "The customized scaling metric specification.", + "title": "CustomizedScalingMetricSpecification" + }, + "PredefinedLoadMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedLoadMetric", + "markdownDescription": "The predefined load metric specification.", + "title": "PredefinedLoadMetricSpecification" + }, + "PredefinedMetricPairSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedMetricPair", + "markdownDescription": "The predefined metric pair specification that determines the appropriate scaling metric and load metric to use.", + "title": "PredefinedMetricPairSpecification" + }, + "PredefinedScalingMetricSpecification": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedScalingMetric", + "markdownDescription": "The predefined scaling metric specification.", + "title": "PredefinedScalingMetricSpecification" + }, + "TargetValue": { + "markdownDescription": "Specifies the target utilization.", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricStat": { + "additionalProperties": false, + "properties": { + "Metric": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetric", + "markdownDescription": "The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) .", + "title": "Metric" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metrics for predictive scaling are `Average` and `Sum` .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", + "title": "Unit", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacityBreachBehavior": { + "markdownDescription": "Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity. Defaults to `HonorMaxCapacity` if not specified.", + "title": "MaxCapacityBreachBehavior", + "type": "string" + }, + "MaxCapacityBuffer": { + "markdownDescription": "The size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. The value is specified as a percentage relative to the forecast capacity. For example, if the buffer is 10, this means a 10 percent buffer, such that if the forecast capacity is 50, and the maximum capacity is 40, then the effective maximum capacity is 55.\n\nRequired if the `MaxCapacityBreachBehavior` property is set to `IncreaseMaxCapacity` , and cannot be used otherwise.", + "title": "MaxCapacityBuffer", + "type": "number" + }, + "MetricSpecifications": { + "items": { + "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingMetricSpecification" + }, + "markdownDescription": "This structure includes the metrics and target utilization to use for predictive scaling.\n\nThis is an array, but we currently only support a single metric specification. That is, you can specify a target value and a single metric pair, or a target value and one scaling metric and one load metric.", + "title": "MetricSpecifications", + "type": "array" + }, + "Mode": { + "markdownDescription": "The predictive scaling mode. Defaults to `ForecastOnly` if not specified.", + "title": "Mode", + "type": "string" + }, + "SchedulingBufferTime": { + "markdownDescription": "The amount of time, in seconds, that the start time can be advanced.\n\nThe value must be less than the forecast interval duration of 3600 seconds (60 minutes). Defaults to 300 seconds if not specified.", + "title": "SchedulingBufferTime", + "type": "number" + } + }, + "required": [ + "MetricSpecifications" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedLoadMetric": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "The metric type.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a target group.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedMetricPair": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "Indicates which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a specific target group from which to determine the total and average request count.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, + "AWS::ApplicationAutoScaling::ScalingPolicy.PredictiveScalingPredefinedScalingMetric": { + "additionalProperties": false, + "properties": { + "PredefinedMetricType": { + "markdownDescription": "The metric type.", + "title": "PredefinedMetricType", + "type": "string" + }, + "ResourceLabel": { + "markdownDescription": "A label that uniquely identifies a specific target group from which to determine the average request count.", + "title": "ResourceLabel", + "type": "string" + } + }, + "required": [ + "PredefinedMetricType" + ], + "type": "object" + }, "AWS::ApplicationAutoScaling::ScalingPolicy.StepAdjustment": { "additionalProperties": false, "properties": { @@ -21202,6 +23646,11 @@ "title": "ResourceGroupName", "type": "string" }, + "SNSNotificationArn": { + "markdownDescription": "The SNS topic ARN that is associated with SNS notifications for updates or issues.", + "title": "SNSNotificationArn", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -21738,6 +24187,636 @@ ], "type": "object" }, + "AWS::ApplicationSignals::Discovery": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationSignals::Discovery" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BurnRateConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.BurnRateConfiguration" + }, + "markdownDescription": "Each object in this array defines the length of the look-back window used to calculate one burn rate metric for this SLO. The burn rate measures how fast the service is consuming the error budget, relative to the attainment goal of the SLO.", + "title": "BurnRateConfigurations", + "type": "array" + }, + "Description": { + "markdownDescription": "An optional description for this SLO.", + "title": "Description", + "type": "string" + }, + "ExclusionWindows": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.ExclusionWindow" + }, + "markdownDescription": "The time window to be excluded from the SLO performance metrics.", + "title": "ExclusionWindows", + "type": "array" + }, + "Goal": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Goal", + "markdownDescription": "This structure contains the attributes that determine the goal of an SLO. This includes the time period for evaluation and the attainment threshold.", + "title": "Goal" + }, + "Name": { + "markdownDescription": "A name for this SLO.", + "title": "Name", + "type": "string" + }, + "RequestBasedSli": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSli", + "markdownDescription": "A structure containing information about the performance metric that this SLO monitors, if this is a request-based SLO.", + "title": "RequestBasedSli" + }, + "Sli": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Sli", + "markdownDescription": "A structure containing information about the performance metric that this SLO monitors, if this is a period-based SLO.", + "title": "Sli" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to associate with the SLO. You can associate as many as 50 tags with an SLO. To be able to associate tags with the SLO when you create the SLO, you must have the cloudwatch:TagResource permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ApplicationSignals::ServiceLevelObjective" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.BurnRateConfiguration": { + "additionalProperties": false, + "properties": { + "LookBackWindowMinutes": { + "markdownDescription": "The number of minutes to use as the look-back window.", + "title": "LookBackWindowMinutes", + "type": "number" + } + }, + "required": [ + "LookBackWindowMinutes" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.CalendarInterval": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "Specifies the duration of each calendar interval. For example, if `Duration` is `1` and `DurationUnit` is `MONTH` , each interval is one month, aligned with the calendar.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "Specifies the calendar interval unit.", + "title": "DurationUnit", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time when you want the first interval to start. Be sure to choose a time that configures the intervals the way that you want. For example, if you want weekly intervals starting on Mondays at 6 a.m., be sure to specify a start time that is a Monday at 6 a.m.\n\nWhen used in a raw HTTP Query API, it is formatted as be epoch time in seconds. For example: `1698778057`\n\nAs soon as one calendar interval ends, another automatically begins.", + "title": "StartTime", + "type": "number" + } + }, + "required": [ + "Duration", + "DurationUnit", + "StartTime" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig": { + "additionalProperties": false, + "properties": { + "DependencyKeyAttributes": { + "additionalProperties": true, + "markdownDescription": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which dependency the SLO metric is related to.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DependencyKeyAttributes", + "type": "object" + }, + "DependencyOperationName": { + "markdownDescription": "When the SLO monitors a specific operation of the dependency, this field specifies the name of that operation in the dependency.", + "title": "DependencyOperationName", + "type": "string" + } + }, + "required": [ + "DependencyKeyAttributes", + "DependencyOperationName" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Dimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon ( `:` ). ASCII control characters are not supported as part of dimension names.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.ExclusionWindow": { + "additionalProperties": false, + "properties": { + "Reason": { + "markdownDescription": "The reason for the time exclusion windows. For example, maintenance.", + "title": "Reason", + "type": "string" + }, + "RecurrenceRule": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RecurrenceRule", + "markdownDescription": "The recurrence rule for the time exclusion window.", + "title": "RecurrenceRule" + }, + "StartTime": { + "markdownDescription": "The start time of the time exclusion window.", + "title": "StartTime", + "type": "string" + }, + "Window": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Window", + "markdownDescription": "The time exclusion window.", + "title": "Window" + } + }, + "required": [ + "Window" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Goal": { + "additionalProperties": false, + "properties": { + "AttainmentGoal": { + "markdownDescription": "The threshold that determines if the goal is being met.\n\nIf this is a period-based SLO, the attainment goal is the percentage of good periods that meet the threshold requirements to the total periods within the interval. For example, an attainment goal of 99.9% means that within your interval, you are targeting 99.9% of the periods to be in healthy state.\n\nIf this is a request-based SLO, the attainment goal is the percentage of requests that must be successful to meet the attainment goal.\n\nIf you omit this parameter, 99 is used to represent 99% as the attainment goal.", + "title": "AttainmentGoal", + "type": "number" + }, + "Interval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Interval", + "markdownDescription": "The time period used to evaluate the SLO. It can be either a calendar interval or rolling interval.\n\nIf you omit this parameter, a rolling interval of 7 days is used.", + "title": "Interval" + }, + "WarningThreshold": { + "markdownDescription": "The percentage of remaining budget over total budget that you want to get warnings for. If you omit this parameter, the default of 50.0 is used.", + "title": "WarningThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Interval": { + "additionalProperties": false, + "properties": { + "CalendarInterval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.CalendarInterval", + "markdownDescription": "If the interval is a calendar interval, this structure contains the interval specifications.", + "title": "CalendarInterval" + }, + "RollingInterval": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RollingInterval", + "markdownDescription": "If the interval is a rolling interval, this structure contains the interval specifications.", + "title": "RollingInterval" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Metric": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Dimension" + }, + "markdownDescription": "An array of one or more dimensions to use to define the metric that you want to use. For more information, see [Dimensions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Dimension) .", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric to use.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account where this metric is located. If you are performing this operation in a monitoring account, use this to specify which source account to retrieve this metric from.", + "title": "AccountId", + "type": "string" + }, + "Expression": { + "markdownDescription": "This field can contain a metric math expression to be performed on the other metrics that you are retrieving within this `MetricDataQueries` structure.\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This `Id` must be unique within a `MetricDataQueries` array. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the metric math expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricStat", + "markdownDescription": "A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO.\n\nWithin one `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "ReturnData": { + "markdownDescription": "Use this only if you are using a metric math expression for the SLO. Specify `true` for `ReturnData` for only the one expression result to use as the alarm. For all other metrics and expressions in the same `CreateServiceLevelObjective` operation, specify `ReturnData` as `false` .", + "title": "ReturnData", + "type": "boolean" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MetricStat": { + "additionalProperties": false, + "properties": { + "Metric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.Metric", + "markdownDescription": "The metric to use as the service level indicator, including the metric name, namespace, and dimensions.", + "title": "Metric" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, to be used for the metric. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. For more information about statistics, see [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "If you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Metric", + "Period", + "Stat" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.MonitoredRequestCountMetric": { + "additionalProperties": false, + "properties": { + "BadCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If you want to count \"bad requests\" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as \"bad requests\" in this structure.", + "title": "BadCountMetric", + "type": "array" + }, + "GoodCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If you want to count \"good requests\" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as \"good requests\" in this structure.", + "title": "GoodCountMetric", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RecurrenceRule": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The following two rules are supported:\n\n- rate(value unit) - The value must be a positive integer and the unit can be hour|day|month.\n- cron - An expression which consists of six fields separated by white spaces: (minutes hours day_of_month month day_of_week year).", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSli": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation used when comparing the specified metric to the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "MetricThreshold": { + "markdownDescription": "This value is the threshold that the observed metric values of the SLI metric are compared to.", + "title": "MetricThreshold", + "type": "number" + }, + "RequestBasedSliMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSliMetric", + "markdownDescription": "A structure that contains information about the metric that the SLO monitors.", + "title": "RequestBasedSliMetric" + } + }, + "required": [ + "RequestBasedSliMetric" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RequestBasedSliMetric": { + "additionalProperties": false, + "properties": { + "DependencyConfig": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig", + "markdownDescription": "Identifies the dependency using the `DependencyKeyAttributes` and `DependencyOperationName` .", + "title": "DependencyConfig" + }, + "KeyAttributes": { + "additionalProperties": true, + "markdownDescription": "This is a string-to-string map that contains information about the type of object that this SLO is related to. It can include the following fields.\n\n- `Type` designates the type of object that this SLO is related to.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.\n- `AwsAccountId` allows you to create an SLO for an object that exists in another account.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KeyAttributes", + "type": "object" + }, + "MetricType": { + "markdownDescription": "If the SLO monitors either the `LATENCY` or `AVAILABILITY` metric that Application Signals collects, this field displays which of those metrics is used.", + "title": "MetricType", + "type": "string" + }, + "MonitoredRequestCountMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MonitoredRequestCountMetric", + "markdownDescription": "Use this structure to define the metric that you want to use as the \"good request\" or \"bad request\" value for a request-based SLO. This value observed for the metric defined in `TotalRequestCountMetric` will be divided by the number found for `MonitoredRequestCountMetric` to determine the percentage of successful requests that this SLO tracks.", + "title": "MonitoredRequestCountMetric" + }, + "OperationName": { + "markdownDescription": "If the SLO monitors a specific operation of the service, this field displays that operation name.", + "title": "OperationName", + "type": "string" + }, + "TotalRequestCountMetric": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "This structure defines the metric that is used as the \"total requests\" number for a request-based SLO. The number observed for this metric is divided by the number of \"good requests\" or \"bad requests\" that is observed for the metric defined in `MonitoredRequestCountMetric` .", + "title": "TotalRequestCountMetric", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.RollingInterval": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "Specifies the duration of each rolling interval. For example, if `Duration` is `7` and `DurationUnit` is `DAY` , each rolling interval is seven days.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "Specifies the rolling interval unit.", + "title": "DurationUnit", + "type": "string" + } + }, + "required": [ + "Duration", + "DurationUnit" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Sli": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified metric to the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "MetricThreshold": { + "markdownDescription": "The value that the SLI metric is compared to.", + "title": "MetricThreshold", + "type": "number" + }, + "SliMetric": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.SliMetric", + "markdownDescription": "Use this structure to specify the metric to be used for the SLO.", + "title": "SliMetric" + } + }, + "required": [ + "ComparisonOperator", + "MetricThreshold", + "SliMetric" + ], + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.SliMetric": { + "additionalProperties": false, + "properties": { + "DependencyConfig": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.DependencyConfig", + "markdownDescription": "Identifies the dependency using the `DependencyKeyAttributes` and `DependencyOperationName` .", + "title": "DependencyConfig" + }, + "KeyAttributes": { + "additionalProperties": true, + "markdownDescription": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which service the SLO metric is related to. To do so, you must specify at least the `Type` , `Name` , and `Environment` attributes.\n\nThis is a string-to-string map. It can include the following fields.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KeyAttributes", + "type": "object" + }, + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective.MetricDataQuery" + }, + "markdownDescription": "If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, use this structure to specify that metric or expression.", + "title": "MetricDataQueries", + "type": "array" + }, + "MetricType": { + "markdownDescription": "If the SLO is to monitor either the `LATENCY` or `AVAILABILITY` metric that Application Signals collects, use this field to specify which of those metrics is used.", + "title": "MetricType", + "type": "string" + }, + "OperationName": { + "markdownDescription": "If the SLO is to monitor a specific operation of the service, use this field to specify the name of that operation.", + "title": "OperationName", + "type": "string" + }, + "PeriodSeconds": { + "markdownDescription": "The number of seconds to use as the period for SLO evaluation. Your application's performance is compared to the SLI during each period. For each period, the application is determined to have either achieved or not achieved the necessary performance.", + "title": "PeriodSeconds", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. For more information about statistics, see [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) .", + "title": "Statistic", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ApplicationSignals::ServiceLevelObjective.Window": { + "additionalProperties": false, + "properties": { + "Duration": { + "markdownDescription": "The start and end time of the time exclusion window.", + "title": "Duration", + "type": "number" + }, + "DurationUnit": { + "markdownDescription": "The unit of measurement to use during the time window exclusion.", + "title": "DurationUnit", + "type": "string" + } + }, + "required": [ + "Duration", + "DurationUnit" + ], + "type": "object" + }, "AWS::Athena::CapacityReservation": { "additionalProperties": false, "properties": { @@ -21893,11 +24972,21 @@ "Properties": { "additionalProperties": false, "properties": { + "ConnectionType": { + "markdownDescription": "The type of connection for a `FEDERATED` data catalog (for example, `REDSHIFT` , `MYSQL` , or `SQLSERVER` ). For information about individual connectors, see [Available data source connectors](https://docs.aws.amazon.com/athena/latest/ug/connectors-available.html) .", + "title": "ConnectionType", + "type": "string" + }, "Description": { "markdownDescription": "A description of the data catalog.", "title": "Description", "type": "string" }, + "Error": { + "markdownDescription": "Text of the error that occurred during data catalog creation or deletion.", + "title": "Error", + "type": "string" + }, "Name": { "markdownDescription": "The name of the data catalog. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters.", "title": "Name", @@ -21914,6 +25003,11 @@ "title": "Parameters", "type": "object" }, + "Status": { + "markdownDescription": "The status of the creation or deletion of the data catalog.\n\n- The `LAMBDA` , `GLUE` , and `HIVE` data catalog types are created synchronously. Their status is either `CREATE_COMPLETE` or `CREATE_FAILED` .\n- The `FEDERATED` data catalog type is created asynchronously.\n\nData catalog creation status:\n\n- `CREATE_IN_PROGRESS` : Federated data catalog creation in progress.\n- `CREATE_COMPLETE` : Data catalog creation complete.\n- `CREATE_FAILED` : Data catalog could not be created.\n- `CREATE_FAILED_CLEANUP_IN_PROGRESS` : Federated data catalog creation failed and is being removed.\n- `CREATE_FAILED_CLEANUP_COMPLETE` : Federated data catalog creation failed and was removed.\n- `CREATE_FAILED_CLEANUP_FAILED` : Federated data catalog creation failed but could not be removed.\n\nData catalog deletion status:\n\n- `DELETE_IN_PROGRESS` : Federated data catalog deletion in progress.\n- `DELETE_COMPLETE` : Federated data catalog deleted.\n- `DELETE_FAILED` : Federated data catalog could not be deleted.", + "title": "Status", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -22285,6 +25379,33 @@ }, "type": "object" }, + "AWS::Athena::WorkGroup.ManagedQueryResultsConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If set to true, allows you to store query results in Athena owned storage. If set to false, workgroup member stores query results in location specified under `ResultConfiguration$OutputLocation` . The default is false. A workgroup cannot have the `ResultConfiguration$OutputLocation` parameter when you set this field to true.", + "title": "Enabled", + "type": "boolean" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::Athena::WorkGroup.ManagedStorageEncryptionConfiguration", + "markdownDescription": "If you encrypt query and calculation results in Athena owned storage, this field indicates the encryption option (for example, SSE_KMS or CSE_KMS) and key information.", + "title": "EncryptionConfiguration" + } + }, + "type": "object" + }, + "AWS::Athena::WorkGroup.ManagedStorageEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKey": { + "markdownDescription": "", + "title": "KmsKey", + "type": "string" + } + }, + "type": "object" + }, "AWS::Athena::WorkGroup.ResultConfiguration": { "additionalProperties": false, "properties": { @@ -22344,6 +25465,11 @@ "title": "ExecutionRole", "type": "string" }, + "ManagedQueryResultsConfiguration": { + "$ref": "#/definitions/AWS::Athena::WorkGroup.ManagedQueryResultsConfiguration", + "markdownDescription": "The configuration for storing results in Athena owned storage, which includes whether this feature is enabled; whether encryption configuration, if any, is used for encrypting query results.", + "title": "ManagedQueryResultsConfiguration" + }, "PublishCloudWatchMetricsEnabled": { "markdownDescription": "Indicates that the Amazon CloudWatch metrics are enabled for the workgroup.", "title": "PublishCloudWatchMetricsEnabled", @@ -22669,6 +25795,16 @@ "title": "AutoScalingGroupName", "type": "string" }, + "AvailabilityZoneDistribution": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneDistribution", + "markdownDescription": "The instance capacity distribution across Availability Zones.", + "title": "AvailabilityZoneDistribution" + }, + "AvailabilityZoneImpairmentPolicy": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneImpairmentPolicy", + "markdownDescription": "The Availability Zone impairment policy.", + "title": "AvailabilityZoneImpairmentPolicy" + }, "AvailabilityZones": { "items": { "type": "string" @@ -22682,6 +25818,11 @@ "title": "CapacityRebalance", "type": "boolean" }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CapacityReservationSpecification", + "markdownDescription": "The capacity reservation specification.", + "title": "CapacityReservationSpecification" + }, "Context": { "markdownDescription": "Reserved.", "title": "Context", @@ -22804,6 +25945,11 @@ "title": "ServiceLinkedRoleARN", "type": "string" }, + "SkipZonalShiftValidation": { + "markdownDescription": "", + "title": "SkipZonalShiftValidation", + "type": "boolean" + }, "Tags": { "items": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.TagProperty" @@ -22828,6 +25974,14 @@ "title": "TerminationPolicies", "type": "array" }, + "TrafficSources": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.TrafficSourceIdentifier" + }, + "markdownDescription": "The traffic sources associated with this Auto Scaling group.", + "title": "TrafficSources", + "type": "array" + }, "VPCZoneIdentifier": { "items": { "type": "string" @@ -22899,6 +26053,37 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneDistribution": { + "additionalProperties": false, + "properties": { + "CapacityDistributionStrategy": { + "markdownDescription": "If launches fail in an Availability Zone, the following strategies are available. The default is `balanced-best-effort` .\n\n- `balanced-only` - If launches fail in an Availability Zone, Auto Scaling will continue to attempt to launch in the unhealthy zone to preserve a balanced distribution.\n- `balanced-best-effort` - If launches fail in an Availability Zone, Auto Scaling will attempt to launch in another healthy Availability Zone instead.", + "title": "CapacityDistributionStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneImpairmentPolicy": { + "additionalProperties": false, + "properties": { + "ImpairedZoneHealthCheckBehavior": { + "markdownDescription": "Specifies the health check behavior for the impaired Availability Zone in an active zonal shift. If you select `Replace unhealthy` , instances that appear unhealthy will be replaced in all Availability Zones. If you select `Ignore unhealthy` , instances will not be replaced in the Availability Zone with the active zonal shift. For more information, see [Auto Scaling group zonal shift](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-zonal-shift.html) in the *Amazon EC2 Auto Scaling User Guide* .", + "title": "ImpairedZoneHealthCheckBehavior", + "type": "string" + }, + "ZonalShiftEnabled": { + "markdownDescription": "If `true` , enable zonal shift for your Auto Scaling group.", + "title": "ZonalShiftEnabled", + "type": "boolean" + } + }, + "required": [ + "ImpairedZoneHealthCheckBehavior", + "ZonalShiftEnabled" + ], + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.BaselineEbsBandwidthMbpsRequest": { "additionalProperties": false, "properties": { @@ -22915,6 +26100,72 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.BaselinePerformanceFactorsRequest": { + "additionalProperties": false, + "properties": { + "Cpu": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CapacityReservationSpecification": { + "additionalProperties": false, + "properties": { + "CapacityReservationPreference": { + "markdownDescription": "The capacity reservation preference. The following options are available:\n\n- `capacity-reservations-only` - Auto Scaling will only launch instances into a Capacity Reservation or Capacity Reservation resource group. If capacity isn't available, instances will fail to launch.\n- `capacity-reservations-first` - Auto Scaling will try to launch instances into a Capacity Reservation or Capacity Reservation resource group first. If capacity isn't available, instances will run in On-Demand capacity.\n- `none` - Auto Scaling will not launch instances into a Capacity Reservation. Instances will run in On-Demand capacity.\n- `default` - Auto Scaling uses the Capacity Reservation preference from your launch template or an open Capacity Reservation.", + "title": "CapacityReservationPreference", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.CapacityReservationTarget", + "markdownDescription": "Describes a target Capacity Reservation or Capacity Reservation resource group.", + "title": "CapacityReservationTarget" + } + }, + "required": [ + "CapacityReservationPreference" + ], + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CapacityReservationTarget": { + "additionalProperties": false, + "properties": { + "CapacityReservationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Capacity Reservation IDs to launch instances into.", + "title": "CapacityReservationIds", + "type": "array" + }, + "CapacityReservationResourceGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The resource group ARNs of the Capacity Reservation to launch instances into.", + "title": "CapacityReservationResourceGroupArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::AutoScaling::AutoScalingGroup.CpuPerformanceFactorRequest": { + "additionalProperties": false, + "properties": { + "References": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.PerformanceFactorReferenceRequest" + }, + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently only one instance family can be specified in the list.", + "title": "References", + "type": "array" + } + }, + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.InstanceMaintenancePolicy": { "additionalProperties": false, "properties": { @@ -22986,6 +26237,11 @@ "markdownDescription": "The minimum and maximum baseline bandwidth performance for an instance type, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", "title": "BaselineEbsBandwidthMbps" }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance factors for the instance requirements.", + "title": "BaselinePerformanceFactors" + }, "BurstablePerformance": { "markdownDescription": "Indicates whether burstable performance instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `excluded`", "title": "BurstablePerformance", @@ -23368,6 +26624,17 @@ ], "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.PerformanceFactorReferenceRequest": { + "additionalProperties": false, + "properties": { + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Make sure that you specify the correct value for the instance family. The instance family is everything before the period (.) in the instance type name. For example, in the instance `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance types are *not supported* for performance protection.\n\n- `c1`\n- `g3| g3s`\n- `hpc7g`\n- `m1| m2`\n- `mac1 | mac2 | mac2-m1ultra | mac2-m2 | mac2-m2pro`\n- `p3dn | p4d | p5`\n- `t1`\n- `u-12tb1 | u-18tb1 | u-24tb1 | u-3tb1 | u-6tb1 | u-9tb1 | u7i-12tb | u7in-16tb | u7in-24tb | u7in-32tb`\n\nIf you performance protection by specifying a supported instance family, the returned instance types will exclude the preceding unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response.", + "title": "InstanceFamily", + "type": "string" + } + }, + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.TagProperty": { "additionalProperties": false, "properties": { @@ -23410,6 +26677,26 @@ }, "type": "object" }, + "AWS::AutoScaling::AutoScalingGroup.TrafficSourceIdentifier": { + "additionalProperties": false, + "properties": { + "Identifier": { + "markdownDescription": "Identifies the traffic source.\n\nFor Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region.\n\nFor example:\n\n- Application Load Balancer ARN: `arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-targets/1234567890123456`\n- Classic Load Balancer name: `my-classic-load-balancer`\n- VPC Lattice ARN: `arn:aws:vpc-lattice:us-west-2:123456789012:targetgroup/tg-1234567890123456`\n\nTo get the ARN of a target group for a Application Load Balancer, Gateway Load Balancer, or Network Load Balancer, or the name of a Classic Load Balancer, use the Elastic Load Balancing [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) and [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operations.\n\nTo get the ARN of a target group for VPC Lattice, use the VPC Lattice [GetTargetGroup](https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetTargetGroup.html) API operation.", + "title": "Identifier", + "type": "string" + }, + "Type": { + "markdownDescription": "Provides additional context for the value of `Identifier` .\n\nThe following lists the valid values:\n\n- `elb` if `Identifier` is the name of a Classic Load Balancer.\n- `elbv2` if `Identifier` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group.\n- `vpc-lattice` if `Identifier` is the ARN of a VPC Lattice target group.\n\nRequired if the identifier is the name of a Classic Load Balancer.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Identifier", + "Type" + ], + "type": "object" + }, "AWS::AutoScaling::AutoScalingGroup.VCpuCountRequest": { "additionalProperties": false, "properties": { @@ -23923,11 +27210,24 @@ "title": "MetricName", "type": "string" }, + "Metrics": { + "items": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery" + }, + "markdownDescription": "The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions.", + "title": "Metrics", + "type": "array" + }, "Namespace": { "markdownDescription": "The namespace of the metric.", "title": "Namespace", "type": "string" }, + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" + }, "Statistic": { "markdownDescription": "The statistic of the metric.", "title": "Statistic", @@ -23939,11 +27239,6 @@ "type": "string" } }, - "required": [ - "MetricName", - "Namespace", - "Statistic" - ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.Metric": { @@ -24314,207 +27609,276 @@ ], "type": "object" }, - "AWS::AutoScaling::ScheduledAction": { + "AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery": { "additionalProperties": false, "properties": { - "Condition": { + "Expression": { + "markdownDescription": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "Expression", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "A short name that identifies the object's results in the response. This name must be unique among all `TargetTrackingMetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.", + "title": "Label", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupName": { - "markdownDescription": "The name of the Auto Scaling group.", - "title": "AutoScalingGroupName", - "type": "string" - }, - "DesiredCapacity": { - "markdownDescription": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. It can scale beyond this capacity if you add more scaling conditions.\n\n> You must specify at least one of the following properties: `MaxSize` , `MinSize` , or `DesiredCapacity` .", - "title": "DesiredCapacity", - "type": "number" - }, - "EndTime": { - "markdownDescription": "The date and time for the recurring schedule to end, in UTC. For example, `\"2021-06-01T00:00:00Z\"` .", - "title": "EndTime", - "type": "string" - }, - "MaxSize": { - "markdownDescription": "The maximum size of the Auto Scaling group.", - "title": "MaxSize", - "type": "number" - }, - "MinSize": { - "markdownDescription": "The minimum size of the Auto Scaling group.", - "title": "MinSize", - "type": "number" - }, - "Recurrence": { - "markdownDescription": "The recurring schedule for this action. This format consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, `\"30 0 1 1,6,12 *\"` ). For more information about this format, see [Crontab](https://docs.aws.amazon.com/http://crontab.org) .\n\nWhen `StartTime` and `EndTime` are specified with `Recurrence` , they form the boundaries of when the recurring action starts and stops.\n\nCron expressions use Universal Coordinated Time (UTC) by default.", - "title": "Recurrence", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format in UTC/GMT only and in quotes (for example, `\"2021-06-01T00:00:00Z\"` ).\n\nIf you specify `Recurrence` and `StartTime` , Amazon EC2 Auto Scaling performs the action at this time, and then performs the action based on the specified recurrence.", - "title": "StartTime", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "Specifies the time zone for a cron expression. If a time zone is not provided, UTC is used by default.\n\nValid values are the canonical names of the IANA time zones, derived from the IANA Time Zone Database (such as `Etc/GMT+9` or `Pacific/Tahiti` ). For more information, see [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) .", - "title": "TimeZone", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupName" - ], - "type": "object" + "MetricStat": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricStat", + "markdownDescription": "Information about the metric data to return.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", + "title": "MetricStat" }, - "Type": { - "enum": [ - "AWS::AutoScaling::ScheduledAction" - ], - "type": "string" + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ReturnData": { + "markdownDescription": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ).", + "title": "ReturnData", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Id" ], "type": "object" }, - "AWS::AutoScaling::WarmPool": { + "AWS::AutoScaling::ScalingPolicy.TargetTrackingMetricStat": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Metric": { + "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.Metric", + "markdownDescription": "The metric to use.", + "title": "Metric" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupName": { - "markdownDescription": "The name of the Auto Scaling group.", - "title": "AutoScalingGroupName", - "type": "string" - }, - "InstanceReusePolicy": { - "$ref": "#/definitions/AWS::AutoScaling::WarmPool.InstanceReusePolicy", - "markdownDescription": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.", - "title": "InstanceReusePolicy" - }, - "MaxGroupPreparedCapacity": { - "markdownDescription": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n> If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n> \n> The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value.", - "title": "MaxGroupPreparedCapacity", - "type": "number" - }, - "MinSize": { - "markdownDescription": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified.", - "title": "MinSize", - "type": "number" - }, - "PoolState": { - "markdownDescription": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` .", - "title": "PoolState", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupName" - ], - "type": "object" + "Period": { + "markdownDescription": "The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) .", + "title": "Period", + "type": "number" }, - "Type": { - "enum": [ - "AWS::AutoScaling::WarmPool" - ], + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metric for scaling is `Average` .", + "title": "Stat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Unit": { + "markdownDescription": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", + "title": "Unit", "type": "string" } }, "required": [ - "Type", - "Properties" + "Metric", + "Stat" ], "type": "object" }, - "AWS::AutoScaling::WarmPool.InstanceReusePolicy": { - "additionalProperties": false, - "properties": { - "ReuseOnScaleIn": { - "markdownDescription": "Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in.", - "title": "ReuseOnScaleIn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::AutoScalingPlans::ScalingPlan": { + "AWS::AutoScaling::ScheduledAction": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoScalingGroupName": { + "markdownDescription": "The name of the Auto Scaling group.", + "title": "AutoScalingGroupName", + "type": "string" + }, + "DesiredCapacity": { + "markdownDescription": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. It can scale beyond this capacity if you add more scaling conditions.\n\n> You must specify at least one of the following properties: `MaxSize` , `MinSize` , or `DesiredCapacity` .", + "title": "DesiredCapacity", + "type": "number" + }, + "EndTime": { + "markdownDescription": "The date and time for the recurring schedule to end, in UTC. For example, `\"2021-06-01T00:00:00Z\"` .", + "title": "EndTime", + "type": "string" + }, + "MaxSize": { + "markdownDescription": "The maximum size of the Auto Scaling group.", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "The minimum size of the Auto Scaling group.", + "title": "MinSize", + "type": "number" + }, + "Recurrence": { + "markdownDescription": "The recurring schedule for this action. This format consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, `\"30 0 1 1,6,12 *\"` ). For more information about this format, see [Crontab](https://docs.aws.amazon.com/http://crontab.org) .\n\nWhen `StartTime` and `EndTime` are specified with `Recurrence` , they form the boundaries of when the recurring action starts and stops.\n\nCron expressions use Universal Coordinated Time (UTC) by default.", + "title": "Recurrence", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format in UTC/GMT only and in quotes (for example, `\"2021-06-01T00:00:00Z\"` ).\n\nIf you specify `Recurrence` and `StartTime` , Amazon EC2 Auto Scaling performs the action at this time, and then performs the action based on the specified recurrence.", + "title": "StartTime", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "Specifies the time zone for a cron expression. If a time zone is not provided, UTC is used by default.\n\nValid values are the canonical names of the IANA time zones, derived from the IANA Time Zone Database (such as `Etc/GMT+9` or `Pacific/Tahiti` ). For more information, see [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) .", + "title": "TimeZone", + "type": "string" + } + }, + "required": [ + "AutoScalingGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AutoScaling::ScheduledAction" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AutoScaling::WarmPool": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutoScalingGroupName": { + "markdownDescription": "The name of the Auto Scaling group.", + "title": "AutoScalingGroupName", + "type": "string" + }, + "InstanceReusePolicy": { + "$ref": "#/definitions/AWS::AutoScaling::WarmPool.InstanceReusePolicy", + "markdownDescription": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.", + "title": "InstanceReusePolicy" + }, + "MaxGroupPreparedCapacity": { + "markdownDescription": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n> If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n> \n> The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value.", + "title": "MaxGroupPreparedCapacity", + "type": "number" + }, + "MinSize": { + "markdownDescription": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified.", + "title": "MinSize", + "type": "number" + }, + "PoolState": { + "markdownDescription": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` .", + "title": "PoolState", + "type": "string" + } + }, + "required": [ + "AutoScalingGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::AutoScaling::WarmPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::AutoScaling::WarmPool.InstanceReusePolicy": { + "additionalProperties": false, + "properties": { + "ReuseOnScaleIn": { + "markdownDescription": "Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in.", + "title": "ReuseOnScaleIn", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::AutoScalingPlans::ScalingPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -25010,6 +28374,11 @@ "AWS::B2BI::Capability.EdiConfiguration": { "additionalProperties": false, "properties": { + "CapabilityDirection": { + "markdownDescription": "Specifies whether this is capability is for inbound or outbound transformations.", + "title": "CapabilityDirection", + "type": "string" + }, "InputLocation": { "$ref": "#/definitions/AWS::B2BI::Capability.S3Location", "markdownDescription": "Contains the Amazon S3 bucket and prefix for the location of the input file, which is contained in an `S3Location` object.", @@ -25128,6 +28497,11 @@ "title": "Capabilities", "type": "array" }, + "CapabilityOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.CapabilityOptions", + "markdownDescription": "Contains the details for an Outbound EDI capability.", + "title": "CapabilityOptions" + }, "Email": { "markdownDescription": "Specifies the email address associated with this trading partner.", "title": "Email", @@ -25158,6 +28532,7 @@ } }, "required": [ + "Capabilities", "Email", "Name", "ProfileId" @@ -25185,6 +28560,255 @@ ], "type": "object" }, + "AWS::B2BI::Partnership.CapabilityOptions": { + "additionalProperties": false, + "properties": { + "InboundEdi": { + "$ref": "#/definitions/AWS::B2BI::Partnership.InboundEdiOptions", + "markdownDescription": "A structure that contains the inbound EDI options for the capability.", + "title": "InboundEdi" + }, + "OutboundEdi": { + "$ref": "#/definitions/AWS::B2BI::Partnership.OutboundEdiOptions", + "markdownDescription": "A structure that contains the outbound EDI options.", + "title": "OutboundEdi" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.InboundEdiOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12InboundEdiOptions", + "markdownDescription": "A structure that contains X12-specific options for processing inbound X12 EDI files.", + "title": "X12" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.OutboundEdiOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12Envelope", + "markdownDescription": "A structure that contains an X12 envelope structure.", + "title": "X12" + } + }, + "required": [ + "X12" + ], + "type": "object" + }, + "AWS::B2BI::Partnership.WrapOptions": { + "additionalProperties": false, + "properties": { + "LineLength": { + "markdownDescription": "", + "title": "LineLength", + "type": "number" + }, + "LineTerminator": { + "markdownDescription": "", + "title": "LineTerminator", + "type": "string" + }, + "WrapBy": { + "markdownDescription": "", + "title": "WrapBy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12AcknowledgmentOptions": { + "additionalProperties": false, + "properties": { + "FunctionalAcknowledgment": { + "markdownDescription": "", + "title": "FunctionalAcknowledgment", + "type": "string" + }, + "TechnicalAcknowledgment": { + "markdownDescription": "", + "title": "TechnicalAcknowledgment", + "type": "string" + } + }, + "required": [ + "FunctionalAcknowledgment", + "TechnicalAcknowledgment" + ], + "type": "object" + }, + "AWS::B2BI::Partnership.X12ControlNumbers": { + "additionalProperties": false, + "properties": { + "StartingFunctionalGroupControlNumber": { + "markdownDescription": "", + "title": "StartingFunctionalGroupControlNumber", + "type": "number" + }, + "StartingInterchangeControlNumber": { + "markdownDescription": "", + "title": "StartingInterchangeControlNumber", + "type": "number" + }, + "StartingTransactionSetControlNumber": { + "markdownDescription": "", + "title": "StartingTransactionSetControlNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12Delimiters": { + "additionalProperties": false, + "properties": { + "ComponentSeparator": { + "markdownDescription": "", + "title": "ComponentSeparator", + "type": "string" + }, + "DataElementSeparator": { + "markdownDescription": "", + "title": "DataElementSeparator", + "type": "string" + }, + "SegmentTerminator": { + "markdownDescription": "", + "title": "SegmentTerminator", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12Envelope": { + "additionalProperties": false, + "properties": { + "Common": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12OutboundEdiHeaders", + "markdownDescription": "A container for the X12 outbound EDI headers.", + "title": "Common" + }, + "WrapOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.WrapOptions", + "markdownDescription": "", + "title": "WrapOptions" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12FunctionalGroupHeaders": { + "additionalProperties": false, + "properties": { + "ApplicationReceiverCode": { + "markdownDescription": "", + "title": "ApplicationReceiverCode", + "type": "string" + }, + "ApplicationSenderCode": { + "markdownDescription": "", + "title": "ApplicationSenderCode", + "type": "string" + }, + "ResponsibleAgencyCode": { + "markdownDescription": "", + "title": "ResponsibleAgencyCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12InboundEdiOptions": { + "additionalProperties": false, + "properties": { + "AcknowledgmentOptions": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12AcknowledgmentOptions", + "markdownDescription": "Specifies acknowledgment options for inbound X12 EDI files. These options control how functional and technical acknowledgments are handled.", + "title": "AcknowledgmentOptions" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12InterchangeControlHeaders": { + "additionalProperties": false, + "properties": { + "AcknowledgmentRequestedCode": { + "markdownDescription": "", + "title": "AcknowledgmentRequestedCode", + "type": "string" + }, + "ReceiverId": { + "markdownDescription": "", + "title": "ReceiverId", + "type": "string" + }, + "ReceiverIdQualifier": { + "markdownDescription": "", + "title": "ReceiverIdQualifier", + "type": "string" + }, + "RepetitionSeparator": { + "markdownDescription": "", + "title": "RepetitionSeparator", + "type": "string" + }, + "SenderId": { + "markdownDescription": "", + "title": "SenderId", + "type": "string" + }, + "SenderIdQualifier": { + "markdownDescription": "", + "title": "SenderIdQualifier", + "type": "string" + }, + "UsageIndicatorCode": { + "markdownDescription": "", + "title": "UsageIndicatorCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Partnership.X12OutboundEdiHeaders": { + "additionalProperties": false, + "properties": { + "ControlNumbers": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12ControlNumbers", + "markdownDescription": "Specifies control number configuration for outbound X12 EDI headers. These settings determine the starting values for interchange, functional group, and transaction set control numbers.", + "title": "ControlNumbers" + }, + "Delimiters": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12Delimiters", + "markdownDescription": "The delimiters, for example semicolon ( `;` ), that separates sections of the headers for the X12 object.", + "title": "Delimiters" + }, + "FunctionalGroupHeaders": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12FunctionalGroupHeaders", + "markdownDescription": "The functional group headers for the X12 object.", + "title": "FunctionalGroupHeaders" + }, + "Gs05TimeFormat": { + "markdownDescription": "", + "title": "Gs05TimeFormat", + "type": "string" + }, + "InterchangeControlHeaders": { + "$ref": "#/definitions/AWS::B2BI::Partnership.X12InterchangeControlHeaders", + "markdownDescription": "In X12 EDI messages, delimiters are used to mark the end of segments or elements, and are defined in the interchange control header.", + "title": "InterchangeControlHeaders" + }, + "ValidateEdi": { + "markdownDescription": "Specifies whether or not to validate the EDI for this X12 object: `TRUE` or `FALSE` .", + "title": "ValidateEdi", + "type": "boolean" + } + }, + "type": "object" + }, "AWS::B2BI::Profile": { "additionalProperties": false, "properties": { @@ -25318,22 +28942,30 @@ "Properties": { "additionalProperties": false, "properties": { - "EdiType": { - "$ref": "#/definitions/AWS::B2BI::Transformer.EdiType" + "InputConversion": { + "$ref": "#/definitions/AWS::B2BI::Transformer.InputConversion", + "markdownDescription": "Returns a structure that contains the format options for the transformation.", + "title": "InputConversion" }, - "FileFormat": { - "type": "string" - }, - "MappingTemplate": { - "type": "string" + "Mapping": { + "$ref": "#/definitions/AWS::B2BI::Transformer.Mapping", + "markdownDescription": "Returns the structure that contains the mapping template and its language (either XSLT or JSONATA).", + "title": "Mapping" }, "Name": { "markdownDescription": "Returns the descriptive name for the transformer.", "title": "Name", "type": "string" }, - "SampleDocument": { - "type": "string" + "OutputConversion": { + "$ref": "#/definitions/AWS::B2BI::Transformer.OutputConversion", + "markdownDescription": "Returns the `OutputConversion` object, which contains the format options for the outbound transformation.", + "title": "OutputConversion" + }, + "SampleDocuments": { + "$ref": "#/definitions/AWS::B2BI::Transformer.SampleDocuments", + "markdownDescription": "Returns a structure that contains the Amazon S3 bucket and an array of the corresponding keys used to identify the location for your sample documents.", + "title": "SampleDocuments" }, "Status": { "markdownDescription": "Returns the state of the newly created transformer. The transformer can be either `active` or `inactive` . For the transformer to be used in a capability, its status must `active` .", @@ -25350,9 +28982,6 @@ } }, "required": [ - "EdiType", - "FileFormat", - "MappingTemplate", "Name", "Status" ], @@ -25379,18 +29008,143 @@ ], "type": "object" }, - "AWS::B2BI::Transformer.EdiType": { + "AWS::B2BI::Transformer.AdvancedOptions": { "additionalProperties": false, "properties": { - "X12Details": { - "$ref": "#/definitions/AWS::B2BI::Transformer.X12Details" + "X12": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12AdvancedOptions", + "markdownDescription": "", + "title": "X12" + } + }, + "type": "object" + }, + "AWS::B2BI::Transformer.FormatOptions": { + "additionalProperties": false, + "properties": { + "X12": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12Details", + "markdownDescription": "", + "title": "X12" } }, "required": [ - "X12Details" + "X12" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.InputConversion": { + "additionalProperties": false, + "properties": { + "AdvancedOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.AdvancedOptions", + "markdownDescription": "", + "title": "AdvancedOptions" + }, + "FormatOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.FormatOptions", + "markdownDescription": "", + "title": "FormatOptions" + }, + "FromFormat": { + "markdownDescription": "", + "title": "FromFormat", + "type": "string" + } + }, + "required": [ + "FromFormat" ], "type": "object" }, + "AWS::B2BI::Transformer.Mapping": { + "additionalProperties": false, + "properties": { + "Template": { + "markdownDescription": "", + "title": "Template", + "type": "string" + }, + "TemplateLanguage": { + "markdownDescription": "", + "title": "TemplateLanguage", + "type": "string" + } + }, + "required": [ + "TemplateLanguage" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.OutputConversion": { + "additionalProperties": false, + "properties": { + "FormatOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.FormatOptions", + "markdownDescription": "", + "title": "FormatOptions" + }, + "ToFormat": { + "markdownDescription": "", + "title": "ToFormat", + "type": "string" + } + }, + "required": [ + "ToFormat" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.SampleDocumentKeys": { + "additionalProperties": false, + "properties": { + "Input": { + "markdownDescription": "", + "title": "Input", + "type": "string" + }, + "Output": { + "markdownDescription": "", + "title": "Output", + "type": "string" + } + }, + "type": "object" + }, + "AWS::B2BI::Transformer.SampleDocuments": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "", + "title": "BucketName", + "type": "string" + }, + "Keys": { + "items": { + "$ref": "#/definitions/AWS::B2BI::Transformer.SampleDocumentKeys" + }, + "markdownDescription": "", + "title": "Keys", + "type": "array" + } + }, + "required": [ + "BucketName", + "Keys" + ], + "type": "object" + }, + "AWS::B2BI::Transformer.X12AdvancedOptions": { + "additionalProperties": false, + "properties": { + "SplitOptions": { + "$ref": "#/definitions/AWS::B2BI::Transformer.X12SplitOptions", + "markdownDescription": "", + "title": "SplitOptions" + } + }, + "type": "object" + }, "AWS::B2BI::Transformer.X12Details": { "additionalProperties": false, "properties": { @@ -25407,6 +29161,17 @@ }, "type": "object" }, + "AWS::B2BI::Transformer.X12SplitOptions": { + "additionalProperties": false, + "properties": { + "SplitBy": { + "markdownDescription": "", + "title": "SplitBy", + "type": "string" + } + }, + "type": "object" + }, "AWS::BCMDataExports::Export": { "additionalProperties": false, "properties": { @@ -25805,6 +29570,14 @@ "title": "EnableContinuousBackup", "type": "boolean" }, + "IndexActions": { + "items": { + "$ref": "#/definitions/AWS::Backup::BackupPlan.IndexActionsResourceType" + }, + "markdownDescription": "There can up to one IndexAction in each BackupRule, as each backup can have 0 or 1 backup index associated with it.\n\nWithin the array is ResourceTypes. Only 1 resource type will be accepted for each BackupRule. Valid values:\n\n- `EBS` for Amazon Elastic Block Store\n- `S3` for Amazon Simple Storage Service (Amazon S3)", + "title": "IndexActions", + "type": "array" + }, "Lifecycle": { "$ref": "#/definitions/AWS::Backup::BackupPlan.LifecycleResourceType", "markdownDescription": "The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define.", @@ -25872,6 +29645,20 @@ ], "type": "object" }, + "AWS::Backup::BackupPlan.IndexActionsResourceType": { + "additionalProperties": false, + "properties": { + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "0 or 1 index action will be accepted for each BackupRule.\n\nValid values:\n\n- `EBS` for Amazon Elastic Block Store\n- `S3` for Amazon Simple Storage Service (Amazon S3)", + "title": "ResourceTypes", + "type": "array" + } + }, + "type": "object" + }, "AWS::Backup::BackupPlan.LifecycleResourceType": { "additionalProperties": false, "properties": { @@ -26405,6 +30192,129 @@ ], "type": "object" }, + "AWS::Backup::LogicallyAirGappedBackupVault": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPolicy": { + "markdownDescription": "The backup vault access policy document in JSON format.", + "title": "AccessPolicy", + "type": "object" + }, + "BackupVaultName": { + "markdownDescription": "The name of a logical container where backups are stored. Logically air-gapped backup vaults are identified by names that are unique to the account used to create them and the Region where they are created.", + "title": "BackupVaultName", + "type": "string" + }, + "BackupVaultTags": { + "additionalProperties": true, + "markdownDescription": "The tags to assign to the vault.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "BackupVaultTags", + "type": "object" + }, + "MaxRetentionDays": { + "markdownDescription": "The maximum retention period that the vault retains its recovery points.", + "title": "MaxRetentionDays", + "type": "number" + }, + "MinRetentionDays": { + "markdownDescription": "This setting specifies the minimum retention period that the vault retains its recovery points.\n\nThe minimum value accepted is 7 days.", + "title": "MinRetentionDays", + "type": "number" + }, + "Notifications": { + "$ref": "#/definitions/AWS::Backup::LogicallyAirGappedBackupVault.NotificationObjectType", + "markdownDescription": "Returns event notifications for the specified backup vault.", + "title": "Notifications" + } + }, + "required": [ + "BackupVaultName", + "MaxRetentionDays", + "MinRetentionDays" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Backup::LogicallyAirGappedBackupVault" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Backup::LogicallyAirGappedBackupVault.NotificationObjectType": { + "additionalProperties": false, + "properties": { + "BackupVaultEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of events that indicate the status of jobs to back up resources to the backup vault.", + "title": "BackupVaultEvents", + "type": "array" + }, + "SNSTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that specifies the topic for a backup vault\u2019s events; for example, `arn:aws:sns:us-west-2:111122223333:MyVaultTopic` .", + "title": "SNSTopicArn", + "type": "string" + } + }, + "required": [ + "BackupVaultEvents", + "SNSTopicArn" + ], + "type": "object" + }, "AWS::Backup::ReportPlan": { "additionalProperties": false, "properties": { @@ -27008,6 +30918,11 @@ "markdownDescription": "The ComputeResources property type specifies details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. For more information, see [Compute Environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the ** .", "title": "ComputeResources" }, + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", + "type": "string" + }, "EksConfiguration": { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.EksConfiguration", "markdownDescription": "The details for the Amazon EKS cluster that supports the compute environment.", @@ -27257,6 +31172,53 @@ "title": "LaunchTemplateName", "type": "string" }, + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.LaunchTemplateSpecificationOverride" + }, + "markdownDescription": "A launch template to use in place of the default launch template. You must specify either the launch template ID or launch template name in the request, but not both.\n\nYou can specify up to ten (10) launch template overrides that are associated to unique instance types or families for each compute environment.\n\n> To unset all override templates for a compute environment, you can pass an empty array to the [UpdateComputeEnvironment.overrides](https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateComputeEnvironment.html) parameter, or not include the `overrides` parameter when submitting the `UpdateComputeEnvironment` API operation.", + "title": "Overrides", + "type": "array" + }, + "UserdataType": { + "markdownDescription": "The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` .", + "title": "UserdataType", + "type": "string" + }, + "Version": { + "markdownDescription": "The version number of the launch template, `$Default` , or `$Latest` .\n\nIf the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default`\n\nLatest: `$Latest`", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::ComputeEnvironment.LaunchTemplateSpecificationOverride": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\n*Note:* If you specify the `launchTemplateId` you can't specify the `launchTemplateName` as well.", + "title": "LaunchTemplateId", + "type": "string" + }, + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\n*Note:* If you specify the `launchTemplateName` you can't specify the `launchTemplateId` as well.", + "title": "LaunchTemplateName", + "type": "string" + }, + "TargetInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance type or family that this override launch template should be applied to.\n\nThis parameter is required when defining a launch template override.\n\nInformation included in this parameter must meet the following requirements:\n\n- Must be a valid Amazon EC2 instance type or family.\n- `optimal` isn't allowed.\n- `targetInstanceTypes` can target only instance types and families that are included within the [`ComputeResource.instanceTypes`](https://docs.aws.amazon.com/batch/latest/APIReference/API_ComputeResource.html#Batch-Type-ComputeResource-instanceTypes) set. `targetInstanceTypes` doesn't need to include all of the instances from the `instanceType` set, but at least a subset. For example, if `ComputeResource.instanceTypes` includes `[m5, g5]` , `targetInstanceTypes` can include `[m5.2xlarge]` and `[m5.large]` but not `[c5.large]` .\n- `targetInstanceTypes` included within the same launch template override or across launch template overrides can't overlap for the same compute environment. For example, you can't define one launch template override to target an instance family and another define an instance type within this same family.", + "title": "TargetInstanceTypes", + "type": "array" + }, + "UserdataType": { + "markdownDescription": "The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` .", + "title": "UserdataType", + "type": "string" + }, "Version": { "markdownDescription": "The version number of the launch template, `$Default` , or `$Latest` .\n\nIf the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default`\n\nLatest: `$Latest`", "title": "Version", @@ -27281,7 +31243,7 @@ }, "type": "object" }, - "AWS::Batch::JobDefinition": { + "AWS::Batch::ConsumableResource": { "additionalProperties": false, "properties": { "Condition": { @@ -27316,6 +31278,100 @@ "Properties": { "additionalProperties": false, "properties": { + "ConsumableResourceName": { + "markdownDescription": "The name of the consumable resource.", + "title": "ConsumableResourceName", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "Indicates whether the resource is available to be re-used after a job completes. Can be one of:\n\n- `REPLENISHABLE`\n- `NON_REPLENISHABLE`", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags that you apply to the consumable resource to help you categorize and organize your resources. Each tag consists of a key and an optional value. For more information, see [Tagging your AWS Batch resources](https://docs.aws.amazon.com/batch/latest/userguide/using-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TotalQuantity": { + "markdownDescription": "The total amount of the consumable resource that is available.", + "title": "TotalQuantity", + "type": "number" + } + }, + "required": [ + "ResourceType", + "TotalQuantity" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Batch::ConsumableResource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConsumableResourceProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceProperties", + "markdownDescription": "Contains a list of consumable resources required by the job.", + "title": "ConsumableResourceProperties" + }, "ContainerProperties": { "$ref": "#/definitions/AWS::Batch::JobDefinition.ContainerProperties", "markdownDescription": "An object with properties specific to Amazon ECS-based jobs. When `containerProperties` is used in the job definition, it can't be used in addition to `eksProperties` , `ecsProperties` , or `nodeProperties` .", @@ -27342,7 +31398,13 @@ "title": "NodeProperties" }, "Parameters": { + "additionalProperties": true, "markdownDescription": "Default parameters or parameter substitution placeholders that are set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a `SubmitJob` request override any corresponding parameter defaults from the job definition. For more information about specifying parameters, see [Job definition parameters](https://docs.aws.amazon.com/batch/latest/userguide/job_definition_parameters.html) in the *AWS Batch User Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Parameters", "type": "object" }, @@ -27370,12 +31432,18 @@ "type": "number" }, "Tags": { + "additionalProperties": true, "markdownDescription": "The tags that are applied to the job definition.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Tags", "type": "object" }, "Timeout": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Timeout", + "$ref": "#/definitions/AWS::Batch::JobDefinition.JobTimeout", "markdownDescription": "The timeout time for jobs that are submitted with this job definition. After the amount of time you specify passes, AWS Batch terminates your jobs if they aren't finished.", "title": "Timeout" }, @@ -27411,16 +31479,41 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.AuthorizationConfig": { + "AWS::Batch::JobDefinition.ConsumableResourceProperties": { "additionalProperties": false, "properties": { - "AccessPointId": { + "ConsumableResourceList": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceRequirement" + }, + "markdownDescription": "The list of consumable resources required by a job.", + "title": "ConsumableResourceList", + "type": "array" + } + }, + "required": [ + "ConsumableResourceList" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.ConsumableResourceRequirement": { + "additionalProperties": false, + "properties": { + "ConsumableResource": { + "markdownDescription": "The name or ARN of the consumable resource.", + "title": "ConsumableResource", "type": "string" }, - "Iam": { - "type": "string" + "Quantity": { + "markdownDescription": "The quantity of the consumable resource that is needed.", + "title": "Quantity", + "type": "number" } }, + "required": [ + "ConsumableResource", + "Quantity" + ], "type": "object" }, "AWS::Batch::JobDefinition.ContainerProperties": { @@ -27434,6 +31527,11 @@ "title": "Command", "type": "array" }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, "Environment": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Environment" @@ -27462,9 +31560,6 @@ "title": "Image", "type": "string" }, - "InstanceType": { - "type": "string" - }, "JobRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "JobRoleArn", @@ -27487,7 +31582,7 @@ }, "MountPoints": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoints" + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" }, "markdownDescription": "The mount points for data volumes in your container. This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--volume` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .", "title": "MountPoints", @@ -27554,7 +31649,7 @@ }, "Volumes": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Volumes" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" }, "markdownDescription": "A list of data volumes used in a job.", "title": "Volumes", @@ -27590,6 +31685,56 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.EFSAuthorizationConfig": { + "additionalProperties": false, + "properties": { + "AccessPointId": { + "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", + "title": "AccessPointId", + "type": "string" + }, + "Iam": { + "markdownDescription": "Whether or not to use the AWS Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html#efs-volume-accesspoints) in the *AWS Batch User Guide* . EFS IAM authorization requires that `TransitEncryption` be `ENABLED` and that a `JobRoleArn` is specified.", + "title": "Iam", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::JobDefinition.EFSVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EFSAuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", + "title": "AuthorizationConfig" + }, + "FileSystemId": { + "markdownDescription": "The Amazon EFS file system ID to use.", + "title": "FileSystemId", + "type": "string" + }, + "RootDirectory": { + "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying `/` has the same effect as omitting this parameter. The maximum length is 4,096 characters.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` , which enforces the path set on the Amazon EFS access point.", + "title": "RootDirectory", + "type": "string" + }, + "TransitEncryption": { + "markdownDescription": "Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryption", + "type": "string" + }, + "TransitEncryptionPort": { + "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don't specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryptionPort", + "type": "number" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, "AWS::Batch::JobDefinition.EcsProperties": { "additionalProperties": false, "properties": { @@ -27618,6 +31763,11 @@ "title": "Containers", "type": "array" }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, "EphemeralStorage": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EphemeralStorage", "markdownDescription": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .", @@ -27660,7 +31810,7 @@ }, "Volumes": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Volumes" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" }, "markdownDescription": "A list of volumes that are associated with the job.", "title": "Volumes", @@ -27669,30 +31819,6 @@ }, "type": "object" }, - "AWS::Batch::JobDefinition.EfsVolumeConfiguration": { - "additionalProperties": false, - "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.AuthorizationConfig" - }, - "FileSystemId": { - "type": "string" - }, - "RootDirectory": { - "type": "string" - }, - "TransitEncryption": { - "type": "string" - }, - "TransitEncryptionPort": { - "type": "number" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, "AWS::Batch::JobDefinition.EksContainer": { "additionalProperties": false, "properties": { @@ -27782,12 +31908,24 @@ "additionalProperties": false, "properties": { "Limits": { + "additionalProperties": true, "markdownDescription": "The type and quantity of the resources to reserve for the container. The values vary based on the `name` that's specified. Resources can be requested using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n> To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that's reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both places, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that's reserved for the container. Values must be a whole integer. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Limits", "type": "object" }, "Requests": { + "additionalProperties": true, "markdownDescription": "The type and quantity of the resources to request for the container. The values vary based on the `name` that's specified. Resources can be requested by using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that are reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that are reserved for the container. Values must be a whole integer. `nvidia.com/gpu` can be specified in `limits` , `requests` , or both. If `nvidia.com/gpu` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Requests", "type": "object" } @@ -27847,6 +31985,11 @@ "markdownDescription": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` .", "title": "ReadOnly", "type": "boolean" + }, + "SubPath": { + "markdownDescription": "A sub-path inside the referenced volume instead of its root.", + "title": "SubPath", + "type": "string" } }, "type": "object" @@ -27878,11 +32021,126 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.EksMetadata": { + "additionalProperties": false, + "properties": { + "Annotations": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs used to attach arbitrary, non-identifying metadata to Kubernetes objects. Valid annotation keys have two segments: an optional prefix and a name, separated by a slash (/).\n\n- The prefix is optional and must be 253 characters or less. If specified, the prefix must be a DNS subdomain\u2212 a series of DNS labels separated by dots (.), and it must end with a slash (/).\n- The name segment is required and must be 63 characters or less. It can include alphanumeric characters ([a-z0-9A-Z]), dashes (-), underscores (_), and dots (.), but must begin and end with an alphanumeric character.\n\n> Annotation values must be 255 characters or less. \n\nAnnotations can be added or modified at any time. Each resource can have multiple annotations.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Annotations", + "type": "object" + }, + "Labels": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Labels", + "type": "object" + }, + "Namespace": { + "markdownDescription": "The namespace of the Amazon EKS cluster. In Kubernetes, namespaces provide a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. AWS Batch places Batch Job pods in this namespace. If this field is provided, the value can't be empty or null. It must meet the following requirements:\n\n- 1-63 characters long\n- Can't be set to default\n- Can't start with `kube`\n- Must match the following regular expression: `^[a-z0-9]([-a-z0-9]*[a-z0-9])?$`\n\nFor more information, see [Namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) in the *Kubernetes documentation* . This namespace can be different from the `kubernetesNamespace` set in the compute environment's `EksConfiguration` , but must have identical role-based access control (RBAC) roles as the compute environment's `kubernetesNamespace` . For multi-node parallel jobs, the same value must be provided across all the node ranges.", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Batch::JobDefinition.EksPersistentVolumeClaim": { + "additionalProperties": false, + "properties": { + "ClaimName": { + "markdownDescription": "The name of the `persistentVolumeClaim` bounded to a `persistentVolume` . For more information, see [Persistent Volume Claims](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) in the *Kubernetes documentation* .", + "title": "ClaimName", + "type": "string" + }, + "ReadOnly": { + "markdownDescription": "An optional boolean value indicating if the mount is read only. Default is false. For more information, see [Read Only Mounts](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#read-only-mounts) in the *Kubernetes documentation* .", + "title": "ReadOnly", + "type": "boolean" + } + }, + "required": [ + "ClaimName" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.EksPodProperties": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" + }, + "markdownDescription": "The properties of the container that's used on the Amazon EKS pod.\n\n> This object is limited to 10 elements.", + "title": "Containers", + "type": "array" + }, + "DnsPolicy": { + "markdownDescription": "The DNS policy for the pod. The default value is `ClusterFirst` . If the `hostNetwork` parameter is not specified, the default is `ClusterFirstWithHostNet` . `ClusterFirst` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see [Pod's DNS policy](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) in the *Kubernetes documentation* .\n\nValid values: `Default` | `ClusterFirst` | `ClusterFirstWithHostNet`", + "title": "DnsPolicy", + "type": "string" + }, + "HostNetwork": { + "markdownDescription": "Indicates if the pod uses the hosts' network IP address. The default value is `true` . Setting this to `false` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. For more information, see [Host namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#host-namespaces) and [Pod networking](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/#pod-networking) in the *Kubernetes documentation* .", + "title": "HostNetwork", + "type": "boolean" + }, + "ImagePullSecrets": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ImagePullSecret" + }, + "markdownDescription": "References a Kubernetes secret resource. It holds a list of secrets. These secrets help to gain access to pull an images from a private registry.\n\n`ImagePullSecret$name` is required when this object is used.", + "title": "ImagePullSecrets", + "type": "array" + }, + "InitContainers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" + }, + "markdownDescription": "These containers run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. For more information, see [Init Containers](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) in the *Kubernetes documentation* .\n\n> This object is limited to 10 elements.", + "title": "InitContainers", + "type": "array" + }, + "Metadata": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksMetadata", + "markdownDescription": "Metadata about the Kubernetes pod. For more information, see [Understanding Kubernetes Objects](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) in the *Kubernetes documentation* .", + "title": "Metadata" + }, + "ServiceAccountName": { + "markdownDescription": "The name of the service account that's used to run the pod. For more information, see [Kubernetes service accounts](https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html) and [Configure a Kubernetes service account to assume an IAM role](https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html) in the *Amazon EKS User Guide* and [Configure service accounts for pods](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) in the *Kubernetes documentation* .", + "title": "ServiceAccountName", + "type": "string" + }, + "ShareProcessNamespace": { + "markdownDescription": "Indicates if the processes in a container are shared, or visible, to other containers in the same pod. For more information, see [Share Process Namespace between Containers in a Pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) .", + "title": "ShareProcessNamespace", + "type": "boolean" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksVolume" + }, + "markdownDescription": "Specifies the volumes for a job definition that uses Amazon EKS resources.", + "title": "Volumes", + "type": "array" + } + }, + "type": "object" + }, "AWS::Batch::JobDefinition.EksProperties": { "additionalProperties": false, "properties": { "PodProperties": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.PodProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksPodProperties", "markdownDescription": "The properties for the Kubernetes pod resources of a job.", "title": "PodProperties" } @@ -27926,6 +32184,11 @@ "title": "Name", "type": "string" }, + "PersistentVolumeClaim": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksPersistentVolumeClaim", + "markdownDescription": "Specifies the configuration of a Kubernetes `persistentVolumeClaim` bounded to a `persistentVolume` . For more information, see [Persistent Volume Claims](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) in the *Kubernetes documentation* .", + "title": "PersistentVolumeClaim" + }, "Secret": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksSecret", "markdownDescription": "Specifies the configuration of a Kubernetes `secret` volume. For more information, see [secret](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#secret) in the *Kubernetes documentation* .", @@ -28007,6 +32270,42 @@ }, "type": "object" }, + "AWS::Batch::JobDefinition.FirelensConfiguration": { + "additionalProperties": false, + "properties": { + "Options": { + "additionalProperties": true, + "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is `\"options\":{\"enable-ecs-log-metadata\":\"true|false\",\"config-file-type:\"s3|file\",\"config-file-value\":\"arn:aws:s3:::mybucket/fluent.conf|filepath\"}` . For more information, see [Creating a task definition that uses a FireLens configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html#firelens-taskdef) in the *Amazon Elastic Container Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" + }, + "Type": { + "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.Host": { + "additionalProperties": false, + "properties": { + "SourcePath": { + "markdownDescription": "The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\n> This parameter isn't applicable to jobs that run on Fargate resources. Don't provide this for these jobs.", + "title": "SourcePath", + "type": "string" + } + }, + "type": "object" + }, "AWS::Batch::JobDefinition.ImagePullSecret": { "additionalProperties": false, "properties": { @@ -28016,9 +32315,17 @@ "type": "string" } }, - "required": [ - "Name" - ], + "type": "object" + }, + "AWS::Batch::JobDefinition.JobTimeout": { + "additionalProperties": false, + "properties": { + "AttemptDurationSeconds": { + "markdownDescription": "The job timeout time (in seconds) that's measured from the job attempt's `startedAt` timestamp. After this time passes, AWS Batch terminates your jobs if they aren't finished. The minimum value for the timeout is 60 seconds.\n\nFor array jobs, the timeout applies to the child jobs, not to the parent array job.\n\nFor multi-node parallel (MNP) jobs, the timeout applies to the whole job, not to the individual nodes.", + "title": "AttemptDurationSeconds", + "type": "number" + } + }, "type": "object" }, "AWS::Batch::JobDefinition.LinuxParameters": { @@ -28072,7 +32379,13 @@ "type": "string" }, "Options": { + "additionalProperties": true, "markdownDescription": "The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Options", "type": "object" }, @@ -28090,26 +32403,227 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Metadata": { + "AWS::Batch::JobDefinition.MountPoint": { "additionalProperties": false, "properties": { - "Labels": { - "type": "object" + "ContainerPath": { + "markdownDescription": "The path on the container where the host volume is mounted.", + "title": "ContainerPath", + "type": "string" + }, + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" + }, + "SourceVolume": { + "markdownDescription": "The name of the volume to mount.", + "title": "SourceVolume", + "type": "string" } }, "type": "object" }, - "AWS::Batch::JobDefinition.MountPoints": { + "AWS::Batch::JobDefinition.MultiNodeContainerProperties": { "additionalProperties": false, "properties": { - "ContainerPath": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) .", + "title": "Command", + "type": "array" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Environment" + }, + "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> We don't recommend using plaintext environment variables for sensitive information, such as credential data. > Environment variables cannot start with \" `AWS_BATCH` \". This naming convention is reserved for variables that AWS Batch sets.", + "title": "Environment", + "type": "array" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EphemeralStorage", + "markdownDescription": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .", + "title": "EphemeralStorage" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* .", + "title": "ExecutionRoleArn", "type": "string" }, - "ReadOnly": { + "Image": { + "markdownDescription": "Required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `*repository-url* / *image* : *tag*` . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `IMAGE` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources. \n\n- Images in Amazon ECR Public repositories use the full `registry/repository[:tag]` or `registry/repository[@digest]` naming conventions. For example, `public.ecr.aws/ *registry_alias* / *my-web-app* : *latest*` .\n- Images in Amazon ECR repositories use the full registry and repository URI (for example, `123456789012.dkr.ecr..amazonaws.com/` ).\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", + "title": "Image", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", + "title": "InstanceType", + "type": "string" + }, + "JobRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "JobRoleArn", + "type": "string" + }, + "LinuxParameters": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.LinuxParameters", + "markdownDescription": "Linux-specific modifications that are applied to the container, such as details for device mappings.", + "title": "LinuxParameters" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.LogConfiguration", + "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-containerproperties-logconfiguration.html) data type). \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LogConfiguration" + }, + "Memory": { + "markdownDescription": "This parameter is deprecated, use `resourceRequirements` to specify the memory requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it's terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.", + "title": "Memory", + "type": "number" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" + }, + "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", + "title": "MountPoints", + "type": "array" + }, + "Privileged": { + "markdownDescription": "When this parameter is true, the container is given elevated permissions on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The default value is false.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided, or specified as false.", + "title": "Privileged", "type": "boolean" }, - "SourceVolume": { + "ReadonlyRootFilesystem": { + "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--read-only` option to `docker run` .", + "title": "ReadonlyRootFilesystem", + "type": "boolean" + }, + "RepositoryCredentials": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.RepositoryCredentials", + "markdownDescription": "The private repository authentication credentials to use.", + "title": "RepositoryCredentials" + }, + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ResourceRequirement" + }, + "markdownDescription": "The type and amount of resources to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "ResourceRequirements", + "type": "array" + }, + "RuntimePlatform": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.RuntimePlatform", + "markdownDescription": "An object that represents the compute environment architecture for AWS Batch jobs on Fargate.", + "title": "RuntimePlatform" + }, + "Secrets": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Secret" + }, + "markdownDescription": "The secrets for the container. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* .", + "title": "Secrets", + "type": "array" + }, + "Ulimits": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Ulimit" + }, + "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.", + "title": "Ulimits", + "type": "array" + }, + "User": { + "markdownDescription": "The user name to use inside the container. This parameter maps to `User` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--user` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .", + "title": "User", + "type": "string" + }, + "Vcpus": { + "markdownDescription": "This parameter is deprecated, use `resourceRequirements` to specify the vCPU requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job.\n\nEach vCPU is equivalent to 1,024 CPU shares. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node.", + "title": "Vcpus", + "type": "number" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" + }, + "markdownDescription": "A list of data volumes used in a job.", + "title": "Volumes", + "type": "array" + } + }, + "required": [ + "Image" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.MultiNodeEcsProperties": { + "additionalProperties": false, + "properties": { + "TaskProperties": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeEcsTaskProperties" + }, + "markdownDescription": "An object that contains the properties for the Amazon ECS task definition of a job.\n\n> This object is currently limited to one task element. However, the task element can run up to 10 containers.", + "title": "TaskProperties", + "type": "array" + } + }, + "required": [ + "TaskProperties" + ], + "type": "object" + }, + "AWS::Batch::JobDefinition.MultiNodeEcsTaskProperties": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.TaskContainerProperties" + }, + "markdownDescription": "This object is a list of containers.", + "title": "Containers", + "type": "array" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* .", + "title": "ExecutionRoleArn", + "type": "string" + }, + "IpcMode": { + "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` .\n\nIf `host` is specified, all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified `task` share the same IPC resources.\n\nIf `none` is specified, the IPC resources within the containers of a task are private, and are not shared with other containers in a task or on the container instance.\n\nIf no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the Docker run reference.", + "title": "IpcMode", + "type": "string" + }, + "PidMode": { + "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the Docker run reference.", + "title": "PidMode", "type": "string" + }, + "TaskRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that's associated with the Amazon ECS task.\n\n> This is object is comparable to [ContainerProperties:jobRoleArn](https://docs.aws.amazon.com/batch/latest/APIReference/API_ContainerProperties.html) .", + "title": "TaskRoleArn", + "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.Volume" + }, + "markdownDescription": "A list of volumes that are associated with the job.", + "title": "Volumes", + "type": "array" } }, "type": "object" @@ -28157,16 +32671,26 @@ "AWS::Batch::JobDefinition.NodeRangeProperty": { "additionalProperties": false, "properties": { + "ConsumableResourceProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.ConsumableResourceProperties", + "markdownDescription": "Contains a list of consumable resources required by a job.", + "title": "ConsumableResourceProperties" + }, "Container": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.ContainerProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeContainerProperties", "markdownDescription": "The container details for the node range.", "title": "Container" }, "EcsProperties": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EcsProperties", + "$ref": "#/definitions/AWS::Batch::JobDefinition.MultiNodeEcsProperties", "markdownDescription": "This is an object that represents the properties of the node range for a multi-node parallel job.", "title": "EcsProperties" }, + "EksProperties": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.EksProperties", + "markdownDescription": "This is an object that represents the properties of the node range for a multi-node parallel job.", + "title": "EksProperties" + }, "InstanceTypes": { "items": { "type": "string" @@ -28186,51 +32710,6 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.PodProperties": { - "additionalProperties": false, - "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" - }, - "type": "array" - }, - "DnsPolicy": { - "type": "string" - }, - "HostNetwork": { - "type": "boolean" - }, - "ImagePullSecrets": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.ImagePullSecret" - }, - "type": "array" - }, - "InitContainers": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" - }, - "type": "array" - }, - "Metadata": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.Metadata" - }, - "ServiceAccountName": { - "type": "string" - }, - "ShareProcessNamespace": { - "type": "boolean" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EksVolume" - }, - "type": "array" - } - }, - "type": "object" - }, "AWS::Batch::JobDefinition.RepositoryCredentials": { "additionalProperties": false, "properties": { @@ -28368,6 +32847,11 @@ "title": "Essential", "type": "boolean" }, + "FirelensConfiguration": { + "$ref": "#/definitions/AWS::Batch::JobDefinition.FirelensConfiguration", + "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom log](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) routing in the *Amazon Elastic Container Service Developer Guide* .", + "title": "FirelensConfiguration" + }, "Image": { "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `repository-url/image:tag` or `repository-url/image@digest` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `IMAGE` parameter of the [*docker run*](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "Image", @@ -28385,7 +32869,7 @@ }, "MountPoints": { "items": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoints" + "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoint" }, "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", "title": "MountPoints", @@ -28446,15 +32930,6 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Timeout": { - "additionalProperties": false, - "properties": { - "AttemptDurationSeconds": { - "type": "number" - } - }, - "type": "object" - }, "AWS::Batch::JobDefinition.Tmpfs": { "additionalProperties": false, "properties": { @@ -28509,25 +32984,22 @@ ], "type": "object" }, - "AWS::Batch::JobDefinition.Volumes": { + "AWS::Batch::JobDefinition.Volume": { "additionalProperties": false, "properties": { "EfsVolumeConfiguration": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.EfsVolumeConfiguration" + "$ref": "#/definitions/AWS::Batch::JobDefinition.EFSVolumeConfiguration", + "markdownDescription": "This parameter is specified when you're using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a `platformVersion` of at least `1.4.0` .", + "title": "EfsVolumeConfiguration" }, "Host": { - "$ref": "#/definitions/AWS::Batch::JobDefinition.VolumesHost" + "$ref": "#/definitions/AWS::Batch::JobDefinition.Host", + "markdownDescription": "The contents of the `host` parameter determine whether your data volume persists on the host container instance and where it's stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.", + "title": "Host" }, "Name": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::Batch::JobDefinition.VolumesHost": { - "additionalProperties": false, - "properties": { - "SourcePath": { + "markdownDescription": "The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the `sourceVolume` parameter of container definition `mountPoints` .", + "title": "Name", "type": "string" } }, @@ -28857,6 +33329,19 @@ "title": "ActionGroups", "type": "array" }, + "AgentCollaboration": { + "markdownDescription": "The agent's collaboration settings.", + "title": "AgentCollaboration", + "type": "string" + }, + "AgentCollaborators": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Agent.AgentCollaborator" + }, + "markdownDescription": "", + "title": "AgentCollaborators", + "type": "array" + }, "AgentName": { "markdownDescription": "The name of the agent.", "title": "AgentName", @@ -28872,6 +33357,11 @@ "title": "AutoPrepare", "type": "boolean" }, + "CustomOrchestration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.CustomOrchestration", + "markdownDescription": "Contains custom orchestration configurations for the agent.", + "title": "CustomOrchestration" + }, "CustomerEncryptionKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that encrypts the agent.", "title": "CustomerEncryptionKeyArn", @@ -28887,6 +33377,11 @@ "title": "FoundationModel", "type": "string" }, + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.GuardrailConfiguration", + "markdownDescription": "Details about the guardrail associated with the agent.", + "title": "GuardrailConfiguration" + }, "IdleSessionTTLInSeconds": { "markdownDescription": "The number of seconds for which Amazon Bedrock keeps information about a user's conversation with the agent.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Bedrock deletes any data provided before the timeout.", "title": "IdleSessionTTLInSeconds", @@ -28905,6 +33400,16 @@ "title": "KnowledgeBases", "type": "array" }, + "MemoryConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.MemoryConfiguration", + "markdownDescription": "Contains memory configuration for the agent.", + "title": "MemoryConfiguration" + }, + "OrchestrationType": { + "markdownDescription": "Specifies the orchestration strategy for the agent.", + "title": "OrchestrationType", + "type": "string" + }, "PromptOverrideConfiguration": { "$ref": "#/definitions/AWS::Bedrock::Agent.PromptOverrideConfiguration", "markdownDescription": "Contains configurations to override prompt templates in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html) .", @@ -28983,15 +33488,17 @@ "AWS::Bedrock::Agent.ActionGroupExecutor": { "additionalProperties": false, "properties": { + "CustomControl": { + "markdownDescription": "To return the action group invocation results directly in the `InvokeInlineAgent` response, specify `RETURN_CONTROL` .", + "title": "CustomControl", + "type": "string" + }, "Lambda": { "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action.", "title": "Lambda", "type": "string" } }, - "required": [ - "Lambda" - ], "type": "object" }, "AWS::Bedrock::Agent.AgentActionGroup": { @@ -29022,6 +33529,11 @@ "title": "Description", "type": "string" }, + "FunctionSchema": { + "$ref": "#/definitions/AWS::Bedrock::Agent.FunctionSchema", + "markdownDescription": "Contains details about the function schema for the action group or the JSON or YAML-formatted payload defining the schema.", + "title": "FunctionSchema" + }, "ParentActionGroupSignature": { "markdownDescription": "If this field is set as `AMAZON.UserInput` , the agent can request the user for additional information when trying to complete a task. The `description` , `apiSchema` , and `actionGroupExecutor` fields must be blank for this action group.\n\nDuring orchestration, if the agent determines that it needs to invoke an API in an action group, but doesn't have enough information to complete the API request, it will invoke this action group instead and return an [Observation](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_Observation.html) reprompting the user for more information.", "title": "ParentActionGroupSignature", @@ -29038,6 +33550,48 @@ ], "type": "object" }, + "AWS::Bedrock::Agent.AgentCollaborator": { + "additionalProperties": false, + "properties": { + "AgentDescriptor": { + "$ref": "#/definitions/AWS::Bedrock::Agent.AgentDescriptor", + "markdownDescription": "The collaborator's agent descriptor.", + "title": "AgentDescriptor" + }, + "CollaborationInstruction": { + "markdownDescription": "The collaborator's instructions.", + "title": "CollaborationInstruction", + "type": "string" + }, + "CollaboratorName": { + "markdownDescription": "The collaborator's collaborator name.", + "title": "CollaboratorName", + "type": "string" + }, + "RelayConversationHistory": { + "markdownDescription": "The collaborator's relay conversation history.", + "title": "RelayConversationHistory", + "type": "string" + } + }, + "required": [ + "AgentDescriptor", + "CollaborationInstruction", + "CollaboratorName" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.AgentDescriptor": { + "additionalProperties": false, + "properties": { + "AliasArn": { + "markdownDescription": "The agent's alias ARN.", + "title": "AliasArn", + "type": "string" + } + }, + "type": "object" + }, "AWS::Bedrock::Agent.AgentKnowledgeBase": { "additionalProperties": false, "properties": { @@ -29063,6 +33617,85 @@ ], "type": "object" }, + "AWS::Bedrock::Agent.CustomOrchestration": { + "additionalProperties": false, + "properties": { + "Executor": { + "$ref": "#/definitions/AWS::Bedrock::Agent.OrchestrationExecutor", + "markdownDescription": "The structure of the executor invoking the actions in custom orchestration.", + "title": "Executor" + } + }, + "type": "object" + }, + "AWS::Bedrock::Agent.Function": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the function and its purpose.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the function.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "additionalProperties": false, + "markdownDescription": "The parameters that the agent elicits from the user to fulfill the function.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Bedrock::Agent.ParameterDetail" + } + }, + "title": "Parameters", + "type": "object" + }, + "RequireConfirmation": { + "markdownDescription": "Contains information if user confirmation is required to invoke the function.", + "title": "RequireConfirmation", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.FunctionSchema": { + "additionalProperties": false, + "properties": { + "Functions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Agent.Function" + }, + "markdownDescription": "A list of functions that each define an action in the action group.", + "title": "Functions", + "type": "array" + } + }, + "required": [ + "Functions" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", + "type": "string" + }, + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, "AWS::Bedrock::Agent.InferenceConfiguration": { "additionalProperties": false, "properties": { @@ -29097,14 +33730,86 @@ }, "type": "object" }, + "AWS::Bedrock::Agent.MemoryConfiguration": { + "additionalProperties": false, + "properties": { + "EnabledMemoryTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of memory that is stored.", + "title": "EnabledMemoryTypes", + "type": "array" + }, + "SessionSummaryConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Agent.SessionSummaryConfiguration", + "markdownDescription": "Contains the configuration for SESSION_SUMMARY memory type enabled for the agent.", + "title": "SessionSummaryConfiguration" + }, + "StorageDays": { + "markdownDescription": "The number of days the agent is configured to retain the conversational context.", + "title": "StorageDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::Agent.OrchestrationExecutor": { + "additionalProperties": false, + "properties": { + "Lambda": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action.", + "title": "Lambda", + "type": "string" + } + }, + "required": [ + "Lambda" + ], + "type": "object" + }, + "AWS::Bedrock::Agent.ParameterDetail": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the parameter. Helps the foundation model determine how to elicit the parameters from the user.", + "title": "Description", + "type": "string" + }, + "Required": { + "markdownDescription": "Whether the parameter is required for the agent to complete the function for action group invocation.", + "title": "Required", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The data type of the parameter.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::Bedrock::Agent.PromptConfiguration": { "additionalProperties": false, "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "If the Converse or ConverseStream operations support the model, `additionalModelRequestFields` contains additional inference parameters, beyond the base set of inference parameters in the `inferenceConfiguration` field.\n\nFor more information, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", + "type": "object" + }, "BasePromptTemplate": { "markdownDescription": "Defines the prompt template with which to replace the default prompt template. You can use placeholder variables in the base prompt template to customize the prompt. For more information, see [Prompt template placeholder variables](https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-placeholders.html) . For more information, see [Configure the prompt templates](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts-configure.html) .", "title": "BasePromptTemplate", "type": "string" }, + "FoundationModel": { + "markdownDescription": "The agent's foundation model.", + "title": "FoundationModel", + "type": "string" + }, "InferenceConfiguration": { "$ref": "#/definitions/AWS::Bedrock::Agent.InferenceConfiguration", "markdownDescription": "Contains inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the `promptType` . For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", @@ -29171,6 +33876,17 @@ }, "type": "object" }, + "AWS::Bedrock::Agent.SessionSummaryConfiguration": { + "additionalProperties": false, + "properties": { + "MaxRecentSessions": { + "markdownDescription": "Maximum number of recent session summaries to include in the agent's prompt context.", + "title": "MaxRecentSessions", + "type": "number" + } + }, + "type": "object" + }, "AWS::Bedrock::AgentAlias": { "additionalProperties": false, "properties": { @@ -29306,7 +34022,7 @@ ], "type": "object" }, - "AWS::Bedrock::DataSource": { + "AWS::Bedrock::ApplicationInferenceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -29341,47 +34057,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.DataSourceConfiguration", - "markdownDescription": "The connection configuration for the data source.", - "title": "DataSourceConfiguration" - }, "Description": { - "markdownDescription": "The description of the data source.", + "markdownDescription": "The description of the inference profile.", "title": "Description", "type": "string" }, - "KnowledgeBaseId": { - "markdownDescription": "The unique identifier of the knowledge base to which the data source belongs.", - "title": "KnowledgeBaseId", + "InferenceProfileName": { + "markdownDescription": "The name of the inference profile.", + "title": "InferenceProfileName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the data source.", - "title": "Name", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration", - "markdownDescription": "Contains details about the configuration of the server-side encryption.", - "title": "ServerSideEncryptionConfiguration" + "ModelSource": { + "$ref": "#/definitions/AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModelSource", + "markdownDescription": "Contains configurations for the inference profile to copy as the resource.", + "title": "ModelSource" }, - "VectorIngestionConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.VectorIngestionConfiguration", - "markdownDescription": "Contains details about how to ingest the documents in the data source.", - "title": "VectorIngestionConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags associated with the inference profile.", + "title": "Tags", + "type": "array" } }, "required": [ - "DataSourceConfiguration", - "KnowledgeBaseId", - "Name" + "InferenceProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Bedrock::DataSource" + "AWS::Bedrock::ApplicationInferenceProfile" ], "type": "string" }, @@ -29400,110 +34107,32 @@ ], "type": "object" }, - "AWS::Bedrock::DataSource.ChunkingConfiguration": { - "additionalProperties": false, - "properties": { - "ChunkingStrategy": { - "markdownDescription": "Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.\n\n- `FIXED_SIZE` \u2013 Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` .\n- `HIERARCHICAL` \u2013 Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.\n- `SEMANTIC` \u2013 Split documents into chunks based on groups of similar content derived with natural language processing.\n- `NONE` \u2013 Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files.", - "title": "ChunkingStrategy", - "type": "string" - }, - "FixedSizeChunkingConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration", - "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", - "title": "FixedSizeChunkingConfiguration" - } - }, - "required": [ - "ChunkingStrategy" - ], - "type": "object" - }, - "AWS::Bedrock::DataSource.DataSourceConfiguration": { + "AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModel": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.S3DataSourceConfiguration", - "markdownDescription": "The configuration information to connect to Amazon S3 as your data source.", - "title": "S3Configuration" - }, - "Type": { - "markdownDescription": "The type of data source.", - "title": "Type", + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model.", + "title": "ModelArn", "type": "string" } }, - "required": [ - "S3Configuration", - "Type" - ], - "type": "object" - }, - "AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration": { - "additionalProperties": false, - "properties": { - "MaxTokens": { - "markdownDescription": "The maximum number of tokens to include in a chunk.", - "title": "MaxTokens", - "type": "number" - }, - "OverlapPercentage": { - "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", - "title": "OverlapPercentage", - "type": "number" - } - }, - "required": [ - "MaxTokens", - "OverlapPercentage" - ], "type": "object" }, - "AWS::Bedrock::DataSource.S3DataSourceConfiguration": { + "AWS::Bedrock::ApplicationInferenceProfile.InferenceProfileModelSource": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket that contains your data.", - "title": "BucketArn", + "CopyFrom": { + "markdownDescription": "The ARN of the model or system-defined inference profile that is the source for the inference profile.", + "title": "CopyFrom", "type": "string" - }, - "InclusionPrefixes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of S3 prefixes to include certain files or content. This field is an array with a maximum of one item, which can contain a string that has a maximum length of 300 characters. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) .", - "title": "InclusionPrefixes", - "type": "array" } }, "required": [ - "BucketArn" + "CopyFrom" ], "type": "object" }, - "AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key used to encrypt the resource.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Bedrock::DataSource.VectorIngestionConfiguration": { - "additionalProperties": false, - "properties": { - "ChunkingConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::DataSource.ChunkingConfiguration", - "markdownDescription": "Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", - "title": "ChunkingConfiguration" - } - }, - "type": "object" - }, - "AWS::Bedrock::Guardrail": { + "AWS::Bedrock::Blueprint": { "additionalProperties": false, "properties": { "Condition": { @@ -29538,70 +34167,56 @@ "Properties": { "additionalProperties": false, "properties": { - "BlockedInputMessaging": { - "markdownDescription": "The message to return when the guardrail blocks a prompt.", - "title": "BlockedInputMessaging", - "type": "string" - }, - "BlockedOutputsMessaging": { - "markdownDescription": "The message to return when the guardrail blocks a model response.", - "title": "BlockedOutputsMessaging", - "type": "string" - }, - "ContentPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentPolicyConfig", - "markdownDescription": "The content filter policies to configure for the guardrail.", - "title": "ContentPolicyConfig" - }, - "Description": { - "markdownDescription": "A description of the guardrail.", - "title": "Description", + "BlueprintName": { + "markdownDescription": "The blueprint's name.", + "title": "BlueprintName", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", - "title": "KmsKeyArn", - "type": "string" + "KmsEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "Name-value pairs to include as an encryption context.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KmsEncryptionContext", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the guardrail.", - "title": "Name", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key to use for encryption.", + "title": "KmsKeyId", "type": "string" }, - "SensitiveInformationPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig", - "markdownDescription": "The sensitive information policy to configure for the guardrail.", - "title": "SensitiveInformationPolicyConfig" + "Schema": { + "markdownDescription": "The blueprint's schema.", + "title": "Schema", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags that you want to attach to the guardrail.", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "TopicPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicPolicyConfig", - "markdownDescription": "The topic policies to configure for the guardrail.", - "title": "TopicPolicyConfig" - }, - "WordPolicyConfig": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordPolicyConfig", - "markdownDescription": "The word policy you configure for the guardrail.", - "title": "WordPolicyConfig" + "Type": { + "markdownDescription": "The blueprint's type.", + "title": "Type", + "type": "string" } }, "required": [ - "BlockedInputMessaging", - "BlockedOutputsMessaging", - "Name" + "BlueprintName", + "Schema", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Bedrock::Guardrail" + "AWS::Bedrock::Blueprint" ], "type": "string" }, @@ -29620,561 +34235,703 @@ ], "type": "object" }, - "AWS::Bedrock::Guardrail.ContentFilterConfig": { + "AWS::Bedrock::DataAutomationProject": { "additionalProperties": false, "properties": { - "InputStrength": { - "markdownDescription": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", - "title": "InputStrength", + "Condition": { "type": "string" }, - "OutputStrength": { - "markdownDescription": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", - "title": "OutputStrength", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CustomOutputConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.CustomOutputConfiguration", + "markdownDescription": "Blueprints to apply to objects processed by the project.", + "title": "CustomOutputConfiguration" + }, + "KmsEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The AWS KMS encryption context to use for encryption.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "KmsEncryptionContext", + "type": "object" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key to use for encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "OverrideConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.OverrideConfiguration", + "markdownDescription": "Additional settings for the project.", + "title": "OverrideConfiguration" + }, + "ProjectDescription": { + "markdownDescription": "The project's description.", + "title": "ProjectDescription", + "type": "string" + }, + "ProjectName": { + "markdownDescription": "The project's name.", + "title": "ProjectName", + "type": "string" + }, + "StandardOutputConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.StandardOutputConfiguration", + "markdownDescription": "The project's standard output configuration.", + "title": "StandardOutputConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ProjectName" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The harmful category that the content filter is applied to.", - "title": "Type", + "enum": [ + "AWS::Bedrock::DataAutomationProject" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InputStrength", - "OutputStrength", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Bedrock::Guardrail.ContentPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.AudioExtractionCategory": { "additionalProperties": false, "properties": { - "FiltersConfig": { + "State": { + "markdownDescription": "Whether generating categorical data from audio is enabled.", + "title": "State", + "type": "string" + }, + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFilterConfig" + "type": "string" }, - "markdownDescription": "Contains the type of the content filter and how strongly it should apply to prompts and model responses.", - "title": "FiltersConfig", + "markdownDescription": "The types of data to generate.", + "title": "Types", "type": "array" } }, "required": [ - "FiltersConfig" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.ManagedWordsConfig": { + "AWS::Bedrock::DataAutomationProject.AudioOverrideConfiguration": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The managed word type to configure for the guardrail.", - "title": "Type", - "type": "string" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for audio files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.AudioStandardExtraction": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioExtractionCategory", + "markdownDescription": "Settings for generating data from audio.", + "title": "Category" } }, "required": [ - "Type" + "Category" ], "type": "object" }, - "AWS::Bedrock::Guardrail.PiiEntityConfig": { + "AWS::Bedrock::DataAutomationProject.AudioStandardGenerativeField": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Configure guardrail action when the PII entity is detected.", - "title": "Action", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for audio.", + "title": "State", "type": "string" }, - "Type": { - "markdownDescription": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guardrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *CREDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc..", - "title": "Type", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of description to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "Action", - "Type" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.RegexConfig": { + "AWS::Bedrock::DataAutomationProject.AudioStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The guardrail action to configure when matching regular expression is detected.", - "title": "Action", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the audio.", + "title": "Extraction" }, - "Description": { - "markdownDescription": "The description of the regular expression to configure for the guardrail.", - "title": "Description", + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the data.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.BlueprintItem": { + "additionalProperties": false, + "properties": { + "BlueprintArn": { + "markdownDescription": "The blueprint's ARN.", + "title": "BlueprintArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the regular expression to configure for the guardrail.", - "title": "Name", + "BlueprintStage": { + "markdownDescription": "The blueprint's stage.", + "title": "BlueprintStage", "type": "string" }, - "Pattern": { - "markdownDescription": "The regular expression pattern to configure for the guardrail.", - "title": "Pattern", + "BlueprintVersion": { + "markdownDescription": "The blueprint's version.", + "title": "BlueprintVersion", "type": "string" } }, "required": [ - "Action", - "Name", - "Pattern" + "BlueprintArn" ], "type": "object" }, - "AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.CustomOutputConfiguration": { "additionalProperties": false, "properties": { - "PiiEntitiesConfig": { - "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.PiiEntityConfig" - }, - "markdownDescription": "A list of PII entities to configure to the guardrail.", - "title": "PiiEntitiesConfig", - "type": "array" - }, - "RegexesConfig": { + "Blueprints": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.RegexConfig" + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.BlueprintItem" }, - "markdownDescription": "A list of regular expressions to configure to the guardrail.", - "title": "RegexesConfig", + "markdownDescription": "A list of blueprints.", + "title": "Blueprints", "type": "array" } }, "type": "object" }, - "AWS::Bedrock::Guardrail.TopicConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentBoundingBox": { "additionalProperties": false, "properties": { - "Definition": { - "markdownDescription": "A definition of the topic to deny.", - "title": "Definition", - "type": "string" - }, - "Examples": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", - "title": "Examples", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the topic to deny.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies to deny the topic.", - "title": "Type", + "State": { + "markdownDescription": "Whether bounding boxes are enabled for documents.", + "title": "State", "type": "string" } }, "required": [ - "Definition", - "Name", - "Type" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.TopicPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentExtractionGranularity": { "additionalProperties": false, "properties": { - "TopicsConfig": { + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicConfig" + "type": "string" }, - "markdownDescription": "A list of policies related to topics that the guardrail should deny.", - "title": "TopicsConfig", + "markdownDescription": "Granularity settings for documents.", + "title": "Types", "type": "array" } }, - "required": [ - "TopicsConfig" - ], "type": "object" }, - "AWS::Bedrock::Guardrail.WordConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentOutputAdditionalFileFormat": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "Text of the word configured for the guardrail to block.", - "title": "Text", + "State": { + "markdownDescription": "Whether additional file formats are enabled for a project.", + "title": "State", "type": "string" } }, "required": [ - "Text" + "State" ], "type": "object" }, - "AWS::Bedrock::Guardrail.WordPolicyConfig": { + "AWS::Bedrock::DataAutomationProject.DocumentOutputFormat": { "additionalProperties": false, "properties": { - "ManagedWordListsConfig": { - "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.ManagedWordsConfig" - }, - "markdownDescription": "A list of managed words to configure for the guardrail.", - "title": "ManagedWordListsConfig", - "type": "array" + "AdditionalFileFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputAdditionalFileFormat", + "markdownDescription": "Output settings for additional file formats.", + "title": "AdditionalFileFormat" }, - "WordsConfig": { + "TextFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputTextFormat", + "markdownDescription": "An output text format.", + "title": "TextFormat" + } + }, + "required": [ + "AdditionalFileFormat", + "TextFormat" + ], + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.DocumentOutputTextFormat": { + "additionalProperties": false, + "properties": { + "Types": { "items": { - "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordConfig" + "type": "string" }, - "markdownDescription": "A list of words to configure for the guardrail.", - "title": "WordsConfig", + "markdownDescription": "The types of output text to generate.", + "title": "Types", "type": "array" } }, "type": "object" }, - "AWS::Bedrock::KnowledgeBase": { + "AWS::Bedrock::DataAutomationProject.DocumentOverrideConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the knowledge base associated with the inline agent.", - "title": "Description", - "type": "string" - }, - "KnowledgeBaseConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration", - "markdownDescription": "Contains details about the embeddings configuration of the knowledge base.", - "title": "KnowledgeBaseConfiguration" - }, - "Name": { - "markdownDescription": "The name of the knowledge base.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the knowledge base.", - "title": "RoleArn", - "type": "string" - }, - "StorageConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.StorageConfiguration", - "markdownDescription": "Contains details about the storage configuration of the knowledge base.", - "title": "StorageConfiguration" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "KnowledgeBaseConfiguration", - "Name", - "RoleArn", - "StorageConfiguration" - ], - "type": "object" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for document files. All modalities are enabled by default.", + "title": "ModalityProcessing" }, - "Type": { - "enum": [ - "AWS::Bedrock::KnowledgeBase" - ], - "type": "string" + "Splitter": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.SplitterConfiguration", + "markdownDescription": "Whether document splitter is enabled for a project.", + "title": "Splitter" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.DocumentStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentBoundingBox", + "markdownDescription": "Whether to generate bounding boxes.", + "title": "BoundingBox" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Granularity": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentExtractionGranularity", + "markdownDescription": "Which granularities to generate data for.", + "title": "Granularity" } }, "required": [ - "Type", - "Properties" + "BoundingBox", + "Granularity" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration": { + "AWS::Bedrock::DataAutomationProject.DocumentStandardGenerativeField": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of data that the data source is converted into for the knowledge base.", - "title": "Type", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for documents.", + "title": "State", "type": "string" - }, - "VectorKnowledgeBaseConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration", - "markdownDescription": "Contains details about the model that's used to convert the data source into vector embeddings.", - "title": "VectorKnowledgeBaseConfiguration" } }, "required": [ - "Type", - "VectorKnowledgeBaseConfiguration" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration": { + "AWS::Bedrock::DataAutomationProject.DocumentStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "CollectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch Service vector store.", - "title": "CollectionArn", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the document.", + "title": "Extraction" }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions.", + "title": "GenerativeField" }, - "VectorIndexName": { - "markdownDescription": "The name of the vector store.", - "title": "VectorIndexName", + "OutputFormat": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOutputFormat", + "markdownDescription": "The output format to generate.", + "title": "OutputFormat" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ImageBoundingBox": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Bounding box settings for a project.", + "title": "State", "type": "string" } }, "required": [ - "CollectionArn", - "FieldMapping", - "VectorIndexName" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping": { + "AWS::Bedrock::DataAutomationProject.ImageExtractionCategory": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", - "type": "string" - }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", + "State": { + "markdownDescription": "Whether generating categorical data from images is enabled.", + "title": "State", "type": "string" }, - "VectorField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", - "title": "VectorField", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of data to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "MetadataField", - "TextField", - "VectorField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.PineconeConfiguration": { + "AWS::Bedrock::DataAutomationProject.ImageOverrideConfiguration": { "additionalProperties": false, "properties": { - "ConnectionString": { - "markdownDescription": "The endpoint URL for your index management page.", - "title": "ConnectionString", - "type": "string" - }, - "CredentialsSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key.", - "title": "CredentialsSecretArn", - "type": "string" - }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for image files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ImageStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageBoundingBox", + "markdownDescription": "Settings for generating bounding boxes.", + "title": "BoundingBox" }, - "Namespace": { - "markdownDescription": "The namespace to be used to write new data to your database.", - "title": "Namespace", - "type": "string" + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageExtractionCategory", + "markdownDescription": "Settings for generating categorical data.", + "title": "Category" } }, "required": [ - "ConnectionString", - "CredentialsSecretArn", - "FieldMapping" + "BoundingBox", + "Category" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.PineconeFieldMapping": { + "AWS::Bedrock::DataAutomationProject.ImageStandardGenerativeField": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for images.", + "title": "State", "type": "string" }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", - "type": "string" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "Settings for generating descriptions of images.", + "title": "Types", + "type": "array" } }, "required": [ - "MetadataField", - "TextField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.RdsConfiguration": { + "AWS::Bedrock::DataAutomationProject.ImageStandardOutputConfiguration": { "additionalProperties": false, "properties": { - "CredentialsSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database.", - "title": "CredentialsSecretArn", - "type": "string" + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the image.", + "title": "Extraction" }, - "DatabaseName": { - "markdownDescription": "The name of your Amazon RDS database.", - "title": "DatabaseName", + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the data.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Stores the state of the modality for your project, set to either enabled or disabled", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.ModalityRoutingConfiguration": { + "additionalProperties": false, + "properties": { + "jpeg": { + "markdownDescription": "Sets whether JPEG files are routed to document or image processing.", + "title": "jpeg", "type": "string" }, - "FieldMapping": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsFieldMapping", - "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", - "title": "FieldMapping" + "mov": { + "markdownDescription": "Sets whether MOV files are routed to audio or video processing.", + "title": "mov", + "type": "string" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the vector store.", - "title": "ResourceArn", + "mp4": { + "markdownDescription": "Sets whether MP4 files are routed to audio or video processing.", + "title": "mp4", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table in the database.", - "title": "TableName", + "png": { + "markdownDescription": "Sets whether PNG files are routed to document or image processing.", + "title": "png", "type": "string" } }, - "required": [ - "CredentialsSecretArn", - "DatabaseName", - "FieldMapping", - "ResourceArn", - "TableName" - ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.RdsFieldMapping": { + "AWS::Bedrock::DataAutomationProject.OverrideConfiguration": { "additionalProperties": false, "properties": { - "MetadataField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", - "title": "MetadataField", - "type": "string" + "Audio": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process audio files.", + "title": "Audio" }, - "PrimaryKeyField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the ID for each entry.", - "title": "PrimaryKeyField", - "type": "string" + "Document": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentOverrideConfiguration", + "markdownDescription": "Additional settings for a project.", + "title": "Document" }, - "TextField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", - "title": "TextField", + "Image": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process image files.", + "title": "Image" + }, + "ModalityRouting": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityRoutingConfiguration", + "markdownDescription": "Lets you set which modalities certain file types are processed as.", + "title": "ModalityRouting" + }, + "Video": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoOverrideConfiguration", + "markdownDescription": "This element declares whether your project will process video files.", + "title": "Video" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.SplitterConfiguration": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Whether document splitter is enabled for a project.", + "title": "State", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.StandardOutputConfiguration": { + "additionalProperties": false, + "properties": { + "Audio": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.AudioStandardOutputConfiguration", + "markdownDescription": "Settings for processing audio.", + "title": "Audio" }, - "VectorField": { - "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", - "title": "VectorField", + "Document": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.DocumentStandardOutputConfiguration", + "markdownDescription": "Settings for processing documents.", + "title": "Document" + }, + "Image": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ImageStandardOutputConfiguration", + "markdownDescription": "Settings for processing images.", + "title": "Image" + }, + "Video": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardOutputConfiguration", + "markdownDescription": "Settings for processing video.", + "title": "Video" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoBoundingBox": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Whether bounding boxes are enabled for video.", + "title": "State", "type": "string" } }, "required": [ - "MetadataField", - "PrimaryKeyField", - "TextField", - "VectorField" + "State" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.StorageConfiguration": { + "AWS::Bedrock::DataAutomationProject.VideoExtractionCategory": { "additionalProperties": false, "properties": { - "OpensearchServerlessConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration", - "markdownDescription": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.", - "title": "OpensearchServerlessConfiguration" - }, - "PineconeConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeConfiguration", - "markdownDescription": "Contains the storage configuration of the knowledge base in Pinecone.", - "title": "PineconeConfiguration" + "State": { + "markdownDescription": "Whether generating categorical data from video is enabled.", + "title": "State", + "type": "string" }, - "RdsConfiguration": { - "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsConfiguration", - "markdownDescription": "Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) .", - "title": "RdsConfiguration" + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of data to generate.", + "title": "Types", + "type": "array" + } + }, + "required": [ + "State" + ], + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoOverrideConfiguration": { + "additionalProperties": false, + "properties": { + "ModalityProcessing": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.ModalityProcessingConfiguration", + "markdownDescription": "Sets modality processing for video files. All modalities are enabled by default.", + "title": "ModalityProcessing" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataAutomationProject.VideoStandardExtraction": { + "additionalProperties": false, + "properties": { + "BoundingBox": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoBoundingBox", + "markdownDescription": "Settings for generating bounding boxes.", + "title": "BoundingBox" }, - "Type": { - "markdownDescription": "The vector store service in which the knowledge base is stored.", - "title": "Type", - "type": "string" + "Category": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoExtractionCategory", + "markdownDescription": "Settings for generating categorical data.", + "title": "Category" } }, "required": [ - "Type" + "BoundingBox", + "Category" ], "type": "object" }, - "AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration": { + "AWS::Bedrock::DataAutomationProject.VideoStandardGenerativeField": { "additionalProperties": false, "properties": { - "EmbeddingModelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", - "title": "EmbeddingModelArn", + "State": { + "markdownDescription": "Whether generating descriptions is enabled for video.", + "title": "State", "type": "string" + }, + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of description to generate.", + "title": "Types", + "type": "array" } }, "required": [ - "EmbeddingModelArn" + "State" ], "type": "object" }, - "AWS::BillingConductor::BillingGroup": { + "AWS::Bedrock::DataAutomationProject.VideoStandardOutputConfiguration": { + "additionalProperties": false, + "properties": { + "Extraction": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardExtraction", + "markdownDescription": "Settings for populating data fields that describe the video.", + "title": "Extraction" + }, + "GenerativeField": { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject.VideoStandardGenerativeField", + "markdownDescription": "Whether to generate descriptions of the video.", + "title": "GenerativeField" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -30209,51 +34966,52 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountGrouping": { - "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.AccountGrouping", - "markdownDescription": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", - "title": "AccountGrouping" + "DataDeletionPolicy": { + "markdownDescription": "The data deletion policy for the data source.", + "title": "DataDeletionPolicy", + "type": "string" }, - "ComputationPreference": { - "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.ComputationPreference", - "markdownDescription": "The preferences and settings that will be used to compute the AWS charges for a billing group.", - "title": "ComputationPreference" + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.DataSourceConfiguration", + "markdownDescription": "The connection configuration for the data source.", + "title": "DataSourceConfiguration" }, "Description": { - "markdownDescription": "The description of the billing group.", + "markdownDescription": "The description of the data source.", "title": "Description", "type": "string" }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to which the data source belongs.", + "title": "KnowledgeBaseId", + "type": "string" + }, "Name": { - "markdownDescription": "The billing group's name.", + "markdownDescription": "The name of the data source.", "title": "Name", "type": "string" }, - "PrimaryAccountId": { - "markdownDescription": "The account ID that serves as the main account in a billing group.", - "title": "PrimaryAccountId", - "type": "string" + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration", + "markdownDescription": "Contains details about the configuration of the server-side encryption.", + "title": "ServerSideEncryptionConfiguration" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a billing group.", - "title": "Tags", - "type": "array" + "VectorIngestionConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.VectorIngestionConfiguration", + "markdownDescription": "Contains details about how to ingest the documents in the data source.", + "title": "VectorIngestionConfiguration" } }, "required": [ - "AccountGrouping", - "ComputationPreference", - "Name", - "PrimaryAccountId" + "DataSourceConfiguration", + "KnowledgeBaseId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::BillingConductor::BillingGroup" + "AWS::Bedrock::DataSource" ], "type": "string" }, @@ -30272,184 +35030,245 @@ ], "type": "object" }, - "AWS::BillingConductor::BillingGroup.AccountGrouping": { + "AWS::Bedrock::DataSource.BedrockDataAutomationConfiguration": { "additionalProperties": false, "properties": { - "AutoAssociate": { - "markdownDescription": "Specifies if this billing group will automatically associate newly added AWS accounts that join your consolidated billing family.", - "title": "AutoAssociate", - "type": "boolean" + "ParsingModality": { + "markdownDescription": "Specifies whether to enable parsing of multimodal data, including both text and/or images.", + "title": "ParsingModality", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.BedrockFoundationModelConfiguration": { + "additionalProperties": false, + "properties": { + "ModelArn": { + "markdownDescription": "The ARN of the foundation model to use for parsing.", + "title": "ModelArn", + "type": "string" }, - "LinkedAccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The account IDs that make up the billing group. Account IDs must be a part of the consolidated billing family, and not associated with another billing group.", - "title": "LinkedAccountIds", - "type": "array" + "ParsingModality": { + "markdownDescription": "Specifies whether to enable parsing of multimodal data, including both text and/or images.", + "title": "ParsingModality", + "type": "string" + }, + "ParsingPrompt": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ParsingPrompt", + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPrompt" } }, "required": [ - "LinkedAccountIds" + "ModelArn" ], "type": "object" }, - "AWS::BillingConductor::BillingGroup.ComputationPreference": { + "AWS::Bedrock::DataSource.BedrockFoundationModelContextEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "PricingPlanArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the pricing plan used to compute the AWS charges for a billing group.", - "title": "PricingPlanArn", + "EnrichmentStrategyConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.EnrichmentStrategyConfiguration", + "markdownDescription": "The enrichment stategy used to provide additional context. For example, Neptune GraphRAG uses Amazon Bedrock foundation models to perform chunk entity extraction.", + "title": "EnrichmentStrategyConfiguration" + }, + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", + "title": "ModelArn", "type": "string" } }, "required": [ - "PricingPlanArn" + "EnrichmentStrategyConfiguration", + "ModelArn" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem": { + "AWS::Bedrock::DataSource.ChunkingConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ChunkingStrategy": { + "markdownDescription": "Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.\n\n- `FIXED_SIZE` \u2013 Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` .\n- `HIERARCHICAL` \u2013 Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.\n- `SEMANTIC` \u2013 Split documents into chunks based on groups of similar content derived with natural language processing.\n- `NONE` \u2013 Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files.", + "title": "ChunkingStrategy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FixedSizeChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration", + "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", + "title": "FixedSizeChunkingConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "HierarchicalChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.HierarchicalChunkingConfiguration", + "markdownDescription": "Settings for hierarchical document chunking for a data source. Hierarchical chunking splits documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.", + "title": "HierarchicalChunkingConfiguration" }, - "Metadata": { - "type": "object" + "SemanticChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SemanticChunkingConfiguration", + "markdownDescription": "Settings for semantic document chunking for a data source. Semantic chunking splits a document into into smaller documents based on groups of similar content derived from the text with natural language processing.", + "title": "SemanticChunkingConfiguration" + } + }, + "required": [ + "ChunkingStrategy" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceCrawlerConfiguration": { + "additionalProperties": false, + "properties": { + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the Confluence content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceCrawlerConfiguration", + "markdownDescription": "The configuration of the Confluence content. For example, configuring specific types of Confluence content.", + "title": "CrawlerConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The AWS account in which this custom line item will be applied to.", - "title": "AccountId", - "type": "string" - }, - "BillingGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that references the billing group where the custom line item applies to.", - "title": "BillingGroupArn", - "type": "string" - }, - "BillingPeriodRange": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.BillingPeriodRange", - "markdownDescription": "A time range for which the custom line item is effective.", - "title": "BillingPeriodRange" - }, - "CustomLineItemChargeDetails": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails", - "markdownDescription": "The charge details of a custom line item. It should contain only one of `Flat` or `Percentage` .", - "title": "CustomLineItemChargeDetails" - }, - "Description": { - "markdownDescription": "The custom line item's description. This is shown on the Bills page in association with the charge value.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The custom line item's name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a custom line item.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "BillingGroupArn", - "Name" - ], - "type": "object" + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your Confluence data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ConfluenceSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your Confluence instance.", + "title": "AuthType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::BillingConductor::CustomLineItem" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [Confluence connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/confluence-data-source-connector.html#configuration-confluence-connector) .", + "title": "CredentialsSecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostType": { + "markdownDescription": "The supported host type, whether online/cloud or server/on-premises.", + "title": "HostType", + "type": "string" + }, + "HostUrl": { + "markdownDescription": "The Confluence host URL or instance URL.", + "title": "HostUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AuthType", + "CredentialsSecretArn", + "HostType", + "HostUrl" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.BillingPeriodRange": { + "AWS::Bedrock::DataSource.ContextEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "ExclusiveEndBillingPeriod": { - "markdownDescription": "The exclusive end billing period that defines a billing period range where a custom line is applied.", - "title": "ExclusiveEndBillingPeriod", + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockFoundationModelContextEnrichmentConfiguration", + "markdownDescription": "The configuration of the Amazon Bedrock foundation model used for context enrichment.", + "title": "BedrockFoundationModelConfiguration" + }, + "Type": { + "markdownDescription": "The method used for context enrichment. It must be Amazon Bedrock foundation models.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.CrawlFilterConfiguration": { + "additionalProperties": false, + "properties": { + "PatternObjectFilter": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.PatternObjectFilterConfiguration", + "markdownDescription": "The configuration of filtering certain objects or content types of the data source.", + "title": "PatternObjectFilter" }, - "InclusiveStartBillingPeriod": { - "markdownDescription": "The inclusive start billing period that defines a billing period range where a custom line is applied.", - "title": "InclusiveStartBillingPeriod", + "Type": { + "markdownDescription": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the `PATTERN` type is regular expression patterns you can apply to filter your content.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails": { + "AWS::Bedrock::DataSource.CustomTransformationConfiguration": { "additionalProperties": false, "properties": { - "Flat": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails", - "markdownDescription": "A `CustomLineItemFlatChargeDetails` that describes the charge details of a flat custom line item.", - "title": "Flat" + "IntermediateStorage": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.IntermediateStorage", + "markdownDescription": "An S3 bucket path for input and output objects.", + "title": "IntermediateStorage" }, - "LineItemFilters": { + "Transformations": { "items": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.LineItemFilter" + "$ref": "#/definitions/AWS::Bedrock::DataSource.Transformation" }, - "markdownDescription": "A representation of the line item filter.", - "title": "LineItemFilters", + "markdownDescription": "A Lambda function that processes documents.", + "title": "Transformations", "type": "array" + } + }, + "required": [ + "IntermediateStorage", + "Transformations" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "ConfluenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ConfluenceDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Confluence as your data source.\n\n> Confluence data source connector is in preview release and is subject to change.", + "title": "ConfluenceConfiguration" }, - "Percentage": { - "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails", - "markdownDescription": "A `CustomLineItemPercentageChargeDetails` that describes the charge details of a percentage custom line item.", - "title": "Percentage" + "S3Configuration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.S3DataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Amazon S3 as your data source.", + "title": "S3Configuration" + }, + "SalesforceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to Salesforce as your data source.\n\n> Salesforce data source connector is in preview release and is subject to change.", + "title": "SalesforceConfiguration" + }, + "SharePointConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointDataSourceConfiguration", + "markdownDescription": "The configuration information to connect to SharePoint as your data source.\n\n> SharePoint data source connector is in preview release and is subject to change.", + "title": "SharePointConfiguration" }, "Type": { - "markdownDescription": "The type of the custom line item that indicates whether the charge is a fee or credit.", + "markdownDescription": "The type of data source.", "title": "Type", "type": "string" + }, + "WebConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebDataSourceConfiguration", + "markdownDescription": "The configuration of web URLs to crawl for your data source. You should be authorized to crawl the URLs.\n\n> Crawling web URLs as your data source is in preview release and is subject to change.", + "title": "WebConfiguration" } }, "required": [ @@ -30457,641 +35276,583 @@ ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails": { + "AWS::Bedrock::DataSource.EnrichmentStrategyConfiguration": { "additionalProperties": false, "properties": { - "ChargeValue": { - "markdownDescription": "The custom line item's fixed charge value in USD.", - "title": "ChargeValue", + "Method": { + "markdownDescription": "The method used for the context enrichment strategy.", + "title": "Method", + "type": "string" + } + }, + "required": [ + "Method" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to include in a chunk.", + "title": "MaxTokens", + "type": "number" + }, + "OverlapPercentage": { + "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", + "title": "OverlapPercentage", "type": "number" } }, "required": [ - "ChargeValue" + "MaxTokens", + "OverlapPercentage" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails": { + "AWS::Bedrock::DataSource.HierarchicalChunkingConfiguration": { "additionalProperties": false, "properties": { - "ChildAssociatedResources": { + "LevelConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::DataSource.HierarchicalChunkingLevelConfiguration" }, - "markdownDescription": "A list of resource ARNs to associate to the percentage custom line item.", - "title": "ChildAssociatedResources", + "markdownDescription": "Token settings for each layer.", + "title": "LevelConfigurations", "type": "array" }, - "PercentageValue": { - "markdownDescription": "The custom line item's percentage value. This will be multiplied against the combined value of its associated resources to determine its charge value.", - "title": "PercentageValue", + "OverlapTokens": { + "markdownDescription": "The number of tokens to repeat across chunks in the same layer.", + "title": "OverlapTokens", "type": "number" } }, "required": [ - "PercentageValue" + "LevelConfigurations", + "OverlapTokens" ], "type": "object" }, - "AWS::BillingConductor::CustomLineItem.LineItemFilter": { + "AWS::Bedrock::DataSource.HierarchicalChunkingLevelConfiguration": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The attribute of the line item filter. This specifies what attribute that you can filter on.", - "title": "Attribute", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain in this layer.", + "title": "MaxTokens", + "type": "number" + } + }, + "required": [ + "MaxTokens" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.IntermediateStorage": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.S3Location", + "markdownDescription": "An S3 bucket path.", + "title": "S3Location" + } + }, + "required": [ + "S3Location" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ParsingConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockDataAutomationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockDataAutomationConfiguration", + "markdownDescription": "If you specify `BEDROCK_DATA_AUTOMATION` as the parsing strategy for ingesting your data source, use this object to modify configurations for using the Amazon Bedrock Data Automation parser.", + "title": "BedrockDataAutomationConfiguration" }, - "MatchOption": { - "markdownDescription": "The match criteria of the line item filter. This parameter specifies whether not to include the resource value from the billing group total cost.", - "title": "MatchOption", - "type": "string" + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.BedrockFoundationModelConfiguration", + "markdownDescription": "If you specify `BEDROCK_FOUNDATION_MODEL` as the parsing strategy for ingesting your data source, use this object to modify configurations for using a foundation model to parse documents.", + "title": "BedrockFoundationModelConfiguration" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values of the line item filter. This specifies the values to filter on. Currently, you can only exclude Savings Plan discounts.", - "title": "Values", - "type": "array" + "ParsingStrategy": { + "markdownDescription": "The parsing strategy for the data source.", + "title": "ParsingStrategy", + "type": "string" } }, "required": [ - "Attribute", - "MatchOption", - "Values" + "ParsingStrategy" ], "type": "object" }, - "AWS::BillingConductor::PricingPlan": { + "AWS::Bedrock::DataSource.ParsingPrompt": { "additionalProperties": false, "properties": { - "Condition": { + "ParsingPromptText": { + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPromptText", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The pricing plan description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a pricing plan.", - "title": "Name", - "type": "string" - }, - "PricingRuleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The `PricingRuleArns` that are associated with the Pricing Plan.", - "title": "PricingRuleArns", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing plan.", - "title": "Tags", - "type": "array" - } + } + }, + "required": [ + "ParsingPromptText" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.PatternObjectFilter": { + "additionalProperties": false, + "properties": { + "ExclusionFilters": { + "items": { + "type": "string" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn\u2019t crawled.", + "title": "ExclusionFilters", + "type": "array" }, - "Type": { - "enum": [ - "AWS::BillingConductor::PricingPlan" - ], - "type": "string" + "InclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn\u2019t crawled.", + "title": "InclusionFilters", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectType": { + "markdownDescription": "The supported object type or content type of the data source.", + "title": "ObjectType", "type": "string" } }, "required": [ - "Type", - "Properties" + "ObjectType" ], "type": "object" }, - "AWS::BillingConductor::PricingRule": { + "AWS::Bedrock::DataSource.PatternObjectFilterConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Filters": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.PatternObjectFilter" + }, + "markdownDescription": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.", + "title": "Filters", + "type": "array" + } + }, + "required": [ + "Filters" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.S3DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket that contains your data.", + "title": "BucketArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BucketOwnerAccountId": { + "markdownDescription": "The account ID for the owner of the S3 bucket.", + "title": "BucketOwnerAccountId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BillingEntity": { - "markdownDescription": "The seller of services provided by AWS , their affiliates, or third-party providers selling services via AWS Marketplace .", - "title": "BillingEntity", - "type": "string" - }, - "Description": { - "markdownDescription": "The pricing rule description.", - "title": "Description", - "type": "string" - }, - "ModifierPercentage": { - "markdownDescription": "A percentage modifier applied on the public pricing rates.", - "title": "ModifierPercentage", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a pricing rule.", - "title": "Name", - "type": "string" - }, - "Operation": { - "markdownDescription": "Operation is the specific AWS action covered by this line item. This describes the specific usage of the line item.\n\nIf the `Scope` attribute is set to `SKU` , this attribute indicates which operation the `PricingRule` is modifying. For example, a value of `RunInstances:0202` indicates the operation of running an Amazon EC2 instance.", - "title": "Operation", - "type": "string" - }, - "Scope": { - "markdownDescription": "The scope of pricing rule that indicates if it's globally applicable or service-specific.", - "title": "Scope", - "type": "string" - }, - "Service": { - "markdownDescription": "If the `Scope` attribute is `SERVICE` , this attribute indicates which service the `PricingRule` is applicable for.", - "title": "Service", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing rule.", - "title": "Tags", - "type": "array" - }, - "Tiering": { - "$ref": "#/definitions/AWS::BillingConductor::PricingRule.Tiering", - "markdownDescription": "The set of tiering configurations for the pricing rule.", - "title": "Tiering" - }, - "Type": { - "markdownDescription": "The type of pricing rule.", - "title": "Type", - "type": "string" - }, - "UsageType": { - "markdownDescription": "Usage Type is the unit that each service uses to measure the usage of a specific type of resource.", - "title": "UsageType", - "type": "string" - } + "InclusionPrefixes": { + "items": { + "type": "string" }, - "required": [ - "Name", - "Scope", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::BillingConductor::PricingRule" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of S3 prefixes to include certain files or content. This field is an array with a maximum of one item, which can contain a string that has a maximum length of 300 characters. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) .", + "title": "InclusionPrefixes", + "type": "array" } }, "required": [ - "Type", - "Properties" + "BucketArn" ], "type": "object" }, - "AWS::BillingConductor::PricingRule.FreeTier": { + "AWS::Bedrock::DataSource.S3Location": { "additionalProperties": false, "properties": { - "Activated": { - "markdownDescription": "Activate or deactivate AWS Free Tier.", - "title": "Activated", - "type": "boolean" + "URI": { + "markdownDescription": "An object URI starting with `s3://` .", + "title": "URI", + "type": "string" } }, "required": [ - "Activated" + "URI" ], "type": "object" }, - "AWS::BillingConductor::PricingRule.Tiering": { + "AWS::Bedrock::DataSource.SalesforceCrawlerConfiguration": { "additionalProperties": false, "properties": { - "FreeTier": { - "$ref": "#/definitions/AWS::BillingConductor::PricingRule.FreeTier", - "markdownDescription": "The possible AWS Free Tier configurations.", - "title": "FreeTier" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" } }, "type": "object" }, - "AWS::Budgets::Budget": { + "AWS::Bedrock::DataSource.SalesforceDataSourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceCrawlerConfiguration", + "markdownDescription": "The configuration of the Salesforce content. For example, configuring specific types of Salesforce content.", + "title": "CrawlerConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SalesforceSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your Salesforce data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.SalesforceSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your Salesforce instance.", + "title": "AuthType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Budget": { - "$ref": "#/definitions/AWS::Budgets::Budget.BudgetData", - "markdownDescription": "The budget object that you want to create.", - "title": "Budget" - }, - "NotificationsWithSubscribers": { - "items": { - "$ref": "#/definitions/AWS::Budgets::Budget.NotificationWithSubscribers" - }, - "markdownDescription": "A notification that you want to associate with a budget. A budget can have up to five notifications, and each notification can have one SNS subscriber and up to 10 email subscribers. If you include notifications and subscribers in your `CreateBudget` call, AWS creates the notifications and subscribers for you.", - "title": "NotificationsWithSubscribers", - "type": "array" - } - }, - "required": [ - "Budget" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Budgets::Budget" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [Salesforce connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/salesforce-data-source-connector.html#configuration-salesforce-connector) .", + "title": "CredentialsSecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HostUrl": { + "markdownDescription": "The Salesforce host URL or instance URL.", + "title": "HostUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AuthType", + "CredentialsSecretArn", + "HostUrl" ], "type": "object" }, - "AWS::Budgets::Budget.AutoAdjustData": { + "AWS::Bedrock::DataSource.SeedUrl": { "additionalProperties": false, "properties": { - "AutoAdjustType": { - "markdownDescription": "The string that defines whether your budget auto-adjusts based on historical or forecasted data.", - "title": "AutoAdjustType", + "Url": { + "markdownDescription": "A seed or starting point URL.", + "title": "Url", "type": "string" - }, - "HistoricalOptions": { - "$ref": "#/definitions/AWS::Budgets::Budget.HistoricalOptions", - "markdownDescription": "The parameters that define or describe the historical data that your auto-adjusting budget is based on.", - "title": "HistoricalOptions" } }, "required": [ - "AutoAdjustType" + "Url" ], "type": "object" }, - "AWS::Budgets::Budget.BudgetData": { + "AWS::Bedrock::DataSource.SemanticChunkingConfiguration": { "additionalProperties": false, "properties": { - "AutoAdjustData": { - "$ref": "#/definitions/AWS::Budgets::Budget.AutoAdjustData", - "markdownDescription": "Determine the budget amount for an auto-adjusting budget.", - "title": "AutoAdjustData" + "BreakpointPercentileThreshold": { + "markdownDescription": "The dissimilarity threshold for splitting chunks.", + "title": "BreakpointPercentileThreshold", + "type": "number" }, - "BudgetLimit": { - "$ref": "#/definitions/AWS::Budgets::Budget.Spend", - "markdownDescription": "The total amount of cost, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage that you want to track with your budget.\n\n`BudgetLimit` is required for cost or usage budgets, but optional for RI or Savings Plans utilization or coverage budgets. RI and Savings Plans utilization or coverage budgets default to `100` . This is the only valid value for RI or Savings Plans utilization or coverage budgets. You can't use `BudgetLimit` with `PlannedBudgetLimits` for `CreateBudget` and `UpdateBudget` actions.", - "title": "BudgetLimit" + "BufferSize": { + "markdownDescription": "The buffer size.", + "title": "BufferSize", + "type": "number" }, - "BudgetName": { - "markdownDescription": "The name of a budget. The value must be unique within an account. `BudgetName` can't include `:` and `\\` characters. If you don't include value for `BudgetName` in the template, Billing and Cost Management assigns your budget a randomly generated name.", - "title": "BudgetName", + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain.", + "title": "MaxTokens", + "type": "number" + } + }, + "required": [ + "BreakpointPercentileThreshold", + "BufferSize", + "MaxTokens" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key used to encrypt the resource.", + "title": "KmsKeyArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointCrawlerConfiguration": { + "additionalProperties": false, + "properties": { + "FilterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CrawlFilterConfiguration", + "markdownDescription": "The configuration of filtering the SharePoint content. For example, configuring regular expression patterns to include or exclude certain content.", + "title": "FilterConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointCrawlerConfiguration", + "markdownDescription": "The configuration of the SharePoint content. For example, configuring specific types of SharePoint content.", + "title": "CrawlerConfiguration" }, - "BudgetType": { - "markdownDescription": "Specifies whether this budget tracks costs, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage.", - "title": "BudgetType", + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.SharePointSourceConfiguration", + "markdownDescription": "The endpoint information to connect to your SharePoint data source.", + "title": "SourceConfiguration" + } + }, + "required": [ + "SourceConfiguration" + ], + "type": "object" + }, + "AWS::Bedrock::DataSource.SharePointSourceConfiguration": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The supported authentication type to authenticate and connect to your SharePoint site/sites.", + "title": "AuthType", "type": "string" }, - "CostFilters": { - "markdownDescription": "The cost filters, such as `Region` , `Service` , `LinkedAccount` , `Tag` , or `CostCategory` , that are applied to a budget.\n\nAWS Budgets supports the following services as a `Service` filter for RI budgets:\n\n- Amazon EC2\n- Amazon Redshift\n- Amazon Relational Database Service\n- Amazon ElastiCache\n- Amazon OpenSearch Service", - "title": "CostFilters", - "type": "object" + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see [SharePoint connection configuration](https://docs.aws.amazon.com/bedrock/latest/userguide/sharepoint-data-source-connector.html#configuration-sharepoint-connector) .", + "title": "CredentialsSecretArn", + "type": "string" }, - "CostTypes": { - "$ref": "#/definitions/AWS::Budgets::Budget.CostTypes", - "markdownDescription": "The types of costs that are included in this `COST` budget.\n\n`USAGE` , `RI_UTILIZATION` , `RI_COVERAGE` , `SAVINGS_PLANS_UTILIZATION` , and `SAVINGS_PLANS_COVERAGE` budgets do not have `CostTypes` .", - "title": "CostTypes" + "Domain": { + "markdownDescription": "The domain of your SharePoint instance or site URL/URLs.", + "title": "Domain", + "type": "string" }, - "PlannedBudgetLimits": { - "markdownDescription": "A map containing multiple `BudgetLimit` , including current or future limits.\n\n`PlannedBudgetLimits` is available for cost or usage budget and supports both monthly and quarterly `TimeUnit` .\n\nFor monthly budgets, provide 12 months of `PlannedBudgetLimits` values. This must start from the current month and include the next 11 months. The `key` is the start of the month, `UTC` in epoch seconds.\n\nFor quarterly budgets, provide four quarters of `PlannedBudgetLimits` value entries in standard calendar quarter increments. This must start from the current quarter and include the next three quarters. The `key` is the start of the quarter, `UTC` in epoch seconds.\n\nIf the planned budget expires before 12 months for monthly or four quarters for quarterly, provide the `PlannedBudgetLimits` values only for the remaining periods.\n\nIf the budget begins at a date in the future, provide `PlannedBudgetLimits` values from the start date of the budget.\n\nAfter all of the `BudgetLimit` values in `PlannedBudgetLimits` are used, the budget continues to use the last limit as the `BudgetLimit` . At that point, the planned budget provides the same experience as a fixed budget.\n\n`DescribeBudget` and `DescribeBudgets` response along with `PlannedBudgetLimits` also contain `BudgetLimit` representing the current month or quarter limit present in `PlannedBudgetLimits` . This only applies to budgets that are created with `PlannedBudgetLimits` . Budgets that are created without `PlannedBudgetLimits` only contain `BudgetLimit` . They don't contain `PlannedBudgetLimits` .", - "title": "PlannedBudgetLimits", - "type": "object" + "HostType": { + "markdownDescription": "The supported host type, whether online/cloud or server/on-premises.", + "title": "HostType", + "type": "string" }, - "TimePeriod": { - "$ref": "#/definitions/AWS::Budgets::Budget.TimePeriod", - "markdownDescription": "The period of time that is covered by a budget. The period has a start date and an end date. The start date must come before the end date. There are no restrictions on the end date.\n\nThe start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nAfter the end date, AWS deletes the budget and all associated notifications and subscribers.", - "title": "TimePeriod" + "SiteUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more SharePoint site URLs.", + "title": "SiteUrls", + "type": "array" }, - "TimeUnit": { - "markdownDescription": "The length of time until a budget resets the actual and forecasted spend. `DAILY` is available only for `RI_UTILIZATION` and `RI_COVERAGE` budgets.", - "title": "TimeUnit", + "TenantId": { + "markdownDescription": "The identifier of your Microsoft 365 tenant.", + "title": "TenantId", "type": "string" } }, "required": [ - "BudgetType", - "TimeUnit" + "AuthType", + "CredentialsSecretArn", + "Domain", + "HostType", + "SiteUrls" ], "type": "object" }, - "AWS::Budgets::Budget.CostTypes": { + "AWS::Bedrock::DataSource.Transformation": { "additionalProperties": false, "properties": { - "IncludeCredit": { - "markdownDescription": "Specifies whether a budget includes credits.\n\nThe default value is `true` .", - "title": "IncludeCredit", - "type": "boolean" - }, - "IncludeDiscount": { - "markdownDescription": "Specifies whether a budget includes discounts.\n\nThe default value is `true` .", - "title": "IncludeDiscount", - "type": "boolean" - }, - "IncludeOtherSubscription": { - "markdownDescription": "Specifies whether a budget includes non-RI subscription costs.\n\nThe default value is `true` .", - "title": "IncludeOtherSubscription", - "type": "boolean" - }, - "IncludeRecurring": { - "markdownDescription": "Specifies whether a budget includes recurring fees such as monthly RI fees.\n\nThe default value is `true` .", - "title": "IncludeRecurring", - "type": "boolean" - }, - "IncludeRefund": { - "markdownDescription": "Specifies whether a budget includes refunds.\n\nThe default value is `true` .", - "title": "IncludeRefund", - "type": "boolean" - }, - "IncludeSubscription": { - "markdownDescription": "Specifies whether a budget includes subscriptions.\n\nThe default value is `true` .", - "title": "IncludeSubscription", - "type": "boolean" - }, - "IncludeSupport": { - "markdownDescription": "Specifies whether a budget includes support subscription fees.\n\nThe default value is `true` .", - "title": "IncludeSupport", - "type": "boolean" - }, - "IncludeTax": { - "markdownDescription": "Specifies whether a budget includes taxes.\n\nThe default value is `true` .", - "title": "IncludeTax", - "type": "boolean" - }, - "IncludeUpfront": { - "markdownDescription": "Specifies whether a budget includes upfront RI costs.\n\nThe default value is `true` .", - "title": "IncludeUpfront", - "type": "boolean" - }, - "UseAmortized": { - "markdownDescription": "Specifies whether a budget uses the amortized rate.\n\nThe default value is `false` .", - "title": "UseAmortized", - "type": "boolean" + "StepToApply": { + "markdownDescription": "When the service applies the transformation.", + "title": "StepToApply", + "type": "string" }, - "UseBlended": { - "markdownDescription": "Specifies whether a budget uses a blended rate.\n\nThe default value is `false` .", - "title": "UseBlended", - "type": "boolean" + "TransformationFunction": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.TransformationFunction", + "markdownDescription": "A Lambda function that processes documents.", + "title": "TransformationFunction" } }, + "required": [ + "StepToApply", + "TransformationFunction" + ], "type": "object" }, - "AWS::Budgets::Budget.HistoricalOptions": { + "AWS::Bedrock::DataSource.TransformationFunction": { "additionalProperties": false, "properties": { - "BudgetAdjustmentPeriod": { - "markdownDescription": "The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount. The maximum value depends on the `TimeUnit` granularity of the budget:\n\n- For the `DAILY` granularity, the maximum value is `60` .\n- For the `MONTHLY` granularity, the maximum value is `12` .\n- For the `QUARTERLY` granularity, the maximum value is `4` .\n- For the `ANNUALLY` granularity, the maximum value is `1` .", - "title": "BudgetAdjustmentPeriod", - "type": "number" + "TransformationLambdaConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.TransformationLambdaConfiguration", + "markdownDescription": "The Lambda function.", + "title": "TransformationLambdaConfiguration" } }, "required": [ - "BudgetAdjustmentPeriod" + "TransformationLambdaConfiguration" ], "type": "object" }, - "AWS::Budgets::Budget.Notification": { + "AWS::Bedrock::DataSource.TransformationLambdaConfiguration": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The comparison that's used for this notification.", - "title": "ComparisonOperator", - "type": "string" - }, - "NotificationType": { - "markdownDescription": "Specifies whether the notification is for how much you have spent ( `ACTUAL` ) or for how much that you're forecasted to spend ( `FORECASTED` ).", - "title": "NotificationType", - "type": "string" - }, - "Threshold": { - "markdownDescription": "The threshold that's associated with a notification. Thresholds are always a percentage, and many customers find value being alerted between 50% - 200% of the budgeted amount. The maximum limit for your threshold is 1,000,000% above the budgeted amount.", - "title": "Threshold", - "type": "number" - }, - "ThresholdType": { - "markdownDescription": "The type of threshold for a notification. For `ABSOLUTE_VALUE` thresholds, AWS notifies you when you go over or are forecasted to go over your total cost threshold. For `PERCENTAGE` thresholds, AWS notifies you when you go over or are forecasted to go over a certain percentage of your forecasted spend. For example, if you have a budget for 200 dollars and you have a `PERCENTAGE` threshold of 80%, AWS notifies you when you go over 160 dollars.", - "title": "ThresholdType", + "LambdaArn": { + "markdownDescription": "The function's ARN identifier.", + "title": "LambdaArn", "type": "string" } }, "required": [ - "ComparisonOperator", - "NotificationType", - "Threshold" + "LambdaArn" ], "type": "object" }, - "AWS::Budgets::Budget.NotificationWithSubscribers": { + "AWS::Bedrock::DataSource.UrlConfiguration": { "additionalProperties": false, "properties": { - "Notification": { - "$ref": "#/definitions/AWS::Budgets::Budget.Notification", - "markdownDescription": "The notification that's associated with a budget.", - "title": "Notification" - }, - "Subscribers": { + "SeedUrls": { "items": { - "$ref": "#/definitions/AWS::Budgets::Budget.Subscriber" + "$ref": "#/definitions/AWS::Bedrock::DataSource.SeedUrl" }, - "markdownDescription": "A list of subscribers who are subscribed to this notification.", - "title": "Subscribers", + "markdownDescription": "One or more seed or starting point URLs.", + "title": "SeedUrls", "type": "array" } }, "required": [ - "Notification", - "Subscribers" + "SeedUrls" ], "type": "object" }, - "AWS::Budgets::Budget.Spend": { + "AWS::Bedrock::DataSource.VectorIngestionConfiguration": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold.", - "title": "Amount", - "type": "number" + "ChunkingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ChunkingConfiguration", + "markdownDescription": "Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", + "title": "ChunkingConfiguration" }, - "Unit": { - "markdownDescription": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold.", - "title": "Unit", - "type": "string" + "ContextEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ContextEnrichmentConfiguration", + "markdownDescription": "The context enrichment configuration used for ingestion of the data into the vector store.", + "title": "ContextEnrichmentConfiguration" + }, + "CustomTransformationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.CustomTransformationConfiguration", + "markdownDescription": "A custom document transformer for parsed data source documents.", + "title": "CustomTransformationConfiguration" + }, + "ParsingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.ParsingConfiguration", + "markdownDescription": "Configurations for a parser to use for parsing documents in your data source. If you exclude this field, the default parser will be used.", + "title": "ParsingConfiguration" } }, - "required": [ - "Amount", - "Unit" - ], "type": "object" }, - "AWS::Budgets::Budget.Subscriber": { + "AWS::Bedrock::DataSource.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", - "title": "Address", + "CrawlerLimits": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebCrawlerLimits", + "markdownDescription": "The configuration of crawl limits for the web URLs.", + "title": "CrawlerLimits" + }, + "ExclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "ExclusionFilters", + "type": "array" + }, + "InclusionFilters": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "InclusionFilters", + "type": "array" + }, + "Scope": { + "markdownDescription": "The scope of what is crawled for your URLs.\n\nYou can choose to crawl only web pages that belong to the same host or primary domain. For example, only web pages that contain the seed URL \"https://docs.aws.amazon.com/bedrock/latest/userguide/\" and no other domains. You can choose to include sub domains in addition to the host or primary domain. For example, web pages that contain \"aws.amazon.com\" can also include sub domain \"docs.aws.amazon.com\".", + "title": "Scope", "type": "string" }, - "SubscriptionType": { - "markdownDescription": "The type of notification that AWS sends to a subscriber.", - "title": "SubscriptionType", + "UserAgent": { + "markdownDescription": "Returns the user agent suffix for your web crawler.", + "title": "UserAgent", + "type": "string" + }, + "UserAgentHeader": { + "markdownDescription": "A string used for identifying the crawler or bot when it accesses a web server. The user agent header value consists of the `bedrockbot` , UUID, and a user agent suffix for your crawler (if one is provided). By default, it is set to `bedrockbot_UUID` . You can optionally append a custom suffix to `bedrockbot_UUID` to allowlist a specific user agent permitted to access your source URLs.", + "title": "UserAgentHeader", "type": "string" } }, + "type": "object" + }, + "AWS::Bedrock::DataSource.WebCrawlerLimits": { + "additionalProperties": false, + "properties": { + "MaxPages": { + "markdownDescription": "The max number of web pages crawled from your source URLs, up to 25,000 pages. If the web pages exceed this limit, the data source sync will fail and no web pages will be ingested.", + "title": "MaxPages", + "type": "number" + }, + "RateLimit": { + "markdownDescription": "The max rate at which pages are crawled, up to 300 per minute per host.", + "title": "RateLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::DataSource.WebDataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlerConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebCrawlerConfiguration", + "markdownDescription": "The Web Crawler configuration details for the web data source.", + "title": "CrawlerConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.WebSourceConfiguration", + "markdownDescription": "The source configuration details for the web data source.", + "title": "SourceConfiguration" + } + }, "required": [ - "Address", - "SubscriptionType" + "SourceConfiguration" ], "type": "object" }, - "AWS::Budgets::Budget.TimePeriod": { + "AWS::Bedrock::DataSource.WebSourceConfiguration": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "The end date for a budget. If you didn't specify an end date, AWS set your end date to `06/15/87 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nAfter the end date, AWS deletes the budget and all the associated notifications and subscribers. You can change your end date with the `UpdateBudget` operation.", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "The start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nValid values depend on the value of `BudgetType` :\n\n- If `BudgetType` is `COST` or `USAGE` : Valid values are `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .\n- If `BudgetType` is `RI_UTILIZATION` or `RI_COVERAGE` : Valid values are `DAILY` , `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .", - "title": "Start", - "type": "string" + "UrlConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::DataSource.UrlConfiguration", + "markdownDescription": "The configuration of the URL/URLs.", + "title": "UrlConfiguration" } }, + "required": [ + "UrlConfiguration" + ], "type": "object" }, - "AWS::Budgets::BudgetsAction": { + "AWS::Bedrock::Flow": { "additionalProperties": false, "properties": { "Condition": { @@ -31126,64 +35887,84 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionThreshold": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ActionThreshold", - "markdownDescription": "The trigger threshold of the action.", - "title": "ActionThreshold" - }, - "ActionType": { - "markdownDescription": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition.", - "title": "ActionType", + "CustomerEncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that the flow is encrypted with.", + "title": "CustomerEncryptionKeyArn", "type": "string" }, - "ApprovalModel": { - "markdownDescription": "This specifies if the action needs manual or automatic approval.", - "title": "ApprovalModel", - "type": "string" + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDefinition", + "markdownDescription": "The definition of the nodes and connections between the nodes in the flow.", + "title": "Definition" }, - "BudgetName": { - "markdownDescription": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed.", - "title": "BudgetName", + "DefinitionS3Location": { + "$ref": "#/definitions/AWS::Bedrock::Flow.S3Location", + "markdownDescription": "The Amazon S3 location of the flow definition.", + "title": "DefinitionS3Location" + }, + "DefinitionString": { + "markdownDescription": "The definition of the flow as a JSON-formatted string. The string must match the format in [FlowDefinition](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-flow-flowdefinition.html) .", + "title": "DefinitionString", "type": "string" }, - "Definition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Definition", - "markdownDescription": "Specifies all of the type-specific parameters.", - "title": "Definition" + "DefinitionSubstitutions": { + "additionalProperties": true, + "markdownDescription": "A map that specifies the mappings for placeholder variables in the prompt flow definition. This enables the customer to inject values obtained at runtime. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map. Only supported with the `DefinitionString` and `DefinitionS3Location` fields.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "DefinitionSubstitutions", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the flow.", + "title": "Description", + "type": "string" }, "ExecutionRoleArn": { - "markdownDescription": "The role passed for action execution and reversion. Roles and actions must be in the same account.", + "markdownDescription": "The Amazon Resource Name (ARN) of the service role with permissions to create a flow. For more information, see [Create a service row for flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-permissions.html) in the Amazon Bedrock User Guide.", "title": "ExecutionRoleArn", "type": "string" }, - "NotificationType": { - "markdownDescription": "The type of a notification.", - "title": "NotificationType", + "Name": { + "markdownDescription": "The name of the flow.", + "title": "Name", "type": "string" }, - "Subscribers": { - "items": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Subscriber" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of subscribers.", - "title": "Subscribers", - "type": "array" + "title": "Tags", + "type": "object" + }, + "TestAliasTags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TestAliasTags", + "type": "object" } }, "required": [ - "ActionThreshold", - "ActionType", - "BudgetName", - "Definition", "ExecutionRoleArn", - "NotificationType", - "Subscribers" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Budgets::BudgetsAction" + "AWS::Bedrock::Flow" ], "type": "string" }, @@ -31202,1167 +35983,951 @@ ], "type": "object" }, - "AWS::Budgets::BudgetsAction.ActionThreshold": { + "AWS::Bedrock::Flow.AgentFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of threshold for a notification.", - "title": "Type", + "AgentAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias of the agent to invoke.", + "title": "AgentAliasArn", "type": "string" - }, - "Value": { - "markdownDescription": "The threshold of a notification.", - "title": "Value", - "type": "number" } }, "required": [ - "Type", - "Value" + "AgentAliasArn" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.Definition": { + "AWS::Bedrock::Flow.ConditionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "IamActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.IamActionDefinition", - "markdownDescription": "The AWS Identity and Access Management ( IAM ) action definition details.", - "title": "IamActionDefinition" - }, - "ScpActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ScpActionDefinition", - "markdownDescription": "The service control policies (SCP) action definition details.", - "title": "ScpActionDefinition" + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowCondition" + }, + "markdownDescription": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition.", + "title": "Conditions", + "type": "array" + } + }, + "required": [ + "Conditions" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FieldForReranking": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the metadata field to be used during the reranking process.", + "title": "FieldName", + "type": "string" + } + }, + "required": [ + "FieldName" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FlowCondition": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", + "title": "Expression", + "type": "string" }, - "SsmActionDefinition": { - "$ref": "#/definitions/AWS::Budgets::BudgetsAction.SsmActionDefinition", - "markdownDescription": "The Amazon EC2 Systems Manager ( SSM ) action definition details.", - "title": "SsmActionDefinition" + "Name": { + "markdownDescription": "A name for the condition that you can reference.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Budgets::BudgetsAction.IamActionDefinition": { + "AWS::Bedrock::Flow.FlowConditionalConnectionConfiguration": { "additionalProperties": false, "properties": { - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of groups to be attached. There must be at least one group.", - "title": "Groups", - "type": "array" + "Condition": { + "markdownDescription": "The condition that triggers this connection. For more information about how to write conditions, see the *Condition* node type in the [Node types](https://docs.aws.amazon.com/bedrock/latest/userguide/node-types.html) topic in the Amazon Bedrock User Guide.", + "title": "Condition", + "type": "string" + } + }, + "required": [ + "Condition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.FlowConnection": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConnectionConfiguration", + "markdownDescription": "The configuration of the connection.", + "title": "Configuration" }, - "PolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the policy to be attached.", - "title": "PolicyArn", + "Name": { + "markdownDescription": "A name for the connection that you can reference.", + "title": "Name", "type": "string" }, - "Roles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of roles to be attached. There must be at least one role.", - "title": "Roles", - "type": "array" + "Source": { + "markdownDescription": "The node that the connection starts at.", + "title": "Source", + "type": "string" }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of users to be attached. There must be at least one user.", - "title": "Users", - "type": "array" + "Target": { + "markdownDescription": "The node that the connection ends at.", + "title": "Target", + "type": "string" + }, + "Type": { + "markdownDescription": "Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` ).", + "title": "Type", + "type": "string" } }, "required": [ - "PolicyArn" + "Name", + "Source", + "Target", + "Type" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.ScpActionDefinition": { + "AWS::Bedrock::Flow.FlowConnectionConfiguration": { "additionalProperties": false, "properties": { - "PolicyId": { - "markdownDescription": "The policy ID attached.", - "title": "PolicyId", + "Conditional": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConditionalConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a Condition node.", + "title": "Conditional" + }, + "Data": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDataConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a node that isn't a Condition node.", + "title": "Data" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.FlowDataConnectionConfiguration": { + "additionalProperties": false, + "properties": { + "SourceOutput": { + "markdownDescription": "The name of the output in the source node that the connection begins from.", + "title": "SourceOutput", "type": "string" }, - "TargetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of target IDs.", - "title": "TargetIds", - "type": "array" + "TargetInput": { + "markdownDescription": "The name of the input in the target node that the connection ends at.", + "title": "TargetInput", + "type": "string" } }, "required": [ - "PolicyId", - "TargetIds" + "SourceOutput", + "TargetInput" ], "type": "object" }, - "AWS::Budgets::BudgetsAction.SsmActionDefinition": { + "AWS::Bedrock::Flow.FlowDefinition": { "additionalProperties": false, "properties": { - "InstanceIds": { + "Connections": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowConnection" }, - "markdownDescription": "The EC2 and RDS instance IDs.", - "title": "InstanceIds", + "markdownDescription": "An array of connection definitions in the flow.", + "title": "Connections", "type": "array" }, - "Region": { - "markdownDescription": "The Region to run the ( SSM ) document.", - "title": "Region", - "type": "string" - }, - "Subtype": { - "markdownDescription": "The action subType.", - "title": "Subtype", - "type": "string" + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNode" + }, + "markdownDescription": "An array of node definitions in the flow.", + "title": "Nodes", + "type": "array" } }, - "required": [ - "InstanceIds", - "Region", - "Subtype" - ], "type": "object" }, - "AWS::Budgets::BudgetsAction.Subscriber": { + "AWS::Bedrock::Flow.FlowNode": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", - "title": "Address", + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeConfiguration", + "markdownDescription": "Contains configurations for the node.", + "title": "Configuration" + }, + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeInput" + }, + "markdownDescription": "An array of objects, each of which contains information about an input into the node.", + "title": "Inputs", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the node.", + "title": "Name", "type": "string" }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowNodeOutput" + }, + "markdownDescription": "A list of objects, each of which contains information about an output from the node.", + "title": "Outputs", + "type": "array" + }, "Type": { - "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "markdownDescription": "The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field.", "title": "Type", "type": "string" } }, "required": [ - "Address", + "Name", "Type" ], "type": "object" }, - "AWS::CE::AnomalyMonitor": { + "AWS::Bedrock::Flow.FlowNodeConfiguration": { "additionalProperties": false, "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::Flow.AgentFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an agent node in your flow. Invokes an alias of an agent and returns the response.", + "title": "Agent" + }, + "Collector": { + "markdownDescription": "Contains configurations for a collector node in your flow. Collects an iteration of inputs and consolidates them into an array of outputs.", + "title": "Collector", + "type": "object" + }, "Condition": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Flow.ConditionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a condition node in your flow. Defines conditions that lead to different branches of the flow.", + "title": "Condition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "InlineCode": { + "$ref": "#/definitions/AWS::Bedrock::Flow.InlineCodeFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an inline code node in your flow. Inline code nodes let you write and execute code directly within your flow, enabling data transformations, custom logic, and integrations without needing an external Lambda function.", + "title": "InlineCode" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Input": { + "markdownDescription": "Contains configurations for an input flow node in your flow. The first node in the flow. `inputs` can't be specified for this node.", + "title": "Input", + "type": "object" }, - "Metadata": { + "Iterator": { + "markdownDescription": "Contains configurations for an iterator node in your flow. Takes an input that is an array and iteratively sends each item of the array as an output to the following node. The size of the array is also returned in the output.\n\nThe output flow node at the end of the flow iteration will return a response for each member of the array. To return only one response, you can include a collector node downstream from the iterator node.", + "title": "Iterator", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MonitorDimension": { - "markdownDescription": "The dimensions to evaluate.", - "title": "MonitorDimension", - "type": "string" - }, - "MonitorName": { - "markdownDescription": "The name of the monitor.", - "title": "MonitorName", - "type": "string" - }, - "MonitorSpecification": { - "markdownDescription": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page.", - "title": "MonitorSpecification", - "type": "string" - }, - "MonitorType": { - "markdownDescription": "The possible type values.", - "title": "MonitorType", - "type": "string" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalyMonitor.ResourceTag" - }, - "markdownDescription": "", - "title": "ResourceTags", - "type": "array" - } - }, - "required": [ - "MonitorName", - "MonitorType" - ], + "KnowledgeBase": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBaseFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a knowledge base node in your flow. Queries a knowledge base and returns the retrieved results or generated response.", + "title": "KnowledgeBase" + }, + "LambdaFunction": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LambdaFunctionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lambda function node in your flow. Invokes an AWS Lambda function.", + "title": "LambdaFunction" + }, + "Lex": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LexFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lex node in your flow. Invokes an Amazon Lex bot to identify the intent of the input and return the intent as the output.", + "title": "Lex" + }, + "Loop": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LoopFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a DoWhile loop in your flow.", + "title": "Loop" + }, + "LoopController": { + "$ref": "#/definitions/AWS::Bedrock::Flow.LoopControllerFlowNodeConfiguration", + "markdownDescription": "Contains controller node configurations for a DoWhile loop in your flow.", + "title": "LoopController" + }, + "LoopInput": { + "markdownDescription": "Contains input node configurations for a DoWhile loop in your flow.", + "title": "LoopInput", "type": "object" }, - "Type": { - "enum": [ - "AWS::CE::AnomalyMonitor" - ], + "Output": { + "markdownDescription": "Contains configurations for an output flow node in your flow. The last node in the flow. `outputs` can't be specified for this node.", + "title": "Output", + "type": "object" + }, + "Prompt": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a prompt node in your flow. Runs a prompt and generates the model response as the output. You can use a prompt from Prompt management or you can configure one in this node.", + "title": "Prompt" + }, + "Retrieval": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a retrieval node in your flow. Retrieves data from an Amazon S3 location and returns it as the output.", + "title": "Retrieval" + }, + "Storage": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a storage node in your flow. Stores an input in an Amazon S3 location.", + "title": "Storage" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.FlowNodeInput": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "Specifies how input data flows between iterations in a DoWhile loop.\n\n- `LoopCondition` - Controls whether the loop continues by evaluating condition expressions against the input data. Use this category to define the condition that determines if the loop should continue.\n- `ReturnValueToLoopStart` - Defines data to pass back to the start of the loop's next iteration. Use this category for variables that you want to update for each loop iteration.\n- `ExitLoop` - Defines the value that's available once the loop ends. Use this category to expose loop results to nodes outside the loop.", + "title": "Category", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expression": { + "markdownDescription": "An expression that formats the input for the node. For an explanation of how to create expressions, see [Expressions in Prompt flows in Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-expressions.html) .", + "title": "Expression", + "type": "string" + }, + "Name": { + "markdownDescription": "Specifies a name for the input that you can reference.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expression", + "Name", + "Type" ], "type": "object" }, - "AWS::CE::AnomalyMonitor.ResourceTag": { + "AWS::Bedrock::Flow.FlowNodeOutput": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that's associated with the tag.", - "title": "Key", + "Name": { + "markdownDescription": "A name for the output that you can reference.", + "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "The value that's associated with the tag.", - "title": "Value", + "Type": { + "markdownDescription": "The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Key", - "Value" + "Name", + "Type" ], "type": "object" }, - "AWS::CE::AnomalySubscription": { + "AWS::Bedrock::Flow.FlowValidation": { "additionalProperties": false, "properties": { - "Condition": { + "Message": { + "markdownDescription": "A message describing the validation error.", + "title": "Message", + "type": "string" + } + }, + "required": [ + "Message" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.InlineCodeFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The code that's executed in your inline code node. The code can access input data from previous nodes in the flow, perform operations on that data, and produce output that can be used by other nodes in your flow.\n\nThe code must be valid in the programming `language` that you specify.", + "title": "Code", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Frequency": { - "markdownDescription": "The frequency that anomaly notifications are sent. Notifications are sent either over email (for DAILY and WEEKLY frequencies) or SNS (for IMMEDIATE frequency). For more information, see [Creating an Amazon SNS topic for anomaly notifications](https://docs.aws.amazon.com/cost-management/latest/userguide/ad-SNS.html) .", - "title": "Frequency", - "type": "string" - }, - "MonitorArnList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cost anomaly monitors.", - "title": "MonitorArnList", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalySubscription.ResourceTag" - }, - "markdownDescription": "", - "title": "ResourceTags", - "type": "array" - }, - "Subscribers": { - "items": { - "$ref": "#/definitions/AWS::CE::AnomalySubscription.Subscriber" - }, - "markdownDescription": "A list of subscribers to notify.", - "title": "Subscribers", - "type": "array" - }, - "SubscriptionName": { - "markdownDescription": "The name for the subscription.", - "title": "SubscriptionName", - "type": "string" - }, - "Threshold": { - "markdownDescription": "(deprecated)\n\nAn absolute dollar value that must be exceeded by the anomaly's total impact (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details) for an anomaly notification to be generated.\n\nThis field has been deprecated. To specify a threshold, use ThresholdExpression. Continued use of Threshold will be treated as shorthand syntax for a ThresholdExpression.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.", - "title": "Threshold", - "type": "number" - }, - "ThresholdExpression": { - "markdownDescription": "An [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object in JSON string format used to specify the anomalies that you want to generate alerts for. This supports dimensions and nested expressions. The supported dimensions are `ANOMALY_TOTAL_IMPACT_ABSOLUTE` and `ANOMALY_TOTAL_IMPACT_PERCENTAGE` , corresponding to an anomaly\u2019s TotalImpact and TotalImpactPercentage, respectively (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details). The supported nested expression types are `AND` and `OR` . The match option `GREATER_THAN_OR_EQUAL` is required. Values must be numbers between 0 and 10,000,000,000 in string format.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.\n\nFor further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalysubscription.html#aws-resource-ce-anomalysubscription--examples) section of this page.", - "title": "ThresholdExpression", - "type": "string" - } - }, - "required": [ - "Frequency", - "MonitorArnList", - "Subscribers", - "SubscriptionName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CE::AnomalySubscription" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Language": { + "markdownDescription": "The programming language used by your inline code node.\n\nThe code must be valid in the programming `language` that you specify. Currently, only Python 3 ( `Python_3` ) is supported.", + "title": "Language", "type": "string" } }, "required": [ - "Type", - "Properties" + "Code", + "Language" ], "type": "object" }, - "AWS::CE::AnomalySubscription.ResourceTag": { + "AWS::Bedrock::Flow.KnowledgeBaseFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that's associated with the tag.", - "title": "Key", + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply during query and response generation for the knowledge base in this configuration.", + "title": "GuardrailConfiguration" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to query.", + "title": "KnowledgeBaseId", "type": "string" }, - "Value": { - "markdownDescription": "The value that's associated with the tag.", - "title": "Value", + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to use to generate a response from the query results. Omit this field if you want to return the retrieved results as an array.", + "title": "ModelId", "type": "string" + }, + "NumberOfResults": { + "markdownDescription": "The number of results to retrieve from the knowledge base.", + "title": "NumberOfResults", + "type": "number" + }, + "OrchestrationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBaseOrchestrationConfiguration", + "markdownDescription": "The configuration for orchestrating the retrieval and generation process in the knowledge base node.", + "title": "OrchestrationConfiguration" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template to use with the knowledge base for generating responses.", + "title": "PromptTemplate" + }, + "RerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchRerankingConfiguration", + "markdownDescription": "The configuration for reranking the retrieved results from the knowledge base to improve relevance.", + "title": "RerankingConfiguration" } }, "required": [ - "Key", - "Value" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::CE::AnomalySubscription.Subscriber": { + "AWS::Bedrock::Flow.KnowledgeBaseOrchestrationConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` .", - "title": "Address", - "type": "string" + "AdditionalModelRequestFields": { + "markdownDescription": "The additional model-specific request parameters as key-value pairs to be included in the request to the foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" }, - "Status": { - "markdownDescription": "Indicates if the subscriber accepts the notifications.", - "title": "Status", - "type": "string" + "InferenceConfig": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfig" }, - "Type": { - "markdownDescription": "The notification delivery channel.", - "title": "Type", + "PerformanceConfig": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PerformanceConfiguration", + "markdownDescription": "The performance configuration options for the knowledge base retrieval and generation process.", + "title": "PerformanceConfig" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::Flow.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template for orchestrating the retrieval and generation process.", + "title": "PromptTemplate" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.KnowledgeBasePromptTemplate": { + "additionalProperties": false, + "properties": { + "TextPromptTemplate": { + "markdownDescription": "The text of the prompt template.", + "title": "TextPromptTemplate", "type": "string" } }, "required": [ - "Address", - "Type" + "TextPromptTemplate" ], "type": "object" }, - "AWS::CE::CostCategory": { + "AWS::Bedrock::Flow.LambdaFunctionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to invoke.", + "title": "LambdaArn", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value for the cost category.", - "title": "DefaultValue", - "type": "string" - }, - "Name": { - "markdownDescription": "The unique name of the Cost Category.", - "title": "Name", - "type": "string" - }, - "RuleVersion": { - "markdownDescription": "The rule schema version in this particular Cost Category.", - "title": "RuleVersion", - "type": "string" - }, - "Rules": { - "markdownDescription": "The array of CostCategoryRule in JSON array format.\n\n> Rules are processed in order. If there are multiple rules that match the line item, then the first rule to match is used to determine that Cost Category value.", - "title": "Rules", - "type": "string" - }, - "SplitChargeRules": { - "markdownDescription": "The split charge rules that are used to allocate your charges between your Cost Category values.", - "title": "SplitChargeRules", - "type": "string" - } - }, - "required": [ - "Name", - "RuleVersion", - "Rules" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CE::CostCategory" - ], + } + }, + "required": [ + "LambdaArn" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.LexFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "BotAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Lex bot alias to invoke.", + "title": "BotAliasArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocaleId": { + "markdownDescription": "The Region to invoke the Amazon Lex bot in.", + "title": "LocaleId", "type": "string" } }, "required": [ - "Type", - "Properties" + "BotAliasArn", + "LocaleId" ], "type": "object" }, - "AWS::CUR::ReportDefinition": { + "AWS::Bedrock::Flow.LoopControllerFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ContinueCondition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowCondition", + "markdownDescription": "Specifies the condition that determines when the flow exits the DoWhile loop. The loop executes until this condition evaluates to true.", + "title": "ContinueCondition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MaxIterations": { + "markdownDescription": "Specifies the maximum number of times the DoWhile loop can iterate before the flow exits the loop.", + "title": "MaxIterations", + "type": "number" + } + }, + "required": [ + "ContinueCondition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.LoopFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FlowDefinition", + "markdownDescription": "The definition of the DoWhile loop nodes and connections between nodes in the flow.", + "title": "Definition" + } + }, + "required": [ + "Definition" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.MetadataConfigurationForReranking": { + "additionalProperties": false, + "properties": { + "SelectionMode": { + "markdownDescription": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "title": "SelectionMode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalArtifacts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of manifests that you want AWS to create for this report.", - "title": "AdditionalArtifacts", - "type": "array" - }, - "AdditionalSchemaElements": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of strings that indicate additional content that AWS includes in the report, such as individual resource IDs.", - "title": "AdditionalSchemaElements", - "type": "array" - }, - "BillingViewArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the billing view. You can get this value by using the billing view service public APIs.", - "title": "BillingViewArn", - "type": "string" - }, - "Compression": { - "markdownDescription": "The compression format that Amazon Web Services uses for the report.", - "title": "Compression", - "type": "string" - }, - "Format": { - "markdownDescription": "The format that Amazon Web Services saves the report in.", - "title": "Format", - "type": "string" - }, - "RefreshClosedReports": { - "markdownDescription": "Whether you want AWS to update your reports after they have been finalized if AWS detects charges related to previous months. These charges can include refunds, credits, or support fees.", - "title": "RefreshClosedReports", - "type": "boolean" - }, - "ReportName": { - "markdownDescription": "The name of the report that you want to create. The name must be unique, is case sensitive, and can't include spaces.", - "title": "ReportName", - "type": "string" - }, - "ReportVersioning": { - "markdownDescription": "Whether you want AWS to overwrite the previous version of each report or to deliver the report in addition to the previous versions.", - "title": "ReportVersioning", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The S3 bucket where Amazon Web Services delivers the report.", - "title": "S3Bucket", - "type": "string" - }, - "S3Prefix": { - "markdownDescription": "The prefix that Amazon Web Services adds to the report name when Amazon Web Services delivers the report. Your prefix can't include spaces.", - "title": "S3Prefix", - "type": "string" - }, - "S3Region": { - "markdownDescription": "The Region of the S3 bucket that Amazon Web Services delivers the report into.", - "title": "S3Region", - "type": "string" - }, - "TimeUnit": { - "markdownDescription": "The granularity of the line items in the report.", - "title": "TimeUnit", - "type": "string" - } - }, - "required": [ - "Compression", - "Format", - "RefreshClosedReports", - "ReportName", - "ReportVersioning", - "S3Bucket", - "S3Prefix", - "S3Region", - "TimeUnit" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CUR::ReportDefinition" - ], + "SelectiveModeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RerankingMetadataSelectiveModeConfiguration", + "markdownDescription": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE.", + "title": "SelectiveModeConfiguration" + } + }, + "required": [ + "SelectionMode" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.PerformanceConfiguration": { + "additionalProperties": false, + "properties": { + "Latency": { + "markdownDescription": "To use a latency-optimized version of the model, set to `optimized` .", + "title": "Latency", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply to the prompt in this node and the response generated from it.", + "title": "GuardrailConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeSourceConfiguration", + "markdownDescription": "Specifies whether the prompt is from Prompt management or defined inline.", + "title": "SourceConfiguration" } }, "required": [ - "Type", - "Properties" + "SourceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Keyspace": { + "AWS::Bedrock::Flow.PromptFlowNodeInlineConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to run inference with.", + "title": "ModelId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "KeyspaceName": { - "markdownDescription": "The name of the keyspace to be created. The keyspace name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the keyspace name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n*Length constraints:* Minimum length of 1. Maximum length of 48.", - "title": "KeyspaceName", - "type": "string" - }, - "ReplicationSpecification": { - "$ref": "#/definitions/AWS::Cassandra::Keyspace.ReplicationSpecification", - "markdownDescription": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in.", - "title": "ReplicationSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cassandra::Keyspace" - ], - "type": "string" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptTemplateConfiguration", + "markdownDescription": "Contains a prompt and variables in the prompt that can be replaced with values at runtime.", + "title": "TemplateConfiguration" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TemplateType": { + "markdownDescription": "The type of prompt template.", + "title": "TemplateType", "type": "string" } }, "required": [ - "Type" + "ModelId", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::Cassandra::Keyspace.ReplicationSpecification": { + "AWS::Bedrock::Flow.PromptFlowNodeResourceConfiguration": { "additionalProperties": false, "properties": { - "RegionList": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", - "title": "RegionList", - "type": "array" - }, - "ReplicationStrategy": { - "markdownDescription": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required.", - "title": "ReplicationStrategy", + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the prompt from Prompt management.", + "title": "PromptArn", "type": "string" } }, + "required": [ + "PromptArn" + ], "type": "object" }, - "AWS::Cassandra::Table": { + "AWS::Bedrock::Flow.PromptFlowNodeSourceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoScalingSpecifications": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSpecification", - "markdownDescription": "The optional auto scaling capacity settings for a table in provisioned capacity mode.", - "title": "AutoScalingSpecifications" - }, - "BillingMode": { - "$ref": "#/definitions/AWS::Cassandra::Table.BillingMode", - "markdownDescription": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode.", - "title": "BillingMode" - }, - "ClientSideTimestampsEnabled": { - "markdownDescription": "Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option:\n\n- `status: \"enabled\"`\n\nAfter client-side timestamps are enabled for a table, you can't disable this setting.", - "title": "ClientSideTimestampsEnabled", - "type": "boolean" - }, - "ClusteringKeyColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.ClusteringKeyColumn" - }, - "markdownDescription": "One or more columns that determine how the table data is sorted.", - "title": "ClusteringKeyColumns", - "type": "array" - }, - "DefaultTimeToLive": { - "markdownDescription": "The default Time To Live (TTL) value for all rows in a table in seconds. The maximum configurable value is 630,720,000 seconds, which is the equivalent of 20 years. By default, the TTL value for a table is 0, which means data does not expire.\n\nFor more information, see [Setting the default TTL value for a table](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl) in the *Amazon Keyspaces Developer Guide* .", - "title": "DefaultTimeToLive", - "type": "number" - }, - "EncryptionSpecification": { - "$ref": "#/definitions/AWS::Cassandra::Table.EncryptionSpecification", - "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n> If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "EncryptionSpecification" - }, - "KeyspaceName": { - "markdownDescription": "The name of the keyspace to create the table in. The keyspace must already exist.", - "title": "KeyspaceName", - "type": "string" - }, - "PartitionKeyColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column" - }, - "markdownDescription": "One or more columns that uniquely identify every row in the table. Every table must have a partition key.", - "title": "PartitionKeyColumns", - "type": "array" - }, - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Specifies if point-in-time recovery is enabled or disabled for the table. The options are `PointInTimeRecoveryEnabled=true` and `PointInTimeRecoveryEnabled=false` . If not specified, the default is `PointInTimeRecoveryEnabled=false` .", - "title": "PointInTimeRecoveryEnabled", - "type": "boolean" - }, - "RegularColumns": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column" - }, - "markdownDescription": "One or more columns that are not part of the primary key - that is, columns that are *not* defined as partition key columns or clustering key columns.\n\nYou can add regular columns to existing tables by adding them to the template.", - "title": "RegularColumns", - "type": "array" - }, - "ReplicaSpecifications": { - "items": { - "$ref": "#/definitions/AWS::Cassandra::Table.ReplicaSpecification" - }, - "markdownDescription": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)", - "title": "ReplicaSpecifications", - "type": "array" - }, - "TableName": { - "markdownDescription": "The name of the table to be created. The table name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacing this resource. You can perform updates that require no interruption or some interruption. If you must replace the resource, specify a new name. \n\n*Length constraints:* Minimum length of 3. Maximum length of 255.\n\n*Pattern:* `^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$`", - "title": "TableName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "KeyspaceName", - "PartitionKeyColumns" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cassandra::Table" - ], - "type": "string" + "Inline": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeInlineConfiguration", + "markdownDescription": "Contains configurations for a prompt that is defined inline", + "title": "Inline" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Resource": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptFlowNodeResourceConfiguration", + "markdownDescription": "Contains configurations for a prompt from Prompt management.", + "title": "Resource" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" } }, "required": [ - "Type", - "Properties" + "Text" ], "type": "object" }, - "AWS::Cassandra::Table.AutoScalingSetting": { + "AWS::Bedrock::Flow.PromptInputVariable": { "additionalProperties": false, "properties": { - "AutoScalingDisabled": { - "markdownDescription": "This optional parameter enables auto scaling for the table if set to `false` .", - "title": "AutoScalingDisabled", - "type": "boolean" - }, - "MaximumUnits": { - "markdownDescription": "Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", - "title": "MaximumUnits", + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", "type": "number" }, - "MinimumUnits": { - "markdownDescription": "The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", - "title": "MinimumUnits", + "StopSequences": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" + }, + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", "type": "number" }, - "ScalingPolicy": { - "$ref": "#/definitions/AWS::Cassandra::Table.ScalingPolicy", - "markdownDescription": "Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90.", - "title": "ScalingPolicy" + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" } }, "type": "object" }, - "AWS::Cassandra::Table.AutoScalingSpecification": { + "AWS::Bedrock::Flow.PromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "ReadCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The auto scaling settings for the table's read capacity.", - "title": "ReadCapacityAutoScaling" - }, - "WriteCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The auto scaling settings for the table's write capacity.", - "title": "WriteCapacityAutoScaling" + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Flow.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" } }, + "required": [ + "Text" + ], "type": "object" }, - "AWS::Cassandra::Table.BillingMode": { + "AWS::Bedrock::Flow.RerankingMetadataSelectiveModeConfiguration": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n> If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`", - "title": "Mode", - "type": "string" + "FieldsToExclude": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FieldForReranking" + }, + "markdownDescription": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "title": "FieldsToExclude", + "type": "array" }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::Cassandra::Table.ProvisionedThroughput", - "markdownDescription": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* .", - "title": "ProvisionedThroughput" + "FieldsToInclude": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.FieldForReranking" + }, + "markdownDescription": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude.", + "title": "FieldsToInclude", + "type": "array" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::Cassandra::Table.ClusteringKeyColumn": { + "AWS::Bedrock::Flow.RetrievalFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::Cassandra::Table.Column", - "markdownDescription": "The name and data type of this clustering key column.", - "title": "Column" - }, - "OrderBy": { - "markdownDescription": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order.", - "title": "OrderBy", - "type": "string" + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for retrieving data to return as the output from the node.", + "title": "ServiceConfiguration" } }, "required": [ - "Column" + "ServiceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Table.Column": { + "AWS::Bedrock::Flow.RetrievalFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* .", - "title": "ColumnName", - "type": "string" - }, - "ColumnType": { - "markdownDescription": "The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* .", - "title": "ColumnType", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket from which to retrieve data.", + "title": "BucketName", "type": "string" } }, "required": [ - "ColumnName", - "ColumnType" + "BucketName" ], "type": "object" }, - "AWS::Cassandra::Table.EncryptionSpecification": { + "AWS::Bedrock::Flow.RetrievalFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - `AWS_OWNED_KMS_KEY`\n- *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY`\n\n> If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required.\n\nValid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` .", - "title": "EncryptionType", + "S3": { + "$ref": "#/definitions/AWS::Bedrock::Flow.RetrievalFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location from which to retrieve data to return as the output from the node.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Bedrock::Flow.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket containing the flow definition.", + "title": "Bucket", "type": "string" }, - "KmsKeyIdentifier": { - "markdownDescription": "Requires a `kms_key_identifier` in the format of a key ARN.", - "title": "KmsKeyIdentifier", + "Key": { + "markdownDescription": "The object key for the S3 location containing the definition.", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "The Amazon S3 location from which to retrieve data for an S3 retrieve node or to which to store data for an S3 storage node.", + "title": "Version", "type": "string" } }, "required": [ - "EncryptionType" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Cassandra::Table.ProvisionedThroughput": { + "AWS::Bedrock::Flow.StorageFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "ReadCapacityUnits": { - "markdownDescription": "The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "ReadCapacityUnits", - "type": "number" - }, - "WriteCapacityUnits": { - "markdownDescription": "The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", - "title": "WriteCapacityUnits", - "type": "number" + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for storing the input into the node.", + "title": "ServiceConfiguration" } }, "required": [ - "ReadCapacityUnits", - "WriteCapacityUnits" + "ServiceConfiguration" ], "type": "object" }, - "AWS::Cassandra::Table.ReplicaSpecification": { + "AWS::Bedrock::Flow.StorageFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "ReadCapacityAutoScaling": { - "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", - "markdownDescription": "The read capacity auto scaling settings for the multi-Region table in the specified AWS Region.", - "title": "ReadCapacityAutoScaling" - }, - "ReadCapacityUnits": { - "markdownDescription": "The provisioned read capacity units for the multi-Region table in the specified AWS Region.", - "title": "ReadCapacityUnits", - "type": "number" - }, - "Region": { - "markdownDescription": "The AWS Region.", - "title": "Region", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket in which to store the input into the node.", + "title": "BucketName", "type": "string" } }, "required": [ - "Region" + "BucketName" ], "type": "object" }, - "AWS::Cassandra::Table.ScalingPolicy": { + "AWS::Bedrock::Flow.StorageFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "TargetTrackingScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration", - "markdownDescription": "The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity.", - "title": "TargetTrackingScalingPolicyConfiguration" + "S3": { + "$ref": "#/definitions/AWS::Bedrock::Flow.StorageFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location in which to store the input into the node.", + "title": "S3" } }, "type": "object" }, - "AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration": { + "AWS::Bedrock::Flow.TextPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "DisableScaleIn": { - "markdownDescription": "Specifies if `scale-in` is enabled.\n\nWhen auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity.", - "title": "DisableScaleIn", - "type": "boolean" + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Flow.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" }, - "ScaleInCooldown": { - "markdownDescription": "Specifies a `scale-in` cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", - "title": "ScaleInCooldown", - "type": "number" + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::Flow.VectorSearchBedrockRerankingConfiguration": { + "additionalProperties": false, + "properties": { + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.MetadataConfigurationForReranking", + "markdownDescription": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "title": "MetadataConfiguration" }, - "ScaleOutCooldown": { - "markdownDescription": "Specifies a scale out cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", - "title": "ScaleOutCooldown", - "type": "number" + "ModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchBedrockRerankingModelConfiguration", + "markdownDescription": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "title": "ModelConfiguration" }, - "TargetValue": { - "markdownDescription": "Specifies the target value for the target tracking auto scaling policy.\n\nAmazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90.", - "title": "TargetValue", + "NumberOfRerankedResults": { + "markdownDescription": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results.", + "title": "NumberOfRerankedResults", "type": "number" } }, "required": [ - "TargetValue" + "ModelConfiguration" ], "type": "object" }, - "AWS::CertificateManager::Account": { + "AWS::Bedrock::Flow.VectorSearchBedrockRerankingModelConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExpiryEventsConfiguration": { - "$ref": "#/definitions/AWS::CertificateManager::Account.ExpiryEventsConfiguration", - "markdownDescription": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.", - "title": "ExpiryEventsConfiguration" - } - }, - "required": [ - "ExpiryEventsConfiguration" - ], + "AdditionalModelRequestFields": { + "markdownDescription": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "title": "AdditionalModelRequestFields", "type": "object" }, - "Type": { - "enum": [ - "AWS::CertificateManager::Account" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering.", + "title": "ModelArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ModelArn" ], "type": "object" }, - "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { + "AWS::Bedrock::Flow.VectorSearchRerankingConfiguration": { "additionalProperties": false, "properties": { - "DaysBeforeExpiry": { - "markdownDescription": "This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration.", - "title": "DaysBeforeExpiry", - "type": "number" + "BedrockRerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Flow.VectorSearchBedrockRerankingConfiguration", + "markdownDescription": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "title": "BedrockRerankingConfiguration" + }, + "Type": { + "markdownDescription": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CertificateManager::Certificate": { + "AWS::Bedrock::FlowAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -32397,64 +36962,56 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", - "title": "CertificateAuthorityArn", - "type": "string" + "ConcurrencyConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowAlias.FlowAliasConcurrencyConfiguration", + "markdownDescription": "The configuration that specifies how nodes in the flow are executed concurrently.", + "title": "ConcurrencyConfiguration" }, - "CertificateTransparencyLoggingPreference": { - "markdownDescription": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", - "title": "CertificateTransparencyLoggingPreference", + "Description": { + "markdownDescription": "A description of the alias.", + "title": "Description", "type": "string" }, - "DomainName": { - "markdownDescription": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", - "title": "DomainName", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias.", + "title": "FlowArn", "type": "string" }, - "DomainValidationOptions": { - "items": { - "$ref": "#/definitions/AWS::CertificateManager::Certificate.DomainValidationOption" - }, - "markdownDescription": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", - "title": "DomainValidationOptions", - "type": "array" - }, - "KeyAlgorithm": { - "markdownDescription": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", - "title": "KeyAlgorithm", + "Name": { + "markdownDescription": "The name of the alias.", + "title": "Name", "type": "string" }, - "SubjectAlternativeNames": { + "RoutingConfiguration": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowAlias.FlowAliasRoutingConfigurationListItem" }, - "markdownDescription": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", - "title": "SubjectAlternativeNames", + "markdownDescription": "A list of configurations about the versions that the alias maps to. Currently, you can only specify one.", + "title": "RoutingConfiguration", "type": "array" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Key-value pairs that can identify the certificate.", "title": "Tags", - "type": "array" - }, - "ValidationMethod": { - "markdownDescription": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation.", - "title": "ValidationMethod", - "type": "string" + "type": "object" } }, "required": [ - "DomainName" + "FlowArn", + "Name", + "RoutingConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::CertificateManager::Certificate" + "AWS::Bedrock::FlowAlias" ], "type": "string" }, @@ -32473,31 +37030,37 @@ ], "type": "object" }, - "AWS::CertificateManager::Certificate.DomainValidationOption": { + "AWS::Bedrock::FlowAlias.FlowAliasConcurrencyConfiguration": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "A fully qualified domain name (FQDN) in the certificate request.", - "title": "DomainName", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The `HostedZoneId` option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record. Your list of `DomainValidationOptions` must contain one and only one of the domain-validation options, and the `HostedZoneId` can be used only when `DNS` is specified as your validation method.\n\nUse the Route 53 `ListHostedZones` API to discover IDs for available hosted zones.\n\nThis option is required for publicly trusted certificates.\n\n> The `ListHostedZones` API returns IDs in the format \"/hostedzone/Z111111QQQQQQQ\", but CloudFormation requires the IDs to be in the format \"Z111111QQQQQQQ\". \n\nWhen you change your `DomainValidationOptions` , a new resource is created.", - "title": "HostedZoneId", - "type": "string" + "MaxConcurrency": { + "markdownDescription": "The maximum number of nodes that can be executed concurrently in the flow.", + "title": "MaxConcurrency", + "type": "number" }, - "ValidationDomain": { - "markdownDescription": "The domain name to which you want ACM to send validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `DomainName` value or a superdomain of the `DomainName` value. For example, if you request a certificate for `testing.example.com` , you can specify `example.com` as this value. In that case, ACM sends domain validation emails to the following five addresses:\n\n- admin@example.com\n- administrator@example.com\n- hostmaster@example.com\n- postmaster@example.com\n- webmaster@example.com", - "title": "ValidationDomain", + "Type": { + "markdownDescription": "The type of concurrency to use for parallel node execution. Specify one of the following options:\n\n- `Automatic` - Amazon Bedrock determines which nodes can be executed in parallel based on the flow definition and its dependencies.\n- `Manual` - You specify which nodes can be executed in parallel.", + "title": "Type", "type": "string" } }, "required": [ - "DomainName" + "Type" ], "type": "object" }, - "AWS::Chatbot::MicrosoftTeamsChannelConfiguration": { + "AWS::Bedrock::FlowAlias.FlowAliasRoutingConfigurationListItem": { + "additionalProperties": false, + "properties": { + "FlowVersion": { + "markdownDescription": "The version that the alias maps to.", + "title": "FlowVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -32532,70 +37095,25 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigurationName": { - "markdownDescription": "The name of the configuration.", - "title": "ConfigurationName", - "type": "string" - }, - "GuardrailPolicies": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", - "title": "GuardrailPolicies", - "type": "array" - }, - "IamRoleArn": { - "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", - "title": "IamRoleArn", - "type": "string" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", - "title": "LoggingLevel", - "type": "string" - }, - "SnsTopicArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", - "title": "SnsTopicArns", - "type": "array" - }, - "TeamId": { - "markdownDescription": "The ID of the Microsoft Team authorized with .\n\nTo get the team ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the team ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", - "title": "TeamId", - "type": "string" - }, - "TeamsChannelId": { - "markdownDescription": "The ID of the Microsoft Teams channel.\n\nTo get the channel ID, open Microsoft Teams, right click on the channel name in the left pane, then choose *Copy* . An example of the channel ID syntax is: `19%3ab6ef35dc342d56ba5654e6fc6d25a071%40thread.tacv2` .", - "title": "TeamsChannelId", + "Description": { + "markdownDescription": "The description of the flow version.", + "title": "Description", "type": "string" }, - "TeamsTenantId": { - "markdownDescription": "The ID of the Microsoft Teams tenant.\n\nTo get the tenant ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the tenant ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", - "title": "TeamsTenantId", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow that the version belongs to.", + "title": "FlowArn", "type": "string" - }, - "UserRoleRequired": { - "markdownDescription": "Enables use of a user role requirement in your chat configuration.", - "title": "UserRoleRequired", - "type": "boolean" } }, "required": [ - "ConfigurationName", - "IamRoleArn", - "TeamId", - "TeamsChannelId", - "TeamsTenantId" + "FlowArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Chatbot::MicrosoftTeamsChannelConfiguration" + "AWS::Bedrock::FlowVersion" ], "type": "string" }, @@ -32614,903 +37132,907 @@ ], "type": "object" }, - "AWS::Chatbot::SlackChannelConfiguration": { + "AWS::Bedrock::FlowVersion.AgentFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AgentAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias of the agent to invoke.", + "title": "AgentAliasArn", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationName": { - "markdownDescription": "The name of the configuration.", - "title": "ConfigurationName", - "type": "string" - }, - "GuardrailPolicies": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", - "title": "GuardrailPolicies", - "type": "array" - }, - "IamRoleArn": { - "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", - "title": "IamRoleArn", - "type": "string" - }, - "LoggingLevel": { - "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", - "title": "LoggingLevel", - "type": "string" - }, - "SlackChannelId": { - "markdownDescription": "The ID of the Slack channel.\n\nTo get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the character string at the end of the URL. For example, `ABCBBLZZZ` .", - "title": "SlackChannelId", - "type": "string" - }, - "SlackWorkspaceId": { - "markdownDescription": "The ID of the Slack workspace authorized with .\n\nTo get the workspace ID, you must perform the initial authorization flow with Slack in the in chat applications console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Slack](https://docs.aws.amazon.com/chatbot/latest/adminguide/slack-setup.html#slack-client-setup) in the *in chat applications User Guide* .", - "title": "SlackWorkspaceId", - "type": "string" - }, - "SnsTopicArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", - "title": "SnsTopicArns", - "type": "array" - }, - "UserRoleRequired": { - "markdownDescription": "Enables use of a user role requirement in your chat configuration.", - "title": "UserRoleRequired", - "type": "boolean" - } + } + }, + "required": [ + "AgentAliasArn" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.ConditionFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowCondition" }, - "required": [ - "ConfigurationName", - "IamRoleArn", - "SlackChannelId", - "SlackWorkspaceId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Chatbot::SlackChannelConfiguration" - ], + "markdownDescription": "An array of conditions. Each member contains the name of a condition and an expression that defines the condition.", + "title": "Conditions", + "type": "array" + } + }, + "required": [ + "Conditions" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FieldForReranking": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the metadata field to be used during the reranking process.", + "title": "FieldName", + "type": "string" + } + }, + "required": [ + "FieldName" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowCondition": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "Defines the condition. You must refer to at least one of the inputs in the condition. For more information, expand the Condition node section in [Node types in prompt flows](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-how-it-works.html#flows-nodes) .", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A name for the condition that you can reference.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate": { + "AWS::Bedrock::FlowVersion.FlowConditionalConnectionConfiguration": { "additionalProperties": false, "properties": { "Condition": { + "markdownDescription": "The condition that triggers this connection. For more information about how to write conditions, see the *Condition* node type in the [Node types](https://docs.aws.amazon.com/bedrock/latest/userguide/node-types.html) topic in the Amazon Bedrock User Guide.", + "title": "Condition", "type": "string" + } + }, + "required": [ + "Condition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowConnection": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConnectionConfiguration", + "markdownDescription": "The configuration of the connection.", + "title": "Configuration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A name for the connection that you can reference.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnalysisParameters": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisParameter" - }, - "markdownDescription": "The parameters of the analysis template.", - "title": "AnalysisParameters", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the analysis template.", - "title": "Description", - "type": "string" - }, - "Format": { - "markdownDescription": "The format of the analysis template.", - "title": "Format", - "type": "string" - }, - "MembershipIdentifier": { - "markdownDescription": "The identifier for a membership resource.", - "title": "MembershipIdentifier", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the analysis template.", - "title": "Name", - "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSource", - "markdownDescription": "The source of the analysis template.", - "title": "Source" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Format", - "MembershipIdentifier", - "Name", - "Source" - ], - "type": "object" + "Source": { + "markdownDescription": "The node that the connection starts at.", + "title": "Source", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CleanRooms::AnalysisTemplate" - ], + "Target": { + "markdownDescription": "The node that the connection ends at.", + "title": "Target", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` ).", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "Source", + "Target", + "Type" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisParameter": { + "AWS::Bedrock::FlowVersion.FlowConnectionConfiguration": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor.", - "title": "DefaultValue", - "type": "string" + "Conditional": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConditionalConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a Condition node.", + "title": "Conditional" }, - "Name": { - "markdownDescription": "The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen.", - "title": "Name", + "Data": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowDataConnectionConfiguration", + "markdownDescription": "The configuration of a connection originating from a node that isn't a Condition node.", + "title": "Data" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowDataConnectionConfiguration": { + "additionalProperties": false, + "properties": { + "SourceOutput": { + "markdownDescription": "The name of the output in the source node that the connection begins from.", + "title": "SourceOutput", "type": "string" }, - "Type": { - "markdownDescription": "The type of parameter.", - "title": "Type", + "TargetInput": { + "markdownDescription": "The name of the input in the target node that the connection ends at.", + "title": "TargetInput", "type": "string" } }, "required": [ - "Name", - "Type" + "SourceOutput", + "TargetInput" ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisSchema": { + "AWS::Bedrock::FlowVersion.FlowDefinition": { "additionalProperties": false, "properties": { - "ReferencedTables": { + "Connections": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowConnection" }, - "markdownDescription": "The tables referenced in the analysis schema.", - "title": "ReferencedTables", + "markdownDescription": "An array of connection definitions in the flow.", + "title": "Connections", + "type": "array" + }, + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNode" + }, + "markdownDescription": "An array of node definitions in the flow.", + "title": "Nodes", "type": "array" } }, - "required": [ - "ReferencedTables" - ], "type": "object" }, - "AWS::CleanRooms::AnalysisTemplate.AnalysisSource": { + "AWS::Bedrock::FlowVersion.FlowNode": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The query text.", - "title": "Text", + "Configuration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeConfiguration", + "markdownDescription": "Contains configurations for the node.", + "title": "Configuration" + }, + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeInput" + }, + "markdownDescription": "An array of objects, each of which contains information about an input into the node.", + "title": "Inputs", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the node.", + "title": "Name", + "type": "string" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowNodeOutput" + }, + "markdownDescription": "A list of objects, each of which contains information about an output from the node.", + "title": "Outputs", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field.", + "title": "Type", "type": "string" } }, "required": [ - "Text" + "Name", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Collaboration": { + "AWS::Bedrock::FlowVersion.FlowNodeConfiguration": { "additionalProperties": false, "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.AgentFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an agent node in your flow. Invokes an alias of an agent and returns the response.", + "title": "Agent" + }, + "Collector": { + "markdownDescription": "Contains configurations for a collector node in your flow. Collects an iteration of inputs and consolidates them into an array of outputs.", + "title": "Collector", + "type": "object" + }, "Condition": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.ConditionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a condition node in your flow. Defines conditions that lead to different branches of the flow.", + "title": "Condition" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "InlineCode": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.InlineCodeFlowNodeConfiguration", + "markdownDescription": "Contains configurations for an inline code node in your flow. Inline code nodes let you write and execute code directly within your flow, enabling data transformations, custom logic, and integrations without needing an external Lambda function.", + "title": "InlineCode" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Input": { + "markdownDescription": "Contains configurations for an input flow node in your flow. The first node in the flow. `inputs` can't be specified for this node.", + "title": "Input", + "type": "object" }, - "Metadata": { + "Iterator": { + "markdownDescription": "Contains configurations for an iterator node in your flow. Takes an input that is an array and iteratively sends each item of the array as an output to the following node. The size of the array is also returned in the output.\n\nThe output flow node at the end of the flow iteration will return a response for each member of the array. To return only one response, you can include a collector node downstream from the iterator node.", + "title": "Iterator", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreatorDisplayName": { - "markdownDescription": "A display name of the collaboration creator.", - "title": "CreatorDisplayName", - "type": "string" - }, - "CreatorMemberAbilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS` | `CAN_RUN_JOB`", - "title": "CreatorMemberAbilities", - "type": "array" - }, - "CreatorPaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", - "markdownDescription": "An object representing the collaboration member's payment responsibilities set by the collaboration creator.", - "title": "CreatorPaymentConfiguration" - }, - "DataEncryptionMetadata": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.DataEncryptionMetadata", - "markdownDescription": "The settings for client-side encryption for cryptographic computing.", - "title": "DataEncryptionMetadata" - }, - "Description": { - "markdownDescription": "A description of the collaboration provided by the collaboration owner.", - "title": "Description", - "type": "string" - }, - "Members": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MemberSpecification" - }, - "markdownDescription": "A list of initial members, not including the creator. This list is immutable.", - "title": "Members", - "type": "array" - }, - "Name": { - "markdownDescription": "A human-readable identifier provided by the collaboration owner. Display names are not unique.", - "title": "Name", - "type": "string" - }, - "QueryLogStatus": { - "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", - "title": "QueryLogStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CreatorDisplayName", - "CreatorMemberAbilities", - "Description", - "Members", - "Name", - "QueryLogStatus" - ], + "KnowledgeBase": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBaseFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a knowledge base node in your flow. Queries a knowledge base and returns the retrieved results or generated response.", + "title": "KnowledgeBase" + }, + "LambdaFunction": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LambdaFunctionFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lambda function node in your flow. Invokes an AWS Lambda function.", + "title": "LambdaFunction" + }, + "Lex": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LexFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a Lex node in your flow. Invokes an Amazon Lex bot to identify the intent of the input and return the intent as the output.", + "title": "Lex" + }, + "Loop": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LoopFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a DoWhile loop in your flow.", + "title": "Loop" + }, + "LoopController": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.LoopControllerFlowNodeConfiguration", + "markdownDescription": "Contains controller node configurations for a DoWhile loop in your flow.", + "title": "LoopController" + }, + "LoopInput": { + "markdownDescription": "Contains input node configurations for a DoWhile loop in your flow.", + "title": "LoopInput", "type": "object" }, - "Type": { - "enum": [ - "AWS::CleanRooms::Collaboration" - ], + "Output": { + "markdownDescription": "Contains configurations for an output flow node in your flow. The last node in the flow. `outputs` can't be specified for this node.", + "title": "Output", + "type": "object" + }, + "Prompt": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a prompt node in your flow. Runs a prompt and generates the model response as the output. You can use a prompt from Prompt management or you can configure one in this node.", + "title": "Prompt" + }, + "Retrieval": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a retrieval node in your flow. Retrieves data from an Amazon S3 location and returns it as the output.", + "title": "Retrieval" + }, + "Storage": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeConfiguration", + "markdownDescription": "Contains configurations for a storage node in your flow. Stores an input in an Amazon S3 location.", + "title": "Storage" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.FlowNodeInput": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "An expression that formats the input for the node. For an explanation of how to create expressions, see [Expressions in Prompt flows in Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-expressions.html) .", + "title": "Expression", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "Specifies a name for the input that you can reference.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expression", + "Name", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.DataEncryptionMetadata": { + "AWS::Bedrock::FlowVersion.FlowNodeOutput": { "additionalProperties": false, "properties": { - "AllowCleartext": { - "markdownDescription": "Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` ).", - "title": "AllowCleartext", - "type": "boolean" + "Name": { + "markdownDescription": "A name for the output that you can reference.", + "title": "Name", + "type": "string" }, - "AllowDuplicates": { - "markdownDescription": "Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` ).", - "title": "AllowDuplicates", - "type": "boolean" + "Type": { + "markdownDescription": "The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.GuardrailConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailIdentifier": { + "markdownDescription": "The identifier for the guardrail.", + "title": "GuardrailIdentifier", + "type": "string" }, - "AllowJoinsOnColumnsWithDifferentNames": { - "markdownDescription": "Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` ).", - "title": "AllowJoinsOnColumnsWithDifferentNames", - "type": "boolean" + "GuardrailVersion": { + "markdownDescription": "The version of the guardrail.", + "title": "GuardrailVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.InlineCodeFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The code that's executed in your inline code node. The code can access input data from previous nodes in the flow, perform operations on that data, and produce output that can be used by other nodes in your flow.\n\nThe code must be valid in the programming `language` that you specify.", + "title": "Code", + "type": "string" }, - "PreserveNulls": { - "markdownDescription": "Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` ).", - "title": "PreserveNulls", - "type": "boolean" + "Language": { + "markdownDescription": "The programming language used by your inline code node.\n\nThe code must be valid in the programming `language` that you specify. Currently, only Python 3 ( `Python_3` ) is supported.", + "title": "Language", + "type": "string" } }, "required": [ - "AllowCleartext", - "AllowDuplicates", - "AllowJoinsOnColumnsWithDifferentNames", - "PreserveNulls" + "Code", + "Language" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.MemberSpecification": { + "AWS::Bedrock::FlowVersion.KnowledgeBaseFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The identifier used to reference members of the collaboration. Currently only supports AWS account ID.", - "title": "AccountId", + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply during query and response generation for the knowledge base in this configuration.", + "title": "GuardrailConfiguration" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "KnowledgeBaseId": { + "markdownDescription": "The unique identifier of the knowledge base to query.", + "title": "KnowledgeBaseId", "type": "string" }, - "DisplayName": { - "markdownDescription": "The member's display name.", - "title": "DisplayName", + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to use to generate a response from the query results. Omit this field if you want to return the retrieved results as an array.", + "title": "ModelId", "type": "string" }, - "MemberAbilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The abilities granted to the collaboration member.\n\n*Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", - "title": "MemberAbilities", - "type": "array" + "NumberOfResults": { + "markdownDescription": "The number of results to retrieve from the knowledge base.", + "title": "NumberOfResults", + "type": "number" }, - "PaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", - "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator.\n\nIf the collaboration creator hasn't speci\ufb01ed anyone as the member paying for query compute costs, then the member who can query is the default payer.", - "title": "PaymentConfiguration" + "OrchestrationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBaseOrchestrationConfiguration", + "markdownDescription": "The configuration for orchestrating the retrieval and generation process in the knowledge base node.", + "title": "OrchestrationConfiguration" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template to use with the knowledge base for generating responses.", + "title": "PromptTemplate" + }, + "RerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchRerankingConfiguration", + "markdownDescription": "The configuration for reranking the retrieved results from the knowledge base to improve relevance.", + "title": "RerankingConfiguration" } }, "required": [ - "AccountId", - "DisplayName", - "MemberAbilities" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.PaymentConfiguration": { + "AWS::Bedrock::FlowVersion.KnowledgeBaseOrchestrationConfiguration": { "additionalProperties": false, "properties": { - "QueryCompute": { - "$ref": "#/definitions/AWS::CleanRooms::Collaboration.QueryComputePaymentConfig", - "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator for query compute costs.", - "title": "QueryCompute" + "AdditionalModelRequestFields": { + "markdownDescription": "The additional model-specific request parameters as key-value pairs to be included in the request to the foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" + }, + "InferenceConfig": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfig" + }, + "PerformanceConfig": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PerformanceConfiguration", + "markdownDescription": "The performance configuration options for the knowledge base retrieval and generation process.", + "title": "PerformanceConfig" + }, + "PromptTemplate": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate", + "markdownDescription": "A custom prompt template for orchestrating the retrieval and generation process.", + "title": "PromptTemplate" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.KnowledgeBasePromptTemplate": { + "additionalProperties": false, + "properties": { + "TextPromptTemplate": { + "markdownDescription": "The text of the prompt template.", + "title": "TextPromptTemplate", + "type": "string" } }, "required": [ - "QueryCompute" + "TextPromptTemplate" ], "type": "object" }, - "AWS::CleanRooms::Collaboration.QueryComputePaymentConfig": { + "AWS::Bedrock::FlowVersion.LambdaFunctionFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "IsResponsible": { - "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", - "title": "IsResponsible", - "type": "boolean" + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to invoke.", + "title": "LambdaArn", + "type": "string" } }, "required": [ - "IsResponsible" + "LambdaArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable": { + "AWS::Bedrock::FlowVersion.LexFlowNodeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "BotAliasArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Lex bot alias to invoke.", + "title": "BotAliasArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocaleId": { + "markdownDescription": "The Region to invoke the Amazon Lex bot in.", + "title": "LocaleId", "type": "string" + } + }, + "required": [ + "BotAliasArn", + "LocaleId" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.LoopControllerFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ContinueCondition": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowCondition", + "markdownDescription": "Specifies the condition that determines when the flow exits the DoWhile loop. The loop executes until this condition evaluates to true.", + "title": "ContinueCondition" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The columns within the underlying AWS Glue table that can be utilized within collaborations.", - "title": "AllowedColumns", - "type": "array" - }, - "AnalysisMethod": { - "markdownDescription": "The analysis method for the configured table.\n\n`DIRECT_QUERY` allows SQL queries to be run directly on this table.\n\n`DIRECT_JOB` allows PySpark jobs to be run directly on this table.\n\n`MULTIPLE` allows both SQL queries and PySpark jobs to be run directly on this table.", - "title": "AnalysisMethod", - "type": "string" - }, - "AnalysisRules": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRule" - }, - "markdownDescription": "The analysis rule that was created for the configured table.", - "title": "AnalysisRules", - "type": "array" - }, - "Description": { - "markdownDescription": "A description for the configured table.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the configured table.", - "title": "Name", - "type": "string" - }, - "TableReference": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.TableReference", - "markdownDescription": "The table that this configured table represents.", - "title": "TableReference" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AllowedColumns", - "AnalysisMethod", - "Name", - "TableReference" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CleanRooms::ConfiguredTable" - ], + "MaxIterations": { + "markdownDescription": "Specifies the maximum number of times the DoWhile loop can iterate before the flow exits the loop.", + "title": "MaxIterations", + "type": "number" + } + }, + "required": [ + "ContinueCondition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.LoopFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FlowDefinition", + "markdownDescription": "The definition of the DoWhile loop nodes and connections between nodes in the flow.", + "title": "Definition" + } + }, + "required": [ + "Definition" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.MetadataConfigurationForReranking": { + "additionalProperties": false, + "properties": { + "SelectionMode": { + "markdownDescription": "The mode for selecting which metadata fields to include in the reranking process. Valid values are ALL (use all available metadata fields) or SELECTIVE (use only specified fields).", + "title": "SelectionMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SelectiveModeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RerankingMetadataSelectiveModeConfiguration", + "markdownDescription": "Configuration for selective mode, which allows you to explicitly include or exclude specific metadata fields during reranking. This is only used when selectionMode is set to SELECTIVE.", + "title": "SelectiveModeConfiguration" } }, "required": [ - "Type", - "Properties" + "SelectionMode" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AggregateColumn": { + "AWS::Bedrock::FlowVersion.PerformanceConfiguration": { "additionalProperties": false, "properties": { - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Column names in configured table of aggregate columns.", - "title": "ColumnNames", - "type": "array" - }, - "Function": { - "markdownDescription": "Aggregation function that can be applied to aggregate column in query.", - "title": "Function", + "Latency": { + "markdownDescription": "To use a latency-optimized version of the model, set to `optimized` .", + "title": "Latency", "type": "string" } }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "GuardrailConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.GuardrailConfiguration", + "markdownDescription": "Contains configurations for a guardrail to apply to the prompt in this node and the response generated from it.", + "title": "GuardrailConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeSourceConfiguration", + "markdownDescription": "Specifies whether the prompt is from Prompt management or defined inline.", + "title": "SourceConfiguration" + } + }, "required": [ - "ColumnNames", - "Function" + "SourceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AggregationConstraint": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeInlineConfiguration": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "Column in aggregation constraint for which there must be a minimum number of distinct values in an output row for it to be in the query output.", - "title": "ColumnName", + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt.", + "title": "InferenceConfiguration" + }, + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) to run inference with.", + "title": "ModelId", "type": "string" }, - "Minimum": { - "markdownDescription": "The minimum number of distinct values that an output row must be an aggregation of. Minimum threshold of distinct values for a specified column that must exist in an output row for it to be in the query output.", - "title": "Minimum", - "type": "number" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptTemplateConfiguration", + "markdownDescription": "Contains a prompt and variables in the prompt that can be replaced with values at runtime.", + "title": "TemplateConfiguration" }, - "Type": { - "markdownDescription": "The type of aggregation the constraint allows. The only valid value is currently `COUNT_DISTINCT`.", - "title": "Type", + "TemplateType": { + "markdownDescription": "The type of prompt template.", + "title": "TemplateType", "type": "string" } }, "required": [ - "ColumnName", - "Minimum", - "Type" + "ModelId", + "TemplateConfiguration", + "TemplateType" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRule": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeResourceConfiguration": { "additionalProperties": false, "properties": { - "Policy": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy", - "markdownDescription": "A policy that describes the associated data usage limitations.", - "title": "Policy" - }, - "Type": { - "markdownDescription": "The type of analysis rule.", - "title": "Type", + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the prompt from Prompt management.", + "title": "PromptArn", "type": "string" } }, "required": [ - "Policy", - "Type" + "PromptArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation": { + "AWS::Bedrock::FlowVersion.PromptFlowNodeSourceConfiguration": { "additionalProperties": false, "properties": { - "AggregateColumns": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregateColumn" - }, - "markdownDescription": "The columns that query runners are allowed to use in aggregation queries.", - "title": "AggregateColumns", - "type": "array" - }, - "AllowedJoinOperators": { - "items": { - "type": "string" - }, - "markdownDescription": "Which logical operators (if any) are to be used in an INNER JOIN match condition. Default is `AND` .", - "title": "AllowedJoinOperators", - "type": "array" + "Inline": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeInlineConfiguration", + "markdownDescription": "Contains configurations for a prompt that is defined inline", + "title": "Inline" }, - "DimensionColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The columns that query runners are allowed to select, group by, or filter by.", - "title": "DimensionColumns", - "type": "array" + "Resource": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptFlowNodeResourceConfiguration", + "markdownDescription": "Contains configurations for a prompt from Prompt management.", + "title": "Resource" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptInputVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" }, - "JoinColumns": { + "StopSequences": { "items": { "type": "string" }, - "markdownDescription": "Columns in configured table that can be used in join statements and/or as aggregate columns. They can never be outputted directly.", - "title": "JoinColumns", + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", "type": "array" }, - "JoinRequired": { - "markdownDescription": "Control that requires member who runs query to do a join with their configured table and/or other configured table in query.", - "title": "JoinRequired", - "type": "string" - }, - "OutputConstraints": { - "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregationConstraint" - }, - "markdownDescription": "Columns that must meet a specific threshold value (after an aggregation function is applied to it) for each output row to be returned.", - "title": "OutputConstraints", - "type": "array" + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" }, - "ScalarFunctions": { - "items": { - "type": "string" - }, - "markdownDescription": "Set of scalar functions that are allowed to be used on dimension columns and the output of aggregation of metrics.", - "title": "ScalarFunctions", - "type": "array" + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" } }, "required": [ - "AggregateColumns", - "DimensionColumns", - "JoinColumns", - "OutputConstraints", - "ScalarFunctions" + "Text" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom": { + "AWS::Bedrock::FlowVersion.RerankingMetadataSelectiveModeConfiguration": { "additionalProperties": false, "properties": { - "AllowedAnalyses": { + "FieldsToExclude": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FieldForReranking" }, - "markdownDescription": "The ARN of the analysis templates that are allowed by the custom analysis rule.", - "title": "AllowedAnalyses", + "markdownDescription": "A list of metadata field names to explicitly exclude from the reranking process. All metadata fields except these will be considered when reordering search results. This parameter cannot be used together with fieldsToInclude.", + "title": "FieldsToExclude", "type": "array" }, - "AllowedAnalysisProviders": { + "FieldsToInclude": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.FieldForReranking" }, - "markdownDescription": "The IDs of the AWS accounts that are allowed to query by the custom analysis rule. Required when `allowedAnalyses` is `ANY_QUERY` .", - "title": "AllowedAnalysisProviders", + "markdownDescription": "A list of metadata field names to explicitly include in the reranking process. Only these fields will be considered when reordering search results. This parameter cannot be used together with fieldsToExclude.", + "title": "FieldsToInclude", "type": "array" - }, - "DifferentialPrivacy": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy", - "markdownDescription": "The differential privacy configuration.", - "title": "DifferentialPrivacy" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for retrieving data to return as the output from the node.", + "title": "ServiceConfiguration" } }, "required": [ - "AllowedAnalyses" + "ServiceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.AnalysisRuleList": { + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "AllowedJoinOperators": { - "items": { - "type": "string" - }, - "markdownDescription": "The logical operators (if any) that are to be used in an INNER JOIN match condition. Default is `AND` .", - "title": "AllowedJoinOperators", - "type": "array" - }, - "JoinColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "Columns that can be used to join a configured table with the table of the member who can query and other members' configured tables.", - "title": "JoinColumns", - "type": "array" - }, - "ListColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "Columns that can be listed in the output.", - "title": "ListColumns", - "type": "array" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket from which to retrieve data.", + "title": "BucketName", + "type": "string" } }, "required": [ - "JoinColumns", - "ListColumns" + "BucketName" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy": { + "AWS::Bedrock::FlowVersion.RetrievalFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "V1": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1", - "markdownDescription": "Controls on the query specifications that can be run on a configured table.", - "title": "V1" + "S3": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.RetrievalFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location from which to retrieve data to return as the output from the node.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.StorageFlowNodeConfiguration": { + "additionalProperties": false, + "properties": { + "ServiceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeServiceConfiguration", + "markdownDescription": "Contains configurations for the service to use for storing the input into the node.", + "title": "ServiceConfiguration" } }, "required": [ - "V1" + "ServiceConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1": { + "AWS::Bedrock::FlowVersion.StorageFlowNodeS3Configuration": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation", - "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", - "title": "Aggregation" - }, - "Custom": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom", - "markdownDescription": "Analysis rule type that enables custom SQL queries on a configured table.", - "title": "Custom" - }, - "List": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleList", - "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", - "title": "List" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket in which to store the input into the node.", + "title": "BucketName", + "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy": { + "AWS::Bedrock::FlowVersion.StorageFlowNodeServiceConfiguration": { "additionalProperties": false, "properties": { - "Columns": { + "S3": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.StorageFlowNodeS3Configuration", + "markdownDescription": "Contains configurations for the Amazon S3 location in which to store the input into the node.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::Bedrock::FlowVersion.TextPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "InputVariables": { "items": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn" + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.PromptInputVariable" }, - "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", - "title": "Columns", + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", "type": "array" + }, + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" } }, "required": [ - "Columns" + "Text" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn": { + "AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", - "title": "Name", - "type": "string" + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.MetadataConfigurationForReranking", + "markdownDescription": "Configuration for how document metadata should be used during the reranking process. This determines which metadata fields are included when reordering search results.", + "title": "MetadataConfiguration" + }, + "ModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingModelConfiguration", + "markdownDescription": "Configuration for the Amazon Bedrock foundation model used for reranking. This includes the model ARN and any additional request fields required by the model.", + "title": "ModelConfiguration" + }, + "NumberOfRerankedResults": { + "markdownDescription": "The maximum number of results to rerank. This limits how many of the initial vector search results will be processed by the reranking model. A smaller number improves performance but may exclude potentially relevant results.", + "title": "NumberOfRerankedResults", + "type": "number" } }, "required": [ - "Name" + "ModelConfiguration" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.GlueTableReference": { + "AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingModelConfiguration": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database the AWS Glue table belongs to.", - "title": "DatabaseName", - "type": "string" + "AdditionalModelRequestFields": { + "markdownDescription": "A list of additional fields to include in the model request during reranking. These fields provide extra context or configuration options specific to the selected foundation model.", + "title": "AdditionalModelRequestFields", + "type": "object" }, - "TableName": { - "markdownDescription": "The name of the AWS Glue table.", - "title": "TableName", + "ModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the foundation model to use for reranking. This model processes the query and search results to determine a more relevant ordering.", + "title": "ModelArn", "type": "string" } }, "required": [ - "DatabaseName", - "TableName" + "ModelArn" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTable.TableReference": { + "AWS::Bedrock::FlowVersion.VectorSearchRerankingConfiguration": { "additionalProperties": false, "properties": { - "Glue": { - "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.GlueTableReference", - "markdownDescription": "If present, a reference to the AWS Glue table referred to by this table reference.", - "title": "Glue" + "BedrockRerankingConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion.VectorSearchBedrockRerankingConfiguration", + "markdownDescription": "Configuration for using Amazon Bedrock foundation models to rerank search results. This is required when the reranking type is set to BEDROCK.", + "title": "BedrockRerankingConfiguration" + }, + "Type": { + "markdownDescription": "The type of reranking to apply to vector search results. Currently, the only supported value is BEDROCK, which uses Amazon Bedrock foundation models for reranking.", + "title": "Type", + "type": "string" } }, "required": [ - "Glue" + "Type" ], "type": "object" }, - "AWS::CleanRooms::ConfiguredTableAssociation": { + "AWS::Bedrock::Guardrail": { "additionalProperties": false, "properties": { "Condition": { @@ -33545,51 +38067,80 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfiguredTableIdentifier": { - "markdownDescription": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.", - "title": "ConfiguredTableIdentifier", + "BlockedInputMessaging": { + "markdownDescription": "The message to return when the guardrail blocks a prompt.", + "title": "BlockedInputMessaging", + "type": "string" + }, + "BlockedOutputsMessaging": { + "markdownDescription": "The message to return when the guardrail blocks a model response.", + "title": "BlockedOutputsMessaging", "type": "string" }, + "ContentPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentPolicyConfig", + "markdownDescription": "The content filter policies to configure for the guardrail.", + "title": "ContentPolicyConfig" + }, + "ContextualGroundingPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContextualGroundingPolicyConfig", + "markdownDescription": "", + "title": "ContextualGroundingPolicyConfig" + }, + "CrossRegionConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.GuardrailCrossRegionConfig", + "markdownDescription": "The system-defined guardrail profile that you're using with your guardrail. Guardrail profiles define the destination AWS Regions where guardrail inference requests can be automatically routed. Using guardrail profiles helps maintain guardrail performance and reliability when demand increases.\n\nFor more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "CrossRegionConfig" + }, "Description": { - "markdownDescription": "A description of the configured table association.", + "markdownDescription": "A description of the guardrail.", "title": "Description", "type": "string" }, - "MembershipIdentifier": { - "markdownDescription": "The unique ID for the membership this configured table association belongs to.", - "title": "MembershipIdentifier", + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", + "title": "KmsKeyArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.", + "markdownDescription": "The name of the guardrail.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The service will assume this role to access catalog metadata and query the table.", - "title": "RoleArn", - "type": "string" + "SensitiveInformationPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig", + "markdownDescription": "The sensitive information policy to configure for the guardrail.", + "title": "SensitiveInformationPolicyConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "markdownDescription": "The tags that you want to attach to the guardrail.", "title": "Tags", "type": "array" + }, + "TopicPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicPolicyConfig", + "markdownDescription": "The topic policies to configure for the guardrail.", + "title": "TopicPolicyConfig" + }, + "WordPolicyConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordPolicyConfig", + "markdownDescription": "The word policy you configure for the guardrail.", + "title": "WordPolicyConfig" } }, "required": [ - "ConfiguredTableIdentifier", - "MembershipIdentifier", - "Name", - "RoleArn" + "BlockedInputMessaging", + "BlockedOutputsMessaging", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CleanRooms::ConfiguredTableAssociation" + "AWS::Bedrock::Guardrail" ], "type": "string" }, @@ -33608,636 +38159,459 @@ ], "type": "object" }, - "AWS::CleanRooms::Membership": { + "AWS::Bedrock::Guardrail.ContentFilterConfig": { "additionalProperties": false, "properties": { - "Condition": { + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "InputModalities": { + "items": { + "type": "string" + }, + "markdownDescription": "The input modalities selected for the guardrail content filter configuration.", + "title": "InputModalities", + "type": "array" + }, + "InputStrength": { + "markdownDescription": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", + "title": "InputStrength", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" }, - "Metadata": { - "type": "object" + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CollaborationIdentifier": { - "markdownDescription": "The unique ID for the associated collaboration.", - "title": "CollaborationIdentifier", - "type": "string" - }, - "DefaultResultConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration", - "markdownDescription": "The default protected query result configuration as specified by the member who can receive results.", - "title": "DefaultResultConfiguration" - }, - "PaymentConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipPaymentConfiguration", - "markdownDescription": "The payment responsibilities accepted by the collaboration member.", - "title": "PaymentConfiguration" - }, - "QueryLogStatus": { - "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the membership.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", - "title": "QueryLogStatus", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } + "OutputModalities": { + "items": { + "type": "string" }, - "required": [ - "CollaborationIdentifier", - "QueryLogStatus" - ], - "type": "object" + "markdownDescription": "The output modalities selected for the guardrail content filter configuration.", + "title": "OutputModalities", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CleanRooms::Membership" - ], + "OutputStrength": { + "markdownDescription": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", + "title": "OutputStrength", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The harmful category that the content filter is applied to.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "InputStrength", + "OutputStrength", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipPaymentConfiguration": { + "AWS::Bedrock::Guardrail.ContentFiltersTierConfig": { "additionalProperties": false, "properties": { - "QueryCompute": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig", - "markdownDescription": "The payment responsibilities accepted by the collaboration member for query compute costs.", - "title": "QueryCompute" + "TierName": { + "markdownDescription": "The tier that your guardrail uses for content filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "TierName", + "type": "string" } }, "required": [ - "QueryCompute" + "TierName" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration": { + "AWS::Bedrock::Guardrail.ContentPolicyConfig": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration", - "markdownDescription": "Required configuration for a protected query with an `s3` output type.", - "title": "S3" + "ContentFiltersTierConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFiltersTierConfig", + "markdownDescription": "The tier that your guardrail uses for content filters. Consider using a tier that balances performance, accuracy, and compatibility with your existing generative AI workflows.", + "title": "ContentFiltersTierConfig" + }, + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFilterConfig" + }, + "markdownDescription": "Contains the type of the content filter and how strongly it should apply to prompts and model responses.", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "S3" + "FiltersConfig" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration": { + "AWS::Bedrock::Guardrail.ContextualGroundingFilterConfig": { "additionalProperties": false, "properties": { - "OutputConfiguration": { - "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration", - "markdownDescription": "Configuration for protected query results.", - "title": "OutputConfiguration" + "Action": { + "markdownDescription": "Specifies the action to take when content fails the contextual grounding evaluation. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "Action", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results.", - "title": "RoleArn", + "Enabled": { + "markdownDescription": "Specifies whether to enable contextual grounding evaluation. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "Enabled", + "type": "boolean" + }, + "Threshold": { + "markdownDescription": "The threshold details for the guardrails contextual grounding filter.", + "title": "Threshold", + "type": "number" + }, + "Type": { + "markdownDescription": "The filter details for the guardrails contextual grounding filter.", + "title": "Type", "type": "string" } }, "required": [ - "OutputConfiguration" + "Threshold", + "Type" ], "type": "object" }, - "AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig": { + "AWS::Bedrock::Guardrail.ContextualGroundingPolicyConfig": { "additionalProperties": false, "properties": { - "IsResponsible": { - "markdownDescription": "Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query compute costs.", - "title": "IsResponsible", - "type": "boolean" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContextualGroundingFilterConfig" + }, + "markdownDescription": "", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "IsResponsible" + "FiltersConfig" ], "type": "object" }, - "AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration": { + "AWS::Bedrock::Guardrail.GuardrailCrossRegionConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The S3 bucket to unload the protected query results.", - "title": "Bucket", - "type": "string" - }, - "KeyPrefix": { - "markdownDescription": "The S3 prefix to unload the protected query results.", - "title": "KeyPrefix", - "type": "string" - }, - "ResultFormat": { - "markdownDescription": "Intended file format of the result.", - "title": "ResultFormat", + "GuardrailProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the guardrail profile that your guardrail is using. Guardrail profile availability depends on your current AWS Region . For more information, see the [Amazon Bedrock User Guide](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region-support.html) .", + "title": "GuardrailProfileArn", "type": "string" } }, "required": [ - "Bucket", - "ResultFormat" + "GuardrailProfileArn" ], "type": "object" }, - "AWS::CleanRooms::PrivacyBudgetTemplate": { + "AWS::Bedrock::Guardrail.ManagedWordsConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Metadata": { - "type": "object" + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoRefresh": { - "markdownDescription": "How often the privacy budget refreshes.\n\n> If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes.", - "title": "AutoRefresh", - "type": "string" - }, - "MembershipIdentifier": { - "markdownDescription": "The identifier for a membership resource.", - "title": "MembershipIdentifier", - "type": "string" - }, - "Parameters": { - "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate.Parameters", - "markdownDescription": "Specifies the epsilon and noise parameters for the privacy budget template.", - "title": "Parameters" - }, - "PrivacyBudgetType": { - "markdownDescription": "Specifies the type of the privacy budget template.", - "title": "PrivacyBudgetType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AutoRefresh", - "MembershipIdentifier", - "Parameters", - "PrivacyBudgetType" - ], - "type": "object" + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, "Type": { - "enum": [ - "AWS::CleanRooms::PrivacyBudgetTemplate" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The managed word type to configure for the guardrail.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CleanRooms::PrivacyBudgetTemplate.Parameters": { + "AWS::Bedrock::Guardrail.PiiEntityConfig": { "additionalProperties": false, "properties": { - "Epsilon": { - "markdownDescription": "The epsilon value that you want to use.", - "title": "Epsilon", - "type": "number" + "Action": { + "markdownDescription": "Configure guardrail action when the PII entity is detected.", + "title": "Action", + "type": "string" }, - "UsersNoisePerQuery": { - "markdownDescription": "Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted.", - "title": "UsersNoisePerQuery", - "type": "number" + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" + }, + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `ANONYMIZE` \u2013 Mask the content and replace it with identifier tags.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" + }, + "OutputEnabled": { + "markdownDescription": "Indicates whether guardrail evaluation is enabled on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Type": { + "markdownDescription": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guardrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *CREDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc..", + "title": "Type", + "type": "string" } }, "required": [ - "Epsilon", - "UsersNoisePerQuery" + "Action", + "Type" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset": { + "AWS::Bedrock::Guardrail.RegexConfig": { "additionalProperties": false, "properties": { - "Condition": { + "Action": { + "markdownDescription": "The guardrail action to configure when matching regular expression is detected.", + "title": "Action", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "The description of the regular expression to configure for the guardrail.", + "title": "Description", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" }, - "Metadata": { - "type": "object" + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the training dataset.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the training dataset.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - }, - "TrainingData": { - "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" - }, - "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", - "title": "TrainingData", - "type": "array" - } - }, - "required": [ - "Name", - "RoleArn", - "TrainingData" - ], - "type": "object" + "Name": { + "markdownDescription": "The name of the regular expression to configure for the guardrail.", + "title": "Name", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CleanRoomsML::TrainingDataset" - ], + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Pattern": { + "markdownDescription": "The regular expression pattern to configure for the guardrail.", + "title": "Pattern", "type": "string" } }, "required": [ - "Type", - "Properties" + "Action", + "Name", + "Pattern" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { + "AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of a column.", - "title": "ColumnName", - "type": "string" + "PiiEntitiesConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.PiiEntityConfig" + }, + "markdownDescription": "A list of PII entities to configure to the guardrail.", + "title": "PiiEntitiesConfig", + "type": "array" }, - "ColumnTypes": { + "RegexesConfig": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Guardrail.RegexConfig" }, - "markdownDescription": "The data type of column.", - "title": "ColumnTypes", + "markdownDescription": "A list of regular expressions to configure to the guardrail.", + "title": "RegexesConfig", "type": "array" } }, - "required": [ - "ColumnName", - "ColumnTypes" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.DataSource": { - "additionalProperties": false, - "properties": { - "GlueDataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", - "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", - "title": "GlueDataSource" - } - }, - "required": [ - "GlueDataSource" - ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.Dataset": { + "AWS::Bedrock::Guardrail.TopicConfig": { "additionalProperties": false, "properties": { - "InputConfig": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", - "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", - "title": "InputConfig" + "Definition": { + "markdownDescription": "A definition of the topic to deny.", + "title": "Definition", + "type": "string" + }, + "Examples": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", + "title": "Examples", + "type": "array" + }, + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", + "type": "string" + }, + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the topic to deny.", + "title": "Name", + "type": "string" + }, + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", + "type": "string" + }, + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" }, "Type": { - "markdownDescription": "What type of information is found in the dataset.", + "markdownDescription": "Specifies to deny the topic.", "title": "Type", "type": "string" } }, "required": [ - "InputConfig", + "Definition", + "Name", "Type" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { + "AWS::Bedrock::Guardrail.TopicPolicyConfig": { "additionalProperties": false, "properties": { - "DataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", - "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", - "title": "DataSource" - }, - "Schema": { + "TopicsConfig": { "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicConfig" }, - "markdownDescription": "The schema information for the training data.", - "title": "Schema", + "markdownDescription": "A list of policies related to topics that the guardrail should deny.", + "title": "TopicsConfig", "type": "array" + }, + "TopicsTierConfig": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicsTierConfig", + "markdownDescription": "The tier that your guardrail uses for denied topic filters.", + "title": "TopicsTierConfig" } }, "required": [ - "DataSource", - "Schema" + "TopicsConfig" ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { + "AWS::Bedrock::Guardrail.TopicsTierConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The Glue catalog that contains the training data.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The Glue database that contains the training data.", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "The Glue table that contains the training data.", - "title": "TableName", + "TierName": { + "markdownDescription": "The tier that your guardrail uses for denied topic filters. Valid values include:\n\n- `CLASSIC` tier \u2013 Provides established guardrails functionality supporting English, French, and Spanish languages.\n- `STANDARD` tier \u2013 Provides a more robust solution than the `CLASSIC` tier and has more comprehensive language support. This tier requires that your guardrail use [cross-Region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-cross-region.html) .", + "title": "TierName", "type": "string" } }, "required": [ - "DatabaseName", - "TableName" + "TierName" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2": { + "AWS::Bedrock::Guardrail.WordConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the input. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "InputAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutomaticStopTimeMinutes": { - "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", - "title": "AutomaticStopTimeMinutes", - "type": "number" - }, - "ConnectionType": { - "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", - "title": "ConnectionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the environment to create.", - "title": "Description", - "type": "string" - }, - "ImageId": { - "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", - "title": "ImageId", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", - "title": "InstanceType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment.", - "title": "Name", - "type": "string" - }, - "OwnerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", - "title": "OwnerArn", - "type": "string" - }, - "Repositories": { - "items": { - "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" - }, - "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", - "title": "Repositories", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", - "title": "SubnetId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ImageId", - "InstanceType" - ], - "type": "object" + "InputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the intput. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "InputEnabled", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::Cloud9::EnvironmentEC2" - ], + "OutputAction": { + "markdownDescription": "Specifies the action to take when harmful content is detected in the output. Supported values include:\n\n- `BLOCK` \u2013 Block the content and replace it with blocked messaging.\n- `NONE` \u2013 Take no action but return detection information in the trace response.", + "title": "OutputAction", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputEnabled": { + "markdownDescription": "Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response.", + "title": "OutputEnabled", + "type": "boolean" + }, + "Text": { + "markdownDescription": "Text of the word configured for the guardrail to block.", + "title": "Text", "type": "string" } }, "required": [ - "Type", - "Properties" + "Text" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2.Repository": { + "AWS::Bedrock::Guardrail.WordPolicyConfig": { "additionalProperties": false, "properties": { - "PathComponent": { - "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", - "title": "PathComponent", - "type": "string" + "ManagedWordListsConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.ManagedWordsConfig" + }, + "markdownDescription": "A list of managed words to configure for the guardrail.", + "title": "ManagedWordListsConfig", + "type": "array" }, - "RepositoryUrl": { - "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", - "title": "RepositoryUrl", - "type": "string" + "WordsConfig": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordConfig" + }, + "markdownDescription": "A list of words to configure for the guardrail.", + "title": "WordsConfig", + "type": "array" } }, - "required": [ - "PathComponent", - "RepositoryUrl" - ], "type": "object" }, - "AWS::CloudFormation::CustomResource": { + "AWS::Bedrock::GuardrailVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -34272,20 +38646,25 @@ "Properties": { "additionalProperties": false, "properties": { - "ServiceToken": { - "markdownDescription": "The service token, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same Region as the stack.\n\nUpdates aren't supported.", - "title": "ServiceToken", + "Description": { + "markdownDescription": "A description of the guardrail version.", + "title": "Description", + "type": "string" + }, + "GuardrailIdentifier": { + "markdownDescription": "The unique identifier of the guardrail. This can be an ID or the ARN.", + "title": "GuardrailIdentifier", "type": "string" } }, "required": [ - "ServiceToken" + "GuardrailIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::CustomResource" + "AWS::Bedrock::GuardrailVersion" ], "type": "string" }, @@ -34304,7 +38683,7 @@ ], "type": "object" }, - "AWS::CloudFormation::HookDefaultVersion": { + "AWS::Bedrock::IntelligentPromptRouter": { "additionalProperties": false, "properties": { "Condition": { @@ -34339,108 +38718,54 @@ "Properties": { "additionalProperties": false, "properties": { - "TypeName": { - "markdownDescription": "The name of the Hook.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeName", - "type": "string" - }, - "TypeVersionArn": { - "markdownDescription": "The version ID of the type configuration.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeVersionArn", + "Description": { + "markdownDescription": "An optional description of the prompt router to help identify its purpose.", + "title": "Description", "type": "string" }, - "VersionId": { - "markdownDescription": "The version ID of the type specified.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudFormation::HookDefaultVersion" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudFormation::HookTypeConfig": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "FallbackModel": { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel", + "markdownDescription": "The default model to use when the routing criteria is not met.", + "title": "FallbackModel" }, - { + "Models": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel" }, + "markdownDescription": "A list of foundation models that the prompt router can route requests to. At least one model must be specified.", + "title": "Models", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Configuration": { - "markdownDescription": "Specifies the activated Hook type configuration, in this AWS account and AWS Region .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "Configuration", - "type": "string" }, - "ConfigurationAlias": { - "markdownDescription": "An alias by which to refer to this configuration data.\n\nDefaults to `default` alias. Hook types currently support default configuration alias.", - "title": "ConfigurationAlias", + "PromptRouterName": { + "markdownDescription": "The name of the prompt router. The name must be unique within your AWS account in the current region.", + "title": "PromptRouterName", "type": "string" }, - "TypeArn": { - "markdownDescription": "The Amazon Resource Number (ARN) for the Hook to set `Configuration` for.\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "TypeArn", - "type": "string" + "RoutingCriteria": { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter.RoutingCriteria", + "markdownDescription": "Routing criteria for a prompt router.", + "title": "RoutingCriteria" }, - "TypeName": { - "markdownDescription": "The unique name for your Hook. Specifies a three-part namespace for your Hook, with a recommended pattern of `Organization::Service::Hook` .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", - "title": "TypeName", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource as tags. You can use tags to categorize and manage your AWS resources.", + "title": "Tags", + "type": "array" } }, "required": [ - "Configuration" + "FallbackModel", + "Models", + "PromptRouterName", + "RoutingCriteria" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::HookTypeConfig" + "AWS::Bedrock::IntelligentPromptRouter" ], "type": "string" }, @@ -34459,7 +38784,35 @@ ], "type": "object" }, - "AWS::CloudFormation::HookVersion": { + "AWS::Bedrock::IntelligentPromptRouter.PromptRouterTargetModel": { + "additionalProperties": false, + "properties": { + "ModelArn": { + "markdownDescription": "The target model's ARN.", + "title": "ModelArn", + "type": "string" + } + }, + "required": [ + "ModelArn" + ], + "type": "object" + }, + "AWS::Bedrock::IntelligentPromptRouter.RoutingCriteria": { + "additionalProperties": false, + "properties": { + "ResponseQualityDifference": { + "markdownDescription": "The criteria's response quality difference.", + "title": "ResponseQualityDifference", + "type": "number" + } + }, + "required": [ + "ResponseQualityDifference" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase": { "additionalProperties": false, "properties": { "Condition": { @@ -34494,36 +38847,53 @@ "Properties": { "additionalProperties": false, "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.", - "title": "ExecutionRoleArn", + "Description": { + "markdownDescription": "The description of the knowledge base associated with the inline agent.", + "title": "Description", "type": "string" }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::HookVersion.LoggingConfig", - "markdownDescription": "Contains logging configuration information for an extension.", - "title": "LoggingConfig" + "KnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration", + "markdownDescription": "Contains details about the embeddings configuration of the knowledge base.", + "title": "KnowledgeBaseConfiguration" }, - "SchemaHandlerPackage": { - "markdownDescription": "A URL to the Amazon S3 bucket for the Hook project package that contains the necessary files for the Hook you want to register.\n\nFor information on generating a schema handler package, see [Modeling custom CloudFormation Hooks](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html) in the *AWS CloudFormation Hooks User Guide* .\n\n> To register the Hook, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "SchemaHandlerPackage", + "Name": { + "markdownDescription": "The name of the knowledge base.", + "title": "Name", "type": "string" }, - "TypeName": { - "markdownDescription": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\n> The following organization namespaces are reserved and can't be used in your hook type names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `ASK`\n> - `AWS`\n> - `Custom`\n> - `Dev`", - "title": "TypeName", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the knowledge base.", + "title": "RoleArn", "type": "string" + }, + "StorageConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.StorageConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base.", + "title": "StorageConfiguration" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "SchemaHandlerPackage", - "TypeName" + "KnowledgeBaseConfiguration", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::HookVersion" + "AWS::Bedrock::KnowledgeBase" ], "type": "string" }, @@ -34542,476 +38912,587 @@ ], "type": "object" }, - "AWS::CloudFormation::HookVersion.LoggingConfig": { + "AWS::Bedrock::KnowledgeBase.BedrockEmbeddingModelConfiguration": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", - "title": "LogGroupName", - "type": "string" + "Dimensions": { + "markdownDescription": "The dimensions details for the vector configuration used on the Bedrock embeddings model.", + "title": "Dimensions", + "type": "number" }, - "LogRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", - "title": "LogRoleArn", + "EmbeddingDataType": { + "markdownDescription": "The data type for the vectors when using a model to convert text into vector embeddings. The model must support the specified data type for vector embeddings. Floating-point (float32) is the default data type, and is supported by most models for vector embeddings. See [Supported embeddings models](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-supported.html) for information on the available models and their vector data types.", + "title": "EmbeddingDataType", "type": "string" } }, "type": "object" }, - "AWS::CloudFormation::Macro": { + "AWS::Bedrock::KnowledgeBase.CuratedQuery": { "additionalProperties": false, "properties": { - "Condition": { + "NaturalLanguage": { + "markdownDescription": "An example natural language query.", + "title": "NaturalLanguage", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Sql": { + "markdownDescription": "The SQL equivalent of the natural language query.", + "title": "Sql", "type": "string" + } + }, + "required": [ + "NaturalLanguage", + "Sql" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.EmbeddingModelConfiguration": { + "additionalProperties": false, + "properties": { + "BedrockEmbeddingModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.BedrockEmbeddingModelConfiguration", + "markdownDescription": "The vector configuration details on the Bedrock embeddings model.", + "title": "BedrockEmbeddingModelConfiguration" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.KendraKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "KendraIndexArn": { + "markdownDescription": "The ARN of the Amazon Kendra index.", + "title": "KendraIndexArn", + "type": "string" + } + }, + "required": [ + "KendraIndexArn" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "KendraKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KendraKnowledgeBaseConfiguration", + "markdownDescription": "Settings for an Amazon Kendra knowledge base.", + "title": "KendraKnowledgeBaseConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the macro.", - "title": "Description", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.", - "title": "FunctionName", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.\n\nThis will be an existing CloudWatch Logs LogGroup. Neither CloudFormation or Lambda will create the group.", - "title": "LogGroupName", - "type": "string" - }, - "LogRoleARN": { - "markdownDescription": "The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .", - "title": "LogRoleARN", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the macro. The name of the macro must be unique across all macros in the account.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "FunctionName", - "Name" - ], - "type": "object" + "SqlKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SqlKnowledgeBaseConfiguration", + "markdownDescription": "Specifies configurations for a knowledge base connected to an SQL database.", + "title": "SqlKnowledgeBaseConfiguration" }, "Type": { - "enum": [ - "AWS::CloudFormation::Macro" - ], + "markdownDescription": "The type of data that the data source is converted into for the knowledge base.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VectorKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration", + "markdownDescription": "Contains details about the model that's used to convert the data source into vector embeddings.", + "title": "VectorKnowledgeBaseConfiguration" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFormation::ModuleDefaultVersion": { + "AWS::Bedrock::KnowledgeBase.MongoDbAtlasConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "CollectionName": { + "markdownDescription": "The collection name of the knowledge base in MongoDB Atlas.", + "title": "CollectionName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that contains user credentials for your MongoDB Atlas cluster.", + "title": "CredentialsSecretArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseName": { + "markdownDescription": "The database name in your MongoDB Atlas cluster for your knowledge base.", + "title": "DatabaseName", + "type": "string" }, - "Metadata": { - "type": "object" + "Endpoint": { + "markdownDescription": "The endpoint URL of your MongoDB Atlas cluster for your knowledge base.", + "title": "Endpoint", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the module version to set as the default version.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "Arn", - "type": "string" - }, - "ModuleName": { - "markdownDescription": "The name of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "ModuleName", - "type": "string" - }, - "VersionId": { - "markdownDescription": "The ID for the specific version of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } - }, - "type": "object" + "EndpointServiceName": { + "markdownDescription": "The name of the VPC endpoint service in your account that is connected to your MongoDB Atlas cluster.", + "title": "EndpointServiceName", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::ModuleDefaultVersion" - ], + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.MongoDbAtlasFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" + }, + "TextIndexName": { + "markdownDescription": "The name of the text search index in the MongoDB collection. This is required for using the hybrid search feature.", + "title": "TextIndexName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VectorIndexName": { + "markdownDescription": "The name of the MongoDB Atlas vector search index.", + "title": "VectorIndexName", "type": "string" } }, "required": [ - "Type" + "CollectionName", + "CredentialsSecretArn", + "DatabaseName", + "Endpoint", + "FieldMapping", + "VectorIndexName" ], "type": "object" }, - "AWS::CloudFormation::ModuleVersion": { + "AWS::Bedrock::KnowledgeBase.MongoDbAtlasFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField", + "VectorField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsConfiguration": { + "additionalProperties": false, + "properties": { + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Metadata": { - "type": "object" + "GraphArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Neptune Analytics vector store.", + "title": "GraphArn", + "type": "string" + } + }, + "required": [ + "FieldMapping", + "GraphArn" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsFieldMapping": { + "additionalProperties": false, + "properties": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ModuleName": { - "markdownDescription": "The name of the module being registered.", - "title": "ModuleName", - "type": "string" - }, - "ModulePackage": { - "markdownDescription": "A URL to the S3 bucket for the package that contains the template fragment and schema files for the module version to register.\n\nFor more information, see [Module structure and requirements](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the module version, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "ModulePackage", - "type": "string" - } - }, - "required": [ - "ModuleName", - "ModulePackage" - ], - "type": "object" + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterConfiguration": { + "additionalProperties": false, + "properties": { + "DomainArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch domain.", + "title": "DomainArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::ModuleVersion" - ], + "DomainEndpoint": { + "markdownDescription": "The endpoint URL the OpenSearch domain.", + "title": "DomainEndpoint", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" + }, + "VectorIndexName": { + "markdownDescription": "The name of the vector store.", + "title": "VectorIndexName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DomainArn", + "DomainEndpoint", + "FieldMapping", + "VectorIndexName" ], "type": "object" }, - "AWS::CloudFormation::PublicTypeVersion": { + "AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterFieldMapping": { "additionalProperties": false, "properties": { - "Condition": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField", + "VectorField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration": { + "additionalProperties": false, + "properties": { + "CollectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch Service vector store.", + "title": "CollectionArn", + "type": "string" }, - "Metadata": { - "type": "object" + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the extension.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "Arn", - "type": "string" - }, - "LogDeliveryBucket": { - "markdownDescription": "The S3 bucket to which CloudFormation delivers the contract test execution logs.\n\nCloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of `PASSED` or `FAILED` .\n\nThe user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions:\n\n- s3:GetObject\n- s3:PutObject", - "title": "LogDeliveryBucket", - "type": "string" - }, - "PublicVersionNumber": { - "markdownDescription": "The version number to assign to this version of the extension.\n\nUse the following format, and adhere to semantic versioning when assigning a version number to your extension:\n\n`MAJOR.MINOR.PATCH`\n\nFor more information, see [Semantic Versioning 2.0.0](https://docs.aws.amazon.com/https://semver.org/) .\n\nIf you don't specify a version number, CloudFormation increments the version number by one minor version release.\n\nYou cannot specify a version number the first time you publish a type. CloudFormation automatically sets the first version number to be `1.0.0` .", - "title": "PublicVersionNumber", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "Type", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The name of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", - "title": "TypeName", - "type": "string" - } - }, - "type": "object" + "VectorIndexName": { + "markdownDescription": "The name of the vector store.", + "title": "VectorIndexName", + "type": "string" + } + }, + "required": [ + "CollectionArn", + "FieldMapping", + "VectorIndexName" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping": { + "additionalProperties": false, + "properties": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", + "type": "string" }, - "Type": { - "enum": [ - "AWS::CloudFormation::PublicTypeVersion" - ], + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", "type": "string" } }, "required": [ - "Type" + "MetadataField", + "TextField", + "VectorField" ], "type": "object" }, - "AWS::CloudFormation::Publisher": { + "AWS::Bedrock::KnowledgeBase.PineconeConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ConnectionString": { + "markdownDescription": "The endpoint URL for your index management page.", + "title": "ConnectionString", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key.", + "title": "CredentialsSecretArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Metadata": { - "type": "object" + "Namespace": { + "markdownDescription": "The namespace to be used to write new data to your database.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "ConnectionString", + "CredentialsSecretArn", + "FieldMapping" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.PineconeFieldMapping": { + "additionalProperties": false, + "properties": { + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AcceptTermsAndConditions": { - "markdownDescription": "Whether you accept the [Terms and Conditions](https://docs.aws.amazon.com/https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf) for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to register to publish public extensions to the CloudFormation registry.\n\nThe default is `false` .", - "title": "AcceptTermsAndConditions", - "type": "boolean" - }, - "ConnectionArn": { - "markdownDescription": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.\n\nFor more information, see [Prerequisite: Registering your account to publish CloudFormation extensions](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .", - "title": "ConnectionArn", - "type": "string" - } + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "TextField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationColumn": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the column that helps the query engine understand the contents of the column.", + "title": "Description", + "type": "string" + }, + "Inclusion": { + "markdownDescription": "Specifies whether to include or exclude the column during query generation. If you specify `EXCLUDE` , the column will be ignored. If you specify `INCLUDE` , all other columns in the table will be ignored.", + "title": "Inclusion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the column for which the other fields in this object apply.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationConfiguration": { + "additionalProperties": false, + "properties": { + "ExecutionTimeoutSeconds": { + "markdownDescription": "The time after which query generation will time out.", + "title": "ExecutionTimeoutSeconds", + "type": "number" + }, + "GenerationContext": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationContext", + "markdownDescription": "Specifies configurations for context to use during query generation.", + "title": "GenerationContext" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationContext": { + "additionalProperties": false, + "properties": { + "CuratedQueries": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.CuratedQuery" }, - "required": [ - "AcceptTermsAndConditions" - ], - "type": "object" + "markdownDescription": "An array of objects, each of which defines information about example queries to help the query engine generate appropriate SQL queries.", + "title": "CuratedQueries", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CloudFormation::Publisher" - ], + "Tables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationTable" + }, + "markdownDescription": "An array of objects, each of which defines information about a table in the database.", + "title": "Tables", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.QueryGenerationTable": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationColumn" + }, + "markdownDescription": "An array of objects, each of which defines information about a column in the table.", + "title": "Columns", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the table that helps the query engine understand the contents of the table.", + "title": "Description", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Inclusion": { + "markdownDescription": "Specifies whether to include or exclude the table during query generation. If you specify `EXCLUDE` , the table will be ignored. If you specify `INCLUDE` , all other tables will be ignored.", + "title": "Inclusion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table for which the other fields in this object apply.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::CloudFormation::ResourceDefaultVersion": { + "AWS::Bedrock::KnowledgeBase.RdsConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "CredentialsSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database.", + "title": "CredentialsSecretArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "The name of your Amazon RDS database.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FieldMapping": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsFieldMapping", + "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", + "title": "FieldMapping" }, - "Metadata": { - "type": "object" + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the vector store.", + "title": "ResourceArn", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "TypeName": { - "markdownDescription": "The name of the resource.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeName", - "type": "string" - }, - "TypeVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource version.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "TypeVersionArn", - "type": "string" - }, - "VersionId": { - "markdownDescription": "The ID of a specific version of the resource. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the resource version when it's registered.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", - "title": "VersionId", - "type": "string" - } + "TableName": { + "markdownDescription": "The name of the table in the database.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "CredentialsSecretArn", + "DatabaseName", + "FieldMapping", + "ResourceArn", + "TableName" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RdsFieldMapping": { + "additionalProperties": false, + "properties": { + "CustomMetadataField": { + "markdownDescription": "Provide a name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.", + "title": "CustomMetadataField", + "type": "string" + }, + "MetadataField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", + "title": "MetadataField", + "type": "string" + }, + "PrimaryKeyField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the ID for each entry.", + "title": "PrimaryKeyField", + "type": "string" + }, + "TextField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", + "title": "TextField", + "type": "string" + }, + "VectorField": { + "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", + "title": "VectorField", + "type": "string" + } + }, + "required": [ + "MetadataField", + "PrimaryKeyField", + "TextField", + "VectorField" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftConfiguration": { + "additionalProperties": false, + "properties": { + "QueryEngineConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineConfiguration", + "markdownDescription": "Specifies configurations for an Amazon Redshift query engine.", + "title": "QueryEngineConfiguration" + }, + "QueryGenerationConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.QueryGenerationConfiguration", + "markdownDescription": "Specifies configurations for generating queries.", + "title": "QueryGenerationConfiguration" + }, + "StorageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineStorageConfiguration" }, - "type": "object" + "markdownDescription": "Specifies configurations for Amazon Redshift database storage.", + "title": "StorageConfigurations", + "type": "array" + } + }, + "required": [ + "QueryEngineConfiguration", + "StorageConfigurations" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftProvisionedAuthConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseUser": { + "markdownDescription": "The database username for authentication to an Amazon Redshift provisioned data warehouse.", + "title": "DatabaseUser", + "type": "string" }, "Type": { - "enum": [ - "AWS::CloudFormation::ResourceDefaultVersion" - ], + "markdownDescription": "The type of authentication to use.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UsernamePasswordSecretArn": { + "markdownDescription": "The ARN of an Secrets Manager secret for authentication.", + "title": "UsernamePasswordSecretArn", "type": "string" } }, @@ -35020,205 +39501,282 @@ ], "type": "object" }, - "AWS::CloudFormation::ResourceVersion": { + "AWS::Bedrock::KnowledgeBase.RedshiftProvisionedConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AuthConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftProvisionedAuthConfiguration", + "markdownDescription": "Specifies configurations for authentication to Amazon Redshift.", + "title": "AuthConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ClusterIdentifier": { + "markdownDescription": "The ID of the Amazon Redshift cluster.", + "title": "ClusterIdentifier", "type": "string" + } + }, + "required": [ + "AuthConfiguration", + "ClusterIdentifier" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineAwsDataCatalogStorageConfiguration": { + "additionalProperties": false, + "properties": { + "TableNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of names of the tables to use.", + "title": "TableNames", + "type": "array" + } + }, + "required": [ + "TableNames" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineConfiguration": { + "additionalProperties": false, + "properties": { + "ProvisionedConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftProvisionedConfiguration", + "markdownDescription": "Specifies configurations for a provisioned Amazon Redshift query engine.", + "title": "ProvisionedConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ServerlessConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftServerlessConfiguration", + "markdownDescription": "Specifies configurations for a serverless Amazon Redshift query engine.", + "title": "ServerlessConfiguration" }, - "Metadata": { - "type": "object" + "Type": { + "markdownDescription": "The type of query engine.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineRedshiftStorageConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of the Amazon Redshift database.", + "title": "DatabaseName", + "type": "string" + } + }, + "required": [ + "DatabaseName" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineStorageConfiguration": { + "additionalProperties": false, + "properties": { + "AwsDataCatalogConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineAwsDataCatalogStorageConfiguration", + "markdownDescription": "Specifies configurations for storage in AWS Glue Data Catalog.", + "title": "AwsDataCatalogConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.", - "title": "ExecutionRoleArn", - "type": "string" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::ResourceVersion.LoggingConfig", - "markdownDescription": "Logging configuration information for a resource.", - "title": "LoggingConfig" - }, - "SchemaHandlerPackage": { - "markdownDescription": "A URL to the S3 bucket for the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package, see [Modeling resource types to use with AWS CloudFormation](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the resource version, you must have `s3:GetObject` permissions to access the S3 objects.", - "title": "SchemaHandlerPackage", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The name of the resource being registered.\n\nWe recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* .\n\n> The following organization namespaces are reserved and can't be used in your resource names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `AWS`\n> - `Custom`\n> - `Dev`", - "title": "TypeName", - "type": "string" - } - }, - "required": [ - "SchemaHandlerPackage", - "TypeName" - ], - "type": "object" + "RedshiftConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftQueryEngineRedshiftStorageConfiguration", + "markdownDescription": "Specifies configurations for storage in Amazon Redshift.", + "title": "RedshiftConfiguration" }, "Type": { - "enum": [ - "AWS::CloudFormation::ResourceVersion" - ], + "markdownDescription": "The data storage service to use.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.RedshiftServerlessAuthConfiguration": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of authentication to use.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UsernamePasswordSecretArn": { + "markdownDescription": "The ARN of an Secrets Manager secret for authentication.", + "title": "UsernamePasswordSecretArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFormation::ResourceVersion.LoggingConfig": { + "AWS::Bedrock::KnowledgeBase.RedshiftServerlessConfiguration": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch logs group to which CloudFormation sends error logging information when invoking the type's handlers.", - "title": "LogGroupName", - "type": "string" + "AuthConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftServerlessAuthConfiguration", + "markdownDescription": "Specifies configurations for authentication to an Amazon Redshift provisioned data warehouse.", + "title": "AuthConfiguration" }, - "LogRoleArn": { - "markdownDescription": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs.", - "title": "LogRoleArn", + "WorkgroupArn": { + "markdownDescription": "The ARN of the Amazon Redshift workgroup.", + "title": "WorkgroupArn", "type": "string" } }, + "required": [ + "AuthConfiguration", + "WorkgroupArn" + ], "type": "object" }, - "AWS::CloudFormation::Stack": { + "AWS::Bedrock::KnowledgeBase.S3Location": { "additionalProperties": false, "properties": { - "Condition": { + "URI": { + "markdownDescription": "An object URI starting with `s3://` .", + "title": "URI", "type": "string" + } + }, + "required": [ + "URI" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.SqlKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "RedshiftConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RedshiftConfiguration", + "markdownDescription": "Specifies configurations for a knowledge base connected to an Amazon Redshift database.", + "title": "RedshiftConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of SQL database to connect to the knowledge base.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.StorageConfiguration": { + "additionalProperties": false, + "properties": { + "MongoDbAtlasConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.MongoDbAtlasConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in MongoDB Atlas.", + "title": "MongoDbAtlasConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NeptuneAnalyticsConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.NeptuneAnalyticsConfiguration", + "markdownDescription": "Contains details about the Neptune Analytics configuration of the knowledge base in Amazon Neptune. For more information, see [Create a vector index in Amazon Neptune Analytics.](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-neptune.html) .", + "title": "NeptuneAnalyticsConfiguration" }, - "Metadata": { - "type": "object" + "OpensearchManagedClusterConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchManagedClusterConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base in OpenSearch Managed Cluster. For more information, see [Create a vector index in Amazon OpenSearch Service](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-osm.html) .", + "title": "OpensearchManagedClusterConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "NotificationARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).", - "title": "NotificationARNs", - "type": "array" - }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n> If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nRequired if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.", - "title": "Tags", - "type": "array" - }, - "TemplateURL": { - "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with `https://` .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", - "title": "TemplateURL", - "type": "string" - }, - "TimeoutInMinutes": { - "markdownDescription": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported.", - "title": "TimeoutInMinutes", - "type": "number" - } - }, - "required": [ - "TemplateURL" - ], - "type": "object" + "OpensearchServerlessConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.", + "title": "OpensearchServerlessConfiguration" + }, + "PineconeConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeConfiguration", + "markdownDescription": "Contains the storage configuration of the knowledge base in Pinecone.", + "title": "PineconeConfiguration" + }, + "RdsConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsConfiguration", + "markdownDescription": "Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) .", + "title": "RdsConfiguration" }, "Type": { - "enum": [ - "AWS::CloudFormation::Stack" - ], + "markdownDescription": "The vector store service in which the knowledge base is stored.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.SupplementalDataStorageConfiguration": { + "additionalProperties": false, + "properties": { + "SupplementalDataStorageLocations": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SupplementalDataStorageLocation" + }, + "markdownDescription": "", + "title": "SupplementalDataStorageLocations", + "type": "array" + } + }, + "required": [ + "SupplementalDataStorageLocations" + ], + "type": "object" + }, + "AWS::Bedrock::KnowledgeBase.SupplementalDataStorageLocation": { + "additionalProperties": false, + "properties": { + "S3Location": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.S3Location", + "markdownDescription": "Contains information about the Amazon S3 location for the extracted images.", + "title": "S3Location" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SupplementalDataStorageLocationType": { + "markdownDescription": "", + "title": "SupplementalDataStorageLocationType", "type": "string" } }, "required": [ - "Type", - "Properties" + "SupplementalDataStorageLocationType" ], "type": "object" }, - "AWS::CloudFormation::StackSet": { + "AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration": { + "additionalProperties": false, + "properties": { + "EmbeddingModelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", + "title": "EmbeddingModelArn", + "type": "string" + }, + "EmbeddingModelConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.EmbeddingModelConfiguration", + "markdownDescription": "The embeddings model configuration details for the vector model used in Knowledge Base.", + "title": "EmbeddingModelConfiguration" + }, + "SupplementalDataStorageConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.SupplementalDataStorageConfiguration", + "markdownDescription": "If you include multimodal data from your data source, use this object to specify configurations for the storage location of the images extracted from your documents. These images can be retrieved and returned to the end user. They can also be used in generation when using [RetrieveAndGenerate](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_RetrieveAndGenerate.html) .", + "title": "SupplementalDataStorageConfiguration" + } + }, + "required": [ + "EmbeddingModelArn" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt": { "additionalProperties": false, "properties": { "Condition": { @@ -35253,103 +39811,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AdministrationRoleARN": { - "markdownDescription": "The Amazon Resource Number (ARN) of the IAM role to use to create this StackSet. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n\nValid only if the permissions model is `SELF_MANAGED` .", - "title": "AdministrationRoleARN", + "CustomerEncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that the prompt is encrypted with.", + "title": "CustomerEncryptionKeyArn", "type": "string" }, - "AutoDeployment": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.AutoDeployment", - "markdownDescription": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU). For more information, see [Enable or disable automatic deployments for StackSets in AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-manage-auto-deployment.html) in the *AWS CloudFormation User Guide* .\n\nRequired if the permissions model is `SERVICE_MANAGED` . (Not used with self-managed permissions.)", - "title": "AutoDeployment" - }, - "CallAs": { - "markdownDescription": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for StackSets with self-managed permissions.\n\n- To create a StackSet with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a StackSet with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStackSets with service-managed permissions are created in the management account, including StackSets that are created by delegated administrators.\n\nValid only if the permissions model is `SERVICE_MANAGED` .", - "title": "CallAs", + "DefaultVariant": { + "markdownDescription": "The name of the default variant for the prompt. This value must match the `name` field in the relevant [PromptVariant](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_PromptVariant.html) object.", + "title": "DefaultVariant", "type": "string" }, - "Capabilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The capabilities that are allowed in the StackSet. Some StackSet templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new IAM users. For more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .", - "title": "Capabilities", - "type": "array" - }, "Description": { - "markdownDescription": "A description of the StackSet.", + "markdownDescription": "The description of the prompt.", "title": "Description", "type": "string" }, - "ExecutionRoleName": { - "markdownDescription": "The name of the IAM execution role to use to create the StackSet. If you don't specify an execution role, CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the StackSet operation.\n\nValid only if the permissions model is `SELF_MANAGED` .\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", - "title": "ExecutionRoleName", - "type": "string" - }, - "ManagedExecution": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.ManagedExecution", - "markdownDescription": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", - "title": "ManagedExecution" - }, - "OperationPreferences": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.OperationPreferences", - "markdownDescription": "The user-specified preferences for how CloudFormation performs a StackSet operation.", - "title": "OperationPreferences" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" - }, - "markdownDescription": "The input parameters for the StackSet template.", - "title": "Parameters", - "type": "array" - }, - "PermissionModel": { - "markdownDescription": "Describes how the IAM roles required for StackSet operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see [Activate trusted access for StackSets with AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html) in the *AWS CloudFormation User Guide* .", - "title": "PermissionModel", + "Name": { + "markdownDescription": "The name of the prompt.", + "title": "Name", "type": "string" }, - "StackInstancesGroup": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.StackInstances" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A group of stack instances with parameters in some specific accounts and Regions.", - "title": "StackInstancesGroup", - "type": "array" - }, - "StackSetName": { - "markdownDescription": "The name to associate with the StackSet. The name must be unique in the Region where you create your StackSet.", - "title": "StackSetName", - "type": "string" + "title": "Tags", + "type": "object" }, - "Tags": { + "Variants": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptVariant" }, - "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.\n\nIf you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.", - "title": "Tags", + "markdownDescription": "A list of objects, each containing details about a variant of the prompt.", + "title": "Variants", "type": "array" - }, - "TemplateBody": { - "markdownDescription": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates that contain dynamic references through `TemplateUrl` instead.", - "title": "TemplateBody", - "type": "string" - }, - "TemplateURL": { - "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with `https://` .\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` .", - "title": "TemplateURL", - "type": "string" } }, "required": [ - "PermissionModel", - "StackSetName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::StackSet" + "AWS::Bedrock::Prompt" ], "type": "string" }, @@ -35368,159 +39877,455 @@ ], "type": "object" }, - "AWS::CloudFormation::StackSet.AutoDeployment": { + "AWS::Bedrock::Prompt.CachePointBlock": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "If set to `true` , StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.", - "title": "Enabled", - "type": "boolean" - }, - "RetainStacksOnAccountRemoval": { - "markdownDescription": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` .", - "title": "RetainStacksOnAccountRemoval", - "type": "boolean" + "Type": { + "markdownDescription": "Specifies the type of cache point within the CachePointBlock.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.DeploymentTargets": { + "AWS::Bedrock::Prompt.ChatPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "AccountFilterType": { - "markdownDescription": "Limit deployment targets to individual accounts or include additional accounts with provided OUs.\n\nThe following is a list of possible values for the `AccountFilterType` operation.\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` parameter.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` parameter.\n- `UNION` StackSet deploys to the OU, and the accounts specified in the `Accounts` parameter. `UNION` is not supported for create operations when using StackSet as a resource.", - "title": "AccountFilterType", - "type": "string" - }, - "Accounts": { + "InputVariables": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInputVariable" }, - "markdownDescription": "The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the `AccountsUrl` property instead.\n\n*Pattern* : `^[0-9]{12}$`", - "title": "Accounts", + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", "type": "array" }, - "AccountsUrl": { - "markdownDescription": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).", - "title": "AccountsUrl", - "type": "string" + "Messages": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.Message" + }, + "markdownDescription": "Contains messages in the chat for the prompt.", + "title": "Messages", + "type": "array" }, - "OrganizationalUnitIds": { + "System": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Prompt.SystemContentBlock" }, - "markdownDescription": "The organization root ID or organizational unit (OU) IDs.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`", - "title": "OrganizationalUnitIds", + "markdownDescription": "Contains system prompts to provide context to the model or to describe how it should behave.", + "title": "System", "type": "array" + }, + "ToolConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolConfiguration", + "markdownDescription": "Configuration information for the tools that the model can use when generating a response.", + "title": "ToolConfiguration" } }, + "required": [ + "Messages" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.ManagedExecution": { + "AWS::Bedrock::Prompt.ContentBlock": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "When `true` , StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen `false` (default), StackSets performs one operation at a time in request order.", - "title": "Active", - "type": "boolean" + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the message.", + "title": "CachePoint" + }, + "Text": { + "markdownDescription": "Text to include in the message.", + "title": "Text", + "type": "string" } }, "type": "object" }, - "AWS::CloudFormation::StackSet.OperationPreferences": { + "AWS::Bedrock::Prompt.Message": { "additionalProperties": false, "properties": { - "FailureToleranceCount": { - "markdownDescription": "The number of accounts per Region this operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", - "title": "FailureToleranceCount", - "type": "number" - }, - "FailureTolerancePercentage": { - "markdownDescription": "The percentage of accounts per Region this stack operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", - "title": "FailureTolerancePercentage", - "type": "number" - }, - "MaxConcurrentCount": { - "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", - "title": "MaxConcurrentCount", - "type": "number" - }, - "MaxConcurrentPercentage": { - "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", - "title": "MaxConcurrentPercentage", - "type": "number" - }, - "RegionConcurrencyType": { - "markdownDescription": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.", - "title": "RegionConcurrencyType", - "type": "string" - }, - "RegionOrder": { + "Content": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Bedrock::Prompt.ContentBlock" }, - "markdownDescription": "The order of the Regions where you want to perform the stack operation.", - "title": "RegionOrder", + "markdownDescription": "The message content. Note the following restrictions:\n\n- You can include up to 20 images. Each image's size, height, and width must be no more than 3.75 MB, 8000 px, and 8000 px, respectively.\n- You can include up to five documents. Each document's size must be no more than 4.5 MB.\n- If you include a `ContentBlock` with a `document` field in the array, you must also include a `ContentBlock` with a `text` field.\n- You can only include images and documents if the `role` is `user` .", + "title": "Content", "type": "array" + }, + "Role": { + "markdownDescription": "The role that the message plays in the message.", + "title": "Role", + "type": "string" } }, + "required": [ + "Content", + "Role" + ], "type": "object" }, - "AWS::CloudFormation::StackSet.Parameter": { + "AWS::Bedrock::Prompt.PromptAgentResource": { "additionalProperties": false, "properties": { - "ParameterKey": { - "markdownDescription": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.", - "title": "ParameterKey", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "The input value associated with the parameter.", - "title": "ParameterValue", + "AgentIdentifier": { + "markdownDescription": "The ARN of the agent with which to use the prompt.", + "title": "AgentIdentifier", "type": "string" } }, "required": [ - "ParameterKey", - "ParameterValue" + "AgentIdentifier" ], "type": "object" }, - "AWS::CloudFormation::StackSet.StackInstances": { + "AWS::Bedrock::Prompt.PromptGenAiResource": { "additionalProperties": false, "properties": { - "DeploymentTargets": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.DeploymentTargets", - "markdownDescription": "The AWS `OrganizationalUnitIds` or `Accounts` for which to create stack instances in the specified Regions.", - "title": "DeploymentTargets" - }, - "ParameterOverrides": { - "items": { - "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" - }, - "markdownDescription": "A list of StackSet parameters whose values you want to override in the selected stack instances.", - "title": "ParameterOverrides", - "type": "array" - }, - "Regions": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts .", - "title": "Regions", - "type": "array" + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptAgentResource", + "markdownDescription": "Specifies an Amazon Bedrock agent with which to use the prompt.", + "title": "Agent" } }, "required": [ - "DeploymentTargets", - "Regions" + "Agent" ], "type": "object" }, - "AWS::CloudFormation::TypeActivation": { + "AWS::Bedrock::Prompt.PromptInferenceConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptInputVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptMetadataEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a metadata tag for a prompt variant.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a metadata tag for a prompt variant.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" + }, + "StopSequences": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" + }, + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" + }, + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Chat": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ChatPromptTemplateConfiguration", + "markdownDescription": "Contains configurations to use the prompt in a conversational format.", + "title": "Chat" + }, + "Text": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.PromptVariant": { + "additionalProperties": false, + "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", + "type": "object" + }, + "GenAiResource": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptGenAiResource", + "markdownDescription": "Specifies a generative AI resource with which to use the prompt.", + "title": "GenAiResource" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt variant.", + "title": "InferenceConfiguration" + }, + "Metadata": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptMetadataEntry" + }, + "markdownDescription": "An array of objects, each containing a key-value pair that defines a metadata tag and value to attach to a prompt variant.", + "title": "Metadata", + "type": "array" + }, + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) with which to run inference on the prompt.", + "title": "ModelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the prompt variant.", + "title": "Name", + "type": "string" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the prompt template.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of prompt template to use.", + "title": "TemplateType", + "type": "string" + } + }, + "required": [ + "Name", + "TemplateConfiguration", + "TemplateType" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.SpecificToolChoice": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the tool that the model must request.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.SystemContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the system prompt.", + "title": "CachePoint" + }, + "Text": { + "markdownDescription": "A system prompt for the model.", + "title": "Text", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.TextPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "A cache checkpoint within a template configuration.", + "title": "CachePoint" + }, + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" + }, + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" + }, + "TextS3Location": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.TextS3Location", + "markdownDescription": "The Amazon S3 location of the prompt text.", + "title": "TextS3Location" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.TextS3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket containing the prompt text.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The object key for the Amazon S3 location.", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the Amazon S3 location to use.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.Tool": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.CachePointBlock", + "markdownDescription": "CachePoint to include in the tool configuration.", + "title": "CachePoint" + }, + "ToolSpec": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolSpecification", + "markdownDescription": "The specfication for the tool.", + "title": "ToolSpec" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolChoice": { + "additionalProperties": false, + "properties": { + "Any": { + "markdownDescription": "The model must request at least one tool (no text is generated).", + "title": "Any", + "type": "object" + }, + "Auto": { + "markdownDescription": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", + "title": "Auto", + "type": "object" + }, + "Tool": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.SpecificToolChoice", + "markdownDescription": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models.", + "title": "Tool" + } + }, + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolConfiguration": { + "additionalProperties": false, + "properties": { + "ToolChoice": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolChoice", + "markdownDescription": "If supported by model, forces the model to request a tool.", + "title": "ToolChoice" + }, + "Tools": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.Tool" + }, + "markdownDescription": "An array of tools that you want to pass to a model.", + "title": "Tools", + "type": "array" + } + }, + "required": [ + "Tools" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolInputSchema": { + "additionalProperties": false, + "properties": { + "Json": { + "markdownDescription": "The JSON schema for the tool. For more information, see [JSON Schema Reference](https://docs.aws.amazon.com/https://json-schema.org/understanding-json-schema/reference) .", + "title": "Json", + "type": "object" + } + }, + "required": [ + "Json" + ], + "type": "object" + }, + "AWS::Bedrock::Prompt.ToolSpecification": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description for the tool.", + "title": "Description", + "type": "string" + }, + "InputSchema": { + "$ref": "#/definitions/AWS::Bedrock::Prompt.ToolInputSchema", + "markdownDescription": "The input schema for the tool in JSON format.", + "title": "InputSchema" + }, + "Name": { + "markdownDescription": "The name for the tool.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "InputSchema", + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -35552,62 +40357,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoUpdate": { - "markdownDescription": "Whether to automatically update the extension in this account and Region when a new *minor* version is published by the extension publisher. Major versions released by the publisher must be manually updated.\n\nThe default is `true` .", - "title": "AutoUpdate", - "type": "boolean" - }, - "ExecutionRoleArn": { - "markdownDescription": "The name of the IAM execution role to use to activate the extension.", - "title": "ExecutionRoleArn", - "type": "string" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::CloudFormation::TypeActivation.LoggingConfig", - "markdownDescription": "Specifies logging configuration information for an extension.", - "title": "LoggingConfig" - }, - "MajorVersion": { - "markdownDescription": "The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available *minor* version of the major version selected.\n\nYou can specify `MajorVersion` or `VersionBump` , but not both.", - "title": "MajorVersion", - "type": "string" - }, - "PublicTypeArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the public extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "PublicTypeArn", - "type": "string" - }, - "PublisherId": { - "markdownDescription": "The ID of the extension publisher.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "PublisherId", - "type": "string" - }, - "Type": { - "markdownDescription": "The extension type.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "Type", - "type": "string" - }, - "TypeName": { - "markdownDescription": "The name of the extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", - "title": "TypeName", + "Description": { + "markdownDescription": "The description of the prompt version.", + "title": "Description", "type": "string" }, - "TypeNameAlias": { - "markdownDescription": "An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.\n\nAn extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.", - "title": "TypeNameAlias", + "PromptArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the version of the prompt.", + "title": "PromptArn", "type": "string" }, - "VersionBump": { - "markdownDescription": "Manually updates a previously-activated type to a new major or minor version, if available. You can also use this parameter to update the value of `AutoUpdate` .\n\n- `MAJOR` : CloudFormation updates the extension to the newest major version, if one is available.\n- `MINOR` : CloudFormation updates the extension to the newest minor version, if one is available.", - "title": "VersionBump", - "type": "string" + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map of tags attached to the prompt version and their values.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, + "required": [ + "PromptArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::TypeActivation" + "AWS::Bedrock::PromptVersion" ], "type": "string" }, @@ -35620,35 +40399,435 @@ "type": "string" } }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.CachePointBlock": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specifies the type of cache point within the CachePointBlock.", + "title": "Type", + "type": "string" + } + }, "required": [ "Type" ], "type": "object" }, - "AWS::CloudFormation::TypeActivation.LoggingConfig": { + "AWS::Bedrock::PromptVersion.ChatPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", - "title": "LogGroupName", + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" + }, + "Messages": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.Message" + }, + "markdownDescription": "Contains messages in the chat for the prompt.", + "title": "Messages", + "type": "array" + }, + "System": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.SystemContentBlock" + }, + "markdownDescription": "Contains system prompts to provide context to the model or to describe how it should behave.", + "title": "System", + "type": "array" + }, + "ToolConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolConfiguration", + "markdownDescription": "Configuration information for the tools that the model can use when generating a response.", + "title": "ToolConfiguration" + } + }, + "required": [ + "Messages" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the message.", + "title": "CachePoint" + }, + "Text": { + "markdownDescription": "Text to include in the message.", + "title": "Text", "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.Message": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ContentBlock" + }, + "markdownDescription": "The message content. Note the following restrictions:\n\n- You can include up to 20 images. Each image's size, height, and width must be no more than 3.75 MB, 8000 px, and 8000 px, respectively.\n- You can include up to five documents. Each document's size must be no more than 4.5 MB.\n- If you include a `ContentBlock` with a `document` field in the array, you must also include a `ContentBlock` with a `text` field.\n- You can only include images and documents if the `role` is `user` .", + "title": "Content", + "type": "array" }, - "LogRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", - "title": "LogRoleArn", + "Role": { + "markdownDescription": "The role that the message plays in the message.", + "title": "Role", "type": "string" } }, + "required": [ + "Content", + "Role" + ], "type": "object" }, - "AWS::CloudFormation::WaitCondition": { + "AWS::Bedrock::PromptVersion.PromptAgentResource": { "additionalProperties": false, "properties": { - "Condition": { + "AgentIdentifier": { + "markdownDescription": "The ARN of the agent with which to use the prompt.", + "title": "AgentIdentifier", + "type": "string" + } + }, + "required": [ + "AgentIdentifier" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptGenAiResource": { + "additionalProperties": false, + "properties": { + "Agent": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptAgentResource", + "markdownDescription": "Specifies an Amazon Bedrock agent with which to use the prompt.", + "title": "Agent" + } + }, + "required": [ + "Agent" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptModelInferenceConfiguration", + "markdownDescription": "Contains inference configurations for a text prompt.", + "title": "Text" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptInputVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the variable.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptMetadataEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a metadata tag for a prompt variant.", + "title": "Key", "type": "string" }, - "CreationPolicy": { + "Value": { + "markdownDescription": "The value of a metadata tag for a prompt variant.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptModelInferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to return in the response.", + "title": "MaxTokens", + "type": "number" + }, + "StopSequences": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that define sequences after which the model will stop generating.", + "title": "StopSequences", + "type": "array" + }, + "Temperature": { + "markdownDescription": "Controls the randomness of the response. Choose a lower value for more predictable outputs and a higher value for more surprising outputs.", + "title": "Temperature", + "type": "number" + }, + "TopP": { + "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token.", + "title": "TopP", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "Chat": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ChatPromptTemplateConfiguration", + "markdownDescription": "Contains configurations to use the prompt in a conversational format.", + "title": "Chat" + }, + "Text": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.TextPromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the text in a message for a prompt.", + "title": "Text" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.PromptVariant": { + "additionalProperties": false, + "properties": { + "AdditionalModelRequestFields": { + "markdownDescription": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", + "title": "AdditionalModelRequestFields", + "type": "object" + }, + "GenAiResource": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptGenAiResource", + "markdownDescription": "Specifies a generative AI resource with which to use the prompt.", + "title": "GenAiResource" + }, + "InferenceConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInferenceConfiguration", + "markdownDescription": "Contains inference configurations for the prompt variant.", + "title": "InferenceConfiguration" + }, + "Metadata": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptMetadataEntry" + }, + "markdownDescription": "An array of objects, each containing a key-value pair that defines a metadata tag and value to attach to a prompt variant.", + "title": "Metadata", + "type": "array" + }, + "ModelId": { + "markdownDescription": "The unique identifier of the model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) with which to run inference on the prompt.", + "title": "ModelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the prompt variant.", + "title": "Name", + "type": "string" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptTemplateConfiguration", + "markdownDescription": "Contains configurations for the prompt template.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of prompt template to use.", + "title": "TemplateType", + "type": "string" + } + }, + "required": [ + "Name", + "TemplateConfiguration", + "TemplateType" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.SpecificToolChoice": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the tool that the model must request.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.SystemContentBlock": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the system prompt.", + "title": "CachePoint" + }, + "Text": { + "markdownDescription": "A system prompt for the model.", + "title": "Text", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.TextPromptTemplateConfiguration": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "A cache checkpoint within a template configuration.", + "title": "CachePoint" + }, + "InputVariables": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.PromptInputVariable" + }, + "markdownDescription": "An array of the variables in the prompt template.", + "title": "InputVariables", + "type": "array" + }, + "Text": { + "markdownDescription": "The message for the prompt.", + "title": "Text", + "type": "string" + } + }, + "required": [ + "Text" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.Tool": { + "additionalProperties": false, + "properties": { + "CachePoint": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.CachePointBlock", + "markdownDescription": "CachePoint to include in the tool configuration.", + "title": "CachePoint" + }, + "ToolSpec": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolSpecification", + "markdownDescription": "The specfication for the tool.", + "title": "ToolSpec" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolChoice": { + "additionalProperties": false, + "properties": { + "Any": { + "markdownDescription": "The model must request at least one tool (no text is generated).", + "title": "Any", + "type": "object" + }, + "Auto": { + "markdownDescription": "(Default). The Model automatically decides if a tool should be called or whether to generate text instead.", + "title": "Auto", + "type": "object" + }, + "Tool": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.SpecificToolChoice", + "markdownDescription": "The Model must request the specified tool. Only supported by Anthropic Claude 3 and Amazon Nova models.", + "title": "Tool" + } + }, + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolConfiguration": { + "additionalProperties": false, + "properties": { + "ToolChoice": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolChoice", + "markdownDescription": "If supported by model, forces the model to request a tool.", + "title": "ToolChoice" + }, + "Tools": { + "items": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.Tool" + }, + "markdownDescription": "An array of tools that you want to pass to a model.", + "title": "Tools", + "type": "array" + } + }, + "required": [ + "Tools" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolInputSchema": { + "additionalProperties": false, + "properties": { + "Json": { + "markdownDescription": "The JSON schema for the tool. For more information, see [JSON Schema Reference](https://docs.aws.amazon.com/https://json-schema.org/understanding-json-schema/reference) .", + "title": "Json", "type": "object" + } + }, + "required": [ + "Json" + ], + "type": "object" + }, + "AWS::Bedrock::PromptVersion.ToolSpecification": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description for the tool.", + "title": "Description", + "type": "string" + }, + "InputSchema": { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion.ToolInputSchema", + "markdownDescription": "The input schema for the tool in JSON format.", + "title": "InputSchema" + }, + "Name": { + "markdownDescription": "The name for the tool.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "InputSchema", + "Name" + ], + "type": "object" + }, + "AWS::Billing::BillingView": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, "DeletionPolicy": { "enum": [ @@ -35679,27 +40858,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back.\n\nUpdates aren't supported.", - "title": "Count", - "type": "number" + "DataFilterExpression": { + "$ref": "#/definitions/AWS::Billing::BillingView.DataFilterExpression", + "markdownDescription": "See [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_billing_Expression.html) . Billing view only supports `LINKED_ACCOUNT` and `Tags` .", + "title": "DataFilterExpression" }, - "Handle": { - "markdownDescription": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [AWS::CloudFormation::WaitConditionHandle](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-cloudformation-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", - "title": "Handle", + "Description": { + "markdownDescription": "The description of the billing view.", + "title": "Description", "type": "string" }, - "Timeout": { - "markdownDescription": "The length of time (in seconds) to wait for the number of signals that the `Count` property specifies. `Timeout` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).\n\nUpdates aren't supported.", - "title": "Timeout", + "Name": { + "markdownDescription": "The name of the billing view.", + "title": "Name", "type": "string" + }, + "SourceViews": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of billing views used as the data source for the custom billing view.", + "title": "SourceViews", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key value map specifying tags associated to the billing view being created.", + "title": "Tags", + "type": "array" } }, + "required": [ + "Name", + "SourceViews" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::WaitCondition" + "AWS::Billing::BillingView" ], "type": "string" }, @@ -35713,11 +40912,66 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFormation::WaitConditionHandle": { + "AWS::Billing::BillingView.DataFilterExpression": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "$ref": "#/definitions/AWS::Billing::BillingView.Dimensions", + "markdownDescription": "The specific `Dimension` to use for `Expression` .", + "title": "Dimensions" + }, + "Tags": { + "$ref": "#/definitions/AWS::Billing::BillingView.Tags", + "markdownDescription": "The specific `Tag` to use for `Expression` .", + "title": "Tags" + } + }, + "type": "object" + }, + "AWS::Billing::BillingView.Dimensions": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The metadata that you can use to filter and group your results.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Billing::BillingView.Tags": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A list of tag key value pairs that are associated with the resource.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The metadata values that you can use to filter and group your results.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::BillingConductor::BillingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -35751,12 +41005,52 @@ }, "Properties": { "additionalProperties": false, - "properties": {}, + "properties": { + "AccountGrouping": { + "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.AccountGrouping", + "markdownDescription": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", + "title": "AccountGrouping" + }, + "ComputationPreference": { + "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.ComputationPreference", + "markdownDescription": "The preferences and settings that will be used to compute the AWS charges for a billing group.", + "title": "ComputationPreference" + }, + "Description": { + "markdownDescription": "The description of the billing group.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The billing group's name.", + "title": "Name", + "type": "string" + }, + "PrimaryAccountId": { + "markdownDescription": "The account ID that serves as the main account in a billing group.", + "title": "PrimaryAccountId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a billing group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccountGrouping", + "ComputationPreference", + "Name", + "PrimaryAccountId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFormation::WaitConditionHandle" + "AWS::BillingConductor::BillingGroup" ], "type": "string" }, @@ -35770,11 +41064,48 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::CachePolicy": { + "AWS::BillingConductor::BillingGroup.AccountGrouping": { + "additionalProperties": false, + "properties": { + "AutoAssociate": { + "markdownDescription": "Specifies if this billing group will automatically associate newly added AWS accounts that join your consolidated billing family.", + "title": "AutoAssociate", + "type": "boolean" + }, + "LinkedAccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The account IDs that make up the billing group. Account IDs must be a part of the consolidated billing family, and not associated with another billing group.", + "title": "LinkedAccountIds", + "type": "array" + } + }, + "required": [ + "LinkedAccountIds" + ], + "type": "object" + }, + "AWS::BillingConductor::BillingGroup.ComputationPreference": { + "additionalProperties": false, + "properties": { + "PricingPlanArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the pricing plan used to compute the AWS charges for a billing group.", + "title": "PricingPlanArn", + "type": "string" + } + }, + "required": [ + "PricingPlanArn" + ], + "type": "object" + }, + "AWS::BillingConductor::CustomLineItem": { "additionalProperties": false, "properties": { "Condition": { @@ -35809,20 +41140,54 @@ "Properties": { "additionalProperties": false, "properties": { - "CachePolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CachePolicyConfig", - "markdownDescription": "The cache policy configuration.", - "title": "CachePolicyConfig" + "AccountId": { + "markdownDescription": "The AWS account in which this custom line item will be applied to.", + "title": "AccountId", + "type": "string" + }, + "BillingGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that references the billing group where the custom line item applies to.", + "title": "BillingGroupArn", + "type": "string" + }, + "BillingPeriodRange": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.BillingPeriodRange", + "markdownDescription": "A time range for which the custom line item is effective.", + "title": "BillingPeriodRange" + }, + "CustomLineItemChargeDetails": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails", + "markdownDescription": "The charge details of a custom line item. It should contain only one of `Flat` or `Percentage` .", + "title": "CustomLineItemChargeDetails" + }, + "Description": { + "markdownDescription": "The custom line item's description. This is shown on the Bills page in association with the charge value.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The custom line item's name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a custom line item.", + "title": "Tags", + "type": "array" } }, "required": [ - "CachePolicyConfig" + "BillingGroupArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::CachePolicy" + "AWS::BillingConductor::CustomLineItem" ], "type": "string" }, @@ -35841,153 +41206,120 @@ ], "type": "object" }, - "AWS::CloudFront::CachePolicy.CachePolicyConfig": { + "AWS::BillingConductor::CustomLineItem.BillingPeriodRange": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the cache policy. The comment cannot be longer than 128 characters.", - "title": "Comment", + "ExclusiveEndBillingPeriod": { + "markdownDescription": "The exclusive end billing period that defines a billing period range where a custom line is applied.", + "title": "ExclusiveEndBillingPeriod", "type": "string" }, - "DefaultTTL": { - "markdownDescription": "The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 86400 seconds (one day). If the value of `MinTTL` is more than 86400 seconds, then the default value for this field is the same as the value of `MinTTL` .", - "title": "DefaultTTL", - "type": "number" - }, - "MaxTTL": { - "markdownDescription": "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 31536000 seconds (one year). If the value of `MinTTL` or `DefaultTTL` is more than 31536000 seconds, then the default value for this field is the same as the value of `DefaultTTL` .", - "title": "MaxTTL", - "type": "number" - }, - "MinTTL": { - "markdownDescription": "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MinTTL", - "type": "number" - }, - "Name": { - "markdownDescription": "A unique name to identify the cache policy.", - "title": "Name", + "InclusiveStartBillingPeriod": { + "markdownDescription": "The inclusive start billing period that defines a billing period range where a custom line is applied.", + "title": "InclusiveStartBillingPeriod", "type": "string" - }, - "ParametersInCacheKeyAndForwardedToOrigin": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin", - "markdownDescription": "The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.", - "title": "ParametersInCacheKeyAndForwardedToOrigin" } }, - "required": [ - "DefaultTTL", - "MaxTTL", - "MinTTL", - "Name", - "ParametersInCacheKeyAndForwardedToOrigin" - ], "type": "object" }, - "AWS::CloudFront::CachePolicy.CookiesConfig": { + "AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails": { "additionalProperties": false, "properties": { - "CookieBehavior": { - "markdownDescription": "Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** for those that are listed in the `CookieNames` type, which are not included.\n- `all` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "CookieBehavior", - "type": "string" + "Flat": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails", + "markdownDescription": "A `CustomLineItemFlatChargeDetails` that describes the charge details of a flat custom line item.", + "title": "Flat" }, - "Cookies": { + "LineItemFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.LineItemFilter" }, - "markdownDescription": "Contains a list of cookie names.", - "title": "Cookies", + "markdownDescription": "A representation of the line item filter.", + "title": "LineItemFilters", "type": "array" + }, + "Percentage": { + "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails", + "markdownDescription": "A `CustomLineItemPercentageChargeDetails` that describes the charge details of a percentage custom line item.", + "title": "Percentage" + }, + "Type": { + "markdownDescription": "The type of the custom line item that indicates whether the charge is a fee or credit.", + "title": "Type", + "type": "string" } }, "required": [ - "CookieBehavior" + "Type" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.HeadersConfig": { + "AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails": { "additionalProperties": false, "properties": { - "HeaderBehavior": { - "markdownDescription": "Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "HeaderBehavior", - "type": "string" - }, - "Headers": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of HTTP header names.", - "title": "Headers", - "type": "array" + "ChargeValue": { + "markdownDescription": "The custom line item's fixed charge value in USD.", + "title": "ChargeValue", + "type": "number" } }, "required": [ - "HeaderBehavior" + "ChargeValue" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin": { + "AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails": { "additionalProperties": false, "properties": { - "CookiesConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CookiesConfig", - "markdownDescription": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "CookiesConfig" - }, - "EnableAcceptEncodingBrotli": { - "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingGzip` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", - "title": "EnableAcceptEncodingBrotli", - "type": "boolean" - }, - "EnableAcceptEncodingGzip": { - "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingBrotli` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", - "title": "EnableAcceptEncodingGzip", - "type": "boolean" - }, - "HeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.HeadersConfig", - "markdownDescription": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "HeadersConfig" + "ChildAssociatedResources": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of resource ARNs to associate to the percentage custom line item.", + "title": "ChildAssociatedResources", + "type": "array" }, - "QueryStringsConfig": { - "$ref": "#/definitions/AWS::CloudFront::CachePolicy.QueryStringsConfig", - "markdownDescription": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "QueryStringsConfig" + "PercentageValue": { + "markdownDescription": "The custom line item's percentage value. This will be multiplied against the combined value of its associated resources to determine its charge value.", + "title": "PercentageValue", + "type": "number" } }, "required": [ - "CookiesConfig", - "EnableAcceptEncodingGzip", - "HeadersConfig", - "QueryStringsConfig" + "PercentageValue" ], "type": "object" }, - "AWS::CloudFront::CachePolicy.QueryStringsConfig": { + "AWS::BillingConductor::CustomLineItem.LineItemFilter": { "additionalProperties": false, "properties": { - "QueryStringBehavior": { - "markdownDescription": "Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** those that are listed in the `QueryStringNames` type, which are not included.\n- `all` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", - "title": "QueryStringBehavior", + "Attribute": { + "markdownDescription": "The attribute of the line item filter. This specifies what attribute that you can filter on.", + "title": "Attribute", "type": "string" }, - "QueryStrings": { + "MatchOption": { + "markdownDescription": "The match criteria of the line item filter. This parameter specifies whether not to include the resource value from the billing group total cost.", + "title": "MatchOption", + "type": "string" + }, + "Values": { "items": { "type": "string" }, - "markdownDescription": "Contains a list of query string names.", - "title": "QueryStrings", + "markdownDescription": "The values of the line item filter. This specifies the values to filter on. Currently, you can only exclude Savings Plan discounts.", + "title": "Values", "type": "array" } }, "required": [ - "QueryStringBehavior" + "Attribute", + "MatchOption", + "Values" ], "type": "object" }, - "AWS::CloudFront::CloudFrontOriginAccessIdentity": { + "AWS::BillingConductor::PricingPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -36022,20 +41354,41 @@ "Properties": { "additionalProperties": false, "properties": { - "CloudFrontOriginAccessIdentityConfig": { - "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig", - "markdownDescription": "The current configuration information for the identity.", - "title": "CloudFrontOriginAccessIdentityConfig" + "Description": { + "markdownDescription": "The pricing plan description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a pricing plan.", + "title": "Name", + "type": "string" + }, + "PricingRuleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The `PricingRuleArns` that are associated with the Pricing Plan.", + "title": "PricingRuleArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing plan.", + "title": "Tags", + "type": "array" } }, "required": [ - "CloudFrontOriginAccessIdentityConfig" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::CloudFrontOriginAccessIdentity" + "AWS::BillingConductor::PricingPlan" ], "type": "string" }, @@ -36054,21 +41407,7 @@ ], "type": "object" }, - "AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig": { - "additionalProperties": false, - "properties": { - "Comment": { - "markdownDescription": "A comment to describe the origin access identity. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - } - }, - "required": [ - "Comment" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy": { + "AWS::BillingConductor::PricingRule": { "additionalProperties": false, "properties": { "Condition": { @@ -36103,20 +41442,75 @@ "Properties": { "additionalProperties": false, "properties": { - "ContinuousDeploymentPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig", - "markdownDescription": "Contains the configuration for a continuous deployment policy.", - "title": "ContinuousDeploymentPolicyConfig" + "BillingEntity": { + "markdownDescription": "The seller of services provided by AWS , their affiliates, or third-party providers selling services via AWS Marketplace .", + "title": "BillingEntity", + "type": "string" + }, + "Description": { + "markdownDescription": "The pricing rule description.", + "title": "Description", + "type": "string" + }, + "ModifierPercentage": { + "markdownDescription": "A percentage modifier applied on the public pricing rates.", + "title": "ModifierPercentage", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a pricing rule.", + "title": "Name", + "type": "string" + }, + "Operation": { + "markdownDescription": "Operation is the specific AWS action covered by this line item. This describes the specific usage of the line item.\n\nIf the `Scope` attribute is set to `SKU` , this attribute indicates which operation the `PricingRule` is modifying. For example, a value of `RunInstances:0202` indicates the operation of running an Amazon EC2 instance.", + "title": "Operation", + "type": "string" + }, + "Scope": { + "markdownDescription": "The scope of pricing rule that indicates if it's globally applicable or service-specific.", + "title": "Scope", + "type": "string" + }, + "Service": { + "markdownDescription": "If the `Scope` attribute is `SERVICE` , this attribute indicates which service the `PricingRule` is applicable for.", + "title": "Service", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing rule.", + "title": "Tags", + "type": "array" + }, + "Tiering": { + "$ref": "#/definitions/AWS::BillingConductor::PricingRule.Tiering", + "markdownDescription": "The set of tiering configurations for the pricing rule.", + "title": "Tiering" + }, + "Type": { + "markdownDescription": "The type of pricing rule.", + "title": "Type", + "type": "string" + }, + "UsageType": { + "markdownDescription": "Usage Type is the unit that each service uses to measure the usage of a specific type of resource.", + "title": "UsageType", + "type": "string" } }, "required": [ - "ContinuousDeploymentPolicyConfig" + "Name", + "Scope", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::ContinuousDeploymentPolicy" + "AWS::BillingConductor::PricingRule" ], "type": "string" }, @@ -36135,172 +41529,32 @@ ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig": { + "AWS::BillingConductor::PricingRule.FreeTier": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is `true` , this policy is enabled and in effect. When this value is `false` , this policy is not enabled and has no effect.", - "title": "Enabled", + "Activated": { + "markdownDescription": "Activate or deactivate AWS Free Tier.", + "title": "Activated", "type": "boolean" - }, - "SingleHeaderPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig", - "markdownDescription": "This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.", - "title": "SingleHeaderPolicyConfig" - }, - "SingleWeightPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig", - "markdownDescription": "This configuration determines the percentage of HTTP requests that are sent to the staging distribution.", - "title": "SingleWeightPolicyConfig" - }, - "StagingDistributionDnsNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The CloudFront domain name of the staging distribution. For example: `d111111abcdef8.cloudfront.net` .", - "title": "StagingDistributionDnsNames", - "type": "array" - }, - "TrafficConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig", - "markdownDescription": "Contains the parameters for routing production traffic from your primary to staging distributions.", - "title": "TrafficConfig" - }, - "Type": { - "markdownDescription": "The type of traffic configuration.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Enabled", - "StagingDistributionDnsNames" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig": { - "additionalProperties": false, - "properties": { - "IdleTTL": { - "markdownDescription": "The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", - "title": "IdleTTL", - "type": "number" - }, - "MaximumTTL": { - "markdownDescription": "The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", - "title": "MaximumTTL", - "type": "number" - } - }, - "required": [ - "IdleTTL", - "MaximumTTL" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix `aws-cf-cd-` .", - "title": "Header", - "type": "string" - }, - "Value": { - "markdownDescription": "The request header value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The name of the HTTP header that CloudFront uses to configure for the single header policy.", - "title": "Header", - "type": "string" - }, - "Value": { - "markdownDescription": "Specifies the value to assign to the header for a single header policy.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Header", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig": { - "additionalProperties": false, - "properties": { - "SessionStickinessConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", - "markdownDescription": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.", - "title": "SessionStickinessConfig" - }, - "Weight": { - "markdownDescription": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution.", - "title": "Weight", - "type": "number" - } - }, - "required": [ - "Weight" - ], - "type": "object" - }, - "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig": { - "additionalProperties": false, - "properties": { - "SessionStickinessConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", - "markdownDescription": "Enable session stickiness for the associated origin or cache settings.", - "title": "SessionStickinessConfig" - }, - "Weight": { - "markdownDescription": "The percentage of requests that CloudFront will use to send to an associated origin or cache settings.", - "title": "Weight", - "type": "number" } }, "required": [ - "Weight" + "Activated" ], "type": "object" }, - "AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig": { + "AWS::BillingConductor::PricingRule.Tiering": { "additionalProperties": false, "properties": { - "SingleHeaderConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig", - "markdownDescription": "Determines which HTTP requests are sent to the staging distribution.", - "title": "SingleHeaderConfig" - }, - "SingleWeightConfig": { - "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig", - "markdownDescription": "Contains the percentage of traffic to send to the staging distribution.", - "title": "SingleWeightConfig" - }, - "Type": { - "markdownDescription": "The type of traffic configuration.", - "title": "Type", - "type": "string" + "FreeTier": { + "$ref": "#/definitions/AWS::BillingConductor::PricingRule.FreeTier", + "markdownDescription": "The possible AWS Free Tier configurations.", + "title": "FreeTier" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::CloudFront::Distribution": { + "AWS::Budgets::Budget": { "additionalProperties": false, "properties": { "Condition": { @@ -36335,28 +41589,36 @@ "Properties": { "additionalProperties": false, "properties": { - "DistributionConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.DistributionConfig", - "markdownDescription": "The distribution's configuration.", - "title": "DistributionConfig" + "Budget": { + "$ref": "#/definitions/AWS::Budgets::Budget.BudgetData", + "markdownDescription": "The budget object that you want to create.", + "title": "Budget" }, - "Tags": { + "NotificationsWithSubscribers": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Budgets::Budget.NotificationWithSubscribers" }, - "markdownDescription": "A complex type that contains zero or more `Tag` elements.", - "title": "Tags", + "markdownDescription": "A notification that you want to associate with a budget. A budget can have up to five notifications, and each notification can have one SNS subscriber and up to 10 email subscribers. If you include notifications and subscribers in your `CreateBudget` call, AWS creates the notifications and subscribers for you.", + "title": "NotificationsWithSubscribers", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.ResourceTag" + }, + "markdownDescription": "An optional list of tags to associate with the specified budget. Each tag consists of a key and a value, and each key must be unique for the resource.", + "title": "ResourceTags", "type": "array" } }, "required": [ - "DistributionConfig" + "Budget" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::Distribution" + "AWS::Budgets::Budget" ], "type": "string" }, @@ -36375,935 +41637,421 @@ ], "type": "object" }, - "AWS::CloudFront::Distribution.CacheBehavior": { + "AWS::Budgets::Budget.AutoAdjustData": { "additionalProperties": false, "properties": { - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", - "title": "AllowedMethods", - "type": "array" - }, - "CachePolicyId": { - "markdownDescription": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", - "title": "CachePolicyId", - "type": "string" - }, - "CachedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", - "title": "CachedMethods", - "type": "array" - }, - "Compress": { - "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Compress", - "type": "boolean" - }, - "DefaultTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultTTL", - "type": "number" - }, - "FieldLevelEncryptionId": { - "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.", - "title": "FieldLevelEncryptionId", + "AutoAdjustType": { + "markdownDescription": "The string that defines whether your budget auto-adjusts based on historical or forecasted data.", + "title": "AutoAdjustType", "type": "string" }, - "ForwardedValues": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", - "title": "ForwardedValues" - }, - "FunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" - }, - "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the `LIVE` stage to associate them with a cache behavior.", - "title": "FunctionAssociations", - "type": "array" - }, - "LambdaFunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" - }, - "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", - "title": "LambdaFunctionAssociations", - "type": "array" - }, - "MaxTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MaxTTL", - "type": "number" - }, - "MinTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", - "title": "MinTTL", - "type": "number" + "HistoricalOptions": { + "$ref": "#/definitions/AWS::Budgets::Budget.HistoricalOptions", + "markdownDescription": "The parameters that define or describe the historical data that your auto-adjusting budget is based on.", + "title": "HistoricalOptions" + } + }, + "required": [ + "AutoAdjustType" + ], + "type": "object" + }, + "AWS::Budgets::Budget.BudgetData": { + "additionalProperties": false, + "properties": { + "AutoAdjustData": { + "$ref": "#/definitions/AWS::Budgets::Budget.AutoAdjustData", + "markdownDescription": "Determine the budget amount for an auto-adjusting budget.", + "title": "AutoAdjustData" }, - "OriginRequestPolicyId": { - "markdownDescription": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginRequestPolicyId", - "type": "string" + "BudgetLimit": { + "$ref": "#/definitions/AWS::Budgets::Budget.Spend", + "markdownDescription": "The total amount of cost, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage that you want to track with your budget.\n\n`BudgetLimit` is required for cost or usage budgets, but optional for RI or Savings Plans utilization or coverage budgets. RI and Savings Plans utilization or coverage budgets default to `100` . This is the only valid value for RI or Savings Plans utilization or coverage budgets. You can't use `BudgetLimit` with `PlannedBudgetLimits` for `CreateBudget` and `UpdateBudget` actions.", + "title": "BudgetLimit" }, - "PathPattern": { - "markdownDescription": "The pattern (for example, `images/*.jpg` ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n\n> You can optionally include a slash ( `/` ) at the beginning of the path pattern. For example, `/images/*.jpg` . CloudFront behavior is the same with or without the leading `/` . \n\nThe path pattern for the default cache behavior is `*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n\nFor more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide* .", - "title": "PathPattern", + "BudgetName": { + "markdownDescription": "The name of a budget. The value must be unique within an account. `BudgetName` can't include `:` and `\\` characters. If you don't include value for `BudgetName` in the template, Billing and Cost Management assigns your budget a randomly generated name.", + "title": "BudgetName", "type": "string" }, - "RealtimeLogConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "RealtimeLogConfigArn", + "BudgetType": { + "markdownDescription": "Specifies whether this budget tracks costs, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage.", + "title": "BudgetType", "type": "string" }, - "ResponseHeadersPolicyId": { - "markdownDescription": "The identifier for a response headers policy.", - "title": "ResponseHeadersPolicyId", - "type": "string" + "CostFilters": { + "markdownDescription": "The cost filters, such as `Region` , `Service` , `LinkedAccount` , `Tag` , or `CostCategory` , that are applied to a budget.\n\nAWS Budgets supports the following services as a `Service` filter for RI budgets:\n\n- Amazon EC2\n- Amazon Redshift\n- Amazon Relational Database Service\n- Amazon ElastiCache\n- Amazon OpenSearch Service", + "title": "CostFilters", + "type": "object" }, - "SmoothStreaming": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", - "title": "SmoothStreaming", - "type": "boolean" + "CostTypes": { + "$ref": "#/definitions/AWS::Budgets::Budget.CostTypes", + "markdownDescription": "The types of costs that are included in this `COST` budget.\n\n`USAGE` , `RI_UTILIZATION` , `RI_COVERAGE` , `SAVINGS_PLANS_UTILIZATION` , and `SAVINGS_PLANS_COVERAGE` budgets do not have `CostTypes` .", + "title": "CostTypes" }, - "TargetOriginId": { - "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.", - "title": "TargetOriginId", - "type": "string" + "FilterExpression": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression", + "markdownDescription": "", + "title": "FilterExpression" }, - "TrustedKeyGroups": { + "Metrics": { "items": { "type": "string" }, - "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedKeyGroups", + "markdownDescription": "", + "title": "Metrics", "type": "array" }, - "TrustedSigners": { - "items": { - "type": "string" - }, - "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners", - "type": "array" + "PlannedBudgetLimits": { + "markdownDescription": "A map containing multiple `BudgetLimit` , including current or future limits.\n\n`PlannedBudgetLimits` is available for cost or usage budget and supports both monthly and quarterly `TimeUnit` .\n\nFor monthly budgets, provide 12 months of `PlannedBudgetLimits` values. This must start from the current month and include the next 11 months. The `key` is the start of the month, `UTC` in epoch seconds.\n\nFor quarterly budgets, provide four quarters of `PlannedBudgetLimits` value entries in standard calendar quarter increments. This must start from the current quarter and include the next three quarters. The `key` is the start of the quarter, `UTC` in epoch seconds.\n\nIf the planned budget expires before 12 months for monthly or four quarters for quarterly, provide the `PlannedBudgetLimits` values only for the remaining periods.\n\nIf the budget begins at a date in the future, provide `PlannedBudgetLimits` values from the start date of the budget.\n\nAfter all of the `BudgetLimit` values in `PlannedBudgetLimits` are used, the budget continues to use the last limit as the `BudgetLimit` . At that point, the planned budget provides the same experience as a fixed budget.\n\n`DescribeBudget` and `DescribeBudgets` response along with `PlannedBudgetLimits` also contain `BudgetLimit` representing the current month or quarter limit present in `PlannedBudgetLimits` . This only applies to budgets that are created with `PlannedBudgetLimits` . Budgets that are created without `PlannedBudgetLimits` only contain `BudgetLimit` . They don't contain `PlannedBudgetLimits` .", + "title": "PlannedBudgetLimits", + "type": "object" }, - "ViewerProtocolPolicy": { - "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ViewerProtocolPolicy", + "TimePeriod": { + "$ref": "#/definitions/AWS::Budgets::Budget.TimePeriod", + "markdownDescription": "The period of time that is covered by a budget. The period has a start date and an end date. The start date must come before the end date. There are no restrictions on the end date.\n\nThe start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nAfter the end date, AWS deletes the budget and all associated notifications and subscribers.", + "title": "TimePeriod" + }, + "TimeUnit": { + "markdownDescription": "The length of time until a budget resets the actual and forecasted spend. `DAILY` is available only for `RI_UTILIZATION` and `RI_COVERAGE` budgets.", + "title": "TimeUnit", "type": "string" } }, "required": [ - "PathPattern", - "TargetOriginId", - "ViewerProtocolPolicy" + "BudgetType", + "TimeUnit" ], "type": "object" }, - "AWS::CloudFront::Distribution.Cookies": { + "AWS::Budgets::Budget.CostCategoryValues": { "additionalProperties": false, "properties": { - "Forward": { - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nSpecifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the `WhitelistedNames` complex type.\n\nAmazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the `Forward` element.", - "title": "Forward", + "Key": { + "markdownDescription": "The unique name of the cost category.", + "title": "Key", "type": "string" }, - "WhitelistedNames": { + "MatchOptions": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nRequired if you specify `whitelist` for the value of `Forward` . A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.\n\nIf you specify `all` or `none` for the value of `Forward` , omit `WhitelistedNames` . If you change the value of `Forward` from `whitelist` to `all` or `none` and you don't delete the `WhitelistedNames` element and its child elements, CloudFront deletes them automatically.\n\nFor the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *AWS General Reference* .", - "title": "WhitelistedNames", + "markdownDescription": "The match options that you can use to filter your results.", + "title": "MatchOptions", "type": "array" - } - }, - "required": [ - "Forward" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.CustomErrorResponse": { - "additionalProperties": false, - "properties": { - "ErrorCachingMinTTL": { - "markdownDescription": "The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in `ErrorCode` . When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.\n\nFor more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ErrorCachingMinTTL", - "type": "number" - }, - "ErrorCode": { - "markdownDescription": "The HTTP status code for which you want to specify a custom error page and/or a caching duration.", - "title": "ErrorCode", - "type": "number" - }, - "ResponseCode": { - "markdownDescription": "The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:\n\n- Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute `200` , the response typically won't be intercepted.\n- If you don't care about distinguishing among different client errors or server errors, you can specify `400` or `500` as the `ResponseCode` for all 4xx or 5xx errors.\n- You might want to return a `200` status code (OK) and static website so your customers don't know that your website is down.\n\nIf you specify a value for `ResponseCode` , you must also specify a value for `ResponsePagePath` .", - "title": "ResponseCode", - "type": "number" - }, - "ResponsePagePath": { - "markdownDescription": "The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by `ErrorCode` , for example, `/4xx-errors/403-forbidden.html` . If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:\n\n- The value of `PathPattern` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named `/4xx-errors` . Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, `/4xx-errors/*` .\n- The value of `TargetOriginId` specifies the value of the `ID` element for the origin that contains your custom error pages.\n\nIf you specify a value for `ResponsePagePath` , you must also specify a value for `ResponseCode` .\n\nWe recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.", - "title": "ResponsePagePath", - "type": "string" - } - }, - "required": [ - "ErrorCode" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.CustomOriginConfig": { - "additionalProperties": false, - "properties": { - "HTTPPort": { - "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", - "title": "HTTPPort", - "type": "number" - }, - "HTTPSPort": { - "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", - "title": "HTTPSPort", - "type": "number" - }, - "OriginKeepaliveTimeout": { - "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginKeepaliveTimeout", - "type": "number" - }, - "OriginProtocolPolicy": { - "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n\n- `http-only` \u2013 CloudFront always uses HTTP to connect to the origin.\n- `match-viewer` \u2013 CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n- `https-only` \u2013 CloudFront always uses HTTPS to connect to the origin.", - "title": "OriginProtocolPolicy", - "type": "string" - }, - "OriginReadTimeout": { - "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginReadTimeout", - "type": "number" }, - "OriginSSLProtocols": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginSSLProtocols", + "markdownDescription": "The specific value of the cost category.", + "title": "Values", "type": "array" } }, - "required": [ - "OriginProtocolPolicy" - ], "type": "object" }, - "AWS::CloudFront::Distribution.DefaultCacheBehavior": { + "AWS::Budgets::Budget.CostTypes": { "additionalProperties": false, "properties": { - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", - "title": "AllowedMethods", - "type": "array" - }, - "CachePolicyId": { - "markdownDescription": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", - "title": "CachePolicyId", - "type": "string" - }, - "CachedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", - "title": "CachedMethods", - "type": "array" - }, - "Compress": { - "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify `true` ; if not, specify `false` . For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Compress", + "IncludeCredit": { + "markdownDescription": "Specifies whether a budget includes credits.\n\nThe default value is `true` .", + "title": "IncludeCredit", "type": "boolean" }, - "DefaultTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultTTL", - "type": "number" - }, - "FieldLevelEncryptionId": { - "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior.", - "title": "FieldLevelEncryptionId", - "type": "string" - }, - "ForwardedValues": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", - "title": "ForwardedValues" - }, - "FunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" - }, - "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the `LIVE` stage to associate them with a cache behavior.", - "title": "FunctionAssociations", - "type": "array" - }, - "LambdaFunctionAssociations": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" - }, - "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", - "title": "LambdaFunctionAssociations", - "type": "array" - }, - "MaxTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "MaxTTL", - "type": "number" + "IncludeDiscount": { + "markdownDescription": "Specifies whether a budget includes discounts.\n\nThe default value is `true` .", + "title": "IncludeDiscount", + "type": "boolean" }, - "MinTTL": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", - "title": "MinTTL", - "type": "number" + "IncludeOtherSubscription": { + "markdownDescription": "Specifies whether a budget includes non-RI subscription costs.\n\nThe default value is `true` .", + "title": "IncludeOtherSubscription", + "type": "boolean" }, - "OriginRequestPolicyId": { - "markdownDescription": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginRequestPolicyId", - "type": "string" + "IncludeRecurring": { + "markdownDescription": "Specifies whether a budget includes recurring fees such as monthly RI fees.\n\nThe default value is `true` .", + "title": "IncludeRecurring", + "type": "boolean" }, - "RealtimeLogConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "RealtimeLogConfigArn", - "type": "string" + "IncludeRefund": { + "markdownDescription": "Specifies whether a budget includes refunds.\n\nThe default value is `true` .", + "title": "IncludeRefund", + "type": "boolean" }, - "ResponseHeadersPolicyId": { - "markdownDescription": "The identifier for a response headers policy.", - "title": "ResponseHeadersPolicyId", - "type": "string" + "IncludeSubscription": { + "markdownDescription": "Specifies whether a budget includes subscriptions.\n\nThe default value is `true` .", + "title": "IncludeSubscription", + "type": "boolean" }, - "SmoothStreaming": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", - "title": "SmoothStreaming", + "IncludeSupport": { + "markdownDescription": "Specifies whether a budget includes support subscription fees.\n\nThe default value is `true` .", + "title": "IncludeSupport", "type": "boolean" }, - "TargetOriginId": { - "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they use the default cache behavior.", - "title": "TargetOriginId", - "type": "string" + "IncludeTax": { + "markdownDescription": "Specifies whether a budget includes taxes.\n\nThe default value is `true` .", + "title": "IncludeTax", + "type": "boolean" }, - "TrustedKeyGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedKeyGroups", - "type": "array" + "IncludeUpfront": { + "markdownDescription": "Specifies whether a budget includes upfront RI costs.\n\nThe default value is `true` .", + "title": "IncludeUpfront", + "type": "boolean" }, - "TrustedSigners": { - "items": { - "type": "string" - }, - "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners", - "type": "array" + "UseAmortized": { + "markdownDescription": "Specifies whether a budget uses the amortized rate.\n\nThe default value is `false` .", + "title": "UseAmortized", + "type": "boolean" }, - "ViewerProtocolPolicy": { - "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", - "title": "ViewerProtocolPolicy", - "type": "string" + "UseBlended": { + "markdownDescription": "Specifies whether a budget uses a blended rate.\n\nThe default value is `false` .", + "title": "UseBlended", + "type": "boolean" } }, - "required": [ - "TargetOriginId", - "ViewerProtocolPolicy" - ], "type": "object" }, - "AWS::CloudFront::Distribution.DistributionConfig": { + "AWS::Budgets::Budget.Expression": { "additionalProperties": false, "properties": { - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", - "title": "Aliases", - "type": "array" - }, - "CNAMEs": { - "items": { - "type": "string" - }, - "markdownDescription": "An alias for the CloudFront distribution's domain name.\n\n> This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead.", - "title": "CNAMEs", - "type": "array" - }, - "CacheBehaviors": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CacheBehavior" - }, - "markdownDescription": "A complex type that contains zero or more `CacheBehavior` elements.", - "title": "CacheBehaviors", - "type": "array" - }, - "Comment": { - "markdownDescription": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - }, - "ContinuousDeploymentPolicyId": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", - "title": "ContinuousDeploymentPolicyId", - "type": "string" - }, - "CustomErrorResponses": { + "And": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomErrorResponse" + "$ref": "#/definitions/AWS::Budgets::Budget.Expression" }, - "markdownDescription": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", - "title": "CustomErrorResponses", + "markdownDescription": "Return results that match both Dimension objects.", + "title": "And", "type": "array" }, - "CustomOrigin": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyCustomOrigin", - "markdownDescription": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", - "title": "CustomOrigin" - }, - "DefaultCacheBehavior": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.DefaultCacheBehavior", - "markdownDescription": "A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.", - "title": "DefaultCacheBehavior" - }, - "DefaultRootObject": { - "markdownDescription": "When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. For example, if your root URL is `https://www.example.com` , you can specify CloudFront to return the `index.html` file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, `https://www.example.com/product-description.html` ). A default root object avoids exposing the contents of your distribution.\n\nYou can specify the object name or a path to the object name (for example, `index.html` or `exampleFolderName/index.html` ). Your string can't begin with a forward slash ( `/` ). Only specify the object name or the path to the object.\n\nIf you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element.\n\nTo delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element.\n\nTo replace the default root object, update the distribution configuration and specify the new object.\n\nFor more information about the default root object, see [Specify a default root object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide* .", - "title": "DefaultRootObject", - "type": "string" - }, - "Enabled": { - "markdownDescription": "From this field, you can enable or disable the selected distribution.", - "title": "Enabled", - "type": "boolean" - }, - "HttpVersion": { - "markdownDescription": "(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . The default value for new distributions is `http1.1` .\n\nFor viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n\nFor viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) .", - "title": "HttpVersion", - "type": "string" - }, - "IPV6Enabled": { - "markdownDescription": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nIf you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", - "title": "IPV6Enabled", - "type": "boolean" + "CostCategories": { + "$ref": "#/definitions/AWS::Budgets::Budget.CostCategoryValues", + "markdownDescription": "The filter that's based on CostCategoryValues.", + "title": "CostCategories" }, - "Logging": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Logging", - "markdownDescription": "A complex type that controls whether access logs are written for the distribution.\n\nFor more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Logging" + "Dimensions": { + "$ref": "#/definitions/AWS::Budgets::Budget.ExpressionDimensionValues", + "markdownDescription": "The specific Dimension to use for Expression.", + "title": "Dimensions" }, - "OriginGroups": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroups", - "markdownDescription": "A complex type that contains information about origin groups for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", - "title": "OriginGroups" + "Not": { + "$ref": "#/definitions/AWS::Budgets::Budget.Expression", + "markdownDescription": "Return results that don't match a Dimension object.", + "title": "Not" }, - "Origins": { + "Or": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Origin" + "$ref": "#/definitions/AWS::Budgets::Budget.Expression" }, - "markdownDescription": "A complex type that contains information about origins for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", - "title": "Origins", + "markdownDescription": "Return results that match either Dimension object.", + "title": "Or", "type": "array" }, - "PriceClass": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", - "title": "PriceClass", - "type": "string" - }, - "Restrictions": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Restrictions", - "markdownDescription": "A complex type that identifies ways in which you want to restrict distribution of your content.", - "title": "Restrictions" - }, - "S3Origin": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyS3Origin", - "markdownDescription": "The origin as an Amazon S3 bucket.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", - "title": "S3Origin" - }, - "Staging": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", - "title": "Staging", - "type": "boolean" - }, - "ViewerCertificate": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.ViewerCertificate", - "markdownDescription": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.", - "title": "ViewerCertificate" - }, - "WebACLId": { - "markdownDescription": "> Multi-tenant distributions only support AWS WAF V2 web ACLs. \n\nA unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) .", - "title": "WebACLId", - "type": "string" + "Tags": { + "$ref": "#/definitions/AWS::Budgets::Budget.TagValues", + "markdownDescription": "The specific Tag to use for Expression.", + "title": "Tags" } }, - "required": [ - "DefaultCacheBehavior", - "Enabled" - ], "type": "object" }, - "AWS::CloudFront::Distribution.ForwardedValues": { + "AWS::Budgets::Budget.ExpressionDimensionValues": { "additionalProperties": false, "properties": { - "Cookies": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.Cookies", - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Cookies" + "Key": { + "markdownDescription": "The name of the dimension that you want to filter on.", + "title": "Key", + "type": "string" }, - "Headers": { + "MatchOptions": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies the `Headers` , if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.\n\nFor more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide* .", - "title": "Headers", + "markdownDescription": "The match options that you can use to filter your results. You can specify only one of these values in the array.", + "title": "MatchOptions", "type": "array" }, - "QueryString": { - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nIndicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of `QueryString` and on the values that you specify for `QueryStringCacheKeys` , if any:\n\nIf you specify true for `QueryString` and you don't specify any values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.\n\nIf you specify true for `QueryString` and you specify one or more values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.\n\nIf you specify false for `QueryString` , CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.\n\nFor more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide* .", - "title": "QueryString", - "type": "boolean" - }, - "QueryStringCacheKeys": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.", - "title": "QueryStringCacheKeys", + "markdownDescription": "The metadata values you can specify to filter upon, so that the results all match at least one of the specified values.", + "title": "Values", "type": "array" } }, - "required": [ - "QueryString" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.FunctionAssociation": { - "additionalProperties": false, - "properties": { - "EventType": { - "markdownDescription": "The event type of the function, either `viewer-request` or `viewer-response` . You cannot use origin-facing event types ( `origin-request` and `origin-response` ) with a CloudFront function.", - "title": "EventType", - "type": "string" - }, - "FunctionARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function.", - "title": "FunctionARN", - "type": "string" - } - }, "type": "object" }, - "AWS::CloudFront::Distribution.GeoRestriction": { + "AWS::Budgets::Budget.HistoricalOptions": { "additionalProperties": false, "properties": { - "Locations": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that contains a `Location` element for each country in which you want CloudFront either to distribute your content ( `whitelist` ) or not distribute your content ( `blacklist` ).\n\nThe `Location` element is a two-letter, uppercase country code for a country that you want to include in your `blacklist` or `whitelist` . Include one `Location` element for each country.\n\nCloudFront and `MaxMind` both use `ISO 3166` country codes. For the current list of countries and the corresponding codes, see `ISO 3166-1-alpha-2` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.", - "title": "Locations", - "type": "array" - }, - "RestrictionType": { - "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geo restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", - "title": "RestrictionType", - "type": "string" + "BudgetAdjustmentPeriod": { + "markdownDescription": "The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount. The maximum value depends on the `TimeUnit` granularity of the budget:\n\n- For the `DAILY` granularity, the maximum value is `60` .\n- For the `MONTHLY` granularity, the maximum value is `12` .\n- For the `QUARTERLY` granularity, the maximum value is `4` .\n- For the `ANNUALLY` granularity, the maximum value is `1` .", + "title": "BudgetAdjustmentPeriod", + "type": "number" } }, "required": [ - "RestrictionType" + "BudgetAdjustmentPeriod" ], "type": "object" }, - "AWS::CloudFront::Distribution.LambdaFunctionAssociation": { + "AWS::Budgets::Budget.Notification": { "additionalProperties": false, "properties": { - "EventType": { - "markdownDescription": "Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values:\n\n- `viewer-request` : The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache.\n- `origin-request` : The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute.\n- `origin-response` : The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.\n- `viewer-response` : The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.\n\nIf the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.", - "title": "EventType", + "ComparisonOperator": { + "markdownDescription": "The comparison that's used for this notification.", + "title": "ComparisonOperator", "type": "string" }, - "IncludeBody": { - "markdownDescription": "A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide.", - "title": "IncludeBody", - "type": "boolean" - }, - "LambdaFunctionARN": { - "markdownDescription": "The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST.", - "title": "LambdaFunctionARN", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudFront::Distribution.LegacyCustomOrigin": { - "additionalProperties": false, - "properties": { - "DNSName": { - "markdownDescription": "The domain name assigned to your CloudFront distribution.", - "title": "DNSName", + "NotificationType": { + "markdownDescription": "Specifies whether the notification is for how much you have spent ( `ACTUAL` ) or for how much that you're forecasted to spend ( `FORECASTED` ).", + "title": "NotificationType", "type": "string" }, - "HTTPPort": { - "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", - "title": "HTTPPort", - "type": "number" - }, - "HTTPSPort": { - "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", - "title": "HTTPSPort", + "Threshold": { + "markdownDescription": "The threshold that's associated with a notification. Thresholds are always a percentage, and many customers find value being alerted between 50% - 200% of the budgeted amount. The maximum limit for your threshold is 1,000,000% above the budgeted amount.", + "title": "Threshold", "type": "number" }, - "OriginProtocolPolicy": { - "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin.", - "title": "OriginProtocolPolicy", + "ThresholdType": { + "markdownDescription": "The type of threshold for a notification. For `ABSOLUTE_VALUE` thresholds, AWS notifies you when you go over or are forecasted to go over your total cost threshold. For `PERCENTAGE` thresholds, AWS notifies you when you go over or are forecasted to go over a certain percentage of your forecasted spend. For example, if you have a budget for 200 dollars and you have a `PERCENTAGE` threshold of 80%, AWS notifies you when you go over 160 dollars.", + "title": "ThresholdType", "type": "string" - }, - "OriginSSLProtocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The minimum SSL/TLS protocol version that CloudFront uses when communicating with your origin server over HTTPs.\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginSSLProtocols", - "type": "array" } }, "required": [ - "DNSName", - "OriginProtocolPolicy", - "OriginSSLProtocols" + "ComparisonOperator", + "NotificationType", + "Threshold" ], "type": "object" }, - "AWS::CloudFront::Distribution.LegacyS3Origin": { + "AWS::Budgets::Budget.NotificationWithSubscribers": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "The domain name assigned to your CloudFront distribution.", - "title": "DNSName", - "type": "string" + "Notification": { + "$ref": "#/definitions/AWS::Budgets::Budget.Notification", + "markdownDescription": "The notification that's associated with a budget.", + "title": "Notification" }, - "OriginAccessIdentity": { - "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 through CloudFront .\n\n> This property is legacy. We recommend that you use [OriginAccessControl](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html) instead.", - "title": "OriginAccessIdentity", - "type": "string" + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::Budgets::Budget.Subscriber" + }, + "markdownDescription": "A list of subscribers who are subscribed to this notification.", + "title": "Subscribers", + "type": "array" } }, "required": [ - "DNSName" + "Notification", + "Subscribers" ], "type": "object" }, - "AWS::CloudFront::Distribution.Logging": { + "AWS::Budgets::Budget.ResourceTag": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", - "title": "Bucket", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "IncludeCookies": { - "markdownDescription": "Specifies whether you want CloudFront to include cookies in access logs, specify `true` for `IncludeCookies` . If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify `false` for `IncludeCookies` .", - "title": "IncludeCookies", - "type": "boolean" - }, - "Prefix": { - "markdownDescription": "An optional string that you want CloudFront to prefix to the access log `filenames` for this distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", - "title": "Prefix", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, "required": [ - "Bucket" + "Key" ], "type": "object" }, - "AWS::CloudFront::Distribution.Origin": { + "AWS::Budgets::Budget.Spend": { "additionalProperties": false, "properties": { - "ConnectionAttempts": { - "markdownDescription": "The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3.\n\nFor a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) .\n\nFor more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide* .", - "title": "ConnectionAttempts", - "type": "number" - }, - "ConnectionTimeout": { - "markdownDescription": "The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds.\n\nFor more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide* .", - "title": "ConnectionTimeout", + "Amount": { + "markdownDescription": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold.", + "title": "Amount", "type": "number" }, - "CustomOriginConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomOriginConfig", - "markdownDescription": "Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the `S3OriginConfig` type instead.", - "title": "CustomOriginConfig" - }, - "DomainName": { - "markdownDescription": "The domain name for the origin.\n\nFor more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide* .", - "title": "DomainName", - "type": "string" - }, - "Id": { - "markdownDescription": "A unique identifier for the origin. This value must be unique within the distribution.\n\nUse this value to specify the `TargetOriginId` in a `CacheBehavior` or `DefaultCacheBehavior` .", - "title": "Id", - "type": "string" - }, - "OriginAccessControlId": { - "markdownDescription": "The unique identifier of an origin access control for this origin.\n\nFor more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessControlId", - "type": "string" - }, - "OriginCustomHeaders": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginCustomHeader" - }, - "markdownDescription": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n\nFor more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginCustomHeaders", - "type": "array" - }, - "OriginPath": { - "markdownDescription": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n\nFor more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginPath", + "Unit": { + "markdownDescription": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold.", + "title": "Unit", "type": "string" - }, - "OriginShield": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginShield", - "markdownDescription": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n\nFor more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginShield" - }, - "S3OriginConfig": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.S3OriginConfig", - "markdownDescription": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the `CustomOriginConfig` type instead.", - "title": "S3OriginConfig" } }, "required": [ - "DomainName", - "Id" + "Amount", + "Unit" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginCustomHeader": { + "AWS::Budgets::Budget.Subscriber": { "additionalProperties": false, "properties": { - "HeaderName": { - "markdownDescription": "The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", - "title": "HeaderName", + "Address": { + "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", + "title": "Address", "type": "string" }, - "HeaderValue": { - "markdownDescription": "The value for the header that you specified in the `HeaderName` field.", - "title": "HeaderValue", + "SubscriptionType": { + "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "title": "SubscriptionType", "type": "string" } }, "required": [ - "HeaderName", - "HeaderValue" + "Address", + "SubscriptionType" ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroup": { + "AWS::Budgets::Budget.TagValues": { "additionalProperties": false, "properties": { - "FailoverCriteria": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupFailoverCriteria", - "markdownDescription": "A complex type that contains information about the failover criteria for an origin group.", - "title": "FailoverCriteria" - }, - "Id": { - "markdownDescription": "The origin group's ID.", - "title": "Id", + "Key": { + "markdownDescription": "The key for the tag.", + "title": "Key", "type": "string" }, - "Members": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMembers", - "markdownDescription": "A complex type that contains information about the origins in an origin group.", - "title": "Members" - } - }, - "required": [ - "FailoverCriteria", - "Id", - "Members" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.OriginGroupFailoverCriteria": { - "additionalProperties": false, - "properties": { - "StatusCodes": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.StatusCodes", - "markdownDescription": "The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin.", - "title": "StatusCodes" + "MatchOptions": { + "items": { + "type": "string" + }, + "markdownDescription": "The match options that you can use to filter your results.", + "title": "MatchOptions", + "type": "array" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific value of the tag.", + "title": "Values", + "type": "array" } }, - "required": [ - "StatusCodes" - ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroupMember": { + "AWS::Budgets::Budget.TimePeriod": { "additionalProperties": false, "properties": { - "OriginId": { - "markdownDescription": "The ID for an origin in an origin group.", - "title": "OriginId", + "End": { + "markdownDescription": "The end date for a budget. If you didn't specify an end date, AWS set your end date to `06/15/87 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nAfter the end date, AWS deletes the budget and all the associated notifications and subscribers. You can change your end date with the `UpdateBudget` operation.", + "title": "End", "type": "string" - } - }, - "required": [ - "OriginId" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.OriginGroupMembers": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMember" - }, - "markdownDescription": "Items (origins) in an origin group.", - "title": "Items", - "type": "array" }, - "Quantity": { - "markdownDescription": "The number of origins in an origin group.", - "title": "Quantity", - "type": "number" + "Start": { + "markdownDescription": "The start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nValid values depend on the value of `BudgetType` :\n\n- If `BudgetType` is `COST` or `USAGE` : Valid values are `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .\n- If `BudgetType` is `RI_UTILIZATION` or `RI_COVERAGE` : Valid values are `DAILY` , `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .", + "title": "Start", + "type": "string" } }, - "required": [ - "Items", - "Quantity" - ], "type": "object" }, - "AWS::CloudFront::Distribution.OriginGroups": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroup" - }, - "markdownDescription": "The items (origin groups) in a distribution.", - "title": "Items", - "type": "array" - }, - "Quantity": { - "markdownDescription": "The number of origin groups.", - "title": "Quantity", - "type": "number" - } - }, - "required": [ - "Quantity" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.OriginShield": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A flag that specifies whether Origin Shield is enabled.\n\nWhen it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches.", - "title": "Enabled", - "type": "boolean" - }, - "OriginShieldRegion": { - "markdownDescription": "The AWS Region for Origin Shield.\n\nSpecify the AWS Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2` .\n\nWhen you enable CloudFront Origin Shield, you must specify the AWS Region for Origin Shield. For the list of AWS Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the AWS Region for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginShieldRegion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudFront::Distribution.Restrictions": { - "additionalProperties": false, - "properties": { - "GeoRestriction": { - "$ref": "#/definitions/AWS::CloudFront::Distribution.GeoRestriction", - "markdownDescription": "A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using `MaxMind` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template.", - "title": "GeoRestriction" - } - }, - "required": [ - "GeoRestriction" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.S3OriginConfig": { - "additionalProperties": false, - "properties": { - "OriginAccessIdentity": { - "markdownDescription": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessIdentity", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudFront::Distribution.StatusCodes": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "number" - }, - "markdownDescription": "The items (status codes) for an origin group.", - "title": "Items", - "type": "array" - }, - "Quantity": { - "markdownDescription": "The number of status codes.", - "title": "Quantity", - "type": "number" - } - }, - "required": [ - "Items", - "Quantity" - ], - "type": "object" - }, - "AWS::CloudFront::Distribution.ViewerCertificate": { - "additionalProperties": false, - "properties": { - "AcmCertificateArn": { - "markdownDescription": "> In CloudFormation, this field name is `AcmCertificateArn` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate Manager (ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) , provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region ( `us-east-1` ).\n\nIf you specify an ACM certificate ARN, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", - "title": "AcmCertificateArn", - "type": "string" - }, - "CloudFrontDefaultCertificate": { - "markdownDescription": "If the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , set this field to `true` .\n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n\n- `AcmCertificateArn` or `IamCertificateId` (specify a value for one, not both)\n- `MinimumProtocolVersion`\n- `SslSupportMethod`", - "title": "CloudFrontDefaultCertificate", - "type": "boolean" - }, - "IamCertificateId": { - "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . > In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", - "title": "IamCertificateId", - "type": "string" - }, - "MinimumProtocolVersion": { - "markdownDescription": "If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n\n- The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n- The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n\nFor more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide* .\n\n> On the CloudFront console, this setting is called *Security Policy* . \n\nWhen you're using SNI only (you set `SSLSupportMethod` to `sni-only` ), you must specify `TLSv1` or higher. (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` (you set `CloudFrontDefaultCertificate` to `true` ), CloudFront automatically sets the security policy to `TLSv1` regardless of the value that you set here.", - "title": "MinimumProtocolVersion", - "type": "string" - }, - "SslSupportMethod": { - "markdownDescription": "> In CloudFormation, this field name is `SslSupportMethod` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n\n- `sni-only` \u2013 The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) . This is recommended. Most browsers and clients support SNI.\n- `vip` \u2013 The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n- `static-ip` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Support Center](https://docs.aws.amazon.com/support/home) .\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , don't set a value for this field.", - "title": "SslSupportMethod", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudFront::Function": { + "AWS::Budgets::BudgetsAction": { "additionalProperties": false, "properties": { "Condition": { @@ -37338,42 +42086,72 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoPublish": { - "markdownDescription": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it\u2019s created. To automatically publish to the `LIVE` stage, set this property to `true` .", - "title": "AutoPublish", - "type": "boolean" + "ActionThreshold": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ActionThreshold", + "markdownDescription": "The trigger threshold of the action.", + "title": "ActionThreshold" }, - "FunctionCode": { - "markdownDescription": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .", - "title": "FunctionCode", + "ActionType": { + "markdownDescription": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition.", + "title": "ActionType", "type": "string" }, - "FunctionConfig": { - "$ref": "#/definitions/AWS::CloudFront::Function.FunctionConfig", - "markdownDescription": "Contains configuration information about a CloudFront function.", - "title": "FunctionConfig" + "ApprovalModel": { + "markdownDescription": "This specifies if the action needs manual or automatic approval.", + "title": "ApprovalModel", + "type": "string" }, - "FunctionMetadata": { - "$ref": "#/definitions/AWS::CloudFront::Function.FunctionMetadata", - "markdownDescription": "Contains metadata about a CloudFront function.", - "title": "FunctionMetadata" + "BudgetName": { + "markdownDescription": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed.", + "title": "BudgetName", + "type": "string" }, - "Name": { - "markdownDescription": "A name to identify the function.", - "title": "Name", + "Definition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Definition", + "markdownDescription": "Specifies all of the type-specific parameters.", + "title": "Definition" + }, + "ExecutionRoleArn": { + "markdownDescription": "The role passed for action execution and reversion. Roles and actions must be in the same account.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "NotificationType": { + "markdownDescription": "The type of a notification.", + "title": "NotificationType", "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ResourceTag" + }, + "markdownDescription": "An optional list of tags to associate with the specified budget action. Each tag consists of a key and a value, and each key must be unique for the resource.", + "title": "ResourceTags", + "type": "array" + }, + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Subscriber" + }, + "markdownDescription": "A list of subscribers.", + "title": "Subscribers", + "type": "array" } }, "required": [ - "FunctionCode", - "FunctionConfig", - "Name" + "ActionThreshold", + "ActionType", + "BudgetName", + "Definition", + "ExecutionRoleArn", + "NotificationType", + "Subscribers" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::Function" + "AWS::Budgets::BudgetsAction" ], "type": "string" }, @@ -37392,155 +42170,178 @@ ], "type": "object" }, - "AWS::CloudFront::Function.FunctionConfig": { + "AWS::Budgets::BudgetsAction.ActionThreshold": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the function.", - "title": "Comment", + "Type": { + "markdownDescription": "The type of threshold for a notification.", + "title": "Type", "type": "string" }, - "KeyValueStoreAssociations": { + "Value": { + "markdownDescription": "The threshold of a notification.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::Budgets::BudgetsAction.Definition": { + "additionalProperties": false, + "properties": { + "IamActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.IamActionDefinition", + "markdownDescription": "The AWS Identity and Access Management ( IAM ) action definition details.", + "title": "IamActionDefinition" + }, + "ScpActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ScpActionDefinition", + "markdownDescription": "The service control policies (SCP) action definition details.", + "title": "ScpActionDefinition" + }, + "SsmActionDefinition": { + "$ref": "#/definitions/AWS::Budgets::BudgetsAction.SsmActionDefinition", + "markdownDescription": "The Amazon EC2 Systems Manager ( SSM ) action definition details.", + "title": "SsmActionDefinition" + } + }, + "type": "object" + }, + "AWS::Budgets::BudgetsAction.IamActionDefinition": { + "additionalProperties": false, + "properties": { + "Groups": { "items": { - "$ref": "#/definitions/AWS::CloudFront::Function.KeyValueStoreAssociation" + "type": "string" }, - "markdownDescription": "The configuration for the key value store associations.", - "title": "KeyValueStoreAssociations", + "markdownDescription": "A list of groups to be attached. There must be at least one group.", + "title": "Groups", "type": "array" }, - "Runtime": { - "markdownDescription": "The function's runtime environment version.", - "title": "Runtime", + "PolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the policy to be attached.", + "title": "PolicyArn", "type": "string" + }, + "Roles": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of roles to be attached. There must be at least one role.", + "title": "Roles", + "type": "array" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of users to be attached. There must be at least one user.", + "title": "Users", + "type": "array" } }, "required": [ - "Comment", - "Runtime" + "PolicyArn" ], "type": "object" }, - "AWS::CloudFront::Function.FunctionMetadata": { + "AWS::Budgets::BudgetsAction.ResourceTag": { "additionalProperties": false, "properties": { - "FunctionARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function.", - "title": "FunctionARN", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::CloudFront::Function.KeyValueStoreAssociation": { + "AWS::Budgets::BudgetsAction.ScpActionDefinition": { "additionalProperties": false, "properties": { - "KeyValueStoreARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the key value store association.", - "title": "KeyValueStoreARN", + "PolicyId": { + "markdownDescription": "The policy ID attached.", + "title": "PolicyId", "type": "string" + }, + "TargetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of target IDs.", + "title": "TargetIds", + "type": "array" } }, "required": [ - "KeyValueStoreARN" + "PolicyId", + "TargetIds" ], "type": "object" }, - "AWS::CloudFront::KeyGroup": { + "AWS::Budgets::BudgetsAction.SsmActionDefinition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "KeyGroupConfig": { - "$ref": "#/definitions/AWS::CloudFront::KeyGroup.KeyGroupConfig", - "markdownDescription": "The key group configuration.", - "title": "KeyGroupConfig" - } + "InstanceIds": { + "items": { + "type": "string" }, - "required": [ - "KeyGroupConfig" - ], - "type": "object" + "markdownDescription": "The EC2 and RDS instance IDs.", + "title": "InstanceIds", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CloudFront::KeyGroup" - ], + "Region": { + "markdownDescription": "The Region to run the ( SSM ) document.", + "title": "Region", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Subtype": { + "markdownDescription": "The action subType.", + "title": "Subtype", "type": "string" } }, "required": [ - "Type", - "Properties" + "InstanceIds", + "Region", + "Subtype" ], "type": "object" }, - "AWS::CloudFront::KeyGroup.KeyGroupConfig": { + "AWS::Budgets::BudgetsAction.Subscriber": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the key group. The comment cannot be longer than 128 characters.", - "title": "Comment", + "Address": { + "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", + "title": "Address", "type": "string" }, - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the identifiers of the public keys in the key group.", - "title": "Items", - "type": "array" - }, - "Name": { - "markdownDescription": "A name to identify the key group.", - "title": "Name", + "Type": { + "markdownDescription": "The type of notification that AWS sends to a subscriber.", + "title": "Type", "type": "string" } }, "required": [ - "Items", - "Name" + "Address", + "Type" ], "type": "object" }, - "AWS::CloudFront::KeyValueStore": { + "AWS::CE::AnomalyMonitor": { "additionalProperties": false, "properties": { "Condition": { @@ -37575,30 +42376,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment for the key value store.", - "title": "Comment", + "MonitorDimension": { + "markdownDescription": "The dimensions to evaluate.", + "title": "MonitorDimension", "type": "string" }, - "ImportSource": { - "$ref": "#/definitions/AWS::CloudFront::KeyValueStore.ImportSource", - "markdownDescription": "The import source for the key value store.", - "title": "ImportSource" + "MonitorName": { + "markdownDescription": "The name of the monitor.", + "title": "MonitorName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the key value store.", - "title": "Name", + "MonitorSpecification": { + "markdownDescription": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page.", + "title": "MonitorSpecification", + "type": "string" + }, + "MonitorType": { + "markdownDescription": "The possible type values.", + "title": "MonitorType", "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalyMonitor.ResourceTag" + }, + "markdownDescription": "", + "title": "ResourceTags", + "type": "array" } }, "required": [ - "Name" + "MonitorName", + "MonitorType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::KeyValueStore" + "AWS::CE::AnomalyMonitor" ], "type": "string" }, @@ -37617,27 +42432,27 @@ ], "type": "object" }, - "AWS::CloudFront::KeyValueStore.ImportSource": { + "AWS::CE::AnomalyMonitor.ResourceTag": { "additionalProperties": false, "properties": { - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the import source for the key value store.", - "title": "SourceArn", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "SourceType": { - "markdownDescription": "The source type of the import source for the key value store.", - "title": "SourceType", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, "required": [ - "SourceArn", - "SourceType" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::MonitoringSubscription": { + "AWS::CE::AnomalySubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -37672,26 +42487,62 @@ "Properties": { "additionalProperties": false, "properties": { - "DistributionId": { - "markdownDescription": "The ID of the distribution that you are enabling metrics for.", - "title": "DistributionId", + "Frequency": { + "markdownDescription": "The frequency that anomaly notifications are sent. Notifications are sent either over email (for DAILY and WEEKLY frequencies) or SNS (for IMMEDIATE frequency). For more information, see [Creating an Amazon SNS topic for anomaly notifications](https://docs.aws.amazon.com/cost-management/latest/userguide/ad-SNS.html) .", + "title": "Frequency", "type": "string" }, - "MonitoringSubscription": { - "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.MonitoringSubscription", - "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", - "title": "MonitoringSubscription" + "MonitorArnList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of cost anomaly monitors.", + "title": "MonitorArnList", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalySubscription.ResourceTag" + }, + "markdownDescription": "", + "title": "ResourceTags", + "type": "array" + }, + "Subscribers": { + "items": { + "$ref": "#/definitions/AWS::CE::AnomalySubscription.Subscriber" + }, + "markdownDescription": "A list of subscribers to notify.", + "title": "Subscribers", + "type": "array" + }, + "SubscriptionName": { + "markdownDescription": "The name for the subscription.", + "title": "SubscriptionName", + "type": "string" + }, + "Threshold": { + "markdownDescription": "(deprecated)\n\nAn absolute dollar value that must be exceeded by the anomaly's total impact (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details) for an anomaly notification to be generated.\n\nThis field has been deprecated. To specify a threshold, use ThresholdExpression. Continued use of Threshold will be treated as shorthand syntax for a ThresholdExpression.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.", + "title": "Threshold", + "type": "number" + }, + "ThresholdExpression": { + "markdownDescription": "An [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object in JSON string format used to specify the anomalies that you want to generate alerts for. This supports dimensions and nested expressions. The supported dimensions are `ANOMALY_TOTAL_IMPACT_ABSOLUTE` and `ANOMALY_TOTAL_IMPACT_PERCENTAGE` , corresponding to an anomaly\u2019s TotalImpact and TotalImpactPercentage, respectively (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details). The supported nested expression types are `AND` and `OR` . The match option `GREATER_THAN_OR_EQUAL` is required. Values must be numbers between 0 and 10,000,000,000 in string format.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.\n\nFor further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalysubscription.html#aws-resource-ce-anomalysubscription--examples) section of this page.", + "title": "ThresholdExpression", + "type": "string" } }, "required": [ - "DistributionId", - "MonitoringSubscription" + "Frequency", + "MonitorArnList", + "Subscribers", + "SubscriptionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::MonitoringSubscription" + "AWS::CE::AnomalySubscription" ], "type": "string" }, @@ -37710,32 +42561,52 @@ ], "type": "object" }, - "AWS::CloudFront::MonitoringSubscription.MonitoringSubscription": { + "AWS::CE::AnomalySubscription.ResourceTag": { "additionalProperties": false, "properties": { - "RealtimeMetricsSubscriptionConfig": { - "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig", - "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", - "title": "RealtimeMetricsSubscriptionConfig" + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig": { + "AWS::CE::AnomalySubscription.Subscriber": { "additionalProperties": false, "properties": { - "RealtimeMetricsSubscriptionStatus": { - "markdownDescription": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution.", - "title": "RealtimeMetricsSubscriptionStatus", + "Address": { + "markdownDescription": "The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` .", + "title": "Address", + "type": "string" + }, + "Status": { + "markdownDescription": "Indicates if the subscriber accepts the notifications.", + "title": "Status", + "type": "string" + }, + "Type": { + "markdownDescription": "The notification delivery channel.", + "title": "Type", "type": "string" } }, "required": [ - "RealtimeMetricsSubscriptionStatus" + "Address", + "Type" ], "type": "object" }, - "AWS::CloudFront::OriginAccessControl": { + "AWS::CE::CostCategory": { "additionalProperties": false, "properties": { "Condition": { @@ -37770,20 +42641,50 @@ "Properties": { "additionalProperties": false, "properties": { - "OriginAccessControlConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig", - "markdownDescription": "The origin access control.", - "title": "OriginAccessControlConfig" + "DefaultValue": { + "markdownDescription": "The default value for the cost category.", + "title": "DefaultValue", + "type": "string" + }, + "Name": { + "markdownDescription": "The unique name of the Cost Category.", + "title": "Name", + "type": "string" + }, + "RuleVersion": { + "markdownDescription": "The rule schema version in this particular Cost Category.", + "title": "RuleVersion", + "type": "string" + }, + "Rules": { + "markdownDescription": "The array of CostCategoryRule in JSON array format.\n\n> Rules are processed in order. If there are multiple rules that match the line item, then the first rule to match is used to determine that Cost Category value.", + "title": "Rules", + "type": "string" + }, + "SplitChargeRules": { + "markdownDescription": "The split charge rules that are used to allocate your charges between your Cost Category values.", + "title": "SplitChargeRules", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::CE::CostCategory.ResourceTag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "OriginAccessControlConfig" + "Name", + "RuleVersion", + "Rules" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::OriginAccessControl" + "AWS::CE::CostCategory" ], "type": "string" }, @@ -37802,44 +42703,27 @@ ], "type": "object" }, - "AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig": { + "AWS::CE::CostCategory.ResourceTag": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the origin access control.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name to identify the origin access control. You can specify up to 64 characters.", - "title": "Name", - "type": "string" - }, - "OriginAccessControlOriginType": { - "markdownDescription": "The type of origin that this origin access control is for.", - "title": "OriginAccessControlOriginType", - "type": "string" - }, - "SigningBehavior": { - "markdownDescription": "Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .\n\nThis field can have one of the following values:\n\n- `always` \u2013 CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.\n- `never` \u2013 CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.\n- `no-override` \u2013 If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*", - "title": "SigningBehavior", + "Key": { + "markdownDescription": "The key that's associated with the tag.", + "title": "Key", "type": "string" }, - "SigningProtocol": { - "markdownDescription": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .", - "title": "SigningProtocol", + "Value": { + "markdownDescription": "The value that's associated with the tag.", + "title": "Value", "type": "string" } }, "required": [ - "Name", - "OriginAccessControlOriginType", - "SigningBehavior", - "SigningProtocol" + "Key", + "Value" ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy": { + "AWS::CUR::ReportDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -37874,20 +42758,89 @@ "Properties": { "additionalProperties": false, "properties": { - "OriginRequestPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig", - "markdownDescription": "The origin request policy configuration.", - "title": "OriginRequestPolicyConfig" + "AdditionalArtifacts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of manifests that you want AWS to create for this report.", + "title": "AdditionalArtifacts", + "type": "array" + }, + "AdditionalSchemaElements": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings that indicate additional content that AWS includes in the report, such as individual resource IDs.", + "title": "AdditionalSchemaElements", + "type": "array" + }, + "BillingViewArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the billing view. You can get this value by using the billing view service public APIs.", + "title": "BillingViewArn", + "type": "string" + }, + "Compression": { + "markdownDescription": "The compression format that Amazon Web Services uses for the report.", + "title": "Compression", + "type": "string" + }, + "Format": { + "markdownDescription": "The format that Amazon Web Services saves the report in.", + "title": "Format", + "type": "string" + }, + "RefreshClosedReports": { + "markdownDescription": "Whether you want AWS to update your reports after they have been finalized if AWS detects charges related to previous months. These charges can include refunds, credits, or support fees.", + "title": "RefreshClosedReports", + "type": "boolean" + }, + "ReportName": { + "markdownDescription": "The name of the report that you want to create. The name must be unique, is case sensitive, and can't include spaces.", + "title": "ReportName", + "type": "string" + }, + "ReportVersioning": { + "markdownDescription": "Whether you want AWS to overwrite the previous version of each report or to deliver the report in addition to the previous versions.", + "title": "ReportVersioning", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "The S3 bucket where Amazon Web Services delivers the report.", + "title": "S3Bucket", + "type": "string" + }, + "S3Prefix": { + "markdownDescription": "The prefix that Amazon Web Services adds to the report name when Amazon Web Services delivers the report. Your prefix can't include spaces.", + "title": "S3Prefix", + "type": "string" + }, + "S3Region": { + "markdownDescription": "The Region of the S3 bucket that Amazon Web Services delivers the report into.", + "title": "S3Region", + "type": "string" + }, + "TimeUnit": { + "markdownDescription": "The granularity of the line items in the report.", + "title": "TimeUnit", + "type": "string" } }, "required": [ - "OriginRequestPolicyConfig" + "Compression", + "Format", + "RefreshClosedReports", + "ReportName", + "ReportVersioning", + "S3Bucket", + "S3Prefix", + "S3Region", + "TimeUnit" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::OriginRequestPolicy" + "AWS::CUR::ReportDefinition" ], "type": "string" }, @@ -37906,110 +42859,7 @@ ], "type": "object" }, - "AWS::CloudFront::OriginRequestPolicy.CookiesConfig": { - "additionalProperties": false, - "properties": { - "CookieBehavior": { - "markdownDescription": "Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `CookieNames` type, which are not included.", - "title": "CookieBehavior", - "type": "string" - }, - "Cookies": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of cookie names.", - "title": "Cookies", - "type": "array" - } - }, - "required": [ - "CookieBehavior" - ], - "type": "object" - }, - "AWS::CloudFront::OriginRequestPolicy.HeadersConfig": { - "additionalProperties": false, - "properties": { - "HeaderBehavior": { - "markdownDescription": "Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin.\n- `allViewer` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin.\n- `allViewerAndWhitelistCloudFront` \u2013 All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront.\n- `allExcept` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `Headers` type, which are not included.", - "title": "HeaderBehavior", - "type": "string" - }, - "Headers": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of HTTP header names.", - "title": "Headers", - "type": "array" - } - }, - "required": [ - "HeaderBehavior" - ], - "type": "object" - }, - "AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig": { - "additionalProperties": false, - "properties": { - "Comment": { - "markdownDescription": "A comment to describe the origin request policy. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - }, - "CookiesConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.CookiesConfig", - "markdownDescription": "The cookies from viewer requests to include in origin requests.", - "title": "CookiesConfig" - }, - "HeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.HeadersConfig", - "markdownDescription": "The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront.", - "title": "HeadersConfig" - }, - "Name": { - "markdownDescription": "A unique name to identify the origin request policy.", - "title": "Name", - "type": "string" - }, - "QueryStringsConfig": { - "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig", - "markdownDescription": "The URL query strings from viewer requests to include in origin requests.", - "title": "QueryStringsConfig" - } - }, - "required": [ - "CookiesConfig", - "HeadersConfig", - "Name", - "QueryStringsConfig" - ], - "type": "object" - }, - "AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig": { - "additionalProperties": false, - "properties": { - "QueryStringBehavior": { - "markdownDescription": "Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `QueryStringNames` type, which are not included.", - "title": "QueryStringBehavior", - "type": "string" - }, - "QueryStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains a list of query string names.", - "title": "QueryStrings", - "type": "array" - } - }, - "required": [ - "QueryStringBehavior" - ], - "type": "object" - }, - "AWS::CloudFront::PublicKey": { + "AWS::Cassandra::Keyspace": { "additionalProperties": false, "properties": { "Condition": { @@ -38044,20 +42894,35 @@ "Properties": { "additionalProperties": false, "properties": { - "PublicKeyConfig": { - "$ref": "#/definitions/AWS::CloudFront::PublicKey.PublicKeyConfig", - "markdownDescription": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", - "title": "PublicKeyConfig" + "ClientSideTimestampsEnabled": { + "markdownDescription": "Indicates whether client-side timestamps are enabled (true) or disabled (false) for all tables in the keyspace. To add a Region to a single-Region keyspace with at least one table, the value must be set to true. After you've enabled client-side timestamps for a table, you can\u2019t disable it again.", + "title": "ClientSideTimestampsEnabled", + "type": "boolean" + }, + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to be created. The keyspace name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the keyspace name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n*Length constraints:* Minimum length of 1. Maximum length of 48.", + "title": "KeyspaceName", + "type": "string" + }, + "ReplicationSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Keyspace.ReplicationSpecification", + "markdownDescription": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in.", + "title": "ReplicationSpecification" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "PublicKeyConfig" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::PublicKey" + "AWS::Cassandra::Keyspace" ], "type": "string" }, @@ -38071,43 +42936,30 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CloudFront::PublicKey.PublicKeyConfig": { + "AWS::Cassandra::Keyspace.ReplicationSpecification": { "additionalProperties": false, "properties": { - "CallerReference": { - "markdownDescription": "A string included in the request to help make sure that the request can't be replayed.", - "title": "CallerReference", - "type": "string" - }, - "Comment": { - "markdownDescription": "A comment to describe the public key. The comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - }, - "EncodedKey": { - "markdownDescription": "The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", - "title": "EncodedKey", - "type": "string" + "RegionList": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", + "title": "RegionList", + "type": "array" }, - "Name": { - "markdownDescription": "A name to help identify the public key.", - "title": "Name", + "ReplicationStrategy": { + "markdownDescription": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required.", + "title": "ReplicationStrategy", "type": "string" } }, - "required": [ - "CallerReference", - "EncodedKey", - "Name" - ], "type": "object" }, - "AWS::CloudFront::RealtimeLogConfig": { + "AWS::Cassandra::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -38142,44 +42994,101 @@ "Properties": { "additionalProperties": false, "properties": { - "EndPoints": { + "AutoScalingSpecifications": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSpecification", + "markdownDescription": "The optional auto scaling capacity settings for a table in provisioned capacity mode.", + "title": "AutoScalingSpecifications" + }, + "BillingMode": { + "$ref": "#/definitions/AWS::Cassandra::Table.BillingMode", + "markdownDescription": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode.", + "title": "BillingMode" + }, + "CdcSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Table.CdcSpecification", + "markdownDescription": "The settings for the CDC stream of a table. For more information about CDC streams, see [Working with change data capture (CDC) streams in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/cdc.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "CdcSpecification" + }, + "ClientSideTimestampsEnabled": { + "markdownDescription": "Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option:\n\n- `status: \"enabled\"`\n\nAfter client-side timestamps are enabled for a table, you can't disable this setting.", + "title": "ClientSideTimestampsEnabled", + "type": "boolean" + }, + "ClusteringKeyColumns": { "items": { - "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.EndPoint" + "$ref": "#/definitions/AWS::Cassandra::Table.ClusteringKeyColumn" }, - "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.", - "title": "EndPoints", + "markdownDescription": "One or more columns that determine how the table data is sorted.", + "title": "ClusteringKeyColumns", "type": "array" }, - "Fields": { + "DefaultTimeToLive": { + "markdownDescription": "The default Time To Live (TTL) value for all rows in a table in seconds. The maximum configurable value is 630,720,000 seconds, which is the equivalent of 20 years. By default, the TTL value for a table is 0, which means data does not expire.\n\nFor more information, see [Setting the default TTL value for a table](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl) in the *Amazon Keyspaces Developer Guide* .", + "title": "DefaultTimeToLive", + "type": "number" + }, + "EncryptionSpecification": { + "$ref": "#/definitions/AWS::Cassandra::Table.EncryptionSpecification", + "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n> If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "EncryptionSpecification" + }, + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to create the table in. The keyspace must already exist.", + "title": "KeyspaceName", + "type": "string" + }, + "PartitionKeyColumns": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Cassandra::Table.Column" }, - "markdownDescription": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .", - "title": "Fields", + "markdownDescription": "One or more columns that uniquely identify every row in the table. Every table must have a partition key.", + "title": "PartitionKeyColumns", "type": "array" }, - "Name": { - "markdownDescription": "The unique name of this real-time log configuration.", - "title": "Name", + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Specifies if point-in-time recovery is enabled or disabled for the table. The options are `PointInTimeRecoveryEnabled=true` and `PointInTimeRecoveryEnabled=false` . If not specified, the default is `PointInTimeRecoveryEnabled=false` .", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" + }, + "RegularColumns": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column" + }, + "markdownDescription": "One or more columns that are not part of the primary key - that is, columns that are *not* defined as partition key columns or clustering key columns.\n\nYou can add regular columns to existing tables by adding them to the template.", + "title": "RegularColumns", + "type": "array" + }, + "ReplicaSpecifications": { + "items": { + "$ref": "#/definitions/AWS::Cassandra::Table.ReplicaSpecification" + }, + "markdownDescription": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)", + "title": "ReplicaSpecifications", + "type": "array" + }, + "TableName": { + "markdownDescription": "The name of the table to be created. The table name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacing this resource. You can perform updates that require no interruption or some interruption. If you must replace the resource, specify a new name. \n\n*Length constraints:* Minimum length of 3. Maximum length of 255.\n\n*Pattern:* `^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$`", + "title": "TableName", "type": "string" }, - "SamplingRate": { - "markdownDescription": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.", - "title": "SamplingRate", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "EndPoints", - "Fields", - "Name", - "SamplingRate" + "KeyspaceName", + "PartitionKeyColumns" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::RealtimeLogConfig" + "AWS::Cassandra::Table" ], "type": "string" }, @@ -38198,537 +43107,237 @@ ], "type": "object" }, - "AWS::CloudFront::RealtimeLogConfig.EndPoint": { + "AWS::Cassandra::Table.AutoScalingSetting": { "additionalProperties": false, "properties": { - "KinesisStreamConfig": { - "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig", - "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration.", - "title": "KinesisStreamConfig" + "AutoScalingDisabled": { + "markdownDescription": "This optional parameter enables auto scaling for the table if set to `false` .", + "title": "AutoScalingDisabled", + "type": "boolean" }, - "StreamType": { - "markdownDescription": "The type of data stream where you are sending real-time log data. The only valid value is `Kinesis` .", - "title": "StreamType", - "type": "string" + "MaximumUnits": { + "markdownDescription": "Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", + "title": "MaximumUnits", + "type": "number" + }, + "MinimumUnits": { + "markdownDescription": "The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", + "title": "MinimumUnits", + "type": "number" + }, + "ScalingPolicy": { + "$ref": "#/definitions/AWS::Cassandra::Table.ScalingPolicy", + "markdownDescription": "Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90.", + "title": "ScalingPolicy" } }, - "required": [ - "KinesisStreamConfig", - "StreamType" - ], "type": "object" }, - "AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig": { + "AWS::Cassandra::Table.AutoScalingSpecification": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream.\n\nFor more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide* .", - "title": "RoleArn", - "type": "string" + "ReadCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The auto scaling settings for the table's read capacity.", + "title": "ReadCapacityAutoScaling" }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data.", - "title": "StreamArn", - "type": "string" + "WriteCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The auto scaling settings for the table's write capacity.", + "title": "WriteCapacityAutoScaling" } }, - "required": [ - "RoleArn", - "StreamArn" - ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy": { + "AWS::Cassandra::Table.BillingMode": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResponseHeadersPolicyConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig", - "markdownDescription": "A response headers policy configuration.", - "title": "ResponseHeadersPolicyConfig" - } - }, - "required": [ - "ResponseHeadersPolicyConfig" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CloudFront::ResponseHeadersPolicy" - ], + "Mode": { + "markdownDescription": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n> If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`", + "title": "Mode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP header names. You can specify `*` to allow all headers.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of HTTP methods. Valid values are:\n\n- `GET`\n- `DELETE`\n- `HEAD`\n- `OPTIONS`\n- `PATCH`\n- `POST`\n- `PUT`\n- `ALL`\n\n`ALL` is a special value that includes all of the listed HTTP methods.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of origins (domain names). You can specify `*` to allow all origins.", - "title": "Items", - "type": "array" + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::Cassandra::Table.ProvisionedThroughput", + "markdownDescription": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* .", + "title": "ProvisionedThroughput" } }, "required": [ - "Items" + "Mode" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders": { + "AWS::Cassandra::Table.CdcSpecification": { "additionalProperties": false, "properties": { - "Items": { + "Status": { + "markdownDescription": "The status of the CDC stream. You can enable or disable a stream for a table.", + "title": "Status", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of HTTP headers. You can specify `*` to expose all headers.", - "title": "Items", + "markdownDescription": "The tags (key-value pairs) that you want to apply to the stream.", + "title": "Tags", "type": "array" - } - }, - "required": [ - "Items" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy": { - "additionalProperties": false, - "properties": { - "ContentSecurityPolicy": { - "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.", - "title": "ContentSecurityPolicy", - "type": "string" }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "ContentSecurityPolicy", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions": { - "additionalProperties": false, - "properties": { - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" + "ViewType": { + "markdownDescription": "The view type specifies the changes Amazon Keyspaces records for each changed row in the stream. After you create the stream, you can't make changes to this selection.\n\nThe options are:\n\n- `NEW_AND_OLD_IMAGES` - both versions of the row, before and after the change. This is the default.\n- `NEW_IMAGE` - the version of the row after the change.\n- `OLD_IMAGE` - the version of the row before the change.\n- `KEYS_ONLY` - the partition and clustering keys of the row that was changed.", + "title": "ViewType", + "type": "string" } }, "required": [ - "Override" + "Status" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.CorsConfig": { + "AWS::Cassandra::Table.ClusteringKeyColumn": { "additionalProperties": false, "properties": { - "AccessControlAllowCredentials": { - "markdownDescription": "A Boolean that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Credentials` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs.", - "title": "AccessControlAllowCredentials", - "type": "boolean" - }, - "AccessControlAllowHeaders": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders", - "markdownDescription": "A list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Headers` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs.", - "title": "AccessControlAllowHeaders" - }, - "AccessControlAllowMethods": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods", - "markdownDescription": "A list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Methods` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs.", - "title": "AccessControlAllowMethods" - }, - "AccessControlAllowOrigins": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins", - "markdownDescription": "A list of origins (domain names) that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Origin` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs.", - "title": "AccessControlAllowOrigins" - }, - "AccessControlExposeHeaders": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders", - "markdownDescription": "A list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Expose-Headers` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs.", - "title": "AccessControlExposeHeaders" - }, - "AccessControlMaxAgeSec": { - "markdownDescription": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n\nFor more information about the `Access-Control-Max-Age` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs.", - "title": "AccessControlMaxAgeSec", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::Cassandra::Table.Column", + "markdownDescription": "The name and data type of this clustering key column.", + "title": "Column" }, - "OriginOverride": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.", - "title": "OriginOverride", - "type": "boolean" + "OrderBy": { + "markdownDescription": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order.", + "title": "OrderBy", + "type": "string" } }, "required": [ - "AccessControlAllowCredentials", - "AccessControlAllowHeaders", - "AccessControlAllowMethods", - "AccessControlAllowOrigins", - "OriginOverride" + "Column" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.CustomHeader": { + "AWS::Cassandra::Table.Column": { "additionalProperties": false, "properties": { - "Header": { - "markdownDescription": "The HTTP response header name.", - "title": "Header", + "ColumnName": { + "markdownDescription": "The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* .", + "title": "ColumnName", "type": "string" }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.", - "title": "Override", - "type": "boolean" - }, - "Value": { - "markdownDescription": "The value for the HTTP response header.", - "title": "Value", + "ColumnType": { + "markdownDescription": "The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* .", + "title": "ColumnType", "type": "string" } }, "required": [ - "Header", - "Override", - "Value" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig": { - "additionalProperties": false, - "properties": { - "Items": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeader" - }, - "markdownDescription": "The list of HTTP response headers and their values.", - "title": "Items", - "type": "array" - } - }, - "required": [ - "Items" + "ColumnName", + "ColumnType" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.FrameOptions": { + "AWS::Cassandra::Table.EncryptionSpecification": { "additionalProperties": false, "properties": { - "FrameOption": { - "markdownDescription": "The value of the `X-Frame-Options` HTTP response header. Valid values are `DENY` and `SAMEORIGIN` .\n\nFor more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", - "title": "FrameOption", + "EncryptionType": { + "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - `AWS_OWNED_KMS_KEY`\n- *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY`\n\n> If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required.\n\nValid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` .", + "title": "EncryptionType", "type": "string" }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - } - }, - "required": [ - "FrameOption", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy": { - "additionalProperties": false, - "properties": { - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - }, - "ReferrerPolicy": { - "markdownDescription": "The value of the `Referrer-Policy` HTTP response header. Valid values are:\n\n- `no-referrer`\n- `no-referrer-when-downgrade`\n- `origin`\n- `origin-when-cross-origin`\n- `same-origin`\n- `strict-origin`\n- `strict-origin-when-cross-origin`\n- `unsafe-url`\n\nFor more information about these values, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", - "title": "ReferrerPolicy", - "type": "string" - } - }, - "required": [ - "Override", - "ReferrerPolicy" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "The HTTP header name.", - "title": "Header", + "KmsKeyIdentifier": { + "markdownDescription": "Requires a `kms_key_identifier` in the format of a key ARN.", + "title": "KmsKeyIdentifier", "type": "string" } }, "required": [ - "Header" + "EncryptionType" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig": { + "AWS::Cassandra::Table.ProvisionedThroughput": { "additionalProperties": false, "properties": { - "Items": { - "items": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader" - }, - "markdownDescription": "The list of HTTP header names.", - "title": "Items", - "type": "array" + "ReadCapacityUnits": { + "markdownDescription": "The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "ReadCapacityUnits", + "type": "number" + }, + "WriteCapacityUnits": { + "markdownDescription": "The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "WriteCapacityUnits", + "type": "number" } }, "required": [ - "Items" + "ReadCapacityUnits", + "WriteCapacityUnits" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig": { + "AWS::Cassandra::Table.ReplicaSpecification": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A comment to describe the response headers policy.\n\nThe comment cannot be longer than 128 characters.", - "title": "Comment", - "type": "string" - }, - "CorsConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CorsConfig", - "markdownDescription": "A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).", - "title": "CorsConfig" + "ReadCapacityAutoScaling": { + "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", + "markdownDescription": "The read capacity auto scaling settings for the multi-Region table in the specified AWS Region.", + "title": "ReadCapacityAutoScaling" }, - "CustomHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig", - "markdownDescription": "A configuration for a set of custom HTTP response headers.", - "title": "CustomHeadersConfig" + "ReadCapacityUnits": { + "markdownDescription": "The provisioned read capacity units for the multi-Region table in the specified AWS Region.", + "title": "ReadCapacityUnits", + "type": "number" }, - "Name": { - "markdownDescription": "A name to identify the response headers policy.\n\nThe name must be unique for response headers policies in this AWS account .", - "title": "Name", + "Region": { + "markdownDescription": "The AWS Region.", + "title": "Region", "type": "string" - }, - "RemoveHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig", - "markdownDescription": "A configuration for a set of HTTP headers to remove from the HTTP response.", - "title": "RemoveHeadersConfig" - }, - "SecurityHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig", - "markdownDescription": "A configuration for a set of security-related HTTP response headers.", - "title": "SecurityHeadersConfig" - }, - "ServerTimingHeadersConfig": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig", - "markdownDescription": "A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront.", - "title": "ServerTimingHeadersConfig" } }, "required": [ - "Name" + "Region" ], "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig": { + "AWS::Cassandra::Table.ScalingPolicy": { "additionalProperties": false, "properties": { - "ContentSecurityPolicy": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy", - "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n\nFor more information about the `Content-Security-Policy` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs.", - "title": "ContentSecurityPolicy" - }, - "ContentTypeOptions": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions", - "markdownDescription": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff` .\n\nFor more information about the `X-Content-Type-Options` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs.", - "title": "ContentTypeOptions" - }, - "FrameOptions": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.FrameOptions", - "markdownDescription": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value.\n\nFor more information about the `X-Frame-Options` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", - "title": "FrameOptions" - }, - "ReferrerPolicy": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy", - "markdownDescription": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value.\n\nFor more information about the `Referrer-Policy` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", - "title": "ReferrerPolicy" - }, - "StrictTransportSecurity": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity", - "markdownDescription": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value.\n\nFor more information about the `Strict-Transport-Security` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs.", - "title": "StrictTransportSecurity" - }, - "XSSProtection": { - "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.XSSProtection", - "markdownDescription": "Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value.\n\nFor more information about the `X-XSS-Protection` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "XSSProtection" + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration", + "markdownDescription": "The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity.", + "title": "TargetTrackingScalingPolicyConfiguration" } }, "type": "object" }, - "AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig": { + "AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "A Boolean that determines whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.", - "title": "Enabled", + "DisableScaleIn": { + "markdownDescription": "Specifies if `scale-in` is enabled.\n\nWhen auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity.", + "title": "DisableScaleIn", "type": "boolean" }, - "SamplingRate": { - "markdownDescription": "A number 0\u2013100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the `Server-Timing` header to. When you set the sampling rate to 100, CloudFront adds the `Server-Timing` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0\u2013100 with up to four decimal places.", - "title": "SamplingRate", - "type": "number" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity": { - "additionalProperties": false, - "properties": { - "AccessControlMaxAgeSec": { - "markdownDescription": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "AccessControlMaxAgeSec", + "ScaleInCooldown": { + "markdownDescription": "Specifies a `scale-in` cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", + "title": "ScaleInCooldown", "type": "number" }, - "IncludeSubdomains": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "IncludeSubdomains", - "type": "boolean" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - }, - "Preload": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.", - "title": "Preload", - "type": "boolean" - } - }, - "required": [ - "AccessControlMaxAgeSec", - "Override" - ], - "type": "object" - }, - "AWS::CloudFront::ResponseHeadersPolicy.XSSProtection": { - "additionalProperties": false, - "properties": { - "ModeBlock": { - "markdownDescription": "A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n\nFor more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "ModeBlock", - "type": "boolean" - }, - "Override": { - "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.", - "title": "Override", - "type": "boolean" - }, - "Protection": { - "markdownDescription": "A Boolean that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true` , the value of the `X-XSS-Protection` header is `1` . When this setting is `false` , the value of the `X-XSS-Protection` header is `0` .\n\nFor more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "Protection", - "type": "boolean" + "ScaleOutCooldown": { + "markdownDescription": "Specifies a scale out cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", + "title": "ScaleOutCooldown", + "type": "number" }, - "ReportUri": { - "markdownDescription": "A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.\n\nYou cannot specify a `ReportUri` when `ModeBlock` is `true` .\n\nFor more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", - "title": "ReportUri", - "type": "string" + "TargetValue": { + "markdownDescription": "Specifies the target value for the target tracking auto scaling policy.\n\nAmazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90.", + "title": "TargetValue", + "type": "number" } }, "required": [ - "Override", - "Protection" + "TargetValue" ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution": { + "AWS::Cassandra::Type": { "additionalProperties": false, "properties": { "Condition": { @@ -38763,29 +43372,35 @@ "Properties": { "additionalProperties": false, "properties": { - "StreamingDistributionConfig": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig", - "markdownDescription": "The current configuration information for the RTMP distribution.", - "title": "StreamingDistributionConfig" - }, - "Tags": { + "Fields": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cassandra::Type.Field" }, - "markdownDescription": "A complex type that contains zero or more `Tag` elements.", - "title": "Tags", + "markdownDescription": "A list of fields that define this type.", + "title": "Fields", "type": "array" + }, + "KeyspaceName": { + "markdownDescription": "The name of the keyspace to create the type in. The keyspace must already exist.", + "title": "KeyspaceName", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The name of the user-defined type. UDT names must contain 48 characters or less, must begin with an alphabetic character, and can only contain alpha-numeric characters and underscores. Amazon Keyspaces converts upper case characters automatically into lower case characters. For more information, see [Create a user-defined type (UDT) in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/keyspaces-create-udt.html) in the *Amazon Keyspaces Developer Guide* .", + "title": "TypeName", + "type": "string" } }, "required": [ - "StreamingDistributionConfig", - "Tags" + "Fields", + "KeyspaceName", + "TypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudFront::StreamingDistribution" + "AWS::Cassandra::Type" ], "type": "string" }, @@ -38804,125 +43419,105 @@ ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.Logging": { + "AWS::Cassandra::Type.Field": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", - "title": "Bucket", + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a streaming distribution or if you want to disable logging for an existing streaming distribution, specify `false` for `Enabled` , and specify `empty Bucket` and `Prefix` elements. If you specify `false` for `Enabled` but you specify values for `Bucket` and `Prefix` , the values are automatically deleted.", - "title": "Enabled", - "type": "boolean" - }, - "Prefix": { - "markdownDescription": "An optional string that you want CloudFront to prefix to the access log filenames for this streaming distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", - "title": "Prefix", + "FieldType": { + "markdownDescription": "The data type of the field. This can be any Cassandra data type or another user-defined type.", + "title": "FieldType", "type": "string" } }, "required": [ - "Bucket", - "Enabled", - "Prefix" + "FieldName", + "FieldType" ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.S3Origin": { + "AWS::CertificateManager::Account": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The DNS name of the Amazon S3 origin.", - "title": "DomainName", + "Condition": { "type": "string" }, - "OriginAccessIdentity": { - "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 bucket through CloudFront.\n\nIf you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information, see [Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", - "title": "OriginAccessIdentity", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "DomainName", - "OriginAccessIdentity" - ], - "type": "object" - }, - "AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig": { - "additionalProperties": false, - "properties": { - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution.", - "title": "Aliases", - "type": "array" }, - "Comment": { - "markdownDescription": "Any comments you want to include about the streaming distribution.", - "title": "Comment", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Enabled": { - "markdownDescription": "Whether the streaming distribution is enabled to accept user requests for content.", - "title": "Enabled", - "type": "boolean" + "Metadata": { + "type": "object" }, - "Logging": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.Logging", - "markdownDescription": "A complex type that controls whether access logs are written for the streaming distribution.", - "title": "Logging" + "Properties": { + "additionalProperties": false, + "properties": { + "ExpiryEventsConfiguration": { + "$ref": "#/definitions/AWS::CertificateManager::Account.ExpiryEventsConfiguration", + "markdownDescription": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.", + "title": "ExpiryEventsConfiguration" + } + }, + "required": [ + "ExpiryEventsConfiguration" + ], + "type": "object" }, - "PriceClass": { - "markdownDescription": "A complex type that contains information about price class for this streaming distribution.", - "title": "PriceClass", + "Type": { + "enum": [ + "AWS::CertificateManager::Account" + ], "type": "string" }, - "S3Origin": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.S3Origin", - "markdownDescription": "A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.", - "title": "S3Origin" - }, - "TrustedSigners": { - "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.TrustedSigners", - "markdownDescription": "A complex type that specifies any AWS accounts that you want to permit to create signed URLs for private content. If you want the distribution to use signed URLs, include this element; if you want the distribution to use public URLs, remove this element. For more information, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", - "title": "TrustedSigners" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Comment", - "Enabled", - "S3Origin", - "TrustedSigners" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudFront::StreamingDistribution.TrustedSigners": { + "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { "additionalProperties": false, "properties": { - "AwsAccountNumbers": { - "items": { - "type": "string" - }, - "markdownDescription": "An AWS account number that contains active CloudFront key pairs that CloudFront can use to verify the signatures of signed URLs and signed cookies. If the AWS account that owns the key pairs is the same account that owns the CloudFront distribution, the value of this field is `self` .", - "title": "AwsAccountNumbers", - "type": "array" - }, - "Enabled": { - "markdownDescription": "This field is `true` if any of the AWS accounts in the list are configured as trusted signers. If not, this field is `false` .", - "title": "Enabled", - "type": "boolean" + "DaysBeforeExpiry": { + "markdownDescription": "This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration.", + "title": "DaysBeforeExpiry", + "type": "number" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::CloudTrail::Channel": { + "AWS::CertificateManager::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -38957,38 +43552,69 @@ "Properties": { "additionalProperties": false, "properties": { - "Destinations": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "CertificateExport": { + "markdownDescription": "You can opt out of allowing export of your certificate by specifying the `DISABLED` option. Allow export of your certificate by specifying the `ENABLED` option.\n\nIf you do not specify an export preference in a new CloudFormation template, it is the same as explicitly denying export of your certificate.", + "title": "CertificateExport", + "type": "string" + }, + "CertificateTransparencyLoggingPreference": { + "markdownDescription": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", + "title": "CertificateTransparencyLoggingPreference", + "type": "string" + }, + "DomainName": { + "markdownDescription": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", + "title": "DomainName", + "type": "string" + }, + "DomainValidationOptions": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Channel.Destination" + "$ref": "#/definitions/AWS::CertificateManager::Certificate.DomainValidationOption" }, - "markdownDescription": "One or more event data stores to which events arriving through a channel will be logged.", - "title": "Destinations", + "markdownDescription": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", + "title": "DomainValidationOptions", "type": "array" }, - "Name": { - "markdownDescription": "The name of the channel.", - "title": "Name", + "KeyAlgorithm": { + "markdownDescription": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate-characteristics.html#algorithms-term) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", + "title": "KeyAlgorithm", "type": "string" }, - "Source": { - "markdownDescription": "The name of the partner or external event source. You cannot change this name after you create the channel. A maximum of one channel is allowed per source.\n\nA source can be either `Custom` for all valid non- AWS events, or the name of a partner event source. For information about the source names for available partners, see [Additional information about integration partners](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-integration.html#cloudtrail-lake-partner-information) in the CloudTrail User Guide.", - "title": "Source", - "type": "string" + "SubjectAlternativeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", + "title": "SubjectAlternativeNames", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags.", + "markdownDescription": "Key-value pairs that can identify the certificate.", "title": "Tags", "type": "array" + }, + "ValidationMethod": { + "markdownDescription": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation.", + "title": "ValidationMethod", + "type": "string" } }, + "required": [ + "DomainName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::Channel" + "AWS::CertificateManager::Certificate" ], "type": "string" }, @@ -39002,31 +43628,36 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudTrail::Channel.Destination": { + "AWS::CertificateManager::Certificate.DomainValidationOption": { "additionalProperties": false, "properties": { - "Location": { - "markdownDescription": "For channels used for a CloudTrail Lake integration, the location is the ARN of an event data store that receives events from a channel. For service-linked channels, the location is the name of the AWS service.", - "title": "Location", + "DomainName": { + "markdownDescription": "A fully qualified domain name (FQDN) in the certificate request.", + "title": "DomainName", "type": "string" }, - "Type": { - "markdownDescription": "The type of destination for events arriving from a channel. For channels used for a CloudTrail Lake integration, the value is `EVENT_DATA_STORE` . For service-linked channels, the value is `AWS_SERVICE` .", - "title": "Type", + "HostedZoneId": { + "markdownDescription": "The `HostedZoneId` option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record. Your list of `DomainValidationOptions` must contain one and only one of the domain-validation options, and the `HostedZoneId` can be used only when `DNS` is specified as your validation method.\n\nUse the Route 53 `ListHostedZones` API to discover IDs for available hosted zones.\n\nThis option is required for publicly trusted certificates.\n\n> The `ListHostedZones` API returns IDs in the format \"/hostedzone/Z111111QQQQQQQ\", but CloudFormation requires the IDs to be in the format \"Z111111QQQQQQQ\". \n\nWhen you change your `DomainValidationOptions` , a new resource is created.", + "title": "HostedZoneId", + "type": "string" + }, + "ValidationDomain": { + "markdownDescription": "The domain name to which you want ACM to send validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `DomainName` value or a superdomain of the `DomainName` value. For example, if you request a certificate for `testing.example.com` , you can specify `example.com` as this value. In that case, ACM sends domain validation emails to the following five addresses:\n\n- admin@example.com\n- administrator@example.com\n- hostmaster@example.com\n- postmaster@example.com\n- webmaster@example.com", + "title": "ValidationDomain", "type": "string" } }, "required": [ - "Location", - "Type" + "DomainName" ], "type": "object" }, - "AWS::CloudTrail::EventDataStore": { + "AWS::Chatbot::CustomAction": { "additionalProperties": false, "properties": { "Condition": { @@ -39061,91 +43692,47 @@ "Properties": { "additionalProperties": false, "properties": { - "AdvancedEventSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedEventSelector" - }, - "markdownDescription": "The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.\n\nFor more information about how to use advanced event selectors to log CloudTrail events, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see [Create an event data store for AWS Config configuration items](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see [Create an integration to log events from outside AWS](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration) in the CloudTrail User Guide.", - "title": "AdvancedEventSelectors", - "type": "array" - }, - "BillingMode": { - "markdownDescription": "The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.\n\nThe following are the possible values:\n\n- `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days.\n- `FIXED_RETENTION_PRICING` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.\n\nThe default value is `EXTENDABLE_RETENTION_PRICING` .\n\nFor more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) and [Managing CloudTrail Lake costs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html) .", - "title": "BillingMode", + "ActionName": { + "markdownDescription": "The name of the custom action. This name is included in the Amazon Resource Name (ARN).", + "title": "ActionName", "type": "string" }, - "FederationEnabled": { - "markdownDescription": "Indicates if [Lake query federation](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html) is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.", - "title": "FederationEnabled", - "type": "boolean" - }, - "FederationRoleArn": { - "markdownDescription": "If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.\n\nThe federation role must exist in your account and provide the [required minimum permissions](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role) .", - "title": "FederationRoleArn", + "AliasName": { + "markdownDescription": "The name used to invoke this action in a chat channel. For example, `@Amazon Q run my-alias` .", + "title": "AliasName", "type": "string" }, - "IngestionEnabled": { - "markdownDescription": "Specifies whether the event data store should start ingesting live events. The default is true.", - "title": "IngestionEnabled", - "type": "boolean" - }, - "InsightSelectors": { + "Attachments": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.InsightSelector" + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionAttachment" }, - "markdownDescription": "A JSON string that contains the Insights types you want to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightSelectors", + "markdownDescription": "Defines when this custom action button should be attached to a notification.", + "title": "Attachments", "type": "array" }, - "InsightsDestination": { - "markdownDescription": "The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. For more information, see [Create an event data store for CloudTrail Insights events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-insights.html) .", - "title": "InsightsDestination", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by `alias/` , a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\n> Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store. \n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- `alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`\n- `12345678-1234-1234-1234-123456789012`", - "title": "KmsKeyId", - "type": "string" - }, - "MultiRegionEnabled": { - "markdownDescription": "Specifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.", - "title": "MultiRegionEnabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the event data store.", - "title": "Name", - "type": "string" - }, - "OrganizationEnabled": { - "markdownDescription": "Specifies whether an event data store collects events logged for an organization in AWS Organizations .", - "title": "OrganizationEnabled", - "type": "boolean" - }, - "RetentionPeriod": { - "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", - "title": "RetentionPeriod", - "type": "number" + "Definition": { + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionDefinition", + "markdownDescription": "The definition of the command to run when invoked as an alias or as an action button.", + "title": "Definition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" - }, - "TerminationProtectionEnabled": { - "markdownDescription": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.", - "title": "TerminationProtectionEnabled", - "type": "boolean" } }, + "required": [ + "ActionName", + "Definition" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::EventDataStore" + "AWS::Chatbot::CustomAction" ], "type": "string" }, @@ -39159,106 +43746,86 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { + "AWS::Chatbot::CustomAction.CustomActionAttachment": { "additionalProperties": false, "properties": { - "FieldSelectors": { + "ButtonText": { + "markdownDescription": "The text of the button that appears on the notification.", + "title": "ButtonText", + "type": "string" + }, + "Criteria": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedFieldSelector" + "$ref": "#/definitions/AWS::Chatbot::CustomAction.CustomActionAttachmentCriteria" }, - "markdownDescription": "Contains all selector statements in an advanced event selector.", - "title": "FieldSelectors", + "markdownDescription": "The criteria for when a button should be shown based on values in the notification.", + "title": "Criteria", "type": "array" }, - "Name": { - "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", - "title": "Name", + "NotificationType": { + "markdownDescription": "The type of notification that the custom action should be attached to.", + "title": "NotificationType", "type": "string" + }, + "Variables": { + "additionalProperties": true, + "markdownDescription": "The variables to extract from the notification.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Variables", + "type": "object" } }, - "required": [ - "FieldSelectors" - ], "type": "object" }, - "AWS::CloudTrail::EventDataStore.AdvancedFieldSelector": { + "AWS::Chatbot::CustomAction.CustomActionAttachmentCriteria": { "additionalProperties": false, "properties": { - "EndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "EndsWith", - "type": "array" - }, - "Equals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", - "title": "Equals", - "type": "array" - }, - "Field": { - "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", - "title": "Field", + "Operator": { + "markdownDescription": "The operation to perform on the named variable.", + "title": "Operator", "type": "string" }, - "NotEndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "NotEndsWith", - "type": "array" - }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", - "title": "NotEquals", - "type": "array" - }, - "NotStartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "NotStartsWith", - "type": "array" + "Value": { + "markdownDescription": "A value that is compared with the actual value of the variable based on the behavior of the operator.", + "title": "Value", + "type": "string" }, - "StartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "StartsWith", - "type": "array" + "VariableName": { + "markdownDescription": "The name of the variable to operate on.", + "title": "VariableName", + "type": "string" } }, "required": [ - "Field" + "Operator", + "VariableName" ], "type": "object" }, - "AWS::CloudTrail::EventDataStore.InsightSelector": { + "AWS::Chatbot::CustomAction.CustomActionDefinition": { "additionalProperties": false, "properties": { - "InsightType": { - "markdownDescription": "The type of Insights events to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightType", + "CommandText": { + "markdownDescription": "The command string to run which may include variables by prefixing with a dollar sign ($).", + "title": "CommandText", "type": "string" } }, + "required": [ + "CommandText" + ], "type": "object" }, - "AWS::CloudTrail::ResourcePolicy": { + "AWS::Chatbot::MicrosoftTeamsChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -39293,26 +43860,91 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudTrail event data store, dashboard, or channel attached to the resource-based policy.\n\nExample event data store ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`\n\nExample dashboard ARN format: `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`\n\nExample channel ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`", - "title": "ResourceArn", + "ConfigurationName": { + "markdownDescription": "The name of the configuration.", + "title": "ConfigurationName", "type": "string" }, - "ResourcePolicy": { - "markdownDescription": "A JSON-formatted string for an AWS resource-based policy.\n\nFor example resource-based policies, see [CloudTrail resource-based policy examples](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html) in the *CloudTrail User Guide* .", - "title": "ResourcePolicy", - "type": "object" + "CustomizationResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Links a list of resource ARNs (for example, custom action ARNs) to a Microsoft Teams channel configuration for .", + "title": "CustomizationResourceArns", + "type": "array" + }, + "GuardrailPolicies": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", + "title": "GuardrailPolicies", + "type": "array" + }, + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", + "title": "IamRoleArn", + "type": "string" + }, + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", + "title": "LoggingLevel", + "type": "string" + }, + "SnsTopicArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", + "title": "SnsTopicArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the configuration.", + "title": "Tags", + "type": "array" + }, + "TeamId": { + "markdownDescription": "The ID of the Microsoft Team authorized with .\n\nTo get the team ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the team ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", + "title": "TeamId", + "type": "string" + }, + "TeamsChannelId": { + "markdownDescription": "The ID of the Microsoft Teams channel.\n\nTo get the channel ID, open Microsoft Teams, right click on the channel name in the left pane, then choose *Copy* . An example of the channel ID syntax is: `19%3ab6ef35dc342d56ba5654e6fc6d25a071%40thread.tacv2` .", + "title": "TeamsChannelId", + "type": "string" + }, + "TeamsChannelName": { + "markdownDescription": "", + "title": "TeamsChannelName", + "type": "string" + }, + "TeamsTenantId": { + "markdownDescription": "The ID of the Microsoft Teams tenant.\n\nTo get the tenant ID, you must perform the initial authorization flow with Microsoft Teams in the in chat applications console. Then you can copy and paste the tenant ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html) in the *in chat applications Administrator Guide* .", + "title": "TeamsTenantId", + "type": "string" + }, + "UserRoleRequired": { + "markdownDescription": "Enables use of a user role requirement in your chat configuration.", + "title": "UserRoleRequired", + "type": "boolean" } }, "required": [ - "ResourceArn", - "ResourcePolicy" + "ConfigurationName", + "IamRoleArn", + "TeamId", + "TeamsChannelId", + "TeamsTenantId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::ResourcePolicy" + "AWS::Chatbot::MicrosoftTeamsChannelConfiguration" ], "type": "string" }, @@ -39331,7 +43963,7 @@ ], "type": "object" }, - "AWS::CloudTrail::Trail": { + "AWS::Chatbot::SlackChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -39366,108 +43998,80 @@ "Properties": { "additionalProperties": false, "properties": { - "AdvancedEventSelectors": { + "ConfigurationName": { + "markdownDescription": "The name of the configuration.", + "title": "ConfigurationName", + "type": "string" + }, + "CustomizationResourceArns": { "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedEventSelector" + "type": "string" }, - "markdownDescription": "Specifies the settings for advanced event selectors. You can use advanced event selectors to log management events, data events for all resource types, and network activity events.\n\nYou can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either `AdvancedEventSelectors` or `EventSelectors` , but not both. If you apply `AdvancedEventSelectors` to a trail, any existing `EventSelectors` are overwritten. For more information about advanced event selectors, see [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .", - "title": "AdvancedEventSelectors", + "markdownDescription": "Links a list of resource ARNs (for example, custom action ARNs) to a Slack channel configuration for .", + "title": "CustomizationResourceArns", "type": "array" }, - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", - "title": "CloudWatchLogsLogGroupArn", - "type": "string" + "GuardrailPolicies": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", + "title": "GuardrailPolicies", + "type": "array" }, - "CloudWatchLogsRoleArn": { - "markdownDescription": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", - "title": "CloudWatchLogsRoleArn", + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role that defines the permissions for .\n\nThis is a user-defined role that will assume. This is not the service-linked role. For more information, see [IAM Policies for in chat applications](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", + "title": "IamRoleArn", "type": "string" }, - "EnableLogFileValidation": { - "markdownDescription": "Specifies whether log file validation is enabled. The default is false.\n\n> When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.", - "title": "EnableLogFileValidation", - "type": "boolean" - }, - "EventSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.EventSelector" - }, - "markdownDescription": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.\n\nYou can configure up to five event selectors for a trail.\n\nYou cannot apply both event selectors and advanced event selectors to a trail.", - "title": "EventSelectors", - "type": "array" - }, - "IncludeGlobalServiceEvents": { - "markdownDescription": "Specifies whether the trail is publishing events from global services such as IAM to the log files.", - "title": "IncludeGlobalServiceEvents", - "type": "boolean" - }, - "InsightSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.InsightSelector" - }, - "markdownDescription": "A JSON string that contains the Insights types you want to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightSelectors", - "type": "array" - }, - "IsLogging": { - "markdownDescription": "Whether the CloudTrail trail is currently logging AWS API calls.", - "title": "IsLogging", - "type": "boolean" - }, - "IsMultiRegionTrail": { - "markdownDescription": "Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.", - "title": "IsMultiRegionTrail", - "type": "boolean" - }, - "IsOrganizationTrail": { - "markdownDescription": "Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to `true` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to `false` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization.\n\n> Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.", - "title": "IsOrganizationTrail", - "type": "boolean" - }, - "KMSKeyId": { - "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the logs and digest files delivered by CloudTrail. The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n- 12345678-1234-1234-1234-123456789012", - "title": "KMSKeyId", + "LoggingLevel": { + "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", + "title": "LoggingLevel", "type": "string" }, - "S3BucketName": { - "markdownDescription": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See [Amazon S3 Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .", - "title": "S3BucketName", + "SlackChannelId": { + "markdownDescription": "The ID of the Slack channel.\n\nTo get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the character string at the end of the URL. For example, `ABCBBLZZZ` .", + "title": "SlackChannelId", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see [Finding Your CloudTrail Log Files](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files) . The maximum length is 200 characters.", - "title": "S3KeyPrefix", + "SlackWorkspaceId": { + "markdownDescription": "The ID of the Slack workspace authorized with .\n\nTo get the workspace ID, you must perform the initial authorization flow with Slack in the in chat applications console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-3 in [Tutorial: Get started with Slack](https://docs.aws.amazon.com/chatbot/latest/adminguide/slack-setup.html#slack-client-setup) in the *in chat applications User Guide* .", + "title": "SlackWorkspaceId", "type": "string" }, - "SnsTopicName": { - "markdownDescription": "Specifies the name or ARN of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.", - "title": "SnsTopicName", - "type": "string" + "SnsTopicArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the SNS topics that deliver notifications to .", + "title": "SnsTopicArns", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A custom set of tags (key-value pairs) for this trail.", + "markdownDescription": "The tags to add to the configuration.", "title": "Tags", "type": "array" }, - "TrailName": { - "markdownDescription": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)", - "title": "TrailName", - "type": "string" + "UserRoleRequired": { + "markdownDescription": "Enables use of a user role requirement in your chat configuration.", + "title": "UserRoleRequired", + "type": "boolean" } }, "required": [ - "IsLogging", - "S3BucketName" + "ConfigurationName", + "IamRoleArn", + "SlackChannelId", + "SlackWorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudTrail::Trail" + "AWS::Chatbot::SlackChannelConfiguration" ], "type": "string" }, @@ -39486,156 +44090,7 @@ ], "type": "object" }, - "AWS::CloudTrail::Trail.AdvancedEventSelector": { - "additionalProperties": false, - "properties": { - "FieldSelectors": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedFieldSelector" - }, - "markdownDescription": "Contains all selector statements in an advanced event selector.", - "title": "FieldSelectors", - "type": "array" - }, - "Name": { - "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", - "title": "Name", - "type": "string" - } - }, - "required": [ - "FieldSelectors" - ], - "type": "object" - }, - "AWS::CloudTrail::Trail.AdvancedFieldSelector": { - "additionalProperties": false, - "properties": { - "EndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "EndsWith", - "type": "array" - }, - "Equals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", - "title": "Equals", - "type": "array" - }, - "Field": { - "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", - "title": "Field", - "type": "string" - }, - "NotEndsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", - "title": "NotEndsWith", - "type": "array" - }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", - "title": "NotEquals", - "type": "array" - }, - "NotStartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "NotStartsWith", - "type": "array" - }, - "StartsWith": { - "items": { - "type": "string" - }, - "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", - "title": "StartsWith", - "type": "array" - } - }, - "required": [ - "Field" - ], - "type": "object" - }, - "AWS::CloudTrail::Trail.DataResource": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The resource type in which you want to log data events. You can specify the following *basic* event selector resource types:\n\n- `AWS::DynamoDB::Table`\n- `AWS::Lambda::Function`\n- `AWS::S3::Object`\n\nAdditional resource types are available through *advanced* event selectors. For more information, see [AdvancedEventSelector](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) .", - "title": "Type", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified resource type.\n\n- To log data events for all objects in all S3 buckets in your AWS account , specify the prefix as `arn:aws:s3` .\n\n> This also enables logging of data event activity performed by any user or role in your AWS account , even if that activity is performed on a bucket that belongs to another AWS account .\n- To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/` . The trail logs data events for all objects in this S3 bucket.\n- To log data events for specific objects, specify the S3 bucket and object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/example-images` . The trail logs data events for objects in this S3 bucket that match the prefix.\n- To log data events for all Lambda functions in your AWS account , specify the prefix as `arn:aws:lambda` .\n\n> This also enables logging of `Invoke` activity performed by any user or role in your AWS account , even if that activity is performed on a function that belongs to another AWS account .\n- To log data events for a specific Lambda function, specify the function ARN.\n\n> Lambda function ARNs are exact. For example, if you specify a function ARN *arn:aws:lambda:us-west-2:111111111111:function:helloworld* , data events will only be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld* . They will not be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld2* .\n- To log data events for all DynamoDB tables in your AWS account , specify the prefix as `arn:aws:dynamodb` .", - "title": "Values", - "type": "array" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CloudTrail::Trail.EventSelector": { - "additionalProperties": false, - "properties": { - "DataResources": { - "items": { - "$ref": "#/definitions/AWS::CloudTrail::Trail.DataResource" - }, - "markdownDescription": "CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events.\n\nFor more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* .\n\n> To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field.", - "title": "DataResources", - "type": "array" - }, - "ExcludeManagementEventSources": { - "items": { - "type": "string" - }, - "markdownDescription": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service or Amazon RDS Data API events by containing `kms.amazonaws.com` or `rdsdata.amazonaws.com` . By default, `ExcludeManagementEventSources` is empty, and AWS KMS and Amazon RDS Data API events are logged to your trail. You can exclude management event sources only in Regions that support the event source.", - "title": "ExcludeManagementEventSources", - "type": "array" - }, - "IncludeManagementEvents": { - "markdownDescription": "Specify if you want your event selector to include management events for your trail.\n\nFor more information, see [Management Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n\nBy default, the value is `true` .\n\nThe first copy of management events is free. You are charged for additional copies of management events that you are logging on any subsequent trail in the same Region. For more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) .", - "title": "IncludeManagementEvents", - "type": "boolean" - }, - "ReadWriteType": { - "markdownDescription": "Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 `GetConsoleOutput` is a read-only API operation and `RunInstances` is a write-only API operation.\n\nBy default, the value is `All` .", - "title": "ReadWriteType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudTrail::Trail.InsightSelector": { - "additionalProperties": false, - "properties": { - "InsightType": { - "markdownDescription": "The type of Insights events to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", - "title": "InsightType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CloudWatch::Alarm": { + "AWS::CleanRooms::AnalysisTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -39670,144 +44125,69 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionsEnabled": { - "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE.", - "title": "ActionsEnabled", - "type": "boolean" - }, - "AlarmActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmActions", - "type": "array" - }, - "AlarmDescription": { - "markdownDescription": "The description of the alarm.", - "title": "AlarmDescription", - "type": "string" - }, - "AlarmName": { - "markdownDescription": "The name of the alarm. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the alarm name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "AlarmName", - "type": "string" - }, - "ComparisonOperator": { - "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand.", - "title": "ComparisonOperator", - "type": "string" - }, - "DatapointsToAlarm": { - "markdownDescription": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for `EvaluationPeriods` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, CloudWatch uses the same value here that you set for `EvaluationPeriods` , and the alarm goes to alarm state if that many consecutive periods are breaching.", - "title": "DatapointsToAlarm", - "type": "number" - }, - "Dimensions": { + "AnalysisParameters": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisParameter" }, - "markdownDescription": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify `Dimensions` . Instead, you use `Metrics` .", - "title": "Dimensions", + "markdownDescription": "The parameters of the analysis template.", + "title": "AnalysisParameters", "type": "array" }, - "EvaluateLowSampleCountPercentile": { - "markdownDescription": "Used only for alarms based on percentiles. If `ignore` , the alarm state does not change during periods with too few data points to be statistically significant. If `evaluate` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available.", - "title": "EvaluateLowSampleCountPercentile", + "Description": { + "markdownDescription": "The description of the analysis template.", + "title": "Description", "type": "string" }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and `DatapointsToAlarm` is the M.\n\nFor more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .", - "title": "EvaluationPeriods", - "type": "number" - }, - "ExtendedStatistic": { - "markdownDescription": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `ExtendedStatistic` . Instead, you use `Metrics` .", - "title": "ExtendedStatistic", + "Format": { + "markdownDescription": "The format of the analysis template.", + "title": "Format", "type": "string" }, - "InsufficientDataActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", - "title": "InsufficientDataActions", - "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use `Metrics` instead and you can't specify `MetricName` .", - "title": "MetricName", + "MembershipIdentifier": { + "markdownDescription": "The identifier for a membership resource.", + "title": "MembershipIdentifier", "type": "string" }, - "Metrics": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricDataQuery" - }, - "markdownDescription": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n\nIf you specify the `Metrics` parameter, you cannot specify `MetricName` , `Dimensions` , `Period` , `Namespace` , `Statistic` , `ExtendedStatistic` , or `Unit` .", - "title": "Metrics", - "type": "array" - }, - "Namespace": { - "markdownDescription": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify `Namespace` and you use `Metrics` instead.\n\nFor a list of namespaces for metrics from AWS services, see [AWS Services That Publish CloudWatch Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)", - "title": "Namespace", + "Name": { + "markdownDescription": "The name of the analysis template.", + "title": "Name", "type": "string" }, - "OKActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the `OK` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", - "title": "OKActions", - "type": "array" + "Schema": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSchema", + "markdownDescription": "The entire schema object.", + "title": "Schema" }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 20, 30, 60, and any multiple of 60.\n\nFor an alarm based on a math expression, you can't specify `Period` , and instead you use the `Metrics` parameter.\n\n*Minimum:* 10", - "title": "Period", - "type": "number" + "Source": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSource", + "markdownDescription": "The source of the analysis template.", + "title": "Source" }, - "Statistic": { - "markdownDescription": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use `ExtendedStatistic` .\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `Statistic` . Instead, you use `Metrics` .", - "title": "Statistic", - "type": "string" + "SourceMetadata": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSourceMetadata", + "markdownDescription": "The source metadata for the analysis template.", + "title": "SourceMetadata" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" - }, - "Threshold": { - "markdownDescription": "The value to compare with the specified statistic.", - "title": "Threshold", - "type": "number" - }, - "ThresholdMetricId": { - "markdownDescription": "In an alarm based on an anomaly detection model, this is the ID of the `ANOMALY_DETECTION_BAND` function used as the threshold for the alarm.", - "title": "ThresholdMetricId", - "type": "string" - }, - "TreatMissingData": { - "markdownDescription": "Sets how this alarm is to handle missing data points. Valid values are `breaching` , `notBreaching` , `ignore` , and `missing` . For more information, see [Configuring How CloudWatch Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, the default behavior of `missing` is used.", - "title": "TreatMissingData", - "type": "string" - }, - "Unit": { - "markdownDescription": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a `Metrics` array.\n\nYou can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", - "title": "Unit", - "type": "string" } }, "required": [ - "ComparisonOperator", - "EvaluationPeriods" + "Format", + "MembershipIdentifier", + "Name", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::Alarm" + "AWS::CleanRooms::AnalysisTemplate" ], "type": "string" }, @@ -39826,126 +44206,174 @@ ], "type": "object" }, - "AWS::CloudWatch::Alarm.Dimension": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisParameter": { "additionalProperties": false, "properties": { + "DefaultValue": { + "markdownDescription": "Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor.", + "title": "DefaultValue", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the dimension, from 1\u2013255 characters in length. This dimension name must have been included when the metric was published.", + "markdownDescription": "The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen.", "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "The value for the dimension, from 1\u2013255 characters in length.", - "title": "Value", + "Type": { + "markdownDescription": "The type of parameter.", + "title": "Type", "type": "string" } }, "required": [ "Name", - "Value" + "Type" ], "type": "object" }, - "AWS::CloudWatch::Alarm.Metric": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisSchema": { "additionalProperties": false, "properties": { - "Dimensions": { + "ReferencedTables": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" + "type": "string" }, - "markdownDescription": "The metric dimensions that you want to be used for the metric that the alarm will watch.", - "title": "Dimensions", + "markdownDescription": "The tables referenced in the analysis schema.", + "title": "ReferencedTables", "type": "array" + } + }, + "required": [ + "ReferencedTables" + ], + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisSource": { + "additionalProperties": false, + "properties": { + "Artifacts": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifacts", + "markdownDescription": "The artifacts of the analysis source.", + "title": "Artifacts" }, - "MetricName": { - "markdownDescription": "The name of the metric that you want the alarm to watch. This is a required field.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace of the metric that the alarm will watch.", - "title": "Namespace", + "Text": { + "markdownDescription": "The query text.", + "title": "Text", "type": "string" } }, "type": "object" }, - "AWS::CloudWatch::Alarm.MetricDataQuery": { + "AWS::CleanRooms::AnalysisTemplate.AnalysisSourceMetadata": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account where the metrics are located, if this is a cross-account alarm.", - "title": "AccountId", - "type": "string" + "Artifacts": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifactMetadata", + "markdownDescription": "The artifacts of the analysis source metadata.", + "title": "Artifacts" + } + }, + "required": [ + "Artifacts" + ], + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact": { + "additionalProperties": false, + "properties": { + "Location": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.S3Location", + "markdownDescription": "The artifact location.", + "title": "Location" + } + }, + "required": [ + "Location" + ], + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifactMetadata": { + "additionalProperties": false, + "properties": { + "AdditionalArtifactHashes": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.Hash" + }, + "markdownDescription": "Additional artifact hashes for the analysis template.", + "title": "AdditionalArtifactHashes", + "type": "array" }, - "Expression": { - "markdownDescription": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "Expression", - "type": "string" + "EntryPointHash": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.Hash", + "markdownDescription": "The hash of the entry point for the analysis template artifact metadata.", + "title": "EntryPointHash" + } + }, + "required": [ + "EntryPointHash" + ], + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifacts": { + "additionalProperties": false, + "properties": { + "AdditionalArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact" + }, + "markdownDescription": "Additional artifacts for the analysis template.", + "title": "AdditionalArtifacts", + "type": "array" }, - "Id": { - "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", - "title": "Id", - "type": "string" + "EntryPoint": { + "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisTemplateArtifact", + "markdownDescription": "The entry point for the analysis template artifacts.", + "title": "EntryPoint" }, - "Label": { - "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If `Label` is omitted, CloudWatch generates a default.", - "title": "Label", + "RoleArn": { + "markdownDescription": "The role ARN for the analysis template artifacts.", + "title": "RoleArn", "type": "string" - }, - "MetricStat": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricStat", - "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "MetricStat" - }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", - "title": "Period", - "type": "number" - }, - "ReturnData": { - "markdownDescription": "This option indicates whether to return the timestamps and raw data values of this metric.\n\nWhen you create an alarm based on a metric math expression, specify `True` for this value for only the one math expression that the alarm is based on. You must specify `False` for `ReturnData` for all the other metrics and expressions used in the alarm.\n\nThis field is required.", - "title": "ReturnData", - "type": "boolean" } }, "required": [ - "Id" + "EntryPoint", + "RoleArn" ], "type": "object" }, - "AWS::CloudWatch::Alarm.MetricStat": { + "AWS::CleanRooms::AnalysisTemplate.Hash": { "additionalProperties": false, "properties": { - "Metric": { - "$ref": "#/definitions/AWS::CloudWatch::Alarm.Metric", - "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", - "title": "Metric" - }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", - "title": "Period", - "type": "number" - }, - "Stat": { - "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .", - "title": "Stat", + "Sha256": { + "markdownDescription": "The SHA-256 hash value.", + "title": "Sha256", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CleanRooms::AnalysisTemplate.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The bucket name.", + "title": "Bucket", "type": "string" }, - "Unit": { - "markdownDescription": "The unit to use for the returned data points.\n\nValid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", - "title": "Unit", + "Key": { + "markdownDescription": "The object key.", + "title": "Key", "type": "string" } }, "required": [ - "Metric", - "Period", - "Stat" + "Bucket", + "Key" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector": { + "AWS::CleanRooms::Collaboration": { "additionalProperties": false, "properties": { "Condition": { @@ -39980,55 +44408,87 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Configuration", - "markdownDescription": "Specifies details about how the anomaly detection model is to be trained, including time ranges to exclude when training and updating the model. The configuration can also include the time zone to use for the metric.", - "title": "Configuration" + "AnalyticsEngine": { + "markdownDescription": "The analytics engine for the collaboration.\n\n> After July 16, 2025, the `CLEAN_ROOMS_SQL` parameter will no longer be available.", + "title": "AnalyticsEngine", + "type": "string" }, - "Dimensions": { + "CreatorDisplayName": { + "markdownDescription": "A display name of the collaboration creator.", + "title": "CreatorDisplayName", + "type": "string" + }, + "CreatorMLMemberAbilities": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLMemberAbilities", + "markdownDescription": "The ML member abilities for a collaboration member.", + "title": "CreatorMLMemberAbilities" + }, + "CreatorMemberAbilities": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + "type": "string" }, - "markdownDescription": "The dimensions of the metric associated with the anomaly detection band.", - "title": "Dimensions", + "markdownDescription": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS` | `CAN_RUN_JOB`", + "title": "CreatorMemberAbilities", "type": "array" }, - "MetricCharacteristics": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricCharacteristics", - "markdownDescription": "Use this object to include parameters to provide information about your metric to CloudWatch to help it build more accurate anomaly detection models. Currently, it includes the `PeriodicSpikes` parameter.", - "title": "MetricCharacteristics" + "CreatorPaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", + "markdownDescription": "An object representing the collaboration member's payment responsibilities set by the collaboration creator.", + "title": "CreatorPaymentConfiguration" }, - "MetricMathAnomalyDetector": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector", - "markdownDescription": "The CloudWatch metric math expression for this anomaly detector.", - "title": "MetricMathAnomalyDetector" + "DataEncryptionMetadata": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.DataEncryptionMetadata", + "markdownDescription": "The settings for client-side encryption for cryptographic computing.", + "title": "DataEncryptionMetadata" }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the anomaly detection band.", - "title": "MetricName", + "Description": { + "markdownDescription": "A description of the collaboration provided by the collaboration owner.", + "title": "Description", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace of the metric associated with the anomaly detection band.", - "title": "Namespace", + "JobLogStatus": { + "markdownDescription": "An indicator as to whether job logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about jobs run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "JobLogStatus", "type": "string" }, - "SingleMetricAnomalyDetector": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector", - "markdownDescription": "The CloudWatch metric and statistic for this anomaly detector.", - "title": "SingleMetricAnomalyDetector" + "Members": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MemberSpecification" + }, + "markdownDescription": "A list of initial members, not including the creator. This list is immutable.", + "title": "Members", + "type": "array" }, - "Stat": { - "markdownDescription": "The statistic of the metric associated with the anomaly detection band.", - "title": "Stat", + "Name": { + "markdownDescription": "A human-readable identifier provided by the collaboration owner. Display names are not unique.", + "title": "Name", + "type": "string" + }, + "QueryLogStatus": { + "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "QueryLogStatus", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", + "title": "Tags", + "type": "array" } }, + "required": [ + "CreatorDisplayName", + "Description", + "Name", + "QueryLogStatus" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::AnomalyDetector" + "AWS::CleanRooms::Collaboration" ], "type": "string" }, @@ -40042,237 +44502,195 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Configuration": { + "AWS::CleanRooms::Collaboration.DataEncryptionMetadata": { "additionalProperties": false, "properties": { - "ExcludedTimeRanges": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Range" - }, - "markdownDescription": "Specifies an array of time ranges to exclude from use when the anomaly detection model is trained and updated. Use this to make sure that events that could cause unusual values for the metric, such as deployments, aren't used when CloudWatch creates or updates the model.", - "title": "ExcludedTimeRanges", - "type": "array" + "AllowCleartext": { + "markdownDescription": "Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` ).", + "title": "AllowCleartext", + "type": "boolean" }, - "MetricTimeZone": { - "markdownDescription": "The time zone to use for the metric. This is useful to enable the model to automatically account for daylight savings time changes if the metric is sensitive to such time changes.\n\nTo specify a time zone, use the name of the time zone as specified in the standard tz database. For more information, see [tz database](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Tz_database) .", - "title": "MetricTimeZone", - "type": "string" + "AllowDuplicates": { + "markdownDescription": "Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` ).", + "title": "AllowDuplicates", + "type": "boolean" + }, + "AllowJoinsOnColumnsWithDifferentNames": { + "markdownDescription": "Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` ).", + "title": "AllowJoinsOnColumnsWithDifferentNames", + "type": "boolean" + }, + "PreserveNulls": { + "markdownDescription": "Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` ).", + "title": "PreserveNulls", + "type": "boolean" } }, + "required": [ + "AllowCleartext", + "AllowDuplicates", + "AllowJoinsOnColumnsWithDifferentNames", + "PreserveNulls" + ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Dimension": { + "AWS::CleanRooms::Collaboration.JobComputePaymentConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the dimension.", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", - "title": "Value", - "type": "string" + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query and job compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query and job compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query and job compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nAn error is returned if the collaboration creator sets a `FALSE` value for the member who can run queries and jobs.", + "title": "IsResponsible", + "type": "boolean" } }, "required": [ - "Name", - "Value" + "IsResponsible" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Metric": { + "AWS::CleanRooms::Collaboration.MLMemberAbilities": { "additionalProperties": false, "properties": { - "Dimensions": { + "CustomMLMemberAbilities": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + "type": "string" }, - "markdownDescription": "The dimensions for the metric.", - "title": "Dimensions", + "markdownDescription": "The custom ML member abilities for a collaboration member.", + "title": "CustomMLMemberAbilities", "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the metric. This is a required field.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace of the metric.", - "title": "Namespace", - "type": "string" } }, "required": [ - "MetricName", - "Namespace" + "CustomMLMemberAbilities" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricCharacteristics": { + "AWS::CleanRooms::Collaboration.MLPaymentConfig": { "additionalProperties": false, "properties": { - "PeriodicSpikes": { - "markdownDescription": "Set this parameter to true if values for this metric consistently include spikes that should not be considered to be anomalies. With this set to true, CloudWatch will expect to see spikes that occurred consistently during the model training period, and won't flag future similar spikes as anomalies.", - "title": "PeriodicSpikes", - "type": "boolean" + "ModelInference": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.ModelInferencePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model inference.", + "title": "ModelInference" + }, + "ModelTraining": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.ModelTrainingPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model training.", + "title": "ModelTraining" } }, "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricDataQueries": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::CloudWatch::AnomalyDetector.MetricDataQuery": { + "AWS::CleanRooms::Collaboration.MemberSpecification": { "additionalProperties": false, "properties": { "AccountId": { - "markdownDescription": "The ID of the account where the metrics are located.\n\nIf you are performing a `GetMetricData` operation in a monitoring account, use this to specify which account to retrieve this metric from.\n\nIf you are performing a `PutMetricAlarm` operation, use this to specify which account contains the metric that the alarm is watching.", + "markdownDescription": "The identifier used to reference members of the collaboration. Currently only supports AWS account ID.", "title": "AccountId", "type": "string" }, - "Expression": { - "markdownDescription": "This field can contain either a Metrics Insights query, or a metric math expression to be performed on the returned data. For more information about Metrics Insights queries, see [Metrics Insights query components and syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-insights-querylanguage) in the *Amazon CloudWatch User Guide* .\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "Expression", - "type": "string" - }, - "Id": { - "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", - "title": "Id", - "type": "string" - }, - "Label": { - "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If Label is omitted, CloudWatch generates a default.\n\nYou can put dynamic expressions into a label, so that it is more descriptive. For more information, see [Using Dynamic Labels](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/graph-dynamic-labels.html) .", - "title": "Label", + "DisplayName": { + "markdownDescription": "The member's display name.", + "title": "DisplayName", "type": "string" }, - "MetricStat": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricStat", - "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", - "title": "MetricStat" + "MLMemberAbilities": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLMemberAbilities", + "markdownDescription": "The ML abilities granted to the collaboration member.", + "title": "MLMemberAbilities" }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", - "title": "Period", - "type": "number" + "MemberAbilities": { + "items": { + "type": "string" + }, + "markdownDescription": "The abilities granted to the collaboration member.\n\n*Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", + "title": "MemberAbilities", + "type": "array" }, - "ReturnData": { - "markdownDescription": "When used in `GetMetricData` , this option indicates whether to return the timestamps and raw data values of this metric. If you are performing this call just to do math expressions and do not also need the raw data returned, you can specify `false` . If you omit this, the default of `true` is used.\n\nWhen used in `PutMetricAlarm` , specify `true` for the one expression result to use as the alarm. For all other metrics and expressions in the same `PutMetricAlarm` operation, specify `ReturnData` as False.", - "title": "ReturnData", - "type": "boolean" + "PaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", + "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator.\n\nIf the collaboration creator hasn't speci\ufb01ed anyone as the member paying for query compute costs, then the member who can query is the default payer.", + "title": "PaymentConfiguration" } }, "required": [ - "Id" + "AccountId", + "DisplayName" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector": { + "AWS::CleanRooms::Collaboration.ModelInferencePaymentConfig": { "additionalProperties": false, "properties": { - "MetricDataQueries": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricDataQuery" - }, - "markdownDescription": "An array of metric data query structures that enables you to create an anomaly detector based on the result of a metric math expression. Each item in `MetricDataQueries` gets a metric or performs a math expression. One item in `MetricDataQueries` is the expression that provides the time series that the anomaly detector uses as input. Designate the expression by setting `ReturnData` to `true` for this object in the array. For all other expressions and metrics, set `ReturnData` to `false` . The designated expression must return a single time series.", - "title": "MetricDataQueries", - "type": "array" + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for model inference costs ( `TRUE` ) or has not configured the collaboration member to pay for model inference costs ( `FALSE` ).\n\nExactly one member can be configured to pay for model inference costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for model inference costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", + "type": "boolean" } }, + "required": [ + "IsResponsible" + ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.MetricStat": { + "AWS::CleanRooms::Collaboration.ModelTrainingPaymentConfig": { "additionalProperties": false, "properties": { - "Metric": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Metric", - "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", - "title": "Metric" - }, - "Period": { - "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", - "title": "Period", - "type": "number" - }, - "Stat": { - "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic.", - "title": "Stat", - "type": "string" - }, - "Unit": { - "markdownDescription": "When you are using a `Put` operation, this defines what unit you want to use when storing the metric.\n\nIn a `Get` operation, if you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", - "title": "Unit", - "type": "string" + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for model training costs ( `TRUE` ) or has not configured the collaboration member to pay for model training costs ( `FALSE` ).\n\nExactly one member can be configured to pay for model training costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for model training costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", + "type": "boolean" } }, "required": [ - "Metric", - "Period", - "Stat" + "IsResponsible" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.Range": { + "AWS::CleanRooms::Collaboration.PaymentConfiguration": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The end time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", - "title": "EndTime", - "type": "string" + "JobCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.JobComputePaymentConfig", + "markdownDescription": "The compute configuration for the job.", + "title": "JobCompute" }, - "StartTime": { - "markdownDescription": "The start time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", - "title": "StartTime", - "type": "string" + "MachineLearning": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MLPaymentConfig", + "markdownDescription": "An object representing the collaboration member's machine learning payment responsibilities set by the collaboration creator.", + "title": "MachineLearning" + }, + "QueryCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Collaboration.QueryComputePaymentConfig", + "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator for query compute costs.", + "title": "QueryCompute" } }, "required": [ - "EndTime", - "StartTime" + "QueryCompute" ], "type": "object" }, - "AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector": { + "AWS::CleanRooms::Collaboration.QueryComputePaymentConfig": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here. If you omit this parameter, the current account is used.", - "title": "AccountId", - "type": "string" - }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" - }, - "markdownDescription": "The metric dimensions to create the anomaly detection model for.", - "title": "Dimensions", - "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the metric to create the anomaly detection model for.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace of the metric to create the anomaly detection model for.", - "title": "Namespace", - "type": "string" - }, - "Stat": { - "markdownDescription": "The statistic to use for the metric and anomaly detection model.", - "title": "Stat", - "type": "string" + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", + "title": "IsResponsible", + "type": "boolean" } }, + "required": [ + "IsResponsible" + ], "type": "object" }, - "AWS::CloudWatch::CompositeAlarm": { + "AWS::CleanRooms::ConfiguredTable": { "additionalProperties": false, "properties": { "Condition": { @@ -40307,82 +44725,70 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionsEnabled": { - "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. The default is TRUE.", - "title": "ActionsEnabled", - "type": "boolean" - }, - "ActionsSuppressor": { - "markdownDescription": "Actions will be suppressed if the suppressor alarm is in the `ALARM` state. `ActionsSuppressor` can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm.", - "title": "ActionsSuppressor", - "type": "string" - }, - "ActionsSuppressorExtensionPeriod": { - "markdownDescription": "The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `ExtensionPeriod` is required only when `ActionsSuppressor` is specified.", - "title": "ActionsSuppressorExtensionPeriod", - "type": "number" - }, - "ActionsSuppressorWaitPeriod": { - "markdownDescription": "The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `WaitPeriod` is required only when `ActionsSuppressor` is specified.", - "title": "ActionsSuppressorWaitPeriod", - "type": "number" - }, - "AlarmActions": { + "AllowedColumns": { "items": { "type": "string" }, - "markdownDescription": "The actions to execute when this alarm transitions to the ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmActions", + "markdownDescription": "The columns within the underlying AWS Glue table that can be utilized within collaborations.", + "title": "AllowedColumns", "type": "array" }, - "AlarmDescription": { - "markdownDescription": "The description for the composite alarm.", - "title": "AlarmDescription", + "AnalysisMethod": { + "markdownDescription": "The analysis method for the configured table.\n\n`DIRECT_QUERY` allows SQL queries to be run directly on this table.\n\n`DIRECT_JOB` allows PySpark jobs to be run directly on this table.\n\n`MULTIPLE` allows both SQL queries and PySpark jobs to be run directly on this table.", + "title": "AnalysisMethod", "type": "string" }, - "AlarmName": { - "markdownDescription": "The name for the composite alarm. This name must be unique within your AWS account.", - "title": "AlarmName", + "AnalysisRules": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRule" + }, + "markdownDescription": "The analysis rule that was created for the configured table.", + "title": "AnalysisRules", + "type": "array" + }, + "Description": { + "markdownDescription": "A description for the configured table.", + "title": "Description", "type": "string" }, - "AlarmRule": { - "markdownDescription": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For each alarm that you reference, you designate a function that specifies whether that alarm needs to be in ALARM state, OK state, or INSUFFICIENT_DATA state. You can use operators (AND, OR and NOT) to combine multiple functions in a single expression. You can use parenthesis to logically group the functions in your expression.\n\nYou can use either alarm names or ARNs to reference the other alarms that are to be evaluated.\n\nFunctions can include the following:\n\n- ALARM(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in ALARM state.\n- OK(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in OK state.\n- INSUFFICIENT_DATA(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in INSUFFICIENT_DATA state.\n- TRUE always evaluates to TRUE.\n- FALSE always evaluates to FALSE.\n\nTRUE and FALSE are useful for testing a complex AlarmRule structure, and for testing your alarm actions.\n\nFor more information about `AlarmRule` syntax, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "AlarmRule", + "Name": { + "markdownDescription": "A name for the configured table.", + "title": "Name", "type": "string" }, - "InsufficientDataActions": { + "SelectedAnalysisMethods": { "items": { "type": "string" }, - "markdownDescription": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "InsufficientDataActions", + "markdownDescription": "The selected analysis methods for the configured table.", + "title": "SelectedAnalysisMethods", "type": "array" }, - "OKActions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", - "title": "OKActions", - "type": "array" + "TableReference": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.TableReference", + "markdownDescription": "The table that this configured table represents.", + "title": "TableReference" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "AlarmRule" + "AllowedColumns", + "AnalysisMethod", + "Name", + "TableReference" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::CompositeAlarm" + "AWS::CleanRooms::ConfiguredTable" ], "type": "string" }, @@ -40401,168 +44807,448 @@ ], "type": "object" }, - "AWS::CloudWatch::Dashboard": { + "AWS::CleanRooms::ConfiguredTable.AggregateColumn": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Column names in configured table of aggregate columns.", + "title": "ColumnNames", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Function": { + "markdownDescription": "Aggregation function that can be applied to aggregate column in query.", + "title": "Function", + "type": "string" + } + }, + "required": [ + "ColumnNames", + "Function" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.AggregationConstraint": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "Column in aggregation constraint for which there must be a minimum number of distinct values in an output row for it to be in the query output.", + "title": "ColumnName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DashboardBody": { - "markdownDescription": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard. This parameter is required.\n\nFor more information about the syntax, see [Dashboard Body Structure and Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html) .", - "title": "DashboardBody", - "type": "string" - }, - "DashboardName": { - "markdownDescription": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically.", - "title": "DashboardName", - "type": "string" - } - }, - "required": [ - "DashboardBody" - ], - "type": "object" + "Minimum": { + "markdownDescription": "The minimum number of distinct values that an output row must be an aggregation of. Minimum threshold of distinct values for a specified column that must exist in an output row for it to be in the query output.", + "title": "Minimum", + "type": "number" }, "Type": { - "enum": [ - "AWS::CloudWatch::Dashboard" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The type of aggregation the constraint allows. The only valid value is currently `COUNT_DISTINCT`.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "ColumnName", + "Minimum", + "Type" ], "type": "object" }, - "AWS::CloudWatch::InsightRule": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Policy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy", + "markdownDescription": "A policy that describes the associated data usage limitations.", + "title": "Policy" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of analysis rule.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Policy", + "Type" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation": { + "additionalProperties": false, + "properties": { + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.\n\nThe `additionalAnalyses` parameter is currently supported for the list analysis rule ( `AnalysisRuleList` ) and the custom analysis rule ( `AnalysisRuleCustom` ).", + "title": "AdditionalAnalyses", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AggregateColumns": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregateColumn" + }, + "markdownDescription": "The columns that query runners are allowed to use in aggregation queries.", + "title": "AggregateColumns", + "type": "array" }, - "Metadata": { - "type": "object" + "AllowedJoinOperators": { + "items": { + "type": "string" + }, + "markdownDescription": "Which logical operators (if any) are to be used in an INNER JOIN match condition. Default is `AND` .", + "title": "AllowedJoinOperators", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "RuleBody": { - "markdownDescription": "The definition of the rule, as a JSON object. For details about the syntax, see [Contributor Insights Rule Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights-RuleSyntax.html) in the *Amazon CloudWatch User Guide* .", - "title": "RuleBody", - "type": "string" - }, - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", - "type": "string" - }, - "RuleState": { - "markdownDescription": "The current state of the rule. Valid values are `ENABLED` and `DISABLED` .", - "title": "RuleState", - "type": "string" - }, - "Tags": { - "$ref": "#/definitions/AWS::CloudWatch::InsightRule.Tags", - "markdownDescription": "A list of key-value pairs to associate with the Contributor Insights rule. You can associate as many as 50 tags with a rule.\n\nTags can help you organize and categorize your resources. For more information, see [Tagging Your Amazon CloudWatch Resources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Tagging.html) .\n\nTo be able to associate tags with a rule, you must have the `cloudwatch:TagResource` permission in addition to the `cloudwatch:PutInsightRule` permission.", - "title": "Tags" - } + "DimensionColumns": { + "items": { + "type": "string" }, - "required": [ - "RuleBody", - "RuleName", - "RuleState" - ], - "type": "object" + "markdownDescription": "The columns that query runners are allowed to select, group by, or filter by.", + "title": "DimensionColumns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::CloudWatch::InsightRule" - ], + "JoinColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns in configured table that can be used in join statements and/or as aggregate columns. They can never be outputted directly.", + "title": "JoinColumns", + "type": "array" + }, + "JoinRequired": { + "markdownDescription": "Control that requires member who runs query to do a join with their configured table and/or other configured table in query.", + "title": "JoinRequired", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutputConstraints": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregationConstraint" + }, + "markdownDescription": "Columns that must meet a specific threshold value (after an aggregation function is applied to it) for each output row to be returned.", + "title": "OutputConstraints", + "type": "array" + }, + "ScalarFunctions": { + "items": { + "type": "string" + }, + "markdownDescription": "Set of scalar functions that are allowed to be used on dimension columns and the output of aggregation of metrics.", + "title": "ScalarFunctions", + "type": "array" + } + }, + "required": [ + "AggregateColumns", + "DimensionColumns", + "JoinColumns", + "OutputConstraints", + "ScalarFunctions" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom": { + "additionalProperties": false, + "properties": { + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.", + "title": "AdditionalAnalyses", "type": "string" + }, + "AllowedAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the analysis templates that are allowed by the custom analysis rule.", + "title": "AllowedAnalyses", + "type": "array" + }, + "AllowedAnalysisProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the AWS accounts that are allowed to query by the custom analysis rule. Required when `allowedAnalyses` is `ANY_QUERY` .", + "title": "AllowedAnalysisProviders", + "type": "array" + }, + "DifferentialPrivacy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy", + "markdownDescription": "The differential privacy configuration.", + "title": "DifferentialPrivacy" + }, + "DisallowedOutputColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns that aren't allowed to be shown in the query output.", + "title": "DisallowedOutputColumns", + "type": "array" } }, "required": [ - "Type", - "Properties" + "AllowedAnalyses" ], "type": "object" }, - "AWS::CloudWatch::InsightRule.Tags": { + "AWS::CleanRooms::ConfiguredTable.AnalysisRuleList": { "additionalProperties": false, - "properties": {}, + "properties": { + "AdditionalAnalyses": { + "markdownDescription": "An indicator as to whether additional analyses (such as AWS Clean Rooms ML) can be applied to the output of the direct query.", + "title": "AdditionalAnalyses", + "type": "string" + }, + "AllowedJoinOperators": { + "items": { + "type": "string" + }, + "markdownDescription": "The logical operators (if any) that are to be used in an INNER JOIN match condition. Default is `AND` .", + "title": "AllowedJoinOperators", + "type": "array" + }, + "JoinColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns that can be used to join a configured table with the table of the member who can query and other members' configured tables.", + "title": "JoinColumns", + "type": "array" + }, + "ListColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns that can be listed in the output.", + "title": "ListColumns", + "type": "array" + } + }, + "required": [ + "JoinColumns", + "ListColumns" + ], "type": "object" }, - "AWS::CloudWatch::MetricStream": { + "AWS::CleanRooms::ConfiguredTable.AthenaTableReference": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The database name.", + "title": "DatabaseName", + "type": "string" + }, + "OutputLocation": { + "markdownDescription": "The output location for the Athena table.", + "title": "OutputLocation", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table reference.", + "title": "TableName", + "type": "string" + }, + "WorkGroup": { + "markdownDescription": "The workgroup of the Athena table reference.", + "title": "WorkGroup", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "TableName", + "WorkGroup" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy": { + "additionalProperties": false, + "properties": { + "V1": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1", + "markdownDescription": "Controls on the query specifications that can be run on a configured table.", + "title": "V1" + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation", + "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", + "title": "Aggregation" + }, + "Custom": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom", + "markdownDescription": "Analysis rule type that enables custom SQL queries on a configured table.", + "title": "Custom" + }, + "List": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleList", + "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", + "title": "List" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn" + }, + "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", + "title": "Columns", + "type": "array" + } + }, + "required": [ + "Columns" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.GlueTableReference": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of the database the AWS Glue table belongs to.", + "title": "DatabaseName", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the AWS Glue table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "TableName" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableReference": { + "additionalProperties": false, + "properties": { + "AccountIdentifier": { + "markdownDescription": "The account identifier for the Snowflake table reference.", + "title": "AccountIdentifier", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the database the Snowflake table belongs to.", + "title": "DatabaseName", + "type": "string" + }, + "SchemaName": { + "markdownDescription": "The schema name of the Snowflake table reference.", + "title": "SchemaName", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The secret ARN of the Snowflake table reference.", + "title": "SecretArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the Snowflake table.", + "title": "TableName", + "type": "string" + }, + "TableSchema": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchema", + "markdownDescription": "The schema of the Snowflake table.", + "title": "TableSchema" + } + }, + "required": [ + "AccountIdentifier", + "DatabaseName", + "SchemaName", + "SecretArn", + "TableName", + "TableSchema" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchema": { + "additionalProperties": false, + "properties": { + "V1": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchemaV1" + }, + "markdownDescription": "The schema of a Snowflake table.", + "title": "V1", + "type": "array" + } + }, + "required": [ + "V1" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.SnowflakeTableSchemaV1": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The column name.", + "title": "ColumnName", + "type": "string" + }, + "ColumnType": { + "markdownDescription": "The column's data type. Supported data types: `ARRAY` , `BIGINT` , `BOOLEAN` , `CHAR` , `DATE` , `DECIMAL` , `DOUBLE` , `DOUBLE PRECISION` , `FLOAT` , `FLOAT4` , `INT` , `INTEGER` , `MAP` , `NUMERIC` , `NUMBER` , `REAL` , `SMALLINT` , `STRING` , `TIMESTAMP` , `TIMESTAMP_LTZ` , `TIMESTAMP_NTZ` , `DATETIME` , `TINYINT` , `VARCHAR` , `TEXT` , `CHARACTER` .", + "title": "ColumnType", + "type": "string" + } + }, + "required": [ + "ColumnName", + "ColumnType" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTable.TableReference": { + "additionalProperties": false, + "properties": { + "Athena": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AthenaTableReference", + "markdownDescription": "If present, a reference to the Athena table referred to by this table reference.", + "title": "Athena" + }, + "Glue": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.GlueTableReference", + "markdownDescription": "If present, a reference to the AWS Glue table referred to by this table reference.", + "title": "Glue" + }, + "Snowflake": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.SnowflakeTableReference", + "markdownDescription": "If present, a reference to the Snowflake table referred to by this table reference.", + "title": "Snowflake" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -40597,74 +45283,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ExcludeFilters": { + "ConfiguredTableAssociationAnalysisRules": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRule" }, - "markdownDescription": "If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", - "title": "ExcludeFilters", + "markdownDescription": "An analysis rule for a configured table association. This analysis rule specifies how data from the table can be used within its associated collaboration. In the console, the `ConfiguredTableAssociationAnalysisRule` is referred to as the *collaboration analysis rule* .", + "title": "ConfiguredTableAssociationAnalysisRules", "type": "array" }, - "FirehoseArn": { - "markdownDescription": "The ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream. This Amazon Kinesis Firehose delivery stream must already exist and must be in the same account as the metric stream.", - "title": "FirehoseArn", + "ConfiguredTableIdentifier": { + "markdownDescription": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.", + "title": "ConfiguredTableIdentifier", "type": "string" }, - "IncludeFilters": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" - }, - "markdownDescription": "If you specify this parameter, the stream sends only the metrics from the metric namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", - "title": "IncludeFilters", - "type": "array" + "Description": { + "markdownDescription": "A description of the configured table association.", + "title": "Description", + "type": "string" }, - "IncludeLinkedAccountsMetrics": { - "markdownDescription": "If you are creating a metric stream in a monitoring account, specify `true` to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is `false` .\n\nFor more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html)", - "title": "IncludeLinkedAccountsMetrics", - "type": "boolean" + "MembershipIdentifier": { + "markdownDescription": "The unique ID for the membership this configured table association belongs to.", + "title": "MembershipIdentifier", + "type": "string" }, "Name": { - "markdownDescription": "If you are creating a new metric stream, this is the name for the new stream. The name must be different than the names of other metric streams in this account and Region.\n\nIf you are updating a metric stream, specify the name of that stream here.", + "markdownDescription": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.", "title": "Name", "type": "string" }, - "OutputFormat": { - "markdownDescription": "The output format for the stream. Valid values are `json` , `opentelemetry1.0` and `opentelemetry0.7` For more information about metric stream output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html) .\n\nThis parameter is required.", - "title": "OutputFormat", - "type": "string" - }, "RoleArn": { - "markdownDescription": "The ARN of an IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. This IAM role must already exist and must be in the same account as the metric stream. This IAM role must include the `firehose:PutRecord` and `firehose:PutRecordBatch` permissions.", + "markdownDescription": "The service will assume this role to access catalog metadata and query the table.", "title": "RoleArn", "type": "string" }, - "StatisticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration" - }, - "markdownDescription": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members.\n\nFor each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `OutputFormat` . If the `OutputFormat` is `json` , you can stream any additional statistic that is supported by CloudWatch , listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) . If the `OutputFormat` is OpenTelemetry, you can stream percentile statistics.", - "title": "StatisticsConfigurations", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the metric stream.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "FirehoseArn", - "OutputFormat", + "ConfiguredTableIdentifier", + "MembershipIdentifier", + "Name", "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CloudWatch::MetricStream" + "AWS::CleanRooms::ConfiguredTableAssociation" ], "type": "string" }, @@ -40683,75 +45354,128 @@ ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamFilter": { + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRule": { "additionalProperties": false, "properties": { - "MetricNames": { + "Policy": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicy", + "markdownDescription": "The policy of the configured table association analysis rule.", + "title": "Policy" + }, + "Type": { + "markdownDescription": "The type of the configured table association analysis rule.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Policy", + "Type" + ], + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleAggregation": { + "additionalProperties": false, + "properties": { + "AllowedAdditionalAnalyses": { "items": { "type": "string" }, - "markdownDescription": "The names of the metrics to either include or exclude from the metric stream.\n\nIf you omit this parameter, all metrics in the namespace are included or excluded, depending on whether this filter is specified as an exclude filter or an include filter.\n\nEach metric name can contain only ASCII printable characters (ASCII range 32 through 126). Each metric name must contain at least one non-whitespace character.", - "title": "MetricNames", + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.\n\nThe `allowedAdditionalAnalyses` parameter is currently supported for the list analysis rule ( `AnalysisRuleList` ) and the custom analysis rule ( `AnalysisRuleCustom` ).", + "title": "AllowedAdditionalAnalyses", "type": "array" }, - "Namespace": { - "markdownDescription": "The name of the metric namespace in the filter.\n\nThe namespace can contain only ASCII printable characters (ASCII range 32 through 126). It must contain at least one non-whitespace character.", - "title": "Namespace", - "type": "string" + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" } }, - "required": [ - "Namespace" - ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration": { + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleCustom": { "additionalProperties": false, "properties": { - "AdditionalStatistics": { + "AllowedAdditionalAnalyses": { "items": { "type": "string" }, - "markdownDescription": "The additional statistics to stream for the metrics listed in `IncludeMetrics` .", - "title": "AdditionalStatistics", + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.", + "title": "AllowedAdditionalAnalyses", "type": "array" }, - "IncludeMetrics": { + "AllowedResultReceivers": { "items": { - "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric" + "type": "string" }, - "markdownDescription": "An array that defines the metrics that are to have additional statistics streamed.", - "title": "IncludeMetrics", + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", "type": "array" } }, - "required": [ - "AdditionalStatistics", - "IncludeMetrics" - ], "type": "object" }, - "AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric": { + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleList": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", - "type": "string" + "AllowedAdditionalAnalyses": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of resources or wildcards (ARNs) that are allowed to perform additional analysis on query output.", + "title": "AllowedAdditionalAnalyses", + "type": "array" }, - "Namespace": { - "markdownDescription": "The namespace of the metric.", - "title": "Namespace", - "type": "string" + "AllowedResultReceivers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of collaboration members who are allowed to receive results of queries run with this configured table.", + "title": "AllowedResultReceivers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicy": { + "additionalProperties": false, + "properties": { + "V1": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicyV1", + "markdownDescription": "The policy for the configured table association analysis rule.", + "title": "V1" } }, "required": [ - "MetricName", - "Namespace" + "V1" ], "type": "object" }, - "AWS::CodeArtifact::Domain": { + "AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRulePolicyV1": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleAggregation", + "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", + "title": "Aggregation" + }, + "Custom": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleCustom", + "markdownDescription": "Analysis rule type that enables the table owner to approve custom SQL queries on their configured tables. It supports differential privacy.", + "title": "Custom" + }, + "List": { + "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation.ConfiguredTableAssociationAnalysisRuleList", + "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", + "title": "List" + } + }, + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable": { "additionalProperties": false, "properties": { "Condition": { @@ -40786,38 +45510,50 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "A string that specifies the name of the requested domain.", - "title": "DomainName", + "Description": { + "markdownDescription": "The description of the ID mapping table.", + "title": "Description", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The key used to encrypt the domain.", - "title": "EncryptionKey", + "InputReferenceConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceConfig", + "markdownDescription": "The input reference configuration for the ID mapping table.", + "title": "InputReferenceConfig" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key.", + "title": "KmsKeyArn", "type": "string" }, - "PermissionsPolicyDocument": { - "markdownDescription": "The document that defines the resource policy that is set on a domain.", - "title": "PermissionsPolicyDocument", - "type": "object" + "MembershipIdentifier": { + "markdownDescription": "The unique identifier of the membership resource for the ID mapping table.", + "title": "MembershipIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the ID mapping table.", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be applied to the domain.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "DomainName" + "InputReferenceConfig", + "MembershipIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::Domain" + "AWS::CleanRooms::IdMappingTable" ], "type": "string" }, @@ -40836,7 +45572,64 @@ ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup": { + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceConfig": { + "additionalProperties": false, + "properties": { + "InputReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the referenced resource in AWS Entity Resolution . Valid values are ID mapping workflow ARNs.", + "title": "InputReferenceArn", + "type": "string" + }, + "ManageResourcePolicies": { + "markdownDescription": "When `TRUE` , AWS Clean Rooms manages permissions for the ID mapping table resource.\n\nWhen `FALSE` , the resource owner manages permissions for the ID mapping table resource.", + "title": "ManageResourcePolicies", + "type": "boolean" + } + }, + "required": [ + "InputReferenceArn", + "ManageResourcePolicies" + ], + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputReferenceProperties": { + "additionalProperties": false, + "properties": { + "IdMappingTableInputSource": { + "items": { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable.IdMappingTableInputSource" + }, + "markdownDescription": "The input source of the ID mapping table.", + "title": "IdMappingTableInputSource", + "type": "array" + } + }, + "required": [ + "IdMappingTableInputSource" + ], + "type": "object" + }, + "AWS::CleanRooms::IdMappingTable.IdMappingTableInputSource": { + "additionalProperties": false, + "properties": { + "IdNamespaceAssociationId": { + "markdownDescription": "The unique identifier of the ID namespace association.", + "title": "IdNamespaceAssociationId", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the input source of the ID mapping table.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "IdNamespaceAssociationId", + "Type" + ], + "type": "object" + }, + "AWS::CleanRooms::IdNamespaceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -40871,54 +45664,50 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactInfo": { - "markdownDescription": "The contact information of the package group.", - "title": "ContactInfo", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the package group.", + "markdownDescription": "The description of the ID namespace association.", "title": "Description", "type": "string" }, - "DomainName": { - "markdownDescription": "The domain that contains the package group.", - "title": "DomainName", - "type": "string" + "IdMappingConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation.IdMappingConfig", + "markdownDescription": "The configuration settings for the ID mapping table.", + "title": "IdMappingConfig" }, - "DomainOwner": { - "markdownDescription": "The 12-digit account number of the AWS account that owns the domain. It does not include dashes or spaces.", - "title": "DomainOwner", - "type": "string" + "InputReferenceConfig": { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceConfig", + "markdownDescription": "The input reference configuration for the ID namespace association.", + "title": "InputReferenceConfig" }, - "OriginConfiguration": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.OriginConfiguration", - "markdownDescription": "Details about the package origin configuration of a package group.", - "title": "OriginConfiguration" + "MembershipIdentifier": { + "markdownDescription": "The unique identifier of the membership that contains the ID namespace association.", + "title": "MembershipIdentifier", + "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern of the package group. The pattern determines which packages are associated with the package group.", - "title": "Pattern", + "Name": { + "markdownDescription": "The name of this ID namespace association.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "DomainName", - "Pattern" + "InputReferenceConfig", + "MembershipIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::PackageGroup" + "AWS::CleanRooms::IdNamespaceAssociation" ], "type": "string" }, @@ -40937,64 +45726,60 @@ ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.OriginConfiguration": { + "AWS::CleanRooms::IdNamespaceAssociation.IdMappingConfig": { "additionalProperties": false, "properties": { - "Restrictions": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.Restrictions", - "markdownDescription": "", - "title": "Restrictions" + "AllowUseAsDimensionColumn": { + "markdownDescription": "An indicator as to whether you can use your column as a dimension column in the ID mapping table ( `TRUE` ) or not ( `FALSE` ).\n\nDefault is `FALSE` .", + "title": "AllowUseAsDimensionColumn", + "type": "boolean" } }, "required": [ - "Restrictions" + "AllowUseAsDimensionColumn" ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.RestrictionType": { + "AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceConfig": { "additionalProperties": false, "properties": { - "Repositories": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Repositories", - "type": "array" - }, - "RestrictionMode": { - "markdownDescription": "", - "title": "RestrictionMode", + "InputReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Entity Resolution resource that is being associated to the collaboration. Valid resource ARNs are from the ID namespaces that you own.", + "title": "InputReferenceArn", "type": "string" + }, + "ManageResourcePolicies": { + "markdownDescription": "When `TRUE` , AWS Clean Rooms manages permissions for the ID namespace association resource.\n\nWhen `FALSE` , the resource owner manages permissions for the ID namespace association resource.", + "title": "ManageResourcePolicies", + "type": "boolean" } }, "required": [ - "RestrictionMode" + "InputReferenceArn", + "ManageResourcePolicies" ], "type": "object" }, - "AWS::CodeArtifact::PackageGroup.Restrictions": { + "AWS::CleanRooms::IdNamespaceAssociation.IdNamespaceAssociationInputReferenceProperties": { "additionalProperties": false, "properties": { - "ExternalUpstream": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "ExternalUpstream" - }, - "InternalUpstream": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "InternalUpstream" + "IdMappingWorkflowsSupported": { + "items": { + "type": "object" + }, + "markdownDescription": "Defines how ID mapping workflows are supported for this ID namespace association.", + "title": "IdMappingWorkflowsSupported", + "type": "array" }, - "Publish": { - "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", - "markdownDescription": "", - "title": "Publish" + "IdNamespaceType": { + "markdownDescription": "The ID namespace type for this ID namespace association.", + "title": "IdNamespaceType", + "type": "string" } }, "type": "object" }, - "AWS::CodeArtifact::Repository": { + "AWS::CleanRooms::Membership": { "additionalProperties": false, "properties": { "Condition": { @@ -41029,65 +45814,54 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A text description of the repository.", - "title": "Description", + "CollaborationIdentifier": { + "markdownDescription": "The unique ID for the associated collaboration.", + "title": "CollaborationIdentifier", "type": "string" }, - "DomainName": { - "markdownDescription": "The name of the domain that contains the repository.", - "title": "DomainName", - "type": "string" + "DefaultJobResultConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedJobResultConfiguration", + "markdownDescription": "The default job result configuration for the membership.", + "title": "DefaultJobResultConfiguration" }, - "DomainOwner": { - "markdownDescription": "The 12-digit account number of the AWS account that owns the domain that contains the repository. It does not include dashes or spaces.", - "title": "DomainOwner", - "type": "string" + "DefaultResultConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration", + "markdownDescription": "The default protected query result configuration as specified by the member who can receive results.", + "title": "DefaultResultConfiguration" }, - "ExternalConnections": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of external connections associated with the repository. For more information, see [Supported external connection repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/external-connection.html#supported-public-repositories) in the *CodeArtifact user guide* .", - "title": "ExternalConnections", - "type": "array" + "JobLogStatus": { + "markdownDescription": "An indicator as to whether job logging has been enabled or disabled for the collaboration.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about jobs run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "JobLogStatus", + "type": "string" }, - "PermissionsPolicyDocument": { - "markdownDescription": "The document that defines the resource policy that is set on a repository.", - "title": "PermissionsPolicyDocument", - "type": "object" + "PaymentConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipPaymentConfiguration", + "markdownDescription": "The payment responsibilities accepted by the collaboration member.", + "title": "PaymentConfiguration" }, - "RepositoryName": { - "markdownDescription": "The name of an upstream repository.", - "title": "RepositoryName", + "QueryLogStatus": { + "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the membership.\n\nWhen `ENABLED` , AWS Clean Rooms logs details about queries run within this collaboration and those logs can be viewed in Amazon CloudWatch Logs. The default value is `DISABLED` .", + "title": "QueryLogStatus", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be applied to the repository.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" - }, - "Upstreams": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. For more information, see [Working with upstream repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html) .", - "title": "Upstreams", - "type": "array" } }, "required": [ - "DomainName", - "RepositoryName" + "CollaborationIdentifier", + "QueryLogStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeArtifact::Repository" + "AWS::CleanRooms::Membership" ], "type": "string" }, @@ -41106,7 +45880,219 @@ ], "type": "object" }, - "AWS::CodeBuild::Fleet": { + "AWS::CleanRooms::Membership.MembershipJobComputePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for job compute costs ( `TRUE` ) or has not accepted to pay for query and job compute costs ( `FALSE` ).\n\nThere is only one member who pays for queries and jobs.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query and job compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query and job compute costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipMLPaymentConfig": { + "additionalProperties": false, + "properties": { + "ModelInference": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipModelInferencePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model inference.", + "title": "ModelInference" + }, + "ModelTraining": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipModelTrainingPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the member for model training.", + "title": "ModelTraining" + } + }, + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipModelInferencePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for model inference costs ( `TRUE` ) or has not accepted to pay for model inference costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for model inference costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for model inference costs.\n- If you set the value to `TRUE` but you are not responsible to pay for model inference costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipModelTrainingPaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for model training costs ( `TRUE` ) or has not accepted to pay for model training costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for model training costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for model training costs.\n- If you set the value to `TRUE` but you are not responsible to pay for model training costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipPaymentConfiguration": { + "additionalProperties": false, + "properties": { + "JobCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipJobComputePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for job compute costs.", + "title": "JobCompute" + }, + "MachineLearning": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipMLPaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for machine learning costs.", + "title": "MachineLearning" + }, + "QueryCompute": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig", + "markdownDescription": "The payment responsibilities accepted by the collaboration member for query compute costs.", + "title": "QueryCompute" + } + }, + "required": [ + "QueryCompute" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedJobOutputConfiguration": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedJobS3OutputConfigurationInput", + "markdownDescription": "Contains the configuration to write the job results to S3.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedJobResultConfiguration": { + "additionalProperties": false, + "properties": { + "OutputConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedJobOutputConfiguration", + "markdownDescription": "The output configuration for a protected job result.", + "title": "OutputConfiguration" + }, + "RoleArn": { + "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected job results to the result location, given by the member who can receive results.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "OutputConfiguration", + "RoleArn" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration", + "markdownDescription": "Required configuration for a protected query with an `s3` output type.", + "title": "S3" + } + }, + "required": [ + "S3" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration": { + "additionalProperties": false, + "properties": { + "OutputConfiguration": { + "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration", + "markdownDescription": "Configuration for protected query results.", + "title": "OutputConfiguration" + }, + "RoleArn": { + "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "OutputConfiguration" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig": { + "additionalProperties": false, + "properties": { + "IsResponsible": { + "markdownDescription": "Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query compute costs.", + "title": "IsResponsible", + "type": "boolean" + } + }, + "required": [ + "IsResponsible" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.ProtectedJobS3OutputConfigurationInput": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket for job output.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "The S3 prefix to unload the protected job results.", + "title": "KeyPrefix", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The S3 bucket to unload the protected query results.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "The S3 prefix to unload the protected query results.", + "title": "KeyPrefix", + "type": "string" + }, + "ResultFormat": { + "markdownDescription": "Intended file format of the result.", + "title": "ResultFormat", + "type": "string" + }, + "SingleFileOutput": { + "markdownDescription": "Indicates whether files should be output as a single file ( `TRUE` ) or output as multiple files ( `FALSE` ). This parameter is only supported for analyses with the Spark analytics engine.", + "title": "SingleFileOutput", + "type": "boolean" + } + }, + "required": [ + "Bucket", + "ResultFormat" + ], + "type": "object" + }, + "AWS::CleanRooms::PrivacyBudgetTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -41141,40 +46127,46 @@ "Properties": { "additionalProperties": false, "properties": { - "BaseCapacity": { - "markdownDescription": "The initial number of machines allocated to the compute \ufb02eet, which de\ufb01nes the number of builds that can run in parallel.", - "title": "BaseCapacity", - "type": "number" - }, - "ComputeType": { - "markdownDescription": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", - "title": "ComputeType", + "AutoRefresh": { + "markdownDescription": "How often the privacy budget refreshes.\n\n> If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes.", + "title": "AutoRefresh", "type": "string" }, - "EnvironmentType": { - "markdownDescription": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (S\u00e3o Paulo).\n- The environment type `ARM_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `MAC_ARM` is available only in regions US East (Ohio), US East (N. Virginia), US West (Oregon), Europe (Frankfurt), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (S\u00e3o Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", - "title": "EnvironmentType", + "MembershipIdentifier": { + "markdownDescription": "The identifier for a membership resource.", + "title": "MembershipIdentifier", "type": "string" }, - "Name": { - "markdownDescription": "The name of the compute fleet.", - "title": "Name", + "Parameters": { + "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate.Parameters", + "markdownDescription": "Specifies the epsilon and noise parameters for the privacy budget template.", + "title": "Parameters" + }, + "PrivacyBudgetType": { + "markdownDescription": "Specifies the type of the privacy budget template.", + "title": "PrivacyBudgetType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.", + "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, + "required": [ + "AutoRefresh", + "MembershipIdentifier", + "Parameters", + "PrivacyBudgetType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::Fleet" + "AWS::CleanRooms::PrivacyBudgetTemplate" ], "type": "string" }, @@ -41188,11 +46180,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeBuild::Project": { + "AWS::CleanRooms::PrivacyBudgetTemplate.Parameters": { + "additionalProperties": false, + "properties": { + "Epsilon": { + "markdownDescription": "The epsilon value that you want to use.", + "title": "Epsilon", + "type": "number" + }, + "UsersNoisePerQuery": { + "markdownDescription": "Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted.", + "title": "UsersNoisePerQuery", + "type": "number" + } + }, + "required": [ + "Epsilon", + "UsersNoisePerQuery" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset": { "additionalProperties": false, "properties": { "Condition": { @@ -41227,153 +46240,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Artifacts": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts", - "markdownDescription": "`Artifacts` is a property of the [AWS::CodeBuild::Project](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html) resource that specifies output settings for artifacts generated by an AWS CodeBuild build.", - "title": "Artifacts" - }, - "BadgeEnabled": { - "markdownDescription": "Indicates whether AWS CodeBuild generates a publicly accessible URL for your project's build badge. For more information, see [Build Badges Sample](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-build-badges.html) in the *AWS CodeBuild User Guide* .\n\n> Including build badges with your project is currently not supported if the source type is CodePipeline. If you specify `CODEPIPELINE` for the `Source` property, do not specify the `BadgeEnabled` property.", - "title": "BadgeEnabled", - "type": "boolean" - }, - "BuildBatchConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectBuildBatchConfig", - "markdownDescription": "A `ProjectBuildBatchConfig` object that defines the batch build options for the project.", - "title": "BuildBatchConfig" - }, - "Cache": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectCache", - "markdownDescription": "Settings that AWS CodeBuild uses to store and reuse build dependencies.", - "title": "Cache" - }, - "ConcurrentBuildLimit": { - "markdownDescription": "The maximum number of concurrent builds that are allowed for this project.\n\nNew builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.", - "title": "ConcurrentBuildLimit", - "type": "number" - }, "Description": { - "markdownDescription": "A description that makes the build project easy to identify.", + "markdownDescription": "The description of the training dataset.", "title": "Description", "type": "string" }, - "EncryptionKey": { - "markdownDescription": "The AWS Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.\n\n> You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. \n\nYou can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format `alias/` ). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).", - "title": "EncryptionKey", + "Name": { + "markdownDescription": "The name of the training dataset.", + "title": "Name", "type": "string" }, - "Environment": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Environment", - "markdownDescription": "The build environment settings for the project, such as the environment type or the environment variables to use for the build environment.", - "title": "Environment" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", + "title": "RoleArn", + "type": "string" }, - "FileSystemLocations": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFileSystemLocation" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of `ProjectFileSystemLocation` objects for a CodeBuild build project. A `ProjectFileSystemLocation` object specifies the `identifier` , `location` , `mountOptions` , `mountPoint` , and `type` of a file system created using Amazon Elastic File System.", - "title": "FileSystemLocations", + "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", + "title": "Tags", "type": "array" }, - "LogsConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.LogsConfig", - "markdownDescription": "Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.", - "title": "LogsConfig" - }, - "Name": { - "markdownDescription": "The name of the build project. The name must be unique across all of the projects in your AWS account .", - "title": "Name", - "type": "string" - }, - "QueuedTimeoutInMinutes": { - "markdownDescription": "The number of minutes a build is allowed to be queued before it times out.", - "title": "QueuedTimeoutInMinutes", - "type": "number" - }, - "ResourceAccessRole": { - "markdownDescription": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.", - "title": "ResourceAccessRole", - "type": "string" - }, - "SecondaryArtifacts": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts" - }, - "markdownDescription": "A list of `Artifacts` objects. Each artifacts object specifies output settings that the project generates during a build.", - "title": "SecondaryArtifacts", - "type": "array" - }, - "SecondarySourceVersions": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectSourceVersion" - }, - "markdownDescription": "An array of `ProjectSourceVersion` objects. If `secondarySourceVersions` is specified at the build level, then they take over these `secondarySourceVersions` (at the project level).", - "title": "SecondarySourceVersions", - "type": "array" - }, - "SecondarySources": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Source" - }, - "markdownDescription": "An array of `ProjectSource` objects.", - "title": "SecondarySources", - "type": "array" - }, - "ServiceRole": { - "markdownDescription": "The ARN of the IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.", - "title": "ServiceRole", - "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::CodeBuild::Project.Source", - "markdownDescription": "The source code settings for the project, such as the source code's repository type and location.", - "title": "Source" - }, - "SourceVersion": { - "markdownDescription": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nIf `sourceVersion` is specified at the build level, then that version takes precedence over this `sourceVersion` (at the project level).\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", - "title": "SourceVersion", - "type": "string" - }, - "Tags": { + "TrainingData": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the AWS CodeBuild project.\n\nThese tags are available for use by AWS services that support AWS CodeBuild build project tags.", - "title": "Tags", + "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", + "title": "TrainingData", "type": "array" - }, - "TimeoutInMinutes": { - "markdownDescription": "How long, in minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.", - "title": "TimeoutInMinutes", - "type": "number" - }, - "Triggers": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectTriggers", - "markdownDescription": "For an existing AWS CodeBuild build project that has its source code stored in a GitHub repository, enables AWS CodeBuild to begin automatically rebuilding the source code every time a code change is pushed to the repository.", - "title": "Triggers" - }, - "Visibility": { - "markdownDescription": "Specifies the visibility of the project's builds. Possible values are:\n\n- **PUBLIC_READ** - The project builds are visible to the public.\n- **PRIVATE** - The project builds are not visible to the public.", - "title": "Visibility", - "type": "string" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.VpcConfig", - "markdownDescription": "`VpcConfig` specifies settings that enable AWS CodeBuild to access resources in an Amazon VPC. For more information, see [Use AWS CodeBuild with Amazon Virtual Private Cloud](https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html) in the *AWS CodeBuild User Guide* .", - "title": "VpcConfig" } }, "required": [ - "Artifacts", - "Environment", - "ServiceRole", - "Source" + "Name", + "RoleArn", + "TrainingData" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::Project" + "AWS::CleanRoomsML::TrainingDataset" ], "type": "string" }, @@ -41392,560 +46300,112 @@ ], "type": "object" }, - "AWS::CodeBuild::Project.Artifacts": { + "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { "additionalProperties": false, "properties": { - "ArtifactIdentifier": { - "markdownDescription": "An identifier for this artifact definition.", - "title": "ArtifactIdentifier", - "type": "string" - }, - "EncryptionDisabled": { - "markdownDescription": "Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon Simple Storage Service (Amazon S3). If this is set with another artifacts type, an `invalidInputException` is thrown.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "Location": { - "markdownDescription": "Information about the build output artifact location:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output bucket.\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", - "title": "Location", - "type": "string" - }, - "Name": { - "markdownDescription": "Along with `path` and `namespaceType` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.\n\nFor example:\n\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , then the output artifact is stored in `MyArtifacts/ *build-ID* /MyArtifact.zip` .\n- If `path` is empty, `namespaceType` is set to `NONE` , and `name` is set to \" `/` \", the output artifact is stored in the root of the output bucket.\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to \" `/` \", the output artifact is stored in `MyArtifacts/ *build-ID*` .\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", - "title": "Name", - "type": "string" - }, - "NamespaceType": { - "markdownDescription": "Along with `path` and `name` , the pattern that AWS CodeBuild uses to determine the name and location to store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `BUILD_ID` : Include the build ID in the location of the build output artifact.\n- `NONE` : Do not include the build ID. This is the default if `namespaceType` is not specified.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in `MyArtifacts//MyArtifact.zip` .", - "title": "NamespaceType", - "type": "string" - }, - "OverrideArtifactName": { - "markdownDescription": "If set to true a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell command language. For example, you can append a date and time to your artifact name so that it is always unique.", - "title": "OverrideArtifactName", - "type": "boolean" - }, - "Packaging": { - "markdownDescription": "The type of build output artifact to create:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `NONE` : AWS CodeBuild creates in the output bucket a folder that contains the build output. This is the default if `packaging` is not specified.\n- `ZIP` : AWS CodeBuild creates in the output bucket a ZIP file that contains the build output.", - "title": "Packaging", - "type": "string" - }, - "Path": { - "markdownDescription": "Along with `namespaceType` and `name` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the path to the output artifact. If `path` is not specified, `path` is not used.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `NONE` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in the output bucket at `MyArtifacts/MyArtifact.zip` .", - "title": "Path", + "ColumnName": { + "markdownDescription": "The name of a column.", + "title": "ColumnName", "type": "string" }, - "Type": { - "markdownDescription": "The type of build output artifact. Valid values include:\n\n- `CODEPIPELINE` : The build project has build output generated through CodePipeline.\n\n> The `CODEPIPELINE` type is not supported for `secondaryArtifacts` .\n- `NO_ARTIFACTS` : The build project does not produce any build output.\n- `S3` : The build project stores build output in Amazon S3.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.BatchRestrictions": { - "additionalProperties": false, - "properties": { - "ComputeTypesAllowed": { + "ColumnTypes": { "items": { "type": "string" }, - "markdownDescription": "An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide* for these values.", - "title": "ComputeTypesAllowed", - "type": "array" - }, - "MaximumBuildsAllowed": { - "markdownDescription": "Specifies the maximum number of builds allowed.", - "title": "MaximumBuildsAllowed", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.BuildStatusConfig": { - "additionalProperties": false, - "properties": { - "Context": { - "markdownDescription": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `name` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `context` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", - "title": "Context", - "type": "string" - }, - "TargetUrl": { - "markdownDescription": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `url` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `target_url` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", - "title": "TargetUrl", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.CloudWatchLogsConfig": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The group name of the logs in CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", - "title": "GroupName", - "type": "string" - }, - "Status": { - "markdownDescription": "The current status of the logs in CloudWatch Logs for a build project. Valid values are:\n\n- `ENABLED` : CloudWatch Logs are enabled for this build project.\n- `DISABLED` : CloudWatch Logs are not enabled for this build project.", - "title": "Status", - "type": "string" - }, - "StreamName": { - "markdownDescription": "The prefix of the stream name of the CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", - "title": "StreamName", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.Environment": { - "additionalProperties": false, - "properties": { - "Certificate": { - "markdownDescription": "The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see [certificate](https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.environment.certificate) in the *AWS CodeBuild User Guide* .", - "title": "Certificate", - "type": "string" - }, - "ComputeType": { - "markdownDescription": "The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", - "title": "ComputeType", - "type": "string" - }, - "EnvironmentVariables": { - "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.EnvironmentVariable" - }, - "markdownDescription": "A set of environment variables to make available to builds for this build project.", - "title": "EnvironmentVariables", + "markdownDescription": "The data type of column.", + "title": "ColumnTypes", "type": "array" - }, - "Fleet": { - "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFleet" - }, - "Image": { - "markdownDescription": "The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:\n\n- For an image tag: `/:` . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be `aws/codebuild/standard:4.0` .\n- For an image digest: `/@` . For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use `/@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf` .\n\nFor more information, see [Docker images provided by CodeBuild](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-available.html) in the *AWS CodeBuild user guide* .", - "title": "Image", - "type": "string" - }, - "ImagePullCredentialsType": { - "markdownDescription": "The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:\n\n- `CODEBUILD` specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild service principal.\n- `SERVICE_ROLE` specifies that AWS CodeBuild uses your build project's service role.\n\nWhen you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.", - "title": "ImagePullCredentialsType", - "type": "string" - }, - "PrivilegedMode": { - "markdownDescription": "Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is `false` .\n\nYou can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:\n\nIf the operating system's base image is Ubuntu Linux:\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout 15 sh -c \"until docker info; do echo .; sleep 1; done\"`\n\nIf the operating system's base image is Alpine Linux and the previous command does not work, add the `-t` argument to `timeout` :\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout -t 15 sh -c \"until docker info; do echo .; sleep 1; done\"`", - "title": "PrivilegedMode", - "type": "boolean" - }, - "RegistryCredential": { - "$ref": "#/definitions/AWS::CodeBuild::Project.RegistryCredential", - "markdownDescription": "`RegistryCredential` is a property of the [AWS::CodeBuild::Project Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html#cfn-codebuild-project-environment) property that specifies information about credentials that provide access to a private Docker registry. When this is set:\n\n- `imagePullCredentialsType` must be set to `SERVICE_ROLE` .\n- images cannot be curated or an Amazon ECR image.", - "title": "RegistryCredential" - }, - "Type": { - "markdownDescription": "The type of build environment to use for related builds.\n\n> If you're using compute fleets during project creation, `type` will be ignored. \n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ComputeType", - "Image", - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.EnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name or key of the environment variable.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of environment variable. Valid values include:\n\n- `PARAMETER_STORE` : An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the `value` of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see [env/parameter-store](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store) in the *AWS CodeBuild User Guide* .\n- `PLAINTEXT` : An environment variable in plain text format. This is the default value.\n- `SECRETS_MANAGER` : An environment variable stored in AWS Secrets Manager . For environment variables of this type, specify the name of the secret as the `value` of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define AWS Secrets Manager environment variables in the buildspec. To learn how to do so, see [env/secrets-manager](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager) in the *AWS CodeBuild User Guide* .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` .", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.FilterGroup": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::CodeBuild::Project.GitSubmodulesConfig": { - "additionalProperties": false, - "properties": { - "FetchSubmodules": { - "markdownDescription": "Set to true to fetch Git submodules for your AWS CodeBuild build project.", - "title": "FetchSubmodules", - "type": "boolean" } }, "required": [ - "FetchSubmodules" + "ColumnName", + "ColumnTypes" ], "type": "object" }, - "AWS::CodeBuild::Project.LogsConfig": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::CodeBuild::Project.CloudWatchLogsConfig", - "markdownDescription": "Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.", - "title": "CloudWatchLogs" - }, - "S3Logs": { - "$ref": "#/definitions/AWS::CodeBuild::Project.S3LogsConfig", - "markdownDescription": "Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.", - "title": "S3Logs" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectBuildBatchConfig": { - "additionalProperties": false, - "properties": { - "BatchReportMode": { - "markdownDescription": "Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.\n\n- **REPORT_AGGREGATED_BATCH** - (Default) Aggregate all of the build statuses into a single status report.\n- **REPORT_INDIVIDUAL_BUILDS** - Send a separate status report for each individual build.", - "title": "BatchReportMode", - "type": "string" - }, - "CombineArtifacts": { - "markdownDescription": "Specifies if the build artifacts for the batch build should be combined into a single artifact location.", - "title": "CombineArtifacts", - "type": "boolean" - }, - "Restrictions": { - "$ref": "#/definitions/AWS::CodeBuild::Project.BatchRestrictions", - "markdownDescription": "A `BatchRestrictions` object that specifies the restrictions for the batch build.", - "title": "Restrictions" - }, - "ServiceRole": { - "markdownDescription": "Specifies the service role ARN for the batch build project.", - "title": "ServiceRole", - "type": "string" - }, - "TimeoutInMins": { - "markdownDescription": "Specifies the maximum amount of time, in minutes, that the batch build must be completed in.", - "title": "TimeoutInMins", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectCache": { + "AWS::CleanRoomsML::TrainingDataset.DataSource": { "additionalProperties": false, "properties": { - "Location": { - "markdownDescription": "Information about the cache location:\n\n- `NO_CACHE` or `LOCAL` : This value is ignored.\n- `S3` : This is the S3 bucket name/prefix.", - "title": "Location", - "type": "string" - }, - "Modes": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for `LOCAL` cache types.\n\nPossible values are:\n\n- **LOCAL_SOURCE_CACHE** - Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.\n- **LOCAL_DOCKER_LAYER_CACHE** - Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.\n\n> - You can use a Docker layer cache in the Linux environment only.\n> - The `privileged` flag must be set so that your project has the required Docker permissions.\n> - You should consider the security implications before you use a Docker layer cache.\n- **LOCAL_CUSTOM_CACHE** - Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:\n\n- Only directories can be specified for caching. You cannot specify individual files.\n- Symlinks are used to reference cached directories.\n- Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.", - "title": "Modes", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of cache used by the build project. Valid values include:\n\n- `NO_CACHE` : The build project does not use any cache.\n- `S3` : The build project reads and writes from and to S3.\n- `LOCAL` : The build project stores a cache locally on a build host that is only available to that build host.", - "title": "Type", - "type": "string" + "GlueDataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", + "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", + "title": "GlueDataSource" } }, "required": [ - "Type" + "GlueDataSource" ], "type": "object" }, - "AWS::CodeBuild::Project.ProjectFileSystemLocation": { + "AWS::CleanRoomsML::TrainingDataset.Dataset": { "additionalProperties": false, "properties": { - "Identifier": { - "markdownDescription": "The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the `identifier` in all capital letters to `CODEBUILD_` . For example, if you specify `my_efs` for `identifier` , a new environment variable is create named `CODEBUILD_MY_EFS` .\n\nThe `identifier` is used to mount your file system.", - "title": "Identifier", - "type": "string" - }, - "Location": { - "markdownDescription": "A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path` . You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is `fs-abcd1234.efs.us-west-2.amazonaws.com` , and its mount directory is `my-efs-mount-directory` , then the `location` is `fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory` .\n\nThe directory path in the format `efs-dns-name:/directory-path` is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.", - "title": "Location", - "type": "string" - }, - "MountOptions": { - "markdownDescription": "The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are `nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2` . For more information, see [Recommended NFS Mount Options](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-nfs-mount-settings.html) .", - "title": "MountOptions", - "type": "string" - }, - "MountPoint": { - "markdownDescription": "The location in the container where you mount the file system.", - "title": "MountPoint", - "type": "string" + "InputConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", + "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", + "title": "InputConfig" }, "Type": { - "markdownDescription": "The type of the file system. The one supported type is `EFS` .", + "markdownDescription": "What type of information is found in the dataset.", "title": "Type", "type": "string" } }, "required": [ - "Identifier", - "Location", - "MountPoint", + "InputConfig", "Type" ], "type": "object" }, - "AWS::CodeBuild::Project.ProjectFleet": { - "additionalProperties": false, - "properties": { - "FleetArn": { - "markdownDescription": "Specifies the compute fleet ARN for the build project.", - "title": "FleetArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectSourceVersion": { - "additionalProperties": false, - "properties": { - "SourceIdentifier": { - "markdownDescription": "An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", - "title": "SourceIdentifier", - "type": "string" - }, - "SourceVersion": { - "markdownDescription": "The source version for the corresponding source identifier. If specified, must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example, `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", - "title": "SourceVersion", - "type": "string" - } - }, - "required": [ - "SourceIdentifier" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.ProjectTriggers": { + "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { "additionalProperties": false, "properties": { - "BuildType": { - "markdownDescription": "Specifies the type of build this webhook will trigger. Allowed values are:\n\n- **BUILD** - A single build\n- **BUILD_BATCH** - A batch build", - "title": "BuildType", - "type": "string" + "DataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", + "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", + "title": "DataSource" }, - "FilterGroups": { + "Schema": { "items": { - "$ref": "#/definitions/AWS::CodeBuild::Project.FilterGroup" + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" }, - "markdownDescription": "A list of lists of `WebhookFilter` objects used to determine which webhook events are triggered. At least one `WebhookFilter` in the array must specify `EVENT` as its type.", - "title": "FilterGroups", + "markdownDescription": "The schema information for the training data.", + "title": "Schema", "type": "array" - }, - "Webhook": { - "markdownDescription": "Specifies whether or not to begin automatically rebuilding the source code every time a code change is pushed to the repository.", - "title": "Webhook", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.RegistryCredential": { - "additionalProperties": false, - "properties": { - "Credential": { - "markdownDescription": "The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager .\n\n> The `credential` can use the name of the credentials only if they exist in your current AWS Region .", - "title": "Credential", - "type": "string" - }, - "CredentialProvider": { - "markdownDescription": "The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager .", - "title": "CredentialProvider", - "type": "string" - } - }, - "required": [ - "Credential", - "CredentialProvider" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.S3LogsConfig": { - "additionalProperties": false, - "properties": { - "EncryptionDisabled": { - "markdownDescription": "Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "Location": { - "markdownDescription": "The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is `my-bucket` , and your path prefix is `build-log` , then acceptable formats are `my-bucket/build-log` or `arn:aws:s3:::my-bucket/build-log` .", - "title": "Location", - "type": "string" - }, - "Status": { - "markdownDescription": "The current status of the S3 build logs. Valid values are:\n\n- `ENABLED` : S3 build logs are enabled for this build project.\n- `DISABLED` : S3 build logs are not enabled for this build project.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.Source": { - "additionalProperties": false, - "properties": { - "Auth": { - "$ref": "#/definitions/AWS::CodeBuild::Project.SourceAuth", - "markdownDescription": "Information about the authorization settings for AWS CodeBuild to access the source code to be built.", - "title": "Auth" - }, - "BuildSpec": { - "markdownDescription": "The build specification for the project. If this value is not provided, then the source code must contain a buildspec file named `buildspec.yml` at the root level. If this value is provided, it can be either a single string containing the entire build specification, or the path to an alternate buildspec file relative to the value of the built-in environment variable `CODEBUILD_SRC_DIR` . The alternate buildspec file can have a name other than `buildspec.yml` , for example `myspec.yml` or `build_spec_qa.yml` or similar. For more information, see the [Build Spec Reference](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-example) in the *AWS CodeBuild User Guide* .", - "title": "BuildSpec", - "type": "string" - }, - "BuildStatusConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.BuildStatusConfig", - "markdownDescription": "Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB` , `GITHUB_ENTERPRISE` , or `BITBUCKET` .", - "title": "BuildStatusConfig" - }, - "GitCloneDepth": { - "markdownDescription": "The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.", - "title": "GitCloneDepth", - "type": "number" - }, - "GitSubmodulesConfig": { - "$ref": "#/definitions/AWS::CodeBuild::Project.GitSubmodulesConfig", - "markdownDescription": "Information about the Git submodules configuration for the build project.", - "title": "GitSubmodulesConfig" - }, - "InsecureSsl": { - "markdownDescription": "This is used with GitHub Enterprise only. Set to true to ignore SSL warnings while connecting to your GitHub Enterprise project repository. The default value is `false` . `InsecureSsl` should be used for testing purposes only. It should not be used in a production environment.", - "title": "InsecureSsl", - "type": "boolean" - }, - "Location": { - "markdownDescription": "Information about the location of the source code to be built. Valid values include:\n\n- For source code settings that are specified in the source action of a pipeline in CodePipeline, `location` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.\n- For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, `https://git-codecommit..amazonaws.com/v1/repos/` ).\n- For source code in an Amazon S3 input bucket, one of the following.\n\n- The path to the ZIP file that contains the source code (for example, `//.zip` ).\n- The path to the folder that contains the source code (for example, `///` ).\n- For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n- For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the `auth` object's `type` value to `CODECONNECTIONS` in the `source` object.\n- For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n\nIf you specify `CODEPIPELINE` for the `Type` property, don't specify this property. For all of the other types, you must specify `Location` .", - "title": "Location", - "type": "string" - }, - "ReportBuildStatus": { - "markdownDescription": "Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an `invalidInputException` is thrown.", - "title": "ReportBuildStatus", - "type": "boolean" - }, - "SourceIdentifier": { - "markdownDescription": "An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", - "title": "SourceIdentifier", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of repository that contains the source code to be built. Valid values include:\n\n- `BITBUCKET` : The source code is in a Bitbucket repository.\n- `CODECOMMIT` : The source code is in an CodeCommit repository.\n- `CODEPIPELINE` : The source code settings are specified in the source action of a pipeline in CodePipeline.\n- `GITHUB` : The source code is in a GitHub repository.\n- `GITHUB_ENTERPRISE` : The source code is in a GitHub Enterprise Server repository.\n- `GITLAB` : The source code is in a GitLab repository.\n- `GITLAB_SELF_MANAGED` : The source code is in a self-managed GitLab repository.\n- `NO_SOURCE` : The project does not have input source code.\n- `S3` : The source code is in an Amazon S3 bucket.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CodeBuild::Project.SourceAuth": { - "additionalProperties": false, - "properties": { - "Resource": { - "markdownDescription": "The resource value that applies to the specified authorization type.", - "title": "Resource", - "type": "string" - }, - "Type": { - "markdownDescription": "The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.", - "title": "Type", - "type": "string" } }, "required": [ - "Type" + "DataSource", + "Schema" ], "type": "object" }, - "AWS::CodeBuild::Project.VpcConfig": { + "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC. The maximum count is 5.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC. The maximum count is 16.", - "title": "Subnets", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the Amazon VPC.", - "title": "VpcId", + "CatalogId": { + "markdownDescription": "The Glue catalog that contains the training data.", + "title": "CatalogId", "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeBuild::Project.WebhookFilter": { - "additionalProperties": false, - "properties": { - "ExcludeMatchedPattern": { - "markdownDescription": "Used to indicate that the `pattern` determines which webhook events do not trigger a build. If true, then a webhook event that does not match the `pattern` triggers a build. If false, then a webhook event that matches the `pattern` triggers a build.", - "title": "ExcludeMatchedPattern", - "type": "boolean" }, - "Pattern": { - "markdownDescription": "For a `WebHookFilter` that uses `EVENT` type, a comma-separated string that specifies one or more events. For example, the webhook filter `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` allows all push, pull request created, and pull request updated events to trigger a build.\n\nFor a `WebHookFilter` that uses any of the other filter types, a regular expression pattern. For example, a `WebHookFilter` that uses `HEAD_REF` for its `type` and the pattern `^refs/heads/` triggers a build when the head reference is a branch with a reference name `refs/heads/branch-name` .", - "title": "Pattern", + "DatabaseName": { + "markdownDescription": "The Glue database that contains the training data.", + "title": "DatabaseName", "type": "string" }, - "Type": { - "markdownDescription": "The type of webhook filter. There are 11 webhook filter types: `EVENT` , `ACTOR_ACCOUNT_ID` , `HEAD_REF` , `BASE_REF` , `FILE_PATH` , `COMMIT_MESSAGE` , `TAG_NAME` , `RELEASE_NAME` , `REPOSITORY_NAME` , `ORGANIZATION_NAME` , and `WORKFLOW_NAME` .\n\n- EVENT\n\n- A webhook event triggers a build when the provided `pattern` matches one of nine event types: `PUSH` , `PULL_REQUEST_CREATED` , `PULL_REQUEST_UPDATED` , `PULL_REQUEST_CLOSED` , `PULL_REQUEST_REOPENED` , `PULL_REQUEST_MERGED` , `RELEASED` , `PRERELEASED` , and `WORKFLOW_JOB_QUEUED` . The `EVENT` patterns are specified as a comma-separated string. For example, `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` filters all push, pull request created, and pull request updated events.\n\n> Types `PULL_REQUEST_REOPENED` and `WORKFLOW_JOB_QUEUED` work with GitHub and GitHub Enterprise only. Types `RELEASED` and `PRERELEASED` work with GitHub only.\n- ACTOR_ACCOUNT_ID\n\n- A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression `pattern` .\n- HEAD_REF\n\n- A webhook event triggers a build when the head reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` and `refs/tags/tag-name` .\n\n> Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.\n- BASE_REF\n\n- A webhook event triggers a build when the base reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` .\n\n> Works with pull request events only.\n- FILE_PATH\n\n- A webhook triggers a build when the path of a changed file matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- COMMIT_MESSAGE\n\n- A webhook triggers a build when the head commit message matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- TAG_NAME\n\n- A webhook triggers a build when the tag name of the release matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- RELEASE_NAME\n\n- A webhook triggers a build when the release name matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- REPOSITORY_NAME\n\n- A webhook triggers a build when the repository name matches the regular expression `pattern` .\n\n> Works with GitHub global or organization webhooks only.\n- ORGANIZATION_NAME\n\n- A webhook triggers a build when the organization name matches the regular expression `pattern` .\n\n> Works with GitHub global webhooks only.\n- WORKFLOW_NAME\n\n- A webhook triggers a build when the workflow name matches the regular expression `pattern` .\n\n> Works with `WORKFLOW_JOB_QUEUED` events only. > For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name.", - "title": "Type", + "TableName": { + "markdownDescription": "The Glue table that contains the training data.", + "title": "TableName", "type": "string" } }, "required": [ - "Pattern", - "Type" + "DatabaseName", + "TableName" ], "type": "object" }, - "AWS::CodeBuild::ReportGroup": { + "AWS::Cloud9::EnvironmentEC2": { "additionalProperties": false, "properties": { "Condition": { @@ -41980,44 +46440,72 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteReports": { - "markdownDescription": "When deleting a report group, specifies if reports within the report group should be deleted.\n\n- **true** - Deletes any reports that belong to the report group before deleting the report group.\n- **false** - You must delete any reports in the report group. This is the default value. If you delete a report group that contains one or more reports, an exception is thrown.", - "title": "DeleteReports", - "type": "boolean" + "AutomaticStopTimeMinutes": { + "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", + "title": "AutomaticStopTimeMinutes", + "type": "number" }, - "ExportConfig": { - "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.ReportExportConfig", - "markdownDescription": "Information about the destination where the raw data of this `ReportGroup` is exported.", - "title": "ExportConfig" + "ConnectionType": { + "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", + "title": "ConnectionType", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the environment to create.", + "title": "Description", + "type": "string" + }, + "ImageId": { + "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", + "title": "ImageId", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", + "title": "InstanceType", + "type": "string" }, "Name": { - "markdownDescription": "The name of the `ReportGroup` .", + "markdownDescription": "The name of the environment.", "title": "Name", "type": "string" }, + "OwnerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", + "title": "OwnerArn", + "type": "string" + }, + "Repositories": { + "items": { + "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" + }, + "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", + "title": "Repositories", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", + "title": "SubnetId", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tag key and value pairs associated with this report group.\n\nThese tags are available for use by AWS services that support AWS CodeBuild report group tags.", + "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the `ReportGroup` . This can be one of the following values:\n\n- **CODE_COVERAGE** - The report group contains code coverage reports.\n- **TEST** - The report group contains test reports.", - "title": "Type", - "type": "string" } }, "required": [ - "ExportConfig", - "Type" + "ImageId", + "InstanceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::ReportGroup" + "AWS::Cloud9::EnvironmentEC2" ], "type": "string" }, @@ -42036,65 +46524,27 @@ ], "type": "object" }, - "AWS::CodeBuild::ReportGroup.ReportExportConfig": { - "additionalProperties": false, - "properties": { - "ExportConfigType": { - "markdownDescription": "The export configuration type. Valid values are:\n\n- `S3` : The report results are exported to an S3 bucket.\n- `NO_EXPORT` : The report results are not exported.", - "title": "ExportConfigType", - "type": "string" - }, - "S3Destination": { - "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.S3ReportExportConfig", - "markdownDescription": "A `S3ReportExportConfig` object that contains information about the S3 bucket where the run of a report is exported.", - "title": "S3Destination" - } - }, - "required": [ - "ExportConfigType" - ], - "type": "object" - }, - "AWS::CodeBuild::ReportGroup.S3ReportExportConfig": { + "AWS::Cloud9::EnvironmentEC2.Repository": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket where the raw data of a report are exported.", - "title": "Bucket", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.", - "title": "BucketOwner", - "type": "string" - }, - "EncryptionDisabled": { - "markdownDescription": "A boolean value that specifies if the results of a report are encrypted.", - "title": "EncryptionDisabled", - "type": "boolean" - }, - "EncryptionKey": { - "markdownDescription": "The encryption key for the report's encrypted raw data.", - "title": "EncryptionKey", - "type": "string" - }, - "Packaging": { - "markdownDescription": "The type of build output artifact to create. Valid values include:\n\n- `NONE` : CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.\n- `ZIP` : CodeBuild creates a ZIP file with the raw data in the output bucket.", - "title": "Packaging", + "PathComponent": { + "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", + "title": "PathComponent", "type": "string" }, - "Path": { - "markdownDescription": "The path to the exported report's raw data results.", - "title": "Path", + "RepositoryUrl": { + "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", + "title": "RepositoryUrl", "type": "string" } }, "required": [ - "Bucket" + "PathComponent", + "RepositoryUrl" ], "type": "object" }, - "AWS::CodeBuild::SourceCredential": { + "AWS::CloudFormation::CustomResource": { "additionalProperties": false, "properties": { "Condition": { @@ -42129,37 +46579,25 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, CODECONNECTIONS, or SECRETS_MANAGER.", - "title": "AuthType", - "type": "string" - }, - "ServerType": { - "markdownDescription": "The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.", - "title": "ServerType", - "type": "string" - }, - "Token": { - "markdownDescription": "For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the `authType` CODECONNECTIONS, this is the `connectionArn` . For the `authType` SECRETS_MANAGER, this is the `secretArn` .", - "title": "Token", - "type": "string" + "ServiceTimeout": { + "markdownDescription": "The maximum time, in seconds, that can elapse before a custom resource operation times out.\n\nThe value must be an integer from 1 to 3600. The default value is 3600 seconds (1 hour).", + "title": "ServiceTimeout", + "type": "number" }, - "Username": { - "markdownDescription": "The Bitbucket username when the `authType` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.", - "title": "Username", + "ServiceToken": { + "markdownDescription": "The service token, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same Region as the stack.\n\nUpdates aren't supported.", + "title": "ServiceToken", "type": "string" } }, "required": [ - "AuthType", - "ServerType", - "Token" + "ServiceToken" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeBuild::SourceCredential" + "AWS::CloudFormation::CustomResource" ], "type": "string" }, @@ -42178,7 +46616,7 @@ ], "type": "object" }, - "AWS::CodeCommit::Repository": { + "AWS::CloudFormation::GuardHook": { "additionalProperties": false, "properties": { "Condition": { @@ -42213,51 +46651,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Code": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.Code", - "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack. Information about code is only used in resource creation. Updates to a stack will not reflect changes made to code properties after initial resource creation.\n\n> You can only use this property to add code when creating a repository with a AWS CloudFormation template at creation time. This property cannot be used for updating code to an existing repository.", - "title": "Code" + "Alias": { + "markdownDescription": "The type name alias for the Hook. This alias must be unique per account and Region.\n\nThe alias must be in the form `Name1::Name2::Name3` and must not begin with `AWS` . For example, `Private::Guard::MyTestHook` .", + "title": "Alias", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service encryption key used to encrypt and decrypt the repository.\n\n> The input can be the full ARN, the key ID, or the key alias. For more information, see [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html) .", - "title": "KmsKeyId", + "ExecutionRole": { + "markdownDescription": "The IAM role that the Hook assumes to retrieve your Guard rules from S3 and optionally write a detailed Guard output report back.", + "title": "ExecutionRole", "type": "string" }, - "RepositoryDescription": { - "markdownDescription": "A comment or description about the new repository.\n\n> The description field for a repository accepts all HTML characters and all valid Unicode characters. Applications that do not HTML-encode the description and display it in a webpage can expose users to potentially malicious code. Make sure that you HTML-encode the description field in any application that uses this API to display the repository description on a webpage.", - "title": "RepositoryDescription", + "FailureMode": { + "markdownDescription": "Specifies how the Hook responds when rules fail their evaluation.\n\n- `FAIL` : Prevents the action from proceeding. This is helpful for enforcing strict compliance or security policies.\n- `WARN` : Issues warnings to users but allows actions to continue. This is useful for non-critical validations or informational checks.", + "title": "FailureMode", "type": "string" }, - "RepositoryName": { - "markdownDescription": "The name of the new repository to be created.\n\n> The repository name must be unique across the calling AWS account . Repository names are limited to 100 alphanumeric, dash, and underscore characters, and cannot include certain characters. For more information about the limits on repository names, see [Quotas](https://docs.aws.amazon.com/codecommit/latest/userguide/limits.html) in the *AWS CodeCommit User Guide* . The suffix .git is prohibited.", - "title": "RepositoryName", + "HookStatus": { + "markdownDescription": "Specifies if the Hook is `ENABLED` or `DISABLED` .", + "title": "HookStatus", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more tag key-value pairs to use when tagging this repository.", - "title": "Tags", - "type": "array" + "LogBucket": { + "markdownDescription": "Specifies the name of an S3 bucket to store the Guard output report. This report contains the results of your Guard rule validations.", + "title": "LogBucket", + "type": "string" }, - "Triggers": { + "Options": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.Options", + "markdownDescription": "Specifies the S3 location of your input parameters.", + "title": "Options" + }, + "RuleLocation": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.S3Location", + "markdownDescription": "Specifies the S3 location of your Guard rules.", + "title": "RuleLocation" + }, + "StackFilters": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackFilters", + "markdownDescription": "Specifies the stack level filters for the Hook.\n\nExample stack level filter in JSON:\n\n`\"StackFilters\": {\"FilteringCriteria\": \"ALL\", \"StackNames\": {\"Exclude\": [ \"stack-1\", \"stack-2\"]}}` \n\nExample stack level filter in YAML:\n\n`StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2`", + "title": "StackFilters" + }, + "TargetFilters": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.TargetFilters", + "markdownDescription": "Specifies the target filters for the Hook.\n\nExample target filter in JSON:\n\n`\"TargetFilters\": {\"Actions\": [ \"Create\", \"Update\", \"Delete\" ]}` \n\nExample target filter in YAML:\n\n`TargetFilters: Actions: - CREATE - UPDATE - DELETE`", + "title": "TargetFilters" + }, + "TargetOperations": { "items": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.RepositoryTrigger" + "type": "string" }, - "markdownDescription": "The JSON block of configuration information for each trigger.", - "title": "Triggers", + "markdownDescription": "Specifies the list of operations the Hook is run against. For more information, see [Hook targets](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target) in the *AWS CloudFormation Hooks User Guide* .\n\nValid values: `STACK` | `RESOURCE` | `CHANGE_SET` | `CLOUD_CONTROL`", + "title": "TargetOperations", "type": "array" } }, "required": [ - "RepositoryName" + "Alias", + "ExecutionRole", + "FailureMode", + "HookStatus", + "RuleLocation", + "TargetOperations" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeCommit::Repository" + "AWS::CloudFormation::GuardHook" ], "type": "string" }, @@ -42276,93 +46736,155 @@ ], "type": "object" }, - "AWS::CodeCommit::Repository.Code": { + "AWS::CloudFormation::GuardHook.HookTarget": { "additionalProperties": false, "properties": { - "BranchName": { - "markdownDescription": "Optional. Specifies a branch name to be used as the default branch when importing code into a repository on initial creation. If this property is not set, the name *main* will be used for the default branch for the repository. Changes to this property are ignored after initial resource creation. We recommend using this parameter to set the name to *main* to align with the default behavior of CodeCommit unless another name is needed.", - "title": "BranchName", + "Action": { "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::CodeCommit::Repository.S3", - "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository. Changes to this property are ignored after initial resource creation.", - "title": "S3" + "InvocationPoint": { + "type": "string" + }, + "TargetName": { + "type": "string" } }, "required": [ - "S3" + "Action", + "InvocationPoint", + "TargetName" ], "type": "object" }, - "AWS::CodeCommit::Repository.RepositoryTrigger": { + "AWS::CloudFormation::GuardHook.Options": { "additionalProperties": false, "properties": { - "Branches": { + "InputParams": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.S3Location", + "markdownDescription": "Specifies the S3 location where your input parameters are located.", + "title": "InputParams" + } + }, + "type": "object" + }, + "AWS::CloudFormation::GuardHook.S3Location": { + "additionalProperties": false, + "properties": { + "Uri": { + "markdownDescription": "Specifies the S3 path to the file that contains your Guard rules or input parameters (in the form `s3:///` ).\n\nFor Guard rules, the object stored in S3 must have one of the following file extensions: `.guard` , `.zip` , or `.tar.gz` .\n\nFor input parameters, the object stored in S3 must have one of the following file extensions: `.yaml` , `.json` , `.zip` , or `.tar.gz` .", + "title": "Uri", + "type": "string" + }, + "VersionId": { + "markdownDescription": "For S3 buckets with versioning enabled, specifies the unique ID of the S3 object version to download your Guard rules or input parameters from.\n\nThe Guard Hook downloads files from S3 every time the Hook is invoked. To prevent accidental changes or deletions, we recommend using a version when configuring your Guard Hook.", + "title": "VersionId", + "type": "string" + } + }, + "required": [ + "Uri" + ], + "type": "object" + }, + "AWS::CloudFormation::GuardHook.StackFilters": { + "additionalProperties": false, + "properties": { + "FilteringCriteria": { + "markdownDescription": "The filtering criteria.\n\n- All stack names and stack roles ( `All` ): The Hook will only be invoked when all specified filters match.\n- Any stack names and stack roles ( `Any` ): The Hook will be invoked if at least one of the specified filters match.", + "title": "FilteringCriteria", + "type": "string" + }, + "StackNames": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackNames", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations.", + "title": "StackNames" + }, + "StackRoles": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.StackRoles", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations based on their associated IAM roles.", + "title": "StackRoles" + } + }, + "required": [ + "FilteringCriteria" + ], + "type": "object" + }, + "AWS::CloudFormation::GuardHook.StackNames": { + "additionalProperties": false, + "properties": { + "Exclude": { "items": { "type": "string" }, - "markdownDescription": "The branches to be included in the trigger configuration. If you specify an empty array, the trigger applies to all branches.\n\n> Although no content is required in the array, you must include the array itself.", - "title": "Branches", + "markdownDescription": "The stack names to exclude. All stacks except those listed here will invoke the Hook.", + "title": "Exclude", "type": "array" }, - "CustomData": { - "markdownDescription": "Any custom data associated with the trigger to be included in the information sent to the target of the trigger.", - "title": "CustomData", - "type": "string" - }, - "DestinationArn": { - "markdownDescription": "The ARN of the resource that is the target for a trigger (for example, the ARN of a topic in Amazon SNS).", - "title": "DestinationArn", - "type": "string" - }, - "Events": { + "Include": { "items": { "type": "string" }, - "markdownDescription": "The repository events that cause the trigger to run actions in another service, such as sending a notification through Amazon SNS.\n\n> The valid value \"all\" cannot be used with any other values.", - "title": "Events", + "markdownDescription": "The stack names to include. Only the stacks specified in this list will invoke the Hook.", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFormation::GuardHook.StackRoles": { + "additionalProperties": false, + "properties": { + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs for stacks you want to exclude. The Hook will be invoked on all stacks except those initiated by the specified roles.", + "title": "Exclude", "type": "array" }, - "Name": { - "markdownDescription": "The name of the trigger.", - "title": "Name", - "type": "string" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM role ARNs to target stacks associated with these roles. Only stack operations initiated by these roles will invoke the Hook.", + "title": "Include", + "type": "array" } }, - "required": [ - "DestinationArn", - "Events", - "Name" - ], "type": "object" }, - "AWS::CodeCommit::Repository.S3": { + "AWS::CloudFormation::GuardHook.TargetFilters": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content that will be committed to the new repository. This can be specified using the name of the bucket in the AWS account . Changes to this property are ignored after initial resource creation.", - "title": "Bucket", - "type": "string" + "Actions": { + "items": { + "type": "string" + }, + "type": "array" }, - "Key": { - "markdownDescription": "The key to use for accessing the Amazon S3 bucket. Changes to this property are ignored after initial resource creation. For more information, see [Creating object key names](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) and [Uploading objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/upload-objects.html) in the Amazon S3 User Guide.", - "title": "Key", - "type": "string" + "InvocationPoints": { + "items": { + "type": "string" + }, + "type": "array" }, - "ObjectVersion": { - "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket. Changes to this property are ignored after initial resource creation.", - "title": "ObjectVersion", - "type": "string" + "TargetNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook.HookTarget" + }, + "type": "array" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::CodeConnections::Connection": { + "AWS::CloudFormation::HookDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -42397,38 +46919,27 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", - "title": "ConnectionName", + "TypeName": { + "markdownDescription": "The name of the Hook.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeName", "type": "string" }, - "HostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", - "title": "HostArn", + "TypeVersionArn": { + "markdownDescription": "The version ID of the type configuration.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeVersionArn", "type": "string" }, - "ProviderType": { - "markdownDescription": "The name of the external provider where your third-party code repository is configured.", - "title": "ProviderType", + "VersionId": { + "markdownDescription": "The version ID of the type specified.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "VersionId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" } }, - "required": [ - "ConnectionName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeConnections::Connection" + "AWS::CloudFormation::HookDefaultVersion" ], "type": "string" }, @@ -42442,12 +46953,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CodeDeploy::Application": { + "AWS::CloudFormation::HookTypeConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -42482,30 +46992,35 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> Updates to `ApplicationName` are not supported.", - "title": "ApplicationName", + "Configuration": { + "markdownDescription": "Specifies the activated Hook type configuration, in this AWS account and AWS Region .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "Configuration", "type": "string" }, - "ComputePlatform": { - "markdownDescription": "The compute platform that CodeDeploy deploys the application to.", - "title": "ComputePlatform", + "ConfigurationAlias": { + "markdownDescription": "An alias by which to refer to this configuration data.\n\nDefaults to `default` alias. Hook types currently support default configuration alias.", + "title": "ConfigurationAlias", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", - "title": "Tags", - "type": "array" + "TypeArn": { + "markdownDescription": "The Amazon Resource Number (ARN) for the Hook to set `Configuration` for.\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "TypeArn", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The unique name for your Hook. Specifies a three-part namespace for your Hook, with a recommended pattern of `Organization::Service::Hook` .\n\nYou must specify either `TypeName` and `Configuration` or `TypeArn` and `Configuration` .", + "title": "TypeName", + "type": "string" } }, + "required": [ + "Configuration" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::Application" + "AWS::CloudFormation::HookTypeConfig" ], "type": "string" }, @@ -42519,11 +47034,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig": { + "AWS::CloudFormation::HookVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -42558,37 +47074,36 @@ "Properties": { "additionalProperties": false, "properties": { - "ComputePlatform": { - "markdownDescription": "The destination platform type for the deployment ( `Lambda` , `Server` , or `ECS` ).", - "title": "ComputePlatform", - "type": "string" - }, - "DeploymentConfigName": { - "markdownDescription": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DeploymentConfigName", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.", + "title": "ExecutionRoleArn", "type": "string" }, - "MinimumHealthyHosts": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts", - "markdownDescription": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.\n\nThe type parameter takes either of the following values:\n\n- HOST_COUNT: The value parameter represents the minimum number of healthy instances as an absolute value.\n- FLEET_PERCENT: The value parameter represents the minimum number of healthy instances as a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\n\nThe value parameter takes an integer.\n\nFor example, to set a minimum of 95% healthy instance, specify a type of FLEET_PERCENT and a value of 95.\n\nFor more information about instance health, see [CodeDeploy Instance Health](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-health.html) in the AWS CodeDeploy User Guide.", - "title": "MinimumHealthyHosts" + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::HookVersion.LoggingConfig", + "markdownDescription": "Contains logging configuration information for an extension.", + "title": "LoggingConfig" }, - "TrafficRoutingConfig": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig", - "markdownDescription": "The configuration that specifies how the deployment traffic is routed.", - "title": "TrafficRoutingConfig" + "SchemaHandlerPackage": { + "markdownDescription": "A URL to the Amazon S3 bucket for the Hook project package that contains the necessary files for the Hook you want to register.\n\nFor information on generating a schema handler package, see [Modeling custom CloudFormation Hooks](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html) in the *AWS CloudFormation Hooks User Guide* .\n\n> To register the Hook, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "SchemaHandlerPackage", + "type": "string" }, - "ZonalConfig": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.ZonalConfig", - "markdownDescription": "Configure the `ZonalConfig` object if you want AWS CodeDeploy to deploy your application to one [Availability Zone](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones) at a time, within an AWS Region.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "ZonalConfig" + "TypeName": { + "markdownDescription": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\n> The following organization namespaces are reserved and can't be used in your hook type names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `ASK`\n> - `AWS`\n> - `Custom`\n> - `Dev`", + "title": "TypeName", + "type": "string" } }, + "required": [ + "SchemaHandlerPackage", + "TypeName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::DeploymentConfig" + "AWS::CloudFormation::HookVersion" ], "type": "string" }, @@ -42601,137 +47116,29 @@ "type": "string" } }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The minimum healthy instance type:\n\n- HOST_COUNT: The minimum number of healthy instance as an absolute value.\n- FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment.\n\nIn an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails.\n\n> In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. \n\nFor more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The minimum healthy instance value.", - "title": "Value", - "type": "number" - } - }, "required": [ "Type", - "Value" + "Properties" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone": { + "AWS::CloudFormation::HookVersion.LoggingConfig": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The `type` associated with the `MinimumHealthyHostsPerZone` option.", - "title": "Type", + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", + "title": "LogGroupName", "type": "string" }, - "Value": { - "markdownDescription": "The `value` associated with the `MinimumHealthyHostsPerZone` option.", - "title": "Value", - "type": "number" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary": { - "additionalProperties": false, - "properties": { - "CanaryInterval": { - "markdownDescription": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.", - "title": "CanaryInterval", - "type": "number" - }, - "CanaryPercentage": { - "markdownDescription": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.", - "title": "CanaryPercentage", - "type": "number" - } - }, - "required": [ - "CanaryInterval", - "CanaryPercentage" - ], - "type": "object" - }, - "AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear": { - "additionalProperties": false, - "properties": { - "LinearInterval": { - "markdownDescription": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.", - "title": "LinearInterval", - "type": "number" - }, - "LinearPercentage": { - "markdownDescription": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.", - "title": "LinearPercentage", - "type": "number" - } - }, - "required": [ - "LinearInterval", - "LinearPercentage" - ], - "type": "object" - }, - "AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig": { - "additionalProperties": false, - "properties": { - "TimeBasedCanary": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary", - "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file.", - "title": "TimeBasedCanary" - }, - "TimeBasedLinear": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear", - "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file.", - "title": "TimeBasedLinear" - }, - "Type": { - "markdownDescription": "The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration.", - "title": "Type", + "LogRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", + "title": "LogRoleArn", "type": "string" } }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::CodeDeploy::DeploymentConfig.ZonalConfig": { - "additionalProperties": false, - "properties": { - "FirstZoneMonitorDurationInSeconds": { - "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "FirstZoneMonitorDurationInSeconds", - "type": "number" - }, - "MinimumHealthyHostsPerZone": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone", - "markdownDescription": "The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* .\n\nIf you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "MinimumHealthyHostsPerZone" - }, - "MonitorDurationInSeconds": { - "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", - "title": "MonitorDurationInSeconds", - "type": "number" - } - }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup": { + "AWS::CloudFormation::LambdaHook": { "additionalProperties": false, "properties": { "Condition": { @@ -42766,134 +47173,63 @@ "Properties": { "additionalProperties": false, "properties": { - "AlarmConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration", - "markdownDescription": "Information about the Amazon CloudWatch alarms that are associated with the deployment group.", - "title": "AlarmConfiguration" - }, - "ApplicationName": { - "markdownDescription": "The name of an existing CodeDeploy application to associate this deployment group with.", - "title": "ApplicationName", + "Alias": { + "markdownDescription": "The type name alias for the Hook. This alias must be unique per account and Region.\n\nThe alias must be in the form `Name1::Name2::Name3` and must not begin with `AWS` . For example, `Private::Lambda::MyTestHook` .", + "title": "Alias", "type": "string" }, - "AutoRollbackConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration", - "markdownDescription": "Information about the automatic rollback configuration that is associated with the deployment group. If you specify this property, don't specify the `Deployment` property.", - "title": "AutoRollbackConfiguration" - }, - "AutoScalingGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of associated Auto Scaling groups that CodeDeploy automatically deploys revisions to when new instances are created. Duplicates are not allowed.", - "title": "AutoScalingGroups", - "type": "array" - }, - "BlueGreenDeploymentConfiguration": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration", - "markdownDescription": "Information about blue/green deployment options for a deployment group.", - "title": "BlueGreenDeploymentConfiguration" - }, - "Deployment": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Deployment", - "markdownDescription": "The application revision to deploy to this deployment group. If you specify this property, your target application revision is deployed as soon as the provisioning process is complete. If you specify this property, don't specify the `AutoRollbackConfiguration` property.", - "title": "Deployment" - }, - "DeploymentConfigName": { - "markdownDescription": "A deployment configuration name or a predefined configuration name. With predefined configurations, you can deploy application revisions to one instance at a time ( `CodeDeployDefault.OneAtATime` ), half of the instances at a time ( `CodeDeployDefault.HalfAtATime` ), or all the instances at once ( `CodeDeployDefault.AllAtOnce` ). For more information and valid values, see [Working with Deployment Configurations](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) in the *AWS CodeDeploy User Guide* .", - "title": "DeploymentConfigName", + "ExecutionRole": { + "markdownDescription": "The IAM role that the Hook assumes to invoke your Lambda function.", + "title": "ExecutionRole", "type": "string" }, - "DeploymentGroupName": { - "markdownDescription": "A name for the deployment group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment group name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DeploymentGroupName", + "FailureMode": { + "markdownDescription": "Specifies how the Hook responds when the Lambda function invoked by the Hook returns a `FAILED` response.\n\n- `FAIL` : Prevents the action from proceeding. This is helpful for enforcing strict compliance or security policies.\n- `WARN` : Issues warnings to users but allows actions to continue. This is useful for non-critical validations or informational checks.", + "title": "FailureMode", "type": "string" }, - "DeploymentStyle": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentStyle", - "markdownDescription": "Attributes that determine the type of deployment to run and whether to route deployment traffic behind a load balancer.\n\nIf you specify this property with a blue/green deployment type, don't specify the `AutoScalingGroups` , `LoadBalancerInfo` , or `Deployment` properties.\n\n> For blue/green deployments, AWS CloudFormation supports deployments on Lambda compute platforms only. You can perform Amazon ECS blue/green deployments using `AWS::CodeDeploy::BlueGreen` hook. See [Perform Amazon ECS blue/green deployments through CodeDeploy using AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/blue-green.html) for more information.", - "title": "DeploymentStyle" - }, - "ECSServices": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ECSService" - }, - "markdownDescription": "The target Amazon ECS services in the deployment group. This applies only to deployment groups that use the Amazon ECS compute platform. A target Amazon ECS service is specified as an Amazon ECS cluster and service name pair using the format `:` .", - "title": "ECSServices", - "type": "array" - }, - "Ec2TagFilters": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" - }, - "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group. Duplicates are not allowed.\n\nYou can specify `EC2TagFilters` or `Ec2TagSet` , but not both.", - "title": "Ec2TagFilters", - "type": "array" - }, - "Ec2TagSet": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSet", - "markdownDescription": "Information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same call as `ec2TagFilter` .", - "title": "Ec2TagSet" - }, - "LoadBalancerInfo": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo", - "markdownDescription": "Information about the load balancer to use in a deployment. For more information, see [Integrating CodeDeploy with Elastic Load Balancing](https://docs.aws.amazon.com/codedeploy/latest/userguide/integrations-aws-elastic-load-balancing.html) in the *AWS CodeDeploy User Guide* .", - "title": "LoadBalancerInfo" - }, - "OnPremisesInstanceTagFilters": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" - }, - "markdownDescription": "The on-premises instance tags already applied to on-premises instances that you want to include in the deployment group. CodeDeploy includes all on-premises instances identified by any of the tags you specify in this deployment group. To register on-premises instances with CodeDeploy , see [Working with On-Premises Instances for CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-on-premises.html) in the *AWS CodeDeploy User Guide* . Duplicates are not allowed.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", - "title": "OnPremisesInstanceTagFilters", - "type": "array" - }, - "OnPremisesTagSet": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet", - "markdownDescription": "Information about groups of tags applied to on-premises instances. The deployment group includes only on-premises instances identified by all the tag groups.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", - "title": "OnPremisesTagSet" - }, - "OutdatedInstancesStrategy": { - "markdownDescription": "Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision.\n\nIf this option is set to `UPDATE` or is unspecified, CodeDeploy initiates one or more 'auto-update outdated instances' deployments to apply the deployed application revision to the new Amazon EC2 instances.\n\nIf this option is set to `IGNORE` , CodeDeploy does not initiate a deployment to update the new Amazon EC2 instances. This may result in instances having different revisions.", - "title": "OutdatedInstancesStrategy", + "HookStatus": { + "markdownDescription": "Specifies if the Hook is `ENABLED` or `DISABLED` .", + "title": "HookStatus", "type": "string" }, - "ServiceRoleArn": { - "markdownDescription": "A service role Amazon Resource Name (ARN) that grants CodeDeploy permission to make calls to AWS services on your behalf. For more information, see [Create a Service Role for AWS CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-service-role.html) in the *AWS CodeDeploy User Guide* .\n\n> In some cases, you might need to add a dependency on the service role's policy. For more information, see IAM role policy in [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", - "title": "ServiceRoleArn", + "LambdaFunction": { + "markdownDescription": "Specifies the Lambda function for the Hook. You can use:\n\n- The full Amazon Resource Name (ARN) without a suffix.\n- A qualified ARN with a version or alias suffix.", + "title": "LambdaFunction", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to CodeDeploy deployment groups to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", - "title": "Tags", - "type": "array" + "StackFilters": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackFilters", + "markdownDescription": "Specifies the stack level filters for the Hook.\n\nExample stack level filter in JSON:\n\n`\"StackFilters\": {\"FilteringCriteria\": \"ALL\", \"StackNames\": {\"Exclude\": [ \"stack-1\", \"stack-2\"]}}` \n\nExample stack level filter in YAML:\n\n`StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2`", + "title": "StackFilters" }, - "TerminationHookEnabled": { - "markdownDescription": "Indicates whether the deployment group was configured to have CodeDeploy install a termination hook into an Auto Scaling group.\n\nFor more information about the termination hook, see [How Amazon EC2 Auto Scaling works with CodeDeploy](https://docs.aws.amazon.com//codedeploy/latest/userguide/integrations-aws-auto-scaling.html#integrations-aws-auto-scaling-behaviors) in the *AWS CodeDeploy User Guide* .", - "title": "TerminationHookEnabled", - "type": "boolean" + "TargetFilters": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.TargetFilters", + "markdownDescription": "Specifies the target filters for the Hook.\n\nExample target filter in JSON:\n\n`\"TargetFilters\": {\"Actions\": [ \"Create\", \"Update\", \"Delete\" ]}` \n\nExample target filter in YAML:\n\n`TargetFilters: Actions: - CREATE - UPDATE - DELETE`", + "title": "TargetFilters" }, - "TriggerConfigurations": { + "TargetOperations": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TriggerConfig" + "type": "string" }, - "markdownDescription": "Information about triggers associated with the deployment group. Duplicates are not allowed", - "title": "TriggerConfigurations", + "markdownDescription": "Specifies the list of operations the Hook is run against. For more information, see [Hook targets](https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target) in the *AWS CloudFormation Hooks User Guide* .\n\nValid values: `STACK` | `RESOURCE` | `CHANGE_SET` | `CLOUD_CONTROL`", + "title": "TargetOperations", "type": "array" } }, "required": [ - "ApplicationName", - "ServiceRoleArn" + "Alias", + "ExecutionRole", + "FailureMode", + "HookStatus", + "LambdaFunction", + "TargetOperations" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeDeploy::DeploymentGroup" + "AWS::CloudFormation::LambdaHook" ], "type": "string" }, @@ -42912,473 +47248,125 @@ ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.Alarm": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the alarm. Maximum length is 255 characters. Each alarm name can be used only once in a list of alarms.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration": { - "additionalProperties": false, - "properties": { - "Alarms": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Alarm" - }, - "markdownDescription": "A list of alarms configured for the deployment or deployment group. A maximum of 10 alarms can be added.", - "title": "Alarms", - "type": "array" - }, - "Enabled": { - "markdownDescription": "Indicates whether the alarm configuration is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "IgnorePollAlarmFailure": { - "markdownDescription": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from Amazon CloudWatch . The default value is `false` .\n\n- `true` : The deployment proceeds even if alarm status information can't be retrieved from CloudWatch .\n- `false` : The deployment stops if alarm status information can't be retrieved from CloudWatch .", - "title": "IgnorePollAlarmFailure", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether a defined automatic rollback configuration is currently enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Events": { - "items": { - "type": "string" - }, - "markdownDescription": "The event type or types that trigger a rollback. Valid values are `DEPLOYMENT_FAILURE` , `DEPLOYMENT_STOP_ON_ALARM` , or `DEPLOYMENT_STOP_ON_REQUEST` .", - "title": "Events", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration": { - "additionalProperties": false, - "properties": { - "DeploymentReadyOption": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption", - "markdownDescription": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment.", - "title": "DeploymentReadyOption" - }, - "GreenFleetProvisioningOption": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption", - "markdownDescription": "Information about how instances are provisioned for a replacement environment in a blue/green deployment.", - "title": "GreenFleetProvisioningOption" - }, - "TerminateBlueInstancesOnDeploymentSuccess": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption", - "markdownDescription": "Information about whether to terminate instances in the original fleet during a blue/green deployment.", - "title": "TerminateBlueInstancesOnDeploymentSuccess" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption": { + "AWS::CloudFormation::LambdaHook.HookTarget": { "additionalProperties": false, "properties": { "Action": { - "markdownDescription": "The action to take on instances in the original environment after a successful blue/green deployment.\n\n- `TERMINATE` : Instances are terminated after a specified wait time.\n- `KEEP_ALIVE` : Instances are left running after they are deregistered from the load balancer and removed from the deployment group.", - "title": "Action", - "type": "string" - }, - "TerminationWaitTimeInMinutes": { - "markdownDescription": "For an Amazon EC2 deployment, the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n\nFor an Amazon ECS deployment, the number of minutes before deleting the original (blue) task set. During an Amazon ECS deployment, CodeDeploy shifts traffic from the original (blue) task set to a replacement (green) task set.\n\nThe maximum setting is 2880 minutes (2 days).", - "title": "TerminationWaitTimeInMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.Deployment": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A comment about the deployment.", - "title": "Description", - "type": "string" - }, - "IgnoreApplicationStopFailures": { - "markdownDescription": "If true, then if an `ApplicationStop` , `BeforeBlockTraffic` , or `AfterBlockTraffic` deployment lifecycle event to an instance fails, then the deployment continues to the next deployment lifecycle event. For example, if `ApplicationStop` fails, the deployment continues with DownloadBundle. If `BeforeBlockTraffic` fails, the deployment continues with `BlockTraffic` . If `AfterBlockTraffic` fails, the deployment continues with `ApplicationStop` .\n\nIf false or not specified, then if a lifecycle event fails during a deployment to an instance, that deployment fails. If deployment to that instance is part of an overall deployment and the number of healthy hosts is not less than the minimum number of healthy hosts, then a deployment to the next instance is attempted.\n\nDuring a deployment, the AWS CodeDeploy agent runs the scripts specified for `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` in the AppSpec file from the previous successful deployment. (All other scripts are run from the AppSpec file in the current deployment.) If one of these scripts contains an error and does not run successfully, the deployment can fail.\n\nIf the cause of the failure is a script from the last successful deployment that will never run successfully, create a new deployment and use `ignoreApplicationStopFailures` to specify that the `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` failures should be ignored.", - "title": "IgnoreApplicationStopFailures", - "type": "boolean" - }, - "Revision": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.RevisionLocation", - "markdownDescription": "Information about the location of stored application artifacts and the service from which to retrieve them.", - "title": "Revision" - } - }, - "required": [ - "Revision" - ], - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption": { - "additionalProperties": false, - "properties": { - "ActionOnTimeout": { - "markdownDescription": "Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n\n- CONTINUE_DEPLOYMENT: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n- STOP_DEPLOYMENT: Do not register new instances with a load balancer unless traffic rerouting is started using [ContinueDeployment](https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html) . If traffic rerouting is not started before the end of the specified wait period, the deployment status is changed to Stopped.", - "title": "ActionOnTimeout", - "type": "string" - }, - "WaitTimeInMinutes": { - "markdownDescription": "The number of minutes to wait before the status of a blue/green deployment is changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout` .", - "title": "WaitTimeInMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.DeploymentStyle": { - "additionalProperties": false, - "properties": { - "DeploymentOption": { - "markdownDescription": "Indicates whether to route deployment traffic behind a load balancer.\n\n> An Amazon EC2 Application Load Balancer or Network Load Balancer is required for an Amazon ECS deployment.", - "title": "DeploymentOption", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Indicates whether to run an in-place or blue/green deployment.", - "title": "DeploymentType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagFilter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The tag filter key.", - "title": "Key", - "type": "string" - }, - "Type": { - "markdownDescription": "The tag filter type:\n\n- `KEY_ONLY` : Key only.\n- `VALUE_ONLY` : Value only.\n- `KEY_AND_VALUE` : Key and value.", - "title": "Type", "type": "string" }, - "Value": { - "markdownDescription": "The tag filter value.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagSet": { - "additionalProperties": false, - "properties": { - "Ec2TagSetList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject" - }, - "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group.\n\nDuplicates are not allowed.", - "title": "Ec2TagSetList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject": { - "additionalProperties": false, - "properties": { - "Ec2TagGroup": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" - }, - "markdownDescription": "A list that contains other lists of Amazon EC2 instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.", - "title": "Ec2TagGroup", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.ECSService": { - "additionalProperties": false, - "properties": { - "ClusterName": { - "markdownDescription": "The name of the cluster that the Amazon ECS service is associated with.", - "title": "ClusterName", + "InvocationPoint": { "type": "string" }, - "ServiceName": { - "markdownDescription": "The name of the target Amazon ECS service.", - "title": "ServiceName", + "TargetName": { "type": "string" } }, "required": [ - "ClusterName", - "ServiceName" + "Action", + "InvocationPoint", + "TargetName" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.ELBInfo": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "For blue/green deployments, the name of the load balancer that is used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment is complete.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.GitHubLocation": { + "AWS::CloudFormation::LambdaHook.StackFilters": { "additionalProperties": false, "properties": { - "CommitId": { - "markdownDescription": "The SHA1 commit ID of the GitHub commit that represents the bundled artifacts for the application revision.", - "title": "CommitId", + "FilteringCriteria": { + "markdownDescription": "The filtering criteria.\n\n- All stack names and stack roles ( `All` ): The Hook will only be invoked when all specified filters match.\n- Any stack names and stack roles ( `Any` ): The Hook will be invoked if at least one of the specified filters match.", + "title": "FilteringCriteria", "type": "string" }, - "Repository": { - "markdownDescription": "The GitHub account and repository pair that stores a reference to the commit that represents the bundled artifacts for the application revision.\n\nSpecify the value as `account/repository` .", - "title": "Repository", - "type": "string" + "StackNames": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackNames", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations.", + "title": "StackNames" + }, + "StackRoles": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.StackRoles", + "markdownDescription": "Includes or excludes specific stacks from Hook invocations based on their associated IAM roles.", + "title": "StackRoles" } }, "required": [ - "CommitId", - "Repository" + "FilteringCriteria" ], "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The method used to add instances to a replacement environment.\n\n- `DISCOVER_EXISTING` : Use instances that already exist or will be created manually.\n- `COPY_AUTO_SCALING_GROUP` : Use settings from a specified Auto Scaling group to define and create instances in a new Auto Scaling group.", - "title": "Action", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo": { + "AWS::CloudFormation::LambdaHook.StackNames": { "additionalProperties": false, "properties": { - "ElbInfoList": { - "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ELBInfo" - }, - "markdownDescription": "An array that contains information about the load balancers to use for load balancing in a deployment. If you're using Classic Load Balancers, specify those load balancers in this array.\n\n> You can add up to 10 load balancers to the array. > If you're using Application Load Balancers or Network Load Balancers, use the `targetGroupInfoList` array instead of this one.", - "title": "ElbInfoList", - "type": "array" - }, - "TargetGroupInfoList": { + "Exclude": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" + "type": "string" }, - "markdownDescription": "An array that contains information about the target groups to use for load balancing in a deployment. If you're using Application Load Balancers and Network Load Balancers, specify their associated target groups in this array.\n\n> You can add up to 10 target groups to the array. > If you're using Classic Load Balancers, use the `elbInfoList` array instead of this one.", - "title": "TargetGroupInfoList", + "markdownDescription": "The stack names to exclude. All stacks except those listed here will invoke the Hook.", + "title": "Exclude", "type": "array" }, - "TargetGroupPairInfoList": { + "Include": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo" + "type": "string" }, - "markdownDescription": "The target group pair information. This is an array of `TargeGroupPairInfo` objects with a maximum size of one.", - "title": "TargetGroupPairInfoList", + "markdownDescription": "The stack names to include. Only the stacks specified in this list will invoke the Hook.", + "title": "Include", "type": "array" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet": { + "AWS::CloudFormation::LambdaHook.StackRoles": { "additionalProperties": false, "properties": { - "OnPremisesTagSetList": { + "Exclude": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject" + "type": "string" }, - "markdownDescription": "A list that contains other lists of on-premises instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.\n\nDuplicates are not allowed.", - "title": "OnPremisesTagSetList", + "markdownDescription": "The IAM role ARNs for stacks you want to exclude. The Hook will be invoked on all stacks except those initiated by the specified roles.", + "title": "Exclude", "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject": { - "additionalProperties": false, - "properties": { - "OnPremisesTagGroup": { + }, + "Include": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + "type": "string" }, - "markdownDescription": "Information about groups of on-premises instance tags.", - "title": "OnPremisesTagGroup", + "markdownDescription": "The IAM role ARNs to target stacks associated with these roles. Only stack operations initiated by these roles will invoke the Hook.", + "title": "Include", "type": "array" } }, "type": "object" }, - "AWS::CodeDeploy::DeploymentGroup.RevisionLocation": { - "additionalProperties": false, - "properties": { - "GitHubLocation": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GitHubLocation", - "markdownDescription": "Information about the location of application artifacts stored in GitHub.", - "title": "GitHubLocation" - }, - "RevisionType": { - "markdownDescription": "The type of application revision:\n\n- S3: An application revision stored in Amazon S3.\n- GitHub: An application revision stored in GitHub (EC2/On-premises deployments only).\n- String: A YAML-formatted or JSON-formatted string ( AWS Lambda deployments only).\n- AppSpecContent: An `AppSpecContent` object that contains the contents of an AppSpec file for an AWS Lambda or Amazon ECS deployment. The content is formatted as JSON or YAML stored as a RawString.", - "title": "RevisionType", - "type": "string" - }, - "S3Location": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.S3Location", - "markdownDescription": "Information about the location of a revision stored in Amazon S3.", - "title": "S3Location" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where the application revision is stored.", - "title": "Bucket", - "type": "string" - }, - "BundleType": { - "markdownDescription": "The file type of the application revision. Must be one of the following:\n\n- JSON\n- tar: A tar archive file.\n- tgz: A compressed tar archive file.\n- YAML\n- zip: A zip archive file.", - "title": "BundleType", - "type": "string" - }, - "ETag": { - "markdownDescription": "The ETag of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the ETag is not specified as an input parameter, ETag validation of the object is skipped.", - "title": "ETag", - "type": "string" - }, - "Key": { - "markdownDescription": "The name of the Amazon S3 object that represents the bundled artifacts for the application revision.", - "title": "Key", - "type": "string" - }, - "Version": { - "markdownDescription": "A specific version of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the version is not specified, the system uses the most recent version by default.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Bucket", - "Key" - ], - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.TagFilter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The on-premises instance tag filter key.", - "title": "Key", - "type": "string" - }, - "Type": { - "markdownDescription": "The on-premises instance tag filter type:\n\n- KEY_ONLY: Key only.\n- VALUE_ONLY: Value only.\n- KEY_AND_VALUE: Key and value.", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The on-premises instance tag filter value.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "For blue/green deployments, the name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. No duplicates allowed.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only. \n\nThis value cannot exceed 32 characters, so you should use the `Name` property of the target group, or the `TargetGroupName` attribute with the `Fn::GetAtt` intrinsic function, as shown in the following example. Don't use the group's Amazon Resource Name (ARN) or `TargetGroupFullName` attribute.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo": { + "AWS::CloudFormation::LambdaHook.TargetFilters": { "additionalProperties": false, "properties": { - "ProdTrafficRoute": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", - "markdownDescription": "The path used by a load balancer to route production traffic when an Amazon ECS deployment is complete.", - "title": "ProdTrafficRoute" - }, - "TargetGroups": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" + "type": "string" }, - "markdownDescription": "One pair of target groups. One is associated with the original task set. The second is associated with the task set that serves traffic after the deployment is complete.", - "title": "TargetGroups", "type": "array" }, - "TestTrafficRoute": { - "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", - "markdownDescription": "An optional path used by a load balancer to route test traffic after an Amazon ECS deployment. Validation can occur while test traffic is served during a deployment.", - "title": "TestTrafficRoute" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.TrafficRoute": { - "additionalProperties": false, - "properties": { - "ListenerArns": { + "InvocationPoints": { "items": { "type": "string" }, - "markdownDescription": "The Amazon Resource Name (ARN) of one listener. The listener identifies the route between a target group and a load balancer. This is an array of strings with a maximum size of one.", - "title": "ListenerArns", "type": "array" - } - }, - "type": "object" - }, - "AWS::CodeDeploy::DeploymentGroup.TriggerConfig": { - "additionalProperties": false, - "properties": { - "TriggerEvents": { + }, + "TargetNames": { "items": { "type": "string" }, - "markdownDescription": "The event type or types that trigger notifications.", - "title": "TriggerEvents", "type": "array" }, - "TriggerName": { - "markdownDescription": "The name of the notification trigger.", - "title": "TriggerName", - "type": "string" - }, - "TriggerTargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic through which notifications about deployment or instance events are sent.", - "title": "TriggerTargetArn", - "type": "string" + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook.HookTarget" + }, + "type": "array" } }, "type": "object" }, - "AWS::CodeGuruProfiler::ProfilingGroup": { + "AWS::CloudFormation::Macro": { "additionalProperties": false, "properties": { "Condition": { @@ -43413,46 +47401,41 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentPermissions": { - "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions", - "markdownDescription": "The agent permissions attached to this profiling group. This action group grants `ConfigureAgent` and `PostAgentProfile` permissions to perform actions required by the profiling agent. The Json consists of key `Principals` .\n\n*Principals* : A list of string ARNs for the roles and users you want to grant access to the profiling group. Wildcards are not supported in the ARNs. You are allowed to provide up to 50 ARNs. An empty list is not permitted. This is a required key.\n\nFor more information, see [Resource-based policies in CodeGuru Profiler](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/resource-based-policies.html) in the *Amazon CodeGuru Profiler user guide* , [ConfigureAgent](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html) , and [PostAgentProfile](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html) .", - "title": "AgentPermissions" + "Description": { + "markdownDescription": "A description of the macro.", + "title": "Description", + "type": "string" }, - "AnomalyDetectionNotificationConfiguration": { - "items": { - "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.Channel" - }, - "markdownDescription": "Adds anomaly notifications for a profiling group.", - "title": "AnomalyDetectionNotificationConfiguration", - "type": "array" + "FunctionName": { + "markdownDescription": "The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.", + "title": "FunctionName", + "type": "string" }, - "ComputePlatform": { - "markdownDescription": "The compute platform of the profiling group. Use `AWSLambda` if your application runs on AWS Lambda. Use `Default` if your application runs on a compute platform that is not AWS Lambda , such an Amazon EC2 instance, an on-premises server, or a different platform. If not specified, `Default` is used. This property is immutable.", - "title": "ComputePlatform", + "LogGroupName": { + "markdownDescription": "The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.\n\nThis will be an existing CloudWatch Logs LogGroup. Neither CloudFormation or Lambda will create the group.", + "title": "LogGroupName", "type": "string" }, - "ProfilingGroupName": { - "markdownDescription": "The name of the profiling group.", - "title": "ProfilingGroupName", + "LogRoleARN": { + "markdownDescription": "The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .", + "title": "LogRoleARN", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to add to the created profiling group.", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "The name of the macro. The name of the macro must be unique across all macros in the account.", + "title": "Name", + "type": "string" } }, "required": [ - "ProfilingGroupName" + "FunctionName", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeGuruProfiler::ProfilingGroup" + "AWS::CloudFormation::Macro" ], "type": "string" }, @@ -43471,43 +47454,7 @@ ], "type": "object" }, - "AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions": { - "additionalProperties": false, - "properties": { - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Principals", - "type": "array" - } - }, - "required": [ - "Principals" - ], - "type": "object" - }, - "AWS::CodeGuruProfiler::ProfilingGroup.Channel": { - "additionalProperties": false, - "properties": { - "channelId": { - "markdownDescription": "The channel ID.", - "title": "channelId", - "type": "string" - }, - "channelUri": { - "markdownDescription": "The channel URI.", - "title": "channelUri", - "type": "string" - } - }, - "required": [ - "channelUri" - ], - "type": "object" - }, - "AWS::CodeGuruReviewer::RepositoryAssociation": { + "AWS::CloudFormation::ModuleDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -43542,49 +47489,27 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the bucket. This is required for your S3Bucket repository. The name must start with the prefix `codeguru-reviewer-*` .", - "title": "BucketName", - "type": "string" - }, - "ConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. Its format is `arn:aws:codestar-connections:region-id:aws-account_id:connection/connection-id` . For more information, see [Connection](https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_Connection.html) in the *AWS CodeStar Connections API Reference* .\n\n`ConnectionArn` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", - "title": "ConnectionArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the repository.", - "title": "Name", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the module version to set as the default version.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "Arn", "type": "string" }, - "Owner": { - "markdownDescription": "The owner of the repository. For a GitHub Enterprise Server or Bitbucket repository, this is the username for the account that owns the repository.\n\n`Owner` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", - "title": "Owner", + "ModuleName": { + "markdownDescription": "The name of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "ModuleName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs used to tag an associated repository. A tag is a custom attribute label with two parts:\n\n- A *tag key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag keys are case sensitive.\n- An optional field known as a *tag value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag value is the same as using an empty string. Like tag keys, tag values are case sensitive.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of repository that contains the source code to be reviewed. The valid values are:\n\n- `CodeCommit`\n- `Bitbucket`\n- `GitHubEnterpriseServer`\n- `S3Bucket`", - "title": "Type", + "VersionId": { + "markdownDescription": "The ID for the specific version of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", + "title": "VersionId", "type": "string" } }, - "required": [ - "Name", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeGuruReviewer::RepositoryAssociation" + "AWS::CloudFormation::ModuleDefaultVersion" ], "type": "string" }, @@ -43598,12 +47523,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::CodePipeline::CustomActionType": { + "AWS::CloudFormation::ModuleVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -43638,65 +47562,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Category": { - "markdownDescription": "The category of the custom action, such as a build action or a test action.", - "title": "Category", - "type": "string" - }, - "ConfigurationProperties": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ConfigurationProperties" - }, - "markdownDescription": "The configuration properties for the custom action.\n\n> You can refer to a name in the configuration properties of the custom action within the URL templates by following the format of {Config:name}, as long as the configuration property is both required and not secret. For more information, see [Create a Custom Action for a Pipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-create-custom-action.html) .", - "title": "ConfigurationProperties", - "type": "array" - }, - "InputArtifactDetails": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", - "markdownDescription": "The details of the input artifact for the action, such as its commit ID.", - "title": "InputArtifactDetails" - }, - "OutputArtifactDetails": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", - "markdownDescription": "The details of the output artifact of the action, such as its commit ID.", - "title": "OutputArtifactDetails" - }, - "Provider": { - "markdownDescription": "The provider of the service used in the custom action, such as CodeDeploy.", - "title": "Provider", + "ModuleName": { + "markdownDescription": "The name of the module being registered.", + "title": "ModuleName", "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.Settings", - "markdownDescription": "URLs that provide users information about this custom action.", - "title": "Settings" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the custom action.", - "title": "Tags", - "type": "array" - }, - "Version": { - "markdownDescription": "The version identifier of the custom action.", - "title": "Version", + "ModulePackage": { + "markdownDescription": "A URL to the S3 bucket for the package that contains the template fragment and schema files for the module version to register.\n\nFor more information, see [Module structure and requirements](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the module version, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "ModulePackage", "type": "string" } }, "required": [ - "Category", - "InputArtifactDetails", - "OutputArtifactDetails", - "Provider", - "Version" + "ModuleName", + "ModulePackage" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodePipeline::CustomActionType" + "AWS::CloudFormation::ModuleVersion" ], "type": "string" }, @@ -43715,100 +47600,7 @@ ], "type": "object" }, - "AWS::CodePipeline::CustomActionType.ArtifactDetails": { - "additionalProperties": false, - "properties": { - "MaximumCount": { - "markdownDescription": "The maximum number of artifacts allowed for the action type.", - "title": "MaximumCount", - "type": "number" - }, - "MinimumCount": { - "markdownDescription": "The minimum number of artifacts allowed for the action type.", - "title": "MinimumCount", - "type": "number" - } - }, - "required": [ - "MaximumCount", - "MinimumCount" - ], - "type": "object" - }, - "AWS::CodePipeline::CustomActionType.ConfigurationProperties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the action configuration property that is displayed to users.", - "title": "Description", - "type": "string" - }, - "Key": { - "markdownDescription": "Whether the configuration property is a key.", - "title": "Key", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the action configuration property.", - "title": "Name", - "type": "string" - }, - "Queryable": { - "markdownDescription": "Indicates that the property is used with `PollForJobs` . When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.\n\nIf you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens.", - "title": "Queryable", - "type": "boolean" - }, - "Required": { - "markdownDescription": "Whether the configuration property is a required value.", - "title": "Required", - "type": "boolean" - }, - "Secret": { - "markdownDescription": "Whether the configuration property is secret. Secrets are hidden from all calls except for `GetJobDetails` , `GetThirdPartyJobDetails` , `PollForJobs` , and `PollForThirdPartyJobs` .\n\nWhen updating a pipeline, passing * * * * * without changing any other values of the action preserves the previous value of the secret.", - "title": "Secret", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of the configuration property.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Key", - "Name", - "Required", - "Secret" - ], - "type": "object" - }, - "AWS::CodePipeline::CustomActionType.Settings": { - "additionalProperties": false, - "properties": { - "EntityUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for a CodeDeploy deployment group. This link is provided as part of the action display in the pipeline.", - "title": "EntityUrlTemplate", - "type": "string" - }, - "ExecutionUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for CodeDeploy. This link is shown on the pipeline view page in the CodePipeline console and provides a link to the execution entity of the external action.", - "title": "ExecutionUrlTemplate", - "type": "string" - }, - "RevisionUrlTemplate": { - "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action.", - "title": "RevisionUrlTemplate", - "type": "string" - }, - "ThirdPartyConfigurationUrl": { - "markdownDescription": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service.", - "title": "ThirdPartyConfigurationUrl", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline": { + "AWS::CloudFormation::PublicTypeVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -43843,94 +47635,37 @@ "Properties": { "additionalProperties": false, "properties": { - "ArtifactStore": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", - "markdownDescription": "The S3 bucket where artifacts for the pipeline are stored.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStore" - }, - "ArtifactStores": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStoreMap" - }, - "markdownDescription": "A mapping of `artifactStore` objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStores", - "type": "array" - }, - "DisableInboundStageTransitions": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageTransition" - }, - "markdownDescription": "Represents the input of a `DisableStageTransition` action.", - "title": "DisableInboundStageTransitions", - "type": "array" - }, - "ExecutionMode": { - "markdownDescription": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED.", - "title": "ExecutionMode", + "Arn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the extension.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "Arn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the pipeline.", - "title": "Name", + "LogDeliveryBucket": { + "markdownDescription": "The S3 bucket to which CloudFormation delivers the contract test execution logs.\n\nCloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of `PASSED` or `FAILED` .\n\nThe user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions:\n\n- s3:GetObject\n- s3:PutObject", + "title": "LogDeliveryBucket", "type": "string" }, - "PipelineType": { - "markdownDescription": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications.\n\n- V1 type pipelines have a JSON structure that contains standard pipeline, stage, and action-level parameters.\n- V2 type pipelines have the same structure as a V1 type, along with additional parameters for release safety and trigger configuration.\n\n> Including V2 parameters, such as triggers on Git tags, in the pipeline JSON when creating or updating a pipeline will result in the pipeline having the V2 type of pipeline and the associated costs. \n\nFor information about pricing for CodePipeline, see [Pricing](https://docs.aws.amazon.com/codepipeline/pricing/) .\n\nFor information about which type of pipeline to choose, see [What type of pipeline is right for me?](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html) .", - "title": "PipelineType", + "PublicVersionNumber": { + "markdownDescription": "The version number to assign to this version of the extension.\n\nUse the following format, and adhere to semantic versioning when assigning a version number to your extension:\n\n`MAJOR.MINOR.PATCH`\n\nFor more information, see [Semantic Versioning 2.0.0](https://docs.aws.amazon.com/https://semver.org/) .\n\nIf you don't specify a version number, CloudFormation increments the version number by one minor version release.\n\nYou cannot specify a version number the first time you publish a type. CloudFormation automatically sets the first version number to be `1.0.0` .", + "title": "PublicVersionNumber", "type": "string" }, - "RestartExecutionOnUpdate": { - "markdownDescription": "Indicates whether to rerun the CodePipeline pipeline after you update it.", - "title": "RestartExecutionOnUpdate", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no `actionRoleArn` , or to use to assume roles for actions with an `actionRoleArn` .", - "title": "RoleArn", + "Type": { + "markdownDescription": "The type of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "Type", "type": "string" }, - "Stages": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageDeclaration" - }, - "markdownDescription": "Represents information about a stage and its definition.", - "title": "Stages", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies the tags applied to the pipeline.", - "title": "Tags", - "type": "array" - }, - "Triggers": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration" - }, - "markdownDescription": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline.\n\n> When a trigger configuration is specified, default change detection for repository and branch commits is disabled.", - "title": "Triggers", - "type": "array" - }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.VariableDeclaration" - }, - "markdownDescription": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match `[A-Za-z0-9@\\-_]+` .", - "title": "Variables", - "type": "array" + "TypeName": { + "markdownDescription": "The name of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", + "title": "TypeName", + "type": "string" } }, - "required": [ - "RoleArn", - "Stages" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CodePipeline::Pipeline" + "AWS::CloudFormation::PublicTypeVersion" ], "type": "string" }, @@ -43944,458 +47679,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.ActionDeclaration": { - "additionalProperties": false, - "properties": { - "ActionTypeId": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionTypeId", - "markdownDescription": "Specifies the action type and the provider of the action.", - "title": "ActionTypeId" - }, - "Configuration": { - "markdownDescription": "The action's configuration. These are key-value pairs that specify input values for an action. For more information, see [Action Structure Requirements in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) . For the list of configuration properties for the AWS CloudFormation action type in CodePipeline, see [Configuration Properties Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-action-reference.html) in the *AWS CloudFormation User Guide* . For template snippets with examples, see [Using Parameter Override Functions with CodePipeline Pipelines](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-parameter-override-functions.html) in the *AWS CloudFormation User Guide* .\n\nThe values can be represented in either JSON or YAML format. For example, the JSON configuration item format is as follows:\n\n*JSON:*\n\n`\"Configuration\" : { Key : Value },`", - "title": "Configuration", - "type": "object" - }, - "InputArtifacts": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" - }, - "markdownDescription": "The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .\n\n> For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* .", - "title": "InputArtifacts", - "type": "array" - }, - "Name": { - "markdownDescription": "The action declaration's name.", - "title": "Name", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The variable namespace associated with the action. All variables produced as output by this action fall under this namespace.", - "title": "Namespace", - "type": "string" - }, - "OutputArtifacts": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.OutputArtifact" - }, - "markdownDescription": "The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .", - "title": "OutputArtifacts", - "type": "array" - }, - "Region": { - "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", - "title": "Region", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline.", - "title": "RoleArn", - "type": "string" - }, - "RunOrder": { - "markdownDescription": "The order in which actions are run.", - "title": "RunOrder", - "type": "number" - }, - "TimeoutInMinutes": { - "markdownDescription": "A timeout duration in minutes that can be applied against the ActionType\u2019s default timeout value specified in [Quotas for AWS CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/limits.html) . This attribute is available only to the manual approval ActionType.", - "title": "TimeoutInMinutes", - "type": "number" - } - }, - "required": [ - "ActionTypeId", - "Name" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.ActionTypeId": { - "additionalProperties": false, - "properties": { - "Category": { - "markdownDescription": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below.\n\n- `Source`\n- `Build`\n- `Test`\n- `Deploy`\n- `Invoke`\n- `Approval`\n- `Compute`", - "title": "Category", - "type": "string" - }, - "Owner": { - "markdownDescription": "The creator of the action being called. There are three valid values for the `Owner` field in the action category section within your pipeline structure: `AWS` , `ThirdParty` , and `Custom` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", - "title": "Owner", - "type": "string" - }, - "Provider": { - "markdownDescription": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as `CodeDeploy` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", - "title": "Provider", - "type": "string" - }, - "Version": { - "markdownDescription": "A string that describes the action version.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Category", - "Owner", - "Provider", - "Version" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.ArtifactStore": { - "additionalProperties": false, - "properties": { - "EncryptionKey": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EncryptionKey", - "markdownDescription": "The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) .", - "title": "EncryptionKey" - }, - "Location": { - "markdownDescription": "The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts.", - "title": "Location", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the artifact store, such as S3.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Location", - "Type" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.ArtifactStoreMap": { - "additionalProperties": false, - "properties": { - "ArtifactStore": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", - "markdownDescription": "Represents information about the S3 bucket where artifacts are stored for the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", - "title": "ArtifactStore" - }, - "Region": { - "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", - "title": "Region", - "type": "string" - } - }, - "required": [ - "ArtifactStore", - "Region" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.BlockerDeclaration": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Reserved for future use.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "Reserved for future use.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Name", - "Type" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.EncryptionKey": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN.\n\n> Aliases are recognized only in the account that created the AWS KMS key. For cross-account actions, you can only use the key ID or key ARN to identify the key. Cross-account actions involve using the role from the other account (AccountB), so specifying the key ID will use the key from the other account (AccountB).", - "title": "Id", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Id", "Type" ], "type": "object" }, - "AWS::CodePipeline::Pipeline.GitBranchFilterCriteria": { - "additionalProperties": false, - "properties": { - "Excludes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", - "type": "array" - }, - "Includes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.GitConfiguration": { - "additionalProperties": false, - "properties": { - "PullRequest": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPullRequestFilter" - }, - "markdownDescription": "The field where the repository event that will start the pipeline is specified as pull requests.", - "title": "PullRequest", - "type": "array" - }, - "Push": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPushFilter" - }, - "markdownDescription": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details.", - "title": "Push", - "type": "array" - }, - "SourceActionName": { - "markdownDescription": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only.\n\n> You can only specify one trigger configuration per source action.", - "title": "SourceActionName", - "type": "string" - } - }, - "required": [ - "SourceActionName" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria": { - "additionalProperties": false, - "properties": { - "Excludes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", - "type": "array" - }, - "Includes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.GitPullRequestFilter": { - "additionalProperties": false, - "properties": { - "Branches": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", - "markdownDescription": "The field that specifies to filter on branches for the pull request trigger configuration.", - "title": "Branches" - }, - "Events": { - "items": { - "type": "string" - }, - "markdownDescription": "The field that specifies which pull request events to filter on (OPEN, UPDATED, CLOSED) for the trigger configuration.", - "title": "Events", - "type": "array" - }, - "FilePaths": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", - "markdownDescription": "The field that specifies to filter on file paths for the pull request trigger configuration.", - "title": "FilePaths" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.GitPushFilter": { - "additionalProperties": false, - "properties": { - "Branches": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", - "markdownDescription": "The field that specifies to filter on branches for the push trigger configuration.", - "title": "Branches" - }, - "FilePaths": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", - "markdownDescription": "The field that specifies to filter on file paths for the push trigger configuration.", - "title": "FilePaths" - }, - "Tags": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitTagFilterCriteria", - "markdownDescription": "The field that contains the details for the Git tags trigger configuration.", - "title": "Tags" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.GitTagFilterCriteria": { - "additionalProperties": false, - "properties": { - "Excludes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline.", - "title": "Excludes", - "type": "array" - }, - "Includes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline.", - "title": "Includes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Pipeline.InputArtifact": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the artifact to be worked on (for example, \"My App\").\n\nArtifacts are the files that are worked on by actions in the pipeline. See the action configuration for each action for details about artifact parameters. For example, the S3 source action input artifact is a file name (or file path), and the files are generally provided as a ZIP file. Example artifact name: SampleApp_Windows.zip\n\nThe input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.OutputArtifact": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the output of an artifact, such as \"My App\".\n\nThe output artifact name must exactly match the input artifact declared for a downstream action. However, the downstream action's input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.\n\nOutput artifact names must be unique within a pipeline.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration": { - "additionalProperties": false, - "properties": { - "GitConfiguration": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitConfiguration", - "markdownDescription": "Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags.", - "title": "GitConfiguration" - }, - "ProviderType": { - "markdownDescription": "The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration.", - "title": "ProviderType", - "type": "string" - } - }, - "required": [ - "ProviderType" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.StageDeclaration": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionDeclaration" - }, - "markdownDescription": "The actions included in a stage.", - "title": "Actions", - "type": "array" - }, - "Blockers": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BlockerDeclaration" - }, - "markdownDescription": "Reserved for future use.", - "title": "Blockers", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the stage.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Actions", - "Name" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.StageTransition": { - "additionalProperties": false, - "properties": { - "Reason": { - "markdownDescription": "The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI.", - "title": "Reason", - "type": "string" - }, - "StageName": { - "markdownDescription": "The name of the stage where you want to disable the inbound or outbound transition of artifacts.", - "title": "StageName", - "type": "string" - } - }, - "required": [ - "Reason", - "StageName" - ], - "type": "object" - }, - "AWS::CodePipeline::Pipeline.VariableDeclaration": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The value of a pipeline-level variable.", - "title": "DefaultValue", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a pipeline-level variable.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::CodePipeline::Webhook": { + "AWS::CloudFormation::Publisher": { "additionalProperties": false, "properties": { "Condition": { @@ -44430,63 +47718,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Authentication": { - "markdownDescription": "Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response. \n\n- For information about the authentication scheme implemented by GITHUB_HMAC, see [Securing your webhooks](https://docs.aws.amazon.com/https://developer.github.com/webhooks/securing/) on the GitHub Developer website.\n- IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.\n- UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.", - "title": "Authentication", - "type": "string" - }, - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookAuthConfiguration", - "markdownDescription": "Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the `SecretToken` property must be set. For IP, only the `AllowedIPRange` property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.", - "title": "AuthenticationConfiguration" - }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookFilterRule" - }, - "markdownDescription": "A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.", - "title": "Filters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the webhook.", - "title": "Name", - "type": "string" - }, - "RegisterWithThirdParty": { - "markdownDescription": "Configures a connection between the webhook that was created and the external tool with events to be detected.", - "title": "RegisterWithThirdParty", + "AcceptTermsAndConditions": { + "markdownDescription": "Whether you accept the [Terms and Conditions](https://docs.aws.amazon.com/https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf) for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to register to publish public extensions to the CloudFormation registry.\n\nThe default is `false` .", + "title": "AcceptTermsAndConditions", "type": "boolean" }, - "TargetAction": { - "markdownDescription": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.", - "title": "TargetAction", - "type": "string" - }, - "TargetPipeline": { - "markdownDescription": "The name of the pipeline you want to connect to the webhook.", - "title": "TargetPipeline", + "ConnectionArn": { + "markdownDescription": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.\n\nFor more information, see [Prerequisite: Registering your account to publish CloudFormation extensions](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .", + "title": "ConnectionArn", "type": "string" - }, - "TargetPipelineVersion": { - "markdownDescription": "The version number of the pipeline to be connected to the trigger request.\n\nRequired: Yes\n\nType: Integer\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", - "title": "TargetPipelineVersion", - "type": "number" } }, "required": [ - "Authentication", - "AuthenticationConfiguration", - "Filters", - "TargetAction", - "TargetPipeline", - "TargetPipelineVersion" + "AcceptTermsAndConditions" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodePipeline::Webhook" + "AWS::CloudFormation::Publisher" ], "type": "string" }, @@ -44505,42 +47755,7 @@ ], "type": "object" }, - "AWS::CodePipeline::Webhook.WebhookAuthConfiguration": { - "additionalProperties": false, - "properties": { - "AllowedIPRange": { - "markdownDescription": "The property used to configure acceptance of webhooks in an IP address range. For IP, only the `AllowedIPRange` property must be set. This property must be set to a valid CIDR range.", - "title": "AllowedIPRange", - "type": "string" - }, - "SecretToken": { - "markdownDescription": "The property used to configure GitHub authentication. For GITHUB_HMAC, only the `SecretToken` property must be set.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response.", - "title": "SecretToken", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CodePipeline::Webhook.WebhookFilterRule": { - "additionalProperties": false, - "properties": { - "JsonPath": { - "markdownDescription": "A JsonPath expression that is applied to the body/payload of the webhook. The value selected by the JsonPath expression must match the value specified in the `MatchEquals` field. Otherwise, the request is ignored. For more information, see [Java JsonPath implementation](https://docs.aws.amazon.com/https://github.com/json-path/JsonPath) in GitHub.", - "title": "JsonPath", - "type": "string" - }, - "MatchEquals": { - "markdownDescription": "The value selected by the `JsonPath` expression must match what is supplied in the `MatchEquals` field. Otherwise, the request is ignored. Properties from the target action configuration can be included as placeholders in this value by surrounding the action configuration key with curly brackets. For example, if the value supplied here is \"refs/heads/{Branch}\" and the target action has an action configuration property called \"Branch\" with a value of \"main\", the `MatchEquals` value is evaluated as \"refs/heads/main\". For a list of action configuration properties for built-in action types, see [Pipeline Structure Reference Action Requirements](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) .", - "title": "MatchEquals", - "type": "string" - } - }, - "required": [ - "JsonPath" - ], - "type": "object" - }, - "AWS::CodeStar::GitHubRepository": { + "AWS::CloudFormation::ResourceDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -44575,56 +47790,27 @@ "Properties": { "additionalProperties": false, "properties": { - "Code": { - "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.Code", - "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack.", - "title": "Code" - }, - "ConnectionArn": { - "markdownDescription": "", - "title": "ConnectionArn", - "type": "string" - }, - "EnableIssues": { - "markdownDescription": "Indicates whether to enable issues for the GitHub repository. You can use GitHub issues to track information and bugs for your repository.", - "title": "EnableIssues", - "type": "boolean" - }, - "IsPrivate": { - "markdownDescription": "Indicates whether the GitHub repository is a private repository. If so, you choose who can see and commit to this repository.", - "title": "IsPrivate", - "type": "boolean" - }, - "RepositoryAccessToken": { - "markdownDescription": "The GitHub user's personal access token for the GitHub repository.", - "title": "RepositoryAccessToken", - "type": "string" - }, - "RepositoryDescription": { - "markdownDescription": "A comment or description about the new repository. This description is displayed in GitHub after the repository is created.", - "title": "RepositoryDescription", + "TypeName": { + "markdownDescription": "The name of the resource.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeName", "type": "string" }, - "RepositoryName": { - "markdownDescription": "The name of the repository you want to create in GitHub with AWS CloudFormation stack creation.", - "title": "RepositoryName", + "TypeVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource version.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "TypeVersionArn", "type": "string" }, - "RepositoryOwner": { - "markdownDescription": "The GitHub user name for the owner of the GitHub repository to be created. If this repository should be owned by a GitHub organization, provide its name.", - "title": "RepositoryOwner", + "VersionId": { + "markdownDescription": "The ID of a specific version of the resource. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the resource version when it's registered.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", + "title": "VersionId", "type": "string" } }, - "required": [ - "RepositoryName", - "RepositoryOwner" - ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStar::GitHubRepository" + "AWS::CloudFormation::ResourceDefaultVersion" ], "type": "string" }, @@ -44638,51 +47824,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::CodeStar::GitHubRepository.Code": { - "additionalProperties": false, - "properties": { - "S3": { - "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.S3", - "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository.", - "title": "S3" - } - }, - "required": [ - "S3" - ], - "type": "object" - }, - "AWS::CodeStar::GitHubRepository.S3": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content to be committed to the new repository.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The S3 object key or file name for the ZIP file.", - "title": "Key", - "type": "string" - }, - "ObjectVersion": { - "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket.", - "title": "ObjectVersion", - "type": "string" - } - }, - "required": [ - "Bucket", - "Key" + "Type" ], "type": "object" }, - "AWS::CodeStarConnections::Connection": { + "AWS::CloudFormation::ResourceVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -44717,38 +47863,36 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", - "title": "ConnectionName", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.", + "title": "ExecutionRoleArn", "type": "string" }, - "HostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", - "title": "HostArn", - "type": "string" + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::ResourceVersion.LoggingConfig", + "markdownDescription": "Logging configuration information for a resource.", + "title": "LoggingConfig" }, - "ProviderType": { - "markdownDescription": "The name of the external provider where your third-party code repository is configured.", - "title": "ProviderType", + "SchemaHandlerPackage": { + "markdownDescription": "A URL to the S3 bucket for the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package, see [Modeling resource types to use with AWS CloudFormation](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html) in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .\n\n> To register the resource version, you must have `s3:GetObject` permissions to access the S3 objects.", + "title": "SchemaHandlerPackage", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies the tags applied to the resource.", - "title": "Tags", - "type": "array" + "TypeName": { + "markdownDescription": "The name of the resource being registered.\n\nWe recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* .\n\n> The following organization namespaces are reserved and can't be used in your resource names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `AWS`\n> - `Custom`\n> - `Dev`", + "title": "TypeName", + "type": "string" } }, "required": [ - "ConnectionName" + "SchemaHandlerPackage", + "TypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::Connection" + "AWS::CloudFormation::ResourceVersion" ], "type": "string" }, @@ -44767,7 +47911,23 @@ ], "type": "object" }, - "AWS::CodeStarConnections::RepositoryLink": { + "AWS::CloudFormation::ResourceVersion.LoggingConfig": { + "additionalProperties": false, + "properties": { + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch logs group to which CloudFormation sends error logging information when invoking the type's handlers.", + "title": "LogGroupName", + "type": "string" + }, + "LogRoleArn": { + "markdownDescription": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs.", + "title": "LogRoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFormation::Stack": { "additionalProperties": false, "properties": { "Condition": { @@ -44802,45 +47962,52 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connection associated with the repository link.", - "title": "ConnectionArn", - "type": "string" - }, - "EncryptionKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the encryption key for the repository associated with the repository link.", - "title": "EncryptionKeyArn", - "type": "string" - }, - "OwnerId": { - "markdownDescription": "The owner ID for the repository associated with the repository link, such as the owner ID in GitHub.", - "title": "OwnerId", - "type": "string" + "NotificationARNs": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).", + "title": "NotificationARNs", + "type": "array" }, - "RepositoryName": { - "markdownDescription": "The name of the repository associated with the repository link.", - "title": "RepositoryName", - "type": "string" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n> If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nRequired if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the repository to be associated with the repository link.", + "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.", "title": "Tags", "type": "array" + }, + "TemplateURL": { + "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with `https://` .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", + "title": "TemplateURL", + "type": "string" + }, + "TimeoutInMinutes": { + "markdownDescription": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported.", + "title": "TimeoutInMinutes", + "type": "number" } }, "required": [ - "ConnectionArn", - "OwnerId", - "RepositoryName" + "TemplateURL" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarConnections::RepositoryLink" + "AWS::CloudFormation::Stack" ], "type": "string" }, @@ -44859,7 +48026,7 @@ ], "type": "object" }, - "AWS::CodeStarConnections::SyncConfiguration": { + "AWS::CloudFormation::StackSet": { "additionalProperties": false, "properties": { "Condition": { @@ -44894,188 +48061,103 @@ "Properties": { "additionalProperties": false, "properties": { - "Branch": { - "markdownDescription": "The branch associated with a specific sync configuration.", - "title": "Branch", + "AdministrationRoleARN": { + "markdownDescription": "The Amazon Resource Number (ARN) of the IAM role to use to create this StackSet. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific StackSets within the same administrator account. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n\nValid only if the permissions model is `SELF_MANAGED` .", + "title": "AdministrationRoleARN", "type": "string" }, - "ConfigFile": { - "markdownDescription": "The file path to the configuration file associated with a specific sync configuration. The path should point to an actual file in the sync configurations linked repository.", - "title": "ConfigFile", - "type": "string" + "AutoDeployment": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.AutoDeployment", + "markdownDescription": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU). For more information, see [Enable or disable automatic deployments for StackSets in AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-manage-auto-deployment.html) in the *AWS CloudFormation User Guide* .\n\nRequired if the permissions model is `SERVICE_MANAGED` . (Not used with self-managed permissions.)", + "title": "AutoDeployment" }, - "PublishDeploymentStatus": { - "markdownDescription": "Whether to enable or disable publishing of deployment status to source providers.", - "title": "PublishDeploymentStatus", + "CallAs": { + "markdownDescription": "Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for StackSets with self-managed permissions.\n\n- To create a StackSet with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a StackSet with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStackSets with service-managed permissions are created in the management account, including StackSets that are created by delegated administrators.\n\nValid only if the permissions model is `SERVICE_MANAGED` .", + "title": "CallAs", "type": "string" }, - "RepositoryLinkId": { - "markdownDescription": "The ID of the repository link associated with a specific sync configuration.", - "title": "RepositoryLinkId", - "type": "string" + "Capabilities": { + "items": { + "type": "string" + }, + "markdownDescription": "The capabilities that are allowed in the StackSet. Some StackSet templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new IAM users. For more information, see [Acknowledging IAM resources in CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities) in the *AWS CloudFormation User Guide* .", + "title": "Capabilities", + "type": "array" }, - "ResourceName": { - "markdownDescription": "The name of the connection resource associated with a specific sync configuration.", - "title": "ResourceName", + "Description": { + "markdownDescription": "A description of the StackSet.", + "title": "Description", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role associated with a specific sync configuration.", - "title": "RoleArn", + "ExecutionRoleName": { + "markdownDescription": "The name of the IAM execution role to use to create the StackSet. If you don't specify an execution role, CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the StackSet operation.\n\nValid only if the permissions model is `SELF_MANAGED` .\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", + "title": "ExecutionRoleName", "type": "string" }, - "SyncType": { - "markdownDescription": "The type of sync for a specific sync configuration.", - "title": "SyncType", - "type": "string" + "ManagedExecution": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.ManagedExecution", + "markdownDescription": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", + "title": "ManagedExecution" }, - "TriggerResourceUpdateOn": { - "markdownDescription": "When to trigger Git sync to begin the stack update.", - "title": "TriggerResourceUpdateOn", - "type": "string" - } - }, - "required": [ - "Branch", - "ConfigFile", - "RepositoryLinkId", - "ResourceName", - "RoleArn", - "SyncType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::CodeStarConnections::SyncConfiguration" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::CodeStarNotifications::NotificationRule": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "OperationPreferences": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.OperationPreferences", + "markdownDescription": "The user-specified preferences for how CloudFormation performs a StackSet operation.", + "title": "OperationPreferences" }, - { + "Parameters": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" }, + "markdownDescription": "The input parameters for the StackSet template.", + "title": "Parameters", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreatedBy": { - "markdownDescription": "The name or email alias of the person who created the notification rule.", - "title": "CreatedBy", - "type": "string" - }, - "DetailType": { - "markdownDescription": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created.", - "title": "DetailType", - "type": "string" }, - "EventTypeId": { - "markdownDescription": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", - "title": "EventTypeId", + "PermissionModel": { + "markdownDescription": "Describes how the IAM roles required for StackSet operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant self-managed permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) in the *AWS CloudFormation User Guide* .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see [Activate trusted access for StackSets with AWS Organizations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html) in the *AWS CloudFormation User Guide* .", + "title": "PermissionModel", "type": "string" }, - "EventTypeIds": { + "StackInstancesGroup": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudFormation::StackSet.StackInstances" }, - "markdownDescription": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", - "title": "EventTypeIds", + "markdownDescription": "A group of stack instances with parameters in some specific accounts and Regions.", + "title": "StackInstancesGroup", "type": "array" }, - "Name": { - "markdownDescription": "The name for the notification rule. Notification rule names must be unique in your AWS account .", - "title": "Name", - "type": "string" - }, - "Resource": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild .", - "title": "Resource", - "type": "string" - }, - "Status": { - "markdownDescription": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule.", - "title": "Status", + "StackSetName": { + "markdownDescription": "The name to associate with the StackSet. The name must be unique in the Region where you create your StackSet.", + "title": "StackSetName", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \".", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.\n\nIf you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.", "title": "Tags", - "type": "object" + "type": "array" }, - "TargetAddress": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic or client.", - "title": "TargetAddress", + "TemplateBody": { + "markdownDescription": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates that contain dynamic references through `TemplateUrl` instead.", + "title": "TemplateBody", "type": "string" }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::CodeStarNotifications::NotificationRule.Target" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and clients to associate with the notification rule.", - "title": "Targets", - "type": "array" + "TemplateURL": { + "markdownDescription": "The URL of a file that contains the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with `https://` .\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` .", + "title": "TemplateURL", + "type": "string" } }, "required": [ - "DetailType", - "EventTypeIds", - "Name", - "Resource", - "Targets" + "PermissionModel", + "StackSetName" ], "type": "object" }, "Type": { "enum": [ - "AWS::CodeStarNotifications::NotificationRule" + "AWS::CloudFormation::StackSet" ], "type": "string" }, @@ -45094,30 +48176,164 @@ ], "type": "object" }, - "AWS::CodeStarNotifications::NotificationRule.Target": { + "AWS::CloudFormation::StackSet.AutoDeployment": { "additionalProperties": false, "properties": { - "TargetAddress": { - "markdownDescription": "The Amazon Resource Name (ARN) of the topic or client.", - "title": "TargetAddress", - "type": "string" + "Enabled": { + "markdownDescription": "If set to `true` , StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.", + "title": "Enabled", + "type": "boolean" }, - "TargetType": { - "markdownDescription": "The target type. Can be an Amazon Simple Notification Service topic or client.\n\n- Amazon Simple Notification Service topics are specified as `SNS` .\n- clients are specified as `AWSChatbotSlack` .\n- clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .", - "title": "TargetType", - "type": "string" + "RetainStacksOnAccountRemoval": { + "markdownDescription": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` .", + "title": "RetainStacksOnAccountRemoval", + "type": "boolean" } }, - "required": [ - "TargetAddress", - "TargetType" - ], "type": "object" }, - "AWS::Cognito::IdentityPool": { + "AWS::CloudFormation::StackSet.DeploymentTargets": { "additionalProperties": false, "properties": { - "Condition": { + "AccountFilterType": { + "markdownDescription": "Refines which accounts to deploy stacks to by specifying how to use the `Accounts` and `OrganizationalUnitIds` properties together.\n\nThe following values determine how CloudFormation selects target accounts:\n\n- `INTERSECTION` : StackSet deploys to the accounts specified in the `Accounts` property.\n- `DIFFERENCE` : StackSet deploys to the OU, excluding the accounts specified in the `Accounts` property.\n- `UNION` : StackSet deploys to the OU, and the accounts specified in the `Accounts` property. `UNION` is not supported for create operations when using StackSet as a resource or the `CreateStackInstances` API.", + "title": "AccountFilterType", + "type": "string" + }, + "Accounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the `AccountsUrl` property instead.\n\n*Pattern* : `^[0-9]{12}$`", + "title": "Accounts", + "type": "array" + }, + "AccountsUrl": { + "markdownDescription": "The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either `.csv` or `.txt` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).\n\nThis property serves the same purpose as `Accounts` but allows you to specify a large number of accounts.", + "title": "AccountsUrl", + "type": "string" + }, + "OrganizationalUnitIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The organization root ID or organizational unit (OU) IDs.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`", + "title": "OrganizationalUnitIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFormation::StackSet.ManagedExecution": { + "additionalProperties": false, + "properties": { + "Active": { + "markdownDescription": "When `true` , CloudFormation performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, CloudFormation starts queued operations in request order.\n\n> If there are already running or queued operations, CloudFormation queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. \n\nWhen `false` (default), StackSets performs one operation at a time in request order.", + "title": "Active", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::CloudFormation::StackSet.OperationPreferences": { + "additionalProperties": false, + "properties": { + "ConcurrencyMode": { + "markdownDescription": "Specifies how the concurrency level behaves during the operation execution.\n\n- `STRICT_FAILURE_TOLERANCE` : This option dynamically lowers the concurrency level to ensure the number of failed accounts never exceeds the value of `FailureToleranceCount` +1. The initial actual concurrency is set to the lower of either the value of the `MaxConcurrentCount` , or the value of `FailureToleranceCount` +1. The actual concurrency is then reduced proportionally by the number of failures. This is the default behavior.\n\nIf failure tolerance or Maximum concurrent accounts are set to percentages, the behavior is similar.\n- `SOFT_FAILURE_TOLERANCE` : This option decouples `FailureToleranceCount` from the actual concurrency. This allows StackSet operations to run at the concurrency level set by the `MaxConcurrentCount` value, or `MaxConcurrentPercentage` , regardless of the number of failures.", + "title": "ConcurrencyMode", + "type": "string" + }, + "FailureToleranceCount": { + "markdownDescription": "The number of accounts per Region this operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", + "title": "FailureToleranceCount", + "type": "number" + }, + "FailureTolerancePercentage": { + "markdownDescription": "The percentage of accounts per Region this stack operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", + "title": "FailureTolerancePercentage", + "type": "number" + }, + "MaxConcurrentCount": { + "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", + "title": "MaxConcurrentCount", + "type": "number" + }, + "MaxConcurrentPercentage": { + "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", + "title": "MaxConcurrentPercentage", + "type": "number" + }, + "RegionConcurrencyType": { + "markdownDescription": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.", + "title": "RegionConcurrencyType", + "type": "string" + }, + "RegionOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the Regions where you want to perform the stack operation.", + "title": "RegionOrder", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFormation::StackSet.Parameter": { + "additionalProperties": false, + "properties": { + "ParameterKey": { + "markdownDescription": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.", + "title": "ParameterKey", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The input value associated with the parameter.", + "title": "ParameterValue", + "type": "string" + } + }, + "required": [ + "ParameterKey", + "ParameterValue" + ], + "type": "object" + }, + "AWS::CloudFormation::StackSet.StackInstances": { + "additionalProperties": false, + "properties": { + "DeploymentTargets": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.DeploymentTargets", + "markdownDescription": "The AWS Organizations accounts or AWS accounts to deploy stacks to in the specified Regions.", + "title": "DeploymentTargets" + }, + "ParameterOverrides": { + "items": { + "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" + }, + "markdownDescription": "A list of StackSet parameters whose values you want to override in the selected stack instances.", + "title": "ParameterOverrides", + "type": "array" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts .", + "title": "Regions", + "type": "array" + } + }, + "required": [ + "DeploymentTargets", + "Regions" + ], + "type": "object" + }, + "AWS::CloudFormation::TypeActivation": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -45149,79 +48365,62 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowClassicFlow": { - "markdownDescription": "Enables the Basic (Classic) authentication flow.", - "title": "AllowClassicFlow", - "type": "boolean" - }, - "AllowUnauthenticatedIdentities": { - "markdownDescription": "Specifies whether the identity pool supports unauthenticated logins.", - "title": "AllowUnauthenticatedIdentities", + "AutoUpdate": { + "markdownDescription": "Whether to automatically update the extension in this account and Region when a new *minor* version is published by the extension publisher. Major versions released by the publisher must be manually updated.\n\nThe default is `true` .", + "title": "AutoUpdate", "type": "boolean" }, - "CognitoEvents": { - "markdownDescription": "The events to configure.", - "title": "CognitoEvents", - "type": "object" + "ExecutionRoleArn": { + "markdownDescription": "The name of the IAM execution role to use to activate the extension.", + "title": "ExecutionRoleArn", + "type": "string" }, - "CognitoIdentityProviders": { - "items": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoIdentityProvider" - }, - "markdownDescription": "The Amazon Cognito user pools and their client IDs.", - "title": "CognitoIdentityProviders", - "type": "array" + "LoggingConfig": { + "$ref": "#/definitions/AWS::CloudFormation::TypeActivation.LoggingConfig", + "markdownDescription": "Specifies logging configuration information for an extension.", + "title": "LoggingConfig" }, - "CognitoStreams": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoStreams", - "markdownDescription": "Configuration options for configuring Amazon Cognito streams.", - "title": "CognitoStreams" + "MajorVersion": { + "markdownDescription": "The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available *minor* version of the major version selected.\n\nYou can specify `MajorVersion` or `VersionBump` , but not both.", + "title": "MajorVersion", + "type": "string" }, - "DeveloperProviderName": { - "markdownDescription": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100", - "title": "DeveloperProviderName", + "PublicTypeArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the public extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "PublicTypeArn", "type": "string" }, - "IdentityPoolName": { - "markdownDescription": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`", - "title": "IdentityPoolName", + "PublisherId": { + "markdownDescription": "The ID of the extension publisher.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "PublisherId", "type": "string" }, - "OpenIdConnectProviderARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the OpenID connect providers.", - "title": "OpenIdConnectProviderARNs", - "type": "array" + "Type": { + "markdownDescription": "The extension type.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "Type", + "type": "string" }, - "PushSync": { - "$ref": "#/definitions/AWS::Cognito::IdentityPool.PushSync", - "markdownDescription": "The configuration options to be applied to the identity pool.", - "title": "PushSync" + "TypeName": { + "markdownDescription": "The name of the extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", + "title": "TypeName", + "type": "string" }, - "SamlProviderARNs": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.", - "title": "SamlProviderARNs", - "type": "array" + "TypeNameAlias": { + "markdownDescription": "An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.\n\nAn extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.", + "title": "TypeNameAlias", + "type": "string" }, - "SupportedLoginProviders": { - "markdownDescription": "Key-value pairs that map provider names to provider app IDs.", - "title": "SupportedLoginProviders", - "type": "object" + "VersionBump": { + "markdownDescription": "Manually updates a previously-activated type to a new major or minor version, if available. You can also use this parameter to update the value of `AutoUpdate` .\n\n- `MAJOR` : CloudFormation updates the extension to the newest major version, if one is available.\n- `MINOR` : CloudFormation updates the extension to the newest minor version, if one is available.", + "title": "VersionBump", + "type": "string" } }, - "required": [ - "AllowUnauthenticatedIdentities" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPool" + "AWS::CloudFormation::TypeActivation" ], "type": "string" }, @@ -45235,77 +48434,160 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { + "AWS::CloudFormation::TypeActivation.LoggingConfig": { "additionalProperties": false, "properties": { - "ClientId": { - "markdownDescription": "The client ID for the Amazon Cognito user pool.", - "title": "ClientId", + "LogGroupName": { + "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", + "title": "LogGroupName", "type": "string" }, - "ProviderName": { - "markdownDescription": "The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` .", - "title": "ProviderName", + "LogRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", + "title": "LogRoleArn", "type": "string" - }, - "ServerSideTokenCheck": { - "markdownDescription": "TRUE if server-side token validation is enabled for the identity provider\u2019s token.\n\nAfter you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.\n\nIf the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.", - "title": "ServerSideTokenCheck", - "type": "boolean" } }, - "required": [ - "ClientId", - "ProviderName" - ], "type": "object" }, - "AWS::Cognito::IdentityPool.CognitoStreams": { + "AWS::CloudFormation::WaitCondition": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream.", - "title": "RoleArn", + "Condition": { "type": "string" }, - "StreamName": { - "markdownDescription": "The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool.", - "title": "StreamName", + "CreationPolicy": { + "type": "object" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StreamingStatus": { - "markdownDescription": "Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` .", - "title": "StreamingStatus", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back.\n\nUpdates aren't supported.", + "title": "Count", + "type": "number" + }, + "Handle": { + "markdownDescription": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [AWS::CloudFormation::WaitConditionHandle](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-cloudformation-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", + "title": "Handle", + "type": "string" + }, + "Timeout": { + "markdownDescription": "The length of time (in seconds) to wait for the number of signals that the `Count` property specifies. `Timeout` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).\n\nUpdates aren't supported.", + "title": "Timeout", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::WaitCondition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Cognito::IdentityPool.PushSync": { + "AWS::CloudFormation::WaitConditionHandle": { "additionalProperties": false, "properties": { - "ApplicationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the Amazon SNS platform applications that could be used by clients.", - "title": "ApplicationArns", - "type": "array" + "Condition": { + "type": "string" }, - "RoleArn": { - "markdownDescription": "An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.", - "title": "RoleArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFormation::WaitConditionHandle" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Cognito::IdentityPoolPrincipalTag": { + "AWS::CloudFront::AnycastIpList": { "additionalProperties": false, "properties": { "Condition": { @@ -45340,36 +48622,31 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityPoolId": { - "markdownDescription": "The identity pool that you want to associate with this principal tag map.", - "title": "IdentityPoolId", - "type": "string" + "IpCount": { + "markdownDescription": "The number of IP addresses in the Anycast static IP list.", + "title": "IpCount", + "type": "number" }, - "IdentityProviderName": { - "markdownDescription": "The identity pool identity provider (IdP) that you want to associate with this principal tag map.", - "title": "IdentityProviderName", + "Name": { + "markdownDescription": "The name of the Anycast static IP list.", + "title": "Name", "type": "string" }, - "PrincipalTags": { - "markdownDescription": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.", - "title": "PrincipalTags", - "type": "object" - }, - "UseDefaults": { - "markdownDescription": "Use a default set of mappings between claims and tags for this provider, instead of a custom map.", - "title": "UseDefaults", - "type": "boolean" + "Tags": { + "$ref": "#/definitions/AWS::CloudFront::AnycastIpList.Tags", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags" } }, "required": [ - "IdentityPoolId", - "IdentityProviderName" + "IpCount", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPoolPrincipalTag" + "AWS::CloudFront::AnycastIpList" ], "type": "string" }, @@ -45388,7 +48665,74 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment": { + "AWS::CloudFront::AnycastIpList.AnycastIpList": { + "additionalProperties": false, + "properties": { + "AnycastIps": { + "items": { + "type": "string" + }, + "markdownDescription": "The static IP addresses that are allocated to the Anycast static IP list.", + "title": "AnycastIps", + "type": "array" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Anycast static IP list.", + "title": "Arn", + "type": "string" + }, + "Id": { + "markdownDescription": "The ID of the Anycast static IP list.", + "title": "Id", + "type": "string" + }, + "IpCount": { + "markdownDescription": "The number of IP addresses in the Anycast static IP list.", + "title": "IpCount", + "type": "number" + }, + "LastModifiedTime": { + "markdownDescription": "The last time the Anycast static IP list was modified.", + "title": "LastModifiedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Anycast static IP list.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the Anycast static IP list. Valid values: `Deployed` , `Deploying` , or `Failed` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "AnycastIps", + "Arn", + "Id", + "IpCount", + "LastModifiedTime", + "Name", + "Status" + ], + "type": "object" + }, + "AWS::CloudFront::AnycastIpList.Tags": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A complex type that contains `Tag` elements.", + "title": "Items", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudFront::CachePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -45423,42 +48767,20 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityPoolId": { - "markdownDescription": "An identity pool ID in the format `REGION:GUID` .", - "title": "IdentityPoolId", - "type": "string" - }, - "RoleMappings": { - "additionalProperties": false, - "markdownDescription": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping" - } - }, - "title": "RoleMappings", - "type": "object" - }, - "Roles": { - "additionalProperties": true, - "markdownDescription": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Roles", - "type": "object" + "CachePolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CachePolicyConfig", + "markdownDescription": "The cache policy configuration.", + "title": "CachePolicyConfig" } }, "required": [ - "IdentityPoolId" + "CachePolicyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::IdentityPoolRoleAttachment" + "AWS::CloudFront::CachePolicy" ], "type": "string" }, @@ -45477,85 +48799,153 @@ ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.MappingRule": { + "AWS::CloudFront::CachePolicy.CachePolicyConfig": { "additionalProperties": false, "properties": { - "Claim": { - "markdownDescription": "The claim name that must be present in the token. For example: \"isAdmin\" or \"paid\".", - "title": "Claim", + "Comment": { + "markdownDescription": "A comment to describe the cache policy. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" }, - "MatchType": { - "markdownDescription": "The match condition that specifies how closely the claim value in the IdP token must match `Value` .\n\nValid values are: `Equals` , `Contains` , `StartsWith` , and `NotEqual` .", - "title": "MatchType", - "type": "string" + "DefaultTTL": { + "markdownDescription": "The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 86400 seconds (one day). If the value of `MinTTL` is more than 86400 seconds, then the default value for this field is the same as the value of `MinTTL` .", + "title": "DefaultTTL", + "type": "number" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role.", - "title": "RoleARN", - "type": "string" + "MaxTTL": { + "markdownDescription": "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 31536000 seconds (one year). If the value of `MinTTL` or `DefaultTTL` is more than 31536000 seconds, then the default value for this field is the same as the value of `DefaultTTL` .", + "title": "MaxTTL", + "type": "number" }, - "Value": { - "markdownDescription": "A brief string that the claim must match. For example, \"paid\" or \"yes\".", - "title": "Value", + "MinTTL": { + "markdownDescription": "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MinTTL", + "type": "number" + }, + "Name": { + "markdownDescription": "A unique name to identify the cache policy.", + "title": "Name", "type": "string" + }, + "ParametersInCacheKeyAndForwardedToOrigin": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin", + "markdownDescription": "The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.", + "title": "ParametersInCacheKeyAndForwardedToOrigin" } }, "required": [ - "Claim", - "MatchType", - "RoleARN", - "Value" + "DefaultTTL", + "MaxTTL", + "MinTTL", + "Name", + "ParametersInCacheKeyAndForwardedToOrigin" ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping": { + "AWS::CloudFront::CachePolicy.CookiesConfig": { "additionalProperties": false, "properties": { - "AmbiguousRoleResolution": { - "markdownDescription": "If you specify Token or Rules as the `Type` , `AmbiguousRoleResolution` is required.\n\nSpecifies the action to be taken if either no rules match the claim value for the `Rules` type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the `Token` type.", - "title": "AmbiguousRoleResolution", + "CookieBehavior": { + "markdownDescription": "Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** for those that are listed in the `CookieNames` type, which are not included.\n- `all` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "CookieBehavior", "type": "string" }, - "IdentityProvider": { - "markdownDescription": "Identifier for the identity provider for which the role is mapped. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)` . This is the identity provider that is used by the user for authentication.\n\nIf the identity provider property isn't provided, the key of the entry in the `RoleMappings` map is used as the identity provider.", - "title": "IdentityProvider", + "Cookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of cookie names.", + "title": "Cookies", + "type": "array" + } + }, + "required": [ + "CookieBehavior" + ], + "type": "object" + }, + "AWS::CloudFront::CachePolicy.HeadersConfig": { + "additionalProperties": false, + "properties": { + "HeaderBehavior": { + "markdownDescription": "Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "HeaderBehavior", "type": "string" }, - "RulesConfiguration": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType", - "markdownDescription": "The rules to be used for mapping users to roles. If you specify \"Rules\" as the role-mapping type, RulesConfiguration is required.", - "title": "RulesConfiguration" + "Headers": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of HTTP header names.", + "title": "Headers", + "type": "array" + } + }, + "required": [ + "HeaderBehavior" + ], + "type": "object" + }, + "AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin": { + "additionalProperties": false, + "properties": { + "CookiesConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CookiesConfig", + "markdownDescription": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "CookiesConfig" }, - "Type": { - "markdownDescription": "The role mapping type. Token will use `cognito:roles` and `cognito:preferred_role` claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.", - "title": "Type", - "type": "string" + "EnableAcceptEncodingBrotli": { + "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingGzip` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", + "title": "EnableAcceptEncodingBrotli", + "type": "boolean" + }, + "EnableAcceptEncodingGzip": { + "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingBrotli` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", + "title": "EnableAcceptEncodingGzip", + "type": "boolean" + }, + "HeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.HeadersConfig", + "markdownDescription": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "HeadersConfig" + }, + "QueryStringsConfig": { + "$ref": "#/definitions/AWS::CloudFront::CachePolicy.QueryStringsConfig", + "markdownDescription": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "QueryStringsConfig" } }, "required": [ - "Type" + "CookiesConfig", + "EnableAcceptEncodingGzip", + "HeadersConfig", + "QueryStringsConfig" ], "type": "object" }, - "AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType": { + "AWS::CloudFront::CachePolicy.QueryStringsConfig": { "additionalProperties": false, "properties": { - "Rules": { + "QueryStringBehavior": { + "markdownDescription": "Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** those that are listed in the `QueryStringNames` type, which are not included.\n- `all` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", + "title": "QueryStringBehavior", + "type": "string" + }, + "QueryStrings": { "items": { - "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.MappingRule" + "type": "string" }, - "markdownDescription": "The rules. You can specify up to 25 rules per identity provider.", - "title": "Rules", + "markdownDescription": "Contains a list of query string names.", + "title": "QueryStrings", "type": "array" } }, "required": [ - "Rules" + "QueryStringBehavior" ], "type": "object" }, - "AWS::Cognito::LogDeliveryConfiguration": { + "AWS::CloudFront::CloudFrontOriginAccessIdentity": { "additionalProperties": false, "properties": { "Condition": { @@ -45590,28 +48980,20 @@ "Properties": { "additionalProperties": false, "properties": { - "LogConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.LogConfiguration" - }, - "markdownDescription": "A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs.", - "title": "LogConfigurations", - "type": "array" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you configured logging.", - "title": "UserPoolId", - "type": "string" + "CloudFrontOriginAccessIdentityConfig": { + "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig", + "markdownDescription": "The current configuration information for the identity.", + "title": "CloudFrontOriginAccessIdentityConfig" } }, "required": [ - "UserPoolId" + "CloudFrontOriginAccessIdentityConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::LogDeliveryConfiguration" + "AWS::CloudFront::CloudFrontOriginAccessIdentity" ], "type": "string" }, @@ -45630,39 +49012,21 @@ ], "type": "object" }, - "AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration": { - "additionalProperties": false, - "properties": { - "LogGroupArn": { - "markdownDescription": "The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with AWS Key Management Service and must be in the same AWS account as your user pool.\n\nTo send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with `/aws/vendedlogs` . For more information, see [Enabling logging from certain AWS services](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) .", - "title": "LogGroupArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Cognito::LogDeliveryConfiguration.LogConfiguration": { + "AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig": { "additionalProperties": false, "properties": { - "CloudWatchLogsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration", - "markdownDescription": "Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.", - "title": "CloudWatchLogsConfiguration" - }, - "EventSource": { - "markdownDescription": "The source of events that your user pool sends for logging. To send error-level logs about user notification activity, set to `userNotification` . To send info-level logs about threat-protection user activity in user pools with the Plus feature plan, set to `userAuthEvents` .", - "title": "EventSource", - "type": "string" - }, - "LogLevel": { - "markdownDescription": "The `errorlevel` selection of logs that a user pool sends for detailed activity logging. To send `userNotification` activity with [information about message delivery](https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html) , choose `ERROR` with `CloudWatchLogsConfiguration` . To send `userAuthEvents` activity with user logs from threat protection with the Plus feature plan, choose `INFO` with one of `CloudWatchLogsConfiguration` , `FirehoseConfiguration` , or `S3Configuration` .", - "title": "LogLevel", + "Comment": { + "markdownDescription": "A comment to describe the origin access identity. The comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" } }, + "required": [ + "Comment" + ], "type": "object" }, - "AWS::Cognito::UserPool": { + "AWS::CloudFront::ConnectionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -45697,153 +49061,110 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountRecoverySetting": { - "$ref": "#/definitions/AWS::Cognito::UserPool.AccountRecoverySetting", - "markdownDescription": "The available verified method a user can use to recover their password when they call `ForgotPassword` . You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.", - "title": "AccountRecoverySetting" - }, - "AdminCreateUserConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.AdminCreateUserConfig", - "markdownDescription": "The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.", - "title": "AdminCreateUserConfig" - }, - "AliasAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Attributes supported as an alias for this user pool. For more information about alias attributes, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", - "title": "AliasAttributes", - "type": "array" - }, - "AutoVerifiedAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "The attributes that you want your user pool to automatically verify. For more information, see [Verifying contact information at sign-up](https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#allowing-users-to-sign-up-and-confirm-themselves) .", - "title": "AutoVerifiedAttributes", - "type": "array" - }, - "DeletionProtection": { - "markdownDescription": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request.", - "title": "DeletionProtection", - "type": "string" - }, - "DeviceConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.DeviceConfiguration", - "markdownDescription": "The device-remembering configuration for a user pool. Device remembering or device tracking is a \"Remember me on this device\" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see [Working with user devices in your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) . A null value indicates that you have deactivated device remembering in your user pool.\n\n> When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature. For more information, see [Working with devices](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) .", - "title": "DeviceConfiguration" - }, - "EmailConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.EmailConfiguration", - "markdownDescription": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.", - "title": "EmailConfiguration" - }, - "EmailVerificationMessage": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "EmailVerificationMessage", - "type": "string" - }, - "EmailVerificationSubject": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "EmailVerificationSubject", + "AnycastIpListId": { + "markdownDescription": "The ID of the Anycast static IP list.", + "title": "AnycastIpListId", "type": "string" }, - "EnabledMfas": { - "items": { - "type": "string" - }, - "markdownDescription": "Set enabled MFA options on a specified user pool. To disable all MFAs after it has been enabled, set `MfaConfiguration` to `OFF` and remove EnabledMfas. MFAs can only be all disabled if `MfaConfiguration` is `OFF` . After you enable `SMS_MFA` , you can only disable it by setting `MfaConfiguration` to `OFF` . Can be one of the following values:\n\n- `SMS_MFA` - Enables MFA with SMS for the user pool. To select this option, you must also provide values for `SmsConfiguration` .\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n- `EMAIL_OTP` - Enables MFA with email for the user pool. To select this option, you must provide values for `EmailConfiguration` and within those, set `EmailSendingAccount` to `DEVELOPER` .\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA` | `EMAIL_OTP`", - "title": "EnabledMfas", - "type": "array" + "Enabled": { + "markdownDescription": "Whether the connection group is enabled.", + "title": "Enabled", + "type": "boolean" }, - "LambdaConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.LambdaConfig", - "markdownDescription": "A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.", - "title": "LambdaConfig" + "Ipv6Enabled": { + "markdownDescription": "IPv6 is enabled for the connection group.", + "title": "Ipv6Enabled", + "type": "boolean" }, - "MfaConfiguration": { - "markdownDescription": "Displays the state of multi-factor authentication (MFA) as on, off, or optional. When `ON` , all users must set up MFA before they can sign in. When `OPTIONAL` , your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose `OPTIONAL` .\n\nWhen `MfaConfiguration` is `OPTIONAL` , managed login doesn't automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.", - "title": "MfaConfiguration", + "Name": { + "markdownDescription": "The name of the connection group.", + "title": "Name", "type": "string" }, - "Policies": { - "$ref": "#/definitions/AWS::Cognito::UserPool.Policies", - "markdownDescription": "A list of user pool policies. Contains the policy that sets password-complexity requirements.", - "title": "Policies" - }, - "Schema": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPool.SchemaAttribute" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of attributes for the new user pool. You can add custom attributes and modify the properties of default attributes. The specifications in this parameter set the required attributes in your user pool. For more information, see [Working with user attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) .", - "title": "Schema", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", "type": "array" - }, - "SmsAuthenticationMessage": { - "markdownDescription": "The contents of the SMS authentication message.", - "title": "SmsAuthenticationMessage", - "type": "string" - }, - "SmsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.SmsConfiguration", - "markdownDescription": "The settings for your Amazon Cognito user pool to send SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . For more information see [SMS message settings](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", - "title": "SmsConfiguration" - }, - "SmsVerificationMessage": { - "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", - "title": "SmsVerificationMessage", - "type": "string" - }, - "UserAttributeUpdateSettings": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UserAttributeUpdateSettings", - "markdownDescription": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) .", - "title": "UserAttributeUpdateSettings" - }, - "UserPoolAddOns": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UserPoolAddOns", - "markdownDescription": "Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to potentially unwanted traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .", - "title": "UserPoolAddOns" - }, - "UserPoolName": { - "markdownDescription": "A friendly name for your user pool.", - "title": "UserPoolName", + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFront::ConnectionGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "UserPoolTags": { - "additionalProperties": true, - "markdownDescription": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "UserPoolTags", - "type": "object" - }, - "UsernameAttributes": { + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "Specifies whether a user can use an email address or phone number as a username when they sign up.", - "title": "UsernameAttributes", "type": "array" - }, - "UsernameConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPool.UsernameConfiguration", - "markdownDescription": "Sets the case sensitivity option for sign-in usernames. When `CaseSensitive` is `false` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `false` as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.\n\nWhen `CaseSensitive` is `true` (case sensitive), Amazon Cognito interprets `USERNAME` and `UserName` as distinct users.\n\nThis configuration is immutable after you set it.", - "title": "UsernameConfiguration" - }, - "VerificationMessageTemplate": { - "$ref": "#/definitions/AWS::Cognito::UserPool.VerificationMessageTemplate", - "markdownDescription": "The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.\n\nSet the email message type that corresponds to your `DefaultEmailOption` selection. For `CONFIRM_WITH_LINK` , specify an `EmailMessageByLink` and leave `EmailMessage` blank. For `CONFIRM_WITH_CODE` , specify an `EmailMessage` and leave `EmailMessageByLink` blank. When you supply both parameters with either choice, Amazon Cognito returns an error.", - "title": "VerificationMessageTemplate" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContinuousDeploymentPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig", + "markdownDescription": "Contains the configuration for a continuous deployment policy.", + "title": "ContinuousDeploymentPolicyConfig" } }, + "required": [ + "ContinuousDeploymentPolicyConfig" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPool" + "AWS::CloudFront::ContinuousDeploymentPolicy" ], "type": "string" }, @@ -45857,718 +49178,1329 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Cognito::UserPool.AccountRecoverySetting": { + "AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig": { "additionalProperties": false, "properties": { - "RecoveryMechanisms": { + "Enabled": { + "markdownDescription": "A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is `true` , this policy is enabled and in effect. When this value is `false` , this policy is not enabled and has no effect.", + "title": "Enabled", + "type": "boolean" + }, + "SingleHeaderPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig", + "markdownDescription": "This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.", + "title": "SingleHeaderPolicyConfig" + }, + "SingleWeightPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig", + "markdownDescription": "This configuration determines the percentage of HTTP requests that are sent to the staging distribution.", + "title": "SingleWeightPolicyConfig" + }, + "StagingDistributionDnsNames": { "items": { - "$ref": "#/definitions/AWS::Cognito::UserPool.RecoveryOption" + "type": "string" }, - "markdownDescription": "The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators.", - "title": "RecoveryMechanisms", + "markdownDescription": "The CloudFront domain name of the staging distribution. For example: `d111111abcdef8.cloudfront.net` .", + "title": "StagingDistributionDnsNames", "type": "array" + }, + "TrafficConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig", + "markdownDescription": "Contains the parameters for routing production traffic from your primary to staging distributions.", + "title": "TrafficConfig" + }, + "Type": { + "markdownDescription": "The type of traffic configuration.", + "title": "Type", + "type": "string" } }, + "required": [ + "Enabled", + "StagingDistributionDnsNames" + ], "type": "object" }, - "AWS::Cognito::UserPool.AdminCreateUserConfig": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig": { "additionalProperties": false, "properties": { - "AllowAdminCreateUserOnly": { - "markdownDescription": "The setting for allowing self-service sign-up. When `true` , only administrators can create new user profiles. When `false` , users can register themselves and create a new user profile with the `SignUp` operation.", - "title": "AllowAdminCreateUserOnly", - "type": "boolean" - }, - "InviteMessageTemplate": { - "$ref": "#/definitions/AWS::Cognito::UserPool.InviteMessageTemplate", - "markdownDescription": "The template for the welcome message to new users. This template must include the `{####}` temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder.\n\nSee also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .", - "title": "InviteMessageTemplate" + "IdleTTL": { + "markdownDescription": "The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", + "title": "IdleTTL", + "type": "number" }, - "UnusedAccountValidityDays": { - "markdownDescription": "This parameter is no longer in use.\n\nThe password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `RESEND` for the `MessageAction` parameter.\n\nThe default value for this parameter is 7.", - "title": "UnusedAccountValidityDays", + "MaximumTTL": { + "markdownDescription": "The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", + "title": "MaximumTTL", "type": "number" } }, + "required": [ + "IdleTTL", + "MaximumTTL" + ], "type": "object" }, - "AWS::Cognito::UserPool.CustomEmailSender": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", - "title": "LambdaArn", + "Header": { + "markdownDescription": "The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix `aws-cf-cd-` .", + "title": "Header", "type": "string" }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", - "title": "LambdaVersion", + "Value": { + "markdownDescription": "The request header value.", + "title": "Value", "type": "string" } }, + "required": [ + "Header", + "Value" + ], "type": "object" }, - "AWS::Cognito::UserPool.CustomSMSSender": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", - "title": "LambdaArn", + "Header": { + "markdownDescription": "The name of the HTTP header that CloudFront uses to configure for the single header policy.", + "title": "Header", "type": "string" }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", - "title": "LambdaVersion", + "Value": { + "markdownDescription": "Specifies the value to assign to the header for a single header policy.", + "title": "Value", "type": "string" } }, + "required": [ + "Header", + "Value" + ], "type": "object" }, - "AWS::Cognito::UserPool.DeviceConfiguration": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig": { "additionalProperties": false, "properties": { - "ChallengeRequiredOnNewDevice": { - "markdownDescription": "When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).\n\n> Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.", - "title": "ChallengeRequiredOnNewDevice", - "type": "boolean" + "SessionStickinessConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", + "markdownDescription": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.", + "title": "SessionStickinessConfig" }, - "DeviceOnlyRememberedOnUserPrompt": { - "markdownDescription": "When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a `ConfirmDevice` API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an `UpdateDeviceStatus` API request.\n\nWhen `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request.", - "title": "DeviceOnlyRememberedOnUserPrompt", - "type": "boolean" + "Weight": { + "markdownDescription": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution.", + "title": "Weight", + "type": "number" } }, + "required": [ + "Weight" + ], "type": "object" }, - "AWS::Cognito::UserPool.EmailConfiguration": { + "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig": { "additionalProperties": false, "properties": { - "ConfigurationSet": { - "markdownDescription": "The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:\n\n- **Event publishing** - Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as and Amazon CloudWatch\n- **IP pool management** - When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.", - "title": "ConfigurationSet", - "type": "string" - }, - "EmailSendingAccount": { - "markdownDescription": "Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:\n\n- **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.\n\nTo look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* .\n\nThe default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.\n- **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .\n\nIf you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.\n\nBefore Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* .", - "title": "EmailSendingAccount", - "type": "string" + "SessionStickinessConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", + "markdownDescription": "Enable session stickiness for the associated origin or cache settings.", + "title": "SessionStickinessConfig" }, - "From": { - "markdownDescription": "Either the sender\u2019s email address or the sender\u2019s name with their email address. For example, `testuser@example.com` or `Test User ` . This address appears before the body of the email.", - "title": "From", - "type": "string" + "Weight": { + "markdownDescription": "The percentage of requests that CloudFront will use to send to an associated origin or cache settings.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Weight" + ], + "type": "object" + }, + "AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig": { + "additionalProperties": false, + "properties": { + "SingleHeaderConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig", + "markdownDescription": "Determines which HTTP requests are sent to the staging distribution.", + "title": "SingleHeaderConfig" }, - "ReplyToEmailAddress": { - "markdownDescription": "The destination to which the receiver of the email should reply.", - "title": "ReplyToEmailAddress", - "type": "string" + "SingleWeightConfig": { + "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig", + "markdownDescription": "Contains the percentage of traffic to send to the staging distribution.", + "title": "SingleWeightConfig" }, - "SourceArn": { - "markdownDescription": "The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:\n\n- If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.\n- If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.\n\nThe Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) .", - "title": "SourceArn", + "Type": { + "markdownDescription": "The type of traffic configuration.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Cognito::UserPool.InviteMessageTemplate": { + "AWS::CloudFront::Distribution": { "additionalProperties": false, "properties": { - "EmailMessage": { - "markdownDescription": "The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", - "title": "EmailMessage", + "Condition": { "type": "string" }, - "EmailSubject": { - "markdownDescription": "The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", - "title": "EmailSubject", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SMSMessage": { - "markdownDescription": "The message template for SMS messages.", - "title": "SMSMessage", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.DistributionConfig", + "markdownDescription": "The distribution's configuration.", + "title": "DistributionConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DistributionConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudFront::Distribution" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Cognito::UserPool.LambdaConfig": { + "AWS::CloudFront::Distribution.CacheBehavior": { "additionalProperties": false, "properties": { - "CreateAuthChallenge": { - "markdownDescription": "The configuration of a create auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "CreateAuthChallenge", + "AllowedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", + "title": "AllowedMethods", + "type": "array" + }, + "CachePolicyId": { + "markdownDescription": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", + "title": "CachePolicyId", "type": "string" }, - "CustomEmailSender": { - "$ref": "#/definitions/AWS::Cognito::UserPool.CustomEmailSender", - "markdownDescription": "The configuration of a custom email sender Lambda trigger. This trigger routes all email notifications from a user pool to a Lambda function that delivers the message using custom logic.", - "title": "CustomEmailSender" + "CachedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", + "title": "CachedMethods", + "type": "array" }, - "CustomMessage": { - "markdownDescription": "A custom message Lambda trigger. This trigger is an opportunity to customize all SMS and email messages from your user pool. When a custom message trigger is active, your user pool routes all messages to a Lambda function that returns a runtime-customized message subject and body for your user pool to deliver to a user.", - "title": "CustomMessage", - "type": "string" + "Compress": { + "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Compress", + "type": "boolean" }, - "CustomSMSSender": { - "$ref": "#/definitions/AWS::Cognito::UserPool.CustomSMSSender", - "markdownDescription": "The configuration of a custom SMS sender Lambda trigger. This trigger routes all SMS notifications from a user pool to a Lambda function that delivers the message using custom logic.", - "title": "CustomSMSSender" + "DefaultTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultTTL", + "type": "number" }, - "DefineAuthChallenge": { - "markdownDescription": "The configuration of a define auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "DefineAuthChallenge", + "FieldLevelEncryptionId": { + "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.", + "title": "FieldLevelEncryptionId", "type": "string" }, - "KMSKeyID": { - "markdownDescription": "The ARN of an [KMS key](https://docs.aws.amazon.com//kms/latest/developerguide/concepts.html#master_keys) . Amazon Cognito uses the key to encrypt codes and temporary passwords sent to custom sender Lambda triggers.", - "title": "KMSKeyID", - "type": "string" + "ForwardedValues": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", + "title": "ForwardedValues" }, - "PostAuthentication": { - "markdownDescription": "The configuration of a [post authentication Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html) in a user pool. This trigger can take custom actions after a user signs in.", - "title": "PostAuthentication", - "type": "string" + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" + }, + "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the `LIVE` stage to associate them with a cache behavior.", + "title": "FunctionAssociations", + "type": "array" }, - "PostConfirmation": { - "markdownDescription": "The configuration of a [post confirmation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html) in a user pool. This trigger can take custom actions after a user confirms their user account and their email address or phone number.", - "title": "PostConfirmation", + "GrpcConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GrpcConfig", + "markdownDescription": "The gRPC configuration for your cache behavior.", + "title": "GrpcConfig" + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" + }, + "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", + "title": "LambdaFunctionAssociations", + "type": "array" + }, + "MaxTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MaxTTL", + "type": "number" + }, + "MinTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", + "title": "MinTTL", + "type": "number" + }, + "OriginRequestPolicyId": { + "markdownDescription": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginRequestPolicyId", "type": "string" }, - "PreAuthentication": { - "markdownDescription": "The configuration of a [pre authentication trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html) in a user pool. This trigger can evaluate and modify user sign-in events.", - "title": "PreAuthentication", + "PathPattern": { + "markdownDescription": "The pattern (for example, `images/*.jpg` ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n\n> You can optionally include a slash ( `/` ) at the beginning of the path pattern. For example, `/images/*.jpg` . CloudFront behavior is the same with or without the leading `/` . \n\nThe path pattern for the default cache behavior is `*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n\nFor more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide* .", + "title": "PathPattern", "type": "string" }, - "PreSignUp": { - "markdownDescription": "The configuration of a [pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) in a user pool. This trigger evaluates new users and can bypass confirmation, [link a federated user profile](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html) , or block sign-up requests.", - "title": "PreSignUp", + "RealtimeLogConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "RealtimeLogConfigArn", "type": "string" }, - "PreTokenGeneration": { - "markdownDescription": "The legacy configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool.\n\nSet this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` .", - "title": "PreTokenGeneration", + "ResponseHeadersPolicyId": { + "markdownDescription": "The identifier for a response headers policy.", + "title": "ResponseHeadersPolicyId", "type": "string" }, - "PreTokenGenerationConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPool.PreTokenGenerationConfig", - "markdownDescription": "The detailed configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` .", - "title": "PreTokenGenerationConfig" + "SmoothStreaming": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", + "title": "SmoothStreaming", + "type": "boolean" }, - "UserMigration": { - "markdownDescription": "The configuration of a [migrate user Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html) in a user pool. This trigger can create user profiles when users sign in or attempt to reset their password with credentials that don't exist yet.", - "title": "UserMigration", + "TargetOriginId": { + "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.", + "title": "TargetOriginId", "type": "string" }, - "VerifyAuthChallengeResponse": { - "markdownDescription": "The configuration of a verify auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", - "title": "VerifyAuthChallengeResponse", + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedKeyGroups", + "type": "array" + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners", + "type": "array" + }, + "ViewerProtocolPolicy": { + "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ViewerProtocolPolicy", "type": "string" } }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], "type": "object" }, - "AWS::Cognito::UserPool.NumberAttributeConstraints": { + "AWS::CloudFront::Distribution.Cookies": { "additionalProperties": false, "properties": { - "MaxValue": { - "markdownDescription": "The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", - "title": "MaxValue", + "Forward": { + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nSpecifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the `WhitelistedNames` complex type.\n\nAmazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the `Forward` element.", + "title": "Forward", "type": "string" }, - "MinValue": { - "markdownDescription": "The minimum value of an attribute that is of the number data type.", - "title": "MinValue", - "type": "string" + "WhitelistedNames": { + "items": { + "type": "string" + }, + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nRequired if you specify `whitelist` for the value of `Forward` . A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.\n\nIf you specify `all` or `none` for the value of `Forward` , omit `WhitelistedNames` . If you change the value of `Forward` from `whitelist` to `all` or `none` and you don't delete the `WhitelistedNames` element and its child elements, CloudFront deletes them automatically.\n\nFor the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *AWS General Reference* .", + "title": "WhitelistedNames", + "type": "array" } }, + "required": [ + "Forward" + ], "type": "object" }, - "AWS::Cognito::UserPool.PasswordPolicy": { + "AWS::CloudFront::Distribution.CustomErrorResponse": { "additionalProperties": false, "properties": { - "MinimumLength": { - "markdownDescription": "The minimum length of the password in the policy that you have set. This value can't be less than 6.", - "title": "MinimumLength", + "ErrorCachingMinTTL": { + "markdownDescription": "The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in `ErrorCode` . When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.\n\nFor more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ErrorCachingMinTTL", "type": "number" }, - "RequireLowercase": { - "markdownDescription": "The requirement in a password policy that users must include at least one lowercase letter in their password.", - "title": "RequireLowercase", - "type": "boolean" - }, - "RequireNumbers": { - "markdownDescription": "The requirement in a password policy that users must include at least one number in their password.", - "title": "RequireNumbers", - "type": "boolean" - }, - "RequireSymbols": { - "markdownDescription": "The requirement in a password policy that users must include at least one symbol in their password.", - "title": "RequireSymbols", - "type": "boolean" - }, - "RequireUppercase": { - "markdownDescription": "The requirement in a password policy that users must include at least one uppercase letter in their password.", - "title": "RequireUppercase", - "type": "boolean" + "ErrorCode": { + "markdownDescription": "The HTTP status code for which you want to specify a custom error page and/or a caching duration.", + "title": "ErrorCode", + "type": "number" }, - "TemporaryPasswordValidityDays": { - "markdownDescription": "The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value.\n\n> When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool.", - "title": "TemporaryPasswordValidityDays", + "ResponseCode": { + "markdownDescription": "The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:\n\n- Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute `200` , the response typically won't be intercepted.\n- If you don't care about distinguishing among different client errors or server errors, you can specify `400` or `500` as the `ResponseCode` for all 4xx or 5xx errors.\n- You might want to return a `200` status code (OK) and static website so your customers don't know that your website is down.\n\nIf you specify a value for `ResponseCode` , you must also specify a value for `ResponsePagePath` .", + "title": "ResponseCode", "type": "number" + }, + "ResponsePagePath": { + "markdownDescription": "The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by `ErrorCode` , for example, `/4xx-errors/403-forbidden.html` . If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:\n\n- The value of `PathPattern` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named `/4xx-errors` . Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, `/4xx-errors/*` .\n- The value of `TargetOriginId` specifies the value of the `ID` element for the origin that contains your custom error pages.\n\nIf you specify a value for `ResponsePagePath` , you must also specify a value for `ResponseCode` .\n\nWe recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.", + "title": "ResponsePagePath", + "type": "string" } }, + "required": [ + "ErrorCode" + ], "type": "object" }, - "AWS::Cognito::UserPool.Policies": { + "AWS::CloudFront::Distribution.CustomOriginConfig": { "additionalProperties": false, "properties": { - "PasswordPolicy": { - "$ref": "#/definitions/AWS::Cognito::UserPool.PasswordPolicy", - "markdownDescription": "The password policy settings for a user pool, including complexity, history, and length requirements.", - "title": "PasswordPolicy" + "HTTPPort": { + "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", + "title": "HTTPPort", + "type": "number" + }, + "HTTPSPort": { + "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", + "title": "HTTPSPort", + "type": "number" + }, + "OriginKeepaliveTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginKeepaliveTimeout", + "type": "number" + }, + "OriginProtocolPolicy": { + "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n\n- `http-only` \u2013 CloudFront always uses HTTP to connect to the origin.\n- `match-viewer` \u2013 CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n- `https-only` \u2013 CloudFront always uses HTTPS to connect to the origin.", + "title": "OriginProtocolPolicy", + "type": "string" + }, + "OriginReadTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginReadTimeout", + "type": "number" + }, + "OriginSSLProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", + "type": "array" } }, + "required": [ + "OriginProtocolPolicy" + ], "type": "object" }, - "AWS::Cognito::UserPool.PreTokenGenerationConfig": { + "AWS::CloudFront::Distribution.DefaultCacheBehavior": { "additionalProperties": false, "properties": { - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nThis parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` .", - "title": "LambdaArn", + "AllowedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", + "title": "AllowedMethods", + "type": "array" + }, + "CachePolicyId": { + "markdownDescription": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", + "title": "CachePolicyId", "type": "string" }, - "LambdaVersion": { - "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.", - "title": "LambdaVersion", + "CachedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", + "title": "CachedMethods", + "type": "array" + }, + "Compress": { + "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify `true` ; if not, specify `false` . For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Compress", + "type": "boolean" + }, + "DefaultTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultTTL", + "type": "number" + }, + "FieldLevelEncryptionId": { + "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior.", + "title": "FieldLevelEncryptionId", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", + "title": "ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" + }, + "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the `LIVE` stage to associate them with a cache behavior.", + "title": "FunctionAssociations", + "type": "array" + }, + "GrpcConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GrpcConfig", + "markdownDescription": "The gRPC configuration for your cache behavior.", + "title": "GrpcConfig" + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" + }, + "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", + "title": "LambdaFunctionAssociations", + "type": "array" + }, + "MaxTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "MaxTTL", + "type": "number" + }, + "MinTTL": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThis field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", + "title": "MinTTL", + "type": "number" + }, + "OriginRequestPolicyId": { + "markdownDescription": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginRequestPolicyId", + "type": "string" + }, + "RealtimeLogConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "RealtimeLogConfigArn", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "markdownDescription": "The identifier for a response headers policy.", + "title": "ResponseHeadersPolicyId", + "type": "string" + }, + "SmoothStreaming": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nIndicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", + "title": "SmoothStreaming", + "type": "boolean" + }, + "TargetOriginId": { + "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they use the default cache behavior.", + "title": "TargetOriginId", + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedKeyGroups", + "type": "array" + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . > This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners", + "type": "array" + }, + "ViewerProtocolPolicy": { + "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", + "title": "ViewerProtocolPolicy", "type": "string" } }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], "type": "object" }, - "AWS::Cognito::UserPool.RecoveryOption": { + "AWS::CloudFront::Distribution.Definition": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The recovery method that this object sets a recovery option for.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "Your priority preference for using the specified attribute in account recovery. The highest priority is `1` .", - "title": "Priority", - "type": "number" + "StringSchema": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.StringSchema", + "markdownDescription": "", + "title": "StringSchema" } }, "type": "object" }, - "AWS::Cognito::UserPool.SchemaAttribute": { + "AWS::CloudFront::Distribution.DistributionConfig": { "additionalProperties": false, "properties": { - "AttributeDataType": { - "markdownDescription": "The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `\"custom:isMember\" : \"true\"` or `\"custom:YearsAsMember\" : \"12\"` .", - "title": "AttributeDataType", + "Aliases": { + "items": { + "type": "string" + }, + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", + "title": "Aliases", + "type": "array" + }, + "AnycastIpListId": { + "markdownDescription": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nID of the Anycast static IP list that is associated with the distribution.", + "title": "AnycastIpListId", "type": "string" }, - "DeveloperOnlyAttribute": { - "markdownDescription": "> You should use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . \n\nSpecifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access token. For example, `DeveloperOnlyAttribute` can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.", - "title": "DeveloperOnlyAttribute", + "CNAMEs": { + "items": { + "type": "string" + }, + "markdownDescription": "An alias for the CloudFront distribution's domain name.\n\n> This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead.", + "title": "CNAMEs", + "type": "array" + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CacheBehavior" + }, + "markdownDescription": "A complex type that contains zero or more `CacheBehavior` elements.", + "title": "CacheBehaviors", + "type": "array" + }, + "Comment": { + "markdownDescription": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "ConnectionMode": { + "markdownDescription": "This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants (tenant-only).", + "title": "ConnectionMode", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", + "title": "ContinuousDeploymentPolicyId", + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomErrorResponse" + }, + "markdownDescription": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", + "title": "CustomErrorResponses", + "type": "array" + }, + "CustomOrigin": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyCustomOrigin", + "markdownDescription": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", + "title": "CustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.DefaultCacheBehavior", + "markdownDescription": "A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.", + "title": "DefaultCacheBehavior" + }, + "DefaultRootObject": { + "markdownDescription": "When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. For example, if your root URL is `https://www.example.com` , you can specify CloudFront to return the `index.html` file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, `https://www.example.com/product-description.html` ). A default root object avoids exposing the contents of your distribution.\n\nYou can specify the object name or a path to the object name (for example, `index.html` or `exampleFolderName/index.html` ). Your string can't begin with a forward slash ( `/` ). Only specify the object name or the path to the object.\n\nIf you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element.\n\nTo delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element.\n\nTo replace the default root object, update the distribution configuration and specify the new object.\n\nFor more information about the default root object, see [Specify a default root object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide* .", + "title": "DefaultRootObject", + "type": "string" + }, + "Enabled": { + "markdownDescription": "From this field, you can enable or disable the selected distribution.", + "title": "Enabled", "type": "boolean" }, - "Mutable": { - "markdownDescription": "Specifies whether the value of the attribute can be changed.\n\nAny user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", - "title": "Mutable", + "HttpVersion": { + "markdownDescription": "(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . The default value for new distributions is `http1.1` .\n\nFor viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n\nFor viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) .", + "title": "HttpVersion", + "type": "string" + }, + "IPV6Enabled": { + "markdownDescription": "> To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html) . \n\nIf you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", + "title": "IPV6Enabled", "type": "boolean" }, - "Name": { - "markdownDescription": "The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes..", - "title": "Name", + "Logging": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Logging", + "markdownDescription": "A complex type that controls whether access logs are written for the distribution.\n\nFor more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroups", + "markdownDescription": "A complex type that contains information about origin groups for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", + "title": "OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Origin" + }, + "markdownDescription": "A complex type that contains information about origins for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", + "title": "Origins", + "type": "array" + }, + "PriceClass": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nThe price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", + "title": "PriceClass", "type": "string" }, - "NumberAttributeConstraints": { - "$ref": "#/definitions/AWS::Cognito::UserPool.NumberAttributeConstraints", - "markdownDescription": "Specifies the constraints for an attribute of the number type.", - "title": "NumberAttributeConstraints" + "Restrictions": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Restrictions", + "markdownDescription": "A complex type that identifies ways in which you want to restrict distribution of your content.", + "title": "Restrictions" }, - "Required": { - "markdownDescription": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.", - "title": "Required", + "S3Origin": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyS3Origin", + "markdownDescription": "The origin as an Amazon S3 bucket.\n\n> This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead.", + "title": "S3Origin" + }, + "Staging": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", + "title": "Staging", "type": "boolean" }, - "StringAttributeConstraints": { - "$ref": "#/definitions/AWS::Cognito::UserPool.StringAttributeConstraints", - "markdownDescription": "Specifies the constraints for an attribute of the string type.", - "title": "StringAttributeConstraints" + "TenantConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.TenantConfig", + "markdownDescription": "> This field only supports multi-tenant distributions. You can't specify this field for standard distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . \n\nA distribution tenant configuration.", + "title": "TenantConfig" + }, + "ViewerCertificate": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ViewerCertificate", + "markdownDescription": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.", + "title": "ViewerCertificate" + }, + "WebACLId": { + "markdownDescription": "> Multi-tenant distributions only support AWS WAF V2 web ACLs. \n\nA unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) .", + "title": "WebACLId", + "type": "string" } }, + "required": [ + "DefaultCacheBehavior", + "Enabled" + ], "type": "object" }, - "AWS::Cognito::UserPool.SmsConfiguration": { + "AWS::CloudFront::Distribution.ForwardedValues": { "additionalProperties": false, "properties": { - "ExternalId": { - "markdownDescription": "The external ID provides additional security for your IAM role. You can use an `ExternalId` with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the `ExternalID` . If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the `ExternalId` .\n\nFor more information about the `ExternalId` of a role, see [How to use an external ID when granting access to your AWS resources to a third party](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) .", - "title": "ExternalId", - "type": "string" + "Cookies": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Cookies", + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Cookies" }, - "SnsCallerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) .", - "title": "SnsCallerArn", - "type": "string" + "Headers": { + "items": { + "type": "string" + }, + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies the `Headers` , if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.\n\nFor more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide* .", + "title": "Headers", + "type": "array" }, - "SnsRegion": { - "markdownDescription": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* .\n\nAmazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", - "title": "SnsRegion", - "type": "string" + "QueryString": { + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nIndicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of `QueryString` and on the values that you specify for `QueryStringCacheKeys` , if any:\n\nIf you specify true for `QueryString` and you don't specify any values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.\n\nIf you specify true for `QueryString` and you specify one or more values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.\n\nIf you specify false for `QueryString` , CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.\n\nFor more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide* .", + "title": "QueryString", + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.", + "title": "QueryStringCacheKeys", + "type": "array" } }, + "required": [ + "QueryString" + ], "type": "object" }, - "AWS::Cognito::UserPool.StringAttributeConstraints": { + "AWS::CloudFront::Distribution.FunctionAssociation": { "additionalProperties": false, "properties": { - "MaxLength": { - "markdownDescription": "The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", - "title": "MaxLength", + "EventType": { + "markdownDescription": "The event type of the function, either `viewer-request` or `viewer-response` . You cannot use origin-facing event types ( `origin-request` and `origin-response` ) with a CloudFront function.", + "title": "EventType", "type": "string" }, - "MinLength": { - "markdownDescription": "The minimum length of a string attribute value.", - "title": "MinLength", + "FunctionARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function.", + "title": "FunctionARN", "type": "string" } }, "type": "object" }, - "AWS::Cognito::UserPool.UserAttributeUpdateSettings": { + "AWS::CloudFront::Distribution.GeoRestriction": { "additionalProperties": false, "properties": { - "AttributesRequireVerificationBeforeUpdate": { + "Locations": { "items": { "type": "string" }, - "markdownDescription": "Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn\u2019t change the value of the attribute until your user responds to the verification message and confirms the new value.\n\nWhen `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user\u2019s `email` or `phone_number` attribute.", - "title": "AttributesRequireVerificationBeforeUpdate", + "markdownDescription": "A complex type that contains a `Location` element for each country in which you want CloudFront either to distribute your content ( `whitelist` ) or not distribute your content ( `blacklist` ).\n\nThe `Location` element is a two-letter, uppercase country code for a country that you want to include in your `blacklist` or `whitelist` . Include one `Location` element for each country.\n\nCloudFront and `MaxMind` both use `ISO 3166` country codes. For the current list of countries and the corresponding codes, see `ISO 3166-1-alpha-2` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.", + "title": "Locations", "type": "array" + }, + "RestrictionType": { + "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geo restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", + "title": "RestrictionType", + "type": "string" } }, "required": [ - "AttributesRequireVerificationBeforeUpdate" + "RestrictionType" ], "type": "object" }, - "AWS::Cognito::UserPool.UserPoolAddOns": { + "AWS::CloudFront::Distribution.GrpcConfig": { "additionalProperties": false, "properties": { - "AdvancedSecurityMode": { - "markdownDescription": "The operating mode of threat protection for standard authentication types in your user pool, including username-password and secure remote password (SRP) authentication.", - "title": "AdvancedSecurityMode", - "type": "string" + "Enabled": { + "markdownDescription": "Enables your CloudFront distribution to receive gRPC requests and to proxy them directly to your origins.", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::Cognito::UserPool.UsernameConfiguration": { + "AWS::CloudFront::Distribution.LambdaFunctionAssociation": { "additionalProperties": false, "properties": { - "CaseSensitive": { - "markdownDescription": "Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.\n\nValid values include:\n\n- **true** - Enables case sensitivity for all username input. When this option is set to `true` , users must sign in using the exact capitalization of their given username, such as \u201cUserName\u201d. This is the default value.\n- **false** - Enables case insensitivity for all username input. For example, when this option is set to `false` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute.", - "title": "CaseSensitive", + "EventType": { + "markdownDescription": "Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values:\n\n- `viewer-request` : The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache.\n- `origin-request` : The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute.\n- `origin-response` : The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.\n- `viewer-response` : The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.\n\nIf the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.", + "title": "EventType", + "type": "string" + }, + "IncludeBody": { + "markdownDescription": "A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide.", + "title": "IncludeBody", "type": "boolean" + }, + "LambdaFunctionARN": { + "markdownDescription": "The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST.", + "title": "LambdaFunctionARN", + "type": "string" } }, "type": "object" }, - "AWS::Cognito::UserPool.VerificationMessageTemplate": { + "AWS::CloudFront::Distribution.LegacyCustomOrigin": { "additionalProperties": false, "properties": { - "DefaultEmailOption": { - "markdownDescription": "The configuration of verification emails to contain a clickable link or a verification code.\n\nFor link, your template body must contain link text in the format `{##Click here##}` . \"Click here\" in the example is a customizable string. For code, your template body must contain a code placeholder in the format `{####}` .", - "title": "DefaultEmailOption", - "type": "string" - }, - "EmailMessage": { - "markdownDescription": "The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailMessage", + "DNSName": { + "markdownDescription": "The domain name assigned to your CloudFront distribution.", + "title": "DNSName", "type": "string" }, - "EmailMessageByLink": { - "markdownDescription": "The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailMessageByLink", - "type": "string" + "HTTPPort": { + "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", + "title": "HTTPPort", + "type": "number" }, - "EmailSubject": { - "markdownDescription": "The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailSubject", - "type": "string" + "HTTPSPort": { + "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", + "title": "HTTPSPort", + "type": "number" }, - "EmailSubjectByLink": { - "markdownDescription": "The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", - "title": "EmailSubjectByLink", + "OriginProtocolPolicy": { + "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin.", + "title": "OriginProtocolPolicy", "type": "string" }, - "SmsMessage": { - "markdownDescription": "The template for SMS messages that Amazon Cognito sends to your users.", - "title": "SmsMessage", - "type": "string" + "OriginSSLProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The minimum SSL/TLS protocol version that CloudFront uses when communicating with your origin server over HTTPs.\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", + "type": "array" } }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], "type": "object" }, - "AWS::Cognito::UserPoolClient": { + "AWS::CloudFront::Distribution.LegacyS3Origin": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessTokenValidity": { - "markdownDescription": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with\ntheir access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your access\ntokens are valid for one hour.", - "title": "AccessTokenValidity", - "type": "number" - }, - "AllowedOAuthFlows": { - "items": { - "type": "string" - }, - "markdownDescription": "The OAuth grant types that you want your app client to generate for clients in managed login authentication. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token, and the ID token when scopes like `openid` and `profile` are requested, directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user, authorized by a combination of the client ID and client secret.", - "title": "AllowedOAuthFlows", - "type": "array" - }, - "AllowedOAuthFlowsUserPoolClient": { - "markdownDescription": "Set to `true` to use OAuth 2.0 authorization server features in your app client.\n\nThis parameter must have a value of `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use authorization server features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` . When `false` , only SDK-based API sign-in is permitted.", - "title": "AllowedOAuthFlowsUserPoolClient", - "type": "boolean" - }, - "AllowedOAuthScopes": { - "items": { - "type": "string" - }, - "markdownDescription": "The OAuth, OpenID Connect (OIDC), and custom scopes that you want to permit your app client to authorize access with. Scopes govern access control to user pool self-service API operations, user data from the `userInfo` endpoint, and third-party APIs. Scope values include `phone` , `email` , `openid` , and `profile` . The `aws.cognito.signin.user.admin` scope authorizes user self-service operations. Custom scopes with resource servers authorize access to external APIs.", - "title": "AllowedOAuthScopes", - "type": "array" - }, - "AnalyticsConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolClient.AnalyticsConfiguration", - "markdownDescription": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\nIn AWS Regions where Amazon Pinpoint isn't available, user pools might not have access to analytics or might be configurable with campaigns in the US East (N. Virginia) Region. For more information, see [Using Amazon Pinpoint analytics](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html) .", - "title": "AnalyticsConfiguration" - }, - "AuthSessionValidity": { - "markdownDescription": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.", - "title": "AuthSessionValidity", - "type": "number" - }, - "CallbackURLs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed redirect, or callback, URLs for managed login authentication. These URLs are the paths where you want to send your users' browsers after they complete authentication with managed login or a third-party IdP. Typically, callback URLs are the home of an application that uses OAuth or OIDC libraries to process authentication outcomes.\n\nA redirect URI must meet the following requirements:\n\n- Be an absolute URI.\n- Be registered with the authorization server. Amazon Cognito doesn't accept authorization requests with `redirect_uri` values that aren't in the list of `CallbackURLs` that you provide in this parameter.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported.", - "title": "CallbackURLs", - "type": "array" - }, - "ClientName": { - "markdownDescription": "A friendly name for the app client that you want to create.", - "title": "ClientName", - "type": "string" - }, - "DefaultRedirectURI": { - "markdownDescription": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.", - "title": "DefaultRedirectURI", - "type": "string" - }, - "EnablePropagateAdditionalUserContextData": { - "markdownDescription": "When `true` , your application can include additional `UserContextData` in authentication requests. This data includes the IP address, and contributes to analysis by threat protection features. For more information about propagation of user context data, see [Adding session data to API requests](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint) . If you don\u2019t include this parameter, you can't send the source IP address to Amazon Cognito threat protection features. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret.", - "title": "EnablePropagateAdditionalUserContextData", - "type": "boolean" - }, - "EnableTokenRevocation": { - "markdownDescription": "Activates or deactivates token revocation.\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.", - "title": "EnableTokenRevocation", - "type": "boolean" - }, - "ExplicitAuthFlows": { - "items": { - "type": "string" - }, - "markdownDescription": "The [authentication flows](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html) that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n> If you don't specify a value for `ExplicitAuthFlows` , your app client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nThe values for authentication flow options include the following.\n\n- `ALLOW_USER_AUTH` : Enable selection-based sign-in with `USER_AUTH` . This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other `ExplicitAuthFlows` permitting them. For example users can complete an SRP challenge through `USER_AUTH` without the flow `USER_SRP_AUTH` being active for the app client. This flow doesn't include `CUSTOM_AUTH` .\n\nTo activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` .", - "title": "ExplicitAuthFlows", - "type": "array" - }, - "GenerateSecret": { - "markdownDescription": "When `true` , generates a client secret for the app client. Client secrets are used with server-side and machine-to-machine applications. Client secrets are automatically generated; you can't specify a secret value. For more information, see [App client types](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#user-pool-settings-client-app-client-types) .", - "title": "GenerateSecret", - "type": "boolean" - }, - "IdTokenValidity": { - "markdownDescription": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your ID\ntokens are valid for one hour.", - "title": "IdTokenValidity", - "type": "number" - }, - "LogoutURLs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed logout URLs for managed login authentication. When you pass `logout_uri` and `client_id` parameters to `/logout` , Amazon Cognito signs out your user and redirects them to the logout URL. This parameter describes the URLs that you want to be the permitted targets of `logout_uri` . A typical use of these URLs is when a user selects \"Sign out\" and you redirect them to your public homepage. For more information, see [Logout endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html) .", - "title": "LogoutURLs", - "type": "array" - }, - "PreventUserExistenceErrors": { - "markdownDescription": "Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to `ENABLED` and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs return a `UserNotFoundException` exception if the user doesn't exist in the user pool.\n\nValid values include:\n\n- `ENABLED` - This prevents user existence-related errors.\n- `LEGACY` - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.\n\nDefaults to `LEGACY` when you don't provide a value.", - "title": "PreventUserExistenceErrors", - "type": "string" - }, - "ReadAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of user attributes that you want your app client to have read access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool app client has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes.", - "title": "ReadAttributes", - "type": "array" - }, - "RefreshTokenValidity": { - "markdownDescription": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session\nand retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your refresh\ntokens are valid for 30 days.", - "title": "RefreshTokenValidity", - "type": "number" - }, - "SupportedIdentityProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` .\n\nThis parameter sets the IdPs that [managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) will display on the login page for your app client. The removal of `COGNITO` from this list doesn't prevent authentication operations for local users with the user pools API in an AWS SDK. The only way to prevent SDK-based authentication is to block access with a [AWS WAF rule](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html) .", - "title": "SupportedIdentityProviders", - "type": "array" - }, - "TokenValidityUnits": { - "$ref": "#/definitions/AWS::Cognito::UserPoolClient.TokenValidityUnits", - "markdownDescription": "The units that validity times are represented in. The default unit for refresh tokens is days, and the default for ID and access tokens are hours.", - "title": "TokenValidityUnits" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create an app client.", - "title": "UserPoolId", - "type": "string" - }, - "WriteAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", - "title": "WriteAttributes", - "type": "array" - } - }, - "required": [ - "UserPoolId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cognito::UserPoolClient" - ], + "DNSName": { + "markdownDescription": "The domain name assigned to your CloudFront distribution.", + "title": "DNSName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OriginAccessIdentity": { + "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 through CloudFront .\n\n> This property is legacy. We recommend that you use [OriginAccessControl](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html) instead.", + "title": "OriginAccessIdentity", "type": "string" } }, "required": [ - "Type", - "Properties" + "DNSName" ], "type": "object" }, - "AWS::Cognito::UserPoolClient.AnalyticsConfiguration": { + "AWS::CloudFront::Distribution.Logging": { "additionalProperties": false, "properties": { - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project that you want to connect to your user pool app client. Amazon Cognito publishes events to the Amazon Pinpoint project that `ApplicationArn` declares. You can also configure your application to pass an endpoint ID in the `AnalyticsMetadata` parameter of sign-in operations. The endpoint ID is information about the destination for push notifications", - "title": "ApplicationArn", + "Bucket": { + "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", + "title": "Bucket", "type": "string" }, - "ApplicationId": { - "markdownDescription": "Your Amazon Pinpoint project ID.", - "title": "ApplicationId", - "type": "string" + "IncludeCookies": { + "markdownDescription": "Specifies whether you want CloudFront to include cookies in access logs, specify `true` for `IncludeCookies` . If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify `false` for `IncludeCookies` .", + "title": "IncludeCookies", + "type": "boolean" }, - "ExternalId": { - "markdownDescription": "The [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) of the role that Amazon Cognito assumes to send analytics data to Amazon Pinpoint.", - "title": "ExternalId", + "Prefix": { + "markdownDescription": "An optional string that you want CloudFront to prefix to the access log `filenames` for this distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", + "title": "Prefix", "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.Origin": { + "additionalProperties": false, + "properties": { + "ConnectionAttempts": { + "markdownDescription": "The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3.\n\nFor a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) .\n\nFor more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide* .", + "title": "ConnectionAttempts", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The ARN of an AWS Identity and Access Management role that has the permissions required for Amazon Cognito to publish events to Amazon Pinpoint analytics.", - "title": "RoleArn", + "ConnectionTimeout": { + "markdownDescription": "The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds.\n\nFor more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide* .", + "title": "ConnectionTimeout", + "type": "number" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomOriginConfig", + "markdownDescription": "Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the `S3OriginConfig` type instead.", + "title": "CustomOriginConfig" + }, + "DomainName": { + "markdownDescription": "The domain name for the origin.\n\nFor more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide* .", + "title": "DomainName", "type": "string" }, - "UserDataShared": { - "markdownDescription": "If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics.", - "title": "UserDataShared", + "Id": { + "markdownDescription": "A unique identifier for the origin. This value must be unique within the distribution.\n\nUse this value to specify the `TargetOriginId` in a `CacheBehavior` or `DefaultCacheBehavior` .", + "title": "Id", + "type": "string" + }, + "OriginAccessControlId": { + "markdownDescription": "The unique identifier of an origin access control for this origin.\n\nFor more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessControlId", + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginCustomHeader" + }, + "markdownDescription": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n\nFor more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginCustomHeaders", + "type": "array" + }, + "OriginPath": { + "markdownDescription": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n\nFor more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginPath", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginShield", + "markdownDescription": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n\nFor more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginShield" + }, + "ResponseCompletionTimeout": { + "markdownDescription": "", + "title": "ResponseCompletionTimeout", + "type": "number" + }, + "S3OriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.S3OriginConfig", + "markdownDescription": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the `CustomOriginConfig` type instead.", + "title": "S3OriginConfig" + }, + "VpcOriginConfig": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.VpcOriginConfig", + "markdownDescription": "The VPC origin configuration.", + "title": "VpcOriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "markdownDescription": "The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", + "title": "HeaderName", + "type": "string" + }, + "HeaderValue": { + "markdownDescription": "The value for the header that you specified in the `HeaderName` field.", + "title": "HeaderValue", + "type": "string" + } + }, + "required": [ + "HeaderName", + "HeaderValue" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupFailoverCriteria", + "markdownDescription": "A complex type that contains information about the failover criteria for an origin group.", + "title": "FailoverCriteria" + }, + "Id": { + "markdownDescription": "The origin group's ID.", + "title": "Id", + "type": "string" + }, + "Members": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMembers", + "markdownDescription": "A complex type that contains information about the origins in an origin group.", + "title": "Members" + }, + "SelectionCriteria": { + "markdownDescription": "The selection criteria for the origin group. For more information, see [Create an origin group](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html#concept_origin_groups.creating) in the *Amazon CloudFront Developer Guide* .", + "title": "SelectionCriteria", + "type": "string" + } + }, + "required": [ + "FailoverCriteria", + "Id", + "Members" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.StatusCodes", + "markdownDescription": "The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin.", + "title": "StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "markdownDescription": "The ID for an origin in an origin group.", + "title": "OriginId", + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMember" + }, + "markdownDescription": "Items (origins) in an origin group.", + "title": "Items", + "type": "array" + }, + "Quantity": { + "markdownDescription": "The number of origins in an origin group.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Items", + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroup" + }, + "markdownDescription": "The items (origin groups) in a distribution.", + "title": "Items", + "type": "array" + }, + "Quantity": { + "markdownDescription": "The number of origin groups.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A flag that specifies whether Origin Shield is enabled.\n\nWhen it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches.", + "title": "Enabled", "type": "boolean" + }, + "OriginShieldRegion": { + "markdownDescription": "The AWS Region for Origin Shield.\n\nSpecify the AWS Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2` .\n\nWhen you enable CloudFront Origin Shield, you must specify the AWS Region for Origin Shield. For the list of AWS Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the AWS Region for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginShieldRegion", + "type": "string" } }, "type": "object" }, - "AWS::Cognito::UserPoolClient.TokenValidityUnits": { + "AWS::CloudFront::Distribution.ParameterDefinition": { "additionalProperties": false, "properties": { - "AccessToken": { - "markdownDescription": "A time unit for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is `hours` . `AccessTokenValidity` duration can range from five minutes to one day.", - "title": "AccessToken", + "Definition": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.Definition", + "markdownDescription": "The value that you assigned to the parameter.", + "title": "Definition" + }, + "Name": { + "markdownDescription": "The name of the parameter.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Definition", + "Name" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.GeoRestriction", + "markdownDescription": "A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using `MaxMind` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template.", + "title": "GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "markdownDescription": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessIdentity", "type": "string" }, - "IdToken": { - "markdownDescription": "A time unit for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is `hours` . `IdTokenValidity` duration can range from five minutes to one day.", - "title": "IdToken", + "OriginReadTimeout": { + "markdownDescription": "", + "title": "OriginReadTimeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "number" + }, + "markdownDescription": "The items (status codes) for an origin group.", + "title": "Items", + "type": "array" + }, + "Quantity": { + "markdownDescription": "The number of status codes.", + "title": "Quantity", + "type": "number" + } + }, + "required": [ + "Items", + "Quantity" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.StringSchema": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "", + "title": "Comment", "type": "string" }, - "RefreshToken": { - "markdownDescription": "A time unit for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is `days` . `RefreshTokenValidity` duration can range from 60 minutes to 10 years.", - "title": "RefreshToken", + "DefaultValue": { + "markdownDescription": "", + "title": "DefaultValue", "type": "string" + }, + "Required": { + "markdownDescription": "", + "title": "Required", + "type": "boolean" + } + }, + "required": [ + "Required" + ], + "type": "object" + }, + "AWS::CloudFront::Distribution.TenantConfig": { + "additionalProperties": false, + "properties": { + "ParameterDefinitions": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Distribution.ParameterDefinition" + }, + "markdownDescription": "The parameters that you specify for a distribution tenant.", + "title": "ParameterDefinitions", + "type": "array" } }, "type": "object" }, - "AWS::Cognito::UserPoolDomain": { + "AWS::CloudFront::Distribution.ViewerCertificate": { + "additionalProperties": false, + "properties": { + "AcmCertificateArn": { + "markdownDescription": "> In CloudFormation, this field name is `AcmCertificateArn` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate Manager (ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) , provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region ( `us-east-1` ).\n\nIf you specify an ACM certificate ARN, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", + "title": "AcmCertificateArn", + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "markdownDescription": "If the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , set this field to `true` .\n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n\n- `AcmCertificateArn` or `IamCertificateId` (specify a value for one, not both)\n- `MinimumProtocolVersion`\n- `SslSupportMethod`", + "title": "CloudFrontDefaultCertificate", + "type": "boolean" + }, + "IamCertificateId": { + "markdownDescription": "> This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide* . > In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", + "title": "IamCertificateId", + "type": "string" + }, + "MinimumProtocolVersion": { + "markdownDescription": "If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n\n- The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n- The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n\nFor more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide* .\n\n> On the CloudFront console, this setting is called *Security Policy* . \n\nWhen you're using SNI only (you set `SSLSupportMethod` to `sni-only` ), you must specify `TLSv1` or higher. (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` (you set `CloudFrontDefaultCertificate` to `true` ), CloudFront automatically sets the security policy to `TLSv1` regardless of the value that you set here.", + "title": "MinimumProtocolVersion", + "type": "string" + }, + "SslSupportMethod": { + "markdownDescription": "> In CloudFormation, this field name is `SslSupportMethod` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n\n- `sni-only` \u2013 The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) . This is recommended. Most browsers and clients support SNI.\n- `vip` \u2013 The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n- `static-ip` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Support Center](https://docs.aws.amazon.com/support/home) .\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , don't set a value for this field.", + "title": "SslSupportMethod", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Distribution.VpcOriginConfig": { + "additionalProperties": false, + "properties": { + "OriginKeepaliveTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginKeepaliveTimeout", + "type": "number" + }, + "OriginReadTimeout": { + "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Response timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginReadTimeout", + "type": "number" + }, + "VpcOriginId": { + "markdownDescription": "The VPC origin ID.", + "title": "VpcOriginId", + "type": "string" + } + }, + "required": [ + "VpcOriginId" + ], + "type": "object" + }, + "AWS::CloudFront::DistributionTenant": { "additionalProperties": false, "properties": { "Condition": { @@ -46603,31 +50535,71 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomDomainConfig": { - "$ref": "#/definitions/AWS::Cognito::UserPoolDomain.CustomDomainConfigType", - "markdownDescription": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.\n\nWhen you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain.", - "title": "CustomDomainConfig" + "ConnectionGroupId": { + "markdownDescription": "The ID of the connection group for the distribution tenant. If you don't specify a connection group, CloudFront uses the default connection group.", + "title": "ConnectionGroupId", + "type": "string" }, - "Domain": { - "markdownDescription": "The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` .", - "title": "Domain", + "Customizations": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Customizations", + "markdownDescription": "Customizations for the distribution tenant. For each distribution tenant, you can specify the geographic restrictions, and the Amazon Resource Names (ARNs) for the ACM certificate and AWS WAF web ACL. These are specific values that you can override or disable from the multi-tenant distribution that was used to create the distribution tenant.", + "title": "Customizations" + }, + "DistributionId": { + "markdownDescription": "The ID of the multi-tenant distribution.", + "title": "DistributionId", "type": "string" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that is associated with the domain you're updating.", - "title": "UserPoolId", + "Domains": { + "items": { + "type": "string" + }, + "markdownDescription": "The domains associated with the distribution tenant.", + "title": "Domains", + "type": "array" + }, + "Enabled": { + "markdownDescription": "Indicates whether the distribution tenant is in an enabled state. If disabled, the distribution tenant won't serve traffic.", + "title": "Enabled", + "type": "boolean" + }, + "ManagedCertificateRequest": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.ManagedCertificateRequest", + "markdownDescription": "An object that represents the request for the Amazon CloudFront managed ACM certificate.", + "title": "ManagedCertificateRequest" + }, + "Name": { + "markdownDescription": "The name of the distribution tenant.", + "title": "Name", "type": "string" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Parameter" + }, + "markdownDescription": "A list of parameter values to add to the resource. A parameter is specified as a key-value pair. A valid parameter value must exist for any parameter that is marked as required in the multi-tenant distribution.", + "title": "Parameters", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", + "type": "array" } }, "required": [ - "Domain", - "UserPoolId" + "DistributionId", + "Domains", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolDomain" + "AWS::CloudFront::DistributionTenant" ], "type": "string" }, @@ -46646,18 +50618,127 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolDomain.CustomDomainConfigType": { + "AWS::CloudFront::DistributionTenant.Certificate": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.", - "title": "CertificateArn", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the ACM certificate.", + "title": "Arn", "type": "string" } }, "type": "object" }, - "AWS::Cognito::UserPoolGroup": { + "AWS::CloudFront::DistributionTenant.Customizations": { + "additionalProperties": false, + "properties": { + "Certificate": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.Certificate", + "markdownDescription": "The AWS Certificate Manager (ACM) certificate.", + "title": "Certificate" + }, + "GeoRestrictions": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.GeoRestrictionCustomization", + "markdownDescription": "The geographic restrictions.", + "title": "GeoRestrictions" + }, + "WebAcl": { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant.WebAclCustomization", + "markdownDescription": "The AWS WAF web ACL.", + "title": "WebAcl" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.DomainResult": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The specified domain.", + "title": "Domain", + "type": "string" + }, + "Status": { + "markdownDescription": "Whether the domain is active or inactive.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.GeoRestrictionCustomization": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "type": "string" + }, + "markdownDescription": "The locations for geographic restrictions.", + "title": "Locations", + "type": "array" + }, + "RestrictionType": { + "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geographic restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", + "title": "RestrictionType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.ManagedCertificateRequest": { + "additionalProperties": false, + "properties": { + "CertificateTransparencyLoggingPreference": { + "markdownDescription": "You can opt out of certificate transparency logging by specifying the `disabled` option. Opt in by specifying `enabled` . For more information, see [Certificate Transparency Logging](https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateTransparencyLoggingPreference", + "type": "string" + }, + "PrimaryDomainName": { + "markdownDescription": "The primary domain name associated with the CloudFront managed ACM certificate.", + "title": "PrimaryDomainName", + "type": "string" + }, + "ValidationTokenHost": { + "markdownDescription": "Specify how the HTTP validation token will be served when requesting the CloudFront managed ACM certificate.\n\n- For `cloudfront` , CloudFront will automatically serve the validation token. Choose this mode if you can point the domain's DNS to CloudFront immediately.\n- For `self-hosted` , you serve the validation token from your existing infrastructure. Choose this mode when you need to maintain current traffic flow while your certificate is being issued. You can place the validation token at the well-known path on your existing web server, wait for ACM to validate and issue the certificate, and then update your DNS to point to CloudFront.", + "title": "ValidationTokenHost", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.Parameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The parameter name.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The parameter value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::DistributionTenant.WebAclCustomization": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action for the AWS WAF web ACL customization. You can specify `override` to specify a separate AWS WAF web ACL for the distribution tenant. If you specify `disable` , the distribution tenant won't have AWS WAF web ACL protections and won't inherit from the multi-tenant distribution.", + "title": "Action", + "type": "string" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS WAF web ACL.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Function": { "additionalProperties": false, "properties": { "Condition": { @@ -46692,40 +50773,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the group that you're creating.", - "title": "Description", - "type": "string" + "AutoPublish": { + "markdownDescription": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it\u2019s created. To automatically publish to the `LIVE` stage, set this property to `true` .", + "title": "AutoPublish", + "type": "boolean" }, - "GroupName": { - "markdownDescription": "A name for the group. This name must be unique in your user pool.", - "title": "GroupName", + "FunctionCode": { + "markdownDescription": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .", + "title": "FunctionCode", "type": "string" }, - "Precedence": { - "markdownDescription": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` .", - "title": "Precedence", - "type": "number" + "FunctionConfig": { + "$ref": "#/definitions/AWS::CloudFront::Function.FunctionConfig", + "markdownDescription": "Contains configuration information about a CloudFront function.", + "title": "FunctionConfig" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a `cognito:preferred_role` claim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain a `cognito:groups` claim that list all the groups that a user is a member of.", - "title": "RoleArn", - "type": "string" + "FunctionMetadata": { + "$ref": "#/definitions/AWS::CloudFront::Function.FunctionMetadata", + "markdownDescription": "Contains metadata about a CloudFront function.", + "title": "FunctionMetadata" }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a user group.", - "title": "UserPoolId", + "Name": { + "markdownDescription": "A name to identify the function.", + "title": "Name", "type": "string" } }, "required": [ - "UserPoolId" + "FunctionCode", + "FunctionConfig", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolGroup" + "AWS::CloudFront::Function" ], "type": "string" }, @@ -46744,7 +50827,60 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolIdentityProvider": { + "AWS::CloudFront::Function.FunctionConfig": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "A comment to describe the function.", + "title": "Comment", + "type": "string" + }, + "KeyValueStoreAssociations": { + "items": { + "$ref": "#/definitions/AWS::CloudFront::Function.KeyValueStoreAssociation" + }, + "markdownDescription": "The configuration for the key value store associations.", + "title": "KeyValueStoreAssociations", + "type": "array" + }, + "Runtime": { + "markdownDescription": "The function's runtime environment version.", + "title": "Runtime", + "type": "string" + } + }, + "required": [ + "Comment", + "Runtime" + ], + "type": "object" + }, + "AWS::CloudFront::Function.FunctionMetadata": { + "additionalProperties": false, + "properties": { + "FunctionARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function.", + "title": "FunctionARN", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudFront::Function.KeyValueStoreAssociation": { + "additionalProperties": false, + "properties": { + "KeyValueStoreARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the key value store association.", + "title": "KeyValueStoreARN", + "type": "string" + } + }, + "required": [ + "KeyValueStoreARN" + ], + "type": "object" + }, + "AWS::CloudFront::KeyGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -46779,50 +50915,20 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeMapping": { - "markdownDescription": "A mapping of IdP attributes to standard and custom user pool attributes. Specify a user pool attribute as the key of the key-value pair, and the IdP attribute claim name as the value.", - "title": "AttributeMapping", - "type": "object" - }, - "IdpIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of IdP identifiers, for example `\"IdPIdentifiers\": [ \"MyIdP\", \"MyIdP2\" ]` . Identifiers are friendly names that you can pass in the `idp_identifier` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP. Identifiers in a domain format also enable the use of [email-address matching with SAML providers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managing-saml-idp-naming.html) .", - "title": "IdpIdentifiers", - "type": "array" - }, - "ProviderDetails": { - "markdownDescription": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`", - "title": "ProviderDetails", - "type": "object" - }, - "ProviderName": { - "markdownDescription": "The name that you want to assign to the IdP. You can pass the identity provider name in the `identity_provider` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP.", - "title": "ProviderName", - "type": "string" - }, - "ProviderType": { - "markdownDescription": "The type of IdP that you want to add. Amazon Cognito supports OIDC, SAML 2.0, Login With Amazon, Sign In With Apple, Google, and Facebook IdPs.", - "title": "ProviderType", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The Id of the user pool where you want to create an IdP.", - "title": "UserPoolId", - "type": "string" + "KeyGroupConfig": { + "$ref": "#/definitions/AWS::CloudFront::KeyGroup.KeyGroupConfig", + "markdownDescription": "The key group configuration.", + "title": "KeyGroupConfig" } }, "required": [ - "ProviderName", - "ProviderType", - "UserPoolId" + "KeyGroupConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolIdentityProvider" + "AWS::CloudFront::KeyGroup" ], "type": "string" }, @@ -46841,7 +50947,35 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolResourceServer": { + "AWS::CloudFront::KeyGroup.KeyGroupConfig": { + "additionalProperties": false, + "properties": { + "Comment": { + "markdownDescription": "A comment to describe the key group. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the identifiers of the public keys in the key group.", + "title": "Items", + "type": "array" + }, + "Name": { + "markdownDescription": "A name to identify the key group.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Items", + "Name" + ], + "type": "object" + }, + "AWS::CloudFront::KeyValueStore": { "additionalProperties": false, "properties": { "Condition": { @@ -46876,40 +51010,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Identifier": { - "markdownDescription": "A unique resource server identifier for the resource server. The identifier can be an API friendly name like `solar-system-data` . You can also set an API URL like `https://solar-system-data-api.example.com` as your identifier.\n\nAmazon Cognito represents scopes in the access token in the format `$resource-server-identifier/$scope` . Longer scope-identifier strings increase the size of your access tokens.", - "title": "Identifier", + "Comment": { + "markdownDescription": "A comment for the key value store.", + "title": "Comment", "type": "string" }, + "ImportSource": { + "$ref": "#/definitions/AWS::CloudFront::KeyValueStore.ImportSource", + "markdownDescription": "The import source for the key value store.", + "title": "ImportSource" + }, "Name": { - "markdownDescription": "A friendly name for the resource server.", + "markdownDescription": "The name of the key value store.", "title": "Name", "type": "string" - }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType" - }, - "markdownDescription": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` .", - "title": "Scopes", - "type": "array" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a resource server.", - "title": "UserPoolId", - "type": "string" } }, "required": [ - "Identifier", - "Name", - "UserPoolId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolResourceServer" + "AWS::CloudFront::KeyValueStore" ], "type": "string" }, @@ -46928,27 +51052,27 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType": { + "AWS::CloudFront::KeyValueStore.ImportSource": { "additionalProperties": false, "properties": { - "ScopeDescription": { - "markdownDescription": "A friendly description of a custom scope.", - "title": "ScopeDescription", + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the import source for the key value store.", + "title": "SourceArn", "type": "string" }, - "ScopeName": { - "markdownDescription": "The name of the scope. Amazon Cognito renders custom scopes in the format `resourceServerIdentifier/ScopeName` . For example, if this parameter is `exampleScope` in the resource server with the identifier `exampleResourceServer` , you request and receive the scope `exampleResourceServer/exampleScope` .", - "title": "ScopeName", + "SourceType": { + "markdownDescription": "The source type of the import source for the key value store.", + "title": "SourceType", "type": "string" } }, "required": [ - "ScopeDescription", - "ScopeName" + "SourceArn", + "SourceType" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment": { + "AWS::CloudFront::MonitoringSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -46983,41 +51107,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountTakeoverRiskConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType", - "markdownDescription": "The settings for automated responses and notification templates for adaptive authentication with threat protection.", - "title": "AccountTakeoverRiskConfiguration" - }, - "ClientId": { - "markdownDescription": "The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.", - "title": "ClientId", + "DistributionId": { + "markdownDescription": "The ID of the distribution that you are enabling metrics for.", + "title": "DistributionId", "type": "string" }, - "CompromisedCredentialsRiskConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType", - "markdownDescription": "Settings for compromised-credentials actions and authentication types with threat protection in full-function `ENFORCED` mode.", - "title": "CompromisedCredentialsRiskConfiguration" - }, - "RiskExceptionConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType", - "markdownDescription": "Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.", - "title": "RiskExceptionConfiguration" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that has the risk configuration applied.", - "title": "UserPoolId", - "type": "string" + "MonitoringSubscription": { + "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.MonitoringSubscription", + "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", + "title": "MonitoringSubscription" } }, "required": [ - "ClientId", - "UserPoolId" + "DistributionId", + "MonitoringSubscription" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolRiskConfigurationAttachment" + "AWS::CloudFront::MonitoringSubscription" ], "type": "string" }, @@ -47036,188 +51145,32 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType": { - "additionalProperties": false, - "properties": { - "EventAction": { - "markdownDescription": "The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:\n\n- `BLOCK` : Block the request.\n- `MFA_IF_CONFIGURED` : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.\n- `MFA_REQUIRED` : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.\n- `NO_ACTION` : Take no action. Permit sign-in.", - "title": "EventAction", - "type": "string" - }, - "Notify": { - "markdownDescription": "Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.", - "title": "Notify", - "type": "boolean" - } - }, - "required": [ - "EventAction", - "Notify" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType": { - "additionalProperties": false, - "properties": { - "HighAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a high-risk assessment by threat protection.", - "title": "HighAction" - }, - "LowAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a low-risk assessment by threat protection.", - "title": "LowAction" - }, - "MediumAction": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", - "markdownDescription": "The action that you assign to a medium-risk assessment by threat protection.", - "title": "MediumAction" - } - }, - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType": { - "additionalProperties": false, - "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType", - "markdownDescription": "A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.", - "title": "Actions" - }, - "NotifyConfiguration": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType", - "markdownDescription": "The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in `AccountTakeoverRiskConfiguration` , Amazon Cognito sends an email message using the method and template that you set with this data type.", - "title": "NotifyConfiguration" - } - }, - "required": [ - "Actions" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType": { - "additionalProperties": false, - "properties": { - "EventAction": { - "markdownDescription": "The action that Amazon Cognito takes when it detects compromised credentials.", - "title": "EventAction", - "type": "string" - } - }, - "required": [ - "EventAction" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType": { - "additionalProperties": false, - "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType", - "markdownDescription": "Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.", - "title": "Actions" - }, - "EventFilter": { - "items": { - "type": "string" - }, - "markdownDescription": "Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.", - "title": "EventFilter", - "type": "array" - } - }, - "required": [ - "Actions" - ], - "type": "object" - }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType": { + "AWS::CloudFront::MonitoringSubscription.MonitoringSubscription": { "additionalProperties": false, "properties": { - "BlockEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when a detected risk event is blocked.", - "title": "BlockEmail" - }, - "From": { - "markdownDescription": "The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.", - "title": "From", - "type": "string" - }, - "MfaEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.", - "title": "MfaEmail" - }, - "NoActionEmail": { - "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", - "markdownDescription": "The template for the email message that your user pool sends when no action is taken in response to a detected risk.", - "title": "NoActionEmail" - }, - "ReplyTo": { - "markdownDescription": "The reply-to email address of an email template.", - "title": "ReplyTo", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter.", - "title": "SourceArn", - "type": "string" + "RealtimeMetricsSubscriptionConfig": { + "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig", + "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", + "title": "RealtimeMetricsSubscriptionConfig" } }, - "required": [ - "SourceArn" - ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType": { + "AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig": { "additionalProperties": false, "properties": { - "HtmlBody": { - "markdownDescription": "The body of an email notification formatted in HTML. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", - "title": "HtmlBody", - "type": "string" - }, - "Subject": { - "markdownDescription": "The subject of the threat protection email notification.", - "title": "Subject", - "type": "string" - }, - "TextBody": { - "markdownDescription": "The body of an email notification formatted in plaintext. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", - "title": "TextBody", + "RealtimeMetricsSubscriptionStatus": { + "markdownDescription": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution.", + "title": "RealtimeMetricsSubscriptionStatus", "type": "string" } }, "required": [ - "Subject" + "RealtimeMetricsSubscriptionStatus" ], "type": "object" }, - "AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType": { - "additionalProperties": false, - "properties": { - "BlockedIPRangeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.", - "title": "BlockedIPRangeList", - "type": "array" - }, - "SkippedIPRangeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.", - "title": "SkippedIPRangeList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Cognito::UserPoolUICustomizationAttachment": { + "AWS::CloudFront::OriginAccessControl": { "additionalProperties": false, "properties": { "Condition": { @@ -47252,31 +51205,20 @@ "Properties": { "additionalProperties": false, "properties": { - "CSS": { - "markdownDescription": "A plaintext CSS file that contains the custom fields that you want to apply to your user pool or app client. To download a template, go to the Amazon Cognito console. Navigate to your user pool *App clients* tab, select *Login pages* , edit *Hosted UI (classic) style* , and select the link to `CSS template.css` .", - "title": "CSS", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The app client ID for your UI customization. When this value isn't present, the customization applies to all user pool app clients that don't have client-level settings..", - "title": "ClientId", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to apply branding to the classic hosted UI.", - "title": "UserPoolId", - "type": "string" + "OriginAccessControlConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig", + "markdownDescription": "The origin access control.", + "title": "OriginAccessControlConfig" } }, "required": [ - "ClientId", - "UserPoolId" + "OriginAccessControlConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolUICustomizationAttachment" + "AWS::CloudFront::OriginAccessControl" ], "type": "string" }, @@ -47295,7 +51237,44 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolUser": { + "AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the origin access control.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name to identify the origin access control. You can specify up to 64 characters.", + "title": "Name", + "type": "string" + }, + "OriginAccessControlOriginType": { + "markdownDescription": "The type of origin that this origin access control is for.", + "title": "OriginAccessControlOriginType", + "type": "string" + }, + "SigningBehavior": { + "markdownDescription": "Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .\n\nThis field can have one of the following values:\n\n- `always` \u2013 CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.\n- `never` \u2013 CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.\n- `no-override` \u2013 If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*", + "title": "SigningBehavior", + "type": "string" + }, + "SigningProtocol": { + "markdownDescription": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .", + "title": "SigningProtocol", + "type": "string" + } + }, + "required": [ + "Name", + "OriginAccessControlOriginType", + "SigningBehavior", + "SigningProtocol" + ], + "type": "object" + }, + "AWS::CloudFront::OriginRequestPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -47330,70 +51309,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientMetadata": { - "additionalProperties": true, - "markdownDescription": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `ClientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Using Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n> When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:\n> \n> - Store the `ClientMetadata` value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata` parameter serves no purpose.\n> - Validate the `ClientMetadata` value.\n> - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ClientMetadata", - "type": "object" - }, - "DesiredDeliveryMediums": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify `EMAIL` if email will be used to send the welcome message. Specify `SMS` if the phone number will be used. The default value is `SMS` . You can specify more than one value.", - "title": "DesiredDeliveryMediums", - "type": "array" - }, - "ForceAliasCreation": { - "markdownDescription": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the `UserAttributes` parameter already exists as an alias with a different user, this request migrates the alias from the previous user to the newly-created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .", - "title": "ForceAliasCreation", - "type": "boolean" - }, - "MessageAction": { - "markdownDescription": "Set to `RESEND` to resend the invitation message to a user that already exists, and to reset the temporary-password duration with a new temporary password. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.", - "title": "MessageAction", - "type": "string" - }, - "UserAttributes": { - "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" - }, - "markdownDescription": "An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than `Username` . However, any attributes that you specify as required (when creating a user pool or in the *Attributes* tab of the console) either you should supply (in your call to `AdminCreateUser` ) or the user should supply (when they sign up in response to your welcome message).\n\nFor custom attributes, you must prepend the `custom:` prefix to the attribute name.\n\nTo send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the *Users* tab of the Amazon Cognito console for managing your user pools.\n\nYou must also provide an email address or phone number when you expect the user to do passwordless sign-in with an email or SMS OTP. These attributes must be provided when passwordless options are the only available, or when you don't submit a `TemporaryPassword` .\n\nIn your call to `AdminCreateUser` , you can set the `email_verified` attribute to `True` , and you can set the `phone_number_verified` attribute to `True` .\n\n- *email* : The email address of the user to whom the message that contains the code and username will be sent. Required if the `email_verified` attribute is set to `True` , or if `\"EMAIL\"` is specified in the `DesiredDeliveryMediums` parameter.\n- *phone_number* : The phone number of the user to whom the message that contains the code and username will be sent. Required if the `phone_number_verified` attribute is set to `True` , or if `\"SMS\"` is specified in the `DesiredDeliveryMediums` parameter.", - "title": "UserAttributes", - "type": "array" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool where you want to create a user.", - "title": "UserPoolId", - "type": "string" - }, - "Username": { - "markdownDescription": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", - "title": "Username", - "type": "string" - }, - "ValidationData": { - "items": { - "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" - }, - "markdownDescription": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function can automatically confirm and verify select users or perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) .", - "title": "ValidationData", - "type": "array" + "OriginRequestPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig", + "markdownDescription": "The origin request policy configuration.", + "title": "OriginRequestPolicyConfig" } }, "required": [ - "UserPoolId" + "OriginRequestPolicyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolUser" + "AWS::CloudFront::OriginRequestPolicy" ], "type": "string" }, @@ -47412,23 +51341,110 @@ ], "type": "object" }, - "AWS::Cognito::UserPoolUser.AttributeType": { + "AWS::CloudFront::OriginRequestPolicy.CookiesConfig": { + "additionalProperties": false, + "properties": { + "CookieBehavior": { + "markdownDescription": "Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `CookieNames` type, which are not included.", + "title": "CookieBehavior", + "type": "string" + }, + "Cookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of cookie names.", + "title": "Cookies", + "type": "array" + } + }, + "required": [ + "CookieBehavior" + ], + "type": "object" + }, + "AWS::CloudFront::OriginRequestPolicy.HeadersConfig": { + "additionalProperties": false, + "properties": { + "HeaderBehavior": { + "markdownDescription": "Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin.\n- `allViewer` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin.\n- `allViewerAndWhitelistCloudFront` \u2013 All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront.\n- `allExcept` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `Headers` type, which are not included.", + "title": "HeaderBehavior", + "type": "string" + }, + "Headers": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of HTTP header names.", + "title": "Headers", + "type": "array" + } + }, + "required": [ + "HeaderBehavior" + ], + "type": "object" + }, + "AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig": { "additionalProperties": false, "properties": { + "Comment": { + "markdownDescription": "A comment to describe the origin request policy. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "CookiesConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.CookiesConfig", + "markdownDescription": "The cookies from viewer requests to include in origin requests.", + "title": "CookiesConfig" + }, + "HeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.HeadersConfig", + "markdownDescription": "The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront.", + "title": "HeadersConfig" + }, "Name": { - "markdownDescription": "The name of the attribute.", + "markdownDescription": "A unique name to identify the origin request policy.", "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", + "QueryStringsConfig": { + "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig", + "markdownDescription": "The URL query strings from viewer requests to include in origin requests.", + "title": "QueryStringsConfig" + } + }, + "required": [ + "CookiesConfig", + "HeadersConfig", + "Name", + "QueryStringsConfig" + ], + "type": "object" + }, + "AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig": { + "additionalProperties": false, + "properties": { + "QueryStringBehavior": { + "markdownDescription": "Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `QueryStringNames` type, which are not included.", + "title": "QueryStringBehavior", "type": "string" + }, + "QueryStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains a list of query string names.", + "title": "QueryStrings", + "type": "array" } }, + "required": [ + "QueryStringBehavior" + ], "type": "object" }, - "AWS::Cognito::UserPoolUserToGroupAttachment": { + "AWS::CloudFront::PublicKey": { "additionalProperties": false, "properties": { "Condition": { @@ -47463,32 +51479,20 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the group that you want to add your user to.", - "title": "GroupName", - "type": "string" - }, - "UserPoolId": { - "markdownDescription": "The ID of the user pool that contains the group that you want to add the user to.", - "title": "UserPoolId", - "type": "string" - }, - "Username": { - "markdownDescription": "The user's username.", - "title": "Username", - "type": "string" + "PublicKeyConfig": { + "$ref": "#/definitions/AWS::CloudFront::PublicKey.PublicKeyConfig", + "markdownDescription": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", + "title": "PublicKeyConfig" } }, "required": [ - "GroupName", - "UserPoolId", - "Username" + "PublicKeyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Cognito::UserPoolUserToGroupAttachment" + "AWS::CloudFront::PublicKey" ], "type": "string" }, @@ -47507,7 +51511,38 @@ ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier": { + "AWS::CloudFront::PublicKey.PublicKeyConfig": { + "additionalProperties": false, + "properties": { + "CallerReference": { + "markdownDescription": "A string included in the request to help make sure that the request can't be replayed.", + "title": "CallerReference", + "type": "string" + }, + "Comment": { + "markdownDescription": "A comment to describe the public key. The comment cannot be longer than 128 characters.", + "title": "Comment", + "type": "string" + }, + "EncodedKey": { + "markdownDescription": "The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", + "title": "EncodedKey", + "type": "string" + }, + "Name": { + "markdownDescription": "A name to help identify the public key.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "CallerReference", + "EncodedKey", + "Name" + ], + "type": "object" + }, + "AWS::CloudFront::RealtimeLogConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -47542,81 +51577,44 @@ "Properties": { "additionalProperties": false, "properties": { - "DataAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data.", - "title": "DataAccessRoleArn", - "type": "string" - }, - "DocumentClassifierName": { - "markdownDescription": "The name of the document classifier.", - "title": "DocumentClassifierName", - "type": "string" - }, - "InputDataConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig", - "markdownDescription": "Specifies the format and location of the input data for the job.", - "title": "InputDataConfig" - }, - "LanguageCode": { - "markdownDescription": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language.", - "title": "LanguageCode", - "type": "string" - }, - "Mode": { - "markdownDescription": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|).", - "title": "Mode", - "type": "string" - }, - "ModelKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "ModelKmsKeyId", - "type": "string" - }, - "ModelPolicy": { - "markdownDescription": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`", - "title": "ModelPolicy", - "type": "string" - }, - "OutputDataConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig", - "markdownDescription": "Provides output results configuration parameters for custom classifier jobs.", - "title": "OutputDataConfig" - }, - "Tags": { + "EndPoints": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.EndPoint" }, - "markdownDescription": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department.", - "title": "Tags", + "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.", + "title": "EndPoints", "type": "array" }, - "VersionName": { - "markdownDescription": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region .", - "title": "VersionName", - "type": "string" + "Fields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .", + "title": "Fields", + "type": "array" }, - "VolumeKmsKeyId": { - "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "VolumeKmsKeyId", + "Name": { + "markdownDescription": "The unique name of this real-time log configuration.", + "title": "Name", "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.VpcConfig", - "markdownDescription": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", - "title": "VpcConfig" + "SamplingRate": { + "markdownDescription": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.", + "title": "SamplingRate", + "type": "number" } }, "required": [ - "DataAccessRoleArn", - "DocumentClassifierName", - "InputDataConfig", - "LanguageCode" + "EndPoints", + "Fields", + "Name", + "SamplingRate" ], "type": "object" }, "Type": { "enum": [ - "AWS::Comprehend::DocumentClassifier" + "AWS::CloudFront::RealtimeLogConfig" ], "type": "string" }, @@ -47635,172 +51633,47 @@ ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem": { - "additionalProperties": false, - "properties": { - "AttributeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job.\n\nIf your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth.\n\nIf your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job.", - "title": "AttributeNames", - "type": "array" - }, - "S3Uri": { - "markdownDescription": "The Amazon S3 location of the augmented manifest file.", - "title": "S3Uri", - "type": "string" - }, - "Split": { - "markdownDescription": "The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train.\n\nTRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing.\n\nTEST - all of the documents in the manifest will be used for testing.", - "title": "Split", - "type": "string" - } - }, - "required": [ - "AttributeNames", - "S3Uri" - ], - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments": { + "AWS::CloudFront::RealtimeLogConfig.EndPoint": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The S3 URI location of the training documents specified in the S3Uri CSV file.", - "title": "S3Uri", - "type": "string" + "KinesisStreamConfig": { + "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig", + "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration.", + "title": "KinesisStreamConfig" }, - "TestS3Uri": { - "markdownDescription": "The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file.", - "title": "TestS3Uri", + "StreamType": { + "markdownDescription": "The type of data stream where you are sending real-time log data. The only valid value is `Kinesis` .", + "title": "StreamType", "type": "string" } }, "required": [ - "S3Uri" + "KinesisStreamConfig", + "StreamType" ], "type": "object" }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig": { - "additionalProperties": false, - "properties": { - "AugmentedManifests": { - "items": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem" - }, - "markdownDescription": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` .", - "title": "AugmentedManifests", - "type": "array" - }, - "DataFormat": { - "markdownDescription": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default.", - "title": "DataFormat", - "type": "string" - }, - "DocumentReaderConfig": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentReaderConfig", - "markdownDescription": "", - "title": "DocumentReaderConfig" - }, - "DocumentType": { - "markdownDescription": "The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model.", - "title": "DocumentType", - "type": "string" - }, - "Documents": { - "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments", - "markdownDescription": "The S3 location of the training documents. This parameter is required in a request to create a native document model.", - "title": "Documents" - }, - "LabelDelimiter": { - "markdownDescription": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL.", - "title": "LabelDelimiter", - "type": "string" - }, - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` .", - "title": "S3Uri", - "type": "string" - }, - "TestS3Uri": { - "markdownDescription": "This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling.", - "title": "TestS3Uri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- KMS Key Alias: `\"alias/ExampleAlias\"`\n- ARN of a KMS Key Alias: `\"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\"`", - "title": "KmsKeyId", - "type": "string" - }, - "S3Uri": { - "markdownDescription": "When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file.\n\nWhen the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix.", - "title": "S3Uri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier.DocumentReaderConfig": { + "AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig": { "additionalProperties": false, "properties": { - "DocumentReadAction": { - "markdownDescription": "This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values:\n\n- `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation.\n- `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation.", - "title": "DocumentReadAction", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream.\n\nFor more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide* .", + "title": "RoleArn", "type": "string" }, - "DocumentReadMode": { - "markdownDescription": "Determines the text extraction actions for PDF files. Enter one of the following values:\n\n- `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files.\n- `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files.", - "title": "DocumentReadMode", + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data.", + "title": "StreamArn", "type": "string" - }, - "FeatureTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values:\n\n- `TABLES` - Returns additional information about any tables that are detected in the input document.\n- `FORMS` - Returns additional information about any forms that are detected in the input document.", - "title": "FeatureTypes", - "type": "array" - } - }, - "required": [ - "DocumentReadAction" - ], - "type": "object" - }, - "AWS::Comprehend::DocumentClassifier.VpcConfig": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", - "title": "Subnets", - "type": "array" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "RoleArn", + "StreamArn" ], "type": "object" }, - "AWS::Comprehend::Flywheel": { + "AWS::CloudFront::ResponseHeadersPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -47835,60 +51708,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveModelArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the active model version.", - "title": "ActiveModelArn", - "type": "string" - }, - "DataAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data.", - "title": "DataAccessRoleArn", - "type": "string" - }, - "DataLakeS3Uri": { - "markdownDescription": "Amazon S3 URI of the data lake location.", - "title": "DataLakeS3Uri", - "type": "string" - }, - "DataSecurityConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.DataSecurityConfig", - "markdownDescription": "Data security configuration.", - "title": "DataSecurityConfig" - }, - "FlywheelName": { - "markdownDescription": "Name for the flywheel.", - "title": "FlywheelName", - "type": "string" - }, - "ModelType": { - "markdownDescription": "Model type of the flywheel's model.", - "title": "ModelType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department.", - "title": "Tags", - "type": "array" - }, - "TaskConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.TaskConfig", - "markdownDescription": "Configuration about the model associated with a flywheel.", - "title": "TaskConfig" + "ResponseHeadersPolicyConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig", + "markdownDescription": "A response headers policy configuration.", + "title": "ResponseHeadersPolicyConfig" } }, "required": [ - "DataAccessRoleArn", - "DataLakeS3Uri", - "FlywheelName" + "ResponseHeadersPolicyConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Comprehend::Flywheel" + "AWS::CloudFront::ResponseHeadersPolicy" ], "type": "string" }, @@ -47907,214 +51740,430 @@ ], "type": "object" }, - "AWS::Comprehend::Flywheel.DataSecurityConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders": { "additionalProperties": false, "properties": { - "DataLakeKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the data in the data lake.", - "title": "DataLakeKmsKeyId", - "type": "string" - }, - "ModelKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", - "title": "ModelKmsKeyId", - "type": "string" - }, - "VolumeKmsKeyId": { - "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the volume.", - "title": "VolumeKmsKeyId", - "type": "string" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.VpcConfig", - "markdownDescription": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", - "title": "VpcConfig" + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP header names. You can specify `*` to allow all headers.", + "title": "Items", + "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Comprehend::Flywheel.DocumentClassificationConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods": { "additionalProperties": false, "properties": { - "Labels": { + "Items": { "items": { "type": "string" }, - "markdownDescription": "One or more labels to associate with the custom classifier.", - "title": "Labels", + "markdownDescription": "The list of HTTP methods. Valid values are:\n\n- `GET`\n- `DELETE`\n- `HEAD`\n- `OPTIONS`\n- `PATCH`\n- `POST`\n- `PUT`\n- `ALL`\n\n`ALL` is a special value that includes all of the listed HTTP methods.", + "title": "Items", "type": "array" - }, - "Mode": { - "markdownDescription": "Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` .", - "title": "Mode", - "type": "string" } }, "required": [ - "Mode" + "Items" ], "type": "object" }, - "AWS::Comprehend::Flywheel.EntityRecognitionConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins": { "additionalProperties": false, "properties": { - "EntityTypes": { + "Items": { "items": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityTypesListItem" + "type": "string" }, - "markdownDescription": "Up to 25 entity types that the model is trained to recognize.", - "title": "EntityTypes", + "markdownDescription": "The list of origins (domain names). You can specify `*` to allow all origins.", + "title": "Items", "type": "array" } }, + "required": [ + "Items" + ], "type": "object" }, - "AWS::Comprehend::Flywheel.EntityTypesListItem": { + "AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer.\n\nEntity types must not contain the following invalid characters: \\n (line break), \\\\n (escaped line break, \\r (carriage return), \\\\r (escaped carriage return), \\t (tab), \\\\t (escaped tab), and , (comma).", - "title": "Type", + "Items": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of HTTP headers. You can specify `*` to expose all headers.", + "title": "Items", + "type": "array" + } + }, + "required": [ + "Items" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy": { + "additionalProperties": false, + "properties": { + "ContentSecurityPolicy": { + "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.", + "title": "ContentSecurityPolicy", "type": "string" + }, + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" } }, "required": [ - "Type" + "ContentSecurityPolicy", + "Override" ], "type": "object" }, - "AWS::Comprehend::Flywheel.TaskConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions": { "additionalProperties": false, "properties": { - "DocumentClassificationConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.DocumentClassificationConfig", - "markdownDescription": "Configuration required for a document classification model.", - "title": "DocumentClassificationConfig" + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" + } + }, + "required": [ + "Override" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.CorsConfig": { + "additionalProperties": false, + "properties": { + "AccessControlAllowCredentials": { + "markdownDescription": "A Boolean that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Credentials` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs.", + "title": "AccessControlAllowCredentials", + "type": "boolean" }, - "EntityRecognitionConfig": { - "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityRecognitionConfig", - "markdownDescription": "Configuration required for an entity recognition model.", - "title": "EntityRecognitionConfig" + "AccessControlAllowHeaders": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders", + "markdownDescription": "A list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Headers` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs.", + "title": "AccessControlAllowHeaders" }, - "LanguageCode": { - "markdownDescription": "Language code for the language that the model supports.", - "title": "LanguageCode", + "AccessControlAllowMethods": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods", + "markdownDescription": "A list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Methods` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs.", + "title": "AccessControlAllowMethods" + }, + "AccessControlAllowOrigins": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins", + "markdownDescription": "A list of origins (domain names) that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Origin` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs.", + "title": "AccessControlAllowOrigins" + }, + "AccessControlExposeHeaders": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders", + "markdownDescription": "A list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Expose-Headers` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs.", + "title": "AccessControlExposeHeaders" + }, + "AccessControlMaxAgeSec": { + "markdownDescription": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n\nFor more information about the `Access-Control-Max-Age` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs.", + "title": "AccessControlMaxAgeSec", + "type": "number" + }, + "OriginOverride": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.", + "title": "OriginOverride", + "type": "boolean" + } + }, + "required": [ + "AccessControlAllowCredentials", + "AccessControlAllowHeaders", + "AccessControlAllowMethods", + "AccessControlAllowOrigins", + "OriginOverride" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.CustomHeader": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "The HTTP response header name.", + "title": "Header", + "type": "string" + }, + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.", + "title": "Override", + "type": "boolean" + }, + "Value": { + "markdownDescription": "The value for the HTTP response header.", + "title": "Value", "type": "string" } }, "required": [ - "LanguageCode" + "Header", + "Override", + "Value" ], "type": "object" }, - "AWS::Comprehend::Flywheel.VpcConfig": { + "AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "Items": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeader" }, - "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", - "title": "SecurityGroupIds", + "markdownDescription": "The list of HTTP response headers and their values.", + "title": "Items", "type": "array" + } + }, + "required": [ + "Items" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.FrameOptions": { + "additionalProperties": false, + "properties": { + "FrameOption": { + "markdownDescription": "The value of the `X-Frame-Options` HTTP response header. Valid values are `DENY` and `SAMEORIGIN` .\n\nFor more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", + "title": "FrameOption", + "type": "string" }, - "Subnets": { + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" + } + }, + "required": [ + "FrameOption", + "Override" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy": { + "additionalProperties": false, + "properties": { + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" + }, + "ReferrerPolicy": { + "markdownDescription": "The value of the `Referrer-Policy` HTTP response header. Valid values are:\n\n- `no-referrer`\n- `no-referrer-when-downgrade`\n- `origin`\n- `origin-when-cross-origin`\n- `same-origin`\n- `strict-origin`\n- `strict-origin-when-cross-origin`\n- `unsafe-url`\n\nFor more information about these values, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", + "title": "ReferrerPolicy", + "type": "string" + } + }, + "required": [ + "Override", + "ReferrerPolicy" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "The HTTP header name.", + "title": "Header", + "type": "string" + } + }, + "required": [ + "Header" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig": { + "additionalProperties": false, + "properties": { + "Items": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader" }, - "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", - "title": "Subnets", + "markdownDescription": "The list of HTTP header names.", + "title": "Items", "type": "array" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "Items" ], "type": "object" }, - "AWS::Config::AggregationAuthorization": { + "AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig": { "additionalProperties": false, "properties": { - "Condition": { + "Comment": { + "markdownDescription": "A comment to describe the response headers policy.\n\nThe comment cannot be longer than 128 characters.", + "title": "Comment", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CorsConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CorsConfig", + "markdownDescription": "A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).", + "title": "CorsConfig" + }, + "CustomHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig", + "markdownDescription": "A configuration for a set of custom HTTP response headers.", + "title": "CustomHeadersConfig" + }, + "Name": { + "markdownDescription": "A name to identify the response headers policy.\n\nThe name must be unique for response headers policies in this AWS account .", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "RemoveHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig", + "markdownDescription": "A configuration for a set of HTTP headers to remove from the HTTP response.", + "title": "RemoveHeadersConfig" }, - "Metadata": { - "type": "object" + "SecurityHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig", + "markdownDescription": "A configuration for a set of security-related HTTP response headers.", + "title": "SecurityHeadersConfig" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AuthorizedAccountId": { - "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", - "title": "AuthorizedAccountId", - "type": "string" - }, - "AuthorizedAwsRegion": { - "markdownDescription": "The region authorized to collect aggregated data.", - "title": "AuthorizedAwsRegion", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of tag object.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AuthorizedAccountId", - "AuthorizedAwsRegion" - ], - "type": "object" + "ServerTimingHeadersConfig": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig", + "markdownDescription": "A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront.", + "title": "ServerTimingHeadersConfig" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig": { + "additionalProperties": false, + "properties": { + "ContentSecurityPolicy": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy", + "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n\nFor more information about the `Content-Security-Policy` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs.", + "title": "ContentSecurityPolicy" }, - "Type": { - "enum": [ - "AWS::Config::AggregationAuthorization" - ], - "type": "string" + "ContentTypeOptions": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions", + "markdownDescription": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff` .\n\nFor more information about the `X-Content-Type-Options` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs.", + "title": "ContentTypeOptions" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FrameOptions": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.FrameOptions", + "markdownDescription": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value.\n\nFor more information about the `X-Frame-Options` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", + "title": "FrameOptions" + }, + "ReferrerPolicy": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy", + "markdownDescription": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value.\n\nFor more information about the `Referrer-Policy` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", + "title": "ReferrerPolicy" + }, + "StrictTransportSecurity": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity", + "markdownDescription": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value.\n\nFor more information about the `Strict-Transport-Security` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs.", + "title": "StrictTransportSecurity" + }, + "XSSProtection": { + "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.XSSProtection", + "markdownDescription": "Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value.\n\nFor more information about the `X-XSS-Protection` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "XSSProtection" + } + }, + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A Boolean that determines whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.", + "title": "Enabled", + "type": "boolean" + }, + "SamplingRate": { + "markdownDescription": "A number 0\u2013100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the `Server-Timing` header to. When you set the sampling rate to 100, CloudFront adds the `Server-Timing` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0\u2013100 with up to four decimal places.", + "title": "SamplingRate", + "type": "number" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity": { + "additionalProperties": false, + "properties": { + "AccessControlMaxAgeSec": { + "markdownDescription": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "AccessControlMaxAgeSec", + "type": "number" + }, + "IncludeSubdomains": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "IncludeSubdomains", + "type": "boolean" + }, + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" + }, + "Preload": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.", + "title": "Preload", + "type": "boolean" + } + }, + "required": [ + "AccessControlMaxAgeSec", + "Override" + ], + "type": "object" + }, + "AWS::CloudFront::ResponseHeadersPolicy.XSSProtection": { + "additionalProperties": false, + "properties": { + "ModeBlock": { + "markdownDescription": "A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n\nFor more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "ModeBlock", + "type": "boolean" + }, + "Override": { + "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.", + "title": "Override", + "type": "boolean" + }, + "Protection": { + "markdownDescription": "A Boolean that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true` , the value of the `X-XSS-Protection` header is `1` . When this setting is `false` , the value of the `X-XSS-Protection` header is `0` .\n\nFor more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "Protection", + "type": "boolean" + }, + "ReportUri": { + "markdownDescription": "A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.\n\nYou cannot specify a `ReportUri` when `ModeBlock` is `true` .\n\nFor more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", + "title": "ReportUri", "type": "string" } }, "required": [ - "Type", - "Properties" + "Override", + "Protection" ], "type": "object" }, - "AWS::Config::ConfigRule": { + "AWS::CloudFront::StreamingDistribution": { "additionalProperties": false, "properties": { "Condition": { @@ -48149,58 +52198,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Compliance": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", - "title": "Compliance" - }, - "ConfigRuleName": { - "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", - "title": "ConfigRuleName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description that you provide for the AWS Config rule.", - "title": "Description", - "type": "string" + "StreamingDistributionConfig": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig", + "markdownDescription": "The current configuration information for the RTMP distribution.", + "title": "StreamingDistributionConfig" }, - "EvaluationModes": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", - "title": "EvaluationModes", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", + "title": "Tags", "type": "array" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "object" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "Scope": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", - "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", - "title": "Scope" - }, - "Source": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Source", - "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", - "title": "Source" } }, "required": [ - "Source" + "StreamingDistributionConfig", + "Tags" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigRule" + "AWS::CloudFront::StreamingDistribution" ], "type": "string" }, @@ -48219,136 +52239,125 @@ ], "type": "object" }, - "AWS::Config::ConfigRule.Compliance": { + "AWS::CloudFront::StreamingDistribution.Logging": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", - "title": "Type", + "Bucket": { + "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `amzn-s3-demo-bucket.s3.amazonaws.com` .", + "title": "Bucket", "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.CustomPolicyDetails": { - "additionalProperties": false, - "properties": { - "EnableDebugLogDelivery": { - "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", - "title": "EnableDebugLogDelivery", - "type": "boolean" }, - "PolicyRuntime": { - "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", - "title": "PolicyRuntime", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a streaming distribution or if you want to disable logging for an existing streaming distribution, specify `false` for `Enabled` , and specify `empty Bucket` and `Prefix` elements. If you specify `false` for `Enabled` but you specify values for `Bucket` and `Prefix` , the values are automatically deleted.", + "title": "Enabled", + "type": "boolean" }, - "PolicyText": { - "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", - "title": "PolicyText", + "Prefix": { + "markdownDescription": "An optional string that you want CloudFront to prefix to the access log filenames for this streaming distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", + "title": "Prefix", "type": "string" } }, + "required": [ + "Bucket", + "Enabled", + "Prefix" + ], "type": "object" }, - "AWS::Config::ConfigRule.EvaluationModeConfiguration": { + "AWS::CloudFront::StreamingDistribution.S3Origin": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", - "title": "Mode", + "DomainName": { + "markdownDescription": "The DNS name of the Amazon S3 origin.", + "title": "DomainName", + "type": "string" + }, + "OriginAccessIdentity": { + "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 bucket through CloudFront.\n\nIf you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information, see [Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginAccessIdentity", "type": "string" } }, + "required": [ + "DomainName", + "OriginAccessIdentity" + ], "type": "object" }, - "AWS::Config::ConfigRule.Scope": { + "AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig": { "additionalProperties": false, "properties": { - "ComplianceResourceId": { - "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", - "title": "ComplianceResourceId", - "type": "string" - }, - "ComplianceResourceTypes": { + "Aliases": { "items": { "type": "string" }, - "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", - "title": "ComplianceResourceTypes", + "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution.", + "title": "Aliases", "type": "array" }, - "TagKey": { - "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", - "title": "TagKey", + "Comment": { + "markdownDescription": "Any comments you want to include about the streaming distribution.", + "title": "Comment", "type": "string" }, - "TagValue": { - "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", - "title": "TagValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::ConfigRule.Source": { - "additionalProperties": false, - "properties": { - "CustomPolicyDetails": { - "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", - "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", - "title": "CustomPolicyDetails" + "Enabled": { + "markdownDescription": "Whether the streaming distribution is enabled to accept user requests for content.", + "title": "Enabled", + "type": "boolean" }, - "Owner": { - "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", - "title": "Owner", + "Logging": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.Logging", + "markdownDescription": "A complex type that controls whether access logs are written for the streaming distribution.", + "title": "Logging" + }, + "PriceClass": { + "markdownDescription": "A complex type that contains information about price class for this streaming distribution.", + "title": "PriceClass", "type": "string" }, - "SourceDetails": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" - }, - "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", - "title": "SourceDetails", - "type": "array" + "S3Origin": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.S3Origin", + "markdownDescription": "A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.", + "title": "S3Origin" }, - "SourceIdentifier": { - "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", - "title": "SourceIdentifier", - "type": "string" + "TrustedSigners": { + "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.TrustedSigners", + "markdownDescription": "A complex type that specifies any AWS accounts that you want to permit to create signed URLs for private content. If you want the distribution to use signed URLs, include this element; if you want the distribution to use public URLs, remove this element. For more information, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", + "title": "TrustedSigners" } }, "required": [ - "Owner" + "Comment", + "Enabled", + "S3Origin", + "TrustedSigners" ], "type": "object" }, - "AWS::Config::ConfigRule.SourceDetail": { + "AWS::CloudFront::StreamingDistribution.TrustedSigners": { "additionalProperties": false, "properties": { - "EventSource": { - "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", - "title": "EventSource", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", - "title": "MaximumExecutionFrequency", - "type": "string" + "AwsAccountNumbers": { + "items": { + "type": "string" + }, + "markdownDescription": "An AWS account number that contains active CloudFront key pairs that CloudFront can use to verify the signatures of signed URLs and signed cookies. If the AWS account that owns the key pairs is the same account that owns the CloudFront distribution, the value of this field is `self` .", + "title": "AwsAccountNumbers", + "type": "array" }, - "MessageType": { - "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", - "title": "MessageType", - "type": "string" + "Enabled": { + "markdownDescription": "This field is `true` if any of the AWS accounts in the list are configured as trusted signers. If not, this field is `false` .", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "EventSource", - "MessageType" + "Enabled" ], "type": "object" }, - "AWS::Config::ConfigurationAggregator": { + "AWS::CloudFront::VpcOrigin": { "additionalProperties": false, "properties": { "Condition": { @@ -48383,38 +52392,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.AccountAggregationSource" - }, - "markdownDescription": "Provides a list of source accounts and regions to be aggregated.", - "title": "AccountAggregationSources", - "type": "array" - }, - "ConfigurationAggregatorName": { - "markdownDescription": "The name of the aggregator.", - "title": "ConfigurationAggregatorName", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.OrganizationAggregationSource", - "markdownDescription": "Provides an organization and list of regions to be aggregated.", - "title": "OrganizationAggregationSource" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of tag object.", + "markdownDescription": "A complex type that contains zero or more `Tag` elements.", "title": "Tags", "type": "array" + }, + "VpcOriginEndpointConfig": { + "$ref": "#/definitions/AWS::CloudFront::VpcOrigin.VpcOriginEndpointConfig", + "markdownDescription": "The VPC origin endpoint configuration.", + "title": "VpcOriginEndpointConfig" } }, + "required": [ + "VpcOriginEndpointConfig" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigurationAggregator" + "AWS::CloudFront::VpcOrigin" ], "type": "string" }, @@ -48428,68 +52427,55 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Config::ConfigurationAggregator.AccountAggregationSource": { + "AWS::CloudFront::VpcOrigin.VpcOriginEndpointConfig": { "additionalProperties": false, "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The 12-digit account ID of the account being aggregated.", - "title": "AccountIds", - "type": "array" + "Arn": { + "markdownDescription": "The ARN of the CloudFront VPC origin endpoint configuration.", + "title": "Arn", + "type": "string" }, - "AllAwsRegions": { - "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", - "title": "AllAwsRegions", - "type": "boolean" + "HTTPPort": { + "markdownDescription": "The HTTP port for the CloudFront VPC origin endpoint configuration. The default value is `80` .", + "title": "HTTPPort", + "type": "number" }, - "AwsRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The source regions being aggregated.", - "title": "AwsRegions", - "type": "array" - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "AWS::Config::ConfigurationAggregator.OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", - "title": "AllAwsRegions", - "type": "boolean" + "HTTPSPort": { + "markdownDescription": "The HTTPS port of the CloudFront VPC origin endpoint configuration. The default value is `443` .", + "title": "HTTPSPort", + "type": "number" }, - "AwsRegions": { + "Name": { + "markdownDescription": "The name of the CloudFront VPC origin endpoint configuration.", + "title": "Name", + "type": "string" + }, + "OriginProtocolPolicy": { + "markdownDescription": "The origin protocol policy for the CloudFront VPC origin endpoint configuration.", + "title": "OriginProtocolPolicy", + "type": "string" + }, + "OriginSSLProtocols": { "items": { "type": "string" }, - "markdownDescription": "The source regions being aggregated.", - "title": "AwsRegions", + "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", + "title": "OriginSSLProtocols", "type": "array" - }, - "RoleArn": { - "markdownDescription": "ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account.", - "title": "RoleArn", - "type": "string" } }, "required": [ - "RoleArn" + "Arn", + "Name" ], "type": "object" }, - "AWS::Config::ConfigurationRecorder": { + "AWS::CloudTrail::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -48524,35 +52510,38 @@ "Properties": { "additionalProperties": false, "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Channel.Destination" + }, + "markdownDescription": "One or more event data stores to which events arriving through a channel will be logged.", + "title": "Destinations", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the configuration recorder. AWS Config automatically assigns the name of \"default\" when creating the configuration recorder.\n\nYou cannot change the name of the configuration recorder after it has been created. To change the configuration recorder name, you must delete it and create a new configuration recorder with a new name.", + "markdownDescription": "The name of the channel.", "title": "Name", "type": "string" }, - "RecordingGroup": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingGroup", - "markdownDescription": "Specifies which resource types AWS Config records for configuration changes.\n\n> *High Number of AWS Config Evaluations*\n> \n> You may notice increased activity in your account during your initial month recording with AWS Config when compared to subsequent months. During the initial bootstrapping process, AWS Config runs evaluations on all the resources in your account that you have selected for AWS Config to record.\n> \n> If you are running ephemeral workloads, you may see increased activity from AWS Config as it records configuration changes associated with creating and deleting these temporary resources. An *ephemeral workload* is a temporary use of computing resources that are loaded and run when needed. Examples include Amazon Elastic Compute Cloud ( Amazon EC2 ) Spot Instances, Amazon EMR jobs, and AWS Auto Scaling . If you want to avoid the increased activity from running ephemeral workloads, you can run these types of workloads in a separate account with AWS Config turned off to avoid increased configuration recording and rule evaluations.", - "title": "RecordingGroup" - }, - "RecordingMode": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingMode", - "markdownDescription": "Specifies the default recording frequency for the configuration recorder. AWS Config supports *Continuous recording* and *Daily recording* .\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> *Some resource types require continuous recording*\n> \n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous. \n\nYou can also override the recording frequency for specific resource types.", - "title": "RecordingMode" - }, - "RoleARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder. For more information, see [Permissions for the IAM Role Assigned](https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) to AWS Config in the AWS Config Developer Guide.\n\n> *Pre-existing AWS Config role*\n> \n> If you have used an AWS service that uses AWS Config , such as AWS Security Hub or AWS Control Tower , and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.\n> \n> For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service ( Amazon S3 ) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config . Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config , see [*Identity and Access Management for AWS Config*](https://docs.aws.amazon.com/config/latest/developerguide/security-iam.html) in the *AWS Config Developer Guide* .", - "title": "RoleARN", + "Source": { + "markdownDescription": "The name of the partner or external event source. You cannot change this name after you create the channel. A maximum of one channel is allowed per source.\n\nA source can be either `Custom` for all valid non- AWS events, or the name of a partner event source. For information about the source names for available partners, see [Additional information about integration partners](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-integration.html#cloudtrail-lake-partner-information) in the CloudTrail User Guide.", + "title": "Source", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags.", + "title": "Tags", + "type": "array" } }, - "required": [ - "RoleARN" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConfigurationRecorder" + "AWS::CloudTrail::Channel" ], "type": "string" }, @@ -48566,127 +52555,31 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes": { - "additionalProperties": false, - "properties": { - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A comma-separated list of resource types to exclude from recording by the configuration recorder.", - "title": "ResourceTypes", - "type": "array" - } - }, - "required": [ - "ResourceTypes" - ], - "type": "object" - }, - "AWS::Config::ConfigurationRecorder.RecordingGroup": { - "additionalProperties": false, - "properties": { - "AllSupported": { - "markdownDescription": "Specifies whether AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types.\n\nIf you set this field to `true` , when AWS Config adds support for a new resource type, AWS Config starts recording resources of that type automatically.\n\nIf you set this field to `true` , you cannot enumerate specific resource types to record in the `resourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , or to exclude in the `resourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Region availability*\n> \n> Check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if a resource type is supported in the AWS Region where you set up AWS Config .", - "title": "AllSupported", - "type": "boolean" - }, - "ExclusionByResourceTypes": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes", - "markdownDescription": "An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.\n\nTo use this option, you must set the `useOnly` field of [AWS::Config::ConfigurationRecorder RecordingStrategy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configurationrecorder-recordingstrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` .", - "title": "ExclusionByResourceTypes" - }, - "IncludeGlobalResourceTypes": { - "markdownDescription": "This option is a bundle which only applies to the global IAM resource types: IAM users, groups, roles, and customer managed policies. These global IAM resource types can only be recorded by AWS Config in Regions where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n\n- Asia Pacific (Hyderabad)\n- Asia Pacific (Melbourne)\n- Canada West (Calgary)\n- Europe (Spain)\n- Europe (Zurich)\n- Israel (Tel Aviv)\n- Middle East (UAE)\n\n> *Aurora global clusters are recorded in all enabled Regions*\n> \n> The `AWS::RDS::GlobalCluster` resource type will be recorded in all supported AWS Config Regions where the configuration recorder is enabled, even if `IncludeGlobalResourceTypes` is set to `false` . The `IncludeGlobalResourceTypes` option is a bundle which only applies to IAM users, groups, roles, and customer managed policies.\n> \n> If you do not want to record `AWS::RDS::GlobalCluster` in all enabled Regions, use one of the following recording strategies:\n> \n> - *Record all current and future resource types with exclusions* ( `EXCLUSION_BY_RESOURCE_TYPES` ), or\n> - *Record specific resource types* ( `INCLUSION_BY_RESOURCE_TYPES` ).\n> \n> For more information, see [Selecting Which Resources are Recorded](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-all) in the *AWS Config developer guide* . > *IncludeGlobalResourceTypes and the exclusion recording strategy*\n> \n> The `IncludeGlobalResourceTypes` field has no impact on the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy. This means that the global IAM resource types ( IAM users, groups, roles, and customer managed policies) will not be automatically added as exclusions for `ExclusionByResourceTypes` when `IncludeGlobalResourceTypes` is set to `false` .\n> \n> The `IncludeGlobalResourceTypes` field should only be used to modify the `AllSupported` field, as the default for the `AllSupported` field is to record configuration changes for all supported resource types excluding the global IAM resource types. To include the global IAM resource types when `AllSupported` is set to `true` , make sure to set `IncludeGlobalResourceTypes` to `true` .\n> \n> To exclude the global IAM resource types for the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, you need to manually add them to the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Required and optional fields*\n> \n> Before you set this field to `true` , set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` . > *Overriding fields*\n> \n> If you set this field to `false` but list global IAM resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , AWS Config will still record configuration changes for those specified resource types *regardless* of if you set the `IncludeGlobalResourceTypes` field to false.\n> \n> If you do not want to record configuration changes to the global IAM resource types (IAM users, groups, roles, and customer managed policies), make sure to not list them in the `ResourceTypes` field in addition to setting the `IncludeGlobalResourceTypes` field to false.", - "title": "IncludeGlobalResourceTypes", - "type": "boolean" - }, - "RecordingStrategy": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingStrategy", - "markdownDescription": "An object that specifies the recording strategy for the configuration recorder.\n\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type.\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resources types and the resource exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", - "title": "RecordingStrategy" - }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A comma-separated list that specifies which resource types AWS Config records.\n\nFor a list of valid `ResourceTypes` values, see the *Resource Type Value* column in [Supported AWS resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n\n> *Required and optional fields*\n> \n> Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` .\n> \n> To record all configuration changes, set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` , and either omit this field or don't specify any resource types in this field. If you set the `AllSupported` field to `false` and specify values for `ResourceTypes` , when AWS Config adds support for a new type of resource, it will not record resources of that type unless you manually add that type to your recording group. > *Region availability*\n> \n> Before specifying a resource type for AWS Config to track, check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if the resource type is supported in the AWS Region where you set up AWS Config . If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config , even if the specified resource type is not supported in the AWS Region where you set up AWS Config .", - "title": "ResourceTypes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Config::ConfigurationRecorder.RecordingMode": { - "additionalProperties": false, - "properties": { - "RecordingFrequency": { - "markdownDescription": "The default recording frequency that AWS Config uses to record configuration changes.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`\n> \n> For the *allSupported* ( `ALL_SUPPORTED_RESOURCE_TYPES` ) recording strategy, these resource types will be set to Continuous recording.", - "title": "RecordingFrequency", - "type": "string" - }, - "RecordingModeOverrides": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingModeOverride" - }, - "markdownDescription": "An array of `recordingModeOverride` objects for you to specify your overrides for the recording mode. The `recordingModeOverride` object in the `recordingModeOverrides` array consists of three fields: a `description` , the new `recordingFrequency` , and an array of `resourceTypes` to override.", - "title": "RecordingModeOverrides", - "type": "array" - } - }, - "required": [ - "RecordingFrequency" + "Type" ], "type": "object" }, - "AWS::Config::ConfigurationRecorder.RecordingModeOverride": { + "AWS::CloudTrail::Channel.Destination": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description that you provide for the override.", - "title": "Description", - "type": "string" - }, - "RecordingFrequency": { - "markdownDescription": "The recording frequency that will be applied to all the resource types specified in the override.\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous.", - "title": "RecordingFrequency", + "Location": { + "markdownDescription": "For channels used for a CloudTrail Lake integration, the location is the ARN of an event data store that receives events from a channel. For service-linked channels, the location is the name of the AWS service.", + "title": "Location", "type": "string" }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A comma-separated list that specifies which resource types AWS Config includes in the override.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`", - "title": "ResourceTypes", - "type": "array" - } - }, - "required": [ - "RecordingFrequency", - "ResourceTypes" - ], - "type": "object" - }, - "AWS::Config::ConfigurationRecorder.RecordingStrategy": { - "additionalProperties": false, - "properties": { - "UseOnly": { - "markdownDescription": "The recording strategy for the configuration recorder.\n\n- If you set this option to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type. For a list of supported resource types, see [Supported Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n- If you set this option to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types that you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set this option to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resource types and the exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", - "title": "UseOnly", + "Type": { + "markdownDescription": "The type of destination for events arriving from a channel. For channels used for a CloudTrail Lake integration, the value is `EVENT_DATA_STORE` . For service-linked channels, the value is `AWS_SERVICE` .", + "title": "Type", "type": "string" } }, "required": [ - "UseOnly" + "Location", + "Type" ], "type": "object" }, - "AWS::Config::ConformancePack": { + "AWS::CloudTrail::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -48721,53 +52614,43 @@ "Properties": { "additionalProperties": false, "properties": { - "ConformancePackInputParameters": { - "items": { - "$ref": "#/definitions/AWS::Config::ConformancePack.ConformancePackInputParameter" - }, - "markdownDescription": "A list of ConformancePackInputParameter objects.", - "title": "ConformancePackInputParameters", - "type": "array" - }, - "ConformancePackName": { - "markdownDescription": "Name of the conformance pack you want to create.", - "title": "ConformancePackName", - "type": "string" - }, - "DeliveryS3Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.", - "title": "DeliveryS3Bucket", + "Name": { + "markdownDescription": "The name of the dashboard. The name must be unique to your account.\n\nTo create the Highlights dashboard, the name must be `AWSCloudTrail-Highlights` .", + "title": "Name", "type": "string" }, - "DeliveryS3KeyPrefix": { - "markdownDescription": "The prefix for the Amazon S3 bucket.", - "title": "DeliveryS3KeyPrefix", - "type": "string" + "RefreshSchedule": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.RefreshSchedule", + "markdownDescription": "The schedule for a dashboard refresh.", + "title": "RefreshSchedule" }, - "TemplateBody": { - "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\n> You can only use a YAML template with two resource types: config rule ( `AWS::Config::ConfigRule` ) and a remediation action ( `AWS::Config::RemediationConfiguration` ).", - "title": "TemplateBody", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags.", + "title": "Tags", + "type": "array" }, - "TemplateS3Uri": { - "markdownDescription": "Location of file containing the template body (s3://bucketname/prefix). The uri must point to the conformance pack template (max size: 300 KB) that is located in an Amazon S3 bucket.\n\n> You must have access to read Amazon S3 bucket.", - "title": "TemplateS3Uri", - "type": "string" + "TerminationProtectionEnabled": { + "markdownDescription": "Specifies whether termination protection is enabled for the dashboard. If termination protection is enabled, you cannot delete the dashboard until termination protection is disabled.", + "title": "TerminationProtectionEnabled", + "type": "boolean" }, - "TemplateSSMDocumentDetails": { - "$ref": "#/definitions/AWS::Config::ConformancePack.TemplateSSMDocumentDetails", - "markdownDescription": "An object that contains the name or Amazon Resource Name (ARN) of the AWS Systems Manager document (SSM document) and the version of the SSM document that is used to create a conformance pack.", - "title": "TemplateSSMDocumentDetails" + "Widgets": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.Widget" + }, + "markdownDescription": "An array of widgets for a custom dashboard. A custom dashboard can have a maximum of ten widgets.\n\nYou do not need to specify widgets for the Highlights dashboard.", + "title": "Widgets", + "type": "array" } }, - "required": [ - "ConformancePackName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::ConformancePack" + "AWS::CloudTrail::Dashboard" ], "type": "string" }, @@ -48781,151 +52664,85 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Config::ConformancePack.ConformancePackInputParameter": { + "AWS::CloudTrail::Dashboard.Frequency": { "additionalProperties": false, "properties": { - "ParameterName": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterName", + "Unit": { + "markdownDescription": "The unit to use for the refresh.\n\nFor custom dashboards, the unit can be `HOURS` or `DAYS` .\n\nFor the Highlights dashboard, the `Unit` must be `HOURS` .", + "title": "Unit", "type": "string" }, - "ParameterValue": { - "markdownDescription": "Another part of the key-value pair.", - "title": "ParameterValue", - "type": "string" + "Value": { + "markdownDescription": "The value for the refresh schedule.\n\nFor custom dashboards, the following values are valid when the unit is `HOURS` : `1` , `6` , `12` , `24`\n\nFor custom dashboards, the only valid value when the unit is `DAYS` is `1` .\n\nFor the Highlights dashboard, the `Value` must be `6` .", + "title": "Value", + "type": "number" } }, "required": [ - "ParameterName", - "ParameterValue" + "Unit", + "Value" ], "type": "object" }, - "AWS::Config::ConformancePack.TemplateSSMDocumentDetails": { + "AWS::CloudTrail::Dashboard.RefreshSchedule": { "additionalProperties": false, "properties": { - "DocumentName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document.", - "title": "DocumentName", + "Frequency": { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard.Frequency", + "markdownDescription": "The frequency at which you want the dashboard refreshed.", + "title": "Frequency" + }, + "Status": { + "markdownDescription": "Specifies whether the refresh schedule is enabled. Set the value to `ENABLED` to enable the refresh schedule, or to `DISABLED` to turn off the refresh schedule.", + "title": "Status", "type": "string" }, - "DocumentVersion": { - "markdownDescription": "The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version.\n\n> This field is optional.", - "title": "DocumentVersion", + "TimeOfDay": { + "markdownDescription": "The time of day in UTC to run the schedule; for hourly only refer to minutes; default is 00:00.", + "title": "TimeOfDay", "type": "string" } }, "type": "object" }, - "AWS::Config::DeliveryChannel": { + "AWS::CloudTrail::Dashboard.Widget": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "QueryParameters": { + "items": { + "type": "string" + }, + "markdownDescription": "The optional query parameters. The following query parameters are valid: `$StartTime$` , `$EndTime$` , and `$Period$` .", + "title": "QueryParameters", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "QueryStatement": { + "markdownDescription": "The query statement for the widget. For custom dashboard widgets, you can query across multiple event data stores as long as all event data stores exist in your account.\n\n> When a query uses `?` with `eventTime` , `?` must be surrounded by single quotes as follows: `'?'` .", + "title": "QueryStatement", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigSnapshotDeliveryProperties": { - "$ref": "#/definitions/AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties", - "markdownDescription": "The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.", - "title": "ConfigSnapshotDeliveryProperties" - }, - "Name": { - "markdownDescription": "A name for the delivery channel. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nUpdates are not supported. To change the name, you must run two separate updates. In the first update, delete this resource, and then recreate it with a new name in the second update.", - "title": "Name", - "type": "string" - }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.\n\nIf you specify a bucket that belongs to another AWS account , that bucket must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon S3 Bucket](https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html) in the *AWS Config Developer Guide* .", - "title": "S3BucketName", - "type": "string" - }, - "S3KeyPrefix": { - "markdownDescription": "The prefix for the specified Amazon S3 bucket.", - "title": "S3KeyPrefix", - "type": "string" - }, - "S3KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service ( AWS KMS ) AWS KMS key (KMS key) used to encrypt objects delivered by AWS Config . Must belong to the same Region as the destination S3 bucket.", - "title": "S3KmsKeyArn", - "type": "string" - }, - "SnsTopicARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.\n\nIf you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon SNS Topic](https://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html) in the *AWS Config Developer Guide* .", - "title": "SnsTopicARN", + "ViewProperties": { + "additionalProperties": true, + "markdownDescription": "The view properties for the widget. For more information about view properties, see [View properties for widgets](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-widget-properties.html) in the *AWS CloudTrail User Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "S3BucketName" - ], + "title": "ViewProperties", "type": "object" - }, - "Type": { - "enum": [ - "AWS::Config::DeliveryChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" } }, "required": [ - "Type", - "Properties" + "QueryStatement" ], "type": "object" }, - "AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties": { - "additionalProperties": false, - "properties": { - "DeliveryFrequency": { - "markdownDescription": "The frequency with which AWS Config delivers configuration snapshots.", - "title": "DeliveryFrequency", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Config::OrganizationConfigRule": { + "AWS::CloudTrail::EventDataStore": { "additionalProperties": false, "properties": { "Condition": { @@ -48960,43 +52777,104 @@ "Properties": { "additionalProperties": false, "properties": { - "ExcludedAccounts": { + "AdvancedEventSelectors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedEventSelector" }, - "markdownDescription": "A comma-separated list of accounts excluded from organization AWS Config rule.", - "title": "ExcludedAccounts", + "markdownDescription": "The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.\n\nFor more information about how to use advanced event selectors to log CloudTrail events, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see [Create an event data store for AWS Config configuration items](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see [Create an integration to log events from outside AWS](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration) in the CloudTrail User Guide.", + "title": "AdvancedEventSelectors", "type": "array" }, - "OrganizationConfigRuleName": { - "markdownDescription": "The name that you assign to organization AWS Config rule.", - "title": "OrganizationConfigRuleName", + "BillingMode": { + "markdownDescription": "The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.\n\nThe following are the possible values:\n\n- `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days.\n- `FIXED_RETENTION_PRICING` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.\n\nThe default value is `EXTENDABLE_RETENTION_PRICING` .\n\nFor more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) and [Managing CloudTrail Lake costs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html) .", + "title": "BillingMode", "type": "string" }, - "OrganizationCustomPolicyRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata", - "markdownDescription": "An object that specifies metadata for your organization's AWS Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.", - "title": "OrganizationCustomPolicyRuleMetadata" + "ContextKeySelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.ContextKeySelector" + }, + "markdownDescription": "The list of context key selectors that are configured for the event data store.", + "title": "ContextKeySelectors", + "type": "array" }, - "OrganizationCustomRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata", - "markdownDescription": "An `OrganizationCustomRuleMetadata` object.", - "title": "OrganizationCustomRuleMetadata" + "FederationEnabled": { + "markdownDescription": "Indicates if [Lake query federation](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html) is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.", + "title": "FederationEnabled", + "type": "boolean" }, - "OrganizationManagedRuleMetadata": { - "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata", - "markdownDescription": "An `OrganizationManagedRuleMetadata` object.", - "title": "OrganizationManagedRuleMetadata" + "FederationRoleArn": { + "markdownDescription": "If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.\n\nThe federation role must exist in your account and provide the [required minimum permissions](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role) .", + "title": "FederationRoleArn", + "type": "string" + }, + "IngestionEnabled": { + "markdownDescription": "Specifies whether the event data store should start ingesting live events. The default is true.", + "title": "IngestionEnabled", + "type": "boolean" + }, + "InsightSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.InsightSelector" + }, + "markdownDescription": "A JSON string that contains the Insights types you want to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightSelectors", + "type": "array" + }, + "InsightsDestination": { + "markdownDescription": "The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. For more information, see [Create an event data store for CloudTrail Insights events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-insights.html) .", + "title": "InsightsDestination", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by `alias/` , a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\n> Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store. \n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- `alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`\n- `12345678-1234-1234-1234-123456789012`", + "title": "KmsKeyId", + "type": "string" + }, + "MaxEventSize": { + "markdownDescription": "The maximum allowed size for events to be stored in the specified event data store. If you are using context key selectors, MaxEventSize must be set to Large.", + "title": "MaxEventSize", + "type": "string" + }, + "MultiRegionEnabled": { + "markdownDescription": "Specifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.", + "title": "MultiRegionEnabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the event data store.", + "title": "Name", + "type": "string" + }, + "OrganizationEnabled": { + "markdownDescription": "Specifies whether an event data store collects events logged for an organization in AWS Organizations .", + "title": "OrganizationEnabled", + "type": "boolean" + }, + "RetentionPeriod": { + "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", + "title": "RetentionPeriod", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags.", + "title": "Tags", + "type": "array" + }, + "TerminationProtectionEnabled": { + "markdownDescription": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.", + "title": "TerminationProtectionEnabled", + "type": "boolean" } }, - "required": [ - "OrganizationConfigRuleName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::OrganizationConfigRule" + "AWS::CloudTrail::EventDataStore" ], "type": "string" }, @@ -49010,199 +52888,129 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata": { + "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { "additionalProperties": false, "properties": { - "DebugLogDeliveryAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of accounts that you can enable debug logging for your organization AWS Config Custom Policy rule. List is null when debug logging is enabled for all accounts.", - "title": "DebugLogDeliveryAccounts", - "type": "array" - }, - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config Custom Policy rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config Custom Policy rule.", - "title": "InputParameters", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your AWS Config Custom Policy rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "OrganizationConfigRuleTriggerTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of notification that initiates AWS Config to run an evaluation for a rule. For AWS Config Custom Policy rules, AWS Config supports change-initiated notification types:\n\n- `ConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.", - "title": "OrganizationConfigRuleTriggerTypes", - "type": "array" - }, - "PolicyText": { - "markdownDescription": "The policy definition containing the logic for your organization AWS Config Custom Policy rule.", - "title": "PolicyText", - "type": "string" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { + "FieldSelectors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedFieldSelector" }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", + "markdownDescription": "Contains all selector statements in an advanced event selector.", + "title": "FieldSelectors", "type": "array" }, - "Runtime": { - "markdownDescription": "The runtime system for your organization AWS Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", - "title": "Runtime", - "type": "string" - }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" - }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", + "Name": { + "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", + "title": "Name", "type": "string" } }, "required": [ - "PolicyText", - "Runtime" + "FieldSelectors" ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata": { + "AWS::CloudTrail::EventDataStore.AdvancedFieldSelector": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "string" + "EndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "EndsWith", + "type": "array" }, - "LambdaFunctionArn": { - "markdownDescription": "The lambda function ARN.", - "title": "LambdaFunctionArn", - "type": "string" + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", + "title": "Equals", + "type": "array" }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", + "Field": { + "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", + "title": "Field", "type": "string" }, - "OrganizationConfigRuleTriggerTypes": { + "NotEndsWith": { "items": { "type": "string" }, - "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .", - "title": "OrganizationConfigRuleTriggerTypes", + "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "NotEndsWith", "type": "array" }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { + "NotEquals": { "items": { "type": "string" }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", + "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", + "title": "NotEquals", "type": "array" }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" + "NotStartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "NotStartsWith", + "type": "array" }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", - "type": "string" + "StartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "StartsWith", + "type": "array" } }, "required": [ - "LambdaFunctionArn", - "OrganizationConfigRuleTriggerTypes" + "Field" ], "type": "object" }, - "AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata": { + "AWS::CloudTrail::EventDataStore.ContextKeySelector": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description that you provide for your organization AWS Config rule.", - "title": "Description", - "type": "string" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. This is for an AWS Config managed rule that is triggered at a periodic frequency.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "ResourceIdScope": { - "markdownDescription": "The ID of the AWS resource that was evaluated.", - "title": "ResourceIdScope", - "type": "string" - }, - "ResourceTypesScope": { + "Equals": { "items": { "type": "string" }, - "markdownDescription": "The type of the AWS resource that was evaluated.", - "title": "ResourceTypesScope", + "markdownDescription": "A list of keys defined by Type to be included in CloudTrail enriched events.", + "title": "Equals", "type": "array" }, - "RuleIdentifier": { - "markdownDescription": "For organization config managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .", - "title": "RuleIdentifier", - "type": "string" - }, - "TagKeyScope": { - "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", - "title": "TagKeyScope", - "type": "string" - }, - "TagValueScope": { - "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", - "title": "TagValueScope", + "Type": { + "markdownDescription": "Specifies the type of the event record field in ContextKeySelector. Valid values include RequestContext, TagContext.", + "title": "Type", "type": "string" } }, "required": [ - "RuleIdentifier" + "Equals", + "Type" ], "type": "object" }, - "AWS::Config::OrganizationConformancePack": { + "AWS::CloudTrail::EventDataStore.InsightSelector": { + "additionalProperties": false, + "properties": { + "InsightType": { + "markdownDescription": "The type of Insights events to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudTrail::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -49237,56 +53045,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ConformancePackInputParameters": { - "items": { - "$ref": "#/definitions/AWS::Config::OrganizationConformancePack.ConformancePackInputParameter" - }, - "markdownDescription": "A list of `ConformancePackInputParameter` objects.", - "title": "ConformancePackInputParameters", - "type": "array" - }, - "DeliveryS3Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.\n\n> This field is optional.", - "title": "DeliveryS3Bucket", - "type": "string" - }, - "DeliveryS3KeyPrefix": { - "markdownDescription": "Any folder structure you want to add to an Amazon S3 bucket.\n\n> This field is optional.", - "title": "DeliveryS3KeyPrefix", - "type": "string" - }, - "ExcludedAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "A comma-separated list of accounts excluded from organization conformance pack.", - "title": "ExcludedAccounts", - "type": "array" - }, - "OrganizationConformancePackName": { - "markdownDescription": "The name you assign to an organization conformance pack.", - "title": "OrganizationConformancePackName", - "type": "string" - }, - "TemplateBody": { - "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.", - "title": "TemplateBody", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudTrail event data store, dashboard, or channel attached to the resource-based policy.\n\nExample event data store ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`\n\nExample dashboard ARN format: `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`\n\nExample channel ARN format: `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`", + "title": "ResourceArn", "type": "string" }, - "TemplateS3Uri": { - "markdownDescription": "Location of file containing the template body. The uri must point to the conformance pack template (max size: 300 KB).", - "title": "TemplateS3Uri", - "type": "string" + "ResourcePolicy": { + "markdownDescription": "A JSON-formatted string for an AWS resource-based policy.\n\nFor example resource-based policies, see [CloudTrail resource-based policy examples](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html) in the *CloudTrail User Guide* .", + "title": "ResourcePolicy", + "type": "object" } }, "required": [ - "OrganizationConformancePackName" + "ResourceArn", + "ResourcePolicy" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::OrganizationConformancePack" + "AWS::CloudTrail::ResourcePolicy" ], "type": "string" }, @@ -49305,27 +53083,7 @@ ], "type": "object" }, - "AWS::Config::OrganizationConformancePack.ConformancePackInputParameter": { - "additionalProperties": false, - "properties": { - "ParameterName": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterName", - "type": "string" - }, - "ParameterValue": { - "markdownDescription": "One part of a key-value pair.", - "title": "ParameterValue", - "type": "string" - } - }, - "required": [ - "ParameterName", - "ParameterValue" - ], - "type": "object" - }, - "AWS::Config::RemediationConfiguration": { + "AWS::CloudTrail::Trail": { "additionalProperties": false, "properties": { "Condition": { @@ -49360,67 +53118,108 @@ "Properties": { "additionalProperties": false, "properties": { - "Automatic": { - "markdownDescription": "The remediation is triggered automatically.", - "title": "Automatic", - "type": "boolean" + "AdvancedEventSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedEventSelector" + }, + "markdownDescription": "Specifies the settings for advanced event selectors. You can use advanced event selectors to log management events, data events for all resource types, and network activity events.\n\nYou can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either `AdvancedEventSelectors` or `EventSelectors` , but not both. If you apply `AdvancedEventSelectors` to a trail, any existing `EventSelectors` are overwritten. For more information about advanced event selectors, see [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .", + "title": "AdvancedEventSelectors", + "type": "array" }, - "ConfigRuleName": { - "markdownDescription": "The name of the AWS Config rule.", - "title": "ConfigRuleName", + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", + "title": "CloudWatchLogsLogGroupArn", "type": "string" }, - "ExecutionControls": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ExecutionControls", - "markdownDescription": "An ExecutionControls object.", - "title": "ExecutionControls" + "CloudWatchLogsRoleArn": { + "markdownDescription": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", + "title": "CloudWatchLogsRoleArn", + "type": "string" }, - "MaximumAutomaticAttempts": { - "markdownDescription": "The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n\nFor example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.", - "title": "MaximumAutomaticAttempts", - "type": "number" + "EnableLogFileValidation": { + "markdownDescription": "Specifies whether log file validation is enabled. The default is false.\n\n> When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.", + "title": "EnableLogFileValidation", + "type": "boolean" }, - "Parameters": { - "markdownDescription": "An object of the RemediationParameterValue. For more information, see [RemediationParameterValue](https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationParameterValue.html) .\n\n> The type is a map of strings to RemediationParameterValue.", - "title": "Parameters", - "type": "object" + "EventSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.EventSelector" + }, + "markdownDescription": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.\n\nYou can configure up to five event selectors for a trail.\n\nYou cannot apply both event selectors and advanced event selectors to a trail.", + "title": "EventSelectors", + "type": "array" }, - "ResourceType": { - "markdownDescription": "The type of a resource.", - "title": "ResourceType", - "type": "string" + "IncludeGlobalServiceEvents": { + "markdownDescription": "Specifies whether the trail is publishing events from global services such as IAM to the log files.", + "title": "IncludeGlobalServiceEvents", + "type": "boolean" }, - "RetryAttemptSeconds": { - "markdownDescription": "Time window to determine whether or not to add a remediation exception to prevent infinite remediation attempts. If `MaximumAutomaticAttempts` remediation attempts have been made under `RetryAttemptSeconds` , a remediation exception will be added to the resource. If you do not select a number, the default is 60 seconds.\n\nFor example, if you specify `RetryAttemptSeconds` as 50 seconds and `MaximumAutomaticAttempts` as 5, AWS Config will run auto-remediations 5 times within 50 seconds before adding a remediation exception to the resource.", - "title": "RetryAttemptSeconds", - "type": "number" + "InsightSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.InsightSelector" + }, + "markdownDescription": "A JSON string that contains the Insights types you want to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightSelectors", + "type": "array" }, - "TargetId": { - "markdownDescription": "Target ID is the name of the SSM document.", - "title": "TargetId", + "IsLogging": { + "markdownDescription": "Whether the CloudTrail trail is currently logging AWS API calls.", + "title": "IsLogging", + "type": "boolean" + }, + "IsMultiRegionTrail": { + "markdownDescription": "Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.", + "title": "IsMultiRegionTrail", + "type": "boolean" + }, + "IsOrganizationTrail": { + "markdownDescription": "Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to `true` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to `false` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization.\n\n> Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.", + "title": "IsOrganizationTrail", + "type": "boolean" + }, + "KMSKeyId": { + "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the logs and digest files delivered by CloudTrail. The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n- 12345678-1234-1234-1234-123456789012", + "title": "KMSKeyId", "type": "string" }, - "TargetType": { - "markdownDescription": "The type of the target. Target executes remediation. For example, SSM document.", - "title": "TargetType", + "S3BucketName": { + "markdownDescription": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See [Amazon S3 Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .", + "title": "S3BucketName", "type": "string" }, - "TargetVersion": { - "markdownDescription": "Version of the target. For example, version of the SSM document.\n\n> If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.", - "title": "TargetVersion", + "S3KeyPrefix": { + "markdownDescription": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see [Finding Your CloudTrail Log Files](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files) . The maximum length is 200 characters.", + "title": "S3KeyPrefix", + "type": "string" + }, + "SnsTopicName": { + "markdownDescription": "Specifies the name or ARN of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.", + "title": "SnsTopicName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A custom set of tags (key-value pairs) for this trail.", + "title": "Tags", + "type": "array" + }, + "TrailName": { + "markdownDescription": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)", + "title": "TrailName", "type": "string" } }, "required": [ - "ConfigRuleName", - "TargetId", - "TargetType" + "IsLogging", + "S3BucketName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::RemediationConfiguration" + "AWS::CloudTrail::Trail" ], "type": "string" }, @@ -49439,71 +53238,156 @@ ], "type": "object" }, - "AWS::Config::RemediationConfiguration.ExecutionControls": { + "AWS::CloudTrail::Trail.AdvancedEventSelector": { "additionalProperties": false, "properties": { - "SsmControls": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.SsmControls", - "markdownDescription": "A SsmControls object.", - "title": "SsmControls" + "FieldSelectors": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedFieldSelector" + }, + "markdownDescription": "Contains all selector statements in an advanced event selector.", + "title": "FieldSelectors", + "type": "array" + }, + "Name": { + "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", + "title": "Name", + "type": "string" } }, + "required": [ + "FieldSelectors" + ], "type": "object" }, - "AWS::Config::RemediationConfiguration.RemediationParameterValue": { + "AWS::CloudTrail::Trail.AdvancedFieldSelector": { "additionalProperties": false, "properties": { - "ResourceValue": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ResourceValue", - "markdownDescription": "The value is dynamic and changes at run-time.", - "title": "ResourceValue" + "EndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "EndsWith", + "type": "array" }, - "StaticValue": { - "$ref": "#/definitions/AWS::Config::RemediationConfiguration.StaticValue", - "markdownDescription": "The value is static and does not change at run-time.", - "title": "StaticValue" + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", + "title": "Equals", + "type": "array" + }, + "Field": { + "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `eventCategory` (required), `eventSource` , and `readOnly` . The following additional fields are available for event data stores: `eventName` , `eventType` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail data events, supported fields include `eventCategory` (required), `eventName` , `eventSource` , `eventType` , `resources.type` (required), `readOnly` , `resources.ARN` , `sessionCredentialFromConsole` , and `userIdentity.arn` .\n\nFor CloudTrail network activity events, supported fields include `eventCategory` (required), `eventSource` (required), `eventName` , `errorCode` , and `vpcEndpointId` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n> Selectors don't support the use of wildcards like `*` . To match multiple values with a single condition, you may use `StartsWith` , `EndsWith` , `NotStartsWith` , or `NotEndsWith` to explicitly match the beginning or end of the event field. \n\n- *`readOnly`* - This is an optional field that is only used for management events and data events. This field can be set to `Equals` with a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - This field is only used for management events, data events, and network activity events.\n\nFor management events for trails, this is an optional field that can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS management events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS management events.\n\nFor data events for trails, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor management and data events for event data stores, this is an optional field that you can use to include or exclude any event source and can use any operator.\n\nFor network activity events, this is a required field that only uses the `Equals` operator. Set this field to the event source for which you want to log network activity events. If you want to log network activity events for multiple event sources, you must create a separate field selector for each event source. For a list of services supporting network activity events, see [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n- *`eventName`* - This is an optional field that is only used for data events, management events (for event data stores only), and network activity events. You can use any operator with `eventName` . You can use it to \ufb01lter in or \ufb01lter out specific events. You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This field is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n- For CloudTrail network activity events, the value must be `NetworkActivity` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For events outside of AWS , the value must be `ActivityAuditLog` .\n- *`eventType`* - For event data stores, this is an optional field available for event data stores to filter management and data events on the event type. For trails, this is an optional field to filter data events on the event type. For information about available event types, see [CloudTrail record contents](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type) in the *AWS CloudTrail user guide* .\n- *`errorCode`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This is the error code to filter on. Currently, the only valid `errorCode` is `VpceAccessDenied` . `errorCode` can only use the `Equals` operator.\n- *`sessionCredentialFromConsole`* - For event data stores, this is an optional field used to filter management and data events based on whether the events originated from an AWS Management Console session. For trails, this is an optional field used to filter data events. `sessionCredentialFromConsole` can only use the `Equals` and `NotEquals` operators.\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator.\n\nFor a list of available resource types for data events, see [Data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events) in the *AWS CloudTrail User Guide* .\n\nYou can have only one `resources.type` \ufb01eld per selector. To log events on more than one resource type, add another selector.\n- *`resources.ARN`* - The `resources.ARN` is an optional field for data events. You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value.\n\nFor more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *Service Authorization Reference* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.\n- *`userIdentity.arn`* - For event data stores, this is an optional field used to filter management and data events for actions taken by specific IAM identities. For trails, this is an optional field used to filter data events. You can use any operator with `userIdentity.arn` . For more information on the userIdentity element, see [CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html) in the *AWS CloudTrail User Guide* .\n- *`vpcEndpointId`* - This \ufb01eld is only used to filter CloudTrail network activity events and is optional. This field identifies the VPC endpoint that the request passed through. You can use any operator with `vpcEndpointId` .", + "title": "Field", + "type": "string" + }, + "NotEndsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", + "title": "NotEndsWith", + "type": "array" + }, + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", + "title": "NotEquals", + "type": "array" + }, + "NotStartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "NotStartsWith", + "type": "array" + }, + "StartsWith": { + "items": { + "type": "string" + }, + "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", + "title": "StartsWith", + "type": "array" } }, + "required": [ + "Field" + ], "type": "object" }, - "AWS::Config::RemediationConfiguration.ResourceValue": { + "AWS::CloudTrail::Trail.DataResource": { "additionalProperties": false, "properties": { - "Value": { + "Type": { + "markdownDescription": "The resource type in which you want to log data events. You can specify the following *basic* event selector resource types:\n\n- `AWS::DynamoDB::Table`\n- `AWS::Lambda::Function`\n- `AWS::S3::Object`\n\nAdditional resource types are available through *advanced* event selectors. For more information, see [AdvancedEventSelector](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) .", + "title": "Type", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified resource type.\n\n- To log data events for all objects in all S3 buckets in your AWS account , specify the prefix as `arn:aws:s3` .\n\n> This also enables logging of data event activity performed by any user or role in your AWS account , even if that activity is performed on a bucket that belongs to another AWS account .\n- To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/` . The trail logs data events for all objects in this S3 bucket.\n- To log data events for specific objects, specify the S3 bucket and object prefix such as `arn:aws:s3:::amzn-s3-demo-bucket1/example-images` . The trail logs data events for objects in this S3 bucket that match the prefix.\n- To log data events for all Lambda functions in your AWS account , specify the prefix as `arn:aws:lambda` .\n\n> This also enables logging of `Invoke` activity performed by any user or role in your AWS account , even if that activity is performed on a function that belongs to another AWS account .\n- To log data events for a specific Lambda function, specify the function ARN.\n\n> Lambda function ARNs are exact. For example, if you specify a function ARN *arn:aws:lambda:us-west-2:111111111111:function:helloworld* , data events will only be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld* . They will not be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld2* .\n- To log data events for all DynamoDB tables in your AWS account , specify the prefix as `arn:aws:dynamodb` .", + "title": "Values", + "type": "array" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Config::RemediationConfiguration.SsmControls": { + "AWS::CloudTrail::Trail.EventSelector": { "additionalProperties": false, "properties": { - "ConcurrentExecutionRatePercentage": { - "markdownDescription": "The maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. You can specify a percentage, such as 10%. The default value is 10.", - "title": "ConcurrentExecutionRatePercentage", - "type": "number" + "DataResources": { + "items": { + "$ref": "#/definitions/AWS::CloudTrail::Trail.DataResource" + }, + "markdownDescription": "CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events.\n\nFor more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* .\n\n> To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field.", + "title": "DataResources", + "type": "array" }, - "ErrorPercentage": { - "markdownDescription": "The percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. You can specify a percentage of errors, for example 10%. If you do not specifiy a percentage, the default is 50%. For example, if you set the ErrorPercentage to 40% for 10 non-compliant resources, then SSM stops running the automations when the fifth error is received.", - "title": "ErrorPercentage", - "type": "number" + "ExcludeManagementEventSources": { + "items": { + "type": "string" + }, + "markdownDescription": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service or Amazon RDS Data API events by containing `kms.amazonaws.com` or `rdsdata.amazonaws.com` . By default, `ExcludeManagementEventSources` is empty, and AWS KMS and Amazon RDS Data API events are logged to your trail. You can exclude management event sources only in Regions that support the event source.", + "title": "ExcludeManagementEventSources", + "type": "array" + }, + "IncludeManagementEvents": { + "markdownDescription": "Specify if you want your event selector to include management events for your trail.\n\nFor more information, see [Management Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n\nBy default, the value is `true` .\n\nThe first copy of management events is free. You are charged for additional copies of management events that you are logging on any subsequent trail in the same Region. For more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) .", + "title": "IncludeManagementEvents", + "type": "boolean" + }, + "ReadWriteType": { + "markdownDescription": "Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 `GetConsoleOutput` is a read-only API operation and `RunInstances` is a write-only API operation.\n\nBy default, the value is `All` .", + "title": "ReadWriteType", + "type": "string" } }, "type": "object" }, - "AWS::Config::RemediationConfiguration.StaticValue": { + "AWS::CloudTrail::Trail.InsightSelector": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "type": "string" - }, - "type": "array" + "InsightType": { + "markdownDescription": "The type of Insights events to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", + "title": "InsightType", + "type": "string" } }, "type": "object" }, - "AWS::Config::StoredQuery": { + "AWS::CloudWatch::Alarm": { "additionalProperties": false, "properties": { "Condition": { @@ -49538,39 +53422,144 @@ "Properties": { "additionalProperties": false, "properties": { - "QueryDescription": { - "markdownDescription": "A unique description for the query.", - "title": "QueryDescription", + "ActionsEnabled": { + "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE.", + "title": "ActionsEnabled", + "type": "boolean" + }, + "AlarmActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmActions", + "type": "array" + }, + "AlarmDescription": { + "markdownDescription": "The description of the alarm.", + "title": "AlarmDescription", "type": "string" }, - "QueryExpression": { - "markdownDescription": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`", - "title": "QueryExpression", + "AlarmName": { + "markdownDescription": "The name of the alarm. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the alarm name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "AlarmName", "type": "string" }, - "QueryName": { - "markdownDescription": "The name of the query.", - "title": "QueryName", + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand.", + "title": "ComparisonOperator", + "type": "string" + }, + "DatapointsToAlarm": { + "markdownDescription": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for `EvaluationPeriods` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, CloudWatch uses the same value here that you set for `EvaluationPeriods` , and the alarm goes to alarm state if that many consecutive periods are breaching.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" + }, + "markdownDescription": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify `Dimensions` . Instead, you use `Metrics` .", + "title": "Dimensions", + "type": "array" + }, + "EvaluateLowSampleCountPercentile": { + "markdownDescription": "Used only for alarms based on percentiles. If `ignore` , the alarm state does not change during periods with too few data points to be statistically significant. If `evaluate` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available.", + "title": "EvaluateLowSampleCountPercentile", + "type": "string" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and `DatapointsToAlarm` is the M.\n\nFor more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .", + "title": "EvaluationPeriods", + "type": "number" + }, + "ExtendedStatistic": { + "markdownDescription": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `ExtendedStatistic` . Instead, you use `Metrics` .", + "title": "ExtendedStatistic", + "type": "string" + }, + "InsufficientDataActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", + "title": "InsufficientDataActions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use `Metrics` instead and you can't specify `MetricName` .", + "title": "MetricName", + "type": "string" + }, + "Metrics": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricDataQuery" + }, + "markdownDescription": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n\nIf you specify the `Metrics` parameter, you cannot specify `MetricName` , `Dimensions` , `Period` , `Namespace` , `Statistic` , `ExtendedStatistic` , or `Unit` .", + "title": "Metrics", + "type": "array" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify `Namespace` and you use `Metrics` instead.\n\nFor a list of namespaces for metrics from AWS services, see [AWS Services That Publish CloudWatch Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)", + "title": "Namespace", + "type": "string" + }, + "OKActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the `OK` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", + "title": "OKActions", + "type": "array" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 20, 30, 60, and any multiple of 60.\n\nFor an alarm based on a math expression, you can't specify `Period` , and instead you use the `Metrics` parameter.\n\n*Minimum:* 10", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use `ExtendedStatistic` .\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `Statistic` . Instead, you use `Metrics` .", + "title": "Statistic", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", + "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", "title": "Tags", "type": "array" + }, + "Threshold": { + "markdownDescription": "The value to compare with the specified statistic.", + "title": "Threshold", + "type": "number" + }, + "ThresholdMetricId": { + "markdownDescription": "In an alarm based on an anomaly detection model, this is the ID of the `ANOMALY_DETECTION_BAND` function used as the threshold for the alarm.", + "title": "ThresholdMetricId", + "type": "string" + }, + "TreatMissingData": { + "markdownDescription": "Sets how this alarm is to handle missing data points. Valid values are `breaching` , `notBreaching` , `ignore` , and `missing` . For more information, see [Configuring How CloudWatch Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, the default behavior of `missing` is used.", + "title": "TreatMissingData", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a `Metrics` array.\n\nYou can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", + "title": "Unit", + "type": "string" } }, "required": [ - "QueryExpression", - "QueryName" + "ComparisonOperator", + "EvaluationPeriods" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::StoredQuery" + "AWS::CloudWatch::Alarm" ], "type": "string" }, @@ -49589,7 +53578,126 @@ ], "type": "object" }, - "AWS::Connect::ApprovedOrigin": { + "AWS::CloudWatch::Alarm.Dimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension, from 1\u2013255 characters in length. This dimension name must have been included when the metric was published.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the dimension, from 1\u2013255 characters in length.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::CloudWatch::Alarm.Metric": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" + }, + "markdownDescription": "The metric dimensions that you want to be used for the metric that the alarm will watch.", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric that you want the alarm to watch. This is a required field.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric that the alarm will watch.", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudWatch::Alarm.MetricDataQuery": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account where the metrics are located, if this is a cross-account alarm.", + "title": "AccountId", + "type": "string" + }, + "Expression": { + "markdownDescription": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If `Label` is omitted, CloudWatch generates a default.", + "title": "Label", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricStat", + "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", + "title": "Period", + "type": "number" + }, + "ReturnData": { + "markdownDescription": "This option indicates whether to return the timestamps and raw data values of this metric.\n\nWhen you create an alarm based on a metric math expression, specify `True` for this value for only the one math expression that the alarm is based on. You must specify `False` for `ReturnData` for all the other metrics and expressions used in the alarm.\n\nThis field is required.", + "title": "ReturnData", + "type": "boolean" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::CloudWatch::Alarm.MetricStat": { + "additionalProperties": false, + "properties": { + "Metric": { + "$ref": "#/definitions/AWS::CloudWatch::Alarm.Metric", + "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", + "title": "Metric" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit to use for the returned data points.\n\nValid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Metric", + "Period", + "Stat" + ], + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -49624,26 +53732,55 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", + "Configuration": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Configuration", + "markdownDescription": "Specifies details about how the anomaly detection model is to be trained, including time ranges to exclude when training and updating the model. The configuration can also include the time zone to use for the metric.", + "title": "Configuration" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + }, + "markdownDescription": "The dimensions of the metric associated with the anomaly detection band.", + "title": "Dimensions", + "type": "array" + }, + "MetricCharacteristics": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricCharacteristics", + "markdownDescription": "Use this object to include parameters to provide information about your metric to CloudWatch to help it build more accurate anomaly detection models. Currently, it includes the `PeriodicSpikes` parameter.", + "title": "MetricCharacteristics" + }, + "MetricMathAnomalyDetector": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector", + "markdownDescription": "The CloudWatch metric math expression for this anomaly detector.", + "title": "MetricMathAnomalyDetector" + }, + "MetricName": { + "markdownDescription": "The name of the metric associated with the anomaly detection band.", + "title": "MetricName", "type": "string" }, - "Origin": { - "markdownDescription": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`", - "title": "Origin", + "Namespace": { + "markdownDescription": "The namespace of the metric associated with the anomaly detection band.", + "title": "Namespace", + "type": "string" + }, + "SingleMetricAnomalyDetector": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector", + "markdownDescription": "The CloudWatch metric and statistic for this anomaly detector.", + "title": "SingleMetricAnomalyDetector" + }, + "Stat": { + "markdownDescription": "The statistic of the metric associated with the anomaly detection band.", + "title": "Stat", "type": "string" } }, - "required": [ - "InstanceId", - "Origin" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::ApprovedOrigin" + "AWS::CloudWatch::AnomalyDetector" ], "type": "string" }, @@ -49657,12 +53794,237 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::ContactFlow": { + "AWS::CloudWatch::AnomalyDetector.Configuration": { + "additionalProperties": false, + "properties": { + "ExcludedTimeRanges": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Range" + }, + "markdownDescription": "Specifies an array of time ranges to exclude from use when the anomaly detection model is trained and updated. Use this to make sure that events that could cause unusual values for the metric, such as deployments, aren't used when CloudWatch creates or updates the model.", + "title": "ExcludedTimeRanges", + "type": "array" + }, + "MetricTimeZone": { + "markdownDescription": "The time zone to use for the metric. This is useful to enable the model to automatically account for daylight savings time changes if the metric is sensitive to such time changes.\n\nTo specify a time zone, use the name of the time zone as specified in the standard tz database. For more information, see [tz database](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Tz_database) .", + "title": "MetricTimeZone", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.Dimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the dimension.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.Metric": { + "additionalProperties": false, + "properties": { + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + }, + "markdownDescription": "The dimensions for the metric.", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric. This is a required field.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "MetricName", + "Namespace" + ], + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricCharacteristics": { + "additionalProperties": false, + "properties": { + "PeriodicSpikes": { + "markdownDescription": "Set this parameter to true if values for this metric consistently include spikes that should not be considered to be anomalies. With this set to true, CloudWatch will expect to see spikes that occurred consistently during the model training period, and won't flag future similar spikes as anomalies.", + "title": "PeriodicSpikes", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricDataQueries": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricDataQuery": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account where the metrics are located.\n\nIf you are performing a `GetMetricData` operation in a monitoring account, use this to specify which account to retrieve this metric from.\n\nIf you are performing a `PutMetricAlarm` operation, use this to specify which account contains the metric that the alarm is watching.", + "title": "AccountId", + "type": "string" + }, + "Expression": { + "markdownDescription": "This field can contain either a Metrics Insights query, or a metric math expression to be performed on the returned data. For more information about Metrics Insights queries, see [Metrics Insights query components and syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-insights-querylanguage) in the *Amazon CloudWatch User Guide* .\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "Expression", + "type": "string" + }, + "Id": { + "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", + "title": "Id", + "type": "string" + }, + "Label": { + "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If Label is omitted, CloudWatch generates a default.\n\nYou can put dynamic expressions into a label, so that it is more descriptive. For more information, see [Using Dynamic Labels](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/graph-dynamic-labels.html) .", + "title": "Label", + "type": "string" + }, + "MetricStat": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricStat", + "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", + "title": "MetricStat" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", + "title": "Period", + "type": "number" + }, + "ReturnData": { + "markdownDescription": "When used in `GetMetricData` , this option indicates whether to return the timestamps and raw data values of this metric. If you are performing this call just to do math expressions and do not also need the raw data returned, you can specify `false` . If you omit this, the default of `true` is used.\n\nWhen used in `PutMetricAlarm` , specify `true` for the one expression result to use as the alarm. For all other metrics and expressions in the same `PutMetricAlarm` operation, specify `ReturnData` as False.", + "title": "ReturnData", + "type": "boolean" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector": { + "additionalProperties": false, + "properties": { + "MetricDataQueries": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricDataQuery" + }, + "markdownDescription": "An array of metric data query structures that enables you to create an anomaly detector based on the result of a metric math expression. Each item in `MetricDataQueries` gets a metric or performs a math expression. One item in `MetricDataQueries` is the expression that provides the time series that the anomaly detector uses as input. Designate the expression by setting `ReturnData` to `true` for this object in the array. For all other expressions and metrics, set `ReturnData` to `false` . The designated expression must return a single time series.", + "title": "MetricDataQueries", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.MetricStat": { + "additionalProperties": false, + "properties": { + "Metric": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Metric", + "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", + "title": "Metric" + }, + "Period": { + "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", + "title": "Period", + "type": "number" + }, + "Stat": { + "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic.", + "title": "Stat", + "type": "string" + }, + "Unit": { + "markdownDescription": "When you are using a `Put` operation, this defines what unit you want to use when storing the metric.\n\nIn a `Get` operation, if you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Metric", + "Period", + "Stat" + ], + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.Range": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The end time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", + "title": "EndTime", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "EndTime", + "StartTime" + ], + "type": "object" + }, + "AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here. If you omit this parameter, the current account is used.", + "title": "AccountId", + "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" + }, + "markdownDescription": "The metric dimensions to create the anomaly detection model for.", + "title": "Dimensions", + "type": "array" + }, + "MetricName": { + "markdownDescription": "The name of the metric to create the anomaly detection model for.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace of the metric to create the anomaly detection model for.", + "title": "Namespace", + "type": "string" + }, + "Stat": { + "markdownDescription": "The statistic to use for the metric and anomaly detection model.", + "title": "Stat", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CloudWatch::CompositeAlarm": { "additionalProperties": false, "properties": { "Condition": { @@ -49697,56 +54059,82 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content of the flow.\n\nFor more information, see [Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html) in the *Amazon Connect Administrator Guide* .", - "title": "Content", - "type": "string" + "ActionsEnabled": { + "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. The default is TRUE.", + "title": "ActionsEnabled", + "type": "boolean" }, - "Description": { - "markdownDescription": "The description of the flow.", - "title": "Description", + "ActionsSuppressor": { + "markdownDescription": "Actions will be suppressed if the suppressor alarm is in the `ALARM` state. `ActionsSuppressor` can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm.", + "title": "ActionsSuppressor", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", + "ActionsSuppressorExtensionPeriod": { + "markdownDescription": "The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `ExtensionPeriod` is required only when `ActionsSuppressor` is specified.", + "title": "ActionsSuppressorExtensionPeriod", + "type": "number" + }, + "ActionsSuppressorWaitPeriod": { + "markdownDescription": "The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `WaitPeriod` is required only when `ActionsSuppressor` is specified.", + "title": "ActionsSuppressorWaitPeriod", + "type": "number" + }, + "AlarmActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmActions", + "type": "array" + }, + "AlarmDescription": { + "markdownDescription": "The description for the composite alarm.", + "title": "AlarmDescription", "type": "string" }, - "Name": { - "markdownDescription": "The name of the flow.", - "title": "Name", + "AlarmName": { + "markdownDescription": "The name for the composite alarm. This name must be unique within your AWS account.", + "title": "AlarmName", "type": "string" }, - "State": { - "markdownDescription": "The state of the flow.", - "title": "State", + "AlarmRule": { + "markdownDescription": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For each alarm that you reference, you designate a function that specifies whether that alarm needs to be in ALARM state, OK state, or INSUFFICIENT_DATA state. You can use operators (AND, OR and NOT) to combine multiple functions in a single expression. You can use parenthesis to logically group the functions in your expression.\n\nYou can use either alarm names or ARNs to reference the other alarms that are to be evaluated.\n\nFunctions can include the following:\n\n- ALARM(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in ALARM state.\n- OK(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in OK state.\n- INSUFFICIENT_DATA(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in INSUFFICIENT_DATA state.\n- TRUE always evaluates to TRUE.\n- FALSE always evaluates to FALSE.\n\nTRUE and FALSE are useful for testing a complex AlarmRule structure, and for testing your alarm actions.\n\nFor more information about `AlarmRule` syntax, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "AlarmRule", "type": "string" }, + "InsufficientDataActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "InsufficientDataActions", + "type": "array" + }, + "OKActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", + "title": "OKActions", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the flow. For descriptions of the available types, see [Choose a flow type](https://docs.aws.amazon.com/connect/latest/adminguide/create-contact-flow.html#contact-flow-types) in the *Amazon Connect Administrator Guide* .", - "title": "Type", - "type": "string" } }, "required": [ - "Content", - "InstanceArn", - "Name", - "Type" + "AlarmRule" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::ContactFlow" + "AWS::CloudWatch::CompositeAlarm" ], "type": "string" }, @@ -49765,7 +54153,7 @@ ], "type": "object" }, - "AWS::Connect::ContactFlowModule": { + "AWS::CloudWatch::Dashboard": { "additionalProperties": false, "properties": { "Condition": { @@ -49800,50 +54188,114 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content of the flow module.", - "title": "Content", + "DashboardBody": { + "markdownDescription": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard. This parameter is required.\n\nFor more information about the syntax, see [Dashboard Body Structure and Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html) .", + "title": "DashboardBody", "type": "string" }, - "Description": { - "markdownDescription": "The description of the flow module.", - "title": "Description", + "DashboardName": { + "markdownDescription": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically.", + "title": "DashboardName", + "type": "string" + } + }, + "required": [ + "DashboardBody" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CloudWatch::Dashboard" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CloudWatch::InsightRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplyOnTransformedLogs": { + "markdownDescription": "Determines whether the rules is evaluated on transformed versions of logs. Valid values are `TRUE` and `FALSE` .", + "title": "ApplyOnTransformedLogs", + "type": "boolean" + }, + "RuleBody": { + "markdownDescription": "The definition of the rule, as a JSON object. For details about the syntax, see [Contributor Insights Rule Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights-RuleSyntax.html) in the *Amazon CloudWatch User Guide* .", + "title": "RuleBody", "type": "string" }, - "Name": { - "markdownDescription": "The name of the flow module.", - "title": "Name", + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", "type": "string" }, - "State": { - "markdownDescription": "The state of the flow module.", - "title": "State", + "RuleState": { + "markdownDescription": "The current state of the rule. Valid values are `ENABLED` and `DISABLED` .", + "title": "RuleState", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "$ref": "#/definitions/AWS::CloudWatch::InsightRule.Tags", + "markdownDescription": "A list of key-value pairs to associate with the Contributor Insights rule. You can associate as many as 50 tags with a rule.\n\nTags can help you organize and categorize your resources. For more information, see [Tagging Your Amazon CloudWatch Resources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Tagging.html) .\n\nTo be able to associate tags with a rule, you must have the `cloudwatch:TagResource` permission in addition to the `cloudwatch:PutInsightRule` permission.", + "title": "Tags" } }, "required": [ - "Content", - "InstanceArn", - "Name" + "RuleBody", + "RuleName", + "RuleState" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::ContactFlowModule" + "AWS::CloudWatch::InsightRule" ], "type": "string" }, @@ -49862,7 +54314,12 @@ ], "type": "object" }, - "AWS::Connect::EvaluationForm": { + "AWS::CloudWatch::InsightRule.Tags": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CloudWatch::MetricStream": { "additionalProperties": false, "properties": { "Condition": { @@ -49897,59 +54354,74 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the evaluation form.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", - "title": "Description", - "type": "string" + "ExcludeFilters": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" + }, + "markdownDescription": "If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", + "title": "ExcludeFilters", + "type": "array" }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "FirehoseArn": { + "markdownDescription": "The ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream. This Amazon Kinesis Firehose delivery stream must already exist and must be in the same account as the metric stream.", + "title": "FirehoseArn", "type": "string" }, - "Items": { + "IncludeFilters": { "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormBaseItem" + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" }, - "markdownDescription": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n\n*Minimum size* : 1\n\n*Maximum size* : 100", - "title": "Items", + "markdownDescription": "If you specify this parameter, the stream sends only the metrics from the metric namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", + "title": "IncludeFilters", "type": "array" }, - "ScoringStrategy": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.ScoringStrategy", - "markdownDescription": "A scoring strategy of the evaluation form.", - "title": "ScoringStrategy" + "IncludeLinkedAccountsMetrics": { + "markdownDescription": "If you are creating a metric stream in a monitoring account, specify `true` to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is `false` .\n\nFor more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html)", + "title": "IncludeLinkedAccountsMetrics", + "type": "boolean" }, - "Status": { - "markdownDescription": "The status of the evaluation form.\n\n*Allowed values* : `DRAFT` | `ACTIVE`", - "title": "Status", + "Name": { + "markdownDescription": "If you are creating a new metric stream, this is the name for the new stream. The name must be different than the names of other metric streams in this account and Region.\n\nIf you are updating a metric stream, specify the name of that stream here.", + "title": "Name", + "type": "string" + }, + "OutputFormat": { + "markdownDescription": "The output format for the stream. Valid values are `json` , `opentelemetry1.0` and `opentelemetry0.7` For more information about metric stream output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html) .\n\nThis parameter is required.", + "title": "OutputFormat", "type": "string" }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. This IAM role must already exist and must be in the same account as the metric stream. This IAM role must include the `firehose:PutRecord` and `firehose:PutRecordBatch` permissions.", + "title": "RoleArn", + "type": "string" + }, + "StatisticsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration" + }, + "markdownDescription": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members.\n\nFor each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `OutputFormat` . If the `OutputFormat` is `json` , you can stream any additional statistic that is supported by CloudWatch , listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) . If the `OutputFormat` is OpenTelemetry, you can stream percentile statistics.", + "title": "StatisticsConfigurations", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "An array of key-value pairs to apply to the metric stream.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "Title": { - "markdownDescription": "A title of the evaluation form.", - "title": "Title", - "type": "string" } }, "required": [ - "InstanceArn", - "Items", - "Status", - "Title" + "FirehoseArn", + "OutputFormat", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::EvaluationForm" + "AWS::CloudWatch::MetricStream" ], "type": "string" }, @@ -49968,367 +54440,160 @@ ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormBaseItem": { + "AWS::CloudWatch::MetricStream.MetricStreamFilter": { "additionalProperties": false, "properties": { - "Section": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", - "markdownDescription": "A subsection or inner section of an item.", - "title": "Section" - } - }, - "required": [ - "Section" - ], - "type": "object" - }, - "AWS::Connect::EvaluationForm.EvaluationFormItem": { - "additionalProperties": false, - "properties": { - "Question": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestion", - "markdownDescription": "The information of the question.", - "title": "Question" - }, - "Section": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", - "markdownDescription": "The information of the section.", - "title": "Section" - } - }, - "type": "object" - }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation": { - "additionalProperties": false, - "properties": { - "PropertyValue": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation", - "markdownDescription": "The property value of the automation.", - "title": "PropertyValue" - } - }, - "required": [ - "PropertyValue" - ], - "type": "object" - }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption": { - "additionalProperties": false, - "properties": { - "AutomaticFail": { - "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", - "title": "AutomaticFail", - "type": "boolean" - }, - "MaxValue": { - "markdownDescription": "The maximum answer value of the range option.", - "title": "MaxValue", - "type": "number" - }, - "MinValue": { - "markdownDescription": "The minimum answer value of the range option.", - "title": "MinValue", - "type": "number" - }, - "Score": { - "markdownDescription": "The score assigned to answer values within the range option.\n\n*Minimum* : 0\n\n*Maximum* : 10", - "title": "Score", - "type": "number" - } - }, - "required": [ - "MaxValue", - "MinValue" - ], - "type": "object" - }, - "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties": { - "additionalProperties": false, - "properties": { - "Automation": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation", - "markdownDescription": "The automation properties of the numeric question.", - "title": "Automation" - }, - "MaxValue": { - "markdownDescription": "The maximum answer value.", - "title": "MaxValue", - "type": "number" - }, - "MinValue": { - "markdownDescription": "The minimum answer value.", - "title": "MinValue", - "type": "number" - }, - "Options": { + "MetricNames": { "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption" + "type": "string" }, - "markdownDescription": "The scoring options of the numeric question.", - "title": "Options", + "markdownDescription": "The names of the metrics to either include or exclude from the metric stream.\n\nIf you omit this parameter, all metrics in the namespace are included or excluded, depending on whether this filter is specified as an exclude filter or an include filter.\n\nEach metric name can contain only ASCII printable characters (ASCII range 32 through 126). Each metric name must contain at least one non-whitespace character.", + "title": "MetricNames", "type": "array" - } - }, - "required": [ - "MaxValue", - "MinValue" - ], - "type": "object" - }, - "AWS::Connect::EvaluationForm.EvaluationFormQuestion": { - "additionalProperties": false, - "properties": { - "Instructions": { - "markdownDescription": "The instructions of the section.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", - "title": "Instructions", - "type": "string" - }, - "NotApplicableEnabled": { - "markdownDescription": "The flag to enable not applicable answers to the question.", - "title": "NotApplicableEnabled", - "type": "boolean" - }, - "QuestionType": { - "markdownDescription": "The type of the question.\n\n*Allowed values* : `NUMERIC` | `SINGLESELECT` | `TEXT`", - "title": "QuestionType", - "type": "string" - }, - "QuestionTypeProperties": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties", - "markdownDescription": "The properties of the type of question. Text questions do not have to define question type properties.", - "title": "QuestionTypeProperties" - }, - "RefId": { - "markdownDescription": "The identifier of the question. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", - "type": "string" }, - "Title": { - "markdownDescription": "The title of the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 350.", - "title": "Title", + "Namespace": { + "markdownDescription": "The name of the metric namespace in the filter.\n\nThe namespace can contain only ASCII printable characters (ASCII range 32 through 126). It must contain at least one non-whitespace character.", + "title": "Namespace", "type": "string" - }, - "Weight": { - "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", - "title": "Weight", - "type": "number" } }, "required": [ - "QuestionType", - "RefId", - "Title" + "Namespace" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties": { - "additionalProperties": false, - "properties": { - "Numeric": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties", - "markdownDescription": "The properties of the numeric question.", - "title": "Numeric" - }, - "SingleSelect": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties", - "markdownDescription": "The properties of the numeric question.", - "title": "SingleSelect" - } - }, - "type": "object" - }, - "AWS::Connect::EvaluationForm.EvaluationFormSection": { + "AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration": { "additionalProperties": false, "properties": { - "Instructions": { - "markdownDescription": "The instructions of the section.", - "title": "Instructions", - "type": "string" - }, - "Items": { + "AdditionalStatistics": { "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormItem" + "type": "string" }, - "markdownDescription": "The items of the section.\n\n*Minimum* : 1", - "title": "Items", + "markdownDescription": "The additional statistics to stream for the metrics listed in `IncludeMetrics` .", + "title": "AdditionalStatistics", "type": "array" }, - "RefId": { - "markdownDescription": "The identifier of the section. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the section.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", - "title": "Title", - "type": "string" - }, - "Weight": { - "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", - "title": "Weight", - "type": "number" - } - }, - "required": [ - "RefId", - "Title" - ], - "type": "object" - }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation": { - "additionalProperties": false, - "properties": { - "DefaultOptionRefId": { - "markdownDescription": "The identifier of the default answer option, when none of the automation options match the criteria.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "DefaultOptionRefId", - "type": "string" - }, - "Options": { + "IncludeMetrics": { "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption" + "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric" }, - "markdownDescription": "The automation options of the single select question.\n\n*Minimum* : 1\n\n*Maximum* : 20", - "title": "Options", + "markdownDescription": "An array that defines the metrics that are to have additional statistics streamed.", + "title": "IncludeMetrics", "type": "array" } }, "required": [ - "Options" - ], - "type": "object" - }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption": { - "additionalProperties": false, - "properties": { - "RuleCategory": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation", - "markdownDescription": "The automation option based on a rule category for the single select question.", - "title": "RuleCategory" - } - }, - "required": [ - "RuleCategory" + "AdditionalStatistics", + "IncludeMetrics" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption": { + "AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric": { "additionalProperties": false, "properties": { - "AutomaticFail": { - "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", - "title": "AutomaticFail", - "type": "boolean" - }, - "RefId": { - "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "RefId", + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", "type": "string" }, - "Score": { - "markdownDescription": "The score assigned to the answer option.\n\n*Minimum* : 0\n\n*Maximum* : 10", - "title": "Score", - "type": "number" - }, - "Text": { - "markdownDescription": "The title of the answer option.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", - "title": "Text", + "Namespace": { + "markdownDescription": "The namespace of the metric.", + "title": "Namespace", "type": "string" } }, "required": [ - "RefId", - "Text" + "MetricName", + "Namespace" ], "type": "object" }, - "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties": { + "AWS::CodeArtifact::Domain": { "additionalProperties": false, "properties": { - "Automation": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation", - "markdownDescription": "The display mode of the single select question.", - "title": "Automation" - }, - "DisplayAs": { - "markdownDescription": "The display mode of the single select question.\n\n*Allowed values* : `DROPDOWN` | `RADIO`", - "title": "DisplayAs", + "Condition": { "type": "string" }, - "Options": { - "items": { - "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption" - }, - "markdownDescription": "The answer options of the single select question.\n\n*Minimum* : 2\n\n*Maximum* : 256", - "title": "Options", - "type": "array" - } - }, - "required": [ - "Options" - ], - "type": "object" - }, - "AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation": { - "additionalProperties": false, - "properties": { - "Label": { - "markdownDescription": "The property label of the automation.", - "title": "Label", - "type": "string" - } - }, - "required": [ - "Label" - ], - "type": "object" - }, - "AWS::Connect::EvaluationForm.ScoringStrategy": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The scoring mode of the evaluation form.\n\n*Allowed values* : `QUESTION_ONLY` | `SECTION_ONLY`", - "title": "Mode", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Status": { - "markdownDescription": "The scoring status of the evaluation form.\n\n*Allowed values* : `ENABLED` | `DISABLED`", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Mode", - "Status" - ], - "type": "object" - }, - "AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation": { - "additionalProperties": false, - "properties": { - "Category": { - "markdownDescription": "The category name, as defined in Rules.\n\n*Minimum* : 1\n\n*Maximum* : 50", - "title": "Category", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Condition": { - "markdownDescription": "The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category.\n\n*Allowed values* : `PRESENT` | `NOT_PRESENT`\n\n*Maximum* : 50", - "title": "Condition", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DomainName": { + "markdownDescription": "A string that specifies the name of the requested domain.", + "title": "DomainName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The key used to encrypt the domain.", + "title": "EncryptionKey", + "type": "string" + }, + "PermissionsPolicyDocument": { + "markdownDescription": "The document that defines the resource policy that is set on a domain.", + "title": "PermissionsPolicyDocument", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the domain.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DomainName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CodeArtifact::Domain" + ], "type": "string" }, - "OptionRefId": { - "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", - "title": "OptionRefId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Category", - "Condition", - "OptionRefId" + "Type", + "Properties" ], "type": "object" }, - "AWS::Connect::HoursOfOperation": { + "AWS::CodeArtifact::PackageGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -50363,54 +54628,54 @@ "Properties": { "additionalProperties": false, "properties": { - "Config": { - "items": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationConfig" - }, - "markdownDescription": "Configuration information for the hours of operation.", - "title": "Config", - "type": "array" + "ContactInfo": { + "markdownDescription": "The contact information of the package group.", + "title": "ContactInfo", + "type": "string" }, "Description": { - "markdownDescription": "The description for the hours of operation.", + "markdownDescription": "The description of the package group.", "title": "Description", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", + "DomainName": { + "markdownDescription": "The domain that contains the package group.", + "title": "DomainName", "type": "string" }, - "Name": { - "markdownDescription": "The name for the hours of operation.", - "title": "Name", + "DomainOwner": { + "markdownDescription": "The 12-digit account number of the AWS account that owns the domain. It does not include dashes or spaces.", + "title": "DomainOwner", + "type": "string" + }, + "OriginConfiguration": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.OriginConfiguration", + "markdownDescription": "Details about the package origin configuration of a package group.", + "title": "OriginConfiguration" + }, + "Pattern": { + "markdownDescription": "The pattern of the package group. The pattern determines which packages are associated with the package group.", + "title": "Pattern", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "TimeZone": { - "markdownDescription": "The time zone for the hours of operation.", - "title": "TimeZone", - "type": "string" } }, "required": [ - "Config", - "InstanceArn", - "Name", - "TimeZone" + "DomainName", + "Pattern" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::HoursOfOperation" + "AWS::CodeArtifact::PackageGroup" ], "type": "string" }, @@ -50429,53 +54694,64 @@ ], "type": "object" }, - "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { + "AWS::CodeArtifact::PackageGroup.OriginConfiguration": { "additionalProperties": false, "properties": { - "Day": { - "markdownDescription": "The day that the hours of operation applies to.", - "title": "Day", - "type": "string" - }, - "EndTime": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", - "markdownDescription": "The end time that your contact center closes.", - "title": "EndTime" - }, - "StartTime": { - "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", - "markdownDescription": "The start time that your contact center opens.", - "title": "StartTime" + "Restrictions": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.Restrictions", + "markdownDescription": "", + "title": "Restrictions" } }, "required": [ - "Day", - "EndTime", - "StartTime" + "Restrictions" ], "type": "object" }, - "AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice": { + "AWS::CodeArtifact::PackageGroup.RestrictionType": { "additionalProperties": false, "properties": { - "Hours": { - "markdownDescription": "The hours.", - "title": "Hours", - "type": "number" + "Repositories": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Repositories", + "type": "array" }, - "Minutes": { - "markdownDescription": "The minutes.", - "title": "Minutes", - "type": "number" + "RestrictionMode": { + "markdownDescription": "", + "title": "RestrictionMode", + "type": "string" } }, "required": [ - "Hours", - "Minutes" + "RestrictionMode" ], "type": "object" }, - "AWS::Connect::Instance": { + "AWS::CodeArtifact::PackageGroup.Restrictions": { + "additionalProperties": false, + "properties": { + "ExternalUpstream": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "ExternalUpstream" + }, + "InternalUpstream": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "InternalUpstream" + }, + "Publish": { + "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", + "markdownDescription": "", + "title": "Publish" + } + }, + "type": "object" + }, + "AWS::CodeArtifact::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -50510,44 +54786,65 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "$ref": "#/definitions/AWS::Connect::Instance.Attributes", - "markdownDescription": "A toggle for an individual feature at the instance level.", - "title": "Attributes" + "Description": { + "markdownDescription": "A text description of the repository.", + "title": "Description", + "type": "string" }, - "DirectoryId": { - "markdownDescription": "The identifier for the directory.", - "title": "DirectoryId", + "DomainName": { + "markdownDescription": "The name of the domain that contains the repository.", + "title": "DomainName", "type": "string" }, - "IdentityManagementType": { - "markdownDescription": "The identity management type.", - "title": "IdentityManagementType", + "DomainOwner": { + "markdownDescription": "The 12-digit account number of the AWS account that owns the domain that contains the repository. It does not include dashes or spaces.", + "title": "DomainOwner", "type": "string" }, - "InstanceAlias": { - "markdownDescription": "The alias of instance. `InstanceAlias` is only required when `IdentityManagementType` is `CONNECT_MANAGED` or `SAML` . `InstanceAlias` is not required when `IdentityManagementType` is `EXISTING_DIRECTORY` .", - "title": "InstanceAlias", + "ExternalConnections": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of external connections associated with the repository. For more information, see [Supported external connection repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/external-connection.html#supported-public-repositories) in the *CodeArtifact user guide* .", + "title": "ExternalConnections", + "type": "array" + }, + "PermissionsPolicyDocument": { + "markdownDescription": "The document that defines the resource policy that is set on a repository.", + "title": "PermissionsPolicyDocument", + "type": "object" + }, + "RepositoryName": { + "markdownDescription": "The name of an upstream repository.", + "title": "RepositoryName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", + "markdownDescription": "A list of tags to be applied to the repository.", "title": "Tags", "type": "array" + }, + "Upstreams": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. For more information, see [Working with upstream repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html) .", + "title": "Upstreams", + "type": "array" } }, "required": [ - "Attributes", - "IdentityManagementType" + "DomainName", + "RepositoryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Instance" + "AWS::CodeArtifact::Repository" ], "type": "string" }, @@ -50566,52 +54863,7 @@ ], "type": "object" }, - "AWS::Connect::Instance.Attributes": { - "additionalProperties": false, - "properties": { - "AutoResolveBestVoices": { - "markdownDescription": "", - "title": "AutoResolveBestVoices", - "type": "boolean" - }, - "ContactLens": { - "markdownDescription": "", - "title": "ContactLens", - "type": "boolean" - }, - "ContactflowLogs": { - "markdownDescription": "", - "title": "ContactflowLogs", - "type": "boolean" - }, - "EarlyMedia": { - "markdownDescription": "", - "title": "EarlyMedia", - "type": "boolean" - }, - "InboundCalls": { - "markdownDescription": "", - "title": "InboundCalls", - "type": "boolean" - }, - "OutboundCalls": { - "markdownDescription": "", - "title": "OutboundCalls", - "type": "boolean" - }, - "UseCustomTTSVoices": { - "markdownDescription": "", - "title": "UseCustomTTSVoices", - "type": "boolean" - } - }, - "required": [ - "InboundCalls", - "OutboundCalls" - ], - "type": "object" - }, - "AWS::Connect::InstanceStorageConfig": { + "AWS::CodeBuild::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -50646,52 +54898,75 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", + "BaseCapacity": { + "markdownDescription": "The initial number of machines allocated to the compute \ufb02eet, which de\ufb01nes the number of builds that can run in parallel.", + "title": "BaseCapacity", + "type": "number" + }, + "ComputeConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ComputeConfiguration", + "markdownDescription": "The compute configuration of the compute fleet. This is only required if `computeType` is set to `ATTRIBUTE_BASED_COMPUTE` or `CUSTOM_INSTANCE_TYPE` .", + "title": "ComputeConfiguration" + }, + "ComputeType": { + "markdownDescription": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", + "title": "ComputeType", "type": "string" }, - "KinesisFirehoseConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig", - "markdownDescription": "The configuration of the Kinesis Firehose delivery stream.", - "title": "KinesisFirehoseConfig" + "EnvironmentType": { + "markdownDescription": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (S\u00e3o Paulo).\n- The environment type `ARM_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `MAC_ARM` is available only in regions US East (Ohio), US East (N. Virginia), US West (Oregon), Europe (Frankfurt), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_EC2` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (S\u00e3o Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", + "title": "EnvironmentType", + "type": "string" }, - "KinesisStreamConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisStreamConfig", - "markdownDescription": "The configuration of the Kinesis data stream.", - "title": "KinesisStreamConfig" + "FleetProxyConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ProxyConfiguration", + "markdownDescription": "Information about the proxy configurations that apply network access control to your reserved capacity instances.", + "title": "FleetProxyConfiguration" }, - "KinesisVideoStreamConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig", - "markdownDescription": "The configuration of the Kinesis video stream.", - "title": "KinesisVideoStreamConfig" + "FleetServiceRole": { + "markdownDescription": "The service role associated with the compute fleet. For more information, see [Allow a user to add a permission policy for a fleet service role](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html) in the *AWS CodeBuild User Guide* .", + "title": "FleetServiceRole", + "type": "string" }, - "ResourceType": { - "markdownDescription": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`", - "title": "ResourceType", + "FleetVpcConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.VpcConfig", + "markdownDescription": "Information about the VPC configuration that AWS CodeBuild accesses.", + "title": "FleetVpcConfig" + }, + "ImageId": { + "markdownDescription": "The Amazon Machine Image (AMI) of the compute fleet.", + "title": "ImageId", "type": "string" }, - "S3Config": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.S3Config", - "markdownDescription": "The S3 bucket configuration.", - "title": "S3Config" + "Name": { + "markdownDescription": "The name of the compute fleet.", + "title": "Name", + "type": "string" }, - "StorageType": { - "markdownDescription": "A valid storage type.", - "title": "StorageType", + "OverflowBehavior": { + "markdownDescription": "The compute fleet overflow behavior.\n\n- For overflow behavior `QUEUE` , your overflow builds need to wait on the existing fleet instance to become available.\n- For overflow behavior `ON_DEMAND` , your overflow builds run on CodeBuild on-demand.\n\n> If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see [Example policy statement to allow CodeBuild access to AWS services required to create a VPC network interface](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface) .", + "title": "OverflowBehavior", "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.ScalingConfigurationInput", + "markdownDescription": "The scaling configuration of the compute fleet.", + "title": "ScalingConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.", + "title": "Tags", + "type": "array" } }, - "required": [ - "InstanceArn", - "ResourceType", - "StorageType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::InstanceStorageConfig" + "AWS::CodeBuild::Fleet" ], "type": "string" }, @@ -50705,190 +54980,152 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.EncryptionConfig": { + "AWS::CodeBuild::Fleet.ComputeConfiguration": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The type of encryption.", - "title": "EncryptionType", + "disk": { + "markdownDescription": "The amount of disk space of the instance type included in your fleet.", + "title": "disk", + "type": "number" + }, + "instanceType": { + "markdownDescription": "The EC2 instance type to be launched in your fleet.", + "title": "instanceType", "type": "string" }, - "KeyId": { - "markdownDescription": "The full ARN of the encryption key.\n\n> Be sure to provide the full ARN of the encryption key, not just the ID.\n> \n> Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) .", - "title": "KeyId", + "machineType": { + "markdownDescription": "The machine type of the instance type included in your fleet.", + "title": "machineType", "type": "string" + }, + "memory": { + "markdownDescription": "The amount of memory of the instance type included in your fleet.", + "title": "memory", + "type": "number" + }, + "vCpu": { + "markdownDescription": "The number of vCPUs of the instance type included in your fleet.", + "title": "vCpu", + "type": "number" } }, - "required": [ - "EncryptionType", - "KeyId" - ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig": { + "AWS::CodeBuild::Fleet.FleetProxyRule": { "additionalProperties": false, "properties": { - "FirehoseArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", - "title": "FirehoseArn", + "Effect": { + "markdownDescription": "The behavior of the proxy rule.", + "title": "Effect", + "type": "string" + }, + "Entities": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination of the proxy rule.", + "title": "Entities", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of proxy rule.", + "title": "Type", "type": "string" } }, - "required": [ - "FirehoseArn" - ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.KinesisStreamConfig": { + "AWS::CodeBuild::Fleet.ProxyConfiguration": { "additionalProperties": false, "properties": { - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data stream.", - "title": "StreamArn", + "DefaultBehavior": { + "markdownDescription": "The default behavior of outgoing traffic.", + "title": "DefaultBehavior", "type": "string" + }, + "OrderedProxyRules": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.FleetProxyRule" + }, + "markdownDescription": "An array of `FleetProxyRule` objects that represent the specified destination domains or IPs to allow or deny network access control to.", + "title": "OrderedProxyRules", + "type": "array" } }, - "required": [ - "StreamArn" - ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig": { + "AWS::CodeBuild::Fleet.ScalingConfigurationInput": { "additionalProperties": false, "properties": { - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", - "markdownDescription": "The encryption configuration.", - "title": "EncryptionConfig" + "MaxCapacity": { + "markdownDescription": "The maximum number of instances in the \ufb02eet when auto-scaling.", + "title": "MaxCapacity", + "type": "number" }, - "Prefix": { - "markdownDescription": "The prefix of the video stream.", - "title": "Prefix", + "ScalingType": { + "markdownDescription": "The scaling type for a compute fleet.", + "title": "ScalingType", "type": "string" }, - "RetentionPeriodHours": { - "markdownDescription": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream.\n\nThe default value is 0, indicating that the stream does not persist data.", - "title": "RetentionPeriodHours", - "type": "number" + "TargetTrackingScalingConfigs": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Fleet.TargetTrackingScalingConfiguration" + }, + "markdownDescription": "A list of `TargetTrackingScalingConfiguration` objects.", + "title": "TargetTrackingScalingConfigs", + "type": "array" } }, - "required": [ - "EncryptionConfig", - "Prefix", - "RetentionPeriodHours" - ], "type": "object" }, - "AWS::Connect::InstanceStorageConfig.S3Config": { + "AWS::CodeBuild::Fleet.TargetTrackingScalingConfiguration": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The S3 bucket name.", - "title": "BucketName", - "type": "string" - }, - "BucketPrefix": { - "markdownDescription": "The S3 bucket prefix.", - "title": "BucketPrefix", + "MetricType": { + "markdownDescription": "The metric type to determine auto-scaling.", + "title": "MetricType", "type": "string" }, - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", - "markdownDescription": "The Amazon S3 encryption configuration.", - "title": "EncryptionConfig" + "TargetValue": { + "markdownDescription": "The value of `metricType` when to start scaling.", + "title": "TargetValue", + "type": "number" } }, - "required": [ - "BucketName", - "BucketPrefix" - ], "type": "object" }, - "AWS::Connect::IntegrationAssociation": { + "AWS::CodeBuild::Fleet.VpcConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", - "type": "string" - }, - "IntegrationArn": { - "markdownDescription": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`", - "title": "IntegrationArn", - "type": "string" - }, - "IntegrationType": { - "markdownDescription": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`", - "title": "IntegrationType", - "type": "string" - } + "SecurityGroupIds": { + "items": { + "type": "string" }, - "required": [ - "InstanceId", - "IntegrationArn", - "IntegrationType" - ], - "type": "object" + "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC.", + "title": "SecurityGroupIds", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Connect::IntegrationAssociation" - ], - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC.", + "title": "Subnets", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VpcId": { + "markdownDescription": "The ID of the Amazon VPC.", + "title": "VpcId", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Connect::PhoneNumber": { + "AWS::CodeBuild::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -50923,53 +55160,156 @@ "Properties": { "additionalProperties": false, "properties": { - "CountryCode": { - "markdownDescription": "The ISO country code.", - "title": "CountryCode", - "type": "string" + "Artifacts": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts", + "markdownDescription": "`Artifacts` is a property of the [AWS::CodeBuild::Project](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html) resource that specifies output settings for artifacts generated by an AWS CodeBuild build.", + "title": "Artifacts" + }, + "AutoRetryLimit": { + "type": "number" + }, + "BadgeEnabled": { + "markdownDescription": "Indicates whether AWS CodeBuild generates a publicly accessible URL for your project's build badge. For more information, see [Build Badges Sample](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-build-badges.html) in the *AWS CodeBuild User Guide* .\n\n> Including build badges with your project is currently not supported if the source type is CodePipeline. If you specify `CODEPIPELINE` for the `Source` property, do not specify the `BadgeEnabled` property.", + "title": "BadgeEnabled", + "type": "boolean" + }, + "BuildBatchConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectBuildBatchConfig", + "markdownDescription": "A `ProjectBuildBatchConfig` object that defines the batch build options for the project.", + "title": "BuildBatchConfig" + }, + "Cache": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectCache", + "markdownDescription": "Settings that AWS CodeBuild uses to store and reuse build dependencies.", + "title": "Cache" + }, + "ConcurrentBuildLimit": { + "markdownDescription": "The maximum number of concurrent builds that are allowed for this project.\n\nNew builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.", + "title": "ConcurrentBuildLimit", + "type": "number" }, "Description": { - "markdownDescription": "The description of the phone number.", + "markdownDescription": "A description that makes the build project easy to identify.", "title": "Description", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix of the phone number. If provided, it must contain `+` as part of the country code.\n\n*Pattern* : `^\\\\+[0-9]{1,15}`", - "title": "Prefix", + "EncryptionKey": { + "markdownDescription": "The AWS Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.\n\n> You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. \n\nYou can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format `alias/` ). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).", + "title": "EncryptionKey", "type": "string" }, - "SourcePhoneNumberArn": { - "markdownDescription": "The claimed phone number ARN that was previously imported from the external service, such as AWS End User Messaging. If it is from AWS End User Messaging, it looks like the ARN of the phone number that was imported from AWS End User Messaging.", - "title": "SourcePhoneNumberArn", + "Environment": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Environment", + "markdownDescription": "The build environment settings for the project, such as the environment type or the environment variables to use for the build environment.", + "title": "Environment" + }, + "FileSystemLocations": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFileSystemLocation" + }, + "markdownDescription": "An array of `ProjectFileSystemLocation` objects for a CodeBuild build project. A `ProjectFileSystemLocation` object specifies the `identifier` , `location` , `mountOptions` , `mountPoint` , and `type` of a file system created using Amazon Elastic File System.", + "title": "FileSystemLocations", + "type": "array" + }, + "LogsConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.LogsConfig", + "markdownDescription": "Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.", + "title": "LogsConfig" + }, + "Name": { + "markdownDescription": "The name of the build project. The name must be unique across all of the projects in your AWS account .", + "title": "Name", + "type": "string" + }, + "QueuedTimeoutInMinutes": { + "markdownDescription": "The number of minutes a build is allowed to be queued before it times out.", + "title": "QueuedTimeoutInMinutes", + "type": "number" + }, + "ResourceAccessRole": { + "markdownDescription": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.", + "title": "ResourceAccessRole", + "type": "string" + }, + "SecondaryArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts" + }, + "markdownDescription": "A list of `Artifacts` objects. Each artifacts object specifies output settings that the project generates during a build.", + "title": "SecondaryArtifacts", + "type": "array" + }, + "SecondarySourceVersions": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectSourceVersion" + }, + "markdownDescription": "An array of `ProjectSourceVersion` objects. If `secondarySourceVersions` is specified at the build level, then they take over these `secondarySourceVersions` (at the project level).", + "title": "SecondarySourceVersions", + "type": "array" + }, + "SecondarySources": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Source" + }, + "markdownDescription": "An array of `ProjectSource` objects.", + "title": "SecondarySources", + "type": "array" + }, + "ServiceRole": { + "markdownDescription": "The ARN of the IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.", + "title": "ServiceRole", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::CodeBuild::Project.Source", + "markdownDescription": "The source code settings for the project, such as the source code's repository type and location.", + "title": "Source" + }, + "SourceVersion": { + "markdownDescription": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nIf `sourceVersion` is specified at the build level, then that version takes precedence over this `sourceVersion` (at the project level).\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", + "title": "SourceVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the AWS CodeBuild project.\n\nThese tags are available for use by AWS services that support AWS CodeBuild build project tags.", "title": "Tags", "type": "array" }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for Amazon Connect instances or traffic distribution group that phone numbers are claimed to.", - "title": "TargetArn", - "type": "string" + "TimeoutInMinutes": { + "markdownDescription": "How long, in minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.", + "title": "TimeoutInMinutes", + "type": "number" }, - "Type": { - "markdownDescription": "The type of phone number.", - "title": "Type", + "Triggers": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectTriggers", + "markdownDescription": "For an existing AWS CodeBuild build project that has its source code stored in a GitHub repository, enables AWS CodeBuild to begin automatically rebuilding the source code every time a code change is pushed to the repository.", + "title": "Triggers" + }, + "Visibility": { + "markdownDescription": "Specifies the visibility of the project's builds. Possible values are:\n\n- **PUBLIC_READ** - The project builds are visible to the public.\n- **PRIVATE** - The project builds are not visible to the public.", + "title": "Visibility", "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.VpcConfig", + "markdownDescription": "`VpcConfig` specifies settings that enable AWS CodeBuild to access resources in an Amazon VPC. For more information, see [Use AWS CodeBuild with Amazon Virtual Private Cloud](https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html) in the *AWS CodeBuild User Guide* .", + "title": "VpcConfig" } }, "required": [ - "TargetArn" + "Artifacts", + "Environment", + "ServiceRole", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::PhoneNumber" + "AWS::CodeBuild::Project" ], "type": "string" }, @@ -50988,100 +55328,615 @@ ], "type": "object" }, - "AWS::Connect::PredefinedAttribute": { + "AWS::CodeBuild::Project.Artifacts": { "additionalProperties": false, "properties": { - "Condition": { + "ArtifactIdentifier": { + "markdownDescription": "An identifier for this artifact definition.", + "title": "ArtifactIdentifier", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EncryptionDisabled": { + "markdownDescription": "Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon Simple Storage Service (Amazon S3). If this is set with another artifacts type, an `invalidInputException` is thrown.", + "title": "EncryptionDisabled", + "type": "boolean" + }, + "Location": { + "markdownDescription": "Information about the build output artifact location:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output bucket.\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", + "title": "Location", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Name": { + "markdownDescription": "Along with `path` and `namespaceType` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.\n\nFor example:\n\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , then the output artifact is stored in `MyArtifacts/ *build-ID* /MyArtifact.zip` .\n- If `path` is empty, `namespaceType` is set to `NONE` , and `name` is set to \" `/` \", the output artifact is stored in the root of the output bucket.\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to \" `/` \", the output artifact is stored in `MyArtifacts/ *build-ID*` .\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", + "title": "Name", + "type": "string" }, - "Metadata": { - "type": "object" + "NamespaceType": { + "markdownDescription": "Along with `path` and `name` , the pattern that AWS CodeBuild uses to determine the name and location to store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `BUILD_ID` : Include the build ID in the location of the build output artifact.\n- `NONE` : Do not include the build ID. This is the default if `namespaceType` is not specified.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in `MyArtifacts//MyArtifact.zip` .", + "title": "NamespaceType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the predefined attribute.", - "title": "Name", - "type": "string" - }, - "Values": { - "$ref": "#/definitions/AWS::Connect::PredefinedAttribute.Values", - "markdownDescription": "The values of a predefined attribute.", - "title": "Values" - } + "OverrideArtifactName": { + "markdownDescription": "If set to true a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell command language. For example, you can append a date and time to your artifact name so that it is always unique.", + "title": "OverrideArtifactName", + "type": "boolean" + }, + "Packaging": { + "markdownDescription": "The type of build output artifact to create:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `NONE` : AWS CodeBuild creates in the output bucket a folder that contains the build output. This is the default if `packaging` is not specified.\n- `ZIP` : AWS CodeBuild creates in the output bucket a ZIP file that contains the build output.", + "title": "Packaging", + "type": "string" + }, + "Path": { + "markdownDescription": "Along with `namespaceType` and `name` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the path to the output artifact. If `path` is not specified, `path` is not used.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `NONE` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in the output bucket at `MyArtifacts/MyArtifact.zip` .", + "title": "Path", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of build output artifact. Valid values include:\n\n- `CODEPIPELINE` : The build project has build output generated through CodePipeline.\n\n> The `CODEPIPELINE` type is not supported for `secondaryArtifacts` .\n- `NO_ARTIFACTS` : The build project does not produce any build output.\n- `S3` : The build project stores build output in Amazon S3.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.BatchRestrictions": { + "additionalProperties": false, + "properties": { + "ComputeTypesAllowed": { + "items": { + "type": "string" }, - "required": [ - "InstanceArn", - "Name", - "Values" - ], - "type": "object" + "markdownDescription": "An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide* for these values.", + "title": "ComputeTypesAllowed", + "type": "array" + }, + "MaximumBuildsAllowed": { + "markdownDescription": "Specifies the maximum number of builds allowed.", + "title": "MaximumBuildsAllowed", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.BuildStatusConfig": { + "additionalProperties": false, + "properties": { + "Context": { + "markdownDescription": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `name` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `context` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", + "title": "Context", + "type": "string" + }, + "TargetUrl": { + "markdownDescription": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `url` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `target_url` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", + "title": "TargetUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.CloudWatchLogsConfig": { + "additionalProperties": false, + "properties": { + "GroupName": { + "markdownDescription": "The group name of the logs in CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", + "title": "GroupName", + "type": "string" + }, + "Status": { + "markdownDescription": "The current status of the logs in CloudWatch Logs for a build project. Valid values are:\n\n- `ENABLED` : CloudWatch Logs are enabled for this build project.\n- `DISABLED` : CloudWatch Logs are not enabled for this build project.", + "title": "Status", + "type": "string" + }, + "StreamName": { + "markdownDescription": "The prefix of the stream name of the CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", + "title": "StreamName", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.DockerServer": { + "additionalProperties": false, + "properties": { + "ComputeType": { + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "ComputeType" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.Environment": { + "additionalProperties": false, + "properties": { + "Certificate": { + "markdownDescription": "The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see [certificate](https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.environment.certificate) in the *AWS CodeBuild User Guide* .", + "title": "Certificate", + "type": "string" + }, + "ComputeType": { + "markdownDescription": "The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include:\n\n- `ATTRIBUTE_BASED_COMPUTE` : Specify the amount of vCPUs, memory, disk space, and the type of machine.\n\n> If you use `ATTRIBUTE_BASED_COMPUTE` , you must define your attributes by using `computeConfiguration` . AWS CodeBuild will select the cheapest instance that satisfies your specified attributes. For more information, see [Reserved capacity environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment-reserved-capacity.types) in the *AWS CodeBuild User Guide* .\n- `BUILD_GENERAL1_SMALL` : Use up to 4 GiB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 8 GiB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GiB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 72 GiB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 144 GiB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GiB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GiB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GiB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GiB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GiB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [On-demand environment types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html#environment.types) in the *AWS CodeBuild User Guide.*", + "title": "ComputeType", + "type": "string" + }, + "DockerServer": { + "$ref": "#/definitions/AWS::CodeBuild::Project.DockerServer" + }, + "EnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.EnvironmentVariable" + }, + "markdownDescription": "A set of environment variables to make available to builds for this build project.", + "title": "EnvironmentVariables", + "type": "array" + }, + "Fleet": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFleet" + }, + "Image": { + "markdownDescription": "The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:\n\n- For an image tag: `/:` . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be `aws/codebuild/standard:4.0` .\n- For an image digest: `/@` . For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use `/@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf` .\n\nFor more information, see [Docker images provided by CodeBuild](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-available.html) in the *AWS CodeBuild user guide* .", + "title": "Image", + "type": "string" + }, + "ImagePullCredentialsType": { + "markdownDescription": "The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:\n\n- `CODEBUILD` specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild service principal.\n- `SERVICE_ROLE` specifies that AWS CodeBuild uses your build project's service role.\n\nWhen you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.", + "title": "ImagePullCredentialsType", + "type": "string" + }, + "PrivilegedMode": { + "markdownDescription": "Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is `false` .\n\nYou can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:\n\nIf the operating system's base image is Ubuntu Linux:\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout 15 sh -c \"until docker info; do echo .; sleep 1; done\"`\n\nIf the operating system's base image is Alpine Linux and the previous command does not work, add the `-t` argument to `timeout` :\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout -t 15 sh -c \"until docker info; do echo .; sleep 1; done\"`", + "title": "PrivilegedMode", + "type": "boolean" + }, + "RegistryCredential": { + "$ref": "#/definitions/AWS::CodeBuild::Project.RegistryCredential", + "markdownDescription": "`RegistryCredential` is a property of the [AWS::CodeBuild::Project Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html#cfn-codebuild-project-environment) property that specifies information about credentials that provide access to a private Docker registry. When this is set:\n\n- `imagePullCredentialsType` must be set to `SERVICE_ROLE` .\n- images cannot be curated or an Amazon ECR image.", + "title": "RegistryCredential" }, "Type": { - "enum": [ - "AWS::Connect::PredefinedAttribute" - ], + "markdownDescription": "The type of build environment to use for related builds.\n\n> If you're using compute fleets during project creation, `type` will be ignored. \n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ComputeType", + "Image", + "Type" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.EnvironmentVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name or key of the environment variable.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "The type of environment variable. Valid values include:\n\n- `PARAMETER_STORE` : An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the `value` of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see [env/parameter-store](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store) in the *AWS CodeBuild User Guide* .\n- `PLAINTEXT` : An environment variable in plain text format. This is the default value.\n- `SECRETS_MANAGER` : An environment variable stored in AWS Secrets Manager . For environment variables of this type, specify the name of the secret as the `value` of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define AWS Secrets Manager environment variables in the buildspec. To learn how to do so, see [env/secrets-manager](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager) in the *AWS CodeBuild User Guide* .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` .", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "Value" ], "type": "object" }, - "AWS::Connect::PredefinedAttribute.Values": { + "AWS::CodeBuild::Project.FilterGroup": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::CodeBuild::Project.GitSubmodulesConfig": { "additionalProperties": false, "properties": { - "StringList": { + "FetchSubmodules": { + "markdownDescription": "Set to true to fetch Git submodules for your AWS CodeBuild build project.", + "title": "FetchSubmodules", + "type": "boolean" + } + }, + "required": [ + "FetchSubmodules" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.LogsConfig": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::CodeBuild::Project.CloudWatchLogsConfig", + "markdownDescription": "Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.", + "title": "CloudWatchLogs" + }, + "S3Logs": { + "$ref": "#/definitions/AWS::CodeBuild::Project.S3LogsConfig", + "markdownDescription": "Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.", + "title": "S3Logs" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.ProjectBuildBatchConfig": { + "additionalProperties": false, + "properties": { + "BatchReportMode": { + "markdownDescription": "Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.\n\n- **REPORT_AGGREGATED_BATCH** - (Default) Aggregate all of the build statuses into a single status report.\n- **REPORT_INDIVIDUAL_BUILDS** - Send a separate status report for each individual build.", + "title": "BatchReportMode", + "type": "string" + }, + "CombineArtifacts": { + "markdownDescription": "Specifies if the build artifacts for the batch build should be combined into a single artifact location.", + "title": "CombineArtifacts", + "type": "boolean" + }, + "Restrictions": { + "$ref": "#/definitions/AWS::CodeBuild::Project.BatchRestrictions", + "markdownDescription": "A `BatchRestrictions` object that specifies the restrictions for the batch build.", + "title": "Restrictions" + }, + "ServiceRole": { + "markdownDescription": "Specifies the service role ARN for the batch build project.", + "title": "ServiceRole", + "type": "string" + }, + "TimeoutInMins": { + "markdownDescription": "Specifies the maximum amount of time, in minutes, that the batch build must be completed in.", + "title": "TimeoutInMins", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.ProjectCache": { + "additionalProperties": false, + "properties": { + "CacheNamespace": { + "markdownDescription": "Defines the scope of the cache. You can use this namespace to share a cache across multiple projects. For more information, see [Cache sharing between projects](https://docs.aws.amazon.com/codebuild/latest/userguide/caching-s3.html#caching-s3-sharing) in the *AWS CodeBuild User Guide* .", + "title": "CacheNamespace", + "type": "string" + }, + "Location": { + "markdownDescription": "Information about the cache location:\n\n- `NO_CACHE` or `LOCAL` : This value is ignored.\n- `S3` : This is the S3 bucket name/prefix.", + "title": "Location", + "type": "string" + }, + "Modes": { "items": { "type": "string" }, - "markdownDescription": "Predefined attribute values of type string list.", - "title": "StringList", + "markdownDescription": "An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for `LOCAL` cache types.\n\nPossible values are:\n\n- **LOCAL_SOURCE_CACHE** - Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.\n- **LOCAL_DOCKER_LAYER_CACHE** - Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.\n\n> - You can use a Docker layer cache in the Linux environment only.\n> - The `privileged` flag must be set so that your project has the required Docker permissions.\n> - You should consider the security implications before you use a Docker layer cache.\n- **LOCAL_CUSTOM_CACHE** - Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:\n\n- Only directories can be specified for caching. You cannot specify individual files.\n- Symlinks are used to reference cached directories.\n- Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.", + "title": "Modes", "type": "array" + }, + "Type": { + "markdownDescription": "The type of cache used by the build project. Valid values include:\n\n- `NO_CACHE` : The build project does not use any cache.\n- `S3` : The build project reads and writes from and to S3.\n- `LOCAL` : The build project stores a cache locally on a build host that is only available to that build host.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.ProjectFileSystemLocation": { + "additionalProperties": false, + "properties": { + "Identifier": { + "markdownDescription": "The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the `identifier` in all capital letters to `CODEBUILD_` . For example, if you specify `my_efs` for `identifier` , a new environment variable is create named `CODEBUILD_MY_EFS` .\n\nThe `identifier` is used to mount your file system.", + "title": "Identifier", + "type": "string" + }, + "Location": { + "markdownDescription": "A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path` . You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is `fs-abcd1234.efs.us-west-2.amazonaws.com` , and its mount directory is `my-efs-mount-directory` , then the `location` is `fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory` .\n\nThe directory path in the format `efs-dns-name:/directory-path` is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.", + "title": "Location", + "type": "string" + }, + "MountOptions": { + "markdownDescription": "The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are `nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2` . For more information, see [Recommended NFS Mount Options](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-nfs-mount-settings.html) .", + "title": "MountOptions", + "type": "string" + }, + "MountPoint": { + "markdownDescription": "The location in the container where you mount the file system.", + "title": "MountPoint", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the file system. The one supported type is `EFS` .", + "title": "Type", + "type": "string" } }, + "required": [ + "Identifier", + "Location", + "MountPoint", + "Type" + ], "type": "object" }, - "AWS::Connect::Prompt": { + "AWS::CodeBuild::Project.ProjectFleet": { + "additionalProperties": false, + "properties": { + "FleetArn": { + "markdownDescription": "Specifies the compute fleet ARN for the build project.", + "title": "FleetArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.ProjectSourceVersion": { + "additionalProperties": false, + "properties": { + "SourceIdentifier": { + "markdownDescription": "An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", + "title": "SourceIdentifier", + "type": "string" + }, + "SourceVersion": { + "markdownDescription": "The source version for the corresponding source identifier. If specified, must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example, `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", + "title": "SourceVersion", + "type": "string" + } + }, + "required": [ + "SourceIdentifier" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.ProjectTriggers": { + "additionalProperties": false, + "properties": { + "BuildType": { + "markdownDescription": "Specifies the type of build this webhook will trigger. Allowed values are:\n\n- **BUILD** - A single build\n- **BUILD_BATCH** - A batch build", + "title": "BuildType", + "type": "string" + }, + "FilterGroups": { + "items": { + "$ref": "#/definitions/AWS::CodeBuild::Project.FilterGroup" + }, + "markdownDescription": "A list of lists of `WebhookFilter` objects used to determine which webhook events are triggered. At least one `WebhookFilter` in the array must specify `EVENT` as its type.", + "title": "FilterGroups", + "type": "array" + }, + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::CodeBuild::Project.ScopeConfiguration", + "markdownDescription": "Contains configuration information about the scope for a webhook.", + "title": "ScopeConfiguration" + }, + "Webhook": { + "markdownDescription": "Specifies whether or not to begin automatically rebuilding the source code every time a code change is pushed to the repository.", + "title": "Webhook", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.RegistryCredential": { + "additionalProperties": false, + "properties": { + "Credential": { + "markdownDescription": "The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager .\n\n> The `credential` can use the name of the credentials only if they exist in your current AWS Region .", + "title": "Credential", + "type": "string" + }, + "CredentialProvider": { + "markdownDescription": "The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager .", + "title": "CredentialProvider", + "type": "string" + } + }, + "required": [ + "Credential", + "CredentialProvider" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.S3LogsConfig": { + "additionalProperties": false, + "properties": { + "EncryptionDisabled": { + "markdownDescription": "Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.", + "title": "EncryptionDisabled", + "type": "boolean" + }, + "Location": { + "markdownDescription": "The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is `my-bucket` , and your path prefix is `build-log` , then acceptable formats are `my-bucket/build-log` or `arn:aws:s3:::my-bucket/build-log` .", + "title": "Location", + "type": "string" + }, + "Status": { + "markdownDescription": "The current status of the S3 build logs. Valid values are:\n\n- `ENABLED` : S3 build logs are enabled for this build project.\n- `DISABLED` : S3 build logs are not enabled for this build project.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.ScopeConfiguration": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of the GitHub Enterprise organization or the GitLab Self Managed group. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE or GITLAB_SELF_MANAGED.", + "title": "Domain", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of either the enterprise or organization that will send webhook events to CodeBuild , depending on if the webhook is a global or organization webhook respectively.", + "title": "Name", + "type": "string" + }, + "Scope": { + "markdownDescription": "The type of scope for a GitHub or GitLab webhook. The scope default is GITHUB_ORGANIZATION.", + "title": "Scope", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.Source": { + "additionalProperties": false, + "properties": { + "Auth": { + "$ref": "#/definitions/AWS::CodeBuild::Project.SourceAuth", + "markdownDescription": "Information about the authorization settings for AWS CodeBuild to access the source code to be built.", + "title": "Auth" + }, + "BuildSpec": { + "markdownDescription": "The build specification for the project. If this value is not provided, then the source code must contain a buildspec file named `buildspec.yml` at the root level. If this value is provided, it can be either a single string containing the entire build specification, or the path to an alternate buildspec file relative to the value of the built-in environment variable `CODEBUILD_SRC_DIR` . The alternate buildspec file can have a name other than `buildspec.yml` , for example `myspec.yml` or `build_spec_qa.yml` or similar. For more information, see the [Build Spec Reference](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-example) in the *AWS CodeBuild User Guide* .", + "title": "BuildSpec", + "type": "string" + }, + "BuildStatusConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.BuildStatusConfig", + "markdownDescription": "Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB` , `GITHUB_ENTERPRISE` , or `BITBUCKET` .", + "title": "BuildStatusConfig" + }, + "GitCloneDepth": { + "markdownDescription": "The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.", + "title": "GitCloneDepth", + "type": "number" + }, + "GitSubmodulesConfig": { + "$ref": "#/definitions/AWS::CodeBuild::Project.GitSubmodulesConfig", + "markdownDescription": "Information about the Git submodules configuration for the build project.", + "title": "GitSubmodulesConfig" + }, + "InsecureSsl": { + "markdownDescription": "This is used with GitHub Enterprise only. Set to true to ignore SSL warnings while connecting to your GitHub Enterprise project repository. The default value is `false` . `InsecureSsl` should be used for testing purposes only. It should not be used in a production environment.", + "title": "InsecureSsl", + "type": "boolean" + }, + "Location": { + "markdownDescription": "Information about the location of the source code to be built. Valid values include:\n\n- For source code settings that are specified in the source action of a pipeline in CodePipeline, `location` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.\n- For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, `https://git-codecommit..amazonaws.com/v1/repos/` ).\n- For source code in an Amazon S3 input bucket, one of the following.\n\n- The path to the ZIP file that contains the source code (for example, `//.zip` ).\n- The path to the folder that contains the source code (for example, `///` ).\n- For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n- For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the `auth` object's `type` value to `CODECONNECTIONS` in the `source` object.\n- For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n\nIf you specify `CODEPIPELINE` for the `Type` property, don't specify this property. For all of the other types, you must specify `Location` .", + "title": "Location", + "type": "string" + }, + "ReportBuildStatus": { + "markdownDescription": "Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an `invalidInputException` is thrown.", + "title": "ReportBuildStatus", + "type": "boolean" + }, + "SourceIdentifier": { + "markdownDescription": "An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", + "title": "SourceIdentifier", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of repository that contains the source code to be built. Valid values include:\n\n- `BITBUCKET` : The source code is in a Bitbucket repository.\n- `CODECOMMIT` : The source code is in an CodeCommit repository.\n- `CODEPIPELINE` : The source code settings are specified in the source action of a pipeline in CodePipeline.\n- `GITHUB` : The source code is in a GitHub repository.\n- `GITHUB_ENTERPRISE` : The source code is in a GitHub Enterprise Server repository.\n- `GITLAB` : The source code is in a GitLab repository.\n- `GITLAB_SELF_MANAGED` : The source code is in a self-managed GitLab repository.\n- `NO_SOURCE` : The project does not have input source code.\n- `S3` : The source code is in an Amazon S3 bucket.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.SourceAuth": { + "additionalProperties": false, + "properties": { + "Resource": { + "markdownDescription": "The resource value that applies to the specified authorization type.", + "title": "Resource", + "type": "string" + }, + "Type": { + "markdownDescription": "The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::CodeBuild::Project.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC. The maximum count is 5.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC. The maximum count is 16.", + "title": "Subnets", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon VPC.", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeBuild::Project.WebhookFilter": { + "additionalProperties": false, + "properties": { + "ExcludeMatchedPattern": { + "markdownDescription": "Used to indicate that the `pattern` determines which webhook events do not trigger a build. If true, then a webhook event that does not match the `pattern` triggers a build. If false, then a webhook event that matches the `pattern` triggers a build.", + "title": "ExcludeMatchedPattern", + "type": "boolean" + }, + "Pattern": { + "markdownDescription": "For a `WebHookFilter` that uses `EVENT` type, a comma-separated string that specifies one or more events. For example, the webhook filter `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` allows all push, pull request created, and pull request updated events to trigger a build.\n\nFor a `WebHookFilter` that uses any of the other filter types, a regular expression pattern. For example, a `WebHookFilter` that uses `HEAD_REF` for its `type` and the pattern `^refs/heads/` triggers a build when the head reference is a branch with a reference name `refs/heads/branch-name` .", + "title": "Pattern", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of webhook filter. There are 11 webhook filter types: `EVENT` , `ACTOR_ACCOUNT_ID` , `HEAD_REF` , `BASE_REF` , `FILE_PATH` , `COMMIT_MESSAGE` , `TAG_NAME` , `RELEASE_NAME` , `REPOSITORY_NAME` , `ORGANIZATION_NAME` , and `WORKFLOW_NAME` .\n\n- EVENT\n\n- A webhook event triggers a build when the provided `pattern` matches one of nine event types: `PUSH` , `PULL_REQUEST_CREATED` , `PULL_REQUEST_UPDATED` , `PULL_REQUEST_CLOSED` , `PULL_REQUEST_REOPENED` , `PULL_REQUEST_MERGED` , `RELEASED` , `PRERELEASED` , and `WORKFLOW_JOB_QUEUED` . The `EVENT` patterns are specified as a comma-separated string. For example, `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` filters all push, pull request created, and pull request updated events.\n\n> Types `PULL_REQUEST_REOPENED` and `WORKFLOW_JOB_QUEUED` work with GitHub and GitHub Enterprise only. Types `RELEASED` and `PRERELEASED` work with GitHub only.\n- ACTOR_ACCOUNT_ID\n\n- A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression `pattern` .\n- HEAD_REF\n\n- A webhook event triggers a build when the head reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` and `refs/tags/tag-name` .\n\n> Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.\n- BASE_REF\n\n- A webhook event triggers a build when the base reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` .\n\n> Works with pull request events only.\n- FILE_PATH\n\n- A webhook triggers a build when the path of a changed file matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- COMMIT_MESSAGE\n\n- A webhook triggers a build when the head commit message matches the regular expression `pattern` .\n\n> Works with push and pull request events only.\n- TAG_NAME\n\n- A webhook triggers a build when the tag name of the release matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- RELEASE_NAME\n\n- A webhook triggers a build when the release name matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- REPOSITORY_NAME\n\n- A webhook triggers a build when the repository name matches the regular expression `pattern` .\n\n> Works with GitHub global or organization webhooks only.\n- ORGANIZATION_NAME\n\n- A webhook triggers a build when the organization name matches the regular expression `pattern` .\n\n> Works with GitHub global webhooks only.\n- WORKFLOW_NAME\n\n- A webhook triggers a build when the workflow name matches the regular expression `pattern` .\n\n> Works with `WORKFLOW_JOB_QUEUED` events only. > For CodeBuild-hosted Buildkite runner builds, WORKFLOW_NAME filters will filter by pipeline name.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Pattern", + "Type" + ], + "type": "object" + }, + "AWS::CodeBuild::ReportGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -51116,44 +55971,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the prompt.", - "title": "Description", - "type": "string" + "DeleteReports": { + "markdownDescription": "When deleting a report group, specifies if reports within the report group should be deleted.\n\n- **true** - Deletes any reports that belong to the report group before deleting the report group.\n- **false** - You must delete any reports in the report group. This is the default value. If you delete a report group that contains one or more reports, an exception is thrown.", + "title": "DeleteReports", + "type": "boolean" }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", - "type": "string" + "ExportConfig": { + "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.ReportExportConfig", + "markdownDescription": "Information about the destination where the raw data of this `ReportGroup` is exported.", + "title": "ExportConfig" }, "Name": { - "markdownDescription": "The name of the prompt.", + "markdownDescription": "The name of the `ReportGroup` .", "title": "Name", "type": "string" }, - "S3Uri": { - "markdownDescription": "The URI for the S3 bucket where the prompt is stored. This property is required when you create a prompt.", - "title": "S3Uri", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "A list of tag key and value pairs associated with this report group.\n\nThese tags are available for use by AWS services that support AWS CodeBuild report group tags.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of the `ReportGroup` . This can be one of the following values:\n\n- **CODE_COVERAGE** - The report group contains code coverage reports.\n- **TEST** - The report group contains test reports.", + "title": "Type", + "type": "string" } }, "required": [ - "InstanceArn", - "Name" + "ExportConfig", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Prompt" + "AWS::CodeBuild::ReportGroup" ], "type": "string" }, @@ -51172,7 +56027,65 @@ ], "type": "object" }, - "AWS::Connect::Queue": { + "AWS::CodeBuild::ReportGroup.ReportExportConfig": { + "additionalProperties": false, + "properties": { + "ExportConfigType": { + "markdownDescription": "The export configuration type. Valid values are:\n\n- `S3` : The report results are exported to an S3 bucket.\n- `NO_EXPORT` : The report results are not exported.", + "title": "ExportConfigType", + "type": "string" + }, + "S3Destination": { + "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.S3ReportExportConfig", + "markdownDescription": "A `S3ReportExportConfig` object that contains information about the S3 bucket where the run of a report is exported.", + "title": "S3Destination" + } + }, + "required": [ + "ExportConfigType" + ], + "type": "object" + }, + "AWS::CodeBuild::ReportGroup.S3ReportExportConfig": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket where the raw data of a report are exported.", + "title": "Bucket", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.", + "title": "BucketOwner", + "type": "string" + }, + "EncryptionDisabled": { + "markdownDescription": "A boolean value that specifies if the results of a report are encrypted.", + "title": "EncryptionDisabled", + "type": "boolean" + }, + "EncryptionKey": { + "markdownDescription": "The encryption key for the report's encrypted raw data.", + "title": "EncryptionKey", + "type": "string" + }, + "Packaging": { + "markdownDescription": "The type of build output artifact to create. Valid values include:\n\n- `NONE` : CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.\n- `ZIP` : CodeBuild creates a ZIP file with the raw data in the output bucket.", + "title": "Packaging", + "type": "string" + }, + "Path": { + "markdownDescription": "The path to the exported report's raw data results.", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::CodeBuild::SourceCredential": { "additionalProperties": false, "properties": { "Condition": { @@ -51207,68 +56120,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the queue.", - "title": "Description", - "type": "string" - }, - "HoursOfOperationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the hours of operation.", - "title": "HoursOfOperationArn", + "AuthType": { + "markdownDescription": "The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, CODECONNECTIONS, or SECRETS_MANAGER.", + "title": "AuthType", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "ServerType": { + "markdownDescription": "The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.", + "title": "ServerType", "type": "string" }, - "MaxContacts": { - "markdownDescription": "The maximum number of contacts that can be in the queue before it is considered full.", - "title": "MaxContacts", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the queue.", - "title": "Name", + "Token": { + "markdownDescription": "For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the `authType` CODECONNECTIONS, this is the `connectionArn` . For the `authType` SECRETS_MANAGER, this is the `secretArn` .", + "title": "Token", "type": "string" }, - "OutboundCallerConfig": { - "$ref": "#/definitions/AWS::Connect::Queue.OutboundCallerConfig", - "markdownDescription": "The outbound caller ID name, number, and outbound whisper flow.", - "title": "OutboundCallerConfig" - }, - "QuickConnectArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARN) of the of the quick connects available to agents who are working the queue.", - "title": "QuickConnectArns", - "type": "array" - }, - "Status": { - "markdownDescription": "The status of the queue.", - "title": "Status", + "Username": { + "markdownDescription": "The Bitbucket username when the `authType` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.", + "title": "Username", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" } }, "required": [ - "HoursOfOperationArn", - "InstanceArn", - "Name" + "AuthType", + "ServerType", + "Token" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Queue" + "AWS::CodeBuild::SourceCredential" ], "type": "string" }, @@ -51287,28 +56169,7 @@ ], "type": "object" }, - "AWS::Connect::Queue.OutboundCallerConfig": { - "additionalProperties": false, - "properties": { - "OutboundCallerIdName": { - "markdownDescription": "The caller ID name.", - "title": "OutboundCallerIdName", - "type": "string" - }, - "OutboundCallerIdNumberArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the outbound caller ID number.\n\n> Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API.", - "title": "OutboundCallerIdNumberArn", - "type": "string" - }, - "OutboundFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the outbound flow.", - "title": "OutboundFlowArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Connect::QuickConnect": { + "AWS::CodeCommit::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -51343,45 +56204,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the quick connect.", - "title": "Description", - "type": "string" + "Code": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.Code", + "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack. Information about code is only used in resource creation. Updates to a stack will not reflect changes made to code properties after initial resource creation.\n\n> You can only use this property to add code when creating a repository with a AWS CloudFormation template at creation time. This property cannot be used for updating code to an existing repository.", + "title": "Code" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service encryption key used to encrypt and decrypt the repository.\n\n> The input can be the full ARN, the key ID, or the key alias. For more information, see [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html) .", + "title": "KmsKeyId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the quick connect.", - "title": "Name", + "RepositoryDescription": { + "markdownDescription": "A comment or description about the new repository.\n\n> The description field for a repository accepts all HTML characters and all valid Unicode characters. Applications that do not HTML-encode the description and display it in a webpage can expose users to potentially malicious code. Make sure that you HTML-encode the description field in any application that uses this API to display the repository description on a webpage.", + "title": "RepositoryDescription", "type": "string" }, - "QuickConnectConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.QuickConnectConfig", - "markdownDescription": "Contains information about the quick connect.", - "title": "QuickConnectConfig" + "RepositoryName": { + "markdownDescription": "The name of the new repository to be created.\n\n> The repository name must be unique across the calling AWS account . Repository names are limited to 100 alphanumeric, dash, and underscore characters, and cannot include certain characters. For more information about the limits on repository names, see [Quotas](https://docs.aws.amazon.com/codecommit/latest/userguide/limits.html) in the *AWS CodeCommit User Guide* . The suffix .git is prohibited.", + "title": "RepositoryName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "One or more tag key-value pairs to use when tagging this repository.", "title": "Tags", "type": "array" + }, + "Triggers": { + "items": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.RepositoryTrigger" + }, + "markdownDescription": "The JSON block of configuration information for each trigger.", + "title": "Triggers", + "type": "array" } }, "required": [ - "InstanceArn", - "Name", - "QuickConnectConfig" + "RepositoryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::QuickConnect" + "AWS::CodeCommit::Repository" ], "type": "string" }, @@ -51400,90 +56267,93 @@ ], "type": "object" }, - "AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig": { + "AWS::CodeCommit::Repository.Code": { "additionalProperties": false, "properties": { - "PhoneNumber": { - "markdownDescription": "The phone number in E.164 format.", - "title": "PhoneNumber", + "BranchName": { + "markdownDescription": "Optional. Specifies a branch name to be used as the default branch when importing code into a repository on initial creation. If this property is not set, the name *main* will be used for the default branch for the repository. Changes to this property are ignored after initial resource creation. We recommend using this parameter to set the name to *main* to align with the default behavior of CodeCommit unless another name is needed.", + "title": "BranchName", "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::CodeCommit::Repository.S3", + "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository. Changes to this property are ignored after initial resource creation.", + "title": "S3" } }, "required": [ - "PhoneNumber" + "S3" ], "type": "object" }, - "AWS::Connect::QuickConnect.QueueQuickConnectConfig": { + "AWS::CodeCommit::Repository.RepositoryTrigger": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", + "Branches": { + "items": { + "type": "string" + }, + "markdownDescription": "The branches to be included in the trigger configuration. If you specify an empty array, the trigger applies to all branches.\n\n> Although no content is required in the array, you must include the array itself.", + "title": "Branches", + "type": "array" + }, + "CustomData": { + "markdownDescription": "Any custom data associated with the trigger to be included in the information sent to the target of the trigger.", + "title": "CustomData", "type": "string" }, - "QueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "QueueArn", + "DestinationArn": { + "markdownDescription": "The ARN of the resource that is the target for a trigger (for example, the ARN of a topic in Amazon SNS).", + "title": "DestinationArn", "type": "string" - } - }, - "required": [ - "ContactFlowArn", - "QueueArn" - ], - "type": "object" - }, - "AWS::Connect::QuickConnect.QuickConnectConfig": { - "additionalProperties": false, - "properties": { - "PhoneConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig", - "markdownDescription": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER.", - "title": "PhoneConfig" }, - "QueueConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.QueueQuickConnectConfig", - "markdownDescription": "The queue configuration. This is required only if QuickConnectType is QUEUE.", - "title": "QueueConfig" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The repository events that cause the trigger to run actions in another service, such as sending a notification through Amazon SNS.\n\n> The valid value \"all\" cannot be used with any other values.", + "title": "Events", + "type": "array" }, - "QuickConnectType": { - "markdownDescription": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", - "title": "QuickConnectType", + "Name": { + "markdownDescription": "The name of the trigger.", + "title": "Name", "type": "string" - }, - "UserConfig": { - "$ref": "#/definitions/AWS::Connect::QuickConnect.UserQuickConnectConfig", - "markdownDescription": "The user configuration. This is required only if QuickConnectType is USER.", - "title": "UserConfig" } }, "required": [ - "QuickConnectType" + "DestinationArn", + "Events", + "Name" ], "type": "object" }, - "AWS::Connect::QuickConnect.UserQuickConnectConfig": { + "AWS::CodeCommit::Repository.S3": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content that will be committed to the new repository. This can be specified using the name of the bucket in the AWS account . Changes to this property are ignored after initial resource creation.", + "title": "Bucket", "type": "string" }, - "UserArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user.", - "title": "UserArn", + "Key": { + "markdownDescription": "The key to use for accessing the Amazon S3 bucket. Changes to this property are ignored after initial resource creation. For more information, see [Creating object key names](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) and [Uploading objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/upload-objects.html) in the Amazon S3 User Guide.", + "title": "Key", + "type": "string" + }, + "ObjectVersion": { + "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket. Changes to this property are ignored after initial resource creation.", + "title": "ObjectVersion", "type": "string" } }, "required": [ - "ContactFlowArn", - "UserArn" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Connect::RoutingProfile": { + "AWS::CodeConnections::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -51518,68 +56388,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentAvailabilityTimer": { - "markdownDescription": "Whether agents with this routing profile will have their routing order calculated based on *time since their last inbound contact* or *longest idle time* .", - "title": "AgentAvailabilityTimer", - "type": "string" - }, - "DefaultOutboundQueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the default outbound queue for the routing profile.", - "title": "DefaultOutboundQueueArn", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the routing profile.", - "title": "Description", + "ConnectionName": { + "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", + "title": "ConnectionName", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + "HostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", + "title": "HostArn", "type": "string" }, - "MediaConcurrencies": { - "items": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.MediaConcurrency" - }, - "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", - "title": "MediaConcurrencies", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the routing profile.", - "title": "Name", + "ProviderType": { + "markdownDescription": "The name of the external provider where your third-party code repository is configured.", + "title": "ProviderType", "type": "string" }, - "QueueConfigs": { - "items": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueConfig" - }, - "markdownDescription": "The inbound queues associated with the routing profile. If no queue is added, the agent can make only outbound calls.", - "title": "QueueConfigs", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "DefaultOutboundQueueArn", - "Description", - "InstanceArn", - "MediaConcurrencies", - "Name" + "ConnectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::RoutingProfile" + "AWS::CodeConnections::Connection" ], "type": "string" }, @@ -51598,92 +56438,291 @@ ], "type": "object" }, - "AWS::Connect::RoutingProfile.CrossChannelBehavior": { + "AWS::CodeDeploy::Application": { "additionalProperties": false, "properties": { - "BehaviorType": { - "markdownDescription": "Specifies the other channels that can be routed to an agent handling their current channel.", - "title": "BehaviorType", + "Condition": { "type": "string" - } - }, - "required": [ - "BehaviorType" - ], - "type": "object" - }, - "AWS::Connect::RoutingProfile.MediaConcurrency": { - "additionalProperties": false, - "properties": { - "Channel": { - "markdownDescription": "The channels that agents can handle in the Contact Control Panel (CCP).", - "title": "Channel", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Concurrency": { - "markdownDescription": "The number of contacts an agent can have on a channel simultaneously.\n\nValid Range for `VOICE` : Minimum value of 1. Maximum value of 1.\n\nValid Range for `CHAT` : Minimum value of 1. Maximum value of 10.\n\nValid Range for `TASK` : Minimum value of 1. Maximum value of 10.", - "title": "Concurrency", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> Updates to `ApplicationName` are not supported.", + "title": "ApplicationName", + "type": "string" + }, + "ComputePlatform": { + "markdownDescription": "The compute platform that CodeDeploy deploys the application to.", + "title": "ComputePlatform", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CodeDeploy::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::CodeDeploy::DeploymentConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ComputePlatform": { + "markdownDescription": "The destination platform type for the deployment ( `Lambda` , `Server` , or `ECS` ).", + "title": "ComputePlatform", + "type": "string" + }, + "DeploymentConfigName": { + "markdownDescription": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DeploymentConfigName", + "type": "string" + }, + "MinimumHealthyHosts": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts", + "markdownDescription": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.\n\nThe type parameter takes either of the following values:\n\n- HOST_COUNT: The value parameter represents the minimum number of healthy instances as an absolute value.\n- FLEET_PERCENT: The value parameter represents the minimum number of healthy instances as a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\n\nThe value parameter takes an integer.\n\nFor example, to set a minimum of 95% healthy instance, specify a type of FLEET_PERCENT and a value of 95.\n\nFor more information about instance health, see [CodeDeploy Instance Health](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-health.html) in the AWS CodeDeploy User Guide.", + "title": "MinimumHealthyHosts" + }, + "TrafficRoutingConfig": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig", + "markdownDescription": "The configuration that specifies how the deployment traffic is routed.", + "title": "TrafficRoutingConfig" + }, + "ZonalConfig": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.ZonalConfig", + "markdownDescription": "Configure the `ZonalConfig` object if you want AWS CodeDeploy to deploy your application to one [Availability Zone](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones) at a time, within an AWS Region.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "ZonalConfig" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CodeDeploy::DeploymentConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The minimum healthy instance type:\n\n- HOST_COUNT: The minimum number of healthy instance as an absolute value.\n- FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment.\n\nIn an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails.\n\n> In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. \n\nFor more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The minimum healthy instance value.", + "title": "Value", "type": "number" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The `type` associated with the `MinimumHealthyHostsPerZone` option.", + "title": "Type", + "type": "string" }, - "CrossChannelBehavior": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.CrossChannelBehavior", - "markdownDescription": "Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel.", - "title": "CrossChannelBehavior" + "Value": { + "markdownDescription": "The `value` associated with the `MinimumHealthyHostsPerZone` option.", + "title": "Value", + "type": "number" } }, "required": [ - "Channel", - "Concurrency" + "Type", + "Value" ], "type": "object" }, - "AWS::Connect::RoutingProfile.RoutingProfileQueueConfig": { + "AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary": { "additionalProperties": false, "properties": { - "Delay": { - "markdownDescription": "The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* .", - "title": "Delay", + "CanaryInterval": { + "markdownDescription": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.", + "title": "CanaryInterval", "type": "number" }, - "Priority": { - "markdownDescription": "The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) .", - "title": "Priority", + "CanaryPercentage": { + "markdownDescription": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.", + "title": "CanaryPercentage", + "type": "number" + } + }, + "required": [ + "CanaryInterval", + "CanaryPercentage" + ], + "type": "object" + }, + "AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear": { + "additionalProperties": false, + "properties": { + "LinearInterval": { + "markdownDescription": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.", + "title": "LinearInterval", "type": "number" }, - "QueueReference": { - "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueReference", - "markdownDescription": "Contains information about a queue resource.", - "title": "QueueReference" + "LinearPercentage": { + "markdownDescription": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.", + "title": "LinearPercentage", + "type": "number" } }, "required": [ - "Delay", - "Priority", - "QueueReference" + "LinearInterval", + "LinearPercentage" ], "type": "object" }, - "AWS::Connect::RoutingProfile.RoutingProfileQueueReference": { + "AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", - "title": "Channel", - "type": "string" + "TimeBasedCanary": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary", + "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file.", + "title": "TimeBasedCanary" }, - "QueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "QueueArn", + "TimeBasedLinear": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear", + "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file.", + "title": "TimeBasedLinear" + }, + "Type": { + "markdownDescription": "The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration.", + "title": "Type", "type": "string" } }, "required": [ - "Channel", - "QueueArn" + "Type" ], "type": "object" }, - "AWS::Connect::Rule": { + "AWS::CodeDeploy::DeploymentConfig.ZonalConfig": { + "additionalProperties": false, + "properties": { + "FirstZoneMonitorDurationInSeconds": { + "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "FirstZoneMonitorDurationInSeconds", + "type": "number" + }, + "MinimumHealthyHostsPerZone": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone", + "markdownDescription": "The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* .\n\nIf you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "MinimumHealthyHostsPerZone" + }, + "MonitorDurationInSeconds": { + "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", + "title": "MonitorDurationInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -51718,58 +56757,134 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "$ref": "#/definitions/AWS::Connect::Rule.Actions", - "markdownDescription": "A list of actions to be run when the rule is triggered.", - "title": "Actions" + "AlarmConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration", + "markdownDescription": "Information about the Amazon CloudWatch alarms that are associated with the deployment group.", + "title": "AlarmConfiguration" }, - "Function": { - "markdownDescription": "The conditions of the rule.", - "title": "Function", + "ApplicationName": { + "markdownDescription": "The name of an existing CodeDeploy application to associate this deployment group with.", + "title": "ApplicationName", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration", + "markdownDescription": "Information about the automatic rollback configuration that is associated with the deployment group. If you specify this property, don't specify the `Deployment` property.", + "title": "AutoRollbackConfiguration" + }, + "AutoScalingGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of associated Auto Scaling groups that CodeDeploy automatically deploys revisions to when new instances are created. Duplicates are not allowed.", + "title": "AutoScalingGroups", + "type": "array" + }, + "BlueGreenDeploymentConfiguration": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration", + "markdownDescription": "Information about blue/green deployment options for a deployment group.", + "title": "BlueGreenDeploymentConfiguration" + }, + "Deployment": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Deployment", + "markdownDescription": "The application revision to deploy to this deployment group. If you specify this property, your target application revision is deployed as soon as the provisioning process is complete. If you specify this property, don't specify the `AutoRollbackConfiguration` property.", + "title": "Deployment" + }, + "DeploymentConfigName": { + "markdownDescription": "A deployment configuration name or a predefined configuration name. With predefined configurations, you can deploy application revisions to one instance at a time ( `CodeDeployDefault.OneAtATime` ), half of the instances at a time ( `CodeDeployDefault.HalfAtATime` ), or all the instances at once ( `CodeDeployDefault.AllAtOnce` ). For more information and valid values, see [Working with Deployment Configurations](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) in the *AWS CodeDeploy User Guide* .", + "title": "DeploymentConfigName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the rule.", - "title": "Name", + "DeploymentGroupName": { + "markdownDescription": "A name for the deployment group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment group name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DeploymentGroupName", "type": "string" }, - "PublishStatus": { - "markdownDescription": "The publish status of the rule.\n\n*Allowed values* : `DRAFT` | `PUBLISHED`", - "title": "PublishStatus", + "DeploymentStyle": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentStyle", + "markdownDescription": "Attributes that determine the type of deployment to run and whether to route deployment traffic behind a load balancer.\n\nIf you specify this property with a blue/green deployment type, don't specify the `AutoScalingGroups` , `LoadBalancerInfo` , or `Deployment` properties.\n\n> For blue/green deployments, AWS CloudFormation supports deployments on Lambda compute platforms only. You can perform Amazon ECS blue/green deployments using `AWS::CodeDeploy::BlueGreen` hook. See [Perform Amazon ECS blue/green deployments through CodeDeploy using AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/blue-green.html) for more information.", + "title": "DeploymentStyle" + }, + "ECSServices": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ECSService" + }, + "markdownDescription": "The target Amazon ECS services in the deployment group. This applies only to deployment groups that use the Amazon ECS compute platform. A target Amazon ECS service is specified as an Amazon ECS cluster and service name pair using the format `:` .", + "title": "ECSServices", + "type": "array" + }, + "Ec2TagFilters": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" + }, + "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group. Duplicates are not allowed.\n\nYou can specify `EC2TagFilters` or `Ec2TagSet` , but not both.", + "title": "Ec2TagFilters", + "type": "array" + }, + "Ec2TagSet": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSet", + "markdownDescription": "Information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same call as `ec2TagFilter` .", + "title": "Ec2TagSet" + }, + "LoadBalancerInfo": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo", + "markdownDescription": "Information about the load balancer to use in a deployment. For more information, see [Integrating CodeDeploy with Elastic Load Balancing](https://docs.aws.amazon.com/codedeploy/latest/userguide/integrations-aws-elastic-load-balancing.html) in the *AWS CodeDeploy User Guide* .", + "title": "LoadBalancerInfo" + }, + "OnPremisesInstanceTagFilters": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + }, + "markdownDescription": "The on-premises instance tags already applied to on-premises instances that you want to include in the deployment group. CodeDeploy includes all on-premises instances identified by any of the tags you specify in this deployment group. To register on-premises instances with CodeDeploy , see [Working with On-Premises Instances for CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-on-premises.html) in the *AWS CodeDeploy User Guide* . Duplicates are not allowed.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", + "title": "OnPremisesInstanceTagFilters", + "type": "array" + }, + "OnPremisesTagSet": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet", + "markdownDescription": "Information about groups of tags applied to on-premises instances. The deployment group includes only on-premises instances identified by all the tag groups.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", + "title": "OnPremisesTagSet" + }, + "OutdatedInstancesStrategy": { + "markdownDescription": "Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision.\n\nIf this option is set to `UPDATE` or is unspecified, CodeDeploy initiates one or more 'auto-update outdated instances' deployments to apply the deployed application revision to the new Amazon EC2 instances.\n\nIf this option is set to `IGNORE` , CodeDeploy does not initiate a deployment to update the new Amazon EC2 instances. This may result in instances having different revisions.", + "title": "OutdatedInstancesStrategy", + "type": "string" + }, + "ServiceRoleArn": { + "markdownDescription": "A service role Amazon Resource Name (ARN) that grants CodeDeploy permission to make calls to AWS services on your behalf. For more information, see [Create a Service Role for AWS CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-service-role.html) in the *AWS CodeDeploy User Guide* .\n\n> In some cases, you might need to add a dependency on the service role's policy. For more information, see IAM role policy in [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", + "title": "ServiceRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The metadata that you apply to CodeDeploy deployment groups to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" }, - "TriggerEventSource": { - "$ref": "#/definitions/AWS::Connect::Rule.RuleTriggerEventSource", - "markdownDescription": "The event source to trigger the rule.", - "title": "TriggerEventSource" + "TerminationHookEnabled": { + "markdownDescription": "Indicates whether the deployment group was configured to have CodeDeploy install a termination hook into an Auto Scaling group.\n\nFor more information about the termination hook, see [How Amazon EC2 Auto Scaling works with CodeDeploy](https://docs.aws.amazon.com//codedeploy/latest/userguide/integrations-aws-auto-scaling.html#integrations-aws-auto-scaling-behaviors) in the *AWS CodeDeploy User Guide* .", + "title": "TerminationHookEnabled", + "type": "boolean" + }, + "TriggerConfigurations": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TriggerConfig" + }, + "markdownDescription": "Information about triggers associated with the deployment group. Duplicates are not allowed", + "title": "TriggerConfigurations", + "type": "array" } }, "required": [ - "Actions", - "Function", - "InstanceArn", - "Name", - "PublishStatus", - "TriggerEventSource" + "ApplicationName", + "ServiceRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::Rule" + "AWS::CodeDeploy::DeploymentGroup" ], "type": "string" }, @@ -51788,306 +56903,473 @@ ], "type": "object" }, - "AWS::Connect::Rule.Actions": { + "AWS::CodeDeploy::DeploymentGroup.Alarm": { "additionalProperties": false, "properties": { - "AssignContactCategoryActions": { + "Name": { + "markdownDescription": "The name of the alarm. Maximum length is 255 characters. Each alarm name can be used only once in a list of alarms.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration": { + "additionalProperties": false, + "properties": { + "Alarms": { "items": { - "type": "object" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Alarm" }, - "markdownDescription": "Information about the contact category action. The syntax can be empty, for example, `{}` .", - "title": "AssignContactCategoryActions", + "markdownDescription": "A list of alarms configured for the deployment or deployment group. A maximum of 10 alarms can be added.", + "title": "Alarms", "type": "array" }, - "CreateCaseActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.CreateCaseAction" - }, - "markdownDescription": "", - "title": "CreateCaseActions", - "type": "array" + "Enabled": { + "markdownDescription": "Indicates whether the alarm configuration is enabled.", + "title": "Enabled", + "type": "boolean" }, - "EndAssociatedTasksActions": { - "items": { - "type": "object" - }, - "markdownDescription": "", - "title": "EndAssociatedTasksActions", - "type": "array" + "IgnorePollAlarmFailure": { + "markdownDescription": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from Amazon CloudWatch . The default value is `false` .\n\n- `true` : The deployment proceeds even if alarm status information can't be retrieved from CloudWatch .\n- `false` : The deployment stops if alarm status information can't be retrieved from CloudWatch .", + "title": "IgnorePollAlarmFailure", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether a defined automatic rollback configuration is currently enabled.", + "title": "Enabled", + "type": "boolean" }, - "EventBridgeActions": { + "Events": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.EventBridgeAction" + "type": "string" }, - "markdownDescription": "Information about the EventBridge action.", - "title": "EventBridgeActions", + "markdownDescription": "The event type or types that trigger a rollback. Valid values are `DEPLOYMENT_FAILURE` , `DEPLOYMENT_STOP_ON_ALARM` , or `DEPLOYMENT_STOP_ON_REQUEST` .", + "title": "Events", "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration": { + "additionalProperties": false, + "properties": { + "DeploymentReadyOption": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption", + "markdownDescription": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment.", + "title": "DeploymentReadyOption" }, - "SendNotificationActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.SendNotificationAction" - }, - "markdownDescription": "Information about the send notification action.", - "title": "SendNotificationActions", - "type": "array" + "GreenFleetProvisioningOption": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption", + "markdownDescription": "Information about how instances are provisioned for a replacement environment in a blue/green deployment.", + "title": "GreenFleetProvisioningOption" }, - "TaskActions": { - "items": { - "$ref": "#/definitions/AWS::Connect::Rule.TaskAction" - }, - "markdownDescription": "Information about the task action. This field is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", - "title": "TaskActions", - "type": "array" + "TerminateBlueInstancesOnDeploymentSuccess": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption", + "markdownDescription": "Information about whether to terminate instances in the original fleet during a blue/green deployment.", + "title": "TerminateBlueInstancesOnDeploymentSuccess" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action to take on instances in the original environment after a successful blue/green deployment.\n\n- `TERMINATE` : Instances are terminated after a specified wait time.\n- `KEEP_ALIVE` : Instances are left running after they are deregistered from the load balancer and removed from the deployment group.", + "title": "Action", + "type": "string" }, - "UpdateCaseActions": { + "TerminationWaitTimeInMinutes": { + "markdownDescription": "For an Amazon EC2 deployment, the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n\nFor an Amazon ECS deployment, the number of minutes before deleting the original (blue) task set. During an Amazon ECS deployment, CodeDeploy shifts traffic from the original (blue) task set to a replacement (green) task set.\n\nThe maximum setting is 2880 minutes (2 days).", + "title": "TerminationWaitTimeInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.Deployment": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A comment about the deployment.", + "title": "Description", + "type": "string" + }, + "IgnoreApplicationStopFailures": { + "markdownDescription": "If true, then if an `ApplicationStop` , `BeforeBlockTraffic` , or `AfterBlockTraffic` deployment lifecycle event to an instance fails, then the deployment continues to the next deployment lifecycle event. For example, if `ApplicationStop` fails, the deployment continues with DownloadBundle. If `BeforeBlockTraffic` fails, the deployment continues with `BlockTraffic` . If `AfterBlockTraffic` fails, the deployment continues with `ApplicationStop` .\n\nIf false or not specified, then if a lifecycle event fails during a deployment to an instance, that deployment fails. If deployment to that instance is part of an overall deployment and the number of healthy hosts is not less than the minimum number of healthy hosts, then a deployment to the next instance is attempted.\n\nDuring a deployment, the AWS CodeDeploy agent runs the scripts specified for `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` in the AppSpec file from the previous successful deployment. (All other scripts are run from the AppSpec file in the current deployment.) If one of these scripts contains an error and does not run successfully, the deployment can fail.\n\nIf the cause of the failure is a script from the last successful deployment that will never run successfully, create a new deployment and use `ignoreApplicationStopFailures` to specify that the `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` failures should be ignored.", + "title": "IgnoreApplicationStopFailures", + "type": "boolean" + }, + "Revision": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.RevisionLocation", + "markdownDescription": "Information about the location of stored application artifacts and the service from which to retrieve them.", + "title": "Revision" + } + }, + "required": [ + "Revision" + ], + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption": { + "additionalProperties": false, + "properties": { + "ActionOnTimeout": { + "markdownDescription": "Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n\n- CONTINUE_DEPLOYMENT: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n- STOP_DEPLOYMENT: Do not register new instances with a load balancer unless traffic rerouting is started using [ContinueDeployment](https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html) . If traffic rerouting is not started before the end of the specified wait period, the deployment status is changed to Stopped.", + "title": "ActionOnTimeout", + "type": "string" + }, + "WaitTimeInMinutes": { + "markdownDescription": "The number of minutes to wait before the status of a blue/green deployment is changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout` .", + "title": "WaitTimeInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.DeploymentStyle": { + "additionalProperties": false, + "properties": { + "DeploymentOption": { + "markdownDescription": "Indicates whether to route deployment traffic behind a load balancer.\n\n> An Amazon EC2 Application Load Balancer or Network Load Balancer is required for an Amazon ECS deployment.", + "title": "DeploymentOption", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Indicates whether to run an in-place or blue/green deployment.", + "title": "DeploymentType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.EC2TagFilter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag filter key.", + "title": "Key", + "type": "string" + }, + "Type": { + "markdownDescription": "The tag filter type:\n\n- `KEY_ONLY` : Key only.\n- `VALUE_ONLY` : Value only.\n- `KEY_AND_VALUE` : Key and value.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag filter value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.EC2TagSet": { + "additionalProperties": false, + "properties": { + "Ec2TagSetList": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.UpdateCaseAction" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject" }, - "markdownDescription": "", - "title": "UpdateCaseActions", + "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group.\n\nDuplicates are not allowed.", + "title": "Ec2TagSetList", "type": "array" } }, "type": "object" }, - "AWS::Connect::Rule.CreateCaseAction": { + "AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject": { "additionalProperties": false, "properties": { - "Fields": { + "Ec2TagGroup": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.Field" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" }, - "markdownDescription": "", - "title": "Fields", + "markdownDescription": "A list that contains other lists of Amazon EC2 instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.", + "title": "Ec2TagGroup", "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.ECSService": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The name of the cluster that the Amazon ECS service is associated with.", + "title": "ClusterName", + "type": "string" }, - "TemplateId": { - "markdownDescription": "", - "title": "TemplateId", + "ServiceName": { + "markdownDescription": "The name of the target Amazon ECS service.", + "title": "ServiceName", "type": "string" } }, "required": [ - "Fields", - "TemplateId" + "ClusterName", + "ServiceName" ], "type": "object" }, - "AWS::Connect::Rule.EventBridgeAction": { + "AWS::CodeDeploy::DeploymentGroup.ELBInfo": { "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "The name.", + "markdownDescription": "For blue/green deployments, the name of the load balancer that is used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment is complete.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only.", "title": "Name", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::Connect::Rule.Field": { + "AWS::CodeDeploy::DeploymentGroup.GitHubLocation": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "", - "title": "Id", + "CommitId": { + "markdownDescription": "The SHA1 commit ID of the GitHub commit that represents the bundled artifacts for the application revision.", + "title": "CommitId", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::Connect::Rule.FieldValue", - "markdownDescription": "", - "title": "Value" + "Repository": { + "markdownDescription": "The GitHub account and repository pair that stores a reference to the commit that represents the bundled artifacts for the application revision.\n\nSpecify the value as `account/repository` .", + "title": "Repository", + "type": "string" } }, "required": [ - "Id", - "Value" + "CommitId", + "Repository" ], "type": "object" }, - "AWS::Connect::Rule.FieldValue": { + "AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "", - "title": "DoubleValue", - "type": "number" - }, - "EmptyValue": { - "markdownDescription": "", - "title": "EmptyValue", - "type": "object" - }, - "StringValue": { - "markdownDescription": "", - "title": "StringValue", + "Action": { + "markdownDescription": "The method used to add instances to a replacement environment.\n\n- `DISCOVER_EXISTING` : Use instances that already exist or will be created manually.\n- `COPY_AUTO_SCALING_GROUP` : Use settings from a specified Auto Scaling group to define and create instances in a new Auto Scaling group.", + "title": "Action", "type": "string" } }, "type": "object" }, - "AWS::Connect::Rule.NotificationRecipientType": { + "AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo": { "additionalProperties": false, "properties": { - "UserArns": { + "ElbInfoList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ELBInfo" }, - "markdownDescription": "The Amazon Resource Name (ARN) of the user account.", - "title": "UserArns", + "markdownDescription": "An array that contains information about the load balancers to use for load balancing in a deployment. If you're using Classic Load Balancers, specify those load balancers in this array.\n\n> You can add up to 10 load balancers to the array. > If you're using Application Load Balancers or Network Load Balancers, use the `targetGroupInfoList` array instead of this one.", + "title": "ElbInfoList", "type": "array" }, - "UserTags": { - "additionalProperties": true, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }. Amazon Connect users with the specified tags will be notified.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "TargetGroupInfoList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" }, - "title": "UserTags", - "type": "object" + "markdownDescription": "An array that contains information about the target groups to use for load balancing in a deployment. If you're using Application Load Balancers and Network Load Balancers, specify their associated target groups in this array.\n\n> You can add up to 10 target groups to the array. > If you're using Classic Load Balancers, use the `elbInfoList` array instead of this one.", + "title": "TargetGroupInfoList", + "type": "array" + }, + "TargetGroupPairInfoList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo" + }, + "markdownDescription": "The target group pair information. This is an array of `TargeGroupPairInfo` objects with a maximum size of one.", + "title": "TargetGroupPairInfoList", + "type": "array" } }, "type": "object" }, - "AWS::Connect::Rule.Reference": { + "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of the reference. `DATE` must be of type Epoch timestamp.\n\n*Allowed values* : `URL` | `ATTACHMENT` | `NUMBER` | `STRING` | `DATE` | `EMAIL`", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).", - "title": "Value", - "type": "string" + "OnPremisesTagSetList": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject" + }, + "markdownDescription": "A list that contains other lists of on-premises instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.\n\nDuplicates are not allowed.", + "title": "OnPremisesTagSetList", + "type": "array" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::Connect::Rule.RuleTriggerEventSource": { + "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject": { "additionalProperties": false, "properties": { - "EventSourceName": { - "markdownDescription": "The name of the event source.", - "title": "EventSourceName", - "type": "string" + "OnPremisesTagGroup": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" + }, + "markdownDescription": "Information about groups of on-premises instance tags.", + "title": "OnPremisesTagGroup", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.RevisionLocation": { + "additionalProperties": false, + "properties": { + "GitHubLocation": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GitHubLocation", + "markdownDescription": "Information about the location of application artifacts stored in GitHub.", + "title": "GitHubLocation" }, - "IntegrationAssociationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the integration association. `IntegrationAssociationArn` is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", - "title": "IntegrationAssociationArn", + "RevisionType": { + "markdownDescription": "The type of application revision:\n\n- S3: An application revision stored in Amazon S3.\n- GitHub: An application revision stored in GitHub (EC2/On-premises deployments only).\n- String: A YAML-formatted or JSON-formatted string ( AWS Lambda deployments only).\n- AppSpecContent: An `AppSpecContent` object that contains the contents of an AppSpec file for an AWS Lambda or Amazon ECS deployment. The content is formatted as JSON or YAML stored as a RawString.", + "title": "RevisionType", "type": "string" + }, + "S3Location": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.S3Location", + "markdownDescription": "Information about the location of a revision stored in Amazon S3.", + "title": "S3Location" } }, - "required": [ - "EventSourceName" - ], "type": "object" }, - "AWS::Connect::Rule.SendNotificationAction": { + "AWS::CodeDeploy::DeploymentGroup.S3Location": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "Notification content. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Content", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where the application revision is stored.", + "title": "Bucket", "type": "string" }, - "ContentType": { - "markdownDescription": "Content type format.\n\n*Allowed value* : `PLAIN_TEXT`", - "title": "ContentType", + "BundleType": { + "markdownDescription": "The file type of the application revision. Must be one of the following:\n\n- JSON\n- tar: A tar archive file.\n- tgz: A compressed tar archive file.\n- YAML\n- zip: A zip archive file.", + "title": "BundleType", "type": "string" }, - "DeliveryMethod": { - "markdownDescription": "Notification delivery method.\n\n*Allowed value* : `EMAIL`", - "title": "DeliveryMethod", + "ETag": { + "markdownDescription": "The ETag of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the ETag is not specified as an input parameter, ETag validation of the object is skipped.", + "title": "ETag", "type": "string" }, - "Recipient": { - "$ref": "#/definitions/AWS::Connect::Rule.NotificationRecipientType", - "markdownDescription": "Notification recipient.", - "title": "Recipient" + "Key": { + "markdownDescription": "The name of the Amazon S3 object that represents the bundled artifacts for the application revision.", + "title": "Key", + "type": "string" }, - "Subject": { - "markdownDescription": "The subject of the email if the delivery method is `EMAIL` . Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Subject", + "Version": { + "markdownDescription": "A specific version of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the version is not specified, the system uses the most recent version by default.", + "title": "Version", "type": "string" } }, "required": [ - "Content", - "ContentType", - "DeliveryMethod", - "Recipient" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Connect::Rule.TaskAction": { + "AWS::CodeDeploy::DeploymentGroup.TagFilter": { "additionalProperties": false, "properties": { - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ContactFlowArn", + "Key": { + "markdownDescription": "The on-premises instance tag filter key.", + "title": "Key", "type": "string" }, - "Description": { - "markdownDescription": "The description. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", - "title": "Description", + "Type": { + "markdownDescription": "The on-premises instance tag filter type:\n\n- KEY_ONLY: Key only.\n- VALUE_ONLY: Value only.\n- KEY_AND_VALUE: Key and value.", + "title": "Type", "type": "string" }, + "Value": { + "markdownDescription": "The on-premises instance tag filter value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The name. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "markdownDescription": "For blue/green deployments, the name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. No duplicates allowed.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only. \n\nThis value cannot exceed 32 characters, so you should use the `Name` property of the target group, or the `TargetGroupName` attribute with the `Fn::GetAtt` intrinsic function, as shown in the following example. Don't use the group's Amazon Resource Name (ARN) or `TargetGroupFullName` attribute.", "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo": { + "additionalProperties": false, + "properties": { + "ProdTrafficRoute": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", + "markdownDescription": "The path used by a load balancer to route production traffic when an Amazon ECS deployment is complete.", + "title": "ProdTrafficRoute" }, - "References": { - "additionalProperties": false, - "markdownDescription": "Information about the reference when the `referenceType` is `URL` . Otherwise, null. `URL` is the only accepted type. (Supports variable injection in the `Value` field.)", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Connect::Rule.Reference" - } + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" }, - "title": "References", - "type": "object" + "markdownDescription": "One pair of target groups. One is associated with the original task set. The second is associated with the task set that serves traffic after the deployment is complete.", + "title": "TargetGroups", + "type": "array" + }, + "TestTrafficRoute": { + "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", + "markdownDescription": "An optional path used by a load balancer to route test traffic after an Amazon ECS deployment. Validation can occur while test traffic is served during a deployment.", + "title": "TestTrafficRoute" } }, - "required": [ - "ContactFlowArn", - "Name" - ], "type": "object" }, - "AWS::Connect::Rule.UpdateCaseAction": { + "AWS::CodeDeploy::DeploymentGroup.TrafficRoute": { "additionalProperties": false, "properties": { - "Fields": { + "ListenerArns": { "items": { - "$ref": "#/definitions/AWS::Connect::Rule.Field" + "type": "string" }, - "markdownDescription": "", - "title": "Fields", + "markdownDescription": "The Amazon Resource Name (ARN) of one listener. The listener identifies the route between a target group and a load balancer. This is an array of strings with a maximum size of one.", + "title": "ListenerArns", "type": "array" } }, - "required": [ - "Fields" - ], "type": "object" }, - "AWS::Connect::SecurityKey": { + "AWS::CodeDeploy::DeploymentGroup.TriggerConfig": { + "additionalProperties": false, + "properties": { + "TriggerEvents": { + "items": { + "type": "string" + }, + "markdownDescription": "The event type or types that trigger notifications.", + "title": "TriggerEvents", + "type": "array" + }, + "TriggerName": { + "markdownDescription": "The name of the notification trigger.", + "title": "TriggerName", + "type": "string" + }, + "TriggerTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic through which notifications about deployment or instance events are sent.", + "title": "TriggerTargetArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodeGuruProfiler::ProfilingGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -52122,26 +57404,46 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", - "title": "InstanceId", + "AgentPermissions": { + "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions", + "markdownDescription": "The agent permissions attached to this profiling group. This action group grants `ConfigureAgent` and `PostAgentProfile` permissions to perform actions required by the profiling agent. The Json consists of key `Principals` .\n\n*Principals* : A list of string ARNs for the roles and users you want to grant access to the profiling group. Wildcards are not supported in the ARNs. You are allowed to provide up to 50 ARNs. An empty list is not permitted. This is a required key.\n\nFor more information, see [Resource-based policies in CodeGuru Profiler](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/resource-based-policies.html) in the *Amazon CodeGuru Profiler user guide* , [ConfigureAgent](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html) , and [PostAgentProfile](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html) .", + "title": "AgentPermissions" + }, + "AnomalyDetectionNotificationConfiguration": { + "items": { + "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.Channel" + }, + "markdownDescription": "Adds anomaly notifications for a profiling group.", + "title": "AnomalyDetectionNotificationConfiguration", + "type": "array" + }, + "ComputePlatform": { + "markdownDescription": "The compute platform of the profiling group. Use `AWSLambda` if your application runs on AWS Lambda. Use `Default` if your application runs on a compute platform that is not AWS Lambda , such an Amazon EC2 instance, an on-premises server, or a different platform. If not specified, `Default` is used. This property is immutable.", + "title": "ComputePlatform", "type": "string" }, - "Key": { - "markdownDescription": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", - "title": "Key", + "ProfilingGroupName": { + "markdownDescription": "The name of the profiling group.", + "title": "ProfilingGroupName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the created profiling group.", + "title": "Tags", + "type": "array" } }, "required": [ - "InstanceId", - "Key" + "ProfilingGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::SecurityKey" + "AWS::CodeGuruProfiler::ProfilingGroup" ], "type": "string" }, @@ -52160,7 +57462,43 @@ ], "type": "object" }, - "AWS::Connect::SecurityProfile": { + "AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions": { + "additionalProperties": false, + "properties": { + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Principals", + "type": "array" + } + }, + "required": [ + "Principals" + ], + "type": "object" + }, + "AWS::CodeGuruProfiler::ProfilingGroup.Channel": { + "additionalProperties": false, + "properties": { + "channelId": { + "markdownDescription": "The channel ID.", + "title": "channelId", + "type": "string" + }, + "channelUri": { + "markdownDescription": "The channel URI.", + "title": "channelUri", + "type": "string" + } + }, + "required": [ + "channelUri" + ], + "type": "object" + }, + "AWS::CodeGuruReviewer::RepositoryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -52195,84 +57533,161 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedAccessControlHierarchyGroupId": { - "markdownDescription": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.", - "title": "AllowedAccessControlHierarchyGroupId", + "BucketName": { + "markdownDescription": "The name of the bucket. This is required for your S3Bucket repository. The name must start with the prefix `codeguru-reviewer-*` .", + "title": "BucketName", "type": "string" }, - "AllowedAccessControlTags": { + "ConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. Its format is `arn:aws:codestar-connections:region-id:aws-account_id:connection/connection-id` . For more information, see [Connection](https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_Connection.html) in the *AWS CodeStar Connections API Reference* .\n\n`ConnectionArn` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", + "title": "ConnectionArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the repository.", + "title": "Name", + "type": "string" + }, + "Owner": { + "markdownDescription": "The owner of the repository. For a GitHub Enterprise Server or Bitbucket repository, this is the username for the account that owns the repository.\n\n`Owner` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", + "title": "Owner", + "type": "string" + }, + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect.", - "title": "AllowedAccessControlTags", + "markdownDescription": "An array of key-value pairs used to tag an associated repository. A tag is a custom attribute label with two parts:\n\n- A *tag key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag keys are case sensitive.\n- An optional field known as a *tag value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag value is the same as using an empty string. Like tag keys, tag values are case sensitive.", + "title": "Tags", "type": "array" }, - "Applications": { - "items": { - "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" - }, - "markdownDescription": "", - "title": "Applications", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the security profile.", - "title": "Description", + "Type": { + "markdownDescription": "The type of repository that contains the source code to be reviewed. The valid values are:\n\n- `CodeCommit`\n- `Bitbucket`\n- `GitHubEnterpriseServer`\n- `S3Bucket`", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CodeGuruReviewer::RepositoryAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CodePipeline::CustomActionType": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "HierarchyRestrictedResources": { + { "items": { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "markdownDescription": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: `User` .", - "title": "HierarchyRestrictedResources", "type": "array" - }, - "InstanceArn": { - "markdownDescription": "The identifier of the Amazon Connect instance.", - "title": "InstanceArn", + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "The category of the custom action, such as a build action or a test action.", + "title": "Category", "type": "string" }, - "Permissions": { + "ConfigurationProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ConfigurationProperties" }, - "markdownDescription": "Permissions assigned to the security profile. For a list of valid permissions, see [List of security profile permissions](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html) .", - "title": "Permissions", + "markdownDescription": "The configuration properties for the custom action.\n\n> You can refer to a name in the configuration properties of the custom action within the URL templates by following the format of {Config:name}, as long as the configuration property is both required and not secret. For more information, see [Create a Custom Action for a Pipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-create-custom-action.html) .", + "title": "ConfigurationProperties", "type": "array" }, - "SecurityProfileName": { - "markdownDescription": "The name for the security profile.", - "title": "SecurityProfileName", + "InputArtifactDetails": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", + "markdownDescription": "The details of the input artifact for the action, such as its commit ID.", + "title": "InputArtifactDetails" + }, + "OutputArtifactDetails": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", + "markdownDescription": "The details of the output artifact of the action, such as its commit ID.", + "title": "OutputArtifactDetails" + }, + "Provider": { + "markdownDescription": "The provider of the service used in the custom action, such as CodeDeploy.", + "title": "Provider", "type": "string" }, - "TagRestrictedResources": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of resources that a security profile applies tag restrictions to in Amazon Connect.", - "title": "TagRestrictedResources", - "type": "array" + "Settings": { + "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.Settings", + "markdownDescription": "URLs that provide users information about this custom action.", + "title": "Settings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "markdownDescription": "The tags for the custom action.", "title": "Tags", "type": "array" + }, + "Version": { + "markdownDescription": "The version identifier of the custom action.", + "title": "Version", + "type": "string" } }, "required": [ - "InstanceArn", - "SecurityProfileName" + "Category", + "InputArtifactDetails", + "OutputArtifactDetails", + "Provider", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::SecurityProfile" + "AWS::CodePipeline::CustomActionType" ], "type": "string" }, @@ -52291,30 +57706,100 @@ ], "type": "object" }, - "AWS::Connect::SecurityProfile.Application": { + "AWS::CodePipeline::CustomActionType.ArtifactDetails": { "additionalProperties": false, "properties": { - "ApplicationPermissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions that the agent is granted on the application. Only the `ACCESS` permission is supported.", - "title": "ApplicationPermissions", - "type": "array" + "MaximumCount": { + "markdownDescription": "The maximum number of artifacts allowed for the action type.", + "title": "MaximumCount", + "type": "number" }, - "Namespace": { - "markdownDescription": "Namespace of the application that you want to give access to.", - "title": "Namespace", + "MinimumCount": { + "markdownDescription": "The minimum number of artifacts allowed for the action type.", + "title": "MinimumCount", + "type": "number" + } + }, + "required": [ + "MaximumCount", + "MinimumCount" + ], + "type": "object" + }, + "AWS::CodePipeline::CustomActionType.ConfigurationProperties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the action configuration property that is displayed to users.", + "title": "Description", + "type": "string" + }, + "Key": { + "markdownDescription": "Whether the configuration property is a key.", + "title": "Key", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the action configuration property.", + "title": "Name", + "type": "string" + }, + "Queryable": { + "markdownDescription": "Indicates that the property is used with `PollForJobs` . When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.\n\nIf you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens.", + "title": "Queryable", + "type": "boolean" + }, + "Required": { + "markdownDescription": "Whether the configuration property is a required value.", + "title": "Required", + "type": "boolean" + }, + "Secret": { + "markdownDescription": "Whether the configuration property is secret. Secrets are hidden from all calls except for `GetJobDetails` , `GetThirdPartyJobDetails` , `PollForJobs` , and `PollForThirdPartyJobs` .\n\nWhen updating a pipeline, passing * * * * * without changing any other values of the action preserves the previous value of the secret.", + "title": "Secret", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The type of the configuration property.", + "title": "Type", "type": "string" } }, "required": [ - "ApplicationPermissions", - "Namespace" + "Key", + "Name", + "Required", + "Secret" ], "type": "object" }, - "AWS::Connect::TaskTemplate": { + "AWS::CodePipeline::CustomActionType.Settings": { + "additionalProperties": false, + "properties": { + "EntityUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for a CodeDeploy deployment group. This link is provided as part of the action display in the pipeline.", + "title": "EntityUrlTemplate", + "type": "string" + }, + "ExecutionUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for CodeDeploy. This link is shown on the pipeline view page in the CodePipeline console and provides a link to the execution entity of the external action.", + "title": "ExecutionUrlTemplate", + "type": "string" + }, + "RevisionUrlTemplate": { + "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action.", + "title": "RevisionUrlTemplate", + "type": "string" + }, + "ThirdPartyConfigurationUrl": { + "markdownDescription": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service.", + "title": "ThirdPartyConfigurationUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -52349,74 +57834,94 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", - "title": "ClientToken", - "type": "string" - }, - "Constraints": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.Constraints", - "markdownDescription": "Constraints that are applicable to the fields listed.\n\nThe values can be represented in either JSON or YAML format. For an example of the JSON configuration, see *Examples* at the bottom of this page.", - "title": "Constraints" - }, - "ContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow that runs by default when a task is created by referencing this template. `ContactFlowArn` is not required when there is a field with `fieldType` = `QUICK_CONNECT` .", - "title": "ContactFlowArn", - "type": "string" + "ArtifactStore": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", + "markdownDescription": "The S3 bucket where artifacts for the pipeline are stored.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStore" }, - "Defaults": { + "ArtifactStores": { "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.DefaultFieldValue" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStoreMap" }, - "markdownDescription": "The default values for fields when a task is created by referencing this template.", - "title": "Defaults", + "markdownDescription": "A mapping of `artifactStore` objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStores", "type": "array" }, - "Description": { - "markdownDescription": "The description of the task template.", - "title": "Description", - "type": "string" - }, - "Fields": { + "DisableInboundStageTransitions": { "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.Field" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageTransition" }, - "markdownDescription": "Fields that are part of the template. A template requires at least one field that has type `Name` .", - "title": "Fields", + "markdownDescription": "Represents the input of a `DisableStageTransition` action.", + "title": "DisableInboundStageTransitions", "type": "array" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "InstanceArn", + "ExecutionMode": { + "markdownDescription": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED.", + "title": "ExecutionMode", "type": "string" }, "Name": { - "markdownDescription": "The name of the task template.", + "markdownDescription": "The name of the pipeline.", "title": "Name", "type": "string" }, - "Status": { - "markdownDescription": "The status of the task template.", - "title": "Status", + "PipelineType": { + "markdownDescription": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications.\n\n- V1 type pipelines have a JSON structure that contains standard pipeline, stage, and action-level parameters.\n- V2 type pipelines have the same structure as a V1 type, along with additional parameters for release safety and trigger configuration.\n\n> Including V2 parameters, such as triggers on Git tags, in the pipeline JSON when creating or updating a pipeline will result in the pipeline having the V2 type of pipeline and the associated costs. \n\nFor information about pricing for CodePipeline, see [Pricing](https://docs.aws.amazon.com/codepipeline/pricing/) .\n\nFor information about which type of pipeline to choose, see [What type of pipeline is right for me?](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html) .", + "title": "PipelineType", + "type": "string" + }, + "RestartExecutionOnUpdate": { + "markdownDescription": "Indicates whether to rerun the CodePipeline pipeline after you update it.", + "title": "RestartExecutionOnUpdate", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no `actionRoleArn` , or to use to assume roles for actions with an `actionRoleArn` .", + "title": "RoleArn", "type": "string" }, + "Stages": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageDeclaration" + }, + "markdownDescription": "Represents information about a stage and its definition.", + "title": "Stages", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "Specifies the tags applied to the pipeline.", "title": "Tags", "type": "array" + }, + "Triggers": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration" + }, + "markdownDescription": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline.\n\n> When a trigger configuration is specified, default change detection for repository and branch commits is disabled.", + "title": "Triggers", + "type": "array" + }, + "Variables": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.VariableDeclaration" + }, + "markdownDescription": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match `[A-Za-z0-9@\\-_]+` .", + "title": "Variables", + "type": "array" } }, "required": [ - "InstanceArn" + "RoleArn", + "Stages" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::TaskTemplate" + "AWS::CodePipeline::Pipeline" ], "type": "string" }, @@ -52435,79 +57940,236 @@ ], "type": "object" }, - "AWS::Connect::TaskTemplate.Constraints": { + "AWS::CodePipeline::Pipeline.ActionDeclaration": { "additionalProperties": false, "properties": { - "InvisibleFields": { + "ActionTypeId": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionTypeId", + "markdownDescription": "Specifies the action type and the provider of the action.", + "title": "ActionTypeId" + }, + "Commands": { "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.InvisibleFieldInfo" + "type": "string" }, - "markdownDescription": "Lists the fields that are invisible to agents.", - "title": "InvisibleFields", + "markdownDescription": "The shell commands to run with your compute action in CodePipeline. All commands are supported except multi-line formats. While CodeBuild logs and permissions are used, you do not need to create any resources in CodeBuild.\n\n> Using compute time for this action will incur separate charges in AWS CodeBuild .", + "title": "Commands", "type": "array" }, - "ReadOnlyFields": { + "Configuration": { + "markdownDescription": "The action's configuration. These are key-value pairs that specify input values for an action. For more information, see [Action Structure Requirements in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) . For the list of configuration properties for the AWS CloudFormation action type in CodePipeline, see [Configuration Properties Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-action-reference.html) in the *AWS CloudFormation User Guide* . For template snippets with examples, see [Using Parameter Override Functions with CodePipeline Pipelines](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-parameter-override-functions.html) in the *AWS CloudFormation User Guide* .\n\nThe values can be represented in either JSON or YAML format. For example, the JSON configuration item format is as follows:\n\n*JSON:*\n\n`\"Configuration\" : { Key : Value },`", + "title": "Configuration", + "type": "object" + }, + "EnvironmentVariables": { "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.ReadOnlyFieldInfo" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EnvironmentVariable" }, - "markdownDescription": "Lists the fields that are read-only to agents, and cannot be edited.", - "title": "ReadOnlyFields", + "markdownDescription": "The environment variables for the action.", + "title": "EnvironmentVariables", "type": "array" }, - "RequiredFields": { + "InputArtifacts": { "items": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.RequiredFieldInfo" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" }, - "markdownDescription": "Lists the fields that are required to be filled by agents.", - "title": "RequiredFields", + "markdownDescription": "The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .\n\n> For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* .", + "title": "InputArtifacts", + "type": "array" + }, + "Name": { + "markdownDescription": "The action declaration's name.", + "title": "Name", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The variable namespace associated with the action. All variables produced as output by this action fall under this namespace.", + "title": "Namespace", + "type": "string" + }, + "OutputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.OutputArtifact" + }, + "markdownDescription": "The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .", + "title": "OutputArtifacts", + "type": "array" + }, + "OutputVariables": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of variables that are to be exported from the compute action. This is specifically CodeBuild environment variables as used for that action.", + "title": "OutputVariables", "type": "array" + }, + "Region": { + "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", + "title": "Region", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline.", + "title": "RoleArn", + "type": "string" + }, + "RunOrder": { + "markdownDescription": "The order in which actions are run.", + "title": "RunOrder", + "type": "number" + }, + "TimeoutInMinutes": { + "markdownDescription": "A timeout duration in minutes that can be applied against the ActionType\u2019s default timeout value specified in [Quotas for AWS CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/limits.html) . This attribute is available only to the manual approval ActionType.", + "title": "TimeoutInMinutes", + "type": "number" } }, + "required": [ + "ActionTypeId", + "Name" + ], "type": "object" }, - "AWS::Connect::TaskTemplate.DefaultFieldValue": { + "AWS::CodePipeline::Pipeline.ActionTypeId": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "Default value for the field.", - "title": "DefaultValue", + "Category": { + "markdownDescription": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below.\n\n- `Source`\n- `Build`\n- `Test`\n- `Deploy`\n- `Invoke`\n- `Approval`\n- `Compute`", + "title": "Category", "type": "string" }, - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of a field.", - "title": "Id" + "Owner": { + "markdownDescription": "The creator of the action being called. There are three valid values for the `Owner` field in the action category section within your pipeline structure: `AWS` , `ThirdParty` , and `Custom` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", + "title": "Owner", + "type": "string" + }, + "Provider": { + "markdownDescription": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as `CodeDeploy` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", + "title": "Provider", + "type": "string" + }, + "Version": { + "markdownDescription": "A string that describes the action version.", + "title": "Version", + "type": "string" } }, "required": [ - "DefaultValue", - "Id" + "Category", + "Owner", + "Provider", + "Version" ], "type": "object" }, - "AWS::Connect::TaskTemplate.Field": { + "AWS::CodePipeline::Pipeline.ArtifactStore": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the field.", - "title": "Description", + "EncryptionKey": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EncryptionKey", + "markdownDescription": "The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) .", + "title": "EncryptionKey" + }, + "Location": { + "markdownDescription": "The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts.", + "title": "Location", "type": "string" }, - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "The unique identifier for the field.", - "title": "Id" + "Type": { + "markdownDescription": "The type of the artifact store, such as S3.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Location", + "Type" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.ArtifactStoreMap": { + "additionalProperties": false, + "properties": { + "ArtifactStore": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", + "markdownDescription": "Represents information about the S3 bucket where artifacts are stored for the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", + "title": "ArtifactStore" }, - "SingleSelectOptions": { + "Region": { + "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "ArtifactStore", + "Region" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.BeforeEntryConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" }, - "markdownDescription": "A list of options for a single select field.", - "title": "SingleSelectOptions", + "markdownDescription": "The conditions that are configured as entry conditions.", + "title": "Conditions", "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.BlockerDeclaration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Reserved for future use.", + "title": "Name", + "type": "string" }, "Type": { - "markdownDescription": "Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL`", + "markdownDescription": "Reserved for future use.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.Condition": { + "additionalProperties": false, + "properties": { + "Result": { + "markdownDescription": "The action to be done when the condition is met. For example, rolling back an execution for a failure condition.", + "title": "Result", + "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RuleDeclaration" + }, + "markdownDescription": "The rules that make up the condition.", + "title": "Rules", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.EncryptionKey": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN.\n\n> Aliases are recognized only in the account that created the AWS KMS key. For cross-account actions, you can only use the key ID or key ARN to identify the key. Cross-account actions involve using the role from the other account (AccountB), so specifying the key ID will use the key from the other account (AccountB).", + "title": "Id", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'.", "title": "Type", "type": "string" } @@ -52518,11 +58180,201 @@ ], "type": "object" }, - "AWS::Connect::TaskTemplate.FieldIdentifier": { + "AWS::CodePipeline::Pipeline.EnvironmentVariable": { "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "The name of the task template field.", + "markdownDescription": "The environment variable name in the key-value pair.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of use for the environment variable value. The value can be either `PLAINTEXT` or `SECRETS_MANAGER` . If the value is `SECRETS_MANAGER` , provide the Secrets reference in the EnvironmentVariable value.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The environment variable value in the key-value pair.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.FailureConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" + }, + "markdownDescription": "The conditions that are configured as failure conditions. For more information about conditions, see [Stage conditions](https://docs.aws.amazon.com/codepipeline/latest/userguide/stage-conditions.html) and [How do stage conditions work?](https://docs.aws.amazon.com/codepipeline/latest/userguide/concepts-how-it-works-conditions.html) .", + "title": "Conditions", + "type": "array" + }, + "Result": { + "markdownDescription": "The specified result for when the failure conditions are met, such as rolling back the stage.", + "title": "Result", + "type": "string" + }, + "RetryConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RetryConfiguration", + "markdownDescription": "The retry configuration specifies automatic retry for a failed stage, along with the configured retry mode.", + "title": "RetryConfiguration" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitBranchFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitConfiguration": { + "additionalProperties": false, + "properties": { + "PullRequest": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPullRequestFilter" + }, + "markdownDescription": "The field where the repository event that will start the pipeline is specified as pull requests.", + "title": "PullRequest", + "type": "array" + }, + "Push": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPushFilter" + }, + "markdownDescription": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details.", + "title": "Push", + "type": "array" + }, + "SourceActionName": { + "markdownDescription": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only.\n\n> You can only specify one trigger configuration per source action.", + "title": "SourceActionName", + "type": "string" + } + }, + "required": [ + "SourceActionName" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitPullRequestFilter": { + "additionalProperties": false, + "properties": { + "Branches": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", + "markdownDescription": "The field that specifies to filter on branches for the pull request trigger configuration.", + "title": "Branches" + }, + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The field that specifies which pull request events to filter on (OPEN, UPDATED, CLOSED) for the trigger configuration.", + "title": "Events", + "type": "array" + }, + "FilePaths": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", + "markdownDescription": "The field that specifies to filter on file paths for the pull request trigger configuration.", + "title": "FilePaths" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitPushFilter": { + "additionalProperties": false, + "properties": { + "Branches": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", + "markdownDescription": "The field that specifies to filter on branches for the push trigger configuration.", + "title": "Branches" + }, + "FilePaths": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", + "markdownDescription": "The field that specifies to filter on file paths for the push trigger configuration.", + "title": "FilePaths" + }, + "Tags": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitTagFilterCriteria", + "markdownDescription": "The field that contains the details for the Git tags trigger configuration.", + "title": "Tags" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.GitTagFilterCriteria": { + "additionalProperties": false, + "properties": { + "Excludes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline.", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline.", + "title": "Includes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.InputArtifact": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the artifact to be worked on (for example, \"My App\").\n\nArtifacts are the files that are worked on by actions in the pipeline. See the action configuration for each action for details about artifact parameters. For example, the S3 source action input artifact is a file name (or file path), and the files are generally provided as a ZIP file. Example artifact name: SampleApp_Windows.zip\n\nThe input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.", "title": "Name", "type": "string" } @@ -52532,49 +58384,236 @@ ], "type": "object" }, - "AWS::Connect::TaskTemplate.InvisibleFieldInfo": { + "AWS::CodePipeline::Pipeline.OutputArtifact": { "additionalProperties": false, "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of the invisible field.", - "title": "Id" + "Files": { + "items": { + "type": "string" + }, + "markdownDescription": "The files that you want to associate with the output artifact that will be exported from the compute action.", + "title": "Files", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the output of an artifact, such as \"My App\".\n\nThe output artifact name must exactly match the input artifact declared for a downstream action. However, the downstream action's input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.\n\nOutput artifact names must be unique within a pipeline.", + "title": "Name", + "type": "string" } }, "required": [ - "Id" + "Name" ], "type": "object" }, - "AWS::Connect::TaskTemplate.ReadOnlyFieldInfo": { + "AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration": { "additionalProperties": false, "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "Identifier of the read-only field.", - "title": "Id" + "GitConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitConfiguration", + "markdownDescription": "Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags.", + "title": "GitConfiguration" + }, + "ProviderType": { + "markdownDescription": "The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration.", + "title": "ProviderType", + "type": "string" } }, "required": [ - "Id" + "ProviderType" ], "type": "object" }, - "AWS::Connect::TaskTemplate.RequiredFieldInfo": { + "AWS::CodePipeline::Pipeline.RetryConfiguration": { "additionalProperties": false, "properties": { - "Id": { - "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", - "markdownDescription": "The unique identifier for the field.", - "title": "Id" + "RetryMode": { + "markdownDescription": "The method that you want to configure for automatic stage retry on stage failure. You can specify to retry only failed action in the stage or all actions in the stage.", + "title": "RetryMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.RuleDeclaration": { + "additionalProperties": false, + "properties": { + "Commands": { + "items": { + "type": "string" + }, + "markdownDescription": "The shell commands to run with your commands rule in CodePipeline. All commands are supported except multi-line formats. While CodeBuild logs and permissions are used, you do not need to create any resources in CodeBuild.\n\n> Using compute time for this action will incur separate charges in AWS CodeBuild .", + "title": "Commands", + "type": "array" + }, + "Configuration": { + "markdownDescription": "The action configuration fields for the rule.", + "title": "Configuration", + "type": "object" + }, + "InputArtifacts": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" + }, + "markdownDescription": "The input artifacts fields for the rule, such as specifying an input file for the rule.", + "title": "InputArtifacts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the rule that is created for the condition, such as `VariableCheck` .", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region for the condition associated with the rule.", + "title": "Region", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The pipeline role ARN associated with the rule.", + "title": "RoleArn", + "type": "string" + }, + "RuleTypeId": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.RuleTypeId", + "markdownDescription": "The ID for the rule type, which is made up of the combined values for category, owner, provider, and version.", + "title": "RuleTypeId" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.RuleTypeId": { + "additionalProperties": false, + "properties": { + "Category": { + "markdownDescription": "A category defines what kind of rule can be run in the stage, and constrains the provider type for the rule. The valid category is `Rule` .", + "title": "Category", + "type": "string" + }, + "Owner": { + "markdownDescription": "The creator of the rule being called. The valid value for the `Owner` field in the rule category is `AWS` .", + "title": "Owner", + "type": "string" + }, + "Provider": { + "markdownDescription": "The rule provider, such as the `DeploymentWindow` rule. For a list of rule provider names, see the rules listed in the [AWS CodePipeline rule reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/rule-reference.html) .", + "title": "Provider", + "type": "string" + }, + "Version": { + "markdownDescription": "A string that describes the rule version.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.StageDeclaration": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionDeclaration" + }, + "markdownDescription": "The actions included in a stage.", + "title": "Actions", + "type": "array" + }, + "BeforeEntry": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BeforeEntryConditions", + "markdownDescription": "The method to use when a stage allows entry. For example, configuring this field for conditions will allow entry to the stage when the conditions are met.", + "title": "BeforeEntry" + }, + "Blockers": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BlockerDeclaration" + }, + "markdownDescription": "Reserved for future use.", + "title": "Blockers", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the stage.", + "title": "Name", + "type": "string" + }, + "OnFailure": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.FailureConditions", + "markdownDescription": "The method to use when a stage has not completed successfully. For example, configuring this field for rollback will roll back a failed stage automatically to the last successful pipeline execution in the stage.", + "title": "OnFailure" + }, + "OnSuccess": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.SuccessConditions", + "markdownDescription": "The method to use when a stage has succeeded. For example, configuring this field for conditions will allow the stage to succeed when the conditions are met.", + "title": "OnSuccess" } }, "required": [ - "Id" + "Actions", + "Name" ], "type": "object" }, - "AWS::Connect::TrafficDistributionGroup": { + "AWS::CodePipeline::Pipeline.StageTransition": { + "additionalProperties": false, + "properties": { + "Reason": { + "markdownDescription": "The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI.", + "title": "Reason", + "type": "string" + }, + "StageName": { + "markdownDescription": "The name of the stage where you want to disable the inbound or outbound transition of artifacts.", + "title": "StageName", + "type": "string" + } + }, + "required": [ + "Reason", + "StageName" + ], + "type": "object" + }, + "AWS::CodePipeline::Pipeline.SuccessConditions": { + "additionalProperties": false, + "properties": { + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Pipeline.Condition" + }, + "markdownDescription": "The conditions that are success conditions.", + "title": "Conditions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Pipeline.VariableDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "The value of a pipeline-level variable.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a pipeline-level variable.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::CodePipeline::Webhook": { "additionalProperties": false, "properties": { "Condition": { @@ -52609,39 +58648,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the traffic distribution group.", - "title": "Description", + "Authentication": { + "markdownDescription": "Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response. \n\n- For information about the authentication scheme implemented by GITHUB_HMAC, see [Securing your webhooks](https://docs.aws.amazon.com/https://developer.github.com/webhooks/securing/) on the GitHub Developer website.\n- IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.\n- UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.", + "title": "Authentication", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN).", - "title": "InstanceArn", - "type": "string" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookAuthConfiguration", + "markdownDescription": "Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the `SecretToken` property must be set. For IP, only the `AllowedIPRange` property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.", + "title": "AuthenticationConfiguration" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookFilterRule" + }, + "markdownDescription": "A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.", + "title": "Filters", + "type": "array" }, "Name": { - "markdownDescription": "The name of the traffic distribution group.", + "markdownDescription": "The name of the webhook.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, {\"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", - "title": "Tags", - "type": "array" + "RegisterWithThirdParty": { + "markdownDescription": "Configures a connection between the webhook that was created and the external tool with events to be detected.", + "title": "RegisterWithThirdParty", + "type": "boolean" + }, + "TargetAction": { + "markdownDescription": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.", + "title": "TargetAction", + "type": "string" + }, + "TargetPipeline": { + "markdownDescription": "The name of the pipeline you want to connect to the webhook.", + "title": "TargetPipeline", + "type": "string" + }, + "TargetPipelineVersion": { + "markdownDescription": "The version number of the pipeline to be connected to the trigger request.\n\nRequired: Yes\n\nType: Integer\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", + "title": "TargetPipelineVersion", + "type": "number" } }, "required": [ - "InstanceArn", - "Name" + "Authentication", + "AuthenticationConfiguration", + "Filters", + "TargetAction", + "TargetPipeline", + "TargetPipelineVersion" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::TrafficDistributionGroup" + "AWS::CodePipeline::Webhook" ], "type": "string" }, @@ -52660,7 +58723,42 @@ ], "type": "object" }, - "AWS::Connect::User": { + "AWS::CodePipeline::Webhook.WebhookAuthConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedIPRange": { + "markdownDescription": "The property used to configure acceptance of webhooks in an IP address range. For IP, only the `AllowedIPRange` property must be set. This property must be set to a valid CIDR range.", + "title": "AllowedIPRange", + "type": "string" + }, + "SecretToken": { + "markdownDescription": "The property used to configure GitHub authentication. For GITHUB_HMAC, only the `SecretToken` property must be set.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response.", + "title": "SecretToken", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CodePipeline::Webhook.WebhookFilterRule": { + "additionalProperties": false, + "properties": { + "JsonPath": { + "markdownDescription": "A JsonPath expression that is applied to the body/payload of the webhook. The value selected by the JsonPath expression must match the value specified in the `MatchEquals` field. Otherwise, the request is ignored. For more information, see [Java JsonPath implementation](https://docs.aws.amazon.com/https://github.com/json-path/JsonPath) in GitHub.", + "title": "JsonPath", + "type": "string" + }, + "MatchEquals": { + "markdownDescription": "The value selected by the `JsonPath` expression must match what is supplied in the `MatchEquals` field. Otherwise, the request is ignored. Properties from the target action configuration can be included as placeholders in this value by surrounding the action configuration key with curly brackets. For example, if the value supplied here is \"refs/heads/{Branch}\" and the target action has an action configuration property called \"Branch\" with a value of \"main\", the `MatchEquals` value is evaluated as \"refs/heads/main\". For a list of action configuration properties for built-in action types, see [Pipeline Structure Reference Action Requirements](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) .", + "title": "MatchEquals", + "type": "string" + } + }, + "required": [ + "JsonPath" + ], + "type": "object" + }, + "AWS::CodeStar::GitHubRepository": { "additionalProperties": false, "properties": { "Condition": { @@ -52695,83 +58793,56 @@ "Properties": { "additionalProperties": false, "properties": { - "DirectoryUserId": { - "markdownDescription": "The identifier of the user account in the directory used for identity management.", - "title": "DirectoryUserId", - "type": "string" + "Code": { + "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.Code", + "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack.", + "title": "Code" }, - "HierarchyGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's hierarchy group.", - "title": "HierarchyGroupArn", + "ConnectionArn": { + "markdownDescription": "", + "title": "ConnectionArn", "type": "string" }, - "IdentityInfo": { - "$ref": "#/definitions/AWS::Connect::User.UserIdentityInfo", - "markdownDescription": "Information about the user identity.", - "title": "IdentityInfo" - }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", - "type": "string" - }, - "Password": { - "markdownDescription": "The user's password.", - "title": "Password", - "type": "string" + "EnableIssues": { + "markdownDescription": "Indicates whether to enable issues for the GitHub repository. You can use GitHub issues to track information and bugs for your repository.", + "title": "EnableIssues", + "type": "boolean" }, - "PhoneConfig": { - "$ref": "#/definitions/AWS::Connect::User.UserPhoneConfig", - "markdownDescription": "Information about the phone configuration for the user.", - "title": "PhoneConfig" + "IsPrivate": { + "markdownDescription": "Indicates whether the GitHub repository is a private repository. If so, you choose who can see and commit to this repository.", + "title": "IsPrivate", + "type": "boolean" }, - "RoutingProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's routing profile.", - "title": "RoutingProfileArn", + "RepositoryAccessToken": { + "markdownDescription": "The GitHub user's personal access token for the GitHub repository.", + "title": "RepositoryAccessToken", "type": "string" }, - "SecurityProfileArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the user's security profile.", - "title": "SecurityProfileArns", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" + "RepositoryDescription": { + "markdownDescription": "A comment or description about the new repository. This description is displayed in GitHub after the repository is created.", + "title": "RepositoryDescription", + "type": "string" }, - "UserProficiencies": { - "items": { - "$ref": "#/definitions/AWS::Connect::User.UserProficiency" - }, - "markdownDescription": "One or more predefined attributes assigned to a user, with a numeric value that indicates how their level of skill in a specified area.", - "title": "UserProficiencies", - "type": "array" + "RepositoryName": { + "markdownDescription": "The name of the repository you want to create in GitHub with AWS CloudFormation stack creation.", + "title": "RepositoryName", + "type": "string" }, - "Username": { - "markdownDescription": "The user name assigned to the user account.", - "title": "Username", + "RepositoryOwner": { + "markdownDescription": "The GitHub user name for the owner of the GitHub repository to be created. If this repository should be owned by a GitHub organization, provide its name.", + "title": "RepositoryOwner", "type": "string" } }, "required": [ - "InstanceArn", - "PhoneConfig", - "RoutingProfileArn", - "SecurityProfileArns", - "Username" + "RepositoryName", + "RepositoryOwner" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::User" + "AWS::CodeStar::GitHubRepository" ], "type": "string" }, @@ -52790,93 +58861,46 @@ ], "type": "object" }, - "AWS::Connect::User.UserIdentityInfo": { - "additionalProperties": false, - "properties": { - "Email": { - "markdownDescription": "The email address. If you are using SAML for identity management and include this parameter, an error is returned.", - "title": "Email", - "type": "string" - }, - "FirstName": { - "markdownDescription": "The first name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", - "title": "FirstName", - "type": "string" - }, - "LastName": { - "markdownDescription": "The last name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", - "title": "LastName", - "type": "string" - }, - "Mobile": { - "markdownDescription": "The user's mobile number.", - "title": "Mobile", - "type": "string" - }, - "SecondaryEmail": { - "markdownDescription": "The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.\n\n*Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}`", - "title": "SecondaryEmail", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Connect::User.UserPhoneConfig": { + "AWS::CodeStar::GitHubRepository.Code": { "additionalProperties": false, "properties": { - "AfterContactWorkTimeLimit": { - "markdownDescription": "The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.\n\n> When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds.", - "title": "AfterContactWorkTimeLimit", - "type": "number" - }, - "AutoAccept": { - "markdownDescription": "The Auto accept setting.", - "title": "AutoAccept", - "type": "boolean" - }, - "DeskPhoneNumber": { - "markdownDescription": "The phone number for the user's desk phone.", - "title": "DeskPhoneNumber", - "type": "string" - }, - "PhoneType": { - "markdownDescription": "The phone type.", - "title": "PhoneType", - "type": "string" + "S3": { + "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.S3", + "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository.", + "title": "S3" } }, "required": [ - "PhoneType" + "S3" ], "type": "object" }, - "AWS::Connect::User.UserProficiency": { + "AWS::CodeStar::GitHubRepository.S3": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of user\u2019s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance.", - "title": "AttributeName", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content to be committed to the new repository.", + "title": "Bucket", "type": "string" }, - "AttributeValue": { - "markdownDescription": "The value of user\u2019s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance.", - "title": "AttributeValue", + "Key": { + "markdownDescription": "The S3 object key or file name for the ZIP file.", + "title": "Key", "type": "string" }, - "Level": { - "markdownDescription": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5.", - "title": "Level", - "type": "number" + "ObjectVersion": { + "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket.", + "title": "ObjectVersion", + "type": "string" } }, "required": [ - "AttributeName", - "AttributeValue", - "Level" + "Bucket", + "Key" ], "type": "object" }, - "AWS::Connect::UserHierarchyGroup": { + "AWS::CodeStarConnections::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -52911,39 +58935,38 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user hierarchy group.", - "title": "InstanceArn", + "ConnectionName": { + "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", + "title": "ConnectionName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the user hierarchy group.", - "title": "Name", + "HostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", + "title": "HostArn", "type": "string" }, - "ParentGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the parent group.", - "title": "ParentGroupArn", + "ProviderType": { + "markdownDescription": "The name of the external provider where your third-party code repository is configured.", + "title": "ProviderType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", + "markdownDescription": "Specifies the tags applied to the resource.", "title": "Tags", "type": "array" } }, "required": [ - "InstanceArn", - "Name" + "ConnectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::UserHierarchyGroup" + "AWS::CodeStarConnections::Connection" ], "type": "string" }, @@ -52962,7 +58985,7 @@ ], "type": "object" }, - "AWS::Connect::View": { + "AWS::CodeStarConnections::RepositoryLink": { "additionalProperties": false, "properties": { "Condition": { @@ -52997,54 +59020,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of actions possible from the view.", - "title": "Actions", - "type": "array" + "ConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connection associated with the repository link.", + "title": "ConnectionArn", + "type": "string" }, - "Description": { - "markdownDescription": "The description of the view.", - "title": "Description", + "EncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the encryption key for the repository associated with the repository link.", + "title": "EncryptionKeyArn", "type": "string" }, - "InstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", - "title": "InstanceArn", + "OwnerId": { + "markdownDescription": "The owner ID for the repository associated with the repository link, such as the owner ID in GitHub.", + "title": "OwnerId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the view.", - "title": "Name", + "RepositoryName": { + "markdownDescription": "The name of the repository associated with the repository link.", + "title": "RepositoryName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the view resource (not specific to view version).", + "markdownDescription": "The tags for the repository to be associated with the repository link.", "title": "Tags", "type": "array" - }, - "Template": { - "markdownDescription": "The view template representing the structure of the view.", - "title": "Template", - "type": "object" } }, "required": [ - "Actions", - "InstanceArn", - "Name", - "Template" + "ConnectionArn", + "OwnerId", + "RepositoryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::View" + "AWS::CodeStarConnections::RepositoryLink" ], "type": "string" }, @@ -53063,7 +59077,7 @@ ], "type": "object" }, - "AWS::Connect::ViewVersion": { + "AWS::CodeStarConnections::SyncConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -53098,30 +59112,60 @@ "Properties": { "additionalProperties": false, "properties": { - "VersionDescription": { - "markdownDescription": "The description of the view version.", - "title": "VersionDescription", + "Branch": { + "markdownDescription": "The branch associated with a specific sync configuration.", + "title": "Branch", "type": "string" }, - "ViewArn": { - "markdownDescription": "The unqualified Amazon Resource Name (ARN) of the view.\n\nFor example:\n\n`arn::connect:::instance/00000000-0000-0000-0000-000000000000/view/00000000-0000-0000-0000-000000000000`", - "title": "ViewArn", + "ConfigFile": { + "markdownDescription": "The file path to the configuration file associated with a specific sync configuration. The path should point to an actual file in the sync configurations linked repository.", + "title": "ConfigFile", "type": "string" }, - "ViewContentSha256": { - "markdownDescription": "Indicates the checksum value of the latest published view content.", - "title": "ViewContentSha256", + "PublishDeploymentStatus": { + "markdownDescription": "Whether to enable or disable publishing of deployment status to source providers.", + "title": "PublishDeploymentStatus", + "type": "string" + }, + "RepositoryLinkId": { + "markdownDescription": "The ID of the repository link associated with a specific sync configuration.", + "title": "RepositoryLinkId", + "type": "string" + }, + "ResourceName": { + "markdownDescription": "The name of the connection resource associated with a specific sync configuration.", + "title": "ResourceName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role associated with a specific sync configuration.", + "title": "RoleArn", + "type": "string" + }, + "SyncType": { + "markdownDescription": "The type of sync for a specific sync configuration.", + "title": "SyncType", + "type": "string" + }, + "TriggerResourceUpdateOn": { + "markdownDescription": "When to trigger Git sync to begin the stack update.", + "title": "TriggerResourceUpdateOn", "type": "string" } }, "required": [ - "ViewArn" + "Branch", + "ConfigFile", + "RepositoryLinkId", + "ResourceName", + "RoleArn", + "SyncType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Connect::ViewVersion" + "AWS::CodeStarConnections::SyncConfiguration" ], "type": "string" }, @@ -53140,7 +59184,7 @@ ], "type": "object" }, - "AWS::ConnectCampaigns::Campaign": { + "AWS::CodeStarNotifications::NotificationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -53175,46 +59219,81 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectInstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", - "title": "ConnectInstanceArn", + "CreatedBy": { + "markdownDescription": "The name or email alias of the person who created the notification rule.", + "title": "CreatedBy", "type": "string" }, - "DialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.DialerConfig", - "markdownDescription": "Contains information about the dialer configuration.", - "title": "DialerConfig" + "DetailType": { + "markdownDescription": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created.", + "title": "DetailType", + "type": "string" + }, + "EventTypeId": { + "markdownDescription": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", + "title": "EventTypeId", + "type": "string" + }, + "EventTypeIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", + "title": "EventTypeIds", + "type": "array" }, "Name": { - "markdownDescription": "The name of the campaign.", + "markdownDescription": "The name for the notification rule. Notification rule names must be unique in your AWS account .", "title": "Name", "type": "string" }, - "OutboundCallConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.OutboundCallConfig", - "markdownDescription": "Contains information about the outbound call configuration.", - "title": "OutboundCallConfig" + "Resource": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild .", + "title": "Resource", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule.", + "title": "Status", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \".", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", + "type": "object" + }, + "TargetAddress": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic or client.", + "title": "TargetAddress", + "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::CodeStarNotifications::NotificationRule.Target" + }, + "markdownDescription": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and clients to associate with the notification rule.", + "title": "Targets", "type": "array" } }, "required": [ - "ConnectInstanceArn", - "DialerConfig", + "DetailType", + "EventTypeIds", "Name", - "OutboundCallConfig" + "Resource", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::ConnectCampaigns::Campaign" + "AWS::CodeStarNotifications::NotificationRule" ], "type": "string" }, @@ -53233,125 +59312,27 @@ ], "type": "object" }, - "AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig": { - "additionalProperties": false, - "properties": { - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig": { - "additionalProperties": false, - "properties": { - "AwaitAnswerMachinePrompt": { - "markdownDescription": "Whether waiting for answer machine prompt is enabled.", - "title": "AwaitAnswerMachinePrompt", - "type": "boolean" - }, - "EnableAnswerMachineDetection": { - "markdownDescription": "Whether answering machine detection is enabled.", - "title": "EnableAnswerMachineDetection", - "type": "boolean" - } - }, - "required": [ - "EnableAnswerMachineDetection" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.DialerConfig": { - "additionalProperties": false, - "properties": { - "AgentlessDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig", - "markdownDescription": "The configuration of the agentless dialer.", - "title": "AgentlessDialerConfig" - }, - "PredictiveDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig", - "markdownDescription": "The configuration of the predictive dialer.", - "title": "PredictiveDialerConfig" - }, - "ProgressiveDialerConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig", - "markdownDescription": "The configuration of the progressive dialer.", - "title": "ProgressiveDialerConfig" - } - }, - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.OutboundCallConfig": { + "AWS::CodeStarNotifications::NotificationRule.Target": { "additionalProperties": false, "properties": { - "AnswerMachineDetectionConfig": { - "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig", - "markdownDescription": "Whether answering machine detection has been enabled.", - "title": "AnswerMachineDetectionConfig" - }, - "ConnectContactFlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "ConnectContactFlowArn", - "type": "string" - }, - "ConnectQueueArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", - "title": "ConnectQueueArn", + "TargetAddress": { + "markdownDescription": "The Amazon Resource Name (ARN) of the topic or client.", + "title": "TargetAddress", "type": "string" }, - "ConnectSourcePhoneNumber": { - "markdownDescription": "The phone number associated with the outbound call. This is the caller ID that is displayed to customers when an agent calls them.", - "title": "ConnectSourcePhoneNumber", + "TargetType": { + "markdownDescription": "The target type. Can be an Amazon Simple Notification Service topic or client.\n\n- Amazon Simple Notification Service topics are specified as `SNS` .\n- clients are specified as `AWSChatbotSlack` .\n- clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .", + "title": "TargetType", "type": "string" } }, "required": [ - "ConnectContactFlowArn" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig": { - "additionalProperties": false, - "properties": { - "BandwidthAllocation": { - "markdownDescription": "Bandwidth allocation for the predictive dialer.", - "title": "BandwidthAllocation", - "type": "number" - }, - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "required": [ - "BandwidthAllocation" - ], - "type": "object" - }, - "AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig": { - "additionalProperties": false, - "properties": { - "BandwidthAllocation": { - "markdownDescription": "Bandwidth allocation for the progressive dialer.", - "title": "BandwidthAllocation", - "type": "number" - }, - "DialingCapacity": { - "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", - "title": "DialingCapacity", - "type": "number" - } - }, - "required": [ - "BandwidthAllocation" + "TargetAddress", + "TargetType" ], "type": "object" }, - "AWS::ControlTower::EnabledBaseline": { + "AWS::Cognito::IdentityPool": { "additionalProperties": false, "properties": { "Condition": { @@ -53386,48 +59367,87 @@ "Properties": { "additionalProperties": false, "properties": { - "BaselineIdentifier": { - "markdownDescription": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource.", - "title": "BaselineIdentifier", + "AllowClassicFlow": { + "markdownDescription": "Enables the Basic (Classic) authentication flow.", + "title": "AllowClassicFlow", + "type": "boolean" + }, + "AllowUnauthenticatedIdentities": { + "markdownDescription": "Specifies whether the identity pool supports unauthenticated logins.", + "title": "AllowUnauthenticatedIdentities", + "type": "boolean" + }, + "CognitoEvents": { + "markdownDescription": "The events to configure.", + "title": "CognitoEvents", + "type": "object" + }, + "CognitoIdentityProviders": { + "items": { + "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoIdentityProvider" + }, + "markdownDescription": "The Amazon Cognito user pools and their client IDs.", + "title": "CognitoIdentityProviders", + "type": "array" + }, + "CognitoStreams": { + "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoStreams", + "markdownDescription": "Configuration options for configuring Amazon Cognito streams.", + "title": "CognitoStreams" + }, + "DeveloperProviderName": { + "markdownDescription": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100", + "title": "DeveloperProviderName", "type": "string" }, - "BaselineVersion": { - "markdownDescription": "The enabled version of the `Baseline` .", - "title": "BaselineVersion", + "IdentityPoolName": { + "markdownDescription": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`", + "title": "IdentityPoolName", "type": "string" }, - "Parameters": { + "IdentityPoolTags": { "items": { - "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline.Parameter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Shows the parameters that are applied when enabling this `Baseline` .", - "title": "Parameters", + "markdownDescription": "Tags to assign to the identity pool. A tag is a label that you can apply to identity pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.", + "title": "IdentityPoolTags", "type": "array" }, - "Tags": { + "OpenIdConnectProviderARNs": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "The Amazon Resource Names (ARNs) of the OpenID connect providers.", + "title": "OpenIdConnectProviderARNs", "type": "array" }, - "TargetIdentifier": { - "markdownDescription": "The target on which to enable the `Baseline` .", - "title": "TargetIdentifier", - "type": "string" + "PushSync": { + "$ref": "#/definitions/AWS::Cognito::IdentityPool.PushSync", + "markdownDescription": "The configuration options to be applied to the identity pool.", + "title": "PushSync" + }, + "SamlProviderARNs": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.", + "title": "SamlProviderARNs", + "type": "array" + }, + "SupportedLoginProviders": { + "markdownDescription": "Key-value pairs that map provider names to provider app IDs.", + "title": "SupportedLoginProviders", + "type": "object" } }, "required": [ - "BaselineIdentifier", - "BaselineVersion", - "TargetIdentifier" + "AllowUnauthenticatedIdentities" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::EnabledBaseline" + "AWS::Cognito::IdentityPool" ], "type": "string" }, @@ -53446,23 +59466,72 @@ ], "type": "object" }, - "AWS::ControlTower::EnabledBaseline.Parameter": { + "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "ClientId": { + "markdownDescription": "The client ID for the Amazon Cognito user pool.", + "title": "ClientId", "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "object" + "ProviderName": { + "markdownDescription": "The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` .", + "title": "ProviderName", + "type": "string" + }, + "ServerSideTokenCheck": { + "markdownDescription": "TRUE if server-side token validation is enabled for the identity provider\u2019s token.\n\nAfter you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.\n\nIf the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.", + "title": "ServerSideTokenCheck", + "type": "boolean" } }, + "required": [ + "ClientId", + "ProviderName" + ], "type": "object" }, - "AWS::ControlTower::EnabledControl": { + "AWS::Cognito::IdentityPool.CognitoStreams": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream.", + "title": "RoleArn", + "type": "string" + }, + "StreamName": { + "markdownDescription": "The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool.", + "title": "StreamName", + "type": "string" + }, + "StreamingStatus": { + "markdownDescription": "Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` .", + "title": "StreamingStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::IdentityPool.PushSync": { + "additionalProperties": false, + "properties": { + "ApplicationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the Amazon SNS platform applications that could be used by clients.", + "title": "ApplicationArns", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::IdentityPoolPrincipalTag": { "additionalProperties": false, "properties": { "Condition": { @@ -53497,42 +59566,36 @@ "Properties": { "additionalProperties": false, "properties": { - "ControlIdentifier": { - "markdownDescription": "The ARN of the control. Only *Strongly recommended* and *Elective* controls are permitted, with the exception of the *Region deny* control. For information on how to find the `controlIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", - "title": "ControlIdentifier", + "IdentityPoolId": { + "markdownDescription": "The identity pool that you want to associate with this principal tag map.", + "title": "IdentityPoolId", "type": "string" }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ControlTower::EnabledControl.EnabledControlParameter" - }, - "markdownDescription": "Array of `EnabledControlParameter` objects.", - "title": "Parameters", - "type": "array" + "IdentityProviderName": { + "markdownDescription": "The identity pool identity provider (IdP) that you want to associate with this principal tag map.", + "title": "IdentityProviderName", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "PrincipalTags": { + "markdownDescription": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.", + "title": "PrincipalTags", + "type": "object" }, - "TargetIdentifier": { - "markdownDescription": "The ARN of the organizational unit. For information on how to find the `targetIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", - "title": "TargetIdentifier", - "type": "string" + "UseDefaults": { + "markdownDescription": "Use a default set of mappings between claims and tags for this provider, instead of a custom map.", + "title": "UseDefaults", + "type": "boolean" } }, "required": [ - "ControlIdentifier", - "TargetIdentifier" + "IdentityPoolId", + "IdentityProviderName" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::EnabledControl" + "AWS::Cognito::IdentityPoolPrincipalTag" ], "type": "string" }, @@ -53551,27 +59614,7 @@ ], "type": "object" }, - "AWS::ControlTower::EnabledControl.EnabledControlParameter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key of a key/value pair. It is of type `string` .", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.]", - "title": "Value", - "type": "object" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::ControlTower::LandingZone": { + "AWS::Cognito::IdentityPoolRoleAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -53606,34 +59649,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Manifest": { - "markdownDescription": "The landing zone manifest JSON text file that specifies the landing zone configurations.", - "title": "Manifest", - "type": "object" + "IdentityPoolId": { + "markdownDescription": "An identity pool ID in the format `REGION:GUID` .", + "title": "IdentityPoolId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "RoleMappings": { + "additionalProperties": false, + "markdownDescription": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping" + } }, - "markdownDescription": "Tags to be applied to the landing zone.", - "title": "Tags", - "type": "array" + "title": "RoleMappings", + "type": "object" }, - "Version": { - "markdownDescription": "The landing zone's current deployed version.", - "title": "Version", - "type": "string" + "Roles": { + "additionalProperties": true, + "markdownDescription": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Roles", + "type": "object" } }, "required": [ - "Manifest", - "Version" + "IdentityPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ControlTower::LandingZone" + "AWS::Cognito::IdentityPoolRoleAttachment" ], "type": "string" }, @@ -53652,7 +59703,85 @@ ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition": { + "AWS::Cognito::IdentityPoolRoleAttachment.MappingRule": { + "additionalProperties": false, + "properties": { + "Claim": { + "markdownDescription": "The claim name that must be present in the token. For example: \"isAdmin\" or \"paid\".", + "title": "Claim", + "type": "string" + }, + "MatchType": { + "markdownDescription": "The match condition that specifies how closely the claim value in the IdP token must match `Value` .\n\nValid values are: `Equals` , `Contains` , `StartsWith` , and `NotEqual` .", + "title": "MatchType", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role.", + "title": "RoleARN", + "type": "string" + }, + "Value": { + "markdownDescription": "A brief string that the claim must match. For example, \"paid\" or \"yes\".", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Claim", + "MatchType", + "RoleARN", + "Value" + ], + "type": "object" + }, + "AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping": { + "additionalProperties": false, + "properties": { + "AmbiguousRoleResolution": { + "markdownDescription": "If you specify Token or Rules as the `Type` , `AmbiguousRoleResolution` is required.\n\nSpecifies the action to be taken if either no rules match the claim value for the `Rules` type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the `Token` type.", + "title": "AmbiguousRoleResolution", + "type": "string" + }, + "IdentityProvider": { + "markdownDescription": "Identifier for the identity provider for which the role is mapped. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)` . This is the identity provider that is used by the user for authentication.\n\nIf the identity provider property isn't provided, the key of the entry in the `RoleMappings` map is used as the identity provider.", + "title": "IdentityProvider", + "type": "string" + }, + "RulesConfiguration": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType", + "markdownDescription": "The rules to be used for mapping users to roles. If you specify \"Rules\" as the role-mapping type, RulesConfiguration is required.", + "title": "RulesConfiguration" + }, + "Type": { + "markdownDescription": "The role mapping type. Token will use `cognito:roles` and `cognito:preferred_role` claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.MappingRule" + }, + "markdownDescription": "The rules. You can specify up to 25 rules per identity provider.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::Cognito::LogDeliveryConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -53687,61 +59816,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeDetails": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails", - "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", - "title": "AttributeDetails" - }, - "CalculatedAttributeName": { - "markdownDescription": "The name of an attribute defined in a profile object type.", - "title": "CalculatedAttributeName", - "type": "string" - }, - "Conditions": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions", - "markdownDescription": "The conditions including range, object count, and threshold for the calculated attribute.", - "title": "Conditions" - }, - "Description": { - "markdownDescription": "The description of the calculated attribute.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The display name of the calculated attribute.", - "title": "DisplayName", - "type": "string" - }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" - }, - "Statistic": { - "markdownDescription": "The aggregation operation to perform for the calculated attribute.", - "title": "Statistic", - "type": "string" - }, - "Tags": { + "LogConfigurations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.LogConfiguration" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", - "title": "Tags", + "markdownDescription": "A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs.", + "title": "LogConfigurations", "type": "array" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you configured logging.", + "title": "UserPoolId", + "type": "string" } }, "required": [ - "AttributeDetails", - "CalculatedAttributeName", - "DomainName", - "Statistic" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::CalculatedAttributeDefinition" + "AWS::Cognito::LogDeliveryConfiguration" ], "type": "string" }, @@ -53760,105 +59856,71 @@ ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails": { + "AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem" - }, - "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", - "title": "Attributes", - "type": "array" - }, - "Expression": { - "markdownDescription": "Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \\\"{ObjectTypeName.AttributeName}\\\".", - "title": "Expression", + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with AWS Key Management Service and must be in the same AWS account as your user pool.\n\nTo send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with `/aws/vendedlogs` . For more information, see [Enabling logging from certain AWS services](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) .", + "title": "LogGroupArn", "type": "string" } }, - "required": [ - "Attributes", - "Expression" - ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem": { + "AWS::Cognito::LogDeliveryConfiguration.FirehoseConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The unique name of the calculated attribute.", - "title": "Name", + "StreamArn": { + "markdownDescription": "The ARN of an Amazon Data Firehose stream that's the destination for threat protection log export.", + "title": "StreamArn", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions": { + "AWS::Cognito::LogDeliveryConfiguration.LogConfiguration": { "additionalProperties": false, "properties": { - "ObjectCount": { - "markdownDescription": "The number of profile objects used for the calculated attribute.", - "title": "ObjectCount", - "type": "number" + "CloudWatchLogsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration", + "markdownDescription": "Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.", + "title": "CloudWatchLogsConfiguration" }, - "Range": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Range", - "markdownDescription": "The relative time period over which data is included in the aggregation.", - "title": "Range" + "EventSource": { + "markdownDescription": "The source of events that your user pool sends for logging. To send error-level logs about user notification activity, set to `userNotification` . To send info-level logs about threat-protection user activity in user pools with the Plus feature plan, set to `userAuthEvents` .", + "title": "EventSource", + "type": "string" }, - "Threshold": { - "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold", - "markdownDescription": "The threshold for the calculated attribute.", - "title": "Threshold" - } - }, - "type": "object" - }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Range": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The unit of time.", - "title": "Unit", + "FirehoseConfiguration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.FirehoseConfiguration", + "markdownDescription": "Configuration for the Amazon Data Firehose stream destination of user activity log export with threat protection.", + "title": "FirehoseConfiguration" + }, + "LogLevel": { + "markdownDescription": "The `errorlevel` selection of logs that a user pool sends for detailed activity logging. To send `userNotification` activity with [information about message delivery](https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html) , choose `ERROR` with `CloudWatchLogsConfiguration` . To send `userAuthEvents` activity with user logs from threat protection with the Plus feature plan, choose `INFO` with one of `CloudWatchLogsConfiguration` , `FirehoseConfiguration` , or `S3Configuration` .", + "title": "LogLevel", "type": "string" }, - "Value": { - "markdownDescription": "The amount of time of the specified unit.", - "title": "Value", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.S3Configuration", + "markdownDescription": "Configuration for the Amazon S3 bucket destination of user activity log export with threat protection.", + "title": "S3Configuration" } }, - "required": [ - "Unit", - "Value" - ], "type": "object" }, - "AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold": { + "AWS::Cognito::LogDeliveryConfiguration.S3Configuration": { "additionalProperties": false, "properties": { - "Operator": { - "markdownDescription": "The operator of the threshold.", - "title": "Operator", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the threshold.", - "title": "Value", + "BucketArn": { + "markdownDescription": "The ARN of an Amazon S3 bucket that's the destination for threat protection log export.", + "title": "BucketArn", "type": "string" } }, - "required": [ - "Operator", - "Value" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain": { + "AWS::Cognito::ManagedLoginBranding": { "additionalProperties": false, "properties": { "Condition": { @@ -53893,54 +59955,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DeadLetterQueueUrl": { - "markdownDescription": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", - "title": "DeadLetterQueueUrl", - "type": "string" + "Assets": { + "items": { + "$ref": "#/definitions/AWS::Cognito::ManagedLoginBranding.AssetType" + }, + "markdownDescription": "An array of image files that you want to apply to roles like backgrounds, logos, and icons. Each object must also indicate whether it is for dark mode, light mode, or browser-adaptive mode.", + "title": "Assets", + "type": "array" }, - "DefaultEncryptionKey": { - "markdownDescription": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.", - "title": "DefaultEncryptionKey", + "ClientId": { + "markdownDescription": "The app client that you want to assign the branding style to. Each style is linked to an app client until you delete it.", + "title": "ClientId", "type": "string" }, - "DefaultExpirationDays": { - "markdownDescription": "The default number of days until the data within the domain expires.", - "title": "DefaultExpirationDays", - "type": "number" - }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" + "ReturnMergedResources": { + "markdownDescription": "When `true` , returns values for branding options that are unchanged from Amazon Cognito defaults. When `false` or when you omit this parameter, returns only values that you customized in your branding style.", + "title": "ReturnMergedResources", + "type": "boolean" }, - "Matching": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Matching", - "markdownDescription": "The process of matching duplicate profiles.", - "title": "Matching" + "Settings": { + "markdownDescription": "A JSON file, encoded as a `Document` type, with the the settings that you want to apply to your style.", + "title": "Settings", + "type": "object" }, - "RuleBasedMatching": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.RuleBasedMatching", - "markdownDescription": "The process of matching duplicate profiles using Rule-Based matching.", - "title": "RuleBasedMatching" + "UseCognitoProvidedValues": { + "markdownDescription": "When true, applies the default branding style options. This option reverts to default style options that are managed by Amazon Cognito. You can modify them later in the branding editor.\n\nWhen you specify `true` for this option, you must also omit values for `Settings` and `Assets` in the request.", + "title": "UseCognitoProvidedValues", + "type": "boolean" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" + "UserPoolId": { + "markdownDescription": "The user pool where the branding style is assigned.", + "title": "UserPoolId", + "type": "string" } }, "required": [ - "DefaultExpirationDays", - "DomainName" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::Domain" + "AWS::Cognito::ManagedLoginBranding" ], "type": "string" }, @@ -53959,281 +60015,766 @@ ], "type": "object" }, - "AWS::CustomerProfiles::Domain.AttributeTypesSelector": { + "AWS::Cognito::ManagedLoginBranding.AssetType": { "additionalProperties": false, "properties": { - "Address": { - "items": { - "type": "string" - }, - "markdownDescription": "The `Address` type. You can choose from `Address` , `BusinessAddress` , `MaillingAddress` , and `ShippingAddress` . You only can use the `Address` type in the `MatchingRule` . For example, if you want to match a profile based on `BusinessAddress.City` or `MaillingAddress.City` , you can choose the `BusinessAddress` and the `MaillingAddress` to represent the `Address` type and specify the `Address.City` on the matching rule.", - "title": "Address", - "type": "array" + "Bytes": { + "markdownDescription": "The image file, in Base64-encoded binary.", + "title": "Bytes", + "type": "string" }, - "AttributeMatchingModel": { - "markdownDescription": "Configures the `AttributeMatchingModel` , you can either choose `ONE_TO_ONE` or `MANY_TO_MANY` .", - "title": "AttributeMatchingModel", + "Category": { + "markdownDescription": "The category that the image corresponds to in your managed login configuration. Managed login has asset categories for different types of logos, backgrounds, and icons.", + "title": "Category", "type": "string" }, - "EmailAddress": { - "items": { - "type": "string" - }, - "markdownDescription": "The Email type. You can choose from `EmailAddress` , `BusinessEmailAddress` and `PersonalEmailAddress` . You only can use the `EmailAddress` type in the `MatchingRule` . For example, if you want to match profile based on `PersonalEmailAddress` or `BusinessEmailAddress` , you can choose the `PersonalEmailAddress` and the `BusinessEmailAddress` to represent the `EmailAddress` type and only specify the `EmailAddress` on the matching rule.", - "title": "EmailAddress", - "type": "array" + "ColorMode": { + "markdownDescription": "The display-mode target of the asset: light, dark, or browser-adaptive. For example, Amazon Cognito displays a dark-mode image only when the browser or application is in dark mode, but displays a browser-adaptive file in all contexts.", + "title": "ColorMode", + "type": "string" }, - "PhoneNumber": { - "items": { - "type": "string" - }, - "markdownDescription": "The `PhoneNumber` type. You can choose from `PhoneNumber` , `HomePhoneNumber` , and `MobilePhoneNumber` . You only can use the `PhoneNumber` type in the `MatchingRule` . For example, if you want to match a profile based on `Phone` or `HomePhone` , you can choose the `Phone` and the `HomePhone` to represent the `PhoneNumber` type and only specify the `PhoneNumber` on the matching rule.", - "title": "PhoneNumber", - "type": "array" + "Extension": { + "markdownDescription": "The file type of the image file.", + "title": "Extension", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the asset.", + "title": "ResourceId", + "type": "string" } }, "required": [ - "AttributeMatchingModel" + "Category", + "ColorMode", + "Extension" ], "type": "object" }, - "AWS::CustomerProfiles::Domain.AutoMerging": { + "AWS::Cognito::UserPool": { "additionalProperties": false, "properties": { - "ConflictResolution": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", - "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", - "title": "ConflictResolution" + "Condition": { + "type": "string" }, - "Consolidation": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Consolidation", - "markdownDescription": "A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged.", - "title": "Consolidation" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Enabled": { - "markdownDescription": "The flag that enables the auto-merging of duplicate profiles.", - "title": "Enabled", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MinAllowedConfidenceScoreForMerging": { - "markdownDescription": "A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means that a higher similarity is required to merge profiles.", - "title": "MinAllowedConfidenceScoreForMerging", - "type": "number" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountRecoverySetting": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AccountRecoverySetting", + "markdownDescription": "The available verified method a user can use to recover their password when they call `ForgotPassword` . You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.", + "title": "AccountRecoverySetting" + }, + "AdminCreateUserConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AdminCreateUserConfig", + "markdownDescription": "The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.", + "title": "AdminCreateUserConfig" + }, + "AliasAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "Attributes supported as an alias for this user pool. For more information about alias attributes, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", + "title": "AliasAttributes", + "type": "array" + }, + "AutoVerifiedAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The attributes that you want your user pool to automatically verify. For more information, see [Verifying contact information at sign-up](https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#allowing-users-to-sign-up-and-confirm-themselves) .", + "title": "AutoVerifiedAttributes", + "type": "array" + }, + "DeletionProtection": { + "markdownDescription": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request.", + "title": "DeletionProtection", + "type": "string" + }, + "DeviceConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.DeviceConfiguration", + "markdownDescription": "The device-remembering configuration for a user pool. Device remembering or device tracking is a \"Remember me on this device\" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see [Working with user devices in your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) . A null value indicates that you have deactivated device remembering in your user pool.\n\n> When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature. For more information, see [Working with devices](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html) .", + "title": "DeviceConfiguration" + }, + "EmailAuthenticationMessage": { + "markdownDescription": "", + "title": "EmailAuthenticationMessage", + "type": "string" + }, + "EmailAuthenticationSubject": { + "markdownDescription": "", + "title": "EmailAuthenticationSubject", + "type": "string" + }, + "EmailConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.EmailConfiguration", + "markdownDescription": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.", + "title": "EmailConfiguration" + }, + "EmailVerificationMessage": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "EmailVerificationMessage", + "type": "string" + }, + "EmailVerificationSubject": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "EmailVerificationSubject", + "type": "string" + }, + "EnabledMfas": { + "items": { + "type": "string" + }, + "markdownDescription": "Set enabled MFA options on a specified user pool. To disable all MFAs after it has been enabled, set `MfaConfiguration` to `OFF` and remove EnabledMfas. MFAs can only be all disabled if `MfaConfiguration` is `OFF` . After you enable `SMS_MFA` , you can only disable it by setting `MfaConfiguration` to `OFF` . Can be one of the following values:\n\n- `SMS_MFA` - Enables MFA with SMS for the user pool. To select this option, you must also provide values for `SmsConfiguration` .\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n- `EMAIL_OTP` - Enables MFA with email for the user pool. To select this option, you must provide values for `EmailConfiguration` and within those, set `EmailSendingAccount` to `DEVELOPER` .\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA` | `EMAIL_OTP`", + "title": "EnabledMfas", + "type": "array" + }, + "LambdaConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.LambdaConfig", + "markdownDescription": "A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.", + "title": "LambdaConfig" + }, + "MfaConfiguration": { + "markdownDescription": "Displays the state of multi-factor authentication (MFA) as on, off, or optional. When `ON` , all users must set up MFA before they can sign in. When `OPTIONAL` , your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose `OPTIONAL` .\n\nWhen `MfaConfiguration` is `OPTIONAL` , managed login doesn't automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.", + "title": "MfaConfiguration", + "type": "string" + }, + "Policies": { + "$ref": "#/definitions/AWS::Cognito::UserPool.Policies", + "markdownDescription": "A list of user pool policies. Contains the policy that sets password-complexity requirements.", + "title": "Policies" + }, + "Schema": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPool.SchemaAttribute" + }, + "markdownDescription": "An array of attributes for the new user pool. You can add custom attributes and modify the properties of default attributes. The specifications in this parameter set the required attributes in your user pool. For more information, see [Working with user attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) .", + "title": "Schema", + "type": "array" + }, + "SmsAuthenticationMessage": { + "markdownDescription": "The contents of the SMS authentication message.", + "title": "SmsAuthenticationMessage", + "type": "string" + }, + "SmsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.SmsConfiguration", + "markdownDescription": "The settings for your Amazon Cognito user pool to send SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . For more information see [SMS message settings](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", + "title": "SmsConfiguration" + }, + "SmsVerificationMessage": { + "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html) .", + "title": "SmsVerificationMessage", + "type": "string" + }, + "UserAttributeUpdateSettings": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UserAttributeUpdateSettings", + "markdownDescription": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) .", + "title": "UserAttributeUpdateSettings" + }, + "UserPoolAddOns": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UserPoolAddOns", + "markdownDescription": "Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to potentially unwanted traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .", + "title": "UserPoolAddOns" + }, + "UserPoolName": { + "markdownDescription": "A friendly name for your user pool.", + "title": "UserPoolName", + "type": "string" + }, + "UserPoolTags": { + "additionalProperties": true, + "markdownDescription": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserPoolTags", + "type": "object" + }, + "UserPoolTier": { + "markdownDescription": "The user pool [feature plan](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-sign-in-feature-plans.html) , or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to `ESSENTIALS` .", + "title": "UserPoolTier", + "type": "string" + }, + "UsernameAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies whether a user can use an email address or phone number as a username when they sign up.", + "title": "UsernameAttributes", + "type": "array" + }, + "UsernameConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPool.UsernameConfiguration", + "markdownDescription": "Sets the case sensitivity option for sign-in usernames. When `CaseSensitive` is `false` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `false` as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.\n\nWhen `CaseSensitive` is `true` (case sensitive), Amazon Cognito interprets `USERNAME` and `UserName` as distinct users.\n\nThis configuration is immutable after you set it.", + "title": "UsernameConfiguration" + }, + "VerificationMessageTemplate": { + "$ref": "#/definitions/AWS::Cognito::UserPool.VerificationMessageTemplate", + "markdownDescription": "The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.\n\nSet the email message type that corresponds to your `DefaultEmailOption` selection. For `CONFIRM_WITH_LINK` , specify an `EmailMessageByLink` and leave `EmailMessage` blank. For `CONFIRM_WITH_CODE` , specify an `EmailMessage` and leave `EmailMessageByLink` blank. When you supply both parameters with either choice, Amazon Cognito returns an error.", + "title": "VerificationMessageTemplate" + }, + "WebAuthnRelyingPartyID": { + "markdownDescription": "Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.\n\nUnder the following conditions, the passkey relying party ID must be the fully-qualified domain name of your custom domain:\n\n- The user pool is configured for passkey authentication.\n- The user pool has a custom domain, whether or not it also has a prefix domain.\n- Your application performs authentication with managed login or the classic hosted UI.", + "title": "WebAuthnRelyingPartyID", + "type": "string" + }, + "WebAuthnUserVerification": { + "markdownDescription": "When `required` , users can only register and sign in users with passkeys that are capable of [user verification](https://docs.aws.amazon.com/https://www.w3.org/TR/webauthn-2/#enum-userVerificationRequirement) . When `preferred` , your user pool doesn't require the use of authenticators with user verification but encourages it.", + "title": "WebAuthnUserVerification", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Cognito::UserPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Enabled" + "Type" ], "type": "object" }, - "AWS::CustomerProfiles::Domain.ConflictResolution": { + "AWS::Cognito::UserPool.AccountRecoverySetting": { "additionalProperties": false, "properties": { - "ConflictResolvingModel": { - "markdownDescription": "How the auto-merging process should resolve conflicts between different profiles.", - "title": "ConflictResolvingModel", + "RecoveryMechanisms": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPool.RecoveryOption" + }, + "markdownDescription": "The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators.", + "title": "RecoveryMechanisms", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.AdminCreateUserConfig": { + "additionalProperties": false, + "properties": { + "AllowAdminCreateUserOnly": { + "markdownDescription": "The setting for allowing self-service sign-up. When `true` , only administrators can create new user profiles. When `false` , users can register themselves and create a new user profile with the `SignUp` operation.", + "title": "AllowAdminCreateUserOnly", + "type": "boolean" + }, + "InviteMessageTemplate": { + "$ref": "#/definitions/AWS::Cognito::UserPool.InviteMessageTemplate", + "markdownDescription": "The template for the welcome message to new users. This template must include the `{####}` temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder.\n\nSee also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .", + "title": "InviteMessageTemplate" + }, + "UnusedAccountValidityDays": { + "markdownDescription": "This parameter is no longer in use.\n\nThe password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `RESEND` for the `MessageAction` parameter.\n\nThe default value for this parameter is 7.", + "title": "UnusedAccountValidityDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.AdvancedSecurityAdditionalFlows": { + "additionalProperties": false, + "properties": { + "CustomAuthMode": { + "markdownDescription": "The operating mode of threat protection in custom authentication with [Custom authentication challenge Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "CustomAuthMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.CustomEmailSender": { + "additionalProperties": false, + "properties": { + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", + "title": "LambdaArn", "type": "string" }, - "SourceName": { - "markdownDescription": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel` .", - "title": "SourceName", + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", + "title": "LambdaVersion", "type": "string" } }, - "required": [ - "ConflictResolvingModel" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.Consolidation": { + "AWS::Cognito::UserPool.CustomSMSSender": { "additionalProperties": false, "properties": { - "MatchingAttributesList": { - "markdownDescription": "A list of matching criteria.", - "title": "MatchingAttributesList", - "type": "object" + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.", + "title": "LambdaArn", + "type": "string" + }, + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.\n\nYou must use a `LambdaVersion` of `V1_0` with a custom sender function.", + "title": "LambdaVersion", + "type": "string" } }, - "required": [ - "MatchingAttributesList" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.DomainStats": { + "AWS::Cognito::UserPool.DeviceConfiguration": { "additionalProperties": false, "properties": { - "MeteringProfileCount": { - "markdownDescription": "The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on.", - "title": "MeteringProfileCount", - "type": "number" + "ChallengeRequiredOnNewDevice": { + "markdownDescription": "When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).\n\n> Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.", + "title": "ChallengeRequiredOnNewDevice", + "type": "boolean" }, - "ObjectCount": { - "markdownDescription": "The total number of objects in domain.", - "title": "ObjectCount", + "DeviceOnlyRememberedOnUserPrompt": { + "markdownDescription": "When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a `ConfirmDevice` API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an `UpdateDeviceStatus` API request.\n\nWhen `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request.", + "title": "DeviceOnlyRememberedOnUserPrompt", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.EmailConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationSet": { + "markdownDescription": "The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:\n\n- **Event publishing** - Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as and Amazon CloudWatch\n- **IP pool management** - When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.", + "title": "ConfigurationSet", + "type": "string" + }, + "EmailSendingAccount": { + "markdownDescription": "Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:\n\n- **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.\n\nTo look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* .\n\nThe default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.\n- **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .\n\nIf you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.\n\nBefore Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* .", + "title": "EmailSendingAccount", + "type": "string" + }, + "From": { + "markdownDescription": "Either the sender\u2019s email address or the sender\u2019s name with their email address. For example, `testuser@example.com` or `Test User ` . This address appears before the body of the email.", + "title": "From", + "type": "string" + }, + "ReplyToEmailAddress": { + "markdownDescription": "The destination to which the receiver of the email should reply.", + "title": "ReplyToEmailAddress", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:\n\n- If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.\n- If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.\n\nThe Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) .", + "title": "SourceArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.InviteMessageTemplate": { + "additionalProperties": false, + "properties": { + "EmailMessage": { + "markdownDescription": "The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", + "title": "EmailMessage", + "type": "string" + }, + "EmailSubject": { + "markdownDescription": "The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", + "title": "EmailSubject", + "type": "string" + }, + "SMSMessage": { + "markdownDescription": "The message template for SMS messages.", + "title": "SMSMessage", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.LambdaConfig": { + "additionalProperties": false, + "properties": { + "CreateAuthChallenge": { + "markdownDescription": "The configuration of a create auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "CreateAuthChallenge", + "type": "string" + }, + "CustomEmailSender": { + "$ref": "#/definitions/AWS::Cognito::UserPool.CustomEmailSender", + "markdownDescription": "The configuration of a custom email sender Lambda trigger. This trigger routes all email notifications from a user pool to a Lambda function that delivers the message using custom logic.", + "title": "CustomEmailSender" + }, + "CustomMessage": { + "markdownDescription": "A custom message Lambda trigger. This trigger is an opportunity to customize all SMS and email messages from your user pool. When a custom message trigger is active, your user pool routes all messages to a Lambda function that returns a runtime-customized message subject and body for your user pool to deliver to a user.", + "title": "CustomMessage", + "type": "string" + }, + "CustomSMSSender": { + "$ref": "#/definitions/AWS::Cognito::UserPool.CustomSMSSender", + "markdownDescription": "The configuration of a custom SMS sender Lambda trigger. This trigger routes all SMS notifications from a user pool to a Lambda function that delivers the message using custom logic.", + "title": "CustomSMSSender" + }, + "DefineAuthChallenge": { + "markdownDescription": "The configuration of a define auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "DefineAuthChallenge", + "type": "string" + }, + "KMSKeyID": { + "markdownDescription": "The ARN of an [KMS key](https://docs.aws.amazon.com//kms/latest/developerguide/concepts.html#master_keys) . Amazon Cognito uses the key to encrypt codes and temporary passwords sent to custom sender Lambda triggers.", + "title": "KMSKeyID", + "type": "string" + }, + "PostAuthentication": { + "markdownDescription": "The configuration of a [post authentication Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html) in a user pool. This trigger can take custom actions after a user signs in.", + "title": "PostAuthentication", + "type": "string" + }, + "PostConfirmation": { + "markdownDescription": "The configuration of a [post confirmation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html) in a user pool. This trigger can take custom actions after a user confirms their user account and their email address or phone number.", + "title": "PostConfirmation", + "type": "string" + }, + "PreAuthentication": { + "markdownDescription": "The configuration of a [pre authentication trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html) in a user pool. This trigger can evaluate and modify user sign-in events.", + "title": "PreAuthentication", + "type": "string" + }, + "PreSignUp": { + "markdownDescription": "The configuration of a [pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) in a user pool. This trigger evaluates new users and can bypass confirmation, [link a federated user profile](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html) , or block sign-up requests.", + "title": "PreSignUp", + "type": "string" + }, + "PreTokenGeneration": { + "markdownDescription": "The legacy configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool.\n\nSet this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` .", + "title": "PreTokenGeneration", + "type": "string" + }, + "PreTokenGenerationConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPool.PreTokenGenerationConfig", + "markdownDescription": "The detailed configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` .", + "title": "PreTokenGenerationConfig" + }, + "UserMigration": { + "markdownDescription": "The configuration of a [migrate user Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html) in a user pool. This trigger can create user profiles when users sign in or attempt to reset their password with credentials that don't exist yet.", + "title": "UserMigration", + "type": "string" + }, + "VerifyAuthChallengeResponse": { + "markdownDescription": "The configuration of a verify auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) .", + "title": "VerifyAuthChallengeResponse", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.NumberAttributeConstraints": { + "additionalProperties": false, + "properties": { + "MaxValue": { + "markdownDescription": "The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", + "title": "MaxValue", + "type": "string" + }, + "MinValue": { + "markdownDescription": "The minimum value of an attribute that is of the number data type.", + "title": "MinValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.PasswordPolicy": { + "additionalProperties": false, + "properties": { + "MinimumLength": { + "markdownDescription": "The minimum length of the password in the policy that you have set. This value can't be less than 6.", + "title": "MinimumLength", "type": "number" }, - "ProfileCount": { - "markdownDescription": "The total number of profiles currently in the domain.", - "title": "ProfileCount", + "PasswordHistorySize": { + "markdownDescription": "The number of previous passwords that you want Amazon Cognito to restrict each user from reusing. Users can't set a password that matches any of `n` previous passwords, where `n` is the value of `PasswordHistorySize` .", + "title": "PasswordHistorySize", "type": "number" }, - "TotalSize": { - "markdownDescription": "The total size, in bytes, of all objects in the domain.", - "title": "TotalSize", + "RequireLowercase": { + "markdownDescription": "The requirement in a password policy that users must include at least one lowercase letter in their password.", + "title": "RequireLowercase", + "type": "boolean" + }, + "RequireNumbers": { + "markdownDescription": "The requirement in a password policy that users must include at least one number in their password.", + "title": "RequireNumbers", + "type": "boolean" + }, + "RequireSymbols": { + "markdownDescription": "The requirement in a password policy that users must include at least one symbol in their password.", + "title": "RequireSymbols", + "type": "boolean" + }, + "RequireUppercase": { + "markdownDescription": "The requirement in a password policy that users must include at least one uppercase letter in their password.", + "title": "RequireUppercase", + "type": "boolean" + }, + "TemporaryPasswordValidityDays": { + "markdownDescription": "The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value.\n\n> When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool.", + "title": "TemporaryPasswordValidityDays", "type": "number" } }, "type": "object" }, - "AWS::CustomerProfiles::Domain.ExportingConfig": { + "AWS::Cognito::UserPool.Policies": { "additionalProperties": false, "properties": { - "S3Exporting": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.S3ExportingConfig", - "markdownDescription": "", - "title": "S3Exporting" + "PasswordPolicy": { + "$ref": "#/definitions/AWS::Cognito::UserPool.PasswordPolicy", + "markdownDescription": "The password policy settings for a user pool, including complexity, history, and length requirements.", + "title": "PasswordPolicy" + }, + "SignInPolicy": { + "$ref": "#/definitions/AWS::Cognito::UserPool.SignInPolicy", + "markdownDescription": "The policy for allowed types of authentication in a user pool. To activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.", + "title": "SignInPolicy" } }, "type": "object" }, - "AWS::CustomerProfiles::Domain.JobSchedule": { + "AWS::Cognito::UserPool.PreTokenGenerationConfig": { "additionalProperties": false, "properties": { - "DayOfTheWeek": { - "markdownDescription": "The day when the Identity Resolution Job should run every week.", - "title": "DayOfTheWeek", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nThis parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` .", + "title": "LambdaArn", "type": "string" }, - "Time": { - "markdownDescription": "The time when the Identity Resolution Job should run every week.", - "title": "Time", + "LambdaVersion": { + "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.", + "title": "LambdaVersion", "type": "string" } }, - "required": [ - "DayOfTheWeek", - "Time" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.Matching": { + "AWS::Cognito::UserPool.RecoveryOption": { "additionalProperties": false, "properties": { - "AutoMerging": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AutoMerging", - "markdownDescription": "Configuration information about the auto-merging process.", - "title": "AutoMerging" + "Name": { + "markdownDescription": "The recovery method that this object sets a recovery option for.", + "title": "Name", + "type": "string" }, - "Enabled": { - "markdownDescription": "The flag that enables the matching process of duplicate profiles.", - "title": "Enabled", + "Priority": { + "markdownDescription": "Your priority preference for using the specified attribute in account recovery. The highest priority is `1` .", + "title": "Priority", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.SchemaAttribute": { + "additionalProperties": false, + "properties": { + "AttributeDataType": { + "markdownDescription": "The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `\"custom:isMember\" : \"true\"` or `\"custom:YearsAsMember\" : \"12\"` .", + "title": "AttributeDataType", + "type": "string" + }, + "DeveloperOnlyAttribute": { + "markdownDescription": "> You should use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . \n\nSpecifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access token. For example, `DeveloperOnlyAttribute` can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.", + "title": "DeveloperOnlyAttribute", "type": "boolean" }, - "ExportingConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", - "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", - "title": "ExportingConfig" + "Mutable": { + "markdownDescription": "Specifies whether the value of the attribute can be changed.\n\nAny user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", + "title": "Mutable", + "type": "boolean" }, - "JobSchedule": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.JobSchedule", - "markdownDescription": "The day and time when do you want to start the Identity Resolution Job every week.", - "title": "JobSchedule" + "Name": { + "markdownDescription": "The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes..", + "title": "Name", + "type": "string" + }, + "NumberAttributeConstraints": { + "$ref": "#/definitions/AWS::Cognito::UserPool.NumberAttributeConstraints", + "markdownDescription": "Specifies the constraints for an attribute of the number type.", + "title": "NumberAttributeConstraints" + }, + "Required": { + "markdownDescription": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.", + "title": "Required", + "type": "boolean" + }, + "StringAttributeConstraints": { + "$ref": "#/definitions/AWS::Cognito::UserPool.StringAttributeConstraints", + "markdownDescription": "Specifies the constraints for an attribute of the string type.", + "title": "StringAttributeConstraints" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.MatchingRule": { + "AWS::Cognito::UserPool.SignInPolicy": { "additionalProperties": false, "properties": { - "Rule": { + "AllowedFirstAuthFactors": { "items": { "type": "string" }, - "markdownDescription": "A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles.", - "title": "Rule", + "markdownDescription": "The sign-in methods that a user pool supports as the first factor. You can permit users to start authentication with a standard username and password, or with other one-time password and hardware factors.\n\nSupports values of `EMAIL_OTP` , `SMS_OTP` , `WEB_AUTHN` and `PASSWORD` ,", + "title": "AllowedFirstAuthFactors", "type": "array" } }, - "required": [ - "Rule" - ], "type": "object" }, - "AWS::CustomerProfiles::Domain.RuleBasedMatching": { + "AWS::Cognito::UserPool.SmsConfiguration": { "additionalProperties": false, "properties": { - "AttributeTypesSelector": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AttributeTypesSelector", - "markdownDescription": "Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles.", - "title": "AttributeTypesSelector" - }, - "ConflictResolution": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", - "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", - "title": "ConflictResolution" + "ExternalId": { + "markdownDescription": "The external ID provides additional security for your IAM role. You can use an `ExternalId` with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the `ExternalID` . If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the `ExternalId` .\n\nFor more information about the `ExternalId` of a role, see [How to use an external ID when granting access to your AWS resources to a third party](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) .", + "title": "ExternalId", + "type": "string" }, - "Enabled": { - "markdownDescription": "The flag that enables the matching process of duplicate profiles.", - "title": "Enabled", - "type": "boolean" + "SnsCallerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) .", + "title": "SnsCallerArn", + "type": "string" }, - "ExportingConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", - "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", - "title": "ExportingConfig" + "SnsRegion": { + "markdownDescription": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* .\n\nAmazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", + "title": "SnsRegion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.StringAttributeConstraints": { + "additionalProperties": false, + "properties": { + "MaxLength": { + "markdownDescription": "The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", + "title": "MaxLength", + "type": "string" }, - "MatchingRules": { + "MinLength": { + "markdownDescription": "The minimum length of a string attribute value.", + "title": "MinLength", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.UserAttributeUpdateSettings": { + "additionalProperties": false, + "properties": { + "AttributesRequireVerificationBeforeUpdate": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Domain.MatchingRule" + "type": "string" }, - "markdownDescription": "Configures how the rule-based matching process should match profiles. You can have up to 15 `MatchingRule` in the `MatchingRules` .", - "title": "MatchingRules", + "markdownDescription": "Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn\u2019t change the value of the attribute until your user responds to the verification message and confirms the new value.\n\nWhen `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user\u2019s `email` or `phone_number` attribute.", + "title": "AttributesRequireVerificationBeforeUpdate", "type": "array" - }, - "MaxAllowedRuleLevelForMatching": { - "markdownDescription": "Indicates the maximum allowed rule level for matching.", - "title": "MaxAllowedRuleLevelForMatching", - "type": "number" - }, - "MaxAllowedRuleLevelForMerging": { - "markdownDescription": "Indicates the maximum allowed rule level for merging.", - "title": "MaxAllowedRuleLevelForMerging", - "type": "number" - }, - "Status": { - "markdownDescription": "The status of rule-based matching rule.", - "title": "Status", - "type": "string" } }, "required": [ - "Enabled" + "AttributesRequireVerificationBeforeUpdate" ], "type": "object" }, - "AWS::CustomerProfiles::Domain.S3ExportingConfig": { + "AWS::Cognito::UserPool.UserPoolAddOns": { "additionalProperties": false, "properties": { - "S3BucketName": { - "markdownDescription": "The name of the S3 bucket where Identity Resolution Jobs write result files.", - "title": "S3BucketName", + "AdvancedSecurityAdditionalFlows": { + "$ref": "#/definitions/AWS::Cognito::UserPool.AdvancedSecurityAdditionalFlows", + "markdownDescription": "Threat protection configuration options for additional authentication types in your user pool, including custom authentication.", + "title": "AdvancedSecurityAdditionalFlows" + }, + "AdvancedSecurityMode": { + "markdownDescription": "The operating mode of threat protection for standard authentication types in your user pool, including username-password and secure remote password (SRP) authentication.", + "title": "AdvancedSecurityMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.UsernameConfiguration": { + "additionalProperties": false, + "properties": { + "CaseSensitive": { + "markdownDescription": "Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.\n\nValid values include:\n\n- **true** - Enables case sensitivity for all username input. When this option is set to `true` , users must sign in using the exact capitalization of their given username, such as \u201cUserName\u201d. This is the default value.\n- **false** - Enables case insensitivity for all username input. For example, when this option is set to `false` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute.", + "title": "CaseSensitive", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPool.VerificationMessageTemplate": { + "additionalProperties": false, + "properties": { + "DefaultEmailOption": { + "markdownDescription": "The configuration of verification emails to contain a clickable link or a verification code.\n\nFor link, your template body must contain link text in the format `{##Click here##}` . \"Click here\" in the example is a customizable string. For code, your template body must contain a code placeholder in the format `{####}` .", + "title": "DefaultEmailOption", "type": "string" }, - "S3KeyName": { - "markdownDescription": "The S3 key name of the location where Identity Resolution Jobs write result files.", - "title": "S3KeyName", + "EmailMessage": { + "markdownDescription": "The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailMessage", + "type": "string" + }, + "EmailMessageByLink": { + "markdownDescription": "The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailMessageByLink", + "type": "string" + }, + "EmailSubject": { + "markdownDescription": "The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailSubject", + "type": "string" + }, + "EmailSubjectByLink": { + "markdownDescription": "The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", + "title": "EmailSubjectByLink", + "type": "string" + }, + "SmsMessage": { + "markdownDescription": "The template for SMS messages that Amazon Cognito sends to your users.", + "title": "SmsMessage", "type": "string" } }, - "required": [ - "S3BucketName" - ], "type": "object" }, - "AWS::CustomerProfiles::EventStream": { + "AWS::Cognito::UserPoolClient": { "additionalProperties": false, "properties": { "Condition": { @@ -54268,40 +60809,154 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", + "AccessTokenValidity": { + "markdownDescription": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with\ntheir access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your access\ntokens are valid for one hour.", + "title": "AccessTokenValidity", + "type": "number" + }, + "AllowedOAuthFlows": { + "items": { + "type": "string" + }, + "markdownDescription": "The OAuth grant types that you want your app client to generate for clients in managed login authentication. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token, and the ID token when scopes like `openid` and `profile` are requested, directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user, authorized by a combination of the client ID and client secret.", + "title": "AllowedOAuthFlows", + "type": "array" + }, + "AllowedOAuthFlowsUserPoolClient": { + "markdownDescription": "Set to `true` to use OAuth 2.0 authorization server features in your app client.\n\nThis parameter must have a value of `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use authorization server features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` . When `false` , only SDK-based API sign-in is permitted.", + "title": "AllowedOAuthFlowsUserPoolClient", + "type": "boolean" + }, + "AllowedOAuthScopes": { + "items": { + "type": "string" + }, + "markdownDescription": "The OAuth, OpenID Connect (OIDC), and custom scopes that you want to permit your app client to authorize access with. Scopes govern access control to user pool self-service API operations, user data from the `userInfo` endpoint, and third-party APIs. Scope values include `phone` , `email` , `openid` , and `profile` . The `aws.cognito.signin.user.admin` scope authorizes user self-service operations. Custom scopes with resource servers authorize access to external APIs.", + "title": "AllowedOAuthScopes", + "type": "array" + }, + "AnalyticsConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.AnalyticsConfiguration", + "markdownDescription": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\nIn AWS Regions where Amazon Pinpoint isn't available, user pools might not have access to analytics or might be configurable with campaigns in the US East (N. Virginia) Region. For more information, see [Using Amazon Pinpoint analytics](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html) .", + "title": "AnalyticsConfiguration" + }, + "AuthSessionValidity": { + "markdownDescription": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.", + "title": "AuthSessionValidity", + "type": "number" + }, + "CallbackURLs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed redirect, or callback, URLs for managed login authentication. These URLs are the paths where you want to send your users' browsers after they complete authentication with managed login or a third-party IdP. Typically, callback URLs are the home of an application that uses OAuth or OIDC libraries to process authentication outcomes.\n\nA redirect URI must meet the following requirements:\n\n- Be an absolute URI.\n- Be registered with the authorization server. Amazon Cognito doesn't accept authorization requests with `redirect_uri` values that aren't in the list of `CallbackURLs` that you provide in this parameter.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported.", + "title": "CallbackURLs", + "type": "array" + }, + "ClientName": { + "markdownDescription": "A friendly name for the app client that you want to create.", + "title": "ClientName", "type": "string" }, - "EventStreamName": { - "markdownDescription": "The name of the event stream.", - "title": "EventStreamName", + "DefaultRedirectURI": { + "markdownDescription": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.", + "title": "DefaultRedirectURI", "type": "string" }, - "Tags": { + "EnablePropagateAdditionalUserContextData": { + "markdownDescription": "When `true` , your application can include additional `UserContextData` in authentication requests. This data includes the IP address, and contributes to analysis by threat protection features. For more information about propagation of user context data, see [Adding session data to API requests](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint) . If you don\u2019t include this parameter, you can't send the source IP address to Amazon Cognito threat protection features. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret.", + "title": "EnablePropagateAdditionalUserContextData", + "type": "boolean" + }, + "EnableTokenRevocation": { + "markdownDescription": "Activates or deactivates token revocation.\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.", + "title": "EnableTokenRevocation", + "type": "boolean" + }, + "ExplicitAuthFlows": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "The [authentication flows](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html) that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n> If you don't specify a value for `ExplicitAuthFlows` , your app client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nThe values for authentication flow options include the following.\n\n- `ALLOW_USER_AUTH` : Enable selection-based sign-in with `USER_AUTH` . This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other `ExplicitAuthFlows` permitting them. For example users can complete an SRP challenge through `USER_AUTH` without the flow `USER_SRP_AUTH` being active for the app client. This flow doesn't include `CUSTOM_AUTH` .\n\nTo activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` .", + "title": "ExplicitAuthFlows", "type": "array" }, - "Uri": { - "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", - "title": "Uri", + "GenerateSecret": { + "markdownDescription": "When `true` , generates a client secret for the app client. Client secrets are used with server-side and machine-to-machine applications. Client secrets are automatically generated; you can't specify a secret value. For more information, see [App client types](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#user-pool-settings-client-app-client-types) .", + "title": "GenerateSecret", + "type": "boolean" + }, + "IdTokenValidity": { + "markdownDescription": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your ID\ntokens are valid for one hour.", + "title": "IdTokenValidity", + "type": "number" + }, + "LogoutURLs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed logout URLs for managed login authentication. When you pass `logout_uri` and `client_id` parameters to `/logout` , Amazon Cognito signs out your user and redirects them to the logout URL. This parameter describes the URLs that you want to be the permitted targets of `logout_uri` . A typical use of these URLs is when a user selects \"Sign out\" and you redirect them to your public homepage. For more information, see [Logout endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html) .", + "title": "LogoutURLs", + "type": "array" + }, + "PreventUserExistenceErrors": { + "markdownDescription": "Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user pool. When set to `ENABLED` and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs return a `UserNotFoundException` exception if the user doesn't exist in the user pool.\n\nValid values include:\n\n- `ENABLED` - This prevents user existence-related errors.\n- `LEGACY` - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.\n\nDefaults to `LEGACY` when you don't provide a value.", + "title": "PreventUserExistenceErrors", + "type": "string" + }, + "ReadAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user attributes that you want your app client to have read access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool app client has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes.", + "title": "ReadAttributes", + "type": "array" + }, + "RefreshTokenRotation": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.RefreshTokenRotation", + "markdownDescription": "The configuration of your app client for refresh token rotation. When enabled, your app client issues new ID, access, and refresh tokens when users renew their sessions with refresh tokens. When disabled, token refresh issues only ID and access tokens.", + "title": "RefreshTokenRotation" + }, + "RefreshTokenValidity": { + "markdownDescription": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session\nand retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. *Valid range* is displayed below in seconds.\n\nIf you don't specify otherwise in the configuration of your app client, your refresh\ntokens are valid for 30 days.", + "title": "RefreshTokenValidity", + "type": "number" + }, + "SupportedIdentityProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` .\n\nThis parameter sets the IdPs that [managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) will display on the login page for your app client. The removal of `COGNITO` from this list doesn't prevent authentication operations for local users with the user pools API in an AWS SDK. The only way to prevent SDK-based authentication is to block access with a [AWS WAF rule](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html) .", + "title": "SupportedIdentityProviders", + "type": "array" + }, + "TokenValidityUnits": { + "$ref": "#/definitions/AWS::Cognito::UserPoolClient.TokenValidityUnits", + "markdownDescription": "The units that validity times are represented in. The default unit for refresh tokens is days, and the default for ID and access tokens are hours.", + "title": "TokenValidityUnits" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create an app client.", + "title": "UserPoolId", "type": "string" + }, + "WriteAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", + "title": "WriteAttributes", + "type": "array" } }, "required": [ - "DomainName", - "EventStreamName", - "Uri" + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::EventStream" + "AWS::Cognito::UserPoolClient" ], "type": "string" }, @@ -54320,27 +60975,75 @@ ], "type": "object" }, - "AWS::CustomerProfiles::EventStream.DestinationDetails": { + "AWS::Cognito::UserPoolClient.AnalyticsConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of enabling the Kinesis stream as a destination for export.", - "title": "Status", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project that you want to connect to your user pool app client. Amazon Cognito publishes events to the Amazon Pinpoint project that `ApplicationArn` declares. You can also configure your application to pass an endpoint ID in the `AnalyticsMetadata` parameter of sign-in operations. The endpoint ID is information about the destination for push notifications", + "title": "ApplicationArn", "type": "string" }, - "Uri": { - "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", - "title": "Uri", + "ApplicationId": { + "markdownDescription": "Your Amazon Pinpoint project ID.", + "title": "ApplicationId", "type": "string" + }, + "ExternalId": { + "markdownDescription": "The [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) of the role that Amazon Cognito assumes to send analytics data to Amazon Pinpoint.", + "title": "ExternalId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an AWS Identity and Access Management role that has the permissions required for Amazon Cognito to publish events to Amazon Pinpoint analytics.", + "title": "RoleArn", + "type": "string" + }, + "UserDataShared": { + "markdownDescription": "If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics.", + "title": "UserDataShared", + "type": "boolean" } }, - "required": [ - "Status", - "Uri" - ], "type": "object" }, - "AWS::CustomerProfiles::Integration": { + "AWS::Cognito::UserPoolClient.RefreshTokenRotation": { + "additionalProperties": false, + "properties": { + "Feature": { + "markdownDescription": "The state of refresh token rotation for the current app client.", + "title": "Feature", + "type": "string" + }, + "RetryGracePeriodSeconds": { + "markdownDescription": "When you request a token refresh with `GetTokensFromRefreshToken` , the original refresh token that you're rotating out can remain valid for a period of time of up to 60 seconds. This allows for client-side retries. When `RetryGracePeriodSeconds` is `0` , the grace period is disabled and a successful request immediately invalidates the submitted refresh token.", + "title": "RetryGracePeriodSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPoolClient.TokenValidityUnits": { + "additionalProperties": false, + "properties": { + "AccessToken": { + "markdownDescription": "A time unit for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is `hours` . `AccessTokenValidity` duration can range from five minutes to one day.", + "title": "AccessToken", + "type": "string" + }, + "IdToken": { + "markdownDescription": "A time unit for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is `hours` . `IdTokenValidity` duration can range from five minutes to one day.", + "title": "IdToken", + "type": "string" + }, + "RefreshToken": { + "markdownDescription": "A time unit for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is `days` . `RefreshTokenValidity` duration can range from 60 minutes to 10 years.", + "title": "RefreshToken", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPoolDomain": { "additionalProperties": false, "properties": { "Condition": { @@ -54375,51 +61078,36 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" - }, - "FlowDefinition": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.FlowDefinition", - "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", - "title": "FlowDefinition" + "CustomDomainConfig": { + "$ref": "#/definitions/AWS::Cognito::UserPoolDomain.CustomDomainConfigType", + "markdownDescription": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.\n\nWhen you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain.", + "title": "CustomDomainConfig" }, - "ObjectTypeName": { - "markdownDescription": "The name of the profile object type mapping to use.", - "title": "ObjectTypeName", + "Domain": { + "markdownDescription": "The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` .", + "title": "Domain", "type": "string" }, - "ObjectTypeNames": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ObjectTypeMapping" - }, - "markdownDescription": "The object type mapping.", - "title": "ObjectTypeNames", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" + "ManagedLoginVersion": { + "markdownDescription": "A version number that indicates the state of managed login for your domain. Version `1` is hosted UI (classic). Version `2` is the newer managed login with the branding editor. For more information, see [Managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) .", + "title": "ManagedLoginVersion", + "type": "number" }, - "Uri": { - "markdownDescription": "The URI of the S3 bucket or any other type of data source.", - "title": "Uri", + "UserPoolId": { + "markdownDescription": "The ID of the user pool that is associated with the domain you're updating.", + "title": "UserPoolId", "type": "string" } }, "required": [ - "DomainName" + "Domain", + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::Integration" + "AWS::Cognito::UserPoolDomain" ], "type": "string" }, @@ -54438,396 +61126,322 @@ ], "type": "object" }, - "AWS::CustomerProfiles::Integration.ConnectorOperator": { + "AWS::Cognito::UserPoolDomain.CustomDomainConfigType": { "additionalProperties": false, "properties": { - "Marketo": { - "markdownDescription": "The operation to be performed on the provided Marketo source fields.", - "title": "Marketo", - "type": "string" - }, - "S3": { - "markdownDescription": "The operation to be performed on the provided Amazon S3 source fields.", - "title": "S3", - "type": "string" - }, - "Salesforce": { - "markdownDescription": "The operation to be performed on the provided Salesforce source fields.", - "title": "Salesforce", - "type": "string" - }, - "ServiceNow": { - "markdownDescription": "The operation to be performed on the provided ServiceNow source fields.", - "title": "ServiceNow", - "type": "string" - }, - "Zendesk": { - "markdownDescription": "The operation to be performed on the provided Zendesk source fields.", - "title": "Zendesk", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.", + "title": "CertificateArn", "type": "string" } }, "type": "object" }, - "AWS::CustomerProfiles::Integration.FlowDefinition": { + "AWS::Cognito::UserPoolGroup": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the flow you want to create.", - "title": "Description", + "Condition": { "type": "string" }, - "FlowName": { - "markdownDescription": "The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed.", - "title": "FlowName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "KmsArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption.", - "title": "KmsArn", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFlowConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceFlowConfig", - "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", - "title": "SourceFlowConfig" + "Metadata": { + "type": "object" }, - "Tasks": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.Task" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the group that you're creating.", + "title": "Description", + "type": "string" + }, + "GroupName": { + "markdownDescription": "A name for the group. This name must be unique in your user pool.", + "title": "GroupName", + "type": "string" + }, + "Precedence": { + "markdownDescription": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` .", + "title": "Precedence", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a `cognito:preferred_role` claim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain a `cognito:groups` claim that list all the groups that a user is a member of.", + "title": "RoleArn", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a user group.", + "title": "UserPoolId", + "type": "string" + } }, - "markdownDescription": "A list of tasks that Customer Profiles performs while transferring the data in the flow run.", - "title": "Tasks", - "type": "array" + "required": [ + "UserPoolId" + ], + "type": "object" }, - "TriggerConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerConfig", - "markdownDescription": "The trigger settings that determine how and when the flow runs.", - "title": "TriggerConfig" - } - }, - "required": [ - "FlowName", - "KmsArn", - "SourceFlowConfig", - "Tasks", - "TriggerConfig" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Integration.IncrementalPullConfig": { - "additionalProperties": false, - "properties": { - "DatetimeTypeFieldName": { - "markdownDescription": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.", - "title": "DatetimeTypeFieldName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::CustomerProfiles::Integration.MarketoSourceProperties": { - "additionalProperties": false, - "properties": { - "Object": { - "markdownDescription": "The object specified in the Marketo flow source.", - "title": "Object", - "type": "string" - } - }, - "required": [ - "Object" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Integration.ObjectTypeMapping": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key.", - "title": "Key", + "Type": { + "enum": [ + "AWS::Cognito::UserPoolGroup" + ], "type": "string" }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::CustomerProfiles::Integration.S3SourceProperties": { + "AWS::Cognito::UserPoolIdentityProvider": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket name where the source files are stored.", - "title": "BucketName", + "Condition": { "type": "string" }, - "BucketPrefix": { - "markdownDescription": "The object key for the Amazon S3 bucket in which the source files are stored.", - "title": "BucketPrefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "BucketName" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Integration.SalesforceSourceProperties": { - "additionalProperties": false, - "properties": { - "EnableDynamicFieldUpdate": { - "markdownDescription": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.", - "title": "EnableDynamicFieldUpdate", - "type": "boolean" }, - "IncludeDeletedRecords": { - "markdownDescription": "Indicates whether Amazon AppFlow includes deleted files in the flow run.", - "title": "IncludeDeletedRecords", - "type": "boolean" - }, - "Object": { - "markdownDescription": "The object specified in the Salesforce flow source.", - "title": "Object", - "type": "string" - } - }, - "required": [ - "Object" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Integration.ScheduledTriggerProperties": { - "additionalProperties": false, - "properties": { - "DataPullMode": { - "markdownDescription": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.", - "title": "DataPullMode", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FirstExecutionFrom": { - "markdownDescription": "Specifies the date range for the records to import from the connector in the first flow run.", - "title": "FirstExecutionFrom", - "type": "number" + "Metadata": { + "type": "object" }, - "ScheduleEndTime": { - "markdownDescription": "Specifies the scheduled end time for a scheduled-trigger flow.", - "title": "ScheduleEndTime", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "AttributeMapping": { + "additionalProperties": true, + "markdownDescription": "A mapping of IdP attributes to standard and custom user pool attributes. Specify a user pool attribute as the key of the key-value pair, and the IdP attribute claim name as the value.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AttributeMapping", + "type": "object" + }, + "IdpIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of IdP identifiers, for example `\"IdPIdentifiers\": [ \"MyIdP\", \"MyIdP2\" ]` . Identifiers are friendly names that you can pass in the `idp_identifier` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP. Identifiers in a domain format also enable the use of [email-address matching with SAML providers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managing-saml-idp-naming.html) .", + "title": "IdpIdentifiers", + "type": "array" + }, + "ProviderDetails": { + "additionalProperties": true, + "markdownDescription": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ProviderDetails", + "type": "object" + }, + "ProviderName": { + "markdownDescription": "The name that you want to assign to the IdP. You can pass the identity provider name in the `identity_provider` query parameter of requests to the [Authorize endpoint](https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html) to silently redirect to sign-in with the associated IdP.", + "title": "ProviderName", + "type": "string" + }, + "ProviderType": { + "markdownDescription": "The type of IdP that you want to add. Amazon Cognito supports OIDC, SAML 2.0, Login With Amazon, Sign In With Apple, Google, and Facebook IdPs.", + "title": "ProviderType", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The Id of the user pool where you want to create an IdP.", + "title": "UserPoolId", + "type": "string" + } + }, + "required": [ + "ProviderDetails", + "ProviderName", + "ProviderType", + "UserPoolId" + ], + "type": "object" }, - "ScheduleExpression": { - "markdownDescription": "The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes).", - "title": "ScheduleExpression", + "Type": { + "enum": [ + "AWS::Cognito::UserPoolIdentityProvider" + ], "type": "string" }, - "ScheduleOffset": { - "markdownDescription": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow.", - "title": "ScheduleOffset", - "type": "number" - }, - "ScheduleStartTime": { - "markdownDescription": "Specifies the scheduled start time for a scheduled-trigger flow. The value must be a date/time value in EPOCH format.", - "title": "ScheduleStartTime", - "type": "number" - }, - "Timezone": { - "markdownDescription": "Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York.", - "title": "Timezone", - "type": "string" - } - }, - "required": [ - "ScheduleExpression" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Integration.ServiceNowSourceProperties": { - "additionalProperties": false, - "properties": { - "Object": { - "markdownDescription": "The object specified in the ServiceNow flow source.", - "title": "Object", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Object" + "Type", + "Properties" ], "type": "object" }, - "AWS::CustomerProfiles::Integration.SourceConnectorProperties": { - "additionalProperties": false, - "properties": { - "Marketo": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.MarketoSourceProperties", - "markdownDescription": "The properties that are applied when Marketo is being used as a source.", - "title": "Marketo" - }, - "S3": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.S3SourceProperties", - "markdownDescription": "The properties that are applied when Amazon S3 is being used as the flow source.", - "title": "S3" - }, - "Salesforce": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SalesforceSourceProperties", - "markdownDescription": "The properties that are applied when Salesforce is being used as a source.", - "title": "Salesforce" - }, - "ServiceNow": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ServiceNowSourceProperties", - "markdownDescription": "The properties that are applied when ServiceNow is being used as a source.", - "title": "ServiceNow" - }, - "Zendesk": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ZendeskSourceProperties", - "markdownDescription": "The properties that are applied when using Zendesk as a flow source.", - "title": "Zendesk" - } - }, - "type": "object" - }, - "AWS::CustomerProfiles::Integration.SourceFlowConfig": { + "AWS::Cognito::UserPoolResourceServer": { "additionalProperties": false, "properties": { - "ConnectorProfileName": { - "markdownDescription": "The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account .", - "title": "ConnectorProfileName", + "Condition": { "type": "string" }, - "ConnectorType": { - "markdownDescription": "The type of connector, such as Salesforce, Marketo, and so on.", - "title": "ConnectorType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IncrementalPullConfig": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.IncrementalPullConfig", - "markdownDescription": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.", - "title": "IncrementalPullConfig" - }, - "SourceConnectorProperties": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceConnectorProperties", - "markdownDescription": "Specifies the information that is required to query a particular source connector.", - "title": "SourceConnectorProperties" - } - }, - "required": [ - "ConnectorType", - "SourceConnectorProperties" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Integration.Task": { - "additionalProperties": false, - "properties": { - "ConnectorOperator": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ConnectorOperator", - "markdownDescription": "The operation to be performed on the provided source fields.", - "title": "ConnectorOperator" - }, - "DestinationField": { - "markdownDescription": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.", - "title": "DestinationField", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFields": { - "items": { - "type": "string" - }, - "markdownDescription": "The source fields to which a particular task is applied.", - "title": "SourceFields", - "type": "array" + "Metadata": { + "type": "object" }, - "TaskProperties": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TaskPropertiesMap" + "Properties": { + "additionalProperties": false, + "properties": { + "Identifier": { + "markdownDescription": "A unique resource server identifier for the resource server. The identifier can be an API friendly name like `solar-system-data` . You can also set an API URL like `https://solar-system-data-api.example.com` as your identifier.\n\nAmazon Cognito represents scopes in the access token in the format `$resource-server-identifier/$scope` . Longer scope-identifier strings increase the size of your access tokens.", + "title": "Identifier", + "type": "string" + }, + "Name": { + "markdownDescription": "A friendly name for the resource server.", + "title": "Name", + "type": "string" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType" + }, + "markdownDescription": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` .", + "title": "Scopes", + "type": "array" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a resource server.", + "title": "UserPoolId", + "type": "string" + } }, - "markdownDescription": "A map used to store task-related information. The service looks for particular information based on the TaskType.", - "title": "TaskProperties", - "type": "array" + "required": [ + "Identifier", + "Name", + "UserPoolId" + ], + "type": "object" }, - "TaskType": { - "markdownDescription": "Specifies the particular task implementation that Amazon AppFlow performs.", - "title": "TaskType", - "type": "string" - } - }, - "required": [ - "SourceFields", - "TaskType" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Integration.TaskPropertiesMap": { - "additionalProperties": false, - "properties": { - "OperatorPropertyKey": { - "markdownDescription": "The task property key.", - "title": "OperatorPropertyKey", + "Type": { + "enum": [ + "AWS::Cognito::UserPoolResourceServer" + ], "type": "string" }, - "Property": { - "markdownDescription": "The task property value.", - "title": "Property", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "OperatorPropertyKey", - "Property" + "Type", + "Properties" ], "type": "object" }, - "AWS::CustomerProfiles::Integration.TriggerConfig": { + "AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType": { "additionalProperties": false, "properties": { - "TriggerProperties": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerProperties", - "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type.", - "title": "TriggerProperties" - }, - "TriggerType": { - "markdownDescription": "Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event.", - "title": "TriggerType", + "ScopeDescription": { + "markdownDescription": "A friendly description of a custom scope.", + "title": "ScopeDescription", "type": "string" - } - }, - "required": [ - "TriggerType" - ], - "type": "object" - }, - "AWS::CustomerProfiles::Integration.TriggerProperties": { - "additionalProperties": false, - "properties": { - "Scheduled": { - "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ScheduledTriggerProperties", - "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define.", - "title": "Scheduled" - } - }, - "type": "object" - }, - "AWS::CustomerProfiles::Integration.ZendeskSourceProperties": { - "additionalProperties": false, - "properties": { - "Object": { - "markdownDescription": "The object specified in the Zendesk flow source.", - "title": "Object", + }, + "ScopeName": { + "markdownDescription": "The name of the scope. Amazon Cognito renders custom scopes in the format `resourceServerIdentifier/ScopeName` . For example, if this parameter is `exampleScope` in the resource server with the identifier `exampleResourceServer` , you request and receive the scope `exampleResourceServer/exampleScope` .", + "title": "ScopeName", "type": "string" } }, "required": [ - "Object" + "ScopeDescription", + "ScopeName" ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -54862,81 +61476,41 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowProfileCreation": { - "markdownDescription": "Indicates whether a profile should be created when data is received if one doesn\u2019t exist for an object of this type. The default is `FALSE` . If the AllowProfileCreation flag is set to `FALSE` , then the service tries to fetch a standard profile and associate this object with the profile. If it is set to `TRUE` , and if no match is found, then the service creates a new standard profile.", - "title": "AllowProfileCreation", - "type": "boolean" - }, - "Description": { - "markdownDescription": "The description of the profile object type mapping.", - "title": "Description", - "type": "string" - }, - "DomainName": { - "markdownDescription": "The unique name of the domain.", - "title": "DomainName", - "type": "string" - }, - "EncryptionKey": { - "markdownDescription": "The customer-provided key to encrypt the profile object that will be created in this profile object type mapping. If not specified the system will use the encryption key of the domain.", - "title": "EncryptionKey", - "type": "string" - }, - "ExpirationDays": { - "markdownDescription": "The number of days until the data of this type expires.", - "title": "ExpirationDays", - "type": "number" - }, - "Fields": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.FieldMap" - }, - "markdownDescription": "A list of field definitions for the object type mapping.", - "title": "Fields", - "type": "array" - }, - "Keys": { - "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.KeyMap" - }, - "markdownDescription": "A list of keys that can be used to map data to the profile or search for the profile.", - "title": "Keys", - "type": "array" + "AccountTakeoverRiskConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType", + "markdownDescription": "The settings for automated responses and notification templates for adaptive authentication with threat protection.", + "title": "AccountTakeoverRiskConfiguration" }, - "ObjectTypeName": { - "markdownDescription": "The name of the profile object type.", - "title": "ObjectTypeName", + "ClientId": { + "markdownDescription": "The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.", + "title": "ClientId", "type": "string" }, - "SourceLastUpdatedTimestampFormat": { - "markdownDescription": "The format of your sourceLastUpdatedTimestamp that was previously set up.", - "title": "SourceLastUpdatedTimestampFormat", - "type": "string" + "CompromisedCredentialsRiskConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType", + "markdownDescription": "Settings for compromised-credentials actions and authentication types with threat protection in full-function `ENFORCED` mode.", + "title": "CompromisedCredentialsRiskConfiguration" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" + "RiskExceptionConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType", + "markdownDescription": "Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.", + "title": "RiskExceptionConfiguration" }, - "TemplateId": { - "markdownDescription": "A unique identifier for the template mapping. This can be used instead of specifying the Keys and Fields properties directly.", - "title": "TemplateId", + "UserPoolId": { + "markdownDescription": "The ID of the user pool that has the risk configuration applied.", + "title": "UserPoolId", "type": "string" } }, "required": [ - "Description", - "DomainName", - "ObjectTypeName" + "ClientId", + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::CustomerProfiles::ObjectType" + "AWS::Cognito::UserPoolRiskConfigurationAttachment" ], "type": "string" }, @@ -54955,85 +61529,188 @@ ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType.FieldMap": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the field.", - "title": "Name", + "EventAction": { + "markdownDescription": "The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:\n\n- `BLOCK` : Block the request.\n- `MFA_IF_CONFIGURED` : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.\n- `MFA_REQUIRED` : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.\n- `NO_ACTION` : Take no action. Permit sign-in.", + "title": "EventAction", "type": "string" }, - "ObjectTypeField": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeField", - "markdownDescription": "Represents a field in a ProfileObjectType.", - "title": "ObjectTypeField" + "Notify": { + "markdownDescription": "Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.", + "title": "Notify", + "type": "boolean" } }, + "required": [ + "EventAction", + "Notify" + ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType.KeyMap": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the key.", - "title": "Name", + "HighAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a high-risk assessment by threat protection.", + "title": "HighAction" + }, + "LowAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a low-risk assessment by threat protection.", + "title": "LowAction" + }, + "MediumAction": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", + "markdownDescription": "The action that you assign to a medium-risk assessment by threat protection.", + "title": "MediumAction" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType": { + "additionalProperties": false, + "properties": { + "Actions": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType", + "markdownDescription": "A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.", + "title": "Actions" + }, + "NotifyConfiguration": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType", + "markdownDescription": "The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in `AccountTakeoverRiskConfiguration` , Amazon Cognito sends an email message using the method and template that you set with this data type.", + "title": "NotifyConfiguration" + } + }, + "required": [ + "Actions" + ], + "type": "object" + }, + "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType": { + "additionalProperties": false, + "properties": { + "EventAction": { + "markdownDescription": "The action that Amazon Cognito takes when it detects compromised credentials.", + "title": "EventAction", "type": "string" + } + }, + "required": [ + "EventAction" + ], + "type": "object" + }, + "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType": { + "additionalProperties": false, + "properties": { + "Actions": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType", + "markdownDescription": "Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.", + "title": "Actions" }, - "ObjectTypeKeyList": { + "EventFilter": { "items": { - "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeKey" + "type": "string" }, - "markdownDescription": "A list of ObjectTypeKey.", - "title": "ObjectTypeKeyList", + "markdownDescription": "Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.", + "title": "EventFilter", "type": "array" } }, + "required": [ + "Actions" + ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType.ObjectTypeField": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the field. Used for determining equality when searching.", - "title": "ContentType", + "BlockEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when a detected risk event is blocked.", + "title": "BlockEmail" + }, + "From": { + "markdownDescription": "The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.", + "title": "From", "type": "string" }, - "Source": { - "markdownDescription": "A field of a ProfileObject. For example: _source.FirstName, where \u201c_source\u201d is a ProfileObjectType of a Zendesk user and \u201cFirstName\u201d is a field in that ObjectType.", - "title": "Source", + "MfaEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.", + "title": "MfaEmail" + }, + "NoActionEmail": { + "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", + "markdownDescription": "The template for the email message that your user pool sends when no action is taken in response to a detected risk.", + "title": "NoActionEmail" + }, + "ReplyTo": { + "markdownDescription": "The reply-to email address of an email template.", + "title": "ReplyTo", "type": "string" }, - "Target": { - "markdownDescription": "The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode.", - "title": "Target", + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter.", + "title": "SourceArn", "type": "string" } }, + "required": [ + "SourceArn" + ], "type": "object" }, - "AWS::CustomerProfiles::ObjectType.ObjectTypeKey": { + "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType": { "additionalProperties": false, "properties": { - "FieldNames": { + "HtmlBody": { + "markdownDescription": "The body of an email notification formatted in HTML. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", + "title": "HtmlBody", + "type": "string" + }, + "Subject": { + "markdownDescription": "The subject of the threat protection email notification.", + "title": "Subject", + "type": "string" + }, + "TextBody": { + "markdownDescription": "The body of an email notification formatted in plaintext. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively.", + "title": "TextBody", + "type": "string" + } + }, + "required": [ + "Subject" + ], + "type": "object" + }, + "AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType": { + "additionalProperties": false, + "properties": { + "BlockedIPRangeList": { "items": { "type": "string" }, - "markdownDescription": "The reference for the key name of the fields map.", - "title": "FieldNames", + "markdownDescription": "An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.", + "title": "BlockedIPRangeList", "type": "array" }, - "StandardIdentifiers": { + "SkippedIPRangeList": { "items": { "type": "string" }, - "markdownDescription": "The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles.", - "title": "StandardIdentifiers", + "markdownDescription": "An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.", + "title": "SkippedIPRangeList", "type": "array" } }, "type": "object" }, - "AWS::DAX::Cluster": { + "AWS::Cognito::UserPoolUICustomizationAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -55068,93 +61745,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones (AZs) in which the cluster nodes will reside after the cluster has been created or updated. If provided, the length of this list must equal the `ReplicationFactor` parameter. If you omit this parameter, DAX will spread the nodes across Availability Zones for the highest availability.", - "title": "AvailabilityZones", - "type": "array" - }, - "ClusterEndpointEncryptionType": { - "markdownDescription": "The encryption type of the cluster's endpoint. Available values are:\n\n- `NONE` - The cluster's endpoint will be unencrypted.\n- `TLS` - The cluster's endpoint will be encrypted with Transport Layer Security, and will provide an x509 certificate for authentication.\n\nThe default value is `NONE` .", - "title": "ClusterEndpointEncryptionType", - "type": "string" - }, - "ClusterName": { - "markdownDescription": "The name of the DAX cluster.", - "title": "ClusterName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the cluster.", - "title": "Description", - "type": "string" - }, - "IAMRoleARN": { - "markdownDescription": "A valid Amazon Resource Name (ARN) that identifies an IAM role. At runtime, DAX will assume this role and use the role's permissions to access DynamoDB on your behalf.", - "title": "IAMRoleARN", - "type": "string" - }, - "NodeType": { - "markdownDescription": "The node type for the nodes in the cluster. (All nodes in a DAX cluster are of the same type.)", - "title": "NodeType", - "type": "string" - }, - "NotificationTopicARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which notifications will be sent.\n\n> The Amazon SNS topic owner must be same as the DAX cluster owner.", - "title": "NotificationTopicARN", - "type": "string" - }, - "ParameterGroupName": { - "markdownDescription": "The parameter group to be associated with the DAX cluster.", - "title": "ParameterGroupName", + "CSS": { + "markdownDescription": "A plaintext CSS file that contains the custom fields that you want to apply to your user pool or app client. To download a template, go to the Amazon Cognito console. Navigate to your user pool *App clients* tab, select *Login pages* , edit *Hosted UI (classic) style* , and select the link to `CSS template.css` .", + "title": "CSS", "type": "string" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "A range of time when maintenance of DAX cluster software will be performed. For example: `sun:01:00-sun:09:00` . Cluster maintenance normally takes less than 30 minutes, and is performed automatically within the maintenance window.", - "title": "PreferredMaintenanceWindow", + "ClientId": { + "markdownDescription": "The app client ID for your UI customization. When this value isn't present, the customization applies to all user pool app clients that don't have client-level settings..", + "title": "ClientId", "type": "string" }, - "ReplicationFactor": { - "markdownDescription": "The number of nodes in the DAX cluster. A replication factor of 1 will create a single-node cluster, without any read replicas. For additional fault tolerance, you can create a multiple node cluster with one or more read replicas. To do this, set `ReplicationFactor` to a number between 3 (one primary and two read replicas) and 10 (one primary and nine read replicas). `If the AvailabilityZones` parameter is provided, its length must equal the `ReplicationFactor` .\n\n> AWS recommends that you have at least two read replicas per cluster.", - "title": "ReplicationFactor", - "type": "number" - }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DAX::Cluster.SSESpecification", - "markdownDescription": "Represents the settings used to enable server-side encryption on the cluster.", - "title": "SSESpecification" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to be assigned to each node in the DAX cluster. (Each of the security group ID is system-generated.)\n\nIf this parameter is not specified, DAX assigns the default VPC security group to each node.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the replication group.\n\n> DAX clusters can only run in an Amazon VPC environment. All of the subnets that you specify in a subnet group must exist in the same VPC.", - "title": "SubnetGroupName", + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to apply branding to the classic hosted UI.", + "title": "UserPoolId", "type": "string" - }, - "Tags": { - "markdownDescription": "A set of tags to associate with the DAX cluster.", - "title": "Tags", - "type": "object" } }, "required": [ - "IAMRoleARN", - "NodeType", - "ReplicationFactor" + "ClientId", + "UserPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::Cluster" + "AWS::Cognito::UserPoolUICustomizationAttachment" ], "type": "string" }, @@ -55173,18 +61788,7 @@ ], "type": "object" }, - "AWS::DAX::Cluster.SSESpecification": { - "additionalProperties": false, - "properties": { - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is enabled (true) or disabled (false) on the cluster.", - "title": "SSEEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DAX::ParameterGroup": { + "AWS::Cognito::UserPoolUser": { "additionalProperties": false, "properties": { "Condition": { @@ -55219,27 +61823,70 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the parameter group.", - "title": "Description", + "ClientMetadata": { + "additionalProperties": true, + "markdownDescription": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `ClientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Using Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n> When you use the `ClientMetadata` parameter, note that Amazon Cognito won't do the following:\n> \n> - Store the `ClientMetadata` value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the `ClientMetadata` parameter serves no purpose.\n> - Validate the `ClientMetadata` value.\n> - Encrypt the `ClientMetadata` value. Don't send sensitive information in this parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ClientMetadata", + "type": "object" + }, + "DesiredDeliveryMediums": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify `EMAIL` if email will be used to send the welcome message. Specify `SMS` if the phone number will be used. The default value is `SMS` . You can specify more than one value.", + "title": "DesiredDeliveryMediums", + "type": "array" + }, + "ForceAliasCreation": { + "markdownDescription": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the `UserAttributes` parameter already exists as an alias with a different user, this request migrates the alias from the previous user to the newly-created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .", + "title": "ForceAliasCreation", + "type": "boolean" + }, + "MessageAction": { + "markdownDescription": "Set to `RESEND` to resend the invitation message to a user that already exists, and to reset the temporary-password duration with a new temporary password. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.", + "title": "MessageAction", "type": "string" }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group.", - "title": "ParameterGroupName", + "UserAttributes": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + }, + "markdownDescription": "An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than `Username` . However, any attributes that you specify as required (when creating a user pool or in the *Attributes* tab of the console) either you should supply (in your call to `AdminCreateUser` ) or the user should supply (when they sign up in response to your welcome message).\n\nFor custom attributes, you must prepend the `custom:` prefix to the attribute name.\n\nTo send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the *Users* tab of the Amazon Cognito console for managing your user pools.\n\nYou must also provide an email address or phone number when you expect the user to do passwordless sign-in with an email or SMS OTP. These attributes must be provided when passwordless options are the only available, or when you don't submit a `TemporaryPassword` .\n\nIn your call to `AdminCreateUser` , you can set the `email_verified` attribute to `True` , and you can set the `phone_number_verified` attribute to `True` .\n\n- *email* : The email address of the user to whom the message that contains the code and username will be sent. Required if the `email_verified` attribute is set to `True` , or if `\"EMAIL\"` is specified in the `DesiredDeliveryMediums` parameter.\n- *phone_number* : The phone number of the user to whom the message that contains the code and username will be sent. Required if the `phone_number_verified` attribute is set to `True` , or if `\"SMS\"` is specified in the `DesiredDeliveryMediums` parameter.", + "title": "UserAttributes", + "type": "array" + }, + "UserPoolId": { + "markdownDescription": "The ID of the user pool where you want to create a user.", + "title": "UserPoolId", "type": "string" }, - "ParameterNameValues": { - "markdownDescription": "An array of name-value pairs for the parameters in the group. Each element in the array represents a single parameter.\n\n> `record-ttl-millis` and `query-ttl-millis` are the only supported parameter names. For more details, see [Configuring TTL Settings](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl) .", - "title": "ParameterNameValues", - "type": "object" + "Username": { + "markdownDescription": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", + "title": "Username", + "type": "string" + }, + "ValidationData": { + "items": { + "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" + }, + "markdownDescription": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function can automatically confirm and verify select users or perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) .", + "title": "ValidationData", + "type": "array" } }, + "required": [ + "UserPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::ParameterGroup" + "AWS::Cognito::UserPoolUser" ], "type": "string" }, @@ -55253,11 +61900,28 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DAX::SubnetGroup": { + "AWS::Cognito::UserPoolUser.AttributeType": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the attribute.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Cognito::UserPoolUserToGroupAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -55292,33 +61956,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the subnet group.", - "title": "Description", + "GroupName": { + "markdownDescription": "The name of the group that you want to add your user to.", + "title": "GroupName", "type": "string" }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group.", - "title": "SubnetGroupName", + "UserPoolId": { + "markdownDescription": "The ID of the user pool that contains the group that you want to add the user to.", + "title": "UserPoolId", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC subnet IDs for the subnet group.", - "title": "SubnetIds", - "type": "array" + "Username": { + "markdownDescription": "The user's username.", + "title": "Username", + "type": "string" } }, "required": [ - "SubnetIds" + "GroupName", + "UserPoolId", + "Username" ], "type": "object" }, "Type": { "enum": [ - "AWS::DAX::SubnetGroup" + "AWS::Cognito::UserPoolUserToGroupAttachment" ], "type": "string" }, @@ -55337,7 +62000,7 @@ ], "type": "object" }, - "AWS::DLM::LifecyclePolicy": { + "AWS::Comprehend::DocumentClassifier": { "additionalProperties": false, "properties": { "Condition": { @@ -55372,75 +62035,81 @@ "Properties": { "additionalProperties": false, "properties": { - "CopyTags": { - "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "CopyTags", - "type": "boolean" + "DataAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data.", + "title": "DataAccessRoleArn", + "type": "string" }, - "CreateInterval": { - "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", - "title": "CreateInterval", - "type": "number" + "DocumentClassifierName": { + "markdownDescription": "The name of the document classifier.", + "title": "DocumentClassifierName", + "type": "string" }, - "CrossRegionCopyTargets": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", - "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", - "title": "CrossRegionCopyTargets" + "InputDataConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig", + "markdownDescription": "Specifies the format and location of the input data for the job.", + "title": "InputDataConfig" }, - "DefaultPolicy": { - "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", - "title": "DefaultPolicy", + "LanguageCode": { + "markdownDescription": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language.", + "title": "LanguageCode", "type": "string" }, - "Description": { - "markdownDescription": "A description of the lifecycle policy. The characters ^[0-9A-Za-z _-]+$ are supported.", - "title": "Description", + "Mode": { + "markdownDescription": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|).", + "title": "Mode", "type": "string" }, - "Exclusions": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", - "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", - "title": "Exclusions" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to run the operations specified by the lifecycle policy.", - "title": "ExecutionRoleArn", + "ModelKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "ModelKmsKeyId", "type": "string" }, - "ExtendDeletion": { - "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "ExtendDeletion", - "type": "boolean" - }, - "PolicyDetails": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.PolicyDetails", - "markdownDescription": "The configuration details of the lifecycle policy.\n\n> If you create a default policy, you can specify the request parameters either in the request body, or in the PolicyDetails request structure, but not both.", - "title": "PolicyDetails" - }, - "RetainInterval": { - "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", - "title": "RetainInterval", - "type": "number" - }, - "State": { - "markdownDescription": "The activation state of the lifecycle policy.", - "title": "State", + "ModelPolicy": { + "markdownDescription": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`", + "title": "ModelPolicy", "type": "string" }, + "OutputDataConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig", + "markdownDescription": "Provides output results configuration parameters for custom classifier jobs.", + "title": "OutputDataConfig" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the lifecycle policy during creation.", + "markdownDescription": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department.", "title": "Tags", "type": "array" + }, + "VersionName": { + "markdownDescription": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region .", + "title": "VersionName", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.VpcConfig", + "markdownDescription": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", + "title": "VpcConfig" } }, + "required": [ + "DataAccessRoleArn", + "DocumentClassifierName", + "InputDataConfig", + "LanguageCode" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DLM::LifecyclePolicy" + "AWS::Comprehend::DocumentClassifier" ], "type": "string" }, @@ -55454,682 +62123,410 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Action": { - "additionalProperties": false, - "properties": { - "CrossRegionCopy": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyAction" - }, - "markdownDescription": "The rule for copying shared snapshots across Regions.", - "title": "CrossRegionCopy", - "type": "array" - }, - "Name": { - "markdownDescription": "A descriptive name for the action.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "CrossRegionCopy", - "Name" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ArchiveRetainRule": { - "additionalProperties": false, - "properties": { - "RetentionArchiveTier": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetentionArchiveTier", - "markdownDescription": "Information about retention period in the Amazon EBS Snapshots Archive. For more information, see [Archive Amazon EBS snapshots](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/snapshot-archive.html) .", - "title": "RetentionArchiveTier" - } - }, - "required": [ - "RetentionArchiveTier" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ArchiveRule": { - "additionalProperties": false, - "properties": { - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRetainRule", - "markdownDescription": "Information about the retention period for the snapshot archiving rule.", - "title": "RetainRule" - } - }, - "required": [ - "RetainRule" + "Type", + "Properties" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CreateRule": { + "AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem": { "additionalProperties": false, "properties": { - "CronExpression": { - "markdownDescription": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. For more information, see the [Cron and rate expressions](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) in the *Amazon EventBridge User Guide* .", - "title": "CronExpression", - "type": "string" - }, - "Interval": { - "markdownDescription": "The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The interval unit.", - "title": "IntervalUnit", - "type": "string" - }, - "Location": { - "markdownDescription": "*[Custom snapshot policies only]* Specifies the destination for snapshots created by the policy. The allowed destinations depend on the location of the targeted resources.\n\n- If the policy targets resources in a Region, then you must create snapshots in the same Region as the source resource.\n- If the policy targets resources in a Local Zone, you can create snapshots in the same Local Zone or in its parent Region.\n- If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost or in its parent Region.\n\nSpecify one of the following values:\n\n- To create snapshots in the same Region as the source resource, specify `CLOUD` .\n- To create snapshots in the same Local Zone as the source resource, specify `LOCAL_ZONE` .\n- To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL` .\n\nDefault: `CLOUD`", - "title": "Location", - "type": "string" - }, - "Scripts": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" - }, - "markdownDescription": "*[Custom snapshot policies that target instances only]* Specifies pre and/or post scripts for a snapshot lifecycle policy that targets instances. This is useful for creating application-consistent snapshots, or for performing specific administrative tasks before or after Amazon Data Lifecycle Manager initiates snapshot creation.\n\nFor more information, see [Automating application-consistent snapshots with pre and post scripts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/automate-app-consistent-backups.html) .", - "title": "Scripts", - "type": "array" - }, - "Times": { + "AttributeNames": { "items": { "type": "string" }, - "markdownDescription": "The time, in UTC, to start the operation. The supported format is hh:mm.\n\nThe operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon Data Lifecycle Manager selects a time within the next 24 hours.", - "title": "Times", + "markdownDescription": "The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job.\n\nIf your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth.\n\nIf your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job.", + "title": "AttributeNames", "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyAction": { - "additionalProperties": false, - "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EncryptionConfiguration", - "markdownDescription": "The encryption settings for the copied snapshot.", - "title": "EncryptionConfiguration" - }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", - "markdownDescription": "Specifies a retention rule for cross-Region snapshot copies created by snapshot or event-based policies, or cross-Region AMI copies created by AMI policies. After the retention period expires, the cross-Region copy is deleted.", - "title": "RetainRule" }, - "Target": { - "markdownDescription": "The target Region.", - "title": "Target", + "S3Uri": { + "markdownDescription": "The Amazon S3 location of the augmented manifest file.", + "title": "S3Uri", "type": "string" - } - }, - "required": [ - "EncryptionConfiguration", - "Target" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The period after which to deprecate the cross-Region AMI copies. The period must be less than or equal to the cross-Region AMI copy retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", - "title": "Interval", - "type": "number" }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to deprecate a cross-Region AMI copy after 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "Split": { + "markdownDescription": "The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train.\n\nTRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing.\n\nTEST - all of the documents in the manifest will be used for testing.", + "title": "Split", "type": "string" } }, "required": [ - "Interval", - "IntervalUnit" + "AttributeNames", + "S3Uri" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule": { + "AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments": { "additionalProperties": false, "properties": { - "Interval": { - "markdownDescription": "The amount of time to retain a cross-Region snapshot or AMI copy. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" + "S3Uri": { + "markdownDescription": "The S3 URI location of the training documents specified in the S3Uri CSV file.", + "title": "S3Uri", + "type": "string" }, - "IntervalUnit": { - "markdownDescription": "The unit of time for time-based retention. For example, to retain a cross-Region copy for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "TestS3Uri": { + "markdownDescription": "The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file.", + "title": "TestS3Uri", "type": "string" } }, "required": [ - "Interval", - "IntervalUnit" + "S3Uri" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyRule": { + "AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig": { "additionalProperties": false, "properties": { - "CmkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", - "title": "CmkArn", - "type": "string" + "AugmentedManifests": { + "items": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem" + }, + "markdownDescription": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` .", + "title": "AugmentedManifests", + "type": "array" }, - "CopyTags": { - "markdownDescription": "Indicates whether to copy all user-defined tags from the source snapshot or AMI to the cross-Region copy.", - "title": "CopyTags", - "type": "boolean" + "DataFormat": { + "markdownDescription": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default.", + "title": "DataFormat", + "type": "string" }, - "DeprecateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule", - "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for cross-Region AMI copies created by the rule.", - "title": "DeprecateRule" + "DocumentReaderConfig": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentReaderConfig", + "markdownDescription": "", + "title": "DocumentReaderConfig" }, - "Encrypted": { - "markdownDescription": "To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.", - "title": "Encrypted", - "type": "boolean" + "DocumentType": { + "markdownDescription": "The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model.", + "title": "DocumentType", + "type": "string" }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", - "markdownDescription": "The retention rule that indicates how long the cross-Region snapshot or AMI copies are to be retained in the destination Region.", - "title": "RetainRule" + "Documents": { + "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments", + "markdownDescription": "The S3 location of the training documents. This parameter is required in a request to create a native document model.", + "title": "Documents" }, - "Target": { - "markdownDescription": "> Use this parameter for snapshot policies only. For AMI policies, use *TargetRegion* instead. \n\n*[Custom snapshot policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", - "title": "Target", + "LabelDelimiter": { + "markdownDescription": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL.", + "title": "LabelDelimiter", "type": "string" }, - "TargetRegion": { - "markdownDescription": "> Use this parameter for AMI policies only. For snapshot policies, use *Target* instead. For snapshot policies created before the *Target* parameter was introduced, this parameter indicates the target Region for snapshot copies. \n\n*[Custom AMI policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", - "title": "TargetRegion", - "type": "string" - } - }, - "required": [ - "Encrypted" - ], - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyTarget": { - "additionalProperties": false, - "properties": { - "TargetRegion": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` .", + "title": "S3Uri", "type": "string" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.DeprecateRule": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "If the schedule has a count-based retention rule, this parameter specifies the number of oldest AMIs to deprecate. The count must be less than or equal to the schedule's retention count, and it can't be greater than 1000.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "If the schedule has an age-based retention rule, this parameter specifies the period after which to deprecate AMIs created by the schedule. The period must be less than or equal to the schedule's retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", - "title": "Interval", - "type": "number" }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* .", - "title": "IntervalUnit", + "TestS3Uri": { + "markdownDescription": "This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling.", + "title": "TestS3Uri", "type": "string" } }, "type": "object" }, - "AWS::DLM::LifecyclePolicy.EncryptionConfiguration": { + "AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig": { "additionalProperties": false, "properties": { - "CmkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", - "title": "CmkArn", + "KmsKeyId": { + "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- KMS Key Alias: `\"alias/ExampleAlias\"`\n- ARN of a KMS Key Alias: `\"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\"`", + "title": "KmsKeyId", "type": "string" }, - "Encrypted": { - "markdownDescription": "To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled.", - "title": "Encrypted", - "type": "boolean" + "S3Uri": { + "markdownDescription": "When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file.\n\nWhen the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix.", + "title": "S3Uri", + "type": "string" } }, - "required": [ - "Encrypted" - ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.EventParameters": { + "AWS::Comprehend::DocumentClassifier.DocumentReaderConfig": { "additionalProperties": false, "properties": { - "DescriptionRegex": { - "markdownDescription": "The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.\n\nFor example, specifying `^.*Created for policy: policy-1234567890abcdef0.*$` configures the policy to run only if snapshots created by policy `policy-1234567890abcdef0` are shared with your account.", - "title": "DescriptionRegex", + "DocumentReadAction": { + "markdownDescription": "This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values:\n\n- `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation.\n- `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation.", + "title": "DocumentReadAction", "type": "string" }, - "EventType": { - "markdownDescription": "The type of event. Currently, only snapshot sharing events are supported.", - "title": "EventType", + "DocumentReadMode": { + "markdownDescription": "Determines the text extraction actions for PDF files. Enter one of the following values:\n\n- `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files.\n- `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files.", + "title": "DocumentReadMode", "type": "string" }, - "SnapshotOwner": { + "FeatureTypes": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.", - "title": "SnapshotOwner", + "markdownDescription": "Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values:\n\n- `TABLES` - Returns additional information about any tables that are detected in the input document.\n- `FORMS` - Returns additional information about any forms that are detected in the input document.", + "title": "FeatureTypes", "type": "array" } }, "required": [ - "EventType", - "SnapshotOwner" + "DocumentReadAction" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.EventSource": { + "AWS::Comprehend::DocumentClassifier.VpcConfig": { "additionalProperties": false, "properties": { - "Parameters": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventParameters", - "markdownDescription": "Information about the event.", - "title": "Parameters" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", + "title": "SecurityGroupIds", + "type": "array" }, - "Type": { - "markdownDescription": "The source of the event. Currently only managed Amazon EventBridge (formerly known as Amazon CloudWatch) events are supported.", - "title": "Type", - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", + "title": "Subnets", + "type": "array" } }, "required": [ - "Type" + "SecurityGroupIds", + "Subnets" ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.ExcludeTags": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.Exclusions": { + "AWS::Comprehend::Flywheel": { "additionalProperties": false, "properties": { - "ExcludeBootVolumes": { - "markdownDescription": "*[Default policies for EBS snapshots only]* Indicates whether to exclude volumes that are attached to instances as the boot volume. If you exclude boot volumes, only volumes attached as data (non-boot) volumes will be backed up by the policy. To exclude boot volumes, specify `true` .", - "title": "ExcludeBootVolumes", - "type": "boolean" + "Condition": { + "type": "string" }, - "ExcludeTags": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeTags", - "markdownDescription": "*[Default policies for EBS-backed AMIs only]* Specifies whether to exclude volumes that have specific tags.", - "title": "ExcludeTags" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExcludeVolumeTypes": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList", - "markdownDescription": "*[Default policies for EBS snapshots only]* Specifies the volume types to exclude. Volumes of the specified types will not be targeted by the policy.", - "title": "ExcludeVolumeTypes" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.FastRestoreRule": { - "additionalProperties": false, - "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones in which to enable fast snapshot restore.", - "title": "AvailabilityZones", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Count": { - "markdownDescription": "The number of snapshots to be enabled with fast snapshot restore.", - "title": "Count", - "type": "number" + "Metadata": { + "type": "object" }, - "Interval": { - "markdownDescription": "The amount of time to enable fast snapshot restore. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ActiveModelArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the active model version.", + "title": "ActiveModelArn", + "type": "string" + }, + "DataAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data.", + "title": "DataAccessRoleArn", + "type": "string" + }, + "DataLakeS3Uri": { + "markdownDescription": "Amazon S3 URI of the data lake location.", + "title": "DataLakeS3Uri", + "type": "string" + }, + "DataSecurityConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.DataSecurityConfig", + "markdownDescription": "Data security configuration.", + "title": "DataSecurityConfig" + }, + "FlywheelName": { + "markdownDescription": "Name for the flywheel.", + "title": "FlywheelName", + "type": "string" + }, + "ModelType": { + "markdownDescription": "Model type of the flywheel's model.", + "title": "ModelType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department.", + "title": "Tags", + "type": "array" + }, + "TaskConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.TaskConfig", + "markdownDescription": "Configuration about the model associated with a flywheel.", + "title": "TaskConfig" + } + }, + "required": [ + "DataAccessRoleArn", + "DataLakeS3Uri", + "FlywheelName" + ], + "type": "object" }, - "IntervalUnit": { - "markdownDescription": "The unit of time for enabling fast snapshot restore.", - "title": "IntervalUnit", + "Type": { + "enum": [ + "AWS::Comprehend::Flywheel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.Parameters": { + "AWS::Comprehend::Flywheel.DataSecurityConfig": { "additionalProperties": false, "properties": { - "ExcludeBootVolume": { - "markdownDescription": "*[Custom snapshot policies that target instances only]* Indicates whether to exclude the root volume from multi-volume snapshot sets. The default is `false` . If you specify `true` , then the root volumes attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", - "title": "ExcludeBootVolume", - "type": "boolean" + "DataLakeKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the data in the data lake.", + "title": "DataLakeKmsKeyId", + "type": "string" }, - "ExcludeDataVolumeTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[Custom snapshot policies that target instances only]* The tags used to identify data (non-root) volumes to exclude from multi-volume snapshot sets.\n\nIf you create a snapshot lifecycle policy that targets instances and you specify tags for this parameter, then data volumes with the specified tags that are attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", - "title": "ExcludeDataVolumeTags", - "type": "array" + "ModelKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "title": "ModelKmsKeyId", + "type": "string" }, - "NoReboot": { - "markdownDescription": "*[Custom AMI policies only]* Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).", - "title": "NoReboot", - "type": "boolean" + "VolumeKmsKeyId": { + "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the volume.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.VpcConfig", + "markdownDescription": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", + "title": "VpcConfig" } }, "type": "object" }, - "AWS::DLM::LifecyclePolicy.PolicyDetails": { + "AWS::Comprehend::Flywheel.DocumentClassificationConfig": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Action" - }, - "markdownDescription": "*[Event-based policies only]* The actions to be performed when the event-based policy is activated. You can specify only one action per policy.", - "title": "Actions", - "type": "array" - }, - "CopyTags": { - "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "CopyTags", - "type": "boolean" - }, - "CreateInterval": { - "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", - "title": "CreateInterval", - "type": "number" - }, - "CrossRegionCopyTargets": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", - "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", - "title": "CrossRegionCopyTargets" - }, - "EventSource": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventSource", - "markdownDescription": "*[Event-based policies only]* The event that activates the event-based policy.", - "title": "EventSource" - }, - "Exclusions": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", - "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", - "title": "Exclusions" - }, - "ExtendDeletion": { - "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", - "title": "ExtendDeletion", - "type": "boolean" - }, - "Parameters": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Parameters", - "markdownDescription": "*[Custom snapshot and AMI policies only]* A set of optional parameters for snapshot and AMI lifecycle policies.\n\n> If you are modifying a policy that was created or previously modified using the Amazon Data Lifecycle Manager console, then you must include this parameter and specify either the default values or the new values that you require. You can't omit this parameter or set its values to null.", - "title": "Parameters" - }, - "PolicyLanguage": { - "markdownDescription": "The type of policy to create. Specify one of the following:\n\n- `SIMPLIFIED` To create a default policy.\n- `STANDARD` To create a custom policy.", - "title": "PolicyLanguage", - "type": "string" - }, - "PolicyType": { - "markdownDescription": "The type of policy. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account .\n\nThe default is `EBS_SNAPSHOT_MANAGEMENT` .", - "title": "PolicyType", - "type": "string" - }, - "ResourceLocations": { + "Labels": { "items": { "type": "string" }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The location of the resources to backup.\n\n- If the source resources are located in a Region, specify `CLOUD` . In this case, the policy targets all resources of the specified type with matching target tags across all Availability Zones in the Region.\n- *[Custom snapshot policies only]* If the source resources are located in a Local Zone, specify `LOCAL_ZONE` . In this case, the policy targets all resources of the specified type with matching target tags across all Local Zones in the Region.\n- If the source resources are located on an Outpost in your account, specify `OUTPOST` . In this case, the policy targets all resources of the specified type with matching target tags across all of the Outposts in your account.", - "title": "ResourceLocations", + "markdownDescription": "One or more labels to associate with the custom classifier.", + "title": "Labels", "type": "array" }, - "ResourceType": { - "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", - "title": "ResourceType", + "Mode": { + "markdownDescription": "Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` .", + "title": "Mode", "type": "string" - }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "*[Custom snapshot policies only]* The target resource type for snapshot and AMI lifecycle policies. Use `VOLUME` to create snapshots of individual volumes or use `INSTANCE` to create multi-volume snapshots from the volumes for an instance.", - "title": "ResourceTypes", - "type": "array" - }, - "RetainInterval": { - "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", - "title": "RetainInterval", - "type": "number" - }, - "Schedules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Schedule" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The schedules of policy-defined actions for snapshot and AMI lifecycle policies. A policy can have up to four schedules\u2014one mandatory schedule and up to three optional schedules.", - "title": "Schedules", - "type": "array" - }, - "TargetTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[Custom snapshot and AMI policies only]* The single tag that identifies targeted resources for this policy.", - "title": "TargetTags", - "type": "array" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.RetainRule": { + "AWS::Comprehend::Flywheel.EntityRecognitionConfig": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The number of snapshots to retain for each volume, up to a maximum of 1000. For example if you want to retain a maximum of three snapshots, specify `3` . When the fourth snapshot is created, the oldest retained snapshot is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time for time-based retention. For example, to retain snapshots for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` . Once the snapshot has been retained for 3 months, it is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", - "title": "IntervalUnit", - "type": "string" + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityTypesListItem" + }, + "markdownDescription": "Up to 25 entity types that the model is trained to recognize.", + "title": "EntityTypes", + "type": "array" } }, "type": "object" }, - "AWS::DLM::LifecyclePolicy.RetentionArchiveTier": { + "AWS::Comprehend::Flywheel.EntityTypesListItem": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The maximum number of snapshots to retain in the archive storage tier for each volume. The count must ensure that each snapshot remains in the archive tier for at least 90 days. For example, if the schedule creates snapshots every 30 days, you must specify a count of 3 or more to ensure that each snapshot is archived for at least 90 days.", - "title": "Count", - "type": "number" - }, - "Interval": { - "markdownDescription": "Specifies the period of time to retain snapshots in the archive tier. After this period expires, the snapshot is permanently deleted.", - "title": "Interval", - "type": "number" - }, - "IntervalUnit": { - "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to retain a snapshots in the archive tier for 6 months, specify `Interval=6` and `IntervalUnit=MONTHS` .", - "title": "IntervalUnit", + "Type": { + "markdownDescription": "An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer.\n\nEntity types must not contain the following invalid characters: \\n (line break), \\\\n (escaped line break, \\r (carriage return), \\\\r (escaped carriage return), \\t (tab), \\\\t (escaped tab), and , (comma).", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.Schedule": { + "AWS::Comprehend::Flywheel.TaskConfig": { "additionalProperties": false, "properties": { - "ArchiveRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRule", - "markdownDescription": "*[Custom snapshot policies that target volumes only]* The snapshot archiving rule for the schedule. When you specify an archiving rule, snapshots are automatically moved from the standard tier to the archive tier once the schedule's retention threshold is met. Snapshots are then retained in the archive tier for the archive retention period that you specify.\n\nFor more information about using snapshot archiving, see [Considerations for snapshot lifecycle policies](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-ami-policy.html#dlm-archive) .", - "title": "ArchiveRule" - }, - "CopyTags": { - "markdownDescription": "Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.", - "title": "CopyTags", - "type": "boolean" - }, - "CreateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CreateRule", - "markdownDescription": "The creation rule.", - "title": "CreateRule" - }, - "CrossRegionCopyRules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRule" - }, - "markdownDescription": "Specifies a rule for copying snapshots or AMIs across Regions.\n\n> You can't specify cross-Region copy rules for policies that create snapshots on an Outpost or in a Local Zone. If the policy creates snapshots in a Region, then snapshots can be copied to up to three Regions or Outposts.", - "title": "CrossRegionCopyRules", - "type": "array" - }, - "DeprecateRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.DeprecateRule", - "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for the schedule.", - "title": "DeprecateRule" + "DocumentClassificationConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.DocumentClassificationConfig", + "markdownDescription": "Configuration required for a document classification model.", + "title": "DocumentClassificationConfig" }, - "FastRestoreRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.FastRestoreRule", - "markdownDescription": "*[Custom snapshot policies only]* The rule for enabling fast snapshot restore.", - "title": "FastRestoreRule" + "EntityRecognitionConfig": { + "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityRecognitionConfig", + "markdownDescription": "Configuration required for an entity recognition model.", + "title": "EntityRecognitionConfig" }, - "Name": { - "markdownDescription": "The name of the schedule.", - "title": "Name", + "LanguageCode": { + "markdownDescription": "Language code for the language that the model supports.", + "title": "LanguageCode", "type": "string" - }, - "RetainRule": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetainRule", - "markdownDescription": "The retention rule for snapshots or AMIs created by the policy.", - "title": "RetainRule" - }, - "ShareRules": { - "items": { - "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ShareRule" - }, - "markdownDescription": "*[Custom snapshot policies only]* The rule for sharing snapshots with other AWS accounts .", - "title": "ShareRules", - "type": "array" - }, - "TagsToAdd": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS -added lifecycle tags.", - "title": "TagsToAdd", - "type": "array" - }, - "VariableTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "*[AMI policies and snapshot policies that target instances only]* A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: `$(instance-id)` or `$(timestamp)` . Variable tags are only valid for EBS Snapshot Management \u2013 Instance policies.", - "title": "VariableTags", - "type": "array" } }, + "required": [ + "LanguageCode" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.Script": { + "AWS::Comprehend::Flywheel.VpcConfig": { "additionalProperties": false, "properties": { - "ExecuteOperationOnScriptFailure": { - "markdownDescription": "Indicates whether Amazon Data Lifecycle Manager should default to crash-consistent snapshots if the pre script fails.\n\n- To default to crash consistent snapshot if the pre script fails, specify `true` .\n- To skip the instance for snapshot creation if the pre script fails, specify `false` .\n\nThis parameter is supported only if you run a pre script. If you run a post script only, omit this parameter.\n\nDefault: true", - "title": "ExecuteOperationOnScriptFailure", - "type": "boolean" - }, - "ExecutionHandler": { - "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", - "title": "ExecutionHandler", - "type": "string" - }, - "ExecutionHandlerService": { - "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", - "title": "ExecutionHandlerService", - "type": "string" - }, - "ExecutionTimeout": { - "markdownDescription": "Specifies a timeout period, in seconds, after which Amazon Data Lifecycle Manager fails the script run attempt if it has not completed. If a script does not complete within its timeout period, Amazon Data Lifecycle Manager fails the attempt. The timeout period applies to the pre and post scripts individually.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: 10", - "title": "ExecutionTimeout", - "type": "number" - }, - "MaximumRetryCount": { - "markdownDescription": "Specifies the number of times Amazon Data Lifecycle Manager should retry scripts that fail.\n\n- If the pre script fails, Amazon Data Lifecycle Manager retries the entire snapshot creation process, including running the pre and post scripts.\n- If the post script fails, Amazon Data Lifecycle Manager retries the post script only; in this case, the pre script will have completed and the snapshot might have been created.\n\nIf you do not want Amazon Data Lifecycle Manager to retry failed scripts, specify `0` .\n\nDefault: 0", - "title": "MaximumRetryCount", - "type": "number" - }, - "Stages": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "Indicate which scripts Amazon Data Lifecycle Manager should run on target instances. Pre scripts run before Amazon Data Lifecycle Manager initiates snapshot creation. Post scripts run after Amazon Data Lifecycle Manager initiates snapshot creation.\n\n- To run a pre script only, specify `PRE` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation.\n- To run a post script only, specify `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `post-script` parameter after initiating snapshot creation.\n- To run both pre and post scripts, specify both `PRE` and `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation, and then it calls the SSM document again with the `post-script` parameter after initiating snapshot creation.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: PRE and POST", - "title": "Stages", + "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", + "title": "SecurityGroupIds", "type": "array" - } - }, - "type": "object" - }, - "AWS::DLM::LifecyclePolicy.ShareRule": { - "additionalProperties": false, - "properties": { - "TargetAccounts": { + }, + "Subnets": { "items": { "type": "string" }, - "markdownDescription": "The IDs of the AWS accounts with which to share the snapshots.", - "title": "TargetAccounts", + "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", + "title": "Subnets", "type": "array" - }, - "UnshareInterval": { - "markdownDescription": "The period after which snapshots that are shared with other AWS accounts are automatically unshared.", - "title": "UnshareInterval", - "type": "number" - }, - "UnshareIntervalUnit": { - "markdownDescription": "The unit of time for the automatic unsharing interval.", - "title": "UnshareIntervalUnit", - "type": "string" } }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], "type": "object" }, - "AWS::DLM::LifecyclePolicy.VolumeTypeValues": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::DMS::Certificate": { + "AWS::Config::AggregationAuthorization": { "additionalProperties": false, "properties": { "Condition": { @@ -56164,27 +62561,34 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateIdentifier": { - "markdownDescription": "A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.", - "title": "CertificateIdentifier", + "AuthorizedAccountId": { + "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", + "title": "AuthorizedAccountId", "type": "string" }, - "CertificatePem": { - "markdownDescription": "The contents of a `.pem` file, which contains an X.509 certificate.", - "title": "CertificatePem", + "AuthorizedAwsRegion": { + "markdownDescription": "The region authorized to collect aggregated data.", + "title": "AuthorizedAwsRegion", "type": "string" }, - "CertificateWallet": { - "markdownDescription": "The location of an imported Oracle Wallet certificate for use with SSL. An example is: `filebase64(\"${path.root}/rds-ca-2019-root.sso\")`", - "title": "CertificateWallet", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tag object.", + "title": "Tags", + "type": "array" } }, + "required": [ + "AuthorizedAccountId", + "AuthorizedAwsRegion" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::Certificate" + "AWS::Config::AggregationAuthorization" ], "type": "string" }, @@ -56198,11 +62602,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::DataProvider": { + "AWS::Config::ConfigRule": { "additionalProperties": false, "properties": { "Condition": { @@ -56237,53 +62642,58 @@ "Properties": { "additionalProperties": false, "properties": { - "DataProviderIdentifier": { - "markdownDescription": "The identifier of the data provider. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "DataProviderIdentifier", - "type": "string" + "Compliance": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", + "title": "Compliance" }, - "DataProviderName": { - "markdownDescription": "The name of the data provider.", - "title": "DataProviderName", + "ConfigRuleName": { + "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", + "title": "ConfigRuleName", "type": "string" }, "Description": { - "markdownDescription": "A description of the data provider. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", + "markdownDescription": "The description that you provide for the AWS Config rule.", "title": "Description", "type": "string" }, - "Engine": { - "markdownDescription": "The type of database engine for the data provider. Valid values include `\"aurora\"` , `\"aurora-postgresql\"` , `\"mysql\"` , `\"oracle\"` , `\"postgres\"` , `\"sqlserver\"` , `redshift` , `mariadb` , `mongodb` , `db2` , `db2-zos` and `docdb` . A value of `\"aurora\"` represents Amazon Aurora MySQL-Compatible Edition.", - "title": "Engine", - "type": "string" - }, - "ExactSettings": { - "markdownDescription": "", - "title": "ExactSettings", - "type": "boolean" - }, - "Settings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.Settings", - "markdownDescription": "The settings in JSON format for a data provider.", - "title": "Settings" - }, - "Tags": { + "EvaluationModes": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", + "title": "EvaluationModes", "type": "array" + }, + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", + "title": "InputParameters", + "type": "object" + }, + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", + "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", + "title": "Scope" + }, + "Source": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Source", + "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", + "title": "Source" } }, "required": [ - "Engine" + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::DataProvider" + "AWS::Config::ConfigRule" ], "type": "string" }, @@ -56302,200 +62712,277 @@ ], "type": "object" }, - "AWS::DMS::DataProvider.MicrosoftSqlServerSettings": { + "AWS::Config::ConfigRule.Compliance": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "Type": { + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", + "title": "Type", "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.CustomPolicyDetails": { + "additionalProperties": false, + "properties": { + "EnableDebugLogDelivery": { + "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", + "title": "EnableDebugLogDelivery", + "type": "boolean" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" - }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", + "PolicyRuntime": { + "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", + "title": "PolicyRuntime", "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "PolicyText": { + "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", + "title": "PolicyText", "type": "string" } }, - "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" - ], "type": "object" }, - "AWS::DMS::DataProvider.MySqlSettings": { + "AWS::Config::ConfigRule.EvaluationModeConfiguration": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", - "type": "string" - }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" - }, - "ServerName": { - "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS MySQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora MySQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", - "title": "ServerName", - "type": "string" - }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "Mode": { + "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", + "title": "Mode", "type": "string" } }, - "required": [ - "Port", - "ServerName", - "SslMode" - ], "type": "object" }, - "AWS::DMS::DataProvider.OracleSettings": { + "AWS::Config::ConfigRule.Scope": { "additionalProperties": false, "properties": { - "AsmServer": { - "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmServer", + "ComplianceResourceId": { + "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", + "title": "ComplianceResourceId", "type": "string" }, - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", - "type": "string" + "ComplianceResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", + "title": "ComplianceResourceTypes", + "type": "array" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "TagKey": { + "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", + "title": "TagKey", "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" - }, - "SecretsManagerOracleAsmAccessRoleArn": { - "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both. For more information on creating this `SecretsManagerOracleAsmSecret` and the `SecretsManagerOracleAsmAccessRoleArn` and `SecretsManagerOracleAsmSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerOracleAsmAccessRoleArn", + "TagValue": { + "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", + "title": "TagValue", "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Source": { + "additionalProperties": false, + "properties": { + "CustomPolicyDetails": { + "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", + "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", + "title": "CustomPolicyDetails" }, - "SecretsManagerOracleAsmSecretId": { - "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN, partial ARN, or friendly name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", - "title": "SecretsManagerOracleAsmSecretId", + "Owner": { + "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", + "title": "Owner", "type": "string" }, - "SecretsManagerSecurityDbEncryptionAccessRoleArn": { - "markdownDescription": "", - "title": "SecretsManagerSecurityDbEncryptionAccessRoleArn", - "type": "string" + "SourceDetails": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" + }, + "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", + "title": "SourceDetails", + "type": "array" }, - "SecretsManagerSecurityDbEncryptionSecretId": { - "markdownDescription": "", - "title": "SecretsManagerSecurityDbEncryptionSecretId", + "SourceIdentifier": { + "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", + "title": "SourceIdentifier", + "type": "string" + } + }, + "required": [ + "Owner" + ], + "type": "object" + }, + "AWS::Config::ConfigRule.SourceDetail": { + "additionalProperties": false, + "properties": { + "EventSource": { + "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", + "title": "EventSource", "type": "string" }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint.\n\nFor an Amazon RDS Oracle instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", + "MaximumExecutionFrequency": { + "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", + "title": "MaximumExecutionFrequency", "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "MessageType": { + "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", + "title": "MessageType", "type": "string" } }, "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" + "EventSource", + "MessageType" ], "type": "object" }, - "AWS::DMS::DataProvider.PostgreSqlSettings": { + "AWS::Config::ConfigurationAggregator": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "", - "title": "CertificateArn", + "Condition": { "type": "string" }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port. The default is 5432.", - "title": "Port", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ServerName": { - "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS PostgreSQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora PostgreSQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", - "title": "ServerName", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountAggregationSources": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.AccountAggregationSource" + }, + "markdownDescription": "Provides a list of source accounts and regions to be aggregated.", + "title": "AccountAggregationSources", + "type": "array" + }, + "ConfigurationAggregatorName": { + "markdownDescription": "The name of the aggregator.", + "title": "ConfigurationAggregatorName", + "type": "string" + }, + "OrganizationAggregationSource": { + "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.OrganizationAggregationSource", + "markdownDescription": "Provides an organization and list of regions to be aggregated.", + "title": "OrganizationAggregationSource" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tag object.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Config::ConfigurationAggregator" + ], "type": "string" }, - "SslMode": { - "markdownDescription": "", - "title": "SslMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DatabaseName", - "Port", - "ServerName", - "SslMode" + "Type" ], "type": "object" }, - "AWS::DMS::DataProvider.Settings": { + "AWS::Config::ConfigurationAggregator.AccountAggregationSource": { "additionalProperties": false, "properties": { - "MicrosoftSqlServerSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.MicrosoftSqlServerSettings", - "markdownDescription": "", - "title": "MicrosoftSqlServerSettings" + "AccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The 12-digit account ID of the account being aggregated.", + "title": "AccountIds", + "type": "array" }, - "MySqlSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.MySqlSettings", - "markdownDescription": "", - "title": "MySqlSettings" + "AllAwsRegions": { + "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", + "title": "AllAwsRegions", + "type": "boolean" }, - "OracleSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.OracleSettings", - "markdownDescription": "", - "title": "OracleSettings" + "AwsRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The source regions being aggregated.", + "title": "AwsRegions", + "type": "array" + } + }, + "required": [ + "AccountIds" + ], + "type": "object" + }, + "AWS::Config::ConfigurationAggregator.OrganizationAggregationSource": { + "additionalProperties": false, + "properties": { + "AllAwsRegions": { + "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", + "title": "AllAwsRegions", + "type": "boolean" }, - "PostgreSqlSettings": { - "$ref": "#/definitions/AWS::DMS::DataProvider.PostgreSqlSettings", - "markdownDescription": "", - "title": "PostgreSqlSettings" + "AwsRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The source regions being aggregated.", + "title": "AwsRegions", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::DMS::Endpoint": { + "AWS::Config::ConfigurationRecorder": { "additionalProperties": false, "properties": { "Condition": { @@ -56530,174 +63017,35 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate.", - "title": "CertificateArn", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the endpoint database. For a MySQL source or target endpoint, don't specify `DatabaseName` . To migrate to a specific database, use this setting and `targetDbType` .", - "title": "DatabaseName", - "type": "string" - }, - "DocDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.DocDbSettings", - "markdownDescription": "Settings in JSON format for the source and target DocumentDB endpoint. For more information about other available settings, see [Using extra connections attributes with Amazon DocumentDB as a source](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DocumentDB.html#CHAP_Source.DocumentDB.ECAs) and [Using Amazon DocumentDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DocumentDB.html) in the *AWS Database Migration Service User Guide* .", - "title": "DocDbSettings" - }, - "DynamoDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.DynamoDbSettings", - "markdownDescription": "Settings in JSON format for the target Amazon DynamoDB endpoint. For information about other available settings, see [Using object mapping to migrate data to DynamoDB](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DynamoDB.html#CHAP_Target.DynamoDB.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "DynamoDbSettings" - }, - "ElasticsearchSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.ElasticsearchSettings", - "markdownDescription": "Settings in JSON format for the target OpenSearch endpoint. For more information about the available settings, see [Extra connection attributes when using OpenSearch as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Elasticsearch.html#CHAP_Target.Elasticsearch.Configuration) in the *AWS Database Migration Service User Guide* .", - "title": "ElasticsearchSettings" - }, - "EndpointIdentifier": { - "markdownDescription": "The database endpoint identifier. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "EndpointIdentifier", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The type of endpoint. Valid values are `source` and `target` .", - "title": "EndpointType", - "type": "string" - }, - "EngineName": { - "markdownDescription": "The type of engine for the endpoint, depending on the `EndpointType` value.\n\n*Valid values* : `mysql` | `oracle` | `postgres` | `mariadb` | `aurora` | `aurora-postgresql` | `opensearch` | `redshift` | `redshift-serverless` | `s3` | `db2` | `azuredb` | `sybase` | `dynamodb` | `mongodb` | `kinesis` | `kafka` | `elasticsearch` | `docdb` | `sqlserver` | `neptune`", - "title": "EngineName", - "type": "string" - }, - "ExtraConnectionAttributes": { - "markdownDescription": "Additional attributes associated with the connection. Each attribute is specified as a name-value pair associated by an equal sign (=). Multiple attributes are separated by a semicolon (;) with no additional white space. For information on the attributes available for connecting your source or target endpoint, see [Working with AWS DMS Endpoints](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Endpoints.html) in the *AWS Database Migration Service User Guide* .", - "title": "ExtraConnectionAttributes", - "type": "string" - }, - "GcpMySQLSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.GcpMySQLSettings", - "markdownDescription": "Settings in JSON format for the source GCP MySQL endpoint. These settings are much the same as the settings for any MySQL-compatible endpoint. For more information, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "GcpMySQLSettings" - }, - "IbmDb2Settings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.IbmDb2Settings", - "markdownDescription": "Settings in JSON format for the source IBM Db2 LUW endpoint. For information about other available settings, see [Extra connection attributes when using Db2 LUW as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DB2.html#CHAP_Source.DB2.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "IbmDb2Settings" - }, - "KafkaSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.KafkaSettings", - "markdownDescription": "Settings in JSON format for the target Apache Kafka endpoint. For more information about other available settings, see [Using object mapping to migrate data to a Kafka topic](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html#CHAP_Target.Kafka.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "KafkaSettings" - }, - "KinesisSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.KinesisSettings", - "markdownDescription": "Settings in JSON format for the target endpoint for Amazon Kinesis Data Streams. For more information about other available settings, see [Using object mapping to migrate data to a Kinesis data stream](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kinesis.html#CHAP_Target.Kinesis.ObjectMapping) in the *AWS Database Migration Service User Guide* .", - "title": "KinesisSettings" - }, - "KmsKeyId": { - "markdownDescription": "An AWS KMS key identifier that is used to encrypt the connection parameters for the endpoint.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", - "type": "string" - }, - "MicrosoftSqlServerSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MicrosoftSqlServerSettings", - "markdownDescription": "Settings in JSON format for the source and target Microsoft SQL Server endpoint. For information about other available settings, see [Extra connection attributes when using SQL Server as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SQLServer.html#CHAP_Source.SQLServer.ConnectionAttrib) and [Extra connection attributes when using SQL Server as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SQLServer.html#CHAP_Target.SQLServer.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "MicrosoftSqlServerSettings" - }, - "MongoDbSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MongoDbSettings", - "markdownDescription": "Settings in JSON format for the source MongoDB endpoint. For more information about the available settings, see [Using MongoDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MongoDB.html#CHAP_Source.MongoDB.Configuration) in the *AWS Database Migration Service User Guide* .", - "title": "MongoDbSettings" - }, - "MySqlSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.MySqlSettings", - "markdownDescription": "Settings in JSON format for the source and target MySQL endpoint. For information about other available settings, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) and [Extra connection attributes when using a MySQL-compatible database as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.MySQL.html#CHAP_Target.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "MySqlSettings" - }, - "NeptuneSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.NeptuneSettings", - "markdownDescription": "Settings in JSON format for the target Amazon Neptune endpoint. For more information about the available settings, see [Specifying endpoint settings for Amazon Neptune as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.EndpointSettings) in the *AWS Database Migration Service User Guide* .", - "title": "NeptuneSettings" - }, - "OracleSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.OracleSettings", - "markdownDescription": "Settings in JSON format for the source and target Oracle endpoint. For information about other available settings, see [Extra connection attributes when using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.ConnectionAttrib) and [Extra connection attributes when using Oracle as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Oracle.html#CHAP_Target.Oracle.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "OracleSettings" - }, - "Password": { - "markdownDescription": "The password to be used to log in to the endpoint database.", - "title": "Password", - "type": "string" - }, - "Port": { - "markdownDescription": "The port used by the endpoint database.", - "title": "Port", - "type": "number" - }, - "PostgreSqlSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.PostgreSqlSettings", - "markdownDescription": "Settings in JSON format for the source and target PostgreSQL endpoint.\n\nFor information about other available settings, see [Extra connection attributes when using PostgreSQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) and [Extra connection attributes when using PostgreSQL as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.PostgreSQL.html#CHAP_Target.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "PostgreSqlSettings" - }, - "RedisSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.RedisSettings", - "markdownDescription": "Settings in JSON format for the target Redis endpoint. For information about other available settings, see [Specifying endpoint settings for Redis as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redis.html#CHAP_Target.Redis.EndpointSettings) in the *AWS Database Migration Service User Guide* .", - "title": "RedisSettings" - }, - "RedshiftSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.RedshiftSettings", - "markdownDescription": "Settings in JSON format for the Amazon Redshift endpoint.\n\nFor more information about other available settings, see [Extra connection attributes when using Amazon Redshift as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redshift.html#CHAP_Target.Redshift.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "RedshiftSettings" - }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", - "type": "string" - }, - "S3Settings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.S3Settings", - "markdownDescription": "Settings in JSON format for the source and target Amazon S3 endpoint. For more information about other available settings, see [Extra connection attributes when using Amazon S3 as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.S3.html#CHAP_Source.S3.Configuring) and [Extra connection attributes when using Amazon S3 as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring) in the *AWS Database Migration Service User Guide* .", - "title": "S3Settings" - }, - "ServerName": { - "markdownDescription": "The name of the server where the endpoint database resides.", - "title": "ServerName", - "type": "string" - }, - "SslMode": { - "markdownDescription": "The Secure Sockets Layer (SSL) mode to use for the SSL connection. The default is `none` .\n\n> When `engine_name` is set to S3, the only allowed value is `none` .", - "title": "SslMode", + "Name": { + "markdownDescription": "The name of the configuration recorder. AWS Config automatically assigns the name of \"default\" when creating the configuration recorder.\n\nYou cannot change the name of the configuration recorder after it has been created. To change the configuration recorder name, you must delete it and create a new configuration recorder with a new name.", + "title": "Name", "type": "string" }, - "SybaseSettings": { - "$ref": "#/definitions/AWS::DMS::Endpoint.SybaseSettings", - "markdownDescription": "Settings in JSON format for the source and target SAP ASE endpoint. For information about other available settings, see [Extra connection attributes when using SAP ASE as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SAP.html#CHAP_Source.SAP.ConnectionAttrib) and [Extra connection attributes when using SAP ASE as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SAP.html#CHAP_Target.SAP.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "SybaseSettings" + "RecordingGroup": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingGroup", + "markdownDescription": "Specifies which resource types AWS Config records for configuration changes.\n\n> *High Number of AWS Config Evaluations*\n> \n> You may notice increased activity in your account during your initial month recording with AWS Config when compared to subsequent months. During the initial bootstrapping process, AWS Config runs evaluations on all the resources in your account that you have selected for AWS Config to record.\n> \n> If you are running ephemeral workloads, you may see increased activity from AWS Config as it records configuration changes associated with creating and deleting these temporary resources. An *ephemeral workload* is a temporary use of computing resources that are loaded and run when needed. Examples include Amazon Elastic Compute Cloud ( Amazon EC2 ) Spot Instances, Amazon EMR jobs, and AWS Auto Scaling . If you want to avoid the increased activity from running ephemeral workloads, you can run these types of workloads in a separate account with AWS Config turned off to avoid increased configuration recording and rule evaluations.", + "title": "RecordingGroup" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more tags to be assigned to the endpoint.", - "title": "Tags", - "type": "array" + "RecordingMode": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingMode", + "markdownDescription": "Specifies the default recording frequency for the configuration recorder. AWS Config supports *Continuous recording* and *Daily recording* .\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> *Some resource types require continuous recording*\n> \n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous. \n\nYou can also override the recording frequency for specific resource types.", + "title": "RecordingMode" }, - "Username": { - "markdownDescription": "The user name to be used to log in to the endpoint database.", - "title": "Username", + "RoleARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder. For more information, see [Permissions for the IAM Role Assigned](https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) to AWS Config in the AWS Config Developer Guide.\n\n> *Pre-existing AWS Config role*\n> \n> If you have used an AWS service that uses AWS Config , such as AWS Security Hub or AWS Control Tower , and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.\n> \n> For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service ( Amazon S3 ) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config . Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config , see [*Identity and Access Management for AWS Config*](https://docs.aws.amazon.com/config/latest/developerguide/security-iam.html) in the *AWS Config Developer Guide* .", + "title": "RoleARN", "type": "string" } }, "required": [ - "EndpointType", - "EngineName" + "RoleARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::Endpoint" + "AWS::Config::ConfigurationRecorder" ], "type": "string" }, @@ -56716,1277 +63064,1132 @@ ], "type": "object" }, - "AWS::DMS::Endpoint.DocDbSettings": { + "AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes": { "additionalProperties": false, "properties": { - "DocsToInvestigate": { - "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", - "title": "DocsToInvestigate", - "type": "number" - }, - "ExtractDocId": { - "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", - "title": "ExtractDocId", + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list of resource types to exclude from recording by the configuration recorder.", + "title": "ResourceTypes", + "type": "array" + } + }, + "required": [ + "ResourceTypes" + ], + "type": "object" + }, + "AWS::Config::ConfigurationRecorder.RecordingGroup": { + "additionalProperties": false, + "properties": { + "AllSupported": { + "markdownDescription": "Specifies whether AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types.\n\nIf you set this field to `true` , when AWS Config adds support for a new resource type, AWS Config starts recording resources of that type automatically.\n\nIf you set this field to `true` , you cannot enumerate specific resource types to record in the `resourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , or to exclude in the `resourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Region availability*\n> \n> Check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if a resource type is supported in the AWS Region where you set up AWS Config .", + "title": "AllSupported", "type": "boolean" }, - "NestingLevel": { - "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", - "title": "NestingLevel", - "type": "string" + "ExclusionByResourceTypes": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes", + "markdownDescription": "An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.\n\nTo use this option, you must set the `useOnly` field of [AWS::Config::ConfigurationRecorder RecordingStrategy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configurationrecorder-recordingstrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` .", + "title": "ExclusionByResourceTypes" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the DocumentDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "IncludeGlobalResourceTypes": { + "markdownDescription": "This option is a bundle which only applies to the global IAM resource types: IAM users, groups, roles, and customer managed policies. These global IAM resource types can only be recorded by AWS Config in Regions where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n\n- Asia Pacific (Hyderabad)\n- Asia Pacific (Melbourne)\n- Canada West (Calgary)\n- Europe (Spain)\n- Europe (Zurich)\n- Israel (Tel Aviv)\n- Middle East (UAE)\n\n> *Aurora global clusters are recorded in all enabled Regions*\n> \n> The `AWS::RDS::GlobalCluster` resource type will be recorded in all supported AWS Config Regions where the configuration recorder is enabled, even if `IncludeGlobalResourceTypes` is set to `false` . The `IncludeGlobalResourceTypes` option is a bundle which only applies to IAM users, groups, roles, and customer managed policies.\n> \n> If you do not want to record `AWS::RDS::GlobalCluster` in all enabled Regions, use one of the following recording strategies:\n> \n> - *Record all current and future resource types with exclusions* ( `EXCLUSION_BY_RESOURCE_TYPES` ), or\n> - *Record specific resource types* ( `INCLUSION_BY_RESOURCE_TYPES` ).\n> \n> For more information, see [Selecting Which Resources are Recorded](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-all) in the *AWS Config developer guide* . > *IncludeGlobalResourceTypes and the exclusion recording strategy*\n> \n> The `IncludeGlobalResourceTypes` field has no impact on the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy. This means that the global IAM resource types ( IAM users, groups, roles, and customer managed policies) will not be automatically added as exclusions for `ExclusionByResourceTypes` when `IncludeGlobalResourceTypes` is set to `false` .\n> \n> The `IncludeGlobalResourceTypes` field should only be used to modify the `AllSupported` field, as the default for the `AllSupported` field is to record configuration changes for all supported resource types excluding the global IAM resource types. To include the global IAM resource types when `AllSupported` is set to `true` , make sure to set `IncludeGlobalResourceTypes` to `true` .\n> \n> To exclude the global IAM resource types for the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, you need to manually add them to the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Required and optional fields*\n> \n> Before you set this field to `true` , set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` . > *Overriding fields*\n> \n> If you set this field to `false` but list global IAM resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , AWS Config will still record configuration changes for those specified resource types *regardless* of if you set the `IncludeGlobalResourceTypes` field to false.\n> \n> If you do not want to record configuration changes to the global IAM resource types (IAM users, groups, roles, and customer managed policies), make sure to not list them in the `ResourceTypes` field in addition to setting the `IncludeGlobalResourceTypes` field to false.", + "title": "IncludeGlobalResourceTypes", + "type": "boolean" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the DocumentDB endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "RecordingStrategy": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingStrategy", + "markdownDescription": "An object that specifies the recording strategy for the configuration recorder.\n\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type.\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resources types and the resource exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", + "title": "RecordingStrategy" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list that specifies which resource types AWS Config records.\n\nFor a list of valid `ResourceTypes` values, see the *Resource Type Value* column in [Supported AWS resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n\n> *Required and optional fields*\n> \n> Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` .\n> \n> To record all configuration changes, set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` , and either omit this field or don't specify any resource types in this field. If you set the `AllSupported` field to `false` and specify values for `ResourceTypes` , when AWS Config adds support for a new type of resource, it will not record resources of that type unless you manually add that type to your recording group. > *Region availability*\n> \n> Before specifying a resource type for AWS Config to track, check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if the resource type is supported in the AWS Region where you set up AWS Config . If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config , even if the specified resource type is not supported in the AWS Region where you set up AWS Config .", + "title": "ResourceTypes", + "type": "array" } }, "type": "object" }, - "AWS::DMS::Endpoint.DynamoDbSettings": { + "AWS::Config::ConfigurationRecorder.RecordingMode": { "additionalProperties": false, "properties": { - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", + "RecordingFrequency": { + "markdownDescription": "The default recording frequency that AWS Config uses to record configuration changes.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`\n> \n> For the *allSupported* ( `ALL_SUPPORTED_RESOURCE_TYPES` ) recording strategy, these resource types will be set to Continuous recording.", + "title": "RecordingFrequency", "type": "string" + }, + "RecordingModeOverrides": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingModeOverride" + }, + "markdownDescription": "An array of `recordingModeOverride` objects for you to specify your overrides for the recording mode. The `recordingModeOverride` object in the `recordingModeOverrides` array consists of three fields: a `description` , the new `recordingFrequency` , and an array of `resourceTypes` to override.", + "title": "RecordingModeOverrides", + "type": "array" } }, + "required": [ + "RecordingFrequency" + ], "type": "object" }, - "AWS::DMS::Endpoint.ElasticsearchSettings": { + "AWS::Config::ConfigurationRecorder.RecordingModeOverride": { "additionalProperties": false, "properties": { - "EndpointUri": { - "markdownDescription": "The endpoint for the OpenSearch cluster. AWS DMS uses HTTPS if a transport protocol (either HTTP or HTTPS) isn't specified.", - "title": "EndpointUri", + "Description": { + "markdownDescription": "A description that you provide for the override.", + "title": "Description", "type": "string" }, - "ErrorRetryDuration": { - "markdownDescription": "The maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster.", - "title": "ErrorRetryDuration", - "type": "number" - }, - "FullLoadErrorPercentage": { - "markdownDescription": "The maximum percentage of records that can fail to be written before a full load operation stops.\n\nTo avoid early failure, this counter is only effective after 1,000 records are transferred. OpenSearch also has the concept of error monitoring during the last 10 minutes of an Observation Window. If transfer of all records fail in the last 10 minutes, the full load operation stops.", - "title": "FullLoadErrorPercentage", - "type": "number" - }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", + "RecordingFrequency": { + "markdownDescription": "The recording frequency that will be applied to all the resource types specified in the override.\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous.", + "title": "RecordingFrequency", "type": "string" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list that specifies which resource types AWS Config includes in the override.\n\n> Daily recording cannot be specified for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`", + "title": "ResourceTypes", + "type": "array" } }, + "required": [ + "RecordingFrequency", + "ResourceTypes" + ], "type": "object" }, - "AWS::DMS::Endpoint.GcpMySQLSettings": { + "AWS::Config::ConfigurationRecorder.RecordingStrategy": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", - "title": "AfterConnectScript", + "UseOnly": { + "markdownDescription": "The recording strategy for the configuration recorder.\n\n- If you set this option to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type. For a list of supported resource types, see [Supported Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n- If you set this option to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types that you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set this option to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resource types and the exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", + "title": "UseOnly", "type": "string" - }, - "CleanSourceMetadataOnMismatch": { - "markdownDescription": "Adjusts the behavior of AWS DMS when migrating from an SQL Server source database that is hosted as part of an Always On availability group cluster. If you need AWS DMS to poll all the nodes in the Always On cluster for transaction backups, set this attribute to `false` .", - "title": "CleanSourceMetadataOnMismatch", - "type": "boolean" - }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint. For a MySQL source or target endpoint, don't explicitly specify the database using the `DatabaseName` request parameter on either the `CreateEndpoint` or `ModifyEndpoint` API call. Specifying `DatabaseName` when you create or modify a MySQL endpoint replicates all the task tables to this single database. For MySQL endpoints, you specify the database only when you specify the schema in the table-mapping rules of the AWS DMS task.", - "title": "DatabaseName", + } + }, + "required": [ + "UseOnly" + ], + "type": "object" + }, + "AWS::Config::ConformancePack": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "EventsPollInterval": { - "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", - "title": "EventsPollInterval", - "type": "number" - }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" - }, - "ParallelLoadThreads": { - "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", - "title": "ParallelLoadThreads", - "type": "number" - }, - "Password": { - "markdownDescription": "Endpoint connection password.", - "title": "Password", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port used by the endpoint database.", - "title": "Port", - "type": "number" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret.` The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "Metadata": { + "type": "object" }, - "ServerName": { - "markdownDescription": "The MySQL host name.", - "title": "ServerName", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ConformancePackInputParameters": { + "items": { + "$ref": "#/definitions/AWS::Config::ConformancePack.ConformancePackInputParameter" + }, + "markdownDescription": "A list of ConformancePackInputParameter objects.", + "title": "ConformancePackInputParameters", + "type": "array" + }, + "ConformancePackName": { + "markdownDescription": "Name of the conformance pack you want to create.", + "title": "ConformancePackName", + "type": "string" + }, + "DeliveryS3Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.", + "title": "DeliveryS3Bucket", + "type": "string" + }, + "DeliveryS3KeyPrefix": { + "markdownDescription": "The prefix for the Amazon S3 bucket.", + "title": "DeliveryS3KeyPrefix", + "type": "string" + }, + "TemplateBody": { + "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\n> You can only use a YAML template with two resource types: config rule ( `AWS::Config::ConfigRule` ) and a remediation action ( `AWS::Config::RemediationConfiguration` ).", + "title": "TemplateBody", + "type": "string" + }, + "TemplateS3Uri": { + "markdownDescription": "Location of file containing the template body (s3://bucketname/prefix). The uri must point to the conformance pack template (max size: 300 KB) that is located in an Amazon S3 bucket.\n\n> You must have access to read Amazon S3 bucket.", + "title": "TemplateS3Uri", + "type": "string" + }, + "TemplateSSMDocumentDetails": { + "$ref": "#/definitions/AWS::Config::ConformancePack.TemplateSSMDocumentDetails", + "markdownDescription": "An object that contains the name or Amazon Resource Name (ARN) of the AWS Systems Manager document (SSM document) and the version of the SSM document that is used to create a conformance pack.", + "title": "TemplateSSMDocumentDetails" + } + }, + "required": [ + "ConformancePackName" + ], + "type": "object" }, - "ServerTimezone": { - "markdownDescription": "Specifies the time zone for the source MySQL database. Don't enclose time zones in single quotation marks.\n\nExample: `serverTimezone=US/Pacific;`", - "title": "ServerTimezone", + "Type": { + "enum": [ + "AWS::Config::ConformancePack" + ], "type": "string" }, - "Username": { - "markdownDescription": "Endpoint connection user name.", - "title": "Username", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.IbmDb2Settings": { + "AWS::Config::ConformancePack.ConformancePackInputParameter": { "additionalProperties": false, "properties": { - "CurrentLsn": { - "markdownDescription": "For ongoing replication (CDC), use CurrentLSN to specify a log sequence number (LSN) where you want the replication to start.", - "title": "CurrentLsn", - "type": "string" - }, - "KeepCsvFiles": { - "markdownDescription": "If true, AWS DMS saves any .csv files to the Db2 LUW target that were used to replicate data. DMS uses these files for analysis and troubleshooting.\n\nThe default value is false.", - "title": "KeepCsvFiles", - "type": "boolean" - }, - "LoadTimeout": { - "markdownDescription": "The amount of time (in milliseconds) before AWS DMS times out operations performed by DMS on the Db2 target. The default value is 1200 (20 minutes).", - "title": "LoadTimeout", - "type": "number" - }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of .csv files used to transfer data to Db2 LUW.", - "title": "MaxFileSize", - "type": "number" - }, - "MaxKBytesPerRead": { - "markdownDescription": "Maximum number of bytes per read, as a NUMBER value. The default is 64 KB.", - "title": "MaxKBytesPerRead", - "type": "number" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value ofthe AWS Secrets Manager secret that allows access to the Db2 LUW endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "ParameterName": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterName", "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the IBMDB2 endpoint connection details.", - "title": "SecretsManagerSecretId", + "ParameterValue": { + "markdownDescription": "Another part of the key-value pair.", + "title": "ParameterValue", "type": "string" - }, - "SetDataCaptureChanges": { - "markdownDescription": "Enables ongoing replication (CDC) as a BOOLEAN value. The default is true.", - "title": "SetDataCaptureChanges", - "type": "boolean" - }, - "WriteBufferSize": { - "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk on the DMS replication instance. The default value is 1024 (1 MB).", - "title": "WriteBufferSize", - "type": "number" } }, + "required": [ + "ParameterName", + "ParameterValue" + ], "type": "object" }, - "AWS::DMS::Endpoint.KafkaSettings": { + "AWS::Config::ConformancePack.TemplateSSMDocumentDetails": { "additionalProperties": false, "properties": { - "Broker": { - "markdownDescription": "A comma-separated list of one or more broker locations in your Kafka cluster that host your Kafka instance. Specify each broker location in the form `*broker-hostname-or-ip* : *port*` . For example, `\"ec2-12-345-678-901.compute-1.amazonaws.com:2345\"` . For more information and examples of specifying a list of broker locations, see [Using Apache Kafka as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html) in the *AWS Database Migration Service User Guide* .", - "title": "Broker", - "type": "string" - }, - "IncludeControlDetails": { - "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. The default is `false` .", - "title": "IncludeControlDetails", - "type": "boolean" - }, - "IncludeNullAndEmpty": { - "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", - "title": "IncludeNullAndEmpty", - "type": "boolean" - }, - "IncludePartitionValue": { - "markdownDescription": "Shows the partition value within the Kafka message output unless the partition type is `schema-table-type` . The default is `false` .", - "title": "IncludePartitionValue", - "type": "boolean" - }, - "IncludeTableAlterOperations": { - "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", - "title": "IncludeTableAlterOperations", - "type": "boolean" - }, - "IncludeTransactionDetails": { - "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", - "title": "IncludeTransactionDetails", - "type": "boolean" - }, - "MessageFormat": { - "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", - "title": "MessageFormat", + "DocumentName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document.", + "title": "DocumentName", "type": "string" }, - "MessageMaxBytes": { - "markdownDescription": "The maximum size in bytes for records created on the endpoint The default is 1,000,000.", - "title": "MessageMaxBytes", - "type": "number" - }, - "NoHexPrefix": { - "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", - "title": "NoHexPrefix", - "type": "boolean" - }, - "PartitionIncludeSchemaTable": { - "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. The default is `false` .", - "title": "PartitionIncludeSchemaTable", - "type": "boolean" - }, - "SaslPassword": { - "markdownDescription": "The secure password that you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", - "title": "SaslPassword", + "DocumentVersion": { + "markdownDescription": "The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version.\n\n> This field is optional.", + "title": "DocumentVersion", "type": "string" - }, - "SaslUserName": { - "markdownDescription": "The secure user name you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", - "title": "SaslUserName", + } + }, + "type": "object" + }, + "AWS::Config::DeliveryChannel": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "SecurityProtocol": { - "markdownDescription": "Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption` , `ssl-authentication` , and `sasl-ssl` . `sasl-ssl` requires `SaslUsername` and `SaslPassword` .", - "title": "SecurityProtocol", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SslCaCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint.", - "title": "SslCaCertificateArn", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SslClientCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the client certificate used to securely connect to a Kafka target endpoint.", - "title": "SslClientCertificateArn", - "type": "string" + "Metadata": { + "type": "object" }, - "SslClientKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the client private key used to securely connect to a Kafka target endpoint.", - "title": "SslClientKeyArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigSnapshotDeliveryProperties": { + "$ref": "#/definitions/AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties", + "markdownDescription": "The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.", + "title": "ConfigSnapshotDeliveryProperties" + }, + "Name": { + "markdownDescription": "A name for the delivery channel. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nUpdates are not supported. To change the name, you must run two separate updates. In the first update, delete this resource, and then recreate it with a new name in the second update.", + "title": "Name", + "type": "string" + }, + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.\n\nIf you specify a bucket that belongs to another AWS account , that bucket must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon S3 Bucket](https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html) in the *AWS Config Developer Guide* .", + "title": "S3BucketName", + "type": "string" + }, + "S3KeyPrefix": { + "markdownDescription": "The prefix for the specified Amazon S3 bucket.", + "title": "S3KeyPrefix", + "type": "string" + }, + "S3KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service ( AWS KMS ) AWS KMS key (KMS key) used to encrypt objects delivered by AWS Config . Must belong to the same Region as the destination S3 bucket.", + "title": "S3KmsKeyArn", + "type": "string" + }, + "SnsTopicARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.\n\nIf you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon SNS Topic](https://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html) in the *AWS Config Developer Guide* .", + "title": "SnsTopicARN", + "type": "string" + } + }, + "required": [ + "S3BucketName" + ], + "type": "object" }, - "SslClientKeyPassword": { - "markdownDescription": "The password for the client private key used to securely connect to a Kafka target endpoint.", - "title": "SslClientKeyPassword", + "Type": { + "enum": [ + "AWS::Config::DeliveryChannel" + ], "type": "string" }, - "Topic": { - "markdownDescription": "The topic to which you migrate the data. If you don't specify a topic, AWS DMS specifies `\"kafka-default-topic\"` as the migration topic.", - "title": "Topic", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.KinesisSettings": { + "AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties": { "additionalProperties": false, "properties": { - "IncludeControlDetails": { - "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. The default is `false` .", - "title": "IncludeControlDetails", - "type": "boolean" - }, - "IncludeNullAndEmpty": { - "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", - "title": "IncludeNullAndEmpty", - "type": "boolean" - }, - "IncludePartitionValue": { - "markdownDescription": "Shows the partition value within the Kinesis message output, unless the partition type is `schema-table-type` . The default is `false` .", - "title": "IncludePartitionValue", - "type": "boolean" - }, - "IncludeTableAlterOperations": { - "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", - "title": "IncludeTableAlterOperations", - "type": "boolean" - }, - "IncludeTransactionDetails": { - "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", - "title": "IncludeTransactionDetails", - "type": "boolean" - }, - "MessageFormat": { - "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", - "title": "MessageFormat", - "type": "string" - }, - "NoHexPrefix": { - "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to an Amazon Kinesis target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", - "title": "NoHexPrefix", - "type": "boolean" - }, - "PartitionIncludeSchemaTable": { - "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kinesis shards. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same shard, which causes throttling. The default is `false` .", - "title": "PartitionIncludeSchemaTable", - "type": "boolean" - }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that AWS DMS uses to write to the Kinesis data stream. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", - "type": "string" - }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Kinesis Data Streams endpoint.", - "title": "StreamArn", + "DeliveryFrequency": { + "markdownDescription": "The frequency with which AWS Config delivers configuration snapshots.", + "title": "DeliveryFrequency", "type": "string" } }, "type": "object" }, - "AWS::DMS::Endpoint.MicrosoftSqlServerSettings": { + "AWS::Config::OrganizationConfigRule": { "additionalProperties": false, "properties": { - "BcpPacketSize": { - "markdownDescription": "The maximum size of the packets (in bytes) used to transfer data using BCP.", - "title": "BcpPacketSize", - "type": "number" - }, - "ControlTablesFileGroup": { - "markdownDescription": "Specifies a file group for the AWS DMS internal tables. When the replication task starts, all the internal AWS DMS control tables (awsdms_ apply_exception, awsdms_apply, awsdms_changes) are created for the specified file group.", - "title": "ControlTablesFileGroup", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "Database name for the endpoint.", - "title": "DatabaseName", + "Condition": { "type": "string" }, - "ForceLobLookup": { - "markdownDescription": "Forces LOB lookup on inline LOB.", - "title": "ForceLobLookup", - "type": "boolean" - }, - "Password": { - "markdownDescription": "Endpoint connection password.", - "title": "Password", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "Endpoint TCP port.", - "title": "Port", - "type": "number" - }, - "QuerySingleAlwaysOnNode": { - "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. An example is a situation where running an alter DDL statement on a table might result in different information about the table cached in the replication instance.", - "title": "QuerySingleAlwaysOnNode", - "type": "boolean" - }, - "ReadBackupOnly": { - "markdownDescription": "When this attribute is set to `Y` , AWS DMS only reads changes from transaction log backups and doesn't read from the active transaction log file during ongoing replication. Setting this parameter to `Y` enables you to control active transaction log file growth during full load and ongoing replication tasks. However, it can add some source latency to ongoing replication.", - "title": "ReadBackupOnly", - "type": "boolean" - }, - "SafeguardPolicy": { - "markdownDescription": "Use this attribute to minimize the need to access the backup log and enable AWS DMS to prevent truncation using one of the following two methods.\n\n*Start transactions in the database:* This is the default method. When this method is used, AWS DMS prevents TLOG truncation by mimicking a transaction in the database. As long as such a transaction is open, changes that appear after the transaction started aren't truncated. If you need Microsoft Replication to be enabled in your database, then you must choose this method.\n\n*Exclusively use sp_repldone within a single task* : When this method is used, AWS DMS reads the changes and then uses sp_repldone to mark the TLOG transactions as ready for truncation. Although this method doesn't involve any transactional activities, it can only be used when Microsoft Replication isn't running. Also, when using this method, only one AWS DMS task can access the database at any given time. Therefore, if you need to run parallel AWS DMS tasks against the same database, use the default method.", - "title": "SafeguardPolicy", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SQL Server endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MicrosoftSQLServer endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "Metadata": { + "type": "object" }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", - "title": "ServerName", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ExcludedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list of accounts excluded from organization AWS Config rule.", + "title": "ExcludedAccounts", + "type": "array" + }, + "OrganizationConfigRuleName": { + "markdownDescription": "The name that you assign to organization AWS Config rule.", + "title": "OrganizationConfigRuleName", + "type": "string" + }, + "OrganizationCustomPolicyRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata", + "markdownDescription": "An object that specifies metadata for your organization's AWS Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.", + "title": "OrganizationCustomPolicyRuleMetadata" + }, + "OrganizationCustomRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata", + "markdownDescription": "An `OrganizationCustomRuleMetadata` object.", + "title": "OrganizationCustomRuleMetadata" + }, + "OrganizationManagedRuleMetadata": { + "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata", + "markdownDescription": "An `OrganizationManagedRuleMetadata` object.", + "title": "OrganizationManagedRuleMetadata" + } + }, + "required": [ + "OrganizationConfigRuleName" + ], + "type": "object" }, - "TlogAccessMode": { - "markdownDescription": "Indicates the mode used to fetch CDC data.", - "title": "TlogAccessMode", + "Type": { + "enum": [ + "AWS::Config::OrganizationConfigRule" + ], "type": "string" }, - "TrimSpaceInChar": { - "markdownDescription": "Use the `TrimSpaceInChar` source endpoint setting to right-trim data on CHAR and NCHAR data types during migration. Setting `TrimSpaceInChar` does not left-trim data. The default value is `true` .", - "title": "TrimSpaceInChar", - "type": "boolean" - }, - "UseBcpFullLoad": { - "markdownDescription": "Use this to attribute to transfer data for full-load operations using BCP. When the target table contains an identity column that does not exist in the source table, you must disable the use BCP for loading table option.", - "title": "UseBcpFullLoad", - "type": "boolean" - }, - "UseThirdPartyBackupDevice": { - "markdownDescription": "When this attribute is set to `Y` , DMS processes third-party transaction log backups if they are created in native format.", - "title": "UseThirdPartyBackupDevice", - "type": "boolean" - }, - "Username": { - "markdownDescription": "Endpoint connection user name.", - "title": "Username", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.MongoDbSettings": { + "AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata": { "additionalProperties": false, "properties": { - "AuthMechanism": { - "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", - "title": "AuthMechanism", - "type": "string" - }, - "AuthSource": { - "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", - "title": "AuthSource", - "type": "string" + "DebugLogDeliveryAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of accounts that you can enable debug logging for your organization AWS Config Custom Policy rule. List is null when debug logging is enabled for all accounts.", + "title": "DebugLogDeliveryAccounts", + "type": "array" }, - "AuthType": { - "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen set to `\"no\"` , user name and password parameters are not used and can be empty.", - "title": "AuthType", + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config Custom Policy rule.", + "title": "Description", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The database name on the MongoDB source endpoint.", - "title": "DatabaseName", + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config Custom Policy rule.", + "title": "InputParameters", "type": "string" }, - "DocsToInvestigate": { - "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", - "title": "DocsToInvestigate", + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your AWS Config Custom Policy rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .", + "title": "MaximumExecutionFrequency", "type": "string" }, - "ExtractDocId": { - "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", - "title": "ExtractDocId", - "type": "string" + "OrganizationConfigRuleTriggerTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of notification that initiates AWS Config to run an evaluation for a rule. For AWS Config Custom Policy rules, AWS Config supports change-initiated notification types:\n\n- `ConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.", + "title": "OrganizationConfigRuleTriggerTypes", + "type": "array" }, - "NestingLevel": { - "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", - "title": "NestingLevel", + "PolicyText": { + "markdownDescription": "The policy definition containing the logic for your organization AWS Config Custom Policy rule.", + "title": "PolicyText", "type": "string" }, - "Password": { - "markdownDescription": "The password for the user account you use to access the MongoDB source endpoint.", - "title": "Password", + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", "type": "string" }, - "Port": { - "markdownDescription": "The port value for the MongoDB source endpoint.", - "title": "Port", - "type": "number" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MongoDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MongoDB endpoint connection details.", - "title": "SecretsManagerSecretId", + "Runtime": { + "markdownDescription": "The runtime system for your organization AWS Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", + "title": "Runtime", "type": "string" }, - "ServerName": { - "markdownDescription": "The name of the server on the MongoDB source endpoint.", - "title": "ServerName", + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", "type": "string" }, - "Username": { - "markdownDescription": "The user name you use to access the MongoDB source endpoint.", - "title": "Username", + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", "type": "string" } }, + "required": [ + "PolicyText", + "Runtime" + ], "type": "object" }, - "AWS::DMS::Endpoint.MySqlSettings": { + "AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", - "title": "AfterConnectScript", + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config rule.", + "title": "Description", "type": "string" }, - "CleanSourceMetadataOnMismatch": { - "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. For example, in a situation where running an alter DDL on the table could result in different information about the table cached in the replication instance.", - "title": "CleanSourceMetadataOnMismatch", - "type": "boolean" + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", + "title": "InputParameters", + "type": "string" }, - "EventsPollInterval": { - "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", - "title": "EventsPollInterval", - "type": "number" + "LambdaFunctionArn": { + "markdownDescription": "The lambda function ARN.", + "title": "LambdaFunctionArn", + "type": "string" }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", + "type": "string" }, - "ParallelLoadThreads": { - "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", - "title": "ParallelLoadThreads", - "type": "number" + "OrganizationConfigRuleTriggerTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .", + "title": "OrganizationConfigRuleTriggerTypes", + "type": "array" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", "type": "string" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" }, - "ServerTimezone": { - "markdownDescription": "Specifies the time zone for the source MySQL database.\n\nExample: `serverTimezone=US/Pacific;`\n\nNote: Do not enclose time zones in single quotes.", - "title": "ServerTimezone", + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", "type": "string" }, - "TargetDbType": { - "markdownDescription": "Specifies where to migrate source tables on the target, either to a single database or multiple databases. If you specify `SPECIFIC_DATABASE` , specify the database name using the `DatabaseName` parameter of the `Endpoint` object.\n\nExample: `targetDbType=MULTIPLE_DATABASES`", - "title": "TargetDbType", + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", "type": "string" } }, + "required": [ + "LambdaFunctionArn", + "OrganizationConfigRuleTriggerTypes" + ], "type": "object" }, - "AWS::DMS::Endpoint.NeptuneSettings": { + "AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata": { "additionalProperties": false, "properties": { - "ErrorRetryDuration": { - "markdownDescription": "The number of milliseconds for AWS DMS to wait to retry a bulk-load of migrated graph data to the Neptune target database before raising an error. The default is 250.", - "title": "ErrorRetryDuration", - "type": "number" + "Description": { + "markdownDescription": "The description that you provide for your organization AWS Config rule.", + "title": "Description", + "type": "string" }, - "IamAuthEnabled": { - "markdownDescription": "If you want IAM authorization enabled for this endpoint, set this parameter to `true` . Then attach the appropriate IAM policy document to your service role specified by `ServiceAccessRoleArn` . The default is `false` .", - "title": "IamAuthEnabled", - "type": "boolean" + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", + "title": "InputParameters", + "type": "string" }, - "MaxFileSize": { - "markdownDescription": "The maximum size in kilobytes of migrated graph data stored in a .csv file before AWS DMS bulk-loads the data to the Neptune target database. The default is 1,048,576 KB. If the bulk load is successful, AWS DMS clears the bucket, ready to store the next batch of migrated graph data.", - "title": "MaxFileSize", - "type": "number" + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. This is for an AWS Config managed rule that is triggered at a periodic frequency.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", + "type": "string" }, - "MaxRetryCount": { - "markdownDescription": "The number of times for AWS DMS to retry a bulk load of migrated graph data to the Neptune target database before raising an error. The default is 5.", - "title": "MaxRetryCount", - "type": "number" + "ResourceIdScope": { + "markdownDescription": "The ID of the AWS resource that was evaluated.", + "title": "ResourceIdScope", + "type": "string" }, - "S3BucketFolder": { - "markdownDescription": "A folder path where you want AWS DMS to store migrated graph data in the S3 bucket specified by `S3BucketName`", - "title": "S3BucketFolder", + "ResourceTypesScope": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of the AWS resource that was evaluated.", + "title": "ResourceTypesScope", + "type": "array" + }, + "RuleIdentifier": { + "markdownDescription": "For organization config managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .", + "title": "RuleIdentifier", "type": "string" }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket where AWS DMS can temporarily store migrated graph data in .csv files before bulk-loading it to the Neptune target database. AWS DMS maps the SQL source data to graph data before storing it in these .csv files.", - "title": "S3BucketName", + "TagKeyScope": { + "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", + "title": "TagKeyScope", "type": "string" }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service role that you created for the Neptune target endpoint. The role must allow the `iam:PassRole` action.\n\nFor more information, see [Creating an IAM Service Role for Accessing Amazon Neptune as a Target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.ServiceRole) in the *AWS Database Migration Service User Guide* .", - "title": "ServiceAccessRoleArn", + "TagValueScope": { + "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", + "title": "TagValueScope", "type": "string" } }, + "required": [ + "RuleIdentifier" + ], "type": "object" }, - "AWS::DMS::Endpoint.OracleSettings": { + "AWS::Config::OrganizationConformancePack": { "additionalProperties": false, "properties": { - "AccessAlternateDirectly": { - "markdownDescription": "Set this attribute to `false` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to not access redo logs through any specified path prefix replacement using direct file access.", - "title": "AccessAlternateDirectly", - "type": "boolean" - }, - "AddSupplementalLogging": { - "markdownDescription": "Set this attribute to set up table-level supplemental logging for the Oracle database. This attribute enables PRIMARY KEY supplemental logging on all tables selected for a migration task.\n\nIf you use this option, you still need to enable database-level supplemental logging.", - "title": "AddSupplementalLogging", - "type": "boolean" - }, - "AdditionalArchivedLogDestId": { - "markdownDescription": "Set this attribute with `ArchivedLogDestId` in a primary/ standby setup. This attribute is useful in the case of a switchover. In this case, AWS DMS needs to know which destination to get archive redo logs from to read changes. This need arises because the previous primary instance is now a standby instance after switchover.\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless necessary. For additional information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", - "title": "AdditionalArchivedLogDestId", - "type": "number" - }, - "AllowSelectNestedTables": { - "markdownDescription": "Set this attribute to `true` to enable replication of Oracle tables containing columns that are nested tables or defined types.", - "title": "AllowSelectNestedTables", - "type": "boolean" - }, - "ArchivedLogDestId": { - "markdownDescription": "Specifies the ID of the destination for the archived redo logs. This value should be the same as a number in the dest_id column of the v$archived_log view. If you work with an additional redo log destination, use the `AdditionalArchivedLogDestId` option to specify the additional destination ID. Doing this improves performance by ensuring that the correct logs are accessed from the outset.", - "title": "ArchivedLogDestId", - "type": "number" - }, - "ArchivedLogsOnly": { - "markdownDescription": "When this field is set to `True` , AWS DMS only accesses the archived redo logs. If the archived redo logs are stored on Automatic Storage Management (ASM) only, the AWS DMS user account needs to be granted ASM privileges.", - "title": "ArchivedLogsOnly", - "type": "boolean" - }, - "AsmPassword": { - "markdownDescription": "For an Oracle source endpoint, your Oracle Automatic Storage Management (ASM) password. You can set this value from the `*asm_user_password*` value. You set this value as part of the comma-separated value that you set to the `Password` request parameter when you create the endpoint to access transaction logs using Binary Reader. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmPassword", - "type": "string" - }, - "AsmServer": { - "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmServer", - "type": "string" - }, - "AsmUser": { - "markdownDescription": "For an Oracle source endpoint, your ASM user name. You can set this value from the `asm_user` value. You set `asm_user` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", - "title": "AsmUser", + "Condition": { "type": "string" }, - "CharLengthSemantics": { - "markdownDescription": "Specifies whether the length of a character column is in bytes or in characters. To indicate that the character column length is in characters, set this attribute to `CHAR` . Otherwise, the character column length is in bytes.\n\nExample: `charLengthSemantics=CHAR;`", - "title": "CharLengthSemantics", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DirectPathNoLog": { - "markdownDescription": "When set to `true` , this attribute helps to increase the commit rate on the Oracle target database by writing directly to tables and not writing a trail to database logs.", - "title": "DirectPathNoLog", - "type": "boolean" - }, - "DirectPathParallelLoad": { - "markdownDescription": "When set to `true` , this attribute specifies a parallel load when `useDirectPathFullLoad` is set to `Y` . This attribute also only applies when you use the AWS DMS parallel load feature. Note that the target table cannot have any constraints or indexes.", - "title": "DirectPathParallelLoad", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "EnableHomogenousTablespace": { - "markdownDescription": "Set this attribute to enable homogenous tablespace replication and create existing tables or indexes under the same tablespace on the target.", - "title": "EnableHomogenousTablespace", - "type": "boolean" + "Metadata": { + "type": "object" }, - "ExtraArchivedLogDestIds": { - "items": { - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ConformancePackInputParameters": { + "items": { + "$ref": "#/definitions/AWS::Config::OrganizationConformancePack.ConformancePackInputParameter" + }, + "markdownDescription": "A list of `ConformancePackInputParameter` objects.", + "title": "ConformancePackInputParameters", + "type": "array" + }, + "DeliveryS3Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.\n\n> This field is optional.", + "title": "DeliveryS3Bucket", + "type": "string" + }, + "DeliveryS3KeyPrefix": { + "markdownDescription": "Any folder structure you want to add to an Amazon S3 bucket.\n\n> This field is optional.", + "title": "DeliveryS3KeyPrefix", + "type": "string" + }, + "ExcludedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A comma-separated list of accounts excluded from organization conformance pack.", + "title": "ExcludedAccounts", + "type": "array" + }, + "OrganizationConformancePackName": { + "markdownDescription": "The name you assign to an organization conformance pack.", + "title": "OrganizationConformancePackName", + "type": "string" + }, + "TemplateBody": { + "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.", + "title": "TemplateBody", + "type": "string" + }, + "TemplateS3Uri": { + "markdownDescription": "Location of file containing the template body. The uri must point to the conformance pack template (max size: 300 KB).", + "title": "TemplateS3Uri", + "type": "string" + } }, - "markdownDescription": "Specifies the IDs of one more destinations for one or more archived redo logs. These IDs are the values of the `dest_id` column in the `v$archived_log` view. Use this setting with the `archivedLogDestId` extra connection attribute in a primary-to-single setup or a primary-to-multiple-standby setup.\n\nThis setting is useful in a switchover when you use an Oracle Data Guard database as a source. In this case, AWS DMS needs information about what destination to get archive redo logs from to read changes. AWS DMS needs this because after the switchover the previous primary is a standby instance. For example, in a primary-to-single standby setup you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2]`\n\nIn a primary-to-multiple-standby setup, you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2,3,4]`\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless it's necessary. For more information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", - "title": "ExtraArchivedLogDestIds", - "type": "array" - }, - "FailTasksOnLobTruncation": { - "markdownDescription": "When set to `true` , this attribute causes a task to fail if the actual size of an LOB column is greater than the specified `LobMaxSize` .\n\nIf a task is set to limited LOB mode and this option is set to `true` , the task fails instead of truncating the LOB data.", - "title": "FailTasksOnLobTruncation", - "type": "boolean" - }, - "NumberDatatypeScale": { - "markdownDescription": "Specifies the number scale. You can select a scale up to 38, or you can select FLOAT. By default, the NUMBER data type is converted to precision 38, scale 10.\n\nExample: `numberDataTypeScale=12`", - "title": "NumberDatatypeScale", - "type": "number" - }, - "OraclePathPrefix": { - "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the default Oracle root used to access the redo logs.", - "title": "OraclePathPrefix", - "type": "string" - }, - "ParallelAsmReadThreads": { - "markdownDescription": "Set this attribute to change the number of threads that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 2 (the default) and 8 (the maximum). Use this attribute together with the `readAheadBlocks` attribute.", - "title": "ParallelAsmReadThreads", - "type": "number" - }, - "ReadAheadBlocks": { - "markdownDescription": "Set this attribute to change the number of read-ahead blocks that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 1000 (the default) and 200,000 (the maximum).", - "title": "ReadAheadBlocks", - "type": "number" - }, - "ReadTableSpaceName": { - "markdownDescription": "When set to `true` , this attribute supports tablespace replication.", - "title": "ReadTableSpaceName", - "type": "boolean" - }, - "ReplacePathPrefix": { - "markdownDescription": "Set this attribute to true in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This setting tells DMS instance to replace the default Oracle root with the specified `usePathPrefix` setting to access the redo logs.", - "title": "ReplacePathPrefix", - "type": "boolean" - }, - "RetryInterval": { - "markdownDescription": "Specifies the number of seconds that the system waits before resending a query.\n\nExample: `retryInterval=6;`", - "title": "RetryInterval", - "type": "number" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Oracle endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "required": [ + "OrganizationConformancePackName" + ], + "type": "object" }, - "SecretsManagerOracleAsmAccessRoleArn": { - "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerOracleAsmSecret` , the corresponding `SecretsManagerOracleAsmAccessRoleArn` , and the `SecretsManagerOracleAsmSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerOracleAsmAccessRoleArn", + "Type": { + "enum": [ + "AWS::Config::OrganizationConformancePack" + ], "type": "string" }, - "SecretsManagerOracleAsmSecretId": { - "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN, partial ARN, or display name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", - "title": "SecretsManagerOracleAsmSecretId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Oracle endpoint connection details.", - "title": "SecretsManagerSecretId", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::OrganizationConformancePack.ConformancePackInputParameter": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterName", "type": "string" }, - "SecurityDbEncryption": { - "markdownDescription": "For an Oracle source endpoint, the transparent data encryption (TDE) password required by AWM DMS to access Oracle redo logs encrypted by TDE using Binary Reader. It is also the `*TDE_Password*` part of the comma-separated value you set to the `Password` request parameter when you create the endpoint. The `SecurityDbEncryptian` setting is related to this `SecurityDbEncryptionName` setting. For more information, see [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", - "title": "SecurityDbEncryption", + "ParameterValue": { + "markdownDescription": "One part of a key-value pair.", + "title": "ParameterValue", "type": "string" - }, - "SecurityDbEncryptionName": { - "markdownDescription": "For an Oracle source endpoint, the name of a key used for the transparent data encryption (TDE) of the columns and tablespaces in an Oracle source database that is encrypted using TDE. The key value is the value of the `SecurityDbEncryption` setting. For more information on setting the key name value of `SecurityDbEncryptionName` , see the information and example for setting the `securityDbEncryptionName` extra connection attribute in [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", - "title": "SecurityDbEncryptionName", + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::Config::RemediationConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "SpatialDataOptionToGeoJsonFunctionName": { - "markdownDescription": "Use this attribute to convert `SDO_GEOMETRY` to `GEOJSON` format. By default, DMS calls the `SDO2GEOJSON` custom function if present and accessible. Or you can create your own custom function that mimics the operation of `SDOGEOJSON` and set `SpatialDataOptionToGeoJsonFunctionName` to call it instead.", - "title": "SpatialDataOptionToGeoJsonFunctionName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StandbyDelayTime": { - "markdownDescription": "Use this attribute to specify a time in minutes for the delay in standby sync. If the source is an Oracle Active Data Guard standby database, use this attribute to specify the time lag between primary and standby databases.\n\nIn AWS DMS , you can create an Oracle CDC task that uses an Active Data Guard standby instance as a source for replicating ongoing changes. Doing this eliminates the need to connect to an active database that might be in production.", - "title": "StandbyDelayTime", - "type": "number" - }, - "UseAlternateFolderForOnline": { - "markdownDescription": "Set this attribute to `true` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to use any specified prefix replacement to access all online redo logs.", - "title": "UseAlternateFolderForOnline", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "UseBFile": { - "markdownDescription": "Set this attribute to True to capture change data using the Binary Reader utility. Set `UseLogminerReader` to False to set this attribute to True. To use Binary Reader with Amazon RDS for Oracle as the source, you set additional attributes. For more information about using this setting with Oracle Automatic Storage Management (ASM), see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) .", - "title": "UseBFile", - "type": "boolean" + "Metadata": { + "type": "object" }, - "UseDirectPathFullLoad": { - "markdownDescription": "Set this attribute to True to have AWS DMS use a direct path full load. Specify this value to use the direct path protocol in the Oracle Call Interface (OCI). By using this OCI protocol, you can bulk-load Oracle target tables during a full load.", - "title": "UseDirectPathFullLoad", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "Automatic": { + "markdownDescription": "The remediation is triggered automatically.", + "title": "Automatic", + "type": "boolean" + }, + "ConfigRuleName": { + "markdownDescription": "The name of the AWS Config rule.", + "title": "ConfigRuleName", + "type": "string" + }, + "ExecutionControls": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ExecutionControls", + "markdownDescription": "An ExecutionControls object.", + "title": "ExecutionControls" + }, + "MaximumAutomaticAttempts": { + "markdownDescription": "The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n\nFor example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.", + "title": "MaximumAutomaticAttempts", + "type": "number" + }, + "Parameters": { + "markdownDescription": "An object of the RemediationParameterValue. For more information, see [RemediationParameterValue](https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationParameterValue.html) .\n\n> The type is a map of strings to RemediationParameterValue.", + "title": "Parameters", + "type": "object" + }, + "ResourceType": { + "markdownDescription": "The type of a resource.", + "title": "ResourceType", + "type": "string" + }, + "RetryAttemptSeconds": { + "markdownDescription": "Time window to determine whether or not to add a remediation exception to prevent infinite remediation attempts. If `MaximumAutomaticAttempts` remediation attempts have been made under `RetryAttemptSeconds` , a remediation exception will be added to the resource. If you do not select a number, the default is 60 seconds.\n\nFor example, if you specify `RetryAttemptSeconds` as 50 seconds and `MaximumAutomaticAttempts` as 5, AWS Config will run auto-remediations 5 times within 50 seconds before adding a remediation exception to the resource.", + "title": "RetryAttemptSeconds", + "type": "number" + }, + "TargetId": { + "markdownDescription": "Target ID is the name of the SSM document.", + "title": "TargetId", + "type": "string" + }, + "TargetType": { + "markdownDescription": "The type of the target. Target executes remediation. For example, SSM document.", + "title": "TargetType", + "type": "string" + }, + "TargetVersion": { + "markdownDescription": "Version of the target. For example, version of the SSM document.\n\n> If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.", + "title": "TargetVersion", + "type": "string" + } + }, + "required": [ + "ConfigRuleName", + "TargetId", + "TargetType" + ], + "type": "object" }, - "UseLogminerReader": { - "markdownDescription": "Set this attribute to True to capture change data using the Oracle LogMiner utility (the default). Set this attribute to False if you want to access the redo logs as a binary file. When you set `UseLogminerReader` to False, also set `UseBfile` to True. For more information on this setting and using Oracle ASM, see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) in the *AWS DMS User Guide* .", - "title": "UseLogminerReader", - "type": "boolean" + "Type": { + "enum": [ + "AWS::Config::RemediationConfiguration" + ], + "type": "string" }, - "UsePathPrefix": { - "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the path prefix used to replace the default Oracle root to access the redo logs.", - "title": "UsePathPrefix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.PostgreSqlSettings": { + "AWS::Config::RemediationConfiguration.ExecutionControls": { "additionalProperties": false, "properties": { - "AfterConnectScript": { - "markdownDescription": "For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data.\n\nExample: `afterConnectScript=SET session_replication_role='replica'`", - "title": "AfterConnectScript", - "type": "string" - }, - "BabelfishDatabaseName": { - "markdownDescription": "The Babelfish for Aurora PostgreSQL database name for the endpoint.", - "title": "BabelfishDatabaseName", - "type": "string" - }, - "CaptureDdls": { - "markdownDescription": "To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts. You can later remove these artifacts.\n\nIf this value is set to `True` , you don't have to create tables or triggers on the source database.", - "title": "CaptureDdls", - "type": "boolean" - }, - "DatabaseMode": { - "markdownDescription": "Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints.", - "title": "DatabaseMode", - "type": "string" + "SsmControls": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.SsmControls", + "markdownDescription": "A SsmControls object.", + "title": "SsmControls" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.RemediationParameterValue": { + "additionalProperties": false, + "properties": { + "ResourceValue": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ResourceValue", + "markdownDescription": "The value is dynamic and changes at run-time.", + "title": "ResourceValue" }, - "DdlArtifactsSchema": { - "markdownDescription": "The schema in which the operational DDL database artifacts are created.\n\nThe default value is `public` .\n\nExample: `ddlArtifactsSchema=xyzddlschema;`", - "title": "DdlArtifactsSchema", + "StaticValue": { + "$ref": "#/definitions/AWS::Config::RemediationConfiguration.StaticValue", + "markdownDescription": "The value is static and does not change at run-time.", + "title": "StaticValue" + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.ResourceValue": { + "additionalProperties": false, + "properties": { + "Value": { "type": "string" - }, - "ExecuteTimeout": { - "markdownDescription": "Sets the client statement timeout for the PostgreSQL instance, in seconds. The default value is 60 seconds.\n\nExample: `executeTimeout=100;`", - "title": "ExecuteTimeout", + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.SsmControls": { + "additionalProperties": false, + "properties": { + "ConcurrentExecutionRatePercentage": { + "markdownDescription": "The maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. You can specify a percentage, such as 10%. The default value is 10.", + "title": "ConcurrentExecutionRatePercentage", "type": "number" }, - "FailTasksOnLobTruncation": { - "markdownDescription": "When set to `true` , this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize` .\n\nThe default value is `false` .\n\nIf task is set to Limited LOB mode and this option is set to true, the task fails instead of truncating the LOB data.", - "title": "FailTasksOnLobTruncation", - "type": "boolean" - }, - "HeartbeatEnable": { - "markdownDescription": "The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source. This heartbeat keeps `restart_lsn` moving and prevents storage full scenarios.\n\nThe default value is `false` .", - "title": "HeartbeatEnable", - "type": "boolean" - }, - "HeartbeatFrequency": { - "markdownDescription": "Sets the WAL heartbeat frequency (in minutes).\n\nThe default value is 5 minutes.", - "title": "HeartbeatFrequency", + "ErrorPercentage": { + "markdownDescription": "The percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. You can specify a percentage of errors, for example 10%. If you do not specifiy a percentage, the default is 50%. For example, if you set the ErrorPercentage to 40% for 10 non-compliant resources, then SSM stops running the automations when the fifth error is received.", + "title": "ErrorPercentage", "type": "number" - }, - "HeartbeatSchema": { - "markdownDescription": "Sets the schema in which the heartbeat artifacts are created.\n\nThe default value is `public` .", - "title": "HeartbeatSchema", + } + }, + "type": "object" + }, + "AWS::Config::RemediationConfiguration.StaticValue": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::Config::StoredQuery": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "MapBooleanAsBoolean": { - "markdownDescription": "When true, lets PostgreSQL migrate the boolean type as boolean. By default, PostgreSQL migrates booleans as `varchar(5)` . You must set this setting on both the source and target endpoints for it to take effect.\n\nThe default value is `false` .", - "title": "MapBooleanAsBoolean", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MaxFileSize": { - "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL.\n\nThe default value is 32,768 KB (32 MB).\n\nExample: `maxFileSize=512`", - "title": "MaxFileSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PluginName": { - "markdownDescription": "Specifies the plugin to use to create a replication slot.\n\nThe default value is `pglogical` .", - "title": "PluginName", - "type": "string" + "Metadata": { + "type": "object" }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the PostgreSQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "QueryDescription": { + "markdownDescription": "A unique description for the query.", + "title": "QueryDescription", + "type": "string" + }, + "QueryExpression": { + "markdownDescription": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`", + "title": "QueryExpression", + "type": "string" + }, + "QueryName": { + "markdownDescription": "The name of the query.", + "title": "QueryName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "QueryExpression", + "QueryName" + ], + "type": "object" }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the PostgreSQL endpoint connection details.", - "title": "SecretsManagerSecretId", + "Type": { + "enum": [ + "AWS::Config::StoredQuery" + ], "type": "string" }, - "SlotName": { - "markdownDescription": "Sets the name of a previously created logical replication slot for a change data capture (CDC) load of the PostgreSQL source instance.\n\nWhen used with the `CdcStartPosition` request parameter for the AWS DMS API , this attribute also makes it possible to use native CDC start points. DMS verifies that the specified logical replication slot exists before starting the CDC load task. It also verifies that the task was created with a valid setting of `CdcStartPosition` . If the specified slot doesn't exist or the task doesn't have a valid `CdcStartPosition` setting, DMS raises an error.\n\nFor more information about setting the `CdcStartPosition` request parameter, see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native) in the *AWS Database Migration Service User Guide* . For more information about using `CdcStartPosition` , see [CreateReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html) , [StartReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html) , and [ModifyReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html) .", - "title": "SlotName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.RedisSettings": { + "AWS::Connect::AgentStatus": { "additionalProperties": false, "properties": { - "AuthPassword": { - "markdownDescription": "The password provided with the `auth-role` and `auth-token` options of the `AuthType` setting for a Redis target endpoint.", - "title": "AuthPassword", + "Condition": { "type": "string" }, - "AuthType": { - "markdownDescription": "The type of authentication to perform when connecting to a Redis target. Options include `none` , `auth-token` , and `auth-role` . The `auth-token` option requires an `AuthPassword` value to be provided. The `auth-role` option requires `AuthUserName` and `AuthPassword` values to be provided.", - "title": "AuthType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "AuthUserName": { - "markdownDescription": "The user name provided with the `auth-role` option of the `AuthType` setting for a Redis target endpoint.", - "title": "AuthUserName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Port": { - "markdownDescription": "Transmission Control Protocol (TCP) port for the endpoint.", - "title": "Port", - "type": "number" + "Metadata": { + "type": "object" }, - "ServerName": { - "markdownDescription": "Fully qualified domain name of the endpoint.", - "title": "ServerName", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the agent status.", + "title": "Description", + "type": "string" + }, + "DisplayOrder": { + "markdownDescription": "The display order of the agent status.", + "title": "DisplayOrder", + "type": "number" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the agent status.", + "title": "Name", + "type": "string" + }, + "ResetOrderNumber": { + "markdownDescription": "A number indicating the reset order of the agent status.", + "title": "ResetOrderNumber", + "type": "boolean" + }, + "State": { + "markdownDescription": "The state of the agent status.", + "title": "State", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of agent status.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "InstanceArn", + "Name", + "State" + ], + "type": "object" }, - "SslCaCertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint.", - "title": "SslCaCertificateArn", + "Type": { + "enum": [ + "AWS::Connect::AgentStatus" + ], "type": "string" }, - "SslSecurityProtocol": { - "markdownDescription": "The connection to a Redis target endpoint using Transport Layer Security (TLS). Valid values include `plaintext` and `ssl-encryption` . The default is `ssl-encryption` . The `ssl-encryption` option makes an encrypted connection. Optionally, you can identify an Amazon Resource Name (ARN) for an SSL certificate authority (CA) using the `SslCaCertificateArn` setting. If an ARN isn't given for a CA, DMS uses the Amazon root CA.\n\nThe `plaintext` option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database.", - "title": "SslSecurityProtocol", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DMS::Endpoint.RedshiftSettings": { - "additionalProperties": false, - "properties": { - "AcceptAnyDate": { - "markdownDescription": "A value that indicates to allow any date format, including invalid formats such as 00/00/00 00:00:00, to be loaded without generating an error. You can choose `true` or `false` (the default).\n\nThis parameter applies only to TIMESTAMP and DATE columns. Always use ACCEPTANYDATE with the DATEFORMAT parameter. If the date format for the data doesn't match the DATEFORMAT specification, Amazon Redshift inserts a NULL value into that field.", - "title": "AcceptAnyDate", - "type": "boolean" - }, - "AfterConnectScript": { - "markdownDescription": "Code to run after connecting. This parameter should contain the code itself, not the name of a file containing the code.", - "title": "AfterConnectScript", - "type": "string" - }, - "BucketFolder": { - "markdownDescription": "An S3 folder where the comma-separated-value (.csv) files are stored before being uploaded to the target Redshift cluster.\n\nFor full load mode, AWS DMS converts source records into .csv files and loads them to the *BucketFolder/TableID* path. AWS DMS uses the Redshift `COPY` command to upload the .csv files to the target table. The files are deleted once the `COPY` operation has finished. For more information, see [COPY](https://docs.aws.amazon.com/redshift/latest/dg/r_COPY.html) in the *Amazon Redshift Database Developer Guide* .\n\nFor change-data-capture (CDC) mode, AWS DMS creates a *NetChanges* table, and loads the .csv files to this *BucketFolder/NetChangesTableID* path.", - "title": "BucketFolder", - "type": "string" - }, - "BucketName": { - "markdownDescription": "The name of the intermediate S3 bucket used to store .csv files before uploading data to Redshift.", - "title": "BucketName", - "type": "string" - }, - "CaseSensitiveNames": { - "markdownDescription": "If Amazon Redshift is configured to support case sensitive schema names, set `CaseSensitiveNames` to `true` . The default is `false` .", - "title": "CaseSensitiveNames", - "type": "boolean" - }, - "CompUpdate": { - "markdownDescription": "If you set `CompUpdate` to `true` Amazon Redshift applies automatic compression if the table is empty. This applies even if the table columns already have encodings other than `RAW` . If you set `CompUpdate` to `false` , automatic compression is disabled and existing column encodings aren't changed. The default is `true` .", - "title": "CompUpdate", - "type": "boolean" - }, - "ConnectionTimeout": { - "markdownDescription": "A value that sets the amount of time to wait (in milliseconds) before timing out, beginning from when you initially establish a connection.", - "title": "ConnectionTimeout", - "type": "number" - }, - "DateFormat": { - "markdownDescription": "The date format that you are using. Valid values are `auto` (case-sensitive), your date format string enclosed in quotes, or NULL. If this parameter is left unset (NULL), it defaults to a format of 'YYYY-MM-DD'. Using `auto` recognizes most strings, even some that aren't supported when you use a date format string.\n\nIf your date and time values use formats different from each other, set this to `auto` .", - "title": "DateFormat", - "type": "string" - }, - "EmptyAsNull": { - "markdownDescription": "A value that specifies whether AWS DMS should migrate empty CHAR and VARCHAR fields as NULL. A value of `true` sets empty CHAR and VARCHAR fields to null. The default is `false` .", - "title": "EmptyAsNull", - "type": "boolean" - }, - "EncryptionMode": { - "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , create an AWS Identity and Access Management (IAM) role with a policy that allows `\"arn:aws:s3:::*\"` to use the following actions: `\"s3:PutObject\", \"s3:ListBucket\"`", - "title": "EncryptionMode", - "type": "string" - }, - "ExplicitIds": { - "markdownDescription": "This setting is only valid for a full-load migration task. Set `ExplicitIds` to `true` to have tables with `IDENTITY` columns override their auto-generated values with explicit values loaded from the source data files used to populate the tables. The default is `false` .", - "title": "ExplicitIds", - "type": "boolean" - }, - "FileTransferUploadStreams": { - "markdownDescription": "The number of threads used to upload a single file. This parameter accepts a value from 1 through 64. It defaults to 10.\n\nThe number of parallel streams used to upload a single .csv file to an S3 bucket using S3 Multipart Upload. For more information, see [Multipart upload overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) .\n\n`FileTransferUploadStreams` accepts a value from 1 through 64. It defaults to 10.", - "title": "FileTransferUploadStreams", - "type": "number" - }, - "LoadTimeout": { - "markdownDescription": "The amount of time to wait (in milliseconds) before timing out of operations performed by AWS DMS on a Redshift cluster, such as Redshift COPY, INSERT, DELETE, and UPDATE.", - "title": "LoadTimeout", - "type": "number" - }, - "MapBooleanAsBoolean": { - "markdownDescription": "When true, lets Redshift migrate the boolean type as boolean. By default, Redshift migrates booleans as `varchar(1)` . You must set this setting on both the source and target endpoints for it to take effect.", - "title": "MapBooleanAsBoolean", - "type": "boolean" - }, - "MaxFileSize": { - "markdownDescription": "The maximum size (in KB) of any .csv file used to load data on an S3 bucket and transfer data to Amazon Redshift. It defaults to 1048576KB (1 GB).", - "title": "MaxFileSize", - "type": "number" - }, - "RemoveQuotes": { - "markdownDescription": "A value that specifies to remove surrounding quotation marks from strings in the incoming data. All characters within the quotation marks, including delimiters, are retained. Choose `true` to remove quotation marks. The default is `false` .", - "title": "RemoveQuotes", - "type": "boolean" - }, - "ReplaceChars": { - "markdownDescription": "A value that specifies to replaces the invalid characters specified in `ReplaceInvalidChars` , substituting the specified characters instead. The default is `\"?\"` .", - "title": "ReplaceChars", - "type": "string" - }, - "ReplaceInvalidChars": { - "markdownDescription": "A list of characters that you want to replace. Use with `ReplaceChars` .", - "title": "ReplaceInvalidChars", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Amazon Redshift endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Amazon Redshift endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" - }, - "ServerSideEncryptionKmsKeyId": { - "markdownDescription": "The AWS KMS key ID. If you are using `SSE_KMS` for the `EncryptionMode` , provide this key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.", - "title": "ServerSideEncryptionKmsKeyId", - "type": "string" - }, - "ServiceAccessRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that has access to the Amazon Redshift service. The role must allow the `iam:PassRole` action.", - "title": "ServiceAccessRoleArn", - "type": "string" - }, - "TimeFormat": { - "markdownDescription": "The time format that you want to use. Valid values are `auto` (case-sensitive), `'timeformat_string'` , `'epochsecs'` , or `'epochmillisecs'` . It defaults to 10. Using `auto` recognizes most strings, even some that aren't supported when you use a time format string.\n\nIf your date and time values use formats different from each other, set this parameter to `auto` .", - "title": "TimeFormat", - "type": "string" - }, - "TrimBlanks": { - "markdownDescription": "A value that specifies to remove the trailing white space characters from a VARCHAR string. This parameter applies only to columns with a VARCHAR data type. Choose `true` to remove unneeded white space. The default is `false` .", - "title": "TrimBlanks", - "type": "boolean" - }, - "TruncateColumns": { - "markdownDescription": "A value that specifies to truncate data in columns to the appropriate number of characters, so that the data fits in the column. This parameter applies only to columns with a VARCHAR or CHAR data type, and rows with a size of 4 MB or less. Choose `true` to truncate data. The default is `false` .", - "title": "TruncateColumns", - "type": "boolean" - }, - "WriteBufferSize": { - "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk at the DMS replication instance. The default value is 1000 (buffer size is 1000KB).", - "title": "WriteBufferSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::DMS::Endpoint.S3Settings": { - "additionalProperties": false, - "properties": { - "AddColumnName": { - "markdownDescription": "An optional parameter that, when set to `true` or `y` , you can use to add column name information to the .csv output file.\n\nThe default value is `false` . Valid values are `true` , `false` , `y` , and `n` .", - "title": "AddColumnName", - "type": "boolean" - }, - "AddTrailingPaddingCharacter": { - "markdownDescription": "Use the S3 target endpoint setting `AddTrailingPaddingCharacter` to add padding on string data. The default value is `false` .", - "title": "AddTrailingPaddingCharacter", - "type": "boolean" - }, - "BucketFolder": { - "markdownDescription": "An optional parameter to set a folder name in the S3 bucket. If provided, tables are created in the path `*bucketFolder* / *schema_name* / *table_name* /` . If this parameter isn't specified, the path used is `*schema_name* / *table_name* /` .", - "title": "BucketFolder", - "type": "string" - }, - "BucketName": { - "markdownDescription": "The name of the S3 bucket.", - "title": "BucketName", - "type": "string" - }, - "CannedAclForObjects": { - "markdownDescription": "A value that enables AWS DMS to specify a predefined (canned) access control list (ACL) for objects created in an Amazon S3 bucket as .csv or .parquet files. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 Developer Guide* .\n\nThe default value is NONE. Valid values include NONE, PRIVATE, PUBLIC_READ, PUBLIC_READ_WRITE, AUTHENTICATED_READ, AWS_EXEC_READ, BUCKET_OWNER_READ, and BUCKET_OWNER_FULL_CONTROL.", - "title": "CannedAclForObjects", - "type": "string" - }, - "CdcInsertsAndUpdates": { - "markdownDescription": "A value that enables a change data capture (CDC) load to write INSERT and UPDATE operations to .csv or .parquet (columnar storage) output files. The default setting is `false` , but when `CdcInsertsAndUpdates` is set to `true` or `y` , only INSERTs and UPDATEs from the source database are migrated to the .csv or .parquet file.\n\nFor .csv file format only, how these INSERTs and UPDATEs are recorded depends on the value of the `IncludeOpForFullLoad` parameter. If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to either `I` or `U` to indicate INSERT and UPDATE operations at the source. But if `IncludeOpForFullLoad` is set to `false` , CDC records are written without an indication of INSERT or UPDATE operations at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the use of the `CdcInsertsAndUpdates` parameter in versions 3.3.1 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", - "title": "CdcInsertsAndUpdates", - "type": "boolean" - }, - "CdcInsertsOnly": { - "markdownDescription": "A value that enables a change data capture (CDC) load to write only INSERT operations to .csv or columnar storage (.parquet) output files. By default (the `false` setting), the first field in a .csv or .parquet record contains the letter I (INSERT), U (UPDATE), or D (DELETE). These values indicate whether the row was inserted, updated, or deleted at the source database for a CDC load to the target.\n\nIf `CdcInsertsOnly` is set to `true` or `y` , only INSERTs from the source database are migrated to the .csv or .parquet file. For .csv format only, how these INSERTs are recorded depends on the value of `IncludeOpForFullLoad` . If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to I to indicate the INSERT operation at the source. If `IncludeOpForFullLoad` is set to `false` , every CDC record is written without a first field to indicate the INSERT operation at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the interaction described preceding between the `CdcInsertsOnly` and `IncludeOpForFullLoad` parameters in versions 3.1.4 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", - "title": "CdcInsertsOnly", - "type": "boolean" - }, - "CdcMaxBatchInterval": { - "markdownDescription": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3.\n\nWhen `CdcMaxBatchInterval` and `CdcMinFileSize` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 60 seconds.", - "title": "CdcMaxBatchInterval", - "type": "number" - }, - "CdcMinFileSize": { - "markdownDescription": "Minimum file size, defined in kilobytes, to reach for a file output to Amazon S3.\n\nWhen `CdcMinFileSize` and `CdcMaxBatchInterval` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 32 MB.", - "title": "CdcMinFileSize", - "type": "number" - }, - "CdcPath": { - "markdownDescription": "Specifies the folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `CdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. For an S3 target if you set [`PreserveTransactions`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-PreserveTransactions) to `true` , AWS DMS verifies that you have set this parameter to a folder path on your S3 target where AWS DMS can save the transaction order for the CDC load. AWS DMS creates this CDC folder path in either your S3 target working directory or the S3 target location specified by [`BucketFolder`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketFolder) and [`BucketName`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketName) .\n\nFor example, if you specify `CdcPath` as `MyChangedData` , and you specify `BucketName` as `MyTargetBucket` but do not specify `BucketFolder` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyChangedData` .\n\nIf you specify the same `CdcPath` , and you specify `BucketName` as `MyTargetBucket` and `BucketFolder` as `MyTargetData` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyTargetData/MyChangedData` .\n\nFor more information on CDC including transaction order on an S3 target, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", - "title": "CdcPath", - "type": "string" - }, - "CompressionType": { - "markdownDescription": "An optional parameter. When set to GZIP it enables the service to compress the target files. To allow the service to write the target files uncompressed, either set this parameter to NONE (the default) or don't specify the parameter at all. This parameter applies to both .csv and .parquet file formats.", - "title": "CompressionType", - "type": "string" - }, - "CsvDelimiter": { - "markdownDescription": "The delimiter used to separate columns in the .csv file for both source and target. The default is a comma.", - "title": "CsvDelimiter", - "type": "string" - }, - "CsvNoSupValue": { - "markdownDescription": "This setting only applies if your Amazon S3 output files during a change data capture (CDC) load are written in .csv format. If [`UseCsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-UseCsvNoSupValue) is set to true, specify a string value that you want AWS DMS to use for all columns not included in the supplemental log. If you do not specify a string value, AWS DMS uses the null value for these columns regardless of the `UseCsvNoSupValue` setting.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", - "title": "CsvNoSupValue", - "type": "string" - }, - "CsvNullValue": { - "markdownDescription": "An optional parameter that specifies how AWS DMS treats null values. While handling the null value, you can use this parameter to pass a user-defined string as null when writing to the target. For example, when target columns are not nullable, you can use this option to differentiate between the empty string value and the null value. So, if you set this parameter value to the empty string (\"\" or ''), AWS DMS treats the empty string as the null value instead of `NULL` .\n\nThe default value is `NULL` . Valid values include any valid string.", - "title": "CsvNullValue", - "type": "string" - }, - "CsvRowDelimiter": { - "markdownDescription": "The delimiter used to separate rows in the .csv file for both source and target.\n\nThe default is a carriage return ( `\\n` ).", - "title": "CsvRowDelimiter", - "type": "string" - }, - "DataFormat": { - "markdownDescription": "The format of the data that you want to use for output. You can choose one of the following:\n\n- `csv` : This is a row-based file format with comma-separated values (.csv).\n- `parquet` : Apache Parquet (.parquet) is a columnar storage file format that features efficient compression and provides faster query response.", - "title": "DataFormat", - "type": "string" - }, - "DataPageSize": { - "markdownDescription": "The size of one data page in bytes. This parameter defaults to 1024 * 1024 bytes (1 MiB). This number is used for .parquet file format only.", - "title": "DataPageSize", - "type": "number" - }, - "DatePartitionDelimiter": { - "markdownDescription": "Specifies a date separating delimiter to use during folder partitioning. The default value is `SLASH` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", - "title": "DatePartitionDelimiter", - "type": "string" - }, - "DatePartitionEnabled": { - "markdownDescription": "When set to `true` , this parameter partitions S3 bucket folders based on transaction commit dates. The default value is `false` . For more information about date-based folder partitioning, see [Using date-based folder partitioning](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.DatePartitioning) .", - "title": "DatePartitionEnabled", - "type": "boolean" - }, - "DatePartitionSequence": { - "markdownDescription": "Identifies the sequence of the date format to use during folder partitioning. The default value is `YYYYMMDD` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", - "title": "DatePartitionSequence", - "type": "string" - }, - "DatePartitionTimezone": { - "markdownDescription": "When creating an S3 target endpoint, set `DatePartitionTimezone` to convert the current UTC time into a specified time zone. The conversion occurs when a date partition folder is created and a change data capture (CDC) file name is generated. The time zone format is Area/Location. Use this parameter when `DatePartitionedEnabled` is set to `true` , as shown in the following example.\n\n`s3-settings='{\"DatePartitionEnabled\": true, \"DatePartitionSequence\": \"YYYYMMDDHH\", \"DatePartitionDelimiter\": \"SLASH\", \"DatePartitionTimezone\":\" *Asia/Seoul* \", \"BucketName\": \"dms-nattarat-test\"}'`", - "title": "DatePartitionTimezone", - "type": "string" - }, - "DictPageSizeLimit": { - "markdownDescription": "The maximum size of an encoded dictionary page of a column. If the dictionary page exceeds this, this column is stored using an encoding type of `PLAIN` . This parameter defaults to 1024 * 1024 bytes (1 MiB), the maximum size of a dictionary page before it reverts to `PLAIN` encoding. This size is used for .parquet file format only.", - "title": "DictPageSizeLimit", - "type": "number" - }, - "EnableStatistics": { - "markdownDescription": "A value that enables statistics for Parquet pages and row groups. Choose `true` to enable statistics, `false` to disable. Statistics include `NULL` , `DISTINCT` , `MAX` , and `MIN` values. This parameter defaults to `true` . This value is used for .parquet file format only.", - "title": "EnableStatistics", - "type": "boolean" - }, - "EncodingType": { - "markdownDescription": "The type of encoding that you're using:\n\n- `RLE_DICTIONARY` uses a combination of bit-packing and run-length encoding to store repeated values more efficiently. This is the default.\n- `PLAIN` doesn't use encoding at all. Values are stored as they are.\n- `PLAIN_DICTIONARY` builds a dictionary of the values encountered in a given column. The dictionary is stored in a dictionary page for each column chunk.", - "title": "EncodingType", - "type": "string" - }, - "EncryptionMode": { - "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , you need an IAM role with permission to allow `\"arn:aws:s3:::dms-*\"` to use the following actions:\n\n- `s3:CreateBucket`\n- `s3:ListBucket`\n- `s3:DeleteBucket`\n- `s3:GetBucketLocation`\n- `s3:GetObject`\n- `s3:PutObject`\n- `s3:DeleteObject`\n- `s3:GetObjectVersion`\n- `s3:GetBucketPolicy`\n- `s3:PutBucketPolicy`\n- `s3:DeleteBucketPolicy`", - "title": "EncryptionMode", - "type": "string" - }, - "ExpectedBucketOwner": { - "markdownDescription": "To specify a bucket owner and prevent sniping, you can use the `ExpectedBucketOwner` endpoint setting.\n\nExample: `--s3-settings='{\"ExpectedBucketOwner\": \" *AWS_Account_ID* \"}'`\n\nWhen you make a request to test a connection or perform a migration, S3 checks the account ID of the bucket owner against the specified parameter.", - "title": "ExpectedBucketOwner", - "type": "string" - }, - "ExternalTableDefinition": { - "markdownDescription": "The external table definition.\n\nConditional: If `S3` is used as a source then `ExternalTableDefinition` is required.", - "title": "ExternalTableDefinition", - "type": "string" - }, - "GlueCatalogGeneration": { - "markdownDescription": "When true, allows AWS Glue to catalog your S3 bucket. Creating an AWS Glue catalog lets you use Athena to query your data.", - "title": "GlueCatalogGeneration", - "type": "boolean" - }, - "IgnoreHeaderRows": { - "markdownDescription": "When this value is set to 1, AWS DMS ignores the first row header in a .csv file. A value of 1 turns on the feature; a value of 0 turns off the feature.\n\nThe default is 0.", - "title": "IgnoreHeaderRows", - "type": "number" - }, - "IncludeOpForFullLoad": { - "markdownDescription": "A value that enables a full load to write INSERT operations to the comma-separated value (.csv) output files only to indicate how the rows were added to the source database.\n\n> AWS DMS supports the `IncludeOpForFullLoad` parameter in versions 3.1.4 and later. \n\nFor full load, records can only be inserted. By default (the `false` setting), no information is recorded in these output files for a full load to indicate that the rows were inserted at the source database. If `IncludeOpForFullLoad` is set to `true` or `y` , the INSERT is recorded as an I annotation in the first field of the .csv file. This allows the format of your target records from a full load to be consistent with the target records from a CDC load.\n\n> This setting works together with the `CdcInsertsOnly` and the `CdcInsertsAndUpdates` parameters for output to .csv files only. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .", - "title": "IncludeOpForFullLoad", - "type": "boolean" - }, - "MaxFileSize": { - "markdownDescription": "A value that specifies the maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load.\n\nThe default value is 1,048,576 KB (1 GB). Valid values include 1 to 1,048,576.", - "title": "MaxFileSize", - "type": "number" - }, - "ParquetTimestampInMillisecond": { - "markdownDescription": "A value that specifies the precision of any `TIMESTAMP` column values that are written to an Amazon S3 object file in .parquet format.\n\n> AWS DMS supports the `ParquetTimestampInMillisecond` parameter in versions 3.1.4 and later. \n\nWhen `ParquetTimestampInMillisecond` is set to `true` or `y` , AWS DMS writes all `TIMESTAMP` columns in a .parquet formatted file with millisecond precision. Otherwise, DMS writes them with microsecond precision.\n\nCurrently, Amazon Athena and AWS Glue can handle only millisecond precision for `TIMESTAMP` values. Set this parameter to `true` for S3 endpoint object files that are .parquet formatted only if you plan to query or process the data with Athena or AWS Glue .\n\n> AWS DMS writes any `TIMESTAMP` column values written to an S3 file in .csv format with microsecond precision.\n> \n> Setting `ParquetTimestampInMillisecond` has no effect on the string format of the timestamp column value that is inserted by setting the `TimestampColumnName` parameter.", - "title": "ParquetTimestampInMillisecond", - "type": "boolean" - }, - "ParquetVersion": { - "markdownDescription": "The version of the Apache Parquet format that you want to use: `parquet_1_0` (the default) or `parquet_2_0` .", - "title": "ParquetVersion", - "type": "string" - }, - "PreserveTransactions": { - "markdownDescription": "If this setting is set to `true` , AWS DMS saves the transaction order for a change data capture (CDC) load on the Amazon S3 target specified by [`CdcPath`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CdcPath) . For more information, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", - "title": "PreserveTransactions", - "type": "boolean" - }, - "Rfc4180": { - "markdownDescription": "For an S3 source, when this value is set to `true` or `y` , each leading double quotation mark has to be followed by an ending double quotation mark. This formatting complies with RFC 4180. When this value is set to `false` or `n` , string literals are copied to the target as is. In this case, a delimiter (row or column) signals the end of the field. Thus, you can't use a delimiter as part of the string, because it signals the end of the value.\n\nFor an S3 target, an optional parameter used to set behavior to comply with RFC 4180 for data migrated to Amazon S3 using .csv file format only. When this value is set to `true` or `y` using Amazon S3 as a target, if the data has quotation marks or newline characters in it, AWS DMS encloses the entire column with an additional pair of double quotation marks (\"). Every quotation mark within the data is repeated twice.\n\nThe default value is `true` . Valid values include `true` , `false` , `y` , and `n` .", - "title": "Rfc4180", - "type": "boolean" - }, - "RowGroupLength": { - "markdownDescription": "The number of rows in a row group. A smaller row group size provides faster reads. But as the number of row groups grows, the slower writes become. This parameter defaults to 10,000 rows. This number is used for .parquet file format only.\n\nIf you choose a value larger than the maximum, `RowGroupLength` is set to the max row group length in bytes (64 * 1024 * 1024).", - "title": "RowGroupLength", - "type": "number" - }, - "ServerSideEncryptionKmsKeyId": { - "markdownDescription": "If you are using `SSE_KMS` for the `EncryptionMode` , provide the AWS KMS key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.\n\nHere is a CLI example: `aws dms create-endpoint --endpoint-identifier *value* --endpoint-type target --engine-name s3 --s3-settings ServiceAccessRoleArn= *value* ,BucketFolder= *value* ,BucketName= *value* ,EncryptionMode=SSE_KMS,ServerSideEncryptionKmsKeyId= *value*`", - "title": "ServerSideEncryptionKmsKeyId", - "type": "string" - }, - "ServiceAccessRoleArn": { - "markdownDescription": "A required parameter that specifies the Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action. It enables AWS DMS to read and write objects from an S3 bucket.", - "title": "ServiceAccessRoleArn", - "type": "string" - }, - "TimestampColumnName": { - "markdownDescription": "A value that when nonblank causes AWS DMS to add a column with timestamp information to the endpoint data for an Amazon S3 target.\n\n> AWS DMS supports the `TimestampColumnName` parameter in versions 3.1.4 and later. \n\nAWS DMS includes an additional `STRING` column in the .csv or .parquet object files of your migrated data when you set `TimestampColumnName` to a nonblank value.\n\nFor a full load, each row of this timestamp column contains a timestamp for when the data was transferred from the source to the target by DMS.\n\nFor a change data capture (CDC) load, each row of the timestamp column contains the timestamp for the commit of that row in the source database.\n\nThe string format for this timestamp column value is `yyyy-MM-dd HH:mm:ss.SSSSSS` . By default, the precision of this value is in microseconds. For a CDC load, the rounding of the precision depends on the commit timestamp supported by DMS for the source database.\n\nWhen the `AddColumnName` parameter is set to `true` , DMS also includes a name for the timestamp column that you set with `TimestampColumnName` .", - "title": "TimestampColumnName", - "type": "string" - }, - "UseCsvNoSupValue": { - "markdownDescription": "This setting applies if the S3 output files during a change data capture (CDC) load are written in .csv format. If this setting is set to `true` for columns not included in the supplemental log, AWS DMS uses the value specified by [`CsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CsvNoSupValue) . If this setting isn't set or is set to `false` , AWS DMS uses the null value for these columns.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", - "title": "UseCsvNoSupValue", - "type": "boolean" - }, - "UseTaskStartTimeForFullLoadTimestamp": { - "markdownDescription": "When set to true, this parameter uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when `useTaskStartTimeForFullLoadTimestamp` is set to `true` , each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.\n\nWhen `useTaskStartTimeForFullLoadTimestamp` is set to `false` , the full load timestamp in the timestamp column increments with the time data arrives at the target.", - "title": "UseTaskStartTimeForFullLoadTimestamp", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DMS::Endpoint.SybaseSettings": { - "additionalProperties": false, - "properties": { - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SAP ASE endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the SAP SAE endpoint connection details.", - "title": "SecretsManagerSecretId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::EventSubscription": { + "AWS::Connect::ApprovedOrigin": { "additionalProperties": false, "properties": { "Condition": { @@ -58021,59 +64224,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether to activate the subscription. If you don't specify this property, AWS CloudFormation activates the subscription.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event categories for a source type that you want to subscribe to. If you don't specify this property, you are notified about all event categories. For more information, see [Working with Events and Notifications](https://docs.aws.amazon.com//dms/latest/userguide/CHAP_Events.html) in the *AWS DMS User Guide* .", - "title": "EventCategories", - "type": "array" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", - "title": "SnsTopicArn", - "type": "string" - }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers for which AWS DMS provides notification events.\n\nIf you don't specify a value, notifications are provided for all sources.\n\nIf you specify multiple values, they must be of the same type. For example, if you specify a database instance ID, then all of the other values must be database instance IDs.", - "title": "SourceIds", - "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of AWS DMS resource that generates the events. For example, if you want to be notified of events generated by a replication instance, you set this parameter to `replication-instance` . If this value isn't specified, all events are returned.\n\n*Valid values* : `replication-instance` | `replication-task`", - "title": "SourceType", + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", "type": "string" }, - "SubscriptionName": { - "markdownDescription": "The name of the AWS DMS event notification subscription. This name must be less than 255 characters.", - "title": "SubscriptionName", + "Origin": { + "markdownDescription": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`", + "title": "Origin", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more tags to be assigned to the event subscription.", - "title": "Tags", - "type": "array" } }, "required": [ - "SnsTopicArn" + "InstanceId", + "Origin" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::EventSubscription" + "AWS::Connect::ApprovedOrigin" ], "type": "string" }, @@ -58092,7 +64262,7 @@ ], "type": "object" }, - "AWS::DMS::InstanceProfile": { + "AWS::Connect::ContactFlow": { "additionalProperties": false, "properties": { "Condition": { @@ -58127,68 +64297,56 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the instance profile runs.", - "title": "AvailabilityZone", + "Content": { + "markdownDescription": "The content of the flow.\n\nFor more information, see [Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html) in the *Amazon Connect Administrator Guide* .", + "title": "Content", "type": "string" }, "Description": { - "markdownDescription": "A description of the instance profile. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", + "markdownDescription": "The description of the flow.", "title": "Description", "type": "string" }, - "InstanceProfileIdentifier": { - "markdownDescription": "The identifier of the instance profile. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "InstanceProfileIdentifier", - "type": "string" - }, - "InstanceProfileName": { - "markdownDescription": "The user-friendly name for the instance profile.", - "title": "InstanceProfileName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.\n\nIf you don't specify a value for the `KmsKeyArn` parameter, then AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyArn", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "NetworkType": { - "markdownDescription": "Specifies the network type for the instance profile. A value of `IPV4` represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of `IPV6` represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of `DUAL` represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.", - "title": "NetworkType", + "Name": { + "markdownDescription": "The name of the flow.", + "title": "Name", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Specifies the accessibility options for the instance profile. A value of `true` represents an instance profile with a public IP address. A value of `false` represents an instance profile with a private IP address. The default value is `true` .", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SubnetGroupIdentifier": { - "markdownDescription": "The identifier of the subnet group that is associated with the instance profile.", - "title": "SubnetGroupIdentifier", + "State": { + "markdownDescription": "The state of the flow.", + "title": "State", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "VpcSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security groups that are used with the instance profile. The VPC security group must work with the VPC containing the instance profile.", - "title": "VpcSecurityGroups", - "type": "array" + "Type": { + "markdownDescription": "The type of the flow. For descriptions of the available types, see [Choose a flow type](https://docs.aws.amazon.com/connect/latest/adminguide/create-contact-flow.html#contact-flow-types) in the *Amazon Connect Administrator Guide* .", + "title": "Type", + "type": "string" } }, + "required": [ + "Content", + "InstanceArn", + "Name", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::InstanceProfile" + "AWS::Connect::ContactFlow" ], "type": "string" }, @@ -58202,11 +64360,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::MigrationProject": { + "AWS::Connect::ContactFlowModule": { "additionalProperties": false, "properties": { "Condition": { @@ -58241,76 +64400,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A user-friendly description of the migration project.", - "title": "Description", - "type": "string" - }, - "InstanceProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile for your migration project.", - "title": "InstanceProfileArn", + "Content": { + "markdownDescription": "The content of the flow module.", + "title": "Content", "type": "string" }, - "InstanceProfileIdentifier": { - "markdownDescription": "The identifier of the instance profile for your migration project.", - "title": "InstanceProfileIdentifier", + "Description": { + "markdownDescription": "The description of the flow module.", + "title": "Description", "type": "string" }, - "InstanceProfileName": { - "markdownDescription": "The name of the associated instance profile.", - "title": "InstanceProfileName", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "MigrationProjectIdentifier": { - "markdownDescription": "The identifier of the migration project. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", - "title": "MigrationProjectIdentifier", + "Name": { + "markdownDescription": "The name of the flow module.", + "title": "Name", "type": "string" }, - "MigrationProjectName": { - "markdownDescription": "The name of the migration project.", - "title": "MigrationProjectName", + "State": { + "markdownDescription": "The state of the flow module.", + "title": "State", "type": "string" }, - "SchemaConversionApplicationAttributes": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes", - "markdownDescription": "The schema conversion application attributes, including the Amazon S3 bucket name and Amazon S3 role ARN.", - "title": "SchemaConversionApplicationAttributes" - }, - "SourceDataProviderDescriptors": { - "items": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" - }, - "markdownDescription": "Information about the source data provider, including the name or ARN, and AWS Secrets Manager parameters.", - "title": "SourceDataProviderDescriptors", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "TargetDataProviderDescriptors": { - "items": { - "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" - }, - "markdownDescription": "Information about the target data provider, including the name or ARN, and AWS Secrets Manager parameters.", - "title": "TargetDataProviderDescriptors", - "type": "array" - }, - "TransformationRules": { - "markdownDescription": "The settings in JSON format for migration rules. Migration rules make it possible for you to change the object names according to the rules that you specify. For example, you can change an object name to lowercase or uppercase, add or remove a prefix or suffix, or rename objects.", - "title": "TransformationRules", - "type": "string" } }, + "required": [ + "Content", + "InstanceArn", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::MigrationProject" + "AWS::Connect::ContactFlowModule" ], "type": "string" }, @@ -58324,58 +64457,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::MigrationProject.DataProviderDescriptor": { - "additionalProperties": false, - "properties": { - "DataProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data provider.", - "title": "DataProviderArn", - "type": "string" - }, - "DataProviderIdentifier": { - "markdownDescription": "", - "title": "DataProviderIdentifier", - "type": "string" - }, - "DataProviderName": { - "markdownDescription": "The user-friendly name of the data provider.", - "title": "DataProviderName", - "type": "string" - }, - "SecretsManagerAccessRoleArn": { - "markdownDescription": "The ARN of the role used to access AWS Secrets Manager.", - "title": "SecretsManagerAccessRoleArn", - "type": "string" - }, - "SecretsManagerSecretId": { - "markdownDescription": "The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider.", - "title": "SecretsManagerSecretId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes": { - "additionalProperties": false, - "properties": { - "S3BucketPath": { - "markdownDescription": "", - "title": "S3BucketPath", - "type": "string" - }, - "S3BucketRoleArn": { - "markdownDescription": "", - "title": "S3BucketRoleArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DMS::ReplicationConfig": { + "AWS::Connect::ContactFlowVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -58410,68 +64497,25 @@ "Properties": { "additionalProperties": false, "properties": { - "ComputeConfig": { - "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig", - "markdownDescription": "Configuration parameters for provisioning an AWS DMS Serverless replication.", - "title": "ComputeConfig" - }, - "ReplicationConfigArn": { - "type": "string" - }, - "ReplicationConfigIdentifier": { - "markdownDescription": "A unique identifier that you want to use to create a `ReplicationConfigArn` that is returned as part of the output from this action. You can then pass this output `ReplicationConfigArn` as the value of the `ReplicationConfigArn` option for other actions to identify both AWS DMS Serverless replications and replication configurations that you want those actions to operate on. For some actions, you can also use either this unique identifier or a corresponding ARN in action filters to identify the specific replication and replication configuration to operate on.", - "title": "ReplicationConfigIdentifier", - "type": "string" - }, - "ReplicationSettings": { - "markdownDescription": "Optional JSON settings for AWS DMS Serverless replications that are provisioned using this replication configuration. For example, see [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html) .", - "title": "ReplicationSettings", - "type": "object" - }, - "ReplicationType": { - "markdownDescription": "The type of AWS DMS Serverless replication to provision using this replication configuration.\n\nPossible values:\n\n- `\"full-load\"`\n- `\"cdc\"`\n- `\"full-load-and-cdc\"`", - "title": "ReplicationType", - "type": "string" - }, - "ResourceIdentifier": { - "markdownDescription": "Optional unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess) .", - "title": "ResourceIdentifier", - "type": "string" - }, - "SourceEndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration.", - "title": "SourceEndpointArn", + "ContactFlowId": { + "markdownDescription": "The identifier of the flow.", + "title": "ContactFlowId", "type": "string" }, - "SupplementalSettings": { - "markdownDescription": "Optional JSON settings for specifying supplemental data. For more information, see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) .", - "title": "SupplementalSettings", - "type": "object" - }, - "TableMappings": { - "markdownDescription": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration. For more information, see [Specifying table selection and transformations rules using JSON](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.SelectionTransformation.html) .", - "title": "TableMappings", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more optional tags associated with resources used by the AWS DMS Serverless replication. For more information, see [Tagging resources in AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tagging.html) .", - "title": "Tags", - "type": "array" - }, - "TargetEndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS serverless replication configuration.", - "title": "TargetEndpointArn", + "Description": { + "markdownDescription": "The description of the flow version.", + "title": "Description", "type": "string" } }, + "required": [ + "ContactFlowId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationConfig" + "AWS::Connect::ContactFlowVersion" ], "type": "string" }, @@ -58485,68 +64529,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::DMS::ReplicationConfig.ComputeConfig": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `\"us-west-2\"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` .", - "title": "AvailabilityZone", - "type": "string" - }, - "DnsNameServers": { - "markdownDescription": "A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", - "title": "DnsNameServers", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "An AWS Key Management Service ( AWS KMS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", - "type": "string" - }, - "MaxCapacityUnits": { - "markdownDescription": "Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify.", - "title": "MaxCapacityUnits", - "type": "number" - }, - "MinCapacityUnits": { - "markdownDescription": "Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` .", - "title": "MinCapacityUnits", - "type": "number" - }, - "MultiAZ": { - "markdownDescription": "Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` .", - "title": "MultiAZ", - "type": "boolean" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` .\n\nThe default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` .\n\nConstraints include a minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "ReplicationSubnetGroupId": { - "markdownDescription": "Specifies a subnet group identifier to associate with the AWS DMS Serverless replication.", - "title": "ReplicationSubnetGroupId", - "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication.", - "title": "VpcSecurityGroupIds", - "type": "array" - } - }, - "required": [ - "MaxCapacityUnits" + "Type", + "Properties" ], "type": "object" }, - "AWS::DMS::ReplicationInstance": { + "AWS::Connect::EmailAddress": { "additionalProperties": false, "properties": { "Condition": { @@ -58581,96 +64569,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.", - "title": "AllocatedStorage", - "type": "number" - }, - "AllowMajorVersionUpgrade": { - "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage, and the change is asynchronously applied as soon as possible.\n\nThis parameter must be set to `true` when specifying a value for the `EngineVersion` parameter that is a different major version than the replication instance's current version.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the replication instance during the maintenance window. This parameter defaults to `true` .\n\nDefault: `true`", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone that the replication instance will be created in.\n\nThe default value is a random, system-chosen Availability Zone in the endpoint's AWS Region , for example `us-east-1d` .", - "title": "AvailabilityZone", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The engine version number of the replication instance.\n\nIf an engine version number is not specified when a replication instance is created, the default is the latest engine version available.", - "title": "EngineVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "An AWS KMS key identifier that is used to encrypt the data on the replication instance.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", - "title": "KmsKeyId", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "Specifies whether the replication instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the Multi-AZ parameter is set to `true` .", - "title": "MultiAZ", - "type": "boolean" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in UTC.\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : A 30-minute window selected at random from an 8-hour block of time per AWS Region , occurring on a random day of the week.\n\n*Valid days* ( `ddd` ): `Mon` | `Tue` | `Wed` | `Thu` | `Fri` | `Sat` | `Sun`\n\n*Constraints* : Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "Specifies the accessibility options for the replication instance. A value of `true` represents an instance with a public IP address. A value of `false` represents an instance with a private IP address. The default value is `true` .", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicationInstanceClass": { - "markdownDescription": "The compute and memory capacity of the replication instance as defined for the specified replication instance class. For example, to specify the instance class dms.c4.large, set this parameter to `\"dms.c4.large\"` . For more information on the settings and capacities for the available replication instance classes, see [Selecting the right AWS DMS replication instance for your migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.html#CHAP_ReplicationInstance.InDepth) in the *AWS Database Migration Service User Guide* .", - "title": "ReplicationInstanceClass", + "Description": { + "markdownDescription": "The description of the email address.", + "title": "Description", "type": "string" }, - "ReplicationInstanceIdentifier": { - "markdownDescription": "The replication instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain 1-63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `myrepinstance`", - "title": "ReplicationInstanceIdentifier", + "DisplayName": { + "markdownDescription": "The display name of email address.", + "title": "DisplayName", "type": "string" }, - "ReplicationSubnetGroupIdentifier": { - "markdownDescription": "A subnet group to associate with the replication instance.", - "title": "ReplicationSubnetGroupIdentifier", + "EmailAddress": { + "markdownDescription": "The email address, including the domain.", + "title": "EmailAddress", "type": "string" }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` . For example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the replication instance.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the virtual private cloud (VPC) security group to be used with the replication instance. The VPC security group must work with the VPC containing the replication instance.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "required": [ - "ReplicationInstanceClass" + "EmailAddress", + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationInstance" + "AWS::Connect::EmailAddress" ], "type": "string" }, @@ -58689,7 +64625,7 @@ ], "type": "object" }, - "AWS::DMS::ReplicationSubnetGroup": { + "AWS::Connect::EvaluationForm": { "additionalProperties": false, "properties": { "Condition": { @@ -58724,42 +64660,64 @@ "Properties": { "additionalProperties": false, "properties": { - "ReplicationSubnetGroupDescription": { - "markdownDescription": "The description for the subnet group.", - "title": "ReplicationSubnetGroupDescription", + "AutoEvaluationConfiguration": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.AutoEvaluationConfiguration", + "markdownDescription": "", + "title": "AutoEvaluationConfiguration" + }, + "Description": { + "markdownDescription": "The description of the evaluation form.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", + "title": "Description", "type": "string" }, - "ReplicationSubnetGroupIdentifier": { - "markdownDescription": "The identifier for the replication subnet group. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the identifier.", - "title": "ReplicationSubnetGroupIdentifier", + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", "type": "string" }, - "SubnetIds": { + "Items": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormBaseItem" }, - "markdownDescription": "One or more subnet IDs to be assigned to the subnet group.", - "title": "SubnetIds", + "markdownDescription": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n\n*Minimum size* : 1\n\n*Maximum size* : 100", + "title": "Items", "type": "array" }, + "ScoringStrategy": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.ScoringStrategy", + "markdownDescription": "A scoring strategy of the evaluation form.", + "title": "ScoringStrategy" + }, + "Status": { + "markdownDescription": "The status of the evaluation form.\n\n*Allowed values* : `DRAFT` | `ACTIVE`", + "title": "Status", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags to be assigned to the subnet group.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "Title": { + "markdownDescription": "A title of the evaluation form.", + "title": "Title", + "type": "string" } }, "required": [ - "ReplicationSubnetGroupDescription", - "SubnetIds" + "InstanceArn", + "Items", + "Status", + "Title" ], "type": "object" }, "Type": { "enum": [ - "AWS::DMS::ReplicationSubnetGroup" + "AWS::Connect::EvaluationForm" ], "type": "string" }, @@ -58778,593 +64736,380 @@ ], "type": "object" }, - "AWS::DMS::ReplicationTask": { + "AWS::Connect::EvaluationForm.AutoEvaluationConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CdcStartPosition": { - "markdownDescription": "Indicates when you want a change data capture (CDC) operation to start. Use either `CdcStartPosition` or `CdcStartTime` to specify when you want a CDC operation to start. Specifying both values results in an error.\n\nThe value can be in date, checkpoint, log sequence number (LSN), or system change number (SCN) format.\n\nHere is a date example: `--cdc-start-position \"2018-03-08T12:12:12\"`\n\nHere is a checkpoint example: `--cdc-start-position \"checkpoint:V1#27#mysql-bin-changelog.157832:1975:-1:2002:677883278264080:mysql-bin-changelog.157832:1876#0#0#*#0#93\"`\n\nHere is an LSN example: `--cdc-start-position \u201cmysql-bin-changelog.000024:373\u201d`\n\n> When you use this task setting with a source PostgreSQL database, a logical replication slot should already be created and associated with the source endpoint. You can verify this by setting the `slotName` extra connection attribute to the name of this logical replication slot. For more information, see [Extra Connection Attributes When Using PostgreSQL as a Source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", - "title": "CdcStartPosition", - "type": "string" - }, - "CdcStartTime": { - "markdownDescription": "Indicates the start time for a change data capture (CDC) operation.", - "title": "CdcStartTime", - "type": "number" - }, - "CdcStopPosition": { - "markdownDescription": "Indicates when you want a change data capture (CDC) operation to stop. The value can be either server time or commit time.\n\nHere is a server time example: `--cdc-stop-position \"server_time:2018-02-09T12:12:12\"`\n\nHere is a commit time example: `--cdc-stop-position \"commit_time: 2018-02-09T12:12:12\"`", - "title": "CdcStopPosition", - "type": "string" - }, - "MigrationType": { - "markdownDescription": "The migration type. Valid values: `full-load` | `cdc` | `full-load-and-cdc`", - "title": "MigrationType", - "type": "string" - }, - "ReplicationInstanceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a replication instance.", - "title": "ReplicationInstanceArn", - "type": "string" - }, - "ReplicationTaskIdentifier": { - "markdownDescription": "An identifier for the replication task.\n\nConstraints:\n\n- Must contain 1-255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ReplicationTaskIdentifier", - "type": "string" - }, - "ReplicationTaskSettings": { - "markdownDescription": "Overall settings for the task, in JSON format. For more information, see [Specifying Task Settings for AWS Database Migration Service Tasks](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html) in the *AWS Database Migration Service User Guide* .", - "title": "ReplicationTaskSettings", - "type": "string" - }, - "ResourceIdentifier": { - "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", - "title": "ResourceIdentifier", - "type": "string" - }, - "SourceEndpointArn": { - "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the source endpoint.", - "title": "SourceEndpointArn", - "type": "string" - }, - "TableMappings": { - "markdownDescription": "The table mappings for the task, in JSON format. For more information, see [Using Table Mapping to Specify Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html) in the *AWS Database Migration Service User Guide* .", - "title": "TableMappings", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "One or more tags to be assigned to the replication task.", - "title": "Tags", - "type": "array" - }, - "TargetEndpointArn": { - "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the target endpoint.", - "title": "TargetEndpointArn", - "type": "string" - }, - "TaskData": { - "markdownDescription": "Supplemental information that the task requires to migrate the data for certain source and target endpoints. For more information, see [Specifying Supplemental Data for Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) in the *AWS Database Migration Service User Guide.*", - "title": "TaskData", - "type": "string" - } - }, - "required": [ - "MigrationType", - "ReplicationInstanceArn", - "SourceEndpointArn", - "TableMappings", - "TargetEndpointArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DMS::ReplicationTask" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Connect::EvaluationForm.EvaluationFormBaseItem": { + "additionalProperties": false, + "properties": { + "Section": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", + "markdownDescription": "A subsection or inner section of an item.", + "title": "Section" } }, "required": [ - "Type", - "Properties" + "Section" ], "type": "object" }, - "AWS::DataBrew::Dataset": { + "AWS::Connect::EvaluationForm.EvaluationFormItem": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Question": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestion", + "markdownDescription": "The information of the question.", + "title": "Question" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Section": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", + "markdownDescription": "The information of the section.", + "title": "Section" + } + }, + "type": "object" + }, + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation": { + "additionalProperties": false, + "properties": { + "AnswerSource": { + "markdownDescription": "", + "title": "AnswerSource", + "type": "object" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Format": { - "markdownDescription": "The file format of a dataset that is created from an Amazon S3 file or folder.", - "title": "Format", - "type": "string" - }, - "FormatOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FormatOptions", - "markdownDescription": "A set of options that define how DataBrew interprets the data in the dataset.", - "title": "FormatOptions" - }, - "Input": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.Input", - "markdownDescription": "Information on how DataBrew can find the dataset, in either the AWS Glue Data Catalog or Amazon S3 .", - "title": "Input" - }, - "Name": { - "markdownDescription": "The unique name of the dataset.", - "title": "Name", - "type": "string" - }, - "PathOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.PathOptions", - "markdownDescription": "A set of options that defines how DataBrew interprets an Amazon S3 path of the dataset.", - "title": "PathOptions" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata tags that have been applied to the dataset.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Input", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DataBrew::Dataset" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "PropertyValue": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation", + "markdownDescription": "The property value of the automation.", + "title": "PropertyValue" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DataBrew::Dataset.CsvOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "A single character that specifies the delimiter being used in the CSV file.", - "title": "Delimiter", - "type": "string" - }, - "HeaderRow": { - "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", - "title": "HeaderRow", + "AutomaticFail": { + "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", + "title": "AutomaticFail", "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DataBrew::Dataset.DataCatalogInputDefinition": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", - "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", - "type": "string" + "MaxValue": { + "markdownDescription": "The maximum answer value of the range option.", + "title": "MaxValue", + "type": "number" }, - "TableName": { - "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", - "title": "TableName", - "type": "string" + "MinValue": { + "markdownDescription": "The minimum answer value of the range option.", + "title": "MinValue", + "type": "number" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", - "title": "TempDirectory" + "Score": { + "markdownDescription": "The score assigned to answer values within the range option.\n\n*Minimum* : 0\n\n*Maximum* : 10", + "title": "Score", + "type": "number" } }, + "required": [ + "MaxValue", + "MinValue" + ], "type": "object" }, - "AWS::DataBrew::Dataset.DatabaseInputDefinition": { + "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties": { "additionalProperties": false, "properties": { - "DatabaseTableName": { - "markdownDescription": "The table within the target database.", - "title": "DatabaseTableName", - "type": "string" + "Automation": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation", + "markdownDescription": "The automation properties of the numeric question.", + "title": "Automation" }, - "GlueConnectionName": { - "markdownDescription": "The AWS Glue Connection that stores the connection information for the target database.", - "title": "GlueConnectionName", - "type": "string" + "MaxValue": { + "markdownDescription": "The maximum answer value.", + "title": "MaxValue", + "type": "number" }, - "QueryString": { - "markdownDescription": "Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs.", - "title": "QueryString", - "type": "string" + "MinValue": { + "markdownDescription": "The minimum answer value.", + "title": "MinValue", + "type": "number" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", - "title": "TempDirectory" + "Options": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption" + }, + "markdownDescription": "The scoring options of the numeric question.", + "title": "Options", + "type": "array" } }, "required": [ - "GlueConnectionName" + "MaxValue", + "MinValue" ], "type": "object" }, - "AWS::DataBrew::Dataset.DatasetParameter": { + "AWS::Connect::EvaluationForm.EvaluationFormQuestion": { "additionalProperties": false, "properties": { - "CreateColumn": { - "markdownDescription": "Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset.", - "title": "CreateColumn", + "Instructions": { + "markdownDescription": "The instructions of the section.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", + "title": "Instructions", + "type": "string" + }, + "NotApplicableEnabled": { + "markdownDescription": "The flag to enable not applicable answers to the question.", + "title": "NotApplicableEnabled", "type": "boolean" }, - "DatetimeOptions": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatetimeOptions", - "markdownDescription": "Additional parameter options such as a format and a timezone. Required for datetime parameters.", - "title": "DatetimeOptions" + "QuestionType": { + "markdownDescription": "The type of the question.\n\n*Allowed values* : `NUMERIC` | `SINGLESELECT` | `TEXT`", + "title": "QuestionType", + "type": "string" }, - "Filter": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", - "markdownDescription": "The optional filter expression structure to apply additional matching criteria to the parameter.", - "title": "Filter" + "QuestionTypeProperties": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties", + "markdownDescription": "The properties of the type of question. Text questions do not have to define question type properties.", + "title": "QuestionTypeProperties" }, - "Name": { - "markdownDescription": "The name of the parameter that is used in the dataset's Amazon S3 path.", - "title": "Name", + "RefId": { + "markdownDescription": "The identifier of the question. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", "type": "string" }, - "Type": { - "markdownDescription": "The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'.", - "title": "Type", + "Title": { + "markdownDescription": "The title of the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 350.", + "title": "Title", "type": "string" + }, + "Weight": { + "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", + "title": "Weight", + "type": "number" } }, "required": [ - "Name", - "Type" + "QuestionType", + "RefId", + "Title" ], "type": "object" }, - "AWS::DataBrew::Dataset.DatetimeOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties": { "additionalProperties": false, "properties": { - "Format": { - "markdownDescription": "Required option, that defines the datetime format used for a date parameter in the Amazon S3 path. Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. \"MM.dd.yyyy-'at'-HH:mm\".", - "title": "Format", - "type": "string" - }, - "LocaleCode": { - "markdownDescription": "Optional value for a non-US locale code, needed for correct interpretation of some date formats.", - "title": "LocaleCode", - "type": "string" + "Numeric": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties", + "markdownDescription": "The properties of the numeric question.", + "title": "Numeric" }, - "TimezoneOffset": { - "markdownDescription": "Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path. Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed.", - "title": "TimezoneOffset", - "type": "string" + "SingleSelect": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties", + "markdownDescription": "The properties of the numeric question.", + "title": "SingleSelect" } }, - "required": [ - "Format" - ], "type": "object" }, - "AWS::DataBrew::Dataset.ExcelOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormSection": { "additionalProperties": false, "properties": { - "HeaderRow": { - "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", - "title": "HeaderRow", - "type": "boolean" - }, - "SheetIndexes": { - "items": { - "type": "number" - }, - "markdownDescription": "One or more sheet numbers in the Excel file that will be included in the dataset.", - "title": "SheetIndexes", - "type": "array" + "Instructions": { + "markdownDescription": "The instructions of the section.", + "title": "Instructions", + "type": "string" }, - "SheetNames": { + "Items": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormItem" }, - "markdownDescription": "One or more named sheets in the Excel file that will be included in the dataset.", - "title": "SheetNames", + "markdownDescription": "The items of the section.\n\n*Minimum* : 1", + "title": "Items", "type": "array" - } - }, - "type": "object" - }, - "AWS::DataBrew::Dataset.FilesLimit": { - "additionalProperties": false, - "properties": { - "MaxFiles": { - "markdownDescription": "The number of Amazon S3 files to select.", - "title": "MaxFiles", - "type": "number" }, - "Order": { - "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING.", - "title": "Order", + "RefId": { + "markdownDescription": "The identifier of the section. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", "type": "string" }, - "OrderedBy": { - "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value.", - "title": "OrderedBy", + "Title": { + "markdownDescription": "The title of the section.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", + "title": "Title", "type": "string" + }, + "Weight": { + "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", + "title": "Weight", + "type": "number" } }, "required": [ - "MaxFiles" + "RefId", + "Title" ], "type": "object" }, - "AWS::DataBrew::Dataset.FilterExpression": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions. For example, \"(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)\". Substitution variables should start with ':' symbol.", - "title": "Expression", + "DefaultOptionRefId": { + "markdownDescription": "The identifier of the default answer option, when none of the automation options match the criteria.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "DefaultOptionRefId", "type": "string" }, - "ValuesMap": { + "Options": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterValue" + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption" }, - "markdownDescription": "The map of substitution variable names to their values used in this filter expression.", - "title": "ValuesMap", + "markdownDescription": "The automation options of the single select question.\n\n*Minimum* : 1\n\n*Maximum* : 20", + "title": "Options", "type": "array" } }, "required": [ - "Expression", - "ValuesMap" + "Options" ], "type": "object" }, - "AWS::DataBrew::Dataset.FilterValue": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to be associated with the substitution variable.", - "title": "Value", - "type": "string" - }, - "ValueReference": { - "markdownDescription": "The substitution variable reference.", - "title": "ValueReference", - "type": "string" + "RuleCategory": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation", + "markdownDescription": "The automation option based on a rule category for the single select question.", + "title": "RuleCategory" } }, "required": [ - "Value", - "ValueReference" + "RuleCategory" ], "type": "object" }, - "AWS::DataBrew::Dataset.FormatOptions": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.CsvOptions", - "markdownDescription": "Options that define how CSV input is to be interpreted by DataBrew.", - "title": "Csv" + "AutomaticFail": { + "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", + "title": "AutomaticFail", + "type": "boolean" }, - "Excel": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.ExcelOptions", - "markdownDescription": "Options that define how Excel input is to be interpreted by DataBrew.", - "title": "Excel" + "RefId": { + "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "RefId", + "type": "string" }, - "Json": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.JsonOptions", - "markdownDescription": "Options that define how JSON input is to be interpreted by DataBrew.", - "title": "Json" + "Score": { + "markdownDescription": "The score assigned to the answer option.\n\n*Minimum* : 0\n\n*Maximum* : 10", + "title": "Score", + "type": "number" + }, + "Text": { + "markdownDescription": "The title of the answer option.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", + "title": "Text", + "type": "string" } }, + "required": [ + "RefId", + "Text" + ], "type": "object" }, - "AWS::DataBrew::Dataset.Input": { + "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties": { "additionalProperties": false, "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "DatabaseInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatabaseInputDefinition", - "markdownDescription": "Connection information for dataset input files stored in a database.", - "title": "DatabaseInputDefinition" + "Automation": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation", + "markdownDescription": "The display mode of the single select question.", + "title": "Automation" }, - "Metadata": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.Metadata", - "markdownDescription": "Contains additional resource information needed for specific datasets.", - "title": "Metadata" + "DisplayAs": { + "markdownDescription": "The display mode of the single select question.\n\n*Allowed values* : `DROPDOWN` | `RADIO`", + "title": "DisplayAs", + "type": "string" }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" - } - }, - "type": "object" - }, - "AWS::DataBrew::Dataset.JsonOptions": { - "additionalProperties": false, - "properties": { - "MultiLine": { - "markdownDescription": "A value that specifies whether JSON input contains embedded new line characters.", - "title": "MultiLine", - "type": "boolean" + "Options": { + "items": { + "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption" + }, + "markdownDescription": "The answer options of the single select question.\n\n*Minimum* : 2\n\n*Maximum* : 256", + "title": "Options", + "type": "array" } }, + "required": [ + "Options" + ], "type": "object" }, - "AWS::DataBrew::Dataset.Metadata": { + "AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation": { "additionalProperties": false, "properties": { - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) associated with the dataset. Currently, DataBrew only supports ARNs from Amazon AppFlow.", - "title": "SourceArn", + "Label": { + "markdownDescription": "The property label of the automation.", + "title": "Label", "type": "string" } }, + "required": [ + "Label" + ], "type": "object" }, - "AWS::DataBrew::Dataset.PathOptions": { - "additionalProperties": false, - "properties": { - "FilesLimit": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilesLimit", - "markdownDescription": "If provided, this structure imposes a limit on a number of files that should be selected.", - "title": "FilesLimit" - }, - "LastModifiedDateCondition": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", - "markdownDescription": "If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 .", - "title": "LastModifiedDateCondition" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.PathParameter" - }, - "markdownDescription": "A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions.", - "title": "Parameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DataBrew::Dataset.PathParameter": { + "AWS::Connect::EvaluationForm.ScoringStrategy": { "additionalProperties": false, "properties": { - "DatasetParameter": { - "$ref": "#/definitions/AWS::DataBrew::Dataset.DatasetParameter", - "markdownDescription": "The path parameter definition.", - "title": "DatasetParameter" + "Mode": { + "markdownDescription": "The scoring mode of the evaluation form.\n\n*Allowed values* : `QUESTION_ONLY` | `SECTION_ONLY`", + "title": "Mode", + "type": "string" }, - "PathParameterName": { - "markdownDescription": "The name of the path parameter.", - "title": "PathParameterName", + "Status": { + "markdownDescription": "The scoring status of the evaluation form.\n\n*Allowed values* : `ENABLED` | `DISABLED`", + "title": "Status", "type": "string" } }, "required": [ - "DatasetParameter", - "PathParameterName" + "Mode", + "Status" ], "type": "object" }, - "AWS::DataBrew::Dataset.S3Location": { + "AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", + "Category": { + "markdownDescription": "The category name, as defined in Rules.\n\n*Minimum* : 1\n\n*Maximum* : 50", + "title": "Category", "type": "string" }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", + "Condition": { + "markdownDescription": "The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category.\n\n*Allowed values* : `PRESENT` | `NOT_PRESENT`\n\n*Maximum* : 50", + "title": "Condition", + "type": "string" + }, + "OptionRefId": { + "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", + "title": "OptionRefId", "type": "string" } }, "required": [ - "Bucket" + "Category", + "Condition", + "OptionRefId" ], "type": "object" }, - "AWS::DataBrew::Job": { + "AWS::Connect::HoursOfOperation": { "additionalProperties": false, "properties": { "Condition": { @@ -59399,132 +65144,62 @@ "Properties": { "additionalProperties": false, "properties": { - "DataCatalogOutputs": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.DataCatalogOutput" - }, - "markdownDescription": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.", - "title": "DataCatalogOutputs", - "type": "array" - }, - "DatabaseOutputs": { + "Config": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseOutput" + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationConfig" }, - "markdownDescription": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.", - "title": "DatabaseOutputs", + "markdownDescription": "Configuration information for the hours of operation.", + "title": "Config", "type": "array" }, - "DatasetName": { - "markdownDescription": "A dataset that the job is to process.", - "title": "DatasetName", - "type": "string" - }, - "EncryptionKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key that is used to protect the job output. For more information, see [Encrypting data written by DataBrew jobs](https://docs.aws.amazon.com/databrew/latest/dg/encryption-security-configuration.html)", - "title": "EncryptionKeyArn", - "type": "string" - }, - "EncryptionMode": { - "markdownDescription": "The encryption mode for the job, which can be one of the following:\n\n- `SSE-KMS` - Server-side encryption with keys managed by AWS KMS .\n- `SSE-S3` - Server-side encryption with keys managed by Amazon S3.", - "title": "EncryptionMode", - "type": "string" - }, - "JobSample": { - "$ref": "#/definitions/AWS::DataBrew::Job.JobSample", - "markdownDescription": "A sample configuration for profile jobs only, which determines the number of rows on which the profile job is run. If a `JobSample` value isn't provided, the default value is used. The default value is CUSTOM_ROWS for the mode parameter and 20,000 for the size parameter.", - "title": "JobSample" - }, - "LogSubscription": { - "markdownDescription": "The current status of Amazon CloudWatch logging for the job.", - "title": "LogSubscription", - "type": "string" - }, - "MaxCapacity": { - "markdownDescription": "The maximum number of nodes that can be consumed when the job processes data.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry the job after a job run fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "The unique name of the job.", - "title": "Name", + "Description": { + "markdownDescription": "The description for the hours of operation.", + "title": "Description", "type": "string" }, - "OutputLocation": { - "$ref": "#/definitions/AWS::DataBrew::Job.OutputLocation", - "markdownDescription": "The location in Amazon S3 where the job writes its output.", - "title": "OutputLocation" - }, - "Outputs": { + "HoursOfOperationOverrides": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.Output" + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationOverride" }, - "markdownDescription": "One or more artifacts that represent output from running the job.", - "title": "Outputs", + "markdownDescription": "", + "title": "HoursOfOperationOverrides", "type": "array" }, - "ProfileConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.ProfileConfiguration", - "markdownDescription": "Configuration for profile jobs. Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.", - "title": "ProfileConfiguration" - }, - "ProjectName": { - "markdownDescription": "The name of the project that the job is associated with.", - "title": "ProjectName", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Recipe": { - "$ref": "#/definitions/AWS::DataBrew::Job.Recipe", - "markdownDescription": "A series of data transformation steps that the job runs.", - "title": "Recipe" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role to be assumed for this job.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The name for the hours of operation.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the job.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, - "Timeout": { - "markdownDescription": "The job's timeout in minutes. A job that attempts to run longer than this timeout period ends with a status of `TIMEOUT` .", - "title": "Timeout", - "type": "number" - }, - "Type": { - "markdownDescription": "The job type of the job, which must be one of the following:\n\n- `PROFILE` - A job to analyze a dataset, to determine its size, data types, data distribution, and more.\n- `RECIPE` - A job to apply one or more transformations to a dataset.", - "title": "Type", + "TimeZone": { + "markdownDescription": "The time zone for the hours of operation.", + "title": "TimeZone", "type": "string" - }, - "ValidationConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ValidationConfiguration" - }, - "markdownDescription": "List of validation configurations that are applied to the profile job.", - "title": "ValidationConfigurations", - "type": "array" } }, "required": [ + "Config", + "InstanceArn", "Name", - "RoleArn", - "Type" + "TimeZone" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Job" + "AWS::Connect::HoursOfOperation" ], "type": "string" }, @@ -59543,433 +65218,582 @@ ], "type": "object" }, - "AWS::DataBrew::Job.AllowedStatistics": { - "additionalProperties": false, - "properties": { - "Statistics": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more column statistics to allow for columns that contain detected entities.", - "title": "Statistics", - "type": "array" - } - }, - "required": [ - "Statistics" - ], - "type": "object" - }, - "AWS::DataBrew::Job.ColumnSelector": { + "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a column from a dataset.", - "title": "Name", + "Day": { + "markdownDescription": "The day that the hours of operation applies to.", + "title": "Day", "type": "string" }, - "Regex": { - "markdownDescription": "A regular expression for selecting a column from a dataset.", - "title": "Regex", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.ColumnStatisticsConfiguration": { - "additionalProperties": false, - "properties": { - "Selectors": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" - }, - "markdownDescription": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.", - "title": "Selectors", - "type": "array" + "EndTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", + "markdownDescription": "The end time that your contact center closes.", + "title": "EndTime" }, - "Statistics": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", - "markdownDescription": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations.", - "title": "Statistics" + "StartTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", + "markdownDescription": "The start time that your contact center opens.", + "title": "StartTime" } }, "required": [ - "Statistics" + "Day", + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::DataBrew::Job.CsvOutputOptions": { - "additionalProperties": false, - "properties": { - "Delimiter": { - "markdownDescription": "A single character that specifies the delimiter used to create CSV job output.", - "title": "Delimiter", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.DataCatalogOutput": { + "AWS::Connect::HoursOfOperation.HoursOfOperationOverride": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", + "EffectiveFrom": { + "markdownDescription": "The date from which the hours of operation override would be effective.", + "title": "EffectiveFrom", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", + "EffectiveTill": { + "markdownDescription": "The date till which the hours of operation override would be effective.", + "title": "EffectiveTill", "type": "string" }, - "DatabaseOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", - "title": "DatabaseOptions" - }, - "Overwrite": { - "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions.", - "title": "Overwrite", - "type": "boolean" - }, - "S3Options": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3TableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.", - "title": "S3Options" - }, - "TableName": { - "markdownDescription": "The name of a table in the Data Catalog.", - "title": "TableName", + "HoursOfOperationOverrideId": { + "markdownDescription": "The identifier for the hours of operation override.", + "title": "HoursOfOperationOverrideId", "type": "string" - } - }, - "required": [ - "DatabaseName", - "TableName" - ], - "type": "object" - }, - "AWS::DataBrew::Job.DatabaseOutput": { - "additionalProperties": false, - "properties": { - "DatabaseOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", - "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", - "title": "DatabaseOptions" }, - "DatabaseOutputMode": { - "markdownDescription": "The output mode to write into the database. Currently supported option: NEW_TABLE.", - "title": "DatabaseOutputMode", + "OverrideConfig": { + "items": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationOverrideConfig" + }, + "markdownDescription": "", + "title": "OverrideConfig", + "type": "array" + }, + "OverrideDescription": { + "markdownDescription": "", + "title": "OverrideDescription", "type": "string" }, - "GlueConnectionName": { - "markdownDescription": "The AWS Glue connection that stores the connection information for the target database.", - "title": "GlueConnectionName", + "OverrideName": { + "markdownDescription": "", + "title": "OverrideName", "type": "string" } }, "required": [ - "DatabaseOptions", - "GlueConnectionName" + "EffectiveFrom", + "EffectiveTill", + "OverrideConfig", + "OverrideName" ], "type": "object" }, - "AWS::DataBrew::Job.DatabaseTableOutputOptions": { + "AWS::Connect::HoursOfOperation.HoursOfOperationOverrideConfig": { "additionalProperties": false, "properties": { - "TableName": { - "markdownDescription": "A prefix for the name of a table DataBrew will create in the database.", - "title": "TableName", + "Day": { + "markdownDescription": "The day that the hours of operation override applies to.", + "title": "Day", "type": "string" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results.", - "title": "TempDirectory" + "EndTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.OverrideTimeSlice", + "markdownDescription": "The end time that your contact center closes if overrides are applied.", + "title": "EndTime" + }, + "StartTime": { + "$ref": "#/definitions/AWS::Connect::HoursOfOperation.OverrideTimeSlice", + "markdownDescription": "The start time when your contact center opens if overrides are applied.", + "title": "StartTime" } }, "required": [ - "TableName" + "Day", + "EndTime", + "StartTime" ], "type": "object" }, - "AWS::DataBrew::Job.EntityDetectorConfiguration": { + "AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice": { "additionalProperties": false, "properties": { - "AllowedStatistics": { - "$ref": "#/definitions/AWS::DataBrew::Job.AllowedStatistics", - "markdownDescription": "Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities.", - "title": "AllowedStatistics" + "Hours": { + "markdownDescription": "The hours.", + "title": "Hours", + "type": "number" }, - "EntityTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Entity types to detect. Can be any of the following:\n\n- USA_SSN\n- EMAIL\n- USA_ITIN\n- USA_PASSPORT_NUMBER\n- PHONE_NUMBER\n- USA_DRIVING_LICENSE\n- BANK_ACCOUNT\n- CREDIT_CARD\n- IP_ADDRESS\n- MAC_ADDRESS\n- USA_DEA_NUMBER\n- USA_HCPCS_CODE\n- USA_NATIONAL_PROVIDER_IDENTIFIER\n- USA_NATIONAL_DRUG_CODE\n- USA_HEALTH_INSURANCE_CLAIM_NUMBER\n- USA_MEDICARE_BENEFICIARY_IDENTIFIER\n- USA_CPT_CODE\n- PERSON_NAME\n- DATE\n\nThe Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE.", - "title": "EntityTypes", - "type": "array" + "Minutes": { + "markdownDescription": "The minutes.", + "title": "Minutes", + "type": "number" } }, "required": [ - "EntityTypes" + "Hours", + "Minutes" ], "type": "object" }, - "AWS::DataBrew::Job.JobSample": { + "AWS::Connect::HoursOfOperation.OverrideTimeSlice": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following:\n\n- FULL_DATASET - The profile job is run on the entire dataset.\n- CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter.", - "title": "Mode", - "type": "string" + "Hours": { + "markdownDescription": "The hours.", + "title": "Hours", + "type": "number" }, - "Size": { - "markdownDescription": "The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.\n\nLong.MAX_VALUE = 9223372036854775807", - "title": "Size", + "Minutes": { + "markdownDescription": "The minutes.", + "title": "Minutes", "type": "number" } }, + "required": [ + "Hours", + "Minutes" + ], "type": "object" }, - "AWS::DataBrew::Job.Output": { + "AWS::Connect::Instance": { "additionalProperties": false, "properties": { - "CompressionFormat": { - "markdownDescription": "The compression algorithm used to compress the output text of the job.", - "title": "CompressionFormat", + "Condition": { "type": "string" }, - "Format": { - "markdownDescription": "The data format of the output of the job.", - "title": "Format", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatOptions": { - "$ref": "#/definitions/AWS::DataBrew::Job.OutputFormatOptions", - "markdownDescription": "Represents options that define how DataBrew formats job output files.", - "title": "FormatOptions" - }, - "Location": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "The location in Amazon S3 where the job writes its output.", - "title": "Location" - }, - "MaxOutputFiles": { - "markdownDescription": "The maximum number of files to be generated by the job and written to the output folder.", - "title": "MaxOutputFiles", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Overwrite": { - "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output.", - "title": "Overwrite", - "type": "boolean" + "Metadata": { + "type": "object" }, - "PartitionColumns": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Attributes": { + "$ref": "#/definitions/AWS::Connect::Instance.Attributes", + "markdownDescription": "A toggle for an individual feature at the instance level.", + "title": "Attributes" + }, + "DirectoryId": { + "markdownDescription": "The identifier for the directory.", + "title": "DirectoryId", + "type": "string" + }, + "IdentityManagementType": { + "markdownDescription": "The identity management type.", + "title": "IdentityManagementType", + "type": "string" + }, + "InstanceAlias": { + "markdownDescription": "The alias of instance. `InstanceAlias` is only required when `IdentityManagementType` is `CONNECT_MANAGED` or `SAML` . `InstanceAlias` is not required when `IdentityManagementType` is `EXISTING_DIRECTORY` .", + "title": "InstanceAlias", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The names of one or more partition columns for the output of the job.", - "title": "PartitionColumns", - "type": "array" - } - }, - "required": [ - "Location" - ], - "type": "object" - }, - "AWS::DataBrew::Job.OutputFormatOptions": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DataBrew::Job.CsvOutputOptions", - "markdownDescription": "Represents a set of options that define the structure of comma-separated value (CSV) job output.", - "title": "Csv" - } - }, - "type": "object" - }, - "AWS::DataBrew::Job.OutputLocation": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" + "required": [ + "Attributes", + "IdentityManagementType" + ], + "type": "object" }, - "BucketOwner": { - "markdownDescription": "", - "title": "BucketOwner", + "Type": { + "enum": [ + "AWS::Connect::Instance" + ], "type": "string" }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Job.ProfileConfiguration": { + "AWS::Connect::Instance.Attributes": { "additionalProperties": false, "properties": { - "ColumnStatisticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnStatisticsConfiguration" - }, - "markdownDescription": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.", - "title": "ColumnStatisticsConfigurations", - "type": "array" + "AutoResolveBestVoices": { + "markdownDescription": "", + "title": "AutoResolveBestVoices", + "type": "boolean" }, - "DatasetStatisticsConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", - "markdownDescription": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.", - "title": "DatasetStatisticsConfiguration" + "ContactLens": { + "markdownDescription": "", + "title": "ContactLens", + "type": "boolean" }, - "EntityDetectorConfiguration": { - "$ref": "#/definitions/AWS::DataBrew::Job.EntityDetectorConfiguration", - "markdownDescription": "Configuration of entity detection for a profile job. When undefined, entity detection is disabled.", - "title": "EntityDetectorConfiguration" + "ContactflowLogs": { + "markdownDescription": "", + "title": "ContactflowLogs", + "type": "boolean" }, - "ProfileColumns": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" - }, - "markdownDescription": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.", - "title": "ProfileColumns", - "type": "array" + "EarlyMedia": { + "markdownDescription": "", + "title": "EarlyMedia", + "type": "boolean" + }, + "EnhancedChatMonitoring": { + "markdownDescription": "", + "title": "EnhancedChatMonitoring", + "type": "boolean" + }, + "EnhancedContactMonitoring": { + "markdownDescription": "", + "title": "EnhancedContactMonitoring", + "type": "boolean" + }, + "HighVolumeOutBound": { + "markdownDescription": "", + "title": "HighVolumeOutBound", + "type": "boolean" + }, + "InboundCalls": { + "markdownDescription": "", + "title": "InboundCalls", + "type": "boolean" + }, + "MultiPartyChatConference": { + "markdownDescription": "", + "title": "MultiPartyChatConference", + "type": "boolean" + }, + "MultiPartyConference": { + "markdownDescription": "", + "title": "MultiPartyConference", + "type": "boolean" + }, + "OutboundCalls": { + "markdownDescription": "", + "title": "OutboundCalls", + "type": "boolean" + }, + "UseCustomTTSVoices": { + "markdownDescription": "", + "title": "UseCustomTTSVoices", + "type": "boolean" } }, + "required": [ + "InboundCalls", + "OutboundCalls" + ], "type": "object" }, - "AWS::DataBrew::Job.Recipe": { + "AWS::Connect::InstanceStorageConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The unique name for the recipe.", - "title": "Name", + "Condition": { "type": "string" }, - "Version": { - "markdownDescription": "The identifier for the version for the recipe.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Name" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "KinesisFirehoseConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig", + "markdownDescription": "The configuration of the Kinesis Firehose delivery stream.", + "title": "KinesisFirehoseConfig" + }, + "KinesisStreamConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisStreamConfig", + "markdownDescription": "The configuration of the Kinesis data stream.", + "title": "KinesisStreamConfig" + }, + "KinesisVideoStreamConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig", + "markdownDescription": "The configuration of the Kinesis video stream.", + "title": "KinesisVideoStreamConfig" + }, + "ResourceType": { + "markdownDescription": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`", + "title": "ResourceType", + "type": "string" + }, + "S3Config": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.S3Config", + "markdownDescription": "The S3 bucket configuration.", + "title": "S3Config" + }, + "StorageType": { + "markdownDescription": "A valid storage type.", + "title": "StorageType", + "type": "string" + } + }, + "required": [ + "InstanceArn", + "ResourceType", + "StorageType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::InstanceStorageConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Job.S3Location": { + "AWS::Connect::InstanceStorageConfig.EncryptionConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", + "EncryptionType": { + "markdownDescription": "The type of encryption.", + "title": "EncryptionType", "type": "string" }, - "BucketOwner": { - "markdownDescription": "The AWS account ID of the bucket owner.", - "title": "BucketOwner", + "KeyId": { + "markdownDescription": "The full ARN of the encryption key.\n\n> Be sure to provide the full ARN of the encryption key, not just the ID.\n> \n> Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) .", + "title": "KeyId", "type": "string" - }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", + } + }, + "required": [ + "EncryptionType", + "KeyId" + ], + "type": "object" + }, + "AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig": { + "additionalProperties": false, + "properties": { + "FirehoseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", + "title": "FirehoseArn", "type": "string" } }, "required": [ - "Bucket" + "FirehoseArn" ], "type": "object" }, - "AWS::DataBrew::Job.S3TableOutputOptions": { + "AWS::Connect::InstanceStorageConfig.KinesisStreamConfig": { "additionalProperties": false, "properties": { - "Location": { - "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", - "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job.", - "title": "Location" + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data stream.", + "title": "StreamArn", + "type": "string" } }, "required": [ - "Location" + "StreamArn" ], "type": "object" }, - "AWS::DataBrew::Job.StatisticOverride": { + "AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig": { "additionalProperties": false, "properties": { - "Parameters": { - "additionalProperties": true, - "markdownDescription": "A map that includes overrides of an evaluation\u2019s parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", + "markdownDescription": "The encryption configuration.", + "title": "EncryptionConfig" }, - "Statistic": { - "markdownDescription": "The name of an evaluation", - "title": "Statistic", + "Prefix": { + "markdownDescription": "The prefix of the video stream.", + "title": "Prefix", "type": "string" + }, + "RetentionPeriodHours": { + "markdownDescription": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream.\n\nThe default value is 0, indicating that the stream does not persist data.", + "title": "RetentionPeriodHours", + "type": "number" } }, "required": [ - "Parameters", - "Statistic" + "EncryptionConfig", + "Prefix", + "RetentionPeriodHours" ], "type": "object" }, - "AWS::DataBrew::Job.StatisticsConfiguration": { + "AWS::Connect::InstanceStorageConfig.S3Config": { "additionalProperties": false, "properties": { - "IncludedStatistics": { - "items": { - "type": "string" - }, - "markdownDescription": "List of included evaluations. When the list is undefined, all supported evaluations will be included.", - "title": "IncludedStatistics", - "type": "array" + "BucketName": { + "markdownDescription": "The S3 bucket name.", + "title": "BucketName", + "type": "string" }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Job.StatisticOverride" - }, - "markdownDescription": "List of overrides for evaluations.", - "title": "Overrides", - "type": "array" + "BucketPrefix": { + "markdownDescription": "The S3 bucket prefix.", + "title": "BucketPrefix", + "type": "string" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", + "markdownDescription": "The Amazon S3 encryption configuration.", + "title": "EncryptionConfig" } }, + "required": [ + "BucketName", + "BucketPrefix" + ], "type": "object" }, - "AWS::DataBrew::Job.ValidationConfiguration": { + "AWS::Connect::IntegrationAssociation": { "additionalProperties": false, "properties": { - "RulesetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job. The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job.", - "title": "RulesetArn", + "Condition": { "type": "string" }, - "ValidationMode": { - "markdownDescription": "Mode of data quality validation. Default mode is \u201cCHECK_ALL\u201d which verifies all rules defined in the selected ruleset.", - "title": "ValidationMode", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", + "type": "string" + }, + "IntegrationArn": { + "markdownDescription": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`", + "title": "IntegrationArn", + "type": "string" + }, + "IntegrationType": { + "markdownDescription": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`", + "title": "IntegrationType", + "type": "string" + } + }, + "required": [ + "InstanceId", + "IntegrationArn", + "IntegrationType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::IntegrationAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "RulesetArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Project": { + "AWS::Connect::PhoneNumber": { "additionalProperties": false, "properties": { "Condition": { @@ -60004,51 +65828,53 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetName": { - "markdownDescription": "The dataset that the project is to act upon.", - "title": "DatasetName", + "CountryCode": { + "markdownDescription": "The ISO country code.", + "title": "CountryCode", "type": "string" }, - "Name": { - "markdownDescription": "The unique name of a project.", - "title": "Name", + "Description": { + "markdownDescription": "The description of the phone number.", + "title": "Description", "type": "string" }, - "RecipeName": { - "markdownDescription": "The name of a recipe that will be developed during a project session.", - "title": "RecipeName", + "Prefix": { + "markdownDescription": "The prefix of the phone number. If provided, it must contain `+` as part of the country code.\n\n*Pattern* : `^\\\\+[0-9]{1,15}`", + "title": "Prefix", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that will be assumed for this project.", - "title": "RoleArn", + "SourcePhoneNumberArn": { + "markdownDescription": "The claimed phone number ARN that was previously imported from the external service, such as AWS End User Messaging. If it is from AWS End User Messaging, it looks like the ARN of the phone number that was imported from AWS End User Messaging.", + "title": "SourcePhoneNumberArn", "type": "string" }, - "Sample": { - "$ref": "#/definitions/AWS::DataBrew::Project.Sample", - "markdownDescription": "The sample size and sampling type to apply to the data. If this parameter isn't specified, then the sample consists of the first 500 rows from the dataset.", - "title": "Sample" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the project.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for Amazon Connect instances or traffic distribution group that phone numbers are claimed to.", + "title": "TargetArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of phone number.", + "title": "Type", + "type": "string" } }, "required": [ - "DatasetName", - "Name", - "RecipeName", - "RoleArn" + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Project" + "AWS::Connect::PhoneNumber" ], "type": "string" }, @@ -60067,26 +65893,100 @@ ], "type": "object" }, - "AWS::DataBrew::Project.Sample": { + "AWS::Connect::PredefinedAttribute": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The number of rows in the sample.", - "title": "Size", - "type": "number" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the predefined attribute.", + "title": "Name", + "type": "string" + }, + "Values": { + "$ref": "#/definitions/AWS::Connect::PredefinedAttribute.Values", + "markdownDescription": "The values of a predefined attribute.", + "title": "Values" + } + }, + "required": [ + "InstanceArn", + "Name", + "Values" + ], + "type": "object" }, "Type": { - "markdownDescription": "The way in which DataBrew obtains rows from a dataset.", - "title": "Type", + "enum": [ + "AWS::Connect::PredefinedAttribute" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Recipe": { + "AWS::Connect::PredefinedAttribute.Values": { + "additionalProperties": false, + "properties": { + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "Predefined attribute values of type string list.", + "title": "StringList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Connect::Prompt": { "additionalProperties": false, "properties": { "Condition": { @@ -60122,41 +66022,43 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the recipe.", + "markdownDescription": "The description of the prompt.", "title": "Description", "type": "string" }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, "Name": { - "markdownDescription": "The unique name for the recipe.", + "markdownDescription": "The name of the prompt.", "title": "Name", "type": "string" }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeStep" - }, - "markdownDescription": "A list of steps that are defined by the recipe.", - "title": "Steps", - "type": "array" + "S3Uri": { + "markdownDescription": "The URI for the S3 bucket where the prompt is stored. This property is required when you create a prompt.", + "title": "S3Uri", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata tags that have been applied to the recipe.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "Steps" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Recipe" + "AWS::Connect::Prompt" ], "type": "string" }, @@ -60175,673 +66077,537 @@ ], "type": "object" }, - "AWS::DataBrew::Recipe.Action": { + "AWS::Connect::Queue": { "additionalProperties": false, "properties": { - "Operation": { - "markdownDescription": "The name of a valid DataBrew transformation to be performed on the data.", - "title": "Operation", + "Condition": { "type": "string" }, - "Parameters": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeParameters", - "markdownDescription": "Contextual parameters for the transformation.", - "title": "Parameters" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the queue.", + "title": "Description", + "type": "string" + }, + "HoursOfOperationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hours of operation.", + "title": "HoursOfOperationArn", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "MaxContacts": { + "markdownDescription": "The maximum number of contacts that can be in the queue before it is considered full.", + "title": "MaxContacts", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the queue.", + "title": "Name", + "type": "string" + }, + "OutboundCallerConfig": { + "$ref": "#/definitions/AWS::Connect::Queue.OutboundCallerConfig", + "markdownDescription": "The outbound caller ID name, number, and outbound whisper flow.", + "title": "OutboundCallerConfig" + }, + "OutboundEmailConfig": { + "$ref": "#/definitions/AWS::Connect::Queue.OutboundEmailConfig", + "markdownDescription": "The outbound email address ID for a specified queue.", + "title": "OutboundEmailConfig" + }, + "QuickConnectArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the of the quick connects available to agents who are working the queue.", + "title": "QuickConnectArns", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of the queue.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HoursOfOperationArn", + "InstanceArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::Queue" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Operation" + "Type", + "Properties" ], "type": "object" }, - "AWS::DataBrew::Recipe.ConditionExpression": { + "AWS::Connect::Queue.OutboundCallerConfig": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "A specific condition to apply to a recipe action. For more information, see [Recipe structure](https://docs.aws.amazon.com/databrew/latest/dg/recipe-structure.html) in the *AWS Glue DataBrew Developer Guide* .", - "title": "Condition", + "OutboundCallerIdName": { + "markdownDescription": "The caller ID name.", + "title": "OutboundCallerIdName", "type": "string" }, - "TargetColumn": { - "markdownDescription": "A column to apply this condition to.", - "title": "TargetColumn", + "OutboundCallerIdNumberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the outbound caller ID number.\n\n> Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API.", + "title": "OutboundCallerIdNumberArn", "type": "string" }, - "Value": { - "markdownDescription": "A value that the condition must evaluate to for the condition to succeed.", - "title": "Value", + "OutboundFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the outbound flow.", + "title": "OutboundFlowArn", "type": "string" } }, - "required": [ - "Condition", - "TargetColumn" - ], "type": "object" }, - "AWS::DataBrew::Recipe.DataCatalogInputDefinition": { + "AWS::Connect::Queue.OutboundEmailConfig": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", - "title": "CatalogId", + "OutboundEmailAddressId": { + "markdownDescription": "The identifier of the email address.", + "title": "OutboundEmailAddressId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Connect::QuickConnect": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of a database in the Data Catalog.", - "title": "DatabaseName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TableName": { - "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", - "title": "TableName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the quick connect.", + "title": "Description", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the quick connect.", + "title": "Name", + "type": "string" + }, + "QuickConnectConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.QuickConnectConfig", + "markdownDescription": "Contains information about the quick connect.", + "title": "QuickConnectConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "InstanceArn", + "Name", + "QuickConnectConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::QuickConnect" + ], "type": "string" }, - "TempDirectory": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "Represents an Amazon location where DataBrew can store intermediate results.", - "title": "TempDirectory" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::DataBrew::Recipe.Input": { + "AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig": { "additionalProperties": false, "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" + "PhoneNumber": { + "markdownDescription": "The phone number in E.164 format.", + "title": "PhoneNumber", + "type": "string" } }, + "required": [ + "PhoneNumber" + ], "type": "object" }, - "AWS::DataBrew::Recipe.RecipeParameters": { + "AWS::Connect::QuickConnect.QueueQuickConnectConfig": { "additionalProperties": false, "properties": { - "AggregateFunction": { - "markdownDescription": "The name of an aggregation function to apply.", - "title": "AggregateFunction", + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", "type": "string" }, - "Base": { - "markdownDescription": "The number of digits used in a counting system.", - "title": "Base", + "QueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "QueueArn", "type": "string" + } + }, + "required": [ + "ContactFlowArn", + "QueueArn" + ], + "type": "object" + }, + "AWS::Connect::QuickConnect.QuickConnectConfig": { + "additionalProperties": false, + "properties": { + "PhoneConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig", + "markdownDescription": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER.", + "title": "PhoneConfig" }, - "CaseStatement": { - "markdownDescription": "A case statement associated with a recipe.", - "title": "CaseStatement", - "type": "string" + "QueueConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.QueueQuickConnectConfig", + "markdownDescription": "The queue configuration. This is required only if QuickConnectType is QUEUE.", + "title": "QueueConfig" }, - "CategoryMap": { - "markdownDescription": "A category map used for one-hot encoding.", - "title": "CategoryMap", + "QuickConnectType": { + "markdownDescription": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", + "title": "QuickConnectType", "type": "string" }, - "CharsToRemove": { - "markdownDescription": "Characters to remove from a step that applies one-hot encoding or tokenization.", - "title": "CharsToRemove", + "UserConfig": { + "$ref": "#/definitions/AWS::Connect::QuickConnect.UserQuickConnectConfig", + "markdownDescription": "The user configuration. This is required only if QuickConnectType is USER.", + "title": "UserConfig" + } + }, + "required": [ + "QuickConnectType" + ], + "type": "object" + }, + "AWS::Connect::QuickConnect.UserQuickConnectConfig": { + "additionalProperties": false, + "properties": { + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", "type": "string" }, - "CollapseConsecutiveWhitespace": { - "markdownDescription": "Remove any non-word non-punctuation character.", - "title": "CollapseConsecutiveWhitespace", + "UserArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user.", + "title": "UserArn", "type": "string" - }, - "ColumnDataType": { - "markdownDescription": "The data type of the column.", - "title": "ColumnDataType", + } + }, + "required": [ + "ContactFlowArn", + "UserArn" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "ColumnRange": { - "markdownDescription": "A range of columns to which a step is applied.", - "title": "ColumnRange", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Count": { - "markdownDescription": "The number of times a string needs to be repeated.", - "title": "Count", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CustomCharacters": { - "markdownDescription": "One or more characters that can be substituted or removed, depending on the context.", - "title": "CustomCharacters", - "type": "string" + "Metadata": { + "type": "object" }, - "CustomStopWords": { - "markdownDescription": "A list of words to ignore in a step that applies word tokenization.", - "title": "CustomStopWords", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AgentAvailabilityTimer": { + "markdownDescription": "Whether agents with this routing profile will have their routing order calculated based on *time since their last inbound contact* or *longest idle time* .", + "title": "AgentAvailabilityTimer", + "type": "string" + }, + "DefaultOutboundQueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the default outbound queue for the routing profile.", + "title": "DefaultOutboundQueueArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the routing profile.", + "title": "Description", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "MediaConcurrencies": { + "items": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.MediaConcurrency" + }, + "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", + "title": "MediaConcurrencies", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the routing profile.", + "title": "Name", + "type": "string" + }, + "QueueConfigs": { + "items": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueConfig" + }, + "markdownDescription": "The inbound queues associated with the routing profile. If no queue is added, the agent can make only outbound calls.", + "title": "QueueConfigs", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DefaultOutboundQueueArn", + "Description", + "InstanceArn", + "MediaConcurrencies", + "Name" + ], + "type": "object" }, - "CustomValue": { - "markdownDescription": "A list of custom values to use in a step that requires that you provide a value to finish the operation.", - "title": "CustomValue", + "Type": { + "enum": [ + "AWS::Connect::RoutingProfile" + ], "type": "string" }, - "DatasetsColumns": { - "markdownDescription": "A list of the dataset columns included in a project.", - "title": "DatasetsColumns", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "DateAddValue": { - "markdownDescription": "A value that specifies how many units of time to add or subtract for a date math operation.", - "title": "DateAddValue", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.CrossChannelBehavior": { + "additionalProperties": false, + "properties": { + "BehaviorType": { + "markdownDescription": "Specifies the other channels that can be routed to an agent handling their current channel.", + "title": "BehaviorType", "type": "string" - }, - "DateTimeFormat": { - "markdownDescription": "A date format to apply to a date.", - "title": "DateTimeFormat", + } + }, + "required": [ + "BehaviorType" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.MediaConcurrency": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The channels that agents can handle in the Contact Control Panel (CCP).", + "title": "Channel", "type": "string" }, - "DateTimeParameters": { - "markdownDescription": "A set of parameters associated with a datetime.", - "title": "DateTimeParameters", - "type": "string" + "Concurrency": { + "markdownDescription": "The number of contacts an agent can have on a channel simultaneously.\n\nValid Range for `VOICE` : Minimum value of 1. Maximum value of 1.\n\nValid Range for `CHAT` : Minimum value of 1. Maximum value of 10.\n\nValid Range for `TASK` : Minimum value of 1. Maximum value of 10.", + "title": "Concurrency", + "type": "number" }, - "DeleteOtherRows": { - "markdownDescription": "Determines whether unmapped rows in a categorical mapping should be deleted", - "title": "DeleteOtherRows", - "type": "string" + "CrossChannelBehavior": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.CrossChannelBehavior", + "markdownDescription": "Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel.", + "title": "CrossChannelBehavior" + } + }, + "required": [ + "Channel", + "Concurrency" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.RoutingProfileQueueConfig": { + "additionalProperties": false, + "properties": { + "Delay": { + "markdownDescription": "The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* .", + "title": "Delay", + "type": "number" }, - "Delimiter": { - "markdownDescription": "The delimiter to use when parsing separated values in a text file.", - "title": "Delimiter", - "type": "string" + "Priority": { + "markdownDescription": "The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) .", + "title": "Priority", + "type": "number" }, - "EndPattern": { - "markdownDescription": "The end pattern to locate.", - "title": "EndPattern", + "QueueReference": { + "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueReference", + "markdownDescription": "Contains information about a queue resource.", + "title": "QueueReference" + } + }, + "required": [ + "Delay", + "Priority", + "QueueReference" + ], + "type": "object" + }, + "AWS::Connect::RoutingProfile.RoutingProfileQueueReference": { + "additionalProperties": false, + "properties": { + "Channel": { + "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", + "title": "Channel", "type": "string" }, - "EndPosition": { - "markdownDescription": "The end position to locate.", - "title": "EndPosition", + "QueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "QueueArn", "type": "string" - }, - "EndValue": { - "markdownDescription": "The end value to locate.", - "title": "EndValue", - "type": "string" - }, - "ExpandContractions": { - "markdownDescription": "A list of word contractions and what they expand to. For eample: *can't* ; *cannot* ; *can not* .", - "title": "ExpandContractions", - "type": "string" - }, - "Exponent": { - "markdownDescription": "The exponent to apply in an exponential operation.", - "title": "Exponent", - "type": "string" - }, - "FalseString": { - "markdownDescription": "A value that represents `FALSE` .", - "title": "FalseString", - "type": "string" - }, - "GroupByAggFunctionOptions": { - "markdownDescription": "Specifies options to apply to the `GROUP BY` used in an aggregation.", - "title": "GroupByAggFunctionOptions", - "type": "string" - }, - "GroupByColumns": { - "markdownDescription": "The columns to use in the `GROUP BY` clause.", - "title": "GroupByColumns", - "type": "string" - }, - "HiddenColumns": { - "markdownDescription": "A list of columns to hide.", - "title": "HiddenColumns", - "type": "string" - }, - "IgnoreCase": { - "markdownDescription": "Indicates that lower and upper case letters are treated equally.", - "title": "IgnoreCase", - "type": "string" - }, - "IncludeInSplit": { - "markdownDescription": "Indicates if this column is participating in a split transform.", - "title": "IncludeInSplit", - "type": "string" - }, - "Input": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.Input", - "markdownDescription": "The input location to load the dataset from - Amazon S3 or AWS Glue Data Catalog .", - "title": "Input" - }, - "Interval": { - "markdownDescription": "The number of characters to split by.", - "title": "Interval", - "type": "string" - }, - "IsText": { - "markdownDescription": "Indicates if the content is text.", - "title": "IsText", - "type": "string" - }, - "JoinKeys": { - "markdownDescription": "The keys or columns involved in a join.", - "title": "JoinKeys", - "type": "string" - }, - "JoinType": { - "markdownDescription": "The type of join to use, for example, `INNER JOIN` , `OUTER JOIN` , and so on.", - "title": "JoinType", - "type": "string" - }, - "LeftColumns": { - "markdownDescription": "The columns on the left side of the join.", - "title": "LeftColumns", - "type": "string" - }, - "Limit": { - "markdownDescription": "The number of times to perform `split` or `replaceBy` in a string", - "title": "Limit", - "type": "string" - }, - "LowerBound": { - "markdownDescription": "The lower boundary for a value.", - "title": "LowerBound", - "type": "string" - }, - "MapType": { - "markdownDescription": "The type of mappings to apply to construct a new dynamic frame.", - "title": "MapType", - "type": "string" - }, - "ModeType": { - "markdownDescription": "Determines the manner in which mode value is calculated, in case there is more than one mode value. Valid values: `NONE` | `AVERAGE` | `MINIMUM` | `MAXIMUM`", - "title": "ModeType", - "type": "string" - }, - "MultiLine": { - "markdownDescription": "Specifies whether JSON input contains embedded new line characters.", - "title": "MultiLine", - "type": "boolean" - }, - "NumRows": { - "markdownDescription": "The number of rows to consider in a window.", - "title": "NumRows", - "type": "string" - }, - "NumRowsAfter": { - "markdownDescription": "The number of rows to consider after the current row in a window", - "title": "NumRowsAfter", - "type": "string" - }, - "NumRowsBefore": { - "markdownDescription": "The number of rows to consider before the current row in a window", - "title": "NumRowsBefore", - "type": "string" - }, - "OrderByColumn": { - "markdownDescription": "A column to sort the results by.", - "title": "OrderByColumn", - "type": "string" - }, - "OrderByColumns": { - "markdownDescription": "The columns to sort the results by.", - "title": "OrderByColumns", - "type": "string" - }, - "Other": { - "markdownDescription": "The value to assign to unmapped cells, in categorical mapping", - "title": "Other", - "type": "string" - }, - "Pattern": { - "markdownDescription": "The pattern to locate.", - "title": "Pattern", - "type": "string" - }, - "PatternOption1": { - "markdownDescription": "The starting pattern to split between.", - "title": "PatternOption1", - "type": "string" - }, - "PatternOption2": { - "markdownDescription": "The ending pattern to split between.", - "title": "PatternOption2", - "type": "string" - }, - "PatternOptions": { - "markdownDescription": "For splitting by multiple delimiters: A JSON-encoded string that lists the patterns in the format. For example: `[{\\\"pattern\\\":\\\"1\\\",\\\"includeInSplit\\\":true}]`", - "title": "PatternOptions", - "type": "string" - }, - "Period": { - "markdownDescription": "The size of the rolling window.", - "title": "Period", - "type": "string" - }, - "Position": { - "markdownDescription": "The character index within a string", - "title": "Position", - "type": "string" - }, - "RemoveAllPunctuation": { - "markdownDescription": "If `true` , removes all of the following characters: `.` `.!` `.,` `.?`", - "title": "RemoveAllPunctuation", - "type": "string" - }, - "RemoveAllQuotes": { - "markdownDescription": "If `true` , removes all single quotes and double quotes.", - "title": "RemoveAllQuotes", - "type": "string" - }, - "RemoveAllWhitespace": { - "markdownDescription": "If `true` , removes all whitespaces from the value.", - "title": "RemoveAllWhitespace", - "type": "string" - }, - "RemoveCustomCharacters": { - "markdownDescription": "If `true` , removes all chraracters specified by `CustomCharacters` .", - "title": "RemoveCustomCharacters", - "type": "string" - }, - "RemoveCustomValue": { - "markdownDescription": "If `true` , removes all chraracters specified by `CustomValue` .", - "title": "RemoveCustomValue", - "type": "string" - }, - "RemoveLeadingAndTrailingPunctuation": { - "markdownDescription": "If `true` , removes the following characters if they occur at the start or end of the value: `.` `!` `,` `?`", - "title": "RemoveLeadingAndTrailingPunctuation", - "type": "string" - }, - "RemoveLeadingAndTrailingQuotes": { - "markdownDescription": "If `true` , removes single quotes and double quotes from the beginning and end of the value.", - "title": "RemoveLeadingAndTrailingQuotes", - "type": "string" - }, - "RemoveLeadingAndTrailingWhitespace": { - "markdownDescription": "If `true` , removes all whitespaces from the beginning and end of the value.", - "title": "RemoveLeadingAndTrailingWhitespace", - "type": "string" - }, - "RemoveLetters": { - "markdownDescription": "If `true` , removes all uppercase and lowercase alphabetic characters (A through Z; a through z).", - "title": "RemoveLetters", - "type": "string" - }, - "RemoveNumbers": { - "markdownDescription": "If `true` , removes all numeric characters (0 through 9).", - "title": "RemoveNumbers", - "type": "string" - }, - "RemoveSourceColumn": { - "markdownDescription": "If `true` , the source column will be removed after un-nesting that column. (Used with nested column types, such as Map, Struct, or Array.)", - "title": "RemoveSourceColumn", - "type": "string" - }, - "RemoveSpecialCharacters": { - "markdownDescription": "If `true` , removes all of the following characters: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~`", - "title": "RemoveSpecialCharacters", - "type": "string" - }, - "RightColumns": { - "markdownDescription": "The columns on the right side of a join.", - "title": "RightColumns", - "type": "string" - }, - "SampleSize": { - "markdownDescription": "The number of rows in the sample.", - "title": "SampleSize", - "type": "string" - }, - "SampleType": { - "markdownDescription": "The sampling type to apply to the dataset. Valid values: `FIRST_N` | `LAST_N` | `RANDOM`", - "title": "SampleType", - "type": "string" - }, - "SecondInput": { - "markdownDescription": "A object value to indicate the second dataset used in a join.", - "title": "SecondInput", - "type": "string" - }, - "SecondaryInputs": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.SecondaryInput" - }, - "markdownDescription": "A list of secondary inputs in a UNION transform", - "title": "SecondaryInputs", - "type": "array" - }, - "SheetIndexes": { - "items": { - "type": "number" - }, - "markdownDescription": "One or more sheet numbers in the Excel file, which will be included in a dataset.", - "title": "SheetIndexes", - "type": "array" - }, - "SheetNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Oone or more named sheets in the Excel file, which will be included in a dataset.", - "title": "SheetNames", - "type": "array" - }, - "SourceColumn": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn", - "type": "string" - }, - "SourceColumn1": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn1", - "type": "string" - }, - "SourceColumn2": { - "markdownDescription": "A source column needed for an operation, step, or transform.", - "title": "SourceColumn2", - "type": "string" - }, - "SourceColumns": { - "markdownDescription": "A list of source columns needed for an operation, step, or transform.", - "title": "SourceColumns", - "type": "string" - }, - "StartColumnIndex": { - "markdownDescription": "The index number of the first column used by an operation, step, or transform.", - "title": "StartColumnIndex", - "type": "string" - }, - "StartPattern": { - "markdownDescription": "The starting pattern to locate.", - "title": "StartPattern", - "type": "string" - }, - "StartPosition": { - "markdownDescription": "The starting position to locate.", - "title": "StartPosition", - "type": "string" - }, - "StartValue": { - "markdownDescription": "The starting value to locate.", - "title": "StartValue", - "type": "string" - }, - "StemmingMode": { - "markdownDescription": "Indicates this operation uses stems and lemmas (base words) for word tokenization.", - "title": "StemmingMode", - "type": "string" - }, - "StepCount": { - "markdownDescription": "The total number of transforms in this recipe.", - "title": "StepCount", - "type": "string" - }, - "StepIndex": { - "markdownDescription": "The index ID of a step.", - "title": "StepIndex", - "type": "string" - }, - "StopWordsMode": { - "markdownDescription": "Indicates this operation uses stop words as part of word tokenization.", - "title": "StopWordsMode", - "type": "string" - }, - "Strategy": { - "markdownDescription": "The resolution strategy to apply in resolving ambiguities.", - "title": "Strategy", - "type": "string" - }, - "TargetColumn": { - "markdownDescription": "The column targeted by this operation.", - "title": "TargetColumn", - "type": "string" - }, - "TargetColumnNames": { - "markdownDescription": "The names to give columns altered by this operation.", - "title": "TargetColumnNames", - "type": "string" - }, - "TargetDateFormat": { - "markdownDescription": "The date format to convert to.", - "title": "TargetDateFormat", - "type": "string" - }, - "TargetIndex": { - "markdownDescription": "The index number of an object that is targeted by this operation.", - "title": "TargetIndex", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "The current timezone that you want to use for dates.", - "title": "TimeZone", - "type": "string" - }, - "TokenizerPattern": { - "markdownDescription": "A regex expression to use when splitting text into terms, also called words or tokens.", - "title": "TokenizerPattern", - "type": "string" - }, - "TrueString": { - "markdownDescription": "A value to use to represent `TRUE` .", - "title": "TrueString", - "type": "string" - }, - "UdfLang": { - "markdownDescription": "The language that's used in the user-defined function.", - "title": "UdfLang", - "type": "string" - }, - "Units": { - "markdownDescription": "Specifies a unit of time. For example: `MINUTES` ; `SECONDS` ; `HOURS` ; etc.", - "title": "Units", - "type": "string" - }, - "UnpivotColumn": { - "markdownDescription": "Cast columns as rows, so that each value is a different row in a single column.", - "title": "UnpivotColumn", - "type": "string" - }, - "UpperBound": { - "markdownDescription": "The upper boundary for a value.", - "title": "UpperBound", - "type": "string" - }, - "UseNewDataFrame": { - "markdownDescription": "Create a new container to hold a dataset.", - "title": "UseNewDataFrame", - "type": "string" - }, - "Value": { - "markdownDescription": "A static value that can be used in a comparison, a substitution, or in another context-specific way. A `Value` can be a number, string, or other datatype, depending on the recipe action in which it's used.", - "title": "Value", - "type": "string" - }, - "Value1": { - "markdownDescription": "A value that's used by this operation.", - "title": "Value1", - "type": "string" - }, - "Value2": { - "markdownDescription": "A value that's used by this operation.", - "title": "Value2", - "type": "string" - }, - "ValueColumn": { - "markdownDescription": "The column that is provided as a value that's used by this operation.", - "title": "ValueColumn", - "type": "string" - }, - "ViewFrame": { - "markdownDescription": "The subset of rows currently available for viewing.", - "title": "ViewFrame", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataBrew::Recipe.RecipeStep": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.Action", - "markdownDescription": "The particular action to be performed in the recipe step.", - "title": "Action" - }, - "ConditionExpressions": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.ConditionExpression" - }, - "markdownDescription": "One or more conditions that must be met for the recipe step to succeed.\n\n> All of the conditions in the array must be met. In other words, all of the conditions must be combined using a logical AND operation.", - "title": "ConditionExpressions", - "type": "array" - } - }, - "required": [ - "Action" - ], - "type": "object" - }, - "AWS::DataBrew::Recipe.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The unique name of the object in the bucket.", - "title": "Key", - "type": "string" - } - }, - "required": [ - "Bucket" - ], - "type": "object" - }, - "AWS::DataBrew::Recipe.SecondaryInput": { - "additionalProperties": false, - "properties": { - "DataCatalogInputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", - "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", - "title": "DataCatalogInputDefinition" - }, - "S3InputDefinition": { - "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", - "markdownDescription": "The Amazon S3 location where the data is stored.", - "title": "S3InputDefinition" - } - }, - "type": "object" - }, - "AWS::DataBrew::Ruleset": { - "additionalProperties": false, - "properties": { - "Condition": { + } + }, + "required": [ + "Channel", + "QueueArn" + ], + "type": "object" + }, + "AWS::Connect::Rule": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -60873,48 +66639,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the ruleset.", - "title": "Description", + "Actions": { + "$ref": "#/definitions/AWS::Connect::Rule.Actions", + "markdownDescription": "A list of actions to be run when the rule is triggered.", + "title": "Actions" + }, + "Function": { + "markdownDescription": "The conditions of the rule.", + "title": "Function", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the ruleset.", + "markdownDescription": "The name of the rule.", "title": "Name", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.Rule" - }, - "markdownDescription": "Contains metadata about the ruleset.", - "title": "Rules", - "type": "array" + "PublishStatus": { + "markdownDescription": "The publish status of the rule.\n\n*Allowed values* : `DRAFT` | `PUBLISHED`", + "title": "PublishStatus", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a resource (dataset) that the ruleset is associated with.", - "title": "TargetArn", - "type": "string" + "TriggerEventSource": { + "$ref": "#/definitions/AWS::Connect::Rule.RuleTriggerEventSource", + "markdownDescription": "The event source to trigger the rule.", + "title": "TriggerEventSource" } }, "required": [ + "Actions", + "Function", + "InstanceArn", "Name", - "Rules", - "TargetArn" + "PublishStatus", + "TriggerEventSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Ruleset" + "AWS::Connect::Rule" ], "type": "string" }, @@ -60933,113 +66709,328 @@ ], "type": "object" }, - "AWS::DataBrew::Ruleset.ColumnSelector": { + "AWS::Connect::Rule.Actions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a column from a dataset.", - "title": "Name", - "type": "string" + "AssignContactCategoryActions": { + "items": { + "type": "object" + }, + "markdownDescription": "Information about the contact category action. The syntax can be empty, for example, `{}` .", + "title": "AssignContactCategoryActions", + "type": "array" }, - "Regex": { - "markdownDescription": "A regular expression for selecting a column from a dataset.", - "title": "Regex", - "type": "string" + "CreateCaseActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.CreateCaseAction" + }, + "markdownDescription": "", + "title": "CreateCaseActions", + "type": "array" + }, + "EndAssociatedTasksActions": { + "items": { + "type": "object" + }, + "markdownDescription": "", + "title": "EndAssociatedTasksActions", + "type": "array" + }, + "EventBridgeActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.EventBridgeAction" + }, + "markdownDescription": "Information about the EventBridge action.", + "title": "EventBridgeActions", + "type": "array" + }, + "SendNotificationActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.SendNotificationAction" + }, + "markdownDescription": "Information about the send notification action.", + "title": "SendNotificationActions", + "type": "array" + }, + "SubmitAutoEvaluationActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.SubmitAutoEvaluationAction" + }, + "markdownDescription": "", + "title": "SubmitAutoEvaluationActions", + "type": "array" + }, + "TaskActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.TaskAction" + }, + "markdownDescription": "Information about the task action. This field is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", + "title": "TaskActions", + "type": "array" + }, + "UpdateCaseActions": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.UpdateCaseAction" + }, + "markdownDescription": "", + "title": "UpdateCaseActions", + "type": "array" } }, "type": "object" }, - "AWS::DataBrew::Ruleset.Rule": { + "AWS::Connect::Rule.CreateCaseAction": { "additionalProperties": false, "properties": { - "CheckExpression": { - "markdownDescription": "The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` .", - "title": "CheckExpression", - "type": "string" - }, - "ColumnSelectors": { + "Fields": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.ColumnSelector" + "$ref": "#/definitions/AWS::Connect::Rule.Field" }, - "markdownDescription": "List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns.", - "title": "ColumnSelectors", + "markdownDescription": "", + "title": "Fields", "type": "array" }, - "Disabled": { - "markdownDescription": "A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false.", - "title": "Disabled", - "type": "boolean" - }, + "TemplateId": { + "markdownDescription": "", + "title": "TemplateId", + "type": "string" + } + }, + "required": [ + "Fields", + "TemplateId" + ], + "type": "object" + }, + "AWS::Connect::Rule.EventBridgeAction": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The name of the rule.", + "markdownDescription": "The name.", "title": "Name", "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::Rule.Field": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "", + "title": "Id", + "type": "string" }, - "SubstitutionMap": { + "Value": { + "$ref": "#/definitions/AWS::Connect::Rule.FieldValue", + "markdownDescription": "", + "title": "Value" + } + }, + "required": [ + "Id", + "Value" + ], + "type": "object" + }, + "AWS::Connect::Rule.FieldValue": { + "additionalProperties": false, + "properties": { + "BooleanValue": { + "markdownDescription": "", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "", + "title": "DoubleValue", + "type": "number" + }, + "EmptyValue": { + "markdownDescription": "", + "title": "EmptyValue", + "type": "object" + }, + "StringValue": { + "markdownDescription": "", + "title": "StringValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Connect::Rule.NotificationRecipientType": { + "additionalProperties": false, + "properties": { + "UserArns": { "items": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.SubstitutionValue" + "type": "string" }, - "markdownDescription": "The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `\":col1\": \"`Column A`\".`", - "title": "SubstitutionMap", + "markdownDescription": "The Amazon Resource Name (ARN) of the user account.", + "title": "UserArns", "type": "array" }, - "Threshold": { - "$ref": "#/definitions/AWS::DataBrew::Ruleset.Threshold", - "markdownDescription": "The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds.", - "title": "Threshold" + "UserTags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }. Amazon Connect users with the specified tags will be notified.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserTags", + "type": "object" } }, - "required": [ - "CheckExpression", - "Name" - ], "type": "object" }, - "AWS::DataBrew::Ruleset.SubstitutionValue": { + "AWS::Connect::Rule.Reference": { "additionalProperties": false, "properties": { + "Type": { + "markdownDescription": "The type of the reference. `DATE` must be of type Epoch timestamp.\n\n*Allowed values* : `URL` | `ATTACHMENT` | `NUMBER` | `STRING` | `DATE` | `EMAIL`", + "title": "Type", + "type": "string" + }, "Value": { - "markdownDescription": "Value or column name.", + "markdownDescription": "A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).", "title": "Value", "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::Connect::Rule.RuleTriggerEventSource": { + "additionalProperties": false, + "properties": { + "EventSourceName": { + "markdownDescription": "The name of the event source.", + "title": "EventSourceName", + "type": "string" }, - "ValueReference": { - "markdownDescription": "Variable name.", - "title": "ValueReference", + "IntegrationAssociationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the integration association. `IntegrationAssociationArn` is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", + "title": "IntegrationAssociationArn", "type": "string" } }, "required": [ - "Value", - "ValueReference" + "EventSourceName" ], "type": "object" }, - "AWS::DataBrew::Ruleset.Threshold": { + "AWS::Connect::Rule.SendNotificationAction": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value.", - "title": "Type", + "Content": { + "markdownDescription": "Notification content. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Content", "type": "string" }, - "Unit": { - "markdownDescription": "Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation.", - "title": "Unit", + "ContentType": { + "markdownDescription": "Content type format.\n\n*Allowed value* : `PLAIN_TEXT`", + "title": "ContentType", "type": "string" }, - "Value": { - "markdownDescription": "The value of a threshold.", - "title": "Value", - "type": "number" + "DeliveryMethod": { + "markdownDescription": "Notification delivery method.\n\n*Allowed value* : `EMAIL`", + "title": "DeliveryMethod", + "type": "string" + }, + "Recipient": { + "$ref": "#/definitions/AWS::Connect::Rule.NotificationRecipientType", + "markdownDescription": "Notification recipient.", + "title": "Recipient" + }, + "Subject": { + "markdownDescription": "The subject of the email if the delivery method is `EMAIL` . Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Subject", + "type": "string" } }, "required": [ - "Value" + "Content", + "ContentType", + "DeliveryMethod", + "Recipient" ], "type": "object" }, - "AWS::DataBrew::Schedule": { + "AWS::Connect::Rule.SubmitAutoEvaluationAction": { + "additionalProperties": false, + "properties": { + "EvaluationFormArn": { + "markdownDescription": "", + "title": "EvaluationFormArn", + "type": "string" + } + }, + "required": [ + "EvaluationFormArn" + ], + "type": "object" + }, + "AWS::Connect::Rule.TaskAction": { + "additionalProperties": false, + "properties": { + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ContactFlowArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", + "title": "Name", + "type": "string" + }, + "References": { + "additionalProperties": false, + "markdownDescription": "Information about the reference when the `referenceType` is `URL` . Otherwise, null. `URL` is the only accepted type. (Supports variable injection in the `Value` field.)", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Connect::Rule.Reference" + } + }, + "title": "References", + "type": "object" + } + }, + "required": [ + "ContactFlowArn", + "Name" + ], + "type": "object" + }, + "AWS::Connect::Rule.UpdateCaseAction": { + "additionalProperties": false, + "properties": { + "Fields": { + "items": { + "$ref": "#/definitions/AWS::Connect::Rule.Field" + }, + "markdownDescription": "", + "title": "Fields", + "type": "array" + } + }, + "required": [ + "Fields" + ], + "type": "object" + }, + "AWS::Connect::SecurityKey": { "additionalProperties": false, "properties": { "Condition": { @@ -61074,42 +67065,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CronExpression": { - "markdownDescription": "The dates and times when the job is to run. For more information, see [Working with cron expressions for recipe jobs](https://docs.aws.amazon.com/databrew/latest/dg/jobs.recipe.html#jobs.cron) in the *AWS Glue DataBrew Developer Guide* .", - "title": "CronExpression", + "InstanceId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "title": "InstanceId", "type": "string" }, - "JobNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of jobs to be run, according to the schedule.", - "title": "JobNames", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the schedule.", - "title": "Name", + "Key": { + "markdownDescription": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", + "title": "Key", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata tags that have been applied to the schedule.", - "title": "Tags", - "type": "array" } }, "required": [ - "CronExpression", - "Name" + "InstanceId", + "Key" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataBrew::Schedule" + "AWS::Connect::SecurityKey" ], "type": "string" }, @@ -61128,7 +67103,7 @@ ], "type": "object" }, - "AWS::DataPipeline::Pipeline": { + "AWS::Connect::SecurityProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -61163,62 +67138,84 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to `true` .", - "title": "Activate", - "type": "boolean" + "AllowedAccessControlHierarchyGroupId": { + "markdownDescription": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.", + "title": "AllowedAccessControlHierarchyGroupId", + "type": "string" + }, + "AllowedAccessControlTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect.", + "title": "AllowedAccessControlTags", + "type": "array" + }, + "Applications": { + "items": { + "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" + }, + "markdownDescription": "", + "title": "Applications", + "type": "array" }, "Description": { - "markdownDescription": "A description of the pipeline.", + "markdownDescription": "The description of the security profile.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name of the pipeline.", - "title": "Name", - "type": "string" - }, - "ParameterObjects": { + "HierarchyRestrictedResources": { "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterObject" + "type": "string" }, - "markdownDescription": "The parameter objects used with the pipeline.", - "title": "ParameterObjects", + "markdownDescription": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: `User` .", + "title": "HierarchyRestrictedResources", "type": "array" }, - "ParameterValues": { + "InstanceArn": { + "markdownDescription": "The identifier of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "Permissions": { "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterValue" + "type": "string" }, - "markdownDescription": "The parameter values used with the pipeline.", - "title": "ParameterValues", + "markdownDescription": "Permissions assigned to the security profile. For a list of valid permissions, see [List of security profile permissions](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html) .", + "title": "Permissions", "type": "array" }, - "PipelineObjects": { + "SecurityProfileName": { + "markdownDescription": "The name for the security profile.", + "title": "SecurityProfileName", + "type": "string" + }, + "TagRestrictedResources": { "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineObject" + "type": "string" }, - "markdownDescription": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see [Editing Your Pipeline](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-manage-pipeline-modify-console.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "PipelineObjects", + "markdownDescription": "The list of resources that a security profile applies tag restrictions to in Amazon Connect.", + "title": "TagRestrictedResources", "type": "array" }, - "PipelineTags": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineTag" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see [Controlling Access to Pipelines and Resources](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-control-access.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "PipelineTags", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", "type": "array" } }, "required": [ - "Name" + "InstanceArn", + "SecurityProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataPipeline::Pipeline" + "AWS::Connect::SecurityProfile" ], "type": "string" }, @@ -61237,154 +67234,41 @@ ], "type": "object" }, - "AWS::DataPipeline::Pipeline.Field": { + "AWS::Connect::SecurityProfile.Application": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Specifies the name of a field for a particular object. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .", - "title": "Key", - "type": "string" - }, - "RefValue": { - "markdownDescription": "A field value that you specify as an identifier of another object in the same pipeline definition.\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", - "title": "RefValue", - "type": "string" + "ApplicationPermissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions that the agent is granted on the application. Only the `ACCESS` permission is supported.", + "title": "ApplicationPermissions", + "type": "array" }, - "StringValue": { - "markdownDescription": "A field value that you specify as a string. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", - "title": "StringValue", + "Namespace": { + "markdownDescription": "Namespace of the application that you want to give access to.", + "title": "Namespace", "type": "string" } }, "required": [ - "Key" + "ApplicationPermissions", + "Namespace" ], "type": "object" }, - "AWS::DataPipeline::Pipeline.ParameterAttribute": { + "AWS::Connect::TaskTemplate": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The field identifier.", - "title": "Key", + "Condition": { "type": "string" }, - "StringValue": { - "markdownDescription": "The field value, expressed as a String.", - "title": "StringValue", - "type": "string" - } - }, - "required": [ - "Key", - "StringValue" - ], - "type": "object" - }, - "AWS::DataPipeline::Pipeline.ParameterObject": { - "additionalProperties": false, - "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterAttribute" - }, - "markdownDescription": "The attributes of the parameter object.", - "title": "Attributes", - "type": "array" - }, - "Id": { - "markdownDescription": "The ID of the parameter object.", - "title": "Id", - "type": "string" - } - }, - "required": [ - "Attributes", - "Id" - ], - "type": "object" - }, - "AWS::DataPipeline::Pipeline.ParameterValue": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the parameter value.", - "title": "Id", - "type": "string" - }, - "StringValue": { - "markdownDescription": "The field value, expressed as a String.", - "title": "StringValue", - "type": "string" - } - }, - "required": [ - "Id", - "StringValue" - ], - "type": "object" - }, - "AWS::DataPipeline::Pipeline.PipelineObject": { - "additionalProperties": false, - "properties": { - "Fields": { - "items": { - "$ref": "#/definitions/AWS::DataPipeline::Pipeline.Field" - }, - "markdownDescription": "Key-value pairs that define the properties of the object.", - "title": "Fields", - "type": "array" - }, - "Id": { - "markdownDescription": "The ID of the object.", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the object.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Fields", - "Id", - "Name" - ], - "type": "object" - }, - "AWS::DataPipeline::Pipeline.PipelineTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key name of a tag.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value to associate with the key name.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::DataSync::Agent": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, "DependsOn": { @@ -61408,51 +67292,79 @@ "Properties": { "additionalProperties": false, "properties": { - "ActivationKey": { - "markdownDescription": "Specifies your DataSync agent's activation key. If you don't have an activation key, see [Activating your agent](https://docs.aws.amazon.com/datasync/latest/userguide/activate-agent.html) .", - "title": "ActivationKey", + "ClientToken": { + "markdownDescription": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "title": "ClientToken", "type": "string" }, - "AgentName": { - "markdownDescription": "Specifies a name for your agent. We recommend specifying a name that you can remember.", - "title": "AgentName", + "Constraints": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.Constraints", + "markdownDescription": "Constraints that are applicable to the fields listed.\n\nThe values can be represented in either JSON or YAML format. For an example of the JSON configuration, see *Examples* at the bottom of this page.", + "title": "Constraints" + }, + "ContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow that runs by default when a task is created by referencing this template. `ContactFlowArn` is not required when there is a field with `fieldType` = `QUICK_CONNECT` .", + "title": "ContactFlowArn", "type": "string" }, - "SecurityGroupArns": { + "Defaults": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Connect::TaskTemplate.DefaultFieldValue" }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. See [SecurityGroupArns](https://docs.aws.amazon.com/datasync/latest/userguide/API_Ec2Config.html#DataSync-Type-Ec2Config-SecurityGroupArns) .\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`", - "title": "SecurityGroupArns", + "markdownDescription": "The default values for fields when a task is created by referencing this template.", + "title": "Defaults", "type": "array" }, - "SubnetArns": { + "Description": { + "markdownDescription": "The description of the task template.", + "title": "Description", + "type": "string" + }, + "Fields": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Connect::TaskTemplate.Field" }, - "markdownDescription": "Specifies the ARN of the subnet where your VPC service endpoint is located. You can only specify one ARN.", - "title": "SubnetArns", + "markdownDescription": "Fields that are part of the template. A template requires at least one field that has type `Name` .", + "title": "Fields", "type": "array" }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the task template.", + "title": "Name", + "type": "string" + }, + "SelfAssignContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "SelfAssignContactFlowArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the task template.", + "title": "Status", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least one tag for your agent.", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The ID of the virtual private cloud (VPC) endpoint that the agent has access to. This is the client-side VPC endpoint, powered by AWS PrivateLink . If you don't have an AWS PrivateLink VPC endpoint, see [AWS PrivateLink and VPC endpoints](https://docs.aws.amazon.com//vpc/latest/userguide/endpoint-services-overview.html) in the *Amazon VPC User Guide* .\n\nFor more information about activating your agent in a private network based on a VPC, see [Using AWS DataSync in a Virtual Private Cloud](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-in-vpc.html) in the *AWS DataSync User Guide.*\n\nA VPC endpoint ID looks like this: `vpce-01234d5aff67890e1` .", - "title": "VpcEndpointId", - "type": "string" } }, + "required": [ + "InstanceArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::Agent" + "AWS::Connect::TaskTemplate" ], "type": "string" }, @@ -61466,11 +67378,151 @@ } }, "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.Constraints": { + "additionalProperties": false, + "properties": { + "InvisibleFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.InvisibleFieldInfo" + }, + "markdownDescription": "Lists the fields that are invisible to agents.", + "title": "InvisibleFields", + "type": "array" + }, + "ReadOnlyFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.ReadOnlyFieldInfo" + }, + "markdownDescription": "Lists the fields that are read-only to agents, and cannot be edited.", + "title": "ReadOnlyFields", + "type": "array" + }, + "RequiredFields": { + "items": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.RequiredFieldInfo" + }, + "markdownDescription": "Lists the fields that are required to be filled by agents.", + "title": "RequiredFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Connect::TaskTemplate.DefaultFieldValue": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "Default value for the field.", + "title": "DefaultValue", + "type": "string" + }, + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of a field.", + "title": "Id" + } + }, + "required": [ + "DefaultValue", + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.Field": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the field.", + "title": "Description", + "type": "string" + }, + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "The unique identifier for the field.", + "title": "Id" + }, + "SingleSelectOptions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of options for a single select field.", + "title": "SingleSelectOptions", + "type": "array" + }, + "Type": { + "markdownDescription": "Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL`", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Id", "Type" ], "type": "object" }, - "AWS::DataSync::LocationAzureBlob": { + "AWS::Connect::TaskTemplate.FieldIdentifier": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the task template field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.InvisibleFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of the invisible field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.ReadOnlyFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "Identifier of the read-only field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TaskTemplate.RequiredFieldInfo": { + "additionalProperties": false, + "properties": { + "Id": { + "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", + "markdownDescription": "The unique identifier for the field.", + "title": "Id" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::Connect::TrafficDistributionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -61505,62 +67557,39 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "(Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", - "title": "AgentArns", - "type": "array" - }, - "AzureAccessTier": { - "markdownDescription": "Specifies the access tier that you want your objects or files transferred into. This only applies when using the location as a transfer destination. For more information, see [Access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) .", - "title": "AzureAccessTier", - "type": "string" - }, - "AzureBlobAuthenticationType": { - "markdownDescription": "Specifies the authentication method DataSync uses to access your Azure Blob Storage. DataSync can access blob storage using a shared access signature (SAS).", - "title": "AzureBlobAuthenticationType", - "type": "string" - }, - "AzureBlobContainerUrl": { - "markdownDescription": "Specifies the URL of the Azure Blob Storage container involved in your transfer.", - "title": "AzureBlobContainerUrl", + "Description": { + "markdownDescription": "The description of the traffic distribution group.", + "title": "Description", "type": "string" }, - "AzureBlobSasConfiguration": { - "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration", - "markdownDescription": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage.\n\n> If you provide an authentication token using `SasConfiguration` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's secrets manager secret.", - "title": "AzureBlobSasConfiguration" - }, - "AzureBlobType": { - "markdownDescription": "Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Currently, DataSync only supports moving data into Azure Blob Storage as block blobs. For more information on blob types, see the [Azure Blob Storage documentation](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs) .", - "title": "AzureBlobType", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN).", + "title": "InstanceArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ).", - "title": "Subdirectory", + "Name": { + "markdownDescription": "The name of the traffic distribution group.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, {\"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "AgentArns", - "AzureBlobAuthenticationType" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationAzureBlob" + "AWS::Connect::TrafficDistributionGroup" ], "type": "string" }, @@ -61579,21 +67608,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration": { - "additionalProperties": false, - "properties": { - "AzureBlobSasToken": { - "markdownDescription": "Specifies a SAS token that provides permissions to access your Azure Blob Storage.\n\nThe token is part of the SAS URI string that comes after the storage resource URI and a question mark. A token looks something like this:\n\n`sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D`", - "title": "AzureBlobSasToken", - "type": "string" - } - }, - "required": [ - "AzureBlobSasToken" - ], - "type": "object" - }, - "AWS::DataSync::LocationEFS": { + "AWS::Connect::User": { "additionalProperties": false, "properties": { "Condition": { @@ -61628,53 +67643,83 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPointArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to mount your Amazon EFS file system.\n\nFor more information, see [Accessing restricted file systems](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam) .", - "title": "AccessPointArn", + "DirectoryUserId": { + "markdownDescription": "The identifier of the user account in the directory used for identity management.", + "title": "DirectoryUserId", "type": "string" }, - "Ec2Config": { - "$ref": "#/definitions/AWS::DataSync::LocationEFS.Ec2Config", - "markdownDescription": "Specifies the subnet and security groups DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) .", - "title": "Ec2Config" - }, - "EfsFilesystemArn": { - "markdownDescription": "Specifies the ARN for your Amazon EFS file system.", - "title": "EfsFilesystemArn", + "HierarchyGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's hierarchy group.", + "title": "HierarchyGroupArn", "type": "string" }, - "FileSystemAccessRoleArn": { - "markdownDescription": "Specifies an AWS Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system.\n\nFor information on creating this role, see [Creating a DataSync IAM role for file system access](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam-role) .", - "title": "FileSystemAccessRoleArn", + "IdentityInfo": { + "$ref": "#/definitions/AWS::Connect::User.UserIdentityInfo", + "markdownDescription": "Information about the user identity.", + "title": "IdentityInfo" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "InTransitEncryption": { - "markdownDescription": "Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it transfers data to or from your Amazon EFS file system.\n\nIf you specify an access point using `AccessPointArn` or an IAM role using `FileSystemAccessRoleArn` , you must set this parameter to `TLS1_2` .", - "title": "InTransitEncryption", + "Password": { + "markdownDescription": "The user's password.", + "title": "Password", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location).\n\nBy default, DataSync uses the root directory (or [access point](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) if you provide one by using `AccessPointArn` ). You can also include subdirectories using forward slashes (for example, `/path/to/folder` ).", - "title": "Subdirectory", + "PhoneConfig": { + "$ref": "#/definitions/AWS::Connect::User.UserPhoneConfig", + "markdownDescription": "Information about the phone configuration for the user.", + "title": "PhoneConfig" + }, + "RoutingProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's routing profile.", + "title": "RoutingProfileArn", "type": "string" }, + "SecurityProfileArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the user's security profile.", + "title": "SecurityProfileArns", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" + }, + "UserProficiencies": { + "items": { + "$ref": "#/definitions/AWS::Connect::User.UserProficiency" + }, + "markdownDescription": "One or more predefined attributes assigned to a user, with a numeric value that indicates how their level of skill in a specified area.", + "title": "UserProficiencies", + "type": "array" + }, + "Username": { + "markdownDescription": "The user name assigned to the user account.", + "title": "Username", + "type": "string" } }, "required": [ - "Ec2Config" + "InstanceArn", + "PhoneConfig", + "RoutingProfileArn", + "SecurityProfileArns", + "Username" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationEFS" + "AWS::Connect::User" ], "type": "string" }, @@ -61693,30 +67738,93 @@ ], "type": "object" }, - "AWS::DataSync::LocationEFS.Ec2Config": { + "AWS::Connect::User.UserIdentityInfo": { "additionalProperties": false, "properties": { - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target.", - "title": "SecurityGroupArns", - "type": "array" + "Email": { + "markdownDescription": "The email address. If you are using SAML for identity management and include this parameter, an error is returned.", + "title": "Email", + "type": "string" }, - "SubnetArn": { - "markdownDescription": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces.html) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target.", - "title": "SubnetArn", + "FirstName": { + "markdownDescription": "The first name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", + "title": "FirstName", + "type": "string" + }, + "LastName": { + "markdownDescription": "The last name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted.", + "title": "LastName", + "type": "string" + }, + "Mobile": { + "markdownDescription": "The user's mobile number.", + "title": "Mobile", + "type": "string" + }, + "SecondaryEmail": { + "markdownDescription": "The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.\n\n*Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}`", + "title": "SecondaryEmail", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Connect::User.UserPhoneConfig": { + "additionalProperties": false, + "properties": { + "AfterContactWorkTimeLimit": { + "markdownDescription": "The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.\n\n> When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds.", + "title": "AfterContactWorkTimeLimit", + "type": "number" + }, + "AutoAccept": { + "markdownDescription": "The Auto accept setting.", + "title": "AutoAccept", + "type": "boolean" + }, + "DeskPhoneNumber": { + "markdownDescription": "The phone number for the user's desk phone.", + "title": "DeskPhoneNumber", + "type": "string" + }, + "PhoneType": { + "markdownDescription": "The phone type.", + "title": "PhoneType", "type": "string" } }, "required": [ - "SecurityGroupArns", - "SubnetArn" + "PhoneType" ], "type": "object" }, - "AWS::DataSync::LocationFSxLustre": { + "AWS::Connect::User.UserProficiency": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of user\u2019s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance.", + "title": "AttributeName", + "type": "string" + }, + "AttributeValue": { + "markdownDescription": "The value of user\u2019s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance.", + "title": "AttributeValue", + "type": "string" + }, + "Level": { + "markdownDescription": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5.", + "title": "Level", + "type": "number" + } + }, + "required": [ + "AttributeName", + "AttributeValue", + "Level" + ], + "type": "object" + }, + "AWS::Connect::UserHierarchyGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -61751,41 +67859,39 @@ "Properties": { "additionalProperties": false, "properties": { - "FsxFilesystemArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system.", - "title": "FsxFilesystemArn", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user hierarchy group.", + "title": "InstanceArn", "type": "string" }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for Lustre file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" + "Name": { + "markdownDescription": "The name of the user hierarchy group.", + "title": "Name", + "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories.\n\nWhen the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory ( `/` ).", - "title": "Subdirectory", + "ParentGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the parent group.", + "title": "ParentGroupArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "required": [ - "SecurityGroupArns" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxLustre" + "AWS::Connect::UserHierarchyGroup" ], "type": "string" }, @@ -61804,7 +67910,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP": { + "AWS::Connect::UserHierarchyStructure": { "additionalProperties": false, "properties": { "Condition": { @@ -61839,47 +67945,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Protocol": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.Protocol", - "markdownDescription": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.", - "title": "Protocol" - }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups that DataSync can use to access your FSx for ONTAP file system. You must configure the security groups to allow outbound traffic on the following ports (depending on the protocol that you're using):\n\n- *Network File System (NFS)* : TCP ports 111, 635, and 2049\n- *Server Message Block (SMB)* : TCP port 445\n\nYour file system's security groups must also allow inbound traffic on the same port.", - "title": "SecurityGroupArns", - "type": "array" - }, - "StorageVirtualMachineArn": { - "markdownDescription": "Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from.", - "title": "StorageVirtualMachineArn", - "type": "string" - }, - "Subdirectory": { - "markdownDescription": "Specifies a path to the file share in the SVM where you want to transfer data to or from.\n\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be `/vol1` , `/vol1/tree1` , or `/share1` .\n\n> Don't specify a junction path in the SVM's root volume. For more information, see [Managing FSx for ONTAP storage virtual machines](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) in the *Amazon FSx for NetApp ONTAP User Guide* .", - "title": "Subdirectory", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", - "title": "Tags", - "type": "array" + "UserHierarchyStructure": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.UserHierarchyStructure", + "markdownDescription": "Contains information about a hierarchy structure.", + "title": "UserHierarchyStructure" } }, "required": [ - "SecurityGroupArns", - "StorageVirtualMachineArn" + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxONTAP" + "AWS::Connect::UserHierarchyStructure" ], "type": "string" }, @@ -61898,220 +67982,158 @@ ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.NFS": { + "AWS::Connect::UserHierarchyStructure.LevelFive": { "additionalProperties": false, "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NfsMountOptions", - "markdownDescription": "Specifies how DataSync can access a location using the NFS protocol.", - "title": "MountOptions" + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", + "type": "string" + }, + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" } }, "required": [ - "MountOptions" + "Name" ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.NfsMountOptions": { + "AWS::Connect::UserHierarchyStructure.LevelFour": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", - "title": "Version", + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxONTAP.Protocol": { - "additionalProperties": false, - "properties": { - "NFS": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NFS", - "markdownDescription": "Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM).", - "title": "NFS" }, - "SMB": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SMB", - "markdownDescription": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.", - "title": "SMB" + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.SMB": { + "AWS::Connect::UserHierarchyStructure.LevelOne": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.", - "title": "Domain", + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" }, - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", - "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", - "title": "MountOptions" - }, - "Password": { - "markdownDescription": "Specifies the password of a user who has permission to access your SVM.", - "title": "Password", + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", "type": "string" }, - "User": { - "markdownDescription": "Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM.\n\nIf you provide a user in your Active Directory, note the following:\n\n- If you're using AWS Directory Service for Microsoft Active Directory , the user must be a member of the AWS Delegated FSx Administrators group.\n- If you're using a self-managed Active Directory, the user must be a member of either the Domain Admins group or a custom group that you specified for file system administration when you created your file system.\n\nMake sure that the user has the permissions it needs to copy the data you want:\n\n- `SE_TCB_NAME` : Required to set object ownership and file metadata. With this privilege, you also can copy NTFS discretionary access lists (DACLs).\n- `SE_SECURITY_NAME` : May be needed to copy NTFS system access control lists (SACLs). This operation specifically requires the Windows privilege, which is granted to members of the Domain Admins group. If you configure your task to copy SACLs, make sure that the user has the required privileges. For information about copying SACLs, see [Ownership and permissions-related options](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html#configure-ownership-and-permissions) .", - "title": "User", + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", "type": "string" } }, "required": [ - "MountOptions", - "Password", - "User" + "Name" ], "type": "object" }, - "AWS::DataSync::LocationFSxONTAP.SmbMountOptions": { - "additionalProperties": false, - "properties": { - "Version": { - "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", - "title": "Version", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxOpenZFS": { + "AWS::Connect::UserHierarchyStructure.LevelThree": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "FsxFilesystemArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the FSx for OpenZFS file system.", - "title": "FsxFilesystemArn", - "type": "string" - }, - "Protocol": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.Protocol", - "markdownDescription": "The type of protocol that AWS DataSync uses to access your file system.", - "title": "Protocol" - }, - "SecurityGroupArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for OpenZFS file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", - "type": "array" - }, - "Subdirectory": { - "markdownDescription": "A subdirectory in the location's path that must begin with `/fsx` . DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).", - "title": "Subdirectory", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Protocol", - "SecurityGroupArns" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DataSync::LocationFSxOpenZFS" - ], + "HierarchyLevelId": { + "markdownDescription": "", + "title": "HierarchyLevelId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::DataSync::LocationFSxOpenZFS.MountOptions": { + "AWS::Connect::UserHierarchyStructure.LevelTwo": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "The specific NFS version that you want DataSync to use to mount your NFS share. If the server refuses to use the version specified, the sync will fail. If you don't specify a version, DataSync defaults to `AUTOMATIC` . That is, DataSync automatically selects a version based on negotiation with the NFS server.\n\nYou can specify the following NFS versions:\n\n- *[NFSv3](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc1813)* : Stateless protocol version that allows for asynchronous writes on the server.\n- *[NFSv4.0](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3530)* : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- *[NFSv4.1](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5661)* : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. Version 4.1 also includes all features available in version 4.0.", - "title": "Version", + "HierarchyLevelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hierarchy level.", + "title": "HierarchyLevelArn", + "type": "string" + }, + "HierarchyLevelId": { + "markdownDescription": "The identifier of the hierarchy level.", + "title": "HierarchyLevelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the hierarchy level.", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationFSxOpenZFS.NFS": { - "additionalProperties": false, - "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.MountOptions", - "markdownDescription": "Represents the mount options that are available for DataSync to access an NFS location.", - "title": "MountOptions" } }, "required": [ - "MountOptions" + "Name" ], "type": "object" }, - "AWS::DataSync::LocationFSxOpenZFS.Protocol": { + "AWS::Connect::UserHierarchyStructure.UserHierarchyStructure": { "additionalProperties": false, "properties": { - "NFS": { - "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.NFS", - "markdownDescription": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system.", - "title": "NFS" + "LevelFive": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelFive", + "markdownDescription": "", + "title": "LevelFive" + }, + "LevelFour": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelFour", + "markdownDescription": "The update for level four.", + "title": "LevelFour" + }, + "LevelOne": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelOne", + "markdownDescription": "The update for level one.", + "title": "LevelOne" + }, + "LevelThree": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelThree", + "markdownDescription": "The update for level three.", + "title": "LevelThree" + }, + "LevelTwo": { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure.LevelTwo", + "markdownDescription": "The update for level two.", + "title": "LevelTwo" } }, "type": "object" }, - "AWS::DataSync::LocationFSxWindows": { + "AWS::Connect::View": { "additionalProperties": false, "properties": { "Condition": { @@ -62146,57 +68168,54 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", - "title": "Domain", - "type": "string" - }, - "FsxFilesystemArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file system.", - "title": "FsxFilesystemArn", - "type": "string" - }, - "Password": { - "markdownDescription": "Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.", - "title": "Password", - "type": "string" - }, - "SecurityGroupArns": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups that are used to configure the FSx for Windows File Server file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", - "title": "SecurityGroupArns", + "markdownDescription": "A list of actions possible from the view.", + "title": "Actions", "type": "array" }, - "Subdirectory": { - "markdownDescription": "Specifies a mount path for your file system using forward slashes. This is where DataSync reads or writes data (depending on if this is a source or destination location).", - "title": "Subdirectory", + "Description": { + "markdownDescription": "The description of the view.", + "title": "Description", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", + "title": "InstanceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the view.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags associated with the view resource (not specific to view version).", "title": "Tags", "type": "array" }, - "User": { - "markdownDescription": "The user who has the permissions to access files and folders in the FSx for Windows File Server file system.\n\nFor information about choosing a user name that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-fsx-location.html#FSxWuser) .", - "title": "User", - "type": "string" + "Template": { + "markdownDescription": "The view template representing the structure of the view.", + "title": "Template", + "type": "object" } }, "required": [ - "SecurityGroupArns", - "User" + "Actions", + "InstanceArn", + "Name", + "Template" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationFSxWindows" + "AWS::Connect::View" ], "type": "string" }, @@ -62215,7 +68234,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationHDFS": { + "AWS::Connect::ViewVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -62250,91 +68269,30 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your HDFS cluster.", - "title": "AgentArns", - "type": "array" - }, - "AuthenticationType": { - "markdownDescription": "", - "title": "AuthenticationType", - "type": "string" - }, - "BlockSize": { - "markdownDescription": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).", - "title": "BlockSize", - "type": "number" - }, - "KerberosKeytab": { - "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", - "title": "KerberosKeytab", - "type": "string" - }, - "KerberosKrb5Conf": { - "markdownDescription": "The `krb5.conf` file that contains the Kerberos configuration information. You can load the `krb5.conf` by providing a string of the file's contents or an Amazon S3 presigned URL of the file. If `KERBEROS` is specified for `AuthType` , this value is required.", - "title": "KerberosKrb5Conf", - "type": "string" - }, - "KerberosPrincipal": { - "markdownDescription": "The Kerberos principal with access to the files and folders on the HDFS cluster.\n\n> If `KERBEROS` is specified for `AuthenticationType` , this parameter is required.", - "title": "KerberosPrincipal", - "type": "string" - }, - "KmsKeyProviderUri": { - "markdownDescription": "The URI of the HDFS cluster's Key Management Server (KMS).", - "title": "KmsKeyProviderUri", + "VersionDescription": { + "markdownDescription": "The description of the view version.", + "title": "VersionDescription", "type": "string" }, - "NameNodes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::LocationHDFS.NameNode" - }, - "markdownDescription": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.", - "title": "NameNodes", - "type": "array" - }, - "QopConfiguration": { - "$ref": "#/definitions/AWS::DataSync::LocationHDFS.QopConfiguration", - "markdownDescription": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value.", - "title": "QopConfiguration" - }, - "ReplicationFactor": { - "markdownDescription": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.", - "title": "ReplicationFactor", - "type": "number" - }, - "SimpleUser": { - "markdownDescription": "The user name used to identify the client on the host operating system.\n\n> If `SIMPLE` is specified for `AuthenticationType` , this parameter is required.", - "title": "SimpleUser", + "ViewArn": { + "markdownDescription": "The unqualified Amazon Resource Name (ARN) of the view.\n\nFor example:\n\n`arn::connect:::instance/00000000-0000-0000-0000-000000000000/view/00000000-0000-0000-0000-000000000000`", + "title": "ViewArn", "type": "string" }, - "Subdirectory": { - "markdownDescription": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to `/` .", - "title": "Subdirectory", + "ViewContentSha256": { + "markdownDescription": "Indicates the checksum value of the latest published view content.", + "title": "ViewContentSha256", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources.", - "title": "Tags", - "type": "array" } }, "required": [ - "AgentArns", - "AuthenticationType", - "NameNodes" + "ViewArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationHDFS" + "AWS::Connect::ViewVersion" ], "type": "string" }, @@ -62353,43 +68311,7 @@ ], "type": "object" }, - "AWS::DataSync::LocationHDFS.NameNode": { - "additionalProperties": false, - "properties": { - "Hostname": { - "markdownDescription": "The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.", - "title": "Hostname", - "type": "string" - }, - "Port": { - "markdownDescription": "The port that the NameNode uses to listen to client requests.", - "title": "Port", - "type": "number" - } - }, - "required": [ - "Hostname", - "Port" - ], - "type": "object" - }, - "AWS::DataSync::LocationHDFS.QopConfiguration": { - "additionalProperties": false, - "properties": { - "DataTransferProtection": { - "markdownDescription": "The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your `dfs.data.transfer.protection` setting in the `hdfs-site.xml` file on your Hadoop cluster.", - "title": "DataTransferProtection", - "type": "string" - }, - "RpcProtection": { - "markdownDescription": "The Remote Procedure Call (RPC) protection setting configured on the HDFS cluster. This setting corresponds to your `hadoop.rpc.protection` setting in your `core-site.xml` file on your Hadoop cluster.", - "title": "RpcProtection", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::LocationNFS": { + "AWS::ConnectCampaigns::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -62424,43 +68346,46 @@ "Properties": { "additionalProperties": false, "properties": { - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationNFS.MountOptions", - "markdownDescription": "Specifies the options that DataSync can use to mount your NFS file server.", - "title": "MountOptions" + "ConnectInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", + "title": "ConnectInstanceArn", + "type": "string" }, - "OnPremConfig": { - "$ref": "#/definitions/AWS::DataSync::LocationNFS.OnPremConfig", - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", - "title": "OnPremConfig" + "DialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.DialerConfig", + "markdownDescription": "Contains information about the dialer configuration.", + "title": "DialerConfig" }, - "ServerHostname": { - "markdownDescription": "Specifies the DNS name or IP version 4 address of the NFS file server that your DataSync agent connects to.", - "title": "ServerHostname", + "Name": { + "markdownDescription": "The name of the campaign.", + "title": "Name", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", - "title": "Subdirectory", - "type": "string" + "OutboundCallConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.OutboundCallConfig", + "markdownDescription": "Contains information about the outbound call configuration.", + "title": "OutboundCallConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ - "OnPremConfig" + "ConnectInstanceArn", + "DialerConfig", + "Name", + "OutboundCallConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationNFS" + "AWS::ConnectCampaigns::Campaign" ], "type": "string" }, @@ -62479,35 +68404,125 @@ ], "type": "object" }, - "AWS::DataSync::LocationNFS.MountOptions": { + "AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", - "title": "Version", - "type": "string" + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", + "type": "number" } }, "type": "object" }, - "AWS::DataSync::LocationNFS.OnPremConfig": { + "AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig": { "additionalProperties": false, "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", - "title": "AgentArns", - "type": "array" + "AwaitAnswerMachinePrompt": { + "markdownDescription": "Whether waiting for answer machine prompt is enabled.", + "title": "AwaitAnswerMachinePrompt", + "type": "boolean" + }, + "EnableAnswerMachineDetection": { + "markdownDescription": "Whether answering machine detection is enabled.", + "title": "EnableAnswerMachineDetection", + "type": "boolean" } }, "required": [ - "AgentArns" + "EnableAnswerMachineDetection" ], "type": "object" }, - "AWS::DataSync::LocationObjectStorage": { + "AWS::ConnectCampaigns::Campaign.DialerConfig": { + "additionalProperties": false, + "properties": { + "AgentlessDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig", + "markdownDescription": "The configuration of the agentless dialer.", + "title": "AgentlessDialerConfig" + }, + "PredictiveDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig", + "markdownDescription": "The configuration of the predictive dialer.", + "title": "PredictiveDialerConfig" + }, + "ProgressiveDialerConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig", + "markdownDescription": "The configuration of the progressive dialer.", + "title": "ProgressiveDialerConfig" + } + }, + "type": "object" + }, + "AWS::ConnectCampaigns::Campaign.OutboundCallConfig": { + "additionalProperties": false, + "properties": { + "AnswerMachineDetectionConfig": { + "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig", + "markdownDescription": "Whether answering machine detection has been enabled.", + "title": "AnswerMachineDetectionConfig" + }, + "ConnectContactFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "ConnectContactFlowArn", + "type": "string" + }, + "ConnectQueueArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", + "title": "ConnectQueueArn", + "type": "string" + }, + "ConnectSourcePhoneNumber": { + "markdownDescription": "The phone number associated with the outbound call. This is the caller ID that is displayed to customers when an agent calls them.", + "title": "ConnectSourcePhoneNumber", + "type": "string" + } + }, + "required": [ + "ConnectContactFlowArn" + ], + "type": "object" + }, + "AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the predictive dialer.", + "title": "BandwidthAllocation", + "type": "number" + }, + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the progressive dialer.", + "title": "BandwidthAllocation", + "type": "number" + }, + "DialingCapacity": { + "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", + "title": "DialingCapacity", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -62542,71 +68557,65 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessKey": { - "markdownDescription": "Specifies the access key (for example, a user name) if credentials are required to authenticate with the object storage server.", - "title": "AccessKey", - "type": "string" + "ChannelSubtypeConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.ChannelSubtypeConfig", + "markdownDescription": "Contains channel subtype configuration for an outbound campaign.", + "title": "ChannelSubtypeConfig" }, - "AgentArns": { - "items": { - "type": "string" - }, - "markdownDescription": "(Optional) Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", - "title": "AgentArns", - "type": "array" + "CommunicationLimitsOverride": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimitsConfig", + "markdownDescription": "Communication limits configuration for an outbound campaign.", + "title": "CommunicationLimitsOverride" }, - "BucketName": { - "markdownDescription": "Specifies the name of the object storage bucket involved in the transfer.", - "title": "BucketName", - "type": "string" + "CommunicationTimeConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationTimeConfig", + "markdownDescription": "Contains communication time configuration for an outbound campaign.", + "title": "CommunicationTimeConfig" }, - "SecretKey": { - "markdownDescription": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.\n\n> If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.", - "title": "SecretKey", + "ConnectCampaignFlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect campaign flow associated with the outbound campaign.", + "title": "ConnectCampaignFlowArn", "type": "string" }, - "ServerCertificate": { - "markdownDescription": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", - "title": "ServerCertificate", + "ConnectInstanceId": { + "markdownDescription": "The identifier of the Amazon Connect instance. You can find the `instanceId` in the ARN of the instance.", + "title": "ConnectInstanceId", "type": "string" }, - "ServerHostname": { - "markdownDescription": "Specifies the domain name or IP version 4 (IPv4) address of the object storage server that your DataSync agent connects to.", - "title": "ServerHostname", + "Name": { + "markdownDescription": "The name of the outbound campaign.", + "title": "Name", "type": "string" }, - "ServerPort": { - "markdownDescription": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", - "title": "ServerPort", - "type": "number" - }, - "ServerProtocol": { - "markdownDescription": "Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .", - "title": "ServerProtocol", - "type": "string" + "Schedule": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.Schedule", + "markdownDescription": "Contains the schedule configuration.", + "title": "Schedule" }, - "Subdirectory": { - "markdownDescription": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", - "title": "Subdirectory", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.Source", + "markdownDescription": "Contains source configuration.", + "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. Tags can help you manage, filter, and search for your resources. We recommend creating a name tag for your location.", + "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, `{ \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }` .", "title": "Tags", "type": "array" } }, "required": [ - "AgentArns" + "ChannelSubtypeConfig", + "ConnectInstanceId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationObjectStorage" + "AWS::ConnectCampaignsV2::Campaign" ], "type": "string" }, @@ -62625,7 +68634,540 @@ ], "type": "object" }, - "AWS::DataSync::LocationS3": { + "AWS::ConnectCampaignsV2::Campaign.AnswerMachineDetectionConfig": { + "additionalProperties": false, + "properties": { + "AwaitAnswerMachinePrompt": { + "markdownDescription": "Whether or not waiting for an answer machine prompt is enabled.", + "title": "AwaitAnswerMachinePrompt", + "type": "boolean" + }, + "EnableAnswerMachineDetection": { + "markdownDescription": "Enables answering machine detection.", + "title": "EnableAnswerMachineDetection", + "type": "boolean" + } + }, + "required": [ + "EnableAnswerMachineDetection" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.ChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Email": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailChannelSubtypeConfig", + "markdownDescription": "The configuration of the email channel subtype.", + "title": "Email" + }, + "Sms": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsChannelSubtypeConfig", + "markdownDescription": "The configuration of the SMS channel subtype.", + "title": "Sms" + }, + "Telephony": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyChannelSubtypeConfig", + "markdownDescription": "The configuration of the telephony channel subtype.", + "title": "Telephony" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimit": { + "additionalProperties": false, + "properties": { + "Frequency": { + "markdownDescription": "The frequency of communication limit evaluation.", + "title": "Frequency", + "type": "number" + }, + "MaxCountPerRecipient": { + "markdownDescription": "The maximum outreaching count for each recipient.", + "title": "MaxCountPerRecipient", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of communication limit evaluation.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Frequency", + "MaxCountPerRecipient", + "Unit" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimits": { + "additionalProperties": false, + "properties": { + "CommunicationLimitList": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimit" + }, + "markdownDescription": "The list of CommunicationLimits.", + "title": "CommunicationLimitList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.CommunicationLimitsConfig": { + "additionalProperties": false, + "properties": { + "AllChannelsSubtypes": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.CommunicationLimits", + "markdownDescription": "The CommunicationLimits that apply to all channel subtypes defined in an outbound campaign.", + "title": "AllChannelsSubtypes" + }, + "InstanceLimitsHandling": { + "markdownDescription": "Opt-in or Opt-out from instance-level limits.", + "title": "InstanceLimitsHandling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.CommunicationTimeConfig": { + "additionalProperties": false, + "properties": { + "Email": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the email channel subtype.", + "title": "Email" + }, + "LocalTimeZoneConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.LocalTimeZoneConfig", + "markdownDescription": "The local timezone configuration.", + "title": "LocalTimeZoneConfig" + }, + "Sms": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the SMS channel subtype.", + "title": "Sms" + }, + "Telephony": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeWindow", + "markdownDescription": "The communication time configuration for the telephony channel subtype.", + "title": "Telephony" + } + }, + "required": [ + "LocalTimeZoneConfig" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.DailyHour": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key for DailyHour.", + "title": "Key", + "type": "string" + }, + "Value": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TimeRange" + }, + "markdownDescription": "The value for DailyHour.", + "title": "Value", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The allocation of email capacity between multiple running outbound campaigns.", + "title": "Capacity", + "type": "number" + }, + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailOutboundConfig", + "markdownDescription": "The default email outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" + }, + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EmailOutboundMode", + "markdownDescription": "The outbound mode for email of an outbound campaign.", + "title": "OutboundMode" + } + }, + "required": [ + "DefaultOutboundConfig", + "OutboundMode" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailOutboundConfig": { + "additionalProperties": false, + "properties": { + "ConnectSourceEmailAddress": { + "markdownDescription": "The Amazon Connect source email address.", + "title": "ConnectSourceEmailAddress", + "type": "string" + }, + "SourceEmailAddressDisplayName": { + "markdownDescription": "The display name for the Amazon Connect source email address.", + "title": "SourceEmailAddressDisplayName", + "type": "string" + }, + "WisdomTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Q in Connect template.", + "title": "WisdomTemplateArn", + "type": "string" + } + }, + "required": [ + "ConnectSourceEmailAddress", + "WisdomTemplateArn" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EmailOutboundMode": { + "additionalProperties": false, + "properties": { + "AgentlessConfig": { + "markdownDescription": "The agentless outbound mode configuration for email.", + "title": "AgentlessConfig", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.EventTrigger": { + "additionalProperties": false, + "properties": { + "CustomerProfilesDomainArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Customer Profiles domain.", + "title": "CustomerProfilesDomainArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.LocalTimeZoneConfig": { + "additionalProperties": false, + "properties": { + "DefaultTimeZone": { + "markdownDescription": "The timezone to use for all recipients.", + "title": "DefaultTimeZone", + "type": "string" + }, + "LocalTimeZoneDetection": { + "items": { + "type": "string" + }, + "markdownDescription": "Detects methods for the recipient's timezone.", + "title": "LocalTimeZoneDetection", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.OpenHours": { + "additionalProperties": false, + "properties": { + "DailyHours": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.DailyHour" + }, + "markdownDescription": "The daily hours configuration.", + "title": "DailyHours", + "type": "array" + } + }, + "required": [ + "DailyHours" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.PredictiveConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the predictive outbound mode.", + "title": "BandwidthAllocation", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.ProgressiveConfig": { + "additionalProperties": false, + "properties": { + "BandwidthAllocation": { + "markdownDescription": "Bandwidth allocation for the progressive outbound mode.", + "title": "BandwidthAllocation", + "type": "number" + } + }, + "required": [ + "BandwidthAllocation" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.RestrictedPeriod": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date of the restricted period.", + "title": "EndDate", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the restricted period.", + "title": "Name", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date of the restricted period.", + "title": "StartDate", + "type": "string" + } + }, + "required": [ + "EndDate", + "StartDate" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.RestrictedPeriods": { + "additionalProperties": false, + "properties": { + "RestrictedPeriodList": { + "items": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.RestrictedPeriod" + }, + "markdownDescription": "The restricted period list.", + "title": "RestrictedPeriodList", + "type": "array" + } + }, + "required": [ + "RestrictedPeriodList" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.Schedule": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The end time of the schedule in UTC.", + "title": "EndTime", + "type": "string" + }, + "RefreshFrequency": { + "markdownDescription": "The refresh frequency of the campaign.", + "title": "RefreshFrequency", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time of the schedule in UTC.", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "EndTime", + "StartTime" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.SmsChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The allocation of SMS capacity between multiple running outbound campaigns.", + "title": "Capacity", + "type": "number" + }, + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsOutboundConfig", + "markdownDescription": "The default SMS outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" + }, + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.SmsOutboundMode", + "markdownDescription": "The outbound mode of SMS for an outbound campaign.", + "title": "OutboundMode" + } + }, + "required": [ + "DefaultOutboundConfig", + "OutboundMode" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.SmsOutboundConfig": { + "additionalProperties": false, + "properties": { + "ConnectSourcePhoneNumberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect source SMS phone number.", + "title": "ConnectSourcePhoneNumberArn", + "type": "string" + }, + "WisdomTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Q in Connect template.", + "title": "WisdomTemplateArn", + "type": "string" + } + }, + "required": [ + "ConnectSourcePhoneNumberArn", + "WisdomTemplateArn" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.SmsOutboundMode": { + "additionalProperties": false, + "properties": { + "AgentlessConfig": { + "markdownDescription": "Contains agentless outbound mode configuration.", + "title": "AgentlessConfig", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.Source": { + "additionalProperties": false, + "properties": { + "CustomerProfilesSegmentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Customer Profiles segment.", + "title": "CustomerProfilesSegmentArn", + "type": "string" + }, + "EventTrigger": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.EventTrigger", + "markdownDescription": "The event trigger of the campaign.", + "title": "EventTrigger" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TelephonyChannelSubtypeConfig": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The allocation of telephony capacity between multiple running outbound campaigns.", + "title": "Capacity", + "type": "number" + }, + "ConnectQueueId": { + "markdownDescription": "The identifier of the Amazon Connect queue associated with telephony outbound requests of an outbound campaign.", + "title": "ConnectQueueId", + "type": "string" + }, + "DefaultOutboundConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundConfig", + "markdownDescription": "The default telephony outbound configuration of an outbound campaign.", + "title": "DefaultOutboundConfig" + }, + "OutboundMode": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundMode", + "markdownDescription": "The outbound mode of telephony for an outbound campaign.", + "title": "OutboundMode" + } + }, + "required": [ + "DefaultOutboundConfig", + "OutboundMode" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundConfig": { + "additionalProperties": false, + "properties": { + "AnswerMachineDetectionConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.AnswerMachineDetectionConfig", + "markdownDescription": "The answering machine detection configuration.", + "title": "AnswerMachineDetectionConfig" + }, + "ConnectContactFlowId": { + "markdownDescription": "The identifier of the published Amazon Connect contact flow.", + "title": "ConnectContactFlowId", + "type": "string" + }, + "ConnectSourcePhoneNumber": { + "markdownDescription": "The Amazon Connect source phone number.", + "title": "ConnectSourcePhoneNumber", + "type": "string" + } + }, + "required": [ + "ConnectContactFlowId" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TelephonyOutboundMode": { + "additionalProperties": false, + "properties": { + "AgentlessConfig": { + "markdownDescription": "The agentless outbound mode configuration for telephony.", + "title": "AgentlessConfig", + "type": "object" + }, + "PredictiveConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.PredictiveConfig", + "markdownDescription": "Contains predictive outbound mode configuration.", + "title": "PredictiveConfig" + }, + "ProgressiveConfig": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.ProgressiveConfig", + "markdownDescription": "Contains progressive telephony outbound mode configuration.", + "title": "ProgressiveConfig" + } + }, + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TimeRange": { + "additionalProperties": false, + "properties": { + "EndTime": { + "markdownDescription": "The end time of the time range.", + "title": "EndTime", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time of the time range.", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "EndTime", + "StartTime" + ], + "type": "object" + }, + "AWS::ConnectCampaignsV2::Campaign.TimeWindow": { + "additionalProperties": false, + "properties": { + "OpenHours": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.OpenHours", + "markdownDescription": "The open hours configuration.", + "title": "OpenHours" + }, + "RestrictedPeriods": { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign.RestrictedPeriods", + "markdownDescription": "The restricted periods configuration.", + "title": "RestrictedPeriods" + } + }, + "required": [ + "OpenHours" + ], + "type": "object" + }, + "AWS::ControlTower::EnabledBaseline": { "additionalProperties": false, "properties": { "Condition": { @@ -62660,43 +69202,48 @@ "Properties": { "additionalProperties": false, "properties": { - "S3BucketArn": { - "markdownDescription": "The ARN of the Amazon S3 bucket.", - "title": "S3BucketArn", + "BaselineIdentifier": { + "markdownDescription": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource.", + "title": "BaselineIdentifier", "type": "string" }, - "S3Config": { - "$ref": "#/definitions/AWS::DataSync::LocationS3.S3Config", - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* .", - "title": "S3Config" - }, - "S3StorageClass": { - "markdownDescription": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. For buckets in AWS Regions , the storage class defaults to S3 Standard.\n\nFor more information about S3 storage classes, see [Amazon S3 Storage Classes](https://docs.aws.amazon.com/s3/storage-classes/) . Some storage classes have behaviors that can affect your S3 storage costs. For detailed information, see [Considerations When Working with Amazon S3 Storage Classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .", - "title": "S3StorageClass", + "BaselineVersion": { + "markdownDescription": "The enabled version of the `Baseline` .", + "title": "BaselineVersion", "type": "string" }, - "Subdirectory": { - "markdownDescription": "Specifies a prefix in the S3 bucket that DataSync reads from or writes to (depending on whether the bucket is a source or destination location).\n\n> DataSync can't transfer objects with a prefix that begins with a slash ( `/` ) or includes `//` , `/./` , or `/../` patterns. For example:\n> \n> - `/photos`\n> - `photos//2006/January`\n> - `photos/./2006/February`\n> - `photos/../2006/March`", - "title": "Subdirectory", - "type": "string" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline.Parameter" + }, + "markdownDescription": "Shows the parameters that are applied when enabling this `Baseline` .", + "title": "Parameters", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", + "markdownDescription": "", "title": "Tags", "type": "array" + }, + "TargetIdentifier": { + "markdownDescription": "The target on which to enable the `Baseline` .", + "title": "TargetIdentifier", + "type": "string" } }, "required": [ - "S3Config" + "BaselineIdentifier", + "BaselineVersion", + "TargetIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationS3" + "AWS::ControlTower::EnabledBaseline" ], "type": "string" }, @@ -62715,21 +69262,23 @@ ], "type": "object" }, - "AWS::DataSync::LocationS3.S3Config": { + "AWS::ControlTower::EnabledBaseline.Parameter": { "additionalProperties": false, "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "Specifies the ARN of the IAM role that DataSync uses to access your S3 bucket.", - "title": "BucketAccessRoleArn", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "object" } }, - "required": [ - "BucketAccessRoleArn" - ], "type": "object" }, - "AWS::DataSync::LocationSMB": { + "AWS::ControlTower::EnabledControl": { "additionalProperties": false, "properties": { "Condition": { @@ -62764,62 +69313,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { + "ControlIdentifier": { + "markdownDescription": "The ARN of the control. Only *Strongly recommended* and *Elective* controls are permitted, with the exception of the *Region deny* control. For information on how to find the `controlIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", + "title": "ControlIdentifier", + "type": "string" + }, + "Parameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ControlTower::EnabledControl.EnabledControlParameter" }, - "markdownDescription": "Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).", - "title": "AgentArns", + "markdownDescription": "Array of `EnabledControlParameter` objects.", + "title": "Parameters", "type": "array" }, - "Domain": { - "markdownDescription": "Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nIf you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.", - "title": "Domain", - "type": "string" - }, - "MountOptions": { - "$ref": "#/definitions/AWS::DataSync::LocationSMB.MountOptions", - "markdownDescription": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", - "title": "MountOptions" - }, - "Password": { - "markdownDescription": "Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if `AuthenticationType` is set to `NTLM` .", - "title": "Password", - "type": "string" - }, - "ServerHostname": { - "markdownDescription": "Specifies the domain name or IP address of the SMB file server that your DataSync agent connects to.\n\nRemember the following when configuring this parameter:\n\n- You can't specify an IP version 6 (IPv6) address.\n- If you're using Kerberos authentication, you must specify a domain name.", - "title": "ServerHostname", - "type": "string" - }, - "Subdirectory": { - "markdownDescription": "Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, `/path/to/subdirectory` ). Make sure that other SMB clients in your network can also mount this path.\n\nTo copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", - "title": "Subdirectory", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "User": { - "markdownDescription": "Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nFor information about choosing a user with the right level of access for your transfer, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", - "title": "User", + "TargetIdentifier": { + "markdownDescription": "The ARN of the organizational unit. For information on how to find the `targetIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", + "title": "TargetIdentifier", "type": "string" } }, "required": [ - "AgentArns", - "User" + "ControlIdentifier", + "TargetIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::LocationSMB" + "AWS::ControlTower::EnabledControl" ], "type": "string" }, @@ -62838,18 +69367,27 @@ ], "type": "object" }, - "AWS::DataSync::LocationSMB.MountOptions": { + "AWS::ControlTower::EnabledControl.EnabledControlParameter": { "additionalProperties": false, "properties": { - "Version": { - "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", - "title": "Version", + "Key": { + "markdownDescription": "The key of a key/value pair. It is of type `string` .", + "title": "Key", "type": "string" + }, + "Value": { + "markdownDescription": "The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.]", + "title": "Value", + "type": "object" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::DataSync::StorageSystem": { + "AWS::ControlTower::LandingZone": { "additionalProperties": false, "properties": { "Condition": { @@ -62884,44 +69422,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentArns": { - "items": { - "type": "string" - }, - "type": "array" - }, - "CloudWatchLogGroupArn": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "ServerConfiguration": { - "$ref": "#/definitions/AWS::DataSync::StorageSystem.ServerConfiguration" - }, - "ServerCredentials": { - "$ref": "#/definitions/AWS::DataSync::StorageSystem.ServerCredentials" - }, - "SystemType": { - "type": "string" + "Manifest": { + "markdownDescription": "The landing zone manifest JSON text file that specifies the landing zone configurations.", + "title": "Manifest", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, + "markdownDescription": "Tags to be applied to the landing zone.", + "title": "Tags", "type": "array" + }, + "Version": { + "markdownDescription": "The landing zone's current deployed version.", + "title": "Version", + "type": "string" } }, "required": [ - "AgentArns", - "ServerConfiguration", - "SystemType" + "Manifest", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::StorageSystem" + "AWS::ControlTower::LandingZone" ], "type": "string" }, @@ -62940,38 +69468,7 @@ ], "type": "object" }, - "AWS::DataSync::StorageSystem.ServerConfiguration": { - "additionalProperties": false, - "properties": { - "ServerHostname": { - "type": "string" - }, - "ServerPort": { - "type": "number" - } - }, - "required": [ - "ServerHostname" - ], - "type": "object" - }, - "AWS::DataSync::StorageSystem.ServerCredentials": { - "additionalProperties": false, - "properties": { - "Password": { - "type": "string" - }, - "Username": { - "type": "string" - } - }, - "required": [ - "Password", - "Username" - ], - "type": "object" - }, - "AWS::DataSync::Task": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -63006,80 +69503,66 @@ "Properties": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of an Amazon CloudWatch log group for monitoring your task.\n\nFor Enhanced mode tasks, you don't need to specify anything. DataSync automatically sends logs to a CloudWatch log group named `/aws/datasync` .\n\nFor more information, see [Monitoring data transfers with CloudWatch Logs](https://docs.aws.amazon.com/datasync/latest/userguide/configure-logging.html) .", - "title": "CloudWatchLogGroupArn", - "type": "string" + "AttributeDetails": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails", + "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", + "title": "AttributeDetails" }, - "DestinationLocationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS storage resource's location.", - "title": "DestinationLocationArn", + "CalculatedAttributeName": { + "markdownDescription": "The name of an attribute defined in a profile object type.", + "title": "CalculatedAttributeName", "type": "string" }, - "Excludes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" - }, - "markdownDescription": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", - "title": "Excludes", - "type": "array" - }, - "Includes": { - "items": { - "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" - }, - "markdownDescription": "Specifies include filters that define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", - "title": "Includes", - "type": "array" - }, - "ManifestConfig": { - "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfig", - "markdownDescription": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .", - "title": "ManifestConfig" + "Conditions": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions", + "markdownDescription": "The conditions including range, object count, and threshold for the calculated attribute.", + "title": "Conditions" }, - "Name": { - "markdownDescription": "Specifies the name of your task.", - "title": "Name", + "Description": { + "markdownDescription": "The description of the calculated attribute.", + "title": "Description", "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::DataSync::Task.Options", - "markdownDescription": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options.", - "title": "Options" + "DisplayName": { + "markdownDescription": "The display name of the calculated attribute.", + "title": "DisplayName", + "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskSchedule", - "markdownDescription": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) .", - "title": "Schedule" + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", + "type": "string" }, - "SourceLocationArn": { - "markdownDescription": "Specifies the ARN of your transfer's source location.", - "title": "SourceLocationArn", + "Statistic": { + "markdownDescription": "The aggregation operation to perform for the calculated attribute.", + "title": "Statistic", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies the tags that you want to apply to your task.\n\n*Tags* are key-value pairs that help you manage, filter, and search for your DataSync resources.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" }, - "TaskReportConfig": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfig", - "markdownDescription": "The configuration of your task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .", - "title": "TaskReportConfig" + "UseHistoricalData": { + "markdownDescription": "Whether historical data ingested before the Calculated Attribute was created should be included in calculations.", + "title": "UseHistoricalData", + "type": "boolean" } }, "required": [ - "DestinationLocationArn", - "SourceLocationArn" + "AttributeDetails", + "CalculatedAttributeName", + "DomainName", + "Statistic" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataSync::Task" + "AWS::CustomerProfiles::CalculatedAttributeDefinition" ], "type": "string" }, @@ -63098,321 +69581,158 @@ ], "type": "object" }, - "AWS::DataSync::Task.Deleted": { - "additionalProperties": false, - "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.Destination": { - "additionalProperties": false, - "properties": { - "S3": { - "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfigDestinationS3", - "markdownDescription": "", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.FilterRule": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails": { "additionalProperties": false, "properties": { - "FilterType": { - "markdownDescription": "The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type.", - "title": "FilterType", - "type": "string" + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem" + }, + "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", + "title": "Attributes", + "type": "array" }, - "Value": { - "markdownDescription": "A single filter string that consists of the patterns to include or exclude. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`", - "title": "Value", + "Expression": { + "markdownDescription": "Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \\\"{ObjectTypeName.AttributeName}\\\".", + "title": "Expression", "type": "string" } }, + "required": [ + "Attributes", + "Expression" + ], "type": "object" }, - "AWS::DataSync::Task.ManifestConfig": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies what DataSync uses the manifest for.", - "title": "Action", - "type": "string" - }, - "Format": { - "markdownDescription": "Specifies the file format of your manifest. For more information, see [Creating a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-create) .", - "title": "Format", + "Name": { + "markdownDescription": "The unique name of the calculated attribute.", + "title": "Name", "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::DataSync::Task.Source", - "markdownDescription": "Specifies the manifest that you want DataSync to use and where it's hosted.\n\n> You must specify this parameter if you're configuring a new manifest on or after February 7, 2024.\n> \n> If you don't, you'll get a 400 status code and `ValidationException` error stating that you're missing the IAM role for DataSync to access the S3 bucket where you're hosting your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .", - "title": "Source" } }, "required": [ - "Source" + "Name" ], "type": "object" }, - "AWS::DataSync::Task.ManifestConfigSourceS3": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions": { "additionalProperties": false, "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "", - "title": "BucketAccessRoleArn", - "type": "string" - }, - "ManifestObjectPath": { - "markdownDescription": "", - "title": "ManifestObjectPath", - "type": "string" + "ObjectCount": { + "markdownDescription": "The number of profile objects used for the calculated attribute.", + "title": "ObjectCount", + "type": "number" }, - "ManifestObjectVersionId": { - "markdownDescription": "", - "title": "ManifestObjectVersionId", - "type": "string" + "Range": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Range", + "markdownDescription": "The relative time period over which data is included in the aggregation.", + "title": "Range" }, - "S3BucketArn": { - "markdownDescription": "", - "title": "S3BucketArn", - "type": "string" + "Threshold": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold", + "markdownDescription": "The threshold for the calculated attribute.", + "title": "Threshold" } }, "type": "object" }, - "AWS::DataSync::Task.Options": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Range": { "additionalProperties": false, "properties": { - "Atime": { - "markdownDescription": "A file metadata value that shows the last time that a file was accessed (that is, when the file was read or written to). If you set `Atime` to `BEST_EFFORT` , AWS DataSync attempts to preserve the original `Atime` attribute on all source files (that is, the version before the PREPARING phase). However, `Atime` 's behavior is not fully standard across platforms, so AWS DataSync can only do this on a best-effort basis.\n\nDefault value: `BEST_EFFORT`\n\n`BEST_EFFORT` : Attempt to preserve the per-file `Atime` value (recommended).\n\n`NONE` : Ignore `Atime` .\n\n> If `Atime` is set to `BEST_EFFORT` , `Mtime` must be set to `PRESERVE` .\n> \n> If `Atime` is set to `NONE` , `Mtime` must also be `NONE` .", - "title": "Atime", - "type": "string" - }, - "BytesPerSecond": { - "markdownDescription": "A value that limits the bandwidth used by AWS DataSync . For example, if you want AWS DataSync to use a maximum of 1 MB, set this value to `1048576` (=1024*1024).", - "title": "BytesPerSecond", - "type": "number" - }, - "Gid": { - "markdownDescription": "The group ID (GID) of the file's owners.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the user ID (UID) and group ID (GID) (recommended).\n\n`NAME` : Currently not supported.\n\n`NONE` : Ignore the UID and GID.", - "title": "Gid", - "type": "string" - }, - "LogLevel": { - "markdownDescription": "Specifies the type of logs that DataSync publishes to a Amazon CloudWatch Logs log group. To specify the log group, see [CloudWatchLogGroupArn](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html#DataSync-CreateTask-request-CloudWatchLogGroupArn) .\n\n- `BASIC` - Publishes logs with only basic information (such as transfer errors).\n- `TRANSFER` - Publishes logs for all files or objects that your DataSync task transfers and performs data-integrity checks on.\n- `OFF` - No logs are published.", - "title": "LogLevel", - "type": "string" - }, - "Mtime": { - "markdownDescription": "A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. This option is required for cases when you need to run the same task more than one time.\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve original `Mtime` (recommended)\n\n`NONE` : Ignore `Mtime` .\n\n> If `Mtime` is set to `PRESERVE` , `Atime` must be set to `BEST_EFFORT` .\n> \n> If `Mtime` is set to `NONE` , `Atime` must also be set to `NONE` .", - "title": "Mtime", - "type": "string" - }, - "ObjectTags": { - "markdownDescription": "Specifies whether you want DataSync to `PRESERVE` object tags (default behavior) when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the `NONE` value.", - "title": "ObjectTags", - "type": "string" - }, - "OverwriteMode": { - "markdownDescription": "Specifies whether DataSync should modify or preserve data at the destination location.\n\n- `ALWAYS` (default) - DataSync modifies data in the destination location when source data (including metadata) has changed.\n\nIf DataSync overwrites objects, you might incur additional charges for certain Amazon S3 storage classes (for example, for retrieval or early deletion). For more information, see [Storage class considerations with Amazon S3 transfers](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .\n- `NEVER` - DataSync doesn't overwrite data in the destination location even if the source data has changed. You can use this option to protect against overwriting changes made to files or objects in the destination.", - "title": "OverwriteMode", - "type": "string" - }, - "PosixPermissions": { - "markdownDescription": "A value that determines which users or groups can access a file for a specific purpose, such as reading, writing, or execution of the file. This option should be set only for Network File System (NFS), Amazon EFS, and Amazon S3 locations. For more information about what metadata is copied by DataSync, see [Metadata Copied by DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html#metadata-copied) .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve POSIX-style permissions (recommended).\n\n`NONE` : Ignore permissions.\n\n> AWS DataSync can preserve extant permissions of a source location.", - "title": "PosixPermissions", - "type": "string" - }, - "PreserveDeletedFiles": { - "markdownDescription": "A value that specifies whether files in the destination that don't exist in the source file system are preserved. This option can affect your storage costs. If your task deletes objects, you might incur minimum storage duration charges for certain storage classes. For detailed information, see [Considerations when working with Amazon S3 storage classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) in the *AWS DataSync User Guide* .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Ignore destination files that aren't present in the source (recommended).\n\n`REMOVE` : Delete destination files that aren't present in the source.", - "title": "PreserveDeletedFiles", - "type": "string" - }, - "PreserveDevices": { - "markdownDescription": "A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and re-create the files with that device name and metadata on the destination. DataSync does not copy the contents of such devices, only the name and metadata.\n\n> AWS DataSync can't sync the actual contents of such devices, because they are nonterminal and don't return an end-of-file (EOF) marker. \n\nDefault value: `NONE`\n\n`NONE` : Ignore special devices (recommended).\n\n`PRESERVE` : Preserve character and block device metadata. This option isn't currently supported for Amazon EFS.", - "title": "PreserveDevices", - "type": "string" - }, - "SecurityDescriptorCopyFlags": { - "markdownDescription": "A value that determines which components of the SMB security descriptor are copied from source to destination objects.\n\nThis value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. For more information about how DataSync handles metadata, see [How DataSync Handles Metadata and Special Files](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html) .\n\nDefault value: `OWNER_DACL`\n\n`OWNER_DACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n\nWhen you use option, DataSync does NOT copy the NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\n`OWNER_DACL_SACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n- NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\nCopying SACLs requires granting additional permissions to the Windows user that DataSync uses to access your SMB location. For information about choosing a user that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#SMBuser) .\n\n`NONE` : None of the SMB security descriptor components are copied. Destination objects are owned by the user that was provided for accessing the destination location. DACLs and SACLs are set based on the destination server\u2019s configuration.", - "title": "SecurityDescriptorCopyFlags", - "type": "string" - }, - "TaskQueueing": { - "markdownDescription": "Specifies whether your transfer tasks should be put into a queue during certain scenarios when [running multiple tasks](https://docs.aws.amazon.com/datasync/latest/userguide/run-task.html#running-multiple-tasks) . This is `ENABLED` by default.", - "title": "TaskQueueing", - "type": "string" - }, - "TransferMode": { - "markdownDescription": "A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing it to the destination location.\n\n`CHANGED` : DataSync copies only data or metadata that is new or different from the source location to the destination location.\n\n`ALL` : DataSync copies all source location content to the destination, without comparing it to existing content on the destination.", - "title": "TransferMode", + "TimestampFormat": { + "markdownDescription": "The format the timestamp field in your JSON object is specified. This value should be one of EPOCHMILLI (for Unix epoch timestamps with second/millisecond level precision) or ISO_8601 (following ISO_8601 format with second/millisecond level precision, with an optional offset of Z or in the format HH:MM or HHMM.). E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"2001-07-04T12:08:56.235-0700\"}}, then TimestampFormat should be \"ISO_8601\"", + "title": "TimestampFormat", "type": "string" }, - "Uid": { - "markdownDescription": "The user ID (UID) of the file's owner.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the UID and group ID (GID) (recommended).\n\n`NAME` : Currently not supported\n\n`NONE` : Ignore the UID and GID.", - "title": "Uid", + "TimestampSource": { + "markdownDescription": "An expression specifying the field in your JSON object from which the date should be parsed. The expression should follow the structure of \\\"{ObjectTypeName.}\\\". E.g. if your object type is MyType and source JSON is {\"generatedAt\": {\"timestamp\": \"1737587945945\"}}, then TimestampSource should be \"{MyType.generatedAt.timestamp}\"", + "title": "TimestampSource", "type": "string" }, - "VerifyMode": { - "markdownDescription": "A value that determines whether a data integrity verification is performed at the end of a task execution after all data and metadata have been transferred. For more information, see [Configure task settings](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html) .\n\nDefault value: `POINT_IN_TIME_CONSISTENT`\n\n`ONLY_FILES_TRANSFERRED` (recommended): Perform verification only on files that were transferred.\n\n`POINT_IN_TIME_CONSISTENT` : Scan the entire source and entire destination at the end of the transfer to verify that the source and destination are fully synchronized. This option isn't supported when transferring to S3 Glacier or S3 Glacier Deep Archive storage classes.\n\n`NONE` : No additional verification is done at the end of the transfer, but all data transmissions are integrity-checked with checksum verification during the transfer.", - "title": "VerifyMode", + "Unit": { + "markdownDescription": "The unit of time.", + "title": "Unit", "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.Overrides": { - "additionalProperties": false, - "properties": { - "Deleted": { - "$ref": "#/definitions/AWS::DataSync::Task.Deleted", - "markdownDescription": "", - "title": "Deleted" - }, - "Skipped": { - "$ref": "#/definitions/AWS::DataSync::Task.Skipped", - "markdownDescription": "", - "title": "Skipped" }, - "Transferred": { - "$ref": "#/definitions/AWS::DataSync::Task.Transferred", - "markdownDescription": "", - "title": "Transferred" + "Value": { + "markdownDescription": "The amount of time of the specified unit.", + "title": "Value", + "type": "number" }, - "Verified": { - "$ref": "#/definitions/AWS::DataSync::Task.Verified", - "markdownDescription": "", - "title": "Verified" + "ValueRange": { + "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.ValueRange", + "markdownDescription": "A structure letting customers specify a relative time window over which over which data is included in the Calculated Attribute. Use positive numbers to indicate that the endpoint is in the past, and negative numbers to indicate it is in the future. ValueRange overrides Value.", + "title": "ValueRange" } }, + "required": [ + "Unit" + ], "type": "object" }, - "AWS::DataSync::Task.Skipped": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Readiness": { "additionalProperties": false, "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", + "Message": { + "markdownDescription": "Any customer messaging.", + "title": "Message", "type": "string" + }, + "ProgressPercentage": { + "markdownDescription": "Approximately how far the Calculated Attribute creation is from completion.", + "title": "ProgressPercentage", + "type": "number" } }, "type": "object" }, - "AWS::DataSync::Task.Source": { - "additionalProperties": false, - "properties": { - "S3": { - "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfigSourceS3", - "markdownDescription": "", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.TaskReportConfig": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::DataSync::Task.Destination", - "markdownDescription": "Specifies the Amazon S3 bucket where DataSync uploads your task report. For more information, see [Task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html#task-report-access) .", - "title": "Destination" - }, - "ObjectVersionIds": { - "markdownDescription": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you [enable versioning on your bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html) . Keep in mind that setting this to `INCLUDE` can increase the duration of your task execution.", - "title": "ObjectVersionIds", - "type": "string" - }, - "OutputType": { - "markdownDescription": "Specifies the type of task report that you want:\n\n- `SUMMARY_ONLY` : Provides necessary details about your task, including the number of files, objects, and directories transferred and transfer duration.\n- `STANDARD` : Provides complete details about your task, including a full list of files, objects, and directories that were transferred, skipped, verified, and more.", - "title": "OutputType", + "Operator": { + "markdownDescription": "The operator of the threshold.", + "title": "Operator", "type": "string" }, - "Overrides": { - "$ref": "#/definitions/AWS::DataSync::Task.Overrides", - "markdownDescription": "Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that DataSync attempted to delete in your destination location.", - "title": "Overrides" - }, - "ReportLevel": { - "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to transfer, skip, verify, and delete.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to transfer, skip, verify, and delete.", - "title": "ReportLevel", + "Value": { + "markdownDescription": "The value of the threshold.", + "title": "Value", "type": "string" } }, "required": [ - "Destination", - "OutputType" + "Operator", + "Value" ], "type": "object" }, - "AWS::DataSync::Task.TaskReportConfigDestinationS3": { + "AWS::CustomerProfiles::CalculatedAttributeDefinition.ValueRange": { "additionalProperties": false, "properties": { - "BucketAccessRoleArn": { - "markdownDescription": "", - "title": "BucketAccessRoleArn", - "type": "string" - }, - "S3BucketArn": { - "markdownDescription": "", - "title": "S3BucketArn", - "type": "string" + "End": { + "markdownDescription": "The ending point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future.", + "title": "End", + "type": "number" }, - "Subdirectory": { - "markdownDescription": "", - "title": "Subdirectory", - "type": "string" + "Start": { + "markdownDescription": "The starting point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future.", + "title": "Start", + "type": "number" } }, + "required": [ + "End", + "Start" + ], "type": "object" }, - "AWS::DataSync::Task.TaskSchedule": { + "AWS::CustomerProfiles::Domain": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "Specifies your task schedule by using a cron or rate expression.\n\nUse cron expressions for task schedules that run on a specific time and day. For example, the following cron expression creates a task schedule that runs at 8 AM on the first Wednesday of every month:\n\n`cron(0 8 * * 3#1)`\n\nUse rate expressions for task schedules that run on a regular interval. For example, the following rate expression creates a task schedule that runs every 12 hours:\n\n`rate(12 hours)`\n\nFor information about cron and rate expression syntax, see the [*Amazon EventBridge User Guide*](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) .", - "title": "ScheduleExpression", - "type": "string" - }, - "Status": { - "markdownDescription": "Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to pause a recurring transfer to fix an issue with your task or perform maintenance on your storage system.\n\nDataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see [TaskScheduleDetails](https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html) .", - "title": "Status", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.Transferred": { - "additionalProperties": false, - "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataSync::Task.Verified": { - "additionalProperties": false, - "properties": { - "ReportLevel": { - "markdownDescription": "", - "title": "ReportLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DataZone::DataSource": { - "additionalProperties": false, - "properties": { - "Condition": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -63444,82 +69764,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetFormsInput": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.FormInput" - }, - "markdownDescription": "The metadata forms attached to the assets that the data source works with.", - "title": "AssetFormsInput", - "type": "array" - }, - "Configuration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.DataSourceConfigurationInput", - "markdownDescription": "The configuration of the data source.", - "title": "Configuration" - }, - "Description": { - "markdownDescription": "The description of the data source.", - "title": "Description", - "type": "string" - }, - "DomainIdentifier": { - "markdownDescription": "The ID of the Amazon DataZone domain where the data source is created.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnableSetting": { - "markdownDescription": "Specifies whether the data source is enabled.", - "title": "EnableSetting", + "DeadLetterQueueUrl": { + "markdownDescription": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", + "title": "DeadLetterQueueUrl", "type": "string" }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", - "title": "EnvironmentIdentifier", + "DefaultEncryptionKey": { + "markdownDescription": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.", + "title": "DefaultEncryptionKey", "type": "string" }, - "Name": { - "markdownDescription": "The name of the data source.", - "title": "Name", - "type": "string" + "DefaultExpirationDays": { + "markdownDescription": "The default number of days until the data within the domain expires.", + "title": "DefaultExpirationDays", + "type": "number" }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone project in which you want to add this data source.", - "title": "ProjectIdentifier", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "PublishOnImport": { - "markdownDescription": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog.", - "title": "PublishOnImport", - "type": "boolean" - }, - "Recommendation": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RecommendationConfiguration", - "markdownDescription": "Specifies whether the business name generation is to be enabled for this data source.", - "title": "Recommendation" + "Matching": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Matching", + "markdownDescription": "The process of matching duplicate profiles.", + "title": "Matching" }, - "Schedule": { - "$ref": "#/definitions/AWS::DataZone::DataSource.ScheduleConfiguration", - "markdownDescription": "The schedule of the data source runs.", - "title": "Schedule" + "RuleBasedMatching": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.RuleBasedMatching", + "markdownDescription": "The process of matching duplicate profiles using Rule-Based matching.", + "title": "RuleBasedMatching" }, - "Type": { - "markdownDescription": "The type of the data source. In Amazon DataZone, you can use data sources to import technical metadata of assets (data) from the source databases or data warehouses into Amazon DataZone. In the current release of Amazon DataZone, you can create and run data sources for AWS Glue and Amazon Redshift.", - "title": "Type", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "DomainIdentifier", - "EnvironmentIdentifier", - "Name", - "ProjectIdentifier", - "Type" + "DefaultExpirationDays", + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::DataSource" + "AWS::CustomerProfiles::Domain" ], "type": "string" }, @@ -63538,245 +69830,281 @@ ], "type": "object" }, - "AWS::DataZone::DataSource.DataSourceConfigurationInput": { + "AWS::CustomerProfiles::Domain.AttributeTypesSelector": { "additionalProperties": false, "properties": { - "GlueRunConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.GlueRunConfigurationInput", - "markdownDescription": "The configuration of the AWS Glue data source.", - "title": "GlueRunConfiguration" + "Address": { + "items": { + "type": "string" + }, + "markdownDescription": "The `Address` type. You can choose from `Address` , `BusinessAddress` , `MaillingAddress` , and `ShippingAddress` . You only can use the `Address` type in the `MatchingRule` . For example, if you want to match a profile based on `BusinessAddress.City` or `MaillingAddress.City` , you can choose the `BusinessAddress` and the `MaillingAddress` to represent the `Address` type and specify the `Address.City` on the matching rule.", + "title": "Address", + "type": "array" }, - "RedshiftRunConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftRunConfigurationInput", - "markdownDescription": "The configuration of the Amazon Redshift data source.", - "title": "RedshiftRunConfiguration" + "AttributeMatchingModel": { + "markdownDescription": "Configures the `AttributeMatchingModel` , you can either choose `ONE_TO_ONE` or `MANY_TO_MANY` .", + "title": "AttributeMatchingModel", + "type": "string" + }, + "EmailAddress": { + "items": { + "type": "string" + }, + "markdownDescription": "The Email type. You can choose from `EmailAddress` , `BusinessEmailAddress` and `PersonalEmailAddress` . You only can use the `EmailAddress` type in the `MatchingRule` . For example, if you want to match profile based on `PersonalEmailAddress` or `BusinessEmailAddress` , you can choose the `PersonalEmailAddress` and the `BusinessEmailAddress` to represent the `EmailAddress` type and only specify the `EmailAddress` on the matching rule.", + "title": "EmailAddress", + "type": "array" + }, + "PhoneNumber": { + "items": { + "type": "string" + }, + "markdownDescription": "The `PhoneNumber` type. You can choose from `PhoneNumber` , `HomePhoneNumber` , and `MobilePhoneNumber` . You only can use the `PhoneNumber` type in the `MatchingRule` . For example, if you want to match a profile based on `Phone` or `HomePhone` , you can choose the `Phone` and the `HomePhone` to represent the `PhoneNumber` type and only specify the `PhoneNumber` on the matching rule.", + "title": "PhoneNumber", + "type": "array" } }, + "required": [ + "AttributeMatchingModel" + ], "type": "object" }, - "AWS::DataZone::DataSource.FilterExpression": { + "AWS::CustomerProfiles::Domain.AutoMerging": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The search filter expression.", - "title": "Expression", - "type": "string" + "ConflictResolution": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", + "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", + "title": "ConflictResolution" }, - "Type": { - "markdownDescription": "The search filter explresison type.", - "title": "Type", - "type": "string" + "Consolidation": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Consolidation", + "markdownDescription": "A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged.", + "title": "Consolidation" + }, + "Enabled": { + "markdownDescription": "The flag that enables the auto-merging of duplicate profiles.", + "title": "Enabled", + "type": "boolean" + }, + "MinAllowedConfidenceScoreForMerging": { + "markdownDescription": "A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means that a higher similarity is required to merge profiles.", + "title": "MinAllowedConfidenceScoreForMerging", + "type": "number" } }, "required": [ - "Expression", - "Type" + "Enabled" ], "type": "object" }, - "AWS::DataZone::DataSource.FormInput": { + "AWS::CustomerProfiles::Domain.ConflictResolution": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "", - "title": "Content", - "type": "string" - }, - "FormName": { - "markdownDescription": "", - "title": "FormName", - "type": "string" - }, - "TypeIdentifier": { - "markdownDescription": "", - "title": "TypeIdentifier", + "ConflictResolvingModel": { + "markdownDescription": "How the auto-merging process should resolve conflicts between different profiles.", + "title": "ConflictResolvingModel", "type": "string" }, - "TypeRevision": { - "markdownDescription": "", - "title": "TypeRevision", + "SourceName": { + "markdownDescription": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel` .", + "title": "SourceName", "type": "string" } }, "required": [ - "FormName" + "ConflictResolvingModel" ], "type": "object" }, - "AWS::DataZone::DataSource.GlueRunConfigurationInput": { + "AWS::CustomerProfiles::Domain.Consolidation": { "additionalProperties": false, "properties": { - "AutoImportDataQualityResult": { - "markdownDescription": "Specifies whether to automatically import data quality metrics as part of the data source run.", - "title": "AutoImportDataQualityResult", - "type": "boolean" - }, - "DataAccessRole": { - "markdownDescription": "The data access role included in the configuration details of the AWS Glue data source.", - "title": "DataAccessRole", - "type": "string" - }, - "RelationalFilterConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" - }, - "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", - "title": "RelationalFilterConfigurations", - "type": "array" + "MatchingAttributesList": { + "markdownDescription": "A list of matching criteria.", + "title": "MatchingAttributesList", + "type": "object" } }, "required": [ - "RelationalFilterConfigurations" + "MatchingAttributesList" ], "type": "object" }, - "AWS::DataZone::DataSource.RecommendationConfiguration": { + "AWS::CustomerProfiles::Domain.DomainStats": { "additionalProperties": false, "properties": { - "EnableBusinessNameGeneration": { - "markdownDescription": "Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration.", - "title": "EnableBusinessNameGeneration", - "type": "boolean" + "MeteringProfileCount": { + "markdownDescription": "The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on.", + "title": "MeteringProfileCount", + "type": "number" + }, + "ObjectCount": { + "markdownDescription": "The total number of objects in domain.", + "title": "ObjectCount", + "type": "number" + }, + "ProfileCount": { + "markdownDescription": "The total number of profiles currently in the domain.", + "title": "ProfileCount", + "type": "number" + }, + "TotalSize": { + "markdownDescription": "The total size, in bytes, of all objects in the domain.", + "title": "TotalSize", + "type": "number" } }, "type": "object" }, - "AWS::DataZone::DataSource.RedshiftClusterStorage": { + "AWS::CustomerProfiles::Domain.ExportingConfig": { "additionalProperties": false, "properties": { - "ClusterName": { - "markdownDescription": "The name of an Amazon Redshift cluster.", - "title": "ClusterName", - "type": "string" + "S3Exporting": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.S3ExportingConfig", + "markdownDescription": "", + "title": "S3Exporting" } }, - "required": [ - "ClusterName" - ], "type": "object" }, - "AWS::DataZone::DataSource.RedshiftCredentialConfiguration": { + "AWS::CustomerProfiles::Domain.JobSchedule": { "additionalProperties": false, "properties": { - "SecretManagerArn": { - "markdownDescription": "The ARN of a secret manager for an Amazon Redshift cluster.", - "title": "SecretManagerArn", + "DayOfTheWeek": { + "markdownDescription": "The day when the Identity Resolution Job should run every week.", + "title": "DayOfTheWeek", + "type": "string" + }, + "Time": { + "markdownDescription": "The time when the Identity Resolution Job should run every week.", + "title": "Time", "type": "string" } }, "required": [ - "SecretManagerArn" + "DayOfTheWeek", + "Time" ], "type": "object" }, - "AWS::DataZone::DataSource.RedshiftRunConfigurationInput": { + "AWS::CustomerProfiles::Domain.Matching": { "additionalProperties": false, "properties": { - "DataAccessRole": { - "markdownDescription": "The data access role included in the configuration details of the Amazon Redshift data source.", - "title": "DataAccessRole", - "type": "string" + "AutoMerging": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AutoMerging", + "markdownDescription": "Configuration information about the auto-merging process.", + "title": "AutoMerging" }, - "RedshiftCredentialConfiguration": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftCredentialConfiguration", - "markdownDescription": "The details of the credentials required to access an Amazon Redshift cluster.", - "title": "RedshiftCredentialConfiguration" + "Enabled": { + "markdownDescription": "The flag that enables the matching process of duplicate profiles.", + "title": "Enabled", + "type": "boolean" }, - "RedshiftStorage": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftStorage", - "markdownDescription": "The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run.", - "title": "RedshiftStorage" + "ExportingConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", + "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", + "title": "ExportingConfig" }, - "RelationalFilterConfigurations": { - "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" - }, - "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", - "title": "RelationalFilterConfigurations", - "type": "array" + "JobSchedule": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.JobSchedule", + "markdownDescription": "The day and time when do you want to start the Identity Resolution Job every week.", + "title": "JobSchedule" } }, "required": [ - "RedshiftCredentialConfiguration", - "RedshiftStorage", - "RelationalFilterConfigurations" + "Enabled" ], "type": "object" }, - "AWS::DataZone::DataSource.RedshiftServerlessStorage": { + "AWS::CustomerProfiles::Domain.MatchingRule": { "additionalProperties": false, "properties": { - "WorkgroupName": { - "markdownDescription": "The name of the Amazon Redshift Serverless workgroup.", - "title": "WorkgroupName", - "type": "string" + "Rule": { + "items": { + "type": "string" + }, + "markdownDescription": "A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles.", + "title": "Rule", + "type": "array" } }, "required": [ - "WorkgroupName" + "Rule" ], "type": "object" }, - "AWS::DataZone::DataSource.RedshiftStorage": { + "AWS::CustomerProfiles::Domain.RuleBasedMatching": { "additionalProperties": false, "properties": { - "RedshiftClusterSource": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftClusterStorage", - "markdownDescription": "The details of the Amazon Redshift cluster source.", - "title": "RedshiftClusterSource" + "AttributeTypesSelector": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AttributeTypesSelector", + "markdownDescription": "Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles.", + "title": "AttributeTypesSelector" }, - "RedshiftServerlessSource": { - "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftServerlessStorage", - "markdownDescription": "The details of the Amazon Redshift Serverless workgroup source.", - "title": "RedshiftServerlessSource" - } - }, - "type": "object" - }, - "AWS::DataZone::DataSource.RelationalFilterConfiguration": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The database name specified in the relational filter configuration for the data source.", - "title": "DatabaseName", - "type": "string" + "ConflictResolution": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", + "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", + "title": "ConflictResolution" }, - "FilterExpressions": { + "Enabled": { + "markdownDescription": "The flag that enables the matching process of duplicate profiles.", + "title": "Enabled", + "type": "boolean" + }, + "ExportingConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", + "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", + "title": "ExportingConfig" + }, + "MatchingRules": { "items": { - "$ref": "#/definitions/AWS::DataZone::DataSource.FilterExpression" + "$ref": "#/definitions/AWS::CustomerProfiles::Domain.MatchingRule" }, - "markdownDescription": "The filter expressions specified in the relational filter configuration for the data source.", - "title": "FilterExpressions", + "markdownDescription": "Configures how the rule-based matching process should match profiles. You can have up to 15 `MatchingRule` in the `MatchingRules` .", + "title": "MatchingRules", "type": "array" }, - "SchemaName": { - "markdownDescription": "The schema name specified in the relational filter configuration for the data source.", - "title": "SchemaName", + "MaxAllowedRuleLevelForMatching": { + "markdownDescription": "Indicates the maximum allowed rule level for matching.", + "title": "MaxAllowedRuleLevelForMatching", + "type": "number" + }, + "MaxAllowedRuleLevelForMerging": { + "markdownDescription": "Indicates the maximum allowed rule level for merging.", + "title": "MaxAllowedRuleLevelForMerging", + "type": "number" + }, + "Status": { + "markdownDescription": "The status of rule-based matching rule.", + "title": "Status", "type": "string" } }, "required": [ - "DatabaseName" + "Enabled" ], "type": "object" }, - "AWS::DataZone::DataSource.ScheduleConfiguration": { + "AWS::CustomerProfiles::Domain.S3ExportingConfig": { "additionalProperties": false, "properties": { - "Schedule": { - "markdownDescription": "The schedule of the data source runs.", - "title": "Schedule", + "S3BucketName": { + "markdownDescription": "The name of the S3 bucket where Identity Resolution Jobs write result files.", + "title": "S3BucketName", "type": "string" }, - "Timezone": { - "markdownDescription": "The timezone of the data source run.", - "title": "Timezone", + "S3KeyName": { + "markdownDescription": "The S3 key name of the location where Identity Resolution Jobs write result files.", + "title": "S3KeyName", "type": "string" } }, + "required": [ + "S3BucketName" + ], "type": "object" }, - "AWS::DataZone::Domain": { + "AWS::CustomerProfiles::EventStream": { "additionalProperties": false, "properties": { "Condition": { @@ -63811,49 +70139,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Amazon DataZone domain.", - "title": "Description", - "type": "string" - }, - "DomainExecutionRole": { - "markdownDescription": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain.", - "title": "DomainExecutionRole", - "type": "string" - }, - "KmsKeyIdentifier": { - "markdownDescription": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data.", - "title": "KmsKeyIdentifier", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the Amazon DataZone domain.", - "title": "Name", + "EventStreamName": { + "markdownDescription": "The name of the event stream.", + "title": "EventStreamName", "type": "string" }, - "SingleSignOn": { - "$ref": "#/definitions/AWS::DataZone::Domain.SingleSignOn", - "markdownDescription": "The single sign-on details in Amazon DataZone.", - "title": "SingleSignOn" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags specified for the Amazon DataZone domain.", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" + }, + "Uri": { + "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", + "title": "Uri", + "type": "string" } }, "required": [ - "DomainExecutionRole", - "Name" + "DomainName", + "EventStreamName", + "Uri" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Domain" + "AWS::CustomerProfiles::EventStream" ], "type": "string" }, @@ -63872,23 +70191,27 @@ ], "type": "object" }, - "AWS::DataZone::Domain.SingleSignOn": { + "AWS::CustomerProfiles::EventStream.DestinationDetails": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of single sign-on in Amazon DataZone.", - "title": "Type", + "Status": { + "markdownDescription": "The status of enabling the Kinesis stream as a destination for export.", + "title": "Status", "type": "string" }, - "UserAssignment": { - "markdownDescription": "The single sign-on user assignment in Amazon DataZone.", - "title": "UserAssignment", + "Uri": { + "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", + "title": "Uri", "type": "string" } }, + "required": [ + "Status", + "Uri" + ], "type": "object" }, - "AWS::DataZone::Environment": { + "AWS::CustomerProfiles::EventTrigger": { "additionalProperties": false, "properties": { "Condition": { @@ -63924,58 +70247,63 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the environment.", + "markdownDescription": "The description of the event trigger.", "title": "Description", "type": "string" }, - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment is created.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnvironmentProfileIdentifier": { - "markdownDescription": "The identifier of the environment profile that is used to create this Amazon DataZone environment.", - "title": "EnvironmentProfileIdentifier", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "GlossaryTerms": { + "EventTriggerConditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerCondition" }, - "markdownDescription": "The glossary terms that can be used in this Amazon DataZone environment.", - "title": "GlossaryTerms", + "markdownDescription": "A list of conditions that determine when an event should trigger the destination.", + "title": "EventTriggerConditions", "type": "array" }, - "Name": { - "markdownDescription": "The name of the Amazon DataZone environment.", - "title": "Name", + "EventTriggerLimits": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerLimits", + "markdownDescription": "Defines limits controlling whether an event triggers the destination, based on ingestion latency and the number of invocations per profile over specific time periods.", + "title": "EventTriggerLimits" + }, + "EventTriggerName": { + "markdownDescription": "The unique name of the event trigger.", + "title": "EventTriggerName", "type": "string" }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone project in which this environment is created.", - "title": "ProjectIdentifier", + "ObjectTypeName": { + "markdownDescription": "The unique name of the object type.", + "title": "ObjectTypeName", "type": "string" }, - "UserParameters": { + "SegmentFilter": { + "markdownDescription": "The destination is triggered only for profiles that meet the criteria of a segment definition.", + "title": "SegmentFilter", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::DataZone::Environment.EnvironmentParameter" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The user parameters of this Amazon DataZone environment.", - "title": "UserParameters", + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", "type": "array" } }, "required": [ - "DomainIdentifier", - "EnvironmentProfileIdentifier", - "Name", - "ProjectIdentifier" + "DomainName", + "EventTriggerConditions", + "EventTriggerName", + "ObjectTypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Environment" + "AWS::CustomerProfiles::EventTrigger" ], "type": "string" }, @@ -63994,271 +70322,129 @@ ], "type": "object" }, - "AWS::DataZone::Environment.EnvironmentParameter": { + "AWS::CustomerProfiles::EventTrigger.EventTriggerCondition": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the environment parameter.", - "title": "Name", - "type": "string" + "EventTriggerDimensions": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.EventTriggerDimension" + }, + "markdownDescription": "A list of dimensions to be evaluated for the event.", + "title": "EventTriggerDimensions", + "type": "array" }, - "Value": { - "markdownDescription": "The value of the environment parameter.", - "title": "Value", + "LogicalOperator": { + "markdownDescription": "The operator used to combine multiple dimensions.", + "title": "LogicalOperator", "type": "string" } }, + "required": [ + "EventTriggerDimensions", + "LogicalOperator" + ], "type": "object" }, - "AWS::DataZone::EnvironmentBlueprintConfiguration": { + "AWS::CustomerProfiles::EventTrigger.EventTriggerDimension": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which an environment blueprint exists.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnabledRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "The enabled AWS Regions specified in a blueprint configuration.", - "title": "EnabledRegions", - "type": "array" - }, - "EnvironmentBlueprintIdentifier": { - "markdownDescription": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` .", - "title": "EnvironmentBlueprintIdentifier", - "type": "string" - }, - "ManageAccessRoleArn": { - "markdownDescription": "The ARN of the manage access role.", - "title": "ManageAccessRoleArn", - "type": "string" - }, - "ProvisioningRoleArn": { - "markdownDescription": "The ARN of the provisioning role.", - "title": "ProvisioningRoleArn", - "type": "string" - }, - "RegionalParameters": { - "items": { - "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter" - }, - "markdownDescription": "The regional parameters of the environment blueprint.", - "title": "RegionalParameters", - "type": "array" - } + "ObjectAttributes": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.ObjectAttribute" }, - "required": [ - "DomainIdentifier", - "EnabledRegions", - "EnvironmentBlueprintIdentifier" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DataZone::EnvironmentBlueprintConfiguration" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A list of object attributes to be evaluated.", + "title": "ObjectAttributes", + "type": "array" } }, "required": [ - "Type", - "Properties" + "ObjectAttributes" ], "type": "object" }, - "AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter": { + "AWS::CustomerProfiles::EventTrigger.EventTriggerLimits": { "additionalProperties": false, "properties": { - "Parameters": { - "additionalProperties": true, - "markdownDescription": "A string to string map containing parameters for the region.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "EventExpiration": { + "markdownDescription": "Specifies that an event will only trigger the destination if it is processed within a certain latency period.", + "title": "EventExpiration", + "type": "number" }, - "Region": { - "markdownDescription": "The region specified in the environment parameter.", - "title": "Region", - "type": "string" + "Periods": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger.Period" + }, + "markdownDescription": "A list of time periods during which the limits apply.", + "title": "Periods", + "type": "array" } }, "type": "object" }, - "AWS::DataZone::EnvironmentProfile": { + "AWS::CustomerProfiles::EventTrigger.ObjectAttribute": { "additionalProperties": false, "properties": { - "Condition": { + "ComparisonOperator": { + "markdownDescription": "The operator used to compare an attribute against a list of values.", + "title": "ComparisonOperator", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FieldName": { + "markdownDescription": "A field defined within an object type.", + "title": "FieldName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The identifier of an AWS account in which an environment profile exists.", - "title": "AwsAccountId", - "type": "string" - }, - "AwsAccountRegion": { - "markdownDescription": "The AWS Region in which an environment profile exists.", - "title": "AwsAccountRegion", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the environment profile.", - "title": "Description", - "type": "string" - }, - "DomainIdentifier": { - "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment profile exists.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnvironmentBlueprintIdentifier": { - "markdownDescription": "The identifier of a blueprint with which an environment profile is created.", - "title": "EnvironmentBlueprintIdentifier", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment profile.", - "title": "Name", - "type": "string" - }, - "ProjectIdentifier": { - "markdownDescription": "The identifier of a project in which an environment profile exists.", - "title": "ProjectIdentifier", - "type": "string" - }, - "UserParameters": { - "items": { - "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile.EnvironmentParameter" - }, - "markdownDescription": "The user parameters of this Amazon DataZone environment profile.", - "title": "UserParameters", - "type": "array" - } - }, - "required": [ - "AwsAccountId", - "AwsAccountRegion", - "DomainIdentifier", - "EnvironmentBlueprintIdentifier", - "Name", - "ProjectIdentifier" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DataZone::EnvironmentProfile" - ], + "Source": { + "markdownDescription": "An attribute contained within a source object.", + "title": "Source", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The amount of time of the specified unit.", + "title": "Values", + "type": "array" } }, "required": [ - "Type", - "Properties" + "ComparisonOperator", + "Values" ], "type": "object" }, - "AWS::DataZone::EnvironmentProfile.EnvironmentParameter": { + "AWS::CustomerProfiles::EventTrigger.Period": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name specified in the environment parameter.", - "title": "Name", + "MaxInvocationsPerProfile": { + "markdownDescription": "The maximum allowed number of destination invocations per profile.", + "title": "MaxInvocationsPerProfile", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of time.", + "title": "Unit", "type": "string" }, + "Unlimited": { + "markdownDescription": "If set to true, there is no limit on the number of destination invocations per profile. The default is false.", + "title": "Unlimited", + "type": "boolean" + }, "Value": { - "markdownDescription": "The value of the environment profile.", + "markdownDescription": "The amount of time of the specified unit.", "title": "Value", - "type": "string" + "type": "number" } }, + "required": [ + "Unit", + "Value" + ], "type": "object" }, - "AWS::DataZone::Project": { + "AWS::CustomerProfiles::Integration": { "additionalProperties": false, "properties": { "Condition": { @@ -64293,39 +70479,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of a project.", - "title": "Description", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "DomainIdentifier": { - "markdownDescription": "The identifier of a Amazon DataZone domain where the project exists.", - "title": "DomainIdentifier", + "EventTriggerNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of unique names for active event triggers associated with the integration.", + "title": "EventTriggerNames", + "type": "array" + }, + "FlowDefinition": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.FlowDefinition", + "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", + "title": "FlowDefinition" + }, + "ObjectTypeName": { + "markdownDescription": "The name of the profile object type mapping to use.", + "title": "ObjectTypeName", "type": "string" }, - "GlossaryTerms": { + "ObjectTypeNames": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ObjectTypeMapping" }, - "markdownDescription": "The glossary terms that can be used in this Amazon DataZone project.", - "title": "GlossaryTerms", + "markdownDescription": "The object type mapping.", + "title": "ObjectTypeNames", "type": "array" }, - "Name": { - "markdownDescription": "The name of a project.", - "title": "Name", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "Uri": { + "markdownDescription": "The URI of the S3 bucket or any other type of data source.", + "title": "Uri", "type": "string" } }, "required": [ - "DomainIdentifier", - "Name" + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DataZone::Project" + "AWS::CustomerProfiles::Integration" ], "type": "string" }, @@ -64344,155 +70550,401 @@ ], "type": "object" }, - "AWS::DataZone::SubscriptionTarget": { + "AWS::CustomerProfiles::Integration.ConnectorOperator": { "additionalProperties": false, "properties": { - "Condition": { + "Marketo": { + "markdownDescription": "The operation to be performed on the provided Marketo source fields.", + "title": "Marketo", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3": { + "markdownDescription": "The operation to be performed on the provided Amazon S3 source fields.", + "title": "S3", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicableAssetTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The asset types included in the subscription target.", - "title": "ApplicableAssetTypes", - "type": "array" - }, - "AuthorizedPrincipals": { - "items": { - "type": "string" - }, - "markdownDescription": "The authorized principals included in the subscription target.", - "title": "AuthorizedPrincipals", - "type": "array" - }, - "DomainIdentifier": { - "markdownDescription": "The ID of the Amazon DataZone domain in which subscription target is created.", - "title": "DomainIdentifier", - "type": "string" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The ID of the environment in which subscription target is created.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "ManageAccessRole": { - "markdownDescription": "The manage access role that is used to create the subscription target.", - "title": "ManageAccessRole", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the subscription target.", - "title": "Name", - "type": "string" - }, - "Provider": { - "markdownDescription": "The provider of the subscription target.", - "title": "Provider", - "type": "string" - }, - "SubscriptionTargetConfig": { - "items": { - "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm" - }, - "markdownDescription": "The configuration of the subscription target.", - "title": "SubscriptionTargetConfig", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the subscription target.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "ApplicableAssetTypes", - "AuthorizedPrincipals", - "DomainIdentifier", - "EnvironmentIdentifier", - "ManageAccessRole", - "Name", - "SubscriptionTargetConfig", - "Type" - ], - "type": "object" + "Salesforce": { + "markdownDescription": "The operation to be performed on the provided Salesforce source fields.", + "title": "Salesforce", + "type": "string" }, - "Type": { - "enum": [ - "AWS::DataZone::SubscriptionTarget" - ], + "ServiceNow": { + "markdownDescription": "The operation to be performed on the provided ServiceNow source fields.", + "title": "ServiceNow", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Zendesk": { + "markdownDescription": "The operation to be performed on the provided Zendesk source fields.", + "title": "Zendesk", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm": { + "AWS::CustomerProfiles::Integration.FlowDefinition": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content of the subscription target configuration.", - "title": "Content", + "Description": { + "markdownDescription": "A description of the flow you want to create.", + "title": "Description", "type": "string" }, - "FormName": { - "markdownDescription": "The form name included in the subscription target configuration.", - "title": "FormName", + "FlowName": { + "markdownDescription": "The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed.", + "title": "FlowName", + "type": "string" + }, + "KmsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption.", + "title": "KmsArn", "type": "string" + }, + "SourceFlowConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceFlowConfig", + "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", + "title": "SourceFlowConfig" + }, + "Tasks": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.Task" + }, + "markdownDescription": "A list of tasks that Customer Profiles performs while transferring the data in the flow run.", + "title": "Tasks", + "type": "array" + }, + "TriggerConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerConfig", + "markdownDescription": "The trigger settings that determine how and when the flow runs.", + "title": "TriggerConfig" } }, "required": [ - "Content", - "FormName" + "FlowName", + "KmsArn", + "SourceFlowConfig", + "Tasks", + "TriggerConfig" ], "type": "object" }, - "AWS::Deadline::Farm": { + "AWS::CustomerProfiles::Integration.IncrementalPullConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, + "DatetimeTypeFieldName": { + "markdownDescription": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.", + "title": "DatetimeTypeFieldName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Integration.MarketoSourceProperties": { + "additionalProperties": false, + "properties": { + "Object": { + "markdownDescription": "The object specified in the Marketo flow source.", + "title": "Object", + "type": "string" + } + }, + "required": [ + "Object" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.ObjectTypeMapping": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.S3SourceProperties": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The Amazon S3 bucket name where the source files are stored.", + "title": "BucketName", + "type": "string" + }, + "BucketPrefix": { + "markdownDescription": "The object key for the Amazon S3 bucket in which the source files are stored.", + "title": "BucketPrefix", + "type": "string" + } + }, + "required": [ + "BucketName" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.SalesforceSourceProperties": { + "additionalProperties": false, + "properties": { + "EnableDynamicFieldUpdate": { + "markdownDescription": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.", + "title": "EnableDynamicFieldUpdate", + "type": "boolean" + }, + "IncludeDeletedRecords": { + "markdownDescription": "Indicates whether Amazon AppFlow includes deleted files in the flow run.", + "title": "IncludeDeletedRecords", + "type": "boolean" + }, + "Object": { + "markdownDescription": "The object specified in the Salesforce flow source.", + "title": "Object", + "type": "string" + } + }, + "required": [ + "Object" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.ScheduledTriggerProperties": { + "additionalProperties": false, + "properties": { + "DataPullMode": { + "markdownDescription": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.", + "title": "DataPullMode", + "type": "string" + }, + "FirstExecutionFrom": { + "markdownDescription": "Specifies the date range for the records to import from the connector in the first flow run.", + "title": "FirstExecutionFrom", + "type": "number" + }, + "ScheduleEndTime": { + "markdownDescription": "Specifies the scheduled end time for a scheduled-trigger flow.", + "title": "ScheduleEndTime", + "type": "number" + }, + "ScheduleExpression": { + "markdownDescription": "The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes).", + "title": "ScheduleExpression", + "type": "string" + }, + "ScheduleOffset": { + "markdownDescription": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow.", + "title": "ScheduleOffset", + "type": "number" + }, + "ScheduleStartTime": { + "markdownDescription": "Specifies the scheduled start time for a scheduled-trigger flow. The value must be a date/time value in EPOCH format.", + "title": "ScheduleStartTime", + "type": "number" + }, + "Timezone": { + "markdownDescription": "Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York.", + "title": "Timezone", + "type": "string" + } + }, + "required": [ + "ScheduleExpression" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.ServiceNowSourceProperties": { + "additionalProperties": false, + "properties": { + "Object": { + "markdownDescription": "The object specified in the ServiceNow flow source.", + "title": "Object", + "type": "string" + } + }, + "required": [ + "Object" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.SourceConnectorProperties": { + "additionalProperties": false, + "properties": { + "Marketo": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.MarketoSourceProperties", + "markdownDescription": "The properties that are applied when Marketo is being used as a source.", + "title": "Marketo" + }, + "S3": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.S3SourceProperties", + "markdownDescription": "The properties that are applied when Amazon S3 is being used as the flow source.", + "title": "S3" + }, + "Salesforce": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SalesforceSourceProperties", + "markdownDescription": "The properties that are applied when Salesforce is being used as a source.", + "title": "Salesforce" + }, + "ServiceNow": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ServiceNowSourceProperties", + "markdownDescription": "The properties that are applied when ServiceNow is being used as a source.", + "title": "ServiceNow" + }, + "Zendesk": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ZendeskSourceProperties", + "markdownDescription": "The properties that are applied when using Zendesk as a flow source.", + "title": "Zendesk" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Integration.SourceFlowConfig": { + "additionalProperties": false, + "properties": { + "ConnectorProfileName": { + "markdownDescription": "The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account .", + "title": "ConnectorProfileName", + "type": "string" + }, + "ConnectorType": { + "markdownDescription": "The type of connector, such as Salesforce, Marketo, and so on.", + "title": "ConnectorType", + "type": "string" + }, + "IncrementalPullConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.IncrementalPullConfig", + "markdownDescription": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.", + "title": "IncrementalPullConfig" + }, + "SourceConnectorProperties": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceConnectorProperties", + "markdownDescription": "Specifies the information that is required to query a particular source connector.", + "title": "SourceConnectorProperties" + } + }, + "required": [ + "ConnectorType", + "SourceConnectorProperties" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.Task": { + "additionalProperties": false, + "properties": { + "ConnectorOperator": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ConnectorOperator", + "markdownDescription": "The operation to be performed on the provided source fields.", + "title": "ConnectorOperator" + }, + "DestinationField": { + "markdownDescription": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.", + "title": "DestinationField", + "type": "string" + }, + "SourceFields": { + "items": { + "type": "string" + }, + "markdownDescription": "The source fields to which a particular task is applied.", + "title": "SourceFields", + "type": "array" + }, + "TaskProperties": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TaskPropertiesMap" + }, + "markdownDescription": "A map used to store task-related information. The service looks for particular information based on the TaskType.", + "title": "TaskProperties", + "type": "array" + }, + "TaskType": { + "markdownDescription": "Specifies the particular task implementation that Amazon AppFlow performs.", + "title": "TaskType", + "type": "string" + } + }, + "required": [ + "SourceFields", + "TaskType" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.TaskPropertiesMap": { + "additionalProperties": false, + "properties": { + "OperatorPropertyKey": { + "markdownDescription": "The task property key.", + "title": "OperatorPropertyKey", + "type": "string" + }, + "Property": { + "markdownDescription": "The task property value.", + "title": "Property", + "type": "string" + } + }, + "required": [ + "OperatorPropertyKey", + "Property" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.TriggerConfig": { + "additionalProperties": false, + "properties": { + "TriggerProperties": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerProperties", + "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type.", + "title": "TriggerProperties" + }, + "TriggerType": { + "markdownDescription": "Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event.", + "title": "TriggerType", + "type": "string" + } + }, + "required": [ + "TriggerType" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Integration.TriggerProperties": { + "additionalProperties": false, + "properties": { + "Scheduled": { + "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ScheduledTriggerProperties", + "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define.", + "title": "Scheduled" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Integration.ZendeskSourceProperties": { + "additionalProperties": false, + "properties": { + "Object": { + "markdownDescription": "The object specified in the Zendesk flow source.", + "title": "Object", + "type": "string" + } + }, + "required": [ + "Object" + ], + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -64522,30 +70974,86 @@ "Properties": { "additionalProperties": false, "properties": { + "AllowProfileCreation": { + "markdownDescription": "Indicates whether a profile should be created when data is received if one doesn\u2019t exist for an object of this type. The default is `FALSE` . If the AllowProfileCreation flag is set to `FALSE` , then the service tries to fetch a standard profile and associate this object with the profile. If it is set to `TRUE` , and if no match is found, then the service creates a new standard profile.", + "title": "AllowProfileCreation", + "type": "boolean" + }, "Description": { - "markdownDescription": "A description of the farm that helps identify what the farm is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "markdownDescription": "The description of the profile object type mapping.", "title": "Description", "type": "string" }, - "DisplayName": { - "markdownDescription": "The display name of the farm.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", + "DomainName": { + "markdownDescription": "The unique name of the domain.", + "title": "DomainName", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The ARN for the KMS key.", - "title": "KmsKeyArn", + "EncryptionKey": { + "markdownDescription": "The customer-provided key to encrypt the profile object that will be created in this profile object type mapping. If not specified the system will use the encryption key of the domain.", + "title": "EncryptionKey", + "type": "string" + }, + "ExpirationDays": { + "markdownDescription": "The number of days until the data of this type expires.", + "title": "ExpirationDays", + "type": "number" + }, + "Fields": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.FieldMap" + }, + "markdownDescription": "A list of field definitions for the object type mapping.", + "title": "Fields", + "type": "array" + }, + "Keys": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.KeyMap" + }, + "markdownDescription": "A list of keys that can be used to map data to the profile or search for the profile.", + "title": "Keys", + "type": "array" + }, + "MaxProfileObjectCount": { + "markdownDescription": "The amount of profile object max count assigned to the object type.", + "title": "MaxProfileObjectCount", + "type": "number" + }, + "ObjectTypeName": { + "markdownDescription": "The name of the profile object type.", + "title": "ObjectTypeName", + "type": "string" + }, + "SourceLastUpdatedTimestampFormat": { + "markdownDescription": "The format of your sourceLastUpdatedTimestamp that was previously set up.", + "title": "SourceLastUpdatedTimestampFormat", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "TemplateId": { + "markdownDescription": "A unique identifier for the template mapping. This can be used instead of specifying the Keys and Fields properties directly.", + "title": "TemplateId", "type": "string" } }, "required": [ - "DisplayName" + "Description", + "DomainName", + "ObjectTypeName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::Farm" + "AWS::CustomerProfiles::ObjectType" ], "type": "string" }, @@ -64564,7 +71072,85 @@ ], "type": "object" }, - "AWS::Deadline::Fleet": { + "AWS::CustomerProfiles::ObjectType.FieldMap": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the field.", + "title": "Name", + "type": "string" + }, + "ObjectTypeField": { + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeField", + "markdownDescription": "Represents a field in a ProfileObjectType.", + "title": "ObjectTypeField" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType.KeyMap": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the key.", + "title": "Name", + "type": "string" + }, + "ObjectTypeKeyList": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeKey" + }, + "markdownDescription": "A list of ObjectTypeKey.", + "title": "ObjectTypeKeyList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType.ObjectTypeField": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type of the field. Used for determining equality when searching.", + "title": "ContentType", + "type": "string" + }, + "Source": { + "markdownDescription": "A field of a ProfileObject. For example: _source.FirstName, where \u201c_source\u201d is a ProfileObjectType of a Zendesk user and \u201cFirstName\u201d is a field in that ObjectType.", + "title": "Source", + "type": "string" + }, + "Target": { + "markdownDescription": "The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode.", + "title": "Target", + "type": "string" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::ObjectType.ObjectTypeKey": { + "additionalProperties": false, + "properties": { + "FieldNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The reference for the key name of the fields map.", + "title": "FieldNames", + "type": "array" + }, + "StandardIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles.", + "title": "StandardIdentifiers", + "type": "array" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -64599,53 +71185,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetConfiguration", - "markdownDescription": "The configuration details for the fleet.", - "title": "Configuration" - }, "Description": { - "markdownDescription": "A description that helps identify what the fleet is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "markdownDescription": "The description of the segment definition.", "title": "Description", "type": "string" }, "DisplayName": { - "markdownDescription": "The display name of the fleet summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "markdownDescription": "Display name of the segment definition.", "title": "DisplayName", "type": "string" }, - "FarmId": { - "markdownDescription": "The farm ID.", - "title": "FarmId", + "DomainName": { + "markdownDescription": "The name of the domain.", + "title": "DomainName", "type": "string" }, - "MaxWorkerCount": { - "markdownDescription": "The maximum number of workers specified in the fleet.", - "title": "MaxWorkerCount", - "type": "number" + "SegmentDefinitionName": { + "markdownDescription": "Name of the segment definition.", + "title": "SegmentDefinitionName", + "type": "string" }, - "MinWorkerCount": { - "markdownDescription": "The minimum number of workers in the fleet.", - "title": "MinWorkerCount", - "type": "number" + "SegmentGroups": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.SegmentGroup", + "markdownDescription": "Contains all groups of the segment definition.", + "title": "SegmentGroups" }, - "RoleArn": { - "markdownDescription": "The IAM role that workers in the fleet use when processing jobs.", - "title": "RoleArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags belonging to the segment definition.", + "title": "Tags", + "type": "array" } }, "required": [ - "Configuration", "DisplayName", - "MaxWorkerCount", - "RoleArn" + "DomainName", + "SegmentDefinitionName", + "SegmentGroups" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::Fleet" + "AWS::CustomerProfiles::SegmentDefinition" ], "type": "string" }, @@ -64664,384 +71248,428 @@ ], "type": "object" }, - "AWS::Deadline::Fleet.AcceleratorCountRange": { + "AWS::CustomerProfiles::SegmentDefinition.AddressDimension": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of GPU accelerators in the worker host.", - "title": "Max", - "type": "number" + "City": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The city belonging to the address.", + "title": "City" }, - "Min": { - "markdownDescription": "The minimum number of GPU accelerators in the worker host.", - "title": "Min", - "type": "number" - } - }, - "required": [ - "Min" - ], - "type": "object" - }, - "AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory to use for the accelerator, measured in MiB.", - "title": "Max", - "type": "number" + "Country": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The country belonging to the address.", + "title": "Country" }, - "Min": { - "markdownDescription": "The minimum amount of memory to use for the accelerator, measured in MiB.", - "title": "Min", - "type": "number" + "County": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The county belonging to the address.", + "title": "County" + }, + "PostalCode": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The postal code belonging to the address.", + "title": "PostalCode" + }, + "Province": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The province belonging to the address.", + "title": "Province" + }, + "State": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "The state belonging to the address.", + "title": "State" } }, - "required": [ - "Min" - ], "type": "object" }, - "AWS::Deadline::Fleet.CustomerManagedFleetConfiguration": { + "AWS::CustomerProfiles::SegmentDefinition.AttributeDimension": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The AWS Auto Scaling mode for the customer managed fleet configuration.", - "title": "Mode", - "type": "string" - }, - "StorageProfileId": { - "markdownDescription": "The storage profile ID.", - "title": "StorageProfileId", + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" }, - "WorkerCapabilities": { - "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities", - "markdownDescription": "The worker capabilities for a customer managed fleet configuration.", - "title": "WorkerCapabilities" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "Mode", - "WorkerCapabilities" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities": { + "AWS::CustomerProfiles::SegmentDefinition.CalculatedAttributeDimension": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", - "markdownDescription": "The range of the accelerator.", - "title": "AcceleratorCount" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange", - "markdownDescription": "The total memory (MiB) for the customer managed worker capabilities.", - "title": "AcceleratorTotalMemoryMiB" - }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types for the customer managed worker capabilities.", - "title": "AcceleratorTypes", - "type": "array" + "ConditionOverrides": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ConditionOverrides", + "markdownDescription": "Applies the given condition over the initial Calculated Attribute's definition.", + "title": "ConditionOverrides" }, - "CpuArchitectureType": { - "markdownDescription": "The CPU architecture type for the customer managed worker capabilities.", - "title": "CpuArchitectureType", + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" }, - "CustomAmounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "Custom requirement ranges for customer managed worker capabilities.", - "title": "CustomAmounts", - "type": "array" - }, - "CustomAttributes": { + "Values": { "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + "type": "string" }, - "markdownDescription": "Custom attributes for the customer manged worker capabilities.", - "title": "CustomAttributes", + "markdownDescription": "The values to apply the DimensionType with.", + "title": "Values", "type": "array" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", - "markdownDescription": "The memory (MiB).", - "title": "MemoryMiB" - }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", - "type": "string" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", - "markdownDescription": "The vCPU count for the customer manged worker capabilities.", - "title": "VCpuCount" } }, "required": [ - "CpuArchitectureType", - "MemoryMiB", - "OsFamily", - "VCpuCount" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Fleet.Ec2EbsVolume": { + "AWS::CustomerProfiles::SegmentDefinition.ConditionOverrides": { "additionalProperties": false, "properties": { - "Iops": { - "markdownDescription": "The IOPS per volume.", - "title": "Iops", - "type": "number" - }, - "SizeGiB": { - "markdownDescription": "The EBS volume size in GiB.", - "title": "SizeGiB", - "type": "number" - }, - "ThroughputMiB": { - "markdownDescription": "The throughput per volume in MiB.", - "title": "ThroughputMiB", - "type": "number" + "Range": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.RangeOverride", + "markdownDescription": "The relative time period over which data is included in the aggregation for this override.", + "title": "Range" } }, "type": "object" }, - "AWS::Deadline::Fleet.FleetAmountCapability": { + "AWS::CustomerProfiles::SegmentDefinition.DateDimension": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of the fleet worker capability.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of fleet worker capability.", - "title": "Min", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the fleet capability.", - "title": "Name", + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "Min", - "Name" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Fleet.FleetAttributeCapability": { + "AWS::CustomerProfiles::SegmentDefinition.Dimension": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the fleet attribute capability for the worker.", - "title": "Name", + "CalculatedAttributes": { + "additionalProperties": false, + "markdownDescription": "Object that holds the calculated attributes to segment on.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.CalculatedAttributeDimension" + } + }, + "title": "CalculatedAttributes", + "type": "object" + }, + "ProfileAttributes": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileAttributes", + "markdownDescription": "Object that holds the profile attributes to segment on.", + "title": "ProfileAttributes" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::SegmentDefinition.ExtraLengthValueProfileDimension": { + "additionalProperties": false, + "properties": { + "DimensionType": { + "markdownDescription": "The action to segment with.", + "title": "DimensionType", "type": "string" }, "Values": { "items": { "type": "string" }, - "markdownDescription": "The number of fleet attribute capabilities.", + "markdownDescription": "The values to apply the DimensionType on.", "title": "Values", "type": "array" } }, "required": [ - "Name", + "DimensionType", "Values" ], "type": "object" }, - "AWS::Deadline::Fleet.FleetCapabilities": { + "AWS::CustomerProfiles::SegmentDefinition.Group": { "additionalProperties": false, "properties": { - "Amounts": { + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.Dimension" }, - "markdownDescription": "Amount capabilities of the fleet.", - "title": "Amounts", + "markdownDescription": "Defines the attributes to segment on.", + "title": "Dimensions", "type": "array" }, - "Attributes": { + "SourceSegments": { "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.SourceSegment" }, - "markdownDescription": "Attribute capabilities of the fleet.", - "title": "Attributes", + "markdownDescription": "Defines the starting source of data.", + "title": "SourceSegments", "type": "array" + }, + "SourceType": { + "markdownDescription": "Defines how to interact with the source data.", + "title": "SourceType", + "type": "string" + }, + "Type": { + "markdownDescription": "Defines how to interact with the profiles found in the current filtering.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::Deadline::Fleet.FleetConfiguration": { + "AWS::CustomerProfiles::SegmentDefinition.ProfileAttributes": { "additionalProperties": false, "properties": { - "CustomerManaged": { - "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedFleetConfiguration", - "markdownDescription": "The customer managed fleets within a fleet configuration.", - "title": "CustomerManaged" + "AccountNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within account number.", + "title": "AccountNumber" }, - "ServiceManagedEc2": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration", - "markdownDescription": "The service managed Amazon EC2 instances for a fleet configuration.", - "title": "ServiceManagedEc2" + "AdditionalInformation": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ExtraLengthValueProfileDimension", + "markdownDescription": "A field to describe values to segment on within additional information.", + "title": "AdditionalInformation" + }, + "Address": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within address.", + "title": "Address" + }, + "Attributes": { + "additionalProperties": false, + "markdownDescription": "A field to describe values to segment on within attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AttributeDimension" + } + }, + "title": "Attributes", + "type": "object" + }, + "BillingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within billing address.", + "title": "BillingAddress" + }, + "BirthDate": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.DateDimension", + "markdownDescription": "A field to describe values to segment on within birthDate.", + "title": "BirthDate" + }, + "BusinessEmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business email address.", + "title": "BusinessEmailAddress" + }, + "BusinessName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business name.", + "title": "BusinessName" + }, + "BusinessPhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within business phone number.", + "title": "BusinessPhoneNumber" + }, + "EmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within email address.", + "title": "EmailAddress" + }, + "FirstName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within first name.", + "title": "FirstName" + }, + "GenderString": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within genderString.", + "title": "GenderString" + }, + "HomePhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within home phone number.", + "title": "HomePhoneNumber" + }, + "LastName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within last name.", + "title": "LastName" + }, + "MailingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within mailing address.", + "title": "MailingAddress" + }, + "MiddleName": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within middle name.", + "title": "MiddleName" + }, + "MobilePhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within mobile phone number.", + "title": "MobilePhoneNumber" + }, + "PartyTypeString": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within partyTypeString.", + "title": "PartyTypeString" + }, + "PersonalEmailAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within personal email address.", + "title": "PersonalEmailAddress" + }, + "PhoneNumber": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileDimension", + "markdownDescription": "A field to describe values to segment on within phone number.", + "title": "PhoneNumber" + }, + "ProfileType": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.ProfileTypeDimension", + "markdownDescription": "The type of profile.", + "title": "ProfileType" + }, + "ShippingAddress": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.AddressDimension", + "markdownDescription": "A field to describe values to segment on within shipping address.", + "title": "ShippingAddress" } }, "type": "object" }, - "AWS::Deadline::Fleet.MemoryMiBRange": { + "AWS::CustomerProfiles::SegmentDefinition.ProfileDimension": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory (in MiB).", - "title": "Max", - "type": "number" + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of memory (in MiB).", - "title": "Min", - "type": "number" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Values", + "type": "array" } }, "required": [ - "Min" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration": { + "AWS::CustomerProfiles::SegmentDefinition.ProfileTypeDimension": { "additionalProperties": false, "properties": { - "InstanceCapabilities": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities", - "markdownDescription": "The Amazon EC2 instance capabilities.", - "title": "InstanceCapabilities" + "DimensionType": { + "markdownDescription": "The action to segment on.", + "title": "DimensionType", + "type": "string" }, - "InstanceMarketOptions": { - "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions", - "markdownDescription": "The Amazon EC2 market type.", - "title": "InstanceMarketOptions" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to apply the DimensionType on.", + "title": "Values", + "type": "array" } }, "required": [ - "InstanceCapabilities", - "InstanceMarketOptions" + "DimensionType", + "Values" ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities": { + "AWS::CustomerProfiles::SegmentDefinition.RangeOverride": { "additionalProperties": false, "properties": { - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The allowable Amazon EC2 instance types.", - "title": "AllowedInstanceTypes", - "type": "array" - }, - "CpuArchitectureType": { - "markdownDescription": "The CPU architecture type.", - "title": "CpuArchitectureType", - "type": "string" - }, - "CustomAmounts": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" - }, - "markdownDescription": "The custom capability amounts to require for instances in this fleet.", - "title": "CustomAmounts", - "type": "array" - }, - "CustomAttributes": { - "items": { - "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" - }, - "markdownDescription": "The custom capability attributes to require for instances in this fleet.", - "title": "CustomAttributes", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude from the fleet.", - "title": "ExcludedInstanceTypes", - "type": "array" + "End": { + "markdownDescription": "The end time of when to include objects.", + "title": "End", + "type": "number" }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", - "markdownDescription": "The memory, as MiB, for the Amazon EC2 instance type.", - "title": "MemoryMiB" + "Start": { + "markdownDescription": "The start time of when to include objects.", + "title": "Start", + "type": "number" }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", + "Unit": { + "markdownDescription": "The unit for start and end.", + "title": "Unit", "type": "string" - }, - "RootEbsVolume": { - "$ref": "#/definitions/AWS::Deadline::Fleet.Ec2EbsVolume", - "markdownDescription": "The root EBS volume.", - "title": "RootEbsVolume" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", - "markdownDescription": "The amount of vCPU to require for instances in this fleet.", - "title": "VCpuCount" } }, "required": [ - "CpuArchitectureType", - "MemoryMiB", - "OsFamily", - "VCpuCount" + "Start", + "Unit" ], "type": "object" }, - "AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions": { + "AWS::CustomerProfiles::SegmentDefinition.SegmentGroup": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The Amazon EC2 instance type.", - "title": "Type", + "Groups": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition.Group" + }, + "markdownDescription": "Holds the list of groups within the segment definition.", + "title": "Groups", + "type": "array" + }, + "Include": { + "markdownDescription": "Defines whether to include or exclude the profiles that fit the segment criteria.", + "title": "Include", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Deadline::Fleet.VCpuCountRange": { + "AWS::CustomerProfiles::SegmentDefinition.SourceSegment": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of vCPU.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of vCPU.", - "title": "Min", - "type": "number" + "SegmentDefinitionName": { + "markdownDescription": "The name of the source segment.", + "title": "SegmentDefinitionName", + "type": "string" } }, - "required": [ - "Min" - ], "type": "object" }, - "AWS::Deadline::LicenseEndpoint": { + "AWS::DAX::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -65076,38 +71704,96 @@ "Properties": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "AvailabilityZones": { "items": { "type": "string" }, - "markdownDescription": "The identifier of the Amazon EC2 security group that controls access to the license endpoint.", - "title": "SecurityGroupIds", + "markdownDescription": "The Availability Zones (AZs) in which the cluster nodes will reside after the cluster has been created or updated. If provided, the length of this list must equal the `ReplicationFactor` parameter. If you omit this parameter, DAX will spread the nodes across Availability Zones for the highest availability.", + "title": "AvailabilityZones", "type": "array" }, - "SubnetIds": { + "ClusterEndpointEncryptionType": { + "markdownDescription": "The encryption type of the cluster's endpoint. Available values are:\n\n- `NONE` - The cluster's endpoint will be unencrypted.\n- `TLS` - The cluster's endpoint will be encrypted with Transport Layer Security, and will provide an x509 certificate for authentication.\n\nThe default value is `NONE` .", + "title": "ClusterEndpointEncryptionType", + "type": "string" + }, + "ClusterName": { + "markdownDescription": "The name of the DAX cluster.", + "title": "ClusterName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the cluster.", + "title": "Description", + "type": "string" + }, + "IAMRoleARN": { + "markdownDescription": "A valid Amazon Resource Name (ARN) that identifies an IAM role. At runtime, DAX will assume this role and use the role's permissions to access DynamoDB on your behalf.", + "title": "IAMRoleARN", + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "NodeType": { + "markdownDescription": "The node type for the nodes in the cluster. (All nodes in a DAX cluster are of the same type.)", + "title": "NodeType", + "type": "string" + }, + "NotificationTopicARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which notifications will be sent.\n\n> The Amazon SNS topic owner must be same as the DAX cluster owner.", + "title": "NotificationTopicARN", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The parameter group to be associated with the DAX cluster.", + "title": "ParameterGroupName", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "A range of time when maintenance of DAX cluster software will be performed. For example: `sun:01:00-sun:09:00` . Cluster maintenance normally takes less than 30 minutes, and is performed automatically within the maintenance window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "ReplicationFactor": { + "markdownDescription": "The number of nodes in the DAX cluster. A replication factor of 1 will create a single-node cluster, without any read replicas. For additional fault tolerance, you can create a multiple node cluster with one or more read replicas. To do this, set `ReplicationFactor` to a number between 3 (one primary and two read replicas) and 10 (one primary and nine read replicas). `If the AvailabilityZones` parameter is provided, its length must equal the `ReplicationFactor` .\n\n> AWS recommends that you have at least two read replicas per cluster.", + "title": "ReplicationFactor", + "type": "number" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DAX::Cluster.SSESpecification", + "markdownDescription": "Represents the settings used to enable server-side encryption on the cluster.", + "title": "SSESpecification" + }, + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "Identifies the VPC subnets that can connect to a license endpoint.", - "title": "SubnetIds", + "markdownDescription": "A list of security group IDs to be assigned to each node in the DAX cluster. (Each of the security group ID is system-generated.)\n\nIf this parameter is not specified, DAX assigns the default VPC security group to each node.", + "title": "SecurityGroupIds", "type": "array" }, - "VpcId": { - "markdownDescription": "The VCP(virtual private cloud) ID associated with the license endpoint.", - "title": "VpcId", + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the replication group.\n\n> DAX clusters can only run in an Amazon VPC environment. All of the subnets that you specify in a subnet group must exist in the same VPC.", + "title": "SubnetGroupName", "type": "string" + }, + "Tags": { + "markdownDescription": "A set of tags to associate with the DAX cluster.", + "title": "Tags", + "type": "object" } }, "required": [ - "SecurityGroupIds", - "SubnetIds", - "VpcId" + "IAMRoleARN", + "NodeType", + "ReplicationFactor" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::LicenseEndpoint" + "AWS::DAX::Cluster" ], "type": "string" }, @@ -65126,7 +71812,18 @@ ], "type": "object" }, - "AWS::Deadline::MeteredProduct": { + "AWS::DAX::Cluster.SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is enabled (true) or disabled (false) on the cluster.", + "title": "SSEEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DAX::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -65161,31 +71858,27 @@ "Properties": { "additionalProperties": false, "properties": { - "Family": { - "type": "string" - }, - "LicenseEndpointId": { - "markdownDescription": "The Amazon EC2 identifier of the license endpoint.", - "title": "LicenseEndpointId", + "Description": { + "markdownDescription": "A description of the parameter group.", + "title": "Description", "type": "string" }, - "Port": { - "type": "number" - }, - "ProductId": { - "markdownDescription": "The product ID.", - "title": "ProductId", + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group.", + "title": "ParameterGroupName", "type": "string" }, - "Vendor": { - "type": "string" + "ParameterNameValues": { + "markdownDescription": "An array of name-value pairs for the parameters in the group. Each element in the array represents a single parameter.\n\n> `record-ttl-millis` and `query-ttl-millis` are the only supported parameter names. For more details, see [Configuring TTL Settings](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl) .", + "title": "ParameterNameValues", + "type": "object" } }, "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::MeteredProduct" + "AWS::DAX::ParameterGroup" ], "type": "string" }, @@ -65203,7 +71896,7 @@ ], "type": "object" }, - "AWS::Deadline::Queue": { + "AWS::DAX::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -65238,66 +71931,155 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedStorageProfileIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems.", - "title": "AllowedStorageProfileIds", - "type": "array" + "Description": { + "markdownDescription": "The description of the subnet group.", + "title": "Description", + "type": "string" }, - "DefaultBudgetAction": { - "markdownDescription": "The default action taken on a queue summary if a budget wasn't configured.", - "title": "DefaultBudgetAction", + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group.", + "title": "SubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DAX::SubnetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CopyTags": { + "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "CopyTags", + "type": "boolean" + }, + "CreateInterval": { + "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", + "title": "CreateInterval", + "type": "number" + }, + "CrossRegionCopyTargets": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", + "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", + "title": "CrossRegionCopyTargets" + }, + "DefaultPolicy": { + "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", + "title": "DefaultPolicy", "type": "string" }, "Description": { - "markdownDescription": "A description of the queue that helps identify what the queue is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "markdownDescription": "A description of the lifecycle policy. The characters ^[0-9A-Za-z _-]+$ are supported.", "title": "Description", "type": "string" }, - "DisplayName": { - "markdownDescription": "The display name of the queue summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", - "type": "string" + "Exclusions": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", + "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", + "title": "Exclusions" }, - "FarmId": { - "markdownDescription": "The farm ID.", - "title": "FarmId", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to run the operations specified by the lifecycle policy.", + "title": "ExecutionRoleArn", "type": "string" }, - "JobAttachmentSettings": { - "$ref": "#/definitions/AWS::Deadline::Queue.JobAttachmentSettings", - "markdownDescription": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix.", - "title": "JobAttachmentSettings" + "ExtendDeletion": { + "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "ExtendDeletion", + "type": "boolean" }, - "JobRunAsUser": { - "$ref": "#/definitions/AWS::Deadline::Queue.JobRunAsUser", - "markdownDescription": "Identifies the user for a job.", - "title": "JobRunAsUser" + "PolicyDetails": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.PolicyDetails", + "markdownDescription": "The configuration details of the lifecycle policy.\n\n> If you create a default policy, you can specify the request parameters either in the request body, or in the PolicyDetails request structure, but not both.", + "title": "PolicyDetails" }, - "RequiredFileSystemLocationNames": { + "RetainInterval": { + "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", + "title": "RetainInterval", + "type": "number" + }, + "State": { + "markdownDescription": "The activation state of the lifecycle policy.", + "title": "State", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The file system location that the queue uses.", - "title": "RequiredFileSystemLocationNames", + "markdownDescription": "The tags to apply to the lifecycle policy during creation.", + "title": "Tags", "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue.", - "title": "RoleArn", - "type": "string" } }, - "required": [ - "DisplayName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::Queue" + "AWS::DLM::LifecyclePolicy" ], "type": "string" }, @@ -65311,187 +72093,682 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Deadline::Queue.JobAttachmentSettings": { + "AWS::DLM::LifecyclePolicy.Action": { "additionalProperties": false, "properties": { - "RootPrefix": { - "markdownDescription": "The root prefix.", - "title": "RootPrefix", - "type": "string" + "CrossRegionCopy": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyAction" + }, + "markdownDescription": "The rule for copying shared snapshots across Regions.", + "title": "CrossRegionCopy", + "type": "array" }, - "S3BucketName": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3BucketName", + "Name": { + "markdownDescription": "A descriptive name for the action.", + "title": "Name", "type": "string" } }, "required": [ - "RootPrefix", - "S3BucketName" + "CrossRegionCopy", + "Name" ], "type": "object" }, - "AWS::Deadline::Queue.JobRunAsUser": { + "AWS::DLM::LifecyclePolicy.ArchiveRetainRule": { "additionalProperties": false, "properties": { - "Posix": { - "$ref": "#/definitions/AWS::Deadline::Queue.PosixUser", - "markdownDescription": "The user and group that the jobs in the queue run as.", - "title": "Posix" + "RetentionArchiveTier": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetentionArchiveTier", + "markdownDescription": "Information about retention period in the Amazon EBS Snapshots Archive. For more information, see [Archive Amazon EBS snapshots](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/snapshot-archive.html) .", + "title": "RetentionArchiveTier" + } + }, + "required": [ + "RetentionArchiveTier" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.ArchiveRule": { + "additionalProperties": false, + "properties": { + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRetainRule", + "markdownDescription": "Information about the retention period for the snapshot archiving rule.", + "title": "RetainRule" + } + }, + "required": [ + "RetainRule" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.CreateRule": { + "additionalProperties": false, + "properties": { + "CronExpression": { + "markdownDescription": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. For more information, see the [Cron and rate expressions](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) in the *Amazon EventBridge User Guide* .", + "title": "CronExpression", + "type": "string" }, - "RunAs": { - "markdownDescription": "Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user.", - "title": "RunAs", + "Interval": { + "markdownDescription": "The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The interval unit.", + "title": "IntervalUnit", "type": "string" }, - "Windows": { - "$ref": "#/definitions/AWS::Deadline::Queue.WindowsUser", - "markdownDescription": "Identifies a Microsoft Windows user.", - "title": "Windows" + "Location": { + "markdownDescription": "*[Custom snapshot policies only]* Specifies the destination for snapshots created by the policy. The allowed destinations depend on the location of the targeted resources.\n\n- If the policy targets resources in a Region, then you must create snapshots in the same Region as the source resource.\n- If the policy targets resources in a Local Zone, you can create snapshots in the same Local Zone or in its parent Region.\n- If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost or in its parent Region.\n\nSpecify one of the following values:\n\n- To create snapshots in the same Region as the source resource, specify `CLOUD` .\n- To create snapshots in the same Local Zone as the source resource, specify `LOCAL_ZONE` .\n- To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL` .\n\nDefault: `CLOUD`", + "title": "Location", + "type": "string" + }, + "Scripts": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" + }, + "markdownDescription": "*[Custom snapshot policies that target instances only]* Specifies pre and/or post scripts for a snapshot lifecycle policy that targets instances. This is useful for creating application-consistent snapshots, or for performing specific administrative tasks before or after Amazon Data Lifecycle Manager initiates snapshot creation.\n\nFor more information, see [Automating application-consistent snapshots with pre and post scripts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/automate-app-consistent-backups.html) .", + "title": "Scripts", + "type": "array" + }, + "Times": { + "items": { + "type": "string" + }, + "markdownDescription": "The time, in UTC, to start the operation. The supported format is hh:mm.\n\nThe operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon Data Lifecycle Manager selects a time within the next 24 hours.", + "title": "Times", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.CrossRegionCopyAction": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EncryptionConfiguration", + "markdownDescription": "The encryption settings for the copied snapshot.", + "title": "EncryptionConfiguration" + }, + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", + "markdownDescription": "Specifies a retention rule for cross-Region snapshot copies created by snapshot or event-based policies, or cross-Region AMI copies created by AMI policies. After the retention period expires, the cross-Region copy is deleted.", + "title": "RetainRule" + }, + "Target": { + "markdownDescription": "The target Region.", + "title": "Target", + "type": "string" } }, "required": [ - "RunAs" + "EncryptionConfiguration", + "Target" ], "type": "object" }, - "AWS::Deadline::Queue.PosixUser": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule": { "additionalProperties": false, "properties": { - "Group": { - "markdownDescription": "The name of the POSIX user's group.", - "title": "Group", + "Interval": { + "markdownDescription": "The period after which to deprecate the cross-Region AMI copies. The period must be less than or equal to the cross-Region AMI copy retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to deprecate a cross-Region AMI copy after 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", "type": "string" + } + }, + "required": [ + "Interval", + "IntervalUnit" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule": { + "additionalProperties": false, + "properties": { + "Interval": { + "markdownDescription": "The amount of time to retain a cross-Region snapshot or AMI copy. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" }, - "User": { - "markdownDescription": "The name of the POSIX user.", - "title": "User", + "IntervalUnit": { + "markdownDescription": "The unit of time for time-based retention. For example, to retain a cross-Region copy for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", "type": "string" } }, "required": [ - "Group", - "User" + "Interval", + "IntervalUnit" ], "type": "object" }, - "AWS::Deadline::Queue.WindowsUser": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyRule": { "additionalProperties": false, "properties": { - "PasswordArn": { - "markdownDescription": "The password ARN for the Windows user.", - "title": "PasswordArn", + "CmkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", + "title": "CmkArn", "type": "string" }, - "User": { - "markdownDescription": "The user.", - "title": "User", + "CopyTags": { + "markdownDescription": "Indicates whether to copy all user-defined tags from the source snapshot or AMI to the cross-Region copy.", + "title": "CopyTags", + "type": "boolean" + }, + "DeprecateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule", + "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for cross-Region AMI copies created by the rule.", + "title": "DeprecateRule" + }, + "Encrypted": { + "markdownDescription": "To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.", + "title": "Encrypted", + "type": "boolean" + }, + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", + "markdownDescription": "The retention rule that indicates how long the cross-Region snapshot or AMI copies are to be retained in the destination Region.", + "title": "RetainRule" + }, + "Target": { + "markdownDescription": "> Use this parameter for snapshot policies only. For AMI policies, use *TargetRegion* instead. \n\n*[Custom snapshot policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", + "title": "Target", + "type": "string" + }, + "TargetRegion": { + "markdownDescription": "> Use this parameter for AMI policies only. For snapshot policies, use *Target* instead. For snapshot policies created before the *Target* parameter was introduced, this parameter indicates the target Region for snapshot copies. \n\n*[Custom AMI policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", + "title": "TargetRegion", "type": "string" } }, "required": [ - "PasswordArn", - "User" + "Encrypted" ], "type": "object" }, - "AWS::Deadline::QueueEnvironment": { + "AWS::DLM::LifecyclePolicy.CrossRegionCopyTarget": { "additionalProperties": false, "properties": { - "Condition": { + "TargetRegion": { "type": "string" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.DeprecateRule": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "If the schedule has a count-based retention rule, this parameter specifies the number of oldest AMIs to deprecate. The count must be less than or equal to the schedule's retention count, and it can't be greater than 1000.", + "title": "Count", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Interval": { + "markdownDescription": "If the schedule has an age-based retention rule, this parameter specifies the period after which to deprecate AMIs created by the schedule. The period must be less than or equal to the schedule's retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* .", + "title": "IntervalUnit", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "CmkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", + "title": "CmkArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Encrypted": { + "markdownDescription": "To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled.", + "title": "Encrypted", + "type": "boolean" + } + }, + "required": [ + "Encrypted" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.EventParameters": { + "additionalProperties": false, + "properties": { + "DescriptionRegex": { + "markdownDescription": "The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.\n\nFor example, specifying `^.*Created for policy: policy-1234567890abcdef0.*$` configures the policy to run only if snapshots created by policy `policy-1234567890abcdef0` are shared with your account.", + "title": "DescriptionRegex", + "type": "string" }, - "Metadata": { - "type": "object" + "EventType": { + "markdownDescription": "The type of event. Currently, only snapshot sharing events are supported.", + "title": "EventType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "FarmId": { - "markdownDescription": "The identifier assigned to the farm that contains the queue.", - "title": "FarmId", - "type": "string" - }, - "Priority": { - "markdownDescription": "The queue environment's priority.", - "title": "Priority", - "type": "number" - }, - "QueueId": { - "markdownDescription": "The unique identifier of the queue that contains the environment.", - "title": "QueueId", - "type": "string" - }, - "Template": { - "markdownDescription": "A JSON or YAML template that describes the processing environment for the queue.", - "title": "Template", - "type": "string" - }, - "TemplateType": { - "markdownDescription": "Specifies whether the template for the queue environment is JSON or YAML.", - "title": "TemplateType", - "type": "string" - } + "SnapshotOwner": { + "items": { + "type": "string" }, - "required": [ - "FarmId", - "Priority", - "QueueId", - "Template", - "TemplateType" - ], - "type": "object" + "markdownDescription": "The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.", + "title": "SnapshotOwner", + "type": "array" + } + }, + "required": [ + "EventType", + "SnapshotOwner" + ], + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.EventSource": { + "additionalProperties": false, + "properties": { + "Parameters": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventParameters", + "markdownDescription": "Information about the event.", + "title": "Parameters" }, "Type": { - "enum": [ - "AWS::Deadline::QueueEnvironment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The source of the event. Currently only managed Amazon EventBridge (formerly known as Amazon CloudWatch) events are supported.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Deadline::QueueFleetAssociation": { + "AWS::DLM::LifecyclePolicy.ExcludeTags": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.Exclusions": { + "additionalProperties": false, + "properties": { + "ExcludeBootVolumes": { + "markdownDescription": "*[Default policies for EBS snapshots only]* Indicates whether to exclude volumes that are attached to instances as the boot volume. If you exclude boot volumes, only volumes attached as data (non-boot) volumes will be backed up by the policy. To exclude boot volumes, specify `true` .", + "title": "ExcludeBootVolumes", + "type": "boolean" + }, + "ExcludeTags": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeTags", + "markdownDescription": "*[Default policies for EBS-backed AMIs only]* Specifies whether to exclude volumes that have specific tags.", + "title": "ExcludeTags" + }, + "ExcludeVolumeTypes": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList", + "markdownDescription": "*[Default policies for EBS snapshots only]* Specifies the volume types to exclude. Volumes of the specified types will not be targeted by the policy.", + "title": "ExcludeVolumeTypes" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.FastRestoreRule": { + "additionalProperties": false, + "properties": { + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones in which to enable fast snapshot restore.", + "title": "AvailabilityZones", + "type": "array" + }, + "Count": { + "markdownDescription": "The number of snapshots to be enabled with fast snapshot restore.", + "title": "Count", + "type": "number" + }, + "Interval": { + "markdownDescription": "The amount of time to enable fast snapshot restore. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time for enabling fast snapshot restore.", + "title": "IntervalUnit", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.Parameters": { + "additionalProperties": false, + "properties": { + "ExcludeBootVolume": { + "markdownDescription": "*[Custom snapshot policies that target instances only]* Indicates whether to exclude the root volume from multi-volume snapshot sets. The default is `false` . If you specify `true` , then the root volumes attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", + "title": "ExcludeBootVolume", + "type": "boolean" + }, + "ExcludeDataVolumeTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "*[Custom snapshot policies that target instances only]* The tags used to identify data (non-root) volumes to exclude from multi-volume snapshot sets.\n\nIf you create a snapshot lifecycle policy that targets instances and you specify tags for this parameter, then data volumes with the specified tags that are attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", + "title": "ExcludeDataVolumeTags", + "type": "array" + }, + "NoReboot": { + "markdownDescription": "*[Custom AMI policies only]* Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).", + "title": "NoReboot", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.PolicyDetails": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Action" + }, + "markdownDescription": "*[Event-based policies only]* The actions to be performed when the event-based policy is activated. You can specify only one action per policy.", + "title": "Actions", + "type": "array" + }, + "CopyTags": { + "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "CopyTags", + "type": "boolean" + }, + "CreateInterval": { + "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", + "title": "CreateInterval", + "type": "number" + }, + "CrossRegionCopyTargets": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", + "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", + "title": "CrossRegionCopyTargets" + }, + "EventSource": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventSource", + "markdownDescription": "*[Event-based policies only]* The event that activates the event-based policy.", + "title": "EventSource" + }, + "Exclusions": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", + "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", + "title": "Exclusions" + }, + "ExtendDeletion": { + "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", + "title": "ExtendDeletion", + "type": "boolean" + }, + "Parameters": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Parameters", + "markdownDescription": "*[Custom snapshot and AMI policies only]* A set of optional parameters for snapshot and AMI lifecycle policies.\n\n> If you are modifying a policy that was created or previously modified using the Amazon Data Lifecycle Manager console, then you must include this parameter and specify either the default values or the new values that you require. You can't omit this parameter or set its values to null.", + "title": "Parameters" + }, + "PolicyLanguage": { + "markdownDescription": "The type of policy to create. Specify one of the following:\n\n- `SIMPLIFIED` To create a default policy.\n- `STANDARD` To create a custom policy.", + "title": "PolicyLanguage", + "type": "string" + }, + "PolicyType": { + "markdownDescription": "The type of policy. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account .\n\nThe default is `EBS_SNAPSHOT_MANAGEMENT` .", + "title": "PolicyType", + "type": "string" + }, + "ResourceLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The location of the resources to backup.\n\n- If the source resources are located in a Region, specify `CLOUD` . In this case, the policy targets all resources of the specified type with matching target tags across all Availability Zones in the Region.\n- *[Custom snapshot policies only]* If the source resources are located in a Local Zone, specify `LOCAL_ZONE` . In this case, the policy targets all resources of the specified type with matching target tags across all Local Zones in the Region.\n- If the source resources are located on an Outpost in your account, specify `OUTPOST` . In this case, the policy targets all resources of the specified type with matching target tags across all of the Outposts in your account.", + "title": "ResourceLocations", + "type": "array" + }, + "ResourceType": { + "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", + "title": "ResourceType", + "type": "string" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "*[Custom snapshot policies only]* The target resource type for snapshot and AMI lifecycle policies. Use `VOLUME` to create snapshots of individual volumes or use `INSTANCE` to create multi-volume snapshots from the volumes for an instance.", + "title": "ResourceTypes", + "type": "array" + }, + "RetainInterval": { + "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", + "title": "RetainInterval", + "type": "number" + }, + "Schedules": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Schedule" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The schedules of policy-defined actions for snapshot and AMI lifecycle policies. A policy can have up to four schedules\u2014one mandatory schedule and up to three optional schedules.", + "title": "Schedules", + "type": "array" + }, + "TargetTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "*[Custom snapshot and AMI policies only]* The single tag that identifies targeted resources for this policy.", + "title": "TargetTags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.RetainRule": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The number of snapshots to retain for each volume, up to a maximum of 1000. For example if you want to retain a maximum of three snapshots, specify `3` . When the fourth snapshot is created, the oldest retained snapshot is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", + "title": "Count", + "type": "number" + }, + "Interval": { + "markdownDescription": "The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time for time-based retention. For example, to retain snapshots for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` . Once the snapshot has been retained for 3 months, it is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", + "title": "IntervalUnit", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.RetentionArchiveTier": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "The maximum number of snapshots to retain in the archive storage tier for each volume. The count must ensure that each snapshot remains in the archive tier for at least 90 days. For example, if the schedule creates snapshots every 30 days, you must specify a count of 3 or more to ensure that each snapshot is archived for at least 90 days.", + "title": "Count", + "type": "number" + }, + "Interval": { + "markdownDescription": "Specifies the period of time to retain snapshots in the archive tier. After this period expires, the snapshot is permanently deleted.", + "title": "Interval", + "type": "number" + }, + "IntervalUnit": { + "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to retain a snapshots in the archive tier for 6 months, specify `Interval=6` and `IntervalUnit=MONTHS` .", + "title": "IntervalUnit", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.Schedule": { + "additionalProperties": false, + "properties": { + "ArchiveRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRule", + "markdownDescription": "*[Custom snapshot policies that target volumes only]* The snapshot archiving rule for the schedule. When you specify an archiving rule, snapshots are automatically moved from the standard tier to the archive tier once the schedule's retention threshold is met. Snapshots are then retained in the archive tier for the archive retention period that you specify.\n\nFor more information about using snapshot archiving, see [Considerations for snapshot lifecycle policies](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-ami-policy.html#dlm-archive) .", + "title": "ArchiveRule" + }, + "CopyTags": { + "markdownDescription": "Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.", + "title": "CopyTags", + "type": "boolean" + }, + "CreateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CreateRule", + "markdownDescription": "The creation rule.", + "title": "CreateRule" + }, + "CrossRegionCopyRules": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRule" + }, + "markdownDescription": "Specifies a rule for copying snapshots or AMIs across Regions.\n\n> You can't specify cross-Region copy rules for policies that create snapshots on an Outpost or in a Local Zone. If the policy creates snapshots in a Region, then snapshots can be copied to up to three Regions or Outposts.", + "title": "CrossRegionCopyRules", + "type": "array" + }, + "DeprecateRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.DeprecateRule", + "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for the schedule.", + "title": "DeprecateRule" + }, + "FastRestoreRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.FastRestoreRule", + "markdownDescription": "*[Custom snapshot policies only]* The rule for enabling fast snapshot restore.", + "title": "FastRestoreRule" + }, + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", + "type": "string" + }, + "RetainRule": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetainRule", + "markdownDescription": "The retention rule for snapshots or AMIs created by the policy.", + "title": "RetainRule" + }, + "ShareRules": { + "items": { + "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ShareRule" + }, + "markdownDescription": "*[Custom snapshot policies only]* The rule for sharing snapshots with other AWS accounts .", + "title": "ShareRules", + "type": "array" + }, + "TagsToAdd": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS -added lifecycle tags.", + "title": "TagsToAdd", + "type": "array" + }, + "VariableTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "*[AMI policies and snapshot policies that target instances only]* A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: `$(instance-id)` or `$(timestamp)` . Variable tags are only valid for EBS Snapshot Management \u2013 Instance policies.", + "title": "VariableTags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.Script": { + "additionalProperties": false, + "properties": { + "ExecuteOperationOnScriptFailure": { + "markdownDescription": "Indicates whether Amazon Data Lifecycle Manager should default to crash-consistent snapshots if the pre script fails.\n\n- To default to crash consistent snapshot if the pre script fails, specify `true` .\n- To skip the instance for snapshot creation if the pre script fails, specify `false` .\n\nThis parameter is supported only if you run a pre script. If you run a post script only, omit this parameter.\n\nDefault: true", + "title": "ExecuteOperationOnScriptFailure", + "type": "boolean" + }, + "ExecutionHandler": { + "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", + "title": "ExecutionHandler", + "type": "string" + }, + "ExecutionHandlerService": { + "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", + "title": "ExecutionHandlerService", + "type": "string" + }, + "ExecutionTimeout": { + "markdownDescription": "Specifies a timeout period, in seconds, after which Amazon Data Lifecycle Manager fails the script run attempt if it has not completed. If a script does not complete within its timeout period, Amazon Data Lifecycle Manager fails the attempt. The timeout period applies to the pre and post scripts individually.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: 10", + "title": "ExecutionTimeout", + "type": "number" + }, + "MaximumRetryCount": { + "markdownDescription": "Specifies the number of times Amazon Data Lifecycle Manager should retry scripts that fail.\n\n- If the pre script fails, Amazon Data Lifecycle Manager retries the entire snapshot creation process, including running the pre and post scripts.\n- If the post script fails, Amazon Data Lifecycle Manager retries the post script only; in this case, the pre script will have completed and the snapshot might have been created.\n\nIf you do not want Amazon Data Lifecycle Manager to retry failed scripts, specify `0` .\n\nDefault: 0", + "title": "MaximumRetryCount", + "type": "number" + }, + "Stages": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicate which scripts Amazon Data Lifecycle Manager should run on target instances. Pre scripts run before Amazon Data Lifecycle Manager initiates snapshot creation. Post scripts run after Amazon Data Lifecycle Manager initiates snapshot creation.\n\n- To run a pre script only, specify `PRE` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation.\n- To run a post script only, specify `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `post-script` parameter after initiating snapshot creation.\n- To run both pre and post scripts, specify both `PRE` and `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation, and then it calls the SSM document again with the `post-script` parameter after initiating snapshot creation.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: PRE and POST", + "title": "Stages", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.ShareRule": { + "additionalProperties": false, + "properties": { + "TargetAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the AWS accounts with which to share the snapshots.", + "title": "TargetAccounts", + "type": "array" + }, + "UnshareInterval": { + "markdownDescription": "The period after which snapshots that are shared with other AWS accounts are automatically unshared.", + "title": "UnshareInterval", + "type": "number" + }, + "UnshareIntervalUnit": { + "markdownDescription": "The unit of time for the automatic unsharing interval.", + "title": "UnshareIntervalUnit", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DLM::LifecyclePolicy.VolumeTypeValues": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::DMS::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -65526,32 +72803,27 @@ "Properties": { "additionalProperties": false, "properties": { - "FarmId": { - "markdownDescription": "The identifier of the farm that contains the queue and the fleet.", - "title": "FarmId", + "CertificateIdentifier": { + "markdownDescription": "A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.", + "title": "CertificateIdentifier", "type": "string" }, - "FleetId": { - "markdownDescription": "The fleet ID.", - "title": "FleetId", + "CertificatePem": { + "markdownDescription": "The contents of a `.pem` file, which contains an X.509 certificate.", + "title": "CertificatePem", "type": "string" }, - "QueueId": { - "markdownDescription": "The queue ID.", - "title": "QueueId", + "CertificateWallet": { + "markdownDescription": "The location of an imported Oracle Wallet certificate for use with SSL. An example is: `filebase64(\"${path.root}/rds-ca-2019-root.sso\")`", + "title": "CertificateWallet", "type": "string" } }, - "required": [ - "FarmId", - "FleetId", - "QueueId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::QueueFleetAssociation" + "AWS::DMS::Certificate" ], "type": "string" }, @@ -65565,12 +72837,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Deadline::StorageProfile": { + "AWS::DMS::DataMigration": { "additionalProperties": false, "properties": { "Condition": { @@ -65605,39 +72876,63 @@ "Properties": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The display name of the storage profile summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", - "title": "DisplayName", + "DataMigrationIdentifier": { + "markdownDescription": "", + "title": "DataMigrationIdentifier", "type": "string" }, - "FarmId": { - "markdownDescription": "The unique identifier of the farm that contains the storage profile.", - "title": "FarmId", + "DataMigrationName": { + "markdownDescription": "The user-friendly name for the data migration.", + "title": "DataMigrationName", "type": "string" }, - "FileSystemLocations": { + "DataMigrationSettings": { + "$ref": "#/definitions/AWS::DMS::DataMigration.DataMigrationSettings", + "markdownDescription": "Specifies CloudWatch settings and selection rules for the data migration.", + "title": "DataMigrationSettings" + }, + "DataMigrationType": { + "markdownDescription": "Specifies whether the data migration is full-load only, change data capture (CDC) only, or full-load and CDC.", + "title": "DataMigrationType", + "type": "string" + }, + "MigrationProjectIdentifier": { + "markdownDescription": "", + "title": "MigrationProjectIdentifier", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The IAM role that the data migration uses to access AWS resources.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "SourceDataSettings": { "items": { - "$ref": "#/definitions/AWS::Deadline::StorageProfile.FileSystemLocation" + "$ref": "#/definitions/AWS::DMS::DataMigration.SourceDataSettings" }, - "markdownDescription": "Operating system specific file system path to the storage location.", - "title": "FileSystemLocations", + "markdownDescription": "Specifies information about the data migration's source data provider.", + "title": "SourceDataSettings", "type": "array" }, - "OsFamily": { - "markdownDescription": "The operating system (OS) family.", - "title": "OsFamily", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "DisplayName", - "OsFamily" + "DataMigrationType", + "MigrationProjectIdentifier", + "ServiceAccessRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Deadline::StorageProfile" + "AWS::DMS::DataMigration" ], "type": "string" }, @@ -65656,33 +72951,54 @@ ], "type": "object" }, - "AWS::Deadline::StorageProfile.FileSystemLocation": { + "AWS::DMS::DataMigration.DataMigrationSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The location name.", - "title": "Name", + "CloudwatchLogsEnabled": { + "markdownDescription": "Whether to enable CloudWatch logging for the data migration.", + "title": "CloudwatchLogsEnabled", + "type": "boolean" + }, + "NumberOfJobs": { + "markdownDescription": "The number of parallel jobs that trigger parallel threads to unload the tables from the source, and then load them to the target.", + "title": "NumberOfJobs", + "type": "number" + }, + "SelectionRules": { + "markdownDescription": "A JSON-formatted string that defines what objects to include and exclude from the migration.", + "title": "SelectionRules", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DMS::DataMigration.SourceDataSettings": { + "additionalProperties": false, + "properties": { + "CDCStartPosition": { + "markdownDescription": "", + "title": "CDCStartPosition", "type": "string" }, - "Path": { - "markdownDescription": "The file path.", - "title": "Path", + "CDCStartTime": { + "markdownDescription": "", + "title": "CDCStartTime", "type": "string" }, - "Type": { - "markdownDescription": "The type of file.", - "title": "Type", + "CDCStopTime": { + "markdownDescription": "", + "title": "CDCStopTime", + "type": "string" + }, + "SlotName": { + "markdownDescription": "", + "title": "SlotName", "type": "string" } }, - "required": [ - "Name", - "Path", - "Type" - ], "type": "object" }, - "AWS::Detective::Graph": { + "AWS::DMS::DataProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -65717,25 +73033,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoEnableMembers": { - "markdownDescription": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.\n\nBy default, this property is set to `false` . If you want to change the value of this property, you must be the Detective administrator for the organization. For more information on setting a Detective administrator account, see [AWS::Detective::OrganizationAdmin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-detective-organizationadmin.html) .", - "title": "AutoEnableMembers", + "DataProviderIdentifier": { + "markdownDescription": "The identifier of the data provider. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "DataProviderIdentifier", + "type": "string" + }, + "DataProviderName": { + "markdownDescription": "The name of the data provider.", + "title": "DataProviderName", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the data provider. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The type of database engine for the data provider. Valid values include `\"aurora\"` , `\"aurora-postgresql\"` , `\"mysql\"` , `\"oracle\"` , `\"postgres\"` , `\"sqlserver\"` , `redshift` , `mariadb` , `mongodb` , `db2` , `db2-zos` and `docdb` . A value of `\"aurora\"` represents Amazon Aurora MySQL-Compatible Edition.", + "title": "Engine", + "type": "string" + }, + "ExactSettings": { + "markdownDescription": "", + "title": "ExactSettings", "type": "boolean" }, + "Settings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.Settings", + "markdownDescription": "The settings in JSON format for a data provider.", + "title": "Settings" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tag values to assign to the new behavior graph.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, + "required": [ + "Engine" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Detective::Graph" + "AWS::DMS::DataProvider" ], "type": "string" }, @@ -65749,459 +73093,452 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Detective::MemberInvitation": { + "AWS::DMS::DataProvider.DocDbSettings": { "additionalProperties": false, "properties": { - "Condition": { + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "The database name on the DocumentDB source endpoint.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DisableEmailNotification": { - "markdownDescription": "Whether to send an invitation email to the member account. If set to true, the member account does not receive an invitation email.", - "title": "DisableEmailNotification", - "type": "boolean" - }, - "GraphArn": { - "markdownDescription": "The ARN of the behavior graph to invite the account to contribute data to.", - "title": "GraphArn", - "type": "string" - }, - "MemberEmailAddress": { - "markdownDescription": "The root user email address of the invited account. If the email address provided is not the root user email address for the provided account, the invitation creation fails.", - "title": "MemberEmailAddress", - "type": "string" - }, - "MemberId": { - "markdownDescription": "The AWS account identifier of the invited account", - "title": "MemberId", - "type": "string" - }, - "Message": { - "markdownDescription": "Customized text to include in the invitation email message.", - "title": "Message", - "type": "string" - } - }, - "required": [ - "GraphArn", - "MemberEmailAddress", - "MemberId" - ], - "type": "object" + "Port": { + "markdownDescription": "The port value for the DocumentDB source endpoint.", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Detective::MemberInvitation" - ], + "ServerName": { + "markdownDescription": "The name of the server on the DocumentDB source endpoint.", + "title": "ServerName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "DatabaseName", + "Port", + "ServerName" ], "type": "object" }, - "AWS::Detective::OrganizationAdmin": { + "AWS::DMS::DataProvider.IbmDb2LuwSettings": { "additionalProperties": false, "properties": { - "Condition": { + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The AWS account identifier of the account to designate as the Detective administrator account for the organization.", - "title": "AccountId", - "type": "string" - } - }, - "required": [ - "AccountId" - ], - "type": "object" + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Detective::OrganizationAdmin" - ], + "ServerName": { + "markdownDescription": "", + "title": "ServerName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DevOpsGuru::LogAnomalyDetectionIntegration": { + "AWS::DMS::DataProvider.IbmDb2zOsSettings": { "additionalProperties": false, "properties": { - "Condition": { + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": {}, - "type": "object" + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::LogAnomalyDetectionIntegration" - ], + "ServerName": { + "markdownDescription": "", + "title": "ServerName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel": { + "AWS::DMS::DataProvider.MariaDbSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Config": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig", - "markdownDescription": "A `NotificationChannelConfig` object that contains information about configured notification channels.", - "title": "Config" - } - }, - "required": [ - "Config" - ], - "type": "object" + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::NotificationChannel" - ], + "ServerName": { + "markdownDescription": "", + "title": "ServerName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { + "AWS::DMS::DataProvider.MicrosoftSqlServerSettings": { "additionalProperties": false, "properties": { - "Filters": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig", - "markdownDescription": "The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity.", - "title": "Filters" + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" }, - "Sns": { - "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig", - "markdownDescription": "Information about a notification channel configured in DevOps Guru to send notifications when insights are created.\n\nIf you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) .\n\nIf you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS\u2013encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) .", - "title": "Sns" + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" + }, + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, + "required": [ + "DatabaseName", + "Port", + "ServerName", + "SslMode" + ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig": { + "AWS::DMS::DataProvider.MongoDbSettings": { "additionalProperties": false, "properties": { - "MessageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created.", - "title": "MessageTypes", - "type": "array" + "AuthMechanism": { + "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", + "title": "AuthMechanism", + "type": "string" }, - "Severities": { - "items": { - "type": "string" - }, - "markdownDescription": "The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) .", - "title": "Severities", - "type": "array" + "AuthSource": { + "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", + "title": "AuthSource", + "type": "string" + }, + "AuthType": { + "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen when set to `\"no\"` , user name and password parameters are not used and can be empty.", + "title": "AuthType", + "type": "string" + }, + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The database name on the MongoDB source endpoint.", + "title": "DatabaseName", + "type": "string" + }, + "Port": { + "markdownDescription": "The port value for the MongoDB source endpoint.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "The name of the server on the MongoDB source endpoint. For MongoDB Atlas, provide the server name for any of the servers in the replication set.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, + "required": [ + "Port", + "ServerName" + ], "type": "object" }, - "AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig": { + "AWS::DMS::DataProvider.MySqlSettings": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.", - "title": "TopicArn", + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" + }, + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS MySQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora MySQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, + "required": [ + "Port", + "ServerName", + "SslMode" + ], "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection": { + "AWS::DMS::DataProvider.OracleSettings": { "additionalProperties": false, "properties": { - "Condition": { + "AsmServer": { + "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmServer", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" }, - "Metadata": { - "type": "object" + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceCollectionFilter": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter", - "markdownDescription": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru.", - "title": "ResourceCollectionFilter" - } - }, - "required": [ - "ResourceCollectionFilter" - ], - "type": "object" + "SecretsManagerOracleAsmAccessRoleArn": { + "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both. For more information on creating this `SecretsManagerOracleAsmSecret` and the `SecretsManagerOracleAsmAccessRoleArn` and `SecretsManagerOracleAsmSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerOracleAsmAccessRoleArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::DevOpsGuru::ResourceCollection" - ], + "SecretsManagerOracleAsmSecretId": { + "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN, partial ARN, or friendly name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", + "title": "SecretsManagerOracleAsmSecretId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecretsManagerSecurityDbEncryptionAccessRoleArn": { + "markdownDescription": "", + "title": "SecretsManagerSecurityDbEncryptionAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecurityDbEncryptionSecretId": { + "markdownDescription": "", + "title": "SecretsManagerSecurityDbEncryptionSecretId", + "type": "string" + }, + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint.\n\nFor an Amazon RDS Oracle instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "DatabaseName", + "Port", + "ServerName", + "SslMode" ], "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter": { + "AWS::DMS::DataProvider.PostgreSqlSettings": { "additionalProperties": false, "properties": { - "StackNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of CloudFormation stack names.", - "title": "StackNames", - "type": "array" + "CertificateArn": { + "markdownDescription": "", + "title": "CertificateArn", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", + "type": "string" + }, + "Port": { + "markdownDescription": "Endpoint TCP port. The default is 5432.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS PostgreSQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora PostgreSQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "", + "title": "SslMode", + "type": "string" } }, + "required": [ + "DatabaseName", + "Port", + "ServerName", + "SslMode" + ], "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter": { + "AWS::DMS::DataProvider.RedshiftSettings": { "additionalProperties": false, "properties": { - "CloudFormation": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter", - "markdownDescription": "Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* .", - "title": "CloudFormation" + "DatabaseName": { + "markdownDescription": "The name of the Amazon Redshift data warehouse (service) that you are working with.", + "title": "DatabaseName", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.TagCollection" - }, - "markdownDescription": "The AWS tags used to filter the resources in the resource collection.\n\nTags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper.\n\nEach AWS tag has two parts.\n\n- A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive.\n- A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified.\n\nTogether these are known as *key* - *value* pairs.\n\n> The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", - "title": "Tags", - "type": "array" + "Port": { + "markdownDescription": "The port number for Amazon Redshift. The default value is 5439.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "The name of the Amazon Redshift cluster you are using.", + "title": "ServerName", + "type": "string" } }, + "required": [ + "DatabaseName", + "Port", + "ServerName" + ], "type": "object" }, - "AWS::DevOpsGuru::ResourceCollection.TagCollection": { + "AWS::DMS::DataProvider.Settings": { "additionalProperties": false, "properties": { - "AppBoundaryKey": { - "markdownDescription": "An AWS tag *key* that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this *key* make up your DevOps Guru application and analysis boundary.\n\n> When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", - "title": "AppBoundaryKey", - "type": "string" + "DocDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.DocDbSettings", + "markdownDescription": "", + "title": "DocDbSettings" }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The values in an AWS tag collection.\n\nThe tag's *value* is a field used to associate a string with the tag *key* (for example, `111122223333` , `Production` , or a team name). The *key* and *value* are the tag's *key* pair. Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. You can specify a maximum of 256 characters for a tag value. The tag value is a required property when *AppBoundaryKey* is specified.", - "title": "TagValues", - "type": "array" + "IbmDb2LuwSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.IbmDb2LuwSettings", + "markdownDescription": "", + "title": "IbmDb2LuwSettings" + }, + "IbmDb2zOsSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.IbmDb2zOsSettings", + "markdownDescription": "", + "title": "IbmDb2zOsSettings" + }, + "MariaDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MariaDbSettings", + "markdownDescription": "", + "title": "MariaDbSettings" + }, + "MicrosoftSqlServerSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MicrosoftSqlServerSettings", + "markdownDescription": "", + "title": "MicrosoftSqlServerSettings" + }, + "MongoDbSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MongoDbSettings", + "markdownDescription": "", + "title": "MongoDbSettings" + }, + "MySqlSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.MySqlSettings", + "markdownDescription": "", + "title": "MySqlSettings" + }, + "OracleSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.OracleSettings", + "markdownDescription": "", + "title": "OracleSettings" + }, + "PostgreSqlSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.PostgreSqlSettings", + "markdownDescription": "", + "title": "PostgreSqlSettings" + }, + "RedshiftSettings": { + "$ref": "#/definitions/AWS::DMS::DataProvider.RedshiftSettings", + "markdownDescription": "", + "title": "RedshiftSettings" } }, "type": "object" }, - "AWS::DirectoryService::MicrosoftAD": { + "AWS::DMS::Endpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -66236,52 +73573,174 @@ "Properties": { "additionalProperties": false, "properties": { - "CreateAlias": { - "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, AWS CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", - "title": "CreateAlias", - "type": "boolean" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate.", + "title": "CertificateArn", + "type": "string" }, - "Edition": { - "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", - "title": "Edition", + "DatabaseName": { + "markdownDescription": "The name of the endpoint database. For a MySQL source or target endpoint, don't specify `DatabaseName` . To migrate to a specific database, use this setting and `targetDbType` .", + "title": "DatabaseName", "type": "string" }, - "EnableSso": { - "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", - "title": "EnableSso", - "type": "boolean" + "DocDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.DocDbSettings", + "markdownDescription": "Settings in JSON format for the source and target DocumentDB endpoint. For more information about other available settings, see [Using extra connections attributes with Amazon DocumentDB as a source](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DocumentDB.html#CHAP_Source.DocumentDB.ECAs) and [Using Amazon DocumentDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DocumentDB.html) in the *AWS Database Migration Service User Guide* .", + "title": "DocDbSettings" }, - "Name": { - "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", - "title": "Name", + "DynamoDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.DynamoDbSettings", + "markdownDescription": "Settings in JSON format for the target Amazon DynamoDB endpoint. For information about other available settings, see [Using object mapping to migrate data to DynamoDB](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DynamoDB.html#CHAP_Target.DynamoDB.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "DynamoDbSettings" + }, + "ElasticsearchSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.ElasticsearchSettings", + "markdownDescription": "Settings in JSON format for the target OpenSearch endpoint. For more information about the available settings, see [Extra connection attributes when using OpenSearch as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Elasticsearch.html#CHAP_Target.Elasticsearch.Configuration) in the *AWS Database Migration Service User Guide* .", + "title": "ElasticsearchSettings" + }, + "EndpointIdentifier": { + "markdownDescription": "The database endpoint identifier. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "EndpointIdentifier", + "type": "string" + }, + "EndpointType": { + "markdownDescription": "The type of endpoint. Valid values are `source` and `target` .", + "title": "EndpointType", + "type": "string" + }, + "EngineName": { + "markdownDescription": "The type of engine for the endpoint, depending on the `EndpointType` value.\n\n*Valid values* : `mysql` | `oracle` | `postgres` | `mariadb` | `aurora` | `aurora-postgresql` | `opensearch` | `redshift` | `redshift-serverless` | `s3` | `db2` | `azuredb` | `sybase` | `dynamodb` | `mongodb` | `kinesis` | `kafka` | `elasticsearch` | `docdb` | `sqlserver` | `neptune`", + "title": "EngineName", + "type": "string" + }, + "ExtraConnectionAttributes": { + "markdownDescription": "Additional attributes associated with the connection. Each attribute is specified as a name-value pair associated by an equal sign (=). Multiple attributes are separated by a semicolon (;) with no additional white space. For information on the attributes available for connecting your source or target endpoint, see [Working with AWS DMS Endpoints](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Endpoints.html) in the *AWS Database Migration Service User Guide* .", + "title": "ExtraConnectionAttributes", + "type": "string" + }, + "GcpMySQLSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.GcpMySQLSettings", + "markdownDescription": "Settings in JSON format for the source GCP MySQL endpoint. These settings are much the same as the settings for any MySQL-compatible endpoint. For more information, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "GcpMySQLSettings" + }, + "IbmDb2Settings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.IbmDb2Settings", + "markdownDescription": "Settings in JSON format for the source IBM Db2 LUW endpoint. For information about other available settings, see [Extra connection attributes when using Db2 LUW as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DB2.html#CHAP_Source.DB2.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "IbmDb2Settings" + }, + "KafkaSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.KafkaSettings", + "markdownDescription": "Settings in JSON format for the target Apache Kafka endpoint. For more information about other available settings, see [Using object mapping to migrate data to a Kafka topic](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html#CHAP_Target.Kafka.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "KafkaSettings" + }, + "KinesisSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.KinesisSettings", + "markdownDescription": "Settings in JSON format for the target endpoint for Amazon Kinesis Data Streams. For more information about other available settings, see [Using object mapping to migrate data to a Kinesis data stream](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kinesis.html#CHAP_Target.Kinesis.ObjectMapping) in the *AWS Database Migration Service User Guide* .", + "title": "KinesisSettings" + }, + "KmsKeyId": { + "markdownDescription": "An AWS KMS key identifier that is used to encrypt the connection parameters for the endpoint.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", "type": "string" }, + "MicrosoftSqlServerSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MicrosoftSqlServerSettings", + "markdownDescription": "Settings in JSON format for the source and target Microsoft SQL Server endpoint. For information about other available settings, see [Extra connection attributes when using SQL Server as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SQLServer.html#CHAP_Source.SQLServer.ConnectionAttrib) and [Extra connection attributes when using SQL Server as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SQLServer.html#CHAP_Target.SQLServer.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "MicrosoftSqlServerSettings" + }, + "MongoDbSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MongoDbSettings", + "markdownDescription": "Settings in JSON format for the source MongoDB endpoint. For more information about the available settings, see [Using MongoDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MongoDB.html#CHAP_Source.MongoDB.Configuration) in the *AWS Database Migration Service User Guide* .", + "title": "MongoDbSettings" + }, + "MySqlSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.MySqlSettings", + "markdownDescription": "Settings in JSON format for the source and target MySQL endpoint. For information about other available settings, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) and [Extra connection attributes when using a MySQL-compatible database as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.MySQL.html#CHAP_Target.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "MySqlSettings" + }, + "NeptuneSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.NeptuneSettings", + "markdownDescription": "Settings in JSON format for the target Amazon Neptune endpoint. For more information about the available settings, see [Specifying endpoint settings for Amazon Neptune as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.EndpointSettings) in the *AWS Database Migration Service User Guide* .", + "title": "NeptuneSettings" + }, + "OracleSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.OracleSettings", + "markdownDescription": "Settings in JSON format for the source and target Oracle endpoint. For information about other available settings, see [Extra connection attributes when using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.ConnectionAttrib) and [Extra connection attributes when using Oracle as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Oracle.html#CHAP_Target.Oracle.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "OracleSettings" + }, "Password": { - "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", + "markdownDescription": "The password to be used to log in to the endpoint database.", "title": "Password", "type": "string" }, - "ShortName": { - "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", - "title": "ShortName", + "Port": { + "markdownDescription": "The port used by the endpoint database.", + "title": "Port", + "type": "number" + }, + "PostgreSqlSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.PostgreSqlSettings", + "markdownDescription": "Settings in JSON format for the source and target PostgreSQL endpoint.\n\nFor information about other available settings, see [Extra connection attributes when using PostgreSQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) and [Extra connection attributes when using PostgreSQL as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.PostgreSQL.html#CHAP_Target.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "PostgreSqlSettings" + }, + "RedisSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.RedisSettings", + "markdownDescription": "Settings in JSON format for the target Redis endpoint. For information about other available settings, see [Specifying endpoint settings for Redis as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redis.html#CHAP_Target.Redis.EndpointSettings) in the *AWS Database Migration Service User Guide* .", + "title": "RedisSettings" + }, + "RedshiftSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.RedshiftSettings", + "markdownDescription": "Settings in JSON format for the Amazon Redshift endpoint.\n\nFor more information about other available settings, see [Extra connection attributes when using Amazon Redshift as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redshift.html#CHAP_Target.Redshift.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "RedshiftSettings" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", "type": "string" }, - "VpcSettings": { - "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", - "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", - "title": "VpcSettings" + "S3Settings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.S3Settings", + "markdownDescription": "Settings in JSON format for the source and target Amazon S3 endpoint. For more information about other available settings, see [Extra connection attributes when using Amazon S3 as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.S3.html#CHAP_Source.S3.Configuring) and [Extra connection attributes when using Amazon S3 as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring) in the *AWS Database Migration Service User Guide* .", + "title": "S3Settings" + }, + "ServerName": { + "markdownDescription": "The name of the server where the endpoint database resides.", + "title": "ServerName", + "type": "string" + }, + "SslMode": { + "markdownDescription": "The Secure Sockets Layer (SSL) mode to use for the SSL connection. The default is `none` .\n\n> When `engine_name` is set to S3, the only allowed value is `none` .", + "title": "SslMode", + "type": "string" + }, + "SybaseSettings": { + "$ref": "#/definitions/AWS::DMS::Endpoint.SybaseSettings", + "markdownDescription": "Settings in JSON format for the source and target SAP ASE endpoint. For information about other available settings, see [Extra connection attributes when using SAP ASE as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SAP.html#CHAP_Source.SAP.ConnectionAttrib) and [Extra connection attributes when using SAP ASE as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SAP.html#CHAP_Target.SAP.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "SybaseSettings" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the endpoint.", + "title": "Tags", + "type": "array" + }, + "Username": { + "markdownDescription": "The user name to be used to log in to the endpoint database.", + "title": "Username", + "type": "string" } }, "required": [ - "Name", - "Password", - "VpcSettings" + "EndpointType", + "EngineName" ], "type": "object" }, "Type": { "enum": [ - "AWS::DirectoryService::MicrosoftAD" + "AWS::DMS::Endpoint" ], "type": "string" }, @@ -66300,1467 +73759,1277 @@ ], "type": "object" }, - "AWS::DirectoryService::MicrosoftAD.VpcSettings": { + "AWS::DMS::Endpoint.DocDbSettings": { "additionalProperties": false, "properties": { - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", - "title": "SubnetIds", - "type": "array" + "DocsToInvestigate": { + "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", + "title": "DocsToInvestigate", + "type": "number" }, - "VpcId": { - "markdownDescription": "The identifier of the VPC in which to create the directory.", - "title": "VpcId", + "ExtractDocId": { + "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", + "title": "ExtractDocId", + "type": "boolean" + }, + "NestingLevel": { + "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", + "title": "NestingLevel", + "type": "string" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the DocumentDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the DocumentDB endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" } }, - "required": [ - "SubnetIds", - "VpcId" - ], "type": "object" }, - "AWS::DirectoryService::SimpleAD": { + "AWS::DMS::Endpoint.DynamoDbSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CreateAlias": { - "markdownDescription": "If set to `true` , specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, this property is set to `false` .\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", - "title": "CreateAlias", - "type": "boolean" - }, - "Description": { - "markdownDescription": "A description for the directory.", - "title": "Description", - "type": "string" - }, - "EnableSso": { - "markdownDescription": "Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", - "title": "EnableSso", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The fully qualified name for the directory, such as `corp.example.com` .", - "title": "Name", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the directory administrator. The directory creation process creates a directory administrator account with the user name `Administrator` and this password.\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", - "title": "Password", - "type": "string" - }, - "ShortName": { - "markdownDescription": "The NetBIOS name of the directory, such as `CORP` .", - "title": "ShortName", - "type": "string" - }, - "Size": { - "markdownDescription": "The size of the directory. For valid values, see [CreateDirectory](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html) in the *AWS Directory Service API Reference* .", - "title": "Size", - "type": "string" - }, - "VpcSettings": { - "$ref": "#/definitions/AWS::DirectoryService::SimpleAD.VpcSettings", - "markdownDescription": "A [DirectoryVpcSettings](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DirectoryVpcSettings.html) object that contains additional information for the operation.", - "title": "VpcSettings" - } - }, - "required": [ - "Name", - "Size", - "VpcSettings" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::DirectoryService::SimpleAD" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DirectoryService::SimpleAD.VpcSettings": { + "AWS::DMS::Endpoint.ElasticsearchSettings": { "additionalProperties": false, "properties": { - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", - "title": "SubnetIds", - "type": "array" + "EndpointUri": { + "markdownDescription": "The endpoint for the OpenSearch cluster. AWS DMS uses HTTPS if a transport protocol (either HTTP or HTTPS) isn't specified.", + "title": "EndpointUri", + "type": "string" }, - "VpcId": { - "markdownDescription": "The identifier of the VPC in which to create the directory.", - "title": "VpcId", + "ErrorRetryDuration": { + "markdownDescription": "The maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster.", + "title": "ErrorRetryDuration", + "type": "number" + }, + "FullLoadErrorPercentage": { + "markdownDescription": "The maximum percentage of records that can fail to be written before a full load operation stops.\n\nTo avoid early failure, this counter is only effective after 1,000 records are transferred. OpenSearch also has the concept of error monitoring during the last 10 minutes of an Observation Window. If transfer of all records fail in the last 10 minutes, the full load operation stops.", + "title": "FullLoadErrorPercentage", + "type": "number" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", "type": "string" } }, - "required": [ - "SubnetIds", - "VpcId" - ], "type": "object" }, - "AWS::DocDB::DBCluster": { + "AWS::DMS::Endpoint.GcpMySQLSettings": { "additionalProperties": false, "properties": { - "Condition": { + "AfterConnectScript": { + "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", + "title": "AfterConnectScript", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CleanSourceMetadataOnMismatch": { + "markdownDescription": "Adjusts the behavior of AWS DMS when migrating from an SQL Server source database that is hosted as part of an Always On availability group cluster. If you need AWS DMS to poll all the nodes in the Always On cluster for transaction backups, set this attribute to `false` .", + "title": "CleanSourceMetadataOnMismatch", + "type": "boolean" + }, + "DatabaseName": { + "markdownDescription": "Database name for the endpoint. For a MySQL source or target endpoint, don't explicitly specify the database using the `DatabaseName` request parameter on either the `CreateEndpoint` or `ModifyEndpoint` API call. Specifying `DatabaseName` when you create or modify a MySQL endpoint replicates all the task tables to this single database. For MySQL endpoints, you specify the database only when you specify the schema in the table-mapping rules of the AWS DMS task.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EventsPollInterval": { + "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", + "title": "EventsPollInterval", + "type": "number" }, - "Metadata": { - "type": "object" + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.", - "title": "AvailabilityZones", - "type": "array" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained. You must specify a minimum value of 1.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "Set to `true` to copy all tags from the source cluster snapshot to the target cluster snapshot, and otherwise `false` . The default is `false` .", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "The cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster`", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the cluster parameter group to associate with this cluster.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A subnet group to associate with this cluster.\n\nConstraints: Must match the name of an existing `DBSubnetGroup` . Must not be default.\n\nExample: `mySubnetgroup`", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DeletionProtection": { - "markdownDescription": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.\n\nIf you intend to trigger an in-place upgrade, please refer to [Amazon DocumentDB in-place major version upgrade](https://docs.aws.amazon.com/documentdb/latest/developerguide/docdb-mvu.html) . Note that for an in-place engine version upgrade, you need to remove other cluster properties changes (e.g. SecurityGroupId) from the CFN template.", - "title": "EngineVersion", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", - "title": "KmsKeyId", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", - "title": "MasterUsername", - "type": "string" - }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", - "type": "number" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "The date and time to restore the cluster to.\n\nValid values: A time in Universal Coordinated Time (UTC) format.\n\nConstraints:\n\n- Must be before the latest restorable time for the instance.\n- Must be specified if the `UseLatestRestorableTime` parameter is not provided.\n- Cannot be specified if the `UseLatestRestorableTime` parameter is `true` .\n- Cannot be specified if the `RestoreType` parameter is `copy-on-write` .\n\nExample: `2015-03-07T23:45:00Z`", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nConstraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.", - "title": "RestoreType", - "type": "string" - }, - "SnapshotIdentifier": { - "markdownDescription": "The identifier for the snapshot or cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.\n\nConstraints:\n\n- Must match the identifier of an existing snapshot.", - "title": "SnapshotIdentifier", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The identifier of the source cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing `DBCluster` .", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "Specifies whether the cluster is encrypted.\n\nIf you specify `SourceDBClusterIdentifier` or `SnapshotIdentifier` and don\u2019t specify `StorageEncrypted` , the encryption property is inherited from the source cluster or snapshot (unless `KMSKeyId` is specified, in which case the restored cluster will be encrypted with that KMS key). If the source is encrypted and `StorageEncrypted` is specified to be true, the restored cluster will be encrypted (if you want to use a different KMS key, specify the `KMSKeyId` property as well). If the source is unencrypted and `StorageEncrypted` is specified to be true, then the `KMSKeyId` property must be specified. If the source is encrypted, don\u2019t specify `StorageEncrypted` to be false as opting out of encryption is not allowed.", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Amazon DocumentDB clusters, see Cluster storage configurations in the *Amazon DocumentDB Developer Guide* .\n\nValid values for storage type - `standard | iopt1`\n\nDefault value is `standard`\n\n> When you create a DocumentDB DB cluster with the storage type set to `iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `standard` .", - "title": "StorageType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the cluster.", - "title": "Tags", - "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "A value that is set to `true` to restore the cluster to the latest restorable backup time, and `false` otherwise.\n\nDefault: `false`\n\nConstraints: Cannot be specified if the `RestoreToTime` parameter is provided.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with this cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" - } - }, - "type": "object" + "ParallelLoadThreads": { + "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", + "title": "ParallelLoadThreads", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DocDB::DBCluster" - ], + "Password": { + "markdownDescription": "Endpoint connection password.", + "title": "Password", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Port": { + "markdownDescription": "The port used by the endpoint database.", + "title": "Port", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret.` The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerName": { + "markdownDescription": "The MySQL host name.", + "title": "ServerName", + "type": "string" + }, + "ServerTimezone": { + "markdownDescription": "Specifies the time zone for the source MySQL database. Don't enclose time zones in single quotation marks.\n\nExample: `serverTimezone=US/Pacific;`", + "title": "ServerTimezone", + "type": "string" + }, + "Username": { + "markdownDescription": "Endpoint connection user name.", + "title": "Username", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::DocDB::DBClusterParameterGroup": { + "AWS::DMS::Endpoint.IbmDb2Settings": { "additionalProperties": false, "properties": { - "Condition": { + "CurrentLsn": { + "markdownDescription": "For ongoing replication (CDC), use CurrentLSN to specify a log sequence number (LSN) where you want the replication to start.", + "title": "CurrentLsn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "KeepCsvFiles": { + "markdownDescription": "If true, AWS DMS saves any .csv files to the Db2 LUW target that were used to replicate data. DMS uses these files for analysis and troubleshooting.\n\nThe default value is false.", + "title": "KeepCsvFiles", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LoadTimeout": { + "markdownDescription": "The amount of time (in milliseconds) before AWS DMS times out operations performed by DMS on the Db2 target. The default value is 1200 (20 minutes).", + "title": "LoadTimeout", + "type": "number" }, - "Metadata": { - "type": "object" + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of .csv files used to transfer data to Db2 LUW.", + "title": "MaxFileSize", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description for the cluster parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "The cluster parameter group family name.", - "title": "Family", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing `DBClusterParameterGroup` .\n\n> This value is stored as a lowercase string.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "markdownDescription": "Provides a list of parameters for the cluster parameter group.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the cluster parameter group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "Family", - "Parameters" - ], - "type": "object" + "MaxKBytesPerRead": { + "markdownDescription": "Maximum number of bytes per read, as a NUMBER value. The default is 64 KB.", + "title": "MaxKBytesPerRead", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DocDB::DBClusterParameterGroup" - ], + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value ofthe AWS Secrets Manager secret that allows access to the Db2 LUW endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the IBMDB2 endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" + }, + "SetDataCaptureChanges": { + "markdownDescription": "Enables ongoing replication (CDC) as a BOOLEAN value. The default is true.", + "title": "SetDataCaptureChanges", + "type": "boolean" + }, + "WriteBufferSize": { + "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk on the DMS replication instance. The default value is 1024 (1 MB).", + "title": "WriteBufferSize", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DocDB::DBInstance": { + "AWS::DMS::Endpoint.KafkaSettings": { "additionalProperties": false, "properties": { - "Condition": { + "Broker": { + "markdownDescription": "A comma-separated list of one or more broker locations in your Kafka cluster that host your Kafka instance. Specify each broker location in the form `*broker-hostname-or-ip* : *port*` . For example, `\"ec2-12-345-678-901.compute-1.amazonaws.com:2345\"` . For more information and examples of specifying a list of broker locations, see [Using Apache Kafka as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html) in the *AWS Database Migration Service User Guide* .", + "title": "Broker", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IncludeControlDetails": { + "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. The default is `false` .", + "title": "IncludeControlDetails", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "IncludeNullAndEmpty": { + "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", + "title": "IncludeNullAndEmpty", + "type": "boolean" }, - "Metadata": { - "type": "object" + "IncludePartitionValue": { + "markdownDescription": "Shows the partition value within the Kafka message output unless the partition type is `schema-table-type` . The default is `false` .", + "title": "IncludePartitionValue", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutoMinorVersionUpgrade": { - "markdownDescription": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set.\n\nDefault: `false`", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZone": { - "markdownDescription": "The Amazon EC2 Availability Zone that the instance is created in.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nExample: `us-east-1d`", - "title": "AvailabilityZone", - "type": "string" - }, - "CACertificateIdentifier": { - "markdownDescription": "The identifier of the CA certificate for this DB instance.", - "title": "CACertificateIdentifier", - "type": "string" - }, - "CertificateRotationRestart": { - "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, see [Updating Your Amazon DocumentDB TLS Certificates](https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html) and [Encrypting Data in Transit](https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html) in the *Amazon DocumentDB Developer Guide* .", - "title": "CertificateRotationRestart", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "The identifier of the cluster that the instance will belong to.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBInstanceClass": { - "markdownDescription": "The compute and memory capacity of the instance; for example, `db.m4.large` . If you change the class of an instance there can be some interruption in the cluster's service.", - "title": "DBInstanceClass", - "type": "string" - }, - "DBInstanceIdentifier": { - "markdownDescription": "The instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `mydbinstance`", - "title": "DBInstanceIdentifier", - "type": "string" - }, - "EnablePerformanceInsights": { - "markdownDescription": "A value that indicates whether to enable Performance Insights for the DB Instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) .", - "title": "EnablePerformanceInsights", - "type": "boolean" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the instance. You can assign up to 10 tags to an instance.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DBClusterIdentifier", - "DBInstanceClass" - ], - "type": "object" + "IncludeTableAlterOperations": { + "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", + "title": "IncludeTableAlterOperations", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::DocDB::DBInstance" - ], + "IncludeTransactionDetails": { + "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", + "title": "IncludeTransactionDetails", + "type": "boolean" + }, + "MessageFormat": { + "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", + "title": "MessageFormat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MessageMaxBytes": { + "markdownDescription": "The maximum size in bytes for records created on the endpoint The default is 1,000,000.", + "title": "MessageMaxBytes", + "type": "number" + }, + "NoHexPrefix": { + "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", + "title": "NoHexPrefix", + "type": "boolean" + }, + "PartitionIncludeSchemaTable": { + "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. The default is `false` .", + "title": "PartitionIncludeSchemaTable", + "type": "boolean" + }, + "SaslPassword": { + "markdownDescription": "The secure password that you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", + "title": "SaslPassword", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::DocDB::DBSubnetGroup": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "SaslUserName": { + "markdownDescription": "The secure user name you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", + "title": "SaslUserName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecurityProtocol": { + "markdownDescription": "Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption` , `ssl-authentication` , and `sasl-ssl` . `sasl-ssl` requires `SaslUsername` and `SaslPassword` .", + "title": "SecurityProtocol", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SslCaCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint.", + "title": "SslCaCertificateArn", + "type": "string" }, - "Metadata": { - "type": "object" + "SslClientCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the client certificate used to securely connect to a Kafka target endpoint.", + "title": "SslClientCertificateArn", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "The description for the subnet group.", - "title": "DBSubnetGroupDescription", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "The name for the subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens. Must not be default.\n\nExample: `mySubnetgroup`", - "title": "DBSubnetGroupName", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the subnet group.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the subnet group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DBSubnetGroupDescription", - "SubnetIds" - ], - "type": "object" + "SslClientKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the client private key used to securely connect to a Kafka target endpoint.", + "title": "SslClientKeyArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::DocDB::DBSubnetGroup" - ], + "SslClientKeyPassword": { + "markdownDescription": "The password for the client private key used to securely connect to a Kafka target endpoint.", + "title": "SslClientKeyPassword", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Topic": { + "markdownDescription": "The topic to which you migrate the data. If you don't specify a topic, AWS DMS specifies `\"kafka-default-topic\"` as the migration topic.", + "title": "Topic", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DocDB::EventSubscription": { + "AWS::DMS::Endpoint.KinesisSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "IncludeControlDetails": { + "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. The default is `false` .", + "title": "IncludeControlDetails", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "IncludeNullAndEmpty": { + "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", + "title": "IncludeNullAndEmpty", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "IncludePartitionValue": { + "markdownDescription": "Shows the partition value within the Kinesis message output, unless the partition type is `schema-table-type` . The default is `false` .", + "title": "IncludePartitionValue", + "type": "boolean" }, - "Metadata": { - "type": "object" + "IncludeTableAlterOperations": { + "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", + "title": "IncludeTableAlterOperations", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A Boolean value; set to `true` to activate the subscription, set to `false` to create the subscription but not active it.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event categories for a `SourceType` that you want to subscribe to.", - "title": "EventCategories", - "type": "array" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. Amazon SNS creates the ARN when you create a topic and subscribe to it.", - "title": "SnsTopicArn", - "type": "string" - }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are provided, `SourceType` must also be provided.\n- If the source type is an instance, a `DBInstanceIdentifier` must be provided.\n- If the source type is a security group, a `DBSecurityGroupName` must be provided.\n- If the source type is a parameter group, a `DBParameterGroupName` must be provided.\n- If the source type is a snapshot, a `DBSnapshotIdentifier` must be provided.", - "title": "SourceIds", - "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by an instance, you would set this parameter to `db-instance` . If this value is not specified, all events are returned.\n\nValid values: `db-instance` , `db-cluster` , `db-parameter-group` , `db-security-group` , `db-cluster-snapshot`", - "title": "SourceType", - "type": "string" - }, - "SubscriptionName": { - "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be fewer than 255 characters.", - "title": "SubscriptionName", - "type": "string" - } - }, - "required": [ - "SnsTopicArn" - ], - "type": "object" + "IncludeTransactionDetails": { + "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", + "title": "IncludeTransactionDetails", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::DocDB::EventSubscription" - ], + "MessageFormat": { + "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", + "title": "MessageFormat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NoHexPrefix": { + "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to an Amazon Kinesis target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", + "title": "NoHexPrefix", + "type": "boolean" + }, + "PartitionIncludeSchemaTable": { + "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kinesis shards. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same shard, which causes throttling. The default is `false` .", + "title": "PartitionIncludeSchemaTable", + "type": "boolean" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that AWS DMS uses to write to the Kinesis data stream. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Kinesis Data Streams endpoint.", + "title": "StreamArn", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DocDBElastic::Cluster": { + "AWS::DMS::Endpoint.MicrosoftSqlServerSettings": { "additionalProperties": false, "properties": { - "Condition": { + "BcpPacketSize": { + "markdownDescription": "The maximum size of the packets (in bytes) used to transfer data using BCP.", + "title": "BcpPacketSize", + "type": "number" + }, + "ControlTablesFileGroup": { + "markdownDescription": "Specifies a file group for the AWS DMS internal tables. When the replication task starts, all the internal AWS DMS control tables (awsdms_ apply_exception, awsdms_apply, awsdms_changes) are created for the specified file group.", + "title": "ControlTablesFileGroup", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseName": { + "markdownDescription": "Database name for the endpoint.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ForceLobLookup": { + "markdownDescription": "Forces LOB lookup on inline LOB.", + "title": "ForceLobLookup", + "type": "boolean" }, - "Metadata": { - "type": "object" + "Password": { + "markdownDescription": "Endpoint connection password.", + "title": "Password", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdminUserName": { - "markdownDescription": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word.", - "title": "AdminUserName", - "type": "string" - }, - "AdminUserPassword": { - "markdownDescription": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required.", - "title": "AdminUserPassword", - "type": "string" - }, - "AuthType": { - "markdownDescription": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` .", - "title": "AuthType", - "type": "string" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automatic snapshots are retained.", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "ClusterName": { - "markdownDescription": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`", - "title": "ClusterName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region.", - "title": "KmsKeyId", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` .", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "ShardCapacity": { - "markdownDescription": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64.", - "title": "ShardCapacity", - "type": "number" - }, - "ShardCount": { - "markdownDescription": "The number of shards assigned to the elastic cluster. Maximum is 32.", - "title": "ShardCount", - "type": "number" - }, - "ShardInstanceCount": { - "markdownDescription": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability.", - "title": "ShardInstanceCount", - "type": "number" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the new elastic cluster.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to be assigned to the new elastic cluster.", - "title": "Tags", - "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with the new elastic cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" - } - }, - "required": [ - "AdminUserName", - "AuthType", - "ClusterName", - "ShardCapacity", - "ShardCount" - ], - "type": "object" + "Port": { + "markdownDescription": "Endpoint TCP port.", + "title": "Port", + "type": "number" }, - "Type": { - "enum": [ - "AWS::DocDBElastic::Cluster" - ], + "QuerySingleAlwaysOnNode": { + "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. An example is a situation where running an alter DDL statement on a table might result in different information about the table cached in the replication instance.", + "title": "QuerySingleAlwaysOnNode", + "type": "boolean" + }, + "ReadBackupOnly": { + "markdownDescription": "When this attribute is set to `Y` , AWS DMS only reads changes from transaction log backups and doesn't read from the active transaction log file during ongoing replication. Setting this parameter to `Y` enables you to control active transaction log file growth during full load and ongoing replication tasks. However, it can add some source latency to ongoing replication.", + "title": "ReadBackupOnly", + "type": "boolean" + }, + "SafeguardPolicy": { + "markdownDescription": "Use this attribute to minimize the need to access the backup log and enable AWS DMS to prevent truncation using one of the following two methods.\n\n*Start transactions in the database:* This is the default method. When this method is used, AWS DMS prevents TLOG truncation by mimicking a transaction in the database. As long as such a transaction is open, changes that appear after the transaction started aren't truncated. If you need Microsoft Replication to be enabled in your database, then you must choose this method.\n\n*Exclusively use sp_repldone within a single task* : When this method is used, AWS DMS reads the changes and then uses sp_repldone to mark the TLOG transactions as ready for truncation. Although this method doesn't involve any transactional activities, it can only be used when Microsoft Replication isn't running. Also, when using this method, only one AWS DMS task can access the database at any given time. Therefore, if you need to run parallel AWS DMS tasks against the same database, use the default method.", + "title": "SafeguardPolicy", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SQL Server endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MicrosoftSQLServer endpoint connection details.", + "title": "SecretsManagerSecretId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", + "title": "ServerName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TlogAccessMode": { + "markdownDescription": "Indicates the mode used to fetch CDC data.", + "title": "TlogAccessMode", + "type": "string" }, - "Metadata": { - "type": "object" + "TrimSpaceInChar": { + "markdownDescription": "Use the `TrimSpaceInChar` source endpoint setting to right-trim data on CHAR and NCHAR data types during migration. Setting `TrimSpaceInChar` does not left-trim data. The default value is `true` .", + "title": "TrimSpaceInChar", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AttributeDefinitions": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.AttributeDefinition" - }, - "markdownDescription": "A list of attributes that describe the key schema for the global table and indexes.", - "title": "AttributeDefinitions", - "type": "array" - }, - "BillingMode": { - "markdownDescription": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` .", - "title": "BillingMode", - "type": "string" - }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex" - }, - "markdownDescription": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually.", - "title": "GlobalSecondaryIndexes", - "type": "array" - }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", - "title": "KeySchema", - "type": "array" - }, - "LocalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.LocalSecondaryIndex" - }, - "markdownDescription": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", - "title": "LocalSecondaryIndexes", - "type": "array" - }, - "Replicas": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSpecification" - }, - "markdownDescription": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update. For Multi-Region Strong Consistency (MRSC), you can add or remove up to 3 replicas, or 2 replicas plus a witness Region.", - "title": "Replicas", - "type": "array" - }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.SSESpecification", - "markdownDescription": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property.", - "title": "SSESpecification" - }, - "StreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.StreamSpecification", - "markdownDescription": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica. For Multi-Region Strong Consistency (MRSC), you do not need to provide a value for this property and can change the settings at any time.", - "title": "StreamSpecification" - }, - "TableName": { - "markdownDescription": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TableName", - "type": "string" - }, - "TimeToLiveSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TimeToLiveSpecification", - "markdownDescription": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas.", - "title": "TimeToLiveSpecification" - }, - "WriteProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", - "markdownDescription": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` .", - "title": "WriteProvisionedThroughputSettings" - } - }, - "required": [ - "AttributeDefinitions", - "KeySchema", - "Replicas" - ], - "type": "object" + "UseBcpFullLoad": { + "markdownDescription": "Use this to attribute to transfer data for full-load operations using BCP. When the target table contains an identity column that does not exist in the source table, you must disable the use BCP for loading table option.", + "title": "UseBcpFullLoad", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::DynamoDB::GlobalTable" - ], - "type": "string" + "UseThirdPartyBackupDevice": { + "markdownDescription": "When this attribute is set to `Y` , DMS processes third-party transaction log backups if they are created in native format.", + "title": "UseThirdPartyBackupDevice", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Username": { + "markdownDescription": "Endpoint connection user name.", + "title": "Username", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.AttributeDefinition": { + "AWS::DMS::Endpoint.MongoDbSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "A name for the attribute.", - "title": "AttributeName", + "AuthMechanism": { + "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", + "title": "AuthMechanism", "type": "string" }, - "AttributeType": { - "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", - "title": "AttributeType", + "AuthSource": { + "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", + "title": "AuthSource", "type": "string" - } - }, - "required": [ - "AttributeName", - "AttributeType" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum provisioned capacity units for the global table.", - "title": "MaxCapacity", - "type": "number" }, - "MinCapacity": { - "markdownDescription": "The minimum provisioned capacity units for the global table.", - "title": "MinCapacity", - "type": "number" + "AuthType": { + "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen set to `\"no\"` , user name and password parameters are not used and can be empty.", + "title": "AuthType", + "type": "string" }, - "SeedCapacity": { - "markdownDescription": "When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent.\n\nIf you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10.\n\nYou must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` .", - "title": "SeedCapacity", - "type": "number" + "DatabaseName": { + "markdownDescription": "The database name on the MongoDB source endpoint.", + "title": "DatabaseName", + "type": "string" }, - "TargetTrackingScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration", - "markdownDescription": "Defines a target tracking scaling policy.", - "title": "TargetTrackingScalingPolicyConfiguration" + "DocsToInvestigate": { + "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", + "title": "DocsToInvestigate", + "type": "string" + }, + "ExtractDocId": { + "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", + "title": "ExtractDocId", + "type": "string" + }, + "NestingLevel": { + "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", + "title": "NestingLevel", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the user account you use to access the MongoDB source endpoint.", + "title": "Password", + "type": "string" + }, + "Port": { + "markdownDescription": "The port value for the MongoDB source endpoint.", + "title": "Port", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MongoDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MongoDB endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerName": { + "markdownDescription": "The name of the server on the MongoDB source endpoint.", + "title": "ServerName", + "type": "string" + }, + "Username": { + "markdownDescription": "The user name you use to access the MongoDB source endpoint.", + "title": "Username", + "type": "string" } }, - "required": [ - "MaxCapacity", - "MinCapacity", - "TargetTrackingScalingPolicyConfiguration" - ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification": { + "AWS::DMS::Endpoint.MySqlSettings": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", - "title": "Enabled", + "AfterConnectScript": { + "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", + "title": "AfterConnectScript", + "type": "string" + }, + "CleanSourceMetadataOnMismatch": { + "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. For example, in a situation where running an alter DDL on the table could result in different information about the table cached in the replication instance.", + "title": "CleanSourceMetadataOnMismatch", "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex": { - "additionalProperties": false, - "properties": { - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + }, + "EventsPollInterval": { + "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", + "title": "EventsPollInterval", + "type": "number" + }, + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" + }, + "ParallelLoadThreads": { + "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", + "title": "ParallelLoadThreads", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" + "ServerTimezone": { + "markdownDescription": "Specifies the time zone for the source MySQL database.\n\nExample: `serverTimezone=US/Pacific;`\n\nNote: Do not enclose time zones in single quotes.", + "title": "ServerTimezone", + "type": "string" }, - "WriteProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", - "markdownDescription": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index.", - "title": "WriteProvisionedThroughputSettings" + "TargetDbType": { + "markdownDescription": "Specifies where to migrate source tables on the target, either to a single database or multiple databases. If you specify `SPECIFIC_DATABASE` , specify the database name using the `DatabaseName` parameter of the `Endpoint` object.\n\nExample: `targetDbType=MULTIPLE_DATABASES`", + "title": "TargetDbType", + "type": "string" } }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.KeySchema": { + "AWS::DMS::Endpoint.NeptuneSettings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of a key attribute.", - "title": "AttributeName", + "ErrorRetryDuration": { + "markdownDescription": "The number of milliseconds for AWS DMS to wait to retry a bulk-load of migrated graph data to the Neptune target database before raising an error. The default is 250.", + "title": "ErrorRetryDuration", + "type": "number" + }, + "IamAuthEnabled": { + "markdownDescription": "If you want IAM authorization enabled for this endpoint, set this parameter to `true` . Then attach the appropriate IAM policy document to your service role specified by `ServiceAccessRoleArn` . The default is `false` .", + "title": "IamAuthEnabled", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "The maximum size in kilobytes of migrated graph data stored in a .csv file before AWS DMS bulk-loads the data to the Neptune target database. The default is 1,048,576 KB. If the bulk load is successful, AWS DMS clears the bucket, ready to store the next batch of migrated graph data.", + "title": "MaxFileSize", + "type": "number" + }, + "MaxRetryCount": { + "markdownDescription": "The number of times for AWS DMS to retry a bulk load of migrated graph data to the Neptune target database before raising an error. The default is 5.", + "title": "MaxRetryCount", + "type": "number" + }, + "S3BucketFolder": { + "markdownDescription": "A folder path where you want AWS DMS to store migrated graph data in the S3 bucket specified by `S3BucketName`", + "title": "S3BucketFolder", "type": "string" }, - "KeyType": { - "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeyType", + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket where AWS DMS can temporarily store migrated graph data in .csv files before bulk-loading it to the Neptune target database. AWS DMS maps the SQL source data to graph data before storing it in these .csv files.", + "title": "S3BucketName", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service role that you created for the Neptune target endpoint. The role must allow the `iam:PassRole` action.\n\nFor more information, see [Creating an IAM Service Role for Accessing Amazon Neptune as a Target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.ServiceRole) in the *AWS Database Migration Service User Guide* .", + "title": "ServiceAccessRoleArn", "type": "string" } }, - "required": [ - "AttributeName", - "KeyType" - ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.KinesisStreamSpecification": { + "AWS::DMS::Endpoint.OracleSettings": { "additionalProperties": false, "properties": { - "ApproximateCreationDateTimePrecision": { - "markdownDescription": "The precision for the time and date that the stream was created.", - "title": "ApproximateCreationDateTimePrecision", + "AccessAlternateDirectly": { + "markdownDescription": "Set this attribute to `false` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to not access redo logs through any specified path prefix replacement using direct file access.", + "title": "AccessAlternateDirectly", + "type": "boolean" + }, + "AddSupplementalLogging": { + "markdownDescription": "Set this attribute to set up table-level supplemental logging for the Oracle database. This attribute enables PRIMARY KEY supplemental logging on all tables selected for a migration task.\n\nIf you use this option, you still need to enable database-level supplemental logging.", + "title": "AddSupplementalLogging", + "type": "boolean" + }, + "AdditionalArchivedLogDestId": { + "markdownDescription": "Set this attribute with `ArchivedLogDestId` in a primary/ standby setup. This attribute is useful in the case of a switchover. In this case, AWS DMS needs to know which destination to get archive redo logs from to read changes. This need arises because the previous primary instance is now a standby instance after switchover.\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless necessary. For additional information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", + "title": "AdditionalArchivedLogDestId", + "type": "number" + }, + "AllowSelectNestedTables": { + "markdownDescription": "Set this attribute to `true` to enable replication of Oracle tables containing columns that are nested tables or defined types.", + "title": "AllowSelectNestedTables", + "type": "boolean" + }, + "ArchivedLogDestId": { + "markdownDescription": "Specifies the ID of the destination for the archived redo logs. This value should be the same as a number in the dest_id column of the v$archived_log view. If you work with an additional redo log destination, use the `AdditionalArchivedLogDestId` option to specify the additional destination ID. Doing this improves performance by ensuring that the correct logs are accessed from the outset.", + "title": "ArchivedLogDestId", + "type": "number" + }, + "ArchivedLogsOnly": { + "markdownDescription": "When this field is set to `True` , AWS DMS only accesses the archived redo logs. If the archived redo logs are stored on Automatic Storage Management (ASM) only, the AWS DMS user account needs to be granted ASM privileges.", + "title": "ArchivedLogsOnly", + "type": "boolean" + }, + "AsmPassword": { + "markdownDescription": "For an Oracle source endpoint, your Oracle Automatic Storage Management (ASM) password. You can set this value from the `*asm_user_password*` value. You set this value as part of the comma-separated value that you set to the `Password` request parameter when you create the endpoint to access transaction logs using Binary Reader. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmPassword", "type": "string" }, - "StreamArn": { - "markdownDescription": "The ARN for a specific Kinesis data stream.", - "title": "StreamArn", + "AsmServer": { + "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmServer", "type": "string" - } - }, - "required": [ - "StreamArn" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.LocalSecondaryIndex": { - "additionalProperties": false, - "properties": { - "IndexName": { - "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + }, + "AsmUser": { + "markdownDescription": "For an Oracle source endpoint, your ASM user name. You can set this value from the `asm_user` value. You set `asm_user` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", + "title": "AsmUser", "type": "string" }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" - }, - "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" + "CharLengthSemantics": { + "markdownDescription": "Specifies whether the length of a character column is in bytes or in characters. To indicate that the character column length is in characters, set this attribute to `CHAR` . Otherwise, the character column length is in bytes.\n\nExample: `charLengthSemantics=CHAR;`", + "title": "CharLengthSemantics", + "type": "string" }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" - } - }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification": { - "additionalProperties": false, - "properties": { - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", - "title": "PointInTimeRecoveryEnabled", + "DirectPathNoLog": { + "markdownDescription": "When set to `true` , this attribute helps to increase the commit rate on the Oracle target database by writing directly to tables and not writing a trail to database logs.", + "title": "DirectPathNoLog", "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.Projection": { - "additionalProperties": false, - "properties": { - "NonKeyAttributes": { + }, + "DirectPathParallelLoad": { + "markdownDescription": "When set to `true` , this attribute specifies a parallel load when `useDirectPathFullLoad` is set to `Y` . This attribute also only applies when you use the AWS DMS parallel load feature. Note that the target table cannot have any constraints or indexes.", + "title": "DirectPathParallelLoad", + "type": "boolean" + }, + "EnableHomogenousTablespace": { + "markdownDescription": "Set this attribute to enable homogenous tablespace replication and create existing tables or indexes under the same tablespace on the target.", + "title": "EnableHomogenousTablespace", + "type": "boolean" + }, + "ExtraArchivedLogDestIds": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", - "title": "NonKeyAttributes", + "markdownDescription": "Specifies the IDs of one more destinations for one or more archived redo logs. These IDs are the values of the `dest_id` column in the `v$archived_log` view. Use this setting with the `archivedLogDestId` extra connection attribute in a primary-to-single setup or a primary-to-multiple-standby setup.\n\nThis setting is useful in a switchover when you use an Oracle Data Guard database as a source. In this case, AWS DMS needs information about what destination to get archive redo logs from to read changes. AWS DMS needs this because after the switchover the previous primary is a standby instance. For example, in a primary-to-single standby setup you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2]`\n\nIn a primary-to-multiple-standby setup, you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2,3,4]`\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless it's necessary. For more information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", + "title": "ExtraArchivedLogDestIds", "type": "array" }, - "ProjectionType": { - "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", - "title": "ProjectionType", + "FailTasksOnLobTruncation": { + "markdownDescription": "When set to `true` , this attribute causes a task to fail if the actual size of an LOB column is greater than the specified `LobMaxSize` .\n\nIf a task is set to limited LOB mode and this option is set to `true` , the task fails instead of truncating the LOB data.", + "title": "FailTasksOnLobTruncation", + "type": "boolean" + }, + "NumberDatatypeScale": { + "markdownDescription": "Specifies the number scale. You can select a scale up to 38, or you can select FLOAT. By default, the NUMBER data type is converted to precision 38, scale 10.\n\nExample: `numberDataTypeScale=12`", + "title": "NumberDatatypeScale", + "type": "number" + }, + "OraclePathPrefix": { + "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the default Oracle root used to access the redo logs.", + "title": "OraclePathPrefix", "type": "string" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings": { - "additionalProperties": false, - "properties": { - "ReadCapacityAutoScalingSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", - "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", - "title": "ReadCapacityAutoScalingSettings" }, - "ReadCapacityUnits": { - "markdownDescription": "Specifies a fixed read capacity for the replica table or global secondary index.", - "title": "ReadCapacityUnits", + "ParallelAsmReadThreads": { + "markdownDescription": "Set this attribute to change the number of threads that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 2 (the default) and 8 (the maximum). Use this attribute together with the `readAheadBlocks` attribute.", + "title": "ParallelAsmReadThreads", "type": "number" - } - }, - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification": { - "additionalProperties": false, - "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", - "markdownDescription": "Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table\u2019s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table.", - "title": "ContributorInsightsSpecification" }, - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", + "ReadAheadBlocks": { + "markdownDescription": "Set this attribute to change the number of read-ahead blocks that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 1000 (the default) and 200,000 (the maximum).", + "title": "ReadAheadBlocks", + "type": "number" + }, + "ReadTableSpaceName": { + "markdownDescription": "When set to `true` , this attribute supports tablespace replication.", + "title": "ReadTableSpaceName", + "type": "boolean" + }, + "ReplacePathPrefix": { + "markdownDescription": "Set this attribute to true in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This setting tells DMS instance to replace the default Oracle root with the specified `usePathPrefix` setting to access the redo logs.", + "title": "ReplacePathPrefix", + "type": "boolean" + }, + "RetryInterval": { + "markdownDescription": "Specifies the number of seconds that the system waits before resending a query.\n\nExample: `retryInterval=6;`", + "title": "RetryInterval", + "type": "number" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Oracle endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "ReadProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", - "markdownDescription": "Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` .", - "title": "ReadProvisionedThroughputSettings" - } - }, - "required": [ - "IndexName" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReplicaSSESpecification": { - "additionalProperties": false, - "properties": { - "KMSMasterKeyId": { - "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", - "title": "KMSMasterKeyId", + "SecretsManagerOracleAsmAccessRoleArn": { + "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerOracleAsmSecret` , the corresponding `SecretsManagerOracleAsmAccessRoleArn` , and the `SecretsManagerOracleAsmSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerOracleAsmAccessRoleArn", + "type": "string" + }, + "SecretsManagerOracleAsmSecretId": { + "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN, partial ARN, or display name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", + "title": "SecretsManagerOracleAsmSecretId", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Oracle endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "SecurityDbEncryption": { + "markdownDescription": "For an Oracle source endpoint, the transparent data encryption (TDE) password required by AWM DMS to access Oracle redo logs encrypted by TDE using Binary Reader. It is also the `*TDE_Password*` part of the comma-separated value you set to the `Password` request parameter when you create the endpoint. The `SecurityDbEncryptian` setting is related to this `SecurityDbEncryptionName` setting. For more information, see [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", + "title": "SecurityDbEncryption", + "type": "string" + }, + "SecurityDbEncryptionName": { + "markdownDescription": "For an Oracle source endpoint, the name of a key used for the transparent data encryption (TDE) of the columns and tablespaces in an Oracle source database that is encrypted using TDE. The key value is the value of the `SecurityDbEncryption` setting. For more information on setting the key name value of `SecurityDbEncryptionName` , see the information and example for setting the `securityDbEncryptionName` extra connection attribute in [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", + "title": "SecurityDbEncryptionName", + "type": "string" + }, + "SpatialDataOptionToGeoJsonFunctionName": { + "markdownDescription": "Use this attribute to convert `SDO_GEOMETRY` to `GEOJSON` format. By default, DMS calls the `SDO2GEOJSON` custom function if present and accessible. Or you can create your own custom function that mimics the operation of `SDOGEOJSON` and set `SpatialDataOptionToGeoJsonFunctionName` to call it instead.", + "title": "SpatialDataOptionToGeoJsonFunctionName", + "type": "string" + }, + "StandbyDelayTime": { + "markdownDescription": "Use this attribute to specify a time in minutes for the delay in standby sync. If the source is an Oracle Active Data Guard standby database, use this attribute to specify the time lag between primary and standby databases.\n\nIn AWS DMS , you can create an Oracle CDC task that uses an Active Data Guard standby instance as a source for replicating ongoing changes. Doing this eliminates the need to connect to an active database that might be in production.", + "title": "StandbyDelayTime", + "type": "number" + }, + "UseAlternateFolderForOnline": { + "markdownDescription": "Set this attribute to `true` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to use any specified prefix replacement to access all online redo logs.", + "title": "UseAlternateFolderForOnline", + "type": "boolean" + }, + "UseBFile": { + "markdownDescription": "Set this attribute to True to capture change data using the Binary Reader utility. Set `UseLogminerReader` to False to set this attribute to True. To use Binary Reader with Amazon RDS for Oracle as the source, you set additional attributes. For more information about using this setting with Oracle Automatic Storage Management (ASM), see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) .", + "title": "UseBFile", + "type": "boolean" + }, + "UseDirectPathFullLoad": { + "markdownDescription": "Set this attribute to True to have AWS DMS use a direct path full load. Specify this value to use the direct path protocol in the Oracle Call Interface (OCI). By using this OCI protocol, you can bulk-load Oracle target tables during a full load.", + "title": "UseDirectPathFullLoad", + "type": "boolean" + }, + "UseLogminerReader": { + "markdownDescription": "Set this attribute to True to capture change data using the Oracle LogMiner utility (the default). Set this attribute to False if you want to access the redo logs as a binary file. When you set `UseLogminerReader` to False, also set `UseBfile` to True. For more information on this setting and using Oracle ASM, see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) in the *AWS DMS User Guide* .", + "title": "UseLogminerReader", + "type": "boolean" + }, + "UsePathPrefix": { + "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the path prefix used to replace the default Oracle root to access the redo logs.", + "title": "UsePathPrefix", "type": "string" } }, - "required": [ - "KMSMasterKeyId" - ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.ReplicaSpecification": { + "AWS::DMS::Endpoint.PostgreSqlSettings": { "additionalProperties": false, "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica.", - "title": "ContributorInsightsSpecification" + "AfterConnectScript": { + "markdownDescription": "For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data.\n\nExample: `afterConnectScript=SET session_replication_role='replica'`", + "title": "AfterConnectScript", + "type": "string" }, - "DeletionProtectionEnabled": { - "markdownDescription": "Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", - "title": "DeletionProtectionEnabled", + "BabelfishDatabaseName": { + "markdownDescription": "The Babelfish for Aurora PostgreSQL database name for the endpoint.", + "title": "BabelfishDatabaseName", + "type": "string" + }, + "CaptureDdls": { + "markdownDescription": "To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts. You can later remove these artifacts.\n\nIf this value is set to `True` , you don't have to create tables or triggers on the source database.", + "title": "CaptureDdls", "type": "boolean" }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification" - }, - "markdownDescription": "Defines additional settings for the global secondary indexes of this replica.", - "title": "GlobalSecondaryIndexes", - "type": "array" + "DatabaseMode": { + "markdownDescription": "Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints.", + "title": "DatabaseMode", + "type": "string" }, - "KinesisStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KinesisStreamSpecification", - "markdownDescription": "Defines the Kinesis Data Streams configuration for the specified replica.", - "title": "KinesisStreamSpecification" + "DdlArtifactsSchema": { + "markdownDescription": "The schema in which the operational DDL database artifacts are created.\n\nThe default value is `public` .\n\nExample: `ddlArtifactsSchema=xyzddlschema;`", + "title": "DdlArtifactsSchema", + "type": "string" }, - "PointInTimeRecoverySpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification", - "markdownDescription": "The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica.", - "title": "PointInTimeRecoverySpecification" + "ExecuteTimeout": { + "markdownDescription": "Sets the client statement timeout for the PostgreSQL instance, in seconds. The default value is 60 seconds.\n\nExample: `executeTimeout=100;`", + "title": "ExecuteTimeout", + "type": "number" }, - "ReadProvisionedThroughputSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", - "markdownDescription": "Defines read capacity settings for the replica table.", - "title": "ReadProvisionedThroughputSettings" + "FailTasksOnLobTruncation": { + "markdownDescription": "When set to `true` , this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize` .\n\nThe default value is `false` .\n\nIf task is set to Limited LOB mode and this option is set to true, the task fails instead of truncating the LOB data.", + "title": "FailTasksOnLobTruncation", + "type": "boolean" }, - "Region": { - "markdownDescription": "The region in which this replica exists.", - "title": "Region", + "HeartbeatEnable": { + "markdownDescription": "The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source. This heartbeat keeps `restart_lsn` moving and prevents storage full scenarios.\n\nThe default value is `false` .", + "title": "HeartbeatEnable", + "type": "boolean" + }, + "HeartbeatFrequency": { + "markdownDescription": "Sets the WAL heartbeat frequency (in minutes).\n\nThe default value is 5 minutes.", + "title": "HeartbeatFrequency", + "type": "number" + }, + "HeartbeatSchema": { + "markdownDescription": "Sets the schema in which the heartbeat artifacts are created.\n\nThe default value is `public` .", + "title": "HeartbeatSchema", "type": "string" }, - "ReplicaStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification", - "markdownDescription": "Represents the DynamoDB Streams configuration for a global table replica.", - "title": "ReplicaStreamSpecification" + "MapBooleanAsBoolean": { + "markdownDescription": "When true, lets PostgreSQL migrate the boolean type as boolean. By default, PostgreSQL migrates booleans as `varchar(5)` . You must set this setting on both the source and target endpoints for it to take effect.\n\nThe default value is `false` .", + "title": "MapBooleanAsBoolean", + "type": "boolean" }, - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "ResourcePolicy" + "MaxFileSize": { + "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL.\n\nThe default value is 32,768 KB (32 MB).\n\nExample: `maxFileSize=512`", + "title": "MaxFileSize", + "type": "number" }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSSESpecification", - "markdownDescription": "Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas.", - "title": "SSESpecification" + "PluginName": { + "markdownDescription": "Specifies the plugin to use to create a replication slot.\n\nThe default value is `pglogical` .", + "title": "PluginName", + "type": "string" }, - "TableClass": { - "markdownDescription": "The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", - "title": "TableClass", + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the PostgreSQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this replica.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Region" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification": { - "additionalProperties": false, - "properties": { - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", - "markdownDescription": "A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nYou can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource.", - "title": "ResourcePolicy" + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the PostgreSQL endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "SlotName": { + "markdownDescription": "Sets the name of a previously created logical replication slot for a change data capture (CDC) load of the PostgreSQL source instance.\n\nWhen used with the `CdcStartPosition` request parameter for the AWS DMS API , this attribute also makes it possible to use native CDC start points. DMS verifies that the specified logical replication slot exists before starting the CDC load task. It also verifies that the task was created with a valid setting of `CdcStartPosition` . If the specified slot doesn't exist or the task doesn't have a valid `CdcStartPosition` setting, DMS raises an error.\n\nFor more information about setting the `CdcStartPosition` request parameter, see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native) in the *AWS Database Migration Service User Guide* . For more information about using `CdcStartPosition` , see [CreateReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html) , [StartReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html) , and [ModifyReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html) .", + "title": "SlotName", + "type": "string" } }, - "required": [ - "ResourcePolicy" - ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.ResourcePolicy": { + "AWS::DMS::Endpoint.RedisSettings": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "PolicyDocument", - "type": "object" + "AuthPassword": { + "markdownDescription": "The password provided with the `auth-role` and `auth-token` options of the `AuthType` setting for a Redis target endpoint.", + "title": "AuthPassword", + "type": "string" + }, + "AuthType": { + "markdownDescription": "The type of authentication to perform when connecting to a Redis target. Options include `none` , `auth-token` , and `auth-role` . The `auth-token` option requires an `AuthPassword` value to be provided. The `auth-role` option requires `AuthUserName` and `AuthPassword` values to be provided.", + "title": "AuthType", + "type": "string" + }, + "AuthUserName": { + "markdownDescription": "The user name provided with the `auth-role` option of the `AuthType` setting for a Redis target endpoint.", + "title": "AuthUserName", + "type": "string" + }, + "Port": { + "markdownDescription": "Transmission Control Protocol (TCP) port for the endpoint.", + "title": "Port", + "type": "number" + }, + "ServerName": { + "markdownDescription": "Fully qualified domain name of the endpoint.", + "title": "ServerName", + "type": "string" + }, + "SslCaCertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint.", + "title": "SslCaCertificateArn", + "type": "string" + }, + "SslSecurityProtocol": { + "markdownDescription": "The connection to a Redis target endpoint using Transport Layer Security (TLS). Valid values include `plaintext` and `ssl-encryption` . The default is `ssl-encryption` . The `ssl-encryption` option makes an encrypted connection. Optionally, you can identify an Amazon Resource Name (ARN) for an SSL certificate authority (CA) using the `SslCaCertificateArn` setting. If an ARN isn't given for a CA, DMS uses the Amazon root CA.\n\nThe `plaintext` option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database.", + "title": "SslSecurityProtocol", + "type": "string" } }, - "required": [ - "PolicyDocument" - ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.SSESpecification": { + "AWS::DMS::Endpoint.RedshiftSettings": { "additionalProperties": false, "properties": { - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys.", - "title": "SSEEnabled", + "AcceptAnyDate": { + "markdownDescription": "A value that indicates to allow any date format, including invalid formats such as 00/00/00 00:00:00, to be loaded without generating an error. You can choose `true` or `false` (the default).\n\nThis parameter applies only to TIMESTAMP and DATE columns. Always use ACCEPTANYDATE with the DATEFORMAT parameter. If the date format for the data doesn't match the DATEFORMAT specification, Amazon Redshift inserts a NULL value into that field.", + "title": "AcceptAnyDate", "type": "boolean" }, - "SSEType": { - "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", - "title": "SSEType", + "AfterConnectScript": { + "markdownDescription": "Code to run after connecting. This parameter should contain the code itself, not the name of a file containing the code.", + "title": "AfterConnectScript", "type": "string" - } - }, - "required": [ - "SSEEnabled" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.StreamSpecification": { - "additionalProperties": false, - "properties": { - "StreamViewType": { - "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", - "title": "StreamViewType", + }, + "BucketFolder": { + "markdownDescription": "An S3 folder where the comma-separated-value (.csv) files are stored before being uploaded to the target Redshift cluster.\n\nFor full load mode, AWS DMS converts source records into .csv files and loads them to the *BucketFolder/TableID* path. AWS DMS uses the Redshift `COPY` command to upload the .csv files to the target table. The files are deleted once the `COPY` operation has finished. For more information, see [COPY](https://docs.aws.amazon.com/redshift/latest/dg/r_COPY.html) in the *Amazon Redshift Database Developer Guide* .\n\nFor change-data-capture (CDC) mode, AWS DMS creates a *NetChanges* table, and loads the .csv files to this *BucketFolder/NetChangesTableID* path.", + "title": "BucketFolder", "type": "string" - } - }, - "required": [ - "StreamViewType" - ], - "type": "object" - }, - "AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration": { - "additionalProperties": false, - "properties": { - "DisableScaleIn": { - "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` .", - "title": "DisableScaleIn", + }, + "BucketName": { + "markdownDescription": "The name of the intermediate S3 bucket used to store .csv files before uploading data to Redshift.", + "title": "BucketName", + "type": "string" + }, + "CaseSensitiveNames": { + "markdownDescription": "If Amazon Redshift is configured to support case sensitive schema names, set `CaseSensitiveNames` to `true` . The default is `false` .", + "title": "CaseSensitiveNames", "type": "boolean" }, - "ScaleInCooldown": { - "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start.", - "title": "ScaleInCooldown", + "CompUpdate": { + "markdownDescription": "If you set `CompUpdate` to `true` Amazon Redshift applies automatic compression if the table is empty. This applies even if the table columns already have encodings other than `RAW` . If you set `CompUpdate` to `false` , automatic compression is disabled and existing column encodings aren't changed. The default is `true` .", + "title": "CompUpdate", + "type": "boolean" + }, + "ConnectionTimeout": { + "markdownDescription": "A value that sets the amount of time to wait (in milliseconds) before timing out, beginning from when you initially establish a connection.", + "title": "ConnectionTimeout", "type": "number" }, - "ScaleOutCooldown": { - "markdownDescription": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start.", - "title": "ScaleOutCooldown", + "DateFormat": { + "markdownDescription": "The date format that you are using. Valid values are `auto` (case-sensitive), your date format string enclosed in quotes, or NULL. If this parameter is left unset (NULL), it defaults to a format of 'YYYY-MM-DD'. Using `auto` recognizes most strings, even some that aren't supported when you use a date format string.\n\nIf your date and time values use formats different from each other, set this to `auto` .", + "title": "DateFormat", + "type": "string" + }, + "EmptyAsNull": { + "markdownDescription": "A value that specifies whether AWS DMS should migrate empty CHAR and VARCHAR fields as NULL. A value of `true` sets empty CHAR and VARCHAR fields to null. The default is `false` .", + "title": "EmptyAsNull", + "type": "boolean" + }, + "EncryptionMode": { + "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , create an AWS Identity and Access Management (IAM) role with a policy that allows `\"arn:aws:s3:::*\"` to use the following actions: `\"s3:PutObject\", \"s3:ListBucket\"`", + "title": "EncryptionMode", + "type": "string" + }, + "ExplicitIds": { + "markdownDescription": "This setting is only valid for a full-load migration task. Set `ExplicitIds` to `true` to have tables with `IDENTITY` columns override their auto-generated values with explicit values loaded from the source data files used to populate the tables. The default is `false` .", + "title": "ExplicitIds", + "type": "boolean" + }, + "FileTransferUploadStreams": { + "markdownDescription": "The number of threads used to upload a single file. This parameter accepts a value from 1 through 64. It defaults to 10.\n\nThe number of parallel streams used to upload a single .csv file to an S3 bucket using S3 Multipart Upload. For more information, see [Multipart upload overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) .\n\n`FileTransferUploadStreams` accepts a value from 1 through 64. It defaults to 10.", + "title": "FileTransferUploadStreams", "type": "number" }, - "TargetValue": { - "markdownDescription": "Defines a target value for the scaling policy.", - "title": "TargetValue", + "LoadTimeout": { + "markdownDescription": "The amount of time to wait (in milliseconds) before timing out of operations performed by AWS DMS on a Redshift cluster, such as Redshift COPY, INSERT, DELETE, and UPDATE.", + "title": "LoadTimeout", + "type": "number" + }, + "MapBooleanAsBoolean": { + "markdownDescription": "When true, lets Redshift migrate the boolean type as boolean. By default, Redshift migrates booleans as `varchar(1)` . You must set this setting on both the source and target endpoints for it to take effect.", + "title": "MapBooleanAsBoolean", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "The maximum size (in KB) of any .csv file used to load data on an S3 bucket and transfer data to Amazon Redshift. It defaults to 1048576KB (1 GB).", + "title": "MaxFileSize", + "type": "number" + }, + "RemoveQuotes": { + "markdownDescription": "A value that specifies to remove surrounding quotation marks from strings in the incoming data. All characters within the quotation marks, including delimiters, are retained. Choose `true` to remove quotation marks. The default is `false` .", + "title": "RemoveQuotes", + "type": "boolean" + }, + "ReplaceChars": { + "markdownDescription": "A value that specifies to replaces the invalid characters specified in `ReplaceInvalidChars` , substituting the specified characters instead. The default is `\"?\"` .", + "title": "ReplaceChars", + "type": "string" + }, + "ReplaceInvalidChars": { + "markdownDescription": "A list of characters that you want to replace. Use with `ReplaceChars` .", + "title": "ReplaceInvalidChars", + "type": "string" + }, + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Amazon Redshift endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Amazon Redshift endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" + }, + "ServerSideEncryptionKmsKeyId": { + "markdownDescription": "The AWS KMS key ID. If you are using `SSE_KMS` for the `EncryptionMode` , provide this key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.", + "title": "ServerSideEncryptionKmsKeyId", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that has access to the Amazon Redshift service. The role must allow the `iam:PassRole` action.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "TimeFormat": { + "markdownDescription": "The time format that you want to use. Valid values are `auto` (case-sensitive), `'timeformat_string'` , `'epochsecs'` , or `'epochmillisecs'` . It defaults to 10. Using `auto` recognizes most strings, even some that aren't supported when you use a time format string.\n\nIf your date and time values use formats different from each other, set this parameter to `auto` .", + "title": "TimeFormat", + "type": "string" + }, + "TrimBlanks": { + "markdownDescription": "A value that specifies to remove the trailing white space characters from a VARCHAR string. This parameter applies only to columns with a VARCHAR data type. Choose `true` to remove unneeded white space. The default is `false` .", + "title": "TrimBlanks", + "type": "boolean" + }, + "TruncateColumns": { + "markdownDescription": "A value that specifies to truncate data in columns to the appropriate number of characters, so that the data fits in the column. This parameter applies only to columns with a VARCHAR or CHAR data type, and rows with a size of 4 MB or less. Choose `true` to truncate data. The default is `false` .", + "title": "TruncateColumns", + "type": "boolean" + }, + "WriteBufferSize": { + "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk at the DMS replication instance. The default value is 1000 (buffer size is 1000KB).", + "title": "WriteBufferSize", "type": "number" } }, - "required": [ - "TargetValue" - ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.TimeToLiveSpecification": { + "AWS::DMS::Endpoint.S3Settings": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the attribute used to store the expiration time for items in the table.\n\nCurrently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed.", - "title": "AttributeName", + "AddColumnName": { + "markdownDescription": "An optional parameter that, when set to `true` or `y` , you can use to add column name information to the .csv output file.\n\nThe default value is `false` . Valid values are `true` , `false` , `y` , and `n` .", + "title": "AddColumnName", + "type": "boolean" + }, + "AddTrailingPaddingCharacter": { + "markdownDescription": "Use the S3 target endpoint setting `AddTrailingPaddingCharacter` to add padding on string data. The default value is `false` .", + "title": "AddTrailingPaddingCharacter", + "type": "boolean" + }, + "BucketFolder": { + "markdownDescription": "An optional parameter to set a folder name in the S3 bucket. If provided, tables are created in the path `*bucketFolder* / *schema_name* / *table_name* /` . If this parameter isn't specified, the path used is `*schema_name* / *table_name* /` .", + "title": "BucketFolder", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", - "title": "Enabled", + "BucketName": { + "markdownDescription": "The name of the S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "CannedAclForObjects": { + "markdownDescription": "A value that enables AWS DMS to specify a predefined (canned) access control list (ACL) for objects created in an Amazon S3 bucket as .csv or .parquet files. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 Developer Guide* .\n\nThe default value is NONE. Valid values include NONE, PRIVATE, PUBLIC_READ, PUBLIC_READ_WRITE, AUTHENTICATED_READ, AWS_EXEC_READ, BUCKET_OWNER_READ, and BUCKET_OWNER_FULL_CONTROL.", + "title": "CannedAclForObjects", + "type": "string" + }, + "CdcInsertsAndUpdates": { + "markdownDescription": "A value that enables a change data capture (CDC) load to write INSERT and UPDATE operations to .csv or .parquet (columnar storage) output files. The default setting is `false` , but when `CdcInsertsAndUpdates` is set to `true` or `y` , only INSERTs and UPDATEs from the source database are migrated to the .csv or .parquet file.\n\nFor .csv file format only, how these INSERTs and UPDATEs are recorded depends on the value of the `IncludeOpForFullLoad` parameter. If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to either `I` or `U` to indicate INSERT and UPDATE operations at the source. But if `IncludeOpForFullLoad` is set to `false` , CDC records are written without an indication of INSERT or UPDATE operations at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the use of the `CdcInsertsAndUpdates` parameter in versions 3.3.1 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", + "title": "CdcInsertsAndUpdates", + "type": "boolean" + }, + "CdcInsertsOnly": { + "markdownDescription": "A value that enables a change data capture (CDC) load to write only INSERT operations to .csv or columnar storage (.parquet) output files. By default (the `false` setting), the first field in a .csv or .parquet record contains the letter I (INSERT), U (UPDATE), or D (DELETE). These values indicate whether the row was inserted, updated, or deleted at the source database for a CDC load to the target.\n\nIf `CdcInsertsOnly` is set to `true` or `y` , only INSERTs from the source database are migrated to the .csv or .parquet file. For .csv format only, how these INSERTs are recorded depends on the value of `IncludeOpForFullLoad` . If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to I to indicate the INSERT operation at the source. If `IncludeOpForFullLoad` is set to `false` , every CDC record is written without a first field to indicate the INSERT operation at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the interaction described preceding between the `CdcInsertsOnly` and `IncludeOpForFullLoad` parameters in versions 3.1.4 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", + "title": "CdcInsertsOnly", + "type": "boolean" + }, + "CdcMaxBatchInterval": { + "markdownDescription": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3.\n\nWhen `CdcMaxBatchInterval` and `CdcMinFileSize` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 60 seconds.", + "title": "CdcMaxBatchInterval", + "type": "number" + }, + "CdcMinFileSize": { + "markdownDescription": "Minimum file size, defined in kilobytes, to reach for a file output to Amazon S3.\n\nWhen `CdcMinFileSize` and `CdcMaxBatchInterval` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 32 MB.", + "title": "CdcMinFileSize", + "type": "number" + }, + "CdcPath": { + "markdownDescription": "Specifies the folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `CdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. For an S3 target if you set [`PreserveTransactions`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-PreserveTransactions) to `true` , AWS DMS verifies that you have set this parameter to a folder path on your S3 target where AWS DMS can save the transaction order for the CDC load. AWS DMS creates this CDC folder path in either your S3 target working directory or the S3 target location specified by [`BucketFolder`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketFolder) and [`BucketName`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketName) .\n\nFor example, if you specify `CdcPath` as `MyChangedData` , and you specify `BucketName` as `MyTargetBucket` but do not specify `BucketFolder` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyChangedData` .\n\nIf you specify the same `CdcPath` , and you specify `BucketName` as `MyTargetBucket` and `BucketFolder` as `MyTargetData` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyTargetData/MyChangedData` .\n\nFor more information on CDC including transaction order on an S3 target, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", + "title": "CdcPath", + "type": "string" + }, + "CompressionType": { + "markdownDescription": "An optional parameter. When set to GZIP it enables the service to compress the target files. To allow the service to write the target files uncompressed, either set this parameter to NONE (the default) or don't specify the parameter at all. This parameter applies to both .csv and .parquet file formats.", + "title": "CompressionType", + "type": "string" + }, + "CsvDelimiter": { + "markdownDescription": "The delimiter used to separate columns in the .csv file for both source and target. The default is a comma.", + "title": "CsvDelimiter", + "type": "string" + }, + "CsvNoSupValue": { + "markdownDescription": "This setting only applies if your Amazon S3 output files during a change data capture (CDC) load are written in .csv format. If [`UseCsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-UseCsvNoSupValue) is set to true, specify a string value that you want AWS DMS to use for all columns not included in the supplemental log. If you do not specify a string value, AWS DMS uses the null value for these columns regardless of the `UseCsvNoSupValue` setting.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", + "title": "CsvNoSupValue", + "type": "string" + }, + "CsvNullValue": { + "markdownDescription": "An optional parameter that specifies how AWS DMS treats null values. While handling the null value, you can use this parameter to pass a user-defined string as null when writing to the target. For example, when target columns are not nullable, you can use this option to differentiate between the empty string value and the null value. So, if you set this parameter value to the empty string (\"\" or ''), AWS DMS treats the empty string as the null value instead of `NULL` .\n\nThe default value is `NULL` . Valid values include any valid string.", + "title": "CsvNullValue", + "type": "string" + }, + "CsvRowDelimiter": { + "markdownDescription": "The delimiter used to separate rows in the .csv file for both source and target.\n\nThe default is a carriage return ( `\\n` ).", + "title": "CsvRowDelimiter", + "type": "string" + }, + "DataFormat": { + "markdownDescription": "The format of the data that you want to use for output. You can choose one of the following:\n\n- `csv` : This is a row-based file format with comma-separated values (.csv).\n- `parquet` : Apache Parquet (.parquet) is a columnar storage file format that features efficient compression and provides faster query response.", + "title": "DataFormat", + "type": "string" + }, + "DataPageSize": { + "markdownDescription": "The size of one data page in bytes. This parameter defaults to 1024 * 1024 bytes (1 MiB). This number is used for .parquet file format only.", + "title": "DataPageSize", + "type": "number" + }, + "DatePartitionDelimiter": { + "markdownDescription": "Specifies a date separating delimiter to use during folder partitioning. The default value is `SLASH` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", + "title": "DatePartitionDelimiter", + "type": "string" + }, + "DatePartitionEnabled": { + "markdownDescription": "When set to `true` , this parameter partitions S3 bucket folders based on transaction commit dates. The default value is `false` . For more information about date-based folder partitioning, see [Using date-based folder partitioning](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.DatePartitioning) .", + "title": "DatePartitionEnabled", + "type": "boolean" + }, + "DatePartitionSequence": { + "markdownDescription": "Identifies the sequence of the date format to use during folder partitioning. The default value is `YYYYMMDD` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", + "title": "DatePartitionSequence", + "type": "string" + }, + "DatePartitionTimezone": { + "markdownDescription": "When creating an S3 target endpoint, set `DatePartitionTimezone` to convert the current UTC time into a specified time zone. The conversion occurs when a date partition folder is created and a change data capture (CDC) file name is generated. The time zone format is Area/Location. Use this parameter when `DatePartitionedEnabled` is set to `true` , as shown in the following example.\n\n`s3-settings='{\"DatePartitionEnabled\": true, \"DatePartitionSequence\": \"YYYYMMDDHH\", \"DatePartitionDelimiter\": \"SLASH\", \"DatePartitionTimezone\":\" *Asia/Seoul* \", \"BucketName\": \"dms-nattarat-test\"}'`", + "title": "DatePartitionTimezone", + "type": "string" + }, + "DictPageSizeLimit": { + "markdownDescription": "The maximum size of an encoded dictionary page of a column. If the dictionary page exceeds this, this column is stored using an encoding type of `PLAIN` . This parameter defaults to 1024 * 1024 bytes (1 MiB), the maximum size of a dictionary page before it reverts to `PLAIN` encoding. This size is used for .parquet file format only.", + "title": "DictPageSizeLimit", + "type": "number" + }, + "EnableStatistics": { + "markdownDescription": "A value that enables statistics for Parquet pages and row groups. Choose `true` to enable statistics, `false` to disable. Statistics include `NULL` , `DISTINCT` , `MAX` , and `MIN` values. This parameter defaults to `true` . This value is used for .parquet file format only.", + "title": "EnableStatistics", + "type": "boolean" + }, + "EncodingType": { + "markdownDescription": "The type of encoding that you're using:\n\n- `RLE_DICTIONARY` uses a combination of bit-packing and run-length encoding to store repeated values more efficiently. This is the default.\n- `PLAIN` doesn't use encoding at all. Values are stored as they are.\n- `PLAIN_DICTIONARY` builds a dictionary of the values encountered in a given column. The dictionary is stored in a dictionary page for each column chunk.", + "title": "EncodingType", + "type": "string" + }, + "EncryptionMode": { + "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , you need an IAM role with permission to allow `\"arn:aws:s3:::dms-*\"` to use the following actions:\n\n- `s3:CreateBucket`\n- `s3:ListBucket`\n- `s3:DeleteBucket`\n- `s3:GetBucketLocation`\n- `s3:GetObject`\n- `s3:PutObject`\n- `s3:DeleteObject`\n- `s3:GetObjectVersion`\n- `s3:GetBucketPolicy`\n- `s3:PutBucketPolicy`\n- `s3:DeleteBucketPolicy`", + "title": "EncryptionMode", + "type": "string" + }, + "ExpectedBucketOwner": { + "markdownDescription": "To specify a bucket owner and prevent sniping, you can use the `ExpectedBucketOwner` endpoint setting.\n\nExample: `--s3-settings='{\"ExpectedBucketOwner\": \" *AWS_Account_ID* \"}'`\n\nWhen you make a request to test a connection or perform a migration, S3 checks the account ID of the bucket owner against the specified parameter.", + "title": "ExpectedBucketOwner", + "type": "string" + }, + "ExternalTableDefinition": { + "markdownDescription": "The external table definition.\n\nConditional: If `S3` is used as a source then `ExternalTableDefinition` is required.", + "title": "ExternalTableDefinition", + "type": "string" + }, + "GlueCatalogGeneration": { + "markdownDescription": "When true, allows AWS Glue to catalog your S3 bucket. Creating an AWS Glue catalog lets you use Athena to query your data.", + "title": "GlueCatalogGeneration", + "type": "boolean" + }, + "IgnoreHeaderRows": { + "markdownDescription": "When this value is set to 1, AWS DMS ignores the first row header in a .csv file. A value of 1 turns on the feature; a value of 0 turns off the feature.\n\nThe default is 0.", + "title": "IgnoreHeaderRows", + "type": "number" + }, + "IncludeOpForFullLoad": { + "markdownDescription": "A value that enables a full load to write INSERT operations to the comma-separated value (.csv) output files only to indicate how the rows were added to the source database.\n\n> AWS DMS supports the `IncludeOpForFullLoad` parameter in versions 3.1.4 and later. \n\nFor full load, records can only be inserted. By default (the `false` setting), no information is recorded in these output files for a full load to indicate that the rows were inserted at the source database. If `IncludeOpForFullLoad` is set to `true` or `y` , the INSERT is recorded as an I annotation in the first field of the .csv file. This allows the format of your target records from a full load to be consistent with the target records from a CDC load.\n\n> This setting works together with the `CdcInsertsOnly` and the `CdcInsertsAndUpdates` parameters for output to .csv files only. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .", + "title": "IncludeOpForFullLoad", + "type": "boolean" + }, + "MaxFileSize": { + "markdownDescription": "A value that specifies the maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load.\n\nThe default value is 1,048,576 KB (1 GB). Valid values include 1 to 1,048,576.", + "title": "MaxFileSize", + "type": "number" + }, + "ParquetTimestampInMillisecond": { + "markdownDescription": "A value that specifies the precision of any `TIMESTAMP` column values that are written to an Amazon S3 object file in .parquet format.\n\n> AWS DMS supports the `ParquetTimestampInMillisecond` parameter in versions 3.1.4 and later. \n\nWhen `ParquetTimestampInMillisecond` is set to `true` or `y` , AWS DMS writes all `TIMESTAMP` columns in a .parquet formatted file with millisecond precision. Otherwise, DMS writes them with microsecond precision.\n\nCurrently, Amazon Athena and AWS Glue can handle only millisecond precision for `TIMESTAMP` values. Set this parameter to `true` for S3 endpoint object files that are .parquet formatted only if you plan to query or process the data with Athena or AWS Glue .\n\n> AWS DMS writes any `TIMESTAMP` column values written to an S3 file in .csv format with microsecond precision.\n> \n> Setting `ParquetTimestampInMillisecond` has no effect on the string format of the timestamp column value that is inserted by setting the `TimestampColumnName` parameter.", + "title": "ParquetTimestampInMillisecond", + "type": "boolean" + }, + "ParquetVersion": { + "markdownDescription": "The version of the Apache Parquet format that you want to use: `parquet_1_0` (the default) or `parquet_2_0` .", + "title": "ParquetVersion", + "type": "string" + }, + "PreserveTransactions": { + "markdownDescription": "If this setting is set to `true` , AWS DMS saves the transaction order for a change data capture (CDC) load on the Amazon S3 target specified by [`CdcPath`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CdcPath) . For more information, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", + "title": "PreserveTransactions", + "type": "boolean" + }, + "Rfc4180": { + "markdownDescription": "For an S3 source, when this value is set to `true` or `y` , each leading double quotation mark has to be followed by an ending double quotation mark. This formatting complies with RFC 4180. When this value is set to `false` or `n` , string literals are copied to the target as is. In this case, a delimiter (row or column) signals the end of the field. Thus, you can't use a delimiter as part of the string, because it signals the end of the value.\n\nFor an S3 target, an optional parameter used to set behavior to comply with RFC 4180 for data migrated to Amazon S3 using .csv file format only. When this value is set to `true` or `y` using Amazon S3 as a target, if the data has quotation marks or newline characters in it, AWS DMS encloses the entire column with an additional pair of double quotation marks (\"). Every quotation mark within the data is repeated twice.\n\nThe default value is `true` . Valid values include `true` , `false` , `y` , and `n` .", + "title": "Rfc4180", + "type": "boolean" + }, + "RowGroupLength": { + "markdownDescription": "The number of rows in a row group. A smaller row group size provides faster reads. But as the number of row groups grows, the slower writes become. This parameter defaults to 10,000 rows. This number is used for .parquet file format only.\n\nIf you choose a value larger than the maximum, `RowGroupLength` is set to the max row group length in bytes (64 * 1024 * 1024).", + "title": "RowGroupLength", + "type": "number" + }, + "ServerSideEncryptionKmsKeyId": { + "markdownDescription": "If you are using `SSE_KMS` for the `EncryptionMode` , provide the AWS KMS key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.\n\nHere is a CLI example: `aws dms create-endpoint --endpoint-identifier *value* --endpoint-type target --engine-name s3 --s3-settings ServiceAccessRoleArn= *value* ,BucketFolder= *value* ,BucketName= *value* ,EncryptionMode=SSE_KMS,ServerSideEncryptionKmsKeyId= *value*`", + "title": "ServerSideEncryptionKmsKeyId", + "type": "string" + }, + "ServiceAccessRoleArn": { + "markdownDescription": "A required parameter that specifies the Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action. It enables AWS DMS to read and write objects from an S3 bucket.", + "title": "ServiceAccessRoleArn", + "type": "string" + }, + "TimestampColumnName": { + "markdownDescription": "A value that when nonblank causes AWS DMS to add a column with timestamp information to the endpoint data for an Amazon S3 target.\n\n> AWS DMS supports the `TimestampColumnName` parameter in versions 3.1.4 and later. \n\nAWS DMS includes an additional `STRING` column in the .csv or .parquet object files of your migrated data when you set `TimestampColumnName` to a nonblank value.\n\nFor a full load, each row of this timestamp column contains a timestamp for when the data was transferred from the source to the target by DMS.\n\nFor a change data capture (CDC) load, each row of the timestamp column contains the timestamp for the commit of that row in the source database.\n\nThe string format for this timestamp column value is `yyyy-MM-dd HH:mm:ss.SSSSSS` . By default, the precision of this value is in microseconds. For a CDC load, the rounding of the precision depends on the commit timestamp supported by DMS for the source database.\n\nWhen the `AddColumnName` parameter is set to `true` , DMS also includes a name for the timestamp column that you set with `TimestampColumnName` .", + "title": "TimestampColumnName", + "type": "string" + }, + "UseCsvNoSupValue": { + "markdownDescription": "This setting applies if the S3 output files during a change data capture (CDC) load are written in .csv format. If this setting is set to `true` for columns not included in the supplemental log, AWS DMS uses the value specified by [`CsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CsvNoSupValue) . If this setting isn't set or is set to `false` , AWS DMS uses the null value for these columns.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", + "title": "UseCsvNoSupValue", + "type": "boolean" + }, + "UseTaskStartTimeForFullLoadTimestamp": { + "markdownDescription": "When set to true, this parameter uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when `useTaskStartTimeForFullLoadTimestamp` is set to `true` , each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.\n\nWhen `useTaskStartTimeForFullLoadTimestamp` is set to `false` , the full load timestamp in the timestamp column increments with the time data arrives at the target.", + "title": "UseTaskStartTimeForFullLoadTimestamp", "type": "boolean" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings": { + "AWS::DMS::Endpoint.SybaseSettings": { "additionalProperties": false, "properties": { - "WriteCapacityAutoScalingSettings": { - "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", - "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", - "title": "WriteCapacityAutoScalingSettings" + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SAP ASE endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", + "title": "SecretsManagerAccessRoleArn", + "type": "string" + }, + "SecretsManagerSecretId": { + "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the SAP SAE endpoint connection details.", + "title": "SecretsManagerSecretId", + "type": "string" } }, "type": "object" }, - "AWS::DynamoDB::Table": { + "AWS::DMS::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -67795,120 +75064,59 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributeDefinitions": { + "Enabled": { + "markdownDescription": "Indicates whether to activate the subscription. If you don't specify this property, AWS CloudFormation activates the subscription.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.AttributeDefinition" + "type": "string" }, - "markdownDescription": "A list of attributes that describe the key schema for the table and indexes.\n\nThis property is required to create a DynamoDB table.\n\nUpdate requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) . Replacement if you edit an existing AttributeDefinition.", - "title": "AttributeDefinitions", + "markdownDescription": "A list of event categories for a source type that you want to subscribe to. If you don't specify this property, you are notified about all event categories. For more information, see [Working with Events and Notifications](https://docs.aws.amazon.com//dms/latest/userguide/CHAP_Events.html) in the *AWS DMS User Guide* .", + "title": "EventCategories", "type": "array" }, - "BillingMode": { - "markdownDescription": "Specify how you are charged for read and write throughput and how you manage capacity.\n\nValid values include:\n\n- `PAY_PER_REQUEST` - We recommend using `PAY_PER_REQUEST` for most DynamoDB workloads. `PAY_PER_REQUEST` sets the billing mode to [On-demand capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html) .\n- `PROVISIONED` - We recommend using `PROVISIONED` for steady workloads with predictable growth where capacity requirements can be reliably forecasted. `PROVISIONED` sets the billing mode to [Provisioned capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html) .\n\nIf not specified, the default is `PROVISIONED` .", - "title": "BillingMode", + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", + "title": "SnsTopicArn", "type": "string" }, - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table.", - "title": "ContributorInsightsSpecification" - }, - "DeletionProtectionEnabled": { - "markdownDescription": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", - "title": "DeletionProtectionEnabled", - "type": "boolean" - }, - "GlobalSecondaryIndexes": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.GlobalSecondaryIndex" - }, - "markdownDescription": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n\n> If you update a table to include a new global secondary index, AWS CloudFormation initiates the index creation and then proceeds with the stack update. AWS CloudFormation doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is `ACTIVE` . You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n> \n> If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.\n> \n> Updates are not supported. The following are exceptions:\n> \n> - If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n> - You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.", - "title": "GlobalSecondaryIndexes", - "type": "array" - }, - "ImportSourceSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ImportSourceSpecification", - "markdownDescription": "Specifies the properties of data being imported from the S3 bucket source to the\" table.\n\n> If you specify the `ImportSourceSpecification` property, and also specify either the `StreamSpecification` , the `TableClass` property, the `DeletionProtectionEnabled` property, or the `WarmThroughput` property, the IAM entity creating/updating stack must have `UpdateTable` permission.", - "title": "ImportSourceSpecification" - }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", - "title": "KeySchema", - "type": "array" - }, - "KinesisStreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KinesisStreamSpecification", - "markdownDescription": "The Kinesis Data Streams configuration for the specified table.", - "title": "KinesisStreamSpecification" - }, - "LocalSecondaryIndexes": { + "SourceIds": { "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.LocalSecondaryIndex" + "type": "string" }, - "markdownDescription": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.", - "title": "LocalSecondaryIndexes", + "markdownDescription": "A list of identifiers for which AWS DMS provides notification events.\n\nIf you don't specify a value, notifications are provided for all sources.\n\nIf you specify multiple values, they must be of the same type. For example, if you specify a database instance ID, then all of the other values must be database instance IDs.", + "title": "SourceIds", "type": "array" }, - "PointInTimeRecoverySpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.PointInTimeRecoverySpecification", - "markdownDescription": "The settings used to enable point in time recovery.", - "title": "PointInTimeRecoverySpecification" - }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", - "markdownDescription": "Throughput for the specified table, which consists of values for `ReadCapacityUnits` and `WriteCapacityUnits` . For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html) .\n\nIf you set `BillingMode` as `PROVISIONED` , you must specify this property. If you set `BillingMode` as `PAY_PER_REQUEST` , you cannot specify this property.", - "title": "ProvisionedThroughput" - }, - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", - "markdownDescription": "An AWS resource-based policy document in JSON format that will be attached to the table.\n\nWhen you attach a resource-based policy while creating a table, the policy application is *strongly consistent* .\n\nThe maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that apply for resource-based policies, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .\n\n> You need to specify the `CreateTable` and `PutResourcePolicy` IAM actions for authorizing a user to create a table with a resource-based policy.", - "title": "ResourcePolicy" - }, - "SSESpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", - "markdownDescription": "Specifies the settings to enable server-side encryption.", - "title": "SSESpecification" - }, - "StreamSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.StreamSpecification", - "markdownDescription": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", - "title": "StreamSpecification" - }, - "TableClass": { - "markdownDescription": "The table class of the new table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", - "title": "TableClass", + "SourceType": { + "markdownDescription": "The type of AWS DMS resource that generates the events. For example, if you want to be notified of events generated by a replication instance, you set this parameter to `replication-instance` . If this value isn't specified, all events are returned.\n\n*Valid values* : `replication-instance` | `replication-task`", + "title": "SourceType", "type": "string" }, - "TableName": { - "markdownDescription": "A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TableName", + "SubscriptionName": { + "markdownDescription": "The name of the AWS DMS event notification subscription. This name must be less than 255 characters.", + "title": "SubscriptionName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "One or more tags to be assigned to the event subscription.", "title": "Tags", "type": "array" - }, - "TimeToLiveSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.TimeToLiveSpecification", - "markdownDescription": "Specifies the Time to Live (TTL) settings for the table.\n\n> For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", - "title": "TimeToLiveSpecification" } }, "required": [ - "KeySchema" + "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::DynamoDB::Table" + "AWS::DMS::EventSubscription" ], "type": "string" }, @@ -67927,358 +75135,7 @@ ], "type": "object" }, - "AWS::DynamoDB::Table.AttributeDefinition": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "A name for the attribute.", - "title": "AttributeName", - "type": "string" - }, - "AttributeType": { - "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", - "title": "AttributeType", - "type": "string" - } - }, - "required": [ - "AttributeName", - "AttributeType" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.ContributorInsightsSpecification": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.Csv": { - "additionalProperties": false, - "properties": { - "Delimiter": { - "markdownDescription": "The delimiter used for separating items in the CSV file being imported.", - "title": "Delimiter", - "type": "string" - }, - "HeaderList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header.", - "title": "HeaderList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.GlobalSecondaryIndex": { - "additionalProperties": false, - "properties": { - "ContributorInsightsSpecification": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", - "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index.", - "title": "ContributorInsightsSpecification" - }, - "IndexName": { - "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", - "type": "string" - }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" - }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" - }, - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", - "markdownDescription": "Represents the provisioned throughput settings for the specified global secondary index. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.\n\nFor current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide* .", - "title": "ProvisionedThroughput" - } - }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.ImportSourceSpecification": { - "additionalProperties": false, - "properties": { - "InputCompressionType": { - "markdownDescription": "Type of compression to be used on the input coming from the imported table.", - "title": "InputCompressionType", - "type": "string" - }, - "InputFormat": { - "markdownDescription": "The format of the source data. Valid values for `ImportFormat` are `CSV` , `DYNAMODB_JSON` or `ION` .", - "title": "InputFormat", - "type": "string" - }, - "InputFormatOptions": { - "$ref": "#/definitions/AWS::DynamoDB::Table.InputFormatOptions", - "markdownDescription": "Additional properties that specify how the input is formatted,", - "title": "InputFormatOptions" - }, - "S3BucketSource": { - "$ref": "#/definitions/AWS::DynamoDB::Table.S3BucketSource", - "markdownDescription": "The S3 bucket that provides the source for the import.", - "title": "S3BucketSource" - } - }, - "required": [ - "InputFormat", - "S3BucketSource" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.InputFormatOptions": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Csv", - "markdownDescription": "The options for imported source files in CSV format. The values are Delimiter and HeaderList.", - "title": "Csv" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.KeySchema": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "The name of a key attribute.", - "title": "AttributeName", - "type": "string" - }, - "KeyType": { - "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeyType", - "type": "string" - } - }, - "required": [ - "AttributeName", - "KeyType" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.KinesisStreamSpecification": { - "additionalProperties": false, - "properties": { - "ApproximateCreationDateTimePrecision": { - "markdownDescription": "The precision for the time and date that the stream was created.", - "title": "ApproximateCreationDateTimePrecision", - "type": "string" - }, - "StreamArn": { - "markdownDescription": "The ARN for a specific Kinesis data stream.\n\nLength Constraints: Minimum length of 37. Maximum length of 1024.", - "title": "StreamArn", - "type": "string" - } - }, - "required": [ - "StreamArn" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.LocalSecondaryIndex": { - "additionalProperties": false, - "properties": { - "IndexName": { - "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", - "title": "IndexName", - "type": "string" - }, - "KeySchema": { - "items": { - "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" - }, - "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", - "title": "KeySchema", - "type": "array" - }, - "Projection": { - "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", - "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", - "title": "Projection" - } - }, - "required": [ - "IndexName", - "KeySchema", - "Projection" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.PointInTimeRecoverySpecification": { - "additionalProperties": false, - "properties": { - "PointInTimeRecoveryEnabled": { - "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", - "title": "PointInTimeRecoveryEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.Projection": { - "additionalProperties": false, - "properties": { - "NonKeyAttributes": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", - "title": "NonKeyAttributes", - "type": "array" - }, - "ProjectionType": { - "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", - "title": "ProjectionType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::DynamoDB::Table.ProvisionedThroughput": { - "additionalProperties": false, - "properties": { - "ReadCapacityUnits": { - "markdownDescription": "The maximum number of strongly consistent reads consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", - "title": "ReadCapacityUnits", - "type": "number" - }, - "WriteCapacityUnits": { - "markdownDescription": "The maximum number of writes consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", - "title": "WriteCapacityUnits", - "type": "number" - } - }, - "required": [ - "ReadCapacityUnits", - "WriteCapacityUnits" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.ResourcePolicy": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, index, or both. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "PolicyDocument", - "type": "object" - } - }, - "required": [ - "PolicyDocument" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.S3BucketSource": { - "additionalProperties": false, - "properties": { - "S3Bucket": { - "markdownDescription": "The S3 bucket that is being imported from.", - "title": "S3Bucket", - "type": "string" - }, - "S3BucketOwner": { - "markdownDescription": "The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional.", - "title": "S3BucketOwner", - "type": "string" - }, - "S3KeyPrefix": { - "markdownDescription": "The key prefix shared by all S3 Objects that are being imported.", - "title": "S3KeyPrefix", - "type": "string" - } - }, - "required": [ - "S3Bucket" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.SSESpecification": { - "additionalProperties": false, - "properties": { - "KMSMasterKeyId": { - "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", - "title": "KMSMasterKeyId", - "type": "string" - }, - "SSEEnabled": { - "markdownDescription": "Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to `KMS` and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key.", - "title": "SSEEnabled", - "type": "boolean" - }, - "SSEType": { - "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", - "title": "SSEType", - "type": "string" - } - }, - "required": [ - "SSEEnabled" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.StreamSpecification": { - "additionalProperties": false, - "properties": { - "ResourcePolicy": { - "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", - "markdownDescription": "Creates or updates a resource-based policy document that contains the permissions for DynamoDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", - "title": "ResourcePolicy" - }, - "StreamViewType": { - "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", - "title": "StreamViewType", - "type": "string" - } - }, - "required": [ - "StreamViewType" - ], - "type": "object" - }, - "AWS::DynamoDB::Table.TimeToLiveSpecification": { - "additionalProperties": false, - "properties": { - "AttributeName": { - "markdownDescription": "The name of the TTL attribute used to store the expiration time for items in the table.\n\n> - The `AttributeName` property is required when enabling the TTL, or when TTL is already enabled.\n> - To update this property, you must first disable TTL and then enable TTL with the new attribute name.", - "title": "AttributeName", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::CapacityReservation": { + "AWS::DMS::InstanceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -68314,85 +75171,67 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to create the Capacity Reservation.", + "markdownDescription": "The Availability Zone where the instance profile runs.", "title": "AvailabilityZone", "type": "string" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "EndDate": { - "markdownDescription": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.\n\nIf you are requesting a future-dated Capacity Reservation, you can't specify an end date and time that is within the commitment duration.", - "title": "EndDate", + "Description": { + "markdownDescription": "A description of the instance profile. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", + "title": "Description", "type": "string" }, - "EndDateType": { - "markdownDescription": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", - "title": "EndDateType", + "InstanceProfileIdentifier": { + "markdownDescription": "The identifier of the instance profile. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "InstanceProfileIdentifier", "type": "string" }, - "EphemeralStorage": { - "markdownDescription": "*Deprecated.*", - "title": "EphemeralStorage", - "type": "boolean" - }, - "InstanceCount": { - "markdownDescription": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 100 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *25 * m5.xlarge = 100 vCPUs* ). \n\nValid range: 1 - 1000", - "title": "InstanceCount", - "type": "number" - }, - "InstanceMatchCriteria": { - "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\n> If you are requesting a future-dated Capacity Reservation, you must specify `targeted` . \n\nDefault: `open`", - "title": "InstanceMatchCriteria", + "InstanceProfileName": { + "markdownDescription": "The user-friendly name for the instance profile.", + "title": "InstanceProfileName", "type": "string" }, - "InstancePlatform": { - "markdownDescription": "The type of operating system for which to reserve capacity.", - "title": "InstancePlatform", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.\n\nIf you don't specify a value for the `KmsKeyArn` parameter, then AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyArn", "type": "string" }, - "InstanceType": { - "markdownDescription": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, and T instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceType", + "NetworkType": { + "markdownDescription": "Specifies the network type for the instance profile. A value of `IPV4` represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of `IPV6` represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of `DUAL` represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.", + "title": "NetworkType", "type": "string" }, - "OutPostArn": { - "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", - "title": "OutPostArn", - "type": "string" + "PubliclyAccessible": { + "markdownDescription": "Specifies the accessibility options for the instance profile. A value of `true` represents an instance profile with a public IP address. A value of `false` represents an instance profile with a private IP address. The default value is `true` .", + "title": "PubliclyAccessible", + "type": "boolean" }, - "PlacementGroupArn": { - "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", - "title": "PlacementGroupArn", + "SubnetGroupIdentifier": { + "markdownDescription": "The identifier of the subnet group that is associated with the instance profile.", + "title": "SubnetGroupIdentifier", "type": "string" }, - "TagSpecifications": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservation.TagSpecification" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the Capacity Reservation during launch.", - "title": "TagSpecifications", + "markdownDescription": "", + "title": "Tags", "type": "array" }, - "Tenancy": { - "markdownDescription": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account .", - "title": "Tenancy", - "type": "string" + "VpcSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security groups that are used with the instance profile. The VPC security group must work with the VPC containing the instance profile.", + "title": "VpcSecurityGroups", + "type": "array" } }, - "required": [ - "AvailabilityZone", - "InstanceCount", - "InstancePlatform", - "InstanceType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::CapacityReservation" + "AWS::DMS::InstanceProfile" ], "type": "string" }, @@ -68406,31 +75245,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::CapacityReservation.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. Specify `capacity-reservation` .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::CapacityReservationFleet": { + "AWS::DMS::MigrationProject": { "additionalProperties": false, "properties": { "Condition": { @@ -68465,63 +75284,76 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`", - "title": "AllocationStrategy", + "Description": { + "markdownDescription": "A user-friendly description of the migration project.", + "title": "Description", "type": "string" }, - "EndDate": { - "markdownDescription": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` .", - "title": "EndDate", + "InstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile for your migration project.", + "title": "InstanceProfileArn", "type": "string" }, - "InstanceMatchCriteria": { - "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity.", - "title": "InstanceMatchCriteria", + "InstanceProfileIdentifier": { + "markdownDescription": "The identifier of the instance profile for your migration project.", + "title": "InstanceProfileIdentifier", "type": "string" }, - "InstanceTypeSpecifications": { + "InstanceProfileName": { + "markdownDescription": "The name of the associated instance profile.", + "title": "InstanceProfileName", + "type": "string" + }, + "MigrationProjectIdentifier": { + "markdownDescription": "The identifier of the migration project. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", + "title": "MigrationProjectIdentifier", + "type": "string" + }, + "MigrationProjectName": { + "markdownDescription": "The name of the migration project.", + "title": "MigrationProjectName", + "type": "string" + }, + "SchemaConversionApplicationAttributes": { + "$ref": "#/definitions/AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes", + "markdownDescription": "The schema conversion application attributes, including the Amazon S3 bucket name and Amazon S3 role ARN.", + "title": "SchemaConversionApplicationAttributes" + }, + "SourceDataProviderDescriptors": { "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification" + "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" }, - "markdownDescription": "Information about the instance types for which to reserve the capacity.", - "title": "InstanceTypeSpecifications", + "markdownDescription": "Information about the source data provider, including the name or ARN, and AWS Secrets Manager parameters.", + "title": "SourceDataProviderDescriptors", "type": "array" }, - "NoRemoveEndDate": { - "markdownDescription": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter.", - "title": "NoRemoveEndDate", - "type": "boolean" - }, - "RemoveEndDate": { - "markdownDescription": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter.", - "title": "RemoveEndDate", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" }, - "TagSpecifications": { + "TargetDataProviderDescriptors": { "items": { - "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.TagSpecification" + "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" }, - "markdownDescription": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet.", - "title": "TagSpecifications", + "markdownDescription": "Information about the target data provider, including the name or ARN, and AWS Secrets Manager parameters.", + "title": "TargetDataProviderDescriptors", "type": "array" }, - "Tenancy": { - "markdownDescription": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account .", - "title": "Tenancy", + "TransformationRules": { + "markdownDescription": "The settings in JSON format for migration rules. Migration rules make it possible for you to change the object names according to the rules that you specify. For example, you can change an object name to lowercase or uppercase, add or remove a prefix or suffix, or rename objects.", + "title": "TransformationRules", "type": "string" - }, - "TotalTargetCapacity": { - "markdownDescription": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* .", - "title": "TotalTargetCapacity", - "type": "number" } }, "type": "object" }, "Type": { "enum": [ - "AWS::EC2::CapacityReservationFleet" + "AWS::DMS::MigrationProject" ], "type": "string" }, @@ -68539,67 +75371,54 @@ ], "type": "object" }, - "AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification": { + "AWS::DMS::MigrationProject.DataProviderDescriptor": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", - "title": "AvailabilityZone", + "DataProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data provider.", + "title": "DataProviderArn", "type": "string" }, - "AvailabilityZoneId": { - "markdownDescription": "The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", - "title": "AvailabilityZoneId", + "DataProviderIdentifier": { + "markdownDescription": "", + "title": "DataProviderIdentifier", "type": "string" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types.", - "title": "EbsOptimized", - "type": "boolean" - }, - "InstancePlatform": { - "markdownDescription": "The type of operating system for which the Capacity Reservation Fleet reserves capacity.", - "title": "InstancePlatform", + "DataProviderName": { + "markdownDescription": "The user-friendly name of the data provider.", + "title": "DataProviderName", "type": "string" }, - "InstanceType": { - "markdownDescription": "The instance type for which the Capacity Reservation Fleet reserves capacity.", - "title": "InstanceType", + "SecretsManagerAccessRoleArn": { + "markdownDescription": "The ARN of the role used to access AWS Secrets Manager.", + "title": "SecretsManagerAccessRoleArn", "type": "string" }, - "Priority": { - "markdownDescription": "The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* .", - "title": "Priority", - "type": "number" - }, - "Weight": { - "markdownDescription": "The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide.\n\nValid Range: Minimum value of `0.001` . Maximum value of `99.999` .", - "title": "Weight", - "type": "number" + "SecretsManagerSecretId": { + "markdownDescription": "The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider.", + "title": "SecretsManagerSecretId", + "type": "string" } }, "type": "object" }, - "AWS::EC2::CapacityReservationFleet.TagSpecification": { + "AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag on creation. Specify `capacity-reservation-fleet` .\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", - "title": "ResourceType", + "S3BucketPath": { + "markdownDescription": "", + "title": "S3BucketPath", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" + "S3BucketRoleArn": { + "markdownDescription": "", + "title": "S3BucketRoleArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::CarrierGateway": { + "AWS::DMS::ReplicationConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -68634,28 +75453,73 @@ "Properties": { "additionalProperties": false, "properties": { + "ComputeConfig": { + "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig", + "markdownDescription": "Configuration parameters for provisioning an AWS DMS Serverless replication.", + "title": "ComputeConfig" + }, + "ReplicationConfigIdentifier": { + "markdownDescription": "A unique identifier that you want to use to create a `ReplicationConfigArn` that is returned as part of the output from this action. You can then pass this output `ReplicationConfigArn` as the value of the `ReplicationConfigArn` option for other actions to identify both AWS DMS Serverless replications and replication configurations that you want those actions to operate on. For some actions, you can also use either this unique identifier or a corresponding ARN in action filters to identify the specific replication and replication configuration to operate on.", + "title": "ReplicationConfigIdentifier", + "type": "string" + }, + "ReplicationSettings": { + "markdownDescription": "Optional JSON settings for AWS DMS Serverless replications that are provisioned using this replication configuration. For example, see [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html) .", + "title": "ReplicationSettings", + "type": "object" + }, + "ReplicationType": { + "markdownDescription": "The type of AWS DMS Serverless replication to provision using this replication configuration.\n\nPossible values:\n\n- `\"full-load\"`\n- `\"cdc\"`\n- `\"full-load-and-cdc\"`", + "title": "ReplicationType", + "type": "string" + }, + "ResourceIdentifier": { + "markdownDescription": "Optional unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess) .", + "title": "ResourceIdentifier", + "type": "string" + }, + "SourceEndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration.", + "title": "SourceEndpointArn", + "type": "string" + }, + "SupplementalSettings": { + "markdownDescription": "Optional JSON settings for specifying supplemental data. For more information, see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) .", + "title": "SupplementalSettings", + "type": "object" + }, + "TableMappings": { + "markdownDescription": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration. For more information, see [Specifying table selection and transformations rules using JSON](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.SelectionTransformation.html) .", + "title": "TableMappings", + "type": "object" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the carrier gateway.", + "markdownDescription": "One or more optional tags associated with resources used by the AWS DMS Serverless replication. For more information, see [Tagging resources in AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tagging.html) .", "title": "Tags", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC associated with the carrier gateway.", - "title": "VpcId", + "TargetEndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS serverless replication configuration.", + "title": "TargetEndpointArn", "type": "string" } }, "required": [ - "VpcId" + "ComputeConfig", + "ReplicationConfigIdentifier", + "ReplicationType", + "SourceEndpointArn", + "TableMappings", + "TargetEndpointArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::CarrierGateway" + "AWS::DMS::ReplicationConfig" ], "type": "string" }, @@ -68674,7 +75538,64 @@ ], "type": "object" }, - "AWS::EC2::ClientVpnAuthorizationRule": { + "AWS::DMS::ReplicationConfig.ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `\"us-west-2\"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` .", + "title": "AvailabilityZone", + "type": "string" + }, + "DnsNameServers": { + "markdownDescription": "A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", + "title": "DnsNameServers", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "An AWS Key Management Service ( AWS KMS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", + "type": "string" + }, + "MaxCapacityUnits": { + "markdownDescription": "Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify.", + "title": "MaxCapacityUnits", + "type": "number" + }, + "MinCapacityUnits": { + "markdownDescription": "Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` .", + "title": "MinCapacityUnits", + "type": "number" + }, + "MultiAZ": { + "markdownDescription": "Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` .", + "title": "MultiAZ", + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` .\n\nThe default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` .\n\nConstraints include a minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "ReplicationSubnetGroupId": { + "markdownDescription": "Specifies a subnet group identifier to associate with the AWS DMS Serverless replication.", + "title": "ReplicationSubnetGroupId", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication.", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "AWS::DMS::ReplicationInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -68709,41 +75630,106 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessGroupId": { - "markdownDescription": "The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if `AuthorizeAllGroups` is `false` or not specified.", - "title": "AccessGroupId", + "AllocatedStorage": { + "markdownDescription": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.", + "title": "AllocatedStorage", + "type": "number" + }, + "AllowMajorVersionUpgrade": { + "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage, and the change is asynchronously applied as soon as possible.\n\nThis parameter must be set to `true` when specifying a value for the `EngineVersion` parameter that is a different major version than the replication instance's current version.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the replication instance during the maintenance window. This parameter defaults to `true` .\n\nDefault: `true`", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone that the replication instance will be created in.\n\nThe default value is a random, system-chosen Availability Zone in the endpoint's AWS Region , for example `us-east-1d` .", + "title": "AvailabilityZone", "type": "string" }, - "AuthorizeAllGroups": { - "markdownDescription": "Indicates whether to grant access to all clients. Specify `true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.", - "title": "AuthorizeAllGroups", + "DnsNameServers": { + "markdownDescription": "A list of custom DNS name servers supported for the replication instance to access your on-premise source or target database. This list overrides the default name servers supported by the replication instance. You can specify a comma-separated list of internet addresses for up to four on-premise DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", + "title": "DnsNameServers", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The engine version number of the replication instance.\n\nIf an engine version number is not specified when a replication instance is created, the default is the latest engine version available.", + "title": "EngineVersion", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "An AWS KMS key identifier that is used to encrypt the data on the replication instance.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", + "title": "KmsKeyId", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "Specifies whether the replication instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the Multi-AZ parameter is set to `true` .", + "title": "MultiAZ", "type": "boolean" }, - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint.", - "title": "ClientVpnEndpointId", + "NetworkType": { + "markdownDescription": "The type of IP address protocol used by a replication instance, such as IPv4 only or Dual-stack that supports both IPv4 and IPv6 addressing. IPv6 only is not yet supported.", + "title": "NetworkType", "type": "string" }, - "Description": { - "markdownDescription": "A brief description of the authorization rule.", - "title": "Description", + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in UTC.\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : A 30-minute window selected at random from an 8-hour block of time per AWS Region , occurring on a random day of the week.\n\n*Valid days* ( `ddd` ): `Mon` | `Tue` | `Wed` | `Thu` | `Fri` | `Sat` | `Sun`\n\n*Constraints* : Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" }, - "TargetNetworkCidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation, of the network for which access is being authorized.", - "title": "TargetNetworkCidr", + "PubliclyAccessible": { + "markdownDescription": "Specifies the accessibility options for the replication instance. A value of `true` represents an instance with a public IP address. A value of `false` represents an instance with a private IP address. The default value is `true` .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicationInstanceClass": { + "markdownDescription": "The compute and memory capacity of the replication instance as defined for the specified replication instance class. For example, to specify the instance class dms.c4.large, set this parameter to `\"dms.c4.large\"` . For more information on the settings and capacities for the available replication instance classes, see [Selecting the right AWS DMS replication instance for your migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.html#CHAP_ReplicationInstance.InDepth) in the *AWS Database Migration Service User Guide* .", + "title": "ReplicationInstanceClass", "type": "string" + }, + "ReplicationInstanceIdentifier": { + "markdownDescription": "The replication instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain 1-63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `myrepinstance`", + "title": "ReplicationInstanceIdentifier", + "type": "string" + }, + "ReplicationSubnetGroupIdentifier": { + "markdownDescription": "A subnet group to associate with the replication instance.", + "title": "ReplicationSubnetGroupIdentifier", + "type": "string" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` . For example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags to be assigned to the replication instance.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the virtual private cloud (VPC) security group to be used with the replication instance. The VPC security group must work with the VPC containing the replication instance.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, "required": [ - "ClientVpnEndpointId", - "TargetNetworkCidr" + "ReplicationInstanceClass" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnAuthorizationRule" + "AWS::DMS::ReplicationInstance" ], "type": "string" }, @@ -68762,7 +75748,7 @@ ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint": { + "AWS::DMS::ReplicationSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -68797,110 +75783,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthenticationOptions": { - "items": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest" - }, - "markdownDescription": "Information about the authentication method to be used to authenticate clients.", - "title": "AuthenticationOptions", - "type": "array" - }, - "ClientCidrBlock": { - "markdownDescription": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. Client CIDR range must have a size of at least /22 and must not be greater than /12.", - "title": "ClientCidrBlock", + "ReplicationSubnetGroupDescription": { + "markdownDescription": "The description for the subnet group.", + "title": "ReplicationSubnetGroupDescription", "type": "string" }, - "ClientConnectOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientConnectOptions", - "markdownDescription": "The options for managing connection authorization for new client connections.", - "title": "ClientConnectOptions" - }, - "ClientLoginBannerOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions", - "markdownDescription": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.", - "title": "ClientLoginBannerOptions" - }, - "ConnectionLogOptions": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions", - "markdownDescription": "Information about the client connection logging options.\n\nIf you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:\n\n- Client connection requests\n- Client connection results (successful and unsuccessful)\n- Reasons for unsuccessful client connection requests\n- Client connection termination time", - "title": "ConnectionLogOptions" - }, - "Description": { - "markdownDescription": "A brief description of the Client VPN endpoint.", - "title": "Description", + "ReplicationSubnetGroupIdentifier": { + "markdownDescription": "The identifier for the replication subnet group. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the identifier.", + "title": "ReplicationSubnetGroupIdentifier", "type": "string" }, - "DnsServers": { - "items": { - "type": "string" - }, - "markdownDescription": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.", - "title": "DnsServers", - "type": "array" - }, - "SecurityGroupIds": { + "SubnetIds": { "items": { "type": "string" }, - "markdownDescription": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.", - "title": "SecurityGroupIds", + "markdownDescription": "One or more subnet IDs to be assigned to the subnet group.", + "title": "SubnetIds", "type": "array" }, - "SelfServicePortal": { - "markdownDescription": "Specify whether to enable the self-service portal for the Client VPN endpoint.\n\nDefault Value: `enabled`", - "title": "SelfServicePortal", - "type": "string" - }, - "ServerCertificateArn": { - "markdownDescription": "The ARN of the server certificate. For more information, see the [AWS Certificate Manager User Guide](https://docs.aws.amazon.com/acm/latest/userguide/) .", - "title": "ServerCertificateArn", - "type": "string" - }, - "SessionTimeoutHours": { - "markdownDescription": "The maximum VPN session duration time in hours.\n\nValid values: `8 | 10 | 12 | 24`\n\nDefault value: `24`", - "title": "SessionTimeoutHours", - "type": "number" - }, - "SplitTunnel": { - "markdownDescription": "Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.\n\nBy default, split-tunnel on a VPN endpoint is disabled.\n\nFor information about split-tunnel VPN endpoints, see [Split-tunnel AWS Client VPN endpoint](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) in the *AWS Client VPN Administrator Guide* .", - "title": "SplitTunnel", - "type": "boolean" - }, - "TagSpecifications": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.TagSpecification" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the Client VPN endpoint during creation.", - "title": "TagSpecifications", + "markdownDescription": "One or more tags to be assigned to the subnet group.", + "title": "Tags", "type": "array" - }, - "TransportProtocol": { - "markdownDescription": "The transport protocol to be used by the VPN session.\n\nDefault value: `udp`", - "title": "TransportProtocol", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.", - "title": "VpcId", - "type": "string" - }, - "VpnPort": { - "markdownDescription": "The port number to assign to the Client VPN endpoint for TCP and UDP traffic.\n\nValid Values: `443` | `1194`\n\nDefault Value: `443`", - "title": "VpnPort", - "type": "number" } }, "required": [ - "AuthenticationOptions", - "ClientCidrBlock", - "ConnectionLogOptions", - "ServerCertificateArn" + "ReplicationSubnetGroupDescription", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnEndpoint" + "AWS::DMS::ReplicationSubnetGroup" ], "type": "string" }, @@ -68919,171 +75837,10 @@ ], "type": "object" }, - "AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest": { + "AWS::DMS::ReplicationTask": { "additionalProperties": false, "properties": { - "ClientRootCertificateChainArn": { - "markdownDescription": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).", - "title": "ClientRootCertificateChainArn", - "type": "string" - } - }, - "required": [ - "ClientRootCertificateChainArn" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest": { - "additionalProperties": false, - "properties": { - "ActiveDirectory": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest", - "markdownDescription": "Information about the Active Directory to be used, if applicable. You must provide this information if *Type* is `directory-service-authentication` .", - "title": "ActiveDirectory" - }, - "FederatedAuthentication": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest", - "markdownDescription": "Information about the IAM SAML identity provider, if applicable.", - "title": "FederatedAuthentication" - }, - "MutualAuthentication": { - "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest", - "markdownDescription": "Information about the authentication certificates to be used, if applicable. You must provide this information if *Type* is `certificate-authentication` .", - "title": "MutualAuthentication" - }, - "Type": { - "markdownDescription": "The type of client authentication to be used.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.ClientConnectOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether client connect options are enabled. The default is `false` (not enabled).", - "title": "Enabled", - "type": "boolean" - }, - "LambdaFunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function used for connection authorization.", - "title": "LambdaFunctionArn", - "type": "string" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions": { - "additionalProperties": false, - "properties": { - "BannerText": { - "markdownDescription": "Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.", - "title": "BannerText", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n\nValid values: `true | false`\n\nDefault value: `false`", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions": { - "additionalProperties": false, - "properties": { - "CloudwatchLogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group. Required if connection logging is enabled.", - "title": "CloudwatchLogGroup", - "type": "string" - }, - "CloudwatchLogStream": { - "markdownDescription": "The name of the CloudWatch Logs log stream to which the connection data is published.", - "title": "CloudwatchLogStream", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Indicates whether connection logging is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest": { - "additionalProperties": false, - "properties": { - "DirectoryId": { - "markdownDescription": "The ID of the Active Directory to be used for authentication.", - "title": "DirectoryId", - "type": "string" - } - }, - "required": [ - "DirectoryId" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest": { - "additionalProperties": false, - "properties": { - "SAMLProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider.", - "title": "SAMLProviderArn", - "type": "string" - }, - "SelfServiceSAMLProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.", - "title": "SelfServiceSAMLProviderArn", - "type": "string" - } - }, - "required": [ - "SAMLProviderArn" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnEndpoint.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. To tag a Client VPN endpoint, `ResourceType` must be `client-vpn-endpoint` .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ResourceType", - "Tags" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnRoute": { - "additionalProperties": false, - "properties": { - "Condition": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -69115,110 +75872,87 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint to which to add the route.", - "title": "ClientVpnEndpointId", + "CdcStartPosition": { + "markdownDescription": "Indicates when you want a change data capture (CDC) operation to start. Use either `CdcStartPosition` or `CdcStartTime` to specify when you want a CDC operation to start. Specifying both values results in an error.\n\nThe value can be in date, checkpoint, log sequence number (LSN), or system change number (SCN) format.\n\nHere is a date example: `--cdc-start-position \"2018-03-08T12:12:12\"`\n\nHere is a checkpoint example: `--cdc-start-position \"checkpoint:V1#27#mysql-bin-changelog.157832:1975:-1:2002:677883278264080:mysql-bin-changelog.157832:1876#0#0#*#0#93\"`\n\nHere is an LSN example: `--cdc-start-position \u201cmysql-bin-changelog.000024:373\u201d`\n\n> When you use this task setting with a source PostgreSQL database, a logical replication slot should already be created and associated with the source endpoint. You can verify this by setting the `slotName` extra connection attribute to the name of this logical replication slot. For more information, see [Extra Connection Attributes When Using PostgreSQL as a Source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", + "title": "CdcStartPosition", "type": "string" }, - "Description": { - "markdownDescription": "A brief description of the route.", - "title": "Description", + "CdcStartTime": { + "markdownDescription": "Indicates the start time for a change data capture (CDC) operation.", + "title": "CdcStartTime", + "type": "number" + }, + "CdcStopPosition": { + "markdownDescription": "Indicates when you want a change data capture (CDC) operation to stop. The value can be either server time or commit time.\n\nHere is a server time example: `--cdc-stop-position \"server_time:2018-02-09T12:12:12\"`\n\nHere is a commit time example: `--cdc-stop-position \"commit_time: 2018-02-09T12:12:12\"`", + "title": "CdcStopPosition", "type": "string" }, - "DestinationCidrBlock": { - "markdownDescription": "The IPv4 address range, in CIDR notation, of the route destination. For example:\n\n- To add a route for Internet access, enter `0.0.0.0/0`\n- To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range\n- To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range\n- To add a route for the local network, enter the client CIDR range", - "title": "DestinationCidrBlock", + "MigrationType": { + "markdownDescription": "The migration type. Valid values: `full-load` | `cdc` | `full-load-and-cdc`", + "title": "MigrationType", "type": "string" }, - "TargetVpcSubnetId": { - "markdownDescription": "The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.\n\nAlternatively, if you're adding a route for the local network, specify `local` .", - "title": "TargetVpcSubnetId", + "ReplicationInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a replication instance.", + "title": "ReplicationInstanceArn", "type": "string" - } - }, - "required": [ - "ClientVpnEndpointId", - "DestinationCidrBlock", - "TargetVpcSubnetId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::ClientVpnRoute" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EC2::ClientVpnTargetNetworkAssociation": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "ReplicationTaskIdentifier": { + "markdownDescription": "An identifier for the replication task.\n\nConstraints:\n\n- Must contain 1-255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ReplicationTaskIdentifier", "type": "string" }, - { + "ReplicationTaskSettings": { + "markdownDescription": "Overall settings for the task, in JSON format. For more information, see [Specifying Task Settings for AWS Database Migration Service Tasks](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html) in the *AWS Database Migration Service User Guide* .", + "title": "ReplicationTaskSettings", + "type": "string" + }, + "ResourceIdentifier": { + "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", + "title": "ResourceIdentifier", + "type": "string" + }, + "SourceEndpointArn": { + "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the source endpoint.", + "title": "SourceEndpointArn", + "type": "string" + }, + "TableMappings": { + "markdownDescription": "The table mappings for the task, in JSON format. For more information, see [Using Table Mapping to Specify Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html) in the *AWS Database Migration Service User Guide* .", + "title": "TableMappings", + "type": "string" + }, + "Tags": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/Tag" }, + "markdownDescription": "One or more tags to be assigned to the replication task.", + "title": "Tags", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClientVpnEndpointId": { - "markdownDescription": "The ID of the Client VPN endpoint.", - "title": "ClientVpnEndpointId", + }, + "TargetEndpointArn": { + "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the target endpoint.", + "title": "TargetEndpointArn", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to associate with the Client VPN endpoint.", - "title": "SubnetId", + "TaskData": { + "markdownDescription": "Supplemental information that the task requires to migrate the data for certain source and target endpoints. For more information, see [Specifying Supplemental Data for Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) in the *AWS Database Migration Service User Guide.*", + "title": "TaskData", "type": "string" } }, "required": [ - "ClientVpnEndpointId", - "SubnetId" + "MigrationType", + "ReplicationInstanceArn", + "SourceEndpointArn", + "TableMappings", + "TargetEndpointArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::ClientVpnTargetNetworkAssociation" + "AWS::DMS::ReplicationTask" ], "type": "string" }, @@ -69237,7 +75971,7 @@ ], "type": "object" }, - "AWS::EC2::CustomerGateway": { + "AWS::DSQL::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -69272,49 +76006,35 @@ "Properties": { "additionalProperties": false, "properties": { - "BgpAsn": { - "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nDefault: 65000\n\nValid values: `1` to `2,147,483,647`", - "title": "BgpAsn", - "type": "number" - }, - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the customer gateway certificate.", - "title": "CertificateArn", - "type": "string" + "DeletionProtectionEnabled": { + "markdownDescription": "Whether deletion protection is enabled on this cluster.", + "title": "DeletionProtectionEnabled", + "type": "boolean" }, - "DeviceName": { - "markdownDescription": "The name of customer gateway device.", - "title": "DeviceName", + "KmsEncryptionKey": { + "markdownDescription": "", + "title": "KmsEncryptionKey", "type": "string" }, - "IpAddress": { - "markdownDescription": "The IP address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `Ipv6` , you can use an IPv6 address.", - "title": "IpAddress", - "type": "string" + "MultiRegionProperties": { + "$ref": "#/definitions/AWS::DSQL::Cluster.MultiRegionProperties", + "markdownDescription": "Defines the structure for multi-Region cluster configurations, containing the witness Region and peered cluster settings.", + "title": "MultiRegionProperties" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags for the customer gateway.", + "markdownDescription": "A map of key and value pairs this cluster is tagged with.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of VPN connection that this customer gateway supports ( `ipsec.1` ).", - "title": "Type", - "type": "string" } }, - "required": [ - "IpAddress", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::CustomerGateway" + "AWS::DSQL::Cluster" ], "type": "string" }, @@ -69328,117 +76048,51 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::DHCPOptions": { + "AWS::DSQL::Cluster.EncryptionDetails": { "additionalProperties": false, "properties": { - "Condition": { + "EncryptionStatus": { + "markdownDescription": "The status of encryption for the cluster.", + "title": "EncryptionStatus", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EncryptionType": { + "markdownDescription": "The type of encryption that protects the data on your cluster.", + "title": "EncryptionType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DomainName": { - "markdownDescription": "This value is used to complete unqualified DNS hostnames. If you're using AmazonProvidedDNS in `us-east-1` , specify `ec2.internal` . If you're using AmazonProvidedDNS in another Region, specify *region* . `compute.internal` (for example, `ap-northeast-1.compute.internal` ). Otherwise, specify a domain name (for example, *MyCompany.com* ).", - "title": "DomainName", - "type": "string" - }, - "DomainNameServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four domain name servers, or `AmazonProvidedDNS` . The default is `AmazonProvidedDNS` . To have your instance receive a custom DNS hostname as specified in `DomainName` , you must set this property to a custom DNS server.", - "title": "DomainNameServers", - "type": "array" - }, - "Ipv6AddressPreferredLeaseTime": { - "markdownDescription": "A value (in seconds, minutes, hours, or years) for how frequently a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 seconds (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.", - "title": "Ipv6AddressPreferredLeaseTime", - "type": "number" - }, - "NetbiosNameServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four NetBIOS name servers.", - "title": "NetbiosNameServers", - "type": "array" - }, - "NetbiosNodeType": { - "markdownDescription": "The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported).", - "title": "NetbiosNodeType", - "type": "number" - }, - "NtpServers": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers.", - "title": "NtpServers", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the DHCP options set.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::DHCPOptions" - ], + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS KMS key that encrypts data in the cluster.", + "title": "KmsKeyArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::DSQL::Cluster.MultiRegionProperties": { + "additionalProperties": false, + "properties": { + "Clusters": { + "items": { + "type": "string" + }, + "markdownDescription": "The set of peered clusters that form the multi-Region cluster configuration. Each peered cluster represents a database instance in a different Region.", + "title": "Clusters", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "WitnessRegion": { + "markdownDescription": "The Region that serves as the witness Region for a multi-Region cluster. The witness Region helps maintain cluster consistency and quorum.", + "title": "WitnessRegion", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::EC2::EC2Fleet": { + "AWS::DataBrew::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -69473,82 +76127,54 @@ "Properties": { "additionalProperties": false, "properties": { - "Context": { - "markdownDescription": "Reserved.", - "title": "Context", + "Format": { + "markdownDescription": "The file format of a dataset that is created from an Amazon S3 file or folder.", + "title": "Format", "type": "string" }, - "ExcessCapacityTerminationPolicy": { - "markdownDescription": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` .", - "title": "ExcessCapacityTerminationPolicy", - "type": "string" + "FormatOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FormatOptions", + "markdownDescription": "A set of options that define how DataBrew interprets the data in the dataset.", + "title": "FormatOptions" }, - "LaunchTemplateConfigs": { - "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest" - }, - "markdownDescription": "The configuration for the EC2 Fleet.", - "title": "LaunchTemplateConfigs", - "type": "array" + "Input": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.Input", + "markdownDescription": "Information on how DataBrew can find the dataset, in either the AWS Glue Data Catalog or Amazon S3 .", + "title": "Input" }, - "OnDemandOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.OnDemandOptionsRequest", - "markdownDescription": "Describes the configuration of On-Demand Instances in an EC2 Fleet.", - "title": "OnDemandOptions" + "Name": { + "markdownDescription": "The unique name of the dataset.", + "title": "Name", + "type": "string" }, - "ReplaceUnhealthyInstances": { - "markdownDescription": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* .", - "title": "ReplaceUnhealthyInstances", - "type": "boolean" + "PathOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.PathOptions", + "markdownDescription": "A set of options that defines how DataBrew interprets an Amazon S3 path of the dataset.", + "title": "PathOptions" }, - "SpotOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", - "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", - "title": "SpotOptions" + "Source": { + "markdownDescription": "The location of the data for the dataset, either Amazon S3 or the AWS Glue Data Catalog .", + "title": "Source", + "type": "string" }, - "TagSpecifications": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TagSpecification" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) .", - "title": "TagSpecifications", + "markdownDescription": "Metadata tags that have been applied to the dataset.", + "title": "Tags", "type": "array" - }, - "TargetCapacitySpecification": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest", - "markdownDescription": "The number of units to request.", - "title": "TargetCapacitySpecification" - }, - "TerminateInstancesWithExpiration": { - "markdownDescription": "Indicates whether running instances should be terminated when the EC2 Fleet expires.", - "title": "TerminateInstancesWithExpiration", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* .", - "title": "Type", - "type": "string" - }, - "ValidFrom": { - "markdownDescription": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately.", - "title": "ValidFrom", - "type": "string" - }, - "ValidUntil": { - "markdownDescription": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.", - "title": "ValidUntil", - "type": "string" } }, "required": [ - "LaunchTemplateConfigs", - "TargetCapacitySpecification" + "Input", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EC2Fleet" + "AWS::DataBrew::Dataset" ], "type": "string" }, @@ -69567,609 +76193,368 @@ ], "type": "object" }, - "AWS::EC2::EC2Fleet.AcceleratorCountRequest": { + "AWS::DataBrew::Dataset.CsvOptions": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" + "Delimiter": { + "markdownDescription": "A single character that specifies the delimiter being used in the CSV file.", + "title": "Delimiter", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "HeaderRow": { + "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", + "title": "HeaderRow", + "type": "boolean" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest": { + "AWS::DataBrew::Dataset.DataCatalogInputDefinition": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.CapacityRebalance": { - "additionalProperties": false, - "properties": { - "ReplacementStrategy": { - "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", - "title": "ReplacementStrategy", + "TableName": { + "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", + "title": "TableName", "type": "string" }, - "TerminationDelay": { - "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", - "title": "TerminationDelay", - "type": "number" + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", + "title": "TempDirectory" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest": { + "AWS::DataBrew::Dataset.DatabaseInputDefinition": { "additionalProperties": false, "properties": { - "UsageStrategy": { - "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ).\n\nIf you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.", - "title": "UsageStrategy", + "DatabaseTableName": { + "markdownDescription": "The table within the target database.", + "title": "DatabaseTableName", "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest": { - "additionalProperties": false, - "properties": { - "LaunchTemplateSpecification": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest", - "markdownDescription": "The launch template to use. You must specify either the launch template ID or launch template name in the request.", - "title": "LaunchTemplateSpecification" }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest" - }, - "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.\n\nFor fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates.", - "title": "Overrides", - "type": "array" + "GlueConnectionName": { + "markdownDescription": "The AWS Glue Connection that stores the connection information for the target database.", + "title": "GlueConnectionName", + "type": "string" + }, + "QueryString": { + "markdownDescription": "Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs.", + "title": "QueryString", + "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", + "title": "TempDirectory" } }, + "required": [ + "GlueConnectionName" + ], "type": "object" }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest": { + "AWS::DataBrew::Dataset.DatasetParameter": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to launch the instances.", - "title": "AvailabilityZone", - "type": "string" + "CreateColumn": { + "markdownDescription": "Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset.", + "title": "CreateColumn", + "type": "boolean" }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.InstanceRequirementsRequest", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" + "DatetimeOptions": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatetimeOptions", + "markdownDescription": "Additional parameter options such as a format and a timezone. Required for datetime parameters.", + "title": "DatetimeOptions" }, - "InstanceType": { - "markdownDescription": "The instance type.\n\n`mac1.metal` is not supported as a launch template override.\n\n> If you specify `InstanceType` , you can't specify `InstanceRequirements` .", - "title": "InstanceType", - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", + "markdownDescription": "The optional filter expression structure to apply additional matching criteria to the parameter.", + "title": "Filter" }, - "MaxPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.\n> \n> If you specify a maximum price, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message.", - "title": "MaxPrice", + "Name": { + "markdownDescription": "The name of the parameter that is used in the dataset's Amazon S3 path.", + "title": "Name", "type": "string" }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.Placement", - "markdownDescription": "The location where the instance launched, if applicable.", - "title": "Placement" - }, - "Priority": { - "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", - "title": "Priority", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID.", - "title": "SubnetId", + "Type": { + "markdownDescription": "The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'.", + "title": "Type", "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" } }, + "required": [ + "Name", + "Type" + ], "type": "object" }, - "AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest": { + "AWS::DataBrew::Dataset.DatetimeOptions": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", - "title": "LaunchTemplateId", + "Format": { + "markdownDescription": "Required option, that defines the datetime format used for a date parameter in the Amazon S3 path. Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. \"MM.dd.yyyy-'at'-HH:mm\".", + "title": "Format", "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", - "title": "LaunchTemplateName", + "LocaleCode": { + "markdownDescription": "Optional value for a non-US locale code, needed for correct interpretation of some date formats.", + "title": "LocaleCode", "type": "string" }, - "Version": { - "markdownDescription": "The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails.\n\nIf the value is `$Latest` , Amazon EC2 uses the latest version of the launch template.\n\nIf the value is `$Default` , Amazon EC2 uses the default version of the launch template.", - "title": "Version", + "TimezoneOffset": { + "markdownDescription": "Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path. Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed.", + "title": "TimezoneOffset", "type": "string" } }, "required": [ - "Version" + "Format" ], "type": "object" }, - "AWS::EC2::EC2Fleet.InstanceRequirementsRequest": { + "AWS::DataBrew::Dataset.ExcelOptions": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorCountRequest", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" - }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" + "HeaderRow": { + "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", + "title": "HeaderRow", + "type": "boolean" }, - "AcceleratorTypes": { + "SheetIndexes": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", + "markdownDescription": "One or more sheet numbers in the Excel file that will be included in the dataset.", + "title": "SheetIndexes", "type": "array" }, - "AllowedInstanceTypes": { + "SheetNames": { "items": { "type": "string" }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", + "markdownDescription": "One or more named sheets in the Excel file that will be included in the dataset.", + "title": "SheetNames", "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Dataset.FilesLimit": { + "additionalProperties": false, + "properties": { + "MaxFiles": { + "markdownDescription": "The number of Amazon S3 files to select.", + "title": "MaxFiles", + "type": "number" }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", + "Order": { + "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING.", + "title": "Order", "type": "string" }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" - }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", + "OrderedBy": { + "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value.", + "title": "OrderedBy", "type": "string" - }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" - }, - "InstanceGenerations": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", - "type": "array" - }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", + } + }, + "required": [ + "MaxFiles" + ], + "type": "object" + }, + "AWS::DataBrew::Dataset.FilterExpression": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions. For example, \"(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)\". Substitution variables should start with ':' symbol.", + "title": "Expression", "type": "string" }, - "LocalStorageTypes": { + "ValuesMap": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterValue" }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", + "markdownDescription": "The map of substitution variable names to their values used in this filter expression.", + "title": "ValuesMap", "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest", - "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.VCpuCountRangeRequest", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" } }, + "required": [ + "Expression", + "ValuesMap" + ], "type": "object" }, - "AWS::EC2::EC2Fleet.MaintenanceStrategies": { + "AWS::DataBrew::Dataset.FilterValue": { "additionalProperties": false, "properties": { - "CapacityRebalance": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityRebalance", - "markdownDescription": "The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.", - "title": "CapacityRebalance" + "Value": { + "markdownDescription": "The value to be associated with the substitution variable.", + "title": "Value", + "type": "string" + }, + "ValueReference": { + "markdownDescription": "The substitution variable reference.", + "title": "ValueReference", + "type": "string" } }, + "required": [ + "Value", + "ValueReference" + ], "type": "object" }, - "AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest": { + "AWS::DataBrew::Dataset.FormatOptions": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Csv": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.CsvOptions", + "markdownDescription": "Options that define how CSV input is to be interpreted by DataBrew.", + "title": "Csv" }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "Excel": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.ExcelOptions", + "markdownDescription": "Options that define how Excel input is to be interpreted by DataBrew.", + "title": "Excel" + }, + "Json": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.JsonOptions", + "markdownDescription": "Options that define how JSON input is to be interpreted by DataBrew.", + "title": "Json" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.MemoryMiBRequest": { + "AWS::DataBrew::Dataset.Input": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" + "DatabaseInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatabaseInputDefinition", + "markdownDescription": "Connection information for dataset input files stored in a database.", + "title": "DatabaseInputDefinition" + }, + "Metadata": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.Metadata", + "markdownDescription": "Contains additional resource information needed for specific datasets.", + "title": "Metadata" + }, + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest": { + "AWS::DataBrew::Dataset.JsonOptions": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "MultiLine": { + "markdownDescription": "A value that specifies whether JSON input contains embedded new line characters.", + "title": "MultiLine", + "type": "boolean" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest": { + "AWS::DataBrew::Dataset.Metadata": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) associated with the dataset. Currently, DataBrew only supports ARNs from Amazon AppFlow.", + "title": "SourceArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.OnDemandOptionsRequest": { + "AWS::DataBrew::Dataset.PathOptions": { "additionalProperties": false, "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity.\n\n`lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first.\n\n`prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first.\n\nDefault: `lowest-price`", - "title": "AllocationStrategy", - "type": "string" - }, - "CapacityReservationOptions": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest", - "markdownDescription": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.\n\nSupported only for fleets of type `instant` .", - "title": "CapacityReservationOptions" + "FilesLimit": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilesLimit", + "markdownDescription": "If provided, this structure imposes a limit on a number of files that should be selected.", + "title": "FilesLimit" }, - "MaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "MaxTotalPrice", - "type": "string" + "LastModifiedDateCondition": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", + "markdownDescription": "If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 .", + "title": "LastModifiedDateCondition" }, - "MinTargetCapacity": { - "markdownDescription": "The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", - "title": "MinTargetCapacity", - "type": "number" - }, - "SingleAvailabilityZone": { - "markdownDescription": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", - "title": "SingleAvailabilityZone", - "type": "boolean" - }, - "SingleInstanceType": { - "markdownDescription": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.\n\nSupported only for fleets of type `instant` .", - "title": "SingleInstanceType", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.Placement": { - "additionalProperties": false, - "properties": { - "Affinity": { - "markdownDescription": "The affinity setting for the instance on the Dedicated Host.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupName": { - "markdownDescription": "The name of the placement group that the instance is in. If you specify `GroupName` , you can't specify `GroupId` .", - "title": "GroupName", - "type": "string" - }, - "HostId": { - "markdownDescription": "The ID of the Dedicated Host on which the instance resides.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", - "title": "HostId", - "type": "string" - }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances.\n\nIf you specify this parameter, either omit the *Tenancy* parameter or set it to `host` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "HostResourceGroupArn", - "type": "string" - }, - "PartitionNumber": { - "markdownDescription": "The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", - "title": "PartitionNumber", - "type": "number" - }, - "SpreadDomain": { - "markdownDescription": "Reserved for future use.", - "title": "SpreadDomain", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option.", - "title": "Tenancy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.SpotOptionsRequest": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.\n\nIf the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.\n\nIf the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify.\n\nIf the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity.\n\n*Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized`", - "title": "AllocationStrategy", - "type": "string" - }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted.\n\nDefault: `terminate`", - "title": "InstanceInterruptionBehavior", - "type": "string" - }, - "InstancePoolsToUseCount": { - "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", - "title": "InstancePoolsToUseCount", - "type": "number" - }, - "MaintenanceStrategies": { - "$ref": "#/definitions/AWS::EC2::EC2Fleet.MaintenanceStrategies", - "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", - "title": "MaintenanceStrategies" - }, - "MaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "MaxTotalPrice", - "type": "string" - }, - "MinTargetCapacity": { - "markdownDescription": "The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", - "title": "MinTargetCapacity", - "type": "number" - }, - "SingleAvailabilityZone": { - "markdownDescription": "Indicates that the fleet launches all Spot Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", - "title": "SingleAvailabilityZone", - "type": "boolean" - }, - "SingleInstanceType": { - "markdownDescription": "Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.\n\nSupported only for fleets of type `instant` .", - "title": "SingleInstanceType", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.TagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag.", - "title": "ResourceType", - "type": "string" - }, - "Tags": { + "Parameters": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataBrew::Dataset.PathParameter" }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", + "markdownDescription": "A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions.", + "title": "Parameters", "type": "array" } }, "type": "object" }, - "AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest": { + "AWS::DataBrew::Dataset.PathParameter": { "additionalProperties": false, "properties": { - "DefaultTargetCapacityType": { - "markdownDescription": "The default target capacity type.", - "title": "DefaultTargetCapacityType", - "type": "string" - }, - "OnDemandTargetCapacity": { - "markdownDescription": "The number of On-Demand units to request.", - "title": "OnDemandTargetCapacity", - "type": "number" - }, - "SpotTargetCapacity": { - "markdownDescription": "The number of Spot units to request.", - "title": "SpotTargetCapacity", - "type": "number" + "DatasetParameter": { + "$ref": "#/definitions/AWS::DataBrew::Dataset.DatasetParameter", + "markdownDescription": "The path parameter definition.", + "title": "DatasetParameter" }, - "TargetCapacityUnitType": { - "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection.\n\nDefault: `units` (the number of instances)", - "title": "TargetCapacityUnitType", + "PathParameterName": { + "markdownDescription": "The name of the path parameter.", + "title": "PathParameterName", "type": "string" - }, - "TotalTargetCapacity": { - "markdownDescription": "The number of units to request, filled using the default target capacity type.", - "title": "TotalTargetCapacity", - "type": "number" } }, "required": [ - "TotalTargetCapacity" + "DatasetParameter", + "PathParameterName" ], "type": "object" }, - "AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest": { + "AWS::DataBrew::Dataset.S3Location": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::EC2Fleet.VCpuCountRangeRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "BucketOwner": { + "markdownDescription": "The AWS account ID of the bucket owner.", + "title": "BucketOwner", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" } }, + "required": [ + "Bucket" + ], "type": "object" }, - "AWS::EC2::EIP": { + "AWS::DataBrew::Job": { "additionalProperties": false, "properties": { "Condition": { @@ -70204,45 +76589,132 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The network ( `vpc` ).\n\nIf you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource.", - "title": "Domain", + "DataCatalogOutputs": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.DataCatalogOutput" + }, + "markdownDescription": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.", + "title": "DataCatalogOutputs", + "type": "array" + }, + "DatabaseOutputs": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseOutput" + }, + "markdownDescription": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.", + "title": "DatabaseOutputs", + "type": "array" + }, + "DatasetName": { + "markdownDescription": "A dataset that the job is to process.", + "title": "DatasetName", "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of the instance.\n\n> Updates to the `InstanceId` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", - "title": "InstanceId", + "EncryptionKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key that is used to protect the job output. For more information, see [Encrypting data written by DataBrew jobs](https://docs.aws.amazon.com/databrew/latest/dg/encryption-security-configuration.html)", + "title": "EncryptionKeyArn", "type": "string" }, - "NetworkBorderGroup": { - "markdownDescription": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n\nUse [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups.", - "title": "NetworkBorderGroup", + "EncryptionMode": { + "markdownDescription": "The encryption mode for the job, which can be one of the following:\n\n- `SSE-KMS` - Server-side encryption with keys managed by AWS KMS .\n- `SSE-S3` - Server-side encryption with keys managed by Amazon S3.", + "title": "EncryptionMode", "type": "string" }, - "PublicIpv4Pool": { - "markdownDescription": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n\n> Updates to the `PublicIpv4Pool` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", - "title": "PublicIpv4Pool", + "JobSample": { + "$ref": "#/definitions/AWS::DataBrew::Job.JobSample", + "markdownDescription": "A sample configuration for profile jobs only, which determines the number of rows on which the profile job is run. If a `JobSample` value isn't provided, the default value is used. The default value is CUSTOM_ROWS for the mode parameter and 20,000 for the size parameter.", + "title": "JobSample" + }, + "LogSubscription": { + "markdownDescription": "The current status of Amazon CloudWatch logging for the job.", + "title": "LogSubscription", + "type": "string" + }, + "MaxCapacity": { + "markdownDescription": "The maximum number of nodes that can be consumed when the job processes data.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry the job after a job run fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "The unique name of the job.", + "title": "Name", + "type": "string" + }, + "OutputLocation": { + "$ref": "#/definitions/AWS::DataBrew::Job.OutputLocation", + "markdownDescription": "The location in Amazon S3 where the job writes its output.", + "title": "OutputLocation" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.Output" + }, + "markdownDescription": "One or more artifacts that represent output from running the job.", + "title": "Outputs", + "type": "array" + }, + "ProfileConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.ProfileConfiguration", + "markdownDescription": "Configuration for profile jobs. Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.", + "title": "ProfileConfiguration" + }, + "ProjectName": { + "markdownDescription": "The name of the project that the job is associated with.", + "title": "ProjectName", + "type": "string" + }, + "Recipe": { + "$ref": "#/definitions/AWS::DataBrew::Job.Recipe", + "markdownDescription": "A series of data transformation steps that the job runs.", + "title": "Recipe" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role to be assumed for this job.", + "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the Elastic IP address.\n\n> Updates to the `Tags` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "markdownDescription": "Metadata tags that have been applied to the job.", "title": "Tags", "type": "array" }, - "TransferAddress": { - "markdownDescription": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "TransferAddress", + "Timeout": { + "markdownDescription": "The job's timeout in minutes. A job that attempts to run longer than this timeout period ends with a status of `TIMEOUT` .", + "title": "Timeout", + "type": "number" + }, + "Type": { + "markdownDescription": "The job type of the job, which must be one of the following:\n\n- `PROFILE` - A job to analyze a dataset, to determine its size, data types, data distribution, and more.\n- `RECIPE` - A job to apply one or more transformations to a dataset.", + "title": "Type", "type": "string" + }, + "ValidationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ValidationConfiguration" + }, + "markdownDescription": "List of validation configurations that are applied to the profile job.", + "title": "ValidationConfigurations", + "type": "array" } }, + "required": [ + "Name", + "RoleArn", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::EIP" + "AWS::DataBrew::Job" ], "type": "string" }, @@ -70256,229 +76728,438 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::EIPAssociation": { + "AWS::DataBrew::Job.AllowedStatistics": { "additionalProperties": false, "properties": { - "Condition": { + "Statistics": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more column statistics to allow for columns that contain detected entities.", + "title": "Statistics", + "type": "array" + } + }, + "required": [ + "Statistics" + ], + "type": "object" + }, + "AWS::DataBrew::Job.ColumnSelector": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of a column from a dataset.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Regex": { + "markdownDescription": "A regular expression for selecting a column from a dataset.", + "title": "Regex", "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.ColumnStatisticsConfiguration": { + "additionalProperties": false, + "properties": { + "Selectors": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" + }, + "markdownDescription": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.", + "title": "Selectors", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Statistics": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", + "markdownDescription": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations.", + "title": "Statistics" + } + }, + "required": [ + "Statistics" + ], + "type": "object" + }, + "AWS::DataBrew::Job.CsvOutputOptions": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "A single character that specifies the delimiter used to create CSV job output.", + "title": "Delimiter", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.DataCatalogOutput": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", + "type": "string" }, - "Metadata": { - "type": "object" + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllocationId": { - "markdownDescription": "The allocation ID. This is required.", - "title": "AllocationId", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.", - "title": "InstanceId", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n\nYou can specify either the instance ID or the network interface ID, but not both.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrivateIpAddress": { - "markdownDescription": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.", - "title": "PrivateIpAddress", - "type": "string" - } - }, - "type": "object" + "DatabaseOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", + "title": "DatabaseOptions" }, - "Type": { - "enum": [ - "AWS::EC2::EIPAssociation" - ], + "Overwrite": { + "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions.", + "title": "Overwrite", + "type": "boolean" + }, + "S3Options": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3TableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.", + "title": "S3Options" + }, + "TableName": { + "markdownDescription": "The name of a table in the Data Catalog.", + "title": "TableName", "type": "string" + } + }, + "required": [ + "DatabaseName", + "TableName" + ], + "type": "object" + }, + "AWS::DataBrew::Job.DatabaseOutput": { + "additionalProperties": false, + "properties": { + "DatabaseOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", + "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", + "title": "DatabaseOptions" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatabaseOutputMode": { + "markdownDescription": "The output mode to write into the database. Currently supported option: NEW_TABLE.", + "title": "DatabaseOutputMode", + "type": "string" + }, + "GlueConnectionName": { + "markdownDescription": "The AWS Glue connection that stores the connection information for the target database.", + "title": "GlueConnectionName", "type": "string" } }, "required": [ - "Type" + "DatabaseOptions", + "GlueConnectionName" ], "type": "object" }, - "AWS::EC2::EgressOnlyInternetGateway": { + "AWS::DataBrew::Job.DatabaseTableOutputOptions": { "additionalProperties": false, "properties": { - "Condition": { + "TableName": { + "markdownDescription": "A prefix for the name of a table DataBrew will create in the database.", + "title": "TableName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results.", + "title": "TempDirectory" + } + }, + "required": [ + "TableName" + ], + "type": "object" + }, + "AWS::DataBrew::Job.EntityDetectorConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedStatistics": { + "$ref": "#/definitions/AWS::DataBrew::Job.AllowedStatistics", + "markdownDescription": "Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities.", + "title": "AllowedStatistics" + }, + "EntityTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Entity types to detect. Can be any of the following:\n\n- USA_SSN\n- EMAIL\n- USA_ITIN\n- USA_PASSPORT_NUMBER\n- PHONE_NUMBER\n- USA_DRIVING_LICENSE\n- BANK_ACCOUNT\n- CREDIT_CARD\n- IP_ADDRESS\n- MAC_ADDRESS\n- USA_DEA_NUMBER\n- USA_HCPCS_CODE\n- USA_NATIONAL_PROVIDER_IDENTIFIER\n- USA_NATIONAL_DRUG_CODE\n- USA_HEALTH_INSURANCE_CLAIM_NUMBER\n- USA_MEDICARE_BENEFICIARY_IDENTIFIER\n- USA_CPT_CODE\n- PERSON_NAME\n- DATE\n\nThe Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE.", + "title": "EntityTypes", + "type": "array" + } + }, + "required": [ + "EntityTypes" + ], + "type": "object" + }, + "AWS::DataBrew::Job.JobSample": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following:\n\n- FULL_DATASET - The profile job is run on the entire dataset.\n- CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter.", + "title": "Mode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Size": { + "markdownDescription": "The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.\n\nLong.MAX_VALUE = 9223372036854775807", + "title": "Size", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.Output": { + "additionalProperties": false, + "properties": { + "CompressionFormat": { + "markdownDescription": "The compression algorithm used to compress the output text of the job.", + "title": "CompressionFormat", + "type": "string" }, - "Metadata": { - "type": "object" + "Format": { + "markdownDescription": "The data format of the output of the job.", + "title": "Format", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "VpcId": { - "markdownDescription": "The ID of the VPC for which to create the egress-only internet gateway.", - "title": "VpcId", - "type": "string" - } + "FormatOptions": { + "$ref": "#/definitions/AWS::DataBrew::Job.OutputFormatOptions", + "markdownDescription": "Represents options that define how DataBrew formats job output files.", + "title": "FormatOptions" + }, + "Location": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "The location in Amazon S3 where the job writes its output.", + "title": "Location" + }, + "MaxOutputFiles": { + "markdownDescription": "The maximum number of files to be generated by the job and written to the output folder.", + "title": "MaxOutputFiles", + "type": "number" + }, + "Overwrite": { + "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output.", + "title": "Overwrite", + "type": "boolean" + }, + "PartitionColumns": { + "items": { + "type": "string" }, - "required": [ - "VpcId" - ], - "type": "object" + "markdownDescription": "The names of one or more partition columns for the output of the job.", + "title": "PartitionColumns", + "type": "array" + } + }, + "required": [ + "Location" + ], + "type": "object" + }, + "AWS::DataBrew::Job.OutputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::DataBrew::Job.CsvOutputOptions", + "markdownDescription": "Represents a set of options that define the structure of comma-separated value (CSV) job output.", + "title": "Csv" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.OutputLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" }, - "Type": { - "enum": [ - "AWS::EC2::EgressOnlyInternetGateway" - ], + "BucketOwner": { + "markdownDescription": "", + "title": "BucketOwner", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket" ], "type": "object" }, - "AWS::EC2::EnclaveCertificateIamRoleAssociation": { + "AWS::DataBrew::Job.ProfileConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ColumnStatisticsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnStatisticsConfiguration" + }, + "markdownDescription": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.", + "title": "ColumnStatisticsConfigurations", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DatasetStatisticsConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", + "markdownDescription": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.", + "title": "DatasetStatisticsConfiguration" + }, + "EntityDetectorConfiguration": { + "$ref": "#/definitions/AWS::DataBrew::Job.EntityDetectorConfiguration", + "markdownDescription": "Configuration of entity detection for a profile job. When undefined, entity detection is disabled.", + "title": "EntityDetectorConfiguration" + }, + "ProfileColumns": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" + }, + "markdownDescription": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.", + "title": "ProfileColumns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.Recipe": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The unique name for the recipe.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Version": { + "markdownDescription": "The identifier for the version for the recipe.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::DataBrew::Job.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" }, - "Metadata": { - "type": "object" + "BucketOwner": { + "markdownDescription": "The AWS account ID of the bucket owner.", + "title": "BucketOwner", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the ACM certificate with which to associate the IAM role.", - "title": "CertificateArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.", - "title": "RoleArn", + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::DataBrew::Job.S3TableOutputOptions": { + "additionalProperties": false, + "properties": { + "Location": { + "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", + "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job.", + "title": "Location" + } + }, + "required": [ + "Location" + ], + "type": "object" + }, + "AWS::DataBrew::Job.StatisticOverride": { + "additionalProperties": false, + "properties": { + "Parameters": { + "additionalProperties": true, + "markdownDescription": "A map that includes overrides of an evaluation\u2019s parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "CertificateArn", - "RoleArn" - ], + "title": "Parameters", "type": "object" }, - "Type": { - "enum": [ - "AWS::EC2::EnclaveCertificateIamRoleAssociation" - ], + "Statistic": { + "markdownDescription": "The name of an evaluation", + "title": "Statistic", "type": "string" + } + }, + "required": [ + "Parameters", + "Statistic" + ], + "type": "object" + }, + "AWS::DataBrew::Job.StatisticsConfiguration": { + "additionalProperties": false, + "properties": { + "IncludedStatistics": { + "items": { + "type": "string" + }, + "markdownDescription": "List of included evaluations. When the list is undefined, all supported evaluations will be included.", + "title": "IncludedStatistics", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Job.StatisticOverride" + }, + "markdownDescription": "List of overrides for evaluations.", + "title": "Overrides", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataBrew::Job.ValidationConfiguration": { + "additionalProperties": false, + "properties": { + "RulesetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job. The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job.", + "title": "RulesetArn", + "type": "string" + }, + "ValidationMode": { + "markdownDescription": "Mode of data quality validation. Default mode is \u201cCHECK_ALL\u201d which verifies all rules defined in the selected ruleset.", + "title": "ValidationMode", "type": "string" } }, "required": [ - "Type", - "Properties" + "RulesetArn" ], "type": "object" }, - "AWS::EC2::FlowLog": { + "AWS::DataBrew::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -70513,79 +77194,51 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliverCrossAccountRole": { - "markdownDescription": "The ARN of the IAM role that allows the service to publish flow logs across accounts.", - "title": "DeliverCrossAccountRole", - "type": "string" - }, - "DeliverLogsPermissionArn": { - "markdownDescription": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.\n\nThis parameter is required if the destination type is `cloud-watch-logs` , or if the destination type is `kinesis-data-firehose` and the delivery stream and the resources to monitor are in different accounts.", - "title": "DeliverLogsPermissionArn", - "type": "string" - }, - "DestinationOptions": { - "$ref": "#/definitions/AWS::EC2::FlowLog.DestinationOptions", - "markdownDescription": "The destination options.", - "title": "DestinationOptions" - }, - "LogDestination": { - "markdownDescription": "The destination for the flow log data. The meaning of this parameter depends on the destination type.\n\n- If the destination type is `cloud-watch-logs` , specify the ARN of a CloudWatch Logs log group. For example:\n\narn:aws:logs: *region* : *account_id* :log-group: *my_group*\n\nAlternatively, use the `LogGroupName` parameter.\n- If the destination type is `s3` , specify the ARN of an S3 bucket. For example:\n\narn:aws:s3::: *my_bucket* / *my_subfolder* /\n\nThe subfolder is optional. Note that you can't use `AWSLogs` as a subfolder name.\n- If the destination type is `kinesis-data-firehose` , specify the ARN of a Kinesis Data Firehose delivery stream. For example:\n\narn:aws:firehose: *region* : *account_id* :deliverystream: *my_stream*", - "title": "LogDestination", - "type": "string" - }, - "LogDestinationType": { - "markdownDescription": "The type of destination for the flow log data.\n\nDefault: `cloud-watch-logs`", - "title": "LogDestinationType", + "DatasetName": { + "markdownDescription": "The dataset that the project is to act upon.", + "title": "DatasetName", "type": "string" }, - "LogFormat": { - "markdownDescription": "The fields to include in the flow log record, in the order in which they should appear. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must include at least one field. For more information about the available fields, see [Flow log records](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) in the *Amazon VPC User Guide* or [Transit Gateway Flow Log records](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) in the *AWS Transit Gateway Guide* .\n\nSpecify the fields using the `${field-id}` format, separated by spaces.", - "title": "LogFormat", + "Name": { + "markdownDescription": "The unique name of a project.", + "title": "Name", "type": "string" }, - "LogGroupName": { - "markdownDescription": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.\n\nThis parameter is valid only if the destination type is `cloud-watch-logs` .", - "title": "LogGroupName", + "RecipeName": { + "markdownDescription": "The name of a recipe that will be developed during a project session.", + "title": "RecipeName", "type": "string" }, - "MaxAggregationInterval": { - "markdownDescription": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. The possible values are 60 seconds (1 minute) or 600 seconds (10 minutes). This parameter must be 60 seconds for transit gateway resource types.\n\nWhen a network interface is attached to a [Nitro-based instance](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) , the aggregation interval is always 60 seconds or less, regardless of the value that you specify.\n\nDefault: 600", - "title": "MaxAggregationInterval", - "type": "number" - }, - "ResourceId": { - "markdownDescription": "The ID of the resource to monitor. For example, if the resource type is `VPC` , specify the ID of the VPC.", - "title": "ResourceId", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that will be assumed for this project.", + "title": "RoleArn", "type": "string" }, - "ResourceType": { - "markdownDescription": "The type of resource to monitor.", - "title": "ResourceType", - "type": "string" + "Sample": { + "$ref": "#/definitions/AWS::DataBrew::Project.Sample", + "markdownDescription": "The sample size and sampling type to apply to the data. If this parameter isn't specified, then the sample consists of the first 500 rows from the dataset.", + "title": "Sample" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the flow logs.", + "markdownDescription": "Metadata tags that have been applied to the project.", "title": "Tags", "type": "array" - }, - "TrafficType": { - "markdownDescription": "The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). This parameter is not supported for transit gateway resource types. It is required for the other resource types.", - "title": "TrafficType", - "type": "string" } }, "required": [ - "ResourceId", - "ResourceType" + "DatasetName", + "Name", + "RecipeName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::FlowLog" + "AWS::DataBrew::Project" ], "type": "string" }, @@ -70604,33 +77257,26 @@ ], "type": "object" }, - "AWS::EC2::FlowLog.DestinationOptions": { + "AWS::DataBrew::Project.Sample": { "additionalProperties": false, "properties": { - "FileFormat": { - "markdownDescription": "The format for the flow log. The default is `plain-text` .", - "title": "FileFormat", - "type": "string" - }, - "HiveCompatiblePartitions": { - "markdownDescription": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` .", - "title": "HiveCompatiblePartitions", - "type": "boolean" + "Size": { + "markdownDescription": "The number of rows in the sample.", + "title": "Size", + "type": "number" }, - "PerHourPartition": { - "markdownDescription": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` .", - "title": "PerHourPartition", - "type": "boolean" + "Type": { + "markdownDescription": "The way in which DataBrew obtains rows from a dataset.", + "title": "Type", + "type": "string" } }, "required": [ - "FileFormat", - "HiveCompatiblePartitions", - "PerHourPartition" + "Type" ], "type": "object" }, - "AWS::EC2::GatewayRouteTableAssociation": { + "AWS::DataBrew::Recipe": { "additionalProperties": false, "properties": { "Condition": { @@ -70665,26 +77311,42 @@ "Properties": { "additionalProperties": false, "properties": { - "GatewayId": { - "markdownDescription": "The ID of the gateway.", - "title": "GatewayId", + "Description": { + "markdownDescription": "The description of the recipe.", + "title": "Description", "type": "string" }, - "RouteTableId": { - "markdownDescription": "The ID of the route table.", - "title": "RouteTableId", + "Name": { + "markdownDescription": "The unique name for the recipe.", + "title": "Name", "type": "string" + }, + "Steps": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeStep" + }, + "markdownDescription": "A list of steps that are defined by the recipe.", + "title": "Steps", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata tags that have been applied to the recipe.", + "title": "Tags", + "type": "array" } }, "required": [ - "GatewayId", - "RouteTableId" + "Name", + "Steps" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::GatewayRouteTableAssociation" + "AWS::DataBrew::Recipe" ], "type": "string" }, @@ -70703,109 +77365,670 @@ ], "type": "object" }, - "AWS::EC2::Host": { + "AWS::DataBrew::Recipe.Action": { + "additionalProperties": false, + "properties": { + "Operation": { + "markdownDescription": "The name of a valid DataBrew transformation to be performed on the data.", + "title": "Operation", + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeParameters", + "markdownDescription": "Contextual parameters for the transformation.", + "title": "Parameters" + } + }, + "required": [ + "Operation" + ], + "type": "object" + }, + "AWS::DataBrew::Recipe.ConditionExpression": { "additionalProperties": false, "properties": { "Condition": { + "markdownDescription": "A specific condition to apply to a recipe action. For more information, see [Recipe structure](https://docs.aws.amazon.com/databrew/latest/dg/recipe-structure.html) in the *AWS Glue DataBrew Developer Guide* .", + "title": "Condition", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetColumn": { + "markdownDescription": "A column to apply this condition to.", + "title": "TargetColumn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Value": { + "markdownDescription": "A value that the condition must evaluate to for the condition to succeed.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Condition", + "TargetColumn" + ], + "type": "object" + }, + "AWS::DataBrew::Recipe.DataCatalogInputDefinition": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", + "title": "CatalogId", + "type": "string" }, - "Metadata": { - "type": "object" + "DatabaseName": { + "markdownDescription": "The name of a database in the Data Catalog.", + "title": "DatabaseName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssetId": { - "markdownDescription": "The ID of the Outpost hardware asset on which the Dedicated Host is allocated.", - "title": "AssetId", - "type": "string" - }, - "AutoPlacement": { - "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", - "title": "AutoPlacement", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to allocate the Dedicated Host.", - "title": "AvailabilityZone", - "type": "string" - }, - "HostMaintenance": { - "markdownDescription": "Indicates whether host maintenance is enabled or disabled for the Dedicated Host.", - "title": "HostMaintenance", - "type": "string" - }, - "HostRecovery": { - "markdownDescription": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see [Host recovery](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", - "title": "HostRecovery", - "type": "string" - }, - "InstanceFamily": { - "markdownDescription": "The instance family supported by the Dedicated Host. For example, `m5` .", - "title": "InstanceFamily", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.", - "title": "InstanceType", - "type": "string" - }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Outpost on which the Dedicated Host is allocated.", - "title": "OutpostArn", - "type": "string" - } + "TableName": { + "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", + "title": "TableName", + "type": "string" + }, + "TempDirectory": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "Represents an Amazon location where DataBrew can store intermediate results.", + "title": "TempDirectory" + } + }, + "type": "object" + }, + "AWS::DataBrew::Recipe.Input": { + "additionalProperties": false, + "properties": { + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" + }, + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" + } + }, + "type": "object" + }, + "AWS::DataBrew::Recipe.RecipeParameters": { + "additionalProperties": false, + "properties": { + "AggregateFunction": { + "markdownDescription": "The name of an aggregation function to apply.", + "title": "AggregateFunction", + "type": "string" + }, + "Base": { + "markdownDescription": "The number of digits used in a counting system.", + "title": "Base", + "type": "string" + }, + "CaseStatement": { + "markdownDescription": "A case statement associated with a recipe.", + "title": "CaseStatement", + "type": "string" + }, + "CategoryMap": { + "markdownDescription": "A category map used for one-hot encoding.", + "title": "CategoryMap", + "type": "string" + }, + "CharsToRemove": { + "markdownDescription": "Characters to remove from a step that applies one-hot encoding or tokenization.", + "title": "CharsToRemove", + "type": "string" + }, + "CollapseConsecutiveWhitespace": { + "markdownDescription": "Remove any non-word non-punctuation character.", + "title": "CollapseConsecutiveWhitespace", + "type": "string" + }, + "ColumnDataType": { + "markdownDescription": "The data type of the column.", + "title": "ColumnDataType", + "type": "string" + }, + "ColumnRange": { + "markdownDescription": "A range of columns to which a step is applied.", + "title": "ColumnRange", + "type": "string" + }, + "Count": { + "markdownDescription": "The number of times a string needs to be repeated.", + "title": "Count", + "type": "string" + }, + "CustomCharacters": { + "markdownDescription": "One or more characters that can be substituted or removed, depending on the context.", + "title": "CustomCharacters", + "type": "string" + }, + "CustomStopWords": { + "markdownDescription": "A list of words to ignore in a step that applies word tokenization.", + "title": "CustomStopWords", + "type": "string" + }, + "CustomValue": { + "markdownDescription": "A list of custom values to use in a step that requires that you provide a value to finish the operation.", + "title": "CustomValue", + "type": "string" + }, + "DatasetsColumns": { + "markdownDescription": "A list of the dataset columns included in a project.", + "title": "DatasetsColumns", + "type": "string" + }, + "DateAddValue": { + "markdownDescription": "A value that specifies how many units of time to add or subtract for a date math operation.", + "title": "DateAddValue", + "type": "string" + }, + "DateTimeFormat": { + "markdownDescription": "A date format to apply to a date.", + "title": "DateTimeFormat", + "type": "string" + }, + "DateTimeParameters": { + "markdownDescription": "A set of parameters associated with a datetime.", + "title": "DateTimeParameters", + "type": "string" + }, + "DeleteOtherRows": { + "markdownDescription": "Determines whether unmapped rows in a categorical mapping should be deleted", + "title": "DeleteOtherRows", + "type": "string" + }, + "Delimiter": { + "markdownDescription": "The delimiter to use when parsing separated values in a text file.", + "title": "Delimiter", + "type": "string" + }, + "EndPattern": { + "markdownDescription": "The end pattern to locate.", + "title": "EndPattern", + "type": "string" + }, + "EndPosition": { + "markdownDescription": "The end position to locate.", + "title": "EndPosition", + "type": "string" + }, + "EndValue": { + "markdownDescription": "The end value to locate.", + "title": "EndValue", + "type": "string" + }, + "ExpandContractions": { + "markdownDescription": "A list of word contractions and what they expand to. For eample: *can't* ; *cannot* ; *can not* .", + "title": "ExpandContractions", + "type": "string" + }, + "Exponent": { + "markdownDescription": "The exponent to apply in an exponential operation.", + "title": "Exponent", + "type": "string" + }, + "FalseString": { + "markdownDescription": "A value that represents `FALSE` .", + "title": "FalseString", + "type": "string" + }, + "GroupByAggFunctionOptions": { + "markdownDescription": "Specifies options to apply to the `GROUP BY` used in an aggregation.", + "title": "GroupByAggFunctionOptions", + "type": "string" + }, + "GroupByColumns": { + "markdownDescription": "The columns to use in the `GROUP BY` clause.", + "title": "GroupByColumns", + "type": "string" + }, + "HiddenColumns": { + "markdownDescription": "A list of columns to hide.", + "title": "HiddenColumns", + "type": "string" + }, + "IgnoreCase": { + "markdownDescription": "Indicates that lower and upper case letters are treated equally.", + "title": "IgnoreCase", + "type": "string" + }, + "IncludeInSplit": { + "markdownDescription": "Indicates if this column is participating in a split transform.", + "title": "IncludeInSplit", + "type": "string" + }, + "Input": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.Input", + "markdownDescription": "The input location to load the dataset from - Amazon S3 or AWS Glue Data Catalog .", + "title": "Input" + }, + "Interval": { + "markdownDescription": "The number of characters to split by.", + "title": "Interval", + "type": "string" + }, + "IsText": { + "markdownDescription": "Indicates if the content is text.", + "title": "IsText", + "type": "string" + }, + "JoinKeys": { + "markdownDescription": "The keys or columns involved in a join.", + "title": "JoinKeys", + "type": "string" + }, + "JoinType": { + "markdownDescription": "The type of join to use, for example, `INNER JOIN` , `OUTER JOIN` , and so on.", + "title": "JoinType", + "type": "string" + }, + "LeftColumns": { + "markdownDescription": "The columns on the left side of the join.", + "title": "LeftColumns", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of times to perform `split` or `replaceBy` in a string", + "title": "Limit", + "type": "string" + }, + "LowerBound": { + "markdownDescription": "The lower boundary for a value.", + "title": "LowerBound", + "type": "string" + }, + "MapType": { + "markdownDescription": "The type of mappings to apply to construct a new dynamic frame.", + "title": "MapType", + "type": "string" + }, + "ModeType": { + "markdownDescription": "Determines the manner in which mode value is calculated, in case there is more than one mode value. Valid values: `NONE` | `AVERAGE` | `MINIMUM` | `MAXIMUM`", + "title": "ModeType", + "type": "string" + }, + "MultiLine": { + "markdownDescription": "Specifies whether JSON input contains embedded new line characters.", + "title": "MultiLine", + "type": "boolean" + }, + "NumRows": { + "markdownDescription": "The number of rows to consider in a window.", + "title": "NumRows", + "type": "string" + }, + "NumRowsAfter": { + "markdownDescription": "The number of rows to consider after the current row in a window", + "title": "NumRowsAfter", + "type": "string" + }, + "NumRowsBefore": { + "markdownDescription": "The number of rows to consider before the current row in a window", + "title": "NumRowsBefore", + "type": "string" + }, + "OrderByColumn": { + "markdownDescription": "A column to sort the results by.", + "title": "OrderByColumn", + "type": "string" + }, + "OrderByColumns": { + "markdownDescription": "The columns to sort the results by.", + "title": "OrderByColumns", + "type": "string" + }, + "Other": { + "markdownDescription": "The value to assign to unmapped cells, in categorical mapping", + "title": "Other", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern to locate.", + "title": "Pattern", + "type": "string" + }, + "PatternOption1": { + "markdownDescription": "The starting pattern to split between.", + "title": "PatternOption1", + "type": "string" + }, + "PatternOption2": { + "markdownDescription": "The ending pattern to split between.", + "title": "PatternOption2", + "type": "string" + }, + "PatternOptions": { + "markdownDescription": "For splitting by multiple delimiters: A JSON-encoded string that lists the patterns in the format. For example: `[{\\\"pattern\\\":\\\"1\\\",\\\"includeInSplit\\\":true}]`", + "title": "PatternOptions", + "type": "string" + }, + "Period": { + "markdownDescription": "The size of the rolling window.", + "title": "Period", + "type": "string" + }, + "Position": { + "markdownDescription": "The character index within a string", + "title": "Position", + "type": "string" + }, + "RemoveAllPunctuation": { + "markdownDescription": "If `true` , removes all of the following characters: `.` `.!` `.,` `.?`", + "title": "RemoveAllPunctuation", + "type": "string" + }, + "RemoveAllQuotes": { + "markdownDescription": "If `true` , removes all single quotes and double quotes.", + "title": "RemoveAllQuotes", + "type": "string" + }, + "RemoveAllWhitespace": { + "markdownDescription": "If `true` , removes all whitespaces from the value.", + "title": "RemoveAllWhitespace", + "type": "string" + }, + "RemoveCustomCharacters": { + "markdownDescription": "If `true` , removes all chraracters specified by `CustomCharacters` .", + "title": "RemoveCustomCharacters", + "type": "string" + }, + "RemoveCustomValue": { + "markdownDescription": "If `true` , removes all chraracters specified by `CustomValue` .", + "title": "RemoveCustomValue", + "type": "string" + }, + "RemoveLeadingAndTrailingPunctuation": { + "markdownDescription": "If `true` , removes the following characters if they occur at the start or end of the value: `.` `!` `,` `?`", + "title": "RemoveLeadingAndTrailingPunctuation", + "type": "string" + }, + "RemoveLeadingAndTrailingQuotes": { + "markdownDescription": "If `true` , removes single quotes and double quotes from the beginning and end of the value.", + "title": "RemoveLeadingAndTrailingQuotes", + "type": "string" + }, + "RemoveLeadingAndTrailingWhitespace": { + "markdownDescription": "If `true` , removes all whitespaces from the beginning and end of the value.", + "title": "RemoveLeadingAndTrailingWhitespace", + "type": "string" + }, + "RemoveLetters": { + "markdownDescription": "If `true` , removes all uppercase and lowercase alphabetic characters (A through Z; a through z).", + "title": "RemoveLetters", + "type": "string" + }, + "RemoveNumbers": { + "markdownDescription": "If `true` , removes all numeric characters (0 through 9).", + "title": "RemoveNumbers", + "type": "string" + }, + "RemoveSourceColumn": { + "markdownDescription": "If `true` , the source column will be removed after un-nesting that column. (Used with nested column types, such as Map, Struct, or Array.)", + "title": "RemoveSourceColumn", + "type": "string" + }, + "RemoveSpecialCharacters": { + "markdownDescription": "If `true` , removes all of the following characters: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~`", + "title": "RemoveSpecialCharacters", + "type": "string" + }, + "RightColumns": { + "markdownDescription": "The columns on the right side of a join.", + "title": "RightColumns", + "type": "string" + }, + "SampleSize": { + "markdownDescription": "The number of rows in the sample.", + "title": "SampleSize", + "type": "string" + }, + "SampleType": { + "markdownDescription": "The sampling type to apply to the dataset. Valid values: `FIRST_N` | `LAST_N` | `RANDOM`", + "title": "SampleType", + "type": "string" + }, + "SecondInput": { + "markdownDescription": "A object value to indicate the second dataset used in a join.", + "title": "SecondInput", + "type": "string" + }, + "SecondaryInputs": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.SecondaryInput" }, - "required": [ - "AvailabilityZone" - ], - "type": "object" + "markdownDescription": "A list of secondary inputs in a UNION transform", + "title": "SecondaryInputs", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::Host" - ], + "SheetIndexes": { + "items": { + "type": "number" + }, + "markdownDescription": "One or more sheet numbers in the Excel file, which will be included in a dataset.", + "title": "SheetIndexes", + "type": "array" + }, + "SheetNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Oone or more named sheets in the Excel file, which will be included in a dataset.", + "title": "SheetNames", + "type": "array" + }, + "SourceColumn": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceColumn1": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn1", + "type": "string" + }, + "SourceColumn2": { + "markdownDescription": "A source column needed for an operation, step, or transform.", + "title": "SourceColumn2", + "type": "string" + }, + "SourceColumns": { + "markdownDescription": "A list of source columns needed for an operation, step, or transform.", + "title": "SourceColumns", + "type": "string" + }, + "StartColumnIndex": { + "markdownDescription": "The index number of the first column used by an operation, step, or transform.", + "title": "StartColumnIndex", + "type": "string" + }, + "StartPattern": { + "markdownDescription": "The starting pattern to locate.", + "title": "StartPattern", "type": "string" + }, + "StartPosition": { + "markdownDescription": "The starting position to locate.", + "title": "StartPosition", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The starting value to locate.", + "title": "StartValue", + "type": "string" + }, + "StemmingMode": { + "markdownDescription": "Indicates this operation uses stems and lemmas (base words) for word tokenization.", + "title": "StemmingMode", + "type": "string" + }, + "StepCount": { + "markdownDescription": "The total number of transforms in this recipe.", + "title": "StepCount", + "type": "string" + }, + "StepIndex": { + "markdownDescription": "The index ID of a step.", + "title": "StepIndex", + "type": "string" + }, + "StopWordsMode": { + "markdownDescription": "Indicates this operation uses stop words as part of word tokenization.", + "title": "StopWordsMode", + "type": "string" + }, + "Strategy": { + "markdownDescription": "The resolution strategy to apply in resolving ambiguities.", + "title": "Strategy", + "type": "string" + }, + "TargetColumn": { + "markdownDescription": "The column targeted by this operation.", + "title": "TargetColumn", + "type": "string" + }, + "TargetColumnNames": { + "markdownDescription": "The names to give columns altered by this operation.", + "title": "TargetColumnNames", + "type": "string" + }, + "TargetDateFormat": { + "markdownDescription": "The date format to convert to.", + "title": "TargetDateFormat", + "type": "string" + }, + "TargetIndex": { + "markdownDescription": "The index number of an object that is targeted by this operation.", + "title": "TargetIndex", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The current timezone that you want to use for dates.", + "title": "TimeZone", + "type": "string" + }, + "TokenizerPattern": { + "markdownDescription": "A regex expression to use when splitting text into terms, also called words or tokens.", + "title": "TokenizerPattern", + "type": "string" + }, + "TrueString": { + "markdownDescription": "A value to use to represent `TRUE` .", + "title": "TrueString", + "type": "string" + }, + "UdfLang": { + "markdownDescription": "The language that's used in the user-defined function.", + "title": "UdfLang", + "type": "string" + }, + "Units": { + "markdownDescription": "Specifies a unit of time. For example: `MINUTES` ; `SECONDS` ; `HOURS` ; etc.", + "title": "Units", + "type": "string" + }, + "UnpivotColumn": { + "markdownDescription": "Cast columns as rows, so that each value is a different row in a single column.", + "title": "UnpivotColumn", + "type": "string" + }, + "UpperBound": { + "markdownDescription": "The upper boundary for a value.", + "title": "UpperBound", + "type": "string" + }, + "UseNewDataFrame": { + "markdownDescription": "Create a new container to hold a dataset.", + "title": "UseNewDataFrame", + "type": "string" + }, + "Value": { + "markdownDescription": "A static value that can be used in a comparison, a substitution, or in another context-specific way. A `Value` can be a number, string, or other datatype, depending on the recipe action in which it's used.", + "title": "Value", + "type": "string" + }, + "Value1": { + "markdownDescription": "A value that's used by this operation.", + "title": "Value1", + "type": "string" + }, + "Value2": { + "markdownDescription": "A value that's used by this operation.", + "title": "Value2", + "type": "string" + }, + "ValueColumn": { + "markdownDescription": "The column that is provided as a value that's used by this operation.", + "title": "ValueColumn", + "type": "string" + }, + "ViewFrame": { + "markdownDescription": "The subset of rows currently available for viewing.", + "title": "ViewFrame", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Recipe.RecipeStep": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.Action", + "markdownDescription": "The particular action to be performed in the recipe step.", + "title": "Action" + }, + "ConditionExpressions": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.ConditionExpression" + }, + "markdownDescription": "One or more conditions that must be met for the recipe step to succeed.\n\n> All of the conditions in the array must be met. In other words, all of the conditions must be combined using a logical AND operation.", + "title": "ConditionExpressions", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Action" ], "type": "object" }, - "AWS::EC2::IPAM": { + "AWS::DataBrew::Recipe.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The unique name of the object in the bucket.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "AWS::DataBrew::Recipe.SecondaryInput": { + "additionalProperties": false, + "properties": { + "DataCatalogInputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", + "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", + "title": "DataCatalogInputDefinition" + }, + "S3InputDefinition": { + "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", + "markdownDescription": "The Amazon S3 location where the data is stored.", + "title": "S3InputDefinition" + } + }, + "type": "object" + }, + "AWS::DataBrew::Ruleset": { "additionalProperties": false, "properties": { "Condition": { @@ -70841,37 +78064,47 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description for the IPAM.", + "markdownDescription": "The description of the ruleset.", "title": "Description", "type": "string" }, - "OperatingRegions": { + "Name": { + "markdownDescription": "The name of the ruleset.", + "title": "Name", + "type": "string" + }, + "Rules": { "items": { - "$ref": "#/definitions/AWS::EC2::IPAM.IpamOperatingRegion" + "$ref": "#/definitions/AWS::DataBrew::Ruleset.Rule" }, - "markdownDescription": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "OperatingRegions", + "markdownDescription": "Contains metadata about the ruleset.", + "title": "Rules", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "Tier": { - "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", - "title": "Tier", + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a resource (dataset) that the ruleset is associated with.", + "title": "TargetArn", "type": "string" } }, + "required": [ + "Name", + "Rules", + "TargetArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAM" + "AWS::DataBrew::Ruleset" ], "type": "string" }, @@ -70885,25 +78118,118 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::IPAM.IpamOperatingRegion": { + "AWS::DataBrew::Ruleset.ColumnSelector": { "additionalProperties": false, "properties": { - "RegionName": { - "markdownDescription": "The name of the operating Region.", - "title": "RegionName", + "Name": { + "markdownDescription": "The name of a column from a dataset.", + "title": "Name", + "type": "string" + }, + "Regex": { + "markdownDescription": "A regular expression for selecting a column from a dataset.", + "title": "Regex", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataBrew::Ruleset.Rule": { + "additionalProperties": false, + "properties": { + "CheckExpression": { + "markdownDescription": "The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` .", + "title": "CheckExpression", + "type": "string" + }, + "ColumnSelectors": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.ColumnSelector" + }, + "markdownDescription": "List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns.", + "title": "ColumnSelectors", + "type": "array" + }, + "Disabled": { + "markdownDescription": "A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false.", + "title": "Disabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the rule.", + "title": "Name", + "type": "string" + }, + "SubstitutionMap": { + "items": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.SubstitutionValue" + }, + "markdownDescription": "The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `\":col1\": \"`Column A`\".`", + "title": "SubstitutionMap", + "type": "array" + }, + "Threshold": { + "$ref": "#/definitions/AWS::DataBrew::Ruleset.Threshold", + "markdownDescription": "The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds.", + "title": "Threshold" + } + }, + "required": [ + "CheckExpression", + "Name" + ], + "type": "object" + }, + "AWS::DataBrew::Ruleset.SubstitutionValue": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "Value or column name.", + "title": "Value", + "type": "string" + }, + "ValueReference": { + "markdownDescription": "Variable name.", + "title": "ValueReference", "type": "string" } }, "required": [ - "RegionName" + "Value", + "ValueReference" ], "type": "object" }, - "AWS::EC2::IPAMAllocation": { + "AWS::DataBrew::Ruleset.Threshold": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value.", + "title": "Type", + "type": "string" + }, + "Unit": { + "markdownDescription": "Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a threshold.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::DataBrew::Schedule": { "additionalProperties": false, "properties": { "Condition": { @@ -70938,35 +78264,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR.", - "title": "Cidr", + "CronExpression": { + "markdownDescription": "The dates and times when the job is to run. For more information, see [Working with cron expressions for recipe jobs](https://docs.aws.amazon.com/databrew/latest/dg/jobs.recipe.html#jobs.cron) in the *AWS Glue DataBrew Developer Guide* .", + "title": "CronExpression", "type": "string" }, - "Description": { - "markdownDescription": "A description for the allocation.", - "title": "Description", - "type": "string" + "JobNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of jobs to be run, according to the schedule.", + "title": "JobNames", + "type": "array" }, - "IpamPoolId": { - "markdownDescription": "The ID of the IPAM pool from which you would like to allocate a CIDR.", - "title": "IpamPoolId", + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", "type": "string" }, - "NetmaskLength": { - "markdownDescription": "The netmask length of the CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "NetmaskLength", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata tags that have been applied to the schedule.", + "title": "Tags", + "type": "array" } }, "required": [ - "IpamPoolId" + "CronExpression", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMAllocation" + "AWS::DataBrew::Schedule" ], "type": "string" }, @@ -70985,7 +78318,7 @@ ], "type": "object" }, - "AWS::EC2::IPAMPool": { + "AWS::DataPipeline::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -71020,105 +78353,62 @@ "Properties": { "additionalProperties": false, "properties": { - "AddressFamily": { - "markdownDescription": "The address family of the pool.", - "title": "AddressFamily", - "type": "string" - }, - "AllocationDefaultNetmaskLength": { - "markdownDescription": "The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.", - "title": "AllocationDefaultNetmaskLength", - "type": "number" - }, - "AllocationMaxNetmaskLength": { - "markdownDescription": "The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. The maximum netmask length must be greater than the minimum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "AllocationMaxNetmaskLength", - "type": "number" - }, - "AllocationMinNetmaskLength": { - "markdownDescription": "The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. The minimum netmask length must be less than the maximum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", - "title": "AllocationMinNetmaskLength", - "type": "number" - }, - "AllocationResourceTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.", - "title": "AllocationResourceTags", - "type": "array" - }, - "AutoImport": { - "markdownDescription": "If selected, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.\n\nA locale must be set on the pool for this feature to work.", - "title": "AutoImport", + "Activate": { + "markdownDescription": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to `true` .", + "title": "Activate", "type": "boolean" }, - "AwsService": { - "markdownDescription": "Limits which service in AWS that the pool can be used in. \"ec2\", for example, allows users to use space for Elastic IP addresses and VPCs.", - "title": "AwsService", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the IPAM pool.", + "markdownDescription": "A description of the pipeline.", "title": "Description", "type": "string" }, - "IpamScopeId": { - "markdownDescription": "The ID of the scope in which you would like to create the IPAM pool.", - "title": "IpamScopeId", - "type": "string" - }, - "Locale": { - "markdownDescription": "The locale of the IPAM pool.\n\nThe locale for the pool should be one of the following:\n\n- An AWS Region where you want this IPAM pool to be available for allocations.\n- The network border group for an AWS Local Zone where you want this IPAM pool to be available for allocations ( [supported Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-zone-avail) ). This option is only available for IPAM IPv4 pools in the public scope.\n\nIf you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error.", - "title": "Locale", + "Name": { + "markdownDescription": "The name of the pipeline.", + "title": "Name", "type": "string" }, - "ProvisionedCidrs": { + "ParameterObjects": { "items": { - "$ref": "#/definitions/AWS::EC2::IPAMPool.ProvisionedCidr" + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterObject" }, - "markdownDescription": "Information about the CIDRs provisioned to an IPAM pool.", - "title": "ProvisionedCidrs", + "markdownDescription": "The parameter objects used with the pipeline.", + "title": "ParameterObjects", "type": "array" }, - "PublicIpSource": { - "markdownDescription": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `BYOIP` . For more information, see [Create IPv6 pools](https://docs.aws.amazon.com//vpc/latest/ipam/intro-create-ipv6-pools.html) in the *Amazon VPC IPAM User Guide* . By default, you can add only one Amazon-provided IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the default limit, see [Quotas for your IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/quotas-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "PublicIpSource", - "type": "string" - }, - "PubliclyAdvertisable": { - "markdownDescription": "Determines if a pool is publicly advertisable. This option is not available for pools with AddressFamily set to `ipv4` .", - "title": "PubliclyAdvertisable", - "type": "boolean" - }, - "SourceIpamPoolId": { - "markdownDescription": "The ID of the source IPAM pool. You can use this option to create an IPAM pool within an existing source pool.", - "title": "SourceIpamPoolId", - "type": "string" + "ParameterValues": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterValue" + }, + "markdownDescription": "The parameter values used with the pipeline.", + "title": "ParameterValues", + "type": "array" }, - "SourceResource": { - "$ref": "#/definitions/AWS::EC2::IPAMPool.SourceResource", - "markdownDescription": "The resource used to provision CIDRs to a resource planning pool.", - "title": "SourceResource" + "PipelineObjects": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineObject" + }, + "markdownDescription": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see [Editing Your Pipeline](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-manage-pipeline-modify-console.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "PipelineObjects", + "type": "array" }, - "Tags": { + "PipelineTags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineTag" }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", - "title": "Tags", + "markdownDescription": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see [Controlling Access to Pipelines and Resources](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-control-access.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "PipelineTags", "type": "array" } }, "required": [ - "AddressFamily", - "IpamScopeId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMPool" + "AWS::DataPipeline::Pipeline" ], "type": "string" }, @@ -71137,53 +78427,143 @@ ], "type": "object" }, - "AWS::EC2::IPAMPool.ProvisionedCidr": { + "AWS::DataPipeline::Pipeline.Field": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", - "title": "Cidr", + "Key": { + "markdownDescription": "Specifies the name of a field for a particular object. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .", + "title": "Key", + "type": "string" + }, + "RefValue": { + "markdownDescription": "A field value that you specify as an identifier of another object in the same pipeline definition.\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", + "title": "RefValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "A field value that you specify as a string. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", + "title": "StringValue", "type": "string" } }, "required": [ - "Cidr" + "Key" ], "type": "object" }, - "AWS::EC2::IPAMPool.SourceResource": { + "AWS::DataPipeline::Pipeline.ParameterAttribute": { "additionalProperties": false, "properties": { - "ResourceId": { - "markdownDescription": "The source resource ID.", - "title": "ResourceId", - "type": "string" - }, - "ResourceOwner": { - "markdownDescription": "The source resource owner.", - "title": "ResourceOwner", - "type": "string" - }, - "ResourceRegion": { - "markdownDescription": "The source resource Region.", - "title": "ResourceRegion", + "Key": { + "markdownDescription": "The field identifier.", + "title": "Key", "type": "string" }, - "ResourceType": { - "markdownDescription": "The source resource type.", - "title": "ResourceType", + "StringValue": { + "markdownDescription": "The field value, expressed as a String.", + "title": "StringValue", "type": "string" } }, "required": [ - "ResourceId", - "ResourceOwner", - "ResourceRegion", - "ResourceType" + "Key", + "StringValue" ], "type": "object" }, - "AWS::EC2::IPAMPoolCidr": { + "AWS::DataPipeline::Pipeline.ParameterObject": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterAttribute" + }, + "markdownDescription": "The attributes of the parameter object.", + "title": "Attributes", + "type": "array" + }, + "Id": { + "markdownDescription": "The ID of the parameter object.", + "title": "Id", + "type": "string" + } + }, + "required": [ + "Attributes", + "Id" + ], + "type": "object" + }, + "AWS::DataPipeline::Pipeline.ParameterValue": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the parameter value.", + "title": "Id", + "type": "string" + }, + "StringValue": { + "markdownDescription": "The field value, expressed as a String.", + "title": "StringValue", + "type": "string" + } + }, + "required": [ + "Id", + "StringValue" + ], + "type": "object" + }, + "AWS::DataPipeline::Pipeline.PipelineObject": { + "additionalProperties": false, + "properties": { + "Fields": { + "items": { + "$ref": "#/definitions/AWS::DataPipeline::Pipeline.Field" + }, + "markdownDescription": "Key-value pairs that define the properties of the object.", + "title": "Fields", + "type": "array" + }, + "Id": { + "markdownDescription": "The ID of the object.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the object.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Fields", + "Id", + "Name" + ], + "type": "object" + }, + "AWS::DataPipeline::Pipeline.PipelineTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key name of a tag.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value to associate with the key name.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::DataSync::Agent": { "additionalProperties": false, "properties": { "Condition": { @@ -71218,30 +78598,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", - "title": "Cidr", + "ActivationKey": { + "markdownDescription": "Specifies your DataSync agent's activation key. If you don't have an activation key, see [Activating your agent](https://docs.aws.amazon.com/datasync/latest/userguide/activate-agent.html) .", + "title": "ActivationKey", "type": "string" }, - "IpamPoolId": { - "markdownDescription": "The ID of the IPAM pool.", - "title": "IpamPoolId", + "AgentName": { + "markdownDescription": "Specifies a name for your agent. We recommend specifying a name that you can remember.", + "title": "AgentName", "type": "string" }, - "NetmaskLength": { - "markdownDescription": "The netmask length of the CIDR you'd like to provision to a pool. Can be used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for provisioning CIDRs to pools with source pools. Cannot be used to provision BYOIP CIDRs to top-level pools. \"NetmaskLength\" or \"Cidr\" is required.", - "title": "NetmaskLength", - "type": "number" + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. See [SecurityGroupArns](https://docs.aws.amazon.com/datasync/latest/userguide/API_Ec2Config.html#DataSync-Type-Ec2Config-SecurityGroupArns) .\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`", + "title": "SecurityGroupArns", + "type": "array" + }, + "SubnetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the ARN of the subnet where your VPC service endpoint is located. You can only specify one ARN.", + "title": "SubnetArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least one tag for your agent.", + "title": "Tags", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The ID of the virtual private cloud (VPC) endpoint that the agent has access to. This is the client-side VPC endpoint, powered by AWS PrivateLink . If you don't have an AWS PrivateLink VPC endpoint, see [AWS PrivateLink and VPC endpoints](https://docs.aws.amazon.com//vpc/latest/userguide/endpoint-services-overview.html) in the *Amazon VPC User Guide* .\n\nFor more information about activating your agent in a private network based on a VPC, see [Using AWS DataSync in a Virtual Private Cloud](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-in-vpc.html) in the *AWS DataSync User Guide.*\n\nA VPC endpoint ID looks like this: `vpce-01234d5aff67890e1` .", + "title": "VpcEndpointId", + "type": "string" } }, - "required": [ - "IpamPoolId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMPoolCidr" + "AWS::DataSync::Agent" ], "type": "string" }, @@ -71255,12 +78656,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscovery": { + "AWS::DataSync::LocationAzureBlob": { "additionalProperties": false, "properties": { "Condition": { @@ -71295,33 +78695,71 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The resource discovery description.", - "title": "Description", - "type": "string" - }, - "OperatingRegions": { + "AgentArns": { "items": { - "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion" + "type": "string" }, - "markdownDescription": "The operating Regions for the resource discovery. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.", - "title": "OperatingRegions", + "markdownDescription": "(Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", + "title": "AgentArns", "type": "array" }, + "AzureAccessTier": { + "markdownDescription": "Specifies the access tier that you want your objects or files transferred into. This only applies when using the location as a transfer destination. For more information, see [Access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) .", + "title": "AzureAccessTier", + "type": "string" + }, + "AzureBlobAuthenticationType": { + "markdownDescription": "Specifies the authentication method DataSync uses to access your Azure Blob Storage. DataSync can access blob storage using a shared access signature (SAS).", + "title": "AzureBlobAuthenticationType", + "type": "string" + }, + "AzureBlobContainerUrl": { + "markdownDescription": "Specifies the URL of the Azure Blob Storage container involved in your transfer.", + "title": "AzureBlobContainerUrl", + "type": "string" + }, + "AzureBlobSasConfiguration": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration", + "markdownDescription": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage.\n\n> If you provide an authentication token using `SasConfiguration` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's secrets manager secret.", + "title": "AzureBlobSasConfiguration" + }, + "AzureBlobType": { + "markdownDescription": "Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Currently, DataSync only supports moving data into Azure Blob Storage as block blobs. For more information on blob types, see the [Azure Blob Storage documentation](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs) .", + "title": "AzureBlobType", + "type": "string" + }, + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.CmkSecretConfig", + "markdownDescription": "Specifies configuration information for a DataSync-managed secret, such as an authentication token or secret key that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key .\n\n> You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.", + "title": "CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.CustomSecretConfig", + "markdownDescription": "Specifies configuration information for a customer-managed Secrets Manager secret where a storage location authentication token or secret key is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.\n\n> You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.", + "title": "CustomSecretConfig" + }, + "Subdirectory": { + "markdownDescription": "Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ).", + "title": "Subdirectory", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", "title": "Tags", "type": "array" } }, + "required": [ + "AzureBlobAuthenticationType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMResourceDiscovery" + "AWS::DataSync::LocationAzureBlob" ], "type": "string" }, @@ -71335,25 +78773,76 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion": { + "AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration": { "additionalProperties": false, "properties": { - "RegionName": { - "markdownDescription": "The name of the operating Region.", - "title": "RegionName", + "AzureBlobSasToken": { + "markdownDescription": "Specifies a SAS token that provides permissions to access your Azure Blob Storage.\n\nThe token is part of the SAS URI string that comes after the storage resource URI and a question mark. A token looks something like this:\n\n`sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D`", + "title": "AzureBlobSasToken", "type": "string" } }, "required": [ - "RegionName" + "AzureBlobSasToken" ], "type": "object" }, - "AWS::EC2::IPAMResourceDiscoveryAssociation": { + "AWS::DataSync::LocationAzureBlob.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . DataSync provides this key to AWS Secrets Manager .", + "title": "KmsKeyArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` .", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationAzureBlob.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "markdownDescription": "Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` .", + "title": "SecretAccessRoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationAzureBlob.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationEFS": { "additionalProperties": false, "properties": { "Condition": { @@ -71388,34 +78877,53 @@ "Properties": { "additionalProperties": false, "properties": { - "IpamId": { - "markdownDescription": "The IPAM ID.", - "title": "IpamId", + "AccessPointArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to mount your Amazon EFS file system.\n\nFor more information, see [Accessing restricted file systems](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam) .", + "title": "AccessPointArn", "type": "string" }, - "IpamResourceDiscoveryId": { - "markdownDescription": "The resource discovery ID.", - "title": "IpamResourceDiscoveryId", + "Ec2Config": { + "$ref": "#/definitions/AWS::DataSync::LocationEFS.Ec2Config", + "markdownDescription": "Specifies the subnet and security groups DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) .", + "title": "Ec2Config" + }, + "EfsFilesystemArn": { + "markdownDescription": "Specifies the ARN for your Amazon EFS file system.", + "title": "EfsFilesystemArn", + "type": "string" + }, + "FileSystemAccessRoleArn": { + "markdownDescription": "Specifies an AWS Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system.\n\nFor information on creating this role, see [Creating a DataSync IAM role for file system access](https://docs.aws.amazon.com/datasync/latest/userguide/create-efs-location.html#create-efs-location-iam-role) .", + "title": "FileSystemAccessRoleArn", + "type": "string" + }, + "InTransitEncryption": { + "markdownDescription": "Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it transfers data to or from your Amazon EFS file system.\n\nIf you specify an access point using `AccessPointArn` or an IAM role using `FileSystemAccessRoleArn` , you must set this parameter to `TLS1_2` .", + "title": "InTransitEncryption", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location).\n\nBy default, DataSync uses the root directory (or [access point](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) if you provide one by using `AccessPointArn` ). You can also include subdirectories using forward slashes (for example, `/path/to/folder` ).", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", + "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ - "IpamId", - "IpamResourceDiscoveryId" + "Ec2Config" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMResourceDiscoveryAssociation" + "AWS::DataSync::LocationEFS" ], "type": "string" }, @@ -71434,7 +78942,30 @@ ], "type": "object" }, - "AWS::EC2::IPAMScope": { + "AWS::DataSync::LocationEFS.Ec2Config": { + "additionalProperties": false, + "properties": { + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target.", + "title": "SecurityGroupArns", + "type": "array" + }, + "SubnetArn": { + "markdownDescription": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces.html) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target.", + "title": "SubnetArn", + "type": "string" + } + }, + "required": [ + "SecurityGroupArns", + "SubnetArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxLustre": { "additionalProperties": false, "properties": { "Condition": { @@ -71469,33 +79000,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the scope.", - "title": "Description", + "FsxFilesystemArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system.", + "title": "FsxFilesystemArn", "type": "string" }, - "IpamId": { - "markdownDescription": "The ID of the IPAM for which you're creating this scope.", - "title": "IpamId", + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for Lustre file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories.\n\nWhen the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory ( `/` ).", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ - "IpamId" + "SecurityGroupArns" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::IPAMScope" + "AWS::DataSync::LocationFSxLustre" ], "type": "string" }, @@ -71514,15 +79053,12 @@ ], "type": "object" }, - "AWS::EC2::Instance": { + "AWS::DataSync::LocationFSxONTAP": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, - "CreationPolicy": { - "type": "object" - }, "DeletionPolicy": { "enum": [ "Delete", @@ -71552,245 +79088,47 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInfo": { - "markdownDescription": "This property is reserved for internal use. If you use it, the stack fails with this error: `Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)` .", - "title": "AdditionalInfo", - "type": "string" - }, - "Affinity": { - "markdownDescription": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify `host` . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify `default` .", - "title": "Affinity", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", - "title": "AvailabilityZone", - "type": "string" - }, - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.BlockDeviceMapping" - }, - "markdownDescription": "The block device mapping entries that defines the block devices to attach to the instance at launch.\n\nBy default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the `DeleteOnTermination` setting.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "BlockDeviceMappings", - "type": "array" - }, - "CpuOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.CpuOptions", - "markdownDescription": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "CpuOptions" - }, - "CreditSpecification": { - "$ref": "#/definitions/AWS::EC2::Instance.CreditSpecification", - "markdownDescription": "The credit option for CPU usage of the burstable performance instance. Valid values are `standard` and `unlimited` . To change this attribute after launch, use [ModifyInstanceCreditSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html) . For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `standard` (T2 instances) or `unlimited` (T3/T3a/T4g instances)\n\nFor T3 instances with `host` tenancy, only `standard` is supported.", - "title": "CreditSpecification" - }, - "DisableApiTermination": { - "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", - "title": "DisableApiTermination", - "type": "boolean" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.\n\nDefault: `false`", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticGpuSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.ElasticGpuSpecification" - }, - "markdownDescription": "An elastic GPU to associate with the instance.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", - "title": "ElasticGpuSpecifications", - "type": "array" - }, - "ElasticInferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.ElasticInferenceAccelerator" - }, - "markdownDescription": "An elastic inference accelerator to associate with the instance.\n\n> Amazon Elastic Inference is no longer available.", - "title": "ElasticInferenceAccelerators", - "type": "array" - }, - "EnclaveOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.EnclaveOptions", - "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", - "title": "EnclaveOptions" - }, - "HibernationOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.HibernationOptions", - "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .\n\nYou can't enable hibernation and AWS Nitro Enclaves on the same instance.", - "title": "HibernationOptions" - }, - "HostId": { - "markdownDescription": "If you specify host for the `Affinity` property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.", - "title": "HostId", - "type": "string" - }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", - "title": "HostResourceGroupArn", - "type": "string" - }, - "IamInstanceProfile": { - "markdownDescription": "The name of an IAM instance profile. To create a new IAM instance profile, use the [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html) resource.", - "title": "IamInstanceProfile", - "type": "string" - }, - "ImageId": { - "markdownDescription": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", - "title": "ImageId", - "type": "string" - }, - "InstanceInitiatedShutdownBehavior": { - "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", - "title": "InstanceInitiatedShutdownBehavior", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The instance type. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nWhen you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance with an instance store volume as the root volume is always replaced. For more information, see [Change the instance type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceType", - "type": "string" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", - "title": "Ipv6Addresses", - "type": "array" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "KernelId", - "type": "string" - }, - "KeyName": { - "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", - "title": "KeyName", - "type": "string" - }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::EC2::Instance.LaunchTemplateSpecification", - "markdownDescription": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", - "title": "LaunchTemplate" - }, - "LicenseSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.LicenseSpecification" - }, - "markdownDescription": "The license configurations.", - "title": "LicenseSpecifications", - "type": "array" - }, - "Monitoring": { - "markdownDescription": "Specifies whether detailed monitoring is enabled for the instance. Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see [Enable or turn off detailed monitoring for your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) in the *Amazon EC2 User Guide* .", - "title": "Monitoring", - "type": "boolean" - }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.NetworkInterface" - }, - "markdownDescription": "The network interfaces to associate with the instance.\n\n> If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.\n> \n> If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment.", - "title": "NetworkInterfaces", - "type": "array" - }, - "PlacementGroupName": { - "markdownDescription": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).", - "title": "PlacementGroupName", - "type": "string" - }, - "PrivateDnsNameOptions": { - "$ref": "#/definitions/AWS::EC2::Instance.PrivateDnsNameOptions", - "markdownDescription": "The options for the instance hostname.", - "title": "PrivateDnsNameOptions" - }, - "PrivateIpAddress": { - "markdownDescription": "The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same request.\n\nIf you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.", - "title": "PrivateIpAddress", - "type": "string" - }, - "PropagateTagsToVolumeOnCreation": { - "markdownDescription": "Indicates whether to assign the tags specified in the `Tags` property to the volumes specified in the `BlockDeviceMappings` property.\n\nNote that using this feature does not assign the tags to volumes that are created separately and then attached using `AWS::EC2::VolumeAttachment` .", - "title": "PropagateTagsToVolumeOnCreation", - "type": "boolean" - }, - "RamdiskId": { - "markdownDescription": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "RamdiskId", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface.", - "title": "SecurityGroupIds", - "type": "array" + "Protocol": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.Protocol", + "markdownDescription": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.", + "title": "Protocol" }, - "SecurityGroups": { + "SecurityGroupArns": { "items": { "type": "string" }, - "markdownDescription": "[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nYou cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.\n\nDefault: Amazon EC2 uses the default security group.", - "title": "SecurityGroups", + "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups that DataSync can use to access your FSx for ONTAP file system. You must configure the security groups to allow outbound traffic on the following ports (depending on the protocol that you're using):\n\n- *Network File System (NFS)* : TCP ports 111, 635, and 2049\n- *Server Message Block (SMB)* : TCP port 445\n\nYour file system's security groups must also allow inbound traffic on the same port.", + "title": "SecurityGroupArns", "type": "array" }, - "SourceDestCheck": { - "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", - "title": "SourceDestCheck", - "type": "boolean" - }, - "SsmAssociations": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.SsmAssociation" - }, - "markdownDescription": "The SSM [document](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html) and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see [Create an IAM instance profile for Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-configuring-access-role.html) in the *AWS Systems Manager User Guide* .\n\n> You can associate only one document with an instance.", - "title": "SsmAssociations", - "type": "array" + "StorageVirtualMachineArn": { + "markdownDescription": "Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from.", + "title": "StorageVirtualMachineArn", + "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", - "title": "SubnetId", + "Subdirectory": { + "markdownDescription": "Specifies a path to the file share in the SVM where you want to transfer data to or from.\n\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be `/vol1` , `/vol1/tree1` , or `/share1` .\n\n> Don't specify a junction path in the SVM's root volume. For more information, see [Managing FSx for ONTAP storage virtual machines](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) in the *Amazon FSx for NetApp ONTAP User Guide* .", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the instance. These tags are not applied to the EBS volumes, such as the root volume, unless [PropagateTagsToVolumeOnCreation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-propagatetagstovolumeoncreation) is `true` .", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.", - "title": "Tenancy", - "type": "string" - }, - "UserData": { - "markdownDescription": "The parameters or scripts to store as user data. Any scripts in user data are run when you launch the instance. User data is limited to 16 KB. You must provide base64-encoded text. For more information, see [Fn::Base64](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-base64.html) .\n\nIf the root volume is an EBS volume and you update user data, CloudFormation restarts the instance. If the root volume is an instance store volume and you update user data, the instance is replaced.", - "title": "UserData", - "type": "string" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.Volume" - }, - "markdownDescription": "The volumes to attach to the instance.", - "title": "Volumes", - "type": "array" } }, + "required": [ + "SecurityGroupArns", + "StorageVirtualMachineArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Instance" + "AWS::DataSync::LocationFSxONTAP" ], "type": "string" }, @@ -71804,404 +79142,95 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::Instance.AssociationParameter": { + "AWS::DataSync::LocationFSxONTAP.NFS": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of an input parameter that is in the associated SSM document.", - "title": "Key", - "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "The value of an input parameter.", - "title": "Value", - "type": "array" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NfsMountOptions", + "markdownDescription": "Specifies how DataSync can access a location using the NFS protocol.", + "title": "MountOptions" } }, "required": [ - "Key", - "Value" + "MountOptions" ], "type": "object" }, - "AWS::EC2::Instance.BlockDeviceMapping": { + "AWS::DataSync::LocationFSxONTAP.NfsMountOptions": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).\n\n> After the instance is running, this parameter is used to specify the device name of the block device mapping to update.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::Instance.Ebs", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) .", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NoDevice", - "type": "object" - }, - "VirtualName": { - "markdownDescription": "The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\n*Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VirtualName", + "Version": { + "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", + "title": "Version", "type": "string" } }, - "required": [ - "DeviceName" - ], "type": "object" }, - "AWS::EC2::Instance.CpuOptions": { + "AWS::DataSync::LocationFSxONTAP.Protocol": { "additionalProperties": false, "properties": { - "CoreCount": { - "markdownDescription": "The number of CPU cores for the instance.", - "title": "CoreCount", - "type": "number" + "NFS": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NFS", + "markdownDescription": "Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM).", + "title": "NFS" }, - "ThreadsPerCore": { - "markdownDescription": "The number of threads per CPU core.", - "title": "ThreadsPerCore", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.CreditSpecification": { - "additionalProperties": false, - "properties": { - "CPUCredits": { - "markdownDescription": "The credit option for CPU usage of the instance.\n\nValid values: `standard` | `unlimited`\n\nT3 instances with `host` tenancy do not support the `unlimited` CPU credit option.", - "title": "CPUCredits", - "type": "string" + "SMB": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SMB", + "markdownDescription": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.", + "title": "SMB" } }, "type": "object" }, - "AWS::EC2::Instance.Ebs": { + "AWS::DataSync::LocationFSxONTAP.SMB": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000-16,000 IOPS\n- `io1` : 100-64,000 IOPS\n- `io2` : 100-64,000 IOPS\n\nFor `io1` and `io2` volumes, we guarantee 64,000 IOPS only for [Instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . Other instance families guarantee performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` . If the encrypted state is `true` but you do not specify `KmsKeyId` , your KMS key for EBS is used.\n\nYou can specify the KMS key using any of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. For example, alias/ExampleAlias.\n- Key ARN. For example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "KmsKeyId", - "type": "string" - }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.\n\nIf you specify both `SnapshotId` and `VolumeSize` , `VolumeSize` must be equal or greater than the size of the snapshot.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "SnapshotId", + "Domain": { + "markdownDescription": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.", + "title": "Domain", "type": "string" }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` :1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VolumeSize", - "type": "number" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", + "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", + "title": "MountOptions" }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide* . If the volume type is `io1` or `io2` , you must specify the IOPS that the volume supports.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.ElasticGpuSpecification": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of Elastic Graphics accelerator.", - "title": "Type", + "Password": { + "markdownDescription": "Specifies the password of a user who has permission to access your SVM.", + "title": "Password", "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::Instance.ElasticInferenceAccelerator": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of elastic inference accelerators to attach to the instance.", - "title": "Count", - "type": "number" }, - "Type": { - "markdownDescription": "The type of elastic inference accelerator. The possible values are `eia1.medium` , `eia1.large` , `eia1.xlarge` , `eia2.medium` , `eia2.large` , and `eia2.xlarge` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::Instance.EnclaveOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.HibernationOptions": { - "additionalProperties": false, - "properties": { - "Configured": { - "markdownDescription": "Set to `true` to enable your instance for hibernation.\n\nFor Spot Instances, if you set `Configured` to `true` , either omit the `InstanceInterruptionBehavior` parameter (for [`SpotMarketOptions`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html) ), or set it to `hibernate` . When `Configured` is true:\n\n- If you omit `InstanceInterruptionBehavior` , it defaults to `hibernate` .\n- If you set `InstanceInterruptionBehavior` to a value other than `hibernate` , you'll get an error.\n\nDefault: `false`", - "title": "Configured", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.InstanceIpv6Address": { - "additionalProperties": false, - "properties": { - "Ipv6Address": { - "markdownDescription": "The IPv6 address.", - "title": "Ipv6Address", + "User": { + "markdownDescription": "Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM.\n\nIf you provide a user in your Active Directory, note the following:\n\n- If you're using AWS Directory Service for Microsoft Active Directory , the user must be a member of the AWS Delegated FSx Administrators group.\n- If you're using a self-managed Active Directory, the user must be a member of either the Domain Admins group or a custom group that you specified for file system administration when you created your file system.\n\nMake sure that the user has the permissions it needs to copy the data you want:\n\n- `SE_TCB_NAME` : Required to set object ownership and file metadata. With this privilege, you also can copy NTFS discretionary access lists (DACLs).\n- `SE_SECURITY_NAME` : May be needed to copy NTFS system access control lists (SACLs). This operation specifically requires the Windows privilege, which is granted to members of the Domain Admins group. If you configure your task to copy SACLs, make sure that the user has the required privileges. For information about copying SACLs, see [Ownership and permissions-related options](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html#configure-ownership-and-permissions) .", + "title": "User", "type": "string" } }, "required": [ - "Ipv6Address" + "MountOptions", + "Password", + "User" ], "type": "object" }, - "AWS::EC2::Instance.LaunchTemplateSpecification": { + "AWS::DataSync::LocationFSxONTAP.SmbMountOptions": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", - "title": "LaunchTemplateId", - "type": "string" - }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", - "title": "LaunchTemplateName", - "type": "string" - }, "Version": { - "markdownDescription": "The version number of the launch template. You must specify this property.\n\nTo specify the default version of the template, use the `Fn::GetAtt` intrinsic function to retrieve the `DefaultVersionNumber` attribute of the launch template. To specify the latest version of the template, use `Fn::GetAtt` to retrieve the `LatestVersionNumber` attribute. For more information, see [AWS::EC2:LaunchTemplate return values for Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", + "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", "title": "Version", "type": "string" } }, - "required": [ - "Version" - ], - "type": "object" - }, - "AWS::EC2::Instance.LicenseSpecification": { - "additionalProperties": false, - "properties": { - "LicenseConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", - "title": "LicenseConfigurationArn", - "type": "string" - } - }, - "required": [ - "LicenseConfigurationArn" - ], - "type": "object" - }, - "AWS::EC2::Instance.NetworkInterface": { - "additionalProperties": false, - "properties": { - "AssociateCarrierIpAddress": { - "markdownDescription": "Indicates whether to assign a carrier IP address to the network interface.\n\nYou can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see [Carrier IP address](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", - "title": "AssociateCarrierIpAddress", - "type": "boolean" - }, - "AssociatePublicIpAddress": { - "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance. Applies only if creating a network interface when launching an instance. The network interface must be the primary network interface. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Description": { - "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Description", - "type": "string" - }, - "DeviceIndex": { - "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you create a network interface when launching an instance, you must specify the device index.", - "title": "DeviceIndex", - "type": "string" - }, - "GroupSet": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", - "title": "GroupSet", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6Addresses", - "type": "array" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface, when attaching an existing network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "PrivateIpAddress", - "type": "string" - }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.PrivateIpAddressSpecification" - }, - "markdownDescription": "One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet associated with the network interface.", - "title": "SubnetId", - "type": "string" - } - }, - "required": [ - "DeviceIndex" - ], - "type": "object" - }, - "AWS::EC2::Instance.PrivateDnsNameOptions": { - "additionalProperties": false, - "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" - }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" - }, - "HostnameType": { - "markdownDescription": "The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "HostnameType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::Instance.PrivateIpAddressSpecification": { - "additionalProperties": false, - "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", - "type": "string" - } - }, - "required": [ - "Primary", - "PrivateIpAddress" - ], - "type": "object" - }, - "AWS::EC2::Instance.SsmAssociation": { - "additionalProperties": false, - "properties": { - "AssociationParameters": { - "items": { - "$ref": "#/definitions/AWS::EC2::Instance.AssociationParameter" - }, - "markdownDescription": "The input parameter values to use with the associated SSM document.", - "title": "AssociationParameters", - "type": "array" - }, - "DocumentName": { - "markdownDescription": "The name of an SSM document to associate with the instance.", - "title": "DocumentName", - "type": "string" - } - }, - "required": [ - "DocumentName" - ], - "type": "object" - }, - "AWS::EC2::Instance.Volume": { - "additionalProperties": false, - "properties": { - "Device": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "Device", - "type": "string" - }, - "VolumeId": { - "markdownDescription": "The ID of the EBS volume. The volume and instance must be within the same Availability Zone.", - "title": "VolumeId", - "type": "string" - } - }, - "required": [ - "Device", - "VolumeId" - ], "type": "object" }, - "AWS::EC2::InstanceConnectEndpoint": { + "AWS::DataSync::LocationFSxOpenZFS": { "additionalProperties": false, "properties": { "Condition": { @@ -72236,46 +79265,47 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", - "title": "ClientToken", + "FsxFilesystemArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the FSx for OpenZFS file system.", + "title": "FsxFilesystemArn", "type": "string" }, - "PreserveClientIp": { - "markdownDescription": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\nDefault: `false`", - "title": "PreserveClientIp", - "type": "boolean" + "Protocol": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.Protocol", + "markdownDescription": "The type of protocol that AWS DataSync uses to access your file system.", + "title": "Protocol" }, - "SecurityGroupIds": { + "SecurityGroupArns": { "items": { "type": "string" }, - "markdownDescription": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", - "title": "SecurityGroupIds", + "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for OpenZFS file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", "type": "array" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", - "title": "SubnetId", + "Subdirectory": { + "markdownDescription": "A subdirectory in the location's path that must begin with `/fsx` . DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the EC2 Instance Connect Endpoint during creation.", + "markdownDescription": "The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ - "SubnetId" + "Protocol", + "SecurityGroupArns" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::InstanceConnectEndpoint" + "AWS::DataSync::LocationFSxOpenZFS" ], "type": "string" }, @@ -72294,20 +79324,56 @@ ], "type": "object" }, - "AWS::EC2::InternetGateway": { + "AWS::DataSync::LocationFSxOpenZFS.MountOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Version": { + "markdownDescription": "The specific NFS version that you want DataSync to use to mount your NFS share. If the server refuses to use the version specified, the sync will fail. If you don't specify a version, DataSync defaults to `AUTOMATIC` . That is, DataSync automatically selects a version based on negotiation with the NFS server.\n\nYou can specify the following NFS versions:\n\n- *[NFSv3](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc1813)* : Stateless protocol version that allows for asynchronous writes on the server.\n- *[NFSv4.0](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3530)* : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- *[NFSv4.1](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5661)* : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. Version 4.1 also includes all features available in version 4.0.", + "title": "Version", "type": "string" - }, + } + }, + "type": "object" + }, + "AWS::DataSync::LocationFSxOpenZFS.NFS": { + "additionalProperties": false, + "properties": { + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.MountOptions", + "markdownDescription": "Represents the mount options that are available for DataSync to access an NFS location.", + "title": "MountOptions" + } + }, + "required": [ + "MountOptions" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxOpenZFS.Protocol": { + "additionalProperties": false, + "properties": { + "NFS": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.NFS", + "markdownDescription": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system.", + "title": "NFS" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationFSxWindows": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, "DependsOn": { "anyOf": [ { @@ -72329,20 +79395,57 @@ "Properties": { "additionalProperties": false, "properties": { + "Domain": { + "markdownDescription": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", + "title": "Domain", + "type": "string" + }, + "FsxFilesystemArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file system.", + "title": "FsxFilesystemArn", + "type": "string" + }, + "Password": { + "markdownDescription": "Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.", + "title": "Password", + "type": "string" + }, + "SecurityGroupArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups that are used to configure the FSx for Windows File Server file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", + "title": "SecurityGroupArns", + "type": "array" + }, + "Subdirectory": { + "markdownDescription": "Specifies a mount path for your file system using forward slashes. This is where DataSync reads or writes data (depending on if this is a source or destination location).", + "title": "Subdirectory", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags to assign to the internet gateway.", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" + }, + "User": { + "markdownDescription": "The user who has the permissions to access files and folders in the FSx for Windows File Server file system.\n\nFor information about choosing a user name that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-fsx-location.html#FSxWuser) .", + "title": "User", + "type": "string" } }, + "required": [ + "SecurityGroupArns", + "User" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::InternetGateway" + "AWS::DataSync::LocationFSxWindows" ], "type": "string" }, @@ -72356,11 +79459,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::KeyPair": { + "AWS::DataSync::LocationHDFS": { "additionalProperties": false, "properties": { "Condition": { @@ -72395,43 +79499,91 @@ "Properties": { "additionalProperties": false, "properties": { - "KeyFormat": { - "markdownDescription": "The format of the key pair.\n\nDefault: `pem`", - "title": "KeyFormat", + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your HDFS cluster.", + "title": "AgentArns", + "type": "array" + }, + "AuthenticationType": { + "markdownDescription": "", + "title": "AuthenticationType", "type": "string" }, - "KeyName": { - "markdownDescription": "A unique name for the key pair.\n\nConstraints: Up to 255 ASCII characters", - "title": "KeyName", + "BlockSize": { + "markdownDescription": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).", + "title": "BlockSize", + "type": "number" + }, + "KerberosKeytab": { + "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", + "title": "KerberosKeytab", "type": "string" }, - "KeyType": { - "markdownDescription": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n\nIf the `PublicKeyMaterial` property is specified, the `KeyType` property is ignored, and the key type is inferred from the `PublicKeyMaterial` value.\n\nDefault: `rsa`", - "title": "KeyType", + "KerberosKrb5Conf": { + "markdownDescription": "The `krb5.conf` file that contains the Kerberos configuration information. You can load the `krb5.conf` by providing a string of the file's contents or an Amazon S3 presigned URL of the file. If `KERBEROS` is specified for `AuthType` , this value is required.", + "title": "KerberosKrb5Conf", "type": "string" }, - "PublicKeyMaterial": { - "markdownDescription": "The public key material. The `PublicKeyMaterial` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", - "title": "PublicKeyMaterial", + "KerberosPrincipal": { + "markdownDescription": "The Kerberos principal with access to the files and folders on the HDFS cluster.\n\n> If `KERBEROS` is specified for `AuthenticationType` , this parameter is required.", + "title": "KerberosPrincipal", + "type": "string" + }, + "KmsKeyProviderUri": { + "markdownDescription": "The URI of the HDFS cluster's Key Management Server (KMS).", + "title": "KmsKeyProviderUri", + "type": "string" + }, + "NameNodes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.NameNode" + }, + "markdownDescription": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.", + "title": "NameNodes", + "type": "array" + }, + "QopConfiguration": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.QopConfiguration", + "markdownDescription": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value.", + "title": "QopConfiguration" + }, + "ReplicationFactor": { + "markdownDescription": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.", + "title": "ReplicationFactor", + "type": "number" + }, + "SimpleUser": { + "markdownDescription": "The user name used to identify the client on the host operating system.\n\n> If `SIMPLE` is specified for `AuthenticationType` , this parameter is required.", + "title": "SimpleUser", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to `/` .", + "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the key pair.", + "markdownDescription": "The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources.", "title": "Tags", "type": "array" } }, "required": [ - "KeyName" + "AgentArns", + "AuthenticationType", + "NameNodes" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::KeyPair" + "AWS::DataSync::LocationHDFS" ], "type": "string" }, @@ -72450,7 +79602,43 @@ ], "type": "object" }, - "AWS::EC2::LaunchTemplate": { + "AWS::DataSync::LocationHDFS.NameNode": { + "additionalProperties": false, + "properties": { + "Hostname": { + "markdownDescription": "The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.", + "title": "Hostname", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that the NameNode uses to listen to client requests.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Hostname", + "Port" + ], + "type": "object" + }, + "AWS::DataSync::LocationHDFS.QopConfiguration": { + "additionalProperties": false, + "properties": { + "DataTransferProtection": { + "markdownDescription": "The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your `dfs.data.transfer.protection` setting in the `hdfs-site.xml` file on your Hadoop cluster.", + "title": "DataTransferProtection", + "type": "string" + }, + "RpcProtection": { + "markdownDescription": "The Remote Procedure Call (RPC) protection setting configured on the HDFS cluster. This setting corresponds to your `hadoop.rpc.protection` setting in your `core-site.xml` file on your Hadoop cluster.", + "title": "RpcProtection", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationNFS": { "additionalProperties": false, "properties": { "Condition": { @@ -72485,38 +79673,43 @@ "Properties": { "additionalProperties": false, "properties": { - "LaunchTemplateData": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateData", - "markdownDescription": "The information for the launch template.", - "title": "LaunchTemplateData" + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationNFS.MountOptions", + "markdownDescription": "Specifies the options that DataSync can use to mount your NFS file server.", + "title": "MountOptions" }, - "LaunchTemplateName": { - "markdownDescription": "A name for the launch template.", - "title": "LaunchTemplateName", + "OnPremConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationNFS.OnPremConfig", + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", + "title": "OnPremConfig" + }, + "ServerHostname": { + "markdownDescription": "Specifies the DNS name or IP address (IPv4 or IPv6) of the NFS file server that your DataSync agent connects to.", + "title": "ServerHostname", "type": "string" }, - "TagSpecifications": { + "Subdirectory": { + "markdownDescription": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be `launch-template` .\n\nTo specify the tags for resources that are created during instance launch, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications) .", - "title": "TagSpecifications", + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "title": "Tags", "type": "array" - }, - "VersionDescription": { - "markdownDescription": "A description for the first version of the launch template.", - "title": "VersionDescription", - "type": "string" } }, "required": [ - "LaunchTemplateData" + "OnPremConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LaunchTemplate" + "AWS::DataSync::LocationNFS" ], "type": "string" }, @@ -72535,1136 +79728,1610 @@ ], "type": "object" }, - "AWS::EC2::LaunchTemplate.AcceleratorCount": { + "AWS::DataSync::LocationNFS.MountOptions": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "Version": { + "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", + "title": "Version", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB": { + "AWS::DataSync::LocationNFS.OnPremConfig": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the DataSync agents that can connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple DataSync agents](https://docs.aws.amazon.com/datasync/latest/userguide/do-i-need-datasync-agent.html#multiple-agents) .", + "title": "AgentArns", + "type": "array" } }, + "required": [ + "AgentArns" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps": { + "AWS::DataSync::LocationObjectStorage": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Condition": { + "type": "string" }, - "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::LaunchTemplate.BlockDeviceMapping": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, /dev/sdh or xvdh).", - "title": "DeviceName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ebs", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", - "title": "Ebs" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string.", - "title": "NoDevice", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessKey": { + "markdownDescription": "Specifies the access key (for example, a user name) if credentials are required to authenticate with the object storage server.", + "title": "AccessKey", + "type": "string" + }, + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "(Optional) Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.\n\n> Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.", + "title": "AgentArns", + "type": "array" + }, + "BucketName": { + "markdownDescription": "Specifies the name of the object storage bucket involved in the transfer.", + "title": "BucketName", + "type": "string" + }, + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationObjectStorage.CmkSecretConfig", + "markdownDescription": "Specifies configuration information for a DataSync-managed secret, which includes the `SecretKey` that DataSync uses to access a specific object storage location, with a customer-managed AWS KMS key .\n\nWhen you include this paramater as part of a `CreateLocationObjectStorage` request, you provide only the KMS key ARN. DataSync uses this KMS key together with the value you specify for the `SecretKey` parameter to create a DataSync-managed secret to store the location access credentials.\n\nMake sure the DataSync has permission to access the KMS key that you specify.\n\n> You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.", + "title": "CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationObjectStorage.CustomSecretConfig", + "markdownDescription": "Specifies configuration information for a customer-managed Secrets Manager secret where the secret key for a specific object storage location is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.\n\n> You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.", + "title": "CustomSecretConfig" + }, + "SecretKey": { + "markdownDescription": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.\n\n> If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.", + "title": "SecretKey", + "type": "string" + }, + "ServerCertificate": { + "markdownDescription": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", + "title": "ServerCertificate", + "type": "string" + }, + "ServerHostname": { + "markdownDescription": "Specifies the domain name or IP address (IPv4 or IPv6) of the object storage server that your DataSync agent connects to.", + "title": "ServerHostname", + "type": "string" + }, + "ServerPort": { + "markdownDescription": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", + "title": "ServerPort", + "type": "number" + }, + "ServerProtocol": { + "markdownDescription": "Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .", + "title": "ServerProtocol", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. Tags can help you manage, filter, and search for your resources. We recommend creating a name tag for your location.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataSync::LocationObjectStorage" + ], "type": "string" }, - "VirtualName": { - "markdownDescription": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.", - "title": "VirtualName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.CapacityReservationSpecification": { + "AWS::DataSync::LocationObjectStorage.CmkSecretConfig": { "additionalProperties": false, "properties": { - "CapacityReservationPreference": { - "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `capacity-reservations-only` - The instance will only run in a Capacity Reservation or Capacity Reservation group. If capacity isn't available, the instance will fail to launch.\n- `open` - The instance can run in any `open` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone, tenancy).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.", - "title": "CapacityReservationPreference", + "KmsKeyArn": { + "markdownDescription": "Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . DataSync provides this key to AWS Secrets Manager .", + "title": "KmsKeyArn", "type": "string" }, - "CapacityReservationTarget": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationTarget", - "markdownDescription": "Information about the target Capacity Reservation or Capacity Reservation group.", - "title": "CapacityReservationTarget" + "SecretArn": { + "markdownDescription": "Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` .", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.CapacityReservationTarget": { + "AWS::DataSync::LocationObjectStorage.CustomSecretConfig": { "additionalProperties": false, "properties": { - "CapacityReservationId": { - "markdownDescription": "The ID of the Capacity Reservation in which to run the instance.", - "title": "CapacityReservationId", + "SecretAccessRoleArn": { + "markdownDescription": "Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` .", + "title": "SecretAccessRoleArn", "type": "string" }, - "CapacityReservationResourceGroupArn": { - "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", - "title": "CapacityReservationResourceGroupArn", + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", "type": "string" } }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification": { + "AWS::DataSync::LocationObjectStorage.ManagedSecretConfig": { "additionalProperties": false, "properties": { - "TcpEstablishedTimeout": { - "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", - "title": "TcpEstablishedTimeout", - "type": "number" - }, - "UdpStreamTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", - "title": "UdpStreamTimeout", - "type": "number" - }, - "UdpTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", - "title": "UdpTimeout", - "type": "number" + "SecretArn": { + "markdownDescription": "Specifies the ARN for an AWS Secrets Manager secret.", + "title": "SecretArn", + "type": "string" } }, + "required": [ + "SecretArn" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.CpuOptions": { + "AWS::DataSync::LocationS3": { "additionalProperties": false, "properties": { - "AmdSevSnp": { - "markdownDescription": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html) .", - "title": "AmdSevSnp", + "Condition": { "type": "string" }, - "CoreCount": { - "markdownDescription": "The number of CPU cores for the instance.", - "title": "CoreCount", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ThreadsPerCore": { - "markdownDescription": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of `1` . Otherwise, specify the default value of `2` .", - "title": "ThreadsPerCore", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "S3BucketArn": { + "markdownDescription": "The ARN of the Amazon S3 bucket.", + "title": "S3BucketArn", + "type": "string" + }, + "S3Config": { + "$ref": "#/definitions/AWS::DataSync::LocationS3.S3Config", + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* .", + "title": "S3Config" + }, + "S3StorageClass": { + "markdownDescription": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. For buckets in AWS Regions , the storage class defaults to S3 Standard.\n\nFor more information about S3 storage classes, see [Amazon S3 Storage Classes](https://docs.aws.amazon.com/s3/storage-classes/) . Some storage classes have behaviors that can affect your S3 storage costs. For detailed information, see [Considerations When Working with Amazon S3 Storage Classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .", + "title": "S3StorageClass", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies a prefix in the S3 bucket that DataSync reads from or writes to (depending on whether the bucket is a source or destination location).\n\n> DataSync can't transfer objects with a prefix that begins with a slash ( `/` ) or includes `//` , `/./` , or `/../` patterns. For example:\n> \n> - `/photos`\n> - `photos//2006/January`\n> - `photos/./2006/February`\n> - `photos/../2006/March`", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "S3Config" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataSync::LocationS3" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.CreditSpecification": { + "AWS::DataSync::LocationS3.S3Config": { "additionalProperties": false, "properties": { - "CpuCredits": { - "markdownDescription": "The credit option for CPU usage of a T instance.\n\nValid values: `standard` | `unlimited`", - "title": "CpuCredits", + "BucketAccessRoleArn": { + "markdownDescription": "Specifies the ARN of the IAM role that DataSync uses to access your S3 bucket.", + "title": "BucketAccessRoleArn", "type": "string" } }, + "required": [ + "BucketAccessRoleArn" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.Ebs": { + "AWS::DataSync::LocationSMB": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is supported for `io1` , `io2` , and `gp3` volumes only.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.", - "title": "KmsKeyId", + "Condition": { "type": "string" }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.", - "title": "SnapshotId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Throughput": { - "markdownDescription": "The throughput to provision for a `gp3` volume, with a maximum of 1,000 MiB/s.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", - "title": "Throughput", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "VolumeSize", - "type": "number" + "Metadata": { + "type": "object" }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", - "title": "VolumeType", + "Properties": { + "additionalProperties": false, + "properties": { + "AgentArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).", + "title": "AgentArns", + "type": "array" + }, + "AuthenticationType": { + "markdownDescription": "", + "title": "AuthenticationType", + "type": "string" + }, + "DnsIpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "DnsIpAddresses", + "type": "array" + }, + "Domain": { + "markdownDescription": "Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nIf you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.", + "title": "Domain", + "type": "string" + }, + "KerberosKeytab": { + "markdownDescription": "", + "title": "KerberosKeytab", + "type": "string" + }, + "KerberosKrb5Conf": { + "markdownDescription": "", + "title": "KerberosKrb5Conf", + "type": "string" + }, + "KerberosPrincipal": { + "markdownDescription": "", + "title": "KerberosPrincipal", + "type": "string" + }, + "MountOptions": { + "$ref": "#/definitions/AWS::DataSync::LocationSMB.MountOptions", + "markdownDescription": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", + "title": "MountOptions" + }, + "Password": { + "markdownDescription": "Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if `AuthenticationType` is set to `NTLM` .", + "title": "Password", + "type": "string" + }, + "ServerHostname": { + "markdownDescription": "Specifies the domain name or IP address (IPv4 or IPv6) of the SMB file server that your DataSync agent connects to.\n\n> If you're using Kerberos authentication, you must specify a domain name.", + "title": "ServerHostname", + "type": "string" + }, + "Subdirectory": { + "markdownDescription": "Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example, `/path/to/subdirectory` ). Make sure that other SMB clients in your network can also mount this path.\n\nTo copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", + "title": "Subdirectory", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", + "title": "Tags", + "type": "array" + }, + "User": { + "markdownDescription": "Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if `AuthenticationType` is set to `NTLM` .\n\nFor information about choosing a user with the right level of access for your transfer, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .", + "title": "User", + "type": "string" + } + }, + "required": [ + "AgentArns" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataSync::LocationSMB" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.ElasticGpuSpecification": { + "AWS::DataSync::LocationSMB.MountOptions": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of Elastic Graphics accelerator.", - "title": "Type", + "Version": { + "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.EnaSrdSpecification": { + "AWS::DataSync::Task": { "additionalProperties": false, "properties": { - "EnaSrdEnabled": { - "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", - "title": "EnaSrdEnabled", - "type": "boolean" + "Condition": { + "type": "string" }, - "EnaSrdUdpSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification", - "markdownDescription": "Configures ENA Express for UDP network traffic.", - "title": "EnaSrdUdpSpecification" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CloudWatchLogGroupArn": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of an Amazon CloudWatch log group for monitoring your task.\n\nFor Enhanced mode tasks, you don't need to specify anything. DataSync automatically sends logs to a CloudWatch log group named `/aws/datasync` .\n\nFor more information, see [Monitoring data transfers with CloudWatch Logs](https://docs.aws.amazon.com/datasync/latest/userguide/configure-logging.html) .", + "title": "CloudWatchLogGroupArn", + "type": "string" + }, + "DestinationLocationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS storage resource's location.", + "title": "DestinationLocationArn", + "type": "string" + }, + "Excludes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" + }, + "markdownDescription": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", + "title": "Excludes", + "type": "array" + }, + "Includes": { + "items": { + "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" + }, + "markdownDescription": "Specifies include filters that define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", + "title": "Includes", + "type": "array" + }, + "ManifestConfig": { + "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfig", + "markdownDescription": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .", + "title": "ManifestConfig" + }, + "Name": { + "markdownDescription": "Specifies the name of your task.", + "title": "Name", + "type": "string" + }, + "Options": { + "$ref": "#/definitions/AWS::DataSync::Task.Options", + "markdownDescription": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options.", + "title": "Options" + }, + "Schedule": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskSchedule", + "markdownDescription": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) .", + "title": "Schedule" + }, + "SourceLocationArn": { + "markdownDescription": "Specifies the ARN of your transfer's source location.", + "title": "SourceLocationArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies the tags that you want to apply to your task.\n\n*Tags* are key-value pairs that help you manage, filter, and search for your DataSync resources.", + "title": "Tags", + "type": "array" + }, + "TaskMode": { + "markdownDescription": "The task mode that you're using. For more information, see [Choosing a task mode for your data transfer](https://docs.aws.amazon.com/datasync/latest/userguide/choosing-task-mode.html) .", + "title": "TaskMode", + "type": "string" + }, + "TaskReportConfig": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfig", + "markdownDescription": "The configuration of your task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .", + "title": "TaskReportConfig" + } + }, + "required": [ + "DestinationLocationArn", + "SourceLocationArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataSync::Task" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification": { + "AWS::DataSync::Task.Deleted": { "additionalProperties": false, "properties": { - "EnaSrdUdpEnabled": { - "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", - "title": "EnaSrdUdpEnabled", - "type": "boolean" + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.EnclaveOptions": { + "AWS::DataSync::Task.Destination": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", - "title": "Enabled", - "type": "boolean" + "S3": { + "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfigDestinationS3", + "markdownDescription": "", + "title": "S3" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.HibernationOptions": { + "AWS::DataSync::Task.FilterRule": { "additionalProperties": false, "properties": { - "Configured": { - "markdownDescription": "If you set this parameter to `true` , the instance is enabled for hibernation.\n\nDefault: `false`", - "title": "Configured", - "type": "boolean" + "FilterType": { + "markdownDescription": "The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type.", + "title": "FilterType", + "type": "string" + }, + "Value": { + "markdownDescription": "A single filter string that consists of the patterns to include or exclude. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.IamInstanceProfile": { + "AWS::DataSync::Task.ManifestConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", - "title": "Arn", + "Action": { + "markdownDescription": "Specifies what DataSync uses the manifest for.", + "title": "Action", "type": "string" }, - "Name": { - "markdownDescription": "The name of the instance profile.", - "title": "Name", + "Format": { + "markdownDescription": "Specifies the file format of your manifest. For more information, see [Creating a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-create) .", + "title": "Format", "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::DataSync::Task.Source", + "markdownDescription": "Specifies the manifest that you want DataSync to use and where it's hosted.\n\n> You must specify this parameter if you're configuring a new manifest on or after February 7, 2024.\n> \n> If you don't, you'll get a 400 status code and `ValidationException` error stating that you're missing the IAM role for DataSync to access the S3 bucket where you're hosting your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .", + "title": "Source" } }, + "required": [ + "Source" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.InstanceMarketOptions": { + "AWS::DataSync::Task.ManifestConfigSourceS3": { "additionalProperties": false, "properties": { - "MarketType": { - "markdownDescription": "The market type.", - "title": "MarketType", + "BucketAccessRoleArn": { + "markdownDescription": "", + "title": "BucketAccessRoleArn", "type": "string" }, - "SpotOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.SpotOptions", - "markdownDescription": "The options for Spot Instances.", - "title": "SpotOptions" + "ManifestObjectPath": { + "markdownDescription": "", + "title": "ManifestObjectPath", + "type": "string" + }, + "ManifestObjectVersionId": { + "markdownDescription": "", + "title": "ManifestObjectVersionId", + "type": "string" + }, + "S3BucketArn": { + "markdownDescription": "", + "title": "S3BucketArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.InstanceRequirements": { + "AWS::DataSync::Task.Options": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorCount", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" + "Atime": { + "markdownDescription": "A file metadata value that shows the last time that a file was accessed (that is, when the file was read or written to). If you set `Atime` to `BEST_EFFORT` , AWS DataSync attempts to preserve the original `Atime` attribute on all source files (that is, the version before the PREPARING phase). However, `Atime` 's behavior is not fully standard across platforms, so AWS DataSync can only do this on a best-effort basis.\n\nDefault value: `BEST_EFFORT`\n\n`BEST_EFFORT` : Attempt to preserve the per-file `Atime` value (recommended).\n\n`NONE` : Ignore `Atime` .\n\n> If `Atime` is set to `BEST_EFFORT` , `Mtime` must be set to `PRESERVE` .\n> \n> If `Atime` is set to `NONE` , `Mtime` must also be `NONE` .", + "title": "Atime", + "type": "string" }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" + "BytesPerSecond": { + "markdownDescription": "A value that limits the bandwidth used by AWS DataSync . For example, if you want AWS DataSync to use a maximum of 1 MB, set this value to `1048576` (=1024*1024).", + "title": "BytesPerSecond", + "type": "number" }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" + "Gid": { + "markdownDescription": "The group ID (GID) of the file's owners.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the user ID (UID) and group ID (GID) (recommended).\n\n`NAME` : Currently not supported.\n\n`NONE` : Ignore the UID and GID.", + "title": "Gid", + "type": "string" }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" + "LogLevel": { + "markdownDescription": "Specifies the type of logs that DataSync publishes to a Amazon CloudWatch Logs log group. To specify the log group, see [CloudWatchLogGroupArn](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html#DataSync-CreateTask-request-CloudWatchLogGroupArn) .\n\n- `BASIC` - Publishes logs with only basic information (such as transfer errors).\n- `TRANSFER` - Publishes logs for all files or objects that your DataSync task transfers and performs data-integrity checks on.\n- `OFF` - No logs are published.", + "title": "LogLevel", + "type": "string" }, - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", - "type": "array" + "Mtime": { + "markdownDescription": "A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. This option is required for cases when you need to run the same task more than one time.\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve original `Mtime` (recommended)\n\n`NONE` : Ignore `Mtime` .\n\n> If `Mtime` is set to `PRESERVE` , `Atime` must be set to `BEST_EFFORT` .\n> \n> If `Mtime` is set to `NONE` , `Atime` must also be set to `NONE` .", + "title": "Mtime", + "type": "string" }, - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", - "type": "array" + "ObjectTags": { + "markdownDescription": "Specifies whether you want DataSync to `PRESERVE` object tags (default behavior) when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the `NONE` value.", + "title": "ObjectTags", + "type": "string" }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", + "OverwriteMode": { + "markdownDescription": "Specifies whether DataSync should modify or preserve data at the destination location.\n\n- `ALWAYS` (default) - DataSync modifies data in the destination location when source data (including metadata) has changed.\n\nIf DataSync overwrites objects, you might incur additional charges for certain Amazon S3 storage classes (for example, for retrieval or early deletion). For more information, see [Storage class considerations with Amazon S3 transfers](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .\n- `NEVER` - DataSync doesn't overwrite data in the destination location even if the source data has changed. You can use this option to protect against overwriting changes made to files or objects in the destination.", + "title": "OverwriteMode", "type": "string" }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" + "PosixPermissions": { + "markdownDescription": "A value that determines which users or groups can access a file for a specific purpose, such as reading, writing, or execution of the file. This option should be set only for Network File System (NFS), Amazon EFS, and Amazon S3 locations. For more information about what metadata is copied by DataSync, see [Metadata Copied by DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html#metadata-copied) .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve POSIX-style permissions (recommended).\n\n`NONE` : Ignore permissions.\n\n> AWS DataSync can preserve extant permissions of a source location.", + "title": "PosixPermissions", + "type": "string" }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", + "PreserveDeletedFiles": { + "markdownDescription": "A value that specifies whether files in the destination that don't exist in the source file system are preserved. This option can affect your storage costs. If your task deletes objects, you might incur minimum storage duration charges for certain storage classes. For detailed information, see [Considerations when working with Amazon S3 storage classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) in the *AWS DataSync User Guide* .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Ignore destination files that aren't present in the source (recommended).\n\n`REMOVE` : Delete destination files that aren't present in the source.", + "title": "PreserveDeletedFiles", "type": "string" }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" - }, - "InstanceGenerations": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", - "type": "array" - }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", + "PreserveDevices": { + "markdownDescription": "A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and re-create the files with that device name and metadata on the destination. DataSync does not copy the contents of such devices, only the name and metadata.\n\n> AWS DataSync can't sync the actual contents of such devices, because they are nonterminal and don't return an end-of-file (EOF) marker. \n\nDefault value: `NONE`\n\n`NONE` : Ignore special devices (recommended).\n\n`PRESERVE` : Preserve character and block device metadata. This option isn't currently supported for Amazon EFS.", + "title": "PreserveDevices", "type": "string" }, - "LocalStorageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", - "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryMiB", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkBandwidthGbps", - "markdownDescription": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterfaceCount", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo turn off price protection, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" + "SecurityDescriptorCopyFlags": { + "markdownDescription": "A value that determines which components of the SMB security descriptor are copied from source to destination objects.\n\nThis value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. For more information about how DataSync handles metadata, see [How DataSync Handles Metadata and Special Files](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html) .\n\nDefault value: `OWNER_DACL`\n\n`OWNER_DACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n\nWhen you use option, DataSync does NOT copy the NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\n`OWNER_DACL_SACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n- NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\nCopying SACLs requires granting additional permissions to the Windows user that DataSync uses to access your SMB location. For information about choosing a user that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#SMBuser) .\n\n`NONE` : None of the SMB security descriptor components are copied. Destination objects are owned by the user that was provided for accessing the destination location. DACLs and SACLs are set based on the destination server\u2019s configuration.", + "title": "SecurityDescriptorCopyFlags", + "type": "string" }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" + "TaskQueueing": { + "markdownDescription": "Specifies whether your transfer tasks should be put into a queue during certain scenarios when [running multiple tasks](https://docs.aws.amazon.com/datasync/latest/userguide/run-task.html#running-multiple-tasks) . This is `ENABLED` by default.", + "title": "TaskQueueing", + "type": "string" }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" + "TransferMode": { + "markdownDescription": "A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing it to the destination location.\n\n`CHANGED` : DataSync copies only data or metadata that is new or different from the source location to the destination location.\n\n`ALL` : DataSync copies all source location content to the destination, without comparing it to existing content on the destination.", + "title": "TransferMode", + "type": "string" }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TotalLocalStorageGB", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" + "Uid": { + "markdownDescription": "The user ID (UID) of the file's owner.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the UID and group ID (GID) (recommended).\n\n`NAME` : Currently not supported\n\n`NONE` : Ignore the UID and GID.", + "title": "Uid", + "type": "string" }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.VCpuCount", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" + "VerifyMode": { + "markdownDescription": "A value that determines whether a data integrity verification is performed at the end of a task execution after all data and metadata have been transferred. For more information, see [Configure task settings](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html) .\n\nDefault value: `POINT_IN_TIME_CONSISTENT`\n\n`ONLY_FILES_TRANSFERRED` (recommended): Perform verification only on files that were transferred.\n\n`POINT_IN_TIME_CONSISTENT` : Scan the entire source and entire destination at the end of the transfer to verify that the source and destination are fully synchronized. This option isn't supported when transferring to S3 Glacier or S3 Glacier Deep Archive storage classes.\n\n`NONE` : No additional verification is done at the end of the transfer, but all data transmissions are integrity-checked with checksum verification during the transfer.", + "title": "VerifyMode", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification": { + "AWS::DataSync::Task.Overrides": { "additionalProperties": false, "properties": { - "Ipv4Prefix": { - "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", - "title": "Ipv4Prefix", - "type": "string" + "Deleted": { + "$ref": "#/definitions/AWS::DataSync::Task.Deleted", + "markdownDescription": "", + "title": "Deleted" + }, + "Skipped": { + "$ref": "#/definitions/AWS::DataSync::Task.Skipped", + "markdownDescription": "", + "title": "Skipped" + }, + "Transferred": { + "$ref": "#/definitions/AWS::DataSync::Task.Transferred", + "markdownDescription": "", + "title": "Transferred" + }, + "Verified": { + "$ref": "#/definitions/AWS::DataSync::Task.Verified", + "markdownDescription": "", + "title": "Verified" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv6Add": { + "AWS::DataSync::Task.Skipped": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", - "title": "Ipv6Address", + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification": { + "AWS::DataSync::Task.Source": { "additionalProperties": false, "properties": { - "Ipv6Prefix": { - "markdownDescription": "The IPv6 prefix.", - "title": "Ipv6Prefix", - "type": "string" + "S3": { + "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfigSourceS3", + "markdownDescription": "", + "title": "S3" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateData": { + "AWS::DataSync::Task.TaskReportConfig": { "additionalProperties": false, "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BlockDeviceMapping" - }, - "markdownDescription": "The block device mapping.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "CapacityReservationSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationSpecification", - "markdownDescription": "The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to `open` , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).", - "title": "CapacityReservationSpecification" - }, - "CpuOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CpuOptions", - "markdownDescription": "The CPU options for the instance. For more information, see [CPU options for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide* .", - "title": "CpuOptions" - }, - "CreditSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CreditSpecification", - "markdownDescription": "The credit option for CPU usage of the instance. Valid only for T instances.", - "title": "CreditSpecification" - }, - "DisableApiStop": { - "markdownDescription": "Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide* .", - "title": "DisableApiStop", - "type": "boolean" - }, - "DisableApiTermination": { - "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", - "title": "DisableApiTermination", - "type": "boolean" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticGpuSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ElasticGpuSpecification" - }, - "markdownDescription": "Deprecated.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", - "title": "ElasticGpuSpecifications", - "type": "array" - }, - "ElasticInferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator" - }, - "markdownDescription": "> Amazon Elastic Inference is no longer available. \n\nAn elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n\nYou cannot specify accelerators from different generations in the same request.", - "title": "ElasticInferenceAccelerators", - "type": "array" - }, - "EnclaveOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnclaveOptions", - "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *AWS Nitro Enclaves User Guide* .\n\nYou can't enable AWS Nitro Enclaves and hibernation on the same instance.", - "title": "EnclaveOptions" - }, - "HibernationOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.HibernationOptions", - "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .", - "title": "HibernationOptions" - }, - "IamInstanceProfile": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.IamInstanceProfile", - "markdownDescription": "The name or Amazon Resource Name (ARN) of an IAM instance profile.", - "title": "IamInstanceProfile" + "Destination": { + "$ref": "#/definitions/AWS::DataSync::Task.Destination", + "markdownDescription": "Specifies the Amazon S3 bucket where DataSync uploads your task report. For more information, see [Task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html#task-report-access) .", + "title": "Destination" }, - "ImageId": { - "markdownDescription": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n\nValid formats:\n\n- `ami-0ac394d6a3example`\n- `resolve:ssm:parameter-name`\n- `resolve:ssm:parameter-name:version-number`\n- `resolve:ssm:parameter-name:label`\n\nFor more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "ImageId", + "ObjectVersionIds": { + "markdownDescription": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you [enable versioning on your bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html) . Keep in mind that setting this to `INCLUDE` can increase the duration of your task execution.", + "title": "ObjectVersionIds", "type": "string" }, - "InstanceInitiatedShutdownBehavior": { - "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", - "title": "InstanceInitiatedShutdownBehavior", + "OutputType": { + "markdownDescription": "Specifies the type of task report that you want:\n\n- `SUMMARY_ONLY` : Provides necessary details about your task, including the number of files, objects, and directories transferred and transfer duration.\n- `STANDARD` : Provides complete details about your task, including a full list of files, objects, and directories that were transferred, skipped, verified, and more.", + "title": "OutputType", "type": "string" }, - "InstanceMarketOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceMarketOptions", - "markdownDescription": "The market (purchasing) option for the instances.", - "title": "InstanceMarketOptions" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceRequirements", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes.\n\nYou must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default.\n\nWhen you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.\n\nTo limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request:\n\n- `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.\n- `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .\n> \n> Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) , or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) AWS CloudFormation resource, you can't specify `InstanceRequirements` . \n\nFor more information, see [Specify attributes for instance type selection for EC2 Fleet or Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide* .", - "title": "InstanceRequirements" + "Overrides": { + "$ref": "#/definitions/AWS::DataSync::Task.Overrides", + "markdownDescription": "Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that DataSync attempted to delete in your destination location.", + "title": "Overrides" }, - "InstanceType": { - "markdownDescription": "The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nIf you specify `InstanceType` , you can't specify `InstanceRequirements` .", - "title": "InstanceType", + "ReportLevel": { + "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to transfer, skip, verify, and delete.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to transfer, skip, verify, and delete.", + "title": "ReportLevel", "type": "string" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.\n\nWe recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "KernelId", + } + }, + "required": [ + "Destination", + "OutputType" + ], + "type": "object" + }, + "AWS::DataSync::Task.TaskReportConfigDestinationS3": { + "additionalProperties": false, + "properties": { + "BucketAccessRoleArn": { + "markdownDescription": "", + "title": "BucketAccessRoleArn", "type": "string" }, - "KeyName": { - "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", - "title": "KeyName", + "S3BucketArn": { + "markdownDescription": "", + "title": "S3BucketArn", "type": "string" }, - "LicenseSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LicenseSpecification" - }, - "markdownDescription": "The license configurations.", - "title": "LicenseSpecifications", - "type": "array" - }, - "MaintenanceOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MaintenanceOptions", - "markdownDescription": "The maintenance options of your instance.", - "title": "MaintenanceOptions" - }, - "MetadataOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MetadataOptions", - "markdownDescription": "The metadata options for the instance. For more information, see [Configure the Instance Metadata Service options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html) in the *Amazon EC2 User Guide* .", - "title": "MetadataOptions" - }, - "Monitoring": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Monitoring", - "markdownDescription": "The monitoring for the instance.", - "title": "Monitoring" - }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterface" - }, - "markdownDescription": "The network interfaces for the instance.", - "title": "NetworkInterfaces", - "type": "array" - }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Placement", - "markdownDescription": "The placement for the instance.", - "title": "Placement" - }, - "PrivateDnsNameOptions": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateDnsNameOptions", - "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "PrivateDnsNameOptions" - }, - "RamDiskId": { - "markdownDescription": "The ID of the RAM disk.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", - "title": "RamDiskId", + "Subdirectory": { + "markdownDescription": "", + "title": "Subdirectory", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::Task.TaskSchedule": { + "additionalProperties": false, + "properties": { + "ScheduleExpression": { + "markdownDescription": "Specifies your task schedule by using a cron or rate expression.\n\nUse cron expressions for task schedules that run on a specific time and day. For example, the following cron expression creates a task schedule that runs at 8 AM on the first Wednesday of every month:\n\n`cron(0 8 * * 3#1)`\n\nUse rate expressions for task schedules that run on a regular interval. For example, the following rate expression creates a task schedule that runs every 12 hours:\n\n`rate(12 hours)`\n\nFor information about cron and rate expression syntax, see the [*Amazon EventBridge User Guide*](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-scheduled-rule-pattern.html) .", + "title": "ScheduleExpression", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", - "title": "SecurityGroups", - "type": "array" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TagSpecification" - }, - "markdownDescription": "The tags to apply to resources that are created during instance launch.\n\nTo tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications) .", - "title": "TagSpecifications", - "type": "array" - }, - "UserData": { - "markdownDescription": "The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands when you launch an EC2 instance with user data input](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide* .\n\nIf you are creating the launch template for use with AWS Batch , the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive) . For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html#lt-user-data) in the *AWS Batch User Guide* .", - "title": "UserData", + "Status": { + "markdownDescription": "Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to pause a recurring transfer to fix an issue with your task or perform maintenance on your storage system.\n\nDataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see [TaskScheduleDetails](https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html) .", + "title": "Status", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator": { + "AWS::DataSync::Task.Transferred": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "The number of elastic inference accelerators to attach to the instance.\n\nDefault: 1", - "title": "Count", - "type": "number" - }, - "Type": { - "markdownDescription": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.", - "title": "Type", + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification": { + "AWS::DataSync::Task.Verified": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource. To tag a launch template, `ResourceType` must be `launch-template` .", - "title": "ResourceType", + "ReportLevel": { + "markdownDescription": "", + "title": "ReportLevel", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the resource.", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.LicenseSpecification": { + "AWS::DataZone::Connection": { "additionalProperties": false, "properties": { - "LicenseConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", - "title": "LicenseConfigurationArn", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsLocation": { + "$ref": "#/definitions/AWS::DataZone::Connection.AwsLocation", + "markdownDescription": "The location where the connection is created.", + "title": "AwsLocation" + }, + "Description": { + "markdownDescription": "Connection description.", + "title": "Description", + "type": "string" + }, + "DomainIdentifier": { + "markdownDescription": "The ID of the domain where the connection is created.", + "title": "DomainIdentifier", + "type": "string" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The ID of the environment where the connection is created.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the connection.", + "title": "Name", + "type": "string" + }, + "Props": { + "$ref": "#/definitions/AWS::DataZone::Connection.ConnectionPropertiesInput", + "markdownDescription": "Connection props.", + "title": "Props" + } + }, + "required": [ + "DomainIdentifier", + "EnvironmentIdentifier", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataZone::Connection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.MaintenanceOptions": { + "AWS::DataZone::Connection.AthenaPropertiesInput": { "additionalProperties": false, "properties": { - "AutoRecovery": { - "markdownDescription": "Disables the automatic recovery behavior of your instance or sets it to default.", - "title": "AutoRecovery", + "WorkgroupName": { + "markdownDescription": "The Amazon Athena workgroup name of a connection.", + "title": "WorkgroupName", "type": "string" } }, + "required": [ + "WorkgroupName" + ], "type": "object" }, - "AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu": { + "AWS::DataZone::Connection.AuthenticationConfigurationInput": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "AuthenticationType": { + "markdownDescription": "The authentication type of a connection.", + "title": "AuthenticationType", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "BasicAuthenticationCredentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.BasicAuthenticationCredentials", + "markdownDescription": "The basic authentication credentials of a connection.", + "title": "BasicAuthenticationCredentials" + }, + "CustomAuthenticationCredentials": { + "additionalProperties": true, + "markdownDescription": "The custom authentication credentials of a connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "CustomAuthenticationCredentials", + "type": "object" + }, + "KmsKeyArn": { + "markdownDescription": "The KMS key ARN of a connection.", + "title": "KmsKeyArn", + "type": "string" + }, + "OAuth2Properties": { + "$ref": "#/definitions/AWS::DataZone::Connection.OAuth2Properties", + "markdownDescription": "The oAuth2 properties of a connection.", + "title": "OAuth2Properties" + }, + "SecretArn": { + "markdownDescription": "The secret ARN of a connection.", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.MemoryMiB": { + "AWS::DataZone::Connection.AuthorizationCodeProperties": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "AuthorizationCode": { + "markdownDescription": "The authorization code of a connection.", + "title": "AuthorizationCode", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" + "RedirectUri": { + "markdownDescription": "The redirect URI of a connection.", + "title": "RedirectUri", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.MetadataOptions": { + "AWS::DataZone::Connection.AwsLocation": { "additionalProperties": false, "properties": { - "HttpEndpoint": { - "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is `enabled` .\n\n> If you specify a value of `disabled` , you will not be able to access your instance metadata.", - "title": "HttpEndpoint", + "AccessRole": { + "markdownDescription": "The access role of a connection.", + "title": "AccessRole", "type": "string" }, - "HttpProtocolIpv6": { - "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", - "title": "HttpProtocolIpv6", + "AwsAccountId": { + "markdownDescription": "The account ID of a connection.", + "title": "AwsAccountId", "type": "string" }, - "HttpPutResponseHopLimit": { - "markdownDescription": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n\nDefault: `1`\n\nPossible values: Integers from 1 to 64", - "title": "HttpPutResponseHopLimit", - "type": "number" - }, - "HttpTokens": { - "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials.\n- `required` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.\n\nDefault: If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , the default is `required` .", - "title": "HttpTokens", + "AwsRegion": { + "markdownDescription": "The Region of a connection.", + "title": "AwsRegion", "type": "string" }, - "InstanceMetadataTags": { - "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [View tags for your EC2 instances using instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/work-with-tags-in-IMDS.html) .\n\nDefault: `disabled`", - "title": "InstanceMetadataTags", + "IamConnectionId": { + "markdownDescription": "The IAM connection ID of a connection.", + "title": "IamConnectionId", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Monitoring": { + "AWS::DataZone::Connection.BasicAuthenticationCredentials": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled.", - "title": "Enabled", - "type": "boolean" + "Password": { + "markdownDescription": "The password for a connection.", + "title": "Password", + "type": "string" + }, + "UserName": { + "markdownDescription": "The user name for the connecion.", + "title": "UserName", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.NetworkBandwidthGbps": { + "AWS::DataZone::Connection.ConnectionPropertiesInput": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "AthenaProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.AthenaPropertiesInput", + "markdownDescription": "The Amazon Athena properties of a connection.", + "title": "AthenaProperties" }, - "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit.", - "title": "Min", - "type": "number" + "GlueProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.GluePropertiesInput", + "markdownDescription": "The AWS Glue properties of a connection.", + "title": "GlueProperties" + }, + "HyperPodProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.HyperPodPropertiesInput", + "markdownDescription": "The hyper pod properties of a connection.", + "title": "HyperPodProperties" + }, + "IamProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.IamPropertiesInput", + "markdownDescription": "The IAM properties of a connection.", + "title": "IamProperties" + }, + "RedshiftProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftPropertiesInput", + "markdownDescription": "The Amazon Redshift properties of a connection.", + "title": "RedshiftProperties" + }, + "SparkEmrProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkEmrPropertiesInput", + "markdownDescription": "The Spark EMR properties of a connection.", + "title": "SparkEmrProperties" + }, + "SparkGlueProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkGluePropertiesInput", + "markdownDescription": "The Spark AWS Glue properties of a connection.", + "title": "SparkGlueProperties" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.NetworkInterface": { + "AWS::DataZone::Connection.GlueConnectionInput": { "additionalProperties": false, "properties": { - "AssociateCarrierIpAddress": { - "markdownDescription": "Associates a Carrier IP address with eth0 for a new network interface.\n\nUse this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", - "title": "AssociateCarrierIpAddress", - "type": "boolean" + "AthenaProperties": { + "additionalProperties": true, + "markdownDescription": "The Amazon Athena properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AthenaProperties", + "type": "object" }, - "AssociatePublicIpAddress": { - "markdownDescription": "Associates a public IPv4 address with eth0 for a new network interface.\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::DataZone::Connection.AuthenticationConfigurationInput", + "markdownDescription": "The authentication configuration of the AWS Glue connection.", + "title": "AuthenticationConfiguration" }, - "ConnectionTrackingSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification", - "markdownDescription": "A connection tracking specification for the network interface.", - "title": "ConnectionTrackingSpecification" + "ConnectionProperties": { + "additionalProperties": true, + "markdownDescription": "The connection properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConnectionProperties", + "type": "object" }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", - "title": "DeleteOnTermination", - "type": "boolean" + "ConnectionType": { + "markdownDescription": "The connection type of the AWS Glue connection.", + "title": "ConnectionType", + "type": "string" }, "Description": { - "markdownDescription": "A description for the network interface.", + "markdownDescription": "The description of the AWS Glue connection.", "title": "Description", "type": "string" }, - "DeviceIndex": { - "markdownDescription": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", - "title": "DeviceIndex", - "type": "number" - }, - "EnaSrdSpecification": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdSpecification", - "markdownDescription": "The ENA Express configuration for the network interface.", - "title": "EnaSrdSpecification" - }, - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more security groups.", - "title": "Groups", - "type": "array" + "MatchCriteria": { + "markdownDescription": "The match criteria of the AWS Glue connection.", + "title": "MatchCriteria", + "type": "string" }, - "InterfaceType": { - "markdownDescription": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa` or `efa` . For more information, see [Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide* .\n\nIf you are not creating an EFA, specify `interface` or omit this parameter.\n\nIf you specify `efa-only` , do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses.\n\nValid values: `interface` | `efa` | `efa-only`", - "title": "InterfaceType", + "Name": { + "markdownDescription": "The name of the AWS Glue connection.", + "title": "Name", "type": "string" }, - "Ipv4PrefixCount": { - "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv4Prefix` option.", - "title": "Ipv4PrefixCount", - "type": "number" + "PhysicalConnectionRequirements": { + "$ref": "#/definitions/AWS::DataZone::Connection.PhysicalConnectionRequirements", + "markdownDescription": "The physical connection requirements for the AWS Glue connection.", + "title": "PhysicalConnectionRequirements" }, - "Ipv4Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification" + "PythonProperties": { + "additionalProperties": true, + "markdownDescription": "The Python properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv4PrefixCount` option.", - "title": "Ipv4Prefixes", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.", - "title": "Ipv6AddressCount", - "type": "number" + "title": "PythonProperties", + "type": "object" }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6Add" + "SparkProperties": { + "additionalProperties": true, + "markdownDescription": "The Spark properties of the AWS Glue connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", - "title": "Ipv6Addresses", - "type": "array" + "title": "SparkProperties", + "type": "object" }, - "Ipv6PrefixCount": { - "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv6Prefix` option.", - "title": "Ipv6PrefixCount", - "type": "number" + "ValidateCredentials": { + "markdownDescription": "Speciefies whether to validate credentials of the AWS Glue connection.", + "title": "ValidateCredentials", + "type": "boolean" }, - "Ipv6Prefixes": { + "ValidateForComputeEnvironments": { "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification" + "type": "string" }, - "markdownDescription": "One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv6PrefixCount` option.", - "title": "Ipv6Prefixes", + "markdownDescription": "Speciefies whether to validate for compute environments of the AWS Glue connection.", + "title": "ValidateForComputeEnvironments", "type": "array" - }, - "NetworkCardIndex": { - "markdownDescription": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.", - "title": "NetworkCardIndex", - "type": "number" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.GlueOAuth2Credentials": { + "additionalProperties": false, + "properties": { + "AccessToken": { + "markdownDescription": "The access token of a connection.", + "title": "AccessToken", "type": "string" }, - "PrimaryIpv6": { - "markdownDescription": "The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) .", - "title": "PrimaryIpv6", - "type": "boolean" - }, - "PrivateIpAddress": { - "markdownDescription": "The primary private IPv4 address of the network interface.", - "title": "PrivateIpAddress", + "JwtToken": { + "markdownDescription": "The jwt token of the connection.", + "title": "JwtToken", "type": "string" }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateIpAdd" - }, - "markdownDescription": "One or more private IPv4 addresses.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" + "RefreshToken": { + "markdownDescription": "The refresh token of the connection.", + "title": "RefreshToken", + "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet for the network interface.", - "title": "SubnetId", + "UserManagedClientApplicationClientSecret": { + "markdownDescription": "The user managed client application client secret of the connection.", + "title": "UserManagedClientApplicationClientSecret", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.NetworkInterfaceCount": { + "AWS::DataZone::Connection.GluePropertiesInput": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "GlueConnectionInput": { + "$ref": "#/definitions/AWS::DataZone::Connection.GlueConnectionInput", + "markdownDescription": "The AWS Glue connection.", + "title": "GlueConnectionInput" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.Placement": { + "AWS::DataZone::Connection.HyperPodPropertiesInput": { "additionalProperties": false, "properties": { - "Affinity": { - "markdownDescription": "The affinity setting for an instance on a Dedicated Host.", - "title": "Affinity", + "ClusterName": { + "markdownDescription": "The cluster name the hyper pod properties.", + "title": "ClusterName", "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", + } + }, + "required": [ + "ClusterName" + ], + "type": "object" + }, + "AWS::DataZone::Connection.IamPropertiesInput": { + "additionalProperties": false, + "properties": { + "GlueLineageSyncEnabled": { + "markdownDescription": "Specifies whether AWS Glue lineage sync is enabled for a connection.", + "title": "GlueLineageSyncEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.LineageSyncSchedule": { + "additionalProperties": false, + "properties": { + "Schedule": { + "markdownDescription": "The lineage sync schedule.", + "title": "Schedule", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.OAuth2ClientApplication": { + "additionalProperties": false, + "properties": { + "AWSManagedClientApplicationReference": { + "markdownDescription": "The AWS managed client application reference in the OAuth2Client application.", + "title": "AWSManagedClientApplicationReference", "type": "string" }, - "GroupId": { - "markdownDescription": "The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group.", - "title": "GroupId", + "UserManagedClientApplicationClientId": { + "markdownDescription": "The user managed client application client ID in the OAuth2Client application.", + "title": "UserManagedClientApplicationClientId", "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.OAuth2Properties": { + "additionalProperties": false, + "properties": { + "AuthorizationCodeProperties": { + "$ref": "#/definitions/AWS::DataZone::Connection.AuthorizationCodeProperties", + "markdownDescription": "The authorization code properties of the OAuth2 properties.", + "title": "AuthorizationCodeProperties" }, - "GroupName": { - "markdownDescription": "The name of the placement group for the instance.", - "title": "GroupName", + "OAuth2ClientApplication": { + "$ref": "#/definitions/AWS::DataZone::Connection.OAuth2ClientApplication", + "markdownDescription": "The OAuth2 client application of the OAuth2 properties.", + "title": "OAuth2ClientApplication" + }, + "OAuth2Credentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.GlueOAuth2Credentials", + "markdownDescription": "The OAuth2 credentials of the OAuth2 properties.", + "title": "OAuth2Credentials" + }, + "OAuth2GrantType": { + "markdownDescription": "The OAuth2 grant type of the OAuth2 properties.", + "title": "OAuth2GrantType", "type": "string" }, - "HostId": { - "markdownDescription": "The ID of the Dedicated Host for the instance.", - "title": "HostId", + "TokenUrl": { + "markdownDescription": "The OAuth2 token URL of the OAuth2 properties.", + "title": "TokenUrl", "type": "string" }, - "HostResourceGroupArn": { - "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", - "title": "HostResourceGroupArn", + "TokenUrlParametersMap": { + "additionalProperties": true, + "markdownDescription": "The OAuth2 token URL parameter map of the OAuth2 properties.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TokenUrlParametersMap", + "type": "object" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.PhysicalConnectionRequirements": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The availability zone of the physical connection requirements of a connection.", + "title": "AvailabilityZone", "type": "string" }, - "PartitionNumber": { - "markdownDescription": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to `partition` .", - "title": "PartitionNumber", - "type": "number" + "SecurityGroupIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "The group ID list of the physical connection requirements of a connection.", + "title": "SecurityGroupIdList", + "type": "array" }, - "SpreadDomain": { - "markdownDescription": "Reserved for future use.", - "title": "SpreadDomain", + "SubnetId": { + "markdownDescription": "The subnet ID of the physical connection requirements of a connection.", + "title": "SubnetId", "type": "string" }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware.", - "title": "Tenancy", + "SubnetIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet ID list of the physical connection requirements of a connection.", + "title": "SubnetIdList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftCredentials": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "markdownDescription": "The secret ARN of the Amazon Redshift credentials of a connection.", + "title": "SecretArn", "type": "string" + }, + "UsernamePassword": { + "$ref": "#/definitions/AWS::DataZone::Connection.UsernamePassword", + "markdownDescription": "The username and password of the Amazon Redshift credentials of a connection.", + "title": "UsernamePassword" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.PrivateDnsNameOptions": { + "AWS::DataZone::Connection.RedshiftLineageSyncConfigurationInput": { "additionalProperties": false, "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", - "title": "EnableResourceNameDnsAAAARecord", + "Enabled": { + "markdownDescription": "Specifies whether the Amaon Redshift lineage sync configuration is enabled.", + "title": "Enabled", "type": "boolean" }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" + "Schedule": { + "$ref": "#/definitions/AWS::DataZone::Connection.LineageSyncSchedule", + "markdownDescription": "The schedule of the Amaon Redshift lineage sync configuration.", + "title": "Schedule" + } + }, + "type": "object" + }, + "AWS::DataZone::Connection.RedshiftPropertiesInput": { + "additionalProperties": false, + "properties": { + "Credentials": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftCredentials", + "markdownDescription": "The Amaon Redshift credentials.", + "title": "Credentials" }, - "HostnameType": { - "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "HostnameType", + "DatabaseName": { + "markdownDescription": "The Amazon Redshift database name.", + "title": "DatabaseName", + "type": "string" + }, + "Host": { + "markdownDescription": "The Amazon Redshift host.", + "title": "Host", "type": "string" + }, + "LineageSync": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftLineageSyncConfigurationInput", + "markdownDescription": "The lineage sync of the Amazon Redshift.", + "title": "LineageSync" + }, + "Port": { + "markdownDescription": "The Amaon Redshift port.", + "title": "Port", + "type": "number" + }, + "Storage": { + "$ref": "#/definitions/AWS::DataZone::Connection.RedshiftStorageProperties", + "markdownDescription": "The Amazon Redshift storage.", + "title": "Storage" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.PrivateIpAdd": { + "AWS::DataZone::Connection.RedshiftStorageProperties": { "additionalProperties": false, "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" + "ClusterName": { + "markdownDescription": "The cluster name in the Amazon Redshift storage properties.", + "title": "ClusterName", + "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", + "WorkgroupName": { + "markdownDescription": "The workgroup name in the Amazon Redshift storage properties.", + "title": "WorkgroupName", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.SpotOptions": { + "AWS::DataZone::Connection.SparkEmrPropertiesInput": { "additionalProperties": false, "properties": { - "BlockDurationMinutes": { - "markdownDescription": "Deprecated.", - "title": "BlockDurationMinutes", - "type": "number" + "ComputeArn": { + "markdownDescription": "The compute ARN of Spark EMR.", + "title": "ComputeArn", + "type": "string" }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", - "title": "InstanceInterruptionBehavior", + "InstanceProfileArn": { + "markdownDescription": "The instance profile ARN of Spark EMR.", + "title": "InstanceProfileArn", "type": "string" }, - "MaxPrice": { - "markdownDescription": "The maximum hourly price you're willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. If you do specify this parameter, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message when the launch template is used to launch an instance.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "MaxPrice", + "JavaVirtualEnv": { + "markdownDescription": "The java virtual env of the Spark EMR.", + "title": "JavaVirtualEnv", "type": "string" }, - "SpotInstanceType": { - "markdownDescription": "The Spot Instance request type.\n\nIf you are using Spot Instances with an Auto Scaling group, use `one-time` requests, as the Amazon EC2 Auto Scaling service handles requesting new Spot Instances whenever the group is below its desired capacity.", - "title": "SpotInstanceType", + "LogUri": { + "markdownDescription": "The log URI of the Spark EMR.", + "title": "LogUri", "type": "string" }, - "ValidUntil": { - "markdownDescription": "The end date of the request, in UTC format ( *YYYY-MM-DD* T *HH:MM:SS* Z). Supported only for persistent requests.\n\n- For a persistent request, the request remains active until the `ValidUntil` date and time is reached. Otherwise, the request remains active until you cancel it.\n- For a one-time request, `ValidUntil` is not supported. The request remains active until all instances launch or you cancel the request.\n\nDefault: 7 days from the current date", - "title": "ValidUntil", + "PythonVirtualEnv": { + "markdownDescription": "The Python virtual env of the Spark EMR.", + "title": "PythonVirtualEnv", + "type": "string" + }, + "RuntimeRole": { + "markdownDescription": "The runtime role of the Spark EMR.", + "title": "RuntimeRole", + "type": "string" + }, + "TrustedCertificatesS3Uri": { + "markdownDescription": "The certificates S3 URI of the Spark EMR.", + "title": "TrustedCertificatesS3Uri", "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.TagSpecification": { + "AWS::DataZone::Connection.SparkGlueArgs": { "additionalProperties": false, "properties": { - "ResourceType": { - "markdownDescription": "The type of resource to tag. You can specify tags for the following resource types only: `instance` | `volume` | `network-interface` | `spot-instances-request` . If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume.\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", - "title": "ResourceType", + "Connection": { + "markdownDescription": "The connection in the Spark AWS Glue args.", + "title": "Connection", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the resource.", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.TotalLocalStorageGB": { + "AWS::DataZone::Connection.SparkGluePropertiesInput": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", + "AdditionalArgs": { + "$ref": "#/definitions/AWS::DataZone::Connection.SparkGlueArgs", + "markdownDescription": "The additional args in the Spark AWS Glue properties.", + "title": "AdditionalArgs" + }, + "GlueConnectionName": { + "markdownDescription": "The AWS Glue connection name in the Spark AWS Glue properties.", + "title": "GlueConnectionName", + "type": "string" + }, + "GlueVersion": { + "markdownDescription": "The AWS Glue version in the Spark AWS Glue properties.", + "title": "GlueVersion", + "type": "string" + }, + "IdleTimeout": { + "markdownDescription": "The idle timeout in the Spark AWS Glue properties.", + "title": "IdleTimeout", "type": "number" }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", + "JavaVirtualEnv": { + "markdownDescription": "The Java virtual env in the Spark AWS Glue properties.", + "title": "JavaVirtualEnv", + "type": "string" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers in the Spark AWS Glue properties.", + "title": "NumberOfWorkers", "type": "number" + }, + "PythonVirtualEnv": { + "markdownDescription": "The Python virtual env in the Spark AWS Glue properties.", + "title": "PythonVirtualEnv", + "type": "string" + }, + "WorkerType": { + "markdownDescription": "The worker type in the Spark AWS Glue properties.", + "title": "WorkerType", + "type": "string" } }, "type": "object" }, - "AWS::EC2::LaunchTemplate.VCpuCount": { + "AWS::DataZone::Connection.UsernamePassword": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "Password": { + "markdownDescription": "The password of a connection.", + "title": "Password", + "type": "string" }, - "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" + "Username": { + "markdownDescription": "The username of a connection.", + "title": "Username", + "type": "string" } }, + "required": [ + "Password", + "Username" + ], "type": "object" }, - "AWS::EC2::LocalGatewayRoute": { + "AWS::DataZone::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -73699,55 +81366,365 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidrBlock", + "AssetFormsInput": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.FormInput" + }, + "markdownDescription": "The metadata forms attached to the assets that the data source works with.", + "title": "AssetFormsInput", + "type": "array" + }, + "Configuration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.DataSourceConfigurationInput", + "markdownDescription": "The configuration of the data source.", + "title": "Configuration" + }, + "ConnectionIdentifier": { + "markdownDescription": "", + "title": "ConnectionIdentifier", "type": "string" }, - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "Description": { + "markdownDescription": "The description of the data source.", + "title": "Description", "type": "string" }, - "LocalGatewayVirtualInterfaceGroupId": { - "markdownDescription": "The ID of the virtual interface group.", - "title": "LocalGatewayVirtualInterfaceGroupId", + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain where the data source is created.", + "title": "DomainIdentifier", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", + "EnableSetting": { + "markdownDescription": "Specifies whether the data source is enabled.", + "title": "EnableSetting", "type": "string" - } - }, - "required": [ - "DestinationCidrBlock", - "LocalGatewayRouteTableId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::LocalGatewayRoute" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the data source.", + "title": "Name", + "type": "string" + }, + "ProjectIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone project in which you want to add this data source.", + "title": "ProjectIdentifier", + "type": "string" + }, + "PublishOnImport": { + "markdownDescription": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog.", + "title": "PublishOnImport", + "type": "boolean" + }, + "Recommendation": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RecommendationConfiguration", + "markdownDescription": "Specifies whether the business name generation is to be enabled for this data source.", + "title": "Recommendation" + }, + "Schedule": { + "$ref": "#/definitions/AWS::DataZone::DataSource.ScheduleConfiguration", + "markdownDescription": "The schedule of the data source runs.", + "title": "Schedule" + }, + "Type": { + "markdownDescription": "The type of the data source. In Amazon DataZone, you can use data sources to import technical metadata of assets (data) from the source databases or data warehouses into Amazon DataZone. In the current release of Amazon DataZone, you can create and run data sources for AWS Glue and Amazon Redshift.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "DomainIdentifier", + "Name", + "ProjectIdentifier", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DataZone::DataSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, "required": [ "Type", "Properties" ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTable": { + "AWS::DataZone::DataSource.DataSourceConfigurationInput": { + "additionalProperties": false, + "properties": { + "GlueRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.GlueRunConfigurationInput", + "markdownDescription": "The configuration of the AWS Glue data source.", + "title": "GlueRunConfiguration" + }, + "RedshiftRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftRunConfigurationInput", + "markdownDescription": "The configuration of the Amazon Redshift data source.", + "title": "RedshiftRunConfiguration" + }, + "SageMakerRunConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.SageMakerRunConfigurationInput", + "markdownDescription": "", + "title": "SageMakerRunConfiguration" + } + }, + "type": "object" + }, + "AWS::DataZone::DataSource.FilterExpression": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The search filter expression.", + "title": "Expression", + "type": "string" + }, + "Type": { + "markdownDescription": "The search filter explresison type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Expression", + "Type" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.FormInput": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "", + "title": "Content", + "type": "string" + }, + "FormName": { + "markdownDescription": "", + "title": "FormName", + "type": "string" + }, + "TypeIdentifier": { + "markdownDescription": "", + "title": "TypeIdentifier", + "type": "string" + }, + "TypeRevision": { + "markdownDescription": "", + "title": "TypeRevision", + "type": "string" + } + }, + "required": [ + "FormName" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.GlueRunConfigurationInput": { + "additionalProperties": false, + "properties": { + "AutoImportDataQualityResult": { + "markdownDescription": "Specifies whether to automatically import data quality metrics as part of the data source run.", + "title": "AutoImportDataQualityResult", + "type": "boolean" + }, + "CatalogName": { + "markdownDescription": "", + "title": "CatalogName", + "type": "string" + }, + "DataAccessRole": { + "markdownDescription": "The data access role included in the configuration details of the AWS Glue data source.", + "title": "DataAccessRole", + "type": "string" + }, + "RelationalFilterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" + }, + "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", + "title": "RelationalFilterConfigurations", + "type": "array" + } + }, + "required": [ + "RelationalFilterConfigurations" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RecommendationConfiguration": { + "additionalProperties": false, + "properties": { + "EnableBusinessNameGeneration": { + "markdownDescription": "Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration.", + "title": "EnableBusinessNameGeneration", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftClusterStorage": { + "additionalProperties": false, + "properties": { + "ClusterName": { + "markdownDescription": "The name of an Amazon Redshift cluster.", + "title": "ClusterName", + "type": "string" + } + }, + "required": [ + "ClusterName" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftCredentialConfiguration": { + "additionalProperties": false, + "properties": { + "SecretManagerArn": { + "markdownDescription": "The ARN of a secret manager for an Amazon Redshift cluster.", + "title": "SecretManagerArn", + "type": "string" + } + }, + "required": [ + "SecretManagerArn" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftRunConfigurationInput": { + "additionalProperties": false, + "properties": { + "DataAccessRole": { + "markdownDescription": "The data access role included in the configuration details of the Amazon Redshift data source.", + "title": "DataAccessRole", + "type": "string" + }, + "RedshiftCredentialConfiguration": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftCredentialConfiguration", + "markdownDescription": "The details of the credentials required to access an Amazon Redshift cluster.", + "title": "RedshiftCredentialConfiguration" + }, + "RedshiftStorage": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftStorage", + "markdownDescription": "The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run.", + "title": "RedshiftStorage" + }, + "RelationalFilterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" + }, + "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", + "title": "RelationalFilterConfigurations", + "type": "array" + } + }, + "required": [ + "RelationalFilterConfigurations" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftServerlessStorage": { + "additionalProperties": false, + "properties": { + "WorkgroupName": { + "markdownDescription": "The name of the Amazon Redshift Serverless workgroup.", + "title": "WorkgroupName", + "type": "string" + } + }, + "required": [ + "WorkgroupName" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.RedshiftStorage": { + "additionalProperties": false, + "properties": { + "RedshiftClusterSource": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftClusterStorage", + "markdownDescription": "The details of the Amazon Redshift cluster source.", + "title": "RedshiftClusterSource" + }, + "RedshiftServerlessSource": { + "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftServerlessStorage", + "markdownDescription": "The details of the Amazon Redshift Serverless workgroup source.", + "title": "RedshiftServerlessSource" + } + }, + "type": "object" + }, + "AWS::DataZone::DataSource.RelationalFilterConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The database name specified in the relational filter configuration for the data source.", + "title": "DatabaseName", + "type": "string" + }, + "FilterExpressions": { + "items": { + "$ref": "#/definitions/AWS::DataZone::DataSource.FilterExpression" + }, + "markdownDescription": "The filter expressions specified in the relational filter configuration for the data source.", + "title": "FilterExpressions", + "type": "array" + }, + "SchemaName": { + "markdownDescription": "The schema name specified in the relational filter configuration for the data source.", + "title": "SchemaName", + "type": "string" + } + }, + "required": [ + "DatabaseName" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.SageMakerRunConfigurationInput": { + "additionalProperties": false, + "properties": { + "TrackingAssets": { + "markdownDescription": "", + "title": "TrackingAssets", + "type": "object" + } + }, + "required": [ + "TrackingAssets" + ], + "type": "object" + }, + "AWS::DataZone::DataSource.ScheduleConfiguration": { + "additionalProperties": false, + "properties": { + "Schedule": { + "markdownDescription": "The schedule of the data source runs.", + "title": "Schedule", + "type": "string" + }, + "Timezone": { + "markdownDescription": "The timezone of the data source run.", + "title": "Timezone", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -73782,33 +81759,59 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayId": { - "markdownDescription": "The ID of the local gateway.", - "title": "LocalGatewayId", + "Description": { + "markdownDescription": "The description of the Amazon DataZone domain.", + "title": "Description", "type": "string" }, - "Mode": { - "markdownDescription": "The mode of the local gateway route table.", - "title": "Mode", + "DomainExecutionRole": { + "markdownDescription": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain.", + "title": "DomainExecutionRole", + "type": "string" + }, + "DomainVersion": { + "markdownDescription": "The domain version.", + "title": "DomainVersion", + "type": "string" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data.", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Amazon DataZone domain.", + "title": "Name", + "type": "string" + }, + "ServiceRole": { + "markdownDescription": "The service role of the domain.", + "title": "ServiceRole", "type": "string" }, + "SingleSignOn": { + "$ref": "#/definitions/AWS::DataZone::Domain.SingleSignOn", + "markdownDescription": "The single sign-on details in Amazon DataZone.", + "title": "SingleSignOn" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the local gateway route table.", + "markdownDescription": "The tags specified for the Amazon DataZone domain.", "title": "Tags", "type": "array" } }, "required": [ - "LocalGatewayId" + "DomainExecutionRole", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTable" + "AWS::DataZone::Domain" ], "type": "string" }, @@ -73827,7 +81830,28 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTableVPCAssociation": { + "AWS::DataZone::Domain.SingleSignOn": { + "additionalProperties": false, + "properties": { + "IdcInstanceArn": { + "markdownDescription": "The ARN of the IDC instance.", + "title": "IdcInstanceArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of single sign-on in Amazon DataZone.", + "title": "Type", + "type": "string" + }, + "UserAssignment": { + "markdownDescription": "The single sign-on user assignment in Amazon DataZone.", + "title": "UserAssignment", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::DomainUnit": { "additionalProperties": false, "properties": { "Condition": { @@ -73862,34 +81886,37 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "Description": { + "markdownDescription": "The description of the domain unit.", + "title": "Description", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the association.", - "title": "Tags", - "type": "array" + "DomainIdentifier": { + "markdownDescription": "The ID of the domain where you want to crate a domain unit.", + "title": "DomainIdentifier", + "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "Name": { + "markdownDescription": "The name of the domain unit.", + "title": "Name", + "type": "string" + }, + "ParentDomainUnitIdentifier": { + "markdownDescription": "The ID of the parent domain unit.", + "title": "ParentDomainUnitIdentifier", "type": "string" } }, "required": [ - "LocalGatewayRouteTableId", - "VpcId" + "DomainIdentifier", + "Name", + "ParentDomainUnitIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTableVPCAssociation" + "AWS::DataZone::DomainUnit" ], "type": "string" }, @@ -73908,7 +81935,7 @@ ], "type": "object" }, - "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { + "AWS::DataZone::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -73943,34 +81970,73 @@ "Properties": { "additionalProperties": false, "properties": { - "LocalGatewayRouteTableId": { - "markdownDescription": "The ID of the local gateway route table.", - "title": "LocalGatewayRouteTableId", + "Description": { + "markdownDescription": "The description of the environment.", + "title": "Description", "type": "string" }, - "LocalGatewayVirtualInterfaceGroupId": { - "markdownDescription": "The ID of the virtual interface group.", - "title": "LocalGatewayVirtualInterfaceGroupId", + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment is created.", + "title": "DomainIdentifier", "type": "string" }, - "Tags": { + "EnvironmentAccountIdentifier": { + "markdownDescription": "The identifier of the AWS account in which an environment exists.", + "title": "EnvironmentAccountIdentifier", + "type": "string" + }, + "EnvironmentAccountRegion": { + "markdownDescription": "The AWS Region in which an environment exists.", + "title": "EnvironmentAccountRegion", + "type": "string" + }, + "EnvironmentProfileIdentifier": { + "markdownDescription": "The identifier of the environment profile that is used to create this Amazon DataZone environment.", + "title": "EnvironmentProfileIdentifier", + "type": "string" + }, + "EnvironmentRoleArn": { + "markdownDescription": "The ARN of the environment role.", + "title": "EnvironmentRoleArn", + "type": "string" + }, + "GlossaryTerms": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags assigned to the association.", - "title": "Tags", + "markdownDescription": "The glossary terms that can be used in this Amazon DataZone environment.", + "title": "GlossaryTerms", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the Amazon DataZone environment.", + "title": "Name", + "type": "string" + }, + "ProjectIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone project in which this environment is created.", + "title": "ProjectIdentifier", + "type": "string" + }, + "UserParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::Environment.EnvironmentParameter" + }, + "markdownDescription": "The user parameters of this Amazon DataZone environment.", + "title": "UserParameters", "type": "array" } }, "required": [ - "LocalGatewayRouteTableId", - "LocalGatewayVirtualInterfaceGroupId" + "DomainIdentifier", + "Name", + "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation" + "AWS::DataZone::Environment" ], "type": "string" }, @@ -73989,7 +82055,23 @@ ], "type": "object" }, - "AWS::EC2::NatGateway": { + "AWS::DataZone::Environment.EnvironmentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the environment parameter.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the environment parameter.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentActions": { "additionalProperties": false, "properties": { "Condition": { @@ -74024,69 +82106,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocationId": { - "markdownDescription": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.", - "title": "AllocationId", + "Description": { + "markdownDescription": "The environment action description.", + "title": "Description", "type": "string" }, - "ConnectivityType": { - "markdownDescription": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", - "title": "ConnectivityType", + "DomainIdentifier": { + "markdownDescription": "The Amazon DataZone domain ID of the environment action.", + "title": "DomainIdentifier", "type": "string" }, - "MaxDrainDurationSeconds": { - "markdownDescription": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.", - "title": "MaxDrainDurationSeconds", - "type": "number" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.", - "title": "PrivateIpAddress", + "EnvironmentIdentifier": { + "markdownDescription": "The environment ID of the environment action.", + "title": "EnvironmentIdentifier", "type": "string" }, - "SecondaryAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-working-with.html) in the *Amazon VPC User Guide* .", - "title": "SecondaryAllocationIds", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SecondaryPrivateIpAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", - "title": "SecondaryPrivateIpAddresses", - "type": "array" + "Identifier": { + "markdownDescription": "The ID of the environment action.", + "title": "Identifier", + "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which the NAT gateway is located.", - "title": "SubnetId", + "Name": { + "markdownDescription": "The name of the environment action.", + "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the NAT gateway.", - "title": "Tags", - "type": "array" + "Parameters": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentActions.AwsConsoleLinkParameters", + "markdownDescription": "The parameters of the environment action.", + "title": "Parameters" } }, "required": [ - "SubnetId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NatGateway" + "AWS::DataZone::EnvironmentActions" ], "type": "string" }, @@ -74105,7 +82163,18 @@ ], "type": "object" }, - "AWS::EC2::NetworkAcl": { + "AWS::DataZone::EnvironmentActions.AwsConsoleLinkParameters": { + "additionalProperties": false, + "properties": { + "Uri": { + "markdownDescription": "The URI of the console link specified as part of the environment action.", + "title": "Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentBlueprintConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -74140,28 +82209,66 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which an environment blueprint exists.", + "title": "DomainIdentifier", + "type": "string" + }, + "EnabledRegions": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags for the network ACL.", - "title": "Tags", + "markdownDescription": "The enabled AWS Regions specified in a blueprint configuration.", + "title": "EnabledRegions", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC for the network ACL.", - "title": "VpcId", + "EnvironmentBlueprintIdentifier": { + "markdownDescription": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` .", + "title": "EnvironmentBlueprintIdentifier", + "type": "string" + }, + "EnvironmentRolePermissionBoundary": { + "markdownDescription": "The environment role permission boundary.", + "title": "EnvironmentRolePermissionBoundary", + "type": "string" + }, + "ManageAccessRoleArn": { + "markdownDescription": "The ARN of the manage access role.", + "title": "ManageAccessRoleArn", + "type": "string" + }, + "ProvisioningConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.ProvisioningConfiguration" + }, + "markdownDescription": "The provisioning configuration of a blueprint.", + "title": "ProvisioningConfigurations", + "type": "array" + }, + "ProvisioningRoleArn": { + "markdownDescription": "The ARN of the provisioning role.", + "title": "ProvisioningRoleArn", "type": "string" + }, + "RegionalParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter" + }, + "markdownDescription": "The regional parameters of the environment blueprint.", + "title": "RegionalParameters", + "type": "array" } }, "required": [ - "VpcId" + "DomainIdentifier", + "EnabledRegions", + "EnvironmentBlueprintIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkAcl" + "AWS::DataZone::EnvironmentBlueprintConfiguration" ], "type": "string" }, @@ -74180,7 +82287,62 @@ ], "type": "object" }, - "AWS::EC2::NetworkAclEntry": { + "AWS::DataZone::EnvironmentBlueprintConfiguration.LakeFormationConfiguration": { + "additionalProperties": false, + "properties": { + "LocationRegistrationExcludeS3Locations": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies certain Amazon S3 locations if you do not want Amazon DataZone to automatically register them in hybrid mode.", + "title": "LocationRegistrationExcludeS3Locations", + "type": "array" + }, + "LocationRegistrationRole": { + "markdownDescription": "The role that is used to manage read/write access to the chosen Amazon S3 bucket(s) for Data Lake using AWS Lake Formation hybrid access mode.", + "title": "LocationRegistrationRole", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentBlueprintConfiguration.ProvisioningConfiguration": { + "additionalProperties": false, + "properties": { + "LakeFormationConfiguration": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.LakeFormationConfiguration", + "markdownDescription": "The Lake Formation configuration of the Data Lake blueprint.", + "title": "LakeFormationConfiguration" + } + }, + "required": [ + "LakeFormationConfiguration" + ], + "type": "object" + }, + "AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter": { + "additionalProperties": false, + "properties": { + "Parameters": { + "additionalProperties": true, + "markdownDescription": "A string to string map containing parameters for the region.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" + }, + "Region": { + "markdownDescription": "The region specified in the environment parameter.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::EnvironmentProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -74215,63 +82377,63 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrBlock": { - "markdownDescription": "The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.", - "title": "CidrBlock", + "AwsAccountId": { + "markdownDescription": "The identifier of an AWS account in which an environment profile exists.", + "title": "AwsAccountId", "type": "string" }, - "Egress": { - "markdownDescription": "Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ). By default, AWS CloudFormation specifies `false` .", - "title": "Egress", - "type": "boolean" - }, - "Icmp": { - "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.Icmp", - "markdownDescription": "The Internet Control Message Protocol (ICMP) code and type. Required if specifying 1 (ICMP) for the protocol parameter.", - "title": "Icmp" + "AwsAccountRegion": { + "markdownDescription": "The AWS Region in which an environment profile exists.", + "title": "AwsAccountRegion", + "type": "string" }, - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation. You must specify an IPv4 CIDR block or an IPv6 CIDR block.", - "title": "Ipv6CidrBlock", + "Description": { + "markdownDescription": "The description of the environment profile.", + "title": "Description", "type": "string" }, - "NetworkAclId": { - "markdownDescription": "The ID of the ACL for the entry.", - "title": "NetworkAclId", + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment profile exists.", + "title": "DomainIdentifier", "type": "string" }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.PortRange", - "markdownDescription": "The range of port numbers for the UDP/TCP protocol. Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "PortRange" + "EnvironmentBlueprintIdentifier": { + "markdownDescription": "The identifier of a blueprint with which an environment profile is created.", + "title": "EnvironmentBlueprintIdentifier", + "type": "string" }, - "Protocol": { - "markdownDescription": "The IP protocol that the rule applies to. You must specify -1 or a protocol number. You can specify -1 for all protocols.\n\n> If you specify -1, all ports are opened and the `PortRange` property is ignored.", - "title": "Protocol", - "type": "number" + "Name": { + "markdownDescription": "The name of the environment profile.", + "title": "Name", + "type": "string" }, - "RuleAction": { - "markdownDescription": "Whether to allow or deny traffic that matches the rule; valid values are \"allow\" or \"deny\".", - "title": "RuleAction", + "ProjectIdentifier": { + "markdownDescription": "The identifier of a project in which an environment profile exists.", + "title": "ProjectIdentifier", "type": "string" }, - "RuleNumber": { - "markdownDescription": "Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.", - "title": "RuleNumber", - "type": "number" + "UserParameters": { + "items": { + "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile.EnvironmentParameter" + }, + "markdownDescription": "The user parameters of this Amazon DataZone environment profile.", + "title": "UserParameters", + "type": "array" } }, "required": [ - "NetworkAclId", - "Protocol", - "RuleAction", - "RuleNumber" + "AwsAccountId", + "AwsAccountRegion", + "DomainIdentifier", + "EnvironmentBlueprintIdentifier", + "Name", + "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkAclEntry" + "AWS::DataZone::EnvironmentProfile" ], "type": "string" }, @@ -74290,39 +82452,23 @@ ], "type": "object" }, - "AWS::EC2::NetworkAclEntry.Icmp": { - "additionalProperties": false, - "properties": { - "Code": { - "markdownDescription": "The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP codes for the given ICMP type. Required if you specify 1 (ICMP) for the protocol parameter.", - "title": "Code", - "type": "number" - }, - "Type": { - "markdownDescription": "The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types. Conditional requirement: Required if you specify 1 (ICMP) for the `CreateNetworkAclEntry` protocol parameter.", - "title": "Type", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkAclEntry.PortRange": { + "AWS::DataZone::EnvironmentProfile.EnvironmentParameter": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "From", - "type": "number" + "Name": { + "markdownDescription": "The name specified in the environment parameter.", + "title": "Name", + "type": "string" }, - "To": { - "markdownDescription": "The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", - "title": "To", - "type": "number" + "Value": { + "markdownDescription": "The value of the environment profile.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope": { + "AWS::DataZone::GroupProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -74357,36 +82503,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ExcludePaths": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" - }, - "markdownDescription": "The paths to exclude.", - "title": "ExcludePaths", - "type": "array" + "DomainIdentifier": { + "markdownDescription": "The identifier of the Amazon DataZone domain in which a group profile exists.", + "title": "DomainIdentifier", + "type": "string" }, - "MatchPaths": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" - }, - "markdownDescription": "The paths to match.", - "title": "MatchPaths", - "type": "array" + "GroupIdentifier": { + "markdownDescription": "The ID of the group of a project member.", + "title": "GroupIdentifier", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" + "Status": { + "markdownDescription": "The status of a group profile.", + "title": "Status", + "type": "string" } }, + "required": [ + "DomainIdentifier", + "GroupIdentifier" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsAccessScope" + "AWS::DataZone::GroupProfile" ], "type": "string" }, @@ -74400,146 +82541,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", - "markdownDescription": "The destination.", - "title": "Destination" - }, - "Source": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", - "markdownDescription": "The source.", - "title": "Source" - }, - "ThroughResources": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest" - }, - "markdownDescription": "The through resources.", - "title": "ThroughResources", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest": { - "additionalProperties": false, - "properties": { - "DestinationAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination addresses.", - "title": "DestinationAddresses", - "type": "array" - }, - "DestinationPorts": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination ports.", - "title": "DestinationPorts", - "type": "array" - }, - "DestinationPrefixLists": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination prefix lists.", - "title": "DestinationPrefixLists", - "type": "array" - }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The protocols.", - "title": "Protocols", - "type": "array" - }, - "SourceAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The source addresses.", - "title": "SourceAddresses", - "type": "array" - }, - "SourcePorts": { - "items": { - "type": "string" - }, - "markdownDescription": "The source ports.", - "title": "SourcePorts", - "type": "array" - }, - "SourcePrefixLists": { - "items": { - "type": "string" - }, - "markdownDescription": "The source prefix lists.", - "title": "SourcePrefixLists", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest": { - "additionalProperties": false, - "properties": { - "PacketHeaderStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest", - "markdownDescription": "The packet header statement.", - "title": "PacketHeaderStatement" - }, - "ResourceStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", - "markdownDescription": "The resource statement.", - "title": "ResourceStatement" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest": { - "additionalProperties": false, - "properties": { - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The resource types.", - "title": "ResourceTypes", - "type": "array" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources.", - "title": "Resources", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest": { - "additionalProperties": false, - "properties": { - "ResourceStatement": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", - "markdownDescription": "The resource statement.", - "title": "ResourceStatement" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAccessScopeAnalysis": { + "AWS::DataZone::Owner": { "additionalProperties": false, "properties": { "Condition": { @@ -74574,28 +82581,38 @@ "Properties": { "additionalProperties": false, "properties": { - "NetworkInsightsAccessScopeId": { - "markdownDescription": "The ID of the Network Access Scope.", - "title": "NetworkInsightsAccessScopeId", + "DomainIdentifier": { + "markdownDescription": "The ID of the domain in which you want to add the entity owner.", + "title": "DomainIdentifier", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" + "EntityIdentifier": { + "markdownDescription": "The ID of the entity to which you want to add an owner.", + "title": "EntityIdentifier", + "type": "string" + }, + "EntityType": { + "markdownDescription": "The type of an entity.", + "title": "EntityType", + "type": "string" + }, + "Owner": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerProperties", + "markdownDescription": "The owner that you want to add to the entity.", + "title": "Owner" } }, "required": [ - "NetworkInsightsAccessScopeId" + "DomainIdentifier", + "EntityIdentifier", + "EntityType", + "Owner" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsAccessScopeAnalysis" + "AWS::DataZone::Owner" ], "type": "string" }, @@ -74614,7 +82631,45 @@ ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis": { + "AWS::DataZone::Owner.OwnerGroupProperties": { + "additionalProperties": false, + "properties": { + "GroupIdentifier": { + "markdownDescription": "The ID of the domain unit owners group.", + "title": "GroupIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Owner.OwnerProperties": { + "additionalProperties": false, + "properties": { + "Group": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerGroupProperties", + "markdownDescription": "Specifies that the domain unit owner is a group.", + "title": "Group" + }, + "User": { + "$ref": "#/definitions/AWS::DataZone::Owner.OwnerUserProperties", + "markdownDescription": "Specifies that the domain unit owner is a user.", + "title": "User" + } + }, + "type": "object" + }, + "AWS::DataZone::Owner.OwnerUserProperties": { + "additionalProperties": false, + "properties": { + "UserIdentifier": { + "markdownDescription": "The ID of the owner user.", + "title": "UserIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataZone::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -74649,44 +82704,62 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "The member accounts that contain resources that the path can traverse.", - "title": "AdditionalAccounts", - "type": "array" + "Description": { + "markdownDescription": "The description of a project.", + "title": "Description", + "type": "string" }, - "FilterInArns": { + "DomainIdentifier": { + "markdownDescription": "The identifier of a Amazon DataZone domain where the project exists.", + "title": "DomainIdentifier", + "type": "string" + }, + "DomainUnitId": { + "markdownDescription": "The ID of the domain unit. This parameter is not required and if it is not specified, then the project is created at the root domain unit level.", + "title": "DomainUnitId", + "type": "string" + }, + "GlossaryTerms": { "items": { "type": "string" }, - "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must traverse.", - "title": "FilterInArns", + "markdownDescription": "The glossary terms that can be used in this Amazon DataZone project.", + "title": "GlossaryTerms", "type": "array" }, - "NetworkInsightsPathId": { - "markdownDescription": "The ID of the path.", - "title": "NetworkInsightsPathId", + "Name": { + "markdownDescription": "The name of a project.", + "title": "Name", "type": "string" }, - "Tags": { + "ProjectProfileId": { + "markdownDescription": "The ID of the project profile.", + "title": "ProjectProfileId", + "type": "string" + }, + "ProjectProfileVersion": { + "markdownDescription": "The project profile version to which the project should be updated. You can only specify the following string for this parameter: `latest` .", + "title": "ProjectProfileVersion", + "type": "string" + }, + "UserParameters": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataZone::Project.EnvironmentConfigurationUserParameter" }, - "markdownDescription": "The tags to apply.", - "title": "Tags", + "markdownDescription": "The user parameters of the project.", + "title": "UserParameters", "type": "array" } }, "required": [ - "NetworkInsightsPathId" + "DomainIdentifier", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsAnalysis" + "AWS::DataZone::Project" ], "type": "string" }, @@ -74705,722 +82778,375 @@ ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail": { + "AWS::DataZone::Project.EnvironmentConfigurationUserParameter": { "additionalProperties": false, "properties": { - "AdditionalDetailType": { - "markdownDescription": "The additional detail code.", - "title": "AdditionalDetailType", + "EnvironmentConfigurationName": { + "markdownDescription": "The environment configuration name.", + "title": "EnvironmentConfigurationName", "type": "string" }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The path component.", - "title": "Component" + "EnvironmentId": { + "markdownDescription": "The ID of the environment.", + "title": "EnvironmentId", + "type": "string" }, - "LoadBalancers": { + "EnvironmentParameters": { "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + "$ref": "#/definitions/AWS::DataZone::Project.EnvironmentParameter" }, - "markdownDescription": "The load balancers.", - "title": "LoadBalancers", + "markdownDescription": "The environment parameters.", + "title": "EnvironmentParameters", "type": "array" - }, - "ServiceName": { - "markdownDescription": "The name of the VPC endpoint service.", - "title": "ServiceName", - "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AlternatePathHint": { + "AWS::DataZone::Project.EnvironmentParameter": { "additionalProperties": false, "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", + "Name": { + "markdownDescription": "The name of an environment profile parameter.", + "title": "Name", "type": "string" }, - "ComponentId": { - "markdownDescription": "The ID of the component.", - "title": "ComponentId", + "Value": { + "markdownDescription": "The value of an environment profile parameter.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule": { + "AWS::DataZone::ProjectMembership": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation.", - "title": "Cidr", + "Condition": { "type": "string" }, - "Egress": { - "markdownDescription": "Indicates whether the rule is an outbound rule.", - "title": "Egress", - "type": "boolean" - }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", - "markdownDescription": "The range of ports.", - "title": "PortRange" - }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RuleAction": { - "markdownDescription": "Indicates whether to allow or deny traffic that matches the rule.", - "title": "RuleAction", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RuleNumber": { - "markdownDescription": "The rule number.", - "title": "RuleNumber", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "Arn", - "type": "string" + "Metadata": { + "type": "object" }, - "Id": { - "markdownDescription": "The ID of the component.", - "title": "Id", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener": { - "additionalProperties": false, - "properties": { - "InstancePort": { - "markdownDescription": "[Classic Load Balancers] The back-end port for the listener.", - "title": "InstancePort", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Designation": { + "markdownDescription": "The designated role of a project member.", + "title": "Designation", + "type": "string" + }, + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain in which project membership is created.", + "title": "DomainIdentifier", + "type": "string" + }, + "Member": { + "$ref": "#/definitions/AWS::DataZone::ProjectMembership.Member", + "markdownDescription": "The details about a project member.", + "title": "Member" + }, + "ProjectIdentifier": { + "markdownDescription": "The ID of the project for which this project membership was created.", + "title": "ProjectIdentifier", + "type": "string" + } + }, + "required": [ + "Designation", + "DomainIdentifier", + "Member", + "ProjectIdentifier" + ], + "type": "object" }, - "LoadBalancerPort": { - "markdownDescription": "The port on which the load balancer is listening.", - "title": "LoadBalancerPort", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The IP address.", - "title": "Address", + "Type": { + "enum": [ + "AWS::DataZone::ProjectMembership" + ], "type": "string" }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.", - "title": "AvailabilityZone", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "Instance": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "Information about the instance.", - "title": "Instance" - }, - "Port": { - "markdownDescription": "The port on which the target is listening.", - "title": "Port", - "type": "number" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader": { + "AWS::DataZone::ProjectMembership.Member": { "additionalProperties": false, "properties": { - "DestinationAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The destination addresses.", - "title": "DestinationAddresses", - "type": "array" - }, - "DestinationPortRanges": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" - }, - "markdownDescription": "The destination port ranges.", - "title": "DestinationPortRanges", - "type": "array" - }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "GroupIdentifier": { + "markdownDescription": "The ID of the group of a project member.", + "title": "GroupIdentifier", "type": "string" }, - "SourceAddresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The source addresses.", - "title": "SourceAddresses", - "type": "array" - }, - "SourcePortRanges": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" - }, - "markdownDescription": "The source port ranges.", - "title": "SourcePortRanges", - "type": "array" + "UserIdentifier": { + "markdownDescription": "The user ID of a project member.", + "title": "UserIdentifier", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute": { + "AWS::DataZone::ProjectProfile": { "additionalProperties": false, "properties": { - "NatGatewayId": { - "markdownDescription": "The ID of a NAT gateway.", - "title": "NatGatewayId", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of a network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "Origin": { - "markdownDescription": "Describes how the route was created. The following are the possible values:\n\n- CreateRouteTable - The route was automatically created when the route table was created.\n- CreateRoute - The route was manually added to the route table.\n- EnableVgwRoutePropagation - The route was propagated by route propagation.", - "title": "Origin", - "type": "string" - }, - "State": { - "markdownDescription": "The state. The following are the possible values:\n\n- active\n- blackhole", - "title": "State", - "type": "string" - }, - "TransitGatewayId": { - "markdownDescription": "The ID of a transit gateway.", - "title": "TransitGatewayId", + "Condition": { "type": "string" }, - "VpcPeeringConnectionId": { - "markdownDescription": "The ID of a VPC peering connection.", - "title": "VpcPeeringConnectionId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "destinationCidr": { - "markdownDescription": "The destination IPv4 address, in CIDR notation.", - "title": "destinationCidr", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "destinationPrefixListId": { - "markdownDescription": "The prefix of the AWS service.", - "title": "destinationPrefixListId", - "type": "string" + "Metadata": { + "type": "object" }, - "egressOnlyInternetGatewayId": { - "markdownDescription": "The ID of an egress-only internet gateway.", - "title": "egressOnlyInternetGatewayId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the project profile.", + "title": "Description", + "type": "string" + }, + "DomainIdentifier": { + "markdownDescription": "A domain ID of the project profile.", + "title": "DomainIdentifier", + "type": "string" + }, + "DomainUnitIdentifier": { + "markdownDescription": "A domain unit ID of the project profile.", + "title": "DomainUnitIdentifier", + "type": "string" + }, + "EnvironmentConfigurations": { + "items": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfiguration" + }, + "markdownDescription": "Environment configurations of a project profile.", + "title": "EnvironmentConfigurations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a project profile.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of a project profile.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "gatewayId": { - "markdownDescription": "The ID of the gateway, such as an internet gateway or virtual private gateway.", - "title": "gatewayId", + "Type": { + "enum": [ + "AWS::DataZone::ProjectProfile" + ], "type": "string" }, - "instanceId": { - "markdownDescription": "The ID of the instance, such as a NAT instance.", - "title": "instanceId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule": { + "AWS::DataZone::ProjectProfile.AwsAccount": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "The IPv4 address range, in CIDR notation.", - "title": "Cidr", - "type": "string" - }, - "Direction": { - "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", - "title": "Direction", - "type": "string" - }, - "PortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", - "markdownDescription": "The port range.", - "title": "PortRange" - }, - "PrefixListId": { - "markdownDescription": "The prefix list ID.", - "title": "PrefixListId", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol name.", - "title": "Protocol", - "type": "string" - }, - "SecurityGroupId": { - "markdownDescription": "The security group ID.", - "title": "SecurityGroupId", + "AwsAccountId": { + "markdownDescription": "The account ID of a project.", + "title": "AwsAccountId", "type": "string" } }, + "required": [ + "AwsAccountId" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.Explanation": { + "AWS::DataZone::ProjectProfile.EnvironmentConfiguration": { "additionalProperties": false, "properties": { - "Acl": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The network ACL.", - "title": "Acl" - }, - "AclRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", - "markdownDescription": "The network ACL rule.", - "title": "AclRule" - }, - "Address": { - "markdownDescription": "The IPv4 address, in CIDR notation.", - "title": "Address", - "type": "string" - }, - "Addresses": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 addresses, in CIDR notation.", - "title": "Addresses", - "type": "array" - }, - "AttachedTo": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The resource to which the component is attached.", - "title": "AttachedTo" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones.", - "title": "AvailabilityZones", - "type": "array" - }, - "Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The CIDR ranges.", - "title": "Cidrs", - "type": "array" - }, - "ClassicLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener", - "markdownDescription": "The listener for a Classic Load Balancer.", - "title": "ClassicLoadBalancerListener" + "AwsAccount": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.AwsAccount", + "markdownDescription": "The AWS account of the environment.", + "title": "AwsAccount" }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component.", - "title": "Component" + "AwsRegion": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.Region", + "markdownDescription": "The AWS Region of the environment.", + "title": "AwsRegion" }, - "ComponentAccount": { - "markdownDescription": "The AWS account for the component.", - "title": "ComponentAccount", - "type": "string" + "ConfigurationParameters": { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParametersDetails", + "markdownDescription": "The configuration parameters of the environment.", + "title": "ConfigurationParameters" }, - "ComponentRegion": { - "markdownDescription": "The Region for the component.", - "title": "ComponentRegion", + "DeploymentMode": { + "markdownDescription": "The deployment mode of the environment.", + "title": "DeploymentMode", "type": "string" }, - "CustomerGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The customer gateway.", - "title": "CustomerGateway" - }, - "Destination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination.", - "title": "Destination" - }, - "DestinationVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination VPC.", - "title": "DestinationVpc" + "DeploymentOrder": { + "markdownDescription": "The deployment order of the environment.", + "title": "DeploymentOrder", + "type": "number" }, - "Direction": { - "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", - "title": "Direction", + "Description": { + "markdownDescription": "The environment description.", + "title": "Description", "type": "string" }, - "ElasticLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The load balancer listener.", - "title": "ElasticLoadBalancerListener" - }, - "ExplanationCode": { - "markdownDescription": "The explanation code.", - "title": "ExplanationCode", + "EnvironmentBlueprintId": { + "markdownDescription": "The environment blueprint ID.", + "title": "EnvironmentBlueprintId", "type": "string" }, - "IngressRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table.", - "title": "IngressRouteTable" - }, - "InternetGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The internet gateway.", - "title": "InternetGateway" - }, - "LoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", - "title": "LoadBalancerArn", + "Id": { + "markdownDescription": "The environment ID.", + "title": "Id", "type": "string" }, - "LoadBalancerListenerPort": { - "markdownDescription": "The listener port of the load balancer.", - "title": "LoadBalancerListenerPort", - "type": "number" - }, - "LoadBalancerTarget": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget", - "markdownDescription": "The target.", - "title": "LoadBalancerTarget" - }, - "LoadBalancerTargetGroup": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The target group.", - "title": "LoadBalancerTargetGroup" - }, - "LoadBalancerTargetGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" - }, - "markdownDescription": "The target groups.", - "title": "LoadBalancerTargetGroups", - "type": "array" - }, - "LoadBalancerTargetPort": { - "markdownDescription": "The target port.", - "title": "LoadBalancerTargetPort", - "type": "number" - }, - "MissingComponent": { - "markdownDescription": "The missing component.", - "title": "MissingComponent", + "Name": { + "markdownDescription": "The environment name.", + "title": "Name", "type": "string" + } + }, + "required": [ + "AwsRegion", + "EnvironmentBlueprintId", + "Name" + ], + "type": "object" + }, + "AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter": { + "additionalProperties": false, + "properties": { + "IsEditable": { + "markdownDescription": "Specifies whether the environment parameter is editable.", + "title": "IsEditable", + "type": "boolean" }, - "NatGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The NAT gateway.", - "title": "NatGateway" - }, - "NetworkInterface": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The network interface.", - "title": "NetworkInterface" - }, - "PacketField": { - "markdownDescription": "The packet field.", - "title": "PacketField", + "Name": { + "markdownDescription": "The name of the environment configuration parameter.", + "title": "Name", "type": "string" }, - "Port": { - "markdownDescription": "The port.", - "title": "Port", - "type": "number" - }, - "PortRanges": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" - }, - "markdownDescription": "The port ranges.", - "title": "PortRanges", - "type": "array" - }, - "PrefixList": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The prefix list.", - "title": "PrefixList" - }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The protocols.", - "title": "Protocols", - "type": "array" - }, - "RouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table.", - "title": "RouteTable" - }, - "RouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", - "markdownDescription": "The route table route.", - "title": "RouteTableRoute" - }, - "SecurityGroup": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The security group.", - "title": "SecurityGroup" - }, - "SecurityGroupRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", - "markdownDescription": "The security group rule.", - "title": "SecurityGroupRule" - }, - "SecurityGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" - }, - "markdownDescription": "The security groups.", - "title": "SecurityGroups", - "type": "array" - }, - "SourceVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The source VPC.", - "title": "SourceVpc" - }, - "State": { - "markdownDescription": "The state.", - "title": "State", + "Value": { + "markdownDescription": "The value of the environment configuration parameter.", + "title": "Value", "type": "string" - }, - "Subnet": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The subnet.", - "title": "Subnet" - }, - "SubnetRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The route table for the subnet.", - "title": "SubnetRouteTable" - }, - "TransitGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway.", - "title": "TransitGateway" - }, - "TransitGatewayAttachment": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway attachment.", - "title": "TransitGatewayAttachment" - }, - "TransitGatewayRouteTable": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway route table.", - "title": "TransitGatewayRouteTable" - }, - "TransitGatewayRouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", - "markdownDescription": "The transit gateway route table route.", - "title": "TransitGatewayRouteTableRoute" - }, - "Vpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component VPC.", - "title": "Vpc" - }, - "VpcPeeringConnection": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPC peering connection.", - "title": "VpcPeeringConnection" - }, - "VpnConnection": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPN connection.", - "title": "VpnConnection" - }, - "VpnGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPN gateway.", - "title": "VpnGateway" - }, - "vpcEndpoint": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The VPC endpoint.", - "title": "vpcEndpoint" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.PathComponent": { + "AWS::DataZone::ProjectProfile.EnvironmentConfigurationParametersDetails": { "additionalProperties": false, "properties": { - "AclRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", - "markdownDescription": "The network ACL rule.", - "title": "AclRule" - }, - "AdditionalDetails": { + "ParameterOverrides": { "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail" + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter" }, - "markdownDescription": "The additional details.", - "title": "AdditionalDetails", + "markdownDescription": "The parameter overrides.", + "title": "ParameterOverrides", "type": "array" }, - "Component": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component.", - "title": "Component" - }, - "DestinationVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The destination VPC.", - "title": "DestinationVpc" - }, - "ElasticLoadBalancerListener": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The load balancer listener.", - "title": "ElasticLoadBalancerListener" - }, - "Explanations": { + "ResolvedParameters": { "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.Explanation" + "$ref": "#/definitions/AWS::DataZone::ProjectProfile.EnvironmentConfigurationParameter" }, - "markdownDescription": "The explanation codes.", - "title": "Explanations", + "markdownDescription": "The resolved environment configuration parameters.", + "title": "ResolvedParameters", "type": "array" }, - "InboundHeader": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", - "markdownDescription": "The inbound header.", - "title": "InboundHeader" - }, - "OutboundHeader": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", - "markdownDescription": "The outbound header.", - "title": "OutboundHeader" - }, - "RouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", - "markdownDescription": "The route table route.", - "title": "RouteTableRoute" - }, - "SecurityGroupRule": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", - "markdownDescription": "The security group rule.", - "title": "SecurityGroupRule" - }, - "SequenceNumber": { - "markdownDescription": "The sequence number.", - "title": "SequenceNumber", - "type": "number" - }, - "ServiceName": { - "markdownDescription": "The name of the VPC endpoint service.", - "title": "ServiceName", + "SsmPath": { + "markdownDescription": "Ssm path environment configuration parameters.", + "title": "SsmPath", "type": "string" - }, - "SourceVpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The source VPC.", - "title": "SourceVpc" - }, - "Subnet": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The subnet.", - "title": "Subnet" - }, - "TransitGateway": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The transit gateway.", - "title": "TransitGateway" - }, - "TransitGatewayRouteTableRoute": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", - "markdownDescription": "The route in a transit gateway route table.", - "title": "TransitGatewayRouteTableRoute" - }, - "Vpc": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", - "markdownDescription": "The component VPC.", - "title": "Vpc" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsAnalysis.PortRange": { - "additionalProperties": false, - "properties": { - "From": { - "markdownDescription": "The first port in the range.", - "title": "From", - "type": "number" - }, - "To": { - "markdownDescription": "The last port in the range.", - "title": "To", - "type": "number" } }, "type": "object" }, - "AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute": { + "AWS::DataZone::ProjectProfile.Region": { "additionalProperties": false, "properties": { - "AttachmentId": { - "markdownDescription": "The ID of the route attachment.", - "title": "AttachmentId", - "type": "string" - }, - "DestinationCidr": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidr", - "type": "string" - }, - "PrefixListId": { - "markdownDescription": "The ID of the prefix list.", - "title": "PrefixListId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "The ID of the resource for the route attachment.", - "title": "ResourceId", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The resource type for the route attachment.", - "title": "ResourceType", - "type": "string" - }, - "RouteOrigin": { - "markdownDescription": "The route origin. The following are the possible values:\n\n- static\n- propagated", - "title": "RouteOrigin", - "type": "string" - }, - "State": { - "markdownDescription": "The state of the route.", - "title": "State", + "RegionName": { + "markdownDescription": "The AWS Region name.", + "title": "RegionName", "type": "string" } }, + "required": [ + "RegionName" + ], "type": "object" }, - "AWS::EC2::NetworkInsightsPath": { + "AWS::DataZone::SubscriptionTarget": { "additionalProperties": false, "properties": { "Condition": { @@ -75455,64 +83181,75 @@ "Properties": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN.", - "title": "Destination", - "type": "string" - }, - "DestinationIp": { - "markdownDescription": "The IP address of the destination.", - "title": "DestinationIp", - "type": "string" + "ApplicableAssetTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The asset types included in the subscription target.", + "title": "ApplicableAssetTypes", + "type": "array" }, - "DestinationPort": { - "markdownDescription": "The destination port.", - "title": "DestinationPort", - "type": "number" + "AuthorizedPrincipals": { + "items": { + "type": "string" + }, + "markdownDescription": "The authorized principals included in the subscription target.", + "title": "AuthorizedPrincipals", + "type": "array" }, - "FilterAtDestination": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", - "markdownDescription": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address.", - "title": "FilterAtDestination" + "DomainIdentifier": { + "markdownDescription": "The ID of the Amazon DataZone domain in which subscription target is created.", + "title": "DomainIdentifier", + "type": "string" }, - "FilterAtSource": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", - "markdownDescription": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port.", - "title": "FilterAtSource" + "EnvironmentIdentifier": { + "markdownDescription": "The ID of the environment in which subscription target is created.", + "title": "EnvironmentIdentifier", + "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol.", - "title": "Protocol", + "ManageAccessRole": { + "markdownDescription": "The manage access role that is used to create the subscription target.", + "title": "ManageAccessRole", "type": "string" }, - "Source": { - "markdownDescription": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN.", - "title": "Source", + "Name": { + "markdownDescription": "The name of the subscription target.", + "title": "Name", "type": "string" }, - "SourceIp": { - "markdownDescription": "The IP address of the source.", - "title": "SourceIp", + "Provider": { + "markdownDescription": "The provider of the subscription target.", + "title": "Provider", "type": "string" }, - "Tags": { + "SubscriptionTargetConfig": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm" }, - "markdownDescription": "The tags to add to the path.", - "title": "Tags", + "markdownDescription": "The configuration of the subscription target.", + "title": "SubscriptionTargetConfig", "type": "array" + }, + "Type": { + "markdownDescription": "The type of the subscription target.", + "title": "Type", + "type": "string" } }, "required": [ - "Protocol", - "Source" + "ApplicableAssetTypes", + "AuthorizedPrincipals", + "DomainIdentifier", + "EnvironmentIdentifier", + "Name", + "SubscriptionTargetConfig", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInsightsPath" + "AWS::DataZone::SubscriptionTarget" ], "type": "string" }, @@ -75531,49 +83268,27 @@ ], "type": "object" }, - "AWS::EC2::NetworkInsightsPath.FilterPortRange": { - "additionalProperties": false, - "properties": { - "FromPort": { - "markdownDescription": "The first port in the range.", - "title": "FromPort", - "type": "number" - }, - "ToPort": { - "markdownDescription": "The last port in the range.", - "title": "ToPort", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::NetworkInsightsPath.PathFilter": { + "AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm": { "additionalProperties": false, "properties": { - "DestinationAddress": { - "markdownDescription": "The destination IPv4 address.", - "title": "DestinationAddress", + "Content": { + "markdownDescription": "The content of the subscription target configuration.", + "title": "Content", "type": "string" }, - "DestinationPortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", - "markdownDescription": "The destination port range.", - "title": "DestinationPortRange" - }, - "SourceAddress": { - "markdownDescription": "The source IPv4 address.", - "title": "SourceAddress", + "FormName": { + "markdownDescription": "The form name included in the subscription target configuration.", + "title": "FormName", "type": "string" - }, - "SourcePortRange": { - "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", - "markdownDescription": "The source port range.", - "title": "SourcePortRange" } }, + "required": [ + "Content", + "FormName" + ], "type": "object" }, - "AWS::EC2::NetworkInterface": { + "AWS::DataZone::UserProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -75608,113 +83323,36 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionTrackingSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.ConnectionTrackingSpecification", - "markdownDescription": "A connection tracking specification for the network interface.", - "title": "ConnectionTrackingSpecification" - }, - "Description": { - "markdownDescription": "A description for the network interface.", - "title": "Description", + "DomainIdentifier": { + "markdownDescription": "The identifier of a Amazon DataZone domain in which a user profile exists.", + "title": "DomainIdentifier", "type": "string" }, - "GroupSet": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with this network interface.", - "title": "GroupSet", - "type": "array" - }, - "InterfaceType": { - "markdownDescription": "The type of network interface. The default is `interface` . The supported values are `efa` and `trunk` .", - "title": "InterfaceType", + "Status": { + "markdownDescription": "The status of the user profile.", + "title": "Status", "type": "string" }, - "Ipv4PrefixCount": { - "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", - "title": "Ipv4PrefixCount", - "type": "number" - }, - "Ipv4Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv4PrefixSpecification" - }, - "markdownDescription": "The IPv4 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", - "title": "Ipv4Prefixes", - "type": "array" - }, - "Ipv6AddressCount": { - "markdownDescription": "The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the `Ipv6Addresses` property and don't specify this property.\n\nWhen creating a network interface, you can't specify a count of IPv6 addresses if you've specified one of the following: specific IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", - "title": "Ipv6AddressCount", - "type": "number" - }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.InstanceIpv6Address" - }, - "markdownDescription": "The IPv6 addresses from the IPv6 CIDR block range of your subnet to assign to the network interface. If you're specifying a number of IPv6 addresses, use the `Ipv6AddressCount` property and don't specify this property.\n\nWhen creating a network interface, you can't specify IPv6 addresses if you've specified one of the following: a count of IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", - "title": "Ipv6Addresses", - "type": "array" - }, - "Ipv6PrefixCount": { - "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", - "title": "Ipv6PrefixCount", - "type": "number" - }, - "Ipv6Prefixes": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv6PrefixSpecification" - }, - "markdownDescription": "The IPv6 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", - "title": "Ipv6Prefixes", - "type": "array" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address to assign to the network interface as the primary private IP address. If you want to specify multiple private IP addresses, use the `PrivateIpAddresses` property.", - "title": "PrivateIpAddress", + "UserIdentifier": { + "markdownDescription": "The identifier of the user for which the user profile is created.", + "title": "UserIdentifier", "type": "string" }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::NetworkInterface.PrivateIpAddressSpecification" - }, - "markdownDescription": "The private IPv4 addresses to assign to the network interface. You can specify a primary private IP address by setting the value of the `Primary` property to `true` in the `PrivateIpAddressSpecification` property. If you want EC2 to automatically assign private IP addresses, use the `SecondaryPrivateIpAddressCount` property and do not specify this property.\n\nWhen creating a network interface, you can't specify private IPv4 addresses if you've specified one of the following: a count of private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using `privateIpAddresses` .\n\nWhen creating a Network Interface, you can't specify a count of private IPv4 addresses if you've specified one of the following: specific private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SourceDestCheck": { - "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", - "title": "SourceDestCheck", - "type": "boolean" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet to associate with the network interface.", - "title": "SubnetId", + "UserType": { + "markdownDescription": "The user type of the user for which the user profile is created.", + "title": "UserType", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the network interface.", - "title": "Tags", - "type": "array" } }, "required": [ - "SubnetId" + "DomainIdentifier", + "UserIdentifier" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInterface" + "AWS::DataZone::UserProfile" ], "type": "string" }, @@ -75733,90 +83371,140 @@ ], "type": "object" }, - "AWS::EC2::NetworkInterface.ConnectionTrackingSpecification": { + "AWS::DataZone::UserProfile.IamUserProfileDetails": { "additionalProperties": false, "properties": { - "TcpEstablishedTimeout": { - "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", - "title": "TcpEstablishedTimeout", - "type": "number" - }, - "UdpStreamTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", - "title": "UdpStreamTimeout", - "type": "number" - }, - "UdpTimeout": { - "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", - "title": "UdpTimeout", - "type": "number" + "Arn": { + "markdownDescription": "The ARN of an IAM user profile in Amazon DataZone.", + "title": "Arn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::NetworkInterface.InstanceIpv6Address": { + "AWS::DataZone::UserProfile.SsoUserProfileDetails": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "An IPv6 address to associate with the network interface.", - "title": "Ipv6Address", + "FirstName": { + "markdownDescription": "The first name included in the single sign-on details of the user profile.", + "title": "FirstName", + "type": "string" + }, + "LastName": { + "markdownDescription": "The last name included in the single sign-on details of the user profile.", + "title": "LastName", + "type": "string" + }, + "Username": { + "markdownDescription": "The username included in the single sign-on details of the user profile.", + "title": "Username", "type": "string" } }, - "required": [ - "Ipv6Address" - ], "type": "object" }, - "AWS::EC2::NetworkInterface.Ipv4PrefixSpecification": { + "AWS::DataZone::UserProfile.UserProfileDetails": { "additionalProperties": false, "properties": { - "Ipv4Prefix": { - "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", - "title": "Ipv4Prefix", - "type": "string" - } - }, - "required": [ - "Ipv4Prefix" - ], - "type": "object" - }, - "AWS::EC2::NetworkInterface.Ipv6PrefixSpecification": { - "additionalProperties": false, - "properties": { - "Ipv6Prefix": { - "markdownDescription": "The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* .", - "title": "Ipv6Prefix", - "type": "string" + "Iam": { + "$ref": "#/definitions/AWS::DataZone::UserProfile.IamUserProfileDetails", + "markdownDescription": "The IAM details included in the user profile details.", + "title": "Iam" + }, + "Sso": { + "$ref": "#/definitions/AWS::DataZone::UserProfile.SsoUserProfileDetails", + "markdownDescription": "The single sign-on details included in the user profile details.", + "title": "Sso" } }, - "required": [ - "Ipv6Prefix" - ], "type": "object" }, - "AWS::EC2::NetworkInterface.PrivateIpAddressSpecification": { + "AWS::Deadline::Farm": { "additionalProperties": false, "properties": { - "Primary": { - "markdownDescription": "Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address.", - "title": "Primary", - "type": "boolean" + "Condition": { + "type": "string" }, - "PrivateIpAddress": { - "markdownDescription": "The private IP address of the network interface.", - "title": "PrivateIpAddress", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the farm that helps identify what the farm is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the farm.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN for the KMS key.", + "title": "KmsKeyArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to your farm. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DisplayName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Deadline::Farm" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Primary", - "PrivateIpAddress" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::NetworkInterfaceAttachment": { + "AWS::Deadline::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -75851,42 +83539,67 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Whether to delete the network interface when the instance terminates. By default, this value is set to `true` .", - "title": "DeleteOnTermination", - "type": "boolean" + "Configuration": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetConfiguration", + "markdownDescription": "The configuration details for the fleet.", + "title": "Configuration" }, - "DeviceIndex": { - "markdownDescription": "The network interface's position in the attachment order. For example, the first attached network interface has a `DeviceIndex` of 0.", - "title": "DeviceIndex", + "Description": { + "markdownDescription": "A description that helps identify what the fleet is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", "type": "string" }, - "EnaSrdSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification", - "markdownDescription": "Configures ENA Express for the network interface that this action attaches to the instance.", - "title": "EnaSrdSpecification" + "DisplayName": { + "markdownDescription": "The display name of the fleet summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of the instance to which you will attach the ENI.", - "title": "InstanceId", + "FarmId": { + "markdownDescription": "The farm ID.", + "title": "FarmId", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the ENI that you want to attach.", - "title": "NetworkInterfaceId", + "HostConfiguration": { + "$ref": "#/definitions/AWS::Deadline::Fleet.HostConfiguration", + "markdownDescription": "Provides a script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet.\n\nTo remove a script from a fleet, use the [UpdateFleet](https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_UpdateFleet.html) operation with the `hostConfiguration` `scriptBody` parameter set to an empty string (\"\").", + "title": "HostConfiguration" + }, + "MaxWorkerCount": { + "markdownDescription": "The maximum number of workers specified in the fleet.", + "title": "MaxWorkerCount", + "type": "number" + }, + "MinWorkerCount": { + "markdownDescription": "The minimum number of workers in the fleet.", + "title": "MinWorkerCount", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The IAM role that workers in the fleet use when processing jobs.", + "title": "RoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to your fleet. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", + "title": "Tags", + "type": "array" } }, "required": [ - "DeviceIndex", - "InstanceId", - "NetworkInterfaceId" + "Configuration", + "DisplayName", + "FarmId", + "MaxWorkerCount", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInterfaceAttachment" + "AWS::Deadline::Fleet" ], "type": "string" }, @@ -75905,34 +83618,459 @@ ], "type": "object" }, - "AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification": { + "AWS::Deadline::Fleet.AcceleratorCapabilities": { "additionalProperties": false, "properties": { - "EnaSrdEnabled": { - "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", - "title": "EnaSrdEnabled", - "type": "boolean" + "Count": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", + "markdownDescription": "The number of GPU accelerators specified for worker hosts in this fleet.", + "title": "Count" }, - "EnaSrdUdpSpecification": { - "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification", - "markdownDescription": "Configures ENA Express for UDP network traffic.", - "title": "EnaSrdUdpSpecification" + "Selections": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorSelection" + }, + "markdownDescription": "A list of accelerator capabilities requested for this fleet. Only Amazon Elastic Compute Cloud instances that provide these capabilities will be used. For example, if you specify both L4 and T4 chips, Deadline Cloud will use Amazon EC2 instances that have either the L4 or the T4 chip installed.", + "title": "Selections", + "type": "array" } }, + "required": [ + "Selections" + ], "type": "object" }, - "AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification": { + "AWS::Deadline::Fleet.AcceleratorCountRange": { "additionalProperties": false, "properties": { - "EnaSrdUdpEnabled": { - "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", - "title": "EnaSrdUdpEnabled", - "type": "boolean" + "Max": { + "markdownDescription": "The maximum number of GPU accelerators in the worker host.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of GPU accelerators in the worker host.", + "title": "Min", + "type": "number" } }, + "required": [ + "Min" + ], "type": "object" }, - "AWS::EC2::NetworkInterfacePermission": { + "AWS::Deadline::Fleet.AcceleratorSelection": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the chip used by the GPU accelerator.\n\nIf you specify `l4` as the name of the accelerator, you must specify `latest` or `grid:r570` as the runtime.\n\nThe available GPU accelerators are:\n\n- `t4` - NVIDIA T4 Tensor Core GPU\n- `a10g` - NVIDIA A10G Tensor Core GPU\n- `l4` - NVIDIA L4 Tensor Core GPU\n- `l40s` - NVIDIA L40S Tensor Core GPU", + "title": "Name", + "type": "string" + }, + "Runtime": { + "markdownDescription": "Specifies the runtime driver to use for the GPU accelerator. You must use the same runtime for all GPUs.\n\nYou can choose from the following runtimes:\n\n- `latest` - Use the latest runtime available for the chip. If you specify `latest` and a new version of the runtime is released, the new version of the runtime is used.\n- `grid:r570` - [NVIDIA vGPU software 18](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/18.0/index.html)\n- `grid:r535` - [NVIDIA vGPU software 16](https://docs.aws.amazon.com/https://docs.nvidia.com/vgpu/16.0/index.html)\n\nIf you don't specify a runtime, Deadline Cloud uses `latest` as the default. However, if you have multiple accelerators and specify `latest` for some and leave others blank, Deadline Cloud raises an exception.", + "title": "Runtime", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory to use for the accelerator, measured in MiB.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory to use for the accelerator, measured in MiB.", + "title": "Min", + "type": "number" + } + }, + "required": [ + "Min" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.CustomerManagedFleetConfiguration": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The AWS Auto Scaling mode for the customer managed fleet configuration.", + "title": "Mode", + "type": "string" + }, + "StorageProfileId": { + "markdownDescription": "The storage profile ID.", + "title": "StorageProfileId", + "type": "string" + }, + "TagPropagationMode": { + "markdownDescription": "Specifies whether tags associated with a fleet are attached to workers when the worker is launched.\n\nWhen the `tagPropagationMode` is set to `PROPAGATE_TAGS_TO_WORKERS_AT_LAUNCH` any tag associated with a fleet is attached to workers when they launch. If the tags for a fleet change, the tags associated with running workers *do not* change.\n\nIf you don't specify `tagPropagationMode` , the default is `NO_PROPAGATION` .", + "title": "TagPropagationMode", + "type": "string" + }, + "WorkerCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities", + "markdownDescription": "The worker capabilities for a customer managed fleet configuration.", + "title": "WorkerCapabilities" + } + }, + "required": [ + "Mode", + "WorkerCapabilities" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities": { + "additionalProperties": false, + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", + "markdownDescription": "The range of the accelerator.", + "title": "AcceleratorCount" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange", + "markdownDescription": "The total memory (MiB) for the customer managed worker capabilities.", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerator types for the customer managed worker capabilities.", + "title": "AcceleratorTypes", + "type": "array" + }, + "CpuArchitectureType": { + "markdownDescription": "The CPU architecture type for the customer managed worker capabilities.", + "title": "CpuArchitectureType", + "type": "string" + }, + "CustomAmounts": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" + }, + "markdownDescription": "Custom requirement ranges for customer managed worker capabilities.", + "title": "CustomAmounts", + "type": "array" + }, + "CustomAttributes": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + }, + "markdownDescription": "Custom attributes for the customer manged worker capabilities.", + "title": "CustomAttributes", + "type": "array" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", + "markdownDescription": "The memory (MiB).", + "title": "MemoryMiB" + }, + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", + "type": "string" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", + "markdownDescription": "The vCPU count for the customer manged worker capabilities.", + "title": "VCpuCount" + } + }, + "required": [ + "CpuArchitectureType", + "MemoryMiB", + "OsFamily", + "VCpuCount" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.Ec2EbsVolume": { + "additionalProperties": false, + "properties": { + "Iops": { + "markdownDescription": "The IOPS per volume.", + "title": "Iops", + "type": "number" + }, + "SizeGiB": { + "markdownDescription": "The EBS volume size in GiB.", + "title": "SizeGiB", + "type": "number" + }, + "ThroughputMiB": { + "markdownDescription": "The throughput per volume in MiB.", + "title": "ThroughputMiB", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Deadline::Fleet.FleetAmountCapability": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of the fleet worker capability.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of fleet worker capability.", + "title": "Min", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the fleet capability.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Min", + "Name" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.FleetAttributeCapability": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the fleet attribute capability for the worker.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The number of fleet attribute capabilities.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.FleetCapabilities": { + "additionalProperties": false, + "properties": { + "Amounts": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" + }, + "markdownDescription": "Amount capabilities of the fleet.", + "title": "Amounts", + "type": "array" + }, + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + }, + "markdownDescription": "Attribute capabilities of the fleet.", + "title": "Attributes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Deadline::Fleet.FleetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomerManaged": { + "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedFleetConfiguration", + "markdownDescription": "The customer managed fleets within a fleet configuration.", + "title": "CustomerManaged" + }, + "ServiceManagedEc2": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration", + "markdownDescription": "The service managed Amazon EC2 instances for a fleet configuration.", + "title": "ServiceManagedEc2" + } + }, + "type": "object" + }, + "AWS::Deadline::Fleet.HostConfiguration": { + "additionalProperties": false, + "properties": { + "ScriptBody": { + "markdownDescription": "The text of the script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet. The script runs after a worker enters the `STARTING` state and before the worker processes tasks.\n\nFor more information about using the script, see [Run scripts as an administrator to configure workers](https://docs.aws.amazon.com/deadline-cloud/latest/developerguide/smf-admin.html) in the *Deadline Cloud Developer Guide* .\n\n> The script runs as an administrative user ( `sudo root` on Linux, as an Administrator on Windows).", + "title": "ScriptBody", + "type": "string" + }, + "ScriptTimeoutSeconds": { + "markdownDescription": "The maximum time that the host configuration can run. If the timeout expires, the worker enters the `NOT RESPONDING` state and shuts down. You are charged for the time that the worker is running the host configuration script.\n\n> You should configure your fleet for a maximum of one worker while testing your host configuration script to avoid starting additional workers. \n\nThe default is 300 seconds (5 minutes).", + "title": "ScriptTimeoutSeconds", + "type": "number" + } + }, + "required": [ + "ScriptBody" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.MemoryMiBRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory (in MiB).", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory (in MiB).", + "title": "Min", + "type": "number" + } + }, + "required": [ + "Min" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration": { + "additionalProperties": false, + "properties": { + "InstanceCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities", + "markdownDescription": "The Amazon EC2 instance capabilities.", + "title": "InstanceCapabilities" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions", + "markdownDescription": "The Amazon EC2 market type.", + "title": "InstanceMarketOptions" + }, + "StorageProfileId": { + "markdownDescription": "The storage profile ID.", + "title": "StorageProfileId", + "type": "string" + } + }, + "required": [ + "InstanceCapabilities", + "InstanceMarketOptions" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities": { + "additionalProperties": false, + "properties": { + "AcceleratorCapabilities": { + "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCapabilities", + "markdownDescription": "Describes the GPU accelerator capabilities required for worker host instances in this fleet.", + "title": "AcceleratorCapabilities" + }, + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The allowable Amazon EC2 instance types.", + "title": "AllowedInstanceTypes", + "type": "array" + }, + "CpuArchitectureType": { + "markdownDescription": "The CPU architecture type.", + "title": "CpuArchitectureType", + "type": "string" + }, + "CustomAmounts": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" + }, + "markdownDescription": "The custom capability amounts to require for instances in this fleet.", + "title": "CustomAmounts", + "type": "array" + }, + "CustomAttributes": { + "items": { + "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" + }, + "markdownDescription": "The custom capability attributes to require for instances in this fleet.", + "title": "CustomAttributes", + "type": "array" + }, + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude from the fleet.", + "title": "ExcludedInstanceTypes", + "type": "array" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", + "markdownDescription": "The memory, as MiB, for the Amazon EC2 instance type.", + "title": "MemoryMiB" + }, + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", + "type": "string" + }, + "RootEbsVolume": { + "$ref": "#/definitions/AWS::Deadline::Fleet.Ec2EbsVolume", + "markdownDescription": "The root EBS volume.", + "title": "RootEbsVolume" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", + "markdownDescription": "The amount of vCPU to require for instances in this fleet.", + "title": "VCpuCount" + } + }, + "required": [ + "CpuArchitectureType", + "MemoryMiB", + "OsFamily", + "VCpuCount" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The Amazon EC2 instance type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Deadline::Fleet.VCpuCountRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of vCPU.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of vCPU.", + "title": "Min", + "type": "number" + } + }, + "required": [ + "Min" + ], + "type": "object" + }, + "AWS::Deadline::LicenseEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -75967,32 +84105,46 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifier of the Amazon EC2 security group that controls access to the license endpoint.", + "title": "SecurityGroupIds", + "type": "array" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Identifies the VPC subnets that can connect to a license endpoint.", + "title": "SubnetIds", + "type": "array" }, - "Permission": { - "markdownDescription": "The type of permission to grant: `INSTANCE-ATTACH` or `EIP-ASSOCIATE` .", - "title": "Permission", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to your license endpoint. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The VCP(virtual private cloud) ID associated with the license endpoint.", + "title": "VpcId", "type": "string" } }, "required": [ - "AwsAccountId", - "NetworkInterfaceId", - "Permission" + "SecurityGroupIds", + "SubnetIds", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkInterfacePermission" + "AWS::Deadline::LicenseEndpoint" ], "type": "string" }, @@ -76011,7 +84163,7 @@ ], "type": "object" }, - "AWS::EC2::NetworkPerformanceMetricSubscription": { + "AWS::Deadline::Limit": { "additionalProperties": false, "properties": { "Condition": { @@ -76046,38 +84198,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The Region or Availability Zone that's the target for the subscription. For example, `eu-west-1` .", - "title": "Destination", + "AmountRequirementName": { + "markdownDescription": "The value that you specify as the `name` in the `amounts` field of the `hostRequirements` in a step of a job template to declare the limit requirement.", + "title": "AmountRequirementName", "type": "string" }, - "Metric": { - "markdownDescription": "The metric used for the subscription.", - "title": "Metric", + "Description": { + "markdownDescription": "A description of the limit. A clear description helps you identify the purpose of the limit.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", "type": "string" }, - "Source": { - "markdownDescription": "The Region or Availability Zone that's the source for the subscription. For example, `us-east-1` .", - "title": "Source", + "DisplayName": { + "markdownDescription": "The name of the limit used in lists to identify the limit.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", "type": "string" }, - "Statistic": { - "markdownDescription": "The statistic used for the subscription.", - "title": "Statistic", + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the limit.", + "title": "FarmId", "type": "string" + }, + "MaxCount": { + "markdownDescription": "The maximum number of resources constrained by this limit. When all of the resources are in use, steps that require the limit won't be scheduled until the resource is available.\n\nThe `maxValue` must not be 0. If the value is -1, there is no restriction on the number of resources that can be acquired for this limit.", + "title": "MaxCount", + "type": "number" } }, "required": [ - "Destination", - "Metric", - "Source", - "Statistic" + "AmountRequirementName", + "DisplayName", + "FarmId", + "MaxCount" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::NetworkPerformanceMetricSubscription" + "AWS::Deadline::Limit" ], "type": "string" }, @@ -76096,7 +84253,7 @@ ], "type": "object" }, - "AWS::EC2::PlacementGroup": { + "AWS::Deadline::MeteredProduct": { "additionalProperties": false, "properties": { "Condition": { @@ -76131,35 +84288,22 @@ "Properties": { "additionalProperties": false, "properties": { - "PartitionCount": { - "markdownDescription": "The number of partitions. Valid only when *Strategy* is set to `partition` .", - "title": "PartitionCount", - "type": "number" - }, - "SpreadLevel": { - "markdownDescription": "Determines how placement groups spread instances.\n\n- Host \u2013 You can use `host` only with Outpost placement groups.\n- Rack \u2013 No usage restrictions.", - "title": "SpreadLevel", + "LicenseEndpointId": { + "markdownDescription": "The Amazon EC2 identifier of the license endpoint.", + "title": "LicenseEndpointId", "type": "string" }, - "Strategy": { - "markdownDescription": "The placement strategy.", - "title": "Strategy", + "ProductId": { + "markdownDescription": "The product ID.", + "title": "ProductId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to apply to the new placement group.", - "title": "Tags", - "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::EC2::PlacementGroup" + "AWS::Deadline::MeteredProduct" ], "type": "string" }, @@ -76177,7 +84321,7 @@ ], "type": "object" }, - "AWS::EC2::PrefixList": { + "AWS::Deadline::Monitor": { "additionalProperties": false, "properties": { "Condition": { @@ -76212,47 +84356,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AddressFamily": { - "markdownDescription": "The IP address type.\n\nValid Values: `IPv4` | `IPv6`", - "title": "AddressFamily", + "DisplayName": { + "markdownDescription": "The name of the monitor that displays on the Deadline Cloud console.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", "type": "string" }, - "Entries": { - "items": { - "$ref": "#/definitions/AWS::EC2::PrefixList.Entry" - }, - "markdownDescription": "The entries for the prefix list.", - "title": "Entries", - "type": "array" - }, - "MaxEntries": { - "markdownDescription": "The maximum number of entries for the prefix list. You can't modify the entries and the size of a prefix list at the same time.\n\nThis property is required when you create a prefix list.", - "title": "MaxEntries", - "type": "number" + "IdentityCenterInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance responsible for authenticating monitor users.", + "title": "IdentityCenterInstanceArn", + "type": "string" }, - "PrefixListName": { - "markdownDescription": "A name for the prefix list.\n\nConstraints: Up to 255 characters in length. The name cannot start with `com.amazonaws` .", - "title": "PrefixListName", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the monitor. Users of the monitor use this role to access Deadline Cloud resources.", + "title": "RoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the prefix list.", - "title": "Tags", - "type": "array" + "Subdomain": { + "markdownDescription": "The subdomain used for the monitor URL. The full URL of the monitor is subdomain.Region.deadlinecloud.amazonaws.com.", + "title": "Subdomain", + "type": "string" } }, "required": [ - "AddressFamily", - "PrefixListName" + "DisplayName", + "IdentityCenterInstanceArn", + "RoleArn", + "Subdomain" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::PrefixList" + "AWS::Deadline::Monitor" ], "type": "string" }, @@ -76271,26 +84406,7 @@ ], "type": "object" }, - "AWS::EC2::PrefixList.Entry": { - "additionalProperties": false, - "properties": { - "Cidr": { - "markdownDescription": "The CIDR block.", - "title": "Cidr", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the entry.\n\nConstraints: Up to 255 characters in length.", - "title": "Description", - "type": "string" - } - }, - "required": [ - "Cidr" - ], - "type": "object" - }, - "AWS::EC2::Route": { + "AWS::Deadline::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -76325,90 +84441,75 @@ "Properties": { "additionalProperties": false, "properties": { - "CarrierGatewayId": { - "markdownDescription": "The ID of the carrier gateway.\n\nYou can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone.", - "title": "CarrierGatewayId", - "type": "string" - }, - "CoreNetworkArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the core network.", - "title": "CoreNetworkArn", - "type": "string" - }, - "DestinationCidrBlock": { - "markdownDescription": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .", - "title": "DestinationCidrBlock", - "type": "string" - }, - "DestinationIpv6CidrBlock": { - "markdownDescription": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.", - "title": "DestinationIpv6CidrBlock", - "type": "string" - }, - "DestinationPrefixListId": { - "markdownDescription": "The ID of a prefix list used for the destination match.", - "title": "DestinationPrefixListId", - "type": "string" - }, - "EgressOnlyInternetGatewayId": { - "markdownDescription": "[IPv6 traffic only] The ID of an egress-only internet gateway.", - "title": "EgressOnlyInternetGatewayId", - "type": "string" + "AllowedStorageProfileIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems.", + "title": "AllowedStorageProfileIds", + "type": "array" }, - "GatewayId": { - "markdownDescription": "The ID of an internet gateway or virtual private gateway attached to your VPC.", - "title": "GatewayId", + "DefaultBudgetAction": { + "markdownDescription": "The default action taken on a queue summary if a budget wasn't configured.", + "title": "DefaultBudgetAction", "type": "string" }, - "InstanceId": { - "markdownDescription": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.", - "title": "InstanceId", + "Description": { + "markdownDescription": "A description of the queue that helps identify what the queue is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "Description", "type": "string" }, - "LocalGatewayId": { - "markdownDescription": "The ID of the local gateway.", - "title": "LocalGatewayId", + "DisplayName": { + "markdownDescription": "The display name of the queue summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", "type": "string" }, - "NatGatewayId": { - "markdownDescription": "[IPv4 traffic only] The ID of a NAT gateway.", - "title": "NatGatewayId", + "FarmId": { + "markdownDescription": "The farm ID.", + "title": "FarmId", "type": "string" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of a network interface.", - "title": "NetworkInterfaceId", - "type": "string" + "JobAttachmentSettings": { + "$ref": "#/definitions/AWS::Deadline::Queue.JobAttachmentSettings", + "markdownDescription": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix.", + "title": "JobAttachmentSettings" }, - "RouteTableId": { - "markdownDescription": "The ID of the route table for the route.", - "title": "RouteTableId", - "type": "string" + "JobRunAsUser": { + "$ref": "#/definitions/AWS::Deadline::Queue.JobRunAsUser", + "markdownDescription": "Identifies the user for a job.", + "title": "JobRunAsUser" }, - "TransitGatewayId": { - "markdownDescription": "The ID of a transit gateway.", - "title": "TransitGatewayId", - "type": "string" + "RequiredFileSystemLocationNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The file system location that the queue uses.", + "title": "RequiredFileSystemLocationNames", + "type": "array" }, - "VpcEndpointId": { - "markdownDescription": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.", - "title": "VpcEndpointId", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue.", + "title": "RoleArn", "type": "string" }, - "VpcPeeringConnectionId": { - "markdownDescription": "The ID of a VPC peering connection.", - "title": "VpcPeeringConnectionId", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to your queue. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.", + "title": "Tags", + "type": "array" } }, "required": [ - "RouteTableId" + "DisplayName", + "FarmId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Route" + "AWS::Deadline::Queue" ], "type": "string" }, @@ -76427,7 +84528,91 @@ ], "type": "object" }, - "AWS::EC2::RouteTable": { + "AWS::Deadline::Queue.JobAttachmentSettings": { + "additionalProperties": false, + "properties": { + "RootPrefix": { + "markdownDescription": "The root prefix.", + "title": "RootPrefix", + "type": "string" + }, + "S3BucketName": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3BucketName", + "type": "string" + } + }, + "required": [ + "RootPrefix", + "S3BucketName" + ], + "type": "object" + }, + "AWS::Deadline::Queue.JobRunAsUser": { + "additionalProperties": false, + "properties": { + "Posix": { + "$ref": "#/definitions/AWS::Deadline::Queue.PosixUser", + "markdownDescription": "The user and group that the jobs in the queue run as.", + "title": "Posix" + }, + "RunAs": { + "markdownDescription": "Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user.", + "title": "RunAs", + "type": "string" + }, + "Windows": { + "$ref": "#/definitions/AWS::Deadline::Queue.WindowsUser", + "markdownDescription": "Identifies a Microsoft Windows user.", + "title": "Windows" + } + }, + "required": [ + "RunAs" + ], + "type": "object" + }, + "AWS::Deadline::Queue.PosixUser": { + "additionalProperties": false, + "properties": { + "Group": { + "markdownDescription": "The name of the POSIX user's group.", + "title": "Group", + "type": "string" + }, + "User": { + "markdownDescription": "The name of the POSIX user.", + "title": "User", + "type": "string" + } + }, + "required": [ + "Group", + "User" + ], + "type": "object" + }, + "AWS::Deadline::Queue.WindowsUser": { + "additionalProperties": false, + "properties": { + "PasswordArn": { + "markdownDescription": "The password ARN for the Windows user.", + "title": "PasswordArn", + "type": "string" + }, + "User": { + "markdownDescription": "The user.", + "title": "User", + "type": "string" + } + }, + "required": [ + "PasswordArn", + "User" + ], + "type": "object" + }, + "AWS::Deadline::QueueEnvironment": { "additionalProperties": false, "properties": { "Condition": { @@ -76462,28 +84647,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the route table.", - "title": "Tags", - "type": "array" + "FarmId": { + "markdownDescription": "The identifier assigned to the farm that contains the queue.", + "title": "FarmId", + "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "Priority": { + "markdownDescription": "The queue environment's priority.", + "title": "Priority", + "type": "number" + }, + "QueueId": { + "markdownDescription": "The unique identifier of the queue that contains the environment.", + "title": "QueueId", + "type": "string" + }, + "Template": { + "markdownDescription": "A JSON or YAML template that describes the processing environment for the queue.", + "title": "Template", + "type": "string" + }, + "TemplateType": { + "markdownDescription": "Specifies whether the template for the queue environment is JSON or YAML.", + "title": "TemplateType", "type": "string" } }, "required": [ - "VpcId" + "FarmId", + "Priority", + "QueueId", + "Template", + "TemplateType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::RouteTable" + "AWS::Deadline::QueueEnvironment" ], "type": "string" }, @@ -76502,7 +84703,7 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroup": { + "AWS::Deadline::QueueFleetAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -76537,54 +84738,32 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupDescription": { - "markdownDescription": "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", - "title": "GroupDescription", + "FarmId": { + "markdownDescription": "The identifier of the farm that contains the queue and the fleet.", + "title": "FarmId", "type": "string" }, - "GroupName": { - "markdownDescription": "The name of the security group. Names are case-insensitive and must be unique within the VPC.\n\nConstraints: Up to 255 characters in length. Can't start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", - "title": "GroupName", + "FleetId": { + "markdownDescription": "The fleet ID.", + "title": "FleetId", "type": "string" }, - "SecurityGroupEgress": { - "items": { - "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" - }, - "markdownDescription": "The outbound rules associated with the security group.", - "title": "SecurityGroupEgress", - "type": "array" - }, - "SecurityGroupIngress": { - "items": { - "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" - }, - "markdownDescription": "The inbound rules associated with the security group.", - "title": "SecurityGroupIngress", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Any tags assigned to the security group.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.", - "title": "VpcId", + "QueueId": { + "markdownDescription": "The queue ID.", + "title": "QueueId", "type": "string" } }, "required": [ - "GroupDescription" + "FarmId", + "FleetId", + "QueueId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroup" + "AWS::Deadline::QueueFleetAssociation" ], "type": "string" }, @@ -76603,115 +84782,199 @@ ], "type": "object" }, - "AWS::EC2::SecurityGroup.Egress": { + "AWS::Deadline::QueueLimitAssociation": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", - "type": "string" - }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", + "Condition": { "type": "string" }, - "Description": { - "markdownDescription": "A description for the security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DestinationPrefixListId": { - "markdownDescription": "The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationPrefixListId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DestinationSecurityGroupId": { - "markdownDescription": "The ID of the destination VPC security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationSecurityGroupId", - "type": "string" + "Metadata": { + "type": "object" }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the queue-limit association.", + "title": "FarmId", + "type": "string" + }, + "LimitId": { + "markdownDescription": "The unique identifier of the limit in the association.", + "title": "LimitId", + "type": "string" + }, + "QueueId": { + "markdownDescription": "The unique identifier of the queue in the association.", + "title": "QueueId", + "type": "string" + } + }, + "required": [ + "FarmId", + "LimitId", + "QueueId" + ], + "type": "object" }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", + "Type": { + "enum": [ + "AWS::Deadline::QueueLimitAssociation" + ], "type": "string" }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "IpProtocol" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::SecurityGroup.Ingress": { + "AWS::Deadline::StorageProfile": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", + "Condition": { "type": "string" }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Description": { - "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" + "Metadata": { + "type": "object" }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DisplayName": { + "markdownDescription": "The display name of the storage profile summary to update.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", + "title": "DisplayName", + "type": "string" + }, + "FarmId": { + "markdownDescription": "The unique identifier of the farm that contains the storage profile.", + "title": "FarmId", + "type": "string" + }, + "FileSystemLocations": { + "items": { + "$ref": "#/definitions/AWS::Deadline::StorageProfile.FileSystemLocation" + }, + "markdownDescription": "Operating system specific file system path to the storage location.", + "title": "FileSystemLocations", + "type": "array" + }, + "OsFamily": { + "markdownDescription": "The operating system (OS) family.", + "title": "OsFamily", + "type": "string" + } + }, + "required": [ + "DisplayName", + "FarmId", + "OsFamily" + ], + "type": "object" }, - "SourcePrefixListId": { - "markdownDescription": "The ID of a prefix list.", - "title": "SourcePrefixListId", + "Type": { + "enum": [ + "AWS::Deadline::StorageProfile" + ], "type": "string" }, - "SourceSecurityGroupId": { - "markdownDescription": "The ID of the security group.", - "title": "SourceSecurityGroupId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SourceSecurityGroupName": { - "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", - "title": "SourceSecurityGroupName", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Deadline::StorageProfile.FileSystemLocation": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The location name.", + "title": "Name", "type": "string" }, - "SourceSecurityGroupOwnerId": { - "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", - "title": "SourceSecurityGroupOwnerId", + "Path": { + "markdownDescription": "The file path.", + "title": "Path", "type": "string" }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" + "Type": { + "markdownDescription": "The type of file.", + "title": "Type", + "type": "string" } }, "required": [ - "IpProtocol" + "Name", + "Path", + "Type" ], "type": "object" }, - "AWS::EC2::SecurityGroupEgress": { + "AWS::Detective::Graph": { "additionalProperties": false, "properties": { "Condition": { @@ -76746,61 +85009,25 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", - "type": "string" - }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of an egress (outbound) security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", - "type": "string" - }, - "DestinationPrefixListId": { - "markdownDescription": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationPrefixListId", - "type": "string" - }, - "DestinationSecurityGroupId": { - "markdownDescription": "The ID of the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", - "title": "DestinationSecurityGroupId", - "type": "string" - }, - "FromPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", - "title": "FromPort", - "type": "number" - }, - "GroupId": { - "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.", - "title": "GroupId", - "type": "string" - }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", - "type": "string" + "AutoEnableMembers": { + "markdownDescription": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.\n\nBy default, this property is set to `false` . If you want to change the value of this property, you must be the Detective administrator for the organization. For more information on setting a Detective administrator account, see [AWS::Detective::OrganizationAdmin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-detective-organizationadmin.html) .", + "title": "AutoEnableMembers", + "type": "boolean" }, - "ToPort": { - "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", - "title": "ToPort", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tag values to assign to the new behavior graph.", + "title": "Tags", + "type": "array" } }, - "required": [ - "GroupId", - "IpProtocol" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroupEgress" + "AWS::Detective::Graph" ], "type": "string" }, @@ -76814,12 +85041,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::SecurityGroupIngress": { + "AWS::Detective::MemberInvitation": { "additionalProperties": false, "properties": { "Condition": { @@ -76854,75 +85080,42 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrIp": { - "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIp", - "type": "string" - }, - "CidrIpv6": { - "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", - "title": "CidrIpv6", - "type": "string" - }, - "Description": { - "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", - "title": "Description", - "type": "string" - }, - "FromPort": { - "markdownDescription": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", - "title": "FromPort", - "type": "number" - }, - "GroupId": { - "markdownDescription": "The ID of the security group.", - "title": "GroupId", - "type": "string" - }, - "GroupName": { - "markdownDescription": "[Default VPC] The name of the security group. For security groups for a default VPC you can specify either the ID or the name of the security group. For security groups for a nondefault VPC, you must specify the ID of the security group.", - "title": "GroupName", - "type": "string" - }, - "IpProtocol": { - "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", - "title": "IpProtocol", - "type": "string" + "DisableEmailNotification": { + "markdownDescription": "Whether to send an invitation email to the member account. If set to true, the member account does not receive an invitation email.", + "title": "DisableEmailNotification", + "type": "boolean" }, - "SourcePrefixListId": { - "markdownDescription": "The ID of a prefix list.", - "title": "SourcePrefixListId", + "GraphArn": { + "markdownDescription": "The ARN of the behavior graph to invite the account to contribute data to.", + "title": "GraphArn", "type": "string" }, - "SourceSecurityGroupId": { - "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", - "title": "SourceSecurityGroupId", + "MemberEmailAddress": { + "markdownDescription": "The root user email address of the invited account. If the email address provided is not the root user email address for the provided account, the invitation creation fails.", + "title": "MemberEmailAddress", "type": "string" }, - "SourceSecurityGroupName": { - "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", - "title": "SourceSecurityGroupName", + "MemberId": { + "markdownDescription": "The AWS account identifier of the invited account", + "title": "MemberId", "type": "string" }, - "SourceSecurityGroupOwnerId": { - "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", - "title": "SourceSecurityGroupOwnerId", + "Message": { + "markdownDescription": "Customized text to include in the invitation email message.", + "title": "Message", "type": "string" - }, - "ToPort": { - "markdownDescription": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", - "title": "ToPort", - "type": "number" } }, "required": [ - "IpProtocol" + "GraphArn", + "MemberEmailAddress", + "MemberId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SecurityGroupIngress" + "AWS::Detective::MemberInvitation" ], "type": "string" }, @@ -76941,7 +85134,7 @@ ], "type": "object" }, - "AWS::EC2::SnapshotBlockPublicAccess": { + "AWS::Detective::OrganizationAdmin": { "additionalProperties": false, "properties": { "Condition": { @@ -76976,20 +85169,20 @@ "Properties": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The mode in which to enable block public access for snapshots for the Region. Specify one of the following values:\n\n- `block-all-sharing` - Prevents all public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. Additionally, snapshots that are already publicly shared are treated as private and they are no longer publicly available.\n\n> If you enable block public access for snapshots in `block-all-sharing` mode, it does not change the permissions for snapshots that are already publicly shared. Instead, it prevents these snapshots from be publicly visible and publicly accessible. Therefore, the attributes for these snapshots still indicate that they are publicly shared, even though they are not publicly available.\n- `block-new-sharing` - Prevents only new public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. However, snapshots that are already publicly shared, remain publicly available.", - "title": "State", + "AccountId": { + "markdownDescription": "The AWS account identifier of the account to designate as the Detective administrator account for the organization.", + "title": "AccountId", "type": "string" } }, "required": [ - "State" + "AccountId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SnapshotBlockPublicAccess" + "AWS::Detective::OrganizationAdmin" ], "type": "string" }, @@ -77008,7 +85201,64 @@ ], "type": "object" }, - "AWS::EC2::SpotFleet": { + "AWS::DevOpsGuru::LogAnomalyDetectionIntegration": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DevOpsGuru::LogAnomalyDetectionIntegration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::DevOpsGuru::NotificationChannel": { "additionalProperties": false, "properties": { "Condition": { @@ -77043,20 +85293,20 @@ "Properties": { "additionalProperties": false, "properties": { - "SpotFleetRequestConfigData": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetRequestConfigData", - "markdownDescription": "Describes the configuration of a Spot Fleet request.", - "title": "SpotFleetRequestConfigData" + "Config": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig", + "markdownDescription": "A `NotificationChannelConfig` object that contains information about configured notification channels.", + "title": "Config" } }, "required": [ - "SpotFleetRequestConfigData" + "Config" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SpotFleet" + "AWS::DevOpsGuru::NotificationChannel" ], "type": "string" }, @@ -77075,1116 +85325,626 @@ ], "type": "object" }, - "AWS::EC2::SpotFleet.AcceleratorCountRequest": { + "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", - "title": "Max", - "type": "number" + "Filters": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig", + "markdownDescription": "The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity.", + "title": "Filters" }, - "Min": { - "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "Sns": { + "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig", + "markdownDescription": "Information about a notification channel configured in DevOps Guru to send notifications when insights are created.\n\nIf you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) .\n\nIf you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS\u2013encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) .", + "title": "Sns" } }, "type": "object" }, - "AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest": { + "AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" + "MessageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created.", + "title": "MessageTypes", + "type": "array" }, - "Min": { - "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "Severities": { + "items": { + "type": "string" + }, + "markdownDescription": "The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) .", + "title": "Severities", + "type": "array" } }, "type": "object" }, - "AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest": { + "AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.", + "title": "TopicArn", + "type": "string" } }, "type": "object" }, - "AWS::EC2::SpotFleet.BlockDeviceMapping": { + "AWS::DevOpsGuru::ResourceCollection": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "DeviceName", + "Condition": { "type": "string" }, - "Ebs": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.EbsBlockDevice", - "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", - "title": "Ebs" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "NoDevice": { - "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", - "title": "NoDevice", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceCollectionFilter": { + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter", + "markdownDescription": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru.", + "title": "ResourceCollectionFilter" + } + }, + "required": [ + "ResourceCollectionFilter" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DevOpsGuru::ResourceCollection" + ], "type": "string" }, - "VirtualName": { - "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", - "title": "VirtualName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DeviceName" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::SpotFleet.ClassicLoadBalancer": { + "AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the load balancer.", - "title": "Name", - "type": "string" + "StackNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of CloudFormation stack names.", + "title": "StackNames", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::EC2::SpotFleet.ClassicLoadBalancersConfig": { + "AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter": { "additionalProperties": false, "properties": { - "ClassicLoadBalancers": { + "CloudFormation": { + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter", + "markdownDescription": "Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* .", + "title": "CloudFormation" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancer" + "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.TagCollection" }, - "markdownDescription": "One or more Classic Load Balancers.", - "title": "ClassicLoadBalancers", + "markdownDescription": "The AWS tags used to filter the resources in the resource collection.\n\nTags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper.\n\nEach AWS tag has two parts.\n\n- A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive.\n- A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified.\n\nTogether these are known as *key* - *value* pairs.\n\n> The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", + "title": "Tags", "type": "array" } }, - "required": [ - "ClassicLoadBalancers" - ], "type": "object" }, - "AWS::EC2::SpotFleet.EbsBlockDevice": { + "AWS::DevOpsGuru::ResourceCollection.TagCollection": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\nThis parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", - "title": "Iops", - "type": "number" - }, - "SnapshotId": { - "markdownDescription": "The ID of the snapshot.", - "title": "SnapshotId", + "AppBoundaryKey": { + "markdownDescription": "An AWS tag *key* that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this *key* make up your DevOps Guru application and analysis boundary.\n\n> When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", + "title": "AppBoundaryKey", "type": "string" }, - "VolumeSize": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", - "title": "VolumeType", - "type": "string" + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The values in an AWS tag collection.\n\nThe tag's *value* is a field used to associate a string with the tag *key* (for example, `111122223333` , `Production` , or a team name). The *key* and *value* are the tag's *key* pair. Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. You can specify a maximum of 256 characters for a tag value. The tag value is a required property when *AppBoundaryKey* is specified.", + "title": "TagValues", + "type": "array" } }, "type": "object" }, - "AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification": { + "AWS::DirectoryService::MicrosoftAD": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", - "title": "LaunchTemplateId", + "Condition": { "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", - "title": "LaunchTemplateName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", - "title": "Version", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CreateAlias": { + "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, AWS CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", + "title": "CreateAlias", + "type": "boolean" + }, + "Edition": { + "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", + "title": "Edition", + "type": "string" + }, + "EnableSso": { + "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", + "title": "EnableSso", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", + "title": "Name", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", + "title": "Password", + "type": "string" + }, + "ShortName": { + "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", + "title": "ShortName", + "type": "string" + }, + "VpcSettings": { + "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", + "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", + "title": "VpcSettings" + } + }, + "required": [ + "Name", + "Password", + "VpcSettings" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectoryService::MicrosoftAD" + ], "type": "string" - } - }, - "required": [ - "Version" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.GroupIdentifier": { - "additionalProperties": false, - "properties": { - "GroupId": { - "markdownDescription": "The ID of the security group.", - "title": "GroupId", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "GroupId" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::SpotFleet.IamInstanceProfileSpecification": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", - "title": "Arn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.InstanceIpv6Address": { + "AWS::DirectoryService::MicrosoftAD.VpcSettings": { "additionalProperties": false, "properties": { - "Ipv6Address": { - "markdownDescription": "The IPv6 address.", - "title": "Ipv6Address", + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The identifier of the VPC in which to create the directory.", + "title": "VpcId", "type": "string" } }, "required": [ - "Ipv6Address" + "SubnetIds", + "VpcId" ], "type": "object" }, - "AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification": { + "AWS::DirectoryService::SimpleAD": { "additionalProperties": false, "properties": { - "AssociatePublicIpAddress": { - "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "DeleteOnTermination": { - "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Description": { - "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Description", + "Condition": { "type": "string" }, - "DeviceIndex": { - "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you specify a network interface when launching an instance, you must specify the device index.", - "title": "DeviceIndex", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", - "title": "Groups", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Ipv6AddressCount": { - "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6AddressCount", - "type": "number" + "Metadata": { + "type": "object" }, - "Ipv6Addresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceIpv6Address" + "Properties": { + "additionalProperties": false, + "properties": { + "CreateAlias": { + "markdownDescription": "If set to `true` , specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, this property is set to `false` .\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", + "title": "CreateAlias", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description for the directory.", + "title": "Description", + "type": "string" + }, + "EnableSso": { + "markdownDescription": "Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", + "title": "EnableSso", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The fully qualified name for the directory, such as `corp.example.com` .", + "title": "Name", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the directory administrator. The directory creation process creates a directory administrator account with the user name `Administrator` and this password.\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", + "title": "Password", + "type": "string" + }, + "ShortName": { + "markdownDescription": "The NetBIOS name of the directory, such as `CORP` .", + "title": "ShortName", + "type": "string" + }, + "Size": { + "markdownDescription": "The size of the directory. For valid values, see [CreateDirectory](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html) in the *AWS Directory Service API Reference* .", + "title": "Size", + "type": "string" + }, + "VpcSettings": { + "$ref": "#/definitions/AWS::DirectoryService::SimpleAD.VpcSettings", + "markdownDescription": "A [DirectoryVpcSettings](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DirectoryVpcSettings.html) object that contains additional information for the operation.", + "title": "VpcSettings" + } }, - "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", - "title": "Ipv6Addresses", - "type": "array" + "required": [ + "Name", + "Size", + "VpcSettings" + ], + "type": "object" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.\n\nIf you are creating a Spot Fleet, omit this parameter because you can\u2019t specify a network interface ID in a launch specification.", - "title": "NetworkInterfaceId", + "Type": { + "enum": [ + "AWS::DirectoryService::SimpleAD" + ], "type": "string" }, - "PrivateIpAddresses": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.PrivateIpAddressSpecification" - }, - "markdownDescription": "The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request.", - "title": "PrivateIpAddresses", - "type": "array" - }, - "SecondaryPrivateIpAddressCount": { - "markdownDescription": "The number of secondary private IPv4 addresses. You can\u2019t specify this parameter and also specify a secondary private IP address using the `PrivateIpAddress` parameter.", - "title": "SecondaryPrivateIpAddressCount", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet associated with the network interface.", - "title": "SubnetId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EC2::SpotFleet.InstanceRequirementsRequest": { + "AWS::DirectoryService::SimpleAD.VpcSettings": { "additionalProperties": false, "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorCountRequest", - "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorCount" - }, - "AcceleratorManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", - "title": "AcceleratorManufacturers", - "type": "array" - }, - "AcceleratorNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", - "title": "AcceleratorNames", - "type": "array" - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", - "title": "AcceleratorTotalMemoryMiB" - }, - "AcceleratorTypes": { + "SubnetIds": { "items": { "type": "string" }, - "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", - "title": "AcceleratorTypes", + "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", + "title": "SubnetIds", "type": "array" }, - "AllowedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", - "title": "AllowedInstanceTypes", - "type": "array" + "VpcId": { + "markdownDescription": "The identifier of the VPC in which to create the directory.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "VpcId" + ], + "type": "object" + }, + "AWS::DocDB::DBCluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "BareMetal": { - "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BareMetal", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest", - "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "BaselineEbsBandwidthMbps" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "BurstablePerformance": { - "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", - "title": "BurstablePerformance", - "type": "string" + "Metadata": { + "type": "object" }, - "CpuManufacturers": { - "items": { - "type": "string" - }, - "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", - "title": "CpuManufacturers", - "type": "array" - }, - "ExcludedInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", - "title": "ExcludedInstanceTypes", - "type": "array" - }, - "InstanceGenerations": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", - "title": "InstanceGenerations", - "type": "array" - }, - "LocalStorage": { - "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", - "title": "LocalStorage", - "type": "string" - }, - "LocalStorageTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", - "title": "LocalStorageTypes", - "type": "array" - }, - "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", - "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "type": "number" - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest", - "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", - "title": "MemoryGiBPerVCpu" - }, - "MemoryMiB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryMiBRequest", - "markdownDescription": "The minimum and maximum amount of memory, in MiB.", - "title": "MemoryMiB" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest", - "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", - "title": "NetworkBandwidthGbps" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkInterfaceCountRequest", - "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", - "title": "NetworkInterfaceCount" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", - "title": "OnDemandMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "RequireHibernateSupport": { - "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", - "title": "RequireHibernateSupport", - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", - "title": "SpotMaxPricePercentageOverLowestPrice", - "type": "number" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TotalLocalStorageGBRequest", - "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", - "title": "TotalLocalStorageGB" - }, - "VCpuCount": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.VCpuCountRangeRequest", - "markdownDescription": "The minimum and maximum number of vCPUs.", - "title": "VCpuCount" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.LaunchTemplateConfig": { - "additionalProperties": false, - "properties": { - "LaunchTemplateSpecification": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification", - "markdownDescription": "The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet.", - "title": "LaunchTemplateSpecification" - }, - "Overrides": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateOverrides" - }, - "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.", - "title": "Overrides", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.LaunchTemplateOverrides": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which to launch the instances.", - "title": "AvailabilityZone", - "type": "string" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", - "markdownDescription": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type.", - "title": "InstanceType", - "type": "string" - }, - "Priority": { - "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", - "title": "Priority", - "type": "number" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in which to launch the instances.", - "title": "SubnetId", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.LoadBalancersConfig": { - "additionalProperties": false, - "properties": { - "ClassicLoadBalancersConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancersConfig", - "markdownDescription": "The Classic Load Balancers.", - "title": "ClassicLoadBalancersConfig" - }, - "TargetGroupsConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroupsConfig", - "markdownDescription": "The target groups.", - "title": "TargetGroupsConfig" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.MemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.NetworkInterfaceCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.PrivateIpAddressSpecification": { - "additionalProperties": false, - "properties": { - "Primary": { - "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", - "title": "Primary", - "type": "boolean" - }, - "PrivateIpAddress": { - "markdownDescription": "The private IPv4 address.", - "title": "PrivateIpAddress", - "type": "string" - } - }, - "required": [ - "PrivateIpAddress" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotCapacityRebalance": { - "additionalProperties": false, - "properties": { - "ReplacementStrategy": { - "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", - "title": "ReplacementStrategy", - "type": "string" - }, - "TerminationDelay": { - "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", - "title": "TerminationDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetLaunchSpecification": { - "additionalProperties": false, - "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.BlockDeviceMapping" - }, - "markdownDescription": "One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.\n\nDefault: `false`", - "title": "EbsOptimized", - "type": "boolean" - }, - "IamInstanceProfile": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.IamInstanceProfileSpecification", - "markdownDescription": "The IAM instance profile.", - "title": "IamInstanceProfile" - }, - "ImageId": { - "markdownDescription": "The ID of the AMI.", - "title": "ImageId", - "type": "string" - }, - "InstanceRequirements": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", - "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", - "title": "InstanceRequirements" - }, - "InstanceType": { - "markdownDescription": "The instance type.", - "title": "InstanceType", - "type": "string" - }, - "KernelId": { - "markdownDescription": "The ID of the kernel.", - "title": "KernelId", - "type": "string" - }, - "KeyName": { - "markdownDescription": "The name of the key pair.", - "title": "KeyName", - "type": "string" - }, - "Monitoring": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetMonitoring", - "markdownDescription": "Enable or disable monitoring for the instances.", - "title": "Monitoring" - }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification" - }, - "markdownDescription": "The network interfaces.", - "title": "NetworkInterfaces", - "type": "array" - }, - "Placement": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotPlacement", - "markdownDescription": "The placement information.", - "title": "Placement" - }, - "RamdiskId": { - "markdownDescription": "The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.", - "title": "RamdiskId", - "type": "string" - }, - "SecurityGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.GroupIdentifier" - }, - "markdownDescription": "The security groups.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", - "title": "SecurityGroups", - "type": "array" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", - "title": "SubnetId", - "type": "string" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" - }, - "markdownDescription": "The tags to apply during creation.", - "title": "TagSpecifications", - "type": "array" - }, - "UserData": { - "markdownDescription": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.", - "title": "UserData", - "type": "string" - }, - "WeightedCapacity": { - "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "required": [ - "ImageId" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetMonitoring": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Enables monitoring for the instance.\n\nDefault: `false`", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetRequestConfigData": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* .\n\n- **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.\n- **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity.\n- **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify.\n- **lowestPrice (not recommended)** - > We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. \n\nSpot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates.\n\nDefault: `lowestPrice`", - "title": "AllocationStrategy", - "type": "string" - }, - "Context": { - "markdownDescription": "Reserved.", - "title": "Context", - "type": "string" - }, - "ExcessCapacityTerminationPolicy": { - "markdownDescription": "Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.\n\nSupported only for fleets of type `maintain` .", - "title": "ExcessCapacityTerminationPolicy", - "type": "string" - }, - "IamFleetRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` .", - "title": "IamFleetRole", - "type": "string" - }, - "InstanceInterruptionBehavior": { - "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", - "title": "InstanceInterruptionBehavior", - "type": "string" - }, - "InstancePoolsToUseCount": { - "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", - "title": "InstancePoolsToUseCount", - "type": "number" - }, - "LaunchSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetLaunchSpecification" - }, - "markdownDescription": "The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` .", - "title": "LaunchSpecifications", - "type": "array" - }, - "LaunchTemplateConfigs": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateConfig" - }, - "markdownDescription": "The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` .", - "title": "LaunchTemplateConfigs", - "type": "array" - }, - "LoadBalancersConfig": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.LoadBalancersConfig", - "markdownDescription": "One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.\n\nWith Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.", - "title": "LoadBalancersConfig" - }, - "OnDemandAllocationStrategy": { - "markdownDescription": "The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` .", - "title": "OnDemandAllocationStrategy", - "type": "string" - }, - "OnDemandMaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "OnDemandMaxTotalPrice", - "type": "string" - }, - "OnDemandTargetCapacity": { - "markdownDescription": "The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", - "title": "OnDemandTargetCapacity", - "type": "number" - }, - "ReplaceUnhealthyInstances": { - "markdownDescription": "Indicates whether Spot Fleet should replace unhealthy instances.", - "title": "ReplaceUnhealthyInstances", - "type": "boolean" - }, - "SpotMaintenanceStrategies": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotMaintenanceStrategies", - "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", - "title": "SpotMaintenanceStrategies" - }, - "SpotMaxTotalPrice": { - "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", - "title": "SpotMaxTotalPrice", - "type": "string" - }, - "SpotPrice": { - "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", - "title": "SpotPrice", - "type": "string" - }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" - }, - "markdownDescription": "The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .", - "title": "TagSpecifications", - "type": "array" - }, - "TargetCapacity": { - "markdownDescription": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", - "title": "TargetCapacity", - "type": "number" - }, - "TargetCapacityUnitType": { - "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection.\n\nDefault: `units` (the number of instances)", - "title": "TargetCapacityUnitType", - "type": "string" - }, - "TerminateInstancesWithExpiration": { - "markdownDescription": "Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.", - "title": "TerminateInstancesWithExpiration", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet.", - "title": "Type", - "type": "string" - }, - "ValidFrom": { - "markdownDescription": "The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately.", - "title": "ValidFrom", - "type": "string" - }, - "ValidUntil": { - "markdownDescription": "The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.", - "title": "ValidUntil", - "type": "string" - } - }, - "required": [ - "IamFleetRole", - "TargetCapacity" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotFleetTagSpecification": { - "additionalProperties": false, - "properties": { - "ResourceType": { - "markdownDescription": "The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` .", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotMaintenanceStrategies": { - "additionalProperties": false, - "properties": { - "CapacityRebalance": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotCapacityRebalance", - "markdownDescription": "The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* .", - "title": "CapacityRebalance" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.SpotPlacement": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.\n\nTo specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\".", - "title": "AvailabilityZone", - "type": "string" - }, - "GroupName": { - "markdownDescription": "The name of the placement group.", - "title": "GroupName", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances.", - "title": "Tenancy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.TargetGroup": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "Arn", - "type": "string" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.TargetGroupsConfig": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroup" - }, - "markdownDescription": "One or more target groups.", - "title": "TargetGroups", - "type": "array" - } - }, - "required": [ - "TargetGroups" - ], - "type": "object" - }, - "AWS::EC2::SpotFleet.TotalLocalStorageGBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::SpotFleet.VCpuCountRangeRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EC2::Subnet": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.", + "title": "AvailabilityZones", + "type": "array" + }, + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained. You must specify a minimum value of 1.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35.", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "Set to `true` to copy all tags from the source cluster snapshot to the target cluster snapshot, and otherwise `false` . The default is `false` .", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "The cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster`", + "title": "DBClusterIdentifier", "type": "string" }, - { + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the cluster parameter group to associate with this cluster.", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A subnet group to associate with this cluster.\n\nConstraints: Must match the name of an existing `DBSubnetGroup` . Must not be default.\n\nExample: `mySubnetgroup`", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DeletionProtection": { + "markdownDescription": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "EnableCloudwatchLogsExports": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", + "title": "EnableCloudwatchLogsExports", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssignIpv6AddressOnCreation": { - "markdownDescription": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is `false` .\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", - "title": "AssignIpv6AddressOnCreation", - "type": "boolean" }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the subnet.\n\nIf you update this property, you must also update the `CidrBlock` property.", - "title": "AvailabilityZone", + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.\n\nIf you intend to trigger an in-place upgrade, please refer to [Amazon DocumentDB in-place major version upgrade](https://docs.aws.amazon.com/documentdb/latest/developerguide/docdb-mvu.html) . Note that for an in-place engine version upgrade, you need to remove other cluster properties changes (e.g. SecurityGroupId) from the CFN template.", + "title": "EngineVersion", "type": "string" }, - "AvailabilityZoneId": { - "markdownDescription": "The AZ ID of the subnet.", - "title": "AvailabilityZoneId", + "GlobalClusterIdentifier": { + "markdownDescription": "The cluster identifier of the new global cluster.", + "title": "GlobalClusterIdentifier", "type": "string" }, - "CidrBlock": { - "markdownDescription": "The IPv4 CIDR block assigned to the subnet.\n\nIf you update this property, we create a new subnet, and then delete the existing one.", - "title": "CidrBlock", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", + "title": "KmsKeyId", "type": "string" }, - "EnableDns64": { - "markdownDescription": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.\n\n> You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a `0.0.0.0/0` route pointing to the internet gateway. For more information, see [Configure DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "EnableDns64", + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with Amazon Web Services Secrets Manager.\n\nConstraint: You can't manage the master user password with Amazon Web Services Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", "type": "boolean" }, - "EnableLniAtDeviceIndex": { - "markdownDescription": "Indicates the device position for local network interfaces in this subnet. For example, `1` indicates local network interfaces in this subnet are the secondary network interface (eth1).", - "title": "EnableLniAtDeviceIndex", - "type": "number" + "MasterUserPassword": { + "markdownDescription": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", + "title": "MasterUserPassword", + "type": "string" }, - "Ipv4IpamPoolId": { - "markdownDescription": "An IPv4 IPAM pool ID for the subnet.", - "title": "Ipv4IpamPoolId", + "MasterUserSecretKmsKeyId": { + "markdownDescription": "The Amazon Web Services KMS key identifier to encrypt a secret that is automatically generated and managed in Amazon Web Services Secrets Manager. This setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the DB cluster.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.\n\nIf you don't specify `MasterUserSecretKmsKeyId` , then the `aws/secretsmanager` KMS key is used to encrypt the secret. If the secret is in a different Amazon Web Services account, then you can't use the `aws/secretsmanager` KMS key to encrypt the secret, and you must use a customer managed KMS key.\n\nThere is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.", + "title": "MasterUserSecretKmsKeyId", "type": "string" }, - "Ipv4NetmaskLength": { - "markdownDescription": "An IPv4 netmask length for the subnet.", - "title": "Ipv4NetmaskLength", + "MasterUsername": { + "markdownDescription": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", + "title": "MasterUsername", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "", + "title": "NetworkType", + "type": "string" + }, + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", "type": "number" }, - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 CIDR block.\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", - "title": "Ipv6CidrBlock", + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", + "title": "PreferredBackupWindow", "type": "string" }, - "Ipv6CidrBlocks": { - "items": { - "type": "string" - }, - "type": "array" + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" }, - "Ipv6IpamPoolId": { - "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", - "title": "Ipv6IpamPoolId", + "RestoreToTime": { + "markdownDescription": "The date and time to restore the cluster to.\n\nValid values: A time in Universal Coordinated Time (UTC) format.\n\nConstraints:\n\n- Must be before the latest restorable time for the instance.\n- Must be specified if the `UseLatestRestorableTime` parameter is not provided.\n- Cannot be specified if the `UseLatestRestorableTime` parameter is `true` .\n- Cannot be specified if the `RestoreType` parameter is `copy-on-write` .\n\nExample: `2015-03-07T23:45:00Z`", + "title": "RestoreToTime", "type": "string" }, - "Ipv6Native": { - "markdownDescription": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "Ipv6Native", + "RestoreType": { + "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nConstraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.", + "title": "RestoreType", + "type": "string" + }, + "RotateMasterUserPassword": { + "markdownDescription": "Specifies whether to rotate the secret managed by Amazon Web Services Secrets Manager for the master user password.\n\nThis setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the cluster. The secret value contains the updated password.\n\nConstraint: You must apply the change immediately when rotating the master user password.", + "title": "RotateMasterUserPassword", "type": "boolean" }, - "Ipv6NetmaskLength": { - "markdownDescription": "An IPv6 netmask length for the subnet.", - "title": "Ipv6NetmaskLength", - "type": "number" + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/AWS::DocDB::DBCluster.ServerlessV2ScalingConfiguration", + "markdownDescription": "", + "title": "ServerlessV2ScalingConfiguration" }, - "MapPublicIpOnLaunch": { - "markdownDescription": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is `false` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", - "title": "MapPublicIpOnLaunch", - "type": "boolean" + "SnapshotIdentifier": { + "markdownDescription": "The identifier for the snapshot or cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.\n\nConstraints:\n\n- Must match the identifier of an existing snapshot.", + "title": "SnapshotIdentifier", + "type": "string" }, - "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", - "title": "OutpostArn", + "SourceDBClusterIdentifier": { + "markdownDescription": "The identifier of the source cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing `DBCluster` .", + "title": "SourceDBClusterIdentifier", "type": "string" }, - "PrivateDnsNameOptionsOnLaunch": { - "$ref": "#/definitions/AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch", - "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nAvailable options:\n\n- EnableResourceNameDnsAAAARecord (true | false)\n- EnableResourceNameDnsARecord (true | false)\n- HostnameType (ip-name | resource-name)", - "title": "PrivateDnsNameOptionsOnLaunch" + "StorageEncrypted": { + "markdownDescription": "Specifies whether the cluster is encrypted.\n\nIf you specify `SourceDBClusterIdentifier` or `SnapshotIdentifier` and don\u2019t specify `StorageEncrypted` , the encryption property is inherited from the source cluster or snapshot (unless `KMSKeyId` is specified, in which case the restored cluster will be encrypted with that KMS key). If the source is encrypted and `StorageEncrypted` is specified to be true, the restored cluster will be encrypted (if you want to use a different KMS key, specify the `KMSKeyId` property as well). If the source is unencrypted and `StorageEncrypted` is specified to be true, then the `KMSKeyId` property must be specified. If the source is encrypted, don\u2019t specify `StorageEncrypted` to be false as opting out of encryption is not allowed.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Amazon DocumentDB clusters, see Cluster storage configurations in the *Amazon DocumentDB Developer Guide* .\n\nValid values for storage type - `standard | iopt1`\n\nDefault value is `standard`\n\n> When you create a DocumentDB DB cluster with the storage type set to `iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `standard` .", + "title": "StorageType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the subnet.", + "markdownDescription": "The tags to be assigned to the cluster.", "title": "Tags", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC the subnet is in.\n\nIf you update this property, you must also update the `CidrBlock` property.", - "title": "VpcId", - "type": "string" + "UseLatestRestorableTime": { + "markdownDescription": "A value that is set to `true` to restore the cluster to the latest restorable backup time, and `false` otherwise.\n\nDefault: `false`\n\nConstraints: Cannot be specified if the `RestoreToTime` parameter is provided.", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with this cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, - "required": [ - "VpcId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::Subnet" + "AWS::DocDB::DBCluster" ], "type": "string" }, @@ -78198,33 +85958,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch": { + "AWS::DocDB::DBCluster.ServerlessV2ScalingConfiguration": { "additionalProperties": false, "properties": { - "EnableResourceNameDnsAAAARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.", - "title": "EnableResourceNameDnsAAAARecord", - "type": "boolean" - }, - "EnableResourceNameDnsARecord": { - "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", - "title": "EnableResourceNameDnsARecord", - "type": "boolean" + "MaxCapacity": { + "markdownDescription": "", + "title": "MaxCapacity", + "type": "number" }, - "HostnameType": { - "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.", - "title": "HostnameType", - "type": "string" + "MinCapacity": { + "markdownDescription": "", + "title": "MinCapacity", + "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::EC2::SubnetCidrBlock": { + "AWS::DocDB::DBClusterParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -78259,35 +86017,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Ipv6CidrBlock": { - "markdownDescription": "The IPv6 network range for the subnet, in CIDR notation.", - "title": "Ipv6CidrBlock", + "Description": { + "markdownDescription": "The description for the cluster parameter group.", + "title": "Description", "type": "string" }, - "Ipv6IpamPoolId": { - "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", - "title": "Ipv6IpamPoolId", + "Family": { + "markdownDescription": "The cluster parameter group family name.", + "title": "Family", "type": "string" }, - "Ipv6NetmaskLength": { - "markdownDescription": "An IPv6 netmask length for the subnet.", - "title": "Ipv6NetmaskLength", - "type": "number" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "Name": { + "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing `DBClusterParameterGroup` .\n\n> This value is stored as a lowercase string.", + "title": "Name", "type": "string" + }, + "Parameters": { + "markdownDescription": "Provides a list of parameters for the cluster parameter group.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the cluster parameter group.", + "title": "Tags", + "type": "array" } }, "required": [ - "SubnetId" + "Description", + "Family", + "Parameters" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetCidrBlock" + "AWS::DocDB::DBClusterParameterGroup" ], "type": "string" }, @@ -78306,7 +86074,7 @@ ], "type": "object" }, - "AWS::EC2::SubnetNetworkAclAssociation": { + "AWS::DocDB::DBInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -78341,26 +86109,69 @@ "Properties": { "additionalProperties": false, "properties": { - "NetworkAclId": { - "markdownDescription": "The ID of the network ACL.", - "title": "NetworkAclId", + "AutoMinorVersionUpgrade": { + "markdownDescription": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set.\n\nDefault: `false`", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The Amazon EC2 Availability Zone that the instance is created in.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nExample: `us-east-1d`", + "title": "AvailabilityZone", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "CACertificateIdentifier": { + "markdownDescription": "The identifier of the CA certificate for this DB instance.", + "title": "CACertificateIdentifier", + "type": "string" + }, + "CertificateRotationRestart": { + "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, see [Updating Your Amazon DocumentDB TLS Certificates](https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html) and [Encrypting Data in Transit](https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html) in the *Amazon DocumentDB Developer Guide* .", + "title": "CertificateRotationRestart", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "The identifier of the cluster that the instance will belong to.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBInstanceClass": { + "markdownDescription": "The compute and memory capacity of the instance; for example, `db.m4.large` . If you change the class of an instance there can be some interruption in the cluster's service.", + "title": "DBInstanceClass", + "type": "string" + }, + "DBInstanceIdentifier": { + "markdownDescription": "The instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `mydbinstance`", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "EnablePerformanceInsights": { + "markdownDescription": "A value that indicates whether to enable Performance Insights for the DB Instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) .", + "title": "EnablePerformanceInsights", + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the instance. You can assign up to 10 tags to an instance.", + "title": "Tags", + "type": "array" } }, "required": [ - "NetworkAclId", - "SubnetId" + "DBClusterIdentifier", + "DBInstanceClass" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetNetworkAclAssociation" + "AWS::DocDB::DBInstance" ], "type": "string" }, @@ -78379,7 +86190,7 @@ ], "type": "object" }, - "AWS::EC2::SubnetRouteTableAssociation": { + "AWS::DocDB::DBSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -78414,26 +86225,42 @@ "Properties": { "additionalProperties": false, "properties": { - "RouteTableId": { - "markdownDescription": "The ID of the route table.\n\nThe physical ID changes when the route table ID is changed.", - "title": "RouteTableId", + "DBSubnetGroupDescription": { + "markdownDescription": "The description for the subnet group.", + "title": "DBSubnetGroupDescription", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", + "DBSubnetGroupName": { + "markdownDescription": "The name for the subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens. Must not be default.\n\nExample: `mySubnetgroup`", + "title": "DBSubnetGroupName", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the subnet group.", + "title": "Tags", + "type": "array" } }, "required": [ - "RouteTableId", - "SubnetId" + "DBSubnetGroupDescription", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::SubnetRouteTableAssociation" + "AWS::DocDB::DBSubnetGroup" ], "type": "string" }, @@ -78452,7 +86279,7 @@ ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilter": { + "AWS::DocDB::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -78487,33 +86314,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror filter.", - "title": "Description", - "type": "string" - }, - "NetworkServices": { - "items": { + "Enabled": { + "markdownDescription": "A Boolean value; set to `true` to activate the subscription, set to `false` to create the subscription but not active it.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { "type": "string" }, - "markdownDescription": "The network service traffic that is associated with the Traffic Mirror filter.\n\nValid values are `amazon-dns` .", - "title": "NetworkServices", + "markdownDescription": "A list of event categories for a `SourceType` that you want to subscribe to.", + "title": "EventCategories", "type": "array" }, - "Tags": { + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. Amazon SNS creates the ARN when you create a topic and subscribe to it.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags to assign to a Traffic Mirror filter.", - "title": "Tags", + "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are provided, `SourceType` must also be provided.\n- If the source type is an instance, a `DBInstanceIdentifier` must be provided.\n- If the source type is a security group, a `DBSecurityGroupName` must be provided.\n- If the source type is a parameter group, a `DBParameterGroupName` must be provided.\n- If the source type is a snapshot, a `DBSnapshotIdentifier` must be provided.", + "title": "SourceIds", "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by an instance, you would set this parameter to `db-instance` . If this value is not specified, all events are returned.\n\nValid values: `db-instance` , `db-cluster` , `db-parameter-group` , `db-security-group` , `db-cluster-snapshot`", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be fewer than 255 characters.", + "title": "SubscriptionName", + "type": "string" } }, + "required": [ + "SnsTopicArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorFilter" + "AWS::DocDB::EventSubscription" ], "type": "string" }, @@ -78527,11 +86372,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilterRule": { + "AWS::DocDBElastic::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -78566,70 +86412,98 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror rule.", - "title": "Description", + "AdminUserName": { + "markdownDescription": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word.", + "title": "AdminUserName", "type": "string" }, - "DestinationCidrBlock": { - "markdownDescription": "The destination CIDR block to assign to the Traffic Mirror rule.", - "title": "DestinationCidrBlock", + "AdminUserPassword": { + "markdownDescription": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required.", + "title": "AdminUserPassword", "type": "string" }, - "DestinationPortRange": { - "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", - "markdownDescription": "The destination port range.", - "title": "DestinationPortRange" - }, - "Protocol": { - "markdownDescription": "The protocol, for example UDP, to assign to the Traffic Mirror rule.\n\nFor information about the protocol value, see [Protocol Numbers](https://docs.aws.amazon.com/https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.", - "title": "Protocol", - "type": "number" - }, - "RuleAction": { - "markdownDescription": "The action to take on the filtered traffic.", - "title": "RuleAction", + "AuthType": { + "markdownDescription": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` .", + "title": "AuthType", "type": "string" }, - "RuleNumber": { - "markdownDescription": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.", - "title": "RuleNumber", + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automatic snapshots are retained.", + "title": "BackupRetentionPeriod", "type": "number" }, - "SourceCidrBlock": { - "markdownDescription": "The source CIDR block to assign to the Traffic Mirror rule.", - "title": "SourceCidrBlock", + "ClusterName": { + "markdownDescription": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`", + "title": "ClusterName", "type": "string" }, - "SourcePortRange": { - "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", - "markdownDescription": "The source port range.", - "title": "SourcePortRange" + "KmsKeyId": { + "markdownDescription": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region.", + "title": "KmsKeyId", + "type": "string" }, - "TrafficDirection": { - "markdownDescription": "The type of traffic.", - "title": "TrafficDirection", + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` .", + "title": "PreferredBackupWindow", "type": "string" }, - "TrafficMirrorFilterId": { - "markdownDescription": "The ID of the filter that this rule is associated with.", - "title": "TrafficMirrorFilterId", + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", "type": "string" + }, + "ShardCapacity": { + "markdownDescription": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64.", + "title": "ShardCapacity", + "type": "number" + }, + "ShardCount": { + "markdownDescription": "The number of shards assigned to the elastic cluster. Maximum is 32.", + "title": "ShardCount", + "type": "number" + }, + "ShardInstanceCount": { + "markdownDescription": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability.", + "title": "ShardInstanceCount", + "type": "number" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the new elastic cluster.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to be assigned to the new elastic cluster.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with the new elastic cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" } }, "required": [ - "DestinationCidrBlock", - "RuleAction", - "RuleNumber", - "SourceCidrBlock", - "TrafficDirection", - "TrafficMirrorFilterId" + "AdminUserName", + "AuthType", + "ClusterName", + "ShardCapacity", + "ShardCount" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorFilterRule" + "AWS::DocDBElastic::Cluster" ], "type": "string" }, @@ -78648,27 +86522,7 @@ ], "type": "object" }, - "AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange": { - "additionalProperties": false, - "properties": { - "FromPort": { - "markdownDescription": "The start of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", - "title": "FromPort", - "type": "number" - }, - "ToPort": { - "markdownDescription": "The end of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", - "title": "ToPort", - "type": "number" - } - }, - "required": [ - "FromPort", - "ToPort" - ], - "type": "object" - }, - "AWS::EC2::TrafficMirrorSession": { + "AWS::DynamoDB::GlobalTable": { "additionalProperties": false, "properties": { "Condition": { @@ -78703,61 +86557,110 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror session.", - "title": "Description", - "type": "string" + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.AttributeDefinition" + }, + "markdownDescription": "A list of attributes that describe the key schema for the global table and indexes.", + "title": "AttributeDefinitions", + "type": "array" }, - "NetworkInterfaceId": { - "markdownDescription": "The ID of the source network interface.", - "title": "NetworkInterfaceId", + "BillingMode": { + "markdownDescription": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` .", + "title": "BillingMode", "type": "string" }, - "PacketLength": { - "markdownDescription": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", - "title": "PacketLength", - "type": "number" + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex" + }, + "markdownDescription": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually.", + "title": "GlobalSecondaryIndexes", + "type": "array" }, - "SessionNumber": { - "markdownDescription": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", - "title": "SessionNumber", - "type": "number" + "GlobalTableWitnesses": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalTableWitness" + }, + "markdownDescription": "The list of witnesses of the MRSC global table. Only one witness Region can be configured per MRSC global table.", + "title": "GlobalTableWitnesses", + "type": "array" }, - "Tags": { + "KeySchema": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" }, - "markdownDescription": "The tags to assign to a Traffic Mirror session.", - "title": "Tags", + "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", + "title": "KeySchema", "type": "array" }, - "TrafficMirrorFilterId": { - "markdownDescription": "The ID of the Traffic Mirror filter.", - "title": "TrafficMirrorFilterId", + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.LocalSecondaryIndex" + }, + "markdownDescription": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", + "title": "LocalSecondaryIndexes", + "type": "array" + }, + "MultiRegionConsistency": { + "markdownDescription": "Specifies the consistency mode for a new global table.\n\nYou can specify one of the following consistency modes:\n\n- `EVENTUAL` : Configures a new global table for multi-Region eventual consistency (MREC).\n- `STRONG` : Configures a new global table for multi-Region strong consistency (MRSC).\n\nIf you don't specify this field, the global table consistency mode defaults to `EVENTUAL` . For more information about global tables consistency modes, see [Consistency modes](https://docs.aws.amazon.com/V2globaltables_HowItWorks.html#V2globaltables_HowItWorks.consistency-modes) in DynamoDB developer guide.", + "title": "MultiRegionConsistency", "type": "string" }, - "TrafficMirrorTargetId": { - "markdownDescription": "The ID of the Traffic Mirror target.", - "title": "TrafficMirrorTargetId", + "Replicas": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSpecification" + }, + "markdownDescription": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update. For Multi-Region Strong Consistency (MRSC), you can add or remove up to 3 replicas, or 2 replicas plus a witness Region.", + "title": "Replicas", + "type": "array" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.SSESpecification", + "markdownDescription": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property.", + "title": "SSESpecification" + }, + "StreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.StreamSpecification", + "markdownDescription": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica. For Multi-Region Strong Consistency (MRSC), you do not need to provide a value for this property and can change the settings at any time.", + "title": "StreamSpecification" + }, + "TableName": { + "markdownDescription": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TableName", "type": "string" }, - "VirtualNetworkId": { - "markdownDescription": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see [RFC 7348](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc7348) . If you do not specify a `VirtualNetworkId` , an account-wide unique ID is chosen at random.", - "title": "VirtualNetworkId", - "type": "number" + "TimeToLiveSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TimeToLiveSpecification", + "markdownDescription": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas.", + "title": "TimeToLiveSpecification" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WarmThroughput", + "markdownDescription": "Provides visibility into the number of read and write operations your table or secondary index can instantaneously support. The settings can be modified using the `UpdateTable` operation to meet the throughput requirements of an upcoming peak event.", + "title": "WarmThroughput" + }, + "WriteOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings", + "markdownDescription": "Sets the write request settings for a global table or a global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "WriteOnDemandThroughputSettings" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", + "markdownDescription": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` .", + "title": "WriteProvisionedThroughputSettings" } }, "required": [ - "NetworkInterfaceId", - "SessionNumber", - "TrafficMirrorFilterId", - "TrafficMirrorTargetId" + "AttributeDefinitions", + "KeySchema", + "Replicas" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TrafficMirrorSession" + "AWS::DynamoDB::GlobalTable" ], "type": "string" }, @@ -78776,430 +86679,527 @@ ], "type": "object" }, - "AWS::EC2::TrafficMirrorTarget": { + "AWS::DynamoDB::GlobalTable.AttributeDefinition": { "additionalProperties": false, "properties": { - "Condition": { + "AttributeName": { + "markdownDescription": "A name for the attribute.", + "title": "AttributeName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttributeType": { + "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", + "title": "AttributeType", "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum provisioned capacity units for the global table.", + "title": "MaxCapacity", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the Traffic Mirror target.", - "title": "Description", - "type": "string" - }, - "GatewayLoadBalancerEndpointId": { - "markdownDescription": "The ID of the Gateway Load Balancer endpoint.", - "title": "GatewayLoadBalancerEndpointId", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface ID that is associated with the target.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "NetworkLoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.", - "title": "NetworkLoadBalancerArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the Traffic Mirror target.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "MinCapacity": { + "markdownDescription": "The minimum provisioned capacity units for the global table.", + "title": "MinCapacity", + "type": "number" }, - "Type": { - "enum": [ - "AWS::EC2::TrafficMirrorTarget" - ], - "type": "string" + "SeedCapacity": { + "markdownDescription": "When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent.\n\nIf you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10.\n\nYou must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` .", + "title": "SeedCapacity", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration", + "markdownDescription": "Defines a target tracking scaling policy.", + "title": "TargetTrackingScalingPolicyConfiguration" } }, "required": [ - "Type" + "MaxCapacity", + "MinCapacity", + "TargetTrackingScalingPolicyConfiguration" ], "type": "object" }, - "AWS::EC2::TransitGateway": { + "AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "Enabled": { + "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" + }, + "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" }, - "Metadata": { - "type": "object" + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WarmThroughput", + "markdownDescription": "Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify `ReadUnitsPerSecond` , `WriteUnitsPerSecond` , or both.", + "title": "WarmThroughput" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AmazonSideAsn": { - "markdownDescription": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512.", - "title": "AmazonSideAsn", - "type": "number" - }, - "AssociationDefaultRouteTableId": { - "markdownDescription": "The ID of the default association route table.", - "title": "AssociationDefaultRouteTableId", - "type": "string" - }, - "AutoAcceptSharedAttachments": { - "markdownDescription": "Enable or disable automatic acceptance of attachment requests. Disabled by default.", - "title": "AutoAcceptSharedAttachments", - "type": "string" - }, - "DefaultRouteTableAssociation": { - "markdownDescription": "Enable or disable automatic association with the default association route table. Enabled by default. If `DefaultRouteTableAssociation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", - "title": "DefaultRouteTableAssociation", - "type": "string" - }, - "DefaultRouteTablePropagation": { - "markdownDescription": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default. If `DefaultRouteTablePropagation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", - "title": "DefaultRouteTablePropagation", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the transit gateway.", - "title": "Description", - "type": "string" - }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. Enabled by default.", - "title": "DnsSupport", - "type": "string" - }, - "MulticastSupport": { - "markdownDescription": "Indicates whether multicast is enabled on the transit gateway", - "title": "MulticastSupport", - "type": "string" - }, - "PropagationDefaultRouteTableId": { - "markdownDescription": "The ID of the default propagation route table.", - "title": "PropagationDefaultRouteTableId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the transit gateway.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The transit gateway CIDR blocks.", - "title": "TransitGatewayCidrBlocks", - "type": "array" - }, - "VpnEcmpSupport": { - "markdownDescription": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default.", - "title": "VpnEcmpSupport", - "type": "string" - } - }, - "type": "object" + "WriteOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings", + "markdownDescription": "Sets the write request settings for a global table or a global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "WriteOnDemandThroughputSettings" }, - "Type": { - "enum": [ - "AWS::EC2::TransitGateway" - ], + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", + "markdownDescription": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index.", + "title": "WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.GlobalTableWitness": { + "additionalProperties": false, + "properties": { + "Region": { + "markdownDescription": "The name of the AWS Region that serves as a witness for the MRSC global table.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of a key attribute.", + "title": "AttributeName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KeyType": { + "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeyType", "type": "string" } }, "required": [ - "Type" + "AttributeName", + "KeyType" ], "type": "object" }, - "AWS::EC2::TransitGatewayAttachment": { + "AWS::DynamoDB::GlobalTable.KinesisStreamSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "ApproximateCreationDateTimePrecision": { + "markdownDescription": "The precision for the time and date that the stream was created.", + "title": "ApproximateCreationDateTimePrecision", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamArn": { + "markdownDescription": "The ARN for a specific Kinesis data stream.", + "title": "StreamArn", + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" + }, + "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "Metadata": { - "type": "object" + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayAttachment.Options", - "markdownDescription": "The VPC attachment options.", - "title": "Options" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the attachment.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" - } + "RecoveryPeriodInDays": { + "markdownDescription": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35.", + "title": "RecoveryPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" }, - "required": [ - "SubnetIds", - "TransitGatewayId", - "VpcId" - ], - "type": "object" + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", + "title": "NonKeyAttributes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayAttachment" - ], + "ProjectionType": { + "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", + "title": "ProjectionType", "type": "string" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings": { + "additionalProperties": false, + "properties": { + "MaxReadRequestUnits": { + "markdownDescription": "Maximum number of read request units for the specified replica of a global table.", + "title": "MaxReadRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", + "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", + "title": "ReadCapacityAutoScalingSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ReadCapacityUnits": { + "markdownDescription": "Specifies a fixed read capacity for the replica table or global secondary index.", + "title": "ReadCapacityUnits", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::TransitGatewayAttachment.Options": { + "AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification": { "additionalProperties": false, "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", - "title": "ApplianceModeSupport", - "type": "string" + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", + "markdownDescription": "Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table\u2019s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table.", + "title": "ContributorInsightsSpecification" }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. The default is `disable` .", - "title": "DnsSupport", + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "Ipv6Support": { - "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", - "title": "Ipv6Support", - "type": "string" + "ReadOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings", + "markdownDescription": "Sets the read request settings for a replica global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` .", + "title": "ReadOnDemandThroughputSettings" }, - "SecurityGroupReferencingSupport": { - "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", - "title": "SecurityGroupReferencingSupport", - "type": "string" + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", + "markdownDescription": "Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` .", + "title": "ReadProvisionedThroughputSettings" } }, + "required": [ + "IndexName" + ], "type": "object" }, - "AWS::EC2::TransitGatewayConnect": { + "AWS::DynamoDB::GlobalTable.ReplicaSSESpecification": { "additionalProperties": false, "properties": { - "Condition": { + "KMSMasterKeyId": { + "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", + "title": "KMSMasterKeyId", "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica.", + "title": "ContributorInsightsSpecification" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeletionProtectionEnabled": { + "markdownDescription": "Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", + "title": "DeletionProtectionEnabled", + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification" + }, + "markdownDescription": "Defines additional settings for the global secondary indexes of this replica.", + "title": "GlobalSecondaryIndexes", + "type": "array" + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KinesisStreamSpecification", + "markdownDescription": "Defines the Kinesis Data Streams configuration for the specified replica.", + "title": "KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification", + "markdownDescription": "The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica.", + "title": "PointInTimeRecoverySpecification" + }, + "ReadOnDemandThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadOnDemandThroughputSettings", + "markdownDescription": "Sets read request settings for the replica table.", + "title": "ReadOnDemandThroughputSettings" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", + "markdownDescription": "Defines read capacity settings for the replica table.", + "title": "ReadProvisionedThroughputSettings" + }, + "Region": { + "markdownDescription": "The region in which this replica exists.", + "title": "Region", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ReplicaStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification", + "markdownDescription": "Represents the DynamoDB Streams configuration for a global table replica.", + "title": "ReplicaStreamSpecification" }, - "Metadata": { - "type": "object" + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "ResourcePolicy" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions", - "markdownDescription": "The Connect attachment options.\n\n- protocol (gre)", - "title": "Options" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the attachment.", - "title": "Tags", - "type": "array" - }, - "TransportTransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment from which the Connect attachment was created.", - "title": "TransportTransitGatewayAttachmentId", - "type": "string" - } + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSSESpecification", + "markdownDescription": "Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas.", + "title": "SSESpecification" + }, + "TableClass": { + "markdownDescription": "The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", + "title": "TableClass", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" }, - "required": [ - "Options", - "TransportTransitGatewayAttachmentId" - ], + "markdownDescription": "An array of key-value pairs to apply to this replica.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification": { + "additionalProperties": false, + "properties": { + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", + "markdownDescription": "A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nYou can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource.", + "title": "ResourcePolicy" + } + }, + "required": [ + "ResourcePolicy" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.ResourcePolicy": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "PolicyDocument", "type": "object" + } + }, + "required": [ + "PolicyDocument" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys.", + "title": "SSEEnabled", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayConnect" - ], + "SSEType": { + "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", + "title": "SSEType", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", + "title": "StreamViewType", "type": "string" } }, "required": [ - "Type", - "Properties" + "StreamViewType" ], "type": "object" }, - "AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions": { + "AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration": { "additionalProperties": false, "properties": { - "Protocol": { - "markdownDescription": "The tunnel protocol.", - "title": "Protocol", + "DisableScaleIn": { + "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` .", + "title": "DisableScaleIn", + "type": "boolean" + }, + "ScaleInCooldown": { + "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start.", + "title": "ScaleInCooldown", + "type": "number" + }, + "ScaleOutCooldown": { + "markdownDescription": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start.", + "title": "ScaleOutCooldown", + "type": "number" + }, + "TargetValue": { + "markdownDescription": "Defines a target value for the scaling policy.", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the attribute used to store the expiration time for items in the table.\n\nCurrently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed.", + "title": "AttributeName", "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.WarmThroughput": { + "additionalProperties": false, + "properties": { + "ReadUnitsPerSecond": { + "markdownDescription": "Represents the number of read operations your base table can instantaneously support.", + "title": "ReadUnitsPerSecond", + "type": "number" + }, + "WriteUnitsPerSecond": { + "markdownDescription": "Represents the number of write operations your base table can instantaneously support.", + "title": "WriteUnitsPerSecond", + "type": "number" } }, "type": "object" }, - "AWS::EC2::TransitGatewayMulticastDomain": { + "AWS::DynamoDB::GlobalTable.WriteOnDemandThroughputSettings": { + "additionalProperties": false, + "properties": { + "MaxWriteRequestUnits": { + "markdownDescription": "Maximum number of write request settings for the specified replica of a global table.", + "title": "MaxWriteRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", + "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", + "title": "WriteCapacityAutoScalingSettings" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -79234,33 +87234,130 @@ "Properties": { "additionalProperties": false, "properties": { - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomain.Options", - "markdownDescription": "The options for the transit gateway multicast domain.\n\n- AutoAcceptSharedAssociations (enable | disable)\n- Igmpv2Support (enable | disable)\n- StaticSourcesSupport (enable | disable)", - "title": "Options" + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.AttributeDefinition" + }, + "markdownDescription": "A list of attributes that describe the key schema for the table and indexes.\n\nThis property is required to create a DynamoDB table.\n\nUpdate requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) . Replacement if you edit an existing AttributeDefinition.", + "title": "AttributeDefinitions", + "type": "array" + }, + "BillingMode": { + "markdownDescription": "Specify how you are charged for read and write throughput and how you manage capacity.\n\nValid values include:\n\n- `PAY_PER_REQUEST` - We recommend using `PAY_PER_REQUEST` for most DynamoDB workloads. `PAY_PER_REQUEST` sets the billing mode to [On-demand capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html) .\n- `PROVISIONED` - We recommend using `PROVISIONED` for steady workloads with predictable growth where capacity requirements can be reliably forecasted. `PROVISIONED` sets the billing mode to [Provisioned capacity mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html) .\n\nIf not specified, the default is `PROVISIONED` .", + "title": "BillingMode", + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table.", + "title": "ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "markdownDescription": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", + "title": "DeletionProtectionEnabled", + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.GlobalSecondaryIndex" + }, + "markdownDescription": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n\n> If you update a table to include a new global secondary index, AWS CloudFormation initiates the index creation and then proceeds with the stack update. AWS CloudFormation doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is `ACTIVE` . You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n> \n> If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.\n> \n> Updates are not supported. The following are exceptions:\n> \n> - If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n> - You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.", + "title": "GlobalSecondaryIndexes", + "type": "array" + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ImportSourceSpecification", + "markdownDescription": "Specifies the properties of data being imported from the S3 bucket source to the\" table.\n\n> If you specify the `ImportSourceSpecification` property, and also specify either the `StreamSpecification` , the `TableClass` property, the `DeletionProtectionEnabled` property, or the `WarmThroughput` property, the IAM entity creating/updating stack must have `UpdateTable` permission.", + "title": "ImportSourceSpecification" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" + }, + "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", + "title": "KeySchema", + "type": "array" + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KinesisStreamSpecification", + "markdownDescription": "The Kinesis Data Streams configuration for the specified table.", + "title": "KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.LocalSecondaryIndex" + }, + "markdownDescription": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.", + "title": "LocalSecondaryIndexes", + "type": "array" + }, + "OnDemandThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.OnDemandThroughput", + "markdownDescription": "Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify `MaxReadRequestUnits` , `MaxWriteRequestUnits` , or both.", + "title": "OnDemandThroughput" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.PointInTimeRecoverySpecification", + "markdownDescription": "The settings used to enable point in time recovery.", + "title": "PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", + "markdownDescription": "Throughput for the specified table, which consists of values for `ReadCapacityUnits` and `WriteCapacityUnits` . For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html) .\n\nIf you set `BillingMode` as `PROVISIONED` , you must specify this property. If you set `BillingMode` as `PAY_PER_REQUEST` , you cannot specify this property.", + "title": "ProvisionedThroughput" + }, + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", + "markdownDescription": "An AWS resource-based policy document in JSON format that will be attached to the table.\n\nWhen you attach a resource-based policy while creating a table, the policy application is *strongly consistent* .\n\nThe maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that apply for resource-based policies, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .\n\n> You need to specify the `CreateTable` and `PutResourcePolicy` IAM actions for authorizing a user to create a table with a resource-based policy.", + "title": "ResourcePolicy" + }, + "SSESpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", + "markdownDescription": "Specifies the settings to enable server-side encryption.", + "title": "SSESpecification" + }, + "StreamSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.StreamSpecification", + "markdownDescription": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", + "title": "StreamSpecification" + }, + "TableClass": { + "markdownDescription": "The table class of the new table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", + "title": "TableClass", + "type": "string" + }, + "TableName": { + "markdownDescription": "A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TableName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the transit gateway multicast domain.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", - "type": "string" + "TimeToLiveSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.TimeToLiveSpecification", + "markdownDescription": "Specifies the Time to Live (TTL) settings for the table.\n\n> For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", + "title": "TimeToLiveSpecification" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.WarmThroughput", + "markdownDescription": "Represents the warm throughput (in read units per second and write units per second) for creating a table.", + "title": "WarmThroughput" } }, "required": [ - "TransitGatewayId" + "KeySchema" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayMulticastDomain" + "AWS::DynamoDB::Table" ], "type": "string" }, @@ -79279,265 +87376,405 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastDomain.Options": { + "AWS::DynamoDB::Table.AttributeDefinition": { "additionalProperties": false, "properties": { - "AutoAcceptSharedAssociations": { - "markdownDescription": "Indicates whether to automatically accept cross-account subnet associations that are associated with the transit gateway multicast domain.", - "title": "AutoAcceptSharedAssociations", - "type": "string" - }, - "Igmpv2Support": { - "markdownDescription": "Specify whether to enable Internet Group Management Protocol (IGMP) version 2 for the transit gateway multicast domain.", - "title": "Igmpv2Support", + "AttributeName": { + "markdownDescription": "A name for the attribute.", + "title": "AttributeName", "type": "string" }, - "StaticSourcesSupport": { - "markdownDescription": "Specify whether to enable support for statically configuring multicast group sources for a domain.", - "title": "StaticSourcesSupport", + "AttributeType": { + "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", + "title": "AttributeType", "type": "string" } }, + "required": [ + "AttributeName", + "AttributeType" + ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastDomainAssociation": { + "AWS::DynamoDB::Table.ContributorInsightsSpecification": { "additionalProperties": false, "properties": { - "Condition": { + "Enabled": { + "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter used for separating items in the CSV file being imported.", + "title": "Delimiter", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HeaderList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header.", + "title": "HeaderList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", + "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index.", + "title": "ContributorInsightsSpecification" + }, + "IndexName": { + "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" + }, + "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "Metadata": { - "type": "object" + "OnDemandThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.OnDemandThroughput", + "markdownDescription": "The maximum number of read and write units for the specified global secondary index. If you use this parameter, you must specify `MaxReadRequestUnits` , `MaxWriteRequestUnits` , or both. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.", + "title": "OnDemandThroughput" }, - "Properties": { - "additionalProperties": false, - "properties": { - "SubnetId": { - "markdownDescription": "The IDs of the subnets to associate with the transit gateway multicast domain.", - "title": "SubnetId", - "type": "string" - }, - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the transit gateway attachment.", - "title": "TransitGatewayAttachmentId", - "type": "string" - }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", - "type": "string" - } - }, - "required": [ - "SubnetId", - "TransitGatewayAttachmentId", - "TransitGatewayMulticastDomainId" - ], - "type": "object" + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayMulticastDomainAssociation" - ], + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", + "markdownDescription": "Represents the provisioned throughput settings for the specified global secondary index. You must use either `OnDemandThroughput` or `ProvisionedThroughput` based on your table's capacity mode.\n\nFor current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide* .", + "title": "ProvisionedThroughput" + }, + "WarmThroughput": { + "$ref": "#/definitions/AWS::DynamoDB::Table.WarmThroughput", + "markdownDescription": "Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify `ReadUnitsPerSecond` , `WriteUnitsPerSecond` , or both.", + "title": "WarmThroughput" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "markdownDescription": "Type of compression to be used on the input coming from the imported table.", + "title": "InputCompressionType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputFormat": { + "markdownDescription": "The format of the source data. Valid values for `ImportFormat` are `CSV` , `DYNAMODB_JSON` or `ION` .", + "title": "InputFormat", "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/AWS::DynamoDB::Table.InputFormatOptions", + "markdownDescription": "Additional properties that specify how the input is formatted,", + "title": "InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/AWS::DynamoDB::Table.S3BucketSource", + "markdownDescription": "The S3 bucket that provides the source for the import.", + "title": "S3BucketSource" } }, "required": [ - "Type", - "Properties" + "InputFormat", + "S3BucketSource" ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastGroupMember": { + "AWS::DynamoDB::Table.InputFormatOptions": { "additionalProperties": false, "properties": { - "Condition": { + "Csv": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Csv", + "markdownDescription": "The options for imported source files in CSV format. The values are Delimiter and HeaderList.", + "title": "Csv" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of a key attribute.", + "title": "AttributeName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KeyType": { + "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeyType", + "type": "string" + } + }, + "required": [ + "AttributeName", + "KeyType" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "ApproximateCreationDateTimePrecision": { + "markdownDescription": "The precision for the time and date that the stream was created.", + "title": "ApproximateCreationDateTimePrecision", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "StreamArn": { + "markdownDescription": "The ARN for a specific Kinesis data stream.\n\nLength Constraints: Minimum length of 37. Maximum length of 1024.", + "title": "StreamArn", + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", + "title": "IndexName", + "type": "string" }, - "Metadata": { - "type": "object" + "KeySchema": { + "items": { + "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" + }, + "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", + "title": "KeySchema", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupIpAddress": { - "markdownDescription": "The IP address assigned to the transit gateway multicast group.", - "title": "GroupIpAddress", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The group members' network interface IDs to register with the transit gateway multicast group.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", - "type": "string" - } + "Projection": { + "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", + "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "title": "Projection" + } + }, + "required": [ + "IndexName", + "KeySchema", + "Projection" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.OnDemandThroughput": { + "additionalProperties": false, + "properties": { + "MaxReadRequestUnits": { + "markdownDescription": "Maximum number of read request units for the specified table.\n\nTo specify a maximum `OnDemandThroughput` on your table, set the value of `MaxReadRequestUnits` as greater than or equal to 1. To remove the maximum `OnDemandThroughput` that is currently set on your table, set the value of `MaxReadRequestUnits` to -1.", + "title": "MaxReadRequestUnits", + "type": "number" + }, + "MaxWriteRequestUnits": { + "markdownDescription": "Maximum number of write request units for the specified table.\n\nTo specify a maximum `OnDemandThroughput` on your table, set the value of `MaxWriteRequestUnits` as greater than or equal to 1. To remove the maximum `OnDemandThroughput` that is currently set on your table, set the value of `MaxWriteRequestUnits` to -1.", + "title": "MaxWriteRequestUnits", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", + "title": "PointInTimeRecoveryEnabled", + "type": "boolean" + }, + "RecoveryPeriodInDays": { + "markdownDescription": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35.", + "title": "RecoveryPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" }, - "required": [ - "GroupIpAddress", - "NetworkInterfaceId", - "TransitGatewayMulticastDomainId" - ], - "type": "object" + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", + "title": "NonKeyAttributes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayMulticastGroupMember" - ], + "ProjectionType": { + "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", + "title": "ProjectionType", "type": "string" + } + }, + "type": "object" + }, + "AWS::DynamoDB::Table.ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "markdownDescription": "The maximum number of strongly consistent reads consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", + "title": "ReadCapacityUnits", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "WriteCapacityUnits": { + "markdownDescription": "The maximum number of writes consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", + "title": "WriteCapacityUnits", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ReadCapacityUnits", + "WriteCapacityUnits" ], "type": "object" }, - "AWS::EC2::TransitGatewayMulticastGroupSource": { + "AWS::DynamoDB::Table.ResourcePolicy": { "additionalProperties": false, "properties": { - "Condition": { + "PolicyDocument": { + "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, index, or both. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "PolicyDocument", + "type": "object" + } + }, + "required": [ + "PolicyDocument" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "markdownDescription": "The S3 bucket that is being imported from.", + "title": "S3Bucket", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3BucketOwner": { + "markdownDescription": "The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional.", + "title": "S3BucketOwner", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "S3KeyPrefix": { + "markdownDescription": "The key prefix shared by all S3 Objects that are being imported.", + "title": "S3KeyPrefix", + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", + "title": "KMSMasterKeyId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupIpAddress": { - "markdownDescription": "The IP address assigned to the transit gateway multicast group.", - "title": "GroupIpAddress", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The group sources' network interface IDs to register with the transit gateway multicast group.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "TransitGatewayMulticastDomainId": { - "markdownDescription": "The ID of the transit gateway multicast domain.", - "title": "TransitGatewayMulticastDomainId", - "type": "string" - } - }, - "required": [ - "GroupIpAddress", - "NetworkInterfaceId", - "TransitGatewayMulticastDomainId" - ], - "type": "object" + "SSEEnabled": { + "markdownDescription": "Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to `KMS` and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key.", + "title": "SSEEnabled", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::EC2::TransitGatewayMulticastGroupSource" - ], + "SSEType": { + "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", + "title": "SSEType", "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.StreamSpecification": { + "additionalProperties": false, + "properties": { + "ResourcePolicy": { + "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", + "markdownDescription": "Creates or updates a resource-based policy document that contains the permissions for DynamoDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", + "title": "ResourcePolicy" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StreamViewType": { + "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", + "title": "StreamViewType", "type": "string" } }, "required": [ - "Type", - "Properties" + "StreamViewType" ], "type": "object" }, - "AWS::EC2::TransitGatewayPeeringAttachment": { + "AWS::DynamoDB::Table.TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the TTL attribute used to store the expiration time for items in the table.\n\n> - The `AttributeName` property is required when enabling the TTL, or when TTL is already enabled.\n> - To update this property, you must first disable TTL and then enable TTL with the new attribute name.", + "title": "AttributeName", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::DynamoDB::Table.WarmThroughput": { + "additionalProperties": false, + "properties": { + "ReadUnitsPerSecond": { + "markdownDescription": "Represents the number of read operations your base table can instantaneously support.", + "title": "ReadUnitsPerSecond", + "type": "number" + }, + "WriteUnitsPerSecond": { + "markdownDescription": "Represents the number of write operations your base table can instantaneously support.", + "title": "WriteUnitsPerSecond", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservation": { "additionalProperties": false, "properties": { "Condition": { @@ -79572,46 +87809,95 @@ "Properties": { "additionalProperties": false, "properties": { - "PeerAccountId": { - "markdownDescription": "The ID of the AWS account that owns the transit gateway.", - "title": "PeerAccountId", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to create the Capacity Reservation.", + "title": "AvailabilityZone", "type": "string" }, - "PeerRegion": { - "markdownDescription": "The Region where the transit gateway that you want to create the peer for is located.", - "title": "PeerRegion", + "AvailabilityZoneId": { + "markdownDescription": "The Availability Zone ID of the Capacity Reservation.", + "title": "AvailabilityZoneId", "type": "string" }, - "PeerTransitGatewayId": { - "markdownDescription": "The ID of the transit gateway in the PeerRegion.", - "title": "PeerTransitGatewayId", + "EbsOptimized": { + "markdownDescription": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.", + "title": "EbsOptimized", + "type": "boolean" + }, + "EndDate": { + "markdownDescription": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.\n\nIf you are requesting a future-dated Capacity Reservation, you can't specify an end date and time that is within the commitment duration.", + "title": "EndDate", "type": "string" }, - "Tags": { + "EndDateType": { + "markdownDescription": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", + "title": "EndDateType", + "type": "string" + }, + "EphemeralStorage": { + "markdownDescription": "*Deprecated.*", + "title": "EphemeralStorage", + "type": "boolean" + }, + "InstanceCount": { + "markdownDescription": "The number of instances for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for an instance count with a minimum of 64 vCPUs. For example, if you request a future-dated Capacity Reservation for `m5.xlarge` instances, you must request at least 25 instances ( *16 * m5.xlarge = 64 vCPUs* ). \n\nValid range: 1 - 1000", + "title": "InstanceCount", + "type": "number" + }, + "InstanceMatchCriteria": { + "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\n> If you are requesting a future-dated Capacity Reservation, you must specify `targeted` . \n\nDefault: `open`", + "title": "InstanceMatchCriteria", + "type": "string" + }, + "InstancePlatform": { + "markdownDescription": "The type of operating system for which to reserve capacity.", + "title": "InstancePlatform", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type for which to reserve capacity.\n\n> You can request future-dated Capacity Reservations for instance types in the C, M, R, I, T, and G instance families only. \n\nFor more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceType", + "type": "string" + }, + "OutPostArn": { + "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", + "title": "OutPostArn", + "type": "string" + }, + "PlacementGroupArn": { + "markdownDescription": "> Not supported for future-dated Capacity Reservations. \n\nThe Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", + "title": "PlacementGroupArn", + "type": "string" + }, + "TagSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::CapacityReservation.TagSpecification" }, - "markdownDescription": "The tags for the transit gateway peering attachment.", - "title": "Tags", + "markdownDescription": "The tags to apply to the Capacity Reservation during launch.", + "title": "TagSpecifications", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway peering attachment.", - "title": "TransitGatewayId", + "Tenancy": { + "markdownDescription": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account .", + "title": "Tenancy", + "type": "string" + }, + "UnusedReservationBillingOwnerId": { + "markdownDescription": "The ID of the AWS account to which to assign billing of the unused capacity of the Capacity Reservation. A request will be sent to the specified account. That account must accept the request for the billing to be assigned to their account. For more information, see [Billing assignment for shared Amazon EC2 Capacity Reservations](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/assign-billing.html) .\n\nYou can assign billing only for shared Capacity Reservations. To share a Capacity Reservation, you must add it to a resource share. For more information, see [AWS::RAM::ResourceShare](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ram-resourceshare.html) .", + "title": "UnusedReservationBillingOwnerId", "type": "string" } }, "required": [ - "PeerAccountId", - "PeerRegion", - "PeerTransitGatewayId", - "TransitGatewayId" + "InstanceCount", + "InstancePlatform", + "InstanceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayPeeringAttachment" + "AWS::EC2::CapacityReservation" ], "type": "string" }, @@ -79630,23 +87916,58 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayPeeringAttachment.PeeringAttachmentStatus": { + "AWS::EC2::CapacityReservation.CapacityAllocation": { "additionalProperties": false, "properties": { - "Code": { - "markdownDescription": "The status code.", - "title": "Code", + "AllocationType": { + "markdownDescription": "The usage type. `used` indicates that the instance capacity is in use by instances that are running in the Capacity Reservation.", + "title": "AllocationType", "type": "string" }, - "Message": { - "markdownDescription": "The status message, if applicable.", - "title": "Message", + "Count": { + "markdownDescription": "The amount of instance capacity associated with the usage. For example a value of `4` indicates that instance capacity for 4 instances is currently in use.", + "title": "Count", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservation.CommitmentInfo": { + "additionalProperties": false, + "properties": { + "CommitmentEndDate": { + "markdownDescription": "The date and time at which the commitment duration expires, in the ISO8601 format in the UTC time zone ( `YYYY-MM-DDThh:mm:ss.sssZ` ). You can't decrease the instance count or cancel the Capacity Reservation before this date and time.", + "title": "CommitmentEndDate", "type": "string" + }, + "CommittedInstanceCount": { + "markdownDescription": "The instance capacity that you committed to when you requested the future-dated Capacity Reservation.", + "title": "CommittedInstanceCount", + "type": "number" } }, "type": "object" }, - "AWS::EC2::TransitGatewayRoute": { + "AWS::EC2::CapacityReservation.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag. Specify `capacity-reservation` .", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservationFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -79681,35 +88002,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Blackhole": { - "markdownDescription": "Indicates whether to drop traffic that matches this route.", - "title": "Blackhole", - "type": "boolean" + "AllocationStrategy": { + "markdownDescription": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`", + "title": "AllocationStrategy", + "type": "string" }, - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block used for destination matches.", - "title": "DestinationCidrBlock", + "EndDate": { + "markdownDescription": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` .", + "title": "EndDate", "type": "string" }, - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", + "InstanceMatchCriteria": { + "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity.", + "title": "InstanceMatchCriteria", "type": "string" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the transit gateway route table.", - "title": "TransitGatewayRouteTableId", + "InstanceTypeSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification" + }, + "markdownDescription": "Information about the instance types for which to reserve the capacity.", + "title": "InstanceTypeSpecifications", + "type": "array" + }, + "NoRemoveEndDate": { + "markdownDescription": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter.", + "title": "NoRemoveEndDate", + "type": "boolean" + }, + "RemoveEndDate": { + "markdownDescription": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter.", + "title": "RemoveEndDate", + "type": "boolean" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.TagSpecification" + }, + "markdownDescription": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet.", + "title": "TagSpecifications", + "type": "array" + }, + "Tenancy": { + "markdownDescription": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account .", + "title": "Tenancy", "type": "string" + }, + "TotalTargetCapacity": { + "markdownDescription": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* .", + "title": "TotalTargetCapacity", + "type": "number" } }, - "required": [ - "TransitGatewayRouteTableId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRoute" + "AWS::EC2::CapacityReservationFleet" ], "type": "string" }, @@ -79723,12 +88072,71 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::TransitGatewayRouteTable": { + "AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types.", + "title": "EbsOptimized", + "type": "boolean" + }, + "InstancePlatform": { + "markdownDescription": "The type of operating system for which the Capacity Reservation Fleet reserves capacity.", + "title": "InstancePlatform", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type for which the Capacity Reservation Fleet reserves capacity.", + "title": "InstanceType", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* .", + "title": "Priority", + "type": "number" + }, + "Weight": { + "markdownDescription": "The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide.\n\nValid Range: Minimum value of `0.001` . Maximum value of `99.999` .", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::CapacityReservationFleet.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag on creation. Specify `capacity-reservation-fleet` .\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::CarrierGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -79767,24 +88175,24 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the route table.", + "markdownDescription": "The tags assigned to the carrier gateway.", "title": "Tags", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", + "VpcId": { + "markdownDescription": "The ID of the VPC associated with the carrier gateway.", + "title": "VpcId", "type": "string" } }, "required": [ - "TransitGatewayId" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRouteTable" + "AWS::EC2::CarrierGateway" ], "type": "string" }, @@ -79803,7 +88211,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayRouteTableAssociation": { + "AWS::EC2::ClientVpnAuthorizationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -79838,26 +88246,41 @@ "Properties": { "additionalProperties": false, "properties": { - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", + "AccessGroupId": { + "markdownDescription": "The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if `AuthorizeAllGroups` is `false` or not specified.", + "title": "AccessGroupId", "type": "string" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the route table for the transit gateway.", - "title": "TransitGatewayRouteTableId", + "AuthorizeAllGroups": { + "markdownDescription": "Indicates whether to grant access to all clients. Specify `true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.", + "title": "AuthorizeAllGroups", + "type": "boolean" + }, + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint.", + "title": "ClientVpnEndpointId", + "type": "string" + }, + "Description": { + "markdownDescription": "A brief description of the authorization rule.", + "title": "Description", + "type": "string" + }, + "TargetNetworkCidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation, of the network for which access is being authorized.", + "title": "TargetNetworkCidr", "type": "string" } }, "required": [ - "TransitGatewayAttachmentId", - "TransitGatewayRouteTableId" + "ClientVpnEndpointId", + "TargetNetworkCidr" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRouteTableAssociation" + "AWS::EC2::ClientVpnAuthorizationRule" ], "type": "string" }, @@ -79876,7 +88299,7 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayRouteTablePropagation": { + "AWS::EC2::ClientVpnEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -79911,26 +88334,120 @@ "Properties": { "additionalProperties": false, "properties": { - "TransitGatewayAttachmentId": { - "markdownDescription": "The ID of the attachment.", - "title": "TransitGatewayAttachmentId", + "AuthenticationOptions": { + "items": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest" + }, + "markdownDescription": "Information about the authentication method to be used to authenticate clients.", + "title": "AuthenticationOptions", + "type": "array" + }, + "ClientCidrBlock": { + "markdownDescription": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. Client CIDR range must have a size of at least /22 and must not be greater than /12.", + "title": "ClientCidrBlock", "type": "string" }, - "TransitGatewayRouteTableId": { - "markdownDescription": "The ID of the propagation route table.", - "title": "TransitGatewayRouteTableId", + "ClientConnectOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientConnectOptions", + "markdownDescription": "The options for managing connection authorization for new client connections.", + "title": "ClientConnectOptions" + }, + "ClientLoginBannerOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions", + "markdownDescription": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.", + "title": "ClientLoginBannerOptions" + }, + "ClientRouteEnforcementOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientRouteEnforcementOptions", + "markdownDescription": "Client route enforcement is a feature of the Client VPN service that helps enforce administrator defined routes on devices connected through the VPN. T his feature helps improve your security posture by ensuring that network traffic originating from a connected client is not inadvertently sent outside the VPN tunnel.\n\nClient route enforcement works by monitoring the route table of a connected device for routing policy changes to the VPN connection. If the feature detects any VPN routing policy modifications, it will automatically force an update to the route table, reverting it back to the expected route configurations.", + "title": "ClientRouteEnforcementOptions" + }, + "ConnectionLogOptions": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions", + "markdownDescription": "Information about the client connection logging options.\n\nIf you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:\n\n- Client connection requests\n- Client connection results (successful and unsuccessful)\n- Reasons for unsuccessful client connection requests\n- Client connection termination time", + "title": "ConnectionLogOptions" + }, + "Description": { + "markdownDescription": "A brief description of the Client VPN endpoint.", + "title": "Description", + "type": "string" + }, + "DisconnectOnSessionTimeout": { + "markdownDescription": "Indicates whether the client VPN session is disconnected after the maximum `sessionTimeoutHours` is reached. If `true` , users are prompted to reconnect client VPN. If `false` , client VPN attempts to reconnect automatically. The default value is `true` .", + "title": "DisconnectOnSessionTimeout", + "type": "boolean" + }, + "DnsServers": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.", + "title": "DnsServers", + "type": "array" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SelfServicePortal": { + "markdownDescription": "Specify whether to enable the self-service portal for the Client VPN endpoint.\n\nDefault Value: `enabled`", + "title": "SelfServicePortal", + "type": "string" + }, + "ServerCertificateArn": { + "markdownDescription": "The ARN of the server certificate. For more information, see the [AWS Certificate Manager User Guide](https://docs.aws.amazon.com/acm/latest/userguide/) .", + "title": "ServerCertificateArn", + "type": "string" + }, + "SessionTimeoutHours": { + "markdownDescription": "The maximum VPN session duration time in hours.\n\nValid values: `8 | 10 | 12 | 24`\n\nDefault value: `24`", + "title": "SessionTimeoutHours", + "type": "number" + }, + "SplitTunnel": { + "markdownDescription": "Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.\n\nBy default, split-tunnel on a VPN endpoint is disabled.\n\nFor information about split-tunnel VPN endpoints, see [Split-tunnel AWS Client VPN endpoint](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) in the *AWS Client VPN Administrator Guide* .", + "title": "SplitTunnel", + "type": "boolean" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.TagSpecification" + }, + "markdownDescription": "The tags to apply to the Client VPN endpoint during creation.", + "title": "TagSpecifications", + "type": "array" + }, + "TransportProtocol": { + "markdownDescription": "The transport protocol to be used by the VPN session.\n\nDefault value: `udp`", + "title": "TransportProtocol", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.", + "title": "VpcId", "type": "string" + }, + "VpnPort": { + "markdownDescription": "The port number to assign to the Client VPN endpoint for TCP and UDP traffic.\n\nValid Values: `443` | `1194`\n\nDefault Value: `443`", + "title": "VpnPort", + "type": "number" } }, "required": [ - "TransitGatewayAttachmentId", - "TransitGatewayRouteTableId" + "AuthenticationOptions", + "ClientCidrBlock", + "ConnectionLogOptions", + "ServerCertificateArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::TransitGatewayRouteTablePropagation" + "AWS::EC2::ClientVpnEndpoint" ], "type": "string" }, @@ -79949,415 +88466,179 @@ ], "type": "object" }, - "AWS::EC2::TransitGatewayVpcAttachment": { + "AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ClientRootCertificateChainArn": { + "markdownDescription": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).", + "title": "ClientRootCertificateChainArn", "type": "string" + } + }, + "required": [ + "ClientRootCertificateChainArn" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "ActiveDirectory": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest", + "markdownDescription": "Information about the Active Directory to be used, if applicable. You must provide this information if *Type* is `directory-service-authentication` .", + "title": "ActiveDirectory" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "FederatedAuthentication": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest", + "markdownDescription": "Information about the IAM SAML identity provider, if applicable.", + "title": "FederatedAuthentication" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AddSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.", - "title": "AddSubnetIds", - "type": "array" - }, - "Options": { - "$ref": "#/definitions/AWS::EC2::TransitGatewayVpcAttachment.Options", - "markdownDescription": "The VPC attachment options.", - "title": "Options" - }, - "RemoveSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of one or more subnets to remove.", - "title": "RemoveSubnetIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the VPC attachment.", - "title": "Tags", - "type": "array" - }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway.", - "title": "TransitGatewayId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "SubnetIds", - "TransitGatewayId", - "VpcId" - ], - "type": "object" + "MutualAuthentication": { + "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest", + "markdownDescription": "Information about the authentication certificates to be used, if applicable. You must provide this information if *Type* is `certificate-authentication` .", + "title": "MutualAuthentication" }, "Type": { - "enum": [ - "AWS::EC2::TransitGatewayVpcAttachment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The type of client authentication to be used.", + "title": "Type", "type": "string" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::TransitGatewayVpcAttachment.Options": { + "AWS::EC2::ClientVpnEndpoint.ClientConnectOptions": { "additionalProperties": false, "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", - "title": "ApplianceModeSupport", - "type": "string" - }, - "DnsSupport": { - "markdownDescription": "Enable or disable DNS support. The default is `disable` .", - "title": "DnsSupport", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether client connect options are enabled. The default is `false` (not enabled).", + "title": "Enabled", + "type": "boolean" }, - "Ipv6Support": { - "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", - "title": "Ipv6Support", + "LambdaFunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function used for connection authorization.", + "title": "LambdaFunctionArn", "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::EC2::VPC": { + "AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions": { "additionalProperties": false, "properties": { - "Condition": { + "BannerText": { + "markdownDescription": "Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.", + "title": "BannerText", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Enabled": { + "markdownDescription": "Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n\nValid values: `true | false`\n\nDefault value: `false`", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.ClientRouteEnforcementOptions": { + "additionalProperties": false, + "properties": { + "Enforced": { + "markdownDescription": "Enable or disable Client Route Enforcement. The state can either be `true` (enabled) or `false` (disabled). The default is `false` .\n\nValid values: `true | false`\n\nDefault value: `false`", + "title": "Enforced", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions": { + "additionalProperties": false, + "properties": { + "CloudwatchLogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group. Required if connection logging is enabled.", + "title": "CloudwatchLogGroup", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CidrBlock": { - "markdownDescription": "The IPv4 network range for the VPC, in CIDR notation. For example, `10.0.0.0/16` . We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", - "title": "CidrBlock", - "type": "string" - }, - "EnableDnsHostnames": { - "markdownDescription": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .\n\nYou can only enable DNS hostnames if you've enabled DNS support.", - "title": "EnableDnsHostnames", - "type": "boolean" - }, - "EnableDnsSupport": { - "markdownDescription": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .", - "title": "EnableDnsSupport", - "type": "boolean" - }, - "InstanceTenancy": { - "markdownDescription": "The allowed tenancy of instances launched into the VPC.\n\n- `default` : An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n- `dedicated` : An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of `host` during instance launch. You cannot specify a tenancy of `default` during instance launch.\n\nUpdating `InstanceTenancy` requires no replacement only if you are updating its value from `dedicated` to `default` . Updating `InstanceTenancy` from `default` to `dedicated` requires replacement.", - "title": "InstanceTenancy", - "type": "string" - }, - "Ipv4IpamPoolId": { - "markdownDescription": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", - "title": "Ipv4IpamPoolId", - "type": "string" - }, - "Ipv4NetmaskLength": { - "markdownDescription": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4NetmaskLength", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the VPC.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPC" - ], + "CloudwatchLogStream": { + "markdownDescription": "The name of the CloudWatch Logs log stream to which the connection data is published.", + "title": "CloudwatchLogStream", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether connection logging is enabled.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type" + "Enabled" ], "type": "object" }, - "AWS::EC2::VPCCidrBlock": { + "AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DirectoryId": { + "markdownDescription": "The ID of the Active Directory to be used for authentication.", + "title": "DirectoryId", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AmazonProvidedIpv6CidrBlock": { - "markdownDescription": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.", - "title": "AmazonProvidedIpv6CidrBlock", - "type": "boolean" - }, - "CidrBlock": { - "markdownDescription": "An IPv4 CIDR block to associate with the VPC.", - "title": "CidrBlock", - "type": "string" - }, - "Ipv4IpamPoolId": { - "markdownDescription": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4IpamPoolId", - "type": "string" - }, - "Ipv4NetmaskLength": { - "markdownDescription": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv4NetmaskLength", - "type": "number" - }, - "Ipv6CidrBlock": { - "markdownDescription": "An IPv6 CIDR block from the IPv6 address pool. You must also specify `Ipv6Pool` in the request.\n\nTo let Amazon choose the IPv6 CIDR block for you, omit this parameter.", - "title": "Ipv6CidrBlock", - "type": "string" - }, - "Ipv6IpamPoolId": { - "markdownDescription": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv6IpamPoolId", - "type": "string" - }, - "Ipv6NetmaskLength": { - "markdownDescription": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", - "title": "Ipv6NetmaskLength", - "type": "number" - }, - "Ipv6Pool": { - "markdownDescription": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", - "title": "Ipv6Pool", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "VpcId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPCCidrBlock" - ], + } + }, + "required": [ + "DirectoryId" + ], + "type": "object" + }, + "AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "SAMLProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider.", + "title": "SAMLProviderArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SelfServiceSAMLProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.", + "title": "SelfServiceSAMLProviderArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "SAMLProviderArn" ], "type": "object" }, - "AWS::EC2::VPCDHCPOptionsAssociation": { + "AWS::EC2::ClientVpnEndpoint.TagSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResourceType": { + "markdownDescription": "The type of resource to tag. To tag a Client VPN endpoint, `ResourceType` must be `client-vpn-endpoint` .", + "title": "ResourceType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DhcpOptionsId": { - "markdownDescription": "The ID of the DHCP options set, or `default` to associate no DHCP options with the VPC.", - "title": "DhcpOptionsId", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" - } + "Tags": { + "items": { + "$ref": "#/definitions/Tag" }, - "required": [ - "DhcpOptionsId", - "VpcId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPCDHCPOptionsAssociation" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "Type", - "Properties" + "ResourceType", + "Tags" ], "type": "object" }, - "AWS::EC2::VPCEndpoint": { + "AWS::EC2::ClientVpnRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -80392,65 +88673,37 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n\nFor CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. For example, if you have a JSON policy, you can convert it to YAML before including it in the YAML template, and AWS CloudFormation converts the policy to JSON format before calling the API actions for AWS PrivateLink . Alternatively, you can include the JSON directly in the YAML, as shown in the following `Properties` section:\n\n`Properties: VpcEndpointType: 'Interface' ServiceName: !Sub 'com.amazonaws.${AWS::Region}.logs' PolicyDocument: '{ \"Version\":\"2012-10-17\", \"Statement\": [{ \"Effect\":\"Allow\", \"Principal\":\"*\", \"Action\":[\"logs:Describe*\",\"logs:Get*\",\"logs:List*\",\"logs:FilterLogEvents\"], \"Resource\":\"*\" }] }'`", - "title": "PolicyDocument", - "type": "object" - }, - "PrivateDnsEnabled": { - "markdownDescription": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, `kinesis.us-east-1.amazonaws.com` ), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to `true` : `enableDnsHostnames` and `enableDnsSupport` .\n\nThis property is supported only for interface endpoints.\n\nDefault: `false`", - "title": "PrivateDnsEnabled", - "type": "boolean" - }, - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the route tables. Routing is supported only for gateway endpoints.", - "title": "RouteTableIds", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints.", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServiceName": { - "markdownDescription": "The name of the endpoint service.", - "title": "ServiceName", + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint to which to add the route.", + "title": "ClientVpnEndpointId", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.", - "title": "SubnetIds", - "type": "array" + "Description": { + "markdownDescription": "A brief description of the route.", + "title": "Description", + "type": "string" }, - "VpcEndpointType": { - "markdownDescription": "The type of endpoint.\n\nDefault: Gateway", - "title": "VpcEndpointType", + "DestinationCidrBlock": { + "markdownDescription": "The IPv4 address range, in CIDR notation, of the route destination. For example:\n\n- To add a route for Internet access, enter `0.0.0.0/0`\n- To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range\n- To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range\n- To add a route for the local network, enter the client CIDR range", + "title": "DestinationCidrBlock", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "TargetVpcSubnetId": { + "markdownDescription": "The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.\n\nAlternatively, if you're adding a route for the local network, specify `local` .", + "title": "TargetVpcSubnetId", "type": "string" } }, "required": [ - "ServiceName", - "VpcId" + "ClientVpnEndpointId", + "DestinationCidrBlock", + "TargetVpcSubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpoint" + "AWS::EC2::ClientVpnRoute" ], "type": "string" }, @@ -80469,7 +88722,7 @@ ], "type": "object" }, - "AWS::EC2::VPCEndpointConnectionNotification": { + "AWS::EC2::ClientVpnTargetNetworkAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -80504,39 +88757,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionEvents": { - "items": { - "type": "string" - }, - "markdownDescription": "The endpoint events for which to receive notifications. Valid values are `Accept` , `Connect` , `Delete` , and `Reject` .", - "title": "ConnectionEvents", - "type": "array" - }, - "ConnectionNotificationArn": { - "markdownDescription": "The ARN of the SNS topic for the notifications.", - "title": "ConnectionNotificationArn", - "type": "string" - }, - "ServiceId": { - "markdownDescription": "The ID of the endpoint service.", - "title": "ServiceId", + "ClientVpnEndpointId": { + "markdownDescription": "The ID of the Client VPN endpoint.", + "title": "ClientVpnEndpointId", "type": "string" }, - "VPCEndpointId": { - "markdownDescription": "The ID of the endpoint.", - "title": "VPCEndpointId", + "SubnetId": { + "markdownDescription": "The ID of the subnet to associate with the Client VPN endpoint.", + "title": "SubnetId", "type": "string" } }, "required": [ - "ConnectionEvents", - "ConnectionNotificationArn" + "ClientVpnEndpointId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpointConnectionNotification" + "AWS::EC2::ClientVpnTargetNetworkAssociation" ], "type": "string" }, @@ -80555,7 +88795,7 @@ ], "type": "object" }, - "AWS::EC2::VPCEndpointService": { + "AWS::EC2::CustomerGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -80590,117 +88830,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptanceRequired": { - "markdownDescription": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted.", - "title": "AcceptanceRequired", - "type": "boolean" - }, - "ContributorInsightsEnabled": { - "markdownDescription": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink .", - "title": "ContributorInsightsEnabled", - "type": "boolean" + "BgpAsn": { + "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nDefault: 65000\n\nValid values: `1` to `2,147,483,647`", + "title": "BgpAsn", + "type": "number" }, - "GatewayLoadBalancerArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers.", - "title": "GatewayLoadBalancerArns", - "type": "array" + "BgpAsnExtended": { + "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nValid values: `2,147,483,648` to `4,294,967,295`", + "title": "BgpAsnExtended", + "type": "number" }, - "NetworkLoadBalancerArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the Network Load Balancers.", - "title": "NetworkLoadBalancerArns", - "type": "array" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the customer gateway certificate.", + "title": "CertificateArn", + "type": "string" }, - "PayerResponsibility": { - "markdownDescription": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner.", - "title": "PayerResponsibility", + "DeviceName": { + "markdownDescription": "The name of customer gateway device.", + "title": "DeviceName", "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPCEndpointService" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EC2::VPCEndpointServicePermissions": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + }, + "IpAddress": { + "markdownDescription": "The IP address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `Ipv6` , you can use an IPv6 address.", + "title": "IpAddress", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedPrincipals": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked.", - "title": "AllowedPrincipals", + "markdownDescription": "One or more tags for the customer gateway.", + "title": "Tags", "type": "array" }, - "ServiceId": { - "markdownDescription": "The ID of the service.", - "title": "ServiceId", + "Type": { + "markdownDescription": "The type of VPN connection that this customer gateway supports ( `ipsec.1` ).", + "title": "Type", "type": "string" } }, "required": [ - "ServiceId" + "IpAddress", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCEndpointServicePermissions" + "AWS::EC2::CustomerGateway" ], "type": "string" }, @@ -80719,7 +88896,7 @@ ], "type": "object" }, - "AWS::EC2::VPCGatewayAttachment": { + "AWS::EC2::DHCPOptions": { "additionalProperties": false, "properties": { "Condition": { @@ -80754,126 +88931,59 @@ "Properties": { "additionalProperties": false, "properties": { - "InternetGatewayId": { - "markdownDescription": "The ID of the internet gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", - "title": "InternetGatewayId", + "DomainName": { + "markdownDescription": "This value is used to complete unqualified DNS hostnames. If you're using AmazonProvidedDNS in `us-east-1` , specify `ec2.internal` . If you're using AmazonProvidedDNS in another Region, specify *region* . `compute.internal` (for example, `ap-northeast-1.compute.internal` ). Otherwise, specify a domain name (for example, *MyCompany.com* ).", + "title": "DomainName", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" + "DomainNameServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 addresses of up to four domain name servers, or `AmazonProvidedDNS` . The default is `AmazonProvidedDNS` . To have your instance receive a custom DNS hostname as specified in `DomainName` , you must set this property to a custom DNS server.", + "title": "DomainNameServers", + "type": "array" }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", - "title": "VpnGatewayId", - "type": "string" - } - }, - "required": [ - "VpcId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VPCGatewayAttachment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EC2::VPCPeeringConnection": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "Ipv6AddressPreferredLeaseTime": { + "markdownDescription": "A value (in seconds, minutes, hours, or years) for how frequently a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 seconds (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.", + "title": "Ipv6AddressPreferredLeaseTime", + "type": "number" }, - { + "NetbiosNameServers": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The IPv4 addresses of up to four NetBIOS name servers.", + "title": "NetbiosNameServers", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PeerOwnerId": { - "markdownDescription": "The AWS account ID of the owner of the accepter VPC.\n\nDefault: Your AWS account ID", - "title": "PeerOwnerId", - "type": "string" - }, - "PeerRegion": { - "markdownDescription": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.\n\nDefault: The Region in which you make the request.", - "title": "PeerRegion", - "type": "string" }, - "PeerRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.\n\nThis is required when you are peering a VPC in a different AWS account.", - "title": "PeerRoleArn", - "type": "string" + "NetbiosNodeType": { + "markdownDescription": "The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported).", + "title": "NetbiosNodeType", + "type": "number" }, - "PeerVpcId": { - "markdownDescription": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.", - "title": "PeerVpcId", - "type": "string" + "NtpServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers.", + "title": "NtpServers", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the resource.", + "markdownDescription": "Any tags assigned to the DHCP options set.", "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", - "type": "string" } }, - "required": [ - "PeerVpcId", - "VpcId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPCPeeringConnection" + "AWS::EC2::DHCPOptions" ], "type": "string" }, @@ -80887,12 +88997,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::VPNConnection": { + "AWS::EC2::EC2Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -80927,57 +89036,82 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomerGatewayId": { - "markdownDescription": "The ID of the customer gateway at your end of the VPN connection.", - "title": "CustomerGatewayId", + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", "type": "string" }, - "StaticRoutesOnly": { - "markdownDescription": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n\nIf you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .", - "title": "StaticRoutesOnly", + "ExcessCapacityTerminationPolicy": { + "markdownDescription": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` .", + "title": "ExcessCapacityTerminationPolicy", + "type": "string" + }, + "LaunchTemplateConfigs": { + "items": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest" + }, + "markdownDescription": "The configuration for the EC2 Fleet.", + "title": "LaunchTemplateConfigs", + "type": "array" + }, + "OnDemandOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.OnDemandOptionsRequest", + "markdownDescription": "Describes the configuration of On-Demand Instances in an EC2 Fleet.", + "title": "OnDemandOptions" + }, + "ReplaceUnhealthyInstances": { + "markdownDescription": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* .", + "title": "ReplaceUnhealthyInstances", "type": "boolean" }, - "Tags": { + "SpotOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", + "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", + "title": "SpotOptions" + }, + "TagSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TagSpecification" }, - "markdownDescription": "Any tags assigned to the VPN connection.", - "title": "Tags", + "markdownDescription": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) .", + "title": "TagSpecifications", "type": "array" }, - "TransitGatewayId": { - "markdownDescription": "The ID of the transit gateway associated with the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", - "title": "TransitGatewayId", - "type": "string" + "TargetCapacitySpecification": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest", + "markdownDescription": "The number of units to request.", + "title": "TargetCapacitySpecification" + }, + "TerminateInstancesWithExpiration": { + "markdownDescription": "Indicates whether running instances should be terminated when the EC2 Fleet expires.", + "title": "TerminateInstancesWithExpiration", + "type": "boolean" }, "Type": { - "markdownDescription": "The type of VPN connection.", + "markdownDescription": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* .", "title": "Type", "type": "string" }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", - "title": "VpnGatewayId", + "ValidFrom": { + "markdownDescription": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately.", + "title": "ValidFrom", "type": "string" }, - "VpnTunnelOptionsSpecifications": { - "items": { - "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification" - }, - "markdownDescription": "The tunnel options for the VPN connection.", - "title": "VpnTunnelOptionsSpecifications", - "type": "array" + "ValidUntil": { + "markdownDescription": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.", + "title": "ValidUntil", + "type": "string" } }, "required": [ - "CustomerGatewayId", - "Type" + "LaunchTemplateConfigs", + "TargetCapacitySpecification" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPNConnection" + "AWS::EC2::EC2Fleet" ], "type": "string" }, @@ -80996,102 +89130,731 @@ ], "type": "object" }, - "AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification": { + "AWS::EC2::EC2Fleet.AcceleratorCountRequest": { "additionalProperties": false, "properties": { - "PreSharedKey": { - "markdownDescription": "The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.\n\nConstraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).", - "title": "PreSharedKey", - "type": "string" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" }, - "TunnelInsideCidr": { - "markdownDescription": "The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.\n\nConstraints: A size /30 CIDR block from the `169.254.0.0/16` range. The following CIDR blocks are reserved and cannot be used:\n\n- `169.254.0.0/30`\n- `169.254.1.0/30`\n- `169.254.2.0/30`\n- `169.254.3.0/30`\n- `169.254.4.0/30`\n- `169.254.5.0/30`\n- `169.254.169.252/30`", - "title": "TunnelInsideCidr", - "type": "string" + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::EC2::VPNConnectionRoute": { + "AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Metadata": { - "type": "object" + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.BaselinePerformanceFactorsRequest": { + "additionalProperties": false, + "properties": { + "Cpu": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.BlockDeviceMapping": { + "additionalProperties": false, + "properties": { + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "DeviceName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DestinationCidrBlock": { - "markdownDescription": "The CIDR block associated with the local subnet of the customer network.", - "title": "DestinationCidrBlock", - "type": "string" - }, - "VpnConnectionId": { - "markdownDescription": "The ID of the VPN connection.", - "title": "VpnConnectionId", - "type": "string" - } - }, - "required": [ - "DestinationCidrBlock", - "VpnConnectionId" - ], - "type": "object" + "Ebs": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.EbsBlockDevice", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" }, - "Type": { - "enum": [ - "AWS::EC2::VPNConnectionRoute" - ], + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", + "title": "NoDevice", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", + "title": "VirtualName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EC2::VPNGateway": { + "AWS::EC2::EC2Fleet.CapacityRebalance": { "additionalProperties": false, "properties": { - "Condition": { + "ReplacementStrategy": { + "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", + "title": "ReplacementStrategy", "type": "string" }, - "DeletionPolicy": { + "TerminationDelay": { + "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", + "title": "TerminationDelay", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest": { + "additionalProperties": false, + "properties": { + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ).\n\nIf you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.CpuPerformanceFactorRequest": { + "additionalProperties": false, + "properties": { + "References": { + "items": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.PerformanceFactorReferenceRequest" + }, + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently, only one instance family can be specified in the list.", + "title": "References", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.EbsBlockDevice": { + "additionalProperties": false, + "properties": { + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Encrypted": { + "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS encryption](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) in the *Amazon EBS User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .\n\n- If you are creating a block device mapping for a *new (empty) volume* , you can include this parameter, and specify either `true` for an encrypted volume, or `false` for an unencrypted volume. If you omit this parameter, it defaults to `false` (unencrypted).\n- If you are creating a block device mapping from an *existing encrypted or unencrypted snapshot* , you must omit this parameter. If you include this parameter, the request will fail, regardless of the value that you specify.\n- If you are creating a block device mapping from an *existing unencrypted volume* , you can include this parameter, but you must specify `false` . If you specify `true` , the request will fail. In this case, we recommend that you omit the parameter.\n- If you are creating a block device mapping from an *existing encrypted volume* , you can include this parameter, and specify either `true` or `false` . However, if you specify `false` , the parameter is ignored and the block device mapping is always encrypted. In this case, we recommend that you omit the parameter.", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.\n\nThis parameter is only supported on `BlockDeviceMapping` objects called by [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , and [RequestSpotInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html) .", + "title": "KmsKeyId", + "type": "string" + }, + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", + "type": "string" + }, + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest": { + "additionalProperties": false, + "properties": { + "LaunchTemplateSpecification": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest", + "markdownDescription": "The launch template to use. You must specify either the launch template ID or launch template name in the request.", + "title": "LaunchTemplateSpecification" + }, + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest" + }, + "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.\n\nFor fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates.", + "title": "Overrides", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to launch the instances.", + "title": "AvailabilityZone", + "type": "string" + }, + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BlockDeviceMapping" + }, + "markdownDescription": "The block device mappings, which define the EBS volumes and instance store volumes to attach to the instance at launch.\n\nSupported only for fleets of type `instant` .\n\nFor more information, see [Block device mappings for volumes on Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) in the *Amazon EC2 User Guide* .", + "title": "BlockDeviceMappings", + "type": "array" + }, + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.InstanceRequirementsRequest", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type.\n\n`mac1.metal` is not supported as a launch template override.\n\n> If you specify `InstanceType` , you can't specify `InstanceRequirements` .", + "title": "InstanceType", + "type": "string" + }, + "MaxPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.\n> \n> If you specify a maximum price, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message.", + "title": "MaxPrice", + "type": "string" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.Placement", + "markdownDescription": "The location where the instance launched, if applicable.", + "title": "Placement" + }, + "Priority": { + "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", + "title": "Priority", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID.", + "title": "SubnetId", + "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest": { + "additionalProperties": false, + "properties": { + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", + "title": "LaunchTemplateId", + "type": "string" + }, + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", + "title": "LaunchTemplateName", + "type": "string" + }, + "Version": { + "markdownDescription": "The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails.\n\nIf the value is `$Latest` , Amazon EC2 uses the latest version of the launch template.\n\nIf the value is `$Default` , Amazon EC2 uses the default version of the launch template.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Version" + ], + "type": "object" + }, + "AWS::EC2::EC2Fleet.InstanceRequirementsRequest": { + "additionalProperties": false, + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorCountRequest", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" + }, + "AcceleratorManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", + "type": "array" + }, + "AcceleratorNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", + "type": "array" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", + "type": "array" + }, + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" + }, + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" + }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" + }, + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", + "type": "string" + }, + "CpuManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", + "type": "array" + }, + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" + }, + "InstanceGenerations": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" + }, + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", + "type": "string" + }, + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" + }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest", + "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.VCpuCountRangeRequest", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.MaintenanceStrategies": { + "additionalProperties": false, + "properties": { + "CapacityRebalance": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityRebalance", + "markdownDescription": "The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.", + "title": "CapacityRebalance" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.MemoryMiBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.OnDemandOptionsRequest": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity.\n\n`lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first.\n\n`prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first.\n\nDefault: `lowest-price`", + "title": "AllocationStrategy", + "type": "string" + }, + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest", + "markdownDescription": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.\n\nSupported only for fleets of type `instant` .", + "title": "CapacityReservationOptions" + }, + "MaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "MaxTotalPrice", + "type": "string" + }, + "MinTargetCapacity": { + "markdownDescription": "The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", + "title": "MinTargetCapacity", + "type": "number" + }, + "SingleAvailabilityZone": { + "markdownDescription": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", + "title": "SingleAvailabilityZone", + "type": "boolean" + }, + "SingleInstanceType": { + "markdownDescription": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.\n\nSupported only for fleets of type `instant` .", + "title": "SingleInstanceType", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.PerformanceFactorReferenceRequest": { + "additionalProperties": false, + "properties": { + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response response for [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) and an exception for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , [ModifyFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html) , and [ModifySpotFleetRequest](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html) .", + "title": "InstanceFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.Placement": { + "additionalProperties": false, + "properties": { + "Affinity": { + "markdownDescription": "The affinity setting for the instance on the Dedicated Host.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", + "title": "Affinity", + "type": "string" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "AvailabilityZone", + "type": "string" + }, + "GroupName": { + "markdownDescription": "The name of the placement group that the instance is in. If you specify `GroupName` , you can't specify `GroupId` .", + "title": "GroupName", + "type": "string" + }, + "HostId": { + "markdownDescription": "The ID of the Dedicated Host on which the instance resides.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", + "title": "HostId", + "type": "string" + }, + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances.\n\nIf you specify this parameter, either omit the *Tenancy* parameter or set it to `host` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "HostResourceGroupArn", + "type": "string" + }, + "PartitionNumber": { + "markdownDescription": "The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", + "title": "PartitionNumber", + "type": "number" + }, + "SpreadDomain": { + "markdownDescription": "Reserved for future use.", + "title": "SpreadDomain", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option.", + "title": "Tenancy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.SpotOptionsRequest": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.\n\nIf the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.\n\nIf the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify.\n\nIf the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity.\n\n*Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized`", + "title": "AllocationStrategy", + "type": "string" + }, + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted.\n\nDefault: `terminate`", + "title": "InstanceInterruptionBehavior", + "type": "string" + }, + "InstancePoolsToUseCount": { + "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", + "title": "InstancePoolsToUseCount", + "type": "number" + }, + "MaintenanceStrategies": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.MaintenanceStrategies", + "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", + "title": "MaintenanceStrategies" + }, + "MaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "MaxTotalPrice", + "type": "string" + }, + "MinTargetCapacity": { + "markdownDescription": "The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", + "title": "MinTargetCapacity", + "type": "number" + }, + "SingleAvailabilityZone": { + "markdownDescription": "Indicates that the fleet launches all Spot Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", + "title": "SingleAvailabilityZone", + "type": "boolean" + }, + "SingleInstanceType": { + "markdownDescription": "Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.\n\nSupported only for fleets of type `instant` .", + "title": "SingleInstanceType", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "markdownDescription": "The type of resource to tag.", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest": { + "additionalProperties": false, + "properties": { + "DefaultTargetCapacityType": { + "markdownDescription": "The default target capacity type.", + "title": "DefaultTargetCapacityType", + "type": "string" + }, + "OnDemandTargetCapacity": { + "markdownDescription": "The number of On-Demand units to request.", + "title": "OnDemandTargetCapacity", + "type": "number" + }, + "SpotTargetCapacity": { + "markdownDescription": "The number of Spot units to request.", + "title": "SpotTargetCapacity", + "type": "number" + }, + "TargetCapacityUnitType": { + "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection.\n\nDefault: `units` (the number of instances)", + "title": "TargetCapacityUnitType", + "type": "string" + }, + "TotalTargetCapacity": { + "markdownDescription": "The number of units to request, filled using the default target capacity type.", + "title": "TotalTargetCapacity", + "type": "number" + } + }, + "required": [ + "TotalTargetCapacity" + ], + "type": "object" + }, + "AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EC2Fleet.VCpuCountRangeRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::EIP": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { "enum": [ "Delete", "Retain", @@ -81120,33 +89883,55 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonSideAsn": { - "markdownDescription": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session.", - "title": "AmazonSideAsn", - "type": "number" + "Address": { + "markdownDescription": "An Elastic IP address or a carrier IP address in a Wavelength Zone.", + "title": "Address", + "type": "string" + }, + "Domain": { + "markdownDescription": "The network ( `vpc` ).\n\nIf you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource.", + "title": "Domain", + "type": "string" + }, + "InstanceId": { + "markdownDescription": "The ID of the instance.\n\n> Updates to the `InstanceId` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "title": "InstanceId", + "type": "string" + }, + "IpamPoolId": { + "markdownDescription": "The ID of an IPAM pool which has an Amazon-provided or BYOIP public IPv4 CIDR provisioned to it. For more information, see [Allocate sequential Elastic IP addresses from an IPAM pool](https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-eip-pool.html) in the *Amazon VPC IPAM User Guide* .", + "title": "IpamPoolId", + "type": "string" + }, + "NetworkBorderGroup": { + "markdownDescription": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n\nUse [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups.", + "title": "NetworkBorderGroup", + "type": "string" + }, + "PublicIpv4Pool": { + "markdownDescription": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n\n> Updates to the `PublicIpv4Pool` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", + "title": "PublicIpv4Pool", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags assigned to the virtual private gateway.", + "markdownDescription": "Any tags assigned to the Elastic IP address.\n\n> Updates to the `Tags` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "The type of VPN connection the virtual private gateway supports.", - "title": "Type", + "TransferAddress": { + "markdownDescription": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "TransferAddress", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPNGateway" + "AWS::EC2::EIP" ], "type": "string" }, @@ -81160,12 +89945,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::VPNGatewayRoutePropagation": { + "AWS::EC2::EIPAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -81200,29 +89984,32 @@ "Properties": { "additionalProperties": false, "properties": { - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to.", - "title": "RouteTableIds", - "type": "array" + "AllocationId": { + "markdownDescription": "The allocation ID. This is required.", + "title": "AllocationId", + "type": "string" }, - "VpnGatewayId": { - "markdownDescription": "The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with.", - "title": "VpnGatewayId", + "InstanceId": { + "markdownDescription": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.", + "title": "InstanceId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n\nYou can specify either the instance ID or the network interface ID, but not both.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.", + "title": "PrivateIpAddress", "type": "string" } }, - "required": [ - "RouteTableIds", - "VpnGatewayId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VPNGatewayRoutePropagation" + "AWS::EC2::EIPAssociation" ], "type": "string" }, @@ -81236,12 +90023,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint": { + "AWS::EC2::EgressOnlyInternetGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -81276,96 +90062,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationDomain": { - "markdownDescription": "The DNS name for users to reach your application.", - "title": "ApplicationDomain", - "type": "string" - }, - "AttachmentType": { - "markdownDescription": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", - "title": "AttachmentType", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the AWS Verified Access endpoint.", - "title": "Description", - "type": "string" - }, - "DomainCertificateArn": { - "markdownDescription": "The ARN of a public TLS/SSL certificate imported into or created with ACM.", - "title": "DomainCertificateArn", - "type": "string" - }, - "EndpointDomainPrefix": { - "markdownDescription": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.", - "title": "EndpointDomainPrefix", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.", - "title": "EndpointType", - "type": "string" - }, - "LoadBalancerOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions", - "markdownDescription": "The load balancer details if creating the AWS Verified Access endpoint as `load-balancer` type.", - "title": "LoadBalancerOptions" - }, - "NetworkInterfaceOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions", - "markdownDescription": "The options for network-interface type endpoint.", - "title": "NetworkInterfaceOptions" - }, - "PolicyDocument": { - "markdownDescription": "The Verified Access policy document.", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyEnabled": { - "markdownDescription": "The status of the Verified Access policy.", - "title": "PolicyEnabled", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for the endpoint.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "The tags assigned to the egress-only internet gateway.", "title": "Tags", "type": "array" }, - "VerifiedAccessGroupId": { - "markdownDescription": "The ID of the AWS Verified Access group.", - "title": "VerifiedAccessGroupId", + "VpcId": { + "markdownDescription": "The ID of the VPC for which to create the egress-only internet gateway.", + "title": "VpcId", "type": "string" } }, "required": [ - "ApplicationDomain", - "AttachmentType", - "DomainCertificateArn", - "EndpointDomainPrefix", - "EndpointType", - "VerifiedAccessGroupId" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VerifiedAccessEndpoint" + "AWS::EC2::EgressOnlyInternetGateway" ], "type": "string" }, @@ -81384,73 +90102,7 @@ ], "type": "object" }, - "AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions": { - "additionalProperties": false, - "properties": { - "LoadBalancerArn": { - "markdownDescription": "The ARN of the load balancer.", - "title": "LoadBalancerArn", - "type": "string" - }, - "Port": { - "markdownDescription": "The IP port number.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The IP protocol.", - "title": "Protocol", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions": { - "additionalProperties": false, - "properties": { - "NetworkInterfaceId": { - "markdownDescription": "The ID of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "Port": { - "markdownDescription": "The IP port number.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The IP protocol.", - "title": "Protocol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessEndpoint.SseSpecification": { - "additionalProperties": false, - "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", - "type": "boolean" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessGroup": { + "AWS::EC2::EnclaveCertificateIamRoleAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -81485,48 +90137,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access group.", - "title": "Description", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "The Verified Access policy document.", - "title": "PolicyDocument", + "CertificateArn": { + "markdownDescription": "The ARN of the ACM certificate with which to associate the IAM role.", + "title": "CertificateArn", "type": "string" }, - "PolicyEnabled": { - "markdownDescription": "The status of the Verified Access policy.", - "title": "PolicyEnabled", - "type": "boolean" - }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessGroup.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - }, - "VerifiedAccessInstanceId": { - "markdownDescription": "The ID of the AWS Verified Access instance.", - "title": "VerifiedAccessInstanceId", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.", + "title": "RoleArn", "type": "string" } }, "required": [ - "VerifiedAccessInstanceId" + "CertificateArn", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VerifiedAccessGroup" + "AWS::EC2::EnclaveCertificateIamRoleAssociation" ], "type": "string" }, @@ -81545,23 +90175,7 @@ ], "type": "object" }, - "AWS::EC2::VerifiedAccessGroup.SseSpecification": { - "additionalProperties": false, - "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", - "type": "boolean" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance": { + "AWS::EC2::FlowLog": { "additionalProperties": false, "properties": { "Condition": { @@ -81596,51 +90210,79 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access instance.", - "title": "Description", + "DeliverCrossAccountRole": { + "markdownDescription": "The ARN of the IAM role that allows the service to publish flow logs across accounts.", + "title": "DeliverCrossAccountRole", "type": "string" }, - "FipsEnabled": { - "markdownDescription": "Indicates whether support for Federal Information Processing Standards (FIPS) is enabled on the instance.", - "title": "FipsEnabled", - "type": "boolean" + "DeliverLogsPermissionArn": { + "markdownDescription": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.\n\nThis parameter is required if the destination type is `cloud-watch-logs` , or if the destination type is `kinesis-data-firehose` and the delivery stream and the resources to monitor are in different accounts.", + "title": "DeliverLogsPermissionArn", + "type": "string" }, - "LoggingConfigurations": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs", - "markdownDescription": "The logging configuration for the Verified Access instances.", - "title": "LoggingConfigurations" + "DestinationOptions": { + "$ref": "#/definitions/AWS::EC2::FlowLog.DestinationOptions", + "markdownDescription": "The destination options.", + "title": "DestinationOptions" + }, + "LogDestination": { + "markdownDescription": "The destination for the flow log data. The meaning of this parameter depends on the destination type.\n\n- If the destination type is `cloud-watch-logs` , specify the ARN of a CloudWatch Logs log group. For example:\n\narn:aws:logs: *region* : *account_id* :log-group: *my_group*\n\nAlternatively, use the `LogGroupName` parameter.\n- If the destination type is `s3` , specify the ARN of an S3 bucket. For example:\n\narn:aws:s3::: *my_bucket* / *my_subfolder* /\n\nThe subfolder is optional. Note that you can't use `AWSLogs` as a subfolder name.\n- If the destination type is `kinesis-data-firehose` , specify the ARN of a Kinesis Data Firehose delivery stream. For example:\n\narn:aws:firehose: *region* : *account_id* :deliverystream: *my_stream*", + "title": "LogDestination", + "type": "string" + }, + "LogDestinationType": { + "markdownDescription": "The type of destination for the flow log data.\n\nDefault: `cloud-watch-logs`", + "title": "LogDestinationType", + "type": "string" + }, + "LogFormat": { + "markdownDescription": "The fields to include in the flow log record, in the order in which they should appear. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must include at least one field. For more information about the available fields, see [Flow log records](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) in the *Amazon VPC User Guide* or [Transit Gateway Flow Log records](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) in the *AWS Transit Gateway Guide* .\n\nSpecify the fields using the `${field-id}` format, separated by spaces.", + "title": "LogFormat", + "type": "string" + }, + "LogGroupName": { + "markdownDescription": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.\n\nThis parameter is valid only if the destination type is `cloud-watch-logs` .", + "title": "LogGroupName", + "type": "string" + }, + "MaxAggregationInterval": { + "markdownDescription": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. The possible values are 60 seconds (1 minute) or 600 seconds (10 minutes). This parameter must be 60 seconds for transit gateway resource types.\n\nWhen a network interface is attached to a [Nitro-based instance](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) , the aggregation interval is always 60 seconds or less, regardless of the value that you specify.\n\nDefault: 600", + "title": "MaxAggregationInterval", + "type": "number" + }, + "ResourceId": { + "markdownDescription": "The ID of the resource to monitor. For example, if the resource type is `VPC` , specify the ID of the VPC.", + "title": "ResourceId", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The type of resource to monitor.", + "title": "ResourceType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "The tags to apply to the flow logs.", "title": "Tags", "type": "array" }, - "VerifiedAccessTrustProviderIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the AWS Verified Access trust providers.", - "title": "VerifiedAccessTrustProviderIds", - "type": "array" - }, - "VerifiedAccessTrustProviders": { - "items": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider" - }, - "markdownDescription": "The IDs of the AWS Verified Access trust providers.", - "title": "VerifiedAccessTrustProviders", - "type": "array" + "TrafficType": { + "markdownDescription": "The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). This parameter is not supported for transit gateway resource types. It is required for the other resource types.", + "title": "TrafficType", + "type": "string" } }, + "required": [ + "ResourceId", + "ResourceType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VerifiedAccessInstance" + "AWS::EC2::FlowLog" ], "type": "string" }, @@ -81654,134 +90296,41 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.CloudWatchLogs": { + "AWS::EC2::FlowLog.DestinationOptions": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", - "title": "Enabled", + "FileFormat": { + "markdownDescription": "The format for the flow log. The default is `plain-text` .", + "title": "FileFormat", + "type": "string" + }, + "HiveCompatiblePartitions": { + "markdownDescription": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` .", + "title": "HiveCompatiblePartitions", "type": "boolean" }, - "LogGroup": { - "markdownDescription": "The ID of the CloudWatch Logs log group.", - "title": "LogGroup", - "type": "string" + "PerHourPartition": { + "markdownDescription": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` .", + "title": "PerHourPartition", + "type": "boolean" } }, + "required": [ + "FileFormat", + "HiveCompatiblePartitions", + "PerHourPartition" + ], "type": "object" }, - "AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose": { + "AWS::EC2::GatewayRouteTableAssociation": { "additionalProperties": false, "properties": { - "DeliveryStream": { - "markdownDescription": "The ID of the delivery stream.", - "title": "DeliveryStream", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance.S3": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The bucket name.", - "title": "BucketName", - "type": "string" - }, - "BucketOwner": { - "markdownDescription": "The AWS account number that owns the bucket.", - "title": "BucketOwner", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Indicates whether logging is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Prefix": { - "markdownDescription": "The bucket prefix.", - "title": "Prefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs": { - "additionalProperties": false, - "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.CloudWatchLogs", - "markdownDescription": "CloudWatch Logs logging destination.", - "title": "CloudWatchLogs" - }, - "IncludeTrustContext": { - "markdownDescription": "Indicates whether to include trust data sent by trust providers in the logs.", - "title": "IncludeTrustContext", - "type": "boolean" - }, - "KinesisDataFirehose": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose", - "markdownDescription": "Kinesis logging destination.", - "title": "KinesisDataFirehose" - }, - "LogVersion": { - "markdownDescription": "The logging version.\n\nValid values: `ocsf-0.1` | `ocsf-1.0.0-rc.2`", - "title": "LogVersion", - "type": "string" - }, - "S3": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.S3", - "markdownDescription": "Amazon S3 logging options.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access trust provider.", - "title": "Description", - "type": "string" - }, - "DeviceTrustProviderType": { - "markdownDescription": "The type of device-based trust provider.", - "title": "DeviceTrustProviderType", - "type": "string" - }, - "TrustProviderType": { - "markdownDescription": "The type of Verified Access trust provider.", - "title": "TrustProviderType", - "type": "string" - }, - "UserTrustProviderType": { - "markdownDescription": "The type of user-based trust provider.", - "title": "UserTrustProviderType", - "type": "string" - }, - "VerifiedAccessTrustProviderId": { - "markdownDescription": "The ID of the AWS Verified Access trust provider.", - "title": "VerifiedAccessTrustProviderId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessTrustProvider": { - "additionalProperties": false, - "properties": { - "Condition": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -81813,64 +90362,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the AWS Verified Access trust provider.", - "title": "Description", - "type": "string" - }, - "DeviceOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions", - "markdownDescription": "The options for device-identity trust provider.", - "title": "DeviceOptions" - }, - "DeviceTrustProviderType": { - "markdownDescription": "The type of device-based trust provider.", - "title": "DeviceTrustProviderType", - "type": "string" - }, - "OidcOptions": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.OidcOptions", - "markdownDescription": "The options for an OpenID Connect-compatible user-identity trust provider.", - "title": "OidcOptions" - }, - "PolicyReferenceName": { - "markdownDescription": "The identifier to be used when working with policy rules.", - "title": "PolicyReferenceName", - "type": "string" - }, - "SseSpecification": { - "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.SseSpecification", - "markdownDescription": "The options for additional server side encryption.", - "title": "SseSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags.", - "title": "Tags", - "type": "array" - }, - "TrustProviderType": { - "markdownDescription": "The type of Verified Access trust provider.", - "title": "TrustProviderType", + "GatewayId": { + "markdownDescription": "The ID of the gateway.", + "title": "GatewayId", "type": "string" }, - "UserTrustProviderType": { - "markdownDescription": "The type of user-based trust provider.", - "title": "UserTrustProviderType", + "RouteTableId": { + "markdownDescription": "The ID of the route table.", + "title": "RouteTableId", "type": "string" } }, "required": [ - "PolicyReferenceName", - "TrustProviderType" + "GatewayId", + "RouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EC2::VerifiedAccessTrustProvider" + "AWS::EC2::GatewayRouteTableAssociation" ], "type": "string" }, @@ -81889,80 +90400,7 @@ ], "type": "object" }, - "AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions": { - "additionalProperties": false, - "properties": { - "PublicSigningKeyUrl": { - "markdownDescription": "The URL AWS Verified Access will use to verify the authenticity of the device tokens.", - "title": "PublicSigningKeyUrl", - "type": "string" - }, - "TenantId": { - "markdownDescription": "The ID of the tenant application with the device-identity provider.", - "title": "TenantId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessTrustProvider.OidcOptions": { - "additionalProperties": false, - "properties": { - "AuthorizationEndpoint": { - "markdownDescription": "The OIDC authorization endpoint.", - "title": "AuthorizationEndpoint", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The client identifier.", - "title": "ClientId", - "type": "string" - }, - "ClientSecret": { - "markdownDescription": "The client secret.", - "title": "ClientSecret", - "type": "string" - }, - "Issuer": { - "markdownDescription": "The OIDC issuer.", - "title": "Issuer", - "type": "string" - }, - "Scope": { - "markdownDescription": "The OpenID Connect (OIDC) scope specified.", - "title": "Scope", - "type": "string" - }, - "TokenEndpoint": { - "markdownDescription": "The OIDC token endpoint.", - "title": "TokenEndpoint", - "type": "string" - }, - "UserInfoEndpoint": { - "markdownDescription": "The OIDC user info endpoint.", - "title": "UserInfoEndpoint", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::VerifiedAccessTrustProvider.SseSpecification": { - "additionalProperties": false, - "properties": { - "CustomerManagedKeyEnabled": { - "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", - "title": "CustomerManagedKeyEnabled", - "type": "boolean" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key.", - "title": "KmsKeyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EC2::Volume": { + "AWS::EC2::Host": { "additionalProperties": false, "properties": { "Condition": { @@ -81997,68 +90435,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoEnableIO": { - "markdownDescription": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O.", - "title": "AutoEnableIO", - "type": "boolean" + "AssetId": { + "markdownDescription": "The ID of the Outpost hardware asset on which the Dedicated Host is allocated.", + "title": "AssetId", + "type": "string" + }, + "AutoPlacement": { + "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", + "title": "AutoPlacement", + "type": "string" }, "AvailabilityZone": { - "markdownDescription": "The ID of the Availability Zone in which to create the volume. For example, `us-east-1a` .", + "markdownDescription": "The Availability Zone in which to allocate the Dedicated Host.", "title": "AvailabilityZone", "type": "string" }, - "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) in the *Amazon EBS User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .", - "title": "Encrypted", - "type": "boolean" + "HostMaintenance": { + "markdownDescription": "Indicates whether host maintenance is enabled or disabled for the Dedicated Host.", + "title": "HostMaintenance", + "type": "string" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.", - "title": "Iops", - "type": "number" + "HostRecovery": { + "markdownDescription": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see [Host recovery](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", + "title": "HostRecovery", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` .\n\nIf you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to `true` , then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the AWS managed key .\n\nAlternatively, if you want to specify a different key, you can specify one of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. Specify the alias for the key, prefixed with `alias/` . For example, for a key with the alias `my_cmk` , use `alias/my_cmk` . Or to specify the AWS managed key , use `alias/aws/ebs` .\n- Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.", - "title": "KmsKeyId", + "InstanceFamily": { + "markdownDescription": "The instance family supported by the Dedicated Host. For example, `m5` .", + "title": "InstanceFamily", "type": "string" }, - "MultiAttachEnabled": { - "markdownDescription": "Indicates whether Amazon EBS Multi-Attach is enabled.\n\nAWS CloudFormation does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume.", - "title": "MultiAttachEnabled", - "type": "boolean" + "InstanceType": { + "markdownDescription": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.", + "title": "InstanceType", + "type": "string" }, "OutpostArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Outpost on which the Dedicated Host is allocated.", "title": "OutpostArn", "type": "string" }, - "Size": { - "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", - "title": "Size", - "type": "number" - }, - "SnapshotId": { - "markdownDescription": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.", - "title": "SnapshotId", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to apply to the volume during creation.", + "markdownDescription": "Any tags assigned to the Dedicated Host.", "title": "Tags", "type": "array" - }, - "Throughput": { - "markdownDescription": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n\nThis parameter is valid only for `gp3` volumes. The default value is 125.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", - "title": "Throughput", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) .\n\nDefault: `gp2`", - "title": "VolumeType", - "type": "string" } }, "required": [ @@ -82068,7 +90491,7 @@ }, "Type": { "enum": [ - "AWS::EC2::Volume" + "AWS::EC2::Host" ], "type": "string" }, @@ -82087,7 +90510,7 @@ ], "type": "object" }, - "AWS::EC2::VolumeAttachment": { + "AWS::EC2::IPAM": { "additionalProperties": false, "properties": { "Condition": { @@ -82122,113 +90545,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Device": { - "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", - "title": "Device", - "type": "string" + "DefaultResourceDiscoveryOrganizationalUnitExclusions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAM.IpamOrganizationalUnitExclusion" + }, + "markdownDescription": "If your IPAM is integrated with AWS Organizations, you can exclude an [organizational unit (OU)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#organizationalunit) from being managed by IPAM. When you exclude an OU, IPAM will not manage the IP addresses in accounts in that OU. For more information, see [Exclude organizational units from IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/exclude-ous.html) in the *Amazon Virtual Private Cloud IP Address Manager User Guide* .", + "title": "DefaultResourceDiscoveryOrganizationalUnitExclusions", + "type": "array" }, - "InstanceId": { - "markdownDescription": "The ID of the instance to which the volume attaches. This value can be a reference to an [`AWS::EC2::Instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance.", - "title": "InstanceId", + "Description": { + "markdownDescription": "The description for the IPAM.", + "title": "Description", "type": "string" }, - "VolumeId": { - "markdownDescription": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [`AWS::EC2::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume.", - "title": "VolumeId", - "type": "string" - } - }, - "required": [ - "InstanceId", - "VolumeId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EC2::VolumeAttachment" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::ECR::PublicRepository": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "EnablePrivateGua": { + "markdownDescription": "Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.", + "title": "EnablePrivateGua", + "type": "boolean" + }, + "MeteredAccount": { + "markdownDescription": "A metered account is an AWS account that is charged for active IP addresses managed in IPAM. For more information, see [Enable cost distribution](https://docs.aws.amazon.com/vpc/latest/ipam/ipam-enable-cost-distro.html) in the *Amazon VPC IPAM User Guide* .\n\nPossible values:\n\n- `ipam-owner` (default): The AWS account which owns the IPAM is charged for all active IP addresses managed in IPAM.\n- `resource-owner` : The AWS account that owns the IP address is charged for the active IP address.", + "title": "MeteredAccount", "type": "string" }, - { + "OperatingRegions": { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/AWS::EC2::IPAM.IpamOperatingRegion" }, + "markdownDescription": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "OperatingRegions", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "RepositoryCatalogData": { - "$ref": "#/definitions/AWS::ECR::PublicRepository.RepositoryCatalogData", - "markdownDescription": "The details about the repository that are publicly visible in the Amazon ECR Public Gallery. For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .", - "title": "RepositoryCatalogData" - }, - "RepositoryName": { - "markdownDescription": "The name to use for the public repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "RepositoryName", - "type": "string" - }, - "RepositoryPolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the public repository. For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .", - "title": "RepositoryPolicyText", - "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", "title": "Tags", "type": "array" + }, + "Tier": { + "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", + "title": "Tier", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::ECR::PublicRepository" + "AWS::EC2::IPAM" ], "type": "string" }, @@ -82246,44 +90612,35 @@ ], "type": "object" }, - "AWS::ECR::PublicRepository.RepositoryCatalogData": { + "AWS::EC2::IPAM.IpamOperatingRegion": { "additionalProperties": false, "properties": { - "AboutText": { - "markdownDescription": "The longform description of the contents of the repository. This text appears in the repository details on the Amazon ECR Public Gallery.", - "title": "AboutText", - "type": "string" - }, - "Architectures": { - "items": { - "type": "string" - }, - "markdownDescription": "The architecture tags that are associated with the repository.", - "title": "Architectures", - "type": "array" - }, - "OperatingSystems": { - "items": { - "type": "string" - }, - "markdownDescription": "The operating system tags that are associated with the repository.", - "title": "OperatingSystems", - "type": "array" - }, - "RepositoryDescription": { - "markdownDescription": "The short description of the repository.", - "title": "RepositoryDescription", + "RegionName": { + "markdownDescription": "The name of the operating Region.", + "title": "RegionName", "type": "string" - }, - "UsageText": { - "markdownDescription": "The longform usage details of the contents of the repository. The usage text provides context for users of the repository.", - "title": "UsageText", + } + }, + "required": [ + "RegionName" + ], + "type": "object" + }, + "AWS::EC2::IPAM.IpamOrganizationalUnitExclusion": { + "additionalProperties": false, + "properties": { + "OrganizationsEntityPath": { + "markdownDescription": "An AWS Organizations entity path. For more information on the entity path, see [Understand the AWS Organizations entity path](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_last-accessed-view-data-orgs.html#access_policies_access-advisor-viewing-orgs-entity-path) in the *AWS Identity and Access Management User Guide* .", + "title": "OrganizationsEntityPath", "type": "string" } }, + "required": [ + "OrganizationsEntityPath" + ], "type": "object" }, - "AWS::ECR::PullThroughCacheRule": { + "AWS::EC2::IPAMAllocation": { "additionalProperties": false, "properties": { "Condition": { @@ -82318,32 +90675,35 @@ "Properties": { "additionalProperties": false, "properties": { - "CredentialArn": { - "markdownDescription": "The ARN of the Secrets Manager secret associated with the pull through cache rule.", - "title": "CredentialArn", + "Cidr": { + "markdownDescription": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR.", + "title": "Cidr", "type": "string" }, - "EcrRepositoryPrefix": { - "markdownDescription": "The Amazon ECR repository prefix associated with the pull through cache rule.", - "title": "EcrRepositoryPrefix", + "Description": { + "markdownDescription": "A description for the allocation.", + "title": "Description", "type": "string" }, - "UpstreamRegistry": { - "markdownDescription": "The name of the upstream source registry associated with the pull through cache rule.", - "title": "UpstreamRegistry", + "IpamPoolId": { + "markdownDescription": "The ID of the IPAM pool from which you would like to allocate a CIDR.", + "title": "IpamPoolId", "type": "string" }, - "UpstreamRegistryUrl": { - "markdownDescription": "The upstream registry URL associated with the pull through cache rule.", - "title": "UpstreamRegistryUrl", - "type": "string" + "NetmaskLength": { + "markdownDescription": "The netmask length of the CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "NetmaskLength", + "type": "number" } }, + "required": [ + "IpamPoolId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::PullThroughCacheRule" + "AWS::EC2::IPAMAllocation" ], "type": "string" }, @@ -82357,11 +90717,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECR::RegistryPolicy": { + "AWS::EC2::IPAMPool": { "additionalProperties": false, "properties": { "Condition": { @@ -82396,20 +90757,105 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyText": { - "markdownDescription": "The JSON policy text for your registry.", - "title": "PolicyText", - "type": "object" + "AddressFamily": { + "markdownDescription": "The address family of the pool.", + "title": "AddressFamily", + "type": "string" + }, + "AllocationDefaultNetmaskLength": { + "markdownDescription": "The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.", + "title": "AllocationDefaultNetmaskLength", + "type": "number" + }, + "AllocationMaxNetmaskLength": { + "markdownDescription": "The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. The maximum netmask length must be greater than the minimum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "AllocationMaxNetmaskLength", + "type": "number" + }, + "AllocationMinNetmaskLength": { + "markdownDescription": "The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. The minimum netmask length must be less than the maximum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", + "title": "AllocationMinNetmaskLength", + "type": "number" + }, + "AllocationResourceTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.", + "title": "AllocationResourceTags", + "type": "array" + }, + "AutoImport": { + "markdownDescription": "If selected, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.\n\nA locale must be set on the pool for this feature to work.", + "title": "AutoImport", + "type": "boolean" + }, + "AwsService": { + "markdownDescription": "Limits which service in AWS that the pool can be used in. \"ec2\", for example, allows users to use space for Elastic IP addresses and VPCs.", + "title": "AwsService", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the IPAM pool.", + "title": "Description", + "type": "string" + }, + "IpamScopeId": { + "markdownDescription": "The ID of the scope in which you would like to create the IPAM pool.", + "title": "IpamScopeId", + "type": "string" + }, + "Locale": { + "markdownDescription": "The locale of the IPAM pool.\n\nThe locale for the pool should be one of the following:\n\n- An AWS Region where you want this IPAM pool to be available for allocations.\n- The network border group for an AWS Local Zone where you want this IPAM pool to be available for allocations ( [supported Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#byoip-zone-avail) ). This option is only available for IPAM IPv4 pools in the public scope.\n\nIf you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error.", + "title": "Locale", + "type": "string" + }, + "ProvisionedCidrs": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMPool.ProvisionedCidr" + }, + "markdownDescription": "Information about the CIDRs provisioned to an IPAM pool.", + "title": "ProvisionedCidrs", + "type": "array" + }, + "PublicIpSource": { + "markdownDescription": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `BYOIP` . For more information, see [Create IPv6 pools](https://docs.aws.amazon.com//vpc/latest/ipam/intro-create-ipv6-pools.html) in the *Amazon VPC IPAM User Guide* . By default, you can add only one Amazon-provided IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the default limit, see [Quotas for your IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/quotas-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "PublicIpSource", + "type": "string" + }, + "PubliclyAdvertisable": { + "markdownDescription": "Determines if a pool is publicly advertisable. This option is not available for pools with AddressFamily set to `ipv4` .", + "title": "PubliclyAdvertisable", + "type": "boolean" + }, + "SourceIpamPoolId": { + "markdownDescription": "The ID of the source IPAM pool. You can use this option to create an IPAM pool within an existing source pool.", + "title": "SourceIpamPoolId", + "type": "string" + }, + "SourceResource": { + "$ref": "#/definitions/AWS::EC2::IPAMPool.SourceResource", + "markdownDescription": "The resource used to provision CIDRs to a resource planning pool.", + "title": "SourceResource" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", + "title": "Tags", + "type": "array" } }, "required": [ - "PolicyText" + "AddressFamily", + "IpamScopeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::RegistryPolicy" + "AWS::EC2::IPAMPool" ], "type": "string" }, @@ -82428,7 +90874,53 @@ ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration": { + "AWS::EC2::IPAMPool.ProvisionedCidr": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", + "title": "Cidr", + "type": "string" + } + }, + "required": [ + "Cidr" + ], + "type": "object" + }, + "AWS::EC2::IPAMPool.SourceResource": { + "additionalProperties": false, + "properties": { + "ResourceId": { + "markdownDescription": "The source resource ID.", + "title": "ResourceId", + "type": "string" + }, + "ResourceOwner": { + "markdownDescription": "The source resource owner.", + "title": "ResourceOwner", + "type": "string" + }, + "ResourceRegion": { + "markdownDescription": "The source resource Region.", + "title": "ResourceRegion", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The source resource type.", + "title": "ResourceType", + "type": "string" + } + }, + "required": [ + "ResourceId", + "ResourceOwner", + "ResourceRegion", + "ResourceType" + ], + "type": "object" + }, + "AWS::EC2::IPAMPoolCidr": { "additionalProperties": false, "properties": { "Condition": { @@ -82463,20 +90955,30 @@ "Properties": { "additionalProperties": false, "properties": { - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationConfiguration", - "markdownDescription": "The replication configuration for a registry.", - "title": "ReplicationConfiguration" + "Cidr": { + "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", + "title": "Cidr", + "type": "string" + }, + "IpamPoolId": { + "markdownDescription": "The ID of the IPAM pool.", + "title": "IpamPoolId", + "type": "string" + }, + "NetmaskLength": { + "markdownDescription": "The netmask length of the CIDR you'd like to provision to a pool. Can be used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for provisioning CIDRs to pools with source pools. Cannot be used to provision BYOIP CIDRs to top-level pools. \"NetmaskLength\" or \"Cidr\" is required.", + "title": "NetmaskLength", + "type": "number" } }, "required": [ - "ReplicationConfiguration" + "IpamPoolId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::ReplicationConfiguration" + "AWS::EC2::IPAMPoolCidr" ], "type": "string" }, @@ -82495,89 +90997,7 @@ ], "type": "object" }, - "AWS::ECR::ReplicationConfiguration.ReplicationConfiguration": { - "additionalProperties": false, - "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationRule" - }, - "markdownDescription": "An array of objects representing the replication destinations and repository filters for a replication configuration.", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "Rules" - ], - "type": "object" - }, - "AWS::ECR::ReplicationConfiguration.ReplicationDestination": { - "additionalProperties": false, - "properties": { - "Region": { - "markdownDescription": "The Region to replicate to.", - "title": "Region", - "type": "string" - }, - "RegistryId": { - "markdownDescription": "The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID.", - "title": "RegistryId", - "type": "string" - } - }, - "required": [ - "Region", - "RegistryId" - ], - "type": "object" - }, - "AWS::ECR::ReplicationConfiguration.ReplicationRule": { - "additionalProperties": false, - "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationDestination" - }, - "markdownDescription": "An array of objects representing the destination for a replication rule.", - "title": "Destinations", - "type": "array" - }, - "RepositoryFilters": { - "items": { - "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.RepositoryFilter" - }, - "markdownDescription": "An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.", - "title": "RepositoryFilters", - "type": "array" - } - }, - "required": [ - "Destinations" - ], - "type": "object" - }, - "AWS::ECR::ReplicationConfiguration.RepositoryFilter": { - "additionalProperties": false, - "properties": { - "Filter": { - "markdownDescription": "The repository filter details. When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.", - "title": "Filter", - "type": "string" - }, - "FilterType": { - "markdownDescription": "The repository filter type. The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.", - "title": "FilterType", - "type": "string" - } - }, - "required": [ - "Filter", - "FilterType" - ], - "type": "object" - }, - "AWS::ECR::Repository": { + "AWS::EC2::IPAMResourceDiscovery": { "additionalProperties": false, "properties": { "Condition": { @@ -82612,46 +91032,32 @@ "Properties": { "additionalProperties": false, "properties": { - "EmptyOnDelete": { - "markdownDescription": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.", - "title": "EmptyOnDelete", - "type": "boolean" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::ECR::Repository.EncryptionConfiguration", - "markdownDescription": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", - "title": "EncryptionConfiguration" - }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ECR::Repository.ImageScanningConfiguration", - "markdownDescription": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.", - "title": "ImageScanningConfiguration" - }, - "ImageTagMutability": { - "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", - "title": "ImageTagMutability", + "Description": { + "markdownDescription": "The resource discovery description.", + "title": "Description", "type": "string" }, - "LifecyclePolicy": { - "$ref": "#/definitions/AWS::ECR::Repository.LifecyclePolicy", - "markdownDescription": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .", - "title": "LifecyclePolicy" - }, - "RepositoryName": { - "markdownDescription": "The name to use for the repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "RepositoryName", - "type": "string" + "OperatingRegions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion" + }, + "markdownDescription": "The operating Regions for the resource discovery. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.", + "title": "OperatingRegions", + "type": "array" }, - "RepositoryPolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "RepositoryPolicyText", - "type": "object" + "OrganizationalUnitExclusions": { + "items": { + "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamResourceDiscoveryOrganizationalUnitExclusion" + }, + "markdownDescription": "If your IPAM is integrated with AWS Organizations, you can exclude an [organizational unit (OU)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#organizationalunit) from being managed by IPAM. When you exclude an OU, IPAM will not manage the IP addresses in accounts in that OU. For more information, see [Exclude organizational units from IPAM](https://docs.aws.amazon.com/vpc/latest/ipam/exclude-ous.html) in the *Amazon Virtual Private Cloud IP Address Manager User Guide* .", + "title": "OrganizationalUnitExclusions", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.", + "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", "title": "Tags", "type": "array" } @@ -82660,7 +91066,7 @@ }, "Type": { "enum": [ - "AWS::ECR::Repository" + "AWS::EC2::IPAMResourceDiscovery" ], "type": "string" }, @@ -82678,53 +91084,35 @@ ], "type": "object" }, - "AWS::ECR::Repository.EncryptionConfiguration": { + "AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "EncryptionType", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", - "title": "KmsKey", + "RegionName": { + "markdownDescription": "The name of the operating Region.", + "title": "RegionName", "type": "string" } }, "required": [ - "EncryptionType" + "RegionName" ], "type": "object" }, - "AWS::ECR::Repository.ImageScanningConfiguration": { - "additionalProperties": false, - "properties": { - "ScanOnPush": { - "markdownDescription": "The setting that determines whether images are scanned after being pushed to a repository. If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.", - "title": "ScanOnPush", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ECR::Repository.LifecyclePolicy": { + "AWS::EC2::IPAMResourceDiscovery.IpamResourceDiscoveryOrganizationalUnitExclusion": { "additionalProperties": false, "properties": { - "LifecyclePolicyText": { - "markdownDescription": "The JSON repository policy text to apply to the repository.", - "title": "LifecyclePolicyText", - "type": "string" - }, - "RegistryId": { - "markdownDescription": "The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.", - "title": "RegistryId", + "OrganizationsEntityPath": { + "markdownDescription": "An AWS Organizations entity path. For more information on the entity path, see [Understand the AWS Organizations entity path](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_last-accessed-view-data-orgs.html#access_policies_access-advisor-viewing-orgs-entity-path) in the *AWS Identity and Access Management User Guide* .", + "title": "OrganizationsEntityPath", "type": "string" } }, + "required": [ + "OrganizationsEntityPath" + ], "type": "object" }, - "AWS::ECR::RepositoryCreationTemplate": { + "AWS::EC2::IPAMResourceDiscoveryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -82759,62 +91147,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AppliedFor": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of enumerable Strings representing the repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION", - "title": "AppliedFor", - "type": "array" - }, - "Description": { - "markdownDescription": "The description associated with the repository creation template.", - "title": "Description", - "type": "string" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration", - "markdownDescription": "The encryption configuration associated with the repository creation template.", - "title": "EncryptionConfiguration" - }, - "ImageTagMutability": { - "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", - "title": "ImageTagMutability", - "type": "string" - }, - "LifecyclePolicy": { - "markdownDescription": "The lifecycle policy to use for repositories created using the template.", - "title": "LifecyclePolicy", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The repository namespace prefix associated with the repository creation template.", - "title": "Prefix", + "IpamId": { + "markdownDescription": "The IPAM ID.", + "title": "IpamId", "type": "string" }, - "RepositoryPolicy": { - "markdownDescription": "The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.", - "title": "RepositoryPolicy", + "IpamResourceDiscoveryId": { + "markdownDescription": "The resource discovery ID.", + "title": "IpamResourceDiscoveryId", "type": "string" }, - "ResourceTags": { + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "ResourceTags", + "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", + "title": "Tags", "type": "array" } }, "required": [ - "AppliedFor", - "Prefix" + "IpamId", + "IpamResourceDiscoveryId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECR::RepositoryCreationTemplate" + "AWS::EC2::IPAMResourceDiscoveryAssociation" ], "type": "string" }, @@ -82833,26 +91193,7 @@ ], "type": "object" }, - "AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", - "title": "EncryptionType", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", - "title": "KmsKey", - "type": "string" - } - }, - "required": [ - "EncryptionType" - ], - "type": "object" - }, - "AWS::ECS::CapacityProvider": { + "AWS::EC2::IPAMScope": { "additionalProperties": false, "properties": { "Condition": { @@ -82887,33 +91228,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingGroupProvider": { - "$ref": "#/definitions/AWS::ECS::CapacityProvider.AutoScalingGroupProvider", - "markdownDescription": "The Auto Scaling group settings for the capacity provider.", - "title": "AutoScalingGroupProvider" + "Description": { + "markdownDescription": "The description of the scope.", + "title": "Description", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used.", - "title": "Name", + "IpamId": { + "markdownDescription": "The ID of the IPAM for which you're creating this scope.", + "title": "IpamId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", "title": "Tags", "type": "array" } }, "required": [ - "AutoScalingGroupProvider" + "IpamId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::CapacityProvider" + "AWS::EC2::IPAMScope" ], "type": "string" }, @@ -82932,72 +91273,15 @@ ], "type": "object" }, - "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { - "additionalProperties": false, - "properties": { - "AutoScalingGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.", - "title": "AutoScalingGroupArn", - "type": "string" - }, - "ManagedDraining": { - "markdownDescription": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.", - "title": "ManagedDraining", - "type": "string" - }, - "ManagedScaling": { - "$ref": "#/definitions/AWS::ECS::CapacityProvider.ManagedScaling", - "markdownDescription": "The managed scaling settings for the Auto Scaling group capacity provider.", - "title": "ManagedScaling" - }, - "ManagedTerminationProtection": { - "markdownDescription": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off.\n\n> When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. \n\nWhen managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* .\n\nWhen managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.", - "title": "ManagedTerminationProtection", - "type": "string" - } - }, - "required": [ - "AutoScalingGroupArn" - ], - "type": "object" - }, - "AWS::ECS::CapacityProvider.ManagedScaling": { - "additionalProperties": false, - "properties": { - "InstanceWarmupPeriod": { - "markdownDescription": "The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used.", - "title": "InstanceWarmupPeriod", - "type": "number" - }, - "MaximumScalingStepSize": { - "markdownDescription": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. If this parameter is omitted, the default value of `10000` is used.", - "title": "MaximumScalingStepSize", - "type": "number" - }, - "MinimumScalingStepSize": { - "markdownDescription": "The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used.\n\nWhen additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size.\n\nIf you use a capacity provider with an Auto Scaling group configured with more than one Amazon EC2 instance type or Availability Zone, Amazon ECS will scale up by the exact minimum scaling step size value and will ignore both the maximum scaling step size as well as the capacity demand.", - "title": "MinimumScalingStepSize", - "type": "number" - }, - "Status": { - "markdownDescription": "Determines whether to use managed scaling for the capacity provider.", - "title": "Status", - "type": "string" - }, - "TargetCapacity": { - "markdownDescription": "The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used.", - "title": "TargetCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::Cluster": { + "AWS::EC2::Instance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, + "CreationPolicy": { + "type": "object" + }, "DeletionPolicy": { "enum": [ "Delete", @@ -83027,59 +91311,250 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n\nTo use a AWS Fargate capacity provider, specify either the `FARGATE` or `FARGATE_SPOT` capacity providers. The AWS Fargate capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n\nThe [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created.", - "title": "CapacityProviders", - "type": "array" + "AdditionalInfo": { + "markdownDescription": "This property is reserved for internal use. If you use it, the stack fails with this error: `Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)` .", + "title": "AdditionalInfo", + "type": "string" }, - "ClusterName": { - "markdownDescription": "A user-generated string that you use to identify your cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID for the name.", - "title": "ClusterName", + "Affinity": { + "markdownDescription": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify `host` . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify `default` .", + "title": "Affinity", "type": "string" }, - "ClusterSettings": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", + "title": "AvailabilityZone", + "type": "string" + }, + "BlockDeviceMappings": { "items": { - "$ref": "#/definitions/AWS::ECS::Cluster.ClusterSettings" + "$ref": "#/definitions/AWS::EC2::Instance.BlockDeviceMapping" }, - "markdownDescription": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n\nContainer Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up.\n\nFor more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ClusterSettings", + "markdownDescription": "The block device mapping entries that defines the block devices to attach to the instance at launch.\n\nBy default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the `DeleteOnTermination` setting.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "BlockDeviceMappings", "type": "array" }, - "Configuration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ClusterConfiguration", - "markdownDescription": "The execute command and managed storage configuration for the cluster.", - "title": "Configuration" + "CpuOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.CpuOptions", + "markdownDescription": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "CpuOptions" }, - "DefaultCapacityProviderStrategy": { + "CreditSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.CreditSpecification", + "markdownDescription": "The credit option for CPU usage of the burstable performance instance. Valid values are `standard` and `unlimited` . To change this attribute after launch, use [ModifyInstanceCreditSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html) . For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `standard` (T2 instances) or `unlimited` (T3/T3a/T4g instances)\n\nFor T3 instances with `host` tenancy, only `standard` is supported.", + "title": "CreditSpecification" + }, + "DisableApiTermination": { + "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", + "title": "DisableApiTermination", + "type": "boolean" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.\n\nDefault: `false`", + "title": "EbsOptimized", + "type": "boolean" + }, + "ElasticGpuSpecifications": { "items": { - "$ref": "#/definitions/AWS::ECS::Cluster.CapacityProviderStrategyItem" + "$ref": "#/definitions/AWS::EC2::Instance.ElasticGpuSpecification" }, - "markdownDescription": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used.", - "title": "DefaultCapacityProviderStrategy", + "markdownDescription": "An elastic GPU to associate with the instance.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", + "title": "ElasticGpuSpecifications", "type": "array" }, - "ServiceConnectDefaults": { - "$ref": "#/definitions/AWS::ECS::Cluster.ServiceConnectDefaults", - "markdownDescription": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the `enabled` parameter to `true` in the `ServiceConnectConfiguration` . You can set the namespace of each service individually in the `ServiceConnectConfiguration` to override this default parameter.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ServiceConnectDefaults" + "ElasticInferenceAccelerators": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.ElasticInferenceAccelerator" + }, + "markdownDescription": "An elastic inference accelerator to associate with the instance.\n\n> Amazon Elastic Inference is no longer available.", + "title": "ElasticInferenceAccelerators", + "type": "array" + }, + "EnclaveOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.EnclaveOptions", + "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "title": "EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.HibernationOptions", + "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .\n\nYou can't enable hibernation and AWS Nitro Enclaves on the same instance.", + "title": "HibernationOptions" + }, + "HostId": { + "markdownDescription": "If you specify host for the `Affinity` property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.", + "title": "HostId", + "type": "string" + }, + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", + "title": "HostResourceGroupArn", + "type": "string" + }, + "IamInstanceProfile": { + "markdownDescription": "The name of an IAM instance profile. To create a new IAM instance profile, use the [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html) resource.", + "title": "IamInstanceProfile", + "type": "string" + }, + "ImageId": { + "markdownDescription": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", + "title": "ImageId", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", + "title": "InstanceInitiatedShutdownBehavior", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The instance type. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nWhen you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance with an instance store volume as the root volume is always replaced. For more information, see [Change the instance type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceType", + "type": "string" + }, + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" + }, + "markdownDescription": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", + "title": "Ipv6Addresses", + "type": "array" + }, + "KernelId": { + "markdownDescription": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "KernelId", + "type": "string" + }, + "KeyName": { + "markdownDescription": "The name of the key pair. For more information, see [Create a key pair for your EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "title": "KeyName", + "type": "string" + }, + "LaunchTemplate": { + "$ref": "#/definitions/AWS::EC2::Instance.LaunchTemplateSpecification", + "markdownDescription": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", + "title": "LaunchTemplate" + }, + "LicenseSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.LicenseSpecification" + }, + "markdownDescription": "The license configurations.", + "title": "LicenseSpecifications", + "type": "array" + }, + "MetadataOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.MetadataOptions", + "markdownDescription": "The metadata options for the instance.", + "title": "MetadataOptions" + }, + "Monitoring": { + "markdownDescription": "Specifies whether detailed monitoring is enabled for the instance. Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see [Enable or turn off detailed monitoring for your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) in the *Amazon EC2 User Guide* .", + "title": "Monitoring", + "type": "boolean" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.NetworkInterface" + }, + "markdownDescription": "The network interfaces to associate with the instance.\n\n> If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.\n> \n> If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment.", + "title": "NetworkInterfaces", + "type": "array" + }, + "PlacementGroupName": { + "markdownDescription": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).", + "title": "PlacementGroupName", + "type": "string" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::EC2::Instance.PrivateDnsNameOptions", + "markdownDescription": "The options for the instance hostname.", + "title": "PrivateDnsNameOptions" + }, + "PrivateIpAddress": { + "markdownDescription": "The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same request.\n\nIf you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PropagateTagsToVolumeOnCreation": { + "markdownDescription": "Indicates whether to assign the tags specified in the `Tags` property to the volumes specified in the `BlockDeviceMappings` property.\n\nNote that using this feature does not assign the tags to volumes that are created separately and then attached using `AWS::EC2::VolumeAttachment` .", + "title": "PropagateTagsToVolumeOnCreation", + "type": "boolean" + }, + "RamdiskId": { + "markdownDescription": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "RamdiskId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nYou cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.\n\nDefault: Amazon EC2 uses the default security group.", + "title": "SecurityGroups", + "type": "array" + }, + "SourceDestCheck": { + "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", + "title": "SourceDestCheck", + "type": "boolean" + }, + "SsmAssociations": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.SsmAssociation" + }, + "markdownDescription": "The SSM [document](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html) and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see [Create an IAM instance profile for Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-configuring-access-role.html) in the *AWS Systems Manager User Guide* .\n\n> You can associate only one document with an instance.", + "title": "SsmAssociations", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", + "title": "SubnetId", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "The tags to add to the instance. These tags are not applied to the EBS volumes, such as the root volume, unless [PropagateTagsToVolumeOnCreation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-propagatetagstovolumeoncreation) is `true` .", "title": "Tags", "type": "array" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.", + "title": "Tenancy", + "type": "string" + }, + "UserData": { + "markdownDescription": "The parameters or scripts to store as user data. Any scripts in user data are run when you launch the instance. User data is limited to 16 KB. You must provide base64-encoded text. For more information, see [Fn::Base64](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-base64.html) .\n\nIf the root volume is an EBS volume and you update user data, CloudFormation restarts the instance. If the root volume is an instance store volume and you update user data, the instance is replaced.", + "title": "UserData", + "type": "string" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.Volume" + }, + "markdownDescription": "The volumes to attach to the instance.", + "title": "Volumes", + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::ECS::Cluster" + "AWS::EC2::Instance" ], "type": "string" }, @@ -83097,118 +91572,479 @@ ], "type": "object" }, - "AWS::ECS::Cluster.CapacityProviderStrategyItem": { + "AWS::EC2::Instance.AssociationParameter": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", + "Key": { + "markdownDescription": "The name of an input parameter that is in the associated SSM document.", + "title": "Key", + "type": "string" + }, + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "The value of an input parameter.", + "title": "Value", + "type": "array" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EC2::Instance.BlockDeviceMapping": { + "additionalProperties": false, + "properties": { + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).\n\n> After the instance is running, this parameter is used to specify the device name of the block device mapping to update.", + "title": "DeviceName", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::EC2::Instance.Ebs", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) .", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NoDevice", + "type": "object" + }, + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\n*Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VirtualName", + "type": "string" + } + }, + "required": [ + "DeviceName" + ], + "type": "object" + }, + "AWS::EC2::Instance.CpuOptions": { + "additionalProperties": false, + "properties": { + "CoreCount": { + "markdownDescription": "The number of CPU cores for the instance.", + "title": "CoreCount", "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core.", + "title": "ThreadsPerCore", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.CreditSpecification": { + "additionalProperties": false, + "properties": { + "CPUCredits": { + "markdownDescription": "The credit option for CPU usage of the instance.\n\nValid values: `standard` | `unlimited`\n\nT3 instances with `host` tenancy do not support the `unlimited` CPU credit option.", + "title": "CPUCredits", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.Ebs": { + "additionalProperties": false, + "properties": { + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000-16,000 IOPS\n- `io1` : 100-64,000 IOPS\n- `io2` : 100-64,000 IOPS\n\nFor `io1` and `io2` volumes, we guarantee 64,000 IOPS only for [Instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . Other instance families guarantee performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` . If the encrypted state is `true` but you do not specify `KmsKeyId` , your KMS key for EBS is used.\n\nYou can specify the KMS key using any of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. For example, alias/ExampleAlias.\n- Key ARN. For example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "KmsKeyId", "type": "string" }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.\n\nIf you specify both `SnapshotId` and `VolumeSize` , `VolumeSize` must be equal or greater than the size of the snapshot.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "SnapshotId", + "type": "string" + }, + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` :1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VolumeSize", "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide* . If the volume type is `io1` or `io2` , you must specify the IOPS that the volume supports.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::ECS::Cluster.ClusterConfiguration": { + "AWS::EC2::Instance.ElasticGpuSpecification": { "additionalProperties": false, "properties": { - "ExecuteCommandConfiguration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandConfiguration", - "markdownDescription": "The details of the execute command configuration.", - "title": "ExecuteCommandConfiguration" + "Type": { + "markdownDescription": "The type of Elastic Graphics accelerator.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::ECS::Cluster.ClusterSettings": { + "AWS::EC2::Instance.ElasticInferenceAccelerator": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the cluster setting. The value is `containerInsights` .", - "title": "Name", + "Count": { + "markdownDescription": "The number of elastic inference accelerators to attach to the instance.", + "title": "Count", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of elastic inference accelerator. The possible values are `eia1.medium` , `eia1.large` , `eia1.xlarge` , `eia2.medium` , `eia2.large` , and `eia2.xlarge` .", + "title": "Type", "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::EC2::Instance.EnaSrdSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value to set for the cluster setting. The supported values are `enhanced` , `enabled` , and `disabled` .\n\nTo use Container Insights with enhanced observability, set the `containerInsights` account setting to `enhanced` .\n\nTo use Container Insights, set the `containerInsights` account setting to `enabled` .\n\nIf a cluster value is specified, it will override the `containerInsights` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html) .", - "title": "Value", + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.EnaSrdUdpSpecification": { + "additionalProperties": false, + "properties": { + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.EnclaveOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.HibernationOptions": { + "additionalProperties": false, + "properties": { + "Configured": { + "markdownDescription": "Set to `true` to enable your instance for hibernation.\n\nFor Spot Instances, if you set `Configured` to `true` , either omit the `InstanceInterruptionBehavior` parameter (for [`SpotMarketOptions`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html) ), or set it to `hibernate` . When `Configured` is true:\n\n- If you omit `InstanceInterruptionBehavior` , it defaults to `hibernate` .\n- If you set `InstanceInterruptionBehavior` to a value other than `hibernate` , you'll get an error.\n\nDefault: `false`", + "title": "Configured", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.InstanceIpv6Address": { + "additionalProperties": false, + "properties": { + "Ipv6Address": { + "markdownDescription": "The IPv6 address.", + "title": "Ipv6Address", "type": "string" } }, + "required": [ + "Ipv6Address" + ], "type": "object" }, - "AWS::ECS::Cluster.ExecuteCommandConfiguration": { + "AWS::EC2::Instance.LaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "Specify an AWS Key Management Service key ID to encrypt the data between the local client and the container.", - "title": "KmsKeyId", + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", + "title": "LaunchTemplateId", "type": "string" }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandLogConfiguration", - "markdownDescription": "The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When `logging=OVERRIDE` is specified, a `logConfiguration` must be provided.", - "title": "LogConfiguration" + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", + "title": "LaunchTemplateName", + "type": "string" }, - "Logging": { - "markdownDescription": "The log setting to use for redirecting logs for your execute command results. The following log settings are available.\n\n- `NONE` : The execute command session is not logged.\n- `DEFAULT` : The `awslogs` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no `awslogs` log driver is configured in the task definition, the output won't be logged.\n- `OVERRIDE` : Specify the logging details as a part of `logConfiguration` . If the `OVERRIDE` logging option is specified, the `logConfiguration` is required.", - "title": "Logging", + "Version": { + "markdownDescription": "The version number of the launch template. You must specify this property.\n\nTo specify the default version of the template, use the `Fn::GetAtt` intrinsic function to retrieve the `DefaultVersionNumber` attribute of the launch template. To specify the latest version of the template, use `Fn::GetAtt` to retrieve the `LatestVersionNumber` attribute. For more information, see [AWS::EC2:LaunchTemplate return values for Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", + "title": "Version", "type": "string" } }, + "required": [ + "Version" + ], "type": "object" }, - "AWS::ECS::Cluster.ExecuteCommandLogConfiguration": { + "AWS::EC2::Instance.LicenseSpecification": { "additionalProperties": false, "properties": { - "CloudWatchEncryptionEnabled": { - "markdownDescription": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off.", - "title": "CloudWatchEncryptionEnabled", + "LicenseConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", + "title": "LicenseConfigurationArn", + "type": "string" + } + }, + "required": [ + "LicenseConfigurationArn" + ], + "type": "object" + }, + "AWS::EC2::Instance.MetadataOptions": { + "additionalProperties": false, + "properties": { + "HttpEndpoint": { + "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances.\n\nIf you specify a value of `disabled` , you cannot access your instance metadata.\n\nDefault: `enabled`", + "title": "HttpEndpoint", + "type": "string" + }, + "HttpProtocolIpv6": { + "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", + "title": "HttpProtocolIpv6", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "markdownDescription": "The maximum number of hops that the metadata token can travel.\n\nPossible values: Integers from 1 to 64", + "title": "HttpPutResponseHopLimit", + "type": "number" + }, + "HttpTokens": { + "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional, which means that you can use either IMDSv2 or IMDSv1.\n- `required` - IMDSv2 is required, which means that IMDSv1 is disabled, and you must use IMDSv2.\n\nDefault:\n\n- If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` and the account level default is set to `no-preference` , the default is `required` .\n- If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , but the account level default is set to `V1 or V2` , the default is `optional` .\n\nThe default value can also be affected by other combinations of parameters. For more information, see [Order of precedence for instance metadata options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html#instance-metadata-options-order-of-precedence) in the *Amazon EC2 User Guide* .", + "title": "HttpTokens", + "type": "string" + }, + "InstanceMetadataTags": { + "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [Work with instance tags using the instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS) .\n\nDefault: `disabled`", + "title": "InstanceMetadataTags", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.NetworkInterface": { + "additionalProperties": false, + "properties": { + "AssociateCarrierIpAddress": { + "markdownDescription": "Indicates whether to assign a carrier IP address to the network interface.\n\nYou can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see [Carrier IP address](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", + "title": "AssociateCarrierIpAddress", "type": "boolean" }, - "CloudWatchLogGroupName": { - "markdownDescription": "The name of the CloudWatch log group to send logs to.\n\n> The CloudWatch log group must already be created.", - "title": "CloudWatchLogGroupName", + "AssociatePublicIpAddress": { + "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance. Applies only if creating a network interface when launching an instance. The network interface must be the primary network interface. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Description", "type": "string" }, - "S3BucketName": { - "markdownDescription": "The name of the S3 bucket to send logs to.\n\n> The S3 bucket must already be created.", - "title": "S3BucketName", + "DeviceIndex": { + "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you create a network interface when launching an instance, you must specify the device index.", + "title": "DeviceIndex", "type": "string" }, - "S3EncryptionEnabled": { - "markdownDescription": "Determines whether to use encryption on the S3 logs. If not specified, encryption is not used.", - "title": "S3EncryptionEnabled", + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::Instance.EnaSrdSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdSpecification" + }, + "GroupSet": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", + "title": "GroupSet", + "type": "array" + }, + "Ipv6AddressCount": { + "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" + }, + "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6Addresses", + "type": "array" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface, when attaching an existing network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.PrivateIpAddressSpecification" + }, + "markdownDescription": "One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary.", + "title": "PrivateIpAddresses", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet associated with the network interface.", + "title": "SubnetId", + "type": "string" + } + }, + "required": [ + "DeviceIndex" + ], + "type": "object" + }, + "AWS::EC2::Instance.PrivateDnsNameOptions": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "EnableResourceNameDnsAAAARecord", "type": "boolean" }, - "S3KeyPrefix": { - "markdownDescription": "An optional folder in the S3 bucket to place logs in.", - "title": "S3KeyPrefix", + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" + }, + "HostnameType": { + "markdownDescription": "The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "HostnameType", "type": "string" } }, "type": "object" }, - "AWS::ECS::Cluster.ServiceConnectDefaults": { + "AWS::EC2::Instance.PrivateIpAddressSpecification": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include greater than (>), less than (<), double quotation marks (\"), or slash (/).\n\nIf you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region.\n\nIf you enter a new name, a AWS Cloud Map namespace will be created. Amazon ECS creates a AWS Cloud Map namespace with the \"API calls\" method of instance discovery only. This instance discovery method is the \"HTTP\" namespace type in the AWS Command Line Interface . Other types of instance discovery aren't used by Service Connect.\n\nIf you update the cluster with an empty string `\"\"` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in AWS Cloud Map and must be deleted separately.\n\nFor more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", - "title": "Namespace", + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", "type": "string" } }, + "required": [ + "Primary", + "PrivateIpAddress" + ], "type": "object" }, - "AWS::ECS::ClusterCapacityProviderAssociations": { + "AWS::EC2::Instance.SsmAssociation": { + "additionalProperties": false, + "properties": { + "AssociationParameters": { + "items": { + "$ref": "#/definitions/AWS::EC2::Instance.AssociationParameter" + }, + "markdownDescription": "The input parameter values to use with the associated SSM document.", + "title": "AssociationParameters", + "type": "array" + }, + "DocumentName": { + "markdownDescription": "The name of an SSM document to associate with the instance.", + "title": "DocumentName", + "type": "string" + } + }, + "required": [ + "DocumentName" + ], + "type": "object" + }, + "AWS::EC2::Instance.State": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The state of the instance as a 16-bit unsigned integer.\n\nThe high byte is all of the bits between 2^8 and (2^16)-1, which equals decimal values between 256 and 65,535. These numerical values are used for internal purposes and should be ignored.\n\nThe low byte is all of the bits between 2^0 and (2^8)-1, which equals decimal values between 0 and 255.\n\nThe valid values for instance-state-code will all be in the range of the low byte and they are:\n\n- `0` : `pending`\n- `16` : `running`\n- `32` : `shutting-down`\n- `48` : `terminated`\n- `64` : `stopping`\n- `80` : `stopped`\n\nYou can ignore the high byte value by zeroing out all of the bits above 2^8 or 256 in decimal.", + "title": "Code", + "type": "string" + }, + "Name": { + "markdownDescription": "The current state of the instance.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::Instance.Volume": { + "additionalProperties": false, + "properties": { + "Device": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "Device", + "type": "string" + }, + "VolumeId": { + "markdownDescription": "The ID of the EBS volume. The volume and instance must be within the same Availability Zone.", + "title": "VolumeId", + "type": "string" + } + }, + "required": [ + "Device", + "VolumeId" + ], + "type": "object" + }, + "AWS::EC2::InstanceConnectEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -83243,38 +92079,46 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityProviders": { + "ClientToken": { + "markdownDescription": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "title": "ClientToken", + "type": "string" + }, + "PreserveClientIp": { + "markdownDescription": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\n> `PreserveClientIp` is only supported on IPv4 EC2 Instance Connect Endpoints. To use `PreserveClientIp` , the value for `IpAddressType` must be `ipv4` . \n\nDefault: `false`", + "title": "PreserveClientIp", + "type": "boolean" + }, + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "The capacity providers to associate with the cluster.", - "title": "CapacityProviders", + "markdownDescription": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", + "title": "SecurityGroupIds", "type": "array" }, - "Cluster": { - "markdownDescription": "The cluster the capacity provider association is the target of.", - "title": "Cluster", + "SubnetId": { + "markdownDescription": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", + "title": "SubnetId", "type": "string" }, - "DefaultCapacityProviderStrategy": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The default capacity provider strategy to associate with the cluster.", - "title": "DefaultCapacityProviderStrategy", + "markdownDescription": "The tags to apply to the EC2 Instance Connect Endpoint during creation.", + "title": "Tags", "type": "array" } }, "required": [ - "CapacityProviders", - "Cluster", - "DefaultCapacityProviderStrategy" + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::ClusterCapacityProviderAssociations" + "AWS::EC2::InstanceConnectEndpoint" ], "type": "string" }, @@ -83293,31 +92137,73 @@ ], "type": "object" }, - "AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy": { + "AWS::EC2::InternetGateway": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", - "type": "number" + "Condition": { + "type": "string" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags to assign to the internet gateway.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::InternetGateway" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "CapacityProvider" + "Type" ], "type": "object" }, - "AWS::ECS::PrimaryTaskSet": { + "AWS::EC2::KeyPair": { "additionalProperties": false, "properties": { "Condition": { @@ -83352,32 +92238,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service that the task set exists in.", - "title": "Cluster", + "KeyFormat": { + "markdownDescription": "The format of the key pair.\n\nDefault: `pem`", + "title": "KeyFormat", "type": "string" }, - "Service": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service that the task set exists in.", - "title": "Service", + "KeyName": { + "markdownDescription": "A unique name for the key pair.\n\nConstraints: Up to 255 ASCII characters", + "title": "KeyName", "type": "string" }, - "TaskSetId": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the task set to set as the primary task set in the deployment.", - "title": "TaskSetId", + "KeyType": { + "markdownDescription": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n\nIf the `PublicKeyMaterial` property is specified, the `KeyType` property is ignored, and the key type is inferred from the `PublicKeyMaterial` value.\n\nDefault: `rsa`", + "title": "KeyType", + "type": "string" + }, + "PublicKeyMaterial": { + "markdownDescription": "The public key material. The `PublicKeyMaterial` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", + "title": "PublicKeyMaterial", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the key pair.", + "title": "Tags", + "type": "array" } }, "required": [ - "Cluster", - "Service", - "TaskSetId" + "KeyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::PrimaryTaskSet" + "AWS::EC2::KeyPair" ], "type": "string" }, @@ -83396,7 +92293,7 @@ ], "type": "object" }, - "AWS::ECS::Service": { + "AWS::EC2::LaunchTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -83431,148 +92328,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy can contain a maximum of 20 capacity providers.\n\n> To remove this property from your service resource, specify an empty `CapacityProviderStrategyItem` array.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", - "title": "Cluster", - "type": "string" - }, - "DeploymentConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentConfiguration", - "markdownDescription": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", - "title": "DeploymentConfiguration" - }, - "DeploymentController": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentController", - "markdownDescription": "The deployment controller to use for the service. If no deployment controller is specified, the default value of `ECS` is used.", - "title": "DeploymentController" - }, - "DesiredCount": { - "markdownDescription": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", - "title": "DesiredCount", - "type": "number" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you need to set the `propagateTags` request parameter.", - "title": "EnableECSManagedTags", - "type": "boolean" - }, - "EnableExecuteCommand": { - "markdownDescription": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", - "title": "EnableExecuteCommand", - "type": "boolean" - }, - "HealthCheckGracePeriodSeconds": { - "markdownDescription": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of `0` is used. If you don't use any of the health checks, then `healthCheckGracePeriodSeconds` is unused.\n\nIf your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", - "title": "HealthCheckGracePeriodSeconds", - "type": "number" - }, - "LaunchType": { - "markdownDescription": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", - "type": "string" - }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.LoadBalancer" - }, - "markdownDescription": "A list of load balancer objects to associate with the service. If you specify the `Role` property, `LoadBalancers` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> To remove this property from your service resource, specify an empty `LoadBalancer` array.", - "title": "LoadBalancers", - "type": "array" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.NetworkConfiguration", - "markdownDescription": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "NetworkConfiguration" - }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.\n\n> To remove this property from your service resource, specify an empty `PlacementConstraint` array.", - "title": "PlacementConstraints", - "type": "array" - }, - "PlacementStrategies": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.PlacementStrategy" - }, - "markdownDescription": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.\n\n> To remove this property from your service resource, specify an empty `PlacementStrategy` array.", - "title": "PlacementStrategies", - "type": "array" - }, - "PlatformVersion": { - "markdownDescription": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", - "type": "string" - }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n\nYou must set this to a value other than `NONE` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe default is `NONE` .", - "title": "PropagateTags", - "type": "string" - }, - "Role": { - "markdownDescription": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the `awsvpc` network mode. If you specify the `role` parameter, you must also specify a load balancer object with the `loadBalancers` parameter.\n\n> If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the `awsvpc` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nIf your specified role has a path other than `/` , then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` then you would specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", - "title": "Role", - "type": "string" - }, - "SchedulingStrategy": { - "markdownDescription": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nThere are two service scheduler strategies available:\n\n- `REPLICA` -The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the `CODE_DEPLOY` or `EXTERNAL` deployment controller types.\n- `DAEMON` -The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n\n> Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy.", - "title": "SchedulingStrategy", - "type": "string" - }, - "ServiceConnectConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectConfiguration", - "markdownDescription": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ServiceConnectConfiguration" + "LaunchTemplateData": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateData", + "markdownDescription": "The information for the launch template.", + "title": "LaunchTemplateData" }, - "ServiceName": { - "markdownDescription": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n\n> The stack update fails if you change any properties that require replacement and the `ServiceName` is configured. This is because AWS CloudFormation creates the replacement service first, but each `ServiceName` must be unique in the cluster.", - "title": "ServiceName", + "LaunchTemplateName": { + "markdownDescription": "A name for the launch template.", + "title": "LaunchTemplateName", "type": "string" }, - "ServiceRegistries": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceRegistry" - }, - "markdownDescription": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .\n\n> Each service may be associated with one service registry. Multiple service registries for each service isn't supported. > To remove this property from your service resource, specify an empty `ServiceRegistry` array.", - "title": "ServiceRegistries", - "type": "array" - }, - "Tags": { + "TagSpecifications": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification" }, - "markdownDescription": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", + "markdownDescription": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be `launch-template` .\n\nTo specify the tags for resources that are created during instance launch, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications) .", + "title": "TagSpecifications", "type": "array" }, - "TaskDefinition": { - "markdownDescription": "The `family` and `revision` ( `family:revision` ) or full ARN of the task definition to run in your service. If a `revision` isn't specified, the latest `ACTIVE` revision is used.\n\nA task definition must be specified if the service uses either the `ECS` or `CODE_DEPLOY` deployment controllers.\n\nFor more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) .", - "title": "TaskDefinition", + "VersionDescription": { + "markdownDescription": "A description for the first version of the launch template.", + "title": "VersionDescription", "type": "string" - }, - "VolumeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceVolumeConfiguration" - }, - "markdownDescription": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n\n> To remove this property from your service resource, specify an empty `ServiceVolumeConfiguration` array.", - "title": "VolumeConfigurations", - "type": "array" } }, + "required": [ + "LaunchTemplateData" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::Service" + "AWS::EC2::LaunchTemplate" ], "type": "string" }, @@ -83586,1686 +92373,1286 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ECS::Service.AwsVpcConfiguration": { + "AWS::EC2::LaunchTemplate.AcceleratorCount": { "additionalProperties": false, "properties": { - "AssignPublicIp": { - "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", - "title": "AssignPublicIp", - "type": "string" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", - "title": "SecurityGroups", - "type": "array" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", - "title": "Subnets", - "type": "array" + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.CapacityProviderStrategyItem": { + "AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", - "title": "Base", + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" - }, - "Weight": { - "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", - "title": "Weight", + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.DeploymentAlarms": { + "AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps": { "additionalProperties": false, "properties": { - "AlarmNames": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more CloudWatch alarm names. Use a \",\" to separate the alarms.", - "title": "AlarmNames", - "type": "array" - }, - "Enable": { - "markdownDescription": "Determines whether to use the CloudWatch alarm option in the service deployment process.", - "title": "Enable", - "type": "boolean" + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Rollback": { - "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", - "title": "Rollback", - "type": "boolean" - } - }, - "required": [ - "AlarmNames", - "Enable", - "Rollback" - ], - "type": "object" - }, - "AWS::ECS::Service.DeploymentCircuitBreaker": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "Determines whether to use the deployment circuit breaker logic for the service.", - "title": "Enable", - "type": "boolean" - }, - "Rollback": { - "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", - "title": "Rollback", - "type": "boolean" - } - }, - "required": [ - "Enable", - "Rollback" - ], - "type": "object" - }, - "AWS::ECS::Service.DeploymentConfiguration": { - "additionalProperties": false, - "properties": { - "Alarms": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentAlarms", - "markdownDescription": "Information about the CloudWatch alarms.", - "title": "Alarms" - }, - "DeploymentCircuitBreaker": { - "$ref": "#/definitions/AWS::ECS::Service.DeploymentCircuitBreaker", - "markdownDescription": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", - "title": "DeploymentCircuitBreaker" - }, - "MaximumPercent": { - "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nThe Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `maximumPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf the service uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service.", - "title": "MaximumPercent", - "type": "number" - }, - "MinimumHealthyPercent": { - "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", - "title": "MinimumHealthyPercent", + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::ECS::Service.DeploymentController": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The deployment controller type to use. There are three deployment controller types available:\n\n- **ECS** - The rolling update ( `ECS` ) deployment type involves replacing the current running version of the container with the latest version. The number of containers Amazon ECS adds or removes from the service during a rolling update is controlled by adjusting the minimum and maximum number of healthy tasks allowed during a service deployment, as specified in the [DeploymentConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeploymentConfiguration.html) .\n- **CODE_DEPLOY** - The blue/green ( `CODE_DEPLOY` ) deployment type uses the blue/green deployment model powered by AWS CodeDeploy , which allows you to verify a new deployment of a service before sending production traffic to it.\n- **EXTERNAL** - The external ( `EXTERNAL` ) deployment type enables you to use any third-party deployment controller for full control over the deployment process for an Amazon ECS service.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::Service.EBSTagSpecification": { + "AWS::EC2::LaunchTemplate.BaselinePerformanceFactors": { "additionalProperties": false, "properties": { - "PropagateTags": { - "markdownDescription": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", - "title": "PropagateTags", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The type of volume resource.", - "title": "ResourceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used.", - "title": "Tags", - "type": "array" + "Cpu": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Cpu", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" } }, - "required": [ - "ResourceType" - ], "type": "object" }, - "AWS::ECS::Service.LoadBalancer": { + "AWS::EC2::LaunchTemplate.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", - "title": "ContainerName", + "DeviceName": { + "markdownDescription": "The device name (for example, /dev/sdh or xvdh).", + "title": "DeviceName", "type": "string" }, - "ContainerPort": { - "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", - "title": "ContainerPort", - "type": "number" + "Ebs": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ebs", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", - "title": "LoadBalancerName", + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string.", + "title": "NoDevice", "type": "string" }, - "TargetGroupArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", - "title": "TargetGroupArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::Service.LogConfiguration": { - "additionalProperties": false, - "properties": { - "LogDriver": { - "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", - "title": "LogDriver", + "VirtualName": { + "markdownDescription": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.", + "title": "VirtualName", "type": "string" - }, - "Options": { - "additionalProperties": true, - "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Options", - "type": "object" - }, - "SecretOptions": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.Secret" - }, - "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "SecretOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ECS::Service.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.AwsVpcConfiguration", - "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", - "title": "AwsvpcConfiguration" } }, "type": "object" }, - "AWS::ECS::Service.PlacementConstraint": { + "AWS::EC2::LaunchTemplate.CapacityReservationSpecification": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Expression", + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `capacity-reservations-only` - The instance will only run in a Capacity Reservation or Capacity Reservation group. If capacity isn't available, the instance will fail to launch.\n- `open` - The instance can run in any `open` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone, tenancy).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.", + "title": "CapacityReservationPreference", "type": "string" }, - "Type": { - "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", - "title": "Type", - "type": "string" + "CapacityReservationTarget": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationTarget", + "markdownDescription": "Information about the target Capacity Reservation or Capacity Reservation group.", + "title": "CapacityReservationTarget" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ECS::Service.PlacementStrategy": { + "AWS::EC2::LaunchTemplate.CapacityReservationTarget": { "additionalProperties": false, "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host` , which has the same effect), or any platform or custom attribute that's applied to a container instance, such as `attribute:ecs.availability-zone` . For the `binpack` placement strategy, valid values are `cpu` and `memory` . For the `random` placement strategy, this field is not used.", - "title": "Field", + "CapacityReservationId": { + "markdownDescription": "The ID of the Capacity Reservation in which to run the instance.", + "title": "CapacityReservationId", "type": "string" }, - "Type": { - "markdownDescription": "The type of placement strategy. The `random` placement strategy randomly places tasks on available candidates. The `spread` placement strategy spreads placement across available candidates evenly based on the `field` parameter. The `binpack` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the `field` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.", - "title": "Type", + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ECS::Service.Secret": { + "AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the secret.", - "title": "Name", - "type": "string" + "TcpEstablishedTimeout": { + "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", + "title": "TcpEstablishedTimeout", + "type": "number" }, - "ValueFrom": { - "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", - "title": "ValueFrom", - "type": "string" - } - }, - "required": [ - "Name", - "ValueFrom" - ], - "type": "object" - }, - "AWS::ECS::Service.ServiceConnectClientAlias": { - "additionalProperties": false, - "properties": { - "DnsName": { - "markdownDescription": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "DnsName", - "type": "string" + "UdpStreamTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", + "title": "UdpStreamTimeout", + "type": "number" }, - "Port": { - "markdownDescription": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Port", + "UdpTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", + "title": "UdpTimeout", "type": "number" } }, - "required": [ - "Port" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectConfiguration": { + "AWS::EC2::LaunchTemplate.Cpu": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether to use Service Connect with this service.", - "title": "Enabled", - "type": "boolean" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::Service.LogConfiguration", - "markdownDescription": "The log configuration for the container. This parameter maps to `LogConfig` in the docker container create command and the `--log-driver` option to docker run.\n\nBy default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.\n\nUnderstand the following when specifying a log configuration for your containers.\n\n- Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n- This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.\n- For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .\n- For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.", - "title": "LogConfiguration" - }, - "Namespace": { - "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", - "title": "Namespace", - "type": "string" - }, - "Services": { + "References": { "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectService" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Reference" }, - "markdownDescription": "The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service.\n\nThis field is not required for a \"client\" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means.\n\nAn object selects a port from the task definition, assigns a name for the AWS Cloud Map service, and a list of aliases (endpoints) and ports for client applications to refer to this service.", - "title": "Services", + "markdownDescription": "The instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes are compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.", + "title": "References", "type": "array" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectService": { + "AWS::EC2::LaunchTemplate.CpuOptions": { "additionalProperties": false, "properties": { - "ClientAliases": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectClientAlias" - }, - "markdownDescription": "The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1.\n\nEach alias (\"endpoint\") is a fully-qualified name and port number that other Amazon ECS tasks (\"clients\") can use to connect to this service.\n\nEach name and port mapping must be unique within the namespace.\n\nFor each `ServiceConnectService` , you must provide at least one `clientAlias` with one `port` .", - "title": "ClientAliases", - "type": "array" - }, - "DiscoveryName": { - "markdownDescription": "The `discoveryName` is the name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the AWS Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n\nIf the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .", - "title": "DiscoveryName", + "AmdSevSnp": { + "markdownDescription": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html) .", + "title": "AmdSevSnp", "type": "string" }, - "IngressPortOverride": { - "markdownDescription": "The port number for the Service Connect proxy to listen on.\n\nUse the value of this field to bypass the proxy for traffic on the port number specified in the named `portMapping` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service.\n\nIn `awsvpc` mode and Fargate, the default value is the container port number. The container port number is in the `portMapping` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy.", - "title": "IngressPortOverride", + "CoreCount": { + "markdownDescription": "The number of CPU cores for the instance.", + "title": "CoreCount", "type": "number" }, - "PortName": { - "markdownDescription": "The `portName` must match the name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service.", - "title": "PortName", - "type": "string" - }, - "Timeout": { - "$ref": "#/definitions/AWS::ECS::Service.TimeoutConfiguration", - "markdownDescription": "A reference to an object that represents the configured timeouts for Service Connect.", - "title": "Timeout" - }, - "Tls": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsConfiguration", - "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) configuration.", - "title": "Tls" + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of `1` . Otherwise, specify the default value of `2` .", + "title": "ThreadsPerCore", + "type": "number" } }, - "required": [ - "PortName" - ], "type": "object" }, - "AWS::ECS::Service.ServiceConnectTlsCertificateAuthority": { + "AWS::EC2::LaunchTemplate.CreditSpecification": { "additionalProperties": false, "properties": { - "AwsPcaAuthorityArn": { - "markdownDescription": "The ARN of the AWS Private Certificate Authority certificate.", - "title": "AwsPcaAuthorityArn", + "CpuCredits": { + "markdownDescription": "The credit option for CPU usage of a T instance.\n\nValid values: `standard` | `unlimited`", + "title": "CpuCredits", "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.ServiceConnectTlsConfiguration": { + "AWS::EC2::LaunchTemplate.Ebs": { "additionalProperties": false, "properties": { - "IssuerCertificateAuthority": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsCertificateAuthority", - "markdownDescription": "The signer certificate authority.", - "title": "IssuerCertificateAuthority" - }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service key.", - "title": "KmsKey", - "type": "string" + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "IssuerCertificateAuthority" - ], - "type": "object" - }, - "AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration": { - "additionalProperties": false, - "properties": { "Encrypted": { - "markdownDescription": "Indicates whether the volume should be encrypted. If you turn on Region-level Amazon EBS encryption by default but set this value as `false` , the setting is overridden and the volume is encrypted with the KMS key specified for Amazon EBS encryption by default. This parameter maps 1:1 with the `Encrypted` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "markdownDescription": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", "title": "Encrypted", "type": "boolean" }, - "FilesystemType": { - "markdownDescription": "The filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the tasks will fail to start.\n\nThe available Linux filesystem types are `ext3` , `ext4` , and `xfs` . If no value is specified, the `xfs` filesystem type is used by default.\n\nThe available Windows filesystem types are `NTFS` .", - "title": "FilesystemType", - "type": "string" - }, "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type.\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nThis parameter is required for `io1` and `io2` volume types. The default for `gp3` volumes is `3,000 IOPS` . This parameter is not supported for `st1` , `sc1` , or `standard` volume types.\n\nThis parameter maps 1:1 with the `Iops` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is supported for `io1` , `io2` , and `gp3` volumes only.", "title": "Iops", "type": "number" }, "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When a key is specified using this parameter, it overrides Amazon EBS default encryption or any KMS key that you specified for cluster-level managed storage encryption. This parameter maps 1:1 with the `KmsKeyId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information about encrypting Amazon EBS volumes attached to tasks, see [Encrypt data stored in Amazon EBS volumes attached to Amazon ECS tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) .\n\n> AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails.", + "markdownDescription": "Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption.", "title": "KmsKeyId", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed `AmazonECSInfrastructureRolePolicyForVolumes` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide* .", - "title": "RoleArn", - "type": "string" - }, - "SizeInGiB": { - "markdownDescription": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the `Size` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\nThe following are the supported volume size values for each volume type.\n\n- `gp2` and `gp3` : 1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024", - "title": "SizeInGiB", - "type": "number" - }, "SnapshotId": { - "markdownDescription": "The snapshot that Amazon ECS uses to create volumes for attachment to tasks maintained by the service. You must specify either `snapshotId` or `sizeInGiB` in your volume configuration. This parameter maps 1:1 with the `SnapshotId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "markdownDescription": "The ID of the snapshot.", "title": "SnapshotId", "type": "string" }, - "TagSpecifications": { - "items": { - "$ref": "#/definitions/AWS::ECS::Service.EBSTagSpecification" - }, - "markdownDescription": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the `TagSpecifications.N` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", - "title": "TagSpecifications", - "type": "array" - }, "Throughput": { - "markdownDescription": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the `Throughput` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\n> This parameter is only supported for the `gp3` volume type.", + "markdownDescription": "The throughput to provision for a `gp3` volume, with a maximum of 1,000 MiB/s.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", "title": "Throughput", "type": "number" }, + "VolumeInitializationRate": { + "markdownDescription": "Specifies the Amazon EBS Provisioned Rate for Volume Initialization (volume initialization rate), in MiB/s, at which to download the snapshot blocks from Amazon S3 to the volume. This is also known as *volume initialization* . Specifying a volume initialization rate ensures that the volume is initialized at a predictable and consistent rate after creation.\n\nThis parameter is supported only for volumes created from snapshots. Omit this parameter if:\n\n- You want to create the volume using fast snapshot restore. You must specify a snapshot that is enabled for fast snapshot restore. In this case, the volume is fully initialized at creation.\n\n> If you specify a snapshot that is enabled for fast snapshot restore and a volume initialization rate, the volume will be initialized at the specified rate instead of fast snapshot restore.\n- You want to create a volume that is initialized at the default rate.\n\nFor more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EC2 User Guide* .\n\nValid range: 100 - 300 MiB/s", + "title": "VolumeInitializationRate", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" + }, "VolumeType": { - "markdownDescription": "The volume type. This parameter maps 1:1 with the `VolumeType` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide* .\n\nThe following are the supported volume types.\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\n> The magnetic volume type is not supported on Fargate.", + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", "title": "VolumeType", "type": "string" } }, - "required": [ - "RoleArn" - ], "type": "object" }, - "AWS::ECS::Service.ServiceRegistry": { + "AWS::EC2::LaunchTemplate.ElasticGpuSpecification": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerName", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerPort", - "type": "number" - }, - "Port": { - "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", - "title": "Port", - "type": "number" - }, - "RegistryArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", - "title": "RegistryArn", + "Type": { + "markdownDescription": "The type of Elastic Graphics accelerator.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::ECS::Service.ServiceVolumeConfiguration": { + "AWS::EC2::LaunchTemplate.EnaSrdSpecification": { "additionalProperties": false, "properties": { - "ManagedEBSVolume": { - "$ref": "#/definitions/AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration", - "markdownDescription": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created.", - "title": "ManagedEBSVolume" + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the volume. This value must match the volume name from the `Volume` object in the task definition.", - "title": "Name", - "type": "string" + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::ECS::Service.TimeoutConfiguration": { + "AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification": { "additionalProperties": false, "properties": { - "IdleTimeoutSeconds": { - "markdownDescription": "The amount of time in seconds a connection will stay active while idle. A value of `0` can be set to disable `idleTimeout` .\n\nThe `idleTimeout` default for `HTTP` / `HTTP2` / `GRPC` is 5 minutes.\n\nThe `idleTimeout` default for `TCP` is 1 hour.", - "title": "IdleTimeoutSeconds", - "type": "number" - }, - "PerRequestTimeoutSeconds": { - "markdownDescription": "The amount of time waiting for the upstream to respond with a complete response per request. A value of `0` can be set to disable `perRequestTimeout` . `perRequestTimeout` can only be set if Service Connect `appProtocol` isn't `TCP` . Only `idleTimeout` is allowed for `TCP` `appProtocol` .", - "title": "PerRequestTimeoutSeconds", - "type": "number" + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::ECS::TaskDefinition": { + "AWS::EC2::LaunchTemplate.EnclaveOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContainerDefinitions": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDefinition" - }, - "markdownDescription": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ContainerDefinitions", - "type": "array" - }, - "Cpu": { - "markdownDescription": "The number of `cpu` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the `memory` parameter.\n\nIf you're using the EC2 launch type or the external launch type, this field is optional. Supported values are between `128` CPU units ( `0.125` vCPUs) and `196608` CPU units ( `192` vCPUs).\n\nThis field is required for Fargate. For information about the valid values, see [Task size](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Cpu", - "type": "string" - }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EphemeralStorage", - "markdownDescription": "The ephemeral storage settings to use for tasks run with the task definition.", - "title": "EphemeralStorage" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ExecutionRoleArn", - "type": "string" - }, - "Family": { - "markdownDescription": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n\nA family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n\n> To use revision numbers when you update a task definition, specify this property. If you don't specify a value, AWS CloudFormation generates a new task definition each time that you update it.", - "title": "Family", - "type": "string" - }, - "InferenceAccelerators": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.InferenceAccelerator" - }, - "type": "array" - }, - "IpcMode": { - "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . If `host` is specified, then all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If `task` is specified, all containers within the specified task share the same IPC resources. If `none` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance.\n\nIf the `host` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose.\n\nIf you are setting namespaced kernel parameters using `systemControls` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n- For tasks that use the `host` IPC mode, IPC namespace related `systemControls` are not supported.\n- For tasks that use the `task` IPC mode, IPC namespace related `systemControls` will apply to all containers within a task.\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", - "title": "IpcMode", - "type": "string" - }, - "Memory": { - "markdownDescription": "The amount (in MiB) of memory used by the task.\n\nIf your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) .\n\nIf your tasks runs on AWS Fargate , this field is required. You must use one of the following values. The value you choose determines your range of valid values for the `cpu` parameter.\n\n- 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256 (.25 vCPU)\n- 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available `cpu` values: 512 (.5 vCPU)\n- 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available `cpu` values: 1024 (1 vCPU)\n- Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available `cpu` values: 2048 (2 vCPU)\n- Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available `cpu` values: 4096 (4 vCPU)\n- Between 16 GB and 60 GB in 4 GB increments - Available `cpu` values: 8192 (8 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.\n- Between 32GB and 120 GB in 8 GB increments - Available `cpu` values: 16384 (16 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.", - "title": "Memory", - "type": "string" - }, - "NetworkMode": { - "markdownDescription": "The Docker networking mode to use for the containers in the task. The valid values are `none` , `bridge` , `awsvpc` , and `host` . If no network mode is specified, the default is `bridge` .\n\nFor Amazon ECS tasks on Fargate, the `awsvpc` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, `` or `awsvpc` can be used. If the network mode is set to `none` , you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The `host` and `awsvpc` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the `bridge` mode.\n\nWith the `host` and `awsvpc` network modes, exposed container ports are mapped directly to the corresponding host port (for the `host` network mode) or the attached elastic network interface port (for the `awsvpc` network mode), so you cannot take advantage of dynamic host port mappings.\n\n> When using the `host` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user. \n\nIf the network mode is `awsvpc` , the task is allocated an elastic network interface, and you must specify a [NetworkConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_NetworkConfiguration.html) value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf the network mode is `host` , you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.", - "title": "NetworkMode", - "type": "string" - }, - "PidMode": { - "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . On Fargate for Linux containers, the only valid value is `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container.\n\nIf the `host` PID mode is used, there's a heightened risk of undesired process namespace exposure.\n\n> This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.", - "title": "PidMode", - "type": "string" - }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for tasks.\n\n> This parameter isn't supported for tasks run on AWS Fargate .", - "title": "PlacementConstraints", - "type": "array" - }, - "ProxyConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ProxyConfiguration", - "markdownDescription": "The configuration details for the App Mesh proxy.\n\nYour Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the `ecs-init` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version `20190301` or later, they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ProxyConfiguration" - }, - "RequiresCompatibilities": { - "items": { - "type": "string" - }, - "markdownDescription": "The task launch types the task definition was validated against. The valid values are `EC2` , `FARGATE` , and `EXTERNAL` . For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "RequiresCompatibilities", - "type": "array" - }, - "RuntimePlatform": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.RuntimePlatform", - "markdownDescription": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.", - "title": "RuntimePlatform" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", - "title": "Tags", - "type": "array" - }, - "TaskRoleArn": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the AWS Identity and Access Management role that grants containers in the task permission to call AWS APIs on your behalf. For more information, see [Amazon ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIAM roles for tasks on Windows require that the `-EnableTaskIAMRole` option is set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some configuration code to use the feature. For more information, see [Windows IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> String validation is done on the ECS side. If an invalid string value is given for `TaskRoleArn` , it may cause the Cloudformation job to hang.", - "title": "TaskRoleArn", - "type": "string" - }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Volume" - }, - "markdownDescription": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> The `host` and `sourcePath` parameters aren't supported for tasks run on AWS Fargate .", - "title": "Volumes", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::ECS::TaskDefinition" - ], + "Enabled": { + "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.HibernationOptions": { + "additionalProperties": false, + "properties": { + "Configured": { + "markdownDescription": "If you set this parameter to `true` , the instance is enabled for hibernation.\n\nDefault: `false`", + "title": "Configured", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EC2::LaunchTemplate.IamInstanceProfile": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", + "title": "Arn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the instance profile.", + "title": "Name", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.AuthorizationConfig": { + "AWS::EC2::LaunchTemplate.InstanceMarketOptions": { "additionalProperties": false, "properties": { - "AccessPointId": { - "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", - "title": "AccessPointId", + "MarketType": { + "markdownDescription": "The market type.", + "title": "MarketType", "type": "string" }, - "IAM": { - "markdownDescription": "Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "IAM", - "type": "string" + "SpotOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.SpotOptions", + "markdownDescription": "The options for Spot Instances.", + "title": "SpotOptions" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.ContainerDefinition": { + "AWS::EC2::LaunchTemplate.InstanceRequirements": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the docker container create command and the `COMMAND` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.", - "title": "Command", - "type": "array" - }, - "Cpu": { - "markdownDescription": "The number of `cpu` units reserved for the container. This parameter maps to `CpuShares` in the docker container create commandand the `--cpu-shares` option to docker run.\n\nThis field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level `cpu` value.\n\n> You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. \n\nLinux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.\n\nOn Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version:\n\n- *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares.\n- *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2.\n- *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares.\n\nOn Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as `0` , which Windows interprets as 1% of one CPU.", - "title": "Cpu", - "type": "number" + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorCount", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" }, - "CredentialSpecs": { + "AcceleratorManufacturers": { "items": { "type": "string" }, - "markdownDescription": "A list of ARNs in SSM or Amazon S3 to a credential spec ( `CredSpec` ) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the `dockerSecurityOptions` . The maximum number of ARNs is 1.\n\nThere are two formats for each ARN.\n\n- **credentialspecdomainless:MyARN** - You use `credentialspecdomainless:MyARN` to provide a `CredSpec` with an additional section for a secret in AWS Secrets Manager . You provide the login credentials to the domain in the secret.\n\nEach task that runs on any container instance can join different domains.\n\nYou can use this format without joining the container instance to a domain.\n- **credentialspec:MyARN** - You use `credentialspec:MyARN` to provide a `CredSpec` for a single domain.\n\nYou must join the container instance to the domain before you start any tasks that use this task definition.\n\nIn both formats, replace `MyARN` with the ARN in SSM or Amazon S3.\n\nIf you provide a `credentialspecdomainless:MyARN` , the `credspec` must provide a ARN in AWS Secrets Manager for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) .", - "title": "CredentialSpecs", + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", "type": "array" }, - "DependsOn": { + "AcceleratorNames": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDependency" + "type": "string" }, - "markdownDescription": "The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed.\n\nFor tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nIf the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html) , the `dependsOn` parameter is not supported.", - "title": "DependsOn", + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", "type": "array" }, - "DisableNetworking": { - "markdownDescription": "When this parameter is true, networking is off within the container. This parameter maps to `NetworkDisabled` in the docker container create command.\n\n> This parameter is not supported for Windows containers.", - "title": "DisableNetworking", - "type": "boolean" + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" }, - "DnsSearchDomains": { + "AcceleratorTypes": { "items": { "type": "string" }, - "markdownDescription": "A list of DNS search domains that are presented to the container. This parameter maps to `DnsSearch` in the docker container create command and the `--dns-search` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "DnsSearchDomains", + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", "type": "array" }, - "DnsServers": { + "AllowedInstanceTypes": { "items": { "type": "string" }, - "markdownDescription": "A list of DNS servers that are presented to the container. This parameter maps to `Dns` in the docker container create command and the `--dns` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "DnsServers", + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", "type": "array" }, - "DockerLabels": { - "additionalProperties": true, - "markdownDescription": "A key/value map of labels to add to the container. This parameter maps to `Labels` in the docker container create command and the `--label` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "DockerLabels", - "type": "object" + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", + "type": "string" }, - "DockerSecurityOptions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type.\n\nFor Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.\n\nFor any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThis parameter maps to `SecurityOpt` in the docker container create command and the `--security-opt` option to docker run.\n\n> The Amazon ECS container agent running on a container instance must register with the `ECS_SELINUX_CAPABLE=true` or `ECS_APPARMOR_CAPABLE=true` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nValid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" | \"credentialspec:CredentialSpecFilePath\"", - "title": "DockerSecurityOptions", - "type": "array" + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" }, - "EntryPoint": { - "items": { - "type": "string" - }, - "markdownDescription": "> Early versions of the Amazon ECS container agent don't properly handle `entryPoint` parameters. If you have problems using `entryPoint` , update your container agent or enter your commands and arguments as `command` array items instead. \n\nThe entry point that's passed to the container. This parameter maps to `Entrypoint` in the docker container create command and the `--entrypoint` option to docker run.", - "title": "EntryPoint", - "type": "array" + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselinePerformanceFactors", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" }, - "Environment": { + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", + "type": "string" + }, + "CpuManufacturers": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" + "type": "string" }, - "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the docker container create command and the `--env` option to docker run.\n\n> We don't recommend that you use plaintext environment variables for sensitive information, such as credential data.", - "title": "Environment", + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", "type": "array" }, - "EnvironmentFiles": { + "ExcludedInstanceTypes": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EnvironmentFile" + "type": "string" }, - "markdownDescription": "A list of files containing the environment variables to pass to a container. This parameter maps to the `--env-file` option to docker run.\n\nYou can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file contains an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored.\n\nIf there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "EnvironmentFiles", + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", "type": "array" }, - "Essential": { - "markdownDescription": "If the `essential` parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as `false` , its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Essential", - "type": "boolean" - }, - "ExtraHosts": { + "InstanceGenerations": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostEntry" + "type": "string" }, - "markdownDescription": "A list of hostnames and IP address mappings to append to the `/etc/hosts` file on the container. This parameter maps to `ExtraHosts` in the docker container create command and the `--add-host` option to docker run.\n\n> This parameter isn't supported for Windows containers or tasks that use the `awsvpc` network mode.", - "title": "ExtraHosts", + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", "type": "array" }, - "FirelensConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FirelensConfiguration", - "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "FirelensConfiguration" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HealthCheck", - "markdownDescription": "The container health check command and associated configuration parameters for the container. This parameter maps to `HealthCheck` in the docker container create command and the `HEALTHCHECK` parameter of docker run.", - "title": "HealthCheck" - }, - "Hostname": { - "markdownDescription": "The hostname to use for your container. This parameter maps to `Hostname` in the docker container create command and the `--hostname` option to docker run.\n\n> The `hostname` parameter is not supported if you're using the `awsvpc` network mode.", - "title": "Hostname", - "type": "string" - }, - "Image": { - "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . For images using tags (repository-url/image:tag), up to 255 characters total are allowed, including letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs (#). For images using digests (repository-url/image@digest), the 255 character limit applies only to the repository URL and image name (everything before the @ sign). The only supported hash function is sha256, and the hash value after sha256: must be exactly 64 characters (only letters A-F, a-f, and numbers 0-9 are allowed). This parameter maps to `Image` in the docker container create command and the `IMAGE` parameter of docker run.\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", - "title": "Image", + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", "type": "string" }, - "Interactive": { - "markdownDescription": "When this parameter is `true` , you can deploy containerized applications that require `stdin` or a `tty` to be allocated. This parameter maps to `OpenStdin` in the docker container create command and the `--interactive` option to docker run.", - "title": "Interactive", - "type": "boolean" - }, - "Links": { + "LocalStorageTypes": { "items": { "type": "string" }, - "markdownDescription": "The `links` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is `bridge` . The `name:internalName` construct is analogous to `name:alias` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to `Links` in the docker container create command and the `--link` option to docker run.\n\n> This parameter is not supported for Windows containers. > Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.", - "title": "Links", + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", "type": "array" }, - "LinuxParameters": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.LinuxParameters", - "markdownDescription": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .\n\n> This parameter is not supported for Windows containers.", - "title": "LinuxParameters" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.LogConfiguration", - "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the docker Create a container command and the `--log-driver` option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LogConfiguration" - }, - "Memory": { - "markdownDescription": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task `memory` value, if one is specified. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nIf using the Fargate launch type, this parameter is optional.\n\nIf using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level `memory` and `memoryReservation` value, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.", - "title": "Memory", - "type": "number" - }, - "MemoryReservation": { - "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the `memory` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to `MemoryReservation` in the docker container create command and the `--memory-reservation` option to docker run.\n\nIf a task-level memory value is not specified, you must specify a non-zero integer for one or both of `memory` or `memoryReservation` in a container definition. If you specify both, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nFor example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a `memoryReservation` of 128 MiB, and a `memory` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.", - "title": "MemoryReservation", + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", "type": "number" }, - "MountPoints": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.MountPoint" - }, - "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the docker container create command and the `--volume` option to docker run.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", - "title": "MountPoints", - "type": "array" + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" }, - "Name": { - "markdownDescription": "The name of a container. If you're linking multiple containers together in a task definition, the `name` of one container can be entered in the `links` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to `name` in the docker container create command and the `--name` option to docker run.", - "title": "Name", - "type": "string" + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryMiB", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" }, - "PortMappings": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.PortMapping" - }, - "markdownDescription": "The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.\n\nFor task definitions that use the `awsvpc` network mode, you should only specify the `containerPort` . The `hostPort` can be left blank or it must be the same value as the `containerPort` .\n\nPort mappings on Windows use the `NetNAT` gateway address rather than `localhost` . There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.\n\nThis parameter maps to `PortBindings` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--publish` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . If the network mode of a task definition is set to `none` , then you can't specify port mappings. If the network mode of a task definition is set to `host` , then host ports must either be undefined or they must match the container port in the port mapping.\n\n> After a task reaches the `RUNNING` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the `networkBindings` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses.", - "title": "PortMappings", - "type": "array" + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkBandwidthGbps", + "markdownDescription": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" }, - "Privileged": { - "markdownDescription": "When this parameter is true, the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the docker container create command and the `--privileged` option to docker run\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", - "title": "Privileged", - "type": "boolean" + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterfaceCount", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" }, - "PseudoTerminal": { - "markdownDescription": "When this parameter is `true` , a TTY is allocated. This parameter maps to `Tty` in the docker container create command and the `--tty` option to docker run.", - "title": "PseudoTerminal", - "type": "boolean" + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo turn off price protection, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" }, - "ReadonlyRootFilesystem": { - "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the docker container create command and the `--read-only` option to docker run.\n\n> This parameter is not supported for Windows containers.", - "title": "ReadonlyRootFilesystem", + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", "type": "boolean" }, - "RepositoryCredentials": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.RepositoryCredentials", - "markdownDescription": "The private repository authentication credentials to use.", - "title": "RepositoryCredentials" - }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.ResourceRequirement" - }, - "markdownDescription": "The type and amount of a resource to assign to a container. The only supported resource is a GPU.", - "title": "ResourceRequirements", - "type": "array" - }, - "Secrets": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" - }, - "markdownDescription": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Secrets", - "type": "array" - }, - "StartTimeout": { - "markdownDescription": "Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a `COMPLETE` , `SUCCESS` , or `HEALTHY` status. If a `startTimeout` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a `STOPPED` state.\n\n> When the `ECS_CONTAINER_START_TIMEOUT` container agent configuration variable is used, it's enforced independently from this start timeout value. \n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks using the EC2 launch type, your container instances require at least version `1.26.0` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version `1.26.0-1` of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", - "title": "StartTimeout", - "type": "number" - }, - "StopTimeout": { - "markdownDescription": "Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks that use the Fargate launch type, the max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.\n\nFor tasks that use the EC2 launch type, if the `stopTimeout` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable `ECS_CONTAINER_STOP_TIMEOUT` is used. If neither the `stopTimeout` parameter or the `ECS_CONTAINER_STOP_TIMEOUT` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", - "title": "StopTimeout", + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", "type": "number" }, - "SystemControls": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.SystemControl" - }, - "markdownDescription": "A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in the docker container create command and the `--sysctl` option to docker run. For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.", - "title": "SystemControls", - "type": "array" - }, - "Ulimits": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Ulimit" - }, - "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> This parameter is not supported for Windows containers.", - "title": "Ulimits", - "type": "array" - }, - "User": { - "markdownDescription": "The user to use inside the container. This parameter maps to `User` in the docker container create command and the `--user` option to docker run.\n\n> When running tasks using the `host` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gid`\n- `uid:group`\n\n> This parameter is not supported for Windows containers.", - "title": "User", - "type": "string" - }, - "VolumesFrom": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.VolumeFrom" - }, - "markdownDescription": "Data volumes to mount from another container. This parameter maps to `VolumesFrom` in the docker container create command and the `--volumes-from` option to docker run.", - "title": "VolumesFrom", - "type": "array" + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TotalLocalStorageGB", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" }, - "WorkingDirectory": { - "markdownDescription": "The working directory to run commands inside the container in. This parameter maps to `WorkingDir` in the docker container create command and the `--workdir` option to docker run.", - "title": "WorkingDirectory", - "type": "string" + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.VCpuCount", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" } }, - "required": [ - "Image", - "Name" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.ContainerDependency": { + "AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a `zero` status. This condition can't be set on an essential container.\n- `HEALTHY` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.", - "title": "Condition", - "type": "string" - }, - "ContainerName": { - "markdownDescription": "The name of a container.", - "title": "ContainerName", + "Ipv4Prefix": { + "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", + "title": "Ipv4Prefix", "type": "string" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.Device": { + "AWS::EC2::LaunchTemplate.Ipv6Add": { "additionalProperties": false, "properties": { - "ContainerPath": { - "markdownDescription": "The path inside the container at which to expose the host device.", - "title": "ContainerPath", - "type": "string" - }, - "HostPath": { - "markdownDescription": "The path for the device on the host container instance.", - "title": "HostPath", + "Ipv6Address": { + "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", + "title": "Ipv6Address", "type": "string" - }, - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device.", - "title": "Permissions", - "type": "array" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.DockerVolumeConfiguration": { + "AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification": { "additionalProperties": false, "properties": { - "Autoprovision": { - "markdownDescription": "If this value is `true` , the Docker volume is created if it doesn't already exist.\n\n> This field is only used if the `scope` is `shared` .", - "title": "Autoprovision", - "type": "boolean" - }, - "Driver": { - "markdownDescription": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use `docker plugin ls` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to `Driver` in the docker container create command and the `xxdriver` option to docker volume create.", - "title": "Driver", - "type": "string" - }, - "DriverOpts": { - "additionalProperties": true, - "markdownDescription": "A map of Docker driver-specific options passed through. This parameter maps to `DriverOpts` in the docker create-volume command and the `xxopt` option to docker volume create.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "DriverOpts", - "type": "object" - }, - "Labels": { - "additionalProperties": true, - "markdownDescription": "Custom metadata to add to your Docker volume. This parameter maps to `Labels` in the docker container create command and the `xxlabel` option to docker volume create.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Labels", - "type": "object" - }, - "Scope": { - "markdownDescription": "The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops.", - "title": "Scope", + "Ipv6Prefix": { + "markdownDescription": "The IPv6 prefix.", + "title": "Ipv6Prefix", "type": "string" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.EFSVolumeConfiguration": { + "AWS::EC2::LaunchTemplate.LaunchTemplateData": { "additionalProperties": false, "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.AuthorizationConfig", - "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", - "title": "AuthorizationConfig" - }, - "FilesystemId": { - "markdownDescription": "The Amazon EFS file system ID to use.", - "title": "FilesystemId", - "type": "string" + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BlockDeviceMapping" + }, + "markdownDescription": "The block device mapping.", + "title": "BlockDeviceMappings", + "type": "array" }, - "RootDirectory": { - "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying `/` will have the same effect as omitting this parameter.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` which will enforce the path set on the EFS access point.", - "title": "RootDirectory", + "CapacityReservationSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationSpecification", + "markdownDescription": "The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to `open` , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).", + "title": "CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CpuOptions", + "markdownDescription": "The CPU options for the instance. For more information, see [CPU options for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide* .", + "title": "CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CreditSpecification", + "markdownDescription": "The credit option for CPU usage of the instance. Valid only for T instances.", + "title": "CreditSpecification" + }, + "DisableApiStop": { + "markdownDescription": "Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide* .", + "title": "DisableApiStop", + "type": "boolean" + }, + "DisableApiTermination": { + "markdownDescription": "Indicates whether termination protection is enabled for the instance. The default is `false` , which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped.", + "title": "DisableApiTermination", + "type": "boolean" + }, + "EbsOptimized": { + "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.", + "title": "EbsOptimized", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ElasticGpuSpecification" + }, + "markdownDescription": "Deprecated.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", + "title": "ElasticGpuSpecifications", + "type": "array" + }, + "ElasticInferenceAccelerators": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator" + }, + "markdownDescription": "> Amazon Elastic Inference is no longer available. \n\nAn elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n\nYou cannot specify accelerators from different generations in the same request.", + "title": "ElasticInferenceAccelerators", + "type": "array" + }, + "EnclaveOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnclaveOptions", + "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *AWS Nitro Enclaves User Guide* .\n\nYou can't enable AWS Nitro Enclaves and hibernation on the same instance.", + "title": "EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.HibernationOptions", + "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .", + "title": "HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.IamInstanceProfile", + "markdownDescription": "The name or Amazon Resource Name (ARN) of an IAM instance profile.", + "title": "IamInstanceProfile" + }, + "ImageId": { + "markdownDescription": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n\nValid formats:\n\n- `ami-0ac394d6a3example`\n- `resolve:ssm:parameter-name`\n- `resolve:ssm:parameter-name:version-number`\n- `resolve:ssm:parameter-name:label`\n\nFor more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "ImageId", "type": "string" }, - "TransitEncryption": { - "markdownDescription": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", - "title": "TransitEncryption", + "InstanceInitiatedShutdownBehavior": { + "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", + "title": "InstanceInitiatedShutdownBehavior", "type": "string" }, - "TransitEncryptionPort": { - "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", - "title": "TransitEncryptionPort", - "type": "number" + "InstanceMarketOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceMarketOptions", + "markdownDescription": "The market (purchasing) option for the instances.", + "title": "InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceRequirements", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes.\n\nYou must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default.\n\nWhen you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.\n\nTo limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request:\n\n- `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.\n- `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .\n> \n> Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) , or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) AWS CloudFormation resource, you can't specify `InstanceRequirements` . \n\nFor more information, see [Specify attributes for instance type selection for EC2 Fleet or Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide* .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nIf you specify `InstanceType` , you can't specify `InstanceRequirements` .", + "title": "InstanceType", + "type": "string" + }, + "KernelId": { + "markdownDescription": "The ID of the kernel.\n\nWe recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "KernelId", + "type": "string" + }, + "KeyName": { + "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "title": "KeyName", + "type": "string" + }, + "LicenseSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LicenseSpecification" + }, + "markdownDescription": "The license configurations.", + "title": "LicenseSpecifications", + "type": "array" + }, + "MaintenanceOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MaintenanceOptions", + "markdownDescription": "The maintenance options of your instance.", + "title": "MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MetadataOptions", + "markdownDescription": "The metadata options for the instance. For more information, see [Configure the Instance Metadata Service options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html) in the *Amazon EC2 User Guide* .", + "title": "MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Monitoring", + "markdownDescription": "The monitoring for the instance.", + "title": "Monitoring" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterface" + }, + "markdownDescription": "The network interfaces for the instance.", + "title": "NetworkInterfaces", + "type": "array" + }, + "NetworkPerformanceOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkPerformanceOptions", + "markdownDescription": "The settings for the network performance options for the instance. For more information, see [EC2 instance bandwidth weighting configuration](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configure-bandwidth-weighting.html) .", + "title": "NetworkPerformanceOptions" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Placement", + "markdownDescription": "The placement for the instance.", + "title": "Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateDnsNameOptions", + "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "PrivateDnsNameOptions" + }, + "RamDiskId": { + "markdownDescription": "The ID of the RAM disk.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", + "title": "RamDiskId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", + "title": "SecurityGroups", + "type": "array" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TagSpecification" + }, + "markdownDescription": "The tags to apply to resources that are created during instance launch.\n\nTo tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications) .", + "title": "TagSpecifications", + "type": "array" + }, + "UserData": { + "markdownDescription": "The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands when you launch an EC2 instance with user data input](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide* .\n\nIf you are creating the launch template for use with AWS Batch , the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive) . For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html#lt-user-data) in the *AWS Batch User Guide* .", + "title": "UserData", + "type": "string" } }, - "required": [ - "FilesystemId" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.EnvironmentFile": { + "AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator": { "additionalProperties": false, "properties": { + "Count": { + "markdownDescription": "The number of elastic inference accelerators to attach to the instance.\n\nDefault: 1", + "title": "Count", + "type": "number" + }, "Type": { - "markdownDescription": "The file type to use. Environment files are objects in Amazon S3. The only supported value is `s3` .", + "markdownDescription": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.", "title": "Type", "type": "string" - }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", - "title": "Value", - "type": "string" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.EphemeralStorage": { + "AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification": { "additionalProperties": false, "properties": { - "SizeInGiB": { - "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", - "title": "SizeInGiB", - "type": "number" + "ResourceType": { + "markdownDescription": "The type of resource. To tag a launch template, `ResourceType` must be `launch-template` .", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the resource.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.FSxAuthorizationConfig": { + "AWS::EC2::LaunchTemplate.LicenseSpecification": { "additionalProperties": false, "properties": { - "CredentialsParameter": { - "markdownDescription": "The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an AWS Secrets Manager secret or SSM Parameter Store parameter. The ARN refers to the stored credentials.", - "title": "CredentialsParameter", - "type": "string" - }, - "Domain": { - "markdownDescription": "A fully qualified domain name hosted by an [AWS Directory Service](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.", - "title": "Domain", + "LicenseConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", + "title": "LicenseConfigurationArn", "type": "string" } }, - "required": [ - "CredentialsParameter", - "Domain" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration": { + "AWS::EC2::LaunchTemplate.MaintenanceOptions": { "additionalProperties": false, "properties": { - "AuthorizationConfig": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxAuthorizationConfig", - "markdownDescription": "The authorization configuration details for the Amazon FSx for Windows File Server file system.", - "title": "AuthorizationConfig" - }, - "FileSystemId": { - "markdownDescription": "The Amazon FSx for Windows File Server file system ID to use.", - "title": "FileSystemId", - "type": "string" - }, - "RootDirectory": { - "markdownDescription": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host.", - "title": "RootDirectory", + "AutoRecovery": { + "markdownDescription": "Disables the automatic recovery behavior of your instance or sets it to default.", + "title": "AutoRecovery", "type": "string" } }, - "required": [ - "FileSystemId", - "RootDirectory" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.FirelensConfiguration": { + "AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu": { "additionalProperties": false, "properties": { - "Options": { - "additionalProperties": true, - "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event.\n\nIf specified, valid option keys are:\n\n- `enable-ecs-log-metadata` , which can be `true` or `false`\n- `config-file-type` , which can be `s3` or `file`\n- `config-file-value` , which is either an S3 ARN or a file path", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Options", - "type": "object" + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Type": { - "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", - "title": "Type", - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.HealthCheck": { + "AWS::EC2::LaunchTemplate.MemoryMiB": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "A string array representing the command that the container runs to determine if it is healthy. The string array must start with `CMD` to run the command arguments directly, or `CMD-SHELL` to run the command with the container's default shell.\n\nWhen you use the AWS Management Console JSON panel, the AWS Command Line Interface , or the APIs, enclose the list of commands in double quotes and brackets.\n\n`[ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]`\n\nYou don't include the double quotes and brackets when you use the AWS Management Console.\n\n`CMD-SHELL, curl -f http://localhost/ || exit 1`\n\nAn exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see `HealthCheck` in the docker container create command.", - "title": "Command", - "type": "array" - }, - "Interval": { - "markdownDescription": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a `command` .", - "title": "Interval", - "type": "number" - }, - "Retries": { - "markdownDescription": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a `command` .", - "title": "Retries", - "type": "number" - }, - "StartPeriod": { - "markdownDescription": "The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the `startPeriod` is off. This value applies only when you specify a `command` .\n\n> If a health check succeeds within the `startPeriod` , then the container is considered healthy and any subsequent failures count toward the maximum number of retries.", - "title": "StartPeriod", + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "Timeout": { - "markdownDescription": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a `command` .", - "title": "Timeout", + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", "type": "number" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.HostEntry": { + "AWS::EC2::LaunchTemplate.MetadataOptions": { "additionalProperties": false, "properties": { - "Hostname": { - "markdownDescription": "The hostname to use in the `/etc/hosts` entry.", - "title": "Hostname", + "HttpEndpoint": { + "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is `enabled` .\n\n> If you specify a value of `disabled` , you will not be able to access your instance metadata.", + "title": "HttpEndpoint", "type": "string" }, - "IpAddress": { - "markdownDescription": "The IP address to use in the `/etc/hosts` entry.", - "title": "IpAddress", + "HttpProtocolIpv6": { + "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", + "title": "HttpProtocolIpv6", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "markdownDescription": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n\nDefault: `1`\n\nPossible values: Integers from 1 to 64", + "title": "HttpPutResponseHopLimit", + "type": "number" + }, + "HttpTokens": { + "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials.\n- `required` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.\n\nDefault: If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , the default is `required` .", + "title": "HttpTokens", + "type": "string" + }, + "InstanceMetadataTags": { + "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [View tags for your EC2 instances using instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/work-with-tags-in-IMDS.html) .\n\nDefault: `disabled`", + "title": "InstanceMetadataTags", "type": "string" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.HostVolumeProperties": { + "AWS::EC2::LaunchTemplate.Monitoring": { "additionalProperties": false, "properties": { - "SourcePath": { - "markdownDescription": "When the `host` parameter is used, specify a `sourcePath` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the `host` parameter contains a `sourcePath` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the `sourcePath` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\nIf you're using the Fargate launch type, the `sourcePath` parameter is not supported.", - "title": "SourcePath", - "type": "string" + "Enabled": { + "markdownDescription": "Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.InferenceAccelerator": { + "AWS::EC2::LaunchTemplate.NetworkBandwidthGbps": { "additionalProperties": false, "properties": { - "DeviceName": { - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "DeviceType": { - "type": "string" + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit.", + "title": "Min", + "type": "number" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.KernelCapabilities": { + "AWS::EC2::LaunchTemplate.NetworkInterface": { "additionalProperties": false, "properties": { - "Add": { + "AssociateCarrierIpAddress": { + "markdownDescription": "Associates a Carrier IP address with eth0 for a new network interface.\n\nUse this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", + "title": "AssociateCarrierIpAddress", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "markdownDescription": "Associates a public IPv4 address with eth0 for a new network interface.\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification", + "markdownDescription": "A connection tracking specification for the network interface.", + "title": "ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description for the network interface.", + "title": "Description", + "type": "string" + }, + "DeviceIndex": { + "markdownDescription": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", + "title": "DeviceIndex", + "type": "number" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdSpecification", + "markdownDescription": "The ENA Express configuration for the network interface.", + "title": "EnaSrdSpecification" + }, + "Groups": { "items": { "type": "string" }, - "markdownDescription": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to `CapAdd` in the docker container create command and the `--cap-add` option to docker run.\n\n> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE` kernel capability. \n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", - "title": "Add", + "markdownDescription": "The IDs of one or more security groups.", + "title": "Groups", "type": "array" }, - "Drop": { + "InterfaceType": { + "markdownDescription": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa` or `efa` . For more information, see [Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide* .\n\nIf you are not creating an EFA, specify `interface` or omit this parameter.\n\nIf you specify `efa-only` , do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses.\n\nValid values: `interface` | `efa` | `efa-only`", + "title": "InterfaceType", + "type": "string" + }, + "Ipv4PrefixCount": { + "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv4Prefix` option.", + "title": "Ipv4PrefixCount", + "type": "number" + }, + "Ipv4Prefixes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification" }, - "markdownDescription": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to `CapDrop` in the docker container create command and the `--cap-drop` option to docker run.\n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", - "title": "Drop", + "markdownDescription": "One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv4PrefixCount` option.", + "title": "Ipv4Prefixes", "type": "array" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.KeyValuePair": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", - "type": "string" }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.LinuxParameters": { - "additionalProperties": false, - "properties": { - "Capabilities": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KernelCapabilities", - "markdownDescription": "The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.\n\n> For tasks that use the Fargate launch type, `capabilities` is supported for all platform versions but the `add` parameter is only supported if using platform version 1.4.0 or later.", - "title": "Capabilities" + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.", + "title": "Ipv6AddressCount", + "type": "number" }, - "Devices": { + "Ipv6Addresses": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Device" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6Add" }, - "markdownDescription": "Any host devices to expose to the container. This parameter maps to `Devices` in the docker container create command and the `--device` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `devices` parameter isn't supported.", - "title": "Devices", + "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", + "title": "Ipv6Addresses", "type": "array" }, - "InitProcessEnabled": { - "markdownDescription": "Run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "title": "InitProcessEnabled", - "type": "boolean" - }, - "MaxSwap": { - "markdownDescription": "The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the `--memory-swap` option to docker run where the value would be the sum of the container memory plus the `maxSwap` value.\n\nIf a `maxSwap` value of `0` is specified, the container will not use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n> If you're using tasks that use the Fargate launch type, the `maxSwap` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", - "title": "MaxSwap", + "Ipv6PrefixCount": { + "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv6Prefix` option.", + "title": "Ipv6PrefixCount", "type": "number" }, - "SharedMemorySize": { - "markdownDescription": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to docker run.\n\n> If you are using tasks that use the Fargate launch type, the `sharedMemorySize` parameter is not supported.", - "title": "SharedMemorySize", - "type": "number" + "Ipv6Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification" + }, + "markdownDescription": "One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv6PrefixCount` option.", + "title": "Ipv6Prefixes", + "type": "array" }, - "Swappiness": { - "markdownDescription": "This allows you to tune a container's memory swappiness behavior. A `swappiness` value of `0` will cause swapping to not happen unless absolutely necessary. A `swappiness` value of `100` will cause pages to be swapped very aggressively. Accepted values are whole numbers between `0` and `100` . If the `swappiness` parameter is not specified, a default value of `60` is used. If a value is not specified for `maxSwap` then this parameter is ignored. This parameter maps to the `--memory-swappiness` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `swappiness` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", - "title": "Swappiness", + "NetworkCardIndex": { + "markdownDescription": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.", + "title": "NetworkCardIndex", "type": "number" }, - "Tmpfs": { + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrimaryIpv6": { + "markdownDescription": "The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) .", + "title": "PrimaryIpv6", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The primary private IPv4 address of the network interface.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PrivateIpAddresses": { "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Tmpfs" + "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateIpAdd" }, - "markdownDescription": "The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the `--tmpfs` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `tmpfs` parameter isn't supported.", - "title": "Tmpfs", + "markdownDescription": "One or more private IPv4 addresses.", + "title": "PrivateIpAddresses", "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet for the network interface.", + "title": "SubnetId", + "type": "string" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.LogConfiguration": { + "AWS::EC2::LaunchTemplate.NetworkInterfaceCount": { "additionalProperties": false, "properties": { - "LogDriver": { - "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", - "title": "LogDriver", - "type": "string" - }, - "Options": { - "additionalProperties": true, - "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Options", - "type": "object" + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "SecretOptions": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" - }, - "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "SecretOptions", - "type": "array" + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "LogDriver" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.MountPoint": { + "AWS::EC2::LaunchTemplate.NetworkPerformanceOptions": { "additionalProperties": false, "properties": { - "ContainerPath": { - "markdownDescription": "The path on the container to mount the host volume at.", - "title": "ContainerPath", - "type": "string" - }, - "ReadOnly": { - "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", - "title": "ReadOnly", - "type": "boolean" - }, - "SourceVolume": { - "markdownDescription": "The name of the volume to mount. Must be a volume name referenced in the `name` parameter of task definition `volume` .", - "title": "SourceVolume", + "BandwidthWeighting": { + "markdownDescription": "Specify the bandwidth weighting option to boost the associated type of baseline bandwidth, as follows:\n\n- **default** - This option uses the standard bandwidth configuration for your instance type.\n- **vpc-1** - This option boosts your networking baseline bandwidth and reduces your EBS baseline bandwidth.\n- **ebs-1** - This option boosts your EBS baseline bandwidth and reduces your networking baseline bandwidth.", + "title": "BandwidthWeighting", "type": "string" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.PortMapping": { + "AWS::EC2::LaunchTemplate.Placement": { "additionalProperties": false, "properties": { - "AppProtocol": { - "markdownDescription": "The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.\n\nIf you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP.\n\n`appProtocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "AppProtocol", + "Affinity": { + "markdownDescription": "The affinity setting for an instance on a Dedicated Host.", + "title": "Affinity", "type": "string" }, - "ContainerPort": { - "markdownDescription": "The port number on the container that's bound to the user-specified or automatically assigned host port.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, specify the exposed ports using `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see `hostPort` . Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance.", - "title": "ContainerPort", - "type": "number" - }, - "ContainerPortRange": { - "markdownDescription": "The port number range on the container that's bound to the dynamically mapped host port range.\n\nThe following rules apply when you specify a `containerPortRange` :\n\n- You must use either the `bridge` network mode or the `awsvpc` network mode.\n- This parameter is available for both the EC2 and AWS Fargate launch types.\n- This parameter is available for both the Linux and Windows operating systems.\n- The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the `ecs-init` package\n- You can specify a maximum of 100 port ranges per container.\n- You do not specify a `hostPortRange` . The value of the `hostPortRange` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPortRange` is set to the same value as the `containerPortRange` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.\n- The `containerPortRange` valid values are between 1 and 65535.\n- A port can only be included in one port mapping per container.\n- You cannot specify overlapping port ranges.\n- The first port in the range must be less than last port in the range.\n- Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.\n\nFor more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website.\n\nFor information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide* .\n\nYou can call [`DescribeTasks`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the `hostPortRange` which are the host ports that are bound to the container ports.", - "title": "ContainerPortRange", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", "type": "string" }, - "HostPort": { - "markdownDescription": "The port number on the container instance to reserve for your container.\n\nIf you specify a `containerPortRange` , leave this field empty and the value of the `hostPort` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPort` is set to the same value as the `containerPort` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, the `hostPort` can either be left blank or set to the same value as the `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the `hostPort` (or set it to `0` ) while specifying a `containerPort` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version.\n\nThe default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under `/proc/sys/net/ipv4/ip_local_port_range` . If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range.\n\nThe default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the `remainingResources` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota.", - "title": "HostPort", - "type": "number" + "GroupId": { + "markdownDescription": "The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group.", + "title": "GroupId", + "type": "string" }, - "Name": { - "markdownDescription": "The name that's used for the port mapping. This parameter is the name that you use in the `serviceConnectConfiguration` and the `vpcLatticeConfigurations` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.", - "title": "Name", + "GroupName": { + "markdownDescription": "The name of the placement group for the instance.", + "title": "GroupName", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol used for the port mapping. Valid values are `tcp` and `udp` . The default is `tcp` . `protocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.", - "title": "Protocol", + "HostId": { + "markdownDescription": "The ID of the Dedicated Host for the instance.", + "title": "HostId", "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.ProxyConfiguration": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The name of the container that will serve as the App Mesh proxy.", - "title": "ContainerName", + }, + "HostResourceGroupArn": { + "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", + "title": "HostResourceGroupArn", "type": "string" }, - "ProxyConfigurationProperties": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" - }, - "markdownDescription": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs.\n\n- `IgnoredUID` - (Required) The user ID (UID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredGID` is specified, this field can be empty.\n- `IgnoredGID` - (Required) The group ID (GID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredUID` is specified, this field can be empty.\n- `AppPorts` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the `ProxyIngressPort` and `ProxyEgressPort` .\n- `ProxyIngressPort` - (Required) Specifies the port that incoming traffic to the `AppPorts` is directed to.\n- `ProxyEgressPort` - (Required) Specifies the port that outgoing traffic from the `AppPorts` is directed to.\n- `EgressIgnoredPorts` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.\n- `EgressIgnoredIPs` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.", - "title": "ProxyConfigurationProperties", - "type": "array" + "PartitionNumber": { + "markdownDescription": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to `partition` .", + "title": "PartitionNumber", + "type": "number" }, - "Type": { - "markdownDescription": "The proxy type. The only supported value is `APPMESH` .", - "title": "Type", + "SpreadDomain": { + "markdownDescription": "Reserved for future use.", + "title": "SpreadDomain", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware.", + "title": "Tenancy", "type": "string" } }, - "required": [ - "ContainerName" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.RepositoryCredentials": { + "AWS::EC2::LaunchTemplate.PrivateDnsNameOptions": { "additionalProperties": false, "properties": { - "CredentialsParameter": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.\n\n> When you use the Amazon ECS API, AWS CLI , or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret.", - "title": "CredentialsParameter", + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" + }, + "HostnameType": { + "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "HostnameType", "type": "string" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.ResourceRequirement": { + "AWS::EC2::LaunchTemplate.PrivateIpAdd": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container.", - "title": "Type", - "type": "string" + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value for the specified resource type.\n\nWhen the type is `GPU` , the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nWhen the type is `InferenceAccelerator` , the `value` matches the `deviceName` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition.", - "title": "Value", + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", "type": "string" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.RuntimePlatform": { + "AWS::EC2::LaunchTemplate.Reference": { "additionalProperties": false, "properties": { - "CpuArchitecture": { - "markdownDescription": "The CPU architecture.\n\nYou can run your Linux tasks on an ARM-based platform by setting the value to `ARM64` . This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate.", - "title": "CpuArchitecture", - "type": "string" - }, - "OperatingSystemFamily": { - "markdownDescription": "The operating system.", - "title": "OperatingSystemFamily", + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.", + "title": "InstanceFamily", "type": "string" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.Secret": { + "AWS::EC2::LaunchTemplate.SpotOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the secret.", - "title": "Name", + "BlockDurationMinutes": { + "markdownDescription": "Deprecated.", + "title": "BlockDurationMinutes", + "type": "number" + }, + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", + "title": "InstanceInterruptionBehavior", "type": "string" }, - "ValueFrom": { - "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", - "title": "ValueFrom", + "MaxPrice": { + "markdownDescription": "The maximum hourly price you're willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. If you do specify this parameter, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message when the launch template is used to launch an instance.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "MaxPrice", "type": "string" - } - }, - "required": [ - "Name", - "ValueFrom" - ], - "type": "object" - }, - "AWS::ECS::TaskDefinition.SystemControl": { - "additionalProperties": false, - "properties": { - "Namespace": { - "markdownDescription": "The namespaced kernel parameter to set a `value` for.", - "title": "Namespace", + }, + "SpotInstanceType": { + "markdownDescription": "The Spot Instance request type.\n\nIf you are using Spot Instances with an Auto Scaling group, use `one-time` requests, as the Amazon EC2 Auto Scaling service handles requesting new Spot Instances whenever the group is below its desired capacity.", + "title": "SpotInstanceType", "type": "string" }, - "Value": { - "markdownDescription": "The namespaced kernel parameter to set a `value` for.\n\nValid IPC namespace values: `\"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\" | \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" | \"kernel.shm_rmid_forced\"` , and `Sysctls` that start with `\"fs.mqueue.*\"`\n\nValid network namespace values: `Sysctls` that start with `\"net.*\"` . Only namespaced `Sysctls` that exist within the container starting with \"net.* are accepted.\n\nAll of these values are supported by Fargate.", - "title": "Value", + "ValidUntil": { + "markdownDescription": "The end date of the request, in UTC format ( *YYYY-MM-DD* T *HH:MM:SS* Z). Supported only for persistent requests.\n\n- For a persistent request, the request remains active until the `ValidUntil` date and time is reached. Otherwise, the request remains active until you cancel it.\n- For a one-time request, `ValidUntil` is not supported. The request remains active until all instances launch or you cancel the request.\n\nDefault: 7 days from the current date", + "title": "ValidUntil", "type": "string" } }, "type": "object" }, - "AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint": { + "AWS::EC2::LaunchTemplate.TagSpecification": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "Expression", + "ResourceType": { + "markdownDescription": "The type of resource to tag. You can specify tags for the following resource types only: `instance` | `volume` | `network-interface` | `spot-instances-request` . If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume.\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", + "title": "ResourceType", "type": "string" }, - "Type": { - "markdownDescription": "The type of constraint. The `MemberOf` constraint restricts selection to be from a group of valid candidates.", - "title": "Type", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the resource.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.Tmpfs": { + "AWS::EC2::LaunchTemplate.TotalLocalStorageGB": { "additionalProperties": false, "properties": { - "ContainerPath": { - "markdownDescription": "The absolute file path where the tmpfs volume is to be mounted.", - "title": "ContainerPath", - "type": "string" - }, - "MountOptions": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of tmpfs volume mount options.\n\nValid values: `\"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"`", - "title": "MountOptions", - "type": "array" + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Size": { - "markdownDescription": "The maximum size (in MiB) of the tmpfs volume.", - "title": "Size", + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", "type": "number" } }, - "required": [ - "Size" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.Ulimit": { + "AWS::EC2::LaunchTemplate.VCpuCount": { "additionalProperties": false, "properties": { - "HardLimit": { - "markdownDescription": "The hard limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", - "title": "HardLimit", + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", "type": "number" }, - "Name": { - "markdownDescription": "The `type` of the `ulimit` .", - "title": "Name", - "type": "string" - }, - "SoftLimit": { - "markdownDescription": "The soft limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", - "title": "SoftLimit", + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", "type": "number" } }, - "required": [ - "HardLimit", - "Name", - "SoftLimit" - ], "type": "object" }, - "AWS::ECS::TaskDefinition.Volume": { + "AWS::EC2::LocalGatewayRoute": { "additionalProperties": false, "properties": { - "ConfiguredAtLaunch": { - "markdownDescription": "Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n\nTo configure a volume at launch time, use this task definition revision and specify a `volumeConfigurations` object when calling the `CreateService` , `UpdateService` , `RunTask` or `StartTask` APIs.", - "title": "ConfiguredAtLaunch", - "type": "boolean" + "Condition": { + "type": "string" }, - "DockerVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.DockerVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use Docker volumes.\n\nWindows containers only support the use of the `local` driver. To use bind mounts, specify the `host` parameter instead.\n\n> Docker volumes aren't supported by tasks run on AWS Fargate .", - "title": "DockerVolumeConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "EFSVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.EFSVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use an Amazon Elastic File System file system for task storage.", - "title": "EFSVolumeConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FSxWindowsFileServerVolumeConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration", - "markdownDescription": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage.", - "title": "FSxWindowsFileServerVolumeConfiguration" + "Metadata": { + "type": "object" }, - "Host": { - "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostVolumeProperties", - "markdownDescription": "This parameter is specified when you use bind mount host volumes. The contents of the `host` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the `host` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount `C:\\my\\path:C:\\my\\path` and `D:\\:D:\\` , but not `D:\\my\\path:C:\\my\\path` or `D:\\:C:\\my\\path` .", - "title": "Host" + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidrBlock", + "type": "string" + }, + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", + "type": "string" + }, + "LocalGatewayVirtualInterfaceGroupId": { + "markdownDescription": "The ID of the virtual interface group.", + "title": "LocalGatewayVirtualInterfaceGroupId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + } + }, + "required": [ + "DestinationCidrBlock", + "LocalGatewayRouteTableId" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.\n\nWhen using a volume configured at launch, the `name` is required and must also be specified as the volume name in the `ServiceVolumeConfiguration` or `TaskVolumeConfiguration` parameter when creating your service or standalone task.\n\nFor all other types of volumes, this name is referenced in the `sourceVolume` parameter of the `mountPoints` object in the container definition.\n\nWhen a volume is using the `efsVolumeConfiguration` , the name is required.", - "title": "Name", + "Type": { + "enum": [ + "AWS::EC2::LocalGatewayRoute" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskDefinition.VolumeFrom": { - "additionalProperties": false, - "properties": { - "ReadOnly": { - "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", - "title": "ReadOnly", - "type": "boolean" }, - "SourceContainer": { - "markdownDescription": "The name of another container within the same task definition to mount volumes from.", - "title": "SourceContainer", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ECS::TaskSet": { + "AWS::EC2::LocalGatewayRouteTable": { "additionalProperties": false, "properties": { "Condition": { @@ -85300,81 +93687,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Cluster": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", - "title": "Cluster", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the `ECS_TASK_SET_EXTERNAL_ID` AWS Cloud Map attribute set to the provided value.", - "title": "ExternalId", - "type": "string" - }, - "LaunchType": { - "markdownDescription": "The launch type that new tasks in the task set uses. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf a `launchType` is specified, the `capacityProviderStrategy` parameter must be omitted.", - "title": "LaunchType", - "type": "string" - }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskSet.LoadBalancer" - }, - "markdownDescription": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer.", - "title": "LoadBalancers", - "type": "array" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskSet.NetworkConfiguration", - "markdownDescription": "The network configuration for the task set.", - "title": "NetworkConfiguration" - }, - "PlatformVersion": { - "markdownDescription": "The platform version that the tasks in the task set uses. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used.", - "title": "PlatformVersion", + "LocalGatewayId": { + "markdownDescription": "The ID of the local gateway.", + "title": "LocalGatewayId", "type": "string" }, - "Scale": { - "$ref": "#/definitions/AWS::ECS::TaskSet.Scale", - "markdownDescription": "A floating-point percentage of your desired number of tasks to place and keep running in the task set.", - "title": "Scale" - }, - "Service": { - "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", - "title": "Service", + "Mode": { + "markdownDescription": "The mode of the local gateway route table.", + "title": "Mode", "type": "string" }, - "ServiceRegistries": { - "items": { - "$ref": "#/definitions/AWS::ECS::TaskSet.ServiceRegistry" - }, - "markdownDescription": "The details of the service discovery registries to assign to this task set. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .", - "title": "ServiceRegistries", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "The tags assigned to the local gateway route table.", "title": "Tags", "type": "array" - }, - "TaskDefinition": { - "markdownDescription": "The task definition for the tasks in the task set to use. If a revision isn't specified, the latest `ACTIVE` revision is used.", - "title": "TaskDefinition", - "type": "string" } }, "required": [ - "Cluster", - "Service", - "TaskDefinition" + "LocalGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ECS::TaskSet" + "AWS::EC2::LocalGatewayRouteTable" ], "type": "string" }, @@ -85393,122 +93732,18 @@ ], "type": "object" }, - "AWS::ECS::TaskSet.AwsVpcConfiguration": { + "AWS::EC2::LocalGatewayRouteTableVPCAssociation": { "additionalProperties": false, "properties": { - "AssignPublicIp": { - "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", - "title": "AssignPublicIp", + "Condition": { "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "AWS::ECS::TaskSet.LoadBalancer": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", - "title": "ContainerName", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", - "title": "ContainerPort", - "type": "number" - }, - "TargetGroupArn": { - "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", - "title": "TargetGroupArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AWS::ECS::TaskSet.AwsVpcConfiguration", - "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", - "title": "AwsVpcConfiguration" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.Scale": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The unit of measure for the scale value.", - "title": "Unit", - "type": "string" - }, - "Value": { - "markdownDescription": "The value, specified as a percent total of a service's `desiredCount` , to scale the task set. Accepted values are numbers between 0 and 100.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ECS::TaskSet.ServiceRegistry": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerName", - "type": "string" - }, - "ContainerPort": { - "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", - "title": "ContainerPort", - "type": "number" - }, - "Port": { - "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", - "title": "Port", - "type": "number" - }, - "RegistryArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", - "title": "RegistryArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::AccessPoint": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, "DependsOn": { @@ -85532,43 +93767,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPointTags": { + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.AccessPointTag" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "AccessPointTags", + "markdownDescription": "The tags assigned to the association.", + "title": "Tags", "type": "array" }, - "ClientToken": { - "markdownDescription": "The opaque string specified in the request to ensure idempotent creation.", - "title": "ClientToken", - "type": "string" - }, - "FileSystemId": { - "markdownDescription": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example `fs-0123456789abcedf2` .", - "title": "FileSystemId", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" - }, - "PosixUser": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.PosixUser", - "markdownDescription": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.", - "title": "PosixUser" - }, - "RootDirectory": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.RootDirectory", - "markdownDescription": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.", - "title": "RootDirectory" } }, "required": [ - "FileSystemId" + "LocalGatewayRouteTableId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EFS::AccessPoint" + "AWS::EC2::LocalGatewayRouteTableVPCAssociation" ], "type": "string" }, @@ -85587,93 +93813,7 @@ ], "type": "object" }, - "AWS::EFS::AccessPoint.AccessPointTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The tag key (String). The key can't start with `aws:` .", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the tag key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::AccessPoint.CreationInfo": { - "additionalProperties": false, - "properties": { - "OwnerGid": { - "markdownDescription": "Specifies the POSIX group ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", - "title": "OwnerGid", - "type": "string" - }, - "OwnerUid": { - "markdownDescription": "Specifies the POSIX user ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", - "title": "OwnerUid", - "type": "string" - }, - "Permissions": { - "markdownDescription": "Specifies the POSIX permissions to apply to the `RootDirectory` , in the format of an octal number representing the file's mode bits.", - "title": "Permissions", - "type": "string" - } - }, - "required": [ - "OwnerGid", - "OwnerUid", - "Permissions" - ], - "type": "object" - }, - "AWS::EFS::AccessPoint.PosixUser": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID used for all file system operations using this access point.", - "title": "Gid", - "type": "string" - }, - "SecondaryGids": { - "items": { - "type": "string" - }, - "markdownDescription": "Secondary POSIX group IDs used for all file system operations using this access point.", - "title": "SecondaryGids", - "type": "array" - }, - "Uid": { - "markdownDescription": "The POSIX user ID used for all file system operations using this access point.", - "title": "Uid", - "type": "string" - } - }, - "required": [ - "Gid", - "Uid" - ], - "type": "object" - }, - "AWS::EFS::AccessPoint.RootDirectory": { - "additionalProperties": false, - "properties": { - "CreationInfo": { - "$ref": "#/definitions/AWS::EFS::AccessPoint.CreationInfo", - "markdownDescription": "(Optional) Specifies the POSIX IDs and permissions to apply to the access point's `RootDirectory` . If the `RootDirectory` > `Path` specified does not exist, EFS creates the root directory using the `CreationInfo` settings when a client connects to an access point. When specifying the `CreationInfo` , you must provide values for all properties.\n\n> If you do not provide `CreationInfo` and the specified `RootDirectory` > `Path` does not exist, attempts to mount the file system using the access point will fail.", - "title": "CreationInfo" - }, - "Path": { - "markdownDescription": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the `CreationInfo` .", - "title": "Path", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::FileSystem": { + "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -85708,83 +93848,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZoneName": { - "markdownDescription": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide* .\n\n> One Zone file systems are not available in all Availability Zones in AWS Regions where Amazon EFS is available.", - "title": "AvailabilityZoneName", + "LocalGatewayRouteTableId": { + "markdownDescription": "The ID of the local gateway route table.", + "title": "LocalGatewayRouteTableId", "type": "string" }, - "BackupPolicy": { - "$ref": "#/definitions/AWS::EFS::FileSystem.BackupPolicy", - "markdownDescription": "Use the `BackupPolicy` to turn automatic backups on or off for the file system.", - "title": "BackupPolicy" - }, - "BypassPolicyLockoutSafetyCheck": { - "markdownDescription": "(Optional) A boolean that specifies whether or not to bypass the `FileSystemPolicy` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future `PutFileSystemPolicy` requests on this file system. Set `BypassPolicyLockoutSafetyCheck` to `True` only when you intend to prevent the IAM principal that is making the request from making subsequent `PutFileSystemPolicy` requests on this file system. The default value is `False` .", - "title": "BypassPolicyLockoutSafetyCheck", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing AWS KMS key . If you don't specify a KMS key , then the default KMS key for Amazon EFS , `/aws/elasticfilesystem` , is used to protect the encrypted file system.", - "title": "Encrypted", - "type": "boolean" - }, - "FileSystemPolicy": { - "markdownDescription": "The `FileSystemPolicy` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using IAM to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide* .", - "title": "FileSystemPolicy", - "type": "object" - }, - "FileSystemProtection": { - "$ref": "#/definitions/AWS::EFS::FileSystem.FileSystemProtection", - "markdownDescription": "Describes the protection on the file system.", - "title": "FileSystemProtection" - }, - "FileSystemTags": { - "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ElasticFileSystemTag" - }, - "markdownDescription": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a `\"Key\":\"Name\",\"Value\":\"{value}\"` key-value pair. Each key must be unique. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", - "title": "FileSystemTags", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS KMS key to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault KMS key . If this parameter is not specified, the default KMS key for Amazon EFS is used. This ID can be in one of the following formats:\n\n- Key ID - A unique identifier of the key, for example `1234abcd-12ab-34cd-56ef-1234567890ab` .\n- ARN - An Amazon Resource Name (ARN) for the key, for example `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` .\n- Key alias - A previously created display name for a key, for example `alias/projectKey1` .\n- Key alias ARN - An ARN for a key alias, for example `arn:aws:kms:us-west-2:444455556666:alias/projectKey1` .\n\nIf `KmsKeyId` is specified, the `Encrypted` parameter must be set to true.", - "title": "KmsKeyId", + "LocalGatewayVirtualInterfaceGroupId": { + "markdownDescription": "The ID of the virtual interface group.", + "title": "LocalGatewayVirtualInterfaceGroupId", "type": "string" }, - "LifecyclePolicies": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.LifecyclePolicy" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of `LifecyclePolicy` objects that define the file system's `LifecycleConfiguration` object. A `LifecycleConfiguration` object informs Lifecycle management of the following:\n\n- When to move files in the file system from primary storage to IA storage.\n- When to move files in the file system from primary storage or IA storage to Archive storage.\n- When to move files that are in IA or Archive storage to primary storage.\n\n> Amazon EFS requires that each `LifecyclePolicy` object have only a single transition. This means that in a request body, `LifecyclePolicies` needs to be structured as an array of `LifecyclePolicy` objects, one object for each transition, `TransitionToIA` , `TransitionToArchive` `TransitionToPrimaryStorageClass` . See the example requests in the following section for more information.", - "title": "LifecyclePolicies", + "markdownDescription": "The tags assigned to the association.", + "title": "Tags", "type": "array" - }, - "PerformanceMode": { - "markdownDescription": "The performance mode of the file system. We recommend `generalPurpose` performance mode for all file systems. File systems using the `maxIO` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The `maxIO` mode is not supported on One Zone file systems.\n\n> Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems. \n\nDefault is `generalPurpose` .", - "title": "PerformanceMode", - "type": "string" - }, - "ProvisionedThroughputInMibps": { - "markdownDescription": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if `ThroughputMode` is set to `provisioned` . Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact Support . For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide* .", - "title": "ProvisionedThroughputInMibps", - "type": "number" - }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationConfiguration", - "markdownDescription": "Describes the replication configuration for a specific file system.", - "title": "ReplicationConfiguration" - }, - "ThroughputMode": { - "markdownDescription": "Specifies the throughput mode for the file system. The mode can be `bursting` , `provisioned` , or `elastic` . If you set `ThroughputMode` to `provisioned` , you must also set a value for `ProvisionedThroughputInMibps` . After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide* .\n\nDefault is `bursting` .", - "title": "ThroughputMode", - "type": "string" } }, + "required": [ + "LocalGatewayRouteTableId", + "LocalGatewayVirtualInterfaceGroupId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EFS::FileSystem" + "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation" ], "type": "string" }, @@ -85798,117 +93889,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EFS::FileSystem.BackupPolicy": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Set the backup policy status for the file system.\n\n- *`ENABLED`* - Turns automatic backups on for the file system.\n- *`DISABLED`* - Turns automatic backups off for the file system.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::EFS::FileSystem.ElasticFileSystemTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The tag key (String). The key can't start with `aws:` .", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the tag key.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::EFS::FileSystem.FileSystemProtection": { - "additionalProperties": false, - "properties": { - "ReplicationOverwriteProtection": { - "markdownDescription": "The status of the file system's replication overwrite protection.\n\n- `ENABLED` \u2013 The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is `ENABLED` by default.\n- `DISABLED` \u2013 The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.\n- `REPLICATING` \u2013 The file system is being used as the destination file system in a replication configuration. The file system is read-only and is modified only by EFS replication.\n\nIf the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable.", - "title": "ReplicationOverwriteProtection", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::FileSystem.LifecyclePolicy": { - "additionalProperties": false, - "properties": { - "TransitionToArchive": { - "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToArchive", - "type": "string" - }, - "TransitionToIA": { - "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToIA", - "type": "string" - }, - "TransitionToPrimaryStorageClass": { - "markdownDescription": "Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", - "title": "TransitionToPrimaryStorageClass", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::FileSystem.ReplicationConfiguration": { - "additionalProperties": false, - "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationDestination" - }, - "markdownDescription": "An array of destination objects. Only one destination object is supported.", - "title": "Destinations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EFS::FileSystem.ReplicationDestination": { - "additionalProperties": false, - "properties": { - "AvailabilityZoneName": { - "markdownDescription": "For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located.\n\nUse the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide* .\n\n> One Zone file system type is not available in all Availability Zones in AWS Regions where Amazon EFS is available.", - "title": "AvailabilityZoneName", - "type": "string" - }, - "FileSystemId": { - "markdownDescription": "The ID of the destination Amazon EFS file system.", - "title": "FileSystemId", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of an AWS KMS key used to protect the encrypted file system.", - "title": "KmsKeyId", - "type": "string" - }, - "Region": { - "markdownDescription": "The AWS Region in which the destination file system is located.\n\n> For One Zone file systems, the replication configuration must specify the AWS Region in which the destination file system is located.", - "title": "Region", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EFS::MountTarget": { + "AWS::EC2::NatGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -85943,40 +93929,69 @@ "Properties": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The ID of the file system for which to create the mount target.", - "title": "FileSystemId", + "AllocationId": { + "markdownDescription": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.", + "title": "AllocationId", "type": "string" }, - "IpAddress": { - "markdownDescription": "If the `IpAddressType` for the mount target is IPv4 ( `IPV4_ONLY` or `DUAL_STACK` ), then specify the IPv4 address to use. If you do not specify an `IpAddress` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", - "title": "IpAddress", + "ConnectivityType": { + "markdownDescription": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", + "title": "ConnectivityType", "type": "string" }, - "SecurityGroups": { + "MaxDrainDurationSeconds": { + "markdownDescription": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.", + "title": "MaxDrainDurationSeconds", + "type": "number" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.", + "title": "PrivateIpAddress", + "type": "string" + }, + "SecondaryAllocationIds": { "items": { "type": "string" }, - "markdownDescription": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). If you don't specify a security group, then Amazon EFS uses the default security group for the subnet's VPC.", - "title": "SecurityGroups", + "markdownDescription": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-working-with.html) in the *Amazon VPC User Guide* .", + "title": "SecondaryAllocationIds", + "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SecondaryPrivateIpAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", + "title": "SecondaryPrivateIpAddresses", "type": "array" }, "SubnetId": { - "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. The subnet type must be the same type as the `IpAddressType` .", + "markdownDescription": "The ID of the subnet in which the NAT gateway is located.", "title": "SubnetId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the NAT gateway.", + "title": "Tags", + "type": "array" } }, "required": [ - "FileSystemId", - "SecurityGroups", "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EFS::MountTarget" + "AWS::EC2::NatGateway" ], "type": "string" }, @@ -85995,7 +94010,7 @@ ], "type": "object" }, - "AWS::EKS::AccessEntry": { + "AWS::EC2::NetworkAcl": { "additionalProperties": false, "properties": { "Condition": { @@ -86030,60 +94045,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "items": { - "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessPolicy" - }, - "markdownDescription": "The access policies to associate to the access entry.", - "title": "AccessPolicies", - "type": "array" - }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "KubernetesGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The value for `name` that you've specified for `kind: Group` as a `subject` in a Kubernetes `RoleBinding` or `ClusterRoleBinding` object. Amazon EKS doesn't confirm that the value for `name` exists in any bindings on your cluster. You can specify one or more names.\n\nKubernetes authorizes the `principalArn` of the access entry to access any cluster objects that you've specified in a Kubernetes `Role` or `ClusterRole` object that is also specified in a binding's `roleRef` . For more information about creating Kubernetes `RoleBinding` , `ClusterRoleBinding` , `Role` , or `ClusterRole` objects, see [Using RBAC Authorization in the Kubernetes documentation](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/access-authn-authz/rbac/) .\n\nIf you want Amazon EKS to authorize the `principalArn` (instead of, or in addition to Kubernetes authorizing the `principalArn` ), you can associate one or more access policies to the access entry using `AssociateAccessPolicy` . If you associate any access policies, the `principalARN` has all permissions assigned in the associated access policies and all permissions in any Kubernetes `Role` or `ClusterRole` objects that the group names are bound to.", - "title": "KubernetesGroups", - "type": "array" - }, - "PrincipalArn": { - "markdownDescription": "The ARN of the IAM principal for the `AccessEntry` . You can specify one ARN for each access entry. You can't specify the same ARN in more than one access entry. This value can't be changed after access entry creation.\n\nThe valid principals differ depending on the type of the access entry in the `type` field. For `STANDARD` access entries, you can use every IAM principal type. For nodes ( `EC2` (for EKS Auto Mode), `EC2_LINUX` , `EC2_WINDOWS` , `FARGATE_LINUX` , and `HYBRID_LINUX` ), the only valid ARN is IAM roles. You can't use the STS session principal type with access entries because this is a temporary principal for each session and not a permanent identity that can be assigned permissions.\n\n[IAM best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) recommend using IAM roles with temporary credentials, rather than IAM users with long-term credentials.", - "title": "PrincipalArn", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "markdownDescription": "The tags for the network ACL.", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "The type of the new access entry. Valid values are `STANDARD` , `FARGATE_LINUX` , `EC2_LINUX` , `EC2_WINDOWS` , `EC2` (for EKS Auto Mode), `HYBRID_LINUX` , and `HYPERPOD_LINUX` .\n\nIf the `principalArn` is for an IAM role that's used for self-managed Amazon EC2 nodes, specify `EC2_LINUX` or `EC2_WINDOWS` . Amazon EKS grants the necessary permissions to the node for you. If the `principalArn` is for any other purpose, specify `STANDARD` . If you don't specify a value, Amazon EKS sets the value to `STANDARD` . If you have the access mode of the cluster set to `API_AND_CONFIG_MAP` , it's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the `aws-auth` `ConfigMap` for the roles. You can't change this value once you've created the access entry.\n\nIf you set the value to `EC2_LINUX` or `EC2_WINDOWS` , you can't specify values for `kubernetesGroups` , or associate an `AccessPolicy` to the access entry.", - "title": "Type", - "type": "string" - }, - "Username": { - "markdownDescription": "The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries) in the *Amazon EKS User Guide* .", - "title": "Username", + "VpcId": { + "markdownDescription": "The ID of the VPC for the network ACL.", + "title": "VpcId", "type": "string" } }, "required": [ - "ClusterName", - "PrincipalArn" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::AccessEntry" + "AWS::EC2::NetworkAcl" ], "type": "string" }, @@ -86102,49 +94085,7 @@ ], "type": "object" }, - "AWS::EKS::AccessEntry.AccessPolicy": { - "additionalProperties": false, - "properties": { - "AccessScope": { - "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessScope", - "markdownDescription": "The scope of an `AccessPolicy` that's associated to an `AccessEntry` .", - "title": "AccessScope" - }, - "PolicyArn": { - "markdownDescription": "The ARN of the access policy.", - "title": "PolicyArn", - "type": "string" - } - }, - "required": [ - "AccessScope", - "PolicyArn" - ], - "type": "object" - }, - "AWS::EKS::AccessEntry.AccessScope": { - "additionalProperties": false, - "properties": { - "Namespaces": { - "items": { - "type": "string" - }, - "markdownDescription": "A Kubernetes `namespace` that an access policy is scoped to. A value is required if you specified `namespace` for `Type` .", - "title": "Namespaces", - "type": "array" - }, - "Type": { - "markdownDescription": "The scope type of an access policy.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::EKS::Addon": { + "AWS::EC2::NetworkAclEntry": { "additionalProperties": false, "properties": { "Condition": { @@ -86179,59 +94120,63 @@ "Properties": { "additionalProperties": false, "properties": { - "AddonName": { - "markdownDescription": "The name of the add-on.", - "title": "AddonName", + "CidrBlock": { + "markdownDescription": "The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.", + "title": "CidrBlock", "type": "string" }, - "AddonVersion": { - "markdownDescription": "The version of the add-on.", - "title": "AddonVersion", - "type": "string" + "Egress": { + "markdownDescription": "Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ). By default, AWS CloudFormation specifies `false` .", + "title": "Egress", + "type": "boolean" }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", + "Icmp": { + "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.Icmp", + "markdownDescription": "The Internet Control Message Protocol (ICMP) code and type. Required if specifying 1 (ICMP) for the protocol parameter.", + "title": "Icmp" + }, + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation. You must specify an IPv4 CIDR block or an IPv6 CIDR block.", + "title": "Ipv6CidrBlock", "type": "string" }, - "ConfigurationValues": { - "markdownDescription": "The configuration values that you provided.", - "title": "ConfigurationValues", + "NetworkAclId": { + "markdownDescription": "The ID of the ACL for the entry.", + "title": "NetworkAclId", "type": "string" }, - "PreserveOnDelete": { - "markdownDescription": "Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.", - "title": "PreserveOnDelete", - "type": "boolean" + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.PortRange", + "markdownDescription": "The range of port numbers for the UDP/TCP protocol. Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "PortRange" }, - "ResolveConflicts": { - "markdownDescription": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose:\n\n- *None* \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail.\n- *Overwrite* \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value.\n- *Preserve* \u2013 This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see [`UpdateAddon`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) .\n\nIf you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", - "title": "ResolveConflicts", - "type": "string" + "Protocol": { + "markdownDescription": "The IP protocol that the rule applies to. You must specify -1 or a protocol number. You can specify -1 for all protocols.\n\n> If you specify -1, all ports are opened and the `PortRange` property is ignored.", + "title": "Protocol", + "type": "number" }, - "ServiceAccountRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the *Amazon EKS User Guide* .\n\n> To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see [Enabling IAM roles for service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the *Amazon EKS User Guide* .", - "title": "ServiceAccountRoleArn", + "RuleAction": { + "markdownDescription": "Whether to allow or deny traffic that matches the rule; valid values are \"allow\" or \"deny\".", + "title": "RuleAction", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.", - "title": "Tags", - "type": "array" + "RuleNumber": { + "markdownDescription": "Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.", + "title": "RuleNumber", + "type": "number" } }, "required": [ - "AddonName", - "ClusterName" + "NetworkAclId", + "Protocol", + "RuleAction", + "RuleNumber" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::Addon" + "AWS::EC2::NetworkAclEntry" ], "type": "string" }, @@ -86250,7 +94195,39 @@ ], "type": "object" }, - "AWS::EKS::Cluster": { + "AWS::EC2::NetworkAclEntry.Icmp": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP codes for the given ICMP type. Required if you specify 1 (ICMP) for the protocol parameter.", + "title": "Code", + "type": "number" + }, + "Type": { + "markdownDescription": "The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types. Conditional requirement: Required if you specify 1 (ICMP) for the `CreateNetworkAclEntry` protocol parameter.", + "title": "Type", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkAclEntry.PortRange": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", + "title": "To", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAccessScope": { "additionalProperties": false, "properties": { "Condition": { @@ -86285,72 +94262,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.AccessConfig", - "markdownDescription": "The access configuration for the cluster.", - "title": "AccessConfig" - }, - "EncryptionConfig": { + "ExcludePaths": { "items": { - "$ref": "#/definitions/AWS::EKS::Cluster.EncryptionConfig" + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" }, - "markdownDescription": "The encryption configuration for the cluster.", - "title": "EncryptionConfig", + "markdownDescription": "The paths to exclude.", + "title": "ExcludePaths", "type": "array" }, - "KubernetesNetworkConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.KubernetesNetworkConfig", - "markdownDescription": "The Kubernetes network configuration for the cluster.", - "title": "KubernetesNetworkConfig" - }, - "Logging": { - "$ref": "#/definitions/AWS::EKS::Cluster.Logging", - "markdownDescription": "The logging configuration for your cluster.", - "title": "Logging" - }, - "Name": { - "markdownDescription": "The unique name to give to your cluster. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphanumeric character and can't be longer than 100 characters. The name must be unique within the AWS Region and AWS account that you're creating the cluster in. Note that underscores can't be used in AWS CloudFormation .", - "title": "Name", - "type": "string" - }, - "OutpostConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.OutpostConfig", - "markdownDescription": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", - "title": "OutpostConfig" - }, - "ResourcesVpcConfig": { - "$ref": "#/definitions/AWS::EKS::Cluster.ResourcesVpcConfig", - "markdownDescription": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.", - "title": "ResourcesVpcConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see [Amazon EKS Service IAM Role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the **Amazon EKS User Guide** .", - "title": "RoleArn", - "type": "string" + "MatchPaths": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" + }, + "markdownDescription": "The paths to match.", + "title": "MatchPaths", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.\n\n> You must have the `eks:TagResource` and `eks:UntagResource` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" - }, - "Version": { - "markdownDescription": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used.\n\n> The default version might not be the latest version available.", - "title": "Version", - "type": "string" } }, - "required": [ - "ResourcesVpcConfig", - "RoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::Cluster" + "AWS::EC2::NetworkInsightsAccessScope" ], "type": "string" }, @@ -86364,197 +94305,146 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EKS::Cluster.AccessConfig": { + "AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest": { "additionalProperties": false, "properties": { - "AuthenticationMode": { - "markdownDescription": "The desired authentication mode for the cluster. If you create a cluster by using the EKS API, AWS SDKs, or AWS CloudFormation , the default is `CONFIG_MAP` . If you create the cluster by using the AWS Management Console , the default value is `API_AND_CONFIG_MAP` .", - "title": "AuthenticationMode", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", + "markdownDescription": "The destination.", + "title": "Destination" }, - "BootstrapClusterCreatorAdminPermissions": { - "markdownDescription": "Specifies whether or not the cluster creator IAM principal was set as a cluster admin access entry during cluster creation time. The default value is `true` .", - "title": "BootstrapClusterCreatorAdminPermissions", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.ClusterLogging": { - "additionalProperties": false, - "properties": { - "EnabledTypes": { + "Source": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", + "markdownDescription": "The source.", + "title": "Source" + }, + "ThroughResources": { "items": { - "$ref": "#/definitions/AWS::EKS::Cluster.LoggingTypeConfig" + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest" }, - "markdownDescription": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n> When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it.", - "title": "EnabledTypes", + "markdownDescription": "The through resources.", + "title": "ThroughResources", "type": "array" } }, "type": "object" }, - "AWS::EKS::Cluster.ControlPlanePlacement": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the placement group for the Kubernetes control plane instances. This property is only used for a local cluster on an AWS Outpost.", - "title": "GroupName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.EncryptionConfig": { + "AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest": { "additionalProperties": false, "properties": { - "Provider": { - "$ref": "#/definitions/AWS::EKS::Cluster.Provider", - "markdownDescription": "The encryption provider for the cluster.", - "title": "Provider" + "DestinationAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination addresses.", + "title": "DestinationAddresses", + "type": "array" }, - "Resources": { + "DestinationPorts": { "items": { "type": "string" }, - "markdownDescription": "Specifies the resources to be encrypted. The only supported value is `secrets` .", - "title": "Resources", + "markdownDescription": "The destination ports.", + "title": "DestinationPorts", "type": "array" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.KubernetesNetworkConfig": { - "additionalProperties": false, - "properties": { - "IpFamily": { - "markdownDescription": "Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you don't specify a value, `ipv4` is used by default. You can only specify an IP family when you create a cluster and can't change this value once the cluster is created. If you specify `ipv6` , the VPC and subnets that you specify for cluster creation must have both `IPv4` and `IPv6` CIDR blocks assigned to them. You can't specify `ipv6` for clusters in China Regions.\n\nYou can only specify `ipv6` for `1.21` and later clusters that use version `1.10.1` or later of the Amazon VPC CNI add-on. If you specify `ipv6` , then ensure that your VPC meets the requirements listed in the considerations listed in [Assigning IPv6 addresses to pods and services](https://docs.aws.amazon.com/eks/latest/userguide/cni-ipv6.html) in the *Amazon EKS User Guide* . Kubernetes assigns services `IPv6` addresses from the unique local address range `(fc00::/7)` . You can't specify a custom `IPv6` CIDR block. Pod addresses are assigned from the subnet's `IPv6` CIDR.", - "title": "IpFamily", - "type": "string" }, - "ServiceIpv4Cidr": { - "markdownDescription": "Don't specify a value if you select `ipv6` for *ipFamily* . The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the `10.100.0.0/16` or `172.20.0.0/16` CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:\n\n- Within one of the following private IP address blocks: `10.0.0.0/8` , `172.16.0.0/12` , or `192.168.0.0/16` .\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between `/24` and `/12` .\n\n> You can only specify a custom CIDR block when you create a cluster. You can't change this value after the cluster is created.", - "title": "ServiceIpv4Cidr", - "type": "string" + "DestinationPrefixLists": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination prefix lists.", + "title": "DestinationPrefixLists", + "type": "array" }, - "ServiceIpv6Cidr": { - "markdownDescription": "The CIDR block that Kubernetes pod and service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster. Kubernetes assigns service addresses from the unique local address range ( `fc00::/7` ) because you can't specify a custom IPv6 CIDR block when you create the cluster.", - "title": "ServiceIpv6Cidr", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.Logging": { - "additionalProperties": false, - "properties": { - "ClusterLogging": { - "$ref": "#/definitions/AWS::EKS::Cluster.ClusterLogging", - "markdownDescription": "The cluster control plane logging configuration for your cluster.", - "title": "ClusterLogging" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.LoggingTypeConfig": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The name of the log type.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EKS::Cluster.OutpostConfig": { - "additionalProperties": false, - "properties": { - "ControlPlaneInstanceType": { - "markdownDescription": "The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. Choose an instance type based on the number of nodes that your cluster will have. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .\n\nThe instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. The control plane is not automatically scaled by Amazon EKS.", - "title": "ControlPlaneInstanceType", - "type": "string" + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The protocols.", + "title": "Protocols", + "type": "array" }, - "ControlPlanePlacement": { - "$ref": "#/definitions/AWS::EKS::Cluster.ControlPlanePlacement", - "markdownDescription": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on an AWS Outpost. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .", - "title": "ControlPlanePlacement" + "SourceAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The source addresses.", + "title": "SourceAddresses", + "type": "array" }, - "OutpostArns": { + "SourcePorts": { "items": { "type": "string" }, - "markdownDescription": "The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. Only a single Outpost ARN is supported.", - "title": "OutpostArns", + "markdownDescription": "The source ports.", + "title": "SourcePorts", + "type": "array" + }, + "SourcePrefixLists": { + "items": { + "type": "string" + }, + "markdownDescription": "The source prefix lists.", + "title": "SourcePrefixLists", "type": "array" } }, - "required": [ - "ControlPlaneInstanceType", - "OutpostArns" - ], "type": "object" }, - "AWS::EKS::Cluster.Provider": { + "AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric and created in the same AWS Region as the cluster. If the KMS key was created in a different account, the [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) must have access to the KMS key. For more information, see [Allowing users in other accounts to use a KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KeyArn", - "type": "string" + "PacketHeaderStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest", + "markdownDescription": "The packet header statement.", + "title": "PacketHeaderStatement" + }, + "ResourceStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", + "markdownDescription": "The resource statement.", + "title": "ResourceStatement" } }, "type": "object" }, - "AWS::EKS::Cluster.ResourcesVpcConfig": { + "AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest": { "additionalProperties": false, "properties": { - "EndpointPrivateAccess": { - "markdownDescription": "Set this value to `true` to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is `false` , which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", - "title": "EndpointPrivateAccess", - "type": "boolean" - }, - "EndpointPublicAccess": { - "markdownDescription": "Set this value to `false` to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is `true` , which enables public access for your Kubernetes API server. The endpoint domain name and IP address family depends on the value of the `ipFamily` for the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", - "title": "EndpointPublicAccess", - "type": "boolean" - }, - "PublicAccessCidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is `0.0.0.0/0` and additionally `::/0` for dual-stack `IPv6` clusters. If you've disabled private endpoint access, make sure that you specify the necessary CIDR blocks for every node and AWS Fargate `Pod` in the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .\n\nNote that the public endpoints are dual-stack for only `IPv6` clusters that are made after October 2024. You can't add `IPv6` CIDR blocks to `IPv4` clusters or `IPv6` clusters that were made before October 2024.", - "title": "PublicAccessCidrs", - "type": "array" - }, - "SecurityGroupIds": { + "ResourceTypes": { "items": { "type": "string" }, - "markdownDescription": "Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see [Amazon EKS security group considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the **Amazon EKS User Guide** .", - "title": "SecurityGroupIds", + "markdownDescription": "The resource types.", + "title": "ResourceTypes", "type": "array" }, - "SubnetIds": { + "Resources": { "items": { "type": "string" }, - "markdownDescription": "Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.", - "title": "SubnetIds", + "markdownDescription": "The resources.", + "title": "Resources", "type": "array" } }, - "required": [ - "SubnetIds" - ], "type": "object" }, - "AWS::EKS::FargateProfile": { + "AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest": { + "additionalProperties": false, + "properties": { + "ResourceStatement": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", + "markdownDescription": "The resource statement.", + "title": "ResourceStatement" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAccessScopeAnalysis": { "additionalProperties": false, "properties": { "Condition": { @@ -86589,56 +94479,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "FargateProfileName": { - "markdownDescription": "The name of the Fargate profile.", - "title": "FargateProfileName", - "type": "string" - }, - "PodExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `Pod` execution role to use for a `Pod` that matches the selectors in the Fargate profile. The `Pod` execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see [`Pod` execution role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) in the *Amazon EKS User Guide* .", - "title": "PodExecutionRoleArn", + "NetworkInsightsAccessScopeId": { + "markdownDescription": "The ID of the Network Access Scope.", + "title": "NetworkInsightsAccessScopeId", "type": "string" }, - "Selectors": { - "items": { - "$ref": "#/definitions/AWS::EKS::FargateProfile.Selector" - }, - "markdownDescription": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile.", - "title": "Selectors", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", - "title": "Subnets", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" } }, "required": [ - "ClusterName", - "PodExecutionRoleArn", - "Selectors" + "NetworkInsightsAccessScopeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::FargateProfile" + "AWS::EC2::NetworkInsightsAccessScopeAnalysis" ], "type": "string" }, @@ -86657,49 +94519,7 @@ ], "type": "object" }, - "AWS::EKS::FargateProfile.Label": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "Enter a key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "Enter a value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EKS::FargateProfile.Selector": { - "additionalProperties": false, - "properties": { - "Labels": { - "items": { - "$ref": "#/definitions/AWS::EKS::FargateProfile.Label" - }, - "markdownDescription": "The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.", - "title": "Labels", - "type": "array" - }, - "Namespace": { - "markdownDescription": "The Kubernetes `namespace` that the selector should match.", - "title": "Namespace", - "type": "string" - } - }, - "required": [ - "Namespace" - ], - "type": "object" - }, - "AWS::EKS::IdentityProviderConfig": { + "AWS::EC2::NetworkInsightsAnalysis": { "additionalProperties": false, "properties": { "Condition": { @@ -86734,44 +94554,52 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "IdentityProviderConfigName": { - "markdownDescription": "The name of the configuration.", - "title": "IdentityProviderConfigName", - "type": "string" + "AdditionalAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The member accounts that contain resources that the path can traverse.", + "title": "AdditionalAccounts", + "type": "array" }, - "Oidc": { - "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig", - "markdownDescription": "An object representing an OpenID Connect (OIDC) identity provider configuration.", - "title": "Oidc" + "FilterInArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must traverse.", + "title": "FilterInArns", + "type": "array" + }, + "FilterOutArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must ignore.", + "title": "FilterOutArns", + "type": "array" + }, + "NetworkInsightsPathId": { + "markdownDescription": "The ID of the path.", + "title": "NetworkInsightsPathId", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "markdownDescription": "The tags to apply.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The type of the identity provider configuration. The only type available is `oidc` .", - "title": "Type", - "type": "string" } }, "required": [ - "ClusterName", - "Type" + "NetworkInsightsPathId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::IdentityProviderConfig" + "AWS::EC2::NetworkInsightsAnalysis" ], "type": "string" }, @@ -86790,351 +94618,722 @@ ], "type": "object" }, - "AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig": { + "AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail": { "additionalProperties": false, "properties": { - "ClientId": { - "markdownDescription": "This is also known as *audience* . The ID of the client application that makes authentication requests to the OIDC identity provider.", - "title": "ClientId", - "type": "string" - }, - "GroupsClaim": { - "markdownDescription": "The JSON web token (JWT) claim that the provider uses to return your groups.", - "title": "GroupsClaim", - "type": "string" - }, - "GroupsPrefix": { - "markdownDescription": "The prefix that is prepended to group claims to prevent clashes with existing names (such as `system:` groups). For example, the value `oidc:` creates group names like `oidc:engineering` and `oidc:infra` . The prefix can't contain `system:`", - "title": "GroupsPrefix", + "AdditionalDetailType": { + "markdownDescription": "The additional detail code.", + "title": "AdditionalDetailType", "type": "string" }, - "IssuerUrl": { - "markdownDescription": "The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.", - "title": "IssuerUrl", - "type": "string" + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The path component.", + "title": "Component" }, - "RequiredClaims": { + "LoadBalancers": { "items": { - "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.RequiredClaim" + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" }, - "markdownDescription": "The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.", - "title": "RequiredClaims", + "markdownDescription": "The load balancers.", + "title": "LoadBalancers", "type": "array" }, - "UsernameClaim": { - "markdownDescription": "The JSON Web token (JWT) claim that is used as the username.", - "title": "UsernameClaim", - "type": "string" - }, - "UsernamePrefix": { - "markdownDescription": "The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain `system:`", - "title": "UsernamePrefix", + "ServiceName": { + "markdownDescription": "The name of the VPC endpoint service.", + "title": "ServiceName", "type": "string" } }, - "required": [ - "ClientId", - "IssuerUrl" - ], "type": "object" }, - "AWS::EKS::IdentityProviderConfig.RequiredClaim": { + "AWS::EC2::NetworkInsightsAnalysis.AlternatePathHint": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key to match from the token.", - "title": "Key", + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", "type": "string" }, - "Value": { - "markdownDescription": "The value for the key from the token.", - "title": "Value", + "ComponentId": { + "markdownDescription": "The ID of the component.", + "title": "ComponentId", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EKS::Nodegroup": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Cidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation.", + "title": "Cidr", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Egress": { + "markdownDescription": "Indicates whether the rule is an outbound rule.", + "title": "Egress", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AmiType": { - "markdownDescription": "The AMI type for your node group. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `amiType` , or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add `eks:kube-proxy-windows` to your Windows nodes `rolearn` in the `aws-auth` `ConfigMap` . For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "AmiType", - "type": "string" - }, - "CapacityType": { - "markdownDescription": "The capacity type of your managed node group.", - "title": "CapacityType", - "type": "string" - }, - "ClusterName": { - "markdownDescription": "The name of your cluster.", - "title": "ClusterName", - "type": "string" - }, - "DiskSize": { - "markdownDescription": "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify `launchTemplate` , then don't specify `diskSize` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "DiskSize", - "type": "number" - }, - "ForceUpdateEnabled": { - "markdownDescription": "Force the update if any `Pod` on the existing node group can't be drained due to a `Pod` disruption budget issue. If an update fails because all Pods can't be drained, you can force the update after it fails to terminate the old node whether or not any `Pod` is running on the node.", - "title": "ForceUpdateEnabled", - "type": "boolean" - }, - "InstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the `amiType` parameter. If you specify `launchTemplate` , then you can specify zero or one instance type in your launch template *or* you can specify 0-20 instance types for `instanceTypes` . If however, you specify an instance type in your launch template *and* specify any `instanceTypes` , the node group deployment will fail. If you don't specify an instance type in a launch template or for `instanceTypes` , then `t3.medium` is used, by default. If you specify `Spot` for `capacityType` , then we recommend specifying multiple values for `instanceTypes` . For more information, see [Managed node group capacity types](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "InstanceTypes", - "type": "array" - }, - "Labels": { - "additionalProperties": true, - "markdownDescription": "The Kubernetes `labels` applied to the nodes in the node group.\n\n> Only `labels` that are applied with the Amazon EKS API are shown here. There may be other Kubernetes `labels` applied to the nodes in this group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Labels", - "type": "object" - }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.LaunchTemplateSpecification", - "markdownDescription": "An object representing a node group's launch template specification. When using this object, don't directly specify `instanceTypes` , `diskSize` , or `remoteAccess` . You cannot later specify a different launch template ID or name than what was used to create the node group.\n\nMake sure that the launch template meets the requirements in `launchTemplateSpecification` . Also refer to [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "LaunchTemplate" - }, - "NodeRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the **Amazon EKS User Guide** . If you specify `launchTemplate` , then don't specify `[IamInstanceProfile](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "NodeRole", - "type": "string" - }, - "NodegroupName": { - "markdownDescription": "The unique name to give your node group.", - "title": "NodegroupName", - "type": "string" - }, - "ReleaseVersion": { - "markdownDescription": "The AMI version of the Amazon EKS optimized AMI to use with your node group (for example, `1.14.7- *YYYYMMDD*` ). By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see [Amazon EKS optimized Linux AMI Versions](https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the *Amazon EKS User Guide* .\n\n> Changing this value triggers an update of the node group if one is available. You can't update other properties at the same time as updating `Release Version` .", - "title": "ReleaseVersion", - "type": "string" - }, - "RemoteAccess": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.RemoteAccess", - "markdownDescription": "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify `launchTemplate` , then don't specify `remoteAccess` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "RemoteAccess" - }, - "ScalingConfig": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.ScalingConfig", - "markdownDescription": "The scaling configuration details for the Auto Scaling group that is created for your node group.", - "title": "ScalingConfig" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnets to use for the Auto Scaling group that is created for your node group. If you specify `launchTemplate` , then don't specify `[SubnetId](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", - "title": "Subnets", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Taints": { - "items": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.Taint" - }, - "markdownDescription": "The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of `No_Schedule` , `Prefer_No_Schedule` , or `No_Execute` . Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see [Node taints on managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html) .", - "title": "Taints", - "type": "array" - }, - "UpdateConfig": { - "$ref": "#/definitions/AWS::EKS::Nodegroup.UpdateConfig", - "markdownDescription": "The node group update configuration.", - "title": "UpdateConfig" - }, - "Version": { - "markdownDescription": "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `version` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Launch template support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .\n\n> You can't update other properties at the same time as updating `Version` .", - "title": "Version", - "type": "string" - } - }, - "required": [ - "ClusterName", - "NodeRole", - "Subnets" - ], - "type": "object" + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", + "markdownDescription": "The range of ports.", + "title": "PortRange" }, - "Type": { - "enum": [ - "AWS::EKS::Nodegroup" - ], + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RuleAction": { + "markdownDescription": "Indicates whether to allow or deny traffic that matches the rule.", + "title": "RuleAction", "type": "string" + }, + "RuleNumber": { + "markdownDescription": "The rule number.", + "title": "RuleNumber", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::EKS::Nodegroup.LaunchTemplateSpecification": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent": { "additionalProperties": false, "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "Arn", + "type": "string" + }, "Id": { - "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name in the request, but not both. After node group creation, you cannot use a different ID.", + "markdownDescription": "The ID of the component.", "title": "Id", "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener": { + "additionalProperties": false, + "properties": { + "InstancePort": { + "markdownDescription": "[Classic Load Balancers] The back-end port for the listener.", + "title": "InstancePort", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template name or the launch template ID in the request, but not both. After node group creation, you cannot use a different name.", - "title": "Name", + "LoadBalancerPort": { + "markdownDescription": "The port on which the load balancer is listening.", + "title": "LoadBalancerPort", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The IP address.", + "title": "Address", "type": "string" }, - "Version": { - "markdownDescription": "The version number of the launch template to use. If no version is specified, then the template's default version is used. You can use a different version for node group updates.", - "title": "Version", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.", + "title": "AvailabilityZone", "type": "string" + }, + "Instance": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "Information about the instance.", + "title": "Instance" + }, + "Port": { + "markdownDescription": "The port on which the target is listening.", + "title": "Port", + "type": "number" } }, "type": "object" }, - "AWS::EKS::Nodegroup.RemoteAccess": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader": { "additionalProperties": false, "properties": { - "Ec2SshKey": { - "markdownDescription": "The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* .", - "title": "Ec2SshKey", + "DestinationAddresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The destination addresses.", + "title": "DestinationAddresses", + "type": "array" + }, + "DestinationPortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The destination port ranges.", + "title": "DestinationPortRanges", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" }, - "SourceSecurityGroups": { + "SourceAddresses": { "items": { "type": "string" }, - "markdownDescription": "The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "SourceSecurityGroups", + "markdownDescription": "The source addresses.", + "title": "SourceAddresses", + "type": "array" + }, + "SourcePortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The source port ranges.", + "title": "SourcePortRanges", "type": "array" } }, - "required": [ - "Ec2SshKey" - ], "type": "object" }, - "AWS::EKS::Nodegroup.ScalingConfig": { + "AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute": { "additionalProperties": false, "properties": { - "DesiredSize": { - "markdownDescription": "The current number of nodes that the managed node group should maintain.\n\n> If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. \n\nWhenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template.\n\nThis parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` .", - "title": "DesiredSize", + "NatGatewayId": { + "markdownDescription": "The ID of a NAT gateway.", + "title": "NatGatewayId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of a network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "Origin": { + "markdownDescription": "Describes how the route was created. The following are the possible values:\n\n- CreateRouteTable - The route was automatically created when the route table was created.\n- CreateRoute - The route was manually added to the route table.\n- EnableVgwRoutePropagation - The route was propagated by route propagation.", + "title": "Origin", + "type": "string" + }, + "State": { + "markdownDescription": "The state. The following are the possible values:\n\n- active\n- blackhole", + "title": "State", + "type": "string" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of a transit gateway.", + "title": "TransitGatewayId", + "type": "string" + }, + "VpcPeeringConnectionId": { + "markdownDescription": "The ID of a VPC peering connection.", + "title": "VpcPeeringConnectionId", + "type": "string" + }, + "destinationCidr": { + "markdownDescription": "The destination IPv4 address, in CIDR notation.", + "title": "destinationCidr", + "type": "string" + }, + "destinationPrefixListId": { + "markdownDescription": "The prefix of the AWS service.", + "title": "destinationPrefixListId", + "type": "string" + }, + "egressOnlyInternetGatewayId": { + "markdownDescription": "The ID of an egress-only internet gateway.", + "title": "egressOnlyInternetGatewayId", + "type": "string" + }, + "gatewayId": { + "markdownDescription": "The ID of the gateway, such as an internet gateway or virtual private gateway.", + "title": "gatewayId", + "type": "string" + }, + "instanceId": { + "markdownDescription": "The ID of the instance, such as a NAT instance.", + "title": "instanceId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule": { + "additionalProperties": false, + "properties": { + "Cidr": { + "markdownDescription": "The IPv4 address range, in CIDR notation.", + "title": "Cidr", + "type": "string" + }, + "Direction": { + "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", + "title": "Direction", + "type": "string" + }, + "PortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", + "markdownDescription": "The port range.", + "title": "PortRange" + }, + "PrefixListId": { + "markdownDescription": "The prefix list ID.", + "title": "PrefixListId", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol name.", + "title": "Protocol", + "type": "string" + }, + "SecurityGroupId": { + "markdownDescription": "The security group ID.", + "title": "SecurityGroupId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsAnalysis.Explanation": { + "additionalProperties": false, + "properties": { + "Acl": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The network ACL.", + "title": "Acl" + }, + "AclRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", + "markdownDescription": "The network ACL rule.", + "title": "AclRule" + }, + "Address": { + "markdownDescription": "The IPv4 address, in CIDR notation.", + "title": "Address", + "type": "string" + }, + "Addresses": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 addresses, in CIDR notation.", + "title": "Addresses", + "type": "array" + }, + "AttachedTo": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The resource to which the component is attached.", + "title": "AttachedTo" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones.", + "title": "AvailabilityZones", + "type": "array" + }, + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The CIDR ranges.", + "title": "Cidrs", + "type": "array" + }, + "ClassicLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener", + "markdownDescription": "The listener for a Classic Load Balancer.", + "title": "ClassicLoadBalancerListener" + }, + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component.", + "title": "Component" + }, + "ComponentAccount": { + "markdownDescription": "The AWS account for the component.", + "title": "ComponentAccount", + "type": "string" + }, + "ComponentRegion": { + "markdownDescription": "The Region for the component.", + "title": "ComponentRegion", + "type": "string" + }, + "CustomerGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The customer gateway.", + "title": "CustomerGateway" + }, + "Destination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination.", + "title": "Destination" + }, + "DestinationVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination VPC.", + "title": "DestinationVpc" + }, + "Direction": { + "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", + "title": "Direction", + "type": "string" + }, + "ElasticLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The load balancer listener.", + "title": "ElasticLoadBalancerListener" + }, + "ExplanationCode": { + "markdownDescription": "The explanation code.", + "title": "ExplanationCode", + "type": "string" + }, + "IngressRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table.", + "title": "IngressRouteTable" + }, + "InternetGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The internet gateway.", + "title": "InternetGateway" + }, + "LoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", + "title": "LoadBalancerArn", + "type": "string" + }, + "LoadBalancerListenerPort": { + "markdownDescription": "The listener port of the load balancer.", + "title": "LoadBalancerListenerPort", "type": "number" }, - "MaxSize": { - "markdownDescription": "The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* .", - "title": "MaxSize", + "LoadBalancerTarget": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget", + "markdownDescription": "The target.", + "title": "LoadBalancerTarget" + }, + "LoadBalancerTargetGroup": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The target group.", + "title": "LoadBalancerTargetGroup" + }, + "LoadBalancerTargetGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + }, + "markdownDescription": "The target groups.", + "title": "LoadBalancerTargetGroups", + "type": "array" + }, + "LoadBalancerTargetPort": { + "markdownDescription": "The target port.", + "title": "LoadBalancerTargetPort", "type": "number" }, - "MinSize": { - "markdownDescription": "The minimum number of nodes that the managed node group can scale in to.", - "title": "MinSize", + "MissingComponent": { + "markdownDescription": "The missing component.", + "title": "MissingComponent", + "type": "string" + }, + "NatGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The NAT gateway.", + "title": "NatGateway" + }, + "NetworkInterface": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The network interface.", + "title": "NetworkInterface" + }, + "PacketField": { + "markdownDescription": "The packet field.", + "title": "PacketField", + "type": "string" + }, + "Port": { + "markdownDescription": "The port.", + "title": "Port", "type": "number" + }, + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" + }, + "PrefixList": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The prefix list.", + "title": "PrefixList" + }, + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The protocols.", + "title": "Protocols", + "type": "array" + }, + "RouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table.", + "title": "RouteTable" + }, + "RouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", + "markdownDescription": "The route table route.", + "title": "RouteTableRoute" + }, + "SecurityGroup": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The security group.", + "title": "SecurityGroup" + }, + "SecurityGroupRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", + "markdownDescription": "The security group rule.", + "title": "SecurityGroupRule" + }, + "SecurityGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" + }, + "markdownDescription": "The security groups.", + "title": "SecurityGroups", + "type": "array" + }, + "SourceVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The source VPC.", + "title": "SourceVpc" + }, + "State": { + "markdownDescription": "The state.", + "title": "State", + "type": "string" + }, + "Subnet": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The subnet.", + "title": "Subnet" + }, + "SubnetRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The route table for the subnet.", + "title": "SubnetRouteTable" + }, + "TransitGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway.", + "title": "TransitGateway" + }, + "TransitGatewayAttachment": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway attachment.", + "title": "TransitGatewayAttachment" + }, + "TransitGatewayRouteTable": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway route table.", + "title": "TransitGatewayRouteTable" + }, + "TransitGatewayRouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", + "markdownDescription": "The transit gateway route table route.", + "title": "TransitGatewayRouteTableRoute" + }, + "Vpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component VPC.", + "title": "Vpc" + }, + "VpcPeeringConnection": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPC peering connection.", + "title": "VpcPeeringConnection" + }, + "VpnConnection": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPN connection.", + "title": "VpnConnection" + }, + "VpnGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPN gateway.", + "title": "VpnGateway" + }, + "vpcEndpoint": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The VPC endpoint.", + "title": "vpcEndpoint" } }, "type": "object" }, - "AWS::EKS::Nodegroup.Taint": { + "AWS::EC2::NetworkInsightsAnalysis.PathComponent": { "additionalProperties": false, "properties": { - "Effect": { - "markdownDescription": "The effect of the taint.", - "title": "Effect", - "type": "string" + "AclRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", + "markdownDescription": "The network ACL rule.", + "title": "AclRule" }, - "Key": { - "markdownDescription": "The key of the taint.", - "title": "Key", - "type": "string" + "AdditionalDetails": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail" + }, + "markdownDescription": "The additional details.", + "title": "AdditionalDetails", + "type": "array" }, - "Value": { - "markdownDescription": "The value of the taint.", - "title": "Value", + "Component": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component.", + "title": "Component" + }, + "DestinationVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The destination VPC.", + "title": "DestinationVpc" + }, + "ElasticLoadBalancerListener": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The load balancer listener.", + "title": "ElasticLoadBalancerListener" + }, + "Explanations": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.Explanation" + }, + "markdownDescription": "The explanation codes.", + "title": "Explanations", + "type": "array" + }, + "InboundHeader": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", + "markdownDescription": "The inbound header.", + "title": "InboundHeader" + }, + "OutboundHeader": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", + "markdownDescription": "The outbound header.", + "title": "OutboundHeader" + }, + "RouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", + "markdownDescription": "The route table route.", + "title": "RouteTableRoute" + }, + "SecurityGroupRule": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", + "markdownDescription": "The security group rule.", + "title": "SecurityGroupRule" + }, + "SequenceNumber": { + "markdownDescription": "The sequence number.", + "title": "SequenceNumber", + "type": "number" + }, + "ServiceName": { + "markdownDescription": "The name of the VPC endpoint service.", + "title": "ServiceName", "type": "string" + }, + "SourceVpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The source VPC.", + "title": "SourceVpc" + }, + "Subnet": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The subnet.", + "title": "Subnet" + }, + "TransitGateway": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The transit gateway.", + "title": "TransitGateway" + }, + "TransitGatewayRouteTableRoute": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", + "markdownDescription": "The route in a transit gateway route table.", + "title": "TransitGatewayRouteTableRoute" + }, + "Vpc": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", + "markdownDescription": "The component VPC.", + "title": "Vpc" } }, "type": "object" }, - "AWS::EKS::Nodegroup.UpdateConfig": { + "AWS::EC2::NetworkInsightsAnalysis.PortRange": { "additionalProperties": false, "properties": { - "MaxUnavailable": { - "markdownDescription": "The maximum number of nodes unavailable at once during a version update. Nodes are updated in parallel. This value or `maxUnavailablePercentage` is required to have a value.The maximum number is 100.", - "title": "MaxUnavailable", + "From": { + "markdownDescription": "The first port in the range.", + "title": "From", "type": "number" }, - "MaxUnavailablePercentage": { - "markdownDescription": "The maximum percentage of nodes unavailable during a version update. This percentage of nodes are updated in parallel, up to 100 nodes at once. This value or `maxUnavailable` is required to have a value.", - "title": "MaxUnavailablePercentage", + "To": { + "markdownDescription": "The last port in the range.", + "title": "To", "type": "number" } }, "type": "object" }, - "AWS::EKS::PodIdentityAssociation": { + "AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute": { + "additionalProperties": false, + "properties": { + "AttachmentId": { + "markdownDescription": "The ID of the route attachment.", + "title": "AttachmentId", + "type": "string" + }, + "DestinationCidr": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidr", + "type": "string" + }, + "PrefixListId": { + "markdownDescription": "The ID of the prefix list.", + "title": "PrefixListId", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the resource for the route attachment.", + "title": "ResourceId", + "type": "string" + }, + "ResourceType": { + "markdownDescription": "The resource type for the route attachment.", + "title": "ResourceType", + "type": "string" + }, + "RouteOrigin": { + "markdownDescription": "The route origin. The following are the possible values:\n\n- static\n- propagated", + "title": "RouteOrigin", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the route.", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsPath": { "additionalProperties": false, "properties": { "Condition": { @@ -87169,46 +95368,64 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterName": { - "markdownDescription": "The name of the cluster that the association is in.", - "title": "ClusterName", + "Destination": { + "markdownDescription": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN.", + "title": "Destination", "type": "string" }, - "Namespace": { - "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the Pods that use the service account must be in this namespace.", - "title": "Namespace", + "DestinationIp": { + "markdownDescription": "The IP address of the destination.", + "title": "DestinationIp", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", - "title": "RoleArn", + "DestinationPort": { + "markdownDescription": "The destination port.", + "title": "DestinationPort", + "type": "number" + }, + "FilterAtDestination": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", + "markdownDescription": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address.", + "title": "FilterAtDestination" + }, + "FilterAtSource": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", + "markdownDescription": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port.", + "title": "FilterAtSource" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" }, - "ServiceAccount": { - "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", - "title": "ServiceAccount", + "Source": { + "markdownDescription": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN.", + "title": "Source", + "type": "string" + }, + "SourceIp": { + "markdownDescription": "The IP address of the source.", + "title": "SourceIp", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "markdownDescription": "The tags to add to the path.", "title": "Tags", "type": "array" } }, "required": [ - "ClusterName", - "Namespace", - "RoleArn", - "ServiceAccount" + "Protocol", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::EKS::PodIdentityAssociation" + "AWS::EC2::NetworkInsightsPath" ], "type": "string" }, @@ -87227,7 +95444,49 @@ ], "type": "object" }, - "AWS::EMR::Cluster": { + "AWS::EC2::NetworkInsightsPath.FilterPortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The first port in the range.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The last port in the range.", + "title": "ToPort", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInsightsPath.PathFilter": { + "additionalProperties": false, + "properties": { + "DestinationAddress": { + "markdownDescription": "The destination IPv4 address.", + "title": "DestinationAddress", + "type": "string" + }, + "DestinationPortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", + "markdownDescription": "The destination port range.", + "title": "DestinationPortRange" + }, + "SourceAddress": { + "markdownDescription": "The source IPv4 address.", + "title": "SourceAddress", + "type": "string" + }, + "SourcePortRange": { + "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", + "markdownDescription": "The source port range.", + "title": "SourcePortRange" + } + }, + "type": "object" + }, + "AWS::EC2::NetworkInterface": { "additionalProperties": false, "properties": { "Condition": { @@ -87262,171 +95521,113 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInfo": { - "markdownDescription": "A JSON string for selecting additional features.", - "title": "AdditionalInfo", - "type": "object" + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.ConnectionTrackingSpecification", + "markdownDescription": "A connection tracking specification for the network interface.", + "title": "ConnectionTrackingSpecification" }, - "Applications": { + "Description": { + "markdownDescription": "A description for the network interface.", + "title": "Description", + "type": "string" + }, + "GroupSet": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Application" + "type": "string" }, - "markdownDescription": "The applications to install on this cluster, for example, Spark, Flink, Oozie, Zeppelin, and so on.", - "title": "Applications", + "markdownDescription": "The IDs of the security groups associated with this network interface.", + "title": "GroupSet", "type": "array" }, - "AutoScalingRole": { - "markdownDescription": "An IAM role for automatic scaling policies. The default role is `EMR_AutoScaling_DefaultRole` . The IAM role provides permissions that the automatic scaling feature requires to launch and terminate Amazon EC2 instances in an instance group.", - "title": "AutoScalingRole", + "InterfaceType": { + "markdownDescription": "The type of network interface. The default is `interface` . The supported values are `efa` and `trunk` .", + "title": "InterfaceType", "type": "string" }, - "AutoTerminationPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.AutoTerminationPolicy", - "markdownDescription": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see [Control cluster termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) .", - "title": "AutoTerminationPolicy" + "Ipv4PrefixCount": { + "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", + "title": "Ipv4PrefixCount", + "type": "number" }, - "BootstrapActions": { + "Ipv4Prefixes": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.BootstrapActionConfig" + "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv4PrefixSpecification" }, - "markdownDescription": "A list of bootstrap actions to run before Hadoop starts on the cluster nodes.", - "title": "BootstrapActions", + "markdownDescription": "The IPv4 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", + "title": "Ipv4Prefixes", "type": "array" }, - "Configurations": { + "Ipv6AddressCount": { + "markdownDescription": "The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the `Ipv6Addresses` property and don't specify this property.\n\nWhen creating a network interface, you can't specify a count of IPv6 addresses if you've specified one of the following: specific IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/AWS::EC2::NetworkInterface.InstanceIpv6Address" }, - "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", - "title": "Configurations", + "markdownDescription": "The IPv6 addresses from the IPv6 CIDR block range of your subnet to assign to the network interface. If you're specifying a number of IPv6 addresses, use the `Ipv6AddressCount` property and don't specify this property.\n\nWhen creating a network interface, you can't specify IPv6 addresses if you've specified one of the following: a count of IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", + "title": "Ipv6Addresses", "type": "array" }, - "CustomAmiId": { - "markdownDescription": "Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsRootVolumeIops": { - "markdownDescription": "The IOPS, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", - "title": "EbsRootVolumeIops", - "type": "number" - }, - "EbsRootVolumeSize": { - "markdownDescription": "The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.", - "title": "EbsRootVolumeSize", - "type": "number" - }, - "EbsRootVolumeThroughput": { - "markdownDescription": "The throughput, in MiB/s, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", - "title": "EbsRootVolumeThroughput", + "Ipv6PrefixCount": { + "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", + "title": "Ipv6PrefixCount", "type": "number" }, - "Instances": { - "$ref": "#/definitions/AWS::EMR::Cluster.JobFlowInstancesConfig", - "markdownDescription": "A specification of the number and type of Amazon EC2 instances.", - "title": "Instances" - }, - "JobFlowRole": { - "markdownDescription": "Also called instance profile and Amazon EC2 role. An IAM role for an Amazon EMR cluster. The Amazon EC2 instances of the cluster assume this role. The default role is `EMR_EC2_DefaultRole` . In order to use the default role, you must have already created it using the AWS CLI or console.", - "title": "JobFlowRole", - "type": "string" - }, - "KerberosAttributes": { - "$ref": "#/definitions/AWS::EMR::Cluster.KerberosAttributes", - "markdownDescription": "Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration. For more information see [Use Kerberos Authentication](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-kerberos.html) in the *Amazon EMR Management Guide* .", - "title": "KerberosAttributes" - }, - "LogEncryptionKmsKeyId": { - "markdownDescription": "The AWS KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding Amazon EMR 6.0.0.", - "title": "LogEncryptionKmsKeyId", - "type": "string" - }, - "LogUri": { - "markdownDescription": "The path to the Amazon S3 location where logs for this cluster are stored.", - "title": "LogUri", - "type": "string" - }, - "ManagedScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.ManagedScalingPolicy", - "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "ManagedScalingPolicy" - }, - "Name": { - "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", - "title": "Name", - "type": "string" + "Ipv6Prefixes": { + "items": { + "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv6PrefixSpecification" + }, + "markdownDescription": "The IPv6 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", + "title": "Ipv6Prefixes", + "type": "array" }, - "OSReleaseLabel": { - "markdownDescription": "The Amazon Linux release specified in a cluster launch RunJobFlow request. If no Amazon Linux release was specified, the default Amazon Linux release is shown in the response.", - "title": "OSReleaseLabel", + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address to assign to the network interface as the primary private IP address. If you want to specify multiple private IP addresses, use the `PrivateIpAddresses` property.", + "title": "PrivateIpAddress", "type": "string" }, - "PlacementGroupConfigs": { + "PrivateIpAddresses": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.PlacementGroupConfig" + "$ref": "#/definitions/AWS::EC2::NetworkInterface.PrivateIpAddressSpecification" }, - "markdownDescription": "", - "title": "PlacementGroupConfigs", + "markdownDescription": "The private IPv4 addresses to assign to the network interface. You can specify a primary private IP address by setting the value of the `Primary` property to `true` in the `PrivateIpAddressSpecification` property. If you want EC2 to automatically assign private IP addresses, use the `SecondaryPrivateIpAddressCount` property and do not specify this property.\n\nWhen creating a network interface, you can't specify private IPv4 addresses if you've specified one of the following: a count of private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", + "title": "PrivateIpAddresses", "type": "array" }, - "ReleaseLabel": { - "markdownDescription": "The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form `emr-x.x.x` , where x.x.x is an Amazon EMR release version such as `emr-5.14.0` . For more information about Amazon EMR release versions and included application versions and features, see [](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/) . The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use `AmiVersion` .", - "title": "ReleaseLabel", - "type": "string" - }, - "ScaleDownBehavior": { - "markdownDescription": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. `TERMINATE_AT_INSTANCE_HOUR` indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. `TERMINATE_AT_TASK_COMPLETION` indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. `TERMINATE_AT_TASK_COMPLETION` is available only in Amazon EMR releases 4.1.0 and later, and is the default for versions of Amazon EMR earlier than 5.1.0.", - "title": "ScaleDownBehavior", - "type": "string" + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using `privateIpAddresses` .\n\nWhen creating a Network Interface, you can't specify a count of private IPv4 addresses if you've specified one of the following: specific private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" }, - "SecurityConfiguration": { - "markdownDescription": "The name of the security configuration applied to the cluster.", - "title": "SecurityConfiguration", - "type": "string" + "SourceDestCheck": { + "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", + "title": "SourceDestCheck", + "type": "boolean" }, - "ServiceRole": { - "markdownDescription": "The IAM role that Amazon EMR assumes in order to access AWS resources on your behalf.", - "title": "ServiceRole", + "SubnetId": { + "markdownDescription": "The ID of the subnet to associate with the network interface.", + "title": "SubnetId", "type": "string" }, - "StepConcurrencyLevel": { - "markdownDescription": "Specifies the number of steps that can be executed concurrently. The default value is `1` . The maximum value is `256` .", - "title": "StepConcurrencyLevel", - "type": "number" - }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.StepConfig" - }, - "markdownDescription": "A list of steps to run.", - "title": "Steps", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags associated with a cluster.", + "markdownDescription": "The tags to apply to the network interface.", "title": "Tags", "type": "array" - }, - "VisibleToAllUsers": { - "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", - "title": "VisibleToAllUsers", - "type": "boolean" } }, "required": [ - "Instances", - "JobFlowRole", - "Name", - "ServiceRole" + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::Cluster" + "AWS::EC2::NetworkInterface" ], "type": "string" }, @@ -87445,910 +95646,864 @@ ], "type": "object" }, - "AWS::EMR::Cluster.Application": { + "AWS::EC2::NetworkInterface.ConnectionTrackingSpecification": { "additionalProperties": false, "properties": { - "AdditionalInfo": { - "additionalProperties": true, - "markdownDescription": "This option is for advanced users only. This is meta information about clusters and applications that are used for testing and troubleshooting.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalInfo", - "type": "object" - }, - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "Arguments for Amazon EMR to pass to the application.", - "title": "Args", - "type": "array" + "TcpEstablishedTimeout": { + "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", + "title": "TcpEstablishedTimeout", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", - "type": "string" + "UdpStreamTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", + "title": "UdpStreamTimeout", + "type": "number" }, - "Version": { - "markdownDescription": "The version of the application.", - "title": "Version", - "type": "string" + "UdpTimeout": { + "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", + "title": "UdpTimeout", + "type": "number" } }, "type": "object" }, - "AWS::EMR::Cluster.AutoScalingPolicy": { + "AWS::EC2::NetworkInterface.InstanceIpv6Address": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingConstraints", - "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", - "title": "Constraints" - }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingRule" - }, - "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", - "title": "Rules", - "type": "array" + "Ipv6Address": { + "markdownDescription": "An IPv6 address to associate with the network interface.", + "title": "Ipv6Address", + "type": "string" } }, "required": [ - "Constraints", - "Rules" + "Ipv6Address" ], "type": "object" }, - "AWS::EMR::Cluster.AutoTerminationPolicy": { - "additionalProperties": false, - "properties": { - "IdleTimeout": { - "markdownDescription": "Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of 60 seconds and a maximum of 604800 seconds (seven days).", - "title": "IdleTimeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.BootstrapActionConfig": { + "AWS::EC2::NetworkInterface.Ipv4PrefixSpecification": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the bootstrap action.", - "title": "Name", + "Ipv4Prefix": { + "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", + "title": "Ipv4Prefix", "type": "string" - }, - "ScriptBootstrapAction": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScriptBootstrapActionConfig", - "markdownDescription": "The script run by the bootstrap action.", - "title": "ScriptBootstrapAction" } }, "required": [ - "Name", - "ScriptBootstrapAction" + "Ipv4Prefix" ], "type": "object" }, - "AWS::EMR::Cluster.CloudWatchAlarmDefinition": { + "AWS::EC2::NetworkInterface.Ipv6PrefixSpecification": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", - "title": "ComparisonOperator", - "type": "string" - }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.MetricDimension" - }, - "markdownDescription": "A CloudWatch metric dimension.", - "title": "Dimensions", - "type": "array" - }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", - "title": "EvaluationPeriods", - "type": "number" - }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", - "title": "Namespace", - "type": "string" - }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", - "title": "Statistic", - "type": "string" - }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", - "type": "number" - }, - "Unit": { - "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", - "title": "Unit", + "Ipv6Prefix": { + "markdownDescription": "The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* .", + "title": "Ipv6Prefix", "type": "string" } }, "required": [ - "ComparisonOperator", - "MetricName", - "Period", - "Threshold" + "Ipv6Prefix" ], "type": "object" }, - "AWS::EMR::Cluster.ComputeLimits": { + "AWS::EC2::NetworkInterface.PrivateIpAddressSpecification": { "additionalProperties": false, "properties": { - "MaximumCapacityUnits": { - "markdownDescription": "The upper boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "MaximumCapacityUnits", - "type": "number" - }, - "MaximumCoreCapacityUnits": { - "markdownDescription": "The upper boundary of Amazon EC2 units for core node type in a cluster. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The core units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between core and task nodes.", - "title": "MaximumCoreCapacityUnits", - "type": "number" - }, - "MaximumOnDemandCapacityUnits": { - "markdownDescription": "The upper boundary of On-Demand Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The On-Demand units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between On-Demand and Spot Instances.", - "title": "MaximumOnDemandCapacityUnits", - "type": "number" - }, - "MinimumCapacityUnits": { - "markdownDescription": "The lower boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "MinimumCapacityUnits", - "type": "number" + "Primary": { + "markdownDescription": "Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address.", + "title": "Primary", + "type": "boolean" }, - "UnitType": { - "markdownDescription": "The unit type used for specifying a managed scaling policy.", - "title": "UnitType", + "PrivateIpAddress": { + "markdownDescription": "The private IP address of the network interface.", + "title": "PrivateIpAddress", "type": "string" } }, "required": [ - "MaximumCapacityUnits", - "MinimumCapacityUnits", - "UnitType" + "Primary", + "PrivateIpAddress" ], "type": "object" }, - "AWS::EMR::Cluster.Configuration": { + "AWS::EC2::NetworkInterfaceAttachment": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", + "Condition": { "type": "string" }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "ConfigurationProperties", + ] + }, + "Metadata": { "type": "object" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "Properties": { + "additionalProperties": false, + "properties": { + "DeleteOnTermination": { + "markdownDescription": "Whether to delete the network interface when the instance terminates. By default, this value is set to `true` .", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "DeviceIndex": { + "markdownDescription": "The network interface's position in the attachment order. For example, the first attached network interface has a `DeviceIndex` of 0.", + "title": "DeviceIndex", + "type": "string" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification", + "markdownDescription": "Configures ENA Express for the network interface that this action attaches to the instance.", + "title": "EnaSrdSpecification" + }, + "InstanceId": { + "markdownDescription": "The ID of the instance to which you will attach the ENI.", + "title": "InstanceId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the ENI that you want to attach.", + "title": "NetworkInterfaceId", + "type": "string" + } }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" + "required": [ + "DeviceIndex", + "InstanceId", + "NetworkInterfaceId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::NetworkInterfaceAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EMR::Cluster.EbsBlockDeviceConfig": { + "AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification": { "additionalProperties": false, "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" + "EnaSrdEnabled": { + "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", + "title": "EnaSrdEnabled", + "type": "boolean" }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", - "type": "number" + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification", + "markdownDescription": "Configures ENA Express for UDP network traffic.", + "title": "EnaSrdUdpSpecification" } }, - "required": [ - "VolumeSpecification" - ], "type": "object" }, - "AWS::EMR::Cluster.EbsConfiguration": { + "AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification": { "additionalProperties": false, "properties": { - "EbsBlockDeviceConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsBlockDeviceConfig" - }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", + "EnaSrdUdpEnabled": { + "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", + "title": "EnaSrdUdpEnabled", "type": "boolean" } }, "type": "object" }, - "AWS::EMR::Cluster.HadoopJarStepConfig": { + "AWS::EC2::NetworkInterfacePermission": { "additionalProperties": false, "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", - "title": "Args", - "type": "array" - }, - "Jar": { - "markdownDescription": "A path to a JAR file run during the step.", - "title": "Jar", + "Condition": { "type": "string" }, - "MainClass": { - "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", - "title": "MainClass", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StepProperties": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.KeyValue" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "Permission": { + "markdownDescription": "The type of permission to grant: `INSTANCE-ATTACH` or `EIP-ASSOCIATE` .", + "title": "Permission", + "type": "string" + } }, - "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key-value pairs to your main function.", - "title": "StepProperties", - "type": "array" + "required": [ + "AwsAccountId", + "NetworkInterfaceId", + "Permission" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::NetworkInterfacePermission" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Jar" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.InstanceFleetConfig": { + "AWS::EC2::NetworkPerformanceMetricSubscription": { "additionalProperties": false, "properties": { - "InstanceTypeConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceTypeConfig" - }, - "markdownDescription": "The instance type configurations that define the Amazon EC2 instances in the instance fleet.", - "title": "InstanceTypeConfigs", - "type": "array" - }, - "LaunchSpecifications": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications", - "markdownDescription": "The launch specification for the instance fleet.", - "title": "LaunchSpecifications" + "Condition": { + "type": "string" }, - "Name": { - "markdownDescription": "The friendly name of the instance fleet.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TargetOnDemandCapacity": { - "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetOnDemandCapacity", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TargetSpotCapacity": { - "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetSpotCapacity", - "type": "number" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications": { - "additionalProperties": false, - "properties": { - "OnDemandSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandProvisioningSpecification", - "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", - "title": "OnDemandSpecification" + "Metadata": { + "type": "object" }, - "SpotSpecification": { - "$ref": "#/definitions/AWS::EMR::Cluster.SpotProvisioningSpecification", - "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", - "title": "SpotSpecification" + "Properties": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The Region or Availability Zone that's the target for the subscription. For example, `eu-west-1` .", + "title": "Destination", + "type": "string" + }, + "Metric": { + "markdownDescription": "The metric used for the subscription.", + "title": "Metric", + "type": "string" + }, + "Source": { + "markdownDescription": "The Region or Availability Zone that's the source for the subscription. For example, `us-east-1` .", + "title": "Source", + "type": "string" + }, + "Statistic": { + "markdownDescription": "The statistic used for the subscription.", + "title": "Statistic", + "type": "string" + } + }, + "required": [ + "Destination", + "Metric", + "Source", + "Statistic" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::NetworkPerformanceMetricSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::EMR::Cluster.InstanceGroupConfig": { + "AWS::EC2::PlacementGroup": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::Cluster.AutoScalingPolicy", - "markdownDescription": "`AutoScalingPolicy` is a subproperty of the [InstanceGroupConfig](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-emr-cluster-jobflowinstancesconfig-instancegroupconfig.html) property type that specifies the constraints and rules of an automatic scaling policy in Amazon EMR . The automatic scaling policy defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. Only core and task instance groups can use automatic scaling policies. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) .", - "title": "AutoScalingPolicy" - }, - "BidPrice": { - "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", - "title": "BidPrice", + "Condition": { "type": "string" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", - "title": "Configurations", - "type": "array" - }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", - "title": "CustomAmiId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", - "markdownDescription": "EBS configurations that will be attached to each Amazon EC2 instance in the instance group.", - "title": "EbsConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InstanceCount": { - "markdownDescription": "Target number of instances for the instance group.", - "title": "InstanceCount", - "type": "number" + "Metadata": { + "type": "object" }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", - "title": "InstanceType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "PartitionCount": { + "markdownDescription": "The number of partitions. Valid only when *Strategy* is set to `partition` .", + "title": "PartitionCount", + "type": "number" + }, + "SpreadLevel": { + "markdownDescription": "Determines how placement groups spread instances.\n\n- Host \u2013 You can use `host` only with Outpost placement groups.\n- Rack \u2013 No usage restrictions.", + "title": "SpreadLevel", + "type": "string" + }, + "Strategy": { + "markdownDescription": "The placement strategy.", + "title": "Strategy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to apply to the new placement group.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "Market": { - "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", - "title": "Market", + "Type": { + "enum": [ + "AWS::EC2::PlacementGroup" + ], "type": "string" }, - "Name": { - "markdownDescription": "Friendly name given to the instance group.", - "title": "Name", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InstanceCount", - "InstanceType" + "Type" ], "type": "object" }, - "AWS::EMR::Cluster.InstanceTypeConfig": { + "AWS::EC2::PrefixList": { "additionalProperties": false, "properties": { - "BidPrice": { - "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPrice", + "Condition": { "type": "string" }, - "BidPriceAsPercentageOfOnDemandPrice": { - "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPriceAsPercentageOfOnDemandPrice", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" - }, - "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", - "title": "Configurations", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the instance type.", - "title": "CustomAmiId", - "type": "string" + "Metadata": { + "type": "object" }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", - "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", - "title": "EbsConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "AddressFamily": { + "markdownDescription": "The IP address type.\n\nValid Values: `IPv4` | `IPv6`", + "title": "AddressFamily", + "type": "string" + }, + "Entries": { + "items": { + "$ref": "#/definitions/AWS::EC2::PrefixList.Entry" + }, + "markdownDescription": "The entries for the prefix list.", + "title": "Entries", + "type": "array" + }, + "MaxEntries": { + "markdownDescription": "The maximum number of entries for the prefix list. You can't modify the entries and the size of a prefix list at the same time.\n\nThis property is required when you create a prefix list.", + "title": "MaxEntries", + "type": "number" + }, + "PrefixListName": { + "markdownDescription": "A name for the prefix list.\n\nConstraints: Up to 255 characters in length. The name cannot start with `com.amazonaws` .", + "title": "PrefixListName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the prefix list.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AddressFamily", + "PrefixListName" + ], + "type": "object" }, - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", - "title": "InstanceType", + "Type": { + "enum": [ + "AWS::EC2::PrefixList" + ], "type": "string" }, - "WeightedCapacity": { - "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", - "title": "WeightedCapacity", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "InstanceType" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.JobFlowInstancesConfig": { + "AWS::EC2::PrefixList.Entry": { "additionalProperties": false, "properties": { - "AdditionalMasterSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of additional Amazon EC2 security group IDs for the master node.", - "title": "AdditionalMasterSecurityGroups", - "type": "array" - }, - "AdditionalSlaveSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of additional Amazon EC2 security group IDs for the core and task nodes.", - "title": "AdditionalSlaveSecurityGroups", - "type": "array" - }, - "CoreInstanceFleet": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the core instance fleet when using clusters with the instance fleet configuration.", - "title": "CoreInstanceFleet" - }, - "CoreInstanceGroup": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for core instance groups when using clusters with the uniform instance group configuration.", - "title": "CoreInstanceGroup" - }, - "Ec2KeyName": { - "markdownDescription": "The name of the Amazon EC2 key pair that can be used to connect to the master node using SSH as the user called \"hadoop.\"", - "title": "Ec2KeyName", - "type": "string" - }, - "Ec2SubnetId": { - "markdownDescription": "Applies to clusters that use the uniform instance group configuration. To launch the cluster in Amazon Virtual Private Cloud (Amazon VPC), set this parameter to the identifier of the Amazon VPC subnet where you want the cluster to launch. If you do not specify this value and your account supports EC2-Classic, the cluster launches in EC2-Classic.", - "title": "Ec2SubnetId", + "Cidr": { + "markdownDescription": "The CIDR block.", + "title": "Cidr", "type": "string" }, - "Ec2SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.", - "title": "Ec2SubnetIds", - "type": "array" - }, - "EmrManagedMasterSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the master node. If you specify `EmrManagedMasterSecurityGroup` , you must also specify `EmrManagedSlaveSecurityGroup` .", - "title": "EmrManagedMasterSecurityGroup", + "Description": { + "markdownDescription": "A description for the entry.\n\nConstraints: Up to 255 characters in length.", + "title": "Description", "type": "string" - }, - "EmrManagedSlaveSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the core and task nodes. If you specify `EmrManagedSlaveSecurityGroup` , you must also specify `EmrManagedMasterSecurityGroup` .", - "title": "EmrManagedSlaveSecurityGroup", + } + }, + "required": [ + "Cidr" + ], + "type": "object" + }, + "AWS::EC2::Route": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "HadoopVersion": { - "markdownDescription": "Applies only to Amazon EMR release versions earlier than 4.0. The Hadoop version for the cluster. Valid inputs are \"0.18\" (no longer maintained), \"0.20\" (no longer maintained), \"0.20.205\" (no longer maintained), \"1.0.3\", \"2.2.0\", or \"2.4.0\". If you do not set this value, the default of 0.18 is used, unless the `AmiVersion` parameter is set in the RunJobFlow call, in which case the default version of Hadoop for that AMI version is used.", - "title": "HadoopVersion", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "KeepJobFlowAliveWhenNoSteps": { - "markdownDescription": "Specifies whether the cluster should remain available after completing all steps. Defaults to `false` . For more information about configuring cluster termination, see [Control Cluster Termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) in the *EMR Management Guide* .", - "title": "KeepJobFlowAliveWhenNoSteps", - "type": "boolean" - }, - "MasterInstanceFleet": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance fleet when using clusters with the instance fleet configuration.", - "title": "MasterInstanceFleet" - }, - "MasterInstanceGroup": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", - "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance group when using clusters with the uniform instance group configuration.", - "title": "MasterInstanceGroup" - }, - "Placement": { - "$ref": "#/definitions/AWS::EMR::Cluster.PlacementType", - "markdownDescription": "The Availability Zone in which the cluster runs.", - "title": "Placement" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ServiceAccessSecurityGroup": { - "markdownDescription": "The identifier of the Amazon EC2 security group for the Amazon EMR service to access clusters in VPC private subnets.", - "title": "ServiceAccessSecurityGroup", - "type": "string" + "Metadata": { + "type": "object" }, - "TaskInstanceFleets": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig" - }, - "markdownDescription": "Describes the EC2 instances and instance configurations for the task instance fleets when using clusters with the instance fleet configuration. These task instance fleets are added to the cluster as part of the cluster launch. Each task instance fleet must have a unique name specified so that CloudFormation can differentiate between the task instance fleets.\n\n> You can currently specify only one task instance fleet for a cluster. After creating the cluster, you can only modify the mutable properties of `InstanceFleetConfig` , which are `TargetOnDemandCapacity` and `TargetSpotCapacity` . Modifying any other property results in cluster replacement. > To allow a maximum of 30 Amazon EC2 instance types per fleet, include `TaskInstanceFleets` when you create your cluster. If you create your cluster without `TaskInstanceFleets` , Amazon EMR uses its default allocation strategy, which allows for a maximum of five Amazon EC2 instance types.", - "title": "TaskInstanceFleets", - "type": "array" - }, - "TaskInstanceGroups": { - "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig" + "Properties": { + "additionalProperties": false, + "properties": { + "CarrierGatewayId": { + "markdownDescription": "The ID of the carrier gateway.\n\nYou can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone.", + "title": "CarrierGatewayId", + "type": "string" + }, + "CoreNetworkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the core network.", + "title": "CoreNetworkArn", + "type": "string" + }, + "DestinationCidrBlock": { + "markdownDescription": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .", + "title": "DestinationCidrBlock", + "type": "string" + }, + "DestinationIpv6CidrBlock": { + "markdownDescription": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.", + "title": "DestinationIpv6CidrBlock", + "type": "string" + }, + "DestinationPrefixListId": { + "markdownDescription": "The ID of a prefix list used for the destination match.", + "title": "DestinationPrefixListId", + "type": "string" + }, + "EgressOnlyInternetGatewayId": { + "markdownDescription": "[IPv6 traffic only] The ID of an egress-only internet gateway.", + "title": "EgressOnlyInternetGatewayId", + "type": "string" + }, + "GatewayId": { + "markdownDescription": "The ID of an internet gateway or virtual private gateway attached to your VPC.", + "title": "GatewayId", + "type": "string" + }, + "InstanceId": { + "markdownDescription": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.", + "title": "InstanceId", + "type": "string" + }, + "LocalGatewayId": { + "markdownDescription": "The ID of the local gateway.", + "title": "LocalGatewayId", + "type": "string" + }, + "NatGatewayId": { + "markdownDescription": "[IPv4 traffic only] The ID of a NAT gateway.", + "title": "NatGatewayId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of a network interface.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "RouteTableId": { + "markdownDescription": "The ID of the route table for the route.", + "title": "RouteTableId", + "type": "string" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of a transit gateway.", + "title": "TransitGatewayId", + "type": "string" + }, + "VpcEndpointId": { + "markdownDescription": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcPeeringConnectionId": { + "markdownDescription": "The ID of a VPC peering connection.", + "title": "VpcPeeringConnectionId", + "type": "string" + } }, - "markdownDescription": "Describes the EC2 instances and instance configurations for task instance groups when using clusters with the uniform instance group configuration. These task instance groups are added to the cluster as part of the cluster launch. Each task instance group must have a unique name specified so that CloudFormation can differentiate between the task instance groups.\n\n> After creating the cluster, you can only modify the mutable properties of `InstanceGroupConfig` , which are `AutoScalingPolicy` and `InstanceCount` . Modifying any other property results in cluster replacement.", - "title": "TaskInstanceGroups", - "type": "array" - }, - "TerminationProtected": { - "markdownDescription": "Specifies whether to lock the cluster to prevent the Amazon EC2 instances from being terminated by API call, user intervention, or in the event of a job-flow error.", - "title": "TerminationProtected", - "type": "boolean" - }, - "UnhealthyNodeReplacement": { - "markdownDescription": "Indicates whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster.", - "title": "UnhealthyNodeReplacement", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.KerberosAttributes": { - "additionalProperties": false, - "properties": { - "ADDomainJoinPassword": { - "markdownDescription": "The Active Directory password for `ADDomainJoinUser` .", - "title": "ADDomainJoinPassword", - "type": "string" - }, - "ADDomainJoinUser": { - "markdownDescription": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.", - "title": "ADDomainJoinUser", - "type": "string" - }, - "CrossRealmTrustPrincipalPassword": { - "markdownDescription": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.", - "title": "CrossRealmTrustPrincipalPassword", - "type": "string" - }, - "KdcAdminPassword": { - "markdownDescription": "The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.", - "title": "KdcAdminPassword", - "type": "string" - }, - "Realm": { - "markdownDescription": "The name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL` .", - "title": "Realm", - "type": "string" - } - }, - "required": [ - "KdcAdminPassword", - "Realm" - ], - "type": "object" - }, - "AWS::EMR::Cluster.KeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The unique identifier of a key-value pair.", - "title": "Key", - "type": "string" + "required": [ + "RouteTableId" + ], + "type": "object" }, - "Value": { - "markdownDescription": "The value part of the identified key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.ManagedScalingPolicy": { - "additionalProperties": false, - "properties": { - "ComputeLimits": { - "$ref": "#/definitions/AWS::EMR::Cluster.ComputeLimits", - "markdownDescription": "The Amazon EC2 unit limits for a managed scaling policy. The managed scaling activity of a cluster is not allowed to go above or below these limits. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", - "title": "ComputeLimits" - } - }, - "type": "object" - }, - "AWS::EMR::Cluster.MetricDimension": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The dimension name.", - "title": "Key", + "Type": { + "enum": [ + "AWS::EC2::Route" + ], "type": "string" }, - "Value": { - "markdownDescription": "The dimension value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EMR::Cluster.OnDemandProvisioningSpecification": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", - "title": "AllocationStrategy", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AllocationStrategy" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.PlacementGroupConfig": { + "AWS::EC2::RouteServer": { "additionalProperties": false, "properties": { - "InstanceRole": { - "markdownDescription": "Role of the instance in the cluster.\n\nStarting with Amazon EMR release 5.23.0, the only supported instance role is `MASTER` .", - "title": "InstanceRole", + "Condition": { "type": "string" }, - "PlacementStrategy": { - "markdownDescription": "Amazon EC2 Placement Group strategy associated with instance role.\n\nStarting with Amazon EMR release 5.23.0, the only supported placement strategy is `SPREAD` for the `MASTER` instance role.", - "title": "PlacementStrategy", - "type": "string" - } - }, - "required": [ - "InstanceRole" - ], - "type": "object" - }, - "AWS::EMR::Cluster.PlacementType": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Amazon EC2 Availability Zone for the cluster. `AvailabilityZone` is used for uniform instance groups, while `AvailabilityZones` (plural) is used for instance fleets.", - "title": "AvailabilityZone", - "type": "string" - } - }, - "required": [ - "AvailabilityZone" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingAction": { - "additionalProperties": false, - "properties": { - "Market": { - "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", - "title": "Market", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SimpleScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::EMR::Cluster.SimpleScalingPolicyConfiguration", - "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", - "title": "SimpleScalingPolicyConfiguration" - } - }, - "required": [ - "SimpleScalingPolicyConfiguration" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingConstraints": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", - "title": "MaxCapacity", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MinCapacity": { - "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", - "title": "MinCapacity", - "type": "number" - } - }, - "required": [ - "MaxCapacity", - "MinCapacity" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingRule": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingAction", - "markdownDescription": "The conditions that trigger an automatic scaling activity.", - "title": "Action" + "Metadata": { + "type": "object" }, - "Description": { - "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", - "title": "Description", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AmazonSideAsn": { + "markdownDescription": "The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512\u201365534 (16-bit ASN) or 4200000000\u20134294967294 (32-bit ASN) range.", + "title": "AmazonSideAsn", + "type": "number" + }, + "PersistRoutes": { + "markdownDescription": "Indicates whether routes should be persisted after all BGP sessions are terminated.", + "title": "PersistRoutes", + "type": "string" + }, + "PersistRoutesDuration": { + "markdownDescription": "The number of minutes a route server will wait after BGP is re-established to unpersist the routes in the FIB and RIB. Value must be in the range of 1-5. The default value is 1. Only valid if `persistRoutesState` is 'enabled'.\n\nIf you set the duration to 1 minute, then when your network appliance re-establishes BGP with route server, it has 1 minute to relearn it's adjacent network and advertise those routes to route server before route server resumes normal functionality. In most cases, 1 minute is probably sufficient. If, however, you have concerns that your BGP network may not be capable of fully re-establishing and re-learning everything in 1 minute, you can increase the duration up to 5 minutes.", + "title": "PersistRoutesDuration", + "type": "number" + }, + "SnsNotificationsEnabled": { + "markdownDescription": "Indicates whether SNS notifications are enabled for the route server. Enabling SNS notifications persists BGP status changes to an SNS topic provisioned by AWS .", + "title": "SnsNotificationsEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the route server.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AmazonSideAsn" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", - "title": "Name", + "Type": { + "enum": [ + "AWS::EC2::RouteServer" + ], "type": "string" }, - "Trigger": { - "$ref": "#/definitions/AWS::EMR::Cluster.ScalingTrigger", - "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", - "title": "Trigger" - } - }, - "required": [ - "Action", - "Name", - "Trigger" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScalingTrigger": { - "additionalProperties": false, - "properties": { - "CloudWatchAlarmDefinition": { - "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchAlarmDefinition", - "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", - "title": "CloudWatchAlarmDefinition" - } - }, - "required": [ - "CloudWatchAlarmDefinition" - ], - "type": "object" - }, - "AWS::EMR::Cluster.ScriptBootstrapActionConfig": { - "additionalProperties": false, - "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments to pass to the bootstrap action script.", - "title": "Args", - "type": "array" - }, - "Path": { - "markdownDescription": "Location in Amazon S3 of the script to run during a bootstrap action.", - "title": "Path", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Path" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::Cluster.SimpleScalingPolicyConfiguration": { + "AWS::EC2::RouteServerAssociation": { "additionalProperties": false, "properties": { - "AdjustmentType": { - "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", - "title": "AdjustmentType", + "Condition": { "type": "string" }, - "CoolDown": { - "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", - "title": "CoolDown", - "type": "number" - }, - "ScalingAdjustment": { - "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", - "title": "ScalingAdjustment", - "type": "number" - } - }, - "required": [ - "ScalingAdjustment" - ], - "type": "object" - }, - "AWS::EMR::Cluster.SpotProvisioningSpecification": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", - "title": "AllocationStrategy", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BlockDurationMinutes": { - "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", - "title": "BlockDurationMinutes", - "type": "number" - }, - "TimeoutAction": { - "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", - "title": "TimeoutAction", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TimeoutDurationMinutes": { - "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", - "title": "TimeoutDurationMinutes", - "type": "number" - } - }, - "required": [ - "TimeoutAction", - "TimeoutDurationMinutes" - ], - "type": "object" - }, - "AWS::EMR::Cluster.StepConfig": { - "additionalProperties": false, - "properties": { - "ActionOnFailure": { - "markdownDescription": "The action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", - "title": "ActionOnFailure", - "type": "string" + "Metadata": { + "type": "object" }, - "HadoopJarStep": { - "$ref": "#/definitions/AWS::EMR::Cluster.HadoopJarStepConfig", - "markdownDescription": "The JAR file used for the step.", - "title": "HadoopJarStep" + "Properties": { + "additionalProperties": false, + "properties": { + "RouteServerId": { + "markdownDescription": "The ID of the associated route server.", + "title": "RouteServerId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the associated VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "RouteServerId", + "VpcId" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the step.", - "title": "Name", + "Type": { + "enum": [ + "AWS::EC2::RouteServerAssociation" + ], "type": "string" - } - }, - "required": [ - "HadoopJarStep", - "Name" - ], - "type": "object" - }, - "AWS::EMR::Cluster.VolumeSpecification": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" - }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", - "type": "number" - }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", - "type": "number" }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SizeInGB", - "VolumeType" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig": { + "AWS::EC2::RouteServerEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -88383,54 +96538,34 @@ "Properties": { "additionalProperties": false, "properties": { - "ClusterId": { - "markdownDescription": "The unique identifier of the EMR cluster.", - "title": "ClusterId", + "RouteServerId": { + "markdownDescription": "The ID of the route server associated with this endpoint.", + "title": "RouteServerId", "type": "string" }, - "InstanceFleetType": { - "markdownDescription": "The node type that the instance fleet hosts.\n\n*Allowed Values* : TASK", - "title": "InstanceFleetType", + "SubnetId": { + "markdownDescription": "The ID of the subnet to place the route server endpoint into.", + "title": "SubnetId", "type": "string" }, - "InstanceTypeConfigs": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceTypeConfig" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "`InstanceTypeConfigs` determine the EC2 instances that Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities.\n\n> The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.", - "title": "InstanceTypeConfigs", + "markdownDescription": "Any tags assigned to the route server endpoint.", + "title": "Tags", "type": "array" - }, - "LaunchSpecifications": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications", - "markdownDescription": "The launch specification for the instance fleet.", - "title": "LaunchSpecifications" - }, - "Name": { - "markdownDescription": "The friendly name of the instance fleet.", - "title": "Name", - "type": "string" - }, - "TargetOnDemandCapacity": { - "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetOnDemandCapacity", - "type": "number" - }, - "TargetSpotCapacity": { - "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", - "title": "TargetSpotCapacity", - "type": "number" } }, "required": [ - "ClusterId", - "InstanceFleetType" + "RouteServerId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::InstanceFleetConfig" + "AWS::EC2::RouteServerEndpoint" ], "type": "string" }, @@ -88449,212 +96584,258 @@ ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig.Configuration": { + "AWS::EC2::RouteServerPeer": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", + "Condition": { "type": "string" }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "ConfigurationProperties", + ] + }, + "Metadata": { "type": "object" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" + "Properties": { + "additionalProperties": false, + "properties": { + "BgpOptions": { + "$ref": "#/definitions/AWS::EC2::RouteServerPeer.BgpOptions", + "markdownDescription": "The BGP configuration options for this peer, including ASN (Autonomous System Number) and BFD (Bidrectional Forwarding Detection) settings.", + "title": "BgpOptions" + }, + "PeerAddress": { + "markdownDescription": "The IPv4 address of the peer device.", + "title": "PeerAddress", + "type": "string" + }, + "RouteServerEndpointId": { + "markdownDescription": "The ID of the route server endpoint associated with this peer.", + "title": "RouteServerEndpointId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the route server peer.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig": { - "additionalProperties": false, - "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" + "required": [ + "BgpOptions", + "PeerAddress", + "RouteServerEndpointId" + ], + "type": "object" }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", - "type": "number" + "Type": { + "enum": [ + "AWS::EC2::RouteServerPeer" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "VolumeSpecification" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig.EbsConfiguration": { - "additionalProperties": false, - "properties": { - "EbsBlockDeviceConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig" - }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", - "type": "array" - }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications": { + "AWS::EC2::RouteServerPeer.BgpOptions": { "additionalProperties": false, "properties": { - "OnDemandSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification", - "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", - "title": "OnDemandSpecification" + "PeerAsn": { + "markdownDescription": "The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512\u201365534 (16-bit ASN) or 4200000000\u20134294967294 (32-bit ASN) range.", + "title": "PeerAsn", + "type": "number" }, - "SpotSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification", - "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", - "title": "SpotSpecification" + "PeerLivenessDetection": { + "markdownDescription": "The liveness detection protocol used for the BGP peer.\n\nThe requested liveness detection protocol for the BGP peer.\n\n- `bgp-keepalive` : The standard BGP keep alive mechanism ( [RFC4271](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc4271#page-21) ) that is stable but may take longer to fail-over in cases of network impact or router failure.\n- `bfd` : An additional Bidirectional Forwarding Detection (BFD) protocol ( [RFC5880](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc5880) ) that enables fast failover by using more sensitive liveness detection.\n\nDefaults to `bgp-keepalive` .", + "title": "PeerLivenessDetection", + "type": "string" } }, "type": "object" }, - "AWS::EMR::InstanceFleetConfig.InstanceTypeConfig": { + "AWS::EC2::RouteServerPropagation": { "additionalProperties": false, "properties": { - "BidPrice": { - "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPrice", + "Condition": { "type": "string" }, - "BidPriceAsPercentageOfOnDemandPrice": { - "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", - "title": "BidPriceAsPercentageOfOnDemandPrice", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" - }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nAn optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see [Configuring Applications](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) .", - "title": "Configurations", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the instance type.", - "title": "CustomAmiId", - "type": "string" + "Metadata": { + "type": "object" }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsConfiguration", - "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", - "title": "EbsConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "RouteServerId": { + "markdownDescription": "The ID of the route server configured for route propagation.", + "title": "RouteServerId", + "type": "string" + }, + "RouteTableId": { + "markdownDescription": "The ID of the route table configured for route server propagation.", + "title": "RouteTableId", + "type": "string" + } + }, + "required": [ + "RouteServerId", + "RouteTableId" + ], + "type": "object" }, - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", - "title": "InstanceType", + "Type": { + "enum": [ + "AWS::EC2::RouteServerPropagation" + ], "type": "string" }, - "WeightedCapacity": { - "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", - "title": "WeightedCapacity", - "type": "number" - } - }, - "required": [ - "InstanceType" - ], - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", - "title": "AllocationStrategy", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AllocationStrategy" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification": { + "AWS::EC2::RouteTable": { "additionalProperties": false, "properties": { - "AllocationStrategy": { - "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", - "title": "AllocationStrategy", + "Condition": { "type": "string" }, - "BlockDurationMinutes": { - "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", - "title": "BlockDurationMinutes", - "type": "number" - }, - "TimeoutAction": { - "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", - "title": "TimeoutAction", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TimeoutDurationMinutes": { - "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", - "title": "TimeoutDurationMinutes", - "type": "number" - } - }, - "required": [ - "TimeoutAction", - "TimeoutDurationMinutes" - ], - "type": "object" - }, - "AWS::EMR::InstanceFleetConfig.VolumeSpecification": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", - "type": "number" + "Metadata": { + "type": "object" }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the route table.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "VpcId" + ], + "type": "object" }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", + "Type": { + "enum": [ + "AWS::EC2::RouteTable" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SizeInGB", - "VolumeType" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig": { + "AWS::EC2::SecurityGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -88689,76 +96870,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.AutoScalingPolicy", - "markdownDescription": "`AutoScalingPolicy` is a subproperty of `InstanceGroupConfig` . `AutoScalingPolicy` defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) in the *Amazon EMR Management Guide* .", - "title": "AutoScalingPolicy" + "GroupDescription": { + "markdownDescription": "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", + "title": "GroupDescription", + "type": "string" }, - "BidPrice": { - "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", - "title": "BidPrice", + "GroupName": { + "markdownDescription": "The name of the security group. Names are case-insensitive and must be unique within the VPC.\n\nConstraints: Up to 255 characters in length. Can't start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", + "title": "GroupName", "type": "string" }, - "Configurations": { + "SecurityGroupEgress": { "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" + "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" }, - "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", - "title": "Configurations", + "markdownDescription": "The outbound rules associated with the security group.", + "title": "SecurityGroupEgress", "type": "array" }, - "CustomAmiId": { - "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", - "title": "CustomAmiId", - "type": "string" - }, - "EbsConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsConfiguration", - "markdownDescription": "`EbsConfiguration` determines the EBS volumes to attach to EMR cluster instances.", - "title": "EbsConfiguration" - }, - "InstanceCount": { - "markdownDescription": "Target number of instances for the instance group.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceRole": { - "markdownDescription": "The role of the instance group in the cluster.\n\n*Allowed Values* : TASK", - "title": "InstanceRole", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", - "title": "InstanceType", - "type": "string" - }, - "JobFlowId": { - "markdownDescription": "The ID of an Amazon EMR cluster that you want to associate this instance group with.", - "title": "JobFlowId", - "type": "string" + "SecurityGroupIngress": { + "items": { + "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" + }, + "markdownDescription": "The inbound rules associated with the security group.", + "title": "SecurityGroupIngress", + "type": "array" }, - "Market": { - "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", - "title": "Market", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the security group.", + "title": "Tags", + "type": "array" }, - "Name": { - "markdownDescription": "Friendly name given to the instance group.", - "title": "Name", + "VpcId": { + "markdownDescription": "The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.", + "title": "VpcId", "type": "string" } }, "required": [ - "InstanceCount", - "InstanceRole", - "InstanceType", - "JobFlowId" + "GroupDescription" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::InstanceGroupConfig" + "AWS::EC2::SecurityGroup" ], "type": "string" }, @@ -88777,316 +96936,115 @@ ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.AutoScalingPolicy": { + "AWS::EC2::SecurityGroup.Egress": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingConstraints", - "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", - "title": "Constraints" + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", + "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingRule" - }, - "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", - "title": "Rules", - "type": "array" + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", + "type": "string" + }, + "DestinationPrefixListId": { + "markdownDescription": "The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationPrefixListId", + "type": "string" + }, + "DestinationSecurityGroupId": { + "markdownDescription": "The ID of the destination VPC security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationSecurityGroupId", + "type": "string" + }, + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", + "type": "number" + }, + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", + "type": "string" + }, + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", + "type": "number" } }, "required": [ - "Constraints", - "Rules" + "IpProtocol" ], "type": "object" }, - "AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition": { + "AWS::EC2::SecurityGroup.Ingress": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", - "title": "ComparisonOperator", - "type": "string" - }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.MetricDimension" - }, - "markdownDescription": "A CloudWatch metric dimension.", - "title": "Dimensions", - "type": "array" - }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", - "title": "EvaluationPeriods", - "type": "number" - }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", - "title": "MetricName", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", - "title": "Namespace", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", "type": "string" }, - "Period": { - "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", - "title": "Period", - "type": "number" - }, - "Statistic": { - "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", - "title": "Statistic", + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", "type": "string" }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", - "type": "number" - }, - "Unit": { - "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "ComparisonOperator", - "MetricName", - "Period", - "Threshold" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.Configuration": { - "additionalProperties": false, - "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", + "Description": { + "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", "type": "string" }, - "ConfigurationProperties": { - "additionalProperties": true, - "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConfigurationProperties", - "type": "object" - }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" - }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig": { - "additionalProperties": false, - "properties": { - "VolumeSpecification": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.VolumeSpecification", - "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", - "title": "VolumeSpecification" - }, - "VolumesPerInstance": { - "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", - "title": "VolumesPerInstance", + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", "type": "number" - } - }, - "required": [ - "VolumeSpecification" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.EbsConfiguration": { - "additionalProperties": false, - "properties": { - "EbsBlockDeviceConfigs": { - "items": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig" - }, - "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", - "title": "EbsBlockDeviceConfigs", - "type": "array" }, - "EbsOptimized": { - "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", - "title": "EbsOptimized", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.MetricDimension": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The dimension name.", - "title": "Key", + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" }, - "Value": { - "markdownDescription": "The dimension value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.ScalingAction": { - "additionalProperties": false, - "properties": { - "Market": { - "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", - "title": "Market", + "SourcePrefixListId": { + "markdownDescription": "The ID of a prefix list.", + "title": "SourcePrefixListId", "type": "string" }, - "SimpleScalingPolicyConfiguration": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration", - "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", - "title": "SimpleScalingPolicyConfiguration" - } - }, - "required": [ - "SimpleScalingPolicyConfiguration" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.ScalingConstraints": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", - "title": "MaxCapacity", - "type": "number" - }, - "MinCapacity": { - "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", - "title": "MinCapacity", - "type": "number" - } - }, - "required": [ - "MaxCapacity", - "MinCapacity" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.ScalingRule": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingAction", - "markdownDescription": "The conditions that trigger an automatic scaling activity.", - "title": "Action" - }, - "Description": { - "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", - "title": "Description", + "SourceSecurityGroupId": { + "markdownDescription": "The ID of the security group.", + "title": "SourceSecurityGroupId", "type": "string" }, - "Name": { - "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", - "title": "Name", + "SourceSecurityGroupName": { + "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", + "title": "SourceSecurityGroupName", "type": "string" }, - "Trigger": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingTrigger", - "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", - "title": "Trigger" - } - }, - "required": [ - "Action", - "Name", - "Trigger" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.ScalingTrigger": { - "additionalProperties": false, - "properties": { - "CloudWatchAlarmDefinition": { - "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition", - "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", - "title": "CloudWatchAlarmDefinition" - } - }, - "required": [ - "CloudWatchAlarmDefinition" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration": { - "additionalProperties": false, - "properties": { - "AdjustmentType": { - "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", - "title": "AdjustmentType", + "SourceSecurityGroupOwnerId": { + "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", + "title": "SourceSecurityGroupOwnerId", "type": "string" }, - "CoolDown": { - "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", - "title": "CoolDown", - "type": "number" - }, - "ScalingAdjustment": { - "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", - "title": "ScalingAdjustment", - "type": "number" - } - }, - "required": [ - "ScalingAdjustment" - ], - "type": "object" - }, - "AWS::EMR::InstanceGroupConfig.VolumeSpecification": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", - "title": "Iops", - "type": "number" - }, - "SizeInGB": { - "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", - "title": "SizeInGB", - "type": "number" - }, - "Throughput": { - "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", - "title": "Throughput", + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", - "title": "VolumeType", - "type": "string" } }, "required": [ - "SizeInGB", - "VolumeType" + "IpProtocol" ], "type": "object" }, - "AWS::EMR::SecurityConfiguration": { + "AWS::EC2::SecurityGroupEgress": { "additionalProperties": false, "properties": { "Condition": { @@ -89121,110 +97079,61 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the security configuration.", - "title": "Name", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", "type": "string" }, - "SecurityConfiguration": { - "markdownDescription": "The security configuration details in JSON format. For JSON parameters and examples, see [Use Security Configurations to Set Up Cluster Security](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-security-configurations.html) in the *Amazon EMR Management Guide* .", - "title": "SecurityConfiguration", - "type": "object" - } - }, - "required": [ - "SecurityConfiguration" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::EMR::SecurityConfiguration" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::EMR::Step": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ActionOnFailure": { - "markdownDescription": "This specifies what action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", - "title": "ActionOnFailure", + "Description": { + "markdownDescription": "The description of an egress (outbound) security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", + "title": "Description", "type": "string" }, - "HadoopJarStep": { - "$ref": "#/definitions/AWS::EMR::Step.HadoopJarStepConfig", - "markdownDescription": "The `HadoopJarStepConfig` property type specifies a job flow step consisting of a JAR file whose main function will be executed. The main function submits a job for the cluster to execute as a step on the master node, and then waits for the job to finish or fail before executing subsequent steps.", - "title": "HadoopJarStep" + "DestinationPrefixListId": { + "markdownDescription": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationPrefixListId", + "type": "string" }, - "JobFlowId": { - "markdownDescription": "A string that uniquely identifies the cluster (job flow).", - "title": "JobFlowId", + "DestinationSecurityGroupId": { + "markdownDescription": "The ID of the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", + "title": "DestinationSecurityGroupId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the cluster step.", - "title": "Name", + "FromPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "title": "FromPort", + "type": "number" + }, + "GroupId": { + "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.", + "title": "GroupId", + "type": "string" + }, + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" + }, + "ToPort": { + "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "title": "ToPort", + "type": "number" } }, "required": [ - "ActionOnFailure", - "HadoopJarStep", - "JobFlowId", - "Name" + "GroupId", + "IpProtocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::Step" + "AWS::EC2::SecurityGroupEgress" ], "type": "string" }, @@ -89243,58 +97152,7 @@ ], "type": "object" }, - "AWS::EMR::Step.HadoopJarStepConfig": { - "additionalProperties": false, - "properties": { - "Args": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", - "title": "Args", - "type": "array" - }, - "Jar": { - "markdownDescription": "A path to a JAR file run during the step.", - "title": "Jar", - "type": "string" - }, - "MainClass": { - "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", - "title": "MainClass", - "type": "string" - }, - "StepProperties": { - "items": { - "$ref": "#/definitions/AWS::EMR::Step.KeyValue" - }, - "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.", - "title": "StepProperties", - "type": "array" - } - }, - "required": [ - "Jar" - ], - "type": "object" - }, - "AWS::EMR::Step.KeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The unique identifier of a key-value pair.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value part of the identified key.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::EMR::Studio": { + "AWS::EC2::SecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { @@ -89329,113 +97187,75 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthMode": { - "markdownDescription": "Specifies whether the Studio authenticates users using IAM Identity Center or IAM.", - "title": "AuthMode", + "CidrIp": { + "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIp", "type": "string" }, - "DefaultS3Location": { - "markdownDescription": "The Amazon S3 location to back up EMR Studio Workspaces and notebook files.", - "title": "DefaultS3Location", + "CidrIpv6": { + "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", + "title": "CidrIpv6", "type": "string" }, "Description": { - "markdownDescription": "A detailed description of the Amazon EMR Studio.", + "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", "title": "Description", "type": "string" }, - "EncryptionKeyArn": { - "markdownDescription": "The AWS KMS key identifier (ARN) used to encrypt Amazon EMR Studio workspace and notebook files when backed up to Amazon S3.", - "title": "EncryptionKeyArn", - "type": "string" - }, - "EngineSecurityGroupId": { - "markdownDescription": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `VpcId` .", - "title": "EngineSecurityGroupId", - "type": "string" - }, - "IdcInstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance the Studio application belongs to.", - "title": "IdcInstanceArn", - "type": "string" + "FromPort": { + "markdownDescription": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "title": "FromPort", + "type": "number" }, - "IdcUserAssignment": { - "markdownDescription": "Indicates whether the Studio has `REQUIRED` or `OPTIONAL` IAM Identity Center user assignment. If the value is set to `REQUIRED` , users must be explicitly assigned to the Studio application to access the Studio.", - "title": "IdcUserAssignment", + "GroupId": { + "markdownDescription": "The ID of the security group.", + "title": "GroupId", "type": "string" }, - "IdpAuthUrl": { - "markdownDescription": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.", - "title": "IdpAuthUrl", + "GroupName": { + "markdownDescription": "[Default VPC] The name of the security group. For security groups for a default VPC you can specify either the ID or the name of the security group. For security groups for a nondefault VPC, you must specify the ID of the security group.", + "title": "GroupName", "type": "string" }, - "IdpRelayStateParameterName": { - "markdownDescription": "The name of your identity provider's `RelayState` parameter.", - "title": "IdpRelayStateParameterName", + "IpProtocol": { + "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "title": "IpProtocol", "type": "string" }, - "Name": { - "markdownDescription": "A descriptive name for the Amazon EMR Studio.", - "title": "Name", + "SourcePrefixListId": { + "markdownDescription": "The ID of a prefix list.", + "title": "SourcePrefixListId", "type": "string" }, - "ServiceRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services.", - "title": "ServiceRole", + "SourceSecurityGroupId": { + "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", + "title": "SourceSecurityGroupId", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `VpcId` . Studio users can create a Workspace in any of the specified subnets.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "TrustedIdentityPropagationEnabled": { - "markdownDescription": "Indicates whether the Studio has Trusted identity propagation enabled. The default value is `false` .", - "title": "TrustedIdentityPropagationEnabled", - "type": "boolean" - }, - "UserRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify `UserRole` when you set `AuthMode` to `SSO` .", - "title": "UserRole", + "SourceSecurityGroupName": { + "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", + "title": "SourceSecurityGroupName", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.", - "title": "VpcId", + "SourceSecurityGroupOwnerId": { + "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", + "title": "SourceSecurityGroupOwnerId", "type": "string" }, - "WorkspaceSecurityGroupId": { - "markdownDescription": "The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.", - "title": "WorkspaceSecurityGroupId", - "type": "string" + "ToPort": { + "markdownDescription": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "title": "ToPort", + "type": "number" } }, "required": [ - "AuthMode", - "DefaultS3Location", - "EngineSecurityGroupId", - "Name", - "ServiceRole", - "SubnetIds", - "VpcId", - "WorkspaceSecurityGroupId" + "IpProtocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::Studio" + "AWS::EC2::SecurityGroupIngress" ], "type": "string" }, @@ -89454,7 +97274,7 @@ ], "type": "object" }, - "AWS::EMR::StudioSessionMapping": { + "AWS::EC2::SecurityGroupVpcAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -89489,38 +97309,26 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityName": { - "markdownDescription": "The name of the user or group. For more information, see [UserName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) and [DisplayName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) in the *IAM Identity Center Identity Store API Reference* .", - "title": "IdentityName", - "type": "string" - }, - "IdentityType": { - "markdownDescription": "Specifies whether the identity to map to the Amazon EMR Studio is a user or a group.", - "title": "IdentityType", - "type": "string" - }, - "SessionPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles. For more information, see [Create an EMR Studio user role with session policies](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-user-role.html) in the *Amazon EMR Management Guide* .", - "title": "SessionPolicyArn", + "GroupId": { + "markdownDescription": "The association's security group ID.", + "title": "GroupId", "type": "string" }, - "StudioId": { - "markdownDescription": "The ID of the Amazon EMR Studio to which the user or group will be mapped.", - "title": "StudioId", + "VpcId": { + "markdownDescription": "The association's VPC ID.", + "title": "VpcId", "type": "string" } }, "required": [ - "IdentityName", - "IdentityType", - "SessionPolicyArn", - "StudioId" + "GroupId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::StudioSessionMapping" + "AWS::EC2::SecurityGroupVpcAssociation" ], "type": "string" }, @@ -89539,7 +97347,7 @@ ], "type": "object" }, - "AWS::EMR::WALWorkspace": { + "AWS::EC2::SnapshotBlockPublicAccess": { "additionalProperties": false, "properties": { "Condition": { @@ -89574,25 +97382,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - }, - "WALWorkspaceName": { - "markdownDescription": "", - "title": "WALWorkspaceName", + "State": { + "markdownDescription": "The mode in which to enable block public access for snapshots for the Region. Specify one of the following values:\n\n- `block-all-sharing` - Prevents all public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. Additionally, snapshots that are already publicly shared are treated as private and they are no longer publicly available.\n\n> If you enable block public access for snapshots in `block-all-sharing` mode, it does not change the permissions for snapshots that are already publicly shared. Instead, it prevents these snapshots from be publicly visible and publicly accessible. Therefore, the attributes for these snapshots still indicate that they are publicly shared, even though they are not publicly available.\n- `block-new-sharing` - Prevents only new public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. However, snapshots that are already publicly shared, remain publicly available.", + "title": "State", "type": "string" } }, + "required": [ + "State" + ], "type": "object" }, "Type": { "enum": [ - "AWS::EMR::WALWorkspace" + "AWS::EC2::SnapshotBlockPublicAccess" ], "type": "string" }, @@ -89606,11 +97409,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster": { + "AWS::EC2::SpotFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -89645,34 +97449,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerProvider": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerProvider", - "markdownDescription": "The container provider of the virtual cluster.", - "title": "ContainerProvider" - }, - "Name": { - "markdownDescription": "The name of the virtual cluster.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "SpotFleetRequestConfigData": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetRequestConfigData", + "markdownDescription": "Describes the configuration of a Spot Fleet request.", + "title": "SpotFleetRequestConfigData" } }, "required": [ - "ContainerProvider", - "Name" + "SpotFleetRequestConfigData" ], "type": "object" }, "Type": { "enum": [ - "AWS::EMRContainers::VirtualCluster" + "AWS::EC2::SpotFleet" ], "type": "string" }, @@ -89691,513 +97481,1020 @@ ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster.ContainerInfo": { + "AWS::EC2::SpotFleet.AcceleratorCountRequest": { "additionalProperties": false, "properties": { - "EksInfo": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.EksInfo", - "markdownDescription": "The information about the Amazon EKS cluster.", - "title": "EksInfo" + "Max": { + "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "EksInfo" - ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster.ContainerProvider": { + "AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID of the container cluster.\n\n*Minimum* : 1\n\n*Maximum* : 100\n\n*Pattern* : `^[0-9A-Za-z][A-Za-z0-9\\-_]*`", - "title": "Id", - "type": "string" + "Max": { + "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Info": { - "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerInfo", - "markdownDescription": "The information about the container cluster.", - "title": "Info" + "Min": { + "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" }, - "Type": { - "markdownDescription": "The type of the container provider. Amazon EKS is the only supported type as of now.", - "title": "Type", - "type": "string" + "Min": { + "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" } }, - "required": [ - "Id", - "Info", - "Type" - ], "type": "object" }, - "AWS::EMRContainers::VirtualCluster.EksInfo": { + "AWS::EC2::SpotFleet.BaselinePerformanceFactorsRequest": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "The namespaces of the EKS cluster.\n\n*Minimum* : 1\n\n*Maximum* : 63\n\n*Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?`", - "title": "Namespace", - "type": "string" + "Cpu": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.CpuPerformanceFactorRequest", + "markdownDescription": "The CPU performance to consider, using an instance family as the baseline reference.", + "title": "Cpu" } }, - "required": [ - "Namespace" - ], "type": "object" }, - "AWS::EMRServerless::Application": { + "AWS::EC2::SpotFleet.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeviceName": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "DeviceName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Architecture": { - "markdownDescription": "The CPU architecture of an application.", - "title": "Architecture", - "type": "string" - }, - "AutoStartConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStartConfiguration", - "markdownDescription": "The configuration for an application to automatically start on job submission.", - "title": "AutoStartConfiguration" - }, - "AutoStopConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStopConfiguration", - "markdownDescription": "The configuration for an application to automatically stop after a certain amount of time being idle.", - "title": "AutoStopConfiguration" - }, - "ImageConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", - "markdownDescription": "The image configuration applied to all worker types.", - "title": "ImageConfiguration" - }, - "InitialCapacity": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair" - }, - "markdownDescription": "The initial capacity of the application.", - "title": "InitialCapacity", - "type": "array" - }, - "MaximumCapacity": { - "$ref": "#/definitions/AWS::EMRServerless::Application.MaximumAllowedResources", - "markdownDescription": "The maximum capacity of the application. This is cumulative across all workers at any given point in time during the lifespan of the application is created. No new resources will be created once any one of the defined limits is hit.", - "title": "MaximumCapacity" - }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", - "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", - "title": "MonitoringConfiguration" - }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", - "type": "string" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.NetworkConfiguration", - "markdownDescription": "The network configuration for customer VPC connectivity for the application.", - "title": "NetworkConfiguration" - }, - "ReleaseLabel": { - "markdownDescription": "The EMR release associated with the application.", - "title": "ReleaseLabel", - "type": "string" - }, - "RuntimeConfiguration": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" - }, - "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", - "title": "RuntimeConfiguration", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the application.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of application, such as Spark or Hive.", - "title": "Type", - "type": "string" - }, - "WorkerTypeSpecifications": { - "additionalProperties": false, - "markdownDescription": "The specification applied to each worker type.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerTypeSpecificationInput" - } - }, - "title": "WorkerTypeSpecifications", - "type": "object" - } - }, - "required": [ - "ReleaseLabel", - "Type" - ], - "type": "object" + "Ebs": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.EbsBlockDevice", + "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", + "title": "Ebs" }, - "Type": { - "enum": [ - "AWS::EMRServerless::Application" - ], + "NoDevice": { + "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", + "title": "NoDevice", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VirtualName": { + "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", + "title": "VirtualName", "type": "string" } }, "required": [ - "Type", - "Properties" + "DeviceName" ], "type": "object" }, - "AWS::EMRServerless::Application.AutoStartConfiguration": { + "AWS::EC2::SpotFleet.ClassicLoadBalancer": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables the application to automatically start on job submission.", - "title": "Enabled", - "type": "boolean" + "Name": { + "markdownDescription": "The name of the load balancer.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::EMRServerless::Application.AutoStopConfiguration": { + "AWS::EC2::SpotFleet.ClassicLoadBalancersConfig": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables the application to automatically stop after a certain amount of time being idle. Defaults to true.", - "title": "Enabled", - "type": "boolean" - }, - "IdleTimeoutMinutes": { - "markdownDescription": "The amount of idle time in minutes after which your application will automatically stop. Defaults to 15 minutes.", - "title": "IdleTimeoutMinutes", - "type": "number" + "ClassicLoadBalancers": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancer" + }, + "markdownDescription": "One or more Classic Load Balancers.", + "title": "ClassicLoadBalancers", + "type": "array" } }, + "required": [ + "ClassicLoadBalancers" + ], "type": "object" }, - "AWS::EMRServerless::Application.CloudWatchLoggingConfiguration": { + "AWS::EC2::SpotFleet.CpuPerformanceFactorRequest": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables CloudWatch logging.", - "title": "Enabled", + "References": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.PerformanceFactorReferenceRequest" + }, + "markdownDescription": "Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences.\n\n> Currently, only one instance family can be specified in the list.", + "title": "References", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.EbsBlockDevice": { + "additionalProperties": false, + "properties": { + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", + "title": "DeleteOnTermination", "type": "boolean" }, - "EncryptionKeyArn": { - "markdownDescription": "The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.", - "title": "EncryptionKeyArn", - "type": "string" + "Encrypted": { + "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\nThis parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", + "title": "Encrypted", + "type": "boolean" }, - "LogGroupName": { - "markdownDescription": "The name of the log group in Amazon CloudWatch Logs where you want to publish your logs.", - "title": "LogGroupName", - "type": "string" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", + "title": "Iops", + "type": "number" }, - "LogStreamNamePrefix": { - "markdownDescription": "Prefix for the CloudWatch log stream name.", - "title": "LogStreamNamePrefix", + "SnapshotId": { + "markdownDescription": "The ID of the snapshot.", + "title": "SnapshotId", "type": "string" }, - "LogTypeMap": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.LogTypeMapKeyValuePair" - }, - "markdownDescription": "", - "title": "LogTypeMap", - "type": "array" + "VolumeSize": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::EMRServerless::Application.ConfigurationObject": { + "AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", + "title": "LaunchTemplateId", "type": "string" }, - "Configurations": { - "items": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" - }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", - "type": "array" + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", + "title": "LaunchTemplateName", + "type": "string" }, - "Properties": { - "additionalProperties": true, - "markdownDescription": "A set of properties specified within a configuration classification.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Properties", - "type": "object" + "Version": { + "markdownDescription": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", + "title": "Version", + "type": "string" } }, "required": [ - "Classification" + "Version" ], "type": "object" }, - "AWS::EMRServerless::Application.ImageConfigurationInput": { + "AWS::EC2::SpotFleet.GroupIdentifier": { "additionalProperties": false, "properties": { - "ImageUri": { - "markdownDescription": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration.", - "title": "ImageUri", + "GroupId": { + "markdownDescription": "The ID of the security group.", + "title": "GroupId", "type": "string" } }, + "required": [ + "GroupId" + ], "type": "object" }, - "AWS::EMRServerless::Application.InitialCapacityConfig": { + "AWS::EC2::SpotFleet.IamInstanceProfileSpecification": { "additionalProperties": false, "properties": { - "WorkerConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerConfiguration", - "markdownDescription": "The resource configuration of the initial capacity configuration.", - "title": "WorkerConfiguration" - }, - "WorkerCount": { - "markdownDescription": "The number of workers in the initial capacity configuration.", - "title": "WorkerCount", - "type": "number" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", + "title": "Arn", + "type": "string" } }, - "required": [ - "WorkerConfiguration", - "WorkerCount" - ], "type": "object" }, - "AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair": { + "AWS::EC2::SpotFleet.InstanceIpv6Address": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "Ipv6Address": { + "markdownDescription": "The IPv6 address.", + "title": "Ipv6Address", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfig", - "markdownDescription": "", - "title": "Value" } }, "required": [ - "Key", - "Value" + "Ipv6Address" ], "type": "object" }, - "AWS::EMRServerless::Application.LogTypeMapKeyValuePair": { + "AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "AssociatePublicIpAddress": { + "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "DeleteOnTermination": { + "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Description", "type": "string" }, - "Value": { + "DeviceIndex": { + "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you specify a network interface when launching an instance, you must specify the device index.", + "title": "DeviceIndex", + "type": "number" + }, + "Groups": { "items": { "type": "string" }, - "markdownDescription": "", - "title": "Value", + "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", + "title": "Groups", + "type": "array" + }, + "Ipv6AddressCount": { + "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6AddressCount", + "type": "number" + }, + "Ipv6Addresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceIpv6Address" + }, + "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", + "title": "Ipv6Addresses", + "type": "array" + }, + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.\n\nIf you are creating a Spot Fleet, omit this parameter because you can\u2019t specify a network interface ID in a launch specification.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddresses": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.PrivateIpAddressSpecification" + }, + "markdownDescription": "The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request.", + "title": "PrivateIpAddresses", "type": "array" + }, + "SecondaryPrivateIpAddressCount": { + "markdownDescription": "The number of secondary private IPv4 addresses. You can\u2019t specify this parameter and also specify a secondary private IP address using the `PrivateIpAddress` parameter.", + "title": "SecondaryPrivateIpAddressCount", + "type": "number" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet associated with the network interface.", + "title": "SubnetId", + "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration": { + "AWS::EC2::SpotFleet.InstanceRequirementsRequest": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", - "title": "Enabled", - "type": "boolean" + "AcceleratorCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorCountRequest", + "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorCount" }, - "EncryptionKeyArn": { - "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", - "title": "EncryptionKeyArn", + "AcceleratorManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", + "title": "AcceleratorManufacturers", + "type": "array" + }, + "AcceleratorNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", + "title": "AcceleratorNames", + "type": "array" + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", + "title": "AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with Inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", + "title": "AcceleratorTypes", + "type": "array" + }, + "AllowedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", + "title": "AllowedInstanceTypes", + "type": "array" + }, + "BareMetal": { + "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BareMetal", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest", + "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "BaselineEbsBandwidthMbps" + }, + "BaselinePerformanceFactors": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselinePerformanceFactorsRequest", + "markdownDescription": "The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* .", + "title": "BaselinePerformanceFactors" + }, + "BurstablePerformance": { + "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", + "title": "BurstablePerformance", + "type": "string" + }, + "CpuManufacturers": { + "items": { + "type": "string" + }, + "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n- For instance types with Apple CPUs, specify `apple` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", + "title": "CpuManufacturers", + "type": "array" + }, + "ExcludedInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", + "title": "ExcludedInstanceTypes", + "type": "array" + }, + "InstanceGenerations": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", + "title": "InstanceGenerations", + "type": "array" + }, + "LocalStorage": { + "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", + "title": "LocalStorage", "type": "string" + }, + "LocalStorageTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", + "title": "LocalStorageTypes", + "type": "array" + }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", + "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", + "type": "number" + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest", + "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", + "title": "MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryMiBRequest", + "markdownDescription": "The minimum and maximum amount of memory, in MiB.", + "title": "MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest", + "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", + "title": "NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkInterfaceCountRequest", + "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", + "title": "NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", + "title": "OnDemandMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "RequireHibernateSupport": { + "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", + "title": "RequireHibernateSupport", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", + "title": "SpotMaxPricePercentageOverLowestPrice", + "type": "number" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TotalLocalStorageGBRequest", + "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", + "title": "TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.VCpuCountRangeRequest", + "markdownDescription": "The minimum and maximum number of vCPUs.", + "title": "VCpuCount" } }, "type": "object" }, - "AWS::EMRServerless::Application.MaximumAllowedResources": { + "AWS::EC2::SpotFleet.LaunchTemplateConfig": { "additionalProperties": false, "properties": { - "Cpu": { - "markdownDescription": "The maximum allowed CPU for an application.", - "title": "Cpu", + "LaunchTemplateSpecification": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification", + "markdownDescription": "The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet.", + "title": "LaunchTemplateSpecification" + }, + "Overrides": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateOverrides" + }, + "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.", + "title": "Overrides", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.LaunchTemplateOverrides": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which to launch the instances.", + "title": "AvailabilityZone", "type": "string" }, - "Disk": { - "markdownDescription": "The maximum allowed disk for an application.", - "title": "Disk", + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", + "markdownDescription": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type.", + "title": "InstanceType", "type": "string" }, - "Memory": { - "markdownDescription": "The maximum allowed resources for an application.", - "title": "Memory", + "Priority": { + "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", + "title": "Priority", + "type": "number" + }, + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in which to launch the instances.", + "title": "SubnetId", + "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.LoadBalancersConfig": { + "additionalProperties": false, + "properties": { + "ClassicLoadBalancersConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancersConfig", + "markdownDescription": "The Classic Load Balancers.", + "title": "ClassicLoadBalancersConfig" + }, + "TargetGroupsConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroupsConfig", + "markdownDescription": "The target groups.", + "title": "TargetGroupsConfig" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.MemoryMiBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.NetworkInterfaceCountRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.PerformanceFactorReferenceRequest": { + "additionalProperties": false, + "properties": { + "InstanceFamily": { + "markdownDescription": "The instance family to use as a baseline reference.\n\n> Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . \n\nThe following instance families are *not supported* for performance protection:\n\n- `c1`\n- `g3` | `g3s`\n- `hpc7g`\n- `m1` | `m2`\n- `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro`\n- `p3dn` | `p4d` | `p5`\n- `t1`\n- `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb`\n\nIf you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families.\n\nIf you specify an unsupported instance family as a value for baseline performance, the API returns an empty response for [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) and an exception for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , [ModifyFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html) , and [ModifySpotFleetRequest](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html) .", + "title": "InstanceFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.PrivateIpAddressSpecification": { + "additionalProperties": false, + "properties": { + "Primary": { + "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "title": "Primary", + "type": "boolean" + }, + "PrivateIpAddress": { + "markdownDescription": "The private IPv4 address.", + "title": "PrivateIpAddress", "type": "string" } }, "required": [ - "Cpu", - "Memory" + "PrivateIpAddress" ], "type": "object" }, - "AWS::EMRServerless::Application.MonitoringConfiguration": { + "AWS::EC2::SpotFleet.SpotCapacityRebalance": { "additionalProperties": false, "properties": { - "CloudWatchLoggingConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.CloudWatchLoggingConfiguration", - "markdownDescription": "The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch.", - "title": "CloudWatchLoggingConfiguration" - }, - "ManagedPersistenceMonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", - "markdownDescription": "The managed log persistence configuration for a job run.", - "title": "ManagedPersistenceMonitoringConfiguration" + "ReplacementStrategy": { + "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", + "title": "ReplacementStrategy", + "type": "string" }, - "S3MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", - "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", - "title": "S3MonitoringConfiguration" + "TerminationDelay": { + "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", + "title": "TerminationDelay", + "type": "number" } }, "type": "object" }, - "AWS::EMRServerless::Application.NetworkConfiguration": { + "AWS::EC2::SpotFleet.SpotFleetLaunchSpecification": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "BlockDeviceMappings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::SpotFleet.BlockDeviceMapping" }, - "markdownDescription": "The array of security group Ids for customer VPC connectivity.", - "title": "SecurityGroupIds", + "markdownDescription": "One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.", + "title": "BlockDeviceMappings", "type": "array" }, - "SubnetIds": { + "EbsOptimized": { + "markdownDescription": "Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.\n\nDefault: `false`", + "title": "EbsOptimized", + "type": "boolean" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.IamInstanceProfileSpecification", + "markdownDescription": "The IAM instance profile.", + "title": "IamInstanceProfile" + }, + "ImageId": { + "markdownDescription": "The ID of the AMI.", + "title": "ImageId", + "type": "string" + }, + "InstanceRequirements": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", + "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", + "title": "InstanceRequirements" + }, + "InstanceType": { + "markdownDescription": "The instance type.", + "title": "InstanceType", + "type": "string" + }, + "KernelId": { + "markdownDescription": "The ID of the kernel.", + "title": "KernelId", + "type": "string" + }, + "KeyName": { + "markdownDescription": "The name of the key pair.", + "title": "KeyName", + "type": "string" + }, + "Monitoring": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetMonitoring", + "markdownDescription": "Enable or disable monitoring for the instances.", + "title": "Monitoring" + }, + "NetworkInterfaces": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification" }, - "markdownDescription": "The array of subnet Ids for customer VPC connectivity.", - "title": "SubnetIds", + "markdownDescription": "The network interfaces.", + "title": "NetworkInterfaces", + "type": "array" + }, + "Placement": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotPlacement", + "markdownDescription": "The placement information.", + "title": "Placement" + }, + "RamdiskId": { + "markdownDescription": "The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.", + "title": "RamdiskId", + "type": "string" + }, + "SecurityGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.GroupIdentifier" + }, + "markdownDescription": "The security groups.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", + "title": "SecurityGroups", + "type": "array" + }, + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", + "title": "SubnetId", + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + }, + "markdownDescription": "The tags to apply during creation.", + "title": "TagSpecifications", "type": "array" + }, + "UserData": { + "markdownDescription": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.", + "title": "UserData", + "type": "string" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n> When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", + "title": "WeightedCapacity", + "type": "number" + } + }, + "required": [ + "ImageId" + ], + "type": "object" + }, + "AWS::EC2::SpotFleet.SpotFleetMonitoring": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Enables monitoring for the instance.\n\nDefault: `false`", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::EMRServerless::Application.S3MonitoringConfiguration": { + "AWS::EC2::SpotFleet.SpotFleetRequestConfigData": { "additionalProperties": false, "properties": { - "EncryptionKeyArn": { - "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", - "title": "EncryptionKeyArn", + "AllocationStrategy": { + "markdownDescription": "The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* .\n\n- **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.\n- **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity.\n- **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify.\n- **lowestPrice (not recommended)** - > We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. \n\nSpot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates.\n\nDefault: `lowestPrice`", + "title": "AllocationStrategy", "type": "string" }, - "LogUri": { - "markdownDescription": "The Amazon S3 destination URI for log publishing.", - "title": "LogUri", + "Context": { + "markdownDescription": "Reserved.", + "title": "Context", + "type": "string" + }, + "ExcessCapacityTerminationPolicy": { + "markdownDescription": "Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.\n\nSupported only for fleets of type `maintain` .", + "title": "ExcessCapacityTerminationPolicy", + "type": "string" + }, + "IamFleetRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` .", + "title": "IamFleetRole", + "type": "string" + }, + "InstanceInterruptionBehavior": { + "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", + "title": "InstanceInterruptionBehavior", + "type": "string" + }, + "InstancePoolsToUseCount": { + "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", + "title": "InstancePoolsToUseCount", + "type": "number" + }, + "LaunchSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetLaunchSpecification" + }, + "markdownDescription": "The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` .", + "title": "LaunchSpecifications", + "type": "array" + }, + "LaunchTemplateConfigs": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateConfig" + }, + "markdownDescription": "The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` .", + "title": "LaunchTemplateConfigs", + "type": "array" + }, + "LoadBalancersConfig": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.LoadBalancersConfig", + "markdownDescription": "One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.\n\nWith Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.", + "title": "LoadBalancersConfig" + }, + "OnDemandAllocationStrategy": { + "markdownDescription": "The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` .", + "title": "OnDemandAllocationStrategy", + "type": "string" + }, + "OnDemandMaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "OnDemandMaxTotalPrice", + "type": "string" + }, + "OnDemandTargetCapacity": { + "markdownDescription": "The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", + "title": "OnDemandTargetCapacity", + "type": "number" + }, + "ReplaceUnhealthyInstances": { + "markdownDescription": "Indicates whether Spot Fleet should replace unhealthy instances.", + "title": "ReplaceUnhealthyInstances", + "type": "boolean" + }, + "SpotMaintenanceStrategies": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotMaintenanceStrategies", + "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", + "title": "SpotMaintenanceStrategies" + }, + "SpotMaxTotalPrice": { + "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "title": "SpotMaxTotalPrice", + "type": "string" + }, + "SpotPrice": { + "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "title": "SpotPrice", + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" + }, + "markdownDescription": "The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .", + "title": "TagSpecifications", + "type": "array" + }, + "TargetCapacity": { + "markdownDescription": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", + "title": "TargetCapacity", + "type": "number" + }, + "TargetCapacityUnitType": { + "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection.\n\nDefault: `units` (the number of instances)", + "title": "TargetCapacityUnitType", + "type": "string" + }, + "TerminateInstancesWithExpiration": { + "markdownDescription": "Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.", + "title": "TerminateInstancesWithExpiration", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet.", + "title": "Type", + "type": "string" + }, + "ValidFrom": { + "markdownDescription": "The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately.", + "title": "ValidFrom", + "type": "string" + }, + "ValidUntil": { + "markdownDescription": "The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.", + "title": "ValidUntil", "type": "string" } }, + "required": [ + "IamFleetRole", + "TargetCapacity" + ], "type": "object" }, - "AWS::EMRServerless::Application.WorkerConfiguration": { + "AWS::EC2::SpotFleet.SpotFleetTagSpecification": { "additionalProperties": false, "properties": { - "Cpu": { - "markdownDescription": "The CPU requirements of the worker configuration. Each worker can have 1, 2, 4, 8, or 16 vCPUs.", - "title": "Cpu", + "ResourceType": { + "markdownDescription": "The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` .", + "title": "ResourceType", "type": "string" }, - "Disk": { - "markdownDescription": "The disk requirements of the worker configuration.", - "title": "Disk", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.SpotMaintenanceStrategies": { + "additionalProperties": false, + "properties": { + "CapacityRebalance": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotCapacityRebalance", + "markdownDescription": "The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* .", + "title": "CapacityRebalance" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.SpotPlacement": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.\n\nTo specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\".", + "title": "AvailabilityZone", "type": "string" }, - "Memory": { - "markdownDescription": "The memory requirements of the worker configuration.", - "title": "Memory", + "GroupName": { + "markdownDescription": "The name of the placement group.", + "title": "GroupName", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances.", + "title": "Tenancy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.TargetGroup": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "Arn", "type": "string" } }, "required": [ - "Cpu", - "Memory" + "Arn" ], "type": "object" }, - "AWS::EMRServerless::Application.WorkerTypeSpecificationInput": { + "AWS::EC2::SpotFleet.TargetGroupsConfig": { "additionalProperties": false, "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", - "markdownDescription": "The image configuration for a worker type.", - "title": "ImageConfiguration" + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroup" + }, + "markdownDescription": "One or more target groups.", + "title": "TargetGroups", + "type": "array" } }, + "required": [ + "TargetGroups" + ], "type": "object" }, - "AWS::ElastiCache::CacheCluster": { + "AWS::EC2::SpotFleet.TotalLocalStorageGBRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::SpotFleet.VCpuCountRangeRequest": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::Subnet": { "additionalProperties": false, "properties": { "Condition": { @@ -90232,160 +98529,103 @@ "Properties": { "additionalProperties": false, "properties": { - "AZMode": { - "markdownDescription": "Specifies whether the nodes in this Memcached cluster are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region.\n\nThis parameter is only supported for Memcached clusters.\n\nIf the `AZMode` and `PreferredAvailabilityZones` are not specified, ElastiCache assumes `single-az` mode.", - "title": "AZMode", - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", - "title": "AutoMinorVersionUpgrade", + "AssignIpv6AddressOnCreation": { + "markdownDescription": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is `false` .\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", + "title": "AssignIpv6AddressOnCreation", "type": "boolean" }, - "CacheNodeType": { - "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. Changing the CacheNodeType of a Memcached instance is currently not supported. If you need to scale using Memcached, we recommend forcing a replacement update by changing the `LogicalResourceId` of the resource.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.8xlarge` , `cache.m6g.12xlarge` , `cache.m6g.16xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.8xlarge` , `cache.r6g.12xlarge` , `cache.r6g.16xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n\n*Additional node type info*\n\n- All current generation instance types are created in Amazon VPC by default.\n- Valkey and Redis OSS append-only files (AOF) are not supported for T1 or T2 instances.\n- Valkey and Redis OSS Multi-AZ with automatic failover is not supported on T1 instances.\n- Redis OSS configuration variables `appendonly` and `appendfsync` are not supported on Redis OSS version 2.8.22 and later.", - "title": "CacheNodeType", - "type": "string" - }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the parameter group to associate with this cluster. If this argument is omitted, the default parameter group for the specified engine is used. You cannot use any parameter group which has `cluster-enabled='yes'` when creating a cluster.", - "title": "CacheParameterGroupName", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the subnet.\n\nIf you update this property, you must also update the `CidrBlock` property.", + "title": "AvailabilityZone", "type": "string" }, - "CacheSecurityGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group names to associate with this cluster.\n\nUse this parameter only when you are creating a cluster outside of an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "CacheSecurityGroupNames", - "type": "array" - }, - "CacheSubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see `[AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .`", - "title": "CacheSubnetGroupName", + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the subnet.", + "title": "AvailabilityZoneId", "type": "string" }, - "ClusterName": { - "markdownDescription": "A name for the cache cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the cache cluster. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe name must contain 1 to 50 alphanumeric characters or hyphens. The name must start with a letter and cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ClusterName", + "CidrBlock": { + "markdownDescription": "The IPv4 CIDR block assigned to the subnet.\n\nIf you update this property, we create a new subnet, and then delete the existing one.", + "title": "CidrBlock", "type": "string" }, - "Engine": { - "markdownDescription": "The name of the cache engine to be used for this cluster.\n\nValid values for this parameter are: `memcached` | valkey | `redis`", - "title": "Engine", - "type": "string" + "EnableDns64": { + "markdownDescription": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.\n\n> You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a `0.0.0.0/0` route pointing to the internet gateway. For more information, see [Configure DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "EnableDns64", + "type": "boolean" }, - "EngineVersion": { - "markdownDescription": "The version number of the cache engine to be used for this cluster. To view the supported cache engine versions, use the DescribeCacheEngineVersions operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ), but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", - "title": "EngineVersion", - "type": "string" + "EnableLniAtDeviceIndex": { + "markdownDescription": "Indicates the device position for local network interfaces in this subnet. For example, `1` indicates local network interfaces in this subnet are the secondary network interface (eth1).", + "title": "EnableLniAtDeviceIndex", + "type": "number" }, - "IpDiscovery": { - "markdownDescription": "The network type you choose when modifying a cluster, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "IpDiscovery", + "Ipv4IpamPoolId": { + "markdownDescription": "An IPv4 IPAM pool ID for the subnet.", + "title": "Ipv4IpamPoolId", "type": "string" }, - "LogDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest" - }, - "markdownDescription": "Specifies the destination, format and type of the logs.", - "title": "LogDeliveryConfigurations", - "type": "array" + "Ipv4NetmaskLength": { + "markdownDescription": "An IPv4 netmask length for the subnet.", + "title": "Ipv4NetmaskLength", + "type": "number" }, - "NetworkType": { - "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "NetworkType", + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 CIDR block.\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", + "title": "Ipv6CidrBlock", "type": "string" }, - "NotificationTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", - "title": "NotificationTopicArn", + "Ipv6IpamPoolId": { + "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", + "title": "Ipv6IpamPoolId", "type": "string" }, - "NumCacheNodes": { - "markdownDescription": "The number of cache nodes that the cache cluster should have.\n\n> However, if the `PreferredAvailabilityZone` and `PreferredAvailabilityZones` properties were not previously specified and you don't specify any new values, an update requires [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NumCacheNodes", - "type": "number" + "Ipv6Native": { + "markdownDescription": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "Ipv6Native", + "type": "boolean" }, - "Port": { - "markdownDescription": "The port number on which each of the cache nodes accepts connections.", - "title": "Port", + "Ipv6NetmaskLength": { + "markdownDescription": "An IPv6 netmask length for the subnet.", + "title": "Ipv6NetmaskLength", "type": "number" }, - "PreferredAvailabilityZone": { - "markdownDescription": "The EC2 Availability Zone in which the cluster is created.\n\nAll nodes belonging to this cluster are placed in the preferred Availability Zone. If you want to create your nodes across multiple Availability Zones, use `PreferredAvailabilityZones` .\n\nDefault: System chosen Availability Zone.", - "title": "PreferredAvailabilityZone", - "type": "string" - }, - "PreferredAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the Availability Zones in which cache nodes are created. The order of the zones in the list is not important.\n\nThis option is only supported on Memcached.\n\n> If you are creating your cluster in an Amazon VPC (recommended) you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheNodes` . \n\nIf you want all the nodes in the same Availability Zone, use `PreferredAvailabilityZone` instead, or repeat the Availability Zone multiple times in the list.\n\nDefault: System chosen Availability Zones.", - "title": "PreferredAvailabilityZones", - "type": "array" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A single-element string list containing an Amazon Resource Name (ARN) that uniquely identifies a Valkey or Redis OSS RDB snapshot file stored in Amazon S3. The snapshot file is used to populate the node group (shard). The Amazon S3 object name in the ARN cannot contain any commas.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", - "title": "SnapshotArns", - "type": "array" + "MapPublicIpOnLaunch": { + "markdownDescription": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is `false` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", + "title": "MapPublicIpOnLaunch", + "type": "boolean" }, - "SnapshotName": { - "markdownDescription": "The name of a Valkey or Redis OSS snapshot from which to restore data into the new node group (shard). The snapshot status changes to `restoring` while the new node group (shard) is being created.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", - "title": "SnapshotName", + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", + "title": "OutpostArn", "type": "string" }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot taken today is retained for 5 days before being deleted.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nDefault: 0 (i.e., automatic backups are disabled for this cache cluster).", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", - "title": "SnapshotWindow", - "type": "string" + "PrivateDnsNameOptionsOnLaunch": { + "$ref": "#/definitions/AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch", + "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nAvailable options:\n\n- EnableResourceNameDnsAAAARecord (true | false)\n- EnableResourceNameDnsARecord (true | false)\n- HostnameType (ip-name | resource-name)", + "title": "PrivateDnsNameOptionsOnLaunch" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be added to this resource.", + "markdownDescription": "Any tags assigned to the subnet.", "title": "Tags", "type": "array" }, - "TransitEncryptionEnabled": { - "markdownDescription": "A flag that enables in-transit encryption when set to true.", - "title": "TransitEncryptionEnabled", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more VPC security groups associated with the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "VpcSecurityGroupIds", - "type": "array" + "VpcId": { + "markdownDescription": "The ID of the VPC the subnet is in.\n\nIf you update this property, you must also update the `CidrBlock` property.", + "title": "VpcId", + "type": "string" } }, "required": [ - "CacheNodeType", - "Engine", - "NumCacheNodes" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::CacheCluster" + "AWS::EC2::Subnet" ], "type": "string" }, @@ -90404,87 +98644,43 @@ ], "type": "object" }, - "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { + "AWS::EC2::Subnet.BlockPublicAccessStates": { "additionalProperties": false, "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group.", - "title": "LogGroup", + "InternetGatewayBlockMode": { + "markdownDescription": "The mode of VPC BPA.\n\n- `off` : VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.\n- `block-bidirectional` : Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).\n- `block-ingress` : Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.", + "title": "InternetGatewayBlockMode", "type": "string" } }, - "required": [ - "LogGroup" - ], "type": "object" }, - "AWS::ElastiCache::CacheCluster.DestinationDetails": { + "AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch": { "additionalProperties": false, "properties": { - "CloudWatchLogsDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails", - "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", - "title": "CloudWatchLogsDetails" + "EnableResourceNameDnsAAAARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.", + "title": "EnableResourceNameDnsAAAARecord", + "type": "boolean" }, - "KinesisFirehoseDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails", - "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", - "title": "KinesisFirehoseDetails" - } - }, - "type": "object" - }, - "AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails": { - "additionalProperties": false, - "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", - "title": "DeliveryStream", + "EnableResourceNameDnsARecord": { + "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "title": "EnableResourceNameDnsARecord", + "type": "boolean" + }, + "HostnameType": { + "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.", + "title": "HostnameType", "type": "string" } }, - "required": [ - "DeliveryStream" - ], "type": "object" }, - "AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest": { + "AWS::EC2::SubnetCidrBlock": { "additionalProperties": false, "properties": { - "DestinationDetails": { - "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.DestinationDetails", - "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", - "title": "DestinationDetails" - }, - "DestinationType": { - "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", - "title": "DestinationType", - "type": "string" - }, - "LogFormat": { - "markdownDescription": "Valid values are either `json` or `text` .", - "title": "LogFormat", - "type": "string" - }, - "LogType": { - "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", - "title": "LogType", - "type": "string" - } - }, - "required": [ - "DestinationDetails", - "DestinationType", - "LogFormat", - "LogType" - ], - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "Condition": { + "type": "string" }, "DeletionPolicy": { "enum": [ @@ -90515,66 +98711,35 @@ "Properties": { "additionalProperties": false, "properties": { - "AutomaticFailoverEnabled": { - "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.", - "title": "AutomaticFailoverEnabled", - "type": "boolean" - }, - "CacheNodeType": { - "markdownDescription": "The cache node type of the Global datastore", - "title": "CacheNodeType", - "type": "string" - }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the cache parameter group to use with the Global datastore. It must be compatible with the major engine version used by the Global datastore.", - "title": "CacheParameterGroupName", + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range for the subnet, in CIDR notation.", + "title": "Ipv6CidrBlock", "type": "string" }, - "EngineVersion": { - "markdownDescription": "The Elasticache Valkey or Redis OSS engine version.", - "title": "EngineVersion", + "Ipv6IpamPoolId": { + "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", + "title": "Ipv6IpamPoolId", "type": "string" }, - "GlobalNodeGroupCount": { - "markdownDescription": "The number of node groups that comprise the Global Datastore.", - "title": "GlobalNodeGroupCount", + "Ipv6NetmaskLength": { + "markdownDescription": "An IPv6 netmask length for the subnet.", + "title": "Ipv6NetmaskLength", "type": "number" }, - "GlobalReplicationGroupDescription": { - "markdownDescription": "The optional description of the Global datastore", - "title": "GlobalReplicationGroupDescription", - "type": "string" - }, - "GlobalReplicationGroupIdSuffix": { - "markdownDescription": "The suffix name of a Global Datastore. The suffix guarantees uniqueness of the Global Datastore name across multiple regions.", - "title": "GlobalReplicationGroupIdSuffix", + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", "type": "string" - }, - "Members": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember" - }, - "markdownDescription": "The replication groups that comprise the Global datastore.", - "title": "Members", - "type": "array" - }, - "RegionalConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration" - }, - "markdownDescription": "The Regions that comprise the Global Datastore.", - "title": "RegionalConfigurations", - "type": "array" } }, "required": [ - "Members" + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::GlobalReplicationGroup" + "AWS::EC2::SubnetCidrBlock" ], "type": "string" }, @@ -90593,71 +98758,7 @@ ], "type": "object" }, - "AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember": { - "additionalProperties": false, - "properties": { - "ReplicationGroupId": { - "markdownDescription": "The replication group id of the Global datastore member.", - "title": "ReplicationGroupId", - "type": "string" - }, - "ReplicationGroupRegion": { - "markdownDescription": "The Amazon region of the Global datastore member.", - "title": "ReplicationGroupRegion", - "type": "string" - }, - "Role": { - "markdownDescription": "Indicates the role of the replication group, `PRIMARY` or `SECONDARY` .", - "title": "Role", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration": { - "additionalProperties": false, - "properties": { - "ReplicationGroupId": { - "markdownDescription": "The name of the secondary cluster", - "title": "ReplicationGroupId", - "type": "string" - }, - "ReplicationGroupRegion": { - "markdownDescription": "The Amazon region where the cluster is stored", - "title": "ReplicationGroupRegion", - "type": "string" - }, - "ReshardingConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration" - }, - "markdownDescription": "A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster.", - "title": "ReshardingConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration": { - "additionalProperties": false, - "properties": { - "NodeGroupId": { - "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", - "title": "NodeGroupId", - "type": "string" - }, - "PreferredAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of preferred availability zones for the nodes in this cluster.", - "title": "PreferredAvailabilityZones", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ParameterGroup": { + "AWS::EC2::SubnetNetworkAclAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -90692,45 +98793,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheParameterGroupFamily": { - "markdownDescription": "The name of the cache parameter group family that this cache parameter group is compatible with.\n\nValid values are: `valkey8` | `valkey7` | `memcached1.4` | `memcached1.5` | `memcached1.6` | `redis2.6` | `redis2.8` | `redis3.2` | `redis4.0` | `redis5.0` | `redis6.x` | `redis7`", - "title": "CacheParameterGroupFamily", + "NetworkAclId": { + "markdownDescription": "The ID of the network ACL.", + "title": "NetworkAclId", "type": "string" }, - "Description": { - "markdownDescription": "The description for this cache parameter group.", - "title": "Description", + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", "type": "string" - }, - "Properties": { - "additionalProperties": true, - "markdownDescription": "A comma-delimited list of parameter name/value pairs.\n\nFor example:\n\n```\n\"Properties\" : { \"cas_disabled\" : \"1\", \"chunk_size_growth_factor\" : \"1.02\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Properties", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag that can be added to an ElastiCache parameter group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your parameter groups. A tag with a null Value is permitted.", - "title": "Tags", - "type": "array" } }, "required": [ - "CacheParameterGroupFamily", - "Description" + "NetworkAclId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ParameterGroup" + "AWS::EC2::SubnetNetworkAclAssociation" ], "type": "string" }, @@ -90749,7 +98831,7 @@ ], "type": "object" }, - "AWS::ElastiCache::ReplicationGroup": { + "AWS::EC2::SubnetRouteTableAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -90784,234 +98866,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AtRestEncryptionEnabled": { - "markdownDescription": "A flag that enables encryption at rest when set to `true` .\n\n*Required:* Only available when creating a replication group in an Amazon VPC using Redis OSS version `3.2.6` or `4.x` onward.\n\nDefault: `false`", - "title": "AtRestEncryptionEnabled", - "type": "boolean" - }, - "AuthToken": { - "markdownDescription": "*Reserved parameter.* The password used to access a password protected server.\n\n`AuthToken` can be specified only on replication groups where `TransitEncryptionEnabled` is `true` . For more information, see [Authenticating Valkey or Redis OSS users with the AUTH Command](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/auth.html) .\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` . \n\nPassword constraints:\n\n- Must be only printable ASCII characters.\n- Must be at least 16 characters and no more than 128 characters in length.\n- Nonalphanumeric characters are restricted to (!, &, #, $, ^, <, >, -, ).\n\nFor more information, see [AUTH password](https://docs.aws.amazon.com/http://redis.io/commands/AUTH) at http://redis.io/commands/AUTH.\n\n> If ADDING the AuthToken, update requires [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "AuthToken", - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AutomaticFailoverEnabled": { - "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.\n\nDefault: false", - "title": "AutomaticFailoverEnabled", - "type": "boolean" - }, - "CacheNodeType": { - "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.12xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.12xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Amazon Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)", - "title": "CacheNodeType", - "type": "string" - }, - "CacheParameterGroupName": { - "markdownDescription": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n\nIf you are running Valkey or Redis OSS version 3.2.4 or later, only one node group (shard), and want to use a default parameter group, we recommend that you specify the parameter group by name.\n\n- To create a Valkey or Redis OSS (cluster mode disabled) replication group, use `CacheParameterGroupName=default.redis3.2` .\n- To create a Valkey or Redis OSS (cluster mode enabled) replication group, use `CacheParameterGroupName=default.redis3.2.cluster.on` .", - "title": "CacheParameterGroupName", - "type": "string" - }, - "CacheSecurityGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cache security group names to associate with this replication group.", - "title": "CacheSecurityGroupNames", - "type": "array" - }, - "CacheSubnetGroupName": { - "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", - "title": "CacheSubnetGroupName", - "type": "string" - }, - "ClusterMode": { - "markdownDescription": "The mode can be enabled or disabled. To change the cluster mode from disabled to enabled, you must first set the cluster mode to compatible. The compatible mode allows your Valkey or Redis OSS clients to connect using both cluster mode enabled and cluster mode disabled. After you migrate all Valkey or Redis OSS clients to use cluster mode enabled, you can then complete cluster mode configuration and set the cluster mode to enabled. For more information, see [Modify cluster mode](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/modify-cluster-mode.html) .", - "title": "ClusterMode", - "type": "string" - }, - "DataTieringEnabled": { - "markdownDescription": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html) .", - "title": "DataTieringEnabled", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The name of the cache engine to be used for the clusters in this replication group. The value must be set to `valkey` or `redis` .\n\n> Upgrading an existing engine from redis to valkey is done through in-place migration, and requires a parameter group.", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the cache engine to be used for the clusters in this replication group. To view the supported cache engine versions, use the `DescribeCacheEngineVersions` operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ) in the *ElastiCache User Guide* , but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", - "title": "EngineVersion", - "type": "string" - }, - "GlobalReplicationGroupId": { - "markdownDescription": "The name of the Global datastore", - "title": "GlobalReplicationGroupId", - "type": "string" - }, - "IpDiscovery": { - "markdownDescription": "The network type you choose when creating a replication group, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 or Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "IpDiscovery", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key used to encrypt the disk on the cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LogDeliveryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest" - }, - "markdownDescription": "Specifies the destination, format and type of the logs.", - "title": "LogDeliveryConfigurations", - "type": "array" - }, - "MultiAZEnabled": { - "markdownDescription": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see [Minimizing Downtime: Multi-AZ](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html) .", - "title": "MultiAZEnabled", - "type": "boolean" - }, - "NetworkType": { - "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", - "title": "NetworkType", - "type": "string" - }, - "NodeGroupConfiguration": { - "items": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration" - }, - "markdownDescription": "`NodeGroupConfiguration` is a property of the `AWS::ElastiCache::ReplicationGroup` resource that configures an Amazon ElastiCache (ElastiCache) Valkey or Redis OSS cluster node group.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NodeGroupConfiguration` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NodeGroupConfiguration` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "NodeGroupConfiguration", - "type": "array" - }, - "NotificationTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", - "title": "NotificationTopicArn", - "type": "string" - }, - "NumCacheClusters": { - "markdownDescription": "The number of clusters this replication group initially has.\n\nThis parameter is not used if there is more than one node group (shard). You should use `ReplicasPerNodeGroup` instead.\n\nIf `AutomaticFailoverEnabled` is `true` , the value of this parameter must be at least 2. If `AutomaticFailoverEnabled` is `false` you can omit this parameter (it will default to 1), or you can explicitly set it to a value between 2 and 6.\n\nThe maximum permitted value for `NumCacheClusters` is 6 (1 primary plus 5 replicas).", - "title": "NumCacheClusters", - "type": "number" - }, - "NumNodeGroups": { - "markdownDescription": "An optional parameter that specifies the number of node groups (shards) for this Valkey or Redis OSS (cluster mode enabled) replication group. For Valkey or Redis OSS (cluster mode disabled) either omit this parameter or set it to 1.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NumNodeGroups` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NumNodeGroups` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .\n\nDefault: 1", - "title": "NumNodeGroups", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which each member of the replication group accepts connections.", - "title": "Port", - "type": "number" - }, - "PreferredCacheClusterAZs": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 Availability Zones in which the replication group's clusters are created. The order of the Availability Zones in the list is the order in which clusters are allocated. The primary cluster is created in the first AZ in the list.\n\nThis parameter is not used if there is more than one node group (shard). You should use `NodeGroupConfiguration` instead.\n\n> If you are creating your replication group in an Amazon VPC (recommended), you can only locate clusters in Availability Zones associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheClusters` . \n\nDefault: system chosen Availability Zones.", - "title": "PreferredCacheClusterAZs", - "type": "array" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PrimaryClusterId": { - "markdownDescription": "The identifier of the cluster that serves as the primary for this replication group. This cluster must already exist and have a status of `available` .\n\nThis parameter is not required if `NumCacheClusters` , `NumNodeGroups` , or `ReplicasPerNodeGroup` is specified.", - "title": "PrimaryClusterId", - "type": "string" - }, - "ReplicasPerNodeGroup": { - "markdownDescription": "An optional parameter that specifies the number of replica nodes in each node group (shard). Valid values are 0 to 5.", - "title": "ReplicasPerNodeGroup", - "type": "number" - }, - "ReplicationGroupDescription": { - "markdownDescription": "A user-created description for the replication group.", - "title": "ReplicationGroupDescription", - "type": "string" - }, - "ReplicationGroupId": { - "markdownDescription": "The replication group identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- A name must contain from 1 to 40 alphanumeric characters or hyphens.\n- The first character must be a letter.\n- A name cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ReplicationGroupId", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more Amazon VPC security groups associated with this replication group.\n\nUse this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud (Amazon VPC).", - "title": "SecurityGroupIds", - "type": "array" - }, - "SnapshotArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the Valkey or Redis OSS RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new replication group. The Amazon S3 object name in the ARN cannot contain any commas. The new replication group will have the number of node groups (console: shards) specified by the parameter *NumNodeGroups* or the number of node groups configured by *NodeGroupConfiguration* regardless of the number of ARNs specified here.\n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", - "title": "SnapshotArns", - "type": "array" - }, - "SnapshotName": { - "markdownDescription": "The name of a snapshot from which to restore data into the new replication group. The snapshot status changes to `restoring` while the new replication group is being created.", - "title": "SnapshotName", - "type": "string" - }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot that was taken today is retained for 5 days before being deleted.\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster).", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.", - "title": "SnapshotWindow", - "type": "string" - }, - "SnapshottingClusterId": { - "markdownDescription": "The cluster ID that is used as the daily snapshot source for the replication group. This parameter cannot be set for Valkey or Redis OSS (cluster mode enabled) replication groups.", - "title": "SnapshottingClusterId", + "RouteTableId": { + "markdownDescription": "The ID of the route table.\n\nThe physical ID changes when the route table ID is changed.", + "title": "RouteTableId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key= `myKey` , Value= `myKeyValue` . You can include multiple tags as shown following: Key= `myKey` , Value= `myKeyValue` Key= `mySecondKey` , Value= `mySecondKeyValue` . Tags on replication groups will be replicated to all nodes.", - "title": "Tags", - "type": "array" - }, - "TransitEncryptionEnabled": { - "markdownDescription": "A flag that enables in-transit encryption when set to `true` .\n\nThis parameter is only available when creating a replication group in an Amazon VPC using Valkey version `7.2` and above, Redis OSS version `3.2.6` , or Redis OSS version `4.x` and above, and the cluster is being created in an Amazon VPC.\n\nIf you enable in-transit encryption, you must also specify a value for `CacheSubnetGroup` .\n\n> TransitEncryptionEnabled is required when creating a new valkey replication group. \n\nDefault: `false`\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` .", - "title": "TransitEncryptionEnabled", - "type": "boolean" - }, - "TransitEncryptionMode": { - "markdownDescription": "A setting that allows you to migrate your clients to use in-transit encryption, with no downtime.\n\nWhen setting `TransitEncryptionEnabled` to `true` , you can set your `TransitEncryptionMode` to `preferred` in the same request, to allow both encrypted and unencrypted connections at the same time. Once you migrate all your Valkey or Redis OSS clients to use encrypted connections you can modify the value to `required` to allow encrypted connections only.\n\nSetting `TransitEncryptionMode` to `required` is a two-step process that requires you to first set the `TransitEncryptionMode` to `preferred` , after that you can set `TransitEncryptionMode` to `required` .\n\nThis process will not trigger the replacement of the replication group.", - "title": "TransitEncryptionMode", + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", "type": "string" - }, - "UserGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of user group to associate with the replication group.", - "title": "UserGroupIds", - "type": "array" } }, "required": [ - "ReplicationGroupDescription" + "RouteTableId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ReplicationGroup" + "AWS::EC2::SubnetRouteTableAssociation" ], "type": "string" }, @@ -91030,117 +98904,7 @@ ], "type": "object" }, - "AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails": { - "additionalProperties": false, - "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs log group.", - "title": "LogGroup", - "type": "string" - } - }, - "required": [ - "LogGroup" - ], - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.DestinationDetails": { - "additionalProperties": false, - "properties": { - "CloudWatchLogsDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails", - "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", - "title": "CloudWatchLogsDetails" - }, - "KinesisFirehoseDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails", - "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", - "title": "KinesisFirehoseDetails" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { - "additionalProperties": false, - "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", - "title": "DeliveryStream", - "type": "string" - } - }, - "required": [ - "DeliveryStream" - ], - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest": { - "additionalProperties": false, - "properties": { - "DestinationDetails": { - "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.DestinationDetails", - "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", - "title": "DestinationDetails" - }, - "DestinationType": { - "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", - "title": "DestinationType", - "type": "string" - }, - "LogFormat": { - "markdownDescription": "Valid values are either `json` or `text` .", - "title": "LogFormat", - "type": "string" - }, - "LogType": { - "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", - "title": "LogType", - "type": "string" - } - }, - "required": [ - "DestinationDetails", - "DestinationType", - "LogFormat", - "LogType" - ], - "type": "object" - }, - "AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration": { - "additionalProperties": false, - "properties": { - "NodeGroupId": { - "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", - "title": "NodeGroupId", - "type": "string" - }, - "PrimaryAvailabilityZone": { - "markdownDescription": "The Availability Zone where the primary node of this node group (shard) is launched.", - "title": "PrimaryAvailabilityZone", - "type": "string" - }, - "ReplicaAvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Availability Zones to be used for the read replicas. The number of Availability Zones in this list must match the value of `ReplicaCount` or `ReplicasPerNodeGroup` if not specified.", - "title": "ReplicaAvailabilityZones", - "type": "array" - }, - "ReplicaCount": { - "markdownDescription": "The number of read replica nodes in this node group (shard).", - "title": "ReplicaCount", - "type": "number" - }, - "Slots": { - "markdownDescription": "A string of comma-separated values where the first set of values are the slot numbers (zero based), and the second set of values are the keyspaces for each slot. The following example specifies three slots (numbered 0, 1, and 2): `0,1,2,0-4999,5000-9999,10000-16,383` .\n\nIf you don't specify a value, ElastiCache allocates keys equally among each slot.\n\nWhen you use an `UseOnlineResharding` update policy to update the number of node groups without interruption, ElastiCache evenly distributes the keyspaces between the specified number of slots. This cannot be updated later. Therefore, after updating the number of node groups in this way, you should remove the value specified for the `Slots` property of each `NodeGroupConfiguration` from the stack template, as it no longer reflects the actual values in each node group. For more information, see [UseOnlineResharding Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) .", - "title": "Slots", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElastiCache::SecurityGroup": { + "AWS::EC2::TrafficMirrorFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -91176,27 +98940,32 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description for the cache security group.", + "markdownDescription": "The description of the Traffic Mirror filter.", "title": "Description", "type": "string" }, + "NetworkServices": { + "items": { + "type": "string" + }, + "markdownDescription": "The network service traffic that is associated with the Traffic Mirror filter.\n\nValid values are `amazon-dns` .", + "title": "NetworkServices", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A tag that can be added to an ElastiCache security group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your security groups. A tag with a null Value is permitted.", + "markdownDescription": "The tags to assign to a Traffic Mirror filter.", "title": "Tags", "type": "array" } }, - "required": [ - "Description" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SecurityGroup" + "AWS::EC2::TrafficMirrorFilter" ], "type": "string" }, @@ -91210,12 +98979,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ElastiCache::SecurityGroupIngress": { + "AWS::EC2::TrafficMirrorFilterRule": { "additionalProperties": false, "properties": { "Condition": { @@ -91250,31 +99018,78 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheSecurityGroupName": { - "markdownDescription": "The name of the Cache Security Group to authorize.", - "title": "CacheSecurityGroupName", + "Description": { + "markdownDescription": "The description of the Traffic Mirror rule.", + "title": "Description", "type": "string" }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 Security Group to include in the authorization.", - "title": "EC2SecurityGroupName", + "DestinationCidrBlock": { + "markdownDescription": "The destination CIDR block to assign to the Traffic Mirror rule.", + "title": "DestinationCidrBlock", "type": "string" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "Specifies the Amazon Account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName property. The Amazon access key ID is not an acceptable value.", - "title": "EC2SecurityGroupOwnerId", + "DestinationPortRange": { + "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", + "markdownDescription": "The destination port range.", + "title": "DestinationPortRange" + }, + "Protocol": { + "markdownDescription": "The protocol, for example UDP, to assign to the Traffic Mirror rule.\n\nFor information about the protocol value, see [Protocol Numbers](https://docs.aws.amazon.com/https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.", + "title": "Protocol", + "type": "number" + }, + "RuleAction": { + "markdownDescription": "The action to take on the filtered traffic.", + "title": "RuleAction", + "type": "string" + }, + "RuleNumber": { + "markdownDescription": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.", + "title": "RuleNumber", + "type": "number" + }, + "SourceCidrBlock": { + "markdownDescription": "The source CIDR block to assign to the Traffic Mirror rule.", + "title": "SourceCidrBlock", + "type": "string" + }, + "SourcePortRange": { + "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", + "markdownDescription": "The source port range.", + "title": "SourcePortRange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags on Traffic Mirroring filter rules.", + "title": "Tags", + "type": "array" + }, + "TrafficDirection": { + "markdownDescription": "The type of traffic.", + "title": "TrafficDirection", + "type": "string" + }, + "TrafficMirrorFilterId": { + "markdownDescription": "The ID of the filter that this rule is associated with.", + "title": "TrafficMirrorFilterId", "type": "string" } }, "required": [ - "CacheSecurityGroupName", - "EC2SecurityGroupName" + "DestinationCidrBlock", + "RuleAction", + "RuleNumber", + "SourceCidrBlock", + "TrafficDirection", + "TrafficMirrorFilterId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SecurityGroupIngress" + "AWS::EC2::TrafficMirrorFilterRule" ], "type": "string" }, @@ -91293,7 +99108,27 @@ ], "type": "object" }, - "AWS::ElastiCache::ServerlessCache": { + "AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The start of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The end of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "ToPort" + ], + "type": "object" + }, + "AWS::EC2::TrafficMirrorSession": { "additionalProperties": false, "properties": { "Condition": { @@ -91328,108 +99163,66 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheUsageLimits": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.CacheUsageLimits", - "markdownDescription": "The cache usage limit for the serverless cache.", - "title": "CacheUsageLimits" - }, - "DailySnapshotTime": { - "markdownDescription": "The daily time that a cache snapshot will be created. Default is NULL, i.e. snapshots will not be created at a specific time on a daily basis. Available for Valkey, Redis OSS and Serverless Memcached only.", - "title": "DailySnapshotTime", - "type": "string" - }, "Description": { - "markdownDescription": "A description of the serverless cache.", + "markdownDescription": "The description of the Traffic Mirror session.", "title": "Description", "type": "string" }, - "Endpoint": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", - "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", - "title": "Endpoint" - }, - "Engine": { - "markdownDescription": "The engine the serverless cache is compatible with.", - "title": "Engine", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The name of the final snapshot taken of a cache before the cache is deleted.", - "title": "FinalSnapshotName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key that is used to encrypt data at rest in the serverless cache.", - "title": "KmsKeyId", - "type": "string" - }, - "MajorEngineVersion": { - "markdownDescription": "The version number of the engine the serverless cache is compatible with.", - "title": "MajorEngineVersion", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the source network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "ReaderEndpoint": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", - "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", - "title": "ReaderEndpoint" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the EC2 security groups associated with the serverless cache.", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServerlessCacheName": { - "markdownDescription": "The unique identifier of the serverless cache.", - "title": "ServerlessCacheName", + "OwnerId": { + "markdownDescription": "The ID of the account that owns the Traffic Mirror session.", + "title": "OwnerId", "type": "string" }, - "SnapshotArnsToRestore": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN of the snapshot from which to restore data into the new cache.", - "title": "SnapshotArnsToRestore", - "type": "array" - }, - "SnapshotRetentionLimit": { - "markdownDescription": "The current setting for the number of serverless cache snapshots the system will retain. Available for Valkey, Redis OSS and Serverless Memcached only.", - "title": "SnapshotRetentionLimit", + "PacketLength": { + "markdownDescription": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", + "title": "PacketLength", "type": "number" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "If no subnet IDs are given and your VPC is in us-west-1, then ElastiCache will select 2 default subnets across AZs in your VPC. For all other Regions, if no subnet IDs are given then ElastiCache will select 3 default subnets across AZs in your default VPC.", - "title": "SubnetIds", - "type": "array" + "SessionNumber": { + "markdownDescription": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", + "title": "SessionNumber", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to be added to this resource.", + "markdownDescription": "The tags to assign to a Traffic Mirror session.", "title": "Tags", "type": "array" }, - "UserGroupId": { - "markdownDescription": "The identifier of the user group associated with the serverless cache. Available for Valkey and Redis OSS only. Default is NULL.", - "title": "UserGroupId", + "TrafficMirrorFilterId": { + "markdownDescription": "The ID of the Traffic Mirror filter.", + "title": "TrafficMirrorFilterId", + "type": "string" + }, + "TrafficMirrorTargetId": { + "markdownDescription": "The ID of the Traffic Mirror target.", + "title": "TrafficMirrorTargetId", "type": "string" + }, + "VirtualNetworkId": { + "markdownDescription": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see [RFC 7348](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc7348) . If you do not specify a `VirtualNetworkId` , an account-wide unique ID is chosen at random.", + "title": "VirtualNetworkId", + "type": "number" } }, "required": [ - "Engine", - "ServerlessCacheName" + "NetworkInterfaceId", + "SessionNumber", + "TrafficMirrorFilterId", + "TrafficMirrorTargetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::ServerlessCache" + "AWS::EC2::TrafficMirrorSession" ], "type": "string" }, @@ -91448,79 +99241,7 @@ ], "type": "object" }, - "AWS::ElastiCache::ServerlessCache.CacheUsageLimits": { - "additionalProperties": false, - "properties": { - "DataStorage": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.DataStorage", - "markdownDescription": "The maximum data storage limit in the cache, expressed in Gigabytes.", - "title": "DataStorage" - }, - "ECPUPerSecond": { - "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.ECPUPerSecond", - "markdownDescription": "The number of ElastiCache Processing Units (ECPU) the cache can consume per second.", - "title": "ECPUPerSecond" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ServerlessCache.DataStorage": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "The upper limit for data storage the cache is set to use.", - "title": "Maximum", - "type": "number" - }, - "Minimum": { - "markdownDescription": "The lower limit for data storage the cache is set to use.", - "title": "Minimum", - "type": "number" - }, - "Unit": { - "markdownDescription": "The unit that the storage is measured in, in GB.", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "Unit" - ], - "type": "object" - }, - "AWS::ElastiCache::ServerlessCache.ECPUPerSecond": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "The configuration for the maximum number of ECPUs the cache can consume per second.", - "title": "Maximum", - "type": "number" - }, - "Minimum": { - "markdownDescription": "The configuration for the minimum number of ECPUs the cache should be able consume per second.", - "title": "Minimum", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElastiCache::ServerlessCache.Endpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The DNS hostname of the cache node.", - "title": "Address", - "type": "string" - }, - "Port": { - "markdownDescription": "The port number that the cache engine is listening on.", - "title": "Port", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElastiCache::SubnetGroup": { + "AWS::EC2::TrafficMirrorTarget": { "additionalProperties": false, "properties": { "Condition": { @@ -91555,42 +99276,40 @@ "Properties": { "additionalProperties": false, "properties": { - "CacheSubnetGroupName": { - "markdownDescription": "The name for the cache subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\nExample: `mysubnetgroup`", - "title": "CacheSubnetGroupName", - "type": "string" - }, "Description": { - "markdownDescription": "The description for the cache subnet group.", + "markdownDescription": "The description of the Traffic Mirror target.", "title": "Description", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The EC2 subnet IDs for the cache subnet group.", - "title": "SubnetIds", - "type": "array" + "GatewayLoadBalancerEndpointId": { + "markdownDescription": "The ID of the Gateway Load Balancer endpoint.", + "title": "GatewayLoadBalancerEndpointId", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The network interface ID that is associated with the target.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "NetworkLoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.", + "title": "NetworkLoadBalancerArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted.", + "markdownDescription": "The tags to assign to the Traffic Mirror target.", "title": "Tags", "type": "array" } }, - "required": [ - "Description", - "SubnetIds" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::SubnetGroup" + "AWS::EC2::TrafficMirrorTarget" ], "type": "string" }, @@ -91604,12 +99323,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ElastiCache::User": { + "AWS::EC2::TransitGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -91644,63 +99362,83 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessString": { - "markdownDescription": "Access permissions string used for this user.", - "title": "AccessString", + "AmazonSideAsn": { + "markdownDescription": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512.", + "title": "AmazonSideAsn", + "type": "number" + }, + "AssociationDefaultRouteTableId": { + "markdownDescription": "The ID of the default association route table.", + "title": "AssociationDefaultRouteTableId", "type": "string" }, - "AuthenticationMode": { - "$ref": "#/definitions/AWS::ElastiCache::User.AuthenticationMode", - "markdownDescription": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```", - "title": "AuthenticationMode" + "AutoAcceptSharedAttachments": { + "markdownDescription": "Enable or disable automatic acceptance of attachment requests. Disabled by default.", + "title": "AutoAcceptSharedAttachments", + "type": "string" }, - "Engine": { - "markdownDescription": "The current supported values are valkey and redis.", - "title": "Engine", + "DefaultRouteTableAssociation": { + "markdownDescription": "Enable or disable automatic association with the default association route table. Enabled by default. If `DefaultRouteTableAssociation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", + "title": "DefaultRouteTableAssociation", "type": "string" }, - "NoPasswordRequired": { - "markdownDescription": "Indicates a password is not required for this user.", - "title": "NoPasswordRequired", - "type": "boolean" + "DefaultRouteTablePropagation": { + "markdownDescription": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default. If `DefaultRouteTablePropagation` is set to enable, AWS Transit Gateway will create the default transit gateway route table.", + "title": "DefaultRouteTablePropagation", + "type": "string" }, - "Passwords": { - "items": { - "type": "string" - }, - "markdownDescription": "Passwords used for this user. You can create up to two passwords for each user.", - "title": "Passwords", - "type": "array" + "Description": { + "markdownDescription": "The description of the transit gateway.", + "title": "Description", + "type": "string" + }, + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. Enabled by default.", + "title": "DnsSupport", + "type": "string" + }, + "MulticastSupport": { + "markdownDescription": "Indicates whether multicast is enabled on the transit gateway", + "title": "MulticastSupport", + "type": "string" + }, + "PropagationDefaultRouteTableId": { + "markdownDescription": "The ID of the default propagation route table.", + "title": "PropagationDefaultRouteTableId", + "type": "string" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags.", + "markdownDescription": "The tags for the transit gateway.", "title": "Tags", "type": "array" }, - "UserId": { - "markdownDescription": "The ID of the user.", - "title": "UserId", - "type": "string" + "TransitGatewayCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The transit gateway CIDR blocks.", + "title": "TransitGatewayCidrBlocks", + "type": "array" }, - "UserName": { - "markdownDescription": "The username of the user.", - "title": "UserName", + "VpnEcmpSupport": { + "markdownDescription": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default.", + "title": "VpnEcmpSupport", "type": "string" } }, - "required": [ - "Engine", - "UserId", - "UserName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::User" + "AWS::EC2::TransitGateway" ], "type": "string" }, @@ -91713,35 +99451,12 @@ "type": "string" } }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::ElastiCache::User.AuthenticationMode": { - "additionalProperties": false, - "properties": { - "Passwords": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the passwords to use for authentication if `Type` is set to `password` .", - "title": "Passwords", - "type": "array" - }, - "Type": { - "markdownDescription": "Specifies the authentication type. Possible options are IAM authentication, password and no password.", - "title": "Type", - "type": "string" - } - }, "required": [ "Type" ], "type": "object" }, - "AWS::ElastiCache::UserGroup": { + "AWS::EC2::TransitGatewayAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -91776,43 +99491,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Engine": { - "markdownDescription": "The current supported values are valkey and redis.", - "title": "Engine", - "type": "string" + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayAttachment.Options", + "markdownDescription": "The VPC attachment options.", + "title": "Options" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.", + "title": "SubnetIds", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags.", + "markdownDescription": "The tags for the attachment.", "title": "Tags", "type": "array" }, - "UserGroupId": { - "markdownDescription": "The ID of the user group.", - "title": "UserGroupId", + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", "type": "string" }, - "UserIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of user IDs that belong to the user group. A user named `default` must be included.", - "title": "UserIds", - "type": "array" + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" } }, "required": [ - "Engine", - "UserGroupId", - "UserIds" + "SubnetIds", + "TransitGatewayId", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElastiCache::UserGroup" + "AWS::EC2::TransitGatewayAttachment" ], "type": "string" }, @@ -91831,7 +99551,33 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::Application": { + "AWS::EC2::TransitGatewayAttachment.Options": { + "additionalProperties": false, + "properties": { + "ApplianceModeSupport": { + "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", + "title": "ApplianceModeSupport", + "type": "string" + }, + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. The default is `disable` .", + "title": "DnsSupport", + "type": "string" + }, + "Ipv6Support": { + "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", + "title": "Ipv6Support", + "type": "string" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::TransitGatewayConnect": { "additionalProperties": false, "properties": { "Condition": { @@ -91866,27 +99612,34 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "ApplicationName", - "type": "string" + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions", + "markdownDescription": "The Connect attachment options.\n\n- protocol (gre)", + "title": "Options" }, - "Description": { - "markdownDescription": "Your description of the application.", - "title": "Description", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the attachment.", + "title": "Tags", + "type": "array" }, - "ResourceLifecycleConfig": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig", - "markdownDescription": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions.", - "title": "ResourceLifecycleConfig" + "TransportTransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment from which the Connect attachment was created.", + "title": "TransportTransitGatewayAttachmentId", + "type": "string" } }, + "required": [ + "Options", + "TransportTransitGatewayAttachmentId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::Application" + "AWS::EC2::TransitGatewayConnect" ], "type": "string" }, @@ -91900,85 +99653,23 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { + "AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions": { "additionalProperties": false, "properties": { - "ServiceRole": { - "markdownDescription": "The ARN of an IAM service role that Elastic Beanstalk has permission to assume.\n\nThe `ServiceRole` property is required the first time that you provide a `ResourceLifecycleConfig` for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value.", - "title": "ServiceRole", + "Protocol": { + "markdownDescription": "The tunnel protocol.", + "title": "Protocol", "type": "string" - }, - "VersionLifecycleConfig": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig", - "markdownDescription": "Defines lifecycle settings for application versions.", - "title": "VersionLifecycleConfig" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig": { - "additionalProperties": false, - "properties": { - "MaxAgeRule": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxAgeRule", - "markdownDescription": "Specify a max age rule to restrict the length of time that application versions are retained for an application.", - "title": "MaxAgeRule" - }, - "MaxCountRule": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxCountRule", - "markdownDescription": "Specify a max count rule to restrict the number of application versions that are retained for an application.", - "title": "MaxCountRule" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.MaxAgeRule": { - "additionalProperties": false, - "properties": { - "DeleteSourceFromS3": { - "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", - "title": "DeleteSourceFromS3", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", - "title": "Enabled", - "type": "boolean" - }, - "MaxAgeInDays": { - "markdownDescription": "Specify the number of days to retain an application versions.", - "title": "MaxAgeInDays", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElasticBeanstalk::Application.MaxCountRule": { - "additionalProperties": false, - "properties": { - "DeleteSourceFromS3": { - "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", - "title": "DeleteSourceFromS3", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", - "title": "Enabled", - "type": "boolean" - }, - "MaxCount": { - "markdownDescription": "Specify the maximum number of application versions to retain.", - "title": "MaxCount", - "type": "number" } }, "type": "object" }, - "AWS::ElasticBeanstalk::ApplicationVersion": { + "AWS::EC2::TransitGatewayMulticastDomain": { "additionalProperties": false, "properties": { "Condition": { @@ -92013,31 +99704,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the Elastic Beanstalk application that is associated with this application version.", - "title": "ApplicationName", - "type": "string" + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomain.Options", + "markdownDescription": "The options for the transit gateway multicast domain.\n\n- AutoAcceptSharedAssociations (enable | disable)\n- Igmpv2Support (enable | disable)\n- StaticSourcesSupport (enable | disable)", + "title": "Options" }, - "Description": { - "markdownDescription": "A description of this application version.", - "title": "Description", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the transit gateway multicast domain.", + "title": "Tags", + "type": "array" }, - "SourceBundle": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle", - "markdownDescription": "The Amazon S3 bucket and key that identify the location of the source bundle for this version.\n\n> The Amazon S3 bucket must be in the same region as the environment.", - "title": "SourceBundle" + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", + "type": "string" } }, "required": [ - "ApplicationName", - "SourceBundle" + "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::ApplicationVersion" + "AWS::EC2::TransitGatewayMulticastDomain" ], "type": "string" }, @@ -92056,27 +99749,28 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle": { + "AWS::EC2::TransitGatewayMulticastDomain.Options": { "additionalProperties": false, "properties": { - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket where the data is located.", - "title": "S3Bucket", + "AutoAcceptSharedAssociations": { + "markdownDescription": "Indicates whether to automatically accept cross-account subnet associations that are associated with the transit gateway multicast domain.", + "title": "AutoAcceptSharedAssociations", "type": "string" }, - "S3Key": { - "markdownDescription": "The Amazon S3 key where the data is located.", - "title": "S3Key", + "Igmpv2Support": { + "markdownDescription": "Specify whether to enable Internet Group Management Protocol (IGMP) version 2 for the transit gateway multicast domain.", + "title": "Igmpv2Support", + "type": "string" + }, + "StaticSourcesSupport": { + "markdownDescription": "Specify whether to enable support for statically configuring multicast group sources for a domain.", + "title": "StaticSourcesSupport", "type": "string" } }, - "required": [ - "S3Bucket", - "S3Key" - ], "type": "object" }, - "AWS::ElasticBeanstalk::ConfigurationTemplate": { + "AWS::EC2::TransitGatewayMulticastDomainAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -92111,53 +99805,32 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the Elastic Beanstalk application to associate with this configuration template.", - "title": "ApplicationName", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description for this configuration.", - "title": "Description", - "type": "string" - }, - "EnvironmentId": { - "markdownDescription": "The ID of an environment whose settings you want to use to create the configuration template. You must specify `EnvironmentId` if you don't specify `PlatformArn` , `SolutionStackName` , or `SourceConfiguration` .", - "title": "EnvironmentId", + "SubnetId": { + "markdownDescription": "The IDs of the subnets to associate with the transit gateway multicast domain.", + "title": "SubnetId", "type": "string" }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting" - }, - "markdownDescription": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the *AWS Elastic Beanstalk Developer Guide* .", - "title": "OptionSettings", - "type": "array" - }, - "PlatformArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , then don't specify `SolutionStackName` .", - "title": "PlatformArn", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the transit gateway attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "SolutionStackName": { - "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, `64bit Amazon Linux 2013.09 running Tomcat 7 Java 7` . A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\nYou must specify `SolutionStackName` if you don't specify `PlatformArn` , `EnvironmentId` , or `SourceConfiguration` .\n\nUse the [`ListAvailableSolutionStacks`](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html) API to obtain a list of available solution stacks.", - "title": "SolutionStackName", + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", "type": "string" - }, - "SourceConfiguration": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration", - "markdownDescription": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in `OptionSettings` override any values obtained from the `SourceConfiguration` .\n\nYou must specify `SourceConfiguration` if you don't specify `PlatformArn` , `EnvironmentId` , or `SolutionStackName` .\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name.", - "title": "SourceConfiguration" } }, "required": [ - "ApplicationName" + "SubnetId", + "TransitGatewayAttachmentId", + "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::ConfigurationTemplate" + "AWS::EC2::TransitGatewayMulticastDomainAssociation" ], "type": "string" }, @@ -92176,57 +99849,7 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting": { - "additionalProperties": false, - "properties": { - "Namespace": { - "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", - "title": "Namespace", - "type": "string" - }, - "OptionName": { - "markdownDescription": "The name of the configuration option.", - "title": "OptionName", - "type": "string" - }, - "ResourceName": { - "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", - "title": "ResourceName", - "type": "string" - }, - "Value": { - "markdownDescription": "The current value for the configuration option.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Namespace", - "OptionName" - ], - "type": "object" - }, - "AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration": { - "additionalProperties": false, - "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application associated with the configuration.", - "title": "ApplicationName", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the configuration template.", - "title": "TemplateName", - "type": "string" - } - }, - "required": [ - "ApplicationName", - "TemplateName" - ], - "type": "object" - }, - "AWS::ElasticBeanstalk::Environment": { + "AWS::EC2::TransitGatewayMulticastGroupMember": { "additionalProperties": false, "properties": { "Condition": { @@ -92261,81 +99884,32 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application that is associated with this environment.", - "title": "ApplicationName", - "type": "string" - }, - "CNAMEPrefix": { - "markdownDescription": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.", - "title": "CNAMEPrefix", - "type": "string" - }, - "Description": { - "markdownDescription": "Your description for this environment.", - "title": "Description", - "type": "string" - }, - "EnvironmentName": { - "markdownDescription": "A unique name for the environment.\n\nConstraint: Must be from 4 to 40 characters in length. The name can contain only letters, numbers, and hyphens. It can't start or end with a hyphen. This name must be unique within a region in your account.\n\nIf you don't specify the `CNAMEPrefix` parameter, the environment name becomes part of the CNAME, and therefore part of the visible URL for your application.\n\nIf you don't specify an environment name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "EnvironmentName", - "type": "string" - }, - "OperationsRole": { - "markdownDescription": "> The operations role feature of AWS Elastic Beanstalk is in beta release and is subject to change. \n\nThe Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. If specified, Elastic Beanstalk uses the operations role for permissions to downstream services during this call and during subsequent calls acting on this environment. To specify an operations role, you must have the `iam:PassRole` permission for the role.", - "title": "OperationsRole", - "type": "string" - }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.OptionSetting" - }, - "markdownDescription": "Key-value pairs defining configuration options for this environment, such as the instance type. These options override the values that are defined in the solution stack or the [configuration template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-beanstalk-configurationtemplate.html) . If you remove any options during a stack update, the removed options retain their current values.", - "title": "OptionSettings", - "type": "array" - }, - "PlatformArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform to use with the environment. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , don't specify `SolutionStackName` .", - "title": "PlatformArn", - "type": "string" - }, - "SolutionStackName": { - "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. If specified, Elastic Beanstalk sets the configuration values to the default values associated with the specified solution stack. For a list of current solution stacks, see [Elastic Beanstalk Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html) in the *AWS Elastic Beanstalk Platforms* guide.\n\n> If you specify `SolutionStackName` , don't specify `PlatformArn` or `TemplateName` .", - "title": "SolutionStackName", + "GroupIpAddress": { + "markdownDescription": "The IP address assigned to the transit gateway multicast group.", + "title": "GroupIpAddress", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies the tags applied to resources in the environment.", - "title": "Tags", - "type": "array" - }, - "TemplateName": { - "markdownDescription": "The name of the Elastic Beanstalk configuration template to use with the environment.\n\n> If you specify `TemplateName` , then don't specify `SolutionStackName` .", - "title": "TemplateName", + "NetworkInterfaceId": { + "markdownDescription": "The group members' network interface IDs to register with the transit gateway multicast group.", + "title": "NetworkInterfaceId", "type": "string" }, - "Tier": { - "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.Tier", - "markdownDescription": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.", - "title": "Tier" - }, - "VersionLabel": { - "markdownDescription": "The name of the application version to deploy.\n\nDefault: If not specified, Elastic Beanstalk attempts to deploy the sample application.", - "title": "VersionLabel", + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", "type": "string" } }, "required": [ - "ApplicationName" + "GroupIpAddress", + "NetworkInterfaceId", + "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticBeanstalk::Environment" + "AWS::EC2::TransitGatewayMulticastGroupMember" ], "type": "string" }, @@ -92354,58 +99928,86 @@ ], "type": "object" }, - "AWS::ElasticBeanstalk::Environment.OptionSetting": { + "AWS::EC2::TransitGatewayMulticastGroupSource": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", - "title": "Namespace", + "Condition": { "type": "string" }, - "OptionName": { - "markdownDescription": "The name of the configuration option.", - "title": "OptionName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ResourceName": { - "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", - "title": "ResourceName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Value": { - "markdownDescription": "The current value for the configuration option.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Namespace", - "OptionName" - ], - "type": "object" - }, - "AWS::ElasticBeanstalk::Environment.Tier": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `WebServer`\n- For *Worker tier* \u2013 `Worker`", - "title": "Name", - "type": "string" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GroupIpAddress": { + "markdownDescription": "The IP address assigned to the transit gateway multicast group.", + "title": "GroupIpAddress", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The group sources' network interface IDs to register with the transit gateway multicast group.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "TransitGatewayMulticastDomainId": { + "markdownDescription": "The ID of the transit gateway multicast domain.", + "title": "TransitGatewayMulticastDomainId", + "type": "string" + } + }, + "required": [ + "GroupIpAddress", + "NetworkInterfaceId", + "TransitGatewayMulticastDomainId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `Standard`\n- For *Worker tier* \u2013 `SQS/HTTP`", - "title": "Type", + "enum": [ + "AWS::EC2::TransitGatewayMulticastGroupSource" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version.\n\n> This member is deprecated. Any specific version that you set may become out of date. We recommend leaving it unspecified.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer": { + "AWS::EC2::TransitGatewayPeeringAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -92440,122 +100042,46 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessLoggingPolicy": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy", - "markdownDescription": "Information about where and how access logs are stored for the load balancer.", - "title": "AccessLoggingPolicy" - }, - "AppCookieStickinessPolicy": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy" - }, - "markdownDescription": "Information about a policy for application-controlled session stickiness.", - "title": "AppCookieStickinessPolicy", - "type": "array" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "The Availability Zones for a load balancer in a default VPC. For a load balancer in a nondefault VPC, specify `Subnets` instead.\n\nUpdate requires replacement if you did not previously specify an Availability Zone or if you are removing all Availability Zones. Otherwise, update requires no interruption.", - "title": "AvailabilityZones", - "type": "array" - }, - "ConnectionDrainingPolicy": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy", - "markdownDescription": "If enabled, the load balancer allows existing requests to complete before the load balancer shifts traffic away from a deregistered or unhealthy instance.\n\nFor more information, see [Configure connection draining](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) in the *User Guide for Classic Load Balancers* .", - "title": "ConnectionDrainingPolicy" - }, - "ConnectionSettings": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings", - "markdownDescription": "If enabled, the load balancer allows the connections to remain idle (no data is sent over the connection) for the specified duration.\n\nBy default, Elastic Load Balancing maintains a 60-second idle connection timeout for both front-end and back-end connections of your load balancer. For more information, see [Configure idle connection timeout](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) in the *User Guide for Classic Load Balancers* .", - "title": "ConnectionSettings" - }, - "CrossZone": { - "markdownDescription": "If enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones.\n\nFor more information, see [Configure cross-zone load balancing](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) in the *User Guide for Classic Load Balancers* .", - "title": "CrossZone", - "type": "boolean" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck", - "markdownDescription": "The health check settings to use when evaluating the health of your EC2 instances.\n\nUpdate requires replacement if you did not previously specify health check settings or if you are removing the health check settings. Otherwise, update requires no interruption.", - "title": "HealthCheck" - }, - "Instances": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the instances for the load balancer.", - "title": "Instances", - "type": "array" - }, - "LBCookieStickinessPolicy": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy" - }, - "markdownDescription": "Information about a policy for duration-based session stickiness.", - "title": "LBCookieStickinessPolicy", - "type": "array" - }, - "Listeners": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Listeners" - }, - "markdownDescription": "The listeners for the load balancer. You can specify at most one listener per port.\n\nIf you update the properties for a listener, AWS CloudFormation deletes the existing listener and creates a new one with the specified properties. While the new listener is being created, clients cannot connect to the load balancer.", - "title": "Listeners", - "type": "array" - }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer. This name must be unique within your set of load balancers for the region.\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) . If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", - "title": "LoadBalancerName", + "PeerAccountId": { + "markdownDescription": "The ID of the AWS account that owns the transit gateway.", + "title": "PeerAccountId", "type": "string" }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Policies" - }, - "markdownDescription": "The policies defined for your Classic Load Balancer. Specify only back-end server policies.", - "title": "Policies", - "type": "array" - }, - "Scheme": { - "markdownDescription": "The type of load balancer. Valid only for load balancers in a VPC.\n\nIf `Scheme` is `internet-facing` , the load balancer has a public DNS name that resolves to a public IP address.\n\nIf `Scheme` is `internal` , the load balancer has a public DNS name that resolves to a private IP address.", - "title": "Scheme", + "PeerRegion": { + "markdownDescription": "The Region where the transit gateway that you want to create the peer for is located.", + "title": "PeerRegion", "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups for the load balancer. Valid only for load balancers in a VPC.", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets for the load balancer. You can specify at most one subnet per Availability Zone.\n\nUpdate requires replacement if you did not previously specify a subnet or if you are removing all subnets. Otherwise, update requires no interruption. To update to a different subnet in the current Availability Zone, you must first update to a subnet in a different Availability Zone, then update to the new subnet in the original Availability Zone.", - "title": "Subnets", - "type": "array" + "PeerTransitGatewayId": { + "markdownDescription": "The ID of the transit gateway in the PeerRegion.", + "title": "PeerTransitGatewayId", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with a load balancer.", + "markdownDescription": "The tags for the transit gateway peering attachment.", "title": "Tags", "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway peering attachment.", + "title": "TransitGatewayId", + "type": "string" } }, "required": [ - "Listeners" + "PeerAccountId", + "PeerRegion", + "PeerTransitGatewayId", + "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancing::LoadBalancer" + "AWS::EC2::TransitGatewayPeeringAttachment" ], "type": "string" }, @@ -92574,233 +100100,254 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { + "AWS::EC2::TransitGatewayPeeringAttachment.PeeringAttachmentStatus": { "additionalProperties": false, "properties": { - "EmitInterval": { - "markdownDescription": "The interval for publishing the access logs. You can specify an interval of either 5 minutes or 60 minutes.\n\nDefault: 60 minutes", - "title": "EmitInterval", - "type": "number" - }, - "Enabled": { - "markdownDescription": "Specifies whether access logs are enabled for the load balancer.", - "title": "Enabled", - "type": "boolean" - }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket where the access logs are stored.", - "title": "S3BucketName", + "Code": { + "markdownDescription": "The status code.", + "title": "Code", "type": "string" }, - "S3BucketPrefix": { - "markdownDescription": "The logical hierarchy you created for your Amazon S3 bucket, for example `my-bucket-prefix/prod` . If the prefix is not provided, the log is placed at the root level of the bucket.", - "title": "S3BucketPrefix", + "Message": { + "markdownDescription": "The status message, if applicable.", + "title": "Message", "type": "string" } }, - "required": [ - "Enabled", - "S3BucketName" - ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy": { + "AWS::EC2::TransitGatewayRoute": { "additionalProperties": false, "properties": { - "CookieName": { - "markdownDescription": "The name of the application cookie used for stickiness.", - "title": "CookieName", + "Condition": { "type": "string" }, - "PolicyName": { - "markdownDescription": "The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.", - "title": "PolicyName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "CookieName", - "PolicyName" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether connection draining is enabled for the load balancer.", - "title": "Enabled", - "type": "boolean" }, - "Timeout": { - "markdownDescription": "The maximum time, in seconds, to keep the existing connections open before deregistering the instances.", - "title": "Timeout", - "type": "number" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings": { - "additionalProperties": false, - "properties": { - "IdleTimeout": { - "markdownDescription": "The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.", - "title": "IdleTimeout", - "type": "number" - } - }, - "required": [ - "IdleTimeout" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck": { - "additionalProperties": false, - "properties": { - "HealthyThreshold": { - "markdownDescription": "The number of consecutive health checks successes required before moving the instance to the `Healthy` state.", - "title": "HealthyThreshold", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Interval": { - "markdownDescription": "The approximate interval, in seconds, between health checks of an individual instance.", - "title": "Interval", - "type": "string" + "Metadata": { + "type": "object" }, - "Target": { - "markdownDescription": "The instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535.\n\nTCP is the default, specified as a TCP: port pair, for example \"TCP:5000\". In this case, a health check simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy.\n\nSSL is also specified as SSL: port pair, for example, SSL:5000.\n\nFor HTTP/HTTPS, you must include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example \"HTTP:80/weather/us/wa/seattle\". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than \"200 OK\" within the timeout period is considered unhealthy.\n\nThe total length of the HTTP ping target must be 1024 16-bit Unicode characters or less.", - "title": "Target", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Blackhole": { + "markdownDescription": "Indicates whether to drop traffic that matches this route.", + "title": "Blackhole", + "type": "boolean" + }, + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block used for destination matches.", + "title": "DestinationCidrBlock", + "type": "string" + }, + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", + "type": "string" + }, + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the transit gateway route table.", + "title": "TransitGatewayRouteTableId", + "type": "string" + } + }, + "required": [ + "DestinationCidrBlock", + "TransitGatewayRouteTableId" + ], + "type": "object" }, - "Timeout": { - "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check.\n\nThis value must be less than the `Interval` value.", - "title": "Timeout", + "Type": { + "enum": [ + "AWS::EC2::TransitGatewayRoute" + ], "type": "string" }, - "UnhealthyThreshold": { - "markdownDescription": "The number of consecutive health check failures required before moving the instance to the `Unhealthy` state.", - "title": "UnhealthyThreshold", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HealthyThreshold", - "Interval", - "Target", - "Timeout", - "UnhealthyThreshold" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy": { + "AWS::EC2::TransitGatewayRouteTable": { "additionalProperties": false, "properties": { - "CookieExpirationPeriod": { - "markdownDescription": "The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session.", - "title": "CookieExpirationPeriod", + "Condition": { "type": "string" }, - "PolicyName": { - "markdownDescription": "The name of the policy. This name must be unique within the set of policies for this load balancer.", - "title": "PolicyName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancing::LoadBalancer.Listeners": { - "additionalProperties": false, - "properties": { - "InstancePort": { - "markdownDescription": "The port on which the instance is listening.", - "title": "InstancePort", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "InstanceProtocol": { - "markdownDescription": "The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL.\n\nIf the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is secure, (HTTPS or SSL), the listener's `InstanceProtocol` must also be secure.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is HTTP or TCP, the listener's `InstanceProtocol` must be HTTP or TCP.", - "title": "InstanceProtocol", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LoadBalancerPort": { - "markdownDescription": "The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.", - "title": "LoadBalancerPort", - "type": "string" + "Metadata": { + "type": "object" }, - "PolicyNames": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Any tags assigned to the route table.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", + "type": "string" + } }, - "markdownDescription": "The names of the policies to associate with the listener.", - "title": "PolicyNames", - "type": "array" + "required": [ + "TransitGatewayId" + ], + "type": "object" }, - "Protocol": { - "markdownDescription": "The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL.", - "title": "Protocol", + "Type": { + "enum": [ + "AWS::EC2::TransitGatewayRouteTable" + ], "type": "string" }, - "SSLCertificateId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the server certificate.", - "title": "SSLCertificateId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InstancePort", - "LoadBalancerPort", - "Protocol" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancing::LoadBalancer.Policies": { + "AWS::EC2::TransitGatewayRouteTableAssociation": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "type": "object" - }, - "markdownDescription": "The policy attributes.", - "title": "Attributes", - "type": "array" + "Condition": { + "type": "string" }, - "InstancePorts": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance ports for the policy. Required only for some policy types.", - "title": "InstancePorts", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "LoadBalancerPorts": { - "items": { - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", + "type": "string" + }, + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the route table for the transit gateway.", + "title": "TransitGatewayRouteTableId", + "type": "string" + } }, - "markdownDescription": "The load balancer ports for the policy. Required only for some policy types.", - "title": "LoadBalancerPorts", - "type": "array" + "required": [ + "TransitGatewayAttachmentId", + "TransitGatewayRouteTableId" + ], + "type": "object" }, - "PolicyName": { - "markdownDescription": "The name of the policy.", - "title": "PolicyName", + "Type": { + "enum": [ + "AWS::EC2::TransitGatewayRouteTableAssociation" + ], "type": "string" }, - "PolicyType": { - "markdownDescription": "The name of the policy type.", - "title": "PolicyType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Attributes", - "PolicyName", - "PolicyType" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener": { + "AWS::EC2::TransitGatewayRouteTablePropagation": { "additionalProperties": false, "properties": { "Condition": { @@ -92835,65 +100382,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AlpnPolicy": { - "items": { - "type": "string" - }, - "markdownDescription": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.", - "title": "AlpnPolicy", - "type": "array" - }, - "Certificates": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Certificate" - }, - "markdownDescription": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nFor an HTTPS listener, update requires some interruptions. For a TLS listener, update requires no interruption.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", - "title": "Certificates", - "type": "array" - }, - "DefaultActions": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Action" - }, - "markdownDescription": "The actions for the default rule. You cannot define a condition for a default rule.\n\nTo create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) .", - "title": "DefaultActions", - "type": "array" - }, - "LoadBalancerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", - "title": "LoadBalancerArn", - "type": "string" - }, - "MutualAuthentication": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication", - "markdownDescription": "The mutual authentication configuration information.", - "title": "MutualAuthentication" - }, - "Port": { - "markdownDescription": "The port on which the load balancer is listening. You can't specify a port for a Gateway Load Balancer.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can\u2019t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You can't specify a protocol for a Gateway Load Balancer.", - "title": "Protocol", + "TransitGatewayAttachmentId": { + "markdownDescription": "The ID of the attachment.", + "title": "TransitGatewayAttachmentId", "type": "string" }, - "SslPolicy": { - "markdownDescription": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/describe-ssl-policies.html) in the *Network Load Balancers Guide* .\n\n[HTTPS listeners] Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic. To decrease the possibility of an interruption if your load balancer is handling a high volume of traffic, create an additional load balancer or request an LCU reservation.", - "title": "SslPolicy", + "TransitGatewayRouteTableId": { + "markdownDescription": "The ID of the propagation route table.", + "title": "TransitGatewayRouteTableId", "type": "string" } }, "required": [ - "DefaultActions", - "LoadBalancerArn" + "TransitGatewayAttachmentId", + "TransitGatewayRouteTableId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::Listener" + "AWS::EC2::TransitGatewayRouteTablePropagation" ], "type": "string" }, @@ -92912,338 +100420,577 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.Action": { + "AWS::EC2::TransitGatewayVpcAttachment": { "additionalProperties": false, "properties": { - "AuthenticateCognitoConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig", - "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", - "title": "AuthenticateCognitoConfig" - }, - "AuthenticateOidcConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig", - "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", - "title": "AuthenticateOidcConfig" - }, - "FixedResponseConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig", - "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", - "title": "FixedResponseConfig" + "Condition": { + "type": "string" }, - "ForwardConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ForwardConfig", - "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", - "title": "ForwardConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Order": { - "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", - "title": "Order", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RedirectConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.RedirectConfig", - "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", - "title": "RedirectConfig" + "Metadata": { + "type": "object" }, - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", - "title": "TargetGroupArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AddSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.", + "title": "AddSubnetIds", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::EC2::TransitGatewayVpcAttachment.Options", + "markdownDescription": "The VPC attachment options.", + "title": "Options" + }, + "RemoveSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of one or more subnets to remove.", + "title": "RemoveSubnetIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the VPC attachment.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway.", + "title": "TransitGatewayId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "TransitGatewayId", + "VpcId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of action.", - "title": "Type", + "enum": [ + "AWS::EC2::TransitGatewayVpcAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig": { + "AWS::EC2::TransitGatewayVpcAttachment.Options": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", - "type": "string" - }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", - "type": "string" - }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" - }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", + "ApplianceModeSupport": { + "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", + "title": "ApplianceModeSupport", "type": "string" }, - "UserPoolArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", - "title": "UserPoolArn", + "DnsSupport": { + "markdownDescription": "Enable or disable DNS support. The default is `disable` .", + "title": "DnsSupport", "type": "string" }, - "UserPoolClientId": { - "markdownDescription": "The ID of the Amazon Cognito user pool client.", - "title": "UserPoolClientId", + "Ipv6Support": { + "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", + "title": "Ipv6Support", "type": "string" }, - "UserPoolDomain": { - "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", - "title": "UserPoolDomain", + "SecurityGroupReferencingSupport": { + "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", + "title": "SecurityGroupReferencingSupport", "type": "string" } }, - "required": [ - "UserPoolArn", - "UserPoolClientId", - "UserPoolDomain" - ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig": { + "AWS::EC2::VPC": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "AuthorizationEndpoint": { - "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "AuthorizationEndpoint", - "type": "string" - }, - "ClientId": { - "markdownDescription": "The OAuth 2.0 client identifier.", - "title": "ClientId", - "type": "string" - }, - "ClientSecret": { - "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", - "title": "ClientSecret", - "type": "string" - }, - "Issuer": { - "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "Issuer", + "Condition": { "type": "string" }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" + "Metadata": { + "type": "object" }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CidrBlock": { + "markdownDescription": "The IPv4 network range for the VPC, in CIDR notation. For example, `10.0.0.0/16` . We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", + "title": "CidrBlock", + "type": "string" + }, + "EnableDnsHostnames": { + "markdownDescription": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .\n\nYou can only enable DNS hostnames if you've enabled DNS support.", + "title": "EnableDnsHostnames", + "type": "boolean" + }, + "EnableDnsSupport": { + "markdownDescription": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .", + "title": "EnableDnsSupport", + "type": "boolean" + }, + "InstanceTenancy": { + "markdownDescription": "The allowed tenancy of instances launched into the VPC.\n\n- `default` : An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n- `dedicated` : An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of `host` during instance launch. You cannot specify a tenancy of `default` during instance launch.\n\nUpdating `InstanceTenancy` requires no replacement only if you are updating its value from `dedicated` to `default` . Updating `InstanceTenancy` from `default` to `dedicated` requires replacement.", + "title": "InstanceTenancy", + "type": "string" + }, + "Ipv4IpamPoolId": { + "markdownDescription": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", + "title": "Ipv4IpamPoolId", + "type": "string" + }, + "Ipv4NetmaskLength": { + "markdownDescription": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4NetmaskLength", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the VPC.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "TokenEndpoint": { - "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "TokenEndpoint", + "Type": { + "enum": [ + "AWS::EC2::VPC" + ], "type": "string" }, - "UseExistingClientSecret": { - "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", - "title": "UseExistingClientSecret", - "type": "boolean" - }, - "UserInfoEndpoint": { - "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "UserInfoEndpoint", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AuthorizationEndpoint", - "ClientId", - "Issuer", - "TokenEndpoint", - "UserInfoEndpoint" + "Type" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.Certificate": { + "AWS::EC2::VPCBlockPublicAccessExclusion": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig": { - "additionalProperties": false, - "properties": { - "ContentType": { - "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", - "title": "ContentType", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MessageBody": { - "markdownDescription": "The message.", - "title": "MessageBody", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InternetGatewayExclusionMode": { + "markdownDescription": "The desired VPC Block Public Access mode for a specific VPC or subnet exclusion.\n\n- `allow-bidirectional` : Allow all internet traffic to and from the excluded VPCs and subnets.\n- `allow-egress` : Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to `block-bidirectional` .", + "title": "InternetGatewayExclusionMode", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet you want to exclude. Required only if you don't specify VpcId.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC you want to exclude. Required only if you don't specify SubnetId.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "InternetGatewayExclusionMode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::VPCBlockPublicAccessExclusion" + ], "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", - "title": "StatusCode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "StatusCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.ForwardConfig": { + "AWS::EC2::VPCBlockPublicAccessOptions": { "additionalProperties": false, "properties": { - "TargetGroupStickinessConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig", - "markdownDescription": "Information about the target group stickiness for a rule.", - "title": "TargetGroupStickinessConfig" + "Condition": { + "type": "string" }, - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InternetGatewayBlockMode": { + "markdownDescription": "The desired VPC Block Public Access mode for internet gateways in your account. We do not allow you to create this resource type in an \"off\" mode since off is the default value.\n\n- `block-bidirectional` : Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).\n- `block-ingress` : Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.", + "title": "InternetGatewayBlockMode", + "type": "string" + } }, - "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", - "title": "TargetGroups", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication": { - "additionalProperties": false, - "properties": { - "IgnoreClientCertificateExpiry": { - "markdownDescription": "Indicates whether expired client certificates are ignored.", - "title": "IgnoreClientCertificateExpiry", - "type": "boolean" + "required": [ + "InternetGatewayBlockMode" + ], + "type": "object" }, - "Mode": { - "markdownDescription": "The client certificate handling method. Options are `off` , `passthrough` or `verify` . The default value is `off` .", - "title": "Mode", + "Type": { + "enum": [ + "AWS::EC2::VPCBlockPublicAccessOptions" + ], "type": "string" }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.RedirectConfig": { + "AWS::EC2::VPCCidrBlock": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", - "title": "Host", + "Condition": { "type": "string" }, - "Path": { - "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", - "title": "Path", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", - "title": "Port", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Protocol": { - "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", - "title": "Protocol", - "type": "string" + "Metadata": { + "type": "object" }, - "Query": { - "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", - "title": "Query", + "Properties": { + "additionalProperties": false, + "properties": { + "AmazonProvidedIpv6CidrBlock": { + "markdownDescription": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.", + "title": "AmazonProvidedIpv6CidrBlock", + "type": "boolean" + }, + "CidrBlock": { + "markdownDescription": "An IPv4 CIDR block to associate with the VPC.", + "title": "CidrBlock", + "type": "string" + }, + "Ipv4IpamPoolId": { + "markdownDescription": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4IpamPoolId", + "type": "string" + }, + "Ipv4NetmaskLength": { + "markdownDescription": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv4NetmaskLength", + "type": "number" + }, + "Ipv6CidrBlock": { + "markdownDescription": "An IPv6 CIDR block from the IPv6 address pool. You must also specify `Ipv6Pool` in the request.\n\nTo let Amazon choose the IPv6 CIDR block for you, omit this parameter.", + "title": "Ipv6CidrBlock", + "type": "string" + }, + "Ipv6CidrBlockNetworkBorderGroup": { + "markdownDescription": "The name of the location from which we advertise the IPV6 CIDR block. Use this parameter to limit the CIDR block to this location.\n\nYou must set `AmazonProvidedIpv6CidrBlock` to `true` to use this parameter.\n\nYou can have one IPv6 CIDR block association per network border group.", + "title": "Ipv6CidrBlockNetworkBorderGroup", + "type": "string" + }, + "Ipv6IpamPoolId": { + "markdownDescription": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv6IpamPoolId", + "type": "string" + }, + "Ipv6NetmaskLength": { + "markdownDescription": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", + "title": "Ipv6NetmaskLength", + "type": "number" + }, + "Ipv6Pool": { + "markdownDescription": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", + "title": "Ipv6Pool", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::VPCCidrBlock" + ], "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", - "title": "StatusCode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "StatusCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig": { + "AWS::EC2::VPCDHCPOptionsAssociation": { "additionalProperties": false, "properties": { - "DurationSeconds": { - "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", - "title": "DurationSeconds", - "type": "number" + "Condition": { + "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether target group stickiness is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple": { - "additionalProperties": false, - "properties": { - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "TargetGroupArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Weight": { - "markdownDescription": "The weight. The range is 0 to 999.", - "title": "Weight", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DhcpOptionsId": { + "markdownDescription": "The ID of the DHCP options set, or `default` to associate no DHCP options with the VPC.", + "title": "DhcpOptionsId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "DhcpOptionsId", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::VPCDHCPOptionsAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerCertificate": { + "AWS::EC2::VPCEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -93278,29 +101025,97 @@ "Properties": { "additionalProperties": false, "properties": { - "Certificates": { + "DnsOptions": { + "$ref": "#/definitions/AWS::EC2::VPCEndpoint.DnsOptionsSpecification", + "markdownDescription": "Describes the DNS options for an endpoint.", + "title": "DnsOptions" + }, + "IpAddressType": { + "markdownDescription": "The supported IP address types.", + "title": "IpAddressType", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n\nFor CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. For example, if you have a JSON policy, you can convert it to YAML before including it in the YAML template, and AWS CloudFormation converts the policy to JSON format before calling the API actions for AWS PrivateLink . Alternatively, you can include the JSON directly in the YAML, as shown in the following `Properties` section:\n\n`Properties: VpcEndpointType: 'Interface' ServiceName: !Sub 'com.amazonaws.${AWS::Region}.logs' PolicyDocument: '{ \"Version\":\"2012-10-17\", \"Statement\": [{ \"Effect\":\"Allow\", \"Principal\":\"*\", \"Action\":[\"logs:Describe*\",\"logs:Get*\",\"logs:List*\",\"logs:FilterLogEvents\"], \"Resource\":\"*\" }] }'`", + "title": "PolicyDocument", + "type": "object" + }, + "PrivateDnsEnabled": { + "markdownDescription": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, `kinesis.us-east-1.amazonaws.com` ), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to `true` : `enableDnsHostnames` and `enableDnsSupport` .\n\nThis property is supported only for interface endpoints.\n\nDefault: `false`", + "title": "PrivateDnsEnabled", + "type": "boolean" + }, + "ResourceConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource configuration.", + "title": "ResourceConfigurationArn", + "type": "string" + }, + "RouteTableIds": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate" + "type": "string" }, - "markdownDescription": "The certificate. You can specify one certificate per resource.", - "title": "Certificates", + "markdownDescription": "The IDs of the route tables. Routing is supported only for gateway endpoints.", + "title": "RouteTableIds", "type": "array" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints.", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServiceName": { + "markdownDescription": "The name of the endpoint service.", + "title": "ServiceName", + "type": "string" + }, + "ServiceNetworkArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service network.", + "title": "ServiceNetworkArn", + "type": "string" + }, + "ServiceRegion": { + "markdownDescription": "Describes a Region.", + "title": "ServiceRegion", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the endpoint.", + "title": "Tags", + "type": "array" + }, + "VpcEndpointType": { + "markdownDescription": "The type of endpoint.\n\nDefault: Gateway", + "title": "VpcEndpointType", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "required": [ - "Certificates", - "ListenerArn" + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::ListenerCertificate" + "AWS::EC2::VPCEndpoint" ], "type": "string" }, @@ -93319,18 +101134,23 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate": { + "AWS::EC2::VPCEndpoint.DnsOptionsSpecification": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", + "DnsRecordIpType": { + "markdownDescription": "The DNS records created for the endpoint.", + "title": "DnsRecordIpType", + "type": "string" + }, + "PrivateDnsOnlyForInboundResolverEndpoint": { + "markdownDescription": "Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint.", + "title": "PrivateDnsOnlyForInboundResolverEndpoint", "type": "string" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule": { + "AWS::EC2::VPCEndpointConnectionNotification": { "additionalProperties": false, "properties": { "Condition": { @@ -93365,43 +101185,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { + "ConnectionEvents": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.Action" + "type": "string" }, - "markdownDescription": "The actions.\n\nThe rule must include exactly one of the following types of actions: `forward` , `fixed-response` , or `redirect` , and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.", - "title": "Actions", + "markdownDescription": "The endpoint events for which to receive notifications. Valid values are `Accept` , `Connect` , `Delete` , and `Reject` .", + "title": "ConnectionEvents", "type": "array" }, - "Conditions": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition" - }, - "markdownDescription": "The conditions.\n\nThe rule can optionally include up to one of each of the following conditions: `http-request-method` , `host-header` , `path-pattern` , and `source-ip` . A rule can also optionally include one or more of each of the following conditions: `http-header` and `query-string` .", - "title": "Conditions", - "type": "array" + "ConnectionNotificationArn": { + "markdownDescription": "The ARN of the SNS topic for the notifications.", + "title": "ConnectionNotificationArn", + "type": "string" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", + "ServiceId": { + "markdownDescription": "The ID of the endpoint service.", + "title": "ServiceId", "type": "string" }, - "Priority": { - "markdownDescription": "The rule priority. A listener can't have multiple rules with the same priority.\n\nIf you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.", - "title": "Priority", - "type": "number" + "VPCEndpointId": { + "markdownDescription": "The ID of the endpoint.", + "title": "VPCEndpointId", + "type": "string" } }, "required": [ - "Actions", - "Conditions", - "Priority" + "ConnectionEvents", + "ConnectionNotificationArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::ListenerRule" + "AWS::EC2::VPCEndpointConnectionNotification" ], "type": "string" }, @@ -93420,47 +101236,111 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.Action": { + "AWS::EC2::VPCEndpointService": { "additionalProperties": false, "properties": { - "AuthenticateCognitoConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig", - "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", - "title": "AuthenticateCognitoConfig" - }, - "AuthenticateOidcConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig", - "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", - "title": "AuthenticateOidcConfig" + "Condition": { + "type": "string" }, - "FixedResponseConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig", - "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", - "title": "FixedResponseConfig" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ForwardConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig", - "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", - "title": "ForwardConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Order": { - "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", - "title": "Order", - "type": "number" + "Metadata": { + "type": "object" }, - "RedirectConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig", - "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", - "title": "RedirectConfig" + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptanceRequired": { + "markdownDescription": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted.", + "title": "AcceptanceRequired", + "type": "boolean" + }, + "ContributorInsightsEnabled": { + "markdownDescription": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink .", + "title": "ContributorInsightsEnabled", + "type": "boolean" + }, + "GatewayLoadBalancerArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers.", + "title": "GatewayLoadBalancerArns", + "type": "array" + }, + "NetworkLoadBalancerArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the Network Load Balancers.", + "title": "NetworkLoadBalancerArns", + "type": "array" + }, + "PayerResponsibility": { + "markdownDescription": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner.", + "title": "PayerResponsibility", + "type": "string" + }, + "SupportedIpAddressTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported IP address types. The possible values are `ipv4` and `ipv6` .", + "title": "SupportedIpAddressTypes", + "type": "array" + }, + "SupportedRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The Regions from which service consumers can access the service.", + "title": "SupportedRegions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the service.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", - "title": "TargetGroupArn", + "Type": { + "enum": [ + "AWS::EC2::VPCEndpointService" + ], "type": "string" }, - "Type": { - "markdownDescription": "The type of action.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, @@ -93469,411 +101349,159 @@ ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig": { + "AWS::EC2::VPCEndpointServicePermissions": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" - }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", + "Condition": { "type": "string" }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "number" + "Metadata": { + "type": "object" }, - "UserPoolArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", - "title": "UserPoolArn", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AllowedPrincipals": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked.", + "title": "AllowedPrincipals", + "type": "array" + }, + "ServiceId": { + "markdownDescription": "The ID of the service.", + "title": "ServiceId", + "type": "string" + } + }, + "required": [ + "ServiceId" + ], + "type": "object" }, - "UserPoolClientId": { - "markdownDescription": "The ID of the Amazon Cognito user pool client.", - "title": "UserPoolClientId", + "Type": { + "enum": [ + "AWS::EC2::VPCEndpointServicePermissions" + ], "type": "string" }, - "UserPoolDomain": { - "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", - "title": "UserPoolDomain", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "UserPoolArn", - "UserPoolClientId", - "UserPoolDomain" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig": { + "AWS::EC2::VPCGatewayAttachment": { "additionalProperties": false, "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": true, - "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AuthenticationRequestExtraParams", - "type": "object" + "Condition": { + "type": "string" }, - "AuthorizationEndpoint": { - "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "AuthorizationEndpoint", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ClientId": { - "markdownDescription": "The OAuth 2.0 client identifier.", - "title": "ClientId", - "type": "string" - }, - "ClientSecret": { - "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", - "title": "ClientSecret", - "type": "string" - }, - "Issuer": { - "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "Issuer", - "type": "string" - }, - "OnUnauthenticatedRequest": { - "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", - "title": "OnUnauthenticatedRequest", - "type": "string" - }, - "Scope": { - "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", - "title": "Scope", - "type": "string" - }, - "SessionCookieName": { - "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", - "title": "SessionCookieName", - "type": "string" - }, - "SessionTimeout": { - "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", - "title": "SessionTimeout", - "type": "number" - }, - "TokenEndpoint": { - "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "TokenEndpoint", - "type": "string" - }, - "UseExistingClientSecret": { - "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", - "title": "UseExistingClientSecret", - "type": "boolean" - }, - "UserInfoEndpoint": { - "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", - "title": "UserInfoEndpoint", - "type": "string" - } - }, - "required": [ - "AuthorizationEndpoint", - "ClientId", - "Issuer", - "TokenEndpoint", - "UserInfoEndpoint" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig": { - "additionalProperties": false, - "properties": { - "ContentType": { - "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", - "title": "ContentType", - "type": "string" - }, - "MessageBody": { - "markdownDescription": "The message.", - "title": "MessageBody", - "type": "string" - }, - "StatusCode": { - "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", - "title": "StatusCode", - "type": "string" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig": { - "additionalProperties": false, - "properties": { - "TargetGroupStickinessConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig", - "markdownDescription": "Information about the target group stickiness for a rule.", - "title": "TargetGroupStickinessConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple" - }, - "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", - "title": "TargetGroups", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). You must include at least one \".\" character. You can include only alphabetical characters after the final \".\" character.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the host name.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig": { - "additionalProperties": false, - "properties": { - "HttpHeaderName": { - "markdownDescription": "The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.", - "title": "HttpHeaderName", - "type": "string" + "Metadata": { + "type": "object" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf the same header appears multiple times in the request, we search them in order until a match is found.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue" + "Properties": { + "additionalProperties": false, + "properties": { + "InternetGatewayId": { + "markdownDescription": "The ID of the internet gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", + "title": "InternetGatewayId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", + "type": "string" + }, + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", + "title": "VpnGatewayId", + "type": "string" + } }, - "markdownDescription": "The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in `Values` using a '\\' character.\n\nIf you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key. You can omit the key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig": { - "additionalProperties": false, - "properties": { - "Host": { - "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", - "title": "Host", - "type": "string" - }, - "Path": { - "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", - "title": "Path", - "type": "string" - }, - "Port": { - "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", - "title": "Port", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", - "title": "Protocol", - "type": "string" + "required": [ + "VpcId" + ], + "type": "object" }, - "Query": { - "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", - "title": "Query", + "Type": { + "enum": [ + "AWS::EC2::VPCGatewayAttachment" + ], "type": "string" }, - "StatusCode": { - "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", - "title": "StatusCode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "StatusCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition": { - "additionalProperties": false, - "properties": { - "Field": { - "markdownDescription": "The field in the HTTP request. The following are the possible values:\n\n- `http-header`\n- `http-request-method`\n- `host-header`\n- `path-pattern`\n- `query-string`\n- `source-ip`", - "title": "Field", - "type": "string" - }, - "HostHeaderConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig", - "markdownDescription": "Information for a host header condition. Specify only when `Field` is `host-header` .", - "title": "HostHeaderConfig" - }, - "HttpHeaderConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig", - "markdownDescription": "Information for an HTTP header condition. Specify only when `Field` is `http-header` .", - "title": "HttpHeaderConfig" - }, - "HttpRequestMethodConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig", - "markdownDescription": "Information for an HTTP method condition. Specify only when `Field` is `http-request-method` .", - "title": "HttpRequestMethodConfig" - }, - "PathPatternConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig", - "markdownDescription": "Information for a path pattern condition. Specify only when `Field` is `path-pattern` .", - "title": "PathPatternConfig" - }, - "QueryStringConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig", - "markdownDescription": "Information for a query string condition. Specify only when `Field` is `query-string` .", - "title": "QueryStringConfig" - }, - "SourceIpConfig": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig", - "markdownDescription": "Information for a source IP condition. Specify only when `Field` is `source-ip` .", - "title": "SourceIpConfig" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The condition value. Specify only when `Field` is `host-header` or `path-pattern` . Alternatively, to specify multiple host names or multiple path patterns, use `HostHeaderConfig` or `PathPatternConfig` .\n\nIf `Field` is `host-header` and you're not using `HostHeaderConfig` , you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- - .\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)\n\nIf `Field` is `path-pattern` and you're not using `PathPatternConfig` , you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- _ - . $ / ~ \" ' @ : +\n- & (using &)\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported.\n\nIf you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig": { - "additionalProperties": false, - "properties": { - "DurationSeconds": { - "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", - "title": "DurationSeconds", - "type": "number" - }, - "Enabled": { - "markdownDescription": "Indicates whether target group stickiness is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple": { - "additionalProperties": false, - "properties": { - "TargetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", - "title": "TargetGroupArn", - "type": "string" - }, - "Weight": { - "markdownDescription": "The weight. The range is 0 to 999.", - "title": "Weight", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::LoadBalancer": { + "AWS::EC2::VPCPeeringConnection": { "additionalProperties": false, "properties": { "Condition": { @@ -93908,77 +101536,49 @@ "Properties": { "additionalProperties": false, "properties": { - "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { - "markdownDescription": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . The default is `on` .\n\nYou can't configure this property on a Network Load Balancer unless you associated a security group with the load balancer when you created it.", - "title": "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic", + "PeerOwnerId": { + "markdownDescription": "The AWS account ID of the owner of the accepter VPC.\n\nDefault: Your AWS account ID", + "title": "PeerOwnerId", "type": "string" }, - "IpAddressType": { - "markdownDescription": "The IP address type. Internal load balancers must use `ipv4` .\n\n[Application Load Balancers] The possible values are `ipv4` (IPv4 addresses), `dualstack` (IPv4 and IPv6 addresses), and `dualstack-without-public-ipv4` (public IPv6 addresses and private IPv4 and IPv6 addresses).\n\nApplication Load Balancer authentication supports IPv4 addresses only when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer can't complete the authentication process, resulting in HTTP 500 errors.\n\n[Network Load Balancers and Gateway Load Balancers] The possible values are `ipv4` (IPv4 addresses) and `dualstack` (IPv4 and IPv6 addresses).", - "title": "IpAddressType", + "PeerRegion": { + "markdownDescription": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.\n\nDefault: The Region in which you make the request.", + "title": "PeerRegion", "type": "string" }, - "LoadBalancerAttributes": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute" - }, - "markdownDescription": "The load balancer attributes. Attributes that you do not modify retain their current values.", - "title": "LoadBalancerAttributes", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", - "title": "Name", + "PeerRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.\n\nThis is required when you are peering a VPC in a different AWS account.", + "title": "PeerRoleArn", "type": "string" }, - "Scheme": { - "markdownDescription": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n\nThe nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n\nThe default is an Internet-facing load balancer.\n\nYou can't specify a scheme for a Gateway Load Balancer.", - "title": "Scheme", + "PeerVpcId": { + "markdownDescription": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.", + "title": "PeerVpcId", "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer.", - "title": "SecurityGroups", - "type": "array" - }, - "SubnetMappings": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping" - }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones. You can't specify Elastic IP addresses for your subnets.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n\n[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You can't specify Elastic IP addresses for your subnets.", - "title": "SubnetMappings", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers and Gateway Load Balancers] You can specify subnets from one or more Availability Zones.", - "title": "Subnets", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the load balancer.", + "markdownDescription": "Any tags assigned to the resource.", "title": "Tags", "type": "array" }, - "Type": { - "markdownDescription": "The type of load balancer. The default is `application` .", - "title": "Type", + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, + "required": [ + "PeerVpcId", + "VpcId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::LoadBalancer" + "AWS::EC2::VPCPeeringConnection" ], "type": "string" }, @@ -93992,56 +101592,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deletion_protection.enabled` - Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .\n- `load_balancing.cross_zone.enabled` - Indicates whether cross-zone load balancing is enabled. The possible values are `true` and `false` . The default for Network Load Balancers and Gateway Load Balancers is `false` . The default for Application Load Balancers is `true` , and can't be changed.\n\nThe following attributes are supported by both Application Load Balancers and Network Load Balancers:\n\n- `access_logs.s3.enabled` - Indicates whether access logs are enabled. The value is `true` or `false` . The default is `false` .\n- `access_logs.s3.bucket` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `access_logs.s3.prefix` - The prefix for the location in the S3 bucket for the access logs.\n- `ipv6.deny_all_igw_traffic` - Blocks internet gateway (IGW) access to the load balancer. It is set to `false` for internet-facing load balancers and `true` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.\n- `zonal_shift.config.enabled` - Indicates whether zonal shift is enabled. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Application Load Balancers:\n\n- `idle_timeout.timeout_seconds` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.\n- `client_keep_alive.seconds` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n- `connection_logs.s3.enabled` - Indicates whether connection logs are enabled. The value is `true` or `false` . The default is `false` .\n- `connection_logs.s3.bucket` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `connection_logs.s3.prefix` - The prefix for the location in the S3 bucket for the connection logs.\n- `routing.http.desync_mitigation_mode` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive` .\n- `routing.http.drop_invalid_header_fields.enabled` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( `true` ) or routed to targets ( `false` ). The default is `false` .\n- `routing.http.preserve_host_header.enabled` - Indicates whether the Application Load Balancer should preserve the `Host` header in the HTTP request and send it to the target without any change. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.x_amzn_tls_version_and_cipher_suite.enabled` - Indicates whether the two headers ( `x-amzn-tls-version` and `x-amzn-tls-cipher-suite` ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The `x-amzn-tls-version` header has information about the TLS protocol version negotiated with the client, and the `x-amzn-tls-cipher-suite` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are `true` and `false` . The default is `false` .\n- `routing.http.xff_client_port.enabled` - Indicates whether the `X-Forwarded-For` header should preserve the source port that the client used to connect to the load balancer. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.xff_header_processing.mode` - Enables you to modify, preserve, or remove the `X-Forwarded-For` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are `append` , `preserve` , and `remove` . The default is `append` .\n\n- If the value is `append` , the Application Load Balancer adds the client IP address (of the last hop) to the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- If the value is `preserve` the Application Load Balancer preserves the `X-Forwarded-For` header in the HTTP request, and sends it to targets without any change.\n- If the value is `remove` , the Application Load Balancer removes the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- `routing.http2.enabled` - Indicates whether HTTP/2 is enabled. The possible values are `true` and `false` . The default is `true` . Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.\n- `waf.fail_open.enabled` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Network Load Balancers:\n\n- `dns_record.client_routing_policy` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are `availability_zone_affinity` with 100 percent zonal affinity, `partial_availability_zone_affinity` with 85 percent zonal affinity, and `any_availability_zone` with 0 percent zonal affinity.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the attribute.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping": { - "additionalProperties": false, - "properties": { - "AllocationId": { - "markdownDescription": "[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.", - "title": "AllocationId", - "type": "string" - }, - "IPv6Address": { - "markdownDescription": "[Network Load Balancers] The IPv6 address.", - "title": "IPv6Address", - "type": "string" - }, - "PrivateIPv4Address": { - "markdownDescription": "[Network Load Balancers] The private IPv4 address for an internal load balancer.", - "title": "PrivateIPv4Address", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet.", - "title": "SubnetId", - "type": "string" - } - }, - "required": [ - "SubnetId" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup": { + "AWS::EC2::VPNConnection": { "additionalProperties": false, "properties": { "Condition": { @@ -94076,116 +101632,97 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthCheckEnabled": { - "markdownDescription": "Indicates whether health checks are enabled. If the target type is `lambda` , health checks are disabled by default but can be enabled. If the target type is `instance` , `ip` , or `alb` , health checks are always enabled and can't be disabled.", - "title": "HealthCheckEnabled", - "type": "boolean" - }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds. If the target type is `lambda` , the default is 35 seconds.", - "title": "HealthCheckIntervalSeconds", - "type": "number" - }, - "HealthCheckPath": { - "markdownDescription": "[HTTP/HTTPS health checks] The destination for health checks on the targets.\n\n[HTTP1 or HTTP2 protocol version] The ping path. The default is /.\n\n[GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is / AWS .ALB/healthcheck.", - "title": "HealthCheckPath", + "CustomerGatewayId": { + "markdownDescription": "The ID of the customer gateway at your end of the VPN connection.", + "title": "CustomerGatewayId", "type": "string" }, - "HealthCheckPort": { - "markdownDescription": "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port` , which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80.", - "title": "HealthCheckPort", - "type": "string" + "EnableAcceleration": { + "markdownDescription": "Indicate whether to enable acceleration for the VPN connection.\n\nDefault: `false`", + "title": "EnableAcceleration", + "type": "boolean" }, - "HealthCheckProtocol": { - "markdownDescription": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.", - "title": "HealthCheckProtocol", + "LocalIpv4NetworkCidr": { + "markdownDescription": "The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.\n\nDefault: `0.0.0.0/0`", + "title": "LocalIpv4NetworkCidr", "type": "string" }, - "HealthCheckTimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2\u2013120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is `lambda` , the default is 30 seconds.", - "title": "HealthCheckTimeoutSeconds", - "type": "number" - }, - "HealthyThresholdCount": { - "markdownDescription": "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 5. If the target type is `lambda` , the default is 5.", - "title": "HealthyThresholdCount", - "type": "number" - }, - "IpAddressType": { - "markdownDescription": "The IP address type. The default value is `ipv4` .", - "title": "IpAddressType", + "LocalIpv6NetworkCidr": { + "markdownDescription": "The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.\n\nDefault: `::/0`", + "title": "LocalIpv6NetworkCidr", "type": "string" }, - "Matcher": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.Matcher", - "markdownDescription": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499. For target groups with a protocol of GENEVE, the range is 200-399.", - "title": "Matcher" - }, - "Name": { - "markdownDescription": "The name of the target group.\n\nThis name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.", - "title": "Name", + "OutsideIpAddressType": { + "markdownDescription": "The type of IP address assigned to the outside interface of the customer gateway device.\n\nValid values: `PrivateIpv4` | `PublicIpv4` | `Ipv6`\n\nDefault: `PublicIpv4`", + "title": "OutsideIpAddressType", "type": "string" }, - "Port": { - "markdownDescription": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.", - "title": "Protocol", + "RemoteIpv4NetworkCidr": { + "markdownDescription": "The IPv4 CIDR on the AWS side of the VPN connection.\n\nDefault: `0.0.0.0/0`", + "title": "RemoteIpv4NetworkCidr", "type": "string" }, - "ProtocolVersion": { - "markdownDescription": "[HTTP/HTTPS protocol] The protocol version. The possible values are `GRPC` , `HTTP1` , and `HTTP2` .", - "title": "ProtocolVersion", + "RemoteIpv6NetworkCidr": { + "markdownDescription": "The IPv6 CIDR on the AWS side of the VPN connection.\n\nDefault: `::/0`", + "title": "RemoteIpv6NetworkCidr", "type": "string" }, + "StaticRoutesOnly": { + "markdownDescription": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n\nIf you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .", + "title": "StaticRoutesOnly", + "type": "boolean" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags.", + "markdownDescription": "Any tags assigned to the VPN connection.", "title": "Tags", "type": "array" }, - "TargetGroupAttributes": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute" - }, - "markdownDescription": "The target group attributes. Attributes that you do not modify retain their current values.", - "title": "TargetGroupAttributes", - "type": "array" + "TransitGatewayId": { + "markdownDescription": "The ID of the transit gateway associated with the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", + "title": "TransitGatewayId", + "type": "string" }, - "TargetType": { - "markdownDescription": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.\n\n- `instance` - Register targets by instance ID. This is the default value.\n- `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n- `lambda` - Register a single Lambda function as a target.\n- `alb` - Register a single Application Load Balancer as a target.", - "title": "TargetType", + "TransportTransitGatewayAttachmentId": { + "markdownDescription": "The transit gateway attachment ID to use for the VPN tunnel.\n\nRequired if `OutsideIpAddressType` is set to `PrivateIpv4` .", + "title": "TransportTransitGatewayAttachmentId", "type": "string" }, - "Targets": { - "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription" - }, - "markdownDescription": "The targets.", - "title": "Targets", - "type": "array" + "TunnelInsideIpVersion": { + "markdownDescription": "Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.\n\nDefault: `ipv4`", + "title": "TunnelInsideIpVersion", + "type": "string" }, - "UnhealthyThresholdCount": { - "markdownDescription": "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 2. If the target type is `lambda` , the default is 5.", - "title": "UnhealthyThresholdCount", - "type": "number" + "Type": { + "markdownDescription": "The type of VPN connection.", + "title": "Type", + "type": "string" }, - "VpcId": { - "markdownDescription": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply. Otherwise, this parameter is required.", - "title": "VpcId", + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", + "title": "VpnGatewayId", "type": "string" + }, + "VpnTunnelOptionsSpecifications": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification" + }, + "markdownDescription": "The tunnel options for the VPN connection.", + "title": "VpnTunnelOptionsSpecifications", + "type": "array" } }, + "required": [ + "CustomerGatewayId", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TargetGroup" + "AWS::EC2::VPNConnection" ], "type": "string" }, @@ -94199,67 +101736,248 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup.Matcher": { + "AWS::EC2::VPNConnection.CloudwatchLogOptionsSpecification": { "additionalProperties": false, "properties": { - "GrpcCode": { - "markdownDescription": "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12.", - "title": "GrpcCode", + "LogEnabled": { + "markdownDescription": "Enable or disable VPN tunnel logging feature. Default value is `False` .\n\nValid values: `True` | `False`", + "title": "LogEnabled", + "type": "boolean" + }, + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to.", + "title": "LogGroupArn", "type": "string" }, - "HttpCode": { - "markdownDescription": "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Gateway Load Balancers, this must be \"200\u2013399\".\n\nNote that when using shorthand syntax, some values such as commas need to be escaped.", - "title": "HttpCode", + "LogOutputFormat": { + "markdownDescription": "Set log format. Default format is `json` .\n\nValid values: `json` | `text`", + "title": "LogOutputFormat", "type": "string" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription": { + "AWS::EC2::VPNConnection.IKEVersionsRequestListValue": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "An Availability Zone or `all` . This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer.\n\nFor Application Load Balancer target groups, the specified Availability Zone value is only applicable when cross-zone load balancing is off. Otherwise the parameter is ignored and treated as `all` .\n\nThis parameter is not supported if the target type of the target group is `instance` or `alb` .\n\nIf the target type is `ip` and the IP address is in a subnet of the VPC for the target group, the Availability Zone is automatically detected and this parameter is optional. If the IP address is outside the VPC, this parameter is required.\n\nFor Application Load Balancer target groups with cross-zone load balancing off, if the target type is `ip` and the IP address is outside of the VPC for the target group, this should be an Availability Zone inside the VPC for the target group.\n\nIf the target type is `lambda` , this parameter is optional and the only supported value is `all` .", - "title": "AvailabilityZone", + "Value": { + "markdownDescription": "The IKE version.", + "title": "Value", "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the target. If the target type of the target group is `instance` , specify an instance ID. If the target type is `ip` , specify an IP address. If the target type is `lambda` , specify the ARN of the Lambda function. If the target type is `alb` , specify the ARN of the Application Load Balancer target.", - "title": "Id", + } + }, + "type": "object" + }, + "AWS::EC2::VPNConnection.Phase1DHGroupNumbersRequestListValue": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The Diffie-Hellmann group number.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EC2::VPNConnection.Phase1EncryptionAlgorithmsRequestListValue": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The value for the encryption algorithm.", + "title": "Value", "type": "string" - }, - "Port": { - "markdownDescription": "The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is `alb` , the targeted Application Load Balancer must have at least one listener whose port matches the target group port. This parameter is not used if the target is a Lambda function.", - "title": "Port", + } + }, + "type": "object" + }, + "AWS::EC2::VPNConnection.Phase1IntegrityAlgorithmsRequestListValue": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The value for the integrity algorithm.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VPNConnection.Phase2DHGroupNumbersRequestListValue": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The Diffie-Hellmann group number.", + "title": "Value", "type": "number" } }, - "required": [ - "Id" - ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute": { + "AWS::EC2::VPNConnection.Phase2EncryptionAlgorithmsRequestListValue": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deregistration_delay.timeout_seconds` - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from `draining` to `unused` . The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.\n- `stickiness.enabled` - Indicates whether target stickiness is enabled. The value is `true` or `false` . The default is `false` .\n- `stickiness.type` - Indicates the type of stickiness. The possible values are:\n\n- `lb_cookie` and `app_cookie` for Application Load Balancers.\n- `source_ip` for Network Load Balancers.\n- `source_ip_dest_ip` and `source_ip_dest_ip_proto` for Gateway Load Balancers.\n\nThe following attributes are supported by Application Load Balancers and Network Load Balancers:\n\n- `load_balancing.cross_zone.enabled` - Indicates whether cross zone load balancing is enabled. The value is `true` , `false` or `use_load_balancer_configuration` . The default is `use_load_balancer_configuration` .\n- `target_group_health.dns_failover.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to the maximum number of targets. The default is 1.\n- `target_group_health.dns_failover.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are 1 to the maximum number of targets. The default is 1.\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n\nThe following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:\n\n- `load_balancing.algorithm.type` - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is `round_robin` , `least_outstanding_requests` , or `weighted_random` . The default is `round_robin` .\n- `load_balancing.algorithm.anomaly_mitigation` - Only available when `load_balancing.algorithm.type` is `weighted_random` . Indicates whether anomaly mitigation is enabled. The value is `on` or `off` . The default is `off` .\n- `slow_start.duration_seconds` - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).\n- `stickiness.app_cookie.cookie_name` - Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: `AWSALB` , `AWSALBAPP` , and `AWSALBTG` ; they're reserved for use by the load balancer.\n- `stickiness.app_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n- `stickiness.lb_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n\nThe following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:\n\n- `lambda.multi_value_headers.enabled` - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is `true` or `false` . The default is `false` . If the value is `false` and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.\n\nThe following attributes are supported only by Network Load Balancers:\n\n- `deregistration_delay.connection_termination.enabled` - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is `true` or `false` . For new UDP/TCP_UDP target groups the default is `true` . Otherwise, the default is `false` .\n- `preserve_client_ip.enabled` - Indicates whether client IP preservation is enabled. The value is `true` or `false` . The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation can't be disabled for UDP and TCP_UDP target groups.\n- `proxy_protocol_v2.enabled` - Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` .\n- `target_health_state.unhealthy.connection_termination.enabled` - Indicates whether the load balancer terminates connections to unhealthy targets. The value is `true` or `false` . The default is `true` . This attribute can't be enabled for UDP and TCP_UDP target groups.\n- `target_health_state.unhealthy.draining_interval_seconds` - The amount of time for Elastic Load Balancing to wait before changing the state of an unhealthy target from `unhealthy.draining` to `unhealthy` . The range is 0-360000 seconds. The default value is 0 seconds.\n\nNote: This attribute can only be configured when `target_health_state.unhealthy.connection_termination.enabled` is `false` .\n\nThe following attributes are supported only by Gateway Load Balancers:\n\n- `target_failover.on_deregistration` - Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.\n- `target_failover.on_unhealthy` - Indicates how the Gateway Load Balancer handles existing flows when a target is unhealthy. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.", - "title": "Key", + "Value": { + "markdownDescription": "The encryption algorithm.", + "title": "Value", "type": "string" - }, + } + }, + "type": "object" + }, + "AWS::EC2::VPNConnection.Phase2IntegrityAlgorithmsRequestListValue": { + "additionalProperties": false, + "properties": { "Value": { - "markdownDescription": "The value of the attribute.", + "markdownDescription": "The integrity algorithm.", "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStore": { + "AWS::EC2::VPNConnection.VpnTunnelLogOptionsSpecification": { + "additionalProperties": false, + "properties": { + "CloudwatchLogOptions": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.CloudwatchLogOptionsSpecification", + "markdownDescription": "Options for sending VPN tunnel logs to CloudWatch.", + "title": "CloudwatchLogOptions" + } + }, + "type": "object" + }, + "AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification": { + "additionalProperties": false, + "properties": { + "DPDTimeoutAction": { + "markdownDescription": "The action to take after DPD timeout occurs. Specify `restart` to restart the IKE initiation. Specify `clear` to end the IKE session.\n\nValid Values: `clear` | `none` | `restart`\n\nDefault: `clear`", + "title": "DPDTimeoutAction", + "type": "string" + }, + "DPDTimeoutSeconds": { + "markdownDescription": "The number of seconds after which a DPD timeout occurs.\n\nConstraints: A value greater than or equal to 30.\n\nDefault: `30`", + "title": "DPDTimeoutSeconds", + "type": "number" + }, + "EnableTunnelLifecycleControl": { + "markdownDescription": "Turn on or off tunnel endpoint lifecycle control feature.", + "title": "EnableTunnelLifecycleControl", + "type": "boolean" + }, + "IKEVersions": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.IKEVersionsRequestListValue" + }, + "markdownDescription": "The IKE versions that are permitted for the VPN tunnel.\n\nValid values: `ikev1` | `ikev2`", + "title": "IKEVersions", + "type": "array" + }, + "LogOptions": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelLogOptionsSpecification", + "markdownDescription": "Options for logging VPN tunnel activity.", + "title": "LogOptions" + }, + "Phase1DHGroupNumbers": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1DHGroupNumbersRequestListValue" + }, + "markdownDescription": "One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `2` | `14` | `15` | `16` | `17` | `18` | `19` | `20` | `21` | `22` | `23` | `24`", + "title": "Phase1DHGroupNumbers", + "type": "array" + }, + "Phase1EncryptionAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1EncryptionAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `AES128` | `AES256` | `AES128-GCM-16` | `AES256-GCM-16`", + "title": "Phase1EncryptionAlgorithms", + "type": "array" + }, + "Phase1IntegrityAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase1IntegrityAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.\n\nValid values: `SHA1` | `SHA2-256` | `SHA2-384` | `SHA2-512`", + "title": "Phase1IntegrityAlgorithms", + "type": "array" + }, + "Phase1LifetimeSeconds": { + "markdownDescription": "The lifetime for phase 1 of the IKE negotiation, in seconds.\n\nConstraints: A value between 900 and 28,800.\n\nDefault: `28800`", + "title": "Phase1LifetimeSeconds", + "type": "number" + }, + "Phase2DHGroupNumbers": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2DHGroupNumbersRequestListValue" + }, + "markdownDescription": "One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `2` | `5` | `14` | `15` | `16` | `17` | `18` | `19` | `20` | `21` | `22` | `23` | `24`", + "title": "Phase2DHGroupNumbers", + "type": "array" + }, + "Phase2EncryptionAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2EncryptionAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `AES128` | `AES256` | `AES128-GCM-16` | `AES256-GCM-16`", + "title": "Phase2EncryptionAlgorithms", + "type": "array" + }, + "Phase2IntegrityAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::EC2::VPNConnection.Phase2IntegrityAlgorithmsRequestListValue" + }, + "markdownDescription": "One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.\n\nValid values: `SHA1` | `SHA2-256` | `SHA2-384` | `SHA2-512`", + "title": "Phase2IntegrityAlgorithms", + "type": "array" + }, + "Phase2LifetimeSeconds": { + "markdownDescription": "The lifetime for phase 2 of the IKE negotiation, in seconds.\n\nConstraints: A value between 900 and 3,600. The value must be less than the value for `Phase1LifetimeSeconds` .\n\nDefault: `3600`", + "title": "Phase2LifetimeSeconds", + "type": "number" + }, + "PreSharedKey": { + "markdownDescription": "The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.\n\nConstraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).", + "title": "PreSharedKey", + "type": "string" + }, + "RekeyFuzzPercentage": { + "markdownDescription": "The percentage of the rekey window (determined by `RekeyMarginTimeSeconds` ) during which the rekey time is randomly selected.\n\nConstraints: A value between 0 and 100.\n\nDefault: `100`", + "title": "RekeyFuzzPercentage", + "type": "number" + }, + "RekeyMarginTimeSeconds": { + "markdownDescription": "The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `RekeyFuzzPercentage` .\n\nConstraints: A value between 60 and half of `Phase2LifetimeSeconds` .\n\nDefault: `270`", + "title": "RekeyMarginTimeSeconds", + "type": "number" + }, + "ReplayWindowSize": { + "markdownDescription": "The number of packets in an IKE replay window.\n\nConstraints: A value between 64 and 2048.\n\nDefault: `1024`", + "title": "ReplayWindowSize", + "type": "number" + }, + "StartupAction": { + "markdownDescription": "The action to take when the establishing the tunnel for the VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify `start` for AWS to initiate the IKE negotiation.\n\nValid Values: `add` | `start`\n\nDefault: `add`", + "title": "StartupAction", + "type": "string" + }, + "TunnelInsideCidr": { + "markdownDescription": "The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.\n\nConstraints: A size /30 CIDR block from the `169.254.0.0/16` range. The following CIDR blocks are reserved and cannot be used:\n\n- `169.254.0.0/30`\n- `169.254.1.0/30`\n- `169.254.2.0/30`\n- `169.254.3.0/30`\n- `169.254.4.0/30`\n- `169.254.5.0/30`\n- `169.254.169.252/30`", + "title": "TunnelInsideCidr", + "type": "string" + }, + "TunnelInsideIpv6Cidr": { + "markdownDescription": "The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same transit gateway.\n\nConstraints: A size /126 CIDR block from the local `fd00::/8` range.", + "title": "TunnelInsideIpv6Cidr", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VPNConnectionRoute": { "additionalProperties": false, "properties": { "Condition": { @@ -94294,40 +102012,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CaCertificatesBundleS3Bucket": { - "markdownDescription": "The Amazon S3 bucket for the ca certificates bundle.", - "title": "CaCertificatesBundleS3Bucket", - "type": "string" - }, - "CaCertificatesBundleS3Key": { - "markdownDescription": "The Amazon S3 path for the ca certificates bundle.", - "title": "CaCertificatesBundleS3Key", - "type": "string" - }, - "CaCertificatesBundleS3ObjectVersion": { - "markdownDescription": "The Amazon S3 object version for the ca certificates bundle. If undefined the current version is used.", - "title": "CaCertificatesBundleS3ObjectVersion", + "DestinationCidrBlock": { + "markdownDescription": "The CIDR block associated with the local subnet of the customer network.", + "title": "DestinationCidrBlock", "type": "string" }, - "Name": { - "markdownDescription": "The name of the trust store.", - "title": "Name", + "VpnConnectionId": { + "markdownDescription": "The ID of the VPN connection.", + "title": "VpnConnectionId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the trust store.", - "title": "Tags", - "type": "array" } }, + "required": [ + "DestinationCidrBlock", + "VpnConnectionId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TrustStore" + "AWS::EC2::VPNConnectionRoute" ], "type": "string" }, @@ -94341,11 +102045,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation": { + "AWS::EC2::VPNGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -94380,25 +102085,33 @@ "Properties": { "additionalProperties": false, "properties": { - "RevocationContents": { + "AmazonSideAsn": { + "markdownDescription": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session.", + "title": "AmazonSideAsn", + "type": "number" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The revocation file to add.", - "title": "RevocationContents", + "markdownDescription": "Any tags assigned to the virtual private gateway.", + "title": "Tags", "type": "array" }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", + "Type": { + "markdownDescription": "The type of VPN connection the virtual private gateway supports.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation" + "AWS::EC2::VPNGateway" ], "type": "string" }, @@ -94412,63 +102125,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent": { - "additionalProperties": false, - "properties": { - "RevocationType": { - "markdownDescription": "The type of revocation file.", - "title": "RevocationType", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket for the revocation file.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The Amazon S3 path for the revocation file.", - "title": "S3Key", - "type": "string" - }, - "S3ObjectVersion": { - "markdownDescription": "The Amazon S3 object version of the revocation file.", - "title": "S3ObjectVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.TrustStoreRevocation": { - "additionalProperties": false, - "properties": { - "NumberOfRevokedEntries": { - "markdownDescription": "The number of revoked certificates.", - "title": "NumberOfRevokedEntries", - "type": "number" - }, - "RevocationId": { - "markdownDescription": "The revocation ID of the revocation file.", - "title": "RevocationId", - "type": "string" - }, - "RevocationType": { - "markdownDescription": "The type of revocation file.", - "title": "RevocationType", - "type": "string" - }, - "TrustStoreArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", - "title": "TrustStoreArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain": { + "AWS::EC2::VPNGatewayRoutePropagation": { "additionalProperties": false, "properties": { "Condition": { @@ -94503,102 +102165,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guid* e.", - "title": "AccessPolicies", - "type": "object" - }, - "AdvancedOptions": { - "additionalProperties": true, - "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [Advanced cluster parameters](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) in the *Amazon OpenSearch Service Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdvancedOptions", - "type": "object" - }, - "AdvancedSecurityOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput", - "markdownDescription": "Specifies options for fine-grained access control.", - "title": "AdvancedSecurityOptions" - }, - "CognitoOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.CognitoOptions", - "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", - "title": "CognitoOptions" - }, - "DomainEndpointOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.DomainEndpointOptions", - "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", - "title": "DomainEndpointOptions" - }, - "DomainName": { - "markdownDescription": "A name for the OpenSearch Service domain. For valid values, see the [DomainName](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-datatypes-domainname) data type in the *Amazon OpenSearch Service Developer Guide* . If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DomainName", - "type": "string" - }, - "EBSOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.EBSOptions", - "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "EBSOptions" - }, - "ElasticsearchClusterConfig": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ElasticsearchClusterConfig", - "markdownDescription": "ElasticsearchClusterConfig is a property of the AWS::Elasticsearch::Domain resource that configures the cluster of an Amazon OpenSearch Service domain.", - "title": "ElasticsearchClusterConfig" - }, - "ElasticsearchVersion": { - "markdownDescription": "The version of Elasticsearch to use, such as 2.3. If not specified, 1.5 is used as the default. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `ElasticsearchVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `ElasticsearchVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "ElasticsearchVersion", - "type": "string" - }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.EncryptionAtRestOptions", - "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS Key Management Service key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .", - "title": "EncryptionAtRestOptions" - }, - "LogPublishingOptions": { - "additionalProperties": false, - "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.LogPublishingOption" - } - }, - "title": "LogPublishingOptions", - "type": "object" - }, - "NodeToNodeEncryptionOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions", - "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", - "title": "NodeToNodeEncryptionOptions" - }, - "SnapshotOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.SnapshotOptions", - "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indices.", - "title": "SnapshotOptions" - }, - "Tags": { + "RouteTableIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", - "title": "Tags", + "markdownDescription": "The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to.", + "title": "RouteTableIds", "type": "array" }, - "VPCOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.VPCOptions", - "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "VPCOptions" + "VpnGatewayId": { + "markdownDescription": "The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with.", + "title": "VpnGatewayId", + "type": "string" } }, + "required": [ + "RouteTableIds", + "VpnGatewayId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Elasticsearch::Domain" + "AWS::EC2::VPNGatewayRoutePropagation" ], "type": "string" }, @@ -94612,300 +102201,336 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { - "additionalProperties": false, - "properties": { - "AnonymousAuthEnabled": { - "markdownDescription": "", - "title": "AnonymousAuthEnabled", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption.", - "title": "Enabled", - "type": "boolean" - }, - "InternalUserDatabaseEnabled": { - "markdownDescription": "True to enable the internal user database.", - "title": "InternalUserDatabaseEnabled", - "type": "boolean" - }, - "MasterUserOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.MasterUserOptions", - "markdownDescription": "Specifies information about the master user.", - "title": "MasterUserOptions" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.CognitoOptions": { + "AWS::EC2::VerifiedAccessEndpoint": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", - "title": "Enabled", - "type": "boolean" - }, - "IdentityPoolId": { - "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", - "title": "IdentityPoolId", + "Condition": { "type": "string" }, - "RoleArn": { - "markdownDescription": "The `AmazonESCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool. Required if you enable Cognito authentication.", - "title": "RoleArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "UserPoolId": { - "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", - "title": "UserPoolId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationDomain": { + "markdownDescription": "The DNS name for users to reach your application.", + "title": "ApplicationDomain", + "type": "string" + }, + "AttachmentType": { + "markdownDescription": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", + "title": "AttachmentType", + "type": "string" + }, + "CidrOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.CidrOptions", + "markdownDescription": "The options for a CIDR endpoint.", + "title": "CidrOptions" + }, + "Description": { + "markdownDescription": "A description for the AWS Verified Access endpoint.", + "title": "Description", + "type": "string" + }, + "DomainCertificateArn": { + "markdownDescription": "The ARN of a public TLS/SSL certificate imported into or created with ACM.", + "title": "DomainCertificateArn", + "type": "string" + }, + "EndpointDomainPrefix": { + "markdownDescription": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.", + "title": "EndpointDomainPrefix", + "type": "string" + }, + "EndpointType": { + "markdownDescription": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.", + "title": "EndpointType", + "type": "string" + }, + "LoadBalancerOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions", + "markdownDescription": "The load balancer details if creating the AWS Verified Access endpoint as `load-balancer` type.", + "title": "LoadBalancerOptions" + }, + "NetworkInterfaceOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions", + "markdownDescription": "The options for network-interface type endpoint.", + "title": "NetworkInterfaceOptions" + }, + "PolicyDocument": { + "markdownDescription": "The Verified Access policy document.", + "title": "PolicyDocument", + "type": "string" + }, + "PolicyEnabled": { + "markdownDescription": "The status of the Verified Access policy.", + "title": "PolicyEnabled", + "type": "boolean" + }, + "RdsOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.RdsOptions", + "markdownDescription": "The options for an RDS endpoint.", + "title": "RdsOptions" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for the endpoint.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" + }, + "VerifiedAccessGroupId": { + "markdownDescription": "The ID of the AWS Verified Access group.", + "title": "VerifiedAccessGroupId", + "type": "string" + } + }, + "required": [ + "AttachmentType", + "EndpointType", + "VerifiedAccessGroupId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::VerifiedAccessEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Elasticsearch::Domain.ColdStorageOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage in order to enable cold storage.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.DomainEndpointOptions": { + "AWS::EC2::VerifiedAccessEndpoint.CidrOptions": { "additionalProperties": false, "properties": { - "CustomEndpoint": { - "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpoint", - "type": "string" - }, - "CustomEndpointCertificateArn": { - "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpointCertificateArn", + "Cidr": { + "markdownDescription": "The CIDR.", + "title": "Cidr", "type": "string" }, - "CustomEndpointEnabled": { - "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", - "title": "CustomEndpointEnabled", - "type": "boolean" - }, - "EnforceHTTPS": { - "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS.", - "title": "EnforceHTTPS", - "type": "boolean" + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" }, - "TLSSecurityPolicy": { - "markdownDescription": "The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:\n\n- `Policy-Min-TLS-1-0-2019-07`\n- `Policy-Min-TLS-1-2-2019-07`", - "title": "TLSSecurityPolicy", + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets.", + "title": "SubnetIds", + "type": "array" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.EBSOptions": { + "AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions": { "additionalProperties": false, "properties": { - "EBSEnabled": { - "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", - "title": "EBSEnabled", - "type": "boolean" + "LoadBalancerArn": { + "markdownDescription": "The ARN of the load balancer.", + "title": "LoadBalancerArn", + "type": "string" }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to provisioned IOPS EBS volume types.", - "title": "Iops", + "Port": { + "markdownDescription": "The IP port number.", + "title": "Port", "type": "number" }, - "VolumeSize": { - "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "VolumeSize", - "type": "number" + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" }, - "VolumeType": { - "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain, such as standard, gp2, or io1. For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", - "title": "VolumeType", + "Protocol": { + "markdownDescription": "The IP protocol.", + "title": "Protocol", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", + "title": "SubnetIds", + "type": "array" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.ElasticsearchClusterConfig": { + "AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions": { "additionalProperties": false, "properties": { - "ColdStorageOptions": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ColdStorageOptions", - "markdownDescription": "Specifies cold storage options for the domain.", - "title": "ColdStorageOptions" - }, - "DedicatedMasterCount": { - "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify true for the DedicatedMasterEnabled property.", - "title": "DedicatedMasterCount", - "type": "number" - }, - "DedicatedMasterEnabled": { - "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", - "title": "DedicatedMasterEnabled", - "type": "boolean" - }, - "DedicatedMasterType": { - "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.elasticsearch` . If you specify this property, you must specify true for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "DedicatedMasterType", - "type": "string" - }, - "InstanceCount": { - "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The instance type for your data nodes, such as `m3.medium.elasticsearch` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "InstanceType", + "NetworkInterfaceId": { + "markdownDescription": "The ID of the network interface.", + "title": "NetworkInterfaceId", "type": "string" }, - "WarmCount": { - "markdownDescription": "The number of warm nodes in the cluster. Required if you enable warm storage.", - "title": "WarmCount", + "Port": { + "markdownDescription": "The IP port number.", + "title": "Port", "type": "number" }, - "WarmEnabled": { - "markdownDescription": "Whether to enable warm storage for the cluster.", - "title": "WarmEnabled", - "type": "boolean" + "PortRanges": { + "items": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.PortRange" + }, + "markdownDescription": "The port ranges.", + "title": "PortRanges", + "type": "array" }, - "WarmType": { - "markdownDescription": "The instance type for the cluster's warm nodes. Required if you enable warm storage.", - "title": "WarmType", + "Protocol": { + "markdownDescription": "The IP protocol.", + "title": "Protocol", "type": "string" - }, - "ZoneAwarenessConfig": { - "$ref": "#/definitions/AWS::Elasticsearch::Domain.ZoneAwarenessConfig", - "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", - "title": "ZoneAwarenessConfig" - }, - "ZoneAwarenessEnabled": { - "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", - "title": "ZoneAwarenessEnabled", - "type": "boolean" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.EncryptionAtRestOptions": { + "AWS::EC2::VerifiedAccessEndpoint.PortRange": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable encryption at rest.", - "title": "Enabled", - "type": "boolean" + "FromPort": { + "markdownDescription": "The start of the port range.", + "title": "FromPort", + "type": "number" }, - "KmsKeyId": { - "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.", - "title": "KmsKeyId", - "type": "string" + "ToPort": { + "markdownDescription": "The end of the port range.", + "title": "ToPort", + "type": "number" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.LogPublishingOption": { + "AWS::EC2::VerifiedAccessEndpoint.RdsOptions": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing for the domain.", - "title": "CloudWatchLogsLogGroupArn", + "Port": { + "markdownDescription": "The port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol.", + "title": "Protocol", "type": "string" }, - "Enabled": { - "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.MasterUserOptions": { - "additionalProperties": false, - "properties": { - "MasterUserARN": { - "markdownDescription": "ARN for the master user. Only specify if `InternalUserDatabaseEnabled` is false in `AdvancedSecurityOptions` .", - "title": "MasterUserARN", + "RdsDbClusterArn": { + "markdownDescription": "The ARN of the DB cluster.", + "title": "RdsDbClusterArn", "type": "string" }, - "MasterUserName": { - "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", - "title": "MasterUserName", + "RdsDbInstanceArn": { + "markdownDescription": "The ARN of the RDS instance.", + "title": "RdsDbInstanceArn", "type": "string" }, - "MasterUserPassword": { - "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", - "title": "MasterUserPassword", + "RdsDbProxyArn": { + "markdownDescription": "The ARN of the RDS proxy.", + "title": "RdsDbProxyArn", + "type": "string" + }, + "RdsEndpoint": { + "markdownDescription": "The RDS endpoint.", + "title": "RdsEndpoint", "type": "string" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether node-to-node encryption is enabled, as a Boolean.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.SnapshotOptions": { - "additionalProperties": false, - "properties": { - "AutomatedSnapshotStartHour": { - "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indices in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", - "title": "AutomatedSnapshotStartHour", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Elasticsearch::Domain.VPCOptions": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", - "type": "array" }, "SubnetIds": { "items": { "type": "string" }, - "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nRequired if you're creating your domain inside a VPC.", + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone.", "title": "SubnetIds", "type": "array" } }, "type": "object" }, - "AWS::Elasticsearch::Domain.ZoneAwarenessConfig": { + "AWS::EC2::VerifiedAccessEndpoint.SseSpecification": { "additionalProperties": false, "properties": { - "AvailabilityZoneCount": { - "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", - "title": "AvailabilityZoneCount", - "type": "number" + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", + "type": "string" } }, "type": "object" }, - "AWS::EntityResolution::IdMappingWorkflow": { + "AWS::EC2::VerifiedAccessGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -94941,61 +102566,47 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description of the workflow.", + "markdownDescription": "A description for the AWS Verified Access group.", "title": "Description", "type": "string" }, - "IdMappingTechniques": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques", - "markdownDescription": "An object which defines the ID mapping technique and any additional configurations.", - "title": "IdMappingTechniques" - }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" + "PolicyDocument": { + "markdownDescription": "The Verified Access policy document.", + "title": "PolicyDocument", + "type": "string" }, - "OutputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource" - }, - "markdownDescription": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` .", - "title": "OutputSourceConfig", - "type": "array" + "PolicyEnabled": { + "markdownDescription": "The status of the Verified Access policy.", + "title": "PolicyEnabled", + "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", - "title": "RoleArn", - "type": "string" + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessGroup.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, - "WorkflowName": { - "markdownDescription": "The name of the workflow. There can't be multiple `IdMappingWorkflows` with the same name.", - "title": "WorkflowName", + "VerifiedAccessInstanceId": { + "markdownDescription": "The ID of the AWS Verified Access instance.", + "title": "VerifiedAccessInstanceId", "type": "string" } }, "required": [ - "IdMappingTechniques", - "InputSourceConfig", - "RoleArn", - "WorkflowName" + "VerifiedAccessInstanceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::IdMappingWorkflow" + "AWS::EC2::VerifiedAccessGroup" ], "type": "string" }, @@ -95014,110 +102625,23 @@ ], "type": "object" }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques": { - "additionalProperties": false, - "properties": { - "IdMappingType": { - "markdownDescription": "The type of ID mapping.", - "title": "IdMappingType", - "type": "string" - }, - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.ProviderProperties", - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "title": "ProviderProperties" - } - }, - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource": { - "additionalProperties": false, - "properties": { - "InputSourceARN": { - "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", - "title": "InputSourceARN", - "type": "string" - }, - "SchemaArn": { - "markdownDescription": "The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` .", - "title": "SchemaArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "InputSourceARN" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource": { - "additionalProperties": false, - "properties": { - "KMSArn": { - "markdownDescription": "Customer AWS KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", - "title": "KMSArn", - "type": "string" - }, - "OutputS3Path": { - "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", - "title": "OutputS3Path", - "type": "string" - } - }, - "required": [ - "OutputS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration": { - "additionalProperties": false, - "properties": { - "IntermediateS3Path": { - "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", - "title": "IntermediateS3Path", - "type": "string" - } - }, - "required": [ - "IntermediateS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::IdMappingWorkflow.ProviderProperties": { + "AWS::EC2::VerifiedAccessGroup.SseSpecification": { "additionalProperties": false, "properties": { - "IntermediateSourceConfiguration": { - "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration", - "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", - "title": "IntermediateSourceConfiguration" - }, - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "The required configuration fields to use with the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" }, - "ProviderServiceArn": { - "markdownDescription": "The ARN of the provider service.", - "title": "ProviderServiceArn", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "ProviderServiceArn" - ], "type": "object" }, - "AWS::EntityResolution::IdNamespace": { + "AWS::EC2::VerifiedAccessInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -95152,60 +102676,56 @@ "Properties": { "additionalProperties": false, "properties": { + "CidrEndpointsCustomSubDomain": { + "markdownDescription": "The custom subdomain.", + "title": "CidrEndpointsCustomSubDomain", + "type": "string" + }, "Description": { - "markdownDescription": "The description of the ID namespace.", + "markdownDescription": "A description for the AWS Verified Access instance.", "title": "Description", "type": "string" }, - "IdMappingWorkflowProperties": { + "FipsEnabled": { + "markdownDescription": "Indicates whether support for Federal Information Processing Standards (FIPS) is enabled on the instance.", + "title": "FipsEnabled", + "type": "boolean" + }, + "LoggingConfigurations": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs", + "markdownDescription": "The logging configuration for the Verified Access instances.", + "title": "LoggingConfigurations" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` .", - "title": "IdMappingWorkflowProperties", + "markdownDescription": "The tags.", + "title": "Tags", "type": "array" }, - "IdNamespaceName": { - "markdownDescription": "The name of the ID namespace.", - "title": "IdNamespaceName", - "type": "string" - }, - "InputSourceConfig": { + "VerifiedAccessTrustProviderIds": { "items": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceInputSource" + "type": "string" }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", + "markdownDescription": "The IDs of the AWS Verified Access trust providers.", + "title": "VerifiedAccessTrustProviderIds", "type": "array" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { + "VerifiedAccessTrustProviders": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", + "markdownDescription": "The IDs of the AWS Verified Access trust providers.", + "title": "VerifiedAccessTrustProviders", "type": "array" - }, - "Type": { - "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", - "title": "Type", - "type": "string" } }, - "required": [ - "IdNamespaceName", - "Type" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::IdNamespace" + "AWS::EC2::VerifiedAccessInstance" ], "type": "string" }, @@ -95219,75 +102739,131 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties": { + "AWS::EC2::VerifiedAccessInstance.CloudWatchLogs": { "additionalProperties": false, "properties": { - "IdMappingType": { - "markdownDescription": "The type of ID mapping.", - "title": "IdMappingType", + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "LogGroup": { + "markdownDescription": "The ID of the CloudWatch Logs log group.", + "title": "LogGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose": { + "additionalProperties": false, + "properties": { + "DeliveryStream": { + "markdownDescription": "The ID of the delivery stream.", + "title": "DeliveryStream", "type": "string" }, - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceProviderProperties", - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "title": "ProviderProperties" + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" } }, - "required": [ - "IdMappingType" - ], "type": "object" }, - "AWS::EntityResolution::IdNamespace.IdNamespaceInputSource": { + "AWS::EC2::VerifiedAccessInstance.S3": { "additionalProperties": false, "properties": { - "InputSourceARN": { - "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", - "title": "InputSourceARN", + "BucketName": { + "markdownDescription": "The bucket name.", + "title": "BucketName", "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema.", - "title": "SchemaName", + "BucketOwner": { + "markdownDescription": "The AWS account number that owns the bucket.", + "title": "BucketOwner", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Indicates whether logging is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Prefix": { + "markdownDescription": "The bucket prefix.", + "title": "Prefix", "type": "string" } }, - "required": [ - "InputSourceARN" - ], "type": "object" }, - "AWS::EntityResolution::IdNamespace.NamespaceProviderProperties": { + "AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs": { "additionalProperties": false, "properties": { - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "An object which defines any additional configurations required by the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.CloudWatchLogs", + "markdownDescription": "CloudWatch Logs logging destination.", + "title": "CloudWatchLogs" }, - "ProviderServiceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the provider service.", - "title": "ProviderServiceArn", + "IncludeTrustContext": { + "markdownDescription": "Indicates whether to include trust data sent by trust providers in the logs.", + "title": "IncludeTrustContext", + "type": "boolean" + }, + "KinesisDataFirehose": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose", + "markdownDescription": "Kinesis logging destination.", + "title": "KinesisDataFirehose" + }, + "LogVersion": { + "markdownDescription": "The logging version.\n\nValid values: `ocsf-0.1` | `ocsf-1.0.0-rc.2`", + "title": "LogVersion", "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.S3", + "markdownDescription": "Amazon S3 logging options.", + "title": "S3" } }, - "required": [ - "ProviderServiceArn" - ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow": { + "AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the AWS Verified Access trust provider.", + "title": "Description", + "type": "string" + }, + "DeviceTrustProviderType": { + "markdownDescription": "The type of device-based trust provider.", + "title": "DeviceTrustProviderType", + "type": "string" + }, + "TrustProviderType": { + "markdownDescription": "The type of Verified Access trust provider.", + "title": "TrustProviderType", + "type": "string" + }, + "UserTrustProviderType": { + "markdownDescription": "The type of user-based trust provider.", + "title": "UserTrustProviderType", + "type": "string" + }, + "VerifiedAccessTrustProviderId": { + "markdownDescription": "The ID of the AWS Verified Access trust provider.", + "title": "VerifiedAccessTrustProviderId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::VerifiedAccessTrustProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -95323,62 +102899,68 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description of the workflow.", + "markdownDescription": "A description for the AWS Verified Access trust provider.", "title": "Description", "type": "string" }, - "InputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.InputSource" - }, - "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", - "title": "InputSourceConfig", - "type": "array" + "DeviceOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions", + "markdownDescription": "The options for device-identity trust provider.", + "title": "DeviceOptions" }, - "OutputSourceConfig": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputSource" - }, - "markdownDescription": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` .", - "title": "OutputSourceConfig", - "type": "array" + "DeviceTrustProviderType": { + "markdownDescription": "The type of device-based trust provider.", + "title": "DeviceTrustProviderType", + "type": "string" }, - "ResolutionTechniques": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques", - "markdownDescription": "An object which defines the `resolutionType` and the `ruleBasedProperties` .", - "title": "ResolutionTechniques" + "NativeApplicationOidcOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.NativeApplicationOidcOptions", + "markdownDescription": "The OpenID Connect (OIDC) options.", + "title": "NativeApplicationOidcOptions" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", - "title": "RoleArn", + "OidcOptions": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.OidcOptions", + "markdownDescription": "The options for an OpenID Connect-compatible user-identity trust provider.", + "title": "OidcOptions" + }, + "PolicyReferenceName": { + "markdownDescription": "The identifier to be used when working with policy rules.", + "title": "PolicyReferenceName", "type": "string" }, + "SseSpecification": { + "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.SseSpecification", + "markdownDescription": "The options for additional server side encryption.", + "title": "SseSpecification" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, - "WorkflowName": { - "markdownDescription": "The name of the workflow. There can't be multiple `MatchingWorkflows` with the same name.", - "title": "WorkflowName", + "TrustProviderType": { + "markdownDescription": "The type of Verified Access trust provider.", + "title": "TrustProviderType", + "type": "string" + }, + "UserTrustProviderType": { + "markdownDescription": "The type of user-based trust provider.", + "title": "UserTrustProviderType", "type": "string" } }, "required": [ - "InputSourceConfig", - "OutputSourceConfig", - "ResolutionTechniques", - "RoleArn", - "WorkflowName" + "PolicyReferenceName", + "TrustProviderType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::MatchingWorkflow" + "AWS::EC2::VerifiedAccessTrustProvider" ], "type": "string" }, @@ -95397,195 +102979,126 @@ ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.InputSource": { + "AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions": { "additionalProperties": false, "properties": { - "ApplyNormalization": { - "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", - "title": "ApplyNormalization", - "type": "boolean" - }, - "InputSourceARN": { - "markdownDescription": "An object containing `InputSourceARN` , `SchemaName` , and `ApplyNormalization` .", - "title": "InputSourceARN", + "PublicSigningKeyUrl": { + "markdownDescription": "The URL AWS Verified Access will use to verify the authenticity of the device tokens.", + "title": "PublicSigningKeyUrl", "type": "string" }, - "SchemaArn": { - "markdownDescription": "The name of the schema.", - "title": "SchemaArn", + "TenantId": { + "markdownDescription": "The ID of the tenant application with the device-identity provider.", + "title": "TenantId", "type": "string" } }, - "required": [ - "InputSourceARN", - "SchemaArn" - ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration": { + "AWS::EC2::VerifiedAccessTrustProvider.NativeApplicationOidcOptions": { "additionalProperties": false, "properties": { - "IntermediateS3Path": { - "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", - "title": "IntermediateS3Path", + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP.", + "title": "AuthorizationEndpoint", "type": "string" - } - }, - "required": [ - "IntermediateS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.OutputAttribute": { - "additionalProperties": false, - "properties": { - "Hashed": { - "markdownDescription": "Enables the ability to hash the column values in the output.", - "title": "Hashed", - "type": "boolean" }, - "Name": { - "markdownDescription": "A name of a column to be written to the output. This must be an `InputField` name in the schema mapping.", - "title": "Name", + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.OutputSource": { - "additionalProperties": false, - "properties": { - "ApplyNormalization": { - "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", - "title": "ApplyNormalization", - "type": "boolean" }, - "KMSArn": { - "markdownDescription": "Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", - "title": "KMSArn", + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret.", + "title": "ClientSecret", "type": "string" }, - "Output": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputAttribute" - }, - "markdownDescription": "A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed.", - "title": "Output", - "type": "array" + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP.", + "title": "Issuer", + "type": "string" }, - "OutputS3Path": { - "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", - "title": "OutputS3Path", + "PublicSigningKeyEndpoint": { + "markdownDescription": "The public signing key endpoint.", + "title": "PublicSigningKeyEndpoint", "type": "string" - } - }, - "required": [ - "Output", - "OutputS3Path" - ], - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.ProviderProperties": { - "additionalProperties": false, - "properties": { - "IntermediateSourceConfiguration": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration", - "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", - "title": "IntermediateSourceConfiguration" }, - "ProviderConfiguration": { - "additionalProperties": true, - "markdownDescription": "The required configuration fields to use with the provider service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ProviderConfiguration", - "type": "object" + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP.", + "title": "Scope", + "type": "string" }, - "ProviderServiceArn": { - "markdownDescription": "The ARN of the provider service.", - "title": "ProviderServiceArn", + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP.", + "title": "TokenEndpoint", + "type": "string" + }, + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP.", + "title": "UserInfoEndpoint", "type": "string" } }, - "required": [ - "ProviderServiceArn" - ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques": { + "AWS::EC2::VerifiedAccessTrustProvider.OidcOptions": { "additionalProperties": false, "properties": { - "ProviderProperties": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ProviderProperties", - "markdownDescription": "The properties of the provider service.", - "title": "ProviderProperties" + "AuthorizationEndpoint": { + "markdownDescription": "The OIDC authorization endpoint.", + "title": "AuthorizationEndpoint", + "type": "string" }, - "ResolutionType": { - "markdownDescription": "The type of matching. There are three types of matching: `RULE_MATCHING` , `ML_MATCHING` , and `PROVIDER` .", - "title": "ResolutionType", + "ClientId": { + "markdownDescription": "The client identifier.", + "title": "ClientId", "type": "string" }, - "RuleBasedProperties": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties", - "markdownDescription": "An object which defines the list of matching rules to run and has a field `Rules` , which is a list of rule objects.", - "title": "RuleBasedProperties" - } - }, - "type": "object" - }, - "AWS::EntityResolution::MatchingWorkflow.Rule": { - "additionalProperties": false, - "properties": { - "MatchingKeys": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", - "title": "MatchingKeys", - "type": "array" + "ClientSecret": { + "markdownDescription": "The client secret.", + "title": "ClientSecret", + "type": "string" }, - "RuleName": { - "markdownDescription": "A name for the matching rule.", - "title": "RuleName", + "Issuer": { + "markdownDescription": "The OIDC issuer.", + "title": "Issuer", + "type": "string" + }, + "Scope": { + "markdownDescription": "The OpenID Connect (OIDC) scope specified.", + "title": "Scope", + "type": "string" + }, + "TokenEndpoint": { + "markdownDescription": "The OIDC token endpoint.", + "title": "TokenEndpoint", + "type": "string" + }, + "UserInfoEndpoint": { + "markdownDescription": "The OIDC user info endpoint.", + "title": "UserInfoEndpoint", "type": "string" } }, - "required": [ - "MatchingKeys", - "RuleName" - ], "type": "object" }, - "AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties": { + "AWS::EC2::VerifiedAccessTrustProvider.SseSpecification": { "additionalProperties": false, "properties": { - "AttributeMatchingModel": { - "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", - "title": "AttributeMatchingModel", - "type": "string" + "CustomerManagedKeyEnabled": { + "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", + "title": "CustomerManagedKeyEnabled", + "type": "boolean" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.Rule" - }, - "markdownDescription": "A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` .", - "title": "Rules", - "type": "array" + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key.", + "title": "KmsKeyArn", + "type": "string" } }, - "required": [ - "AttributeMatchingModel", - "Rules" - ], "type": "object" }, - "AWS::EntityResolution::PolicyStatement": { + "AWS::EC2::Volume": { "additionalProperties": false, "properties": { "Condition": { @@ -95620,52 +103133,83 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "items": { - "type": "string" - }, - "markdownDescription": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .", - "title": "Action", - "type": "array" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.", - "title": "Arn", + "AutoEnableIO": { + "markdownDescription": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O.", + "title": "AutoEnableIO", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "The ID of the Availability Zone in which to create the volume. For example, `us-east-1a` .", + "title": "AvailabilityZone", "type": "string" }, - "Condition": { - "markdownDescription": "A set of condition keys that you can use in key policies.", - "title": "Condition", + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) in the *Amazon EBS User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` .\n\nIf you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to `true` , then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the AWS managed key .\n\nAlternatively, if you want to specify a different key, you can specify one of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. Specify the alias for the key, prefixed with `alias/` . For example, for a key with the alias `my_cmk` , use `alias/my_cmk` . Or to specify the AWS managed key , use `alias/aws/ebs` .\n- Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.", + "title": "KmsKeyId", "type": "string" }, - "Effect": { - "markdownDescription": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n> If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.", - "title": "Effect", + "MultiAttachEnabled": { + "markdownDescription": "Indicates whether Amazon EBS Multi-Attach is enabled.\n\nAWS CloudFormation does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume.", + "title": "MultiAttachEnabled", + "type": "boolean" + }, + "OutpostArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", + "title": "OutpostArn", "type": "string" }, - "Principal": { + "Size": { + "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", + "title": "Size", + "type": "number" + }, + "SnapshotId": { + "markdownDescription": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.", + "title": "SnapshotId", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS service or AWS account that can access the resource defined as ARN.", - "title": "Principal", + "markdownDescription": "The tags to apply to the volume during creation.", + "title": "Tags", "type": "array" }, - "StatementId": { - "markdownDescription": "A statement identifier that differentiates the statement from others in the same policy.", - "title": "StatementId", + "Throughput": { + "markdownDescription": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n\nThis parameter is valid only for `gp3` volumes. The default value is 125.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", + "title": "Throughput", + "type": "number" + }, + "VolumeInitializationRate": { + "markdownDescription": "Specifies the Amazon EBS Provisioned Rate for Volume Initialization (volume initialization rate), in MiB/s, at which to download the snapshot blocks from Amazon S3 to the volume. This is also known as *volume initialization* . Specifying a volume initialization rate ensures that the volume is initialized at a predictable and consistent rate after creation.\n\nThis parameter is supported only for volumes created from snapshots. Omit this parameter if:\n\n- You want to create the volume using fast snapshot restore. You must specify a snapshot that is enabled for fast snapshot restore. In this case, the volume is fully initialized at creation.\n\n> If you specify a snapshot that is enabled for fast snapshot restore and a volume initialization rate, the volume will be initialized at the specified rate instead of fast snapshot restore.\n- You want to create a volume that is initialized at the default rate.\n\nFor more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EC2 User Guide* .\n\nValid range: 100 - 300 MiB/s", + "title": "VolumeInitializationRate", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) .\n\nDefault: `gp2`", + "title": "VolumeType", "type": "string" } }, "required": [ - "Arn", - "StatementId" + "AvailabilityZone" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::PolicyStatement" + "AWS::EC2::Volume" ], "type": "string" }, @@ -95684,7 +103228,7 @@ ], "type": "object" }, - "AWS::EntityResolution::SchemaMapping": { + "AWS::EC2::VolumeAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -95719,42 +103263,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the schema.", - "title": "Description", + "Device": { + "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", + "title": "Device", "type": "string" }, - "MappedInputFields": { - "items": { - "$ref": "#/definitions/AWS::EntityResolution::SchemaMapping.SchemaInputAttribute" - }, - "markdownDescription": "A list of `MappedInputFields` . Each `MappedInputField` corresponds to a column the source data table, and contains column name plus additional information that AWS Entity Resolution uses for matching.", - "title": "MappedInputFields", - "type": "array" - }, - "SchemaName": { - "markdownDescription": "The name of the schema. There can't be multiple `SchemaMappings` with the same name.", - "title": "SchemaName", + "InstanceId": { + "markdownDescription": "The ID of the instance to which the volume attaches. This value can be a reference to an [`AWS::EC2::Instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance.", + "title": "InstanceId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" + "VolumeId": { + "markdownDescription": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [`AWS::EC2::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume.", + "title": "VolumeId", + "type": "string" } }, "required": [ - "MappedInputFields", - "SchemaName" + "InstanceId", + "VolumeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::EntityResolution::SchemaMapping" + "AWS::EC2::VolumeAttachment" ], "type": "string" }, @@ -95773,42 +103306,7 @@ ], "type": "object" }, - "AWS::EntityResolution::SchemaMapping.SchemaInputAttribute": { - "additionalProperties": false, - "properties": { - "FieldName": { - "markdownDescription": "A string containing the field name.", - "title": "FieldName", - "type": "string" - }, - "GroupName": { - "markdownDescription": "A string that instructs AWS Entity Resolution to combine several columns into a unified column with the identical attribute type.\n\nFor example, when working with columns such as `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , assigning them a common `groupName` will prompt AWS Entity Resolution to concatenate them into a single value.", - "title": "GroupName", - "type": "string" - }, - "MatchKey": { - "markdownDescription": "A key that allows grouping of multiple input attributes into a unified matching group.\n\nFor example, consider a scenario where the source table contains various addresses, such as `business_address` and `shipping_address` . By assigning a `matchKey` called `address` to both attributes, AWS Entity Resolution will match records across these fields to create a consolidated matching group.\n\nIf no `matchKey` is specified for a column, it won't be utilized for matching purposes but will still be included in the output table.", - "title": "MatchKey", - "type": "string" - }, - "SubType": { - "markdownDescription": "The subtype of the attribute, selected from a list of values.", - "title": "SubType", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the attribute, selected from a list of values.\n\nLiveRamp supports: `NAME` | `NAME_FIRST` | `NAME_MIDDLE` | `NAME_LAST` | `ADDRESS` | `ADDRESS_STREET1` | `ADDRESS_STREET2` | `ADDRESS_STREET3` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `PROVIDER_ID`\n\nTransUnion supports: `NAME` | `NAME_FIRST` | `NAME_LAST` | `ADDRESS` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `IPV4` | `IPV6` | `MAID`\n\nUnified ID 2.0 supports: `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID`\n\n> Normalization is only supported for `NAME` , `ADDRESS` , `PHONE` , and `EMAIL_ADDRESS` .\n> \n> If you want to normalize `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , you must group them by assigning them to the `NAME` `groupName` .\n> \n> If you want to normalize `ADDRESS_STREET1` , `ADDRESS_STREET2` , `ADDRESS_STREET3` , `ADDRESS_CITY` , `ADDRESS_STATE` , `ADDRESS_COUNTRY` , and `ADDRESS_POSTALCODE` , you must group them by assigning them to the `ADDRESS` `groupName` .\n> \n> If you want to normalize `PHONE_NUMBER` and `PHONE_COUNTRYCODE` , you must group them by assigning them to the `PHONE` `groupName` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "FieldName", - "Type" - ], - "type": "object" - }, - "AWS::EventSchemas::Discoverer": { + "AWS::ECR::PublicRepository": { "additionalProperties": false, "properties": { "Condition": { @@ -95843,38 +103341,35 @@ "Properties": { "additionalProperties": false, "properties": { - "CrossAccount": { - "markdownDescription": "Allows for the discovery of the event schemas that are sent to the event bus from another account.", - "title": "CrossAccount", - "type": "boolean" + "RepositoryCatalogData": { + "$ref": "#/definitions/AWS::ECR::PublicRepository.RepositoryCatalogData", + "markdownDescription": "The details about the repository that are publicly visible in the Amazon ECR Public Gallery. For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .", + "title": "RepositoryCatalogData" }, - "Description": { - "markdownDescription": "A description for the discoverer.", - "title": "Description", + "RepositoryName": { + "markdownDescription": "The name to use for the public repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "RepositoryName", "type": "string" }, - "SourceArn": { - "markdownDescription": "The ARN of the event bus.", - "title": "SourceArn", - "type": "string" + "RepositoryPolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the public repository. For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .", + "title": "RepositoryPolicyText", + "type": "object" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::EventSchemas::Discoverer.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags associated with the resource.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, - "required": [ - "SourceArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Discoverer" + "AWS::ECR::PublicRepository" ], "type": "string" }, @@ -95888,32 +103383,48 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::EventSchemas::Discoverer.TagsEntry": { + "AWS::ECR::PublicRepository.RepositoryCatalogData": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", + "AboutText": { + "markdownDescription": "The longform description of the contents of the repository. This text appears in the repository details on the Amazon ECR Public Gallery.", + "title": "AboutText", "type": "string" }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", + "Architectures": { + "items": { + "type": "string" + }, + "markdownDescription": "The architecture tags that are associated with the repository.", + "title": "Architectures", + "type": "array" + }, + "OperatingSystems": { + "items": { + "type": "string" + }, + "markdownDescription": "The operating system tags that are associated with the repository.", + "title": "OperatingSystems", + "type": "array" + }, + "RepositoryDescription": { + "markdownDescription": "The short description of the repository.", + "title": "RepositoryDescription", + "type": "string" + }, + "UsageText": { + "markdownDescription": "The longform usage details of the contents of the repository. The usage text provides context for users of the repository.", + "title": "UsageText", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::EventSchemas::Registry": { + "AWS::ECR::PullThroughCacheRule": { "additionalProperties": false, "properties": { "Condition": { @@ -95948,30 +103459,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the registry to be created.", - "title": "Description", + "CredentialArn": { + "markdownDescription": "The ARN of the Secrets Manager secret associated with the pull through cache rule.", + "title": "CredentialArn", "type": "string" }, - "RegistryName": { - "markdownDescription": "The name of the schema registry.", - "title": "RegistryName", + "CustomRoleArn": { + "markdownDescription": "The ARN of the IAM role associated with the pull through cache rule.", + "title": "CustomRoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::EventSchemas::Registry.TagsEntry" - }, - "markdownDescription": "Tags to associate with the registry.", - "title": "Tags", - "type": "array" + "EcrRepositoryPrefix": { + "markdownDescription": "The Amazon ECR repository prefix associated with the pull through cache rule.", + "title": "EcrRepositoryPrefix", + "type": "string" + }, + "UpstreamRegistry": { + "markdownDescription": "The name of the upstream source registry associated with the pull through cache rule.", + "title": "UpstreamRegistry", + "type": "string" + }, + "UpstreamRegistryUrl": { + "markdownDescription": "The upstream registry URL associated with the pull through cache rule.", + "title": "UpstreamRegistryUrl", + "type": "string" + }, + "UpstreamRepositoryPrefix": { + "markdownDescription": "The upstream repository prefix associated with the pull through cache rule.", + "title": "UpstreamRepositoryPrefix", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Registry" + "AWS::ECR::PullThroughCacheRule" ], "type": "string" }, @@ -95989,27 +103512,7 @@ ], "type": "object" }, - "AWS::EventSchemas::Registry.TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::EventSchemas::RegistryPolicy": { + "AWS::ECR::RegistryPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -96044,31 +103547,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "A resource-based policy.", - "title": "Policy", + "PolicyText": { + "markdownDescription": "The JSON policy text for your registry.", + "title": "PolicyText", "type": "object" - }, - "RegistryName": { - "markdownDescription": "The name of the registry.", - "title": "RegistryName", - "type": "string" - }, - "RevisionId": { - "markdownDescription": "The revision ID of the policy.", - "title": "RevisionId", - "type": "string" } }, "required": [ - "Policy", - "RegistryName" + "PolicyText" ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::RegistryPolicy" + "AWS::ECR::RegistryPolicy" ], "type": "string" }, @@ -96087,7 +103579,7 @@ ], "type": "object" }, - "AWS::EventSchemas::Schema": { + "AWS::ECR::RegistryScanningConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -96122,50 +103614,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The source of the schema definition.", - "title": "Content", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the schema.", - "title": "Description", - "type": "string" - }, - "RegistryName": { - "markdownDescription": "The name of the schema registry.", - "title": "RegistryName", - "type": "string" - }, - "SchemaName": { - "markdownDescription": "The name of the schema.", - "title": "SchemaName", - "type": "string" - }, - "Tags": { + "Rules": { "items": { - "$ref": "#/definitions/AWS::EventSchemas::Schema.TagsEntry" + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration.ScanningRule" }, - "markdownDescription": "Tags associated with the schema.", - "title": "Tags", + "markdownDescription": "The scanning rules associated with the registry.", + "title": "Rules", "type": "array" }, - "Type": { - "markdownDescription": "The type of schema.\n\nValid types include `OpenApi3` and `JSONSchemaDraft4` .", - "title": "Type", + "ScanType": { + "markdownDescription": "The type of scanning configured for the registry.", + "title": "ScanType", "type": "string" } }, "required": [ - "Content", - "RegistryName", - "Type" + "Rules", + "ScanType" ], "type": "object" }, "Type": { "enum": [ - "AWS::EventSchemas::Schema" + "AWS::ECR::RegistryScanningConfiguration" ], "type": "string" }, @@ -96184,27 +103655,50 @@ ], "type": "object" }, - "AWS::EventSchemas::Schema.TagsEntry": { + "AWS::ECR::RegistryScanningConfiguration.RepositoryFilter": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair.", - "title": "Key", + "Filter": { + "markdownDescription": "The filter to use when scanning.", + "title": "Filter", "type": "string" }, - "Value": { - "markdownDescription": "The value of a key-value pair.", - "title": "Value", + "FilterType": { + "markdownDescription": "The type associated with the filter.", + "title": "FilterType", "type": "string" } }, "required": [ - "Key", - "Value" + "Filter", + "FilterType" ], "type": "object" }, - "AWS::Events::ApiDestination": { + "AWS::ECR::RegistryScanningConfiguration.ScanningRule": { + "additionalProperties": false, + "properties": { + "RepositoryFilters": { + "items": { + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration.RepositoryFilter" + }, + "markdownDescription": "The details of a scanning repository filter. For more information on how to use filters, see [Using filters](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html#image-scanning-filters) in the *Amazon Elastic Container Registry User Guide* .", + "title": "RepositoryFilters", + "type": "array" + }, + "ScanFrequency": { + "markdownDescription": "The frequency that scans are performed at for a private registry. When the `ENHANCED` scan type is specified, the supported scan frequencies are `CONTINUOUS_SCAN` and `SCAN_ON_PUSH` . When the `BASIC` scan type is specified, the `SCAN_ON_PUSH` scan frequency is supported. If scan on push is not specified, then the `MANUAL` scan frequency is set by default.", + "title": "ScanFrequency", + "type": "string" + } + }, + "required": [ + "RepositoryFilters", + "ScanFrequency" + ], + "type": "object" + }, + "AWS::ECR::ReplicationConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -96239,47 +103733,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionArn": { - "markdownDescription": "The ARN of the connection to use for the API destination. The destination endpoint must support the authorization type specified for the connection.", - "title": "ConnectionArn", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the API destination to create.", - "title": "Description", - "type": "string" - }, - "HttpMethod": { - "markdownDescription": "The method to use for the request to the HTTP invocation endpoint.", - "title": "HttpMethod", - "type": "string" - }, - "InvocationEndpoint": { - "markdownDescription": "The URL to the HTTP invocation endpoint for the API destination.", - "title": "InvocationEndpoint", - "type": "string" - }, - "InvocationRateLimitPerSecond": { - "markdownDescription": "The maximum number of requests per second to send to the HTTP invocation endpoint.", - "title": "InvocationRateLimitPerSecond", - "type": "number" - }, - "Name": { - "markdownDescription": "The name for the API destination to create.", - "title": "Name", - "type": "string" + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationConfiguration", + "markdownDescription": "The replication configuration for a registry.", + "title": "ReplicationConfiguration" } }, "required": [ - "ConnectionArn", - "HttpMethod", - "InvocationEndpoint" + "ReplicationConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::ApiDestination" + "AWS::ECR::ReplicationConfiguration" ], "type": "string" }, @@ -96298,94 +103765,89 @@ ], "type": "object" }, - "AWS::Events::Archive": { + "AWS::ECR::ReplicationConfiguration.ReplicationConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationRule" + }, + "markdownDescription": "An array of objects representing the replication destinations and repository filters for a replication configuration.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::ECR::ReplicationConfiguration.ReplicationDestination": { + "additionalProperties": false, + "properties": { + "Region": { + "markdownDescription": "The Region to replicate to.", + "title": "Region", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RegistryId": { + "markdownDescription": "The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID.", + "title": "RegistryId", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ArchiveName": { - "markdownDescription": "The name for the archive to create.", - "title": "ArchiveName", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the archive.", - "title": "Description", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "An event pattern to use to filter events sent to the archive.", - "title": "EventPattern", - "type": "object" - }, - "RetentionDays": { - "markdownDescription": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely", - "title": "RetentionDays", - "type": "number" - }, - "SourceArn": { - "markdownDescription": "The ARN of the event bus that sends events to the archive.", - "title": "SourceArn", - "type": "string" - } + } + }, + "required": [ + "Region", + "RegistryId" + ], + "type": "object" + }, + "AWS::ECR::ReplicationConfiguration.ReplicationRule": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationDestination" }, - "required": [ - "SourceArn" - ], - "type": "object" + "markdownDescription": "An array of objects representing the destination for a replication rule.", + "title": "Destinations", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Events::Archive" - ], + "RepositoryFilters": { + "items": { + "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.RepositoryFilter" + }, + "markdownDescription": "An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.", + "title": "RepositoryFilters", + "type": "array" + } + }, + "required": [ + "Destinations" + ], + "type": "object" + }, + "AWS::ECR::ReplicationConfiguration.RepositoryFilter": { + "additionalProperties": false, + "properties": { + "Filter": { + "markdownDescription": "The repository filter details. When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.", + "title": "Filter", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FilterType": { + "markdownDescription": "The repository filter type. The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.", + "title": "FilterType", "type": "string" } }, "required": [ - "Type", - "Properties" + "Filter", + "FilterType" ], "type": "object" }, - "AWS::Events::Connection": { + "AWS::ECR::Repository": { "additionalProperties": false, "properties": { "Condition": { @@ -96420,32 +103882,55 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.AuthParameters", - "markdownDescription": "The authorization parameters to use to authorize with the endpoint.\n\nYou must include only authorization parameters for the `AuthorizationType` you specify.", - "title": "AuthParameters" + "EmptyOnDelete": { + "markdownDescription": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.", + "title": "EmptyOnDelete", + "type": "boolean" }, - "AuthorizationType": { - "markdownDescription": "The type of authorization to use for the connection.\n\n> OAUTH tokens are refreshed when a 401 or 407 response is returned.", - "title": "AuthorizationType", - "type": "string" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::ECR::Repository.EncryptionConfiguration", + "markdownDescription": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", + "title": "EncryptionConfiguration" }, - "Description": { - "markdownDescription": "A description for the connection to create.", - "title": "Description", + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ECR::Repository.ImageScanningConfiguration", + "markdownDescription": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.", + "title": "ImageScanningConfiguration" + }, + "ImageTagMutability": { + "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", + "title": "ImageTagMutability", "type": "string" }, - "Name": { - "markdownDescription": "The name for the connection to create.", - "title": "Name", + "LifecyclePolicy": { + "$ref": "#/definitions/AWS::ECR::Repository.LifecyclePolicy", + "markdownDescription": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .", + "title": "LifecyclePolicy" + }, + "RepositoryName": { + "markdownDescription": "The name to use for the repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "RepositoryName", "type": "string" + }, + "RepositoryPolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "RepositoryPolicyText", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.", + "title": "Tags", + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::Events::Connection" + "AWS::ECR::Repository" ], "type": "string" }, @@ -96463,179 +103948,53 @@ ], "type": "object" }, - "AWS::Events::Connection.ApiKeyAuthParameters": { - "additionalProperties": false, - "properties": { - "ApiKeyName": { - "markdownDescription": "The name of the API key to use for authorization.", - "title": "ApiKeyName", - "type": "string" - }, - "ApiKeyValue": { - "markdownDescription": "The value for the API key to use for authorization.", - "title": "ApiKeyValue", - "type": "string" - } - }, - "required": [ - "ApiKeyName", - "ApiKeyValue" - ], - "type": "object" - }, - "AWS::Events::Connection.AuthParameters": { - "additionalProperties": false, - "properties": { - "ApiKeyAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ApiKeyAuthParameters", - "markdownDescription": "The API Key parameters to use for authorization.", - "title": "ApiKeyAuthParameters" - }, - "BasicAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.BasicAuthParameters", - "markdownDescription": "The authorization parameters for Basic authorization.", - "title": "BasicAuthParameters" - }, - "InvocationHttpParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", - "markdownDescription": "Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint.", - "title": "InvocationHttpParameters" - }, - "OAuthParameters": { - "$ref": "#/definitions/AWS::Events::Connection.OAuthParameters", - "markdownDescription": "The OAuth parameters to use for authorization.", - "title": "OAuthParameters" - } - }, - "type": "object" - }, - "AWS::Events::Connection.BasicAuthParameters": { - "additionalProperties": false, - "properties": { - "Password": { - "markdownDescription": "The password associated with the user name to use for Basic authorization.", - "title": "Password", - "type": "string" - }, - "Username": { - "markdownDescription": "The user name to use for Basic authorization.", - "title": "Username", - "type": "string" - } - }, - "required": [ - "Password", - "Username" - ], - "type": "object" - }, - "AWS::Events::Connection.ClientParameters": { + "AWS::ECR::Repository.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "ClientID": { - "markdownDescription": "The client ID to use for OAuth authorization.", - "title": "ClientID", + "EncryptionType": { + "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "EncryptionType", "type": "string" }, - "ClientSecret": { - "markdownDescription": "The client secret assciated with the client ID to use for OAuth authorization.", - "title": "ClientSecret", + "KmsKey": { + "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", + "title": "KmsKey", "type": "string" } }, "required": [ - "ClientID", - "ClientSecret" + "EncryptionType" ], "type": "object" }, - "AWS::Events::Connection.ConnectionHttpParameters": { - "additionalProperties": false, - "properties": { - "BodyParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" - }, - "markdownDescription": "Any additional body string parameters for the connection.", - "title": "BodyParameters", - "type": "array" - }, - "HeaderParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" - }, - "markdownDescription": "Any additional header parameters for the connection.", - "title": "HeaderParameters", - "type": "array" - }, - "QueryStringParameters": { - "items": { - "$ref": "#/definitions/AWS::Events::Connection.Parameter" - }, - "markdownDescription": "Any additional query string parameters for the connection.", - "title": "QueryStringParameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Events::Connection.OAuthParameters": { + "AWS::ECR::Repository.ImageScanningConfiguration": { "additionalProperties": false, "properties": { - "AuthorizationEndpoint": { - "markdownDescription": "The URL to the authorization endpoint when OAuth is specified as the authorization type.", - "title": "AuthorizationEndpoint", - "type": "string" - }, - "ClientParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ClientParameters", - "markdownDescription": "The client parameters for OAuth authorization.", - "title": "ClientParameters" - }, - "HttpMethod": { - "markdownDescription": "The method to use for the authorization request.", - "title": "HttpMethod", - "type": "string" - }, - "OAuthHttpParameters": { - "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", - "markdownDescription": "Details about the additional parameters to use for the connection.", - "title": "OAuthHttpParameters" + "ScanOnPush": { + "markdownDescription": "The setting that determines whether images are scanned after being pushed to a repository. If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.", + "title": "ScanOnPush", + "type": "boolean" } }, - "required": [ - "AuthorizationEndpoint", - "ClientParameters", - "HttpMethod" - ], "type": "object" }, - "AWS::Events::Connection.Parameter": { + "AWS::ECR::Repository.LifecyclePolicy": { "additionalProperties": false, "properties": { - "IsValueSecret": { - "markdownDescription": "Specifies whether the value is secret.", - "title": "IsValueSecret", - "type": "boolean" - }, - "Key": { - "markdownDescription": "The key for a query string parameter.", - "title": "Key", + "LifecyclePolicyText": { + "markdownDescription": "The JSON repository policy text to apply to the repository.", + "title": "LifecyclePolicyText", "type": "string" }, - "Value": { - "markdownDescription": "The value associated with the key for the query string parameter.", - "title": "Value", + "RegistryId": { + "markdownDescription": "The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.", + "title": "RegistryId", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::Events::Endpoint": { + "AWS::ECR::RepositoryCreationTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -96670,49 +104029,67 @@ "Properties": { "additionalProperties": false, "properties": { + "AppliedFor": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of enumerable Strings representing the repository creation scenarios that this template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and REPLICATION", + "title": "AppliedFor", + "type": "array" + }, + "CustomRoleArn": { + "markdownDescription": "The ARN of the role to be assumed by Amazon ECR. Amazon ECR will assume your supplied role when the customRoleArn is specified. When this field isn't specified, Amazon ECR will use the service-linked role for the repository creation template.", + "title": "CustomRoleArn", + "type": "string" + }, "Description": { - "markdownDescription": "A description for the endpoint.", + "markdownDescription": "The description associated with the repository creation template.", "title": "Description", "type": "string" }, - "EventBuses": { - "items": { - "$ref": "#/definitions/AWS::Events::Endpoint.EndpointEventBus" - }, - "markdownDescription": "The event buses being used by the endpoint.\n\n*Exactly* : `2`", - "title": "EventBuses", - "type": "array" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration", + "markdownDescription": "The encryption configuration associated with the repository creation template.", + "title": "EncryptionConfiguration" }, - "Name": { - "markdownDescription": "The name of the endpoint.", - "title": "Name", + "ImageTagMutability": { + "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", + "title": "ImageTagMutability", "type": "string" }, - "ReplicationConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.ReplicationConfig", - "markdownDescription": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` .", - "title": "ReplicationConfig" + "LifecyclePolicy": { + "markdownDescription": "The lifecycle policy to use for repositories created using the template.", + "title": "LifecyclePolicy", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role used by event replication for the endpoint.", - "title": "RoleArn", + "Prefix": { + "markdownDescription": "The repository namespace prefix associated with the repository creation template.", + "title": "Prefix", "type": "string" }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.RoutingConfig", - "markdownDescription": "The routing configuration of the endpoint.", - "title": "RoutingConfig" + "RepositoryPolicy": { + "markdownDescription": "The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.", + "title": "RepositoryPolicy", + "type": "string" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "ResourceTags", + "type": "array" } }, "required": [ - "EventBuses", - "RoutingConfig" + "AppliedFor", + "Prefix" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::Endpoint" + "AWS::ECR::RepositoryCreationTemplate" ], "type": "string" }, @@ -96731,97 +104108,26 @@ ], "type": "object" }, - "AWS::Events::Endpoint.EndpointEventBus": { + "AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "EventBusArn": { - "markdownDescription": "The ARN of the event bus the endpoint is associated with.", - "title": "EventBusArn", + "EncryptionType": { + "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created.\n\nIf you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS KMS Management Service key stored in AWS KMS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you've already created.\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.\n\nFor more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", + "title": "EncryptionType", "type": "string" - } - }, - "required": [ - "EventBusArn" - ], - "type": "object" - }, - "AWS::Events::Endpoint.FailoverConfig": { - "additionalProperties": false, - "properties": { - "Primary": { - "$ref": "#/definitions/AWS::Events::Endpoint.Primary", - "markdownDescription": "The main Region of the endpoint.", - "title": "Primary" }, - "Secondary": { - "$ref": "#/definitions/AWS::Events::Endpoint.Secondary", - "markdownDescription": "The Region that events are routed to when failover is triggered or event replication is enabled.", - "title": "Secondary" - } - }, - "required": [ - "Primary", - "Secondary" - ], - "type": "object" - }, - "AWS::Events::Endpoint.Primary": { - "additionalProperties": false, - "properties": { - "HealthCheck": { - "markdownDescription": "The ARN of the health check used by the endpoint to determine whether failover is triggered.", - "title": "HealthCheck", - "type": "string" - } - }, - "required": [ - "HealthCheck" - ], - "type": "object" - }, - "AWS::Events::Endpoint.ReplicationConfig": { - "additionalProperties": false, - "properties": { - "State": { - "markdownDescription": "The state of event replication.", - "title": "State", - "type": "string" - } - }, - "required": [ - "State" - ], - "type": "object" - }, - "AWS::Events::Endpoint.RoutingConfig": { - "additionalProperties": false, - "properties": { - "FailoverConfig": { - "$ref": "#/definitions/AWS::Events::Endpoint.FailoverConfig", - "markdownDescription": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.", - "title": "FailoverConfig" - } - }, - "required": [ - "FailoverConfig" - ], - "type": "object" - }, - "AWS::Events::Endpoint.Secondary": { - "additionalProperties": false, - "properties": { - "Route": { - "markdownDescription": "Defines the secondary Region.", - "title": "Route", + "KmsKey": { + "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", + "title": "KmsKey", "type": "string" } }, "required": [ - "Route" + "EncryptionType" ], "type": "object" }, - "AWS::Events::EventBus": { + "AWS::ECS::CapacityProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -96856,38 +104162,30 @@ "Properties": { "additionalProperties": false, "properties": { - "EventSourceName": { - "markdownDescription": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", - "title": "EventSourceName", - "type": "string" + "AutoScalingGroupProvider": { + "$ref": "#/definitions/AWS::ECS::CapacityProvider.AutoScalingGroupProvider", + "markdownDescription": "The Auto Scaling group settings for the capacity provider.", + "title": "AutoScalingGroupProvider" }, "Name": { - "markdownDescription": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", + "markdownDescription": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used.", "title": "Name", "type": "string" }, - "Policy": { - "markdownDescription": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", - "title": "Policy", - "type": "object" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to associate with the event bus.", + "markdownDescription": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::EventBus" + "AWS::ECS::CapacityProvider" ], "type": "string" }, @@ -96901,12 +104199,71 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Events::EventBusPolicy": { + "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { + "additionalProperties": false, + "properties": { + "AutoScalingGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.", + "title": "AutoScalingGroupArn", + "type": "string" + }, + "ManagedDraining": { + "markdownDescription": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.", + "title": "ManagedDraining", + "type": "string" + }, + "ManagedScaling": { + "$ref": "#/definitions/AWS::ECS::CapacityProvider.ManagedScaling", + "markdownDescription": "The managed scaling settings for the Auto Scaling group capacity provider.", + "title": "ManagedScaling" + }, + "ManagedTerminationProtection": { + "markdownDescription": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off.\n\n> When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. \n\nWhen managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* .\n\nWhen managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.", + "title": "ManagedTerminationProtection", + "type": "string" + } + }, + "required": [ + "AutoScalingGroupArn" + ], + "type": "object" + }, + "AWS::ECS::CapacityProvider.ManagedScaling": { + "additionalProperties": false, + "properties": { + "InstanceWarmupPeriod": { + "markdownDescription": "The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used.", + "title": "InstanceWarmupPeriod", + "type": "number" + }, + "MaximumScalingStepSize": { + "markdownDescription": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. If this parameter is omitted, the default value of `10000` is used.", + "title": "MaximumScalingStepSize", + "type": "number" + }, + "MinimumScalingStepSize": { + "markdownDescription": "The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used.\n\nWhen additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size.\n\nIf you use a capacity provider with an Auto Scaling group configured with more than one Amazon EC2 instance type or Availability Zone, Amazon ECS will scale up by the exact minimum scaling step size value and will ignore both the maximum scaling step size as well as the capacity demand.", + "title": "MinimumScalingStepSize", + "type": "number" + }, + "Status": { + "markdownDescription": "Determines whether to use managed scaling for the capacity provider.", + "title": "Status", + "type": "string" + }, + "TargetCapacity": { + "markdownDescription": "The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used.", + "title": "TargetCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -96941,45 +104298,275 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you are enabling the other account to perform.", - "title": "Action", + "CapacityProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n\nTo use a AWS Fargate capacity provider, specify either the `FARGATE` or `FARGATE_SPOT` capacity providers. The AWS Fargate capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n\nThe [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created.", + "title": "CapacityProviders", + "type": "array" + }, + "ClusterName": { + "markdownDescription": "A user-generated string that you use to identify your cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID for the name.", + "title": "ClusterName", "type": "string" }, - "Condition": { - "$ref": "#/definitions/AWS::Events::EventBusPolicy.Condition", - "markdownDescription": "This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization. For more information about AWS Organizations, see [What Is AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) in the *AWS Organizations User Guide* .\n\nIf you specify `Condition` with an AWS organization ID, and specify \"*\" as the value for `Principal` , you grant permission to all the accounts in the named organization.\n\nThe `Condition` is a JSON string which must contain `Type` , `Key` , and `Value` fields.", - "title": "Condition" + "ClusterSettings": { + "items": { + "$ref": "#/definitions/AWS::ECS::Cluster.ClusterSettings" + }, + "markdownDescription": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n\nContainer Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up.\n\nFor more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ClusterSettings", + "type": "array" }, - "EventBusName": { - "markdownDescription": "The name of the event bus associated with the rule. If you omit this, the default event bus is used.", - "title": "EventBusName", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ClusterConfiguration", + "markdownDescription": "The execute command and managed storage configuration for the cluster.", + "title": "Configuration" }, - "Principal": { - "markdownDescription": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify \"*\" to permit any account to put events to your default event bus.\n\nIf you specify \"*\" without specifying `Condition` , avoid creating rules that may match undesirable events. To create more secure rules, make sure that the event pattern for each rule contains an `account` field with a specific account ID from which to receive events. Rules with an account field do not match any events sent from other accounts.", - "title": "Principal", + "DefaultCapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::Cluster.CapacityProviderStrategyItem" + }, + "markdownDescription": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used.", + "title": "DefaultCapacityProviderStrategy", + "type": "array" + }, + "ServiceConnectDefaults": { + "$ref": "#/definitions/AWS::ECS::Cluster.ServiceConnectDefaults", + "markdownDescription": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the `enabled` parameter to `true` in the `ServiceConnectConfiguration` . You can set the namespace of each service individually in the `ServiceConnectConfiguration` to override this default parameter.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ServiceConnectDefaults" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ECS::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ECS::Cluster.CapacityProviderStrategyItem": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", + "type": "string" + }, + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ClusterConfiguration": { + "additionalProperties": false, + "properties": { + "ExecuteCommandConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandConfiguration", + "markdownDescription": "The details of the execute command configuration.", + "title": "ExecuteCommandConfiguration" + }, + "ManagedStorageConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ManagedStorageConfiguration", + "markdownDescription": "The details of the managed storage configuration.", + "title": "ManagedStorageConfiguration" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ClusterSettings": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the cluster setting. The value is `containerInsights` .", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value to set for the cluster setting. The supported values are `enhanced` , `enabled` , and `disabled` .\n\nTo use Container Insights with enhanced observability, set the `containerInsights` account setting to `enhanced` .\n\nTo use Container Insights, set the `containerInsights` account setting to `enabled` .\n\nIf a cluster value is specified, it will override the `containerInsights` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html) .", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ExecuteCommandConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "Specify an AWS Key Management Service key ID to encrypt the data between the local client and the container.", + "title": "KmsKeyId", + "type": "string" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandLogConfiguration", + "markdownDescription": "The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When `logging=OVERRIDE` is specified, a `logConfiguration` must be provided.", + "title": "LogConfiguration" + }, + "Logging": { + "markdownDescription": "The log setting to use for redirecting logs for your execute command results. The following log settings are available.\n\n- `NONE` : The execute command session is not logged.\n- `DEFAULT` : The `awslogs` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no `awslogs` log driver is configured in the task definition, the output won't be logged.\n- `OVERRIDE` : Specify the logging details as a part of `logConfiguration` . If the `OVERRIDE` logging option is specified, the `logConfiguration` is required.", + "title": "Logging", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ExecuteCommandLogConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchEncryptionEnabled": { + "markdownDescription": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off.", + "title": "CloudWatchEncryptionEnabled", + "type": "boolean" + }, + "CloudWatchLogGroupName": { + "markdownDescription": "The name of the CloudWatch log group to send logs to.\n\n> The CloudWatch log group must already be created.", + "title": "CloudWatchLogGroupName", + "type": "string" + }, + "S3BucketName": { + "markdownDescription": "The name of the S3 bucket to send logs to.\n\n> The S3 bucket must already be created.", + "title": "S3BucketName", + "type": "string" + }, + "S3EncryptionEnabled": { + "markdownDescription": "Determines whether to use encryption on the S3 logs. If not specified, encryption is not used.", + "title": "S3EncryptionEnabled", + "type": "boolean" + }, + "S3KeyPrefix": { + "markdownDescription": "An optional folder in the S3 bucket to place logs in.", + "title": "S3KeyPrefix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ManagedStorageConfiguration": { + "additionalProperties": false, + "properties": { + "FargateEphemeralStorageKmsKeyId": { + "markdownDescription": "Specify the AWS Key Management Service key ID for Fargate ephemeral storage.\n\nWhen you specify a `fargateEphemeralStorageKmsKeyId` , AWS Fargate uses the key to encrypt data at rest in ephemeral storage. For more information about Fargate ephemeral storage encryption, see [Customer managed keys for AWS Fargate ephemeral storage for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/fargate-storage-encryption.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe key must be a single Region key.", + "title": "FargateEphemeralStorageKmsKeyId", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "Specify a AWS Key Management Service key ID to encrypt Amazon ECS managed storage.\n\nWhen you specify a `kmsKeyId` , Amazon ECS uses the key to encrypt data volumes managed by Amazon ECS that are attached to tasks in the cluster. The following data volumes are managed by Amazon ECS: Amazon EBS. For more information about encryption of Amazon EBS volumes attached to Amazon ECS tasks, see [Encrypt data stored in Amazon EBS volumes for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe key must be a single Region key.", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Cluster.ServiceConnectDefaults": { + "additionalProperties": false, + "properties": { + "Namespace": { + "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include greater than (>), less than (<), double quotation marks (\"), or slash (/).\n\nIf you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region.\n\nIf you enter a new name, a AWS Cloud Map namespace will be created. Amazon ECS creates a AWS Cloud Map namespace with the \"API calls\" method of instance discovery only. This instance discovery method is the \"HTTP\" namespace type in the AWS Command Line Interface . Other types of instance discovery aren't used by Service Connect.\n\nIf you update the cluster with an empty string `\"\"` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in AWS Cloud Map and must be deleted separately.\n\nFor more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", + "title": "Namespace", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::ClusterCapacityProviderAssociations": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, - "Statement": { - "markdownDescription": "A JSON string that describes the permission policy statement. You can include a `Policy` parameter in the request instead of using the `StatementId` , `Action` , `Principal` , or `Condition` parameters.", - "title": "Statement", - "type": "object" + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CapacityProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "The capacity providers to associate with the cluster.", + "title": "CapacityProviders", + "type": "array" }, - "StatementId": { - "markdownDescription": "An identifier string for the external account that you are granting permissions to. If you later want to revoke the permission for this external account, specify this `StatementId` when you run [RemovePermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html) .\n\n> Each `StatementId` must be unique.", - "title": "StatementId", + "Cluster": { + "markdownDescription": "The cluster the capacity provider association is the target of.", + "title": "Cluster", "type": "string" + }, + "DefaultCapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy" + }, + "markdownDescription": "The default capacity provider strategy to associate with the cluster.", + "title": "DefaultCapacityProviderStrategy", + "type": "array" } }, "required": [ - "StatementId" + "CapacityProviders", + "Cluster", + "DefaultCapacityProviderStrategy" ], "type": "object" }, "Type": { "enum": [ - "AWS::Events::EventBusPolicy" + "AWS::ECS::ClusterCapacityProviderAssociations" ], "type": "string" }, @@ -96998,28 +104585,110 @@ ], "type": "object" }, - "AWS::Events::EventBusPolicy.Condition": { + "AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Specifies the key for the condition. Currently the only supported key is `aws:PrincipalOrgID` .", - "title": "Key", + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", + "type": "string" + }, + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "CapacityProvider" + ], + "type": "object" + }, + "AWS::ECS::PrimaryTaskSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service that the task set exists in.", + "title": "Cluster", + "type": "string" + }, + "Service": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service that the task set exists in.", + "title": "Service", + "type": "string" + }, + "TaskSetId": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the task set to set as the primary task set in the deployment.", + "title": "TaskSetId", + "type": "string" + } + }, + "required": [ + "Cluster", + "Service", + "TaskSetId" + ], + "type": "object" + }, "Type": { - "markdownDescription": "Specifies the type of condition. Currently the only supported value is `StringEquals` .", - "title": "Type", + "enum": [ + "AWS::ECS::PrimaryTaskSet" + ], "type": "string" }, - "Value": { - "markdownDescription": "Specifies the value for the key. Currently, this must be the ID of the organization.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Events::Rule": { + "AWS::ECS::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -97054,47 +104723,153 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the rule.", - "title": "Description", + "AvailabilityZoneRebalancing": { + "markdownDescription": "Indicates whether to use Availability Zone rebalancing for the service.\n\nFor more information, see [Balancing an Amazon ECS service across Availability Zones](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-rebalancing.html) in the **Amazon Elastic Container Service Developer Guide** .", + "title": "AvailabilityZoneRebalancing", "type": "string" }, - "EventBusName": { - "markdownDescription": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.", - "title": "EventBusName", + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy can contain a maximum of 20 capacity providers.\n\n> To remove this property from your service resource, specify an empty `CapacityProviderStrategyItem` array.", + "title": "CapacityProviderStrategy", + "type": "array" + }, + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", + "title": "Cluster", "type": "string" }, - "EventPattern": { - "markdownDescription": "The event pattern of the rule. For more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the **Amazon EventBridge User Guide** .", - "title": "EventPattern", - "type": "object" + "DeploymentConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentConfiguration", + "markdownDescription": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", + "title": "DeploymentConfiguration" }, - "Name": { - "markdownDescription": "The name of the rule.", - "title": "Name", + "DeploymentController": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentController", + "markdownDescription": "The deployment controller to use for the service.", + "title": "DeploymentController" + }, + "DesiredCount": { + "markdownDescription": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", + "title": "DesiredCount", + "type": "number" + }, + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you must set the `propagateTags` request parameter.", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "HealthCheckGracePeriodSeconds": { + "markdownDescription": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of `0` is used. If you don't use any of the health checks, then `healthCheckGracePeriodSeconds` is unused.\n\nIf your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", + "title": "HealthCheckGracePeriodSeconds", + "type": "number" + }, + "LaunchType": { + "markdownDescription": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", - "title": "RoleArn", + "LoadBalancers": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.LoadBalancer" + }, + "markdownDescription": "A list of load balancer objects to associate with the service. If you specify the `Role` property, `LoadBalancers` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> To remove this property from your service resource, specify an empty `LoadBalancer` array.", + "title": "LoadBalancers", + "type": "array" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.NetworkConfiguration", + "markdownDescription": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.PlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.\n\n> To remove this property from your service resource, specify an empty `PlacementConstraint` array.", + "title": "PlacementConstraints", + "type": "array" + }, + "PlacementStrategies": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.PlacementStrategy" + }, + "markdownDescription": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.\n\n> To remove this property from your service resource, specify an empty `PlacementStrategy` array.", + "title": "PlacementStrategies", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", - "title": "ScheduleExpression", + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n\nYou must set this to a value other than `NONE` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe default is `NONE` .", + "title": "PropagateTags", "type": "string" }, - "State": { - "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the **Amazon EventBridge User Guide** .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", - "title": "State", + "Role": { + "markdownDescription": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the `awsvpc` network mode. If you specify the `role` parameter, you must also specify a load balancer object with the `loadBalancers` parameter.\n\n> If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the `awsvpc` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nIf your specified role has a path other than `/` , then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` then you would specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", + "title": "Role", "type": "string" }, - "Targets": { + "SchedulingStrategy": { + "markdownDescription": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nThere are two service scheduler strategies available:\n\n- `REPLICA` -The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the `CODE_DEPLOY` or `EXTERNAL` deployment controller types.\n- `DAEMON` -The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n\n> Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy.", + "title": "SchedulingStrategy", + "type": "string" + }, + "ServiceConnectConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectConfiguration", + "markdownDescription": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ServiceConnectConfiguration" + }, + "ServiceName": { + "markdownDescription": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n\n> The stack update fails if you change any properties that require replacement and the `ServiceName` is configured. This is because AWS CloudFormation creates the replacement service first, but each `ServiceName` must be unique in the cluster.", + "title": "ServiceName", + "type": "string" + }, + "ServiceRegistries": { "items": { - "$ref": "#/definitions/AWS::Events::Rule.Target" + "$ref": "#/definitions/AWS::ECS::Service.ServiceRegistry" }, - "markdownDescription": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the **Amazon EventBridge User Guide** .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the **Amazon EventBridge User Guide** .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code.", - "title": "Targets", + "markdownDescription": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .\n\n> Each service may be associated with one service registry. Multiple service registries for each service isn't supported. > To remove this property from your service resource, specify an empty `ServiceRegistry` array.", + "title": "ServiceRegistries", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", + "title": "Tags", + "type": "array" + }, + "TaskDefinition": { + "markdownDescription": "The `family` and `revision` ( `family:revision` ) or full ARN of the task definition to run in your service. If a `revision` isn't specified, the latest `ACTIVE` revision is used.\n\nA task definition must be specified if the service uses either the `ECS` or `CODE_DEPLOY` deployment controllers.\n\nFor more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) .", + "title": "TaskDefinition", + "type": "string" + }, + "VolumeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceVolumeConfiguration" + }, + "markdownDescription": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.\n\n> To remove this property from your service resource, specify an empty `ServiceVolumeConfiguration` array.", + "title": "VolumeConfigurations", + "type": "array" + }, + "VpcLatticeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.VpcLatticeConfiguration" + }, + "markdownDescription": "The VPC Lattice configuration for the service being created.", + "title": "VpcLatticeConfigurations", "type": "array" } }, @@ -97102,7 +104877,7 @@ }, "Type": { "enum": [ - "AWS::Events::Rule" + "AWS::ECS::Service" ], "type": "string" }, @@ -97120,25 +104895,40 @@ ], "type": "object" }, - "AWS::Events::Rule.AppSyncParameters": { + "AWS::ECS::Service.AdvancedConfiguration": { "additionalProperties": false, "properties": { - "GraphQLOperation": { - "markdownDescription": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.\n\nFor more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* .", - "title": "GraphQLOperation", + "AlternateTargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alternate target group for Amazon ECS blue/green deployments.", + "title": "AlternateTargetGroupArn", + "type": "string" + }, + "ProductionListenerRule": { + "markdownDescription": "The Amazon Resource Name (ARN) that that identifies the production listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing production traffic.", + "title": "ProductionListenerRule", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call the Elastic Load Balancing APIs for you.", + "title": "RoleArn", + "type": "string" + }, + "TestListenerRule": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies ) that identifies the test listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing test traffic.", + "title": "TestListenerRule", "type": "string" } }, "required": [ - "GraphQLOperation" + "AlternateTargetGroupArn" ], "type": "object" }, - "AWS::Events::Rule.AwsVpcConfiguration": { + "AWS::ECS::Service.AwsVpcConfiguration": { "additionalProperties": false, "properties": { "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", "title": "AssignPublicIp", "type": "string" }, @@ -97146,7 +104936,7 @@ "items": { "type": "string" }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", "title": "SecurityGroups", "type": "array" }, @@ -97154,559 +104944,659 @@ "items": { "type": "string" }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", "title": "Subnets", "type": "array" } }, - "required": [ - "Subnets" - ], "type": "object" }, - "AWS::Events::Rule.BatchArrayProperties": { + "AWS::ECS::Service.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.", - "title": "Size", + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", + "type": "string" + }, + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", "type": "number" } }, "type": "object" }, - "AWS::Events::Rule.BatchParameters": { + "AWS::ECS::Service.DeploymentAlarms": { "additionalProperties": false, "properties": { - "ArrayProperties": { - "$ref": "#/definitions/AWS::Events::Rule.BatchArrayProperties", - "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", - "title": "ArrayProperties" - }, - "JobDefinition": { - "markdownDescription": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.", - "title": "JobDefinition", - "type": "string" + "AlarmNames": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more CloudWatch alarm names. Use a \",\" to separate the alarms.", + "title": "AlarmNames", + "type": "array" }, - "JobName": { - "markdownDescription": "The name to use for this execution of the job, if the target is an AWS Batch job.", - "title": "JobName", - "type": "string" + "Enable": { + "markdownDescription": "Determines whether to use the CloudWatch alarm option in the service deployment process.", + "title": "Enable", + "type": "boolean" }, - "RetryStrategy": { - "$ref": "#/definitions/AWS::Events::Rule.BatchRetryStrategy", - "markdownDescription": "The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1\u201310. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition.", - "title": "RetryStrategy" + "Rollback": { + "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", + "title": "Rollback", + "type": "boolean" } }, "required": [ - "JobDefinition", - "JobName" + "AlarmNames", + "Enable", + "Rollback" ], "type": "object" }, - "AWS::Events::Rule.BatchRetryStrategy": { + "AWS::ECS::Service.DeploymentCircuitBreaker": { "additionalProperties": false, "properties": { - "Attempts": { - "markdownDescription": "The number of times to attempt to retry, if the job fails. Valid values are 1\u201310.", - "title": "Attempts", - "type": "number" + "Enable": { + "markdownDescription": "Determines whether to use the deployment circuit breaker logic for the service.", + "title": "Enable", + "type": "boolean" + }, + "Rollback": { + "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", + "title": "Rollback", + "type": "boolean" } }, + "required": [ + "Enable", + "Rollback" + ], "type": "object" }, - "AWS::Events::Rule.CapacityProviderStrategyItem": { + "AWS::ECS::Service.DeploymentConfiguration": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", - "title": "Base", + "Alarms": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentAlarms", + "markdownDescription": "Information about the CloudWatch alarms.", + "title": "Alarms" + }, + "BakeTimeInMinutes": { + "markdownDescription": "The duration when both blue and green service revisions are running simultaneously after the production traffic has shifted.\n\nThe following rules apply when you don't specify a value:\n\n- For rolling deployments, the value is set to 3 hours (180 minutes).\n- When you use an external deployment controller ( `EXTERNAL` ), or the CodeDeploy blue/green deployment controller ( `CODE_DEPLOY` ), the value is set to 3 hours (180 minutes).\n- For all other cases, the value is set to 36 hours (2160 minutes).", + "title": "BakeTimeInMinutes", "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" + "DeploymentCircuitBreaker": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentCircuitBreaker", + "markdownDescription": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", + "title": "DeploymentCircuitBreaker" }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", + "LifecycleHooks": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.DeploymentLifecycleHook" + }, + "markdownDescription": "An array of deployment lifecycle hook objects to run custom logic at specific stages of the deployment lifecycle.", + "title": "LifecycleHooks", + "type": "array" + }, + "MaximumPercent": { + "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nThe Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `maximumPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf the service uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service.", + "title": "MaximumPercent", + "type": "number" + }, + "MinimumHealthyPercent": { + "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nIf any tasks are unhealthy and if `maximumPercent` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one \u2014 using the `minimumHealthyPercent` as a constraint \u2014 to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state.\n\n> You can't specify a custom `minimumHealthyPercent` value for a service that uses either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and has tasks that use the EC2 launch type. \n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", + "title": "MinimumHealthyPercent", "type": "number" + }, + "Strategy": { + "markdownDescription": "The deployment strategy for the service. Choose from these valid values:\n\n- `ROLLING` - When you create a service which uses the rolling update ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n- `BLUE_GREEN` - A blue/green deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.", + "title": "Strategy", + "type": "string" } }, - "required": [ - "CapacityProvider" - ], "type": "object" }, - "AWS::Events::Rule.DeadLetterConfig": { + "AWS::ECS::Service.DeploymentController": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", - "title": "Arn", + "Type": { + "markdownDescription": "The deployment controller type to use.\n\nThe deployment controller is the mechanism that determines how tasks are deployed for your service. The valid options are:\n\n- ECS\n\nWhen you create a service which uses the `ECS` deployment controller, you can choose between the following deployment strategies:\n\n- `ROLLING` : When you create a service which uses the *rolling update* ( `ROLLING` ) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration.\n\nRolling update deployments are best suited for the following scenarios:\n\n- Gradual service updates: You need to update your service incrementally without taking the entire service offline at once.\n- Limited resource requirements: You want to avoid the additional resource costs of running two complete environments simultaneously (as required by blue/green deployments).\n- Acceptable deployment time: Your application can tolerate a longer deployment process, as rolling updates replace tasks one by one.\n- No need for instant roll back: Your service can tolerate a rollback process that takes minutes rather than seconds.\n- Simple deployment process: You prefer a straightforward deployment approach without the complexity of managing multiple environments, target groups, and listeners.\n- No load balancer requirement: Your service doesn't use or require a load balancer, Application Load Balancer , Network Load Balancer , or Service Connect (which are required for blue/green deployments).\n- Stateful applications: Your application maintains state that makes it difficult to run two parallel environments.\n- Cost sensitivity: You want to minimize deployment costs by not running duplicate environments during deployment.\n\nRolling updates are the default deployment strategy for services and provide a balance between deployment safety and resource efficiency for many common application scenarios.\n- `BLUE_GREEN` : A *blue/green* deployment strategy ( `BLUE_GREEN` ) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed.\n\nAmazon ECS blue/green deployments are best suited for the following scenarios:\n\n- Service validation: When you need to validate new service revisions before directing production traffic to them\n- Zero downtime: When your service requires zero-downtime deployments\n- Instant roll back: When you need the ability to quickly roll back if issues are detected\n- Load balancer requirement: When your service uses Application Load Balancer , Network Load Balancer , or Service Connect\n- External\n\nUse a third-party deployment controller.\n- Blue/green deployment (powered by CodeDeploy )\n\nCodeDeploy installs an updated version of the application as a new replacement task set and reroutes production traffic from the original application task set to the replacement task set. The original task set is terminated after a successful deployment. Use this deployment controller to verify a new deployment of a service before sending production traffic to it.\n\nWhen updating the deployment controller for a service, consider the following depending on the type of migration you're performing.\n\n- If you have a template that contains the `EXTERNAL` deployment controller information as well as `TaskSet` and `PrimaryTaskSet` resources, and you remove the task set resources from the template when updating from `EXTERNAL` to `ECS` , the `DescribeTaskSet` and `DeleteTaskSet` API calls will return a 400 error after the deployment controller is updated to `ECS` . This results in a delete failure on the task set resources, even though the stack transitions to `UPDATE_COMPLETE` status. For more information, see [Resource removed from stack but not deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html#troubleshooting-errors-resource-removed-not-deleted) in the AWS CloudFormation User Guide. To fix this issue, delete the task sets directly using the Amazon ECS `DeleteTaskSet` API. For more information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference.\n- If you're migrating from `CODE_DEPLOY` to `ECS` with a new task definition and AWS CloudFormation performs a rollback operation, the Amazon ECS `UpdateService` request fails with the following error:\n\nResource handler returned message: \"Invalid request provided: Unable to update task definition on services with a CODE_DEPLOY deployment controller.\n- After a successful migration from `ECS` to `EXTERNAL` deployment controller, you need to manually remove the `ACTIVE` task set, because Amazon ECS no longer manages the deployment. For information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the Amazon Elastic Container Service API Reference.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.EcsParameters": { + "AWS::ECS::Service.DeploymentLifecycleHook": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", - "title": "CapacityProviderStrategy", - "type": "array" - }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "EnableECSManagedTags", - "type": "boolean" - }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", - "type": "boolean" - }, - "Group": { - "markdownDescription": "Specifies an ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", - "type": "string" - }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", + "HookTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the hook target. Currently, only Lambda function ARNs are supported.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "title": "HookTargetArn", "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Events::Rule.NetworkConfiguration", - "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", - "title": "NetworkConfiguration" - }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", - "type": "array" - }, - "PlacementStrategies": { + "LifecycleStages": { "items": { - "$ref": "#/definitions/AWS::Events::Rule.PlacementStrategy" + "type": "string" }, - "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", - "title": "PlacementStrategies", + "markdownDescription": "The lifecycle stages at which to run the hook. Choose from these valid values:\n\n- RECONCILE_SERVICE\n\nThe reconciliation stage that only happens when you start a new service deployment with more than 1 service revision in an ACTIVE state.\n\nYou can use a lifecycle hook for this stage.\n- PRE_SCALE_UP\n\nThe green service revision has not started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_SCALE_UP\n\nThe green service revision has started. The blue service revision is handling 100% of the production traffic. There is no test traffic.\n\nYou can use a lifecycle hook for this stage.\n- TEST_TRAFFIC_SHIFT\n\nThe blue and green service revisions are running. The blue service revision handles 100% of the production traffic. The green service revision is migrating from 0% to 100% of test traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_TEST_TRAFFIC_SHIFT\n\nThe test traffic shift is complete. The green service revision handles 100% of the test traffic.\n\nYou can use a lifecycle hook for this stage.\n- PRODUCTION_TRAFFIC_SHIFT\n\nProduction traffic is shifting to the green service revision. The green service revision is migrating from 0% to 100% of production traffic.\n\nYou can use a lifecycle hook for this stage.\n- POST_PRODUCTION_TRAFFIC_SHIFT\n\nThe production traffic shift is complete.\n\nYou can use a lifecycle hook for this stage.\n\nYou must provide this parameter when configuring a deployment lifecycle hook.", + "title": "LifecycleStages", "type": "array" }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call Lambda functions on your behalf.\n\nFor more information, see [Permissions required for Lambda functions in Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/blue-green-permissions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RoleArn", "type": "string" - }, + } + }, + "required": [ + "HookTargetArn", + "LifecycleStages", + "RoleArn" + ], + "type": "object" + }, + "AWS::ECS::Service.EBSTagSpecification": { + "additionalProperties": false, + "properties": { "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action.", + "markdownDescription": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", "title": "PropagateTags", "type": "string" }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", + "ResourceType": { + "markdownDescription": "The type of volume resource.", + "title": "ResourceType", "type": "string" }, - "TagList": { + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", - "title": "TagList", + "markdownDescription": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used.", + "title": "Tags", "type": "array" - }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", - "title": "TaskCount", - "type": "number" - }, - "TaskDefinitionArn": { - "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", - "type": "string" } }, "required": [ - "TaskDefinitionArn" + "ResourceType" ], "type": "object" }, - "AWS::Events::Rule.HttpParameters": { + "AWS::ECS::Service.LoadBalancer": { "additionalProperties": false, "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" + "AdvancedConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.AdvancedConfiguration", + "markdownDescription": "The advanced settings for the load balancer used in blue/green deployments. Specify the alternate target group, listener rules, and IAM role required for traffic shifting during blue/green deployments.", + "title": "AdvancedConfiguration" }, - "PathParameterValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", - "type": "array" + "ContainerName": { + "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", + "title": "ContainerName", + "type": "string" }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", - "type": "object" + "ContainerPort": { + "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", + "title": "ContainerPort", + "type": "number" + }, + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", + "title": "LoadBalancerName", + "type": "string" + }, + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", + "title": "TargetGroupArn", + "type": "string" } }, "type": "object" }, - "AWS::Events::Rule.InputTransformer": { + "AWS::ECS::Service.LogConfiguration": { "additionalProperties": false, "properties": { - "InputPathsMap": { + "LogDriver": { + "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", + "title": "LogDriver", + "type": "string" + }, + "Options": { "additionalProperties": true, - "markdownDescription": "Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target.\n\n`InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation.\n\nThe keys cannot start with \" AWS .\"", + "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, - "title": "InputPathsMap", + "title": "Options", "type": "object" }, - "InputTemplate": { - "markdownDescription": "Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: < *value* >\n\nIf `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply:\n\n- The placeholder cannot be used as an object key.\n\nThe following example shows the syntax for using `InputPathsMap` and `InputTemplate` .\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \"`\n\n`}`\n\nTo have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \\\"\\\"\"`\n\n`}`\n\nThe `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": '{\"myInstance\": ,\"myStatus\": \" is in state \\\"\\\"\"}'`\n\n`}`", - "title": "InputTemplate", - "type": "string" - } - }, - "required": [ - "InputTemplate" - ], - "type": "object" - }, - "AWS::Events::Rule.KinesisParameters": { - "additionalProperties": false, - "properties": { - "PartitionKeyPath": { - "markdownDescription": "The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* .", - "title": "PartitionKeyPath", - "type": "string" + "SecretOptions": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.Secret" + }, + "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "SecretOptions", + "type": "array" } }, - "required": [ - "PartitionKeyPath" - ], "type": "object" }, - "AWS::Events::Rule.NetworkConfiguration": { + "AWS::ECS::Service.NetworkConfiguration": { "additionalProperties": false, "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AWS::Events::Rule.AwsVpcConfiguration", - "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", - "title": "AwsVpcConfiguration" + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.AwsVpcConfiguration", + "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", + "title": "AwsvpcConfiguration" } }, "type": "object" }, - "AWS::Events::Rule.PlacementConstraint": { + "AWS::ECS::Service.PlacementConstraint": { "additionalProperties": false, "properties": { "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", + "markdownDescription": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "Expression", "type": "string" }, "Type": { - "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", + "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Events::Rule.PlacementStrategy": { + "AWS::ECS::Service.PlacementStrategy": { "additionalProperties": false, "properties": { "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", + "markdownDescription": "The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host` , which has the same effect), or any platform or custom attribute that's applied to a container instance, such as `attribute:ecs.availability-zone` . For the `binpack` placement strategy, valid values are `cpu` and `memory` . For the `random` placement strategy, this field is not used.", "title": "Field", "type": "string" }, "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "markdownDescription": "The type of placement strategy. The `random` placement strategy randomly places tasks on available candidates. The `spread` placement strategy spreads placement across available candidates evenly based on the `field` parameter. The `binpack` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the `field` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.", "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Events::Rule.RedshiftDataParameters": { + "AWS::ECS::Service.Secret": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", - "title": "Database", - "type": "string" - }, - "DbUser": { - "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", - "title": "DbUser", - "type": "string" - }, - "SecretManagerArn": { - "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager.", - "title": "SecretManagerArn", - "type": "string" - }, - "Sql": { - "markdownDescription": "The SQL statement text to run.", - "title": "Sql", + "Name": { + "markdownDescription": "The name of the secret.", + "title": "Name", "type": "string" }, - "Sqls": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back.", - "title": "Sqls", - "type": "array" - }, - "StatementName": { - "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", - "title": "StatementName", + "ValueFrom": { + "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", + "title": "ValueFrom", "type": "string" - }, - "WithEvent": { - "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", - "title": "WithEvent", - "type": "boolean" } }, "required": [ - "Database" + "Name", + "ValueFrom" ], "type": "object" }, - "AWS::Events::Rule.RetryPolicy": { + "AWS::ECS::Service.ServiceConnectClientAlias": { "additionalProperties": false, "properties": { - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", - "title": "MaximumEventAgeInSeconds", - "type": "number" + "DnsName": { + "markdownDescription": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "DnsName", + "type": "string" }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met.", - "title": "MaximumRetryAttempts", + "Port": { + "markdownDescription": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Port", "type": "number" + }, + "TestTrafficRules": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRules", + "markdownDescription": "The configuration for test traffic routing rules used during blue/green deployments with Amazon ECS Service Connect. This allows you to route a portion of traffic to the new service revision of your service for testing before shifting all production traffic.", + "title": "TestTrafficRules" } }, + "required": [ + "Port" + ], "type": "object" }, - "AWS::Events::Rule.RunCommandParameters": { + "AWS::ECS::Service.ServiceConnectConfiguration": { "additionalProperties": false, "properties": { - "RunCommandTargets": { + "Enabled": { + "markdownDescription": "Specifies whether to use Service Connect with this service.", + "title": "Enabled", + "type": "boolean" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::Service.LogConfiguration", + "markdownDescription": "The log configuration for the container. This parameter maps to `LogConfig` in the docker container create command and the `--log-driver` option to docker run.\n\nBy default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.\n\nUnderstand the following when specifying a log configuration for your containers.\n\n- Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n- This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.\n- For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .\n- For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.", + "title": "LogConfiguration" + }, + "Namespace": { + "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", + "title": "Namespace", + "type": "string" + }, + "Services": { "items": { - "$ref": "#/definitions/AWS::Events::Rule.RunCommandTarget" + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectService" }, - "markdownDescription": "Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag.", - "title": "RunCommandTargets", + "markdownDescription": "The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service.\n\nThis field is not required for a \"client\" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means.\n\nAn object selects a port from the task definition, assigns a name for the AWS Cloud Map service, and a list of aliases (endpoints) and ports for client applications to refer to this service.", + "title": "Services", "type": "array" } }, "required": [ - "RunCommandTargets" + "Enabled" ], "type": "object" }, - "AWS::Events::Rule.RunCommandTarget": { + "AWS::ECS::Service.ServiceConnectService": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Can be either `tag:` *tag-key* or `InstanceIds` .", - "title": "Key", - "type": "string" - }, - "Values": { + "ClientAliases": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectClientAlias" }, - "markdownDescription": "If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs.", - "title": "Values", + "markdownDescription": "The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1.\n\nEach alias (\"endpoint\") is a fully-qualified name and port number that other Amazon ECS tasks (\"clients\") can use to connect to this service.\n\nEach name and port mapping must be unique within the namespace.\n\nFor each `ServiceConnectService` , you must provide at least one `clientAlias` with one `port` .", + "title": "ClientAliases", "type": "array" + }, + "DiscoveryName": { + "markdownDescription": "The `discoveryName` is the name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the AWS Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n\nIf the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .", + "title": "DiscoveryName", + "type": "string" + }, + "IngressPortOverride": { + "markdownDescription": "The port number for the Service Connect proxy to listen on.\n\nUse the value of this field to bypass the proxy for traffic on the port number specified in the named `portMapping` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service.\n\nIn `awsvpc` mode and Fargate, the default value is the container port number. The container port number is in the `portMapping` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy.", + "title": "IngressPortOverride", + "type": "number" + }, + "PortName": { + "markdownDescription": "The `portName` must match the name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service.", + "title": "PortName", + "type": "string" + }, + "Timeout": { + "$ref": "#/definitions/AWS::ECS::Service.TimeoutConfiguration", + "markdownDescription": "A reference to an object that represents the configured timeouts for Service Connect.", + "title": "Timeout" + }, + "Tls": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsConfiguration", + "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) configuration.", + "title": "Tls" } }, "required": [ - "Key", - "Values" + "PortName" ], "type": "object" }, - "AWS::Events::Rule.SageMakerPipelineParameter": { + "AWS::ECS::Service.ServiceConnectTestTrafficRules": { + "additionalProperties": false, + "properties": { + "Header": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRulesHeader", + "markdownDescription": "The HTTP header-based routing rules that determine which requests should be routed to the new service version during blue/green deployment testing. These rules provide fine-grained control over test traffic routing based on request headers.", + "title": "Header" + } + }, + "required": [ + "Header" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTestTrafficRulesHeader": { "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "markdownDescription": "", "title": "Name", "type": "string" }, "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Value", - "type": "string" + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTestTrafficRulesHeaderValue", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "Name", - "Value" + "Name" ], "type": "object" }, - "AWS::Events::Rule.SageMakerPipelineParameters": { + "AWS::ECS::Service.ServiceConnectTestTrafficRulesHeaderValue": { "additionalProperties": false, "properties": { - "PipelineParameterList": { - "items": { - "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameter" - }, - "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", - "title": "PipelineParameterList", - "type": "array" + "Exact": { + "markdownDescription": "", + "title": "Exact", + "type": "string" } }, + "required": [ + "Exact" + ], "type": "object" }, - "AWS::Events::Rule.SqsParameters": { + "AWS::ECS::Service.ServiceConnectTlsCertificateAuthority": { "additionalProperties": false, "properties": { - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", + "AwsPcaAuthorityArn": { + "markdownDescription": "The ARN of the AWS Private Certificate Authority certificate.", + "title": "AwsPcaAuthorityArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.ServiceConnectTlsConfiguration": { + "additionalProperties": false, + "properties": { + "IssuerCertificateAuthority": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsCertificateAuthority", + "markdownDescription": "The signer certificate authority.", + "title": "IssuerCertificateAuthority" + }, + "KmsKey": { + "markdownDescription": "The AWS Key Management Service key.", + "title": "KmsKey", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS.", + "title": "RoleArn", "type": "string" } }, "required": [ - "MessageGroupId" + "IssuerCertificateAuthority" ], "type": "object" }, - "AWS::Events::Rule.Target": { + "AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration": { "additionalProperties": false, "properties": { - "AppSyncParameters": { - "$ref": "#/definitions/AWS::Events::Rule.AppSyncParameters", - "markdownDescription": "Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API.", - "title": "AppSyncParameters" + "Encrypted": { + "markdownDescription": "Indicates whether the volume should be encrypted. If you turn on Region-level Amazon EBS encryption by default but set this value as `false` , the setting is overridden and the volume is encrypted with the KMS key specified for Amazon EBS encryption by default. This parameter maps 1:1 with the `Encrypted` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "Encrypted", + "type": "boolean" }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target.", - "title": "Arn", + "FilesystemType": { + "markdownDescription": "The filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the tasks will fail to start.\n\nThe available Linux filesystem types are `ext3` , `ext4` , and `xfs` . If no value is specified, the `xfs` filesystem type is used by default.\n\nThe available Windows filesystem types are `NTFS` .", + "title": "FilesystemType", "type": "string" }, - "BatchParameters": { - "$ref": "#/definitions/AWS::Events::Rule.BatchParameters", - "markdownDescription": "If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* .", - "title": "BatchParameters" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type.\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nThis parameter is required for `io1` and `io2` volume types. The default for `gp3` volumes is `3,000 IOPS` . This parameter is not supported for `st1` , `sc1` , or `standard` volume types.\n\nThis parameter maps 1:1 with the `Iops` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "Iops", + "type": "number" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Events::Rule.DeadLetterConfig", - "markdownDescription": "The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When a key is specified using this parameter, it overrides Amazon EBS default encryption or any KMS key that you specified for cluster-level managed storage encryption. This parameter maps 1:1 with the `KmsKeyId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information about encrypting Amazon EBS volumes attached to tasks, see [Encrypt data stored in Amazon EBS volumes attached to Amazon ECS tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) .\n\n> AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails.", + "title": "KmsKeyId", + "type": "string" }, - "EcsParameters": { - "$ref": "#/definitions/AWS::Events::Rule.EcsParameters", - "markdownDescription": "Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* .", - "title": "EcsParameters" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed `AmazonECSInfrastructureRolePolicyForVolumes` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide* .", + "title": "RoleArn", + "type": "string" }, - "HttpParameters": { - "$ref": "#/definitions/AWS::Events::Rule.HttpParameters", - "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", - "title": "HttpParameters" + "SizeInGiB": { + "markdownDescription": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the `Size` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\nThe following are the supported volume size values for each volume type.\n\n- `gp2` and `gp3` : 1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024", + "title": "SizeInGiB", + "type": "number" }, - "Id": { - "markdownDescription": "The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string.", - "title": "Id", + "SnapshotId": { + "markdownDescription": "The snapshot that Amazon ECS uses to create volumes for attachment to tasks maintained by the service. You must specify either `snapshotId` or `sizeInGiB` in your volume configuration. This parameter maps 1:1 with the `SnapshotId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "SnapshotId", "type": "string" }, - "Input": { - "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .", - "title": "Input", - "type": "string" + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::ECS::Service.EBSTagSpecification" + }, + "markdownDescription": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the `TagSpecifications.N` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", + "title": "TagSpecifications", + "type": "array" }, - "InputPath": { - "markdownDescription": "The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) .", - "title": "InputPath", + "Throughput": { + "markdownDescription": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the `Throughput` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\n> This parameter is only supported for the `gp3` volume type.", + "title": "Throughput", + "type": "number" + }, + "VolumeInitializationRate": { + "markdownDescription": "The rate, in MiB/s, at which data is fetched from a snapshot of an existing EBS volume to create new volumes for attachment to the tasks maintained by the service. This property can be specified only if you specify a `snapshotId` . For more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EBS User Guide* .", + "title": "VolumeInitializationRate", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. This parameter maps 1:1 with the `VolumeType` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide* .\n\nThe following are the supported volume types.\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\n> The magnetic volume type is not supported on Fargate.", + "title": "VolumeType", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::ECS::Service.ServiceRegistry": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerName", "type": "string" }, - "InputTransformer": { - "$ref": "#/definitions/AWS::Events::Rule.InputTransformer", - "markdownDescription": "Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target.", - "title": "InputTransformer" + "ContainerPort": { + "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerPort", + "type": "number" }, - "KinesisParameters": { - "$ref": "#/definitions/AWS::Events::Rule.KinesisParameters", - "markdownDescription": "The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key.", - "title": "KinesisParameters" + "Port": { + "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", + "title": "Port", + "type": "number" }, - "RedshiftDataParameters": { - "$ref": "#/definitions/AWS::Events::Rule.RedshiftDataParameters", - "markdownDescription": "Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster.\n\nIf you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.", - "title": "RedshiftDataParameters" + "RegistryArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", + "title": "RegistryArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::Service.ServiceVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "ManagedEBSVolume": { + "$ref": "#/definitions/AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration", + "markdownDescription": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created.", + "title": "ManagedEBSVolume" }, - "RetryPolicy": { - "$ref": "#/definitions/AWS::Events::Rule.RetryPolicy", - "markdownDescription": "The retry policy configuration to use for the dead-letter queue.", - "title": "RetryPolicy" + "Name": { + "markdownDescription": "The name of the volume. This value must match the volume name from the `Volume` object in the task definition.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::ECS::Service.TimeoutConfiguration": { + "additionalProperties": false, + "properties": { + "IdleTimeoutSeconds": { + "markdownDescription": "The amount of time in seconds a connection will stay active while idle. A value of `0` can be set to disable `idleTimeout` .\n\nThe `idleTimeout` default for `HTTP` / `HTTP2` / `GRPC` is 5 minutes.\n\nThe `idleTimeout` default for `TCP` is 1 hour.", + "title": "IdleTimeoutSeconds", + "type": "number" + }, + "PerRequestTimeoutSeconds": { + "markdownDescription": "The amount of time waiting for the upstream to respond with a complete response per request. A value of `0` can be set to disable `perRequestTimeout` . `perRequestTimeout` can only be set if Service Connect `appProtocol` isn't `TCP` . Only `idleTimeout` is allowed for `TCP` `appProtocol` .", + "title": "PerRequestTimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::Service.VpcLatticeConfiguration": { + "additionalProperties": false, + "properties": { + "PortName": { + "markdownDescription": "The name of the port mapping to register in the VPC Lattice target group. This is the name of the `portMapping` you defined in your task definition.", + "title": "PortName", + "type": "string" }, "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target.", + "markdownDescription": "The ARN of the IAM role to associate with this VPC Lattice configuration. This is the Amazon ECS infrastructure IAM role that is used to manage your VPC Lattice infrastructure.", "title": "RoleArn", "type": "string" }, - "RunCommandParameters": { - "$ref": "#/definitions/AWS::Events::Rule.RunCommandParameters", - "markdownDescription": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command.", - "title": "RunCommandParameters" - }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameters", - "markdownDescription": "Contains the SageMaker AI Model Building Pipeline parameters to start execution of a SageMaker AI Model Building Pipeline.\n\nIf you specify a SageMaker AI Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events.", - "title": "SageMakerPipelineParameters" - }, - "SqsParameters": { - "$ref": "#/definitions/AWS::Events::Rule.SqsParameters", - "markdownDescription": "Contains the message group ID to use when the target is a FIFO queue.\n\nIf you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled.", - "title": "SqsParameters" + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the target group or groups associated with the VPC Lattice configuration that the Amazon ECS tasks will be registered to.", + "title": "TargetGroupArn", + "type": "string" } }, "required": [ - "Arn", - "Id" + "PortName", + "RoleArn", + "TargetGroupArn" ], "type": "object" }, - "AWS::Evidently::Experiment": { + "AWS::ECS::TaskDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -97741,88 +105631,112 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description of the experiment.", - "title": "Description", - "type": "string" - }, - "MetricGoals": { + "ContainerDefinitions": { "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.MetricGoalObject" + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDefinition" }, - "markdownDescription": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment.", - "title": "MetricGoals", + "markdownDescription": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ContainerDefinitions", "type": "array" }, - "Name": { - "markdownDescription": "A name for the new experiment.", - "title": "Name", + "Cpu": { + "markdownDescription": "The number of `cpu` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the `memory` parameter.\n\nIf you're using the EC2 launch type or the external launch type, this field is optional. Supported values are between `128` CPU units ( `0.125` vCPUs) and `196608` CPU units ( `192` vCPUs).\n\nThis field is required for Fargate. For information about the valid values, see [Task size](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Cpu", "type": "string" }, - "OnlineAbConfig": { - "$ref": "#/definitions/AWS::Evidently::Experiment.OnlineAbConfigObject", - "markdownDescription": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation.", - "title": "OnlineAbConfig" + "EnableFaultInjection": { + "markdownDescription": "Enables fault injection and allows for fault injection requests to be accepted from the task's containers. The default value is `false` .", + "title": "EnableFaultInjection", + "type": "boolean" }, - "Project": { - "markdownDescription": "The name or the ARN of the project where this experiment is to be created.", - "title": "Project", + "EphemeralStorage": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EphemeralStorage", + "markdownDescription": "The ephemeral storage settings to use for tasks run with the task definition.", + "title": "EphemeralStorage" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ExecutionRoleArn", "type": "string" }, - "RandomizationSalt": { - "markdownDescription": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` .", - "title": "RandomizationSalt", + "Family": { + "markdownDescription": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n\nA family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n\n> To use revision numbers when you update a task definition, specify this property. If you don't specify a value, AWS CloudFormation generates a new task definition each time that you update it.", + "title": "Family", "type": "string" }, - "RemoveSegment": { - "markdownDescription": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running.", - "title": "RemoveSegment", - "type": "boolean" + "IpcMode": { + "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . If `host` is specified, then all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If `task` is specified, all containers within the specified task share the same IPC resources. If `none` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance.\n\nIf the `host` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose.\n\nIf you are setting namespaced kernel parameters using `systemControls` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n- For tasks that use the `host` IPC mode, IPC namespace related `systemControls` are not supported.\n- For tasks that use the `task` IPC mode, IPC namespace related `systemControls` will apply to all containers within a task.\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", + "title": "IpcMode", + "type": "string" }, - "RunningStatus": { - "$ref": "#/definitions/AWS::Evidently::Experiment.RunningStatusObject", - "markdownDescription": "A structure that you can use to start and stop the experiment.", - "title": "RunningStatus" + "Memory": { + "markdownDescription": "The amount (in MiB) of memory used by the task.\n\nIf your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) .\n\nIf your tasks runs on AWS Fargate , this field is required. You must use one of the following values. The value you choose determines your range of valid values for the `cpu` parameter.\n\n- 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256 (.25 vCPU)\n- 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available `cpu` values: 512 (.5 vCPU)\n- 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available `cpu` values: 1024 (1 vCPU)\n- Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available `cpu` values: 2048 (2 vCPU)\n- Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available `cpu` values: 4096 (4 vCPU)\n- Between 16 GB and 60 GB in 4 GB increments - Available `cpu` values: 8192 (8 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.\n- Between 32GB and 120 GB in 8 GB increments - Available `cpu` values: 16384 (16 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.", + "title": "Memory", + "type": "string" }, - "SamplingRate": { - "markdownDescription": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience.", - "title": "SamplingRate", - "type": "number" + "NetworkMode": { + "markdownDescription": "The Docker networking mode to use for the containers in the task. The valid values are `none` , `bridge` , `awsvpc` , and `host` . If no network mode is specified, the default is `bridge` .\n\nFor Amazon ECS tasks on Fargate, the `awsvpc` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, `` or `awsvpc` can be used. If the network mode is set to `none` , you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The `host` and `awsvpc` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the `bridge` mode.\n\nWith the `host` and `awsvpc` network modes, exposed container ports are mapped directly to the corresponding host port (for the `host` network mode) or the attached elastic network interface port (for the `awsvpc` network mode), so you cannot take advantage of dynamic host port mappings.\n\n> When using the `host` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user. \n\nIf the network mode is `awsvpc` , the task is allocated an elastic network interface, and you must specify a [NetworkConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_NetworkConfiguration.html) value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf the network mode is `host` , you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.", + "title": "NetworkMode", + "type": "string" }, - "Segment": { - "markdownDescription": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", - "title": "Segment", + "PidMode": { + "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . On Fargate for Linux containers, the only valid value is `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container.\n\nIf the `host` PID mode is used, there's a heightened risk of undesired process namespace exposure.\n\n> This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.", + "title": "PidMode", "type": "string" }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for tasks.\n\n> This parameter isn't supported for tasks run on AWS Fargate .", + "title": "PlacementConstraints", + "type": "array" + }, + "ProxyConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ProxyConfiguration", + "markdownDescription": "The configuration details for the App Mesh proxy.\n\nYour Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the `ecs-init` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version `20190301` or later, they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ProxyConfiguration" + }, + "RequiresCompatibilities": { + "items": { + "type": "string" + }, + "markdownDescription": "The task launch types the task definition was validated against. The valid values are `EC2` , `FARGATE` , and `EXTERNAL` . For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RequiresCompatibilities", + "type": "array" + }, + "RuntimePlatform": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RuntimePlatform", + "markdownDescription": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.", + "title": "RuntimePlatform" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the experiment.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an experiment.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "markdownDescription": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" }, - "Treatments": { + "TaskRoleArn": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the AWS Identity and Access Management role that grants containers in the task permission to call AWS APIs on your behalf. For more information, see [Amazon ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIAM roles for tasks on Windows require that the `-EnableTaskIAMRole` option is set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some configuration code to use the feature. For more information, see [Windows IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> String validation is done on the ECS side. If an invalid string value is given for `TaskRoleArn` , it may cause the Cloudformation job to hang.", + "title": "TaskRoleArn", + "type": "string" + }, + "Volumes": { "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentObject" + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Volume" }, - "markdownDescription": "An array of structures that describe the configuration of each feature variation used in the experiment.", - "title": "Treatments", + "markdownDescription": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> The `host` and `sourcePath` parameters aren't supported for tasks run on AWS Fargate .", + "title": "Volumes", "type": "array" } }, - "required": [ - "MetricGoals", - "Name", - "OnlineAbConfig", - "Project", - "Treatments" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Experiment" + "AWS::ECS::TaskDefinition" ], "type": "string" }, @@ -97836,609 +105750,1012 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Evidently::Experiment.MetricGoalObject": { + "AWS::ECS::TaskDefinition.AuthorizationConfig": { "additionalProperties": false, "properties": { - "DesiredChange": { - "markdownDescription": "`INCREASE` means that a variation with a higher number for this metric is performing better.\n\n`DECREASE` means that a variation with a lower number for this metric is performing better.", - "title": "DesiredChange", + "AccessPointId": { + "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", + "title": "AccessPointId", "type": "string" }, - "EntityIdKey": { - "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", - "title": "EntityIdKey", + "IAM": { + "markdownDescription": "Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "IAM", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.ContainerDefinition": { + "additionalProperties": false, + "properties": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the docker container create command and the `COMMAND` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array.", + "title": "Command", + "type": "array" }, - "EventPattern": { - "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", - "title": "EventPattern", + "Cpu": { + "markdownDescription": "The number of `cpu` units reserved for the container. This parameter maps to `CpuShares` in the docker container create commandand the `--cpu-shares` option to docker run.\n\nThis field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level `cpu` value.\n\n> You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. \n\nLinux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.\n\nOn Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version:\n\n- *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares.\n- *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2.\n- *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares.\n\nOn Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as `0` , which Windows interprets as 1% of one CPU.", + "title": "Cpu", + "type": "number" + }, + "CredentialSpecs": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of ARNs in SSM or Amazon S3 to a credential spec ( `CredSpec` ) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the `dockerSecurityOptions` . The maximum number of ARNs is 1.\n\nThere are two formats for each ARN.\n\n- **credentialspecdomainless:MyARN** - You use `credentialspecdomainless:MyARN` to provide a `CredSpec` with an additional section for a secret in AWS Secrets Manager . You provide the login credentials to the domain in the secret.\n\nEach task that runs on any container instance can join different domains.\n\nYou can use this format without joining the container instance to a domain.\n- **credentialspec:MyARN** - You use `credentialspec:MyARN` to provide a `CredSpec` for a single domain.\n\nYou must join the container instance to the domain before you start any tasks that use this task definition.\n\nIn both formats, replace `MyARN` with the ARN in SSM or Amazon S3.\n\nIf you provide a `credentialspecdomainless:MyARN` , the `credspec` must provide a ARN in AWS Secrets Manager for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) .", + "title": "CredentialSpecs", + "type": "array" + }, + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDependency" + }, + "markdownDescription": "The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed.\n\nFor tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nIf the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html) , the `dependsOn` parameter is not supported.", + "title": "DependsOn", + "type": "array" + }, + "DisableNetworking": { + "markdownDescription": "When this parameter is true, networking is off within the container. This parameter maps to `NetworkDisabled` in the docker container create command.\n\n> This parameter is not supported for Windows containers.", + "title": "DisableNetworking", + "type": "boolean" + }, + "DnsSearchDomains": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of DNS search domains that are presented to the container. This parameter maps to `DnsSearch` in the docker container create command and the `--dns-search` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "DnsSearchDomains", + "type": "array" + }, + "DnsServers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of DNS servers that are presented to the container. This parameter maps to `Dns` in the docker container create command and the `--dns` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "DnsServers", + "type": "array" + }, + "DockerLabels": { + "additionalProperties": true, + "markdownDescription": "A key/value map of labels to add to the container. This parameter maps to `Labels` in the docker container create command and the `--label` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DockerLabels", + "type": "object" + }, + "DockerSecurityOptions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type.\n\nFor Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.\n\nFor any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThis parameter maps to `SecurityOpt` in the docker container create command and the `--security-opt` option to docker run.\n\n> The Amazon ECS container agent running on a container instance must register with the `ECS_SELINUX_CAPABLE=true` or `ECS_APPARMOR_CAPABLE=true` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nValid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" | \"credentialspec:CredentialSpecFilePath\"", + "title": "DockerSecurityOptions", + "type": "array" + }, + "EntryPoint": { + "items": { + "type": "string" + }, + "markdownDescription": "> Early versions of the Amazon ECS container agent don't properly handle `entryPoint` parameters. If you have problems using `entryPoint` , update your container agent or enter your commands and arguments as `command` array items instead. \n\nThe entry point that's passed to the container. This parameter maps to `Entrypoint` in the docker container create command and the `--entrypoint` option to docker run.", + "title": "EntryPoint", + "type": "array" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" + }, + "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the docker container create command and the `--env` option to docker run.\n\n> We don't recommend that you use plaintext environment variables for sensitive information, such as credential data.", + "title": "Environment", + "type": "array" + }, + "EnvironmentFiles": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EnvironmentFile" + }, + "markdownDescription": "A list of files containing the environment variables to pass to a container. This parameter maps to the `--env-file` option to docker run.\n\nYou can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file contains an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored.\n\nIf there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "EnvironmentFiles", + "type": "array" + }, + "Essential": { + "markdownDescription": "If the `essential` parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as `false` , its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Essential", + "type": "boolean" + }, + "ExtraHosts": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostEntry" + }, + "markdownDescription": "A list of hostnames and IP address mappings to append to the `/etc/hosts` file on the container. This parameter maps to `ExtraHosts` in the docker container create command and the `--add-host` option to docker run.\n\n> This parameter isn't supported for Windows containers or tasks that use the `awsvpc` network mode.", + "title": "ExtraHosts", + "type": "array" + }, + "FirelensConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FirelensConfiguration", + "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "FirelensConfiguration" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HealthCheck", + "markdownDescription": "The container health check command and associated configuration parameters for the container. This parameter maps to `HealthCheck` in the docker container create command and the `HEALTHCHECK` parameter of docker run.", + "title": "HealthCheck" + }, + "Hostname": { + "markdownDescription": "The hostname to use for your container. This parameter maps to `Hostname` in the docker container create command and the `--hostname` option to docker run.\n\n> The `hostname` parameter is not supported if you're using the `awsvpc` network mode.", + "title": "Hostname", "type": "string" }, - "MetricName": { - "markdownDescription": "A name for the metric. It can include up to 255 characters.", - "title": "MetricName", + "Image": { + "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . For images using tags (repository-url/image:tag), up to 255 characters total are allowed, including letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs (#). For images using digests (repository-url/image@digest), the 255 character limit applies only to the repository URL and image name (everything before the @ sign). The only supported hash function is sha256, and the hash value after sha256: must be exactly 64 characters (only letters A-F, a-f, and numbers 0-9 are allowed). This parameter maps to `Image` in the docker container create command and the `IMAGE` parameter of docker run.\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", + "title": "Image", "type": "string" }, - "UnitLabel": { - "markdownDescription": "A label for the units that the metric is measuring.", - "title": "UnitLabel", + "Interactive": { + "markdownDescription": "When this parameter is `true` , you can deploy containerized applications that require `stdin` or a `tty` to be allocated. This parameter maps to `OpenStdin` in the docker container create command and the `--interactive` option to docker run.", + "title": "Interactive", + "type": "boolean" + }, + "Links": { + "items": { + "type": "string" + }, + "markdownDescription": "The `links` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is `bridge` . The `name:internalName` construct is analogous to `name:alias` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to `Links` in the docker container create command and the `--link` option to docker run.\n\n> This parameter is not supported for Windows containers. > Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.", + "title": "Links", + "type": "array" + }, + "LinuxParameters": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.LinuxParameters", + "markdownDescription": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .\n\n> This parameter is not supported for Windows containers.", + "title": "LinuxParameters" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.LogConfiguration", + "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the docker Create a container command and the `--log-driver` option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LogConfiguration" + }, + "Memory": { + "markdownDescription": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task `memory` value, if one is specified. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nIf using the Fargate launch type, this parameter is optional.\n\nIf using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level `memory` and `memoryReservation` value, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.", + "title": "Memory", + "type": "number" + }, + "MemoryReservation": { + "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the `memory` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to `MemoryReservation` in the docker container create command and the `--memory-reservation` option to docker run.\n\nIf a task-level memory value is not specified, you must specify a non-zero integer for one or both of `memory` or `memoryReservation` in a container definition. If you specify both, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nFor example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a `memoryReservation` of 128 MiB, and a `memory` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.", + "title": "MemoryReservation", + "type": "number" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.MountPoint" + }, + "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the docker container create command and the `--volume` option to docker run.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", + "title": "MountPoints", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a container. If you're linking multiple containers together in a task definition, the `name` of one container can be entered in the `links` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to `name` in the docker container create command and the `--name` option to docker run.", + "title": "Name", "type": "string" }, - "ValueKey": { - "markdownDescription": "The JSON path to reference the numerical metric value in the event.", - "title": "ValueKey", + "PortMappings": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.PortMapping" + }, + "markdownDescription": "The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.\n\nFor task definitions that use the `awsvpc` network mode, you should only specify the `containerPort` . The `hostPort` can be left blank or it must be the same value as the `containerPort` .\n\nPort mappings on Windows use the `NetNAT` gateway address rather than `localhost` . There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.\n\nThis parameter maps to `PortBindings` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--publish` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . If the network mode of a task definition is set to `none` , then you can't specify port mappings. If the network mode of a task definition is set to `host` , then host ports must either be undefined or they must match the container port in the port mapping.\n\n> After a task reaches the `RUNNING` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the `networkBindings` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses.", + "title": "PortMappings", + "type": "array" + }, + "Privileged": { + "markdownDescription": "When this parameter is true, the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the docker container create command and the `--privileged` option to docker run\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", + "title": "Privileged", + "type": "boolean" + }, + "PseudoTerminal": { + "markdownDescription": "When this parameter is `true` , a TTY is allocated. This parameter maps to `Tty` in the docker container create command and the `--tty` option to docker run.", + "title": "PseudoTerminal", + "type": "boolean" + }, + "ReadonlyRootFilesystem": { + "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the docker container create command and the `--read-only` option to docker run.\n\n> This parameter is not supported for Windows containers.", + "title": "ReadonlyRootFilesystem", + "type": "boolean" + }, + "RepositoryCredentials": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RepositoryCredentials", + "markdownDescription": "The private repository authentication credentials to use.", + "title": "RepositoryCredentials" + }, + "ResourceRequirements": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.ResourceRequirement" + }, + "markdownDescription": "The type and amount of a resource to assign to a container. The only supported resource is a GPU.", + "title": "ResourceRequirements", + "type": "array" + }, + "RestartPolicy": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.RestartPolicy", + "markdownDescription": "The restart policy for a container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task. For more information, see [Restart individual containers in Amazon ECS tasks with container restart policies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-restart-policy.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "RestartPolicy" + }, + "Secrets": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" + }, + "markdownDescription": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Secrets", + "type": "array" + }, + "StartTimeout": { + "markdownDescription": "Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a `COMPLETE` , `SUCCESS` , or `HEALTHY` status. If a `startTimeout` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a `STOPPED` state.\n\n> When the `ECS_CONTAINER_START_TIMEOUT` container agent configuration variable is used, it's enforced independently from this start timeout value. \n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks using the EC2 launch type, your container instances require at least version `1.26.0` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version `1.26.0-1` of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", + "title": "StartTimeout", + "type": "number" + }, + "StopTimeout": { + "markdownDescription": "Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks that use the Fargate launch type, the max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.\n\nFor tasks that use the EC2 launch type, if the `stopTimeout` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable `ECS_CONTAINER_STOP_TIMEOUT` is used. If neither the `stopTimeout` parameter or the `ECS_CONTAINER_STOP_TIMEOUT` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", + "title": "StopTimeout", + "type": "number" + }, + "SystemControls": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.SystemControl" + }, + "markdownDescription": "A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in the docker container create command and the `--sysctl` option to docker run. For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.", + "title": "SystemControls", + "type": "array" + }, + "Ulimits": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Ulimit" + }, + "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> This parameter is not supported for Windows containers.", + "title": "Ulimits", + "type": "array" + }, + "User": { + "markdownDescription": "The user to use inside the container. This parameter maps to `User` in the docker container create command and the `--user` option to docker run.\n\n> When running tasks using the `host` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gid`\n- `uid:group`\n\n> This parameter is not supported for Windows containers.", + "title": "User", + "type": "string" + }, + "VersionConsistency": { + "markdownDescription": "Specifies whether Amazon ECS will resolve the container image tag provided in the container definition to an image digest. By default, the value is `enabled` . If you set the value for a container as `disabled` , Amazon ECS will not resolve the provided container image tag to a digest and will use the original image URI specified in the container definition for deployment. For more information about container image resolution, see [Container image resolution](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html#deployment-container-image-stability) in the *Amazon ECS Developer Guide* .", + "title": "VersionConsistency", + "type": "string" + }, + "VolumesFrom": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.VolumeFrom" + }, + "markdownDescription": "Data volumes to mount from another container. This parameter maps to `VolumesFrom` in the docker container create command and the `--volumes-from` option to docker run.", + "title": "VolumesFrom", + "type": "array" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory to run commands inside the container in. This parameter maps to `WorkingDir` in the docker container create command and the `--workdir` option to docker run.", + "title": "WorkingDirectory", "type": "string" } }, "required": [ - "DesiredChange", - "EntityIdKey", - "MetricName", - "ValueKey" + "Image", + "Name" ], "type": "object" }, - "AWS::Evidently::Experiment.OnlineAbConfigObject": { + "AWS::ECS::TaskDefinition.ContainerDependency": { "additionalProperties": false, "properties": { - "ControlTreatmentName": { - "markdownDescription": "The name of the variation that is to be the default variation that the other variations are compared to.", - "title": "ControlTreatmentName", + "Condition": { + "markdownDescription": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a `zero` status. This condition can't be set on an essential container.\n- `HEALTHY` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.", + "title": "Condition", "type": "string" }, - "TreatmentWeights": { + "ContainerName": { + "markdownDescription": "The name of a container.", + "title": "ContainerName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.Device": { + "additionalProperties": false, + "properties": { + "ContainerPath": { + "markdownDescription": "The path inside the container at which to expose the host device.", + "title": "ContainerPath", + "type": "string" + }, + "HostPath": { + "markdownDescription": "The path for the device on the host container instance.", + "title": "HostPath", + "type": "string" + }, + "Permissions": { "items": { - "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentToWeight" + "type": "string" }, - "markdownDescription": "A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation.", - "title": "TreatmentWeights", + "markdownDescription": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device.", + "title": "Permissions", "type": "array" } }, "type": "object" }, - "AWS::Evidently::Experiment.RunningStatusObject": { + "AWS::ECS::TaskDefinition.DockerVolumeConfiguration": { "additionalProperties": false, "properties": { - "AnalysisCompleteTime": { - "markdownDescription": "If you are using AWS CloudFormation to start the experiment, use this field to specify when the experiment is to end. The format is as a UNIX timestamp. For more information about this format, see [The Current Epoch Unix Timestamp](https://docs.aws.amazon.com/https://www.unixtimestamp.com/index.php) .", - "title": "AnalysisCompleteTime", - "type": "string" + "Autoprovision": { + "markdownDescription": "If this value is `true` , the Docker volume is created if it doesn't already exist.\n\n> This field is only used if the `scope` is `shared` .", + "title": "Autoprovision", + "type": "boolean" }, - "DesiredState": { - "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment.", - "title": "DesiredState", + "Driver": { + "markdownDescription": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use `docker plugin ls` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to `Driver` in the docker container create command and the `xxdriver` option to docker volume create.", + "title": "Driver", "type": "string" }, - "Reason": { - "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, this is an optional field that you can use to record why the experiment is being stopped or cancelled.", - "title": "Reason", - "type": "string" + "DriverOpts": { + "additionalProperties": true, + "markdownDescription": "A map of Docker driver-specific options passed through. This parameter maps to `DriverOpts` in the docker create-volume command and the `xxopt` option to docker volume create.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DriverOpts", + "type": "object" }, - "Status": { - "markdownDescription": "To start the experiment now, specify `START` for this parameter. If this experiment is currently running and you want to stop it now, specify `STOP` .", - "title": "Status", + "Labels": { + "additionalProperties": true, + "markdownDescription": "Custom metadata to add to your Docker volume. This parameter maps to `Labels` in the docker container create command and the `xxlabel` option to docker volume create.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Labels", + "type": "object" + }, + "Scope": { + "markdownDescription": "The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops.", + "title": "Scope", "type": "string" } }, - "required": [ - "Status" - ], "type": "object" }, - "AWS::Evidently::Experiment.TreatmentObject": { + "AWS::ECS::TaskDefinition.EFSVolumeConfiguration": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the treatment.", - "title": "Description", - "type": "string" + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.AuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", + "title": "AuthorizationConfig" }, - "Feature": { - "markdownDescription": "The name of the feature for this experiment.", - "title": "Feature", + "FilesystemId": { + "markdownDescription": "The Amazon EFS file system ID to use.", + "title": "FilesystemId", "type": "string" }, - "TreatmentName": { - "markdownDescription": "A name for this treatment. It can include up to 127 characters.", - "title": "TreatmentName", + "RootDirectory": { + "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying `/` will have the same effect as omitting this parameter.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` which will enforce the path set on the EFS access point.", + "title": "RootDirectory", "type": "string" }, - "Variation": { - "markdownDescription": "The name of the variation to use for this treatment.", - "title": "Variation", + "TransitEncryption": { + "markdownDescription": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryption", "type": "string" + }, + "TransitEncryptionPort": { + "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", + "title": "TransitEncryptionPort", + "type": "number" } }, "required": [ - "Feature", - "TreatmentName", - "Variation" + "FilesystemId" ], "type": "object" }, - "AWS::Evidently::Experiment.TreatmentToWeight": { + "AWS::ECS::TaskDefinition.EnvironmentFile": { "additionalProperties": false, "properties": { - "SplitWeight": { - "markdownDescription": "The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment.", - "title": "SplitWeight", - "type": "number" + "Type": { + "markdownDescription": "The file type to use. Environment files are objects in Amazon S3. The only supported value is `s3` .", + "title": "Type", + "type": "string" }, - "Treatment": { - "markdownDescription": "The name of the treatment.", - "title": "Treatment", + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", + "title": "Value", "type": "string" } }, - "required": [ - "SplitWeight", - "Treatment" - ], "type": "object" }, - "AWS::Evidently::Feature": { + "AWS::ECS::TaskDefinition.EphemeralStorage": { "additionalProperties": false, "properties": { - "Condition": { + "SizeInGiB": { + "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", + "title": "SizeInGiB", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.FSxAuthorizationConfig": { + "additionalProperties": false, + "properties": { + "CredentialsParameter": { + "markdownDescription": "The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an AWS Secrets Manager secret or SSM Parameter Store parameter. The ARN refers to the stored credentials.", + "title": "CredentialsParameter", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Domain": { + "markdownDescription": "A fully qualified domain name hosted by an [AWS Directory Service](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2.", + "title": "Domain", "type": "string" + } + }, + "required": [ + "CredentialsParameter", + "Domain" + ], + "type": "object" + }, + "AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationConfig": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxAuthorizationConfig", + "markdownDescription": "The authorization configuration details for the Amazon FSx for Windows File Server file system.", + "title": "AuthorizationConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultVariation": { - "markdownDescription": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation.", - "title": "DefaultVariation", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description of the feature.", - "title": "Description", - "type": "string" - }, - "EntityOverrides": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Feature.EntityOverride" - }, - "markdownDescription": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.", - "title": "EntityOverrides", - "type": "array" - }, - "EvaluationStrategy": { - "markdownDescription": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.", - "title": "EvaluationStrategy", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the feature. It can include up to 127 characters.", - "title": "Name", - "type": "string" - }, - "Project": { - "markdownDescription": "The name or ARN of the project that is to contain the new feature.", - "title": "Project", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" - }, - "Variations": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Feature.VariationObject" - }, - "markdownDescription": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` ).", - "title": "Variations", - "type": "array" - } - }, - "required": [ - "Name", - "Project", - "Variations" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Evidently::Feature" - ], + "FileSystemId": { + "markdownDescription": "The Amazon FSx for Windows File Server file system ID to use.", + "title": "FileSystemId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RootDirectory": { + "markdownDescription": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host.", + "title": "RootDirectory", "type": "string" } }, "required": [ - "Type", - "Properties" + "FileSystemId", + "RootDirectory" ], "type": "object" }, - "AWS::Evidently::Feature.EntityOverride": { + "AWS::ECS::TaskDefinition.FirelensConfiguration": { "additionalProperties": false, "properties": { - "EntityId": { - "markdownDescription": "The entity ID to be served the variation specified in `Variation` .", - "title": "EntityId", - "type": "string" + "Options": { + "additionalProperties": true, + "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event.\n\nIf specified, valid option keys are:\n\n- `enable-ecs-log-metadata` , which can be `true` or `false`\n- `config-file-type` , which can be `s3` or `file`\n- `config-file-value` , which is either an S3 ARN or a file path", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Options", + "type": "object" }, - "Variation": { - "markdownDescription": "The name of the variation to serve to the user session that matches the `EntityId` .", - "title": "Variation", + "Type": { + "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::Evidently::Feature.VariationObject": { + "AWS::ECS::TaskDefinition.HealthCheck": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is boolean.", - "title": "BooleanValue", - "type": "boolean" + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "A string array representing the command that the container runs to determine if it is healthy. The string array must start with `CMD` to run the command arguments directly, or `CMD-SHELL` to run the command with the container's default shell.\n\nWhen you use the AWS Management Console JSON panel, the AWS Command Line Interface , or the APIs, enclose the list of commands in double quotes and brackets.\n\n`[ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]`\n\nYou don't include the double quotes and brackets when you use the AWS Management Console.\n\n`CMD-SHELL, curl -f http://localhost/ || exit 1`\n\nAn exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see `HealthCheck` in the docker container create command.", + "title": "Command", + "type": "array" }, - "DoubleValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a double.", - "title": "DoubleValue", + "Interval": { + "markdownDescription": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a `command` .", + "title": "Interval", "type": "number" }, - "LongValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a long.", - "title": "LongValue", + "Retries": { + "markdownDescription": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a `command` .", + "title": "Retries", "type": "number" }, - "StringValue": { - "markdownDescription": "The value assigned to this variation, if the variation type is a string.", - "title": "StringValue", + "StartPeriod": { + "markdownDescription": "The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the `startPeriod` is off. This value applies only when you specify a `command` .\n\n> If a health check succeeds within the `startPeriod` , then the container is considered healthy and any subsequent failures count toward the maximum number of retries.", + "title": "StartPeriod", + "type": "number" + }, + "Timeout": { + "markdownDescription": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a `command` .", + "title": "Timeout", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.HostEntry": { + "additionalProperties": false, + "properties": { + "Hostname": { + "markdownDescription": "The hostname to use in the `/etc/hosts` entry.", + "title": "Hostname", "type": "string" }, - "VariationName": { - "markdownDescription": "A name for the variation. It can include up to 127 characters.", - "title": "VariationName", + "IpAddress": { + "markdownDescription": "The IP address to use in the `/etc/hosts` entry.", + "title": "IpAddress", "type": "string" } }, - "required": [ - "VariationName" - ], "type": "object" }, - "AWS::Evidently::Launch": { + "AWS::ECS::TaskDefinition.HostVolumeProperties": { "additionalProperties": false, "properties": { - "Condition": { + "SourcePath": { + "markdownDescription": "When the `host` parameter is used, specify a `sourcePath` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the `host` parameter contains a `sourcePath` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the `sourcePath` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\nIf you're using the Fargate launch type, the `sourcePath` parameter is not supported.", + "title": "SourcePath", "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.KernelCapabilities": { + "additionalProperties": false, + "properties": { + "Add": { + "items": { + "type": "string" + }, + "markdownDescription": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to `CapAdd` in the docker container create command and the `--cap-add` option to docker run.\n\n> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE` kernel capability. \n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", + "title": "Add", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Drop": { + "items": { + "type": "string" + }, + "markdownDescription": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to `CapDrop` in the docker container create command and the `--cap-drop` option to docker run.\n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", + "title": "Drop", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.KeyValuePair": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", + "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.LinuxParameters": { + "additionalProperties": false, + "properties": { + "Capabilities": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KernelCapabilities", + "markdownDescription": "The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.\n\n> For tasks that use the Fargate launch type, `capabilities` is supported for all platform versions but the `add` parameter is only supported if using platform version 1.4.0 or later.", + "title": "Capabilities" }, - "Metadata": { - "type": "object" + "Devices": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Device" + }, + "markdownDescription": "Any host devices to expose to the container. This parameter maps to `Devices` in the docker container create command and the `--device` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `devices` parameter isn't supported.", + "title": "Devices", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "An optional description for the launch.", - "title": "Description", - "type": "string" - }, - "ExecutionStatus": { - "$ref": "#/definitions/AWS::Evidently::Launch.ExecutionStatusObject", - "markdownDescription": "A structure that you can use to start and stop the launch.", - "title": "ExecutionStatus" - }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.LaunchGroupObject" - }, - "markdownDescription": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch.", - "title": "Groups", - "type": "array" - }, - "MetricMonitors": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.MetricDefinitionObject" - }, - "markdownDescription": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array.", - "title": "MetricMonitors", - "type": "array" - }, - "Name": { - "markdownDescription": "The name for the launch. It can include up to 127 characters.", - "title": "Name", - "type": "string" - }, - "Project": { - "markdownDescription": "The name or ARN of the project that you want to create the launch in.", - "title": "Project", - "type": "string" - }, - "RandomizationSalt": { - "markdownDescription": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` .", - "title": "RandomizationSalt", + "InitProcessEnabled": { + "markdownDescription": "Run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "title": "InitProcessEnabled", + "type": "boolean" + }, + "MaxSwap": { + "markdownDescription": "The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the `--memory-swap` option to docker run where the value would be the sum of the container memory plus the `maxSwap` value.\n\nIf a `maxSwap` value of `0` is specified, the container will not use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n> If you're using tasks that use the Fargate launch type, the `maxSwap` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", + "title": "MaxSwap", + "type": "number" + }, + "SharedMemorySize": { + "markdownDescription": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to docker run.\n\n> If you are using tasks that use the Fargate launch type, the `sharedMemorySize` parameter is not supported.", + "title": "SharedMemorySize", + "type": "number" + }, + "Swappiness": { + "markdownDescription": "This allows you to tune a container's memory swappiness behavior. A `swappiness` value of `0` will cause swapping to not happen unless absolutely necessary. A `swappiness` value of `100` will cause pages to be swapped very aggressively. Accepted values are whole numbers between `0` and `100` . If the `swappiness` parameter is not specified, a default value of `60` is used. If a value is not specified for `maxSwap` then this parameter is ignored. This parameter maps to the `--memory-swappiness` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `swappiness` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", + "title": "Swappiness", + "type": "number" + }, + "Tmpfs": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Tmpfs" + }, + "markdownDescription": "The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the `--tmpfs` option to docker run.\n\n> If you're using tasks that use the Fargate launch type, the `tmpfs` parameter isn't supported.", + "title": "Tmpfs", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.LogConfiguration": { + "additionalProperties": false, + "properties": { + "LogDriver": { + "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", + "title": "LogDriver", + "type": "string" + }, + "Options": { + "additionalProperties": true, + "markdownDescription": "The configuration options to send to the log driver.\n\nThe options you can specify depend on the log driver. Some of the options you can specify when you use the `awslogs` log driver to route logs to Amazon CloudWatch include the following:\n\n- **awslogs-create-group** - Required: No\n\nSpecify whether you want the log group to be created automatically. If this option isn't specified, it defaults to `false` .\n\n> Your IAM policy must include the `logs:CreateLogGroup` permission before you attempt to use `awslogs-create-group` .\n- **awslogs-region** - Required: Yes\n\nSpecify the AWS Region that the `awslogs` log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option.\n- **awslogs-group** - Required: Yes\n\nMake sure to specify a log group that the `awslogs` log driver sends its log streams to.\n- **awslogs-stream-prefix** - Required: Yes, when using Fargate.Optional when using EC2.\n\nUse the `awslogs-stream-prefix` option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format `prefix-name/container-name/ecs-task-id` .\n\nIf you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option.\n\nFor Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to.\n\nYou must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console.\n- **awslogs-datetime-format** - Required: No\n\nThis option defines a multiline start pattern in Python `strftime` format. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nOne example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry.\n\nFor more information, see [awslogs-datetime-format](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-datetime-format) .\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n- **awslogs-multiline-pattern** - Required: No\n\nThis option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don\u2019t match the pattern. The matched line is the delimiter between log messages.\n\nFor more information, see [awslogs-multiline-pattern](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/#awslogs-multiline-pattern) .\n\nThis option is ignored if `awslogs-datetime-format` is also configured.\n\nYou cannot configure both the `awslogs-datetime-format` and `awslogs-multiline-pattern` options.\n\n> Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance.\n\nThe following options apply to all supported log drivers.\n\n- **mode** - Required: No\n\nValid values: `non-blocking` | `blocking`\n\nThis option defines the delivery mode of log messages from the container to the log driver specified using `logDriver` . The delivery mode you choose affects application availability when the flow of logs from container is interrupted.\n\nIf you use the `blocking` mode and the flow of logs is interrupted, calls from container code to write to the `stdout` and `stderr` streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure.\n\nIf you use the `non-blocking` mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the `max-buffer-size` option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see [Preventing log loss with non-blocking mode in the `awslogs` container log driver](https://docs.aws.amazon.com/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/) .\n\nYou can set a default `mode` for all containers in a specific AWS Region by using the `defaultLogDriverMode` account setting. If you don't specify the `mode` option or configure the account setting, Amazon ECS will default to the `non-blocking` mode. For more information about the account setting, see [Default log driver mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#default-log-driver-mode) in the *Amazon Elastic Container Service Developer Guide* .\n\n> On June 25, 2025, Amazon ECS changed the default log driver mode from `blocking` to `non-blocking` to prioritize task availability over logging. To continue using the `blocking` mode after this change, do one of the following:\n> \n> - Set the `mode` option in your container definition's `logConfiguration` as `blocking` .\n> - Set the `defaultLogDriverMode` account setting to `blocking` .\n- **max-buffer-size** - Required: No\n\nDefault value: `1m`\n\nWhen `non-blocking` mode is used, the `max-buffer-size` log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost.\n\nTo route logs using the `splunk` log router, you need to specify a `splunk-token` and a `splunk-url` .\n\nWhen you use the `awsfirelens` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the `log-driver-buffer-limit` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker.\n\nOther options you can specify when using `awsfirelens` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with `region` and a name for the log stream with `delivery_stream` .\n\nWhen you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with `region` and a data stream name with `stream` .\n\nWhen you export logs to Amazon OpenSearch Service, you can specify options like `Name` , `Host` (OpenSearch Service endpoint without protocol), `Port` , `Index` , `Type` , `Aws_auth` , `Aws_region` , `Suppress_Type_Name` , and `tls` . For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/) .\n\nWhen you export logs to Amazon S3, you can specify the bucket using the `bucket` option. You can also specify `region` , `total_file_size` , `upload_timeout` , and `use_put_object` as options.\n\nThis parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "ScheduledSplitsConfig": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.StepConfig" - }, - "markdownDescription": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch.", - "title": "ScheduledSplitsConfig", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the launch.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a launch.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" } }, - "required": [ - "Groups", - "Name", - "Project", - "ScheduledSplitsConfig" - ], + "title": "Options", "type": "object" }, - "Type": { - "enum": [ - "AWS::Evidently::Launch" - ], + "SecretOptions": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" + }, + "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "SecretOptions", + "type": "array" + } + }, + "required": [ + "LogDriver" + ], + "type": "object" + }, + "AWS::ECS::TaskDefinition.MountPoint": { + "additionalProperties": false, + "properties": { + "ContainerPath": { + "markdownDescription": "The path on the container to mount the host volume at.", + "title": "ContainerPath", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" + }, + "SourceVolume": { + "markdownDescription": "The name of the volume to mount. Must be a volume name referenced in the `name` parameter of task definition `volume` .", + "title": "SourceVolume", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Evidently::Launch.ExecutionStatusObject": { + "AWS::ECS::TaskDefinition.PortMapping": { "additionalProperties": false, "properties": { - "DesiredState": { - "markdownDescription": "If you are using AWS CloudFormation to stop this launch, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment. If you omit this parameter, the default of `COMPLETED` is used.", - "title": "DesiredState", + "AppProtocol": { + "markdownDescription": "The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.\n\nIf you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP.\n\n`appProtocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "AppProtocol", "type": "string" }, - "Reason": { - "markdownDescription": "If you are using AWS CloudFormation to stop this launch, this is an optional field that you can use to record why the launch is being stopped or cancelled.", - "title": "Reason", + "ContainerPort": { + "markdownDescription": "The port number on the container that's bound to the user-specified or automatically assigned host port.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, specify the exposed ports using `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see `hostPort` . Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance.", + "title": "ContainerPort", + "type": "number" + }, + "ContainerPortRange": { + "markdownDescription": "The port number range on the container that's bound to the dynamically mapped host port range.\n\nThe following rules apply when you specify a `containerPortRange` :\n\n- You must use either the `bridge` network mode or the `awsvpc` network mode.\n- This parameter is available for both the EC2 and AWS Fargate launch types.\n- This parameter is available for both the Linux and Windows operating systems.\n- The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the `ecs-init` package\n- You can specify a maximum of 100 port ranges per container.\n- You do not specify a `hostPortRange` . The value of the `hostPortRange` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPortRange` is set to the same value as the `containerPortRange` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.\n- The `containerPortRange` valid values are between 1 and 65535.\n- A port can only be included in one port mapping per container.\n- You cannot specify overlapping port ranges.\n- The first port in the range must be less than last port in the range.\n- Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.\n\nFor more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website.\n\nFor information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide* .\n\nYou can call [`DescribeTasks`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the `hostPortRange` which are the host ports that are bound to the container ports.", + "title": "ContainerPortRange", "type": "string" }, - "Status": { - "markdownDescription": "To start the launch now, specify `START` for this parameter. If this launch is currently running and you want to stop it now, specify `STOP` .", - "title": "Status", + "HostPort": { + "markdownDescription": "The port number on the container instance to reserve for your container.\n\nIf you specify a `containerPortRange` , leave this field empty and the value of the `hostPort` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPort` is set to the same value as the `containerPort` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, the `hostPort` can either be left blank or set to the same value as the `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the `hostPort` (or set it to `0` ) while specifying a `containerPort` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version.\n\nThe default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under `/proc/sys/net/ipv4/ip_local_port_range` . If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range.\n\nThe default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the `remainingResources` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota.", + "title": "HostPort", + "type": "number" + }, + "Name": { + "markdownDescription": "The name that's used for the port mapping. This parameter is the name that you use in the `serviceConnectConfiguration` and the `vpcLatticeConfigurations` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.", + "title": "Name", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol used for the port mapping. Valid values are `tcp` and `udp` . The default is `tcp` . `protocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.", + "title": "Protocol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.ProxyConfiguration": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The name of the container that will serve as the App Mesh proxy.", + "title": "ContainerName", + "type": "string" + }, + "ProxyConfigurationProperties": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" + }, + "markdownDescription": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs.\n\n- `IgnoredUID` - (Required) The user ID (UID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredGID` is specified, this field can be empty.\n- `IgnoredGID` - (Required) The group ID (GID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredUID` is specified, this field can be empty.\n- `AppPorts` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the `ProxyIngressPort` and `ProxyEgressPort` .\n- `ProxyIngressPort` - (Required) Specifies the port that incoming traffic to the `AppPorts` is directed to.\n- `ProxyEgressPort` - (Required) Specifies the port that outgoing traffic from the `AppPorts` is directed to.\n- `EgressIgnoredPorts` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.\n- `EgressIgnoredIPs` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.", + "title": "ProxyConfigurationProperties", + "type": "array" + }, + "Type": { + "markdownDescription": "The proxy type. The only supported value is `APPMESH` .", + "title": "Type", "type": "string" } }, "required": [ - "Status" + "ContainerName" ], "type": "object" }, - "AWS::Evidently::Launch.GroupToWeight": { + "AWS::ECS::TaskDefinition.RepositoryCredentials": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the launch group. It can include up to 127 characters.", - "title": "GroupName", + "CredentialsParameter": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.\n\n> When you use the Amazon ECS API, AWS CLI , or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret.", + "title": "CredentialsParameter", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.ResourceRequirement": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of resource to assign to a container.", + "title": "Type", "type": "string" }, - "SplitWeight": { - "markdownDescription": "The portion of launch traffic to allocate to this launch group.\n\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group.", - "title": "SplitWeight", - "type": "number" + "Value": { + "markdownDescription": "The value for the specified resource type.\n\nWhen the type is `GPU` , the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nWhen the type is `InferenceAccelerator` , the `value` matches the `deviceName` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition.", + "title": "Value", + "type": "string" } }, "required": [ - "GroupName", - "SplitWeight" + "Type", + "Value" ], "type": "object" }, - "AWS::Evidently::Launch.LaunchGroupObject": { + "AWS::ECS::TaskDefinition.RestartPolicy": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the launch group.", - "title": "Description", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether a restart policy is enabled for the container.", + "title": "Enabled", + "type": "boolean" }, - "Feature": { - "markdownDescription": "The feature that this launch is using.", - "title": "Feature", + "IgnoredExitCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of exit codes that Amazon ECS will ignore and not attempt a restart on. You can specify a maximum of 50 container exit codes. By default, Amazon ECS does not ignore any exit codes.", + "title": "IgnoredExitCodes", + "type": "array" + }, + "RestartAttemptPeriod": { + "markdownDescription": "A period of time (in seconds) that the container must run for before a restart can be attempted. A container can be restarted only once every `restartAttemptPeriod` seconds. If a container isn't able to run for this time period and exits early, it will not be restarted. You can set a minimum `restartAttemptPeriod` of 60 seconds and a maximum `restartAttemptPeriod` of 1800 seconds. By default, a container must run for 300 seconds before it can be restarted.", + "title": "RestartAttemptPeriod", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.RuntimePlatform": { + "additionalProperties": false, + "properties": { + "CpuArchitecture": { + "markdownDescription": "The CPU architecture.\n\nYou can run your Linux tasks on an ARM-based platform by setting the value to `ARM64` . This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate.", + "title": "CpuArchitecture", "type": "string" }, - "GroupName": { - "markdownDescription": "A name for this launch group. It can include up to 127 characters.", - "title": "GroupName", + "OperatingSystemFamily": { + "markdownDescription": "The operating system.", + "title": "OperatingSystemFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.Secret": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the secret.", + "title": "Name", "type": "string" }, - "Variation": { - "markdownDescription": "The feature variation to use for this launch group.", - "title": "Variation", + "ValueFrom": { + "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", + "title": "ValueFrom", "type": "string" } }, "required": [ - "Feature", - "GroupName", - "Variation" + "Name", + "ValueFrom" ], "type": "object" }, - "AWS::Evidently::Launch.MetricDefinitionObject": { + "AWS::ECS::TaskDefinition.SystemControl": { "additionalProperties": false, "properties": { - "EntityIdKey": { - "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", - "title": "EntityIdKey", - "type": "string" - }, - "EventPattern": { - "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", - "title": "EventPattern", + "Namespace": { + "markdownDescription": "The namespaced kernel parameter to set a `value` for.", + "title": "Namespace", "type": "string" }, - "MetricName": { - "markdownDescription": "A name for the metric. It can include up to 255 characters.", - "title": "MetricName", + "Value": { + "markdownDescription": "The namespaced kernel parameter to set a `value` for.\n\nValid IPC namespace values: `\"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\" | \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" | \"kernel.shm_rmid_forced\"` , and `Sysctls` that start with `\"fs.mqueue.*\"`\n\nValid network namespace values: `Sysctls` that start with `\"net.*\"` . Only namespaced `Sysctls` that exist within the container starting with \"net.* are accepted.\n\nAll of these values are supported by Fargate.", + "title": "Value", "type": "string" - }, - "UnitLabel": { - "markdownDescription": "A label for the units that the metric is measuring.", - "title": "UnitLabel", + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "Expression", "type": "string" }, - "ValueKey": { - "markdownDescription": "The value that is tracked to produce the metric.", - "title": "ValueKey", + "Type": { + "markdownDescription": "The type of constraint. The `MemberOf` constraint restricts selection to be from a group of valid candidates.", + "title": "Type", "type": "string" } }, "required": [ - "EntityIdKey", - "MetricName", - "ValueKey" + "Type" ], "type": "object" }, - "AWS::Evidently::Launch.SegmentOverride": { + "AWS::ECS::TaskDefinition.Tmpfs": { "additionalProperties": false, "properties": { - "EvaluationOrder": { - "markdownDescription": "A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first.", - "title": "EvaluationOrder", - "type": "number" - }, - "Segment": { - "markdownDescription": "The ARN of the segment to use for this override.", - "title": "Segment", + "ContainerPath": { + "markdownDescription": "The absolute file path where the tmpfs volume is to be mounted.", + "title": "ContainerPath", "type": "string" }, - "Weights": { + "MountOptions": { "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + "type": "string" }, - "markdownDescription": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic.", - "title": "Weights", + "markdownDescription": "The list of tmpfs volume mount options.\n\nValid values: `\"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"`", + "title": "MountOptions", "type": "array" + }, + "Size": { + "markdownDescription": "The maximum size (in MiB) of the tmpfs volume.", + "title": "Size", + "type": "number" } }, "required": [ - "EvaluationOrder", - "Segment", - "Weights" + "Size" ], "type": "object" }, - "AWS::Evidently::Launch.StepConfig": { + "AWS::ECS::TaskDefinition.Ulimit": { "additionalProperties": false, "properties": { - "GroupWeights": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" - }, - "markdownDescription": "An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch.", - "title": "GroupWeights", - "type": "array" - }, - "SegmentOverrides": { - "items": { - "$ref": "#/definitions/AWS::Evidently::Launch.SegmentOverride" - }, - "markdownDescription": "An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age.\n\nFor more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) .", - "title": "SegmentOverrides", - "type": "array" + "HardLimit": { + "markdownDescription": "The hard limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", + "title": "HardLimit", + "type": "number" }, - "StartTime": { - "markdownDescription": "The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z`", - "title": "StartTime", + "Name": { + "markdownDescription": "The `type` of the `ulimit` .", + "title": "Name", "type": "string" + }, + "SoftLimit": { + "markdownDescription": "The soft limit for the `ulimit` type. The value can be specified in bytes, seconds, or as a count, depending on the `type` of the `ulimit` .", + "title": "SoftLimit", + "type": "number" } }, "required": [ - "GroupWeights", - "StartTime" + "HardLimit", + "Name", + "SoftLimit" ], "type": "object" }, - "AWS::Evidently::Project": { + "AWS::ECS::TaskDefinition.Volume": { + "additionalProperties": false, + "properties": { + "ConfiguredAtLaunch": { + "markdownDescription": "Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n\nTo configure a volume at launch time, use this task definition revision and specify a `volumeConfigurations` object when calling the `CreateService` , `UpdateService` , `RunTask` or `StartTask` APIs.", + "title": "ConfiguredAtLaunch", + "type": "boolean" + }, + "DockerVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.DockerVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use Docker volumes.\n\nWindows containers only support the use of the `local` driver. To use bind mounts, specify the `host` parameter instead.\n\n> Docker volumes aren't supported by tasks run on AWS Fargate .", + "title": "DockerVolumeConfiguration" + }, + "EFSVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.EFSVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use an Amazon Elastic File System file system for task storage.", + "title": "EFSVolumeConfiguration" + }, + "FSxWindowsFileServerVolumeConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration", + "markdownDescription": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage.", + "title": "FSxWindowsFileServerVolumeConfiguration" + }, + "Host": { + "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostVolumeProperties", + "markdownDescription": "This parameter is specified when you use bind mount host volumes. The contents of the `host` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the `host` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount `C:\\my\\path:C:\\my\\path` and `D:\\:D:\\` , but not `D:\\my\\path:C:\\my\\path` or `D:\\:C:\\my\\path` .", + "title": "Host" + }, + "Name": { + "markdownDescription": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.\n\nWhen using a volume configured at launch, the `name` is required and must also be specified as the volume name in the `ServiceVolumeConfiguration` or `TaskVolumeConfiguration` parameter when creating your service or standalone task.\n\nFor all other types of volumes, this name is referenced in the `sourceVolume` parameter of the `mountPoints` object in the container definition.\n\nWhen a volume is using the `efsVolumeConfiguration` , the name is required.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskDefinition.VolumeFrom": { + "additionalProperties": false, + "properties": { + "ReadOnly": { + "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", + "title": "ReadOnly", + "type": "boolean" + }, + "SourceContainer": { + "markdownDescription": "The name of another container within the same task definition to mount volumes from.", + "title": "SourceContainer", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ECS::TaskSet": { "additionalProperties": false, "properties": { "Condition": { @@ -98473,43 +106790,89 @@ "Properties": { "additionalProperties": false, "properties": { - "AppConfigResource": { - "$ref": "#/definitions/AWS::Evidently::Project.AppConfigResourceObject", - "markdownDescription": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission.", - "title": "AppConfigResource" + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskSet.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy that are associated with the task set.", + "title": "CapacityProviderStrategy", + "type": "array" }, - "DataDelivery": { - "$ref": "#/definitions/AWS::Evidently::Project.DataDeliveryObject", - "markdownDescription": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation.", - "title": "DataDelivery" + "Cluster": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", + "title": "Cluster", + "type": "string" }, - "Description": { - "markdownDescription": "An optional description of the project.", - "title": "Description", + "ExternalId": { + "markdownDescription": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the `ECS_TASK_SET_EXTERNAL_ID` AWS Cloud Map attribute set to the provided value.", + "title": "ExternalId", "type": "string" }, - "Name": { - "markdownDescription": "The name for the project. It can include up to 127 characters.", - "title": "Name", + "LaunchType": { + "markdownDescription": "The launch type that new tasks in the task set uses. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf a `launchType` is specified, the `capacityProviderStrategy` parameter must be omitted.", + "title": "LaunchType", + "type": "string" + }, + "LoadBalancers": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskSet.LoadBalancer" + }, + "markdownDescription": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer.", + "title": "LoadBalancers", + "type": "array" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskSet.NetworkConfiguration", + "markdownDescription": "The network configuration for the task set.", + "title": "NetworkConfiguration" + }, + "PlatformVersion": { + "markdownDescription": "The platform version that the tasks in the task set uses. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used.", + "title": "PlatformVersion", + "type": "string" + }, + "Scale": { + "$ref": "#/definitions/AWS::ECS::TaskSet.Scale", + "markdownDescription": "A floating-point percentage of your desired number of tasks to place and keep running in the task set.", + "title": "Scale" + }, + "Service": { + "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", + "title": "Service", "type": "string" }, + "ServiceRegistries": { + "items": { + "$ref": "#/definitions/AWS::ECS::TaskSet.ServiceRegistry" + }, + "markdownDescription": "The details of the service discovery registries to assign to this task set. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .", + "title": "ServiceRegistries", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the project.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a project.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "markdownDescription": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" + }, + "TaskDefinition": { + "markdownDescription": "The task definition for the tasks in the task set to use. If a revision isn't specified, the latest `ACTIVE` revision is used.", + "title": "TaskDefinition", + "type": "string" } }, "required": [ - "Name" + "Cluster", + "Service", + "TaskDefinition" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Project" + "AWS::ECS::TaskSet" ], "type": "string" }, @@ -98528,62 +106891,132 @@ ], "type": "object" }, - "AWS::Evidently::Project.AppConfigResourceObject": { + "AWS::ECS::TaskSet.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The ID of the AWS AppConfig application to use for client-side evaluation.", - "title": "ApplicationId", + "AssignPublicIp": { + "markdownDescription": "Whether the task's elastic network interface receives a public IP address.\n\nConsider the following when you set this value:\n\n- When you use `create-service` or `update-service` , the default is `DISABLED` .\n- When the service `deploymentController` is `ECS` , the value must be `DISABLED` .", + "title": "AssignPublicIp", "type": "string" }, - "EnvironmentId": { - "markdownDescription": "The ID of the AWS AppConfig environment to use for client-side evaluation.", - "title": "EnvironmentId", - "type": "string" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified.\n\n> All specified security groups must be from the same VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified.\n\n> All specified subnets must be from the same VPC.", + "title": "Subnets", + "type": "array" } }, "required": [ - "ApplicationId", - "EnvironmentId" + "Subnets" ], "type": "object" }, - "AWS::Evidently::Project.DataDeliveryObject": { + "AWS::ECS::TaskSet.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "LogGroup": { - "markdownDescription": "If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name.", - "title": "LogGroup", + "Base": { + "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::Evidently::Project.S3Destination", - "markdownDescription": "If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix.", - "title": "S3" + "Weight": { + "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", + "title": "Weight", + "type": "number" } }, "type": "object" }, - "AWS::Evidently::Project.S3Destination": { + "AWS::ECS::TaskSet.LoadBalancer": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the bucket in which Evidently stores evaluation events.", - "title": "BucketName", + "ContainerName": { + "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", + "title": "ContainerName", "type": "string" }, - "Prefix": { - "markdownDescription": "The bucket prefix in which Evidently stores evaluation events.", - "title": "Prefix", + "ContainerPort": { + "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", + "title": "ContainerPort", + "type": "number" + }, + "TargetGroupArn": { + "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", + "title": "TargetGroupArn", "type": "string" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::Evidently::Segment": { + "AWS::ECS::TaskSet.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "AwsVpcConfiguration": { + "$ref": "#/definitions/AWS::ECS::TaskSet.AwsVpcConfiguration", + "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", + "title": "AwsVpcConfiguration" + } + }, + "type": "object" + }, + "AWS::ECS::TaskSet.Scale": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The unit of measure for the scale value.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "The value, specified as a percent total of a service's `desiredCount` , to scale the task set. Accepted values are numbers between 0 and 100.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ECS::TaskSet.ServiceRegistry": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerName", + "type": "string" + }, + "ContainerPort": { + "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", + "title": "ContainerPort", + "type": "number" + }, + "Port": { + "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", + "title": "Port", + "type": "number" + }, + "RegistryArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", + "title": "RegistryArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -98618,38 +107051,43 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description for this segment.", - "title": "Description", - "type": "string" + "AccessPointTags": { + "items": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.AccessPointTag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "AccessPointTags", + "type": "array" }, - "Name": { - "markdownDescription": "A name for the segment.", - "title": "Name", + "ClientToken": { + "markdownDescription": "The opaque string specified in the request to ensure idempotent creation.", + "title": "ClientToken", "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", - "title": "Pattern", + "FileSystemId": { + "markdownDescription": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example `fs-0123456789abcedf2` .", + "title": "FileSystemId", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" + "PosixUser": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.PosixUser", + "markdownDescription": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.", + "title": "PosixUser" + }, + "RootDirectory": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.RootDirectory", + "markdownDescription": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.", + "title": "RootDirectory" } }, "required": [ - "Name" + "FileSystemId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Evidently::Segment" + "AWS::EFS::AccessPoint" ], "type": "string" }, @@ -98668,7 +107106,93 @@ ], "type": "object" }, - "AWS::FIS::ExperimentTemplate": { + "AWS::EFS::AccessPoint.AccessPointTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key (String). The key can't start with `aws:` .", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the tag key.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::AccessPoint.CreationInfo": { + "additionalProperties": false, + "properties": { + "OwnerGid": { + "markdownDescription": "Specifies the POSIX group ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", + "title": "OwnerGid", + "type": "string" + }, + "OwnerUid": { + "markdownDescription": "Specifies the POSIX user ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", + "title": "OwnerUid", + "type": "string" + }, + "Permissions": { + "markdownDescription": "Specifies the POSIX permissions to apply to the `RootDirectory` , in the format of an octal number representing the file's mode bits.", + "title": "Permissions", + "type": "string" + } + }, + "required": [ + "OwnerGid", + "OwnerUid", + "Permissions" + ], + "type": "object" + }, + "AWS::EFS::AccessPoint.PosixUser": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The POSIX group ID used for all file system operations using this access point.", + "title": "Gid", + "type": "string" + }, + "SecondaryGids": { + "items": { + "type": "string" + }, + "markdownDescription": "Secondary POSIX group IDs used for all file system operations using this access point.", + "title": "SecondaryGids", + "type": "array" + }, + "Uid": { + "markdownDescription": "The POSIX user ID used for all file system operations using this access point.", + "title": "Uid", + "type": "string" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::EFS::AccessPoint.RootDirectory": { + "additionalProperties": false, + "properties": { + "CreationInfo": { + "$ref": "#/definitions/AWS::EFS::AccessPoint.CreationInfo", + "markdownDescription": "(Optional) Specifies the POSIX IDs and permissions to apply to the access point's `RootDirectory` . If the `RootDirectory` > `Path` specified does not exist, EFS creates the root directory using the `CreationInfo` settings when a client connects to an access point. When specifying the `CreationInfo` , you must provide values for all properties.\n\n> If you do not provide `CreationInfo` and the specified `RootDirectory` > `Path` does not exist, attempts to mount the file system using the access point will fail.", + "title": "CreationInfo" + }, + "Path": { + "markdownDescription": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the `CreationInfo` .", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::FileSystem": { "additionalProperties": false, "properties": { "Condition": { @@ -98703,80 +107227,83 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "additionalProperties": false, - "markdownDescription": "The actions for the experiment.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateAction" - } - }, - "title": "Actions", - "type": "object" - }, - "Description": { - "markdownDescription": "The description for the experiment template.", - "title": "Description", + "AvailabilityZoneName": { + "markdownDescription": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide* .\n\n> One Zone file systems are not available in all Availability Zones in AWS Regions where Amazon EFS is available.", + "title": "AvailabilityZoneName", "type": "string" }, - "ExperimentOptions": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions", - "markdownDescription": "The experiment options for an experiment template.", - "title": "ExperimentOptions" + "BackupPolicy": { + "$ref": "#/definitions/AWS::EFS::FileSystem.BackupPolicy", + "markdownDescription": "Use the `BackupPolicy` to turn automatic backups on or off for the file system.", + "title": "BackupPolicy" }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration", - "markdownDescription": "The configuration for experiment logging.", - "title": "LogConfiguration" + "BypassPolicyLockoutSafetyCheck": { + "markdownDescription": "(Optional) A boolean that specifies whether or not to bypass the `FileSystemPolicy` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future `PutFileSystemPolicy` requests on this file system. Set `BypassPolicyLockoutSafetyCheck` to `True` only when you intend to prevent the IAM principal that is making the request from making subsequent `PutFileSystemPolicy` requests on this file system. The default value is `False` .", + "title": "BypassPolicyLockoutSafetyCheck", + "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role.", - "title": "RoleArn", - "type": "string" + "Encrypted": { + "markdownDescription": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing AWS KMS key . If you don't specify a KMS key , then the default KMS key for Amazon EFS , `/aws/elasticfilesystem` , is used to protect the encrypted file system.", + "title": "Encrypted", + "type": "boolean" }, - "StopConditions": { + "FileSystemPolicy": { + "markdownDescription": "The `FileSystemPolicy` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using IAM to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide* .", + "title": "FileSystemPolicy", + "type": "object" + }, + "FileSystemProtection": { + "$ref": "#/definitions/AWS::EFS::FileSystem.FileSystemProtection", + "markdownDescription": "Describes the protection on the file system.", + "title": "FileSystemProtection" + }, + "FileSystemTags": { "items": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition" + "$ref": "#/definitions/AWS::EFS::FileSystem.ElasticFileSystemTag" }, - "markdownDescription": "The stop conditions for the experiment.", - "title": "StopConditions", + "markdownDescription": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a `\"Key\":\"Name\",\"Value\":\"{value}\"` key-value pair. Each key must be unique. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", + "title": "FileSystemTags", "type": "array" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags for the experiment template.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "KmsKeyId": { + "markdownDescription": "The ID of the AWS KMS key to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault KMS key . If this parameter is not specified, the default KMS key for Amazon EFS is used. This ID can be in one of the following formats:\n\n- Key ID - A unique identifier of the key, for example `1234abcd-12ab-34cd-56ef-1234567890ab` .\n- ARN - An Amazon Resource Name (ARN) for the key, for example `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` .\n- Key alias - A previously created display name for a key, for example `alias/projectKey1` .\n- Key alias ARN - An ARN for a key alias, for example `arn:aws:kms:us-west-2:444455556666:alias/projectKey1` .\n\nIf `KmsKeyId` is specified, the `Encrypted` parameter must be set to true.", + "title": "KmsKeyId", + "type": "string" }, - "Targets": { - "additionalProperties": false, - "markdownDescription": "The targets for the experiment.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget" - } + "LifecyclePolicies": { + "items": { + "$ref": "#/definitions/AWS::EFS::FileSystem.LifecyclePolicy" }, - "title": "Targets", - "type": "object" + "markdownDescription": "An array of `LifecyclePolicy` objects that define the file system's `LifecycleConfiguration` object. A `LifecycleConfiguration` object informs Lifecycle management of the following:\n\n- When to move files in the file system from primary storage to IA storage.\n- When to move files in the file system from primary storage or IA storage to Archive storage.\n- When to move files that are in IA or Archive storage to primary storage.\n\n> Amazon EFS requires that each `LifecyclePolicy` object have only a single transition. This means that in a request body, `LifecyclePolicies` needs to be structured as an array of `LifecyclePolicy` objects, one object for each transition, `TransitionToIA` , `TransitionToArchive` `TransitionToPrimaryStorageClass` . See the example requests in the following section for more information.", + "title": "LifecyclePolicies", + "type": "array" + }, + "PerformanceMode": { + "markdownDescription": "The performance mode of the file system. We recommend `generalPurpose` performance mode for all file systems. File systems using the `maxIO` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The `maxIO` mode is not supported on One Zone file systems.\n\n> Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems. \n\nDefault is `generalPurpose` .", + "title": "PerformanceMode", + "type": "string" + }, + "ProvisionedThroughputInMibps": { + "markdownDescription": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if `ThroughputMode` is set to `provisioned` . Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact Support . For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide* .", + "title": "ProvisionedThroughputInMibps", + "type": "number" + }, + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationConfiguration", + "markdownDescription": "Describes the replication configuration for a specific file system.", + "title": "ReplicationConfiguration" + }, + "ThroughputMode": { + "markdownDescription": "Specifies the throughput mode for the file system. The mode can be `bursting` , `provisioned` , or `elastic` . If you set `ThroughputMode` to `provisioned` , you must also set a value for `ProvisionedThroughputInMibps` . After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide* .\n\nDefault is `bursting` .", + "title": "ThroughputMode", + "type": "string" } }, - "required": [ - "Description", - "RoleArn", - "StopConditions", - "Tags", - "Targets" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FIS::ExperimentTemplate" + "AWS::EFS::FileSystem" ], "type": "string" }, @@ -98790,234 +107317,229 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration": { + "AWS::EFS::FileSystem.BackupPolicy": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.", - "title": "LogGroupArn", + "Status": { + "markdownDescription": "Set the backup policy status for the file system.\n\n- *`ENABLED`* - Turns automatic backups on for the file system.\n- *`DISABLED`* - Turns automatic backups off for the file system.", + "title": "Status", "type": "string" } }, "required": [ - "LogGroupArn" + "Status" ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { + "AWS::EFS::FileSystem.ElasticFileSystemTag": { "additionalProperties": false, "properties": { - "ActionId": { - "markdownDescription": "The ID of the action.", - "title": "ActionId", + "Key": { + "markdownDescription": "The tag key (String). The key can't start with `aws:` .", + "title": "Key", "type": "string" }, - "Description": { - "markdownDescription": "A description for the action.", - "title": "Description", + "Value": { + "markdownDescription": "The value of the tag key.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EFS::FileSystem.FileSystemProtection": { + "additionalProperties": false, + "properties": { + "ReplicationOverwriteProtection": { + "markdownDescription": "The status of the file system's replication overwrite protection.\n\n- `ENABLED` \u2013 The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is `ENABLED` by default.\n- `DISABLED` \u2013 The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.\n- `REPLICATING` \u2013 The file system is being used as the destination file system in a replication configuration. The file system is read-only and is modified only by EFS replication.\n\nIf the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable.", + "title": "ReplicationOverwriteProtection", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EFS::FileSystem.LifecyclePolicy": { + "additionalProperties": false, + "properties": { + "TransitionToArchive": { + "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToArchive", "type": "string" }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The parameters for the action.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" - }, - "StartAfter": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the action that must be completed before the current action starts.", - "title": "StartAfter", - "type": "array" - }, - "Targets": { - "additionalProperties": true, - "markdownDescription": "The targets for the action.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Targets", - "type": "object" - } - }, - "required": [ - "ActionId" - ], - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions": { - "additionalProperties": false, - "properties": { - "AccountTargeting": { - "markdownDescription": "The account targeting setting for an experiment template.", - "title": "AccountTargeting", + "TransitionToIA": { + "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToIA", "type": "string" }, - "EmptyTargetResolutionMode": { - "markdownDescription": "The empty target resolution mode for an experiment template.", - "title": "EmptyTargetResolutionMode", + "TransitionToPrimaryStorageClass": { + "markdownDescription": "Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", + "title": "TransitionToPrimaryStorageClass", "type": "string" } }, "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration": { + "AWS::EFS::FileSystem.ReplicationConfiguration": { "additionalProperties": false, "properties": { - "CloudWatchLogsConfiguration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration", - "markdownDescription": "The configuration for experiment logging to CloudWatch Logs .", - "title": "CloudWatchLogsConfiguration" - }, - "LogSchemaVersion": { - "markdownDescription": "The schema version.", - "title": "LogSchemaVersion", - "type": "number" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.S3Configuration", - "markdownDescription": "The configuration for experiment logging to Amazon S3 .", - "title": "S3Configuration" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationDestination" + }, + "markdownDescription": "An array of destination objects. Only one destination object is supported.", + "title": "Destinations", + "type": "array" } }, - "required": [ - "LogSchemaVersion" - ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition": { + "AWS::EFS::FileSystem.ReplicationDestination": { "additionalProperties": false, "properties": { - "Source": { - "markdownDescription": "The source for the stop condition.", - "title": "Source", + "AvailabilityZoneName": { + "markdownDescription": "For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located.\n\nUse the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide* .\n\n> One Zone file system type is not available in all Availability Zones in AWS Regions where Amazon EFS is available.", + "title": "AvailabilityZoneName", "type": "string" }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch alarm, if applicable.", - "title": "Value", + "FileSystemId": { + "markdownDescription": "The ID of the destination Amazon EFS file system.", + "title": "FileSystemId", "type": "string" - } - }, - "required": [ - "Source" - ], - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget": { - "additionalProperties": false, - "properties": { - "Filters": { - "items": { - "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter" - }, - "markdownDescription": "The filters to apply to identify target resources using specific attributes.", - "title": "Filters", - "type": "array" }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "The parameters for the resource type.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "KmsKeyId": { + "markdownDescription": "The ID of an AWS KMS key used to protect the encrypted file system.", + "title": "KmsKeyId", + "type": "string" }, - "ResourceArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the targets.", - "title": "ResourceArns", - "type": "array" + "Region": { + "markdownDescription": "The AWS Region in which the destination file system is located.\n\n> For One Zone file systems, the replication configuration must specify the AWS Region in which the destination file system is located.", + "title": "Region", + "type": "string" }, - "ResourceTags": { - "additionalProperties": true, - "markdownDescription": "The tags for the target resources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ResourceTags", - "type": "object" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the current source file system in the replication configuration.", + "title": "RoleArn", + "type": "string" }, - "ResourceType": { - "markdownDescription": "The resource type.", - "title": "ResourceType", + "Status": { + "markdownDescription": "Describes the status of the replication configuration. For more information about replication status, see [Viewing replication details](https://docs.aws.amazon.com//efs/latest/ug/awsbackup.html#restoring-backup-efsmonitoring-replication-status.html) in the *Amazon EFS User Guide* .", + "title": "Status", "type": "string" }, - "SelectionMode": { - "markdownDescription": "Scopes the identified resources to a specific count or percentage.", - "title": "SelectionMode", + "StatusMessage": { + "markdownDescription": "Message that provides details about the `PAUSED` or `ERRROR` state of the replication destination configuration. For more information about replication status messages, see [Viewing replication details](https://docs.aws.amazon.com//efs/latest/ug/awsbackup.html#restoring-backup-efsmonitoring-replication-status.html) in the *Amazon EFS User Guide* .", + "title": "StatusMessage", "type": "string" } }, - "required": [ - "ResourceType", - "SelectionMode" - ], "type": "object" }, - "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter": { + "AWS::EFS::MountTarget": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The attribute path for the filter.", - "title": "Path", + "Condition": { "type": "string" }, - "Values": { - "items": { - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The ID of the file system for which to create the mount target.", + "title": "FileSystemId", + "type": "string" + }, + "IpAddress": { + "markdownDescription": "If the `IpAddressType` for the mount target is IPv4 ( `IPV4_ONLY` or `DUAL_STACK` ), then specify the IPv4 address to use. If you do not specify an `IpAddress` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", + "title": "IpAddress", + "type": "string" + }, + "IpAddressType": { + "markdownDescription": "The IP address type for the mount target. The possible values are `IPV4_ONLY` (only IPv4 addresses), `IPV6_ONLY` (only IPv6 addresses), and `DUAL_STACK` (dual-stack, both IPv4 and IPv6 addresses). If you don\u2019t specify an `IpAddressType` , then `IPV4_ONLY` is used.\n\n> The `IPAddressType` must match the IP type of the subnet. Additionally, the `IPAddressType` parameter overrides the value set as the default IP address for the subnet in the VPC. For example, if the `IPAddressType` is `IPV4_ONLY` and `AssignIpv6AddressOnCreation` is `true` , then IPv4 is used for the mount target. For more information, see [Modify the IP addressing attributes of your subnet](https://docs.aws.amazon.com/vpc/latest/userguide/subnet-public-ip.html) .", + "title": "IpAddressType", + "type": "string" + }, + "Ipv6Address": { + "markdownDescription": "If the `IPAddressType` for the mount target is IPv6 ( `IPV6_ONLY` or `DUAL_STACK` ), then specify the IPv6 address to use. If you do not specify an `Ipv6Address` , then Amazon EFS selects an unused IP address from the subnet specified for `SubnetId` .", + "title": "Ipv6Address", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). If you don't specify a security group, then Amazon EFS uses the default security group for the subnet's VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. The subnet type must be the same type as the `IpAddressType` .", + "title": "SubnetId", + "type": "string" + } }, - "markdownDescription": "The attribute values for the filter.", - "title": "Values", - "type": "array" - } - }, - "required": [ - "Path", - "Values" - ], - "type": "object" - }, - "AWS::FIS::ExperimentTemplate.S3Configuration": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The name of the destination bucket.", - "title": "BucketName", + "required": [ + "FileSystemId", + "SecurityGroups", + "SubnetId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EFS::MountTarget" + ], "type": "string" }, - "Prefix": { - "markdownDescription": "The bucket prefix.", - "title": "Prefix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketName" + "Type", + "Properties" ], "type": "object" }, - "AWS::FIS::TargetAccountConfiguration": { + "AWS::EKS::AccessEntry": { "additionalProperties": false, "properties": { "Condition": { @@ -99052,37 +107574,60 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The AWS account ID of the target account.", - "title": "AccountId", + "AccessPolicies": { + "items": { + "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessPolicy" + }, + "markdownDescription": "The access policies to associate to the access entry.", + "title": "AccessPolicies", + "type": "array" + }, + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "Description": { - "markdownDescription": "The description of the target account.", - "title": "Description", + "KubernetesGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for `name` that you've specified for `kind: Group` as a `subject` in a Kubernetes `RoleBinding` or `ClusterRoleBinding` object. Amazon EKS doesn't confirm that the value for `name` exists in any bindings on your cluster. You can specify one or more names.\n\nKubernetes authorizes the `principalArn` of the access entry to access any cluster objects that you've specified in a Kubernetes `Role` or `ClusterRole` object that is also specified in a binding's `roleRef` . For more information about creating Kubernetes `RoleBinding` , `ClusterRoleBinding` , `Role` , or `ClusterRole` objects, see [Using RBAC Authorization in the Kubernetes documentation](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/access-authn-authz/rbac/) .\n\nIf you want Amazon EKS to authorize the `principalArn` (instead of, or in addition to Kubernetes authorizing the `principalArn` ), you can associate one or more access policies to the access entry using `AssociateAccessPolicy` . If you associate any access policies, the `principalARN` has all permissions assigned in the associated access policies and all permissions in any Kubernetes `Role` or `ClusterRole` objects that the group names are bound to.", + "title": "KubernetesGroups", + "type": "array" + }, + "PrincipalArn": { + "markdownDescription": "The ARN of the IAM principal for the `AccessEntry` . You can specify one ARN for each access entry. You can't specify the same ARN in more than one access entry. This value can't be changed after access entry creation.\n\nThe valid principals differ depending on the type of the access entry in the `type` field. For `STANDARD` access entries, you can use every IAM principal type. For nodes ( `EC2` (for EKS Auto Mode), `EC2_LINUX` , `EC2_WINDOWS` , `FARGATE_LINUX` , and `HYBRID_LINUX` ), the only valid ARN is IAM roles. You can't use the STS session principal type with access entries because this is a temporary principal for each session and not a permanent identity that can be assigned permissions.\n\n[IAM best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) recommend using IAM roles with temporary credentials, rather than IAM users with long-term credentials.", + "title": "PrincipalArn", "type": "string" }, - "ExperimentTemplateId": { - "markdownDescription": "The ID of the experiment template.", - "title": "ExperimentTemplateId", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the new access entry. Valid values are `STANDARD` , `FARGATE_LINUX` , `EC2_LINUX` , `EC2_WINDOWS` , `EC2` (for EKS Auto Mode), `HYBRID_LINUX` , and `HYPERPOD_LINUX` .\n\nIf the `principalArn` is for an IAM role that's used for self-managed Amazon EC2 nodes, specify `EC2_LINUX` or `EC2_WINDOWS` . Amazon EKS grants the necessary permissions to the node for you. If the `principalArn` is for any other purpose, specify `STANDARD` . If you don't specify a value, Amazon EKS sets the value to `STANDARD` . If you have the access mode of the cluster set to `API_AND_CONFIG_MAP` , it's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the `aws-auth` `ConfigMap` for the roles. You can't change this value once you've created the access entry.\n\nIf you set the value to `EC2_LINUX` or `EC2_WINDOWS` , you can't specify values for `kubernetesGroups` , or associate an `AccessPolicy` to the access entry.", + "title": "Type", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role for the target account.", - "title": "RoleArn", + "Username": { + "markdownDescription": "The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries) in the *Amazon EKS User Guide* .", + "title": "Username", "type": "string" } }, "required": [ - "AccountId", - "ExperimentTemplateId", - "RoleArn" + "ClusterName", + "PrincipalArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::FIS::TargetAccountConfiguration" + "AWS::EKS::AccessEntry" ], "type": "string" }, @@ -99101,7 +107646,49 @@ ], "type": "object" }, - "AWS::FMS::NotificationChannel": { + "AWS::EKS::AccessEntry.AccessPolicy": { + "additionalProperties": false, + "properties": { + "AccessScope": { + "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessScope", + "markdownDescription": "The scope of an `AccessPolicy` that's associated to an `AccessEntry` .", + "title": "AccessScope" + }, + "PolicyArn": { + "markdownDescription": "The ARN of the access policy.", + "title": "PolicyArn", + "type": "string" + } + }, + "required": [ + "AccessScope", + "PolicyArn" + ], + "type": "object" + }, + "AWS::EKS::AccessEntry.AccessScope": { + "additionalProperties": false, + "properties": { + "Namespaces": { + "items": { + "type": "string" + }, + "markdownDescription": "A Kubernetes `namespace` that an access policy is scoped to. A value is required if you specified `namespace` for `Type` .", + "title": "Namespaces", + "type": "array" + }, + "Type": { + "markdownDescription": "The scope type of an access policy.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::EKS::Addon": { "additionalProperties": false, "properties": { "Condition": { @@ -99136,26 +107723,67 @@ "Properties": { "additionalProperties": false, "properties": { - "SnsRoleName": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity.", - "title": "SnsRoleName", + "AddonName": { + "markdownDescription": "The name of the add-on.", + "title": "AddonName", "type": "string" }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager .", - "title": "SnsTopicArn", + "AddonVersion": { + "markdownDescription": "The version of the add-on.", + "title": "AddonVersion", + "type": "string" + }, + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", + "type": "string" + }, + "ConfigurationValues": { + "markdownDescription": "The configuration values that you provided.", + "title": "ConfigurationValues", + "type": "string" + }, + "PodIdentityAssociations": { + "items": { + "$ref": "#/definitions/AWS::EKS::Addon.PodIdentityAssociation" + }, + "markdownDescription": "An array of EKS Pod Identity associations owned by the add-on. Each association maps a role to a service account in a namespace in the cluster.\n\nFor more information, see [Attach an IAM Role to an Amazon EKS add-on using EKS Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/add-ons-iam.html) in the *Amazon EKS User Guide* .", + "title": "PodIdentityAssociations", + "type": "array" + }, + "PreserveOnDelete": { + "markdownDescription": "Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.", + "title": "PreserveOnDelete", + "type": "boolean" + }, + "ResolveConflicts": { + "markdownDescription": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose:\n\n- *None* \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail.\n- *Overwrite* \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value.\n- *Preserve* \u2013 This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see [`UpdateAddon`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) .\n\nIf you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", + "title": "ResolveConflicts", + "type": "string" + }, + "ServiceAccountRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the *Amazon EKS User Guide* .\n\n> To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see [Enabling IAM roles for service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the *Amazon EKS User Guide* .", + "title": "ServiceAccountRoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.", + "title": "Tags", + "type": "array" } }, "required": [ - "SnsRoleName", - "SnsTopicArn" + "AddonName", + "ClusterName" ], "type": "object" }, "Type": { "enum": [ - "AWS::FMS::NotificationChannel" + "AWS::EKS::Addon" ], "type": "string" }, @@ -99174,7 +107802,27 @@ ], "type": "object" }, - "AWS::FMS::Policy": { + "AWS::EKS::Addon.PodIdentityAssociation": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", + "title": "RoleArn", + "type": "string" + }, + "ServiceAccount": { + "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", + "title": "ServiceAccount", + "type": "string" + } + }, + "required": [ + "RoleArn", + "ServiceAccount" + ], + "type": "object" + }, + "AWS::EKS::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -99209,100 +107857,107 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteAllPolicyResources": { - "markdownDescription": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.", - "title": "DeleteAllPolicyResources", + "AccessConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.AccessConfig", + "markdownDescription": "The access configuration for the cluster.", + "title": "AccessConfig" + }, + "BootstrapSelfManagedAddons": { + "markdownDescription": "If you set this value to `False` when creating a cluster, the default networking add-ons will not be installed.\n\nThe default networking add-ons include `vpc-cni` , `coredns` , and `kube-proxy` .\n\nUse this option when you plan to install third-party alternative add-ons or self-manage the default networking add-ons.", + "title": "BootstrapSelfManagedAddons", "type": "boolean" }, - "ExcludeMap": { - "$ref": "#/definitions/AWS::FMS::Policy.IEMap", - "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", - "title": "ExcludeMap" + "ComputeConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ComputeConfig", + "markdownDescription": "Indicates the current configuration of the compute capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your AWS account. For more information, see EKS Auto Mode compute capability in the *Amazon EKS User Guide* .", + "title": "ComputeConfig" }, - "ExcludeResourceTags": { - "markdownDescription": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy.", - "title": "ExcludeResourceTags", + "EncryptionConfig": { + "items": { + "$ref": "#/definitions/AWS::EKS::Cluster.EncryptionConfig" + }, + "markdownDescription": "The encryption configuration for the cluster.", + "title": "EncryptionConfig", + "type": "array" + }, + "Force": { + "markdownDescription": "Set this value to `true` to override upgrade-blocking readiness checks when updating a cluster.", + "title": "Force", "type": "boolean" }, - "IncludeMap": { - "$ref": "#/definitions/AWS::FMS::Policy.IEMap", - "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", - "title": "IncludeMap" + "KubernetesNetworkConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.KubernetesNetworkConfig", + "markdownDescription": "The Kubernetes network configuration for the cluster.", + "title": "KubernetesNetworkConfig" }, - "PolicyDescription": { - "markdownDescription": "Your description of the AWS Firewall Manager policy.", - "title": "PolicyDescription", - "type": "string" + "Logging": { + "$ref": "#/definitions/AWS::EKS::Cluster.Logging", + "markdownDescription": "The logging configuration for your cluster.", + "title": "Logging" }, - "PolicyName": { - "markdownDescription": "The name of the AWS Firewall Manager policy.", - "title": "PolicyName", + "Name": { + "markdownDescription": "The unique name to give to your cluster. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphanumeric character and can't be longer than 100 characters. The name must be unique within the AWS Region and AWS account that you're creating the cluster in. Note that underscores can't be used in AWS CloudFormation .", + "title": "Name", "type": "string" }, - "RemediationEnabled": { - "markdownDescription": "Indicates if the policy should be automatically applied to new resources.", - "title": "RemediationEnabled", - "type": "boolean" + "OutpostConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.OutpostConfig", + "markdownDescription": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", + "title": "OutpostConfig" }, - "ResourceSetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique identifiers of the resource sets used by the policy.", - "title": "ResourceSetIds", - "type": "array" + "RemoteNetworkConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemoteNetworkConfig", + "markdownDescription": "The configuration in the cluster for EKS Hybrid Nodes. You can add, change, or remove this configuration after the cluster is created.", + "title": "RemoteNetworkConfig" }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::FMS::Policy.ResourceTag" - }, - "markdownDescription": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` .", - "title": "ResourceTags", - "type": "array" + "ResourcesVpcConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ResourcesVpcConfig", + "markdownDescription": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.", + "title": "ResourcesVpcConfig" }, - "ResourceType": { - "markdownDescription": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` .", - "title": "ResourceType", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see [Amazon EKS Service IAM Role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the **Amazon EKS User Guide** .", + "title": "RoleArn", "type": "string" }, - "ResourceTypeList": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` .", - "title": "ResourceTypeList", - "type": "array" - }, - "ResourcesCleanUp": { - "markdownDescription": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies.", - "title": "ResourcesCleanUp", - "type": "boolean" - }, - "SecurityServicePolicyData": { - "$ref": "#/definitions/AWS::FMS::Policy.SecurityServicePolicyData", - "markdownDescription": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", - "title": "SecurityServicePolicyData" + "StorageConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.StorageConfig", + "markdownDescription": "Indicates the current configuration of the block storage capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your AWS account. For more information, see EKS Auto Mode block storage capability in the *Amazon EKS User Guide* .", + "title": "StorageConfig" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::FMS::Policy.PolicyTag" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "markdownDescription": "The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.\n\n> You must have the `eks:TagResource` and `eks:UntagResource` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "title": "Tags", "type": "array" + }, + "UpgradePolicy": { + "$ref": "#/definitions/AWS::EKS::Cluster.UpgradePolicy", + "markdownDescription": "This value indicates if extended support is enabled or disabled for the cluster.\n\n[Learn more about EKS Extended Support in the *Amazon EKS User Guide* .](https://docs.aws.amazon.com/eks/latest/userguide/extended-support-control.html)", + "title": "UpgradePolicy" + }, + "Version": { + "markdownDescription": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used.\n\n> The default version might not be the latest version available.", + "title": "Version", + "type": "string" + }, + "ZonalShiftConfig": { + "$ref": "#/definitions/AWS::EKS::Cluster.ZonalShiftConfig", + "markdownDescription": "The configuration for zonal shift for the cluster.", + "title": "ZonalShiftConfig" } }, "required": [ - "ExcludeResourceTags", - "PolicyName", - "RemediationEnabled", - "SecurityServicePolicyData" + "ResourcesVpcConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::FMS::Policy" + "AWS::EKS::Cluster" ], "type": "string" }, @@ -99321,136 +107976,335 @@ ], "type": "object" }, - "AWS::FMS::Policy.IEMap": { + "AWS::EKS::Cluster.AccessConfig": { "additionalProperties": false, "properties": { - "ACCOUNT": { + "AuthenticationMode": { + "markdownDescription": "The desired authentication mode for the cluster. If you create a cluster by using the EKS API, AWS SDKs, or AWS CloudFormation , the default is `CONFIG_MAP` . If you create the cluster by using the AWS Management Console , the default value is `API_AND_CONFIG_MAP` .", + "title": "AuthenticationMode", + "type": "string" + }, + "BootstrapClusterCreatorAdminPermissions": { + "markdownDescription": "Specifies whether or not the cluster creator IAM principal was set as a cluster admin access entry during cluster creation time. The default value is `true` .", + "title": "BootstrapClusterCreatorAdminPermissions", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.BlockStorage": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates if the block storage capability is enabled on your EKS Auto Mode cluster. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your AWS account.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ClusterLogging": { + "additionalProperties": false, + "properties": { + "EnabledTypes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EKS::Cluster.LoggingTypeConfig" }, - "markdownDescription": "The account list for the map.", - "title": "ACCOUNT", + "markdownDescription": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n> When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it.", + "title": "EnabledTypes", "type": "array" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.ComputeConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Request to enable or disable the compute capability on your EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your AWS account.", + "title": "Enabled", + "type": "boolean" }, - "ORGUNIT": { + "NodePools": { "items": { "type": "string" }, - "markdownDescription": "The organizational unit list for the map.", - "title": "ORGUNIT", + "markdownDescription": "Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. For more information, see EKS Auto Mode Node Pools in the *Amazon EKS User Guide* .", + "title": "NodePools", "type": "array" + }, + "NodeRoleArn": { + "markdownDescription": "The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled. For more information, see the IAM Reference in the *Amazon EKS User Guide* .", + "title": "NodeRoleArn", + "type": "string" } }, "type": "object" }, - "AWS::FMS::Policy.NetworkFirewallPolicy": { + "AWS::EKS::Cluster.ControlPlanePlacement": { "additionalProperties": false, "properties": { - "FirewallDeploymentModel": { - "markdownDescription": "Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .", - "title": "FirewallDeploymentModel", + "GroupName": { + "markdownDescription": "The name of the placement group for the Kubernetes control plane instances. This property is only used for a local cluster on an AWS Outpost.", + "title": "GroupName", "type": "string" } }, - "required": [ - "FirewallDeploymentModel" - ], "type": "object" }, - "AWS::FMS::Policy.PolicyOption": { + "AWS::EKS::Cluster.ElasticLoadBalancing": { "additionalProperties": false, "properties": { - "NetworkFirewallPolicy": { - "$ref": "#/definitions/AWS::FMS::Policy.NetworkFirewallPolicy", - "markdownDescription": "Defines the deployment model to use for the firewall policy.", - "title": "NetworkFirewallPolicy" + "Enabled": { + "markdownDescription": "Indicates if the load balancing capability is enabled on your EKS Auto Mode cluster. If the load balancing capability is enabled, EKS Auto Mode will create and delete load balancers in your AWS account.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.EncryptionConfig": { + "additionalProperties": false, + "properties": { + "Provider": { + "$ref": "#/definitions/AWS::EKS::Cluster.Provider", + "markdownDescription": "The encryption provider for the cluster.", + "title": "Provider" }, - "ThirdPartyFirewallPolicy": { - "$ref": "#/definitions/AWS::FMS::Policy.ThirdPartyFirewallPolicy", - "markdownDescription": "Defines the policy options for a third-party firewall policy.", - "title": "ThirdPartyFirewallPolicy" + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the resources to be encrypted. The only supported value is `secrets` .", + "title": "Resources", + "type": "array" } }, "type": "object" }, - "AWS::FMS::Policy.PolicyTag": { + "AWS::EKS::Cluster.KubernetesNetworkConfig": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive.", - "title": "Key", + "ElasticLoadBalancing": { + "$ref": "#/definitions/AWS::EKS::Cluster.ElasticLoadBalancing", + "markdownDescription": "Request to enable or disable the load balancing capability on your EKS Auto Mode cluster. For more information, see EKS Auto Mode load balancing capability in the *Amazon EKS User Guide* .", + "title": "ElasticLoadBalancing" + }, + "IpFamily": { + "markdownDescription": "Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you don't specify a value, `ipv4` is used by default. You can only specify an IP family when you create a cluster and can't change this value once the cluster is created. If you specify `ipv6` , the VPC and subnets that you specify for cluster creation must have both `IPv4` and `IPv6` CIDR blocks assigned to them. You can't specify `ipv6` for clusters in China Regions.\n\nYou can only specify `ipv6` for `1.21` and later clusters that use version `1.10.1` or later of the Amazon VPC CNI add-on. If you specify `ipv6` , then ensure that your VPC meets the requirements listed in the considerations listed in [Assigning IPv6 addresses to pods and services](https://docs.aws.amazon.com/eks/latest/userguide/cni-ipv6.html) in the *Amazon EKS User Guide* . Kubernetes assigns services `IPv6` addresses from the unique local address range `(fc00::/7)` . You can't specify a custom `IPv6` CIDR block. Pod addresses are assigned from the subnet's `IPv6` CIDR.", + "title": "IpFamily", "type": "string" }, - "Value": { - "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive.", - "title": "Value", + "ServiceIpv4Cidr": { + "markdownDescription": "Don't specify a value if you select `ipv6` for *ipFamily* . The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the `10.100.0.0/16` or `172.20.0.0/16` CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:\n\n- Within one of the following private IP address blocks: `10.0.0.0/8` , `172.16.0.0/12` , or `192.168.0.0/16` .\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between `/24` and `/12` .\n\n> You can only specify a custom CIDR block when you create a cluster. You can't change this value after the cluster is created.", + "title": "ServiceIpv4Cidr", + "type": "string" + }, + "ServiceIpv6Cidr": { + "markdownDescription": "The CIDR block that Kubernetes pod and service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster. Kubernetes assigns service addresses from the unique local address range ( `fc00::/7` ) because you can't specify a custom IPv6 CIDR block when you create the cluster.", + "title": "ServiceIpv6Cidr", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.Logging": { + "additionalProperties": false, + "properties": { + "ClusterLogging": { + "$ref": "#/definitions/AWS::EKS::Cluster.ClusterLogging", + "markdownDescription": "The cluster control plane logging configuration for your cluster.", + "title": "ClusterLogging" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.LoggingTypeConfig": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The name of the log type.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.OutpostConfig": { + "additionalProperties": false, + "properties": { + "ControlPlaneInstanceType": { + "markdownDescription": "The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. Choose an instance type based on the number of nodes that your cluster will have. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .\n\nThe instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. The control plane is not automatically scaled by Amazon EKS.", + "title": "ControlPlaneInstanceType", "type": "string" + }, + "ControlPlanePlacement": { + "$ref": "#/definitions/AWS::EKS::Cluster.ControlPlanePlacement", + "markdownDescription": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on an AWS Outpost. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .", + "title": "ControlPlanePlacement" + }, + "OutpostArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. Only a single Outpost ARN is supported.", + "title": "OutpostArns", + "type": "array" } }, "required": [ - "Key", - "Value" + "ControlPlaneInstanceType", + "OutpostArns" ], "type": "object" }, - "AWS::FMS::Policy.ResourceTag": { + "AWS::EKS::Cluster.Provider": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The resource tag key.", - "title": "Key", + "KeyArn": { + "markdownDescription": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric and created in the same AWS Region as the cluster. If the KMS key was created in a different account, the [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) must have access to the KMS key. For more information, see [Allowing users in other accounts to use a KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KeyArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.RemoteNetworkConfig": { + "additionalProperties": false, + "properties": { + "RemoteNodeNetworks": { + "items": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemoteNodeNetwork" + }, + "markdownDescription": "The list of network CIDRs that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names.", + "title": "RemoteNodeNetworks", + "type": "array" }, - "Value": { - "markdownDescription": "The resource tag value.", - "title": "Value", - "type": "string" + "RemotePodNetworks": { + "items": { + "$ref": "#/definitions/AWS::EKS::Cluster.RemotePodNetwork" + }, + "markdownDescription": "The list of network CIDRs that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.", + "title": "RemotePodNetworks", + "type": "array" } }, "required": [ - "Key" + "RemoteNodeNetworks" ], "type": "object" }, - "AWS::FMS::Policy.SecurityServicePolicyData": { + "AWS::EKS::Cluster.RemoteNodeNetwork": { "additionalProperties": false, "properties": { - "ManagedServiceData": { - "markdownDescription": "Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", - "title": "ManagedServiceData", - "type": "string" + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "A network CIDR that can contain hybrid nodes.\n\nThese CIDR blocks define the expected IP address range of the hybrid nodes that join the cluster. These blocks are typically determined by your network administrator.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.\n- Each block must have a route to the VPC that uses the VPC CIDR blocks, not public IPs or Elastic IPs. There are many options including AWS Transit Gateway , AWS Site-to-Site VPN , or AWS Direct Connect .\n- Each host must allow outbound connection to the EKS cluster control plane on TCP ports `443` and `10250` .\n- Each host must allow inbound connection from the EKS cluster control plane on TCP port 10250 for logs, exec and port-forward operations.\n- Each host must allow TCP and UDP network connectivity to and from other hosts that are running `CoreDNS` on UDP port `53` for service and pod DNS names.", + "title": "Cidrs", + "type": "array" + } + }, + "required": [ + "Cidrs" + ], + "type": "object" + }, + "AWS::EKS::Cluster.RemotePodNetwork": { + "additionalProperties": false, + "properties": { + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "A network CIDR that can contain pods that run Kubernetes webhooks on hybrid nodes.\n\nThese CIDR blocks are determined by configuring your Container Network Interface (CNI) plugin. We recommend the Calico CNI or Cilium CNI. Note that the Amazon VPC CNI plugin for Kubernetes isn't available for on-premises and edge locations.\n\nEnter one or more IPv4 CIDR blocks in decimal dotted-quad notation (for example, `10.2.0.0/16` ).\n\nIt must satisfy the following requirements:\n\n- Each block must be within an `IPv4` RFC-1918 network range. Minimum allowed size is /32, maximum allowed size is /8. Publicly-routable addresses aren't supported.\n- Each block cannot overlap with the range of the VPC CIDR blocks for your EKS resources, or the block of the Kubernetes service IP range.", + "title": "Cidrs", + "type": "array" + } + }, + "required": [ + "Cidrs" + ], + "type": "object" + }, + "AWS::EKS::Cluster.ResourcesVpcConfig": { + "additionalProperties": false, + "properties": { + "EndpointPrivateAccess": { + "markdownDescription": "Set this value to `true` to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is `false` , which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", + "title": "EndpointPrivateAccess", + "type": "boolean" }, - "PolicyOption": { - "$ref": "#/definitions/AWS::FMS::Policy.PolicyOption", - "markdownDescription": "Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy.", - "title": "PolicyOption" + "EndpointPublicAccess": { + "markdownDescription": "Set this value to `false` to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is `true` , which enables public access for your Kubernetes API server. The endpoint domain name and IP address family depends on the value of the `ipFamily` for the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", + "title": "EndpointPublicAccess", + "type": "boolean" }, - "Type": { - "markdownDescription": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong .", - "title": "Type", - "type": "string" + "PublicAccessCidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is `0.0.0.0/0` and additionally `::/0` for dual-stack `IPv6` clusters. If you've disabled private endpoint access, make sure that you specify the necessary CIDR blocks for every node and AWS Fargate `Pod` in the cluster. For more information, see [Cluster API server endpoint](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .\n\nNote that the public endpoints are dual-stack for only `IPv6` clusters that are made after October 2024. You can't add `IPv6` CIDR blocks to `IPv4` clusters or `IPv6` clusters that were made before October 2024.", + "title": "PublicAccessCidrs", + "type": "array" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see [Amazon EKS security group considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the **Amazon EKS User Guide** .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "Type" + "SubnetIds" ], "type": "object" }, - "AWS::FMS::Policy.ThirdPartyFirewallPolicy": { + "AWS::EKS::Cluster.StorageConfig": { "additionalProperties": false, "properties": { - "FirewallDeploymentModel": { - "markdownDescription": "Defines the deployment model to use for the third-party firewall policy.", - "title": "FirewallDeploymentModel", + "BlockStorage": { + "$ref": "#/definitions/AWS::EKS::Cluster.BlockStorage", + "markdownDescription": "Request to configure EBS Block Storage settings for your EKS Auto Mode cluster.", + "title": "BlockStorage" + } + }, + "type": "object" + }, + "AWS::EKS::Cluster.UpgradePolicy": { + "additionalProperties": false, + "properties": { + "SupportType": { + "markdownDescription": "If the cluster is set to `EXTENDED` , it will enter extended support at the end of standard support. If the cluster is set to `STANDARD` , it will be automatically upgraded at the end of standard support.\n\n[Learn more about EKS Extended Support in the *Amazon EKS User Guide* .](https://docs.aws.amazon.com/eks/latest/userguide/extended-support-control.html)", + "title": "SupportType", "type": "string" } }, - "required": [ - "FirewallDeploymentModel" - ], "type": "object" }, - "AWS::FMS::ResourceSet": { + "AWS::EKS::Cluster.ZonalShiftConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "If zonal shift is enabled, AWS configures zonal autoshift for the cluster.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EKS::FargateProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -99485,50 +108339,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the resource set.", - "title": "Description", + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "Name": { - "markdownDescription": "The descriptive name of the resource set. You can't change the name of a resource set after you create it.", - "title": "Name", + "FargateProfileName": { + "markdownDescription": "The name of the Fargate profile.", + "title": "FargateProfileName", "type": "string" }, - "ResourceTypeList": { + "PodExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Pod` execution role to use for a `Pod` that matches the selectors in the Fargate profile. The `Pod` execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see [`Pod` execution role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) in the *Amazon EKS User Guide* .", + "title": "PodExecutionRoleArn", + "type": "string" + }, + "Selectors": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EKS::FargateProfile.Selector" }, - "markdownDescription": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list.", - "title": "ResourceTypeList", + "markdownDescription": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile.", + "title": "Selectors", "type": "array" }, - "Resources": { + "Subnets": { "items": { "type": "string" }, - "markdownDescription": "", - "title": "Resources", + "markdownDescription": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", + "title": "Subnets", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "ResourceTypeList" + "ClusterName", + "PodExecutionRoleArn", + "Selectors" ], "type": "object" }, "Type": { "enum": [ - "AWS::FMS::ResourceSet" + "AWS::EKS::FargateProfile" ], "type": "string" }, @@ -99547,7 +108407,49 @@ ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation": { + "AWS::EKS::FargateProfile.Label": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "Enter a key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "Enter a value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::EKS::FargateProfile.Selector": { + "additionalProperties": false, + "properties": { + "Labels": { + "items": { + "$ref": "#/definitions/AWS::EKS::FargateProfile.Label" + }, + "markdownDescription": "The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.", + "title": "Labels", + "type": "array" + }, + "Namespace": { + "markdownDescription": "The Kubernetes `namespace` that the selector should match.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "AWS::EKS::IdentityProviderConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -99582,55 +108484,44 @@ "Properties": { "additionalProperties": false, "properties": { - "BatchImportMetaDataOnCreate": { - "markdownDescription": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to `true` .", - "title": "BatchImportMetaDataOnCreate", - "type": "boolean" - }, - "DataRepositoryPath": { - "markdownDescription": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format `s3://myBucket/myPrefix/` . This path specifies where in the S3 data repository files will be imported from or exported to.", - "title": "DataRepositoryPath", - "type": "string" - }, - "FileSystemId": { - "markdownDescription": "The ID of the file system on which the data repository association is configured.", - "title": "FileSystemId", + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "FileSystemPath": { - "markdownDescription": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as `/ns1/` ) or subdirectory (such as `/ns1/subdir/` ) that will be mapped 1-1 with `DataRepositoryPath` . The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/` , then you cannot link another data repository with file system path `/ns1/ns2` .\n\nThis path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n\n> If you specify only a forward slash ( `/` ) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system.", - "title": "FileSystemPath", + "IdentityProviderConfigName": { + "markdownDescription": "The name of the configuration.", + "title": "IdentityProviderConfigName", "type": "string" }, - "ImportedFileChunkSize": { - "markdownDescription": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.", - "title": "ImportedFileChunkSize", - "type": "number" - }, - "S3": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.S3", - "markdownDescription": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.", - "title": "S3" + "Oidc": { + "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig", + "markdownDescription": "An object representing an OpenID Connect (OIDC) identity provider configuration.", + "title": "Oidc" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of the identity provider configuration. The only type available is `oidc` .", + "title": "Type", + "type": "string" } }, "required": [ - "DataRepositoryPath", - "FileSystemId", - "FileSystemPath" + "ClusterName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::DataRepositoryAssociation" + "AWS::EKS::IdentityProviderConfig" ], "type": "string" }, @@ -99649,57 +108540,75 @@ ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation.AutoExportPolicy": { + "AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig": { "additionalProperties": false, "properties": { - "Events": { + "ClientId": { + "markdownDescription": "This is also known as *audience* . The ID of the client application that makes authentication requests to the OIDC identity provider.", + "title": "ClientId", + "type": "string" + }, + "GroupsClaim": { + "markdownDescription": "The JSON web token (JWT) claim that the provider uses to return your groups.", + "title": "GroupsClaim", + "type": "string" + }, + "GroupsPrefix": { + "markdownDescription": "The prefix that is prepended to group claims to prevent clashes with existing names (such as `system:` groups). For example, the value `oidc:` creates group names like `oidc:engineering` and `oidc:infra` . The prefix can't contain `system:`", + "title": "GroupsPrefix", + "type": "string" + }, + "IssuerUrl": { + "markdownDescription": "The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.", + "title": "IssuerUrl", + "type": "string" + }, + "RequiredClaims": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.RequiredClaim" }, - "markdownDescription": "The `AutoExportPolicy` can have the following event values:\n\n- `NEW` - New files and directories are automatically exported to the data repository as they are added to the file system.\n- `CHANGED` - Changes to files and directories on the file system are automatically exported to the data repository.\n- `DELETED` - Files and directories are automatically deleted on the data repository when they are deleted on the file system.\n\nYou can define any combination of event types for your `AutoExportPolicy` .", - "title": "Events", + "markdownDescription": "The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.", + "title": "RequiredClaims", "type": "array" + }, + "UsernameClaim": { + "markdownDescription": "The JSON Web token (JWT) claim that is used as the username.", + "title": "UsernameClaim", + "type": "string" + }, + "UsernamePrefix": { + "markdownDescription": "The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain `system:`", + "title": "UsernamePrefix", + "type": "string" } }, "required": [ - "Events" + "ClientId", + "IssuerUrl" ], "type": "object" }, - "AWS::FSx::DataRepositoryAssociation.AutoImportPolicy": { + "AWS::EKS::IdentityProviderConfig.RequiredClaim": { "additionalProperties": false, "properties": { - "Events": { - "items": { - "type": "string" - }, - "markdownDescription": "The `AutoImportPolicy` can have the following event values:\n\n- `NEW` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `CHANGED` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository.\n- `DELETED` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository.\n\nYou can define any combination of event types for your `AutoImportPolicy` .", - "title": "Events", - "type": "array" - } - }, - "required": [ - "Events" - ], - "type": "object" - }, - "AWS::FSx::DataRepositoryAssociation.S3": { - "additionalProperties": false, - "properties": { - "AutoExportPolicy": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoExportPolicy", - "markdownDescription": "Describes a data repository association's automatic export policy. The `AutoExportPolicy` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file.\n\nThe `AutoExportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", - "title": "AutoExportPolicy" + "Key": { + "markdownDescription": "The key to match from the token.", + "title": "Key", + "type": "string" }, - "AutoImportPolicy": { - "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoImportPolicy", - "markdownDescription": "Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket.\n\nThe `AutoImportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", - "title": "AutoImportPolicy" + "Value": { + "markdownDescription": "The value for the key from the token.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::FSx::FileSystem": { + "AWS::EKS::Nodegroup": { "additionalProperties": false, "properties": { "Condition": { @@ -99734,90 +108643,133 @@ "Properties": { "additionalProperties": false, "properties": { - "BackupId": { - "markdownDescription": "The ID of the file system backup that you are using to create a file system. For more information, see [CreateFileSystemFromBackup](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html) .", - "title": "BackupId", - "type": "string" - }, - "FileSystemType": { - "markdownDescription": "The type of Amazon FSx file system, which can be `LUSTRE` , `WINDOWS` , `ONTAP` , or `OPENZFS` .", - "title": "FileSystemType", + "AmiType": { + "markdownDescription": "The AMI type for your node group. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `amiType` , or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add `eks:kube-proxy-windows` to your Windows nodes `rolearn` in the `aws-auth` `ConfigMap` . For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "AmiType", "type": "string" }, - "FileSystemTypeVersion": { - "markdownDescription": "For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are `2.10` , `2.12` , and `2.15` :\n\n- `2.10` is supported by the Scratch and Persistent_1 Lustre deployment types.\n- `2.12` is supported by all Lustre deployment types, except for `PERSISTENT_2` with a metadata configuration mode.\n- `2.15` is supported by all Lustre deployment types and is recommended for all new file systems.\n\nDefault value is `2.10` , except for the following deployments:\n\n- Default value is `2.12` when `DeploymentType` is set to `PERSISTENT_2` without a metadata configuration mode.\n- Default value is `2.15` when `DeploymentType` is set to `PERSISTENT_2` with a metadata configuration mode.", - "title": "FileSystemTypeVersion", + "CapacityType": { + "markdownDescription": "The capacity type of your managed node group.", + "title": "CapacityType", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server\n\nIf this ID isn't specified, the Amazon FSx-managed key for your account is used. For more information, see [Encrypt](https://docs.aws.amazon.com//kms/latest/APIReference/API_Encrypt.html) in the *AWS Key Management Service API Reference* .", - "title": "KmsKeyId", + "ClusterName": { + "markdownDescription": "The name of your cluster.", + "title": "ClusterName", "type": "string" }, - "LustreConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.LustreConfiguration", - "markdownDescription": "The Lustre configuration for the file system being created. This configuration is required if the `FileSystemType` is set to `LUSTRE` .\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", - "title": "LustreConfiguration" - }, - "OntapConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.OntapConfiguration", - "markdownDescription": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating. This configuration is required if the `FileSystemType` is set to `ONTAP` .", - "title": "OntapConfiguration" + "DiskSize": { + "markdownDescription": "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify `launchTemplate` , then don't specify `diskSize` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "DiskSize", + "type": "number" }, - "OpenZFSConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.OpenZFSConfiguration", - "markdownDescription": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating. This configuration is required if the `FileSystemType` is set to `OPENZFS` .", - "title": "OpenZFSConfiguration" + "ForceUpdateEnabled": { + "markdownDescription": "Force the update if any `Pod` on the existing node group can't be drained due to a `Pod` disruption budget issue. If an update fails because all Pods can't be drained, you can force the update after it fails to terminate the old node whether or not any `Pod` is running on the node.", + "title": "ForceUpdateEnabled", + "type": "boolean" }, - "SecurityGroupIds": { + "InstanceTypes": { "items": { "type": "string" }, - "markdownDescription": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", - "title": "SecurityGroupIds", + "markdownDescription": "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the `amiType` parameter. If you specify `launchTemplate` , then you can specify zero or one instance type in your launch template *or* you can specify 0-20 instance types for `instanceTypes` . If however, you specify an instance type in your launch template *and* specify any `instanceTypes` , the node group deployment will fail. If you don't specify an instance type in a launch template or for `instanceTypes` , then `t3.medium` is used, by default. If you specify `Spot` for `capacityType` , then we recommend specifying multiple values for `instanceTypes` . For more information, see [Managed node group capacity types](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "InstanceTypes", "type": "array" }, - "StorageCapacity": { - "markdownDescription": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", - "title": "StorageCapacity", - "type": "number" + "Labels": { + "additionalProperties": true, + "markdownDescription": "The Kubernetes `labels` applied to the nodes in the node group.\n\n> Only `labels` that are applied with the Amazon EKS API are shown here. There may be other Kubernetes `labels` applied to the nodes in this group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Labels", + "type": "object" }, - "StorageType": { - "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type and for Lustre file systems with the Persistent_2 deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [FSx for Lustre storage classes](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html#lustre-storage-classes) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageType", + "LaunchTemplate": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.LaunchTemplateSpecification", + "markdownDescription": "An object representing a node group's launch template specification. When using this object, don't directly specify `instanceTypes` , `diskSize` , or `remoteAccess` . You cannot later specify a different launch template ID or name than what was used to create the node group.\n\nMake sure that the launch template meets the requirements in `launchTemplateSpecification` . Also refer to [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "LaunchTemplate" + }, + "NodeRepairConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.NodeRepairConfig", + "markdownDescription": "The node auto repair configuration for the node group.", + "title": "NodeRepairConfig" + }, + "NodeRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the **Amazon EKS User Guide** . If you specify `launchTemplate` , then don't specify `[IamInstanceProfile](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "NodeRole", "type": "string" }, - "SubnetIds": { + "NodegroupName": { + "markdownDescription": "The unique name to give your node group.", + "title": "NodegroupName", + "type": "string" + }, + "ReleaseVersion": { + "markdownDescription": "The AMI version of the Amazon EKS optimized AMI to use with your node group (for example, `1.14.7- *YYYYMMDD*` ). By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see [Amazon EKS optimized Linux AMI Versions](https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the *Amazon EKS User Guide* .\n\n> Changing this value triggers an update of the node group if one is available. You can't update other properties at the same time as updating `Release Version` .", + "title": "ReleaseVersion", + "type": "string" + }, + "RemoteAccess": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.RemoteAccess", + "markdownDescription": "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify `launchTemplate` , then don't specify `remoteAccess` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "RemoteAccess" + }, + "ScalingConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.ScalingConfig", + "markdownDescription": "The scaling configuration details for the Auto Scaling group that is created for your node group.", + "title": "ScalingConfig" + }, + "Subnets": { "items": { "type": "string" }, - "markdownDescription": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", - "title": "SubnetIds", + "markdownDescription": "The subnets to use for the Auto Scaling group that is created for your node group. If you specify `launchTemplate` , then don't specify `[SubnetId](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", + "title": "Subnets", "type": "array" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", "title": "Tags", + "type": "object" + }, + "Taints": { + "items": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.Taint" + }, + "markdownDescription": "The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of `No_Schedule` , `Prefer_No_Schedule` , or `No_Execute` . Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see [Node taints on managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html) .", + "title": "Taints", "type": "array" }, - "WindowsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.WindowsConfiguration", - "markdownDescription": "The configuration object for the Microsoft Windows file system you are creating. This configuration is required if `FileSystemType` is set to `WINDOWS` .", - "title": "WindowsConfiguration" + "UpdateConfig": { + "$ref": "#/definitions/AWS::EKS::Nodegroup.UpdateConfig", + "markdownDescription": "The node group update configuration.", + "title": "UpdateConfig" + }, + "Version": { + "markdownDescription": "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `version` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Launch template support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .\n\n> You can't update other properties at the same time as updating `Version` .", + "title": "Version", + "type": "string" } }, "required": [ - "FileSystemType", - "SubnetIds" + "ClusterName", + "NodeRole", + "Subnets" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::FileSystem" + "AWS::EKS::Nodegroup" ], "type": "string" }, @@ -99836,473 +108788,124 @@ ], "type": "object" }, - "AWS::FSx::FileSystem.AuditLogConfiguration": { + "AWS::EKS::Nodegroup.LaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "AuditLogDestination": { - "markdownDescription": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN.\n\nThe name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehose delivery stream must begin with the `aws-fsx` prefix.\n\nThe destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose delivery stream) must be in the same AWS partition, AWS Region , and AWS account as your Amazon FSx file system.", - "title": "AuditLogDestination", - "type": "string" - }, - "FileAccessAuditLogLevel": { - "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file and folder accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access files or folders are logged.\n- `FAILURE_ONLY` - only failed attempts to access files or folders are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access files or folders are logged.\n- `DISABLED` - access auditing of files and folders is turned off.", - "title": "FileAccessAuditLogLevel", + "Id": { + "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name in the request, but not both. After node group creation, you cannot use a different ID.", + "title": "Id", "type": "string" }, - "FileShareAccessAuditLogLevel": { - "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file share accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access file shares are logged.\n- `FAILURE_ONLY` - only failed attempts to access file shares are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access file shares are logged.\n- `DISABLED` - access auditing of file shares is turned off.", - "title": "FileShareAccessAuditLogLevel", - "type": "string" - } - }, - "required": [ - "FileAccessAuditLogLevel", - "FileShareAccessAuditLogLevel" - ], - "type": "object" - }, - "AWS::FSx::FileSystem.ClientConfigurations": { - "additionalProperties": false, - "properties": { - "Clients": { - "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", - "title": "Clients", + "Name": { + "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template name or the launch template ID in the request, but not both. After node group creation, you cannot use a different name.", + "title": "Name", "type": "string" }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", - "title": "Options", - "type": "array" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.DiskIopsConfiguration": { - "additionalProperties": false, - "properties": { - "Iops": { - "markdownDescription": "The total number of SSD IOPS provisioned for the file system.\n\nThe minimum and maximum values for this property depend on the value of `HAPairs` and `StorageCapacity` . The minimum value is calculated as `StorageCapacity` * 3 * `HAPairs` (3 IOPS per GB of `StorageCapacity` ). The maximum value is calculated as 200,000 * `HAPairs` .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) if the value of `Iops` is outside of the minimum or maximum values.", - "title": "Iops", - "type": "number" - }, - "Mode": { - "markdownDescription": "Specifies whether the file system is using the `AUTOMATIC` setting of SSD IOPS of 3 IOPS per GB of storage capacity, or if it using a `USER_PROVISIONED` value.", - "title": "Mode", + "Version": { + "markdownDescription": "The version number of the launch template to use. If no version is specified, then the template's default version is used. You can use a different version for node group updates.", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::FSx::FileSystem.LustreConfiguration": { + "AWS::EKS::Nodegroup.NodeRepairConfig": { "additionalProperties": false, "properties": { - "AutoImportPolicy": { - "markdownDescription": "(Optional) When you create your file system, your existing S3 objects appear as file and directory listings. Use this property to choose how Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. `AutoImportPolicy` can have the following values:\n\n- `NONE` - (Default) AutoImport is off. Amazon FSx only updates file and directory listings from the linked S3 bucket when the file system is created. FSx does not update file and directory listings for any new or changed objects after choosing this option.\n- `NEW` - AutoImport is on. Amazon FSx automatically imports directory listings of any new objects added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `NEW_CHANGED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket and any existing objects that are changed in the S3 bucket after you choose this option.\n- `NEW_CHANGED_DELETED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket, any existing objects that are changed in the S3 bucket, and any objects that were deleted in the S3 bucket.\n\nFor more information, see [Automatically import updates from your S3 bucket](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) .\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "AutoImportPolicy", - "type": "string" - }, - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `0` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "CopyTagsToBackups": { - "markdownDescription": "(Optional) Not available for use with file systems that are linked to a data repository. A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. If `CopyTagsToBackups` is set to true, all file system tags are copied to all automatic and user-initiated backups when the user doesn't specify any backup-specific tags. If `CopyTagsToBackups` is set to true and you specify one or more backup tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.\n\n(Default = `false` )\n\nFor more information, see [Working with backups](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-backups-fsx.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "CopyTagsToBackups", + "Enabled": { + "markdownDescription": "Specifies whether to enable node auto repair for the node group. Node auto repair is disabled by default.", + "title": "Enabled", "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DataCompressionType": { - "markdownDescription": "Sets the data compression configuration for the file system. `DataCompressionType` can have the following values:\n\n- `NONE` - (Default) Data compression is turned off when the file system is created.\n- `LZ4` - Data compression is turned on with the LZ4 algorithm.\n\nFor more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* .", - "title": "DataCompressionType", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "(Optional) Choose `SCRATCH_1` and `SCRATCH_2` deployment types when you need temporary storage and shorter-term processing of data. The `SCRATCH_2` deployment type provides in-transit encryption of data and higher burst throughput capacity than `SCRATCH_1` .\n\nChoose `PERSISTENT_1` for longer-term storage and for throughput-focused workloads that aren\u2019t latency-sensitive. `PERSISTENT_1` supports encryption of data in transit, and is available in all AWS Regions in which FSx for Lustre is available.\n\nChoose `PERSISTENT_2` for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. `PERSISTENT_2` supports the SSD and Intelligent-Tiering storage classes. You can optionally specify a metadata configuration mode for `PERSISTENT_2` which supports increasing metadata performance. `PERSISTENT_2` is available in a limited number of AWS Regions . For more information, and an up-to-date list of AWS Regions in which `PERSISTENT_2` is available, see [Deployment and storage class options for FSx for Lustre file systems](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html) in the *Amazon FSx for Lustre User Guide* .\n\n> If you choose `PERSISTENT_2` , and you set `FileSystemTypeVersion` to `2.10` , the `CreateFileSystem` operation fails. \n\nEncryption of data in transit is automatically turned on when you access `SCRATCH_2` , `PERSISTENT_1` , and `PERSISTENT_2` file systems from Amazon EC2 instances that support automatic encryption in the AWS Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see [Encrypting data in transit](https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) in the *Amazon FSx for Lustre User Guide* .\n\n(Default = `SCRATCH_1` )", - "title": "DeploymentType", - "type": "string" - }, - "DriveCacheType": { - "markdownDescription": "The type of drive cache used by `PERSISTENT_1` file systems that are provisioned with HDD storage devices. This parameter is required when storage type is HDD. Set this property to `READ` to improve the performance for frequently accessed files by caching up to 20% of the total storage capacity of the file system.\n\nThis parameter is required when `StorageType` is set to `HDD` and `DeploymentType` is `PERSISTENT_1` .", - "title": "DriveCacheType", - "type": "string" - }, - "ExportPath": { - "markdownDescription": "(Optional) Specifies the path in the Amazon S3 bucket where the root of your Amazon FSx file system is exported. The path must use the same Amazon S3 bucket as specified in ImportPath. You can provide an optional prefix to which new and changed data is to be exported from your Amazon FSx for Lustre file system. If an `ExportPath` value is not provided, Amazon FSx sets a default export path, `s3://import-bucket/FSxLustre[creation-timestamp]` . The timestamp is in UTC format, for example `s3://import-bucket/FSxLustre20181105T222312Z` .\n\nThe Amazon S3 export bucket must be the same as the import bucket specified by `ImportPath` . If you specify only a bucket name, such as `s3://import-bucket` , you get a 1:1 mapping of file system objects to S3 bucket objects. This mapping means that the input data in S3 is overwritten on export. If you provide a custom prefix in the export path, such as `s3://import-bucket/[custom-optional-prefix]` , Amazon FSx exports the contents of your file system to that export prefix in the Amazon S3 bucket.\n\n> This parameter is not supported for file systems with a data repository association.", - "title": "ExportPath", - "type": "string" - }, - "ImportPath": { - "markdownDescription": "(Optional) The path to the Amazon S3 bucket (including the optional prefix) that you're using as the data repository for your Amazon FSx for Lustre file system. The root of your FSx for Lustre file system will be mapped to the root of the Amazon S3 bucket you select. An example is `s3://import-bucket/optional-prefix` . If you specify a prefix after the Amazon S3 bucket name, only object keys with that prefix are loaded into the file system.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "ImportPath", - "type": "string" - }, - "ImportedFileChunkSize": { - "markdownDescription": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", - "title": "ImportedFileChunkSize", - "type": "number" - }, - "PerUnitStorageThroughput": { - "markdownDescription": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", - "title": "PerUnitStorageThroughput", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", - "type": "string" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.NfsExports": { - "additionalProperties": false, - "properties": { - "ClientConfigurations": { - "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.ClientConfigurations" - }, - "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", - "title": "ClientConfigurations", - "type": "array" } }, "type": "object" }, - "AWS::FSx::FileSystem.OntapConfiguration": { + "AWS::EKS::Nodegroup.RemoteAccess": { "additionalProperties": false, "properties": { - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", - "type": "number" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the FSx for ONTAP file system deployment type to use in creating the file system.\n\n- `MULTI_AZ_1` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. This is a first-generation FSx for ONTAP file system.\n- `MULTI_AZ_2` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary AZ unavailability. This is a second-generation FSx for ONTAP file system.\n- `SINGLE_AZ_1` - A file system configured for Single-AZ redundancy. This is a first-generation FSx for ONTAP file system.\n- `SINGLE_AZ_2` - A file system configured with multiple high-availability (HA) pairs for Single-AZ redundancy. This is a second-generation FSx for ONTAP file system.\n\nFor information about the use cases for Multi-AZ and Single-AZ deployments, refer to [Choosing a file system deployment type](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-AZ.html) .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS configuration for the FSx for ONTAP file system.", - "title": "DiskIopsConfiguration" - }, - "EndpointIpAddressRange": { - "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API, Amazon FSx selects an unused IP address range for you from the 198.19.* range. By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses from the VPC\u2019s primary CIDR range to use as the endpoint IP address range for the file system. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", - "title": "EndpointIpAddressRange", - "type": "string" - }, - "FsxAdminPassword": { - "markdownDescription": "The ONTAP administrative password for the `fsxadmin` user with which you administer your file system using the NetApp ONTAP CLI and REST API.", - "title": "FsxAdminPassword", - "type": "string" - }, - "HAPairs": { - "markdownDescription": "Specifies how many high-availability (HA) pairs of file servers will power your file system. First-generation file systems are powered by 1 HA pair. Second-generation multi-AZ file systems are powered by 1 HA pair. Second generation single-AZ file systems are powered by up to 12 HA pairs. The default value is 1. The value of this property affects the values of `StorageCapacity` , `Iops` , and `ThroughputCapacity` . For more information, see [High-availability (HA) pairs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/administering-file-systems.html#HA-pairs) in the FSx for ONTAP user guide. Block storage protocol support (iSCSI and NVMe over TCP) is disabled on file systems with more than 6 HA pairs. For more information, see [Using block storage protocols](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/supported-fsx-clients.html#using-block-storage) .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `HAPairs` is less than 1 or greater than 12.\n- The value of `HAPairs` is greater than 1 and the value of `DeploymentType` is `SINGLE_AZ_1` , `MULTI_AZ_1` , or `MULTI_AZ_2` .", - "title": "HAPairs", - "type": "number" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` or `MULTI_AZ_2` . This specifies the subnet in which you want the preferred file server to be located.", - "title": "PreferredSubnetId", + "Ec2SshKey": { + "markdownDescription": "The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* .", + "title": "Ec2SshKey", "type": "string" }, - "RouteTableIds": { + "SourceSecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n\n> Amazon FSx manages these route tables for Multi-AZ file systems using tag-based authentication. These route tables are tagged with `Key: AmazonFSx; Value: ManagedByAmazonFSx` . When creating FSx for ONTAP Multi-AZ file systems using AWS CloudFormation we recommend that you add the `Key: AmazonFSx; Value: ManagedByAmazonFSx` tag manually.", - "title": "RouteTableIds", + "markdownDescription": "The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "SourceSecurityGroups", "type": "array" - }, - "ThroughputCapacity": { - "markdownDescription": "Sets the throughput capacity for the file system that you're creating in megabytes per second (MBps). For more information, see [Managing throughput capacity](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) in the FSx for ONTAP User Guide.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value.\n- The value of `ThroughputCapacity` when divided by the value of `HAPairs` is outside of the valid range for `ThroughputCapacity` .", - "title": "ThroughputCapacity", - "type": "number" - }, - "ThroughputCapacityPerHAPair": { - "markdownDescription": "Use to choose the throughput capacity per HA pair, rather than the total throughput for the file system.\n\nYou can define either the `ThroughputCapacityPerHAPair` or the `ThroughputCapacity` when creating a file system, but not both.\n\nThis field and `ThroughputCapacity` are the same for file systems powered by one HA pair.\n\n- For `SINGLE_AZ_1` and `MULTI_AZ_1` file systems, valid values are 128, 256, 512, 1024, 2048, or 4096 MBps.\n- For `SINGLE_AZ_2` , valid values are 1536, 3072, or 6144 MBps.\n- For `MULTI_AZ_2` , valid values are 384, 768, 1536, 3072, or 6144 MBps.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value for file systems with one HA pair.\n- The value of deployment type is `SINGLE_AZ_2` and `ThroughputCapacity` / `ThroughputCapacityPerHAPair` is not a valid HA pair (a value between 1 and 12).\n- The value of `ThroughputCapacityPerHAPair` is not a valid value.", - "title": "ThroughputCapacityPerHAPair", - "type": "number" - }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", - "type": "string" } }, "required": [ - "DeploymentType" + "Ec2SshKey" ], "type": "object" }, - "AWS::FSx::FileSystem.OpenZFSConfiguration": { + "AWS::EKS::Nodegroup.ScalingConfig": { "additionalProperties": false, "properties": { - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", + "DesiredSize": { + "markdownDescription": "The current number of nodes that the managed node group should maintain.\n\n> If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. \n\nWhenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template.\n\nThis parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` .", + "title": "DesiredSize", "type": "number" }, - "CopyTagsToBackups": { - "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to backups. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "CopyTagsToVolumes": { - "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to volumes. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to volumes where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to volumes. If you specify one or more tags when creating the volume, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToVolumes", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the file system deployment type. Valid values are the following:\n\n- `MULTI_AZ_1` - Creates file systems with high availability and durability by replicating your data and supporting failover across multiple Availability Zones in the same AWS Region .\n- `SINGLE_AZ_HA_2` - Creates file systems with high availability and throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_HA_1` - Creates file systems with high availability and throughput capacities of 64 - 4,096 MB/s by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_2` - Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache that automatically recover within a single Availability Zone.\n- `SINGLE_AZ_1` - Creates file systems with throughput capacities of 64 - 4,096 MBs that automatically recover within a single Availability Zone.\n\nFor a list of which AWS Regions each deployment type is available in, see [Deployment type availability](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) . For more information on the differences in performance between deployment types, see [File system performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS file system. By default, Amazon FSx automatically provisions 3 IOPS per GB of storage capacity. You can provision additional IOPS per GB of storage. The configuration consists of the total number of provisioned SSD IOPS and how it is was provisioned, or the mode (by the customer or by Amazon FSx).", - "title": "DiskIopsConfiguration" - }, - "EndpointIpAddressRange": { - "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API and Amazon FSx console, Amazon FSx selects an available /28 IP address range for you from one of the VPC's CIDR ranges. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", - "title": "EndpointIpAddressRange", - "type": "string" - }, - "Options": { - "items": { - "type": "string" - }, - "markdownDescription": "To delete a file system if there are child volumes present below the root volume, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` . If your file system has child volumes and you don't use this option, the delete request will fail.", - "title": "Options", - "type": "array" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located.", - "title": "PreferredSubnetId", - "type": "string" - }, - "RootVolumeConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.RootVolumeConfiguration", - "markdownDescription": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", - "title": "RootVolumeConfiguration" - }, - "RouteTableIds": { - "items": { - "type": "string" - }, - "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", - "title": "RouteTableIds", - "type": "array" - }, - "ThroughputCapacity": { - "markdownDescription": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Required if you are creating a new file system.\n\nValid values depend on the `DeploymentType` that you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", - "title": "ThroughputCapacity", + "MaxSize": { + "markdownDescription": "The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* .", + "title": "MaxSize", "type": "number" }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", - "title": "WeeklyMaintenanceStartTime", - "type": "string" - } - }, - "required": [ - "DeploymentType" - ], - "type": "object" - }, - "AWS::FSx::FileSystem.RootVolumeConfiguration": { - "additionalProperties": false, - "properties": { - "CopyTagsToSnapshots": { - "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots of the volume. This value defaults to `false` . If it's set to `true` , all tags for the volume are copied to snapshots where the user doesn't specify tags. If this value is `true` and you specify one or more tags, only the specified tags are copied to snapshots. If you specify one or more tags when creating the snapshot, no tags are copied from the volume, regardless of this value.", - "title": "CopyTagsToSnapshots", - "type": "boolean" - }, - "DataCompressionType": { - "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", - "title": "DataCompressionType", - "type": "string" - }, - "NfsExports": { - "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.NfsExports" - }, - "markdownDescription": "The configuration object for mounting a file system.", - "title": "NfsExports", - "type": "array" - }, - "ReadOnly": { - "markdownDescription": "A Boolean value indicating whether the volume is read-only. Setting this value to `true` can be useful after you have completed changes to a volume and no longer want changes to occur.", - "title": "ReadOnly", - "type": "boolean" - }, - "RecordSizeKiB": { - "markdownDescription": "Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB. The default is 128 KiB. Most workloads should use the default record size. Database workflows can benefit from a smaller record size, while streaming workflows can benefit from a larger record size. For additional guidance on setting a custom record size, see [Tips for maximizing performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#performance-tips-zfs) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "RecordSizeKiB", + "MinSize": { + "markdownDescription": "The minimum number of nodes that the managed node group can scale in to.", + "title": "MinSize", "type": "number" - }, - "UserAndGroupQuotas": { - "items": { - "$ref": "#/definitions/AWS::FSx::FileSystem.UserAndGroupQuotas" - }, - "markdownDescription": "An object specifying how much storage users or groups can use on the volume.", - "title": "UserAndGroupQuotas", - "type": "array" } }, "type": "object" }, - "AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration": { + "AWS::EKS::Nodegroup.Taint": { "additionalProperties": false, "properties": { - "DnsIps": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", - "title": "DnsIps", - "type": "array" - }, - "DomainName": { - "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", - "title": "DomainName", - "type": "string" - }, - "FileSystemAdministratorsGroup": { - "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", - "title": "FileSystemAdministratorsGroup", - "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", - "title": "OrganizationalUnitDistinguishedName", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", - "title": "Password", + "Effect": { + "markdownDescription": "The effect of the taint.", + "title": "Effect", "type": "string" }, - "UserName": { - "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", - "title": "UserName", + "Key": { + "markdownDescription": "The key of the taint.", + "title": "Key", "type": "string" - } - }, - "type": "object" - }, - "AWS::FSx::FileSystem.UserAndGroupQuotas": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the user or group that the quota applies to.", - "title": "Id", - "type": "number" - }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", - "title": "StorageCapacityQuotaGiB", - "type": "number" }, - "Type": { - "markdownDescription": "Specifies whether the quota applies to a user or group.", - "title": "Type", + "Value": { + "markdownDescription": "The value of the taint.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::FSx::FileSystem.WindowsConfiguration": { + "AWS::EKS::Nodegroup.UpdateConfig": { "additionalProperties": false, "properties": { - "ActiveDirectoryId": { - "markdownDescription": "The ID for an existing AWS Managed Microsoft Active Directory (AD) instance that the file system should join when it's created. Required if you are joining the file system to an existing AWS Managed Microsoft AD.", - "title": "ActiveDirectoryId", - "type": "string" - }, - "Aliases": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of one or more DNS alias names that you want to associate with the Amazon FSx file system. Aliases allow you to use existing DNS names to access the data in your Amazon FSx file system. You can associate up to 50 aliases with a file system at any time.\n\nFor more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) and [Walkthrough 5: Using DNS aliases to access your file system](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/walkthrough05-file-system-custom-CNAME.html) , including additional steps you must take to be able to access your file system using a DNS alias.\n\nAn alias name has to meet the following requirements:\n\n- Formatted as a fully-qualified domain name (FQDN), `hostname.domain` , for example, `accounting.example.com` .\n- Can contain alphanumeric characters, the underscore (_), and the hyphen (-).\n- Cannot start or end with a hyphen.\n- Can start with a numeric.\n\nFor DNS alias names, Amazon FSx stores alphabetical characters as lowercase letters (a-z), regardless of how you specify them: as uppercase letters, lowercase letters, or the corresponding letters in escape codes.", - "title": "Aliases", - "type": "array" - }, - "AuditLogConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.AuditLogConfiguration", - "markdownDescription": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system.", - "title": "AuditLogConfiguration" - }, - "AutomaticBackupRetentionDays": { - "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", - "title": "AutomaticBackupRetentionDays", + "MaxUnavailable": { + "markdownDescription": "The maximum number of nodes unavailable at once during a version update. Nodes are updated in parallel. This value or `maxUnavailablePercentage` is required to have a value.The maximum number is 100.", + "title": "MaxUnavailable", "type": "number" }, - "CopyTagsToBackups": { - "markdownDescription": "A boolean flag indicating whether tags for the file system should be copied to backups. This value defaults to false. If it's set to true, all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "boolean" - }, - "DailyAutomaticBackupStartTime": { - "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", - "title": "DailyAutomaticBackupStartTime", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies the file system deployment type, valid values are the following:\n\n- `MULTI_AZ_1` - Deploys a high availability file system that is configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. You can only deploy a Multi-AZ file system in AWS Regions that have a minimum of three Availability Zones. Also supports HDD storage type\n- `SINGLE_AZ_1` - (Default) Choose to deploy a file system that is configured for single AZ redundancy.\n- `SINGLE_AZ_2` - The latest generation Single AZ file system. Specifies a file system that is configured for single AZ redundancy and supports HDD storage type.\n\nFor more information, see [Availability and Durability: Single-AZ and Multi-AZ File Systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) .", - "title": "DeploymentType", - "type": "string" - }, - "DiskIopsConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", - "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", - "title": "DiskIopsConfiguration" - }, - "PreferredSubnetId": { - "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", - "title": "PreferredSubnetId", - "type": "string" - }, - "SelfManagedActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration", - "markdownDescription": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [Using Amazon FSx for Windows with your self-managed Microsoft Active Directory](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) or [Managing FSx for ONTAP SVMs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) .", - "title": "SelfManagedActiveDirectoryConfiguration" - }, - "ThroughputCapacity": { - "markdownDescription": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", - "title": "ThroughputCapacity", + "MaxUnavailablePercentage": { + "markdownDescription": "The maximum percentage of nodes unavailable during a version update. This percentage of nodes are updated in parallel, up to 100 nodes at once. This value or `maxUnavailable` is required to have a value.", + "title": "MaxUnavailablePercentage", "type": "number" }, - "WeeklyMaintenanceStartTime": { - "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.", - "title": "WeeklyMaintenanceStartTime", + "UpdateStrategy": { + "markdownDescription": "The configuration for the behavior to follow during a node group version update of this managed node group. You choose between two possible strategies for replacing nodes during an [`UpdateNodegroupVersion`](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateNodegroupVersion.html) action.\n\nAn Amazon EKS managed node group updates by replacing nodes with new nodes of newer AMI versions in parallel. The *update strategy* changes the managed node update behavior of the managed node group for each quantity. The *default* strategy has guardrails to protect you from misconfiguration and launches the new instances first, before terminating the old instances. The *minimal* strategy removes the guardrails and terminates the old instances before launching the new instances. This minimal strategy is useful in scenarios where you are constrained to resources or costs (for example, with hardware accelerators such as GPUs).", + "title": "UpdateStrategy", "type": "string" } }, - "required": [ - "ThroughputCapacity" - ], "type": "object" }, - "AWS::FSx::Snapshot": { + "AWS::EKS::PodIdentityAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -100337,34 +108940,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the snapshot.", - "title": "Name", + "ClusterName": { + "markdownDescription": "The name of the cluster that the association is in.", + "title": "ClusterName", + "type": "string" + }, + "DisableSessionTags": { + "markdownDescription": "The state of the automatic sessions tags. The value of *true* disables these tags.\n\nEKS Pod Identity adds a pre-defined set of session tags when it assumes the role. You can use these tags to author a single role that can work across resources by allowing access to AWS resources based on matching tags. By default, EKS Pod Identity attaches six tags, including tags for cluster name, namespace, and service account name. For the list of tags added by EKS Pod Identity, see [List of session tags added by EKS Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-id-abac.html#pod-id-abac-tags) in the *Amazon EKS User Guide* .", + "title": "DisableSessionTags", + "type": "boolean" + }, + "Namespace": { + "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the Pods that use the service account must be in this namespace.", + "title": "Namespace", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.", + "title": "RoleArn", + "type": "string" + }, + "ServiceAccount": { + "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", + "title": "ServiceAccount", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" }, - "VolumeId": { - "markdownDescription": "The ID of the volume that the snapshot is of.", - "title": "VolumeId", + "TargetRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target IAM role to associate with the service account. This role is assumed by using the EKS Pod Identity association role, then the credentials for this role are injected into the Pod.", + "title": "TargetRoleArn", "type": "string" } }, "required": [ - "Name", - "VolumeId" + "ClusterName", + "Namespace", + "RoleArn", + "ServiceAccount" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::Snapshot" + "AWS::EKS::PodIdentityAssociation" ], "type": "string" }, @@ -100383,7 +109008,7 @@ ], "type": "object" }, - "AWS::FSx::StorageVirtualMachine": { + "AWS::EMR::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -100418,49 +109043,171 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration", - "markdownDescription": "Describes the Microsoft Active Directory configuration to which the SVM is joined, if applicable.", - "title": "ActiveDirectoryConfiguration" + "AdditionalInfo": { + "markdownDescription": "A JSON string for selecting additional features.", + "title": "AdditionalInfo", + "type": "object" }, - "FileSystemId": { - "markdownDescription": "Specifies the FSx for ONTAP file system on which to create the SVM.", - "title": "FileSystemId", + "Applications": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Application" + }, + "markdownDescription": "The applications to install on this cluster, for example, Spark, Flink, Oozie, Zeppelin, and so on.", + "title": "Applications", + "type": "array" + }, + "AutoScalingRole": { + "markdownDescription": "An IAM role for automatic scaling policies. The default role is `EMR_AutoScaling_DefaultRole` . The IAM role provides permissions that the automatic scaling feature requires to launch and terminate Amazon EC2 instances in an instance group.", + "title": "AutoScalingRole", + "type": "string" + }, + "AutoTerminationPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.AutoTerminationPolicy", + "markdownDescription": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see [Control cluster termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) .", + "title": "AutoTerminationPolicy" + }, + "BootstrapActions": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.BootstrapActionConfig" + }, + "markdownDescription": "A list of bootstrap actions to run before Hadoop starts on the cluster nodes.", + "title": "BootstrapActions", + "type": "array" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + }, + "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", + "title": "Configurations", + "type": "array" + }, + "CustomAmiId": { + "markdownDescription": "Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.", + "title": "CustomAmiId", + "type": "string" + }, + "EbsRootVolumeIops": { + "markdownDescription": "The IOPS, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", + "title": "EbsRootVolumeIops", + "type": "number" + }, + "EbsRootVolumeSize": { + "markdownDescription": "The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.", + "title": "EbsRootVolumeSize", + "type": "number" + }, + "EbsRootVolumeThroughput": { + "markdownDescription": "The throughput, in MiB/s, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", + "title": "EbsRootVolumeThroughput", + "type": "number" + }, + "Instances": { + "$ref": "#/definitions/AWS::EMR::Cluster.JobFlowInstancesConfig", + "markdownDescription": "A specification of the number and type of Amazon EC2 instances.", + "title": "Instances" + }, + "JobFlowRole": { + "markdownDescription": "Also called instance profile and Amazon EC2 role. An IAM role for an Amazon EMR cluster. The Amazon EC2 instances of the cluster assume this role. The default role is `EMR_EC2_DefaultRole` . In order to use the default role, you must have already created it using the AWS CLI or console.", + "title": "JobFlowRole", + "type": "string" + }, + "KerberosAttributes": { + "$ref": "#/definitions/AWS::EMR::Cluster.KerberosAttributes", + "markdownDescription": "Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration. For more information see [Use Kerberos Authentication](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-kerberos.html) in the *Amazon EMR Management Guide* .", + "title": "KerberosAttributes" + }, + "LogEncryptionKmsKeyId": { + "markdownDescription": "The AWS KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding Amazon EMR 6.0.0.", + "title": "LogEncryptionKmsKeyId", + "type": "string" + }, + "LogUri": { + "markdownDescription": "The path to the Amazon S3 location where logs for this cluster are stored.", + "title": "LogUri", "type": "string" }, + "ManagedScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.ManagedScalingPolicy", + "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "ManagedScalingPolicy" + }, "Name": { - "markdownDescription": "The name of the SVM.", + "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", "title": "Name", "type": "string" }, - "RootVolumeSecurityStyle": { - "markdownDescription": "The security style of the root volume of the SVM. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Microsoft Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Microsoft Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style.html) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "RootVolumeSecurityStyle", + "OSReleaseLabel": { + "markdownDescription": "The Amazon Linux release specified in a cluster launch RunJobFlow request. If no Amazon Linux release was specified, the default Amazon Linux release is shown in the response.", + "title": "OSReleaseLabel", "type": "string" }, - "SvmAdminPassword": { - "markdownDescription": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's `fsxadmin` user to manage the SVM. For more information, see [Managing SVMs using the NetApp ONTAP CLI](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-resources-ontap-apps.html#vsadmin-ontap-cli) in the *FSx for ONTAP User Guide* .", - "title": "SvmAdminPassword", + "PlacementGroupConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.PlacementGroupConfig" + }, + "markdownDescription": "", + "title": "PlacementGroupConfigs", + "type": "array" + }, + "ReleaseLabel": { + "markdownDescription": "The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form `emr-x.x.x` , where x.x.x is an Amazon EMR release version such as `emr-5.14.0` . For more information about Amazon EMR release versions and included application versions and features, see [](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/) . The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use `AmiVersion` .", + "title": "ReleaseLabel", + "type": "string" + }, + "ScaleDownBehavior": { + "markdownDescription": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. `TERMINATE_AT_INSTANCE_HOUR` indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. `TERMINATE_AT_TASK_COMPLETION` indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. `TERMINATE_AT_TASK_COMPLETION` is available only in Amazon EMR releases 4.1.0 and later, and is the default for versions of Amazon EMR earlier than 5.1.0.", + "title": "ScaleDownBehavior", + "type": "string" + }, + "SecurityConfiguration": { + "markdownDescription": "The name of the security configuration applied to the cluster.", + "title": "SecurityConfiguration", + "type": "string" + }, + "ServiceRole": { + "markdownDescription": "The IAM role that Amazon EMR assumes in order to access AWS resources on your behalf.", + "title": "ServiceRole", "type": "string" }, + "StepConcurrencyLevel": { + "markdownDescription": "Specifies the number of steps that can be executed concurrently. The default value is `1` . The maximum value is `256` .", + "title": "StepConcurrencyLevel", + "type": "number" + }, + "Steps": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.StepConfig" + }, + "markdownDescription": "A list of steps to run.", + "title": "Steps", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "markdownDescription": "A list of tags associated with a cluster.", "title": "Tags", "type": "array" + }, + "VisibleToAllUsers": { + "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", + "title": "VisibleToAllUsers", + "type": "boolean" } }, "required": [ - "FileSystemId", - "Name" + "Instances", + "JobFlowRole", + "Name", + "ServiceRole" ], "type": "object" }, "Type": { "enum": [ - "AWS::FSx::StorageVirtualMachine" + "AWS::EMR::Cluster" ], "type": "string" }, @@ -100479,528 +109226,1009 @@ ], "type": "object" }, - "AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration": { + "AWS::EMR::Cluster.Application": { "additionalProperties": false, "properties": { - "NetBiosName": { - "markdownDescription": "The NetBIOS name of the Active Directory computer object that will be created for your SVM.", - "title": "NetBiosName", - "type": "string" + "AdditionalInfo": { + "additionalProperties": true, + "markdownDescription": "This option is for advanced users only. This is meta information about clusters and applications that are used for testing and troubleshooting.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalInfo", + "type": "object" }, - "SelfManagedActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration", - "markdownDescription": "The configuration that Amazon FSx uses to join the ONTAP storage virtual machine (SVM) to your self-managed (including on-premises) Microsoft Active Directory directory.", - "title": "SelfManagedActiveDirectoryConfiguration" - } - }, - "type": "object" - }, - "AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration": { - "additionalProperties": false, - "properties": { - "DnsIps": { + "Args": { "items": { "type": "string" }, - "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", - "title": "DnsIps", + "markdownDescription": "Arguments for Amazon EMR to pass to the application.", + "title": "Args", "type": "array" }, - "DomainName": { - "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", - "title": "DomainName", - "type": "string" - }, - "FileSystemAdministratorsGroup": { - "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", - "title": "FileSystemAdministratorsGroup", - "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", - "title": "OrganizationalUnitDistinguishedName", - "type": "string" - }, - "Password": { - "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", - "title": "Password", + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", "type": "string" }, - "UserName": { - "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", - "title": "UserName", + "Version": { + "markdownDescription": "The version of the application.", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::FSx::Volume": { + "AWS::EMR::Cluster.AutoScalingPolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Constraints": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingConstraints", + "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", + "title": "Constraints" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BackupId": { - "markdownDescription": "Specifies the ID of the volume backup to use to create a new volume.", - "title": "BackupId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the volume.", - "title": "Name", - "type": "string" - }, - "OntapConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.OntapConfiguration", - "markdownDescription": "The configuration of an Amazon FSx for NetApp ONTAP volume.", - "title": "OntapConfiguration" - }, - "OpenZFSConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.OpenZFSConfiguration", - "markdownDescription": "The configuration of an Amazon FSx for OpenZFS volume.", - "title": "OpenZFSConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "VolumeType": { - "markdownDescription": "The type of the volume.", - "title": "VolumeType", - "type": "string" - } + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingRule" }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::FSx::Volume" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", + "title": "Rules", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Constraints", + "Rules" ], "type": "object" }, - "AWS::FSx::Volume.AggregateConfiguration": { + "AWS::EMR::Cluster.AutoTerminationPolicy": { "additionalProperties": false, "properties": { - "Aggregates": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregates that this volume resides on. Aggregates are storage pools which make up your primary storage tier. Each high-availability (HA) pair has one aggregate. The names of the aggregates map to the names of the aggregates in the ONTAP CLI and REST API. For FlexVols, there will always be a single entry.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The strings in the value of `Aggregates` are not are not formatted as `aggrX` , where X is a number between 1 and 12.\n- The value of `Aggregates` contains aggregates that are not present.\n- One or more of the aggregates supplied are too close to the volume limit to support adding more volumes.", - "title": "Aggregates", - "type": "array" - }, - "ConstituentsPerAggregate": { - "markdownDescription": "Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. This field is optional when creating a FlexGroup volume. If unspecified, the default value will be 8. This field cannot be provided when creating a FlexVol volume.", - "title": "ConstituentsPerAggregate", + "IdleTimeout": { + "markdownDescription": "Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of 60 seconds and a maximum of 604800 seconds (seven days).", + "title": "IdleTimeout", "type": "number" } }, "type": "object" }, - "AWS::FSx::Volume.AutocommitPeriod": { + "AWS::EMR::Cluster.BootstrapActionConfig": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Defines the type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. The default value is `NONE` .", - "title": "Type", + "Name": { + "markdownDescription": "The name of the bootstrap action.", + "title": "Name", "type": "string" }, - "Value": { - "markdownDescription": "Defines the amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. The following ranges are valid:\n\n- `Minutes` : 5 - 65,535\n- `Hours` : 1 - 65,535\n- `Days` : 1 - 3,650\n- `Months` : 1 - 120\n- `Years` : 1 - 10", - "title": "Value", - "type": "number" + "ScriptBootstrapAction": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScriptBootstrapActionConfig", + "markdownDescription": "The script run by the bootstrap action.", + "title": "ScriptBootstrapAction" } }, "required": [ - "Type" + "Name", + "ScriptBootstrapAction" ], "type": "object" }, - "AWS::FSx::Volume.ClientConfigurations": { + "AWS::EMR::Cluster.CloudWatchAlarmDefinition": { "additionalProperties": false, "properties": { - "Clients": { - "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", - "title": "Clients", + "ComparisonOperator": { + "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", + "title": "ComparisonOperator", "type": "string" }, - "Options": { + "Dimensions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMR::Cluster.MetricDimension" }, - "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", - "title": "Options", + "markdownDescription": "A CloudWatch metric dimension.", + "title": "Dimensions", "type": "array" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", + "title": "EvaluationPeriods", + "type": "number" + }, + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", + "title": "Namespace", + "type": "string" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", + "title": "Statistic", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", + "title": "Unit", + "type": "string" } }, "required": [ - "Clients", - "Options" + "ComparisonOperator", + "MetricName", + "Period", + "Threshold" ], "type": "object" }, - "AWS::FSx::Volume.NfsExports": { + "AWS::EMR::Cluster.ComputeLimits": { "additionalProperties": false, "properties": { - "ClientConfigurations": { + "MaximumCapacityUnits": { + "markdownDescription": "The upper boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "MaximumCapacityUnits", + "type": "number" + }, + "MaximumCoreCapacityUnits": { + "markdownDescription": "The upper boundary of Amazon EC2 units for core node type in a cluster. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The core units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between core and task nodes.", + "title": "MaximumCoreCapacityUnits", + "type": "number" + }, + "MaximumOnDemandCapacityUnits": { + "markdownDescription": "The upper boundary of On-Demand Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The On-Demand units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between On-Demand and Spot Instances.", + "title": "MaximumOnDemandCapacityUnits", + "type": "number" + }, + "MinimumCapacityUnits": { + "markdownDescription": "The lower boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "MinimumCapacityUnits", + "type": "number" + }, + "UnitType": { + "markdownDescription": "The unit type used for specifying a managed scaling policy.", + "title": "UnitType", + "type": "string" + } + }, + "required": [ + "MaximumCapacityUnits", + "MinimumCapacityUnits", + "UnitType" + ], + "type": "object" + }, + "AWS::EMR::Cluster.Configuration": { + "additionalProperties": false, + "properties": { + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", + "type": "string" + }, + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConfigurationProperties", + "type": "object" + }, + "Configurations": { "items": { - "$ref": "#/definitions/AWS::FSx::Volume.ClientConfigurations" + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, - "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", - "title": "ClientConfigurations", + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", "type": "array" } }, + "type": "object" + }, + "AWS::EMR::Cluster.EbsBlockDeviceConfig": { + "additionalProperties": false, + "properties": { + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" + }, + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" + } + }, "required": [ - "ClientConfigurations" + "VolumeSpecification" ], "type": "object" }, - "AWS::FSx::Volume.OntapConfiguration": { + "AWS::EMR::Cluster.EbsConfiguration": { "additionalProperties": false, "properties": { - "AggregateConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.AggregateConfiguration", - "markdownDescription": "Used to specify the configuration options for an FSx for ONTAP volume's storage aggregate or aggregates.", - "title": "AggregateConfiguration" + "EbsBlockDeviceConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsBlockDeviceConfig" + }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", + "type": "array" }, - "CopyTagsToBackups": { - "markdownDescription": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to false. If it's set to true, all tags for the volume are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the volume, regardless of this value.", - "title": "CopyTagsToBackups", - "type": "string" + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.HadoopJarStepConfig": { + "additionalProperties": false, + "properties": { + "Args": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", + "title": "Args", + "type": "array" }, - "JunctionPath": { - "markdownDescription": "Specifies the location in the SVM's namespace where the volume is mounted. This parameter is required. The `JunctionPath` must have a leading forward slash, such as `/vol3` .", - "title": "JunctionPath", + "Jar": { + "markdownDescription": "A path to a JAR file run during the step.", + "title": "Jar", "type": "string" }, - "OntapVolumeType": { - "markdownDescription": "Specifies the type of volume you are creating. Valid values are the following:\n\n- `RW` specifies a read/write volume. `RW` is the default.\n- `DP` specifies a data-protection volume. A `DP` volume is read-only and can be used as the destination of a NetApp SnapMirror relationship.\n\nFor more information, see [Volume types](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-types) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "OntapVolumeType", + "MainClass": { + "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", + "title": "MainClass", "type": "string" }, - "SecurityStyle": { - "markdownDescription": "Specifies the security style for the volume. If a volume's security style is not specified, it is automatically set to the root volume's security style. The security style determines the type of permissions that FSx for ONTAP uses to control data access. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see the topic [What the security styles and their effects are](https://docs.aws.amazon.com/https://docs.netapp.com/us-en/ontap/nfs-admin/security-styles-their-effects-concept.html) in the NetApp Documentation Center.\n\nFor more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-security-style) in the FSx for ONTAP User Guide.", - "title": "SecurityStyle", - "type": "string" + "StepProperties": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.KeyValue" + }, + "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key-value pairs to your main function.", + "title": "StepProperties", + "type": "array" + } + }, + "required": [ + "Jar" + ], + "type": "object" + }, + "AWS::EMR::Cluster.InstanceFleetConfig": { + "additionalProperties": false, + "properties": { + "InstanceTypeConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceTypeConfig" + }, + "markdownDescription": "The instance type configurations that define the Amazon EC2 instances in the instance fleet.", + "title": "InstanceTypeConfigs", + "type": "array" }, - "SizeInBytes": { - "markdownDescription": "Specifies the configured size of the volume, in bytes.", - "title": "SizeInBytes", - "type": "string" + "LaunchSpecifications": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications", + "markdownDescription": "The launch specification for the instance fleet.", + "title": "LaunchSpecifications" }, - "SizeInMegabytes": { - "markdownDescription": "Use `SizeInBytes` instead. Specifies the size of the volume, in megabytes (MB), that you are creating.", - "title": "SizeInMegabytes", + "Name": { + "markdownDescription": "The friendly name of the instance fleet.", + "title": "Name", "type": "string" }, - "SnaplockConfiguration": { - "$ref": "#/definitions/AWS::FSx::Volume.SnaplockConfiguration", - "markdownDescription": "The SnapLock configuration object for an FSx for ONTAP SnapLock volume.", - "title": "SnaplockConfiguration" + "ResizeSpecifications": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetResizingSpecifications", + "markdownDescription": "The resize specification for the instance fleet.", + "title": "ResizeSpecifications" }, - "SnapshotPolicy": { - "markdownDescription": "Specifies the snapshot policy for the volume. There are three built-in snapshot policies:\n\n- `default` : This is the default policy. A maximum of six hourly snapshots taken five minutes past the hour. A maximum of two daily snapshots taken Monday through Saturday at 10 minutes after midnight. A maximum of two weekly snapshots taken every Sunday at 15 minutes after midnight.\n- `default-1weekly` : This policy is the same as the `default` policy except that it only retains one snapshot from the weekly schedule.\n- `none` : This policy does not take any snapshots. This policy can be assigned to volumes to prevent automatic snapshots from being taken.\n\nYou can also provide the name of a custom policy that you created with the ONTAP CLI or REST API.\n\nFor more information, see [Snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "SnapshotPolicy", + "TargetOnDemandCapacity": { + "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetOnDemandCapacity", + "type": "number" + }, + "TargetSpotCapacity": { + "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetSpotCapacity", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications": { + "additionalProperties": false, + "properties": { + "OnDemandSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandProvisioningSpecification", + "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", + "title": "OnDemandSpecification" + }, + "SpotSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.SpotProvisioningSpecification", + "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", + "title": "SpotSpecification" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.InstanceFleetResizingSpecifications": { + "additionalProperties": false, + "properties": { + "OnDemandResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandResizingSpecification", + "markdownDescription": "The resize specification for On-Demand Instances in the instance fleet, which contains the allocation strategy, capacity reservation options, and the resize timeout period.", + "title": "OnDemandResizeSpecification" + }, + "SpotResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::Cluster.SpotResizingSpecification", + "markdownDescription": "The resize specification for Spot Instances in the instance fleet, which contains the allocation strategy and the resize timeout period.", + "title": "SpotResizeSpecification" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.InstanceGroupConfig": { + "additionalProperties": false, + "properties": { + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::Cluster.AutoScalingPolicy", + "markdownDescription": "`AutoScalingPolicy` is a subproperty of the [InstanceGroupConfig](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-emr-cluster-jobflowinstancesconfig-instancegroupconfig.html) property type that specifies the constraints and rules of an automatic scaling policy in Amazon EMR . The automatic scaling policy defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. Only core and task instance groups can use automatic scaling policies. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) .", + "title": "AutoScalingPolicy" + }, + "BidPrice": { + "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", + "title": "BidPrice", "type": "string" }, - "StorageEfficiencyEnabled": { - "markdownDescription": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume, or set to false to disable them.\n\n`StorageEfficiencyEnabled` is required when creating a `RW` volume ( `OntapVolumeType` set to `RW` ).", - "title": "StorageEfficiencyEnabled", + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + }, + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", + "title": "Configurations", + "type": "array" + }, + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", + "title": "CustomAmiId", "type": "string" }, - "StorageVirtualMachineId": { - "markdownDescription": "Specifies the ONTAP SVM in which to create the volume.", - "title": "StorageVirtualMachineId", + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", + "markdownDescription": "EBS configurations that will be attached to each Amazon EC2 instance in the instance group.", + "title": "EbsConfiguration" + }, + "InstanceCount": { + "markdownDescription": "Target number of instances for the instance group.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", + "title": "InstanceType", "type": "string" }, - "TieringPolicy": { - "$ref": "#/definitions/AWS::FSx::Volume.TieringPolicy", - "markdownDescription": "Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent tiering automatically transitions a volume's data between the file system's primary storage and capacity pool storage based on your access patterns.\n\nValid tiering policies are the following:\n\n- `SNAPSHOT_ONLY` - (Default value) moves cold snapshots to the capacity pool storage tier.\n\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", - "title": "TieringPolicy" + "Market": { + "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", + "title": "Market", + "type": "string" }, - "VolumeStyle": { - "markdownDescription": "Use to specify the style of an ONTAP volume. FSx for ONTAP offers two styles of volumes that you can use for different purposes, FlexVol and FlexGroup volumes. For more information, see [Volume styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-styles) in the Amazon FSx for NetApp ONTAP User Guide.", - "title": "VolumeStyle", + "Name": { + "markdownDescription": "Friendly name given to the instance group.", + "title": "Name", "type": "string" } }, "required": [ - "StorageVirtualMachineId" + "InstanceCount", + "InstanceType" ], "type": "object" }, - "AWS::FSx::Volume.OpenZFSConfiguration": { + "AWS::EMR::Cluster.InstanceTypeConfig": { "additionalProperties": false, "properties": { - "CopyTagsToSnapshots": { - "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots. This value defaults to `false` . If this value is set to `true` , and you do not specify any tags, all tags for the original volume are copied over to snapshots. If this value is\u00a0set to `true` , and you do specify one or more tags, only the specified tags for the original volume are copied over to snapshots. If you specify one or more tags when creating a new snapshot, no tags are copied over from the original volume, regardless of this value.", - "title": "CopyTagsToSnapshots", - "type": "boolean" + "BidPrice": { + "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPrice", + "type": "string" }, - "DataCompressionType": { - "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", - "title": "DataCompressionType", + "BidPriceAsPercentageOfOnDemandPrice": { + "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPriceAsPercentageOfOnDemandPrice", + "type": "number" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + }, + "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", + "title": "Configurations", + "type": "array" + }, + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the instance type.", + "title": "CustomAmiId", "type": "string" }, - "NfsExports": { + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", + "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", + "title": "EbsConfiguration" + }, + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", + "title": "InstanceType", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority at which Amazon EMR launches the Amazon EC2 instances with this instance type. Priority starts at 0, which is the highest priority. Amazon EMR considers the highest priority first.", + "title": "Priority", + "type": "number" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", + "title": "WeightedCapacity", + "type": "number" + } + }, + "required": [ + "InstanceType" + ], + "type": "object" + }, + "AWS::EMR::Cluster.JobFlowInstancesConfig": { + "additionalProperties": false, + "properties": { + "AdditionalMasterSecurityGroups": { "items": { - "$ref": "#/definitions/AWS::FSx::Volume.NfsExports" + "type": "string" }, - "markdownDescription": "The configuration object for mounting a Network File System (NFS) file system.", - "title": "NfsExports", + "markdownDescription": "A list of additional Amazon EC2 security group IDs for the master node.", + "title": "AdditionalMasterSecurityGroups", "type": "array" }, - "Options": { + "AdditionalSlaveSecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "To delete the volume's child volumes, snapshots, and clones, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` .", - "title": "Options", + "markdownDescription": "A list of additional Amazon EC2 security group IDs for the core and task nodes.", + "title": "AdditionalSlaveSecurityGroups", "type": "array" }, - "OriginSnapshot": { - "$ref": "#/definitions/AWS::FSx::Volume.OriginSnapshot", - "markdownDescription": "The configuration object that specifies the snapshot to use as the origin of the data for the volume.", - "title": "OriginSnapshot" + "CoreInstanceFleet": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the core instance fleet when using clusters with the instance fleet configuration.", + "title": "CoreInstanceFleet" }, - "ParentVolumeId": { - "markdownDescription": "The ID of the volume to use as the parent volume of the volume that you are creating.", - "title": "ParentVolumeId", + "CoreInstanceGroup": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for core instance groups when using clusters with the uniform instance group configuration.", + "title": "CoreInstanceGroup" + }, + "Ec2KeyName": { + "markdownDescription": "The name of the Amazon EC2 key pair that can be used to connect to the master node using SSH as the user called \"hadoop.\"", + "title": "Ec2KeyName", "type": "string" }, - "ReadOnly": { - "markdownDescription": "A Boolean value indicating whether the volume is read-only.", - "title": "ReadOnly", + "Ec2SubnetId": { + "markdownDescription": "Applies to clusters that use the uniform instance group configuration. To launch the cluster in Amazon Virtual Private Cloud (Amazon VPC), set this parameter to the identifier of the Amazon VPC subnet where you want the cluster to launch. If you do not specify this value and your account supports EC2-Classic, the cluster launches in EC2-Classic.", + "title": "Ec2SubnetId", + "type": "string" + }, + "Ec2SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.", + "title": "Ec2SubnetIds", + "type": "array" + }, + "EmrManagedMasterSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the master node. If you specify `EmrManagedMasterSecurityGroup` , you must also specify `EmrManagedSlaveSecurityGroup` .", + "title": "EmrManagedMasterSecurityGroup", + "type": "string" + }, + "EmrManagedSlaveSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the core and task nodes. If you specify `EmrManagedSlaveSecurityGroup` , you must also specify `EmrManagedMasterSecurityGroup` .", + "title": "EmrManagedSlaveSecurityGroup", + "type": "string" + }, + "HadoopVersion": { + "markdownDescription": "Applies only to Amazon EMR release versions earlier than 4.0. The Hadoop version for the cluster. Valid inputs are \"0.18\" (no longer maintained), \"0.20\" (no longer maintained), \"0.20.205\" (no longer maintained), \"1.0.3\", \"2.2.0\", or \"2.4.0\". If you do not set this value, the default of 0.18 is used, unless the `AmiVersion` parameter is set in the RunJobFlow call, in which case the default version of Hadoop for that AMI version is used.", + "title": "HadoopVersion", + "type": "string" + }, + "KeepJobFlowAliveWhenNoSteps": { + "markdownDescription": "Specifies whether the cluster should remain available after completing all steps. Defaults to `false` . For more information about configuring cluster termination, see [Control Cluster Termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) in the *EMR Management Guide* .", + "title": "KeepJobFlowAliveWhenNoSteps", "type": "boolean" }, - "RecordSizeKiB": { - "markdownDescription": "Specifies the suggested block size for a volume in a ZFS dataset, in kibibytes (KiB). For file systems using the Intelligent-Tiering storage class, valid values are 128, 256, 512, 1024, 2048, or 4096 KiB, with a default of 1024 KiB. For all other file systems, valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB, with a default of 128 KiB. We recommend using the default setting for the majority of use cases. Generally, workloads that write in fixed small or large record sizes may benefit from setting a custom record size, like database workloads (small record size) or media streaming workloads (large record size). For additional guidance on when to set a custom record size, see [ZFS Record size](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#record-size-performance) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "RecordSizeKiB", - "type": "number" + "MasterInstanceFleet": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance fleet when using clusters with the instance fleet configuration.", + "title": "MasterInstanceFleet" }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "Sets the maximum storage size in gibibytes (GiB) for the volume. You can specify a quota that is larger than the storage on the parent volume. A volume quota limits the amount of storage that the volume can consume to the configured amount, but does not guarantee the space will be available on the parent volume. To guarantee quota space, you must also set `StorageCapacityReservationGiB` . To *not* specify a storage capacity quota, set this to `-1` .\n\nFor more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageCapacityQuotaGiB", - "type": "number" + "MasterInstanceGroup": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", + "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance group when using clusters with the uniform instance group configuration.", + "title": "MasterInstanceGroup" }, - "StorageCapacityReservationGiB": { - "markdownDescription": "Specifies the amount of storage in gibibytes (GiB) to reserve from the parent volume. Setting `StorageCapacityReservationGiB` guarantees that the specified amount of storage space on the parent volume will always be available for the volume. You can't reserve more storage than the parent volume has. To *not* specify a storage capacity reservation, set this to `0` or `-1` . For more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", - "title": "StorageCapacityReservationGiB", - "type": "number" + "Placement": { + "$ref": "#/definitions/AWS::EMR::Cluster.PlacementType", + "markdownDescription": "The Availability Zone in which the cluster runs.", + "title": "Placement" }, - "UserAndGroupQuotas": { + "ServiceAccessSecurityGroup": { + "markdownDescription": "The identifier of the Amazon EC2 security group for the Amazon EMR service to access clusters in VPC private subnets.", + "title": "ServiceAccessSecurityGroup", + "type": "string" + }, + "TaskInstanceFleets": { "items": { - "$ref": "#/definitions/AWS::FSx::Volume.UserAndGroupQuotas" + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig" }, - "markdownDescription": "Configures how much storage users and groups can use on the volume.", - "title": "UserAndGroupQuotas", + "markdownDescription": "Describes the EC2 instances and instance configurations for the task instance fleets when using clusters with the instance fleet configuration. These task instance fleets are added to the cluster as part of the cluster launch. Each task instance fleet must have a unique name specified so that CloudFormation can differentiate between the task instance fleets.\n\n> You can currently specify only one task instance fleet for a cluster. After creating the cluster, you can only modify the mutable properties of `InstanceFleetConfig` , which are `TargetOnDemandCapacity` and `TargetSpotCapacity` . Modifying any other property results in cluster replacement. > To allow a maximum of 30 Amazon EC2 instance types per fleet, include `TaskInstanceFleets` when you create your cluster. If you create your cluster without `TaskInstanceFleets` , Amazon EMR uses its default allocation strategy, which allows for a maximum of five Amazon EC2 instance types.", + "title": "TaskInstanceFleets", + "type": "array" + }, + "TaskInstanceGroups": { + "items": { + "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig" + }, + "markdownDescription": "Describes the EC2 instances and instance configurations for task instance groups when using clusters with the uniform instance group configuration. These task instance groups are added to the cluster as part of the cluster launch. Each task instance group must have a unique name specified so that CloudFormation can differentiate between the task instance groups.\n\n> After creating the cluster, you can only modify the mutable properties of `InstanceGroupConfig` , which are `AutoScalingPolicy` and `InstanceCount` . Modifying any other property results in cluster replacement.", + "title": "TaskInstanceGroups", "type": "array" + }, + "TerminationProtected": { + "markdownDescription": "Specifies whether to lock the cluster to prevent the Amazon EC2 instances from being terminated by API call, user intervention, or in the event of a job-flow error.", + "title": "TerminationProtected", + "type": "boolean" + }, + "UnhealthyNodeReplacement": { + "markdownDescription": "Indicates whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster.", + "title": "UnhealthyNodeReplacement", + "type": "boolean" } }, - "required": [ - "ParentVolumeId" - ], "type": "object" }, - "AWS::FSx::Volume.OriginSnapshot": { + "AWS::EMR::Cluster.KerberosAttributes": { "additionalProperties": false, "properties": { - "CopyStrategy": { - "markdownDescription": "Specifies the strategy used when copying data from the snapshot to the new volume.\n\n- `CLONE` - The new volume references the data in the origin snapshot. Cloning a snapshot is faster than copying data from the snapshot to a new volume and doesn't consume disk throughput. However, the origin snapshot can't be deleted if there is a volume using its copied data.\n- `FULL_COPY` - Copies all data from the snapshot to the new volume.\n\nSpecify this option to create the volume from a snapshot on another FSx for OpenZFS file system.\n\n> The `INCREMENTAL_COPY` option is only for updating an existing volume by using a snapshot from another FSx for OpenZFS file system. For more information, see [CopySnapshotAndUpdateVolume](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html) .", - "title": "CopyStrategy", + "ADDomainJoinPassword": { + "markdownDescription": "The Active Directory password for `ADDomainJoinUser` .", + "title": "ADDomainJoinPassword", "type": "string" }, - "SnapshotARN": { - "markdownDescription": "Specifies the snapshot to use when creating an OpenZFS volume from a snapshot.", - "title": "SnapshotARN", + "ADDomainJoinUser": { + "markdownDescription": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.", + "title": "ADDomainJoinUser", + "type": "string" + }, + "CrossRealmTrustPrincipalPassword": { + "markdownDescription": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.", + "title": "CrossRealmTrustPrincipalPassword", + "type": "string" + }, + "KdcAdminPassword": { + "markdownDescription": "The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.", + "title": "KdcAdminPassword", + "type": "string" + }, + "Realm": { + "markdownDescription": "The name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL` .", + "title": "Realm", "type": "string" } }, "required": [ - "CopyStrategy", - "SnapshotARN" + "KdcAdminPassword", + "Realm" ], "type": "object" }, - "AWS::FSx::Volume.RetentionPeriod": { + "AWS::EMR::Cluster.KeyValue": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Defines the type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE` , the files are retained forever. If you set it to `UNSPECIFIED` , the files are retained until you set an explicit retention period.", - "title": "Type", + "Key": { + "markdownDescription": "The unique identifier of a key-value pair.", + "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "Defines the amount of time for the retention period of an FSx for ONTAP SnapLock volume. You can't set a value for `INFINITE` or `UNSPECIFIED` . For all other options, the following ranges are valid:\n\n- `Seconds` : 0 - 65,535\n- `Minutes` : 0 - 65,535\n- `Hours` : 0 - 24\n- `Days` : 0 - 365\n- `Months` : 0 - 12\n- `Years` : 0 - 100", + "markdownDescription": "The value part of the identified key.", "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.ManagedScalingPolicy": { + "additionalProperties": false, + "properties": { + "ComputeLimits": { + "$ref": "#/definitions/AWS::EMR::Cluster.ComputeLimits", + "markdownDescription": "The Amazon EC2 unit limits for a managed scaling policy. The managed scaling activity of a cluster is not allowed to go above or below these limits. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", + "title": "ComputeLimits" + }, + "ScalingStrategy": { + "markdownDescription": "Determines whether a custom scaling utilization performance index can be set. Possible values include *ADVANCED* or *DEFAULT* .", + "title": "ScalingStrategy", + "type": "string" + }, + "UtilizationPerformanceIndex": { + "markdownDescription": "An integer value that represents an advanced scaling strategy. Setting a higher value optimizes for performance. Setting a lower value optimizes for resource conservation. Setting the value to 50 balances performance and resource conservation. Possible values are 1, 25, 50, 75, and 100.", + "title": "UtilizationPerformanceIndex", "type": "number" } }, + "type": "object" + }, + "AWS::EMR::Cluster.MetricDimension": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The dimension name.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The dimension value.", + "title": "Value", + "type": "string" + } + }, "required": [ - "Type" + "Key", + "Value" ], "type": "object" }, - "AWS::FSx::Volume.SnaplockConfiguration": { + "AWS::EMR::Cluster.OnDemandCapacityReservationOptions": { "additionalProperties": false, "properties": { - "AuditLogVolume": { - "markdownDescription": "Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false` . If you set `AuditLogVolume` to `true` , the SnapLock volume is created as an audit log volume. The minimum retention period for an audit log volume is six months.\n\nFor more information, see [SnapLock audit log volumes](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume) .", - "title": "AuditLogVolume", + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `open` - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs as an On-Demand Instance.", + "title": "CapacityReservationPreference", "type": "string" }, - "AutocommitPeriod": { - "$ref": "#/definitions/AWS::FSx::Volume.AutocommitPeriod", - "markdownDescription": "The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume.", - "title": "AutocommitPeriod" + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", + "type": "string" }, - "PrivilegedDelete": { - "markdownDescription": "Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock administrators to delete write once, read many (WORM) files even if they have active retention periods. `PERMANENTLY_DISABLED` is a terminal state. If privileged delete is permanently disabled on a SnapLock volume, you can't re-enable it. The default value is `DISABLED` .\n\nFor more information, see [Privileged delete](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete) .", - "title": "PrivilegedDelete", + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` ).\n\nIf you do not specify a value, the fleet fulfills the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.OnDemandProvisioningSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", + "title": "AllocationStrategy", "type": "string" }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::FSx::Volume.SnaplockRetentionPeriod", - "markdownDescription": "Specifies the retention period of an FSx for ONTAP SnapLock volume.", - "title": "RetentionPeriod" + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandCapacityReservationOptions", + "markdownDescription": "The launch specification for On-Demand instances in the instance fleet, which determines the allocation strategy.", + "title": "CapacityReservationOptions" + } + }, + "required": [ + "AllocationStrategy" + ], + "type": "object" + }, + "AWS::EMR::Cluster.OnDemandResizingSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch On-Demand instances during a resize. The default is `lowest-price` .", + "title": "AllocationStrategy", + "type": "string" }, - "SnaplockType": { - "markdownDescription": "Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. You can choose one of the following retention modes:\n\n- `COMPLIANCE` : Files transitioned to write once, read many (WORM) on a Compliance volume can't be deleted until their retention periods expire. This retention mode is used to address government or industry-specific mandates or to protect against ransomware attacks. For more information, see [SnapLock Compliance](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html) .\n- `ENTERPRISE` : Files transitioned to WORM on an Enterprise volume can be deleted by authorized users before their retention periods expire using privileged delete. This retention mode is used to advance an organization's data integrity and internal compliance or to test retention settings before using SnapLock Compliance. For more information, see [SnapLock Enterprise](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html) .", - "title": "SnaplockType", + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandCapacityReservationOptions", + "markdownDescription": "", + "title": "CapacityReservationOptions" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "On-Demand resize timeout in minutes. If On-Demand Instances are not provisioned within this time, the resize workflow stops. The minimum value is 5 minutes, and the maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.PlacementGroupConfig": { + "additionalProperties": false, + "properties": { + "InstanceRole": { + "markdownDescription": "Role of the instance in the cluster.\n\nStarting with Amazon EMR release 5.23.0, the only supported instance role is `MASTER` .", + "title": "InstanceRole", "type": "string" }, - "VolumeAppendModeEnabled": { - "markdownDescription": "Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. Volume-append mode allows you to create WORM-appendable files and write data to them incrementally. The default value is `false` .\n\nFor more information, see [Volume-append mode](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append) .", - "title": "VolumeAppendModeEnabled", + "PlacementStrategy": { + "markdownDescription": "Amazon EC2 Placement Group strategy associated with instance role.\n\nStarting with Amazon EMR release 5.23.0, the only supported placement strategy is `SPREAD` for the `MASTER` instance role.", + "title": "PlacementStrategy", "type": "string" } }, "required": [ - "SnaplockType" + "InstanceRole" ], "type": "object" }, - "AWS::FSx::Volume.SnaplockRetentionPeriod": { + "AWS::EMR::Cluster.PlacementType": { "additionalProperties": false, "properties": { - "DefaultRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period.", - "title": "DefaultRetention" + "AvailabilityZone": { + "markdownDescription": "The Amazon EC2 Availability Zone for the cluster. `AvailabilityZone` is used for uniform instance groups, while `AvailabilityZones` (plural) is used for instance fleets.", + "title": "AvailabilityZone", + "type": "string" + } + }, + "required": [ + "AvailabilityZone" + ], + "type": "object" + }, + "AWS::EMR::Cluster.ScalingAction": { + "additionalProperties": false, + "properties": { + "Market": { + "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", + "title": "Market", + "type": "string" }, - "MaximumRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", - "title": "MaximumRetention" + "SimpleScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.SimpleScalingPolicyConfiguration", + "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", + "title": "SimpleScalingPolicyConfiguration" + } + }, + "required": [ + "SimpleScalingPolicyConfiguration" + ], + "type": "object" + }, + "AWS::EMR::Cluster.ScalingConstraints": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", + "title": "MaxCapacity", + "type": "number" }, - "MinimumRetention": { - "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", - "markdownDescription": "The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", - "title": "MinimumRetention" + "MinCapacity": { + "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", + "title": "MinCapacity", + "type": "number" } }, "required": [ - "DefaultRetention", - "MaximumRetention", - "MinimumRetention" + "MaxCapacity", + "MinCapacity" ], "type": "object" }, - "AWS::FSx::Volume.TieringPolicy": { + "AWS::EMR::Cluster.ScalingRule": { "additionalProperties": false, "properties": { - "CoolingPeriod": { - "markdownDescription": "Specifies the number of days that user data in a volume must remain inactive before it is considered \"cold\" and moved to the capacity pool. Used with the `AUTO` and `SNAPSHOT_ONLY` tiering policies. Enter a whole number between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY` .", - "title": "CoolingPeriod", + "Action": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingAction", + "markdownDescription": "The conditions that trigger an automatic scaling activity.", + "title": "Action" + }, + "Description": { + "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", + "title": "Name", + "type": "string" + }, + "Trigger": { + "$ref": "#/definitions/AWS::EMR::Cluster.ScalingTrigger", + "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", + "title": "Trigger" + } + }, + "required": [ + "Action", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::EMR::Cluster.ScalingTrigger": { + "additionalProperties": false, + "properties": { + "CloudWatchAlarmDefinition": { + "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchAlarmDefinition", + "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", + "title": "CloudWatchAlarmDefinition" + } + }, + "required": [ + "CloudWatchAlarmDefinition" + ], + "type": "object" + }, + "AWS::EMR::Cluster.ScriptBootstrapActionConfig": { + "additionalProperties": false, + "properties": { + "Args": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of command line arguments to pass to the bootstrap action script.", + "title": "Args", + "type": "array" + }, + "Path": { + "markdownDescription": "Location in Amazon S3 of the script to run during a bootstrap action.", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Path" + ], + "type": "object" + }, + "AWS::EMR::Cluster.SimpleScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "AdjustmentType": { + "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", + "title": "AdjustmentType", + "type": "string" + }, + "CoolDown": { + "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", + "title": "CoolDown", + "type": "number" + }, + "ScalingAdjustment": { + "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", + "title": "ScalingAdjustment", + "type": "number" + } + }, + "required": [ + "ScalingAdjustment" + ], + "type": "object" + }, + "AWS::EMR::Cluster.SpotProvisioningSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", + "title": "AllocationStrategy", + "type": "string" + }, + "BlockDurationMinutes": { + "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", + "title": "BlockDurationMinutes", + "type": "number" + }, + "TimeoutAction": { + "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", + "title": "TimeoutAction", + "type": "string" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", + "title": "TimeoutDurationMinutes", + "type": "number" + } + }, + "required": [ + "TimeoutAction", + "TimeoutDurationMinutes" + ], + "type": "object" + }, + "AWS::EMR::Cluster.SpotResizingSpecification": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch Spot instances during a resize. If you run Amazon EMR releases 6.9.0 or higher, the default is `price-capacity-optimized` . If you run Amazon EMR releases 6.8.0 or lower, the default is `capacity-optimized` .", + "title": "AllocationStrategy", + "type": "string" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "Spot resize timeout in minutes. If Spot Instances are not provisioned within this time, the resize workflow will stop provisioning of Spot instances. Minimum value is 5 minutes and maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::Cluster.StepConfig": { + "additionalProperties": false, + "properties": { + "ActionOnFailure": { + "markdownDescription": "The action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", + "title": "ActionOnFailure", + "type": "string" + }, + "HadoopJarStep": { + "$ref": "#/definitions/AWS::EMR::Cluster.HadoopJarStepConfig", + "markdownDescription": "The JAR file used for the step.", + "title": "HadoopJarStep" }, "Name": { - "markdownDescription": "Specifies the tiering policy used to transition data. Default value is `SNAPSHOT_ONLY` .\n\n- `SNAPSHOT_ONLY` - moves cold snapshots to the capacity pool storage tier.\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", + "markdownDescription": "The name of the step.", "title": "Name", "type": "string" } }, + "required": [ + "HadoopJarStep", + "Name" + ], "type": "object" }, - "AWS::FSx::Volume.UserAndGroupQuotas": { + "AWS::EMR::Cluster.VolumeSpecification": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID of the user or group that the quota applies to.", - "title": "Id", + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", "type": "number" }, - "StorageCapacityQuotaGiB": { - "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", - "title": "StorageCapacityQuotaGiB", + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", "type": "number" }, - "Type": { - "markdownDescription": "Specifies whether the quota applies to a user or group.", - "title": "Type", + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", "type": "string" } }, "required": [ - "Id", - "StorageCapacityQuotaGiB", - "Type" + "SizeInGB", + "VolumeType" ], "type": "object" }, - "AWS::FinSpace::Environment": { + "AWS::EMR::InstanceFleetConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -101035,53 +110263,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the FinSpace environment.", - "title": "Description", + "ClusterId": { + "markdownDescription": "The unique identifier of the EMR cluster.", + "title": "ClusterId", "type": "string" }, - "FederationMode": { - "markdownDescription": "The authentication mode for the environment.", - "title": "FederationMode", + "InstanceFleetType": { + "markdownDescription": "The node type that the instance fleet hosts.\n\n*Allowed Values* : TASK", + "title": "InstanceFleetType", "type": "string" }, - "FederationParameters": { - "$ref": "#/definitions/AWS::FinSpace::Environment.FederationParameters", - "markdownDescription": "Configuration information when authentication mode is FEDERATED.", - "title": "FederationParameters" + "InstanceTypeConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceTypeConfig" + }, + "markdownDescription": "`InstanceTypeConfigs` determine the EC2 instances that Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities.\n\n> The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.", + "title": "InstanceTypeConfigs", + "type": "array" }, - "KmsKeyId": { - "markdownDescription": "The KMS key id used to encrypt in the FinSpace environment.", - "title": "KmsKeyId", - "type": "string" + "LaunchSpecifications": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications", + "markdownDescription": "The launch specification for the instance fleet.", + "title": "LaunchSpecifications" }, "Name": { - "markdownDescription": "The name of the FinSpace environment.", + "markdownDescription": "The friendly name of the instance fleet.", "title": "Name", "type": "string" }, - "SuperuserParameters": { - "$ref": "#/definitions/AWS::FinSpace::Environment.SuperuserParameters", - "markdownDescription": "Configuration information for the superuser.", - "title": "SuperuserParameters" + "ResizeSpecifications": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetResizingSpecifications", + "markdownDescription": "The resize specification for the instance fleet.", + "title": "ResizeSpecifications" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" + "TargetOnDemandCapacity": { + "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetOnDemandCapacity", + "type": "number" + }, + "TargetSpotCapacity": { + "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", + "title": "TargetSpotCapacity", + "type": "number" } }, "required": [ - "Name" + "ClusterId", + "InstanceFleetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::FinSpace::Environment" + "AWS::EMR::InstanceFleetConfig" ], "type": "string" }, @@ -101100,341 +110334,296 @@ ], "type": "object" }, - "AWS::FinSpace::Environment.AttributeMapItems": { + "AWS::EMR::InstanceFleetConfig.Configuration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "string" + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConfigurationProperties", + "type": "object" + }, + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" + }, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", + "type": "array" } }, "type": "object" }, - "AWS::FinSpace::Environment.FederationParameters": { + "AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig": { "additionalProperties": false, "properties": { - "ApplicationCallBackURL": { - "markdownDescription": "The redirect or sign-in URL that should be entered into the SAML 2.0 compliant identity provider configuration (IdP).", - "title": "ApplicationCallBackURL", - "type": "string" - }, - "AttributeMap": { - "items": { - "$ref": "#/definitions/AWS::FinSpace::Environment.AttributeMapItems" - }, - "markdownDescription": "SAML attribute name and value. The name must always be `Email` and the value should be set to the attribute definition in which user email is set. For example, name would be `Email` and value `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` . Please check your SAML 2.0 compliant identity provider (IdP) documentation for details.", - "title": "AttributeMap", - "type": "array" - }, - "FederationProviderName": { - "markdownDescription": "Name of the identity provider (IdP).", - "title": "FederationProviderName", - "type": "string" - }, - "FederationURN": { - "markdownDescription": "The Uniform Resource Name (URN). Also referred as Service Provider URN or Audience URI or Service Provider Entity ID.", - "title": "FederationURN", - "type": "string" - }, - "SamlMetadataDocument": { - "markdownDescription": "SAML 2.0 Metadata document from identity provider (IdP).", - "title": "SamlMetadataDocument", - "type": "string" + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" }, - "SamlMetadataURL": { - "markdownDescription": "Provide the metadata URL from your SAML 2.0 compliant identity provider (IdP).", - "title": "SamlMetadataURL", - "type": "string" + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" } }, + "required": [ + "VolumeSpecification" + ], "type": "object" }, - "AWS::FinSpace::Environment.SuperuserParameters": { + "AWS::EMR::InstanceFleetConfig.EbsConfiguration": { "additionalProperties": false, "properties": { - "EmailAddress": { - "markdownDescription": "The email address of the superuser.", - "title": "EmailAddress", - "type": "string" + "EbsBlockDeviceConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig" + }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", + "type": "array" }, - "FirstName": { - "markdownDescription": "The first name of the superuser.", - "title": "FirstName", - "type": "string" + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications": { + "additionalProperties": false, + "properties": { + "OnDemandSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification", + "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy and capacity reservation options.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", + "title": "OnDemandSpecification" }, - "LastName": { - "markdownDescription": "The last name of the superuser.", - "title": "LastName", - "type": "string" + "SpotSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification", + "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the allocation strategy, defined duration, and provisioning timeout behavior.", + "title": "SpotSpecification" } }, "type": "object" }, - "AWS::Forecast::Dataset": { + "AWS::EMR::InstanceFleetConfig.InstanceFleetResizingSpecifications": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "OnDemandResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandResizingSpecification", + "markdownDescription": "The resize specification for On-Demand Instances in the instance fleet, which contains the allocation strategy, capacity reservation options, and the resize timeout period.", + "title": "OnDemandResizeSpecification" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SpotResizeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotResizingSpecification", + "markdownDescription": "The resize specification for Spot Instances in the instance fleet, which contains the allocation strategy and the resize timeout period.", + "title": "SpotResizeSpecification" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceFleetConfig.InstanceTypeConfig": { + "additionalProperties": false, + "properties": { + "BidPrice": { + "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPrice", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "BidPriceAsPercentageOfOnDemandPrice": { + "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", + "title": "BidPriceAsPercentageOfOnDemandPrice", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataFrequency": { - "markdownDescription": "The frequency of data collection. This parameter is required for RELATED_TIME_SERIES datasets.\n\nValid intervals are an integer followed by Y (Year), M (Month), W (Week), D (Day), H (Hour), and min (Minute). For example, \"1D\" indicates every day and \"15min\" indicates every 15 minutes. You cannot specify a value that would overlap with the next larger frequency. That means, for example, you cannot specify a frequency of 60 minutes, because that is equivalent to 1 hour. The valid values for each frequency are the following:\n\n- Minute - 1-59\n- Hour - 1-23\n- Day - 1-6\n- Week - 1-4\n- Month - 1-11\n- Year - 1\n\nThus, if you want every other week forecasts, specify \"2W\". Or, if you want quarterly forecasts, you specify \"3M\".", - "title": "DataFrequency", - "type": "string" - }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", - "type": "string" - }, - "DatasetType": { - "markdownDescription": "The dataset type.", - "title": "DatasetType", - "type": "string" - }, - "Domain": { - "markdownDescription": "The domain associated with the dataset.", - "title": "Domain", - "type": "string" - }, - "EncryptionConfig": { - "$ref": "#/definitions/AWS::Forecast::Dataset.EncryptionConfig", - "markdownDescription": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key.", - "title": "EncryptionConfig" - }, - "Schema": { - "$ref": "#/definitions/AWS::Forecast::Dataset.Schema", - "markdownDescription": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) .", - "title": "Schema" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::Forecast::Dataset.TagsItems" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "Configurations": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" }, - "required": [ - "DatasetName", - "DatasetType", - "Domain", - "Schema" - ], - "type": "object" + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nAn optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see [Configuring Applications](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) .", + "title": "Configurations", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Forecast::Dataset" - ], + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the instance type.", + "title": "CustomAmiId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsConfiguration", + "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", + "title": "EbsConfiguration" + }, + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", + "title": "InstanceType", "type": "string" + }, + "Priority": { + "markdownDescription": "The priority at which Amazon EMR launches the Amazon EC2 instances with this instance type. Priority starts at 0, which is the highest priority. Amazon EMR considers the highest priority first.", + "title": "Priority", + "type": "number" + }, + "WeightedCapacity": { + "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", + "title": "WeightedCapacity", + "type": "number" } }, "required": [ - "Type", - "Properties" + "InstanceType" ], "type": "object" }, - "AWS::Forecast::Dataset.AttributesItems": { + "AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "", - "title": "AttributeName", + "CapacityReservationPreference": { + "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `open` - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs as an On-Demand Instance.", + "title": "CapacityReservationPreference", "type": "string" }, - "AttributeType": { - "markdownDescription": "", - "title": "AttributeType", + "CapacityReservationResourceGroupArn": { + "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "title": "CapacityReservationResourceGroupArn", + "type": "string" + }, + "UsageStrategy": { + "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` ).\n\nIf you do not specify a value, the fleet fulfills the On-Demand capacity according to the chosen On-Demand allocation strategy.", + "title": "UsageStrategy", "type": "string" } }, "type": "object" }, - "AWS::Forecast::Dataset.EncryptionConfig": { + "AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key.", - "title": "KmsKeyArn", + "AllocationStrategy": { + "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", + "title": "AllocationStrategy", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.\n\nPassing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error.", - "title": "RoleArn", - "type": "string" + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions", + "markdownDescription": "The launch specification for On-Demand instances in the instance fleet, which determines the allocation strategy.", + "title": "CapacityReservationOptions" } }, + "required": [ + "AllocationStrategy" + ], "type": "object" }, - "AWS::Forecast::Dataset.Schema": { + "AWS::EMR::InstanceFleetConfig.OnDemandResizingSpecification": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::Forecast::Dataset.AttributesItems" - }, - "markdownDescription": "An array of attributes specifying the name and type of each field in a dataset.", - "title": "Attributes", - "type": "array" + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch On-Demand instances during a resize. The default is `lowest-price` .", + "title": "AllocationStrategy", + "type": "string" + }, + "CapacityReservationOptions": { + "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandCapacityReservationOptions", + "markdownDescription": "", + "title": "CapacityReservationOptions" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "On-Demand resize timeout in minutes. If On-Demand Instances are not provisioned within this time, the resize workflow stops. The minimum value is 5 minutes, and the maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "type": "object" }, - "AWS::Forecast::Dataset.TagsItems": { + "AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", + "AllocationStrategy": { + "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", + "title": "AllocationStrategy", "type": "string" }, - "Value": { - "markdownDescription": "", - "title": "Value", + "BlockDurationMinutes": { + "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", + "title": "BlockDurationMinutes", + "type": "number" + }, + "TimeoutAction": { + "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", + "title": "TimeoutAction", "type": "string" + }, + "TimeoutDurationMinutes": { + "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", + "title": "TimeoutDurationMinutes", + "type": "number" } }, "required": [ - "Key", - "Value" + "TimeoutAction", + "TimeoutDurationMinutes" ], "type": "object" }, - "AWS::Forecast::DatasetGroup": { + "AWS::EMR::InstanceFleetConfig.SpotResizingSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AllocationStrategy": { + "markdownDescription": "Specifies the allocation strategy to use to launch Spot instances during a resize. If you run Amazon EMR releases 6.9.0 or higher, the default is `price-capacity-optimized` . If you run Amazon EMR releases 6.8.0 or lower, the default is `capacity-optimized` .", + "title": "AllocationStrategy", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "TimeoutDurationMinutes": { + "markdownDescription": "Spot resize timeout in minutes. If Spot Instances are not provisioned within this time, the resize workflow will stop provisioning of Spot instances. Minimum value is 5 minutes and maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.", + "title": "TimeoutDurationMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMR::InstanceFleetConfig.VolumeSpecification": { + "additionalProperties": false, + "properties": { + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatasetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group.", - "title": "DatasetArns", - "type": "array" - }, - "DatasetGroupName": { - "markdownDescription": "The name of the dataset group.", - "title": "DatasetGroupName", - "type": "string" - }, - "Domain": { - "markdownDescription": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the `Domain` parameter of the [CreateDataset](https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html) operation must match.\n\nThe `Domain` and `DatasetType` that you choose determine the fields that must be present in training data that you import to a dataset. For example, if you choose the `RETAIL` domain and `TARGET_TIME_SERIES` as the `DatasetType` , Amazon Forecast requires that `item_id` , `timestamp` , and `demand` fields are present in your data. For more information, see [Dataset groups](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-datasets-groups.html) .", - "title": "Domain", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DatasetGroupName", - "Domain" - ], - "type": "object" + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Forecast::DatasetGroup" - ], - "type": "string" + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", "type": "string" } }, "required": [ - "Type", - "Properties" + "SizeInGB", + "VolumeType" ], "type": "object" }, - "AWS::FraudDetector::Detector": { + "AWS::EMR::InstanceGroupConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -101469,66 +110658,76 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociatedModels": { + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.AutoScalingPolicy", + "markdownDescription": "`AutoScalingPolicy` is a subproperty of `InstanceGroupConfig` . `AutoScalingPolicy` defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) in the *Amazon EMR Management Guide* .", + "title": "AutoScalingPolicy" + }, + "BidPrice": { + "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", + "title": "BidPrice", + "type": "string" + }, + "Configurations": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Model" + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" }, - "markdownDescription": "The models to associate with this detector. You must provide the ARNs of all the models you want to associate.", - "title": "AssociatedModels", + "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", + "title": "Configurations", "type": "array" }, - "Description": { - "markdownDescription": "The detector description.", - "title": "Description", + "CustomAmiId": { + "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", + "title": "CustomAmiId", "type": "string" }, - "DetectorId": { - "markdownDescription": "The name of the detector.", - "title": "DetectorId", - "type": "string" + "EbsConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsConfiguration", + "markdownDescription": "`EbsConfiguration` determines the EBS volumes to attach to EMR cluster instances.", + "title": "EbsConfiguration" }, - "DetectorVersionStatus": { - "markdownDescription": "The status of the detector version. If a value is not provided for this property, AWS CloudFormation assumes `DRAFT` status.\n\nValid values: `ACTIVE | DRAFT`", - "title": "DetectorVersionStatus", + "InstanceCount": { + "markdownDescription": "Target number of instances for the instance group.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceRole": { + "markdownDescription": "The role of the instance group in the cluster.\n\n*Allowed Values* : TASK", + "title": "InstanceRole", "type": "string" }, - "EventType": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EventType", - "markdownDescription": "The event type associated with this detector.", - "title": "EventType" + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", + "title": "InstanceType", + "type": "string" }, - "RuleExecutionMode": { - "markdownDescription": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules.", - "title": "RuleExecutionMode", + "JobFlowId": { + "markdownDescription": "The ID of an Amazon EMR cluster that you want to associate this instance group with.", + "title": "JobFlowId", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Rule" - }, - "markdownDescription": "The rules to include in the detector version.", - "title": "Rules", - "type": "array" + "Market": { + "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", + "title": "Market", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "Friendly name given to the instance group.", + "title": "Name", + "type": "string" } }, "required": [ - "DetectorId", - "EventType", - "Rules" + "InstanceCount", + "InstanceRole", + "InstanceType", + "JobFlowId" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::Detector" + "AWS::EMR::InstanceGroupConfig" ], "type": "string" }, @@ -101547,349 +110746,316 @@ ], "type": "object" }, - "AWS::FraudDetector::Detector.EntityType": { + "AWS::EMR::InstanceGroupConfig.AutoScalingPolicy": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the entity type was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the entity type was last updated.", - "title": "LastUpdatedTime", - "type": "string" - }, - "Name": { - "markdownDescription": "The entity type name.", - "title": "Name", - "type": "string" + "Constraints": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingConstraints", + "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", + "title": "Constraints" }, - "Tags": { + "Rules": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingRule" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", + "title": "Rules", "type": "array" } }, + "required": [ + "Constraints", + "Rules" + ], "type": "object" }, - "AWS::FraudDetector::Detector.EventType": { + "AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The event type description.", - "title": "Description", + "ComparisonOperator": { + "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", + "title": "ComparisonOperator", "type": "string" }, - "EntityTypes": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EntityType" - }, - "markdownDescription": "The event type entity types.", - "title": "EntityTypes", - "type": "array" - }, - "EventVariables": { + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.EventVariable" + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.MetricDimension" }, - "markdownDescription": "The event type event variables.", - "title": "EventVariables", + "markdownDescription": "A CloudWatch metric dimension.", + "title": "Dimensions", "type": "array" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" + "EvaluationPeriods": { + "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", + "title": "EvaluationPeriods", + "type": "number" }, - "Labels": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Label" - }, - "markdownDescription": "The event type labels.", - "title": "Labels", - "type": "array" + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", + "title": "MetricName", + "type": "string" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the event type was last updated.", - "title": "LastUpdatedTime", + "Namespace": { + "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", + "title": "Namespace", "type": "string" }, - "Name": { - "markdownDescription": "The event type name.", - "title": "Name", + "Period": { + "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", + "title": "Statistic", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", + "title": "Unit", + "type": "string" } }, + "required": [ + "ComparisonOperator", + "MetricName", + "Period", + "Threshold" + ], "type": "object" }, - "AWS::FraudDetector::Detector.EventVariable": { + "AWS::EMR::InstanceGroupConfig.Configuration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The event variable ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp for when the event variable was created.", - "title": "CreatedTime", - "type": "string" - }, - "DataSource": { - "markdownDescription": "The data source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", - "type": "string" - }, - "DataType": { - "markdownDescription": "The data type of the event variable.\n\nValid values: `STRING | INTEGER | BOOLEAN | FLOAT`", - "title": "DataType", - "type": "string" - }, - "DefaultValue": { - "markdownDescription": "The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN.", - "title": "DefaultValue", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the event variable.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the event variable was last updated.", - "title": "LastUpdatedTime", + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", "type": "string" }, - "Name": { - "markdownDescription": "The name of the event variable.", - "title": "Name", - "type": "string" + "ConfigurationProperties": { + "additionalProperties": true, + "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConfigurationProperties", + "type": "object" }, - "Tags": { + "Configurations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", "type": "array" - }, - "VariableType": { - "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .", - "title": "VariableType", - "type": "string" } }, "type": "object" }, - "AWS::FraudDetector::Detector.Label": { + "AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The label ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", - "type": "string" + "VolumeSpecification": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.VolumeSpecification", + "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", + "title": "VolumeSpecification" }, - "Description": { - "markdownDescription": "The label description.", - "title": "Description", - "type": "string" + "VolumesPerInstance": { + "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", + "title": "VolumesPerInstance", + "type": "number" + } + }, + "required": [ + "VolumeSpecification" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.EbsConfiguration": { + "additionalProperties": false, + "properties": { + "EbsBlockDeviceConfigs": { + "items": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig" + }, + "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", + "title": "EbsBlockDeviceConfigs", + "type": "array" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", + "EbsOptimized": { + "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized. The default is false. You should explicitly set this value to true to enable the Amazon EBS-optimized setting for an EC2 instance.", + "title": "EbsOptimized", "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the label was last updated.", - "title": "LastUpdatedTime", + } + }, + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.MetricDimension": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The dimension name.", + "title": "Key", "type": "string" }, - "Name": { - "markdownDescription": "The label name.", - "title": "Name", + "Value": { + "markdownDescription": "The dimension value.", + "title": "Value", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Model": { + "AWS::EMR::InstanceGroupConfig.ScalingAction": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the model.", - "title": "Arn", + "Market": { + "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", + "title": "Market", "type": "string" + }, + "SimpleScalingPolicyConfiguration": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration", + "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", + "title": "SimpleScalingPolicyConfiguration" } }, + "required": [ + "SimpleScalingPolicyConfiguration" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Outcome": { + "AWS::EMR::InstanceGroupConfig.ScalingConstraints": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The outcome ARN.", - "title": "Arn", - "type": "string" + "MaxCapacity": { + "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", + "title": "MaxCapacity", + "type": "number" }, - "CreatedTime": { - "markdownDescription": "The timestamp when the outcome was created.", - "title": "CreatedTime", - "type": "string" + "MinCapacity": { + "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", + "title": "MinCapacity", + "type": "number" + } + }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.ScalingRule": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingAction", + "markdownDescription": "The conditions that trigger an automatic scaling activity.", + "title": "Action" }, "Description": { - "markdownDescription": "The outcome description.", + "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", "title": "Description", "type": "string" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "The timestamp when the outcome was last updated.", - "title": "LastUpdatedTime", - "type": "string" - }, "Name": { - "markdownDescription": "The outcome name.", + "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "Trigger": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingTrigger", + "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", + "title": "Trigger" } }, + "required": [ + "Action", + "Name", + "Trigger" + ], "type": "object" }, - "AWS::FraudDetector::Detector.Rule": { + "AWS::EMR::InstanceGroupConfig.ScalingTrigger": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The rule ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp for when the rule was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The rule description.", - "title": "Description", - "type": "string" - }, - "DetectorId": { - "markdownDescription": "The detector for which the rule is associated.", - "title": "DetectorId", - "type": "string" - }, - "Expression": { - "markdownDescription": "The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) .", - "title": "Expression", + "CloudWatchAlarmDefinition": { + "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition", + "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", + "title": "CloudWatchAlarmDefinition" + } + }, + "required": [ + "CloudWatchAlarmDefinition" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "AdjustmentType": { + "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", + "title": "AdjustmentType", "type": "string" }, - "Language": { - "markdownDescription": "The rule language.\n\nValid Value: DETECTORPL", - "title": "Language", - "type": "string" + "CoolDown": { + "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", + "title": "CoolDown", + "type": "number" }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the rule was last updated.", - "title": "LastUpdatedTime", - "type": "string" + "ScalingAdjustment": { + "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", + "title": "ScalingAdjustment", + "type": "number" + } + }, + "required": [ + "ScalingAdjustment" + ], + "type": "object" + }, + "AWS::EMR::InstanceGroupConfig.VolumeSpecification": { + "additionalProperties": false, + "properties": { + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", + "title": "Iops", + "type": "number" }, - "Outcomes": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::Detector.Outcome" - }, - "markdownDescription": "The rule outcome.", - "title": "Outcomes", - "type": "array" + "SizeInGB": { + "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", + "title": "SizeInGB", + "type": "number" }, - "RuleId": { - "markdownDescription": "The rule ID.", - "title": "RuleId", - "type": "string" + "Throughput": { + "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", + "title": "Throughput", + "type": "number" }, - "RuleVersion": { - "markdownDescription": "The rule version.", - "title": "RuleVersion", + "VolumeType": { + "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", + "title": "VolumeType", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" } }, + "required": [ + "SizeInGB", + "VolumeType" + ], "type": "object" }, - "AWS::FraudDetector::EntityType": { + "AWS::EMR::SecurityConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -101924,33 +111090,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", - "type": "string" - }, "Name": { - "markdownDescription": "The entity type name.\n\nPattern: `^[0-9a-z_-]+$`", + "markdownDescription": "The name of the security configuration.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A key and value pair.", - "title": "Tags", - "type": "array" + "SecurityConfiguration": { + "markdownDescription": "The security configuration details in JSON format. For JSON parameters and examples, see [Use Security Configurations to Set Up Cluster Security](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-security-configurations.html) in the *Amazon EMR Management Guide* .", + "title": "SecurityConfiguration", + "type": "object" } }, "required": [ - "Name" + "SecurityConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::EntityType" + "AWS::EMR::SecurityConfiguration" ], "type": "string" }, @@ -101969,7 +111127,7 @@ ], "type": "object" }, - "AWS::FraudDetector::EventType": { + "AWS::EMR::Step": { "additionalProperties": false, "properties": { "Condition": { @@ -102004,60 +111162,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The event type description.", - "title": "Description", + "ActionOnFailure": { + "markdownDescription": "This specifies what action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", + "title": "ActionOnFailure", "type": "string" }, - "EntityTypes": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.EntityType" - }, - "markdownDescription": "The event type entity types.", - "title": "EntityTypes", - "type": "array" - }, - "EventVariables": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.EventVariable" - }, - "markdownDescription": "The event type event variables.", - "title": "EventVariables", - "type": "array" + "HadoopJarStep": { + "$ref": "#/definitions/AWS::EMR::Step.HadoopJarStepConfig", + "markdownDescription": "The `HadoopJarStepConfig` property type specifies a job flow step consisting of a JAR file whose main function will be executed. The main function submits a job for the cluster to execute as a step on the master node, and then waits for the job to finish or fail before executing subsequent steps.", + "title": "HadoopJarStep" }, - "Labels": { - "items": { - "$ref": "#/definitions/AWS::FraudDetector::EventType.Label" - }, - "markdownDescription": "The event type labels.", - "title": "Labels", - "type": "array" + "JobFlowId": { + "markdownDescription": "A string that uniquely identifies the cluster (job flow).", + "title": "JobFlowId", + "type": "string" }, "Name": { - "markdownDescription": "The event type name.\n\nPattern : `^[0-9a-z_-]+$`", + "markdownDescription": "The name of the cluster step.", "title": "Name", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" } }, "required": [ - "EntityTypes", - "EventVariables", - "Labels", + "ActionOnFailure", + "HadoopJarStep", + "JobFlowId", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::EventType" + "AWS::EMR::Step" ], "type": "string" }, @@ -102076,159 +111212,58 @@ ], "type": "object" }, - "AWS::FraudDetector::EventType.EntityType": { + "AWS::EMR::Step.HadoopJarStepConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The entity type ARN.", - "title": "Arn", - "type": "string" + "Args": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", + "title": "Args", + "type": "array" }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the entity type was created.", - "title": "CreatedTime", + "Jar": { + "markdownDescription": "A path to a JAR file run during the step.", + "title": "Jar", "type": "string" }, - "Description": { - "markdownDescription": "The entity type description.", - "title": "Description", + "MainClass": { + "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", + "title": "MainClass", "type": "string" }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the entity type was last updated.", - "title": "LastUpdatedTime", - "type": "string" - }, - "Name": { - "markdownDescription": "The entity type name.\n\n`^[0-9a-z_-]+$`", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::FraudDetector::EventType.EventVariable": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The event variable ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp for when event variable was created.", - "title": "CreatedTime", - "type": "string" - }, - "DataSource": { - "markdownDescription": "The source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", - "type": "string" - }, - "DataType": { - "markdownDescription": "The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) .", - "title": "DataType", - "type": "string" - }, - "DefaultValue": { - "markdownDescription": "The default value of the event variable", - "title": "DefaultValue", - "type": "string" - }, - "Description": { - "markdownDescription": "The event variable description.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp for when the event variable was last updated.", - "title": "LastUpdatedTime", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the event variable.", - "title": "Name", - "type": "string" - }, - "Tags": { + "StepProperties": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::EMR::Step.KeyValue" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.", + "title": "StepProperties", "type": "array" - }, - "VariableType": { - "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) .", - "title": "VariableType", - "type": "string" } }, + "required": [ + "Jar" + ], "type": "object" }, - "AWS::FraudDetector::EventType.Label": { + "AWS::EMR::Step.KeyValue": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The label ARN.", - "title": "Arn", - "type": "string" - }, - "CreatedTime": { - "markdownDescription": "Timestamp of when the event type was created.", - "title": "CreatedTime", - "type": "string" - }, - "Description": { - "markdownDescription": "The label description.", - "title": "Description", - "type": "string" - }, - "Inline": { - "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables.", - "title": "Inline", - "type": "boolean" - }, - "LastUpdatedTime": { - "markdownDescription": "Timestamp of when the label was last updated.", - "title": "LastUpdatedTime", + "Key": { + "markdownDescription": "The unique identifier of a key-value pair.", + "title": "Key", "type": "string" }, - "Name": { - "markdownDescription": "The label name.", - "title": "Name", + "Value": { + "markdownDescription": "The value part of the identified key.", + "title": "Value", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::FraudDetector::Label": { + "AWS::EMR::Studio": { "additionalProperties": false, "properties": { "Condition": { @@ -102263,104 +111298,69 @@ "Properties": { "additionalProperties": false, "properties": { + "AuthMode": { + "markdownDescription": "Specifies whether the Studio authenticates users using IAM Identity Center or IAM.", + "title": "AuthMode", + "type": "string" + }, + "DefaultS3Location": { + "markdownDescription": "The Amazon S3 location to back up EMR Studio Workspaces and notebook files.", + "title": "DefaultS3Location", + "type": "string" + }, "Description": { - "markdownDescription": "The label description.", + "markdownDescription": "A detailed description of the Amazon EMR Studio.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The label name.\n\nPattern: `^[0-9a-z_-]+$`", - "title": "Name", + "EncryptionKeyArn": { + "markdownDescription": "The AWS KMS key identifier (ARN) used to encrypt Amazon EMR Studio workspace and notebook files when backed up to Amazon S3.", + "title": "EncryptionKeyArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::FraudDetector::Label" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::FraudDetector::List": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "EngineSecurityGroupId": { + "markdownDescription": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `VpcId` .", + "title": "EngineSecurityGroupId", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the list.", - "title": "Description", + "IdcInstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance the Studio application belongs to.", + "title": "IdcInstanceArn", "type": "string" }, - "Elements": { - "items": { - "type": "string" - }, - "markdownDescription": "The elements in the list.", - "title": "Elements", - "type": "array" + "IdcUserAssignment": { + "markdownDescription": "Indicates whether the Studio has `REQUIRED` or `OPTIONAL` IAM Identity Center user assignment. If the value is set to `REQUIRED` , users must be explicitly assigned to the Studio application to access the Studio.", + "title": "IdcUserAssignment", + "type": "string" + }, + "IdpAuthUrl": { + "markdownDescription": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.", + "title": "IdpAuthUrl", + "type": "string" + }, + "IdpRelayStateParameterName": { + "markdownDescription": "The name of your identity provider's `RelayState` parameter.", + "title": "IdpRelayStateParameterName", + "type": "string" }, "Name": { - "markdownDescription": "The name of the list.", + "markdownDescription": "A descriptive name for the Amazon EMR Studio.", "title": "Name", "type": "string" }, + "ServiceRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services.", + "title": "ServiceRole", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `VpcId` . Studio users can create a Workspace in any of the specified subnets.", + "title": "SubnetIds", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -102369,20 +111369,42 @@ "title": "Tags", "type": "array" }, - "VariableType": { - "markdownDescription": "The variable type of the list. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types)", - "title": "VariableType", + "TrustedIdentityPropagationEnabled": { + "markdownDescription": "Indicates whether the Studio has Trusted identity propagation enabled. The default value is `false` .", + "title": "TrustedIdentityPropagationEnabled", + "type": "boolean" + }, + "UserRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify `UserRole` when you set `AuthMode` to `SSO` .", + "title": "UserRole", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.", + "title": "VpcId", + "type": "string" + }, + "WorkspaceSecurityGroupId": { + "markdownDescription": "The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.", + "title": "WorkspaceSecurityGroupId", "type": "string" } }, "required": [ - "Name" + "AuthMode", + "DefaultS3Location", + "EngineSecurityGroupId", + "Name", + "ServiceRole", + "SubnetIds", + "VpcId", + "WorkspaceSecurityGroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::List" + "AWS::EMR::Studio" ], "type": "string" }, @@ -102401,7 +111423,7 @@ ], "type": "object" }, - "AWS::FraudDetector::Outcome": { + "AWS::EMR::StudioSessionMapping": { "additionalProperties": false, "properties": { "Condition": { @@ -102436,33 +111458,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The outcome description.", - "title": "Description", + "IdentityName": { + "markdownDescription": "The name of the user or group. For more information, see [UserName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) and [DisplayName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) in the *IAM Identity Center Identity Store API Reference* .", + "title": "IdentityName", "type": "string" }, - "Name": { - "markdownDescription": "The outcome name.", - "title": "Name", + "IdentityType": { + "markdownDescription": "Specifies whether the identity to map to the Amazon EMR Studio is a user or a group.", + "title": "IdentityType", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "SessionPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles. For more information, see [Create an EMR Studio user role with session policies](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-user-role.html) in the *Amazon EMR Management Guide* .", + "title": "SessionPolicyArn", + "type": "string" + }, + "StudioId": { + "markdownDescription": "The ID of the Amazon EMR Studio to which the user or group will be mapped.", + "title": "StudioId", + "type": "string" } }, "required": [ - "Name" + "IdentityName", + "IdentityType", + "SessionPolicyArn", + "StudioId" ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::Outcome" + "AWS::EMR::StudioSessionMapping" ], "type": "string" }, @@ -102481,7 +111508,7 @@ ], "type": "object" }, - "AWS::FraudDetector::Variable": { + "AWS::EMR::WALWorkspace": { "additionalProperties": false, "properties": { "Condition": { @@ -102516,56 +111543,25 @@ "Properties": { "additionalProperties": false, "properties": { - "DataSource": { - "markdownDescription": "The data source of the variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", - "title": "DataSource", - "type": "string" - }, - "DataType": { - "markdownDescription": "The data type of the variable.\n\nValid data types: `STRING | INTEGER | BOOLEAN | FLOAT`", - "title": "DataType", - "type": "string" - }, - "DefaultValue": { - "markdownDescription": "The default value of the variable.", - "title": "DefaultValue", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the variable.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the variable.\n\nPattern: `^[0-9a-z_-]+$`", - "title": "Name", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "VariableType": { - "markdownDescription": "The type of the variable. For more information see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .\n\nValid Values: `AUTH_CODE | AVS | BILLING_ADDRESS_L1 | BILLING_ADDRESS_L2 | BILLING_CITY | BILLING_COUNTRY | BILLING_NAME | BILLING_PHONE | BILLING_STATE | BILLING_ZIP | CARD_BIN | CATEGORICAL | CURRENCY_CODE | EMAIL_ADDRESS | FINGERPRINT | FRAUD_LABEL | FREE_FORM_TEXT | IP_ADDRESS | NUMERIC | ORDER_ID | PAYMENT_TYPE | PHONE_NUMBER | PRICE | PRODUCT_CATEGORY | SHIPPING_ADDRESS_L1 | SHIPPING_ADDRESS_L2 | SHIPPING_CITY | SHIPPING_COUNTRY | SHIPPING_NAME | SHIPPING_PHONE | SHIPPING_STATE | SHIPPING_ZIP | USERAGENT`", - "title": "VariableType", + "WALWorkspaceName": { + "markdownDescription": "", + "title": "WALWorkspaceName", "type": "string" } }, - "required": [ - "DataSource", - "DataType", - "DefaultValue", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::FraudDetector::Variable" + "AWS::EMR::WALWorkspace" ], "type": "string" }, @@ -102579,12 +111575,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::GameLift::Alias": { + "AWS::EMRContainers::VirtualCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -102619,31 +111614,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A human-readable description of the alias.", - "title": "Description", - "type": "string" + "ContainerProvider": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerProvider", + "markdownDescription": "The container provider of the virtual cluster.", + "title": "ContainerProvider" }, "Name": { - "markdownDescription": "A descriptive label that is associated with an alias. Alias names do not need to be unique.", + "markdownDescription": "The name of the virtual cluster.", "title": "Name", "type": "string" }, - "RoutingStrategy": { - "$ref": "#/definitions/AWS::GameLift::Alias.RoutingStrategy", - "markdownDescription": "The routing configuration, including routing type and fleet target, for the alias.", - "title": "RoutingStrategy" + "SecurityConfigurationId": { + "markdownDescription": "The ID of the security configuration.", + "title": "SecurityConfigurationId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "Name", - "RoutingStrategy" + "ContainerProvider", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::Alias" + "AWS::EMRContainers::VirtualCluster" ], "type": "string" }, @@ -102662,145 +111665,61 @@ ], "type": "object" }, - "AWS::GameLift::Alias.RoutingStrategy": { + "AWS::EMRContainers::VirtualCluster.ContainerInfo": { "additionalProperties": false, "properties": { - "FleetId": { - "markdownDescription": "A unique identifier for a fleet that the alias points to. If you specify `SIMPLE` for the `Type` property, you must specify this property.", - "title": "FleetId", - "type": "string" - }, - "Message": { - "markdownDescription": "The message text to be used with a terminal routing strategy. If you specify `TERMINAL` for the `Type` property, you must specify this property.", - "title": "Message", - "type": "string" - }, - "Type": { - "markdownDescription": "A type of routing strategy.\n\nPossible routing types include the following:\n\n- *SIMPLE* - The alias resolves to one specific fleet. Use this type when routing to active fleets.\n- *TERMINAL* - The alias does not resolve to a fleet but instead can be used to display a message to the user. A terminal alias throws a `TerminalRoutingStrategyException` with the message that you specified in the `Message` property.", - "title": "Type", - "type": "string" + "EksInfo": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.EksInfo", + "markdownDescription": "The information about the Amazon EKS cluster.", + "title": "EksInfo" } }, "required": [ - "Type" + "EksInfo" ], "type": "object" }, - "AWS::GameLift::Build": { + "AWS::EMRContainers::VirtualCluster.ContainerProvider": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Id": { + "markdownDescription": "The ID of the container cluster.\n\n*Minimum* : 1\n\n*Maximum* : 100\n\n*Pattern* : `^[0-9A-Za-z][A-Za-z0-9\\-_]*`", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A descriptive label that is associated with a build. Build names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "OperatingSystem": { - "markdownDescription": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", - "title": "OperatingSystem", - "type": "string" - }, - "ServerSdkVersion": { - "markdownDescription": "A server SDK version you used when integrating your game server build with Amazon GameLift Servers. For more information see [Integrate games with custom game servers](https://docs.aws.amazon.com/gamelift/latest/developerguide/integration-custom-intro.html) . By default Amazon GameLift Servers sets this value to `4.0.2` .", - "title": "ServerSdkVersion", - "type": "string" - }, - "StorageLocation": { - "$ref": "#/definitions/AWS::GameLift::Build.StorageLocation", - "markdownDescription": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift Servers to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift Servers will report a `SizeOnDisk` of 0.", - "title": "StorageLocation" - }, - "Version": { - "markdownDescription": "Version information that is associated with this build. Version strings do not need to be unique.", - "title": "Version", - "type": "string" - } - }, - "type": "object" + "Info": { + "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerInfo", + "markdownDescription": "The information about the container cluster.", + "title": "Info" }, "Type": { - "enum": [ - "AWS::GameLift::Build" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "The type of the container provider. Amazon EKS is the only supported type as of now.", + "title": "Type", "type": "string" } }, "required": [ + "Id", + "Info", "Type" ], "type": "object" }, - "AWS::GameLift::Build.StorageLocation": { + "AWS::EMRContainers::VirtualCluster.EksInfo": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "An Amazon S3 bucket identifier. The name of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name of the zip file that contains the build files or script files.", - "title": "Key", - "type": "string" - }, - "ObjectVersion": { - "markdownDescription": "A version of a stored file to retrieve, if the object versioning feature is turned on for the S3 bucket. Use this parameter to specify a specific version. If this parameter isn't set, Amazon GameLift Servers retrieves the latest version of the file.", - "title": "ObjectVersion", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARNfor an IAM role that allows Amazon GameLift to access the S3 bucket.", - "title": "RoleArn", + "Namespace": { + "markdownDescription": "The namespaces of the EKS cluster.\n\n*Minimum* : 1\n\n*Maximum* : 63\n\n*Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?`", + "title": "Namespace", "type": "string" } }, "required": [ - "Bucket", - "Key", - "RoleArn" + "Namespace" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition": { + "AWS::EMRServerless::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -102835,52 +111754,116 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerDefinitions": { + "Architecture": { + "markdownDescription": "The CPU architecture of an application.", + "title": "Architecture", + "type": "string" + }, + "AutoStartConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStartConfiguration", + "markdownDescription": "The configuration for an application to automatically start on job submission.", + "title": "AutoStartConfiguration" + }, + "AutoStopConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStopConfiguration", + "markdownDescription": "The configuration for an application to automatically stop after a certain amount of time being idle.", + "title": "AutoStopConfiguration" + }, + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.IdentityCenterConfiguration", + "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", + "title": "IdentityCenterConfiguration" + }, + "ImageConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", + "markdownDescription": "The image configuration applied to all worker types.", + "title": "ImageConfiguration" + }, + "InitialCapacity": { "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDefinition" + "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair" }, + "markdownDescription": "The initial capacity of the application.", + "title": "InitialCapacity", "type": "array" }, + "InteractiveConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.InteractiveConfiguration", + "markdownDescription": "The interactive configuration object that enables the interactive use cases for an application.", + "title": "InteractiveConfiguration" + }, + "MaximumCapacity": { + "$ref": "#/definitions/AWS::EMRServerless::Application.MaximumAllowedResources", + "markdownDescription": "The maximum capacity of the application. This is cumulative across all workers at any given point in time during the lifespan of the application is created. No new resources will be created once any one of the defined limits is hit.", + "title": "MaximumCapacity" + }, + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", + "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", + "title": "MonitoringConfiguration" + }, "Name": { - "markdownDescription": "A descriptive identifier for the container group definition. The name value is unique in an AWS Region.", + "markdownDescription": "The name of the application.", "title": "Name", "type": "string" }, - "OperatingSystem": { - "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", - "title": "OperatingSystem", - "type": "string" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.NetworkConfiguration", + "markdownDescription": "The network configuration for customer VPC connectivity for the application.", + "title": "NetworkConfiguration" }, - "SchedulingStrategy": { + "ReleaseLabel": { + "markdownDescription": "The EMR release associated with the application.", + "title": "ReleaseLabel", "type": "string" }, + "RuntimeConfiguration": { + "items": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" + }, + "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", + "title": "RuntimeConfiguration", + "type": "array" + }, + "SchedulerConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.SchedulerConfiguration", + "markdownDescription": "The scheduler configuration for batch and streaming jobs running on this application. Supported with release labels emr-7.0.0 and above.", + "title": "SchedulerConfiguration" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "The tags assigned to the application.", "title": "Tags", "type": "array" }, - "TotalCpuLimit": { - "type": "number" + "Type": { + "markdownDescription": "The type of application, such as Spark or Hive.", + "title": "Type", + "type": "string" }, - "TotalMemoryLimit": { - "type": "number" + "WorkerTypeSpecifications": { + "additionalProperties": false, + "markdownDescription": "The specification applied to each worker type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerTypeSpecificationInput" + } + }, + "title": "WorkerTypeSpecifications", + "type": "object" } }, "required": [ - "ContainerDefinitions", - "Name", - "OperatingSystem", - "TotalCpuLimit", - "TotalMemoryLimit" + "ReleaseLabel", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::ContainerGroupDefinition" + "AWS::EMRServerless::Application" ], "type": "string" }, @@ -102899,200 +111882,375 @@ ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerDefinition": { + "AWS::EMRServerless::Application.AutoStartConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Enables the application to automatically start on job submission.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.AutoStopConfiguration": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "type": "array" + "Enabled": { + "markdownDescription": "Enables the application to automatically stop after a certain amount of time being idle. Defaults to true.", + "title": "Enabled", + "type": "boolean" }, - "ContainerName": { + "IdleTimeoutMinutes": { + "markdownDescription": "The amount of idle time in minutes after which your application will automatically stop. Defaults to 15 minutes.", + "title": "IdleTimeoutMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.CloudWatchLoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Enables CloudWatch logging.", + "title": "Enabled", + "type": "boolean" + }, + "EncryptionKeyArn": { + "markdownDescription": "The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.", + "title": "EncryptionKeyArn", "type": "string" }, - "Cpu": { - "type": "number" + "LogGroupName": { + "markdownDescription": "The name of the log group in Amazon CloudWatch Logs where you want to publish your logs.", + "title": "LogGroupName", + "type": "string" }, - "DependsOn": { - "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" - }, - "type": "array" + "LogStreamNamePrefix": { + "markdownDescription": "Prefix for the CloudWatch log stream name.", + "title": "LogStreamNamePrefix", + "type": "string" }, - "EntryPoint": { + "LogTypeMap": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EMRServerless::Application.LogTypeMapKeyValuePair" }, + "markdownDescription": "", + "title": "LogTypeMap", "type": "array" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.ConfigurationObject": { + "additionalProperties": false, + "properties": { + "Classification": { + "markdownDescription": "The classification within a configuration.", + "title": "Classification", + "type": "string" }, - "Environment": { + "Configurations": { "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" + "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" }, + "markdownDescription": "A list of additional configurations to apply within a configuration object.", + "title": "Configurations", "type": "array" }, - "Essential": { - "type": "boolean" - }, - "HealthCheck": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck" - }, - "ImageUri": { - "type": "string" - }, - "MemoryLimits": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.MemoryLimits" - }, - "PortConfiguration": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration" - }, - "ResolvedImageDigest": { - "type": "string" - }, - "WorkingDirectory": { - "type": "string" + "Properties": { + "additionalProperties": true, + "markdownDescription": "A set of properties specified within a configuration classification.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Properties", + "type": "object" } }, "required": [ - "ContainerName", - "ImageUri" + "Classification" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerDependency": { + "AWS::EMRServerless::Application.IdentityCenterConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "The condition that the dependency container must reach before the dependent container can start. Valid conditions include:\n\n- START - The dependency container must have started.\n- COMPLETE - The dependency container has run to completion (exits). Use this condition with nonessential containers, such as those that run a script and then exit. The dependency container can't be an essential container.\n- SUCCESS - The dependency container has run to completion and exited with a zero status. The dependency container can't be an essential container.\n- HEALTHY - The dependency container has passed its Docker health check. Use this condition with dependency containers that have health checks configured. This condition is confirmed at container group startup only.", - "title": "Condition", + "IdentityCenterInstanceArn": { + "markdownDescription": "", + "title": "IdentityCenterInstanceArn", "type": "string" - }, - "ContainerName": { - "markdownDescription": "A descriptive label for the container definition that this container depends on.", - "title": "ContainerName", + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.ImageConfigurationInput": { + "additionalProperties": false, + "properties": { + "ImageUri": { + "markdownDescription": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration.", + "title": "ImageUri", "type": "string" } }, + "type": "object" + }, + "AWS::EMRServerless::Application.InitialCapacityConfig": { + "additionalProperties": false, + "properties": { + "WorkerConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerConfiguration", + "markdownDescription": "The resource configuration of the initial capacity configuration.", + "title": "WorkerConfiguration" + }, + "WorkerCount": { + "markdownDescription": "The number of workers in the initial capacity configuration.", + "title": "WorkerCount", + "type": "number" + } + }, "required": [ - "Condition", - "ContainerName" + "WorkerConfiguration", + "WorkerCount" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment": { + "AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The environment variable name.", - "title": "Name", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The environment variable value.", - "title": "Value", - "type": "string" + "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfig", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "Name", + "Key", "Value" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck": { + "AWS::EMRServerless::Application.InteractiveConfiguration": { "additionalProperties": false, "properties": { - "Command": { + "LivyEndpointEnabled": { + "markdownDescription": "Enables an Apache Livy endpoint that you can connect to and run interactive jobs.", + "title": "LivyEndpointEnabled", + "type": "boolean" + }, + "StudioEnabled": { + "markdownDescription": "Enables you to connect an application to Amazon EMR Studio to run interactive workloads in a notebook.", + "title": "StudioEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.LogTypeMapKeyValuePair": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Value": { "items": { "type": "string" }, - "markdownDescription": "A string array that specifies the command that the container runs to determine if it's healthy.", - "title": "Command", + "markdownDescription": "", + "title": "Value", "type": "array" - }, - "Interval": { - "markdownDescription": "The time period (in seconds) between each health check.", - "title": "Interval", - "type": "number" - }, - "Retries": { - "markdownDescription": "The number of times to retry a failed health check before flagging the container unhealthy. The first run of the command does not count as a retry.", - "title": "Retries", - "type": "number" - }, - "StartPeriod": { - "markdownDescription": "The optional grace period (in seconds) to give a container time to bootstrap before the first failed health check counts toward the number of retries.", - "title": "StartPeriod", - "type": "number" - }, - "Timeout": { - "markdownDescription": "The time period (in seconds) to wait for a health check to succeed before counting a failed health check.", - "title": "Timeout", - "type": "number" } }, "required": [ - "Command" + "Key", + "Value" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.ContainerPortRange": { + "AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "A starting value for the range of allowed port numbers.", - "title": "FromPort", - "type": "number" + "Enabled": { + "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", + "title": "Enabled", + "type": "boolean" }, - "Protocol": { - "markdownDescription": "The network protocol that these ports support.", - "title": "Protocol", + "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", + "title": "EncryptionKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.MaximumAllowedResources": { + "additionalProperties": false, + "properties": { + "Cpu": { + "markdownDescription": "The maximum allowed CPU for an application.", + "title": "Cpu", "type": "string" }, - "ToPort": { - "markdownDescription": "An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", - "title": "ToPort", - "type": "number" + "Disk": { + "markdownDescription": "The maximum allowed disk for an application.", + "title": "Disk", + "type": "string" + }, + "Memory": { + "markdownDescription": "The maximum allowed resources for an application.", + "title": "Memory", + "type": "string" } }, "required": [ - "FromPort", - "Protocol", - "ToPort" + "Cpu", + "Memory" ], "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.MemoryLimits": { + "AWS::EMRServerless::Application.MonitoringConfiguration": { "additionalProperties": false, "properties": { - "HardLimit": { - "type": "number" + "CloudWatchLoggingConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.CloudWatchLoggingConfiguration", + "markdownDescription": "The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch.", + "title": "CloudWatchLoggingConfiguration" }, - "SoftLimit": { - "type": "number" + "ManagedPersistenceMonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", + "markdownDescription": "The managed log persistence configuration for a job run.", + "title": "ManagedPersistenceMonitoringConfiguration" + }, + "PrometheusMonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.PrometheusMonitoringConfiguration", + "markdownDescription": "The monitoring configuration object you can configure to send metrics to Amazon Managed Service for Prometheus for a job run.", + "title": "PrometheusMonitoringConfiguration" + }, + "S3MonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", + "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", + "title": "S3MonitoringConfiguration" } }, "type": "object" }, - "AWS::GameLift::ContainerGroupDefinition.PortConfiguration": { + "AWS::EMRServerless::Application.NetworkConfiguration": { "additionalProperties": false, "properties": { - "ContainerPortRanges": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerPortRange" + "type": "string" }, - "markdownDescription": "", - "title": "ContainerPortRanges", + "markdownDescription": "The array of security group Ids for customer VPC connectivity.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of subnet Ids for customer VPC connectivity.", + "title": "SubnetIds", "type": "array" } }, + "type": "object" + }, + "AWS::EMRServerless::Application.PrometheusMonitoringConfiguration": { + "additionalProperties": false, + "properties": { + "RemoteWriteUrl": { + "markdownDescription": "The remote write URL in the Amazon Managed Service for Prometheus workspace to send metrics to.", + "title": "RemoteWriteUrl", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.S3MonitoringConfiguration": { + "additionalProperties": false, + "properties": { + "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", + "title": "EncryptionKeyArn", + "type": "string" + }, + "LogUri": { + "markdownDescription": "The Amazon S3 destination URI for log publishing.", + "title": "LogUri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.SchedulerConfiguration": { + "additionalProperties": false, + "properties": { + "MaxConcurrentRuns": { + "markdownDescription": "The maximum concurrent job runs on this application. If scheduler configuration is enabled on your application, the default value is 15. The valid range is 1 to 1000.", + "title": "MaxConcurrentRuns", + "type": "number" + }, + "QueueTimeoutMinutes": { + "markdownDescription": "The maximum duration in minutes for the job in QUEUED state. If scheduler configuration is enabled on your application, the default value is 360 minutes (6 hours). The valid range is from 15 to 720.", + "title": "QueueTimeoutMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EMRServerless::Application.WorkerConfiguration": { + "additionalProperties": false, + "properties": { + "Cpu": { + "markdownDescription": "The CPU requirements of the worker configuration. Each worker can have 1, 2, 4, 8, or 16 vCPUs.", + "title": "Cpu", + "type": "string" + }, + "Disk": { + "markdownDescription": "The disk requirements of the worker configuration.", + "title": "Disk", + "type": "string" + }, + "DiskType": { + "markdownDescription": "The disk type for every worker instance of the work type. Shuffle optimized disks have higher performance characteristics and are better for shuffle heavy workloads. Default is `STANDARD` .", + "title": "DiskType", + "type": "string" + }, + "Memory": { + "markdownDescription": "The memory requirements of the worker configuration.", + "title": "Memory", + "type": "string" + } + }, "required": [ - "ContainerPortRanges" + "Cpu", + "Memory" ], "type": "object" }, - "AWS::GameLift::Fleet": { + "AWS::EMRServerless::Application.WorkerTypeSpecificationInput": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", + "markdownDescription": "The image configuration for a worker type.", + "title": "ImageConfiguration" + } + }, + "type": "object" + }, + "AWS::EVS::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -103127,144 +112285,98 @@ "Properties": { "additionalProperties": false, "properties": { - "AnywhereConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.AnywhereConfiguration", - "markdownDescription": "Amazon GameLift Servers Anywhere configuration options.", - "title": "AnywhereConfiguration" + "ConnectivityInfo": { + "$ref": "#/definitions/AWS::EVS::Environment.ConnectivityInfo", + "markdownDescription": "The connectivity configuration for the environment. Amazon EVS requires that you specify two route server peer IDs. During environment creation, the route server endpoints peer with the NSX uplink VLAN for connectivity to the NSX overlay network.", + "title": "ConnectivityInfo" }, - "ApplyCapacity": { - "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", - "title": "ApplyCapacity", + "EnvironmentName": { + "markdownDescription": "The name of the environment.", + "title": "EnvironmentName", "type": "string" }, - "BuildId": { - "markdownDescription": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a `READY` status. This fleet setting cannot be changed once the fleet is created.", - "title": "BuildId", - "type": "string" + "Hosts": { + "items": { + "$ref": "#/definitions/AWS::EVS::Environment.HostInfoForCreate" + }, + "markdownDescription": "Required for environment resource creation.", + "title": "Hosts", + "type": "array" }, - "CertificateConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.CertificateConfiguration", - "markdownDescription": "Prompts Amazon GameLift Servers to generate a TLS/SSL certificate for the fleet. Amazon GameLift Servers uses the certificates to encrypt traffic between game clients and the game servers running on Amazon GameLift Servers. By default, the `CertificateConfiguration` is `DISABLED` . You can't change this property after you create the fleet.\n\nAWS Certificate Manager (ACM) certificates expire after 13 months. Certificate expiration can cause fleets to fail, preventing players from connecting to instances in the fleet. We recommend you replace fleets before 13 months, consider using fleet aliases for a smooth transition.\n\n> ACM isn't available in all AWS regions. A fleet creation request with certificate generation enabled in an unsupported Region, fails with a 4xx error. For more information about the supported Regions, see [Supported Regions](https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html) in the *AWS Certificate Manager User Guide* .", - "title": "CertificateConfiguration" + "InitialVlans": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlans", + "markdownDescription": "> Amazon EVS is in public preview release and is subject to change. \n\nThe initial VLAN subnets for the environment. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC.\n\nRequired for environment resource creation.", + "title": "InitialVlans" }, - "ComputeType": { - "markdownDescription": "The type of compute resource used to host your game servers.\n\n- `EC2` \u2013 The game server build is deployed to Amazon EC2 instances for cloud hosting. This is the default setting.\n- `ANYWHERE` \u2013 Game servers and supporting software are deployed to compute resources that you provide and manage. With this compute type, you can also set the `AnywhereConfiguration` parameter.", - "title": "ComputeType", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key ID that AWS Secrets Manager uses to encrypt secrets that are associated with the environment. These secrets contain the VCF credentials that are needed to install vCenter Server, NSX, and SDDC Manager.\n\nBy default, Amazon EVS use the AWS Secrets Manager managed key `aws/secretsmanager` . You can also specify a customer managed key.", + "title": "KmsKeyId", "type": "string" }, - "ContainerGroupsConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ContainerGroupsConfiguration" + "LicenseInfo": { + "$ref": "#/definitions/AWS::EVS::Environment.LicenseInfo", + "markdownDescription": "The license information that Amazon EVS requires to create an environment. Amazon EVS requires two license keys: a VCF solution key and a vSAN license key. The VCF solution key must cover a minimum of 256 cores. The vSAN license key must provide at least 110 TiB of vSAN capacity.", + "title": "LicenseInfo" + }, + "ServiceAccessSecurityGroups": { + "$ref": "#/definitions/AWS::EVS::Environment.ServiceAccessSecurityGroups", + "markdownDescription": "The security groups that allow traffic between the Amazon EVS control plane and your VPC for service access. If a security group is not specified, Amazon EVS uses the default security group in your account for service access.", + "title": "ServiceAccessSecurityGroups" }, - "Description": { - "markdownDescription": "A description for the fleet.", - "title": "Description", + "ServiceAccessSubnetId": { + "markdownDescription": "The subnet that is used to establish connectivity between the Amazon EVS control plane and VPC. Amazon EVS uses this subnet to perform validations and create the environment.", + "title": "ServiceAccessSubnetId", "type": "string" }, - "DesiredEC2Instances": { - "type": "number" + "SiteId": { + "markdownDescription": "The Broadcom Site ID that is associated with your Amazon EVS environment. Amazon EVS uses the Broadcom Site ID that you provide to meet Broadcom VCF license usage reporting requirements for Amazon EVS.", + "title": "SiteId", + "type": "string" }, - "EC2InboundPermissions": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.IpPermission" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet. Set this parameter for managed EC2 fleets. You can leave this parameter empty when creating the fleet, but you must call [](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings) to set it before players can connect to game sessions. As a best practice, we recommend opening ports for remote access only when you need them and closing them when you're finished. For Amazon GameLift Servers Realtime fleets, Amazon GameLift Servers automatically sets TCP and UDP ranges.", - "title": "EC2InboundPermissions", - "type": "array" - }, - "EC2InstanceType": { - "markdownDescription": "The Amazon GameLift Servers-supported Amazon EC2 instance type to use with managed EC2 fleets. Instance type determines the computing resources that will be used to host your game servers, including CPU, memory, storage, and networking capacity. See [Amazon Elastic Compute Cloud Instance Types](https://docs.aws.amazon.com/ec2/instance-types/) for detailed descriptions of Amazon EC2 instance types.", - "title": "EC2InstanceType", - "type": "string" - }, - "FleetType": { - "markdownDescription": "Indicates whether to use On-Demand or Spot instances for this fleet. By default, this property is set to `ON_DEMAND` . Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . This fleet property can't be changed after the fleet is created.", - "title": "FleetType", - "type": "string" - }, - "InstanceRoleARN": { - "markdownDescription": "A unique identifier for an IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN by using the [IAM dashboard](https://docs.aws.amazon.com/iam/) in the AWS Management Console . Learn more about using on-box credentials for your game servers at [Access external resources from a game server](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", - "title": "InstanceRoleARN", - "type": "string" - }, - "InstanceRoleCredentialsProvider": { - "markdownDescription": "Indicates that fleet instances maintain a shared credentials file for the IAM role defined in `InstanceRoleArn` . Shared credentials allow applications that are deployed with the game server executable to communicate with other AWS resources. This property is used only when the game server is integrated with the server SDK version 5.x. For more information about using shared credentials, see [Communicate with other AWS resources from your fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", - "title": "InstanceRoleCredentialsProvider", - "type": "string" - }, - "Locations": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.LocationConfiguration" - }, - "markdownDescription": "A set of remote locations to deploy additional instances to and manage as a multi-location fleet. Use this parameter when creating a fleet in AWS Regions that support multiple locations. You can add any AWS Region or Local Zone that's supported by Amazon GameLift Servers. Provide a list of one or more AWS Region codes, such as `us-west-2` , or Local Zone names. When using this parameter, Amazon GameLift Servers requires you to include your home location in the request. For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", - "title": "Locations", - "type": "array" - }, - "MaxSize": { - "type": "number" - }, - "MetricGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. A metric group is used to aggregate the metrics for multiple fleets. You can specify an existing metric group name or set a new name to create a new metric group. A fleet can be included in only one metric group at a time.", - "title": "MetricGroups", + "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", + "title": "Tags", "type": "array" }, - "MinSize": { - "type": "number" - }, - "Name": { - "markdownDescription": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique.", - "title": "Name", - "type": "string" - }, - "NewGameSessionProtectionPolicy": { - "markdownDescription": "The status of termination protection for active game sessions on the fleet. By default, this property is set to `NoProtection` .\n\n- *NoProtection* - Game sessions can be terminated during active gameplay as a result of a scale-down event.\n- *FullProtection* - Game sessions in `ACTIVE` status cannot be terminated during a scale-down event.", - "title": "NewGameSessionProtectionPolicy", - "type": "string" + "TermsAccepted": { + "markdownDescription": "Customer confirmation that the customer has purchased and will continue to maintain the required number of VCF software licenses to cover all physical processor cores in the Amazon EVS environment. Information about your VCF software in Amazon EVS will be shared with Broadcom to verify license compliance.", + "title": "TermsAccepted", + "type": "boolean" }, - "PeerVpcAwsAccountId": { - "markdownDescription": "Used when peering your Amazon GameLift Servers fleet with a VPC, the unique identifier for the AWS account that owns the VPC. You can find your account ID in the AWS Management Console under account settings.", - "title": "PeerVpcAwsAccountId", - "type": "string" + "VcfHostnames": { + "$ref": "#/definitions/AWS::EVS::Environment.VcfHostnames", + "markdownDescription": "The DNS hostnames to be used by the VCF management appliances in your environment.\n\nFor environment creation to be successful, each hostname entry must resolve to a domain name that you've registered in your DNS service of choice and configured in the DHCP option set of your VPC. DNS hostnames cannot be changed after environment creation has started.", + "title": "VcfHostnames" }, - "PeerVpcId": { - "markdownDescription": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift Servers fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the [VPC Dashboard](https://docs.aws.amazon.com/vpc/) in the AWS Management Console . Learn more about VPC peering in [VPC Peering with Amazon GameLift Servers Fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/vpc-peering.html) .", - "title": "PeerVpcId", + "VcfVersion": { + "markdownDescription": "The VCF version of the environment.", + "title": "VcfVersion", "type": "string" }, - "ResourceCreationLimitPolicy": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", - "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", - "title": "ResourceCreationLimitPolicy" - }, - "RuntimeConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.RuntimeConfiguration", - "markdownDescription": "Instructions for how to launch and maintain server processes on instances in the fleet. The runtime configuration defines one or more server process configurations, each identifying a build executable or Realtime script file and the number of processes of that type to run concurrently.\n\n> The `RuntimeConfiguration` parameter is required unless the fleet is being configured using the older parameters `ServerLaunchPath` and `ServerLaunchParameters` , which are still supported for backward compatibility.", - "title": "RuntimeConfiguration" - }, - "ScalingPolicies": { - "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ScalingPolicy" - }, - "markdownDescription": "Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.", - "title": "ScalingPolicies", - "type": "array" - }, - "ScriptId": { - "markdownDescription": "The unique identifier for a Realtime configuration script to be deployed on fleet instances. You can use either the script ID or ARN. Scripts must be uploaded to Amazon GameLift Servers prior to creating the fleet. This fleet property cannot be changed later.\n\n> You can't use the `!Ref` command to reference a script created with a CloudFormation template for the fleet property `ScriptId` . Instead, use `Fn::GetAtt Script.Arn` or `Fn::GetAtt Script.Id` to retrieve either of these properties as input for `ScriptId` . Alternatively, enter a `ScriptId` string manually.", - "title": "ScriptId", + "VpcId": { + "markdownDescription": "The VPC associated with the environment.", + "title": "VpcId", "type": "string" } }, "required": [ - "Name" + "ConnectivityInfo", + "LicenseInfo", + "ServiceAccessSubnetId", + "SiteId", + "TermsAccepted", + "VcfHostnames", + "VcfVersion", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::Fleet" + "AWS::EVS::Environment" ], "type": "string" }, @@ -103283,311 +112395,274 @@ ], "type": "object" }, - "AWS::GameLift::Fleet.AnywhereConfiguration": { + "AWS::EVS::Environment.Check": { "additionalProperties": false, "properties": { - "Cost": { - "markdownDescription": "The cost to run your fleet per hour. Amazon GameLift Servers uses the provided cost of your fleet to balance usage in queues. For more information about queues, see [Setting up queues](https://docs.aws.amazon.com/gamelift/latest/developerguide/queues-intro.html) in the *Amazon GameLift Servers Developer Guide* .", - "title": "Cost", + "ImpairedSince": { + "markdownDescription": "The time when environment health began to be impaired.", + "title": "ImpairedSince", "type": "string" - } - }, - "required": [ - "Cost" - ], - "type": "object" - }, - "AWS::GameLift::Fleet.CertificateConfiguration": { - "additionalProperties": false, - "properties": { - "CertificateType": { - "markdownDescription": "Indicates whether a TLS/SSL certificate is generated for a fleet.\n\nValid values include:\n\n- *GENERATED* - Generate a TLS/SSL certificate for this fleet.\n- *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet.", - "title": "CertificateType", + }, + "Result": { + "markdownDescription": "The check result.", + "title": "Result", "type": "string" - } - }, - "required": [ - "CertificateType" - ], - "type": "object" - }, - "AWS::GameLift::Fleet.ConnectionPortRange": { - "additionalProperties": false, - "properties": { - "FromPort": { - "type": "number" }, - "ToPort": { - "type": "number" + "Type": { + "markdownDescription": "The check type. Amazon EVS performs the following checks.\n\n- `KEY_REUSE` : checks that the VCF license key is not used by another Amazon EVS environment. This check fails if a used license is added to the environment.\n- `KEY_COVERAGE` : checks that your VCF license key allocates sufficient vCPU cores for all deployed hosts. The check fails when any assigned hosts in the EVS environment are not covered by license keys, or when any unassigned hosts cannot be covered by available vCPU cores in keys.\n- `REACHABILITY` : checks that the Amazon EVS control plane has a persistent connection to SDDC Manager. If Amazon EVS cannot reach the environment, this check fails.\n- `HOST_COUNT` : Checks that your environment has a minimum of 4 hosts, which is a requirement for VCF 5.2.1.\n\nIf this check fails, you will need to add hosts so that your environment meets this minimum requirement. Amazon EVS only supports environments with 4-16 hosts.", + "title": "Type", + "type": "string" } }, "required": [ - "FromPort", - "ToPort" + "Result", + "Type" ], "type": "object" }, - "AWS::GameLift::Fleet.ContainerGroupsConfiguration": { + "AWS::EVS::Environment.ConnectivityInfo": { "additionalProperties": false, "properties": { - "ConnectionPortRange": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ConnectionPortRange" - }, - "ContainerGroupDefinitionNames": { + "PrivateRouteServerPeerings": { "items": { "type": "string" }, + "markdownDescription": "The unique IDs for private route server peers.", + "title": "PrivateRouteServerPeerings", "type": "array" - }, - "ContainerGroupsPerInstance": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ContainerGroupsPerInstance" } }, "required": [ - "ConnectionPortRange", - "ContainerGroupDefinitionNames" + "PrivateRouteServerPeerings" ], "type": "object" }, - "AWS::GameLift::Fleet.ContainerGroupsPerInstance": { + "AWS::EVS::Environment.HostInfoForCreate": { "additionalProperties": false, "properties": { - "DesiredReplicaContainerGroupsPerInstance": { - "type": "number" + "DedicatedHostId": { + "markdownDescription": "The unique ID of the Amazon EC2 Dedicated Host.", + "title": "DedicatedHostId", + "type": "string" }, - "MaxReplicaContainerGroupsPerInstance": { - "type": "number" + "HostName": { + "markdownDescription": "The DNS hostname of the host. DNS hostnames for hosts must be unique across Amazon EVS environments and within VCF.", + "title": "HostName", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The EC2 instance type that represents the host.", + "title": "InstanceType", + "type": "string" + }, + "KeyName": { + "markdownDescription": "The name of the SSH key that is used to access the host.", + "title": "KeyName", + "type": "string" + }, + "PlacementGroupId": { + "markdownDescription": "The unique ID of the placement group where the host is placed.", + "title": "PlacementGroupId", + "type": "string" } }, + "required": [ + "HostName", + "InstanceType", + "KeyName" + ], "type": "object" }, - "AWS::GameLift::Fleet.IpPermission": { + "AWS::EVS::Environment.InitialVlanInfo": { "additionalProperties": false, "properties": { - "FromPort": { - "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", - "title": "FromPort", - "type": "number" - }, - "IpRange": { - "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", - "title": "IpRange", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The network communication protocol used by the fleet.", - "title": "Protocol", + "Cidr": { + "markdownDescription": "The CIDR block that you provide to create an Amazon EVS VLAN subnet. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC.", + "title": "Cidr", "type": "string" - }, - "ToPort": { - "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", - "title": "ToPort", - "type": "number" } }, "required": [ - "FromPort", - "IpRange", - "Protocol", - "ToPort" + "Cidr" ], "type": "object" }, - "AWS::GameLift::Fleet.LocationCapacity": { + "AWS::EVS::Environment.InitialVlans": { "additionalProperties": false, "properties": { - "DesiredEC2Instances": { - "markdownDescription": "The number of Amazon EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. Changes in desired instance value can take up to 1 minute to be reflected when viewing the fleet's capacity settings.", - "title": "DesiredEC2Instances", - "type": "number" + "EdgeVTep": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The edge VTEP VLAN subnet. This VLAN subnet manages traffic flowing between the internal network and external networks, including internet access and other site connections.", + "title": "EdgeVTep" }, - "MaxSize": { - "markdownDescription": "The maximum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 1.", - "title": "MaxSize", - "type": "number" + "ExpansionVlan1": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.", + "title": "ExpansionVlan1" }, - "MinSize": { - "markdownDescription": "The minimum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 0.", - "title": "MinSize", - "type": "number" + "ExpansionVlan2": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.", + "title": "ExpansionVlan2" + }, + "Hcx": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The HCX VLAN subnet. This VLAN subnet allows the HCX Interconnnect (IX) and HCX Network Extension (NE) to reach their peers and enable HCX Service Mesh creation.", + "title": "Hcx" + }, + "NsxUpLink": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The NSX uplink VLAN subnet. This VLAN subnet allows connectivity to the NSX overlay network.", + "title": "NsxUpLink" + }, + "VMotion": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The vMotion VLAN subnet. This VLAN subnet carries traffic for vSphere vMotion.", + "title": "VMotion" + }, + "VSan": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The vSAN VLAN subnet. This VLAN subnet carries the communication between ESXi hosts to implement a vSAN shared storage pool.", + "title": "VSan" + }, + "VTep": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The VTEP VLAN subnet. This VLAN subnet handles internal network traffic between virtual machines within a VCF instance.", + "title": "VTep" + }, + "VmManagement": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The VM management VLAN subnet. This VLAN subnet carries traffic for vSphere virtual machines.", + "title": "VmManagement" + }, + "VmkManagement": { + "$ref": "#/definitions/AWS::EVS::Environment.InitialVlanInfo", + "markdownDescription": "The host VMkernel management VLAN subnet. This VLAN subnet carries traffic for managing ESXi hosts and communicating with VMware vCenter Server.", + "title": "VmkManagement" } }, "required": [ - "DesiredEC2Instances", - "MaxSize", - "MinSize" + "EdgeVTep", + "ExpansionVlan1", + "ExpansionVlan2", + "Hcx", + "NsxUpLink", + "VMotion", + "VSan", + "VTep", + "VmManagement", + "VmkManagement" ], "type": "object" }, - "AWS::GameLift::Fleet.LocationConfiguration": { + "AWS::EVS::Environment.LicenseInfo": { "additionalProperties": false, "properties": { - "Location": { - "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", - "title": "Location", + "SolutionKey": { + "markdownDescription": "The VCF solution key. This license unlocks VMware VCF product features, including vSphere, NSX, SDDC Manager, and vCenter Server. The VCF solution key must cover a minimum of 256 cores.", + "title": "SolutionKey", "type": "string" }, - "LocationCapacity": { - "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", - "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", - "title": "LocationCapacity" + "VsanKey": { + "markdownDescription": "The VSAN license key. This license unlocks vSAN features. The vSAN license key must provide at least 110 TiB of vSAN capacity.", + "title": "VsanKey", + "type": "string" } }, "required": [ - "Location" + "SolutionKey", + "VsanKey" ], "type": "object" }, - "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { + "AWS::EVS::Environment.Secret": { "additionalProperties": false, "properties": { - "NewGameSessionsPerCreator": { - "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy is evaluated when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", - "title": "NewGameSessionsPerCreator", - "type": "number" - }, - "PolicyPeriodInMinutes": { - "markdownDescription": "The time span used in evaluating the resource creation limit policy.", - "title": "PolicyPeriodInMinutes", - "type": "number" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret.", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::GameLift::Fleet.RuntimeConfiguration": { + "AWS::EVS::Environment.ServiceAccessSecurityGroups": { "additionalProperties": false, "properties": { - "GameSessionActivationTimeoutSeconds": { - "markdownDescription": "The maximum amount of time (in seconds) allowed to launch a new game session and have it report ready to host players. During this time, the game session is in status `ACTIVATING` . If the game session does not become active before the timeout, it is ended and the game session status is changed to `TERMINATED` .", - "title": "GameSessionActivationTimeoutSeconds", - "type": "number" - }, - "MaxConcurrentGameSessionActivations": { - "markdownDescription": "The number of game sessions in status `ACTIVATING` to allow on an instance or compute. This setting limits the instance resources that can be used for new game activations at any one time.", - "title": "MaxConcurrentGameSessionActivations", - "type": "number" - }, - "ServerProcesses": { + "SecurityGroups": { "items": { - "$ref": "#/definitions/AWS::GameLift::Fleet.ServerProcess" + "type": "string" }, - "markdownDescription": "A collection of server process configurations that identify what server processes to run on fleet computes.", - "title": "ServerProcesses", + "markdownDescription": "The security groups that allow service access.", + "title": "SecurityGroups", "type": "array" } }, "type": "object" }, - "AWS::GameLift::Fleet.ScalingPolicy": { + "AWS::EVS::Environment.VcfHostnames": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", - "title": "ComparisonOperator", - "type": "string" - }, - "EvaluationPeriods": { - "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", - "title": "EvaluationPeriods", - "type": "number" - }, - "Location": { - "markdownDescription": "The fleet location.", - "title": "Location", + "CloudBuilder": { + "markdownDescription": "The hostname for VMware Cloud Builder.", + "title": "CloudBuilder", "type": "string" }, - "MetricName": { - "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", - "title": "MetricName", + "Nsx": { + "markdownDescription": "The VMware NSX hostname.", + "title": "Nsx", "type": "string" }, - "Name": { - "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", - "title": "Name", + "NsxEdge1": { + "markdownDescription": "The hostname for the first NSX Edge node.", + "title": "NsxEdge1", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", - "title": "PolicyType", + "NsxEdge2": { + "markdownDescription": "The hostname for the second NSX Edge node.", + "title": "NsxEdge2", "type": "string" }, - "ScalingAdjustment": { - "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", - "title": "ScalingAdjustment", - "type": "number" - }, - "ScalingAdjustmentType": { - "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", - "title": "ScalingAdjustmentType", + "NsxManager1": { + "markdownDescription": "The hostname for the first VMware NSX Manager virtual machine (VM).", + "title": "NsxManager1", "type": "string" }, - "Status": { - "markdownDescription": "Current status of the scaling policy. The scaling policy can be in force only when in an `ACTIVE` status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.\n\n- *ACTIVE* -- The scaling policy can be used for auto-scaling a fleet.\n- *UPDATE_REQUESTED* -- A request to update the scaling policy has been received.\n- *UPDATING* -- A change is being made to the scaling policy.\n- *DELETE_REQUESTED* -- A request to delete the scaling policy has been received.\n- *DELETING* -- The scaling policy is being deleted.\n- *DELETED* -- The scaling policy has been deleted.\n- *ERROR* -- An error occurred in creating the policy. It should be removed and recreated.", - "title": "Status", + "NsxManager2": { + "markdownDescription": "The hostname for the second VMware NSX Manager virtual machine (VM).", + "title": "NsxManager2", "type": "string" }, - "TargetConfiguration": { - "$ref": "#/definitions/AWS::GameLift::Fleet.TargetConfiguration", - "markdownDescription": "An object that contains settings for a target-based scaling policy.", - "title": "TargetConfiguration" - }, - "Threshold": { - "markdownDescription": "Metric value used to trigger a scaling event.", - "title": "Threshold", - "type": "number" - }, - "UpdateStatus": { - "markdownDescription": "The current status of the fleet's scaling policies in a requested fleet location. The status `PENDING_UPDATE` indicates that an update was requested for the fleet but has not yet been completed for the location.", - "title": "UpdateStatus", + "NsxManager3": { + "markdownDescription": "The hostname for the third VMware NSX Manager virtual machine (VM).", + "title": "NsxManager3", "type": "string" - } - }, - "required": [ - "MetricName", - "Name" - ], - "type": "object" - }, - "AWS::GameLift::Fleet.ServerProcess": { - "additionalProperties": false, - "properties": { - "ConcurrentExecutions": { - "markdownDescription": "The number of server processes using this configuration that run concurrently on each instance or compute.", - "title": "ConcurrentExecutions", - "type": "number" }, - "LaunchPath": { - "markdownDescription": "The location of a game build executable or Realtime script. Game builds and Realtime scripts are installed on instances at the root:\n\n- Windows (custom game builds only): `C:\\game` . Example: \" `C:\\game\\MyGame\\server.exe` \"\n- Linux: `/local/game` . Examples: \" `/local/game/MyGame/server.exe` \" or \" `/local/game/MyRealtimeScript.js` \"\n\n> Amazon GameLift Servers doesn't support the use of setup scripts that launch the game executable. For custom game builds, this parameter must indicate the executable that calls the server SDK operations `initSDK()` and `ProcessReady()` .", - "title": "LaunchPath", + "SddcManager": { + "markdownDescription": "The hostname for SDDC Manager.", + "title": "SddcManager", "type": "string" }, - "Parameters": { - "markdownDescription": "An optional list of parameters to pass to the server executable or Realtime script on launch.\n\nLength Constraints: Minimum length of 1. Maximum length of 1024.\n\nPattern: [A-Za-z0-9_:.+\\/\\\\\\- =@{},?'\\[\\]\"]+", - "title": "Parameters", + "VCenter": { + "markdownDescription": "The VMware vCenter hostname.", + "title": "VCenter", "type": "string" } }, "required": [ - "ConcurrentExecutions", - "LaunchPath" - ], - "type": "object" - }, - "AWS::GameLift::Fleet.TargetConfiguration": { - "additionalProperties": false, - "properties": { - "TargetValue": { - "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", - "title": "TargetValue", - "type": "number" - } - }, - "required": [ - "TargetValue" + "CloudBuilder", + "Nsx", + "NsxEdge1", + "NsxEdge2", + "NsxManager1", + "NsxManager2", + "NsxManager3", + "SddcManager", + "VCenter" ], "type": "object" }, - "AWS::GameLift::GameServerGroup": { + "AWS::ElastiCache::CacheCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -103622,86 +112697,160 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoScalingPolicy": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.AutoScalingPolicy", - "markdownDescription": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. The scaling policy uses the metric `\"PercentUtilizedGameServers\"` to maintain a buffer of idle game servers that can immediately accommodate new games and players. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "AutoScalingPolicy" + "AZMode": { + "markdownDescription": "Specifies whether the nodes in this Memcached cluster are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region.\n\nThis parameter is only supported for Memcached clusters.\n\nIf the `AZMode` and `PreferredAvailabilityZones` are not specified, ElastiCache assumes `single-az` mode.", + "title": "AZMode", + "type": "string" }, - "BalancingStrategy": { - "markdownDescription": "Indicates how Amazon GameLift Servers FleetIQ balances the use of Spot Instances and On-Demand Instances in the game server group. Method options include the following:\n\n- `SPOT_ONLY` - Only Spot Instances are used in the game server group. If Spot Instances are unavailable or not viable for game hosting, the game server group provides no hosting capacity until Spot Instances can again be used. Until then, no new instances are started, and the existing nonviable Spot Instances are terminated (after current gameplay ends) and are not replaced.\n- `SPOT_PREFERRED` - (default value) Spot Instances are used whenever available in the game server group. If Spot Instances are unavailable, the game server group continues to provide hosting capacity by falling back to On-Demand Instances. Existing nonviable Spot Instances are terminated (after current gameplay ends) and are replaced with new On-Demand Instances.\n- `ON_DEMAND_ONLY` - Only On-Demand Instances are used in the game server group. No Spot Instances are used, even when available, while this balancing strategy is in force.", - "title": "BalancingStrategy", + "AutoMinorVersionUpgrade": { + "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "CacheNodeType": { + "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. Changing the CacheNodeType of a Memcached instance is currently not supported. If you need to scale using Memcached, we recommend forcing a replacement update by changing the `LogicalResourceId` of the resource.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.8xlarge` , `cache.m6g.12xlarge` , `cache.m6g.16xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.8xlarge` , `cache.r6g.12xlarge` , `cache.r6g.16xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n\n*Additional node type info*\n\n- All current generation instance types are created in Amazon VPC by default.\n- Valkey and Redis OSS append-only files (AOF) are not supported for T1 or T2 instances.\n- Valkey and Redis OSS Multi-AZ with automatic failover is not supported on T1 instances.\n- Redis OSS configuration variables `appendonly` and `appendfsync` are not supported on Redis OSS version 2.8.22 and later.", + "title": "CacheNodeType", "type": "string" }, - "DeleteOption": { - "markdownDescription": "The type of delete to perform. To delete a game server group, specify the `DeleteOption` . Options include the following:\n\n- `SAFE_DELETE` \u2013 (default) Terminates the game server group and Amazon EC2 Auto Scaling group only when it has no game servers that are in `UTILIZED` status.\n- `FORCE_DELETE` \u2013 Terminates the game server group, including all active game servers regardless of their utilization status, and the Amazon EC2 Auto Scaling group.\n- `RETAIN` \u2013 Does a safe delete of the game server group but retains the Amazon EC2 Auto Scaling group as is.", - "title": "DeleteOption", + "CacheParameterGroupName": { + "markdownDescription": "The name of the parameter group to associate with this cluster. If this argument is omitted, the default parameter group for the specified engine is used. You cannot use any parameter group which has `cluster-enabled='yes'` when creating a cluster.", + "title": "CacheParameterGroupName", "type": "string" }, - "GameServerGroupName": { - "markdownDescription": "A developer-defined identifier for the game server group. The name is unique for each Region in each AWS account.", - "title": "GameServerGroupName", + "CacheSecurityGroupNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group names to associate with this cluster.\n\nUse this parameter only when you are creating a cluster outside of an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "CacheSecurityGroupNames", + "type": "array" + }, + "CacheSubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see `[AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .`", + "title": "CacheSubnetGroupName", "type": "string" }, - "GameServerProtectionPolicy": { - "markdownDescription": "A flag that indicates whether instances in the game server group are protected from early termination. Unprotected instances that have active game servers running might be terminated during a scale-down event, causing players to be dropped from the game. Protected instances cannot be terminated while there are active game servers running except in the event of a forced game server group deletion (see ). An exception to this is with Spot Instances, which can be terminated by AWS regardless of protection status.", - "title": "GameServerProtectionPolicy", + "ClusterName": { + "markdownDescription": "A name for the cache cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the cache cluster. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe name must contain 1 to 50 alphanumeric characters or hyphens. The name must start with a letter and cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ClusterName", "type": "string" }, - "InstanceDefinitions": { + "Engine": { + "markdownDescription": "The name of the cache engine to be used for this cluster.\n\nValid values for this parameter are: `memcached` | valkey | `redis`", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the cache engine to be used for this cluster. To view the supported cache engine versions, use the DescribeCacheEngineVersions operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ), but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", + "title": "EngineVersion", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The network type you choose when modifying a cluster, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "IpDiscovery", + "type": "string" + }, + "LogDeliveryConfigurations": { "items": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.InstanceDefinition" + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest" }, - "markdownDescription": "The set of Amazon EC2 instance types that Amazon GameLift Servers FleetIQ can use when balancing and automatically scaling instances in the corresponding Auto Scaling group.", - "title": "InstanceDefinitions", + "markdownDescription": "Specifies the destination, format and type of the logs.", + "title": "LogDeliveryConfigurations", "type": "array" }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.LaunchTemplate", - "markdownDescription": "The Amazon EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. You can specify the template using either the template name or ID. For help with creating a launch template, see [Creating a Launch Template for an Auto Scaling Group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.\n\n> If you specify network interfaces in your launch template, you must explicitly set the property `AssociatePublicIpAddress` to \"true\". If no network interface is specified in the launch template, Amazon GameLift Servers FleetIQ uses your account's default VPC.", - "title": "LaunchTemplate" + "NetworkType": { + "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "NetworkType", + "type": "string" }, - "MaxSize": { - "markdownDescription": "The maximum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and EC2 do not scale up the group above this maximum. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "MaxSize", + "NotificationTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", + "title": "NotificationTopicArn", + "type": "string" + }, + "NumCacheNodes": { + "markdownDescription": "The number of cache nodes that the cache cluster should have.\n\n> However, if the `PreferredAvailabilityZone` and `PreferredAvailabilityZones` properties were not previously specified and you don't specify any new values, an update requires [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NumCacheNodes", "type": "number" }, - "MinSize": { - "markdownDescription": "The minimum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and Amazon EC2 do not scale down the group below this minimum. In production, this value should be set to at least 1. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", - "title": "MinSize", + "Port": { + "markdownDescription": "The port number on which each of the cache nodes accepts connections.", + "title": "Port", "type": "number" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access your Amazon EC2 Auto Scaling groups.", - "title": "RoleArn", + "PreferredAvailabilityZone": { + "markdownDescription": "The EC2 Availability Zone in which the cluster is created.\n\nAll nodes belonging to this cluster are placed in the preferred Availability Zone. If you want to create your nodes across multiple Availability Zones, use `PreferredAvailabilityZones` .\n\nDefault: System chosen Availability Zone.", + "title": "PreferredAvailabilityZone", + "type": "string" + }, + "PreferredAvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the Availability Zones in which cache nodes are created. The order of the zones in the list is not important.\n\nThis option is only supported on Memcached.\n\n> If you are creating your cluster in an Amazon VPC (recommended) you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheNodes` . \n\nIf you want all the nodes in the same Availability Zone, use `PreferredAvailabilityZone` instead, or repeat the Availability Zone multiple times in the list.\n\nDefault: System chosen Availability Zones.", + "title": "PreferredAvailabilityZones", + "type": "array" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "SnapshotArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A single-element string list containing an Amazon Resource Name (ARN) that uniquely identifies a Valkey or Redis OSS RDB snapshot file stored in Amazon S3. The snapshot file is used to populate the node group (shard). The Amazon S3 object name in the ARN cannot contain any commas.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", + "title": "SnapshotArns", + "type": "array" + }, + "SnapshotName": { + "markdownDescription": "The name of a Valkey or Redis OSS snapshot from which to restore data into the new node group (shard). The snapshot status changes to `restoring` while the new node group (shard) is being created.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot taken today is retained for 5 days before being deleted.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nDefault: 0 (i.e., automatic backups are disabled for this cache cluster).", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", + "title": "SnapshotWindow", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of labels to assign to the new game server group resource. Tags are developer-defined key-value pairs. Tagging AWS resources is useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags, respectively. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "markdownDescription": "A list of tags to be added to this resource.", "title": "Tags", "type": "array" }, - "VpcSubnets": { + "TransitEncryptionEnabled": { + "markdownDescription": "A flag that enables in-transit encryption when set to true.", + "title": "TransitEncryptionEnabled", + "type": "boolean" + }, + "VpcSecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. By default, all Amazon GameLift Servers FleetIQ-supported Availability Zones are used. You can use this parameter to specify VPCs that you've set up. This property cannot be updated after the game server group is created, and the corresponding Auto Scaling group will always use the property value that is set with this request, even if the Auto Scaling group is updated directly.", - "title": "VpcSubnets", + "markdownDescription": "One or more VPC security groups associated with the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "VpcSecurityGroupIds", "type": "array" } }, "required": [ - "GameServerGroupName", - "InstanceDefinitions", - "RoleArn" + "CacheNodeType", + "Engine", + "NumCacheNodes" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::GameServerGroup" + "AWS::ElastiCache::CacheCluster" ], "type": "string" }, @@ -103720,80 +112869,83 @@ ], "type": "object" }, - "AWS::GameLift::GameServerGroup.AutoScalingPolicy": { + "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { "additionalProperties": false, "properties": { - "EstimatedInstanceWarmup": { - "markdownDescription": "Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift Servers FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances.", - "title": "EstimatedInstanceWarmup", - "type": "number" - }, - "TargetTrackingConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameServerGroup.TargetTrackingConfiguration", - "markdownDescription": "Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value.", - "title": "TargetTrackingConfiguration" + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group.", + "title": "LogGroup", + "type": "string" } }, "required": [ - "TargetTrackingConfiguration" + "LogGroup" ], "type": "object" }, - "AWS::GameLift::GameServerGroup.InstanceDefinition": { + "AWS::ElastiCache::CacheCluster.DestinationDetails": { "additionalProperties": false, "properties": { - "InstanceType": { - "markdownDescription": "An Amazon EC2 instance type designation.", - "title": "InstanceType", - "type": "string" + "CloudWatchLogsDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails", + "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", + "title": "CloudWatchLogsDetails" }, - "WeightedCapacity": { - "markdownDescription": "Instance weighting that indicates how much this instance type contributes to the total capacity of a game server group. Instance weights are used by Amazon GameLift Servers FleetIQ to calculate the instance type's cost per unit hour and better identify the most cost-effective options. For detailed information on weighting instance capacity, see [Instance Weighting](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-weighting.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . Default value is \"1\".", - "title": "WeightedCapacity", + "KinesisFirehoseDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails", + "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", + "title": "KinesisFirehoseDetails" + } + }, + "type": "object" + }, + "AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails": { + "additionalProperties": false, + "properties": { + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", + "title": "DeliveryStream", "type": "string" } }, "required": [ - "InstanceType" + "DeliveryStream" ], "type": "object" }, - "AWS::GameLift::GameServerGroup.LaunchTemplate": { + "AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest": { "additionalProperties": false, "properties": { - "LaunchTemplateId": { - "markdownDescription": "A unique identifier for an existing Amazon EC2 launch template.", - "title": "LaunchTemplateId", + "DestinationDetails": { + "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.DestinationDetails", + "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "title": "DestinationDetails" + }, + "DestinationType": { + "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", + "title": "DestinationType", "type": "string" }, - "LaunchTemplateName": { - "markdownDescription": "A readable identifier for an existing Amazon EC2 launch template.", - "title": "LaunchTemplateName", + "LogFormat": { + "markdownDescription": "Valid values are either `json` or `text` .", + "title": "LogFormat", "type": "string" }, - "Version": { - "markdownDescription": "The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created.", - "title": "Version", + "LogType": { + "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", + "title": "LogType", "type": "string" } }, - "type": "object" - }, - "AWS::GameLift::GameServerGroup.TargetTrackingConfiguration": { - "additionalProperties": false, - "properties": { - "TargetValue": { - "markdownDescription": "Desired value to use with a game server group target-based scaling policy.", - "title": "TargetValue", - "type": "number" - } - }, "required": [ - "TargetValue" + "DestinationDetails", + "DestinationType", + "LogFormat", + "LogType" ], "type": "object" }, - "AWS::GameLift::GameSessionQueue": { + "AWS::ElastiCache::GlobalReplicationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -103828,69 +112980,71 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomEventData": { - "markdownDescription": "Information to be added to all events that are related to this game session queue.", - "title": "CustomEventData", + "AutomaticFailoverEnabled": { + "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.", + "title": "AutomaticFailoverEnabled", + "type": "boolean" + }, + "CacheNodeType": { + "markdownDescription": "The cache node type of the Global datastore", + "title": "CacheNodeType", "type": "string" }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.GameSessionQueueDestination" - }, - "markdownDescription": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue. Destinations are identified by either a fleet ARN or a fleet alias ARN, and are listed in order of placement preference.", - "title": "Destinations", - "type": "array" + "CacheParameterGroupName": { + "markdownDescription": "The name of the cache parameter group to use with the Global datastore. It must be compatible with the major engine version used by the Global datastore.", + "title": "CacheParameterGroupName", + "type": "string" }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.FilterConfiguration", - "markdownDescription": "A list of locations where a queue is allowed to place new game sessions. Locations are specified in the form of AWS Region codes, such as `us-west-2` . If this parameter is not set, game sessions can be placed in any queue location.", - "title": "FilterConfiguration" + "Engine": { + "markdownDescription": "The ElastiCache engine. For Valkey or Redis OSS only.", + "title": "Engine", + "type": "string" }, - "Name": { - "markdownDescription": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region.", - "title": "Name", + "EngineVersion": { + "markdownDescription": "The Elasticache Valkey or Redis OSS engine version.", + "title": "EngineVersion", "type": "string" }, - "NotificationTarget": { - "markdownDescription": "An SNS topic ARN that is set up to receive game session placement notifications. See [Setting up notifications for game session placement](https://docs.aws.amazon.com/gamelift/latest/developerguide/queue-notification.html) .", - "title": "NotificationTarget", + "GlobalNodeGroupCount": { + "markdownDescription": "The number of node groups that comprise the Global Datastore.", + "title": "GlobalNodeGroupCount", + "type": "number" + }, + "GlobalReplicationGroupDescription": { + "markdownDescription": "The optional description of the Global datastore", + "title": "GlobalReplicationGroupDescription", "type": "string" }, - "PlayerLatencyPolicies": { + "GlobalReplicationGroupIdSuffix": { + "markdownDescription": "The suffix name of a Global Datastore. The suffix guarantees uniqueness of the Global Datastore name across multiple regions.", + "title": "GlobalReplicationGroupIdSuffix", + "type": "string" + }, + "Members": { "items": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy" + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember" }, - "markdownDescription": "A set of policies that enforce a sliding cap on player latency when processing game sessions placement requests. Use multiple policies to gradually relax the cap over time if Amazon GameLift Servers can't make a placement. Policies are evaluated in order starting with the lowest maximum latency value.", - "title": "PlayerLatencyPolicies", + "markdownDescription": "The replication groups that comprise the Global datastore.", + "title": "Members", "type": "array" }, - "PriorityConfiguration": { - "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PriorityConfiguration", - "markdownDescription": "Custom settings to use when prioritizing destinations and locations for game session placements. This configuration replaces the FleetIQ default prioritization process. Priority types that are not explicitly named will be automatically applied at the end of the prioritization process.", - "title": "PriorityConfiguration" - }, - "Tags": { + "RegionalConfigurations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration" }, - "markdownDescription": "A list of labels to assign to the new game session queue resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", + "markdownDescription": "The Regions that comprise the Global Datastore.", + "title": "RegionalConfigurations", "type": "array" - }, - "TimeoutInSeconds": { - "markdownDescription": "The maximum time, in seconds, that a new game session placement request remains in the queue. When a request exceeds this time, the game session placement changes to a `TIMED_OUT` status. If you don't specify a request timeout, the queue uses a default value.", - "title": "TimeoutInSeconds", - "type": "number" } }, "required": [ - "Name" + "Members" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::GameSessionQueue" + "AWS::ElastiCache::GlobalReplicationGroup" ], "type": "string" }, @@ -103909,70 +113063,71 @@ ], "type": "object" }, - "AWS::GameLift::GameSessionQueue.FilterConfiguration": { - "additionalProperties": false, - "properties": { - "AllowedLocations": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` .", - "title": "AllowedLocations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::GameLift::GameSessionQueue.GameSessionQueueDestination": { + "AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions.", - "title": "DestinationArn", + "ReplicationGroupId": { + "markdownDescription": "The replication group id of the Global datastore member.", + "title": "ReplicationGroupId", + "type": "string" + }, + "ReplicationGroupRegion": { + "markdownDescription": "The Amazon region of the Global datastore member.", + "title": "ReplicationGroupRegion", + "type": "string" + }, + "Role": { + "markdownDescription": "Indicates the role of the replication group, `PRIMARY` or `SECONDARY` .", + "title": "Role", "type": "string" } }, "type": "object" }, - "AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy": { + "AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration": { "additionalProperties": false, "properties": { - "MaximumIndividualPlayerLatencyMilliseconds": { - "markdownDescription": "The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property.", - "title": "MaximumIndividualPlayerLatencyMilliseconds", - "type": "number" + "ReplicationGroupId": { + "markdownDescription": "The name of the secondary cluster", + "title": "ReplicationGroupId", + "type": "string" }, - "PolicyDurationSeconds": { - "markdownDescription": "The length of time, in seconds, that the policy is enforced while placing a new game session. A null value for this property means that the policy is enforced until the queue times out.", - "title": "PolicyDurationSeconds", - "type": "number" + "ReplicationGroupRegion": { + "markdownDescription": "The Amazon region where the cluster is stored", + "title": "ReplicationGroupRegion", + "type": "string" + }, + "ReshardingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration" + }, + "markdownDescription": "A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster.", + "title": "ReshardingConfigurations", + "type": "array" } }, "type": "object" }, - "AWS::GameLift::GameSessionQueue.PriorityConfiguration": { + "AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration": { "additionalProperties": false, "properties": { - "LocationOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations can include AWS Region codes (such as `us-west-2` ), local zones, and custom locations (for Anywhere fleets). Each location must be listed only once. For details, see [Amazon GameLift Servers service locations.](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html)", - "title": "LocationOrder", - "type": "array" + "NodeGroupId": { + "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", + "title": "NodeGroupId", + "type": "string" }, - "PriorityOrder": { + "PreferredAvailabilityZones": { "items": { "type": "string" }, - "markdownDescription": "A custom sequence to use when prioritizing where to place new game sessions. Each priority type is listed once.\n\n- `LATENCY` -- Amazon GameLift Servers prioritizes locations where the average player latency is lowest. Player latency data is provided in each game session placement request.\n- `COST` -- Amazon GameLift Servers prioritizes queue destinations with the lowest current hosting costs. Cost is evaluated based on the destination's location, instance type, and fleet type (Spot or On-Demand).\n- `DESTINATION` -- Amazon GameLift Servers prioritizes based on the list order of destinations in the queue configuration.\n- `LOCATION` -- Amazon GameLift Servers prioritizes based on the provided order of locations, as defined in `LocationOrder` .", - "title": "PriorityOrder", + "markdownDescription": "A list of preferred availability zones for the nodes in this cluster.", + "title": "PreferredAvailabilityZones", "type": "array" } }, "type": "object" }, - "AWS::GameLift::Location": { + "AWS::ElastiCache::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -104007,28 +113162,45 @@ "Properties": { "additionalProperties": false, "properties": { - "LocationName": { - "markdownDescription": "A descriptive name for the custom location.", - "title": "LocationName", + "CacheParameterGroupFamily": { + "markdownDescription": "The name of the cache parameter group family that this cache parameter group is compatible with.\n\nValid values are: `valkey8` | `valkey7` | `memcached1.4` | `memcached1.5` | `memcached1.6` | `redis2.6` | `redis2.8` | `redis3.2` | `redis4.0` | `redis5.0` | `redis6.x` | `redis7`", + "title": "CacheParameterGroupFamily", + "type": "string" + }, + "Description": { + "markdownDescription": "The description for this cache parameter group.", + "title": "Description", "type": "string" }, + "Properties": { + "additionalProperties": true, + "markdownDescription": "A comma-delimited list of parameter name/value pairs.\n\nFor example:\n\n```\n\"Properties\" : { \"cas_disabled\" : \"1\", \"chunk_size_growth_factor\" : \"1.02\"\n}\n```", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Properties", + "type": "object" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of labels to assign to the new resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Rareference* .", + "markdownDescription": "A tag that can be added to an ElastiCache parameter group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your parameter groups. A tag with a null Value is permitted.", "title": "Tags", "type": "array" } }, "required": [ - "LocationName" + "CacheParameterGroupFamily", + "Description" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::Location" + "AWS::ElastiCache::ParameterGroup" ], "type": "string" }, @@ -104047,7 +113219,7 @@ ], "type": "object" }, - "AWS::GameLift::MatchmakingConfiguration": { + "AWS::ElastiCache::ReplicationGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -104082,112 +113254,234 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptanceRequired": { - "markdownDescription": "A flag that determines whether a match that was created with this configuration must be accepted by the matched players. To require acceptance, set to `TRUE` . With this option enabled, matchmaking tickets use the status `REQUIRES_ACCEPTANCE` to indicate when a completed potential match is waiting for player acceptance.", - "title": "AcceptanceRequired", + "AtRestEncryptionEnabled": { + "markdownDescription": "A flag that enables encryption at rest when set to `true` .\n\n*Required:* Only available when creating a replication group in an Amazon VPC using Redis OSS version `3.2.6` or `4.x` onward.\n\nDefault: `false`", + "title": "AtRestEncryptionEnabled", "type": "boolean" }, - "AcceptanceTimeoutSeconds": { - "markdownDescription": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.", - "title": "AcceptanceTimeoutSeconds", - "type": "number" + "AuthToken": { + "markdownDescription": "*Reserved parameter.* The password used to access a password protected server.\n\n`AuthToken` can be specified only on replication groups where `TransitEncryptionEnabled` is `true` . For more information, see [Authenticating Valkey or Redis OSS users with the AUTH Command](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/auth.html) .\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` . \n\nPassword constraints:\n\n- Must be only printable ASCII characters.\n- Must be at least 16 characters and no more than 128 characters in length.\n- Nonalphanumeric characters are restricted to (!, &, #, $, ^, <, >, -, ).\n\nFor more information, see [AUTH password](https://docs.aws.amazon.com/http://redis.io/commands/AUTH) at http://redis.io/commands/AUTH.\n\n> If ADDING the AuthToken, update requires [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "AuthToken", + "type": "string" }, - "AdditionalPlayerCount": { - "markdownDescription": "The number of player slots in a match to keep open for future players. For example, if the configuration's rule set specifies a match for a single 12-person team, and the additional player count is set to 2, only 10 players are selected for the match. This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "AdditionalPlayerCount", - "type": "number" + "AutoMinorVersionUpgrade": { + "markdownDescription": "If you are running Valkey 7.2 or later, or Redis OSS 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" }, - "BackfillMode": { - "markdownDescription": "The method used to backfill game sessions that are created with this matchmaking configuration. Specify `MANUAL` when your game manages backfill requests manually or does not use the match backfill feature. Specify `AUTOMATIC` to have GameLift create a `StartMatchBackfill` request whenever a game session has one or more open slots. Learn more about manual and automatic backfill in [Backfill Existing Games with FlexMatch](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-backfill.html) . Automatic backfill is not available when `FlexMatchMode` is set to `STANDALONE` .", - "title": "BackfillMode", + "AutomaticFailoverEnabled": { + "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Valkey or Redis OSS (cluster mode enabled) replication groups.\n\nDefault: false", + "title": "AutomaticFailoverEnabled", + "type": "boolean" + }, + "CacheNodeType": { + "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.12xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.12xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Amazon Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)", + "title": "CacheNodeType", "type": "string" }, - "CreationTime": { - "markdownDescription": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example `\"1469498468.057\"` ).", - "title": "CreationTime", + "CacheParameterGroupName": { + "markdownDescription": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n\nIf you are running Valkey or Redis OSS version 3.2.4 or later, only one node group (shard), and want to use a default parameter group, we recommend that you specify the parameter group by name.\n\n- To create a Valkey or Redis OSS (cluster mode disabled) replication group, use `CacheParameterGroupName=default.redis3.2` .\n- To create a Valkey or Redis OSS (cluster mode enabled) replication group, use `CacheParameterGroupName=default.redis3.2.cluster.on` .", + "title": "CacheParameterGroupName", "type": "string" }, - "CustomEventData": { - "markdownDescription": "Information to add to all events related to the matchmaking configuration.", - "title": "CustomEventData", + "CacheSecurityGroupNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of cache security group names to associate with this replication group.", + "title": "CacheSecurityGroupNames", + "type": "array" + }, + "CacheSubnetGroupName": { + "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", + "title": "CacheSubnetGroupName", "type": "string" }, - "Description": { - "markdownDescription": "A description for the matchmaking configuration.", - "title": "Description", + "ClusterMode": { + "markdownDescription": "The mode can be enabled or disabled. To change the cluster mode from disabled to enabled, you must first set the cluster mode to compatible. The compatible mode allows your Valkey or Redis OSS clients to connect using both cluster mode enabled and cluster mode disabled. After you migrate all Valkey or Redis OSS clients to use cluster mode enabled, you can then complete cluster mode configuration and set the cluster mode to enabled. For more information, see [Modify cluster mode](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/modify-cluster-mode.html) .", + "title": "ClusterMode", "type": "string" }, - "FlexMatchMode": { - "markdownDescription": "Indicates whether this matchmaking configuration is being used with Amazon GameLift Servers hosting or as a standalone matchmaking solution.\n\n- *STANDALONE* - FlexMatch forms matches and returns match information, including players and team assignments, in a [MatchmakingSucceeded](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-events.html#match-events-matchmakingsucceeded) event.\n- *WITH_QUEUE* - FlexMatch forms matches and uses the specified Amazon GameLift Servers queue to start a game session for the match.", - "title": "FlexMatchMode", + "DataTieringEnabled": { + "markdownDescription": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html) .", + "title": "DataTieringEnabled", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the cache engine to be used for the clusters in this replication group. The value must be set to `valkey` or `redis` .\n\n> Upgrading an existing engine from redis to valkey is done through in-place migration, and requires a parameter group.", + "title": "Engine", "type": "string" }, - "GameProperties": { + "EngineVersion": { + "markdownDescription": "The version number of the cache engine to be used for the clusters in this replication group. To view the supported cache engine versions, use the `DescribeCacheEngineVersions` operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement) ) in the *ElastiCache User Guide* , but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", + "title": "EngineVersion", + "type": "string" + }, + "GlobalReplicationGroupId": { + "markdownDescription": "The name of the Global datastore", + "title": "GlobalReplicationGroupId", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The network type you choose when creating a replication group, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 or Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "IpDiscovery", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key used to encrypt the disk on the cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LogDeliveryConfigurations": { "items": { - "$ref": "#/definitions/AWS::GameLift::MatchmakingConfiguration.GameProperty" + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest" }, - "markdownDescription": "A set of custom properties for a game session, formatted as key-value pairs. These properties are passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "GameProperties", + "markdownDescription": "Specifies the destination, format and type of the logs.", + "title": "LogDeliveryConfigurations", "type": "array" }, - "GameSessionData": { - "markdownDescription": "A set of custom game session properties, formatted as a single string value. This data is passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", - "title": "GameSessionData", + "MultiAZEnabled": { + "markdownDescription": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see [Minimizing Downtime: Multi-AZ](https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html) .", + "title": "MultiAZEnabled", + "type": "boolean" + }, + "NetworkType": { + "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Valkey 7.2 and above, Redis OSS engine version 6.2 to 7.1 and Memcached engine version 1.6.6 and above on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", + "title": "NetworkType", "type": "string" }, - "GameSessionQueueArns": { + "NodeGroupConfiguration": { + "items": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration" + }, + "markdownDescription": "`NodeGroupConfiguration` is a property of the `AWS::ElastiCache::ReplicationGroup` resource that configures an Amazon ElastiCache (ElastiCache) Valkey or Redis OSS cluster node group.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NodeGroupConfiguration` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NodeGroupConfiguration` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "NodeGroupConfiguration", + "type": "array" + }, + "NotificationTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", + "title": "NotificationTopicArn", + "type": "string" + }, + "NumCacheClusters": { + "markdownDescription": "The number of clusters this replication group initially has.\n\nThis parameter is not used if there is more than one node group (shard). You should use `ReplicasPerNodeGroup` instead.\n\nIf `AutomaticFailoverEnabled` is `true` , the value of this parameter must be at least 2. If `AutomaticFailoverEnabled` is `false` you can omit this parameter (it will default to 1), or you can explicitly set it to a value between 2 and 6.\n\nThe maximum permitted value for `NumCacheClusters` is 6 (1 primary plus 5 replicas).", + "title": "NumCacheClusters", + "type": "number" + }, + "NumNodeGroups": { + "markdownDescription": "An optional parameter that specifies the number of node groups (shards) for this Valkey or Redis OSS (cluster mode enabled) replication group. For Valkey or Redis OSS (cluster mode disabled) either omit this parameter or set it to 1.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NumNodeGroups` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NumNodeGroups` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .\n\nDefault: 1", + "title": "NumNodeGroups", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which each member of the replication group accepts connections.", + "title": "Port", + "type": "number" + }, + "PreferredCacheClusterAZs": { "items": { "type": "string" }, - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) that is assigned to a Amazon GameLift Servers game session queue resource and uniquely identifies it. ARNs are unique across all Regions. Format is `arn:aws:gamelift:::gamesessionqueue/` . Queues can be located in any Region. Queues are used to start new Amazon GameLift Servers-hosted game sessions for matches that are created with this matchmaking configuration. If `FlexMatchMode` is set to `STANDALONE` , do not set this parameter.", - "title": "GameSessionQueueArns", + "markdownDescription": "A list of EC2 Availability Zones in which the replication group's clusters are created. The order of the Availability Zones in the list is the order in which clusters are allocated. The primary cluster is created in the first AZ in the list.\n\nThis parameter is not used if there is more than one node group (shard). You should use `NodeGroupConfiguration` instead.\n\n> If you are creating your replication group in an Amazon VPC (recommended), you can only locate clusters in Availability Zones associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheClusters` . \n\nDefault: system chosen Availability Zones.", + "title": "PreferredCacheClusterAZs", "type": "array" }, - "Name": { - "markdownDescription": "A unique identifier for the matchmaking configuration. This name is used to identify the configuration associated with a matchmaking request or ticket.", - "title": "Name", + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", + "title": "PreferredMaintenanceWindow", "type": "string" }, - "NotificationTarget": { - "markdownDescription": "An SNS topic ARN that is set up to receive matchmaking notifications. See [Setting up notifications for matchmaking](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-notification.html) for more information.", - "title": "NotificationTarget", + "PrimaryClusterId": { + "markdownDescription": "The identifier of the cluster that serves as the primary for this replication group. This cluster must already exist and have a status of `available` .\n\nThis parameter is not required if `NumCacheClusters` , `NumNodeGroups` , or `ReplicasPerNodeGroup` is specified.", + "title": "PrimaryClusterId", "type": "string" }, - "RequestTimeoutSeconds": { - "markdownDescription": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out. Requests that fail due to timing out can be resubmitted as needed.", - "title": "RequestTimeoutSeconds", + "ReplicasPerNodeGroup": { + "markdownDescription": "An optional parameter that specifies the number of replica nodes in each node group (shard). Valid values are 0 to 5.", + "title": "ReplicasPerNodeGroup", "type": "number" }, - "RuleSetArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) associated with the GameLift matchmaking rule set resource that this configuration uses.", - "title": "RuleSetArn", + "ReplicationGroupDescription": { + "markdownDescription": "A user-created description for the replication group.", + "title": "ReplicationGroupDescription", "type": "string" }, - "RuleSetName": { - "markdownDescription": "A unique identifier for the matchmaking rule set to use with this configuration. You can use either the rule set name or ARN value. A matchmaking configuration can only use rule sets that are defined in the same Region.", - "title": "RuleSetName", + "ReplicationGroupId": { + "markdownDescription": "The replication group identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- A name must contain from 1 to 40 alphanumeric characters or hyphens.\n- The first character must be a letter.\n- A name cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ReplicationGroupId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more Amazon VPC security groups associated with this replication group.\n\nUse this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud (Amazon VPC).", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the Valkey or Redis OSS RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new replication group. The Amazon S3 object name in the ARN cannot contain any commas. The new replication group will have the number of node groups (console: shards) specified by the parameter *NumNodeGroups* or the number of node groups configured by *NodeGroupConfiguration* regardless of the number of ARNs specified here.\n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", + "title": "SnapshotArns", + "type": "array" + }, + "SnapshotName": { + "markdownDescription": "The name of a snapshot from which to restore data into the new replication group. The snapshot status changes to `restoring` while the new replication group is being created.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot that was taken today is retained for 5 days before being deleted.\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster).", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.", + "title": "SnapshotWindow", + "type": "string" + }, + "SnapshottingClusterId": { + "markdownDescription": "The cluster ID that is used as the daily snapshot source for the replication group. This parameter cannot be set for Valkey or Redis OSS (cluster mode enabled) replication groups.", + "title": "SnapshottingClusterId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of labels to assign to the new matchmaking configuration resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "markdownDescription": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key= `myKey` , Value= `myKeyValue` . You can include multiple tags as shown following: Key= `myKey` , Value= `myKeyValue` Key= `mySecondKey` , Value= `mySecondKeyValue` . Tags on replication groups will be replicated to all nodes.", "title": "Tags", "type": "array" + }, + "TransitEncryptionEnabled": { + "markdownDescription": "A flag that enables in-transit encryption when set to `true` .\n\nThis parameter is only available when creating a replication group in an Amazon VPC using Valkey version `7.2` and above, Redis OSS version `3.2.6` , or Redis OSS version `4.x` and above, and the cluster is being created in an Amazon VPC.\n\nIf you enable in-transit encryption, you must also specify a value for `CacheSubnetGroup` .\n\n> TransitEncryptionEnabled is required when creating a new valkey replication group. \n\nDefault: `false`\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` .", + "title": "TransitEncryptionEnabled", + "type": "boolean" + }, + "TransitEncryptionMode": { + "markdownDescription": "A setting that allows you to migrate your clients to use in-transit encryption, with no downtime.\n\nWhen setting `TransitEncryptionEnabled` to `true` , you can set your `TransitEncryptionMode` to `preferred` in the same request, to allow both encrypted and unencrypted connections at the same time. Once you migrate all your Valkey or Redis OSS clients to use encrypted connections you can modify the value to `required` to allow encrypted connections only.\n\nSetting `TransitEncryptionMode` to `required` is a two-step process that requires you to first set the `TransitEncryptionMode` to `preferred` , after that you can set `TransitEncryptionMode` to `required` .\n\nThis process will not trigger the replacement of the replication group.", + "title": "TransitEncryptionMode", + "type": "string" + }, + "UserGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of user group to associate with the replication group.", + "title": "UserGroupIds", + "type": "array" } }, "required": [ - "AcceptanceRequired", - "Name", - "RequestTimeoutSeconds", - "RuleSetName" + "ReplicationGroupDescription" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::MatchmakingConfiguration" + "AWS::ElastiCache::ReplicationGroup" ], "type": "string" }, @@ -104206,37 +113500,127 @@ ], "type": "object" }, - "AWS::GameLift::MatchmakingConfiguration.GameProperty": { + "AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The game property identifier.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The game property value.", - "title": "Value", + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs log group.", + "title": "LogGroup", "type": "string" } }, "required": [ - "Key", - "Value" + "LogGroup" ], "type": "object" }, - "AWS::GameLift::MatchmakingRuleSet": { + "AWS::ElastiCache::ReplicationGroup.DestinationDetails": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CloudWatchLogsDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails", + "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", + "title": "CloudWatchLogsDetails" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" + "KinesisFirehoseDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails", + "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", + "title": "KinesisFirehoseDetails" + } + }, + "type": "object" + }, + "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { + "additionalProperties": false, + "properties": { + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", + "title": "DeliveryStream", + "type": "string" + } + }, + "required": [ + "DeliveryStream" + ], + "type": "object" + }, + "AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest": { + "additionalProperties": false, + "properties": { + "DestinationDetails": { + "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.DestinationDetails", + "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "title": "DestinationDetails" + }, + "DestinationType": { + "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", + "title": "DestinationType", + "type": "string" + }, + "LogFormat": { + "markdownDescription": "Valid values are either `json` or `text` .", + "title": "LogFormat", + "type": "string" + }, + "LogType": { + "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", + "title": "LogType", + "type": "string" + } + }, + "required": [ + "DestinationDetails", + "DestinationType", + "LogFormat", + "LogType" + ], + "type": "object" + }, + "AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration": { + "additionalProperties": false, + "properties": { + "NodeGroupId": { + "markdownDescription": "Either the ElastiCache supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", + "title": "NodeGroupId", + "type": "string" + }, + "PrimaryAvailabilityZone": { + "markdownDescription": "The Availability Zone where the primary node of this node group (shard) is launched.", + "title": "PrimaryAvailabilityZone", + "type": "string" + }, + "ReplicaAvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Availability Zones to be used for the read replicas. The number of Availability Zones in this list must match the value of `ReplicaCount` or `ReplicasPerNodeGroup` if not specified.", + "title": "ReplicaAvailabilityZones", + "type": "array" + }, + "ReplicaCount": { + "markdownDescription": "The number of read replica nodes in this node group (shard).", + "title": "ReplicaCount", + "type": "number" + }, + "Slots": { + "markdownDescription": "A string of comma-separated values where the first set of values are the slot numbers (zero based), and the second set of values are the keyspaces for each slot. The following example specifies three slots (numbered 0, 1, and 2): `0,1,2,0-4999,5000-9999,10000-16,383` .\n\nIf you don't specify a value, ElastiCache allocates keys equally among each slot.\n\nWhen you use an `UseOnlineResharding` update policy to update the number of node groups without interruption, ElastiCache evenly distributes the keyspaces between the specified number of slots. This cannot be updated later. Therefore, after updating the number of node groups in this way, you should remove the value specified for the `Slots` property of each `NodeGroupConfiguration` from the stack template, as it no longer reflects the actual values in each node group. For more information, see [UseOnlineResharding Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) .", + "title": "Slots", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElastiCache::SecurityGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" ], "type": "string" }, @@ -104261,34 +113645,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A unique identifier for the matchmaking rule set. A matchmaking configuration identifies the rule set it uses by this name value. Note that the rule set name is different from the optional `name` field in the rule set body.", - "title": "Name", - "type": "string" - }, - "RuleSetBody": { - "markdownDescription": "A collection of matchmaking rules, formatted as a JSON string. Comments are not allowed in JSON, but most elements support a description field.", - "title": "RuleSetBody", + "Description": { + "markdownDescription": "A description for the cache security group.", + "title": "Description", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of labels to assign to the new matchmaking rule set resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "markdownDescription": "A tag that can be added to an ElastiCache security group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your security groups. A tag with a null Value is permitted.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "RuleSetBody" + "Description" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::MatchmakingRuleSet" + "AWS::ElastiCache::SecurityGroup" ], "type": "string" }, @@ -104307,7 +113685,7 @@ ], "type": "object" }, - "AWS::GameLift::Script": { + "AWS::ElastiCache::SecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { @@ -104342,38 +113720,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", - "title": "Name", + "CacheSecurityGroupName": { + "markdownDescription": "The name of the Cache Security Group to authorize.", + "title": "CacheSecurityGroupName", "type": "string" }, - "StorageLocation": { - "$ref": "#/definitions/AWS::GameLift::Script.S3Location", - "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift Servers to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift Servers uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", - "title": "StorageLocation" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", - "title": "Tags", - "type": "array" + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 Security Group to include in the authorization.", + "title": "EC2SecurityGroupName", + "type": "string" }, - "Version": { - "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", - "title": "Version", + "EC2SecurityGroupOwnerId": { + "markdownDescription": "Specifies the Amazon Account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName property. The Amazon access key ID is not an acceptable value.", + "title": "EC2SecurityGroupOwnerId", "type": "string" } }, "required": [ - "StorageLocation" + "CacheSecurityGroupName", + "EC2SecurityGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::GameLift::Script" + "AWS::ElastiCache::SecurityGroupIngress" ], "type": "string" }, @@ -104392,38 +113763,7 @@ ], "type": "object" }, - "AWS::GameLift::Script.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift Servers doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name of the zip file that contains the build files or script files.", - "title": "Key", - "type": "string" - }, - "ObjectVersion": { - "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift Servers uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", - "title": "ObjectVersion", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access the S3 bucket.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "Bucket", - "Key", - "RoleArn" - ], - "type": "object" - }, - "AWS::GlobalAccelerator::Accelerator": { + "AWS::ElastiCache::ServerlessCache": { "additionalProperties": false, "properties": { "Condition": { @@ -104458,46 +113798,108 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n\nIf the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.", - "title": "Enabled", - "type": "boolean" + "CacheUsageLimits": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.CacheUsageLimits", + "markdownDescription": "The cache usage limit for the serverless cache.", + "title": "CacheUsageLimits" }, - "IpAddressType": { - "markdownDescription": "The IP address type that an accelerator supports. For a standard accelerator, the value can be IPV4 or DUAL_STACK.", - "title": "IpAddressType", + "DailySnapshotTime": { + "markdownDescription": "The daily time that a cache snapshot will be created. Default is NULL, i.e. snapshots will not be created at a specific time on a daily basis. Available for Valkey, Redis OSS and Serverless Memcached only.", + "title": "DailySnapshotTime", "type": "string" }, - "IpAddresses": { + "Description": { + "markdownDescription": "A description of the serverless cache.", + "title": "Description", + "type": "string" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", + "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", + "title": "Endpoint" + }, + "Engine": { + "markdownDescription": "The engine the serverless cache is compatible with.", + "title": "Engine", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The name of the final snapshot taken of a cache before the cache is deleted.", + "title": "FinalSnapshotName", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key that is used to encrypt data at rest in the serverless cache.", + "title": "KmsKeyId", + "type": "string" + }, + "MajorEngineVersion": { + "markdownDescription": "The version number of the engine the serverless cache is compatible with.", + "title": "MajorEngineVersion", + "type": "string" + }, + "ReaderEndpoint": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", + "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", + "title": "ReaderEndpoint" + }, + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "Optionally, if you've added your own IP address pool to Global Accelerator (BYOIP), you can choose IP addresses from your own pool to use for the accelerator's static IP addresses when you create an accelerator. You can specify one or two addresses, separated by a comma. Do not include the /32 suffix.\n\nOnly one IP address from each of your IP address ranges can be used for each accelerator. If you specify only one IP address from your IP address range, Global Accelerator assigns a second static IP address for the accelerator from the AWS IP address pool.\n\nNote that you can't update IP addresses for an existing accelerator. To change them, you must create a new accelerator with the new addresses.\n\nFor more information, see [Bring Your Own IP Addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "IpAddresses", + "markdownDescription": "The IDs of the EC2 security groups associated with the serverless cache.", + "title": "SecurityGroupIds", "type": "array" }, - "Name": { - "markdownDescription": "The name of the accelerator. The name must contain only alphanumeric characters or hyphens (-), and must not begin or end with a hyphen.", - "title": "Name", + "ServerlessCacheName": { + "markdownDescription": "The unique identifier of the serverless cache.", + "title": "ServerlessCacheName", "type": "string" }, + "SnapshotArnsToRestore": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the snapshot from which to restore data into the new cache.", + "title": "SnapshotArnsToRestore", + "type": "array" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The current setting for the number of serverless cache snapshots the system will retain. Available for Valkey, Redis OSS and Serverless Memcached only.", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "If no subnet IDs are given and your VPC is in us-west-1, then ElastiCache will select 2 default subnets across AZs in your VPC. For all other Regions, if no subnet IDs are given then ElastiCache will select 3 default subnets across AZs in your default VPC.", + "title": "SubnetIds", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "markdownDescription": "A list of tags to be added to this resource.", "title": "Tags", "type": "array" + }, + "UserGroupId": { + "markdownDescription": "The identifier of the user group associated with the serverless cache. Available for Valkey and Redis OSS only. Default is NULL.", + "title": "UserGroupId", + "type": "string" } }, "required": [ - "Name" + "Engine", + "ServerlessCacheName" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::Accelerator" + "AWS::ElastiCache::ServerlessCache" ], "type": "string" }, @@ -104516,7 +113918,79 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::CrossAccountAttachment": { + "AWS::ElastiCache::ServerlessCache.CacheUsageLimits": { + "additionalProperties": false, + "properties": { + "DataStorage": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.DataStorage", + "markdownDescription": "The maximum data storage limit in the cache, expressed in Gigabytes.", + "title": "DataStorage" + }, + "ECPUPerSecond": { + "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.ECPUPerSecond", + "markdownDescription": "The number of ElastiCache Processing Units (ECPU) the cache can consume per second.", + "title": "ECPUPerSecond" + } + }, + "type": "object" + }, + "AWS::ElastiCache::ServerlessCache.DataStorage": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The upper limit for data storage the cache is set to use.", + "title": "Maximum", + "type": "number" + }, + "Minimum": { + "markdownDescription": "The lower limit for data storage the cache is set to use.", + "title": "Minimum", + "type": "number" + }, + "Unit": { + "markdownDescription": "The unit that the storage is measured in, in GB.", + "title": "Unit", + "type": "string" + } + }, + "required": [ + "Unit" + ], + "type": "object" + }, + "AWS::ElastiCache::ServerlessCache.ECPUPerSecond": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The configuration for the maximum number of ECPUs the cache can consume per second.", + "title": "Maximum", + "type": "number" + }, + "Minimum": { + "markdownDescription": "The configuration for the minimum number of ECPUs the cache should be able consume per second.", + "title": "Minimum", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ElastiCache::ServerlessCache.Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The DNS hostname of the cache node.", + "title": "Address", + "type": "string" + }, + "Port": { + "markdownDescription": "The port number that the cache engine is listening on.", + "title": "Port", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElastiCache::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -104551,44 +114025,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the cross-account attachment.", - "title": "Name", + "CacheSubnetGroupName": { + "markdownDescription": "The name for the cache subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\nExample: `mysubnetgroup`", + "title": "CacheSubnetGroupName", "type": "string" }, - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "The principals included in the cross-account attachment.", - "title": "Principals", - "type": "array" + "Description": { + "markdownDescription": "The description for the cache subnet group.", + "title": "Description", + "type": "string" }, - "Resources": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::CrossAccountAttachment.Resource" + "type": "string" }, - "markdownDescription": "The resources included in the cross-account attachment.", - "title": "Resources", + "markdownDescription": "The EC2 subnet IDs for the cache subnet group.", + "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "markdownDescription": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "Description", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::CrossAccountAttachment" + "AWS::ElastiCache::SubnetGroup" ], "type": "string" }, @@ -104607,26 +114079,7 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::CrossAccountAttachment.Resource": { - "additionalProperties": false, - "properties": { - "EndpointId": { - "markdownDescription": "The endpoint ID for the endpoint that is specified as a AWS resource.\n\nAn endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.", - "title": "EndpointId", - "type": "string" - }, - "Region": { - "markdownDescription": "The AWS Region where a shared endpoint resource is located.", - "title": "Region", - "type": "string" - } - }, - "required": [ - "EndpointId" - ], - "type": "object" - }, - "AWS::GlobalAccelerator::EndpointGroup": { + "AWS::ElastiCache::User": { "additionalProperties": false, "properties": { "Condition": { @@ -104661,72 +114114,63 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointConfigurations": { - "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration" - }, - "markdownDescription": "The list of endpoint objects.", - "title": "EndpointConfigurations", - "type": "array" - }, - "EndpointGroupRegion": { - "markdownDescription": "The AWS Regions where the endpoint group is located.", - "title": "EndpointGroupRegion", + "AccessString": { + "markdownDescription": "Access permissions string used for this user.", + "title": "AccessString", "type": "string" }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The time\u201410 seconds or 30 seconds\u2014between health checks for each endpoint. The default value is 30.", - "title": "HealthCheckIntervalSeconds", - "type": "number" + "AuthenticationMode": { + "$ref": "#/definitions/AWS::ElastiCache::User.AuthenticationMode", + "markdownDescription": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```", + "title": "AuthenticationMode" }, - "HealthCheckPath": { - "markdownDescription": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/).", - "title": "HealthCheckPath", + "Engine": { + "markdownDescription": "The current supported values are valkey and redis.", + "title": "Engine", "type": "string" }, - "HealthCheckPort": { - "markdownDescription": "The port that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group.\n\nThe default port is the port for the listener that this endpoint group is associated with. If the listener port is a list, Global Accelerator uses the first specified port in the list of ports.", - "title": "HealthCheckPort", - "type": "number" - }, - "HealthCheckProtocol": { - "markdownDescription": "The protocol that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group. The default value is TCP.", - "title": "HealthCheckProtocol", - "type": "string" + "NoPasswordRequired": { + "markdownDescription": "Indicates a password is not required for this user.", + "title": "NoPasswordRequired", + "type": "boolean" }, - "ListenerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", - "title": "ListenerArn", - "type": "string" + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "Passwords used for this user. You can create up to two passwords for each user.", + "title": "Passwords", + "type": "array" }, - "PortOverrides": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.PortOverride" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on.", - "title": "PortOverrides", + "markdownDescription": "The list of tags.", + "title": "Tags", "type": "array" }, - "ThresholdCount": { - "markdownDescription": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.", - "title": "ThresholdCount", - "type": "number" + "UserId": { + "markdownDescription": "The ID of the user.", + "title": "UserId", + "type": "string" }, - "TrafficDialPercentage": { - "markdownDescription": "The percentage of traffic to send to an AWS Regions . Additional traffic is distributed to other endpoint groups for this listener.\n\nUse this action to increase (dial up) or decrease (dial down) traffic to a specific Region. The percentage is applied to the traffic that would otherwise have been routed to the Region based on optimal routing.\n\nThe default value is 100.", - "title": "TrafficDialPercentage", - "type": "number" + "UserName": { + "markdownDescription": "The username of the user.", + "title": "UserName", + "type": "string" } }, "required": [ - "EndpointGroupRegion", - "ListenerArn" + "Engine", + "UserId", + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::EndpointGroup" + "AWS::ElastiCache::User" ], "type": "string" }, @@ -104745,56 +114189,29 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { + "AWS::ElastiCache::User.AuthenticationMode": { "additionalProperties": false, "properties": { - "AttachmentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cross-account attachment that specifies the endpoints (resources) that can be added to accelerators and principals that have permission to add the endpoints.", - "title": "AttachmentArn", - "type": "string" - }, - "ClientIPPreservationEnabled": { - "markdownDescription": "Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint. The value is true or false. The default value is true for new accelerators.\n\nIf the value is set to true, the client's IP address is preserved in the `X-Forwarded-For` request header as traffic travels to applications on the Application Load Balancer endpoint fronted by the accelerator.\n\nFor more information, see [Preserve Client IP Addresses](https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "ClientIPPreservationEnabled", - "type": "boolean" + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the passwords to use for authentication if `Type` is set to `password` .", + "title": "Passwords", + "type": "array" }, - "EndpointId": { - "markdownDescription": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID. For Amazon EC2 instances, this is the EC2 instance ID. A resource must be valid and active when you add it as an endpoint.\n\nFor cross-account endpoints, this must be the ARN of the resource.", - "title": "EndpointId", + "Type": { + "markdownDescription": "Specifies the authentication type. Possible options are IAM authentication, password and no password.", + "title": "Type", "type": "string" - }, - "Weight": { - "markdownDescription": "The weight associated with the endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. For example, you might specify endpoint weights of 4, 5, 5, and 6 (sum=20). The result is that 4/20 of your traffic, on average, is routed to the first endpoint, 5/20 is routed both to the second and third endpoints, and 6/20 is routed to the last endpoint. For more information, see [Endpoint Weights](https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html) in the *AWS Global Accelerator Developer Guide* .", - "title": "Weight", - "type": "number" - } - }, - "required": [ - "EndpointId" - ], - "type": "object" - }, - "AWS::GlobalAccelerator::EndpointGroup.PortOverride": { - "additionalProperties": false, - "properties": { - "EndpointPort": { - "markdownDescription": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance.", - "title": "EndpointPort", - "type": "number" - }, - "ListenerPort": { - "markdownDescription": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on.", - "title": "ListenerPort", - "type": "number" } }, "required": [ - "EndpointPort", - "ListenerPort" + "Type" ], "type": "object" }, - "AWS::GlobalAccelerator::Listener": { + "AWS::ElastiCache::UserGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -104829,40 +114246,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceleratorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of your accelerator.", - "title": "AcceleratorArn", - "type": "string" - }, - "ClientAffinity": { - "markdownDescription": "Client affinity lets you direct all requests from a user to the same endpoint, if you have stateful applications, regardless of the port and protocol of the client request. Client affinity gives you control over whether to always route each client to the same specific endpoint.\n\nAWS Global Accelerator uses a consistent-flow hashing algorithm to choose the optimal endpoint for a connection. If client affinity is `NONE` , Global Accelerator uses the \"five-tuple\" (5-tuple) properties\u2014source IP address, source port, destination IP address, destination port, and protocol\u2014to select the hash value, and then chooses the best endpoint. However, with this setting, if someone uses different ports to connect to Global Accelerator, their connections might not be always routed to the same endpoint because the hash value changes.\n\nIf you want a given client to always be routed to the same endpoint, set client affinity to `SOURCE_IP` instead. When you use the `SOURCE_IP` setting, Global Accelerator uses the \"two-tuple\" (2-tuple) properties\u2014 source (client) IP address and destination IP address\u2014to select the hash value.\n\nThe default value is `NONE` .", - "title": "ClientAffinity", + "Engine": { + "markdownDescription": "The current supported values are valkey and redis.", + "title": "Engine", "type": "string" }, - "PortRanges": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::GlobalAccelerator::Listener.PortRange" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of port ranges for the connections from clients to the accelerator.", - "title": "PortRanges", + "markdownDescription": "The list of tags.", + "title": "Tags", "type": "array" }, - "Protocol": { - "markdownDescription": "The protocol for the connections from clients to the accelerator.", - "title": "Protocol", + "UserGroupId": { + "markdownDescription": "The ID of the user group.", + "title": "UserGroupId", "type": "string" + }, + "UserIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of user IDs that belong to the user group. A user named `default` must be included.", + "title": "UserIds", + "type": "array" } }, "required": [ - "AcceleratorArn", - "PortRanges", - "Protocol" + "Engine", + "UserGroupId", + "UserIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::GlobalAccelerator::Listener" + "AWS::ElastiCache::UserGroup" ], "type": "string" }, @@ -104881,27 +114301,7 @@ ], "type": "object" }, - "AWS::GlobalAccelerator::Listener.PortRange": { - "additionalProperties": false, - "properties": { - "FromPort": { - "markdownDescription": "The first port in the range of ports, inclusive.", - "title": "FromPort", - "type": "number" - }, - "ToPort": { - "markdownDescription": "The last port in the range of ports, inclusive.", - "title": "ToPort", - "type": "number" - } - }, - "required": [ - "FromPort", - "ToPort" - ], - "type": "object" - }, - "AWS::Glue::Classifier": { + "AWS::ElasticBeanstalk::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -104936,32 +114336,27 @@ "Properties": { "additionalProperties": false, "properties": { - "CsvClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.CsvClassifier", - "markdownDescription": "A classifier for comma-separated values (CSV).", - "title": "CsvClassifier" - }, - "GrokClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.GrokClassifier", - "markdownDescription": "A classifier that uses `grok` .", - "title": "GrokClassifier" + "ApplicationName": { + "markdownDescription": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "ApplicationName", + "type": "string" }, - "JsonClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.JsonClassifier", - "markdownDescription": "A classifier for JSON content.", - "title": "JsonClassifier" + "Description": { + "markdownDescription": "Your description of the application.", + "title": "Description", + "type": "string" }, - "XMLClassifier": { - "$ref": "#/definitions/AWS::Glue::Classifier.XMLClassifier", - "markdownDescription": "A classifier for XML content.", - "title": "XMLClassifier" + "ResourceLifecycleConfig": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig", + "markdownDescription": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions.", + "title": "ResourceLifecycleConfig" } }, "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Classifier" + "AWS::ElasticBeanstalk::Application" ], "type": "string" }, @@ -104979,138 +114374,81 @@ ], "type": "object" }, - "AWS::Glue::Classifier.CsvClassifier": { + "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { "additionalProperties": false, "properties": { - "AllowSingleColumn": { - "markdownDescription": "Enables the processing of files that contain only one column.", - "title": "AllowSingleColumn", - "type": "boolean" - }, - "ContainsCustomDatatype": { - "items": { - "type": "string" - }, - "markdownDescription": "Indicates whether the CSV file contains custom data types.", - "title": "ContainsCustomDatatype", - "type": "array" - }, - "ContainsHeader": { - "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", - "title": "ContainsHeader", - "type": "string" - }, - "CustomDatatypeConfigured": { - "markdownDescription": "Enables the configuration of custom data types.", - "title": "CustomDatatypeConfigured", - "type": "boolean" - }, - "Delimiter": { - "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", - "title": "Delimiter", - "type": "string" - }, - "DisableValueTrimming": { - "markdownDescription": "Specifies not to trim values before identifying the type of column values. The default value is `true` .", - "title": "DisableValueTrimming", - "type": "boolean" - }, - "Header": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of strings representing column names.", - "title": "Header", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", + "ServiceRole": { + "markdownDescription": "The ARN of an IAM service role that Elastic Beanstalk has permission to assume.\n\nThe `ServiceRole` property is required the first time that you provide a `ResourceLifecycleConfig` for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value.", + "title": "ServiceRole", "type": "string" }, - "QuoteSymbol": { - "markdownDescription": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.", - "title": "QuoteSymbol", - "type": "string" + "VersionLifecycleConfig": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig", + "markdownDescription": "Defines lifecycle settings for application versions.", + "title": "VersionLifecycleConfig" } }, "type": "object" }, - "AWS::Glue::Classifier.GrokClassifier": { + "AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "An identifier of the data format that the classifier matches, such as Twitter, JSON, Omniture logs, and so on.", - "title": "Classification", - "type": "string" - }, - "CustomPatterns": { - "markdownDescription": "Optional custom grok patterns defined by this classifier. For more information, see custom patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", - "title": "CustomPatterns", - "type": "string" - }, - "GrokPattern": { - "markdownDescription": "The grok pattern applied to a data store by this classifier. For more information, see built-in patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", - "title": "GrokPattern", - "type": "string" + "MaxAgeRule": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxAgeRule", + "markdownDescription": "Specify a max age rule to restrict the length of time that application versions are retained for an application.", + "title": "MaxAgeRule" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" + "MaxCountRule": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxCountRule", + "markdownDescription": "Specify a max count rule to restrict the number of application versions that are retained for an application.", + "title": "MaxCountRule" } }, - "required": [ - "Classification", - "GrokPattern" - ], "type": "object" }, - "AWS::Glue::Classifier.JsonClassifier": { + "AWS::ElasticBeanstalk::Application.MaxAgeRule": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath` , as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json) .", - "title": "JsonPath", - "type": "string" + "DeleteSourceFromS3": { + "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", + "title": "DeleteSourceFromS3", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" + "Enabled": { + "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", + "title": "Enabled", + "type": "boolean" + }, + "MaxAgeInDays": { + "markdownDescription": "Specify the number of days to retain an application versions.", + "title": "MaxAgeInDays", + "type": "number" } }, - "required": [ - "JsonPath" - ], "type": "object" }, - "AWS::Glue::Classifier.XMLClassifier": { + "AWS::ElasticBeanstalk::Application.MaxCountRule": { "additionalProperties": false, "properties": { - "Classification": { - "markdownDescription": "An identifier of the data format that the classifier matches.", - "title": "Classification", - "type": "string" + "DeleteSourceFromS3": { + "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", + "title": "DeleteSourceFromS3", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the classifier.", - "title": "Name", - "type": "string" + "Enabled": { + "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", + "title": "Enabled", + "type": "boolean" }, - "RowTag": { - "markdownDescription": "The XML tag designating the element that contains each record in an XML document being parsed. This can't identify a self-closing element (closed by `/>` ). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `` is okay, but `` is not).", - "title": "RowTag", - "type": "string" + "MaxCount": { + "markdownDescription": "Specify the maximum number of application versions to retain.", + "title": "MaxCount", + "type": "number" } }, - "required": [ - "Classification", - "RowTag" - ], "type": "object" }, - "AWS::Glue::Connection": { + "AWS::ElasticBeanstalk::ApplicationVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -105145,26 +114483,31 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the data catalog to create the catalog object in. Currently, this should be the AWS account ID.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId` .", - "title": "CatalogId", + "ApplicationName": { + "markdownDescription": "The name of the Elastic Beanstalk application that is associated with this application version.", + "title": "ApplicationName", "type": "string" }, - "ConnectionInput": { - "$ref": "#/definitions/AWS::Glue::Connection.ConnectionInput", - "markdownDescription": "The connection that you want to create.", - "title": "ConnectionInput" + "Description": { + "markdownDescription": "A description of this application version.", + "title": "Description", + "type": "string" + }, + "SourceBundle": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle", + "markdownDescription": "The Amazon S3 bucket and key that identify the location of the source bundle for this version.\n\n> The Amazon S3 bucket must be in the same region as the environment.", + "title": "SourceBundle" } }, "required": [ - "CatalogId", - "ConnectionInput" + "ApplicationName", + "SourceBundle" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Connection" + "AWS::ElasticBeanstalk::ApplicationVersion" ], "type": "string" }, @@ -105183,73 +114526,27 @@ ], "type": "object" }, - "AWS::Glue::Connection.ConnectionInput": { + "AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle": { "additionalProperties": false, "properties": { - "ConnectionProperties": { - "markdownDescription": "These key-value pairs define parameters for the connection.", - "title": "ConnectionProperties", - "type": "object" - }, - "ConnectionType": { - "markdownDescription": "The type of the connection. Currently, these types are supported:\n\n- `JDBC` - Designates a connection to a database through Java Database Connectivity (JDBC).\n\n`JDBC` Connections use the following ConnectionParameters.\n\n- Required: All of ( `HOST` , `PORT` , `JDBC_ENGINE` ) or `JDBC_CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- Optional: `JDBC_ENFORCE_SSL` , `CUSTOM_JDBC_CERT` , `CUSTOM_JDBC_CERT_STRING` , `SKIP_CUSTOM_JDBC_CERT_VALIDATION` . These parameters are used to configure SSL with JDBC.\n- `KAFKA` - Designates a connection to an Apache Kafka streaming platform.\n\n`KAFKA` Connections use the following ConnectionParameters.\n\n- Required: `KAFKA_BOOTSTRAP_SERVERS` .\n- Optional: `KAFKA_SSL_ENABLED` , `KAFKA_CUSTOM_CERT` , `KAFKA_SKIP_CUSTOM_CERT_VALIDATION` . These parameters are used to configure SSL with `KAFKA` .\n- Optional: `KAFKA_CLIENT_KEYSTORE` , `KAFKA_CLIENT_KEYSTORE_PASSWORD` , `KAFKA_CLIENT_KEY_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEYSTORE_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEY_PASSWORD` . These parameters are used to configure TLS client configuration with SSL in `KAFKA` .\n- Optional: `KAFKA_SASL_MECHANISM` . Can be specified as `SCRAM-SHA-512` , `GSSAPI` , or `AWS_MSK_IAM` .\n- Optional: `KAFKA_SASL_SCRAM_USERNAME` , `KAFKA_SASL_SCRAM_PASSWORD` , `ENCRYPTED_KAFKA_SASL_SCRAM_PASSWORD` . These parameters are used to configure SASL/SCRAM-SHA-512 authentication with `KAFKA` .\n- Optional: `KAFKA_SASL_GSSAPI_KEYTAB` , `KAFKA_SASL_GSSAPI_KRB5_CONF` , `KAFKA_SASL_GSSAPI_SERVICE` , `KAFKA_SASL_GSSAPI_PRINCIPAL` . These parameters are used to configure SASL/GSSAPI authentication with `KAFKA` .\n- `MONGODB` - Designates a connection to a MongoDB document database.\n\n`MONGODB` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `VIEW_VALIDATION_REDSHIFT` - Designates a connection used for view validation by Amazon Redshift.\n- `VIEW_VALIDATION_ATHENA` - Designates a connection used for view validation by Amazon Athena.\n- `NETWORK` - Designates a network connection to a data source within an Amazon Virtual Private Cloud environment (Amazon VPC).\n\n`NETWORK` Connections do not require ConnectionParameters. Instead, provide a PhysicalConnectionRequirements.\n- `MARKETPLACE` - Uses configuration settings contained in a connector purchased from AWS Marketplace to read from and write to data stores that are not natively supported by AWS Glue .\n\n`MARKETPLACE` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTOR_TYPE` , `CONNECTOR_URL` , `CONNECTOR_CLASS_NAME` , `CONNECTION_URL` .\n- Required for `JDBC` `CONNECTOR_TYPE` connections: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `CUSTOM` - Uses configuration settings contained in a custom connector to read from and write to data stores that are not natively supported by AWS Glue .\n\nAdditionally, a `ConnectionType` for the following SaaS connectors is supported:\n\n- `FACEBOOKADS` - Designates a connection to Facebook Ads.\n- `GOOGLEADS` - Designates a connection to Google Ads.\n- `GOOGLESHEETS` - Designates a connection to Google Sheets.\n- `GOOGLEANALYTICS4` - Designates a connection to Google Analytics 4.\n- `HUBSPOT` - Designates a connection to HubSpot.\n- `INSTAGRAMADS` - Designates a connection to Instagram Ads.\n- `INTERCOM` - Designates a connection to Intercom.\n- `JIRACLOUD` - Designates a connection to Jira Cloud.\n- `MARKETO` - Designates a connection to Adobe Marketo Engage.\n- `NETSUITEERP` - Designates a connection to Oracle NetSuite.\n- `SALESFORCE` - Designates a connection to Salesforce using OAuth authentication.\n- `SALESFORCEMARKETINGCLOUD` - Designates a connection to Salesforce Marketing Cloud.\n- `SALESFORCEPARDOT` - Designates a connection to Salesforce Marketing Cloud Account Engagement (MCAE).\n- `SAPODATA` - Designates a connection to SAP OData.\n- `SERVICENOW` - Designates a connection to ServiceNow.\n- `SLACK` - Designates a connection to Slack.\n- `SNAPCHATADS` - Designates a connection to Snapchat Ads.\n- `STRIPE` - Designates a connection to Stripe.\n- `ZENDESK` - Designates a connection to Zendesk.\n- `ZOHOCRM` - Designates a connection to Zoho CRM.\n\nFor more information on the connection parameters needed for a particular connector, see the documentation for the connector in [Adding an AWS Glue connection](https://docs.aws.amazon.com/glue/latest/dg/console-connections.html) in the AWS Glue User Guide.\n\n`SFTP` is not supported.\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue , consult [AWS Glue connection properties](https://docs.aws.amazon.com/glue/latest/dg/connection-defining.html) .\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue Studio, consult [Using connectors and connections](https://docs.aws.amazon.com/glue/latest/ug/connectors-chapter.html) .", - "title": "ConnectionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the connection.", - "title": "Description", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket where the data is located.", + "title": "S3Bucket", "type": "string" }, - "MatchCriteria": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of criteria that can be used in selecting this connection.", - "title": "MatchCriteria", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the connection.", - "title": "Name", + "S3Key": { + "markdownDescription": "The Amazon S3 key where the data is located.", + "title": "S3Key", "type": "string" - }, - "PhysicalConnectionRequirements": { - "$ref": "#/definitions/AWS::Glue::Connection.PhysicalConnectionRequirements", - "markdownDescription": "The physical connection requirements, such as virtual private cloud (VPC) and `SecurityGroup` , that are needed to successfully make this connection.", - "title": "PhysicalConnectionRequirements" } }, "required": [ - "ConnectionType" + "S3Bucket", + "S3Key" ], "type": "object" }, - "AWS::Glue::Connection.PhysicalConnectionRequirements": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The connection's Availability Zone.", - "title": "AvailabilityZone", - "type": "string" - }, - "SecurityGroupIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group ID list used by the connection.", - "title": "SecurityGroupIdList", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet ID used by the connection.", - "title": "SubnetId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler": { + "AWS::ElasticBeanstalk::ConfigurationTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -105284,89 +114581,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Classifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of UTF-8 strings that specify the names of custom classifiers that are associated with the crawler.", - "title": "Classifiers", - "type": "array" - }, - "Configuration": { - "markdownDescription": "Crawler configuration information. This versioned JSON string allows users to specify aspects of a crawler's behavior. For more information, see [Configuring a Crawler](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html) .", - "title": "Configuration", - "type": "string" - }, - "CrawlerSecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used by this crawler.", - "title": "CrawlerSecurityConfiguration", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database in which the crawler's output is stored.", - "title": "DatabaseName", + "ApplicationName": { + "markdownDescription": "The name of the Elastic Beanstalk application to associate with this configuration template.", + "title": "ApplicationName", "type": "string" }, "Description": { - "markdownDescription": "A description of the crawler.", + "markdownDescription": "An optional description for this configuration.", "title": "Description", "type": "string" }, - "LakeFormationConfiguration": { - "$ref": "#/definitions/AWS::Glue::Crawler.LakeFormationConfiguration", - "markdownDescription": "Specifies whether the crawler should use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", - "title": "LakeFormationConfiguration" - }, - "Name": { - "markdownDescription": "The name of the crawler.", - "title": "Name", + "EnvironmentId": { + "markdownDescription": "The ID of an environment whose settings you want to use to create the configuration template. You must specify `EnvironmentId` if you don't specify `PlatformArn` , `SolutionStackName` , or `SourceConfiguration` .", + "title": "EnvironmentId", "type": "string" }, - "RecrawlPolicy": { - "$ref": "#/definitions/AWS::Glue::Crawler.RecrawlPolicy", - "markdownDescription": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.", - "title": "RecrawlPolicy" + "OptionSettings": { + "items": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting" + }, + "markdownDescription": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the *AWS Elastic Beanstalk Developer Guide* .", + "title": "OptionSettings", + "type": "array" }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that's used to access customer resources, such as Amazon Simple Storage Service (Amazon S3) data.", - "title": "Role", + "PlatformArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , then don't specify `SolutionStackName` .", + "title": "PlatformArn", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::Glue::Crawler.Schedule", - "markdownDescription": "For scheduled crawlers, the schedule when the crawler runs.", - "title": "Schedule" - }, - "SchemaChangePolicy": { - "$ref": "#/definitions/AWS::Glue::Crawler.SchemaChangePolicy", - "markdownDescription": "The policy that specifies update and delete behaviors for the crawler. The policy tells the crawler what to do in the event that it detects a change in a table that already exists in the customer's database at the time of the crawl. The `SchemaChangePolicy` does not affect whether or how new tables and partitions are added. New tables and partitions are always created regardless of the `SchemaChangePolicy` on a crawler.\n\nThe SchemaChangePolicy consists of two components, `UpdateBehavior` and `DeleteBehavior` .", - "title": "SchemaChangePolicy" - }, - "TablePrefix": { - "markdownDescription": "The prefix added to the names of tables that are created.", - "title": "TablePrefix", + "SolutionStackName": { + "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, `64bit Amazon Linux 2013.09 running Tomcat 7 Java 7` . A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\nYou must specify `SolutionStackName` if you don't specify `PlatformArn` , `EnvironmentId` , or `SourceConfiguration` .\n\nUse the [`ListAvailableSolutionStacks`](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html) API to obtain a list of available solution stacks.", + "title": "SolutionStackName", "type": "string" }, - "Tags": { - "markdownDescription": "The tags to use with this crawler.", - "title": "Tags", - "type": "object" - }, - "Targets": { - "$ref": "#/definitions/AWS::Glue::Crawler.Targets", - "markdownDescription": "A collection of targets to crawl.", - "title": "Targets" + "SourceConfiguration": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration", + "markdownDescription": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in `OptionSettings` override any values obtained from the `SourceConfiguration` .\n\nYou must specify `SourceConfiguration` if you don't specify `PlatformArn` , `EnvironmentId` , or `SolutionStackName` .\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name.", + "title": "SourceConfiguration" } }, "required": [ - "Role", - "Targets" + "ApplicationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Crawler" + "AWS::ElasticBeanstalk::ConfigurationTemplate" ], "type": "string" }, @@ -105385,311 +114646,60 @@ ], "type": "object" }, - "AWS::Glue::Crawler.CatalogTarget": { + "AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a `Catalog` connection type paired with a `NETWORK` Connection type.", - "title": "ConnectionName", + "Namespace": { + "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", + "title": "Namespace", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database to be synchronized.", - "title": "DatabaseName", + "OptionName": { + "markdownDescription": "The name of the configuration option.", + "title": "OptionName", "type": "string" }, - "DlqEventQueueArn": { - "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", - "title": "DlqEventQueueArn", + "ResourceName": { + "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", + "title": "ResourceName", "type": "string" }, - "EventQueueArn": { - "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", - "title": "EventQueueArn", + "Value": { + "markdownDescription": "The current value for the configuration option.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Namespace", + "OptionName" + ], + "type": "object" + }, + "AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration": { + "additionalProperties": false, + "properties": { + "ApplicationName": { + "markdownDescription": "The name of the application associated with the configuration.", + "title": "ApplicationName", "type": "string" }, - "Tables": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the tables to be synchronized.", - "title": "Tables", - "type": "array" + "TemplateName": { + "markdownDescription": "The name of the configuration template.", + "title": "TemplateName", + "type": "string" } }, + "required": [ + "ApplicationName", + "TemplateName" + ], "type": "object" }, - "AWS::Glue::Crawler.DeltaTarget": { + "AWS::ElasticBeanstalk::Environment": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Delta table target.", - "title": "ConnectionName", - "type": "string" - }, - "CreateNativeDeltaTable": { - "markdownDescription": "Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly.", - "title": "CreateNativeDeltaTable", - "type": "boolean" - }, - "DeltaTables": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the Amazon S3 paths to the Delta tables.", - "title": "DeltaTables", - "type": "array" - }, - "WriteManifest": { - "markdownDescription": "Specifies whether to write the manifest files to the Delta table path.", - "title": "WriteManifest", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.DynamoDBTarget": { - "additionalProperties": false, - "properties": { - "Path": { - "markdownDescription": "The name of the DynamoDB table to crawl.", - "title": "Path", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.IcebergTarget": { - "additionalProperties": false, - "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Iceberg target.", - "title": "ConnectionName", - "type": "string" - }, - "Exclusions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of global patterns used to exclude from the crawl.", - "title": "Exclusions", - "type": "array" - }, - "MaximumTraversalDepth": { - "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time.", - "title": "MaximumTraversalDepth", - "type": "number" - }, - "Paths": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix .", - "title": "Paths", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.JdbcTarget": { - "additionalProperties": false, - "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the JDBC target.", - "title": "ConnectionName", - "type": "string" - }, - "Exclusions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", - "title": "Exclusions", - "type": "array" - }, - "Path": { - "markdownDescription": "The path of the JDBC target.", - "title": "Path", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.LakeFormationConfiguration": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "Required for cross account crawls. For same account crawls as the target data, this can be left as null.", - "title": "AccountId", - "type": "string" - }, - "UseLakeFormationCredentials": { - "markdownDescription": "Specifies whether to use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", - "title": "UseLakeFormationCredentials", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.MongoDBTarget": { - "additionalProperties": false, - "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.", - "title": "ConnectionName", - "type": "string" - }, - "Path": { - "markdownDescription": "The path of the Amazon DocumentDB or MongoDB target (database/collection).", - "title": "Path", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.RecrawlPolicy": { - "additionalProperties": false, - "properties": { - "RecrawlBehavior": { - "markdownDescription": "Specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVERYTHING` specifies crawling the entire dataset again.\n\nA value of `CRAWL_NEW_FOLDERS_ONLY` specifies crawling only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVENT_MODE` specifies crawling only the changes identified by Amazon S3 events.", - "title": "RecrawlBehavior", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.S3Target": { - "additionalProperties": false, - "properties": { - "ConnectionName": { - "markdownDescription": "The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC).", - "title": "ConnectionName", - "type": "string" - }, - "DlqEventQueueArn": { - "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", - "title": "DlqEventQueueArn", - "type": "string" - }, - "EventQueueArn": { - "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", - "title": "EventQueueArn", - "type": "string" - }, - "Exclusions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", - "title": "Exclusions", - "type": "array" - }, - "Path": { - "markdownDescription": "The path to the Amazon S3 target.", - "title": "Path", - "type": "string" - }, - "SampleSize": { - "markdownDescription": "Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249.", - "title": "SampleSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.Schedule": { - "additionalProperties": false, - "properties": { - "ScheduleExpression": { - "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", - "title": "ScheduleExpression", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.SchemaChangePolicy": { - "additionalProperties": false, - "properties": { - "DeleteBehavior": { - "markdownDescription": "The deletion behavior when the crawler finds a deleted object.\n\nA value of `LOG` specifies that if a table or partition is found to no longer exist, do not delete it, only log that it was found to no longer exist.\n\nA value of `DELETE_FROM_DATABASE` specifies that if a table or partition is found to have been removed, delete it from the database.\n\nA value of `DEPRECATE_IN_DATABASE` specifies that if a table has been found to no longer exist, to add a property to the table that says \"DEPRECATED\" and includes a timestamp with the time of deprecation.", - "title": "DeleteBehavior", - "type": "string" - }, - "UpdateBehavior": { - "markdownDescription": "The update behavior when the crawler finds a changed schema.\n\nA value of `LOG` specifies that if a table or a partition already exists, and a change is detected, do not update it, only log that a change was detected. Add new tables and new partitions (including on existing tables).\n\nA value of `UPDATE_IN_DATABASE` specifies that if a table or partition already exists, and a change is detected, update it. Add new tables and partitions.", - "title": "UpdateBehavior", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::Crawler.Targets": { - "additionalProperties": false, - "properties": { - "CatalogTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.CatalogTarget" - }, - "markdownDescription": "Specifies AWS Glue Data Catalog targets.", - "title": "CatalogTargets", - "type": "array" - }, - "DeltaTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.DeltaTarget" - }, - "markdownDescription": "Specifies an array of Delta data store targets.", - "title": "DeltaTargets", - "type": "array" - }, - "DynamoDBTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.DynamoDBTarget" - }, - "markdownDescription": "Specifies Amazon DynamoDB targets.", - "title": "DynamoDBTargets", - "type": "array" - }, - "IcebergTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" - }, - "markdownDescription": "Specifies Apache Iceberg data store targets.", - "title": "IcebergTargets", - "type": "array" - }, - "JdbcTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" - }, - "markdownDescription": "Specifies JDBC targets.", - "title": "JdbcTargets", - "type": "array" - }, - "MongoDBTargets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.MongoDBTarget" - }, - "markdownDescription": "A list of Mongo DB targets.", - "title": "MongoDBTargets", - "type": "array" - }, - "S3Targets": { - "items": { - "$ref": "#/definitions/AWS::Glue::Crawler.S3Target" - }, - "markdownDescription": "Specifies Amazon Simple Storage Service (Amazon S3) targets.", - "title": "S3Targets", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Glue::CustomEntityType": { - "additionalProperties": false, - "properties": { - "Condition": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -105721,107 +114731,81 @@ "Properties": { "additionalProperties": false, "properties": { - "ContextWords": { + "ApplicationName": { + "markdownDescription": "The name of the application that is associated with this environment.", + "title": "ApplicationName", + "type": "string" + }, + "CNAMEPrefix": { + "markdownDescription": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.", + "title": "CNAMEPrefix", + "type": "string" + }, + "Description": { + "markdownDescription": "Your description for this environment.", + "title": "Description", + "type": "string" + }, + "EnvironmentName": { + "markdownDescription": "A unique name for the environment.\n\nConstraint: Must be from 4 to 40 characters in length. The name can contain only letters, numbers, and hyphens. It can't start or end with a hyphen. This name must be unique within a region in your account.\n\nIf you don't specify the `CNAMEPrefix` parameter, the environment name becomes part of the CNAME, and therefore part of the visible URL for your application.\n\nIf you don't specify an environment name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "EnvironmentName", + "type": "string" + }, + "OperationsRole": { + "markdownDescription": "> The operations role feature of AWS Elastic Beanstalk is in beta release and is subject to change. \n\nThe Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. If specified, Elastic Beanstalk uses the operations role for permissions to downstream services during this call and during subsequent calls acting on this environment. To specify an operations role, you must have the `iam:PassRole` permission for the role.", + "title": "OperationsRole", + "type": "string" + }, + "OptionSettings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.OptionSetting" }, - "markdownDescription": "A list of context words. If none of these context words are found within the vicinity of the regular expression the data will not be detected as sensitive data.\n\nIf no context words are passed only a regular expression is checked.", - "title": "ContextWords", + "markdownDescription": "Key-value pairs defining configuration options for this environment, such as the instance type. These options override the values that are defined in the solution stack or the [configuration template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-beanstalk-configurationtemplate.html) . If you remove any options during a stack update, the removed options retain their current values.", + "title": "OptionSettings", "type": "array" }, - "Name": { - "markdownDescription": "A name for the custom pattern that allows it to be retrieved or deleted later. This name must be unique per AWS account.", - "title": "Name", + "PlatformArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform to use with the environment. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , don't specify `SolutionStackName` .", + "title": "PlatformArn", "type": "string" }, - "RegexString": { - "markdownDescription": "A regular expression string that is used for detecting sensitive data in a custom pattern.", - "title": "RegexString", + "SolutionStackName": { + "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. If specified, Elastic Beanstalk sets the configuration values to the default values associated with the specified solution stack. For a list of current solution stacks, see [Elastic Beanstalk Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html) in the *AWS Elastic Beanstalk Platforms* guide.\n\n> If you specify `SolutionStackName` , don't specify `PlatformArn` or `TemplateName` .", + "title": "SolutionStackName", "type": "string" }, "Tags": { - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", - "title": "Tags", - "type": "object" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::CustomEntityType" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Glue::DataCatalogEncryptionSettings": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Specifies the tags applied to resources in the environment.", + "title": "Tags", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the settings are created.", - "title": "CatalogId", + }, + "TemplateName": { + "markdownDescription": "The name of the Elastic Beanstalk configuration template to use with the environment.\n\n> If you specify `TemplateName` , then don't specify `SolutionStackName` .", + "title": "TemplateName", "type": "string" }, - "DataCatalogEncryptionSettings": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings", - "markdownDescription": "Contains configuration information for maintaining Data Catalog security.", - "title": "DataCatalogEncryptionSettings" + "Tier": { + "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.Tier", + "markdownDescription": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.", + "title": "Tier" + }, + "VersionLabel": { + "markdownDescription": "The name of the application version to deploy.\n\nDefault: If not specified, Elastic Beanstalk attempts to deploy the sample application.", + "title": "VersionLabel", + "type": "string" } }, "required": [ - "CatalogId", - "DataCatalogEncryptionSettings" + "ApplicationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::DataCatalogEncryptionSettings" + "AWS::ElasticBeanstalk::Environment" ], "type": "string" }, @@ -105840,60 +114824,58 @@ ], "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption": { + "AWS::ElasticBeanstalk::Environment.OptionSetting": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "An AWS KMS key that is used to encrypt the connection password.\n\nIf connection password protection is enabled, the caller of `CreateConnection` and `UpdateConnection` needs at least `kms:Encrypt` permission on the specified AWS KMS key, to encrypt passwords before storing them in the Data Catalog. You can set the decrypt permission to enable or restrict access on the password key according to your security requirements.", - "title": "KmsKeyId", + "Namespace": { + "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", + "title": "Namespace", "type": "string" }, - "ReturnConnectionPasswordEncrypted": { - "markdownDescription": "When the `ReturnConnectionPasswordEncrypted` flag is set to \"true\", passwords remain encrypted in the responses of `GetConnection` and `GetConnections` . This encryption takes effect independently from catalog encryption.", - "title": "ReturnConnectionPasswordEncrypted", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings": { - "additionalProperties": false, - "properties": { - "ConnectionPasswordEncryption": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption", - "markdownDescription": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of `CreateConnection` or `UpdateConnection` and store it in the `ENCRYPTED_PASSWORD` field in the connection properties. You can enable catalog encryption or only password encryption.", - "title": "ConnectionPasswordEncryption" + "OptionName": { + "markdownDescription": "The name of the configuration option.", + "title": "OptionName", + "type": "string" }, - "EncryptionAtRest": { - "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest", - "markdownDescription": "Specifies the encryption-at-rest configuration for the Data Catalog.", - "title": "EncryptionAtRest" + "ResourceName": { + "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", + "title": "ResourceName", + "type": "string" + }, + "Value": { + "markdownDescription": "The current value for the configuration option.", + "title": "Value", + "type": "string" } }, + "required": [ + "Namespace", + "OptionName" + ], "type": "object" }, - "AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest": { + "AWS::ElasticBeanstalk::Environment.Tier": { "additionalProperties": false, "properties": { - "CatalogEncryptionMode": { - "markdownDescription": "The encryption-at-rest mode for encrypting Data Catalog data.", - "title": "CatalogEncryptionMode", + "Name": { + "markdownDescription": "The name of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `WebServer`\n- For *Worker tier* \u2013 `Worker`", + "title": "Name", "type": "string" }, - "CatalogEncryptionServiceRole": { - "markdownDescription": "The role that AWS Glue assumes to encrypt and decrypt the Data Catalog objects on the caller's behalf.", - "title": "CatalogEncryptionServiceRole", + "Type": { + "markdownDescription": "The type of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `Standard`\n- For *Worker tier* \u2013 `SQS/HTTP`", + "title": "Type", "type": "string" }, - "SseAwsKmsKeyId": { - "markdownDescription": "The ID of the AWS KMS key to use for encryption at rest.", - "title": "SseAwsKmsKeyId", + "Version": { + "markdownDescription": "The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version.\n\n> This member is deprecated. Any specific version that you set may become out of date. We recommend leaving it unspecified.", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::Glue::DataQualityRuleset": { + "AWS::ElasticLoadBalancing::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { @@ -105928,42 +114910,122 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "Used for idempotency and is recommended to be set to a random ID (such as a UUID) to avoid creating or starting multiple instances of the same resource.", - "title": "ClientToken", - "type": "string" + "AccessLoggingPolicy": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy", + "markdownDescription": "Information about where and how access logs are stored for the load balancer.", + "title": "AccessLoggingPolicy" }, - "Description": { - "markdownDescription": "A description of the data quality ruleset.", - "title": "Description", - "type": "string" + "AppCookieStickinessPolicy": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy" + }, + "markdownDescription": "Information about a policy for application-controlled session stickiness.", + "title": "AppCookieStickinessPolicy", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the data quality ruleset.", - "title": "Name", + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "The Availability Zones for a load balancer in a default VPC. For a load balancer in a nondefault VPC, specify `Subnets` instead.\n\nUpdate requires replacement if you did not previously specify an Availability Zone or if you are removing all Availability Zones. Otherwise, update requires no interruption.", + "title": "AvailabilityZones", + "type": "array" + }, + "ConnectionDrainingPolicy": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy", + "markdownDescription": "If enabled, the load balancer allows existing requests to complete before the load balancer shifts traffic away from a deregistered or unhealthy instance.\n\nFor more information, see [Configure connection draining](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) in the *User Guide for Classic Load Balancers* .", + "title": "ConnectionDrainingPolicy" + }, + "ConnectionSettings": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings", + "markdownDescription": "If enabled, the load balancer allows the connections to remain idle (no data is sent over the connection) for the specified duration.\n\nBy default, Elastic Load Balancing maintains a 60-second idle connection timeout for both front-end and back-end connections of your load balancer. For more information, see [Configure idle connection timeout](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) in the *User Guide for Classic Load Balancers* .", + "title": "ConnectionSettings" + }, + "CrossZone": { + "markdownDescription": "If enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones.\n\nFor more information, see [Configure cross-zone load balancing](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) in the *User Guide for Classic Load Balancers* .", + "title": "CrossZone", + "type": "boolean" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck", + "markdownDescription": "The health check settings to use when evaluating the health of your EC2 instances.\n\nUpdate requires replacement if you did not previously specify health check settings or if you are removing the health check settings. Otherwise, update requires no interruption.", + "title": "HealthCheck" + }, + "Instances": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the instances for the load balancer.", + "title": "Instances", + "type": "array" + }, + "LBCookieStickinessPolicy": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy" + }, + "markdownDescription": "Information about a policy for duration-based session stickiness.", + "title": "LBCookieStickinessPolicy", + "type": "array" + }, + "Listeners": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Listeners" + }, + "markdownDescription": "The listeners for the load balancer. You can specify at most one listener per port.\n\nIf you update the properties for a listener, AWS CloudFormation deletes the existing listener and creates a new one with the specified properties. While the new listener is being created, clients cannot connect to the load balancer.", + "title": "Listeners", + "type": "array" + }, + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer. This name must be unique within your set of load balancers for the region.\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) . If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", + "title": "LoadBalancerName", "type": "string" }, - "Ruleset": { - "markdownDescription": "A Data Quality Definition Language (DQDL) ruleset. For more information see the AWS Glue Developer Guide.", - "title": "Ruleset", + "Policies": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Policies" + }, + "markdownDescription": "The policies defined for your Classic Load Balancer. Specify only back-end server policies.", + "title": "Policies", + "type": "array" + }, + "Scheme": { + "markdownDescription": "The type of load balancer. Valid only for load balancers in a VPC.\n\nIf `Scheme` is `internet-facing` , the load balancer has a public DNS name that resolves to a public IP address.\n\nIf `Scheme` is `internal` , the load balancer has a public DNS name that resolves to a private IP address.", + "title": "Scheme", "type": "string" }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the load balancer. Valid only for load balancers in a VPC.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets for the load balancer. You can specify at most one subnet per Availability Zone.\n\nUpdate requires replacement if you did not previously specify a subnet or if you are removing all subnets. Otherwise, update requires no interruption. To update to a different subnet in the current Availability Zone, you must first update to a subnet in a different Availability Zone, then update to the new subnet in the original Availability Zone.", + "title": "Subnets", + "type": "array" + }, "Tags": { - "markdownDescription": "A list of tags applied to the data quality ruleset.", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with a load balancer.", "title": "Tags", - "type": "object" - }, - "TargetTable": { - "$ref": "#/definitions/AWS::Glue::DataQualityRuleset.DataQualityTargetTable", - "markdownDescription": "An object representing an AWS Glue table.", - "title": "TargetTable" + "type": "array" } }, + "required": [ + "Listeners" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::DataQualityRuleset" + "AWS::ElasticLoadBalancing::LoadBalancer" ], "type": "string" }, @@ -105977,211 +115039,238 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Glue::DataQualityRuleset.DataQualityTargetTable": { + "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database where the AWS Glue table exists.", - "title": "DatabaseName", + "EmitInterval": { + "markdownDescription": "The interval for publishing the access logs. You can specify an interval of either 5 minutes or 60 minutes.\n\nDefault: 60 minutes", + "title": "EmitInterval", + "type": "number" + }, + "Enabled": { + "markdownDescription": "Specifies whether access logs are enabled for the load balancer.", + "title": "Enabled", + "type": "boolean" + }, + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket where the access logs are stored.", + "title": "S3BucketName", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the AWS Glue table.", - "title": "TableName", + "S3BucketPrefix": { + "markdownDescription": "The logical hierarchy you created for your Amazon S3 bucket, for example `my-bucket-prefix/prod` . If the prefix is not provided, the log is placed at the root level of the bucket.", + "title": "S3BucketPrefix", "type": "string" } }, + "required": [ + "Enabled", + "S3BucketName" + ], "type": "object" }, - "AWS::Glue::Database": { + "AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CookieName": { + "markdownDescription": "The name of the application cookie used for stickiness.", + "title": "CookieName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The AWS account ID for the account in which to create the catalog object.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", - "title": "CatalogId", - "type": "string" - }, - "DatabaseInput": { - "$ref": "#/definitions/AWS::Glue::Database.DatabaseInput", - "markdownDescription": "The metadata for the database.", - "title": "DatabaseInput" - } - }, - "required": [ - "CatalogId", - "DatabaseInput" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::Database" - ], + "PolicyName": { + "markdownDescription": "The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.", + "title": "PolicyName", "type": "string" + } + }, + "required": [ + "CookieName", + "PolicyName" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether connection draining is enabled for the load balancer.", + "title": "Enabled", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Timeout": { + "markdownDescription": "The maximum time, in seconds, to keep the existing connections open before deregistering the instances.", + "title": "Timeout", + "type": "number" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::Glue::Database.DataLakePrincipal": { + "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings": { "additionalProperties": false, "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the AWS Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", - "type": "string" + "IdleTimeout": { + "markdownDescription": "The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.", + "title": "IdleTimeout", + "type": "number" } }, + "required": [ + "IdleTimeout" + ], "type": "object" }, - "AWS::Glue::Database.DatabaseIdentifier": { + "AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the database resides.", - "title": "CatalogId", + "HealthyThreshold": { + "markdownDescription": "The number of consecutive health checks successes required before moving the instance to the `Healthy` state.", + "title": "HealthyThreshold", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database.", - "title": "DatabaseName", + "Interval": { + "markdownDescription": "The approximate interval, in seconds, between health checks of an individual instance.", + "title": "Interval", "type": "string" }, - "Region": { - "markdownDescription": "The Region of the database.", - "title": "Region", + "Target": { + "markdownDescription": "The instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535.\n\nTCP is the default, specified as a TCP: port pair, for example \"TCP:5000\". In this case, a health check simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy.\n\nSSL is also specified as SSL: port pair, for example, SSL:5000.\n\nFor HTTP/HTTPS, you must include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example \"HTTP:80/weather/us/wa/seattle\". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than \"200 OK\" within the timeout period is considered unhealthy.\n\nThe total length of the HTTP ping target must be 1024 16-bit Unicode characters or less.", + "title": "Target", + "type": "string" + }, + "Timeout": { + "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check.\n\nThis value must be less than the `Interval` value.", + "title": "Timeout", + "type": "string" + }, + "UnhealthyThreshold": { + "markdownDescription": "The number of consecutive health check failures required before moving the instance to the `Unhealthy` state.", + "title": "UnhealthyThreshold", "type": "string" } }, + "required": [ + "HealthyThreshold", + "Interval", + "Target", + "Timeout", + "UnhealthyThreshold" + ], "type": "object" }, - "AWS::Glue::Database.DatabaseInput": { + "AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy": { "additionalProperties": false, "properties": { - "CreateTableDefaultPermissions": { - "items": { - "$ref": "#/definitions/AWS::Glue::Database.PrincipalPrivileges" - }, - "markdownDescription": "Creates a set of default permissions on the table for principals. Used by AWS Lake Formation . Not used in the normal course of AWS Glue operations.", - "title": "CreateTableDefaultPermissions", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the database.", - "title": "Description", - "type": "string" - }, - "FederatedDatabase": { - "$ref": "#/definitions/AWS::Glue::Database.FederatedDatabase", - "markdownDescription": "A `FederatedDatabase` structure that references an entity outside the AWS Glue Data Catalog .", - "title": "FederatedDatabase" - }, - "LocationUri": { - "markdownDescription": "The location of the database (for example, an HDFS path).", - "title": "LocationUri", + "CookieExpirationPeriod": { + "markdownDescription": "The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session.", + "title": "CookieExpirationPeriod", "type": "string" }, - "Name": { - "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "Name", + "PolicyName": { + "markdownDescription": "The name of the policy. This name must be unique within the set of policies for this load balancer.", + "title": "PolicyName", "type": "string" - }, - "Parameters": { - "markdownDescription": "These key-value pairs define parameters and properties of the database.", - "title": "Parameters", - "type": "object" - }, - "TargetDatabase": { - "$ref": "#/definitions/AWS::Glue::Database.DatabaseIdentifier", - "markdownDescription": "A `DatabaseIdentifier` structure that describes a target database for resource linking.", - "title": "TargetDatabase" } }, "type": "object" }, - "AWS::Glue::Database.FederatedDatabase": { + "AWS::ElasticLoadBalancing::LoadBalancer.Listeners": { "additionalProperties": false, "properties": { - "ConnectionName": { - "markdownDescription": "The name of the connection to the external metastore.", - "title": "ConnectionName", + "InstancePort": { + "markdownDescription": "The port on which the instance is listening.", + "title": "InstancePort", "type": "string" }, - "Identifier": { - "markdownDescription": "A unique identifier for the federated database.", - "title": "Identifier", + "InstanceProtocol": { + "markdownDescription": "The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL.\n\nIf the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is secure, (HTTPS or SSL), the listener's `InstanceProtocol` must also be secure.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is HTTP or TCP, the listener's `InstanceProtocol` must be HTTP or TCP.", + "title": "InstanceProtocol", + "type": "string" + }, + "LoadBalancerPort": { + "markdownDescription": "The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.", + "title": "LoadBalancerPort", + "type": "string" + }, + "PolicyNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The names of the policies to associate with the listener.", + "title": "PolicyNames", + "type": "array" + }, + "Protocol": { + "markdownDescription": "The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL.", + "title": "Protocol", + "type": "string" + }, + "SSLCertificateId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the server certificate.", + "title": "SSLCertificateId", "type": "string" } }, + "required": [ + "InstancePort", + "LoadBalancerPort", + "Protocol" + ], "type": "object" }, - "AWS::Glue::Database.PrincipalPrivileges": { + "AWS::ElasticLoadBalancing::LoadBalancer.Policies": { "additionalProperties": false, "properties": { - "Permissions": { + "Attributes": { + "items": { + "type": "object" + }, + "markdownDescription": "The policy attributes.", + "title": "Attributes", + "type": "array" + }, + "InstancePorts": { "items": { "type": "string" }, - "markdownDescription": "The permissions that are granted to the principal.", - "title": "Permissions", + "markdownDescription": "The instance ports for the policy. Required only for some policy types.", + "title": "InstancePorts", "type": "array" }, - "Principal": { - "$ref": "#/definitions/AWS::Glue::Database.DataLakePrincipal", - "markdownDescription": "The principal who is granted permissions.", - "title": "Principal" + "LoadBalancerPorts": { + "items": { + "type": "string" + }, + "markdownDescription": "The load balancer ports for the policy. Required only for some policy types.", + "title": "LoadBalancerPorts", + "type": "array" + }, + "PolicyName": { + "markdownDescription": "The name of the policy.", + "title": "PolicyName", + "type": "string" + }, + "PolicyType": { + "markdownDescription": "The name of the policy type.", + "title": "PolicyType", + "type": "string" } }, + "required": [ + "Attributes", + "PolicyName", + "PolicyType" + ], "type": "object" }, - "AWS::Glue::DevEndpoint": { + "AWS::ElasticLoadBalancingV2::Listener": { "additionalProperties": false, "properties": { "Condition": { @@ -106216,96 +115305,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Arguments": { - "markdownDescription": "A map of arguments used to configure the `DevEndpoint` .\n\nValid arguments are:\n\n- `\"--enable-glue-datacatalog\": \"\"`\n- `\"GLUE_PYTHON_VERSION\": \"3\"`\n- `\"GLUE_PYTHON_VERSION\": \"2\"`\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", - "title": "Arguments", - "type": "object" - }, - "EndpointName": { - "markdownDescription": "The name of the `DevEndpoint` .", - "title": "EndpointName", - "type": "string" - }, - "ExtraJarsS3Path": { - "markdownDescription": "The path to one or more Java `.jar` files in an S3 bucket that should be loaded in your `DevEndpoint` .\n\n> You can only use pure Java/Scala libraries with a `DevEndpoint` .", - "title": "ExtraJarsS3Path", - "type": "string" - }, - "ExtraPythonLibsS3Path": { - "markdownDescription": "The paths to one or more Python libraries in an Amazon S3 bucket that should be loaded in your `DevEndpoint` . Multiple values must be complete paths separated by a comma.\n\n> You can only use pure Python libraries with a `DevEndpoint` . Libraries that rely on C extensions, such as the [pandas](https://docs.aws.amazon.com/http://pandas.pydata.org/) Python data analysis library, are not currently supported.", - "title": "ExtraPythonLibsS3Path", - "type": "string" - }, - "GlueVersion": { - "markdownDescription": "The AWS Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for running your ETL scripts on development endpoints.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nDevelopment endpoints that are created without specifying a Glue version default to Glue 0.9.\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", - "title": "GlueVersion", - "type": "string" - }, - "NumberOfNodes": { - "markdownDescription": "The number of AWS Glue Data Processing Units (DPUs) allocated to this `DevEndpoint` .", - "title": "NumberOfNodes", - "type": "number" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated to the development endpoint.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", - "title": "NumberOfWorkers", - "type": "number" - }, - "PublicKey": { - "markdownDescription": "The public key to be used by this `DevEndpoint` for authentication. This attribute is provided for backward compatibility because the recommended attribute to use is public keys.", - "title": "PublicKey", - "type": "string" - }, - "PublicKeys": { + "AlpnPolicy": { "items": { "type": "string" }, - "markdownDescription": "A list of public keys to be used by the `DevEndpoints` for authentication. Using this attribute is preferred over a single public key because the public keys allow you to have a different private key per client.\n\n> If you previously created an endpoint with a public key, you must remove that key to be able to set a list of public keys. Call the `UpdateDevEndpoint` API operation with the public key content in the `deletePublicKeys` attribute, and the list of new keys in the `addPublicKeys` attribute.", - "title": "PublicKeys", + "markdownDescription": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.", + "title": "AlpnPolicy", "type": "array" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used in this `DevEndpoint` .", - "title": "RoleArn", - "type": "string" + "Certificates": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Certificate" + }, + "markdownDescription": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nFor an HTTPS listener, update requires some interruptions. For a TLS listener, update requires no interruption.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", + "title": "Certificates", + "type": "array" }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this `DevEndpoint` .", - "title": "SecurityConfiguration", - "type": "string" + "DefaultActions": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Action" + }, + "markdownDescription": "The actions for the default rule. You cannot define a condition for a default rule.\n\nTo create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) .", + "title": "DefaultActions", + "type": "array" }, - "SecurityGroupIds": { + "ListenerAttributes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ListenerAttribute" }, - "markdownDescription": "A list of security group identifiers used in this `DevEndpoint` .", - "title": "SecurityGroupIds", + "markdownDescription": "The listener attributes. Attributes that you do not modify retain their current values.", + "title": "ListenerAttributes", "type": "array" }, - "SubnetId": { - "markdownDescription": "The subnet ID for this `DevEndpoint` .", - "title": "SubnetId", + "LoadBalancerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", + "title": "LoadBalancerArn", "type": "string" }, - "Tags": { - "markdownDescription": "The tags to use with this DevEndpoint.", - "title": "Tags", - "type": "object" + "MutualAuthentication": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication", + "markdownDescription": "The mutual authentication configuration information.", + "title": "MutualAuthentication" }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated to the development endpoint. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n\nKnown issue: when a development endpoint is created with the `G.2X` `WorkerType` configuration, the Spark drivers for the development endpoint will run on 4 vCPU, 16 GB of memory, and a 64 GB disk.", - "title": "WorkerType", + "Port": { + "markdownDescription": "The port on which the load balancer is listening. You can't specify a port for a Gateway Load Balancer.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can\u2019t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You can't specify a protocol for a Gateway Load Balancer.", + "title": "Protocol", + "type": "string" + }, + "SslPolicy": { + "markdownDescription": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/describe-ssl-policies.html) in the *Network Load Balancers Guide* .\n\n[HTTPS listeners] Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic. To decrease the possibility of an interruption if your load balancer is handling a high volume of traffic, create an additional load balancer or request an LCU reservation.", + "title": "SslPolicy", "type": "string" } }, "required": [ - "RoleArn" + "DefaultActions", + "LoadBalancerArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::DevEndpoint" + "AWS::ElasticLoadBalancingV2::Listener" ], "type": "string" }, @@ -106324,813 +115390,359 @@ ], "type": "object" }, - "AWS::Glue::Job": { + "AWS::ElasticLoadBalancingV2::Listener.Action": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AuthenticateCognitoConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig", + "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", + "title": "AuthenticateCognitoConfig" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "AuthenticateOidcConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig", + "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", + "title": "AuthenticateOidcConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllocatedCapacity": { - "markdownDescription": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job.", - "title": "AllocatedCapacity", - "type": "number" - }, - "Command": { - "$ref": "#/definitions/AWS::Glue::Job.JobCommand", - "markdownDescription": "The code that executes a job.", - "title": "Command" - }, - "Connections": { - "$ref": "#/definitions/AWS::Glue::Job.ConnectionsList", - "markdownDescription": "The connections used for this job.", - "title": "Connections" - }, - "DefaultArguments": { - "markdownDescription": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .", - "title": "DefaultArguments", - "type": "object" - }, - "Description": { - "markdownDescription": "A description of the job.", - "title": "Description", - "type": "string" - }, - "ExecutionClass": { - "markdownDescription": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs.", - "title": "ExecutionClass", - "type": "string" - }, - "ExecutionProperty": { - "$ref": "#/definitions/AWS::Glue::Job.ExecutionProperty", - "markdownDescription": "The maximum number of concurrent runs that are allowed for this job.", - "title": "ExecutionProperty" - }, - "GlueVersion": { - "markdownDescription": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available.", - "title": "GlueVersion", - "type": "string" - }, - "LogUri": { - "markdownDescription": "This field is reserved for future use.", - "title": "LogUri", - "type": "string" - }, - "MaxCapacity": { - "markdownDescription": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry this job after a JobRun fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "The name you assign to this job definition.", - "title": "Name", - "type": "string" - }, - "NonOverridableArguments": { - "markdownDescription": "Non-overridable arguments for this job, specified as name-value pairs.", - "title": "NonOverridableArguments", - "type": "object" - }, - "NotificationProperty": { - "$ref": "#/definitions/AWS::Glue::Job.NotificationProperty", - "markdownDescription": "Specifies configuration properties of a notification.", - "title": "NotificationProperty" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", - "title": "NumberOfWorkers", - "type": "number" - }, - "Role": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job.", - "title": "Role", - "type": "string" - }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this job.", - "title": "SecurityConfiguration", - "type": "string" - }, - "Tags": { - "markdownDescription": "The tags to use with this job.", - "title": "Tags", - "type": "object" - }, - "Timeout": { - "markdownDescription": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours).", - "title": "Timeout", - "type": "number" - }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 94GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 138GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Spain), Europe (Stockholm), and South America (S\u00e3o Paulo).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk, and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 or later streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk, and provides up to 8 Ray workers based on the autoscaler.", - "title": "WorkerType", - "type": "string" - } - }, - "required": [ - "Command", - "Role" - ], - "type": "object" + "FixedResponseConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig", + "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", + "title": "FixedResponseConfig" }, - "Type": { - "enum": [ - "AWS::Glue::Job" - ], - "type": "string" + "ForwardConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ForwardConfig", + "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", + "title": "ForwardConfig" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Glue::Job.ConnectionsList": { - "additionalProperties": false, - "properties": { - "Connections": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of connections used by the job.", - "title": "Connections", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Glue::Job.ExecutionProperty": { - "additionalProperties": false, - "properties": { - "MaxConcurrentRuns": { - "markdownDescription": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.", - "title": "MaxConcurrentRuns", + "Order": { + "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", + "title": "Order", "type": "number" - } - }, - "type": "object" - }, - "AWS::Glue::Job.JobCommand": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` .", - "title": "Name", - "type": "string" }, - "PythonVersion": { - "markdownDescription": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated.", - "title": "PythonVersion", - "type": "string" + "RedirectConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.RedirectConfig", + "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", + "title": "RedirectConfig" }, - "Runtime": { - "markdownDescription": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide.", - "title": "Runtime", + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", + "title": "TargetGroupArn", "type": "string" }, - "ScriptLocation": { - "markdownDescription": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required).", - "title": "ScriptLocation", + "Type": { + "markdownDescription": "The type of action.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Glue::Job.NotificationProperty": { - "additionalProperties": false, - "properties": { - "NotifyDelayAfter": { - "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification.", - "title": "NotifyDelayAfter", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Glue::MLTransform": { + "AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A user-defined, long-form description text for the machine learning transform.", - "title": "Description", - "type": "string" - }, - "GlueVersion": { - "markdownDescription": "This value determines which version of AWS Glue this machine learning transform is compatible with. Glue 1.0 is recommended for most customers. If the value is not set, the Glue compatibility defaults to Glue 0.9. For more information, see [AWS Glue Versions](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html#release-notes-versions) in the developer guide.", - "title": "GlueVersion", - "type": "string" - }, - "InputRecordTables": { - "$ref": "#/definitions/AWS::Glue::MLTransform.InputRecordTables", - "markdownDescription": "A list of AWS Glue table definitions used by the transform.", - "title": "InputRecordTables" - }, - "MaxCapacity": { - "markdownDescription": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from 2 to 100 DPUs; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory. For more information, see the [AWS Glue pricing page](https://docs.aws.amazon.com/glue/pricing/) .\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.\n\nWhen the `WorkerType` field is set to a value other than `Standard` , the `MaxCapacity` field is set automatically and becomes read-only.", - "title": "MaxCapacity", - "type": "number" - }, - "MaxRetries": { - "markdownDescription": "The maximum number of times to retry after an `MLTaskRun` of the machine learning transform fails.", - "title": "MaxRetries", - "type": "number" - }, - "Name": { - "markdownDescription": "A user-defined name for the machine learning transform. Names are required to be unique. `Name` is optional:\n\n- If you supply `Name` , the stack cannot be repeatedly created.\n- If `Name` is not provided, a randomly generated name will be used instead.", - "title": "Name", - "type": "string" - }, - "NumberOfWorkers": { - "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a task of the transform runs.\n\nIf `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).", - "title": "NumberOfWorkers", - "type": "number" - }, - "Role": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role with the required permissions. The required permissions include both AWS Glue service role permissions to AWS Glue resources, and Amazon S3 permissions required by the transform.\n\n- This role needs AWS Glue service role permissions to allow access to resources in AWS Glue . See [Attach a Policy to IAM Users That Access AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/attach-policy-iam-user.html) .\n- This role needs permission to your Amazon Simple Storage Service (Amazon S3) sources, targets, temporary directory, scripts, and any libraries used by the task run for this transform.", - "title": "Role", - "type": "string" - }, - "Tags": { - "markdownDescription": "The tags to use with this machine learning transform. You may use tags to limit access to the machine learning transform. For more information about tags in AWS Glue , see [AWS Tags in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html) in the developer guide.", - "title": "Tags", - "type": "object" - }, - "Timeout": { - "markdownDescription": "The timeout in minutes of the machine learning transform.", - "title": "Timeout", - "type": "number" - }, - "TransformEncryption": { - "$ref": "#/definitions/AWS::Glue::MLTransform.TransformEncryption", - "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data. Machine learning\ntransforms can access user data encrypted in Amazon S3 using KMS.\n\nAdditionally, imported labels and trained transforms can now be encrypted using a customer provided\nKMS key.", - "title": "TransformEncryption" - }, - "TransformParameters": { - "$ref": "#/definitions/AWS::Glue::MLTransform.TransformParameters", - "markdownDescription": "The algorithm-specific parameters that are associated with the machine learning transform.", - "title": "TransformParameters" - }, - "WorkerType": { - "markdownDescription": "The type of predefined worker that is allocated when a task of this transform runs. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker provides 4 vCPU, 16 GB of memory and a 64GB disk, and 1 executor per worker.\n- For the `G.2X` worker type, each worker provides 8 vCPU, 32 GB of memory and a 128GB disk, and 1 executor per worker.\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.", - "title": "WorkerType", + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "InputRecordTables", - "Role", - "TransformParameters" - ], + "title": "AuthenticationRequestExtraParams", "type": "object" }, - "Type": { - "enum": [ - "AWS::Glue::MLTransform" - ], + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Glue::MLTransform.FindMatchesParameters": { - "additionalProperties": false, - "properties": { - "AccuracyCostTradeoff": { - "markdownDescription": "The value that is selected when tuning your transform for a balance between accuracy and cost. A value of 0.5 means that the system balances accuracy and cost concerns. A value of 1.0 means a bias purely for accuracy, which typically results in a higher cost, sometimes substantially higher. A value of 0.0 means a bias purely for cost, which results in a less accurate `FindMatches` transform, sometimes with unacceptable accuracy.\n\nAccuracy measures how well the transform finds true positives and true negatives. Increasing accuracy requires more machine resources and cost. But it also results in increased recall.\n\nCost measures how many compute resources, and thus money, are consumed to run the transform.", - "title": "AccuracyCostTradeoff", - "type": "number" - }, - "EnforceProvidedLabels": { - "markdownDescription": "The value to switch on or off to force the output to match the provided labels from users. If the value is `True` , the `find matches` transform forces the output to match the provided labels. The results override the normal conflation results. If the value is `False` , the `find matches` transform does not ensure all the labels provided are respected, and the results rely on the trained model.\n\nNote that setting this value to true may increase the conflation execution time.", - "title": "EnforceProvidedLabels", - "type": "boolean" - }, - "PrecisionRecallTradeoff": { - "markdownDescription": "The value selected when tuning your transform for a balance between precision and recall. A value of 0.5 means no preference; a value of 1.0 means a bias purely for precision, and a value of 0.0 means a bias for recall. Because this is a tradeoff, choosing values close to 1.0 means very low recall, and choosing values close to 0.0 results in very low precision.\n\nThe precision metric indicates how often your model is correct when it predicts a match.\n\nThe recall metric indicates that for an actual match, how often your model predicts the match.", - "title": "PrecisionRecallTradeoff", - "type": "number" }, - "PrimaryKeyColumnName": { - "markdownDescription": "The name of a column that uniquely identifies rows in the source table. Used to help identify matching records.", - "title": "PrimaryKeyColumnName", + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", "type": "string" - } - }, - "required": [ - "PrimaryKeyColumnName" - ], - "type": "object" - }, - "AWS::Glue::MLTransform.GlueTables": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "A unique identifier for the AWS Glue Data Catalog .", - "title": "CatalogId", + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", "type": "string" }, - "ConnectionName": { - "markdownDescription": "The name of the connection to the AWS Glue Data Catalog .", - "title": "ConnectionName", + "UserPoolArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", + "title": "UserPoolArn", "type": "string" }, - "DatabaseName": { - "markdownDescription": "A database name in the AWS Glue Data Catalog .", - "title": "DatabaseName", + "UserPoolClientId": { + "markdownDescription": "The ID of the Amazon Cognito user pool client.", + "title": "UserPoolClientId", "type": "string" }, - "TableName": { - "markdownDescription": "A table name in the AWS Glue Data Catalog .", - "title": "TableName", + "UserPoolDomain": { + "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", + "title": "UserPoolDomain", "type": "string" } }, "required": [ - "DatabaseName", - "TableName" + "UserPoolArn", + "UserPoolClientId", + "UserPoolDomain" ], "type": "object" }, - "AWS::Glue::MLTransform.InputRecordTables": { + "AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig": { "additionalProperties": false, "properties": { - "GlueTables": { - "items": { - "$ref": "#/definitions/AWS::Glue::MLTransform.GlueTables" + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The database and table in the AWS Glue Data Catalog that is used for input or output data.", - "title": "GlueTables", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Glue::MLTransform.MLUserDataEncryption": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The ID for the customer-provided KMS key.", - "title": "KmsKeyId", - "type": "string" + "title": "AuthenticationRequestExtraParams", + "type": "object" }, - "MLUserDataEncryptionMode": { - "markdownDescription": "The encryption mode applied to user data. Valid values are:\n\n- DISABLED: encryption is disabled.\n- SSEKMS: use of server-side encryption with AWS Key Management Service (SSE-KMS) for user data\nstored in Amazon S3.", - "title": "MLUserDataEncryptionMode", + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "AuthorizationEndpoint", "type": "string" - } - }, - "required": [ - "MLUserDataEncryptionMode" - ], - "type": "object" - }, - "AWS::Glue::MLTransform.TransformEncryption": { - "additionalProperties": false, - "properties": { - "MLUserDataEncryption": { - "$ref": "#/definitions/AWS::Glue::MLTransform.MLUserDataEncryption", - "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data.", - "title": "MLUserDataEncryption" }, - "TaskRunSecurityConfigurationName": { - "markdownDescription": "The name of the security configuration.", - "title": "TaskRunSecurityConfigurationName", + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::MLTransform.TransformParameters": { - "additionalProperties": false, - "properties": { - "FindMatchesParameters": { - "$ref": "#/definitions/AWS::Glue::MLTransform.FindMatchesParameters", - "markdownDescription": "The parameters for the find matches algorithm.", - "title": "FindMatchesParameters" }, - "TransformType": { - "markdownDescription": "The type of machine learning transform. `FIND_MATCHES` is the only option.\n\nFor information about the types of machine learning transforms, see [Working with machine learning transforms](https://docs.aws.amazon.com/glue/latest/dg/console-machine-learning-transforms.html) .", - "title": "TransformType", + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", + "title": "ClientSecret", "type": "string" - } - }, - "required": [ - "TransformType" - ], - "type": "object" - }, - "AWS::Glue::Partition": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "Issuer", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" }, - "Metadata": { - "type": "object" + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The AWS account ID of the catalog in which the partion is to be created.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database in which to create the partition.", - "title": "DatabaseName", - "type": "string" - }, - "PartitionInput": { - "$ref": "#/definitions/AWS::Glue::Partition.PartitionInput", - "markdownDescription": "The structure used to create and update a partition.", - "title": "PartitionInput" - }, - "TableName": { - "markdownDescription": "The name of the metadata table in which the partition is to be created.", - "title": "TableName", - "type": "string" - } - }, - "required": [ - "CatalogId", - "DatabaseName", - "PartitionInput", - "TableName" - ], - "type": "object" + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Glue::Partition" - ], + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "TokenEndpoint", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UseExistingClientSecret": { + "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", + "title": "UseExistingClientSecret", + "type": "boolean" + }, + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "UserInfoEndpoint", "type": "string" } }, "required": [ - "Type", - "Properties" + "AuthorizationEndpoint", + "ClientId", + "Issuer", + "TokenEndpoint", + "UserInfoEndpoint" ], "type": "object" }, - "AWS::Glue::Partition.Column": { + "AWS::ElasticLoadBalancingV2::Listener.Certificate": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A free-form text comment.", - "title": "Comment", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `Column` .", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The data type of the `Column` .", - "title": "Type", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::Glue::Partition.Order": { + "AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig": { "additionalProperties": false, "properties": { - "Column": { - "markdownDescription": "The name of the column.", - "title": "Column", + "ContentType": { + "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", + "title": "ContentType", "type": "string" }, - "SortOrder": { - "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", - "title": "SortOrder", - "type": "number" + "MessageBody": { + "markdownDescription": "The message.", + "title": "MessageBody", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", + "title": "StatusCode", + "type": "string" } }, "required": [ - "Column" + "StatusCode" ], "type": "object" }, - "AWS::Glue::Partition.PartitionInput": { + "AWS::ElasticLoadBalancingV2::Listener.ForwardConfig": { "additionalProperties": false, "properties": { - "Parameters": { - "markdownDescription": "These key-value pairs define partition parameters.", - "title": "Parameters", - "type": "object" - }, - "StorageDescriptor": { - "$ref": "#/definitions/AWS::Glue::Partition.StorageDescriptor", - "markdownDescription": "Provides information about the physical location where the partition is stored.", - "title": "StorageDescriptor" + "TargetGroupStickinessConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig", + "markdownDescription": "Information about the target group stickiness for a rule.", + "title": "TargetGroupStickinessConfig" }, - "Values": { + "TargetGroups": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple" }, - "markdownDescription": "The values of the partition. Although this parameter is not required by the SDK, you must specify this parameter for a valid input.\n\nThe values for the keys for the new partition must be passed as an array of String objects that must be ordered in the same order as the partition keys appearing in the Amazon S3 prefix. Otherwise AWS Glue will add the values to the wrong keys.", - "title": "Values", + "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", + "title": "TargetGroups", "type": "array" } }, - "required": [ - "Values" - ], "type": "object" }, - "AWS::Glue::Partition.SchemaId": { + "AWS::ElasticLoadBalancingV2::Listener.ListenerAttribute": { "additionalProperties": false, "properties": { - "RegistryName": { - "markdownDescription": "The name of the schema registry that contains the schema.", - "title": "RegistryName", - "type": "string" - }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", - "title": "SchemaArn", + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attribute is supported by Network Load Balancers, and Gateway Load Balancers.\n\n- `tcp.idle_timeout.seconds` - The tcp idle timeout value, in seconds. The valid range is 60-6000 seconds. The default is 350 seconds.\n\nThe following attributes are only supported by Application Load Balancers.\n\n- `routing.http.request.x_amzn_mtls_clientcert_serial_number.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Serial-Number* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_issuer.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Issuer* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_subject.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Subject* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_validity.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Validity* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert_leaf.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Leaf* HTTP request header.\n- `routing.http.request.x_amzn_mtls_clientcert.header_name` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert* HTTP request header.\n- `routing.http.request.x_amzn_tls_version.header_name` - Enables you to modify the header name of the *X-Amzn-Tls-Version* HTTP request header.\n- `routing.http.request.x_amzn_tls_cipher_suite.header_name` - Enables you to modify the header name of the *X-Amzn-Tls-Cipher-Suite* HTTP request header.\n- `routing.http.response.server.enabled` - Enables you to allow or remove the HTTP response server header.\n- `routing.http.response.strict_transport_security.header_value` - Informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS.\n- `routing.http.response.access_control_allow_origin.header_value` - Specifies which origins are allowed to access the server.\n- `routing.http.response.access_control_allow_methods.header_value` - Returns which HTTP methods are allowed when accessing the server from a different origin.\n- `routing.http.response.access_control_allow_headers.header_value` - Specifies which headers can be used during the request.\n- `routing.http.response.access_control_allow_credentials.header_value` - Indicates whether the browser should include credentials such as cookies or authentication when making requests.\n- `routing.http.response.access_control_expose_headers.header_value` - Returns which headers the browser can expose to the requesting client.\n- `routing.http.response.access_control_max_age.header_value` - Specifies how long the results of a preflight request can be cached, in seconds.\n- `routing.http.response.content_security_policy.header_value` - Specifies restrictions enforced by the browser to help minimize the risk of certain types of security threats.\n- `routing.http.response.x_content_type_options.header_value` - Indicates whether the MIME types advertised in the *Content-Type* headers should be followed and not be changed.\n- `routing.http.response.x_frame_options.header_value` - Indicates whether the browser is allowed to render a page in a *frame* , *iframe* , *embed* or *object* .", + "title": "Key", "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", - "title": "SchemaName", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::Glue::Partition.SchemaReference": { + "AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication": { "additionalProperties": false, "properties": { - "SchemaId": { - "$ref": "#/definitions/AWS::Glue::Partition.SchemaId", - "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", - "title": "SchemaId" + "AdvertiseTrustStoreCaNames": { + "markdownDescription": "Indicates whether trust store CA certificate names are advertised.", + "title": "AdvertiseTrustStoreCaNames", + "type": "string" }, - "SchemaVersionId": { - "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", - "title": "SchemaVersionId", + "IgnoreClientCertificateExpiry": { + "markdownDescription": "Indicates whether expired client certificates are ignored.", + "title": "IgnoreClientCertificateExpiry", + "type": "boolean" + }, + "Mode": { + "markdownDescription": "The client certificate handling method. Options are `off` , `passthrough` or `verify` . The default value is `off` .", + "title": "Mode", "type": "string" }, - "SchemaVersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionNumber", - "type": "number" + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", + "type": "string" } }, "type": "object" }, - "AWS::Glue::Partition.SerdeInfo": { + "AWS::ElasticLoadBalancingV2::Listener.RedirectConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the SerDe.", - "title": "Name", + "Host": { + "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", + "title": "Host", "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", - "title": "Parameters", - "type": "object" + "Path": { + "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", + "title": "Path", + "type": "string" }, - "SerializationLibrary": { - "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", - "title": "SerializationLibrary", + "Port": { + "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", + "title": "Protocol", + "type": "string" + }, + "Query": { + "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", + "title": "Query", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", + "title": "StatusCode", "type": "string" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::Glue::Partition.SkewedInfo": { + "AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig": { "additionalProperties": false, "properties": { - "SkewedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of names of columns that contain skewed values.", - "title": "SkewedColumnNames", - "type": "array" - }, - "SkewedColumnValueLocationMaps": { - "markdownDescription": "A mapping of skewed values to the columns that contain them.", - "title": "SkewedColumnValueLocationMaps", - "type": "object" + "DurationSeconds": { + "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", + "title": "DurationSeconds", + "type": "number" }, - "SkewedColumnValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", - "title": "SkewedColumnValues", - "type": "array" + "Enabled": { + "markdownDescription": "Indicates whether target group stickiness is enabled.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Partition.StorageDescriptor": { + "AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple": { "additionalProperties": false, "properties": { - "BucketColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", - "title": "BucketColumns", - "type": "array" - }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Partition.Column" - }, - "markdownDescription": "A list of the `Columns` in the table.", - "title": "Columns", - "type": "array" - }, - "Compressed": { - "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", - "title": "Compressed", - "type": "boolean" - }, - "InputFormat": { - "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", - "title": "InputFormat", - "type": "string" - }, - "Location": { - "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", - "title": "Location", + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "TargetGroupArn", "type": "string" }, - "NumberOfBuckets": { - "markdownDescription": "The number of buckets.\n\nYou must specify this property if the partition contains any dimension columns.", - "title": "NumberOfBuckets", + "Weight": { + "markdownDescription": "The weight. The range is 0 to 999.", + "title": "Weight", "type": "number" - }, - "OutputFormat": { - "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", - "title": "OutputFormat", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The user-supplied properties in key-value form.", - "title": "Parameters", - "type": "object" - }, - "SchemaReference": { - "$ref": "#/definitions/AWS::Glue::Partition.SchemaReference", - "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", - "title": "SchemaReference" - }, - "SerdeInfo": { - "$ref": "#/definitions/AWS::Glue::Partition.SerdeInfo", - "markdownDescription": "The serialization/deserialization (SerDe) information.", - "title": "SerdeInfo" - }, - "SkewedInfo": { - "$ref": "#/definitions/AWS::Glue::Partition.SkewedInfo", - "markdownDescription": "The information about values that appear frequently in a column (skewed values).", - "title": "SkewedInfo" - }, - "SortColumns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Partition.Order" - }, - "markdownDescription": "A list specifying the sort order of each bucket in the table.", - "title": "SortColumns", - "type": "array" - }, - "StoredAsSubDirectories": { - "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", - "title": "StoredAsSubDirectories", - "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Registry": { + "AWS::ElasticLoadBalancingV2::ListenerCertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -107165,33 +115777,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the registry.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the registry.", - "title": "Name", - "type": "string" - }, - "Tags": { + "Certificates": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate" }, - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", - "title": "Tags", + "markdownDescription": "The certificate. You can specify one certificate per resource.", + "title": "Certificates", "type": "array" + }, + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", + "type": "string" } }, "required": [ - "Name" + "Certificates", + "ListenerArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Registry" + "AWS::ElasticLoadBalancingV2::ListenerCertificate" ], "type": "string" }, @@ -107210,7 +115818,18 @@ ], "type": "object" }, - "AWS::Glue::Schema": { + "AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate": { + "additionalProperties": false, + "properties": { + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule": { "additionalProperties": false, "properties": { "Condition": { @@ -107245,61 +115864,43 @@ "Properties": { "additionalProperties": false, "properties": { - "CheckpointVersion": { - "$ref": "#/definitions/AWS::Glue::Schema.SchemaVersion", - "markdownDescription": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint.", - "title": "CheckpointVersion" - }, - "Compatibility": { - "markdownDescription": "The compatibility mode of the schema.", - "title": "Compatibility", - "type": "string" - }, - "DataFormat": { - "markdownDescription": "The data format of the schema definition. Currently only `AVRO` is supported.", - "title": "DataFormat", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the schema if specified when created.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "Name of the schema to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace.", - "title": "Name", - "type": "string" - }, - "Registry": { - "$ref": "#/definitions/AWS::Glue::Schema.Registry", - "markdownDescription": "The registry where a schema is stored.", - "title": "Registry" - }, - "SchemaDefinition": { - "markdownDescription": "The schema definition using the `DataFormat` setting for `SchemaName` .", - "title": "SchemaDefinition", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.Action" + }, + "markdownDescription": "The actions.\n\nThe rule must include exactly one of the following types of actions: `forward` , `fixed-response` , or `redirect` , and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.", + "title": "Actions", + "type": "array" }, - "Tags": { + "Conditions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition" }, - "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", - "title": "Tags", + "markdownDescription": "The conditions.\n\nThe rule can optionally include up to one of each of the following conditions: `http-request-method` , `host-header` , `path-pattern` , and `source-ip` . A rule can also optionally include one or more of each of the following conditions: `http-header` and `query-string` .", + "title": "Conditions", "type": "array" + }, + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", + "type": "string" + }, + "Priority": { + "markdownDescription": "The rule priority. A listener can't have multiple rules with the same priority.\n\nIf you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.", + "title": "Priority", + "type": "number" } }, "required": [ - "Compatibility", - "DataFormat", - "Name", - "SchemaDefinition" + "Actions", + "Conditions", + "Priority" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Schema" + "AWS::ElasticLoadBalancingV2::ListenerRule" ], "type": "string" }, @@ -107318,39 +115919,460 @@ ], "type": "object" }, - "AWS::Glue::Schema.Registry": { + "AWS::ElasticLoadBalancingV2::ListenerRule.Action": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the registry.", - "title": "Arn", + "AuthenticateCognitoConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig", + "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", + "title": "AuthenticateCognitoConfig" + }, + "AuthenticateOidcConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig", + "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", + "title": "AuthenticateOidcConfig" + }, + "FixedResponseConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig", + "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", + "title": "FixedResponseConfig" + }, + "ForwardConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig", + "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", + "title": "ForwardConfig" + }, + "Order": { + "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", + "title": "Order", + "type": "number" + }, + "RedirectConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig", + "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", + "title": "RedirectConfig" + }, + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", + "title": "TargetGroupArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of the registry.", - "title": "Name", + "Type": { + "markdownDescription": "The type of action.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Glue::Schema.SchemaVersion": { + "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig": { "additionalProperties": false, "properties": { - "IsLatest": { - "markdownDescription": "Indicates if this version is the latest version of the schema.", - "title": "IsLatest", - "type": "boolean" + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" }, - "VersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "VersionNumber", - "type": "number" + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" + }, + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "number" + }, + "UserPoolArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", + "title": "UserPoolArn", + "type": "string" + }, + "UserPoolClientId": { + "markdownDescription": "The ID of the Amazon Cognito user pool client.", + "title": "UserPoolClientId", + "type": "string" + }, + "UserPoolDomain": { + "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", + "title": "UserPoolDomain", + "type": "string" } }, + "required": [ + "UserPoolArn", + "UserPoolClientId", + "UserPoolDomain" + ], "type": "object" }, - "AWS::Glue::SchemaVersion": { + "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig": { + "additionalProperties": false, + "properties": { + "AuthenticationRequestExtraParams": { + "additionalProperties": true, + "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AuthenticationRequestExtraParams", + "type": "object" + }, + "AuthorizationEndpoint": { + "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "AuthorizationEndpoint", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The OAuth 2.0 client identifier.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", + "title": "ClientSecret", + "type": "string" + }, + "Issuer": { + "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "Issuer", + "type": "string" + }, + "OnUnauthenticatedRequest": { + "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", + "title": "OnUnauthenticatedRequest", + "type": "string" + }, + "Scope": { + "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", + "title": "Scope", + "type": "string" + }, + "SessionCookieName": { + "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", + "title": "SessionCookieName", + "type": "string" + }, + "SessionTimeout": { + "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", + "title": "SessionTimeout", + "type": "number" + }, + "TokenEndpoint": { + "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "TokenEndpoint", + "type": "string" + }, + "UseExistingClientSecret": { + "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", + "title": "UseExistingClientSecret", + "type": "boolean" + }, + "UserInfoEndpoint": { + "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", + "title": "UserInfoEndpoint", + "type": "string" + } + }, + "required": [ + "AuthorizationEndpoint", + "ClientId", + "Issuer", + "TokenEndpoint", + "UserInfoEndpoint" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", + "title": "ContentType", + "type": "string" + }, + "MessageBody": { + "markdownDescription": "The message.", + "title": "MessageBody", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", + "title": "StatusCode", + "type": "string" + } + }, + "required": [ + "StatusCode" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig": { + "additionalProperties": false, + "properties": { + "TargetGroupStickinessConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig", + "markdownDescription": "Information about the target group stickiness for a rule.", + "title": "TargetGroupStickinessConfig" + }, + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple" + }, + "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", + "title": "TargetGroups", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). You must include at least one \".\" character. You can include only alphabetical characters after the final \".\" character.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the host name.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig": { + "additionalProperties": false, + "properties": { + "HttpHeaderName": { + "markdownDescription": "The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.", + "title": "HttpHeaderName", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf the same header appears multiple times in the request, we search them in order until a match is found.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue" + }, + "markdownDescription": "The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in `Values` using a '\\' character.\n\nIf you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key. You can omit the key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig": { + "additionalProperties": false, + "properties": { + "Host": { + "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", + "title": "Host", + "type": "string" + }, + "Path": { + "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", + "title": "Path", + "type": "string" + }, + "Port": { + "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", + "title": "Port", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.", + "title": "Protocol", + "type": "string" + }, + "Query": { + "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", + "title": "Query", + "type": "string" + }, + "StatusCode": { + "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", + "title": "StatusCode", + "type": "string" + } + }, + "required": [ + "StatusCode" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition": { + "additionalProperties": false, + "properties": { + "Field": { + "markdownDescription": "The field in the HTTP request. The following are the possible values:\n\n- `http-header`\n- `http-request-method`\n- `host-header`\n- `path-pattern`\n- `query-string`\n- `source-ip`", + "title": "Field", + "type": "string" + }, + "HostHeaderConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig", + "markdownDescription": "Information for a host header condition. Specify only when `Field` is `host-header` .", + "title": "HostHeaderConfig" + }, + "HttpHeaderConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig", + "markdownDescription": "Information for an HTTP header condition. Specify only when `Field` is `http-header` .", + "title": "HttpHeaderConfig" + }, + "HttpRequestMethodConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig", + "markdownDescription": "Information for an HTTP method condition. Specify only when `Field` is `http-request-method` .", + "title": "HttpRequestMethodConfig" + }, + "PathPatternConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig", + "markdownDescription": "Information for a path pattern condition. Specify only when `Field` is `path-pattern` .", + "title": "PathPatternConfig" + }, + "QueryStringConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig", + "markdownDescription": "Information for a query string condition. Specify only when `Field` is `query-string` .", + "title": "QueryStringConfig" + }, + "SourceIpConfig": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig", + "markdownDescription": "Information for a source IP condition. Specify only when `Field` is `source-ip` .", + "title": "SourceIpConfig" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The condition value. Specify only when `Field` is `host-header` or `path-pattern` . Alternatively, to specify multiple host names or multiple path patterns, use `HostHeaderConfig` or `PathPatternConfig` .\n\nIf `Field` is `host-header` and you're not using `HostHeaderConfig` , you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- - .\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)\n\nIf `Field` is `path-pattern` and you're not using `PathPatternConfig` , you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- _ - . $ / ~ \" ' @ : +\n- & (using &)\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported.\n\nIf you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig": { + "additionalProperties": false, + "properties": { + "DurationSeconds": { + "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness.", + "title": "DurationSeconds", + "type": "number" + }, + "Enabled": { + "markdownDescription": "Indicates whether target group stickiness is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple": { + "additionalProperties": false, + "properties": { + "TargetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", + "title": "TargetGroupArn", + "type": "string" + }, + "Weight": { + "markdownDescription": "The weight. The range is 0 to 999.", + "title": "Weight", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { @@ -107385,26 +116407,92 @@ "Properties": { "additionalProperties": false, "properties": { - "Schema": { - "$ref": "#/definitions/AWS::Glue::SchemaVersion.Schema", - "markdownDescription": "The schema that includes the schema version.", - "title": "Schema" + "EnablePrefixForIpv6SourceNat": { + "markdownDescription": "[Network Load Balancers with UDP listeners] Indicates whether to use an IPv6 prefix from each subnet for source NAT. The IP address type must be `dualstack` . The default value is `off` .", + "title": "EnablePrefixForIpv6SourceNat", + "type": "string" }, - "SchemaDefinition": { - "markdownDescription": "The schema definition for the schema version.", - "title": "SchemaDefinition", + "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { + "markdownDescription": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . The default is `on` .\n\nYou can't configure this property on a Network Load Balancer unless you associated a security group with the load balancer when you created it.", + "title": "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic", + "type": "string" + }, + "IpAddressType": { + "markdownDescription": "The IP address type. Internal load balancers must use `ipv4` .\n\n[Application Load Balancers] The possible values are `ipv4` (IPv4 addresses), `dualstack` (IPv4 and IPv6 addresses), and `dualstack-without-public-ipv4` (public IPv6 addresses and private IPv4 and IPv6 addresses).\n\nApplication Load Balancer authentication supports IPv4 addresses only when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer can't complete the authentication process, resulting in HTTP 500 errors.\n\n[Network Load Balancers and Gateway Load Balancers] The possible values are `ipv4` (IPv4 addresses) and `dualstack` (IPv4 and IPv6 addresses).", + "title": "IpAddressType", + "type": "string" + }, + "Ipv4IpamPoolId": { + "markdownDescription": "The ID of the IPv4 IPAM pool.", + "title": "Ipv4IpamPoolId", + "type": "string" + }, + "LoadBalancerAttributes": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute" + }, + "markdownDescription": "The load balancer attributes. Attributes that you do not modify retain their current values.", + "title": "LoadBalancerAttributes", + "type": "array" + }, + "MinimumLoadBalancerCapacity": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.MinimumLoadBalancerCapacity", + "markdownDescription": "The minimum capacity for a load balancer.", + "title": "MinimumLoadBalancerCapacity" + }, + "Name": { + "markdownDescription": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", + "title": "Name", + "type": "string" + }, + "Scheme": { + "markdownDescription": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n\nThe nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n\nThe default is an Internet-facing load balancer.\n\nYou can't specify a scheme for a Gateway Load Balancer.", + "title": "Scheme", + "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer.", + "title": "SecurityGroups", + "type": "array" + }, + "SubnetMappings": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping" + }, + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones. You can't specify Elastic IP addresses for your subnets.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n\n[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You can't specify Elastic IP addresses for your subnets.", + "title": "SubnetMappings", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers and Gateway Load Balancers] You can specify subnets from one or more Availability Zones.", + "title": "Subnets", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the load balancer.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of load balancer. The default is `application` .", + "title": "Type", "type": "string" } }, - "required": [ - "Schema", - "SchemaDefinition" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SchemaVersion" + "AWS::ElasticLoadBalancingV2::LoadBalancer" ], "type": "string" }, @@ -107418,33 +116506,75 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Glue::SchemaVersion.Schema": { + "AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute": { "additionalProperties": false, "properties": { - "RegistryName": { - "markdownDescription": "The name of the registry where the schema is stored. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "RegistryName", + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deletion_protection.enabled` - Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .\n- `load_balancing.cross_zone.enabled` - Indicates whether cross-zone load balancing is enabled. The possible values are `true` and `false` . The default for Network Load Balancers and Gateway Load Balancers is `false` . The default for Application Load Balancers is `true` , and can't be changed.\n\nThe following attributes are supported by both Application Load Balancers and Network Load Balancers:\n\n- `access_logs.s3.enabled` - Indicates whether access logs are enabled. The value is `true` or `false` . The default is `false` .\n- `access_logs.s3.bucket` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `access_logs.s3.prefix` - The prefix for the location in the S3 bucket for the access logs.\n- `ipv6.deny_all_igw_traffic` - Blocks internet gateway (IGW) access to the load balancer. It is set to `false` for internet-facing load balancers and `true` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.\n- `zonal_shift.config.enabled` - Indicates whether zonal shift is enabled. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Application Load Balancers:\n\n- `idle_timeout.timeout_seconds` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.\n- `client_keep_alive.seconds` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n- `connection_logs.s3.enabled` - Indicates whether connection logs are enabled. The value is `true` or `false` . The default is `false` .\n- `connection_logs.s3.bucket` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `connection_logs.s3.prefix` - The prefix for the location in the S3 bucket for the connection logs.\n- `routing.http.desync_mitigation_mode` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive` .\n- `routing.http.drop_invalid_header_fields.enabled` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( `true` ) or routed to targets ( `false` ). The default is `false` .\n- `routing.http.preserve_host_header.enabled` - Indicates whether the Application Load Balancer should preserve the `Host` header in the HTTP request and send it to the target without any change. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.x_amzn_tls_version_and_cipher_suite.enabled` - Indicates whether the two headers ( `x-amzn-tls-version` and `x-amzn-tls-cipher-suite` ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The `x-amzn-tls-version` header has information about the TLS protocol version negotiated with the client, and the `x-amzn-tls-cipher-suite` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are `true` and `false` . The default is `false` .\n- `routing.http.xff_client_port.enabled` - Indicates whether the `X-Forwarded-For` header should preserve the source port that the client used to connect to the load balancer. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.xff_header_processing.mode` - Enables you to modify, preserve, or remove the `X-Forwarded-For` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are `append` , `preserve` , and `remove` . The default is `append` .\n\n- If the value is `append` , the Application Load Balancer adds the client IP address (of the last hop) to the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- If the value is `preserve` the Application Load Balancer preserves the `X-Forwarded-For` header in the HTTP request, and sends it to targets without any change.\n- If the value is `remove` , the Application Load Balancer removes the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- `routing.http2.enabled` - Indicates whether HTTP/2 is enabled. The possible values are `true` and `false` . The default is `true` . Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.\n- `waf.fail_open.enabled` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Network Load Balancers:\n\n- `dns_record.client_routing_policy` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are `availability_zone_affinity` with 100 percent zonal affinity, `partial_availability_zone_affinity` with 85 percent zonal affinity, and `any_availability_zone` with 0 percent zonal affinity.", + "title": "Key", "type": "string" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "SchemaArn", + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::LoadBalancer.MinimumLoadBalancerCapacity": { + "additionalProperties": false, + "properties": { + "CapacityUnits": { + "markdownDescription": "The number of capacity units.", + "title": "CapacityUnits", + "type": "number" + } + }, + "required": [ + "CapacityUnits" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping": { + "additionalProperties": false, + "properties": { + "AllocationId": { + "markdownDescription": "[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.", + "title": "AllocationId", "type": "string" }, - "SchemaName": { - "markdownDescription": "The name of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", - "title": "SchemaName", + "IPv6Address": { + "markdownDescription": "[Network Load Balancers] The IPv6 address.", + "title": "IPv6Address", + "type": "string" + }, + "PrivateIPv4Address": { + "markdownDescription": "[Network Load Balancers] The private IPv4 address for an internal load balancer.", + "title": "PrivateIPv4Address", + "type": "string" + }, + "SourceNatIpv6Prefix": { + "markdownDescription": "[Network Load Balancers with UDP listeners] The IPv6 prefix to use for source NAT. Specify an IPv6 prefix (/80 netmask) from the subnet CIDR block or `auto_assigned` to use an IPv6 prefix selected at random from the subnet CIDR block.", + "title": "SourceNatIpv6Prefix", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet.", + "title": "SubnetId", "type": "string" } }, + "required": [ + "SubnetId" + ], "type": "object" }, - "AWS::Glue::SchemaVersionMetadata": { + "AWS::ElasticLoadBalancingV2::TargetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -107479,32 +116609,116 @@ "Properties": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A metadata key in a key-value pair for metadata.", - "title": "Key", + "HealthCheckEnabled": { + "markdownDescription": "Indicates whether health checks are enabled. If the target type is `lambda` , health checks are disabled by default but can be enabled. If the target type is `instance` , `ip` , or `alb` , health checks are always enabled and can't be disabled.", + "title": "HealthCheckEnabled", + "type": "boolean" + }, + "HealthCheckIntervalSeconds": { + "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds. If the target type is `lambda` , the default is 35 seconds.", + "title": "HealthCheckIntervalSeconds", + "type": "number" + }, + "HealthCheckPath": { + "markdownDescription": "[HTTP/HTTPS health checks] The destination for health checks on the targets.\n\n[HTTP1 or HTTP2 protocol version] The ping path. The default is /.\n\n[GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is / AWS .ALB/healthcheck.", + "title": "HealthCheckPath", "type": "string" }, - "SchemaVersionId": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionId", + "HealthCheckPort": { + "markdownDescription": "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port` , which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80.", + "title": "HealthCheckPort", "type": "string" }, - "Value": { - "markdownDescription": "A metadata key's corresponding value.", - "title": "Value", + "HealthCheckProtocol": { + "markdownDescription": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.", + "title": "HealthCheckProtocol", + "type": "string" + }, + "HealthCheckTimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2\u2013120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is `lambda` , the default is 30 seconds.", + "title": "HealthCheckTimeoutSeconds", + "type": "number" + }, + "HealthyThresholdCount": { + "markdownDescription": "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 5. If the target type is `lambda` , the default is 5.", + "title": "HealthyThresholdCount", + "type": "number" + }, + "IpAddressType": { + "markdownDescription": "The IP address type. The default value is `ipv4` .", + "title": "IpAddressType", + "type": "string" + }, + "Matcher": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.Matcher", + "markdownDescription": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499. For target groups with a protocol of GENEVE, the range is 200-399.", + "title": "Matcher" + }, + "Name": { + "markdownDescription": "The name of the target group.\n\nThis name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.", + "title": "Name", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "[HTTP/HTTPS protocol] The protocol version. The possible values are `GRPC` , `HTTP1` , and `HTTP2` .", + "title": "ProtocolVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags.", + "title": "Tags", + "type": "array" + }, + "TargetGroupAttributes": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute" + }, + "markdownDescription": "The target group attributes. Attributes that you do not modify retain their current values.", + "title": "TargetGroupAttributes", + "type": "array" + }, + "TargetType": { + "markdownDescription": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.\n\n- `instance` - Register targets by instance ID. This is the default value.\n- `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n- `lambda` - Register a single Lambda function as a target.\n- `alb` - Register a single Application Load Balancer as a target.", + "title": "TargetType", + "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription" + }, + "markdownDescription": "The targets.", + "title": "Targets", + "type": "array" + }, + "UnhealthyThresholdCount": { + "markdownDescription": "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 2. If the target type is `lambda` , the default is 5.", + "title": "UnhealthyThresholdCount", + "type": "number" + }, + "VpcId": { + "markdownDescription": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply. Otherwise, this parameter is required.", + "title": "VpcId", "type": "string" } }, - "required": [ - "Key", - "SchemaVersionId", - "Value" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SchemaVersionMetadata" + "AWS::ElasticLoadBalancingV2::TargetGroup" ], "type": "string" }, @@ -107518,12 +116732,67 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Glue::SecurityConfiguration": { + "AWS::ElasticLoadBalancingV2::TargetGroup.Matcher": { + "additionalProperties": false, + "properties": { + "GrpcCode": { + "markdownDescription": "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12.", + "title": "GrpcCode", + "type": "string" + }, + "HttpCode": { + "markdownDescription": "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Gateway Load Balancers, this must be \"200\u2013399\".\n\nNote that when using shorthand syntax, some values such as commas need to be escaped.", + "title": "HttpCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "An Availability Zone or `all` . This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer.\n\nFor Application Load Balancer target groups, the specified Availability Zone value is only applicable when cross-zone load balancing is off. Otherwise the parameter is ignored and treated as `all` .\n\nThis parameter is not supported if the target type of the target group is `instance` or `alb` .\n\nIf the target type is `ip` and the IP address is in a subnet of the VPC for the target group, the Availability Zone is automatically detected and this parameter is optional. If the IP address is outside the VPC, this parameter is required.\n\nFor Application Load Balancer target groups with cross-zone load balancing off, if the target type is `ip` and the IP address is outside of the VPC for the target group, this should be an Availability Zone inside the VPC for the target group.\n\nIf the target type is `lambda` , this parameter is optional and the only supported value is `all` .", + "title": "AvailabilityZone", + "type": "string" + }, + "Id": { + "markdownDescription": "The ID of the target. If the target type of the target group is `instance` , specify an instance ID. If the target type is `ip` , specify an IP address. If the target type is `lambda` , specify the ARN of the Lambda function. If the target type is `alb` , specify the ARN of the Application Load Balancer target.", + "title": "Id", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is `alb` , the targeted Application Load Balancer must have at least one listener whose port matches the target group port. This parameter is not used if the target is a Lambda function.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deregistration_delay.timeout_seconds` - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from `draining` to `unused` . The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.\n- `stickiness.enabled` - Indicates whether target stickiness is enabled. The value is `true` or `false` . The default is `false` .\n- `stickiness.type` - Indicates the type of stickiness. The possible values are:\n\n- `lb_cookie` and `app_cookie` for Application Load Balancers.\n- `source_ip` for Network Load Balancers.\n- `source_ip_dest_ip` and `source_ip_dest_ip_proto` for Gateway Load Balancers.\n\nThe following attributes are supported by Application Load Balancers and Network Load Balancers:\n\n- `load_balancing.cross_zone.enabled` - Indicates whether cross zone load balancing is enabled. The value is `true` , `false` or `use_load_balancer_configuration` . The default is `use_load_balancer_configuration` .\n- `target_group_health.dns_failover.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to the maximum number of targets. The default is 1.\n- `target_group_health.dns_failover.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are 1 to the maximum number of targets. The default is 1.\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n\nThe following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:\n\n- `load_balancing.algorithm.type` - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is `round_robin` , `least_outstanding_requests` , or `weighted_random` . The default is `round_robin` .\n- `load_balancing.algorithm.anomaly_mitigation` - Only available when `load_balancing.algorithm.type` is `weighted_random` . Indicates whether anomaly mitigation is enabled. The value is `on` or `off` . The default is `off` .\n- `slow_start.duration_seconds` - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).\n- `stickiness.app_cookie.cookie_name` - Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: `AWSALB` , `AWSALBAPP` , and `AWSALBTG` ; they're reserved for use by the load balancer.\n- `stickiness.app_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n- `stickiness.lb_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n\nThe following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:\n\n- `lambda.multi_value_headers.enabled` - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is `true` or `false` . The default is `false` . If the value is `false` and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.\n\nThe following attributes are supported only by Network Load Balancers:\n\n- `deregistration_delay.connection_termination.enabled` - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is `true` or `false` . For new UDP/TCP_UDP target groups the default is `true` . Otherwise, the default is `false` .\n- `preserve_client_ip.enabled` - Indicates whether client IP preservation is enabled. The value is `true` or `false` . The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation can't be disabled for UDP and TCP_UDP target groups.\n- `proxy_protocol_v2.enabled` - Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` .\n- `target_health_state.unhealthy.connection_termination.enabled` - Indicates whether the load balancer terminates connections to unhealthy targets. The value is `true` or `false` . The default is `true` . This attribute can't be enabled for UDP and TCP_UDP target groups.\n- `target_health_state.unhealthy.draining_interval_seconds` - The amount of time for Elastic Load Balancing to wait before changing the state of an unhealthy target from `unhealthy.draining` to `unhealthy` . The range is 0-360000 seconds. The default value is 0 seconds.\n\nNote: This attribute can only be configured when `target_health_state.unhealthy.connection_termination.enabled` is `false` .\n\nThe following attributes are supported only by Gateway Load Balancers:\n\n- `target_failover.on_deregistration` - Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.\n- `target_failover.on_unhealthy` - Indicates how the Gateway Load Balancer handles existing flows when a target is unhealthy. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the attribute.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElasticLoadBalancingV2::TrustStore": { "additionalProperties": false, "properties": { "Condition": { @@ -107558,26 +116827,40 @@ "Properties": { "additionalProperties": false, "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.EncryptionConfiguration", - "markdownDescription": "The encryption configuration associated with this security configuration.", - "title": "EncryptionConfiguration" + "CaCertificatesBundleS3Bucket": { + "markdownDescription": "The Amazon S3 bucket for the ca certificates bundle.", + "title": "CaCertificatesBundleS3Bucket", + "type": "string" + }, + "CaCertificatesBundleS3Key": { + "markdownDescription": "The Amazon S3 path for the ca certificates bundle.", + "title": "CaCertificatesBundleS3Key", + "type": "string" + }, + "CaCertificatesBundleS3ObjectVersion": { + "markdownDescription": "The Amazon S3 object version for the ca certificates bundle. If undefined the current version is used.", + "title": "CaCertificatesBundleS3ObjectVersion", + "type": "string" }, "Name": { - "markdownDescription": "The name of the security configuration.", + "markdownDescription": "The name of the trust store.", "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the trust store.", + "title": "Tags", + "type": "array" } }, - "required": [ - "EncryptionConfiguration", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::SecurityConfiguration" + "AWS::ElasticLoadBalancingV2::TrustStore" ], "type": "string" }, @@ -107591,86 +116874,134 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.CloudWatchEncryption": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation": { "additionalProperties": false, "properties": { - "CloudWatchEncryptionMode": { - "markdownDescription": "The encryption mode to use for CloudWatch data.", - "title": "CloudWatchEncryptionMode", + "Condition": { "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::Glue::SecurityConfiguration.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "CloudWatchEncryption": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.CloudWatchEncryption", - "markdownDescription": "The encryption configuration for Amazon CloudWatch.", - "title": "CloudWatchEncryption" }, - "JobBookmarksEncryption": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.JobBookmarksEncryption", - "markdownDescription": "The encryption configuration for job bookmarks.", - "title": "JobBookmarksEncryption" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "S3Encryptions": { - "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.S3Encryptions", - "markdownDescription": "The encyption configuration for Amazon Simple Storage Service (Amazon S3) data.", - "title": "S3Encryptions" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RevocationContents": { + "items": { + "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent" + }, + "markdownDescription": "The revocation file to add.", + "title": "RevocationContents", + "type": "array" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Glue::SecurityConfiguration.JobBookmarksEncryption": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent": { "additionalProperties": false, "properties": { - "JobBookmarksEncryptionMode": { - "markdownDescription": "The encryption mode to use for job bookmarks data.", - "title": "JobBookmarksEncryptionMode", + "RevocationType": { + "markdownDescription": "The type of revocation file.", + "title": "RevocationType", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket for the revocation file.", + "title": "S3Bucket", + "type": "string" + }, + "S3Key": { + "markdownDescription": "The Amazon S3 path for the revocation file.", + "title": "S3Key", + "type": "string" + }, + "S3ObjectVersion": { + "markdownDescription": "The Amazon S3 object version of the revocation file.", + "title": "S3ObjectVersion", "type": "string" } }, "type": "object" }, - "AWS::Glue::SecurityConfiguration.S3Encryption": { + "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.TrustStoreRevocation": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", - "title": "KmsKeyArn", + "NumberOfRevokedEntries": { + "markdownDescription": "The number of revoked certificates.", + "title": "NumberOfRevokedEntries", + "type": "number" + }, + "RevocationId": { + "markdownDescription": "The revocation ID of the revocation file.", + "title": "RevocationId", "type": "string" }, - "S3EncryptionMode": { - "markdownDescription": "The encryption mode to use for Amazon S3 data.", - "title": "S3EncryptionMode", + "RevocationType": { + "markdownDescription": "The type of revocation file.", + "title": "RevocationType", + "type": "string" + }, + "TrustStoreArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", + "title": "TrustStoreArn", "type": "string" } }, "type": "object" }, - "AWS::Glue::SecurityConfiguration.S3Encryptions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Glue::Table": { + "AWS::Elasticsearch::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -107705,37 +117036,102 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which to create the `Table` .", - "title": "CatalogId", + "AccessPolicies": { + "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guid* e.", + "title": "AccessPolicies", + "type": "object" + }, + "AdvancedOptions": { + "additionalProperties": true, + "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [Advanced cluster parameters](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) in the *Amazon OpenSearch Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdvancedOptions", + "type": "object" + }, + "AdvancedSecurityOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput", + "markdownDescription": "Specifies options for fine-grained access control.", + "title": "AdvancedSecurityOptions" + }, + "CognitoOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.CognitoOptions", + "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", + "title": "CognitoOptions" + }, + "DomainEndpointOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.DomainEndpointOptions", + "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", + "title": "DomainEndpointOptions" + }, + "DomainName": { + "markdownDescription": "A name for the OpenSearch Service domain. For valid values, see the [DomainName](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-datatypes-domainname) data type in the *Amazon OpenSearch Service Developer Guide* . If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DomainName", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database where the table metadata resides. For Hive compatibility, this must be all lowercase.", - "title": "DatabaseName", + "EBSOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.EBSOptions", + "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "EBSOptions" + }, + "ElasticsearchClusterConfig": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ElasticsearchClusterConfig", + "markdownDescription": "ElasticsearchClusterConfig is a property of the AWS::Elasticsearch::Domain resource that configures the cluster of an Amazon OpenSearch Service domain.", + "title": "ElasticsearchClusterConfig" + }, + "ElasticsearchVersion": { + "markdownDescription": "The version of Elasticsearch to use, such as 2.3. If not specified, 1.5 is used as the default. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `ElasticsearchVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `ElasticsearchVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "ElasticsearchVersion", "type": "string" }, - "OpenTableFormatInput": { - "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput", - "markdownDescription": "Specifies an `OpenTableFormatInput` structure when creating an open format table.", - "title": "OpenTableFormatInput" + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.EncryptionAtRestOptions", + "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS Key Management Service key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .", + "title": "EncryptionAtRestOptions" }, - "TableInput": { - "$ref": "#/definitions/AWS::Glue::Table.TableInput", - "markdownDescription": "A structure used to define a table.", - "title": "TableInput" + "LogPublishingOptions": { + "additionalProperties": false, + "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.LogPublishingOption" + } + }, + "title": "LogPublishingOptions", + "type": "object" + }, + "NodeToNodeEncryptionOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions", + "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", + "title": "NodeToNodeEncryptionOptions" + }, + "SnapshotOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.SnapshotOptions", + "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indices.", + "title": "SnapshotOptions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", + "title": "Tags", + "type": "array" + }, + "VPCOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.VPCOptions", + "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VPCOptions" } }, - "required": [ - "CatalogId", - "DatabaseName", - "TableInput" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Table" + "AWS::Elasticsearch::Domain" ], "type": "string" }, @@ -107749,459 +117145,300 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Glue::Table.Column": { + "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "A free-form text comment.", - "title": "Comment", - "type": "string" + "AnonymousAuthEnabled": { + "markdownDescription": "", + "title": "AnonymousAuthEnabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the `Column` .", - "title": "Name", - "type": "string" + "Enabled": { + "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption.", + "title": "Enabled", + "type": "boolean" }, - "Type": { - "markdownDescription": "The data type of the `Column` .", - "title": "Type", - "type": "string" + "InternalUserDatabaseEnabled": { + "markdownDescription": "True to enable the internal user database.", + "title": "InternalUserDatabaseEnabled", + "type": "boolean" + }, + "MasterUserOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.MasterUserOptions", + "markdownDescription": "Specifies information about the master user.", + "title": "MasterUserOptions" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::Glue::Table.IcebergInput": { + "AWS::Elasticsearch::Domain.CognitoOptions": { "additionalProperties": false, "properties": { - "MetadataOperation": { - "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation", - "markdownDescription": "A required metadata operation. Can only be set to CREATE.", - "title": "MetadataOperation" + "Enabled": { + "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", + "title": "Enabled", + "type": "boolean" }, - "Version": { - "markdownDescription": "The table version for the Iceberg table. Defaults to 2.", - "title": "Version", + "IdentityPoolId": { + "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", + "title": "IdentityPoolId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The `AmazonESCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool. Required if you enable Cognito authentication.", + "title": "RoleArn", + "type": "string" + }, + "UserPoolId": { + "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", + "title": "UserPoolId", "type": "string" } }, "type": "object" }, - "AWS::Glue::Table.MetadataOperation": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Glue::Table.OpenTableFormatInput": { + "AWS::Elasticsearch::Domain.ColdStorageOptions": { "additionalProperties": false, "properties": { - "IcebergInput": { - "$ref": "#/definitions/AWS::Glue::Table.IcebergInput", - "markdownDescription": "Specifies an `IcebergInput` structure that defines an Apache Iceberg metadata table.", - "title": "IcebergInput" + "Enabled": { + "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage in order to enable cold storage.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Table.Order": { + "AWS::Elasticsearch::Domain.DomainEndpointOptions": { "additionalProperties": false, "properties": { - "Column": { - "markdownDescription": "The name of the column.", - "title": "Column", + "CustomEndpoint": { + "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpoint", "type": "string" }, - "SortOrder": { - "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", - "title": "SortOrder", - "type": "number" - } - }, - "required": [ - "Column", - "SortOrder" - ], - "type": "object" - }, - "AWS::Glue::Table.SchemaId": { - "additionalProperties": false, - "properties": { - "RegistryName": { - "markdownDescription": "The name of the schema registry that contains the schema.", - "title": "RegistryName", + "CustomEndpointCertificateArn": { + "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpointCertificateArn", "type": "string" }, - "SchemaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", - "title": "SchemaArn", - "type": "string" + "CustomEndpointEnabled": { + "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", + "title": "CustomEndpointEnabled", + "type": "boolean" }, - "SchemaName": { - "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", - "title": "SchemaName", + "EnforceHTTPS": { + "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS.", + "title": "EnforceHTTPS", + "type": "boolean" + }, + "TLSSecurityPolicy": { + "markdownDescription": "The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:\n\n- `Policy-Min-TLS-1-0-2019-07`\n- `Policy-Min-TLS-1-2-2019-07`", + "title": "TLSSecurityPolicy", "type": "string" } }, "type": "object" }, - "AWS::Glue::Table.SchemaReference": { + "AWS::Elasticsearch::Domain.EBSOptions": { "additionalProperties": false, "properties": { - "SchemaId": { - "$ref": "#/definitions/AWS::Glue::Table.SchemaId", - "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", - "title": "SchemaId" - }, - "SchemaVersionId": { - "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", - "title": "SchemaVersionId", - "type": "string" + "EBSEnabled": { + "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", + "title": "EBSEnabled", + "type": "boolean" }, - "SchemaVersionNumber": { - "markdownDescription": "The version number of the schema.", - "title": "SchemaVersionNumber", + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to provisioned IOPS EBS volume types.", + "title": "Iops", "type": "number" - } - }, - "type": "object" - }, - "AWS::Glue::Table.SerdeInfo": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the SerDe.", - "title": "Name", - "type": "string" }, - "Parameters": { - "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", - "title": "Parameters", - "type": "object" + "VolumeSize": { + "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VolumeSize", + "type": "number" }, - "SerializationLibrary": { - "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", - "title": "SerializationLibrary", + "VolumeType": { + "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain, such as standard, gp2, or io1. For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", + "title": "VolumeType", "type": "string" } }, "type": "object" }, - "AWS::Glue::Table.SkewedInfo": { - "additionalProperties": false, - "properties": { - "SkewedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of names of columns that contain skewed values.", - "title": "SkewedColumnNames", - "type": "array" - }, - "SkewedColumnValueLocationMaps": { - "markdownDescription": "A mapping of skewed values to the columns that contain them.", - "title": "SkewedColumnValueLocationMaps", - "type": "object" - }, - "SkewedColumnValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", - "title": "SkewedColumnValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Glue::Table.StorageDescriptor": { + "AWS::Elasticsearch::Domain.ElasticsearchClusterConfig": { "additionalProperties": false, "properties": { - "BucketColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", - "title": "BucketColumns", - "type": "array" + "ColdStorageOptions": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ColdStorageOptions", + "markdownDescription": "Specifies cold storage options for the domain.", + "title": "ColdStorageOptions" }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Table.Column" - }, - "markdownDescription": "A list of the `Columns` in the table.", - "title": "Columns", - "type": "array" + "DedicatedMasterCount": { + "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify true for the DedicatedMasterEnabled property.", + "title": "DedicatedMasterCount", + "type": "number" }, - "Compressed": { - "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", - "title": "Compressed", + "DedicatedMasterEnabled": { + "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", + "title": "DedicatedMasterEnabled", "type": "boolean" }, - "InputFormat": { - "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", - "title": "InputFormat", - "type": "string" - }, - "Location": { - "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", - "title": "Location", + "DedicatedMasterType": { + "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.elasticsearch` . If you specify this property, you must specify true for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "DedicatedMasterType", "type": "string" }, - "NumberOfBuckets": { - "markdownDescription": "Must be specified if the table contains any dimension columns.", - "title": "NumberOfBuckets", + "InstanceCount": { + "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", + "title": "InstanceCount", "type": "number" }, - "OutputFormat": { - "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", - "title": "OutputFormat", + "InstanceType": { + "markdownDescription": "The instance type for your data nodes, such as `m3.medium.elasticsearch` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "InstanceType", "type": "string" }, - "Parameters": { - "markdownDescription": "The user-supplied properties in key-value form.", - "title": "Parameters", - "type": "object" - }, - "SchemaReference": { - "$ref": "#/definitions/AWS::Glue::Table.SchemaReference", - "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", - "title": "SchemaReference" + "WarmCount": { + "markdownDescription": "The number of warm nodes in the cluster. Required if you enable warm storage.", + "title": "WarmCount", + "type": "number" }, - "SerdeInfo": { - "$ref": "#/definitions/AWS::Glue::Table.SerdeInfo", - "markdownDescription": "The serialization/deserialization (SerDe) information.", - "title": "SerdeInfo" + "WarmEnabled": { + "markdownDescription": "Whether to enable warm storage for the cluster.", + "title": "WarmEnabled", + "type": "boolean" }, - "SkewedInfo": { - "$ref": "#/definitions/AWS::Glue::Table.SkewedInfo", - "markdownDescription": "The information about values that appear frequently in a column (skewed values).", - "title": "SkewedInfo" + "WarmType": { + "markdownDescription": "The instance type for the cluster's warm nodes. Required if you enable warm storage.", + "title": "WarmType", + "type": "string" }, - "SortColumns": { - "items": { - "$ref": "#/definitions/AWS::Glue::Table.Order" - }, - "markdownDescription": "A list specifying the sort order of each bucket in the table.", - "title": "SortColumns", - "type": "array" + "ZoneAwarenessConfig": { + "$ref": "#/definitions/AWS::Elasticsearch::Domain.ZoneAwarenessConfig", + "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", + "title": "ZoneAwarenessConfig" }, - "StoredAsSubDirectories": { - "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", - "title": "StoredAsSubDirectories", + "ZoneAwarenessEnabled": { + "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", + "title": "ZoneAwarenessEnabled", "type": "boolean" } }, "type": "object" }, - "AWS::Glue::Table.TableIdentifier": { + "AWS::Elasticsearch::Domain.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the Data Catalog in which the table resides.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the catalog database that contains the target table.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the target table.", - "title": "Name", - "type": "string" + "Enabled": { + "markdownDescription": "Specify `true` to enable encryption at rest.", + "title": "Enabled", + "type": "boolean" }, - "Region": { - "markdownDescription": "The Region of the table.", - "title": "Region", + "KmsKeyId": { + "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.", + "title": "KmsKeyId", "type": "string" } }, "type": "object" }, - "AWS::Glue::Table.TableInput": { + "AWS::Elasticsearch::Domain.LogPublishingOption": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the table.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The table name. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "Name", - "type": "string" - }, - "Owner": { - "markdownDescription": "The table owner. Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", - "title": "Owner", - "type": "string" - }, - "Parameters": { - "markdownDescription": "These key-value pairs define properties associated with the table.", - "title": "Parameters", - "type": "object" - }, - "PartitionKeys": { - "items": { - "$ref": "#/definitions/AWS::Glue::Table.Column" - }, - "markdownDescription": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n\nWhen you create a table used by Amazon Athena, and you do not specify any `partitionKeys` , you must at least set the value of `partitionKeys` to an empty list. For example:\n\n`\"PartitionKeys\": []`", - "title": "PartitionKeys", - "type": "array" - }, - "Retention": { - "markdownDescription": "The retention time for this table.", - "title": "Retention", - "type": "number" - }, - "StorageDescriptor": { - "$ref": "#/definitions/AWS::Glue::Table.StorageDescriptor", - "markdownDescription": "A storage descriptor containing information about the physical storage of this table.", - "title": "StorageDescriptor" - }, - "TableType": { - "markdownDescription": "The type of this table. AWS Glue will create tables with the `EXTERNAL_TABLE` type. Other services, such as Athena, may create tables with additional table types.\n\nAWS Glue related table types:\n\n- **EXTERNAL_TABLE** - Hive compatible attribute - indicates a non-Hive managed table.\n- **GOVERNED** - Used by AWS Lake Formation . The AWS Glue Data Catalog understands `GOVERNED` .", - "title": "TableType", - "type": "string" - }, - "TargetTable": { - "$ref": "#/definitions/AWS::Glue::Table.TableIdentifier", - "markdownDescription": "A `TableIdentifier` structure that describes a target table for resource linking.", - "title": "TargetTable" - }, - "ViewExpandedText": { - "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", - "title": "ViewExpandedText", + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing for the domain.", + "title": "CloudWatchLogsLogGroupArn", "type": "string" }, - "ViewOriginalText": { - "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations. If the table is a `VIRTUAL_VIEW` , certain Athena configuration encoded in base64.", - "title": "ViewOriginalText", - "type": "string" + "Enabled": { + "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::Glue::TableOptimizer": { + "AWS::Elasticsearch::Domain.MasterUserOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MasterUserARN": { + "markdownDescription": "ARN for the master user. Only specify if `InternalUserDatabaseEnabled` is false in `AdvancedSecurityOptions` .", + "title": "MasterUserARN", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The catalog ID of the table.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", - "title": "DatabaseName", - "type": "string" - }, - "TableName": { - "markdownDescription": "The table name. For Hive compatibility, this must be entirely lowercase.", - "title": "TableName", - "type": "string" - }, - "TableOptimizerConfiguration": { - "$ref": "#/definitions/AWS::Glue::TableOptimizer.TableOptimizerConfiguration", - "markdownDescription": "Specifies configuration details of a table optimizer.", - "title": "TableOptimizerConfiguration" - }, - "Type": { - "markdownDescription": "The type of table optimizer. The valid values are:\n\n- compaction - for managing compaction with a table optimizer.\n- retention - for managing the retention of snapshot with a table optimizer.\n- orphan_file_deletion - for managing the deletion of orphan files with a table optimizer.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "CatalogId", - "DatabaseName", - "TableName", - "TableOptimizerConfiguration", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Glue::TableOptimizer" - ], + "MasterUserName": { + "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", + "title": "MasterUserName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MasterUserPassword": { + "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", + "title": "MasterUserPassword", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Glue::TableOptimizer.TableOptimizerConfiguration": { + "AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions": { "additionalProperties": false, "properties": { "Enabled": { - "markdownDescription": "Whether the table optimization is enabled.", + "markdownDescription": "Specifies whether node-to-node encryption is enabled, as a Boolean.", "title": "Enabled", "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.SnapshotOptions": { + "additionalProperties": false, + "properties": { + "AutomatedSnapshotStartHour": { + "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indices in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", + "title": "AutomatedSnapshotStartHour", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Elasticsearch::Domain.VPCOptions": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", + "type": "array" }, - "RoleArn": { - "markdownDescription": "A role passed by the caller which gives the service permission to update the resources associated with the optimizer on the caller's behalf.", - "title": "RoleArn", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nRequired if you're creating your domain inside a VPC.", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "Enabled", - "RoleArn" - ], "type": "object" }, - "AWS::Glue::Trigger": { + "AWS::Elasticsearch::Domain.ZoneAwarenessConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZoneCount": { + "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", + "title": "AvailabilityZoneCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow": { "additionalProperties": false, "properties": { "Condition": { @@ -108236,69 +117473,62 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::Glue::Trigger.Action" - }, - "markdownDescription": "The actions initiated by this trigger.", - "title": "Actions", - "type": "array" - }, "Description": { - "markdownDescription": "A description of this trigger.", + "markdownDescription": "A description of the workflow.", "title": "Description", "type": "string" }, - "EventBatchingCondition": { - "$ref": "#/definitions/AWS::Glue::Trigger.EventBatchingCondition", - "markdownDescription": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires.", - "title": "EventBatchingCondition" + "IdMappingTechniques": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques", + "markdownDescription": "An object which defines the ID mapping technique and any additional configurations.", + "title": "IdMappingTechniques" }, - "Name": { - "markdownDescription": "The name of the trigger.", - "title": "Name", - "type": "string" + "InputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource" + }, + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" }, - "Predicate": { - "$ref": "#/definitions/AWS::Glue::Trigger.Predicate", - "markdownDescription": "The predicate of this trigger, which defines when it will fire.", - "title": "Predicate" + "OutputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource" + }, + "markdownDescription": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` .", + "title": "OutputSourceConfig", + "type": "array" }, - "Schedule": { - "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) in the *AWS Glue Developer Guide* . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", - "title": "Schedule", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", + "title": "RoleArn", "type": "string" }, - "StartOnCreation": { - "markdownDescription": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.", - "title": "StartOnCreation", - "type": "boolean" - }, "Tags": { - "markdownDescription": "The tags to use with this trigger.", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "The type of trigger that this is.", - "title": "Type", - "type": "string" + "type": "array" }, "WorkflowName": { - "markdownDescription": "The name of the workflow associated with the trigger.", + "markdownDescription": "The name of the workflow. There can't be multiple `IdMappingWorkflows` with the same name.", "title": "WorkflowName", "type": "string" } }, "required": [ - "Actions", - "Type" + "IdMappingTechniques", + "InputSourceConfig", + "RoleArn", + "WorkflowName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Trigger" + "AWS::EntityResolution::IdMappingWorkflow" ], "type": "string" }, @@ -108317,123 +117547,171 @@ ], "type": "object" }, - "AWS::Glue::Trigger.Action": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingRuleBasedProperties": { "additionalProperties": false, "properties": { - "Arguments": { - "markdownDescription": "The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the developer guide.", - "title": "Arguments", - "type": "object" - }, - "CrawlerName": { - "markdownDescription": "The name of the crawler to be used with this action.", - "title": "CrawlerName", + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of the `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", "type": "string" }, - "JobName": { - "markdownDescription": "The name of a job to be executed.", - "title": "JobName", + "RecordMatchingModel": { + "markdownDescription": "The type of matching record that is allowed to be used in an ID mapping workflow.\n\nIf the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source can be matched to the same record in the target.\n\nIf the value is set to `MANY_SOURCE_TO_ONE_TARGET` , multiple records in the source can be matched to one record in the target.", + "title": "RecordMatchingModel", "type": "string" }, - "NotificationProperty": { - "$ref": "#/definitions/AWS::Glue::Trigger.NotificationProperty", - "markdownDescription": "Specifies configuration properties of a job run notification.", - "title": "NotificationProperty" - }, - "SecurityConfiguration": { - "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this action.", - "title": "SecurityConfiguration", + "RuleDefinitionType": { + "markdownDescription": "The set of rules you can use in an ID mapping workflow. The limitations specified for the source or target to define the match rules must be compatible.", + "title": "RuleDefinitionType", "type": "string" }, - "Timeout": { - "markdownDescription": "The `JobRun` timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.", - "title": "Timeout", - "type": "number" + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.Rule" + }, + "markdownDescription": "The rules that can be used for ID mapping.", + "title": "Rules", + "type": "array" } }, + "required": [ + "AttributeMatchingModel", + "RecordMatchingModel" + ], "type": "object" }, - "AWS::Glue::Trigger.Condition": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques": { "additionalProperties": false, "properties": { - "CrawlState": { - "markdownDescription": "The state of the crawler to which this condition applies.", - "title": "CrawlState", + "IdMappingType": { + "markdownDescription": "The type of ID mapping.", + "title": "IdMappingType", "type": "string" }, - "CrawlerName": { - "markdownDescription": "The name of the crawler to which this condition applies.", - "title": "CrawlerName", - "type": "string" + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.ProviderProperties", + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "title": "ProviderProperties" }, - "JobName": { - "markdownDescription": "The name of the job whose `JobRuns` this condition applies to, and on which this trigger waits.", - "title": "JobName", + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingRuleBasedProperties", + "markdownDescription": "An object which defines any additional configurations required by rule-based matching.", + "title": "RuleBasedProperties" + } + }, + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource": { + "additionalProperties": false, + "properties": { + "InputSourceARN": { + "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", + "title": "InputSourceARN", "type": "string" }, - "LogicalOperator": { - "markdownDescription": "A logical operator.", - "title": "LogicalOperator", + "SchemaArn": { + "markdownDescription": "The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` .", + "title": "SchemaArn", "type": "string" }, - "State": { - "markdownDescription": "The condition state. Currently, the values supported are `SUCCEEDED` , `STOPPED` , `TIMEOUT` , and `FAILED` .", - "title": "State", + "Type": { + "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", + "title": "Type", "type": "string" } }, + "required": [ + "InputSourceARN" + ], "type": "object" }, - "AWS::Glue::Trigger.EventBatchingCondition": { + "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires.", - "title": "BatchSize", - "type": "number" + "KMSArn": { + "markdownDescription": "Customer AWS KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", + "title": "KMSArn", + "type": "string" }, - "BatchWindow": { - "markdownDescription": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received.", - "title": "BatchWindow", - "type": "number" + "OutputS3Path": { + "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", + "title": "OutputS3Path", + "type": "string" } }, "required": [ - "BatchSize" + "OutputS3Path" ], "type": "object" }, - "AWS::Glue::Trigger.NotificationProperty": { + "AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration": { "additionalProperties": false, "properties": { - "NotifyDelayAfter": { - "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification", - "title": "NotifyDelayAfter", - "type": "number" + "IntermediateS3Path": { + "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", + "title": "IntermediateS3Path", + "type": "string" } }, + "required": [ + "IntermediateS3Path" + ], "type": "object" }, - "AWS::Glue::Trigger.Predicate": { + "AWS::EntityResolution::IdMappingWorkflow.ProviderProperties": { "additionalProperties": false, "properties": { - "Conditions": { + "IntermediateSourceConfiguration": { + "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration", + "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", + "title": "IntermediateSourceConfiguration" + }, + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "The required configuration fields to use with the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ProviderConfiguration", + "type": "object" + }, + "ProviderServiceArn": { + "markdownDescription": "The ARN of the provider service.", + "title": "ProviderServiceArn", + "type": "string" + } + }, + "required": [ + "ProviderServiceArn" + ], + "type": "object" + }, + "AWS::EntityResolution::IdMappingWorkflow.Rule": { + "additionalProperties": false, + "properties": { + "MatchingKeys": { "items": { - "$ref": "#/definitions/AWS::Glue::Trigger.Condition" + "type": "string" }, - "markdownDescription": "A list of the conditions that determine when the trigger will fire.", - "title": "Conditions", + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", "type": "array" }, - "Logical": { - "markdownDescription": "An optional field if only one condition is listed. If multiple conditions are listed, then this field is required.", - "title": "Logical", + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", "type": "string" } }, + "required": [ + "MatchingKeys", + "RuleName" + ], "type": "object" }, - "AWS::Glue::Workflow": { + "AWS::EntityResolution::IdNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -108468,37 +117746,60 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultRunProperties": { - "markdownDescription": "A collection of properties to be used as part of each execution of the workflow", - "title": "DefaultRunProperties", - "type": "object" - }, "Description": { - "markdownDescription": "A description of the workflow", + "markdownDescription": "The description of the ID namespace.", "title": "Description", "type": "string" }, - "MaxConcurrentRuns": { - "markdownDescription": "You can use this parameter to prevent unwanted multiple updates to data, to control costs, or in some cases, to prevent exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.", - "title": "MaxConcurrentRuns", - "type": "number" + "IdMappingWorkflowProperties": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties" + }, + "markdownDescription": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` .", + "title": "IdMappingWorkflowProperties", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the workflow representing the flow", - "title": "Name", + "IdNamespaceName": { + "markdownDescription": "The name of the ID namespace.", + "title": "IdNamespaceName", + "type": "string" + }, + "InputSourceConfig": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceInputSource" + }, + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run.", + "title": "RoleArn", "type": "string" }, "Tags": { - "markdownDescription": "The tags to use with this workflow.", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", - "type": "object" + "type": "array" + }, + "Type": { + "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to.", + "title": "Type", + "type": "string" } }, + "required": [ + "IdNamespaceName", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Glue::Workflow" + "AWS::EntityResolution::IdNamespace" ], "type": "string" }, @@ -108512,11 +117813,138 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Grafana::Workspace": { + "AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties": { + "additionalProperties": false, + "properties": { + "IdMappingType": { + "markdownDescription": "The type of ID mapping.", + "title": "IdMappingType", + "type": "string" + }, + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceProviderProperties", + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "title": "ProviderProperties" + }, + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceRuleBasedProperties", + "markdownDescription": "An object which defines any additional configurations required by rule-based matching.", + "title": "RuleBasedProperties" + } + }, + "required": [ + "IdMappingType" + ], + "type": "object" + }, + "AWS::EntityResolution::IdNamespace.IdNamespaceInputSource": { + "additionalProperties": false, + "properties": { + "InputSourceARN": { + "markdownDescription": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table.", + "title": "InputSourceARN", + "type": "string" + }, + "SchemaName": { + "markdownDescription": "The name of the schema.", + "title": "SchemaName", + "type": "string" + } + }, + "required": [ + "InputSourceARN" + ], + "type": "object" + }, + "AWS::EntityResolution::IdNamespace.NamespaceProviderProperties": { + "additionalProperties": false, + "properties": { + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "An object which defines any additional configurations required by the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ProviderConfiguration", + "type": "object" + }, + "ProviderServiceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the provider service.", + "title": "ProviderServiceArn", + "type": "string" + } + }, + "required": [ + "ProviderServiceArn" + ], + "type": "object" + }, + "AWS::EntityResolution::IdNamespace.NamespaceRuleBasedProperties": { + "additionalProperties": false, + "properties": { + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", + "type": "string" + }, + "RecordMatchingModels": { + "items": { + "type": "string" + }, + "markdownDescription": "The type of matching record that is allowed to be used in an ID mapping workflow.\n\nIf the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source is matched to one record in the target.\n\nIf the value is set to `MANY_SOURCE_TO_ONE_TARGET` , all matching records in the source are matched to one record in the target.", + "title": "RecordMatchingModels", + "type": "array" + }, + "RuleDefinitionTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The sets of rules you can use in an ID mapping workflow. The limitations specified for the source and target must be compatible.", + "title": "RuleDefinitionTypes", + "type": "array" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.Rule" + }, + "markdownDescription": "The rules for the ID namespace.", + "title": "Rules", + "type": "array" + } + }, + "type": "object" + }, + "AWS::EntityResolution::IdNamespace.Rule": { + "additionalProperties": false, + "properties": { + "MatchingKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", + "type": "array" + }, + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", + "type": "string" + } + }, + "required": [ + "MatchingKeys", + "RuleName" + ], + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow": { "additionalProperties": false, "properties": { "Condition": { @@ -108551,114 +117979,68 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAccessType": { - "markdownDescription": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access.", - "title": "AccountAccessType", - "type": "string" - }, - "AuthenticationProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies whether this workspace uses SAML 2.0, AWS IAM Identity Center , or both to authenticate users for using the Grafana console within a workspace. For more information, see [User authentication in Amazon Managed Grafana](https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html) .\n\n*Allowed Values* : `AWS_SSO | SAML`", - "title": "AuthenticationProviders", - "type": "array" - }, - "ClientToken": { - "markdownDescription": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.", - "title": "ClientToken", - "type": "string" - }, - "DataSources": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.\n\nThis list is only used when the workspace was created through the AWS console, and the `permissionType` is `SERVICE_MANAGED` .", - "title": "DataSources", - "type": "array" - }, "Description": { - "markdownDescription": "The user-defined description of the workspace.", + "markdownDescription": "A description of the workflow.", "title": "Description", "type": "string" }, - "GrafanaVersion": { - "markdownDescription": "Specifies the version of Grafana to support in the workspace. Defaults to the latest version on create (for example, 9.4), or the current version of the workspace on update.\n\nCan only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).\n\nTo know what versions are available to upgrade to for a specific workspace, see the [ListVersions](https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListVersions.html) operation.", - "title": "GrafanaVersion", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the workspace.", - "title": "Name", - "type": "string" - }, - "NetworkAccessControl": { - "$ref": "#/definitions/AWS::Grafana::Workspace.NetworkAccessControl", - "markdownDescription": "The configuration settings for network access to your workspace.", - "title": "NetworkAccessControl" + "IncrementalRunConfig": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IncrementalRunConfig", + "markdownDescription": "Optional. An object that defines the incremental run type. This object contains only the `incrementalRunType` field, which appears as \"Automatic\" in the console.\n\n> For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported.", + "title": "IncrementalRunConfig" }, - "NotificationDestinations": { + "InputSourceConfig": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.InputSource" }, - "markdownDescription": "The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.\n\n*AllowedValues* : `SNS`", - "title": "NotificationDestinations", + "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", + "title": "InputSourceConfig", "type": "array" }, - "OrganizationRoleName": { - "markdownDescription": "The name of the IAM role that is used to access resources through Organizations.", - "title": "OrganizationRoleName", - "type": "string" - }, - "OrganizationalUnits": { + "OutputSourceConfig": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputSource" }, - "markdownDescription": "Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.", - "title": "OrganizationalUnits", + "markdownDescription": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` .", + "title": "OutputSourceConfig", "type": "array" }, - "PermissionType": { - "markdownDescription": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)", - "title": "PermissionType", - "type": "string" - }, - "PluginAdminEnabled": { - "markdownDescription": "Whether plugin administration is enabled in the workspace. Setting to `true` allows workspace admins to install, uninstall, and update plugins from within the Grafana workspace.\n\n> This option is only valid for workspaces that support Grafana version 9 or newer.", - "title": "PluginAdminEnabled", - "type": "boolean" + "ResolutionTechniques": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques", + "markdownDescription": "An object which defines the `resolutionType` and the `ruleBasedProperties` .", + "title": "ResolutionTechniques" }, "RoleArn": { - "markdownDescription": "The IAM role that grants permissions to the AWS resources that the workspace will view data from. This role must already exist.", + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", "title": "RoleArn", "type": "string" }, - "SamlConfiguration": { - "$ref": "#/definitions/AWS::Grafana::Workspace.SamlConfiguration", - "markdownDescription": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace.", - "title": "SamlConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" }, - "StackSetName": { - "markdownDescription": "The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.", - "title": "StackSetName", + "WorkflowName": { + "markdownDescription": "The name of the workflow. There can't be multiple `MatchingWorkflows` with the same name.", + "title": "WorkflowName", "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Grafana::Workspace.VpcConfiguration", - "markdownDescription": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n> Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2).", - "title": "VpcConfiguration" } }, "required": [ - "AccountAccessType", - "AuthenticationProviders", - "PermissionType" + "InputSourceConfig", + "OutputSourceConfig", + "ResolutionTechniques", + "RoleArn", + "WorkflowName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Grafana::Workspace" + "AWS::EntityResolution::MatchingWorkflow" ], "type": "string" }, @@ -108677,166 +118059,214 @@ ], "type": "object" }, - "AWS::Grafana::Workspace.AssertionAttributes": { + "AWS::EntityResolution::MatchingWorkflow.IncrementalRunConfig": { "additionalProperties": false, "properties": { - "Email": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the email names for SAML users.", - "title": "Email", - "type": "string" - }, - "Groups": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for user groups.", - "title": "Groups", - "type": "string" - }, - "Login": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the login names for SAML users.", - "title": "Login", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for SAML users.", - "title": "Name", + "IncrementalRunType": { + "markdownDescription": "The type of incremental run. The only valid value is `IMMEDIATE` . This appears as \"Automatic\" in the console.\n\n> For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported.", + "title": "IncrementalRunType", "type": "string" + } + }, + "required": [ + "IncrementalRunType" + ], + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.InputSource": { + "additionalProperties": false, + "properties": { + "ApplyNormalization": { + "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", + "title": "ApplyNormalization", + "type": "boolean" }, - "Org": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for the users' organizations.", - "title": "Org", + "InputSourceARN": { + "markdownDescription": "An object containing `InputSourceARN` , `SchemaName` , and `ApplyNormalization` .", + "title": "InputSourceARN", "type": "string" }, - "Role": { - "markdownDescription": "The name of the attribute within the SAML assertion to use as the user roles.", - "title": "Role", + "SchemaArn": { + "markdownDescription": "The name of the schema.", + "title": "SchemaArn", "type": "string" } }, + "required": [ + "InputSourceARN", + "SchemaArn" + ], "type": "object" }, - "AWS::Grafana::Workspace.IdpMetadata": { + "AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration": { "additionalProperties": false, "properties": { - "Url": { - "markdownDescription": "The URL of the location containing the IdP metadata.", - "title": "Url", + "IntermediateS3Path": { + "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", + "title": "IntermediateS3Path", "type": "string" + } + }, + "required": [ + "IntermediateS3Path" + ], + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.OutputAttribute": { + "additionalProperties": false, + "properties": { + "Hashed": { + "markdownDescription": "Enables the ability to hash the column values in the output.", + "title": "Hashed", + "type": "boolean" }, - "Xml": { - "markdownDescription": "The full IdP metadata, in XML format.", - "title": "Xml", + "Name": { + "markdownDescription": "A name of a column to be written to the output. This must be an `InputField` name in the schema mapping.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::Grafana::Workspace.NetworkAccessControl": { + "AWS::EntityResolution::MatchingWorkflow.OutputSource": { "additionalProperties": false, "properties": { - "PrefixListIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration (passed an empty array) then no IP addresses are allowed to access the workspace. You create a prefix list using the Amazon VPC console.\n\nPrefix list IDs have the format `pl- *1a2b3c4d*` .\n\nFor more information about prefix lists, see [Group CIDR blocks using managed prefix lists](https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html) in the *Amazon Virtual Private Cloud User Guide* .", - "title": "PrefixListIds", - "type": "array" + "ApplyNormalization": { + "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", + "title": "ApplyNormalization", + "type": "boolean" }, - "VpceIds": { + "KMSArn": { + "markdownDescription": "Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", + "title": "KMSArn", + "type": "string" + }, + "Output": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputAttribute" }, - "markdownDescription": "An array of Amazon VPC endpoint IDs for the workspace. You can create VPC endpoints to your Amazon Managed Grafana workspace for access from within a VPC. If a `NetworkAccessConfiguration` is specified then only VPC endpoints specified here are allowed to access the workspace. If you pass in an empty array of strings, then no VPCs are allowed to access the workspace.\n\nVPC endpoint IDs have the format `vpce- *1a2b3c4d*` .\n\nFor more information about creating an interface VPC endpoint, see [Interface VPC endpoints](https://docs.aws.amazon.com/grafana/latest/userguide/VPC-endpoints) in the *Amazon Managed Grafana User Guide* .\n\n> The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the `com.amazonaws.[region].grafana-workspace` service endpoint). Other VPC endpoints are ignored.", - "title": "VpceIds", + "markdownDescription": "A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed.", + "title": "Output", "type": "array" + }, + "OutputS3Path": { + "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", + "title": "OutputS3Path", + "type": "string" } }, + "required": [ + "Output", + "OutputS3Path" + ], "type": "object" }, - "AWS::Grafana::Workspace.RoleValues": { + "AWS::EntityResolution::MatchingWorkflow.ProviderProperties": { "additionalProperties": false, "properties": { - "Admin": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Admin` role to.", - "title": "Admin", - "type": "array" + "IntermediateSourceConfiguration": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration", + "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", + "title": "IntermediateSourceConfiguration" }, - "Editor": { - "items": { - "type": "string" + "ProviderConfiguration": { + "additionalProperties": true, + "markdownDescription": "The required configuration fields to use with the provider service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Editor` role to.", - "title": "Editor", - "type": "array" + "title": "ProviderConfiguration", + "type": "object" + }, + "ProviderServiceArn": { + "markdownDescription": "The ARN of the provider service.", + "title": "ProviderServiceArn", + "type": "string" } }, + "required": [ + "ProviderServiceArn" + ], "type": "object" }, - "AWS::Grafana::Workspace.SamlConfiguration": { + "AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques": { "additionalProperties": false, "properties": { - "AllowedOrganizations": { + "ProviderProperties": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ProviderProperties", + "markdownDescription": "The properties of the provider service.", + "title": "ProviderProperties" + }, + "ResolutionType": { + "markdownDescription": "The type of matching. There are three types of matching: `RULE_MATCHING` , `ML_MATCHING` , and `PROVIDER` .", + "title": "ResolutionType", + "type": "string" + }, + "RuleBasedProperties": { + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties", + "markdownDescription": "An object which defines the list of matching rules to run and has a field `Rules` , which is a list of rule objects.", + "title": "RuleBasedProperties" + } + }, + "type": "object" + }, + "AWS::EntityResolution::MatchingWorkflow.Rule": { + "additionalProperties": false, + "properties": { + "MatchingKeys": { "items": { "type": "string" }, - "markdownDescription": "Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access.", - "title": "AllowedOrganizations", + "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", + "title": "MatchingKeys", "type": "array" }, - "AssertionAttributes": { - "$ref": "#/definitions/AWS::Grafana::Workspace.AssertionAttributes", - "markdownDescription": "A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace.", - "title": "AssertionAttributes" - }, - "IdpMetadata": { - "$ref": "#/definitions/AWS::Grafana::Workspace.IdpMetadata", - "markdownDescription": "A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace.", - "title": "IdpMetadata" - }, - "LoginValidityDuration": { - "markdownDescription": "How long a sign-on session by a SAML user is valid, before the user has to sign on again.", - "title": "LoginValidityDuration", - "type": "number" - }, - "RoleValues": { - "$ref": "#/definitions/AWS::Grafana::Workspace.RoleValues", - "markdownDescription": "A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace.", - "title": "RoleValues" + "RuleName": { + "markdownDescription": "A name for the matching rule.", + "title": "RuleName", + "type": "string" } }, "required": [ - "IdpMetadata" + "MatchingKeys", + "RuleName" ], "type": "object" }, - "AWS::Grafana::Workspace.VpcConfiguration": { + "AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 1 items. Maximum number of 5 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", - "title": "SecurityGroupIds", - "type": "array" + "AttributeMatchingModel": { + "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B.", + "title": "AttributeMatchingModel", + "type": "string" }, - "SubnetIds": { + "MatchPurpose": { + "markdownDescription": "An indicator of whether to generate IDs and index the data or not.\n\nIf you choose `IDENTIFIER_GENERATION` , the process generates IDs and indexes the data.\n\nIf you choose `INDEXING` , the process indexes the data without generating IDs.", + "title": "MatchPurpose", + "type": "string" + }, + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.Rule" }, - "markdownDescription": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 2 items. Maximum number of 6 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", - "title": "SubnetIds", + "markdownDescription": "A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` .", + "title": "Rules", "type": "array" } }, "required": [ - "SecurityGroupIds", - "SubnetIds" + "AttributeMatchingModel", + "Rules" ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinition": { + "AWS::EntityResolution::PolicyStatement": { "additionalProperties": false, "properties": { "Condition": { @@ -108871,30 +118301,52 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion", - "markdownDescription": "The connector definition version to include when the connector definition is created. A connector definition version contains a list of [`connector`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html) property types.\n\n> To associate a connector definition version after the connector definition is created, create an [`AWS::Greengrass::ConnectorDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-connectordefinitionversion.html) resource and specify the ID of this connector definition.", - "title": "InitialVersion" + "Action": { + "items": { + "type": "string" + }, + "markdownDescription": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .", + "title": "Action", + "type": "array" }, - "Name": { - "markdownDescription": "The name of the connector definition.", - "title": "Name", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.", + "title": "Arn", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the connector definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" + "Condition": { + "markdownDescription": "A set of condition keys that you can use in key policies.", + "title": "Condition", + "type": "string" + }, + "Effect": { + "markdownDescription": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n> If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.", + "title": "Effect", + "type": "string" + }, + "Principal": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS service or AWS account that can access the resource defined as ARN.", + "title": "Principal", + "type": "array" + }, + "StatementId": { + "markdownDescription": "A statement identifier that differentiates the statement from others in the same policy.", + "title": "StatementId", + "type": "string" } }, "required": [ - "Name" + "Arn", + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ConnectorDefinition" + "AWS::EntityResolution::PolicyStatement" ], "type": "string" }, @@ -108913,49 +118365,7 @@ ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinition.Connector": { - "additionalProperties": false, - "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "ConnectorArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters or configuration used by the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "Parameters", - "type": "object" - } - }, - "required": [ - "ConnectorArn", - "Id" - ], - "type": "object" - }, - "AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Connectors": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.Connector" - }, - "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to a connector definition version at a time.", - "title": "Connectors", - "type": "array" - } - }, - "required": [ - "Connectors" - ], - "type": "object" - }, - "AWS::Greengrass::ConnectorDefinitionVersion": { + "AWS::EntityResolution::SchemaMapping": { "additionalProperties": false, "properties": { "Condition": { @@ -108990,29 +118400,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectorDefinitionId": { - "markdownDescription": "The ID of the connector definition associated with this version. This value is a GUID.", - "title": "ConnectorDefinitionId", + "Description": { + "markdownDescription": "A description of the schema.", + "title": "Description", "type": "string" }, - "Connectors": { + "MappedInputFields": { "items": { - "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinitionVersion.Connector" + "$ref": "#/definitions/AWS::EntityResolution::SchemaMapping.SchemaInputAttribute" }, - "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to the connector definition version at a time.", - "title": "Connectors", + "markdownDescription": "A list of `MappedInputFields` . Each `MappedInputField` corresponds to a column the source data table, and contains column name plus additional information that AWS Entity Resolution uses for matching.", + "title": "MappedInputFields", + "type": "array" + }, + "SchemaName": { + "markdownDescription": "The name of the schema. There can't be multiple `SchemaMappings` with the same name.", + "title": "SchemaName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", "type": "array" } }, "required": [ - "ConnectorDefinitionId", - "Connectors" + "MappedInputFields", + "SchemaName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ConnectorDefinitionVersion" + "AWS::EntityResolution::SchemaMapping" ], "type": "string" }, @@ -109031,32 +118454,47 @@ ], "type": "object" }, - "AWS::Greengrass::ConnectorDefinitionVersion.Connector": { + "AWS::EntityResolution::SchemaMapping.SchemaInputAttribute": { "additionalProperties": false, "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "ConnectorArn", + "FieldName": { + "markdownDescription": "A string containing the field name.", + "title": "FieldName", "type": "string" }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "GroupName": { + "markdownDescription": "A string that instructs AWS Entity Resolution to combine several columns into a unified column with the identical attribute type.\n\nFor example, when working with columns such as `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , assigning them a common `groupName` will prompt AWS Entity Resolution to concatenate them into a single value.", + "title": "GroupName", "type": "string" }, - "Parameters": { - "markdownDescription": "The parameters or configuration that the connector uses.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", - "title": "Parameters", - "type": "object" + "Hashed": { + "markdownDescription": "Indicates if the column values are hashed in the schema input.\n\nIf the value is set to `TRUE` , the column values are hashed.\n\nIf the value is set to `FALSE` , the column values are cleartext.", + "title": "Hashed", + "type": "boolean" + }, + "MatchKey": { + "markdownDescription": "A key that allows grouping of multiple input attributes into a unified matching group.\n\nFor example, consider a scenario where the source table contains various addresses, such as `business_address` and `shipping_address` . By assigning a `matchKey` called `address` to both attributes, AWS Entity Resolution will match records across these fields to create a consolidated matching group.\n\nIf no `matchKey` is specified for a column, it won't be utilized for matching purposes but will still be included in the output table.", + "title": "MatchKey", + "type": "string" + }, + "SubType": { + "markdownDescription": "The subtype of the attribute, selected from a list of values.", + "title": "SubType", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the attribute, selected from a list of values.\n\nLiveRamp supports: `NAME` | `NAME_FIRST` | `NAME_MIDDLE` | `NAME_LAST` | `ADDRESS` | `ADDRESS_STREET1` | `ADDRESS_STREET2` | `ADDRESS_STREET3` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `PROVIDER_ID`\n\nTransUnion supports: `NAME` | `NAME_FIRST` | `NAME_LAST` | `ADDRESS` | `ADDRESS_CITY` | `ADDRESS_STATE` | `ADDRESS_COUNTRY` | `ADDRESS_POSTALCODE` | `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID` | `IPV4` | `IPV6` | `MAID`\n\nUnified ID 2.0 supports: `PHONE_NUMBER` | `EMAIL_ADDRESS` | `UNIQUE_ID`\n\n> Normalization is only supported for `NAME` , `ADDRESS` , `PHONE` , and `EMAIL_ADDRESS` .\n> \n> If you want to normalize `NAME_FIRST` , `NAME_MIDDLE` , and `NAME_LAST` , you must group them by assigning them to the `NAME` `groupName` .\n> \n> If you want to normalize `ADDRESS_STREET1` , `ADDRESS_STREET2` , `ADDRESS_STREET3` , `ADDRESS_CITY` , `ADDRESS_STATE` , `ADDRESS_COUNTRY` , and `ADDRESS_POSTALCODE` , you must group them by assigning them to the `ADDRESS` `groupName` .\n> \n> If you want to normalize `PHONE_NUMBER` and `PHONE_COUNTRYCODE` , you must group them by assigning them to the `PHONE` `groupName` .", + "title": "Type", + "type": "string" } }, "required": [ - "ConnectorArn", - "Id" + "FieldName", + "Type" ], "type": "object" }, - "AWS::Greengrass::CoreDefinition": { + "AWS::EventSchemas::Discoverer": { "additionalProperties": false, "properties": { "Condition": { @@ -109091,30 +118529,38 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.CoreDefinitionVersion", - "markdownDescription": "The core definition version to include when the core definition is created. Currently, a core definition version can contain only one [`core`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-coredefinition-core.html) .\n\n> To associate a core definition version after the core definition is created, create an [`AWS::Greengrass::CoreDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-coredefinitionversion.html) resource and specify the ID of this core definition.", - "title": "InitialVersion" + "CrossAccount": { + "markdownDescription": "Allows for the discovery of the event schemas that are sent to the event bus from another account.", + "title": "CrossAccount", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the core definition.", - "title": "Name", + "Description": { + "markdownDescription": "A description for the discoverer.", + "title": "Description", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN of the event bus.", + "title": "SourceArn", "type": "string" }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the core definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/AWS::EventSchemas::Discoverer.TagsEntry" + }, + "markdownDescription": "Tags associated with the resource.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "SourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::CoreDefinition" + "AWS::EventSchemas::Discoverer" ], "type": "string" }, @@ -109133,55 +118579,27 @@ ], "type": "object" }, - "AWS::Greengrass::CoreDefinition.Core": { + "AWS::EventSchemas::Discoverer.TagsEntry": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", "type": "string" }, - "SyncShadow": { - "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The ARN of the core, which is an AWS IoT device (thing).", - "title": "ThingArn", + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", "type": "string" } }, "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], - "type": "object" - }, - "AWS::Greengrass::CoreDefinition.CoreDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Cores": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.Core" - }, - "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", - "title": "Cores", - "type": "array" - } - }, - "required": [ - "Cores" + "Key", + "Value" ], "type": "object" }, - "AWS::Greengrass::CoreDefinitionVersion": { + "AWS::EventSchemas::Registry": { "additionalProperties": false, "properties": { "Condition": { @@ -109216,29 +118634,30 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreDefinitionId": { - "markdownDescription": "The ID of the core definition associated with this version. This value is a GUID.", - "title": "CoreDefinitionId", + "Description": { + "markdownDescription": "A description of the registry to be created.", + "title": "Description", "type": "string" }, - "Cores": { + "RegistryName": { + "markdownDescription": "The name of the schema registry.", + "title": "RegistryName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Greengrass::CoreDefinitionVersion.Core" + "$ref": "#/definitions/AWS::EventSchemas::Registry.TagsEntry" }, - "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", - "title": "Cores", + "markdownDescription": "Tags to associate with the registry.", + "title": "Tags", "type": "array" } }, - "required": [ - "CoreDefinitionId", - "Cores" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::CoreDefinitionVersion" + "AWS::EventSchemas::Registry" ], "type": "string" }, @@ -109252,43 +118671,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Greengrass::CoreDefinitionVersion.Core": { + "AWS::EventSchemas::Registry.TagsEntry": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", "type": "string" }, - "SyncShadow": { - "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the core, which is an AWS IoT device (thing).", - "title": "ThingArn", + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", "type": "string" } }, "required": [ - "CertificateArn", - "Id", - "ThingArn" + "Key", + "Value" ], "type": "object" }, - "AWS::Greengrass::DeviceDefinition": { + "AWS::EventSchemas::RegistryPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -109323,30 +118730,31 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion", - "markdownDescription": "The device definition version to include when the device definition is created. A device definition version contains a list of [`device`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-devicedefinition-device.html) property types.\n\n> To associate a device definition version after the device definition is created, create an [`AWS::Greengrass::DeviceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-devicedefinitionversion.html) resource and specify the ID of this device definition.", - "title": "InitialVersion" + "Policy": { + "markdownDescription": "A resource-based policy.", + "title": "Policy", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the device definition.", - "title": "Name", + "RegistryName": { + "markdownDescription": "The name of the registry.", + "title": "RegistryName", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the device definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" + "RevisionId": { + "markdownDescription": "The revision ID of the policy.", + "title": "RevisionId", + "type": "string" } }, "required": [ - "Name" + "Policy", + "RegistryName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::DeviceDefinition" + "AWS::EventSchemas::RegistryPolicy" ], "type": "string" }, @@ -109365,55 +118773,7 @@ ], "type": "object" }, - "AWS::Greengrass::DeviceDefinition.Device": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "SyncShadow": { - "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The ARN of the device, which is an AWS IoT device (thing).", - "title": "ThingArn", - "type": "string" - } - }, - "required": [ - "CertificateArn", - "Id", - "ThingArn" - ], - "type": "object" - }, - "AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion": { - "additionalProperties": false, - "properties": { - "Devices": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.Device" - }, - "markdownDescription": "The devices in this version.", - "title": "Devices", - "type": "array" - } - }, - "required": [ - "Devices" - ], - "type": "object" - }, - "AWS::Greengrass::DeviceDefinitionVersion": { + "AWS::EventSchemas::Schema": { "additionalProperties": false, "properties": { "Condition": { @@ -109448,29 +118808,50 @@ "Properties": { "additionalProperties": false, "properties": { - "DeviceDefinitionId": { - "markdownDescription": "The ID of the device definition associated with this version. This value is a GUID.", - "title": "DeviceDefinitionId", + "Content": { + "markdownDescription": "The source of the schema definition.", + "title": "Content", "type": "string" }, - "Devices": { + "Description": { + "markdownDescription": "A description of the schema.", + "title": "Description", + "type": "string" + }, + "RegistryName": { + "markdownDescription": "The name of the schema registry.", + "title": "RegistryName", + "type": "string" + }, + "SchemaName": { + "markdownDescription": "The name of the schema.", + "title": "SchemaName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Greengrass::DeviceDefinitionVersion.Device" + "$ref": "#/definitions/AWS::EventSchemas::Schema.TagsEntry" }, - "markdownDescription": "The devices in this version.", - "title": "Devices", + "markdownDescription": "Tags associated with the schema.", + "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of schema.\n\nValid types include `OpenApi3` and `JSONSchemaDraft4` .", + "title": "Type", + "type": "string" } }, "required": [ - "DeviceDefinitionId", - "Devices" + "Content", + "RegistryName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::DeviceDefinitionVersion" + "AWS::EventSchemas::Schema" ], "type": "string" }, @@ -109489,38 +118870,27 @@ ], "type": "object" }, - "AWS::Greengrass::DeviceDefinitionVersion.Device": { + "AWS::EventSchemas::Schema.TagsEntry": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The ARN of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", - "title": "CertificateArn", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "Key": { + "markdownDescription": "The key of a key-value pair.", + "title": "Key", "type": "string" }, - "SyncShadow": { - "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", - "title": "SyncShadow", - "type": "boolean" - }, - "ThingArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the device, which is an AWS IoT device (thing).", - "title": "ThingArn", + "Value": { + "markdownDescription": "The value of a key-value pair.", + "title": "Value", "type": "string" } }, "required": [ - "CertificateArn", - "Id", - "ThingArn" + "Key", + "Value" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition": { + "AWS::Events::ApiDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -109555,30 +118925,47 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion", - "markdownDescription": "The function definition version to include when the function definition is created. A function definition version contains a list of [`function`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinition-function.html) property types.\n\n> To associate a function definition version after the function definition is created, create an [`AWS::Greengrass::FunctionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-functiondefinitionversion.html) resource and specify the ID of this function definition.", - "title": "InitialVersion" + "ConnectionArn": { + "markdownDescription": "The ARN of the connection to use for the API destination. The destination endpoint must support the authorization type specified for the connection.", + "title": "ConnectionArn", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the API destination to create.", + "title": "Description", + "type": "string" + }, + "HttpMethod": { + "markdownDescription": "The method to use for the request to the HTTP invocation endpoint.", + "title": "HttpMethod", + "type": "string" + }, + "InvocationEndpoint": { + "markdownDescription": "The URL to the HTTP invocation endpoint for the API destination.", + "title": "InvocationEndpoint", + "type": "string" + }, + "InvocationRateLimitPerSecond": { + "markdownDescription": "The maximum number of requests per second to send to the HTTP invocation endpoint.", + "title": "InvocationRateLimitPerSecond", + "type": "number" }, "Name": { - "markdownDescription": "The name of the function definition.", + "markdownDescription": "The name for the API destination to create.", "title": "Name", "type": "string" - }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the function definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" } }, "required": [ - "Name" + "ConnectionArn", + "HttpMethod", + "InvocationEndpoint" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::FunctionDefinition" + "AWS::Events::ApiDestination" ], "type": "string" }, @@ -109597,190 +118984,99 @@ ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition.DefaultConfig": { - "additionalProperties": false, - "properties": { - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", - "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", - "title": "Execution" - } - }, - "required": [ - "Execution" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.Environment": { - "additionalProperties": false, - "properties": { - "AccessSysfs": { - "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "AccessSysfs", - "type": "boolean" - }, - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", - "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", - "title": "Execution" - }, - "ResourceAccessPolicies": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy" - }, - "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only for Lambda functions that run in a Greengrass container.", - "title": "ResourceAccessPolicies", - "type": "array" - }, - "Variables": { - "markdownDescription": "Environment variables for the Lambda function.", - "title": "Variables", - "type": "object" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.Execution": { - "additionalProperties": false, - "properties": { - "IsolationMode": { - "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", - "title": "IsolationMode", - "type": "string" - }, - "RunAs": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.RunAs", - "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", - "title": "RunAs" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.Function": { - "additionalProperties": false, - "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", - "title": "FunctionArn", - "type": "string" - }, - "FunctionConfiguration": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionConfiguration", - "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", - "title": "FunctionConfiguration" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - } - }, - "required": [ - "FunctionArn", - "FunctionConfiguration", - "Id" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.FunctionConfiguration": { + "AWS::Events::Archive": { "additionalProperties": false, "properties": { - "EncodingType": { - "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", - "title": "EncodingType", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Environment", - "markdownDescription": "The environment configuration of the function.", - "title": "Environment" - }, - "ExecArgs": { - "markdownDescription": "The execution arguments.", - "title": "ExecArgs", + "Condition": { "type": "string" }, - "Executable": { - "markdownDescription": "The name of the function executable.", - "title": "Executable", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MemorySize": { - "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "MemorySize", - "type": "number" - }, - "Pinned": { - "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", - "title": "Pinned", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Timeout": { - "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", - "title": "Timeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion": { - "additionalProperties": false, - "properties": { - "DefaultConfig": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.DefaultConfig", - "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", - "title": "DefaultConfig" + "Metadata": { + "type": "object" }, - "Functions": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Function" + "Properties": { + "additionalProperties": false, + "properties": { + "ArchiveName": { + "markdownDescription": "The name for the archive to create.", + "title": "ArchiveName", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the archive.", + "title": "Description", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "An event pattern to use to filter events sent to the archive.", + "title": "EventPattern", + "type": "object" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt this archive. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt the archive.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n> If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.\n> \n> For more information, see [Encrypting archives](https://docs.aws.amazon.com/eventbridge/latest/userguide/encryption-archives.html) in the *Amazon EventBridge User Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "RetentionDays": { + "markdownDescription": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely", + "title": "RetentionDays", + "type": "number" + }, + "SourceArn": { + "markdownDescription": "The ARN of the event bus that sends events to the archive.", + "title": "SourceArn", + "type": "string" + } }, - "markdownDescription": "The functions in this version.", - "title": "Functions", - "type": "array" - } - }, - "required": [ - "Functions" - ], - "type": "object" - }, - "AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy": { - "additionalProperties": false, - "properties": { - "Permission": { - "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", - "title": "Permission", + "required": [ + "SourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Events::Archive" + ], "type": "string" }, - "ResourceId": { - "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", - "title": "ResourceId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ResourceId" + "Type", + "Properties" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinition.RunAs": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", - "title": "Gid", - "type": "number" - }, - "Uid": { - "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", - "title": "Uid", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Greengrass::FunctionDefinitionVersion": { + "AWS::Events::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -109815,34 +119111,42 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultConfig": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig", - "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", - "title": "DefaultConfig" + "AuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.AuthParameters", + "markdownDescription": "The authorization parameters to use to authorize with the endpoint.\n\nYou must include only authorization parameters for the `AuthorizationType` you specify.", + "title": "AuthParameters" }, - "FunctionDefinitionId": { - "markdownDescription": "The ID of the function definition associated with this version. This value is a GUID.", - "title": "FunctionDefinitionId", + "AuthorizationType": { + "markdownDescription": "The type of authorization to use for the connection.\n\n> OAUTH tokens are refreshed when a 401 or 407 response is returned.", + "title": "AuthorizationType", "type": "string" }, - "Functions": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Function" - }, - "markdownDescription": "The functions in this version.", - "title": "Functions", - "type": "array" + "Description": { + "markdownDescription": "A description for the connection to create.", + "title": "Description", + "type": "string" + }, + "InvocationConnectivityParameters": { + "$ref": "#/definitions/AWS::Events::Connection.InvocationConnectivityParameters", + "markdownDescription": "For connections to private APIs, the parameters to use for invoking the API.\n\nFor more information, see [Connecting to private APIs](https://docs.aws.amazon.com/eventbridge/latest/userguide/connection-private.html) in the **Amazon EventBridge User Guide** .", + "title": "InvocationConnectivityParameters" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt this connection. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt the connection.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name for the connection to create.", + "title": "Name", + "type": "string" } }, - "required": [ - "FunctionDefinitionId", - "Functions" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::FunctionDefinitionVersion" + "AWS::Events::Connection" ], "type": "string" }, @@ -109856,173 +119160,235 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig": { + "AWS::Events::Connection.ApiKeyAuthParameters": { "additionalProperties": false, "properties": { - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", - "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", - "title": "Execution" + "ApiKeyName": { + "markdownDescription": "The name of the API key to use for authorization.", + "title": "ApiKeyName", + "type": "string" + }, + "ApiKeyValue": { + "markdownDescription": "The value for the API key to use for authorization.", + "title": "ApiKeyValue", + "type": "string" } }, "required": [ - "Execution" - ], + "ApiKeyName", + "ApiKeyValue" + ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.Environment": { + "AWS::Events::Connection.AuthParameters": { "additionalProperties": false, "properties": { - "AccessSysfs": { - "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "AccessSysfs", - "type": "boolean" + "ApiKeyAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ApiKeyAuthParameters", + "markdownDescription": "The API Key parameters to use for authorization.", + "title": "ApiKeyAuthParameters" }, - "Execution": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", - "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", - "title": "Execution" + "BasicAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.BasicAuthParameters", + "markdownDescription": "The authorization parameters for Basic authorization.", + "title": "BasicAuthParameters" }, - "ResourceAccessPolicies": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy" - }, - "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "ResourceAccessPolicies", - "type": "array" + "ConnectivityParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectivityParameters", + "markdownDescription": "For private OAuth authentication endpoints. The parameters EventBridge uses to authenticate against the endpoint.\n\nFor more information, see [Authorization methods for connections](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-target-connection-auth.html) in the **Amazon EventBridge User Guide** .", + "title": "ConnectivityParameters" }, - "Variables": { - "markdownDescription": "Environment variables for the Lambda function.", - "title": "Variables", - "type": "object" + "InvocationHttpParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", + "markdownDescription": "Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint.", + "title": "InvocationHttpParameters" + }, + "OAuthParameters": { + "$ref": "#/definitions/AWS::Events::Connection.OAuthParameters", + "markdownDescription": "The OAuth parameters to use for authorization.", + "title": "OAuthParameters" } }, "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.Execution": { + "AWS::Events::Connection.BasicAuthParameters": { "additionalProperties": false, "properties": { - "IsolationMode": { - "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", - "title": "IsolationMode", + "Password": { + "markdownDescription": "The password associated with the user name to use for Basic authorization.", + "title": "Password", "type": "string" }, - "RunAs": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.RunAs", - "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", - "title": "RunAs" + "Username": { + "markdownDescription": "The user name to use for Basic authorization.", + "title": "Username", + "type": "string" } }, + "required": [ + "Password", + "Username" + ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.Function": { + "AWS::Events::Connection.ClientParameters": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", - "title": "FunctionArn", + "ClientID": { + "markdownDescription": "The client ID to use for OAuth authorization.", + "title": "ClientID", "type": "string" }, - "FunctionConfiguration": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration", - "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", - "title": "FunctionConfiguration" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "ClientSecret": { + "markdownDescription": "The client secret assciated with the client ID to use for OAuth authorization.", + "title": "ClientSecret", "type": "string" } }, "required": [ - "FunctionArn", - "FunctionConfiguration", - "Id" + "ClientID", + "ClientSecret" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration": { + "AWS::Events::Connection.ConnectionHttpParameters": { "additionalProperties": false, "properties": { - "EncodingType": { - "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", - "title": "EncodingType", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Environment", - "markdownDescription": "The environment configuration of the function.", - "title": "Environment" + "BodyParameters": { + "items": { + "$ref": "#/definitions/AWS::Events::Connection.Parameter" + }, + "markdownDescription": "Any additional body string parameters for the connection.", + "title": "BodyParameters", + "type": "array" }, - "ExecArgs": { - "markdownDescription": "The execution arguments.", - "title": "ExecArgs", - "type": "string" + "HeaderParameters": { + "items": { + "$ref": "#/definitions/AWS::Events::Connection.Parameter" + }, + "markdownDescription": "Any additional header parameters for the connection.", + "title": "HeaderParameters", + "type": "array" }, - "Executable": { - "markdownDescription": "The name of the function executable.", - "title": "Executable", + "QueryStringParameters": { + "items": { + "$ref": "#/definitions/AWS::Events::Connection.Parameter" + }, + "markdownDescription": "Any additional query string parameters for the connection.", + "title": "QueryStringParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Events::Connection.ConnectivityParameters": { + "additionalProperties": false, + "properties": { + "ResourceParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ResourceParameters", + "markdownDescription": "The parameters for EventBridge to use when invoking the resource endpoint.", + "title": "ResourceParameters" + } + }, + "required": [ + "ResourceParameters" + ], + "type": "object" + }, + "AWS::Events::Connection.InvocationConnectivityParameters": { + "additionalProperties": false, + "properties": { + "ResourceParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ResourceParameters", + "markdownDescription": "The parameters for EventBridge to use when invoking the resource endpoint.", + "title": "ResourceParameters" + } + }, + "required": [ + "ResourceParameters" + ], + "type": "object" + }, + "AWS::Events::Connection.OAuthParameters": { + "additionalProperties": false, + "properties": { + "AuthorizationEndpoint": { + "markdownDescription": "The URL to the authorization endpoint when OAuth is specified as the authorization type.", + "title": "AuthorizationEndpoint", "type": "string" }, - "MemorySize": { - "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", - "title": "MemorySize", - "type": "number" + "ClientParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ClientParameters", + "markdownDescription": "The client parameters for OAuth authorization.", + "title": "ClientParameters" }, - "Pinned": { - "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", - "title": "Pinned", - "type": "boolean" + "HttpMethod": { + "markdownDescription": "The method to use for the authorization request.", + "title": "HttpMethod", + "type": "string" }, - "Timeout": { - "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", - "title": "Timeout", - "type": "number" + "OAuthHttpParameters": { + "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", + "markdownDescription": "Details about the additional parameters to use for the connection.", + "title": "OAuthHttpParameters" } }, + "required": [ + "AuthorizationEndpoint", + "ClientParameters", + "HttpMethod" + ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy": { + "AWS::Events::Connection.Parameter": { "additionalProperties": false, "properties": { - "Permission": { - "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", - "title": "Permission", + "IsValueSecret": { + "markdownDescription": "Specifies whether the value is secret.", + "title": "IsValueSecret", + "type": "boolean" + }, + "Key": { + "markdownDescription": "The key for a query string parameter.", + "title": "Key", "type": "string" }, - "ResourceId": { - "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", - "title": "ResourceId", + "Value": { + "markdownDescription": "The value associated with the key for the query string parameter.", + "title": "Value", "type": "string" } }, "required": [ - "ResourceId" + "Key", + "Value" ], "type": "object" }, - "AWS::Greengrass::FunctionDefinitionVersion.RunAs": { + "AWS::Events::Connection.ResourceParameters": { "additionalProperties": false, "properties": { - "Gid": { - "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", - "title": "Gid", - "type": "number" + "ResourceAssociationArn": { + "markdownDescription": "For connections to private APIs, the Amazon Resource Name (ARN) of the resource association EventBridge created between the connection and the private API's resource configuration.\n\n> The value of this property is set by EventBridge . Any value you specify in your template is ignored.", + "title": "ResourceAssociationArn", + "type": "string" }, - "Uid": { - "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", - "title": "Uid", - "type": "number" + "ResourceConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon VPC Lattice resource configuration for the resource endpoint.", + "title": "ResourceConfigurationArn", + "type": "string" } }, + "required": [ + "ResourceConfigurationArn" + ], "type": "object" }, - "AWS::Greengrass::Group": { + "AWS::Events::Endpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -110057,35 +119423,49 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::Group.GroupVersion", - "markdownDescription": "The group version to include when the group is created. A group version references the Amazon Resource Name (ARN) of a core definition version, device definition version, subscription definition version, and other version types. The group version must reference a core definition version that contains one core. Other version types are optionally included, depending on your business need.\n\n> To associate a group version after the group is created, create an [`AWS::Greengrass::GroupVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-groupversion.html) resource and specify the ID of this group.", - "title": "InitialVersion" + "Description": { + "markdownDescription": "A description for the endpoint.", + "title": "Description", + "type": "string" + }, + "EventBuses": { + "items": { + "$ref": "#/definitions/AWS::Events::Endpoint.EndpointEventBus" + }, + "markdownDescription": "The event buses being used by the endpoint.\n\n*Exactly* : `2`", + "title": "EventBuses", + "type": "array" }, "Name": { - "markdownDescription": "The name of the group.", + "markdownDescription": "The name of the endpoint.", "title": "Name", "type": "string" }, + "ReplicationConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.ReplicationConfig", + "markdownDescription": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` .", + "title": "ReplicationConfig" + }, "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role attached to the group. This role contains the permissions that Lambda functions and connectors use to interact with other AWS services.", + "markdownDescription": "The ARN of the role used by event replication for the endpoint.", "title": "RoleArn", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the group. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" + "RoutingConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.RoutingConfig", + "markdownDescription": "The routing configuration of the endpoint.", + "title": "RoutingConfig" } }, "required": [ - "Name" + "EventBuses", + "RoutingConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::Group" + "AWS::Events::Endpoint" ], "type": "string" }, @@ -110104,150 +119484,97 @@ ], "type": "object" }, - "AWS::Greengrass::Group.GroupVersion": { + "AWS::Events::Endpoint.EndpointEventBus": { "additionalProperties": false, "properties": { - "ConnectorDefinitionVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", - "title": "ConnectorDefinitionVersionArn", - "type": "string" - }, - "CoreDefinitionVersionArn": { - "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", - "title": "CoreDefinitionVersionArn", - "type": "string" - }, - "DeviceDefinitionVersionArn": { - "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", - "title": "DeviceDefinitionVersionArn", - "type": "string" - }, - "FunctionDefinitionVersionArn": { - "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", - "title": "FunctionDefinitionVersionArn", - "type": "string" - }, - "LoggerDefinitionVersionArn": { - "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", - "title": "LoggerDefinitionVersionArn", - "type": "string" - }, - "ResourceDefinitionVersionArn": { - "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", - "title": "ResourceDefinitionVersionArn", - "type": "string" - }, - "SubscriptionDefinitionVersionArn": { - "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", - "title": "SubscriptionDefinitionVersionArn", + "EventBusArn": { + "markdownDescription": "The ARN of the event bus the endpoint is associated with.", + "title": "EventBusArn", "type": "string" } }, + "required": [ + "EventBusArn" + ], "type": "object" }, - "AWS::Greengrass::GroupVersion": { + "AWS::Events::Endpoint.FailoverConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Primary": { + "$ref": "#/definitions/AWS::Events::Endpoint.Primary", + "markdownDescription": "The main Region of the endpoint.", + "title": "Primary" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Secondary": { + "$ref": "#/definitions/AWS::Events::Endpoint.Secondary", + "markdownDescription": "The Region that events are routed to when failover is triggered or event replication is enabled.", + "title": "Secondary" + } + }, + "required": [ + "Primary", + "Secondary" + ], + "type": "object" + }, + "AWS::Events::Endpoint.Primary": { + "additionalProperties": false, + "properties": { + "HealthCheck": { + "markdownDescription": "The ARN of the health check used by the endpoint to determine whether failover is triggered.", + "title": "HealthCheck", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConnectorDefinitionVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", - "title": "ConnectorDefinitionVersionArn", - "type": "string" - }, - "CoreDefinitionVersionArn": { - "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", - "title": "CoreDefinitionVersionArn", - "type": "string" - }, - "DeviceDefinitionVersionArn": { - "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", - "title": "DeviceDefinitionVersionArn", - "type": "string" - }, - "FunctionDefinitionVersionArn": { - "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", - "title": "FunctionDefinitionVersionArn", - "type": "string" - }, - "GroupId": { - "markdownDescription": "The ID of the group associated with this version. This value is a GUID.", - "title": "GroupId", - "type": "string" - }, - "LoggerDefinitionVersionArn": { - "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", - "title": "LoggerDefinitionVersionArn", - "type": "string" - }, - "ResourceDefinitionVersionArn": { - "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", - "title": "ResourceDefinitionVersionArn", - "type": "string" - }, - "SubscriptionDefinitionVersionArn": { - "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", - "title": "SubscriptionDefinitionVersionArn", - "type": "string" - } - }, - "required": [ - "GroupId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Greengrass::GroupVersion" - ], + } + }, + "required": [ + "HealthCheck" + ], + "type": "object" + }, + "AWS::Events::Endpoint.ReplicationConfig": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "The state of event replication.", + "title": "State", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "State" + ], + "type": "object" + }, + "AWS::Events::Endpoint.RoutingConfig": { + "additionalProperties": false, + "properties": { + "FailoverConfig": { + "$ref": "#/definitions/AWS::Events::Endpoint.FailoverConfig", + "markdownDescription": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.", + "title": "FailoverConfig" + } + }, + "required": [ + "FailoverConfig" + ], + "type": "object" + }, + "AWS::Events::Endpoint.Secondary": { + "additionalProperties": false, + "properties": { + "Route": { + "markdownDescription": "Defines the secondary Region.", + "title": "Route", "type": "string" } }, "required": [ - "Type", - "Properties" + "Route" ], "type": "object" }, - "AWS::Greengrass::LoggerDefinition": { + "AWS::Events::EventBus": { "additionalProperties": false, "properties": { "Condition": { @@ -110282,20 +119609,48 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion", - "markdownDescription": "The logger definition version to include when the logger definition is created. A logger definition version contains a list of [`logger`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-loggerdefinition-logger.html) property types.\n\n> To associate a logger definition version after the logger definition is created, create an [`AWS::Greengrass::LoggerDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-loggerdefinitionversion.html) resource and specify the ID of this logger definition.", - "title": "InitialVersion" + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Events::EventBus.DeadLetterConfig", + "markdownDescription": "Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ).\n\nFor more information, see [Using dead-letter queues to process undelivered events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-event-delivery.html#eb-rule-dlq) in the *EventBridge User Guide* .", + "title": "DeadLetterConfig" + }, + "Description": { + "markdownDescription": "The event bus description.", + "title": "Description", + "type": "string" + }, + "EventSourceName": { + "markdownDescription": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", + "title": "EventSourceName", + "type": "string" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nIf you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt events on the event bus.\n\nFor more information, see [Identify and view keys](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n> Schema discovery is not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:\n> \n> - You call `[CreateDiscoverer](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer)` on an event bus set to use a customer managed key for encryption.\n> - You call `[UpdatedEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html)` to set a customer managed key on an event bus with schema discovery enabled.\n> \n> To enable schema discovery on an event bus, choose to use an AWS owned key . For more information, see [Encrypting events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption-event-bus-cmkey.html) in the *Amazon EventBridge User Guide* . > If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.\n> \n> For more information, see [Encrypting archives](https://docs.aws.amazon.com/eventbridge/latest/userguide/encryption-archives.html) in the *Amazon EventBridge User Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "LogConfig": { + "$ref": "#/definitions/AWS::Events::EventBus.LogConfig", + "markdownDescription": "The logging configuration settings for the event bus.\n\nFor more information, see [Configuring logs for event buses](https://docs.aws.amazon.com/eb-event-bus-logs.html) in the *EventBridge User Guide* .", + "title": "LogConfig" }, "Name": { - "markdownDescription": "The name of the logger definition.", + "markdownDescription": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", "title": "Name", "type": "string" }, + "Policy": { + "markdownDescription": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", + "title": "Policy", + "type": "object" + }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the logger definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to associate with the event bus.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ @@ -110305,7 +119660,7 @@ }, "Type": { "enum": [ - "AWS::Greengrass::LoggerDefinition" + "AWS::Events::EventBus" ], "type": "string" }, @@ -110324,61 +119679,34 @@ ], "type": "object" }, - "AWS::Greengrass::LoggerDefinition.Logger": { + "AWS::Events::EventBus.DeadLetterConfig": { "additionalProperties": false, "properties": { - "Component": { - "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", - "title": "Component", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Level": { - "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", - "title": "Level", - "type": "string" - }, - "Space": { - "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", - "title": "Space", - "type": "number" - }, - "Type": { - "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", - "title": "Type", + "Arn": { + "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", + "title": "Arn", "type": "string" } }, - "required": [ - "Component", - "Id", - "Level", - "Type" - ], "type": "object" }, - "AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion": { + "AWS::Events::EventBus.LogConfig": { "additionalProperties": false, "properties": { - "Loggers": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.Logger" - }, - "markdownDescription": "The loggers in this version.", - "title": "Loggers", - "type": "array" + "IncludeDetail": { + "markdownDescription": "Whether EventBridge include detailed event information in the records it generates. Detailed data can be useful for troubleshooting and debugging. This information includes details of the event itself, as well as target details.\n\nFor more information, see [Including detail data in event bus logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-logs-data) in the *EventBridge User Guide* .", + "title": "IncludeDetail", + "type": "string" + }, + "Level": { + "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the event bus.\n\nFor more information, see [Specifying event bus log level](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus-logs.html#eb-event-bus-logs-level) in the *EventBridge User Guide* .", + "title": "Level", + "type": "string" } }, - "required": [ - "Loggers" - ], "type": "object" }, - "AWS::Greengrass::LoggerDefinitionVersion": { + "AWS::Events::EventBusPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -110413,29 +119741,45 @@ "Properties": { "additionalProperties": false, "properties": { - "LoggerDefinitionId": { - "markdownDescription": "The ID of the logger definition associated with this version. This value is a GUID.", - "title": "LoggerDefinitionId", + "Action": { + "markdownDescription": "The action that you are enabling the other account to perform.", + "title": "Action", "type": "string" }, - "Loggers": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::LoggerDefinitionVersion.Logger" - }, - "markdownDescription": "The loggers in this version.", - "title": "Loggers", - "type": "array" + "Condition": { + "$ref": "#/definitions/AWS::Events::EventBusPolicy.Condition", + "markdownDescription": "This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization. For more information about AWS Organizations, see [What Is AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) in the *AWS Organizations User Guide* .\n\nIf you specify `Condition` with an AWS organization ID, and specify \"*\" as the value for `Principal` , you grant permission to all the accounts in the named organization.\n\nThe `Condition` is a JSON string which must contain `Type` , `Key` , and `Value` fields.", + "title": "Condition" + }, + "EventBusName": { + "markdownDescription": "The name of the event bus associated with the rule. If you omit this, the default event bus is used.", + "title": "EventBusName", + "type": "string" + }, + "Principal": { + "markdownDescription": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify \"*\" to permit any account to put events to your default event bus.\n\nIf you specify \"*\" without specifying `Condition` , avoid creating rules that may match undesirable events. To create more secure rules, make sure that the event pattern for each rule contains an `account` field with a specific account ID from which to receive events. Rules with an account field do not match any events sent from other accounts.", + "title": "Principal", + "type": "string" + }, + "Statement": { + "markdownDescription": "A JSON string that describes the permission policy statement. You can include a `Policy` parameter in the request instead of using the `StatementId` , `Action` , `Principal` , or `Condition` parameters.", + "title": "Statement", + "type": "object" + }, + "StatementId": { + "markdownDescription": "An identifier string for the external account that you are granting permissions to. If you later want to revoke the permission for this external account, specify this `StatementId` when you run [RemovePermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html) .\n\n> Each `StatementId` must be unique.", + "title": "StatementId", + "type": "string" } }, "required": [ - "LoggerDefinitionId", - "Loggers" + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::LoggerDefinitionVersion" + "AWS::Events::EventBusPolicy" ], "type": "string" }, @@ -110454,44 +119798,28 @@ ], "type": "object" }, - "AWS::Greengrass::LoggerDefinitionVersion.Logger": { + "AWS::Events::EventBusPolicy.Condition": { "additionalProperties": false, "properties": { - "Component": { - "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", - "title": "Component", - "type": "string" - }, - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Level": { - "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", - "title": "Level", + "Key": { + "markdownDescription": "Specifies the key for the condition. Currently the only supported key is `aws:PrincipalOrgID` .", + "title": "Key", "type": "string" }, - "Space": { - "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", - "title": "Space", - "type": "number" - }, "Type": { - "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", + "markdownDescription": "Specifies the type of condition. Currently the only supported value is `StringEquals` .", "title": "Type", "type": "string" + }, + "Value": { + "markdownDescription": "Specifies the value for the key. Currently, this must be the ID of the organization.", + "title": "Value", + "type": "string" } }, - "required": [ - "Component", - "Id", - "Level", - "Type" - ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition": { + "AWS::Events::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -110526,30 +119854,55 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion", - "markdownDescription": "The resource definition version to include when the resource definition is created. A resource definition version contains a list of [`resource instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinition-resourceinstance.html) property types.\n\n> To associate a resource definition version after the resource definition is created, create an [`AWS::Greengrass::ResourceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-resourcedefinitionversion.html) resource and specify the ID of this resource definition.", - "title": "InitialVersion" + "Description": { + "markdownDescription": "The description of the rule.", + "title": "Description", + "type": "string" + }, + "EventBusName": { + "markdownDescription": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.", + "title": "EventBusName", + "type": "string" + }, + "EventPattern": { + "markdownDescription": "The event pattern of the rule. For more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the **Amazon EventBridge User Guide** .", + "title": "EventPattern", + "type": "object" }, "Name": { - "markdownDescription": "The name of the resource definition.", + "markdownDescription": "The name of the rule.", "title": "Name", "type": "string" }, - "Tags": { - "markdownDescription": "Application-specific metadata to attach to the resource definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "title": "Tags", - "type": "object" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", + "title": "RoleArn", + "type": "string" + }, + "ScheduleExpression": { + "markdownDescription": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", + "title": "ScheduleExpression", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the **Amazon EventBridge User Guide** .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", + "title": "State", + "type": "string" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.Target" + }, + "markdownDescription": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the **Amazon EventBridge User Guide** .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the **Amazon EventBridge User Guide** .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code.", + "title": "Targets", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::ResourceDefinition" + "AWS::Events::Rule" ], "type": "string" }, @@ -110563,529 +119916,597 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.GroupOwnerSetting": { + "AWS::Events::Rule.AppSyncParameters": { "additionalProperties": false, "properties": { - "AutoAddGroupOwner": { - "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", - "title": "AutoAddGroupOwner", - "type": "boolean" - }, - "GroupOwner": { - "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", - "title": "GroupOwner", + "GraphQLOperation": { + "markdownDescription": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.\n\nFor more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* .", + "title": "GraphQLOperation", "type": "string" } }, "required": [ - "AutoAddGroupOwner" + "GraphQLOperation" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData": { + "AWS::Events::Rule.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" - }, - "SourcePath": { - "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", - "title": "SourcePath", + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", "type": "string" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", + "type": "array" } }, "required": [ - "SourcePath" + "Subnets" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData": { + "AWS::Events::Rule.BatchArrayProperties": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource in the Lambda environment.", - "title": "DestinationPath", - "type": "string" + "Size": { + "markdownDescription": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.", + "title": "Size", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Events::Rule.BatchParameters": { + "additionalProperties": false, + "properties": { + "ArrayProperties": { + "$ref": "#/definitions/AWS::Events::Rule.BatchArrayProperties", + "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", + "title": "ArrayProperties" }, - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" + "JobDefinition": { + "markdownDescription": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.", + "title": "JobDefinition", + "type": "string" }, - "SourcePath": { - "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", - "title": "SourcePath", + "JobName": { + "markdownDescription": "The name to use for this execution of the job, if the target is an AWS Batch job.", + "title": "JobName", "type": "string" + }, + "RetryStrategy": { + "$ref": "#/definitions/AWS::Events::Rule.BatchRetryStrategy", + "markdownDescription": "The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1\u201310. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition.", + "title": "RetryStrategy" } }, "required": [ - "DestinationPath", - "SourcePath" + "JobDefinition", + "JobName" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.ResourceDataContainer": { + "AWS::Events::Rule.BatchRetryStrategy": { "additionalProperties": false, "properties": { - "LocalDeviceResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData", - "markdownDescription": "Settings for a local device resource.", - "title": "LocalDeviceResourceData" - }, - "LocalVolumeResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData", - "markdownDescription": "Settings for a local volume resource.", - "title": "LocalVolumeResourceData" - }, - "S3MachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", - "title": "S3MachineLearningModelResourceData" - }, - "SageMakerMachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", - "title": "SageMakerMachineLearningModelResourceData" - }, - "SecretsManagerSecretResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData", - "markdownDescription": "Settings for a secret resource.", - "title": "SecretsManagerSecretResourceData" + "Attempts": { + "markdownDescription": "The number of times to attempt to retry, if the job fails. Valid values are 1\u201310.", + "title": "Attempts", + "type": "number" } }, "type": "object" }, - "AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion": { + "AWS::Events::Rule.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "Resources": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceInstance" - }, - "markdownDescription": "The resources in this version.", - "title": "Resources", - "type": "array" + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", + "title": "Base", + "type": "number" + }, + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", + "type": "string" + }, + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", + "type": "number" } }, "required": [ - "Resources" + "CapacityProvider" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting": { + "AWS::Events::Rule.DeadLetterConfig": { "additionalProperties": false, "properties": { - "GroupOwner": { - "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", - "title": "GroupOwner", - "type": "string" - }, - "GroupPermission": { - "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", - "title": "GroupPermission", + "Arn": { + "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", + "title": "Arn", "type": "string" } }, - "required": [ - "GroupOwner", - "GroupPermission" - ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.ResourceInstance": { + "AWS::Events::Rule.EcsParameters": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", + "title": "CapacityProviderStrategy", + "type": "array" + }, + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "EnableECSManagedTags", + "type": "boolean" + }, + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" + }, + "Group": { + "markdownDescription": "Specifies an ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", "type": "string" }, - "Name": { - "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", - "title": "Name", + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", "type": "string" }, - "ResourceDataContainer": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDataContainer", - "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", - "title": "ResourceDataContainer" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Events::Rule.NetworkConfiguration", + "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.PlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", + "type": "array" + }, + "PlacementStrategies": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.PlacementStrategy" + }, + "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", + "title": "PlacementStrategies", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", + "type": "string" + }, + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action.", + "title": "PropagateTags", + "type": "string" + }, + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "TagList": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", + "title": "TagList", + "type": "array" + }, + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", + "title": "TaskCount", + "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", + "type": "string" } }, "required": [ - "Id", - "Name", - "ResourceDataContainer" + "TaskDefinitionArn" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData": { + "AWS::Events::Rule.HttpParameters": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", - "type": "string" + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" }, - "S3Uri": { - "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", - "title": "S3Uri", - "type": "string" + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" } }, - "required": [ - "DestinationPath", - "S3Uri" - ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData": { + "AWS::Events::Rule.InputTransformer": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" + "InputPathsMap": { + "additionalProperties": true, + "markdownDescription": "Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target.\n\n`InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation.\n\nThe keys cannot start with \" AWS .\"", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "InputPathsMap", + "type": "object" }, - "SageMakerJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", - "title": "SageMakerJobArn", + "InputTemplate": { + "markdownDescription": "Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: < *value* >\n\nIf `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply:\n\n- The placeholder cannot be used as an object key.\n\nThe following example shows the syntax for using `InputPathsMap` and `InputTemplate` .\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \"`\n\n`}`\n\nTo have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \\\"\\\"\"`\n\n`}`\n\nThe `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": '{\"myInstance\": ,\"myStatus\": \" is in state \\\"\\\"\"}'`\n\n`}`", + "title": "InputTemplate", "type": "string" } }, "required": [ - "DestinationPath", - "SageMakerJobArn" + "InputTemplate" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData": { + "AWS::Events::Rule.KinesisParameters": { "additionalProperties": false, "properties": { - "ARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", - "title": "ARN", + "PartitionKeyPath": { + "markdownDescription": "The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* .", + "title": "PartitionKeyPath", "type": "string" - }, - "AdditionalStagingLabelsToDownload": { - "items": { - "type": "string" - }, - "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", - "title": "AdditionalStagingLabelsToDownload", - "type": "array" } }, "required": [ - "ARN" + "PartitionKeyPath" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion": { + "AWS::Events::Rule.NetworkConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceDefinitionId": { - "markdownDescription": "The ID of the resource definition associated with this version. This value is a GUID.", - "title": "ResourceDefinitionId", - "type": "string" - }, - "Resources": { - "items": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance" - }, - "markdownDescription": "The resources in this version.", - "title": "Resources", - "type": "array" - } - }, - "required": [ - "ResourceDefinitionId", - "Resources" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Greengrass::ResourceDefinitionVersion" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "AwsVpcConfiguration": { + "$ref": "#/definitions/AWS::Events::Rule.AwsVpcConfiguration", + "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", + "title": "AwsVpcConfiguration" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting": { + "AWS::Events::Rule.PlacementConstraint": { "additionalProperties": false, "properties": { - "AutoAddGroupOwner": { - "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", - "title": "AutoAddGroupOwner", - "type": "boolean" + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "Expression", + "type": "string" }, - "GroupOwner": { - "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", - "title": "GroupOwner", + "Type": { + "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", + "title": "Type", "type": "string" } }, - "required": [ - "AutoAddGroupOwner" - ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData": { + "AWS::Events::Rule.PlacementStrategy": { "additionalProperties": false, "properties": { - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", + "title": "Field", + "type": "string" }, - "SourcePath": { - "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", - "title": "SourcePath", + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", "type": "string" } }, - "required": [ - "SourcePath" - ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData": { + "AWS::Events::Rule.RedshiftDataParameters": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource in the Lambda environment.", - "title": "DestinationPath", + "Database": { + "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", + "title": "Database", "type": "string" }, - "GroupOwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", - "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", - "title": "GroupOwnerSetting" + "DbUser": { + "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", + "title": "DbUser", + "type": "string" }, - "SourcePath": { - "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", - "title": "SourcePath", + "SecretManagerArn": { + "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager.", + "title": "SecretManagerArn", + "type": "string" + }, + "Sql": { + "markdownDescription": "The SQL statement text to run.", + "title": "Sql", + "type": "string" + }, + "Sqls": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back.", + "title": "Sqls", + "type": "array" + }, + "StatementName": { + "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", + "title": "StatementName", "type": "string" + }, + "WithEvent": { + "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", + "title": "WithEvent", + "type": "boolean" } }, "required": [ - "DestinationPath", - "SourcePath" + "Database" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer": { + "AWS::Events::Rule.RetryPolicy": { "additionalProperties": false, "properties": { - "LocalDeviceResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData", - "markdownDescription": "Settings for a local device resource.", - "title": "LocalDeviceResourceData" - }, - "LocalVolumeResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData", - "markdownDescription": "Settings for a local volume resource.", - "title": "LocalVolumeResourceData" - }, - "S3MachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", - "title": "S3MachineLearningModelResourceData" - }, - "SageMakerMachineLearningModelResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData", - "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", - "title": "SageMakerMachineLearningModelResourceData" + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", + "title": "MaximumEventAgeInSeconds", + "type": "number" }, - "SecretsManagerSecretResourceData": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData", - "markdownDescription": "Settings for a secret resource.", - "title": "SecretsManagerSecretResourceData" + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met.", + "title": "MaximumRetryAttempts", + "type": "number" } }, "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting": { + "AWS::Events::Rule.RunCommandParameters": { "additionalProperties": false, "properties": { - "GroupOwner": { - "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", - "title": "GroupOwner", - "type": "string" - }, - "GroupPermission": { - "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", - "title": "GroupPermission", - "type": "string" + "RunCommandTargets": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.RunCommandTarget" + }, + "markdownDescription": "Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag.", + "title": "RunCommandTargets", + "type": "array" } }, "required": [ - "GroupOwner", - "GroupPermission" + "RunCommandTargets" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance": { + "AWS::Events::Rule.RunCommandTarget": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", - "title": "Name", + "Key": { + "markdownDescription": "Can be either `tag:` *tag-key* or `InstanceIds` .", + "title": "Key", "type": "string" }, - "ResourceDataContainer": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer", - "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", - "title": "ResourceDataContainer" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs.", + "title": "Values", + "type": "array" } }, "required": [ - "Id", - "Name", - "ResourceDataContainer" + "Key", + "Values" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData": { + "AWS::Events::Rule.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", + "Name": { + "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Name", "type": "string" }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "S3Uri": { - "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", - "title": "S3Uri", + "Value": { + "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Value", "type": "string" } }, "required": [ - "DestinationPath", - "S3Uri" + "Name", + "Value" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData": { + "AWS::Events::Rule.SageMakerPipelineParameters": { "additionalProperties": false, "properties": { - "DestinationPath": { - "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", - "title": "DestinationPath", - "type": "string" - }, - "OwnerSetting": { - "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", - "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", - "title": "OwnerSetting" - }, - "SageMakerJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", - "title": "SageMakerJobArn", + "PipelineParameterList": { + "items": { + "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameter" + }, + "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", + "title": "PipelineParameterList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Events::Rule.SqsParameters": { + "additionalProperties": false, + "properties": { + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", "type": "string" } }, "required": [ - "DestinationPath", - "SageMakerJobArn" + "MessageGroupId" ], "type": "object" }, - "AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData": { + "AWS::Events::Rule.Target": { "additionalProperties": false, "properties": { - "ARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", - "title": "ARN", + "AppSyncParameters": { + "$ref": "#/definitions/AWS::Events::Rule.AppSyncParameters", + "markdownDescription": "Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API.", + "title": "AppSyncParameters" + }, + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target.", + "title": "Arn", "type": "string" }, - "AdditionalStagingLabelsToDownload": { - "items": { - "type": "string" - }, - "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", - "title": "AdditionalStagingLabelsToDownload", - "type": "array" + "BatchParameters": { + "$ref": "#/definitions/AWS::Events::Rule.BatchParameters", + "markdownDescription": "If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* .", + "title": "BatchParameters" + }, + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Events::Rule.DeadLetterConfig", + "markdownDescription": "The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" + }, + "EcsParameters": { + "$ref": "#/definitions/AWS::Events::Rule.EcsParameters", + "markdownDescription": "Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* .", + "title": "EcsParameters" + }, + "HttpParameters": { + "$ref": "#/definitions/AWS::Events::Rule.HttpParameters", + "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", + "title": "HttpParameters" + }, + "Id": { + "markdownDescription": "The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string.", + "title": "Id", + "type": "string" + }, + "Input": { + "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .", + "title": "Input", + "type": "string" + }, + "InputPath": { + "markdownDescription": "The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) .", + "title": "InputPath", + "type": "string" + }, + "InputTransformer": { + "$ref": "#/definitions/AWS::Events::Rule.InputTransformer", + "markdownDescription": "Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target.", + "title": "InputTransformer" + }, + "KinesisParameters": { + "$ref": "#/definitions/AWS::Events::Rule.KinesisParameters", + "markdownDescription": "The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key.", + "title": "KinesisParameters" + }, + "RedshiftDataParameters": { + "$ref": "#/definitions/AWS::Events::Rule.RedshiftDataParameters", + "markdownDescription": "Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster.\n\nIf you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.", + "title": "RedshiftDataParameters" + }, + "RetryPolicy": { + "$ref": "#/definitions/AWS::Events::Rule.RetryPolicy", + "markdownDescription": "The retry policy configuration to use for the dead-letter queue.", + "title": "RetryPolicy" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target.", + "title": "RoleArn", + "type": "string" + }, + "RunCommandParameters": { + "$ref": "#/definitions/AWS::Events::Rule.RunCommandParameters", + "markdownDescription": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command.", + "title": "RunCommandParameters" + }, + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameters", + "markdownDescription": "Contains the SageMaker AI Model Building Pipeline parameters to start execution of a SageMaker AI Model Building Pipeline.\n\nIf you specify a SageMaker AI Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events.", + "title": "SageMakerPipelineParameters" + }, + "SqsParameters": { + "$ref": "#/definitions/AWS::Events::Rule.SqsParameters", + "markdownDescription": "Contains the message group ID to use when the target is a FIFO queue.\n\nIf you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled.", + "title": "SqsParameters" } }, "required": [ - "ARN" + "Arn", + "Id" ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinition": { + "AWS::Evidently::Experiment": { "additionalProperties": false, "properties": { "Condition": { @@ -111120,30 +120541,88 @@ "Properties": { "additionalProperties": false, "properties": { - "InitialVersion": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion", - "markdownDescription": "The subscription definition version to include when the subscription definition is created. A subscription definition version contains a list of [`subscription`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-subscriptiondefinition-subscription.html) property types.\n\n> To associate a subscription definition version after the subscription definition is created, create an [`AWS::Greengrass::SubscriptionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-subscriptiondefinitionversion.html) resource and specify the ID of this subscription definition.", - "title": "InitialVersion" + "Description": { + "markdownDescription": "An optional description of the experiment.", + "title": "Description", + "type": "string" + }, + "MetricGoals": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Experiment.MetricGoalObject" + }, + "markdownDescription": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment.", + "title": "MetricGoals", + "type": "array" }, "Name": { - "markdownDescription": "The name of the subscription definition.", + "markdownDescription": "A name for the new experiment.", "title": "Name", "type": "string" }, + "OnlineAbConfig": { + "$ref": "#/definitions/AWS::Evidently::Experiment.OnlineAbConfigObject", + "markdownDescription": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation.", + "title": "OnlineAbConfig" + }, + "Project": { + "markdownDescription": "The name or the ARN of the project where this experiment is to be created.", + "title": "Project", + "type": "string" + }, + "RandomizationSalt": { + "markdownDescription": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` .", + "title": "RandomizationSalt", + "type": "string" + }, + "RemoveSegment": { + "markdownDescription": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running.", + "title": "RemoveSegment", + "type": "boolean" + }, + "RunningStatus": { + "$ref": "#/definitions/AWS::Evidently::Experiment.RunningStatusObject", + "markdownDescription": "A structure that you can use to start and stop the experiment.", + "title": "RunningStatus" + }, + "SamplingRate": { + "markdownDescription": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience.", + "title": "SamplingRate", + "type": "number" + }, + "Segment": { + "markdownDescription": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", + "title": "Segment", + "type": "string" + }, "Tags": { - "markdownDescription": "Application-specific metadata to attach to the subscription definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the experiment.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an experiment.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", - "type": "object" + "type": "array" + }, + "Treatments": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentObject" + }, + "markdownDescription": "An array of structures that describe the configuration of each feature variation used in the experiment.", + "title": "Treatments", + "type": "array" } }, "required": [ - "Name" + "MetricGoals", + "Name", + "OnlineAbConfig", + "Project", + "Treatments" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::SubscriptionDefinition" + "AWS::Evidently::Experiment" ], "type": "string" }, @@ -111162,56 +120641,148 @@ ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinition.Subscription": { + "AWS::Evidently::Experiment.MetricGoalObject": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "DesiredChange": { + "markdownDescription": "`INCREASE` means that a variation with a higher number for this metric is performing better.\n\n`DECREASE` means that a variation with a lower number for this metric is performing better.", + "title": "DesiredChange", "type": "string" }, - "Source": { - "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Source", + "EntityIdKey": { + "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", + "title": "EntityIdKey", "type": "string" }, - "Subject": { - "markdownDescription": "The MQTT topic used to route the message.", - "title": "Subject", + "EventPattern": { + "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", + "title": "EventPattern", "type": "string" }, - "Target": { - "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Target", + "MetricName": { + "markdownDescription": "A name for the metric. It can include up to 255 characters.", + "title": "MetricName", + "type": "string" + }, + "UnitLabel": { + "markdownDescription": "A label for the units that the metric is measuring.", + "title": "UnitLabel", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "The JSON path to reference the numerical metric value in the event.", + "title": "ValueKey", "type": "string" } }, "required": [ - "Id", - "Source", - "Subject", - "Target" + "DesiredChange", + "EntityIdKey", + "MetricName", + "ValueKey" ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion": { + "AWS::Evidently::Experiment.OnlineAbConfigObject": { "additionalProperties": false, "properties": { - "Subscriptions": { + "ControlTreatmentName": { + "markdownDescription": "The name of the variation that is to be the default variation that the other variations are compared to.", + "title": "ControlTreatmentName", + "type": "string" + }, + "TreatmentWeights": { "items": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.Subscription" + "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentToWeight" }, - "markdownDescription": "The subscriptions in this version.", - "title": "Subscriptions", + "markdownDescription": "A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation.", + "title": "TreatmentWeights", "type": "array" } }, + "type": "object" + }, + "AWS::Evidently::Experiment.RunningStatusObject": { + "additionalProperties": false, + "properties": { + "AnalysisCompleteTime": { + "markdownDescription": "If you are using AWS CloudFormation to start the experiment, use this field to specify when the experiment is to end. The format is as a UNIX timestamp. For more information about this format, see [The Current Epoch Unix Timestamp](https://docs.aws.amazon.com/https://www.unixtimestamp.com/index.php) .", + "title": "AnalysisCompleteTime", + "type": "string" + }, + "DesiredState": { + "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment.", + "title": "DesiredState", + "type": "string" + }, + "Reason": { + "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, this is an optional field that you can use to record why the experiment is being stopped or cancelled.", + "title": "Reason", + "type": "string" + }, + "Status": { + "markdownDescription": "To start the experiment now, specify `START` for this parameter. If this experiment is currently running and you want to stop it now, specify `STOP` .", + "title": "Status", + "type": "string" + } + }, "required": [ - "Subscriptions" + "Status" ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinitionVersion": { + "AWS::Evidently::Experiment.TreatmentObject": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the treatment.", + "title": "Description", + "type": "string" + }, + "Feature": { + "markdownDescription": "The name of the feature for this experiment.", + "title": "Feature", + "type": "string" + }, + "TreatmentName": { + "markdownDescription": "A name for this treatment. It can include up to 127 characters.", + "title": "TreatmentName", + "type": "string" + }, + "Variation": { + "markdownDescription": "The name of the variation to use for this treatment.", + "title": "Variation", + "type": "string" + } + }, + "required": [ + "Feature", + "TreatmentName", + "Variation" + ], + "type": "object" + }, + "AWS::Evidently::Experiment.TreatmentToWeight": { + "additionalProperties": false, + "properties": { + "SplitWeight": { + "markdownDescription": "The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment.", + "title": "SplitWeight", + "type": "number" + }, + "Treatment": { + "markdownDescription": "The name of the treatment.", + "title": "Treatment", + "type": "string" + } + }, + "required": [ + "SplitWeight", + "Treatment" + ], + "type": "object" + }, + "AWS::Evidently::Feature": { "additionalProperties": false, "properties": { "Condition": { @@ -111246,29 +120817,66 @@ "Properties": { "additionalProperties": false, "properties": { - "SubscriptionDefinitionId": { - "markdownDescription": "The ID of the subscription definition associated with this version. This value is a GUID.", - "title": "SubscriptionDefinitionId", + "DefaultVariation": { + "markdownDescription": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation.", + "title": "DefaultVariation", "type": "string" }, - "Subscriptions": { + "Description": { + "markdownDescription": "An optional description of the feature.", + "title": "Description", + "type": "string" + }, + "EntityOverrides": { "items": { - "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinitionVersion.Subscription" + "$ref": "#/definitions/AWS::Evidently::Feature.EntityOverride" }, - "markdownDescription": "The subscriptions in this version.", - "title": "Subscriptions", + "markdownDescription": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.", + "title": "EntityOverrides", + "type": "array" + }, + "EvaluationStrategy": { + "markdownDescription": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.", + "title": "EvaluationStrategy", + "type": "string" + }, + "Name": { + "markdownDescription": "The name for the feature. It can include up to 127 characters.", + "title": "Name", + "type": "string" + }, + "Project": { + "markdownDescription": "The name or ARN of the project that is to contain the new feature.", + "title": "Project", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "title": "Tags", + "type": "array" + }, + "Variations": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Feature.VariationObject" + }, + "markdownDescription": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` ).", + "title": "Variations", "type": "array" } }, "required": [ - "SubscriptionDefinitionId", - "Subscriptions" + "Name", + "Project", + "Variations" ], "type": "object" }, "Type": { "enum": [ - "AWS::Greengrass::SubscriptionDefinitionVersion" + "AWS::Evidently::Feature" ], "type": "string" }, @@ -111287,39 +120895,57 @@ ], "type": "object" }, - "AWS::Greengrass::SubscriptionDefinitionVersion.Subscription": { + "AWS::Evidently::Feature.EntityOverride": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", - "title": "Id", + "EntityId": { + "markdownDescription": "The entity ID to be served the variation specified in `Variation` .", + "title": "EntityId", "type": "string" }, - "Source": { - "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Source", + "Variation": { + "markdownDescription": "The name of the variation to serve to the user session that matches the `EntityId` .", + "title": "Variation", "type": "string" + } + }, + "type": "object" + }, + "AWS::Evidently::Feature.VariationObject": { + "additionalProperties": false, + "properties": { + "BooleanValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is boolean.", + "title": "BooleanValue", + "type": "boolean" }, - "Subject": { - "markdownDescription": "The MQTT topic used to route the message.", - "title": "Subject", + "DoubleValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a double.", + "title": "DoubleValue", + "type": "number" + }, + "LongValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a long.", + "title": "LongValue", + "type": "number" + }, + "StringValue": { + "markdownDescription": "The value assigned to this variation, if the variation type is a string.", + "title": "StringValue", "type": "string" }, - "Target": { - "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", - "title": "Target", + "VariationName": { + "markdownDescription": "A name for the variation. It can include up to 127 characters.", + "title": "VariationName", "type": "string" } }, "required": [ - "Id", - "Source", - "Subject", - "Target" + "VariationName" ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion": { + "AWS::Evidently::Launch": { "additionalProperties": false, "properties": { "Condition": { @@ -111354,33 +120980,75 @@ "Properties": { "additionalProperties": false, "properties": { - "InlineRecipe": { - "markdownDescription": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", - "title": "InlineRecipe", + "Description": { + "markdownDescription": "An optional description for the launch.", + "title": "Description", "type": "string" }, - "LambdaFunction": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource", - "markdownDescription": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", - "title": "LambdaFunction" + "ExecutionStatus": { + "$ref": "#/definitions/AWS::Evidently::Launch.ExecutionStatusObject", + "markdownDescription": "A structure that you can use to start and stop the launch.", + "title": "ExecutionStatus" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.LaunchGroupObject" + }, + "markdownDescription": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch.", + "title": "Groups", + "type": "array" + }, + "MetricMonitors": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.MetricDefinitionObject" + }, + "markdownDescription": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array.", + "title": "MetricMonitors", + "type": "array" + }, + "Name": { + "markdownDescription": "The name for the launch. It can include up to 127 characters.", + "title": "Name", + "type": "string" + }, + "Project": { + "markdownDescription": "The name or ARN of the project that you want to create the launch in.", + "title": "Project", + "type": "string" + }, + "RandomizationSalt": { + "markdownDescription": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` .", + "title": "RandomizationSalt", + "type": "string" + }, + "ScheduledSplitsConfig": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.StepConfig" + }, + "markdownDescription": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch.", + "title": "ScheduledSplitsConfig", + "type": "array" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the launch.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a launch.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", - "type": "object" + "type": "array" } }, + "required": [ + "Groups", + "Name", + "Project", + "ScheduledSplitsConfig" + ], "type": "object" }, "Type": { "enum": [ - "AWS::GreengrassV2::ComponentVersion" + "AWS::Evidently::Launch" ], "type": "string" }, @@ -111394,278 +121062,413 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { + "AWS::Evidently::Launch.ExecutionStatusObject": { "additionalProperties": false, "properties": { - "DependencyType": { - "markdownDescription": "The type of this dependency. Choose from the following options:\n\n- `SOFT` \u2013 The component doesn't restart if the dependency changes state.\n- `HARD` \u2013 The component restarts if the dependency changes state.\n\nDefault: `HARD`", - "title": "DependencyType", + "DesiredState": { + "markdownDescription": "If you are using AWS CloudFormation to stop this launch, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment. If you omit this parameter, the default of `COMPLETED` is used.", + "title": "DesiredState", "type": "string" }, - "VersionRequirement": { - "markdownDescription": "The component version requirement for the component dependency.\n\nAWS IoT Greengrass uses semantic version constraints. For more information, see [Semantic Versioning](https://docs.aws.amazon.com/https://semver.org/) .", - "title": "VersionRequirement", + "Reason": { + "markdownDescription": "If you are using AWS CloudFormation to stop this launch, this is an optional field that you can use to record why the launch is being stopped or cancelled.", + "title": "Reason", + "type": "string" + }, + "Status": { + "markdownDescription": "To start the launch now, specify `START` for this parameter. If this launch is currently running and you want to stop it now, specify `STOP` .", + "title": "Status", "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.ComponentPlatform": { + "AWS::Evidently::Launch.GroupToWeight": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "Name": { - "markdownDescription": "The friendly name of the platform. This name helps you identify the platform.\n\nIf you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform.", - "title": "Name", + "GroupName": { + "markdownDescription": "The name of the launch group. It can include up to 127 characters.", + "title": "GroupName", "type": "string" + }, + "SplitWeight": { + "markdownDescription": "The portion of launch traffic to allocate to this launch group.\n\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group.", + "title": "SplitWeight", + "type": "number" } }, + "required": [ + "GroupName", + "SplitWeight" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaContainerParams": { + "AWS::Evidently::Launch.LaunchGroupObject": { "additionalProperties": false, "properties": { - "Devices": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount" - }, - "markdownDescription": "The list of system devices that the container can access.", - "title": "Devices", - "type": "array" + "Description": { + "markdownDescription": "A description of the launch group.", + "title": "Description", + "type": "string" }, - "MemorySizeInKB": { - "markdownDescription": "The memory size of the container, expressed in kilobytes.\n\nDefault: `16384` (16 MB)", - "title": "MemorySizeInKB", - "type": "number" + "Feature": { + "markdownDescription": "The feature that this launch is using.", + "title": "Feature", + "type": "string" }, - "MountROSysfs": { - "markdownDescription": "Whether or not the container can read information from the device's `/sys` folder.\n\nDefault: `false`", - "title": "MountROSysfs", - "type": "boolean" + "GroupName": { + "markdownDescription": "A name for this launch group. It can include up to 127 characters.", + "title": "GroupName", + "type": "string" }, - "Volumes": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount" - }, - "markdownDescription": "The list of volumes that the container can access.", - "title": "Volumes", - "type": "array" + "Variation": { + "markdownDescription": "The feature variation to use for this launch group.", + "title": "Variation", + "type": "string" } }, + "required": [ + "Feature", + "GroupName", + "Variation" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount": { + "AWS::Evidently::Launch.MetricDefinitionObject": { "additionalProperties": false, "properties": { - "AddGroupOwner": { - "markdownDescription": "Whether or not to add the component's system user as an owner of the device.\n\nDefault: `false`", - "title": "AddGroupOwner", - "type": "boolean" + "EntityIdKey": { + "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", + "title": "EntityIdKey", + "type": "string" }, - "Path": { - "markdownDescription": "The mount path for the device in the file system.", - "title": "Path", + "EventPattern": { + "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", + "title": "EventPattern", "type": "string" }, - "Permission": { - "markdownDescription": "The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", - "title": "Permission", + "MetricName": { + "markdownDescription": "A name for the metric. It can include up to 255 characters.", + "title": "MetricName", + "type": "string" + }, + "UnitLabel": { + "markdownDescription": "A label for the units that the metric is measuring.", + "title": "UnitLabel", + "type": "string" + }, + "ValueKey": { + "markdownDescription": "The value that is tracked to produce the metric.", + "title": "ValueKey", "type": "string" } }, + "required": [ + "EntityIdKey", + "MetricName", + "ValueKey" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaEventSource": { + "AWS::Evidently::Launch.SegmentOverride": { "additionalProperties": false, "properties": { - "Topic": { - "markdownDescription": "The topic to which to subscribe to receive event messages.", - "title": "Topic", - "type": "string" + "EvaluationOrder": { + "markdownDescription": "A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first.", + "title": "EvaluationOrder", + "type": "number" }, - "Type": { - "markdownDescription": "The type of event source. Choose from the following options:\n\n- `PUB_SUB` \u2013 Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic.\n- `IOT_CORE` \u2013 Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic.", - "title": "Type", + "Segment": { + "markdownDescription": "The ARN of the segment to use for this override.", + "title": "Segment", "type": "string" + }, + "Weights": { + "items": { + "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" + }, + "markdownDescription": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic.", + "title": "Weights", + "type": "array" } }, + "required": [ + "EvaluationOrder", + "Segment", + "Weights" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters": { + "AWS::Evidently::Launch.StepConfig": { "additionalProperties": false, "properties": { - "EnvironmentVariables": { - "additionalProperties": true, - "markdownDescription": "The map of environment variables that are available to the Lambda function when it runs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "EnvironmentVariables", - "type": "object" - }, - "EventSources": { + "GroupWeights": { "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaEventSource" + "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" }, - "markdownDescription": "The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages.", - "title": "EventSources", + "markdownDescription": "An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch.", + "title": "GroupWeights", "type": "array" }, - "ExecArgs": { + "SegmentOverrides": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Evidently::Launch.SegmentOverride" }, - "markdownDescription": "The list of arguments to pass to the Lambda function when it runs.", - "title": "ExecArgs", + "markdownDescription": "An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age.\n\nFor more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) .", + "title": "SegmentOverrides", "type": "array" }, - "InputPayloadEncodingType": { - "markdownDescription": "The encoding type that the Lambda function supports.\n\nDefault: `json`", - "title": "InputPayloadEncodingType", + "StartTime": { + "markdownDescription": "The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z`", + "title": "StartTime", + "type": "string" + } + }, + "required": [ + "GroupWeights", + "StartTime" + ], + "type": "object" + }, + "AWS::Evidently::Project": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "LinuxProcessParams": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams", - "markdownDescription": "The parameters for the Linux process that contains the Lambda function.", - "title": "LinuxProcessParams" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MaxIdleTimeInSeconds": { - "markdownDescription": "The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process.", - "title": "MaxIdleTimeInSeconds", - "type": "number" - }, - "MaxInstancesCount": { - "markdownDescription": "The maximum number of instances that a non-pinned Lambda function can run at the same time.", - "title": "MaxInstancesCount", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MaxQueueSize": { - "markdownDescription": "The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message.", - "title": "MaxQueueSize", - "type": "number" + "Metadata": { + "type": "object" }, - "Pinned": { - "markdownDescription": "Whether or not the Lambda function is pinned, or long-lived.\n\n- A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container.\n- A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function.\n\nDefault: `true`", - "title": "Pinned", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "AppConfigResource": { + "$ref": "#/definitions/AWS::Evidently::Project.AppConfigResourceObject", + "markdownDescription": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission.", + "title": "AppConfigResource" + }, + "DataDelivery": { + "$ref": "#/definitions/AWS::Evidently::Project.DataDeliveryObject", + "markdownDescription": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation.", + "title": "DataDelivery" + }, + "Description": { + "markdownDescription": "An optional description of the project.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name for the project. It can include up to 127 characters.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the project.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a project.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "StatusTimeoutInSeconds": { - "markdownDescription": "The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component.", - "title": "StatusTimeoutInSeconds", - "type": "number" + "Type": { + "enum": [ + "AWS::Evidently::Project" + ], + "type": "string" }, - "TimeoutInSeconds": { - "markdownDescription": "The maximum amount of time in seconds that the Lambda function can process a work item.", - "title": "TimeoutInSeconds", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource": { + "AWS::Evidently::Project.AppConfigResourceObject": { "additionalProperties": false, "properties": { - "ComponentDependencies": { - "additionalProperties": false, - "markdownDescription": "The component versions on which this Lambda function component depends.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement" - } - }, - "title": "ComponentDependencies", - "type": "object" - }, - "ComponentLambdaParameters": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters", - "markdownDescription": "The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device.", - "title": "ComponentLambdaParameters" - }, - "ComponentName": { - "markdownDescription": "The name of the component.\n\nDefaults to the name of the Lambda function.", - "title": "ComponentName", + "ApplicationId": { + "markdownDescription": "The ID of the AWS AppConfig application to use for client-side evaluation.", + "title": "ApplicationId", "type": "string" }, - "ComponentPlatforms": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentPlatform" - }, - "markdownDescription": "The platforms that the component version supports.", - "title": "ComponentPlatforms", - "type": "array" - }, - "ComponentVersion": { - "markdownDescription": "The version of the component.\n\nDefaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` .", - "title": "ComponentVersion", + "EnvironmentId": { + "markdownDescription": "The ID of the AWS AppConfig environment to use for client-side evaluation.", + "title": "EnvironmentId", "type": "string" - }, - "LambdaArn": { - "markdownDescription": "The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` .", - "title": "LambdaArn", + } + }, + "required": [ + "ApplicationId", + "EnvironmentId" + ], + "type": "object" + }, + "AWS::Evidently::Project.DataDeliveryObject": { + "additionalProperties": false, + "properties": { + "LogGroup": { + "markdownDescription": "If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name.", + "title": "LogGroup", "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::Evidently::Project.S3Destination", + "markdownDescription": "If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix.", + "title": "S3" } }, "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams": { + "AWS::Evidently::Project.S3Destination": { "additionalProperties": false, "properties": { - "ContainerParams": { - "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaContainerParams", - "markdownDescription": "The parameters for the container in which the Lambda function runs.", - "title": "ContainerParams" + "BucketName": { + "markdownDescription": "The name of the bucket in which Evidently stores evaluation events.", + "title": "BucketName", + "type": "string" }, - "IsolationMode": { - "markdownDescription": "The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container.\n\nDefault: `GreengrassContainer`", - "title": "IsolationMode", + "Prefix": { + "markdownDescription": "The bucket prefix in which Evidently stores evaluation events.", + "title": "Prefix", "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount": { + "AWS::Evidently::Segment": { "additionalProperties": false, "properties": { - "AddGroupOwner": { - "markdownDescription": "Whether or not to add the AWS IoT Greengrass user group as an owner of the volume.\n\nDefault: `false`", - "title": "AddGroupOwner", - "type": "boolean" + "Condition": { + "type": "string" }, - "DestinationPath": { - "markdownDescription": "The path to the logical volume in the file system.", - "title": "DestinationPath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Permission": { - "markdownDescription": "The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", - "title": "Permission", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "An optional description for this segment.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the segment.", + "title": "Name", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", + "title": "Pattern", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Evidently::Segment" + ], "type": "string" }, - "SourcePath": { - "markdownDescription": "The path to the physical volume in the file system.", - "title": "SourcePath", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment": { + "AWS::FIS::ExperimentTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -111700,40 +121503,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { + "Actions": { "additionalProperties": false, - "markdownDescription": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component.", + "markdownDescription": "The actions for the experiment.", "patternProperties": { "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification" + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateAction" } }, - "title": "Components", + "title": "Actions", "type": "object" }, - "DeploymentName": { - "markdownDescription": "The name of the deployment.", - "title": "DeploymentName", + "Description": { + "markdownDescription": "The description for the experiment template.", + "title": "Description", "type": "string" }, - "DeploymentPolicies": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentPolicies", - "markdownDescription": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure.", - "title": "DeploymentPolicies" + "ExperimentOptions": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions", + "markdownDescription": "The experiment options for an experiment template.", + "title": "ExperimentOptions" }, - "IotJobConfiguration": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration", - "markdownDescription": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration.", - "title": "IotJobConfiguration" + "ExperimentReportConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentReportConfiguration", + "markdownDescription": "Describes the report configuration for the experiment template.", + "title": "ExperimentReportConfiguration" }, - "ParentTargetArn": { - "markdownDescription": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment.", - "title": "ParentTargetArn", + "LogConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration", + "markdownDescription": "The configuration for experiment logging.", + "title": "LogConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role.", + "title": "RoleArn", "type": "string" }, + "StopConditions": { + "items": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition" + }, + "markdownDescription": "The stop conditions for the experiment.", + "title": "StopConditions", + "type": "array" + }, "Tags": { "additionalProperties": true, - "markdownDescription": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "markdownDescription": "The tags for the experiment template.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -111742,20 +121558,29 @@ "title": "Tags", "type": "object" }, - "TargetArn": { - "markdownDescription": "The ARN of the target AWS IoT thing or thing group.", - "title": "TargetArn", - "type": "string" + "Targets": { + "additionalProperties": false, + "markdownDescription": "The targets for the experiment.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget" + } + }, + "title": "Targets", + "type": "object" } }, "required": [ - "TargetArn" + "Description", + "RoleArn", + "StopConditions", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::GreengrassV2::Deployment" + "AWS::FIS::ExperimentTemplate" ], "type": "string" }, @@ -111774,271 +121599,319 @@ ], "type": "object" }, - "AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate": { + "AWS::FIS::ExperimentTemplate.CloudWatchDashboard": { "additionalProperties": false, "properties": { - "Merge": { - "markdownDescription": "A serialized JSON string that contains the configuration object to merge to target devices. The core device merges this configuration with the component's existing configuration. If this is the first time a component deploys on a device, the core device merges this configuration with the component's default configuration. This means that the core device keeps it's existing configuration for keys and values that you don't specify in this object. For more information, see [Merge configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#merge-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "Merge", + "DashboardIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch dashboard to include in the experiment report.", + "title": "DashboardIdentifier", "type": "string" - }, - "Reset": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of configuration nodes to reset to default values on target devices. Use JSON pointers to specify each node to reset. JSON pointers start with a forward slash ( `/` ) and use forward slashes to separate the key for each level in the object. For more information, see the [JSON pointer specification](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) and [Reset configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#reset-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "Reset", - "type": "array" } }, + "required": [ + "DashboardIdentifier" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification": { + "AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration": { "additionalProperties": false, "properties": { - "ComponentVersion": { - "markdownDescription": "The version of the component.", - "title": "ComponentVersion", + "LogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.", + "title": "LogGroupArn", "type": "string" - }, - "ConfigurationUpdate": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate", - "markdownDescription": "The configuration updates to deploy for the component. You can define reset updates and merge updates. A reset updates the keys that you specify to the default configuration for the component. A merge updates the core device's component configuration with the keys and values that you specify. The AWS IoT Greengrass Core software applies reset updates before it applies merge updates. For more information, see [Update component configuration](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) .", - "title": "ConfigurationUpdate" - }, - "RunWith": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentRunWith", - "markdownDescription": "The system user and group that the software uses to run component processes on the core device. If you omit this parameter, the software uses the system user and group that you configure for the core device. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) in the *AWS IoT Greengrass V2 Developer Guide* .", - "title": "RunWith" } }, + "required": [ + "LogGroupArn" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.ComponentRunWith": { + "AWS::FIS::ExperimentTemplate.DataSources": { "additionalProperties": false, "properties": { - "PosixUser": { - "markdownDescription": "The POSIX system user and (optional) group to use to run this component. Specify the user and group separated by a colon ( `:` ) in the following format: `user:group` . The group is optional. If you don't specify a group, the AWS IoT Greengrass Core software uses the primary user for the group.", - "title": "PosixUser", - "type": "string" - }, - "SystemResourceLimits": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.SystemResourceLimits", - "markdownDescription": "The system resource limits to apply to this component's process on the core device. AWS IoT Greengrass supports this feature only on Linux core devices.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default system resource limits that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", - "title": "SystemResourceLimits" - }, - "WindowsUser": { - "markdownDescription": "The Windows user to use to run this component on Windows core devices. The user must exist on each Windows core device, and its name and password must be in the LocalSystem account's Credentials Manager instance.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default Windows user that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) .", - "title": "WindowsUser", - "type": "string" + "CloudWatchDashboards": { + "items": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchDashboard" + }, + "markdownDescription": "The CloudWatch dashboards to include as data sources in the experiment report.", + "title": "CloudWatchDashboards", + "type": "array" } }, "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy": { + "AWS::FIS::ExperimentTemplate.ExperimentReportS3Configuration": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Whether or not to notify components and wait for components to become safe to update. Choose from the following options:\n\n- `NOTIFY_COMPONENTS` \u2013 The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n- `SKIP_NOTIFY_COMPONENTS` \u2013 The deployment doesn't notify components or wait for them to be safe to update.\n\nDefault: `NOTIFY_COMPONENTS`", - "title": "Action", + "BucketName": { + "markdownDescription": "The name of the S3 bucket where the experiment report will be stored.", + "title": "BucketName", "type": "string" }, - "TimeoutInSeconds": { - "markdownDescription": "The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device.\n\nDefault: `60`", - "title": "TimeoutInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy": { - "additionalProperties": false, - "properties": { - "TimeoutInSeconds": { - "markdownDescription": "The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device.\n\nDefault: `30`", - "title": "TimeoutInSeconds", - "type": "number" + "Prefix": { + "markdownDescription": "The prefix of the S3 bucket where the experiment report will be stored.", + "title": "Prefix", + "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { "additionalProperties": false, "properties": { - "AbortConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortConfig", - "markdownDescription": "The stop configuration for the job. This configuration defines when and how to stop a job rollout.", - "title": "AbortConfig" + "ActionId": { + "markdownDescription": "The ID of the action.", + "title": "ActionId", + "type": "string" }, - "JobExecutionsRolloutConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig", - "markdownDescription": "The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices.", - "title": "JobExecutionsRolloutConfig" + "Description": { + "markdownDescription": "A description for the action.", + "title": "Description", + "type": "string" }, - "TimeoutConfig": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig", - "markdownDescription": "The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job.", - "title": "TimeoutConfig" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the action.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" + }, + "StartAfter": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the action that must be completed before the current action starts.", + "title": "StartAfter", + "type": "array" + }, + "Targets": { + "additionalProperties": true, + "markdownDescription": "The targets for the action.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Targets", + "type": "object" } }, + "required": [ + "ActionId" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.DeploymentPolicies": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions": { "additionalProperties": false, "properties": { - "ComponentUpdatePolicy": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy", - "markdownDescription": "The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices.", - "title": "ComponentUpdatePolicy" - }, - "ConfigurationValidationPolicy": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy", - "markdownDescription": "The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates.", - "title": "ConfigurationValidationPolicy" + "AccountTargeting": { + "markdownDescription": "The account targeting setting for an experiment template.", + "title": "AccountTargeting", + "type": "string" }, - "FailureHandlingPolicy": { - "markdownDescription": "The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails.\n\nDefault: `ROLLBACK`", - "title": "FailureHandlingPolicy", + "EmptyTargetResolutionMode": { + "markdownDescription": "The empty target resolution mode for an experiment template.", + "title": "EmptyTargetResolutionMode", "type": "string" } }, "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobAbortConfig": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentReportConfiguration": { "additionalProperties": false, "properties": { - "CriteriaList": { - "items": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortCriteria" - }, - "markdownDescription": "The list of criteria that define when and how to cancel the configuration deployment.", - "title": "CriteriaList", - "type": "array" + "DataSources": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.DataSources", + "markdownDescription": "The data sources for the experiment report.", + "title": "DataSources" + }, + "Outputs": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.Outputs", + "markdownDescription": "The output destinations of the experiment report.", + "title": "Outputs" + }, + "PostExperimentDuration": { + "markdownDescription": "The duration after the experiment end time for the data sources to include in the report.", + "title": "PostExperimentDuration", + "type": "string" + }, + "PreExperimentDuration": { + "markdownDescription": "The duration before the experiment start time for the data sources to include in the report.", + "title": "PreExperimentDuration", + "type": "string" } }, "required": [ - "CriteriaList" + "Outputs" ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobAbortCriteria": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to perform when the criteria are met.", - "title": "Action", - "type": "string" - }, - "FailureType": { - "markdownDescription": "The type of job deployment failure that can cancel a job.", - "title": "FailureType", - "type": "string" + "CloudWatchLogsConfiguration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration", + "markdownDescription": "The configuration for experiment logging to CloudWatch Logs .", + "title": "CloudWatchLogsConfiguration" }, - "MinNumberOfExecutedThings": { - "markdownDescription": "The minimum number of things that receive the configuration before the job can cancel.", - "title": "MinNumberOfExecutedThings", + "LogSchemaVersion": { + "markdownDescription": "The schema version.", + "title": "LogSchemaVersion", "type": "number" }, - "ThresholdPercentage": { - "markdownDescription": "The minimum percentage of `failureType` failures that occur before the job can cancel.\n\nThis parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` ).", - "title": "ThresholdPercentage", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.S3Configuration", + "markdownDescription": "The configuration for experiment logging to Amazon S3 .", + "title": "S3Configuration" } }, "required": [ - "Action", - "FailureType", - "MinNumberOfExecutedThings", - "ThresholdPercentage" + "LogSchemaVersion" ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition": { "additionalProperties": false, "properties": { - "ExponentialRate": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate", - "markdownDescription": "The exponential rate to increase the job rollout rate.", - "title": "ExponentialRate" + "Source": { + "markdownDescription": "The source for the stop condition.", + "title": "Source", + "type": "string" }, - "MaximumPerMinute": { - "markdownDescription": "The maximum number of devices that receive a pending job notification, per minute.", - "title": "MaximumPerMinute", - "type": "number" + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch alarm, if applicable.", + "title": "Value", + "type": "string" } }, + "required": [ + "Source" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget": { "additionalProperties": false, "properties": { - "BaseRatePerMinute": { - "markdownDescription": "The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job.", - "title": "BaseRatePerMinute", - "type": "number" + "Filters": { + "items": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter" + }, + "markdownDescription": "The filters to apply to identify target resources using specific attributes.", + "title": "Filters", + "type": "array" }, - "IncrementFactor": { - "markdownDescription": "The exponential factor to increase the rollout rate for the job.\n\nThis parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` ).", - "title": "IncrementFactor", - "type": "number" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the resource type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" }, - "RateIncreaseCriteria": { - "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria", - "markdownDescription": "The criteria to increase the rollout rate for the job.", - "title": "RateIncreaseCriteria" + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the targets.", + "title": "ResourceArns", + "type": "array" + }, + "ResourceTags": { + "additionalProperties": true, + "markdownDescription": "The tags for the target resources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ResourceTags", + "type": "object" + }, + "ResourceType": { + "markdownDescription": "The resource type.", + "title": "ResourceType", + "type": "string" + }, + "SelectionMode": { + "markdownDescription": "Scopes the identified resources to a specific count or percentage.", + "title": "SelectionMode", + "type": "string" } }, "required": [ - "BaseRatePerMinute", - "IncrementFactor", - "RateIncreaseCriteria" + "ResourceType", + "SelectionMode" ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria": { + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter": { "additionalProperties": false, "properties": { - "NumberOfNotifiedThings": { - "markdownDescription": "The number of devices to receive the job notification before the rollout rate increases.", - "title": "NumberOfNotifiedThings", - "type": "number" + "Path": { + "markdownDescription": "The attribute path for the filter.", + "title": "Path", + "type": "string" }, - "NumberOfSucceededThings": { - "markdownDescription": "The number of devices to successfully run the configuration job before the rollout rate increases.", - "title": "NumberOfSucceededThings", - "type": "number" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The attribute values for the filter.", + "title": "Values", + "type": "array" } }, + "required": [ + "Path", + "Values" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig": { + "AWS::FIS::ExperimentTemplate.Outputs": { "additionalProperties": false, "properties": { - "InProgressTimeoutInMinutes": { - "markdownDescription": "The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` .\n\nThe timeout interval must be between 1 minute and 7 days (10080 minutes).", - "title": "InProgressTimeoutInMinutes", - "type": "number" + "ExperimentReportS3Configuration": { + "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentReportS3Configuration", + "markdownDescription": "The S3 destination for the experiment report.", + "title": "ExperimentReportS3Configuration" } }, + "required": [ + "ExperimentReportS3Configuration" + ], "type": "object" }, - "AWS::GreengrassV2::Deployment.SystemResourceLimits": { + "AWS::FIS::ExperimentTemplate.S3Configuration": { "additionalProperties": false, "properties": { - "Cpus": { - "markdownDescription": "The maximum amount of CPU time that a component's processes can use on the core device. A core device's total CPU time is equivalent to the device's number of CPU cores. For example, on a core device with 4 CPU cores, you can set this value to 2 to limit the component's processes to 50 percent usage of each CPU core. On a device with 1 CPU core, you can set this value to 0.25 to limit the component's processes to 25 percent usage of the CPU. If you set this value to a number greater than the number of CPU cores, the AWS IoT Greengrass Core software doesn't limit the component's CPU usage.", - "title": "Cpus", - "type": "number" + "BucketName": { + "markdownDescription": "The name of the destination bucket.", + "title": "BucketName", + "type": "string" }, - "Memory": { - "markdownDescription": "The maximum amount of RAM, expressed in kilobytes, that a component's processes can use on the core device. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", - "title": "Memory", - "type": "number" + "Prefix": { + "markdownDescription": "The bucket prefix.", + "title": "Prefix", + "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::GroundStation::Config": { + "AWS::FIS::TargetAccountConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -112073,34 +121946,37 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigData": { - "$ref": "#/definitions/AWS::GroundStation::Config.ConfigData", - "markdownDescription": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype.", - "title": "ConfigData" + "AccountId": { + "markdownDescription": "The AWS account ID of the target account.", + "title": "AccountId", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the config object.", - "title": "Name", + "Description": { + "markdownDescription": "The description of the target account.", + "title": "Description", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags assigned to a resource.", - "title": "Tags", - "type": "array" + "ExperimentTemplateId": { + "markdownDescription": "The ID of the experiment template.", + "title": "ExperimentTemplateId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role for the target account.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "ConfigData", - "Name" + "AccountId", + "ExperimentTemplateId", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::Config" + "AWS::FIS::TargetAccountConfiguration" ], "type": "string" }, @@ -112119,272 +121995,7 @@ ], "type": "object" }, - "AWS::GroundStation::Config.AntennaDownlinkConfig": { - "additionalProperties": false, - "properties": { - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig": { - "additionalProperties": false, - "properties": { - "DecodeConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DecodeConfig", - "markdownDescription": "Defines how the RF signal will be decoded.", - "title": "DecodeConfig" - }, - "DemodulationConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DemodulationConfig", - "markdownDescription": "Defines how the RF signal will be demodulated.", - "title": "DemodulationConfig" - }, - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.AntennaUplinkConfig": { - "additionalProperties": false, - "properties": { - "SpectrumConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.UplinkSpectrumConfig", - "markdownDescription": "Defines the spectrum configuration.", - "title": "SpectrumConfig" - }, - "TargetEirp": { - "$ref": "#/definitions/AWS::GroundStation::Config.Eirp", - "markdownDescription": "The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW.", - "title": "TargetEirp" - }, - "TransmitDisabled": { - "markdownDescription": "Whether or not uplink transmit is disabled.", - "title": "TransmitDisabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.ConfigData": { - "additionalProperties": false, - "properties": { - "AntennaDownlinkConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkConfig", - "markdownDescription": "Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks).", - "title": "AntennaDownlinkConfig" - }, - "AntennaDownlinkDemodDecodeConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig", - "markdownDescription": "Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data.", - "title": "AntennaDownlinkDemodDecodeConfig" - }, - "AntennaUplinkConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.AntennaUplinkConfig", - "markdownDescription": "Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts.", - "title": "AntennaUplinkConfig" - }, - "DataflowEndpointConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.DataflowEndpointConfig", - "markdownDescription": "Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact.", - "title": "DataflowEndpointConfig" - }, - "S3RecordingConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.S3RecordingConfig", - "markdownDescription": "Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts.", - "title": "S3RecordingConfig" - }, - "TrackingConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.TrackingConfig", - "markdownDescription": "Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact.", - "title": "TrackingConfig" - }, - "UplinkEchoConfig": { - "$ref": "#/definitions/AWS::GroundStation::Config.UplinkEchoConfig", - "markdownDescription": "Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts.", - "title": "UplinkEchoConfig" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.DataflowEndpointConfig": { - "additionalProperties": false, - "properties": { - "DataflowEndpointName": { - "markdownDescription": "The name of the dataflow endpoint to use during contacts.", - "title": "DataflowEndpointName", - "type": "string" - }, - "DataflowEndpointRegion": { - "markdownDescription": "The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact.", - "title": "DataflowEndpointRegion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.DecodeConfig": { - "additionalProperties": false, - "properties": { - "UnvalidatedJSON": { - "markdownDescription": "The decoding settings are in JSON format and define a set of steps to perform to decode the data.", - "title": "UnvalidatedJSON", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.DemodulationConfig": { - "additionalProperties": false, - "properties": { - "UnvalidatedJSON": { - "markdownDescription": "The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use.", - "title": "UnvalidatedJSON", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.Eirp": { - "additionalProperties": false, - "properties": { - "Units": { - "markdownDescription": "The units of the EIRP.", - "title": "Units", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the EIRP. Valid values are between 20.0 to 50.0 dBW.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.Frequency": { - "additionalProperties": false, - "properties": { - "Units": { - "markdownDescription": "The units of the frequency.", - "title": "Units", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.FrequencyBandwidth": { - "additionalProperties": false, - "properties": { - "Units": { - "markdownDescription": "The units of the bandwidth.", - "title": "Units", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.S3RecordingConfig": { - "additionalProperties": false, - "properties": { - "BucketArn": { - "markdownDescription": "S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` .", - "title": "BucketArn", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/`\n\n*Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}`", - "title": "Prefix", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "Defines the ARN of the role assumed for putting archives to S3.", - "title": "RoleArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.SpectrumConfig": { - "additionalProperties": false, - "properties": { - "Bandwidth": { - "$ref": "#/definitions/AWS::GroundStation::Config.FrequencyBandwidth", - "markdownDescription": "The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", - "title": "Bandwidth" - }, - "CenterFrequency": { - "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", - "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "CenterFrequency" - }, - "Polarization": { - "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` . Capturing both `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` polarization requires two separate configs.", - "title": "Polarization", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.TrackingConfig": { - "additionalProperties": false, - "properties": { - "Autotrack": { - "markdownDescription": "Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost.", - "title": "Autotrack", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.UplinkEchoConfig": { - "additionalProperties": false, - "properties": { - "AntennaUplinkConfigArn": { - "markdownDescription": "Defines the ARN of the uplink config to echo back to a dataflow endpoint.", - "title": "AntennaUplinkConfigArn", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Whether or not uplink echo is enabled.", - "title": "Enabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::GroundStation::Config.UplinkSpectrumConfig": { - "additionalProperties": false, - "properties": { - "CenterFrequency": { - "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", - "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", - "title": "CenterFrequency" - }, - "Polarization": { - "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` .", - "title": "Polarization", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup": { + "AWS::FMS::NotificationChannel": { "additionalProperties": false, "properties": { "Condition": { @@ -112419,41 +122030,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactPostPassDurationSeconds": { - "markdownDescription": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a `POSTPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `POSTPASS` state.", - "title": "ContactPostPassDurationSeconds", - "type": "number" - }, - "ContactPrePassDurationSeconds": { - "markdownDescription": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a `PREPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `PREPASS` state.", - "title": "ContactPrePassDurationSeconds", - "type": "number" - }, - "EndpointDetails": { - "items": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" - }, - "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", - "title": "EndpointDetails", - "type": "array" + "SnsRoleName": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity.", + "title": "SnsRoleName", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags assigned to a resource.", - "title": "Tags", - "type": "array" + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager .", + "title": "SnsTopicArn", + "type": "string" } }, "required": [ - "EndpointDetails" + "SnsRoleName", + "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::DataflowEndpointGroup" + "AWS::FMS::NotificationChannel" ], "type": "string" }, @@ -112472,190 +122068,10 @@ ], "type": "object" }, - "AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint": { + "AWS::FMS::Policy": { "additionalProperties": false, "properties": { - "AgentStatus": { - "markdownDescription": "The status of AgentEndpoint.", - "title": "AgentStatus", - "type": "string" - }, - "AuditResults": { - "markdownDescription": "The results of the audit.", - "title": "AuditResults", - "type": "string" - }, - "EgressAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails", - "markdownDescription": "The egress address of AgentEndpoint.", - "title": "EgressAddress" - }, - "IngressAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails", - "markdownDescription": "The ingress address of AgentEndpoint.", - "title": "IngressAddress" - }, - "Name": { - "markdownDescription": "Name string associated with AgentEndpoint. Used as a human-readable identifier for AgentEndpoint.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails": { - "additionalProperties": false, - "properties": { - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", - "title": "Mtu", - "type": "number" - }, - "SocketAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", - "markdownDescription": "A socket address.", - "title": "SocketAddress" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", - "markdownDescription": "The address and port of an endpoint.", - "title": "Address" - }, - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set.", - "title": "Mtu", - "type": "number" - }, - "Name": { - "markdownDescription": "The endpoint name.\n\nWhen listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite.", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.EndpointDetails": { - "additionalProperties": false, - "properties": { - "AwsGroundStationAgentEndpoint": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint", - "markdownDescription": "An agent endpoint.", - "title": "AwsGroundStationAgentEndpoint" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint", - "markdownDescription": "Information about the endpoint such as name and the endpoint address.", - "title": "Endpoint" - }, - "SecurityDetails": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SecurityDetails", - "markdownDescription": "The role ARN, and IDs for security groups and subnets.", - "title": "SecurityDetails" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.IntegerRange": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "A maximum value.", - "title": "Maximum", - "type": "number" - }, - "Minimum": { - "markdownDescription": "A minimum value.", - "title": "Minimum", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails": { - "additionalProperties": false, - "properties": { - "Mtu": { - "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", - "title": "Mtu", - "type": "number" - }, - "SocketAddress": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress", - "markdownDescription": "A ranged socket address.", - "title": "SocketAddress" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "IPv4 socket address.", - "title": "Name", - "type": "string" - }, - "PortRange": { - "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.IntegerRange", - "markdownDescription": "Port range of a socket address.", - "title": "PortRange" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.SecurityDetails": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` .\n\nGround Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact.", - "title": "RoleArn", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group Ids of the security role, such as `sg-1234567890abcdef0` .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnet Ids of the security details, such as `subnet-12345678` .", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::GroundStation::DataflowEndpointGroup.SocketAddress": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the endpoint, such as `Endpoint 1` .", - "title": "Name", - "type": "string" - }, - "Port": { - "markdownDescription": "The port of the endpoint, such as `55888` .", - "title": "Port", - "type": "number" - } - }, - "type": "object" - }, - "AWS::GroundStation::MissionProfile": { - "additionalProperties": false, - "properties": { - "Condition": { + "Condition": { "type": "string" }, "DeletionPolicy": { @@ -112687,69 +122103,105 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactPostPassDurationSeconds": { - "markdownDescription": "Amount of time in seconds after a contact ends that you\u2019d like to receive a Ground Station Contact State Change indicating the pass has finished.", - "title": "ContactPostPassDurationSeconds", - "type": "number" + "DeleteAllPolicyResources": { + "markdownDescription": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.", + "title": "DeleteAllPolicyResources", + "type": "boolean" }, - "ContactPrePassDurationSeconds": { - "markdownDescription": "Amount of time in seconds prior to contact start that you'd like to receive a Ground Station Contact State Change Event indicating an upcoming pass.", - "title": "ContactPrePassDurationSeconds", - "type": "number" + "ExcludeMap": { + "$ref": "#/definitions/AWS::FMS::Policy.IEMap", + "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", + "title": "ExcludeMap" }, - "DataflowEdges": { + "ExcludeResourceTags": { + "markdownDescription": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy.", + "title": "ExcludeResourceTags", + "type": "boolean" + }, + "IncludeMap": { + "$ref": "#/definitions/AWS::FMS::Policy.IEMap", + "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", + "title": "IncludeMap" + }, + "PolicyDescription": { + "markdownDescription": "Your description of the AWS Firewall Manager policy.", + "title": "PolicyDescription", + "type": "string" + }, + "PolicyName": { + "markdownDescription": "The name of the AWS Firewall Manager policy.", + "title": "PolicyName", + "type": "string" + }, + "RemediationEnabled": { + "markdownDescription": "Indicates if the policy should be automatically applied to new resources.", + "title": "RemediationEnabled", + "type": "boolean" + }, + "ResourceSetIds": { "items": { - "$ref": "#/definitions/AWS::GroundStation::MissionProfile.DataflowEdge" + "type": "string" }, - "markdownDescription": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config.", - "title": "DataflowEdges", + "markdownDescription": "The unique identifiers of the resource sets used by the policy.", + "title": "ResourceSetIds", "type": "array" }, - "MinimumViableContactDurationSeconds": { - "markdownDescription": "Minimum length of a contact in seconds that Ground Station will return when listing contacts. Ground Station will not return contacts shorter than this duration.", - "title": "MinimumViableContactDurationSeconds", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the mission profile.", - "title": "Name", + "ResourceTagLogicalOperator": { + "markdownDescription": "Specifies whether to combine multiple resource tags with AND, so that a resource must have all tags to be included or excluded, or OR, so that a resource must have at least one tag.\n\nDefault: `AND`", + "title": "ResourceTagLogicalOperator", "type": "string" }, - "StreamsKmsKey": { - "$ref": "#/definitions/AWS::GroundStation::MissionProfile.StreamsKmsKey", - "markdownDescription": "KMS key to use for encrypting streams.", - "title": "StreamsKmsKey" + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::FMS::Policy.ResourceTag" + }, + "markdownDescription": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` .", + "title": "ResourceTags", + "type": "array" }, - "StreamsKmsRole": { - "markdownDescription": "Role to use for encrypting streams with KMS key.", - "title": "StreamsKmsRole", + "ResourceType": { + "markdownDescription": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` .", + "title": "ResourceType", "type": "string" }, + "ResourceTypeList": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` .", + "title": "ResourceTypeList", + "type": "array" + }, + "ResourcesCleanUp": { + "markdownDescription": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies.", + "title": "ResourcesCleanUp", + "type": "boolean" + }, + "SecurityServicePolicyData": { + "$ref": "#/definitions/AWS::FMS::Policy.SecurityServicePolicyData", + "markdownDescription": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", + "title": "SecurityServicePolicyData" + }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::FMS::Policy.PolicyTag" }, - "markdownDescription": "Tags assigned to the mission profile.", + "markdownDescription": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", "title": "Tags", "type": "array" - }, - "TrackingConfigArn": { - "markdownDescription": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact.", - "title": "TrackingConfigArn", - "type": "string" } }, "required": [ - "DataflowEdges", - "MinimumViableContactDurationSeconds", - "Name", - "TrackingConfigArn" + "ExcludeResourceTags", + "PolicyName", + "RemediationEnabled", + "SecurityServicePolicyData" ], "type": "object" }, "Type": { "enum": [ - "AWS::GroundStation::MissionProfile" + "AWS::FMS::Policy" ], "type": "string" }, @@ -112768,281 +122220,277 @@ ], "type": "object" }, - "AWS::GroundStation::MissionProfile.DataflowEdge": { + "AWS::FMS::Policy.IEMap": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge.", - "title": "Destination", - "type": "string" + "ACCOUNT": { + "items": { + "type": "string" + }, + "markdownDescription": "The account list for the map.", + "title": "ACCOUNT", + "type": "array" }, - "Source": { - "markdownDescription": "The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge.", - "title": "Source", - "type": "string" + "ORGUNIT": { + "items": { + "type": "string" + }, + "markdownDescription": "The organizational unit list for the map.", + "title": "ORGUNIT", + "type": "array" } }, "type": "object" }, - "AWS::GroundStation::MissionProfile.StreamsKmsKey": { + "AWS::FMS::Policy.IcmpTypeCode": { "additionalProperties": false, "properties": { - "KmsAliasArn": { - "markdownDescription": "KMS Alias Arn.", - "title": "KmsAliasArn", - "type": "string" + "Code": { + "markdownDescription": "ICMP code.", + "title": "Code", + "type": "number" }, - "KmsKeyArn": { - "markdownDescription": "KMS Key Arn.", - "title": "KmsKeyArn", - "type": "string" + "Type": { + "markdownDescription": "ICMP type.", + "title": "Type", + "type": "number" } }, + "required": [ + "Code", + "Type" + ], "type": "object" }, - "AWS::GuardDuty::Detector": { + "AWS::FMS::Policy.NetworkAclCommonPolicy": { "additionalProperties": false, "properties": { - "Condition": { + "NetworkAclEntrySet": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntrySet", + "markdownDescription": "The definition of the first and last rules for the network ACL policy.", + "title": "NetworkAclEntrySet" + } + }, + "required": [ + "NetworkAclEntrySet" + ], + "type": "object" + }, + "AWS::FMS::Policy.NetworkAclEntry": { + "additionalProperties": false, + "properties": { + "CidrBlock": { + "markdownDescription": "The IPv4 network range to allow or deny, in CIDR notation.", + "title": "CidrBlock", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Egress": { + "markdownDescription": "Indicates whether the rule is an egress, or outbound, rule (applied to traffic leaving the subnet). If it's not an egress rule, then it's an ingress, or inbound, rule.", + "title": "Egress", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "IcmpTypeCode": { + "$ref": "#/definitions/AWS::FMS::Policy.IcmpTypeCode", + "markdownDescription": "ICMP protocol: The ICMP type and code.", + "title": "IcmpTypeCode" }, - "Metadata": { - "type": "object" + "Ipv6CidrBlock": { + "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation.", + "title": "Ipv6CidrBlock", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataSources": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNDataSourceConfigurations", - "markdownDescription": "Describes which data sources will be enabled for the detector.", - "title": "DataSources" - }, - "Enable": { - "markdownDescription": "Specifies whether the detector is to be enabled on creation.", - "title": "Enable", - "type": "boolean" - }, - "Features": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureConfiguration" - }, - "markdownDescription": "A list of features that will be configured for the detector.", - "title": "Features", - "type": "array" - }, - "FindingPublishingFrequency": { - "markdownDescription": "Specifies how frequently updated findings are exported.", - "title": "FindingPublishingFrequency", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.TagItem" - }, - "markdownDescription": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Enable" - ], - "type": "object" + "PortRange": { + "$ref": "#/definitions/AWS::FMS::Policy.PortRange", + "markdownDescription": "TCP or UDP protocols: The range of ports the rule applies to.", + "title": "PortRange" }, - "Type": { - "enum": [ - "AWS::GuardDuty::Detector" - ], + "Protocol": { + "markdownDescription": "The protocol number. A value of \"-1\" means all protocols.", + "title": "Protocol", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RuleAction": { + "markdownDescription": "Indicates whether to allow or deny the traffic that matches the rule.", + "title": "RuleAction", "type": "string" } }, "required": [ - "Type", - "Properties" + "Egress", + "Protocol", + "RuleAction" ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { + "AWS::FMS::Policy.NetworkAclEntrySet": { "additionalProperties": false, "properties": { - "Kubernetes": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesConfiguration", - "markdownDescription": "Describes which Kubernetes data sources are enabled for a detector.", - "title": "Kubernetes" + "FirstEntries": { + "items": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntry" + }, + "markdownDescription": "The rules that you want to run first in the Firewall Manager managed network ACLs.\n\n> Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. \n\nYou must specify at least one first entry or one last entry in any network ACL policy.", + "title": "FirstEntries", + "type": "array" }, - "MalwareProtection": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration", - "markdownDescription": "Describes whether Malware Protection will be enabled as a data source.", - "title": "MalwareProtection" + "ForceRemediateForFirstEntries": { + "markdownDescription": "Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries.\n\nIf forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* .", + "title": "ForceRemediateForFirstEntries", + "type": "boolean" }, - "S3Logs": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNS3LogsConfiguration", - "markdownDescription": "Describes whether S3 data event logs are enabled as a data source.", - "title": "S3Logs" + "ForceRemediateForLastEntries": { + "markdownDescription": "Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries.\n\nIf forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* .", + "title": "ForceRemediateForLastEntries", + "type": "boolean" + }, + "LastEntries": { + "items": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclEntry" + }, + "markdownDescription": "The rules that you want to run last in the Firewall Manager managed network ACLs.\n\n> Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. \n\nYou must specify at least one first entry or one last entry in any network ACL policy.", + "title": "LastEntries", + "type": "array" } }, + "required": [ + "ForceRemediateForFirstEntries", + "ForceRemediateForLastEntries" + ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration": { + "AWS::FMS::Policy.NetworkFirewallPolicy": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of the additional configuration.", - "title": "Name", - "type": "string" - }, - "Status": { - "markdownDescription": "Status of the additional configuration.", - "title": "Status", + "FirewallDeploymentModel": { + "markdownDescription": "Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .", + "title": "FirewallDeploymentModel", "type": "string" } }, + "required": [ + "FirewallDeploymentModel" + ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNFeatureConfiguration": { + "AWS::FMS::Policy.PolicyOption": { "additionalProperties": false, "properties": { - "AdditionalConfiguration": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration" - }, - "markdownDescription": "Information about the additional configuration of a feature in your account.", - "title": "AdditionalConfiguration", - "type": "array" + "NetworkAclCommonPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkAclCommonPolicy", + "markdownDescription": "Defines a Firewall Manager network ACL policy.", + "title": "NetworkAclCommonPolicy" }, - "Name": { - "markdownDescription": "Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* .", - "title": "Name", - "type": "string" + "NetworkFirewallPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.NetworkFirewallPolicy", + "markdownDescription": "Defines the deployment model to use for the firewall policy.", + "title": "NetworkFirewallPolicy" }, - "Status": { - "markdownDescription": "Status of the feature configuration.", - "title": "Status", - "type": "string" + "ThirdPartyFirewallPolicy": { + "$ref": "#/definitions/AWS::FMS::Policy.ThirdPartyFirewallPolicy", + "markdownDescription": "Defines the policy options for a third-party firewall policy.", + "title": "ThirdPartyFirewallPolicy" } }, - "required": [ - "Name", - "Status" - ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration": { + "AWS::FMS::Policy.PolicyTag": { "additionalProperties": false, "properties": { - "Enable": { - "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", - "title": "Enable", - "type": "boolean" + "Key": { + "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive.", + "title": "Value", + "type": "string" } }, "required": [ - "Enable" + "Key", + "Value" ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNKubernetesConfiguration": { + "AWS::FMS::Policy.PortRange": { "additionalProperties": false, "properties": { - "AuditLogs": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration", - "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", - "title": "AuditLogs" + "From": { + "markdownDescription": "The beginning port number of the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The ending port number of the range.", + "title": "To", + "type": "number" } }, "required": [ - "AuditLogs" + "From", + "To" ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration": { - "additionalProperties": false, - "properties": { - "ScanEc2InstanceWithFindings": { - "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration", - "markdownDescription": "Describes the configuration of Malware Protection for EC2 instances with findings.", - "title": "ScanEc2InstanceWithFindings" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Detector.CFNS3LogsConfiguration": { + "AWS::FMS::Policy.ResourceTag": { "additionalProperties": false, "properties": { - "Enable": { - "markdownDescription": "The status of S3 data event logs as a data source.", - "title": "Enable", - "type": "boolean" + "Key": { + "markdownDescription": "The resource tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The resource tag value.", + "title": "Value", + "type": "string" } }, "required": [ - "Enable" + "Key" ], "type": "object" }, - "AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration": { + "AWS::FMS::Policy.SecurityServicePolicyData": { "additionalProperties": false, "properties": { - "EbsVolumes": { - "markdownDescription": "Describes the configuration for scanning EBS volumes as data source.", - "title": "EbsVolumes", - "type": "boolean" + "ManagedServiceData": { + "markdownDescription": "Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", + "title": "ManagedServiceData", + "type": "string" + }, + "PolicyOption": { + "$ref": "#/definitions/AWS::FMS::Policy.PolicyOption", + "markdownDescription": "Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy.", + "title": "PolicyOption" + }, + "Type": { + "markdownDescription": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong .", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::GuardDuty::Detector.TagItem": { + "AWS::FMS::Policy.ThirdPartyFirewallPolicy": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "FirewallDeploymentModel": { + "markdownDescription": "Defines the deployment model to use for the third-party firewall policy.", + "title": "FirewallDeploymentModel", "type": "string" } }, "required": [ - "Key", - "Value" + "FirewallDeploymentModel" ], "type": "object" }, - "AWS::GuardDuty::Filter": { + "AWS::FMS::ResourceSet": { "additionalProperties": false, "properties": { "Condition": { @@ -113077,53 +122525,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies the action that is to be applied to the findings that match the filter.", - "title": "Action", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.", + "markdownDescription": "A description of the resource set.", "title": "Description", "type": "string" }, - "DetectorId": { - "markdownDescription": "The detector ID associated with the GuardDuty account for which you want to create a filter.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", - "type": "string" - }, - "FindingCriteria": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.FindingCriteria", - "markdownDescription": "Represents the criteria to be used in the filter for querying findings.", - "title": "FindingCriteria" - }, "Name": { - "markdownDescription": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.", + "markdownDescription": "The descriptive name of the resource set. You can't change the name of a resource set after you create it.", "title": "Name", "type": "string" }, - "Rank": { - "markdownDescription": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` .", - "title": "Rank", - "type": "number" + "ResourceTypeList": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list.", + "title": "ResourceTypeList", + "type": "array" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Resources", + "type": "array" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "FindingCriteria" + "Name", + "ResourceTypeList" ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::Filter" + "AWS::FMS::ResourceSet" ], "type": "string" }, @@ -113142,122 +122587,7 @@ ], "type": "object" }, - "AWS::GuardDuty::Filter.Condition": { - "additionalProperties": false, - "properties": { - "Eq": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the equal condition to apply to a single field when querying for findings.", - "title": "Eq", - "type": "array" - }, - "Equals": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents an *equal* ** condition to be applied to a single field when querying for findings.", - "title": "Equals", - "type": "array" - }, - "GreaterThan": { - "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", - "title": "GreaterThan", - "type": "number" - }, - "GreaterThanOrEqual": { - "markdownDescription": "Represents a *greater than or equal* condition to be applied to a single field when querying for findings.", - "title": "GreaterThanOrEqual", - "type": "number" - }, - "Gt": { - "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", - "title": "Gt", - "type": "number" - }, - "Gte": { - "markdownDescription": "Represents the greater than or equal condition to apply to a single field when querying for findings.", - "title": "Gte", - "type": "number" - }, - "LessThan": { - "markdownDescription": "Represents a *less than* condition to be applied to a single field when querying for findings.", - "title": "LessThan", - "type": "number" - }, - "LessThanOrEqual": { - "markdownDescription": "Represents a *less than or equal* condition to be applied to a single field when querying for findings.", - "title": "LessThanOrEqual", - "type": "number" - }, - "Lt": { - "markdownDescription": "Represents the less than condition to apply to a single field when querying for findings.", - "title": "Lt", - "type": "number" - }, - "Lte": { - "markdownDescription": "Represents the less than or equal condition to apply to a single field when querying for findings.", - "title": "Lte", - "type": "number" - }, - "Neq": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents the not equal condition to apply to a single field when querying for findings.", - "title": "Neq", - "type": "array" - }, - "NotEquals": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents a *not equal* ** condition to be applied to a single field when querying for findings.", - "title": "NotEquals", - "type": "array" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Filter.FindingCriteria": { - "additionalProperties": false, - "properties": { - "Criterion": { - "additionalProperties": false, - "markdownDescription": "Represents a map of finding properties that match specified conditions and values when querying findings.\n\nFor information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion:\n\n- accountId\n- id\n- region\n- severity\n\nTo filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition:\n\n- *Low* : `[\"1\", \"2\", \"3\"]`\n- *Medium* : `[\"4\", \"5\", \"6\"]`\n- *High* : `[\"7\", \"8\", \"9\"]`\n\nFor more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* .\n- type\n- updatedAt\n\nType: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds.\n- resource.accessKeyDetails.accessKeyId\n- resource.accessKeyDetails.principalId\n- resource.accessKeyDetails.userName\n- resource.accessKeyDetails.userType\n- resource.instanceDetails.iamInstanceProfile.id\n- resource.instanceDetails.imageId\n- resource.instanceDetails.instanceId\n- resource.instanceDetails.tags.key\n- resource.instanceDetails.tags.value\n- resource.instanceDetails.networkInterfaces.ipv6Addresses\n- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress\n- resource.instanceDetails.networkInterfaces.publicDnsName\n- resource.instanceDetails.networkInterfaces.publicIp\n- resource.instanceDetails.networkInterfaces.securityGroups.groupId\n- resource.instanceDetails.networkInterfaces.securityGroups.groupName\n- resource.instanceDetails.networkInterfaces.subnetId\n- resource.instanceDetails.networkInterfaces.vpcId\n- resource.instanceDetails.outpostArn\n- resource.resourceType\n- resource.s3BucketDetails.publicAccess.effectivePermissions\n- resource.s3BucketDetails.name\n- resource.s3BucketDetails.tags.key\n- resource.s3BucketDetails.tags.value\n- resource.s3BucketDetails.type\n- service.action.actionType\n- service.action.awsApiCallAction.api\n- service.action.awsApiCallAction.callerType\n- service.action.awsApiCallAction.errorCode\n- service.action.awsApiCallAction.remoteIpDetails.city.cityName\n- service.action.awsApiCallAction.remoteIpDetails.country.countryName\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.awsApiCallAction.remoteIpDetails.organization.asn\n- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg\n- service.action.awsApiCallAction.serviceName\n- service.action.dnsRequestAction.domain\n- service.action.dnsRequestAction.domainWithSuffix\n- service.action.networkConnectionAction.blocked\n- service.action.networkConnectionAction.connectionDirection\n- service.action.networkConnectionAction.localPortDetails.port\n- service.action.networkConnectionAction.protocol\n- service.action.networkConnectionAction.remoteIpDetails.city.cityName\n- service.action.networkConnectionAction.remoteIpDetails.country.countryName\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6\n- service.action.networkConnectionAction.remoteIpDetails.organization.asn\n- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg\n- service.action.networkConnectionAction.remotePortDetails.port\n- service.action.awsApiCallAction.remoteAccountDetails.affiliated\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.kubernetesApiCallAction.namespace\n- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn\n- service.action.kubernetesApiCallAction.requestUri\n- service.action.kubernetesApiCallAction.statusCode\n- service.action.networkConnectionAction.localIpDetails.ipAddressV4\n- service.action.networkConnectionAction.localIpDetails.ipAddressV6\n- service.action.networkConnectionAction.protocol\n- service.action.awsApiCallAction.serviceName\n- service.action.awsApiCallAction.remoteAccountDetails.accountId\n- service.additionalInfo.threatListName\n- service.resourceRole\n- resource.eksClusterDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace\n- resource.kubernetesDetails.kubernetesUserDetails.username\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix\n- service.ebsVolumeScanDetails.scanId\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash\n- service.malwareScanDetails.threats.name\n- resource.ecsClusterDetails.name\n- resource.ecsClusterDetails.taskDetails.containers.image\n- resource.ecsClusterDetails.taskDetails.definitionArn\n- resource.containerDetails.image\n- resource.rdsDbInstanceDetails.dbInstanceIdentifier\n- resource.rdsDbInstanceDetails.dbClusterIdentifier\n- resource.rdsDbInstanceDetails.engine\n- resource.rdsDbUserDetails.user\n- resource.rdsDbInstanceDetails.tags.key\n- resource.rdsDbInstanceDetails.tags.value\n- service.runtimeDetails.process.executableSha256\n- service.runtimeDetails.process.name\n- service.runtimeDetails.process.name\n- resource.lambdaDetails.functionName\n- resource.lambdaDetails.functionArn\n- resource.lambdaDetails.tags.key\n- resource.lambdaDetails.tags.value", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::GuardDuty::Filter.Condition" - } - }, - "title": "Criterion", - "type": "object" - } - }, - "type": "object" - }, - "AWS::GuardDuty::Filter.TagItem": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::GuardDuty::IPSet": { + "AWS::FSx::DataRepositoryAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -113292,49 +122622,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Activate": { - "markdownDescription": "Indicates whether or not GuardDuty uses the `IPSet` .", - "title": "Activate", + "BatchImportMetaDataOnCreate": { + "markdownDescription": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to `true` .", + "title": "BatchImportMetaDataOnCreate", "type": "boolean" }, - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", + "DataRepositoryPath": { + "markdownDescription": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format `s3://myBucket/myPrefix/` . This path specifies where in the S3 data repository files will be imported from or exported to.", + "title": "DataRepositoryPath", "type": "string" }, - "Format": { - "markdownDescription": "The format of the file that contains the IPSet.", - "title": "Format", + "FileSystemId": { + "markdownDescription": "The ID of the file system on which the data repository association is configured.", + "title": "FileSystemId", "type": "string" }, - "Location": { - "markdownDescription": "The URI of the file that contains the IPSet.", - "title": "Location", + "FileSystemPath": { + "markdownDescription": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as `/ns1/` ) or subdirectory (such as `/ns1/subdir/` ) that will be mapped 1-1 with `DataRepositoryPath` . The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/` , then you cannot link another data repository with file system path `/ns1/ns2` .\n\nThis path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n\n> If you specify only a forward slash ( `/` ) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system.", + "title": "FileSystemPath", "type": "string" }, - "Name": { - "markdownDescription": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", - "title": "Name", - "type": "string" + "ImportedFileChunkSize": { + "markdownDescription": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.", + "title": "ImportedFileChunkSize", + "type": "number" + }, + "S3": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.S3", + "markdownDescription": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.", + "title": "S3" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::GuardDuty::IPSet.TagItem" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", "title": "Tags", "type": "array" } }, "required": [ - "Format", - "Location" + "DataRepositoryPath", + "FileSystemId", + "FileSystemPath" ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::IPSet" + "AWS::FSx::DataRepositoryAssociation" ], "type": "string" }, @@ -113353,105 +122689,57 @@ ], "type": "object" }, - "AWS::GuardDuty::IPSet.TagItem": { + "AWS::FSx::DataRepositoryAssociation.AutoExportPolicy": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", - "type": "string" + "Events": { + "items": { + "type": "string" + }, + "markdownDescription": "The `AutoExportPolicy` can have the following event values:\n\n- `NEW` - New files and directories are automatically exported to the data repository as they are added to the file system.\n- `CHANGED` - Changes to files and directories on the file system are automatically exported to the data repository.\n- `DELETED` - Files and directories are automatically deleted on the data repository when they are deleted on the file system.\n\nYou can define any combination of event types for your `AutoExportPolicy` .", + "title": "Events", + "type": "array" } }, "required": [ - "Key", - "Value" + "Events" ], "type": "object" }, - "AWS::GuardDuty::Master": { + "AWS::FSx::DataRepositoryAssociation.AutoImportPolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty member account.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", - "type": "string" - }, - "InvitationId": { - "markdownDescription": "The ID of the invitation that is sent to the account designated as a member account. You can find the invitation ID by running the [ListInvitations](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html) in the *GuardDuty API Reference* .", - "title": "InvitationId", - "type": "string" - }, - "MasterId": { - "markdownDescription": "The AWS account ID of the account designated as the GuardDuty administrator account.", - "title": "MasterId", - "type": "string" - } + "Events": { + "items": { + "type": "string" }, - "required": [ - "DetectorId", - "MasterId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::GuardDuty::Master" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The `AutoImportPolicy` can have the following event values:\n\n- `NEW` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `CHANGED` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository.\n- `DELETED` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository.\n\nYou can define any combination of event types for your `AutoImportPolicy` .", + "title": "Events", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Events" ], "type": "object" }, - "AWS::GuardDuty::Member": { + "AWS::FSx::DataRepositoryAssociation.S3": { + "additionalProperties": false, + "properties": { + "AutoExportPolicy": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoExportPolicy", + "markdownDescription": "Describes a data repository association's automatic export policy. The `AutoExportPolicy` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file.\n\nThe `AutoExportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", + "title": "AutoExportPolicy" + }, + "AutoImportPolicy": { + "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoImportPolicy", + "markdownDescription": "Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket.\n\nThe `AutoImportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", + "title": "AutoImportPolicy" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem": { "additionalProperties": false, "properties": { "Condition": { @@ -113486,45 +122774,90 @@ "Properties": { "additionalProperties": false, "properties": { - "DetectorId": { - "markdownDescription": "The ID of the detector associated with the GuardDuty service to add the member to.", - "title": "DetectorId", + "BackupId": { + "markdownDescription": "The ID of the file system backup that you are using to create a file system. For more information, see [CreateFileSystemFromBackup](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html) .", + "title": "BackupId", "type": "string" }, - "DisableEmailNotification": { - "markdownDescription": "Specifies whether or not to disable email notification for the member account that you invite.", - "title": "DisableEmailNotification", - "type": "boolean" - }, - "Email": { - "markdownDescription": "The email address associated with the member account.", - "title": "Email", + "FileSystemType": { + "markdownDescription": "The type of Amazon FSx file system, which can be `LUSTRE` , `WINDOWS` , `ONTAP` , or `OPENZFS` .", + "title": "FileSystemType", "type": "string" }, - "MemberId": { - "markdownDescription": "The AWS account ID of the account to designate as a member.", - "title": "MemberId", + "FileSystemTypeVersion": { + "markdownDescription": "For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are `2.10` , `2.12` , and `2.15` :\n\n- `2.10` is supported by the Scratch and Persistent_1 Lustre deployment types.\n- `2.12` is supported by all Lustre deployment types, except for `PERSISTENT_2` with a metadata configuration mode.\n- `2.15` is supported by all Lustre deployment types and is recommended for all new file systems.\n\nDefault value is `2.10` , except for the following deployments:\n\n- Default value is `2.12` when `DeploymentType` is set to `PERSISTENT_2` without a metadata configuration mode.\n- Default value is `2.15` when `DeploymentType` is set to `PERSISTENT_2` with a metadata configuration mode.", + "title": "FileSystemTypeVersion", "type": "string" }, - "Message": { - "markdownDescription": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members.", - "title": "Message", + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server\n\nIf this ID isn't specified, the Amazon FSx-managed key for your account is used. For more information, see [Encrypt](https://docs.aws.amazon.com//kms/latest/APIReference/API_Encrypt.html) in the *AWS Key Management Service API Reference* .", + "title": "KmsKeyId", "type": "string" }, - "Status": { - "markdownDescription": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited.", - "title": "Status", + "LustreConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.LustreConfiguration", + "markdownDescription": "The Lustre configuration for the file system being created. This configuration is required if the `FileSystemType` is set to `LUSTRE` .\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", + "title": "LustreConfiguration" + }, + "OntapConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.OntapConfiguration", + "markdownDescription": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating. This configuration is required if the `FileSystemType` is set to `ONTAP` .", + "title": "OntapConfiguration" + }, + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.OpenZFSConfiguration", + "markdownDescription": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating. This configuration is required if the `FileSystemType` is set to `OPENZFS` .", + "title": "OpenZFSConfiguration" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", + "title": "SecurityGroupIds", + "type": "array" + }, + "StorageCapacity": { + "markdownDescription": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", + "title": "StorageCapacity", + "type": "number" + }, + "StorageType": { + "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type and for Lustre file systems with the Persistent_2 deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [FSx for Lustre storage classes](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html#lustre-storage-classes) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageType", "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", + "title": "Tags", + "type": "array" + }, + "WindowsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.WindowsConfiguration", + "markdownDescription": "The configuration object for the Microsoft Windows file system you are creating. This configuration is required if `FileSystemType` is set to `WINDOWS` .", + "title": "WindowsConfiguration" } }, "required": [ - "Email" + "FileSystemType", + "SubnetIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::GuardDuty::Member" + "AWS::FSx::FileSystem" ], "type": "string" }, @@ -113543,393 +122876,546 @@ ], "type": "object" }, - "AWS::GuardDuty::ThreatIntelSet": { + "AWS::FSx::FileSystem.AuditLogConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AuditLogDestination": { + "markdownDescription": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN.\n\nThe name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehose delivery stream must begin with the `aws-fsx` prefix.\n\nThe destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose delivery stream) must be in the same AWS partition, AWS Region , and AWS account as your Amazon FSx file system.", + "title": "AuditLogDestination", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FileAccessAuditLogLevel": { + "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file and folder accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access files or folders are logged.\n- `FAILURE_ONLY` - only failed attempts to access files or folders are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access files or folders are logged.\n- `DISABLED` - access auditing of files and folders is turned off.", + "title": "FileAccessAuditLogLevel", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "FileShareAccessAuditLogLevel": { + "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file share accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access file shares are logged.\n- `FAILURE_ONLY` - only failed attempts to access file shares are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access file shares are logged.\n- `DISABLED` - access auditing of file shares is turned off.", + "title": "FileShareAccessAuditLogLevel", + "type": "string" + } + }, + "required": [ + "FileAccessAuditLogLevel", + "FileShareAccessAuditLogLevel" + ], + "type": "object" + }, + "AWS::FSx::FileSystem.ClientConfigurations": { + "additionalProperties": false, + "properties": { + "Clients": { + "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", + "title": "Clients", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Activate": { - "markdownDescription": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", - "title": "Activate", - "type": "boolean" - }, - "DetectorId": { - "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create a `ThreatIntelSet` .\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", - "title": "DetectorId", - "type": "string" - }, - "Format": { - "markdownDescription": "The format of the file that contains the ThreatIntelSet.", - "title": "Format", - "type": "string" - }, - "Location": { - "markdownDescription": "The URI of the file that contains the ThreatIntelSet.", - "title": "Location", - "type": "string" - }, - "Name": { - "markdownDescription": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet.TagItem" - }, - "markdownDescription": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "Options": { + "items": { + "type": "string" }, - "required": [ - "Format", - "Location" - ], - "type": "object" + "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", + "title": "Options", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.DataReadCacheConfiguration": { + "additionalProperties": false, + "properties": { + "SizeGiB": { + "markdownDescription": "Required if `SizingMode` is set to `USER_PROVISIONED` . Specifies the size of the file system's SSD read cache, in gibibytes (GiB).", + "title": "SizeGiB", + "type": "number" }, - "Type": { - "enum": [ - "AWS::GuardDuty::ThreatIntelSet" - ], + "SizingMode": { + "markdownDescription": "Specifies how the provisioned SSD read cache is sized, as follows:\n\n- Set to `NO_CACHE` if you do not want to use an SSD read cache with your Intelligent-Tiering file system.\n- Set to `USER_PROVISIONED` to specify the exact size of your SSD read cache.\n- Set to `PROPORTIONAL_TO_THROUGHPUT_CAPACITY` to have your SSD read cache automatically sized based on your throughput capacity.", + "title": "SizingMode", "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.DiskIopsConfiguration": { + "additionalProperties": false, + "properties": { + "Iops": { + "markdownDescription": "The total number of SSD IOPS provisioned for the file system.\n\nThe minimum and maximum values for this property depend on the value of `HAPairs` and `StorageCapacity` . The minimum value is calculated as `StorageCapacity` * 3 * `HAPairs` (3 IOPS per GB of `StorageCapacity` ). The maximum value is calculated as 200,000 * `HAPairs` .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) if the value of `Iops` is outside of the minimum or maximum values.", + "title": "Iops", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Mode": { + "markdownDescription": "Specifies whether the file system is using the `AUTOMATIC` setting of SSD IOPS of 3 IOPS per GB of storage capacity, or if it using a `USER_PROVISIONED` value.", + "title": "Mode", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::GuardDuty::ThreatIntelSet.TagItem": { + "AWS::FSx::FileSystem.LustreConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "AutoImportPolicy": { + "markdownDescription": "(Optional) When you create your file system, your existing S3 objects appear as file and directory listings. Use this property to choose how Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. `AutoImportPolicy` can have the following values:\n\n- `NONE` - (Default) AutoImport is off. Amazon FSx only updates file and directory listings from the linked S3 bucket when the file system is created. FSx does not update file and directory listings for any new or changed objects after choosing this option.\n- `NEW` - AutoImport is on. Amazon FSx automatically imports directory listings of any new objects added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `NEW_CHANGED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket and any existing objects that are changed in the S3 bucket after you choose this option.\n- `NEW_CHANGED_DELETED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket, any existing objects that are changed in the S3 bucket, and any objects that were deleted in the S3 bucket.\n\nFor more information, see [Automatically import updates from your S3 bucket](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) .\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "AutoImportPolicy", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `0` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "CopyTagsToBackups": { + "markdownDescription": "(Optional) Not available for use with file systems that are linked to a data repository. A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. If `CopyTagsToBackups` is set to true, all file system tags are copied to all automatic and user-initiated backups when the user doesn't specify any backup-specific tags. If `CopyTagsToBackups` is set to true and you specify one or more backup tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.\n\n(Default = `false` )\n\nFor more information, see [Working with backups](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-backups-fsx.html) in the *Amazon FSx for Lustre User Guide* .", + "title": "CopyTagsToBackups", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", + "type": "string" + }, + "DataCompressionType": { + "markdownDescription": "Sets the data compression configuration for the file system. `DataCompressionType` can have the following values:\n\n- `NONE` - (Default) Data compression is turned off when the file system is created.\n- `LZ4` - Data compression is turned on with the LZ4 algorithm.\n\nFor more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* .", + "title": "DataCompressionType", + "type": "string" + }, + "DataReadCacheConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DataReadCacheConfiguration", + "markdownDescription": "Specifies the optional provisioned SSD read cache on FSx for Lustre file systems that use the Intelligent-Tiering storage class. Required when `StorageType` is set to `INTELLIGENT_TIERING` .", + "title": "DataReadCacheConfiguration" + }, + "DeploymentType": { + "markdownDescription": "(Optional) Choose `SCRATCH_1` and `SCRATCH_2` deployment types when you need temporary storage and shorter-term processing of data. The `SCRATCH_2` deployment type provides in-transit encryption of data and higher burst throughput capacity than `SCRATCH_1` .\n\nChoose `PERSISTENT_1` for longer-term storage and for throughput-focused workloads that aren\u2019t latency-sensitive. `PERSISTENT_1` supports encryption of data in transit, and is available in all AWS Regions in which FSx for Lustre is available.\n\nChoose `PERSISTENT_2` for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. `PERSISTENT_2` supports the SSD and Intelligent-Tiering storage classes. You can optionally specify a metadata configuration mode for `PERSISTENT_2` which supports increasing metadata performance. `PERSISTENT_2` is available in a limited number of AWS Regions . For more information, and an up-to-date list of AWS Regions in which `PERSISTENT_2` is available, see [Deployment and storage class options for FSx for Lustre file systems](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html) in the *Amazon FSx for Lustre User Guide* .\n\n> If you choose `PERSISTENT_2` , and you set `FileSystemTypeVersion` to `2.10` , the `CreateFileSystem` operation fails. \n\nEncryption of data in transit is automatically turned on when you access `SCRATCH_2` , `PERSISTENT_1` , and `PERSISTENT_2` file systems from Amazon EC2 instances that support automatic encryption in the AWS Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see [Encrypting data in transit](https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) in the *Amazon FSx for Lustre User Guide* .\n\n(Default = `SCRATCH_1` )", + "title": "DeploymentType", + "type": "string" + }, + "DriveCacheType": { + "markdownDescription": "The type of drive cache used by `PERSISTENT_1` file systems that are provisioned with HDD storage devices. This parameter is required when storage type is HDD. Set this property to `READ` to improve the performance for frequently accessed files by caching up to 20% of the total storage capacity of the file system.\n\nThis parameter is required when `StorageType` is set to `HDD` and `DeploymentType` is `PERSISTENT_1` .", + "title": "DriveCacheType", + "type": "string" + }, + "EfaEnabled": { + "markdownDescription": "(Optional) Specifies whether Elastic Fabric Adapter (EFA) and GPUDirect Storage (GDS) support is enabled for the Amazon FSx for Lustre file system.\n\n(Default = `false` )", + "title": "EfaEnabled", + "type": "boolean" + }, + "ExportPath": { + "markdownDescription": "(Optional) Specifies the path in the Amazon S3 bucket where the root of your Amazon FSx file system is exported. The path must use the same Amazon S3 bucket as specified in ImportPath. You can provide an optional prefix to which new and changed data is to be exported from your Amazon FSx for Lustre file system. If an `ExportPath` value is not provided, Amazon FSx sets a default export path, `s3://import-bucket/FSxLustre[creation-timestamp]` . The timestamp is in UTC format, for example `s3://import-bucket/FSxLustre20181105T222312Z` .\n\nThe Amazon S3 export bucket must be the same as the import bucket specified by `ImportPath` . If you specify only a bucket name, such as `s3://import-bucket` , you get a 1:1 mapping of file system objects to S3 bucket objects. This mapping means that the input data in S3 is overwritten on export. If you provide a custom prefix in the export path, such as `s3://import-bucket/[custom-optional-prefix]` , Amazon FSx exports the contents of your file system to that export prefix in the Amazon S3 bucket.\n\n> This parameter is not supported for file systems with a data repository association.", + "title": "ExportPath", + "type": "string" + }, + "ImportPath": { + "markdownDescription": "(Optional) The path to the Amazon S3 bucket (including the optional prefix) that you're using as the data repository for your Amazon FSx for Lustre file system. The root of your FSx for Lustre file system will be mapped to the root of the Amazon S3 bucket you select. An example is `s3://import-bucket/optional-prefix` . If you specify a prefix after the Amazon S3 bucket name, only object keys with that prefix are loaded into the file system.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "ImportPath", + "type": "string" + }, + "ImportedFileChunkSize": { + "markdownDescription": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", + "title": "ImportedFileChunkSize", + "type": "number" + }, + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.MetadataConfiguration", + "markdownDescription": "The Lustre metadata performance configuration for the creation of an FSx for Lustre file system using a `PERSISTENT_2` deployment type.", + "title": "MetadataConfiguration" + }, + "PerUnitStorageThroughput": { + "markdownDescription": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", + "title": "PerUnitStorageThroughput", + "type": "number" + }, + "ThroughputCapacity": { + "markdownDescription": "Specifies the throughput of an FSx for Lustre file system using the Intelligent-Tiering storage class, measured in megabytes per second (MBps). Valid values are 4000 MBps or multiples of 4000 MBps. You pay for the amount of throughput that you provision.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::HealthImaging::Datastore": { + "AWS::FSx::FileSystem.MetadataConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Iops": { + "markdownDescription": "The number of Metadata IOPS provisioned for the file system.", + "title": "Iops", + "type": "number" + }, + "Mode": { + "markdownDescription": "Specifies whether the file system is using the AUTOMATIC setting of metadata IOPS or if it is using a USER_PROVISIONED value.", + "title": "Mode", "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.NfsExports": { + "additionalProperties": false, + "properties": { + "ClientConfigurations": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.ClientConfigurations" + }, + "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", + "title": "ClientConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FSx::FileSystem.OntapConfiguration": { + "additionalProperties": false, + "properties": { + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DeploymentType": { + "markdownDescription": "Specifies the FSx for ONTAP file system deployment type to use in creating the file system.\n\n- `MULTI_AZ_1` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. This is a first-generation FSx for ONTAP file system.\n- `MULTI_AZ_2` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary AZ unavailability. This is a second-generation FSx for ONTAP file system.\n- `SINGLE_AZ_1` - A file system configured for Single-AZ redundancy. This is a first-generation FSx for ONTAP file system.\n- `SINGLE_AZ_2` - A file system configured with multiple high-availability (HA) pairs for Single-AZ redundancy. This is a second-generation FSx for ONTAP file system.\n\nFor information about the use cases for Multi-AZ and Single-AZ deployments, refer to [Choosing a file system deployment type](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-AZ.html) .", + "title": "DeploymentType", + "type": "string" }, - "Metadata": { - "type": "object" + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS configuration for the FSx for ONTAP file system.", + "title": "DiskIopsConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatastoreName": { - "markdownDescription": "The data store name.", - "title": "DatastoreName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data.", - "title": "KmsKeyArn", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags provided when creating a data store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "type": "object" + "EndpointIpAddressRange": { + "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API, Amazon FSx selects an unused IP address range for you from the 198.19.* range. By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses from the VPC\u2019s primary CIDR range to use as the endpoint IP address range for the file system. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", + "title": "EndpointIpAddressRange", + "type": "string" }, - "Type": { - "enum": [ - "AWS::HealthImaging::Datastore" - ], + "FsxAdminPassword": { + "markdownDescription": "The ONTAP administrative password for the `fsxadmin` user with which you administer your file system using the NetApp ONTAP CLI and REST API.", + "title": "FsxAdminPassword", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HAPairs": { + "markdownDescription": "Specifies how many high-availability (HA) pairs of file servers will power your file system. First-generation file systems are powered by 1 HA pair. Second-generation multi-AZ file systems are powered by 1 HA pair. Second generation single-AZ file systems are powered by up to 12 HA pairs. The default value is 1. The value of this property affects the values of `StorageCapacity` , `Iops` , and `ThroughputCapacity` . For more information, see [High-availability (HA) pairs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/administering-file-systems.html#HA-pairs) in the FSx for ONTAP user guide. Block storage protocol support (iSCSI and NVMe over TCP) is disabled on file systems with more than 6 HA pairs. For more information, see [Using block storage protocols](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/supported-fsx-clients.html#using-block-storage) .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `HAPairs` is less than 1 or greater than 12.\n- The value of `HAPairs` is greater than 1 and the value of `DeploymentType` is `SINGLE_AZ_1` , `MULTI_AZ_1` , or `MULTI_AZ_2` .", + "title": "HAPairs", + "type": "number" + }, + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` or `MULTI_AZ_2` . This specifies the subnet in which you want the preferred file server to be located.", + "title": "PreferredSubnetId", + "type": "string" + }, + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n\n> Amazon FSx manages these route tables for Multi-AZ file systems using tag-based authentication. These route tables are tagged with `Key: AmazonFSx; Value: ManagedByAmazonFSx` . When creating FSx for ONTAP Multi-AZ file systems using AWS CloudFormation we recommend that you add the `Key: AmazonFSx; Value: ManagedByAmazonFSx` tag manually.", + "title": "RouteTableIds", + "type": "array" + }, + "ThroughputCapacity": { + "markdownDescription": "Sets the throughput capacity for the file system that you're creating in megabytes per second (MBps). For more information, see [Managing throughput capacity](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) in the FSx for ONTAP User Guide.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value.\n- The value of `ThroughputCapacity` when divided by the value of `HAPairs` is outside of the valid range for `ThroughputCapacity` .", + "title": "ThroughputCapacity", + "type": "number" + }, + "ThroughputCapacityPerHAPair": { + "markdownDescription": "Use to choose the throughput capacity per HA pair, rather than the total throughput for the file system.\n\nYou can define either the `ThroughputCapacityPerHAPair` or the `ThroughputCapacity` when creating a file system, but not both.\n\nThis field and `ThroughputCapacity` are the same for file systems powered by one HA pair.\n\n- For `SINGLE_AZ_1` and `MULTI_AZ_1` file systems, valid values are 128, 256, 512, 1024, 2048, or 4096 MBps.\n- For `SINGLE_AZ_2` , valid values are 1536, 3072, or 6144 MBps.\n- For `MULTI_AZ_2` , valid values are 384, 768, 1536, 3072, or 6144 MBps.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value for file systems with one HA pair.\n- The value of deployment type is `SINGLE_AZ_2` and `ThroughputCapacity` / `ThroughputCapacityPerHAPair` is not a valid HA pair (a value between 1 and 12).\n- The value of `ThroughputCapacityPerHAPair` is not a valid value.", + "title": "ThroughputCapacityPerHAPair", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", "type": "string" } }, "required": [ - "Type" + "DeploymentType" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore": { + "AWS::FSx::FileSystem.OpenZFSConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "CopyTagsToBackups": { + "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to backups. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToBackups", + "type": "boolean" + }, + "CopyTagsToVolumes": { + "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to volumes. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to volumes where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to volumes. If you specify one or more tags when creating the volume, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToVolumes", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeploymentType": { + "markdownDescription": "Specifies the file system deployment type. Valid values are the following:\n\n- `MULTI_AZ_1` - Creates file systems with high availability and durability by replicating your data and supporting failover across multiple Availability Zones in the same AWS Region .\n- `SINGLE_AZ_HA_2` - Creates file systems with high availability and throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_HA_1` - Creates file systems with high availability and throughput capacities of 64 - 4,096 MB/s by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_2` - Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache that automatically recover within a single Availability Zone.\n- `SINGLE_AZ_1` - Creates file systems with throughput capacities of 64 - 4,096 MBs that automatically recover within a single Availability Zone.\n\nFor a list of which AWS Regions each deployment type is available in, see [Deployment type availability](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) . For more information on the differences in performance between deployment types, see [File system performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "DeploymentType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS file system. By default, Amazon FSx automatically provisions 3 IOPS per GB of storage capacity. You can provision additional IOPS per GB of storage. The configuration consists of the total number of provisioned SSD IOPS and how it is was provisioned, or the mode (by the customer or by Amazon FSx).", + "title": "DiskIopsConfiguration" }, - "Metadata": { - "type": "object" + "EndpointIpAddressRange": { + "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API and Amazon FSx console, Amazon FSx selects an available /28 IP address range for you from one of the VPC's CIDR ranges. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", + "title": "EndpointIpAddressRange", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatastoreName": { - "markdownDescription": "The data store name (user-generated).", - "title": "DatastoreName", - "type": "string" - }, - "DatastoreTypeVersion": { - "markdownDescription": "The FHIR release version supported by the data store. Current support is for version `R4` .", - "title": "DatastoreTypeVersion", - "type": "string" - }, - "IdentityProviderConfiguration": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration", - "markdownDescription": "The identity provider configuration selected when the data store was created.", - "title": "IdentityProviderConfiguration" - }, - "PreloadDataConfig": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.PreloadDataConfig", - "markdownDescription": "The preloaded Synthea data configuration for the data store.", - "title": "PreloadDataConfig" - }, - "SseConfiguration": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.SseConfiguration", - "markdownDescription": "The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.", - "title": "SseConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "Options": { + "items": { + "type": "string" }, - "required": [ - "DatastoreTypeVersion" - ], - "type": "object" + "markdownDescription": "To delete a file system if there are child volumes present below the root volume, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` . If your file system has child volumes and you don't use this option, the delete request will fail.", + "title": "Options", + "type": "array" }, - "Type": { - "enum": [ - "AWS::HealthLake::FHIRDatastore" - ], + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located.", + "title": "PreferredSubnetId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ReadCacheConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.ReadCacheConfiguration", + "markdownDescription": "Specifies the optional provisioned SSD read cache on file systems that use the Intelligent-Tiering storage class.", + "title": "ReadCacheConfiguration" + }, + "RootVolumeConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.RootVolumeConfiguration", + "markdownDescription": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", + "title": "RootVolumeConfiguration" + }, + "RouteTableIds": { + "items": { + "type": "string" + }, + "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", + "title": "RouteTableIds", + "type": "array" + }, + "ThroughputCapacity": { + "markdownDescription": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Required if you are creating a new file system.\n\nValid values depend on the `DeploymentType` that you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "title": "WeeklyMaintenanceStartTime", "type": "string" } }, "required": [ - "Type", - "Properties" + "DeploymentType" ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.CreatedAt": { + "AWS::FSx::FileSystem.ReadCacheConfiguration": { "additionalProperties": false, "properties": { - "Nanos": { - "markdownDescription": "", - "title": "Nanos", + "SizeGiB": { + "markdownDescription": "Required if `SizingMode` is set to `USER_PROVISIONED` . Specifies the size of the file system's SSD read cache, in gibibytes (GiB).", + "title": "SizeGiB", "type": "number" }, - "Seconds": { - "markdownDescription": "", - "title": "Seconds", + "SizingMode": { + "markdownDescription": "Specifies how the provisioned SSD read cache is sized, as follows:\n\n- Set to `NO_CACHE` if you do not want to use an SSD read cache with your Intelligent-Tiering file system.\n- Set to `USER_PROVISIONED` to specify the exact size of your SSD read cache.\n- Set to `PROPORTIONAL_TO_THROUGHPUT_CAPACITY` to have your SSD read cache automatically sized based on your throughput capacity.", + "title": "SizingMode", "type": "string" } }, - "required": [ - "Nanos", - "Seconds" - ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration": { + "AWS::FSx::FileSystem.RootVolumeConfiguration": { "additionalProperties": false, "properties": { - "AuthorizationStrategy": { - "markdownDescription": "The authorization strategy selected when the HealthLake data store is created.\n\n> HealthLake provides support for both SMART on FHIR V1 and V2 as described below.\n> \n> - `SMART_ON_FHIR_V1` \u2013 Support for only SMART on FHIR V1, which includes `read` (read/search) and `write` (create/update/delete) permissions.\n> - `SMART_ON_FHIR` \u2013 Support for both SMART on FHIR V1 and V2, which includes `create` , `read` , `update` , `delete` , and `search` permissions.\n> - `AWS_AUTH` \u2013 The default HealthLake authorization strategy; not affiliated with SMART on FHIR.", - "title": "AuthorizationStrategy", + "CopyTagsToSnapshots": { + "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots of the volume. This value defaults to `false` . If it's set to `true` , all tags for the volume are copied to snapshots where the user doesn't specify tags. If this value is `true` and you specify one or more tags, only the specified tags are copied to snapshots. If you specify one or more tags when creating the snapshot, no tags are copied from the volume, regardless of this value.", + "title": "CopyTagsToSnapshots", + "type": "boolean" + }, + "DataCompressionType": { + "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", + "title": "DataCompressionType", "type": "string" }, - "FineGrainedAuthorizationEnabled": { - "markdownDescription": "The parameter to enable SMART on FHIR fine-grained authorization for the data store.", - "title": "FineGrainedAuthorizationEnabled", + "NfsExports": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.NfsExports" + }, + "markdownDescription": "The configuration object for mounting a file system.", + "title": "NfsExports", + "type": "array" + }, + "ReadOnly": { + "markdownDescription": "A Boolean value indicating whether the volume is read-only. Setting this value to `true` can be useful after you have completed changes to a volume and no longer want changes to occur.", + "title": "ReadOnly", "type": "boolean" }, - "IdpLambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.", - "title": "IdpLambdaArn", - "type": "string" + "RecordSizeKiB": { + "markdownDescription": "Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB. The default is 128 KiB. Most workloads should use the default record size. Database workflows can benefit from a smaller record size, while streaming workflows can benefit from a larger record size. For additional guidance on setting a custom record size, see [Tips for maximizing performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#performance-tips-zfs) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "RecordSizeKiB", + "type": "number" }, - "Metadata": { - "markdownDescription": "The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see [Metadata](https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata) in SMART's App Launch specification.\n\n`authorization_endpoint` : The URL to the OAuth2 authorization endpoint.\n\n`grant_types_supported` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are `authorization_code` and `client_credentials` .\n\n`token_endpoint` : The URL to the OAuth2 token endpoint.\n\n`capabilities` : An array of strings of the SMART capabilities that the authorization server supports.\n\n`code_challenge_methods_supported` : An array of strings of supported PKCE code challenge methods. You must include the `S256` method in the array of PKCE code challenge methods.", - "title": "Metadata", - "type": "string" + "UserAndGroupQuotas": { + "items": { + "$ref": "#/definitions/AWS::FSx::FileSystem.UserAndGroupQuotas" + }, + "markdownDescription": "An object specifying how much storage users or groups can use on the volume.", + "title": "UserAndGroupQuotas", + "type": "array" } }, - "required": [ - "AuthorizationStrategy" - ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig": { + "AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration": { "additionalProperties": false, "properties": { - "CmkType": { - "markdownDescription": "The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see [KmsEncryptionConfig](https://docs.aws.amazon.com/healthlake/latest/APIReference/API_KmsEncryptionConfig.html#HealthLake-Type-KmsEncryptionConfig-CmkType) .", - "title": "CmkType", + "DnsIps": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", + "title": "DnsIps", + "type": "array" + }, + "DomainName": { + "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", + "title": "DomainName", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.", - "title": "KmsKeyId", + "FileSystemAdministratorsGroup": { + "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", + "title": "FileSystemAdministratorsGroup", + "type": "string" + }, + "OrganizationalUnitDistinguishedName": { + "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", + "title": "OrganizationalUnitDistinguishedName", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", + "title": "Password", + "type": "string" + }, + "UserName": { + "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", + "title": "UserName", "type": "string" } }, - "required": [ - "CmkType" - ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.PreloadDataConfig": { + "AWS::FSx::FileSystem.UserAndGroupQuotas": { "additionalProperties": false, "properties": { - "PreloadDataType": { - "markdownDescription": "The type of preloaded data. Only Synthea preloaded data is supported.", - "title": "PreloadDataType", + "Id": { + "markdownDescription": "The ID of the user or group that the quota applies to.", + "title": "Id", + "type": "number" + }, + "StorageCapacityQuotaGiB": { + "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", + "title": "StorageCapacityQuotaGiB", + "type": "number" + }, + "Type": { + "markdownDescription": "Specifies whether the quota applies to a user or group.", + "title": "Type", "type": "string" } }, - "required": [ - "PreloadDataType" - ], "type": "object" }, - "AWS::HealthLake::FHIRDatastore.SseConfiguration": { + "AWS::FSx::FileSystem.WindowsConfiguration": { "additionalProperties": false, "properties": { - "KmsEncryptionConfig": { - "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig", - "markdownDescription": "The server-side encryption key configuration for a customer provided encryption key.", - "title": "KmsEncryptionConfig" + "ActiveDirectoryId": { + "markdownDescription": "The ID for an existing AWS Managed Microsoft Active Directory (AD) instance that the file system should join when it's created. Required if you are joining the file system to an existing AWS Managed Microsoft AD.", + "title": "ActiveDirectoryId", + "type": "string" + }, + "Aliases": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of one or more DNS alias names that you want to associate with the Amazon FSx file system. Aliases allow you to use existing DNS names to access the data in your Amazon FSx file system. You can associate up to 50 aliases with a file system at any time.\n\nFor more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) and [Walkthrough 5: Using DNS aliases to access your file system](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/walkthrough05-file-system-custom-CNAME.html) , including additional steps you must take to be able to access your file system using a DNS alias.\n\nAn alias name has to meet the following requirements:\n\n- Formatted as a fully-qualified domain name (FQDN), `hostname.domain` , for example, `accounting.example.com` .\n- Can contain alphanumeric characters, the underscore (_), and the hyphen (-).\n- Cannot start or end with a hyphen.\n- Can start with a numeric.\n\nFor DNS alias names, Amazon FSx stores alphabetical characters as lowercase letters (a-z), regardless of how you specify them: as uppercase letters, lowercase letters, or the corresponding letters in escape codes.", + "title": "Aliases", + "type": "array" + }, + "AuditLogConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.AuditLogConfiguration", + "markdownDescription": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system.", + "title": "AuditLogConfiguration" + }, + "AutomaticBackupRetentionDays": { + "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", + "title": "AutomaticBackupRetentionDays", + "type": "number" + }, + "CopyTagsToBackups": { + "markdownDescription": "A boolean flag indicating whether tags for the file system should be copied to backups. This value defaults to false. If it's set to true, all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", + "title": "CopyTagsToBackups", + "type": "boolean" + }, + "DailyAutomaticBackupStartTime": { + "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", + "title": "DailyAutomaticBackupStartTime", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Specifies the file system deployment type, valid values are the following:\n\n- `MULTI_AZ_1` - Deploys a high availability file system that is configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. You can only deploy a Multi-AZ file system in AWS Regions that have a minimum of three Availability Zones. Also supports HDD storage type\n- `SINGLE_AZ_1` - (Default) Choose to deploy a file system that is configured for single AZ redundancy.\n- `SINGLE_AZ_2` - The latest generation Single AZ file system. Specifies a file system that is configured for single AZ redundancy and supports HDD storage type.\n\nFor more information, see [Availability and Durability: Single-AZ and Multi-AZ File Systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) .", + "title": "DeploymentType", + "type": "string" + }, + "DiskIopsConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", + "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", + "title": "DiskIopsConfiguration" + }, + "PreferredSubnetId": { + "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", + "title": "PreferredSubnetId", + "type": "string" + }, + "SelfManagedActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration", + "markdownDescription": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [Using Amazon FSx for Windows with your self-managed Microsoft Active Directory](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) or [Managing FSx for ONTAP SVMs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) .", + "title": "SelfManagedActiveDirectoryConfiguration" + }, + "ThroughputCapacity": { + "markdownDescription": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", + "title": "ThroughputCapacity", + "type": "number" + }, + "WeeklyMaintenanceStartTime": { + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.", + "title": "WeeklyMaintenanceStartTime", + "type": "string" } }, "required": [ - "KmsEncryptionConfig" + "ThroughputCapacity" ], "type": "object" }, - "AWS::IAM::AccessKey": { + "AWS::FSx::S3AccessPointAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -113964,30 +123450,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Serial": { - "markdownDescription": "This value is specific to CloudFormation and can only be *incremented* . Incrementing this value notifies CloudFormation that you want to rotate your access key. When you update your stack, CloudFormation will replace the existing access key with a new key.", - "title": "Serial", - "type": "number" - }, - "Status": { - "markdownDescription": "The status of the access key. `Active` means that the key is valid for API calls, while `Inactive` means it is not.", - "title": "Status", + "Name": { + "markdownDescription": "The name of the S3 access point attachment; also used for the name of the S3 access point.", + "title": "Name", "type": "string" }, - "UserName": { - "markdownDescription": "The name of the IAM user that the new key will belong to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "UserName", + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPointOpenZFSConfiguration", + "markdownDescription": "The OpenZFSConfiguration of the S3 access point attachment.", + "title": "OpenZFSConfiguration" + }, + "S3AccessPoint": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPoint", + "markdownDescription": "The S3 access point configuration of the S3 access point attachment.", + "title": "S3AccessPoint" + }, + "Type": { + "markdownDescription": "The type of Amazon FSx volume that the S3 access point is attached to.", + "title": "Type", "type": "string" } }, "required": [ - "UserName" + "Name", + "OpenZFSConfiguration", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::AccessKey" + "AWS::FSx::S3AccessPointAttachment" ], "type": "string" }, @@ -114006,111 +123499,129 @@ ], "type": "object" }, - "AWS::IAM::Group": { + "AWS::FSx::S3AccessPointAttachment.FileSystemGID": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Gid": { + "markdownDescription": "The GID of the file system user.", + "title": "Gid", + "type": "number" + } + }, + "required": [ + "Gid" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.OpenZFSFileSystemIdentity": { + "additionalProperties": false, + "properties": { + "PosixUser": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.OpenZFSPosixFileSystemUser", + "markdownDescription": "Specifies the UID and GIDs of the file system POSIX user.", + "title": "PosixUser" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Type": { + "markdownDescription": "Specifies the FSx for OpenZFS user identity type, accepts only `POSIX` .", + "title": "Type", "type": "string" + } + }, + "required": [ + "PosixUser", + "Type" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.OpenZFSPosixFileSystemUser": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The GID of the file system user.", + "title": "Gid", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SecondaryGids": { + "items": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.FileSystemGID" + }, + "markdownDescription": "The list of secondary GIDs for the file system user.", + "title": "SecondaryGids", + "type": "array" }, - "Metadata": { - "type": "object" + "Uid": { + "markdownDescription": "The UID of the file system user.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.S3AccessPoint": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "The S3 access point's alias.", + "title": "Alias", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupName": { - "markdownDescription": "The name of the group to create. Do not include the path in this value.\n\nThe group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "GroupName", - "type": "string" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" - }, - "Path": { - "markdownDescription": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", - "type": "string" - }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::Group.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an IAM Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group) .\n\n> The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a group, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", - "title": "Policies", - "type": "array" - } - }, + "Policy": { + "markdownDescription": "The S3 access point's policy.", + "title": "Policy", "type": "object" }, - "Type": { - "enum": [ - "AWS::IAM::Group" - ], + "ResourceARN": { + "markdownDescription": "The S3 access point's ARN.", + "title": "ResourceARN", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VpcConfiguration": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.S3AccessPointVpcConfiguration", + "markdownDescription": "The S3 access point's virtual private cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "type": "object" + }, + "AWS::FSx::S3AccessPointAttachment.S3AccessPointOpenZFSConfiguration": { + "additionalProperties": false, + "properties": { + "FileSystemIdentity": { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment.OpenZFSFileSystemIdentity", + "markdownDescription": "The file system identity used to authorize file access requests made using the S3 access point.", + "title": "FileSystemIdentity" + }, + "VolumeId": { + "markdownDescription": "The ID of the FSx for OpenZFS volume that the S3 access point is attached to.", + "title": "VolumeId", "type": "string" } }, "required": [ - "Type" + "FileSystemIdentity", + "VolumeId" ], "type": "object" }, - "AWS::IAM::Group.Policy": { + "AWS::FSx::S3AccessPointAttachment.S3AccessPointVpcConfiguration": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.", - "title": "PolicyDocument", - "type": "object" - }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", + "VpcId": { + "markdownDescription": "Specifies the virtual private cloud (VPC) for the S3 access point VPC configuration, if one exists.", + "title": "VpcId", "type": "string" } }, "required": [ - "PolicyDocument", - "PolicyName" + "VpcId" ], "type": "object" }, - "AWS::IAM::GroupPolicy": { + "AWS::FSx::Snapshot": { "additionalProperties": false, "properties": { "Condition": { @@ -114145,31 +123656,34 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", - "title": "GroupName", + "Name": { + "markdownDescription": "The name of the snapshot.", + "title": "Name", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "title": "Tags", + "type": "array" }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", + "VolumeId": { + "markdownDescription": "The ID of the volume that the snapshot is of.", + "title": "VolumeId", "type": "string" } }, "required": [ - "GroupName", - "PolicyName" + "Name", + "VolumeId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::GroupPolicy" + "AWS::FSx::Snapshot" ], "type": "string" }, @@ -114188,7 +123702,7 @@ ], "type": "object" }, - "AWS::IAM::InstanceProfile": { + "AWS::FSx::StorageVirtualMachine": { "additionalProperties": false, "properties": { "Condition": { @@ -114223,33 +123737,49 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceProfileName": { - "markdownDescription": "The name of the instance profile to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "InstanceProfileName", + "ActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration", + "markdownDescription": "Describes the Microsoft Active Directory configuration to which the SVM is joined, if applicable.", + "title": "ActiveDirectoryConfiguration" + }, + "FileSystemId": { + "markdownDescription": "Specifies the FSx for ONTAP file system on which to create the SVM.", + "title": "FileSystemId", "type": "string" }, - "Path": { - "markdownDescription": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "Name": { + "markdownDescription": "The name of the SVM.", + "title": "Name", "type": "string" }, - "Roles": { + "RootVolumeSecurityStyle": { + "markdownDescription": "The security style of the root volume of the SVM. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Microsoft Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Microsoft Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style.html) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "RootVolumeSecurityStyle", + "type": "string" + }, + "SvmAdminPassword": { + "markdownDescription": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's `fsxadmin` user to manage the SVM. For more information, see [Managing SVMs using the NetApp ONTAP CLI](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-resources-ontap-apps.html#vsadmin-ontap-cli) in the *FSx for ONTAP User Guide* .", + "title": "SvmAdminPassword", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions.", - "title": "Roles", + "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", + "title": "Tags", "type": "array" } }, "required": [ - "Roles" + "FileSystemId", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::InstanceProfile" + "AWS::FSx::StorageVirtualMachine" ], "type": "string" }, @@ -114268,7 +123798,62 @@ ], "type": "object" }, - "AWS::IAM::ManagedPolicy": { + "AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration": { + "additionalProperties": false, + "properties": { + "NetBiosName": { + "markdownDescription": "The NetBIOS name of the Active Directory computer object that will be created for your SVM.", + "title": "NetBiosName", + "type": "string" + }, + "SelfManagedActiveDirectoryConfiguration": { + "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration", + "markdownDescription": "The configuration that Amazon FSx uses to join the ONTAP storage virtual machine (SVM) to your self-managed (including on-premises) Microsoft Active Directory directory.", + "title": "SelfManagedActiveDirectoryConfiguration" + } + }, + "type": "object" + }, + "AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration": { + "additionalProperties": false, + "properties": { + "DnsIps": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", + "title": "DnsIps", + "type": "array" + }, + "DomainName": { + "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", + "title": "DomainName", + "type": "string" + }, + "FileSystemAdministratorsGroup": { + "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", + "title": "FileSystemAdministratorsGroup", + "type": "string" + }, + "OrganizationalUnitDistinguishedName": { + "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", + "title": "OrganizationalUnitDistinguishedName", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", + "title": "Password", + "type": "string" + }, + "UserName": { + "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", + "title": "UserName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::Volume": { "additionalProperties": false, "properties": { "Condition": { @@ -114303,59 +123888,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A friendly description of the policy.\n\nTypically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n\nThe policy description is immutable. After a value is assigned, it cannot be changed.", - "title": "Description", + "BackupId": { + "markdownDescription": "Specifies the ID of the volume backup to use to create a new volume.", + "title": "BackupId", "type": "string" }, - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name (friendly name, not ARN) of the group to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Groups", - "type": "array" - }, - "ManagedPolicyName": { - "markdownDescription": "The friendly name of the policy.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "ManagedPolicyName", + "Name": { + "markdownDescription": "The name of the volume.", + "title": "Name", "type": "string" }, - "Path": { - "markdownDescription": "The path for the policy.\n\nFor more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> You cannot use an asterisk (*) in the path name.", - "title": "Path", - "type": "string" + "OntapConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.OntapConfiguration", + "markdownDescription": "The configuration of an Amazon FSx for NetApp ONTAP volume.", + "title": "OntapConfiguration" }, - "PolicyDocument": { - "markdownDescription": "The JSON policy document that you want to use as the content for the new policy.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and AWS STS character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length) .\n\nTo learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide* .\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" + "OpenZFSConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.OpenZFSConfiguration", + "markdownDescription": "The configuration of an Amazon FSx for OpenZFS volume.", + "title": "OpenZFSConfiguration" }, - "Roles": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The name (friendly name, not ARN) of the role to attach the policy to.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Roles", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Users", - "type": "array" + "VolumeType": { + "markdownDescription": "The type of the volume.", + "title": "VolumeType", + "type": "string" } }, "required": [ - "PolicyDocument" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::ManagedPolicy" + "AWS::FSx::Volume" ], "type": "string" }, @@ -114374,195 +123948,378 @@ ], "type": "object" }, - "AWS::IAM::OIDCProvider": { + "AWS::FSx::Volume.AggregateConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "Aggregates": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregates that this volume resides on. Aggregates are storage pools which make up your primary storage tier. Each high-availability (HA) pair has one aggregate. The names of the aggregates map to the names of the aggregates in the ONTAP CLI and REST API. For FlexVols, there will always be a single entry.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The strings in the value of `Aggregates` are not are not formatted as `aggrX` , where X is a number between 1 and 12.\n- The value of `Aggregates` contains aggregates that are not present.\n- One or more of the aggregates supplied are too close to the volume limit to support adding more volumes.", + "title": "Aggregates", + "type": "array" + }, + "ConstituentsPerAggregate": { + "markdownDescription": "Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. This field is optional when creating a FlexGroup volume. If unspecified, the default value will be 8. This field cannot be provided when creating a FlexVol volume.", + "title": "ConstituentsPerAggregate", + "type": "number" + } + }, + "type": "object" + }, + "AWS::FSx::Volume.AutocommitPeriod": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Defines the type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. The default value is `NONE` .", + "title": "Type", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "Defines the amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. The following ranges are valid:\n\n- `Minutes` : 5 - 65,535\n- `Hours` : 1 - 65,535\n- `Days` : 1 - 3,650\n- `Months` : 1 - 120\n- `Years` : 1 - 10", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::FSx::Volume.ClientConfigurations": { + "additionalProperties": false, + "properties": { + "Clients": { + "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", + "title": "Clients", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Options": { + "items": { + "type": "string" + }, + "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", + "title": "Options", + "type": "array" + } + }, + "required": [ + "Clients", + "Options" + ], + "type": "object" + }, + "AWS::FSx::Volume.NfsExports": { + "additionalProperties": false, + "properties": { + "ClientConfigurations": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.ClientConfigurations" + }, + "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", + "title": "ClientConfigurations", + "type": "array" + } + }, + "required": [ + "ClientConfigurations" + ], + "type": "object" + }, + "AWS::FSx::Volume.OntapConfiguration": { + "additionalProperties": false, + "properties": { + "AggregateConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.AggregateConfiguration", + "markdownDescription": "Used to specify the configuration options for an FSx for ONTAP volume's storage aggregate or aggregates.", + "title": "AggregateConfiguration" }, - "Metadata": { - "type": "object" + "CopyTagsToBackups": { + "markdownDescription": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to false. If it's set to true, all tags for the volume are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the volume, regardless of this value.", + "title": "CopyTagsToBackups", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClientIdList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", - "title": "ClientIdList", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", - "title": "Tags", - "type": "array" - }, - "ThumbprintList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .\n\nThis property is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate.", - "title": "ThumbprintList", - "type": "array" - }, - "Url": { - "markdownDescription": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", - "title": "Url", - "type": "string" - } - }, - "required": [ - "ThumbprintList" - ], - "type": "object" + "JunctionPath": { + "markdownDescription": "Specifies the location in the SVM's namespace where the volume is mounted. This parameter is required. The `JunctionPath` must have a leading forward slash, such as `/vol3` .", + "title": "JunctionPath", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IAM::OIDCProvider" - ], + "OntapVolumeType": { + "markdownDescription": "Specifies the type of volume you are creating. Valid values are the following:\n\n- `RW` specifies a read/write volume. `RW` is the default.\n- `DP` specifies a data-protection volume. A `DP` volume is read-only and can be used as the destination of a NetApp SnapMirror relationship.\n\nFor more information, see [Volume types](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-types) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "OntapVolumeType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SecurityStyle": { + "markdownDescription": "Specifies the security style for the volume. If a volume's security style is not specified, it is automatically set to the root volume's security style. The security style determines the type of permissions that FSx for ONTAP uses to control data access. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see the topic [What the security styles and their effects are](https://docs.aws.amazon.com/https://docs.netapp.com/us-en/ontap/nfs-admin/security-styles-their-effects-concept.html) in the NetApp Documentation Center.\n\nFor more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-security-style) in the FSx for ONTAP User Guide.", + "title": "SecurityStyle", + "type": "string" + }, + "SizeInBytes": { + "markdownDescription": "Specifies the configured size of the volume, in bytes.", + "title": "SizeInBytes", + "type": "string" + }, + "SizeInMegabytes": { + "markdownDescription": "Use `SizeInBytes` instead. Specifies the size of the volume, in megabytes (MB), that you are creating.", + "title": "SizeInMegabytes", + "type": "string" + }, + "SnaplockConfiguration": { + "$ref": "#/definitions/AWS::FSx::Volume.SnaplockConfiguration", + "markdownDescription": "The SnapLock configuration object for an FSx for ONTAP SnapLock volume.", + "title": "SnaplockConfiguration" + }, + "SnapshotPolicy": { + "markdownDescription": "Specifies the snapshot policy for the volume. There are three built-in snapshot policies:\n\n- `default` : This is the default policy. A maximum of six hourly snapshots taken five minutes past the hour. A maximum of two daily snapshots taken Monday through Saturday at 10 minutes after midnight. A maximum of two weekly snapshots taken every Sunday at 15 minutes after midnight.\n- `default-1weekly` : This policy is the same as the `default` policy except that it only retains one snapshot from the weekly schedule.\n- `none` : This policy does not take any snapshots. This policy can be assigned to volumes to prevent automatic snapshots from being taken.\n\nYou can also provide the name of a custom policy that you created with the ONTAP CLI or REST API.\n\nFor more information, see [Snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "SnapshotPolicy", + "type": "string" + }, + "StorageEfficiencyEnabled": { + "markdownDescription": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume, or set to false to disable them.\n\n`StorageEfficiencyEnabled` is required when creating a `RW` volume ( `OntapVolumeType` set to `RW` ).", + "title": "StorageEfficiencyEnabled", + "type": "string" + }, + "StorageVirtualMachineId": { + "markdownDescription": "Specifies the ONTAP SVM in which to create the volume.", + "title": "StorageVirtualMachineId", + "type": "string" + }, + "TieringPolicy": { + "$ref": "#/definitions/AWS::FSx::Volume.TieringPolicy", + "markdownDescription": "Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent tiering automatically transitions a volume's data between the file system's primary storage and capacity pool storage based on your access patterns.\n\nValid tiering policies are the following:\n\n- `SNAPSHOT_ONLY` - (Default value) moves cold snapshots to the capacity pool storage tier.\n\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", + "title": "TieringPolicy" + }, + "VolumeStyle": { + "markdownDescription": "Use to specify the style of an ONTAP volume. FSx for ONTAP offers two styles of volumes that you can use for different purposes, FlexVol and FlexGroup volumes. For more information, see [Volume styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-styles) in the Amazon FSx for NetApp ONTAP User Guide.", + "title": "VolumeStyle", "type": "string" } }, "required": [ - "Type", - "Properties" + "StorageVirtualMachineId" ], "type": "object" }, - "AWS::IAM::Policy": { + "AWS::FSx::Volume.OpenZFSConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "CopyTagsToSnapshots": { + "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots. This value defaults to `false` . If this value is set to `true` , and you do not specify any tags, all tags for the original volume are copied over to snapshots. If this value is\u00a0set to `true` , and you do specify one or more tags, only the specified tags for the original volume are copied over to snapshots. If you specify one or more tags when creating a new snapshot, no tags are copied over from the original volume, regardless of this value.", + "title": "CopyTagsToSnapshots", + "type": "boolean" + }, + "DataCompressionType": { + "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", + "title": "DataCompressionType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NfsExports": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.NfsExports" + }, + "markdownDescription": "The configuration object for mounting a Network File System (NFS) file system.", + "title": "NfsExports", + "type": "array" + }, + "Options": { + "items": { + "type": "string" + }, + "markdownDescription": "To delete the volume's child volumes, snapshots, and clones, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` .", + "title": "Options", + "type": "array" + }, + "OriginSnapshot": { + "$ref": "#/definitions/AWS::FSx::Volume.OriginSnapshot", + "markdownDescription": "The configuration object that specifies the snapshot to use as the origin of the data for the volume.", + "title": "OriginSnapshot" + }, + "ParentVolumeId": { + "markdownDescription": "The ID of the volume to use as the parent volume of the volume that you are creating.", + "title": "ParentVolumeId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ReadOnly": { + "markdownDescription": "A Boolean value indicating whether the volume is read-only.", + "title": "ReadOnly", + "type": "boolean" }, - "Metadata": { - "type": "object" + "RecordSizeKiB": { + "markdownDescription": "Specifies the suggested block size for a volume in a ZFS dataset, in kibibytes (KiB). For file systems using the Intelligent-Tiering storage class, valid values are 128, 256, 512, 1024, 2048, or 4096 KiB, with a default of 1024 KiB. For all other file systems, valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB, with a default of 128 KiB. We recommend using the default setting for the majority of use cases. Generally, workloads that write in fixed small or large record sizes may benefit from setting a custom record size, like database workloads (small record size) or media streaming workloads (large record size). For additional guidance on when to set a custom record size, see [ZFS Record size](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#record-size-performance) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "RecordSizeKiB", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Groups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", - "title": "Groups", - "type": "array" - }, - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" - }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", - "type": "string" - }, - "Roles": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Roles", - "type": "array" - }, - "Users": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Users", - "type": "array" - } + "StorageCapacityQuotaGiB": { + "markdownDescription": "Sets the maximum storage size in gibibytes (GiB) for the volume. You can specify a quota that is larger than the storage on the parent volume. A volume quota limits the amount of storage that the volume can consume to the configured amount, but does not guarantee the space will be available on the parent volume. To guarantee quota space, you must also set `StorageCapacityReservationGiB` . To *not* specify a storage capacity quota, set this to `-1` .\n\nFor more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageCapacityQuotaGiB", + "type": "number" + }, + "StorageCapacityReservationGiB": { + "markdownDescription": "Specifies the amount of storage in gibibytes (GiB) to reserve from the parent volume. Setting `StorageCapacityReservationGiB` guarantees that the specified amount of storage space on the parent volume will always be available for the volume. You can't reserve more storage than the parent volume has. To *not* specify a storage capacity reservation, set this to `0` or `-1` . For more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", + "title": "StorageCapacityReservationGiB", + "type": "number" + }, + "UserAndGroupQuotas": { + "items": { + "$ref": "#/definitions/AWS::FSx::Volume.UserAndGroupQuotas" }, - "required": [ - "PolicyDocument", - "PolicyName" - ], - "type": "object" + "markdownDescription": "Configures how much storage users and groups can use on the volume.", + "title": "UserAndGroupQuotas", + "type": "array" + } + }, + "required": [ + "ParentVolumeId" + ], + "type": "object" + }, + "AWS::FSx::Volume.OriginSnapshot": { + "additionalProperties": false, + "properties": { + "CopyStrategy": { + "markdownDescription": "Specifies the strategy used when copying data from the snapshot to the new volume.\n\n- `CLONE` - The new volume references the data in the origin snapshot. Cloning a snapshot is faster than copying data from the snapshot to a new volume and doesn't consume disk throughput. However, the origin snapshot can't be deleted if there is a volume using its copied data.\n- `FULL_COPY` - Copies all data from the snapshot to the new volume.\n\nSpecify this option to create the volume from a snapshot on another FSx for OpenZFS file system.\n\n> The `INCREMENTAL_COPY` option is only for updating an existing volume by using a snapshot from another FSx for OpenZFS file system. For more information, see [CopySnapshotAndUpdateVolume](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html) .", + "title": "CopyStrategy", + "type": "string" }, + "SnapshotARN": { + "markdownDescription": "Specifies the snapshot to use when creating an OpenZFS volume from a snapshot.", + "title": "SnapshotARN", + "type": "string" + } + }, + "required": [ + "CopyStrategy", + "SnapshotARN" + ], + "type": "object" + }, + "AWS::FSx::Volume.RetentionPeriod": { + "additionalProperties": false, + "properties": { "Type": { - "enum": [ - "AWS::IAM::Policy" - ], + "markdownDescription": "Defines the type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE` , the files are retained forever. If you set it to `UNSPECIFIED` , the files are retained until you set an explicit retention period.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "Defines the amount of time for the retention period of an FSx for ONTAP SnapLock volume. You can't set a value for `INFINITE` or `UNSPECIFIED` . For all other options, the following ranges are valid:\n\n- `Seconds` : 0 - 65,535\n- `Minutes` : 0 - 65,535\n- `Hours` : 0 - 24\n- `Days` : 0 - 365\n- `Months` : 0 - 12\n- `Years` : 0 - 100", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::FSx::Volume.SnaplockConfiguration": { + "additionalProperties": false, + "properties": { + "AuditLogVolume": { + "markdownDescription": "Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false` . If you set `AuditLogVolume` to `true` , the SnapLock volume is created as an audit log volume. The minimum retention period for an audit log volume is six months.\n\nFor more information, see [SnapLock audit log volumes](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume) .", + "title": "AuditLogVolume", + "type": "string" + }, + "AutocommitPeriod": { + "$ref": "#/definitions/AWS::FSx::Volume.AutocommitPeriod", + "markdownDescription": "The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume.", + "title": "AutocommitPeriod" + }, + "PrivilegedDelete": { + "markdownDescription": "Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock administrators to delete write once, read many (WORM) files even if they have active retention periods. `PERMANENTLY_DISABLED` is a terminal state. If privileged delete is permanently disabled on a SnapLock volume, you can't re-enable it. The default value is `DISABLED` .\n\nFor more information, see [Privileged delete](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete) .", + "title": "PrivilegedDelete", + "type": "string" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::FSx::Volume.SnaplockRetentionPeriod", + "markdownDescription": "Specifies the retention period of an FSx for ONTAP SnapLock volume.", + "title": "RetentionPeriod" + }, + "SnaplockType": { + "markdownDescription": "Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. You can choose one of the following retention modes:\n\n- `COMPLIANCE` : Files transitioned to write once, read many (WORM) on a Compliance volume can't be deleted until their retention periods expire. This retention mode is used to address government or industry-specific mandates or to protect against ransomware attacks. For more information, see [SnapLock Compliance](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html) .\n- `ENTERPRISE` : Files transitioned to WORM on an Enterprise volume can be deleted by authorized users before their retention periods expire using privileged delete. This retention mode is used to advance an organization's data integrity and internal compliance or to test retention settings before using SnapLock Compliance. For more information, see [SnapLock Enterprise](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html) .", + "title": "SnaplockType", + "type": "string" + }, + "VolumeAppendModeEnabled": { + "markdownDescription": "Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. Volume-append mode allows you to create WORM-appendable files and write data to them incrementally. The default value is `false` .\n\nFor more information, see [Volume-append mode](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append) .", + "title": "VolumeAppendModeEnabled", "type": "string" } }, "required": [ - "Type", - "Properties" + "SnaplockType" ], "type": "object" }, - "AWS::IAM::Role": { + "AWS::FSx::Volume.SnaplockRetentionPeriod": { + "additionalProperties": false, + "properties": { + "DefaultRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period.", + "title": "DefaultRetention" + }, + "MaximumRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", + "title": "MaximumRetention" + }, + "MinimumRetention": { + "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", + "markdownDescription": "The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", + "title": "MinimumRetention" + } + }, + "required": [ + "DefaultRetention", + "MaximumRetention", + "MinimumRetention" + ], + "type": "object" + }, + "AWS::FSx::Volume.TieringPolicy": { + "additionalProperties": false, + "properties": { + "CoolingPeriod": { + "markdownDescription": "Specifies the number of days that user data in a volume must remain inactive before it is considered \"cold\" and moved to the capacity pool. Used with the `AUTO` and `SNAPSHOT_ONLY` tiering policies. Enter a whole number between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY` .", + "title": "CoolingPeriod", + "type": "number" + }, + "Name": { + "markdownDescription": "Specifies the tiering policy used to transition data. Default value is `SNAPSHOT_ONLY` .\n\n- `SNAPSHOT_ONLY` - moves cold snapshots to the capacity pool storage tier.\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FSx::Volume.UserAndGroupQuotas": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the user or group that the quota applies to.", + "title": "Id", + "type": "number" + }, + "StorageCapacityQuotaGiB": { + "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", + "title": "StorageCapacityQuotaGiB", + "type": "number" + }, + "Type": { + "markdownDescription": "Specifies whether the quota applies to a user or group.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Id", + "StorageCapacityQuotaGiB", + "Type" + ], + "type": "object" + }, + "AWS::FinSpace::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -114597,69 +124354,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AssumeRolePolicyDocument": { - "markdownDescription": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples) . For more information about the elements that you can use in an IAM policy, see [IAM Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *IAM User Guide* .", - "title": "AssumeRolePolicyDocument", - "type": "object" - }, "Description": { - "markdownDescription": "A description of the role that you provide.", + "markdownDescription": "The description of the FinSpace environment.", "title": "Description", "type": "string" }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" + "FederationMode": { + "markdownDescription": "The authentication mode for the environment.", + "title": "FederationMode", + "type": "string" }, - "MaxSessionDuration": { - "markdownDescription": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n\nAnyone who assumes the role from the AWS CLI or API can use the `DurationSeconds` API parameter or the `duration-seconds` AWS CLI parameter to request a longer session. The `MaxSessionDuration` setting determines the maximum duration that can be requested using the `DurationSeconds` parameter. If users don't specify a value for the `DurationSeconds` parameter, their security credentials are valid for one hour by default. This applies when you use the `AssumeRole*` API operations or the `assume-role*` AWS CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide* .", - "title": "MaxSessionDuration", - "type": "number" + "FederationParameters": { + "$ref": "#/definitions/AWS::FinSpace::Environment.FederationParameters", + "markdownDescription": "Configuration information when authentication mode is FEDERATED.", + "title": "FederationParameters" }, - "Path": { - "markdownDescription": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "KmsKeyId": { + "markdownDescription": "The KMS key id used to encrypt in the FinSpace environment.", + "title": "KmsKeyId", "type": "string" }, - "PermissionsBoundary": { - "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role.\n\nFor more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .", - "title": "PermissionsBoundary", + "Name": { + "markdownDescription": "The name of the FinSpace environment.", + "title": "Name", "type": "string" }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::IAM::Role.Policy" - }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", - "title": "Policies", - "type": "array" - }, - "RoleName": { - "markdownDescription": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "RoleName", - "type": "string" + "SuperuserParameters": { + "$ref": "#/definitions/AWS::FinSpace::Environment.SuperuserParameters", + "markdownDescription": "Configuration information for the superuser.", + "title": "SuperuserParameters" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "AssumeRolePolicyDocument" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::Role" + "AWS::FinSpace::Environment" ], "type": "string" }, @@ -114678,105 +124419,83 @@ ], "type": "object" }, - "AWS::IAM::Role.Policy": { + "AWS::FinSpace::Environment.AttributeMapItems": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", - "title": "PolicyDocument", - "type": "object" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, - "required": [ - "PolicyDocument", - "PolicyName" - ], "type": "object" }, - "AWS::IAM::RolePolicy": { + "AWS::FinSpace::Environment.FederationParameters": { "additionalProperties": false, "properties": { - "Condition": { + "ApplicationCallBackURL": { + "markdownDescription": "The redirect or sign-in URL that should be entered into the SAML 2.0 compliant identity provider configuration (IdP).", + "title": "ApplicationCallBackURL", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttributeMap": { + "items": { + "$ref": "#/definitions/AWS::FinSpace::Environment.AttributeMapItems" + }, + "markdownDescription": "SAML attribute name and value. The name must always be `Email` and the value should be set to the attribute definition in which user email is set. For example, name would be `Email` and value `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` . Please check your SAML 2.0 compliant identity provider (IdP) documentation for details.", + "title": "AttributeMap", + "type": "array" + }, + "FederationProviderName": { + "markdownDescription": "Name of the identity provider (IdP).", + "title": "FederationProviderName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FederationURN": { + "markdownDescription": "The Uniform Resource Name (URN). Also referred as Service Provider URN or Audience URI or Service Provider Entity ID.", + "title": "FederationURN", + "type": "string" }, - "Metadata": { - "type": "object" + "SamlMetadataDocument": { + "markdownDescription": "SAML 2.0 Metadata document from identity provider (IdP).", + "title": "SamlMetadataDocument", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" - }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", - "type": "string" - }, - "RoleName": { - "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "RoleName", - "type": "string" - } - }, - "required": [ - "PolicyName", - "RoleName" - ], - "type": "object" + "SamlMetadataURL": { + "markdownDescription": "Provide the metadata URL from your SAML 2.0 compliant identity provider (IdP).", + "title": "SamlMetadataURL", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FinSpace::Environment.SuperuserParameters": { + "additionalProperties": false, + "properties": { + "EmailAddress": { + "markdownDescription": "The email address of the superuser.", + "title": "EmailAddress", + "type": "string" }, - "Type": { - "enum": [ - "AWS::IAM::RolePolicy" - ], + "FirstName": { + "markdownDescription": "The first name of the superuser.", + "title": "FirstName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LastName": { + "markdownDescription": "The last name of the superuser.", + "title": "LastName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IAM::SAMLProvider": { + "AWS::Forecast::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -114811,33 +124530,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "Name", + "DataFrequency": { + "markdownDescription": "The frequency of data collection. This parameter is required for RELATED_TIME_SERIES datasets.\n\nValid intervals are an integer followed by Y (Year), M (Month), W (Week), D (Day), H (Hour), and min (Minute). For example, \"1D\" indicates every day and \"15min\" indicates every 15 minutes. You cannot specify a value that would overlap with the next larger frequency. That means, for example, you cannot specify a frequency of 60 minutes, because that is equivalent to 1 hour. The valid values for each frequency are the following:\n\n- Minute - 1-59\n- Hour - 1-23\n- Day - 1-6\n- Week - 1-4\n- Month - 1-11\n- Year - 1\n\nThus, if you want every other week forecasts, specify \"2W\". Or, if you want quarterly forecasts, you specify \"3M\".", + "title": "DataFrequency", "type": "string" }, - "SamlMetadataDocument": { - "markdownDescription": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*", - "title": "SamlMetadataDocument", + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", + "type": "string" + }, + "DatasetType": { + "markdownDescription": "The dataset type.", + "title": "DatasetType", "type": "string" }, + "Domain": { + "markdownDescription": "The domain associated with the dataset.", + "title": "Domain", + "type": "string" + }, + "EncryptionConfig": { + "$ref": "#/definitions/AWS::Forecast::Dataset.EncryptionConfig", + "markdownDescription": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key.", + "title": "EncryptionConfig" + }, + "Schema": { + "$ref": "#/definitions/AWS::Forecast::Dataset.Schema", + "markdownDescription": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) .", + "title": "Schema" + }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Forecast::Dataset.TagsItems" }, - "markdownDescription": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "SamlMetadataDocument" + "DatasetName", + "DatasetType", + "Domain", + "Schema" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::SAMLProvider" + "AWS::Forecast::Dataset" ], "type": "string" }, @@ -114856,98 +124598,73 @@ ], "type": "object" }, - "AWS::IAM::ServerCertificate": { + "AWS::Forecast::Dataset.AttributesItems": { "additionalProperties": false, "properties": { - "Condition": { + "AttributeName": { + "markdownDescription": "", + "title": "AttributeName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttributeType": { + "markdownDescription": "", + "title": "AttributeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Forecast::Dataset.EncryptionConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key.", + "title": "KmsKeyArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CertificateBody": { - "markdownDescription": "The contents of the public key certificate.", - "title": "CertificateBody", - "type": "string" - }, - "CertificateChain": { - "markdownDescription": "The contents of the public key certificate chain.", - "title": "CertificateChain", - "type": "string" - }, - "Path": { - "markdownDescription": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` ).", - "title": "Path", - "type": "string" - }, - "PrivateKey": { - "markdownDescription": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PrivateKey", - "type": "string" - }, - "ServerCertificateName": { - "markdownDescription": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "ServerCertificateName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", - "title": "Tags", - "type": "array" - } + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.\n\nPassing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Forecast::Dataset.Schema": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::Forecast::Dataset.AttributesItems" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IAM::ServerCertificate" - ], + "markdownDescription": "An array of attributes specifying the name and type of each field in a dataset.", + "title": "Attributes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Forecast::Dataset.TagsItems": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, "required": [ - "Type" + "Key", + "Value" ], "type": "object" }, - "AWS::IAM::ServiceLinkedRole": { + "AWS::Forecast::DatasetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -114982,27 +124699,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AWSServiceName": { - "markdownDescription": "The service principal for the AWS service to which this role is attached. You use a string similar to a URL but without the http:// in front. For example: `elasticbeanstalk.amazonaws.com` .\n\nService principals are unique and case-sensitive. To find the exact service principal for your service-linked role, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the *IAM User Guide* . Look for the services that have *Yes* in the *Service-Linked Role* column. Choose the *Yes* link to view the service-linked role documentation for that service.", - "title": "AWSServiceName", - "type": "string" + "DatasetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group.", + "title": "DatasetArns", + "type": "array" }, - "CustomSuffix": { - "markdownDescription": "A string that you provide, which is combined with the service-provided prefix to form the complete role name. If you make multiple requests for the same service, then you must supply a different `CustomSuffix` for each request. Otherwise the request fails with a duplicate role name error. For example, you could add `-1` or `-debug` to the suffix.\n\nSome services do not support the `CustomSuffix` parameter. If you provide an optional suffix and the operation fails, try the operation again without the suffix.", - "title": "CustomSuffix", + "DatasetGroupName": { + "markdownDescription": "The name of the dataset group.", + "title": "DatasetGroupName", "type": "string" }, - "Description": { - "markdownDescription": "The description of the role.", - "title": "Description", + "Domain": { + "markdownDescription": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the `Domain` parameter of the [CreateDataset](https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html) operation must match.\n\nThe `Domain` and `DatasetType` that you choose determine the fields that must be present in training data that you import to a dataset. For example, if you choose the `RETAIL` domain and `TARGET_TIME_SERIES` as the `DatasetType` , Amazon Forecast requires that `item_id` , `timestamp` , and `demand` fields are present in your data. For more information, see [Dataset groups](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-datasets-groups.html) .", + "title": "Domain", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, + "required": [ + "DatasetGroupName", + "Domain" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::ServiceLinkedRole" + "AWS::Forecast::DatasetGroup" ], "type": "string" }, @@ -115016,11 +124748,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IAM::User": { + "AWS::FraudDetector::Detector": { "additionalProperties": false, "properties": { "Condition": { @@ -115055,64 +124788,66 @@ "Properties": { "additionalProperties": false, "properties": { - "Groups": { + "AssociatedModels": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::FraudDetector::Detector.Model" }, - "markdownDescription": "A list of group names to which you want to add the user.", - "title": "Groups", + "markdownDescription": "The models to associate with this detector. You must provide the ARNs of all the models you want to associate.", + "title": "AssociatedModels", "type": "array" }, - "LoginProfile": { - "$ref": "#/definitions/AWS::IAM::User.LoginProfile", - "markdownDescription": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the AWS Management Console .\n\nYou can use the AWS CLI , the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the AWS Management Console .\n\nFor more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *IAM User Guide* .", - "title": "LoginProfile" + "Description": { + "markdownDescription": "The detector description.", + "title": "Description", + "type": "string" }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "ManagedPolicyArns", - "type": "array" + "DetectorId": { + "markdownDescription": "The name of the detector.", + "title": "DetectorId", + "type": "string" }, - "Path": { - "markdownDescription": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "DetectorVersionStatus": { + "markdownDescription": "The status of the detector version. If a value is not provided for this property, AWS CloudFormation assumes `DRAFT` status.\n\nValid values: `ACTIVE | DRAFT`", + "title": "DetectorVersionStatus", "type": "string" }, - "PermissionsBoundary": { - "markdownDescription": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n\nA permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\nFor more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide* .", - "title": "PermissionsBoundary", + "EventType": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EventType", + "markdownDescription": "The event type associated with this detector.", + "title": "EventType" + }, + "RuleExecutionMode": { + "markdownDescription": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules.", + "title": "RuleExecutionMode", "type": "string" }, - "Policies": { + "Rules": { "items": { - "$ref": "#/definitions/AWS::IAM::User.Policy" + "$ref": "#/definitions/AWS::FraudDetector::Detector.Rule" }, - "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an IAM User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user) .\n\n> The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a user, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", - "title": "Policies", + "markdownDescription": "The rules to include in the detector version.", + "title": "Rules", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "UserName": { - "markdownDescription": "The name of the user to create. Do not include the path in this value.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", - "title": "UserName", - "type": "string" } }, + "required": [ + "DetectorId", + "EventType", + "Rules" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::User" + "AWS::FraudDetector::Detector" ], "type": "string" }, @@ -115126,128 +124861,354 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IAM::User.LoginProfile": { + "AWS::FraudDetector::Detector.EntityType": { "additionalProperties": false, "properties": { - "Password": { - "markdownDescription": "The user's password.", - "title": "Password", + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", "type": "string" }, - "PasswordResetRequired": { - "markdownDescription": "Specifies whether the user is required to set a new password on next sign-in.", - "title": "PasswordResetRequired", + "CreatedTime": { + "markdownDescription": "Timestamp of when the entity type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", "type": "boolean" - } - }, - "required": [ - "Password" - ], - "type": "object" - }, - "AWS::IAM::User.Policy": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", - "title": "PolicyDocument", - "type": "object" }, - "PolicyName": { - "markdownDescription": "The friendly name (not ARN) identifying the policy.", - "title": "PolicyName", + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the entity type was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The entity type name.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "PolicyDocument", - "PolicyName" - ], "type": "object" }, - "AWS::IAM::UserPolicy": { + "AWS::FraudDetector::Detector.EventType": { "additionalProperties": false, "properties": { - "Condition": { + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Description": { + "markdownDescription": "The event type description.", + "title": "Description", + "type": "string" }, - "Metadata": { - "type": "object" + "EntityTypes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EntityType" + }, + "markdownDescription": "The event type entity types.", + "title": "EntityTypes", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", - "title": "PolicyDocument", - "type": "object" - }, - "PolicyName": { - "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "PolicyName", - "type": "string" - }, - "UserName": { - "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "UserName", - "type": "string" - } + "EventVariables": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.EventVariable" }, - "required": [ - "PolicyName", - "UserName" - ], - "type": "object" + "markdownDescription": "The event type event variables.", + "title": "EventVariables", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IAM::UserPolicy" - ], + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "Labels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Label" + }, + "markdownDescription": "The event type labels.", + "title": "Labels", + "type": "array" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the event type was last updated.", + "title": "LastUpdatedTime", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The event type name.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IAM::UserToGroupAddition": { + "AWS::FraudDetector::Detector.EventVariable": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The event variable ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp for when the event variable was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSource": { + "markdownDescription": "The data source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type of the event variable.\n\nValid values: `STRING | INTEGER | BOOLEAN | FLOAT`", + "title": "DataType", + "type": "string" + }, + "DefaultValue": { + "markdownDescription": "The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the event variable.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the event variable was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the event variable.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .", + "title": "VariableType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.Label": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The label ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The label description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the label was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The label name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.Model": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The ARN of the model.", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.Outcome": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The outcome ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "The timestamp when the outcome was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The outcome description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "The timestamp when the outcome was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The outcome name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Detector.Rule": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The rule ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp for when the rule was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The rule description.", + "title": "Description", + "type": "string" + }, + "DetectorId": { + "markdownDescription": "The detector for which the rule is associated.", + "title": "DetectorId", + "type": "string" + }, + "Expression": { + "markdownDescription": "The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) .", + "title": "Expression", + "type": "string" + }, + "Language": { + "markdownDescription": "The rule language.\n\nValid Value: DETECTORPL", + "title": "Language", + "type": "string" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the rule was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Outcomes": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::Detector.Outcome" + }, + "markdownDescription": "The rule outcome.", + "title": "Outcomes", + "type": "array" + }, + "RuleId": { + "markdownDescription": "The rule ID.", + "title": "RuleId", + "type": "string" + }, + "RuleVersion": { + "markdownDescription": "The rule version.", + "title": "RuleVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::EntityType": { "additionalProperties": false, "properties": { "Condition": { @@ -115282,29 +125243,33 @@ "Properties": { "additionalProperties": false, "properties": { - "GroupName": { - "markdownDescription": "The name of the group to update.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "GroupName", + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", "type": "string" }, - "Users": { + "Name": { + "markdownDescription": "The entity type name.\n\nPattern: `^[0-9a-z_-]+$`", + "title": "Name", + "type": "string" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of the names of the users that you want to add to the group.", - "title": "Users", + "markdownDescription": "A key and value pair.", + "title": "Tags", "type": "array" } }, "required": [ - "GroupName", - "Users" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::UserToGroupAddition" + "AWS::FraudDetector::EntityType" ], "type": "string" }, @@ -115323,7 +125288,7 @@ ], "type": "object" }, - "AWS::IAM::VirtualMFADevice": { + "AWS::FraudDetector::EventType": { "additionalProperties": false, "properties": { "Condition": { @@ -115358,41 +125323,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", - "title": "Path", + "Description": { + "markdownDescription": "The event type description.", + "title": "Description", "type": "string" }, - "Tags": { + "EntityTypes": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::FraudDetector::EventType.EntityType" }, - "markdownDescription": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", - "title": "Tags", + "markdownDescription": "The event type entity types.", + "title": "EntityTypes", "type": "array" }, - "Users": { + "EventVariables": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::FraudDetector::EventType.EventVariable" }, - "markdownDescription": "The IAM user associated with this virtual MFA device.", - "title": "Users", + "markdownDescription": "The event type event variables.", + "title": "EventVariables", "type": "array" }, - "VirtualMfaDeviceName": { - "markdownDescription": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", - "title": "VirtualMfaDeviceName", + "Labels": { + "items": { + "$ref": "#/definitions/AWS::FraudDetector::EventType.Label" + }, + "markdownDescription": "The event type labels.", + "title": "Labels", + "type": "array" + }, + "Name": { + "markdownDescription": "The event type name.\n\nPattern : `^[0-9a-z_-]+$`", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "Users" + "EntityTypes", + "EventVariables", + "Labels", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IAM::VirtualMFADevice" + "AWS::FraudDetector::EventType" ], "type": "string" }, @@ -115411,7 +125395,159 @@ ], "type": "object" }, - "AWS::IVS::Channel": { + "AWS::FraudDetector::EventType.EntityType": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The entity type ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the entity type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The entity type description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the entity type was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The entity type name.\n\n`^[0-9a-z_-]+$`", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::EventType.EventVariable": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The event variable ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp for when event variable was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSource": { + "markdownDescription": "The source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) .", + "title": "DataType", + "type": "string" + }, + "DefaultValue": { + "markdownDescription": "The default value of the event variable", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The event variable description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp for when the event variable was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the event variable.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) .", + "title": "VariableType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::FraudDetector::EventType.Label": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The label ARN.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "Timestamp of when the event type was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The label description.", + "title": "Description", + "type": "string" + }, + "Inline": { + "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables.", + "title": "Inline", + "type": "boolean" + }, + "LastUpdatedTime": { + "markdownDescription": "Timestamp of when the label was last updated.", + "title": "LastUpdatedTime", + "type": "string" + }, + "Name": { + "markdownDescription": "The label name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::FraudDetector::Label": { "additionalProperties": false, "properties": { "Condition": { @@ -115446,55 +125582,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Authorized": { - "markdownDescription": "Whether the channel is authorized.\n\n*Default* : `false`", - "title": "Authorized", - "type": "boolean" - }, - "InsecureIngest": { - "markdownDescription": "Whether the channel allows insecure RTMP ingest.\n\n*Default* : `false`", - "title": "InsecureIngest", - "type": "boolean" - }, - "LatencyMode": { - "markdownDescription": "Channel latency mode. Valid values:\n\n- `NORMAL` : Use NORMAL to broadcast and deliver live video up to Full HD.\n- `LOW` : Use LOW for near real-time interactions with viewers.\n\n> In the console, `LOW` and `NORMAL` correspond to `Ultra-low` and `Standard` , respectively. \n\n*Default* : `LOW`", - "title": "LatencyMode", + "Description": { + "markdownDescription": "The label description.", + "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "Channel name.", + "markdownDescription": "The label name.\n\nPattern: `^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, - "Preset": { - "markdownDescription": "An optional transcode preset for the channel. This is selectable only for `ADVANCED_HD` and `ADVANCED_SD` channel types. For those channel types, the default preset is `HIGHER_BANDWIDTH_DELIVERY` . For other channel types ( `BASIC` and `STANDARD` ), `preset` is the empty string (\"\").", - "title": "Preset", - "type": "string" - }, - "RecordingConfigurationArn": { - "markdownDescription": "The ARN of a RecordingConfiguration resource. An empty string indicates that recording is disabled for the channel. A RecordingConfiguration ARN indicates that recording is enabled using the specified recording configuration. See the [RecordingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ivs-recordingconfiguration.html) resource for more information and an example.\n\n*Default* : \"\" (empty string, recording is disabled)", - "title": "RecordingConfigurationArn", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-channel-tag.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The channel type, which determines the allowable resolution and bitrate. *If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately.* For details, see [Channel Types](https://docs.aws.amazon.com/ivs/latest/LowLatencyAPIReference/channel-types.html) .\n\n*Default* : `STANDARD`", - "title": "Type", - "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::Channel" + "AWS::FraudDetector::Label" ], "type": "string" }, @@ -115508,11 +125622,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVS::EncoderConfiguration": { + "AWS::FraudDetector::List": { "additionalProperties": false, "properties": { "Condition": { @@ -115547,8 +125662,21 @@ "Properties": { "additionalProperties": false, "properties": { + "Description": { + "markdownDescription": "The description of the list.", + "title": "Description", + "type": "string" + }, + "Elements": { + "items": { + "type": "string" + }, + "markdownDescription": "The elements in the list.", + "title": "Elements", + "type": "array" + }, "Name": { - "markdownDescription": "Encoder cnfiguration name.", + "markdownDescription": "The name of the list.", "title": "Name", "type": "string" }, @@ -115556,21 +125684,24 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-tag.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, - "Video": { - "$ref": "#/definitions/AWS::IVS::EncoderConfiguration.Video", - "markdownDescription": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps. See the [Video](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-video.html) property type for more information.", - "title": "Video" + "VariableType": { + "markdownDescription": "The variable type of the list. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types)", + "title": "VariableType", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::EncoderConfiguration" + "AWS::FraudDetector::List" ], "type": "string" }, @@ -115584,37 +125715,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVS::EncoderConfiguration.Video": { - "additionalProperties": false, - "properties": { - "Bitrate": { - "markdownDescription": "Bitrate for generated output, in bps. Default: 2500000.", - "title": "Bitrate", - "type": "number" - }, - "Framerate": { - "markdownDescription": "Video frame rate, in fps. Default: 30.", - "title": "Framerate", - "type": "number" - }, - "Height": { - "markdownDescription": "Video-resolution height. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720.", - "title": "Height", - "type": "number" - }, - "Width": { - "markdownDescription": "Video-resolution width. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280.", - "title": "Width", - "type": "number" - } - }, - "type": "object" - }, - "AWS::IVS::PlaybackKeyPair": { + "AWS::FraudDetector::Outcome": { "additionalProperties": false, "properties": { "Condition": { @@ -115649,30 +125755,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Playback-key-pair name. The value does not need to be unique.", - "title": "Name", + "Description": { + "markdownDescription": "The outcome description.", + "title": "Description", "type": "string" }, - "PublicKeyMaterial": { - "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PlaybackKeyPair resource.", - "title": "PublicKeyMaterial", + "Name": { + "markdownDescription": "The outcome name.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackkeypair-tag.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::PlaybackKeyPair" + "AWS::FraudDetector::Outcome" ], "type": "string" }, @@ -115686,11 +125795,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVS::PlaybackRestrictionPolicy": { + "AWS::FraudDetector::Variable": { "additionalProperties": false, "properties": { "Condition": { @@ -115725,29 +125835,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedCountries": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of country codes that control geoblocking restrictions. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array).", - "title": "AllowedCountries", - "type": "array" + "DataSource": { + "markdownDescription": "The data source of the variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", + "title": "DataSource", + "type": "string" }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\"](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)", - "title": "AllowedOrigins", - "type": "array" + "DataType": { + "markdownDescription": "The data type of the variable.\n\nValid data types: `STRING | INTEGER | BOOLEAN | FLOAT`", + "title": "DataType", + "type": "string" }, - "EnableStrictOriginEnforcement": { - "markdownDescription": "Whether channel playback is constrained by the origin site.", - "title": "EnableStrictOriginEnforcement", - "type": "boolean" + "DefaultValue": { + "markdownDescription": "The default value of the variable.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the variable.", + "title": "Description", + "type": "string" }, "Name": { - "markdownDescription": "Playback-restriction-policy name.", + "markdownDescription": "The name of the variable.\n\nPattern: `^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, @@ -115755,20 +125864,27 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackrestrictionpolicy-tag.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "VariableType": { + "markdownDescription": "The type of the variable. For more information see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .\n\nValid Values: `AUTH_CODE | AVS | BILLING_ADDRESS_L1 | BILLING_ADDRESS_L2 | BILLING_CITY | BILLING_COUNTRY | BILLING_NAME | BILLING_PHONE | BILLING_STATE | BILLING_ZIP | CARD_BIN | CATEGORICAL | CURRENCY_CODE | EMAIL_ADDRESS | FINGERPRINT | FRAUD_LABEL | FREE_FORM_TEXT | IP_ADDRESS | NUMERIC | ORDER_ID | PAYMENT_TYPE | PHONE_NUMBER | PRICE | PRODUCT_CATEGORY | SHIPPING_ADDRESS_L1 | SHIPPING_ADDRESS_L2 | SHIPPING_CITY | SHIPPING_COUNTRY | SHIPPING_NAME | SHIPPING_PHONE | SHIPPING_STATE | SHIPPING_ZIP | USERAGENT`", + "title": "VariableType", + "type": "string" } }, "required": [ - "AllowedCountries", - "AllowedOrigins" + "DataSource", + "DataType", + "DefaultValue", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::PlaybackRestrictionPolicy" + "AWS::FraudDetector::Variable" ], "type": "string" }, @@ -115787,7 +125903,7 @@ ], "type": "object" }, - "AWS::IVS::RecordingConfiguration": { + "AWS::GameLift::Alias": { "additionalProperties": false, "properties": { "Condition": { @@ -115822,48 +125938,39 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.DestinationConfiguration", - "markdownDescription": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information.", - "title": "DestinationConfiguration" + "Description": { + "markdownDescription": "A human-readable description of the alias.", + "title": "Description", + "type": "string" }, "Name": { - "markdownDescription": "Recording-configuration name. The value does not need to be unique.", + "markdownDescription": "A descriptive label that is associated with an alias. Alias names do not need to be unique.", "title": "Name", "type": "string" }, - "RecordingReconnectWindowSeconds": { - "markdownDescription": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n\n*Default* : `0`", - "title": "RecordingReconnectWindowSeconds", - "type": "number" - }, - "RenditionConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.RenditionConfiguration", - "markdownDescription": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information.", - "title": "RenditionConfiguration" + "RoutingStrategy": { + "$ref": "#/definitions/AWS::GameLift::Alias.RoutingStrategy", + "markdownDescription": "The routing configuration, including routing type and fleet target, for the alias.", + "title": "RoutingStrategy" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-tag.html) .", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "ThumbnailConfiguration": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.ThumbnailConfiguration", - "markdownDescription": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information.", - "title": "ThumbnailConfiguration" } }, "required": [ - "DestinationConfiguration" + "Name", + "RoutingStrategy" ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::RecordingConfiguration" + "AWS::GameLift::Alias" ], "type": "string" }, @@ -115882,80 +125989,31 @@ ], "type": "object" }, - "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { - "additionalProperties": false, - "properties": { - "S3": { - "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.S3DestinationConfiguration", - "markdownDescription": "An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information.", - "title": "S3" - } - }, - "type": "object" - }, - "AWS::IVS::RecordingConfiguration.RenditionConfiguration": { + "AWS::GameLift::Alias.RoutingStrategy": { "additionalProperties": false, "properties": { - "RenditionSelection": { - "markdownDescription": "The set of renditions are recorded for a stream. For `BASIC` channels, the `CUSTOM` value has no effect. If `CUSTOM` is specified, a set of renditions can be specified in the `renditions` field. Default: `ALL` .", - "title": "RenditionSelection", + "FleetId": { + "markdownDescription": "A unique identifier for a fleet that the alias points to. If you specify `SIMPLE` for the `Type` property, you must specify this property.", + "title": "FleetId", "type": "string" }, - "Renditions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of which renditions are recorded for a stream, if `renditionSelection` is `CUSTOM` ; otherwise, this field is irrelevant. The selected renditions are recorded if they are available during the stream. If a selected rendition is unavailable, the best available rendition is recorded. For details on the resolution dimensions of each rendition, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", - "title": "Renditions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IVS::RecordingConfiguration.S3DestinationConfiguration": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "Location (S3 bucket name) where recorded videos will be stored.", - "title": "BucketName", - "type": "string" - } - }, - "required": [ - "BucketName" - ], - "type": "object" - }, - "AWS::IVS::RecordingConfiguration.ThumbnailConfiguration": { - "additionalProperties": false, - "properties": { - "RecordingMode": { - "markdownDescription": "Thumbnail recording mode. Valid values:\n\n- `DISABLED` : Use DISABLED to disable the generation of thumbnails for recorded video.\n- `INTERVAL` : Use INTERVAL to enable the generation of thumbnails for recorded video at a time interval controlled by the [TargetIntervalSeconds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-targetintervalseconds) property.\n\n*Default* : `INTERVAL`", - "title": "RecordingMode", + "Message": { + "markdownDescription": "The message text to be used with a terminal routing strategy. If you specify `TERMINAL` for the `Type` property, you must specify this property.", + "title": "Message", "type": "string" }, - "Resolution": { - "markdownDescription": "The desired resolution of recorded thumbnails for a stream. Thumbnails are recorded at the selected resolution if the corresponding rendition is available during the stream; otherwise, they are recorded at source resolution. For more information about resolution values and their corresponding height and width dimensions, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", - "title": "Resolution", + "Type": { + "markdownDescription": "A type of routing strategy.\n\nPossible routing types include the following:\n\n- *SIMPLE* - The alias resolves to one specific fleet. Use this type when routing to active fleets.\n- *TERMINAL* - The alias does not resolve to a fleet but instead can be used to display a message to the user. A terminal alias throws a `TerminalRoutingStrategyException` with the message that you specified in the `Message` property.", + "title": "Type", "type": "string" - }, - "Storage": { - "items": { - "type": "string" - }, - "markdownDescription": "The format in which thumbnails are recorded for a stream. `SEQUENTIAL` records all generated thumbnails in a serial manner, to the media/thumbnails directory. `LATEST` saves the latest thumbnail in media/thumbnails/latest/thumb.jpg and overwrites it at the interval specified by `targetIntervalSeconds` . You can enable both `SEQUENTIAL` and `LATEST` . Default: `SEQUENTIAL` .", - "title": "Storage", - "type": "array" - }, - "TargetIntervalSeconds": { - "markdownDescription": "The targeted thumbnail-generation interval in seconds. This is configurable (and required) only if [RecordingMode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-recordingmode) is `INTERVAL` .\n\n> Setting a value for `TargetIntervalSeconds` does not guarantee that thumbnails are generated at the specified interval. For thumbnails to be generated at the `TargetIntervalSeconds` interval, the `IDR/Keyframe` value for the input video must be less than the `TargetIntervalSeconds` value. See [Amazon IVS Streaming Configuration](https://docs.aws.amazon.com/ivs/latest/LowLatencyUserGuide/streaming-config.html) for information on setting `IDR/Keyframe` to the recommended value in video-encoder settings. \n\n*Default* : 60", - "title": "TargetIntervalSeconds", - "type": "number" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::IVS::Stage": { + "AWS::GameLift::Build": { "additionalProperties": false, "properties": { "Condition": { @@ -115991,24 +126049,44 @@ "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "Stage name.", + "markdownDescription": "A descriptive label that is associated with a build. Build names do not need to be unique.", "title": "Name", "type": "string" }, + "OperatingSystem": { + "markdownDescription": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "title": "OperatingSystem", + "type": "string" + }, + "ServerSdkVersion": { + "markdownDescription": "A server SDK version you used when integrating your game server build with Amazon GameLift Servers. For more information see [Integrate games with custom game servers](https://docs.aws.amazon.com/gamelift/latest/developerguide/integration-custom-intro.html) . By default Amazon GameLift Servers sets this value to `4.0.2` .", + "title": "ServerSdkVersion", + "type": "string" + }, + "StorageLocation": { + "$ref": "#/definitions/AWS::GameLift::Build.StorageLocation", + "markdownDescription": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift Servers to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift Servers will report a `SizeOnDisk` of 0.", + "title": "StorageLocation" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-stage-tag.html) .", + "markdownDescription": "", "title": "Tags", "type": "array" + }, + "Version": { + "markdownDescription": "Version information that is associated with this build. Version strings do not need to be unique.", + "title": "Version", + "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::IVS::Stage" + "AWS::GameLift::Build" ], "type": "string" }, @@ -116026,7 +126104,38 @@ ], "type": "object" }, - "AWS::IVS::StorageConfiguration": { + "AWS::GameLift::Build.StorageLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "An Amazon S3 bucket identifier. The name of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name of the zip file that contains the build files or script files.", + "title": "Key", + "type": "string" + }, + "ObjectVersion": { + "markdownDescription": "A version of a stored file to retrieve, if the object versioning feature is turned on for the S3 bucket. Use this parameter to specify a specific version. If this parameter isn't set, Amazon GameLift Servers retrieves the latest version of the file.", + "title": "ObjectVersion", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARNfor an IAM role that allows Amazon GameLift to access the S3 bucket.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key", + "RoleArn" + ], + "type": "object" + }, + "AWS::GameLift::ContainerFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -116061,33 +126170,115 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Storage cnfiguration name.", - "title": "Name", + "BillingType": { + "markdownDescription": "Indicates whether the fleet uses On-Demand or Spot instances for this fleet. Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . You can't update this fleet property.\n\nBy default, this property is set to `ON_DEMAND` .", + "title": "BillingType", "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::IVS::StorageConfiguration.S3StorageConfiguration", - "markdownDescription": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information.", - "title": "S3" + "DeploymentConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.DeploymentConfiguration", + "markdownDescription": "Set of rules for processing a deployment for a container fleet update.", + "title": "DeploymentConfiguration" + }, + "Description": { + "markdownDescription": "A meaningful description of the container fleet.", + "title": "Description", + "type": "string" + }, + "FleetRoleArn": { + "markdownDescription": "The unique identifier for an AWS Identity and Access Management (IAM) role with permissions to run your containers on resources that are managed by Amazon GameLift Servers. See [Set up an IAM service role](https://docs.aws.amazon.com/gamelift/latest/developerguide/setting-up-role.html) . This fleet property can't be changed.", + "title": "FleetRoleArn", + "type": "string" + }, + "GameServerContainerGroupDefinitionName": { + "markdownDescription": "The name of the fleet's game server container group definition, which describes how to deploy containers with your game server build and support software onto each fleet instance.", + "title": "GameServerContainerGroupDefinitionName", + "type": "string" + }, + "GameServerContainerGroupsPerInstance": { + "markdownDescription": "The number of times to replicate the game server container group on each fleet instance.", + "title": "GameServerContainerGroupsPerInstance", + "type": "number" + }, + "GameSessionCreationLimitPolicy": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.GameSessionCreationLimitPolicy", + "markdownDescription": "A policy that limits the number of game sessions that each individual player can create on instances in this fleet. The limit applies for a specified span of time.", + "title": "GameSessionCreationLimitPolicy" + }, + "InstanceConnectionPortRange": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.ConnectionPortRange", + "markdownDescription": "The set of port numbers to open on each instance in a container fleet. Connection ports are used by inbound traffic to connect with processes that are running in containers on the fleet.", + "title": "InstanceConnectionPortRange" + }, + "InstanceInboundPermissions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.IpPermission" + }, + "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet.", + "title": "InstanceInboundPermissions", + "type": "array" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type to use for all instances in the fleet. Instance type determines the computing resources and processing power that's available to host your game servers. This includes including CPU, memory, storage, and networking capacity. You can't update this fleet property.", + "title": "InstanceType", + "type": "string" + }, + "Locations": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LocationConfiguration" + }, + "markdownDescription": "", + "title": "Locations", + "type": "array" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LogConfiguration", + "markdownDescription": "The method that is used to collect container logs for the fleet. Amazon GameLift Servers saves all standard output for each container in logs, including game session logs.\n\n- `CLOUDWATCH` -- Send logs to an Amazon CloudWatch log group that you define. Each container emits a log stream, which is organized in the log group.\n- `S3` -- Store logs in an Amazon S3 bucket that you define.\n- `NONE` -- Don't collect container logs.", + "title": "LogConfiguration" + }, + "MetricGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. Metric groups aggregate metrics for multiple fleets.", + "title": "MetricGroups", + "type": "array" + }, + "NewGameSessionProtectionPolicy": { + "markdownDescription": "Determines whether Amazon GameLift Servers can shut down game sessions on the fleet that are actively running and hosting players. Amazon GameLift Servers might prompt an instance shutdown when scaling down fleet capacity or when retiring unhealthy instances. You can also set game session protection for individual game sessions using [UpdateGameSession](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateGameSession.html) .\n\n- *NoProtection* -- Game sessions can be shut down during active gameplay.\n- *FullProtection* -- Game sessions in `ACTIVE` status can't be shut down.", + "title": "NewGameSessionProtectionPolicy", + "type": "string" + }, + "PerInstanceContainerGroupDefinitionName": { + "markdownDescription": "The name of the fleet's per-instance container group definition.", + "title": "PerInstanceContainerGroupDefinitionName", + "type": "string" + }, + "ScalingPolicies": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.ScalingPolicy" + }, + "markdownDescription": "", + "title": "ScalingPolicies", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-tag.html) .", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "S3" + "FleetRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IVS::StorageConfiguration" + "AWS::GameLift::ContainerFleet" ], "type": "string" }, @@ -116106,239 +126297,250 @@ ], "type": "object" }, - "AWS::IVS::StorageConfiguration.S3StorageConfiguration": { + "AWS::GameLift::ContainerFleet.ConnectionPortRange": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the S3 bucket where recorded video will be stored.", - "title": "BucketName", - "type": "string" + "FromPort": { + "markdownDescription": "Starting value for the port range.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "Ending value for the port. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", + "title": "ToPort", + "type": "number" } }, "required": [ - "BucketName" + "FromPort", + "ToPort" ], "type": "object" }, - "AWS::IVS::StreamKey": { + "AWS::GameLift::ContainerFleet.DeploymentConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "ImpairmentStrategy": { + "markdownDescription": "Determines what actions to take if a deployment fails. If the fleet is multi-location, this strategy applies across all fleet locations. With a rollback strategy, updated fleet instances are rolled back to the last successful deployment. Alternatively, you can maintain a few impaired containers for the purpose of debugging, while all other tasks return to the last successful deployment.", + "title": "ImpairmentStrategy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MinimumHealthyPercentage": { + "markdownDescription": "Sets a minimum level of healthy tasks to maintain during deployment activity.", + "title": "MinimumHealthyPercentage", + "type": "number" + }, + "ProtectionStrategy": { + "markdownDescription": "Determines how fleet deployment activity affects active game sessions on the fleet. With protection, a deployment honors game session protection, and delays actions that would interrupt a protected active game session until the game session ends. Without protection, deployment activity can shut down all running tasks, including active game sessions, regardless of game session protection.", + "title": "ProtectionStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::GameLift::ContainerFleet.DeploymentDetails": { + "additionalProperties": false, + "properties": { + "LatestDeploymentId": { + "markdownDescription": "A unique identifier for a fleet deployment.", + "title": "LatestDeploymentId", "type": "string" + } + }, + "type": "object" + }, + "AWS::GameLift::ContainerFleet.GameSessionCreationLimitPolicy": { + "additionalProperties": false, + "properties": { + "NewGameSessionsPerCreator": { + "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy evaluates when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", + "title": "NewGameSessionsPerCreator", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelArn": { - "markdownDescription": "Channel ARN for the stream.", - "title": "ChannelArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-streamkey-tag.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ChannelArn" - ], - "type": "object" + "PolicyPeriodInMinutes": { + "markdownDescription": "The time span used in evaluating the resource creation limit policy.", + "title": "PolicyPeriodInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GameLift::ContainerFleet.IpPermission": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "FromPort", + "type": "number" }, - "Type": { - "enum": [ - "AWS::IVS::StreamKey" - ], + "IpRange": { + "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", + "title": "IpRange", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Protocol": { + "markdownDescription": "The network communication protocol used by the fleet.", + "title": "Protocol", "type": "string" + }, + "ToPort": { + "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "ToPort", + "type": "number" } }, "required": [ - "Type", - "Properties" + "FromPort", + "IpRange", + "Protocol", + "ToPort" ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration": { + "AWS::GameLift::ContainerFleet.LocationCapacity": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DestinationConfiguration": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.DestinationConfiguration", - "markdownDescription": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged.", - "title": "DestinationConfiguration" - }, - "Name": { - "markdownDescription": "Logging-configuration name. The value does not need to be unique.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-loggingconfiguration-tag.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DestinationConfiguration" - ], - "type": "object" + "DesiredEC2Instances": { + "markdownDescription": "", + "title": "DesiredEC2Instances", + "type": "number" }, - "Type": { - "enum": [ - "AWS::IVSChat::LoggingConfiguration" - ], - "type": "string" + "MaxSize": { + "markdownDescription": "", + "title": "MaxSize", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MinSize": { + "markdownDescription": "", + "title": "MinSize", + "type": "number" } }, "required": [ - "Type", - "Properties" + "DesiredEC2Instances", + "MaxSize", + "MinSize" ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration": { + "AWS::GameLift::ContainerFleet.LocationConfiguration": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged.", - "title": "LogGroupName", + "Location": { + "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Location", "type": "string" + }, + "LocationCapacity": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.LocationCapacity", + "markdownDescription": "", + "title": "LocationCapacity" + }, + "StoppedActions": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "StoppedActions", + "type": "array" } }, "required": [ - "LogGroupName" + "Location" ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.DestinationConfiguration": { + "AWS::GameLift::ContainerFleet.LogConfiguration": { "additionalProperties": false, "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration", - "markdownDescription": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.", - "title": "CloudWatchLogs" + "LogDestination": { + "markdownDescription": "The type of log collection to use for a fleet.\n\n- `CLOUDWATCH` -- (default value) Send logs to an Amazon CloudWatch log group that you define. Each container emits a log stream, which is organized in the log group.\n- `S3` -- Store logs in an Amazon S3 bucket that you define. This bucket must reside in the fleet's home AWS Region.\n- `NONE` -- Don't collect container logs.", + "title": "LogDestination", + "type": "string" }, - "Firehose": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration", - "markdownDescription": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.", - "title": "Firehose" + "LogGroupArn": { + "markdownDescription": "If log destination is `CLOUDWATCH` , logs are sent to the specified log group in Amazon CloudWatch.", + "title": "LogGroupArn", + "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration", - "markdownDescription": "An Amazon S3 destination configuration where chat activity will be logged.", - "title": "S3" + "S3BucketName": { + "markdownDescription": "If log destination is `S3` , logs are sent to the specified Amazon S3 bucket name.", + "title": "S3BucketName", + "type": "string" } }, "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration": { + "AWS::GameLift::ContainerFleet.ScalingPolicy": { "additionalProperties": false, "properties": { - "DeliveryStreamName": { - "markdownDescription": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged.", - "title": "DeliveryStreamName", + "ComparisonOperator": { + "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", + "title": "ComparisonOperator", + "type": "string" + }, + "EvaluationPeriods": { + "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", + "title": "EvaluationPeriods", + "type": "number" + }, + "MetricName": { + "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", + "title": "MetricName", + "type": "string" + }, + "Name": { + "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", + "title": "Name", + "type": "string" + }, + "PolicyType": { + "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", + "title": "PolicyType", + "type": "string" + }, + "ScalingAdjustment": { + "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", + "title": "ScalingAdjustment", + "type": "number" + }, + "ScalingAdjustmentType": { + "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", + "title": "ScalingAdjustmentType", "type": "string" + }, + "TargetConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet.TargetConfiguration", + "markdownDescription": "An object that contains settings for a target-based scaling policy.", + "title": "TargetConfiguration" + }, + "Threshold": { + "markdownDescription": "Metric value used to trigger a scaling event.", + "title": "Threshold", + "type": "number" } }, "required": [ - "DeliveryStreamName" + "MetricName", + "Name" ], "type": "object" }, - "AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration": { + "AWS::GameLift::ContainerFleet.TargetConfiguration": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the Amazon S3 bucket where chat activity will be logged.", - "title": "BucketName", - "type": "string" + "TargetValue": { + "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", + "title": "TargetValue", + "type": "number" } }, "required": [ - "BucketName" + "TargetValue" ], "type": "object" }, - "AWS::IVSChat::Room": { + "AWS::GameLift::ContainerGroupDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -116373,48 +126575,74 @@ "Properties": { "additionalProperties": false, "properties": { - "LoggingConfigurationIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "List of logging-configuration identifiers attached to the room.", - "title": "LoggingConfigurationIdentifiers", - "type": "array" - }, - "MaximumMessageLength": { - "markdownDescription": "Maximum number of characters in a single message. Messages are expected to be UTF-8 encoded and this limit applies specifically to rune/code-point count, not number of bytes.", - "title": "MaximumMessageLength", - "type": "number" - }, - "MaximumMessageRatePerSecond": { - "markdownDescription": "Maximum number of messages per second that can be sent to the room (by all clients).", - "title": "MaximumMessageRatePerSecond", - "type": "number" + "ContainerGroupType": { + "markdownDescription": "The type of container group. Container group type determines how Amazon GameLift Servers deploys the container group on each fleet instance.", + "title": "ContainerGroupType", + "type": "string" }, - "MessageReviewHandler": { - "$ref": "#/definitions/AWS::IVSChat::Room.MessageReviewHandler", - "markdownDescription": "Configuration information for optional review of messages.", - "title": "MessageReviewHandler" + "GameServerContainerDefinition": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.GameServerContainerDefinition", + "markdownDescription": "The definition for the game server container in this group. This property is used only when the container group type is `GAME_SERVER` . This container definition specifies a container image with the game server build.", + "title": "GameServerContainerDefinition" }, "Name": { - "markdownDescription": "Room name. The value does not need to be unique.", + "markdownDescription": "A descriptive identifier for the container group definition. The name value is unique in an AWS Region.", "title": "Name", "type": "string" }, + "OperatingSystem": { + "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "title": "OperatingSystem", + "type": "string" + }, + "SourceVersionNumber": { + "markdownDescription": "", + "title": "SourceVersionNumber", + "type": "number" + }, + "SupportContainerDefinitions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.SupportContainerDefinition" + }, + "markdownDescription": "The set of definitions for support containers in this group. A container group definition might have zero support container definitions. Support container can be used in any type of container group.", + "title": "SupportContainerDefinitions", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-room-tag.html) .", + "markdownDescription": "", "title": "Tags", "type": "array" + }, + "TotalMemoryLimitMebibytes": { + "markdownDescription": "The amount of memory (in MiB) on a fleet instance to allocate for the container group. All containers in the group share these resources.\n\nYou can set a limit for each container definition in the group. If individual containers have limits, this total value must be greater than any individual container's memory limit.", + "title": "TotalMemoryLimitMebibytes", + "type": "number" + }, + "TotalVcpuLimit": { + "markdownDescription": "The amount of vCPU units on a fleet instance to allocate for the container group (1 vCPU is equal to 1024 CPU units). All containers in the group share these resources. You can set a limit for each container definition in the group. If individual containers have limits, this total value must be equal to or greater than the sum of the limits for each container in the group.", + "title": "TotalVcpuLimit", + "type": "number" + }, + "VersionDescription": { + "markdownDescription": "An optional description that was provided for a container group definition update. Each version can have a unique description.", + "title": "VersionDescription", + "type": "string" } }, + "required": [ + "Name", + "OperatingSystem", + "TotalMemoryLimitMebibytes", + "TotalVcpuLimit" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IVSChat::Room" + "AWS::GameLift::ContainerGroupDefinition" ], "type": "string" }, @@ -116428,321 +126656,290 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IVSChat::Room.MessageReviewHandler": { + "AWS::GameLift::ContainerGroupDefinition.ContainerDependency": { "additionalProperties": false, "properties": { - "FallbackResult": { - "markdownDescription": "Specifies the fallback behavior (whether the message is allowed or denied) if the handler does not return a valid response, encounters an error, or times out. (For the timeout period, see [Service Quotas](https://docs.aws.amazon.com/ivs/latest/userguide/service-quotas.html) .) If allowed, the message is delivered with returned content to all users connected to the room. If denied, the message is not delivered to any user.\n\n*Default* : `ALLOW`", - "title": "FallbackResult", + "Condition": { + "markdownDescription": "The condition that the dependency container must reach before the dependent container can start. Valid conditions include:\n\n- START - The dependency container must have started.\n- COMPLETE - The dependency container has run to completion (exits). Use this condition with nonessential containers, such as those that run a script and then exit. The dependency container can't be an essential container.\n- SUCCESS - The dependency container has run to completion and exited with a zero status. The dependency container can't be an essential container.\n- HEALTHY - The dependency container has passed its Docker health check. Use this condition with dependency containers that have health checks configured. This condition is confirmed at container group startup only.", + "title": "Condition", "type": "string" }, - "Uri": { - "markdownDescription": "Identifier of the message review handler. Currently this must be an ARN of a lambda function.", - "title": "Uri", + "ContainerName": { + "markdownDescription": "A descriptive label for the container definition that this container depends on.", + "title": "ContainerName", "type": "string" } }, + "required": [ + "Condition", + "ContainerName" + ], "type": "object" }, - "AWS::IdentityStore::Group": { + "AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment": { "additionalProperties": false, "properties": { - "Condition": { + "Name": { + "markdownDescription": "The environment variable name.", + "title": "Name", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The environment variable value.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck": { + "additionalProperties": false, + "properties": { + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "A string array that specifies the command that the container runs to determine if it's healthy.", + "title": "Command", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Interval": { + "markdownDescription": "The time period (in seconds) between each health check.", + "title": "Interval", + "type": "number" }, - "Metadata": { - "type": "object" + "Retries": { + "markdownDescription": "The number of times to retry a failed health check before flagging the container unhealthy. The first run of the command does not count as a retry.", + "title": "Retries", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A string containing the description of the group.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The display name value for the group. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.\n\nPrefix search supports a maximum of 1,000 characters for the string.", - "title": "DisplayName", - "type": "string" - }, - "IdentityStoreId": { - "markdownDescription": "The globally unique identifier for the identity store.", - "title": "IdentityStoreId", - "type": "string" - } - }, - "required": [ - "DisplayName", - "IdentityStoreId" - ], - "type": "object" + "StartPeriod": { + "markdownDescription": "The optional grace period (in seconds) to give a container time to bootstrap before the first failed health check counts toward the number of retries.", + "title": "StartPeriod", + "type": "number" }, - "Type": { - "enum": [ - "AWS::IdentityStore::Group" - ], + "Timeout": { + "markdownDescription": "The time period (in seconds) to wait for a health check to succeed before counting a failed health check.", + "title": "Timeout", + "type": "number" + } + }, + "required": [ + "Command" + ], + "type": "object" + }, + "AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint": { + "additionalProperties": false, + "properties": { + "AccessLevel": { + "markdownDescription": "The type of access for the container.", + "title": "AccessLevel", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ContainerPath": { + "markdownDescription": "The mount path on the container. If this property isn't set, the instance path is used.", + "title": "ContainerPath", + "type": "string" + }, + "InstancePath": { + "markdownDescription": "The path to the source file or directory.", + "title": "InstancePath", "type": "string" } }, "required": [ - "Type", - "Properties" + "InstancePath" ], "type": "object" }, - "AWS::IdentityStore::GroupMembership": { + "AWS::GameLift::ContainerGroupDefinition.ContainerPortRange": { "additionalProperties": false, "properties": { - "Condition": { + "FromPort": { + "markdownDescription": "A starting value for the range of allowed port numbers.", + "title": "FromPort", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network protocol that these ports support.", + "title": "Protocol", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ToPort": { + "markdownDescription": "An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "Protocol", + "ToPort" + ], + "type": "object" + }, + "AWS::GameLift::ContainerGroupDefinition.GameServerContainerDefinition": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The container definition identifier. Container names are unique within a container group definition.", + "title": "ContainerName", "type": "string" }, "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" + }, + "markdownDescription": "Indicates that the container relies on the status of other containers in the same container group during startup and shutdown sequences. A container might have dependencies on multiple containers.", + "title": "DependsOn", + "type": "array" }, - "Metadata": { - "type": "object" + "EnvironmentOverride": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" + }, + "markdownDescription": "A set of environment variables that's passed to the container on startup. See the [ContainerDefinition::environment](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-environment) parameter in the *Amazon Elastic Container Service API Reference* .", + "title": "EnvironmentOverride", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "GroupId": { - "markdownDescription": "The identifier for a group in the identity store.", - "title": "GroupId", - "type": "string" - }, - "IdentityStoreId": { - "markdownDescription": "The globally unique identifier for the identity store.", - "title": "IdentityStoreId", - "type": "string" - }, - "MemberId": { - "$ref": "#/definitions/AWS::IdentityStore::GroupMembership.MemberId", - "markdownDescription": "An object containing the identifier of a group member. Setting the `MemberId` 's `UserId` field to a specific User's ID indicates that user is a member of the group.", - "title": "MemberId" - } + "ImageUri": { + "markdownDescription": "The URI to the image that Amazon GameLift Servers uses when deploying this container to a container fleet. For a more specific identifier, see `ResolvedImageDigest` .", + "title": "ImageUri", + "type": "string" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint" }, - "required": [ - "GroupId", - "IdentityStoreId", - "MemberId" - ], - "type": "object" + "markdownDescription": "A mount point that binds a path inside the container to a file or directory on the host system and lets it access the file or directory.", + "title": "MountPoints", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IdentityStore::GroupMembership" - ], + "PortConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration", + "markdownDescription": "The set of ports that are available to bind to processes in the container. For example, a game server process requires a container port to allow game clients to connect to it. Container ports aren't directly accessed by inbound traffic. Amazon GameLift Servers maps these container ports to externally accessible connection ports, which are assigned as needed from the container fleet's `ConnectionPortRange` .", + "title": "PortConfiguration" + }, + "ResolvedImageDigest": { + "markdownDescription": "A unique and immutable identifier for the container image. The digest is a SHA 256 hash of the container image manifest.", + "title": "ResolvedImageDigest", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ServerSdkVersion": { + "markdownDescription": "The Amazon GameLift Servers server SDK version that the game server is integrated with. Only game servers using 5.2.0 or higher are compatible with container fleets.", + "title": "ServerSdkVersion", "type": "string" } }, "required": [ - "Type", - "Properties" + "ContainerName", + "ImageUri", + "ServerSdkVersion" ], "type": "object" }, - "AWS::IdentityStore::GroupMembership.MemberId": { + "AWS::GameLift::ContainerGroupDefinition.PortConfiguration": { "additionalProperties": false, "properties": { - "UserId": { - "markdownDescription": "An object containing the identifiers of resources that can be members.", - "title": "UserId", - "type": "string" + "ContainerPortRanges": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerPortRange" + }, + "markdownDescription": "", + "title": "ContainerPortRanges", + "type": "array" } }, "required": [ - "UserId" + "ContainerPortRanges" ], "type": "object" }, - "AWS::ImageBuilder::Component": { + "AWS::GameLift::ContainerGroupDefinition.SupportContainerDefinition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ContainerName": { + "markdownDescription": "The container definition identifier. Container names are unique within a container group definition.", + "title": "ContainerName", "type": "string" }, "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" + }, + "markdownDescription": "Indicates that the container relies on the status of other containers in the same container group during its startup and shutdown sequences. A container might have dependencies on multiple containers.", + "title": "DependsOn", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChangeDescription": { - "markdownDescription": "The change description of the component. Describes what change has been made in this version, or what makes this version different from other versions of the component.", - "title": "ChangeDescription", - "type": "string" - }, - "Data": { - "markdownDescription": "Component `data` contains inline YAML document content for the component. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", - "title": "Data", - "type": "string" - }, - "Description": { - "markdownDescription": "Describes the contents of the component.", - "title": "Description", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key that is used to encrypt this component.", - "title": "KmsKeyId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the component.", - "title": "Name", - "type": "string" - }, - "Platform": { - "markdownDescription": "The operating system platform of the component.", - "title": "Platform", - "type": "string" - }, - "SupportedOsVersions": { - "items": { - "type": "string" - }, - "markdownDescription": "The operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.", - "title": "SupportedOsVersions", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags that apply to the component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Uri": { - "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", - "title": "Uri", - "type": "string" - }, - "Version": { - "markdownDescription": "The component version. For example, `1.0.0` .", - "title": "Version", - "type": "string" - } + "EnvironmentOverride": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" }, - "required": [ - "Name", - "Platform", - "Version" - ], - "type": "object" + "markdownDescription": "A set of environment variables that's passed to the container on startup. See the [ContainerDefinition::environment](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-environment) parameter in the *Amazon Elastic Container Service API Reference* .", + "title": "EnvironmentOverride", + "type": "array" }, - "Type": { - "enum": [ - "AWS::ImageBuilder::Component" - ], + "Essential": { + "markdownDescription": "Indicates whether the container is vital to the container group. If an essential container fails, the entire container group restarts.", + "title": "Essential", + "type": "boolean" + }, + "HealthCheck": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck", + "markdownDescription": "A configuration for a non-terminal health check. A support container automatically restarts if it stops functioning or if it fails this health check.", + "title": "HealthCheck" + }, + "ImageUri": { + "markdownDescription": "The URI to the image that Amazon GameLift Servers deploys to a container fleet. For a more specific identifier, see `ResolvedImageDigest` .", + "title": "ImageUri", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MemoryHardLimitMebibytes": { + "markdownDescription": "The amount of memory that Amazon GameLift Servers makes available to the container. If memory limits aren't set for an individual container, the container shares the container group's total memory allocation.\n\n*Related data type:* [ContainerGroupDefinition TotalMemoryLimitMebibytes](https://docs.aws.amazon.com/gamelift/latest/apireference/API_ContainerGroupDefinition.html)", + "title": "MemoryHardLimitMebibytes", + "type": "number" + }, + "MountPoints": { + "items": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerMountPoint" + }, + "markdownDescription": "A mount point that binds a path inside the container to a file or directory on the host system and lets it access the file or directory.", + "title": "MountPoints", + "type": "array" + }, + "PortConfiguration": { + "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration", + "markdownDescription": "A set of ports that allow access to the container from external users. Processes running in the container can bind to a one of these ports. Container ports aren't directly accessed by inbound traffic. Amazon GameLift Servers maps these container ports to externally accessible connection ports, which are assigned as needed from the container fleet's `ConnectionPortRange` .", + "title": "PortConfiguration" + }, + "ResolvedImageDigest": { + "markdownDescription": "A unique and immutable identifier for the container image. The digest is a SHA 256 hash of the container image manifest.", + "title": "ResolvedImageDigest", "type": "string" + }, + "Vcpu": { + "markdownDescription": "The number of vCPU units that are reserved for the container. If no resources are reserved, the container shares the total vCPU limit for the container group.\n\n*Related data type:* [ContainerGroupDefinition TotalVcpuLimit](https://docs.aws.amazon.com/gamelift/latest/apireference/API_ContainerGroupDefinition.html)", + "title": "Vcpu", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ContainerName", + "ImageUri" ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe": { + "AWS::GameLift::Fleet": { "additionalProperties": false, "properties": { "Condition": { @@ -116777,104 +126974,140 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration" - }, - "markdownDescription": "Build and test components that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", - "title": "Components", - "type": "array" + "AnywhereConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.AnywhereConfiguration", + "markdownDescription": "Amazon GameLift Servers Anywhere configuration options.", + "title": "AnywhereConfiguration" }, - "ContainerType": { - "markdownDescription": "Specifies the type of container, such as Docker.", - "title": "ContainerType", + "ApplyCapacity": { + "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", + "title": "ApplyCapacity", + "type": "string" + }, + "BuildId": { + "markdownDescription": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a `READY` status. This fleet setting cannot be changed once the fleet is created.", + "title": "BuildId", + "type": "string" + }, + "CertificateConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.CertificateConfiguration", + "markdownDescription": "Prompts Amazon GameLift Servers to generate a TLS/SSL certificate for the fleet. Amazon GameLift Servers uses the certificates to encrypt traffic between game clients and the game servers running on Amazon GameLift Servers. By default, the `CertificateConfiguration` is `DISABLED` . You can't change this property after you create the fleet.\n\nAWS Certificate Manager (ACM) certificates expire after 13 months. Certificate expiration can cause fleets to fail, preventing players from connecting to instances in the fleet. We recommend you replace fleets before 13 months, consider using fleet aliases for a smooth transition.\n\n> ACM isn't available in all AWS regions. A fleet creation request with certificate generation enabled in an unsupported Region, fails with a 4xx error. For more information about the supported Regions, see [Supported Regions](https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateConfiguration" + }, + "ComputeType": { + "markdownDescription": "The type of compute resource used to host your game servers.\n\n- `EC2` \u2013 The game server build is deployed to Amazon EC2 instances for cloud hosting. This is the default setting.\n- `ANYWHERE` \u2013 Game servers and supporting software are deployed to compute resources that you provide and manage. With this compute type, you can also set the `AnywhereConfiguration` parameter.", + "title": "ComputeType", "type": "string" }, "Description": { - "markdownDescription": "The description of the container recipe.", + "markdownDescription": "A description for the fleet.", "title": "Description", "type": "string" }, - "DockerfileTemplateData": { - "markdownDescription": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.", - "title": "DockerfileTemplateData", - "type": "string" + "EC2InboundPermissions": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.IpPermission" + }, + "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet. Set this parameter for managed EC2 fleets. You can leave this parameter empty when creating the fleet, but you must call [](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings) to set it before players can connect to game sessions. As a best practice, we recommend opening ports for remote access only when you need them and closing them when you're finished. For Amazon GameLift Servers Realtime fleets, Amazon GameLift Servers automatically sets TCP and UDP ranges.", + "title": "EC2InboundPermissions", + "type": "array" }, - "DockerfileTemplateUri": { - "markdownDescription": "The S3 URI for the Dockerfile that will be used to build your container image.", - "title": "DockerfileTemplateUri", + "EC2InstanceType": { + "markdownDescription": "The Amazon GameLift Servers-supported Amazon EC2 instance type to use with managed EC2 fleets. Instance type determines the computing resources that will be used to host your game servers, including CPU, memory, storage, and networking capacity. See [Amazon Elastic Compute Cloud Instance Types](https://docs.aws.amazon.com/ec2/instance-types/) for detailed descriptions of Amazon EC2 instance types.", + "title": "EC2InstanceType", "type": "string" }, - "ImageOsVersionOverride": { - "markdownDescription": "Specifies the operating system version for the base image.", - "title": "ImageOsVersionOverride", + "FleetType": { + "markdownDescription": "Indicates whether to use On-Demand or Spot instances for this fleet. By default, this property is set to `ON_DEMAND` . Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . This fleet property can't be changed after the fleet is created.", + "title": "FleetType", "type": "string" }, - "InstanceConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration", - "markdownDescription": "A group of options that can be used to configure an instance for building and testing container images.", - "title": "InstanceConfiguration" + "InstanceRoleARN": { + "markdownDescription": "A unique identifier for an IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN by using the [IAM dashboard](https://docs.aws.amazon.com/iam/) in the AWS Management Console . Learn more about using on-box credentials for your game servers at [Access external resources from a game server](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", + "title": "InstanceRoleARN", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "Identifies which KMS key is used to encrypt the container image for distribution to the target Region.", - "title": "KmsKeyId", + "InstanceRoleCredentialsProvider": { + "markdownDescription": "Indicates that fleet instances maintain a shared credentials file for the IAM role defined in `InstanceRoleArn` . Shared credentials allow applications that are deployed with the game server executable to communicate with other AWS resources. This property is used only when the game server is integrated with the server SDK version 5.x. For more information about using shared credentials, see [Communicate with other AWS resources from your fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is `EC2` .", + "title": "InstanceRoleCredentialsProvider", "type": "string" }, + "Locations": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.LocationConfiguration" + }, + "markdownDescription": "A set of remote locations to deploy additional instances to and manage as a multi-location fleet. Use this parameter when creating a fleet in AWS Regions that support multiple locations. You can add any AWS Region or Local Zone that's supported by Amazon GameLift Servers. Provide a list of one or more AWS Region codes, such as `us-west-2` , or Local Zone names. When using this parameter, Amazon GameLift Servers requires you to include your home location in the request. For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Locations", + "type": "array" + }, + "MetricGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. A metric group is used to aggregate the metrics for multiple fleets. You can specify an existing metric group name or set a new name to create a new metric group. A fleet can be included in only one metric group at a time.", + "title": "MetricGroups", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the container recipe.", + "markdownDescription": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique.", "title": "Name", "type": "string" }, - "ParentImage": { - "markdownDescription": "The base image for customizations specified in the container recipe. This can contain an Image Builder image resource ARN or a container image URI, for example `amazonlinux:latest` .", - "title": "ParentImage", + "NewGameSessionProtectionPolicy": { + "markdownDescription": "The status of termination protection for active game sessions on the fleet. By default, this property is set to `NoProtection` .\n\n- *NoProtection* - Game sessions can be terminated during active gameplay as a result of a scale-down event.\n- *FullProtection* - Game sessions in `ACTIVE` status cannot be terminated during a scale-down event.", + "title": "NewGameSessionProtectionPolicy", "type": "string" }, - "PlatformOverride": { - "markdownDescription": "Specifies the operating system platform when you use a custom base image.", - "title": "PlatformOverride", + "PeerVpcAwsAccountId": { + "markdownDescription": "Used when peering your Amazon GameLift Servers fleet with a VPC, the unique identifier for the AWS account that owns the VPC. You can find your account ID in the AWS Management Console under account settings.", + "title": "PeerVpcAwsAccountId", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags that are attached to the container recipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "PeerVpcId": { + "markdownDescription": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift Servers fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the [VPC Dashboard](https://docs.aws.amazon.com/vpc/) in the AWS Management Console . Learn more about VPC peering in [VPC Peering with Amazon GameLift Servers Fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/vpc-peering.html) .", + "title": "PeerVpcId", + "type": "string" }, - "TargetRepository": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository", - "markdownDescription": "The destination repository for the container image.", - "title": "TargetRepository" + "ResourceCreationLimitPolicy": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", + "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", + "title": "ResourceCreationLimitPolicy" }, - "Version": { - "markdownDescription": "The semantic version of the container recipe.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.\n> \n> *Filtering:* With semantic versioning, you have the flexibility to use wildcards (x) to specify the most recent versions or nodes when selecting the base image or components for your recipe. When you use a wildcard in any node, all nodes to the right of the first wildcard must also be wildcards.", - "title": "Version", - "type": "string" + "RuntimeConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.RuntimeConfiguration", + "markdownDescription": "Instructions for how to launch and maintain server processes on instances in the fleet. The runtime configuration defines one or more server process configurations, each identifying a build executable or Realtime script file and the number of processes of that type to run concurrently.\n\n> The `RuntimeConfiguration` parameter is required unless the fleet is being configured using the older parameters `ServerLaunchPath` and `ServerLaunchParameters` , which are still supported for backward compatibility.", + "title": "RuntimeConfiguration" }, - "WorkingDirectory": { - "markdownDescription": "The working directory for use during build and test workflows.", - "title": "WorkingDirectory", + "ScalingPolicies": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ScalingPolicy" + }, + "markdownDescription": "Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.", + "title": "ScalingPolicies", + "type": "array" + }, + "ScriptId": { + "markdownDescription": "The unique identifier for a Realtime configuration script to be deployed on fleet instances. You can use either the script ID or ARN. Scripts must be uploaded to Amazon GameLift Servers prior to creating the fleet. This fleet property cannot be changed later.\n\n> You can't use the `!Ref` command to reference a script created with a CloudFormation template for the fleet property `ScriptId` . Instead, use `Fn::GetAtt Script.Arn` or `Fn::GetAtt Script.Id` to retrieve either of these properties as input for `ScriptId` . Alternatively, enter a `ScriptId` string manually.", + "title": "ScriptId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "Components", - "ContainerType", - "Name", - "ParentImage", - "TargetRepository", - "Version" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ContainerRecipe" + "AWS::GameLift::Fleet" ], "type": "string" }, @@ -116893,156 +127126,261 @@ ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { + "AWS::GameLift::Fleet.AnywhereConfiguration": { "additionalProperties": false, "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", + "Cost": { + "markdownDescription": "The cost to run your fleet per hour. Amazon GameLift Servers uses the provided cost of your fleet to balance usage in queues. For more information about queues, see [Setting up queues](https://docs.aws.amazon.com/gamelift/latest/developerguide/queues-intro.html) in the *Amazon GameLift Servers Developer Guide* .", + "title": "Cost", "type": "string" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentParameter" - }, - "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", - "title": "Parameters", - "type": "array" } }, + "required": [ + "Cost" + ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.ComponentParameter": { + "AWS::GameLift::Fleet.CertificateConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the component parameter to set.", - "title": "Name", + "CertificateType": { + "markdownDescription": "Indicates whether a TLS/SSL certificate is generated for a fleet.\n\nValid values include:\n\n- *GENERATED* - Generate a TLS/SSL certificate for this fleet.\n- *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet.", + "title": "CertificateType", "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named component parameter.", - "title": "Value", - "type": "array" } }, "required": [ - "Name", - "Value" + "CertificateType" ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification": { + "AWS::GameLift::Fleet.IpPermission": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Use to configure delete on termination of the associated device.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Use to configure device encryption.", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "Use to configure device IOPS.", - "title": "Iops", + "FromPort": { + "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "FromPort", "type": "number" }, - "KmsKeyId": { - "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", - "title": "KmsKeyId", + "IpRange": { + "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", + "title": "IpRange", "type": "string" }, - "SnapshotId": { - "markdownDescription": "The snapshot that defines the device contents.", - "title": "SnapshotId", + "Protocol": { + "markdownDescription": "The network communication protocol used by the fleet.", + "title": "Protocol", "type": "string" }, - "Throughput": { - "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", - "title": "Throughput", + "ToPort": { + "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "IpRange", + "Protocol", + "ToPort" + ], + "type": "object" + }, + "AWS::GameLift::Fleet.LocationCapacity": { + "additionalProperties": false, + "properties": { + "DesiredEC2Instances": { + "markdownDescription": "The number of Amazon EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. Changes in desired instance value can take up to 1 minute to be reflected when viewing the fleet's capacity settings.", + "title": "DesiredEC2Instances", "type": "number" }, - "VolumeSize": { - "markdownDescription": "Use to override the device's volume size.", - "title": "VolumeSize", + "MaxSize": { + "markdownDescription": "The maximum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 1.", + "title": "MaxSize", "type": "number" }, - "VolumeType": { - "markdownDescription": "Use to override the device's volume type.", - "title": "VolumeType", - "type": "string" + "MinSize": { + "markdownDescription": "The minimum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 0.", + "title": "MinSize", + "type": "number" } }, + "required": [ + "DesiredEC2Instances", + "MaxSize", + "MinSize" + ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping": { + "AWS::GameLift::Fleet.LocationConfiguration": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device to which these mappings apply.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification", - "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "Use to remove a mapping from the base image.", - "title": "NoDevice", + "Location": { + "markdownDescription": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting.", + "title": "Location", "type": "string" }, - "VirtualName": { - "markdownDescription": "Use to manage instance ephemeral devices.", - "title": "VirtualName", - "type": "string" + "LocationCapacity": { + "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", + "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", + "title": "LocationCapacity" } }, + "required": [ + "Location" + ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration": { + "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { "additionalProperties": false, "properties": { - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping" + "NewGameSessionsPerCreator": { + "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy is evaluated when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift Servers checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", + "title": "NewGameSessionsPerCreator", + "type": "number" + }, + "PolicyPeriodInMinutes": { + "markdownDescription": "The time span used in evaluating the resource creation limit policy.", + "title": "PolicyPeriodInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GameLift::Fleet.RuntimeConfiguration": { + "additionalProperties": false, + "properties": { + "GameSessionActivationTimeoutSeconds": { + "markdownDescription": "The maximum amount of time (in seconds) allowed to launch a new game session and have it report ready to host players. During this time, the game session is in status `ACTIVATING` . If the game session does not become active before the timeout, it is ended and the game session status is changed to `TERMINATED` .", + "title": "GameSessionActivationTimeoutSeconds", + "type": "number" + }, + "MaxConcurrentGameSessionActivations": { + "markdownDescription": "The number of game sessions in status `ACTIVATING` to allow on an instance or compute. This setting limits the instance resources that can be used for new game activations at any one time.", + "title": "MaxConcurrentGameSessionActivations", + "type": "number" + }, + "ServerProcesses": { + "items": { + "$ref": "#/definitions/AWS::GameLift::Fleet.ServerProcess" }, - "markdownDescription": "Defines the block devices to attach for building an instance from this Image Builder AMI.", - "title": "BlockDeviceMappings", + "markdownDescription": "A collection of server process configurations that identify what server processes to run on fleet computes.", + "title": "ServerProcesses", "type": "array" + } + }, + "type": "object" + }, + "AWS::GameLift::Fleet.ScalingPolicy": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", + "title": "ComparisonOperator", + "type": "string" }, - "Image": { - "markdownDescription": "The base image for a container build and test instance. This can contain an AMI ID or it can specify an AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n\nIf not specified, Image Builder uses the appropriate ECS-optimized AMI as a base image.", - "title": "Image", + "EvaluationPeriods": { + "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", + "title": "EvaluationPeriods", + "type": "number" + }, + "Location": { + "markdownDescription": "The fleet location.", + "title": "Location", + "type": "string" + }, + "MetricName": { + "markdownDescription": "Name of the Amazon GameLift Servers-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift Servers with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", + "title": "MetricName", + "type": "string" + }, + "Name": { + "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", + "title": "Name", + "type": "string" + }, + "PolicyType": { + "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", + "title": "PolicyType", + "type": "string" + }, + "ScalingAdjustment": { + "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", + "title": "ScalingAdjustment", + "type": "number" + }, + "ScalingAdjustmentType": { + "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", + "title": "ScalingAdjustmentType", + "type": "string" + }, + "Status": { + "markdownDescription": "Current status of the scaling policy. The scaling policy can be in force only when in an `ACTIVE` status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.\n\n- *ACTIVE* -- The scaling policy can be used for auto-scaling a fleet.\n- *UPDATE_REQUESTED* -- A request to update the scaling policy has been received.\n- *UPDATING* -- A change is being made to the scaling policy.\n- *DELETE_REQUESTED* -- A request to delete the scaling policy has been received.\n- *DELETING* -- The scaling policy is being deleted.\n- *DELETED* -- The scaling policy has been deleted.\n- *ERROR* -- An error occurred in creating the policy. It should be removed and recreated.", + "title": "Status", + "type": "string" + }, + "TargetConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.TargetConfiguration", + "markdownDescription": "An object that contains settings for a target-based scaling policy.", + "title": "TargetConfiguration" + }, + "Threshold": { + "markdownDescription": "Metric value used to trigger a scaling event.", + "title": "Threshold", + "type": "number" + }, + "UpdateStatus": { + "markdownDescription": "The current status of the fleet's scaling policies in a requested fleet location. The status `PENDING_UPDATE` indicates that an update was requested for the fleet but has not yet been completed for the location.", + "title": "UpdateStatus", "type": "string" } }, + "required": [ + "MetricName", + "Name" + ], "type": "object" }, - "AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository": { + "AWS::GameLift::Fleet.ServerProcess": { "additionalProperties": false, "properties": { - "RepositoryName": { - "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", - "title": "RepositoryName", + "ConcurrentExecutions": { + "markdownDescription": "The number of server processes using this configuration that run concurrently on each instance or compute.", + "title": "ConcurrentExecutions", + "type": "number" + }, + "LaunchPath": { + "markdownDescription": "The location of a game build executable or Realtime script. Game builds and Realtime scripts are installed on instances at the root:\n\n- Windows (custom game builds only): `C:\\game` . Example: \" `C:\\game\\MyGame\\server.exe` \"\n- Linux: `/local/game` . Examples: \" `/local/game/MyGame/server.exe` \" or \" `/local/game/MyRealtimeScript.js` \"\n\n> Amazon GameLift Servers doesn't support the use of setup scripts that launch the game executable. For custom game builds, this parameter must indicate the executable that calls the server SDK operations `initSDK()` and `ProcessReady()` .", + "title": "LaunchPath", "type": "string" }, - "Service": { - "markdownDescription": "Specifies the service in which this image was registered.", - "title": "Service", + "Parameters": { + "markdownDescription": "An optional list of parameters to pass to the server executable or Realtime script on launch.\n\nLength Constraints: Minimum length of 1. Maximum length of 1024.\n\nPattern: [A-Za-z0-9_:.+\\/\\\\\\- =@{},?'\\[\\]\"]+", + "title": "Parameters", "type": "string" } }, + "required": [ + "ConcurrentExecutions", + "LaunchPath" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration": { + "AWS::GameLift::Fleet.TargetConfiguration": { + "additionalProperties": false, + "properties": { + "TargetValue": { + "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", + "title": "TargetValue", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "AWS::GameLift::GameServerGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -117077,45 +127415,86 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of this distribution configuration.", - "title": "Description", + "AutoScalingPolicy": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.AutoScalingPolicy", + "markdownDescription": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. The scaling policy uses the metric `\"PercentUtilizedGameServers\"` to maintain a buffer of idle game servers that can immediately accommodate new games and players. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "AutoScalingPolicy" + }, + "BalancingStrategy": { + "markdownDescription": "Indicates how Amazon GameLift Servers FleetIQ balances the use of Spot Instances and On-Demand Instances in the game server group. Method options include the following:\n\n- `SPOT_ONLY` - Only Spot Instances are used in the game server group. If Spot Instances are unavailable or not viable for game hosting, the game server group provides no hosting capacity until Spot Instances can again be used. Until then, no new instances are started, and the existing nonviable Spot Instances are terminated (after current gameplay ends) and are not replaced.\n- `SPOT_PREFERRED` - (default value) Spot Instances are used whenever available in the game server group. If Spot Instances are unavailable, the game server group continues to provide hosting capacity by falling back to On-Demand Instances. Existing nonviable Spot Instances are terminated (after current gameplay ends) and are replaced with new On-Demand Instances.\n- `ON_DEMAND_ONLY` - Only On-Demand Instances are used in the game server group. No Spot Instances are used, even when available, while this balancing strategy is in force.", + "title": "BalancingStrategy", "type": "string" }, - "Distributions": { + "DeleteOption": { + "markdownDescription": "The type of delete to perform. To delete a game server group, specify the `DeleteOption` . Options include the following:\n\n- `SAFE_DELETE` \u2013 (default) Terminates the game server group and Amazon EC2 Auto Scaling group only when it has no game servers that are in `UTILIZED` status.\n- `FORCE_DELETE` \u2013 Terminates the game server group, including all active game servers regardless of their utilization status, and the Amazon EC2 Auto Scaling group.\n- `RETAIN` \u2013 Does a safe delete of the game server group but retains the Amazon EC2 Auto Scaling group as is.", + "title": "DeleteOption", + "type": "string" + }, + "GameServerGroupName": { + "markdownDescription": "A developer-defined identifier for the game server group. The name is unique for each Region in each AWS account.", + "title": "GameServerGroupName", + "type": "string" + }, + "GameServerProtectionPolicy": { + "markdownDescription": "A flag that indicates whether instances in the game server group are protected from early termination. Unprotected instances that have active game servers running might be terminated during a scale-down event, causing players to be dropped from the game. Protected instances cannot be terminated while there are active game servers running except in the event of a forced game server group deletion (see ). An exception to this is with Spot Instances, which can be terminated by AWS regardless of protection status.", + "title": "GameServerProtectionPolicy", + "type": "string" + }, + "InstanceDefinitions": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.Distribution" + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.InstanceDefinition" }, - "markdownDescription": "The distributions of this distribution configuration formatted as an array of Distribution objects.", - "title": "Distributions", + "markdownDescription": "The set of Amazon EC2 instance types that Amazon GameLift Servers FleetIQ can use when balancing and automatically scaling instances in the corresponding Auto Scaling group.", + "title": "InstanceDefinitions", "type": "array" }, - "Name": { - "markdownDescription": "The name of this distribution configuration.", - "title": "Name", + "LaunchTemplate": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.LaunchTemplate", + "markdownDescription": "The Amazon EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. You can specify the template using either the template name or ID. For help with creating a launch template, see [Creating a Launch Template for an Auto Scaling Group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.\n\n> If you specify network interfaces in your launch template, you must explicitly set the property `AssociatePublicIpAddress` to \"true\". If no network interface is specified in the launch template, Amazon GameLift Servers FleetIQ uses your account's default VPC.", + "title": "LaunchTemplate" + }, + "MaxSize": { + "markdownDescription": "The maximum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and EC2 do not scale up the group above this maximum. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "MaxSize", + "type": "number" + }, + "MinSize": { + "markdownDescription": "The minimum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift Servers FleetIQ and Amazon EC2 do not scale down the group below this minimum. In production, this value should be set to at least 1. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", + "title": "MinSize", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access your Amazon EC2 Auto Scaling groups.", + "title": "RoleArn", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of this distribution configuration.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of labels to assign to the new game server group resource. Tags are developer-defined key-value pairs. Tagging AWS resources is useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags, respectively. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", - "type": "object" + "type": "array" + }, + "VpcSubnets": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. By default, all Amazon GameLift Servers FleetIQ-supported Availability Zones are used. You can use this parameter to specify VPCs that you've set up. This property cannot be updated after the game server group is created, and the corresponding Auto Scaling group will always use the property value that is set with this request, even if the Auto Scaling group is updated directly.", + "title": "VpcSubnets", + "type": "array" } }, "required": [ - "Distributions", - "Name" + "GameServerGroupName", + "InstanceDefinitions", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::DistributionConfiguration" + "AWS::GameLift::GameServerGroup" ], "type": "string" }, @@ -117134,262 +127513,80 @@ ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration": { + "AWS::GameLift::GameServerGroup.AutoScalingPolicy": { "additionalProperties": false, "properties": { - "AmiTags": { - "additionalProperties": true, - "markdownDescription": "The tags to apply to AMIs distributed to this Region.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AmiTags", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the AMI distribution configuration. Minimum and maximum length are in characters.", - "title": "Description", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The KMS key identifier used to encrypt the distributed image.", - "title": "KmsKeyId", - "type": "string" - }, - "LaunchPermissionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration", - "markdownDescription": "Launch permissions can be used to configure which AWS account s can use the AMI to launch instances.", - "title": "LaunchPermissionConfiguration" - }, - "Name": { - "markdownDescription": "The name of the output AMI.", - "title": "Name", - "type": "string" + "EstimatedInstanceWarmup": { + "markdownDescription": "Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift Servers FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances.", + "title": "EstimatedInstanceWarmup", + "type": "number" }, - "TargetAccountIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of an account to which you want to distribute an image.", - "title": "TargetAccountIds", - "type": "array" + "TargetTrackingConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameServerGroup.TargetTrackingConfiguration", + "markdownDescription": "Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value.", + "title": "TargetTrackingConfiguration" } }, + "required": [ + "TargetTrackingConfiguration" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration": { + "AWS::GameLift::GameServerGroup.InstanceDefinition": { "additionalProperties": false, "properties": { - "ContainerTags": { - "items": { - "type": "string" - }, - "markdownDescription": "Tags that are attached to the container distribution configuration.", - "title": "ContainerTags", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the container distribution configuration.", - "title": "Description", + "InstanceType": { + "markdownDescription": "An Amazon EC2 instance type designation.", + "title": "InstanceType", "type": "string" }, - "TargetRepository": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository", - "markdownDescription": "The destination repository for the container distribution configuration.", - "title": "TargetRepository" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration.Distribution": { - "additionalProperties": false, - "properties": { - "AmiDistributionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration", - "markdownDescription": "The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below.", - "title": "AmiDistributionConfiguration" - }, - "ContainerDistributionConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration", - "markdownDescription": "Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below.", - "title": "ContainerDistributionConfiguration" - }, - "FastLaunchConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration" - }, - "markdownDescription": "The Windows faster-launching configurations to use for AMI distribution.", - "title": "FastLaunchConfigurations", - "type": "array" - }, - "LaunchTemplateConfigurations": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration" - }, - "markdownDescription": "A group of launchTemplateConfiguration settings that apply to image distribution for specified accounts.", - "title": "LaunchTemplateConfigurations", - "type": "array" - }, - "LicenseConfigurationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The License Manager Configuration to associate with the AMI in the specified Region. For more information, see the [LicenseConfiguration API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_LicenseConfiguration.html) .", - "title": "LicenseConfigurationArns", - "type": "array" - }, - "Region": { - "markdownDescription": "The target Region for the Distribution Configuration. For example, `eu-west-1` .", - "title": "Region", + "WeightedCapacity": { + "markdownDescription": "Instance weighting that indicates how much this instance type contributes to the total capacity of a game server group. Instance weights are used by Amazon GameLift Servers FleetIQ to calculate the instance type's cost per unit hour and better identify the most cost-effective options. For detailed information on weighting instance capacity, see [Instance Weighting](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-weighting.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . Default value is \"1\".", + "title": "WeightedCapacity", "type": "string" } }, "required": [ - "Region" + "InstanceType" ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The owner account ID for the fast-launch enabled Windows AMI.", - "title": "AccountId", - "type": "string" - }, - "Enabled": { - "markdownDescription": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to `true` to start using Windows faster launching, or `false` to stop using it.", - "title": "Enabled", - "type": "boolean" - }, - "LaunchTemplate": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification", - "markdownDescription": "The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.", - "title": "LaunchTemplate" - }, - "MaxParallelLaunches": { - "markdownDescription": "The maximum number of parallel instances that are launched for creating resources.", - "title": "MaxParallelLaunches", - "type": "number" - }, - "SnapshotConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration", - "markdownDescription": "Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.", - "title": "SnapshotConfiguration" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification": { + "AWS::GameLift::GameServerGroup.LaunchTemplate": { "additionalProperties": false, "properties": { "LaunchTemplateId": { - "markdownDescription": "The ID of the launch template to use for faster launching for a Windows AMI.", + "markdownDescription": "A unique identifier for an existing Amazon EC2 launch template.", "title": "LaunchTemplateId", "type": "string" }, "LaunchTemplateName": { - "markdownDescription": "The name of the launch template to use for faster launching for a Windows AMI.", + "markdownDescription": "A readable identifier for an existing Amazon EC2 launch template.", "title": "LaunchTemplateName", "type": "string" }, - "LaunchTemplateVersion": { - "markdownDescription": "The version of the launch template to use for faster launching for a Windows AMI.", - "title": "LaunchTemplateVersion", + "Version": { + "markdownDescription": "The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created.", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration": { + "AWS::GameLift::GameServerGroup.TargetTrackingConfiguration": { "additionalProperties": false, "properties": { - "TargetResourceCount": { - "markdownDescription": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.", - "title": "TargetResourceCount", + "TargetValue": { + "markdownDescription": "Desired value to use with a game server group target-based scaling policy.", + "title": "TargetValue", "type": "number" } }, + "required": [ + "TargetValue" + ], "type": "object" }, - "AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration": { - "additionalProperties": false, - "properties": { - "OrganizationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN for an AWS Organization that you want to share your AMI with. For more information, see [What is AWS Organizations ?](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) .", - "title": "OrganizationArns", - "type": "array" - }, - "OrganizationalUnitArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN for an AWS Organizations organizational unit (OU) that you want to share your AMI with. For more information about key concepts for AWS Organizations , see [AWS Organizations terminology and concepts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html) .", - "title": "OrganizationalUnitArns", - "type": "array" - }, - "UserGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the group.", - "title": "UserGroups", - "type": "array" - }, - "UserIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The AWS account ID.", - "title": "UserIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The account ID that this configuration applies to.", - "title": "AccountId", - "type": "string" - }, - "LaunchTemplateId": { - "markdownDescription": "Identifies the Amazon EC2 launch template to use.", - "title": "LaunchTemplateId", - "type": "string" - }, - "SetDefaultVersion": { - "markdownDescription": "Set the specified Amazon EC2 launch template as the default launch template for the specified account.", - "title": "SetDefaultVersion", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository": { - "additionalProperties": false, - "properties": { - "RepositoryName": { - "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", - "title": "RepositoryName", - "type": "string" - }, - "Service": { - "markdownDescription": "Specifies the service in which this image was registered.", - "title": "Service", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Image": { + "AWS::GameLift::GameSessionQueue": { "additionalProperties": false, "properties": { "Condition": { @@ -117424,74 +127621,69 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.", - "title": "ContainerRecipeArn", + "CustomEventData": { + "markdownDescription": "Information to be added to all events that are related to this game session queue.", + "title": "CustomEventData", "type": "string" }, - "DistributionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration that defines and configures the outputs of your pipeline.", - "title": "DistributionConfigurationArn", - "type": "string" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.GameSessionQueueDestination" + }, + "markdownDescription": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue. Destinations are identified by either a fleet ARN or a fleet alias ARN, and are listed in order of placement preference.", + "title": "Destinations", + "type": "array" }, - "EnhancedImageMetadataEnabled": { - "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", - "title": "EnhancedImageMetadataEnabled", - "type": "boolean" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.FilterConfiguration", + "markdownDescription": "A list of locations where a queue is allowed to place new game sessions. Locations are specified in the form of AWS Region codes, such as `us-west-2` . If this parameter is not set, game sessions can be placed in any queue location.", + "title": "FilterConfiguration" }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", - "title": "ExecutionRole", + "Name": { + "markdownDescription": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region.", + "title": "Name", "type": "string" }, - "ImageRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.", - "title": "ImageRecipeArn", + "NotificationTarget": { + "markdownDescription": "An SNS topic ARN that is set up to receive game session placement notifications. See [Setting up notifications for game session placement](https://docs.aws.amazon.com/gamelift/latest/developerguide/queue-notification.html) .", + "title": "NotificationTarget", "type": "string" }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageScanningConfiguration", - "markdownDescription": "Contains settings for vulnerability scans.", - "title": "ImageScanningConfiguration" - }, - "ImageTestsConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageTestsConfiguration", - "markdownDescription": "The image tests configuration of the image.", - "title": "ImageTestsConfiguration" + "PlayerLatencyPolicies": { + "items": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy" + }, + "markdownDescription": "A set of policies that enforce a sliding cap on player latency when processing game sessions placement requests. Use multiple policies to gradually relax the cap over time if Amazon GameLift Servers can't make a placement. Policies are evaluated in order starting with the lowest maximum latency value.", + "title": "PlayerLatencyPolicies", + "type": "array" }, - "InfrastructureConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration that defines the environment in which your image will be built and tested.", - "title": "InfrastructureConfigurationArn", - "type": "string" + "PriorityConfiguration": { + "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PriorityConfiguration", + "markdownDescription": "Custom settings to use when prioritizing destinations and locations for game session placements. This configuration replaces the FleetIQ default prioritization process. Priority types that are not explicitly named will be automatically applied at the end of the prioritization process.", + "title": "PriorityConfiguration" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of the image.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Workflows": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowConfiguration" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Contains an array of workflow configuration objects.", - "title": "Workflows", + "markdownDescription": "A list of labels to assign to the new game session queue resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "title": "Tags", "type": "array" + }, + "TimeoutInSeconds": { + "markdownDescription": "The maximum time, in seconds, that a new game session placement request remains in the queue. When a request exceeds this time, the game session placement changes to a `TIMED_OUT` status. If you don't specify a request timeout, the queue uses a default value.", + "title": "TimeoutInSeconds", + "type": "number" } }, "required": [ - "InfrastructureConfigurationArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Image" + "AWS::GameLift::GameSessionQueue" ], "type": "string" }, @@ -117510,106 +127702,145 @@ ], "type": "object" }, - "AWS::ImageBuilder::Image.EcrConfiguration": { + "AWS::GameLift::GameSessionQueue.FilterConfiguration": { "additionalProperties": false, "properties": { - "ContainerTags": { + "AllowedLocations": { "items": { "type": "string" }, - "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", - "title": "ContainerTags", + "markdownDescription": "A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` .", + "title": "AllowedLocations", "type": "array" - }, - "RepositoryName": { - "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", - "title": "RepositoryName", - "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::Image.ImageScanningConfiguration": { + "AWS::GameLift::GameSessionQueue.GameSessionQueueDestination": { "additionalProperties": false, "properties": { - "EcrConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.EcrConfiguration", - "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", - "title": "EcrConfiguration" - }, - "ImageScanningEnabled": { - "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", - "title": "ImageScanningEnabled", - "type": "boolean" + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions.", + "title": "DestinationArn", + "type": "string" } }, "type": "object" }, - "AWS::ImageBuilder::Image.ImageTestsConfiguration": { + "AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy": { "additionalProperties": false, "properties": { - "ImageTestsEnabled": { - "markdownDescription": "Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.", - "title": "ImageTestsEnabled", - "type": "boolean" + "MaximumIndividualPlayerLatencyMilliseconds": { + "markdownDescription": "The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property.", + "title": "MaximumIndividualPlayerLatencyMilliseconds", + "type": "number" }, - "TimeoutMinutes": { - "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", - "title": "TimeoutMinutes", + "PolicyDurationSeconds": { + "markdownDescription": "The length of time, in seconds, that the policy is enforced while placing a new game session. A null value for this property means that the policy is enforced until the queue times out.", + "title": "PolicyDurationSeconds", "type": "number" } }, "type": "object" }, - "AWS::ImageBuilder::Image.WorkflowConfiguration": { + "AWS::GameLift::GameSessionQueue.PriorityConfiguration": { "additionalProperties": false, "properties": { - "OnFailure": { - "markdownDescription": "The action to take if the workflow fails.", - "title": "OnFailure", - "type": "string" - }, - "ParallelGroup": { - "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", - "title": "ParallelGroup", - "type": "string" - }, - "Parameters": { + "LocationOrder": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowParameter" + "type": "string" }, - "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", - "title": "Parameters", + "markdownDescription": "The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations can include AWS Region codes (such as `us-west-2` ), local zones, and custom locations (for Anywhere fleets). Each location must be listed only once. For details, see [Amazon GameLift Servers service locations.](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html)", + "title": "LocationOrder", "type": "array" }, - "WorkflowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", - "title": "WorkflowArn", - "type": "string" + "PriorityOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "A custom sequence to use when prioritizing where to place new game sessions. Each priority type is listed once.\n\n- `LATENCY` -- Amazon GameLift Servers prioritizes locations where the average player latency is lowest. Player latency data is provided in each game session placement request.\n- `COST` -- Amazon GameLift Servers prioritizes queue destinations with the lowest current hosting costs. Cost is evaluated based on the destination's location, instance type, and fleet type (Spot or On-Demand).\n- `DESTINATION` -- Amazon GameLift Servers prioritizes based on the list order of destinations in the queue configuration.\n- `LOCATION` -- Amazon GameLift Servers prioritizes based on the provided order of locations, as defined in `LocationOrder` .", + "title": "PriorityOrder", + "type": "array" } }, "type": "object" }, - "AWS::ImageBuilder::Image.WorkflowParameter": { + "AWS::GameLift::Location": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the workflow parameter to set.", - "title": "Name", + "Condition": { "type": "string" }, - "Value": { - "items": { - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LocationName": { + "markdownDescription": "A descriptive name for the custom location.", + "title": "LocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of labels to assign to the new resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Rareference* .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Sets the value for the named workflow parameter.", - "title": "Value", - "type": "array" + "required": [ + "LocationName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::GameLift::Location" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline": { + "AWS::GameLift::MatchmakingConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -117644,95 +127875,112 @@ "Properties": { "additionalProperties": false, "properties": { - "ContainerRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that is used for this pipeline.", - "title": "ContainerRecipeArn", - "type": "string" + "AcceptanceRequired": { + "markdownDescription": "A flag that determines whether a match that was created with this configuration must be accepted by the matched players. To require acceptance, set to `TRUE` . With this option enabled, matchmaking tickets use the status `REQUIRES_ACCEPTANCE` to indicate when a completed potential match is waiting for player acceptance.", + "title": "AcceptanceRequired", + "type": "boolean" }, - "Description": { - "markdownDescription": "The description of this image pipeline.", - "title": "Description", - "type": "string" + "AcceptanceTimeoutSeconds": { + "markdownDescription": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.", + "title": "AcceptanceTimeoutSeconds", + "type": "number" }, - "DistributionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline.", - "title": "DistributionConfigurationArn", + "AdditionalPlayerCount": { + "markdownDescription": "The number of player slots in a match to keep open for future players. For example, if the configuration's rule set specifies a match for a single 12-person team, and the additional player count is set to 2, only 10 players are selected for the match. This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "AdditionalPlayerCount", + "type": "number" + }, + "BackfillMode": { + "markdownDescription": "The method used to backfill game sessions that are created with this matchmaking configuration. Specify `MANUAL` when your game manages backfill requests manually or does not use the match backfill feature. Specify `AUTOMATIC` to have GameLift create a `StartMatchBackfill` request whenever a game session has one or more open slots. Learn more about manual and automatic backfill in [Backfill Existing Games with FlexMatch](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-backfill.html) . Automatic backfill is not available when `FlexMatchMode` is set to `STANDALONE` .", + "title": "BackfillMode", "type": "string" }, - "EnhancedImageMetadataEnabled": { - "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", - "title": "EnhancedImageMetadataEnabled", - "type": "boolean" + "CreationTime": { + "markdownDescription": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example `\"1469498468.057\"` ).", + "title": "CreationTime", + "type": "string" }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", - "title": "ExecutionRole", + "CustomEventData": { + "markdownDescription": "Information to add to all events related to the matchmaking configuration.", + "title": "CustomEventData", "type": "string" }, - "ImageRecipeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe associated with this image pipeline.", - "title": "ImageRecipeArn", + "Description": { + "markdownDescription": "A description for the matchmaking configuration.", + "title": "Description", "type": "string" }, - "ImageScanningConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration", - "markdownDescription": "Contains settings for vulnerability scans.", - "title": "ImageScanningConfiguration" + "FlexMatchMode": { + "markdownDescription": "Indicates whether this matchmaking configuration is being used with Amazon GameLift Servers hosting or as a standalone matchmaking solution.\n\n- *STANDALONE* - FlexMatch forms matches and returns match information, including players and team assignments, in a [MatchmakingSucceeded](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-events.html#match-events-matchmakingsucceeded) event.\n- *WITH_QUEUE* - FlexMatch forms matches and uses the specified Amazon GameLift Servers queue to start a game session for the match.", + "title": "FlexMatchMode", + "type": "string" }, - "ImageTestsConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration", - "markdownDescription": "The configuration of the image tests that run after image creation to ensure the quality of the image that was created.", - "title": "ImageTestsConfiguration" + "GameProperties": { + "items": { + "$ref": "#/definitions/AWS::GameLift::MatchmakingConfiguration.GameProperty" + }, + "markdownDescription": "A set of custom properties for a game session, formatted as key-value pairs. These properties are passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "GameProperties", + "type": "array" }, - "InfrastructureConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline.", - "title": "InfrastructureConfigurationArn", + "GameSessionData": { + "markdownDescription": "A set of custom game session properties, formatted as a single string value. This data is passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", + "title": "GameSessionData", "type": "string" }, + "GameSessionQueueArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) that is assigned to a Amazon GameLift Servers game session queue resource and uniquely identifies it. ARNs are unique across all Regions. Format is `arn:aws:gamelift:::gamesessionqueue/` . Queues can be located in any Region. Queues are used to start new Amazon GameLift Servers-hosted game sessions for matches that are created with this matchmaking configuration. If `FlexMatchMode` is set to `STANDALONE` , do not set this parameter.", + "title": "GameSessionQueueArns", + "type": "array" + }, "Name": { - "markdownDescription": "The name of the image pipeline.", + "markdownDescription": "A unique identifier for the matchmaking configuration. This name is used to identify the configuration associated with a matchmaking request or ticket.", "title": "Name", "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.Schedule", - "markdownDescription": "The schedule of the image pipeline. A schedule configures how often and when a pipeline automatically creates a new image.", - "title": "Schedule" + "NotificationTarget": { + "markdownDescription": "An SNS topic ARN that is set up to receive matchmaking notifications. See [Setting up notifications for matchmaking](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-notification.html) for more information.", + "title": "NotificationTarget", + "type": "string" }, - "Status": { - "markdownDescription": "The status of the image pipeline.", - "title": "Status", + "RequestTimeoutSeconds": { + "markdownDescription": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out. Requests that fail due to timing out can be resubmitted as needed.", + "title": "RequestTimeoutSeconds", + "type": "number" + }, + "RuleSetArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) associated with the GameLift matchmaking rule set resource that this configuration uses.", + "title": "RuleSetArn", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of this image pipeline.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "RuleSetName": { + "markdownDescription": "A unique identifier for the matchmaking rule set to use with this configuration. You can use either the rule set name or ARN value. A matchmaking configuration can only use rule sets that are defined in the same Region.", + "title": "RuleSetName", + "type": "string" }, - "Workflows": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Contains the workflows that run for the image pipeline.", - "title": "Workflows", + "markdownDescription": "A list of labels to assign to the new matchmaking configuration resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "title": "Tags", "type": "array" } }, "required": [ - "InfrastructureConfigurationArn", - "Name" + "AcceptanceRequired", + "Name", + "RequestTimeoutSeconds", + "RuleSetName" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ImagePipeline" + "AWS::GameLift::MatchmakingConfiguration" ], "type": "string" }, @@ -117751,122 +127999,27 @@ ], "type": "object" }, - "AWS::ImageBuilder::ImagePipeline.EcrConfiguration": { - "additionalProperties": false, - "properties": { - "ContainerTags": { - "items": { - "type": "string" - }, - "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", - "title": "ContainerTags", - "type": "array" - }, - "RepositoryName": { - "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", - "title": "RepositoryName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration": { - "additionalProperties": false, - "properties": { - "EcrConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.EcrConfiguration", - "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", - "title": "EcrConfiguration" - }, - "ImageScanningEnabled": { - "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", - "title": "ImageScanningEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration": { - "additionalProperties": false, - "properties": { - "ImageTestsEnabled": { - "markdownDescription": "Defines if tests should be executed when building this image. For example, `true` or `false` .", - "title": "ImageTestsEnabled", - "type": "boolean" - }, - "TimeoutMinutes": { - "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", - "title": "TimeoutMinutes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImagePipeline.Schedule": { - "additionalProperties": false, - "properties": { - "PipelineExecutionStartCondition": { - "markdownDescription": "The condition configures when the pipeline should trigger a new image build. When the `pipelineExecutionStartCondition` is set to `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE` , and you use semantic version filters on the base image or components in your image recipe, Image Builder will build a new image only when there are new versions of the image or components in your recipe that match the semantic version filter. When it is set to `EXPRESSION_MATCH_ONLY` , it will build a new image every time the CRON expression matches the current time. For semantic version syntax, see [CreateComponent](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html) in the *Image Builder API Reference* .", - "title": "PipelineExecutionStartCondition", - "type": "string" - }, - "ScheduleExpression": { - "markdownDescription": "The cron expression determines how often EC2 Image Builder evaluates your `pipelineExecutionStartCondition` .\n\nFor information on how to format a cron expression in Image Builder, see [Use cron expressions in EC2 Image Builder](https://docs.aws.amazon.com/imagebuilder/latest/userguide/image-builder-cron.html) .", - "title": "ScheduleExpression", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration": { - "additionalProperties": false, - "properties": { - "OnFailure": { - "markdownDescription": "The action to take if the workflow fails.", - "title": "OnFailure", - "type": "string" - }, - "ParallelGroup": { - "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", - "title": "ParallelGroup", - "type": "string" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowParameter" - }, - "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", - "title": "Parameters", - "type": "array" - }, - "WorkflowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", - "title": "WorkflowArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImagePipeline.WorkflowParameter": { + "AWS::GameLift::MatchmakingConfiguration.GameProperty": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the workflow parameter to set.", - "title": "Name", + "Key": { + "markdownDescription": "The game property identifier.", + "title": "Key", "type": "string" }, "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named workflow parameter.", + "markdownDescription": "The game property value.", "title": "Value", - "type": "array" + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::ImageBuilder::ImageRecipe": { + "AWS::GameLift::MatchmakingRuleSet": { "additionalProperties": false, "properties": { "Condition": { @@ -117901,75 +128054,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInstanceConfiguration": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration", - "markdownDescription": "Before you create a new AMI, Image Builder launches temporary Amazon EC2 instances to build and test your image configuration. Instance configuration adds a layer of control over those instances. You can define settings and add scripts to run when an instance is launched from your AMI.", - "title": "AdditionalInstanceConfiguration" - }, - "BlockDeviceMappings": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping" - }, - "markdownDescription": "The block device mappings to apply when creating images from this recipe.", - "title": "BlockDeviceMappings", - "type": "array" - }, - "Components": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentConfiguration" - }, - "markdownDescription": "The components that are included in the image recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", - "title": "Components", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the image recipe.", - "title": "Description", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the image recipe.", + "markdownDescription": "A unique identifier for the matchmaking rule set. A matchmaking configuration identifies the rule set it uses by this name value. Note that the rule set name is different from the optional `name` field in the rule set body.", "title": "Name", "type": "string" }, - "ParentImage": { - "markdownDescription": "The base image for customizations specified in the image recipe. You can specify the parent image using one of the following options:\n\n- AMI ID\n- Image Builder image Amazon Resource Name (ARN)\n- AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n- AWS Marketplace product ID", - "title": "ParentImage", + "RuleSetBody": { + "markdownDescription": "A collection of matchmaking rules, formatted as a JSON string. Comments are not allowed in JSON, but most elements support a description field.", + "title": "RuleSetBody", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags of the image recipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of labels to assign to the new matchmaking rule set resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", - "type": "object" - }, - "Version": { - "markdownDescription": "The version of the image recipe.", - "title": "Version", - "type": "string" - }, - "WorkingDirectory": { - "markdownDescription": "The working directory to be used during build and test workflows.", - "title": "WorkingDirectory", - "type": "string" + "type": "array" } }, "required": [ - "Components", "Name", - "ParentImage", - "Version" + "RuleSetBody" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::ImageRecipe" + "AWS::GameLift::MatchmakingRuleSet" ], "type": "string" }, @@ -117988,148 +128100,7 @@ ], "type": "object" }, - "AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration": { - "additionalProperties": false, - "properties": { - "SystemsManagerAgent": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent", - "markdownDescription": "Contains settings for the Systems Manager agent on your build instance.", - "title": "SystemsManagerAgent" - }, - "UserDataOverride": { - "markdownDescription": "Use this property to provide commands or a command script to run when you launch your build instance.\n\nThe userDataOverride property replaces any commands that Image Builder might have added to ensure that Systems Manager is installed on your Linux build instance. If you override the user data, make sure that you add commands to install Systems Manager, if it is not pre-installed on your base image.\n\n> The user data is always base 64 encoded. For example, the following commands are encoded as `IyEvYmluL2Jhc2gKbWtkaXIgLXAgL3Zhci9iYi8KdG91Y2ggL3Zhci$` :\n> \n> *#!/bin/bash*\n> \n> mkdir -p /var/bb/\n> \n> touch /var", - "title": "UserDataOverride", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.ComponentConfiguration": { - "additionalProperties": false, - "properties": { - "ComponentArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the component.", - "title": "ComponentArn", - "type": "string" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentParameter" - }, - "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", - "title": "Parameters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.ComponentParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the component parameter to set.", - "title": "Name", - "type": "string" - }, - "Value": { - "items": { - "type": "string" - }, - "markdownDescription": "Sets the value for the named component parameter.", - "title": "Value", - "type": "array" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification": { - "additionalProperties": false, - "properties": { - "DeleteOnTermination": { - "markdownDescription": "Configures delete on termination of the associated device.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Encrypted": { - "markdownDescription": "Use to configure device encryption.", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "Use to configure device IOPS.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", - "title": "KmsKeyId", - "type": "string" - }, - "SnapshotId": { - "markdownDescription": "The snapshot that defines the device contents.", - "title": "SnapshotId", - "type": "string" - }, - "Throughput": { - "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", - "title": "Throughput", - "type": "number" - }, - "VolumeSize": { - "markdownDescription": "Overrides the volume size of the device.", - "title": "VolumeSize", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "Overrides the volume type of the device.", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "markdownDescription": "The device to which these mappings apply.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification", - "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "Enter an empty string to remove a mapping from the parent image.\n\nThe following is an example of an empty string value in the `NoDevice` field.\n\n`NoDevice:\"\"`", - "title": "NoDevice", - "type": "string" - }, - "VirtualName": { - "markdownDescription": "Manages the instance ephemeral devices.", - "title": "VirtualName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent": { - "additionalProperties": false, - "properties": { - "UninstallAfterBuild": { - "markdownDescription": "Controls whether the Systems Manager agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false.", - "title": "UninstallAfterBuild", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::InfrastructureConfiguration": { + "AWS::GameLift::Script": { "additionalProperties": false, "properties": { "Condition": { @@ -118164,99 +128135,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the infrastructure configuration.", - "title": "Description", - "type": "string" - }, - "InstanceMetadataOptions": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions", - "markdownDescription": "The instance metadata options that you can set for the HTTP requests that pipeline builds use to launch EC2 build and test instances.", - "title": "InstanceMetadataOptions" - }, - "InstanceProfileName": { - "markdownDescription": "The instance profile to associate with the instance used to customize your Amazon EC2 AMI.", - "title": "InstanceProfileName", - "type": "string" - }, - "InstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The instance types of the infrastructure configuration. You can specify one or more instance types to use for this build. The service will pick one of these instance types based on availability.", - "title": "InstanceTypes", - "type": "array" - }, - "KeyPair": { - "markdownDescription": "The key pair of the infrastructure configuration. You can use this to log on to and debug the instance used to create your image.", - "title": "KeyPair", - "type": "string" - }, - "Logging": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Logging", - "markdownDescription": "The logging configuration of the infrastructure configuration.", - "title": "Logging" - }, "Name": { - "markdownDescription": "The name of the infrastructure configuration.", + "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", "title": "Name", "type": "string" }, - "ResourceTags": { - "additionalProperties": true, - "markdownDescription": "The metadata tags to assign to the Amazon EC2 instance that Image Builder launches during the build process. Tags are formatted as key value pairs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ResourceTags", - "type": "object" + "StorageLocation": { + "$ref": "#/definitions/AWS::GameLift::Script.S3Location", + "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift Servers to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift Servers uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", + "title": "StorageLocation" }, - "SecurityGroupIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The security group IDs to associate with the instance used to customize your Amazon EC2 AMI.", - "title": "SecurityGroupIds", + "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "title": "Tags", "type": "array" }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.\n\n> EC2 Image Builder is unable to send notifications to SNS topics that are encrypted using keys from other accounts. The key that is used to encrypt the SNS topic must reside in the account that the Image Builder service runs under.", - "title": "SnsTopicArn", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The subnet ID in which to place the instance used to customize your Amazon EC2 AMI.", - "title": "SubnetId", + "Version": { + "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", + "title": "Version", "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The metadata tags to assign to the infrastructure configuration resource that Image Builder creates as output. Tags are formatted as key value pairs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "TerminateInstanceOnFailure": { - "markdownDescription": "The terminate instance on failure setting of the infrastructure configuration. Set to false if you want Image Builder to retain the instance used to configure your AMI if the build or test phase of your workflow fails.", - "title": "TerminateInstanceOnFailure", - "type": "boolean" } }, "required": [ - "InstanceProfileName", - "Name" + "StorageLocation" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::InfrastructureConfiguration" + "AWS::GameLift::Script" ], "type": "string" }, @@ -118275,50 +128185,38 @@ ], "type": "object" }, - "AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions": { + "AWS::GameLift::Script.S3Location": { "additionalProperties": false, "properties": { - "HttpPutResponseHopLimit": { - "markdownDescription": "Limit the number of hops that an instance metadata request can traverse to reach its destination. The default is one hop. However, if HTTP tokens are required, container image builds need a minimum of two hops.", - "title": "HttpPutResponseHopLimit", - "type": "number" + "Bucket": { + "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift Servers doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "title": "Bucket", + "type": "string" }, - "HttpTokens": { - "markdownDescription": "Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows:\n\n- *required* \u2013 When you retrieve the IAM role credentials, version 2.0 credentials are returned in all cases.\n- *optional* \u2013 You can include a signed token header in your request to retrieve instance metadata, or you can leave it out. If you include it, version 2.0 credentials are returned for the IAM role. Otherwise, version 1.0 credentials are returned.\n\nThe default setting is *optional* .", - "title": "HttpTokens", + "Key": { + "markdownDescription": "The name of the zip file that contains the build files or script files.", + "title": "Key", "type": "string" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::InfrastructureConfiguration.Logging": { - "additionalProperties": false, - "properties": { - "S3Logs": { - "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.S3Logs", - "markdownDescription": "The Amazon S3 logging configuration.", - "title": "S3Logs" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::InfrastructureConfiguration.S3Logs": { - "additionalProperties": false, - "properties": { - "S3BucketName": { - "markdownDescription": "The S3 bucket in which to store the logs.", - "title": "S3BucketName", + }, + "ObjectVersion": { + "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift Servers uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", + "title": "ObjectVersion", "type": "string" }, - "S3KeyPrefix": { - "markdownDescription": "The Amazon S3 path to the bucket where the logs are stored.", - "title": "S3KeyPrefix", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift Servers to access the S3 bucket.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "Bucket", + "Key", + "RoleArn" + ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy": { + "AWS::GlobalAccelerator::Accelerator": { "additionalProperties": false, "properties": { "Condition": { @@ -118353,68 +128251,46 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Optional description for the lifecycle policy.", - "title": "Description", - "type": "string" - }, - "ExecutionRole": { - "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to run lifecycle actions.", - "title": "ExecutionRole", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n\nIf the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.", + "title": "Enabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the lifecycle policy to create.", - "title": "Name", + "IpAddressType": { + "markdownDescription": "The IP address type that an accelerator supports. For a standard accelerator, the value can be IPV4 or DUAL_STACK.", + "title": "IpAddressType", "type": "string" }, - "PolicyDetails": { + "IpAddresses": { "items": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.PolicyDetail" + "type": "string" }, - "markdownDescription": "Configuration details for the lifecycle policy rules.", - "title": "PolicyDetails", + "markdownDescription": "Optionally, if you've added your own IP address pool to Global Accelerator (BYOIP), you can choose IP addresses from your own pool to use for the accelerator's static IP addresses when you create an accelerator. You can specify one or two addresses, separated by a comma. Do not include the /32 suffix.\n\nOnly one IP address from each of your IP address ranges can be used for each accelerator. If you specify only one IP address from your IP address range, Global Accelerator assigns a second static IP address for the accelerator from the AWS IP address pool.\n\nNote that you can't update IP addresses for an existing accelerator. To change them, you must create a new accelerator with the new addresses.\n\nFor more information, see [Bring Your Own IP Addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "IpAddresses", "type": "array" }, - "ResourceSelection": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ResourceSelection", - "markdownDescription": "Selection criteria for the resources that the lifecycle policy applies to.", - "title": "ResourceSelection" - }, - "ResourceType": { - "markdownDescription": "The type of Image Builder resource that the lifecycle policy applies to.", - "title": "ResourceType", - "type": "string" - }, - "Status": { - "markdownDescription": "Indicates whether the lifecycle policy resource is enabled.", - "title": "Status", + "Name": { + "markdownDescription": "The name of the accelerator. The name must contain only alphanumeric characters or hyphens (-), and must not begin or end with a hyphen.", + "title": "Name", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags to apply to the lifecycle policy resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "ExecutionRole", - "Name", - "PolicyDetails", - "ResourceSelection", - "ResourceType" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::LifecyclePolicy" + "AWS::GlobalAccelerator::Accelerator" ], "type": "string" }, @@ -118433,232 +128309,7 @@ ], "type": "object" }, - "AWS::ImageBuilder::LifecyclePolicy.Action": { - "additionalProperties": false, - "properties": { - "IncludeResources": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.IncludeResources", - "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", - "title": "IncludeResources" - }, - "Type": { - "markdownDescription": "Specifies the lifecycle action to take.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules": { - "additionalProperties": false, - "properties": { - "IsPublic": { - "markdownDescription": "Configures whether public AMIs are excluded from the lifecycle action.", - "title": "IsPublic", - "type": "boolean" - }, - "LastLaunched": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.LastLaunched", - "markdownDescription": "Specifies configuration details for Image Builder to exclude the most recent resources from lifecycle actions.", - "title": "LastLaunched" - }, - "Regions": { - "items": { - "type": "string" - }, - "markdownDescription": "Configures AWS Region s that are excluded from the lifecycle action.", - "title": "Regions", - "type": "array" - }, - "SharedAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies AWS account s whose resources are excluded from the lifecycle action.", - "title": "SharedAccounts", - "type": "array" - }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "Lists tags that should be excluded from lifecycle actions for the AMIs that have them.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TagMap", - "type": "object" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::LifecyclePolicy.ExclusionRules": { - "additionalProperties": false, - "properties": { - "Amis": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules", - "markdownDescription": "Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action.", - "title": "Amis" - }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "Contains a list of tags that Image Builder uses to skip lifecycle actions for Image Builder image resources that have them.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TagMap", - "type": "object" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::LifecyclePolicy.Filter": { - "additionalProperties": false, - "properties": { - "RetainAtLeast": { - "markdownDescription": "For age-based filters, this is the number of resources to keep on hand after the lifecycle `DELETE` action is applied. Impacted resources are only deleted if you have more than this number of resources. If you have fewer resources than this number, the impacted resource is not deleted.", - "title": "RetainAtLeast", - "type": "number" - }, - "Type": { - "markdownDescription": "Filter resources based on either `age` or `count` .", - "title": "Type", - "type": "string" - }, - "Unit": { - "markdownDescription": "Defines the unit of time that the lifecycle policy uses to determine impacted resources. This is required for age-based rules.", - "title": "Unit", - "type": "string" - }, - "Value": { - "markdownDescription": "The number of units for the time period or for the count. For example, a value of `6` might refer to six months or six AMIs.\n\n> For count-based filters, this value represents the minimum number of resources to keep on hand. If you have fewer resources than this number, the resource is excluded from lifecycle actions.", - "title": "Value", - "type": "number" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::ImageBuilder::LifecyclePolicy.IncludeResources": { - "additionalProperties": false, - "properties": { - "Amis": { - "markdownDescription": "Specifies whether the lifecycle action should apply to distributed AMIs.", - "title": "Amis", - "type": "boolean" - }, - "Containers": { - "markdownDescription": "Specifies whether the lifecycle action should apply to distributed containers.", - "title": "Containers", - "type": "boolean" - }, - "Snapshots": { - "markdownDescription": "Specifies whether the lifecycle action should apply to snapshots associated with distributed AMIs.", - "title": "Snapshots", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::LifecyclePolicy.LastLaunched": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "Defines the unit of time that the lifecycle policy uses to calculate elapsed time since the last instance launched from the AMI. For example: days, weeks, months, or years.", - "title": "Unit", - "type": "string" - }, - "Value": { - "markdownDescription": "The integer number of units for the time period. For example `6` (months).", - "title": "Value", - "type": "number" - } - }, - "required": [ - "Unit", - "Value" - ], - "type": "object" - }, - "AWS::ImageBuilder::LifecyclePolicy.PolicyDetail": { - "additionalProperties": false, - "properties": { - "Action": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Action", - "markdownDescription": "Configuration details for the policy action.", - "title": "Action" - }, - "ExclusionRules": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ExclusionRules", - "markdownDescription": "Additional rules to specify resources that should be exempt from policy actions.", - "title": "ExclusionRules" - }, - "Filter": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Filter", - "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", - "title": "Filter" - } - }, - "required": [ - "Action", - "Filter" - ], - "type": "object" - }, - "AWS::ImageBuilder::LifecyclePolicy.RecipeSelection": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of an Image Builder recipe that the lifecycle policy uses for resource selection.", - "title": "Name", - "type": "string" - }, - "SemanticVersion": { - "markdownDescription": "The version of the Image Builder recipe specified by the `name` field.", - "title": "SemanticVersion", - "type": "string" - } - }, - "required": [ - "Name", - "SemanticVersion" - ], - "type": "object" - }, - "AWS::ImageBuilder::LifecyclePolicy.ResourceSelection": { - "additionalProperties": false, - "properties": { - "Recipes": { - "items": { - "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.RecipeSelection" - }, - "markdownDescription": "A list of recipes that are used as selection criteria for the output images that the lifecycle policy applies to.", - "title": "Recipes", - "type": "array" - }, - "TagMap": { - "additionalProperties": true, - "markdownDescription": "A list of tags that are used as selection criteria for the Image Builder image resources that the lifecycle policy applies to.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TagMap", - "type": "object" - } - }, - "type": "object" - }, - "AWS::ImageBuilder::Workflow": { + "AWS::GlobalAccelerator::CrossAccountAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -118693,68 +128344,44 @@ "Properties": { "additionalProperties": false, "properties": { - "ChangeDescription": { - "markdownDescription": "Describes what change has been made in this version of the workflow, or what makes this version different from other versions of the workflow.", - "title": "ChangeDescription", - "type": "string" - }, - "Data": { - "markdownDescription": "Contains the UTF-8 encoded YAML document content for the workflow. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", - "title": "Data", - "type": "string" - }, - "Description": { - "markdownDescription": "Describes the workflow.", - "title": "Description", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key that is used to encrypt this workflow resource.", - "title": "KmsKeyId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the workflow to create.", + "markdownDescription": "The name of the cross-account attachment.", "title": "Name", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags that apply to the workflow resource.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Principals": { + "items": { + "type": "string" }, - "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "The phase in the image build process for which the workflow resource is responsible.", - "title": "Type", - "type": "string" + "markdownDescription": "The principals included in the cross-account attachment.", + "title": "Principals", + "type": "array" }, - "Uri": { - "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", - "title": "Uri", - "type": "string" + "Resources": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::CrossAccountAttachment.Resource" + }, + "markdownDescription": "The resources included in the cross-account attachment.", + "title": "Resources", + "type": "array" }, - "Version": { - "markdownDescription": "The semantic version of this workflow resource. The semantic version syntax adheres to the following rules.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.", - "title": "Version", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "Name", - "Type", - "Version" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ImageBuilder::Workflow" + "AWS::GlobalAccelerator::CrossAccountAttachment" ], "type": "string" }, @@ -118773,75 +128400,28 @@ ], "type": "object" }, - "AWS::Inspector::AssessmentTarget": { + "AWS::GlobalAccelerator::CrossAccountAttachment.Resource": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Cidr": { + "markdownDescription": "An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in AWS Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator\n\nFor more information, see [Bring your own IP addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the AWS Global Accelerator Developer Guide.", + "title": "Cidr", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssessmentTargetName": { - "markdownDescription": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", - "title": "AssessmentTargetName", - "type": "string" - }, - "ResourceGroupArn": { - "markdownDescription": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target.", - "title": "ResourceGroupArn", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Inspector::AssessmentTarget" - ], + "EndpointId": { + "markdownDescription": "The endpoint ID for the endpoint that is specified as a AWS resource.\n\nAn endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.", + "title": "EndpointId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Region": { + "markdownDescription": "The AWS Region where a shared endpoint resource is located.", + "title": "Region", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Inspector::AssessmentTemplate": { + "AWS::GlobalAccelerator::EndpointGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -118876,48 +128456,72 @@ "Properties": { "additionalProperties": false, "properties": { - "AssessmentTargetArn": { - "markdownDescription": "The ARN of the assessment target to be included in the assessment template.", - "title": "AssessmentTargetArn", + "EndpointConfigurations": { + "items": { + "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration" + }, + "markdownDescription": "The list of endpoint objects.", + "title": "EndpointConfigurations", + "type": "array" + }, + "EndpointGroupRegion": { + "markdownDescription": "The AWS Regions where the endpoint group is located.", + "title": "EndpointGroupRegion", "type": "string" }, - "AssessmentTemplateName": { - "markdownDescription": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.", - "title": "AssessmentTemplateName", + "HealthCheckIntervalSeconds": { + "markdownDescription": "The time\u201410 seconds or 30 seconds\u2014between health checks for each endpoint. The default value is 30.", + "title": "HealthCheckIntervalSeconds", + "type": "number" + }, + "HealthCheckPath": { + "markdownDescription": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/).", + "title": "HealthCheckPath", "type": "string" }, - "DurationInSeconds": { - "markdownDescription": "The duration of the assessment run in seconds.", - "title": "DurationInSeconds", + "HealthCheckPort": { + "markdownDescription": "The port that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group.\n\nThe default port is the port for the listener that this endpoint group is associated with. If the listener port is a list, Global Accelerator uses the first specified port in the list of ports.", + "title": "HealthCheckPort", "type": "number" }, - "RulesPackageArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the rules packages that you want to use in the assessment template.", - "title": "RulesPackageArns", - "type": "array" + "HealthCheckProtocol": { + "markdownDescription": "The protocol that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group. The default value is TCP.", + "title": "HealthCheckProtocol", + "type": "string" }, - "UserAttributesForFindings": { + "ListenerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", + "title": "ListenerArn", + "type": "string" + }, + "PortOverrides": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.PortOverride" }, - "markdownDescription": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.", - "title": "UserAttributesForFindings", + "markdownDescription": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on.", + "title": "PortOverrides", "type": "array" + }, + "ThresholdCount": { + "markdownDescription": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.", + "title": "ThresholdCount", + "type": "number" + }, + "TrafficDialPercentage": { + "markdownDescription": "The percentage of traffic to send to an AWS Regions . Additional traffic is distributed to other endpoint groups for this listener.\n\nUse this action to increase (dial up) or decrease (dial down) traffic to a specific Region. The percentage is applied to the traffic that would otherwise have been routed to the Region based on optimal routing.\n\nThe default value is 100.", + "title": "TrafficDialPercentage", + "type": "number" } }, "required": [ - "AssessmentTargetArn", - "DurationInSeconds", - "RulesPackageArns" + "EndpointGroupRegion", + "ListenerArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Inspector::AssessmentTemplate" + "AWS::GlobalAccelerator::EndpointGroup" ], "type": "string" }, @@ -118936,7 +128540,56 @@ ], "type": "object" }, - "AWS::Inspector::ResourceGroup": { + "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { + "additionalProperties": false, + "properties": { + "AttachmentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cross-account attachment that specifies the endpoints (resources) that can be added to accelerators and principals that have permission to add the endpoints.", + "title": "AttachmentArn", + "type": "string" + }, + "ClientIPPreservationEnabled": { + "markdownDescription": "Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint. The value is true or false. The default value is true for new accelerators.\n\nIf the value is set to true, the client's IP address is preserved in the `X-Forwarded-For` request header as traffic travels to applications on the Application Load Balancer endpoint fronted by the accelerator.\n\nFor more information, see [Preserve Client IP Addresses](https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "ClientIPPreservationEnabled", + "type": "boolean" + }, + "EndpointId": { + "markdownDescription": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID. For Amazon EC2 instances, this is the EC2 instance ID. A resource must be valid and active when you add it as an endpoint.\n\nFor cross-account endpoints, this must be the ARN of the resource.", + "title": "EndpointId", + "type": "string" + }, + "Weight": { + "markdownDescription": "The weight associated with the endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. For example, you might specify endpoint weights of 4, 5, 5, and 6 (sum=20). The result is that 4/20 of your traffic, on average, is routed to the first endpoint, 5/20 is routed both to the second and third endpoints, and 6/20 is routed to the last endpoint. For more information, see [Endpoint Weights](https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html) in the *AWS Global Accelerator Developer Guide* .", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "EndpointId" + ], + "type": "object" + }, + "AWS::GlobalAccelerator::EndpointGroup.PortOverride": { + "additionalProperties": false, + "properties": { + "EndpointPort": { + "markdownDescription": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance.", + "title": "EndpointPort", + "type": "number" + }, + "ListenerPort": { + "markdownDescription": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on.", + "title": "ListenerPort", + "type": "number" + } + }, + "required": [ + "EndpointPort", + "ListenerPort" + ], + "type": "object" + }, + "AWS::GlobalAccelerator::Listener": { "additionalProperties": false, "properties": { "Condition": { @@ -118971,23 +128624,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceGroupTags": { + "AcceleratorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of your accelerator.", + "title": "AcceleratorArn", + "type": "string" + }, + "ClientAffinity": { + "markdownDescription": "Client affinity lets you direct all requests from a user to the same endpoint, if you have stateful applications, regardless of the port and protocol of the client request. Client affinity gives you control over whether to always route each client to the same specific endpoint.\n\nAWS Global Accelerator uses a consistent-flow hashing algorithm to choose the optimal endpoint for a connection. If client affinity is `NONE` , Global Accelerator uses the \"five-tuple\" (5-tuple) properties\u2014source IP address, source port, destination IP address, destination port, and protocol\u2014to select the hash value, and then chooses the best endpoint. However, with this setting, if someone uses different ports to connect to Global Accelerator, their connections might not be always routed to the same endpoint because the hash value changes.\n\nIf you want a given client to always be routed to the same endpoint, set client affinity to `SOURCE_IP` instead. When you use the `SOURCE_IP` setting, Global Accelerator uses the \"two-tuple\" (2-tuple) properties\u2014 source (client) IP address and destination IP address\u2014to select the hash value.\n\nThe default value is `NONE` .", + "title": "ClientAffinity", + "type": "string" + }, + "PortRanges": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GlobalAccelerator::Listener.PortRange" }, - "markdownDescription": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "ResourceGroupTags", + "markdownDescription": "The list of port ranges for the connections from clients to the accelerator.", + "title": "PortRanges", "type": "array" + }, + "Protocol": { + "markdownDescription": "The protocol for the connections from clients to the accelerator.", + "title": "Protocol", + "type": "string" } }, "required": [ - "ResourceGroupTags" + "AcceleratorArn", + "PortRanges", + "Protocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::Inspector::ResourceGroup" + "AWS::GlobalAccelerator::Listener" ], "type": "string" }, @@ -119006,7 +128676,27 @@ ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration": { + "AWS::GlobalAccelerator::Listener.PortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The first port in the range of ports, inclusive.", + "title": "FromPort", + "type": "number" + }, + "ToPort": { + "markdownDescription": "The last port in the range of ports, inclusive.", + "title": "ToPort", + "type": "number" + } + }, + "required": [ + "FromPort", + "ToPort" + ], + "type": "object" + }, + "AWS::Glue::Classifier": { "additionalProperties": false, "properties": { "Condition": { @@ -119041,43 +128731,32 @@ "Properties": { "additionalProperties": false, "properties": { - "ScanName": { - "markdownDescription": "The name of the CIS scan configuration.", - "title": "ScanName", - "type": "string" - }, - "Schedule": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Schedule", - "markdownDescription": "The CIS scan configuration's schedule.", - "title": "Schedule" + "CsvClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.CsvClassifier", + "markdownDescription": "A classifier for comma-separated values (CSV).", + "title": "CsvClassifier" }, - "SecurityLevel": { - "markdownDescription": "The CIS scan configuration's CIS Benchmark level.", - "title": "SecurityLevel", - "type": "string" + "GrokClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.GrokClassifier", + "markdownDescription": "A classifier that uses `grok` .", + "title": "GrokClassifier" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The CIS scan configuration's tags.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "JsonClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.JsonClassifier", + "markdownDescription": "A classifier for JSON content.", + "title": "JsonClassifier" }, - "Targets": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.CisTargets", - "markdownDescription": "The CIS scan configuration's targets.", - "title": "Targets" + "XMLClassifier": { + "$ref": "#/definitions/AWS::Glue::Classifier.XMLClassifier", + "markdownDescription": "A classifier for XML content.", + "title": "XMLClassifier" } }, "type": "object" }, "Type": { "enum": [ - "AWS::InspectorV2::CisScanConfiguration" + "AWS::Glue::Classifier" ], "type": "string" }, @@ -119095,132 +128774,138 @@ ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.CisTargets": { + "AWS::Glue::Classifier.CsvClassifier": { "additionalProperties": false, "properties": { - "AccountIds": { + "AllowSingleColumn": { + "markdownDescription": "Enables the processing of files that contain only one column.", + "title": "AllowSingleColumn", + "type": "boolean" + }, + "ContainsCustomDatatype": { "items": { "type": "string" }, - "markdownDescription": "The CIS target account ids.", - "title": "AccountIds", + "markdownDescription": "Indicates whether the CSV file contains custom data types.", + "title": "ContainsCustomDatatype", "type": "array" }, - "TargetResourceTags": { - "markdownDescription": "The CIS target resource tags.", - "title": "TargetResourceTags", - "type": "object" + "ContainsHeader": { + "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", + "title": "ContainsHeader", + "type": "string" + }, + "CustomDatatypeConfigured": { + "markdownDescription": "Enables the configuration of custom data types.", + "title": "CustomDatatypeConfigured", + "type": "boolean" + }, + "Delimiter": { + "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", + "title": "Delimiter", + "type": "string" + }, + "DisableValueTrimming": { + "markdownDescription": "Specifies not to trim values before identifying the type of column values. The default value is `true` .", + "title": "DisableValueTrimming", + "type": "boolean" + }, + "Header": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings representing column names.", + "title": "Header", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", + "type": "string" + }, + "QuoteSymbol": { + "markdownDescription": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.", + "title": "QuoteSymbol", + "type": "string" } }, - "required": [ - "AccountIds" - ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.DailySchedule": { + "AWS::Glue::Classifier.GrokClassifier": { "additionalProperties": false, "properties": { - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The schedule start time.", - "title": "StartTime" + "Classification": { + "markdownDescription": "An identifier of the data format that the classifier matches, such as Twitter, JSON, Omniture logs, and so on.", + "title": "Classification", + "type": "string" + }, + "CustomPatterns": { + "markdownDescription": "Optional custom grok patterns defined by this classifier. For more information, see custom patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", + "title": "CustomPatterns", + "type": "string" + }, + "GrokPattern": { + "markdownDescription": "The grok pattern applied to a data store by this classifier. For more information, see built-in patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", + "title": "GrokPattern", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", + "type": "string" } }, "required": [ - "StartTime" + "Classification", + "GrokPattern" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.MonthlySchedule": { + "AWS::Glue::Classifier.JsonClassifier": { "additionalProperties": false, "properties": { - "Day": { - "markdownDescription": "The monthly schedule's day.", - "title": "Day", + "JsonPath": { + "markdownDescription": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath` , as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json) .", + "title": "JsonPath", "type": "string" }, - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The monthly schedule's start time.", - "title": "StartTime" + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", + "type": "string" } }, "required": [ - "Day", - "StartTime" + "JsonPath" ], "type": "object" }, - "AWS::InspectorV2::CisScanConfiguration.Schedule": { - "additionalProperties": false, - "properties": { - "Daily": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.DailySchedule", - "markdownDescription": "A daily schedule.", - "title": "Daily" - }, - "Monthly": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.MonthlySchedule", - "markdownDescription": "A monthly schedule.", - "title": "Monthly" - }, - "OneTime": { - "markdownDescription": "A one time schedule.", - "title": "OneTime", - "type": "object" - }, - "Weekly": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.WeeklySchedule", - "markdownDescription": "A weekly schedule.", - "title": "Weekly" - } - }, - "type": "object" - }, - "AWS::InspectorV2::CisScanConfiguration.Time": { + "AWS::Glue::Classifier.XMLClassifier": { "additionalProperties": false, "properties": { - "TimeOfDay": { - "markdownDescription": "The time of day in 24-hour format (00:00).", - "title": "TimeOfDay", + "Classification": { + "markdownDescription": "An identifier of the data format that the classifier matches.", + "title": "Classification", "type": "string" }, - "TimeZone": { - "markdownDescription": "The timezone.", - "title": "TimeZone", + "Name": { + "markdownDescription": "The name of the classifier.", + "title": "Name", "type": "string" - } - }, - "required": [ - "TimeOfDay", - "TimeZone" - ], - "type": "object" - }, - "AWS::InspectorV2::CisScanConfiguration.WeeklySchedule": { - "additionalProperties": false, - "properties": { - "Days": { - "items": { - "type": "string" - }, - "markdownDescription": "The weekly schedule's days.", - "title": "Days", - "type": "array" }, - "StartTime": { - "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", - "markdownDescription": "The weekly schedule's start time.", - "title": "StartTime" + "RowTag": { + "markdownDescription": "The XML tag designating the element that contains each record in an XML document being parsed. This can't identify a self-closing element (closed by `/>` ). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `` is okay, but `` is not).", + "title": "RowTag", + "type": "string" } }, "required": [ - "Days", - "StartTime" + "Classification", + "RowTag" ], "type": "object" }, - "AWS::InspectorV2::Filter": { + "AWS::Glue::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -119255,37 +128940,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the filter.", - "title": "Description", - "type": "string" - }, - "FilterAction": { - "markdownDescription": "The action that is to be applied to the findings that match the filter.", - "title": "FilterAction", + "CatalogId": { + "markdownDescription": "The ID of the data catalog to create the catalog object in. Currently, this should be the AWS account ID.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId` .", + "title": "CatalogId", "type": "string" }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.FilterCriteria", - "markdownDescription": "Details on the filter criteria associated with this filter.", - "title": "FilterCriteria" - }, - "Name": { - "markdownDescription": "The name of the filter.", - "title": "Name", - "type": "string" + "ConnectionInput": { + "$ref": "#/definitions/AWS::Glue::Connection.ConnectionInput", + "markdownDescription": "The connection that you want to create.", + "title": "ConnectionInput" } }, "required": [ - "FilterAction", - "FilterCriteria", - "Name" + "CatalogId", + "ConnectionInput" ], "type": "object" }, "Type": { "enum": [ - "AWS::InspectorV2::Filter" + "AWS::Glue::Connection" ], "type": "string" }, @@ -119304,389 +128978,255 @@ ], "type": "object" }, - "AWS::InspectorV2::Filter.DateFilter": { + "AWS::Glue::Connection.AuthenticationConfigurationInput": { "additionalProperties": false, "properties": { - "EndInclusive": { - "markdownDescription": "A timestamp representing the end of the time period filtered on.", - "title": "EndInclusive", - "type": "number" + "AuthenticationType": { + "markdownDescription": "A structure containing the authentication configuration in the CreateConnection request.", + "title": "AuthenticationType", + "type": "string" }, - "StartInclusive": { - "markdownDescription": "A timestamp representing the start of the time period filtered on.", - "title": "StartInclusive", - "type": "number" + "BasicAuthenticationCredentials": { + "$ref": "#/definitions/AWS::Glue::Connection.BasicAuthenticationCredentials", + "markdownDescription": "The credentials used when the authentication type is basic authentication.", + "title": "BasicAuthenticationCredentials" + }, + "CustomAuthenticationCredentials": { + "markdownDescription": "The credentials used when the authentication type is custom authentication.", + "title": "CustomAuthenticationCredentials", + "type": "object" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key used to encrypt the connection. Only taken an as input in the request and stored in the Secret Manager.", + "title": "KmsKeyArn", + "type": "string" + }, + "OAuth2Properties": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2PropertiesInput", + "markdownDescription": "The properties for OAuth2 authentication in the CreateConnection request.", + "title": "OAuth2Properties" + }, + "SecretArn": { + "markdownDescription": "The secret manager ARN to store credentials in the CreateConnection request.", + "title": "SecretArn", + "type": "string" } }, + "required": [ + "AuthenticationType" + ], "type": "object" }, - "AWS::InspectorV2::Filter.FilterCriteria": { + "AWS::Glue::Connection.AuthorizationCodeProperties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the AWS account IDs used to filter findings.", - "title": "AwsAccountId", - "type": "array" - }, - "ComponentId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the component IDs used to filter findings.", - "title": "ComponentId", - "type": "array" - }, - "ComponentType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the component types used to filter findings.", - "title": "ComponentType", - "type": "array" - }, - "Ec2InstanceImageId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance image IDs used to filter findings.", - "title": "Ec2InstanceImageId", - "type": "array" - }, - "Ec2InstanceSubnetId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance subnet IDs used to filter findings.", - "title": "Ec2InstanceSubnetId", - "type": "array" - }, - "Ec2InstanceVpcId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon EC2 instance VPC IDs used to filter findings.", - "title": "Ec2InstanceVpcId", - "type": "array" - }, - "EcrImageArchitecture": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon ECR image architecture types used to filter findings.", - "title": "EcrImageArchitecture", - "type": "array" - }, - "EcrImageHash": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details of the Amazon ECR image hashes used to filter findings.", - "title": "EcrImageHash", - "type": "array" - }, - "EcrImagePushedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the Amazon ECR image push date and time used to filter findings.", - "title": "EcrImagePushedAt", - "type": "array" - }, - "EcrImageRegistry": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the Amazon ECR registry used to filter findings.", - "title": "EcrImageRegistry", - "type": "array" - }, - "EcrImageRepositoryName": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the name of the Amazon ECR repository used to filter findings.", - "title": "EcrImageRepositoryName", - "type": "array" - }, - "EcrImageTags": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "The tags attached to the Amazon ECR container image.", - "title": "EcrImageTags", - "type": "array" - }, - "FindingArn": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding ARNs used to filter findings.", - "title": "FindingArn", - "type": "array" - }, - "FindingStatus": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding status types used to filter findings.", - "title": "FindingStatus", - "type": "array" - }, - "FindingType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding types used to filter findings.", - "title": "FindingType", - "type": "array" - }, - "FirstObservedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was first seen used to filter findings.", - "title": "FirstObservedAt", - "type": "array" - }, - "InspectorScore": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" - }, - "markdownDescription": "The Amazon Inspector score to filter on.", - "title": "InspectorScore", - "type": "array" - }, - "LastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was last seen used to filter findings.", - "title": "LastObservedAt", - "type": "array" + "AuthorizationCode": { + "markdownDescription": "An authorization code to be used in the third leg of the `AUTHORIZATION_CODE` grant workflow. This is a single-use code which becomes invalid once exchanged for an access token, thus it is acceptable to have this value as a request parameter.", + "title": "AuthorizationCode", + "type": "string" }, - "NetworkProtocol": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on network protocol used to filter findings.", - "title": "NetworkProtocol", - "type": "array" + "RedirectUri": { + "markdownDescription": "The redirect URI where the user gets redirected to by authorization server when issuing an authorization code. The URI is subsequently used when the authorization code is exchanged for an access token.", + "title": "RedirectUri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Connection.BasicAuthenticationCredentials": { + "additionalProperties": false, + "properties": { + "Password": { + "markdownDescription": "The password to connect to the data source.", + "title": "Password", + "type": "string" }, - "PortRange": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.PortRangeFilter" - }, - "markdownDescription": "Details on the port ranges used to filter findings.", - "title": "PortRange", - "type": "array" + "Username": { + "markdownDescription": "The username to connect to the data source.", + "title": "Username", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Connection.ConnectionInput": { + "additionalProperties": false, + "properties": { + "AthenaProperties": { + "markdownDescription": "Connection properties specific to the Athena compute environment.", + "title": "AthenaProperties", + "type": "object" }, - "RelatedVulnerabilities": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the related vulnerabilities used to filter findings.", - "title": "RelatedVulnerabilities", - "type": "array" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::Glue::Connection.AuthenticationConfigurationInput", + "markdownDescription": "The authentication properties of the connection.", + "title": "AuthenticationConfiguration" }, - "ResourceId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the resource IDs used to filter findings.", - "title": "ResourceId", - "type": "array" + "ConnectionProperties": { + "markdownDescription": "These key-value pairs define parameters for the connection.", + "title": "ConnectionProperties", + "type": "object" }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.MapFilter" - }, - "markdownDescription": "Details on the resource tags used to filter findings.", - "title": "ResourceTags", - "type": "array" + "ConnectionType": { + "markdownDescription": "The type of the connection. Currently, these types are supported:\n\n- `JDBC` - Designates a connection to a database through Java Database Connectivity (JDBC).\n\n`JDBC` Connections use the following ConnectionParameters.\n\n- Required: All of ( `HOST` , `PORT` , `JDBC_ENGINE` ) or `JDBC_CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- Optional: `JDBC_ENFORCE_SSL` , `CUSTOM_JDBC_CERT` , `CUSTOM_JDBC_CERT_STRING` , `SKIP_CUSTOM_JDBC_CERT_VALIDATION` . These parameters are used to configure SSL with JDBC.\n- `KAFKA` - Designates a connection to an Apache Kafka streaming platform.\n\n`KAFKA` Connections use the following ConnectionParameters.\n\n- Required: `KAFKA_BOOTSTRAP_SERVERS` .\n- Optional: `KAFKA_SSL_ENABLED` , `KAFKA_CUSTOM_CERT` , `KAFKA_SKIP_CUSTOM_CERT_VALIDATION` . These parameters are used to configure SSL with `KAFKA` .\n- Optional: `KAFKA_CLIENT_KEYSTORE` , `KAFKA_CLIENT_KEYSTORE_PASSWORD` , `KAFKA_CLIENT_KEY_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEYSTORE_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEY_PASSWORD` . These parameters are used to configure TLS client configuration with SSL in `KAFKA` .\n- Optional: `KAFKA_SASL_MECHANISM` . Can be specified as `SCRAM-SHA-512` , `GSSAPI` , or `AWS_MSK_IAM` .\n- Optional: `KAFKA_SASL_SCRAM_USERNAME` , `KAFKA_SASL_SCRAM_PASSWORD` , `ENCRYPTED_KAFKA_SASL_SCRAM_PASSWORD` . These parameters are used to configure SASL/SCRAM-SHA-512 authentication with `KAFKA` .\n- Optional: `KAFKA_SASL_GSSAPI_KEYTAB` , `KAFKA_SASL_GSSAPI_KRB5_CONF` , `KAFKA_SASL_GSSAPI_SERVICE` , `KAFKA_SASL_GSSAPI_PRINCIPAL` . These parameters are used to configure SASL/GSSAPI authentication with `KAFKA` .\n- `MONGODB` - Designates a connection to a MongoDB document database.\n\n`MONGODB` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `VIEW_VALIDATION_REDSHIFT` - Designates a connection used for view validation by Amazon Redshift.\n- `VIEW_VALIDATION_ATHENA` - Designates a connection used for view validation by Amazon Athena.\n- `NETWORK` - Designates a network connection to a data source within an Amazon Virtual Private Cloud environment (Amazon VPC).\n\n`NETWORK` Connections do not require ConnectionParameters. Instead, provide a PhysicalConnectionRequirements.\n- `MARKETPLACE` - Uses configuration settings contained in a connector purchased from AWS Marketplace to read from and write to data stores that are not natively supported by AWS Glue .\n\n`MARKETPLACE` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTOR_TYPE` , `CONNECTOR_URL` , `CONNECTOR_CLASS_NAME` , `CONNECTION_URL` .\n- Required for `JDBC` `CONNECTOR_TYPE` connections: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `CUSTOM` - Uses configuration settings contained in a custom connector to read from and write to data stores that are not natively supported by AWS Glue .\n\nAdditionally, a `ConnectionType` for the following SaaS connectors is supported:\n\n- `FACEBOOKADS` - Designates a connection to Facebook Ads.\n- `GOOGLEADS` - Designates a connection to Google Ads.\n- `GOOGLESHEETS` - Designates a connection to Google Sheets.\n- `GOOGLEANALYTICS4` - Designates a connection to Google Analytics 4.\n- `HUBSPOT` - Designates a connection to HubSpot.\n- `INSTAGRAMADS` - Designates a connection to Instagram Ads.\n- `INTERCOM` - Designates a connection to Intercom.\n- `JIRACLOUD` - Designates a connection to Jira Cloud.\n- `MARKETO` - Designates a connection to Adobe Marketo Engage.\n- `NETSUITEERP` - Designates a connection to Oracle NetSuite.\n- `SALESFORCE` - Designates a connection to Salesforce using OAuth authentication.\n- `SALESFORCEMARKETINGCLOUD` - Designates a connection to Salesforce Marketing Cloud.\n- `SALESFORCEPARDOT` - Designates a connection to Salesforce Marketing Cloud Account Engagement (MCAE).\n- `SAPODATA` - Designates a connection to SAP OData.\n- `SERVICENOW` - Designates a connection to ServiceNow.\n- `SLACK` - Designates a connection to Slack.\n- `SNAPCHATADS` - Designates a connection to Snapchat Ads.\n- `STRIPE` - Designates a connection to Stripe.\n- `ZENDESK` - Designates a connection to Zendesk.\n- `ZOHOCRM` - Designates a connection to Zoho CRM.\n\nFor more information on the connection parameters needed for a particular connector, see the documentation for the connector in [Adding an AWS Glue connection](https://docs.aws.amazon.com/glue/latest/dg/console-connections.html) in the AWS Glue User Guide.\n\n`SFTP` is not supported.\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue , consult [AWS Glue connection properties](https://docs.aws.amazon.com/glue/latest/dg/connection-defining.html) .\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue Studio, consult [Using connectors and connections](https://docs.aws.amazon.com/glue/latest/ug/connectors-chapter.html) .", + "title": "ConnectionType", + "type": "string" }, - "ResourceType": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the resource types used to filter findings.", - "title": "ResourceType", - "type": "array" + "Description": { + "markdownDescription": "The description of the connection.", + "title": "Description", + "type": "string" }, - "Severity": { + "MatchCriteria": { "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + "type": "string" }, - "markdownDescription": "Details on the severity used to filter findings.", - "title": "Severity", + "markdownDescription": "A list of criteria that can be used in selecting this connection.", + "title": "MatchCriteria", "type": "array" }, - "Title": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the finding title used to filter findings.", - "title": "Title", - "type": "array" + "Name": { + "markdownDescription": "The name of the connection.", + "title": "Name", + "type": "string" }, - "UpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" - }, - "markdownDescription": "Details on the date and time a finding was last updated at used to filter findings.", - "title": "UpdatedAt", - "type": "array" + "PhysicalConnectionRequirements": { + "$ref": "#/definitions/AWS::Glue::Connection.PhysicalConnectionRequirements", + "markdownDescription": "The physical connection requirements, such as virtual private cloud (VPC) and `SecurityGroup` , that are needed to successfully make this connection.", + "title": "PhysicalConnectionRequirements" }, - "VendorSeverity": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vendor severity used to filter findings.", - "title": "VendorSeverity", - "type": "array" + "PythonProperties": { + "markdownDescription": "Connection properties specific to the Python compute environment.", + "title": "PythonProperties", + "type": "object" }, - "VulnerabilityId": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vulnerability ID used to filter findings.", - "title": "VulnerabilityId", - "type": "array" + "SparkProperties": { + "markdownDescription": "Connection properties specific to the Spark compute environment.", + "title": "SparkProperties", + "type": "object" }, - "VulnerabilitySource": { - "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" - }, - "markdownDescription": "Details on the vulnerability score to filter findings by.", - "title": "VulnerabilitySource", - "type": "array" + "ValidateCredentials": { + "markdownDescription": "A flag to validate the credentials during create connection. Default is true.", + "title": "ValidateCredentials", + "type": "boolean" }, - "VulnerablePackages": { + "ValidateForComputeEnvironments": { "items": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.PackageFilter" + "type": "string" }, - "markdownDescription": "Details on the vulnerable packages used to filter findings.", - "title": "VulnerablePackages", + "markdownDescription": "The compute environments that the specified connection properties are validated against.", + "title": "ValidateForComputeEnvironments", "type": "array" } }, + "required": [ + "ConnectionType" + ], "type": "object" }, - "AWS::InspectorV2::Filter.MapFilter": { + "AWS::Glue::Connection.OAuth2ClientApplication": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The operator to use when comparing values in the filter.", - "title": "Comparison", - "type": "string" - }, - "Key": { - "markdownDescription": "The tag key used in the filter.", - "title": "Key", + "AWSManagedClientApplicationReference": { + "markdownDescription": "The reference to the SaaS-side client app that is AWS managed.", + "title": "AWSManagedClientApplicationReference", "type": "string" }, - "Value": { - "markdownDescription": "The tag value used in the filter.", - "title": "Value", + "UserManagedClientApplicationClientId": { + "markdownDescription": "The client application clientID if the ClientAppType is `USER_MANAGED` .", + "title": "UserManagedClientApplicationClientId", "type": "string" } }, - "required": [ - "Comparison" - ], "type": "object" }, - "AWS::InspectorV2::Filter.NumberFilter": { + "AWS::Glue::Connection.OAuth2Credentials": { "additionalProperties": false, "properties": { - "LowerInclusive": { - "markdownDescription": "The lowest number to be included in the filter.", - "title": "LowerInclusive", - "type": "number" + "AccessToken": { + "markdownDescription": "The access token used when the authentication type is OAuth2.", + "title": "AccessToken", + "type": "string" }, - "UpperInclusive": { - "markdownDescription": "The highest number to be included in the filter.", - "title": "UpperInclusive", - "type": "number" + "JwtToken": { + "markdownDescription": "The JSON Web Token (JWT) used when the authentication type is OAuth2.", + "title": "JwtToken", + "type": "string" + }, + "RefreshToken": { + "markdownDescription": "The refresh token used when the authentication type is OAuth2.", + "title": "RefreshToken", + "type": "string" + }, + "UserManagedClientApplicationClientSecret": { + "markdownDescription": "The client application client secret if the client application is user managed.", + "title": "UserManagedClientApplicationClientSecret", + "type": "string" } }, "type": "object" }, - "AWS::InspectorV2::Filter.PackageFilter": { + "AWS::Glue::Connection.OAuth2PropertiesInput": { "additionalProperties": false, "properties": { - "Architecture": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the package architecture type to filter on.", - "title": "Architecture" - }, - "Epoch": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter", - "markdownDescription": "An object that contains details on the package epoch to filter on.", - "title": "Epoch" + "AuthorizationCodeProperties": { + "$ref": "#/definitions/AWS::Glue::Connection.AuthorizationCodeProperties", + "markdownDescription": "The set of properties required for the the OAuth2 `AUTHORIZATION_CODE` grant type.", + "title": "AuthorizationCodeProperties" }, - "Name": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the name of the package to filter on.", - "title": "Name" + "OAuth2ClientApplication": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2ClientApplication", + "markdownDescription": "The client application type in the CreateConnection request. For example, `AWS_MANAGED` or `USER_MANAGED` .", + "title": "OAuth2ClientApplication" }, - "Release": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the package release to filter on.", - "title": "Release" + "OAuth2Credentials": { + "$ref": "#/definitions/AWS::Glue::Connection.OAuth2Credentials", + "markdownDescription": "The credentials used when the authentication type is OAuth2 authentication.", + "title": "OAuth2Credentials" }, - "SourceLayerHash": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "An object that contains details on the source layer hash to filter on.", - "title": "SourceLayerHash" + "OAuth2GrantType": { + "markdownDescription": "The OAuth2 grant type in the CreateConnection request. For example, `AUTHORIZATION_CODE` , `JWT_BEARER` , or `CLIENT_CREDENTIALS` .", + "title": "OAuth2GrantType", + "type": "string" }, - "Version": { - "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", - "markdownDescription": "The package version to filter on.", - "title": "Version" - } - }, - "type": "object" - }, - "AWS::InspectorV2::Filter.PortRangeFilter": { - "additionalProperties": false, - "properties": { - "BeginInclusive": { - "markdownDescription": "The port number the port range begins at.", - "title": "BeginInclusive", - "type": "number" + "TokenUrl": { + "markdownDescription": "The URL of the provider's authentication server, to exchange an authorization code for an access token.", + "title": "TokenUrl", + "type": "string" }, - "EndInclusive": { - "markdownDescription": "The port number the port range ends at.", - "title": "EndInclusive", - "type": "number" + "TokenUrlParametersMap": { + "markdownDescription": "A map of parameters that are added to the token `GET` request.", + "title": "TokenUrlParametersMap", + "type": "object" } }, "type": "object" }, - "AWS::InspectorV2::Filter.StringFilter": { + "AWS::Glue::Connection.PhysicalConnectionRequirements": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The operator to use when comparing values in the filter.", - "title": "Comparison", + "AvailabilityZone": { + "markdownDescription": "The connection's Availability Zone.", + "title": "AvailabilityZone", "type": "string" }, - "Value": { - "markdownDescription": "The value to filter on.", - "title": "Value", + "SecurityGroupIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group ID list used by the connection.", + "title": "SecurityGroupIdList", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The subnet ID used by the connection.", + "title": "SubnetId", "type": "string" } }, - "required": [ - "Comparison", - "Value" - ], "type": "object" }, - "AWS::InternetMonitor::Monitor": { + "AWS::Glue::Crawler": { "additionalProperties": false, "properties": { "Condition": { @@ -119721,87 +129261,89 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.HealthEventsConfig", - "markdownDescription": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* .", - "title": "HealthEventsConfig" + "Classifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of UTF-8 strings that specify the names of custom classifiers that are associated with the crawler.", + "title": "Classifiers", + "type": "array" }, - "IncludeLinkedAccounts": { - "markdownDescription": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", - "title": "IncludeLinkedAccounts", - "type": "boolean" + "Configuration": { + "markdownDescription": "Crawler configuration information. This versioned JSON string allows users to specify aspects of a crawler's behavior. For more information, see [Configuring a Crawler](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html) .", + "title": "Configuration", + "type": "string" }, - "InternetMeasurementsLogDelivery": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery", - "markdownDescription": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs).", - "title": "InternetMeasurementsLogDelivery" + "CrawlerSecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used by this crawler.", + "title": "CrawlerSecurityConfiguration", + "type": "string" }, - "LinkedAccountId": { - "markdownDescription": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", - "title": "LinkedAccountId", + "DatabaseName": { + "markdownDescription": "The name of the database in which the crawler's output is stored.", + "title": "DatabaseName", "type": "string" }, - "MaxCityNetworksToMonitor": { - "markdownDescription": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* .", - "title": "MaxCityNetworksToMonitor", - "type": "number" + "Description": { + "markdownDescription": "A description of the crawler.", + "title": "Description", + "type": "string" }, - "MonitorName": { - "markdownDescription": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", - "title": "MonitorName", + "LakeFormationConfiguration": { + "$ref": "#/definitions/AWS::Glue::Crawler.LakeFormationConfiguration", + "markdownDescription": "Specifies whether the crawler should use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", + "title": "LakeFormationConfiguration" + }, + "Name": { + "markdownDescription": "The name of the crawler.", + "title": "Name", "type": "string" }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n> Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty.", - "title": "Resources", - "type": "array" + "RecrawlPolicy": { + "$ref": "#/definitions/AWS::Glue::Crawler.RecrawlPolicy", + "markdownDescription": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.", + "title": "RecrawlPolicy" }, - "ResourcesToAdd": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", - "title": "ResourcesToAdd", - "type": "array" + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that's used to access customer resources, such as Amazon Simple Storage Service (Amazon S3) data.", + "title": "Role", + "type": "string" }, - "ResourcesToRemove": { - "items": { - "type": "string" - }, - "markdownDescription": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", - "title": "ResourcesToRemove", - "type": "array" + "Schedule": { + "$ref": "#/definitions/AWS::Glue::Crawler.Schedule", + "markdownDescription": "For scheduled crawlers, the schedule when the crawler runs.", + "title": "Schedule" }, - "Status": { - "markdownDescription": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` .", - "title": "Status", + "SchemaChangePolicy": { + "$ref": "#/definitions/AWS::Glue::Crawler.SchemaChangePolicy", + "markdownDescription": "The policy that specifies update and delete behaviors for the crawler. The policy tells the crawler what to do in the event that it detects a change in a table that already exists in the customer's database at the time of the crawl. The `SchemaChangePolicy` does not affect whether or how new tables and partitions are added. New tables and partitions are always created regardless of the `SchemaChangePolicy` on a crawler.\n\nThe SchemaChangePolicy consists of two components, `UpdateBehavior` and `DeleteBehavior` .", + "title": "SchemaChangePolicy" + }, + "TablePrefix": { + "markdownDescription": "The prefix added to the names of tables that are created.", + "title": "TablePrefix", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for a monitor, listed as a set of *key:value* pairs.", + "markdownDescription": "The tags to use with this crawler.", "title": "Tags", - "type": "array" + "type": "object" }, - "TrafficPercentageToMonitor": { - "markdownDescription": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor.", - "title": "TrafficPercentageToMonitor", - "type": "number" + "Targets": { + "$ref": "#/definitions/AWS::Glue::Crawler.Targets", + "markdownDescription": "A collection of targets to crawl.", + "title": "Targets" } }, "required": [ - "MonitorName" + "Role", + "Targets" ], "type": "object" }, "Type": { "enum": [ - "AWS::InternetMonitor::Monitor" + "AWS::Glue::Crawler" ], "type": "string" }, @@ -119820,537 +129362,356 @@ ], "type": "object" }, - "AWS::InternetMonitor::Monitor.HealthEventsConfig": { + "AWS::Glue::Crawler.CatalogTarget": { "additionalProperties": false, "properties": { - "AvailabilityLocalHealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", - "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue.", - "title": "AvailabilityLocalHealthEventsConfig" + "ConnectionName": { + "markdownDescription": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a `Catalog` connection type paired with a `NETWORK` Connection type.", + "title": "ConnectionName", + "type": "string" }, - "AvailabilityScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event.", - "title": "AvailabilityScoreThreshold", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of the database to be synchronized.", + "title": "DatabaseName", + "type": "string" }, - "PerformanceLocalHealthEventsConfig": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", - "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue.", - "title": "PerformanceLocalHealthEventsConfig" + "DlqEventQueueArn": { + "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", + "title": "DlqEventQueueArn", + "type": "string" }, - "PerformanceScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event.", - "title": "PerformanceScoreThreshold", - "type": "number" + "EventQueueArn": { + "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", + "title": "EventQueueArn", + "type": "string" + }, + "Tables": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the tables to be synchronized.", + "title": "Tables", + "type": "array" } }, "type": "object" }, - "AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery": { + "AWS::Glue::Crawler.DeltaTarget": { "additionalProperties": false, "properties": { - "S3Config": { - "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", - "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", - "title": "S3Config" + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Delta table target.", + "title": "ConnectionName", + "type": "string" + }, + "CreateNativeDeltaTable": { + "markdownDescription": "Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly.", + "title": "CreateNativeDeltaTable", + "type": "boolean" + }, + "DeltaTables": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the Amazon S3 paths to the Delta tables.", + "title": "DeltaTables", + "type": "array" + }, + "WriteManifest": { + "markdownDescription": "Specifies whether to write the manifest files to the Delta table path.", + "title": "WriteManifest", + "type": "boolean" } }, "type": "object" }, - "AWS::InternetMonitor::Monitor.LocalHealthEventsConfig": { + "AWS::Glue::Crawler.DynamoDBTarget": { "additionalProperties": false, "properties": { - "HealthScoreThreshold": { - "markdownDescription": "The health event threshold percentage set for a local health score.", - "title": "HealthScoreThreshold", - "type": "number" - }, - "MinTrafficImpact": { - "markdownDescription": "The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score.\n\nIf you don't set a minimum traffic impact threshold, the default value is 0.01%.", - "title": "MinTrafficImpact", - "type": "number" - }, - "Status": { - "markdownDescription": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` .", - "title": "Status", + "Path": { + "markdownDescription": "The name of the DynamoDB table to crawl.", + "title": "Path", "type": "string" } }, "type": "object" }, - "AWS::InternetMonitor::Monitor.S3Config": { + "AWS::Glue::Crawler.HudiTarget": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", - "title": "BucketName", + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Hudi target. If your Hudi files are stored in buckets that require VPC authorization, you can set their connection properties here.", + "title": "ConnectionName", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", - "title": "BucketPrefix", - "type": "string" + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", + "type": "array" }, - "LogDeliveryStatus": { - "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", - "title": "LogDeliveryStatus", - "type": "string" + "MaximumTraversalDepth": { + "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time.", + "title": "MaximumTraversalDepth", + "type": "number" + }, + "Paths": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon S3 location strings for Hudi, each indicating the root folder with which the metadata files for a Hudi table resides. The Hudi folder may be located in a child folder of the root folder.\n\nThe crawler will scan all folders underneath a path for a Hudi folder.", + "title": "Paths", + "type": "array" } }, "type": "object" }, - "AWS::IoT1Click::Device": { + "AWS::Glue::Crawler.IcebergTarget": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Iceberg target.", + "title": "ConnectionName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeviceId": { - "type": "string" - }, - "Enabled": { - "type": "boolean" - } + "Exclusions": { + "items": { + "type": "string" }, - "required": [ - "DeviceId", - "Enabled" - ], - "type": "object" + "markdownDescription": "A list of global patterns used to exclude from the crawl.", + "title": "Exclusions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IoT1Click::Device" - ], - "type": "string" + "MaximumTraversalDepth": { + "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time.", + "title": "MaximumTraversalDepth", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Paths": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix .", + "title": "Paths", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoT1Click::Placement": { + "AWS::Glue::Crawler.JdbcTarget": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the JDBC target.", + "title": "ConnectionName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssociatedDevices": { - "type": "object" - }, - "Attributes": { - "type": "object" - }, - "PlacementName": { - "type": "string" - }, - "ProjectName": { - "type": "string" - } + "EnableAdditionalMetadata": { + "items": { + "type": "string" }, - "required": [ - "ProjectName" - ], - "type": "object" + "markdownDescription": "Specify a value of `RAWTYPES` or `COMMENTS` to enable additional metadata in table responses. `RAWTYPES` provides the native-level datatype. `COMMENTS` provides comments associated with a column or table in the database.\n\nIf you do not need additional metadata, keep the field empty.", + "title": "EnableAdditionalMetadata", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IoT1Click::Placement" - ], - "type": "string" + "Exclusions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Path": { + "markdownDescription": "The path of the JDBC target.", + "title": "Path", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoT1Click::Project": { + "AWS::Glue::Crawler.LakeFormationConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "type": "string" - }, - "PlacementTemplate": { - "$ref": "#/definitions/AWS::IoT1Click::Project.PlacementTemplate" - }, - "ProjectName": { - "type": "string" - } - }, - "required": [ - "PlacementTemplate" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT1Click::Project" - ], + "AccountId": { + "markdownDescription": "Required for cross account crawls. For same account crawls as the target data, this can be left as null.", + "title": "AccountId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "UseLakeFormationCredentials": { + "markdownDescription": "Specifies whether to use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", + "title": "UseLakeFormationCredentials", + "type": "boolean" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoT1Click::Project.DeviceTemplate": { + "AWS::Glue::Crawler.MongoDBTarget": { "additionalProperties": false, "properties": { - "CallbackOverrides": { - "type": "object" + "ConnectionName": { + "markdownDescription": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.", + "title": "ConnectionName", + "type": "string" }, - "DeviceType": { + "Path": { + "markdownDescription": "The path of the Amazon DocumentDB or MongoDB target (database/collection).", + "title": "Path", "type": "string" } }, "type": "object" }, - "AWS::IoT1Click::Project.PlacementTemplate": { + "AWS::Glue::Crawler.RecrawlPolicy": { "additionalProperties": false, "properties": { - "DefaultAttributes": { - "type": "object" - }, - "DeviceTemplates": { - "type": "object" + "RecrawlBehavior": { + "markdownDescription": "Specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVERYTHING` specifies crawling the entire dataset again.\n\nA value of `CRAWL_NEW_FOLDERS_ONLY` specifies crawling only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVENT_MODE` specifies crawling only the changes identified by Amazon S3 events.", + "title": "RecrawlBehavior", + "type": "string" } }, "type": "object" }, - "AWS::IoT::AccountAuditConfiguration": { + "AWS::Glue::Crawler.S3Target": { "additionalProperties": false, "properties": { - "Condition": { + "ConnectionName": { + "markdownDescription": "The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC).", + "title": "ConnectionName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DlqEventQueueArn": { + "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", + "title": "DlqEventQueueArn", + "type": "string" }, - "Metadata": { - "type": "object" + "EventQueueArn": { + "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", + "title": "EventQueueArn", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccountId": { - "markdownDescription": "The ID of the account. You can use the expression `!Sub \"${AWS::AccountId}\"` to use your account ID.", - "title": "AccountId", - "type": "string" - }, - "AuditCheckConfigurations": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations", - "markdownDescription": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on available audit checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)", - "title": "AuditCheckConfigurations" - }, - "AuditNotificationTargetConfigurations": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations", - "markdownDescription": "Information about the targets to which audit notifications are sent.", - "title": "AuditNotificationTargetConfigurations" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.", - "title": "RoleArn", - "type": "string" - } + "Exclusions": { + "items": { + "type": "string" }, - "required": [ - "AccountId", - "AuditCheckConfigurations", - "RoleArn" - ], - "type": "object" + "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", + "title": "Exclusions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::IoT::AccountAuditConfiguration" - ], + "Path": { + "markdownDescription": "The path to the Amazon S3 target.", + "title": "Path", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "True if this audit check is enabled for this account.", - "title": "Enabled", - "type": "boolean" + "SampleSize": { + "markdownDescription": "Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249.", + "title": "SampleSize", + "type": "number" } }, "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations": { + "AWS::Glue::Crawler.Schedule": { "additionalProperties": false, "properties": { - "AuthenticatedCognitoRoleOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed.", - "title": "AuthenticatedCognitoRoleOverlyPermissiveCheck" - }, - "CaCertificateExpiringCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired.", - "title": "CaCertificateExpiringCheck" - }, - "CaCertificateKeyQualityCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` .", - "title": "CaCertificateKeyQualityCheck" - }, - "ConflictingClientIdsCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if multiple devices connect using the same client ID.", - "title": "ConflictingClientIdsCheck" - }, - "DeviceCertificateExpiringCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a device certificate is expiring. By default, this check applies to device certificates expiring within 30 days or that have expired. You can modify this threshold by configuring the DeviceCertExpirationAuditCheckConfiguration.", - "title": "DeviceCertificateExpiringCheck" - }, - "DeviceCertificateKeyQualityCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size.", - "title": "DeviceCertificateKeyQualityCheck" - }, - "DeviceCertificateSharedCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT .", - "title": "DeviceCertificateSharedCheck" - }, - "IntermediateCaRevokedForActiveDeviceCertificatesCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if device certificates are still active despite being revoked by an intermediate CA.", - "title": "IntermediateCaRevokedForActiveDeviceCertificatesCheck" - }, - "IoTPolicyPotentialMisConfigurationCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy.", - "title": "IoTPolicyPotentialMisConfigurationCheck" - }, - "IotPolicyOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role.", - "title": "IotPolicyOverlyPermissiveCheck" - }, - "IotRoleAliasAllowsAccessToUnusedServicesCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year.", - "title": "IotRoleAliasAllowsAccessToUnusedServicesCheck" - }, - "IotRoleAliasOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive.", - "title": "IotRoleAliasOverlyPermissiveCheck" - }, - "LoggingDisabledCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if AWS IoT logs are disabled.", - "title": "LoggingDisabledCheck" - }, - "RevokedCaCertificateStillActiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a revoked CA certificate is still active.", - "title": "RevokedCaCertificateStillActiveCheck" - }, - "RevokedDeviceCertificateStillActiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if a revoked device certificate is still active.", - "title": "RevokedDeviceCertificateStillActiveCheck" - }, - "UnauthenticatedCognitoRoleOverlyPermissiveCheck": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", - "markdownDescription": "Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive.", - "title": "UnauthenticatedCognitoRoleOverlyPermissiveCheck" + "ScheduleExpression": { + "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", + "title": "ScheduleExpression", + "type": "string" } }, "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget": { + "AWS::Glue::Crawler.SchemaChangePolicy": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "True if notifications to the target are enabled.", - "title": "Enabled", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to send notifications to the target.", - "title": "RoleArn", + "DeleteBehavior": { + "markdownDescription": "The deletion behavior when the crawler finds a deleted object.\n\nA value of `LOG` specifies that if a table or partition is found to no longer exist, do not delete it, only log that it was found to no longer exist.\n\nA value of `DELETE_FROM_DATABASE` specifies that if a table or partition is found to have been removed, delete it from the database.\n\nA value of `DEPRECATE_IN_DATABASE` specifies that if a table has been found to no longer exist, to add a property to the table that says \"DEPRECATED\" and includes a timestamp with the time of deprecation.", + "title": "DeleteBehavior", "type": "string" }, - "TargetArn": { - "markdownDescription": "The ARN of the target (SNS topic) to which audit notifications are sent.", - "title": "TargetArn", + "UpdateBehavior": { + "markdownDescription": "The update behavior when the crawler finds a changed schema.\n\nA value of `LOG` specifies that if a table or a partition already exists, and a change is detected, do not update it, only log that a change was detected. Add new tables and new partitions (including on existing tables).\n\nA value of `UPDATE_IN_DATABASE` specifies that if a table or partition already exists, and a change is detected, update it. Add new tables and partitions.", + "title": "UpdateBehavior", "type": "string" } }, "type": "object" }, - "AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations": { + "AWS::Glue::Crawler.Targets": { "additionalProperties": false, "properties": { - "Sns": { - "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget", - "markdownDescription": "The `Sns` notification target.", - "title": "Sns" + "CatalogTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.CatalogTarget" + }, + "markdownDescription": "Specifies AWS Glue Data Catalog targets.", + "title": "CatalogTargets", + "type": "array" + }, + "DeltaTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.DeltaTarget" + }, + "markdownDescription": "Specifies an array of Delta data store targets.", + "title": "DeltaTargets", + "type": "array" + }, + "DynamoDBTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.DynamoDBTarget" + }, + "markdownDescription": "Specifies Amazon DynamoDB targets.", + "title": "DynamoDBTargets", + "type": "array" + }, + "HudiTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.HudiTarget" + }, + "markdownDescription": "", + "title": "HudiTargets", + "type": "array" + }, + "IcebergTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" + }, + "markdownDescription": "Specifies Apache Iceberg data store targets.", + "title": "IcebergTargets", + "type": "array" + }, + "JdbcTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" + }, + "markdownDescription": "Specifies JDBC targets.", + "title": "JdbcTargets", + "type": "array" + }, + "MongoDBTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.MongoDBTarget" + }, + "markdownDescription": "A list of Mongo DB targets.", + "title": "MongoDBTargets", + "type": "array" + }, + "S3Targets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.S3Target" + }, + "markdownDescription": "Specifies Amazon Simple Storage Service (Amazon S3) targets.", + "title": "S3Targets", + "type": "array" } }, "type": "object" }, - "AWS::IoT::Authorizer": { + "AWS::Glue::CustomEntityType": { "additionalProperties": false, "properties": { "Condition": { @@ -120385,64 +129746,35 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizerFunctionArn": { - "markdownDescription": "The authorizer's Lambda function ARN.", - "title": "AuthorizerFunctionArn", - "type": "string" + "ContextWords": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of context words. If none of these context words are found within the vicinity of the regular expression the data will not be detected as sensitive data.\n\nIf no context words are passed only a regular expression is checked.", + "title": "ContextWords", + "type": "array" }, - "AuthorizerName": { - "markdownDescription": "The authorizer name.", - "title": "AuthorizerName", + "Name": { + "markdownDescription": "A name for the custom pattern that allows it to be retrieved or deleted later. This name must be unique per AWS account.", + "title": "Name", "type": "string" }, - "EnableCachingForHttp": { - "markdownDescription": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections.", - "title": "EnableCachingForHttp", - "type": "boolean" - }, - "SigningDisabled": { - "markdownDescription": "Specifies whether AWS IoT validates the token signature in an authorization request.", - "title": "SigningDisabled", - "type": "boolean" - }, - "Status": { - "markdownDescription": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`", - "title": "Status", + "RegexString": { + "markdownDescription": "A regular expression string that is used for detecting sensitive data in a custom pattern.", + "title": "RegexString", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the custom authorizer.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", - "type": "array" - }, - "TokenKeyName": { - "markdownDescription": "The key used to extract the token from the HTTP headers.", - "title": "TokenKeyName", - "type": "string" - }, - "TokenSigningPublicKeys": { - "additionalProperties": true, - "markdownDescription": "The public keys used to validate the token signature returned by your custom authentication service.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TokenSigningPublicKeys", "type": "object" } }, - "required": [ - "AuthorizerFunctionArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Authorizer" + "AWS::Glue::CustomEntityType" ], "type": "string" }, @@ -120456,12 +129788,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoT::BillingGroup": { + "AWS::Glue::DataCatalogEncryptionSettings": { "additionalProperties": false, "properties": { "Condition": { @@ -120496,30 +129827,26 @@ "Properties": { "additionalProperties": false, "properties": { - "BillingGroupName": { - "markdownDescription": "The name of the billing group.", - "title": "BillingGroupName", + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the settings are created.", + "title": "CatalogId", "type": "string" }, - "BillingGroupProperties": { - "$ref": "#/definitions/AWS::IoT::BillingGroup.BillingGroupProperties", - "markdownDescription": "The properties of the billing group.", - "title": "BillingGroupProperties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the billing group.", - "title": "Tags", - "type": "array" + "DataCatalogEncryptionSettings": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings", + "markdownDescription": "Contains configuration information for maintaining Data Catalog security.", + "title": "DataCatalogEncryptionSettings" } }, + "required": [ + "CatalogId", + "DataCatalogEncryptionSettings" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::BillingGroup" + "AWS::Glue::DataCatalogEncryptionSettings" ], "type": "string" }, @@ -120533,22 +129860,65 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::BillingGroup.BillingGroupProperties": { + "AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption": { "additionalProperties": false, "properties": { - "BillingGroupDescription": { - "markdownDescription": "The description of the billing group.", - "title": "BillingGroupDescription", + "KmsKeyId": { + "markdownDescription": "An AWS KMS key that is used to encrypt the connection password.\n\nIf connection password protection is enabled, the caller of `CreateConnection` and `UpdateConnection` needs at least `kms:Encrypt` permission on the specified AWS KMS key, to encrypt passwords before storing them in the Data Catalog. You can set the decrypt permission to enable or restrict access on the password key according to your security requirements.", + "title": "KmsKeyId", "type": "string" + }, + "ReturnConnectionPasswordEncrypted": { + "markdownDescription": "When the `ReturnConnectionPasswordEncrypted` flag is set to \"true\", passwords remain encrypted in the responses of `GetConnection` and `GetConnections` . This encryption takes effect independently from catalog encryption.", + "title": "ReturnConnectionPasswordEncrypted", + "type": "boolean" } }, "type": "object" }, - "AWS::IoT::CACertificate": { + "AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings": { + "additionalProperties": false, + "properties": { + "ConnectionPasswordEncryption": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption", + "markdownDescription": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of `CreateConnection` or `UpdateConnection` and store it in the `ENCRYPTED_PASSWORD` field in the connection properties. You can enable catalog encryption or only password encryption.", + "title": "ConnectionPasswordEncryption" + }, + "EncryptionAtRest": { + "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest", + "markdownDescription": "Specifies the encryption-at-rest configuration for the Data Catalog.", + "title": "EncryptionAtRest" + } + }, + "type": "object" + }, + "AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest": { + "additionalProperties": false, + "properties": { + "CatalogEncryptionMode": { + "markdownDescription": "The encryption-at-rest mode for encrypting Data Catalog data.", + "title": "CatalogEncryptionMode", + "type": "string" + }, + "CatalogEncryptionServiceRole": { + "markdownDescription": "The role that AWS Glue assumes to encrypt and decrypt the Data Catalog objects on the caller's behalf.", + "title": "CatalogEncryptionServiceRole", + "type": "string" + }, + "SseAwsKmsKeyId": { + "markdownDescription": "The ID of the AWS KMS key to use for encryption at rest.", + "title": "SseAwsKmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::DataQualityRuleset": { "additionalProperties": false, "properties": { "Condition": { @@ -120583,59 +129953,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoRegistrationStatus": { - "markdownDescription": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\".", - "title": "AutoRegistrationStatus", + "ClientToken": { + "markdownDescription": "Used for idempotency and is recommended to be set to a random ID (such as a UUID) to avoid creating or starting multiple instances of the same resource.", + "title": "ClientToken", "type": "string" }, - "CACertificatePem": { - "markdownDescription": "The certificate data in PEM format.", - "title": "CACertificatePem", + "Description": { + "markdownDescription": "A description of the data quality ruleset.", + "title": "Description", "type": "string" }, - "CertificateMode": { - "markdownDescription": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\".", - "title": "CertificateMode", + "Name": { + "markdownDescription": "The name of the data quality ruleset.", + "title": "Name", "type": "string" }, - "RegistrationConfig": { - "$ref": "#/definitions/AWS::IoT::CACertificate.RegistrationConfig", - "markdownDescription": "Information about the registration configuration.", - "title": "RegistrationConfig" - }, - "RemoveAutoRegistration": { - "markdownDescription": "If true, removes auto registration.", - "title": "RemoveAutoRegistration", - "type": "boolean" - }, - "Status": { - "markdownDescription": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\".", - "title": "Status", + "Ruleset": { + "markdownDescription": "A Data Quality Definition Language (DQDL) ruleset. For more information see the AWS Glue Developer Guide.", + "title": "Ruleset", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of tags applied to the data quality ruleset.", "title": "Tags", - "type": "array" + "type": "object" }, - "VerificationCertificatePem": { - "markdownDescription": "The private key verification certificate.", - "title": "VerificationCertificatePem", - "type": "string" + "TargetTable": { + "$ref": "#/definitions/AWS::Glue::DataQualityRuleset.DataQualityTargetTable", + "markdownDescription": "An object representing an AWS Glue table.", + "title": "TargetTable" } }, - "required": [ - "CACertificatePem", - "Status" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::CACertificate" + "AWS::Glue::DataQualityRuleset" ], "type": "string" }, @@ -120649,33 +130002,27 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoT::CACertificate.RegistrationConfig": { + "AWS::Glue::DataQualityRuleset.DataQualityTargetTable": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the role.", - "title": "RoleArn", - "type": "string" - }, - "TemplateBody": { - "markdownDescription": "The template body.", - "title": "TemplateBody", + "DatabaseName": { + "markdownDescription": "The name of the database where the AWS Glue table exists.", + "title": "DatabaseName", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the provisioning template.", - "title": "TemplateName", + "TableName": { + "markdownDescription": "The name of the AWS Glue table.", + "title": "TableName", "type": "string" } }, "type": "object" }, - "AWS::IoT::Certificate": { + "AWS::Glue::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -120710,40 +130057,31 @@ "Properties": { "additionalProperties": false, "properties": { - "CACertificatePem": { - "markdownDescription": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.", - "title": "CACertificatePem", - "type": "string" - }, - "CertificateMode": { - "markdownDescription": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .", - "title": "CertificateMode", - "type": "string" - }, - "CertificatePem": { - "markdownDescription": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.", - "title": "CertificatePem", + "CatalogId": { + "markdownDescription": "The AWS account ID for the account in which to create the catalog object.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", + "title": "CatalogId", "type": "string" }, - "CertificateSigningRequest": { - "markdownDescription": "The certificate signing request (CSR).", - "title": "CertificateSigningRequest", - "type": "string" + "DatabaseInput": { + "$ref": "#/definitions/AWS::Glue::Database.DatabaseInput", + "markdownDescription": "The metadata for the database.", + "title": "DatabaseInput" }, - "Status": { - "markdownDescription": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used.", - "title": "Status", + "DatabaseName": { + "markdownDescription": "The name of the catalog database.", + "title": "DatabaseName", "type": "string" } }, "required": [ - "Status" + "CatalogId", + "DatabaseInput" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Certificate" + "AWS::Glue::Database" ], "type": "string" }, @@ -120762,7 +130100,118 @@ ], "type": "object" }, - "AWS::IoT::CertificateProvider": { + "AWS::Glue::Database.DataLakePrincipal": { + "additionalProperties": false, + "properties": { + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the AWS Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Database.DatabaseIdentifier": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the database resides.", + "title": "CatalogId", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the catalog database.", + "title": "DatabaseName", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region of the database.", + "title": "Region", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Database.DatabaseInput": { + "additionalProperties": false, + "properties": { + "CreateTableDefaultPermissions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Database.PrincipalPrivileges" + }, + "markdownDescription": "Creates a set of default permissions on the table for principals. Used by AWS Lake Formation . Not used in the normal course of AWS Glue operations.", + "title": "CreateTableDefaultPermissions", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the database.", + "title": "Description", + "type": "string" + }, + "FederatedDatabase": { + "$ref": "#/definitions/AWS::Glue::Database.FederatedDatabase", + "markdownDescription": "A `FederatedDatabase` structure that references an entity outside the AWS Glue Data Catalog .", + "title": "FederatedDatabase" + }, + "LocationUri": { + "markdownDescription": "The location of the database (for example, an HDFS path).", + "title": "LocationUri", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "markdownDescription": "These key-value pairs define parameters and properties of the database.", + "title": "Parameters", + "type": "object" + }, + "TargetDatabase": { + "$ref": "#/definitions/AWS::Glue::Database.DatabaseIdentifier", + "markdownDescription": "A `DatabaseIdentifier` structure that describes a target database for resource linking.", + "title": "TargetDatabase" + } + }, + "type": "object" + }, + "AWS::Glue::Database.FederatedDatabase": { + "additionalProperties": false, + "properties": { + "ConnectionName": { + "markdownDescription": "The name of the connection to the external metastore.", + "title": "ConnectionName", + "type": "string" + }, + "Identifier": { + "markdownDescription": "A unique identifier for the federated database.", + "title": "Identifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Database.PrincipalPrivileges": { + "additionalProperties": false, + "properties": { + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions that are granted to the principal.", + "title": "Permissions", + "type": "array" + }, + "Principal": { + "$ref": "#/definitions/AWS::Glue::Database.DataLakePrincipal", + "markdownDescription": "The principal who is granted permissions.", + "title": "Principal" + } + }, + "type": "object" + }, + "AWS::Glue::DevEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -120797,42 +130246,96 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountDefaultForOperations": { + "Arguments": { + "markdownDescription": "A map of arguments used to configure the `DevEndpoint` .\n\nValid arguments are:\n\n- `\"--enable-glue-datacatalog\": \"\"`\n- `\"GLUE_PYTHON_VERSION\": \"3\"`\n- `\"GLUE_PYTHON_VERSION\": \"2\"`\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", + "title": "Arguments", + "type": "object" + }, + "EndpointName": { + "markdownDescription": "The name of the `DevEndpoint` .", + "title": "EndpointName", + "type": "string" + }, + "ExtraJarsS3Path": { + "markdownDescription": "The path to one or more Java `.jar` files in an S3 bucket that should be loaded in your `DevEndpoint` .\n\n> You can only use pure Java/Scala libraries with a `DevEndpoint` .", + "title": "ExtraJarsS3Path", + "type": "string" + }, + "ExtraPythonLibsS3Path": { + "markdownDescription": "The paths to one or more Python libraries in an Amazon S3 bucket that should be loaded in your `DevEndpoint` . Multiple values must be complete paths separated by a comma.\n\n> You can only use pure Python libraries with a `DevEndpoint` . Libraries that rely on C extensions, such as the [pandas](https://docs.aws.amazon.com/http://pandas.pydata.org/) Python data analysis library, are not currently supported.", + "title": "ExtraPythonLibsS3Path", + "type": "string" + }, + "GlueVersion": { + "markdownDescription": "The AWS Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for running your ETL scripts on development endpoints.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nDevelopment endpoints that are created without specifying a Glue version default to Glue 0.9.\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", + "title": "GlueVersion", + "type": "string" + }, + "NumberOfNodes": { + "markdownDescription": "The number of AWS Glue Data Processing Units (DPUs) allocated to this `DevEndpoint` .", + "title": "NumberOfNodes", + "type": "number" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated to the development endpoint.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", + "title": "NumberOfWorkers", + "type": "number" + }, + "PublicKey": { + "markdownDescription": "The public key to be used by this `DevEndpoint` for authentication. This attribute is provided for backward compatibility because the recommended attribute to use is public keys.", + "title": "PublicKey", + "type": "string" + }, + "PublicKeys": { "items": { "type": "string" }, - "markdownDescription": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` .", - "title": "AccountDefaultForOperations", + "markdownDescription": "A list of public keys to be used by the `DevEndpoints` for authentication. Using this attribute is preferred over a single public key because the public keys allow you to have a different private key per client.\n\n> If you previously created an endpoint with a public key, you must remove that key to be able to set a list of public keys. Call the `UpdateDevEndpoint` API operation with the public key content in the `deletePublicKeys` attribute, and the list of new keys in the `addPublicKeys` attribute.", + "title": "PublicKeys", "type": "array" }, - "CertificateProviderName": { - "markdownDescription": "The name of the certificate provider.", - "title": "CertificateProviderName", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used in this `DevEndpoint` .", + "title": "RoleArn", "type": "string" }, - "LambdaFunctionArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "LambdaFunctionArn", + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this `DevEndpoint` .", + "title": "SecurityConfiguration", "type": "string" }, - "Tags": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Metadata that can be used to manage the certificate provider.", - "title": "Tags", + "markdownDescription": "A list of security group identifiers used in this `DevEndpoint` .", + "title": "SecurityGroupIds", "type": "array" + }, + "SubnetId": { + "markdownDescription": "The subnet ID for this `DevEndpoint` .", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this DevEndpoint.", + "title": "Tags", + "type": "object" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated to the development endpoint. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n\nKnown issue: when a development endpoint is created with the `G.2X` `WorkerType` configuration, the Spark drivers for the development endpoint will run on 4 vCPU, 16 GB of memory, and a 64 GB disk.", + "title": "WorkerType", + "type": "string" } }, "required": [ - "AccountDefaultForOperations", - "LambdaFunctionArn" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::CertificateProvider" + "AWS::Glue::DevEndpoint" ], "type": "string" }, @@ -120851,7 +130354,7 @@ ], "type": "object" }, - "AWS::IoT::CustomMetric": { + "AWS::Glue::Job": { "additionalProperties": false, "properties": { "Condition": { @@ -120886,38 +130389,131 @@ "Properties": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The friendly name in the console for the custom metric. This name doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. You can update the friendly name after you define it.", - "title": "DisplayName", + "AllocatedCapacity": { + "markdownDescription": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job.", + "title": "AllocatedCapacity", + "type": "number" + }, + "Command": { + "$ref": "#/definitions/AWS::Glue::Job.JobCommand", + "markdownDescription": "The code that executes a job.", + "title": "Command" + }, + "Connections": { + "$ref": "#/definitions/AWS::Glue::Job.ConnectionsList", + "markdownDescription": "The connections used for this job.", + "title": "Connections" + }, + "DefaultArguments": { + "markdownDescription": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .", + "title": "DefaultArguments", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the job.", + "title": "Description", "type": "string" }, - "MetricName": { - "markdownDescription": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. The name can't begin with `aws:` . You can\u2019t change the name after you define it.", - "title": "MetricName", + "ExecutionClass": { + "markdownDescription": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs.", + "title": "ExecutionClass", "type": "string" }, - "MetricType": { - "markdownDescription": "The type of the custom metric. Types include `string-list` , `ip-address-list` , `number-list` , and `number` .\n\n> The type `number` only takes a single metric value as an input, but when you submit the metrics value in the DeviceMetrics report, you must pass it as an array with a single value.", - "title": "MetricType", + "ExecutionProperty": { + "$ref": "#/definitions/AWS::Glue::Job.ExecutionProperty", + "markdownDescription": "The maximum number of concurrent runs that are allowed for this job.", + "title": "ExecutionProperty" + }, + "GlueVersion": { + "markdownDescription": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available.", + "title": "GlueVersion", + "type": "string" + }, + "JobMode": { + "markdownDescription": "A mode that describes how a job was created. Valid values are:\n\n- `SCRIPT` - The job was created using the AWS Glue Studio script editor.\n- `VISUAL` - The job was created using the AWS Glue Studio visual editor.\n- `NOTEBOOK` - The job was created using an interactive sessions notebook.\n\nWhen the `JobMode` field is missing or null, `SCRIPT` is assigned as the default value.", + "title": "JobMode", + "type": "string" + }, + "JobRunQueuingEnabled": { + "markdownDescription": "Specifies whether job run queuing is enabled for the job runs for this job.\n\nA value of true means job run queuing is enabled for the job runs. If false or not populated, the job runs will not be considered for queueing.\n\nIf this field does not match the value set in the job run, then the value from the job run field will be used.", + "title": "JobRunQueuingEnabled", + "type": "boolean" + }, + "LogUri": { + "markdownDescription": "This field is reserved for future use.", + "title": "LogUri", + "type": "string" + }, + "MaintenanceWindow": { + "markdownDescription": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. AWS Glue periodically performs maintenance activities. During these maintenance windows, AWS Glue will need to restart your streaming jobs.\n\nAWS Glue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT.", + "title": "MaintenanceWindow", + "type": "string" + }, + "MaxCapacity": { + "markdownDescription": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry this job after a JobRun fails.", + "title": "MaxRetries", + "type": "number" + }, + "Name": { + "markdownDescription": "The name you assign to this job definition.", + "title": "Name", + "type": "string" + }, + "NonOverridableArguments": { + "markdownDescription": "Non-overridable arguments for this job, specified as name-value pairs.", + "title": "NonOverridableArguments", + "type": "object" + }, + "NotificationProperty": { + "$ref": "#/definitions/AWS::Glue::Job.NotificationProperty", + "markdownDescription": "Specifies configuration properties of a notification.", + "title": "NotificationProperty" + }, + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", + "title": "NumberOfWorkers", + "type": "number" + }, + "Role": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job.", + "title": "Role", + "type": "string" + }, + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this job.", + "title": "SecurityConfiguration", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the custom metric.", + "markdownDescription": "The tags to use with this job.", "title": "Tags", - "type": "array" + "type": "object" + }, + "Timeout": { + "markdownDescription": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours).", + "title": "Timeout", + "type": "number" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 94GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 138GB disk, and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Spain), Europe (Stockholm), and South America (S\u00e3o Paulo).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk, and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk, and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 or later streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk, and provides up to 8 Ray workers based on the autoscaler.", + "title": "WorkerType", + "type": "string" } }, "required": [ - "MetricType" + "Command", + "Role" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::CustomMetric" + "AWS::Glue::Job" ], "type": "string" }, @@ -120936,7 +130532,69 @@ ], "type": "object" }, - "AWS::IoT::Dimension": { + "AWS::Glue::Job.ConnectionsList": { + "additionalProperties": false, + "properties": { + "Connections": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of connections used by the job.", + "title": "Connections", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Glue::Job.ExecutionProperty": { + "additionalProperties": false, + "properties": { + "MaxConcurrentRuns": { + "markdownDescription": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.", + "title": "MaxConcurrentRuns", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Glue::Job.JobCommand": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` .", + "title": "Name", + "type": "string" + }, + "PythonVersion": { + "markdownDescription": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated.", + "title": "PythonVersion", + "type": "string" + }, + "Runtime": { + "markdownDescription": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide.", + "title": "Runtime", + "type": "string" + }, + "ScriptLocation": { + "markdownDescription": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required).", + "title": "ScriptLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Job.NotificationProperty": { + "additionalProperties": false, + "properties": { + "NotifyDelayAfter": { + "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification.", + "title": "NotifyDelayAfter", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Glue::MLTransform": { "additionalProperties": false, "properties": { "Condition": { @@ -120971,42 +130629,82 @@ "Properties": { "additionalProperties": false, "properties": { + "Description": { + "markdownDescription": "A user-defined, long-form description text for the machine learning transform.", + "title": "Description", + "type": "string" + }, + "GlueVersion": { + "markdownDescription": "This value determines which version of AWS Glue this machine learning transform is compatible with. Glue 1.0 is recommended for most customers. If the value is not set, the Glue compatibility defaults to Glue 0.9. For more information, see [AWS Glue Versions](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html#release-notes-versions) in the developer guide.", + "title": "GlueVersion", + "type": "string" + }, + "InputRecordTables": { + "$ref": "#/definitions/AWS::Glue::MLTransform.InputRecordTables", + "markdownDescription": "A list of AWS Glue table definitions used by the transform.", + "title": "InputRecordTables" + }, + "MaxCapacity": { + "markdownDescription": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from 2 to 100 DPUs; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory. For more information, see the [AWS Glue pricing page](https://docs.aws.amazon.com/glue/pricing/) .\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.\n\nWhen the `WorkerType` field is set to a value other than `Standard` , the `MaxCapacity` field is set automatically and becomes read-only.", + "title": "MaxCapacity", + "type": "number" + }, + "MaxRetries": { + "markdownDescription": "The maximum number of times to retry after an `MLTaskRun` of the machine learning transform fails.", + "title": "MaxRetries", + "type": "number" + }, "Name": { - "markdownDescription": "A unique identifier for the dimension.", + "markdownDescription": "A user-defined name for the machine learning transform. Names are required to be unique. `Name` is optional:\n\n- If you supply `Name` , the stack cannot be repeatedly created.\n- If `Name` is not provided, a randomly generated name will be used instead.", "title": "Name", "type": "string" }, - "StringValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the value or list of values for the dimension. For `TOPIC_FILTER` dimensions, this is a pattern used to match the MQTT topic (for example, \"admin/#\").", - "title": "StringValues", - "type": "array" + "NumberOfWorkers": { + "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a task of the transform runs.\n\nIf `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).", + "title": "NumberOfWorkers", + "type": "number" + }, + "Role": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role with the required permissions. The required permissions include both AWS Glue service role permissions to AWS Glue resources, and Amazon S3 permissions required by the transform.\n\n- This role needs AWS Glue service role permissions to allow access to resources in AWS Glue . See [Attach a Policy to IAM Users That Access AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/attach-policy-iam-user.html) .\n- This role needs permission to your Amazon Simple Storage Service (Amazon S3) sources, targets, temporary directory, scripts, and any libraries used by the task run for this transform.", + "title": "Role", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the dimension.", + "markdownDescription": "The tags to use with this machine learning transform. You may use tags to limit access to the machine learning transform. For more information about tags in AWS Glue , see [AWS Tags in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html) in the developer guide.", "title": "Tags", - "type": "array" + "type": "object" }, - "Type": { - "markdownDescription": "Specifies the type of dimension. Supported types: `TOPIC_FILTER.`", - "title": "Type", + "Timeout": { + "markdownDescription": "The timeout in minutes of the machine learning transform.", + "title": "Timeout", + "type": "number" + }, + "TransformEncryption": { + "$ref": "#/definitions/AWS::Glue::MLTransform.TransformEncryption", + "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data. Machine learning\ntransforms can access user data encrypted in Amazon S3 using KMS.\n\nAdditionally, imported labels and trained transforms can now be encrypted using a customer provided\nKMS key.", + "title": "TransformEncryption" + }, + "TransformParameters": { + "$ref": "#/definitions/AWS::Glue::MLTransform.TransformParameters", + "markdownDescription": "The algorithm-specific parameters that are associated with the machine learning transform.", + "title": "TransformParameters" + }, + "WorkerType": { + "markdownDescription": "The type of predefined worker that is allocated when a task of this transform runs. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker provides 4 vCPU, 16 GB of memory and a 64GB disk, and 1 executor per worker.\n- For the `G.2X` worker type, each worker provides 8 vCPU, 32 GB of memory and a 128GB disk, and 1 executor per worker.\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.", + "title": "WorkerType", "type": "string" } }, "required": [ - "StringValues", - "Type" + "InputRecordTables", + "Role", + "TransformParameters" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Dimension" + "AWS::Glue::MLTransform" ], "type": "string" }, @@ -121025,318 +130723,134 @@ ], "type": "object" }, - "AWS::IoT::DomainConfiguration": { + "AWS::Glue::MLTransform.FindMatchesParameters": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AccuracyCostTradeoff": { + "markdownDescription": "The value that is selected when tuning your transform for a balance between accuracy and cost. A value of 0.5 means that the system balances accuracy and cost concerns. A value of 1.0 means a bias purely for accuracy, which typically results in a higher cost, sometimes substantially higher. A value of 0.0 means a bias purely for cost, which results in a less accurate `FindMatches` transform, sometimes with unacceptable accuracy.\n\nAccuracy measures how well the transform finds true positives and true negatives. Increasing accuracy requires more machine resources and cost. But it also results in increased recall.\n\nCost measures how many compute resources, and thus money, are consumed to run the transform.", + "title": "AccuracyCostTradeoff", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "EnforceProvidedLabels": { + "markdownDescription": "The value to switch on or off to force the output to match the provided labels from users. If the value is `True` , the `find matches` transform forces the output to match the provided labels. The results override the normal conflation results. If the value is `False` , the `find matches` transform does not ensure all the labels provided are respected, and the results rely on the trained model.\n\nNote that setting this value to true may increase the conflation execution time.", + "title": "EnforceProvidedLabels", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PrecisionRecallTradeoff": { + "markdownDescription": "The value selected when tuning your transform for a balance between precision and recall. A value of 0.5 means no preference; a value of 1.0 means a bias purely for precision, and a value of 0.0 means a bias for recall. Because this is a tradeoff, choosing values close to 1.0 means very low recall, and choosing values close to 0.0 results in very low precision.\n\nThe precision metric indicates how often your model is correct when it predicts a match.\n\nThe recall metric indicates that for an actual match, how often your model predicts the match.", + "title": "PrecisionRecallTradeoff", + "type": "number" }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AuthorizerConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.AuthorizerConfig", - "markdownDescription": "An object that specifies the authorization service for a domain.", - "title": "AuthorizerConfig" - }, - "DomainConfigurationName": { - "markdownDescription": "The name of the domain configuration. This value must be unique to a region.", - "title": "DomainConfigurationName", - "type": "string" - }, - "DomainConfigurationStatus": { - "markdownDescription": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`", - "title": "DomainConfigurationStatus", - "type": "string" - }, - "DomainName": { - "markdownDescription": "The name of the domain.", - "title": "DomainName", - "type": "string" - }, - "ServerCertificateArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.", - "title": "ServerCertificateArns", - "type": "array" - }, - "ServerCertificateConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ServerCertificateConfig", - "markdownDescription": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", - "title": "ServerCertificateConfig" - }, - "ServiceType": { - "markdownDescription": "The type of service delivered by the endpoint.\n\n> AWS IoT Core currently supports only the `DATA` service type.", - "title": "ServiceType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the domain configuration.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", - "title": "Tags", - "type": "array" - }, - "TlsConfig": { - "$ref": "#/definitions/AWS::IoT::DomainConfiguration.TlsConfig", - "markdownDescription": "An object that specifies the TLS configuration for a domain.", - "title": "TlsConfig" - }, - "ValidationCertificateArn": { - "markdownDescription": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.", - "title": "ValidationCertificateArn", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT::DomainConfiguration" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PrimaryKeyColumnName": { + "markdownDescription": "The name of a column that uniquely identifies rows in the source table. Used to help identify matching records.", + "title": "PrimaryKeyColumnName", "type": "string" } }, "required": [ - "Type" + "PrimaryKeyColumnName" ], "type": "object" }, - "AWS::IoT::DomainConfiguration.AuthorizerConfig": { + "AWS::Glue::MLTransform.GlueTables": { "additionalProperties": false, "properties": { - "AllowAuthorizerOverride": { - "markdownDescription": "A Boolean that specifies whether the domain configuration's authorization service can be overridden.", - "title": "AllowAuthorizerOverride", - "type": "boolean" + "CatalogId": { + "markdownDescription": "A unique identifier for the AWS Glue Data Catalog .", + "title": "CatalogId", + "type": "string" }, - "DefaultAuthorizerName": { - "markdownDescription": "The name of the authorization service for a domain configuration.", - "title": "DefaultAuthorizerName", + "ConnectionName": { + "markdownDescription": "The name of the connection to the AWS Glue Data Catalog .", + "title": "ConnectionName", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "A database name in the AWS Glue Data Catalog .", + "title": "DatabaseName", + "type": "string" + }, + "TableName": { + "markdownDescription": "A table name in the AWS Glue Data Catalog .", + "title": "TableName", "type": "string" } }, + "required": [ + "DatabaseName", + "TableName" + ], "type": "object" }, - "AWS::IoT::DomainConfiguration.ServerCertificateConfig": { + "AWS::Glue::MLTransform.InputRecordTables": { "additionalProperties": false, "properties": { - "EnableOCSPCheck": { - "markdownDescription": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", - "title": "EnableOCSPCheck", - "type": "boolean" + "GlueTables": { + "items": { + "$ref": "#/definitions/AWS::Glue::MLTransform.GlueTables" + }, + "markdownDescription": "The database and table in the AWS Glue Data Catalog that is used for input or output data.", + "title": "GlueTables", + "type": "array" } }, "type": "object" }, - "AWS::IoT::DomainConfiguration.ServerCertificateSummary": { + "AWS::Glue::MLTransform.MLUserDataEncryption": { "additionalProperties": false, "properties": { - "ServerCertificateArn": { - "markdownDescription": "The ARN of the server certificate.", - "title": "ServerCertificateArn", - "type": "string" - }, - "ServerCertificateStatus": { - "markdownDescription": "The status of the server certificate.", - "title": "ServerCertificateStatus", + "KmsKeyId": { + "markdownDescription": "The ID for the customer-provided KMS key.", + "title": "KmsKeyId", "type": "string" }, - "ServerCertificateStatusDetail": { - "markdownDescription": "Details that explain the status of the server certificate.", - "title": "ServerCertificateStatusDetail", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::DomainConfiguration.TlsConfig": { - "additionalProperties": false, - "properties": { - "SecurityPolicy": { - "markdownDescription": "The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* .", - "title": "SecurityPolicy", + "MLUserDataEncryptionMode": { + "markdownDescription": "The encryption mode applied to user data. Valid values are:\n\n- DISABLED: encryption is disabled.\n- SSEKMS: use of server-side encryption with AWS Key Management Service (SSE-KMS) for user data\nstored in Amazon S3.", + "title": "MLUserDataEncryptionMode", "type": "string" } }, + "required": [ + "MLUserDataEncryptionMode" + ], "type": "object" }, - "AWS::IoT::FleetMetric": { + "AWS::Glue::MLTransform.TransformEncryption": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AggregationField": { - "markdownDescription": "The field to aggregate.", - "title": "AggregationField", - "type": "string" - }, - "AggregationType": { - "$ref": "#/definitions/AWS::IoT::FleetMetric.AggregationType", - "markdownDescription": "The type of the aggregation query.", - "title": "AggregationType" - }, - "Description": { - "markdownDescription": "The fleet metric description.", - "title": "Description", - "type": "string" - }, - "IndexName": { - "markdownDescription": "The name of the index to search.", - "title": "IndexName", - "type": "string" - }, - "MetricName": { - "markdownDescription": "The name of the fleet metric to create.", - "title": "MetricName", - "type": "string" - }, - "Period": { - "markdownDescription": "The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60.", - "title": "Period", - "type": "number" - }, - "QueryString": { - "markdownDescription": "The search query string.", - "title": "QueryString", - "type": "string" - }, - "QueryVersion": { - "markdownDescription": "The query version.", - "title": "QueryVersion", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the fleet metric.", - "title": "Tags", - "type": "array" - }, - "Unit": { - "markdownDescription": "Used to support unit transformation such as milliseconds to seconds. Must be a unit supported by CW metric. Default to null.", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "MetricName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoT::FleetMetric" - ], - "type": "string" + "MLUserDataEncryption": { + "$ref": "#/definitions/AWS::Glue::MLTransform.MLUserDataEncryption", + "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data.", + "title": "MLUserDataEncryption" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TaskRunSecurityConfigurationName": { + "markdownDescription": "The name of the security configuration.", + "title": "TaskRunSecurityConfigurationName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoT::FleetMetric.AggregationType": { + "AWS::Glue::MLTransform.TransformParameters": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the aggregation type.", - "title": "Name", - "type": "string" + "FindMatchesParameters": { + "$ref": "#/definitions/AWS::Glue::MLTransform.FindMatchesParameters", + "markdownDescription": "The parameters for the find matches algorithm.", + "title": "FindMatchesParameters" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the values of aggregation types.", - "title": "Values", - "type": "array" + "TransformType": { + "markdownDescription": "The type of machine learning transform. `FIND_MATCHES` is the only option.\n\nFor information about the types of machine learning transforms, see [Working with machine learning transforms](https://docs.aws.amazon.com/glue/latest/dg/console-machine-learning-transforms.html) .", + "title": "TransformType", + "type": "string" } }, "required": [ - "Name", - "Values" + "TransformType" ], "type": "object" }, - "AWS::IoT::JobTemplate": { + "AWS::Glue::Partition": { "additionalProperties": false, "properties": { "Condition": { @@ -121371,90 +130885,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AbortConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortConfig", - "markdownDescription": "The criteria that determine when and how a job abort takes place.", - "title": "AbortConfig" - }, - "Description": { - "markdownDescription": "A description of the job template.", - "title": "Description", - "type": "string" - }, - "DestinationPackageVersions": { - "items": { - "type": "string" - }, - "markdownDescription": "The package version Amazon Resource Names (ARNs) that are installed on the device\u2019s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed.", - "title": "DestinationPackageVersions", - "type": "array" - }, - "Document": { - "markdownDescription": "The job document.\n\nRequired if you don't specify a value for `documentSource` .", - "title": "Document", - "type": "string" - }, - "DocumentSource": { - "markdownDescription": "An S3 link, or S3 object URL, to the job document. The link is an Amazon S3 object URL and is required if you don't specify a value for `document` .\n\nFor example, `--document-source https://s3. *region-code* .amazonaws.com/example-firmware/device-firmware.1.0`\n\nFor more information, see [Methods for accessing a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html) .", - "title": "DocumentSource", + "CatalogId": { + "markdownDescription": "The AWS account ID of the catalog in which the partion is to be created.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", + "title": "CatalogId", "type": "string" }, - "JobArn": { - "markdownDescription": "The ARN of the job to use as the basis for the job template.", - "title": "JobArn", + "DatabaseName": { + "markdownDescription": "The name of the catalog database in which to create the partition.", + "title": "DatabaseName", "type": "string" }, - "JobExecutionsRetryConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRetryConfig", - "markdownDescription": "Allows you to create the criteria to retry a job.", - "title": "JobExecutionsRetryConfig" - }, - "JobExecutionsRolloutConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRolloutConfig", - "markdownDescription": "Allows you to create a staged rollout of a job.", - "title": "JobExecutionsRolloutConfig" + "PartitionInput": { + "$ref": "#/definitions/AWS::Glue::Partition.PartitionInput", + "markdownDescription": "The structure used to create and update a partition.", + "title": "PartitionInput" }, - "JobTemplateId": { - "markdownDescription": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here.", - "title": "JobTemplateId", + "TableName": { + "markdownDescription": "The name of the metadata table in which the partition is to be created.", + "title": "TableName", "type": "string" - }, - "MaintenanceWindows": { - "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.MaintenanceWindow" - }, - "markdownDescription": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job.", - "title": "MaintenanceWindows", - "type": "array" - }, - "PresignedUrlConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.PresignedUrlConfig", - "markdownDescription": "Configuration for pre-signed S3 URLs.", - "title": "PresignedUrlConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the job template.", - "title": "Tags", - "type": "array" - }, - "TimeoutConfig": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.TimeoutConfig", - "markdownDescription": "Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to `IN_PROGRESS` . If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to `TIMED_OUT` .", - "title": "TimeoutConfig" } }, "required": [ - "Description", - "JobTemplateId" + "CatalogId", + "DatabaseName", + "PartitionInput", + "TableName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::JobTemplate" + "AWS::Glue::Partition" ], "type": "string" }, @@ -121473,193 +130935,247 @@ ], "type": "object" }, - "AWS::IoT::JobTemplate.AbortConfig": { - "additionalProperties": false, - "properties": { - "CriteriaList": { - "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortCriteria" - }, - "markdownDescription": "The list of criteria that determine when and how to abort the job.", - "title": "CriteriaList", - "type": "array" - } - }, - "required": [ - "CriteriaList" - ], - "type": "object" - }, - "AWS::IoT::JobTemplate.AbortCriteria": { + "AWS::Glue::Partition.Column": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The type of job action to take to initiate the job abort.", - "title": "Action", + "Comment": { + "markdownDescription": "A free-form text comment.", + "title": "Comment", "type": "string" }, - "FailureType": { - "markdownDescription": "The type of job execution failures that can initiate a job abort.", - "title": "FailureType", + "Name": { + "markdownDescription": "The name of the `Column` .", + "title": "Name", "type": "string" }, - "MinNumberOfExecutedThings": { - "markdownDescription": "The minimum number of things which must receive job execution notifications before the job can be aborted.", - "title": "MinNumberOfExecutedThings", - "type": "number" - }, - "ThresholdPercentage": { - "markdownDescription": "The minimum percentage of job execution failures that must occur to initiate the job abort.\n\nAWS IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999).", - "title": "ThresholdPercentage", - "type": "number" + "Type": { + "markdownDescription": "The data type of the `Column` .", + "title": "Type", + "type": "string" } }, "required": [ - "Action", - "FailureType", - "MinNumberOfExecutedThings", - "ThresholdPercentage" + "Name" ], "type": "object" }, - "AWS::IoT::JobTemplate.ExponentialRolloutRate": { + "AWS::Glue::Partition.Order": { "additionalProperties": false, "properties": { - "BaseRatePerMinute": { - "markdownDescription": "The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout.", - "title": "BaseRatePerMinute", - "type": "number" + "Column": { + "markdownDescription": "The name of the column.", + "title": "Column", + "type": "string" }, - "IncrementFactor": { - "markdownDescription": "The exponential factor to increase the rate of rollout for a job.\n\nAWS IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55).", - "title": "IncrementFactor", + "SortOrder": { + "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", + "title": "SortOrder", "type": "number" - }, - "RateIncreaseCriteria": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.RateIncreaseCriteria", - "markdownDescription": "The criteria to initiate the increase in rate of rollout for a job.", - "title": "RateIncreaseCriteria" } }, "required": [ - "BaseRatePerMinute", - "IncrementFactor", - "RateIncreaseCriteria" + "Column" ], "type": "object" }, - "AWS::IoT::JobTemplate.JobExecutionsRetryConfig": { + "AWS::Glue::Partition.PartitionInput": { "additionalProperties": false, "properties": { - "RetryCriteriaList": { + "Parameters": { + "markdownDescription": "These key-value pairs define partition parameters.", + "title": "Parameters", + "type": "object" + }, + "StorageDescriptor": { + "$ref": "#/definitions/AWS::Glue::Partition.StorageDescriptor", + "markdownDescription": "Provides information about the physical location where the partition is stored.", + "title": "StorageDescriptor" + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.RetryCriteria" + "type": "string" }, - "markdownDescription": "The list of criteria that determines how many retries are allowed for each failure type for a job.", - "title": "RetryCriteriaList", + "markdownDescription": "The values of the partition. Although this parameter is not required by the SDK, you must specify this parameter for a valid input.\n\nThe values for the keys for the new partition must be passed as an array of String objects that must be ordered in the same order as the partition keys appearing in the Amazon S3 prefix. Otherwise AWS Glue will add the values to the wrong keys.", + "title": "Values", "type": "array" } }, + "required": [ + "Values" + ], "type": "object" }, - "AWS::IoT::JobTemplate.JobExecutionsRolloutConfig": { + "AWS::Glue::Partition.SchemaId": { "additionalProperties": false, "properties": { - "ExponentialRolloutRate": { - "$ref": "#/definitions/AWS::IoT::JobTemplate.ExponentialRolloutRate", - "markdownDescription": "The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout.", - "title": "ExponentialRolloutRate" + "RegistryName": { + "markdownDescription": "The name of the schema registry that contains the schema.", + "title": "RegistryName", + "type": "string" }, - "MaximumPerMinute": { - "markdownDescription": "The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.", - "title": "MaximumPerMinute", - "type": "number" + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", + "title": "SchemaArn", + "type": "string" + }, + "SchemaName": { + "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", + "title": "SchemaName", + "type": "string" } }, "type": "object" }, - "AWS::IoT::JobTemplate.MaintenanceWindow": { + "AWS::Glue::Partition.SchemaReference": { "additionalProperties": false, "properties": { - "DurationInMinutes": { - "markdownDescription": "Displays the duration of the next maintenance window.", - "title": "DurationInMinutes", - "type": "number" + "SchemaId": { + "$ref": "#/definitions/AWS::Glue::Partition.SchemaId", + "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", + "title": "SchemaId" }, - "StartTime": { - "markdownDescription": "Displays the start time of the next maintenance window.", - "title": "StartTime", + "SchemaVersionId": { + "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", + "title": "SchemaVersionId", "type": "string" + }, + "SchemaVersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionNumber", + "type": "number" } }, "type": "object" }, - "AWS::IoT::JobTemplate.PresignedUrlConfig": { + "AWS::Glue::Partition.SerdeInfo": { "additionalProperties": false, "properties": { - "ExpiresInSec": { - "markdownDescription": "How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.", - "title": "ExpiresInSec", - "type": "number" + "Name": { + "markdownDescription": "Name of the SerDe.", + "title": "Name", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.\n\n> For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* .", - "title": "RoleArn", + "Parameters": { + "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", + "title": "Parameters", + "type": "object" + }, + "SerializationLibrary": { + "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", + "title": "SerializationLibrary", "type": "string" } }, - "required": [ - "RoleArn" - ], "type": "object" }, - "AWS::IoT::JobTemplate.RateIncreaseCriteria": { + "AWS::Glue::Partition.SkewedInfo": { "additionalProperties": false, "properties": { - "NumberOfNotifiedThings": { - "markdownDescription": "The threshold for number of notified things that will initiate the increase in rate of rollout.", - "title": "NumberOfNotifiedThings", - "type": "number" + "SkewedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of names of columns that contain skewed values.", + "title": "SkewedColumnNames", + "type": "array" }, - "NumberOfSucceededThings": { - "markdownDescription": "The threshold for number of succeeded things that will initiate the increase in rate of rollout.", - "title": "NumberOfSucceededThings", - "type": "number" + "SkewedColumnValueLocationMaps": { + "markdownDescription": "A mapping of skewed values to the columns that contain them.", + "title": "SkewedColumnValueLocationMaps", + "type": "object" + }, + "SkewedColumnValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", + "title": "SkewedColumnValues", + "type": "array" } }, "type": "object" }, - "AWS::IoT::JobTemplate.RetryCriteria": { + "AWS::Glue::Partition.StorageDescriptor": { "additionalProperties": false, "properties": { - "FailureType": { - "markdownDescription": "The type of job execution failures that can initiate a job retry.", - "title": "FailureType", + "BucketColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", + "title": "BucketColumns", + "type": "array" + }, + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Partition.Column" + }, + "markdownDescription": "A list of the `Columns` in the table.", + "title": "Columns", + "type": "array" + }, + "Compressed": { + "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", + "title": "Compressed", + "type": "boolean" + }, + "InputFormat": { + "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", + "title": "InputFormat", "type": "string" }, - "NumberOfRetries": { - "markdownDescription": "The number of retries allowed for a failure type for the job.", - "title": "NumberOfRetries", - "type": "number" - } - }, - "type": "object" - }, - "AWS::IoT::JobTemplate.TimeoutConfig": { - "additionalProperties": false, - "properties": { - "InProgressTimeoutInMinutes": { - "markdownDescription": "Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status.", - "title": "InProgressTimeoutInMinutes", + "Location": { + "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", + "title": "Location", + "type": "string" + }, + "NumberOfBuckets": { + "markdownDescription": "The number of buckets.\n\nYou must specify this property if the partition contains any dimension columns.", + "title": "NumberOfBuckets", "type": "number" + }, + "OutputFormat": { + "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", + "title": "OutputFormat", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The user-supplied properties in key-value form.", + "title": "Parameters", + "type": "object" + }, + "SchemaReference": { + "$ref": "#/definitions/AWS::Glue::Partition.SchemaReference", + "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", + "title": "SchemaReference" + }, + "SerdeInfo": { + "$ref": "#/definitions/AWS::Glue::Partition.SerdeInfo", + "markdownDescription": "The serialization/deserialization (SerDe) information.", + "title": "SerdeInfo" + }, + "SkewedInfo": { + "$ref": "#/definitions/AWS::Glue::Partition.SkewedInfo", + "markdownDescription": "The information about values that appear frequently in a column (skewed values).", + "title": "SkewedInfo" + }, + "SortColumns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Partition.Order" + }, + "markdownDescription": "A list specifying the sort order of each bucket in the table.", + "title": "SortColumns", + "type": "array" + }, + "StoredAsSubDirectories": { + "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", + "title": "StoredAsSubDirectories", + "type": "boolean" } }, - "required": [ - "InProgressTimeoutInMinutes" - ], "type": "object" }, - "AWS::IoT::Logging": { + "AWS::Glue::Registry": { "additionalProperties": false, "properties": { "Condition": { @@ -121694,32 +131210,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The account ID.", - "title": "AccountId", + "Description": { + "markdownDescription": "A description of the registry.", + "title": "Description", "type": "string" }, - "DefaultLogLevel": { - "markdownDescription": "The default log level. Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", - "title": "DefaultLogLevel", + "Name": { + "markdownDescription": "The name of the registry.", + "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The role ARN used for the log.", - "title": "RoleArn", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", + "title": "Tags", + "type": "array" } }, "required": [ - "AccountId", - "DefaultLogLevel", - "RoleArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Logging" + "AWS::Glue::Registry" ], "type": "string" }, @@ -121738,7 +131255,7 @@ ], "type": "object" }, - "AWS::IoT::MitigationAction": { + "AWS::Glue::Schema": { "additionalProperties": false, "properties": { "Condition": { @@ -121773,39 +131290,60 @@ "Properties": { "additionalProperties": false, "properties": { - "ActionName": { - "markdownDescription": "The friendly name of the mitigation action.", - "title": "ActionName", + "CheckpointVersion": { + "$ref": "#/definitions/AWS::Glue::Schema.SchemaVersion", + "markdownDescription": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint.", + "title": "CheckpointVersion" + }, + "Compatibility": { + "markdownDescription": "The compatibility mode of the schema.", + "title": "Compatibility", "type": "string" }, - "ActionParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.ActionParams", - "markdownDescription": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.", - "title": "ActionParams" + "DataFormat": { + "markdownDescription": "The data format of the schema definition. Currently only `AVRO` is supported.", + "title": "DataFormat", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role ARN used to apply this mitigation action.", - "title": "RoleArn", + "Description": { + "markdownDescription": "A description of the schema if specified when created.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the schema to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace.", + "title": "Name", + "type": "string" + }, + "Registry": { + "$ref": "#/definitions/AWS::Glue::Schema.Registry", + "markdownDescription": "The registry where a schema is stored.", + "title": "Registry" + }, + "SchemaDefinition": { + "markdownDescription": "The schema definition using the `DataFormat` setting for `SchemaName` .", + "title": "SchemaDefinition", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the mitigation action.", + "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", "type": "array" } }, "required": [ - "ActionParams", - "RoleArn" + "Compatibility", + "DataFormat", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::MitigationAction" + "AWS::Glue::Schema" ], "type": "string" }, @@ -121824,141 +131362,39 @@ ], "type": "object" }, - "AWS::IoT::MitigationAction.ActionParams": { - "additionalProperties": false, - "properties": { - "AddThingsToThingGroupParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.AddThingsToThingGroupParams", - "markdownDescription": "Specifies the group to which you want to add the devices.", - "title": "AddThingsToThingGroupParams" - }, - "EnableIoTLoggingParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.EnableIoTLoggingParams", - "markdownDescription": "Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` .", - "title": "EnableIoTLoggingParams" - }, - "PublishFindingToSnsParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.PublishFindingToSnsParams", - "markdownDescription": "Specifies the topic to which the finding should be published.", - "title": "PublishFindingToSnsParams" - }, - "ReplaceDefaultPolicyVersionParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams", - "markdownDescription": "Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported.", - "title": "ReplaceDefaultPolicyVersionParams" - }, - "UpdateCACertificateParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateCACertificateParams", - "markdownDescription": "Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported.", - "title": "UpdateCACertificateParams" - }, - "UpdateDeviceCertificateParams": { - "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateDeviceCertificateParams", - "markdownDescription": "Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported.", - "title": "UpdateDeviceCertificateParams" - } - }, - "type": "object" - }, - "AWS::IoT::MitigationAction.AddThingsToThingGroupParams": { - "additionalProperties": false, - "properties": { - "OverrideDynamicGroups": { - "markdownDescription": "Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.", - "title": "OverrideDynamicGroups", - "type": "boolean" - }, - "ThingGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.", - "title": "ThingGroupNames", - "type": "array" - } - }, - "required": [ - "ThingGroupNames" - ], - "type": "object" - }, - "AWS::IoT::MitigationAction.EnableIoTLoggingParams": { + "AWS::Glue::Schema.Registry": { "additionalProperties": false, "properties": { - "LogLevel": { - "markdownDescription": "Specifies the type of information to be logged.", - "title": "LogLevel", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the registry.", + "title": "Arn", "type": "string" }, - "RoleArnForLogging": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used for logging.", - "title": "RoleArnForLogging", - "type": "string" - } - }, - "required": [ - "LogLevel", - "RoleArnForLogging" - ], - "type": "object" - }, - "AWS::IoT::MitigationAction.PublishFindingToSnsParams": { - "additionalProperties": false, - "properties": { - "TopicArn": { - "markdownDescription": "The ARN of the topic to which you want to publish the findings.", - "title": "TopicArn", - "type": "string" - } - }, - "required": [ - "TopicArn" - ], - "type": "object" - }, - "AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams": { - "additionalProperties": false, - "properties": { - "TemplateName": { - "markdownDescription": "The name of the template to be applied. The only supported value is `BLANK_POLICY` .", - "title": "TemplateName", - "type": "string" - } - }, - "required": [ - "TemplateName" - ], - "type": "object" - }, - "AWS::IoT::MitigationAction.UpdateCACertificateParams": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` .", - "title": "Action", + "Name": { + "markdownDescription": "The name of the registry.", + "title": "Name", "type": "string" } }, - "required": [ - "Action" - ], "type": "object" }, - "AWS::IoT::MitigationAction.UpdateDeviceCertificateParams": { + "AWS::Glue::Schema.SchemaVersion": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` .", - "title": "Action", - "type": "string" + "IsLatest": { + "markdownDescription": "Indicates if this version is the latest version of the schema.", + "title": "IsLatest", + "type": "boolean" + }, + "VersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "VersionNumber", + "type": "number" } }, - "required": [ - "Action" - ], "type": "object" }, - "AWS::IoT::Policy": { + "AWS::Glue::SchemaVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -121993,33 +131429,26 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyDocument": { - "markdownDescription": "The JSON document that describes the policy.", - "title": "PolicyDocument", - "type": "object" + "Schema": { + "$ref": "#/definitions/AWS::Glue::SchemaVersion.Schema", + "markdownDescription": "The schema that includes the schema version.", + "title": "Schema" }, - "PolicyName": { - "markdownDescription": "The policy name.", - "title": "PolicyName", + "SchemaDefinition": { + "markdownDescription": "The schema definition for the schema version.", + "title": "SchemaDefinition", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" } }, "required": [ - "PolicyDocument" + "Schema", + "SchemaDefinition" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Policy" + "AWS::Glue::SchemaVersion" ], "type": "string" }, @@ -122038,7 +131467,28 @@ ], "type": "object" }, - "AWS::IoT::PolicyPrincipalAttachment": { + "AWS::Glue::SchemaVersion.Schema": { + "additionalProperties": false, + "properties": { + "RegistryName": { + "markdownDescription": "The name of the registry where the schema is stored. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "RegistryName", + "type": "string" + }, + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "SchemaArn", + "type": "string" + }, + "SchemaName": { + "markdownDescription": "The name of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", + "title": "SchemaName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::SchemaVersionMetadata": { "additionalProperties": false, "properties": { "Condition": { @@ -122073,26 +131523,32 @@ "Properties": { "additionalProperties": false, "properties": { - "PolicyName": { - "markdownDescription": "The name of the AWS IoT policy.", - "title": "PolicyName", + "Key": { + "markdownDescription": "A metadata key in a key-value pair for metadata.", + "title": "Key", "type": "string" }, - "Principal": { - "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", - "title": "Principal", + "SchemaVersionId": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionId", + "type": "string" + }, + "Value": { + "markdownDescription": "A metadata key's corresponding value.", + "title": "Value", "type": "string" } }, "required": [ - "PolicyName", - "Principal" + "Key", + "SchemaVersionId", + "Value" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::PolicyPrincipalAttachment" + "AWS::Glue::SchemaVersionMetadata" ], "type": "string" }, @@ -122111,7 +131567,7 @@ ], "type": "object" }, - "AWS::IoT::ProvisioningTemplate": { + "AWS::Glue::SecurityConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -122146,59 +131602,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the fleet provisioning template.", - "title": "Description", - "type": "string" - }, - "Enabled": { - "markdownDescription": "True to enable the fleet provisioning template, otherwise false.", - "title": "Enabled", - "type": "boolean" - }, - "PreProvisioningHook": { - "$ref": "#/definitions/AWS::IoT::ProvisioningTemplate.ProvisioningHook", - "markdownDescription": "Creates a pre-provisioning hook template.", - "title": "PreProvisioningHook" - }, - "ProvisioningRoleArn": { - "markdownDescription": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.", - "title": "ProvisioningRoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the fleet provisioning template.", - "title": "Tags", - "type": "array" - }, - "TemplateBody": { - "markdownDescription": "The JSON formatted contents of the fleet provisioning template version.", - "title": "TemplateBody", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the fleet provisioning template.", - "title": "TemplateName", - "type": "string" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.EncryptionConfiguration", + "markdownDescription": "The encryption configuration associated with this security configuration.", + "title": "EncryptionConfiguration" }, - "TemplateType": { - "markdownDescription": "The type of the provisioning template.", - "title": "TemplateType", + "Name": { + "markdownDescription": "The name of the security configuration.", + "title": "Name", "type": "string" } }, "required": [ - "ProvisioningRoleArn", - "TemplateBody" + "EncryptionConfiguration", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ProvisioningTemplate" + "AWS::Glue::SecurityConfiguration" ], "type": "string" }, @@ -122217,23 +131640,81 @@ ], "type": "object" }, - "AWS::IoT::ProvisioningTemplate.ProvisioningHook": { + "AWS::Glue::SecurityConfiguration.CloudWatchEncryption": { "additionalProperties": false, "properties": { - "PayloadVersion": { - "markdownDescription": "The payload that was sent to the target function. The valid payload is `\"2020-04-01\"` .", - "title": "PayloadVersion", + "CloudWatchEncryptionMode": { + "markdownDescription": "The encryption mode to use for CloudWatch data.", + "title": "CloudWatchEncryptionMode", "type": "string" }, - "TargetArn": { - "markdownDescription": "The ARN of the target function.", - "title": "TargetArn", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, - "AWS::IoT::ResourceSpecificLogging": { + "AWS::Glue::SecurityConfiguration.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchEncryption": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.CloudWatchEncryption", + "markdownDescription": "The encryption configuration for Amazon CloudWatch.", + "title": "CloudWatchEncryption" + }, + "JobBookmarksEncryption": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.JobBookmarksEncryption", + "markdownDescription": "The encryption configuration for job bookmarks.", + "title": "JobBookmarksEncryption" + }, + "S3Encryptions": { + "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.S3Encryptions", + "markdownDescription": "The encyption configuration for Amazon Simple Storage Service (Amazon S3) data.", + "title": "S3Encryptions" + } + }, + "type": "object" + }, + "AWS::Glue::SecurityConfiguration.JobBookmarksEncryption": { + "additionalProperties": false, + "properties": { + "JobBookmarksEncryptionMode": { + "markdownDescription": "The encryption mode to use for job bookmarks data.", + "title": "JobBookmarksEncryptionMode", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::SecurityConfiguration.S3Encryption": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", + "title": "KmsKeyArn", + "type": "string" + }, + "S3EncryptionMode": { + "markdownDescription": "The encryption mode to use for Amazon S3 data.", + "title": "S3EncryptionMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::SecurityConfiguration.S3Encryptions": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::Glue::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -122268,32 +131749,37 @@ "Properties": { "additionalProperties": false, "properties": { - "LogLevel": { - "markdownDescription": "The default log level.Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", - "title": "LogLevel", + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which to create the `Table` .", + "title": "CatalogId", "type": "string" }, - "TargetName": { - "markdownDescription": "The target name.", - "title": "TargetName", + "DatabaseName": { + "markdownDescription": "The name of the database where the table metadata resides. For Hive compatibility, this must be all lowercase.", + "title": "DatabaseName", "type": "string" }, - "TargetType": { - "markdownDescription": "The target type. Valid Values: `DEFAULT | THING_GROUP`", - "title": "TargetType", - "type": "string" + "OpenTableFormatInput": { + "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput", + "markdownDescription": "Specifies an `OpenTableFormatInput` structure when creating an open format table.", + "title": "OpenTableFormatInput" + }, + "TableInput": { + "$ref": "#/definitions/AWS::Glue::Table.TableInput", + "markdownDescription": "A structure used to define a table.", + "title": "TableInput" } }, "required": [ - "LogLevel", - "TargetName", - "TargetType" + "CatalogId", + "DatabaseName", + "TableInput" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ResourceSpecificLogging" + "AWS::Glue::Table" ], "type": "string" }, @@ -122312,92 +131798,343 @@ ], "type": "object" }, - "AWS::IoT::RoleAlias": { + "AWS::Glue::Table.Column": { "additionalProperties": false, "properties": { - "Condition": { + "Comment": { + "markdownDescription": "A free-form text comment.", + "title": "Comment", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the `Column` .", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Type": { + "markdownDescription": "The data type of the `Column` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::Glue::Table.IcebergInput": { + "additionalProperties": false, + "properties": { + "MetadataOperation": { + "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation", + "markdownDescription": "A required metadata operation. Can only be set to CREATE.", + "title": "MetadataOperation" }, - "Metadata": { + "Version": { + "markdownDescription": "The table version for the Iceberg table. Defaults to 2.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Table.MetadataOperation": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::Glue::Table.OpenTableFormatInput": { + "additionalProperties": false, + "properties": { + "IcebergInput": { + "$ref": "#/definitions/AWS::Glue::Table.IcebergInput", + "markdownDescription": "Specifies an `IcebergInput` structure that defines an Apache Iceberg metadata table.", + "title": "IcebergInput" + } + }, + "type": "object" + }, + "AWS::Glue::Table.Order": { + "additionalProperties": false, + "properties": { + "Column": { + "markdownDescription": "The name of the column.", + "title": "Column", + "type": "string" + }, + "SortOrder": { + "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", + "title": "SortOrder", + "type": "number" + } + }, + "required": [ + "Column", + "SortOrder" + ], + "type": "object" + }, + "AWS::Glue::Table.SchemaId": { + "additionalProperties": false, + "properties": { + "RegistryName": { + "markdownDescription": "The name of the schema registry that contains the schema.", + "title": "RegistryName", + "type": "string" + }, + "SchemaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", + "title": "SchemaArn", + "type": "string" + }, + "SchemaName": { + "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", + "title": "SchemaName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Table.SchemaReference": { + "additionalProperties": false, + "properties": { + "SchemaId": { + "$ref": "#/definitions/AWS::Glue::Table.SchemaId", + "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", + "title": "SchemaId" + }, + "SchemaVersionId": { + "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", + "title": "SchemaVersionId", + "type": "string" + }, + "SchemaVersionNumber": { + "markdownDescription": "The version number of the schema.", + "title": "SchemaVersionNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Glue::Table.SerdeInfo": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the SerDe.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", + "title": "Parameters", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CredentialDurationSeconds": { - "markdownDescription": "The number of seconds for which the credential is valid.", - "title": "CredentialDurationSeconds", - "type": "number" - }, - "RoleAlias": { - "markdownDescription": "The role alias.", - "title": "RoleAlias", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The role ARN.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "SerializationLibrary": { + "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", + "title": "SerializationLibrary", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Table.SkewedInfo": { + "additionalProperties": false, + "properties": { + "SkewedColumnNames": { + "items": { + "type": "string" }, - "required": [ - "RoleArn" - ], + "markdownDescription": "A list of names of columns that contain skewed values.", + "title": "SkewedColumnNames", + "type": "array" + }, + "SkewedColumnValueLocationMaps": { + "markdownDescription": "A mapping of skewed values to the columns that contain them.", + "title": "SkewedColumnValueLocationMaps", "type": "object" }, - "Type": { - "enum": [ - "AWS::IoT::RoleAlias" - ], + "SkewedColumnValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", + "title": "SkewedColumnValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Glue::Table.StorageDescriptor": { + "additionalProperties": false, + "properties": { + "BucketColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", + "title": "BucketColumns", + "type": "array" + }, + "Columns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Table.Column" + }, + "markdownDescription": "A list of the `Columns` in the table.", + "title": "Columns", + "type": "array" + }, + "Compressed": { + "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", + "title": "Compressed", + "type": "boolean" + }, + "InputFormat": { + "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", + "title": "InputFormat", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Location": { + "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", + "title": "Location", + "type": "string" + }, + "NumberOfBuckets": { + "markdownDescription": "Must be specified if the table contains any dimension columns.", + "title": "NumberOfBuckets", + "type": "number" + }, + "OutputFormat": { + "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", + "title": "OutputFormat", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The user-supplied properties in key-value form.", + "title": "Parameters", + "type": "object" + }, + "SchemaReference": { + "$ref": "#/definitions/AWS::Glue::Table.SchemaReference", + "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", + "title": "SchemaReference" + }, + "SerdeInfo": { + "$ref": "#/definitions/AWS::Glue::Table.SerdeInfo", + "markdownDescription": "The serialization/deserialization (SerDe) information.", + "title": "SerdeInfo" + }, + "SkewedInfo": { + "$ref": "#/definitions/AWS::Glue::Table.SkewedInfo", + "markdownDescription": "The information about values that appear frequently in a column (skewed values).", + "title": "SkewedInfo" + }, + "SortColumns": { + "items": { + "$ref": "#/definitions/AWS::Glue::Table.Order" + }, + "markdownDescription": "A list specifying the sort order of each bucket in the table.", + "title": "SortColumns", + "type": "array" + }, + "StoredAsSubDirectories": { + "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", + "title": "StoredAsSubDirectories", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Glue::Table.TableIdentifier": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The ID of the Data Catalog in which the table resides.", + "title": "CatalogId", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the catalog database that contains the target table.", + "title": "DatabaseName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the target table.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region of the table.", + "title": "Region", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::IoT::ScheduledAudit": { + "AWS::Glue::Table.TableInput": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the table.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The table name. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "Name", + "type": "string" + }, + "Owner": { + "markdownDescription": "The table owner. Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", + "title": "Owner", + "type": "string" + }, + "Parameters": { + "markdownDescription": "These key-value pairs define properties associated with the table.", + "title": "Parameters", + "type": "object" + }, + "PartitionKeys": { + "items": { + "$ref": "#/definitions/AWS::Glue::Table.Column" + }, + "markdownDescription": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n\nWhen you create a table used by Amazon Athena, and you do not specify any `partitionKeys` , you must at least set the value of `partitionKeys` to an empty list. For example:\n\n`\"PartitionKeys\": []`", + "title": "PartitionKeys", + "type": "array" + }, + "Retention": { + "markdownDescription": "The retention time for this table.", + "title": "Retention", + "type": "number" + }, + "StorageDescriptor": { + "$ref": "#/definitions/AWS::Glue::Table.StorageDescriptor", + "markdownDescription": "A storage descriptor containing information about the physical storage of this table.", + "title": "StorageDescriptor" + }, + "TableType": { + "markdownDescription": "The type of this table. AWS Glue will create tables with the `EXTERNAL_TABLE` type. Other services, such as Athena, may create tables with additional table types.\n\nAWS Glue related table types:\n\n- **EXTERNAL_TABLE** - Hive compatible attribute - indicates a non-Hive managed table.\n- **GOVERNED** - Used by AWS Lake Formation . The AWS Glue Data Catalog understands `GOVERNED` .", + "title": "TableType", + "type": "string" + }, + "TargetTable": { + "$ref": "#/definitions/AWS::Glue::Table.TableIdentifier", + "markdownDescription": "A `TableIdentifier` structure that describes a target table for resource linking.", + "title": "TargetTable" + }, + "ViewExpandedText": { + "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", + "title": "ViewExpandedText", + "type": "string" + }, + "ViewOriginalText": { + "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations. If the table is a `VIRTUAL_VIEW` , certain Athena configuration encoded in base64.", + "title": "ViewOriginalText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::TableOptimizer": { "additionalProperties": false, "properties": { "Condition": { @@ -122432,52 +132169,44 @@ "Properties": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month on which the scheduled audit is run (if the `frequency` is \"MONTHLY\"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the \"LAST\" day of the month.", - "title": "DayOfMonth", - "type": "string" - }, - "DayOfWeek": { - "markdownDescription": "The day of the week on which the scheduled audit is run (if the `frequency` is \"WEEKLY\" or \"BIWEEKLY\").", - "title": "DayOfWeek", + "CatalogId": { + "markdownDescription": "The catalog ID of the table.", + "title": "CatalogId", "type": "string" }, - "Frequency": { - "markdownDescription": "How often the scheduled audit occurs.", - "title": "Frequency", + "DatabaseName": { + "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", + "title": "DatabaseName", "type": "string" }, - "ScheduledAuditName": { - "markdownDescription": "The name of the scheduled audit.", - "title": "ScheduledAuditName", + "TableName": { + "markdownDescription": "The table name. For Hive compatibility, this must be entirely lowercase.", + "title": "TableName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the scheduled audit.", - "title": "Tags", - "type": "array" + "TableOptimizerConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.TableOptimizerConfiguration", + "markdownDescription": "Specifies configuration details of a table optimizer.", + "title": "TableOptimizerConfiguration" }, - "TargetCheckNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use `DescribeAccountAuditConfiguration` to see the list of all checks, including those that are enabled or use `UpdateAccountAuditConfiguration` to select which checks are enabled.)\n\nThe following checks are currently available:\n\n- `AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`\n- `CA_CERTIFICATE_EXPIRING_CHECK`\n- `CA_CERTIFICATE_KEY_QUALITY_CHECK`\n- `CONFLICTING_CLIENT_IDS_CHECK`\n- `DEVICE_CERTIFICATE_EXPIRING_CHECK`\n- `DEVICE_CERTIFICATE_KEY_QUALITY_CHECK`\n- `DEVICE_CERTIFICATE_SHARED_CHECK`\n- `IOT_POLICY_OVERLY_PERMISSIVE_CHECK`\n- `IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK`\n- `IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK`\n- `LOGGING_DISABLED_CHECK`\n- `REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`", - "title": "TargetCheckNames", - "type": "array" + "Type": { + "markdownDescription": "The type of table optimizer. The valid values are:\n\n- compaction - for managing compaction with a table optimizer.\n- retention - for managing the retention of snapshot with a table optimizer.\n- orphan_file_deletion - for managing the deletion of orphan files with a table optimizer.", + "title": "Type", + "type": "string" } }, "required": [ - "Frequency", - "TargetCheckNames" + "CatalogId", + "DatabaseName", + "TableName", + "TableOptimizerConfiguration", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ScheduledAudit" + "AWS::Glue::TableOptimizer" ], "type": "string" }, @@ -122496,7 +132225,91 @@ ], "type": "object" }, - "AWS::IoT::SecurityProfile": { + "AWS::Glue::TableOptimizer.IcebergConfiguration": { + "additionalProperties": false, + "properties": { + "Location": { + "markdownDescription": "Specifies a directory in which to look for orphan files (defaults to the table's location). You may choose a sub-directory rather than the top-level table location.", + "title": "Location", + "type": "string" + }, + "OrphanFileRetentionPeriodInDays": { + "markdownDescription": "The specific number of days you want to keep the orphan files.", + "title": "OrphanFileRetentionPeriodInDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Glue::TableOptimizer.OrphanFileDeletionConfiguration": { + "additionalProperties": false, + "properties": { + "IcebergConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.IcebergConfiguration", + "markdownDescription": "The `IcebergConfiguration` property helps optimize your Iceberg tables in AWS Glue by allowing you to specify format-specific settings that control how data is stored, compressed, and managed.", + "title": "IcebergConfiguration" + } + }, + "type": "object" + }, + "AWS::Glue::TableOptimizer.RetentionConfiguration": { + "additionalProperties": false, + "properties": { + "IcebergConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.IcebergConfiguration", + "markdownDescription": "The configuration for an Iceberg snapshot retention optimizer.", + "title": "IcebergConfiguration" + } + }, + "type": "object" + }, + "AWS::Glue::TableOptimizer.TableOptimizerConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether the table optimization is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "OrphanFileDeletionConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.OrphanFileDeletionConfiguration", + "markdownDescription": "`OrphanFileDeletionConfiguration` is a property that can be included within the TableOptimizer resource. It controls the automatic deletion of orphaned files - files that are not tracked by the table metadata, and older than the configured age limit.", + "title": "OrphanFileDeletionConfiguration" + }, + "RetentionConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.RetentionConfiguration", + "markdownDescription": "The configuration for a snapshot retention optimizer for Apache Iceberg tables.", + "title": "RetentionConfiguration" + }, + "RoleArn": { + "markdownDescription": "A role passed by the caller which gives the service permission to update the resources associated with the optimizer on the caller's behalf.", + "title": "RoleArn", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Glue::TableOptimizer.VpcConfiguration", + "markdownDescription": "An object that describes the VPC configuration for a table optimizer. This configuration is necessary to perform optimization on tables that are in a customer VPC.", + "title": "VpcConfiguration" + } + }, + "required": [ + "Enabled", + "RoleArn" + ], + "type": "object" + }, + "AWS::Glue::TableOptimizer.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "GlueConnectionName": { + "markdownDescription": "The name of the AWS Glue connection used for the VPC for the table optimizer.", + "title": "GlueConnectionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Trigger": { "additionalProperties": false, "properties": { "Condition": { @@ -122531,70 +132344,69 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalMetricsToRetainV2": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricToRetain" + "$ref": "#/definitions/AWS::Glue::Trigger.Action" }, - "markdownDescription": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's `behaviors` , but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.", - "title": "AdditionalMetricsToRetainV2", + "markdownDescription": "The actions initiated by this trigger.", + "title": "Actions", "type": "array" }, - "AlertTargets": { - "additionalProperties": false, - "markdownDescription": "Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.AlertTarget" - } - }, - "title": "AlertTargets", - "type": "object" - }, - "Behaviors": { - "items": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.Behavior" - }, - "markdownDescription": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", - "title": "Behaviors", - "type": "array" + "Description": { + "markdownDescription": "A description of this trigger.", + "title": "Description", + "type": "string" }, - "MetricsExportConfig": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricsExportConfig", - "markdownDescription": "Specifies the MQTT topic and role ARN required for metric export.", - "title": "MetricsExportConfig" + "EventBatchingCondition": { + "$ref": "#/definitions/AWS::Glue::Trigger.EventBatchingCondition", + "markdownDescription": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires.", + "title": "EventBatchingCondition" }, - "SecurityProfileDescription": { - "markdownDescription": "A description of the security profile.", - "title": "SecurityProfileDescription", + "Name": { + "markdownDescription": "The name of the trigger.", + "title": "Name", "type": "string" }, - "SecurityProfileName": { - "markdownDescription": "The name you gave to the security profile.", - "title": "SecurityProfileName", + "Predicate": { + "$ref": "#/definitions/AWS::Glue::Trigger.Predicate", + "markdownDescription": "The predicate of this trigger, which defines when it will fire.", + "title": "Predicate" + }, + "Schedule": { + "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) in the *AWS Glue Developer Guide* . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", + "title": "Schedule", "type": "string" }, + "StartOnCreation": { + "markdownDescription": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.", + "title": "StartOnCreation", + "type": "boolean" + }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the security profile.", + "markdownDescription": "The tags to use with this trigger.", "title": "Tags", - "type": "array" + "type": "object" }, - "TargetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN of the target (thing group) to which the security profile is attached.", - "title": "TargetArns", - "type": "array" + "Type": { + "markdownDescription": "The type of trigger that this is.", + "title": "Type", + "type": "string" + }, + "WorkflowName": { + "markdownDescription": "The name of the workflow associated with the trigger.", + "title": "WorkflowName", + "type": "string" } }, + "required": [ + "Actions", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SecurityProfile" + "AWS::Glue::Trigger" ], "type": "string" }, @@ -122608,244 +132420,128 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::SecurityProfile.AlertTarget": { + "AWS::Glue::Trigger.Action": { "additionalProperties": false, "properties": { - "AlertTargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the notification target to which alerts are sent.", - "title": "AlertTargetArn", - "type": "string" + "Arguments": { + "markdownDescription": "The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the developer guide.", + "title": "Arguments", + "type": "object" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to send alerts to the notification target.", - "title": "RoleArn", + "CrawlerName": { + "markdownDescription": "The name of the crawler to be used with this action.", + "title": "CrawlerName", "type": "string" - } - }, - "required": [ - "AlertTargetArn", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::SecurityProfile.Behavior": { - "additionalProperties": false, - "properties": { - "Criteria": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.BehaviorCriteria", - "markdownDescription": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n> In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.", - "title": "Criteria" - }, - "ExportMetric": { - "markdownDescription": "Value indicates exporting metrics related to the behavior when it is true.", - "title": "ExportMetric", - "type": "boolean" }, - "Metric": { - "markdownDescription": "What is measured by the behavior.", - "title": "Metric", + "JobName": { + "markdownDescription": "The name of a job to be executed.", + "title": "JobName", "type": "string" }, - "MetricDimension": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", - "markdownDescription": "The dimension of the metric.", - "title": "MetricDimension" + "NotificationProperty": { + "$ref": "#/definitions/AWS::Glue::Trigger.NotificationProperty", + "markdownDescription": "Specifies configuration properties of a job run notification.", + "title": "NotificationProperty" }, - "Name": { - "markdownDescription": "The name you've given to the behavior.", - "title": "Name", + "SecurityConfiguration": { + "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this action.", + "title": "SecurityConfiguration", "type": "string" }, - "SuppressAlerts": { - "markdownDescription": "The alert status. If you set the value to `true` , alerts will be suppressed.", - "title": "SuppressAlerts", - "type": "boolean" + "Timeout": { + "markdownDescription": "The `JobRun` timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.", + "title": "Timeout", + "type": "number" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::IoT::SecurityProfile.BehaviorCriteria": { + "AWS::Glue::Trigger.Condition": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The operator that relates the thing measured ( `metric` ) to the criteria (containing a `value` or `statisticalThreshold` ). Valid operators include:\n\n- `string-list` : `in-set` and `not-in-set`\n- `number-list` : `in-set` and `not-in-set`\n- `ip-address-list` : `in-cidr-set` and `not-in-cidr-set`\n- `number` : `less-than` , `less-than-equals` , `greater-than` , and `greater-than-equals`", - "title": "ComparisonOperator", + "CrawlState": { + "markdownDescription": "The state of the crawler to which this condition applies.", + "title": "CrawlState", "type": "string" }, - "ConsecutiveDatapointsToAlarm": { - "markdownDescription": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.", - "title": "ConsecutiveDatapointsToAlarm", - "type": "number" - }, - "ConsecutiveDatapointsToClear": { - "markdownDescription": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.", - "title": "ConsecutiveDatapointsToClear", - "type": "number" - }, - "DurationSeconds": { - "markdownDescription": "Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, `NUM_MESSAGES_SENT` ). For a `statisticalThreshhold` metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.", - "title": "DurationSeconds", - "type": "number" + "CrawlerName": { + "markdownDescription": "The name of the crawler to which this condition applies.", + "title": "CrawlerName", + "type": "string" }, - "MlDetectionConfig": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MachineLearningDetectionConfig", - "markdownDescription": "The confidence level of the detection model.", - "title": "MlDetectionConfig" + "JobName": { + "markdownDescription": "The name of the job whose `JobRuns` this condition applies to, and on which this trigger waits.", + "title": "JobName", + "type": "string" }, - "StatisticalThreshold": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.StatisticalThreshold", - "markdownDescription": "A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.", - "title": "StatisticalThreshold" + "LogicalOperator": { + "markdownDescription": "A logical operator.", + "title": "LogicalOperator", + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricValue", - "markdownDescription": "The value to be compared with the `metric` .", - "title": "Value" - } - }, - "type": "object" - }, - "AWS::IoT::SecurityProfile.MachineLearningDetectionConfig": { - "additionalProperties": false, - "properties": { - "ConfidenceLevel": { - "markdownDescription": "The model confidence level.\n\nThere are three levels of confidence, `\"high\"` , `\"medium\"` , and `\"low\"` .\n\nThe higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.", - "title": "ConfidenceLevel", + "State": { + "markdownDescription": "The condition state. Currently, the values supported are `SUCCEEDED` , `STOPPED` , `TIMEOUT` , and `FAILED` .", + "title": "State", "type": "string" } }, "type": "object" }, - "AWS::IoT::SecurityProfile.MetricDimension": { + "AWS::Glue::Trigger.EventBatchingCondition": { "additionalProperties": false, "properties": { - "DimensionName": { - "markdownDescription": "The name of the dimension.", - "title": "DimensionName", - "type": "string" + "BatchSize": { + "markdownDescription": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires.", + "title": "BatchSize", + "type": "number" }, - "Operator": { - "markdownDescription": "Operators are constructs that perform logical operations. Valid values are `IN` and `NOT_IN` .", - "title": "Operator", - "type": "string" + "BatchWindow": { + "markdownDescription": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received.", + "title": "BatchWindow", + "type": "number" } }, "required": [ - "DimensionName" + "BatchSize" ], "type": "object" }, - "AWS::IoT::SecurityProfile.MetricToRetain": { + "AWS::Glue::Trigger.NotificationProperty": { "additionalProperties": false, "properties": { - "ExportMetric": { - "markdownDescription": "The value indicates exporting metrics related to the `MetricToRetain` when it's true.", - "title": "ExportMetric", - "type": "boolean" - }, - "Metric": { - "markdownDescription": "A standard of measurement.", - "title": "Metric", - "type": "string" - }, - "MetricDimension": { - "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", - "markdownDescription": "The dimension of the metric.", - "title": "MetricDimension" + "NotifyDelayAfter": { + "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification", + "title": "NotifyDelayAfter", + "type": "number" } }, - "required": [ - "Metric" - ], "type": "object" }, - "AWS::IoT::SecurityProfile.MetricValue": { + "AWS::Glue::Trigger.Predicate": { "additionalProperties": false, "properties": { - "Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "If the `comparisonOperator` calls for a set of CIDRs, use this to specify that set to be compared with the `metric` .", - "title": "Cidrs", - "type": "array" - }, - "Count": { - "markdownDescription": "If the `comparisonOperator` calls for a numeric value, use this to specify that numeric value to be compared with the `metric` .", - "title": "Count", - "type": "string" - }, - "Number": { - "markdownDescription": "The numeric values of a metric.", - "title": "Number", - "type": "number" - }, - "Numbers": { - "items": { - "type": "number" - }, - "markdownDescription": "The numeric value of a metric.", - "title": "Numbers", - "type": "array" - }, - "Ports": { - "items": { - "type": "number" - }, - "markdownDescription": "If the `comparisonOperator` calls for a set of ports, use this to specify that set to be compared with the `metric` .", - "title": "Ports", - "type": "array" - }, - "Strings": { + "Conditions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Glue::Trigger.Condition" }, - "markdownDescription": "The string values of a metric.", - "title": "Strings", + "markdownDescription": "A list of the conditions that determine when the trigger will fire.", + "title": "Conditions", "type": "array" - } - }, - "type": "object" - }, - "AWS::IoT::SecurityProfile.MetricsExportConfig": { - "additionalProperties": false, - "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic that Device Defender Detect should publish messages to for metrics export.", - "title": "MqttTopic", - "type": "string" }, - "RoleArn": { - "markdownDescription": "This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "MqttTopic", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::SecurityProfile.StatisticalThreshold": { - "additionalProperties": false, - "properties": { - "Statistic": { - "markdownDescription": "The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( `durationSeconds` ) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( `comparisonOperator` ) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.", - "title": "Statistic", + "Logical": { + "markdownDescription": "An optional field if only one condition is listed. If multiple conditions are listed, then this field is required.", + "title": "Logical", "type": "string" } }, "type": "object" }, - "AWS::IoT::SoftwarePackage": { + "AWS::Glue::UsageProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -122880,30 +132576,38 @@ "Properties": { "additionalProperties": false, "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ProfileConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, "Description": { - "markdownDescription": "A summary of the package being created. This can be used to outline the package's contents or purpose.", + "markdownDescription": "A description of the usage profile.", "title": "Description", "type": "string" }, - "PackageName": { - "markdownDescription": "The name of the new software package.", - "title": "PackageName", + "Name": { + "markdownDescription": "The name of the usage profile.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the package.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SoftwarePackage" + "AWS::Glue::UsageProfile" ], "type": "string" }, @@ -122917,11 +132621,69 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::SoftwarePackageVersion": { + "AWS::Glue::UsageProfile.ConfigurationObject": { + "additionalProperties": false, + "properties": { + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed values for the parameter.", + "title": "AllowedValues", + "type": "array" + }, + "DefaultValue": { + "markdownDescription": "A default value for the parameter.", + "title": "DefaultValue", + "type": "string" + }, + "MaxValue": { + "markdownDescription": "A maximum allowed value for the parameter.", + "title": "MaxValue", + "type": "string" + }, + "MinValue": { + "markdownDescription": "A minimum allowed value for the parameter.", + "title": "MinValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::UsageProfile.ProfileConfiguration": { + "additionalProperties": false, + "properties": { + "JobConfiguration": { + "additionalProperties": false, + "markdownDescription": "A key-value map of configuration parameters for AWS Glue jobs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ConfigurationObject" + } + }, + "title": "JobConfiguration", + "type": "object" + }, + "SessionConfiguration": { + "additionalProperties": false, + "markdownDescription": "A key-value map of configuration parameters for AWS Glue sessions.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Glue::UsageProfile.ConfigurationObject" + } + }, + "title": "SessionConfiguration", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Glue::Workflow": { "additionalProperties": false, "properties": { "Condition": { @@ -122956,49 +132718,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "Metadata that can be used to define a package version\u2019s configuration. For example, the S3 file location, configuration options that are being sent to the device or fleet.\n\nThe combined size of all the attributes on a package version is limited to 3KB.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", + "DefaultRunProperties": { + "markdownDescription": "A collection of properties to be used as part of each execution of the workflow", + "title": "DefaultRunProperties", "type": "object" }, "Description": { - "markdownDescription": "A summary of the package version being created. This can be used to outline the package's contents or purpose.", + "markdownDescription": "A description of the workflow", "title": "Description", "type": "string" }, - "PackageName": { - "markdownDescription": "The name of the associated software package.", - "title": "PackageName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the package version.", - "title": "Tags", - "type": "array" + "MaxConcurrentRuns": { + "markdownDescription": "You can use this parameter to prevent unwanted multiple updates to data, to control costs, or in some cases, to prevent exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.", + "title": "MaxConcurrentRuns", + "type": "number" }, - "VersionName": { - "markdownDescription": "The name of the new package version.", - "title": "VersionName", + "Name": { + "markdownDescription": "The name of the workflow representing the flow", + "title": "Name", "type": "string" + }, + "Tags": { + "markdownDescription": "The tags to use with this workflow.", + "title": "Tags", + "type": "object" } }, - "required": [ - "PackageName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::SoftwarePackageVersion" + "AWS::Glue::Workflow" ], "type": "string" }, @@ -123012,12 +132762,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoT::Thing": { + "AWS::Grafana::Workspace": { "additionalProperties": false, "properties": { "Condition": { @@ -123052,22 +132801,114 @@ "Properties": { "additionalProperties": false, "properties": { - "AttributePayload": { - "$ref": "#/definitions/AWS::IoT::Thing.AttributePayload", - "markdownDescription": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed.", - "title": "AttributePayload" + "AccountAccessType": { + "markdownDescription": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access.", + "title": "AccountAccessType", + "type": "string" }, - "ThingName": { - "markdownDescription": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.", - "title": "ThingName", + "AuthenticationProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies whether this workspace uses SAML 2.0, AWS IAM Identity Center , or both to authenticate users for using the Grafana console within a workspace. For more information, see [User authentication in Amazon Managed Grafana](https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html) .\n\n*Allowed Values* : `AWS_SSO | SAML`", + "title": "AuthenticationProviders", + "type": "array" + }, + "ClientToken": { + "markdownDescription": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.", + "title": "ClientToken", + "type": "string" + }, + "DataSources": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.\n\nThis list is only used when the workspace was created through the AWS console, and the `permissionType` is `SERVICE_MANAGED` .", + "title": "DataSources", + "type": "array" + }, + "Description": { + "markdownDescription": "The user-defined description of the workspace.", + "title": "Description", + "type": "string" + }, + "GrafanaVersion": { + "markdownDescription": "Specifies the version of Grafana to support in the workspace. Defaults to the latest version on create (for example, 9.4), or the current version of the workspace on update.\n\nCan only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).\n\nTo know what versions are available to upgrade to for a specific workspace, see the [ListVersions](https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListVersions.html) operation.", + "title": "GrafanaVersion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the workspace.", + "title": "Name", + "type": "string" + }, + "NetworkAccessControl": { + "$ref": "#/definitions/AWS::Grafana::Workspace.NetworkAccessControl", + "markdownDescription": "The configuration settings for network access to your workspace.", + "title": "NetworkAccessControl" + }, + "NotificationDestinations": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.\n\n*AllowedValues* : `SNS`", + "title": "NotificationDestinations", + "type": "array" + }, + "OrganizationRoleName": { + "markdownDescription": "The name of the IAM role that is used to access resources through Organizations.", + "title": "OrganizationRoleName", + "type": "string" + }, + "OrganizationalUnits": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.", + "title": "OrganizationalUnits", + "type": "array" + }, + "PermissionType": { + "markdownDescription": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)", + "title": "PermissionType", + "type": "string" + }, + "PluginAdminEnabled": { + "markdownDescription": "Whether plugin administration is enabled in the workspace. Setting to `true` allows workspace admins to install, uninstall, and update plugins from within the Grafana workspace.\n\n> This option is only valid for workspaces that support Grafana version 9 or newer.", + "title": "PluginAdminEnabled", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "The IAM role that grants permissions to the AWS resources that the workspace will view data from. This role must already exist.", + "title": "RoleArn", + "type": "string" + }, + "SamlConfiguration": { + "$ref": "#/definitions/AWS::Grafana::Workspace.SamlConfiguration", + "markdownDescription": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace.", + "title": "SamlConfiguration" + }, + "StackSetName": { + "markdownDescription": "The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.", + "title": "StackSetName", "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Grafana::Workspace.VpcConfiguration", + "markdownDescription": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n> Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2).", + "title": "VpcConfiguration" } }, + "required": [ + "AccountAccessType", + "AuthenticationProviders", + "PermissionType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::Thing" + "AWS::Grafana::Workspace" ], "type": "string" }, @@ -123081,28 +132922,171 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::Thing.AttributePayload": { + "AWS::Grafana::Workspace.AssertionAttributes": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Email": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the email names for SAML users.", + "title": "Email", + "type": "string" + }, + "Groups": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for user groups.", + "title": "Groups", + "type": "string" + }, + "Login": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the login names for SAML users.", + "title": "Login", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for SAML users.", + "title": "Name", + "type": "string" + }, + "Org": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for the users' organizations.", + "title": "Org", + "type": "string" + }, + "Role": { + "markdownDescription": "The name of the attribute within the SAML assertion to use as the user roles.", + "title": "Role", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Grafana::Workspace.IdpMetadata": { + "additionalProperties": false, + "properties": { + "Url": { + "markdownDescription": "The URL of the location containing the IdP metadata.", + "title": "Url", + "type": "string" + }, + "Xml": { + "markdownDescription": "The full IdP metadata, in XML format.", + "title": "Xml", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Grafana::Workspace.NetworkAccessControl": { + "additionalProperties": false, + "properties": { + "PrefixListIds": { + "items": { + "type": "string" }, - "title": "Attributes", - "type": "object" + "markdownDescription": "An array of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration (passed an empty array) then no IP addresses are allowed to access the workspace. You create a prefix list using the Amazon VPC console.\n\nPrefix list IDs have the format `pl- *1a2b3c4d*` .\n\nFor more information about prefix lists, see [Group CIDR blocks using managed prefix lists](https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html) in the *Amazon Virtual Private Cloud User Guide* .", + "title": "PrefixListIds", + "type": "array" + }, + "VpceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon VPC endpoint IDs for the workspace. You can create VPC endpoints to your Amazon Managed Grafana workspace for access from within a VPC. If a `NetworkAccessConfiguration` is specified then only VPC endpoints specified here are allowed to access the workspace. If you pass in an empty array of strings, then no VPCs are allowed to access the workspace.\n\nVPC endpoint IDs have the format `vpce- *1a2b3c4d*` .\n\nFor more information about creating an interface VPC endpoint, see [Interface VPC endpoints](https://docs.aws.amazon.com/grafana/latest/userguide/VPC-endpoints) in the *Amazon Managed Grafana User Guide* .\n\n> The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the `com.amazonaws.[region].grafana-workspace` service endpoint). Other VPC endpoints are ignored.", + "title": "VpceIds", + "type": "array" } }, "type": "object" }, - "AWS::IoT::ThingGroup": { + "AWS::Grafana::Workspace.RoleValues": { + "additionalProperties": false, + "properties": { + "Admin": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Admin` role to.", + "title": "Admin", + "type": "array" + }, + "Editor": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Editor` role to.", + "title": "Editor", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Grafana::Workspace.SamlConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedOrganizations": { + "items": { + "type": "string" + }, + "markdownDescription": "Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access.", + "title": "AllowedOrganizations", + "type": "array" + }, + "AssertionAttributes": { + "$ref": "#/definitions/AWS::Grafana::Workspace.AssertionAttributes", + "markdownDescription": "A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace.", + "title": "AssertionAttributes" + }, + "IdpMetadata": { + "$ref": "#/definitions/AWS::Grafana::Workspace.IdpMetadata", + "markdownDescription": "A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace.", + "title": "IdpMetadata" + }, + "LoginValidityDuration": { + "markdownDescription": "How long a sign-on session by a SAML user is valid, before the user has to sign on again.", + "title": "LoginValidityDuration", + "type": "number" + }, + "RoleValues": { + "$ref": "#/definitions/AWS::Grafana::Workspace.RoleValues", + "markdownDescription": "A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace.", + "title": "RoleValues" + } + }, + "required": [ + "IdpMetadata" + ], + "type": "object" + }, + "AWS::Grafana::Workspace.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 1 items. Maximum number of 5 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 2 items. Maximum number of 6 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], + "type": "object" + }, + "AWS::Greengrass::ConnectorDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -123137,40 +133121,30 @@ "Properties": { "additionalProperties": false, "properties": { - "ParentGroupName": { - "markdownDescription": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined.", - "title": "ParentGroupName", - "type": "string" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion", + "markdownDescription": "The connector definition version to include when the connector definition is created. A connector definition version contains a list of [`connector`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html) property types.\n\n> To associate a connector definition version after the connector definition is created, create an [`AWS::Greengrass::ConnectorDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-connectordefinitionversion.html) resource and specify the ID of this connector definition.", + "title": "InitialVersion" }, - "QueryString": { - "markdownDescription": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` .", - "title": "QueryString", + "Name": { + "markdownDescription": "The name of the connector definition.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the thing group or dynamic thing group.", + "markdownDescription": "Application-specific metadata to attach to the connector definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" - }, - "ThingGroupName": { - "markdownDescription": "The thing group name.", - "title": "ThingGroupName", - "type": "string" - }, - "ThingGroupProperties": { - "$ref": "#/definitions/AWS::IoT::ThingGroup.ThingGroupProperties", - "markdownDescription": "Thing group properties.", - "title": "ThingGroupProperties" + "type": "object" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingGroup" + "AWS::Greengrass::ConnectorDefinition" ], "type": "string" }, @@ -123184,44 +133158,54 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::ThingGroup.AttributePayload": { + "AWS::Greengrass::ConnectorDefinition.Connector": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters or configuration used by the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "Parameters", "type": "object" } }, + "required": [ + "ConnectorArn", + "Id" + ], "type": "object" }, - "AWS::IoT::ThingGroup.ThingGroupProperties": { + "AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion": { "additionalProperties": false, "properties": { - "AttributePayload": { - "$ref": "#/definitions/AWS::IoT::ThingGroup.AttributePayload", - "markdownDescription": "The thing group attributes in JSON format.", - "title": "AttributePayload" - }, - "ThingGroupDescription": { - "markdownDescription": "The thing group description.", - "title": "ThingGroupDescription", - "type": "string" + "Connectors": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.Connector" + }, + "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to a connector definition version at a time.", + "title": "Connectors", + "type": "array" } }, + "required": [ + "Connectors" + ], "type": "object" }, - "AWS::IoT::ThingPrincipalAttachment": { + "AWS::Greengrass::ConnectorDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -123256,26 +133240,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Principal": { - "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", - "title": "Principal", + "ConnectorDefinitionId": { + "markdownDescription": "The ID of the connector definition associated with this version. This value is a GUID.", + "title": "ConnectorDefinitionId", "type": "string" }, - "ThingName": { - "markdownDescription": "The name of the AWS IoT thing.", - "title": "ThingName", - "type": "string" + "Connectors": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinitionVersion.Connector" + }, + "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to the connector definition version at a time.", + "title": "Connectors", + "type": "array" } }, "required": [ - "Principal", - "ThingName" + "ConnectorDefinitionId", + "Connectors" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingPrincipalAttachment" + "AWS::Greengrass::ConnectorDefinitionVersion" ], "type": "string" }, @@ -123294,7 +133281,32 @@ ], "type": "object" }, - "AWS::IoT::ThingType": { + "AWS::Greengrass::ConnectorDefinitionVersion.Connector": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters or configuration that the connector uses.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", + "title": "Parameters", + "type": "object" + } + }, + "required": [ + "ConnectorArn", + "Id" + ], + "type": "object" + }, + "AWS::Greengrass::CoreDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -123329,35 +133341,30 @@ "Properties": { "additionalProperties": false, "properties": { - "DeprecateThingType": { - "markdownDescription": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action.", - "title": "DeprecateThingType", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the thing type.", - "title": "Tags", - "type": "array" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.CoreDefinitionVersion", + "markdownDescription": "The core definition version to include when the core definition is created. Currently, a core definition version can contain only one [`core`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-coredefinition-core.html) .\n\n> To associate a core definition version after the core definition is created, create an [`AWS::Greengrass::CoreDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-coredefinitionversion.html) resource and specify the ID of this core definition.", + "title": "InitialVersion" }, - "ThingTypeName": { - "markdownDescription": "The name of the thing type.", - "title": "ThingTypeName", + "Name": { + "markdownDescription": "The name of the core definition.", + "title": "Name", "type": "string" }, - "ThingTypeProperties": { - "$ref": "#/definitions/AWS::IoT::ThingType.ThingTypeProperties", - "markdownDescription": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, a list of searchable thing attribute names, and a list of propagating attributes. After a thing type is created, you can only update `Mqtt5Configuration` .", - "title": "ThingTypeProperties" + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the core definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::ThingType" + "AWS::Greengrass::CoreDefinition" ], "type": "string" }, @@ -123371,30 +133378,60 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::ThingType.ThingTypeProperties": { + "AWS::Greengrass::CoreDefinition.Core": { "additionalProperties": false, "properties": { - "SearchableAttributes": { + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", + "type": "string" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" + }, + "SyncShadow": { + "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", + "title": "SyncShadow", + "type": "boolean" + }, + "ThingArn": { + "markdownDescription": "The ARN of the core, which is an AWS IoT device (thing).", + "title": "ThingArn", + "type": "string" + } + }, + "required": [ + "CertificateArn", + "Id", + "ThingArn" + ], + "type": "object" + }, + "AWS::Greengrass::CoreDefinition.CoreDefinitionVersion": { + "additionalProperties": false, + "properties": { + "Cores": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.Core" }, - "markdownDescription": "A list of searchable thing attribute names.", - "title": "SearchableAttributes", + "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", + "title": "Cores", "type": "array" - }, - "ThingTypeDescription": { - "markdownDescription": "The description of the thing type.", - "title": "ThingTypeDescription", - "type": "string" } }, + "required": [ + "Cores" + ], "type": "object" }, - "AWS::IoT::TopicRule": { + "AWS::Greengrass::CoreDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -123429,33 +133466,29 @@ "Properties": { "additionalProperties": false, "properties": { - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", + "CoreDefinitionId": { + "markdownDescription": "The ID of the core definition associated with this version. This value is a GUID.", + "title": "CoreDefinitionId", "type": "string" }, - "Tags": { + "Cores": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Greengrass::CoreDefinitionVersion.Core" }, - "markdownDescription": "Metadata which can be used to manage the topic rule.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", - "title": "Tags", + "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", + "title": "Cores", "type": "array" - }, - "TopicRulePayload": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TopicRulePayload", - "markdownDescription": "The rule payload.", - "title": "TopicRulePayload" } }, "required": [ - "TopicRulePayload" + "CoreDefinitionId", + "Cores" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::TopicRule" + "AWS::Greengrass::CoreDefinitionVersion" ], "type": "string" }, @@ -123474,1176 +133507,772 @@ ], "type": "object" }, - "AWS::IoT::TopicRule.Action": { - "additionalProperties": false, - "properties": { - "CloudwatchAlarm": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchAlarmAction", - "markdownDescription": "Change the state of a CloudWatch alarm.", - "title": "CloudwatchAlarm" - }, - "CloudwatchLogs": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchLogsAction", - "markdownDescription": "Sends data to CloudWatch.", - "title": "CloudwatchLogs" - }, - "CloudwatchMetric": { - "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchMetricAction", - "markdownDescription": "Capture a CloudWatch metric.", - "title": "CloudwatchMetric" - }, - "DynamoDB": { - "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBAction", - "markdownDescription": "Write to a DynamoDB table.", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBv2Action", - "markdownDescription": "Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.", - "title": "DynamoDBv2" - }, - "Elasticsearch": { - "$ref": "#/definitions/AWS::IoT::TopicRule.ElasticsearchAction", - "markdownDescription": "Write data to an Amazon OpenSearch Service domain.\n\n> The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) .", - "title": "Elasticsearch" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoT::TopicRule.FirehoseAction", - "markdownDescription": "Write to an Amazon Kinesis Firehose stream.", - "title": "Firehose" - }, - "Http": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAction", - "markdownDescription": "Send data to an HTTPS endpoint.", - "title": "Http" - }, - "IotAnalytics": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotAnalyticsAction", - "markdownDescription": "Sends message data to an AWS IoT Analytics channel.", - "title": "IotAnalytics" - }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotEventsAction", - "markdownDescription": "Sends an input to an AWS IoT Events detector.", - "title": "IotEvents" - }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoT::TopicRule.IotSiteWiseAction", - "markdownDescription": "Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties.", - "title": "IotSiteWise" - }, - "Kafka": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaAction", - "markdownDescription": "Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster.", - "title": "Kafka" - }, - "Kinesis": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KinesisAction", - "markdownDescription": "Write data to an Amazon Kinesis stream.", - "title": "Kinesis" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoT::TopicRule.LambdaAction", - "markdownDescription": "Invoke a Lambda function.", - "title": "Lambda" - }, - "Location": { - "$ref": "#/definitions/AWS::IoT::TopicRule.LocationAction", - "markdownDescription": "Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) .", - "title": "Location" - }, - "OpenSearch": { - "$ref": "#/definitions/AWS::IoT::TopicRule.OpenSearchAction", - "markdownDescription": "Write data to an Amazon OpenSearch Service domain.", - "title": "OpenSearch" - }, - "Republish": { - "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishAction", - "markdownDescription": "Publish to another MQTT topic.", - "title": "Republish" - }, - "S3": { - "$ref": "#/definitions/AWS::IoT::TopicRule.S3Action", - "markdownDescription": "Write to an Amazon S3 bucket.", - "title": "S3" - }, - "Sns": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SnsAction", - "markdownDescription": "Publish to an Amazon SNS topic.", - "title": "Sns" - }, - "Sqs": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SqsAction", - "markdownDescription": "Publish to an Amazon SQS queue.", - "title": "Sqs" - }, - "StepFunctions": { - "$ref": "#/definitions/AWS::IoT::TopicRule.StepFunctionsAction", - "markdownDescription": "Starts execution of a Step Functions state machine.", - "title": "StepFunctions" - }, - "Timestream": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamAction", - "markdownDescription": "Writes attributes from an MQTT message.", - "title": "Timestream" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.AssetPropertyTimestamp": { + "AWS::Greengrass::CoreDefinitionVersion.Core": { "additionalProperties": false, "properties": { - "OffsetInNanos": { - "markdownDescription": "Optional. A string that contains the nanosecond time offset. Accepts substitution templates.", - "title": "OffsetInNanos", + "CertificateArn": { + "markdownDescription": "The ARN of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", "type": "string" }, - "TimeInSeconds": { - "markdownDescription": "A string that contains the time in seconds since epoch. Accepts substitution templates.", - "title": "TimeInSeconds", - "type": "string" - } - }, - "required": [ - "TimeInSeconds" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.AssetPropertyValue": { - "additionalProperties": false, - "properties": { - "Quality": { - "markdownDescription": "Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` .", - "title": "Quality", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyTimestamp", - "markdownDescription": "The asset property value timestamp.", - "title": "Timestamp" + "SyncShadow": { + "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", + "title": "SyncShadow", + "type": "boolean" }, - "Value": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyVariant", - "markdownDescription": "The value of the asset property.", - "title": "Value" + "ThingArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the core, which is an AWS IoT device (thing).", + "title": "ThingArn", + "type": "string" } }, "required": [ - "Timestamp", - "Value" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoT::TopicRule.AssetPropertyVariant": { + "AWS::Greengrass::DeviceDefinition": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates.", - "title": "BooleanValue", + "Condition": { "type": "string" }, - "DoubleValue": { - "markdownDescription": "Optional. A string that contains the double value of the value entry. Accepts substitution templates.", - "title": "DoubleValue", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IntegerValue": { - "markdownDescription": "Optional. A string that contains the integer value of the value entry. Accepts substitution templates.", - "title": "IntegerValue", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion", + "markdownDescription": "The device definition version to include when the device definition is created. A device definition version contains a list of [`device`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-devicedefinition-device.html) property types.\n\n> To associate a device definition version after the device definition is created, create an [`AWS::Greengrass::DeviceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-devicedefinitionversion.html) resource and specify the ID of this device definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the device definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the device definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::DeviceDefinition" + ], "type": "string" }, - "StringValue": { - "markdownDescription": "Optional. The string value of the value entry. Accepts substitution templates.", - "title": "StringValue", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchAlarmAction": { + "AWS::Greengrass::DeviceDefinition.Device": { "additionalProperties": false, "properties": { - "AlarmName": { - "markdownDescription": "The CloudWatch alarm name.", - "title": "AlarmName", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch alarm.", - "title": "RoleArn", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "StateReason": { - "markdownDescription": "The reason for the alarm change.", - "title": "StateReason", - "type": "string" + "SyncShadow": { + "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", + "title": "SyncShadow", + "type": "boolean" }, - "StateValue": { - "markdownDescription": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.", - "title": "StateValue", + "ThingArn": { + "markdownDescription": "The ARN of the device, which is an AWS IoT device (thing).", + "title": "ThingArn", "type": "string" } }, "required": [ - "AlarmName", - "RoleArn", - "StateReason", - "StateValue" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchLogsAction": { + "AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Indicates whether batches of log records will be extracted and uploaded into CloudWatch.", - "title": "BatchMode", - "type": "boolean" - }, - "LogGroupName": { - "markdownDescription": "The CloudWatch log name.", - "title": "LogGroupName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch log.", - "title": "RoleArn", - "type": "string" + "Devices": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.Device" + }, + "markdownDescription": "The devices in this version.", + "title": "Devices", + "type": "array" } }, "required": [ - "LogGroupName", - "RoleArn" + "Devices" ], "type": "object" }, - "AWS::IoT::TopicRule.CloudwatchMetricAction": { + "AWS::Greengrass::DeviceDefinitionVersion": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The CloudWatch metric name.", - "title": "MetricName", + "Condition": { "type": "string" }, - "MetricNamespace": { - "markdownDescription": "The CloudWatch metric namespace name.", - "title": "MetricNamespace", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MetricTimestamp": { - "markdownDescription": "An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) .", - "title": "MetricTimestamp", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MetricUnit": { - "markdownDescription": "The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch.", - "title": "MetricUnit", - "type": "string" + "Metadata": { + "type": "object" }, - "MetricValue": { - "markdownDescription": "The CloudWatch metric value.", - "title": "MetricValue", + "Properties": { + "additionalProperties": false, + "properties": { + "DeviceDefinitionId": { + "markdownDescription": "The ID of the device definition associated with this version. This value is a GUID.", + "title": "DeviceDefinitionId", + "type": "string" + }, + "Devices": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::DeviceDefinitionVersion.Device" + }, + "markdownDescription": "The devices in this version.", + "title": "Devices", + "type": "array" + } + }, + "required": [ + "DeviceDefinitionId", + "Devices" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::DeviceDefinitionVersion" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that allows access to the CloudWatch metric.", - "title": "RoleArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MetricName", - "MetricNamespace", - "MetricUnit", - "MetricValue", - "RoleArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRule.DynamoDBAction": { + "AWS::Greengrass::DeviceDefinitionVersion.Device": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The hash key name.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The hash key type. Valid values are \"STRING\" or \"NUMBER\"", - "title": "HashKeyType", - "type": "string" - }, - "HashKeyValue": { - "markdownDescription": "The hash key value.", - "title": "HashKeyValue", - "type": "string" - }, - "PayloadField": { - "markdownDescription": "The action payload. This name can be customized.", - "title": "PayloadField", - "type": "string" - }, - "RangeKeyField": { - "markdownDescription": "The range key name.", - "title": "RangeKeyField", - "type": "string" - }, - "RangeKeyType": { - "markdownDescription": "The range key type. Valid values are \"STRING\" or \"NUMBER\"", - "title": "RangeKeyType", + "CertificateArn": { + "markdownDescription": "The ARN of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", + "title": "CertificateArn", "type": "string" }, - "RangeKeyValue": { - "markdownDescription": "The range key value.", - "title": "RangeKeyValue", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", - "title": "RoleArn", - "type": "string" + "SyncShadow": { + "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", + "title": "SyncShadow", + "type": "boolean" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", + "ThingArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the device, which is an AWS IoT device (thing).", + "title": "ThingArn", "type": "string" } }, "required": [ - "HashKeyField", - "HashKeyValue", - "RoleArn", - "TableName" + "CertificateArn", + "Id", + "ThingArn" ], "type": "object" }, - "AWS::IoT::TopicRule.DynamoDBv2Action": { + "AWS::Greengrass::FunctionDefinition": { "additionalProperties": false, "properties": { - "PutItem": { - "$ref": "#/definitions/AWS::IoT::TopicRule.PutItemInput", - "markdownDescription": "Specifies the DynamoDB table to which the message data will be written. For example:\n\n`{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }`\n\nEach attribute in the message payload will be written to a separate column in the DynamoDB database.", - "title": "PutItem" + "Condition": { + "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", - "title": "RoleArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.ElasticsearchAction": { - "additionalProperties": false, - "properties": { - "Endpoint": { - "markdownDescription": "The endpoint of your OpenSearch domain.", - "title": "Endpoint", - "type": "string" - }, - "Id": { - "markdownDescription": "The unique identifier for the document you are storing.", - "title": "Id", - "type": "string" - }, - "Index": { - "markdownDescription": "The index where you want to store your data.", - "title": "Index", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role ARN that has access to OpenSearch.", - "title": "RoleArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of document you are storing.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Endpoint", - "Id", - "Index", - "RoleArn", - "Type" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.FirehoseAction": { - "additionalProperties": false, - "properties": { - "BatchMode": { - "markdownDescription": "Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` .\n\nWhen `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records.", - "title": "BatchMode", - "type": "boolean" - }, - "DeliveryStreamName": { - "markdownDescription": "The delivery stream name.", - "title": "DeliveryStreamName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role that grants access to the Amazon Kinesis Firehose stream.", - "title": "RoleArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Separator": { - "markdownDescription": "A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", - "type": "string" - } - }, - "required": [ - "DeliveryStreamName", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.HttpAction": { - "additionalProperties": false, - "properties": { - "Auth": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAuthorization", - "markdownDescription": "The authentication method to use when sending data to an HTTPS endpoint.", - "title": "Auth" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConfirmationUrl": { - "markdownDescription": "The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL.", - "title": "ConfirmationUrl", - "type": "string" + "Metadata": { + "type": "object" }, - "Headers": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.HttpActionHeader" + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion", + "markdownDescription": "The function definition version to include when the function definition is created. A function definition version contains a list of [`function`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinition-function.html) property types.\n\n> To associate a function definition version after the function definition is created, create an [`AWS::Greengrass::FunctionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-functiondefinitionversion.html) resource and specify the ID of this function definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the function definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the function definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The HTTP headers to send with the message data.", - "title": "Headers", - "type": "array" + "required": [ + "Name" + ], + "type": "object" }, - "Url": { - "markdownDescription": "The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible.", - "title": "Url", - "type": "string" - } - }, - "required": [ - "Url" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.HttpActionHeader": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The HTTP header key.", - "title": "Key", + "Type": { + "enum": [ + "AWS::Greengrass::FunctionDefinition" + ], "type": "string" }, - "Value": { - "markdownDescription": "The HTTP header value. Substitution templates are supported.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRule.HttpAuthorization": { - "additionalProperties": false, - "properties": { - "Sigv4": { - "$ref": "#/definitions/AWS::IoT::TopicRule.SigV4Authorization", - "markdownDescription": "Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) .", - "title": "Sigv4" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.IotAnalyticsAction": { + "AWS::Greengrass::FunctionDefinition.DefaultConfig": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Whether to process the action as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages.", - "title": "BatchMode", - "type": "boolean" - }, - "ChannelName": { - "markdownDescription": "The name of the IoT Analytics channel to which message data will be sent.", - "title": "ChannelName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).", - "title": "RoleArn", - "type": "string" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", + "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", + "title": "Execution" } }, "required": [ - "ChannelName", - "RoleArn" + "Execution" ], "type": "object" }, - "AWS::IoT::TopicRule.IotEventsAction": { + "AWS::Greengrass::FunctionDefinition.Environment": { "additionalProperties": false, "properties": { - "BatchMode": { - "markdownDescription": "Whether to process the event actions as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` , you can't specify a `messageId` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages.", - "title": "BatchMode", + "AccessSysfs": { + "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "AccessSysfs", "type": "boolean" }, - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input.", - "title": "InputName", - "type": "string" - }, - "MessageId": { - "markdownDescription": "The ID of the message. The default `messageId` is a new UUID value.\n\nWhen `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned.\n\nAssign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector.", - "title": "MessageId", - "type": "string" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", + "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", + "title": "Execution" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "InputName", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.IotSiteWiseAction": { - "additionalProperties": false, - "properties": { - "PutAssetPropertyValueEntries": { + "ResourceAccessPolicies": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.PutAssetPropertyValueEntry" + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy" }, - "markdownDescription": "A list of asset property value entries.", - "title": "PutAssetPropertyValueEntries", + "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only for Lambda functions that run in a Greengrass container.", + "title": "ResourceAccessPolicies", "type": "array" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"` ). The trust policy can restrict access to specific asset hierarchy paths.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "PutAssetPropertyValueEntries", - "RoleArn" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.KafkaAction": { - "additionalProperties": false, - "properties": { - "ClientProperties": { - "additionalProperties": true, - "markdownDescription": "Properties of the Apache Kafka producer client.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ClientProperties", + "Variables": { + "markdownDescription": "Environment variables for the Lambda function.", + "title": "Variables", "type": "object" - }, - "DestinationArn": { - "markdownDescription": "The ARN of Kafka action's VPC `TopicRuleDestination` .", - "title": "DestinationArn", - "type": "string" - }, - "Headers": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaActionHeader" - }, - "markdownDescription": "The list of Kafka headers that you specify.", - "title": "Headers", - "type": "array" - }, - "Key": { - "markdownDescription": "The Kafka message key.", - "title": "Key", - "type": "string" - }, - "Partition": { - "markdownDescription": "The Kafka message partition.", - "title": "Partition", - "type": "string" - }, - "Topic": { - "markdownDescription": "The Kafka topic for messages to be sent to the Kafka broker.", - "title": "Topic", - "type": "string" - } - }, - "required": [ - "ClientProperties", - "DestinationArn", - "Topic" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.KafkaActionHeader": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key of the Kafka header.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the Kafka header.", - "title": "Value", - "type": "string" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.KinesisAction": { + "AWS::Greengrass::FunctionDefinition.Execution": { "additionalProperties": false, "properties": { - "PartitionKey": { - "markdownDescription": "The partition key.", - "title": "PartitionKey", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.", - "title": "RoleArn", + "IsolationMode": { + "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", + "title": "IsolationMode", "type": "string" }, - "StreamName": { - "markdownDescription": "The name of the Amazon Kinesis stream.", - "title": "StreamName", - "type": "string" + "RunAs": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.RunAs", + "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", + "title": "RunAs" } }, - "required": [ - "RoleArn", - "StreamName" - ], "type": "object" }, - "AWS::IoT::TopicRule.LambdaAction": { + "AWS::Greengrass::FunctionDefinition.Function": { "additionalProperties": false, "properties": { "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function.", + "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", "title": "FunctionArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.LocationAction": { - "additionalProperties": false, - "properties": { - "DeviceId": { - "markdownDescription": "The unique ID of the device providing the location data.", - "title": "DeviceId", - "type": "string" - }, - "Latitude": { - "markdownDescription": "A string that evaluates to a double value that represents the latitude of the device's location.", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "A string that evaluates to a double value that represents the longitude of the device's location.", - "title": "Longitude", - "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role that grants permission to write to the Amazon Location resource.", - "title": "RoleArn", - "type": "string" - }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Timestamp", - "markdownDescription": "The time that the location data was sampled. The default value is the time the MQTT message was processed.", - "title": "Timestamp" + "FunctionConfiguration": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionConfiguration", + "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", + "title": "FunctionConfiguration" }, - "TrackerName": { - "markdownDescription": "The name of the tracker resource in Amazon Location in which the location is updated.", - "title": "TrackerName", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" } }, "required": [ - "DeviceId", - "Latitude", - "Longitude", - "RoleArn", - "TrackerName" + "FunctionArn", + "FunctionConfiguration", + "Id" ], "type": "object" }, - "AWS::IoT::TopicRule.OpenSearchAction": { + "AWS::Greengrass::FunctionDefinition.FunctionConfiguration": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "The endpoint of your OpenSearch domain.", - "title": "Endpoint", + "EncodingType": { + "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", + "title": "EncodingType", "type": "string" }, - "Id": { - "markdownDescription": "The unique identifier for the document you are storing.", - "title": "Id", - "type": "string" + "Environment": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Environment", + "markdownDescription": "The environment configuration of the function.", + "title": "Environment" }, - "Index": { - "markdownDescription": "The OpenSearch index where you want to store your data.", - "title": "Index", + "ExecArgs": { + "markdownDescription": "The execution arguments.", + "title": "ExecArgs", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role ARN that has access to OpenSearch.", - "title": "RoleArn", + "Executable": { + "markdownDescription": "The name of the function executable.", + "title": "Executable", "type": "string" }, - "Type": { - "markdownDescription": "The type of document you are storing.", - "title": "Type", - "type": "string" + "MemorySize": { + "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "MemorySize", + "type": "number" + }, + "Pinned": { + "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", + "title": "Pinned", + "type": "boolean" + }, + "Timeout": { + "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", + "title": "Timeout", + "type": "number" } }, - "required": [ - "Endpoint", - "Id", - "Index", - "RoleArn", - "Type" - ], "type": "object" }, - "AWS::IoT::TopicRule.PutAssetPropertyValueEntry": { + "AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion": { "additionalProperties": false, "properties": { - "AssetId": { - "markdownDescription": "The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "AssetId", - "type": "string" - }, - "EntryId": { - "markdownDescription": "Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID.", - "title": "EntryId", - "type": "string" - }, - "PropertyAlias": { - "markdownDescription": "The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "PropertyAlias", - "type": "string" - }, - "PropertyId": { - "markdownDescription": "The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", - "title": "PropertyId", - "type": "string" + "DefaultConfig": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.DefaultConfig", + "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", + "title": "DefaultConfig" }, - "PropertyValues": { + "Functions": { "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyValue" + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Function" }, - "markdownDescription": "A list of property values to insert that each contain timestamp, quality, and value (TQV) information.", - "title": "PropertyValues", + "markdownDescription": "The functions in this version.", + "title": "Functions", "type": "array" } }, "required": [ - "PropertyValues" + "Functions" ], "type": "object" }, - "AWS::IoT::TopicRule.PutItemInput": { + "AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy": { "additionalProperties": false, "properties": { - "TableName": { - "markdownDescription": "The table where the message data will be written.", - "title": "TableName", + "Permission": { + "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", + "title": "Permission", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", + "title": "ResourceId", "type": "string" } }, "required": [ - "TableName" + "ResourceId" ], "type": "object" }, - "AWS::IoT::TopicRule.RepublishAction": { + "AWS::Greengrass::FunctionDefinition.RunAs": { "additionalProperties": false, "properties": { - "Headers": { - "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishActionHeaders", - "markdownDescription": "MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide.", - "title": "Headers" - }, - "Qos": { - "markdownDescription": "The Quality of Service (QoS) level to use when republishing messages. The default value is 0.", - "title": "Qos", + "Gid": { + "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", + "title": "Gid", "type": "number" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", - "type": "string" - }, - "Topic": { - "markdownDescription": "The name of the MQTT topic.", - "title": "Topic", - "type": "string" + "Uid": { + "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", + "title": "Uid", + "type": "number" } }, - "required": [ - "RoleArn", - "Topic" - ], "type": "object" }, - "AWS::IoT::TopicRule.RepublishActionHeaders": { + "AWS::Greengrass::FunctionDefinitionVersion": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "A UTF-8 encoded string that describes the content of the publishing message.\n\nFor more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "ContentType", - "type": "string" - }, - "CorrelationData": { - "markdownDescription": "The base64-encoded binary data used by the sender of the request message to identify which request the response message is for.\n\nFor more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .\n\n> This binary data must be base64-encoded.", - "title": "CorrelationData", + "Condition": { "type": "string" }, - "MessageExpiry": { - "markdownDescription": "A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "MessageExpiry", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PayloadFormatIndicator": { - "markdownDescription": "An `Enum` string value that indicates whether the payload is formatted as UTF-8.\n\nValid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` .\n\nFor more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "PayloadFormatIndicator", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ResponseTopic": { - "markdownDescription": "A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters.\n\nFor more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", - "title": "ResponseTopic", - "type": "string" + "Metadata": { + "type": "object" }, - "UserProperties": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.UserProperty" + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultConfig": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig", + "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", + "title": "DefaultConfig" + }, + "FunctionDefinitionId": { + "markdownDescription": "The ID of the function definition associated with this version. This value is a GUID.", + "title": "FunctionDefinitionId", + "type": "string" + }, + "Functions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Function" + }, + "markdownDescription": "The functions in this version.", + "title": "Functions", + "type": "array" + } }, - "markdownDescription": "An array of key-value pairs that you define in the MQTT5 header.", - "title": "UserProperties", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRule.S3Action": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The Amazon S3 bucket.", - "title": "BucketName", - "type": "string" - }, - "CannedAcl": { - "markdownDescription": "The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) .", - "title": "CannedAcl", - "type": "string" + "required": [ + "FunctionDefinitionId", + "Functions" + ], + "type": "object" }, - "Key": { - "markdownDescription": "The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) .", - "title": "Key", + "Type": { + "enum": [ + "AWS::Greengrass::FunctionDefinitionVersion" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketName", - "Key", - "RoleArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRule.SigV4Authorization": { + "AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the signing role.", - "title": "RoleArn", - "type": "string" - }, - "ServiceName": { - "markdownDescription": "The service name to use while signing with Sig V4.", - "title": "ServiceName", - "type": "string" - }, - "SigningRegion": { - "markdownDescription": "The signing region.", - "title": "SigningRegion", - "type": "string" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", + "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", + "title": "Execution" } }, "required": [ - "RoleArn", - "ServiceName", - "SigningRegion" + "Execution" ], "type": "object" }, - "AWS::IoT::TopicRule.SnsAction": { + "AWS::Greengrass::FunctionDefinitionVersion.Environment": { "additionalProperties": false, "properties": { - "MessageFormat": { - "markdownDescription": "(Optional) The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* .", - "title": "MessageFormat", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", - "type": "string" + "AccessSysfs": { + "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "AccessSysfs", + "type": "boolean" }, - "TargetArn": { - "markdownDescription": "The ARN of the SNS topic.", - "title": "TargetArn", - "type": "string" - } - }, - "required": [ - "RoleArn", - "TargetArn" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.SqsAction": { - "additionalProperties": false, - "properties": { - "QueueUrl": { - "markdownDescription": "The URL of the Amazon SQS queue.", - "title": "QueueUrl", - "type": "string" + "Execution": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", + "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", + "title": "Execution" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that grants access.", - "title": "RoleArn", - "type": "string" + "ResourceAccessPolicies": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy" + }, + "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "ResourceAccessPolicies", + "type": "array" }, - "UseBase64": { - "markdownDescription": "Specifies whether to use Base64 encoding.", - "title": "UseBase64", - "type": "boolean" + "Variables": { + "markdownDescription": "Environment variables for the Lambda function.", + "title": "Variables", + "type": "object" } }, - "required": [ - "QueueUrl", - "RoleArn" - ], "type": "object" }, - "AWS::IoT::TopicRule.StepFunctionsAction": { + "AWS::Greengrass::FunctionDefinitionVersion.Execution": { "additionalProperties": false, "properties": { - "ExecutionNamePrefix": { - "markdownDescription": "(Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided.", - "title": "ExecutionNamePrefix", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").", - "title": "RoleArn", + "IsolationMode": { + "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", + "title": "IsolationMode", "type": "string" }, - "StateMachineName": { - "markdownDescription": "The name of the Step Functions state machine whose execution will be started.", - "title": "StateMachineName", - "type": "string" + "RunAs": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.RunAs", + "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", + "title": "RunAs" } }, - "required": [ - "RoleArn", - "StateMachineName" - ], "type": "object" }, - "AWS::IoT::TopicRule.Timestamp": { + "AWS::Greengrass::FunctionDefinitionVersion.Function": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", - "title": "Unit", + "FunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", + "title": "FunctionArn", "type": "string" }, - "Value": { - "markdownDescription": "An expression that returns a long epoch time value.", - "title": "Value", + "FunctionConfiguration": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration", + "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", + "title": "FunctionConfiguration" + }, + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" } }, "required": [ - "Value" + "FunctionArn", + "FunctionConfiguration", + "Id" ], "type": "object" }, - "AWS::IoT::TopicRule.TimestreamAction": { + "AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of an Amazon Timestream database that has the table to write records into.", - "title": "DatabaseName", + "EncodingType": { + "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", + "title": "EncodingType", "type": "string" }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamDimension" - }, - "markdownDescription": "Metadata attributes of the time series that are written in each measure record.", - "title": "Dimensions", - "type": "array" + "Environment": { + "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Environment", + "markdownDescription": "The environment configuration of the function.", + "title": "Environment" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table.", - "title": "RoleArn", + "ExecArgs": { + "markdownDescription": "The execution arguments.", + "title": "ExecArgs", "type": "string" }, - "TableName": { - "markdownDescription": "The table where the message data will be written.", - "title": "TableName", + "Executable": { + "markdownDescription": "The name of the function executable.", + "title": "Executable", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamTimestamp", - "markdownDescription": "The value to use for the entry's timestamp. If blank, the time that the entry was processed is used.", - "title": "Timestamp" - } - }, - "required": [ - "DatabaseName", - "Dimensions", - "RoleArn", - "TableName" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.TimestreamDimension": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.", - "title": "Name", - "type": "string" + "MemorySize": { + "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", + "title": "MemorySize", + "type": "number" }, - "Value": { - "markdownDescription": "The value to write in this column of the database record.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::IoT::TopicRule.TimestreamTimestamp": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", - "title": "Unit", - "type": "string" + "Pinned": { + "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", + "title": "Pinned", + "type": "boolean" }, - "Value": { - "markdownDescription": "An expression that returns a long epoch time value.", - "title": "Value", - "type": "string" + "Timeout": { + "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", + "title": "Timeout", + "type": "number" } }, - "required": [ - "Unit", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRule.TopicRulePayload": { + "AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Action" - }, - "markdownDescription": "The actions associated with the rule.", - "title": "Actions", - "type": "array" - }, - "AwsIotSqlVersion": { - "markdownDescription": "The version of the SQL rules engine to use when evaluating the rule.\n\nThe default value is 2015-10-08.", - "title": "AwsIotSqlVersion", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the rule.", - "title": "Description", + "Permission": { + "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", + "title": "Permission", "type": "string" }, - "ErrorAction": { - "$ref": "#/definitions/AWS::IoT::TopicRule.Action", - "markdownDescription": "The action to take when an error occurs.", - "title": "ErrorAction" - }, - "RuleDisabled": { - "markdownDescription": "Specifies whether the rule is disabled.", - "title": "RuleDisabled", - "type": "boolean" - }, - "Sql": { - "markdownDescription": "The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* .", - "title": "Sql", + "ResourceId": { + "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", + "title": "ResourceId", "type": "string" } }, "required": [ - "Actions", - "Sql" + "ResourceId" ], "type": "object" }, - "AWS::IoT::TopicRule.UserProperty": { + "AWS::Greengrass::FunctionDefinitionVersion.RunAs": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A key to be specified in `UserProperty` .", - "title": "Key", - "type": "string" + "Gid": { + "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", + "title": "Gid", + "type": "number" }, - "Value": { - "markdownDescription": "A value to be specified in `UserProperty` .", - "title": "Value", - "type": "string" + "Uid": { + "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", + "title": "Uid", + "type": "number" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::IoT::TopicRuleDestination": { + "AWS::Greengrass::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -124678,27 +134307,35 @@ "Properties": { "additionalProperties": false, "properties": { - "HttpUrlProperties": { - "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary", - "markdownDescription": "Properties of the HTTP URL.", - "title": "HttpUrlProperties" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::Group.GroupVersion", + "markdownDescription": "The group version to include when the group is created. A group version references the Amazon Resource Name (ARN) of a core definition version, device definition version, subscription definition version, and other version types. The group version must reference a core definition version that contains one core. Other version types are optionally included, depending on your business need.\n\n> To associate a group version after the group is created, create an [`AWS::Greengrass::GroupVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-groupversion.html) resource and specify the ID of this group.", + "title": "InitialVersion" }, - "Status": { - "markdownDescription": "- **IN_PROGRESS** - A topic rule destination was created but has not been confirmed. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.\n- **ENABLED** - Confirmation was completed, and traffic to this destination is allowed. You can set status to `DISABLED` by calling `UpdateTopicRuleDestination` .\n- **DISABLED** - Confirmation was completed, and traffic to this destination is not allowed. You can set status to `ENABLED` by calling `UpdateTopicRuleDestination` .\n- **ERROR** - Confirmation could not be completed; for example, if the confirmation timed out. You can call `GetTopicRuleDestination` for details about the error. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.", - "title": "Status", + "Name": { + "markdownDescription": "The name of the group.", + "title": "Name", "type": "string" }, - "VpcProperties": { - "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.VpcDestinationProperties", - "markdownDescription": "Properties of the virtual private cloud (VPC) connection.", - "title": "VpcProperties" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role attached to the group. This role contains the permissions that Lambda functions and connectors use to interact with other AWS services.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the group. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoT::TopicRuleDestination" + "AWS::Greengrass::Group" ], "type": "string" }, @@ -124712,54 +134349,53 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary": { + "AWS::Greengrass::Group.GroupVersion": { "additionalProperties": false, "properties": { - "ConfirmationUrl": { - "markdownDescription": "The URL used to confirm the HTTP topic rule destination URL.", - "title": "ConfirmationUrl", + "ConnectorDefinitionVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", + "title": "ConnectorDefinitionVersionArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::IoT::TopicRuleDestination.VpcDestinationProperties": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs).", - "title": "RoleArn", + }, + "CoreDefinitionVersionArn": { + "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", + "title": "CoreDefinitionVersionArn", "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups of the VPC destination.", - "title": "SecurityGroups", - "type": "array" + "DeviceDefinitionVersionArn": { + "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", + "title": "DeviceDefinitionVersionArn", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnet IDs of the VPC destination.", - "title": "SubnetIds", - "type": "array" + "FunctionDefinitionVersionArn": { + "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", + "title": "FunctionDefinitionVersionArn", + "type": "string" }, - "VpcId": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcId", + "LoggerDefinitionVersionArn": { + "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", + "title": "LoggerDefinitionVersionArn", + "type": "string" + }, + "ResourceDefinitionVersionArn": { + "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", + "title": "ResourceDefinitionVersionArn", + "type": "string" + }, + "SubscriptionDefinitionVersionArn": { + "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", + "title": "SubscriptionDefinitionVersionArn", "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Channel": { + "AWS::Greengrass::GroupVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -124794,35 +134430,55 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", + "ConnectorDefinitionVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", + "title": "ConnectorDefinitionVersionArn", "type": "string" }, - "ChannelStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.ChannelStorage", - "markdownDescription": "Where channel data is stored.", - "title": "ChannelStorage" + "CoreDefinitionVersionArn": { + "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", + "title": "CoreDefinitionVersionArn", + "type": "string" }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.RetentionPeriod", - "markdownDescription": "How long, in days, message data is kept for the channel.", - "title": "RetentionPeriod" + "DeviceDefinitionVersionArn": { + "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", + "title": "DeviceDefinitionVersionArn", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "FunctionDefinitionVersionArn": { + "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", + "title": "FunctionDefinitionVersionArn", + "type": "string" + }, + "GroupId": { + "markdownDescription": "The ID of the group associated with this version. This value is a GUID.", + "title": "GroupId", + "type": "string" + }, + "LoggerDefinitionVersionArn": { + "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", + "title": "LoggerDefinitionVersionArn", + "type": "string" + }, + "ResourceDefinitionVersionArn": { + "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", + "title": "ResourceDefinitionVersionArn", + "type": "string" + }, + "SubscriptionDefinitionVersionArn": { + "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", + "title": "SubscriptionDefinitionVersionArn", + "type": "string" } }, + "required": [ + "GroupId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Channel" + "AWS::Greengrass::GroupVersion" ], "type": "string" }, @@ -124836,68 +134492,143 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Channel.ChannelStorage": { + "AWS::Greengrass::LoggerDefinition": { "additionalProperties": false, "properties": { - "CustomerManagedS3": { - "$ref": "#/definitions/AWS::IoTAnalytics::Channel.CustomerManagedS3", - "markdownDescription": "Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created.", - "title": "CustomerManagedS3" + "Condition": { + "type": "string" }, - "ServiceManagedS3": { - "markdownDescription": "Used to store channel data in an S3 bucket managed by AWS IoT Analytics . You can't change the choice of S3 storage after the data store is created.", - "title": "ServiceManagedS3", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion", + "markdownDescription": "The logger definition version to include when the logger definition is created. A logger definition version contains a list of [`logger`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-loggerdefinition-logger.html) property types.\n\n> To associate a logger definition version after the logger definition is created, create an [`AWS::Greengrass::LoggerDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-loggerdefinitionversion.html) resource and specify the ID of this logger definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the logger definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the logger definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::LoggerDefinition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::IoTAnalytics::Channel.CustomerManagedS3": { + "AWS::Greengrass::LoggerDefinition.Logger": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket in which channel data is stored.", - "title": "Bucket", + "Component": { + "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", + "title": "Component", "type": "string" }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/).", - "title": "KeyPrefix", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", - "title": "RoleArn", + "Level": { + "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", + "title": "Level", + "type": "string" + }, + "Space": { + "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", + "title": "Space", + "type": "number" + }, + "Type": { + "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", + "title": "Type", "type": "string" } }, "required": [ - "Bucket", - "RoleArn" + "Component", + "Id", + "Level", + "Type" ], "type": "object" }, - "AWS::IoTAnalytics::Channel.RetentionPeriod": { + "AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion": { "additionalProperties": false, "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" - }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" + "Loggers": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.Logger" + }, + "markdownDescription": "The loggers in this version.", + "title": "Loggers", + "type": "array" } }, + "required": [ + "Loggers" + ], "type": "object" }, - "AWS::IoTAnalytics::Dataset": { + "AWS::Greengrass::LoggerDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -124932,70 +134663,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Action" - }, - "markdownDescription": "The `DatasetAction` objects that automatically create the dataset contents.", - "title": "Actions", - "type": "array" - }, - "ContentDeliveryRules": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule" - }, - "markdownDescription": "When dataset contents are created they are delivered to destinations specified here.", - "title": "ContentDeliveryRules", - "type": "array" - }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", + "LoggerDefinitionId": { + "markdownDescription": "The ID of the logger definition associated with this version. This value is a GUID.", + "title": "LoggerDefinitionId", "type": "string" }, - "LateDataRules": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRule" - }, - "markdownDescription": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter.", - "title": "LateDataRules", - "type": "array" - }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.RetentionPeriod", - "markdownDescription": "Optional. How long, in days, message data is kept for the dataset.", - "title": "RetentionPeriod" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "Triggers": { + "Loggers": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Trigger" + "$ref": "#/definitions/AWS::Greengrass::LoggerDefinitionVersion.Logger" }, - "markdownDescription": "The `DatasetTrigger` objects that specify when the dataset is automatically updated.", - "title": "Triggers", + "markdownDescription": "The loggers in this version.", + "title": "Loggers", "type": "array" - }, - "VersioningConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.VersioningConfiguration", - "markdownDescription": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* .", - "title": "VersioningConfiguration" } }, "required": [ - "Actions" + "LoggerDefinitionId", + "Loggers" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Dataset" + "AWS::Greengrass::LoggerDefinitionVersion" ], "type": "string" }, @@ -125014,426 +134704,638 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Action": { + "AWS::Greengrass::LoggerDefinitionVersion.Logger": { "additionalProperties": false, "properties": { - "ActionName": { - "markdownDescription": "The name of the data set action by which data set contents are automatically created.", - "title": "ActionName", + "Component": { + "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", + "title": "Component", "type": "string" }, - "ContainerAction": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ContainerAction", - "markdownDescription": "Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries.", - "title": "ContainerAction" + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" }, - "QueryAction": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.QueryAction", - "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", - "title": "QueryAction" + "Level": { + "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", + "title": "Level", + "type": "string" + }, + "Space": { + "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", + "title": "Space", + "type": "number" + }, + "Type": { + "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", + "title": "Type", + "type": "string" } }, "required": [ - "ActionName" + "Component", + "Id", + "Level", + "Type" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.ContainerAction": { + "AWS::Greengrass::ResourceDefinition": { "additionalProperties": false, "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The ARN of the role which gives permission to the system to access needed resources in order to run the \"containerAction\". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application.", - "title": "ExecutionRoleArn", + "Condition": { "type": "string" }, - "Image": { - "markdownDescription": "The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents.", - "title": "Image", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ResourceConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ResourceConfiguration", - "markdownDescription": "Configuration of the resource which executes the \"containerAction\".", - "title": "ResourceConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Variable" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion", + "markdownDescription": "The resource definition version to include when the resource definition is created. A resource definition version contains a list of [`resource instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinition-resourceinstance.html) property types.\n\n> To associate a resource definition version after the resource definition is created, create an [`AWS::Greengrass::ResourceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-resourcedefinitionversion.html) resource and specify the ID of this resource definition.", + "title": "InitialVersion" + }, + "Name": { + "markdownDescription": "The name of the resource definition.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "Application-specific metadata to attach to the resource definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of \"stringValue\", \"datasetContentVersionValue\", or \"outputFileUriValue\".", - "title": "Variables", - "type": "array" + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::ResourceDefinition" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ExecutionRoleArn", - "Image", - "ResourceConfiguration" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule": { + "AWS::Greengrass::ResourceDefinition.GroupOwnerSetting": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination", - "markdownDescription": "The destination to which dataset contents are delivered.", - "title": "Destination" + "AutoAddGroupOwner": { + "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", + "title": "AutoAddGroupOwner", + "type": "boolean" }, - "EntryName": { - "markdownDescription": "The name of the dataset content delivery rules entry.", - "title": "EntryName", + "GroupOwner": { + "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", + "title": "GroupOwner", "type": "string" } }, "required": [ - "Destination" + "AutoAddGroupOwner" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination": { + "AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData": { "additionalProperties": false, "properties": { - "IotEventsDestinationConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration", - "markdownDescription": "Configuration information for delivery of dataset contents to AWS IoT Events .", - "title": "IotEventsDestinationConfiguration" + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" }, - "S3DestinationConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.S3DestinationConfiguration", - "markdownDescription": "Configuration information for delivery of dataset contents to Amazon S3.", - "title": "S3DestinationConfiguration" + "SourcePath": { + "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", + "title": "SourcePath", + "type": "string" } }, + "required": [ + "SourcePath" + ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.DatasetContentVersionValue": { + "AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData": { "additionalProperties": false, "properties": { - "DatasetName": { - "markdownDescription": "The name of the dataset whose latest contents are used as input to the notebook or application.", - "title": "DatasetName", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource in the Lambda environment.", + "title": "DestinationPath", + "type": "string" + }, + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" + }, + "SourcePath": { + "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", + "title": "SourcePath", "type": "string" } }, "required": [ - "DatasetName" + "DestinationPath", + "SourcePath" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.DeltaTime": { + "AWS::Greengrass::ResourceDefinition.ResourceDataContainer": { "additionalProperties": false, "properties": { - "OffsetSeconds": { - "markdownDescription": "The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe.", - "title": "OffsetSeconds", - "type": "number" + "LocalDeviceResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData", + "markdownDescription": "Settings for a local device resource.", + "title": "LocalDeviceResourceData" }, - "TimeExpression": { - "markdownDescription": "An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated.", - "title": "TimeExpression", - "type": "string" + "LocalVolumeResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData", + "markdownDescription": "Settings for a local volume resource.", + "title": "LocalVolumeResourceData" + }, + "S3MachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", + "title": "S3MachineLearningModelResourceData" + }, + "SageMakerMachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", + "title": "SageMakerMachineLearningModelResourceData" + }, + "SecretsManagerSecretResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData", + "markdownDescription": "Settings for a secret resource.", + "title": "SecretsManagerSecretResourceData" } }, - "required": [ - "OffsetSeconds", - "TimeExpression" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration": { + "AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion": { "additionalProperties": false, "properties": { - "TimeoutInMinutes": { - "markdownDescription": "A time interval. You can use `timeoutInMinutes` so that AWS IoT Analytics can batch up late data notifications that have been generated since the last execution. AWS IoT Analytics sends one batch of notifications to Amazon CloudWatch Events at one time.\n\nFor more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* .", - "title": "TimeoutInMinutes", - "type": "number" + "Resources": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceInstance" + }, + "markdownDescription": "The resources in this version.", + "title": "Resources", + "type": "array" } }, "required": [ - "TimeoutInMinutes" + "Resources" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Filter": { + "AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting": { "additionalProperties": false, "properties": { - "DeltaTime": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTime", - "markdownDescription": "Used to limit data to that which has arrived since the last execution of the action.", - "title": "DeltaTime" + "GroupOwner": { + "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", + "title": "GroupOwner", + "type": "string" + }, + "GroupPermission": { + "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", + "title": "GroupPermission", + "type": "string" } }, + "required": [ + "GroupOwner", + "GroupPermission" + ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.GlueConfiguration": { + "AWS::Greengrass::ResourceDefinition.ResourceInstance": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables.", - "title": "DatabaseName", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets.", - "title": "TableName", + "Name": { + "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", + "title": "Name", "type": "string" + }, + "ResourceDataContainer": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDataContainer", + "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", + "title": "ResourceDataContainer" } }, "required": [ - "DatabaseName", - "TableName" + "Id", + "Name", + "ResourceDataContainer" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration": { + "AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input to which dataset contents are delivered.", - "title": "InputName", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to deliver dataset contents to an AWS IoT Events input.", - "title": "RoleArn", + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" + }, + "S3Uri": { + "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", + "title": "S3Uri", "type": "string" } }, "required": [ - "InputName", - "RoleArn" + "DestinationPath", + "S3Uri" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.LateDataRule": { + "AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "RuleConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration", - "markdownDescription": "The information needed to configure the late data rule.", - "title": "RuleConfiguration" + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", + "type": "string" }, - "RuleName": { - "markdownDescription": "The name of the late data rule.", - "title": "RuleName", + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" + }, + "SageMakerJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", + "title": "SageMakerJobArn", "type": "string" } }, "required": [ - "RuleConfiguration" + "DestinationPath", + "SageMakerJobArn" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration": { + "AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData": { "additionalProperties": false, "properties": { - "DeltaTimeSessionWindowConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration", - "markdownDescription": "The information needed to configure a delta time session window.", - "title": "DeltaTimeSessionWindowConfiguration" + "ARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", + "title": "ARN", + "type": "string" + }, + "AdditionalStagingLabelsToDownload": { + "items": { + "type": "string" + }, + "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", + "title": "AdditionalStagingLabelsToDownload", + "type": "array" } }, + "required": [ + "ARN" + ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.OutputFileUriValue": { + "AWS::Greengrass::ResourceDefinitionVersion": { "additionalProperties": false, "properties": { - "FileName": { - "markdownDescription": "The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket.", - "title": "FileName", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceDefinitionId": { + "markdownDescription": "The ID of the resource definition associated with this version. This value is a GUID.", + "title": "ResourceDefinitionId", + "type": "string" + }, + "Resources": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance" + }, + "markdownDescription": "The resources in this version.", + "title": "Resources", + "type": "array" + } + }, + "required": [ + "ResourceDefinitionId", + "Resources" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::ResourceDefinitionVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FileName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.QueryAction": { + "AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting": { "additionalProperties": false, "properties": { - "Filters": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Filter" - }, - "markdownDescription": "Pre-filters applied to message data.", - "title": "Filters", - "type": "array" + "AutoAddGroupOwner": { + "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", + "title": "AutoAddGroupOwner", + "type": "boolean" }, - "SqlQuery": { - "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", - "title": "SqlQuery", + "GroupOwner": { + "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", + "title": "GroupOwner", "type": "string" } }, "required": [ - "SqlQuery" + "AutoAddGroupOwner" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.ResourceConfiguration": { + "AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData": { "additionalProperties": false, "properties": { - "ComputeType": { - "markdownDescription": "The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB).", - "title": "ComputeType", - "type": "string" + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" }, - "VolumeSizeInGB": { - "markdownDescription": "The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50).", - "title": "VolumeSizeInGB", - "type": "number" + "SourcePath": { + "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", + "title": "SourcePath", + "type": "string" } }, "required": [ - "ComputeType", - "VolumeSizeInGB" + "SourcePath" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.RetentionPeriod": { + "AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData": { "additionalProperties": false, "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", - "type": "number" + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource in the Lambda environment.", + "title": "DestinationPath", + "type": "string" }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", - "type": "boolean" + "GroupOwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", + "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", + "title": "GroupOwnerSetting" + }, + "SourcePath": { + "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", + "title": "SourcePath", + "type": "string" } }, + "required": [ + "DestinationPath", + "SourcePath" + ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.S3DestinationConfiguration": { + "AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket to which dataset contents are delivered.", - "title": "Bucket", - "type": "string" + "LocalDeviceResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData", + "markdownDescription": "Settings for a local device resource.", + "title": "LocalDeviceResourceData" }, - "GlueConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.GlueConfiguration", - "markdownDescription": "Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service.", - "title": "GlueConfiguration" + "LocalVolumeResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData", + "markdownDescription": "Settings for a local volume resource.", + "title": "LocalVolumeResourceData" }, - "Key": { - "markdownDescription": "The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key.\n\nYou can create a unique key with the following options:\n\n- Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run.\n- Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content.\n- Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content.\n\nThe following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv`\n\n> If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other.", - "title": "Key", - "type": "string" + "S3MachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", + "title": "S3MachineLearningModelResourceData" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 and AWS Glue resources.", - "title": "RoleArn", - "type": "string" + "SageMakerMachineLearningModelResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData", + "markdownDescription": "Settings for a machine learning resource saved as an SageMaker AI training job.", + "title": "SageMakerMachineLearningModelResourceData" + }, + "SecretsManagerSecretResourceData": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData", + "markdownDescription": "Settings for a secret resource.", + "title": "SecretsManagerSecretResourceData" } }, - "required": [ - "Bucket", - "Key", - "RoleArn" - ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Schedule": { + "AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation.", - "title": "ScheduleExpression", + "GroupOwner": { + "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", + "title": "GroupOwner", + "type": "string" + }, + "GroupPermission": { + "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", + "title": "GroupPermission", "type": "string" } }, "required": [ - "ScheduleExpression" + "GroupOwner", + "GroupPermission" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Trigger": { + "AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance": { "additionalProperties": false, "properties": { - "Schedule": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Schedule", - "markdownDescription": "The \"Schedule\" when the trigger is initiated.", - "title": "Schedule" + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" }, - "TriggeringDataset": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.TriggeringDataset", - "markdownDescription": "Information about the data set whose content generation triggers the new data set content generation.", - "title": "TriggeringDataset" + "Name": { + "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", + "title": "Name", + "type": "string" + }, + "ResourceDataContainer": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer", + "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", + "title": "ResourceDataContainer" } }, + "required": [ + "Id", + "Name", + "ResourceDataContainer" + ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.TriggeringDataset": { + "AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "DatasetName": { - "markdownDescription": "The name of the data set whose content generation triggers the new data set content generation.", - "title": "DatasetName", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", + "type": "string" + }, + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" + }, + "S3Uri": { + "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", + "title": "S3Uri", "type": "string" } }, "required": [ - "DatasetName" + "DestinationPath", + "S3Uri" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.Variable": { + "AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData": { "additionalProperties": false, "properties": { - "DatasetContentVersionValue": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentVersionValue", - "markdownDescription": "The value of the variable as a structure that specifies a dataset content version.", - "title": "DatasetContentVersionValue" - }, - "DoubleValue": { - "markdownDescription": "The value of the variable as a double (numeric).", - "title": "DoubleValue", - "type": "number" - }, - "OutputFileUriValue": { - "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.OutputFileUriValue", - "markdownDescription": "The value of the variable as a structure that specifies an output file URI.", - "title": "OutputFileUriValue" - }, - "StringValue": { - "markdownDescription": "The value of the variable as a string.", - "title": "StringValue", + "DestinationPath": { + "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", + "title": "DestinationPath", "type": "string" }, - "VariableName": { - "markdownDescription": "The name of the variable.", - "title": "VariableName", + "OwnerSetting": { + "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", + "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", + "title": "OwnerSetting" + }, + "SageMakerJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker AI training job that represents the source model.", + "title": "SageMakerJobArn", "type": "string" } }, "required": [ - "VariableName" + "DestinationPath", + "SageMakerJobArn" ], "type": "object" }, - "AWS::IoTAnalytics::Dataset.VersioningConfiguration": { + "AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData": { "additionalProperties": false, "properties": { - "MaxVersions": { - "markdownDescription": "How many versions of dataset contents are kept. The `unlimited` parameter must be `false` .", - "title": "MaxVersions", - "type": "number" + "ARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", + "title": "ARN", + "type": "string" }, - "Unlimited": { - "markdownDescription": "If true, unlimited versions of dataset contents are kept.", - "title": "Unlimited", - "type": "boolean" + "AdditionalStagingLabelsToDownload": { + "items": { + "type": "string" + }, + "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", + "title": "AdditionalStagingLabelsToDownload", + "type": "array" } }, + "required": [ + "ARN" + ], "type": "object" }, - "AWS::IoTAnalytics::Datastore": { + "AWS::Greengrass::SubscriptionDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -125468,45 +135370,30 @@ "Properties": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The name of the data store.", - "title": "DatastoreName", - "type": "string" - }, - "DatastorePartitions": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartitions", - "markdownDescription": "Information about the partition dimensions in a data store.", - "title": "DatastorePartitions" - }, - "DatastoreStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastoreStorage", - "markdownDescription": "Where data store data is stored.", - "title": "DatastoreStorage" - }, - "FileFormatConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.FileFormatConfiguration", - "markdownDescription": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store.", - "title": "FileFormatConfiguration" + "InitialVersion": { + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion", + "markdownDescription": "The subscription definition version to include when the subscription definition is created. A subscription definition version contains a list of [`subscription`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-subscriptiondefinition-subscription.html) property types.\n\n> To associate a subscription definition version after the subscription definition is created, create an [`AWS::Greengrass::SubscriptionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-subscriptiondefinitionversion.html) resource and specify the ID of this subscription definition.", + "title": "InitialVersion" }, - "RetentionPeriod": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.RetentionPeriod", - "markdownDescription": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored.", - "title": "RetentionPeriod" + "Name": { + "markdownDescription": "The name of the subscription definition.", + "title": "Name", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Application-specific metadata to attach to the subscription definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", - "type": "array" + "type": "object" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Datastore" + "AWS::Greengrass::SubscriptionDefinition" ], "type": "string" }, @@ -125520,227 +135407,515 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.Column": { + "AWS::Greengrass::SubscriptionDefinition.Subscription": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the column.", - "title": "Name", + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", "type": "string" }, - "Type": { - "markdownDescription": "The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* .", - "title": "Type", + "Source": { + "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Source", + "type": "string" + }, + "Subject": { + "markdownDescription": "The MQTT topic used to route the message.", + "title": "Subject", + "type": "string" + }, + "Target": { + "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Target", "type": "string" } }, "required": [ - "Name", - "Type" + "Id", + "Source", + "Subject", + "Target" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.CustomerManagedS3": { + "AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", - "title": "Bucket", - "type": "string" - }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", - "title": "KeyPrefix", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", - "title": "RoleArn", - "type": "string" + "Subscriptions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.Subscription" + }, + "markdownDescription": "The subscriptions in this version.", + "title": "Subscriptions", + "type": "array" } }, "required": [ - "Bucket", - "RoleArn" + "Subscriptions" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage": { + "AWS::Greengrass::SubscriptionDefinitionVersion": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", - "title": "Bucket", + "Condition": { "type": "string" }, - "KeyPrefix": { - "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", - "title": "KeyPrefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "SubscriptionDefinitionId": { + "markdownDescription": "The ID of the subscription definition associated with this version. This value is a GUID.", + "title": "SubscriptionDefinitionId", + "type": "string" + }, + "Subscriptions": { + "items": { + "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinitionVersion.Subscription" + }, + "markdownDescription": "The subscriptions in this version.", + "title": "Subscriptions", + "type": "array" + } + }, + "required": [ + "SubscriptionDefinitionId", + "Subscriptions" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Greengrass::SubscriptionDefinitionVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Bucket" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.DatastorePartition": { + "AWS::Greengrass::SubscriptionDefinitionVersion.Subscription": { "additionalProperties": false, "properties": { - "Partition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Partition", - "markdownDescription": "A partition dimension defined by an attribute.", - "title": "Partition" + "Id": { + "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", + "title": "Id", + "type": "string" }, - "TimestampPartition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.TimestampPartition", - "markdownDescription": "A partition dimension defined by a timestamp attribute.", - "title": "TimestampPartition" + "Source": { + "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Source", + "type": "string" + }, + "Subject": { + "markdownDescription": "The MQTT topic used to route the message.", + "title": "Subject", + "type": "string" + }, + "Target": { + "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", + "title": "Target", + "type": "string" } }, + "required": [ + "Id", + "Source", + "Subject", + "Target" + ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.DatastorePartitions": { + "AWS::GreengrassV2::ComponentVersion": { "additionalProperties": false, "properties": { - "Partitions": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartition" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InlineRecipe": { + "markdownDescription": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", + "title": "InlineRecipe", + "type": "string" + }, + "LambdaFunction": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource", + "markdownDescription": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", + "title": "LambdaFunction" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "A list of partition dimensions in a data store.", - "title": "Partitions", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::GreengrassV2::ComponentVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.DatastoreStorage": { + "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { "additionalProperties": false, "properties": { - "CustomerManagedS3": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3", - "markdownDescription": "Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", - "title": "CustomerManagedS3" - }, - "IotSiteWiseMultiLayerStorage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage", - "markdownDescription": "Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created.", - "title": "IotSiteWiseMultiLayerStorage" + "DependencyType": { + "markdownDescription": "The type of this dependency. Choose from the following options:\n\n- `SOFT` \u2013 The component doesn't restart if the dependency changes state.\n- `HARD` \u2013 The component restarts if the dependency changes state.\n\nDefault: `HARD`", + "title": "DependencyType", + "type": "string" }, - "ServiceManagedS3": { - "markdownDescription": "Use this to store data store data in an S3 bucket managed by the AWS IoT Analytics service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", - "title": "ServiceManagedS3", - "type": "object" + "VersionRequirement": { + "markdownDescription": "The component version requirement for the component dependency.\n\nAWS IoT Greengrass uses semantic version constraints. For more information, see [Semantic Versioning](https://docs.aws.amazon.com/https://semver.org/) .", + "title": "VersionRequirement", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.FileFormatConfiguration": { + "AWS::GreengrassV2::ComponentVersion.ComponentPlatform": { "additionalProperties": false, "properties": { - "JsonConfiguration": { - "markdownDescription": "Contains the configuration information of the JSON format.", - "title": "JsonConfiguration", + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", "type": "object" }, - "ParquetConfiguration": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.ParquetConfiguration", - "markdownDescription": "Contains the configuration information of the Parquet format.", - "title": "ParquetConfiguration" + "Name": { + "markdownDescription": "The friendly name of the platform. This name helps you identify the platform.\n\nIf you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage": { + "AWS::GreengrassV2::ComponentVersion.LambdaContainerParams": { "additionalProperties": false, "properties": { - "CustomerManagedS3Storage": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage", - "markdownDescription": "Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage.", - "title": "CustomerManagedS3Storage" + "Devices": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount" + }, + "markdownDescription": "The list of system devices that the container can access.", + "title": "Devices", + "type": "array" + }, + "MemorySizeInKB": { + "markdownDescription": "The memory size of the container, expressed in kilobytes.\n\nDefault: `16384` (16 MB)", + "title": "MemorySizeInKB", + "type": "number" + }, + "MountROSysfs": { + "markdownDescription": "Whether or not the container can read information from the device's `/sys` folder.\n\nDefault: `false`", + "title": "MountROSysfs", + "type": "boolean" + }, + "Volumes": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount" + }, + "markdownDescription": "The list of volumes that the container can access.", + "title": "Volumes", + "type": "array" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.ParquetConfiguration": { + "AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount": { "additionalProperties": false, "properties": { - "SchemaDefinition": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.SchemaDefinition", - "markdownDescription": "Information needed to define a schema.", - "title": "SchemaDefinition" + "AddGroupOwner": { + "markdownDescription": "Whether or not to add the component's system user as an owner of the device.\n\nDefault: `false`", + "title": "AddGroupOwner", + "type": "boolean" + }, + "Path": { + "markdownDescription": "The mount path for the device in the file system.", + "title": "Path", + "type": "string" + }, + "Permission": { + "markdownDescription": "The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", + "title": "Permission", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.Partition": { + "AWS::GreengrassV2::ComponentVersion.LambdaEventSource": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the attribute that defines a partition dimension.", - "title": "AttributeName", + "Topic": { + "markdownDescription": "The topic to which to subscribe to receive event messages.", + "title": "Topic", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of event source. Choose from the following options:\n\n- `PUB_SUB` \u2013 Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic.\n- `IOT_CORE` \u2013 Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic.", + "title": "Type", "type": "string" } }, - "required": [ - "AttributeName" - ], "type": "object" }, - "AWS::IoTAnalytics::Datastore.RetentionPeriod": { + "AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters": { "additionalProperties": false, "properties": { - "NumberOfDays": { - "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", - "title": "NumberOfDays", + "EnvironmentVariables": { + "additionalProperties": true, + "markdownDescription": "The map of environment variables that are available to the Lambda function when it runs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "EnvironmentVariables", + "type": "object" + }, + "EventSources": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaEventSource" + }, + "markdownDescription": "The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages.", + "title": "EventSources", + "type": "array" + }, + "ExecArgs": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of arguments to pass to the Lambda function when it runs.", + "title": "ExecArgs", + "type": "array" + }, + "InputPayloadEncodingType": { + "markdownDescription": "The encoding type that the Lambda function supports.\n\nDefault: `json`", + "title": "InputPayloadEncodingType", + "type": "string" + }, + "LinuxProcessParams": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams", + "markdownDescription": "The parameters for the Linux process that contains the Lambda function.", + "title": "LinuxProcessParams" + }, + "MaxIdleTimeInSeconds": { + "markdownDescription": "The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process.", + "title": "MaxIdleTimeInSeconds", "type": "number" }, - "Unlimited": { - "markdownDescription": "If true, message data is kept indefinitely.", - "title": "Unlimited", + "MaxInstancesCount": { + "markdownDescription": "The maximum number of instances that a non-pinned Lambda function can run at the same time.", + "title": "MaxInstancesCount", + "type": "number" + }, + "MaxQueueSize": { + "markdownDescription": "The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message.", + "title": "MaxQueueSize", + "type": "number" + }, + "Pinned": { + "markdownDescription": "Whether or not the Lambda function is pinned, or long-lived.\n\n- A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container.\n- A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function.\n\nDefault: `true`", + "title": "Pinned", "type": "boolean" + }, + "StatusTimeoutInSeconds": { + "markdownDescription": "The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component.", + "title": "StatusTimeoutInSeconds", + "type": "number" + }, + "TimeoutInSeconds": { + "markdownDescription": "The maximum amount of time in seconds that the Lambda function can process a work item.", + "title": "TimeoutInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.SchemaDefinition": { + "AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource": { "additionalProperties": false, "properties": { - "Columns": { + "ComponentDependencies": { + "additionalProperties": false, + "markdownDescription": "The component versions on which this Lambda function component depends.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement" + } + }, + "title": "ComponentDependencies", + "type": "object" + }, + "ComponentLambdaParameters": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters", + "markdownDescription": "The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device.", + "title": "ComponentLambdaParameters" + }, + "ComponentName": { + "markdownDescription": "The name of the component.\n\nDefaults to the name of the Lambda function.", + "title": "ComponentName", + "type": "string" + }, + "ComponentPlatforms": { "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Column" + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentPlatform" }, - "markdownDescription": "Specifies one or more columns that store your data.\n\nEach schema can have up to 100 columns. Each column can have up to 100 nested types.", - "title": "Columns", + "markdownDescription": "The platforms that the component version supports.", + "title": "ComponentPlatforms", "type": "array" + }, + "ComponentVersion": { + "markdownDescription": "The version of the component.\n\nDefaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` .", + "title": "ComponentVersion", + "type": "string" + }, + "LambdaArn": { + "markdownDescription": "The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` .", + "title": "LambdaArn", + "type": "string" } }, "type": "object" }, - "AWS::IoTAnalytics::Datastore.TimestampPartition": { + "AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The attribute name of the partition defined by a timestamp.", - "title": "AttributeName", + "ContainerParams": { + "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaContainerParams", + "markdownDescription": "The parameters for the container in which the Lambda function runs.", + "title": "ContainerParams" + }, + "IsolationMode": { + "markdownDescription": "The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container.\n\nDefault: `GreengrassContainer`", + "title": "IsolationMode", "type": "string" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount": { + "additionalProperties": false, + "properties": { + "AddGroupOwner": { + "markdownDescription": "Whether or not to add the AWS IoT Greengrass user group as an owner of the volume.\n\nDefault: `false`", + "title": "AddGroupOwner", + "type": "boolean" }, - "TimestampFormat": { - "markdownDescription": "The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time).", - "title": "TimestampFormat", + "DestinationPath": { + "markdownDescription": "The path to the logical volume in the file system.", + "title": "DestinationPath", + "type": "string" + }, + "Permission": { + "markdownDescription": "The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", + "title": "Permission", + "type": "string" + }, + "SourcePath": { + "markdownDescription": "The path to the physical volume in the file system.", + "title": "SourcePath", "type": "string" } }, - "required": [ - "AttributeName" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline": { + "AWS::GreengrassV2::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -125775,36 +135950,62 @@ "Properties": { "additionalProperties": false, "properties": { - "PipelineActivities": { - "items": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Activity" + "Components": { + "additionalProperties": false, + "markdownDescription": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification" + } }, - "markdownDescription": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`", - "title": "PipelineActivities", - "type": "array" + "title": "Components", + "type": "object" }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", + "DeploymentName": { + "markdownDescription": "The name of the deployment.", + "title": "DeploymentName", + "type": "string" + }, + "DeploymentPolicies": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentPolicies", + "markdownDescription": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure.", + "title": "DeploymentPolicies" + }, + "IotJobConfiguration": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration", + "markdownDescription": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration.", + "title": "IotJobConfiguration" + }, + "ParentTargetArn": { + "markdownDescription": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment.", + "title": "ParentTargetArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" + }, + "TargetArn": { + "markdownDescription": "The ARN of the target AWS IoT thing or thing group.", + "title": "TargetArn", + "type": "string" } }, "required": [ - "PipelineActivities" + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTAnalytics::Pipeline" + "AWS::GreengrassV2::Deployment" ], "type": "string" }, @@ -125823,356 +136024,271 @@ ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Activity": { + "AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate": { "additionalProperties": false, "properties": { - "AddAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.AddAttributes", - "markdownDescription": "Adds other attributes based on existing attributes in the message.", - "title": "AddAttributes" - }, - "Channel": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Channel", - "markdownDescription": "Determines the source of the messages to be processed.", - "title": "Channel" - }, - "Datastore": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Datastore", - "markdownDescription": "Specifies where to store the processed message data.", - "title": "Datastore" - }, - "DeviceRegistryEnrich": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich", - "markdownDescription": "Adds data from the AWS IoT device registry to your message.", - "title": "DeviceRegistryEnrich" - }, - "DeviceShadowEnrich": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich", - "markdownDescription": "Adds information from the AWS IoT Device Shadows service to a message.", - "title": "DeviceShadowEnrich" - }, - "Filter": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Filter", - "markdownDescription": "Filters a message based on its attributes.", - "title": "Filter" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Lambda", - "markdownDescription": "Runs a Lambda function to modify the message.", - "title": "Lambda" - }, - "Math": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Math", - "markdownDescription": "Computes an arithmetic expression using the message's attributes and adds it to the message.", - "title": "Math" - }, - "RemoveAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.RemoveAttributes", - "markdownDescription": "Removes attributes from a message.", - "title": "RemoveAttributes" + "Merge": { + "markdownDescription": "A serialized JSON string that contains the configuration object to merge to target devices. The core device merges this configuration with the component's existing configuration. If this is the first time a component deploys on a device, the core device merges this configuration with the component's default configuration. This means that the core device keeps it's existing configuration for keys and values that you don't specify in this object. For more information, see [Merge configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#merge-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "Merge", + "type": "string" }, - "SelectAttributes": { - "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.SelectAttributes", - "markdownDescription": "Creates a new message using only the specified attributes from the original message.", - "title": "SelectAttributes" + "Reset": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of configuration nodes to reset to default values on target devices. Use JSON pointers to specify each node to reset. JSON pointers start with a forward slash ( `/` ) and use forward slashes to separate the key for each level in the object. For more information, see the [JSON pointer specification](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) and [Reset configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#reset-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "Reset", + "type": "array" } }, "type": "object" }, - "AWS::IoTAnalytics::Pipeline.AddAttributes": { + "AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification": { "additionalProperties": false, "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "A list of 1-50 \"AttributeNameMapping\" objects that map an existing attribute to a new attribute.\n\n> The existing attributes remain in the message, so if you want to remove the originals, use \"RemoveAttributeActivity\".", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "Name": { - "markdownDescription": "The name of the 'addAttributes' activity.", - "title": "Name", + "ComponentVersion": { + "markdownDescription": "The version of the component.", + "title": "ComponentVersion", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "ConfigurationUpdate": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate", + "markdownDescription": "The configuration updates to deploy for the component. You can define reset updates and merge updates. A reset updates the keys that you specify to the default configuration for the component. A merge updates the core device's component configuration with the keys and values that you specify. The AWS IoT Greengrass Core software applies reset updates before it applies merge updates. For more information, see [Update component configuration](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) .", + "title": "ConfigurationUpdate" + }, + "RunWith": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentRunWith", + "markdownDescription": "The system user and group that the software uses to run component processes on the core device. If you omit this parameter, the software uses the system user and group that you configure for the core device. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) in the *AWS IoT Greengrass V2 Developer Guide* .", + "title": "RunWith" } }, - "required": [ - "Attributes", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Channel": { + "AWS::GreengrassV2::Deployment.ComponentRunWith": { "additionalProperties": false, "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel from which the messages are processed.", - "title": "ChannelName", + "PosixUser": { + "markdownDescription": "The POSIX system user and (optional) group to use to run this component. Specify the user and group separated by a colon ( `:` ) in the following format: `user:group` . The group is optional. If you don't specify a group, the AWS IoT Greengrass Core software uses the primary user for the group.", + "title": "PosixUser", "type": "string" }, - "Name": { - "markdownDescription": "The name of the 'channel' activity.", - "title": "Name", - "type": "string" + "SystemResourceLimits": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.SystemResourceLimits", + "markdownDescription": "The system resource limits to apply to this component's process on the core device. AWS IoT Greengrass supports this feature only on Linux core devices.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default system resource limits that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", + "title": "SystemResourceLimits" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "WindowsUser": { + "markdownDescription": "The Windows user to use to run this component on Windows core devices. The user must exist on each Windows core device, and its name and password must be in the LocalSystem account's Credentials Manager instance.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default Windows user that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) .", + "title": "WindowsUser", "type": "string" } }, - "required": [ - "ChannelName", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Datastore": { + "AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy": { "additionalProperties": false, "properties": { - "DatastoreName": { - "markdownDescription": "The name of the data store where processed messages are stored.", - "title": "DatastoreName", + "Action": { + "markdownDescription": "Whether or not to notify components and wait for components to become safe to update. Choose from the following options:\n\n- `NOTIFY_COMPONENTS` \u2013 The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n- `SKIP_NOTIFY_COMPONENTS` \u2013 The deployment doesn't notify components or wait for them to be safe to update.\n\nDefault: `NOTIFY_COMPONENTS`", + "title": "Action", "type": "string" }, - "Name": { - "markdownDescription": "The name of the datastore activity.", - "title": "Name", - "type": "string" + "TimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device.\n\nDefault: `60`", + "title": "TimeoutInSeconds", + "type": "number" } }, - "required": [ - "DatastoreName", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich": { + "AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that is added to the message.", - "title": "Attribute", - "type": "string" + "TimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device.\n\nDefault: `30`", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration": { + "additionalProperties": false, + "properties": { + "AbortConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortConfig", + "markdownDescription": "The stop configuration for the job. This configuration defines when and how to stop a job rollout.", + "title": "AbortConfig" }, - "Name": { - "markdownDescription": "The name of the 'deviceRegistryEnrich' activity.", - "title": "Name", - "type": "string" + "JobExecutionsRolloutConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig", + "markdownDescription": "The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices.", + "title": "JobExecutionsRolloutConfig" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "TimeoutConfig": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig", + "markdownDescription": "The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job.", + "title": "TimeoutConfig" + } + }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.DeploymentPolicies": { + "additionalProperties": false, + "properties": { + "ComponentUpdatePolicy": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy", + "markdownDescription": "The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices.", + "title": "ComponentUpdatePolicy" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows access to the device's registry information.", - "title": "RoleArn", - "type": "string" + "ConfigurationValidationPolicy": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy", + "markdownDescription": "The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates.", + "title": "ConfigurationValidationPolicy" }, - "ThingName": { - "markdownDescription": "The name of the IoT device whose registry information is added to the message.", - "title": "ThingName", + "FailureHandlingPolicy": { + "markdownDescription": "The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails.\n\nDefault: `ROLLBACK`", + "title": "FailureHandlingPolicy", "type": "string" } }, + "type": "object" + }, + "AWS::GreengrassV2::Deployment.IoTJobAbortConfig": { + "additionalProperties": false, + "properties": { + "CriteriaList": { + "items": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortCriteria" + }, + "markdownDescription": "The list of criteria that define when and how to cancel the configuration deployment.", + "title": "CriteriaList", + "type": "array" + } + }, "required": [ - "Attribute", - "Name", - "RoleArn", - "ThingName" + "CriteriaList" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich": { + "AWS::GreengrassV2::Deployment.IoTJobAbortCriteria": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that is added to the message.", - "title": "Attribute", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'deviceShadowEnrich' activity.", - "title": "Name", + "Action": { + "markdownDescription": "The action to perform when the criteria are met.", + "title": "Action", "type": "string" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", + "FailureType": { + "markdownDescription": "The type of job deployment failure that can cancel a job.", + "title": "FailureType", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows access to the device's shadow.", - "title": "RoleArn", - "type": "string" + "MinNumberOfExecutedThings": { + "markdownDescription": "The minimum number of things that receive the configuration before the job can cancel.", + "title": "MinNumberOfExecutedThings", + "type": "number" }, - "ThingName": { - "markdownDescription": "The name of the IoT device whose shadow information is added to the message.", - "title": "ThingName", - "type": "string" + "ThresholdPercentage": { + "markdownDescription": "The minimum percentage of `failureType` failures that occur before the job can cancel.\n\nThis parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` ).", + "title": "ThresholdPercentage", + "type": "number" } }, "required": [ - "Attribute", - "Name", - "RoleArn", - "ThingName" + "Action", + "FailureType", + "MinNumberOfExecutedThings", + "ThresholdPercentage" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Filter": { + "AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig": { "additionalProperties": false, "properties": { - "Filter": { - "markdownDescription": "An expression that looks like an SQL WHERE clause that must return a Boolean value.", - "title": "Filter", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'filter' activity.", - "title": "Name", - "type": "string" + "ExponentialRate": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate", + "markdownDescription": "The exponential rate to increase the job rollout rate.", + "title": "ExponentialRate" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "MaximumPerMinute": { + "markdownDescription": "The maximum number of devices that receive a pending job notification, per minute.", + "title": "MaximumPerMinute", + "type": "number" } }, - "required": [ - "Filter", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Lambda": { + "AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The number of messages passed to the Lambda function for processing.\n\nThe AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions.", - "title": "BatchSize", + "BaseRatePerMinute": { + "markdownDescription": "The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job.", + "title": "BaseRatePerMinute", "type": "number" }, - "LambdaName": { - "markdownDescription": "The name of the Lambda function that is run on the message.", - "title": "LambdaName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'lambda' activity.", - "title": "Name", - "type": "string" + "IncrementFactor": { + "markdownDescription": "The exponential factor to increase the rollout rate for the job.\n\nThis parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` ).", + "title": "IncrementFactor", + "type": "number" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "RateIncreaseCriteria": { + "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria", + "markdownDescription": "The criteria to increase the rollout rate for the job.", + "title": "RateIncreaseCriteria" } }, "required": [ - "BatchSize", - "LambdaName", - "Name" + "BaseRatePerMinute", + "IncrementFactor", + "RateIncreaseCriteria" ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.Math": { + "AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria": { "additionalProperties": false, "properties": { - "Attribute": { - "markdownDescription": "The name of the attribute that contains the result of the math operation.", - "title": "Attribute", - "type": "string" - }, - "Math": { - "markdownDescription": "An expression that uses one or more existing attributes and must return an integer value.", - "title": "Math", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the 'math' activity.", - "title": "Name", - "type": "string" + "NumberOfNotifiedThings": { + "markdownDescription": "The number of devices to receive the job notification before the rollout rate increases.", + "title": "NumberOfNotifiedThings", + "type": "number" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "NumberOfSucceededThings": { + "markdownDescription": "The number of devices to successfully run the configuration job before the rollout rate increases.", + "title": "NumberOfSucceededThings", + "type": "number" } }, - "required": [ - "Attribute", - "Math", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.RemoveAttributes": { + "AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of 1-50 attributes to remove from the message.", - "title": "Attributes", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the 'removeAttributes' activity.", - "title": "Name", - "type": "string" - }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "InProgressTimeoutInMinutes": { + "markdownDescription": "The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` .\n\nThe timeout interval must be between 1 minute and 7 days (10080 minutes).", + "title": "InProgressTimeoutInMinutes", + "type": "number" } }, - "required": [ - "Attributes", - "Name" - ], "type": "object" }, - "AWS::IoTAnalytics::Pipeline.SelectAttributes": { + "AWS::GreengrassV2::Deployment.SystemResourceLimits": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the attributes to select from the message.", - "title": "Attributes", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the 'selectAttributes' activity.", - "title": "Name", - "type": "string" + "Cpus": { + "markdownDescription": "The maximum amount of CPU time that a component's processes can use on the core device. A core device's total CPU time is equivalent to the device's number of CPU cores. For example, on a core device with 4 CPU cores, you can set this value to 2 to limit the component's processes to 50 percent usage of each CPU core. On a device with 1 CPU core, you can set this value to 0.25 to limit the component's processes to 25 percent usage of the CPU. If you set this value to a number greater than the number of CPU cores, the AWS IoT Greengrass Core software doesn't limit the component's CPU usage.", + "title": "Cpus", + "type": "number" }, - "Next": { - "markdownDescription": "The next activity in the pipeline.", - "title": "Next", - "type": "string" + "Memory": { + "markdownDescription": "The maximum amount of RAM, expressed in kilobytes, that a component's processes can use on the core device. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", + "title": "Memory", + "type": "number" } }, - "required": [ - "Attributes", - "Name" - ], "type": "object" }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition": { + "AWS::GroundStation::Config": { "additionalProperties": false, "properties": { "Condition": { @@ -126207,28 +136323,34 @@ "Properties": { "additionalProperties": false, "properties": { - "SuiteDefinitionConfiguration": { - "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration", - "markdownDescription": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String", - "title": "SuiteDefinitionConfiguration" + "ConfigData": { + "$ref": "#/definitions/AWS::GroundStation::Config.ConfigData", + "markdownDescription": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype.", + "title": "ConfigData" + }, + "Name": { + "markdownDescription": "The name of the config object.", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the the Suite Definition.", + "markdownDescription": "Tags assigned to a resource.", "title": "Tags", "type": "array" } }, "required": [ - "SuiteDefinitionConfiguration" + "ConfigData", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition" + "AWS::GroundStation::Config" ], "type": "string" }, @@ -126247,639 +136369,540 @@ ], "type": "object" }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest": { + "AWS::GroundStation::Config.AntennaDownlinkConfig": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "Lists device's certificate ARN.", - "title": "CertificateArn", - "type": "string" - }, - "ThingArn": { - "markdownDescription": "Lists device's thing ARN.", - "title": "ThingArn", - "type": "string" + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" } }, "type": "object" }, - "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration": { + "AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig": { "additionalProperties": false, "properties": { - "DevicePermissionRoleArn": { - "markdownDescription": "Gets the device permission ARN. This is a required parameter.", - "title": "DevicePermissionRoleArn", - "type": "string" - }, - "Devices": { - "items": { - "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest" - }, - "markdownDescription": "Gets the devices configured.", - "title": "Devices", - "type": "array" - }, - "IntendedForQualification": { - "markdownDescription": "Gets the tests intended for qualification in a suite.", - "title": "IntendedForQualification", - "type": "boolean" + "DecodeConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DecodeConfig", + "markdownDescription": "Defines how the RF signal will be decoded.", + "title": "DecodeConfig" }, - "RootGroup": { - "markdownDescription": "Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default.\n\nFor a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048.", - "title": "RootGroup", - "type": "string" + "DemodulationConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DemodulationConfig", + "markdownDescription": "Defines how the RF signal will be demodulated.", + "title": "DemodulationConfig" }, - "SuiteDefinitionName": { - "markdownDescription": "Gets the suite definition name. This is a required parameter.", - "title": "SuiteDefinitionName", - "type": "string" + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" } }, - "required": [ - "DevicePermissionRoleArn", - "RootGroup" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel": { + "AWS::GroundStation::Config.AntennaUplinkConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SpectrumConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.UplinkSpectrumConfig", + "markdownDescription": "Defines the spectrum configuration.", + "title": "SpectrumConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlarmCapabilities": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmCapabilities", - "markdownDescription": "Contains the configuration information of alarm state changes.", - "title": "AlarmCapabilities" - }, - "AlarmEventActions": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmEventActions", - "markdownDescription": "Contains information about one or more alarm actions.", - "title": "AlarmEventActions" - }, - "AlarmModelDescription": { - "markdownDescription": "The description of the alarm model.", - "title": "AlarmModelDescription", - "type": "string" - }, - "AlarmModelName": { - "markdownDescription": "The name of the alarm model.", - "title": "AlarmModelName", - "type": "string" - }, - "AlarmRule": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmRule", - "markdownDescription": "Defines when your alarm is invoked.", - "title": "AlarmRule" - }, - "Key": { - "markdownDescription": "An input attribute used as a key to create an alarm. AWS IoT Events routes [inputs](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Input.html) associated with this key to the alarm.", - "title": "Key", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that allows the alarm to perform actions and access AWS resources. For more information, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "RoleArn", - "type": "string" - }, - "Severity": { - "markdownDescription": "A non-negative integer that reflects the severity level of the alarm.", - "title": "Severity", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the alarm model. The tags help you manage the alarm model. For more information, see [Tagging your AWS IoT Events resources](https://docs.aws.amazon.com/iotevents/latest/developerguide/tagging-iotevents.html) in the *AWS IoT Events Developer Guide* .\n\nYou can create up to 50 tags for one alarm model.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AlarmRule", - "RoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::IoTEvents::AlarmModel" - ], - "type": "string" + "TargetEirp": { + "$ref": "#/definitions/AWS::GroundStation::Config.Eirp", + "markdownDescription": "The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW.", + "title": "TargetEirp" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "The value must be `TRUE` or `FALSE` . If `TRUE` , you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to `NORMAL` . If `FALSE` , you won't receive notifications. The alarm automatically changes to the `NORMAL` state when the input property value returns to the specified range.", - "title": "Enabled", + "TransmitDisabled": { + "markdownDescription": "Whether or not uplink transmit is disabled.", + "title": "TransmitDisabled", "type": "boolean" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmAction": { + "AWS::GroundStation::Config.ConfigData": { "additionalProperties": false, "properties": { - "DynamoDB": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDB", - "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBAction` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `hashKeyType` parameter can be `'STRING'` .\n- For references, you must specify either variables or input values. For example, the value for the `hashKeyField` parameter can be `$input.GreenhouseInput.name` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `hashKeyValue` parameter uses a substitution template.\n\n`'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nIf the defined payload type is a string, `DynamoDBAction` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the `payloadField` parameter is `_raw` .", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDBv2", - "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBv2Action` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `tableName` parameter can be `'GreenhouseTemperatureTable'` .\n- For references, you must specify either variables or input values. For example, the value for the `tableName` parameter can be `$variable.ddbtableName` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `contentExpression` parameter in `Payload` uses a substitution template.\n\n`'{\\\"sensorID\\\": \\\"${$input.GreenhouseInput.sensor_id}\\\", \\\"temperature\\\": \\\"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\\\"}'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nThe value for the `type` parameter in `Payload` must be `JSON` .", - "title": "DynamoDBv2" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Firehose", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", - "title": "Firehose" + "AntennaDownlinkConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkConfig", + "markdownDescription": "Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks).", + "title": "AntennaDownlinkConfig" }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotEvents", - "markdownDescription": "Sends an AWS IoT Events input, passing in information about the detector model instance and the event that triggered the action.", - "title": "IotEvents" + "AntennaDownlinkDemodDecodeConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig", + "markdownDescription": "Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data.", + "title": "AntennaDownlinkDemodDecodeConfig" }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotSiteWise", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to a specified asset property in AWS IoT SiteWise .\n\nYou must use expressions for all parameters in `IotSiteWiseAction` . The expressions accept literals, operators, functions, references, and substitutions templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `propertyAlias` parameter can be `'/company/windfarm/3/turbine/7/temperature'` .\n- For references, you must specify either variables or input values. For example, the value for the `assetId` parameter can be `$input.TurbineInput.assetId1` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `propertyAlias` parameter uses a substitution template.\n\n`'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`\n\nYou must specify either `propertyAlias` or both `assetId` and `propertyId` to identify the target asset property in AWS IoT SiteWise .\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .", - "title": "IotSiteWise" + "AntennaUplinkConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.AntennaUplinkConfig", + "markdownDescription": "Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts.", + "title": "AntennaUplinkConfig" }, - "IotTopicPublish": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotTopicPublish", - "markdownDescription": "Information required to publish the MQTT message through the AWS IoT message broker.", - "title": "IotTopicPublish" + "DataflowEndpointConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.DataflowEndpointConfig", + "markdownDescription": "Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact.", + "title": "DataflowEndpointConfig" }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Lambda", - "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", - "title": "Lambda" + "S3RecordingConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.S3RecordingConfig", + "markdownDescription": "Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts.", + "title": "S3RecordingConfig" }, - "Sns": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sns", - "markdownDescription": "Information required to publish the Amazon SNS message.", - "title": "Sns" + "TrackingConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.TrackingConfig", + "markdownDescription": "Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact.", + "title": "TrackingConfig" }, - "Sqs": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sqs", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue.", - "title": "Sqs" + "UplinkEchoConfig": { + "$ref": "#/definitions/AWS::GroundStation::Config.UplinkEchoConfig", + "markdownDescription": "Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts.", + "title": "UplinkEchoConfig" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmCapabilities": { + "AWS::GroundStation::Config.DataflowEndpointConfig": { "additionalProperties": false, "properties": { - "AcknowledgeFlow": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AcknowledgeFlow", - "markdownDescription": "Specifies whether to get notified for alarm state changes.", - "title": "AcknowledgeFlow" + "DataflowEndpointName": { + "markdownDescription": "The name of the dataflow endpoint to use during contacts.", + "title": "DataflowEndpointName", + "type": "string" }, - "InitializationConfiguration": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.InitializationConfiguration", - "markdownDescription": "Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model.", - "title": "InitializationConfiguration" + "DataflowEndpointRegion": { + "markdownDescription": "The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact.", + "title": "DataflowEndpointRegion", + "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmEventActions": { + "AWS::GroundStation::Config.DecodeConfig": { "additionalProperties": false, "properties": { - "AlarmActions": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmAction" - }, - "markdownDescription": "Specifies one or more supported actions to receive notifications when the alarm state changes.", - "title": "AlarmActions", - "type": "array" + "UnvalidatedJSON": { + "markdownDescription": "The decoding settings are in JSON format and define a set of steps to perform to decode the data.", + "title": "UnvalidatedJSON", + "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AlarmRule": { + "AWS::GroundStation::Config.DemodulationConfig": { "additionalProperties": false, "properties": { - "SimpleRule": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.SimpleRule", - "markdownDescription": "A rule that compares an input property value to a threshold value with a comparison operator.", - "title": "SimpleRule" + "UnvalidatedJSON": { + "markdownDescription": "The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use.", + "title": "UnvalidatedJSON", + "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp": { + "AWS::GroundStation::Config.Eirp": { "additionalProperties": false, "properties": { - "OffsetInNanos": { - "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", - "title": "OffsetInNanos", + "Units": { + "markdownDescription": "The units of the EIRP.", + "title": "Units", "type": "string" }, - "TimeInSeconds": { - "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", - "title": "TimeInSeconds", - "type": "string" + "Value": { + "markdownDescription": "The value of the EIRP. Valid values are between 20.0 to 50.0 dBW.", + "title": "Value", + "type": "number" } }, - "required": [ - "TimeInSeconds" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AssetPropertyValue": { + "AWS::GroundStation::Config.Frequency": { "additionalProperties": false, "properties": { - "Quality": { - "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", - "title": "Quality", + "Units": { + "markdownDescription": "The units of the frequency.", + "title": "Units", "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp", - "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", - "title": "Timestamp" - }, "Value": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyVariant", - "markdownDescription": "The value to send to an asset property.", - "title": "Value" + "markdownDescription": "The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "Value", + "type": "number" } }, - "required": [ - "Value" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.AssetPropertyVariant": { + "AWS::GroundStation::Config.FrequencyBandwidth": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", - "title": "BooleanValue", - "type": "string" - }, - "DoubleValue": { - "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", - "title": "DoubleValue", - "type": "string" - }, - "IntegerValue": { - "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", - "title": "IntegerValue", + "Units": { + "markdownDescription": "The units of the bandwidth.", + "title": "Units", "type": "string" }, - "StringValue": { - "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", - "title": "StringValue", - "type": "string" + "Value": { + "markdownDescription": "The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.DynamoDB": { + "AWS::GroundStation::Config.S3RecordingConfig": { "additionalProperties": false, "properties": { - "HashKeyField": { - "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", - "title": "HashKeyType", - "type": "string" - }, - "HashKeyValue": { - "markdownDescription": "The value of the hash key (also called the partition key).", - "title": "HashKeyValue", - "type": "string" - }, - "Operation": { - "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", - "title": "Operation", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "PayloadField": { - "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", - "title": "PayloadField", + "BucketArn": { + "markdownDescription": "S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` .", + "title": "BucketArn", "type": "string" }, - "RangeKeyField": { - "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", - "title": "RangeKeyField", + "Prefix": { + "markdownDescription": "The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/`\n\n*Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}`", + "title": "Prefix", "type": "string" }, - "RangeKeyType": { - "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", - "title": "RangeKeyType", + "RoleArn": { + "markdownDescription": "Defines the ARN of the role assumed for putting archives to S3.", + "title": "RoleArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::Config.SpectrumConfig": { + "additionalProperties": false, + "properties": { + "Bandwidth": { + "$ref": "#/definitions/AWS::GroundStation::Config.FrequencyBandwidth", + "markdownDescription": "The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", + "title": "Bandwidth" }, - "RangeKeyValue": { - "markdownDescription": "The value of the range key (also called the sort key).", - "title": "RangeKeyValue", - "type": "string" + "CenterFrequency": { + "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", + "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "CenterFrequency" }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", - "title": "TableName", + "Polarization": { + "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` . Capturing both `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` polarization requires two separate configs.", + "title": "Polarization", "type": "string" } }, - "required": [ - "HashKeyField", - "HashKeyValue", - "TableName" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.DynamoDBv2": { + "AWS::GroundStation::Config.TrackingConfig": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", + "Autotrack": { + "markdownDescription": "Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost.", + "title": "Autotrack", "type": "string" } }, - "required": [ - "TableName" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Firehose": { + "AWS::GroundStation::Config.UplinkEchoConfig": { "additionalProperties": false, "properties": { - "DeliveryStreamName": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", - "title": "DeliveryStreamName", + "AntennaUplinkConfigArn": { + "markdownDescription": "Defines the ARN of the uplink config to echo back to a dataflow endpoint.", + "title": "AntennaUplinkConfigArn", "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", - "title": "Payload" - }, - "Separator": { - "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", - "type": "string" + "Enabled": { + "markdownDescription": "Whether or not uplink echo is enabled.", + "title": "Enabled", + "type": "boolean" } }, - "required": [ - "DeliveryStreamName" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.InitializationConfiguration": { + "AWS::GroundStation::Config.UplinkSpectrumConfig": { "additionalProperties": false, "properties": { - "DisabledOnInitialization": { - "markdownDescription": "The value must be `TRUE` or `FALSE` . If `FALSE` , all alarm instances created based on the alarm model are activated. The default value is `TRUE` .", - "title": "DisabledOnInitialization", - "type": "boolean" + "CenterFrequency": { + "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", + "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", + "title": "CenterFrequency" + }, + "Polarization": { + "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` .", + "title": "Polarization", + "type": "string" } }, - "required": [ - "DisabledOnInitialization" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.IotEvents": { + "AWS::GroundStation::DataflowEndpointGroup": { "additionalProperties": false, "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", - "title": "InputName", + "Condition": { "type": "string" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", - "title": "Payload" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactPostPassDurationSeconds": { + "markdownDescription": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a `POSTPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `POSTPASS` state.", + "title": "ContactPostPassDurationSeconds", + "type": "number" + }, + "ContactPrePassDurationSeconds": { + "markdownDescription": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a `PREPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `PREPASS` state.", + "title": "ContactPrePassDurationSeconds", + "type": "number" + }, + "EndpointDetails": { + "items": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" + }, + "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", + "title": "EndpointDetails", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags assigned to a resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "EndpointDetails" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::GroundStation::DataflowEndpointGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "InputName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.IotSiteWise": { + "AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint": { "additionalProperties": false, "properties": { - "AssetId": { - "markdownDescription": "The ID of the asset that has the specified property.", - "title": "AssetId", + "AgentStatus": { + "markdownDescription": "The status of AgentEndpoint.", + "title": "AgentStatus", "type": "string" }, - "EntryId": { - "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", - "title": "EntryId", + "AuditResults": { + "markdownDescription": "The results of the audit.", + "title": "AuditResults", "type": "string" }, - "PropertyAlias": { - "markdownDescription": "The alias of the asset property.", - "title": "PropertyAlias", - "type": "string" + "EgressAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails", + "markdownDescription": "The egress address of AgentEndpoint.", + "title": "EgressAddress" }, - "PropertyId": { - "markdownDescription": "The ID of the asset property.", - "title": "PropertyId", - "type": "string" + "IngressAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails", + "markdownDescription": "The ingress address of AgentEndpoint.", + "title": "IngressAddress" }, - "PropertyValue": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyValue", - "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", - "title": "PropertyValue" + "Name": { + "markdownDescription": "Name string associated with AgentEndpoint. Used as a human-readable identifier for AgentEndpoint.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::AlarmModel.IotTopicPublish": { + "AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails": { "additionalProperties": false, "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", - "title": "MqttTopic", - "type": "string" + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", + "title": "Mtu", + "type": "number" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", - "title": "Payload" + "SocketAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", + "markdownDescription": "A socket address.", + "title": "SocketAddress" } }, - "required": [ - "MqttTopic" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Lambda": { + "AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function that is executed.", - "title": "FunctionArn", + "Address": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", + "markdownDescription": "The address and port of an endpoint.", + "title": "Address" + }, + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set.", + "title": "Mtu", + "type": "number" + }, + "Name": { + "markdownDescription": "The endpoint name.\n\nWhen listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite.", + "title": "Name", "type": "string" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.EndpointDetails": { + "additionalProperties": false, + "properties": { + "AwsGroundStationAgentEndpoint": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint", + "markdownDescription": "An agent endpoint.", + "title": "AwsGroundStationAgentEndpoint" }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", - "title": "Payload" + "Endpoint": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint", + "markdownDescription": "Information about the endpoint such as name and the endpoint address.", + "title": "Endpoint" + }, + "SecurityDetails": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SecurityDetails", + "markdownDescription": "The role ARN, and IDs for security groups and subnets.", + "title": "SecurityDetails" } }, - "required": [ - "FunctionArn" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Payload": { + "AWS::GroundStation::DataflowEndpointGroup.IntegerRange": { "additionalProperties": false, "properties": { - "ContentExpression": { - "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", - "title": "ContentExpression", - "type": "string" + "Maximum": { + "markdownDescription": "A maximum value.", + "title": "Maximum", + "type": "number" }, - "Type": { - "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", - "title": "Type", - "type": "string" + "Minimum": { + "markdownDescription": "A minimum value.", + "title": "Minimum", + "type": "number" } }, - "required": [ - "ContentExpression", - "Type" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.SimpleRule": { + "AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The comparison operator.", - "title": "ComparisonOperator", - "type": "string" + "Mtu": { + "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", + "title": "Mtu", + "type": "number" }, - "InputProperty": { - "markdownDescription": "The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property.", - "title": "InputProperty", + "SocketAddress": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress", + "markdownDescription": "A ranged socket address.", + "title": "SocketAddress" + } + }, + "type": "object" + }, + "AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "IPv4 socket address.", + "title": "Name", "type": "string" }, - "Threshold": { - "markdownDescription": "The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute.", - "title": "Threshold", - "type": "string" + "PortRange": { + "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.IntegerRange", + "markdownDescription": "Port range of a socket address.", + "title": "PortRange" } }, - "required": [ - "ComparisonOperator", - "InputProperty", - "Threshold" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Sns": { + "AWS::GroundStation::DataflowEndpointGroup.SecurityDetails": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", - "title": "Payload" - }, - "TargetArn": { - "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", - "title": "TargetArn", + "RoleArn": { + "markdownDescription": "The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` .\n\nGround Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact.", + "title": "RoleArn", "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group Ids of the security role, such as `sg-1234567890abcdef0` .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet Ids of the security details, such as `subnet-12345678` .", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "TargetArn" - ], "type": "object" }, - "AWS::IoTEvents::AlarmModel.Sqs": { + "AWS::GroundStation::DataflowEndpointGroup.SocketAddress": { "additionalProperties": false, "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", - "title": "Payload" - }, - "QueueUrl": { - "markdownDescription": "The URL of the SQS queue where the data is written.", - "title": "QueueUrl", + "Name": { + "markdownDescription": "The name of the endpoint, such as `Endpoint 1` .", + "title": "Name", "type": "string" }, - "UseBase64": { - "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", - "title": "UseBase64", - "type": "boolean" + "Port": { + "markdownDescription": "The port of the endpoint, such as `55888` .", + "title": "Port", + "type": "number" } }, - "required": [ - "QueueUrl" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel": { + "AWS::GroundStation::MissionProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -126914,54 +136937,69 @@ "Properties": { "additionalProperties": false, "properties": { - "DetectorModelDefinition": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DetectorModelDefinition", - "markdownDescription": "Information that defines how a detector operates.", - "title": "DetectorModelDefinition" + "ContactPostPassDurationSeconds": { + "markdownDescription": "Amount of time in seconds after a contact ends that you\u2019d like to receive a Ground Station Contact State Change indicating the pass has finished.", + "title": "ContactPostPassDurationSeconds", + "type": "number" }, - "DetectorModelDescription": { - "markdownDescription": "A brief description of the detector model.", - "title": "DetectorModelDescription", - "type": "string" + "ContactPrePassDurationSeconds": { + "markdownDescription": "Amount of time in seconds prior to contact start that you'd like to receive a Ground Station Contact State Change Event indicating an upcoming pass.", + "title": "ContactPrePassDurationSeconds", + "type": "number" }, - "DetectorModelName": { - "markdownDescription": "The name of the detector model.", - "title": "DetectorModelName", - "type": "string" + "DataflowEdges": { + "items": { + "$ref": "#/definitions/AWS::GroundStation::MissionProfile.DataflowEdge" + }, + "markdownDescription": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config.", + "title": "DataflowEdges", + "type": "array" }, - "EvaluationMethod": { - "markdownDescription": "Information about the order in which events are evaluated and how actions are executed.", - "title": "EvaluationMethod", - "type": "string" + "MinimumViableContactDurationSeconds": { + "markdownDescription": "Minimum length of a contact in seconds that Ground Station will return when listing contacts. Ground Station will not return contacts shorter than this duration.", + "title": "MinimumViableContactDurationSeconds", + "type": "number" }, - "Key": { - "markdownDescription": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value.", - "title": "Key", + "Name": { + "markdownDescription": "The name of the mission profile.", + "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that grants permission to AWS IoT Events to perform its operations.", - "title": "RoleArn", + "StreamsKmsKey": { + "$ref": "#/definitions/AWS::GroundStation::MissionProfile.StreamsKmsKey", + "markdownDescription": "KMS key to use for encrypting streams.", + "title": "StreamsKmsKey" + }, + "StreamsKmsRole": { + "markdownDescription": "Role to use for encrypting streams with KMS key.", + "title": "StreamsKmsRole", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Tags assigned to the mission profile.", "title": "Tags", "type": "array" + }, + "TrackingConfigArn": { + "markdownDescription": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact.", + "title": "TrackingConfigArn", + "type": "string" } }, "required": [ - "DetectorModelDefinition", - "RoleArn" + "DataflowEdges", + "MinimumViableContactDurationSeconds", + "Name", + "TrackingConfigArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::DetectorModel" + "AWS::GroundStation::MissionProfile" ], "type": "string" }, @@ -126980,640 +137018,286 @@ ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.Action": { + "AWS::GroundStation::MissionProfile.DataflowEdge": { "additionalProperties": false, "properties": { - "ClearTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ClearTimer", - "markdownDescription": "Information needed to clear the timer.", - "title": "ClearTimer" - }, - "DynamoDB": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDB", - "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", - "title": "DynamoDB" - }, - "DynamoDBv2": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDBv2", - "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", - "title": "DynamoDBv2" - }, - "Firehose": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Firehose", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", - "title": "Firehose" - }, - "IotEvents": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotEvents", - "markdownDescription": "Sends AWS IoT Events input, which passes information about the detector model instance and the event that triggered the action.", - "title": "IotEvents" - }, - "IotSiteWise": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotSiteWise", - "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an asset property in AWS IoT SiteWise .", - "title": "IotSiteWise" - }, - "IotTopicPublish": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotTopicPublish", - "markdownDescription": "Publishes an MQTT message with the given topic to the AWS IoT message broker.", - "title": "IotTopicPublish" - }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Lambda", - "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", - "title": "Lambda" - }, - "ResetTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ResetTimer", - "markdownDescription": "Information needed to reset the timer.", - "title": "ResetTimer" - }, - "SetTimer": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetTimer", - "markdownDescription": "Information needed to set the timer.", - "title": "SetTimer" - }, - "SetVariable": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetVariable", - "markdownDescription": "Sets a variable to a specified value.", - "title": "SetVariable" - }, - "Sns": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sns", - "markdownDescription": "Sends an Amazon SNS message.", - "title": "Sns" + "Destination": { + "markdownDescription": "The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge.", + "title": "Destination", + "type": "string" }, - "Sqs": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sqs", - "markdownDescription": "Sends an Amazon SNS message.", - "title": "Sqs" + "Source": { + "markdownDescription": "The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge.", + "title": "Source", + "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp": { + "AWS::GroundStation::MissionProfile.StreamsKmsKey": { "additionalProperties": false, "properties": { - "OffsetInNanos": { - "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", - "title": "OffsetInNanos", + "KmsAliasArn": { + "markdownDescription": "KMS Alias Arn.", + "title": "KmsAliasArn", "type": "string" }, - "TimeInSeconds": { - "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", - "title": "TimeInSeconds", + "KmsAliasName": { + "markdownDescription": "KMS Alias Name.", + "title": "KmsAliasName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "KMS Key Arn.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "TimeInSeconds" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.AssetPropertyValue": { + "AWS::GuardDuty::Detector": { "additionalProperties": false, "properties": { - "Quality": { - "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", - "title": "Quality", + "Condition": { "type": "string" }, - "Timestamp": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp", - "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", - "title": "Timestamp" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyVariant", - "markdownDescription": "The value to send to an asset property.", - "title": "Value" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DataSources": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNDataSourceConfigurations", + "markdownDescription": "Describes which data sources will be enabled for the detector.", + "title": "DataSources" + }, + "Enable": { + "markdownDescription": "Specifies whether the detector is to be enabled on creation.", + "title": "Enable", + "type": "boolean" + }, + "Features": { + "items": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureConfiguration" + }, + "markdownDescription": "A list of features that will be configured for the detector.", + "title": "Features", + "type": "array" + }, + "FindingPublishingFrequency": { + "markdownDescription": "Specifies how frequently updated findings are exported.", + "title": "FindingPublishingFrequency", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.TagItem" + }, + "markdownDescription": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Enable" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::GuardDuty::Detector" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.AssetPropertyVariant": { + "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { "additionalProperties": false, "properties": { - "BooleanValue": { - "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", - "title": "BooleanValue", - "type": "string" + "Kubernetes": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesConfiguration", + "markdownDescription": "Describes which Kubernetes data sources are enabled for a detector.", + "title": "Kubernetes" }, - "DoubleValue": { - "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", - "title": "DoubleValue", - "type": "string" + "MalwareProtection": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration", + "markdownDescription": "Describes whether Malware Protection will be enabled as a data source.", + "title": "MalwareProtection" }, - "IntegerValue": { - "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", - "title": "IntegerValue", + "S3Logs": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNS3LogsConfiguration", + "markdownDescription": "Describes whether S3 data event logs are enabled as a data source.", + "title": "S3Logs" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the additional configuration.", + "title": "Name", "type": "string" }, - "StringValue": { - "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", - "title": "StringValue", + "Status": { + "markdownDescription": "Status of the additional configuration.", + "title": "Status", "type": "string" } }, "type": "object" }, - "AWS::IoTEvents::DetectorModel.ClearTimer": { + "AWS::GuardDuty::Detector.CFNFeatureConfiguration": { "additionalProperties": false, "properties": { - "TimerName": { - "markdownDescription": "The name of the timer to clear.", - "title": "TimerName", - "type": "string" - } - }, - "required": [ - "TimerName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.DetectorModelDefinition": { - "additionalProperties": false, - "properties": { - "InitialStateName": { - "markdownDescription": "The state that is entered at the creation of each detector (instance).", - "title": "InitialStateName", - "type": "string" - }, - "States": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.State" - }, - "markdownDescription": "Information about the states of the detector.", - "title": "States", - "type": "array" - } - }, - "required": [ - "InitialStateName", - "States" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.DynamoDB": { - "additionalProperties": false, - "properties": { - "HashKeyField": { - "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", - "title": "HashKeyField", - "type": "string" - }, - "HashKeyType": { - "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", - "title": "HashKeyType", - "type": "string" - }, - "HashKeyValue": { - "markdownDescription": "The value of the hash key (also called the partition key).", - "title": "HashKeyValue", - "type": "string" - }, - "Operation": { - "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", - "title": "Operation", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "PayloadField": { - "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", - "title": "PayloadField", - "type": "string" - }, - "RangeKeyField": { - "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", - "title": "RangeKeyField", - "type": "string" - }, - "RangeKeyType": { - "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", - "title": "RangeKeyType", - "type": "string" - }, - "RangeKeyValue": { - "markdownDescription": "The value of the range key (also called the sort key).", - "title": "RangeKeyValue", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", - "title": "TableName", - "type": "string" - } - }, - "required": [ - "HashKeyField", - "HashKeyValue", - "TableName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.DynamoDBv2": { - "additionalProperties": false, - "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", - "title": "Payload" - }, - "TableName": { - "markdownDescription": "The name of the DynamoDB table.", - "title": "TableName", - "type": "string" - } - }, - "required": [ - "TableName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Event": { - "additionalProperties": false, - "properties": { - "Actions": { + "AdditionalConfiguration": { "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration" }, - "markdownDescription": "The actions to be performed.", - "title": "Actions", + "markdownDescription": "Information about the additional configuration of a feature in your account.", + "title": "AdditionalConfiguration", "type": "array" }, - "Condition": { - "markdownDescription": "Optional. The Boolean expression that, when TRUE, causes the `actions` to be performed. If not present, the actions are performed (=TRUE). If the expression result is not a Boolean value, the actions are not performed (=FALSE).", - "title": "Condition", - "type": "string" - }, - "EventName": { - "markdownDescription": "The name of the event.", - "title": "EventName", - "type": "string" - } - }, - "required": [ - "EventName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Firehose": { - "additionalProperties": false, - "properties": { - "DeliveryStreamName": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", - "title": "DeliveryStreamName", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", - "title": "Payload" - }, - "Separator": { - "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", - "title": "Separator", - "type": "string" - } - }, - "required": [ - "DeliveryStreamName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.IotEvents": { - "additionalProperties": false, - "properties": { - "InputName": { - "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", - "title": "InputName", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", - "title": "Payload" - } - }, - "required": [ - "InputName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.IotSiteWise": { - "additionalProperties": false, - "properties": { - "AssetId": { - "markdownDescription": "The ID of the asset that has the specified property.", - "title": "AssetId", - "type": "string" - }, - "EntryId": { - "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", - "title": "EntryId", - "type": "string" - }, - "PropertyAlias": { - "markdownDescription": "The alias of the asset property.", - "title": "PropertyAlias", + "Name": { + "markdownDescription": "Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* .", + "title": "Name", "type": "string" }, - "PropertyId": { - "markdownDescription": "The ID of the asset property.", - "title": "PropertyId", + "Status": { + "markdownDescription": "Status of the feature configuration.", + "title": "Status", "type": "string" - }, - "PropertyValue": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyValue", - "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", - "title": "PropertyValue" } }, "required": [ - "PropertyValue" + "Name", + "Status" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.IotTopicPublish": { + "AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration": { "additionalProperties": false, "properties": { - "MqttTopic": { - "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", - "title": "MqttTopic", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", - "title": "Payload" + "Enable": { + "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", + "title": "Enable", + "type": "boolean" } }, "required": [ - "MqttTopic" + "Enable" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.Lambda": { + "AWS::GuardDuty::Detector.CFNKubernetesConfiguration": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The ARN of the Lambda function that is executed.", - "title": "FunctionArn", - "type": "string" - }, - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", - "title": "Payload" + "AuditLogs": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration", + "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", + "title": "AuditLogs" } }, "required": [ - "FunctionArn" + "AuditLogs" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.OnEnter": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" - }, - "markdownDescription": "Specifies the actions that are performed when the state is entered and the `condition` is `TRUE` .", - "title": "Events", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.OnExit": { - "additionalProperties": false, - "properties": { - "Events": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" - }, - "markdownDescription": "Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE` .", - "title": "Events", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.OnInput": { + "AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration": { "additionalProperties": false, "properties": { - "Events": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" - }, - "markdownDescription": "Specifies the actions performed when the `condition` evaluates to TRUE.", - "title": "Events", - "type": "array" - }, - "TransitionEvents": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.TransitionEvent" - }, - "markdownDescription": "Specifies the actions performed, and the next state entered, when a `condition` evaluates to TRUE.", - "title": "TransitionEvents", - "type": "array" + "ScanEc2InstanceWithFindings": { + "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration", + "markdownDescription": "Describes the configuration of Malware Protection for EC2 instances with findings.", + "title": "ScanEc2InstanceWithFindings" } }, "type": "object" }, - "AWS::IoTEvents::DetectorModel.Payload": { + "AWS::GuardDuty::Detector.CFNS3LogsConfiguration": { "additionalProperties": false, "properties": { - "ContentExpression": { - "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", - "title": "ContentExpression", - "type": "string" - }, - "Type": { - "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", - "title": "Type", - "type": "string" + "Enable": { + "markdownDescription": "The status of S3 data event logs as a data source.", + "title": "Enable", + "type": "boolean" } }, "required": [ - "ContentExpression", - "Type" + "Enable" ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.ResetTimer": { + "AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration": { "additionalProperties": false, "properties": { - "TimerName": { - "markdownDescription": "The name of the timer to reset.", - "title": "TimerName", - "type": "string" + "EbsVolumes": { + "markdownDescription": "Describes the configuration for scanning EBS volumes as data source.", + "title": "EbsVolumes", + "type": "boolean" } }, - "required": [ - "TimerName" - ], "type": "object" }, - "AWS::IoTEvents::DetectorModel.SetTimer": { + "AWS::GuardDuty::Detector.TagItem": { "additionalProperties": false, "properties": { - "DurationExpression": { - "markdownDescription": "The duration of the timer, in seconds. You can use a string expression that includes numbers, variables ( `$variable.` ), and input values ( `$input..` ) as the duration. The range of the duration is 1-31622400 seconds. To ensure accuracy, the minimum duration is 60 seconds. The evaluated result of the duration is rounded down to the nearest whole number.", - "title": "DurationExpression", + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "Seconds": { - "markdownDescription": "The number of seconds until the timer expires. The minimum value is 60 seconds to ensure accuracy. The maximum value is 31622400 seconds.", - "title": "Seconds", - "type": "number" - }, - "TimerName": { - "markdownDescription": "The name of the timer.", - "title": "TimerName", - "type": "string" - } - }, - "required": [ - "TimerName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.SetVariable": { - "additionalProperties": false, - "properties": { "Value": { - "markdownDescription": "The new value of the variable.", + "markdownDescription": "The tag value.", "title": "Value", "type": "string" - }, - "VariableName": { - "markdownDescription": "The name of the variable.", - "title": "VariableName", - "type": "string" - } - }, - "required": [ - "Value", - "VariableName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Sns": { - "additionalProperties": false, - "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", - "title": "Payload" - }, - "TargetArn": { - "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", - "title": "TargetArn", - "type": "string" - } - }, - "required": [ - "TargetArn" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.Sqs": { - "additionalProperties": false, - "properties": { - "Payload": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", - "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", - "title": "Payload" - }, - "QueueUrl": { - "markdownDescription": "The URL of the SQS queue where the data is written.", - "title": "QueueUrl", - "type": "string" - }, - "UseBase64": { - "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", - "title": "UseBase64", - "type": "boolean" - } - }, - "required": [ - "QueueUrl" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.State": { - "additionalProperties": false, - "properties": { - "OnEnter": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnEnter", - "markdownDescription": "When entering this state, perform these `actions` if the `condition` is TRUE.", - "title": "OnEnter" - }, - "OnExit": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnExit", - "markdownDescription": "When exiting this state, perform these `actions` if the specified `condition` is `TRUE` .", - "title": "OnExit" - }, - "OnInput": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnInput", - "markdownDescription": "When an input is received and the `condition` is TRUE, perform the specified `actions` .", - "title": "OnInput" - }, - "StateName": { - "markdownDescription": "The name of the state.", - "title": "StateName", - "type": "string" - } - }, - "required": [ - "StateName" - ], - "type": "object" - }, - "AWS::IoTEvents::DetectorModel.TransitionEvent": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" - }, - "markdownDescription": "The actions to be performed.", - "title": "Actions", - "type": "array" - }, - "Condition": { - "markdownDescription": "Required. A Boolean expression that when TRUE causes the actions to be performed and the `nextState` to be entered.", - "title": "Condition", - "type": "string" - }, - "EventName": { - "markdownDescription": "The name of the transition event.", - "title": "EventName", - "type": "string" - }, - "NextState": { - "markdownDescription": "The next state to enter.", - "title": "NextState", - "type": "string" } }, "required": [ - "Condition", - "EventName", - "NextState" + "Key", + "Value" ], "type": "object" }, - "AWS::IoTEvents::Input": { + "AWS::GuardDuty::Filter": { "additionalProperties": false, "properties": { "Condition": { @@ -127648,38 +137332,55 @@ "Properties": { "additionalProperties": false, "properties": { - "InputDefinition": { - "$ref": "#/definitions/AWS::IoTEvents::Input.InputDefinition", - "markdownDescription": "The definition of the input.", - "title": "InputDefinition" + "Action": { + "markdownDescription": "Specifies the action that is to be applied to the findings that match the filter.", + "title": "Action", + "type": "string" }, - "InputDescription": { - "markdownDescription": "A brief description of the input.", - "title": "InputDescription", + "Description": { + "markdownDescription": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.", + "title": "Description", "type": "string" }, - "InputName": { - "markdownDescription": "The name of the input.", - "title": "InputName", + "DetectorId": { + "markdownDescription": "The detector ID associated with the GuardDuty account for which you want to create a filter.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", + "type": "string" + }, + "FindingCriteria": { + "$ref": "#/definitions/AWS::GuardDuty::Filter.FindingCriteria", + "markdownDescription": "Represents the criteria to be used in the filter for querying findings.", + "title": "FindingCriteria" + }, + "Name": { + "markdownDescription": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.", + "title": "Name", "type": "string" }, + "Rank": { + "markdownDescription": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` .", + "title": "Rank", + "type": "number" + }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::Filter.TagItem" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "InputDefinition" + "DetectorId", + "FindingCriteria", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTEvents::Input" + "AWS::GuardDuty::Filter" ], "type": "string" }, @@ -127698,38 +137399,122 @@ ], "type": "object" }, - "AWS::IoTEvents::Input.Attribute": { + "AWS::GuardDuty::Filter.Condition": { "additionalProperties": false, "properties": { - "JsonPath": { - "markdownDescription": "An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events ( `BatchPutMessage` ). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors.\n\nSyntax: `....`", - "title": "JsonPath", - "type": "string" + "Eq": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents the equal condition to apply to a single field when querying for findings.", + "title": "Eq", + "type": "array" + }, + "Equals": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents an *equal* ** condition to be applied to a single field when querying for findings.", + "title": "Equals", + "type": "array" + }, + "GreaterThan": { + "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", + "title": "GreaterThan", + "type": "number" + }, + "GreaterThanOrEqual": { + "markdownDescription": "Represents a *greater than or equal* condition to be applied to a single field when querying for findings.", + "title": "GreaterThanOrEqual", + "type": "number" + }, + "Gt": { + "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", + "title": "Gt", + "type": "number" + }, + "Gte": { + "markdownDescription": "Represents the greater than or equal condition to apply to a single field when querying for findings.", + "title": "Gte", + "type": "number" + }, + "LessThan": { + "markdownDescription": "Represents a *less than* condition to be applied to a single field when querying for findings.", + "title": "LessThan", + "type": "number" + }, + "LessThanOrEqual": { + "markdownDescription": "Represents a *less than or equal* condition to be applied to a single field when querying for findings.", + "title": "LessThanOrEqual", + "type": "number" + }, + "Lt": { + "markdownDescription": "Represents the less than condition to apply to a single field when querying for findings.", + "title": "Lt", + "type": "number" + }, + "Lte": { + "markdownDescription": "Represents the less than or equal condition to apply to a single field when querying for findings.", + "title": "Lte", + "type": "number" + }, + "Neq": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents the not equal condition to apply to a single field when querying for findings.", + "title": "Neq", + "type": "array" + }, + "NotEquals": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents a *not equal* ** condition to be applied to a single field when querying for findings.", + "title": "NotEquals", + "type": "array" } }, - "required": [ - "JsonPath" - ], "type": "object" }, - "AWS::IoTEvents::Input.InputDefinition": { + "AWS::GuardDuty::Filter.FindingCriteria": { "additionalProperties": false, "properties": { - "Attributes": { - "items": { - "$ref": "#/definitions/AWS::IoTEvents::Input.Attribute" + "Criterion": { + "additionalProperties": false, + "markdownDescription": "Represents a map of finding properties that match specified conditions and values when querying findings.\n\nFor information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion:\n\n- accountId\n- id\n- region\n- severity\n\nTo filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition:\n\n- *Low* : `[\"1\", \"2\", \"3\"]`\n- *Medium* : `[\"4\", \"5\", \"6\"]`\n- *High* : `[\"7\", \"8\", \"9\"]`\n\nFor more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* .\n- type\n- updatedAt\n\nType: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds.\n- resource.accessKeyDetails.accessKeyId\n- resource.accessKeyDetails.principalId\n- resource.accessKeyDetails.userName\n- resource.accessKeyDetails.userType\n- resource.instanceDetails.iamInstanceProfile.id\n- resource.instanceDetails.imageId\n- resource.instanceDetails.instanceId\n- resource.instanceDetails.tags.key\n- resource.instanceDetails.tags.value\n- resource.instanceDetails.networkInterfaces.ipv6Addresses\n- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress\n- resource.instanceDetails.networkInterfaces.publicDnsName\n- resource.instanceDetails.networkInterfaces.publicIp\n- resource.instanceDetails.networkInterfaces.securityGroups.groupId\n- resource.instanceDetails.networkInterfaces.securityGroups.groupName\n- resource.instanceDetails.networkInterfaces.subnetId\n- resource.instanceDetails.networkInterfaces.vpcId\n- resource.instanceDetails.outpostArn\n- resource.resourceType\n- resource.s3BucketDetails.publicAccess.effectivePermissions\n- resource.s3BucketDetails.name\n- resource.s3BucketDetails.tags.key\n- resource.s3BucketDetails.tags.value\n- resource.s3BucketDetails.type\n- service.action.actionType\n- service.action.awsApiCallAction.api\n- service.action.awsApiCallAction.callerType\n- service.action.awsApiCallAction.errorCode\n- service.action.awsApiCallAction.remoteIpDetails.city.cityName\n- service.action.awsApiCallAction.remoteIpDetails.country.countryName\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.awsApiCallAction.remoteIpDetails.organization.asn\n- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg\n- service.action.awsApiCallAction.serviceName\n- service.action.dnsRequestAction.domain\n- service.action.dnsRequestAction.domainWithSuffix\n- service.action.networkConnectionAction.blocked\n- service.action.networkConnectionAction.connectionDirection\n- service.action.networkConnectionAction.localPortDetails.port\n- service.action.networkConnectionAction.protocol\n- service.action.networkConnectionAction.remoteIpDetails.city.cityName\n- service.action.networkConnectionAction.remoteIpDetails.country.countryName\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6\n- service.action.networkConnectionAction.remoteIpDetails.organization.asn\n- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg\n- service.action.networkConnectionAction.remotePortDetails.port\n- service.action.awsApiCallAction.remoteAccountDetails.affiliated\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.kubernetesApiCallAction.namespace\n- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn\n- service.action.kubernetesApiCallAction.requestUri\n- service.action.kubernetesApiCallAction.statusCode\n- service.action.networkConnectionAction.localIpDetails.ipAddressV4\n- service.action.networkConnectionAction.localIpDetails.ipAddressV6\n- service.action.networkConnectionAction.protocol\n- service.action.awsApiCallAction.serviceName\n- service.action.awsApiCallAction.remoteAccountDetails.accountId\n- service.additionalInfo.threatListName\n- service.resourceRole\n- resource.eksClusterDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace\n- resource.kubernetesDetails.kubernetesUserDetails.username\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix\n- service.ebsVolumeScanDetails.scanId\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash\n- service.malwareScanDetails.threats.name\n- resource.ecsClusterDetails.name\n- resource.ecsClusterDetails.taskDetails.containers.image\n- resource.ecsClusterDetails.taskDetails.definitionArn\n- resource.containerDetails.image\n- resource.rdsDbInstanceDetails.dbInstanceIdentifier\n- resource.rdsDbInstanceDetails.dbClusterIdentifier\n- resource.rdsDbInstanceDetails.engine\n- resource.rdsDbUserDetails.user\n- resource.rdsDbInstanceDetails.tags.key\n- resource.rdsDbInstanceDetails.tags.value\n- service.runtimeDetails.process.executableSha256\n- service.runtimeDetails.process.name\n- service.runtimeDetails.process.name\n- resource.lambdaDetails.functionName\n- resource.lambdaDetails.functionArn\n- resource.lambdaDetails.tags.key\n- resource.lambdaDetails.tags.value", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::GuardDuty::Filter.Condition" + } }, - "markdownDescription": "The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage` . Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input.", - "title": "Attributes", - "type": "array" + "title": "Criterion", + "type": "object" + } + }, + "type": "object" + }, + "AWS::GuardDuty::Filter.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", + "type": "string" } }, "required": [ - "Attributes" + "Key", + "Value" ], "type": "object" }, - "AWS::IoTFleetHub::Application": { + "AWS::GuardDuty::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -127764,39 +137549,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationDescription": { - "markdownDescription": "An optional description of the web application.", - "title": "ApplicationDescription", + "Activate": { + "markdownDescription": "Indicates whether or not GuardDuty uses the `IPSet` .", + "title": "Activate", + "type": "boolean" + }, + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "ApplicationName": { - "markdownDescription": "The name of the web application.", - "title": "ApplicationName", + "ExpectedBucketOwner": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", + "title": "ExpectedBucketOwner", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core .\n\n> The name of the role must be in the form `FleetHub_random_string` . \n\nPattern: `^arn:[!-~]+$`", - "title": "RoleArn", + "Format": { + "markdownDescription": "The format of the file that contains the IPSet.", + "title": "Format", + "type": "string" + }, + "Location": { + "markdownDescription": "The URI of the file that contains the IPSet.", + "title": "Location", + "type": "string" + }, + "Name": { + "markdownDescription": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", + "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::IPSet.TagItem" }, - "markdownDescription": "A set of key/value pairs that you can use to manage the web application resource.", + "markdownDescription": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "ApplicationName", - "RoleArn" + "Format", + "Location" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetHub::Application" + "AWS::GuardDuty::IPSet" ], "type": "string" }, @@ -127815,7 +137615,27 @@ ], "type": "object" }, - "AWS::IoTFleetWise::Campaign": { + "AWS::GuardDuty::IPSet.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::GuardDuty::MalwareProtectionPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -127850,116 +137670,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "Specifies how to update a campaign. The action can be one of the following:\n\n- `APPROVE` - To approve delivering a data collection scheme to vehicles.\n- `SUSPEND` - To suspend collecting signal data. The campaign is deleted from vehicles and all vehicles in the suspended campaign will stop sending data.\n- `RESUME` - To reactivate the `SUSPEND` campaign. The campaign is redeployed to all vehicles and the vehicles will resume sending data.\n- `UPDATE` - To update a campaign.", - "title": "Action", - "type": "string" - }, - "CollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.CollectionScheme", - "markdownDescription": "The data collection scheme associated with the campaign. You can specify a scheme that collects data based on time or an event.", - "title": "CollectionScheme" - }, - "Compression": { - "markdownDescription": "Whether to compress signals before transmitting data to AWS IoT FleetWise . If you don't want to compress the signals, use `OFF` . If it's not specified, `SNAPPY` is used.\n\nDefault: `SNAPPY`", - "title": "Compression", - "type": "string" - }, - "DataDestinationConfigs": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataDestinationConfig" - }, - "markdownDescription": "The destination where the campaign sends data. You can choose to send data to be stored in Amazon S3 or Amazon Timestream .\n\nAmazon S3 optimizes the cost of data storage and provides additional mechanisms to use vehicle data, such as data lakes, centralized data storage, data processing pipelines, and analytics. AWS IoT FleetWise supports at-least-once file delivery to S3. Your vehicle data is stored on multiple AWS IoT FleetWise servers for redundancy and high availability.\n\nYou can use Amazon Timestream to access and analyze time series data, and Timestream to query vehicle data so that you can identify trends and patterns.", - "title": "DataDestinationConfigs", - "type": "array" - }, - "DataExtraDimensions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of vehicle attributes to associate with a campaign.\n\nEnrich the data with specified vehicle attributes. For example, add `make` and `model` to the campaign, and AWS IoT FleetWise will associate the data with those attributes as dimensions in Amazon Timestream . You can then query the data against `make` and `model` .\n\nDefault: An empty array", - "title": "DataExtraDimensions", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the campaign.", - "title": "Description", - "type": "string" - }, - "DiagnosticsMode": { - "markdownDescription": "Option for a vehicle to send diagnostic trouble codes to AWS IoT FleetWise . If you want to send diagnostic trouble codes, use `SEND_ACTIVE_DTCS` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", - "title": "DiagnosticsMode", - "type": "string" - }, - "ExpiryTime": { - "markdownDescription": "The time the campaign expires, in seconds since epoch (January 1, 1970 at midnight UTC time). Vehicle data isn't collected after the campaign expires.\n\nDefault: 253402214400 (December 31, 9999, 00:00:00 UTC)", - "title": "ExpiryTime", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a campaign.", - "title": "Name", - "type": "string" - }, - "PostTriggerCollectionDuration": { - "markdownDescription": "How long (in milliseconds) to collect raw data after a triggering event initiates the collection. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "PostTriggerCollectionDuration", - "type": "number" - }, - "Priority": { - "markdownDescription": "A number indicating the priority of one campaign over another campaign for a certain vehicle or fleet. A campaign with the lowest value is deployed to vehicles before any other campaigns. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "Priority", - "type": "number" - }, - "SignalCatalogArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the campaign.", - "title": "SignalCatalogArn", - "type": "string" - }, - "SignalsToCollect": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalInformation" - }, - "markdownDescription": "A list of information about signals to collect.", - "title": "SignalsToCollect", - "type": "array" + "Actions": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNActions", + "markdownDescription": "Specifies the action that is to be applied to the Malware Protection plan resource.", + "title": "Actions" }, - "SpoolingMode": { - "markdownDescription": "Whether to store collected data after a vehicle lost a connection with the cloud. After a connection is re-established, the data is automatically forwarded to AWS IoT FleetWise . If you want to store collected data when a vehicle loses connection with the cloud, use `TO_DISK` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", - "title": "SpoolingMode", - "type": "string" + "ProtectedResource": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNProtectedResource", + "markdownDescription": "Information about the protected resource. Presently, `S3Bucket` is the only supported protected resource.", + "title": "ProtectedResource" }, - "StartTime": { - "markdownDescription": "The time, in milliseconds, to deliver a campaign after it was approved. If it's not specified, `0` is used.\n\nDefault: `0`", - "title": "StartTime", + "Role": { + "markdownDescription": "Amazon Resource Name (ARN) of the IAM role that includes the permissions required to scan and (optionally) add tags to the associated protected resource.\n\nTo find the ARN of your IAM role, go to the IAM console, and select the role name for details.", + "title": "Role", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.TagItem" }, - "markdownDescription": "Metadata that can be used to manage the campaign.", + "markdownDescription": "The tags to be added to the created Malware Protection plan resource. Each tag consists of a key and an optional value, both of which you need to specify.", "title": "Tags", "type": "array" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle or fleet to which the campaign is deployed.", - "title": "TargetArn", - "type": "string" } }, "required": [ - "Action", - "CollectionScheme", - "Name", - "SignalCatalogArn", - "TargetArn" + "ProtectedResource", + "Role" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Campaign" + "AWS::GuardDuty::MalwareProtectionPlan" ], "type": "string" }, @@ -127978,155 +137721,98 @@ ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.CollectionScheme": { + "AWS::GuardDuty::MalwareProtectionPlan.CFNActions": { "additionalProperties": false, "properties": { - "ConditionBasedCollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme", - "markdownDescription": "Information about a collection scheme that uses a simple logical expression to recognize what data to collect.", - "title": "ConditionBasedCollectionScheme" - }, - "TimeBasedCollectionScheme": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme", - "markdownDescription": "Information about a collection scheme that uses a time period to decide how often to collect data.", - "title": "TimeBasedCollectionScheme" + "Tagging": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.CFNTagging", + "markdownDescription": "Contains information about tagging status of the Malware Protection plan resource.", + "title": "Tagging" } }, "type": "object" }, - "AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme": { + "AWS::GuardDuty::MalwareProtectionPlan.CFNProtectedResource": { "additionalProperties": false, "properties": { - "ConditionLanguageVersion": { - "markdownDescription": "Specifies the version of the conditional expression language.", - "title": "ConditionLanguageVersion", - "type": "number" - }, - "Expression": { - "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.Vehicle.OutsideAirTemperature >= 105.0` .", - "title": "Expression", - "type": "string" - }, - "MinimumTriggerIntervalMs": { - "markdownDescription": "The minimum duration of time between two triggering events to collect data, in milliseconds.\n\n> If a signal changes often, you might want to collect data at a slower rate.", - "title": "MinimumTriggerIntervalMs", - "type": "number" - }, - "TriggerMode": { - "markdownDescription": "Whether to collect data for all triggering events ( `ALWAYS` ). Specify ( `RISING_EDGE` ), or specify only when the condition first evaluates to false. For example, triggering on \"AirbagDeployed\"; Users aren't interested on triggering when the airbag is already exploded; they only care about the change from not deployed => deployed.", - "title": "TriggerMode", - "type": "string" + "S3Bucket": { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan.S3Bucket", + "markdownDescription": "Information about the protected S3 bucket resource.", + "title": "S3Bucket" } }, "required": [ - "Expression" + "S3Bucket" ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.DataDestinationConfig": { - "additionalProperties": false, - "properties": { - "S3Config": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.S3Config", - "markdownDescription": "The Amazon S3 bucket where the AWS IoT FleetWise campaign sends data.", - "title": "S3Config" - }, - "TimestreamConfig": { - "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimestreamConfig", - "markdownDescription": "The Amazon Timestream table where the campaign sends data.", - "title": "TimestreamConfig" - } - }, - "type": "object" - }, - "AWS::IoTFleetWise::Campaign.S3Config": { + "AWS::GuardDuty::MalwareProtectionPlan.CFNStatusReasons": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket.", - "title": "BucketArn", - "type": "string" - }, - "DataFormat": { - "markdownDescription": "Specify the format that files are saved in the Amazon S3 bucket. You can save files in an Apache Parquet or JSON format.\n\n- Parquet - Store data in a columnar storage file format. Parquet is optimal for fast data retrieval and can reduce costs. This option is selected by default.\n- JSON - Store data in a standard text-based JSON file format.", - "title": "DataFormat", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Enter an S3 bucket prefix. The prefix is the string of characters after the bucket name and before the object name. You can use the prefix to organize data stored in Amazon S3 buckets. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .\n\nBy default, AWS IoT FleetWise sets the prefix `processed-data/year=YY/month=MM/date=DD/hour=HH/` (in UTC) to data it delivers to Amazon S3 . You can enter a prefix to append it to this default prefix. For example, if you enter the prefix `vehicles` , the prefix will be `vehicles/processed-data/year=YY/month=MM/date=DD/hour=HH/` .", - "title": "Prefix", + "Code": { + "markdownDescription": "The status code of the Malware Protection plan. For more information, see [Malware Protection plan resource status](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection-s3-bucket-status-gdu.html) in the *GuardDuty User Guide* .", + "title": "Code", "type": "string" }, - "StorageCompressionFormat": { - "markdownDescription": "By default, stored data is compressed as a .gzip file. Compressed files have a reduced file size, which can optimize the cost of data storage.", - "title": "StorageCompressionFormat", + "Message": { + "markdownDescription": "Issue message that specifies the reason. For information about potential troubleshooting steps, see [Troubleshooting Malware Protection for S3 status issues](https://docs.aws.amazon.com/guardduty/latest/ug/troubleshoot-s3-malware-protection-status-errors.html) in the *Amazon GuardDuty User Guide* .", + "title": "Message", "type": "string" } }, - "required": [ - "BucketArn" - ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.SignalInformation": { + "AWS::GuardDuty::MalwareProtectionPlan.CFNTagging": { "additionalProperties": false, "properties": { - "MaxSampleCount": { - "markdownDescription": "The maximum number of samples to collect.", - "title": "MaxSampleCount", - "type": "number" - }, - "MinimumSamplingIntervalMs": { - "markdownDescription": "The minimum duration of time (in milliseconds) between two triggering events to collect data.\n\n> If a signal changes often, you might want to collect data at a slower rate.", - "title": "MinimumSamplingIntervalMs", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the signal.", - "title": "Name", + "Status": { + "markdownDescription": "Indicates whether or not you chose GuardDuty to add a predefined tag to the scanned S3 object.\n\nPotential values include `ENABLED` and `DISABLED` . These values are case-sensitive.", + "title": "Status", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme": { + "AWS::GuardDuty::MalwareProtectionPlan.S3Bucket": { "additionalProperties": false, "properties": { - "PeriodMs": { - "markdownDescription": "The time period (in milliseconds) to decide how often to collect data. For example, if the time period is `60000` , the Edge Agent software collects data once every minute.", - "title": "PeriodMs", - "type": "number" + "BucketName": { + "markdownDescription": "Name of the S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "ObjectPrefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the specified object prefixes. An S3 object will be scanned only if it belongs to any of the specified object prefixes.", + "title": "ObjectPrefixes", + "type": "array" } }, - "required": [ - "PeriodMs" - ], "type": "object" }, - "AWS::IoTFleetWise::Campaign.TimestreamConfig": { + "AWS::GuardDuty::MalwareProtectionPlan.TagItem": { "additionalProperties": false, "properties": { - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants AWS IoT FleetWise permission to deliver data to the Amazon Timestream table.", - "title": "ExecutionRoleArn", + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "TimestreamTableArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Timestream table.", - "title": "TimestreamTableArn", + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, "required": [ - "ExecutionRoleArn", - "TimestreamTableArn" + "Key", + "Value" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest": { + "AWS::GuardDuty::Master": { "additionalProperties": false, "properties": { "Condition": { @@ -128161,60 +137847,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the decoder manifest.", - "title": "Description", - "type": "string" - }, - "ModelManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle model (model manifest) associated with the decoder manifest.", - "title": "ModelManifestArn", + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty member account.\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the decoder manifest.", - "title": "Name", + "InvitationId": { + "markdownDescription": "The ID of the invitation that is sent to the account designated as a member account. You can find the invitation ID by running the [ListInvitations](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html) in the *GuardDuty API Reference* .", + "title": "InvitationId", "type": "string" }, - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems" - }, - "markdownDescription": "A list of information about available network interfaces.", - "title": "NetworkInterfaces", - "type": "array" - }, - "SignalDecoders": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems" - }, - "markdownDescription": "A list of information about signal decoders.", - "title": "SignalDecoders", - "type": "array" - }, - "Status": { - "markdownDescription": "The state of the decoder manifest. If the status is `ACTIVE` , the decoder manifest can't be edited. If the status is marked `DRAFT` , you can edit the decoder manifest.", - "title": "Status", + "MasterId": { + "markdownDescription": "The AWS account ID of the account designated as the GuardDuty administrator account.", + "title": "MasterId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata that can be used to manage the decoder manifest.", - "title": "Tags", - "type": "array" } }, "required": [ - "ModelManifestArn", - "Name" + "DetectorId", + "MasterId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::DecoderManifest" + "AWS::GuardDuty::Master" ], "type": "string" }, @@ -128233,239 +137890,222 @@ ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.CanInterface": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The unique name of the interface.", - "title": "Name", - "type": "string" - }, - "ProtocolName": { - "markdownDescription": "The name of the communication protocol for the interface.", - "title": "ProtocolName", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The version of the communication protocol for the interface.", - "title": "ProtocolVersion", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::IoTFleetWise::DecoderManifest.CanSignal": { + "AWS::GuardDuty::Member": { "additionalProperties": false, "properties": { - "Factor": { - "markdownDescription": "A multiplier used to decode the CAN message.", - "title": "Factor", - "type": "string" - }, - "IsBigEndian": { - "markdownDescription": "Whether the byte ordering of a CAN message is big-endian.", - "title": "IsBigEndian", + "Condition": { "type": "string" }, - "IsSigned": { - "markdownDescription": "Whether the message data is specified as a signed value.", - "title": "IsSigned", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Length": { - "markdownDescription": "How many bytes of data are in the message.", - "title": "Length", - "type": "string" - }, - "MessageId": { - "markdownDescription": "The ID of the message.", - "title": "MessageId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the signal.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Offset": { - "markdownDescription": "The offset used to calculate the signal value. Combined with factor, the calculation is `value = raw_value * factor + offset` .", - "title": "Offset", - "type": "string" + "Metadata": { + "type": "object" }, - "StartBit": { - "markdownDescription": "Indicates the beginning of the CAN message.", - "title": "StartBit", - "type": "string" - } - }, - "required": [ - "Factor", - "IsBigEndian", - "IsSigned", - "Length", - "MessageId", - "Offset", - "StartBit" - ], - "type": "object" - }, - "AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems": { - "additionalProperties": false, - "properties": { - "CanInterface": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanInterface" + "Properties": { + "additionalProperties": false, + "properties": { + "DetectorId": { + "markdownDescription": "The ID of the detector associated with the GuardDuty service to add the member to.", + "title": "DetectorId", + "type": "string" + }, + "DisableEmailNotification": { + "markdownDescription": "Specifies whether or not to disable email notification for the member account that you invite.", + "title": "DisableEmailNotification", + "type": "boolean" + }, + "Email": { + "markdownDescription": "The email address associated with the member account.", + "title": "Email", + "type": "string" + }, + "MemberId": { + "markdownDescription": "The AWS account ID of the account to designate as a member.", + "title": "MemberId", + "type": "string" + }, + "Message": { + "markdownDescription": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members.", + "title": "Message", + "type": "string" + }, + "Status": { + "markdownDescription": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Email" + ], + "type": "object" }, - "InterfaceId": { + "Type": { + "enum": [ + "AWS::GuardDuty::Member" + ], "type": "string" }, - "ObdInterface": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdInterface" - }, - "Type": { + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InterfaceId", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.ObdInterface": { + "AWS::GuardDuty::PublishingDestination": { "additionalProperties": false, "properties": { - "DtcRequestIntervalSeconds": { - "markdownDescription": "The maximum number message requests per diagnostic trouble code per second.", - "title": "DtcRequestIntervalSeconds", + "Condition": { "type": "string" }, - "HasTransmissionEcu": { - "markdownDescription": "Whether the vehicle has a transmission control module (TCM).", - "title": "HasTransmissionEcu", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Name": { - "markdownDescription": "The name of the interface.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ObdStandard": { - "markdownDescription": "The standard OBD II PID.", - "title": "ObdStandard", - "type": "string" + "Metadata": { + "type": "object" }, - "PidRequestIntervalSeconds": { - "markdownDescription": "The maximum number message requests per second.", - "title": "PidRequestIntervalSeconds", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationProperties": { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination.CFNDestinationProperties", + "markdownDescription": "Contains the Amazon Resource Name (ARN) of the resource to publish to, such as an S3 bucket, and the ARN of the KMS key to use to encrypt published findings.", + "title": "DestinationProperties" + }, + "DestinationType": { + "markdownDescription": "The type of publishing destination. GuardDuty supports Amazon S3 buckets as a publishing destination.", + "title": "DestinationType", + "type": "string" + }, + "DetectorId": { + "markdownDescription": "The ID of the GuardDuty detector where the publishing destination exists.", + "title": "DetectorId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination.TagItem" + }, + "markdownDescription": "Describes a tag.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DestinationProperties", + "DestinationType", + "DetectorId" + ], + "type": "object" }, - "RequestMessageId": { - "markdownDescription": "The ID of the message requesting vehicle data.", - "title": "RequestMessageId", + "Type": { + "enum": [ + "AWS::GuardDuty::PublishingDestination" + ], "type": "string" }, - "UseExtendedIds": { - "markdownDescription": "Whether to use extended IDs in the message.", - "title": "UseExtendedIds", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "RequestMessageId" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.ObdSignal": { + "AWS::GuardDuty::PublishingDestination.CFNDestinationProperties": { "additionalProperties": false, "properties": { - "BitMaskLength": { - "markdownDescription": "The number of bits to mask in a message.", - "title": "BitMaskLength", - "type": "string" - }, - "BitRightShift": { - "markdownDescription": "The number of positions to shift bits in the message.", - "title": "BitRightShift", - "type": "string" - }, - "ByteLength": { - "markdownDescription": "The length of a message.", - "title": "ByteLength", - "type": "string" - }, - "Offset": { - "markdownDescription": "The offset used to calculate the signal value. Combined with scaling, the calculation is `value = raw_value * scaling + offset` .", - "title": "Offset", - "type": "string" - }, - "Pid": { - "markdownDescription": "The diagnostic code used to request data from a vehicle for this signal.", - "title": "Pid", - "type": "string" - }, - "PidResponseLength": { - "markdownDescription": "The length of the requested data.", - "title": "PidResponseLength", - "type": "string" - }, - "Scaling": { - "markdownDescription": "A multiplier used to decode the message.", - "title": "Scaling", - "type": "string" - }, - "ServiceMode": { - "markdownDescription": "The mode of operation (diagnostic service) in a message.", - "title": "ServiceMode", + "DestinationArn": { + "markdownDescription": "The ARN of the resource where the findings are published.", + "title": "DestinationArn", "type": "string" }, - "StartByte": { - "markdownDescription": "Indicates the beginning of the message.", - "title": "StartByte", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key to use for encryption.", + "title": "KmsKeyArn", "type": "string" } }, - "required": [ - "ByteLength", - "Offset", - "Pid", - "PidResponseLength", - "Scaling", - "ServiceMode", - "StartByte" - ], "type": "object" }, - "AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems": { + "AWS::GuardDuty::PublishingDestination.TagItem": { "additionalProperties": false, "properties": { - "CanSignal": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanSignal" - }, - "FullyQualifiedName": { - "type": "string" - }, - "InterfaceId": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "ObdSignal": { - "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdSignal" - }, - "Type": { + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" } }, "required": [ - "FullyQualifiedName", - "InterfaceId", - "Type" + "Key", + "Value" ], "type": "object" }, - "AWS::IoTFleetWise::Fleet": { + "AWS::GuardDuty::ThreatIntelSet": { "additionalProperties": false, "properties": { "Condition": { @@ -128500,39 +138140,54 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the fleet.", - "title": "Description", + "Activate": { + "markdownDescription": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", + "title": "Activate", + "type": "boolean" + }, + "DetectorId": { + "markdownDescription": "The unique ID of the detector of the GuardDuty account for which you want to create a `ThreatIntelSet` .\n\nTo find the `detectorId` in the current Region, see the\nSettings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API.", + "title": "DetectorId", "type": "string" }, - "Id": { - "markdownDescription": "The unique ID of the fleet.", - "title": "Id", + "ExpectedBucketOwner": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field.\n\nWhen you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation.", + "title": "ExpectedBucketOwner", "type": "string" }, - "SignalCatalogArn": { - "markdownDescription": "The ARN of the signal catalog associated with the fleet.", - "title": "SignalCatalogArn", + "Format": { + "markdownDescription": "The format of the file that contains the ThreatIntelSet.", + "title": "Format", + "type": "string" + }, + "Location": { + "markdownDescription": "The URI of the file that contains the ThreatIntelSet.", + "title": "Location", + "type": "string" + }, + "Name": { + "markdownDescription": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", + "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet.TagItem" }, - "markdownDescription": "Metadata that can be used to manage the fleet.", + "markdownDescription": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "Id", - "SignalCatalogArn" + "Format", + "Location" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Fleet" + "AWS::GuardDuty::ThreatIntelSet" ], "type": "string" }, @@ -128551,7 +138206,27 @@ ], "type": "object" }, - "AWS::IoTFleetWise::ModelManifest": { + "AWS::GuardDuty::ThreatIntelSet.TagItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::HealthImaging::Datastore": { "additionalProperties": false, "properties": { "Condition": { @@ -128586,52 +138261,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the vehicle model.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the vehicle model.", - "title": "Name", - "type": "string" - }, - "Nodes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of nodes, which are a general abstraction of signals.", - "title": "Nodes", - "type": "array" - }, - "SignalCatalogArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the vehicle model.", - "title": "SignalCatalogArn", + "DatastoreName": { + "markdownDescription": "The data store name.", + "title": "DatastoreName", "type": "string" }, - "Status": { - "markdownDescription": "The state of the vehicle model. If the status is `ACTIVE` , the vehicle model can't be edited. If the status is `DRAFT` , you can edit the vehicle model.", - "title": "Status", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data.", + "title": "KmsKeyArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The tags provided when creating a data store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Metadata that can be used to manage the vehicle model.", "title": "Tags", - "type": "array" + "type": "object" } }, - "required": [ - "Name", - "SignalCatalogArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::ModelManifest" + "AWS::HealthImaging::Datastore" ], "type": "string" }, @@ -128645,12 +138301,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog": { + "AWS::HealthLake::FHIRDatastore": { "additionalProperties": false, "properties": { "Condition": { @@ -128685,43 +138340,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the signal catalog.", - "title": "Description", + "DatastoreName": { + "markdownDescription": "The data store name (user-generated).", + "title": "DatastoreName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the signal catalog.", - "title": "Name", + "DatastoreTypeVersion": { + "markdownDescription": "The FHIR release version supported by the data store. Current support is for version `R4` .", + "title": "DatastoreTypeVersion", "type": "string" }, - "NodeCounts": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.NodeCounts", - "markdownDescription": "Information about the number of nodes and node types in a vehicle network.", - "title": "NodeCounts" + "IdentityProviderConfiguration": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration", + "markdownDescription": "The identity provider configuration selected when the data store was created.", + "title": "IdentityProviderConfiguration" }, - "Nodes": { - "items": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Node" - }, - "markdownDescription": "A list of information about nodes, which are a general abstraction of signals.", - "title": "Nodes", - "type": "array" + "PreloadDataConfig": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.PreloadDataConfig", + "markdownDescription": "The preloaded Synthea data configuration for the data store.", + "title": "PreloadDataConfig" + }, + "SseConfiguration": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.SseConfiguration", + "markdownDescription": "The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.", + "title": "SseConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata that can be used to manage the signal catalog.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "DatastoreTypeVersion" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::SignalCatalog" + "AWS::HealthLake::FHIRDatastore" ], "type": "string" }, @@ -128735,246 +138395,108 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Actuator": { + "AWS::HealthLake::FHIRDatastore.CreatedAt": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values an actuator can take.", - "title": "AllowedValues", - "type": "array" - }, - "AssignedValue": { - "markdownDescription": "A specified value for the actuator.", - "title": "AssignedValue", - "type": "string" - }, - "DataType": { - "markdownDescription": "The specified data type of the actuator.", - "title": "DataType", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of the actuator.", - "title": "Description", - "type": "string" - }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the actuator. For example, the fully qualified name of an actuator might be `Vehicle.Front.Left.Door.Lock` .", - "title": "FullyQualifiedName", - "type": "string" - }, - "Max": { - "markdownDescription": "The specified possible maximum value of an actuator.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The specified possible minimum value of an actuator.", - "title": "Min", + "Nanos": { + "markdownDescription": "", + "title": "Nanos", "type": "number" }, - "Unit": { - "markdownDescription": "The scientific unit for the actuator.", - "title": "Unit", + "Seconds": { + "markdownDescription": "", + "title": "Seconds", "type": "string" } }, "required": [ - "DataType", - "FullyQualifiedName" + "Nanos", + "Seconds" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Attribute": { + "AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values an attribute can be assigned.", - "title": "AllowedValues", - "type": "array" - }, - "AssignedValue": { - "markdownDescription": "A specified value for the attribute.", - "title": "AssignedValue", - "type": "string" - }, - "DataType": { - "markdownDescription": "The specified data type of the attribute.", - "title": "DataType", - "type": "string" - }, - "DefaultValue": { - "markdownDescription": "The default value of the attribute.", - "title": "DefaultValue", + "AuthorizationStrategy": { + "markdownDescription": "The authorization strategy selected when the HealthLake data store is created.\n\n> HealthLake provides support for both SMART on FHIR V1 and V2 as described below.\n> \n> - `SMART_ON_FHIR_V1` \u2013 Support for only SMART on FHIR V1, which includes `read` (read/search) and `write` (create/update/delete) permissions.\n> - `SMART_ON_FHIR` \u2013 Support for both SMART on FHIR V1 and V2, which includes `create` , `read` , `update` , `delete` , and `search` permissions.\n> - `AWS_AUTH` \u2013 The default HealthLake authorization strategy; not affiliated with SMART on FHIR.", + "title": "AuthorizationStrategy", "type": "string" }, - "Description": { - "markdownDescription": "A brief description of the attribute.", - "title": "Description", - "type": "string" + "FineGrainedAuthorizationEnabled": { + "markdownDescription": "The parameter to enable SMART on FHIR fine-grained authorization for the data store.", + "title": "FineGrainedAuthorizationEnabled", + "type": "boolean" }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the attribute. For example, the fully qualified name of an attribute might be `Vehicle.Body.Engine.Type` .", - "title": "FullyQualifiedName", + "IdpLambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.", + "title": "IdpLambdaArn", "type": "string" }, - "Max": { - "markdownDescription": "The specified possible maximum value of the attribute.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The specified possible minimum value of the attribute.", - "title": "Min", - "type": "number" - }, - "Unit": { - "markdownDescription": "The scientific unit for the attribute.", - "title": "Unit", + "Metadata": { + "markdownDescription": "The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see [Metadata](https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata) in SMART's App Launch specification.\n\n`authorization_endpoint` : The URL to the OAuth2 authorization endpoint.\n\n`grant_types_supported` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are `authorization_code` and `client_credentials` .\n\n`token_endpoint` : The URL to the OAuth2 token endpoint.\n\n`capabilities` : An array of strings of the SMART capabilities that the authorization server supports.\n\n`code_challenge_methods_supported` : An array of strings of supported PKCE code challenge methods. You must include the `S256` method in the array of PKCE code challenge methods.", + "title": "Metadata", "type": "string" } }, "required": [ - "DataType", - "FullyQualifiedName" + "AuthorizationStrategy" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Branch": { + "AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A brief description of the branch.", - "title": "Description", + "CmkType": { + "markdownDescription": "The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see [KmsEncryptionConfig](https://docs.aws.amazon.com/healthlake/latest/APIReference/API_KmsEncryptionConfig.html#HealthLake-Type-KmsEncryptionConfig-CmkType) .", + "title": "CmkType", "type": "string" }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the branch. For example, the fully qualified name of a branch might be `Vehicle.Body.Engine` .", - "title": "FullyQualifiedName", + "KmsKeyId": { + "markdownDescription": "The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.", + "title": "KmsKeyId", "type": "string" } }, "required": [ - "FullyQualifiedName" + "CmkType" ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Node": { - "additionalProperties": false, - "properties": { - "Actuator": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Actuator", - "markdownDescription": "Information about a node specified as an actuator.\n\n> An actuator is a digital representation of a vehicle device.", - "title": "Actuator" - }, - "Attribute": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Attribute", - "markdownDescription": "Information about a node specified as an attribute.\n\n> An attribute represents static information about a vehicle.", - "title": "Attribute" - }, - "Branch": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Branch", - "markdownDescription": "Information about a node specified as a branch.\n\n> A group of signals that are defined in a hierarchical structure.", - "title": "Branch" - }, - "Sensor": { - "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Sensor", - "markdownDescription": "An input component that reports the environmental condition of a vehicle.\n\n> You can collect data about fluid levels, temperatures, vibrations, or battery voltage from sensors.", - "title": "Sensor" - } - }, - "type": "object" - }, - "AWS::IoTFleetWise::SignalCatalog.NodeCounts": { + "AWS::HealthLake::FHIRDatastore.PreloadDataConfig": { "additionalProperties": false, "properties": { - "TotalActuators": { - "markdownDescription": "The total number of nodes in a vehicle network that represent actuators.", - "title": "TotalActuators", - "type": "number" - }, - "TotalAttributes": { - "markdownDescription": "The total number of nodes in a vehicle network that represent attributes.", - "title": "TotalAttributes", - "type": "number" - }, - "TotalBranches": { - "markdownDescription": "The total number of nodes in a vehicle network that represent branches.", - "title": "TotalBranches", - "type": "number" - }, - "TotalNodes": { - "markdownDescription": "The total number of nodes in a vehicle network.", - "title": "TotalNodes", - "type": "number" - }, - "TotalSensors": { - "markdownDescription": "The total number of nodes in a vehicle network that represent sensors.", - "title": "TotalSensors", - "type": "number" + "PreloadDataType": { + "markdownDescription": "The type of preloaded data. Only Synthea preloaded data is supported.", + "title": "PreloadDataType", + "type": "string" } }, + "required": [ + "PreloadDataType" + ], "type": "object" }, - "AWS::IoTFleetWise::SignalCatalog.Sensor": { + "AWS::HealthLake::FHIRDatastore.SseConfiguration": { "additionalProperties": false, "properties": { - "AllowedValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values a sensor can take.", - "title": "AllowedValues", - "type": "array" - }, - "DataType": { - "markdownDescription": "The specified data type of the sensor.", - "title": "DataType", - "type": "string" - }, - "Description": { - "markdownDescription": "A brief description of a sensor.", - "title": "Description", - "type": "string" - }, - "FullyQualifiedName": { - "markdownDescription": "The fully qualified name of the sensor. For example, the fully qualified name of a sensor might be `Vehicle.Body.Engine.Battery` .", - "title": "FullyQualifiedName", - "type": "string" - }, - "Max": { - "markdownDescription": "The specified possible maximum value of the sensor.", - "title": "Max", - "type": "number" - }, - "Min": { - "markdownDescription": "The specified possible minimum value of the sensor.", - "title": "Min", - "type": "number" - }, - "Unit": { - "markdownDescription": "The scientific unit of measurement for data collected by the sensor.", - "title": "Unit", - "type": "string" + "KmsEncryptionConfig": { + "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig", + "markdownDescription": "The server-side encryption key configuration for a customer provided encryption key.", + "title": "KmsEncryptionConfig" } }, "required": [ - "DataType", - "FullyQualifiedName" + "KmsEncryptionConfig" ], "type": "object" }, - "AWS::IoTFleetWise::Vehicle": { + "AWS::IAM::AccessKey": { "additionalProperties": false, "properties": { "Condition": { @@ -129009,56 +138531,30 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociationBehavior": { - "markdownDescription": "An option to create a new AWS IoT thing when creating a vehicle, or to validate an existing thing as a vehicle.", - "title": "AssociationBehavior", - "type": "string" - }, - "Attributes": { - "additionalProperties": true, - "markdownDescription": "Static information about a vehicle in a key-value pair. For example: `\"engine Type\"` : `\"v6\"`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "DecoderManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a decoder manifest associated with the vehicle to create.", - "title": "DecoderManifestArn", - "type": "string" + "Serial": { + "markdownDescription": "This value is specific to CloudFormation and can only be *incremented* . Incrementing this value notifies CloudFormation that you want to rotate your access key. When you update your stack, CloudFormation will replace the existing access key with a new key.", + "title": "Serial", + "type": "number" }, - "ModelManifestArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the vehicle model (model manifest) to create the vehicle from.", - "title": "ModelManifestArn", + "Status": { + "markdownDescription": "The status of the access key. `Active` means that the key is valid for API calls, while `Inactive` means it is not.", + "title": "Status", "type": "string" }, - "Name": { - "markdownDescription": "The unique ID of the vehicle.", - "title": "Name", + "UserName": { + "markdownDescription": "The name of the IAM user that the new key will belong to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "UserName", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Metadata which can be used to manage the vehicle.", - "title": "Tags", - "type": "array" } }, "required": [ - "DecoderManifestArn", - "ModelManifestArn", - "Name" + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTFleetWise::Vehicle" + "AWS::IAM::AccessKey" ], "type": "string" }, @@ -129077,7 +138573,7 @@ ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy": { + "AWS::IAM::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -129112,32 +138608,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicyIdentity": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity", - "markdownDescription": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", - "title": "AccessPolicyIdentity" + "GroupName": { + "markdownDescription": "The name of the group to create. Do not include the path in this value.\n\nThe group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "GroupName", + "type": "string" }, - "AccessPolicyPermission": { - "markdownDescription": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", - "title": "AccessPolicyPermission", + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", + "type": "array" + }, + "Path": { + "markdownDescription": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", "type": "string" }, - "AccessPolicyResource": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource", - "markdownDescription": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.", - "title": "AccessPolicyResource" + "Policies": { + "items": { + "$ref": "#/definitions/AWS::IAM::Group.Policy" + }, + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an IAM Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group) .\n\n> The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a group, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", + "title": "Policies", + "type": "array" } }, - "required": [ - "AccessPolicyIdentity", - "AccessPolicyPermission", - "AccessPolicyResource" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::AccessPolicy" + "AWS::IAM::Group" ], "type": "string" }, @@ -129151,104 +138653,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { - "additionalProperties": false, - "properties": { - "IamRole": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamRole", - "markdownDescription": "An IAM role identity.", - "title": "IamRole" - }, - "IamUser": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamUser", - "markdownDescription": "An IAM user identity.", - "title": "IamUser" - }, - "User": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.User", - "markdownDescription": "An IAM Identity Center user identity.", - "title": "User" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource": { + "AWS::IAM::Group.Policy": { "additionalProperties": false, "properties": { - "Portal": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Portal", - "markdownDescription": "Identifies an AWS IoT SiteWise Monitor portal.", - "title": "Portal" + "PolicyDocument": { + "markdownDescription": "The policy document.", + "title": "PolicyDocument", + "type": "object" }, - "Project": { - "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Project", - "markdownDescription": "Identifies a specific AWS IoT SiteWise Monitor project.", - "title": "Project" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AccessPolicy.IamRole": { - "additionalProperties": false, - "properties": { - "arn": { - "markdownDescription": "The ARN of the IAM role. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .", - "title": "arn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AccessPolicy.IamUser": { - "additionalProperties": false, - "properties": { - "arn": { - "markdownDescription": "The ARN of the IAM user. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .\n\n> If you delete the IAM user, access policies that contain this identity include an empty `arn` . You can delete the access policy for the IAM user that no longer exists.", - "title": "arn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AccessPolicy.Portal": { - "additionalProperties": false, - "properties": { - "id": { - "markdownDescription": "The ID of the portal.", - "title": "id", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AccessPolicy.Project": { - "additionalProperties": false, - "properties": { - "id": { - "markdownDescription": "The ID of the project.", - "title": "id", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AccessPolicy.User": { - "additionalProperties": false, - "properties": { - "id": { - "markdownDescription": "The IAM Identity Center ID of the user.", - "title": "id", + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", "type": "string" } }, + "required": [ + "PolicyDocument", + "PolicyName" + ], "type": "object" }, - "AWS::IoTSiteWise::Asset": { + "AWS::IAM::GroupPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -129283,60 +138712,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetDescription": { - "markdownDescription": "The ID of the asset, in UUID format.", - "title": "AssetDescription", - "type": "string" - }, - "AssetExternalId": { - "markdownDescription": "The external ID of the asset model composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetExternalId", + "GroupName": { + "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", + "title": "GroupName", "type": "string" }, - "AssetHierarchies": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetHierarchy" - }, - "markdownDescription": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships.", - "title": "AssetHierarchies", - "type": "array" - }, - "AssetModelId": { - "markdownDescription": "The ID of the asset model from which to create the asset. This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelId", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" }, - "AssetName": { - "markdownDescription": "A friendly name for the asset.", - "title": "AssetName", + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", "type": "string" - }, - "AssetProperties": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetProperty" - }, - "markdownDescription": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object.", - "title": "AssetProperties", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", - "type": "array" } }, "required": [ - "AssetModelId", - "AssetName" + "GroupName", + "PolicyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Asset" + "AWS::IAM::GroupPolicy" ], "type": "string" }, @@ -129355,72 +138755,7 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Asset.AssetHierarchy": { - "additionalProperties": false, - "properties": { - "ChildAssetId": { - "markdownDescription": "The Id of the child asset.", - "title": "ChildAssetId", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of the hierarchy, if it has one. When you update an asset hierarchy, you may assign an external ID if it doesn't already have one. You can't change the external ID of an asset hierarchy that already has one. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" - }, - "LogicalId": { - "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .", - "title": "LogicalId", - "type": "string" - } - }, - "required": [ - "ChildAssetId" - ], - "type": "object" - }, - "AWS::IoTSiteWise::Asset.AssetProperty": { - "additionalProperties": false, - "properties": { - "Alias": { - "markdownDescription": "The alias that identifies the property, such as an OPC-UA server data stream path (for example, `/company/windfarm/3/turbine/7/temperature` ). For more information, see [Mapping industrial data streams to asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/connect-data-streams.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Alias", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of the property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the asset property.\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" - }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset property.", - "title": "LogicalId", - "type": "string" - }, - "NotificationState": { - "markdownDescription": "The MQTT notification state (enabled or disabled) for this asset property. When the notification state is enabled, AWS IoT SiteWise publishes property value updates to a unique MQTT topic. For more information, see [Interacting with other services](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/interact-with-other-services.html) in the *AWS IoT SiteWise User Guide* .\n\nIf you omit this parameter, the notification state is set to `DISABLED` .", - "title": "NotificationState", - "type": "string" - }, - "Unit": { - "markdownDescription": "The unit (such as `Newtons` or `RPM` ) of the asset property.", - "title": "Unit", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel": { + "AWS::IAM::InstanceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -129455,67 +138790,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetModelCompositeModels": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel" - }, - "markdownDescription": "The composite models that are part of this asset model. It groups properties (such as attributes, measurements, transforms, and metrics) and child composite models that model parts of your industrial equipment. Each composite model has a type that defines the properties that the composite model supports. Use composite models to define alarms on this asset model.\n\n> When creating custom composite models, you need to use [CreateAssetModelCompositeModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModelCompositeModel.html) . For more information, see [Creating custom composite models (Components)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-custom-composite-models.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelCompositeModels", - "type": "array" - }, - "AssetModelDescription": { - "markdownDescription": "A description for the asset model.", - "title": "AssetModelDescription", - "type": "string" - }, - "AssetModelExternalId": { - "markdownDescription": "The external ID of the asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelExternalId", + "InstanceProfileName": { + "markdownDescription": "The name of the instance profile to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "InstanceProfileName", "type": "string" }, - "AssetModelHierarchies": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelHierarchy" - }, - "markdownDescription": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 10 hierarchies per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelHierarchies", - "type": "array" - }, - "AssetModelName": { - "markdownDescription": "A unique name for the asset model.", - "title": "AssetModelName", + "Path": { + "markdownDescription": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", "type": "string" }, - "AssetModelProperties": { + "Roles": { "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" + "type": "string" }, - "markdownDescription": "The property definitions of the asset model. For more information, see [Asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 200 properties per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "AssetModelProperties", - "type": "array" - }, - "AssetModelType": { - "markdownDescription": "The type of asset model.\n\n- *ASSET_MODEL* \u2013 (default) An asset model that you can use to create assets. Can't be included as a component in another asset model.\n- *COMPONENT_MODEL* \u2013 A reusable component that you can include in the composite models of other asset models. You can't create assets directly from this type of asset model.", - "title": "AssetModelType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", + "markdownDescription": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions.", + "title": "Roles", "type": "array" } }, "required": [ - "AssetModelName" + "Roles" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::AssetModel" + "AWS::IAM::InstanceProfile" ], "type": "string" }, @@ -129534,354 +138835,200 @@ ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel": { + "AWS::IAM::ManagedPolicy": { "additionalProperties": false, "properties": { - "ComposedAssetModelId": { - "markdownDescription": "The ID of a component model which is reused to create this composite model.", - "title": "ComposedAssetModelId", - "type": "string" - }, - "CompositeModelProperties": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" - }, - "markdownDescription": "The asset property definitions for this composite model.", - "title": "CompositeModelProperties", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the composite model.\n\n> If the composite model is a `component-model-based` composite model, the description is inherited from the `COMPONENT_MODEL` asset model and cannot be changed.", - "title": "Description", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of a composite model on this asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `Path` must be specified.", - "title": "ExternalId", + "Condition": { "type": "string" }, - "Id": { - "markdownDescription": "The ID of the asset model composite model.\n\n> This is a return value and can't be set.", - "title": "Id", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Name": { - "markdownDescription": "The name of the composite model.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParentAssetModelCompositeModelExternalId": { - "markdownDescription": "The external ID of the parent composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ParentAssetModelCompositeModelExternalId", - "type": "string" + "Metadata": { + "type": "object" }, - "Path": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A friendly description of the policy.\n\nTypically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n\nThe policy description is immutable. After a value is assigned, it cannot be changed.", + "title": "Description", + "type": "string" + }, + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name (friendly name, not ARN) of the group to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Groups", + "type": "array" + }, + "ManagedPolicyName": { + "markdownDescription": "The friendly name of the policy.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "ManagedPolicyName", + "type": "string" + }, + "Path": { + "markdownDescription": "The path for the policy.\n\nFor more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> You cannot use an asterisk (*) in the path name.", + "title": "Path", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "The JSON policy document that you want to use as the content for the new policy.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and AWS STS character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length) .\n\nTo learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide* .\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "Roles": { + "items": { + "type": "string" + }, + "markdownDescription": "The name (friendly name, not ARN) of the role to attach the policy to.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Roles", + "type": "array" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Users", + "type": "array" + } }, - "markdownDescription": "The structured path to the property from the root of the asset using property names. Path is used as the ID if the asset model is a derived composite model.\n\n> One of `ExternalId` or `Path` must be specified.", - "title": "Path", - "type": "array" + "required": [ + "PolicyDocument" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the composite model. For alarm composite models, this type is `AWS/ALARM` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Name", - "Type" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.AssetModelHierarchy": { - "additionalProperties": false, - "properties": { - "ChildAssetModelId": { - "markdownDescription": "The ID of the asset model, in UUID format. All assets in this hierarchy must be instances of the `childAssetModelId` asset model. AWS IoT SiteWise will always return the actual asset model ID for this value. However, when you are specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) , you may provide either the asset model ID or else `externalId:` followed by the asset model's external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "ChildAssetModelId", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID (if any) provided in the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) operation. You can assign an external ID by specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) . However, you can't change the external ID if one is already assigned. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the asset model hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set. \n\n- If you are callling [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) to create a *new* hierarchy: You can specify its ID here, if desired. AWS IoT SiteWise automatically generates a unique ID for you, so this parameter is never required. However, if you prefer to supply your own ID instead, you can specify it here in UUID format. If you specify your own ID, it must be globally unique.\n- If you are calling UpdateAssetModel to modify an *existing* hierarchy: This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", - "title": "Id", - "type": "string" - }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset model hierarchy. This ID is a `hierarchyLogicalId` .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "LogicalId", + "enum": [ + "AWS::IAM::ManagedPolicy" + ], "type": "string" }, - "Name": { - "markdownDescription": "The name of the asset model hierarchy that you specify by using the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) API operation.", - "title": "Name", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ChildAssetModelId", - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.AssetModelProperty": { + "AWS::IAM::OIDCProvider": { "additionalProperties": false, "properties": { - "DataType": { - "markdownDescription": "The data type of the asset model property.\n\nIf you specify `STRUCT` , you must also specify `dataTypeSpec` to identify the type of the structure for this property.", - "title": "DataType", - "type": "string" - }, - "DataTypeSpec": { - "markdownDescription": "The data type of the structure for this property. This parameter exists on properties that have the `STRUCT` data type.", - "title": "DataTypeSpec", - "type": "string" - }, - "ExternalId": { - "markdownDescription": "The external ID of the asset property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "ExternalId", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID of the property.\n\n> This is a return value and can't be set.", - "title": "Id", - "type": "string" - }, - "LogicalId": { - "markdownDescription": "The `LogicalID` of the asset model property.\n\n> One of `ExternalId` or `LogicalId` must be specified.", - "title": "LogicalId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of the asset model property.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Type": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyType", - "markdownDescription": "Contains a property type, which can be one of `attribute` , `measurement` , `metric` , or `transform` .", - "title": "Type" - }, - "Unit": { - "markdownDescription": "The unit of the asset model property, such as `Newtons` or `RPM` .", - "title": "Unit", - "type": "string" - } - }, - "required": [ - "DataType", - "Name", - "Type" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.Attribute": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* .", - "title": "DefaultValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.ExpressionVariable": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The friendly name of the variable to be used in the expression.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Value": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.VariableValue", - "markdownDescription": "The variable that identifies an asset property from which to use values.", - "title": "Value" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.Metric": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "The mathematical expression that defines the metric aggregation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Expression", - "type": "string" + "Metadata": { + "type": "object" }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" + "Properties": { + "additionalProperties": false, + "properties": { + "ClientIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", + "title": "ClientIdList", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", + "title": "Tags", + "type": "array" + }, + "ThumbprintList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .\n\nThis property is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate.", + "title": "ThumbprintList", + "type": "array" + }, + "Url": { + "markdownDescription": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", + "title": "Url", + "type": "string" + } }, - "markdownDescription": "The list of variables used in the expression.", - "title": "Variables", - "type": "array" - }, - "Window": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.MetricWindow", - "markdownDescription": "The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression. AWS IoT SiteWise computes one data point per `window` .", - "title": "Window" - } - }, - "required": [ - "Expression", - "Variables", - "Window" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.MetricWindow": { - "additionalProperties": false, - "properties": { - "Tumbling": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.TumblingWindow", - "markdownDescription": "The tumbling time interval window.", - "title": "Tumbling" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.PropertyPathDefinition": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the path segment.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.PropertyType": { - "additionalProperties": false, - "properties": { - "Attribute": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Attribute", - "markdownDescription": "Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine.", - "title": "Attribute" - }, - "Metric": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Metric", - "markdownDescription": "Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature.", - "title": "Metric" - }, - "Transform": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Transform", - "markdownDescription": "Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit.", - "title": "Transform" - }, - "TypeName": { - "markdownDescription": "The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` .", - "title": "TypeName", - "type": "string" - } - }, - "required": [ - "TypeName" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.Transform": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "The mathematical expression that defines the transformation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Expression", - "type": "string" + "type": "object" }, - "Variables": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" - }, - "markdownDescription": "The list of variables used in the expression.", - "title": "Variables", - "type": "array" - } - }, - "required": [ - "Expression", - "Variables" - ], - "type": "object" - }, - "AWS::IoTSiteWise::AssetModel.TumblingWindow": { - "additionalProperties": false, - "properties": { - "Interval": { - "markdownDescription": "The time interval for the tumbling window. The interval time must be between 1 minute and 1 week.\n\nAWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on.\n\nWhen AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval.", - "title": "Interval", + "Type": { + "enum": [ + "AWS::IAM::OIDCProvider" + ], "type": "string" }, - "Offset": { - "markdownDescription": "The offset for the tumbling window. The `offset` parameter accepts the following:\n\n- The offset time.\n\nFor example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The ISO 8601 format.\n\nFor example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The 24-hour clock.\n\nFor example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC).\n- The offset time zone.\n\nFor example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric.\n- If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day.", - "title": "Offset", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Interval" + "Type" ], "type": "object" }, - "AWS::IoTSiteWise::AssetModel.VariableValue": { - "additionalProperties": false, - "properties": { - "HierarchyExternalId": { - "markdownDescription": "The external ID of the hierarchy being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyExternalId", - "type": "string" - }, - "HierarchyId": { - "markdownDescription": "The ID of the hierarchy to query for the property ID. You can use the hierarchy's name instead of the hierarchy's ID. If the hierarchy has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\nYou use a hierarchy ID instead of a model ID because you can have several hierarchies using the same model and therefore the same `propertyId` . For example, you might have separately grouped assets that come from the same asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyId", - "type": "string" - }, - "HierarchyLogicalId": { - "markdownDescription": "The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` .\n\nYou use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", - "title": "HierarchyLogicalId", - "type": "string" - }, - "PropertyExternalId": { - "markdownDescription": "The external ID of the property being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", - "title": "PropertyExternalId", - "type": "string" - }, - "PropertyId": { - "markdownDescription": "The ID of the property to use as the variable. You can use the property `name` if it's from the same asset model. If the property has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> This is a return value and can't be set.", - "title": "PropertyId", - "type": "string" - }, - "PropertyLogicalId": { - "markdownDescription": "The `LogicalID` of the property that is being referenced.", - "title": "PropertyLogicalId", - "type": "string" - }, - "PropertyPath": { - "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyPathDefinition" - }, - "markdownDescription": "The path of the property. Each step of the path is the name of the step. See the following example:\n\n`PropertyPath: Name: AssetModelName Name: Composite1 Name: NestedComposite`", - "title": "PropertyPath", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::Dashboard": { + "AWS::IAM::Policy": { "additionalProperties": false, "properties": { "Condition": { @@ -129916,45 +139063,50 @@ "Properties": { "additionalProperties": false, "properties": { - "DashboardDefinition": { - "markdownDescription": "The dashboard definition specified in a JSON literal.\n\n- AWS IoT SiteWise Monitor (Classic) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-using-aws-cli.html)\n- AWS IoT SiteWise Monitor (AI-aware) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-ai-dashboard-cli.html)\n\nin the *AWS IoT SiteWise User Guide*", - "title": "DashboardDefinition", - "type": "string" + "Groups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", + "title": "Groups", + "type": "array" }, - "DashboardDescription": { - "markdownDescription": "A description for the dashboard.", - "title": "DashboardDescription", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" }, - "DashboardName": { - "markdownDescription": "A friendly name for the dashboard.", - "title": "DashboardName", + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", "type": "string" }, - "ProjectId": { - "markdownDescription": "The ID of the project in which to create the dashboard.", - "title": "ProjectId", - "type": "string" + "Roles": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Roles", + "type": "array" }, - "Tags": { + "Users": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the dashboard. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", - "title": "Tags", + "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Users", "type": "array" } }, "required": [ - "DashboardDefinition", - "DashboardDescription", - "DashboardName" + "PolicyDocument", + "PolicyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Dashboard" + "AWS::IAM::Policy" ], "type": "string" }, @@ -129973,7 +139125,7 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Gateway": { + "AWS::IAM::Role": { "additionalProperties": false, "properties": { "Condition": { @@ -130008,42 +139160,69 @@ "Properties": { "additionalProperties": false, "properties": { - "GatewayCapabilitySummaries": { + "AssumeRolePolicyDocument": { + "markdownDescription": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples) . For more information about the elements that you can use in an IAM policy, see [IAM Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *IAM User Guide* .", + "title": "AssumeRolePolicyDocument", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the role that you provide.", + "title": "Description", + "type": "string" + }, + "ManagedPolicyArns": { "items": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary" + "type": "string" }, - "markdownDescription": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", - "title": "GatewayCapabilitySummaries", + "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", "type": "array" }, - "GatewayName": { - "markdownDescription": "A unique name for the gateway.", - "title": "GatewayName", + "MaxSessionDuration": { + "markdownDescription": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n\nAnyone who assumes the role from the AWS CLI or API can use the `DurationSeconds` API parameter or the `duration-seconds` AWS CLI parameter to request a longer session. The `MaxSessionDuration` setting determines the maximum duration that can be requested using the `DurationSeconds` parameter. If users don't specify a value for the `DurationSeconds` parameter, their security credentials are valid for one hour by default. This applies when you use the `AssumeRole*` API operations or the `assume-role*` AWS CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide* .", + "title": "MaxSessionDuration", + "type": "number" + }, + "Path": { + "markdownDescription": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", "type": "string" }, - "GatewayPlatform": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayPlatform", - "markdownDescription": "The gateway's platform. You can only specify one platform in a gateway.", - "title": "GatewayPlatform" + "PermissionsBoundary": { + "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role.\n\nFor more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .", + "title": "PermissionsBoundary", + "type": "string" + }, + "Policies": { + "items": { + "$ref": "#/definitions/AWS::IAM::Role.Policy" + }, + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", + "title": "Policies", + "type": "array" + }, + "RoleName": { + "markdownDescription": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "RoleName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", "title": "Tags", "type": "array" } }, "required": [ - "GatewayName", - "GatewayPlatform" + "AssumeRolePolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Gateway" + "AWS::IAM::Role" ], "type": "string" }, @@ -130062,85 +139241,105 @@ ], "type": "object" }, - "AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary": { + "AWS::IAM::Role.Policy": { "additionalProperties": false, "properties": { - "CapabilityConfiguration": { - "markdownDescription": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", - "title": "CapabilityConfiguration", - "type": "string" + "PolicyDocument": { + "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", + "title": "PolicyDocument", + "type": "object" }, - "CapabilityNamespace": { - "markdownDescription": "The namespace of the capability configuration. For example, if you configure OPC-UA sources from the AWS IoT SiteWise console, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:version` , where `version` is a number such as `1` .", - "title": "CapabilityNamespace", + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", "type": "string" } }, "required": [ - "CapabilityNamespace" + "PolicyDocument", + "PolicyName" ], "type": "object" }, - "AWS::IoTSiteWise::Gateway.GatewayPlatform": { + "AWS::IAM::RolePolicy": { "additionalProperties": false, "properties": { - "Greengrass": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.Greengrass" - }, - "GreengrassV2": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GreengrassV2", - "markdownDescription": "A gateway that runs on AWS IoT Greengrass V2 .", - "title": "GreengrassV2" + "Condition": { + "type": "string" }, - "SiemensIE": { - "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.SiemensIE", - "markdownDescription": "An AWS IoT SiteWise Edge gateway that runs on a Siemens Industrial Edge Device.", - "title": "SiemensIE" - } - }, - "type": "object" - }, - "AWS::IoTSiteWise::Gateway.Greengrass": { - "additionalProperties": false, - "properties": { - "GroupArn": { + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "GroupArn" - ], - "type": "object" - }, - "AWS::IoTSiteWise::Gateway.GreengrassV2": { - "additionalProperties": false, - "properties": { - "CoreDeviceThingName": { - "markdownDescription": "The name of the AWS IoT thing for your AWS IoT Greengrass V2 core device.", - "title": "CoreDeviceThingName", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", + "type": "string" + }, + "RoleName": { + "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "RoleName", + "type": "string" + } + }, + "required": [ + "PolicyName", + "RoleName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IAM::RolePolicy" + ], "type": "string" - } - }, - "required": [ - "CoreDeviceThingName" - ], - "type": "object" - }, - "AWS::IoTSiteWise::Gateway.SiemensIE": { - "additionalProperties": false, - "properties": { - "IotCoreThingName": { - "markdownDescription": "The name of the AWS IoT Thing for your AWS IoT SiteWise Edge gateway.", - "title": "IotCoreThingName", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "IotCoreThingName" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTSiteWise::Portal": { + "AWS::IAM::SAMLProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -130175,60 +139374,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Alarms": { - "$ref": "#/definitions/AWS::IoTSiteWise::Portal.Alarms", - "markdownDescription": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see [Monitoring with alarms](https://docs.aws.amazon.com/iot-sitewise/latest/appguide/monitor-alarms.html) in the *AWS IoT SiteWise Application Guide* .", - "title": "Alarms" - }, - "NotificationSenderEmail": { - "markdownDescription": "The email address that sends alarm notifications.\n\n> If you use the [AWS IoT Events managed Lambda function](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) to manage your emails, you must [verify the sender email address in Amazon SES](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html) .", - "title": "NotificationSenderEmail", + "AddPrivateKey": { + "markdownDescription": "Specifies the new private key from your external identity provider. The private key must be a .pem file that uses AES-GCM or AES-CBC encryption algorithm to decrypt SAML assertions.", + "title": "AddPrivateKey", "type": "string" }, - "PortalAuthMode": { - "markdownDescription": "The service to use to authenticate users to the portal. Choose from the following options:\n\n- `SSO` \u2013 The portal uses AWS IAM Identity Center to authenticate users and manage user permissions. Before you can create a portal that uses IAM Identity Center, you must enable IAM Identity Center. For more information, see [Enabling IAM Identity Center](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-get-started.html#mon-gs-sso) in the *AWS IoT SiteWise User Guide* . This option is only available in AWS Regions other than the China Regions.\n- `IAM` \u2013 The portal uses AWS Identity and Access Management to authenticate users and manage user permissions.\n\nYou can't change this value after you create a portal.\n\nDefault: `SSO`", - "title": "PortalAuthMode", + "AssertionEncryptionMode": { + "markdownDescription": "Specifies the encryption setting for the SAML provider.", + "title": "AssertionEncryptionMode", "type": "string" }, - "PortalContactEmail": { - "markdownDescription": "The AWS administrator's contact email address.", - "title": "PortalContactEmail", + "Name": { + "markdownDescription": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "Name", "type": "string" }, - "PortalDescription": { - "markdownDescription": "A description for the portal.", - "title": "PortalDescription", - "type": "string" + "PrivateKeyList": { + "items": { + "$ref": "#/definitions/AWS::IAM::SAMLProvider.SAMLPrivateKey" + }, + "markdownDescription": "The private key metadata for the SAML provider.", + "title": "PrivateKeyList", + "type": "array" }, - "PortalName": { - "markdownDescription": "A friendly name for the portal.", - "title": "PortalName", + "RemovePrivateKey": { + "markdownDescription": "The Key ID of the private key to remove.", + "title": "RemovePrivateKey", "type": "string" }, - "RoleArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf. For more information, see [Using service roles for AWS IoT SiteWise Monitor](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-service-role.html) in the *AWS IoT SiteWise User Guide* .", - "title": "RoleArn", + "SamlMetadataDocument": { + "markdownDescription": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*", + "title": "SamlMetadataDocument", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the portal. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", "title": "Tags", "type": "array" } }, - "required": [ - "PortalContactEmail", - "PortalName", - "RoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Portal" + "AWS::IAM::SAMLProvider" ], "type": "string" }, @@ -130242,28 +139434,31 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTSiteWise::Portal.Alarms": { + "AWS::IAM::SAMLProvider.SAMLPrivateKey": { "additionalProperties": false, "properties": { - "AlarmRoleArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events .", - "title": "AlarmRoleArn", + "KeyId": { + "markdownDescription": "The unique identifier for the SAML private key.", + "title": "KeyId", "type": "string" }, - "NotificationLambdaArn": { - "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Lambda function that manages alarm notifications. For more information, see [Managing alarm notifications](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) in the *AWS IoT Events Developer Guide* .", - "title": "NotificationLambdaArn", + "Timestamp": { + "markdownDescription": "The date and time, in [ISO 8601 date-time](https://docs.aws.amazon.com/http://www.iso.org/iso/iso8601) format, when the private key was uploaded.", + "title": "Timestamp", "type": "string" } }, + "required": [ + "KeyId", + "Timestamp" + ], "type": "object" }, - "AWS::IoTSiteWise::Project": { + "AWS::IAM::ServerCertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -130298,47 +139493,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AssetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list that contains the IDs of each asset associated with the project.", - "title": "AssetIds", - "type": "array" + "CertificateBody": { + "markdownDescription": "The contents of the public key certificate.", + "title": "CertificateBody", + "type": "string" }, - "PortalId": { - "markdownDescription": "The ID of the portal in which to create the project.", - "title": "PortalId", + "CertificateChain": { + "markdownDescription": "The contents of the public key certificate chain.", + "title": "CertificateChain", "type": "string" }, - "ProjectDescription": { - "markdownDescription": "A description for the project.", - "title": "ProjectDescription", + "Path": { + "markdownDescription": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` ).", + "title": "Path", "type": "string" }, - "ProjectName": { - "markdownDescription": "A friendly name for the project.", - "title": "ProjectName", + "PrivateKey": { + "markdownDescription": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PrivateKey", + "type": "string" + }, + "ServerCertificateName": { + "markdownDescription": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "ServerCertificateName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs that contain metadata for the project. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "markdownDescription": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", "title": "Tags", "type": "array" } }, - "required": [ - "PortalId", - "ProjectName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTSiteWise::Project" + "AWS::IAM::ServerCertificate" ], "type": "string" }, @@ -130352,12 +139545,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTThingsGraph::FlowTemplate": { + "AWS::IAM::ServiceLinkedRole": { "additionalProperties": false, "properties": { "Condition": { @@ -130392,21 +139584,27 @@ "Properties": { "additionalProperties": false, "properties": { - "CompatibleNamespaceVersion": { - "type": "number" + "AWSServiceName": { + "markdownDescription": "The service principal for the AWS service to which this role is attached. You use a string similar to a URL but without the http:// in front. For example: `elasticbeanstalk.amazonaws.com` .\n\nService principals are unique and case-sensitive. To find the exact service principal for your service-linked role, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the *IAM User Guide* . Look for the services that have *Yes* in the *Service-Linked Role* column. Choose the *Yes* link to view the service-linked role documentation for that service.", + "title": "AWSServiceName", + "type": "string" }, - "Definition": { - "$ref": "#/definitions/AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument" + "CustomSuffix": { + "markdownDescription": "A string that you provide, which is combined with the service-provided prefix to form the complete role name. If you make multiple requests for the same service, then you must supply a different `CustomSuffix` for each request. Otherwise the request fails with a duplicate role name error. For example, you could add `-1` or `-debug` to the suffix.\n\nSome services do not support the `CustomSuffix` parameter. If you provide an optional suffix and the operation fails, try the operation again without the suffix.", + "title": "CustomSuffix", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the role.", + "title": "Description", + "type": "string" } }, - "required": [ - "Definition" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTThingsGraph::FlowTemplate" + "AWS::IAM::ServiceLinkedRole" ], "type": "string" }, @@ -130420,28 +139618,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { - "additionalProperties": false, - "properties": { - "Language": { - "type": "string" - }, - "Text": { - "type": "string" - } - }, - "required": [ - "Language", - "Text" + "Type" ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType": { + "AWS::IAM::User": { "additionalProperties": false, "properties": { "Condition": { @@ -130476,99 +139657,64 @@ "Properties": { "additionalProperties": false, "properties": { - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", - "type": "string" - }, - "CompositeComponentTypes": { - "additionalProperties": false, - "markdownDescription": "Maps strings to `compositeComponentTypes` of the `componentType` . `CompositeComponentType` is referenced by `componentTypeId` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.CompositeComponentType" - } + "Groups": { + "items": { + "type": "string" }, - "title": "CompositeComponentTypes", - "type": "object" + "markdownDescription": "A list of group names to which you want to add the user.", + "title": "Groups", + "type": "array" }, - "Description": { - "markdownDescription": "The description of the component type.", - "title": "Description", - "type": "string" + "LoginProfile": { + "$ref": "#/definitions/AWS::IAM::User.LoginProfile", + "markdownDescription": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the AWS Management Console .\n\nYou can use the AWS CLI , the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the AWS Management Console .\n\nFor more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *IAM User Guide* .", + "title": "LoginProfile" }, - "ExtendsFrom": { + "ManagedPolicyArns": { "items": { "type": "string" }, - "markdownDescription": "The name of the parent component type that this component type extends.", - "title": "ExtendsFrom", + "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "ManagedPolicyArns", "type": "array" }, - "Functions": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the functions in the component type. Each string in the mapping must be unique to this object.\n\nFor information on the FunctionResponse object see the [FunctionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_FunctionResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Function" - } - }, - "title": "Functions", - "type": "object" - }, - "IsSingleton": { - "markdownDescription": "A boolean value that specifies whether an entity can have more than one component of this type.", - "title": "IsSingleton", - "type": "boolean" + "Path": { + "markdownDescription": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", + "type": "string" }, - "PropertyDefinitions": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property definitions in the component type. Each string in the mapping must be unique to this object.\n\nFor information about the PropertyDefinitionResponse object, see the [PropertyDefinitionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_PropertyDefinitionResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyDefinition" - } - }, - "title": "PropertyDefinitions", - "type": "object" + "PermissionsBoundary": { + "markdownDescription": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n\nA permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\nFor more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide* .", + "title": "PermissionsBoundary", + "type": "string" }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyGroup" - } + "Policies": { + "items": { + "$ref": "#/definitions/AWS::IAM::User.Policy" }, - "title": "PropertyGroups", - "type": "object" + "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an IAM User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user) .\n\n> The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a user, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", + "title": "Policies", + "type": "array" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The ComponentType tags.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", "title": "Tags", - "type": "object" + "type": "array" }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the component type.", - "title": "WorkspaceId", + "UserName": { + "markdownDescription": "The name of the user to create. Do not include the path in this value.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "title": "UserName", "type": "string" } }, - "required": [ - "ComponentTypeId", - "WorkspaceId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::ComponentType" + "AWS::IAM::User" ], "type": "string" }, @@ -130582,304 +139728,50 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.CompositeComponentType": { + "AWS::IAM::User.LoginProfile": { "additionalProperties": false, "properties": { - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", + "Password": { + "markdownDescription": "The user's password.", + "title": "Password", "type": "string" + }, + "PasswordResetRequired": { + "markdownDescription": "Specifies whether the user is required to set a new password on next sign-in.", + "title": "PasswordResetRequired", + "type": "boolean" } }, + "required": [ + "Password" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.DataConnector": { + "AWS::IAM::User.Policy": { "additionalProperties": false, "properties": { - "IsNative": { - "markdownDescription": "A boolean value that specifies whether the data connector is native to IoT TwinMaker.", - "title": "IsNative", - "type": "boolean" + "PolicyDocument": { + "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", + "title": "PolicyDocument", + "type": "object" }, - "Lambda": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.LambdaFunction", - "markdownDescription": "The Lambda function associated with the data connector.", - "title": "Lambda" + "PolicyName": { + "markdownDescription": "The friendly name (not ARN) identifying the policy.", + "title": "PolicyName", + "type": "string" } }, + "required": [ + "PolicyDocument", + "PolicyName" + ], "type": "object" }, - "AWS::IoTTwinMaker::ComponentType.DataType": { - "additionalProperties": false, - "properties": { - "AllowedValues": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - }, - "markdownDescription": "The allowed values for this data type.", - "title": "AllowedValues", - "type": "array" - }, - "NestedType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", - "markdownDescription": "The nested type in the data type.", - "title": "NestedType" - }, - "Relationship": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Relationship", - "markdownDescription": "A relationship that associates a component with another component.", - "title": "Relationship" - }, - "Type": { - "markdownDescription": "The underlying type of the data type.\n\nValid Values: `RELATIONSHIP | STRING | LONG | BOOLEAN | INTEGER | DOUBLE | LIST | MAP`", - "title": "Type", - "type": "string" - }, - "UnitOfMeasure": { - "markdownDescription": "The unit of measure used in this data type.", - "title": "UnitOfMeasure", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.DataValue": { - "additionalProperties": false, - "properties": { - "BooleanValue": { - "markdownDescription": "A boolean value.", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "A double value.", - "title": "DoubleValue", - "type": "number" - }, - "Expression": { - "markdownDescription": "An expression that produces the value.", - "title": "Expression", - "type": "string" - }, - "IntegerValue": { - "markdownDescription": "An integer value.", - "title": "IntegerValue", - "type": "number" - }, - "ListValue": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - }, - "markdownDescription": "A list of multiple values.", - "title": "ListValue", - "type": "array" - }, - "LongValue": { - "markdownDescription": "A long value.", - "title": "LongValue", - "type": "number" - }, - "MapValue": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to multiple `DataValue` objects.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" - } - }, - "title": "MapValue", - "type": "object" - }, - "RelationshipValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.RelationshipValue", - "markdownDescription": "A value that relates a component to another component.", - "title": "RelationshipValue" - }, - "StringValue": { - "markdownDescription": "A string value.", - "title": "StringValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.Error": { - "additionalProperties": false, - "properties": { - "Code": { - "markdownDescription": "The component type error code.", - "title": "Code", - "type": "string" - }, - "Message": { - "markdownDescription": "The component type error message.", - "title": "Message", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.Function": { - "additionalProperties": false, - "properties": { - "ImplementedBy": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataConnector", - "markdownDescription": "The data connector.", - "title": "ImplementedBy" - }, - "RequiredProperties": { - "items": { - "type": "string" - }, - "markdownDescription": "The required properties of the function.", - "title": "RequiredProperties", - "type": "array" - }, - "Scope": { - "markdownDescription": "The scope of the function.", - "title": "Scope", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.LambdaFunction": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Lambda function ARN.", - "title": "Arn", - "type": "string" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.PropertyDefinition": { - "additionalProperties": false, - "properties": { - "Configurations": { - "additionalProperties": true, - "markdownDescription": "A mapping that specifies configuration information about the property.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Configurations", - "type": "object" - }, - "DataType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", - "markdownDescription": "", - "title": "DataType" - }, - "DefaultValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue", - "markdownDescription": "A boolean value that specifies whether the property ID comes from an external data store.", - "title": "DefaultValue" - }, - "IsExternalId": { - "markdownDescription": "A Boolean value that specifies whether the property ID comes from an external data source.", - "title": "IsExternalId", - "type": "boolean" - }, - "IsRequiredInEntity": { - "markdownDescription": "A boolean value that specifies whether the property is required in an entity.", - "title": "IsRequiredInEntity", - "type": "boolean" - }, - "IsStoredExternally": { - "markdownDescription": "A boolean value that specifies whether the property is stored externally.", - "title": "IsStoredExternally", - "type": "boolean" - }, - "IsTimeSeries": { - "markdownDescription": "A boolean value that specifies whether the property consists of time series data.", - "title": "IsTimeSeries", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.PropertyGroup": { - "additionalProperties": false, - "properties": { - "GroupType": { - "markdownDescription": "The group type.", - "title": "GroupType", - "type": "string" - }, - "PropertyNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The property names.", - "title": "PropertyNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.Relationship": { - "additionalProperties": false, - "properties": { - "RelationshipType": { - "markdownDescription": "The type of the relationship.", - "title": "RelationshipType", - "type": "string" - }, - "TargetComponentTypeId": { - "markdownDescription": "The ID of the target component type associated with this relationship.", - "title": "TargetComponentTypeId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.RelationshipValue": { - "additionalProperties": false, - "properties": { - "TargetComponentName": { - "markdownDescription": "The target component name.", - "title": "TargetComponentName", - "type": "string" - }, - "TargetEntityId": { - "markdownDescription": "The target entity Id.", - "title": "TargetEntityId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::ComponentType.Status": { - "additionalProperties": false, - "properties": { - "Error": { - "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Error", - "markdownDescription": "The component type error.", - "title": "Error" - }, - "State": { - "markdownDescription": "The component type status state.", - "title": "State", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity": { + "AWS::IAM::UserPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -130914,74 +139806,31 @@ "Properties": { "additionalProperties": false, "properties": { - "Components": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the components in the entity. Each string in the mapping must be unique to this object.\n\nFor information on the component object see the [component](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_ComponentResponse.html) API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Component" - } - }, - "title": "Components", - "type": "object" - }, - "CompositeComponents": { - "additionalProperties": false, - "markdownDescription": "Maps string to `compositeComponent` updates in the request. Each key of the map represents the `componentPath` of the `compositeComponent` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.CompositeComponent" - } - }, - "title": "CompositeComponents", + "PolicyDocument": { + "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "title": "PolicyDocument", "type": "object" }, - "Description": { - "markdownDescription": "The description of the entity.", - "title": "Description", - "type": "string" - }, - "EntityId": { - "markdownDescription": "The ID of the entity.", - "title": "EntityId", - "type": "string" - }, - "EntityName": { - "markdownDescription": "The entity name.", - "title": "EntityName", - "type": "string" - }, - "ParentEntityId": { - "markdownDescription": "The ID of the parent entity.", - "title": "ParentEntityId", + "PolicyName": { + "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "PolicyName", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can use to manage the entity.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the entity.", - "title": "WorkspaceId", + "UserName": { + "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "UserName", "type": "string" } }, "required": [ - "EntityName", - "WorkspaceId" + "PolicyName", + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Entity" + "AWS::IAM::UserPolicy" ], "type": "string" }, @@ -131000,368 +139849,83 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::Entity.Component": { + "AWS::IAM::UserToGroupAddition": { "additionalProperties": false, "properties": { - "ComponentName": { - "markdownDescription": "The name of the component.", - "title": "ComponentName", - "type": "string" - }, - "ComponentTypeId": { - "markdownDescription": "The ID of the component type.", - "title": "ComponentTypeId", - "type": "string" - }, - "DefinedIn": { - "markdownDescription": "The name of the property definition set in the request.", - "title": "DefinedIn", + "Condition": { "type": "string" }, - "Description": { - "markdownDescription": "The description of the component.", - "title": "Description", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Properties": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "Properties", - "type": "object" + ] }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" - } - }, - "title": "PropertyGroups", + "Metadata": { "type": "object" }, - "Status": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", - "markdownDescription": "The status of the component.", - "title": "Status" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.CompositeComponent": { - "additionalProperties": false, - "properties": { - "ComponentName": { - "markdownDescription": "The name of the component.", - "title": "ComponentName", - "type": "string" - }, - "ComponentPath": { - "markdownDescription": "The path to the composite component, starting from the top-level component.", - "title": "ComponentPath", - "type": "string" - }, - "ComponentTypeId": { - "markdownDescription": "The ID of the composite component type.", - "title": "ComponentTypeId", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the component type.", - "title": "Description", - "type": "string" - }, "Properties": { "additionalProperties": false, - "markdownDescription": "Map of strings to the properties in the component type. Each string in the mapping must be unique to this component.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" - } - }, - "title": "Properties", - "type": "object" - }, - "PropertyGroups": { - "additionalProperties": false, - "markdownDescription": "The property groups.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" - } - }, - "title": "PropertyGroups", - "type": "object" - }, - "Status": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", - "markdownDescription": "The current status of the composite component.", - "title": "Status" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.DataType": { - "additionalProperties": false, - "properties": { - "AllowedValues": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - }, - "markdownDescription": "The allowed values.", - "title": "AllowedValues", - "type": "array" - }, - "NestedType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", - "markdownDescription": "The nested type.", - "title": "NestedType" - }, - "Relationship": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Relationship", - "markdownDescription": "The relationship.", - "title": "Relationship" - }, - "Type": { - "markdownDescription": "The entity type.", - "title": "Type", - "type": "string" - }, - "UnitOfMeasure": { - "markdownDescription": "The unit of measure.", - "title": "UnitOfMeasure", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.DataValue": { - "additionalProperties": false, - "properties": { - "BooleanValue": { - "markdownDescription": "A boolean value.", - "title": "BooleanValue", - "type": "boolean" - }, - "DoubleValue": { - "markdownDescription": "A double value.", - "title": "DoubleValue", - "type": "number" - }, - "Expression": { - "markdownDescription": "An expression that produces the value.", - "title": "Expression", - "type": "string" - }, - "IntegerValue": { - "markdownDescription": "An integer value.", - "title": "IntegerValue", - "type": "number" - }, - "ListValue": { - "items": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - }, - "markdownDescription": "A list of multiple values.", - "title": "ListValue", - "type": "array" - }, - "LongValue": { - "markdownDescription": "A long value.", - "title": "LongValue", - "type": "number" - }, - "MapValue": { - "additionalProperties": false, - "markdownDescription": "An object that maps strings to multiple DataValue objects.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" - } - }, - "title": "MapValue", - "type": "object" - }, - "RelationshipValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.RelationshipValue", - "markdownDescription": "A value that relates a component to another component.", - "title": "RelationshipValue" - }, - "StringValue": { - "markdownDescription": "A string value.", - "title": "StringValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.Definition": { - "additionalProperties": false, - "properties": { - "Configuration": { - "additionalProperties": true, - "markdownDescription": "The configuration.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "properties": { + "GroupName": { + "markdownDescription": "The name of the group to update.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "GroupName", "type": "string" + }, + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the names of the users that you want to add to the group.", + "title": "Users", + "type": "array" } }, - "title": "Configuration", + "required": [ + "GroupName", + "Users" + ], "type": "object" }, - "DataType": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", - "markdownDescription": "The data type", - "title": "DataType" - }, - "DefaultValue": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", - "markdownDescription": "The default value.", - "title": "DefaultValue" - }, - "IsExternalId": { - "markdownDescription": "Displays if the entity has a external Id.", - "title": "IsExternalId", - "type": "boolean" - }, - "IsFinal": { - "markdownDescription": "Displays if the entity is final.", - "title": "IsFinal", - "type": "boolean" - }, - "IsImported": { - "markdownDescription": "Displays if the entity is imported.", - "title": "IsImported", - "type": "boolean" - }, - "IsInherited": { - "markdownDescription": "Displays if the entity is inherited.", - "title": "IsInherited", - "type": "boolean" - }, - "IsRequiredInEntity": { - "markdownDescription": "Displays if the entity is a required entity.", - "title": "IsRequiredInEntity", - "type": "boolean" - }, - "IsStoredExternally": { - "markdownDescription": "Displays if the entity is tored externally.", - "title": "IsStoredExternally", - "type": "boolean" - }, - "IsTimeSeries": { - "markdownDescription": "Displays if the entity", - "title": "IsTimeSeries", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.Error": { - "additionalProperties": false, - "properties": { - "Code": { - "markdownDescription": "The entity error code.", - "title": "Code", - "type": "string" - }, - "Message": { - "markdownDescription": "The entity error message.", - "title": "Message", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.Property": { - "additionalProperties": false, - "properties": { - "Definition": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Definition", - "markdownDescription": "An object that specifies information about a property.", - "title": "Definition" - }, - "Value": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", - "markdownDescription": "An object that contains information about a value for a time series property.", - "title": "Value" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.PropertyGroup": { - "additionalProperties": false, - "properties": { - "GroupType": { - "markdownDescription": "The group type.", - "title": "GroupType", - "type": "string" - }, - "PropertyNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The property names.", - "title": "PropertyNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.Relationship": { - "additionalProperties": false, - "properties": { - "RelationshipType": { - "markdownDescription": "The relationship type.", - "title": "RelationshipType", - "type": "string" - }, - "TargetComponentTypeId": { - "markdownDescription": "the component type Id target.", - "title": "TargetComponentTypeId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.RelationshipValue": { - "additionalProperties": false, - "properties": { - "TargetComponentName": { - "markdownDescription": "The target component name.", - "title": "TargetComponentName", - "type": "string" - }, - "TargetEntityId": { - "markdownDescription": "The target entity Id.", - "title": "TargetEntityId", + "Type": { + "enum": [ + "AWS::IAM::UserToGroupAddition" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTTwinMaker::Entity.Status": { - "additionalProperties": false, - "properties": { - "Error": { - "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Error", - "markdownDescription": "The error message.", - "title": "Error" }, - "State": { - "markdownDescription": "The current state of the entity, component, component type, or workspace.\n\nValid Values: `CREATING | UPDATING | DELETING | ACTIVE | ERROR`", - "title": "State", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::IoTTwinMaker::Scene": { + "AWS::IAM::VirtualMFADevice": { "additionalProperties": false, "properties": { "Condition": { @@ -131396,67 +139960,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Capabilities": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of capabilities that the scene uses to render.", - "title": "Capabilities", - "type": "array" - }, - "ContentLocation": { - "markdownDescription": "The relative path that specifies the location of the content definition file.", - "title": "ContentLocation", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of this scene.", - "title": "Description", - "type": "string" - }, - "SceneId": { - "markdownDescription": "The ID of the scene.", - "title": "SceneId", + "Path": { + "markdownDescription": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "title": "Path", "type": "string" }, - "SceneMetadata": { - "additionalProperties": true, - "markdownDescription": "The scene metadata.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "SceneMetadata", - "type": "object" - }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The ComponentType tags.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", "title": "Tags", - "type": "object" + "type": "array" }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace.", - "title": "WorkspaceId", + "Users": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM user associated with this virtual MFA device.", + "title": "Users", + "type": "array" + }, + "VirtualMfaDeviceName": { + "markdownDescription": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "title": "VirtualMfaDeviceName", "type": "string" } }, "required": [ - "ContentLocation", - "SceneId", - "WorkspaceId" + "Users" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Scene" + "AWS::IAM::VirtualMFADevice" ], "type": "string" }, @@ -131475,7 +140013,7 @@ ], "type": "object" }, - "AWS::IoTTwinMaker::SyncJob": { + "AWS::IVS::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -131510,43 +140048,65 @@ "Properties": { "additionalProperties": false, "properties": { - "SyncRole": { - "markdownDescription": "The SyncJob IAM role. This IAM role is used by the sync job to read from the syncSource, and create, update or delete the corresponding resources.", - "title": "SyncRole", + "Authorized": { + "markdownDescription": "Whether the channel is authorized.\n\n*Default* : `false`", + "title": "Authorized", + "type": "boolean" + }, + "ContainerFormat": { + "markdownDescription": "Indicates which content-packaging format is used (MPEG-TS or fMP4). If `multitrackInputConfiguration` is specified and `enabled` is `true` , then `containerFormat` is required and must be set to `FRAGMENTED_MP4` . Otherwise, `containerFormat` may be set to `TS` or `FRAGMENTED_MP4` . Default: `TS` .", + "title": "ContainerFormat", "type": "string" }, - "SyncSource": { - "markdownDescription": "The sync source.\n\n> Currently the only supported syncSoucre is `SITEWISE` .", - "title": "SyncSource", + "InsecureIngest": { + "markdownDescription": "Whether the channel allows insecure RTMP ingest.\n\n*Default* : `false`", + "title": "InsecureIngest", + "type": "boolean" + }, + "LatencyMode": { + "markdownDescription": "Channel latency mode. Valid values:\n\n- `NORMAL` : Use NORMAL to broadcast and deliver live video up to Full HD.\n- `LOW` : Use LOW for near real-time interactions with viewers.\n\n> In the console, `LOW` and `NORMAL` correspond to `Ultra-low` and `Standard` , respectively. \n\n*Default* : `LOW`", + "title": "LatencyMode", + "type": "string" + }, + "MultitrackInputConfiguration": { + "$ref": "#/definitions/AWS::IVS::Channel.MultitrackInputConfiguration", + "markdownDescription": "Object specifying multitrack input configuration. Default: no multitrack input configuration is specified.", + "title": "MultitrackInputConfiguration" + }, + "Name": { + "markdownDescription": "Channel name.", + "title": "Name", + "type": "string" + }, + "Preset": { + "markdownDescription": "An optional transcode preset for the channel. This is selectable only for `ADVANCED_HD` and `ADVANCED_SD` channel types. For those channel types, the default preset is `HIGHER_BANDWIDTH_DELIVERY` . For other channel types ( `BASIC` and `STANDARD` ), `preset` is the empty string (\"\").", + "title": "Preset", + "type": "string" + }, + "RecordingConfigurationArn": { + "markdownDescription": "The ARN of a RecordingConfiguration resource. An empty string indicates that recording is disabled for the channel. A RecordingConfiguration ARN indicates that recording is enabled using the specified recording configuration. See the [RecordingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ivs-recordingconfiguration.html) resource for more information and an example.\n\n*Default* : \"\" (empty string, recording is disabled)", + "title": "RecordingConfigurationArn", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata you can use to manage the SyncJob.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-channel-tag.html) .", "title": "Tags", - "type": "object" + "type": "array" }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace that contains the sync job.", - "title": "WorkspaceId", + "Type": { + "markdownDescription": "The channel type, which determines the allowable resolution and bitrate. *If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately.* For details, see [Channel Types](https://docs.aws.amazon.com/ivs/latest/LowLatencyAPIReference/channel-types.html) .\n\n*Default* : `STANDARD`", + "title": "Type", "type": "string" } }, - "required": [ - "SyncRole", - "SyncSource", - "WorkspaceId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::SyncJob" + "AWS::IVS::Channel" ], "type": "string" }, @@ -131560,12 +140120,32 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTTwinMaker::Workspace": { + "AWS::IVS::Channel.MultitrackInputConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether multitrack input is enabled. Can be set to `true` only if channel type is `STANDARD` . Setting `enabled` to `true` with any other channel type will cause an exception. If `true` , then `policy` , `maximumResolution` , and `containerFormat` are required, and `containerFormat` must be set to `FRAGMENTED_MP4` . Default: `false` .", + "title": "Enabled", + "type": "boolean" + }, + "MaximumResolution": { + "markdownDescription": "Maximum resolution for multitrack input. Required if `enabled` is `true` .", + "title": "MaximumResolution", + "type": "string" + }, + "Policy": { + "markdownDescription": "Indicates whether multitrack input is allowed or required. Required if `enabled` is `true` .", + "title": "Policy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IVS::EncoderConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -131600,48 +140180,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the workspace.", - "title": "Description", - "type": "string" - }, - "Role": { - "markdownDescription": "The ARN of the execution role associated with the workspace.", - "title": "Role", - "type": "string" - }, - "S3Location": { - "markdownDescription": "The ARN of the S3 bucket where resources associated with the workspace are stored.", - "title": "S3Location", + "Name": { + "markdownDescription": "Encoder cnfiguration name.", + "title": "Name", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata that you can use to manage the workspace.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-tag.html) .", "title": "Tags", - "type": "object" + "type": "array" }, - "WorkspaceId": { - "markdownDescription": "The ID of the workspace.", - "title": "WorkspaceId", - "type": "string" + "Video": { + "$ref": "#/definitions/AWS::IVS::EncoderConfiguration.Video", + "markdownDescription": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps. See the [Video](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-video.html) property type for more information.", + "title": "Video" } }, - "required": [ - "Role", - "S3Location", - "WorkspaceId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTTwinMaker::Workspace" + "AWS::IVS::EncoderConfiguration" ], "type": "string" }, @@ -131655,12 +140217,37 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTWireless::Destination": { + "AWS::IVS::EncoderConfiguration.Video": { + "additionalProperties": false, + "properties": { + "Bitrate": { + "markdownDescription": "Bitrate for generated output, in bps. Default: 2500000.", + "title": "Bitrate", + "type": "number" + }, + "Framerate": { + "markdownDescription": "Video frame rate, in fps. Default: 30.", + "title": "Framerate", + "type": "number" + }, + "Height": { + "markdownDescription": "Video-resolution height. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720.", + "title": "Height", + "type": "number" + }, + "Width": { + "markdownDescription": "Video-resolution width. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280.", + "title": "Width", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IVS::IngestConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -131695,50 +140282,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the new resource. Maximum length is 2048 characters.", - "title": "Description", - "type": "string" - }, - "Expression": { - "markdownDescription": "The rule name to send messages to.", - "title": "Expression", + "IngestProtocol": { + "markdownDescription": "Type of ingest protocol that the user employs for broadcasting.", + "title": "IngestProtocol", "type": "string" }, - "ExpressionType": { - "markdownDescription": "The type of value in `Expression` .", - "title": "ExpressionType", - "type": "string" + "InsecureIngest": { + "markdownDescription": "Whether the channel allows insecure RTMP ingest. Default: `false` .", + "title": "InsecureIngest", + "type": "boolean" }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "Ingest name.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM Role that authorizes the destination.", - "title": "RoleArn", + "StageArn": { + "markdownDescription": "ARN of the stage with which the IngestConfiguration is associated.", + "title": "StageArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" + }, + "UserId": { + "markdownDescription": "Customer-assigned name to help identify the participant using the IngestConfiguration; this can be used to link a participant to a user in the customer\u2019s own systems. This can be any UTF-8 encoded text. *This field is exposed to all stage participants and should not be used for personally identifying, confidential, or sensitive information.*", + "title": "UserId", + "type": "string" } }, - "required": [ - "Expression", - "ExpressionType", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::Destination" + "AWS::IVS::IngestConfiguration" ], "type": "string" }, @@ -131752,12 +140334,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTWireless::DeviceProfile": { + "AWS::IVS::PlaybackKeyPair": { "additionalProperties": false, "properties": { "Condition": { @@ -131792,21 +140373,21 @@ "Properties": { "additionalProperties": false, "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile", - "markdownDescription": "LoRaWAN device profile object.", - "title": "LoRaWAN" - }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "Playback-key-pair name. The value does not need to be unique.", "title": "Name", "type": "string" }, + "PublicKeyMaterial": { + "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PlaybackKeyPair resource.", + "title": "PublicKeyMaterial", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackkeypair-tag.html) .", "title": "Tags", "type": "array" } @@ -131815,7 +140396,7 @@ }, "Type": { "enum": [ - "AWS::IoTWireless::DeviceProfile" + "AWS::IVS::PlaybackKeyPair" ], "type": "string" }, @@ -131833,123 +140414,19 @@ ], "type": "object" }, - "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { + "AWS::IVS::PlaybackRestrictionPolicy": { "additionalProperties": false, "properties": { - "ClassBTimeout": { - "markdownDescription": "The ClassBTimeout value.", - "title": "ClassBTimeout", - "type": "number" - }, - "ClassCTimeout": { - "markdownDescription": "The ClassCTimeout value.", - "title": "ClassCTimeout", - "type": "number" - }, - "FactoryPresetFreqsList": { - "items": { - "type": "number" - }, - "markdownDescription": "The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000.", - "title": "FactoryPresetFreqsList", - "type": "array" - }, - "MacVersion": { - "markdownDescription": "The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile.", - "title": "MacVersion", + "Condition": { "type": "string" }, - "MaxDutyCycle": { - "markdownDescription": "The MaxDutyCycle value.", - "title": "MaxDutyCycle", - "type": "number" - }, - "MaxEirp": { - "markdownDescription": "The MaxEIRP value.", - "title": "MaxEirp", - "type": "number" - }, - "PingSlotDr": { - "markdownDescription": "The PingSlotDR value.", - "title": "PingSlotDr", - "type": "number" - }, - "PingSlotFreq": { - "markdownDescription": "The PingSlotFreq value.", - "title": "PingSlotFreq", - "type": "number" - }, - "PingSlotPeriod": { - "markdownDescription": "The PingSlotPeriod value.", - "title": "PingSlotPeriod", - "type": "number" - }, - "RegParamsRevision": { - "markdownDescription": "The version of regional parameters.", - "title": "RegParamsRevision", - "type": "string" - }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", - "type": "string" - }, - "RxDataRate2": { - "markdownDescription": "The RXDataRate2 value.", - "title": "RxDataRate2", - "type": "number" - }, - "RxDelay1": { - "markdownDescription": "The RXDelay1 value.", - "title": "RxDelay1", - "type": "number" - }, - "RxDrOffset1": { - "markdownDescription": "The RXDROffset1 value.", - "title": "RxDrOffset1", - "type": "number" - }, - "RxFreq2": { - "markdownDescription": "The RXFreq2 value.", - "title": "RxFreq2", - "type": "number" - }, - "Supports32BitFCnt": { - "markdownDescription": "The Supports32BitFCnt value.", - "title": "Supports32BitFCnt", - "type": "boolean" - }, - "SupportsClassB": { - "markdownDescription": "The SupportsClassB value.", - "title": "SupportsClassB", - "type": "boolean" - }, - "SupportsClassC": { - "markdownDescription": "The SupportsClassC value.", - "title": "SupportsClassC", - "type": "boolean" - }, - "SupportsJoin": { - "markdownDescription": "The SupportsJoin value.", - "title": "SupportsJoin", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::IoTWireless::FuotaTask": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, "DependsOn": { "anyOf": [ @@ -131972,48 +140449,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociateMulticastGroup": { - "markdownDescription": "The ID of the multicast group to associate with a FUOTA task.", - "title": "AssociateMulticastGroup", - "type": "string" - }, - "AssociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to associate with a multicast group.", - "title": "AssociateWirelessDevice", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the new resource.", - "title": "Description", - "type": "string" - }, - "DisassociateMulticastGroup": { - "markdownDescription": "The ID of the multicast group to disassociate from a FUOTA task.", - "title": "DisassociateMulticastGroup", - "type": "string" - }, - "DisassociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to disassociate from a FUOTA task.", - "title": "DisassociateWirelessDevice", - "type": "string" - }, - "FirmwareUpdateImage": { - "markdownDescription": "The S3 URI points to a firmware update image that is to be used with a FUOTA task.", - "title": "FirmwareUpdateImage", - "type": "string" + "AllowedCountries": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of country codes that control geoblocking restrictions. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array).", + "title": "AllowedCountries", + "type": "array" }, - "FirmwareUpdateRole": { - "markdownDescription": "The firmware update role that is to be used with a FUOTA task.", - "title": "FirmwareUpdateRole", - "type": "string" + "AllowedOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\"](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)", + "title": "AllowedOrigins", + "type": "array" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::FuotaTask.LoRaWAN", - "markdownDescription": "The LoRaWAN information used with a FUOTA task.", - "title": "LoRaWAN" + "EnableStrictOriginEnforcement": { + "markdownDescription": "Whether channel playback is constrained by the origin site.", + "title": "EnableStrictOriginEnforcement", + "type": "boolean" }, "Name": { - "markdownDescription": "The name of a FUOTA task.", + "markdownDescription": "Playback-restriction-policy name.", "title": "Name", "type": "string" }, @@ -132021,21 +140479,20 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackrestrictionpolicy-tag.html) .", "title": "Tags", "type": "array" } }, "required": [ - "FirmwareUpdateImage", - "FirmwareUpdateRole", - "LoRaWAN" + "AllowedCountries", + "AllowedOrigins" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::FuotaTask" + "AWS::IVS::PlaybackRestrictionPolicy" ], "type": "string" }, @@ -132054,26 +140511,7 @@ ], "type": "object" }, - "AWS::IoTWireless::FuotaTask.LoRaWAN": { - "additionalProperties": false, - "properties": { - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", - "type": "string" - }, - "StartTime": { - "markdownDescription": "Start time of a FUOTA task.", - "title": "StartTime", - "type": "string" - } - }, - "required": [ - "RfRegion" - ], - "type": "object" - }, - "AWS::IoTWireless::MulticastGroup": { + "AWS::IVS::PublicKey": { "additionalProperties": false, "properties": { "Condition": { @@ -132108,48 +140546,30 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to associate with a multicast group.", - "title": "AssociateWirelessDevice", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the multicast group.", - "title": "Description", - "type": "string" - }, - "DisassociateWirelessDevice": { - "markdownDescription": "The ID of the wireless device to disassociate from a multicast group.", - "title": "DisassociateWirelessDevice", - "type": "string" - }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::MulticastGroup.LoRaWAN", - "markdownDescription": "The LoRaWAN information that is to be used with the multicast group.", - "title": "LoRaWAN" - }, "Name": { - "markdownDescription": "The name of the multicast group.", + "markdownDescription": "Public key name. The value does not need to be unique.", "title": "Name", "type": "string" }, + "PublicKeyMaterial": { + "markdownDescription": "The public portion of a customer-generated key pair. Note that this field is required to create the AWS::IVS::PublicKey resource.", + "title": "PublicKeyMaterial", + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, - "required": [ - "LoRaWAN" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::MulticastGroup" + "AWS::IVS::PublicKey" ], "type": "string" }, @@ -132163,42 +140583,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::IoTWireless::MulticastGroup.LoRaWAN": { - "additionalProperties": false, - "properties": { - "DlClass": { - "markdownDescription": "DlClass for LoRaWAN. Valid values are ClassB and ClassC.", - "title": "DlClass", - "type": "string" - }, - "NumberOfDevicesInGroup": { - "markdownDescription": "Number of devices that are associated to the multicast group.", - "title": "NumberOfDevicesInGroup", - "type": "number" - }, - "NumberOfDevicesRequested": { - "markdownDescription": "Number of devices that are requested to be associated with the multicast group.", - "title": "NumberOfDevicesRequested", - "type": "number" - }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", - "type": "string" - } - }, - "required": [ - "DlClass", - "RfRegion" + "Type" ], "type": "object" }, - "AWS::IoTWireless::NetworkAnalyzerConfiguration": { + "AWS::IVS::RecordingConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -132233,54 +140622,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the resource.", - "title": "Description", - "type": "string" + "DestinationConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.DestinationConfiguration", + "markdownDescription": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information.", + "title": "DestinationConfiguration" }, "Name": { - "markdownDescription": "Name of the network analyzer configuration.", + "markdownDescription": "Recording-configuration name. The value does not need to be unique.", "title": "Name", "type": "string" }, + "RecordingReconnectWindowSeconds": { + "markdownDescription": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n\n*Default* : `0`", + "title": "RecordingReconnectWindowSeconds", + "type": "number" + }, + "RenditionConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.RenditionConfiguration", + "markdownDescription": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information.", + "title": "RenditionConfiguration" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to attach to the specified resource. Tags are metadata that you can use to manage a resource.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-tag.html) .", "title": "Tags", "type": "array" }, - "TraceContent": { - "$ref": "#/definitions/AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent", - "markdownDescription": "Trace content for your wireless gateway and wireless device resources.", - "title": "TraceContent" - }, - "WirelessDevices": { - "items": { - "type": "string" - }, - "markdownDescription": "Wireless device resources to add to the network analyzer configuration. Provide the `WirelessDeviceId` of the resource to add in the input array.", - "title": "WirelessDevices", - "type": "array" - }, - "WirelessGateways": { - "items": { - "type": "string" - }, - "markdownDescription": "Wireless gateway resources to add to the network analyzer configuration. Provide the `WirelessGatewayId` of the resource to add in the input array.", - "title": "WirelessGateways", - "type": "array" + "ThumbnailConfiguration": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.ThumbnailConfiguration", + "markdownDescription": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information.", + "title": "ThumbnailConfiguration" } }, "required": [ - "Name" + "DestinationConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::NetworkAnalyzerConfiguration" + "AWS::IVS::RecordingConfiguration" ], "type": "string" }, @@ -132299,23 +140682,80 @@ ], "type": "object" }, - "AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent": { + "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { "additionalProperties": false, "properties": { - "LogLevel": { - "markdownDescription": "The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs", - "title": "LogLevel", + "S3": { + "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.S3DestinationConfiguration", + "markdownDescription": "An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::IVS::RecordingConfiguration.RenditionConfiguration": { + "additionalProperties": false, + "properties": { + "RenditionSelection": { + "markdownDescription": "The set of renditions are recorded for a stream. For `BASIC` channels, the `CUSTOM` value has no effect. If `CUSTOM` is specified, a set of renditions can be specified in the `renditions` field. Default: `ALL` .", + "title": "RenditionSelection", "type": "string" }, - "WirelessDeviceFrameInfo": { - "markdownDescription": "`FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server.", - "title": "WirelessDeviceFrameInfo", + "Renditions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of which renditions are recorded for a stream, if `renditionSelection` is `CUSTOM` ; otherwise, this field is irrelevant. The selected renditions are recorded if they are available during the stream. If a selected rendition is unavailable, the best available rendition is recorded. For details on the resolution dimensions of each rendition, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", + "title": "Renditions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IVS::RecordingConfiguration.S3DestinationConfiguration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "Location (S3 bucket name) where recorded videos will be stored.", + "title": "BucketName", "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::IoTWireless::PartnerAccount": { + "AWS::IVS::RecordingConfiguration.ThumbnailConfiguration": { + "additionalProperties": false, + "properties": { + "RecordingMode": { + "markdownDescription": "Thumbnail recording mode. Valid values:\n\n- `DISABLED` : Use DISABLED to disable the generation of thumbnails for recorded video.\n- `INTERVAL` : Use INTERVAL to enable the generation of thumbnails for recorded video at a time interval controlled by the [TargetIntervalSeconds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-targetintervalseconds) property.\n\n*Default* : `INTERVAL`", + "title": "RecordingMode", + "type": "string" + }, + "Resolution": { + "markdownDescription": "The desired resolution of recorded thumbnails for a stream. Thumbnails are recorded at the selected resolution if the corresponding rendition is available during the stream; otherwise, they are recorded at source resolution. For more information about resolution values and their corresponding height and width dimensions, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", + "title": "Resolution", + "type": "string" + }, + "Storage": { + "items": { + "type": "string" + }, + "markdownDescription": "The format in which thumbnails are recorded for a stream. `SEQUENTIAL` records all generated thumbnails in a serial manner, to the media/thumbnails directory. `LATEST` saves the latest thumbnail in media/thumbnails/latest/thumb.jpg and overwrites it at the interval specified by `targetIntervalSeconds` . You can enable both `SEQUENTIAL` and `LATEST` . Default: `SEQUENTIAL` .", + "title": "Storage", + "type": "array" + }, + "TargetIntervalSeconds": { + "markdownDescription": "The targeted thumbnail-generation interval in seconds. This is configurable (and required) only if [RecordingMode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-recordingmode) is `INTERVAL` .\n\n> Setting a value for `TargetIntervalSeconds` does not guarantee that thumbnails are generated at the specified interval. For thumbnails to be generated at the `TargetIntervalSeconds` interval, the `IDR/Keyframe` value for the input video must be less than the `TargetIntervalSeconds` value. See [Amazon IVS Streaming Configuration](https://docs.aws.amazon.com/ivs/latest/LowLatencyUserGuide/streaming-config.html) for information on setting `IDR/Keyframe` to the recommended value in video-encoder settings. \n\n*Default* : 60", + "title": "TargetIntervalSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::IVS::Stage": { "additionalProperties": false, "properties": { "Condition": { @@ -132350,41 +140790,21 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountLinked": { - "markdownDescription": "Whether the partner account is linked to the AWS account.", - "title": "AccountLinked", - "type": "boolean" - }, - "PartnerAccountId": { - "markdownDescription": "The ID of the partner account to update.", - "title": "PartnerAccountId", - "type": "string" + "AutoParticipantRecordingConfiguration": { + "$ref": "#/definitions/AWS::IVS::Stage.AutoParticipantRecordingConfiguration", + "markdownDescription": "", + "title": "AutoParticipantRecordingConfiguration" }, - "PartnerType": { - "markdownDescription": "The partner type.", - "title": "PartnerType", + "Name": { + "markdownDescription": "Stage name.", + "title": "Name", "type": "string" }, - "Sidewalk": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo", - "markdownDescription": "The Sidewalk account credentials.", - "title": "Sidewalk" - }, - "SidewalkResponse": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint", - "markdownDescription": "Information about a Sidewalk account.", - "title": "SidewalkResponse" - }, - "SidewalkUpdate": { - "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount", - "markdownDescription": "Sidewalk update.", - "title": "SidewalkUpdate" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-stage-tag.html) .", "title": "Tags", "type": "array" } @@ -132393,7 +140813,7 @@ }, "Type": { "enum": [ - "AWS::IoTWireless::PartnerAccount" + "AWS::IVS::Stage" ], "type": "string" }, @@ -132411,53 +140831,29 @@ ], "type": "object" }, - "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo": { + "AWS::IVS::Stage.AutoParticipantRecordingConfiguration": { "additionalProperties": false, "properties": { - "AppServerPrivateKey": { - "markdownDescription": "The Sidewalk application server private key. The application server private key is a secret key, which you should handle in a similar way as you would an application password. You can protect the application server private key by storing the value in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppServerPrivateKey", + "MediaTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Types of media to be recorded. Default: `AUDIO_VIDEO` .", + "title": "MediaTypes", + "type": "array" + }, + "StorageConfigurationArn": { + "markdownDescription": "ARN of the StorageConfiguration resource to use for individual participant recording. Default: \"\" (empty string, no storage configuration is specified). Individual participant recording cannot be started unless a storage configuration is specified, when a Stage is created or updated.", + "title": "StorageConfigurationArn", "type": "string" } }, "required": [ - "AppServerPrivateKey" + "StorageConfigurationArn" ], "type": "object" }, - "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint": { - "additionalProperties": false, - "properties": { - "AmazonId": { - "markdownDescription": "The Sidewalk Amazon ID.", - "title": "AmazonId", - "type": "string" - }, - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" - }, - "Fingerprint": { - "markdownDescription": "The fingerprint of the Sidewalk application server private key.", - "title": "Fingerprint", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount": { - "additionalProperties": false, - "properties": { - "AppServerPrivateKey": { - "markdownDescription": "The new Sidewalk application server private key.", - "title": "AppServerPrivateKey", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::ServiceProfile": { + "AWS::IVS::StorageConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -132492,30 +140888,33 @@ "Properties": { "additionalProperties": false, "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile", - "markdownDescription": "LoRaWAN service profile object.", - "title": "LoRaWAN" - }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "Storage cnfiguration name.", "title": "Name", "type": "string" }, + "S3": { + "$ref": "#/definitions/AWS::IVS::StorageConfiguration.S3StorageConfiguration", + "markdownDescription": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information.", + "title": "S3" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-tag.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "S3" + ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::ServiceProfile" + "AWS::IVS::StorageConfiguration" ], "type": "string" }, @@ -132529,112 +140928,26 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile": { + "AWS::IVS::StorageConfiguration.S3StorageConfiguration": { "additionalProperties": false, "properties": { - "AddGwMetadata": { - "markdownDescription": "The AddGWMetaData value.", - "title": "AddGwMetadata", - "type": "boolean" - }, - "ChannelMask": { - "markdownDescription": "The ChannelMask value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ChannelMask", - "type": "string" - }, - "DevStatusReqFreq": { - "markdownDescription": "The DevStatusReqFreq value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DevStatusReqFreq", - "type": "number" - }, - "DlBucketSize": { - "markdownDescription": "The DLBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlBucketSize", - "type": "number" - }, - "DlRate": { - "markdownDescription": "The DLRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlRate", - "type": "number" - }, - "DlRatePolicy": { - "markdownDescription": "The DLRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DlRatePolicy", - "type": "string" - }, - "DrMax": { - "markdownDescription": "The DRMax value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DrMax", - "type": "number" - }, - "DrMin": { - "markdownDescription": "The DRMin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "DrMin", - "type": "number" - }, - "HrAllowed": { - "markdownDescription": "The HRAllowed value that describes whether handover roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "HrAllowed", - "type": "boolean" - }, - "MinGwDiversity": { - "markdownDescription": "The MinGwDiversity value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "MinGwDiversity", - "type": "number" - }, - "NwkGeoLoc": { - "markdownDescription": "The NwkGeoLoc value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "NwkGeoLoc", - "type": "boolean" - }, - "PrAllowed": { - "markdownDescription": "The PRAllowed value that describes whether passive roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "PrAllowed", - "type": "boolean" - }, - "RaAllowed": { - "markdownDescription": "The RAAllowed value that describes whether roaming activation is allowed.", - "title": "RaAllowed", - "type": "boolean" - }, - "ReportDevStatusBattery": { - "markdownDescription": "The ReportDevStatusBattery value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ReportDevStatusBattery", - "type": "boolean" - }, - "ReportDevStatusMargin": { - "markdownDescription": "The ReportDevStatusMargin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "ReportDevStatusMargin", - "type": "boolean" - }, - "TargetPer": { - "markdownDescription": "The TargetPer value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "TargetPer", - "type": "number" - }, - "UlBucketSize": { - "markdownDescription": "The UlBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlBucketSize", - "type": "number" - }, - "UlRate": { - "markdownDescription": "The ULRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlRate", - "type": "number" - }, - "UlRatePolicy": { - "markdownDescription": "The ULRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", - "title": "UlRatePolicy", + "BucketName": { + "markdownDescription": "Name of the S3 bucket where recorded video will be stored.", + "title": "BucketName", "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::IoTWireless::TaskDefinition": { + "AWS::IVS::StreamKey": { "additionalProperties": false, "properties": { "Condition": { @@ -132669,48 +140982,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoCreateTasks": { - "markdownDescription": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If `false` , the task must be created by calling `CreateWirelessGatewayTask` .", - "title": "AutoCreateTasks", - "type": "boolean" - }, - "LoRaWANUpdateGatewayTaskEntry": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry", - "markdownDescription": "LoRaWANUpdateGatewayTaskEntry object.", - "title": "LoRaWANUpdateGatewayTaskEntry" - }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", + "ChannelArn": { + "markdownDescription": "Channel ARN for the stream.", + "title": "ChannelArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-streamkey-tag.html) .", "title": "Tags", "type": "array" - }, - "TaskDefinitionType": { - "markdownDescription": "A filter to list only the wireless gateway task definitions that use this task definition type.", - "title": "TaskDefinitionType", - "type": "string" - }, - "Update": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate", - "markdownDescription": "Information about the gateways to update.", - "title": "Update" } }, "required": [ - "AutoCreateTasks" + "ChannelArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::TaskDefinition" + "AWS::IVS::StreamKey" ], "type": "string" }, @@ -132729,91 +141022,7 @@ ], "type": "object" }, - "AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion": { - "additionalProperties": false, - "properties": { - "Model": { - "markdownDescription": "The model number of the wireless gateway.", - "title": "Model", - "type": "string" - }, - "PackageVersion": { - "markdownDescription": "The version of the wireless gateway firmware.", - "title": "PackageVersion", - "type": "string" - }, - "Station": { - "markdownDescription": "The basic station version of the wireless gateway.", - "title": "Station", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate": { - "additionalProperties": false, - "properties": { - "CurrentVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The version of the gateways that should receive the update.", - "title": "CurrentVersion" - }, - "SigKeyCrc": { - "markdownDescription": "The CRC of the signature private key to check.", - "title": "SigKeyCrc", - "type": "number" - }, - "UpdateSignature": { - "markdownDescription": "The signature used to verify the update firmware.", - "title": "UpdateSignature", - "type": "string" - }, - "UpdateVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The firmware version to update the gateway to.", - "title": "UpdateVersion" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry": { - "additionalProperties": false, - "properties": { - "CurrentVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The version of the gateways that should receive the update.", - "title": "CurrentVersion" - }, - "UpdateVersion": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", - "markdownDescription": "The firmware version to update the gateway to.", - "title": "UpdateVersion" - } - }, - "type": "object" - }, - "AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate": { - "additionalProperties": false, - "properties": { - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate", - "markdownDescription": "The properties that relate to the LoRaWAN wireless gateway.", - "title": "LoRaWAN" - }, - "UpdateDataRole": { - "markdownDescription": "The IAM role used to read data from the S3 bucket.", - "title": "UpdateDataRole", - "type": "string" - }, - "UpdateDataSource": { - "markdownDescription": "The link to the S3 bucket.", - "title": "UpdateDataSource", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice": { + "AWS::IVSChat::LoggingConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -132848,64 +141057,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the new resource. Maximum length is 2048.", - "title": "Description", - "type": "string" - }, - "DestinationName": { - "markdownDescription": "The name of the destination to assign to the new wireless device. Can have only have alphanumeric, - (hyphen) and _ (underscore) characters and it can't have any spaces.", - "title": "DestinationName", - "type": "string" - }, - "LastUplinkReceivedAt": { - "markdownDescription": "The date and time when the most recent uplink was received.", - "title": "LastUplinkReceivedAt", - "type": "string" - }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.LoRaWANDevice", - "markdownDescription": "The device configuration information to use to create the wireless device. Must be at least one of OtaaV10x, OtaaV11, AbpV11, or AbpV10x.", - "title": "LoRaWAN" + "DestinationConfiguration": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.DestinationConfiguration", + "markdownDescription": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged.", + "title": "DestinationConfiguration" }, "Name": { - "markdownDescription": "The name of the new resource.", + "markdownDescription": "Logging-configuration name. The value does not need to be unique.", "title": "Name", "type": "string" }, - "Positioning": { - "markdownDescription": "FPort values for the GNSS, Stream, and ClockSync functions of the positioning information.", - "title": "Positioning", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-loggingconfiguration-tag.html) .", "title": "Tags", "type": "array" - }, - "ThingArn": { - "markdownDescription": "The ARN of the thing to associate with the wireless device.", - "title": "ThingArn", - "type": "string" - }, - "Type": { - "markdownDescription": "The wireless device type.", - "title": "Type", - "type": "string" } }, "required": [ - "DestinationName", - "Type" + "DestinationConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessDevice" + "AWS::IVSChat::LoggingConfiguration" ], "type": "string" }, @@ -132924,226 +141102,70 @@ ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.AbpV10x": { - "additionalProperties": false, - "properties": { - "DevAddr": { - "markdownDescription": "The DevAddr value.", - "title": "DevAddr", - "type": "string" - }, - "SessionKeys": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x", - "markdownDescription": "Session keys for ABP v1.0.x.", - "title": "SessionKeys" - } - }, - "required": [ - "DevAddr", - "SessionKeys" - ], - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.AbpV11": { - "additionalProperties": false, - "properties": { - "DevAddr": { - "markdownDescription": "The DevAddr value.", - "title": "DevAddr", - "type": "string" - }, - "SessionKeys": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11", - "markdownDescription": "Session keys for ABP v1.1.", - "title": "SessionKeys" - } - }, - "required": [ - "DevAddr", - "SessionKeys" - ], - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.Application": { - "additionalProperties": false, - "properties": { - "DestinationName": { - "markdownDescription": "The name of the position data destination that describes the IoT rule that processes the device's position data.", - "title": "DestinationName", - "type": "string" - }, - "FPort": { - "markdownDescription": "The name of the new destination for the device.", - "title": "FPort", - "type": "number" - }, - "Type": { - "markdownDescription": "Application type, which can be specified to obtain real-time position information of your LoRaWAN device.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.FPorts": { - "additionalProperties": false, - "properties": { - "Applications": { - "items": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.Application" - }, - "markdownDescription": "LoRaWAN application configuration, which can be used to perform geolocation.", - "title": "Applications", - "type": "array" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.LoRaWANDevice": { - "additionalProperties": false, - "properties": { - "AbpV10x": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV10x", - "markdownDescription": "ABP device object for LoRaWAN specification v1.0.x.", - "title": "AbpV10x" - }, - "AbpV11": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV11", - "markdownDescription": "ABP device object for create APIs for v1.1.", - "title": "AbpV11" - }, - "DevEui": { - "markdownDescription": "The DevEUI value.", - "title": "DevEui", - "type": "string" - }, - "DeviceProfileId": { - "markdownDescription": "The ID of the device profile for the new wireless device.", - "title": "DeviceProfileId", - "type": "string" - }, - "FPorts": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.FPorts", - "markdownDescription": "List of FPort assigned for different LoRaWAN application packages to use.", - "title": "FPorts" - }, - "OtaaV10x": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV10x", - "markdownDescription": "OTAA device object for create APIs for v1.0.x", - "title": "OtaaV10x" - }, - "OtaaV11": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV11", - "markdownDescription": "OTAA device object for v1.1 for create APIs.", - "title": "OtaaV11" - }, - "ServiceProfileId": { - "markdownDescription": "The ID of the service profile.", - "title": "ServiceProfileId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::IoTWireless::WirelessDevice.OtaaV10x": { + "AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration": { "additionalProperties": false, "properties": { - "AppEui": { - "markdownDescription": "The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3.", - "title": "AppEui", - "type": "string" - }, - "AppKey": { - "markdownDescription": "The AppKey value.", - "title": "AppKey", + "LogGroupName": { + "markdownDescription": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged.", + "title": "LogGroupName", "type": "string" } }, "required": [ - "AppEui", - "AppKey" + "LogGroupName" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.OtaaV11": { + "AWS::IVSChat::LoggingConfiguration.DestinationConfiguration": { "additionalProperties": false, "properties": { - "AppKey": { - "markdownDescription": "The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppKey", - "type": "string" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration", + "markdownDescription": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.", + "title": "CloudWatchLogs" }, - "JoinEui": { - "markdownDescription": "The JoinEUI value.", - "title": "JoinEui", - "type": "string" + "Firehose": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration", + "markdownDescription": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.", + "title": "Firehose" }, - "NwkKey": { - "markdownDescription": "The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "NwkKey", - "type": "string" + "S3": { + "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration", + "markdownDescription": "An Amazon S3 destination configuration where chat activity will be logged.", + "title": "S3" } }, - "required": [ - "AppKey", - "JoinEui", - "NwkKey" - ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x": { + "AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration": { "additionalProperties": false, "properties": { - "AppSKey": { - "markdownDescription": "The AppSKey value.", - "title": "AppSKey", - "type": "string" - }, - "NwkSKey": { - "markdownDescription": "The NwkKey value.", - "title": "NwkSKey", + "DeliveryStreamName": { + "markdownDescription": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged.", + "title": "DeliveryStreamName", "type": "string" } }, "required": [ - "AppSKey", - "NwkSKey" + "DeliveryStreamName" ], "type": "object" }, - "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11": { + "AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "AppSKey": { - "markdownDescription": "The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "AppSKey", - "type": "string" - }, - "FNwkSIntKey": { - "markdownDescription": "The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "FNwkSIntKey", - "type": "string" - }, - "NwkSEncKey": { - "markdownDescription": "The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "NwkSEncKey", - "type": "string" - }, - "SNwkSIntKey": { - "markdownDescription": "The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", - "title": "SNwkSIntKey", + "BucketName": { + "markdownDescription": "Name of the Amazon S3 bucket where chat activity will be logged.", + "title": "BucketName", "type": "string" } }, "required": [ - "AppSKey", - "FNwkSIntKey", - "NwkSEncKey", - "SNwkSIntKey" + "BucketName" ], "type": "object" }, - "AWS::IoTWireless::WirelessDeviceImportTask": { + "AWS::IVSChat::Room": { "additionalProperties": false, "properties": { "Condition": { @@ -133178,34 +141200,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationName": { - "markdownDescription": "The name of the destination that describes the IoT rule to route messages from the Sidewalk devices in the import task to other applications.", - "title": "DestinationName", - "type": "string" + "LoggingConfigurationIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "List of logging-configuration identifiers attached to the room.", + "title": "LoggingConfigurationIdentifiers", + "type": "array" }, - "Sidewalk": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk", - "markdownDescription": "The Sidewalk-related information of the wireless device import task.", - "title": "Sidewalk" + "MaximumMessageLength": { + "markdownDescription": "Maximum number of characters in a single message. Messages are expected to be UTF-8 encoded and this limit applies specifically to rune/code-point count, not number of bytes.", + "title": "MaximumMessageLength", + "type": "number" + }, + "MaximumMessageRatePerSecond": { + "markdownDescription": "Maximum number of messages per second that can be sent to the room (by all clients).", + "title": "MaximumMessageRatePerSecond", + "type": "number" + }, + "MessageReviewHandler": { + "$ref": "#/definitions/AWS::IVSChat::Room.MessageReviewHandler", + "markdownDescription": "Configuration information for optional review of messages.", + "title": "MessageReviewHandler" + }, + "Name": { + "markdownDescription": "Room name. The value does not need to be unique.", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Adds to or modifies the tags of the given resource. Tags are metadata that you can use to manage a resource.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-room-tag.html) .", "title": "Tags", "type": "array" } }, - "required": [ - "DestinationName", - "Sidewalk" - ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessDeviceImportTask" + "AWS::IVSChat::Room" ], "type": "string" }, @@ -133219,41 +141255,27 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk": { + "AWS::IVSChat::Room.MessageReviewHandler": { "additionalProperties": false, "properties": { - "DeviceCreationFile": { - "markdownDescription": "The CSV file contained in an S3 bucket that's used for adding devices to an import task.", - "title": "DeviceCreationFile", - "type": "string" - }, - "DeviceCreationFileList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of Sidewalk devices that are added to the import task.", - "title": "DeviceCreationFileList", - "type": "array" - }, - "Role": { - "markdownDescription": "The IAM role that allows to access the CSV file in the S3 bucket.", - "title": "Role", + "FallbackResult": { + "markdownDescription": "Specifies the fallback behavior (whether the message is allowed or denied) if the handler does not return a valid response, encounters an error, or times out. (For the timeout period, see [Service Quotas](https://docs.aws.amazon.com/ivs/latest/userguide/service-quotas.html) .) If allowed, the message is delivered with returned content to all users connected to the room. If denied, the message is not delivered to any user.\n\n*Default* : `ALLOW`", + "title": "FallbackResult", "type": "string" }, - "SidewalkManufacturingSn": { - "markdownDescription": "The Sidewalk manufacturing serial number (SMSN) of the Sidewalk device.", - "title": "SidewalkManufacturingSn", + "Uri": { + "markdownDescription": "Identifier of the message review handler. Currently this must be an ARN of a lambda function.", + "title": "Uri", "type": "string" } }, "type": "object" }, - "AWS::IoTWireless::WirelessGateway": { + "AWS::IdentityStore::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -133289,52 +141311,30 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the new resource. The maximum length is 2048 characters.", + "markdownDescription": "A string containing the description of the group.", "title": "Description", "type": "string" }, - "LastUplinkReceivedAt": { - "markdownDescription": "The date and time when the most recent uplink was received.", - "title": "LastUplinkReceivedAt", + "DisplayName": { + "markdownDescription": "The display name value for the group. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.\n\nPrefix search supports a maximum of 1,000 characters for the string.", + "title": "DisplayName", "type": "string" }, - "LoRaWAN": { - "$ref": "#/definitions/AWS::IoTWireless::WirelessGateway.LoRaWANGateway", - "markdownDescription": "The gateway configuration information to use to create the wireless gateway.", - "title": "LoRaWAN" - }, - "Name": { - "markdownDescription": "The name of the new resource.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", - "title": "Tags", - "type": "array" - }, - "ThingArn": { - "markdownDescription": "The ARN of the thing to associate with the wireless gateway.", - "title": "ThingArn", - "type": "string" - }, - "ThingName": { - "markdownDescription": "The name of the thing associated with the wireless gateway. The value is empty if a thing isn't associated with the gateway.", - "title": "ThingName", + "IdentityStoreId": { + "markdownDescription": "The globally unique identifier for the identity store.", + "title": "IdentityStoreId", "type": "string" } }, "required": [ - "LoRaWAN" + "DisplayName", + "IdentityStoreId" ], "type": "object" }, "Type": { "enum": [ - "AWS::IoTWireless::WirelessGateway" + "AWS::IdentityStore::Group" ], "type": "string" }, @@ -133353,27 +141353,7 @@ ], "type": "object" }, - "AWS::IoTWireless::WirelessGateway.LoRaWANGateway": { - "additionalProperties": false, - "properties": { - "GatewayEui": { - "markdownDescription": "The gateway's EUI value.", - "title": "GatewayEui", - "type": "string" - }, - "RfRegion": { - "markdownDescription": "The frequency band (RFRegion) value.", - "title": "RfRegion", - "type": "string" - } - }, - "required": [ - "GatewayEui", - "RfRegion" - ], - "type": "object" - }, - "AWS::KMS::Alias": { + "AWS::IdentityStore::GroupMembership": { "additionalProperties": false, "properties": { "Condition": { @@ -133408,26 +141388,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AliasName": { - "markdownDescription": "Specifies the alias name. This value must begin with `alias/` followed by a name, such as `alias/ExampleAlias` .\n\n> If you change the value of the `AliasName` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). \n\nThe alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with `alias/aws/` . The `alias/aws/` prefix is reserved for [AWS managed keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", - "title": "AliasName", + "GroupId": { + "markdownDescription": "The identifier for a group in the identity store.", + "title": "GroupId", "type": "string" }, - "TargetKeyId": { - "markdownDescription": "Associates the alias with the specified [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) . The KMS key must be in the same AWS account and Region.\n\nA valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n\nFor help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *AWS Key Management Service Developer Guide* .\n\nSpecify the key ID or the key ARN of the KMS key.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nTo get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) .", - "title": "TargetKeyId", + "IdentityStoreId": { + "markdownDescription": "The globally unique identifier for the identity store.", + "title": "IdentityStoreId", "type": "string" + }, + "MemberId": { + "$ref": "#/definitions/AWS::IdentityStore::GroupMembership.MemberId", + "markdownDescription": "An object containing the identifier of a group member. Setting the `MemberId` 's `UserId` field to a specific User's ID indicates that user is a member of the group.", + "title": "MemberId" } }, "required": [ - "AliasName", - "TargetKeyId" + "GroupId", + "IdentityStoreId", + "MemberId" ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::Alias" + "AWS::IdentityStore::GroupMembership" ], "type": "string" }, @@ -133446,7 +141432,21 @@ ], "type": "object" }, - "AWS::KMS::Key": { + "AWS::IdentityStore::GroupMembership.MemberId": { + "additionalProperties": false, + "properties": { + "UserId": { + "markdownDescription": "An object containing the identifiers of resources that can be members.", + "title": "UserId", + "type": "string" + } + }, + "required": [ + "UserId" + ], + "type": "object" + }, + "AWS::ImageBuilder::Component": { "additionalProperties": false, "properties": { "Condition": { @@ -133481,75 +141481,76 @@ "Properties": { "additionalProperties": false, "properties": { - "BypassPolicyLockoutSafetyCheck": { - "markdownDescription": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n\n> Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n> \n> For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *AWS Key Management Service Developer Guide* . \n\nUse this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key.", - "title": "BypassPolicyLockoutSafetyCheck", - "type": "boolean" + "ChangeDescription": { + "markdownDescription": "The change description of the component. Describes what change has been made in this version, or what makes this version different from other versions of the component.", + "title": "ChangeDescription", + "type": "string" + }, + "Data": { + "markdownDescription": "Component `data` contains inline YAML document content for the component. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", + "title": "Data", + "type": "string" }, "Description": { - "markdownDescription": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use.", + "markdownDescription": "Describes the contents of the component.", "title": "Description", "type": "string" }, - "EnableKeyRotation": { - "markdownDescription": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n\nAWS KMS supports automatic rotation only for symmetric encryption KMS keys ( `KeySpec` = `SYMMETRIC_DEFAULT` ). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin `EXTERNAL` , omit the `EnableKeyRotation` property or set it to `false` .\n\nTo enable automatic key rotation of the key material for a multi-Region KMS key, set `EnableKeyRotation` to `true` on the primary key (created by using `AWS::KMS::Key` ). AWS KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *AWS Key Management Service Developer Guide* .\n\nWhen you enable automatic rotation, AWS KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. AWS KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "EnableKeyRotation", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", - "title": "Enabled", - "type": "boolean" - }, - "KeyPolicy": { - "markdownDescription": "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n- The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *AWS Key Management Service Developer Guide* . (To omit this condition, set `BypassPolicyLockoutSafetyCheck` to true.)\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nIf you do not provide a key policy, AWS KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *AWS Key Management Service Developer Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters\n- Printable characters in the Basic Latin and Latin-1 Supplement character set\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", - "title": "KeyPolicy", - "type": "object" - }, - "KeySpec": { - "markdownDescription": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- Asymmetric ML-DSA key pairs (signing and verification)\n\n- `ML_DSA_44`\n- `ML_DSA_65`\n- `ML_DSA_87`\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", - "title": "KeySpec", + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key that is used to encrypt this component.", + "title": "KmsKeyId", "type": "string" }, - "KeyUsage": { - "markdownDescription": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with ML-DSA key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", - "title": "KeyUsage", + "Name": { + "markdownDescription": "The name of the component.", + "title": "Name", "type": "string" }, - "MultiRegion": { - "markdownDescription": "Creates a multi-Region primary key that you can replicate in other AWS Regions . You can't change the `MultiRegion` value after the KMS key is created.\n\nFor a list of AWS Regions in which multi-Region keys are supported, see [Multi-Region keys in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the ** .\n\n> If you change the value of the `MultiRegion` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nFor a multi-Region key, set to this property to `true` . For a single-Region key, omit this property or set it to `false` . The default value is `false` .\n\n*Multi-Region keys* are an AWS KMS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n\nTo create a replica of this primary key in a different AWS Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.", - "title": "MultiRegion", - "type": "boolean" - }, - "Origin": { - "markdownDescription": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> - AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.\n> - `EXTERNAL` is not supported for ML-DSA keys.", - "title": "Origin", + "Platform": { + "markdownDescription": "The operating system platform of the component.", + "title": "Platform", "type": "string" }, - "PendingWindowInDays": { - "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "PendingWindowInDays", - "type": "number" - }, - "RotationPeriodInDays": { - "markdownDescription": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n\nThe rotation period defines the number of days after you enable automatic key rotation that AWS KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n\nYou can use the [`kms:RotationPeriodInDays`](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the `RotationPeriodInDays` parameter.\n\nFor more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "RotationPeriodInDays", - "type": "number" + "SupportedOsVersions": { + "items": { + "type": "string" + }, + "markdownDescription": "The operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.", + "title": "SupportedOsVersions", + "type": "array" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The tags that apply to the component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nFor information about tags in AWS KMS , see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *AWS Key Management Service Developer Guide* . For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" + }, + "Uri": { + "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", + "title": "Uri", + "type": "string" + }, + "Version": { + "markdownDescription": "The component version. For example, `1.0.0` .", + "title": "Version", + "type": "string" } }, + "required": [ + "Name", + "Platform", + "Version" + ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::Key" + "AWS::ImageBuilder::Component" ], "type": "string" }, @@ -133563,11 +141564,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::KMS::ReplicaKey": { + "AWS::ImageBuilder::ContainerRecipe": { "additionalProperties": false, "properties": { "Condition": { @@ -133602,49 +141604,104 @@ "Properties": { "additionalProperties": false, "properties": { + "Components": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration" + }, + "markdownDescription": "Build and test components that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", + "title": "Components", + "type": "array" + }, + "ContainerType": { + "markdownDescription": "Specifies the type of container, such as Docker.", + "title": "ContainerType", + "type": "string" + }, "Description": { - "markdownDescription": "A description of the KMS key.\n\nThe default value is an empty string (no description).\n\nThe description is not a shared property of multi-Region keys. You can specify the same description or a different description for each key in a set of related multi-Region keys. AWS Key Management Service does not synchronize this property.", + "markdownDescription": "The description of the container recipe.", "title": "Description", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the replica might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations. Also, while the replica key is being created, its key state is `Creating` . When the process is complete, the key state of the replica key changes to `Enabled` .\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", - "title": "Enabled", - "type": "boolean" + "DockerfileTemplateData": { + "markdownDescription": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.", + "title": "DockerfileTemplateData", + "type": "string" }, - "KeyPolicy": { - "markdownDescription": "The key policy that authorizes use of the replica key.\n\nThe key policy is not a shared property of multi-Region keys. You can specify the same key policy or a different key policy for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nThe key policy must conform to the following rules.\n\n- The key policy must give the caller [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) permission on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section of the **AWS Key Management Service Developer Guide** .\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters from the space character ( `\\u0020` ) through the end of the ASCII character range.\n- Printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` ).\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", - "title": "KeyPolicy", - "type": "object" + "DockerfileTemplateUri": { + "markdownDescription": "The S3 URI for the Dockerfile that will be used to build your container image.", + "title": "DockerfileTemplateUri", + "type": "string" }, - "PendingWindowInDays": { - "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a replica key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a replica key from a CloudFormation stack, AWS KMS schedules the replica key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of replica key is `Pending Deletion` , which prevents it from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the replica key.\n\nIf the KMS key is a multi-Region primary key with replica keys, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n\nYou cannot use a CloudFormation template to cancel deletion of the replica after you remove it from the stack, regardless of the waiting period. However, if you specify a replica key in your template that is based on the same primary key as the original replica key, CloudFormation creates a new replica key with the same key ID, key material, and other shared properties of the original replica key. This new replica key can decrypt ciphertext that was encrypted under the original replica key, or any related multi-Region key.\n\nFor detailed information about deleting multi-Region keys, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nFor information about the `PendingDeletion` key state, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "PendingWindowInDays", - "type": "number" + "ImageOsVersionOverride": { + "markdownDescription": "Specifies the operating system version for the base image.", + "title": "ImageOsVersionOverride", + "type": "string" }, - "PrimaryKeyArn": { - "markdownDescription": "Specifies the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS partition. You can create only one replica of a given primary key in each AWS Region .\n\n> If you change the `PrimaryKeyArn` value of a replica key, the existing replica key is scheduled for deletion and a new replica key is created based on the specified primary key. While it is scheduled for deletion, the existing replica key becomes unusable. You can cancel the scheduled deletion of the key outside of CloudFormation.\n> \n> However, if you inadvertently delete a replica key, you can decrypt ciphertext encrypted by that replica key by using any related multi-Region key. If necessary, you can recreate the replica in the same Region after the previous one is completely deleted. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* \n\nSpecify the key ARN of an existing multi-Region primary key. For example, `arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab` .", - "title": "PrimaryKeyArn", + "InstanceConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration", + "markdownDescription": "A group of options that can be used to configure an instance for building and testing container images.", + "title": "InstanceConfiguration" + }, + "KmsKeyId": { + "markdownDescription": "Identifies which KMS key is used to encrypt the container image for distribution to the target Region.", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the container recipe.", + "title": "Name", + "type": "string" + }, + "ParentImage": { + "markdownDescription": "The base image for customizations specified in the container recipe. This can contain an Image Builder image resource ARN or a container image URI, for example `amazonlinux:latest` .", + "title": "ParentImage", + "type": "string" + }, + "PlatformOverride": { + "markdownDescription": "Specifies the operating system platform when you use a custom base image.", + "title": "PlatformOverride", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Tags that are attached to the container recipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nTags are not a shared property of multi-Region keys. You can specify the same tags or different tags for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, AWS KMS replaces the current tag value with the specified one.\n\nWhen you assign tags to an AWS resource, AWS generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) .", "title": "Tags", - "type": "array" + "type": "object" + }, + "TargetRepository": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository", + "markdownDescription": "The destination repository for the container image.", + "title": "TargetRepository" + }, + "Version": { + "markdownDescription": "The semantic version of the container recipe.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.\n> \n> *Filtering:* With semantic versioning, you have the flexibility to use wildcards (x) to specify the most recent versions or nodes when selecting the base image or components for your recipe. When you use a wildcard in any node, all nodes to the right of the first wildcard must also be wildcards.", + "title": "Version", + "type": "string" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory for use during build and test workflows.", + "title": "WorkingDirectory", + "type": "string" } }, "required": [ - "KeyPolicy", - "PrimaryKeyArn" + "Components", + "ContainerType", + "Name", + "ParentImage", + "TargetRepository", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::KMS::ReplicaKey" + "AWS::ImageBuilder::ContainerRecipe" ], "type": "string" }, @@ -133663,7 +141720,156 @@ ], "type": "object" }, - "AWS::KafkaConnect::Connector": { + "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { + "additionalProperties": false, + "properties": { + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", + "type": "string" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentParameter" + }, + "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", + "title": "Parameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ContainerRecipe.ComponentParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the component parameter to set.", + "title": "Name", + "type": "string" + }, + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the value for the named component parameter.", + "title": "Value", + "type": "array" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification": { + "additionalProperties": false, + "properties": { + "DeleteOnTermination": { + "markdownDescription": "Use to configure delete on termination of the associated device.", + "title": "DeleteOnTermination", + "type": "boolean" + }, + "Encrypted": { + "markdownDescription": "Use to configure device encryption.", + "title": "Encrypted", + "type": "boolean" + }, + "Iops": { + "markdownDescription": "Use to configure device IOPS.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", + "title": "KmsKeyId", + "type": "string" + }, + "SnapshotId": { + "markdownDescription": "The snapshot that defines the device contents.", + "title": "SnapshotId", + "type": "string" + }, + "Throughput": { + "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", + "title": "Throughput", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "Use to override the device's volume size.", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "Use to override the device's volume type.", + "title": "VolumeType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping": { + "additionalProperties": false, + "properties": { + "DeviceName": { + "markdownDescription": "The device to which these mappings apply.", + "title": "DeviceName", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification", + "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "Use to remove a mapping from the base image.", + "title": "NoDevice", + "type": "string" + }, + "VirtualName": { + "markdownDescription": "Use to manage instance ephemeral devices.", + "title": "VirtualName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration": { + "additionalProperties": false, + "properties": { + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping" + }, + "markdownDescription": "Defines the block devices to attach for building an instance from this Image Builder AMI.", + "title": "BlockDeviceMappings", + "type": "array" + }, + "Image": { + "markdownDescription": "The base image for a container build and test instance. This can contain an AMI ID or it can specify an AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n\nIf not specified, Image Builder uses the appropriate ECS-optimized AMI as a base image.", + "title": "Image", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository": { + "additionalProperties": false, + "properties": { + "RepositoryName": { + "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", + "title": "RepositoryName", + "type": "string" + }, + "Service": { + "markdownDescription": "Specifies the service in which this image was registered.", + "title": "Service", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::DistributionConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -133698,100 +141904,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Capacity": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Capacity", - "markdownDescription": "The connector's compute capacity settings.", - "title": "Capacity" - }, - "ConnectorConfiguration": { - "additionalProperties": true, - "markdownDescription": "The configuration of the connector.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "ConnectorConfiguration", - "type": "object" - }, - "ConnectorDescription": { - "markdownDescription": "The description of the connector.", - "title": "ConnectorDescription", - "type": "string" - }, - "ConnectorName": { - "markdownDescription": "The name of the connector.\n\nThe connector name must be unique and can include up to 128 characters. Valid characters you can include in a connector name are: a-z, A-Z, 0-9, and -.", - "title": "ConnectorName", - "type": "string" - }, - "KafkaCluster": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaCluster", - "markdownDescription": "The details of the Apache Kafka cluster to which the connector is connected.", - "title": "KafkaCluster" - }, - "KafkaClusterClientAuthentication": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication", - "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used.", - "title": "KafkaClusterClientAuthentication" - }, - "KafkaClusterEncryptionInTransit": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit", - "markdownDescription": "Details of encryption in transit to the Apache Kafka cluster.", - "title": "KafkaClusterEncryptionInTransit" - }, - "KafkaConnectVersion": { - "markdownDescription": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.", - "title": "KafkaConnectVersion", + "Description": { + "markdownDescription": "The description of this distribution configuration.", + "title": "Description", "type": "string" }, - "LogDelivery": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.LogDelivery", - "markdownDescription": "The settings for delivering connector logs to Amazon CloudWatch Logs.", - "title": "LogDelivery" - }, - "Plugins": { + "Distributions": { "items": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Plugin" + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.Distribution" }, - "markdownDescription": "Specifies which plugin to use for the connector. You must specify a single-element list. Amazon MSK Connect does not currently support specifying multiple plugins.", - "title": "Plugins", + "markdownDescription": "The distributions of this distribution configuration formatted as an array of Distribution objects.", + "title": "Distributions", "type": "array" }, - "ServiceExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon Web Services resources.", - "title": "ServiceExecutionRoleArn", + "Name": { + "markdownDescription": "The name of this distribution configuration.", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The tags of this distribution configuration.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "", "title": "Tags", - "type": "array" - }, - "WorkerConfiguration": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerConfiguration", - "markdownDescription": "The worker configurations that are in use with the connector.", - "title": "WorkerConfiguration" + "type": "object" } }, "required": [ - "Capacity", - "ConnectorConfiguration", - "ConnectorName", - "KafkaCluster", - "KafkaClusterClientAuthentication", - "KafkaClusterEncryptionInTransit", - "KafkaConnectVersion", - "Plugins", - "ServiceExecutionRoleArn" + "Distributions", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::Connector" + "AWS::ImageBuilder::DistributionConfiguration" ], "type": "string" }, @@ -133810,347 +141961,294 @@ ], "type": "object" }, - "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { - "additionalProperties": false, - "properties": { - "BootstrapServers": { - "markdownDescription": "The bootstrap servers of the cluster.", - "title": "BootstrapServers", - "type": "string" - }, - "Vpc": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.Vpc", - "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", - "title": "Vpc" - } - }, - "required": [ - "BootstrapServers", - "Vpc" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.AutoScaling": { + "AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration": { "additionalProperties": false, "properties": { - "MaxWorkerCount": { - "markdownDescription": "The maximum number of workers allocated to the connector.", - "title": "MaxWorkerCount", - "type": "number" + "AmiTags": { + "additionalProperties": true, + "markdownDescription": "The tags to apply to AMIs distributed to this Region.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AmiTags", + "type": "object" }, - "McuCount": { - "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", - "title": "McuCount", - "type": "number" + "Description": { + "markdownDescription": "The description of the AMI distribution configuration. Minimum and maximum length are in characters.", + "title": "Description", + "type": "string" }, - "MinWorkerCount": { - "markdownDescription": "The minimum number of workers allocated to the connector.", - "title": "MinWorkerCount", - "type": "number" + "KmsKeyId": { + "markdownDescription": "The KMS key identifier used to encrypt the distributed image.", + "title": "KmsKeyId", + "type": "string" }, - "ScaleInPolicy": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleInPolicy", - "markdownDescription": "The sacle-in policy for the connector.", - "title": "ScaleInPolicy" + "LaunchPermissionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration", + "markdownDescription": "Launch permissions can be used to configure which AWS account s can use the AMI to launch instances.", + "title": "LaunchPermissionConfiguration" }, - "ScaleOutPolicy": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleOutPolicy", - "markdownDescription": "The sacle-out policy for the connector.", - "title": "ScaleOutPolicy" - } - }, - "required": [ - "MaxWorkerCount", - "McuCount", - "MinWorkerCount", - "ScaleInPolicy", - "ScaleOutPolicy" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.Capacity": { - "additionalProperties": false, - "properties": { - "AutoScaling": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.AutoScaling", - "markdownDescription": "Information about the auto scaling parameters for the connector.", - "title": "AutoScaling" + "Name": { + "markdownDescription": "The name of the output AMI.", + "title": "Name", + "type": "string" }, - "ProvisionedCapacity": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ProvisionedCapacity", - "markdownDescription": "Details about a fixed capacity allocated to a connector.", - "title": "ProvisionedCapacity" + "TargetAccountIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of an account to which you want to distribute an image.", + "title": "TargetAccountIds", + "type": "array" } }, "type": "object" }, - "AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery": { + "AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Whether log delivery to Amazon CloudWatch Logs is enabled.", - "title": "Enabled", - "type": "boolean" + "ContainerTags": { + "items": { + "type": "string" + }, + "markdownDescription": "Tags that are attached to the container distribution configuration.", + "title": "ContainerTags", + "type": "array" }, - "LogGroup": { - "markdownDescription": "The name of the CloudWatch log group that is the destination for log delivery.", - "title": "LogGroup", + "Description": { + "markdownDescription": "The description of the container distribution configuration.", + "title": "Description", "type": "string" + }, + "TargetRepository": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository", + "markdownDescription": "The destination repository for the container distribution configuration.", + "title": "TargetRepository" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::KafkaConnect::Connector.CustomPlugin": { + "AWS::ImageBuilder::DistributionConfiguration.Distribution": { "additionalProperties": false, "properties": { - "CustomPluginArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the custom plugin.", - "title": "CustomPluginArn", + "AmiDistributionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration", + "markdownDescription": "The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below.", + "title": "AmiDistributionConfiguration" + }, + "ContainerDistributionConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration", + "markdownDescription": "Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below.", + "title": "ContainerDistributionConfiguration" + }, + "FastLaunchConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration" + }, + "markdownDescription": "The Windows faster-launching configurations to use for AMI distribution.", + "title": "FastLaunchConfigurations", + "type": "array" + }, + "LaunchTemplateConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration" + }, + "markdownDescription": "A group of launchTemplateConfiguration settings that apply to image distribution for specified accounts.", + "title": "LaunchTemplateConfigurations", + "type": "array" + }, + "LicenseConfigurationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The License Manager Configuration to associate with the AMI in the specified Region. For more information, see the [LicenseConfiguration API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_LicenseConfiguration.html) .", + "title": "LicenseConfigurationArns", + "type": "array" + }, + "Region": { + "markdownDescription": "The target Region for the Distribution Configuration. For example, `eu-west-1` .", + "title": "Region", "type": "string" }, - "Revision": { - "markdownDescription": "The revision of the custom plugin.", - "title": "Revision", - "type": "number" + "SsmParameterConfigurations": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.SsmParameterConfiguration" + }, + "markdownDescription": "Contains settings to update AWS Systems Manager (SSM) Parameter Store Parameters with output AMI IDs from the build by target Region.", + "title": "SsmParameterConfigurations", + "type": "array" } }, "required": [ - "CustomPluginArn", - "Revision" + "Region" ], "type": "object" }, - "AWS::KafkaConnect::Connector.FirehoseLogDelivery": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration": { "additionalProperties": false, "properties": { - "DeliveryStream": { - "markdownDescription": "The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.", - "title": "DeliveryStream", + "AccountId": { + "markdownDescription": "The owner account ID for the fast-launch enabled Windows AMI.", + "title": "AccountId", "type": "string" }, "Enabled": { - "markdownDescription": "Specifies whether connector logs get delivered to Amazon Kinesis Data Firehose.", + "markdownDescription": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to `true` to start using Windows faster launching, or `false` to stop using it.", "title": "Enabled", "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.KafkaCluster": { - "additionalProperties": false, - "properties": { - "ApacheKafkaCluster": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.ApacheKafkaCluster", - "markdownDescription": "The Apache Kafka cluster to which the connector is connected.", - "title": "ApacheKafkaCluster" - } - }, - "required": [ - "ApacheKafkaCluster" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication": { - "additionalProperties": false, - "properties": { - "AuthenticationType": { - "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used.", - "title": "AuthenticationType", - "type": "string" - } - }, - "required": [ - "AuthenticationType" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit": { - "additionalProperties": false, - "properties": { - "EncryptionType": { - "markdownDescription": "The type of encryption in transit to the Apache Kafka cluster.", - "title": "EncryptionType", - "type": "string" - } - }, - "required": [ - "EncryptionType" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.LogDelivery": { - "additionalProperties": false, - "properties": { - "WorkerLogDelivery": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerLogDelivery", - "markdownDescription": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations.", - "title": "WorkerLogDelivery" - } - }, - "required": [ - "WorkerLogDelivery" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.Plugin": { - "additionalProperties": false, - "properties": { - "CustomPlugin": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.CustomPlugin", - "markdownDescription": "Details about a custom plugin.", - "title": "CustomPlugin" - } - }, - "required": [ - "CustomPlugin" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.ProvisionedCapacity": { - "additionalProperties": false, - "properties": { - "McuCount": { - "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", - "title": "McuCount", - "type": "number" }, - "WorkerCount": { - "markdownDescription": "The number of workers that are allocated to the connector.", - "title": "WorkerCount", + "LaunchTemplate": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification", + "markdownDescription": "The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.", + "title": "LaunchTemplate" + }, + "MaxParallelLaunches": { + "markdownDescription": "The maximum number of parallel instances that are launched for creating resources.", + "title": "MaxParallelLaunches", "type": "number" + }, + "SnapshotConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration", + "markdownDescription": "Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.", + "title": "SnapshotConfiguration" } }, - "required": [ - "WorkerCount" - ], "type": "object" }, - "AWS::KafkaConnect::Connector.S3LogDelivery": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that is the destination for log delivery.", - "title": "Bucket", + "LaunchTemplateId": { + "markdownDescription": "The ID of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateId", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether connector logs get sent to the specified Amazon S3 destination.", - "title": "Enabled", - "type": "boolean" + "LaunchTemplateName": { + "markdownDescription": "The name of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateName", + "type": "string" }, - "Prefix": { - "markdownDescription": "The S3 prefix that is the destination for log delivery.", - "title": "Prefix", + "LaunchTemplateVersion": { + "markdownDescription": "The version of the launch template to use for faster launching for a Windows AMI.", + "title": "LaunchTemplateVersion", "type": "string" } }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::KafkaConnect::Connector.ScaleInPolicy": { - "additionalProperties": false, - "properties": { - "CpuUtilizationPercentage": { - "markdownDescription": "Specifies the CPU utilization percentage threshold at which you want connector scale in to be triggered.", - "title": "CpuUtilizationPercentage", - "type": "number" - } - }, - "required": [ - "CpuUtilizationPercentage" - ], "type": "object" }, - "AWS::KafkaConnect::Connector.ScaleOutPolicy": { + "AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration": { "additionalProperties": false, "properties": { - "CpuUtilizationPercentage": { - "markdownDescription": "The CPU utilization percentage threshold at which you want connector scale out to be triggered.", - "title": "CpuUtilizationPercentage", + "TargetResourceCount": { + "markdownDescription": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.", + "title": "TargetResourceCount", "type": "number" } }, - "required": [ - "CpuUtilizationPercentage" - ], "type": "object" }, - "AWS::KafkaConnect::Connector.Vpc": { + "AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroups": { + "OrganizationArns": { "items": { "type": "string" }, - "markdownDescription": "The security group IDs for the connector.", - "title": "SecurityGroups", + "markdownDescription": "The ARN for an AWS Organization that you want to share your AMI with. For more information, see [What is AWS Organizations ?](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) .", + "title": "OrganizationArns", "type": "array" }, - "Subnets": { + "OrganizationalUnitArns": { "items": { "type": "string" }, - "markdownDescription": "The subnets for the connector.", - "title": "Subnets", + "markdownDescription": "The ARN for an AWS Organizations organizational unit (OU) that you want to share your AMI with. For more information about key concepts for AWS Organizations , see [AWS Organizations terminology and concepts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html) .", + "title": "OrganizationalUnitArns", + "type": "array" + }, + "UserGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the group.", + "title": "UserGroups", + "type": "array" + }, + "UserIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS account ID.", + "title": "UserIds", "type": "array" } }, - "required": [ - "SecurityGroups", - "Subnets" - ], "type": "object" }, - "AWS::KafkaConnect::Connector.WorkerConfiguration": { + "AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration": { "additionalProperties": false, "properties": { - "Revision": { - "markdownDescription": "The revision of the worker configuration.", - "title": "Revision", - "type": "number" + "AccountId": { + "markdownDescription": "The account ID that this configuration applies to.", + "title": "AccountId", + "type": "string" }, - "WorkerConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the worker configuration.", - "title": "WorkerConfigurationArn", + "LaunchTemplateId": { + "markdownDescription": "Identifies the Amazon EC2 launch template to use.", + "title": "LaunchTemplateId", + "type": "string" + }, + "SetDefaultVersion": { + "markdownDescription": "Set the specified Amazon EC2 launch template as the default launch template for the specified account.", + "title": "SetDefaultVersion", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::DistributionConfiguration.SsmParameterConfiguration": { + "additionalProperties": false, + "properties": { + "AmiAccountId": { + "markdownDescription": "Specify the account that will own the Parameter in a given Region. During distribution, this account must be specified in distribution settings as a target account for the Region.", + "title": "AmiAccountId", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type specifies what type of value the Parameter contains. We recommend that you use data type `aws:ec2:image` .", + "title": "DataType", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "This is the name of the Parameter in the target Region or account. The image distribution creates the Parameter if it doesn't already exist. Otherwise, it updates the parameter.", + "title": "ParameterName", "type": "string" } }, "required": [ - "Revision", - "WorkerConfigurationArn" + "ParameterName" ], "type": "object" }, - "AWS::KafkaConnect::Connector.WorkerLogDelivery": { + "AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository": { "additionalProperties": false, "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery", - "markdownDescription": "Details about delivering logs to Amazon CloudWatch Logs.", - "title": "CloudWatchLogs" - }, - "Firehose": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.FirehoseLogDelivery", - "markdownDescription": "Details about delivering logs to Amazon Kinesis Data Firehose.", - "title": "Firehose" + "RepositoryName": { + "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location. For example, `/repository_name` .", + "title": "RepositoryName", + "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::KafkaConnect::Connector.S3LogDelivery", - "markdownDescription": "Details about delivering logs to Amazon S3.", - "title": "S3" + "Service": { + "markdownDescription": "Specifies the service in which this image was registered.", + "title": "Service", + "type": "string" } }, "type": "object" }, - "AWS::KafkaConnect::CustomPlugin": { + "AWS::ImageBuilder::Image": { "additionalProperties": false, "properties": { "Condition": { @@ -134185,45 +142283,71 @@ "Properties": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The format of the plugin file.", - "title": "ContentType", + "ContainerRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.", + "title": "ContainerRecipeArn", "type": "string" }, - "Description": { - "markdownDescription": "The description of the custom plugin.", - "title": "Description", + "DistributionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration that defines and configures the outputs of your pipeline.", + "title": "DistributionConfigurationArn", "type": "string" }, - "Location": { - "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.CustomPluginLocation", - "markdownDescription": "Information about the location of the custom plugin.", - "title": "Location" + "EnhancedImageMetadataEnabled": { + "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", + "title": "EnhancedImageMetadataEnabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the custom plugin.", - "title": "Name", + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", + "title": "ExecutionRole", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ContentType", - "Location", - "Name" - ], - "type": "object" - }, + "ImageRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.", + "title": "ImageRecipeArn", + "type": "string" + }, + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageScanningConfiguration", + "markdownDescription": "Contains settings for vulnerability scans.", + "title": "ImageScanningConfiguration" + }, + "ImageTestsConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageTestsConfiguration", + "markdownDescription": "The image tests configuration of the image.", + "title": "ImageTestsConfiguration" + }, + "InfrastructureConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration that defines the environment in which your image will be built and tested.", + "title": "InfrastructureConfigurationArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags of the image.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Workflows": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowConfiguration" + }, + "markdownDescription": "Contains an array of workflow configuration objects.", + "title": "Workflows", + "type": "array" + } + }, + "type": "object" + }, "Type": { "enum": [ - "AWS::KafkaConnect::CustomPlugin" + "AWS::ImageBuilder::Image" ], "type": "string" }, @@ -134237,67 +142361,110 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::KafkaConnect::CustomPlugin.CustomPluginFileDescription": { + "AWS::ImageBuilder::Image.EcrConfiguration": { "additionalProperties": false, "properties": { - "FileMd5": { - "markdownDescription": "The hex-encoded MD5 checksum of the custom plugin file. You can use it to validate the file.", - "title": "FileMd5", + "ContainerTags": { + "items": { + "type": "string" + }, + "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", + "title": "ContainerTags", + "type": "array" + }, + "RepositoryName": { + "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", + "title": "RepositoryName", "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::Image.ImageScanningConfiguration": { + "additionalProperties": false, + "properties": { + "EcrConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.EcrConfiguration", + "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", + "title": "EcrConfiguration" }, - "FileSize": { - "markdownDescription": "The size in bytes of the custom plugin file. You can use it to validate the file.", - "title": "FileSize", - "type": "number" + "ImageScanningEnabled": { + "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", + "title": "ImageScanningEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::KafkaConnect::CustomPlugin.CustomPluginLocation": { + "AWS::ImageBuilder::Image.ImageTestsConfiguration": { "additionalProperties": false, "properties": { - "S3Location": { - "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.S3Location", - "markdownDescription": "The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3.", - "title": "S3Location" + "ImageTestsEnabled": { + "markdownDescription": "Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.", + "title": "ImageTestsEnabled", + "type": "boolean" + }, + "TimeoutMinutes": { + "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", + "title": "TimeoutMinutes", + "type": "number" } }, - "required": [ - "S3Location" - ], "type": "object" }, - "AWS::KafkaConnect::CustomPlugin.S3Location": { + "AWS::ImageBuilder::Image.WorkflowConfiguration": { "additionalProperties": false, "properties": { - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an S3 bucket.", - "title": "BucketArn", + "OnFailure": { + "markdownDescription": "The action to take if the workflow fails.", + "title": "OnFailure", "type": "string" }, - "FileKey": { - "markdownDescription": "The file key for an object in an S3 bucket.", - "title": "FileKey", + "ParallelGroup": { + "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", + "title": "ParallelGroup", "type": "string" }, - "ObjectVersion": { - "markdownDescription": "The version of an object in an S3 bucket.", - "title": "ObjectVersion", + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowParameter" + }, + "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", + "title": "Parameters", + "type": "array" + }, + "WorkflowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", + "title": "WorkflowArn", "type": "string" } }, - "required": [ - "BucketArn", - "FileKey" - ], "type": "object" }, - "AWS::KafkaConnect::WorkerConfiguration": { + "AWS::ImageBuilder::Image.WorkflowParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the workflow parameter to set.", + "title": "Name", + "type": "string" + }, + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the value for the named workflow parameter.", + "title": "Value", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ImagePipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -134332,39 +142499,95 @@ "Properties": { "additionalProperties": false, "properties": { + "ContainerRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that is used for this pipeline.", + "title": "ContainerRecipeArn", + "type": "string" + }, "Description": { - "markdownDescription": "The description of a worker configuration.", + "markdownDescription": "The description of this image pipeline.", "title": "Description", "type": "string" }, + "DistributionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline.", + "title": "DistributionConfigurationArn", + "type": "string" + }, + "EnhancedImageMetadataEnabled": { + "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", + "title": "EnhancedImageMetadataEnabled", + "type": "boolean" + }, + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", + "title": "ExecutionRole", + "type": "string" + }, + "ImageRecipeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe associated with this image pipeline.", + "title": "ImageRecipeArn", + "type": "string" + }, + "ImageScanningConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration", + "markdownDescription": "Contains settings for vulnerability scans.", + "title": "ImageScanningConfiguration" + }, + "ImageTestsConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration", + "markdownDescription": "The configuration of the image tests that run after image creation to ensure the quality of the image that was created.", + "title": "ImageTestsConfiguration" + }, + "InfrastructureConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline.", + "title": "InfrastructureConfigurationArn", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the worker configuration.", + "markdownDescription": "The name of the image pipeline.", "title": "Name", "type": "string" }, - "PropertiesFileContent": { - "markdownDescription": "Base64 encoded contents of the connect-distributed.properties file.", - "title": "PropertiesFileContent", + "Schedule": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.Schedule", + "markdownDescription": "The schedule of the image pipeline. A schedule configures how often and when a pipeline automatically creates a new image.", + "title": "Schedule" + }, + "Status": { + "markdownDescription": "The status of the image pipeline.", + "title": "Status", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The tags of this image pipeline.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "", "title": "Tags", + "type": "object" + }, + "Workflows": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration" + }, + "markdownDescription": "Contains the workflows that run for the image pipeline.", + "title": "Workflows", "type": "array" } }, "required": [ - "Name", - "PropertiesFileContent" + "InfrastructureConfigurationArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::KafkaConnect::WorkerConfiguration" + "AWS::ImageBuilder::ImagePipeline" ], "type": "string" }, @@ -134383,7 +142606,122 @@ ], "type": "object" }, - "AWS::Kendra::DataSource": { + "AWS::ImageBuilder::ImagePipeline.EcrConfiguration": { + "additionalProperties": false, + "properties": { + "ContainerTags": { + "items": { + "type": "string" + }, + "markdownDescription": "Tags for Image Builder to apply to the output container image that Amazon Inspector scans. Tags can help you identify and manage your scanned images.", + "title": "ContainerTags", + "type": "array" + }, + "RepositoryName": { + "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", + "title": "RepositoryName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration": { + "additionalProperties": false, + "properties": { + "EcrConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.EcrConfiguration", + "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", + "title": "EcrConfiguration" + }, + "ImageScanningEnabled": { + "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", + "title": "ImageScanningEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration": { + "additionalProperties": false, + "properties": { + "ImageTestsEnabled": { + "markdownDescription": "Defines if tests should be executed when building this image. For example, `true` or `false` .", + "title": "ImageTestsEnabled", + "type": "boolean" + }, + "TimeoutMinutes": { + "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeout property is not currently active. This value is ignored.", + "title": "TimeoutMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ImagePipeline.Schedule": { + "additionalProperties": false, + "properties": { + "PipelineExecutionStartCondition": { + "markdownDescription": "The condition configures when the pipeline should trigger a new image build. When the `pipelineExecutionStartCondition` is set to `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE` , and you use semantic version filters on the base image or components in your image recipe, Image Builder will build a new image only when there are new versions of the image or components in your recipe that match the semantic version filter. When it is set to `EXPRESSION_MATCH_ONLY` , it will build a new image every time the CRON expression matches the current time. For semantic version syntax, see [CreateComponent](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html) in the *Image Builder API Reference* .", + "title": "PipelineExecutionStartCondition", + "type": "string" + }, + "ScheduleExpression": { + "markdownDescription": "The cron expression determines how often EC2 Image Builder evaluates your `pipelineExecutionStartCondition` .\n\nFor information on how to format a cron expression in Image Builder, see [Use cron expressions in EC2 Image Builder](https://docs.aws.amazon.com/imagebuilder/latest/userguide/image-builder-cron.html) .", + "title": "ScheduleExpression", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration": { + "additionalProperties": false, + "properties": { + "OnFailure": { + "markdownDescription": "The action to take if the workflow fails.", + "title": "OnFailure", + "type": "string" + }, + "ParallelGroup": { + "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", + "title": "ParallelGroup", + "type": "string" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowParameter" + }, + "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", + "title": "Parameters", + "type": "array" + }, + "WorkflowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", + "title": "WorkflowArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ImagePipeline.WorkflowParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the workflow parameter to set.", + "title": "Name", + "type": "string" + }, + "Value": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the value for the named workflow parameter.", + "title": "Value", + "type": "array" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::ImageRecipe": { "additionalProperties": false, "properties": { "Condition": { @@ -134418,70 +142756,75 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomDocumentEnrichmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration", - "markdownDescription": "Configuration information for altering document metadata and content during the document ingestion process.", - "title": "CustomDocumentEnrichmentConfiguration" + "AdditionalInstanceConfiguration": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration", + "markdownDescription": "Before you create a new AMI, Image Builder launches temporary Amazon EC2 instances to build and test your image configuration. Instance configuration adds a layer of control over those instances. You can define settings and add scripts to run when an instance is launched from your AMI.", + "title": "AdditionalInstanceConfiguration" }, - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceConfiguration", - "markdownDescription": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources.", - "title": "DataSourceConfiguration" + "BlockDeviceMappings": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping" + }, + "markdownDescription": "The block device mappings to apply when creating images from this recipe.", + "title": "BlockDeviceMappings", + "type": "array" + }, + "Components": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentConfiguration" + }, + "markdownDescription": "The components that are included in the image recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", + "title": "Components", + "type": "array" }, "Description": { - "markdownDescription": "A description for the data source connector.", + "markdownDescription": "The description of the image recipe.", "title": "Description", "type": "string" }, - "IndexId": { - "markdownDescription": "The identifier of the index you want to use with the data source connector.", - "title": "IndexId", - "type": "string" - }, - "LanguageCode": { - "markdownDescription": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", - "title": "LanguageCode", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the data source.", + "markdownDescription": "The name of the image recipe.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources.", - "title": "RoleArn", - "type": "string" - }, - "Schedule": { - "markdownDescription": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index.", - "title": "Schedule", + "ParentImage": { + "markdownDescription": "The base image for customizations specified in the image recipe. You can specify the parent image using one of the following options:\n\n- AMI ID\n- Image Builder image Amazon Resource Name (ARN)\n- AWS Systems Manager (SSM) Parameter Store Parameter, prefixed by `ssm:` , followed by the parameter name or ARN.\n- AWS Marketplace product ID", + "title": "ParentImage", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The tags of the image recipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" }, - "Type": { - "markdownDescription": "The type of the data source.", - "title": "Type", + "Version": { + "markdownDescription": "The version of the image recipe.", + "title": "Version", + "type": "string" + }, + "WorkingDirectory": { + "markdownDescription": "The working directory to be used during build and test workflows.", + "title": "WorkingDirectory", "type": "string" } }, "required": [ - "IndexId", + "Components", "Name", - "Type" + "ParentImage", + "Version" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::DataSource" + "AWS::ImageBuilder::ImageRecipe" ], "type": "string" }, @@ -134500,1587 +142843,1853 @@ ], "type": "object" }, - "AWS::Kendra::DataSource.AccessControlListConfiguration": { + "AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration": { "additionalProperties": false, "properties": { - "KeyPath": { - "markdownDescription": "Path to the AWS S3 bucket that contains the access control list files.", - "title": "KeyPath", + "SystemsManagerAgent": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent", + "markdownDescription": "Contains settings for the Systems Manager agent on your build instance.", + "title": "SystemsManagerAgent" + }, + "UserDataOverride": { + "markdownDescription": "Use this property to provide commands or a command script to run when you launch your build instance.\n\nThe userDataOverride property replaces any commands that Image Builder might have added to ensure that Systems Manager is installed on your Linux build instance. If you override the user data, make sure that you add commands to install Systems Manager, if it is not pre-installed on your base image.\n\n> The user data is always base 64 encoded. For example, the following commands are encoded as `IyEvYmluL2Jhc2gKbWtkaXIgLXAgL3Zhci9iYi8KdG91Y2ggL3Zhci$` :\n> \n> *#!/bin/bash*\n> \n> mkdir -p /var/bb/\n> \n> touch /var", + "title": "UserDataOverride", "type": "string" } }, "type": "object" }, - "AWS::Kendra::DataSource.AclConfiguration": { + "AWS::ImageBuilder::ImageRecipe.ComponentConfiguration": { "additionalProperties": false, "properties": { - "AllowedGroupsColumnName": { - "markdownDescription": "A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation.", - "title": "AllowedGroupsColumnName", + "ComponentArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the component.", + "title": "ComponentArn", "type": "string" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentParameter" + }, + "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", + "title": "Parameters", + "type": "array" } }, - "required": [ - "AllowedGroupsColumnName" - ], "type": "object" }, - "AWS::Kendra::DataSource.ColumnConfiguration": { + "AWS::ImageBuilder::ImageRecipe.ComponentParameter": { "additionalProperties": false, "properties": { - "ChangeDetectingColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "One to five columns that indicate when a document in the database has changed.", - "title": "ChangeDetectingColumns", - "type": "array" - }, - "DocumentDataColumnName": { - "markdownDescription": "The column that contains the contents of the document.", - "title": "DocumentDataColumnName", - "type": "string" - }, - "DocumentIdColumnName": { - "markdownDescription": "The column that provides the document's identifier.", - "title": "DocumentIdColumnName", - "type": "string" - }, - "DocumentTitleColumnName": { - "markdownDescription": "The column that contains the title of the document.", - "title": "DocumentTitleColumnName", + "Name": { + "markdownDescription": "The name of the component parameter to set.", + "title": "Name", "type": "string" }, - "FieldMappings": { + "Value": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "type": "string" }, - "markdownDescription": "An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation.", - "title": "FieldMappings", + "markdownDescription": "Sets the value for the named component parameter.", + "title": "Value", "type": "array" } }, "required": [ - "ChangeDetectingColumns", - "DocumentDataColumnName", - "DocumentIdColumnName" + "Name", + "Value" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration": { + "AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification": { "additionalProperties": false, "properties": { - "AttachmentFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping.", - "title": "AttachmentFieldMappings", - "type": "array" + "DeleteOnTermination": { + "markdownDescription": "Configures delete on termination of the associated device.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments of pages and blogs in Confluence.", - "title": "CrawlAttachments", + "Encrypted": { + "markdownDescription": "Use to configure device encryption.", + "title": "Encrypted", "type": "boolean" + }, + "Iops": { + "markdownDescription": "Use to configure device IOPS.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", + "title": "KmsKeyId", + "type": "string" + }, + "SnapshotId": { + "markdownDescription": "The snapshot that defines the device contents.", + "title": "SnapshotId", + "type": "string" + }, + "Throughput": { + "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", + "title": "Throughput", + "type": "number" + }, + "VolumeSize": { + "markdownDescription": "Overrides the volume size of the device.", + "title": "VolumeSize", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "Overrides the volume type of the device.", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping": { + "AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.\n\nYou must first create the index field using the `UpdateIndex` API.", - "title": "DataSourceFieldName", + "DeviceName": { + "markdownDescription": "The device to which these mappings apply.", + "title": "DeviceName", "type": "string" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "Ebs": { + "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification", + "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", + "title": "Ebs" + }, + "NoDevice": { + "markdownDescription": "Enter an empty string to remove a mapping from the parent image.\n\nThe following is an example of an empty string value in the `NoDevice` field.\n\n`NoDevice:\"\"`", + "title": "NoDevice", "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "VirtualName": { + "markdownDescription": "Manages the instance ephemeral devices.", + "title": "VirtualName", "type": "string" } }, - "required": [ - "DataSourceFieldName", - "IndexFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceBlogConfiguration": { + "AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent": { "additionalProperties": false, "properties": { - "BlogFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping.", - "title": "BlogFieldMappings", - "type": "array" + "UninstallAfterBuild": { + "markdownDescription": "Controls whether the Systems Manager agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false.", + "title": "UninstallAfterBuild", + "type": "boolean" } }, "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping": { + "AWS::ImageBuilder::InfrastructureConfiguration": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", - "type": "string" - }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "Condition": { "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "DataSourceFieldName", - "IndexFieldName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.ConfluenceConfiguration": { - "additionalProperties": false, - "properties": { - "AttachmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration", - "markdownDescription": "Configuration information for indexing attachments to Confluence blogs and pages.", - "title": "AttachmentConfiguration" }, - "BlogConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogConfiguration", - "markdownDescription": "Configuration information for indexing Confluence blogs.", - "title": "BlogConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" + "Metadata": { + "type": "object" }, - "InclusionPatterns": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the infrastructure configuration.", + "title": "Description", + "type": "string" + }, + "InstanceMetadataOptions": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions", + "markdownDescription": "The instance metadata options that you can set for the HTTP requests that pipeline builds use to launch EC2 build and test instances.", + "title": "InstanceMetadataOptions" + }, + "InstanceProfileName": { + "markdownDescription": "The instance profile to associate with the instance used to customize your Amazon EC2 AMI.", + "title": "InstanceProfileName", + "type": "string" + }, + "InstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types of the infrastructure configuration. You can specify one or more instance types to use for this build. The service will pick one of these instance types based on availability.", + "title": "InstanceTypes", + "type": "array" + }, + "KeyPair": { + "markdownDescription": "The key pair of the infrastructure configuration. You can use this to log on to and debug the instance used to create your image.", + "title": "KeyPair", + "type": "string" + }, + "Logging": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Logging", + "markdownDescription": "The logging configuration of the infrastructure configuration.", + "title": "Logging" + }, + "Name": { + "markdownDescription": "The name of the infrastructure configuration.", + "title": "Name", + "type": "string" + }, + "Placement": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Placement", + "markdownDescription": "The instance placement settings that define where the instances that are launched from your image will run.", + "title": "Placement" + }, + "ResourceTags": { + "additionalProperties": true, + "markdownDescription": "The metadata tags to assign to the Amazon EC2 instance that Image Builder launches during the build process. Tags are formatted as key value pairs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ResourceTags", + "type": "object" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group IDs to associate with the instance used to customize your Amazon EC2 AMI.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.\n\n> EC2 Image Builder is unable to send notifications to SNS topics that are encrypted using keys from other accounts. The key that is used to encrypt the SNS topic must reside in the account that the Image Builder service runs under.", + "title": "SnsTopicArn", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The subnet ID in which to place the instance used to customize your Amazon EC2 AMI.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The metadata tags to assign to the infrastructure configuration resource that Image Builder creates as output. Tags are formatted as key value pairs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TerminateInstanceOnFailure": { + "markdownDescription": "The terminate instance on failure setting of the infrastructure configuration. Set to false if you want Image Builder to retain the instance used to configure your AMI if the build or test phase of your workflow fails.", + "title": "TerminateInstanceOnFailure", + "type": "boolean" + } }, - "markdownDescription": "A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", - "title": "InclusionPatterns", - "type": "array" - }, - "PageConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageConfiguration", - "markdownDescription": "Configuration information for indexing Confluence pages.", - "title": "PageConfiguration" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password.\n\nYou can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) .", - "title": "SecretArn", - "type": "string" + "required": [ + "InstanceProfileName", + "Name" + ], + "type": "object" }, - "ServerUrl": { - "markdownDescription": "The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* .", - "title": "ServerUrl", + "Type": { + "enum": [ + "AWS::ImageBuilder::InfrastructureConfiguration" + ], "type": "string" }, - "SpaceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceConfiguration", - "markdownDescription": "Configuration information for indexing Confluence spaces.", - "title": "SpaceConfiguration" - }, - "Version": { - "markdownDescription": "The version or the type of Confluence installation to connect to.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) .", - "title": "VpcConfiguration" } }, "required": [ - "SecretArn", - "ServerUrl", - "Version" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluencePageConfiguration": { + "AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions": { "additionalProperties": false, "properties": { - "PageFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `PageFieldMappings` parameter, you must specify at least one field mapping.", - "title": "PageFieldMappings", - "type": "array" + "HttpPutResponseHopLimit": { + "markdownDescription": "Limit the number of hops that an instance metadata request can traverse to reach its destination. The default is one hop. However, if HTTP tokens are required, container image builds need a minimum of two hops.", + "title": "HttpPutResponseHopLimit", + "type": "number" + }, + "HttpTokens": { + "markdownDescription": "Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows:\n\n- *required* \u2013 When you retrieve the IAM role credentials, version 2.0 credentials are returned in all cases.\n- *optional* \u2013 You can include a signed token header in your request to retrieve instance metadata, or you can leave it out. If you include it, version 2.0 credentials are returned for the IAM role. Otherwise, version 1.0 credentials are returned.\n\nThe default setting is *optional* .", + "title": "HttpTokens", + "type": "string" } }, "type": "object" }, - "AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping": { + "AWS::ImageBuilder::InfrastructureConfiguration.Logging": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", - "type": "string" - }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", - "type": "string" - }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", - "type": "string" + "S3Logs": { + "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.S3Logs", + "markdownDescription": "The Amazon S3 logging configuration.", + "title": "S3Logs" } }, - "required": [ - "DataSourceFieldName", - "IndexFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceSpaceConfiguration": { + "AWS::ImageBuilder::InfrastructureConfiguration.Placement": { "additionalProperties": false, "properties": { - "CrawlArchivedSpaces": { - "markdownDescription": "`TRUE` to index archived spaces.", - "title": "CrawlArchivedSpaces", - "type": "boolean" - }, - "CrawlPersonalSpaces": { - "markdownDescription": "`TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) .", - "title": "CrawlPersonalSpaces", - "type": "boolean" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where your build and test instances will launch.", + "title": "AvailabilityZone", + "type": "string" }, - "ExcludeSpaces": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded.", - "title": "ExcludeSpaces", - "type": "array" + "HostId": { + "markdownDescription": "The ID of the Dedicated Host on which build and test instances run. This only applies if `tenancy` is `host` . If you specify the host ID, you must not specify the resource group ARN. If you specify both, Image Builder returns an error.", + "title": "HostId", + "type": "string" }, - "IncludeSpaces": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded.", - "title": "IncludeSpaces", - "type": "array" + "HostResourceGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the host resource group in which to launch build and test instances. This only applies if `tenancy` is `host` . If you specify the resource group ARN, you must not specify the host ID. If you specify both, Image Builder returns an error.", + "title": "HostResourceGroupArn", + "type": "string" }, - "SpaceFieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping.", - "title": "SpaceFieldMappings", - "type": "array" + "Tenancy": { + "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware. An instance with a tenancy of `host` runs on a Dedicated Host.\n\nIf tenancy is set to `host` , then you can optionally specify one target for placement \u2013 either host ID or host resource group ARN. If automatic placement is enabled for your host, and you don't specify any placement target, Amazon EC2 will try to find an available host for your build and test instances.", + "title": "Tenancy", + "type": "string" } }, "type": "object" }, - "AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping": { + "AWS::ImageBuilder::InfrastructureConfiguration.S3Logs": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source.", - "title": "DataSourceFieldName", - "type": "string" - }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "S3BucketName": { + "markdownDescription": "The S3 bucket in which to store the logs.", + "title": "S3BucketName", "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", - "title": "IndexFieldName", + "S3KeyPrefix": { + "markdownDescription": "The Amazon S3 path to the bucket where the logs are stored.", + "title": "S3KeyPrefix", "type": "string" } }, - "required": [ - "DataSourceFieldName", - "IndexFieldName" - ], "type": "object" }, - "AWS::Kendra::DataSource.ConnectionConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy": { "additionalProperties": false, "properties": { - "DatabaseHost": { - "markdownDescription": "The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address.", - "title": "DatabaseHost", + "Condition": { "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database containing the document data.", - "title": "DatabaseName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DatabasePort": { - "markdownDescription": "The port that the database uses for connections.", - "title": "DatabasePort", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide.", - "title": "SecretArn", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Optional description for the lifecycle policy.", + "title": "Description", + "type": "string" + }, + "ExecutionRole": { + "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to run lifecycle actions.", + "title": "ExecutionRole", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the lifecycle policy to create.", + "title": "Name", + "type": "string" + }, + "PolicyDetails": { + "items": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.PolicyDetail" + }, + "markdownDescription": "Configuration details for the lifecycle policy rules.", + "title": "PolicyDetails", + "type": "array" + }, + "ResourceSelection": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ResourceSelection", + "markdownDescription": "Selection criteria for the resources that the lifecycle policy applies to.", + "title": "ResourceSelection" + }, + "ResourceType": { + "markdownDescription": "The type of Image Builder resource that the lifecycle policy applies to.", + "title": "ResourceType", + "type": "string" + }, + "Status": { + "markdownDescription": "Indicates whether the lifecycle policy resource is enabled.", + "title": "Status", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags to apply to the lifecycle policy resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ExecutionRole", + "Name", + "PolicyDetails", + "ResourceSelection", + "ResourceType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ImageBuilder::LifecyclePolicy" + ], "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table that contains the document data.", - "title": "TableName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "SecretArn", - "TableName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy.Action": { "additionalProperties": false, "properties": { - "InlineConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration" - }, - "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra.", - "title": "InlineConfigurations", - "type": "array" - }, - "PostExtractionHookConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", - "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", - "title": "PostExtractionHookConfiguration" - }, - "PreExtractionHookConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", - "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", - "title": "PreExtractionHookConfiguration" + "IncludeResources": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.IncludeResources", + "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", + "title": "IncludeResources" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", - "title": "RoleArn", + "Type": { + "markdownDescription": "Specifies the lifecycle action to take.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Kendra::DataSource.DataSourceConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules": { "additionalProperties": false, "properties": { - "ConfluenceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceConfiguration", - "markdownDescription": "Provides the configuration information to connect to Confluence as your data source.", - "title": "ConfluenceConfiguration" - }, - "DatabaseConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DatabaseConfiguration", - "markdownDescription": "Provides the configuration information to connect to a database as your data source.", - "title": "DatabaseConfiguration" - }, - "GoogleDriveConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.GoogleDriveConfiguration", - "markdownDescription": "Provides the configuration information to connect to Google Drive as your data source.", - "title": "GoogleDriveConfiguration" - }, - "OneDriveConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveConfiguration", - "markdownDescription": "Provides the configuration information to connect to Microsoft OneDrive as your data source.", - "title": "OneDriveConfiguration" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3DataSourceConfiguration", - "markdownDescription": "Provides the configuration information to connect to an Amazon S3 bucket as your data source.\n\n> Amazon Kendra now supports an upgraded Amazon S3 connector.\n> \n> You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.\n> \n> Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.\n> \n> We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024.", - "title": "S3Configuration" + "IsPublic": { + "markdownDescription": "Configures whether public AMIs are excluded from the lifecycle action.", + "title": "IsPublic", + "type": "boolean" }, - "SalesforceConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceConfiguration", - "markdownDescription": "Provides the configuration information to connect to Salesforce as your data source.", - "title": "SalesforceConfiguration" + "LastLaunched": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.LastLaunched", + "markdownDescription": "Specifies configuration details for Image Builder to exclude the most recent resources from lifecycle actions.", + "title": "LastLaunched" }, - "ServiceNowConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowConfiguration", - "markdownDescription": "Provides the configuration information to connect to ServiceNow as your data source.", - "title": "ServiceNowConfiguration" + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "Configures AWS Region s that are excluded from the lifecycle action.", + "title": "Regions", + "type": "array" }, - "SharePointConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SharePointConfiguration", - "markdownDescription": "Provides the configuration information to connect to Microsoft SharePoint as your data source.", - "title": "SharePointConfiguration" + "SharedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies AWS account s whose resources are excluded from the lifecycle action.", + "title": "SharedAccounts", + "type": "array" }, - "WebCrawlerConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerConfiguration", - "markdownDescription": "Provides the configuration information required for Amazon Kendra Web Crawler.", - "title": "WebCrawlerConfiguration" + "TagMap": { + "additionalProperties": true, + "markdownDescription": "Lists tags that should be excluded from lifecycle actions for the AMIs that have them.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ImageBuilder::LifecyclePolicy.ExclusionRules": { + "additionalProperties": false, + "properties": { + "Amis": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules", + "markdownDescription": "Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action.", + "title": "Amis" }, - "WorkDocsConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WorkDocsConfiguration", - "markdownDescription": "Provides the configuration information to connect to Amazon WorkDocs as your data source.", - "title": "WorkDocsConfiguration" + "TagMap": { + "additionalProperties": true, + "markdownDescription": "Contains a list of tags that Image Builder uses to skip lifecycle actions for Image Builder image resources that have them.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" } }, "type": "object" }, - "AWS::Kendra::DataSource.DataSourceToIndexFieldMapping": { + "AWS::ImageBuilder::LifecyclePolicy.Filter": { "additionalProperties": false, "properties": { - "DataSourceFieldName": { - "markdownDescription": "The name of the field in the data source. You must first create the index field using the `UpdateIndex` API.", - "title": "DataSourceFieldName", - "type": "string" + "RetainAtLeast": { + "markdownDescription": "For age-based filters, this is the number of resources to keep on hand after the lifecycle `DELETE` action is applied. Impacted resources are only deleted if you have more than this number of resources. If you have fewer resources than this number, the impacted resource is not deleted.", + "title": "RetainAtLeast", + "type": "number" }, - "DateFieldFormat": { - "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field, you must specify the date format. If the field is not a date field, an exception is thrown.", - "title": "DateFieldFormat", + "Type": { + "markdownDescription": "Filter resources based on either `age` or `count` .", + "title": "Type", "type": "string" }, - "IndexFieldName": { - "markdownDescription": "The name of the index field to map to the data source field. The index field type must match the data source field type.", - "title": "IndexFieldName", + "Unit": { + "markdownDescription": "Defines the unit of time that the lifecycle policy uses to determine impacted resources. This is required for age-based rules.", + "title": "Unit", "type": "string" + }, + "Value": { + "markdownDescription": "The number of units for the time period or for the count. For example, a value of `6` might refer to six months or six AMIs.\n\n> For count-based filters, this value represents the minimum number of resources to keep on hand. If you have fewer resources than this number, the resource is excluded from lifecycle actions.", + "title": "Value", + "type": "number" } }, "required": [ - "DataSourceFieldName", - "IndexFieldName" + "Type", + "Value" ], "type": "object" }, - "AWS::Kendra::DataSource.DataSourceVpcConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy.IncludeResources": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source.", - "title": "SecurityGroupIds", - "type": "array" + "Amis": { + "markdownDescription": "Specifies whether the lifecycle action should apply to distributed AMIs.", + "title": "Amis", + "type": "boolean" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", - "title": "SubnetIds", - "type": "array" + "Containers": { + "markdownDescription": "Specifies whether the lifecycle action should apply to distributed containers.", + "title": "Containers", + "type": "boolean" + }, + "Snapshots": { + "markdownDescription": "Specifies whether the lifecycle action should apply to snapshots associated with distributed AMIs.", + "title": "Snapshots", + "type": "boolean" } }, - "required": [ - "SecurityGroupIds", - "SubnetIds" - ], "type": "object" }, - "AWS::Kendra::DataSource.DatabaseConfiguration": { + "AWS::ImageBuilder::LifecyclePolicy.LastLaunched": { "additionalProperties": false, "properties": { - "AclConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.AclConfiguration", - "markdownDescription": "Information about the database column that provides information for user context filtering.", - "title": "AclConfiguration" - }, - "ColumnConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ColumnConfiguration", - "markdownDescription": "Information about where the index should get the document information from the database.", - "title": "ColumnConfiguration" - }, - "ConnectionConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ConnectionConfiguration", - "markdownDescription": "Configuration information that's required to connect to a database.", - "title": "ConnectionConfiguration" - }, - "DatabaseEngineType": { - "markdownDescription": "The type of database engine that runs the database.", - "title": "DatabaseEngineType", + "Unit": { + "markdownDescription": "Defines the unit of time that the lifecycle policy uses to calculate elapsed time since the last instance launched from the AMI. For example: days, weeks, months, or years.", + "title": "Unit", "type": "string" }, - "SqlConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SqlConfiguration", - "markdownDescription": "Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source.", - "title": "SqlConfiguration" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Provides information for connecting to an Amazon VPC.", - "title": "VpcConfiguration" + "Value": { + "markdownDescription": "The integer number of units for the time period. For example `6` (months).", + "title": "Value", + "type": "number" } }, "required": [ - "ColumnConfiguration", - "ConnectionConfiguration", - "DatabaseEngineType" + "Unit", + "Value" ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeCondition": { + "AWS::ImageBuilder::LifecyclePolicy.PolicyDetail": { "additionalProperties": false, "properties": { - "ConditionDocumentAttributeKey": { - "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Kendra currently does not support `_document_body` as an attribute key used for the condition.", - "title": "ConditionDocumentAttributeKey", - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Action", + "markdownDescription": "Configuration details for the policy action.", + "title": "Action" }, - "ConditionOnValue": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", - "markdownDescription": "The value used by the operator.\n\nFor example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value.", - "title": "ConditionOnValue" + "ExclusionRules": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ExclusionRules", + "markdownDescription": "Additional rules to specify resources that should be exempt from policy actions.", + "title": "ExclusionRules" }, - "Operator": { - "markdownDescription": "The condition operator.\n\nFor example, you can use 'Contains' to partially match a string.", - "title": "Operator", - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Filter", + "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", + "title": "Filter" } }, "required": [ - "ConditionDocumentAttributeKey", - "Operator" + "Action", + "Filter" ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeTarget": { + "AWS::ImageBuilder::LifecyclePolicy.RecipeSelection": { "additionalProperties": false, "properties": { - "TargetDocumentAttributeKey": { - "markdownDescription": "The identifier of the target document attribute or metadata field.\n\nFor example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", - "title": "TargetDocumentAttributeKey", + "Name": { + "markdownDescription": "The name of an Image Builder recipe that the lifecycle policy uses for resource selection.", + "title": "Name", "type": "string" }, - "TargetDocumentAttributeValue": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", - "markdownDescription": "The target value you want to create for the target attribute.\n\nFor example, 'Finance' could be the target value for the target attribute key 'Department'.", - "title": "TargetDocumentAttributeValue" - }, - "TargetDocumentAttributeValueDeletion": { - "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` . To create a target value ( `TargetDocumentAttributeValue` ), set this to `FALSE` .", - "title": "TargetDocumentAttributeValueDeletion", - "type": "boolean" + "SemanticVersion": { + "markdownDescription": "The version of the Image Builder recipe specified by the `name` field.", + "title": "SemanticVersion", + "type": "string" } }, "required": [ - "TargetDocumentAttributeKey" + "Name", + "SemanticVersion" ], "type": "object" }, - "AWS::Kendra::DataSource.DocumentAttributeValue": { + "AWS::ImageBuilder::LifecyclePolicy.ResourceSelection": { "additionalProperties": false, "properties": { - "DateValue": { - "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", - "title": "DateValue", - "type": "string" - }, - "LongValue": { - "markdownDescription": "A long integer value.", - "title": "LongValue", - "type": "number" - }, - "StringListValue": { + "Recipes": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.RecipeSelection" }, - "markdownDescription": "A list of strings. The default maximum length or number of strings is 10.", - "title": "StringListValue", + "markdownDescription": "A list of recipes that are used as selection criteria for the output images that the lifecycle policy applies to.", + "title": "Recipes", "type": "array" }, - "StringValue": { - "markdownDescription": "A string, such as \"department\".", - "title": "StringValue", - "type": "string" + "TagMap": { + "additionalProperties": true, + "markdownDescription": "A list of tags that are used as selection criteria for the Image Builder image resources that the lifecycle policy applies to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TagMap", + "type": "object" } }, "type": "object" }, - "AWS::Kendra::DataSource.DocumentsMetadataConfiguration": { + "AWS::ImageBuilder::Workflow": { "additionalProperties": false, "properties": { - "S3Prefix": { - "markdownDescription": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files.", - "title": "S3Prefix", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChangeDescription": { + "markdownDescription": "Describes what change has been made in this version of the workflow, or what makes this version different from other versions of the workflow.", + "title": "ChangeDescription", + "type": "string" + }, + "Data": { + "markdownDescription": "Contains the UTF-8 encoded YAML document content for the workflow. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", + "title": "Data", + "type": "string" + }, + "Description": { + "markdownDescription": "Describes the workflow.", + "title": "Description", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key that is used to encrypt this workflow resource.", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the workflow to create.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags that apply to the workflow resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The phase in the image build process for which the workflow resource is responsible.", + "title": "Type", + "type": "string" + }, + "Uri": { + "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", + "title": "Uri", + "type": "string" + }, + "Version": { + "markdownDescription": "The semantic version of this workflow resource. The semantic version syntax adheres to the following rules.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Name", + "Type", + "Version" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ImageBuilder::Workflow" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Kendra::DataSource.GoogleDriveConfiguration": { + "AWS::Inspector::AssessmentTarget": { "additionalProperties": false, "properties": { - "ExcludeMimeTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded.\n\nFor a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", - "title": "ExcludeMimeTypes", - "type": "array" + "Condition": { + "type": "string" }, - "ExcludeSharedDrives": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded.", - "title": "ExcludeSharedDrives", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExcludeUserAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way.", - "title": "ExcludeUserAccounts", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" + "Metadata": { + "type": "object" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "Properties": { + "additionalProperties": false, + "properties": { + "AssessmentTargetName": { + "markdownDescription": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", + "title": "AssessmentTargetName", + "type": "string" + }, + "ResourceGroupArn": { + "markdownDescription": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target.", + "title": "ResourceGroupArn", + "type": "string" + } }, - "markdownDescription": "Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata.", - "title": "FieldMappings", - "type": "array" + "type": "object" }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "InclusionPatterns", - "type": "array" + "Type": { + "enum": [ + "AWS::Inspector::AssessmentTarget" + ], + "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", - "title": "SecretArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SecretArn" + "Type" ], "type": "object" }, - "AWS::Kendra::DataSource.HookConfiguration": { + "AWS::Inspector::AssessmentTemplate": { "additionalProperties": false, "properties": { - "InvocationCondition": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", - "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time.", - "title": "InvocationCondition" + "Condition": { + "type": "string" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", - "title": "LambdaArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "S3Bucket": { - "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) .", - "title": "S3Bucket", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssessmentTargetArn": { + "markdownDescription": "The ARN of the assessment target to be included in the assessment template.", + "title": "AssessmentTargetArn", + "type": "string" + }, + "AssessmentTemplateName": { + "markdownDescription": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.", + "title": "AssessmentTemplateName", + "type": "string" + }, + "DurationInSeconds": { + "markdownDescription": "The duration of the assessment run in seconds.", + "title": "DurationInSeconds", + "type": "number" + }, + "RulesPackageArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the rules packages that you want to use in the assessment template.", + "title": "RulesPackageArns", + "type": "array" + }, + "UserAttributesForFindings": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.", + "title": "UserAttributesForFindings", + "type": "array" + } + }, + "required": [ + "AssessmentTargetArn", + "DurationInSeconds", + "RulesPackageArns" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Inspector::AssessmentTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "LambdaArn", - "S3Bucket" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration": { + "AWS::Inspector::ResourceGroup": { "additionalProperties": false, "properties": { "Condition": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", - "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Kendra.", - "title": "Condition" + "type": "string" }, - "DocumentContentDeletion": { - "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", - "title": "DocumentContentDeletion", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Target": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeTarget", - "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Kendra. You can also include a value.", - "title": "Target" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceGroupTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "ResourceGroupTags", + "type": "array" + } + }, + "required": [ + "ResourceGroupTags" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Inspector::ResourceGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Kendra::DataSource.OneDriveConfiguration": { + "AWS::InspectorV2::CisScanConfiguration": { "additionalProperties": false, "properties": { - "DisableLocalGroups": { - "markdownDescription": "`TRUE` to disable local groups information.", - "title": "DisableLocalGroups", - "type": "boolean" + "Condition": { + "type": "string" }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", - "title": "ExclusionPatterns", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata.", - "title": "FieldMappings", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", - "title": "InclusionPatterns", - "type": "array" + "Metadata": { + "type": "object" }, - "OneDriveUsers": { - "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveUsers", - "markdownDescription": "A list of user accounts whose documents should be indexed.", - "title": "OneDriveUsers" + "Properties": { + "additionalProperties": false, + "properties": { + "ScanName": { + "markdownDescription": "The name of the CIS scan configuration.", + "title": "ScanName", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Schedule", + "markdownDescription": "The CIS scan configuration's schedule.", + "title": "Schedule" + }, + "SecurityLevel": { + "markdownDescription": "The CIS scan configuration's CIS Benchmark level.", + "title": "SecurityLevel", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The CIS scan configuration's tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Targets": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.CisTargets", + "markdownDescription": "The CIS scan configuration's targets.", + "title": "Targets" + } + }, + "required": [ + "ScanName", + "Schedule", + "SecurityLevel", + "Targets" + ], + "type": "object" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application.", - "title": "SecretArn", + "Type": { + "enum": [ + "AWS::InspectorV2::CisScanConfiguration" + ], "type": "string" }, - "TenantDomain": { - "markdownDescription": "The Azure Active Directory domain of the organization.", - "title": "TenantDomain", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "OneDriveUsers", - "SecretArn", - "TenantDomain" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.OneDriveUsers": { + "AWS::InspectorV2::CisScanConfiguration.CisTargets": { "additionalProperties": false, "properties": { - "OneDriveUserList": { + "AccountIds": { "items": { "type": "string" }, - "markdownDescription": "A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users.", - "title": "OneDriveUserList", + "markdownDescription": "The CIS target account ids.", + "title": "AccountIds", "type": "array" }, - "OneDriveUserS3Path": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", - "markdownDescription": "The S3 bucket location of a file containing a list of users whose documents should be indexed.", - "title": "OneDriveUserS3Path" + "TargetResourceTags": { + "markdownDescription": "The CIS target resource tags.", + "title": "TargetResourceTags", + "type": "object" } }, + "required": [ + "AccountIds", + "TargetResourceTags" + ], "type": "object" }, - "AWS::Kendra::DataSource.ProxyConfiguration": { + "AWS::InspectorV2::CisScanConfiguration.DailySchedule": { "additionalProperties": false, "properties": { - "Credentials": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nThe credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials.", - "title": "Credentials", - "type": "string" - }, - "Host": { - "markdownDescription": "The name of the website host you want to connect to via a web proxy server.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", - "title": "Host", - "type": "string" - }, - "Port": { - "markdownDescription": "The port number of the website host you want to connect to via a web proxy server.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", - "title": "Port", - "type": "number" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The schedule start time.", + "title": "StartTime" } }, "required": [ - "Host", - "Port" + "StartTime" ], "type": "object" }, - "AWS::Kendra::DataSource.S3DataSourceConfiguration": { + "AWS::InspectorV2::CisScanConfiguration.MonthlySchedule": { "additionalProperties": false, "properties": { - "AccessControlListConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.AccessControlListConfiguration", - "markdownDescription": "Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) .", - "title": "AccessControlListConfiguration" - }, - "BucketName": { - "markdownDescription": "The name of the bucket that contains the documents.", - "title": "BucketName", + "Day": { + "markdownDescription": "The monthly schedule's day.", + "title": "Day", "type": "string" }, - "DocumentsMetadataConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentsMetadataConfiguration", - "markdownDescription": "Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document.", - "title": "DocumentsMetadataConfiguration" + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The monthly schedule's start time.", + "title": "StartTime" + } + }, + "required": [ + "Day", + "StartTime" + ], + "type": "object" + }, + "AWS::InspectorV2::CisScanConfiguration.Schedule": { + "additionalProperties": false, + "properties": { + "Daily": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.DailySchedule", + "markdownDescription": "A daily schedule.", + "title": "Daily" }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", - "title": "ExclusionPatterns", - "type": "array" + "Monthly": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.MonthlySchedule", + "markdownDescription": "A monthly schedule.", + "title": "Monthly" }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", - "title": "InclusionPatterns", - "type": "array" + "OneTime": { + "markdownDescription": "A one time schedule.", + "title": "OneTime", + "type": "object" }, - "InclusionPrefixes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of S3 prefixes for the documents that should be included in the index.", - "title": "InclusionPrefixes", - "type": "array" + "Weekly": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.WeeklySchedule", + "markdownDescription": "A weekly schedule.", + "title": "Weekly" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::Kendra::DataSource.S3Path": { + "AWS::InspectorV2::CisScanConfiguration.Time": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that contains the file.", - "title": "Bucket", + "TimeOfDay": { + "markdownDescription": "The time of day in 24-hour format (00:00).", + "title": "TimeOfDay", "type": "string" }, - "Key": { - "markdownDescription": "The name of the file.", - "title": "Key", + "TimeZone": { + "markdownDescription": "The timezone.", + "title": "TimeZone", "type": "string" } }, "required": [ - "Bucket", - "Key" + "TimeOfDay", + "TimeZone" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration": { + "AWS::InspectorV2::CisScanConfiguration.WeeklySchedule": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps fields from a Salesforce chatter feed into Amazon Kendra index fields.", - "title": "FieldMappings", - "type": "array" - }, - "IncludeFilterTypes": { + "Days": { "items": { "type": "string" }, - "markdownDescription": "Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both.", - "title": "IncludeFilterTypes", + "markdownDescription": "The weekly schedule's days.", + "title": "Days", "type": "array" + }, + "StartTime": { + "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", + "markdownDescription": "The weekly schedule's start time.", + "title": "StartTime" } }, "required": [ - "DocumentDataFieldName" + "Days", + "StartTime" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceConfiguration": { + "AWS::InspectorV2::Filter": { "additionalProperties": false, "properties": { - "ChatterFeedConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration", - "markdownDescription": "Configuration information for Salesforce chatter feeds.", - "title": "ChatterFeedConfiguration" + "Condition": { + "type": "string" }, - "CrawlAttachments": { - "markdownDescription": "Indicates whether Amazon Kendra should index attachments to Salesforce objects.", - "title": "CrawlAttachments", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ExcludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", - "title": "ExcludeAttachmentFilePatterns", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IncludeAttachmentFilePatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", - "title": "IncludeAttachmentFilePatterns", - "type": "array" + "Metadata": { + "type": "object" }, - "KnowledgeArticleConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration", - "markdownDescription": "Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both.", - "title": "KnowledgeArticleConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the filter.", + "title": "Description", + "type": "string" + }, + "FilterAction": { + "markdownDescription": "The action that is to be applied to the findings that match the filter.", + "title": "FilterAction", + "type": "string" + }, + "FilterCriteria": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.FilterCriteria", + "markdownDescription": "Details on the filter criteria associated with this filter.", + "title": "FilterCriteria" + }, + "Name": { + "markdownDescription": "The name of the filter.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags attached to the filter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "FilterAction", + "FilterCriteria", + "Name" + ], + "type": "object" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys:\n\n- authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token.\n- consumerKey - The application public key generated when you created your Salesforce application.\n- consumerSecret - The application private key generated when you created your Salesforce application.\n- password - The password associated with the user logging in to the Salesforce instance.\n- securityToken - The token associated with the user logging in to the Salesforce instance.\n- username - The user name of the user logging in to the Salesforce instance.", - "title": "SecretArn", + "Type": { + "enum": [ + "AWS::InspectorV2::Filter" + ], "type": "string" }, - "ServerUrl": { - "markdownDescription": "The instance URL for the Salesforce site that you want to index.", - "title": "ServerUrl", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "StandardObjectAttachmentConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration", - "markdownDescription": "Configuration information for processing attachments to Salesforce standard objects.", - "title": "StandardObjectAttachmentConfiguration" - }, - "StandardObjectConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration" - }, - "markdownDescription": "Configuration of the Salesforce standard objects that Amazon Kendra indexes.", - "title": "StandardObjectConfigurations", - "type": "array" } }, "required": [ - "SecretArn", - "ServerUrl" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration": { + "AWS::InspectorV2::Filter.DateFilter": { "additionalProperties": false, "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field in the custom knowledge article that contains the document data to index.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field in the custom knowledge article that contains the document title.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "Maps attributes or field names of the custom knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", - "type": "array" + "EndInclusive": { + "markdownDescription": "A timestamp representing the end of the time period filtered on.", + "title": "EndInclusive", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the configuration.", - "title": "Name", - "type": "string" + "StartInclusive": { + "markdownDescription": "A timestamp representing the start of the time period filtered on.", + "title": "StartInclusive", + "type": "number" } }, - "required": [ - "DocumentDataFieldName", - "Name" - ], "type": "object" }, - "AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration": { + "AWS::InspectorV2::Filter.FilterCriteria": { "additionalProperties": false, "properties": { - "CustomKnowledgeArticleTypeConfigurations": { + "AwsAccountId": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "Configuration information for custom Salesforce knowledge articles.", - "title": "CustomKnowledgeArticleTypeConfigurations", + "markdownDescription": "Details of the AWS account IDs used to filter findings.", + "title": "AwsAccountId", "type": "array" }, - "IncludedStates": { + "CodeVulnerabilityDetectorName": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state.", - "title": "IncludedStates", + "markdownDescription": "", + "title": "CodeVulnerabilityDetectorName", "type": "array" }, - "StandardKnowledgeArticleTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration", - "markdownDescription": "Configuration information for standard Salesforce knowledge articles.", - "title": "StandardKnowledgeArticleTypeConfiguration" - } - }, - "required": [ - "IncludedStates" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration": { - "additionalProperties": false, - "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field that contains the document data to index.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field that contains the document title.", - "title": "DocumentTitleFieldName", - "type": "string" - }, - "FieldMappings": { + "CodeVulnerabilityDetectorTags": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", + "markdownDescription": "", + "title": "CodeVulnerabilityDetectorTags", "type": "array" - } - }, - "required": [ - "DocumentDataFieldName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration": { - "additionalProperties": false, - "properties": { - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field used for the document title.", - "title": "DocumentTitleFieldName", - "type": "string" }, - "FieldMappings": { + "CodeVulnerabilityFilePath": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "One or more objects that map fields in attachments to Amazon Kendra index fields.", - "title": "FieldMappings", + "markdownDescription": "", + "title": "CodeVulnerabilityFilePath", "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration": { - "additionalProperties": false, - "properties": { - "DocumentDataFieldName": { - "markdownDescription": "The name of the field in the standard object table that contains the document contents.", - "title": "DocumentDataFieldName", - "type": "string" - }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the field in the standard object table that contains the document title.", - "title": "DocumentTitleFieldName", - "type": "string" }, - "FieldMappings": { + "ComponentId": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "Maps attributes or field names of the standard object to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", - "title": "FieldMappings", + "markdownDescription": "Details of the component IDs used to filter findings.", + "title": "ComponentId", "type": "array" }, - "Name": { - "markdownDescription": "The name of the standard object.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "DocumentDataFieldName", - "Name" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.ServiceNowConfiguration": { - "additionalProperties": false, - "properties": { - "AuthenticationType": { - "markdownDescription": "The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password.\n\nWhen you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", - "title": "AuthenticationType", - "type": "string" - }, - "HostUrl": { - "markdownDescription": "The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.*", - "title": "HostUrl", - "type": "string" + "ComponentType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the component types used to filter findings.", + "title": "ComponentType", + "type": "array" }, - "KnowledgeArticleConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration", - "markdownDescription": "Configuration information for crawling knowledge articles in the ServiceNow site.", - "title": "KnowledgeArticleConfiguration" + "Ec2InstanceImageId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance image IDs used to filter findings.", + "title": "Ec2InstanceImageId", + "type": "array" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", - "title": "SecretArn", - "type": "string" + "Ec2InstanceSubnetId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance subnet IDs used to filter findings.", + "title": "Ec2InstanceSubnetId", + "type": "array" }, - "ServiceCatalogConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration", - "markdownDescription": "Configuration information for crawling service catalogs in the ServiceNow site.", - "title": "ServiceCatalogConfiguration" + "Ec2InstanceVpcId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon EC2 instance VPC IDs used to filter findings.", + "title": "Ec2InstanceVpcId", + "type": "array" }, - "ServiceNowBuildVersion": { - "markdownDescription": "The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` .", - "title": "ServiceNowBuildVersion", - "type": "string" - } - }, - "required": [ - "HostUrl", - "SecretArn", - "ServiceNowBuildVersion" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration": { - "additionalProperties": false, - "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments to knowledge articles.", - "title": "CrawlAttachments", - "type": "boolean" + "EcrImageArchitecture": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon ECR image architecture types used to filter findings.", + "title": "EcrImageArchitecture", + "type": "array" }, - "DocumentDataFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", - "title": "DocumentDataFieldName", - "type": "string" + "EcrImageHash": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details of the Amazon ECR image hashes used to filter findings.", + "title": "EcrImageHash", + "type": "array" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", - "title": "DocumentTitleFieldName", - "type": "string" + "EcrImagePushedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the Amazon ECR image push date and time used to filter findings.", + "title": "EcrImagePushedAt", + "type": "array" }, - "ExcludeAttachmentFilePatterns": { + "EcrImageRegistry": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "ExcludeAttachmentFilePatterns", + "markdownDescription": "Details on the Amazon ECR registry used to filter findings.", + "title": "EcrImageRegistry", "type": "array" }, - "FieldMappings": { + "EcrImageRepositoryName": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", - "title": "FieldMappings", + "markdownDescription": "Details on the name of the Amazon ECR repository used to filter findings.", + "title": "EcrImageRepositoryName", "type": "array" }, - "FilterQuery": { - "markdownDescription": "A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private.\n\nThe query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) .", - "title": "FilterQuery", - "type": "string" + "EcrImageTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "The tags attached to the Amazon ECR container image.", + "title": "EcrImageTags", + "type": "array" }, - "IncludeAttachmentFilePatterns": { + "EpssScore": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" }, - "markdownDescription": "A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", - "title": "IncludeAttachmentFilePatterns", + "markdownDescription": "", + "title": "EpssScore", "type": "array" - } - }, - "required": [ - "DocumentDataFieldName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration": { - "additionalProperties": false, - "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index attachments to service catalog items.", - "title": "CrawlAttachments", - "type": "boolean" }, - "DocumentDataFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", - "title": "DocumentDataFieldName", - "type": "string" + "ExploitAvailable": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "ExploitAvailable", + "type": "array" }, - "DocumentTitleFieldName": { - "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", - "title": "DocumentTitleFieldName", - "type": "string" + "FindingArn": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding ARNs used to filter findings.", + "title": "FindingArn", + "type": "array" }, - "ExcludeAttachmentFilePatterns": { + "FindingStatus": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", - "title": "ExcludeAttachmentFilePatterns", + "markdownDescription": "Details on the finding status types used to filter findings.", + "title": "FindingStatus", "type": "array" }, - "FieldMappings": { + "FindingType": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", - "title": "FieldMappings", + "markdownDescription": "Details on the finding types used to filter findings.", + "title": "FindingType", "type": "array" }, - "IncludeAttachmentFilePatterns": { + "FirstObservedAt": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" }, - "markdownDescription": "A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", - "title": "IncludeAttachmentFilePatterns", + "markdownDescription": "Details on the date and time a finding was first seen used to filter findings.", + "title": "FirstObservedAt", "type": "array" - } - }, - "required": [ - "DocumentDataFieldName" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.SharePointConfiguration": { - "additionalProperties": false, - "properties": { - "CrawlAttachments": { - "markdownDescription": "`TRUE` to index document attachments.", - "title": "CrawlAttachments", - "type": "boolean" }, - "DisableLocalGroups": { - "markdownDescription": "`TRUE` to disable local groups information.", - "title": "DisableLocalGroups", - "type": "boolean" + "FixAvailable": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "FixAvailable", + "type": "array" }, - "DocumentTitleFieldName": { - "markdownDescription": "The Microsoft SharePoint attribute field that contains the title of the document.", - "title": "DocumentTitleFieldName", - "type": "string" + "InspectorScore": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" + }, + "markdownDescription": "The Amazon Inspector score to filter on.", + "title": "InspectorScore", + "type": "array" }, - "ExclusionPatterns": { + "LambdaFunctionExecutionRoleArn": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index.\n\nThe regex is applied to the display URL of the SharePoint document.", - "title": "ExclusionPatterns", + "markdownDescription": "", + "title": "LambdaFunctionExecutionRoleArn", "type": "array" }, - "FieldMappings": { + "LambdaFunctionLastModifiedAt": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) .", - "title": "FieldMappings", + "markdownDescription": "", + "title": "LambdaFunctionLastModifiedAt", "type": "array" }, - "InclusionPatterns": { + "LambdaFunctionLayers": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe regex applies to the display URL of the SharePoint document.", - "title": "InclusionPatterns", + "markdownDescription": "", + "title": "LambdaFunctionLayers", "type": "array" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) .", - "title": "SecretArn", - "type": "string" + "LambdaFunctionName": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionName", + "type": "array" }, - "SharePointVersion": { - "markdownDescription": "The version of Microsoft SharePoint that you use.", - "title": "SharePointVersion", - "type": "string" + "LambdaFunctionRuntime": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "", + "title": "LambdaFunctionRuntime", + "type": "array" }, - "SslCertificateS3Path": { - "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", - "markdownDescription": "Information required to find a specific file in an Amazon S3 bucket.", - "title": "SslCertificateS3Path" + "LastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the date and time a finding was last seen used to filter findings.", + "title": "LastObservedAt", + "type": "array" }, - "Urls": { + "NetworkProtocol": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "The Microsoft SharePoint site URLs for the documents you want to index.", - "title": "Urls", + "markdownDescription": "Details on network protocol used to filter findings.", + "title": "NetworkProtocol", "type": "array" }, - "UseChangeLog": { - "markdownDescription": "`TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint.", - "title": "UseChangeLog", - "type": "boolean" + "PortRange": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.PortRangeFilter" + }, + "markdownDescription": "Details on the port ranges used to filter findings.", + "title": "PortRange", + "type": "array" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", - "markdownDescription": "Provides information for connecting to an Amazon VPC.", - "title": "VpcConfiguration" - } - }, - "required": [ - "SecretArn", - "SharePointVersion", - "Urls" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.SqlConfiguration": { - "additionalProperties": false, - "properties": { - "QueryIdentifiersEnclosingOption": { - "markdownDescription": "Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (\") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` .\n\nBy default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes.\n\nPostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case.\n\nFor MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` .", - "title": "QueryIdentifiersEnclosingOption", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration": { - "additionalProperties": false, - "properties": { - "BasicAuthentication": { + "RelatedVulnerabilities": { "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerBasicAuthentication" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host.", - "title": "BasicAuthentication", + "markdownDescription": "Details on the related vulnerabilities used to filter findings.", + "title": "RelatedVulnerabilities", "type": "array" - } - }, - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerBasicAuthentication": { - "additionalProperties": false, - "properties": { - "Credentials": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nYou use a secret if basic authentication credentials are required to connect to a website. The secret stores your credentials of user name and password.", - "title": "Credentials", - "type": "string" }, - "Host": { - "markdownDescription": "The name of the website host you want to connect to using authentication credentials.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", - "title": "Host", - "type": "string" + "ResourceId": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the resource IDs used to filter findings.", + "title": "ResourceId", + "type": "array" }, - "Port": { - "markdownDescription": "The port number of the website host you want to connect to using authentication credentials.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", - "title": "Port", - "type": "number" - } - }, - "required": [ - "Credentials", - "Host", - "Port" - ], - "type": "object" - }, - "AWS::Kendra::DataSource.WebCrawlerConfiguration": { - "additionalProperties": false, - "properties": { - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration", - "markdownDescription": "Configuration information required to connect to websites using authentication.\n\nYou can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.", - "title": "AuthenticationConfiguration" + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.MapFilter" + }, + "markdownDescription": "Details on the resource tags used to filter findings.", + "title": "ResourceTags", + "type": "array" }, - "CrawlDepth": { - "markdownDescription": "The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2.", - "title": "CrawlDepth", - "type": "number" + "ResourceType": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the resource types used to filter findings.", + "title": "ResourceType", + "type": "array" }, - "MaxContentSizePerPageInMegaBytes": { - "markdownDescription": "The maximum size (in MB) of a web page or attachment to crawl.\n\nFiles larger than this size (in MB) are skipped/not crawled.\n\nThe default maximum size of a web page or attachment is set to 50 MB.", - "title": "MaxContentSizePerPageInMegaBytes", - "type": "number" + "Severity": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the severity used to filter findings.", + "title": "Severity", + "type": "array" }, - "MaxLinksPerPage": { - "markdownDescription": "The maximum number of URLs on a web page to include when crawling a website. This number is per web page.\n\nAs a website\u2019s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance.\n\nThe default maximum links per page is 100.", - "title": "MaxLinksPerPage", - "type": "number" + "Title": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the finding title used to filter findings.", + "title": "Title", + "type": "array" }, - "MaxUrlsPerMinuteCrawlRate": { - "markdownDescription": "The maximum number of URLs crawled per website host per minute.\n\nA minimum of one URL is required.\n\nThe default maximum number of URLs crawled per website host per minute is 300.", - "title": "MaxUrlsPerMinuteCrawlRate", - "type": "number" + "UpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" + }, + "markdownDescription": "Details on the date and time a finding was last updated at used to filter findings.", + "title": "UpdatedAt", + "type": "array" }, - "ProxyConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.ProxyConfiguration", - "markdownDescription": "Configuration information required to connect to your internal websites via a web proxy.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.\n\nWeb proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) .", - "title": "ProxyConfiguration" + "VendorSeverity": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" + }, + "markdownDescription": "Details on the vendor severity used to filter findings.", + "title": "VendorSeverity", + "type": "array" }, - "UrlExclusionPatterns": { + "VulnerabilityId": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", - "title": "UrlExclusionPatterns", + "markdownDescription": "Details on the vulnerability ID used to filter findings.", + "title": "VulnerabilityId", "type": "array" }, - "UrlInclusionPatterns": { + "VulnerabilitySource": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, - "markdownDescription": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", - "title": "UrlInclusionPatterns", + "markdownDescription": "Details on the vulnerability score to filter findings by.", + "title": "VulnerabilitySource", "type": "array" }, - "Urls": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerUrls", - "markdownDescription": "Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl.\n\nYou can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs.\n\nYou can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling.\n\n*When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.*", - "title": "Urls" + "VulnerablePackages": { + "items": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.PackageFilter" + }, + "markdownDescription": "Details on the vulnerable packages used to filter findings.", + "title": "VulnerablePackages", + "type": "array" } }, - "required": [ - "Urls" - ], "type": "object" }, - "AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration": { + "AWS::InspectorV2::Filter.MapFilter": { "additionalProperties": false, "properties": { - "SeedUrls": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of seed or starting point URLs of the websites you want to crawl.\n\nThe list can include a maximum of 100 seed URLs.", - "title": "SeedUrls", - "type": "array" + "Comparison": { + "markdownDescription": "The operator to use when comparing values in the filter.", + "title": "Comparison", + "type": "string" }, - "WebCrawlerMode": { - "markdownDescription": "You can choose one of the following modes:\n\n- `HOST_ONLY` \u2014crawl only the website host names. For example, if the seed URL is \"abc.example.com\", then only URLs with host name \"abc.example.com\" are crawled.\n- `SUBDOMAINS` \u2014crawl the website host names with subdomains. For example, if the seed URL is \"abc.example.com\", then \"a.abc.example.com\" and \"b.abc.example.com\" are also crawled.\n- `EVERYTHING` \u2014crawl the website host names with subdomains and other domains that the web pages link to.\n\nThe default mode is set to `HOST_ONLY` .", - "title": "WebCrawlerMode", + "Key": { + "markdownDescription": "The tag key used in the filter.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The tag value used in the filter.", + "title": "Value", "type": "string" } }, "required": [ - "SeedUrls" + "Comparison" ], "type": "object" }, - "AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration": { + "AWS::InspectorV2::Filter.NumberFilter": { "additionalProperties": false, "properties": { - "SiteMaps": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of sitemap URLs of the websites you want to crawl.\n\nThe list can include a maximum of three sitemap URLs.", - "title": "SiteMaps", - "type": "array" + "LowerInclusive": { + "markdownDescription": "The lowest number to be included in the filter.", + "title": "LowerInclusive", + "type": "number" + }, + "UpperInclusive": { + "markdownDescription": "The highest number to be included in the filter.", + "title": "UpperInclusive", + "type": "number" } }, - "required": [ - "SiteMaps" - ], "type": "object" }, - "AWS::Kendra::DataSource.WebCrawlerUrls": { + "AWS::InspectorV2::Filter.PackageFilter": { "additionalProperties": false, "properties": { - "SeedUrlConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration", - "markdownDescription": "Configuration of the seed or starting point URLs of the websites you want to crawl.\n\nYou can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to.\n\nYou can list up to 100 seed URLs.", - "title": "SeedUrlConfiguration" + "Architecture": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the package architecture type to filter on.", + "title": "Architecture" }, - "SiteMapsConfiguration": { - "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration", - "markdownDescription": "Configuration of the sitemap URLs of the websites you want to crawl.\n\nOnly URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs.", - "title": "SiteMapsConfiguration" + "Epoch": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter", + "markdownDescription": "An object that contains details on the package epoch to filter on.", + "title": "Epoch" + }, + "FilePath": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "", + "title": "FilePath" + }, + "Name": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the name of the package to filter on.", + "title": "Name" + }, + "Release": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the package release to filter on.", + "title": "Release" + }, + "SourceLambdaLayerArn": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "", + "title": "SourceLambdaLayerArn" + }, + "SourceLayerHash": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "An object that contains details on the source layer hash to filter on.", + "title": "SourceLayerHash" + }, + "Version": { + "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", + "markdownDescription": "The package version to filter on.", + "title": "Version" } }, "type": "object" }, - "AWS::Kendra::DataSource.WorkDocsConfiguration": { + "AWS::InspectorV2::Filter.PortRangeFilter": { "additionalProperties": false, "properties": { - "CrawlComments": { - "markdownDescription": "`TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on.\n\nThe default is set to `FALSE` .", - "title": "CrawlComments", - "type": "boolean" - }, - "ExclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to exclude certain files in your Amazon WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don\u2019t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", - "title": "ExclusionPatterns", - "type": "array" - }, - "FieldMappings": { - "items": { - "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" - }, - "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Amazon WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Amazon WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Amazon WorkDocs data source field names must exist in your Amazon WorkDocs custom metadata.", - "title": "FieldMappings", - "type": "array" - }, - "InclusionPatterns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of regular expression patterns to include certain files in your Amazon WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", - "title": "InclusionPatterns", - "type": "array" + "BeginInclusive": { + "markdownDescription": "The port number the port range begins at.", + "title": "BeginInclusive", + "type": "number" }, - "OrganizationId": { - "markdownDescription": "The identifier of the directory corresponding to your Amazon WorkDocs site repository.\n\nYou can find the organization ID in the [AWS Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your Amazon WorkDocs site directory has an ID, which is the organization ID. You can also set up a new Amazon WorkDocs directory in the AWS Directory Service console and enable a Amazon WorkDocs site for the directory in the Amazon WorkDocs console.", - "title": "OrganizationId", + "EndInclusive": { + "markdownDescription": "The port number the port range ends at.", + "title": "EndInclusive", + "type": "number" + } + }, + "type": "object" + }, + "AWS::InspectorV2::Filter.StringFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The operator to use when comparing values in the filter.", + "title": "Comparison", "type": "string" }, - "UseChangeLog": { - "markdownDescription": "`TRUE` to use the Amazon WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in Amazon WorkDocs.", - "title": "UseChangeLog", - "type": "boolean" + "Value": { + "markdownDescription": "The value to filter on.", + "title": "Value", + "type": "string" } }, "required": [ - "OrganizationId" + "Comparison", + "Value" ], "type": "object" }, - "AWS::Kendra::Faq": { + "AWS::InternetMonitor::Monitor": { "additionalProperties": false, "properties": { "Condition": { @@ -136115,61 +144724,87 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the FAQ.", - "title": "Description", - "type": "string" + "HealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.HealthEventsConfig", + "markdownDescription": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* .", + "title": "HealthEventsConfig" }, - "FileFormat": { - "markdownDescription": "The format of the input file. You can choose between a basic CSV format, a CSV format that includes customs attributes in a header, and a JSON format that includes custom attributes.\n\nThe format must match the format of the file stored in the S3 bucket identified in the S3Path parameter.\n\nValid values are:\n\n- `CSV`\n- `CSV_WITH_HEADER`\n- `JSON`", - "title": "FileFormat", - "type": "string" + "IncludeLinkedAccounts": { + "markdownDescription": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", + "title": "IncludeLinkedAccounts", + "type": "boolean" }, - "IndexId": { - "markdownDescription": "The identifier of the index that contains the FAQ.", - "title": "IndexId", - "type": "string" + "InternetMeasurementsLogDelivery": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery", + "markdownDescription": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs).", + "title": "InternetMeasurementsLogDelivery" }, - "LanguageCode": { - "markdownDescription": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", - "title": "LanguageCode", + "LinkedAccountId": { + "markdownDescription": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", + "title": "LinkedAccountId", "type": "string" }, - "Name": { - "markdownDescription": "The name that you assigned the FAQ when you created or updated the FAQ.", - "title": "Name", - "type": "string" + "MaxCityNetworksToMonitor": { + "markdownDescription": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* .", + "title": "MaxCityNetworksToMonitor", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQ.", - "title": "RoleArn", + "MonitorName": { + "markdownDescription": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", + "title": "MonitorName", "type": "string" }, - "S3Path": { - "$ref": "#/definitions/AWS::Kendra::Faq.S3Path", - "markdownDescription": "The Amazon Simple Storage Service (Amazon S3) location of the FAQ input data.", - "title": "S3Path" + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n> Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty.", + "title": "Resources", + "type": "array" + }, + "ResourcesToAdd": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", + "title": "ResourcesToAdd", + "type": "array" + }, + "ResourcesToRemove": { + "items": { + "type": "string" + }, + "markdownDescription": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", + "title": "ResourcesToRemove", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` .", + "title": "Status", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags for a monitor, listed as a set of *key:value* pairs.", "title": "Tags", "type": "array" + }, + "TrafficPercentageToMonitor": { + "markdownDescription": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor.", + "title": "TrafficPercentageToMonitor", + "type": "number" } }, "required": [ - "IndexId", - "Name", - "RoleArn", - "S3Path" + "MonitorName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::Faq" + "AWS::InternetMonitor::Monitor" ], "type": "string" }, @@ -136188,27 +144823,86 @@ ], "type": "object" }, - "AWS::Kendra::Faq.S3Path": { + "AWS::InternetMonitor::Monitor.HealthEventsConfig": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that contains the file.", - "title": "Bucket", + "AvailabilityLocalHealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", + "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue.", + "title": "AvailabilityLocalHealthEventsConfig" + }, + "AvailabilityScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event.", + "title": "AvailabilityScoreThreshold", + "type": "number" + }, + "PerformanceLocalHealthEventsConfig": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", + "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue.", + "title": "PerformanceLocalHealthEventsConfig" + }, + "PerformanceScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event.", + "title": "PerformanceScoreThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery": { + "additionalProperties": false, + "properties": { + "S3Config": { + "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", + "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", + "title": "S3Config" + } + }, + "type": "object" + }, + "AWS::InternetMonitor::Monitor.LocalHealthEventsConfig": { + "additionalProperties": false, + "properties": { + "HealthScoreThreshold": { + "markdownDescription": "The health event threshold percentage set for a local health score.", + "title": "HealthScoreThreshold", + "type": "number" + }, + "MinTrafficImpact": { + "markdownDescription": "The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score.\n\nIf you don't set a minimum traffic impact threshold, the default value is 0.01%.", + "title": "MinTrafficImpact", + "type": "number" + }, + "Status": { + "markdownDescription": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` .", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::InternetMonitor::Monitor.S3Config": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", + "title": "BucketName", "type": "string" }, - "Key": { - "markdownDescription": "The name of the file.", - "title": "Key", + "BucketPrefix": { + "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", + "title": "BucketPrefix", + "type": "string" + }, + "LogDeliveryStatus": { + "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", + "title": "LogDeliveryStatus", "type": "string" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::Kendra::Index": { + "AWS::Invoicing::InvoiceUnit": { "additionalProperties": false, "properties": { "Condition": { @@ -136243,76 +144937,50 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityUnits": { - "$ref": "#/definitions/AWS::Kendra::Index.CapacityUnitsConfiguration", - "markdownDescription": "Specifies additional capacity units configured for your Enterprise Edition index. You can add and remove capacity units to fit your usage requirements.", - "title": "CapacityUnits" - }, "Description": { - "markdownDescription": "A description for the index.", + "markdownDescription": "The assigned description for an invoice unit. This information can't be modified or deleted.", "title": "Description", "type": "string" }, - "DocumentMetadataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.DocumentMetadataConfiguration" - }, - "markdownDescription": "Specifies the properties of an index field. You can add either a custom or a built-in field. You can add and remove built-in fields at any time. When a built-in field is removed it's configuration reverts to the default for the field. Custom fields can't be removed from an index after they are added.", - "title": "DocumentMetadataConfigurations", - "type": "array" - }, - "Edition": { - "markdownDescription": "Indicates whether the index is a Enterprise Edition index, a Developer Edition index, or a GenAI Enterprise Edition index.", - "title": "Edition", + "InvoiceReceiver": { + "markdownDescription": "The account that receives invoices related to the invoice unit.", + "title": "InvoiceReceiver", "type": "string" }, "Name": { - "markdownDescription": "The name of the index.", + "markdownDescription": "A unique name that is distinctive within your AWS .", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket.", - "title": "RoleArn", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.ServerSideEncryptionConfiguration", - "markdownDescription": "The identifier of the AWS KMS customer managed key (CMK) to use to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs.", - "title": "ServerSideEncryptionConfiguration" - }, - "Tags": { + "ResourceTags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit.ResourceTag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The tag structure that contains a tag key and value.", + "title": "ResourceTags", "type": "array" }, - "UserContextPolicy": { - "markdownDescription": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable.", - "title": "UserContextPolicy", - "type": "string" + "Rule": { + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit.Rule", + "markdownDescription": "An `InvoiceUnitRule` object used the categorize invoice units.", + "title": "Rule" }, - "UserTokenConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.UserTokenConfiguration" - }, - "markdownDescription": "Defines the type of user token used for the index.", - "title": "UserTokenConfigurations", - "type": "array" + "TaxInheritanceDisabled": { + "markdownDescription": "Whether the invoice unit based tax inheritance is/ should be enabled or disabled.", + "title": "TaxInheritanceDisabled", + "type": "boolean" } }, "required": [ - "Edition", + "InvoiceReceiver", "Name", - "RoleArn" + "Rule" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kendra::Index" + "AWS::Invoicing::InvoiceUnit" ], "type": "string" }, @@ -136331,224 +144999,316 @@ ], "type": "object" }, - "AWS::Kendra::Index.CapacityUnitsConfiguration": { + "AWS::Invoicing::InvoiceUnit.ResourceTag": { "additionalProperties": false, "properties": { - "QueryCapacityUnits": { - "markdownDescription": "The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity.\n\nA single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units.\n\n`GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second).", - "title": "QueryCapacityUnits", - "type": "number" + "Key": { + "markdownDescription": "The object key of your of your resource tag.", + "title": "Key", + "type": "string" }, - "StorageCapacityUnits": { - "markdownDescription": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units.", - "title": "StorageCapacityUnits", - "type": "number" + "Value": { + "markdownDescription": "The specific value of the resource tag.", + "title": "Value", + "type": "string" } }, "required": [ - "QueryCapacityUnits", - "StorageCapacityUnits" + "Key", + "Value" ], "type": "object" }, - "AWS::Kendra::Index.DocumentMetadataConfiguration": { + "AWS::Invoicing::InvoiceUnit.Rule": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the index field.", - "title": "Name", + "LinkedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of `LINKED_ACCOUNT` IDs where charges are included within the invoice unit.", + "title": "LinkedAccounts", + "type": "array" + } + }, + "required": [ + "LinkedAccounts" + ], + "type": "object" + }, + "AWS::IoT::AccountAuditConfiguration": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Relevance": { - "$ref": "#/definitions/AWS::Kendra::Index.Relevance", - "markdownDescription": "Provides tuning parameters to determine how the field affects the search results.", - "title": "Relevance" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Search": { - "$ref": "#/definitions/AWS::Kendra::Index.Search", - "markdownDescription": "Provides information about how the field is used during a search.", - "title": "Search" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The ID of the account. You can use the expression `!Sub \"${AWS::AccountId}\"` to use your account ID.", + "title": "AccountId", + "type": "string" + }, + "AuditCheckConfigurations": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations", + "markdownDescription": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on available audit checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)", + "title": "AuditCheckConfigurations" + }, + "AuditNotificationTargetConfigurations": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations", + "markdownDescription": "Information about the targets to which audit notifications are sent.", + "title": "AuditNotificationTargetConfigurations" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "AccountId", + "AuditCheckConfigurations", + "RoleArn" + ], + "type": "object" }, "Type": { - "markdownDescription": "The data type of the index field.", - "title": "Type", + "enum": [ + "AWS::IoT::AccountAuditConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kendra::Index.JsonTokenTypeConfiguration": { + "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { "additionalProperties": false, "properties": { - "GroupAttributeField": { - "markdownDescription": "The group attribute field.", - "title": "GroupAttributeField", - "type": "string" - }, - "UserNameAttributeField": { - "markdownDescription": "The user name attribute field.", - "title": "UserNameAttributeField", - "type": "string" + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", + "type": "boolean" } }, - "required": [ - "GroupAttributeField", - "UserNameAttributeField" - ], "type": "object" }, - "AWS::Kendra::Index.JwtTokenTypeConfiguration": { + "AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations": { "additionalProperties": false, "properties": { - "ClaimRegex": { - "markdownDescription": "The regular expression that identifies the claim.", - "title": "ClaimRegex", - "type": "string" + "AuthenticatedCognitoRoleOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed.", + "title": "AuthenticatedCognitoRoleOverlyPermissiveCheck" }, - "GroupAttributeField": { - "markdownDescription": "The group attribute field.", - "title": "GroupAttributeField", - "type": "string" + "CaCertificateExpiringCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired.", + "title": "CaCertificateExpiringCheck" }, - "Issuer": { - "markdownDescription": "The issuer of the token.", - "title": "Issuer", - "type": "string" + "CaCertificateKeyQualityCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` .", + "title": "CaCertificateKeyQualityCheck" }, - "KeyLocation": { - "markdownDescription": "The location of the key.", - "title": "KeyLocation", - "type": "string" + "ConflictingClientIdsCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if multiple devices connect using the same client ID.", + "title": "ConflictingClientIdsCheck" }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (arn) of the secret.", - "title": "SecretManagerArn", - "type": "string" + "DeviceCertificateAgeCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.DeviceCertAgeAuditCheckConfiguration", + "markdownDescription": "Checks when a device certificate has been active for a number of days greater than or equal to the number you specify.", + "title": "DeviceCertificateAgeCheck" }, - "URL": { - "markdownDescription": "The signing key URL.", - "title": "URL", - "type": "string" + "DeviceCertificateExpiringCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.DeviceCertExpirationAuditCheckConfiguration", + "markdownDescription": "Checks if a device certificate is expiring. By default, this check applies to device certificates expiring within 30 days or that have expired. You can modify this threshold by configuring the DeviceCertExpirationAuditCheckConfiguration.", + "title": "DeviceCertificateExpiringCheck" }, - "UserNameAttributeField": { - "markdownDescription": "The user name attribute field.", - "title": "UserNameAttributeField", - "type": "string" + "DeviceCertificateKeyQualityCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size.", + "title": "DeviceCertificateKeyQualityCheck" + }, + "DeviceCertificateSharedCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT .", + "title": "DeviceCertificateSharedCheck" + }, + "IntermediateCaRevokedForActiveDeviceCertificatesCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if device certificates are still active despite being revoked by an intermediate CA.", + "title": "IntermediateCaRevokedForActiveDeviceCertificatesCheck" + }, + "IoTPolicyPotentialMisConfigurationCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy.", + "title": "IoTPolicyPotentialMisConfigurationCheck" + }, + "IotPolicyOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role.", + "title": "IotPolicyOverlyPermissiveCheck" + }, + "IotRoleAliasAllowsAccessToUnusedServicesCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year.", + "title": "IotRoleAliasAllowsAccessToUnusedServicesCheck" + }, + "IotRoleAliasOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive.", + "title": "IotRoleAliasOverlyPermissiveCheck" + }, + "LoggingDisabledCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if AWS IoT logs are disabled.", + "title": "LoggingDisabledCheck" + }, + "RevokedCaCertificateStillActiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a revoked CA certificate is still active.", + "title": "RevokedCaCertificateStillActiveCheck" + }, + "RevokedDeviceCertificateStillActiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if a revoked device certificate is still active.", + "title": "RevokedDeviceCertificateStillActiveCheck" + }, + "UnauthenticatedCognitoRoleOverlyPermissiveCheck": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", + "markdownDescription": "Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive.", + "title": "UnauthenticatedCognitoRoleOverlyPermissiveCheck" } }, - "required": [ - "KeyLocation" - ], "type": "object" }, - "AWS::Kendra::Index.Relevance": { + "AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget": { "additionalProperties": false, "properties": { - "Duration": { - "markdownDescription": "Specifies the time period that the boost applies to. For example, to make the boost apply to documents with the field value within the last month, you would use \"2628000s\". Once the field value is beyond the specified range, the effect of the boost drops off. The higher the importance, the faster the effect drops off. If you don't specify a value, the default is 3 months. The value of the field is a numeric string followed by the character \"s\", for example \"86400s\" for one day, or \"604800s\" for one week.\n\nOnly applies to `DATE` fields.", - "title": "Duration", - "type": "string" - }, - "Freshness": { - "markdownDescription": "Indicates that this field determines how \"fresh\" a document is. For example, if document 1 was created on November 5, and document 2 was created on October 31, document 1 is \"fresher\" than document 2. Only applies to `DATE` fields.", - "title": "Freshness", + "Enabled": { + "markdownDescription": "True if notifications to the target are enabled.", + "title": "Enabled", "type": "boolean" }, - "Importance": { - "markdownDescription": "The relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers.", - "title": "Importance", - "type": "number" - }, - "RankOrder": { - "markdownDescription": "Determines how values should be interpreted.\n\nWhen the `RankOrder` field is `ASCENDING` , higher numbers are better. For example, a document with a rating score of 10 is higher ranking than a document with a rating score of 1.\n\nWhen the `RankOrder` field is `DESCENDING` , lower numbers are better. For example, in a task tracking application, a priority 1 task is more important than a priority 5 task.\n\nOnly applies to `LONG` fields.", - "title": "RankOrder", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to send notifications to the target.", + "title": "RoleArn", "type": "string" }, - "ValueImportanceItems": { - "items": { - "$ref": "#/definitions/AWS::Kendra::Index.ValueImportanceItem" - }, - "markdownDescription": "An array of key-value pairs for different boosts when they appear in the search result list. For example, if you want to boost query terms that match the \"department\" field in the result, query terms that match this field are boosted in the result. You can add entries from the department field to boost documents with those values higher.\n\nFor example, you can add entries to the map with names of departments. If you add \"HR\", 5 and \"Legal\",3 those departments are given special attention when they appear in the metadata of a document.", - "title": "ValueImportanceItems", - "type": "array" + "TargetArn": { + "markdownDescription": "The ARN of the target (SNS topic) to which audit notifications are sent.", + "title": "TargetArn", + "type": "string" } }, "type": "object" }, - "AWS::Kendra::Index.Search": { + "AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations": { "additionalProperties": false, "properties": { - "Displayable": { - "markdownDescription": "Determines whether the field is returned in the query response. The default is `true` .", - "title": "Displayable", - "type": "boolean" - }, - "Facetable": { - "markdownDescription": "Indicates that the field can be used to create search facets, a count of results for each value in the field. The default is `false` .", - "title": "Facetable", - "type": "boolean" - }, - "Searchable": { - "markdownDescription": "Determines whether the field is used in the search. If the `Searchable` field is `true` , you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for string fields and `false` for number and date fields.", - "title": "Searchable", - "type": "boolean" - }, - "Sortable": { - "markdownDescription": "Determines whether the field can be used to sort the results of a query. The default is `false` .", - "title": "Sortable", - "type": "boolean" + "Sns": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget", + "markdownDescription": "The `Sns` notification target.", + "title": "Sns" } }, "type": "object" }, - "AWS::Kendra::Index.ServerSideEncryptionConfiguration": { + "AWS::IoT::AccountAuditConfiguration.CertAgeCheckCustomConfiguration": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys.", - "title": "KmsKeyId", + "CertAgeThresholdInDays": { + "markdownDescription": "The number of days that defines when a device certificate is considered to have aged. The check will report a finding if a certificate has been active for a number of days greater than or equal to this threshold value.", + "title": "CertAgeThresholdInDays", "type": "string" } }, "type": "object" }, - "AWS::Kendra::Index.UserTokenConfiguration": { + "AWS::IoT::AccountAuditConfiguration.CertExpirationCheckCustomConfiguration": { "additionalProperties": false, "properties": { - "JsonTokenTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.JsonTokenTypeConfiguration", - "markdownDescription": "Information about the JSON token type configuration.", - "title": "JsonTokenTypeConfiguration" + "CertExpirationThresholdInDays": { + "markdownDescription": "The number of days before expiration that defines when a device certificate is considered to be approaching expiration. The check will report a finding if a certificate will expire within this number of days.", + "title": "CertExpirationThresholdInDays", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::AccountAuditConfiguration.DeviceCertAgeAuditCheckConfiguration": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.CertAgeCheckCustomConfiguration", + "markdownDescription": "Configuration settings for the device certificate age check, including the threshold in days for certificate age. This configuration is of type `CertAgeCheckCustomConfiguration` .", + "title": "Configuration" }, - "JwtTokenTypeConfiguration": { - "$ref": "#/definitions/AWS::Kendra::Index.JwtTokenTypeConfiguration", - "markdownDescription": "Information about the JWT token type configuration.", - "title": "JwtTokenTypeConfiguration" + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::Kendra::Index.ValueImportanceItem": { + "AWS::IoT::AccountAuditConfiguration.DeviceCertExpirationAuditCheckConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The document metadata value used for the search boost.", - "title": "Key", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.CertExpirationCheckCustomConfiguration", + "markdownDescription": "Configuration settings for the device certificate expiration check, including the threshold in days before expiration. This configuration is of type `CertExpirationCheckCustomConfiguration`", + "title": "Configuration" }, - "Value": { - "markdownDescription": "The boost value for a document when the key is part of the metadata of a document.", - "title": "Value", - "type": "number" + "Enabled": { + "markdownDescription": "True if this audit check is enabled for this account.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::KendraRanking::ExecutionPlan": { + "AWS::IoT::Authorizer": { "additionalProperties": false, "properties": { "Condition": { @@ -136583,38 +145343,64 @@ "Properties": { "additionalProperties": false, "properties": { - "CapacityUnits": { - "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration", - "markdownDescription": "You can set additional capacity units to meet the needs of your rescore execution plan. You are given a single capacity unit by default. If you want to use the default capacity, you don't set additional capacity units. For more information on the default capacity and additional capacity units, see [Adjusting capacity](https://docs.aws.amazon.com/kendra/latest/dg/adjusting-capacity.html) .", - "title": "CapacityUnits" + "AuthorizerFunctionArn": { + "markdownDescription": "The authorizer's Lambda function ARN.", + "title": "AuthorizerFunctionArn", + "type": "string" }, - "Description": { - "markdownDescription": "A description for the rescore execution plan.", - "title": "Description", + "AuthorizerName": { + "markdownDescription": "The authorizer name.", + "title": "AuthorizerName", "type": "string" }, - "Name": { - "markdownDescription": "A name for the rescore execution plan.", - "title": "Name", + "EnableCachingForHttp": { + "markdownDescription": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections.", + "title": "EnableCachingForHttp", + "type": "boolean" + }, + "SigningDisabled": { + "markdownDescription": "Specifies whether AWS IoT validates the token signature in an authorization request.", + "title": "SigningDisabled", + "type": "boolean" + }, + "Status": { + "markdownDescription": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`", + "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs that identify or categorize your rescore execution plan. You can also use tags to help control access to the rescore execution plan. Tag keys and values can consist of Unicode letters, digits, white space. They can also consist of underscore, period, colon, equal, plus, and asperand.", + "markdownDescription": "Metadata which can be used to manage the custom authorizer.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", "title": "Tags", "type": "array" + }, + "TokenKeyName": { + "markdownDescription": "The key used to extract the token from the HTTP headers.", + "title": "TokenKeyName", + "type": "string" + }, + "TokenSigningPublicKeys": { + "additionalProperties": true, + "markdownDescription": "The public keys used to validate the token signature returned by your custom authentication service.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TokenSigningPublicKeys", + "type": "object" } }, "required": [ - "Name" + "AuthorizerFunctionArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::KendraRanking::ExecutionPlan" + "AWS::IoT::Authorizer" ], "type": "string" }, @@ -136633,21 +145419,94 @@ ], "type": "object" }, - "AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration": { + "AWS::IoT::BillingGroup": { "additionalProperties": false, "properties": { - "RescoreCapacityUnits": { - "markdownDescription": "The amount of extra capacity for your rescore execution plan.\n\nA single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units.", - "title": "RescoreCapacityUnits", - "type": "number" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BillingGroupName": { + "markdownDescription": "The name of the billing group.", + "title": "BillingGroupName", + "type": "string" + }, + "BillingGroupProperties": { + "$ref": "#/definitions/AWS::IoT::BillingGroup.BillingGroupProperties", + "markdownDescription": "The properties of the billing group.", + "title": "BillingGroupProperties" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the billing group.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::BillingGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "RescoreCapacityUnits" + "Type" ], "type": "object" }, - "AWS::Kinesis::Stream": { + "AWS::IoT::BillingGroup.BillingGroupProperties": { + "additionalProperties": false, + "properties": { + "BillingGroupDescription": { + "markdownDescription": "The description of the billing group.", + "title": "BillingGroupDescription", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::CACertificate": { "additionalProperties": false, "properties": { "Condition": { @@ -136682,45 +145541,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "Name", + "AutoRegistrationStatus": { + "markdownDescription": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\".", + "title": "AutoRegistrationStatus", "type": "string" }, - "RetentionPeriodHours": { - "markdownDescription": "The number of hours for the data records that are stored in shards to remain accessible. The default value is 24. For more information about the stream retention period, see [Changing the Data Retention Period](https://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html) in the Amazon Kinesis Developer Guide.", - "title": "RetentionPeriodHours", - "type": "number" + "CACertificatePem": { + "markdownDescription": "The certificate data in PEM format.", + "title": "CACertificatePem", + "type": "string" }, - "ShardCount": { - "markdownDescription": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", - "title": "ShardCount", - "type": "number" + "CertificateMode": { + "markdownDescription": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\".", + "title": "CertificateMode", + "type": "string" }, - "StreamEncryption": { - "$ref": "#/definitions/AWS::Kinesis::Stream.StreamEncryption", - "markdownDescription": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption.", - "title": "StreamEncryption" + "RegistrationConfig": { + "$ref": "#/definitions/AWS::IoT::CACertificate.RegistrationConfig", + "markdownDescription": "Information about the registration configuration.", + "title": "RegistrationConfig" }, - "StreamModeDetails": { - "$ref": "#/definitions/AWS::Kinesis::Stream.StreamModeDetails", - "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", - "title": "StreamModeDetails" + "RemoveAutoRegistration": { + "markdownDescription": "If true, removes auto registration.", + "title": "RemoveAutoRegistration", + "type": "boolean" + }, + "Status": { + "markdownDescription": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\".", + "title": "Status", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the Kinesis stream. For information about constraints for this property, see [Tag Restrictions](https://docs.aws.amazon.com/streams/latest/dev/tagging.html#tagging-restrictions) in the *Amazon Kinesis Developer Guide* .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "VerificationCertificatePem": { + "markdownDescription": "The private key verification certificate.", + "title": "VerificationCertificatePem", + "type": "string" } }, + "required": [ + "CACertificatePem", + "Status" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Kinesis::Stream" + "AWS::IoT::CACertificate" ], "type": "string" }, @@ -136734,45 +145607,33 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Kinesis::Stream.StreamEncryption": { + "AWS::IoT::CACertificate.RegistrationConfig": { "additionalProperties": false, "properties": { - "EncryptionType": { - "markdownDescription": "The encryption type to use. The only valid value is `KMS` .", - "title": "EncryptionType", + "RoleArn": { + "markdownDescription": "The ARN of the role.", + "title": "RoleArn", "type": "string" }, - "KeyId": { - "markdownDescription": "The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias `aws/kinesis` .\n\n- Key ARN example: `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`\n- Alias ARN example: `arn:aws:kms:us-east-1:123456789012:alias/MyAliasName`\n- Globally unique key ID example: `12345678-1234-1234-1234-123456789012`\n- Alias name example: `alias/MyAliasName`\n- Master key owned by Kinesis Data Streams: `alias/aws/kinesis`", - "title": "KeyId", + "TemplateBody": { + "markdownDescription": "The template body.", + "title": "TemplateBody", "type": "string" - } - }, - "required": [ - "EncryptionType", - "KeyId" - ], - "type": "object" - }, - "AWS::Kinesis::Stream.StreamModeDetails": { - "additionalProperties": false, - "properties": { - "StreamMode": { - "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", - "title": "StreamMode", + }, + "TemplateName": { + "markdownDescription": "The name of the provisioning template.", + "title": "TemplateName", "type": "string" } }, - "required": [ - "StreamMode" - ], "type": "object" }, - "AWS::Kinesis::StreamConsumer": { + "AWS::IoT::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -136807,26 +145668,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ConsumerName": { - "markdownDescription": "The name of the consumer is something you choose when you register the consumer.", - "title": "ConsumerName", + "CACertificatePem": { + "markdownDescription": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.", + "title": "CACertificatePem", "type": "string" }, - "StreamARN": { - "markdownDescription": "The ARN of the stream with which you registered the consumer.", - "title": "StreamARN", + "CertificateMode": { + "markdownDescription": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .", + "title": "CertificateMode", + "type": "string" + }, + "CertificatePem": { + "markdownDescription": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.", + "title": "CertificatePem", + "type": "string" + }, + "CertificateSigningRequest": { + "markdownDescription": "The certificate signing request (CSR).", + "title": "CertificateSigningRequest", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used.", + "title": "Status", "type": "string" } }, "required": [ - "ConsumerName", - "StreamARN" + "Status" ], "type": "object" }, "Type": { "enum": [ - "AWS::Kinesis::StreamConsumer" + "AWS::IoT::Certificate" ], "type": "string" }, @@ -136845,7 +145720,7 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::Application": { + "AWS::IoT::CertificateProvider": { "additionalProperties": false, "properties": { "Condition": { @@ -136880,38 +145755,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationCode": { - "markdownDescription": "One or more SQL statements that read input data, transform it, and generate output. For example, you can write a SQL statement that reads data from one in-application stream, generates a running average of the number of advertisement clicks by vendor, and insert resulting rows in another in-application stream using pumps. For more information about the typical pattern, see [Application Code](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-app-code.html) .\n\nYou can provide such series of SQL statements, where output of one statement can be used as the input for the next statement. You store intermediate results by creating in-application streams and pumps.\n\nNote that the application code must create the streams with names specified in the `Outputs` . For example, if your `Outputs` defines output streams named `ExampleOutputStream1` and `ExampleOutputStream2` , then your application code must create these streams.", - "title": "ApplicationCode", - "type": "string" + "AccountDefaultForOperations": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` .", + "title": "AccountDefaultForOperations", + "type": "array" }, - "ApplicationDescription": { - "markdownDescription": "Summary description of the application.", - "title": "ApplicationDescription", + "CertificateProviderName": { + "markdownDescription": "The name of the certificate provider.", + "title": "CertificateProviderName", "type": "string" }, - "ApplicationName": { - "markdownDescription": "Name of your Amazon Kinesis Analytics application (for example, `sample-app` ).", - "title": "ApplicationName", + "LambdaFunctionArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "LambdaFunctionArn", "type": "string" }, - "Inputs": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.Input" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Use this parameter to configure the application input.\n\nYou can configure your application to receive input from a single streaming source. In this configuration, you map this streaming source to an in-application stream that is created. Your application code can then query the in-application stream like a table (you can think of it as a constantly updating table).\n\nFor the streaming source, you provide its Amazon Resource Name (ARN) and format of data on the stream (for example, JSON, CSV, etc.). You also must provide an IAM role that Amazon Kinesis Analytics can assume to read this stream on your behalf.\n\nTo create the in-application stream, you need to specify a schema to transform your data into a schematized version used in SQL. In the schema, you provide the necessary mapping of the data elements in the streaming source to record columns in the in-app stream.", - "title": "Inputs", + "markdownDescription": "Metadata that can be used to manage the certificate provider.", + "title": "Tags", "type": "array" } }, "required": [ - "Inputs" + "AccountDefaultForOperations", + "LambdaFunctionArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::Application" + "AWS::IoT::CertificateProvider" ], "type": "string" }, @@ -136930,251 +145809,221 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::Application.CSVMappingParameters": { + "AWS::IoT::Command": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", + "Condition": { "type": "string" }, - "RecordRowDelimiter": { - "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.Input": { - "additionalProperties": false, - "properties": { - "InputParallelism": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputParallelism", - "markdownDescription": "Describes the number of in-application streams to create.\n\nData from your source is routed to these in-application input streams.\n\nSee [Configuring Application Input](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-input.html) .", - "title": "InputParallelism" - }, - "InputProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputProcessingConfiguration", - "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputprocessingconfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) .", - "title": "InputProcessingConfiguration" }, - "InputSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", - "title": "InputSchema" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "KinesisFirehoseInput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisFirehoseInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis Firehose delivery stream, identifies the delivery stream's ARN and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", - "title": "KinesisFirehoseInput" + "Metadata": { + "type": "object" }, - "KinesisStreamsInput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisStreamsInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis stream, identifies the stream's Amazon Resource Name (ARN) and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", - "title": "KinesisStreamsInput" + "Properties": { + "additionalProperties": false, + "properties": { + "CommandId": { + "markdownDescription": "The unique identifier of the command.", + "title": "CommandId", + "type": "string" + }, + "CreatedAt": { + "markdownDescription": "The timestamp, when the command was created.", + "title": "CreatedAt", + "type": "string" + }, + "Deprecated": { + "markdownDescription": "Indicates whether the command has been deprecated.", + "title": "Deprecated", + "type": "boolean" + }, + "Description": { + "markdownDescription": "The description of the command parameter.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the command.", + "title": "DisplayName", + "type": "string" + }, + "LastUpdatedAt": { + "markdownDescription": "The timestamp, when the command was last updated.", + "title": "LastUpdatedAt", + "type": "string" + }, + "MandatoryParameters": { + "items": { + "$ref": "#/definitions/AWS::IoT::Command.CommandParameter" + }, + "markdownDescription": "", + "title": "MandatoryParameters", + "type": "array" + }, + "Namespace": { + "markdownDescription": "", + "title": "Namespace", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoT::Command.CommandPayload", + "markdownDescription": "", + "title": "Payload" + }, + "PendingDeletion": { + "markdownDescription": "Indicates whether the command is pending deletion.", + "title": "PendingDeletion", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "CommandId" + ], + "type": "object" }, - "NamePrefix": { - "markdownDescription": "Name prefix to use when creating an in-application stream. Suppose that you specify a prefix \"MyInApplicationStream.\" Amazon Kinesis Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with names \"MyInApplicationStream_001,\" \"MyInApplicationStream_002,\" and so on.", - "title": "NamePrefix", - "type": "string" - } - }, - "required": [ - "InputSchema", - "NamePrefix" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputLambdaProcessor": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the [AWS Lambda](https://docs.aws.amazon.com/lambda/) function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", + "Type": { + "enum": [ + "AWS::IoT::Command" + ], "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of the IAM role that is used to access the AWS Lambda function.", - "title": "RoleARN", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ResourceARN", - "RoleARN" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalytics::Application.InputParallelism": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "Number of in-application streams to create. For more information, see [Limits](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/limits.html) .", - "title": "Count", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputProcessingConfiguration": { - "additionalProperties": false, - "properties": { - "InputLambdaProcessor": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputLambdaProcessor", - "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) that is used to preprocess the records in the stream before being processed by your application code.", - "title": "InputLambdaProcessor" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.InputSchema": { + "AWS::IoT::Command.CommandParameter": { "additionalProperties": false, "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordColumn" - }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", - "type": "array" + "DefaultValue": { + "$ref": "#/definitions/AWS::IoT::Command.CommandParameterValue", + "markdownDescription": "", + "title": "DefaultValue" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", + "Description": { + "markdownDescription": "", + "title": "Description", "type": "string" }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" - } - }, - "required": [ - "RecordColumns", - "RecordFormat" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.JSONMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordRowPath": { - "markdownDescription": "Path to the top-level parent that contains the records.", - "title": "RecordRowPath", - "type": "string" - } - }, - "required": [ - "RecordRowPath" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.KinesisFirehoseInput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the input delivery stream.", - "title": "ResourceARN", + "Name": { + "markdownDescription": "", + "title": "Name", "type": "string" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to make sure that the role has the necessary permissions to access the stream.", - "title": "RoleARN", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::IoT::Command.CommandParameterValue", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "ResourceARN", - "RoleARN" + "Name" ], "type": "object" }, - "AWS::KinesisAnalytics::Application.KinesisStreamsInput": { + "AWS::IoT::Command.CommandParameterValue": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the input Amazon Kinesis stream to read.", - "title": "ResourceARN", - "type": "string" + "B": { + "markdownDescription": "", + "title": "B", + "type": "boolean" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", + "BIN": { + "markdownDescription": "", + "title": "BIN", "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::Application.MappingParameters": { - "additionalProperties": false, - "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::Application.RecordColumn": { - "additionalProperties": false, - "properties": { - "Mapping": { - "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", - "title": "Mapping", + "D": { + "markdownDescription": "", + "title": "D", + "type": "number" + }, + "I": { + "markdownDescription": "", + "title": "I", + "type": "number" + }, + "L": { + "markdownDescription": "", + "title": "L", "type": "string" }, - "Name": { - "markdownDescription": "Name of the column created in the in-application input stream or reference table.", - "title": "Name", + "S": { + "markdownDescription": "", + "title": "S", "type": "string" }, - "SqlType": { - "markdownDescription": "Type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "UL": { + "markdownDescription": "", + "title": "UL", "type": "string" } }, - "required": [ - "Name", - "SqlType" - ], "type": "object" }, - "AWS::KinesisAnalytics::Application.RecordFormat": { + "AWS::IoT::Command.CommandPayload": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::Application.MappingParameters", - "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" + "Content": { + "markdownDescription": "", + "title": "Content", + "type": "string" }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "ContentType": { + "markdownDescription": "", + "title": "ContentType", "type": "string" } }, - "required": [ - "RecordFormatType" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput": { + "AWS::IoT::CustomMetric": { "additionalProperties": false, "properties": { "Condition": { @@ -137209,30 +146058,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "Name of the application to which you want to add the output configuration.", - "title": "ApplicationName", + "DisplayName": { + "markdownDescription": "The friendly name in the console for the custom metric. This name doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. You can update the friendly name after you define it.", + "title": "DisplayName", "type": "string" }, - "Output": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.Output", - "markdownDescription": "An array of objects, each describing one output configuration. In the output configuration, you specify the name of an in-application stream, a destination (that is, an Amazon Kinesis stream, an Amazon Kinesis Firehose delivery stream, or an AWS Lambda function), and record the formation to use when writing to the destination.", - "title": "Output" - } - }, - "required": [ - "ApplicationName", - "Output" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::KinesisAnalytics::ApplicationOutput" - ], - "type": "string" - }, - "UpdateReplacePolicy": { + "MetricName": { + "markdownDescription": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. The name can't begin with `aws:` . You can\u2019t change the name after you define it.", + "title": "MetricName", + "type": "string" + }, + "MetricType": { + "markdownDescription": "The type of the custom metric. Types include `string-list` , `ip-address-list` , `number-list` , and `number` .\n\n> The type `number` only takes a single metric value as an input, but when you submit the metrics value in the DeviceMetrics report, you must pass it as an array with a single value.", + "title": "MetricType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the custom metric.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "MetricType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::CustomMetric" + ], + "type": "string" + }, + "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", @@ -137247,112 +146108,96 @@ ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema": { - "additionalProperties": false, - "properties": { - "RecordFormatType": { - "markdownDescription": "Specifies the format of the records on the output stream.", - "title": "RecordFormatType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the destination Amazon Kinesis Firehose delivery stream to write to.", - "title": "ResourceARN", - "type": "string" - }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput": { + "AWS::IoT::Dimension": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "ARN of the destination Amazon Kinesis stream to write to.", - "title": "ResourceARN", + "Condition": { "type": "string" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RoleARN": { - "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination function on your behalf. You need to grant the necessary permissions to this role.", - "title": "RoleARN", - "type": "string" - } - }, - "required": [ - "ResourceARN", - "RoleARN" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationOutput.Output": { - "additionalProperties": false, - "properties": { - "DestinationSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema", - "markdownDescription": "Describes the data format when records are written to the destination. For more information, see [Configuring Application Output](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-output.html) .", - "title": "DestinationSchema" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "KinesisFirehoseOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput", - "markdownDescription": "Identifies an Amazon Kinesis Firehose delivery stream as the destination.", - "title": "KinesisFirehoseOutput" + "Metadata": { + "type": "object" }, - "KinesisStreamsOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput", - "markdownDescription": "Identifies an Amazon Kinesis stream as the destination.", - "title": "KinesisStreamsOutput" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A unique identifier for the dimension.", + "title": "Name", + "type": "string" + }, + "StringValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the value or list of values for the dimension. For `TOPIC_FILTER` dimensions, this is a pattern used to match the MQTT topic (for example, \"admin/#\").", + "title": "StringValues", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the dimension.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "Specifies the type of dimension. Supported types: `TOPIC_FILTER.`", + "title": "Type", + "type": "string" + } + }, + "required": [ + "StringValues", + "Type" + ], + "type": "object" }, - "LambdaOutput": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput", - "markdownDescription": "Identifies an AWS Lambda function as the destination.", - "title": "LambdaOutput" + "Type": { + "enum": [ + "AWS::IoT::Dimension" + ], + "type": "string" }, - "Name": { - "markdownDescription": "Name of the in-application stream.", - "title": "Name", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DestinationSchema" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource": { + "AWS::IoT::DomainConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -137387,26 +146232,83 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "Name of an existing application.", - "title": "ApplicationName", + "ApplicationProtocol": { + "markdownDescription": "An enumerated string that speci\ufb01es the application-layer protocol.", + "title": "ApplicationProtocol", "type": "string" }, - "ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource", - "markdownDescription": "The reference data source can be an object in your Amazon S3 bucket. Amazon Kinesis Analytics reads the object and copies the data into the in-application table that is created. You provide an S3 bucket, object key name, and the resulting in-application table that is created. You must also provide an IAM role with the necessary permissions that Amazon Kinesis Analytics can assume to read the object from your S3 bucket on your behalf.", - "title": "ReferenceDataSource" + "AuthenticationType": { + "markdownDescription": "An enumerated string that speci\ufb01es the authentication type.", + "title": "AuthenticationType", + "type": "string" + }, + "AuthorizerConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.AuthorizerConfig", + "markdownDescription": "An object that specifies the authorization service for a domain.", + "title": "AuthorizerConfig" + }, + "ClientCertificateConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ClientCertificateConfig", + "markdownDescription": "An object that speci\ufb01es the client certificate con\ufb01guration for a domain.", + "title": "ClientCertificateConfig" + }, + "DomainConfigurationName": { + "markdownDescription": "The name of the domain configuration. This value must be unique to a region.", + "title": "DomainConfigurationName", + "type": "string" + }, + "DomainConfigurationStatus": { + "markdownDescription": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`", + "title": "DomainConfigurationStatus", + "type": "string" + }, + "DomainName": { + "markdownDescription": "The name of the domain.", + "title": "DomainName", + "type": "string" + }, + "ServerCertificateArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.", + "title": "ServerCertificateArns", + "type": "array" + }, + "ServerCertificateConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ServerCertificateConfig", + "markdownDescription": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", + "title": "ServerCertificateConfig" + }, + "ServiceType": { + "markdownDescription": "The type of service delivered by the endpoint.\n\n> AWS IoT Core currently supports only the `DATA` service type.", + "title": "ServiceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the domain configuration.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "title": "Tags", + "type": "array" + }, + "TlsConfig": { + "$ref": "#/definitions/AWS::IoT::DomainConfiguration.TlsConfig", + "markdownDescription": "An object that specifies the TLS configuration for a domain.", + "title": "TlsConfig" + }, + "ValidationCertificateArn": { + "markdownDescription": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.", + "title": "ValidationCertificateArn", + "type": "string" } }, - "required": [ - "ApplicationName", - "ReferenceDataSource" - ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalytics::ApplicationReferenceDataSource" + "AWS::IoT::DomainConfiguration" ], "type": "string" }, @@ -137420,184 +146322,229 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters": { + "AWS::IoT::DomainConfiguration.AuthorizerConfig": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", - "type": "string" + "AllowAuthorizerOverride": { + "markdownDescription": "A Boolean that specifies whether the domain configuration's authorization service can be overridden.", + "title": "AllowAuthorizerOverride", + "type": "boolean" }, - "RecordRowDelimiter": { - "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", + "DefaultAuthorizerName": { + "markdownDescription": "The name of the authorization service for a domain configuration.", + "title": "DefaultAuthorizerName", "type": "string" } }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters": { + "AWS::IoT::DomainConfiguration.ClientCertificateConfig": { "additionalProperties": false, "properties": { - "RecordRowPath": { - "markdownDescription": "Path to the top-level parent that contains the records.", - "title": "RecordRowPath", + "ClientCertificateCallbackArn": { + "markdownDescription": "The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.", + "title": "ClientCertificateCallbackArn", "type": "string" } }, - "required": [ - "RecordRowPath" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters": { + "AWS::IoT::DomainConfiguration.ServerCertificateConfig": { "additionalProperties": false, "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" + "EnableOCSPCheck": { + "markdownDescription": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", + "title": "EnableOCSPCheck", + "type": "boolean" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" + "OcspAuthorizedResponderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration.", + "title": "OcspAuthorizedResponderArn", + "type": "string" + }, + "OcspLambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration.", + "title": "OcspLambdaArn", + "type": "string" } }, "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn": { + "AWS::IoT::DomainConfiguration.ServerCertificateSummary": { "additionalProperties": false, "properties": { - "Mapping": { - "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", - "title": "Mapping", + "ServerCertificateArn": { + "markdownDescription": "The ARN of the server certificate.", + "title": "ServerCertificateArn", "type": "string" }, - "Name": { - "markdownDescription": "Name of the column created in the in-application input stream or reference table.", - "title": "Name", + "ServerCertificateStatus": { + "markdownDescription": "The status of the server certificate.", + "title": "ServerCertificateStatus", "type": "string" }, - "SqlType": { - "markdownDescription": "Type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "ServerCertificateStatusDetail": { + "markdownDescription": "Details that explain the status of the server certificate.", + "title": "ServerCertificateStatusDetail", "type": "string" } }, - "required": [ - "Name", - "SqlType" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat": { + "AWS::IoT::DomainConfiguration.TlsConfig": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters", - "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" - }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "SecurityPolicy": { + "markdownDescription": "The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* .", + "title": "SecurityPolicy", "type": "string" } }, - "required": [ - "RecordFormatType" - ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource": { + "AWS::IoT::FleetMetric": { "additionalProperties": false, "properties": { - "ReferenceSchema": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", - "title": "ReferenceSchema" - }, - "S3ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource", - "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. Also identifies the IAM role Amazon Kinesis Analytics can assume to read this object on your behalf. An Amazon Kinesis Analytics application loads reference data only once. If the data changes, you call the `UpdateApplication` operation to trigger reloading of data into your application.", - "title": "S3ReferenceDataSource" + "Condition": { + "type": "string" }, - "TableName": { - "markdownDescription": "Name of the in-application table to create.", - "title": "TableName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "ReferenceSchema" - ], - "type": "object" - }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema": { - "additionalProperties": false, - "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AggregationField": { + "markdownDescription": "The field to aggregate.", + "title": "AggregationField", + "type": "string" + }, + "AggregationType": { + "$ref": "#/definitions/AWS::IoT::FleetMetric.AggregationType", + "markdownDescription": "The type of the aggregation query.", + "title": "AggregationType" + }, + "Description": { + "markdownDescription": "The fleet metric description.", + "title": "Description", + "type": "string" + }, + "IndexName": { + "markdownDescription": "The name of the index to search.", + "title": "IndexName", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the fleet metric to create.", + "title": "MetricName", + "type": "string" + }, + "Period": { + "markdownDescription": "The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60.", + "title": "Period", + "type": "number" + }, + "QueryString": { + "markdownDescription": "The search query string.", + "title": "QueryString", + "type": "string" + }, + "QueryVersion": { + "markdownDescription": "The query version.", + "title": "QueryVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the fleet metric.", + "title": "Tags", + "type": "array" + }, + "Unit": { + "markdownDescription": "Used to support unit transformation such as milliseconds to seconds. Must be a unit supported by CW metric. Default to null.", + "title": "Unit", + "type": "string" + } }, - "markdownDescription": "A list of RecordColumn objects.", - "title": "RecordColumns", - "type": "array" + "required": [ + "MetricName" + ], + "type": "object" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the reference source. For example, UTF-8.", - "title": "RecordEncoding", + "Type": { + "enum": [ + "AWS::IoT::FleetMetric" + ], "type": "string" }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat", - "markdownDescription": "Specifies the format of the records on the reference source.", - "title": "RecordFormat" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "RecordColumns", - "RecordFormat" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource": { + "AWS::IoT::FleetMetric.AggregationType": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", - "type": "string" - }, - "FileKey": { - "markdownDescription": "Object key name containing reference data.", - "title": "FileKey", + "Name": { + "markdownDescription": "The name of the aggregation type.", + "title": "Name", "type": "string" }, - "ReferenceRoleARN": { - "markdownDescription": "ARN of the IAM role that the service can assume to read data on your behalf. This role must have permission for the `s3:GetObject` action on the object and trust policy that allows Amazon Kinesis Analytics service principal to assume this role.", - "title": "ReferenceRoleARN", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the values of aggregation types.", + "title": "Values", + "type": "array" } }, "required": [ - "BucketARN", - "FileKey", - "ReferenceRoleARN" + "Name", + "Values" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application": { + "AWS::IoT::JobTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -137632,64 +146579,90 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration", - "markdownDescription": "Use this parameter to configure the application.", - "title": "ApplicationConfiguration" + "AbortConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortConfig", + "markdownDescription": "The criteria that determine when and how a job abort takes place.", + "title": "AbortConfig" }, - "ApplicationDescription": { - "markdownDescription": "The description of the application.", - "title": "ApplicationDescription", + "Description": { + "markdownDescription": "A description of the job template.", + "title": "Description", "type": "string" }, - "ApplicationMaintenanceConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration", - "markdownDescription": "Specifies the maintenance window parameters for a Kinesis Data Analytics application.", - "title": "ApplicationMaintenanceConfiguration" + "DestinationPackageVersions": { + "items": { + "type": "string" + }, + "markdownDescription": "The package version Amazon Resource Names (ARNs) that are installed on the device\u2019s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed.", + "title": "DestinationPackageVersions", + "type": "array" }, - "ApplicationMode": { - "markdownDescription": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE` . However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional.", - "title": "ApplicationMode", + "Document": { + "markdownDescription": "The job document.\n\nRequired if you don't specify a value for `documentSource` .", + "title": "Document", "type": "string" }, - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "DocumentSource": { + "markdownDescription": "An S3 link, or S3 object URL, to the job document. The link is an Amazon S3 object URL and is required if you don't specify a value for `document` .\n\nFor example, `--document-source https://s3. *region-code* .amazonaws.com/example-firmware/device-firmware.1.0`\n\nFor more information, see [Methods for accessing a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html) .", + "title": "DocumentSource", "type": "string" }, - "RunConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RunConfiguration", - "markdownDescription": "Describes the starting parameters for an Managed Service for Apache Flink application.", - "title": "RunConfiguration" - }, - "RuntimeEnvironment": { - "markdownDescription": "The runtime environment for the application.", - "title": "RuntimeEnvironment", + "JobArn": { + "markdownDescription": "The ARN of the job to use as the basis for the job template.", + "title": "JobArn", "type": "string" }, - "ServiceExecutionRole": { - "markdownDescription": "Specifies the IAM role that the application uses to access external resources.", - "title": "ServiceExecutionRole", + "JobExecutionsRetryConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRetryConfig", + "markdownDescription": "Allows you to create the criteria to retry a job.", + "title": "JobExecutionsRetryConfig" + }, + "JobExecutionsRolloutConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRolloutConfig", + "markdownDescription": "Allows you to create a staged rollout of a job.", + "title": "JobExecutionsRolloutConfig" + }, + "JobTemplateId": { + "markdownDescription": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here.", + "title": "JobTemplateId", "type": "string" }, + "MaintenanceWindows": { + "items": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.MaintenanceWindow" + }, + "markdownDescription": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job.", + "title": "MaintenanceWindows", + "type": "array" + }, + "PresignedUrlConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.PresignedUrlConfig", + "markdownDescription": "Configuration for pre-signed S3 URLs.", + "title": "PresignedUrlConfig" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50.", + "markdownDescription": "Metadata that can be used to manage the job template.", "title": "Tags", "type": "array" + }, + "TimeoutConfig": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.TimeoutConfig", + "markdownDescription": "Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to `IN_PROGRESS` . If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to `TIMED_OUT` .", + "title": "TimeoutConfig" } }, "required": [ - "RuntimeEnvironment", - "ServiceExecutionRole" + "Description", + "JobTemplateId" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::Application" + "AWS::IoT::JobTemplate" ], "type": "string" }, @@ -137708,741 +146681,492 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { + "AWS::IoT::JobTemplate.AbortConfig": { "additionalProperties": false, "properties": { - "CodeContent": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CodeContent", - "markdownDescription": "The location and type of the application code.", - "title": "CodeContent" - }, - "CodeContentType": { - "markdownDescription": "Specifies whether the code content is in text or zip format.", - "title": "CodeContentType", - "type": "string" + "CriteriaList": { + "items": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortCriteria" + }, + "markdownDescription": "The list of criteria that determine when and how to abort the job.", + "title": "CriteriaList", + "type": "array" } }, "required": [ - "CodeContent", - "CodeContentType" + "CriteriaList" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration": { + "AWS::IoT::JobTemplate.AbortCriteria": { "additionalProperties": false, "properties": { - "ApplicationCodeConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration", - "markdownDescription": "The code location and type parameters for a Managed Service for Apache Flink application.", - "title": "ApplicationCodeConfiguration" - }, - "ApplicationSnapshotConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration", - "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", - "title": "ApplicationSnapshotConfiguration" - }, - "EnvironmentProperties": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.EnvironmentProperties", - "markdownDescription": "Describes execution properties for a Managed Service for Apache Flink application.", - "title": "EnvironmentProperties" - }, - "FlinkApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration", - "markdownDescription": "The creation and update parameters for a Managed Service for Apache Flink application.", - "title": "FlinkApplicationConfiguration" + "Action": { + "markdownDescription": "The type of job action to take to initiate the job abort.", + "title": "Action", + "type": "string" }, - "SqlApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration", - "markdownDescription": "The creation and update parameters for a SQL-based Kinesis Data Analytics application.", - "title": "SqlApplicationConfiguration" + "FailureType": { + "markdownDescription": "The type of job execution failures that can initiate a job abort.", + "title": "FailureType", + "type": "string" }, - "VpcConfigurations": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.VpcConfiguration" - }, - "markdownDescription": "The array of descriptions of VPC configurations available to the application.", - "title": "VpcConfigurations", - "type": "array" + "MinNumberOfExecutedThings": { + "markdownDescription": "The minimum number of things which must receive job execution notifications before the job can be aborted.", + "title": "MinNumberOfExecutedThings", + "type": "number" }, - "ZeppelinApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration", - "markdownDescription": "The configuration parameters for a Kinesis Data Analytics Studio notebook.", - "title": "ZeppelinApplicationConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration": { - "additionalProperties": false, - "properties": { - "ApplicationMaintenanceWindowStartTime": { - "markdownDescription": "", - "title": "ApplicationMaintenanceWindowStartTime", - "type": "string" + "ThresholdPercentage": { + "markdownDescription": "The minimum percentage of job execution failures that must occur to initiate the job abort.\n\nAWS IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999).", + "title": "ThresholdPercentage", + "type": "number" } }, "required": [ - "ApplicationMaintenanceWindowStartTime" + "Action", + "FailureType", + "MinNumberOfExecutedThings", + "ThresholdPercentage" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration": { + "AWS::IoT::JobTemplate.ExponentialRolloutRate": { "additionalProperties": false, "properties": { - "ApplicationRestoreType": { - "markdownDescription": "Specifies how the application should be restored.", - "title": "ApplicationRestoreType", - "type": "string" + "BaseRatePerMinute": { + "markdownDescription": "The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout.", + "title": "BaseRatePerMinute", + "type": "number" }, - "SnapshotName": { - "markdownDescription": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if `RESTORE_FROM_CUSTOM_SNAPSHOT` is specified for the `ApplicationRestoreType` .", - "title": "SnapshotName", - "type": "string" + "IncrementFactor": { + "markdownDescription": "The exponential factor to increase the rate of rollout for a job.\n\nAWS IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55).", + "title": "IncrementFactor", + "type": "number" + }, + "RateIncreaseCriteria": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.RateIncreaseCriteria", + "markdownDescription": "The criteria to initiate the increase in rate of rollout for a job.", + "title": "RateIncreaseCriteria" } }, "required": [ - "ApplicationRestoreType" + "BaseRatePerMinute", + "IncrementFactor", + "RateIncreaseCriteria" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration": { + "AWS::IoT::JobTemplate.JobExecutionsRetryConfig": { "additionalProperties": false, "properties": { - "SnapshotsEnabled": { - "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", - "title": "SnapshotsEnabled", - "type": "boolean" + "RetryCriteriaList": { + "items": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.RetryCriteria" + }, + "markdownDescription": "The list of criteria that determines how many retries are allowed for each failure type for a job.", + "title": "RetryCriteriaList", + "type": "array" } }, - "required": [ - "SnapshotsEnabled" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CSVMappingParameters": { + "AWS::IoT::JobTemplate.JobExecutionsRolloutConfig": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", - "type": "string" + "ExponentialRolloutRate": { + "$ref": "#/definitions/AWS::IoT::JobTemplate.ExponentialRolloutRate", + "markdownDescription": "The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout.", + "title": "ExponentialRolloutRate" }, - "RecordRowDelimiter": { - "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", - "type": "string" + "MaximumPerMinute": { + "markdownDescription": "The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.", + "title": "MaximumPerMinute", + "type": "number" } }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CatalogConfiguration": { + "AWS::IoT::JobTemplate.MaintenanceWindow": { "additionalProperties": false, "properties": { - "GlueDataCatalogConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration", - "markdownDescription": "The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook.", - "title": "GlueDataCatalogConfiguration" + "DurationInMinutes": { + "markdownDescription": "Displays the duration of the next maintenance window.", + "title": "DurationInMinutes", + "type": "number" + }, + "StartTime": { + "markdownDescription": "Displays the start time of the next maintenance window.", + "title": "StartTime", + "type": "string" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration": { + "AWS::IoT::JobTemplate.PresignedUrlConfig": { "additionalProperties": false, "properties": { - "CheckpointInterval": { - "markdownDescription": "Describes the interval in milliseconds between checkpoint operations.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointInterval` value of 60000, even if this value is set to another value using this API or in application code.", - "title": "CheckpointInterval", + "ExpiresInSec": { + "markdownDescription": "How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.", + "title": "ExpiresInSec", "type": "number" }, - "CheckpointingEnabled": { - "markdownDescription": "Describes whether checkpointing is enabled for a Managed Service for Apache Flink application.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointingEnabled` value of `true` , even if this value is set to another value using this API or in application code.", - "title": "CheckpointingEnabled", - "type": "boolean" - }, - "ConfigurationType": { - "markdownDescription": "Describes whether the application uses Managed Service for Apache Flink' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled` , `CheckpointInterval` , or `MinPauseBetweenCheckpoints` parameters.\n\n> If this value is set to `DEFAULT` , the application will use the following values, even if they are set to other values using APIs or application code:\n> \n> - *CheckpointingEnabled:* true\n> - *CheckpointInterval:* 60000\n> - *MinPauseBetweenCheckpoints:* 5000", - "title": "ConfigurationType", + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.\n\n> For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* .", + "title": "RoleArn", "type": "string" - }, - "MinPauseBetweenCheckpoints": { - "markdownDescription": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the `CheckpointInterval` , the application otherwise performs continual checkpoint operations. For more information, see [Tuning Checkpointing](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/large_state_tuning/#tuning-checkpointing) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `MinPauseBetweenCheckpoints` value of 5000, even if this value is set using this API or in application code.", - "title": "MinPauseBetweenCheckpoints", - "type": "number" } }, "required": [ - "ConfigurationType" + "RoleArn" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CodeContent": { + "AWS::IoT::JobTemplate.RateIncreaseCriteria": { "additionalProperties": false, "properties": { - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", - "markdownDescription": "Information about the Amazon S3 bucket that contains the application code.", - "title": "S3ContentLocation" - }, - "TextContent": { - "markdownDescription": "The text-format code for a Managed Service for Apache Flink application.", - "title": "TextContent", - "type": "string" + "NumberOfNotifiedThings": { + "markdownDescription": "The threshold for number of notified things that will initiate the increase in rate of rollout.", + "title": "NumberOfNotifiedThings", + "type": "number" }, - "ZipFileContent": { - "markdownDescription": "The zip-format code for a Managed Service for Apache Flink application.", - "title": "ZipFileContent", - "type": "string" + "NumberOfSucceededThings": { + "markdownDescription": "The threshold for number of succeeded things that will initiate the increase in rate of rollout.", + "title": "NumberOfSucceededThings", + "type": "number" } }, "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration": { + "AWS::IoT::JobTemplate.RetryCriteria": { "additionalProperties": false, "properties": { - "ArtifactType": { - "markdownDescription": "Set this to either `UDF` or `DEPENDENCY_JAR` . `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket.", - "title": "ArtifactType", + "FailureType": { + "markdownDescription": "The type of job execution failures that can initiate a job retry.", + "title": "FailureType", "type": "string" }, - "MavenReference": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MavenReference", - "markdownDescription": "The parameters required to fully specify a Maven reference.", - "title": "MavenReference" - }, - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", - "markdownDescription": "The location of the custom artifacts.", - "title": "S3ContentLocation" + "NumberOfRetries": { + "markdownDescription": "The number of retries allowed for a failure type for the job.", + "title": "NumberOfRetries", + "type": "number" } }, - "required": [ - "ArtifactType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration": { + "AWS::IoT::JobTemplate.TimeoutConfig": { "additionalProperties": false, "properties": { - "S3ContentLocation": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation", - "markdownDescription": "The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data.", - "title": "S3ContentLocation" + "InProgressTimeoutInMinutes": { + "markdownDescription": "Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status.", + "title": "InProgressTimeoutInMinutes", + "type": "number" } }, "required": [ - "S3ContentLocation" + "InProgressTimeoutInMinutes" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.EnvironmentProperties": { - "additionalProperties": false, - "properties": { - "PropertyGroups": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.PropertyGroup" - }, - "markdownDescription": "Describes the execution property groups.", - "title": "PropertyGroups", - "type": "array" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration": { + "AWS::IoT::Logging": { "additionalProperties": false, "properties": { - "CheckpointConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration", - "markdownDescription": "Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/concepts/programming-model.html#checkpoints-for-fault-tolerance) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) .", - "title": "CheckpointConfiguration" - }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration", - "markdownDescription": "Describes configuration parameters for Amazon CloudWatch logging for an application.", - "title": "MonitoringConfiguration" + "Condition": { + "type": "string" }, - "ParallelismConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration", - "markdownDescription": "Describes parameters for how an application executes multiple tasks simultaneously.", - "title": "ParallelismConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration": { - "additionalProperties": false, - "properties": { - "AllowNonRestoredState": { - "markdownDescription": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. This will happen if the program is updated between snapshots to remove stateful parameters, and state data in the snapshot no longer corresponds to valid application data. For more information, see [Allowing Non-Restored State](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/savepoints/#allowing-non-restored-state) in the [Apache Flink documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> This value defaults to `false` . If you update your application without specifying this parameter, `AllowNonRestoredState` will be set to `false` , even if it was previously set to `true` .", - "title": "AllowNonRestoredState", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration": { - "additionalProperties": false, - "properties": { - "DatabaseARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the database.", - "title": "DatabaseARN", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.Input": { - "additionalProperties": false, - "properties": { - "InputParallelism": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputParallelism", - "markdownDescription": "Describes the number of in-application streams to create.", - "title": "InputParallelism" }, - "InputProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration", - "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputProcessingConfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) .", - "title": "InputProcessingConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InputSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", - "title": "InputSchema" + "Metadata": { + "type": "object" }, - "KinesisFirehoseInput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN.", - "title": "KinesisFirehoseInput" + "Properties": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "The account ID.", + "title": "AccountId", + "type": "string" + }, + "DefaultLogLevel": { + "markdownDescription": "The default log level. Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", + "title": "DefaultLogLevel", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The role ARN used for the log.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "AccountId", + "DefaultLogLevel", + "RoleArn" + ], + "type": "object" }, - "KinesisStreamsInput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput", - "markdownDescription": "If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN).", - "title": "KinesisStreamsInput" + "Type": { + "enum": [ + "AWS::IoT::Logging" + ], + "type": "string" }, - "NamePrefix": { - "markdownDescription": "The name prefix to use when creating an in-application stream. Suppose that you specify a prefix \" `MyInApplicationStream` .\" Kinesis Data Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with the names \" `MyInApplicationStream_001` ,\" \" `MyInApplicationStream_002` ,\" and so on.", - "title": "NamePrefix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "InputSchema", - "NamePrefix" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor": { + "AWS::IoT::MitigationAction": { "additionalProperties": false, "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the Amazon Lambda function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", + "Condition": { "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.InputParallelism": { - "additionalProperties": false, - "properties": { - "Count": { - "markdownDescription": "The number of in-application streams to create.", - "title": "Count", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration": { - "additionalProperties": false, - "properties": { - "InputLambdaProcessor": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor", - "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) that is used to preprocess the records in the stream before being processed by your application code.", - "title": "InputLambdaProcessor" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.InputSchema": { - "additionalProperties": false, - "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordColumn" - }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", - "type": "array" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" - } - }, - "required": [ - "RecordColumns", - "RecordFormat" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.JSONMappingParameters": { - "additionalProperties": false, - "properties": { - "RecordRowPath": { - "markdownDescription": "The path to the top-level parent that contains the records.", - "title": "RecordRowPath", - "type": "string" - } - }, - "required": [ - "RecordRowPath" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", - "title": "ResourceARN", - "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the input Kinesis data stream to read.", - "title": "ResourceARN", - "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.MappingParameters": { - "additionalProperties": false, - "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.MavenReference": { - "additionalProperties": false, - "properties": { - "ArtifactId": { - "markdownDescription": "The artifact ID of the Maven reference.", - "title": "ArtifactId", - "type": "string" + "Metadata": { + "type": "object" }, - "GroupId": { - "markdownDescription": "The group ID of the Maven reference.", - "title": "GroupId", + "Properties": { + "additionalProperties": false, + "properties": { + "ActionName": { + "markdownDescription": "The friendly name of the mitigation action.", + "title": "ActionName", + "type": "string" + }, + "ActionParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.ActionParams", + "markdownDescription": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.", + "title": "ActionParams" + }, + "RoleArn": { + "markdownDescription": "The IAM role ARN used to apply this mitigation action.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the mitigation action.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ActionParams", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::MitigationAction" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version of the Maven reference.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ArtifactId", - "GroupId", - "Version" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration": { + "AWS::IoT::MitigationAction.ActionParams": { "additionalProperties": false, "properties": { - "ConfigurationType": { - "markdownDescription": "Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to `CUSTOM` in order to set the `LogLevel` or `MetricsLevel` parameters.", - "title": "ConfigurationType", - "type": "string" + "AddThingsToThingGroupParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.AddThingsToThingGroupParams", + "markdownDescription": "Specifies the group to which you want to add the devices.", + "title": "AddThingsToThingGroupParams" }, - "LogLevel": { - "markdownDescription": "Describes the verbosity of the CloudWatch Logs for an application.", - "title": "LogLevel", - "type": "string" + "EnableIoTLoggingParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.EnableIoTLoggingParams", + "markdownDescription": "Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` .", + "title": "EnableIoTLoggingParams" }, - "MetricsLevel": { - "markdownDescription": "Describes the granularity of the CloudWatch Logs for an application. The `Parallelism` level is not recommended for applications with a Parallelism over 64 due to excessive costs.", - "title": "MetricsLevel", - "type": "string" - } - }, - "required": [ - "ConfigurationType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration": { - "additionalProperties": false, - "properties": { - "AutoScalingEnabled": { - "markdownDescription": "Describes whether the Managed Service for Apache Flink service can increase the parallelism of the application in response to increased throughput.", - "title": "AutoScalingEnabled", - "type": "boolean" + "PublishFindingToSnsParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.PublishFindingToSnsParams", + "markdownDescription": "Specifies the topic to which the finding should be published.", + "title": "PublishFindingToSnsParams" }, - "ConfigurationType": { - "markdownDescription": "Describes whether the application uses the default parallelism for the Managed Service for Apache Flink service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled` , `Parallelism` , or `ParallelismPerKPU` properties.", - "title": "ConfigurationType", - "type": "string" + "ReplaceDefaultPolicyVersionParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams", + "markdownDescription": "Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported.", + "title": "ReplaceDefaultPolicyVersionParams" }, - "Parallelism": { - "markdownDescription": "Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if [ParallelismConfiguration:AutoScalingEnabled](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_ParallelismConfiguration.html#kinesisanalytics-Type-ParallelismConfiguration-AutoScalingEnabled.html) is set to `true` .", - "title": "Parallelism", - "type": "number" + "UpdateCACertificateParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateCACertificateParams", + "markdownDescription": "Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported.", + "title": "UpdateCACertificateParams" }, - "ParallelismPerKPU": { - "markdownDescription": "Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see [Amazon Kinesis Data Analytics Pricing](https://docs.aws.amazon.com/kinesis/data-analytics/pricing/) .", - "title": "ParallelismPerKPU", - "type": "number" + "UpdateDeviceCertificateParams": { + "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateDeviceCertificateParams", + "markdownDescription": "Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported.", + "title": "UpdateDeviceCertificateParams" } }, - "required": [ - "ConfigurationType" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.PropertyGroup": { + "AWS::IoT::MitigationAction.AddThingsToThingGroupParams": { "additionalProperties": false, "properties": { - "PropertyGroupId": { - "markdownDescription": "Describes the key of an application execution property key-value pair.", - "title": "PropertyGroupId", - "type": "string" + "OverrideDynamicGroups": { + "markdownDescription": "Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.", + "title": "OverrideDynamicGroups", + "type": "boolean" }, - "PropertyMap": { - "additionalProperties": true, - "markdownDescription": "Describes the value of an application execution property key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "ThingGroupNames": { + "items": { + "type": "string" }, - "title": "PropertyMap", - "type": "object" + "markdownDescription": "The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.", + "title": "ThingGroupNames", + "type": "array" } }, + "required": [ + "ThingGroupNames" + ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.RecordColumn": { + "AWS::IoT::MitigationAction.EnableIoTLoggingParams": { "additionalProperties": false, "properties": { - "Mapping": { - "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", - "title": "Mapping", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", - "title": "Name", + "LogLevel": { + "markdownDescription": "Specifies the type of information to be logged.", + "title": "LogLevel", "type": "string" }, - "SqlType": { - "markdownDescription": "The type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "RoleArnForLogging": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used for logging.", + "title": "RoleArnForLogging", "type": "string" } }, "required": [ - "Name", - "SqlType" + "LogLevel", + "RoleArnForLogging" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.RecordFormat": { + "AWS::IoT::MitigationAction.PublishFindingToSnsParams": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MappingParameters", - "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" - }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "TopicArn": { + "markdownDescription": "The ARN of the topic to which you want to publish the findings.", + "title": "TopicArn", "type": "string" } }, "required": [ - "RecordFormatType" + "TopicArn" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.RunConfiguration": { - "additionalProperties": false, - "properties": { - "ApplicationRestoreConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration", - "markdownDescription": "Describes the restore behavior of a restarting application.", - "title": "ApplicationRestoreConfiguration" - }, - "FlinkRunConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration", - "markdownDescription": "Describes the starting parameters for a Managed Service for Apache Flink application.", - "title": "FlinkRunConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation": { + "AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams": { "additionalProperties": false, "properties": { - "BasePath": { - "markdownDescription": "The base path for the S3 bucket.", - "title": "BasePath", - "type": "string" - }, - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", + "TemplateName": { + "markdownDescription": "The name of the template to be applied. The only supported value is `BLANK_POLICY` .", + "title": "TemplateName", "type": "string" } }, "required": [ - "BucketARN" + "TemplateName" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.S3ContentLocation": { + "AWS::IoT::MitigationAction.UpdateCACertificateParams": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) for the S3 bucket containing the application code.", - "title": "BucketARN", - "type": "string" - }, - "FileKey": { - "markdownDescription": "The file key for the object containing the application code.", - "title": "FileKey", - "type": "string" - }, - "ObjectVersion": { - "markdownDescription": "The version of the object containing the application code.", - "title": "ObjectVersion", + "Action": { + "markdownDescription": "The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` .", + "title": "Action", "type": "string" } }, "required": [ - "BucketARN", - "FileKey" + "Action" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "Inputs": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.Input" - }, - "markdownDescription": "The array of [Input](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_Input.html) objects describing the input streams used by the application.", - "title": "Inputs", - "type": "array" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.VpcConfiguration": { + "AWS::IoT::MitigationAction.UpdateDeviceCertificateParams": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The array of [SecurityGroup](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SecurityGroup.html) IDs used by the VPC configuration.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The array of [Subnet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Subnet.html) IDs used by the VPC configuration.", - "title": "SubnetIds", - "type": "array" + "Action": { + "markdownDescription": "The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` .", + "title": "Action", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "SubnetIds" + "Action" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration": { - "additionalProperties": false, - "properties": { - "CatalogConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CatalogConfiguration", - "markdownDescription": "The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook.", - "title": "CatalogConfiguration" - }, - "CustomArtifactsConfiguration": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration" - }, - "markdownDescription": "A list of `CustomArtifactConfiguration` objects.", - "title": "CustomArtifactsConfiguration", - "type": "array" - }, - "DeployAsApplicationConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration", - "markdownDescription": "The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state.", - "title": "DeployAsApplicationConfiguration" - }, - "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration", - "markdownDescription": "The monitoring configuration of a Kinesis Data Analytics Studio notebook.", - "title": "MonitoringConfiguration" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration": { - "additionalProperties": false, - "properties": { - "LogLevel": { - "markdownDescription": "The verbosity of the CloudWatch Logs for an application. You can set it to `INFO` , `WARN` , `ERROR` , or `DEBUG` .", - "title": "LogLevel", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption": { + "AWS::IoT::Policy": { "additionalProperties": false, "properties": { "Condition": { @@ -138477,26 +147201,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "PolicyDocument": { + "markdownDescription": "The JSON document that describes the policy.", + "title": "PolicyDocument", + "type": "object" + }, + "PolicyName": { + "markdownDescription": "The policy name.", + "title": "PolicyName", "type": "string" }, - "CloudWatchLoggingOption": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption", - "markdownDescription": "Provides a description of Amazon CloudWatch logging options, including the log stream Amazon Resource Name (ARN).", - "title": "CloudWatchLoggingOption" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "ApplicationName", - "CloudWatchLoggingOption" + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption" + "AWS::IoT::Policy" ], "type": "string" }, @@ -138515,21 +147246,7 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption": { - "additionalProperties": false, - "properties": { - "LogStreamARN": { - "markdownDescription": "The ARN of the CloudWatch log to receive application messages.", - "title": "LogStreamARN", - "type": "string" - } - }, - "required": [ - "LogStreamARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput": { + "AWS::IoT::PolicyPrincipalAttachment": { "additionalProperties": false, "properties": { "Condition": { @@ -138564,26 +147281,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "PolicyName": { + "markdownDescription": "The name of the AWS IoT policy.", + "title": "PolicyName", "type": "string" }, - "Output": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.Output", - "markdownDescription": "Describes a SQL-based Kinesis Data Analytics application's output configuration, in which you identify an in-application stream and a destination where you want the in-application stream data to be written. The destination can be a Kinesis data stream or a Kinesis Data Firehose delivery stream.", - "title": "Output" + "Principal": { + "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", + "title": "Principal", + "type": "string" } }, "required": [ - "ApplicationName", - "Output" + "PolicyName", + "Principal" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationOutput" + "AWS::IoT::PolicyPrincipalAttachment" ], "type": "string" }, @@ -138602,94 +147319,7 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema": { - "additionalProperties": false, - "properties": { - "RecordFormatType": { - "markdownDescription": "Specifies the format of the records on the output stream.", - "title": "RecordFormatType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the destination delivery stream to write to.", - "title": "ResourceARN", - "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The ARN of the destination Kinesis data stream to write to.", - "title": "ResourceARN", - "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput": { - "additionalProperties": false, - "properties": { - "ResourceARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", - "title": "ResourceARN", - "type": "string" - } - }, - "required": [ - "ResourceARN" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationOutput.Output": { - "additionalProperties": false, - "properties": { - "DestinationSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema", - "markdownDescription": "Describes the data format when records are written to the destination.", - "title": "DestinationSchema" - }, - "KinesisFirehoseOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput", - "markdownDescription": "Identifies a Kinesis Data Firehose delivery stream as the destination.", - "title": "KinesisFirehoseOutput" - }, - "KinesisStreamsOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput", - "markdownDescription": "Identifies a Kinesis data stream as the destination.", - "title": "KinesisStreamsOutput" - }, - "LambdaOutput": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput", - "markdownDescription": "Identifies an Amazon Lambda function as the destination.", - "title": "LambdaOutput" - }, - "Name": { - "markdownDescription": "The name of the in-application stream.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "DestinationSchema" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource": { + "AWS::IoT::ProvisioningTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -138724,26 +147354,59 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationName": { - "markdownDescription": "The name of the application.", - "title": "ApplicationName", + "Description": { + "markdownDescription": "The description of the fleet provisioning template.", + "title": "Description", "type": "string" }, - "ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource", - "markdownDescription": "For a SQL-based Kinesis Data Analytics application, describes the reference data source by providing the source information (Amazon S3 bucket name and object key name), the resulting in-application table name that is created, and the necessary schema to map the data elements in the Amazon S3 object to the in-application table.", - "title": "ReferenceDataSource" + "Enabled": { + "markdownDescription": "True to enable the fleet provisioning template, otherwise false.", + "title": "Enabled", + "type": "boolean" + }, + "PreProvisioningHook": { + "$ref": "#/definitions/AWS::IoT::ProvisioningTemplate.ProvisioningHook", + "markdownDescription": "Creates a pre-provisioning hook template.", + "title": "PreProvisioningHook" + }, + "ProvisioningRoleArn": { + "markdownDescription": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.", + "title": "ProvisioningRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the fleet provisioning template.", + "title": "Tags", + "type": "array" + }, + "TemplateBody": { + "markdownDescription": "The JSON formatted contents of the fleet provisioning template version.", + "title": "TemplateBody", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the fleet provisioning template.", + "title": "TemplateName", + "type": "string" + }, + "TemplateType": { + "markdownDescription": "The type of the provisioning template.", + "title": "TemplateType", + "type": "string" } }, "required": [ - "ApplicationName", - "ReferenceDataSource" + "ProvisioningRoleArn", + "TemplateBody" ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource" + "AWS::IoT::ProvisioningTemplate" ], "type": "string" }, @@ -138762,173 +147425,187 @@ ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters": { + "AWS::IoT::ProvisioningTemplate.ProvisioningHook": { "additionalProperties": false, "properties": { - "RecordColumnDelimiter": { - "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", - "title": "RecordColumnDelimiter", + "PayloadVersion": { + "markdownDescription": "The payload that was sent to the target function. The valid payload is `\"2020-04-01\"` .", + "title": "PayloadVersion", "type": "string" }, - "RecordRowDelimiter": { - "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", - "title": "RecordRowDelimiter", + "TargetArn": { + "markdownDescription": "The ARN of the target function.", + "title": "TargetArn", "type": "string" } }, - "required": [ - "RecordColumnDelimiter", - "RecordRowDelimiter" - ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters": { + "AWS::IoT::ResourceSpecificLogging": { "additionalProperties": false, "properties": { - "RecordRowPath": { - "markdownDescription": "The path to the top-level parent that contains the records.", - "title": "RecordRowPath", + "Condition": { "type": "string" - } - }, - "required": [ - "RecordRowPath" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters": { - "additionalProperties": false, - "properties": { - "CSVMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters", - "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", - "title": "CSVMappingParameters" }, - "JSONMappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters", - "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", - "title": "JSONMappingParameters" - } - }, - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn": { - "additionalProperties": false, - "properties": { - "Mapping": { - "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", - "title": "Mapping", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Name": { - "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", - "title": "Name", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LogLevel": { + "markdownDescription": "The default log level.Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", + "title": "LogLevel", + "type": "string" + }, + "TargetName": { + "markdownDescription": "The target name.", + "title": "TargetName", + "type": "string" + }, + "TargetType": { + "markdownDescription": "The target type. Valid Values: `DEFAULT | THING_GROUP`", + "title": "TargetType", + "type": "string" + } + }, + "required": [ + "LogLevel", + "TargetName", + "TargetType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::ResourceSpecificLogging" + ], "type": "string" }, - "SqlType": { - "markdownDescription": "The type of column created in the in-application input stream or reference table.", - "title": "SqlType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "SqlType" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat": { + "AWS::IoT::RoleAlias": { "additionalProperties": false, "properties": { - "MappingParameters": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters", - "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", - "title": "MappingParameters" + "Condition": { + "type": "string" }, - "RecordFormatType": { - "markdownDescription": "The type of record format.", - "title": "RecordFormatType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "RecordFormatType" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource": { - "additionalProperties": false, - "properties": { - "ReferenceSchema": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema", - "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", - "title": "ReferenceSchema" }, - "S3ReferenceDataSource": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource", - "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. A Kinesis Data Analytics application loads reference data only once. If the data changes, you call the [UpdateApplication](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_UpdateApplication.html) operation to trigger reloading of data into your application.", - "title": "S3ReferenceDataSource" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TableName": { - "markdownDescription": "The name of the in-application table to create.", - "title": "TableName", - "type": "string" - } - }, - "required": [ - "ReferenceSchema" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema": { - "additionalProperties": false, - "properties": { - "RecordColumns": { - "items": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn" - }, - "markdownDescription": "A list of `RecordColumn` objects.", - "title": "RecordColumns", - "type": "array" + "Metadata": { + "type": "object" }, - "RecordEncoding": { - "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", - "title": "RecordEncoding", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CredentialDurationSeconds": { + "markdownDescription": "The number of seconds for which the credential is valid.", + "title": "CredentialDurationSeconds", + "type": "number" + }, + "RoleAlias": { + "markdownDescription": "The role alias.", + "title": "RoleAlias", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The role ARN.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" }, - "RecordFormat": { - "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat", - "markdownDescription": "Specifies the format of the records on the streaming source.", - "title": "RecordFormat" - } - }, - "required": [ - "RecordColumns", - "RecordFormat" - ], - "type": "object" - }, - "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource": { - "additionalProperties": false, - "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", - "title": "BucketARN", + "Type": { + "enum": [ + "AWS::IoT::RoleAlias" + ], "type": "string" }, - "FileKey": { - "markdownDescription": "The object key name containing the reference data.", - "title": "FileKey", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketARN", - "FileKey" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream": { + "AWS::IoT::ScheduledAudit": { "additionalProperties": false, "properties": { "Condition": { @@ -138963,90 +147640,52 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonOpenSearchServerlessDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service.", - "title": "AmazonOpenSearchServerlessDestinationConfiguration" - }, - "AmazonopensearchserviceDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration", - "markdownDescription": "The destination in Amazon OpenSearch Service. You can specify only one destination.", - "title": "AmazonopensearchserviceDestinationConfiguration" - }, - "DeliveryStreamEncryptionConfigurationInput": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput", - "markdownDescription": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE).", - "title": "DeliveryStreamEncryptionConfigurationInput" - }, - "DeliveryStreamName": { - "markdownDescription": "The name of the Firehose stream.", - "title": "DeliveryStreamName", + "DayOfMonth": { + "markdownDescription": "The day of the month on which the scheduled audit is run (if the `frequency` is \"MONTHLY\"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the \"LAST\" day of the month.", + "title": "DayOfMonth", "type": "string" }, - "DeliveryStreamType": { - "markdownDescription": "The Firehose stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the Firehose stream directly.\n- `KinesisStreamAsSource` : The Firehose stream uses a Kinesis data stream as a source.", - "title": "DeliveryStreamType", + "DayOfWeek": { + "markdownDescription": "The day of the week on which the scheduled audit is run (if the `frequency` is \"WEEKLY\" or \"BIWEEKLY\").", + "title": "DayOfWeek", "type": "string" }, - "ElasticsearchDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration", - "markdownDescription": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "ElasticsearchDestinationConfiguration" - }, - "ExtendedS3DestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration", - "markdownDescription": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "ExtendedS3DestinationConfiguration" - }, - "HttpEndpointDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration", - "markdownDescription": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination.", - "title": "HttpEndpointDestinationConfiguration" - }, - "KinesisStreamSourceConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration", - "markdownDescription": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream.", - "title": "KinesisStreamSourceConfiguration" - }, - "MSKSourceConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration", - "markdownDescription": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream.", - "title": "MSKSourceConfiguration" - }, - "RedshiftDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration", - "markdownDescription": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "RedshiftDestinationConfiguration" - }, - "S3DestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", - "title": "S3DestinationConfiguration" - }, - "SnowflakeDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration", - "markdownDescription": "Configure Snowflake destination", - "title": "SnowflakeDestinationConfiguration" + "Frequency": { + "markdownDescription": "How often the scheduled audit occurs.", + "title": "Frequency", + "type": "string" }, - "SplunkDestinationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration", - "markdownDescription": "The configuration of a destination in Splunk for the delivery stream.", - "title": "SplunkDestinationConfiguration" + "ScheduledAuditName": { + "markdownDescription": "The name of the scheduled audit.", + "title": "ScheduledAuditName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A set of tags to assign to the Firehose stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the Firehose stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a Firehose stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)", + "markdownDescription": "Metadata that can be used to manage the scheduled audit.", "title": "Tags", "type": "array" + }, + "TargetCheckNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use `DescribeAccountAuditConfiguration` to see the list of all checks, including those that are enabled or use `UpdateAccountAuditConfiguration` to select which checks are enabled.)\n\nThe following checks are currently available:\n\n- `AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`\n- `CA_CERTIFICATE_EXPIRING_CHECK`\n- `CA_CERTIFICATE_KEY_QUALITY_CHECK`\n- `CONFLICTING_CLIENT_IDS_CHECK`\n- `DEVICE_CERTIFICATE_EXPIRING_CHECK`\n- `DEVICE_CERTIFICATE_KEY_QUALITY_CHECK`\n- `DEVICE_CERTIFICATE_SHARED_CHECK`\n- `IOT_POLICY_OVERLY_PERMISSIVE_CHECK`\n- `IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK`\n- `IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK`\n- `LOGGING_DISABLED_CHECK`\n- `REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`", + "title": "TargetCheckNames", + "type": "array" } }, + "required": [ + "Frequency", + "TargetCheckNames" + ], "type": "object" }, "Type": { "enum": [ - "AWS::KinesisFirehose::DeliveryStream" + "AWS::IoT::ScheduledAudit" ], "type": "string" }, @@ -139060,1618 +147699,2276 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints": { + "AWS::IoT::SecurityProfile": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", - "title": "IntervalInSeconds", - "type": "number" - }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n\nWe recommend setting this parameter to a value greater than the amount of data you typically ingest into the Firehose stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", - "title": "SizeInMBs", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration": { - "additionalProperties": false, - "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "", - "title": "CloudWatchLoggingOptions" - }, - "CollectionEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.", - "title": "CollectionEndpoint", + "Condition": { "type": "string" }, - "IndexName": { - "markdownDescription": "The Serverless offering for Amazon OpenSearch Service index name.", - "title": "IndexName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "", - "title": "ProcessingConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes).", - "title": "RetryOptions" + "Metadata": { + "type": "object" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents.", - "title": "RoleARN", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalMetricsToRetainV2": { + "items": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricToRetain" + }, + "markdownDescription": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's `behaviors` , but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.", + "title": "AdditionalMetricsToRetainV2", + "type": "array" + }, + "AlertTargets": { + "additionalProperties": false, + "markdownDescription": "Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.AlertTarget" + } + }, + "title": "AlertTargets", + "type": "object" + }, + "Behaviors": { + "items": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.Behavior" + }, + "markdownDescription": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", + "title": "Behaviors", + "type": "array" + }, + "MetricsExportConfig": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricsExportConfig", + "markdownDescription": "Specifies the MQTT topic and role ARN required for metric export.", + "title": "MetricsExportConfig" + }, + "SecurityProfileDescription": { + "markdownDescription": "A description of the security profile.", + "title": "SecurityProfileDescription", + "type": "string" + }, + "SecurityProfileName": { + "markdownDescription": "The name you gave to the security profile.", + "title": "SecurityProfileName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the security profile.", + "title": "Tags", + "type": "array" + }, + "TargetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARN of the target (thing group) to which the security profile is attached.", + "title": "TargetArns", + "type": "array" + } + }, + "type": "object" }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.", - "title": "S3BackupMode", + "Type": { + "enum": [ + "AWS::IoT::SecurityProfile" + ], "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "", - "title": "S3Configuration" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "", - "title": "VpcConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "IndexName", - "RoleARN", - "S3Configuration" + "Type" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", - "title": "DurationInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { + "AWS::IoT::SecurityProfile.AlertTarget": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", - "title": "IntervalInSeconds", - "type": "number" + "AlertTargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the notification target to which alerts are sent.", + "title": "AlertTargetArn", + "type": "string" }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", - "title": "SizeInMBs", - "type": "number" + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to send alerts to the notification target.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "AlertTargetArn", + "RoleArn" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration": { + "AWS::IoT::SecurityProfile.Behavior": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", - "title": "BufferingHints" + "Criteria": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.BehaviorCriteria", + "markdownDescription": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n> In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.", + "title": "Criteria" }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", - "title": "CloudWatchLoggingOptions" + "ExportMetric": { + "markdownDescription": "Value indicates exporting metrics related to the behavior when it is true.", + "title": "ExportMetric", + "type": "boolean" }, - "ClusterEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field.", - "title": "ClusterEndpoint", + "Metric": { + "markdownDescription": "What is measured by the behavior.", + "title": "Metric", "type": "string" }, - "DocumentIdOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", - "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", - "title": "DocumentIdOptions" - }, - "DomainARN": { - "markdownDescription": "The ARN of the Amazon OpenSearch Service domain.", - "title": "DomainARN", - "type": "string" + "MetricDimension": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", + "markdownDescription": "The dimension of the metric.", + "title": "MetricDimension" }, - "IndexName": { - "markdownDescription": "The Amazon OpenSearch Service index name.", - "title": "IndexName", + "Name": { + "markdownDescription": "The name you've given to the behavior.", + "title": "Name", "type": "string" }, - "IndexRotationPeriod": { - "markdownDescription": "The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data.", - "title": "IndexRotationPeriod", + "SuppressAlerts": { + "markdownDescription": "The alert status. If you set the value to `true` , alerts will be suppressed.", + "title": "SuppressAlerts", + "type": "boolean" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::IoT::SecurityProfile.BehaviorCriteria": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The operator that relates the thing measured ( `metric` ) to the criteria (containing a `value` or `statisticalThreshold` ). Valid operators include:\n\n- `string-list` : `in-set` and `not-in-set`\n- `number-list` : `in-set` and `not-in-set`\n- `ip-address-list` : `in-cidr-set` and `not-in-cidr-set`\n- `number` : `less-than` , `less-than-equals` , `greater-than` , and `greater-than-equals`", + "title": "ComparisonOperator", "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "Describes a data processing configuration.", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions", - "markdownDescription": "The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes).", - "title": "RetryOptions" + "ConsecutiveDatapointsToAlarm": { + "markdownDescription": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.", + "title": "ConsecutiveDatapointsToAlarm", + "type": "number" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents.", - "title": "RoleARN", - "type": "string" + "ConsecutiveDatapointsToClear": { + "markdownDescription": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.", + "title": "ConsecutiveDatapointsToClear", + "type": "number" }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3.", - "title": "S3BackupMode", - "type": "string" + "DurationSeconds": { + "markdownDescription": "Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, `NUM_MESSAGES_SENT` ). For a `statisticalThreshhold` metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.", + "title": "DurationSeconds", + "type": "number" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in Amazon S3.", - "title": "S3Configuration" + "MlDetectionConfig": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MachineLearningDetectionConfig", + "markdownDescription": "The confidence level of the detection model.", + "title": "MlDetectionConfig" }, - "TypeName": { - "markdownDescription": "The Amazon OpenSearch Service type name.", - "title": "TypeName", - "type": "string" + "StatisticalThreshold": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.StatisticalThreshold", + "markdownDescription": "A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.", + "title": "StatisticalThreshold" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "The details of the VPC of the Amazon OpenSearch Service destination.", - "title": "VpcConfiguration" + "Value": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricValue", + "markdownDescription": "The value to be compared with the `metric` .", + "title": "Value" } }, - "required": [ - "IndexName", - "RoleARN", - "S3Configuration" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions": { + "AWS::IoT::SecurityProfile.MachineLearningDetectionConfig": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", - "title": "DurationInSeconds", - "type": "number" + "ConfidenceLevel": { + "markdownDescription": "The model confidence level.\n\nThere are three levels of confidence, `\"high\"` , `\"medium\"` , and `\"low\"` .\n\nThe higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.", + "title": "ConfidenceLevel", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration": { + "AWS::IoT::SecurityProfile.MetricDimension": { "additionalProperties": false, "properties": { - "Connectivity": { - "markdownDescription": "The type of connectivity used to access the Amazon MSK cluster.", - "title": "Connectivity", + "DimensionName": { + "markdownDescription": "The name of the dimension.", + "title": "DimensionName", "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of the role used to access the Amazon MSK cluster.", - "title": "RoleARN", + "Operator": { + "markdownDescription": "Operators are constructs that perform logical operations. Valid values are `IN` and `NOT_IN` .", + "title": "Operator", "type": "string" } }, "required": [ - "Connectivity", - "RoleARN" + "DimensionName" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.BufferingHints": { + "AWS::IoT::SecurityProfile.MetricToRetain": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "IntervalInSeconds", - "type": "number" + "ExportMetric": { + "markdownDescription": "The value indicates exporting metrics related to the `MetricToRetain` when it's true.", + "title": "ExportMetric", + "type": "boolean" }, - "SizeInMBs": { - "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "SizeInMBs", - "type": "number" + "Metric": { + "markdownDescription": "A standard of measurement.", + "title": "Metric", + "type": "string" + }, + "MetricDimension": { + "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", + "markdownDescription": "The dimension of the metric.", + "title": "MetricDimension" } }, + "required": [ + "Metric" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions": { + "AWS::IoT::SecurityProfile.MetricValue": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether CloudWatch Logs logging is enabled.", - "title": "Enabled", - "type": "boolean" + "Cidrs": { + "items": { + "type": "string" + }, + "markdownDescription": "If the `comparisonOperator` calls for a set of CIDRs, use this to specify that set to be compared with the `metric` .", + "title": "Cidrs", + "type": "array" }, - "LogGroupName": { - "markdownDescription": "The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use.\n\nConditional. If you enable logging, you must specify this property.", - "title": "LogGroupName", + "Count": { + "markdownDescription": "If the `comparisonOperator` calls for a numeric value, use this to specify that numeric value to be compared with the `metric` .", + "title": "Count", "type": "string" }, - "LogStreamName": { - "markdownDescription": "The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery.\n\nConditional. If you enable logging, you must specify this property.", - "title": "LogStreamName", - "type": "string" + "Number": { + "markdownDescription": "The numeric values of a metric.", + "title": "Number", + "type": "number" + }, + "Numbers": { + "items": { + "type": "number" + }, + "markdownDescription": "The numeric value of a metric.", + "title": "Numbers", + "type": "array" + }, + "Ports": { + "items": { + "type": "number" + }, + "markdownDescription": "If the `comparisonOperator` calls for a set of ports, use this to specify that set to be compared with the `metric` .", + "title": "Ports", + "type": "array" + }, + "Strings": { + "items": { + "type": "string" + }, + "markdownDescription": "The string values of a metric.", + "title": "Strings", + "type": "array" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.CopyCommand": { + "AWS::IoT::SecurityProfile.MetricsExportConfig": { "additionalProperties": false, "properties": { - "CopyOptions": { - "markdownDescription": "Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "CopyOptions", - "type": "string" - }, - "DataTableColumns": { - "markdownDescription": "A comma-separated list of column names.", - "title": "DataTableColumns", + "MqttTopic": { + "markdownDescription": "The MQTT topic that Device Defender Detect should publish messages to for metrics export.", + "title": "MqttTopic", "type": "string" }, - "DataTableName": { - "markdownDescription": "The name of the target table. The table must already exist in the database.", - "title": "DataTableName", + "RoleArn": { + "markdownDescription": "This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.", + "title": "RoleArn", "type": "string" } }, "required": [ - "DataTableName" + "MqttTopic", + "RoleArn" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration": { + "AWS::IoT::SecurityProfile.StatisticalThreshold": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details.", - "title": "Enabled", - "type": "boolean" - }, - "InputFormatConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration", - "markdownDescription": "Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true.", - "title": "InputFormatConfiguration" - }, - "OutputFormatConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration", - "markdownDescription": "Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true.", - "title": "OutputFormatConfiguration" - }, - "SchemaConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration", - "markdownDescription": "Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true.", - "title": "SchemaConfiguration" + "Statistic": { + "markdownDescription": "The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( `durationSeconds` ) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( `comparisonOperator` ) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.", + "title": "Statistic", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput": { + "AWS::IoT::SoftwarePackage": { "additionalProperties": false, "properties": { - "KeyARN": { - "markdownDescription": "If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK.", - "title": "KeyARN", + "Condition": { "type": "string" }, - "KeyType": { - "markdownDescription": "Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) .\n\nYou can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams.\n\n> To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide.", - "title": "KeyType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A summary of the package being created. This can be used to outline the package's contents or purpose.", + "title": "Description", + "type": "string" + }, + "PackageName": { + "markdownDescription": "The name of the new software package.", + "title": "PackageName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the package.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::SoftwarePackage" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "KeyType" + "Type" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.Deserializer": { + "AWS::IoT::SoftwarePackageVersion": { "additionalProperties": false, "properties": { - "HiveJsonSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe", - "markdownDescription": "The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.", - "title": "HiveJsonSerDe" + "Condition": { + "type": "string" }, - "OpenXJsonSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe", - "markdownDescription": "The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.", - "title": "OpenXJsonSerDe" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Artifact": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.PackageVersionArtifact", + "markdownDescription": "", + "title": "Artifact" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "Metadata that can be used to define a package version\u2019s configuration. For example, the S3 file location, configuration options that are being sent to the device or fleet.\n\nThe combined size of all the attributes on a package version is limited to 3KB.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "Description": { + "markdownDescription": "A summary of the package version being created. This can be used to outline the package's contents or purpose.", + "title": "Description", + "type": "string" + }, + "PackageName": { + "markdownDescription": "The name of the associated software package.", + "title": "PackageName", + "type": "string" + }, + "Recipe": { + "markdownDescription": "", + "title": "Recipe", + "type": "string" + }, + "Sbom": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.Sbom", + "markdownDescription": "", + "title": "Sbom" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the package version.", + "title": "Tags", + "type": "array" + }, + "VersionName": { + "markdownDescription": "The name of the new package version.", + "title": "VersionName", + "type": "string" + } + }, + "required": [ + "PackageName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::SoftwarePackageVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions": { + "AWS::IoT::SoftwarePackageVersion.PackageVersionArtifact": { "additionalProperties": false, "properties": { - "DefaultDocumentIdFormat": { - "markdownDescription": "When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs.\n\nWhen the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance.", - "title": "DefaultDocumentIdFormat", - "type": "string" + "S3Location": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.S3Location", + "markdownDescription": "", + "title": "S3Location" } }, "required": [ - "DefaultDocumentIdFormat" + "S3Location" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration": { + "AWS::IoT::SoftwarePackageVersion.S3Location": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream.", - "title": "Enabled", - "type": "boolean" + "Bucket": { + "markdownDescription": "", + "title": "Bucket", + "type": "string" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", - "markdownDescription": "Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.", - "title": "RetryOptions" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "", + "title": "Version", + "type": "string" } }, + "required": [ + "Bucket", + "Key", + "Version" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints": { + "AWS::IoT::SoftwarePackageVersion.Sbom": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "IntervalInSeconds", - "type": "number" - }, - "SizeInMBs": { - "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "SizeInMBs", - "type": "number" + "S3Location": { + "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion.S3Location", + "markdownDescription": "", + "title": "S3Location" } }, + "required": [ + "S3Location" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration": { + "AWS::IoT::Thing": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints", - "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch Logs logging options for the delivery stream.", - "title": "CloudWatchLoggingOptions" - }, - "ClusterEndpoint": { - "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field.", - "title": "ClusterEndpoint", - "type": "string" - }, - "DocumentIdOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", - "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", - "title": "DocumentIdOptions" - }, - "DomainARN": { - "markdownDescription": "The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* .\n\nSpecify either `ClusterEndpoint` or `DomainARN` .", - "title": "DomainARN", - "type": "string" - }, - "IndexName": { - "markdownDescription": "The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing.", - "title": "IndexName", + "Condition": { "type": "string" }, - "IndexRotationPeriod": { - "markdownDescription": "The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "IndexRotationPeriod", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions", - "markdownDescription": "The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES.", - "title": "RetryOptions" + "Metadata": { + "type": "object" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) .", - "title": "RoleARN", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AttributePayload": { + "$ref": "#/definitions/AWS::IoT::Thing.AttributePayload", + "markdownDescription": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed.", + "title": "AttributePayload" + }, + "ThingName": { + "markdownDescription": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.", + "title": "ThingName", + "type": "string" + } + }, + "type": "object" }, - "S3BackupMode": { - "markdownDescription": "The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "S3BackupMode", + "Type": { + "enum": [ + "AWS::IoT::Thing" + ], "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The S3 bucket where Kinesis Data Firehose backs up incoming data.", - "title": "S3Configuration" - }, - "TypeName": { - "markdownDescription": "The Elasticsearch type name that Amazon ES adds to documents when indexing data.", - "title": "TypeName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", - "markdownDescription": "The details of the VPC of the Amazon ES destination.", - "title": "VpcConfiguration" } }, "required": [ - "IndexName", - "RoleARN", - "S3Configuration" + "Type" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions": { - "additionalProperties": false, - "properties": { - "DurationInSeconds": { - "markdownDescription": "After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "DurationInSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration": { + "AWS::IoT::Thing.AttributePayload": { "additionalProperties": false, "properties": { - "KMSEncryptionConfig": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig", - "markdownDescription": "The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data.", - "title": "KMSEncryptionConfig" - }, - "NoEncryptionConfig": { - "markdownDescription": "Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "NoEncryptionConfig", - "type": "string" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration": { + "AWS::IoT::ThingGroup": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "BucketARN", - "type": "string" - }, - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "The buffering option.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "CompressionFormat": { - "markdownDescription": "The compression format. If no value is specified, the default is `UNCOMPRESSED` .", - "title": "CompressionFormat", - "type": "string" - }, - "CustomTimeZone": { - "markdownDescription": "The time zone you prefer. UTC is the default.", - "title": "CustomTimeZone", + "Condition": { "type": "string" }, - "DataFormatConversionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration", - "markdownDescription": "The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3.", - "title": "DataFormatConversionConfiguration" - }, - "DynamicPartitioningConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration", - "markdownDescription": "The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys.", - "title": "DynamicPartitioningConfiguration" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", - "markdownDescription": "The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` .", - "title": "EncryptionConfiguration" - }, - "ErrorOutputPrefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", - "title": "ErrorOutputPrefix", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FileExtension": { - "markdownDescription": "Specify a file extension. It will override the default file extension", - "title": "FileExtension", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Prefix": { - "markdownDescription": "The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "Prefix", - "type": "string" + "Metadata": { + "type": "object" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "ParentGroupName": { + "markdownDescription": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined.", + "title": "ParentGroupName", + "type": "string" + }, + "QueryString": { + "markdownDescription": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` .", + "title": "QueryString", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the thing group or dynamic thing group.", + "title": "Tags", + "type": "array" + }, + "ThingGroupName": { + "markdownDescription": "The thing group name.", + "title": "ThingGroupName", + "type": "string" + }, + "ThingGroupProperties": { + "$ref": "#/definitions/AWS::IoT::ThingGroup.ThingGroupProperties", + "markdownDescription": "Thing group properties.", + "title": "ThingGroupProperties" + } + }, + "type": "object" }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "RoleARN", + "Type": { + "enum": [ + "AWS::IoT::ThingGroup" + ], "type": "string" }, - "S3BackupConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for backup in Amazon S3.", - "title": "S3BackupConfiguration" - }, - "S3BackupMode": { - "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", - "title": "S3BackupMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketARN", - "RoleARN" + "Type" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe": { + "AWS::IoT::ThingGroup.AttributePayload": { "additionalProperties": false, "properties": { - "TimestampFormats": { - "items": { - "type": "string" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default.", - "title": "TimestampFormats", - "type": "array" + "title": "Attributes", + "type": "object" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute": { + "AWS::IoT::ThingGroup.ThingGroupProperties": { "additionalProperties": false, "properties": { - "AttributeName": { - "markdownDescription": "The name of the HTTP endpoint common attribute.", - "title": "AttributeName", - "type": "string" + "AttributePayload": { + "$ref": "#/definitions/AWS::IoT::ThingGroup.AttributePayload", + "markdownDescription": "The thing group attributes in JSON format.", + "title": "AttributePayload" }, - "AttributeValue": { - "markdownDescription": "The value of the HTTP endpoint common attribute.", - "title": "AttributeValue", + "ThingGroupDescription": { + "markdownDescription": "The thing group description.", + "title": "ThingGroupDescription", "type": "string" } }, - "required": [ - "AttributeName", - "AttributeValue" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration": { + "AWS::IoT::ThingPrincipalAttachment": { "additionalProperties": false, "properties": { - "AccessKey": { - "markdownDescription": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.", - "title": "AccessKey", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of the HTTP endpoint selected as the destination.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Url": { - "markdownDescription": "The URL of the HTTP endpoint selected as the destination.", - "title": "Url", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Principal": { + "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", + "title": "Principal", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the AWS IoT thing.", + "title": "ThingName", + "type": "string" + }, + "ThingPrincipalType": { + "markdownDescription": "", + "title": "ThingPrincipalType", + "type": "string" + } + }, + "required": [ + "Principal", + "ThingName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoT::ThingPrincipalAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Url" + "Type", + "Properties" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration": { + "AWS::IoT::ThingType": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", - "title": "CloudWatchLoggingOptions" + "Condition": { + "type": "string" }, - "EndpointConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration", - "markdownDescription": "The configuration of the HTTP endpoint selected as the destination.", - "title": "EndpointConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "Describes the data processing configuration.", - "title": "ProcessingConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RequestConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration", - "markdownDescription": "The configuration of the request sent to the HTTP endpoint specified as the destination.", - "title": "RequestConfiguration" + "Metadata": { + "type": "object" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", - "markdownDescription": "Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination.", - "title": "RetryOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "DeprecateThingType": { + "markdownDescription": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action.", + "title": "DeprecateThingType", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the thing type.", + "title": "Tags", + "type": "array" + }, + "ThingTypeName": { + "markdownDescription": "The name of the thing type.", + "title": "ThingTypeName", + "type": "string" + }, + "ThingTypeProperties": { + "$ref": "#/definitions/AWS::IoT::ThingType.ThingTypeProperties", + "markdownDescription": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, a list of searchable thing attribute names, and a list of propagating attributes. After a thing type is created, you can only update `Mqtt5Configuration` .", + "title": "ThingTypeProperties" + } + }, + "type": "object" }, - "RoleARN": { - "markdownDescription": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs.", - "title": "RoleARN", + "Type": { + "enum": [ + "AWS::IoT::ThingType" + ], "type": "string" }, - "S3BackupMode": { - "markdownDescription": "Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly).", - "title": "S3BackupMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "Describes the configuration of a destination in Amazon S3.", - "title": "S3Configuration" } }, "required": [ - "EndpointConfiguration", - "S3Configuration" + "Type" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration": { + "AWS::IoT::ThingType.Mqtt5Configuration": { "additionalProperties": false, "properties": { - "CommonAttributes": { + "PropagatingAttributes": { "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute" + "$ref": "#/definitions/AWS::IoT::ThingType.PropagatingAttribute" }, - "markdownDescription": "Describes the metadata sent to the HTTP endpoint destination.", - "title": "CommonAttributes", + "markdownDescription": "An object that represents the connection attribute, the thing attribute, and the MQTT 5 user property key.", + "title": "PropagatingAttributes", "type": "array" - }, - "ContentEncoding": { - "markdownDescription": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation.", - "title": "ContentEncoding", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration": { - "additionalProperties": false, - "properties": { - "Deserializer": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Deserializer", - "markdownDescription": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request.", - "title": "Deserializer" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig": { + "AWS::IoT::ThingType.PropagatingAttribute": { "additionalProperties": false, "properties": { - "AWSKMSKeyARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.", - "title": "AWSKMSKeyARN", + "ConnectionAttribute": { + "markdownDescription": "The attribute associated with the connection details.", + "title": "ConnectionAttribute", "type": "string" - } - }, - "required": [ - "AWSKMSKeyARN" - ], - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration": { - "additionalProperties": false, - "properties": { - "KinesisStreamARN": { - "markdownDescription": "The ARN of the source Kinesis data stream.", - "title": "KinesisStreamARN", + }, + "ThingAttribute": { + "markdownDescription": "The thing attribute that is propagating for MQTT 5 message enrichment.", + "title": "ThingAttribute", "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of the role that provides access to the source Kinesis data stream.", - "title": "RoleARN", + "UserPropertyKey": { + "markdownDescription": "The key of the MQTT 5 user property, which is a key-value pair.", + "title": "UserPropertyKey", "type": "string" } }, "required": [ - "KinesisStreamARN", - "RoleARN" + "UserPropertyKey" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration": { + "AWS::IoT::ThingType.ThingTypeProperties": { "additionalProperties": false, "properties": { - "AuthenticationConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration", - "markdownDescription": "The authentication configuration of the Amazon MSK cluster.", - "title": "AuthenticationConfiguration" + "Mqtt5Configuration": { + "$ref": "#/definitions/AWS::IoT::ThingType.Mqtt5Configuration", + "markdownDescription": "The configuration to add user-defined properties to enrich MQTT 5 messages.", + "title": "Mqtt5Configuration" }, - "MSKClusterARN": { - "markdownDescription": "The ARN of the Amazon MSK cluster.", - "title": "MSKClusterARN", - "type": "string" + "SearchableAttributes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of searchable thing attribute names.", + "title": "SearchableAttributes", + "type": "array" }, - "TopicName": { - "markdownDescription": "The topic name within the Amazon MSK cluster.", - "title": "TopicName", + "ThingTypeDescription": { + "markdownDescription": "The description of the thing type.", + "title": "ThingTypeDescription", "type": "string" } }, - "required": [ - "AuthenticationConfiguration", - "MSKClusterARN", - "TopicName" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe": { + "AWS::IoT::TopicRule": { "additionalProperties": false, "properties": { - "CaseInsensitive": { - "markdownDescription": "When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them.", - "title": "CaseInsensitive", - "type": "boolean" + "Condition": { + "type": "string" }, - "ColumnToJsonKeyMappings": { - "additionalProperties": true, - "markdownDescription": "Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{\"ts\": \"timestamp\"}` to map this key to a column named `ts` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the topic rule.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", + "title": "Tags", + "type": "array" + }, + "TopicRulePayload": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TopicRulePayload", + "markdownDescription": "The rule payload.", + "title": "TopicRulePayload" } }, - "title": "ColumnToJsonKeyMappings", + "required": [ + "TopicRulePayload" + ], "type": "object" }, - "ConvertDotsInJsonKeysToUnderscores": { - "markdownDescription": "When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option.\n\nThe default is `false` .", - "title": "ConvertDotsInJsonKeysToUnderscores", - "type": "boolean" + "Type": { + "enum": [ + "AWS::IoT::TopicRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.OrcSerDe": { + "AWS::IoT::TopicRule.Action": { "additionalProperties": false, "properties": { - "BlockSizeBytes": { - "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", - "title": "BlockSizeBytes", - "type": "number" + "CloudwatchAlarm": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchAlarmAction", + "markdownDescription": "Change the state of a CloudWatch alarm.", + "title": "CloudwatchAlarm" }, - "BloomFilterColumns": { - "items": { - "type": "string" - }, - "markdownDescription": "The column names for which you want Firehose to create bloom filters. The default is `null` .", - "title": "BloomFilterColumns", - "type": "array" + "CloudwatchLogs": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchLogsAction", + "markdownDescription": "Sends data to CloudWatch.", + "title": "CloudwatchLogs" }, - "BloomFilterFalsePositiveProbability": { - "markdownDescription": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1.", - "title": "BloomFilterFalsePositiveProbability", - "type": "number" + "CloudwatchMetric": { + "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchMetricAction", + "markdownDescription": "Capture a CloudWatch metric.", + "title": "CloudwatchMetric" }, - "Compression": { - "markdownDescription": "The compression code to use over data blocks. The default is `SNAPPY` .", - "title": "Compression", - "type": "string" + "DynamoDB": { + "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBAction", + "markdownDescription": "Write to a DynamoDB table.", + "title": "DynamoDB" }, - "DictionaryKeyThreshold": { - "markdownDescription": "Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1.", - "title": "DictionaryKeyThreshold", - "type": "number" + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBv2Action", + "markdownDescription": "Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.", + "title": "DynamoDBv2" }, - "EnablePadding": { - "markdownDescription": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` .", - "title": "EnablePadding", - "type": "boolean" + "Elasticsearch": { + "$ref": "#/definitions/AWS::IoT::TopicRule.ElasticsearchAction", + "markdownDescription": "Write data to an Amazon OpenSearch Service domain.\n\n> The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) .", + "title": "Elasticsearch" }, - "FormatVersion": { - "markdownDescription": "The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` .", - "title": "FormatVersion", - "type": "string" + "Firehose": { + "$ref": "#/definitions/AWS::IoT::TopicRule.FirehoseAction", + "markdownDescription": "Write to an Amazon Kinesis Firehose stream.", + "title": "Firehose" }, - "PaddingTolerance": { - "markdownDescription": "A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.\n\nFor the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.\n\nKinesis Data Firehose ignores this parameter when `EnablePadding` is `false` .", - "title": "PaddingTolerance", - "type": "number" + "Http": { + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAction", + "markdownDescription": "Send data to an HTTPS endpoint.", + "title": "Http" }, - "RowIndexStride": { - "markdownDescription": "The number of rows between index entries. The default is 10,000 and the minimum is 1,000.", - "title": "RowIndexStride", - "type": "number" + "IotAnalytics": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotAnalyticsAction", + "markdownDescription": "Sends message data to an AWS IoT Analytics channel.", + "title": "IotAnalytics" }, - "StripeSizeBytes": { - "markdownDescription": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.", - "title": "StripeSizeBytes", - "type": "number" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration": { - "additionalProperties": false, - "properties": { - "Serializer": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Serializer", - "markdownDescription": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request.", - "title": "Serializer" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.ParquetSerDe": { - "additionalProperties": false, - "properties": { - "BlockSizeBytes": { - "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", - "title": "BlockSizeBytes", - "type": "number" + "IotEvents": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotEventsAction", + "markdownDescription": "Sends an input to an AWS IoT Events detector.", + "title": "IotEvents" }, - "Compression": { - "markdownDescription": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.", - "title": "Compression", - "type": "string" + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoT::TopicRule.IotSiteWiseAction", + "markdownDescription": "Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties.", + "title": "IotSiteWise" }, - "EnableDictionaryCompression": { - "markdownDescription": "Indicates whether to enable dictionary compression.", - "title": "EnableDictionaryCompression", - "type": "boolean" + "Kafka": { + "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaAction", + "markdownDescription": "Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster.", + "title": "Kafka" }, - "MaxPaddingBytes": { - "markdownDescription": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0.", - "title": "MaxPaddingBytes", - "type": "number" + "Kinesis": { + "$ref": "#/definitions/AWS::IoT::TopicRule.KinesisAction", + "markdownDescription": "Write data to an Amazon Kinesis stream.", + "title": "Kinesis" }, - "PageSizeBytes": { - "markdownDescription": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", - "title": "PageSizeBytes", - "type": "number" + "Lambda": { + "$ref": "#/definitions/AWS::IoT::TopicRule.LambdaAction", + "markdownDescription": "Invoke a Lambda function.", + "title": "Lambda" }, - "WriterVersion": { - "markdownDescription": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` .", - "title": "WriterVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether data processing is enabled (true) or disabled (false).", - "title": "Enabled", - "type": "boolean" + "Location": { + "$ref": "#/definitions/AWS::IoT::TopicRule.LocationAction", + "markdownDescription": "Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) .", + "title": "Location" }, - "Processors": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Processor" - }, - "markdownDescription": "The data processors.", - "title": "Processors", - "type": "array" + "OpenSearch": { + "$ref": "#/definitions/AWS::IoT::TopicRule.OpenSearchAction", + "markdownDescription": "Write data to an Amazon OpenSearch Service domain.", + "title": "OpenSearch" + }, + "Republish": { + "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishAction", + "markdownDescription": "Publish to another MQTT topic.", + "title": "Republish" + }, + "S3": { + "$ref": "#/definitions/AWS::IoT::TopicRule.S3Action", + "markdownDescription": "Write to an Amazon S3 bucket.", + "title": "S3" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SnsAction", + "markdownDescription": "Publish to an Amazon SNS topic.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SqsAction", + "markdownDescription": "Publish to an Amazon SQS queue.", + "title": "Sqs" + }, + "StepFunctions": { + "$ref": "#/definitions/AWS::IoT::TopicRule.StepFunctionsAction", + "markdownDescription": "Starts execution of a Step Functions state machine.", + "title": "StepFunctions" + }, + "Timestream": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamAction", + "markdownDescription": "Writes attributes from an MQTT message.", + "title": "Timestream" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.Processor": { + "AWS::IoT::TopicRule.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessorParameter" - }, - "markdownDescription": "The processor parameters.", - "title": "Parameters", - "type": "array" + "OffsetInNanos": { + "markdownDescription": "Optional. A string that contains the nanosecond time offset. Accepts substitution templates.", + "title": "OffsetInNanos", + "type": "string" }, - "Type": { - "markdownDescription": "The type of processor. Valid values: `Lambda` .", - "title": "Type", + "TimeInSeconds": { + "markdownDescription": "A string that contains the time in seconds since epoch. Accepts substitution templates.", + "title": "TimeInSeconds", "type": "string" } }, "required": [ - "Type" + "TimeInSeconds" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.ProcessorParameter": { + "AWS::IoT::TopicRule.AssetPropertyValue": { "additionalProperties": false, "properties": { - "ParameterName": { - "markdownDescription": "The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.", - "title": "ParameterName", + "Quality": { + "markdownDescription": "Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` .", + "title": "Quality", "type": "string" }, - "ParameterValue": { - "markdownDescription": "The parameter value.", - "title": "ParameterValue", - "type": "string" + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyTimestamp", + "markdownDescription": "The asset property value timestamp.", + "title": "Timestamp" + }, + "Value": { + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyVariant", + "markdownDescription": "The value of the asset property.", + "title": "Value" } }, "required": [ - "ParameterName", - "ParameterValue" + "Timestamp", + "Value" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration": { + "AWS::IoT::TopicRule.AssetPropertyVariant": { "additionalProperties": false, "properties": { - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "ClusterJDBCURL": { - "markdownDescription": "The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster.", - "title": "ClusterJDBCURL", - "type": "string" - }, - "CopyCommand": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CopyCommand", - "markdownDescription": "Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket.", - "title": "CopyCommand" - }, - "Password": { - "markdownDescription": "The password for the Amazon Redshift user that you specified in the `Username` property.", - "title": "Password", + "BooleanValue": { + "markdownDescription": "Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates.", + "title": "BooleanValue", "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).", - "title": "RetryOptions" - }, - "RoleARN": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "RoleARN", + "DoubleValue": { + "markdownDescription": "Optional. A string that contains the double value of the value entry. Accepts substitution templates.", + "title": "DoubleValue", "type": "string" }, - "S3BackupConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for backup in Amazon S3.", - "title": "S3BackupConfiguration" - }, - "S3BackupMode": { - "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", - "title": "S3BackupMode", + "IntegerValue": { + "markdownDescription": "Optional. A string that contains the integer value of the value entry. Accepts substitution templates.", + "title": "IntegerValue", "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them.", - "title": "S3Configuration" - }, - "Username": { - "markdownDescription": "The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster.", - "title": "Username", + "StringValue": { + "markdownDescription": "Optional. The string value of the value entry. Accepts substitution templates.", + "title": "StringValue", "type": "string" } }, - "required": [ - "ClusterJDBCURL", - "CopyCommand", - "Password", - "RoleARN", - "S3Configuration", - "Username" - ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions": { + "AWS::IoT::TopicRule.CloudwatchAlarmAction": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value.", - "title": "DurationInSeconds", - "type": "number" + "AlarmName": { + "markdownDescription": "The CloudWatch alarm name.", + "title": "AlarmName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch alarm.", + "title": "RoleArn", + "type": "string" + }, + "StateReason": { + "markdownDescription": "The reason for the alarm change.", + "title": "StateReason", + "type": "string" + }, + "StateValue": { + "markdownDescription": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.", + "title": "StateValue", + "type": "string" } }, + "required": [ + "AlarmName", + "RoleArn", + "StateReason", + "StateValue" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.RetryOptions": { + "AWS::IoT::TopicRule.CloudwatchLogsAction": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt.", - "title": "DurationInSeconds", - "type": "number" + "BatchMode": { + "markdownDescription": "Indicates whether batches of log records will be extracted and uploaded into CloudWatch.", + "title": "BatchMode", + "type": "boolean" + }, + "LogGroupName": { + "markdownDescription": "The CloudWatch log name.", + "title": "LogGroupName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch log.", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "LogGroupName", + "RoleArn" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration": { + "AWS::IoT::TopicRule.CloudwatchMetricAction": { "additionalProperties": false, "properties": { - "BucketARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to.", - "title": "BucketARN", + "MetricName": { + "markdownDescription": "The CloudWatch metric name.", + "title": "MetricName", "type": "string" }, - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", - "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket.", - "title": "BufferingHints" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" - }, - "CompressionFormat": { - "markdownDescription": "The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", - "title": "CompressionFormat", + "MetricNamespace": { + "markdownDescription": "The CloudWatch metric namespace name.", + "title": "MetricNamespace", "type": "string" }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", - "markdownDescription": "Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket.", - "title": "EncryptionConfiguration" + "MetricTimestamp": { + "markdownDescription": "An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) .", + "title": "MetricTimestamp", + "type": "string" }, - "ErrorOutputPrefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", - "title": "ErrorOutputPrefix", + "MetricUnit": { + "markdownDescription": "The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch.", + "title": "MetricUnit", "type": "string" }, - "Prefix": { - "markdownDescription": "A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered.", - "title": "Prefix", + "MetricValue": { + "markdownDescription": "The CloudWatch metric value.", + "title": "MetricValue", "type": "string" }, - "RoleARN": { - "markdownDescription": "The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* .", - "title": "RoleARN", + "RoleArn": { + "markdownDescription": "The IAM role that allows access to the CloudWatch metric.", + "title": "RoleArn", "type": "string" } }, "required": [ - "BucketARN", - "RoleARN" + "MetricName", + "MetricNamespace", + "MetricUnit", + "MetricValue", + "RoleArn" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration": { + "AWS::IoT::TopicRule.DynamoDBAction": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.", - "title": "CatalogId", + "HashKeyField": { + "markdownDescription": "The hash key name.", + "title": "HashKeyField", "type": "string" }, - "DatabaseName": { - "markdownDescription": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified.", - "title": "DatabaseName", + "HashKeyType": { + "markdownDescription": "The hash key type. Valid values are \"STRING\" or \"NUMBER\"", + "title": "HashKeyType", "type": "string" }, - "Region": { - "markdownDescription": "If you don't specify an AWS Region, the default is the current Region.", - "title": "Region", + "HashKeyValue": { + "markdownDescription": "The hash key value.", + "title": "HashKeyValue", "type": "string" }, - "RoleARN": { - "markdownDescription": "The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified.", - "title": "RoleARN", + "PayloadField": { + "markdownDescription": "The action payload. This name can be customized.", + "title": "PayloadField", "type": "string" }, - "TableName": { - "markdownDescription": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", - "title": "TableName", + "RangeKeyField": { + "markdownDescription": "The range key name.", + "title": "RangeKeyField", "type": "string" }, - "VersionId": { - "markdownDescription": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up.", - "title": "VersionId", + "RangeKeyType": { + "markdownDescription": "The range key type. Valid values are \"STRING\" or \"NUMBER\"", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The range key value.", + "title": "RangeKeyValue", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", + "title": "RoleArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", "type": "string" } }, + "required": [ + "HashKeyField", + "HashKeyValue", + "RoleArn", + "TableName" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.Serializer": { + "AWS::IoT::TopicRule.DynamoDBv2Action": { "additionalProperties": false, "properties": { - "OrcSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OrcSerDe", - "markdownDescription": "A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) .", - "title": "OrcSerDe" + "PutItem": { + "$ref": "#/definitions/AWS::IoT::TopicRule.PutItemInput", + "markdownDescription": "Specifies the DynamoDB table to which the message data will be written. For example:\n\n`{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }`\n\nEach attribute in the message payload will be written to a separate column in the DynamoDB database.", + "title": "PutItem" }, - "ParquetSerDe": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ParquetSerDe", - "markdownDescription": "A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/docs/contribution-guidelines/) .", - "title": "ParquetSerDe" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", + "title": "RoleArn", + "type": "string" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration": { + "AWS::IoT::TopicRule.ElasticsearchAction": { "additionalProperties": false, "properties": { - "AccountUrl": { - "markdownDescription": "URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional.", - "title": "AccountUrl", - "type": "string" - }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "", - "title": "CloudWatchLoggingOptions" - }, - "ContentColumnName": { - "markdownDescription": "The name of the record content column.", - "title": "ContentColumnName", + "Endpoint": { + "markdownDescription": "The endpoint of your OpenSearch domain.", + "title": "Endpoint", "type": "string" }, - "DataLoadingOption": { - "markdownDescription": "Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column.", - "title": "DataLoadingOption", + "Id": { + "markdownDescription": "The unique identifier for the document you are storing.", + "title": "Id", "type": "string" }, - "Database": { - "markdownDescription": "All data in Snowflake is maintained in databases.", - "title": "Database", + "Index": { + "markdownDescription": "The index where you want to store your data.", + "title": "Index", "type": "string" }, - "KeyPassphrase": { - "markdownDescription": "Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", - "title": "KeyPassphrase", + "RoleArn": { + "markdownDescription": "The IAM role ARN that has access to OpenSearch.", + "title": "RoleArn", "type": "string" }, - "MetaDataColumnName": { - "markdownDescription": "Specify a column name in the table, where the metadata information has to be loaded. When you enable this field, you will see the following column in the snowflake table, which differs based on the source type.\n\nFor Direct PUT as source\n\n`{ \"firehoseDeliveryStreamName\" : \"streamname\", \"IngestionTime\" : \"timestamp\" }`\n\nFor Kinesis Data Stream as source\n\n`\"kinesisStreamName\" : \"streamname\", \"kinesisShardId\" : \"Id\", \"kinesisPartitionKey\" : \"key\", \"kinesisSequenceNumber\" : \"1234\", \"subsequenceNumber\" : \"2334\", \"IngestionTime\" : \"timestamp\" }`", - "title": "MetaDataColumnName", + "Type": { + "markdownDescription": "The type of document you are storing.", + "title": "Type", "type": "string" + } + }, + "required": [ + "Endpoint", + "Id", + "Index", + "RoleArn", + "Type" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.FirehoseAction": { + "additionalProperties": false, + "properties": { + "BatchMode": { + "markdownDescription": "Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` .\n\nWhen `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records.", + "title": "BatchMode", + "type": "boolean" }, - "PrivateKey": { - "markdownDescription": "The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", - "title": "PrivateKey", + "DeliveryStreamName": { + "markdownDescription": "The delivery stream name.", + "title": "DeliveryStreamName", "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "", - "title": "ProcessingConfiguration" - }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions", - "markdownDescription": "The time period where Firehose will retry sending data to the chosen HTTP endpoint.", - "title": "RetryOptions" - }, - "RoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Snowflake role", - "title": "RoleARN", + "RoleArn": { + "markdownDescription": "The IAM role that grants access to the Amazon Kinesis Firehose stream.", + "title": "RoleArn", "type": "string" }, - "S3BackupMode": { - "markdownDescription": "Choose an S3 backup mode", - "title": "S3BackupMode", + "Separator": { + "markdownDescription": "A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", "type": "string" + } + }, + "required": [ + "DeliveryStreamName", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.HttpAction": { + "additionalProperties": false, + "properties": { + "Auth": { + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAuthorization", + "markdownDescription": "The authentication method to use when sending data to an HTTPS endpoint.", + "title": "Auth" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "", - "title": "S3Configuration" - }, - "Schema": { - "markdownDescription": "Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views", - "title": "Schema", + "ConfirmationUrl": { + "markdownDescription": "The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL.", + "title": "ConfirmationUrl", "type": "string" }, - "SnowflakeRoleConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration", - "markdownDescription": "Optionally configure a Snowflake role. Otherwise the default user role will be used.", - "title": "SnowflakeRoleConfiguration" - }, - "SnowflakeVpcConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration", - "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", - "title": "SnowflakeVpcConfiguration" - }, - "Table": { - "markdownDescription": "All data in Snowflake is stored in database tables, logically structured as collections of columns and rows.", - "title": "Table", - "type": "string" + "Headers": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.HttpActionHeader" + }, + "markdownDescription": "The HTTP headers to send with the message data.", + "title": "Headers", + "type": "array" }, - "User": { - "markdownDescription": "User login name for the Snowflake account.", - "title": "User", + "Url": { + "markdownDescription": "The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible.", + "title": "Url", "type": "string" } }, "required": [ - "AccountUrl", - "Database", - "PrivateKey", - "RoleARN", - "S3Configuration", - "Schema", - "Table", - "User" + "Url" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions": { + "AWS::IoT::TopicRule.HttpActionHeader": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "the time period where Firehose will retry sending data to the chosen HTTP endpoint.", - "title": "DurationInSeconds", - "type": "number" + "Key": { + "markdownDescription": "The HTTP header key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The HTTP header value. Substitution templates are supported.", + "title": "Value", + "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration": { + "AWS::IoT::TopicRule.HttpAuthorization": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enable Snowflake role", - "title": "Enabled", - "type": "boolean" - }, - "SnowflakeRole": { - "markdownDescription": "The Snowflake role you wish to configure", - "title": "SnowflakeRole", - "type": "string" + "Sigv4": { + "$ref": "#/definitions/AWS::IoT::TopicRule.SigV4Authorization", + "markdownDescription": "Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) .", + "title": "Sigv4" } }, "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration": { + "AWS::IoT::TopicRule.IotAnalyticsAction": { "additionalProperties": false, "properties": { - "PrivateLinkVpceId": { - "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", - "title": "PrivateLinkVpceId", + "BatchMode": { + "markdownDescription": "Whether to process the action as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages.", + "title": "BatchMode", + "type": "boolean" + }, + "ChannelName": { + "markdownDescription": "The name of the IoT Analytics channel to which message data will be sent.", + "title": "ChannelName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).", + "title": "RoleArn", "type": "string" } }, "required": [ - "PrivateLinkVpceId" + "ChannelName", + "RoleArn" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints": { + "AWS::IoT::TopicRule.IotEventsAction": { "additionalProperties": false, "properties": { - "IntervalInSeconds": { - "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute).", - "title": "IntervalInSeconds", - "type": "number" + "BatchMode": { + "markdownDescription": "Whether to process the event actions as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` , you can't specify a `messageId` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages.", + "title": "BatchMode", + "type": "boolean" }, - "SizeInMBs": { - "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.", - "title": "SizeInMBs", - "type": "number" + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input.", + "title": "InputName", + "type": "string" + }, + "MessageId": { + "markdownDescription": "The ID of the message. The default `messageId` is a new UUID value.\n\nWhen `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned.\n\nAssign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector.", + "title": "MessageId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").", + "title": "RoleArn", + "type": "string" } }, + "required": [ + "InputName", + "RoleArn" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration": { + "AWS::IoT::TopicRule.IotSiteWiseAction": { "additionalProperties": false, "properties": { - "BufferingHints": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints", - "markdownDescription": "The buffering options. If no value is specified, the default values for Splunk are used.", - "title": "BufferingHints" + "PutAssetPropertyValueEntries": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.PutAssetPropertyValueEntry" + }, + "markdownDescription": "A list of asset property value entries.", + "title": "PutAssetPropertyValueEntries", + "type": "array" }, - "CloudWatchLoggingOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", - "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", - "title": "CloudWatchLoggingOptions" + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"` ). The trust policy can restrict access to specific asset hierarchy paths.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "PutAssetPropertyValueEntries", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.KafkaAction": { + "additionalProperties": false, + "properties": { + "ClientProperties": { + "additionalProperties": true, + "markdownDescription": "Properties of the Apache Kafka producer client.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ClientProperties", + "type": "object" }, - "HECAcknowledgmentTimeoutInSeconds": { - "markdownDescription": "The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings.", - "title": "HECAcknowledgmentTimeoutInSeconds", - "type": "number" + "DestinationArn": { + "markdownDescription": "The ARN of Kafka action's VPC `TopicRuleDestination` .", + "title": "DestinationArn", + "type": "string" }, - "HECEndpoint": { - "markdownDescription": "The HTTP Event Collector (HEC) endpoint to which Firehose sends your data.", - "title": "HECEndpoint", + "Headers": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaActionHeader" + }, + "markdownDescription": "The list of Kafka headers that you specify.", + "title": "Headers", + "type": "array" + }, + "Key": { + "markdownDescription": "The Kafka message key.", + "title": "Key", "type": "string" }, - "HECEndpointType": { - "markdownDescription": "This type can be either `Raw` or `Event` .", - "title": "HECEndpointType", + "Partition": { + "markdownDescription": "The Kafka message partition.", + "title": "Partition", "type": "string" }, - "HECToken": { - "markdownDescription": "This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.", - "title": "HECToken", + "Topic": { + "markdownDescription": "The Kafka topic for messages to be sent to the Kafka broker.", + "title": "Topic", + "type": "string" + } + }, + "required": [ + "ClientProperties", + "DestinationArn", + "Topic" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.KafkaActionHeader": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of the Kafka header.", + "title": "Key", "type": "string" }, - "ProcessingConfiguration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", - "markdownDescription": "The data processing configuration.", - "title": "ProcessingConfiguration" + "Value": { + "markdownDescription": "The value of the Kafka header.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.KinesisAction": { + "additionalProperties": false, + "properties": { + "PartitionKey": { + "markdownDescription": "The partition key.", + "title": "PartitionKey", + "type": "string" }, - "RetryOptions": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions", - "markdownDescription": "The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk.", - "title": "RetryOptions" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.", + "title": "RoleArn", + "type": "string" }, - "S3BackupMode": { - "markdownDescription": "Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` .\n\nYou can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` .", - "title": "S3BackupMode", + "StreamName": { + "markdownDescription": "The name of the Amazon Kinesis stream.", + "title": "StreamName", + "type": "string" + } + }, + "required": [ + "RoleArn", + "StreamName" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.LambdaAction": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "FunctionArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoT::TopicRule.LocationAction": { + "additionalProperties": false, + "properties": { + "DeviceId": { + "markdownDescription": "The unique ID of the device providing the location data.", + "title": "DeviceId", "type": "string" }, - "S3Configuration": { - "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", - "markdownDescription": "The configuration for the backup Amazon S3 location.", - "title": "S3Configuration" + "Latitude": { + "markdownDescription": "A string that evaluates to a double value that represents the latitude of the device's location.", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "A string that evaluates to a double value that represents the longitude of the device's location.", + "title": "Longitude", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that grants permission to write to the Amazon Location resource.", + "title": "RoleArn", + "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Timestamp", + "markdownDescription": "The time that the location data was sampled. The default value is the time the MQTT message was processed.", + "title": "Timestamp" + }, + "TrackerName": { + "markdownDescription": "The name of the tracker resource in Amazon Location in which the location is updated.", + "title": "TrackerName", + "type": "string" } }, "required": [ - "HECEndpoint", - "HECEndpointType", - "HECToken", - "S3Configuration" + "DeviceId", + "Latitude", + "Longitude", + "RoleArn", + "TrackerName" ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions": { + "AWS::IoT::TopicRule.OpenSearchAction": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt.", - "title": "DurationInSeconds", - "type": "number" + "Endpoint": { + "markdownDescription": "The endpoint of your OpenSearch domain.", + "title": "Endpoint", + "type": "string" + }, + "Id": { + "markdownDescription": "The unique identifier for the document you are storing.", + "title": "Id", + "type": "string" + }, + "Index": { + "markdownDescription": "The OpenSearch index where you want to store your data.", + "title": "Index", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role ARN that has access to OpenSearch.", + "title": "RoleArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of document you are storing.", + "title": "Type", + "type": "string" } }, + "required": [ + "Endpoint", + "Id", + "Index", + "RoleArn", + "Type" + ], "type": "object" }, - "AWS::KinesisFirehose::DeliveryStream.VpcConfiguration": { + "AWS::IoT::TopicRule.PutAssetPropertyValueEntry": { "additionalProperties": false, "properties": { - "RoleARN": { - "markdownDescription": "The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:\n\n- `ec2:DescribeVpcs`\n- `ec2:DescribeVpcAttribute`\n- `ec2:DescribeSubnets`\n- `ec2:DescribeSecurityGroups`\n- `ec2:DescribeNetworkInterfaces`\n- `ec2:CreateNetworkInterface`\n- `ec2:CreateNetworkInterfacePermission`\n- `ec2:DeleteNetworkInterface`\n\nIf you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.", - "title": "RoleARN", + "AssetId": { + "markdownDescription": "The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "AssetId", "type": "string" }, - "SecurityGroupIds": { + "EntryId": { + "markdownDescription": "Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID.", + "title": "EntryId", + "type": "string" + }, + "PropertyAlias": { + "markdownDescription": "The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "PropertyAlias", + "type": "string" + }, + "PropertyId": { + "markdownDescription": "The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", + "title": "PropertyId", + "type": "string" + }, + "PropertyValues": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyValue" }, - "markdownDescription": "The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic.", - "title": "SecurityGroupIds", + "markdownDescription": "A list of property values to insert that each contain timestamp, quality, and value (TQV) information.", + "title": "PropertyValues", "type": "array" + } + }, + "required": [ + "PropertyValues" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.PutItemInput": { + "additionalProperties": false, + "properties": { + "TableName": { + "markdownDescription": "The table where the message data will be written.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "TableName" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.RepublishAction": { + "additionalProperties": false, + "properties": { + "Headers": { + "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishActionHeaders", + "markdownDescription": "MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide.", + "title": "Headers" }, - "SubnetIds": { + "Qos": { + "markdownDescription": "The Quality of Service (QoS) level to use when republishing messages. The default value is 0.", + "title": "Qos", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" + }, + "Topic": { + "markdownDescription": "The name of the MQTT topic.", + "title": "Topic", + "type": "string" + } + }, + "required": [ + "RoleArn", + "Topic" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.RepublishActionHeaders": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "A UTF-8 encoded string that describes the content of the publishing message.\n\nFor more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "ContentType", + "type": "string" + }, + "CorrelationData": { + "markdownDescription": "The base64-encoded binary data used by the sender of the request message to identify which request the response message is for.\n\nFor more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .\n\n> This binary data must be base64-encoded.", + "title": "CorrelationData", + "type": "string" + }, + "MessageExpiry": { + "markdownDescription": "A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "MessageExpiry", + "type": "string" + }, + "PayloadFormatIndicator": { + "markdownDescription": "An `Enum` string value that indicates whether the payload is formatted as UTF-8.\n\nValid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` .\n\nFor more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "PayloadFormatIndicator", + "type": "string" + }, + "ResponseTopic": { + "markdownDescription": "A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters.\n\nFor more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", + "title": "ResponseTopic", + "type": "string" + }, + "UserProperties": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoT::TopicRule.UserProperty" }, - "markdownDescription": "The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.\n\nThe number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here.", - "title": "SubnetIds", + "markdownDescription": "An array of key-value pairs that you define in the MQTT5 header.", + "title": "UserProperties", "type": "array" } }, + "type": "object" + }, + "AWS::IoT::TopicRule.S3Action": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The Amazon S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "CannedAcl": { + "markdownDescription": "The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) .", + "title": "CannedAcl", + "type": "string" + }, + "Key": { + "markdownDescription": "The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) .", + "title": "Key", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" + } + }, "required": [ - "RoleARN", - "SecurityGroupIds", - "SubnetIds" + "BucketName", + "Key", + "RoleArn" ], "type": "object" }, - "AWS::KinesisVideo::SignalingChannel": { + "AWS::IoT::TopicRule.SigV4Authorization": { "additionalProperties": false, "properties": { - "Condition": { + "RoleArn": { + "markdownDescription": "The ARN of the signing role.", + "title": "RoleArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ServiceName": { + "markdownDescription": "The service name to use while signing with Sig V4.", + "title": "ServiceName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SigningRegion": { + "markdownDescription": "The signing region.", + "title": "SigningRegion", + "type": "string" + } + }, + "required": [ + "RoleArn", + "ServiceName", + "SigningRegion" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.SnsAction": { + "additionalProperties": false, + "properties": { + "MessageFormat": { + "markdownDescription": "(Optional) The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* .", + "title": "MessageFormat", + "type": "string" }, - "Metadata": { - "type": "object" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MessageTtlSeconds": { - "markdownDescription": "The period of time (in seconds) a signaling channel retains undelivered messages before they are discarded. Use `API_UpdateSignalingChannel` to update this value.", - "title": "MessageTtlSeconds", - "type": "number" - }, - "Name": { - "markdownDescription": "A name for the signaling channel that you are creating. It must be unique for each AWS account and AWS Region .", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "A type of the signaling channel that you are creating. Currently, `SINGLE_MASTER` is the only supported channel type.", - "title": "Type", - "type": "string" - } - }, - "type": "object" + "TargetArn": { + "markdownDescription": "The ARN of the SNS topic.", + "title": "TargetArn", + "type": "string" + } + }, + "required": [ + "RoleArn", + "TargetArn" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.SqsAction": { + "additionalProperties": false, + "properties": { + "QueueUrl": { + "markdownDescription": "The URL of the Amazon SQS queue.", + "title": "QueueUrl", + "type": "string" }, - "Type": { - "enum": [ - "AWS::KinesisVideo::SignalingChannel" - ], + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that grants access.", + "title": "RoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UseBase64": { + "markdownDescription": "Specifies whether to use Base64 encoding.", + "title": "UseBase64", + "type": "boolean" + } + }, + "required": [ + "QueueUrl", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.StepFunctionsAction": { + "additionalProperties": false, + "properties": { + "ExecutionNamePrefix": { + "markdownDescription": "(Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided.", + "title": "ExecutionNamePrefix", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").", + "title": "RoleArn", + "type": "string" + }, + "StateMachineName": { + "markdownDescription": "The name of the Step Functions state machine whose execution will be started.", + "title": "StateMachineName", "type": "string" } }, "required": [ - "Type" + "RoleArn", + "StateMachineName" ], "type": "object" }, - "AWS::KinesisVideo::Stream": { + "AWS::IoT::TopicRule.Timestamp": { "additionalProperties": false, "properties": { - "Condition": { + "Unit": { + "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", + "title": "Unit", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "An expression that returns a long epoch time value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.TimestreamAction": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of an Amazon Timestream database that has the table to write records into.", + "title": "DatabaseName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamDimension" + }, + "markdownDescription": "Metadata attributes of the time series that are written in each measure record.", + "title": "Dimensions", + "type": "array" }, - "Metadata": { - "type": "object" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table.", + "title": "RoleArn", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataRetentionInHours": { - "markdownDescription": "How long the stream retains data, in hours.", - "title": "DataRetentionInHours", - "type": "number" - }, - "DeviceName": { - "markdownDescription": "The name of the device that is associated with the stream.", - "title": "DeviceName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key that Kinesis Video Streams uses to encrypt data on the stream.", - "title": "KmsKeyId", - "type": "string" - }, - "MediaType": { - "markdownDescription": "The `MediaType` of the stream.", - "title": "MediaType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the stream.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "TableName": { + "markdownDescription": "The table where the message data will be written.", + "title": "TableName", + "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamTimestamp", + "markdownDescription": "The value to use for the entry's timestamp. If blank, the time that the entry was processed is used.", + "title": "Timestamp" + } + }, + "required": [ + "DatabaseName", + "Dimensions", + "RoleArn", + "TableName" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.TimestreamDimension": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value to write in this column of the database record.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.TimestreamTimestamp": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "An expression that returns a long epoch time value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::IoT::TopicRule.TopicRulePayload": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Action" }, - "type": "object" + "markdownDescription": "The actions associated with the rule.", + "title": "Actions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::KinesisVideo::Stream" - ], + "AwsIotSqlVersion": { + "markdownDescription": "The version of the SQL rules engine to use when evaluating the rule.\n\nThe default value is 2015-10-08.", + "title": "AwsIotSqlVersion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "The description of the rule.", + "title": "Description", + "type": "string" + }, + "ErrorAction": { + "$ref": "#/definitions/AWS::IoT::TopicRule.Action", + "markdownDescription": "The action to take when an error occurs.", + "title": "ErrorAction" + }, + "RuleDisabled": { + "markdownDescription": "Specifies whether the rule is disabled.", + "title": "RuleDisabled", + "type": "boolean" + }, + "Sql": { + "markdownDescription": "The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* .", + "title": "Sql", "type": "string" } }, "required": [ - "Type" + "Actions", + "Sql" ], "type": "object" }, - "AWS::LakeFormation::DataCellsFilter": { + "AWS::IoT::TopicRule.UserProperty": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A key to be specified in `UserProperty` .", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "A value to be specified in `UserProperty` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::IoT::TopicRuleDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -140706,56 +150003,27 @@ "Properties": { "additionalProperties": false, "properties": { - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of UTF-8 strings. A list of column names.", - "title": "ColumnNames", - "type": "array" - }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.ColumnWildcard", - "markdownDescription": "A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .", - "title": "ColumnWildcard" - }, - "DatabaseName": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA database in the Data Catalog .", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe name given by the user to the data filter cell.", - "title": "Name", - "type": "string" - }, - "RowFilter": { - "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.RowFilter", - "markdownDescription": "A PartiQL predicate.", - "title": "RowFilter" + "HttpUrlProperties": { + "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary", + "markdownDescription": "Properties of the HTTP URL.", + "title": "HttpUrlProperties" }, - "TableCatalogId": { - "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe ID of the catalog to which the table belongs.", - "title": "TableCatalogId", + "Status": { + "markdownDescription": "- **IN_PROGRESS** - A topic rule destination was created but has not been confirmed. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.\n- **ENABLED** - Confirmation was completed, and traffic to this destination is allowed. You can set status to `DISABLED` by calling `UpdateTopicRuleDestination` .\n- **DISABLED** - Confirmation was completed, and traffic to this destination is not allowed. You can set status to `ENABLED` by calling `UpdateTopicRuleDestination` .\n- **ERROR** - Confirmation could not be completed; for example, if the confirmation timed out. You can call `GetTopicRuleDestination` for details about the error. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.", + "title": "Status", "type": "string" }, - "TableName": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA table in the database.", - "title": "TableName", - "type": "string" + "VpcProperties": { + "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.VpcDestinationProperties", + "markdownDescription": "Properties of the virtual private cloud (VPC) connection.", + "title": "VpcProperties" } }, - "required": [ - "DatabaseName", - "Name", - "TableCatalogId", - "TableName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::DataCellsFilter" + "AWS::IoT::TopicRuleDestination" ], "type": "string" }, @@ -140769,42 +150037,54 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { + "AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary": { "additionalProperties": false, "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" + "ConfirmationUrl": { + "markdownDescription": "The URL used to confirm the HTTP topic rule destination URL.", + "title": "ConfirmationUrl", + "type": "string" } }, "type": "object" }, - "AWS::LakeFormation::DataCellsFilter.RowFilter": { + "AWS::IoT::TopicRuleDestination.VpcDestinationProperties": { "additionalProperties": false, "properties": { - "AllRowsWildcard": { - "markdownDescription": "A wildcard for all rows.", - "title": "AllRowsWildcard", - "type": "object" + "RoleArn": { + "markdownDescription": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs).", + "title": "RoleArn", + "type": "string" }, - "FilterExpression": { - "markdownDescription": "A filter expression.", - "title": "FilterExpression", + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups of the VPC destination.", + "title": "SecurityGroups", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet IDs of the VPC destination.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcId", "type": "string" } }, "type": "object" }, - "AWS::LakeFormation::DataLakeSettings": { + "AWS::IoTAnalytics::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -140839,60 +150119,27 @@ "Properties": { "additionalProperties": false, "properties": { - "Admins": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.Admins", - "markdownDescription": "A list of AWS Lake Formation principals.", - "title": "Admins" - }, - "AllowExternalDataFiltering": { - "markdownDescription": "Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation .\n\nIf set to true, you allow Amazon EMR clusters or other third-party engines to access data in Amazon S3 locations that are registered with Lake Formation .\n\nIf false or null, no third-party query engines will be able to access data in Amazon S3 locations that are registered with Lake Formation.\n\nFor more information, see [External data filtering setting](https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter) .", - "title": "AllowExternalDataFiltering", - "type": "boolean" - }, - "AllowFullTableExternalDataAccess": { - "markdownDescription": "Specifies whether query engines and applications can get credentials without IAM session tags if the user has full table access. It provides query engines and applications performance benefits as well as simplifies data access. Amazon EMR on Amazon EC2 is able to leverage this setting.\n\nFor more information, see [](https://docs.aws.amazon.com/lake-formation/latest/dg/using-cred-vending.html)", - "title": "AllowFullTableExternalDataAccess", - "type": "boolean" - }, - "AuthorizedSessionTagValueList": { - "items": { - "type": "string" - }, - "markdownDescription": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = \"LakeFormationTrustedCaller\" and value = \"TRUE\" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation 's administrative API operations.", - "title": "AuthorizedSessionTagValueList", - "type": "array" - }, - "CreateDatabaseDefaultPermissions": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions", - "markdownDescription": "Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicates that the user's IAM permissions determine the access to the database. This is referred to as the setting \"Use only IAM access control,\" and is to support backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", - "title": "CreateDatabaseDefaultPermissions" - }, - "CreateTableDefaultPermissions": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions", - "markdownDescription": "Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicate that the user's IAM permissions determine the access to the table. This is referred to as the setting \"Use only IAM access control,\" and is to support the backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` permissions to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", - "title": "CreateTableDefaultPermissions" - }, - "ExternalDataFilteringAllowList": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList", - "markdownDescription": "A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering.", - "title": "ExternalDataFilteringAllowList" - }, - "MutationType": { - "markdownDescription": "Specifies whether the data lake settings are updated by adding new values to the current settings ( `APPEND` ) or by replacing the current settings with new settings ( `REPLACE` ).\n\n> If you choose `REPLACE` , your current data lake settings will be replaced with the new values in your template.", - "title": "MutationType", + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", "type": "string" }, - "Parameters": { - "markdownDescription": "A key-value map that provides an additional configuration on your data lake. `CrossAccountVersion` is the key you can configure in the `Parameters` field. Accepted values for the `CrossAccountVersion` key are 1, 2, 3, and 4.", - "title": "Parameters", - "type": "object" + "ChannelStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.ChannelStorage", + "markdownDescription": "Where channel data is stored.", + "title": "ChannelStorage" }, - "TrustedResourceOwners": { + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.RetentionPeriod", + "markdownDescription": "How long, in days, message data is kept for the channel.", + "title": "RetentionPeriod" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of UTF-8 strings.\n\nA list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.", - "title": "TrustedResourceOwners", + "markdownDescription": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" } }, @@ -140900,7 +150147,7 @@ }, "Type": { "enum": [ - "AWS::LakeFormation::DataLakeSettings" + "AWS::IoTAnalytics::Channel" ], "type": "string" }, @@ -140918,64 +150165,64 @@ ], "type": "object" }, - "AWS::LakeFormation::DataLakeSettings.Admins": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions": { + "AWS::IoTAnalytics::Channel.ChannelStorage": { "additionalProperties": false, - "properties": {}, + "properties": { + "CustomerManagedS3": { + "$ref": "#/definitions/AWS::IoTAnalytics::Channel.CustomerManagedS3", + "markdownDescription": "Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created.", + "title": "CustomerManagedS3" + }, + "ServiceManagedS3": { + "markdownDescription": "Used to store channel data in an S3 bucket managed by AWS IoT Analytics . You can't change the choice of S3 storage after the data store is created.", + "title": "ServiceManagedS3", + "type": "object" + } + }, "type": "object" }, - "AWS::LakeFormation::DataLakeSettings.DataLakePrincipal": { + "AWS::IoTAnalytics::Channel.CustomerManagedS3": { "additionalProperties": false, "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", + "Bucket": { + "markdownDescription": "The name of the S3 bucket in which channel data is stored.", + "title": "Bucket", + "type": "string" + }, + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/).", + "title": "KeyPrefix", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", + "title": "RoleArn", "type": "string" } }, "required": [ - "DataLakePrincipalIdentifier" + "Bucket", + "RoleArn" ], "type": "object" }, - "AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::LakeFormation::DataLakeSettings.PrincipalPermissions": { + "AWS::IoTAnalytics::Channel.RetentionPeriod": { "additionalProperties": false, "properties": { - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions that are granted to the principal.", - "title": "Permissions", - "type": "array" + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" }, - "Principal": { - "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.DataLakePrincipal", - "markdownDescription": "The principal who is granted permissions.", - "title": "Principal" + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", + "type": "boolean" } }, - "required": [ - "Permissions", - "Principal" - ], "type": "object" }, - "AWS::LakeFormation::Permissions": { + "AWS::IoTAnalytics::Dataset": { "additionalProperties": false, "properties": { "Condition": { @@ -141010,42 +150257,70 @@ "Properties": { "additionalProperties": false, "properties": { - "DataLakePrincipal": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLakePrincipal", - "markdownDescription": "The AWS Lake Formation principal.", - "title": "DataLakePrincipal" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Action" + }, + "markdownDescription": "The `DatasetAction` objects that automatically create the dataset contents.", + "title": "Actions", + "type": "array" }, - "Permissions": { + "ContentDeliveryRules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule" }, - "markdownDescription": "The permissions granted or revoked.", - "title": "Permissions", + "markdownDescription": "When dataset contents are created they are delivered to destinations specified here.", + "title": "ContentDeliveryRules", "type": "array" }, - "PermissionsWithGrantOption": { + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", + "type": "string" + }, + "LateDataRules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRule" }, - "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", - "title": "PermissionsWithGrantOption", + "markdownDescription": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter.", + "title": "LateDataRules", "type": "array" }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.Resource", - "markdownDescription": "A structure for the resource.", - "title": "Resource" + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.RetentionPeriod", + "markdownDescription": "Optional. How long, in days, message data is kept for the dataset.", + "title": "RetentionPeriod" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Triggers": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Trigger" + }, + "markdownDescription": "The `DatasetTrigger` objects that specify when the dataset is automatically updated.", + "title": "Triggers", + "type": "array" + }, + "VersioningConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.VersioningConfiguration", + "markdownDescription": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* .", + "title": "VersioningConfiguration" } }, "required": [ - "DataLakePrincipal", - "Resource" + "Actions" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::Permissions" + "AWS::IoTAnalytics::Dataset" ], "type": "string" }, @@ -141064,155 +150339,426 @@ ], "type": "object" }, - "AWS::LakeFormation::Permissions.ColumnWildcard": { + "AWS::IoTAnalytics::Dataset.Action": { "additionalProperties": false, "properties": { - "ExcludedColumnNames": { + "ActionName": { + "markdownDescription": "The name of the data set action by which data set contents are automatically created.", + "title": "ActionName", + "type": "string" + }, + "ContainerAction": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ContainerAction", + "markdownDescription": "Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries.", + "title": "ContainerAction" + }, + "QueryAction": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.QueryAction", + "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", + "title": "QueryAction" + } + }, + "required": [ + "ActionName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.ContainerAction": { + "additionalProperties": false, + "properties": { + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the role which gives permission to the system to access needed resources in order to run the \"containerAction\". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "Image": { + "markdownDescription": "The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents.", + "title": "Image", + "type": "string" + }, + "ResourceConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ResourceConfiguration", + "markdownDescription": "Configuration of the resource which executes the \"containerAction\".", + "title": "ResourceConfiguration" + }, + "Variables": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Variable" }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", + "markdownDescription": "The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of \"stringValue\", \"datasetContentVersionValue\", or \"outputFileUriValue\".", + "title": "Variables", "type": "array" } }, + "required": [ + "ExecutionRoleArn", + "Image", + "ResourceConfiguration" + ], "type": "object" }, - "AWS::LakeFormation::Permissions.DataLakePrincipal": { + "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule": { "additionalProperties": false, "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", + "Destination": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination", + "markdownDescription": "The destination to which dataset contents are delivered.", + "title": "Destination" + }, + "EntryName": { + "markdownDescription": "The name of the dataset content delivery rules entry.", + "title": "EntryName", "type": "string" } }, + "required": [ + "Destination" + ], "type": "object" }, - "AWS::LakeFormation::Permissions.DataLocationResource": { + "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "IotEventsDestinationConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration", + "markdownDescription": "Configuration information for delivery of dataset contents to AWS IoT Events .", + "title": "IotEventsDestinationConfiguration" + }, + "S3DestinationConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.S3DestinationConfiguration", + "markdownDescription": "Configuration information for delivery of dataset contents to Amazon S3.", + "title": "S3DestinationConfiguration" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.DatasetContentVersionValue": { + "additionalProperties": false, + "properties": { + "DatasetName": { + "markdownDescription": "The name of the dataset whose latest contents are used as input to the notebook or application.", + "title": "DatasetName", "type": "string" + } + }, + "required": [ + "DatasetName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.DeltaTime": { + "additionalProperties": false, + "properties": { + "OffsetSeconds": { + "markdownDescription": "The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe.", + "title": "OffsetSeconds", + "type": "number" }, - "S3Resource": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", - "title": "S3Resource", + "TimeExpression": { + "markdownDescription": "An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated.", + "title": "TimeExpression", "type": "string" } }, + "required": [ + "OffsetSeconds", + "TimeExpression" + ], "type": "object" }, - "AWS::LakeFormation::Permissions.DatabaseResource": { + "AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "TimeoutInMinutes": { + "markdownDescription": "A time interval. You can use `timeoutInMinutes` so that AWS IoT Analytics can batch up late data notifications that have been generated since the last execution. AWS IoT Analytics sends one batch of notifications to Amazon CloudWatch Events at one time.\n\nFor more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* .", + "title": "TimeoutInMinutes", + "type": "number" + } + }, + "required": [ + "TimeoutInMinutes" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.Filter": { + "additionalProperties": false, + "properties": { + "DeltaTime": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTime", + "markdownDescription": "Used to limit data to that which has arrived since the last execution of the action.", + "title": "DeltaTime" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.GlueConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables.", + "title": "DatabaseName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", - "title": "Name", + "TableName": { + "markdownDescription": "The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets.", + "title": "TableName", "type": "string" } }, + "required": [ + "DatabaseName", + "TableName" + ], "type": "object" }, - "AWS::LakeFormation::Permissions.Resource": { + "AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration": { "additionalProperties": false, "properties": { - "DataLocationResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLocationResource", - "markdownDescription": "A structure for a data location object where permissions are granted or revoked.", - "title": "DataLocationResource" + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input to which dataset contents are delivered.", + "title": "InputName", + "type": "string" }, - "DatabaseResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.DatabaseResource", - "markdownDescription": "A structure for the database object.", - "title": "DatabaseResource" + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to deliver dataset contents to an AWS IoT Events input.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "InputName", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.LateDataRule": { + "additionalProperties": false, + "properties": { + "RuleConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration", + "markdownDescription": "The information needed to configure the late data rule.", + "title": "RuleConfiguration" }, - "TableResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableResource", - "markdownDescription": "A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "TableResource" + "RuleName": { + "markdownDescription": "The name of the late data rule.", + "title": "RuleName", + "type": "string" + } + }, + "required": [ + "RuleConfiguration" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration": { + "additionalProperties": false, + "properties": { + "DeltaTimeSessionWindowConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration", + "markdownDescription": "The information needed to configure a delta time session window.", + "title": "DeltaTimeSessionWindowConfiguration" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.OutputFileUriValue": { + "additionalProperties": false, + "properties": { + "FileName": { + "markdownDescription": "The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket.", + "title": "FileName", + "type": "string" + } + }, + "required": [ + "FileName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.QueryAction": { + "additionalProperties": false, + "properties": { + "Filters": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Filter" + }, + "markdownDescription": "Pre-filters applied to message data.", + "title": "Filters", + "type": "array" }, - "TableWithColumnsResource": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWithColumnsResource", - "markdownDescription": "A structure for a table with columns object. This object is only used when granting a SELECT permission.", - "title": "TableWithColumnsResource" + "SqlQuery": { + "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", + "title": "SqlQuery", + "type": "string" } }, + "required": [ + "SqlQuery" + ], "type": "object" }, - "AWS::LakeFormation::Permissions.TableResource": { + "AWS::IoTAnalytics::Dataset.ResourceConfiguration": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "ComputeType": { + "markdownDescription": "The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB).", + "title": "ComputeType", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "VolumeSizeInGB": { + "markdownDescription": "The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50).", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "ComputeType", + "VolumeSizeInGB" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.RetentionPeriod": { + "additionalProperties": false, + "properties": { + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" + }, + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.S3DestinationConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket to which dataset contents are delivered.", + "title": "Bucket", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", + "GlueConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.GlueConfiguration", + "markdownDescription": "Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service.", + "title": "GlueConfiguration" + }, + "Key": { + "markdownDescription": "The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key.\n\nYou can create a unique key with the following options:\n\n- Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run.\n- Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content.\n- Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content.\n\nThe following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv`\n\n> If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other.", + "title": "Key", "type": "string" }, - "TableWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWildcard", - "markdownDescription": "An empty object representing all tables under a database. If this field is specified instead of the `Name` field, all tables under `DatabaseName` will have permission changes applied.", - "title": "TableWildcard" + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 and AWS Glue resources.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key", + "RoleArn" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.Schedule": { + "additionalProperties": false, + "properties": { + "ScheduleExpression": { + "markdownDescription": "The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation.", + "title": "ScheduleExpression", + "type": "string" } }, + "required": [ + "ScheduleExpression" + ], "type": "object" }, - "AWS::LakeFormation::Permissions.TableWildcard": { + "AWS::IoTAnalytics::Dataset.Trigger": { "additionalProperties": false, - "properties": {}, + "properties": { + "Schedule": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Schedule", + "markdownDescription": "The \"Schedule\" when the trigger is initiated.", + "title": "Schedule" + }, + "TriggeringDataset": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.TriggeringDataset", + "markdownDescription": "Information about the data set whose content generation triggers the new data set content generation.", + "title": "TriggeringDataset" + } + }, "type": "object" }, - "AWS::LakeFormation::Permissions.TableWithColumnsResource": { + "AWS::IoTAnalytics::Dataset.TriggeringDataset": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "DatasetName": { + "markdownDescription": "The name of the data set whose content generation triggers the new data set content generation.", + "title": "DatasetName", "type": "string" + } + }, + "required": [ + "DatasetName" + ], + "type": "object" + }, + "AWS::IoTAnalytics::Dataset.Variable": { + "additionalProperties": false, + "properties": { + "DatasetContentVersionValue": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentVersionValue", + "markdownDescription": "The value of the variable as a structure that specifies a dataset content version.", + "title": "DatasetContentVersionValue" }, - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", - "type": "array" + "DoubleValue": { + "markdownDescription": "The value of the variable as a double (numeric).", + "title": "DoubleValue", + "type": "number" }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::Permissions.ColumnWildcard", - "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnWildcard" + "OutputFileUriValue": { + "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.OutputFileUriValue", + "markdownDescription": "The value of the variable as a structure that specifies an output file URI.", + "title": "OutputFileUriValue" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "StringValue": { + "markdownDescription": "The value of the variable as a string.", + "title": "StringValue", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", + "VariableName": { + "markdownDescription": "The name of the variable.", + "title": "VariableName", "type": "string" } }, + "required": [ + "VariableName" + ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions": { + "AWS::IoTAnalytics::Dataset.VersioningConfiguration": { + "additionalProperties": false, + "properties": { + "MaxVersions": { + "markdownDescription": "How many versions of dataset contents are kept. The `unlimited` parameter must be `false` .", + "title": "MaxVersions", + "type": "number" + }, + "Unlimited": { + "markdownDescription": "If true, unlimited versions of dataset contents are kept.", + "title": "Unlimited", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore": { "additionalProperties": false, "properties": { "Condition": { @@ -141247,49 +150793,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", - "title": "Catalog", + "DatastoreName": { + "markdownDescription": "The name of the data store.", + "title": "DatastoreName", "type": "string" }, - "Permissions": { - "items": { - "type": "string" - }, - "markdownDescription": "The permissions granted or revoked.", - "title": "Permissions", - "type": "array" + "DatastorePartitions": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartitions", + "markdownDescription": "Information about the partition dimensions in a data store.", + "title": "DatastorePartitions" }, - "PermissionsWithGrantOption": { + "DatastoreStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastoreStorage", + "markdownDescription": "Where data store data is stored.", + "title": "DatastoreStorage" + }, + "FileFormatConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.FileFormatConfiguration", + "markdownDescription": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store.", + "title": "FileFormatConfiguration" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.RetentionPeriod", + "markdownDescription": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored.", + "title": "RetentionPeriod" + }, + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", - "title": "PermissionsWithGrantOption", + "markdownDescription": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" - }, - "Principal": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal", - "markdownDescription": "The principal to be granted a permission.", - "title": "Principal" - }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.Resource", - "markdownDescription": "The resource to be granted or revoked permissions.", - "title": "Resource" } }, - "required": [ - "Permissions", - "PermissionsWithGrantOption", - "Principal", - "Resource" - ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::PrincipalPermissions" + "AWS::IoTAnalytics::Datastore" ], "type": "string" }, @@ -141303,389 +150845,227 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.ColumnWildcard": { - "additionalProperties": false, - "properties": { - "ExcludedColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Excludes column names. Any column with this name will be excluded.", - "title": "ExcludedColumnNames", - "type": "array" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource": { + "AWS::IoTAnalytics::Datastore.Column": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "A database in the Data Catalog .", - "title": "DatabaseName", - "type": "string" - }, "Name": { - "markdownDescription": "The name given by the user to the data filter cell.", + "markdownDescription": "The name of the column.", "title": "Name", "type": "string" }, - "TableCatalogId": { - "markdownDescription": "The ID of the catalog to which the table belongs.", - "title": "TableCatalogId", - "type": "string" - }, - "TableName": { - "markdownDescription": "The name of the table.", - "title": "TableName", + "Type": { + "markdownDescription": "The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* .", + "title": "Type", "type": "string" } }, "required": [ - "DatabaseName", "Name", - "TableCatalogId", - "TableName" + "Type" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal": { + "AWS::IoTAnalytics::Datastore.CustomerManagedS3": { "additionalProperties": false, "properties": { - "DataLakePrincipalIdentifier": { - "markdownDescription": "An identifier for the AWS Lake Formation principal.", - "title": "DataLakePrincipalIdentifier", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", + "title": "Bucket", "type": "string" - } - }, - "type": "object" - }, - "AWS::LakeFormation::PrincipalPermissions.DataLocationResource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", - "title": "CatalogId", + }, + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", + "title": "KeyPrefix", "type": "string" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", - "title": "ResourceArn", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", + "title": "RoleArn", "type": "string" } }, "required": [ - "CatalogId", - "ResourceArn" + "Bucket", + "RoleArn" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.DatabaseResource": { + "AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", - "title": "CatalogId", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", + "title": "Bucket", "type": "string" }, - "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", - "title": "Name", + "KeyPrefix": { + "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", + "title": "KeyPrefix", "type": "string" } }, "required": [ - "CatalogId", - "Name" + "Bucket" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.LFTag": { + "AWS::IoTAnalytics::Datastore.DatastorePartition": { "additionalProperties": false, "properties": { - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", - "type": "string" + "Partition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Partition", + "markdownDescription": "A partition dimension defined by an attribute.", + "title": "Partition" }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" + "TimestampPartition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.TimestampPartition", + "markdownDescription": "A partition dimension defined by a timestamp attribute.", + "title": "TimestampPartition" } }, "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource": { + "AWS::IoTAnalytics::Datastore.DatastorePartitions": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with Data Catalog .", - "title": "CatalogId", - "type": "string" - }, - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", - "type": "string" - }, - "TagValues": { + "Partitions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartition" }, - "markdownDescription": "A list of possible values for the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", + "markdownDescription": "A list of partition dimensions in a data store.", + "title": "Partitions", "type": "array" } }, - "required": [ - "CatalogId", - "TagKey", - "TagValues" - ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource": { + "AWS::IoTAnalytics::Datastore.DatastoreStorage": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "CatalogId", - "type": "string" + "CustomerManagedS3": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3", + "markdownDescription": "Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", + "title": "CustomerManagedS3" }, - "Expression": { - "items": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTag" - }, - "markdownDescription": "A list of LF-tag conditions that apply to the resource's LF-tag policy.", - "title": "Expression", - "type": "array" + "IotSiteWiseMultiLayerStorage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage", + "markdownDescription": "Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created.", + "title": "IotSiteWiseMultiLayerStorage" }, - "ResourceType": { - "markdownDescription": "The resource type for which the LF-tag policy applies.", - "title": "ResourceType", - "type": "string" + "ServiceManagedS3": { + "markdownDescription": "Use this to store data store data in an S3 bucket managed by the AWS IoT Analytics service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", + "title": "ServiceManagedS3", + "type": "object" } }, - "required": [ - "CatalogId", - "Expression", - "ResourceType" - ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.Resource": { + "AWS::IoTAnalytics::Datastore.FileFormatConfiguration": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "Catalog", + "JsonConfiguration": { + "markdownDescription": "Contains the configuration information of the JSON format.", + "title": "JsonConfiguration", "type": "object" }, - "DataCellsFilter": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource", - "markdownDescription": "A data cell filter.", - "title": "DataCellsFilter" - }, - "DataLocation": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLocationResource", - "markdownDescription": "The location of an Amazon S3 path where permissions are granted or revoked.", - "title": "DataLocation" - }, - "Database": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DatabaseResource", - "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", - "title": "Database" - }, - "LFTag": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource", - "markdownDescription": "The LF-tag key and values attached to a resource.", - "title": "LFTag" - }, - "LFTagPolicy": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource", - "markdownDescription": "A list of LF-tag conditions that define a resource's LF-tag policy.", - "title": "LFTagPolicy" - }, - "Table": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableResource", - "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Table" - }, - "TableWithColumns": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource", - "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", - "title": "TableWithColumns" + "ParquetConfiguration": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.ParquetConfiguration", + "markdownDescription": "Contains the configuration information of the Parquet format.", + "title": "ParquetConfiguration" } }, "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.TableResource": { + "AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the table.", - "title": "Name", + "CustomerManagedS3Storage": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage", + "markdownDescription": "Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage.", + "title": "CustomerManagedS3Storage" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.ParquetConfiguration": { + "additionalProperties": false, + "properties": { + "SchemaDefinition": { + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.SchemaDefinition", + "markdownDescription": "Information needed to define a schema.", + "title": "SchemaDefinition" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.Partition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the attribute that defines a partition dimension.", + "title": "AttributeName", "type": "string" - }, - "TableWildcard": { - "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", - "title": "TableWildcard", - "type": "object" } }, "required": [ - "CatalogId", - "DatabaseName" + "AttributeName" ], "type": "object" }, - "AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource": { + "AWS::IoTAnalytics::Datastore.RetentionPeriod": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", - "title": "CatalogId", - "type": "string" + "NumberOfDays": { + "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", + "title": "NumberOfDays", + "type": "number" }, - "ColumnNames": { + "Unlimited": { + "markdownDescription": "If true, message data is kept indefinitely.", + "title": "Unlimited", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTAnalytics::Datastore.SchemaDefinition": { + "additionalProperties": false, + "properties": { + "Columns": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Column" }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", + "markdownDescription": "Specifies one or more columns that store your data.\n\nEach schema can have up to 100 columns. Each column can have up to 100 nested types.", + "title": "Columns", "type": "array" - }, - "ColumnWildcard": { - "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.ColumnWildcard", - "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnWildcard" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", - "type": "string" } }, - "required": [ - "CatalogId", - "DatabaseName", - "Name" - ], "type": "object" }, - "AWS::LakeFormation::Resource": { + "AWS::IoTAnalytics::Datastore.TimestampPartition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "HybridAccessEnabled": { - "markdownDescription": "Indicates whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.", - "title": "HybridAccessEnabled", - "type": "boolean" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "ResourceArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role that registered a resource.", - "title": "RoleArn", - "type": "string" - }, - "UseServiceLinkedRole": { - "markdownDescription": "Designates a trusted caller, an IAM principal, by registering this caller with the Data Catalog .", - "title": "UseServiceLinkedRole", - "type": "boolean" - }, - "WithFederation": { - "markdownDescription": "Allows Lake Formation to assume a role to access tables in a federated database.", - "title": "WithFederation", - "type": "boolean" - } - }, - "required": [ - "ResourceArn", - "UseServiceLinkedRole" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::LakeFormation::Resource" - ], + "AttributeName": { + "markdownDescription": "The attribute name of the partition defined by a timestamp.", + "title": "AttributeName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TimestampFormat": { + "markdownDescription": "The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time).", + "title": "TimestampFormat", "type": "string" } }, "required": [ - "Type", - "Properties" + "AttributeName" ], "type": "object" }, - "AWS::LakeFormation::Tag": { + "AWS::IoTAnalytics::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -141720,34 +151100,36 @@ "Properties": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "CatalogId", - "type": "string" + "PipelineActivities": { + "items": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Activity" + }, + "markdownDescription": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`", + "title": "PipelineActivities", + "type": "array" }, - "TagKey": { - "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe key-name for the LF-tag.", - "title": "TagKey", + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", "type": "string" }, - "TagValues": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of UTF-8 strings, not less than 1 or more than 50 strings.\n\nA list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", + "markdownDescription": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" } }, "required": [ - "TagKey", - "TagValues" + "PipelineActivities" ], "type": "object" }, "Type": { "enum": [ - "AWS::LakeFormation::Tag" + "AWS::IoTAnalytics::Pipeline" ], "type": "string" }, @@ -141766,476 +151148,356 @@ ], "type": "object" }, - "AWS::LakeFormation::TagAssociation": { + "AWS::IoTAnalytics::Pipeline.Activity": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AddAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.AddAttributes", + "markdownDescription": "Adds other attributes based on existing attributes in the message.", + "title": "AddAttributes" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Channel": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Channel", + "markdownDescription": "Determines the source of the messages to be processed.", + "title": "Channel" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Datastore": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Datastore", + "markdownDescription": "Specifies where to store the processed message data.", + "title": "Datastore" }, - "Metadata": { - "type": "object" + "DeviceRegistryEnrich": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich", + "markdownDescription": "Adds data from the AWS IoT device registry to your message.", + "title": "DeviceRegistryEnrich" }, - "Properties": { - "additionalProperties": false, - "properties": { - "LFTags": { - "items": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.LFTagPair" - }, - "markdownDescription": "A structure containing an LF-tag key-value pair.", - "title": "LFTags", - "type": "array" - }, - "Resource": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.Resource", - "markdownDescription": "UTF-8 string (valid values: `DATABASE | TABLE` ).\n\nThe resource for which the LF-tag policy applies.", - "title": "Resource" - } - }, - "required": [ - "LFTags", - "Resource" - ], - "type": "object" + "DeviceShadowEnrich": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich", + "markdownDescription": "Adds information from the AWS IoT Device Shadows service to a message.", + "title": "DeviceShadowEnrich" }, - "Type": { - "enum": [ - "AWS::LakeFormation::TagAssociation" - ], - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Filter", + "markdownDescription": "Filters a message based on its attributes.", + "title": "Filter" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Lambda": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Lambda", + "markdownDescription": "Runs a Lambda function to modify the message.", + "title": "Lambda" + }, + "Math": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Math", + "markdownDescription": "Computes an arithmetic expression using the message's attributes and adds it to the message.", + "title": "Math" + }, + "RemoveAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.RemoveAttributes", + "markdownDescription": "Removes attributes from a message.", + "title": "RemoveAttributes" + }, + "SelectAttributes": { + "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.SelectAttributes", + "markdownDescription": "Creates a new message using only the specified attributes from the original message.", + "title": "SelectAttributes" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.DatabaseResource": { + "AWS::IoTAnalytics::Pipeline.AddAttributes": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it should be the account ID of the caller.", - "title": "CatalogId", - "type": "string" + "Attributes": { + "additionalProperties": true, + "markdownDescription": "A list of 1-50 \"AttributeNameMapping\" objects that map an existing attribute to a new attribute.\n\n> The existing attributes remain in the message, so if you want to remove the originals, use \"RemoveAttributeActivity\".", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" }, "Name": { - "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "markdownDescription": "The name of the 'addAttributes' activity.", "title": "Name", "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" } }, "required": [ - "CatalogId", + "Attributes", "Name" ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.LFTagPair": { + "AWS::IoTAnalytics::Pipeline.Channel": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", + "ChannelName": { + "markdownDescription": "The name of the channel from which the messages are processed.", + "title": "ChannelName", "type": "string" }, - "TagKey": { - "markdownDescription": "The key-name for the LF-tag.", - "title": "TagKey", + "Name": { + "markdownDescription": "The name of the 'channel' activity.", + "title": "Name", "type": "string" }, - "TagValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", - "title": "TagValues", - "type": "array" + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" } }, "required": [ - "CatalogId", - "TagKey", - "TagValues" + "ChannelName", + "Name" ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.Resource": { - "additionalProperties": false, - "properties": { - "Catalog": { - "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", - "title": "Catalog", - "type": "object" - }, - "Database": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.DatabaseResource", - "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", - "title": "Database" - }, - "Table": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableResource", - "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Table" - }, - "TableWithColumns": { - "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableWithColumnsResource", - "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", - "title": "TableWithColumns" - } - }, - "type": "object" - }, - "AWS::LakeFormation::TagAssociation.TableResource": { + "AWS::IoTAnalytics::Pipeline.Datastore": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", - "title": "CatalogId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "DatastoreName": { + "markdownDescription": "The name of the data store where processed messages are stored.", + "title": "DatastoreName", "type": "string" }, "Name": { - "markdownDescription": "The name of the table.", + "markdownDescription": "The name of the datastore activity.", "title": "Name", "type": "string" - }, - "TableWildcard": { - "markdownDescription": "A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", - "title": "TableWildcard", - "type": "object" } }, "required": [ - "CatalogId", - "DatabaseName" + "DatastoreName", + "Name" ], "type": "object" }, - "AWS::LakeFormation::TagAssociation.TableWithColumnsResource": { + "AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich": { "additionalProperties": false, "properties": { - "CatalogId": { - "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of TableResource$Name or TableResource$TableWildcard is required.", - "title": "CatalogId", + "Attribute": { + "markdownDescription": "The name of the attribute that is added to the message.", + "title": "Attribute", "type": "string" }, - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", - "title": "ColumnNames", - "type": "array" + "Name": { + "markdownDescription": "The name of the 'deviceRegistryEnrich' activity.", + "title": "Name", + "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", - "title": "DatabaseName", + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" }, - "Name": { - "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", - "title": "Name", + "RoleArn": { + "markdownDescription": "The ARN of the role that allows access to the device's registry information.", + "title": "RoleArn", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the IoT device whose registry information is added to the message.", + "title": "ThingName", "type": "string" } }, "required": [ - "CatalogId", - "ColumnNames", - "DatabaseName", - "Name" + "Attribute", + "Name", + "RoleArn", + "ThingName" ], "type": "object" }, - "AWS::Lambda::Alias": { + "AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich": { "additionalProperties": false, "properties": { - "Condition": { + "Attribute": { + "markdownDescription": "The name of the attribute that is added to the message.", + "title": "Attribute", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the 'deviceShadowEnrich' activity.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the alias.", - "title": "Description", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", - "type": "string" - }, - "FunctionVersion": { - "markdownDescription": "The function version that the alias invokes.", - "title": "FunctionVersion", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the alias.", - "title": "Name", - "type": "string" - }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration", - "markdownDescription": "Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.", - "title": "ProvisionedConcurrencyConfig" - }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::Lambda::Alias.AliasRoutingConfiguration", - "markdownDescription": "The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.", - "title": "RoutingConfig" - } - }, - "required": [ - "FunctionName", - "FunctionVersion", - "Name" - ], - "type": "object" + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Lambda::Alias" - ], + "RoleArn": { + "markdownDescription": "The ARN of the role that allows access to the device's shadow.", + "title": "RoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ThingName": { + "markdownDescription": "The name of the IoT device whose shadow information is added to the message.", + "title": "ThingName", "type": "string" } }, "required": [ - "Type", - "Properties" + "Attribute", + "Name", + "RoleArn", + "ThingName" ], "type": "object" }, - "AWS::Lambda::Alias.AliasRoutingConfiguration": { + "AWS::IoTAnalytics::Pipeline.Filter": { "additionalProperties": false, "properties": { - "AdditionalVersionWeights": { - "items": { - "$ref": "#/definitions/AWS::Lambda::Alias.VersionWeight" - }, - "markdownDescription": "The second version, and the percentage of traffic that's routed to it.", - "title": "AdditionalVersionWeights", - "type": "array" + "Filter": { + "markdownDescription": "An expression that looks like an SQL WHERE clause that must return a Boolean value.", + "title": "Filter", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the 'filter' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" } }, "required": [ - "AdditionalVersionWeights" + "Filter", + "Name" ], "type": "object" }, - "AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration": { + "AWS::IoTAnalytics::Pipeline.Lambda": { "additionalProperties": false, "properties": { - "ProvisionedConcurrentExecutions": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the alias.", - "title": "ProvisionedConcurrentExecutions", + "BatchSize": { + "markdownDescription": "The number of messages passed to the Lambda function for processing.\n\nThe AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions.", + "title": "BatchSize", "type": "number" - } - }, - "required": [ - "ProvisionedConcurrentExecutions" - ], - "type": "object" - }, - "AWS::Lambda::Alias.VersionWeight": { - "additionalProperties": false, - "properties": { - "FunctionVersion": { - "markdownDescription": "The qualifier of the second version.", - "title": "FunctionVersion", + }, + "LambdaName": { + "markdownDescription": "The name of the Lambda function that is run on the message.", + "title": "LambdaName", "type": "string" }, - "FunctionWeight": { - "markdownDescription": "The percentage of traffic that the alias routes to the second version.", - "title": "FunctionWeight", - "type": "number" + "Name": { + "markdownDescription": "The name of the 'lambda' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" } }, "required": [ - "FunctionVersion", - "FunctionWeight" + "BatchSize", + "LambdaName", + "Name" ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig": { + "AWS::IoTAnalytics::Pipeline.Math": { "additionalProperties": false, "properties": { - "Condition": { + "Attribute": { + "markdownDescription": "The name of the attribute that contains the result of the math operation.", + "title": "Attribute", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Math": { + "markdownDescription": "An expression that uses one or more existing attributes and must return an integer value.", + "title": "Math", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowedPublishers": { - "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.AllowedPublishers", - "markdownDescription": "List of allowed publishers.", - "title": "AllowedPublishers" - }, - "CodeSigningPolicies": { - "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.CodeSigningPolicies", - "markdownDescription": "The code signing policy controls the validation failure action for signature mismatch or expiry.", - "title": "CodeSigningPolicies" - }, - "Description": { - "markdownDescription": "Code signing configuration description.", - "title": "Description", - "type": "string" - } - }, - "required": [ - "AllowedPublishers" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Lambda::CodeSigningConfig" - ], + "Name": { + "markdownDescription": "The name of the 'math' activity.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" } }, "required": [ - "Type", - "Properties" + "Attribute", + "Math", + "Name" ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig.AllowedPublishers": { + "AWS::IoTAnalytics::Pipeline.RemoveAttributes": { "additionalProperties": false, "properties": { - "SigningProfileVersionArns": { + "Attributes": { "items": { "type": "string" }, - "markdownDescription": "The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.", - "title": "SigningProfileVersionArns", + "markdownDescription": "A list of 1-50 attributes to remove from the message.", + "title": "Attributes", "type": "array" + }, + "Name": { + "markdownDescription": "The name of the 'removeAttributes' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", + "type": "string" } }, "required": [ - "SigningProfileVersionArns" + "Attributes", + "Name" ], "type": "object" }, - "AWS::Lambda::CodeSigningConfig.CodeSigningPolicies": { + "AWS::IoTAnalytics::Pipeline.SelectAttributes": { "additionalProperties": false, "properties": { - "UntrustedArtifactOnDeployment": { - "markdownDescription": "Code signing configuration policy for deployment validation failure. If you set the policy to `Enforce` , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to `Warn` , Lambda allows the deployment and creates a CloudWatch log.\n\nDefault value: `Warn`", - "title": "UntrustedArtifactOnDeployment", + "Attributes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the attributes to select from the message.", + "title": "Attributes", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the 'selectAttributes' activity.", + "title": "Name", + "type": "string" + }, + "Next": { + "markdownDescription": "The next activity in the pipeline.", + "title": "Next", "type": "string" } }, "required": [ - "UntrustedArtifactOnDeployment" + "Attributes", + "Name" ], "type": "object" }, - "AWS::Lambda::EventInvokeConfig": { + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -142270,41 +151532,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationConfig": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.DestinationConfig", - "markdownDescription": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Bucket* - The ARN of an Amazon S3 bucket.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus.\n\n> S3 buckets are supported only for on-failure destinations. To retain records of successful invocations, use another destination type.", - "title": "DestinationConfig" - }, - "FunctionName": { - "markdownDescription": "The name of the Lambda function.\n\n*Minimum* : `1`\n\n*Maximum* : `64`\n\n*Pattern* : `([a-zA-Z0-9-_]+)`", - "title": "FunctionName", - "type": "string" - }, - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum age of a request that Lambda sends to a function for processing.", - "title": "MaximumEventAgeInSeconds", - "type": "number" - }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of times to retry when the function returns an error.", - "title": "MaximumRetryAttempts", - "type": "number" + "SuiteDefinitionConfiguration": { + "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration", + "markdownDescription": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String", + "title": "SuiteDefinitionConfiguration" }, - "Qualifier": { - "markdownDescription": "The identifier of a version or alias.\n\n- *Version* - A version number.\n- *Alias* - An alias name.\n- *Latest* - To specify the unpublished version, use `$LATEST` .", - "title": "Qualifier", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the the Suite Definition.", + "title": "Tags", + "type": "array" } }, "required": [ - "FunctionName", - "Qualifier" + "SuiteDefinitionConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::EventInvokeConfig" + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition" ], "type": "string" }, @@ -142323,51 +151572,61 @@ ], "type": "object" }, - "AWS::Lambda::EventInvokeConfig.DestinationConfig": { + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest": { "additionalProperties": false, "properties": { - "OnFailure": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnFailure", - "markdownDescription": "The destination configuration for failed invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", - "title": "OnFailure" + "CertificateArn": { + "markdownDescription": "Lists device's certificate ARN.", + "title": "CertificateArn", + "type": "string" }, - "OnSuccess": { - "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnSuccess", - "markdownDescription": "The destination configuration for successful invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", - "title": "OnSuccess" - } - }, - "type": "object" - }, - "AWS::Lambda::EventInvokeConfig.OnFailure": { - "additionalProperties": false, - "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", - "title": "Destination", + "ThingArn": { + "markdownDescription": "Lists device's thing ARN.", + "title": "ThingArn", "type": "string" } }, - "required": [ - "Destination" - ], "type": "object" }, - "AWS::Lambda::EventInvokeConfig.OnSuccess": { + "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.", - "title": "Destination", + "DevicePermissionRoleArn": { + "markdownDescription": "Gets the device permission ARN. This is a required parameter.", + "title": "DevicePermissionRoleArn", + "type": "string" + }, + "Devices": { + "items": { + "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest" + }, + "markdownDescription": "Gets the devices configured.", + "title": "Devices", + "type": "array" + }, + "IntendedForQualification": { + "markdownDescription": "Gets the tests intended for qualification in a suite.", + "title": "IntendedForQualification", + "type": "boolean" + }, + "RootGroup": { + "markdownDescription": "Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default.\n\nFor a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048.", + "title": "RootGroup", + "type": "string" + }, + "SuiteDefinitionName": { + "markdownDescription": "Gets the suite definition name. This is a required parameter.", + "title": "SuiteDefinitionName", "type": "string" } }, "required": [ - "Destination" + "DevicePermissionRoleArn", + "RootGroup" ], "type": "object" }, - "AWS::Lambda::EventSourceMapping": { + "AWS::IoTEvents::AlarmModel": { "additionalProperties": false, "properties": { "Condition": { @@ -142402,142 +151661,64 @@ "Properties": { "additionalProperties": false, "properties": { - "AmazonManagedKafkaEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig", - "markdownDescription": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", - "title": "AmazonManagedKafkaEventSourceConfig" - }, - "BatchSize": { - "markdownDescription": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", - "title": "BatchSize", - "type": "number" - }, - "BisectBatchOnFunctionError": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.\n\n> When using `BisectBatchOnFunctionError` , check the `BatchSize` parameter in the `OnFailure` destination message's metadata. The `BatchSize` could be greater than 1 since Lambda consolidates failed messages metadata when writing to the `OnFailure` destination.", - "title": "BisectBatchOnFunctionError", - "type": "boolean" - }, - "DestinationConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DestinationConfig", - "markdownDescription": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.", - "title": "DestinationConfig" - }, - "DocumentDBEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig", - "markdownDescription": "Specific configuration settings for a DocumentDB event source.", - "title": "DocumentDBEventSourceConfig" + "AlarmCapabilities": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmCapabilities", + "markdownDescription": "Contains the configuration information of alarm state changes.", + "title": "AlarmCapabilities" }, - "Enabled": { - "markdownDescription": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n\nDefault: True", - "title": "Enabled", - "type": "boolean" + "AlarmEventActions": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmEventActions", + "markdownDescription": "Contains information about one or more alarm actions.", + "title": "AlarmEventActions" }, - "EventSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the event source.\n\n- *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n- *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n- *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc) ).\n- *Amazon MQ* \u2013 The ARN of the broker.\n- *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.", - "title": "EventSourceArn", + "AlarmModelDescription": { + "markdownDescription": "The description of the alarm model.", + "title": "AlarmModelDescription", "type": "string" }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.FilterCriteria", - "markdownDescription": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", - "title": "FilterCriteria" - }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* \u2013 `MyFunction` .\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Version or Alias ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD` .\n- *Partial ARN* \u2013 `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", - "title": "FunctionName", + "AlarmModelName": { + "markdownDescription": "The name of the alarm model.", + "title": "AlarmModelName", "type": "string" }, - "FunctionResponseTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "(Kinesis, DynamoDB Streams, and SQS) A list of current response type enums applied to the event source mapping.\n\nValid Values: `ReportBatchItemFailures`", - "title": "FunctionResponseTypes", - "type": "array" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ , Amazon DocumentDB event sources)* : 500 ms\n\n*Related setting:* For Amazon SQS event sources, when you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" - }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1,\nwhich sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n\n> The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed", - "title": "MaximumRecordAgeInSeconds", - "type": "number" - }, - "MaximumRetryAttempts": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1,\nwhich sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", - "type": "number" - }, - "ParallelizationFactor": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", - "type": "number" - }, - "Queues": { - "items": { - "type": "string" - }, - "markdownDescription": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.", - "title": "Queues", - "type": "array" - }, - "ScalingConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ScalingConfig", - "markdownDescription": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency) .", - "title": "ScalingConfig" - }, - "SelfManagedEventSource": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedEventSource", - "markdownDescription": "The self-managed Apache Kafka cluster for your event source.", - "title": "SelfManagedEventSource" - }, - "SelfManagedKafkaEventSourceConfig": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig", - "markdownDescription": "Specific configuration settings for a self-managed Apache Kafka event source.", - "title": "SelfManagedKafkaEventSourceConfig" + "AlarmRule": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmRule", + "markdownDescription": "Defines when your alarm is invoked.", + "title": "AlarmRule" }, - "SourceAccessConfigurations": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SourceAccessConfiguration" - }, - "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.", - "title": "SourceAccessConfigurations", - "type": "array" + "Key": { + "markdownDescription": "An input attribute used as a key to create an alarm. AWS IoT Events routes [inputs](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Input.html) associated with this key to the alarm.", + "title": "Key", + "type": "string" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n\n- *LATEST* - Read only new records.\n- *TRIM_HORIZON* - Process all available records.\n- *AT_TIMESTAMP* - Specify a time from which to start reading records.", - "title": "StartingPosition", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that allows the alarm to perform actions and access AWS resources. For more information, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "RoleArn", "type": "string" }, - "StartingPositionTimestamp": { - "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds. `StartingPositionTimestamp` cannot be in the future.", - "title": "StartingPositionTimestamp", + "Severity": { + "markdownDescription": "A non-negative integer that reflects the severity level of the alarm.", + "title": "Severity", "type": "number" }, - "Topics": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The name of the Kafka topic.", - "title": "Topics", + "markdownDescription": "A list of key-value pairs that contain metadata for the alarm model. The tags help you manage the alarm model. For more information, see [Tagging your AWS IoT Events resources](https://docs.aws.amazon.com/iotevents/latest/developerguide/tagging-iotevents.html) in the *AWS IoT Events Developer Guide* .\n\nYou can create up to 50 tags for one alarm model.", + "title": "Tags", "type": "array" - }, - "TumblingWindowInSeconds": { - "markdownDescription": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.", - "title": "TumblingWindowInSeconds", - "type": "number" } }, "required": [ - "FunctionName" + "AlarmRule", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::EventSourceMapping" + "AWS::IoTEvents::AlarmModel" ], "type": "string" }, @@ -142556,149 +151737,474 @@ ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig": { + "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { "additionalProperties": false, "properties": { - "ConsumerGroupId": { - "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", - "title": "ConsumerGroupId", - "type": "string" + "Enabled": { + "markdownDescription": "The value must be `TRUE` or `FALSE` . If `TRUE` , you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to `NORMAL` . If `FALSE` , you won't receive notifications. The alarm automatically changes to the `NORMAL` state when the input property value returns to the specified range.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::Lambda::EventSourceMapping.DestinationConfig": { + "AWS::IoTEvents::AlarmModel.AlarmAction": { "additionalProperties": false, "properties": { - "OnFailure": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.OnFailure", - "markdownDescription": "The destination configuration for failed invocations.", - "title": "OnFailure" + "DynamoDB": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDB", + "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBAction` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `hashKeyType` parameter can be `'STRING'` .\n- For references, you must specify either variables or input values. For example, the value for the `hashKeyField` parameter can be `$input.GreenhouseInput.name` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `hashKeyValue` parameter uses a substitution template.\n\n`'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nIf the defined payload type is a string, `DynamoDBAction` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the `payloadField` parameter is `_raw` .", + "title": "DynamoDB" + }, + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDBv2", + "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBv2Action` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `tableName` parameter can be `'GreenhouseTemperatureTable'` .\n- For references, you must specify either variables or input values. For example, the value for the `tableName` parameter can be `$variable.ddbtableName` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `contentExpression` parameter in `Payload` uses a substitution template.\n\n`'{\\\"sensorID\\\": \\\"${$input.GreenhouseInput.sensor_id}\\\", \\\"temperature\\\": \\\"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\\\"}'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nThe value for the `type` parameter in `Payload` must be `JSON` .", + "title": "DynamoDBv2" + }, + "Firehose": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Firehose", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", + "title": "Firehose" + }, + "IotEvents": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotEvents", + "markdownDescription": "Sends an AWS IoT Events input, passing in information about the detector model instance and the event that triggered the action.", + "title": "IotEvents" + }, + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotSiteWise", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to a specified asset property in AWS IoT SiteWise .\n\nYou must use expressions for all parameters in `IotSiteWiseAction` . The expressions accept literals, operators, functions, references, and substitutions templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `propertyAlias` parameter can be `'/company/windfarm/3/turbine/7/temperature'` .\n- For references, you must specify either variables or input values. For example, the value for the `assetId` parameter can be `$input.TurbineInput.assetId1` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `propertyAlias` parameter uses a substitution template.\n\n`'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`\n\nYou must specify either `propertyAlias` or both `assetId` and `propertyId` to identify the target asset property in AWS IoT SiteWise .\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .", + "title": "IotSiteWise" + }, + "IotTopicPublish": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotTopicPublish", + "markdownDescription": "Information required to publish the MQTT message through the AWS IoT message broker.", + "title": "IotTopicPublish" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Lambda", + "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", + "title": "Lambda" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sns", + "markdownDescription": "Information required to publish the Amazon SNS message.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sqs", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue.", + "title": "Sqs" } }, "type": "object" }, - "AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig": { + "AWS::IoTEvents::AlarmModel.AlarmCapabilities": { "additionalProperties": false, "properties": { - "CollectionName": { - "markdownDescription": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.", - "title": "CollectionName", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of the database to consume within the DocumentDB cluster.", - "title": "DatabaseName", - "type": "string" + "AcknowledgeFlow": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AcknowledgeFlow", + "markdownDescription": "Specifies whether to get notified for alarm state changes.", + "title": "AcknowledgeFlow" }, - "FullDocument": { - "markdownDescription": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.", - "title": "FullDocument", - "type": "string" + "InitializationConfiguration": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.InitializationConfiguration", + "markdownDescription": "Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model.", + "title": "InitializationConfiguration" } }, "type": "object" }, - "AWS::Lambda::EventSourceMapping.Endpoints": { + "AWS::IoTEvents::AlarmModel.AlarmEventActions": { "additionalProperties": false, "properties": { - "KafkaBootstrapServers": { + "AlarmActions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmAction" }, - "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", - "title": "KafkaBootstrapServers", + "markdownDescription": "Specifies one or more supported actions to receive notifications when the alarm state changes.", + "title": "AlarmActions", "type": "array" } }, "type": "object" }, - "AWS::Lambda::EventSourceMapping.Filter": { + "AWS::IoTEvents::AlarmModel.AlarmRule": { "additionalProperties": false, "properties": { - "Pattern": { - "markdownDescription": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax) .", - "title": "Pattern", - "type": "string" + "SimpleRule": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.SimpleRule", + "markdownDescription": "A rule that compares an input property value to a threshold value with a comparison operator.", + "title": "SimpleRule" } }, "type": "object" }, - "AWS::Lambda::EventSourceMapping.FilterCriteria": { + "AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { - "Filters": { - "items": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Filter" - }, - "markdownDescription": "A list of filters.", - "title": "Filters", - "type": "array" + "OffsetInNanos": { + "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", + "title": "OffsetInNanos", + "type": "string" + }, + "TimeInSeconds": { + "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", + "title": "TimeInSeconds", + "type": "string" } }, + "required": [ + "TimeInSeconds" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.OnFailure": { + "AWS::IoTEvents::AlarmModel.AssetPropertyValue": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", - "title": "Destination", + "Quality": { + "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", + "title": "Quality", "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp", + "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", + "title": "Timestamp" + }, + "Value": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyVariant", + "markdownDescription": "The value to send to an asset property.", + "title": "Value" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.ScalingConfig": { + "AWS::IoTEvents::AlarmModel.AssetPropertyVariant": { "additionalProperties": false, "properties": { - "MaximumConcurrency": { - "markdownDescription": "Limits the number of concurrent instances that the Amazon SQS event source can invoke.", - "title": "MaximumConcurrency", - "type": "number" + "BooleanValue": { + "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", + "title": "BooleanValue", + "type": "string" + }, + "DoubleValue": { + "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", + "title": "DoubleValue", + "type": "string" + }, + "IntegerValue": { + "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", + "title": "IntegerValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", + "title": "StringValue", + "type": "string" } }, "type": "object" }, - "AWS::Lambda::EventSourceMapping.SelfManagedEventSource": { + "AWS::IoTEvents::AlarmModel.DynamoDB": { "additionalProperties": false, "properties": { - "Endpoints": { - "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Endpoints", - "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", - "title": "Endpoints" + "HashKeyField": { + "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", + "title": "HashKeyField", + "type": "string" + }, + "HashKeyType": { + "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", + "title": "HashKeyType", + "type": "string" + }, + "HashKeyValue": { + "markdownDescription": "The value of the hash key (also called the partition key).", + "title": "HashKeyValue", + "type": "string" + }, + "Operation": { + "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", + "title": "Operation", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" + }, + "PayloadField": { + "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", + "title": "PayloadField", + "type": "string" + }, + "RangeKeyField": { + "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", + "title": "RangeKeyField", + "type": "string" + }, + "RangeKeyType": { + "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The value of the range key (also called the sort key).", + "title": "RangeKeyValue", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", + "title": "TableName", + "type": "string" } }, + "required": [ + "HashKeyField", + "HashKeyValue", + "TableName" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig": { + "AWS::IoTEvents::AlarmModel.DynamoDBv2": { "additionalProperties": false, "properties": { - "ConsumerGroupId": { - "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add) .", - "title": "ConsumerGroupId", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", "type": "string" } }, + "required": [ + "TableName" + ], "type": "object" }, - "AWS::Lambda::EventSourceMapping.SourceAccessConfiguration": { + "AWS::IoTEvents::AlarmModel.Firehose": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: `\"Type\":\"SASL_SCRAM_512_AUTH\"` .\n\n- `BASIC_AUTH` \u2013 (Amazon MQ) The AWS Secrets Manager secret that stores your broker credentials.\n- `BASIC_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n- `VPC_SUBNET` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n- `VPC_SECURITY_GROUP` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_256_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_512_AUTH` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n- `VIRTUAL_HOST` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n- `CLIENT_CERTIFICATE_TLS_AUTH` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n- `SERVER_ROOT_CA_CERTIFICATE` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.", - "title": "Type", + "DeliveryStreamName": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", + "title": "DeliveryStreamName", "type": "string" }, - "URI": { - "markdownDescription": "The value for your chosen configuration in `Type` . For example: `\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"` .", - "title": "URI", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", + "title": "Payload" + }, + "Separator": { + "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", "type": "string" } }, + "required": [ + "DeliveryStreamName" + ], "type": "object" }, - "AWS::Lambda::Function": { + "AWS::IoTEvents::AlarmModel.InitializationConfiguration": { + "additionalProperties": false, + "properties": { + "DisabledOnInitialization": { + "markdownDescription": "The value must be `TRUE` or `FALSE` . If `FALSE` , all alarm instances created based on the alarm model are activated. The default value is `TRUE` .", + "title": "DisabledOnInitialization", + "type": "boolean" + } + }, + "required": [ + "DisabledOnInitialization" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.IotEvents": { + "additionalProperties": false, + "properties": { + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", + "title": "InputName", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", + "title": "Payload" + } + }, + "required": [ + "InputName" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.IotSiteWise": { + "additionalProperties": false, + "properties": { + "AssetId": { + "markdownDescription": "The ID of the asset that has the specified property.", + "title": "AssetId", + "type": "string" + }, + "EntryId": { + "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", + "title": "EntryId", + "type": "string" + }, + "PropertyAlias": { + "markdownDescription": "The alias of the asset property.", + "title": "PropertyAlias", + "type": "string" + }, + "PropertyId": { + "markdownDescription": "The ID of the asset property.", + "title": "PropertyId", + "type": "string" + }, + "PropertyValue": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyValue", + "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", + "title": "PropertyValue" + } + }, + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.IotTopicPublish": { + "additionalProperties": false, + "properties": { + "MqttTopic": { + "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", + "title": "MqttTopic", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", + "title": "Payload" + } + }, + "required": [ + "MqttTopic" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Lambda": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function that is executed.", + "title": "FunctionArn", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", + "title": "Payload" + } + }, + "required": [ + "FunctionArn" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Payload": { + "additionalProperties": false, + "properties": { + "ContentExpression": { + "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", + "title": "ContentExpression", + "type": "string" + }, + "Type": { + "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ContentExpression", + "Type" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.SimpleRule": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The comparison operator.", + "title": "ComparisonOperator", + "type": "string" + }, + "InputProperty": { + "markdownDescription": "The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property.", + "title": "InputProperty", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute.", + "title": "Threshold", + "type": "string" + } + }, + "required": [ + "ComparisonOperator", + "InputProperty", + "Threshold" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Sns": { + "additionalProperties": false, + "properties": { + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", + "title": "Payload" + }, + "TargetArn": { + "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", + "title": "TargetArn", + "type": "string" + } + }, + "required": [ + "TargetArn" + ], + "type": "object" + }, + "AWS::IoTEvents::AlarmModel.Sqs": { + "additionalProperties": false, + "properties": { + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", + "title": "Payload" + }, + "QueueUrl": { + "markdownDescription": "The URL of the SQS queue where the data is written.", + "title": "QueueUrl", + "type": "string" + }, + "UseBase64": { + "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", + "title": "UseBase64", + "type": "boolean" + } + }, + "required": [ + "QueueUrl" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel": { "additionalProperties": false, "properties": { "Condition": { @@ -142733,153 +152239,54 @@ "Properties": { "additionalProperties": false, "properties": { - "Architectures": { - "items": { - "type": "string" - }, - "markdownDescription": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is `x86_64` .", - "title": "Architectures", - "type": "array" - }, - "Code": { - "$ref": "#/definitions/AWS::Lambda::Function.Code", - "markdownDescription": "The code for the function. You can define your function code in multiple ways:\n\n- For .zip deployment packages, you can specify the Amazon S3 location of the .zip file in the `S3Bucket` , `S3Key` , and `S3ObjectVersion` properties.\n- For .zip deployment packages, you can alternatively define the function code inline in the `ZipFile` property. This method works only for Node.js and Python functions.\n- For container images, specify the URI of your container image in the Amazon ECR registry in the `ImageUri` property.", - "title": "Code" - }, - "CodeSigningConfigArn": { - "markdownDescription": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration\nincludes a set of signing profiles, which define the trusted publishers for this function.", - "title": "CodeSigningConfigArn", - "type": "string" - }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.DeadLetterConfig", - "markdownDescription": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq) .", - "title": "DeadLetterConfig" - }, - "Description": { - "markdownDescription": "A description of the function.", - "title": "Description", - "type": "string" - }, - "Environment": { - "$ref": "#/definitions/AWS::Lambda::Function.Environment", - "markdownDescription": "Environment variables that are accessible from function code during execution.", - "title": "Environment" - }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", - "markdownDescription": "The size of the function's `/tmp` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", - "title": "EphemeralStorage" - }, - "FileSystemConfigs": { - "items": { - "$ref": "#/definitions/AWS::Lambda::Function.FileSystemConfig" - }, - "markdownDescription": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a `DependsOn` attribute to ensure that the mount target is created or updated before the function.\n\nFor more information about using the `DependsOn` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", - "title": "FileSystemConfigs", - "type": "array" - }, - "FunctionName": { - "markdownDescription": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, AWS CloudFormation generates one.\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "FunctionName", - "type": "string" + "DetectorModelDefinition": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DetectorModelDefinition", + "markdownDescription": "Information that defines how a detector operates.", + "title": "DetectorModelDefinition" }, - "Handler": { - "markdownDescription": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html) .", - "title": "Handler", + "DetectorModelDescription": { + "markdownDescription": "A brief description of the detector model.", + "title": "DetectorModelDescription", "type": "string" }, - "ImageConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.ImageConfig", - "markdownDescription": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) .", - "title": "ImageConfig" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt the following resources:\n\n- The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption) .\n- The function's [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) snapshots.\n- When used with `SourceKMSKeyArn` , the unzipped version of the .zip deployment package that's used for function invocations. For more information, see [Specifying a customer managed key for Lambda](https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption) .\n- The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see [Function lifecycle](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle) .\n\nIf you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) or an [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", - "title": "KmsKeyArn", + "DetectorModelName": { + "markdownDescription": "The name of the detector model.", + "title": "DetectorModelName", "type": "string" }, - "Layers": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", - "title": "Layers", - "type": "array" - }, - "LoggingConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.LoggingConfig", - "markdownDescription": "The function's Amazon CloudWatch Logs configuration settings.", - "title": "LoggingConfig" - }, - "MemorySize": { - "markdownDescription": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.", - "title": "MemorySize", - "type": "number" - }, - "PackageType": { - "markdownDescription": "The type of deployment package. Set to `Image` for container image and set `Zip` for .zip file archive.", - "title": "PackageType", + "EvaluationMethod": { + "markdownDescription": "Information about the order in which events are evaluated and how actions are executed.", + "title": "EvaluationMethod", "type": "string" }, - "ReservedConcurrentExecutions": { - "markdownDescription": "The number of simultaneous executions to reserve for the function.", - "title": "ReservedConcurrentExecutions", - "type": "number" - }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the function's execution role.", - "title": "Role", + "Key": { + "markdownDescription": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value.", + "title": "Key", "type": "string" }, - "Runtime": { - "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels) .\n\nFor a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported) .", - "title": "Runtime", + "RoleArn": { + "markdownDescription": "The ARN of the role that grants permission to AWS IoT Events to perform its operations.", + "title": "RoleArn", "type": "string" }, - "RuntimeManagementConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.RuntimeManagementConfig", - "markdownDescription": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) .", - "title": "RuntimeManagementConfig" - }, - "SnapStart": { - "$ref": "#/definitions/AWS::Lambda::Function.SnapStart", - "markdownDescription": "The function's [AWS Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", - "title": "SnapStart" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "Timeout": { - "markdownDescription": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) .", - "title": "Timeout", - "type": "number" - }, - "TracingConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.TracingConfig", - "markdownDescription": "Set `Mode` to `Active` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) .", - "title": "TracingConfig" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::Lambda::Function.VpcConfig", - "markdownDescription": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html) .", - "title": "VpcConfig" } }, "required": [ - "Code", - "Role" + "DetectorModelDefinition", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Function" + "AWS::IoTEvents::DetectorModel" ], "type": "string" }, @@ -142898,240 +152305,640 @@ ], "type": "object" }, - "AWS::Lambda::Function.Code": { + "AWS::IoTEvents::DetectorModel.Action": { "additionalProperties": false, "properties": { - "ImageUri": { - "markdownDescription": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.", - "title": "ImageUri", + "ClearTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ClearTimer", + "markdownDescription": "Information needed to clear the timer.", + "title": "ClearTimer" + }, + "DynamoDB": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDB", + "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", + "title": "DynamoDB" + }, + "DynamoDBv2": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDBv2", + "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", + "title": "DynamoDBv2" + }, + "Firehose": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Firehose", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", + "title": "Firehose" + }, + "IotEvents": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotEvents", + "markdownDescription": "Sends AWS IoT Events input, which passes information about the detector model instance and the event that triggered the action.", + "title": "IotEvents" + }, + "IotSiteWise": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotSiteWise", + "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an asset property in AWS IoT SiteWise .", + "title": "IotSiteWise" + }, + "IotTopicPublish": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotTopicPublish", + "markdownDescription": "Publishes an MQTT message with the given topic to the AWS IoT message broker.", + "title": "IotTopicPublish" + }, + "Lambda": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Lambda", + "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", + "title": "Lambda" + }, + "ResetTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ResetTimer", + "markdownDescription": "Information needed to reset the timer.", + "title": "ResetTimer" + }, + "SetTimer": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetTimer", + "markdownDescription": "Information needed to set the timer.", + "title": "SetTimer" + }, + "SetVariable": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetVariable", + "markdownDescription": "Sets a variable to a specified value.", + "title": "SetVariable" + }, + "Sns": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sns", + "markdownDescription": "Sends an Amazon SNS message.", + "title": "Sns" + }, + "Sqs": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sqs", + "markdownDescription": "Sends an Amazon SNS message.", + "title": "Sqs" + } + }, + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp": { + "additionalProperties": false, + "properties": { + "OffsetInNanos": { + "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", + "title": "OffsetInNanos", "type": "string" }, - "S3Bucket": { - "markdownDescription": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account .", - "title": "S3Bucket", + "TimeInSeconds": { + "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", + "title": "TimeInSeconds", + "type": "string" + } + }, + "required": [ + "TimeInSeconds" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.AssetPropertyValue": { + "additionalProperties": false, + "properties": { + "Quality": { + "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", + "title": "Quality", "type": "string" }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of the deployment package.", - "title": "S3Key", + "Timestamp": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp", + "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", + "title": "Timestamp" + }, + "Value": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyVariant", + "markdownDescription": "The value to send to an asset property.", + "title": "Value" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.AssetPropertyVariant": { + "additionalProperties": false, + "properties": { + "BooleanValue": { + "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", + "title": "BooleanValue", "type": "string" }, - "S3ObjectVersion": { - "markdownDescription": "For versioned objects, the version of the deployment package object to use.", - "title": "S3ObjectVersion", + "DoubleValue": { + "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", + "title": "DoubleValue", "type": "string" }, - "ZipFile": { - "markdownDescription": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named `index` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) . This zip file cannot exceed 4MB. For the `Handler` property, the first part of the handler identifier must be `index` . For example, `index.handler` .\n\n> When you specify source code inline for a Node.js function, the `index` file that AWS CloudFormation creates uses the extension `.js` . This means that Lambda treats the file as a CommonJS module. ES modules aren't supported for inline functions. \n\nFor JSON, you must escape quotes and special characters such as newline ( `\\n` ) with a backslash.\n\nIf you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( [cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html) ) that simplifies sending responses. See [Using AWS Lambda with AWS CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.", - "title": "ZipFile", + "IntegerValue": { + "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", + "title": "IntegerValue", + "type": "string" + }, + "StringValue": { + "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", + "title": "StringValue", "type": "string" } }, "type": "object" }, - "AWS::Lambda::Function.DeadLetterConfig": { + "AWS::IoTEvents::DetectorModel.ClearTimer": { "additionalProperties": false, "properties": { - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", - "title": "TargetArn", + "TimerName": { + "markdownDescription": "The name of the timer to clear.", + "title": "TimerName", "type": "string" } }, + "required": [ + "TimerName" + ], "type": "object" }, - "AWS::Lambda::Function.Environment": { + "AWS::IoTEvents::DetectorModel.DetectorModelDefinition": { "additionalProperties": false, "properties": { - "Variables": { - "additionalProperties": true, - "markdownDescription": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html) .\n\nIf the value of the environment variable is a time or a duration, enclose the value in quotes.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "InitialStateName": { + "markdownDescription": "The state that is entered at the creation of each detector (instance).", + "title": "InitialStateName", + "type": "string" + }, + "States": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.State" }, - "title": "Variables", - "type": "object" + "markdownDescription": "Information about the states of the detector.", + "title": "States", + "type": "array" } }, + "required": [ + "InitialStateName", + "States" + ], "type": "object" }, - "AWS::Lambda::Function.EphemeralStorage": { + "AWS::IoTEvents::DetectorModel.DynamoDB": { "additionalProperties": false, "properties": { - "Size": { - "markdownDescription": "The size of the function's `/tmp` directory.", - "title": "Size", - "type": "number" + "HashKeyField": { + "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", + "title": "HashKeyField", + "type": "string" + }, + "HashKeyType": { + "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", + "title": "HashKeyType", + "type": "string" + }, + "HashKeyValue": { + "markdownDescription": "The value of the hash key (also called the partition key).", + "title": "HashKeyValue", + "type": "string" + }, + "Operation": { + "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", + "title": "Operation", + "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" + }, + "PayloadField": { + "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", + "title": "PayloadField", + "type": "string" + }, + "RangeKeyField": { + "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", + "title": "RangeKeyField", + "type": "string" + }, + "RangeKeyType": { + "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", + "title": "RangeKeyType", + "type": "string" + }, + "RangeKeyValue": { + "markdownDescription": "The value of the range key (also called the sort key).", + "title": "RangeKeyValue", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", + "title": "TableName", + "type": "string" } }, "required": [ - "Size" + "HashKeyField", + "HashKeyValue", + "TableName" ], "type": "object" }, - "AWS::Lambda::Function.FileSystemConfig": { + "AWS::IoTEvents::DetectorModel.DynamoDBv2": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.", - "title": "Arn", - "type": "string" + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", + "title": "Payload" }, - "LocalMountPath": { - "markdownDescription": "The path where the function can access the file system, starting with `/mnt/` .", - "title": "LocalMountPath", + "TableName": { + "markdownDescription": "The name of the DynamoDB table.", + "title": "TableName", "type": "string" } }, "required": [ - "Arn", - "LocalMountPath" + "TableName" ], "type": "object" }, - "AWS::Lambda::Function.ImageConfig": { + "AWS::IoTEvents::DetectorModel.Event": { "additionalProperties": false, "properties": { - "Command": { + "Actions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" }, - "markdownDescription": "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.", - "title": "Command", + "markdownDescription": "The actions to be performed.", + "title": "Actions", "type": "array" }, - "EntryPoint": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.", - "title": "EntryPoint", - "type": "array" + "Condition": { + "markdownDescription": "Optional. The Boolean expression that, when TRUE, causes the `actions` to be performed. If not present, the actions are performed (=TRUE). If the expression result is not a Boolean value, the actions are not performed (=FALSE).", + "title": "Condition", + "type": "string" }, - "WorkingDirectory": { - "markdownDescription": "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.", - "title": "WorkingDirectory", + "EventName": { + "markdownDescription": "The name of the event.", + "title": "EventName", "type": "string" } }, + "required": [ + "EventName" + ], "type": "object" }, - "AWS::Lambda::Function.LoggingConfig": { + "AWS::IoTEvents::DetectorModel.Firehose": { "additionalProperties": false, "properties": { - "ApplicationLogLevel": { - "markdownDescription": "Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where `TRACE` is the highest level and `FATAL` is the lowest.", - "title": "ApplicationLogLevel", + "DeliveryStreamName": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", + "title": "DeliveryStreamName", "type": "string" }, - "LogFormat": { - "markdownDescription": "The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON.", - "title": "LogFormat", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", + "title": "Payload" + }, + "Separator": { + "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", + "title": "Separator", + "type": "string" + } + }, + "required": [ + "DeliveryStreamName" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.IotEvents": { + "additionalProperties": false, + "properties": { + "InputName": { + "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", + "title": "InputName", "type": "string" }, - "LogGroup": { - "markdownDescription": "The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named `/aws/lambda/` . To use a different log group, enter an existing log group or enter a new log group name.", - "title": "LogGroup", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", + "title": "Payload" + } + }, + "required": [ + "InputName" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.IotSiteWise": { + "additionalProperties": false, + "properties": { + "AssetId": { + "markdownDescription": "The ID of the asset that has the specified property.", + "title": "AssetId", "type": "string" }, - "SystemLogLevel": { - "markdownDescription": "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where `DEBUG` is the highest level and `WARN` is the lowest.", - "title": "SystemLogLevel", + "EntryId": { + "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", + "title": "EntryId", + "type": "string" + }, + "PropertyAlias": { + "markdownDescription": "The alias of the asset property.", + "title": "PropertyAlias", + "type": "string" + }, + "PropertyId": { + "markdownDescription": "The ID of the asset property.", + "title": "PropertyId", "type": "string" + }, + "PropertyValue": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyValue", + "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", + "title": "PropertyValue" } }, + "required": [ + "PropertyValue" + ], "type": "object" }, - "AWS::Lambda::Function.RuntimeManagementConfig": { + "AWS::IoTEvents::DetectorModel.IotTopicPublish": { "additionalProperties": false, "properties": { - "RuntimeVersionArn": { - "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", - "title": "RuntimeVersionArn", + "MqttTopic": { + "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", + "title": "MqttTopic", "type": "string" }, - "UpdateRuntimeOn": { - "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", - "title": "UpdateRuntimeOn", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", + "title": "Payload" + } + }, + "required": [ + "MqttTopic" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.Lambda": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "The ARN of the Lambda function that is executed.", + "title": "FunctionArn", "type": "string" + }, + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", + "title": "Payload" } }, "required": [ - "UpdateRuntimeOn" + "FunctionArn" ], "type": "object" }, - "AWS::Lambda::Function.SnapStart": { + "AWS::IoTEvents::DetectorModel.OnEnter": { "additionalProperties": false, "properties": { - "ApplyOn": { - "markdownDescription": "Set `ApplyOn` to `PublishedVersions` to create a snapshot of the initialized execution environment when you publish a function version.", - "title": "ApplyOn", + "Events": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" + }, + "markdownDescription": "Specifies the actions that are performed when the state is entered and the `condition` is `TRUE` .", + "title": "Events", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.OnExit": { + "additionalProperties": false, + "properties": { + "Events": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" + }, + "markdownDescription": "Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE` .", + "title": "Events", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.OnInput": { + "additionalProperties": false, + "properties": { + "Events": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" + }, + "markdownDescription": "Specifies the actions performed when the `condition` evaluates to TRUE.", + "title": "Events", + "type": "array" + }, + "TransitionEvents": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.TransitionEvent" + }, + "markdownDescription": "Specifies the actions performed, and the next state entered, when a `condition` evaluates to TRUE.", + "title": "TransitionEvents", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.Payload": { + "additionalProperties": false, + "properties": { + "ContentExpression": { + "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", + "title": "ContentExpression", + "type": "string" + }, + "Type": { + "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", + "title": "Type", "type": "string" } }, "required": [ - "ApplyOn" + "ContentExpression", + "Type" ], "type": "object" }, - "AWS::Lambda::Function.SnapStartResponse": { + "AWS::IoTEvents::DetectorModel.ResetTimer": { "additionalProperties": false, "properties": { - "ApplyOn": { - "markdownDescription": "When set to `PublishedVersions` , Lambda creates a snapshot of the execution environment when you publish a function version.", - "title": "ApplyOn", + "TimerName": { + "markdownDescription": "The name of the timer to reset.", + "title": "TimerName", + "type": "string" + } + }, + "required": [ + "TimerName" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.SetTimer": { + "additionalProperties": false, + "properties": { + "DurationExpression": { + "markdownDescription": "The duration of the timer, in seconds. You can use a string expression that includes numbers, variables ( `$variable.` ), and input values ( `$input..` ) as the duration. The range of the duration is 1-31622400 seconds. To ensure accuracy, the minimum duration is 60 seconds. The evaluated result of the duration is rounded down to the nearest whole number.", + "title": "DurationExpression", "type": "string" }, - "OptimizationStatus": { - "markdownDescription": "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using) , this response element indicates whether SnapStart is activated for the specified function version.", - "title": "OptimizationStatus", + "Seconds": { + "markdownDescription": "The number of seconds until the timer expires. The minimum value is 60 seconds to ensure accuracy. The maximum value is 31622400 seconds.", + "title": "Seconds", + "type": "number" + }, + "TimerName": { + "markdownDescription": "The name of the timer.", + "title": "TimerName", "type": "string" } }, + "required": [ + "TimerName" + ], "type": "object" }, - "AWS::Lambda::Function.TracingConfig": { + "AWS::IoTEvents::DetectorModel.SetVariable": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The tracing mode.", - "title": "Mode", + "Value": { + "markdownDescription": "The new value of the variable.", + "title": "Value", + "type": "string" + }, + "VariableName": { + "markdownDescription": "The name of the variable.", + "title": "VariableName", "type": "string" } }, + "required": [ + "Value", + "VariableName" + ], "type": "object" }, - "AWS::Lambda::Function.VpcConfig": { + "AWS::IoTEvents::DetectorModel.Sns": { "additionalProperties": false, "properties": { - "Ipv6AllowedForDualStack": { - "markdownDescription": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.", - "title": "Ipv6AllowedForDualStack", + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", + "title": "Payload" + }, + "TargetArn": { + "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", + "title": "TargetArn", + "type": "string" + } + }, + "required": [ + "TargetArn" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.Sqs": { + "additionalProperties": false, + "properties": { + "Payload": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", + "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", + "title": "Payload" + }, + "QueueUrl": { + "markdownDescription": "The URL of the SQS queue where the data is written.", + "title": "QueueUrl", + "type": "string" + }, + "UseBase64": { + "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", + "title": "UseBase64", "type": "boolean" + } + }, + "required": [ + "QueueUrl" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.State": { + "additionalProperties": false, + "properties": { + "OnEnter": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnEnter", + "markdownDescription": "When entering this state, perform these `actions` if the `condition` is TRUE.", + "title": "OnEnter" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of VPC security group IDs.", - "title": "SecurityGroupIds", - "type": "array" + "OnExit": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnExit", + "markdownDescription": "When exiting this state, perform these `actions` if the specified `condition` is `TRUE` .", + "title": "OnExit" }, - "SubnetIds": { + "OnInput": { + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnInput", + "markdownDescription": "When an input is received and the `condition` is TRUE, perform the specified `actions` .", + "title": "OnInput" + }, + "StateName": { + "markdownDescription": "The name of the state.", + "title": "StateName", + "type": "string" + } + }, + "required": [ + "StateName" + ], + "type": "object" + }, + "AWS::IoTEvents::DetectorModel.TransitionEvent": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" }, - "markdownDescription": "A list of VPC subnet IDs.", - "title": "SubnetIds", + "markdownDescription": "The actions to be performed.", + "title": "Actions", "type": "array" + }, + "Condition": { + "markdownDescription": "Required. A Boolean expression that when TRUE causes the actions to be performed and the `nextState` to be entered.", + "title": "Condition", + "type": "string" + }, + "EventName": { + "markdownDescription": "The name of the transition event.", + "title": "EventName", + "type": "string" + }, + "NextState": { + "markdownDescription": "The next state to enter.", + "title": "NextState", + "type": "string" } }, + "required": [ + "Condition", + "EventName", + "NextState" + ], "type": "object" }, - "AWS::Lambda::LayerVersion": { + "AWS::IoTEvents::Input": { "additionalProperties": false, "properties": { "Condition": { @@ -143166,51 +152973,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CompatibleArchitectures": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .", - "title": "CompatibleArchitectures", - "type": "array" - }, - "CompatibleRuntimes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .", - "title": "CompatibleRuntimes", - "type": "array" - }, - "Content": { - "$ref": "#/definitions/AWS::Lambda::LayerVersion.Content", - "markdownDescription": "The function layer archive.", - "title": "Content" + "InputDefinition": { + "$ref": "#/definitions/AWS::IoTEvents::Input.InputDefinition", + "markdownDescription": "The definition of the input.", + "title": "InputDefinition" }, - "Description": { - "markdownDescription": "The description of the version.", - "title": "Description", + "InputDescription": { + "markdownDescription": "A brief description of the input.", + "title": "InputDescription", "type": "string" }, - "LayerName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", - "title": "LayerName", + "InputName": { + "markdownDescription": "The name of the input.", + "title": "InputName", "type": "string" }, - "LicenseInfo": { - "markdownDescription": "The layer's software license. It can be any of the following:\n\n- An [SPDX license identifier](https://docs.aws.amazon.com/https://spdx.org/licenses/) . For example, `MIT` .\n- The URL of a license hosted on the internet. For example, `https://opensource.org/licenses/MIT` .\n- The full text of the license.", - "title": "LicenseInfo", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "Content" + "InputDefinition" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::LayerVersion" + "AWS::IoTEvents::Input" ], "type": "string" }, @@ -143229,32 +153023,38 @@ ], "type": "object" }, - "AWS::Lambda::LayerVersion.Content": { + "AWS::IoTEvents::Input.Attribute": { "additionalProperties": false, "properties": { - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket of the layer archive.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of the layer archive.", - "title": "S3Key", - "type": "string" - }, - "S3ObjectVersion": { - "markdownDescription": "For versioned objects, the version of the layer archive object to use.", - "title": "S3ObjectVersion", + "JsonPath": { + "markdownDescription": "An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events ( `BatchPutMessage` ). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors.\n\nSyntax: `....`", + "title": "JsonPath", "type": "string" } }, "required": [ - "S3Bucket", - "S3Key" + "JsonPath" ], "type": "object" }, - "AWS::Lambda::LayerVersionPermission": { + "AWS::IoTEvents::Input.InputDefinition": { + "additionalProperties": false, + "properties": { + "Attributes": { + "items": { + "$ref": "#/definitions/AWS::IoTEvents::Input.Attribute" + }, + "markdownDescription": "The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage` . Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input.", + "title": "Attributes", + "type": "array" + } + }, + "required": [ + "Attributes" + ], + "type": "object" + }, + "AWS::IoTFleetHub::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -143289,37 +153089,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The API action that grants access to the layer. For example, `lambda:GetLayerVersion` .", - "title": "Action", + "ApplicationDescription": { + "markdownDescription": "An optional description of the web application.", + "title": "ApplicationDescription", "type": "string" }, - "LayerVersionArn": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", - "title": "LayerVersionArn", + "ApplicationName": { + "markdownDescription": "The name of the web application.", + "title": "ApplicationName", "type": "string" }, - "OrganizationId": { - "markdownDescription": "With the principal set to `*` , grant permission to all accounts in the specified organization.", - "title": "OrganizationId", + "RoleArn": { + "markdownDescription": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core .\n\n> The name of the role must be in the form `FleetHub_random_string` . \n\nPattern: `^arn:[!-~]+$`", + "title": "RoleArn", "type": "string" }, - "Principal": { - "markdownDescription": "An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified). For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.", - "title": "Principal", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of key/value pairs that you can use to manage the web application resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "Action", - "LayerVersionArn", - "Principal" + "ApplicationName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::LayerVersionPermission" + "AWS::IoTFleetHub::Application" ], "type": "string" }, @@ -143338,7 +153140,7 @@ ], "type": "object" }, - "AWS::Lambda::Permission": { + "AWS::IoTFleetWise::Campaign": { "additionalProperties": false, "properties": { "Condition": { @@ -143374,56 +153176,130 @@ "additionalProperties": false, "properties": { "Action": { - "markdownDescription": "The action that the principal can use on the function. For example, `lambda:InvokeFunction` or `lambda:GetFunction` .", + "markdownDescription": "Specifies how to update a campaign. The action can be one of the following:\n\n- `APPROVE` - To approve delivering a data collection scheme to vehicles.\n- `SUSPEND` - To suspend collecting signal data. The campaign is deleted from vehicles and all vehicles in the suspended campaign will stop sending data.\n- `RESUME` - To reactivate the `SUSPEND` campaign. The campaign is redeployed to all vehicles and the vehicles will resume sending data.\n- `UPDATE` - To update a campaign.", "title": "Action", "type": "string" }, - "EventSourceToken": { - "markdownDescription": "For Alexa Smart Home functions, a token that the invoker must supply.", - "title": "EventSourceToken", + "CollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.CollectionScheme", + "markdownDescription": "The data collection scheme associated with the campaign. You can specify a scheme that collects data based on time or an event.", + "title": "CollectionScheme" + }, + "Compression": { + "markdownDescription": "Whether to compress signals before transmitting data to AWS IoT FleetWise . If you don't want to compress the signals, use `OFF` . If it's not specified, `SNAPPY` is used.\n\nDefault: `SNAPPY`", + "title": "Compression", "type": "string" }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function, version, or alias.\n\n**Name formats** - *Function name* \u2013 `my-function` (name-only), `my-function:v1` (with alias).\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:my-function` .\n- *Partial ARN* \u2013 `123456789012:function:my-function` .\n\nYou can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", + "DataDestinationConfigs": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataDestinationConfig" + }, + "markdownDescription": "The destination where the campaign sends data. You can choose to send data to be stored in Amazon S3 or Amazon Timestream .\n\nAmazon S3 optimizes the cost of data storage and provides additional mechanisms to use vehicle data, such as data lakes, centralized data storage, data processing pipelines, and analytics. AWS IoT FleetWise supports at-least-once file delivery to S3. Your vehicle data is stored on multiple AWS IoT FleetWise servers for redundancy and high availability.\n\nYou can use Amazon Timestream to access and analyze time series data, and Timestream to query vehicle data so that you can identify trends and patterns.", + "title": "DataDestinationConfigs", + "type": "array" + }, + "DataExtraDimensions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of vehicle attributes to associate with a campaign.\n\nEnrich the data with specified vehicle attributes. For example, add `make` and `model` to the campaign, and AWS IoT FleetWise will associate the data with those attributes as dimensions in Amazon Timestream . You can then query the data against `make` and `model` .\n\nDefault: An empty array", + "title": "DataExtraDimensions", + "type": "array" + }, + "DataPartitions": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartition" + }, + "markdownDescription": "The data partitions associated with the signals collected from the vehicle.", + "title": "DataPartitions", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the campaign.", + "title": "Description", "type": "string" }, - "FunctionUrlAuthType": { - "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", - "title": "FunctionUrlAuthType", + "DiagnosticsMode": { + "markdownDescription": "Option for a vehicle to send diagnostic trouble codes to AWS IoT FleetWise . If you want to send diagnostic trouble codes, use `SEND_ACTIVE_DTCS` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", + "title": "DiagnosticsMode", "type": "string" }, - "Principal": { - "markdownDescription": "The AWS service , AWS account , IAM user, or IAM role that invokes the function. If you specify a service, use `SourceArn` or `SourceAccount` to limit who can invoke the function through that service.", - "title": "Principal", + "ExpiryTime": { + "markdownDescription": "The time the campaign expires, in seconds since epoch (January 1, 1970 at midnight UTC time). Vehicle data isn't collected after the campaign expires.\n\nDefault: 253402214400 (December 31, 9999, 00:00:00 UTC)", + "title": "ExpiryTime", "type": "string" }, - "PrincipalOrgID": { - "markdownDescription": "The identifier for your organization in AWS Organizations . Use this to grant permissions to all the AWS accounts under this organization.", - "title": "PrincipalOrgID", + "Name": { + "markdownDescription": "The name of a campaign.", + "title": "Name", "type": "string" }, - "SourceAccount": { - "markdownDescription": "For AWS service , the ID of the AWS account that owns the resource. Use this together with `SourceArn` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.", - "title": "SourceAccount", + "PostTriggerCollectionDuration": { + "markdownDescription": "How long (in milliseconds) to collect raw data after a triggering event initiates the collection. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "PostTriggerCollectionDuration", + "type": "number" + }, + "Priority": { + "markdownDescription": "A number indicating the priority of one campaign over another campaign for a certain vehicle or fleet. A campaign with the lowest value is deployed to vehicles before any other campaigns. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "Priority", + "type": "number" + }, + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the campaign.", + "title": "SignalCatalogArn", "type": "string" }, - "SourceArn": { - "markdownDescription": "For AWS services , the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n\nNote that Lambda configures the comparison using the `StringLike` operator.", - "title": "SourceArn", + "SignalsToCollect": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalInformation" + }, + "markdownDescription": "A list of information about signals to collect.", + "title": "SignalsToCollect", + "type": "array" + }, + "SignalsToFetch": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalFetchInformation" + }, + "markdownDescription": "A list of information about signals to fetch.", + "title": "SignalsToFetch", + "type": "array" + }, + "SpoolingMode": { + "markdownDescription": "Whether to store collected data after a vehicle lost a connection with the cloud. After a connection is re-established, the data is automatically forwarded to AWS IoT FleetWise . If you want to store collected data when a vehicle loses connection with the cloud, use `TO_DISK` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", + "title": "SpoolingMode", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The time, in milliseconds, to deliver a campaign after it was approved. If it's not specified, `0` is used.\n\nDefault: `0`", + "title": "StartTime", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the campaign.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle or fleet to which the campaign is deployed.", + "title": "TargetArn", "type": "string" } }, "required": [ - "Action", - "FunctionName", - "Principal" + "CollectionScheme", + "Name", + "SignalCatalogArn", + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lambda::Permission" + "AWS::IoTFleetWise::Campaign" ], "type": "string" }, @@ -143442,263 +153318,379 @@ ], "type": "object" }, - "AWS::Lambda::Url": { + "AWS::IoTFleetWise::Campaign.CollectionScheme": { "additionalProperties": false, "properties": { - "Condition": { + "ConditionBasedCollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme", + "markdownDescription": "Information about a collection scheme that uses a simple logical expression to recognize what data to collect.", + "title": "ConditionBasedCollectionScheme" + }, + "TimeBasedCollectionScheme": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme", + "markdownDescription": "Information about a collection scheme that uses a time period to decide how often to collect data.", + "title": "TimeBasedCollectionScheme" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme": { + "additionalProperties": false, + "properties": { + "ConditionLanguageVersion": { + "markdownDescription": "Specifies the version of the conditional expression language.", + "title": "ConditionLanguageVersion", + "type": "number" + }, + "Expression": { + "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.Vehicle.OutsideAirTemperature >= 105.0` .", + "title": "Expression", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MinimumTriggerIntervalMs": { + "markdownDescription": "The minimum duration of time between two triggering events to collect data, in milliseconds.\n\n> If a signal changes often, you might want to collect data at a slower rate.", + "title": "MinimumTriggerIntervalMs", + "type": "number" + }, + "TriggerMode": { + "markdownDescription": "Whether to collect data for all triggering events ( `ALWAYS` ). Specify ( `RISING_EDGE` ), or specify only when the condition first evaluates to false. For example, triggering on \"AirbagDeployed\"; Users aren't interested on triggering when the airbag is already exploded; they only care about the change from not deployed => deployed.", + "title": "TriggerMode", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.ConditionBasedSignalFetchConfig": { + "additionalProperties": false, + "properties": { + "ConditionExpression": { + "markdownDescription": "The condition that must be satisfied to trigger a signal fetch.", + "title": "ConditionExpression", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TriggerMode": { + "markdownDescription": "Indicates the mode in which the signal fetch is triggered.", + "title": "TriggerMode", + "type": "string" + } + }, + "required": [ + "ConditionExpression", + "TriggerMode" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataDestinationConfig": { + "additionalProperties": false, + "properties": { + "MqttTopicConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.MqttTopicConfig", + "markdownDescription": "The MQTT topic to which the AWS IoT FleetWise campaign routes data.\n\n> Access to certain AWS IoT FleetWise features is currently gated. For more information, see [AWS Region and feature availability](https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/fleetwise-regions.html) in the *AWS IoT FleetWise Developer Guide* .", + "title": "MqttTopicConfig" }, - "Metadata": { - "type": "object" + "S3Config": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.S3Config", + "markdownDescription": "The Amazon S3 bucket where the AWS IoT FleetWise campaign sends data.", + "title": "S3Config" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AuthType": { - "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", - "title": "AuthType", - "type": "string" - }, - "Cors": { - "$ref": "#/definitions/AWS::Lambda::Url.Cors", - "markdownDescription": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.", - "title": "Cors" - }, - "InvokeMode": { - "markdownDescription": "Use one of the following options:\n\n- `BUFFERED` \u2013 This is the default option. Lambda invokes your function using the `Invoke` API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.\n- `RESPONSE_STREAM` \u2013 Your function streams payload results as they become available. Lambda invokes your function using the `InvokeWithResponseStream` API operation. The maximum response payload size is 20 MB, however, you can [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) .", - "title": "InvokeMode", - "type": "string" - }, - "Qualifier": { - "markdownDescription": "The alias name.", - "title": "Qualifier", - "type": "string" - }, - "TargetFunctionArn": { - "markdownDescription": "The name of the Lambda function.\n\n**Name formats** - *Function name* - `my-function` .\n- *Function ARN* - `lambda: : :function:my-function` .\n- *Partial ARN* - `:function:my-function` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "TargetFunctionArn", - "type": "string" - } - }, - "required": [ - "AuthType", - "TargetFunctionArn" - ], - "type": "object" + "TimestreamConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimestreamConfig", + "markdownDescription": "The Amazon Timestream table where the campaign sends data.", + "title": "TimestreamConfig" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataPartition": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the data partition. The data partition ID must be unique within a campaign. You can establish a data partition as the default partition for a campaign by using `default` as the ID.", + "title": "Id", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Lambda::Url" - ], + "StorageOptions": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartitionStorageOptions", + "markdownDescription": "The storage options for a data partition.", + "title": "StorageOptions" + }, + "UploadOptions": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataPartitionUploadOptions", + "markdownDescription": "The upload options for the data partition.", + "title": "UploadOptions" + } + }, + "required": [ + "Id", + "StorageOptions" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataPartitionStorageOptions": { + "additionalProperties": false, + "properties": { + "MaximumSize": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.StorageMaximumSize", + "markdownDescription": "The maximum storage size of the data stored in the data partition.\n\n> Newer data overwrites older data when the partition reaches the maximum size.", + "title": "MaximumSize" + }, + "MinimumTimeToLive": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.StorageMinimumTimeToLive", + "markdownDescription": "The amount of time that data in this partition will be kept on disk.\n\n- After the designated amount of time passes, the data can be removed, but it's not guaranteed to be removed.\n- Before the time expires, data in this partition can still be deleted if the partition reaches its configured maximum size.\n- Newer data will overwrite older data when the partition reaches the maximum size.", + "title": "MinimumTimeToLive" + }, + "StorageLocation": { + "markdownDescription": "The folder name for the data partition under the campaign storage folder.", + "title": "StorageLocation", "type": "string" + } + }, + "required": [ + "MaximumSize", + "MinimumTimeToLive", + "StorageLocation" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.DataPartitionUploadOptions": { + "additionalProperties": false, + "properties": { + "ConditionLanguageVersion": { + "markdownDescription": "The version of the condition language. Defaults to the most recent condition language version.", + "title": "ConditionLanguageVersion", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expression": { + "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.`Vehicle.OutsideAirTemperature` >= 105.0` .", + "title": "Expression", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expression" ], "type": "object" }, - "AWS::Lambda::Url.Cors": { + "AWS::IoTFleetWise::Campaign.MqttTopicConfig": { "additionalProperties": false, "properties": { - "AllowCredentials": { - "markdownDescription": "Whether you want to allow cookies or other credentials in requests to your function URL. The default is `false` .", - "title": "AllowCredentials", - "type": "boolean" + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the role that grants AWS IoT FleetWise permission to access and act on messages sent to the MQTT topic.", + "title": "ExecutionRoleArn", + "type": "string" }, - "AllowHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "The HTTP headers that origins can include in requests to your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", - "title": "AllowHeaders", - "type": "array" + "MqttTopicArn": { + "markdownDescription": "The ARN of the MQTT topic.", + "title": "MqttTopicArn", + "type": "string" + } + }, + "required": [ + "ExecutionRoleArn", + "MqttTopicArn" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.S3Config": { + "additionalProperties": false, + "properties": { + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket.", + "title": "BucketArn", + "type": "string" }, - "AllowMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "The HTTP methods that are allowed when calling your function URL. For example: `GET` , `POST` , `DELETE` , or the wildcard character ( `*` ).", - "title": "AllowMethods", - "type": "array" + "DataFormat": { + "markdownDescription": "Specify the format that files are saved in the Amazon S3 bucket. You can save files in an Apache Parquet or JSON format.\n\n- Parquet - Store data in a columnar storage file format. Parquet is optimal for fast data retrieval and can reduce costs. This option is selected by default.\n- JSON - Store data in a standard text-based JSON file format.", + "title": "DataFormat", + "type": "string" }, - "AllowOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example: `https://www.example.com` , `http://localhost:60905` .\n\nAlternatively, you can grant access to all origins with the wildcard character ( `*` ).", - "title": "AllowOrigins", - "type": "array" + "Prefix": { + "markdownDescription": "Enter an S3 bucket prefix. The prefix is the string of characters after the bucket name and before the object name. You can use the prefix to organize data stored in Amazon S3 buckets. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .\n\nBy default, AWS IoT FleetWise sets the prefix `processed-data/year=YY/month=MM/date=DD/hour=HH/` (in UTC) to data it delivers to Amazon S3 . You can enter a prefix to append it to this default prefix. For example, if you enter the prefix `vehicles` , the prefix will be `vehicles/processed-data/year=YY/month=MM/date=DD/hour=HH/` .", + "title": "Prefix", + "type": "string" }, - "ExposeHeaders": { + "StorageCompressionFormat": { + "markdownDescription": "By default, stored data is compressed as a .gzip file. Compressed files have a reduced file size, which can optimize the cost of data storage.", + "title": "StorageCompressionFormat", + "type": "string" + } + }, + "required": [ + "BucketArn" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.SignalFetchConfig": { + "additionalProperties": false, + "properties": { + "ConditionBased": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedSignalFetchConfig", + "markdownDescription": "The configuration of a condition-based signal fetch operation.", + "title": "ConditionBased" + }, + "TimeBased": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedSignalFetchConfig", + "markdownDescription": "The configuration of a time-based signal fetch operation.", + "title": "TimeBased" + } + }, + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.SignalFetchInformation": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { "type": "string" }, - "markdownDescription": "The HTTP headers in your function response that you want to expose to origins that call your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", - "title": "ExposeHeaders", + "markdownDescription": "The actions to be performed by the signal fetch.", + "title": "Actions", "type": "array" }, - "MaxAge": { - "markdownDescription": "The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results.", - "title": "MaxAge", + "ConditionLanguageVersion": { + "markdownDescription": "The version of the condition language used.", + "title": "ConditionLanguageVersion", "type": "number" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the signal to be fetched.", + "title": "FullyQualifiedName", + "type": "string" + }, + "SignalFetchConfig": { + "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalFetchConfig", + "markdownDescription": "The configuration of the signal fetch operation.", + "title": "SignalFetchConfig" } }, + "required": [ + "Actions", + "FullyQualifiedName", + "SignalFetchConfig" + ], "type": "object" }, - "AWS::Lambda::Version": { + "AWS::IoTFleetWise::Campaign.SignalInformation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DataPartitionId": { + "markdownDescription": "The ID of the data partition this signal is associated with.\n\nThe ID must match one of the IDs provided in `dataPartitions` . This is accomplished either by specifying a particular data partition ID or by using `default` for an established default partition. You can establish a default partition in the `DataPartition` data type.\n\n> If you upload a signal as a condition for a campaign's data partition, the same signal must be included in `signalsToCollect` . > Access to certain AWS IoT FleetWise features is currently gated. For more information, see [AWS Region and feature availability](https://docs.aws.amazon.com/iot-fleetwise/latest/developerguide/fleetwise-regions.html) in the *AWS IoT FleetWise Developer Guide* .", + "title": "DataPartitionId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "MaxSampleCount": { + "markdownDescription": "The maximum number of samples to collect.", + "title": "MaxSampleCount", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CodeSha256": { - "markdownDescription": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.", - "title": "CodeSha256", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the version to override the description in the function configuration. Updates are not supported for this property.", - "title": "Description", - "type": "string" - }, - "FunctionName": { - "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", - "title": "FunctionName", - "type": "string" - }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/AWS::Lambda::Version.ProvisionedConcurrencyConfiguration", - "markdownDescription": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.", - "title": "ProvisionedConcurrencyConfig" - }, - "RuntimePolicy": { - "$ref": "#/definitions/AWS::Lambda::Version.RuntimePolicy", - "markdownDescription": "", - "title": "RuntimePolicy" - } - }, - "required": [ - "FunctionName" - ], - "type": "object" + "MinimumSamplingIntervalMs": { + "markdownDescription": "The minimum duration of time (in milliseconds) between two triggering events to collect data.\n\n> If a signal changes often, you might want to collect data at a slower rate.", + "title": "MinimumSamplingIntervalMs", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Lambda::Version" - ], + "Name": { + "markdownDescription": "The name of the signal.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.StorageMaximumSize": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The data type of the data to store.", + "title": "Unit", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The maximum amount of time to store data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.StorageMinimumTimeToLive": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "The time increment type.", + "title": "Unit", "type": "string" + }, + "Value": { + "markdownDescription": "The minimum amount of time to store the data.", + "title": "Value", + "type": "number" } }, "required": [ - "Type", - "Properties" + "Unit", + "Value" ], "type": "object" }, - "AWS::Lambda::Version.ProvisionedConcurrencyConfiguration": { + "AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme": { "additionalProperties": false, "properties": { - "ProvisionedConcurrentExecutions": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the version.", - "title": "ProvisionedConcurrentExecutions", + "PeriodMs": { + "markdownDescription": "The time period (in milliseconds) to decide how often to collect data. For example, if the time period is `60000` , the Edge Agent software collects data once every minute.", + "title": "PeriodMs", "type": "number" } }, "required": [ - "ProvisionedConcurrentExecutions" + "PeriodMs" ], "type": "object" }, - "AWS::Lambda::Version.RuntimePolicy": { + "AWS::IoTFleetWise::Campaign.TimeBasedSignalFetchConfig": { "additionalProperties": false, "properties": { - "RuntimeVersionArn": { - "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", - "title": "RuntimeVersionArn", + "ExecutionFrequencyMs": { + "markdownDescription": "The frequency with which the signal fetch will be executed.", + "title": "ExecutionFrequencyMs", + "type": "number" + } + }, + "required": [ + "ExecutionFrequencyMs" + ], + "type": "object" + }, + "AWS::IoTFleetWise::Campaign.TimestreamConfig": { + "additionalProperties": false, + "properties": { + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants AWS IoT FleetWise permission to deliver data to the Amazon Timestream table.", + "title": "ExecutionRoleArn", "type": "string" }, - "UpdateRuntimeOn": { - "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", - "title": "UpdateRuntimeOn", + "TimestreamTableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Timestream table.", + "title": "TimestreamTableArn", "type": "string" } }, "required": [ - "UpdateRuntimeOn" + "ExecutionRoleArn", + "TimestreamTableArn" ], "type": "object" }, - "AWS::Lex::Bot": { + "AWS::IoTFleetWise::DecoderManifest": { "additionalProperties": false, "properties": { "Condition": { @@ -143733,82 +153725,65 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoBuildBotLocales": { - "markdownDescription": "Indicates whether Amazon Lex V2 should automatically build the locales for the bot after a change.", - "title": "AutoBuildBotLocales", - "type": "boolean" - }, - "BotFileS3Location": { - "$ref": "#/definitions/AWS::Lex::Bot.S3Location", - "markdownDescription": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*", - "title": "BotFileS3Location" - }, - "BotLocales": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.BotLocale" - }, - "markdownDescription": "A list of locales for the bot.", - "title": "BotLocales", - "type": "array" - }, - "BotTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to add to the bot. You can only add tags when you import a bot. You can't use the `UpdateBot` operation to update tags. To update tags, use the `TagResource` operation.", - "title": "BotTags", - "type": "array" - }, - "DataPrivacy": { - "$ref": "#/definitions/AWS::Lex::Bot.DataPrivacy", - "markdownDescription": "By default, data stored by Amazon Lex is encrypted. The `DataPrivacy` structure provides settings that determine how Amazon Lex handles special cases of securing the data for your bot.", - "title": "DataPrivacy" + "DefaultForUnmappedSignals": { + "markdownDescription": "Use default decoders for all unmapped signals in the model. You don't need to provide any detailed decoding information.", + "title": "DefaultForUnmappedSignals", + "type": "string" }, "Description": { - "markdownDescription": "The description of the version.", + "markdownDescription": "A brief description of the decoder manifest.", "title": "Description", "type": "string" }, - "IdleSessionTTLInSeconds": { - "markdownDescription": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Lex deletes any data provided before the timeout.\n\nYou can specify between 60 (1 minute) and 86,400 (24 hours) seconds.", - "title": "IdleSessionTTLInSeconds", - "type": "number" + "ModelManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle model (model manifest) associated with the decoder manifest.", + "title": "ModelManifestArn", + "type": "string" }, "Name": { - "markdownDescription": "The name of the bot locale.", + "markdownDescription": "The name of the decoder manifest.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot.", - "title": "RoleArn", - "type": "string" + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems" + }, + "markdownDescription": "A list of information about available network interfaces.", + "title": "NetworkInterfaces", + "type": "array" }, - "TestBotAliasSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.TestBotAliasSettings", - "markdownDescription": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values.", - "title": "TestBotAliasSettings" + "SignalDecoders": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems" + }, + "markdownDescription": "A list of information about signal decoders.", + "title": "SignalDecoders", + "type": "array" }, - "TestBotAliasTags": { + "Status": { + "markdownDescription": "The state of the decoder manifest. If the status is `ACTIVE` , the decoder manifest can't be edited. If the status is marked `DRAFT` , you can edit the decoder manifest.", + "title": "Status", + "type": "string" + }, + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to add to the test alias for a bot. You can only add tags when you import a bot. You can't use the `UpdateAlias` operation to update tags. To update tags on the test alias, use the `TagResource` operation.", - "title": "TestBotAliasTags", + "markdownDescription": "Metadata that can be used to manage the decoder manifest.", + "title": "Tags", "type": "array" } }, "required": [ - "DataPrivacy", - "IdleSessionTTLInSeconds", - "Name", - "RoleArn" + "ModelManifestArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::Bot" + "AWS::IoTFleetWise::DecoderManifest" ], "type": "string" }, @@ -143827,2003 +153802,2127 @@ ], "type": "object" }, - "AWS::Lex::Bot.AdvancedRecognitionSetting": { + "AWS::IoTFleetWise::DecoderManifest.CanInterface": { "additionalProperties": false, "properties": { - "AudioRecognitionStrategy": { - "markdownDescription": "Enables using the slot values as a custom vocabulary for recognizing user utterances.", - "title": "AudioRecognitionStrategy", + "Name": { + "markdownDescription": "The unique name of the interface.", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.AllowedInputTypes": { - "additionalProperties": false, - "properties": { - "AllowAudioInput": { - "markdownDescription": "Indicates whether audio input is allowed.", - "title": "AllowAudioInput", - "type": "boolean" }, - "AllowDTMFInput": { - "markdownDescription": "Indicates whether DTMF input is allowed.", - "title": "AllowDTMFInput", - "type": "boolean" + "ProtocolName": { + "markdownDescription": "The name of the communication protocol for the interface.", + "title": "ProtocolName", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "The version of the communication protocol for the interface.", + "title": "ProtocolVersion", + "type": "string" } }, "required": [ - "AllowAudioInput", - "AllowDTMFInput" + "Name" ], "type": "object" }, - "AWS::Lex::Bot.AudioAndDTMFInputSpecification": { + "AWS::IoTFleetWise::DecoderManifest.CanSignal": { "additionalProperties": false, "properties": { - "AudioSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioSpecification", - "markdownDescription": "Specifies the settings on audio input.", - "title": "AudioSpecification" + "Factor": { + "markdownDescription": "A multiplier used to decode the CAN message.", + "title": "Factor", + "type": "string" }, - "DTMFSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.DTMFSpecification", - "markdownDescription": "Specifies the settings on DTMF input.", - "title": "DTMFSpecification" + "IsBigEndian": { + "markdownDescription": "Whether the byte ordering of a CAN message is big-endian.", + "title": "IsBigEndian", + "type": "string" }, - "StartTimeoutMs": { - "markdownDescription": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.", - "title": "StartTimeoutMs", - "type": "number" + "IsSigned": { + "markdownDescription": "Whether the message data is specified as a signed value.", + "title": "IsSigned", + "type": "string" + }, + "Length": { + "markdownDescription": "How many bytes of data are in the message.", + "title": "Length", + "type": "string" + }, + "MessageId": { + "markdownDescription": "The ID of the message.", + "title": "MessageId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the signal.", + "title": "Name", + "type": "string" + }, + "Offset": { + "markdownDescription": "The offset used to calculate the signal value. Combined with factor, the calculation is `value = raw_value * factor + offset` .", + "title": "Offset", + "type": "string" + }, + "SignalValueType": { + "markdownDescription": "The value type of the signal. The default value is `INTEGER` .", + "title": "SignalValueType", + "type": "string" + }, + "StartBit": { + "markdownDescription": "Indicates the beginning of the CAN message.", + "title": "StartBit", + "type": "string" } }, "required": [ - "StartTimeoutMs" + "Factor", + "IsBigEndian", + "IsSigned", + "Length", + "MessageId", + "Offset", + "StartBit" ], "type": "object" }, - "AWS::Lex::Bot.AudioLogDestination": { + "AWS::IoTFleetWise::DecoderManifest.CustomDecodingInterface": { "additionalProperties": false, "properties": { - "S3Bucket": { - "$ref": "#/definitions/AWS::Lex::Bot.S3BucketLogDestination", - "markdownDescription": "Specifies the Amazon S3 bucket where the audio files are stored.", - "title": "S3Bucket" + "Name": { + "markdownDescription": "The name of the interface.", + "title": "Name", + "type": "string" } }, "required": [ - "S3Bucket" + "Name" ], "type": "object" }, - "AWS::Lex::Bot.AudioLogSetting": { + "AWS::IoTFleetWise::DecoderManifest.CustomDecodingSignal": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioLogDestination", - "markdownDescription": "Specifies the location of the audio log files collected when conversation logging is enabled for a bot.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Determines whether audio logging in enabled for the bot.", - "title": "Enabled", - "type": "boolean" + "Id": { + "markdownDescription": "The ID of the signal.", + "title": "Id", + "type": "string" } }, "required": [ - "Destination", - "Enabled" + "Id" ], "type": "object" }, - "AWS::Lex::Bot.AudioSpecification": { + "AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems": { "additionalProperties": false, "properties": { - "EndTimeoutMs": { - "markdownDescription": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.", - "title": "EndTimeoutMs", - "type": "number" + "CanInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanInterface" }, - "MaxLengthMs": { - "markdownDescription": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.", - "title": "MaxLengthMs", - "type": "number" - } - }, - "required": [ - "EndTimeoutMs", - "MaxLengthMs" - ], - "type": "object" - }, - "AWS::Lex::Bot.BotAliasLocaleSettings": { - "additionalProperties": false, - "properties": { - "CodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.CodeHookSpecification", - "markdownDescription": "Specifies the Lambda function that should be used in the locale.", - "title": "CodeHookSpecification" + "CustomDecodingInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CustomDecodingInterface" }, - "Enabled": { - "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::Lex::Bot.BotAliasLocaleSettingsItem": { - "additionalProperties": false, - "properties": { - "BotAliasLocaleSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettings", - "markdownDescription": "Specifies locale settings for a locale.", - "title": "BotAliasLocaleSetting" + "InterfaceId": { + "type": "string" }, - "LocaleId": { - "markdownDescription": "Specifies the locale that the settings apply to.", - "title": "LocaleId", + "ObdInterface": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdInterface" + }, + "Type": { "type": "string" } }, "required": [ - "BotAliasLocaleSetting", - "LocaleId" + "InterfaceId", + "Type" ], "type": "object" }, - "AWS::Lex::Bot.BotLocale": { + "AWS::IoTFleetWise::DecoderManifest.ObdInterface": { "additionalProperties": false, "properties": { - "CustomVocabulary": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabulary", - "markdownDescription": "Specifies a custom vocabulary to use with a specific locale.", - "title": "CustomVocabulary" + "DtcRequestIntervalSeconds": { + "markdownDescription": "The maximum number message requests per diagnostic trouble code per second.", + "title": "DtcRequestIntervalSeconds", + "type": "string" }, - "Description": { - "markdownDescription": "A description of the bot locale. Use this to help identify the bot locale in lists.", - "title": "Description", + "HasTransmissionEcu": { + "markdownDescription": "Whether the vehicle has a transmission control module (TCM).", + "title": "HasTransmissionEcu", "type": "string" }, - "Intents": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Intent" - }, - "markdownDescription": "One or more intents defined for the locale.", - "title": "Intents", - "type": "array" + "Name": { + "markdownDescription": "The name of the interface.", + "title": "Name", + "type": "string" }, - "LocaleId": { - "markdownDescription": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales.", - "title": "LocaleId", + "ObdStandard": { + "markdownDescription": "The standard OBD II PID.", + "title": "ObdStandard", "type": "string" }, - "NluConfidenceThreshold": { - "markdownDescription": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot.", - "title": "NluConfidenceThreshold", - "type": "number" + "PidRequestIntervalSeconds": { + "markdownDescription": "The maximum number message requests per second.", + "title": "PidRequestIntervalSeconds", + "type": "string" }, - "SlotTypes": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotType" - }, - "markdownDescription": "One or more slot types defined for the locale.", - "title": "SlotTypes", - "type": "array" + "RequestMessageId": { + "markdownDescription": "The ID of the message requesting vehicle data.", + "title": "RequestMessageId", + "type": "string" }, - "VoiceSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.VoiceSettings", - "markdownDescription": "Defines settings for using an Amazon Polly voice to communicate with a user.\n\nValid values include:\n\n- `standard`\n- `neural`\n- `long-form`\n- `generative`", - "title": "VoiceSettings" + "UseExtendedIds": { + "markdownDescription": "Whether to use extended IDs in the message.", + "title": "UseExtendedIds", + "type": "string" } }, "required": [ - "LocaleId", - "NluConfidenceThreshold" + "Name", + "RequestMessageId" ], "type": "object" }, - "AWS::Lex::Bot.Button": { + "AWS::IoTFleetWise::DecoderManifest.ObdSignal": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The text that appears on the button. Use this to tell the user what value is returned when they choose this button.", - "title": "Text", + "BitMaskLength": { + "markdownDescription": "The number of bits to mask in a message.", + "title": "BitMaskLength", "type": "string" }, - "Value": { - "markdownDescription": "The value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.", - "title": "Value", + "BitRightShift": { + "markdownDescription": "The number of positions to shift bits in the message.", + "title": "BitRightShift", + "type": "string" + }, + "ByteLength": { + "markdownDescription": "The length of a message.", + "title": "ByteLength", + "type": "string" + }, + "IsSigned": { + "markdownDescription": "Determines whether the message is signed ( `true` ) or not ( `false` ). If it's signed, the message can represent both positive and negative numbers. The `isSigned` parameter only applies to the `INTEGER` raw signal type, and it doesn't affect the `FLOATING_POINT` raw signal type. The default value is `false` .", + "title": "IsSigned", + "type": "string" + }, + "Offset": { + "markdownDescription": "The offset used to calculate the signal value. Combined with scaling, the calculation is `value = raw_value * scaling + offset` .", + "title": "Offset", + "type": "string" + }, + "Pid": { + "markdownDescription": "The diagnostic code used to request data from a vehicle for this signal.", + "title": "Pid", + "type": "string" + }, + "PidResponseLength": { + "markdownDescription": "The length of the requested data.", + "title": "PidResponseLength", + "type": "string" + }, + "Scaling": { + "markdownDescription": "A multiplier used to decode the message.", + "title": "Scaling", + "type": "string" + }, + "ServiceMode": { + "markdownDescription": "The mode of operation (diagnostic service) in a message.", + "title": "ServiceMode", + "type": "string" + }, + "SignalValueType": { + "markdownDescription": "The value type of the signal. The default value is `INTEGER` .", + "title": "SignalValueType", + "type": "string" + }, + "StartByte": { + "markdownDescription": "Indicates the beginning of the message.", + "title": "StartByte", "type": "string" } }, "required": [ - "Text", - "Value" + "ByteLength", + "Offset", + "Pid", + "PidResponseLength", + "Scaling", + "ServiceMode", + "StartByte" ], "type": "object" }, - "AWS::Lex::Bot.CloudWatchLogGroupLogDestination": { + "AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", - "title": "CloudWatchLogGroupArn", + "CanSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanSignal" + }, + "CustomDecodingSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CustomDecodingSignal" + }, + "FullyQualifiedName": { "type": "string" }, - "LogPrefix": { - "markdownDescription": "The prefix of the log stream name within the log group that you specified", - "title": "LogPrefix", + "InterfaceId": { + "type": "string" + }, + "ObdSignal": { + "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdSignal" + }, + "Type": { "type": "string" } }, "required": [ - "CloudWatchLogGroupArn", - "LogPrefix" + "FullyQualifiedName", + "InterfaceId", + "Type" ], "type": "object" }, - "AWS::Lex::Bot.CodeHookSpecification": { + "AWS::IoTFleetWise::Fleet": { "additionalProperties": false, "properties": { - "LambdaCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.LambdaCodeHook", - "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", - "title": "LambdaCodeHook" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A brief description of the fleet.", + "title": "Description", + "type": "string" + }, + "Id": { + "markdownDescription": "The unique ID of the fleet.", + "title": "Id", + "type": "string" + }, + "SignalCatalogArn": { + "markdownDescription": "The ARN of the signal catalog associated with the fleet.", + "title": "SignalCatalogArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the fleet.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id", + "SignalCatalogArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTFleetWise::Fleet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "LambdaCodeHook" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.Condition": { + "AWS::IoTFleetWise::ModelManifest": { "additionalProperties": false, "properties": { - "ExpressionString": { - "markdownDescription": "The expression string that is evaluated.", - "title": "ExpressionString", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A brief description of the vehicle model.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the vehicle model.", + "title": "Name", + "type": "string" + }, + "Nodes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of nodes, which are a general abstraction of signals.", + "title": "Nodes", + "type": "array" + }, + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the vehicle model.", + "title": "SignalCatalogArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The state of the vehicle model. If the status is `ACTIVE` , the vehicle model can't be edited. If the status is `DRAFT` , you can edit the vehicle model.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the vehicle model.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "SignalCatalogArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTFleetWise::ModelManifest" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ExpressionString" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.ConditionalBranch": { + "AWS::IoTFleetWise::SignalCatalog": { "additionalProperties": false, "properties": { "Condition": { - "$ref": "#/definitions/AWS::Lex::Bot.Condition", - "markdownDescription": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken.", - "title": "Condition" + "type": "string" }, - "Name": { - "markdownDescription": "The name of the branch.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Response": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "Response" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A brief description of the signal catalog.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the signal catalog.", + "title": "Name", + "type": "string" + }, + "NodeCounts": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.NodeCounts", + "markdownDescription": "Information about the number of nodes and node types in a vehicle network.", + "title": "NodeCounts" + }, + "Nodes": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Node" + }, + "markdownDescription": "A list of information about nodes, which are a general abstraction of signals.", + "title": "Nodes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the signal catalog.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTFleetWise::SignalCatalog" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Condition", - "Name", - "NextStep" + "Type" ], "type": "object" }, - "AWS::Lex::Bot.ConditionalSpecification": { + "AWS::IoTFleetWise::SignalCatalog.Actuator": { "additionalProperties": false, "properties": { - "ConditionalBranches": { + "AllowedValues": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalBranch" + "type": "string" }, - "markdownDescription": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true.", - "title": "ConditionalBranches", + "markdownDescription": "A list of possible values an actuator can take.", + "title": "AllowedValues", "type": "array" }, - "DefaultBranch": { - "$ref": "#/definitions/AWS::Lex::Bot.DefaultConditionalBranch", - "markdownDescription": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step.", - "title": "DefaultBranch" + "AssignedValue": { + "markdownDescription": "A specified value for the actuator.", + "title": "AssignedValue", + "type": "string" }, - "IsActive": { - "markdownDescription": "Determines whether a conditional branch is active. When `IsActive` is false, the conditions are not evaluated.", - "title": "IsActive", - "type": "boolean" + "DataType": { + "markdownDescription": "The specified data type of the actuator.", + "title": "DataType", + "type": "string" + }, + "Description": { + "markdownDescription": "A brief description of the actuator.", + "title": "Description", + "type": "string" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the actuator. For example, the fully qualified name of an actuator might be `Vehicle.Front.Left.Door.Lock` .", + "title": "FullyQualifiedName", + "type": "string" + }, + "Max": { + "markdownDescription": "The specified possible maximum value of an actuator.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The specified possible minimum value of an actuator.", + "title": "Min", + "type": "number" + }, + "Unit": { + "markdownDescription": "The scientific unit for the actuator.", + "title": "Unit", + "type": "string" } }, "required": [ - "ConditionalBranches", - "DefaultBranch", - "IsActive" + "DataType", + "FullyQualifiedName" ], "type": "object" }, - "AWS::Lex::Bot.ConversationLogSettings": { + "AWS::IoTFleetWise::SignalCatalog.Attribute": { "additionalProperties": false, "properties": { - "AudioLogSettings": { + "AllowedValues": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioLogSetting" + "type": "string" }, - "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", - "title": "AudioLogSettings", + "markdownDescription": "A list of possible values an attribute can be assigned.", + "title": "AllowedValues", "type": "array" }, - "TextLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.TextLogSetting" - }, - "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", - "title": "TextLogSettings", - "type": "array" + "AssignedValue": { + "markdownDescription": "A specified value for the attribute.", + "title": "AssignedValue", + "type": "string" + }, + "DataType": { + "markdownDescription": "The specified data type of the attribute.", + "title": "DataType", + "type": "string" + }, + "DefaultValue": { + "markdownDescription": "The default value of the attribute.", + "title": "DefaultValue", + "type": "string" + }, + "Description": { + "markdownDescription": "A brief description of the attribute.", + "title": "Description", + "type": "string" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the attribute. For example, the fully qualified name of an attribute might be `Vehicle.Body.Engine.Type` .", + "title": "FullyQualifiedName", + "type": "string" + }, + "Max": { + "markdownDescription": "The specified possible maximum value of the attribute.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The specified possible minimum value of the attribute.", + "title": "Min", + "type": "number" + }, + "Unit": { + "markdownDescription": "The scientific unit for the attribute.", + "title": "Unit", + "type": "string" } }, + "required": [ + "DataType", + "FullyQualifiedName" + ], "type": "object" }, - "AWS::Lex::Bot.CustomPayload": { + "AWS::IoTFleetWise::SignalCatalog.Branch": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The string that is sent to your application.", - "title": "Value", + "Description": { + "markdownDescription": "A brief description of the branch.", + "title": "Description", + "type": "string" + }, + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the branch. For example, the fully qualified name of a branch might be `Vehicle.Body.Engine` .", + "title": "FullyQualifiedName", "type": "string" } }, "required": [ - "Value" + "FullyQualifiedName" ], "type": "object" }, - "AWS::Lex::Bot.CustomVocabulary": { + "AWS::IoTFleetWise::SignalCatalog.Node": { "additionalProperties": false, "properties": { - "CustomVocabularyItems": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabularyItem" - }, - "markdownDescription": "Specifies a list of words that you expect to be used during a conversation with your bot.", - "title": "CustomVocabularyItems", - "type": "array" + "Actuator": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Actuator", + "markdownDescription": "Information about a node specified as an actuator.\n\n> An actuator is a digital representation of a vehicle device.", + "title": "Actuator" + }, + "Attribute": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Attribute", + "markdownDescription": "Information about a node specified as an attribute.\n\n> An attribute represents static information about a vehicle.", + "title": "Attribute" + }, + "Branch": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Branch", + "markdownDescription": "Information about a node specified as a branch.\n\n> A group of signals that are defined in a hierarchical structure.", + "title": "Branch" + }, + "Sensor": { + "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Sensor", + "markdownDescription": "An input component that reports the environmental condition of a vehicle.\n\n> You can collect data about fluid levels, temperatures, vibrations, or battery voltage from sensors.", + "title": "Sensor" } }, - "required": [ - "CustomVocabularyItems" - ], "type": "object" }, - "AWS::Lex::Bot.CustomVocabularyItem": { + "AWS::IoTFleetWise::SignalCatalog.NodeCounts": { "additionalProperties": false, "properties": { - "DisplayAs": { - "markdownDescription": "The DisplayAs value for the custom vocabulary item from the custom vocabulary list.", - "title": "DisplayAs", - "type": "string" + "TotalActuators": { + "markdownDescription": "The total number of nodes in a vehicle network that represent actuators.", + "title": "TotalActuators", + "type": "number" }, - "Phrase": { - "markdownDescription": "Specifies 1 - 4 words that should be recognized.", - "title": "Phrase", - "type": "string" + "TotalAttributes": { + "markdownDescription": "The total number of nodes in a vehicle network that represent attributes.", + "title": "TotalAttributes", + "type": "number" }, - "Weight": { - "markdownDescription": "Specifies the degree to which the phrase recognition is boosted. The default value is 1.", - "title": "Weight", + "TotalBranches": { + "markdownDescription": "The total number of nodes in a vehicle network that represent branches.", + "title": "TotalBranches", + "type": "number" + }, + "TotalNodes": { + "markdownDescription": "The total number of nodes in a vehicle network.", + "title": "TotalNodes", + "type": "number" + }, + "TotalSensors": { + "markdownDescription": "The total number of nodes in a vehicle network that represent sensors.", + "title": "TotalSensors", "type": "number" } }, - "required": [ - "Phrase" - ], "type": "object" }, - "AWS::Lex::Bot.DTMFSpecification": { + "AWS::IoTFleetWise::SignalCatalog.Sensor": { "additionalProperties": false, "properties": { - "DeletionCharacter": { - "markdownDescription": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.", - "title": "DeletionCharacter", + "AllowedValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values a sensor can take.", + "title": "AllowedValues", + "type": "array" + }, + "DataType": { + "markdownDescription": "The specified data type of the sensor.", + "title": "DataType", "type": "string" }, - "EndCharacter": { - "markdownDescription": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.", - "title": "EndCharacter", + "Description": { + "markdownDescription": "A brief description of a sensor.", + "title": "Description", "type": "string" }, - "EndTimeoutMs": { - "markdownDescription": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.", - "title": "EndTimeoutMs", + "FullyQualifiedName": { + "markdownDescription": "The fully qualified name of the sensor. For example, the fully qualified name of a sensor might be `Vehicle.Body.Engine.Battery` .", + "title": "FullyQualifiedName", + "type": "string" + }, + "Max": { + "markdownDescription": "The specified possible maximum value of the sensor.", + "title": "Max", "type": "number" }, - "MaxLength": { - "markdownDescription": "The maximum number of DTMF digits allowed in an utterance.", - "title": "MaxLength", + "Min": { + "markdownDescription": "The specified possible minimum value of the sensor.", + "title": "Min", "type": "number" + }, + "Unit": { + "markdownDescription": "The scientific unit of measurement for data collected by the sensor.", + "title": "Unit", + "type": "string" } }, "required": [ - "DeletionCharacter", - "EndCharacter", - "EndTimeoutMs", - "MaxLength" - ], - "type": "object" - }, - "AWS::Lex::Bot.DataPrivacy": { - "additionalProperties": false, - "properties": { - "ChildDirected": { - "markdownDescription": "For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) .", - "title": "ChildDirected", - "type": "boolean" - } - }, - "required": [ - "ChildDirected" + "DataType", + "FullyQualifiedName" ], "type": "object" }, - "AWS::Lex::Bot.DefaultConditionalBranch": { + "AWS::IoTFleetWise::StateTemplate": { "additionalProperties": false, "properties": { - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" + "Condition": { + "type": "string" }, - "Response": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "Response" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.DialogAction": { - "additionalProperties": false, - "properties": { - "SlotToElicit": { - "markdownDescription": "If the dialog action is `ElicitSlot` , defines the slot to elicit from the user.", - "title": "SlotToElicit", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SuppressNextMessage": { - "markdownDescription": "When true the next message for the intent is not used.", - "title": "SuppressNextMessage", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DataExtraDimensions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of vehicle attributes associated with the payload published on the state template's MQTT topic.", + "title": "DataExtraDimensions", + "type": "array" + }, + "Description": { + "markdownDescription": "A brief description of the state template.", + "title": "Description", + "type": "string" + }, + "MetadataExtraDimensions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of vehicle attributes to associate with the user properties of the messages published on the state template's MQTT topic. For example, if you add `Vehicle.Attributes.Make` and `Vehicle.Attributes.Model` attributes, these attributes are included as user properties with the MQTT message.", + "title": "MetadataExtraDimensions", + "type": "array" + }, + "Name": { + "markdownDescription": "The unique alias of the state template.", + "title": "Name", + "type": "string" + }, + "SignalCatalogArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the state template.", + "title": "SignalCatalogArn", + "type": "string" + }, + "StateTemplateProperties": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of signals from which data is collected. The state template properties contain the fully qualified names of the signals.", + "title": "StateTemplateProperties", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata that can be used to manage the state template.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "SignalCatalogArn", + "StateTemplateProperties" + ], + "type": "object" }, "Type": { - "markdownDescription": "The action that the bot should execute.", - "title": "Type", + "enum": [ + "AWS::IoTFleetWise::StateTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.DialogCodeHookInvocationSetting": { + "AWS::IoTFleetWise::Vehicle": { "additionalProperties": false, "properties": { - "EnableCodeHookInvocation": { - "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", - "title": "EnableCodeHookInvocation", - "type": "boolean" + "Condition": { + "type": "string" }, - "InvocationLabel": { - "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", - "title": "InvocationLabel", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IsActive": { - "markdownDescription": "Determines whether a dialog code hook is used when the intent is activated.", - "title": "IsActive", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PostCodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification", - "markdownDescription": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete.", - "title": "PostCodeHookSpecification" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssociationBehavior": { + "markdownDescription": "An option to create a new AWS IoT thing when creating a vehicle, or to validate an existing thing as a vehicle.", + "title": "AssociationBehavior", + "type": "string" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "Static information about a vehicle in a key-value pair. For example: `\"engine Type\"` : `\"v6\"`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "DecoderManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a decoder manifest associated with the vehicle to create.", + "title": "DecoderManifestArn", + "type": "string" + }, + "ModelManifestArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the vehicle model (model manifest) to create the vehicle from.", + "title": "ModelManifestArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The unique ID of the vehicle.", + "title": "Name", + "type": "string" + }, + "StateTemplates": { + "items": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.StateTemplateAssociation" + }, + "markdownDescription": "Associate state templates to track the state of the vehicle. State templates determine which signal updates the vehicle sends to the cloud.", + "title": "StateTemplates", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata which can be used to manage the vehicle.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DecoderManifestArn", + "ModelManifestArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTFleetWise::Vehicle" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "EnableCodeHookInvocation", - "IsActive", - "PostCodeHookSpecification" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.DialogCodeHookSetting": { + "AWS::IoTFleetWise::Vehicle.PeriodicStateTemplateUpdateStrategy": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables the dialog code hook so that it processes user requests.", - "title": "Enabled", - "type": "boolean" + "StateTemplateUpdateRate": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.TimePeriod", + "markdownDescription": "", + "title": "StateTemplateUpdateRate" } }, "required": [ - "Enabled" + "StateTemplateUpdateRate" ], "type": "object" }, - "AWS::Lex::Bot.DialogState": { - "additionalProperties": false, - "properties": { - "DialogAction": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogAction", - "markdownDescription": "Defines the action that the bot executes at runtime when the conversation reaches this step.", - "title": "DialogAction" - }, - "Intent": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentOverride", - "markdownDescription": "Override settings to configure the intent state.", - "title": "Intent" - }, - "SessionAttributes": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SessionAttribute" - }, - "markdownDescription": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.", - "title": "SessionAttributes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.ElicitationCodeHookInvocationSetting": { + "AWS::IoTFleetWise::Vehicle.StateTemplateAssociation": { "additionalProperties": false, "properties": { - "EnableCodeHookInvocation": { - "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", - "title": "EnableCodeHookInvocation", - "type": "boolean" - }, - "InvocationLabel": { - "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", - "title": "InvocationLabel", + "Identifier": { + "markdownDescription": "The unique ID of the state template.", + "title": "Identifier", "type": "string" + }, + "StateTemplateUpdateStrategy": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.StateTemplateUpdateStrategy", + "markdownDescription": "", + "title": "StateTemplateUpdateStrategy" } }, "required": [ - "EnableCodeHookInvocation" + "Identifier", + "StateTemplateUpdateStrategy" ], "type": "object" }, - "AWS::Lex::Bot.ExternalSourceSetting": { + "AWS::IoTFleetWise::Vehicle.StateTemplateUpdateStrategy": { "additionalProperties": false, "properties": { - "GrammarSlotTypeSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSetting", - "markdownDescription": "Settings required for a slot type based on a grammar that you provide.", - "title": "GrammarSlotTypeSetting" + "OnChange": { + "markdownDescription": "", + "title": "OnChange", + "type": "object" + }, + "Periodic": { + "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle.PeriodicStateTemplateUpdateStrategy", + "markdownDescription": "", + "title": "Periodic" } }, "type": "object" }, - "AWS::Lex::Bot.FulfillmentCodeHookSetting": { + "AWS::IoTFleetWise::Vehicle.TimePeriod": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether a Lambda function should be invoked to fulfill a specific intent.", - "title": "Enabled", - "type": "boolean" - }, - "FulfillmentUpdatesSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdatesSpecification", - "markdownDescription": "Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations.", - "title": "FulfillmentUpdatesSpecification" - }, - "IsActive": { - "markdownDescription": "Determines whether the fulfillment code hook is used. When `active` is false, the code hook doesn't run.", - "title": "IsActive", - "type": "boolean" + "Unit": { + "markdownDescription": "A unit of time.", + "title": "Unit", + "type": "string" }, - "PostFulfillmentStatusSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PostFulfillmentStatusSpecification", - "markdownDescription": "Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations.", - "title": "PostFulfillmentStatusSpecification" + "Value": { + "markdownDescription": "A number of time units.", + "title": "Value", + "type": "number" } }, "required": [ - "Enabled" + "Unit", + "Value" ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentStartResponseSpecification": { + "AWS::IoTSiteWise::AccessPolicy": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Determines whether the user can interrupt the start message while it is playing.", - "title": "AllowInterrupt", - "type": "boolean" + "Condition": { + "type": "string" }, - "DelayInSeconds": { - "markdownDescription": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.", - "title": "DelayInSeconds", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MessageGroups": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPolicyIdentity": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity", + "markdownDescription": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", + "title": "AccessPolicyIdentity" + }, + "AccessPolicyPermission": { + "markdownDescription": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", + "title": "AccessPolicyPermission", + "type": "string" + }, + "AccessPolicyResource": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource", + "markdownDescription": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.", + "title": "AccessPolicyResource" + } }, - "markdownDescription": "1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user.", - "title": "MessageGroups", - "type": "array" + "required": [ + "AccessPolicyIdentity", + "AccessPolicyPermission", + "AccessPolicyResource" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTSiteWise::AccessPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DelayInSeconds", - "MessageGroups" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentUpdateResponseSpecification": { + "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Determines whether the user can interrupt an update message while it is playing.", - "title": "AllowInterrupt", - "type": "boolean" + "IamRole": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamRole", + "markdownDescription": "An IAM role identity.", + "title": "IamRole" }, - "FrequencyInSeconds": { - "markdownDescription": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.", - "title": "FrequencyInSeconds", - "type": "number" + "IamUser": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamUser", + "markdownDescription": "An IAM user identity.", + "title": "IamUser" }, - "MessageGroups": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.", - "title": "MessageGroups", - "type": "array" + "User": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.User", + "markdownDescription": "An IAM Identity Center user identity.", + "title": "User" } }, - "required": [ - "FrequencyInSeconds", - "MessageGroups" - ], "type": "object" }, - "AWS::Lex::Bot.FulfillmentUpdatesSpecification": { + "AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.\n\nIf the `active` field is set to true, the `startResponse` , `updateResponse` , and `timeoutInSeconds` fields are required.", - "title": "Active", - "type": "boolean" - }, - "StartResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentStartResponseSpecification", - "markdownDescription": "Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running.", - "title": "StartResponse" - }, - "TimeoutInSeconds": { - "markdownDescription": "The length of time that the fulfillment Lambda function should run before it times out.", - "title": "TimeoutInSeconds", - "type": "number" + "Portal": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Portal", + "markdownDescription": "Identifies an AWS IoT SiteWise Monitor portal.", + "title": "Portal" }, - "UpdateResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdateResponseSpecification", - "markdownDescription": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running.", - "title": "UpdateResponse" + "Project": { + "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Project", + "markdownDescription": "Identifies a specific AWS IoT SiteWise Monitor project.", + "title": "Project" } }, - "required": [ - "Active" - ], "type": "object" }, - "AWS::Lex::Bot.GrammarSlotTypeSetting": { + "AWS::IoTSiteWise::AccessPolicy.IamRole": { "additionalProperties": false, "properties": { - "Source": { - "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSource", - "markdownDescription": "The source of the grammar used to create the slot type.", - "title": "Source" + "arn": { + "markdownDescription": "The ARN of the IAM role. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .", + "title": "arn", + "type": "string" } }, "type": "object" }, - "AWS::Lex::Bot.GrammarSlotTypeSource": { + "AWS::IoTSiteWise::AccessPolicy.IamUser": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The AWS KMS key required to decrypt the contents of the grammar, if any.", - "title": "KmsKeyArn", - "type": "string" - }, - "S3BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket that contains the grammar source.", - "title": "S3BucketName", - "type": "string" - }, - "S3ObjectKey": { - "markdownDescription": "The path to the grammar in the Amazon S3 bucket.", - "title": "S3ObjectKey", + "arn": { + "markdownDescription": "The ARN of the IAM user. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .\n\n> If you delete the IAM user, access policies that contain this identity include an empty `arn` . You can delete the access policy for the IAM user that no longer exists.", + "title": "arn", "type": "string" } }, - "required": [ - "S3BucketName", - "S3ObjectKey" - ], "type": "object" }, - "AWS::Lex::Bot.ImageResponseCard": { + "AWS::IoTSiteWise::AccessPolicy.Portal": { "additionalProperties": false, "properties": { - "Buttons": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Button" - }, - "markdownDescription": "A list of buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button.", - "title": "Buttons", - "type": "array" - }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.", - "title": "ImageUrl", - "type": "string" - }, - "Subtitle": { - "markdownDescription": "The subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.", - "title": "Subtitle", - "type": "string" - }, - "Title": { - "markdownDescription": "The title to display on the response card. The format of the title is determined by the platform displaying the response card.", - "title": "Title", + "id": { + "markdownDescription": "The ID of the portal.", + "title": "id", "type": "string" } }, - "required": [ - "Title" - ], "type": "object" }, - "AWS::Lex::Bot.InitialResponseSetting": { + "AWS::IoTSiteWise::AccessPolicy.Project": { "additionalProperties": false, "properties": { - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.", - "title": "CodeHook" - }, - "Conditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", - "title": "Conditional" - }, - "InitialResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "InitialResponse" - }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step in the conversation.", - "title": "NextStep" + "id": { + "markdownDescription": "The ID of the project.", + "title": "id", + "type": "string" } }, "type": "object" }, - "AWS::Lex::Bot.InputContext": { + "AWS::IoTSiteWise::AccessPolicy.User": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the context.", - "title": "Name", + "id": { + "markdownDescription": "The IAM Identity Center ID of the user.", + "title": "id", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::Lex::Bot.Intent": { + "AWS::IoTSiteWise::Asset": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the intent. Use the description to help identify the intent in lists.", - "title": "Description", + "Condition": { "type": "string" }, - "DialogCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookSetting", - "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction.", - "title": "DialogCodeHook" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FulfillmentCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentCodeHookSetting", - "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user.", - "title": "FulfillmentCodeHook" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InitialResponseSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.InitialResponseSetting", - "markdownDescription": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.", - "title": "InitialResponseSetting" + "Metadata": { + "type": "object" }, - "InputContexts": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.InputContext" + "Properties": { + "additionalProperties": false, + "properties": { + "AssetDescription": { + "markdownDescription": "The ID of the asset, in UUID format.", + "title": "AssetDescription", + "type": "string" + }, + "AssetExternalId": { + "markdownDescription": "The external ID of the asset model composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetExternalId", + "type": "string" + }, + "AssetHierarchies": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetHierarchy" + }, + "markdownDescription": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships.", + "title": "AssetHierarchies", + "type": "array" + }, + "AssetModelId": { + "markdownDescription": "The ID of the asset model from which to create the asset. This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelId", + "type": "string" + }, + "AssetName": { + "markdownDescription": "A friendly name for the asset.", + "title": "AssetName", + "type": "string" + }, + "AssetProperties": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetProperty" + }, + "markdownDescription": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object.", + "title": "AssetProperties", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of contexts that must be active for this intent to be considered by Amazon Lex .", - "title": "InputContexts", - "type": "array" - }, - "IntentClosingSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentClosingSetting", - "markdownDescription": "Sets the response that Amazon Lex sends to the user when the intent is closed.", - "title": "IntentClosingSetting" - }, - "IntentConfirmationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.IntentConfirmationSetting", - "markdownDescription": "Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers \"no,\" the settings contain a statement that is sent to the user to end the intent.", - "title": "IntentConfirmationSetting" - }, - "KendraConfiguration": { - "$ref": "#/definitions/AWS::Lex::Bot.KendraConfiguration", - "markdownDescription": "Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance.", - "title": "KendraConfiguration" + "required": [ + "AssetModelId", + "AssetName" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the intent. Intent names must be unique within the locale that contains the intent and can't match the name of any built-in intent.", - "title": "Name", + "Type": { + "enum": [ + "AWS::IoTSiteWise::Asset" + ], "type": "string" }, - "OutputContexts": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.OutputContext" - }, - "markdownDescription": "A list of contexts that the intent activates when it is fulfilled.", - "title": "OutputContexts", - "type": "array" - }, - "ParentIntentSignature": { - "markdownDescription": "A unique identifier for the built-in intent to base this intent on.", - "title": "ParentIntentSignature", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SampleUtterances": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" - }, - "markdownDescription": "A list of utterances that a user might say to signal the intent.", - "title": "SampleUtterances", - "type": "array" - }, - "SlotPriorities": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotPriority" - }, - "markdownDescription": "Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order.", - "title": "SlotPriorities", - "type": "array" - }, - "Slots": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Slot" - }, - "markdownDescription": "A list of slots that the intent requires for fulfillment.", - "title": "Slots", - "type": "array" } }, "required": [ - "Name" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.IntentClosingSetting": { + "AWS::IoTSiteWise::Asset.AssetHierarchy": { "additionalProperties": false, "properties": { - "ClosingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to the user when the intent is complete.", - "title": "ClosingResponse" + "ChildAssetId": { + "markdownDescription": "The Id of the child asset.", + "title": "ChildAssetId", + "type": "string" }, - "Conditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches associated with the intent's closing response. These branches are executed when the `nextStep` attribute is set to `EvalutateConditional` .", - "title": "Conditional" + "ExternalId": { + "markdownDescription": "The external ID of the hierarchy, if it has one. When you update an asset hierarchy, you may assign an external ID if it doesn't already have one. You can't change the external ID of an asset hierarchy that already has one. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ExternalId", + "type": "string" }, - "IsActive": { - "markdownDescription": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", - "type": "boolean" + "Id": { + "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set.", + "title": "Id", + "type": "string" }, - "NextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes after playing the intent's closing response.", - "title": "NextStep" + "LogicalId": { + "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .", + "title": "LogicalId", + "type": "string" } }, + "required": [ + "ChildAssetId" + ], "type": "object" }, - "AWS::Lex::Bot.IntentConfirmationSetting": { + "AWS::IoTSiteWise::Asset.AssetProperty": { "additionalProperties": false, "properties": { - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "The `DialogCodeHookInvocationSetting` object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `InvokeDialogCodeHook` .", - "title": "CodeHook" - }, - "ConfirmationConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the intent is closed.", - "title": "ConfirmationConditional" + "Alias": { + "markdownDescription": "The alias that identifies the property, such as an OPC-UA server data stream path (for example, `/company/windfarm/3/turbine/7/temperature` ). For more information, see [Mapping industrial data streams to asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/connect-data-streams.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Alias", + "type": "string" }, - "ConfirmationNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes when the customer confirms the intent.", - "title": "ConfirmationNextStep" + "ExternalId": { + "markdownDescription": "The external ID of the property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ExternalId", + "type": "string" }, - "ConfirmationResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "ConfirmationResponse" + "Id": { + "markdownDescription": "The ID of the asset property.\n\n> This is a return value and can't be set.", + "title": "Id", + "type": "string" }, - "DeclinationConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the intent is declined.", - "title": "DeclinationConditional" + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset property.", + "title": "LogicalId", + "type": "string" }, - "DeclinationNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot executes when the customer declines the intent.", - "title": "DeclinationNextStep" + "NotificationState": { + "markdownDescription": "The MQTT notification state (enabled or disabled) for this asset property. When the notification state is enabled, AWS IoT SiteWise publishes property value updates to a unique MQTT topic. For more information, see [Interacting with other services](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/interact-with-other-services.html) in the *AWS IoT SiteWise User Guide* .\n\nIf you omit this parameter, the notification state is set to `DISABLED` .", + "title": "NotificationState", + "type": "string" }, - "DeclinationResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "When the user answers \"no\" to the question defined in `promptSpecification` , Amazon Lex responds with this response to acknowledge that the intent was canceled.", - "title": "DeclinationResponse" + "Unit": { + "markdownDescription": "The unit (such as `Newtons` or `RPM` ) of the asset property.", + "title": "Unit", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTSiteWise::AssetModel": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "ElicitationCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", - "markdownDescription": "The `DialogCodeHookInvocationSetting` used when the code hook is invoked during confirmation prompt retries.", - "title": "ElicitationCodeHook" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", - "title": "FailureConditional" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "The next step to take in the conversation if the confirmation step fails.", - "title": "FailureNextStep" + "Metadata": { + "type": "object" }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the intent confirmation fails.", - "title": "FailureResponse" + "Properties": { + "additionalProperties": false, + "properties": { + "AssetModelCompositeModels": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel" + }, + "markdownDescription": "The composite models that are part of this asset model. It groups properties (such as attributes, measurements, transforms, and metrics) and child composite models that model parts of your industrial equipment. Each composite model has a type that defines the properties that the composite model supports. Use composite models to define alarms on this asset model.\n\n> When creating custom composite models, you need to use [CreateAssetModelCompositeModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModelCompositeModel.html) . For more information, see [Creating custom composite models (Components)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-custom-composite-models.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelCompositeModels", + "type": "array" + }, + "AssetModelDescription": { + "markdownDescription": "A description for the asset model.", + "title": "AssetModelDescription", + "type": "string" + }, + "AssetModelExternalId": { + "markdownDescription": "The external ID of the asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelExternalId", + "type": "string" + }, + "AssetModelHierarchies": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelHierarchy" + }, + "markdownDescription": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 10 hierarchies per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelHierarchies", + "type": "array" + }, + "AssetModelName": { + "markdownDescription": "A unique name for the asset model.", + "title": "AssetModelName", + "type": "string" + }, + "AssetModelProperties": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" + }, + "markdownDescription": "The property definitions of the asset model. For more information, see [Asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 200 properties per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "AssetModelProperties", + "type": "array" + }, + "AssetModelType": { + "markdownDescription": "The type of asset model.\n\n- *ASSET_MODEL* \u2013 (default) An asset model that you can use to create assets. Can't be included as a component in another asset model.\n- *COMPONENT_MODEL* \u2013 A reusable component that you can include in the composite models of other asset models. You can't create assets directly from this type of asset model.", + "title": "AssetModelType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AssetModelName" + ], + "type": "object" }, - "IsActive": { - "markdownDescription": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", - "type": "boolean" + "Type": { + "enum": [ + "AWS::IoTSiteWise::AssetModel" + ], + "type": "string" }, - "PromptSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", - "markdownDescription": "Prompts the user to confirm the intent. This question should have a yes or no answer.\n\nAmazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. For example, with the `OrderPizza` intent, you might want to confirm that the order is correct before placing it. For other intents, such as intents that simply respond to user questions, you might not need to ask the user for confirmation before providing the information.", - "title": "PromptSpecification" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "PromptSpecification" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.IntentOverride": { + "AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the intent. Only required when you're switching intents.", - "title": "Name", + "ComposedAssetModelId": { + "markdownDescription": "The ID of a component model which is reused to create this composite model.", + "title": "ComposedAssetModelId", "type": "string" }, - "Slots": { + "CompositeModelProperties": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverrideMap" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" }, - "markdownDescription": "A map of all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden.", - "title": "Slots", + "markdownDescription": "The asset property definitions for this composite model.", + "title": "CompositeModelProperties", "type": "array" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.KendraConfiguration": { - "additionalProperties": false, - "properties": { - "KendraIndex": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot.", - "title": "KendraIndex", + }, + "Description": { + "markdownDescription": "The description of the composite model.\n\n> If the composite model is a `component-model-based` composite model, the description is inherited from the `COMPONENT_MODEL` asset model and cannot be changed.", + "title": "Description", "type": "string" }, - "QueryFilterString": { - "markdownDescription": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) .", - "title": "QueryFilterString", + "ExternalId": { + "markdownDescription": "The external ID of a composite model on this asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `Path` must be specified.", + "title": "ExternalId", "type": "string" }, - "QueryFilterStringEnabled": { - "markdownDescription": "Determines whether the `AMAZON.KendraSearchIntent` intent uses a custom query string to query the Amazon Kendra index.", - "title": "QueryFilterStringEnabled", - "type": "boolean" + "Id": { + "markdownDescription": "The ID of the asset model composite model.\n\n> This is a return value and can't be set.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the composite model.", + "title": "Name", + "type": "string" + }, + "ParentAssetModelCompositeModelExternalId": { + "markdownDescription": "The external ID of the parent composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ParentAssetModelCompositeModelExternalId", + "type": "string" + }, + "Path": { + "items": { + "type": "string" + }, + "markdownDescription": "The structured path to the property from the root of the asset using property names. Path is used as the ID if the asset model is a derived composite model.\n\n> One of `ExternalId` or `Path` must be specified.", + "title": "Path", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the composite model. For alarm composite models, this type is `AWS/ALARM` .", + "title": "Type", + "type": "string" } }, "required": [ - "KendraIndex" + "Name", + "Type" ], "type": "object" }, - "AWS::Lex::Bot.LambdaCodeHook": { + "AWS::IoTSiteWise::AssetModel.AssetModelHierarchy": { "additionalProperties": false, "properties": { - "CodeHookInterfaceVersion": { - "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", - "title": "CodeHookInterfaceVersion", + "ChildAssetModelId": { + "markdownDescription": "The ID of the asset model, in UUID format. All assets in this hierarchy must be instances of the `childAssetModelId` asset model. AWS IoT SiteWise will always return the actual asset model ID for this value. However, when you are specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) , you may provide either the asset model ID or else `externalId:` followed by the asset model's external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "ChildAssetModelId", "type": "string" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", - "title": "LambdaArn", + "ExternalId": { + "markdownDescription": "The external ID (if any) provided in the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) operation. You can assign an external ID by specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) . However, you can't change the external ID if one is already assigned. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "ExternalId", + "type": "string" + }, + "Id": { + "markdownDescription": "The ID of the asset model hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set. \n\n- If you are callling [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) to create a *new* hierarchy: You can specify its ID here, if desired. AWS IoT SiteWise automatically generates a unique ID for you, so this parameter is never required. However, if you prefer to supply your own ID instead, you can specify it here in UUID format. If you specify your own ID, it must be globally unique.\n- If you are calling UpdateAssetModel to modify an *existing* hierarchy: This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", + "title": "Id", + "type": "string" + }, + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset model hierarchy. This ID is a `hierarchyLogicalId` .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "LogicalId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the asset model hierarchy that you specify by using the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) API operation.", + "title": "Name", "type": "string" } }, "required": [ - "CodeHookInterfaceVersion", - "LambdaArn" + "ChildAssetModelId", + "Name" ], "type": "object" }, - "AWS::Lex::Bot.Message": { + "AWS::IoTSiteWise::AssetModel.AssetModelProperty": { "additionalProperties": false, "properties": { - "CustomPayload": { - "$ref": "#/definitions/AWS::Lex::Bot.CustomPayload", - "markdownDescription": "A message in a custom format defined by the client application.", - "title": "CustomPayload" + "DataType": { + "markdownDescription": "The data type of the asset model property.\n\nIf you specify `STRUCT` , you must also specify `dataTypeSpec` to identify the type of the structure for this property.", + "title": "DataType", + "type": "string" }, - "ImageResponseCard": { - "$ref": "#/definitions/AWS::Lex::Bot.ImageResponseCard", - "markdownDescription": "A message that defines a response card that the client application can show to the user.", - "title": "ImageResponseCard" + "DataTypeSpec": { + "markdownDescription": "The data type of the structure for this property. This parameter exists on properties that have the `STRUCT` data type.", + "title": "DataTypeSpec", + "type": "string" }, - "PlainTextMessage": { - "$ref": "#/definitions/AWS::Lex::Bot.PlainTextMessage", - "markdownDescription": "A message in plain text format.", - "title": "PlainTextMessage" + "ExternalId": { + "markdownDescription": "The external ID of the asset property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "ExternalId", + "type": "string" }, - "SSMLMessage": { - "$ref": "#/definitions/AWS::Lex::Bot.SSMLMessage", - "markdownDescription": "A message in Speech Synthesis Markup Language (SSML).", - "title": "SSMLMessage" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.MessageGroup": { - "additionalProperties": false, - "properties": { - "Message": { - "$ref": "#/definitions/AWS::Lex::Bot.Message", - "markdownDescription": "The primary message that Amazon Lex should send to the user.", - "title": "Message" + "Id": { + "markdownDescription": "The ID of the property.\n\n> This is a return value and can't be set.", + "title": "Id", + "type": "string" }, - "Variations": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.Message" - }, - "markdownDescription": "Message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user.", - "title": "Variations", - "type": "array" + "LogicalId": { + "markdownDescription": "The `LogicalID` of the asset model property.\n\n> One of `ExternalId` or `LogicalId` must be specified.", + "title": "LogicalId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the asset model property.", + "title": "Name", + "type": "string" + }, + "Type": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyType", + "markdownDescription": "Contains a property type, which can be one of `attribute` , `measurement` , `metric` , or `transform` .", + "title": "Type" + }, + "Unit": { + "markdownDescription": "The unit of the asset model property, such as `Newtons` or `RPM` .", + "title": "Unit", + "type": "string" } }, "required": [ - "Message" + "DataType", + "Name", + "Type" ], "type": "object" }, - "AWS::Lex::Bot.MultipleValuesSetting": { - "additionalProperties": false, - "properties": { - "AllowMultipleValues": { - "markdownDescription": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` .", - "title": "AllowMultipleValues", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.ObfuscationSetting": { + "AWS::IoTSiteWise::AssetModel.Attribute": { "additionalProperties": false, "properties": { - "ObfuscationSettingType": { - "markdownDescription": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.", - "title": "ObfuscationSettingType", + "DefaultValue": { + "markdownDescription": "The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* .", + "title": "DefaultValue", "type": "string" } }, - "required": [ - "ObfuscationSettingType" - ], "type": "object" }, - "AWS::Lex::Bot.OutputContext": { + "AWS::IoTSiteWise::AssetModel.ExpressionVariable": { "additionalProperties": false, "properties": { "Name": { - "markdownDescription": "The name of the output context.", + "markdownDescription": "The friendly name of the variable to be used in the expression.", "title": "Name", "type": "string" }, - "TimeToLiveInSeconds": { - "markdownDescription": "The amount of time, in seconds, that the output context should remain active. The time is figured from the first time the context is sent to the user.", - "title": "TimeToLiveInSeconds", - "type": "number" - }, - "TurnsToLive": { - "markdownDescription": "The number of conversation turns that the output context should remain active. The number of turns is counted from the first time that the context is sent to the user.", - "title": "TurnsToLive", - "type": "number" - } - }, - "required": [ - "Name", - "TimeToLiveInSeconds", - "TurnsToLive" - ], - "type": "object" - }, - "AWS::Lex::Bot.PlainTextMessage": { - "additionalProperties": false, - "properties": { "Value": { - "markdownDescription": "The message to send to the user.", - "title": "Value", - "type": "string" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.VariableValue", + "markdownDescription": "The variable that identifies an asset property from which to use values.", + "title": "Value" } }, "required": [ + "Name", "Value" ], "type": "object" }, - "AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification": { + "AWS::IoTSiteWise::AssetModel.Metric": { "additionalProperties": false, "properties": { - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureNextStep" - }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the code hook fails.", - "title": "FailureResponse" - }, - "SuccessConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook finishes successfully.", - "title": "SuccessConditional" - }, - "SuccessNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifics the next step the bot runs after the dialog code hook finishes successfully.", - "title": "SuccessNextStep" - }, - "SuccessResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the code hook succeeds.", - "title": "SuccessResponse" - }, - "TimeoutConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate if the code hook times out.", - "title": "TimeoutConditional" + "Expression": { + "markdownDescription": "The mathematical expression that defines the metric aggregation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Expression", + "type": "string" }, - "TimeoutNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the code hook times out.", - "title": "TimeoutNextStep" + "Variables": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" + }, + "markdownDescription": "The list of variables used in the expression.", + "title": "Variables", + "type": "array" }, - "TimeoutResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond to the user input when the code hook times out.", - "title": "TimeoutResponse" + "Window": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.MetricWindow", + "markdownDescription": "The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression. AWS IoT SiteWise computes one data point per `window` .", + "title": "Window" } }, + "required": [ + "Expression", + "Variables", + "Window" + ], "type": "object" }, - "AWS::Lex::Bot.PostFulfillmentStatusSpecification": { + "AWS::IoTSiteWise::AssetModel.MetricWindow": { "additionalProperties": false, "properties": { - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureConditional" - }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", - "title": "FailureNextStep" - }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't successful.", - "title": "FailureResponse" - }, - "SuccessConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully.", - "title": "SuccessConditional" - }, - "SuccessNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully.", - "title": "SuccessNextStep" - }, - "SuccessResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the fulfillment is successful.", - "title": "SuccessResponse" - }, - "TimeoutConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate if the fulfillment code hook times out.", - "title": "TimeoutConditional" - }, - "TimeoutNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the fulfillment code hook times out.", - "title": "TimeoutNextStep" - }, - "TimeoutResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't completed within the timeout period.", - "title": "TimeoutResponse" + "Tumbling": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.TumblingWindow", + "markdownDescription": "The tumbling time interval window.", + "title": "Tumbling" } }, "type": "object" }, - "AWS::Lex::Bot.PromptAttemptSpecification": { + "AWS::IoTSiteWise::AssetModel.PropertyPathDefinition": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech prompt attempt from the bot.", - "title": "AllowInterrupt", - "type": "boolean" - }, - "AllowedInputTypes": { - "$ref": "#/definitions/AWS::Lex::Bot.AllowedInputTypes", - "markdownDescription": "Indicates the allowed input types of the prompt attempt.", - "title": "AllowedInputTypes" - }, - "AudioAndDTMFInputSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.AudioAndDTMFInputSpecification", - "markdownDescription": "Specifies the settings on audio and DTMF input.", - "title": "AudioAndDTMFInputSpecification" - }, - "TextInputSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.TextInputSpecification", - "markdownDescription": "Specifies the settings on text input.", - "title": "TextInputSpecification" + "Name": { + "markdownDescription": "The name of the path segment.", + "title": "Name", + "type": "string" } }, "required": [ - "AllowedInputTypes" + "Name" ], "type": "object" }, - "AWS::Lex::Bot.PromptSpecification": { + "AWS::IoTSiteWise::AssetModel.PropertyType": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech prompt from the bot.", - "title": "AllowInterrupt", - "type": "boolean" + "Attribute": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Attribute", + "markdownDescription": "Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine.", + "title": "Attribute" }, - "MaxRetries": { - "markdownDescription": "The maximum number of times the bot tries to elicit a response from the user using this prompt.", - "title": "MaxRetries", - "type": "number" + "Metric": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Metric", + "markdownDescription": "Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature.", + "title": "Metric" }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime.", - "title": "MessageGroupsList", - "type": "array" + "Transform": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Transform", + "markdownDescription": "Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit.", + "title": "Transform" }, - "MessageSelectionStrategy": { - "markdownDescription": "Indicates how a message is selected from a message group among retries.", - "title": "MessageSelectionStrategy", + "TypeName": { + "markdownDescription": "The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` .", + "title": "TypeName", "type": "string" - }, - "PromptAttemptsSpecification": { - "additionalProperties": false, - "markdownDescription": "Specifies the advanced settings on each attempt of the prompt.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptAttemptSpecification" - } - }, - "title": "PromptAttemptsSpecification", - "type": "object" } }, "required": [ - "MaxRetries", - "MessageGroupsList" + "TypeName" ], "type": "object" }, - "AWS::Lex::Bot.ResponseSpecification": { + "AWS::IoTSiteWise::AssetModel.Transform": { "additionalProperties": false, "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates whether the user can interrupt a speech response from Amazon Lex.", - "title": "AllowInterrupt", - "type": "boolean" + "Expression": { + "markdownDescription": "The mathematical expression that defines the transformation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Expression", + "type": "string" }, - "MessageGroupsList": { + "Variables": { "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" }, - "markdownDescription": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime.", - "title": "MessageGroupsList", + "markdownDescription": "The list of variables used in the expression.", + "title": "Variables", "type": "array" } }, "required": [ - "MessageGroupsList" + "Expression", + "Variables" ], "type": "object" }, - "AWS::Lex::Bot.S3BucketLogDestination": { + "AWS::IoTSiteWise::AssetModel.TumblingWindow": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", - "title": "KmsKeyArn", - "type": "string" - }, - "LogPrefix": { - "markdownDescription": "The S3 prefix to assign to audio log files.", - "title": "LogPrefix", + "Interval": { + "markdownDescription": "The time interval for the tumbling window. The interval time must be between 1 minute and 1 week.\n\nAWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on.\n\nWhen AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval.", + "title": "Interval", "type": "string" }, - "S3BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", - "title": "S3BucketArn", + "Offset": { + "markdownDescription": "The offset for the tumbling window. The `offset` parameter accepts the following:\n\n- The offset time.\n\nFor example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The ISO 8601 format.\n\nFor example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The 24-hour clock.\n\nFor example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC).\n- The offset time zone.\n\nFor example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric.\n- If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day.", + "title": "Offset", "type": "string" } }, "required": [ - "LogPrefix", - "S3BucketArn" + "Interval" ], "type": "object" }, - "AWS::Lex::Bot.S3Location": { + "AWS::IoTSiteWise::AssetModel.VariableValue": { "additionalProperties": false, "properties": { - "S3Bucket": { - "markdownDescription": "The S3 bucket name.", - "title": "S3Bucket", + "HierarchyExternalId": { + "markdownDescription": "The external ID of the hierarchy being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyExternalId", "type": "string" }, - "S3ObjectKey": { - "markdownDescription": "The path and file name to the object in the S3 bucket.", - "title": "S3ObjectKey", + "HierarchyId": { + "markdownDescription": "The ID of the hierarchy to query for the property ID. You can use the hierarchy's name instead of the hierarchy's ID. If the hierarchy has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\nYou use a hierarchy ID instead of a model ID because you can have several hierarchies using the same model and therefore the same `propertyId` . For example, you might have separately grouped assets that come from the same asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyId", "type": "string" }, - "S3ObjectVersion": { - "markdownDescription": "The version of the object in the S3 bucket.", - "title": "S3ObjectVersion", + "HierarchyLogicalId": { + "markdownDescription": "The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` .\n\nYou use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", + "title": "HierarchyLogicalId", "type": "string" - } - }, - "required": [ - "S3Bucket", - "S3ObjectKey" - ], - "type": "object" - }, - "AWS::Lex::Bot.SSMLMessage": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The SSML text that defines the prompt.", - "title": "Value", + }, + "PropertyExternalId": { + "markdownDescription": "The external ID of the property being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", + "title": "PropertyExternalId", "type": "string" - } - }, - "required": [ - "Value" - ], - "type": "object" - }, - "AWS::Lex::Bot.SampleUtterance": { - "additionalProperties": false, - "properties": { - "Utterance": { - "markdownDescription": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.", - "title": "Utterance", + }, + "PropertyId": { + "markdownDescription": "The ID of the property to use as the variable. You can use the property `name` if it's from the same asset model. If the property has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> This is a return value and can't be set.", + "title": "PropertyId", "type": "string" - } - }, - "required": [ - "Utterance" - ], - "type": "object" - }, - "AWS::Lex::Bot.SampleValue": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The value that can be used for a slot type.", - "title": "Value", + }, + "PropertyLogicalId": { + "markdownDescription": "The `LogicalID` of the property that is being referenced.", + "title": "PropertyLogicalId", "type": "string" + }, + "PropertyPath": { + "items": { + "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyPathDefinition" + }, + "markdownDescription": "The path of the property. Each step of the path is the name of the step. See the following example:\n\n`PropertyPath: Name: AssetModelName Name: Composite1 Name: NestedComposite`", + "title": "PropertyPath", + "type": "array" } }, - "required": [ - "Value" - ], - "type": "object" - }, - "AWS::Lex::Bot.SentimentAnalysisSettings": { - "additionalProperties": false, - "properties": { - "DetectSentiment": { - "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", - "title": "DetectSentiment", - "type": "boolean" - } - }, - "required": [ - "DetectSentiment" - ], "type": "object" }, - "AWS::Lex::Bot.SessionAttribute": { + "AWS::IoTSiteWise::Dashboard": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the session attribute.", - "title": "Key", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The session-specific context information for the session attribute.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key" - ], - "type": "object" - }, - "AWS::Lex::Bot.Slot": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the slot.", - "title": "Description", - "type": "string" - }, - "MultipleValuesSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.MultipleValuesSetting", - "markdownDescription": "Indicates whether a slot can return multiple values.", - "title": "MultipleValuesSetting" - }, - "Name": { - "markdownDescription": "The name given to the slot.", - "title": "Name", - "type": "string" - }, - "ObfuscationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.ObfuscationSetting", - "markdownDescription": "Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs.", - "title": "ObfuscationSetting" - }, - "SlotTypeName": { - "markdownDescription": "The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot.", - "title": "SlotTypeName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ValueElicitationSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueElicitationSetting", - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value.\n- TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ValueElicitationSetting" - } - }, - "required": [ - "Name", - "SlotTypeName", - "ValueElicitationSetting" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotCaptureSetting": { - "additionalProperties": false, - "properties": { - "CaptureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate after the slot value is captured.", - "title": "CaptureConditional" - }, - "CaptureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out.", - "title": "CaptureNextStep" - }, - "CaptureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", - "title": "CaptureResponse" - }, - "CodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", - "markdownDescription": "Code hook called after Amazon Lex successfully captures a slot value.", - "title": "CodeHook" - }, - "ElicitationCodeHook": { - "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", - "markdownDescription": "Code hook called when Amazon Lex doesn't capture a slot value.", - "title": "ElicitationCodeHook" - }, - "FailureConditional": { - "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", - "markdownDescription": "A list of conditional branches to evaluate when the slot value isn't captured.", - "title": "FailureConditional" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FailureNextStep": { - "$ref": "#/definitions/AWS::Lex::Bot.DialogState", - "markdownDescription": "Specifies the next step that the bot runs when the slot value code is not recognized.", - "title": "FailureNextStep" + "Metadata": { + "type": "object" }, - "FailureResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the slot fails to be captured.", - "title": "FailureResponse" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValue": { - "markdownDescription": "The default value to use when a user doesn't provide a value for a slot.", - "title": "DefaultValue", - "type": "string" - } - }, - "required": [ - "DefaultValue" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotDefaultValueSpecification": { - "additionalProperties": false, - "properties": { - "DefaultValueList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValue" + "Properties": { + "additionalProperties": false, + "properties": { + "DashboardDefinition": { + "markdownDescription": "The dashboard definition specified in a JSON literal.\n\n- AWS IoT SiteWise Monitor (Classic) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-using-aws-cli.html)\n- AWS IoT SiteWise Monitor (AI-aware) see [Create dashboards ( AWS CLI )](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-ai-dashboard-cli.html)\n\nin the *AWS IoT SiteWise User Guide*", + "title": "DashboardDefinition", + "type": "string" + }, + "DashboardDescription": { + "markdownDescription": "A description for the dashboard.", + "title": "DashboardDescription", + "type": "string" + }, + "DashboardName": { + "markdownDescription": "A friendly name for the dashboard.", + "title": "DashboardName", + "type": "string" + }, + "ProjectId": { + "markdownDescription": "The ID of the project in which to create the dashboard.", + "title": "ProjectId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the dashboard. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of default values. Amazon Lex chooses the default value to use in the order that they are presented in the list.", - "title": "DefaultValueList", - "type": "array" - } - }, - "required": [ - "DefaultValueList" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotPriority": { - "additionalProperties": false, - "properties": { - "Priority": { - "markdownDescription": "The priority that Amazon Lex should apply to the slot.", - "title": "Priority", - "type": "number" - }, - "SlotName": { - "markdownDescription": "The name of the slot.", - "title": "SlotName", - "type": "string" - } - }, - "required": [ - "Priority", - "SlotName" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotType": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the slot type. Use the description to help identify the slot type in lists.", - "title": "Description", - "type": "string" - }, - "ExternalSourceSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.ExternalSourceSetting", - "markdownDescription": "Sets the type of external information used to create the slot type.", - "title": "ExternalSourceSetting" + "required": [ + "DashboardDefinition", + "DashboardDescription", + "DashboardName" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the slot type. A slot type name must be unique withing the account.", - "title": "Name", + "Type": { + "enum": [ + "AWS::IoTSiteWise::Dashboard" + ], "type": "string" }, - "ParentSlotTypeSignature": { - "markdownDescription": "The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type.\n\nOnly `AMAZON.AlphaNumeric` is supported.", - "title": "ParentSlotTypeSignature", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SlotTypeValues": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotTypeValue" - }, - "markdownDescription": "A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot.", - "title": "SlotTypeValues", - "type": "array" - }, - "ValueSelectionSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueSelectionSetting", - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ValueSelectionSetting" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotTypeValue": { - "additionalProperties": false, - "properties": { - "SampleValue": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleValue", - "markdownDescription": "The value of the slot type entry.", - "title": "SampleValue" - }, - "Synonyms": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleValue" - }, - "markdownDescription": "Additional values related to the slot type entry.", - "title": "Synonyms", - "type": "array" } }, "required": [ - "SampleValue" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.SlotValue": { + "AWS::IoTSiteWise::Dataset": { "additionalProperties": false, "properties": { - "InterpretedValue": { - "markdownDescription": "The value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the `resolvedValues` list.", - "title": "InterpretedValue", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotValueElicitationSetting": { - "additionalProperties": false, - "properties": { - "DefaultValueSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", - "markdownDescription": "A list of default values for a slot. Default values are used when Amazon Lex hasn't determined a value for a slot. You can specify default values from context variables, session attributes, and defined values.", - "title": "DefaultValueSpecification" - }, - "PromptSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", - "markdownDescription": "The prompt that Amazon Lex uses to elicit the slot value from the user.", - "title": "PromptSpecification" - }, - "SampleUtterances": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" - }, - "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This is optional. In most cases, Amazon Lex is capable of understanding user utterances.", - "title": "SampleUtterances", - "type": "array" - }, - "SlotCaptureSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotCaptureSetting", - "markdownDescription": "Specifies the settings that Amazon Lex uses when a slot value is successfully entered by a user.", - "title": "SlotCaptureSetting" }, - "SlotConstraint": { - "markdownDescription": "Specifies whether the slot is required or optional.", - "title": "SlotConstraint", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "WaitAndContinueSpecification": { - "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", - "markdownDescription": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input.", - "title": "WaitAndContinueSpecification" - } - }, - "required": [ - "SlotConstraint" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotValueOverride": { - "additionalProperties": false, - "properties": { - "Shape": { - "markdownDescription": "When the shape value is `List` , it indicates that the `values` field contains a list of slot values. When the value is `Scalar` , it indicates that the `value` field contains a single value.", - "title": "Shape", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Value": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValue", - "markdownDescription": "The current value of the slot.", - "title": "Value" + "Metadata": { + "type": "object" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride" + "Properties": { + "additionalProperties": false, + "properties": { + "DatasetDescription": { + "markdownDescription": "", + "title": "DatasetDescription", + "type": "string" + }, + "DatasetName": { + "markdownDescription": "", + "title": "DatasetName", + "type": "string" + }, + "DatasetSource": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.DatasetSource", + "markdownDescription": "", + "title": "DatasetSource" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\"", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotValueOverrideMap": { - "additionalProperties": false, - "properties": { - "SlotName": { - "markdownDescription": "The name of the slot.", - "title": "SlotName", - "type": "string" + "required": [ + "DatasetName", + "DatasetSource" + ], + "type": "object" }, - "SlotValueOverride": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride", - "markdownDescription": "The SlotValueOverride object to which the slot name will be mapped.", - "title": "SlotValueOverride" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.SlotValueRegexFilter": { - "additionalProperties": false, - "properties": { - "Pattern": { - "markdownDescription": "A regular expression used to validate the value of a slot.\n\nUse a standard regular expression. Amazon Lex supports the following characters in the regular expression:\n\n- A-Z, a-z\n- 0-9\n- Unicode characters (\"\\\u2060u\")\n\nRepresent Unicode characters with four digits, for example \"\\\u2060u0041\" or \"\\\u2060u005A\".\n\nThe following regular expression operators are not supported:\n\n- Infinite repeaters: *, +, or {x,} with no upper bound.\n- Wild card (.)", - "title": "Pattern", + "Type": { + "enum": [ + "AWS::IoTSiteWise::Dataset" + ], "type": "string" - } - }, - "required": [ - "Pattern" - ], - "type": "object" - }, - "AWS::Lex::Bot.SlotValueSelectionSetting": { - "additionalProperties": false, - "properties": { - "AdvancedRecognitionSetting": { - "$ref": "#/definitions/AWS::Lex::Bot.AdvancedRecognitionSetting", - "markdownDescription": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances.", - "title": "AdvancedRecognitionSetting" - }, - "RegexFilter": { - "$ref": "#/definitions/AWS::Lex::Bot.SlotValueRegexFilter", - "markdownDescription": "A regular expression used to validate the value of a slot.", - "title": "RegexFilter" }, - "ResolutionStrategy": { - "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", - "title": "ResolutionStrategy", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ResolutionStrategy" - ], - "type": "object" - }, - "AWS::Lex::Bot.StillWaitingResponseSpecification": { - "additionalProperties": false, - "properties": { - "AllowInterrupt": { - "markdownDescription": "Indicates that the user can interrupt the response by speaking while the message is being played.", - "title": "AllowInterrupt", - "type": "boolean" - }, - "FrequencyInSeconds": { - "markdownDescription": "How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes.", - "title": "FrequencyInSeconds", - "type": "number" - }, - "MessageGroupsList": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" - }, - "markdownDescription": "One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user.", - "title": "MessageGroupsList", - "type": "array" - }, - "TimeoutInSeconds": { - "markdownDescription": "If Amazon Lex waits longer than this length of time for a response, it will stop sending messages.", - "title": "TimeoutInSeconds", - "type": "number" - } - }, - "required": [ - "FrequencyInSeconds", - "MessageGroupsList", - "TimeoutInSeconds" + "Type", + "Properties" ], "type": "object" }, - "AWS::Lex::Bot.TestBotAliasSettings": { + "AWS::IoTSiteWise::Dataset.DatasetSource": { "additionalProperties": false, "properties": { - "BotAliasLocaleSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettingsItem" - }, - "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale.", - "title": "BotAliasLocaleSettings", - "type": "array" - }, - "ConversationLogSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.ConversationLogSettings", - "markdownDescription": "Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users.", - "title": "ConversationLogSettings" + "SourceDetail": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.SourceDetail", + "markdownDescription": "", + "title": "SourceDetail" }, - "Description": { - "markdownDescription": "Specifies a description for the test bot alias.", - "title": "Description", + "SourceFormat": { + "markdownDescription": "", + "title": "SourceFormat", "type": "string" }, - "SentimentAnalysisSettings": { - "$ref": "#/definitions/AWS::Lex::Bot.SentimentAnalysisSettings", - "markdownDescription": "Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", - "title": "SentimentAnalysisSettings" - } - }, - "type": "object" - }, - "AWS::Lex::Bot.TextInputSpecification": { - "additionalProperties": false, - "properties": { - "StartTimeoutMs": { - "markdownDescription": "Time for which a bot waits before re-prompting a customer for text input.", - "title": "StartTimeoutMs", - "type": "number" - } - }, - "required": [ - "StartTimeoutMs" - ], - "type": "object" - }, - "AWS::Lex::Bot.TextLogDestination": { - "additionalProperties": false, - "properties": { - "CloudWatch": { - "$ref": "#/definitions/AWS::Lex::Bot.CloudWatchLogGroupLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", - "title": "CloudWatch" - } - }, - "required": [ - "CloudWatch" - ], - "type": "object" - }, - "AWS::Lex::Bot.TextLogSetting": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::Bot.TextLogDestination", - "markdownDescription": "Specifies the Amazon CloudWatch Logs destination log group for conversation text logs.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Determines whether conversation logs should be stored for an alias.", - "title": "Enabled", - "type": "boolean" + "SourceType": { + "markdownDescription": "", + "title": "SourceType", + "type": "string" } }, "required": [ - "Destination", - "Enabled" + "SourceFormat", + "SourceType" ], "type": "object" }, - "AWS::Lex::Bot.VoiceSettings": { + "AWS::IoTSiteWise::Dataset.KendraSourceDetail": { "additionalProperties": false, "properties": { - "Engine": { - "markdownDescription": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the [`engine` parameter of the `SynthesizeSpeech` operation](https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html#polly-SynthesizeSpeech-request-Engine) in the *Amazon Polly developer guide* .\n\nIf you do not specify a value, the default is `standard` .", - "title": "Engine", + "KnowledgeBaseArn": { + "markdownDescription": "", + "title": "KnowledgeBaseArn", "type": "string" }, - "VoiceId": { - "markdownDescription": "The identifier of the Amazon Polly voice to use.", - "title": "VoiceId", + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", "type": "string" } }, "required": [ - "VoiceId" + "KnowledgeBaseArn", + "RoleArn" ], "type": "object" }, - "AWS::Lex::Bot.WaitAndContinueSpecification": { + "AWS::IoTSiteWise::Dataset.SourceDetail": { "additionalProperties": false, "properties": { - "ContinueResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation.", - "title": "ContinueResponse" - }, - "IsActive": { - "markdownDescription": "Specifies whether the bot will wait for a user to respond. When this field is false, wait and continue responses for a slot aren't used. If the `IsActive` field isn't specified, the default is true.", - "title": "IsActive", - "type": "boolean" - }, - "StillWaitingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.StillWaitingResponseSpecification", - "markdownDescription": "A response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user.", - "title": "StillWaitingResponse" - }, - "WaitingResponse": { - "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", - "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue.", - "title": "WaitingResponse" + "Kendra": { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset.KendraSourceDetail", + "markdownDescription": "", + "title": "Kendra" } }, - "required": [ - "ContinueResponse", - "WaitingResponse" - ], "type": "object" }, - "AWS::Lex::BotAlias": { + "AWS::IoTSiteWise::Gateway": { "additionalProperties": false, "properties": { "Condition": { @@ -145858,62 +155957,47 @@ "Properties": { "additionalProperties": false, "properties": { - "BotAliasLocaleSettings": { + "GatewayCapabilitySummaries": { "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettingsItem" + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary" }, - "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale.", - "title": "BotAliasLocaleSettings", + "markdownDescription": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", + "title": "GatewayCapabilitySummaries", "type": "array" }, - "BotAliasName": { - "markdownDescription": "The name of the bot alias.", - "title": "BotAliasName", + "GatewayName": { + "markdownDescription": "A unique name for the gateway.", + "title": "GatewayName", "type": "string" }, - "BotAliasTags": { + "GatewayPlatform": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayPlatform", + "markdownDescription": "The gateway's platform. You can only specify one platform in a gateway.", + "title": "GatewayPlatform" + }, + "GatewayVersion": { + "markdownDescription": "", + "title": "GatewayVersion", + "type": "string" + }, + "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nYou can only add tags when you specify an alias.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "BotAliasTags", + "markdownDescription": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", "type": "array" - }, - "BotId": { - "markdownDescription": "The unique identifier of the bot.", - "title": "BotId", - "type": "string" - }, - "BotVersion": { - "markdownDescription": "The version of the bot that the bot alias references.", - "title": "BotVersion", - "type": "string" - }, - "ConversationLogSettings": { - "$ref": "#/definitions/AWS::Lex::BotAlias.ConversationLogSettings", - "markdownDescription": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 .", - "title": "ConversationLogSettings" - }, - "Description": { - "markdownDescription": "The description of the bot alias.", - "title": "Description", - "type": "string" - }, - "SentimentAnalysisSettings": { - "$ref": "#/definitions/AWS::Lex::BotAlias.SentimentAnalysisSettings", - "markdownDescription": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", - "title": "SentimentAnalysisSettings" } }, "required": [ - "BotAliasName", - "BotId" + "GatewayName", + "GatewayPlatform" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::BotAlias" + "AWS::IoTSiteWise::Gateway" ], "type": "string" }, @@ -145932,229 +156016,75 @@ ], "type": "object" }, - "AWS::Lex::BotAlias.AudioLogDestination": { - "additionalProperties": false, - "properties": { - "S3Bucket": { - "$ref": "#/definitions/AWS::Lex::BotAlias.S3BucketLogDestination", - "markdownDescription": "The S3 bucket location where audio logs are stored.", - "title": "S3Bucket" - } - }, - "required": [ - "S3Bucket" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.AudioLogSetting": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogDestination", - "markdownDescription": "The location of audio log files collected when conversation logging is enabled for a bot.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Determines whether audio logging in enabled for the bot.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Destination", - "Enabled" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.BotAliasLocaleSettings": { - "additionalProperties": false, - "properties": { - "CodeHookSpecification": { - "$ref": "#/definitions/AWS::Lex::BotAlias.CodeHookSpecification", - "markdownDescription": "Specifies the Lambda function that should be used in the locale.", - "title": "CodeHookSpecification" - }, - "Enabled": { - "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.BotAliasLocaleSettingsItem": { - "additionalProperties": false, - "properties": { - "BotAliasLocaleSetting": { - "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettings", - "markdownDescription": "Specifies settings that are unique to a locale.", - "title": "BotAliasLocaleSetting" - }, - "LocaleId": { - "markdownDescription": "The unique identifier of the locale.", - "title": "LocaleId", - "type": "string" - } - }, - "required": [ - "BotAliasLocaleSetting", - "LocaleId" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination": { + "AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", - "title": "CloudWatchLogGroupArn", + "CapabilityConfiguration": { + "markdownDescription": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", + "title": "CapabilityConfiguration", "type": "string" }, - "LogPrefix": { - "markdownDescription": "The prefix of the log stream name within the log group that you specified", - "title": "LogPrefix", + "CapabilityNamespace": { + "markdownDescription": "The namespace of the capability configuration. For example, if you configure OPC UA sources for an MQTT-enabled gateway, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:3` .", + "title": "CapabilityNamespace", "type": "string" } }, "required": [ - "CloudWatchLogGroupArn", - "LogPrefix" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.CodeHookSpecification": { - "additionalProperties": false, - "properties": { - "LambdaCodeHook": { - "$ref": "#/definitions/AWS::Lex::BotAlias.LambdaCodeHook", - "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", - "title": "LambdaCodeHook" - } - }, - "required": [ - "LambdaCodeHook" + "CapabilityNamespace" ], "type": "object" }, - "AWS::Lex::BotAlias.ConversationLogSettings": { + "AWS::IoTSiteWise::Gateway.GatewayPlatform": { "additionalProperties": false, "properties": { - "AudioLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogSetting" - }, - "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", - "title": "AudioLogSettings", - "type": "array" + "GreengrassV2": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GreengrassV2", + "markdownDescription": "A gateway that runs on AWS IoT Greengrass V2 .", + "title": "GreengrassV2" }, - "TextLogSettings": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogSetting" - }, - "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", - "title": "TextLogSettings", - "type": "array" + "SiemensIE": { + "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.SiemensIE", + "markdownDescription": "An AWS IoT SiteWise Edge gateway that runs on a Siemens Industrial Edge Device.", + "title": "SiemensIE" } }, "type": "object" }, - "AWS::Lex::BotAlias.LambdaCodeHook": { + "AWS::IoTSiteWise::Gateway.GreengrassV2": { "additionalProperties": false, "properties": { - "CodeHookInterfaceVersion": { - "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", - "title": "CodeHookInterfaceVersion", + "CoreDeviceOperatingSystem": { + "markdownDescription": "", + "title": "CoreDeviceOperatingSystem", "type": "string" }, - "LambdaArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", - "title": "LambdaArn", + "CoreDeviceThingName": { + "markdownDescription": "The name of the AWS IoT thing for your AWS IoT Greengrass V2 core device.", + "title": "CoreDeviceThingName", "type": "string" } }, "required": [ - "CodeHookInterfaceVersion", - "LambdaArn" + "CoreDeviceThingName" ], "type": "object" }, - "AWS::Lex::BotAlias.S3BucketLogDestination": { + "AWS::IoTSiteWise::Gateway.SiemensIE": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", - "title": "KmsKeyArn", - "type": "string" - }, - "LogPrefix": { - "markdownDescription": "The S3 prefix to assign to audio log files.", - "title": "LogPrefix", - "type": "string" - }, - "S3BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", - "title": "S3BucketArn", + "IotCoreThingName": { + "markdownDescription": "The name of the AWS IoT Thing for your AWS IoT SiteWise Edge gateway.", + "title": "IotCoreThingName", "type": "string" } }, "required": [ - "LogPrefix", - "S3BucketArn" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.SentimentAnalysisSettings": { - "additionalProperties": false, - "properties": { - "DetectSentiment": { - "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", - "title": "DetectSentiment", - "type": "boolean" - } - }, - "required": [ - "DetectSentiment" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.TextLogDestination": { - "additionalProperties": false, - "properties": { - "CloudWatch": { - "$ref": "#/definitions/AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", - "title": "CloudWatch" - } - }, - "required": [ - "CloudWatch" - ], - "type": "object" - }, - "AWS::Lex::BotAlias.TextLogSetting": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogDestination", - "markdownDescription": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Determines whether conversation logs should be stored for an alias.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Destination", - "Enabled" + "IotCoreThingName" ], "type": "object" }, - "AWS::Lex::BotVersion": { + "AWS::IoTSiteWise::Portal": { "additionalProperties": false, "properties": { "Condition": { @@ -146189,34 +156119,76 @@ "Properties": { "additionalProperties": false, "properties": { - "BotId": { - "markdownDescription": "The unique identifier of the bot.", - "title": "BotId", + "Alarms": { + "$ref": "#/definitions/AWS::IoTSiteWise::Portal.Alarms", + "markdownDescription": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see [Monitoring with alarms](https://docs.aws.amazon.com/iot-sitewise/latest/appguide/monitor-alarms.html) in the *AWS IoT SiteWise Application Guide* .", + "title": "Alarms" + }, + "NotificationSenderEmail": { + "markdownDescription": "The email address that sends alarm notifications.\n\n> If you use the [AWS IoT Events managed Lambda function](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) to manage your emails, you must [verify the sender email address in Amazon SES](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html) .", + "title": "NotificationSenderEmail", "type": "string" }, - "BotVersionLocaleSpecification": { - "items": { - "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleSpecification" + "PortalAuthMode": { + "markdownDescription": "The service to use to authenticate users to the portal. Choose from the following options:\n\n- `SSO` \u2013 The portal uses AWS IAM Identity Center to authenticate users and manage user permissions. Before you can create a portal that uses IAM Identity Center, you must enable IAM Identity Center. For more information, see [Enabling IAM Identity Center](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-get-started.html#mon-gs-sso) in the *AWS IoT SiteWise User Guide* . This option is only available in AWS Regions other than the China Regions.\n- `IAM` \u2013 The portal uses AWS Identity and Access Management to authenticate users and manage user permissions.\n\nYou can't change this value after you create a portal.\n\nDefault: `SSO`", + "title": "PortalAuthMode", + "type": "string" + }, + "PortalContactEmail": { + "markdownDescription": "The AWS administrator's contact email address.", + "title": "PortalContactEmail", + "type": "string" + }, + "PortalDescription": { + "markdownDescription": "A description for the portal.", + "title": "PortalDescription", + "type": "string" + }, + "PortalName": { + "markdownDescription": "A friendly name for the portal.", + "title": "PortalName", + "type": "string" + }, + "PortalType": { + "markdownDescription": "Define the type of portal. The value for AWS IoT SiteWise Monitor (Classic) is `SITEWISE_PORTAL_V1` . The value for AWS IoT SiteWise Monitor (AI-aware) is `SITEWISE_PORTAL_V2` .", + "title": "PortalType", + "type": "string" + }, + "PortalTypeConfiguration": { + "additionalProperties": false, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTSiteWise::Portal.PortalTypeEntry" + } }, - "markdownDescription": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.", - "title": "BotVersionLocaleSpecification", - "type": "array" + "title": "PortalTypeConfiguration", + "type": "object" }, - "Description": { - "markdownDescription": "The description of the version.", - "title": "Description", + "RoleArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf. For more information, see [Using service roles for AWS IoT SiteWise Monitor](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-service-role.html) in the *AWS IoT SiteWise User Guide* .", + "title": "RoleArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the portal. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "BotId", - "BotVersionLocaleSpecification" + "PortalContactEmail", + "PortalName", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::BotVersion" + "AWS::IoTSiteWise::Portal" ], "type": "string" }, @@ -146235,41 +156207,40 @@ ], "type": "object" }, - "AWS::Lex::BotVersion.BotVersionLocaleDetails": { + "AWS::IoTSiteWise::Portal.Alarms": { "additionalProperties": false, "properties": { - "SourceBotVersion": { - "markdownDescription": "The version of a bot used for a bot locale.", - "title": "SourceBotVersion", + "AlarmRoleArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events .", + "title": "AlarmRoleArn", + "type": "string" + }, + "NotificationLambdaArn": { + "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Lambda function that manages alarm notifications. For more information, see [Managing alarm notifications](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) in the *AWS IoT Events Developer Guide* .", + "title": "NotificationLambdaArn", "type": "string" } }, - "required": [ - "SourceBotVersion" - ], "type": "object" }, - "AWS::Lex::BotVersion.BotVersionLocaleSpecification": { + "AWS::IoTSiteWise::Portal.PortalTypeEntry": { "additionalProperties": false, "properties": { - "BotVersionLocaleDetails": { - "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleDetails", - "markdownDescription": "The version of a bot used for a bot locale.", - "title": "BotVersionLocaleDetails" - }, - "LocaleId": { - "markdownDescription": "The identifier of the locale to add to the version.", - "title": "LocaleId", - "type": "string" + "PortalTools": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of tools associated with the specified portal type. The possible values are `ASSISTANT` and `DASHBOARD` .", + "title": "PortalTools", + "type": "array" } }, "required": [ - "BotVersionLocaleDetails", - "LocaleId" + "PortalTools" ], "type": "object" }, - "AWS::Lex::ResourcePolicy": { + "AWS::IoTSiteWise::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -146304,26 +156275,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception.", - "title": "Policy", - "type": "object" + "AssetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list that contains the IDs of each asset associated with the project.", + "title": "AssetIds", + "type": "array" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to.", - "title": "ResourceArn", + "PortalId": { + "markdownDescription": "The ID of the portal in which to create the project.", + "title": "PortalId", + "type": "string" + }, + "ProjectDescription": { + "markdownDescription": "A description for the project.", + "title": "ProjectDescription", + "type": "string" + }, + "ProjectName": { + "markdownDescription": "A friendly name for the project.", + "title": "ProjectName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that contain metadata for the project. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", + "title": "Tags", + "type": "array" } }, "required": [ - "Policy", - "ResourceArn" + "PortalId", + "ProjectName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lex::ResourcePolicy" + "AWS::IoTSiteWise::Project" ], "type": "string" }, @@ -146342,7 +156334,7 @@ ], "type": "object" }, - "AWS::LicenseManager::Grant": { + "AWS::IoTThingsGraph::FlowTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -146377,48 +156369,21 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedOperations": { - "items": { - "type": "string" - }, - "markdownDescription": "Allowed operations for the grant.", - "title": "AllowedOperations", - "type": "array" - }, - "GrantName": { - "markdownDescription": "Grant name.", - "title": "GrantName", - "type": "string" - }, - "HomeRegion": { - "markdownDescription": "Home Region of the grant.", - "title": "HomeRegion", - "type": "string" - }, - "LicenseArn": { - "markdownDescription": "License ARN.", - "title": "LicenseArn", - "type": "string" + "CompatibleNamespaceVersion": { + "type": "number" }, - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization.", - "title": "Principals", - "type": "array" - }, - "Status": { - "markdownDescription": "Granted license status.", - "title": "Status", - "type": "string" + "Definition": { + "$ref": "#/definitions/AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument" } }, + "required": [ + "Definition" + ], "type": "object" }, "Type": { "enum": [ - "AWS::LicenseManager::Grant" + "AWS::IoTThingsGraph::FlowTemplate" ], "type": "string" }, @@ -146432,11 +156397,28 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::LicenseManager::License": { + "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { + "additionalProperties": false, + "properties": { + "Language": { + "type": "string" + }, + "Text": { + "type": "string" + } + }, + "required": [ + "Language", + "Text" + ], + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType": { "additionalProperties": false, "properties": { "Condition": { @@ -146471,82 +156453,99 @@ "Properties": { "additionalProperties": false, "properties": { - "Beneficiary": { - "markdownDescription": "License beneficiary.", - "title": "Beneficiary", + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", "type": "string" }, - "ConsumptionConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.ConsumptionConfiguration", - "markdownDescription": "Configuration for consumption of the license.", - "title": "ConsumptionConfiguration" - }, - "Entitlements": { - "items": { - "$ref": "#/definitions/AWS::LicenseManager::License.Entitlement" + "CompositeComponentTypes": { + "additionalProperties": false, + "markdownDescription": "Maps strings to `compositeComponentTypes` of the `componentType` . `CompositeComponentType` is referenced by `componentTypeId` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.CompositeComponentType" + } }, - "markdownDescription": "License entitlements.", - "title": "Entitlements", - "type": "array" + "title": "CompositeComponentTypes", + "type": "object" }, - "HomeRegion": { - "markdownDescription": "Home Region of the license.", - "title": "HomeRegion", + "Description": { + "markdownDescription": "The description of the component type.", + "title": "Description", "type": "string" }, - "Issuer": { - "$ref": "#/definitions/AWS::LicenseManager::License.IssuerData", - "markdownDescription": "License issuer.", - "title": "Issuer" - }, - "LicenseMetadata": { + "ExtendsFrom": { "items": { - "$ref": "#/definitions/AWS::LicenseManager::License.Metadata" + "type": "string" }, - "markdownDescription": "License metadata.", - "title": "LicenseMetadata", + "markdownDescription": "The name of the parent component type that this component type extends.", + "title": "ExtendsFrom", "type": "array" }, - "LicenseName": { - "markdownDescription": "License name.", - "title": "LicenseName", - "type": "string" + "Functions": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the functions in the component type. Each string in the mapping must be unique to this object.\n\nFor information on the FunctionResponse object see the [FunctionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_FunctionResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Function" + } + }, + "title": "Functions", + "type": "object" }, - "ProductName": { - "markdownDescription": "Product name.", - "title": "ProductName", - "type": "string" + "IsSingleton": { + "markdownDescription": "A boolean value that specifies whether an entity can have more than one component of this type.", + "title": "IsSingleton", + "type": "boolean" }, - "ProductSKU": { - "markdownDescription": "Product SKU.", - "title": "ProductSKU", - "type": "string" + "PropertyDefinitions": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property definitions in the component type. Each string in the mapping must be unique to this object.\n\nFor information about the PropertyDefinitionResponse object, see the [PropertyDefinitionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_PropertyDefinitionResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyDefinition" + } + }, + "title": "PropertyDefinitions", + "type": "object" }, - "Status": { - "markdownDescription": "License status.", - "title": "Status", - "type": "string" + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" }, - "Validity": { - "$ref": "#/definitions/AWS::LicenseManager::License.ValidityDateFormat", - "markdownDescription": "Date and time range during which the license is valid, in ISO8601-UTC format.", - "title": "Validity" + "Tags": { + "additionalProperties": true, + "markdownDescription": "The ComponentType tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the component type.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "ConsumptionConfiguration", - "Entitlements", - "HomeRegion", - "Issuer", - "LicenseName", - "ProductName", - "Validity" + "ComponentTypeId", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::LicenseManager::License" + "AWS::IoTTwinMaker::ComponentType" ], "type": "string" }, @@ -146565,412 +156564,299 @@ ], "type": "object" }, - "AWS::LicenseManager::License.BorrowConfiguration": { + "AWS::IoTTwinMaker::ComponentType.CompositeComponentType": { "additionalProperties": false, "properties": { - "AllowEarlyCheckIn": { - "markdownDescription": "Indicates whether early check-ins are allowed.", - "title": "AllowEarlyCheckIn", - "type": "boolean" - }, - "MaxTimeToLiveInMinutes": { - "markdownDescription": "Maximum time for the borrow configuration, in minutes.", - "title": "MaxTimeToLiveInMinutes", - "type": "number" + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", + "type": "string" } }, - "required": [ - "AllowEarlyCheckIn", - "MaxTimeToLiveInMinutes" - ], "type": "object" }, - "AWS::LicenseManager::License.ConsumptionConfiguration": { + "AWS::IoTTwinMaker::ComponentType.DataConnector": { "additionalProperties": false, "properties": { - "BorrowConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.BorrowConfiguration", - "markdownDescription": "Details about a borrow configuration.", - "title": "BorrowConfiguration" - }, - "ProvisionalConfiguration": { - "$ref": "#/definitions/AWS::LicenseManager::License.ProvisionalConfiguration", - "markdownDescription": "Details about a provisional configuration.", - "title": "ProvisionalConfiguration" + "IsNative": { + "markdownDescription": "A boolean value that specifies whether the data connector is native to IoT TwinMaker.", + "title": "IsNative", + "type": "boolean" }, - "RenewType": { - "markdownDescription": "Renewal frequency.", - "title": "RenewType", - "type": "string" + "Lambda": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.LambdaFunction", + "markdownDescription": "The Lambda function associated with the data connector.", + "title": "Lambda" } }, "type": "object" }, - "AWS::LicenseManager::License.Entitlement": { + "AWS::IoTTwinMaker::ComponentType.DataType": { "additionalProperties": false, "properties": { - "AllowCheckIn": { - "markdownDescription": "Indicates whether check-ins are allowed.", - "title": "AllowCheckIn", - "type": "boolean" - }, - "MaxCount": { - "markdownDescription": "Maximum entitlement count. Use if the unit is not None.", - "title": "MaxCount", - "type": "number" + "AllowedValues": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + }, + "markdownDescription": "The allowed values for this data type.", + "title": "AllowedValues", + "type": "array" }, - "Name": { - "markdownDescription": "Entitlement name.", - "title": "Name", - "type": "string" + "NestedType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", + "markdownDescription": "The nested type in the data type.", + "title": "NestedType" }, - "Overage": { - "markdownDescription": "Indicates whether overages are allowed.", - "title": "Overage", - "type": "boolean" + "Relationship": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Relationship", + "markdownDescription": "A relationship that associates a component with another component.", + "title": "Relationship" }, - "Unit": { - "markdownDescription": "Entitlement unit.", - "title": "Unit", + "Type": { + "markdownDescription": "The underlying type of the data type.\n\nValid Values: `RELATIONSHIP | STRING | LONG | BOOLEAN | INTEGER | DOUBLE | LIST | MAP`", + "title": "Type", "type": "string" }, - "Value": { - "markdownDescription": "Entitlement resource. Use only if the unit is None.", - "title": "Value", + "UnitOfMeasure": { + "markdownDescription": "The unit of measure used in this data type.", + "title": "UnitOfMeasure", "type": "string" } }, "required": [ - "Name", - "Unit" + "Type" ], "type": "object" }, - "AWS::LicenseManager::License.IssuerData": { + "AWS::IoTTwinMaker::ComponentType.DataValue": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Issuer name.", - "title": "Name", + "BooleanValue": { + "markdownDescription": "A boolean value.", + "title": "BooleanValue", + "type": "boolean" + }, + "DoubleValue": { + "markdownDescription": "A double value.", + "title": "DoubleValue", + "type": "number" + }, + "Expression": { + "markdownDescription": "An expression that produces the value.", + "title": "Expression", "type": "string" }, - "SignKey": { - "markdownDescription": "Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm.", - "title": "SignKey", + "IntegerValue": { + "markdownDescription": "An integer value.", + "title": "IntegerValue", + "type": "number" + }, + "ListValue": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + }, + "markdownDescription": "A list of multiple values.", + "title": "ListValue", + "type": "array" + }, + "LongValue": { + "markdownDescription": "A long value.", + "title": "LongValue", + "type": "number" + }, + "MapValue": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to multiple `DataValue` objects.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" + } + }, + "title": "MapValue", + "type": "object" + }, + "RelationshipValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.RelationshipValue", + "markdownDescription": "A value that relates a component to another component.", + "title": "RelationshipValue" + }, + "StringValue": { + "markdownDescription": "A string value.", + "title": "StringValue", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::LicenseManager::License.Metadata": { + "AWS::IoTTwinMaker::ComponentType.Error": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The key name.", - "title": "Name", + "Code": { + "markdownDescription": "The component type error code.", + "title": "Code", "type": "string" }, - "Value": { - "markdownDescription": "The value.", - "title": "Value", + "Message": { + "markdownDescription": "The component type error message.", + "title": "Message", "type": "string" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::LicenseManager::License.ProvisionalConfiguration": { + "AWS::IoTTwinMaker::ComponentType.Function": { "additionalProperties": false, "properties": { - "MaxTimeToLiveInMinutes": { - "markdownDescription": "Maximum time for the provisional configuration, in minutes.", - "title": "MaxTimeToLiveInMinutes", - "type": "number" + "ImplementedBy": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataConnector", + "markdownDescription": "The data connector.", + "title": "ImplementedBy" + }, + "RequiredProperties": { + "items": { + "type": "string" + }, + "markdownDescription": "The required properties of the function.", + "title": "RequiredProperties", + "type": "array" + }, + "Scope": { + "markdownDescription": "The scope of the function.", + "title": "Scope", + "type": "string" } }, - "required": [ - "MaxTimeToLiveInMinutes" - ], "type": "object" }, - "AWS::LicenseManager::License.ValidityDateFormat": { + "AWS::IoTTwinMaker::ComponentType.LambdaFunction": { "additionalProperties": false, "properties": { - "Begin": { - "markdownDescription": "Start of the time range.", - "title": "Begin", - "type": "string" - }, - "End": { - "markdownDescription": "End of the time range.", - "title": "End", + "Arn": { + "markdownDescription": "The Lambda function ARN.", + "title": "Arn", "type": "string" } }, "required": [ - "Begin", - "End" + "Arn" ], "type": "object" }, - "AWS::Lightsail::Alarm": { + "AWS::IoTTwinMaker::ComponentType.PropertyDefinition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlarmName": { - "markdownDescription": "The name of the alarm.", - "title": "AlarmName", - "type": "string" - }, - "ComparisonOperator": { - "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold.", - "title": "ComparisonOperator", - "type": "string" - }, - "ContactProtocols": { - "items": { - "type": "string" - }, - "markdownDescription": "The contact protocols for the alarm, such as `Email` , `SMS` (text messaging), or both.\n\n*Allowed Values* : `Email` | `SMS`", - "title": "ContactProtocols", - "type": "array" - }, - "DatapointsToAlarm": { - "markdownDescription": "The number of data points within the evaluation periods that must be breaching to cause the alarm to go to the `ALARM` state.", - "title": "DatapointsToAlarm", - "type": "number" - }, - "EvaluationPeriods": { - "markdownDescription": "The number of periods over which data is compared to the specified threshold.", - "title": "EvaluationPeriods", - "type": "number" - }, - "MetricName": { - "markdownDescription": "The name of the metric associated with the alarm.", - "title": "MetricName", - "type": "string" - }, - "MonitoredResourceName": { - "markdownDescription": "The name of the Lightsail resource that the alarm monitors.", - "title": "MonitoredResourceName", - "type": "string" - }, - "NotificationEnabled": { - "markdownDescription": "A Boolean value indicating whether the alarm is enabled.", - "title": "NotificationEnabled", - "type": "boolean" - }, - "NotificationTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "The alarm states that trigger a notification.\n\n> To specify the `OK` and `INSUFFICIENT_DATA` values, you must also specify `ContactProtocols` values. Otherwise, the `OK` and `INSUFFICIENT_DATA` values will not take effect and the stack will drift. \n\n*Allowed Values* : `OK` | `ALARM` | `INSUFFICIENT_DATA`", - "title": "NotificationTriggers", - "type": "array" - }, - "Threshold": { - "markdownDescription": "The value against which the specified statistic is compared.", - "title": "Threshold", - "type": "number" - }, - "TreatMissingData": { - "markdownDescription": "Specifies how the alarm handles missing data points.\n\nAn alarm can treat missing data in the following ways:\n\n- `breaching` - Assumes the missing data is not within the threshold. Missing data counts towards the number of times that the metric is not within the threshold.\n- `notBreaching` - Assumes the missing data is within the threshold. Missing data does not count towards the number of times that the metric is not within the threshold.\n- `ignore` - Ignores the missing data. Maintains the current alarm state.\n- `missing` - Missing data is treated as missing.", - "title": "TreatMissingData", + "Configurations": { + "additionalProperties": true, + "markdownDescription": "A mapping that specifies configuration information about the property.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "AlarmName", - "ComparisonOperator", - "EvaluationPeriods", - "MetricName", - "MonitoredResourceName", - "Threshold" - ], + "title": "Configurations", "type": "object" }, - "Type": { - "enum": [ - "AWS::Lightsail::Alarm" - ], - "type": "string" + "DataType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", + "markdownDescription": "", + "title": "DataType" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DefaultValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue", + "markdownDescription": "A boolean value that specifies whether the property ID comes from an external data store.", + "title": "DefaultValue" + }, + "IsExternalId": { + "markdownDescription": "A Boolean value that specifies whether the property ID comes from an external data source.", + "title": "IsExternalId", + "type": "boolean" + }, + "IsRequiredInEntity": { + "markdownDescription": "A boolean value that specifies whether the property is required in an entity.", + "title": "IsRequiredInEntity", + "type": "boolean" + }, + "IsStoredExternally": { + "markdownDescription": "A boolean value that specifies whether the property is stored externally.", + "title": "IsStoredExternally", + "type": "boolean" + }, + "IsTimeSeries": { + "markdownDescription": "A boolean value that specifies whether the property consists of time series data.", + "title": "IsTimeSeries", + "type": "boolean" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Lightsail::Bucket": { + "AWS::IoTTwinMaker::ComponentType.PropertyGroup": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "GroupType": { + "markdownDescription": "The group type.", + "title": "GroupType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessRules": { - "$ref": "#/definitions/AWS::Lightsail::Bucket.AccessRules", - "markdownDescription": "An object that describes the access rules for the bucket.", - "title": "AccessRules" - }, - "BucketName": { - "markdownDescription": "The name of the bucket.", - "title": "BucketName", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle ID for the bucket (for example, `small_1_0` ).\n\nA bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket.", - "title": "BundleId", - "type": "string" - }, - "ObjectVersioning": { - "markdownDescription": "Indicates whether object versioning is enabled for the bucket.\n\nThe following options can be configured:\n\n- `Enabled` - Object versioning is enabled.\n- `Suspended` - Object versioning was previously enabled but is currently suspended. Existing object versions are retained.\n- `NeverEnabled` - Object versioning has never been enabled.", - "title": "ObjectVersioning", - "type": "boolean" - }, - "ReadOnlyAccessAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of AWS account IDs that have read-only access to the bucket.", - "title": "ReadOnlyAccessAccounts", - "type": "array" - }, - "ResourcesReceivingAccess": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of Lightsail instances that have access to the bucket.", - "title": "ResourcesReceivingAccess", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" - } + "PropertyNames": { + "items": { + "type": "string" }, - "required": [ - "BucketName", - "BundleId" - ], - "type": "object" + "markdownDescription": "The property names.", + "title": "PropertyNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.Relationship": { + "additionalProperties": false, + "properties": { + "RelationshipType": { + "markdownDescription": "The type of the relationship.", + "title": "RelationshipType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Lightsail::Bucket" - ], + "TargetComponentTypeId": { + "markdownDescription": "The ID of the target component type associated with this relationship.", + "title": "TargetComponentTypeId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::ComponentType.RelationshipValue": { + "additionalProperties": false, + "properties": { + "TargetComponentName": { + "markdownDescription": "The target component name.", + "title": "TargetComponentName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TargetEntityId": { + "markdownDescription": "The target entity Id.", + "title": "TargetEntityId", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Lightsail::Bucket.AccessRules": { + "AWS::IoTTwinMaker::ComponentType.Status": { "additionalProperties": false, "properties": { - "AllowPublicOverrides": { - "markdownDescription": "A Boolean value indicating whether the access control list (ACL) permissions that are applied to individual objects override the `GetObject` option that is currently specified.\n\nWhen this is true, you can use the [PutObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html) Amazon S3 API operation to set individual objects to public (read-only) or private, using either the `public-read` ACL or the `private` ACL.", - "title": "AllowPublicOverrides", - "type": "boolean" + "Error": { + "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Error", + "markdownDescription": "The component type error.", + "title": "Error" }, - "GetObject": { - "markdownDescription": "Specifies the anonymous access to all objects in a bucket.\n\nThe following options can be specified:\n\n- `public` - Sets all objects in the bucket to public (read-only), making them readable by everyone on the internet.\n\nIf the `GetObject` value is set to `public` , then all objects in the bucket default to public regardless of the `allowPublicOverrides` value.\n- `private` - Sets all objects in the bucket to private, making them readable only by you and anyone that you grant access to.\n\nIf the `GetObject` value is set to `private` , and the `allowPublicOverrides` value is set to `true` , then all objects in the bucket default to private unless they are configured with a `public-read` ACL. Individual objects with a `public-read` ACL are readable by everyone on the internet.", - "title": "GetObject", + "State": { + "markdownDescription": "The component type status state.", + "title": "State", "type": "string" } }, "type": "object" }, - "AWS::Lightsail::Certificate": { + "AWS::IoTTwinMaker::Entity": { "additionalProperties": false, "properties": { "Condition": { @@ -147005,42 +156891,74 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateName": { - "markdownDescription": "The name of the certificate.", - "title": "CertificateName", + "Components": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the components in the entity. Each string in the mapping must be unique to this object.\n\nFor information on the component object see the [component](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_ComponentResponse.html) API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Component" + } + }, + "title": "Components", + "type": "object" + }, + "CompositeComponents": { + "additionalProperties": false, + "markdownDescription": "Maps string to `compositeComponent` updates in the request. Each key of the map represents the `componentPath` of the `compositeComponent` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.CompositeComponent" + } + }, + "title": "CompositeComponents", + "type": "object" + }, + "Description": { + "markdownDescription": "The description of the entity.", + "title": "Description", "type": "string" }, - "DomainName": { - "markdownDescription": "The domain name of the certificate.", - "title": "DomainName", + "EntityId": { + "markdownDescription": "The ID of the entity.", + "title": "EntityId", "type": "string" }, - "SubjectAlternativeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings that specify the alternate domains (such as `example.org` ) and subdomains (such as `blog.example.com` ) of the certificate.", - "title": "SubjectAlternativeNames", - "type": "array" + "EntityName": { + "markdownDescription": "The entity name.", + "title": "EntityName", + "type": "string" + }, + "ParentEntityId": { + "markdownDescription": "The ID of the parent entity.", + "title": "ParentEntityId", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Metadata that you can use to manage the entity.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", - "type": "array" + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the entity.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "CertificateName", - "DomainName" + "EntityName", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Certificate" + "AWS::IoTTwinMaker::Entity" ], "type": "string" }, @@ -147059,311 +156977,368 @@ ], "type": "object" }, - "AWS::Lightsail::Container": { + "AWS::IoTTwinMaker::Entity.Component": { "additionalProperties": false, "properties": { - "Condition": { + "ComponentName": { + "markdownDescription": "The name of the component.", + "title": "ComponentName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ComponentTypeId": { + "markdownDescription": "The ID of the component type.", + "title": "ComponentTypeId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DefinedIn": { + "markdownDescription": "The name of the property definition set in the request.", + "title": "DefinedIn", + "type": "string" }, - "Metadata": { - "type": "object" + "Description": { + "markdownDescription": "The description of the component.", + "title": "Description", + "type": "string" }, "Properties": { "additionalProperties": false, - "properties": { - "ContainerServiceDeployment": { - "$ref": "#/definitions/AWS::Lightsail::Container.ContainerServiceDeployment", - "markdownDescription": "An object that describes the current container deployment of the container service.", - "title": "ContainerServiceDeployment" - }, - "IsDisabled": { - "markdownDescription": "A Boolean value indicating whether the container service is disabled.", - "title": "IsDisabled", - "type": "boolean" - }, - "Power": { - "markdownDescription": "The power specification of the container service.\n\nThe power specifies the amount of RAM, the number of vCPUs, and the base price of the container service.", - "title": "Power", - "type": "string" - }, - "PrivateRegistryAccess": { - "$ref": "#/definitions/AWS::Lightsail::Container.PrivateRegistryAccess", - "markdownDescription": "An object that describes the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry ( Amazon ECR ) private repositories.\n\nFor more information, see [Configuring access to an Amazon ECR private repository for an Amazon Lightsail container service](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-container-service-ecr-private-repo-access) in the *Amazon Lightsail Developer Guide* .", - "title": "PrivateRegistryAccess" - }, - "PublicDomainNames": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.PublicDomainName" - }, - "markdownDescription": "The public domain name of the container service, such as `example.com` and `www.example.com` .\n\nYou can specify up to four public domain names for a container service. The domain names that you specify are used when you create a deployment with a container that is configured as the public endpoint of your container service.\n\nIf you don't specify public domain names, then you can use the default domain of the container service.\n\n> You must create and validate an SSL/TLS certificate before you can use public domain names with your container service. Use the [AWS::Lightsail::Certificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-certificate.html) resource to create a certificate for the public domain names that you want to use with your container service.", - "title": "PublicDomainNames", - "type": "array" - }, - "Scale": { - "markdownDescription": "The scale specification of the container service.\n\nThe scale specifies the allocated compute nodes of the container service.", - "title": "Scale", - "type": "number" - }, - "ServiceName": { - "markdownDescription": "The name of the container service.", - "title": "ServiceName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", - "title": "Tags", - "type": "array" + "markdownDescription": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" } }, - "required": [ - "Power", - "Scale", - "ServiceName" - ], + "title": "Properties", "type": "object" }, - "Type": { - "enum": [ - "AWS::Lightsail::Container" - ], - "type": "string" + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Status": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", + "markdownDescription": "The status of the component.", + "title": "Status" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Lightsail::Container.Container": { + "AWS::IoTTwinMaker::Entity.CompositeComponent": { "additionalProperties": false, "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The launch command for the container.", - "title": "Command", - "type": "array" + "ComponentName": { + "markdownDescription": "The name of the component.", + "title": "ComponentName", + "type": "string" }, - "ContainerName": { - "markdownDescription": "The name of the container.", - "title": "ContainerName", + "ComponentPath": { + "markdownDescription": "The path to the composite component, starting from the top-level component.", + "title": "ComponentPath", "type": "string" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.EnvironmentVariable" - }, - "markdownDescription": "The environment variables of the container.", - "title": "Environment", - "type": "array" + "ComponentTypeId": { + "markdownDescription": "The ID of the composite component type.", + "title": "ComponentTypeId", + "type": "string" }, - "Image": { - "markdownDescription": "The name of the image used for the container.\n\nContainer images that are sourced from (registered and stored on) your container service start with a colon ( `:` ). For example, if your container service name is `container-service-1` , the container image label is `mystaticsite` , and you want to use the third version ( `3` ) of the registered container image, then you should specify `:container-service-1.mystaticsite.3` . To use the latest version of a container image, specify `latest` instead of a version number (for example, `:container-service-1.mystaticsite.latest` ). Your container service will automatically use the highest numbered version of the registered container image.\n\nContainer images that are sourced from a public registry like Docker Hub don\u2019t start with a colon. For example, `nginx:latest` or `nginx` .", - "title": "Image", + "Description": { + "markdownDescription": "The description of the component type.", + "title": "Description", "type": "string" }, - "Ports": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.PortInfo" + "Properties": { + "additionalProperties": false, + "markdownDescription": "Map of strings to the properties in the component type. Each string in the mapping must be unique to this component.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" + } }, - "markdownDescription": "An object that describes the open firewall ports and protocols of the container.", - "title": "Ports", - "type": "array" + "title": "Properties", + "type": "object" + }, + "PropertyGroups": { + "additionalProperties": false, + "markdownDescription": "The property groups.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" + } + }, + "title": "PropertyGroups", + "type": "object" + }, + "Status": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", + "markdownDescription": "The current status of the composite component.", + "title": "Status" } }, "type": "object" }, - "AWS::Lightsail::Container.ContainerServiceDeployment": { + "AWS::IoTTwinMaker::Entity.DataType": { "additionalProperties": false, "properties": { - "Containers": { + "AllowedValues": { "items": { - "$ref": "#/definitions/AWS::Lightsail::Container.Container" + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" }, - "markdownDescription": "An object that describes the configuration for the containers of the deployment.", - "title": "Containers", + "markdownDescription": "The allowed values.", + "title": "AllowedValues", "type": "array" }, - "PublicEndpoint": { - "$ref": "#/definitions/AWS::Lightsail::Container.PublicEndpoint", - "markdownDescription": "An object that describes the endpoint of the deployment.", - "title": "PublicEndpoint" - } - }, - "type": "object" - }, - "AWS::Lightsail::Container.EcrImagePullerRole": { - "additionalProperties": false, - "properties": { - "IsActive": { - "markdownDescription": "A boolean value that indicates whether the `ECRImagePullerRole` is active.", - "title": "IsActive", - "type": "boolean" + "NestedType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", + "markdownDescription": "The nested type.", + "title": "NestedType" }, - "PrincipalArn": { - "markdownDescription": "The principle Amazon Resource Name (ARN) of the role. This property is read-only.", - "title": "PrincipalArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Container.EnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The environment variable value.", - "title": "Value", + "Relationship": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Relationship", + "markdownDescription": "The relationship.", + "title": "Relationship" + }, + "Type": { + "markdownDescription": "The entity type.", + "title": "Type", "type": "string" }, - "Variable": { - "markdownDescription": "The environment variable key.", - "title": "Variable", + "UnitOfMeasure": { + "markdownDescription": "The unit of measure.", + "title": "UnitOfMeasure", "type": "string" } }, "type": "object" }, - "AWS::Lightsail::Container.HealthCheckConfig": { + "AWS::IoTTwinMaker::Entity.DataValue": { "additionalProperties": false, "properties": { - "HealthyThreshold": { - "markdownDescription": "The number of consecutive health check successes required before moving the container to the `Healthy` state. The default value is `2` .", - "title": "HealthyThreshold", - "type": "number" + "BooleanValue": { + "markdownDescription": "A boolean value.", + "title": "BooleanValue", + "type": "boolean" }, - "IntervalSeconds": { - "markdownDescription": "The approximate interval, in seconds, between health checks of an individual container. You can specify between `5` and `300` seconds. The default value is `5` .", - "title": "IntervalSeconds", + "DoubleValue": { + "markdownDescription": "A double value.", + "title": "DoubleValue", "type": "number" }, - "Path": { - "markdownDescription": "The path on the container on which to perform the health check. The default value is `/` .", - "title": "Path", - "type": "string" - }, - "SuccessCodes": { - "markdownDescription": "The HTTP codes to use when checking for a successful response from a container. You can specify values between `200` and `499` . You can specify multiple values (for example, `200,202` ) or a range of values (for example, `200-299` ).", - "title": "SuccessCodes", + "Expression": { + "markdownDescription": "An expression that produces the value.", + "title": "Expression", "type": "string" }, - "TimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check. You can specify between `2` and `60` seconds. The default value is `2` .", - "title": "TimeoutSeconds", + "IntegerValue": { + "markdownDescription": "An integer value.", + "title": "IntegerValue", "type": "number" }, - "UnhealthyThreshold": { - "markdownDescription": "The number of consecutive health check failures required before moving the container to the `Unhealthy` state. The default value is `2` .", - "title": "UnhealthyThreshold", + "ListValue": { + "items": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + }, + "markdownDescription": "A list of multiple values.", + "title": "ListValue", + "type": "array" + }, + "LongValue": { + "markdownDescription": "A long value.", + "title": "LongValue", "type": "number" + }, + "MapValue": { + "additionalProperties": false, + "markdownDescription": "An object that maps strings to multiple DataValue objects.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" + } + }, + "title": "MapValue", + "type": "object" + }, + "RelationshipValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.RelationshipValue", + "markdownDescription": "A value that relates a component to another component.", + "title": "RelationshipValue" + }, + "StringValue": { + "markdownDescription": "A string value.", + "title": "StringValue", + "type": "string" } }, "type": "object" }, - "AWS::Lightsail::Container.PortInfo": { + "AWS::IoTTwinMaker::Entity.Definition": { "additionalProperties": false, "properties": { - "Port": { - "markdownDescription": "The open firewall ports of the container.", - "title": "Port", + "Configuration": { + "additionalProperties": true, + "markdownDescription": "The configuration.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Configuration", + "type": "object" + }, + "DataType": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", + "markdownDescription": "The data type", + "title": "DataType" + }, + "DefaultValue": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", + "markdownDescription": "The default value.", + "title": "DefaultValue" + }, + "IsExternalId": { + "markdownDescription": "Displays if the entity has a external Id.", + "title": "IsExternalId", + "type": "boolean" + }, + "IsFinal": { + "markdownDescription": "Displays if the entity is final.", + "title": "IsFinal", + "type": "boolean" + }, + "IsImported": { + "markdownDescription": "Displays if the entity is imported.", + "title": "IsImported", + "type": "boolean" + }, + "IsInherited": { + "markdownDescription": "Displays if the entity is inherited.", + "title": "IsInherited", + "type": "boolean" + }, + "IsRequiredInEntity": { + "markdownDescription": "Displays if the entity is a required entity.", + "title": "IsRequiredInEntity", + "type": "boolean" + }, + "IsStoredExternally": { + "markdownDescription": "Displays if the entity is tored externally.", + "title": "IsStoredExternally", + "type": "boolean" + }, + "IsTimeSeries": { + "markdownDescription": "Displays if the entity", + "title": "IsTimeSeries", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.Error": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The entity error code.", + "title": "Code", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol name for the open ports.\n\n*Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP`", - "title": "Protocol", + "Message": { + "markdownDescription": "The entity error message.", + "title": "Message", "type": "string" } }, "type": "object" }, - "AWS::Lightsail::Container.PrivateRegistryAccess": { + "AWS::IoTTwinMaker::Entity.Property": { "additionalProperties": false, "properties": { - "EcrImagePullerRole": { - "$ref": "#/definitions/AWS::Lightsail::Container.EcrImagePullerRole", - "markdownDescription": "An object that describes the activation status of the role that you can use to grant a Lightsail container service access to Amazon ECR private repositories. If the role is activated, the Amazon Resource Name (ARN) of the role is also listed.", - "title": "EcrImagePullerRole" + "Definition": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Definition", + "markdownDescription": "An object that specifies information about a property.", + "title": "Definition" + }, + "Value": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", + "markdownDescription": "An object that contains information about a value for a time series property.", + "title": "Value" } }, "type": "object" }, - "AWS::Lightsail::Container.PublicDomainName": { + "AWS::IoTTwinMaker::Entity.PropertyGroup": { "additionalProperties": false, "properties": { - "CertificateName": { - "markdownDescription": "The name of the certificate for the public domains.", - "title": "CertificateName", + "GroupType": { + "markdownDescription": "The group type.", + "title": "GroupType", "type": "string" }, - "DomainNames": { + "PropertyNames": { "items": { "type": "string" }, - "markdownDescription": "The public domain names to use with the container service.", - "title": "DomainNames", + "markdownDescription": "The property names.", + "title": "PropertyNames", "type": "array" } }, "type": "object" }, - "AWS::Lightsail::Container.PublicEndpoint": { + "AWS::IoTTwinMaker::Entity.Relationship": { "additionalProperties": false, "properties": { - "ContainerName": { - "markdownDescription": "The name of the container entry of the deployment that the endpoint configuration applies to.", - "title": "ContainerName", + "RelationshipType": { + "markdownDescription": "The relationship type.", + "title": "RelationshipType", "type": "string" }, - "ContainerPort": { - "markdownDescription": "The port of the specified container to which traffic is forwarded to.", - "title": "ContainerPort", - "type": "number" + "TargetComponentTypeId": { + "markdownDescription": "the component type Id target.", + "title": "TargetComponentTypeId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Entity.RelationshipValue": { + "additionalProperties": false, + "properties": { + "TargetComponentName": { + "markdownDescription": "The target component name.", + "title": "TargetComponentName", + "type": "string" }, - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::Lightsail::Container.HealthCheckConfig", - "markdownDescription": "An object that describes the health check configuration of the container.", - "title": "HealthCheckConfig" + "TargetEntityId": { + "markdownDescription": "The target entity Id.", + "title": "TargetEntityId", + "type": "string" } }, "type": "object" }, - "AWS::Lightsail::Database": { + "AWS::IoTTwinMaker::Entity.Status": { + "additionalProperties": false, + "properties": { + "Error": { + "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Error", + "markdownDescription": "The error message.", + "title": "Error" + }, + "State": { + "markdownDescription": "The current state of the entity, component, component type, or workspace.\n\nValid Values: `CREATING | UPDATING | DELETING | ACTIVE | ERROR`", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTTwinMaker::Scene": { "additionalProperties": false, "properties": { "Condition": { @@ -147398,100 +157373,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the database.", - "title": "AvailabilityZone", - "type": "string" - }, - "BackupRetention": { - "markdownDescription": "A Boolean value indicating whether automated backup retention is enabled for the database. Data Import Mode is enabled when `BackupRetention` is set to `false` , and is disabled when `BackupRetention` is set to `true` .", - "title": "BackupRetention", - "type": "boolean" - }, - "CaCertificateIdentifier": { - "markdownDescription": "The certificate associated with the database.", - "title": "CaCertificateIdentifier", - "type": "string" - }, - "MasterDatabaseName": { - "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n*MySQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, no database is created in the database resource.\n\nConstraints:\n\n- Must contain 1-64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in MySQL, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , and [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, a database named `postgres` is created in the database resource.\n\nConstraints:\n\n- Must contain 1-63 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in PostgreSQL, see the SQL Key Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", - "title": "MasterDatabaseName", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the primary user of the database. The password can include any printable ASCII character except the following: /, \", or @. It cannot contain spaces.\n\n> The `MasterUserPassword` and `RotateMasterUserPassword` parameters cannot be used together in the same template. \n\n*MySQL*\n\nConstraints: Must contain 8-41 characters.\n\n*PostgreSQL*\n\nConstraints: Must contain 8-128 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The name for the primary user.\n\n*MySQL*\n\nConstraints:\n\n- Required for MySQL.\n- Must be 1-16 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , or [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nConstraints:\n\n- Required for PostgreSQL.\n- Must be 1-63 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", - "title": "MasterUsername", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created for the database (for example, `16:00-16:30` ).", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur for the database, formatted as follows: `ddd:hh24:mi-ddd:hh24:mi` . For example, `Tue:17:00-Tue:17:30` .", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "A Boolean value indicating whether the database is accessible to anyone on the internet.", - "title": "PubliclyAccessible", - "type": "boolean" + "Capabilities": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of capabilities that the scene uses to render.", + "title": "Capabilities", + "type": "array" }, - "RelationalDatabaseBlueprintId": { - "markdownDescription": "The blueprint ID for the database (for example, `mysql_8_0` ).", - "title": "RelationalDatabaseBlueprintId", + "ContentLocation": { + "markdownDescription": "The relative path that specifies the location of the content definition file.", + "title": "ContentLocation", "type": "string" }, - "RelationalDatabaseBundleId": { - "markdownDescription": "The bundle ID for the database (for example, `medium_1_0` ).", - "title": "RelationalDatabaseBundleId", + "Description": { + "markdownDescription": "The description of this scene.", + "title": "Description", "type": "string" }, - "RelationalDatabaseName": { - "markdownDescription": "The name of the instance.", - "title": "RelationalDatabaseName", + "SceneId": { + "markdownDescription": "The ID of the scene.", + "title": "SceneId", "type": "string" }, - "RelationalDatabaseParameters": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Database.RelationalDatabaseParameter" + "SceneMetadata": { + "additionalProperties": true, + "markdownDescription": "The scene metadata.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of parameters for the database.", - "title": "RelationalDatabaseParameters", - "type": "array" - }, - "RotateMasterUserPassword": { - "markdownDescription": "A Boolean value indicating whether to change the primary user password to a new, strong password generated by Lightsail .\n\n> The `RotateMasterUserPassword` and `MasterUserPassword` parameters cannot be used together in the same template.", - "title": "RotateMasterUserPassword", - "type": "boolean" + "title": "SceneMetadata", + "type": "object" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "The ComponentType tags.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", - "type": "array" + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "MasterDatabaseName", - "MasterUsername", - "RelationalDatabaseBlueprintId", - "RelationalDatabaseBundleId", - "RelationalDatabaseName" + "ContentLocation", + "SceneId", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Database" + "AWS::IoTTwinMaker::Scene" ], "type": "string" }, @@ -147510,53 +157452,97 @@ ], "type": "object" }, - "AWS::Lightsail::Database.RelationalDatabaseParameter": { + "AWS::IoTTwinMaker::SyncJob": { "additionalProperties": false, "properties": { - "AllowedValues": { - "markdownDescription": "The valid range of values for the parameter.", - "title": "AllowedValues", - "type": "string" - }, - "ApplyMethod": { - "markdownDescription": "Indicates when parameter updates are applied.\n\nCan be `immediate` or `pending-reboot` .", - "title": "ApplyMethod", + "Condition": { "type": "string" }, - "ApplyType": { - "markdownDescription": "Specifies the engine-specific parameter type.", - "title": "ApplyType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DataType": { - "markdownDescription": "The valid data type of the parameter.", - "title": "DataType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Description": { - "markdownDescription": "A description of the parameter.", - "title": "Description", - "type": "string" + "Metadata": { + "type": "object" }, - "IsModifiable": { - "markdownDescription": "A Boolean value indicating whether the parameter can be modified.", - "title": "IsModifiable", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "SyncRole": { + "markdownDescription": "The SyncJob IAM role. This IAM role is used by the sync job to read from the syncSource, and create, update or delete the corresponding resources.", + "title": "SyncRole", + "type": "string" + }, + "SyncSource": { + "markdownDescription": "The sync source.\n\n> Currently the only supported syncSoucre is `SITEWISE` .", + "title": "SyncSource", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata you can use to manage the SyncJob.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace that contains the sync job.", + "title": "WorkspaceId", + "type": "string" + } + }, + "required": [ + "SyncRole", + "SyncSource", + "WorkspaceId" + ], + "type": "object" }, - "ParameterName": { - "markdownDescription": "The name of the parameter.", - "title": "ParameterName", + "Type": { + "enum": [ + "AWS::IoTTwinMaker::SyncJob" + ], "type": "string" }, - "ParameterValue": { - "markdownDescription": "The value for the parameter.", - "title": "ParameterValue", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Lightsail::Disk": { + "AWS::IoTTwinMaker::Workspace": { "additionalProperties": false, "properties": { "Condition": { @@ -147591,52 +157577,48 @@ "Properties": { "additionalProperties": false, "properties": { - "AddOns": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Disk.AddOn" - }, - "markdownDescription": "An array of add-ons for the disk.\n\n> If the disk has an add-on enabled when performing a delete disk request, the add-on is automatically disabled before the disk is deleted.", - "title": "AddOns", - "type": "array" - }, - "AvailabilityZone": { - "markdownDescription": "The AWS Region and Availability Zone location for the disk (for example, `us-east-1a` ).", - "title": "AvailabilityZone", + "Description": { + "markdownDescription": "The description of the workspace.", + "title": "Description", "type": "string" }, - "DiskName": { - "markdownDescription": "The name of the disk.", - "title": "DiskName", + "Role": { + "markdownDescription": "The ARN of the execution role associated with the workspace.", + "title": "Role", "type": "string" }, - "Location": { - "$ref": "#/definitions/AWS::Lightsail::Disk.Location", - "markdownDescription": "The AWS Region and Availability Zone where the disk is located.", - "title": "Location" - }, - "SizeInGb": { - "markdownDescription": "The size of the disk in GB.", - "title": "SizeInGb", - "type": "number" + "S3Location": { + "markdownDescription": "The ARN of the S3 bucket where resources associated with the workspace are stored.", + "title": "S3Location", + "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Metadata that you can use to manage the workspace.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", - "type": "array" + "type": "object" + }, + "WorkspaceId": { + "markdownDescription": "The ID of the workspace.", + "title": "WorkspaceId", + "type": "string" } }, "required": [ - "DiskName", - "SizeInGb" + "Role", + "S3Location", + "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Disk" + "AWS::IoTTwinMaker::Workspace" ], "type": "string" }, @@ -147655,58 +157637,7 @@ ], "type": "object" }, - "AWS::Lightsail::Disk.AddOn": { - "additionalProperties": false, - "properties": { - "AddOnType": { - "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for a disk.", - "title": "AddOnType", - "type": "string" - }, - "AutoSnapshotAddOnRequest": { - "$ref": "#/definitions/AWS::Lightsail::Disk.AutoSnapshotAddOn", - "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", - "title": "AutoSnapshotAddOnRequest" - }, - "Status": { - "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", - "title": "Status", - "type": "string" - } - }, - "required": [ - "AddOnType" - ], - "type": "object" - }, - "AWS::Lightsail::Disk.AutoSnapshotAddOn": { - "additionalProperties": false, - "properties": { - "SnapshotTimeOfDay": { - "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", - "title": "SnapshotTimeOfDay", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Disk.Location": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone where the disk is located.", - "title": "AvailabilityZone", - "type": "string" - }, - "RegionName": { - "markdownDescription": "The AWS Region where the disk is located.", - "title": "RegionName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Distribution": { + "AWS::IoTWireless::Destination": { "additionalProperties": false, "properties": { "Condition": { @@ -147741,74 +157672,50 @@ "Properties": { "additionalProperties": false, "properties": { - "BundleId": { - "markdownDescription": "The ID of the bundle applied to the distribution.", - "title": "BundleId", + "Description": { + "markdownDescription": "The description of the new resource. Maximum length is 2048 characters.", + "title": "Description", "type": "string" }, - "CacheBehaviorSettings": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheSettings", - "markdownDescription": "An object that describes the cache behavior settings of the distribution.", - "title": "CacheBehaviorSettings" - }, - "CacheBehaviors": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehaviorPerPath" - }, - "markdownDescription": "An array of objects that describe the per-path cache behavior of the distribution.", - "title": "CacheBehaviors", - "type": "array" - }, - "CertificateName": { - "markdownDescription": "The name of the SSL/TLS certificate attached to the distribution.", - "title": "CertificateName", + "Expression": { + "markdownDescription": "The rule name to send messages to.", + "title": "Expression", "type": "string" }, - "DefaultCacheBehavior": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehavior", - "markdownDescription": "An object that describes the default cache behavior of the distribution.", - "title": "DefaultCacheBehavior" - }, - "DistributionName": { - "markdownDescription": "The name of the distribution", - "title": "DistributionName", + "ExpressionType": { + "markdownDescription": "The type of value in `Expression` .", + "title": "ExpressionType", "type": "string" }, - "IpAddressType": { - "markdownDescription": "The IP address type of the distribution.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for IPv4 and IPv6.", - "title": "IpAddressType", + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", "type": "string" }, - "IsEnabled": { - "markdownDescription": "A Boolean value indicating whether the distribution is enabled.", - "title": "IsEnabled", - "type": "boolean" - }, - "Origin": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.InputOrigin", - "markdownDescription": "An object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer.\n\nThe distribution pulls, caches, and serves content from the origin.", - "title": "Origin" + "RoleArn": { + "markdownDescription": "The ARN of the IAM Role that authorizes the destination.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "required": [ - "BundleId", - "DefaultCacheBehavior", - "DistributionName", - "Origin" + "Expression", + "ExpressionType", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Distribution" + "AWS::IoTWireless::Destination" ], "type": "string" }, @@ -147827,158 +157734,187 @@ ], "type": "object" }, - "AWS::Lightsail::Distribution.CacheBehavior": { + "AWS::IoTWireless::DeviceProfile": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "The cache behavior of the distribution.\n\nThe following cache behaviors can be specified:\n\n- *`cache`* - This option is best for static sites. When specified, your distribution caches and serves your entire website as static content. This behavior is ideal for websites with static content that doesn't change depending on who views it, or for websites that don't use cookies, headers, or query strings to personalize content.\n- *`dont-cache`* - This option is best for sites that serve a mix of static and dynamic content. When specified, your distribution caches and serves only the content that is specified in the distribution\u2019s `CacheBehaviorPerPath` parameter. This behavior is ideal for websites or web applications that use cookies, headers, and query strings to personalize content for individual users.", - "title": "Behavior", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Distribution.CacheBehaviorPerPath": { - "additionalProperties": false, - "properties": { - "Behavior": { - "markdownDescription": "The cache behavior for the specified path.\n\nYou can specify one of the following per-path cache behaviors:\n\n- *`cache`* - This behavior caches the specified path.\n- *`dont-cache`* - This behavior doesn't cache the specified path.", - "title": "Behavior", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Path": { - "markdownDescription": "The path to a directory or file to cache, or not cache. Use an asterisk symbol to specify wildcard directories ( `path/to/assets/*` ), and file types ( `*.html` , `*jpg` , `*js` ). Directories and file paths are case-sensitive.\n\nExamples:\n\n- Specify the following to cache all files in the document root of an Apache web server running on a instance.\n\n`var/www/html/`\n- Specify the following file to cache only the index page in the document root of an Apache web server.\n\n`var/www/html/index.html`\n- Specify the following to cache only the .html files in the document root of an Apache web server.\n\n`var/www/html/*.html`\n- Specify the following to cache only the .jpg, .png, and .gif files in the images sub-directory of the document root of an Apache web server.\n\n`var/www/html/images/*.jpg`\n\n`var/www/html/images/*.png`\n\n`var/www/html/images/*.gif`\n\nSpecify the following to cache all files in the images subdirectory of the document root of an Apache web server.\n\n`var/www/html/images/`", - "title": "Path", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile", + "markdownDescription": "LoRaWAN device profile object.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::IoTWireless::DeviceProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::Lightsail::Distribution.CacheSettings": { + "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { "additionalProperties": false, "properties": { - "AllowedHTTPMethods": { - "markdownDescription": "The HTTP methods that are processed and forwarded to the distribution's origin.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution forwards the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution forwards the `GET` , `HEAD` , and `OPTIONS` methods.\n- `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` - The distribution forwards the `GET` , `HEAD` , `OPTIONS` , `PUT` , `PATCH` , `POST` , and `DELETE` methods.\n\nIf you specify `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` , you might need to restrict access to your distribution's origin so users can't perform operations that you don't want them to. For example, you might not want users to have permission to delete objects from your origin.", - "title": "AllowedHTTPMethods", - "type": "string" + "ClassBTimeout": { + "markdownDescription": "The ClassBTimeout value.", + "title": "ClassBTimeout", + "type": "number" }, - "CachedHTTPMethods": { - "markdownDescription": "The HTTP method responses that are cached by your distribution.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution caches responses to the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution caches responses to the `GET` , `HEAD` , and `OPTIONS` methods.", - "title": "CachedHTTPMethods", + "ClassCTimeout": { + "markdownDescription": "The ClassCTimeout value.", + "title": "ClassCTimeout", + "type": "number" + }, + "FactoryPresetFreqsList": { + "items": { + "type": "number" + }, + "markdownDescription": "The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000.", + "title": "FactoryPresetFreqsList", + "type": "array" + }, + "MacVersion": { + "markdownDescription": "The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile.", + "title": "MacVersion", "type": "string" }, - "DefaultTTL": { - "markdownDescription": "The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.\n\n> The value specified applies only when the origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", - "title": "DefaultTTL", + "MaxDutyCycle": { + "markdownDescription": "The MaxDutyCycle value.", + "title": "MaxDutyCycle", "type": "number" }, - "ForwardedCookies": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.CookieObject", - "markdownDescription": "An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded.", - "title": "ForwardedCookies" - }, - "ForwardedHeaders": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.HeaderObject", - "markdownDescription": "An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded.", - "title": "ForwardedHeaders" + "MaxEirp": { + "markdownDescription": "The MaxEIRP value.", + "title": "MaxEirp", + "type": "number" }, - "ForwardedQueryStrings": { - "$ref": "#/definitions/AWS::Lightsail::Distribution.QueryStringObject", - "markdownDescription": "An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded.", - "title": "ForwardedQueryStrings" + "PingSlotDr": { + "markdownDescription": "The PingSlotDR value.", + "title": "PingSlotDr", + "type": "number" }, - "MaximumTTL": { - "markdownDescription": "The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nThe value specified applies only when the origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", - "title": "MaximumTTL", + "PingSlotFreq": { + "markdownDescription": "The PingSlotFreq value.", + "title": "PingSlotFreq", "type": "number" }, - "MinimumTTL": { - "markdownDescription": "The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nA value of `0` must be specified for `minimumTTL` if the distribution is configured to forward all headers to the origin.", - "title": "MinimumTTL", + "PingSlotPeriod": { + "markdownDescription": "The PingSlotPeriod value.", + "title": "PingSlotPeriod", "type": "number" - } - }, - "type": "object" - }, - "AWS::Lightsail::Distribution.CookieObject": { - "additionalProperties": false, - "properties": { - "CookiesAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The specific cookies to forward to your distribution's origin.", - "title": "CookiesAllowList", - "type": "array" }, - "Option": { - "markdownDescription": "Specifies which cookies to forward to the distribution's origin for a cache behavior.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all cookies to your origin.\n- *`none`* - Doesn\u2019t forward cookies to your origin.\n- *`allow-list`* - Forwards only the cookies that you specify using the `CookiesAllowList` parameter.", - "title": "Option", + "RegParamsRevision": { + "markdownDescription": "The version of regional parameters.", + "title": "RegParamsRevision", "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Distribution.HeaderObject": { - "additionalProperties": false, - "properties": { - "HeadersAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The specific headers to forward to your distribution's origin.", - "title": "HeadersAllowList", - "type": "array" }, - "Option": { - "markdownDescription": "The headers that you want your distribution to forward to your origin. Your distribution caches your content based on these headers.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all headers to your origin..\n- *`none`* - Forwards only the default headers.\n- *`allow-list`* - Forwards only the headers that you specify using the `HeadersAllowList` parameter.", - "title": "Option", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Distribution.InputOrigin": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the origin resource.", - "title": "Name", + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", "type": "string" }, - "ProtocolPolicy": { - "markdownDescription": "The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.", - "title": "ProtocolPolicy", - "type": "string" + "RxDataRate2": { + "markdownDescription": "The RXDataRate2 value.", + "title": "RxDataRate2", + "type": "number" }, - "RegionName": { - "markdownDescription": "The AWS Region name of the origin resource.", - "title": "RegionName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Distribution.QueryStringObject": { - "additionalProperties": false, - "properties": { - "Option": { - "markdownDescription": "Indicates whether the distribution forwards and caches based on query strings.", - "title": "Option", + "RxDelay1": { + "markdownDescription": "The RXDelay1 value.", + "title": "RxDelay1", + "type": "number" + }, + "RxDrOffset1": { + "markdownDescription": "The RXDROffset1 value.", + "title": "RxDrOffset1", + "type": "number" + }, + "RxFreq2": { + "markdownDescription": "The RXFreq2 value.", + "title": "RxFreq2", + "type": "number" + }, + "Supports32BitFCnt": { + "markdownDescription": "The Supports32BitFCnt value.", + "title": "Supports32BitFCnt", "type": "boolean" }, - "QueryStringsAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The specific query strings that the distribution forwards to the origin.\n\nYour distribution caches content based on the specified query strings.\n\nIf the `option` parameter is true, then your distribution forwards all query strings, regardless of what you specify using the `QueryStringsAllowList` parameter.", - "title": "QueryStringsAllowList", - "type": "array" + "SupportsClassB": { + "markdownDescription": "The SupportsClassB value.", + "title": "SupportsClassB", + "type": "boolean" + }, + "SupportsClassC": { + "markdownDescription": "The SupportsClassC value.", + "title": "SupportsClassC", + "type": "boolean" + }, + "SupportsJoin": { + "markdownDescription": "The SupportsJoin value.", + "title": "SupportsJoin", + "type": "boolean" } }, "type": "object" }, - "AWS::Lightsail::Instance": { + "AWS::IoTWireless::FuotaTask": { "additionalProperties": false, "properties": { "Condition": { @@ -148013,83 +157949,70 @@ "Properties": { "additionalProperties": false, "properties": { - "AddOns": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.AddOn" - }, - "markdownDescription": "An array of add-ons for the instance.\n\n> If the instance has an add-on enabled when performing a delete instance request, the add-on is automatically disabled before the instance is deleted.", - "title": "AddOns", - "type": "array" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", + "AssociateMulticastGroup": { + "markdownDescription": "The ID of the multicast group to associate with a FUOTA task.", + "title": "AssociateMulticastGroup", "type": "string" }, - "BlueprintId": { - "markdownDescription": "The blueprint ID for the instance (for example, `os_amlinux_2016_03` ).", - "title": "BlueprintId", + "AssociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to associate with a multicast group.", + "title": "AssociateWirelessDevice", "type": "string" }, - "BundleId": { - "markdownDescription": "The bundle ID for the instance (for example, `micro_1_0` ).", - "title": "BundleId", + "Description": { + "markdownDescription": "The description of the new resource.", + "title": "Description", "type": "string" }, - "Hardware": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Hardware", - "markdownDescription": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n> The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", - "title": "Hardware" + "DisassociateMulticastGroup": { + "markdownDescription": "The ID of the multicast group to disassociate from a FUOTA task.", + "title": "DisassociateMulticastGroup", + "type": "string" }, - "InstanceName": { - "markdownDescription": "The name of the instance.", - "title": "InstanceName", + "DisassociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to disassociate from a FUOTA task.", + "title": "DisassociateWirelessDevice", "type": "string" }, - "KeyPairName": { - "markdownDescription": "The name of the key pair to use for the instance.\n\nIf no key pair name is specified, the Regional Lightsail default key pair is used.", - "title": "KeyPairName", + "FirmwareUpdateImage": { + "markdownDescription": "The S3 URI points to a firmware update image that is to be used with a FUOTA task.", + "title": "FirmwareUpdateImage", "type": "string" }, - "Location": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Location", - "markdownDescription": "The location for the instance, such as the AWS Region and Availability Zone.\n\n> The `Location` property is read-only and should not be specified in a create instance or update instance request.", - "title": "Location" + "FirmwareUpdateRole": { + "markdownDescription": "The firmware update role that is to be used with a FUOTA task.", + "title": "FirmwareUpdateRole", + "type": "string" }, - "Networking": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Networking", - "markdownDescription": "The public ports and the monthly amount of data transfer allocated for the instance.", - "title": "Networking" + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::FuotaTask.LoRaWAN", + "markdownDescription": "The LoRaWAN information used with a FUOTA task.", + "title": "LoRaWAN" }, - "State": { - "$ref": "#/definitions/AWS::Lightsail::Instance.State", - "markdownDescription": "The status code and the state (for example, `running` ) of the instance.\n\n> The `State` property is read-only and should not be specified in a create instance or update instance request.", - "title": "State" + "Name": { + "markdownDescription": "The name of a FUOTA task.", + "title": "Name", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" - }, - "UserData": { - "markdownDescription": "The optional launch script for the instance.\n\nSpecify a launch script to configure an instance with additional user data. For example, you might want to specify `apt-get -y update` as a launch script.\n\n> Depending on the blueprint of your instance, the command to get software on your instance varies. Amazon Linux and CentOS use `yum` , Debian and Ubuntu use `apt-get` , and FreeBSD uses `pkg` .", - "title": "UserData", - "type": "string" } }, "required": [ - "BlueprintId", - "BundleId", - "InstanceName" + "FirmwareUpdateImage", + "FirmwareUpdateRole", + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::Instance" + "AWS::IoTWireless::FuotaTask" ], "type": "string" }, @@ -148108,336 +158031,102 @@ ], "type": "object" }, - "AWS::Lightsail::Instance.AddOn": { + "AWS::IoTWireless::FuotaTask.LoRaWAN": { "additionalProperties": false, "properties": { - "AddOnType": { - "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for an instance.", - "title": "AddOnType", + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", "type": "string" }, - "AutoSnapshotAddOnRequest": { - "$ref": "#/definitions/AWS::Lightsail::Instance.AutoSnapshotAddOn", - "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", - "title": "AutoSnapshotAddOnRequest" - }, - "Status": { - "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", - "title": "Status", + "StartTime": { + "markdownDescription": "Start time of a FUOTA task.", + "title": "StartTime", "type": "string" } }, "required": [ - "AddOnType" + "RfRegion" ], "type": "object" }, - "AWS::Lightsail::Instance.AutoSnapshotAddOn": { - "additionalProperties": false, - "properties": { - "SnapshotTimeOfDay": { - "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", - "title": "SnapshotTimeOfDay", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.Disk": { + "AWS::IoTWireless::MulticastGroup": { "additionalProperties": false, "properties": { - "AttachedTo": { - "markdownDescription": "The resources to which the disk is attached.", - "title": "AttachedTo", - "type": "string" - }, - "AttachmentState": { - "markdownDescription": "(Deprecated) The attachment state of the disk.\n\n> In releases prior to November 14, 2017, this parameter returned `attached` for system disks in the API response. It is now deprecated, but still included in the response. Use `isAttached` instead.", - "title": "AttachmentState", + "Condition": { "type": "string" }, - "DiskName": { - "markdownDescription": "The unique name of the disk.", - "title": "DiskName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "IOPS": { - "markdownDescription": "The input/output operations per second (IOPS) of the disk.", - "title": "IOPS", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "IsSystemDisk": { - "markdownDescription": "A Boolean value indicating whether this disk is a system disk (has an operating system loaded on it).", - "title": "IsSystemDisk", - "type": "boolean" - }, - "Path": { - "markdownDescription": "The disk path.", - "title": "Path", - "type": "string" - }, - "SizeInGb": { - "markdownDescription": "The size of the disk in GB.", - "title": "SizeInGb", - "type": "string" - } - }, - "required": [ - "DiskName", - "Path" - ], - "type": "object" - }, - "AWS::Lightsail::Instance.Hardware": { - "additionalProperties": false, - "properties": { - "CpuCount": { - "markdownDescription": "The number of vCPUs the instance has.\n\n> The `CpuCount` property is read-only and should not be specified in a create instance or update instance request.", - "title": "CpuCount", - "type": "number" - }, - "Disks": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Disk" - }, - "markdownDescription": "The disks attached to the instance.\n\nThe instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", - "title": "Disks", - "type": "array" - }, - "RamSizeInGb": { - "markdownDescription": "The amount of RAM in GB on the instance (for example, `1.0` ).\n\n> The `RamSizeInGb` property is read-only and should not be specified in a create instance or update instance request.", - "title": "RamSizeInGb", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.Location": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone for the instance.", - "title": "AvailabilityZone", - "type": "string" - }, - "RegionName": { - "markdownDescription": "The name of the AWS Region for the instance.", - "title": "RegionName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.MonthlyTransfer": { - "additionalProperties": false, - "properties": { - "GbPerMonthAllocated": { - "markdownDescription": "The amount of allocated monthly data transfer (in GB) for an instance.", - "title": "GbPerMonthAllocated", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.Networking": { - "additionalProperties": false, - "properties": { - "MonthlyTransfer": { - "$ref": "#/definitions/AWS::Lightsail::Instance.MonthlyTransfer", - "markdownDescription": "The monthly amount of data transfer, in GB, allocated for the instance", - "title": "MonthlyTransfer" - }, - "Ports": { - "items": { - "$ref": "#/definitions/AWS::Lightsail::Instance.Port" - }, - "markdownDescription": "An array of ports to open on the instance.", - "title": "Ports", - "type": "array" - } - }, - "required": [ - "Ports" - ], - "type": "object" - }, - "AWS::Lightsail::Instance.Port": { - "additionalProperties": false, - "properties": { - "AccessDirection": { - "markdownDescription": "The access direction ( `inbound` or `outbound` ).\n\n> Lightsail currently supports only `inbound` access direction.", - "title": "AccessDirection", - "type": "string" - }, - "AccessFrom": { - "markdownDescription": "The location from which access is allowed. For example, `Anywhere (0.0.0.0/0)` , or `Custom` if a specific IP address or range of IP addresses is allowed.", - "title": "AccessFrom", - "type": "string" - }, - "AccessType": { - "markdownDescription": "The type of access ( `Public` or `Private` ).", - "title": "AccessType", - "type": "string" - }, - "CidrListAliases": { - "items": { - "type": "string" - }, - "markdownDescription": "An alias that defines access for a preconfigured range of IP addresses.\n\nThe only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance.", - "title": "CidrListAliases", - "type": "array" - }, - "Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.\n\n> The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. \n\nExamples:\n\n- To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` .\n- To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` .", - "title": "Cidrs", - "type": "array" - }, - "CommonName": { - "markdownDescription": "The common name of the port information.", - "title": "CommonName", - "type": "string" - }, - "FromPort": { - "markdownDescription": "The first port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP type for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP type for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", - "title": "FromPort", - "type": "number" - }, - "Ipv6Cidrs": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used.\n\n> The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance.", - "title": "Ipv6Cidrs", - "type": "array" - }, - "Protocol": { - "markdownDescription": "The IP protocol name.\n\nThe name can be one of the following:\n\n- `tcp` - Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of streamed data between applications running on hosts communicating by an IP network. If you have an application that doesn't require reliable data stream service, use UDP instead.\n- `all` - All transport layer protocol types.\n- `udp` - With User Datagram Protocol (UDP), computer applications can send messages (or datagrams) to other hosts on an Internet Protocol (IP) network. Prior communications are not required to set up transmission channels or data paths. Applications that don't require reliable data stream service can use UDP, which provides a connectionless datagram service that emphasizes reduced latency over reliability. If you do require reliable data stream service, use TCP instead.\n- `icmp` - Internet Control Message Protocol (ICMP) is used to send error messages and operational information indicating success or failure when communicating with an instance. For example, an error is indicated when an instance could not be reached. When you specify `icmp` as the `protocol` , you must specify the ICMP type using the `fromPort` parameter, and ICMP code using the `toPort` parameter.", - "title": "Protocol", - "type": "string" - }, - "ToPort": { - "markdownDescription": "The last port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP code for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP code for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", - "title": "ToPort", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Lightsail::Instance.State": { - "additionalProperties": false, - "properties": { - "Code": { - "markdownDescription": "The status code of the instance.", - "title": "Code", - "type": "number" - }, - "Name": { - "markdownDescription": "The state of the instance (for example, `running` or `pending` ).", - "title": "Name", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Lightsail::LoadBalancer": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Metadata": { + "type": "object" }, "Properties": { "additionalProperties": false, "properties": { - "AttachedInstances": { - "items": { - "type": "string" - }, - "markdownDescription": "The Lightsail instances to attach to the load balancer.", - "title": "AttachedInstances", - "type": "array" - }, - "HealthCheckPath": { - "markdownDescription": "The path on the attached instance where the health check will be performed. If no path is specified, the load balancer tries to make a request to the default (root) page ( `/index.html` ).", - "title": "HealthCheckPath", + "AssociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to associate with a multicast group.", + "title": "AssociateWirelessDevice", "type": "string" }, - "InstancePort": { - "markdownDescription": "The port that the load balancer uses to direct traffic to your Lightsail instances. For HTTP traffic, specify port `80` . For HTTPS traffic, specify port `443` .", - "title": "InstancePort", - "type": "number" - }, - "IpAddressType": { - "markdownDescription": "The IP address type of the load balancer.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for both IPv4 and IPv6.", - "title": "IpAddressType", + "Description": { + "markdownDescription": "The description of the multicast group.", + "title": "Description", "type": "string" }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer.", - "title": "LoadBalancerName", + "DisassociateWirelessDevice": { + "markdownDescription": "The ID of the wireless device to disassociate from a multicast group.", + "title": "DisassociateWirelessDevice", "type": "string" }, - "SessionStickinessEnabled": { - "markdownDescription": "A Boolean value indicating whether session stickiness is enabled.\n\nEnable session stickiness (also known as *session affinity* ) to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.", - "title": "SessionStickinessEnabled", - "type": "boolean" + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::MulticastGroup.LoRaWAN", + "markdownDescription": "The LoRaWAN information that is to be used with the multicast group.", + "title": "LoRaWAN" }, - "SessionStickinessLBCookieDurationSeconds": { - "markdownDescription": "The time period, in seconds, after which the load balancer session stickiness cookie should be considered stale. If you do not specify this parameter, the default value is 0, which indicates that the sticky session should last for the duration of the browser session.", - "title": "SessionStickinessLBCookieDurationSeconds", + "Name": { + "markdownDescription": "The name of the multicast group.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" - }, - "TlsPolicyName": { - "markdownDescription": "The name of the TLS security policy for the load balancer.", - "title": "TlsPolicyName", - "type": "string" } }, "required": [ - "InstancePort", - "LoadBalancerName" + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::LoadBalancer" + "AWS::IoTWireless::MulticastGroup" ], "type": "string" }, @@ -148456,104 +158145,37 @@ ], "type": "object" }, - "AWS::Lightsail::LoadBalancerTlsCertificate": { + "AWS::IoTWireless::MulticastGroup.LoRaWAN": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DlClass": { + "markdownDescription": "DlClass for LoRaWAN. Valid values are ClassB and ClassC.", + "title": "DlClass", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CertificateAlternativeNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of alternative domain names and subdomain names for your SSL/TLS certificate.\n\nIn addition to the primary domain name, you can have up to nine alternative domain names. Wildcards (such as `*.example.com` ) are not supported.", - "title": "CertificateAlternativeNames", - "type": "array" - }, - "CertificateDomainName": { - "markdownDescription": "The domain name for the SSL/TLS certificate. For example, `example.com` or `www.example.com` .", - "title": "CertificateDomainName", - "type": "string" - }, - "CertificateName": { - "markdownDescription": "The name of the SSL/TLS certificate.", - "title": "CertificateName", - "type": "string" - }, - "HttpsRedirectionEnabled": { - "markdownDescription": "A Boolean value indicating whether HTTPS redirection is enabled for the load balancer that the TLS certificate is attached to.", - "title": "HttpsRedirectionEnabled", - "type": "boolean" - }, - "IsAttached": { - "markdownDescription": "A Boolean value indicating whether the SSL/TLS certificate is attached to a Lightsail load balancer.", - "title": "IsAttached", - "type": "boolean" - }, - "LoadBalancerName": { - "markdownDescription": "The name of the load balancer that the SSL/TLS certificate is attached to.", - "title": "LoadBalancerName", - "type": "string" - } - }, - "required": [ - "CertificateDomainName", - "CertificateName", - "LoadBalancerName" - ], - "type": "object" + "NumberOfDevicesInGroup": { + "markdownDescription": "Number of devices that are associated to the multicast group.", + "title": "NumberOfDevicesInGroup", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Lightsail::LoadBalancerTlsCertificate" - ], - "type": "string" + "NumberOfDevicesRequested": { + "markdownDescription": "Number of devices that are requested to be associated with the multicast group.", + "title": "NumberOfDevicesRequested", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", "type": "string" } }, "required": [ - "Type", - "Properties" + "DlClass", + "RfRegion" ], "type": "object" }, - "AWS::Lightsail::StaticIp": { + "AWS::IoTWireless::NetworkAnalyzerConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -148588,25 +158210,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AttachedTo": { - "markdownDescription": "The instance that the static IP is attached to.", - "title": "AttachedTo", + "Description": { + "markdownDescription": "The description of the resource.", + "title": "Description", "type": "string" }, - "StaticIpName": { - "markdownDescription": "The name of the static IP.", - "title": "StaticIpName", + "Name": { + "markdownDescription": "Name of the network analyzer configuration.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to attach to the specified resource. Tags are metadata that you can use to manage a resource.", + "title": "Tags", + "type": "array" + }, + "TraceContent": { + "$ref": "#/definitions/AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent", + "markdownDescription": "Trace content for your wireless gateway and wireless device resources.", + "title": "TraceContent" + }, + "WirelessDevices": { + "items": { + "type": "string" + }, + "markdownDescription": "Wireless device resources to add to the network analyzer configuration. Provide the `WirelessDeviceId` of the resource to add in the input array.", + "title": "WirelessDevices", + "type": "array" + }, + "WirelessGateways": { + "items": { + "type": "string" + }, + "markdownDescription": "Wireless gateway resources to add to the network analyzer configuration. Provide the `WirelessGatewayId` of the resource to add in the input array.", + "title": "WirelessGateways", + "type": "array" } }, "required": [ - "StaticIpName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Lightsail::StaticIp" + "AWS::IoTWireless::NetworkAnalyzerConfiguration" ], "type": "string" }, @@ -148625,7 +158276,23 @@ ], "type": "object" }, - "AWS::Location::APIKey": { + "AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent": { + "additionalProperties": false, + "properties": { + "LogLevel": { + "markdownDescription": "The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs", + "title": "LogLevel", + "type": "string" + }, + "WirelessDeviceFrameInfo": { + "markdownDescription": "`FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server.", + "title": "WirelessDeviceFrameInfo", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::PartnerAccount": { "additionalProperties": false, "properties": { "Condition": { @@ -148660,59 +158327,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Updates the description for the API key resource.", - "title": "Description", - "type": "string" - }, - "ExpireTime": { - "markdownDescription": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) .", - "title": "ExpireTime", - "type": "string" - }, - "ForceDelete": { - "markdownDescription": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n> This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use.", - "title": "ForceDelete", + "AccountLinked": { + "markdownDescription": "Whether the partner account is linked to the AWS account.", + "title": "AccountLinked", "type": "boolean" }, - "ForceUpdate": { - "markdownDescription": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred.", - "title": "ForceUpdate", - "type": "boolean" + "PartnerAccountId": { + "markdownDescription": "The ID of the partner account to update.", + "title": "PartnerAccountId", + "type": "string" }, - "KeyName": { - "markdownDescription": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` .", - "title": "KeyName", + "PartnerType": { + "markdownDescription": "The partner type.", + "title": "PartnerType", "type": "string" }, - "NoExpiry": { - "markdownDescription": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time.", - "title": "NoExpiry", - "type": "boolean" + "Sidewalk": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo", + "markdownDescription": "The Sidewalk account credentials.", + "title": "Sidewalk" }, - "Restrictions": { - "$ref": "#/definitions/AWS::Location::APIKey.ApiKeyRestrictions", - "markdownDescription": "The API key restrictions for the API key resource.", - "title": "Restrictions" + "SidewalkResponse": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint", + "markdownDescription": "Information about a Sidewalk account.", + "title": "SidewalkResponse" + }, + "SidewalkUpdate": { + "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount", + "markdownDescription": "Sidewalk update.", + "title": "SidewalkUpdate" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair that helps manage, identify, search, and filter your resources by labelling them.", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, - "required": [ - "KeyName", - "Restrictions" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::APIKey" + "AWS::IoTWireless::PartnerAccount" ], "type": "string" }, @@ -148726,131 +158384,57 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Location::APIKey.ApiKeyRestrictions": { + "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo": { "additionalProperties": false, "properties": { - "AllowActions": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action.\n\nThe following are valid values for the actions.\n\n- *Map actions*\n\n- `geo:GetMap*` - Allows all actions needed for map rendering.\n- *Enhanced Maps actions*\n\n- `geo-maps:GetTile` - Allows getting map tiles for rendering.\n- `geo-maps:GetStaticMap` - Allows getting static map images.\n- *Place actions*\n\n- `geo:SearchPlaceIndexForText` - Allows finding geo coordinates of a known place.\n- `geo:SearchPlaceIndexForPosition` - Allows getting nearest address to geo coordinates.\n- `geo:SearchPlaceIndexForSuggestions` - Allows suggestions based on an incomplete or misspelled query.\n- `geo:GetPlace` - Allows getting details of a place.\n- *Enhanced Places actions*\n\n- `geo-places:Autcomplete` - Allows auto-completion of search text.\n- `geo-places:Geocode` - Allows finding geo coordinates of a known place.\n- `geo-places:GetPlace` - Allows getting details of a place.\n- `geo-places:ReverseGeocode` - Allows getting nearest address to geo coordinates.\n- `geo-places:SearchNearby` - Allows category based places search around geo coordinates.\n- `geo-places:SearchText` - Allows place or address search based on free-form text.\n- `geo-places:Suggest` - Allows suggestions based on an incomplete or misspelled query.\n- *Route actions*\n\n- `geo:CalculateRoute` - Allows point to point routing.\n- `geo:CalculateRouteMatrix` - Allows matrix routing.\n- *Enhanced Routes actions*\n\n- `geo-routes:CalculateIsolines` - Allows isoline calculation.\n- `geo-routes:CalculateRoutes` - Allows point to point routing.\n- `geo-routes:CalculateRouteMatrix` - Allows matrix routing.\n- `geo-routes:OptimizeWaypoints` - Allows computing the best sequence of waypoints.\n- `geo-routes:SnapToRoads` - Allows snapping GPS points to a likely route.\n\n> You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `[\"geo:GetMap*\"]` is valid but `[\"geo:GetTile\"]` is not. Similarly, you cannot use `[\"geo:SearchPlaceIndexFor*\"]` - you must list each of the Place actions separately.", - "title": "AllowActions", - "type": "array" - }, - "AllowReferers": { - "items": { - "type": "string" - }, - "markdownDescription": "An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) or any symbols in this list `$\\-._+!*`(),;/?:@=&`\n- May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes.\n- May contain wildcard characters question mark (?) and asterisk (*).\n\nQuestion mark (?) will replace any single character (including hexadecimal digits).\n\nAsterisk (*) will replace any multiple characters (including multiple hexadecimal digits).\n- No spaces allowed. For example, `https://example.com` .", - "title": "AllowReferers", - "type": "array" - }, - "AllowResources": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of allowed resource ARNs that a API key bearer can perform actions on.\n\n- The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type.\n- The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created.\n- Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:).\n- No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` .\n\nFor more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) .", - "title": "AllowResources", - "type": "array" + "AppServerPrivateKey": { + "markdownDescription": "The Sidewalk application server private key. The application server private key is a secret key, which you should handle in a similar way as you would an application password. You can protect the application server private key by storing the value in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppServerPrivateKey", + "type": "string" } }, "required": [ - "AllowActions", - "AllowResources" + "AppServerPrivateKey" ], "type": "object" }, - "AWS::Location::GeofenceCollection": { + "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint": { "additionalProperties": false, "properties": { - "Condition": { + "AmazonId": { + "markdownDescription": "The Sidewalk Amazon ID.", + "title": "AmazonId", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CollectionName": { - "markdownDescription": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` .", - "title": "CollectionName", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description for the geofence collection.", - "title": "Description", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", - "title": "KmsKeyId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Applies one or more tags to the geofence collection. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CollectionName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Location::GeofenceCollection" - ], + "Fingerprint": { + "markdownDescription": "The fingerprint of the Sidewalk application server private key.", + "title": "Fingerprint", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount": { + "additionalProperties": false, + "properties": { + "AppServerPrivateKey": { + "markdownDescription": "The new Sidewalk application server private key.", + "title": "AppServerPrivateKey", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Location::Map": { + "AWS::IoTWireless::ServiceProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -148885,44 +158469,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::Location::Map.MapConfiguration", - "markdownDescription": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource.", - "title": "Configuration" - }, - "Description": { - "markdownDescription": "An optional description for the map resource.", - "title": "Description", - "type": "string" - }, - "MapName": { - "markdownDescription": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` .", - "title": "MapName", - "type": "string" + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile", + "markdownDescription": "LoRaWAN service profile object.", + "title": "LoRaWAN" }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, - "required": [ - "Configuration", - "MapName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::Map" + "AWS::IoTWireless::ServiceProfile" ], "type": "string" }, @@ -148936,39 +158506,112 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Location::Map.MapConfiguration": { + "AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile": { "additionalProperties": false, "properties": { - "CustomLayers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style.\n\n> Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) .", - "title": "CustomLayers", - "type": "array" + "AddGwMetadata": { + "markdownDescription": "The AddGWMetaData value.", + "title": "AddGwMetadata", + "type": "boolean" }, - "PoliticalView": { - "markdownDescription": "Specifies the map political view selected from an available data provider.", - "title": "PoliticalView", + "ChannelMask": { + "markdownDescription": "The ChannelMask value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ChannelMask", "type": "string" }, - "Style": { - "markdownDescription": "Specifies the map style selected from an available data provider.\n\nValid [Esri map styles](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) :\n\n- `VectorEsriDarkGrayCanvas` \u2013 The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `RasterEsriImagery` \u2013 The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide.\n- `VectorEsriLightGrayCanvas` \u2013 The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `VectorEsriTopographic` \u2013 The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style.\n- `VectorEsriStreets` \u2013 The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map.\n- `VectorEsriNavigation` \u2013 The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices.\n\nValid [HERE Technologies map styles](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) :\n\n- `VectorHereContrast` \u2013 The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering.\n\n> The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it.\n- `VectorHereExplore` \u2013 A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan.\n- `VectorHereExploreTruck` \u2013 A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics.\n- `RasterHereExploreSatellite` \u2013 A global map containing high resolution satellite imagery.\n- `HybridHereExploreSatellite` \u2013 A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved.\n\n> Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved.\n\nValid [GrabMaps map styles](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) :\n\n- `VectorGrabStandardLight` \u2013 The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia.\n- `VectorGrabStandardDark` \u2013 The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia.\n\n> Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) . \n\nValid [Open Data map styles](https://docs.aws.amazon.com/location/previous/developerguide/open-data.html) :\n\n- `VectorOpenDataStandardLight` \u2013 The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataStandardDark` \u2013 Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataVisualizationLight` \u2013 The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data.\n- `VectorOpenDataVisualizationDark` \u2013 The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data.", - "title": "Style", + "DevStatusReqFreq": { + "markdownDescription": "The DevStatusReqFreq value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DevStatusReqFreq", + "type": "number" + }, + "DlBucketSize": { + "markdownDescription": "The DLBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlBucketSize", + "type": "number" + }, + "DlRate": { + "markdownDescription": "The DLRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlRate", + "type": "number" + }, + "DlRatePolicy": { + "markdownDescription": "The DLRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DlRatePolicy", + "type": "string" + }, + "DrMax": { + "markdownDescription": "The DRMax value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DrMax", + "type": "number" + }, + "DrMin": { + "markdownDescription": "The DRMin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "DrMin", + "type": "number" + }, + "HrAllowed": { + "markdownDescription": "The HRAllowed value that describes whether handover roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "HrAllowed", + "type": "boolean" + }, + "MinGwDiversity": { + "markdownDescription": "The MinGwDiversity value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "MinGwDiversity", + "type": "number" + }, + "NwkGeoLoc": { + "markdownDescription": "The NwkGeoLoc value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "NwkGeoLoc", + "type": "boolean" + }, + "PrAllowed": { + "markdownDescription": "The PRAllowed value that describes whether passive roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "PrAllowed", + "type": "boolean" + }, + "RaAllowed": { + "markdownDescription": "The RAAllowed value that describes whether roaming activation is allowed.", + "title": "RaAllowed", + "type": "boolean" + }, + "ReportDevStatusBattery": { + "markdownDescription": "The ReportDevStatusBattery value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ReportDevStatusBattery", + "type": "boolean" + }, + "ReportDevStatusMargin": { + "markdownDescription": "The ReportDevStatusMargin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "ReportDevStatusMargin", + "type": "boolean" + }, + "TargetPer": { + "markdownDescription": "The TargetPer value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "TargetPer", + "type": "number" + }, + "UlBucketSize": { + "markdownDescription": "The UlBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlBucketSize", + "type": "number" + }, + "UlRate": { + "markdownDescription": "The ULRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlRate", + "type": "number" + }, + "UlRatePolicy": { + "markdownDescription": "The ULRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", + "title": "UlRatePolicy", "type": "string" } }, - "required": [ - "Style" - ], "type": "object" }, - "AWS::Location::PlaceIndex": { + "AWS::IoTWireless::TaskDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -149003,49 +158646,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DataSource": { - "markdownDescription": "Specifies the geospatial data provider for the new place index.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` \u2013 Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n> If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS service terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service developer guide* .", - "title": "DataSource", - "type": "string" - }, - "DataSourceConfiguration": { - "$ref": "#/definitions/AWS::Location::PlaceIndex.DataSourceConfiguration", - "markdownDescription": "Specifies the data storage option requesting Places.", - "title": "DataSourceConfiguration" - }, - "Description": { - "markdownDescription": "The optional description for the place index resource.", - "title": "Description", - "type": "string" + "AutoCreateTasks": { + "markdownDescription": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If `false` , the task must be created by calling `CreateWirelessGatewayTask` .", + "title": "AutoCreateTasks", + "type": "boolean" }, - "IndexName": { - "markdownDescription": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` .", - "title": "IndexName", - "type": "string" + "LoRaWANUpdateGatewayTaskEntry": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry", + "markdownDescription": "LoRaWANUpdateGatewayTaskEntry object.", + "title": "LoRaWANUpdateGatewayTaskEntry" }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" + }, + "TaskDefinitionType": { + "markdownDescription": "A filter to list only the wireless gateway task definitions that use this task definition type.", + "title": "TaskDefinitionType", + "type": "string" + }, + "Update": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate", + "markdownDescription": "Information about the gateways to update.", + "title": "Update" } }, "required": [ - "DataSource", - "IndexName" + "AutoCreateTasks" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::PlaceIndex" + "AWS::IoTWireless::TaskDefinition" ], "type": "string" }, @@ -149064,109 +158706,91 @@ ], "type": "object" }, - "AWS::Location::PlaceIndex.DataSourceConfiguration": { + "AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion": { "additionalProperties": false, "properties": { - "IntendedUse": { - "markdownDescription": "Specifies how the results of an operation will be stored by the caller.\n\nValid values include:\n\n- `SingleUse` specifies that the results won't be stored.\n- `Storage` specifies that the result can be cached or stored in a database.\n\nDefault value: `SingleUse`", - "title": "IntendedUse", + "Model": { + "markdownDescription": "The model number of the wireless gateway.", + "title": "Model", + "type": "string" + }, + "PackageVersion": { + "markdownDescription": "The version of the wireless gateway firmware.", + "title": "PackageVersion", + "type": "string" + }, + "Station": { + "markdownDescription": "The basic station version of the wireless gateway.", + "title": "Station", "type": "string" } }, "type": "object" }, - "AWS::Location::RouteCalculator": { + "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CurrentVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The version of the gateways that should receive the update.", + "title": "CurrentVersion" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SigKeyCrc": { + "markdownDescription": "The CRC of the signature private key to check.", + "title": "SigKeyCrc", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "UpdateSignature": { + "markdownDescription": "The signature used to verify the update firmware.", + "title": "UpdateSignature", + "type": "string" }, - "Metadata": { - "type": "object" + "UpdateVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The firmware version to update the gateway to.", + "title": "UpdateVersion" + } + }, + "type": "object" + }, + "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry": { + "additionalProperties": false, + "properties": { + "CurrentVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The version of the gateways that should receive the update.", + "title": "CurrentVersion" }, - "Properties": { - "additionalProperties": false, - "properties": { - "CalculatorName": { - "markdownDescription": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` .", - "title": "CalculatorName", - "type": "string" - }, - "DataSource": { - "markdownDescription": "Specifies the data provider of traffic and road network data.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` \u2013 Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", - "title": "DataSource", - "type": "string" - }, - "Description": { - "markdownDescription": "The optional description for the route calculator resource.", - "title": "Description", - "type": "string" - }, - "PricingPlan": { - "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", - "title": "PricingPlan", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "CalculatorName", - "DataSource" - ], - "type": "object" + "UpdateVersion": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", + "markdownDescription": "The firmware version to update the gateway to.", + "title": "UpdateVersion" + } + }, + "type": "object" + }, + "AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate": { + "additionalProperties": false, + "properties": { + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate", + "markdownDescription": "The properties that relate to the LoRaWAN wireless gateway.", + "title": "LoRaWAN" }, - "Type": { - "enum": [ - "AWS::Location::RouteCalculator" - ], + "UpdateDataRole": { + "markdownDescription": "The IAM role used to read data from the S3 bucket.", + "title": "UpdateDataRole", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UpdateDataSource": { + "markdownDescription": "The link to the S3 bucket.", + "title": "UpdateDataSource", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Location::Tracker": { + "AWS::IoTWireless::WirelessDevice": { "additionalProperties": false, "properties": { "Condition": { @@ -149202,52 +158826,63 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "An optional description for the tracker resource.", + "markdownDescription": "The description of the new resource. Maximum length is 2048.", "title": "Description", "type": "string" }, - "EventBridgeEnabled": { - "markdownDescription": "", - "title": "EventBridgeEnabled", - "type": "boolean" + "DestinationName": { + "markdownDescription": "The name of the destination to assign to the new wireless device. Can have only have alphanumeric, - (hyphen) and _ (underscore) characters and it can't have any spaces.", + "title": "DestinationName", + "type": "string" }, - "KmsKeyEnableGeospatialQueries": { - "markdownDescription": "", - "title": "KmsKeyEnableGeospatialQueries", - "type": "boolean" + "LastUplinkReceivedAt": { + "markdownDescription": "The date and time when the most recent uplink was received.", + "title": "LastUplinkReceivedAt", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", - "title": "KmsKeyId", + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.LoRaWANDevice", + "markdownDescription": "The device configuration information to use to create the wireless device. Must be at least one of OtaaV10x, OtaaV11, AbpV11, or AbpV10x.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", "type": "string" }, - "PositionFiltering": { - "markdownDescription": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` .", - "title": "PositionFiltering", + "Positioning": { + "markdownDescription": "FPort values for the GNSS, Stream, and ClockSync functions of the positioning information.", + "title": "Positioning", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" }, - "TrackerName": { - "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", - "title": "TrackerName", + "ThingArn": { + "markdownDescription": "The ARN of the thing to associate with the wireless device.", + "title": "ThingArn", + "type": "string" + }, + "Type": { + "markdownDescription": "The wireless device type.", + "title": "Type", "type": "string" } }, "required": [ - "TrackerName" + "DestinationName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::Location::Tracker" + "AWS::IoTWireless::WirelessDevice" ], "type": "string" }, @@ -149266,250 +158901,226 @@ ], "type": "object" }, - "AWS::Location::TrackerConsumer": { + "AWS::IoTWireless::WirelessDevice.AbpV10x": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DevAddr": { + "markdownDescription": "The DevAddr value.", + "title": "DevAddr", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SessionKeys": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x", + "markdownDescription": "Session keys for ABP v1.0.x.", + "title": "SessionKeys" + } + }, + "required": [ + "DevAddr", + "SessionKeys" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.AbpV11": { + "additionalProperties": false, + "properties": { + "DevAddr": { + "markdownDescription": "The DevAddr value.", + "title": "DevAddr", + "type": "string" }, - "Metadata": { - "type": "object" + "SessionKeys": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11", + "markdownDescription": "Session keys for ABP v1.1.", + "title": "SessionKeys" + } + }, + "required": [ + "DevAddr", + "SessionKeys" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.Application": { + "additionalProperties": false, + "properties": { + "DestinationName": { + "markdownDescription": "The name of the position data destination that describes the IoT rule that processes the device's position data.", + "title": "DestinationName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConsumerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`", - "title": "ConsumerArn", - "type": "string" - }, - "TrackerName": { - "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", - "title": "TrackerName", - "type": "string" - } - }, - "required": [ - "ConsumerArn", - "TrackerName" - ], - "type": "object" + "FPort": { + "markdownDescription": "The name of the new destination for the device.", + "title": "FPort", + "type": "number" }, "Type": { - "enum": [ - "AWS::Location::TrackerConsumer" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "markdownDescription": "Application type, which can be specified to obtain real-time position information of your LoRaWAN device.", + "title": "Type", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Logs::AccountPolicy": { + "AWS::IoTWireless::WirelessDevice.FPorts": { "additionalProperties": false, "properties": { - "Condition": { + "Applications": { + "items": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.Application" + }, + "markdownDescription": "LoRaWAN application configuration, which can be used to perform geolocation.", + "title": "Applications", + "type": "array" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.LoRaWANDevice": { + "additionalProperties": false, + "properties": { + "AbpV10x": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV10x", + "markdownDescription": "ABP device object for LoRaWAN specification v1.0.x.", + "title": "AbpV10x" + }, + "AbpV11": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV11", + "markdownDescription": "ABP device object for create APIs for v1.1.", + "title": "AbpV11" + }, + "DevEui": { + "markdownDescription": "The DevEUI value.", + "title": "DevEui", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DeviceProfileId": { + "markdownDescription": "The ID of the device profile for the new wireless device.", + "title": "DeviceProfileId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "FPorts": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.FPorts", + "markdownDescription": "List of FPort assigned for different LoRaWAN application packages to use.", + "title": "FPorts" }, - "Metadata": { - "type": "object" + "OtaaV10x": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV10x", + "markdownDescription": "OTAA device object for create APIs for v1.0.x", + "title": "OtaaV10x" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "Specify the policy, in JSON.\n\n*Data protection policy*\n\nA data protection policy must include two JSON blocks:\n\n- The first block must include both a `DataIdentifer` array and an `Operation` property with an `Audit` action. The `DataIdentifer` array lists the types of sensitive data that you want to mask. For more information about the available options, see [Types of data that you can mask](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html) .\n\nThe `Operation` property with an `Audit` action is required to find the sensitive data terms. This `Audit` action must contain a `FindingsDestination` object. You can optionally use that `FindingsDestination` object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Firehose streams, and S3 buckets, they must already exist.\n- The second block must include both a `DataIdentifer` array and an `Operation` property with an `Deidentify` action. The `DataIdentifer` array must exactly match the `DataIdentifer` array in the first block of the policy.\n\nThe `Operation` property with the `Deidentify` action is what actually masks the data, and it must contain the `\"MaskConfig\": {}` object. The `\"MaskConfig\": {}` object must be empty.\n\n> The contents of the two `DataIdentifer` arrays must match exactly. \n\nIn addition to the two JSON blocks, the `policyDocument` can also include `Name` , `Description` , and `Version` fields. The `Name` is different than the operation's `policyName` parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch .\n\nThe JSON specified in `policyDocument` can be up to 30,720 characters long.\n\n*Subscription filter policy*\n\nA subscription filter policy can include the following attributes in a JSON block:\n\n- *DestinationArn* The ARN of the destination to deliver log events to. Supported destinations are:\n\n- An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.\n- An Firehose data stream in the same account as the subscription policy, for same-account delivery.\n- A Lambda function in the same account as the subscription policy, for same-account delivery.\n- A logical destination in a different account created with [PutDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html) , for cross-account delivery. Kinesis Data Streams and Firehose are supported as logical destinations.\n- *RoleArn* The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.\n- *FilterPattern* A filter pattern for subscribing to a filtered stream of log events.\n- *Distribution* The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to `Random` for a more even distribution. This property is only applicable when the destination is an Kinesis Data Streams data stream.\n\n*Field index policy*\n\nA field index filter policy can include the following attribute in a JSON block:\n\n- *Fields* The array of field indexes to create.\n\nThe following is an example of an index policy document that creates two indexes, `RequestId` and `TransactionId` .\n\n`\"policyDocument\": \"{ \\\"Fields\\\": [ \\\"RequestId\\\", \\\"TransactionId\\\" ] }\"`\n\n*Transformer policy*\n\nA transformer policy must include one JSON block with the array of processors and their configurations. For more information about available processors, see [Processors that you can use](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors) .", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyName": { - "markdownDescription": "A name for the policy. This must be unique within the account.", - "title": "PolicyName", - "type": "string" - }, - "PolicyType": { - "markdownDescription": "The type of policy that you're creating or updating.", - "title": "PolicyType", - "type": "string" - }, - "Scope": { - "markdownDescription": "Currently the only valid value for this parameter is `ALL` , which specifies that the policy applies to all log groups in the account. If you omit this parameter, the default of `ALL` is used. To scope down a subscription filter policy to a subset of log groups, use the `SelectionCriteria` parameter.", - "title": "Scope", - "type": "string" - }, - "SelectionCriteria": { - "markdownDescription": "Use this parameter to apply the new policy to a subset of log groups in the account.\n\nYou need to specify `SelectionCriteria` only when you specify `SUBSCRIPTION_FILTER_POLICY` , `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` for `PolicyType` .\n\nIf `PolicyType` is `SUBSCRIPTION_FILTER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupName NOT IN []`\n\nIf `PolicyType` is `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupNamePrefix`\n\nThe `SelectionCriteria` string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.\n\nUsing the `SelectionCriteria` parameter with `SUBSCRIPTION_FILTER_POLICY` is useful to help prevent infinite loops. For more information, see [Log recursion prevention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html) .", - "title": "SelectionCriteria", - "type": "string" - } - }, - "required": [ - "PolicyDocument", - "PolicyName", - "PolicyType" - ], - "type": "object" + "OtaaV11": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV11", + "markdownDescription": "OTAA device object for v1.1 for create APIs.", + "title": "OtaaV11" }, - "Type": { - "enum": [ - "AWS::Logs::AccountPolicy" - ], + "ServiceProfileId": { + "markdownDescription": "The ID of the service profile.", + "title": "ServiceProfileId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.OtaaV10x": { + "additionalProperties": false, + "properties": { + "AppEui": { + "markdownDescription": "The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3.", + "title": "AppEui", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AppKey": { + "markdownDescription": "The AppKey value.", + "title": "AppKey", "type": "string" } }, "required": [ - "Type", - "Properties" + "AppEui", + "AppKey" ], "type": "object" }, - "AWS::Logs::Delivery": { + "AWS::IoTWireless::WirelessDevice.OtaaV11": { "additionalProperties": false, "properties": { - "Condition": { + "AppKey": { + "markdownDescription": "The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppKey", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "JoinEui": { + "markdownDescription": "The JoinEUI value.", + "title": "JoinEui", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NwkKey": { + "markdownDescription": "The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "NwkKey", + "type": "string" + } + }, + "required": [ + "AppKey", + "JoinEui", + "NwkKey" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x": { + "additionalProperties": false, + "properties": { + "AppSKey": { + "markdownDescription": "The AppSKey value.", + "title": "AppSKey", + "type": "string" }, - "Metadata": { - "type": "object" + "NwkSKey": { + "markdownDescription": "The NwkKey value.", + "title": "NwkSKey", + "type": "string" + } + }, + "required": [ + "AppSKey", + "NwkSKey" + ], + "type": "object" + }, + "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11": { + "additionalProperties": false, + "properties": { + "AppSKey": { + "markdownDescription": "The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "AppSKey", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeliveryDestinationArn": { - "markdownDescription": "The ARN of the delivery destination that is associated with this delivery.", - "title": "DeliveryDestinationArn", - "type": "string" - }, - "DeliverySourceName": { - "markdownDescription": "The name of the delivery source that is associated with this delivery.", - "title": "DeliverySourceName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to the delivery.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DeliveryDestinationArn", - "DeliverySourceName" - ], - "type": "object" + "FNwkSIntKey": { + "markdownDescription": "The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "FNwkSIntKey", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Logs::Delivery" - ], + "NwkSEncKey": { + "markdownDescription": "The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "NwkSEncKey", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SNwkSIntKey": { + "markdownDescription": "The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", + "title": "SNwkSIntKey", "type": "string" } }, "required": [ - "Type", - "Properties" + "AppSKey", + "FNwkSIntKey", + "NwkSEncKey", + "SNwkSIntKey" ], "type": "object" }, - "AWS::Logs::DeliveryDestination": { + "AWS::IoTWireless::WirelessDeviceImportTask": { "additionalProperties": false, "properties": { "Condition": { @@ -149544,38 +159155,34 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliveryDestinationPolicy": { - "markdownDescription": "An IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. For examples of this policy, see [Examples](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html#API_PutDeliveryDestinationPolicy_Examples) in the CloudWatch Logs API Reference.", - "title": "DeliveryDestinationPolicy", - "type": "object" - }, - "DestinationResourceArn": { - "markdownDescription": "The ARN of the AWS destination that this delivery destination represents. That AWS destination can be a log group in CloudWatch Logs , an Amazon S3 bucket, or a Firehose stream.", - "title": "DestinationResourceArn", + "DestinationName": { + "markdownDescription": "The name of the destination that describes the IoT rule to route messages from the Sidewalk devices in the import task to other applications.", + "title": "DestinationName", "type": "string" }, - "Name": { - "markdownDescription": "The name of this delivery destination.", - "title": "Name", - "type": "string" + "Sidewalk": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk", + "markdownDescription": "The Sidewalk-related information of the wireless device import task.", + "title": "Sidewalk" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the delivery destination.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Adds to or modifies the tags of the given resource. Tags are metadata that you can use to manage a resource.", "title": "Tags", "type": "array" } }, "required": [ - "Name" + "DestinationName", + "Sidewalk" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::DeliveryDestination" + "AWS::IoTWireless::WirelessDeviceImportTask" ], "type": "string" }, @@ -149594,7 +159201,36 @@ ], "type": "object" }, - "AWS::Logs::DeliverySource": { + "AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk": { + "additionalProperties": false, + "properties": { + "DeviceCreationFile": { + "markdownDescription": "The CSV file contained in an S3 bucket that's used for adding devices to an import task.", + "title": "DeviceCreationFile", + "type": "string" + }, + "DeviceCreationFileList": { + "items": { + "type": "string" + }, + "markdownDescription": "List of Sidewalk devices that are added to the import task.", + "title": "DeviceCreationFileList", + "type": "array" + }, + "Role": { + "markdownDescription": "The IAM role that allows to access the CSV file in the S3 bucket.", + "title": "Role", + "type": "string" + }, + "SidewalkManufacturingSn": { + "markdownDescription": "The Sidewalk manufacturing serial number (SMSN) of the Sidewalk device.", + "title": "SidewalkManufacturingSn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::IoTWireless::WirelessGateway": { "additionalProperties": false, "properties": { "Condition": { @@ -149629,38 +159265,53 @@ "Properties": { "additionalProperties": false, "properties": { - "LogType": { - "markdownDescription": "The type of log that the source is sending. For valid values for this parameter, see the documentation for the source service.", - "title": "LogType", + "Description": { + "markdownDescription": "The description of the new resource. The maximum length is 2048 characters.", + "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The unique name of the delivery source.", - "title": "Name", + "LastUplinkReceivedAt": { + "markdownDescription": "The date and time when the most recent uplink was received.", + "title": "LastUplinkReceivedAt", "type": "string" }, - "ResourceArn": { - "markdownDescription": "The ARN of the AWS resource that is generating and sending logs. For example, `arn:aws:workmail:us-east-1:123456789012:organization/m-1234EXAMPLEabcd1234abcd1234abcd1234`", - "title": "ResourceArn", + "LoRaWAN": { + "$ref": "#/definitions/AWS::IoTWireless::WirelessGateway.LoRaWANGateway", + "markdownDescription": "The gateway configuration information to use to create the wireless gateway.", + "title": "LoRaWAN" + }, + "Name": { + "markdownDescription": "The name of the new resource.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the delivery source.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" + }, + "ThingArn": { + "markdownDescription": "The ARN of the thing to associate with the wireless gateway.", + "title": "ThingArn", + "type": "string" + }, + "ThingName": { + "markdownDescription": "The name of the thing associated with the wireless gateway. The value is empty if a thing isn't associated with the gateway.", + "title": "ThingName", + "type": "string" } }, "required": [ - "Name" + "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::DeliverySource" + "AWS::IoTWireless::WirelessGateway" ], "type": "string" }, @@ -149679,91 +159330,27 @@ ], "type": "object" }, - "AWS::Logs::Destination": { + "AWS::IoTWireless::WirelessGateway.LoRaWANGateway": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DestinationName": { - "markdownDescription": "The name of the destination.", - "title": "DestinationName", - "type": "string" - }, - "DestinationPolicy": { - "markdownDescription": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination.", - "title": "DestinationPolicy", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource.", - "title": "RoleArn", - "type": "string" - }, - "TargetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the physical target where the log events are delivered (for example, a Kinesis stream).", - "title": "TargetArn", - "type": "string" - } - }, - "required": [ - "DestinationName", - "RoleArn", - "TargetArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Logs::Destination" - ], + "GatewayEui": { + "markdownDescription": "The gateway's EUI value.", + "title": "GatewayEui", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RfRegion": { + "markdownDescription": "The frequency band (RFRegion) value.", + "title": "RfRegion", "type": "string" } }, "required": [ - "Type", - "Properties" + "GatewayEui", + "RfRegion" ], "type": "object" }, - "AWS::Logs::LogAnomalyDetector": { + "AWS::KMS::Alias": { "additionalProperties": false, "properties": { "Condition": { @@ -149798,50 +159385,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "The ID of the account to create the anomaly detector in.", - "title": "AccountId", - "type": "string" - }, - "AnomalyVisibilityTime": { - "markdownDescription": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly.", - "title": "AnomalyVisibilityTime", - "type": "number" - }, - "DetectorName": { - "markdownDescription": "A name for this anomaly detector.", - "title": "DetectorName", - "type": "string" - }, - "EvaluationFrequency": { - "markdownDescription": "Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for `EvaluationFrequency` .", - "title": "EvaluationFrequency", - "type": "string" - }, - "FilterPattern": { - "markdownDescription": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", + "AliasName": { + "markdownDescription": "Specifies the alias name. This value must begin with `alias/` followed by a name, such as `alias/ExampleAlias` .\n\n> If you change the value of the `AliasName` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). \n\nThe alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with `alias/aws/` . The `alias/aws/` prefix is reserved for [AWS managed keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", + "title": "AliasName", "type": "string" }, - "KmsKeyId": { - "markdownDescription": "Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds.\n\nFor more information about using a AWS KMS key and to see the required IAM policy, see [Use a AWS KMS key with an anomaly detector](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/LogsAnomalyDetection-KMS.html) .", - "title": "KmsKeyId", + "TargetKeyId": { + "markdownDescription": "Associates the alias with the specified [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) . The KMS key must be in the same AWS account and Region.\n\nA valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n\nFor help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *AWS Key Management Service Developer Guide* .\n\nSpecify the key ID or the key ARN of the KMS key.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nTo get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) .", + "title": "TargetKeyId", "type": "string" - }, - "LogGroupArnList": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN of the log group that is associated with this anomaly detector. You can specify only one log group ARN.", - "title": "LogGroupArnList", - "type": "array" } }, + "required": [ + "AliasName", + "TargetKeyId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::LogAnomalyDetector" + "AWS::KMS::Alias" ], "type": "string" }, @@ -149855,11 +159418,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Logs::LogGroup": { + "AWS::KMS::Key": { "additionalProperties": false, "properties": { "Condition": { @@ -149894,36 +159458,66 @@ "Properties": { "additionalProperties": false, "properties": { - "DataProtectionPolicy": { - "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n\nFor more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html) .", - "title": "DataProtectionPolicy", + "BypassPolicyLockoutSafetyCheck": { + "markdownDescription": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n\n> Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n> \n> For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *AWS Key Management Service Developer Guide* . \n\nUse this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key.", + "title": "BypassPolicyLockoutSafetyCheck", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use.", + "title": "Description", + "type": "string" + }, + "EnableKeyRotation": { + "markdownDescription": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n\nAWS KMS supports automatic rotation only for symmetric encryption KMS keys ( `KeySpec` = `SYMMETRIC_DEFAULT` ). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin `EXTERNAL` , omit the `EnableKeyRotation` property or set it to `false` .\n\nTo enable automatic key rotation of the key material for a multi-Region KMS key, set `EnableKeyRotation` to `true` on the primary key (created by using `AWS::KMS::Key` ). AWS KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *AWS Key Management Service Developer Guide* .\n\nWhen you enable automatic rotation, AWS KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. AWS KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "EnableKeyRotation", + "type": "boolean" + }, + "Enabled": { + "markdownDescription": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", + "title": "Enabled", + "type": "boolean" + }, + "KeyPolicy": { + "markdownDescription": "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n- The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *AWS Key Management Service Developer Guide* . (To omit this condition, set `BypassPolicyLockoutSafetyCheck` to true.)\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nIf you do not provide a key policy, AWS KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *AWS Key Management Service Developer Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters\n- Printable characters in the Basic Latin and Latin-1 Supplement character set\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", + "title": "KeyPolicy", "type": "object" }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use when encrypting log data.\n\nTo associate an AWS KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs . This enables CloudWatch Logs to decrypt this data whenever it is requested.\n\nIf you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an `InvalidParameterException` error.\n\nLog group data is always encrypted in CloudWatch Logs . If you omit this key, the encryption does not use AWS KMS . For more information, see [Encrypt log data in CloudWatch Logs using AWS Key Management Service](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)", - "title": "KmsKeyId", + "KeySpec": { + "markdownDescription": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- Asymmetric ML-DSA key pairs (signing and verification)\n\n- `ML_DSA_44`\n- `ML_DSA_65`\n- `ML_DSA_87`\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", + "title": "KeySpec", "type": "string" }, - "LogGroupClass": { - "markdownDescription": "Specifies the log group class for this log group. There are two classes:\n\n- The `Standard` log class supports all CloudWatch Logs features.\n- The `Infrequent Access` log class supports a subset of CloudWatch Logs features and incurs lower costs.\n\nFor details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)", - "title": "LogGroupClass", + "KeyUsage": { + "markdownDescription": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with ML-DSA key pairs, specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", + "title": "KeyUsage", "type": "string" }, - "LogGroupName": { - "markdownDescription": "The name of the log group. If you don't specify a name, AWS CloudFormation generates a unique ID for the log group.", - "title": "LogGroupName", + "MultiRegion": { + "markdownDescription": "Creates a multi-Region primary key that you can replicate in other AWS Regions . You can't change the `MultiRegion` value after the KMS key is created.\n\nFor a list of AWS Regions in which multi-Region keys are supported, see [Multi-Region keys in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the ** .\n\n> If you change the value of the `MultiRegion` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nFor a multi-Region key, set to this property to `true` . For a single-Region key, omit this property or set it to `false` . The default value is `false` .\n\n*Multi-Region keys* are an AWS KMS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n\nTo create a replica of this primary key in a different AWS Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.", + "title": "MultiRegion", + "type": "boolean" + }, + "Origin": { + "markdownDescription": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> - AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.\n> - `EXTERNAL` is not supported for ML-DSA keys.", + "title": "Origin", "type": "string" }, - "RetentionInDays": { - "markdownDescription": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n\nTo set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html) .", - "title": "RetentionInDays", + "PendingWindowInDays": { + "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "PendingWindowInDays", + "type": "number" + }, + "RotationPeriodInDays": { + "markdownDescription": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n\nThe rotation period defines the number of days after you enable automatic key rotation that AWS KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n\nYou can use the [`kms:RotationPeriodInDays`](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the `RotationPeriodInDays` parameter.\n\nFor more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "RotationPeriodInDays", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the log group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nFor information about tags in AWS KMS , see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *AWS Key Management Service Developer Guide* . For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } @@ -149932,7 +159526,7 @@ }, "Type": { "enum": [ - "AWS::Logs::LogGroup" + "AWS::KMS::Key" ], "type": "string" }, @@ -149950,7 +159544,7 @@ ], "type": "object" }, - "AWS::Logs::LogStream": { + "AWS::KMS::ReplicaKey": { "additionalProperties": false, "properties": { "Condition": { @@ -149985,25 +159579,49 @@ "Properties": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "The name of the log group where the log stream is created.", - "title": "LogGroupName", + "Description": { + "markdownDescription": "A description of the KMS key.\n\nThe default value is an empty string (no description).\n\nThe description is not a shared property of multi-Region keys. You can specify the same description or a different description for each key in a set of related multi-Region keys. AWS Key Management Service does not synchronize this property.", + "title": "Description", "type": "string" }, - "LogStreamName": { - "markdownDescription": "The name of the log stream. The name must be unique within the log group.", - "title": "LogStreamName", + "Enabled": { + "markdownDescription": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the replica might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations. Also, while the replica key is being created, its key state is `Creating` . When the process is complete, the key state of the replica key changes to `Enabled` .\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", + "title": "Enabled", + "type": "boolean" + }, + "KeyPolicy": { + "markdownDescription": "The key policy that authorizes use of the replica key.\n\nThe key policy is not a shared property of multi-Region keys. You can specify the same key policy or a different key policy for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nThe key policy must conform to the following rules.\n\n- The key policy must give the caller [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) permission on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section of the **AWS Key Management Service Developer Guide** .\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters from the space character ( `\\u0020` ) through the end of the ASCII character range.\n- Printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` ).\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", + "title": "KeyPolicy", + "type": "object" + }, + "PendingWindowInDays": { + "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a replica key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a replica key from a CloudFormation stack, AWS KMS schedules the replica key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of replica key is `Pending Deletion` , which prevents it from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the replica key.\n\nIf the KMS key is a multi-Region primary key with replica keys, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n\nYou cannot use a CloudFormation template to cancel deletion of the replica after you remove it from the stack, regardless of the waiting period. However, if you specify a replica key in your template that is based on the same primary key as the original replica key, CloudFormation creates a new replica key with the same key ID, key material, and other shared properties of the original replica key. This new replica key can decrypt ciphertext that was encrypted under the original replica key, or any related multi-Region key.\n\nFor detailed information about deleting multi-Region keys, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nFor information about the `PendingDeletion` key state, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "PendingWindowInDays", + "type": "number" + }, + "PrimaryKeyArn": { + "markdownDescription": "Specifies the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS partition. You can create only one replica of a given primary key in each AWS Region .\n\n> If you change the `PrimaryKeyArn` value of a replica key, the existing replica key is scheduled for deletion and a new replica key is created based on the specified primary key. While it is scheduled for deletion, the existing replica key becomes unusable. You can cancel the scheduled deletion of the key outside of CloudFormation.\n> \n> However, if you inadvertently delete a replica key, you can decrypt ciphertext encrypted by that replica key by using any related multi-Region key. If necessary, you can recreate the replica in the same Region after the previous one is completely deleted. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* \n\nSpecify the key ARN of an existing multi-Region primary key. For example, `arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab` .", + "title": "PrimaryKeyArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nTags are not a shared property of multi-Region keys. You can specify the same tags or different tags for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, AWS KMS replaces the current tag value with the specified one.\n\nWhen you assign tags to an AWS resource, AWS generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "LogGroupName" + "KeyPolicy", + "PrimaryKeyArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::LogStream" + "AWS::KMS::ReplicaKey" ], "type": "string" }, @@ -150022,7 +159640,7 @@ ], "type": "object" }, - "AWS::Logs::MetricFilter": { + "AWS::KafkaConnect::Connector": { "additionalProperties": false, "properties": { "Condition": { @@ -150057,40 +159675,100 @@ "Properties": { "additionalProperties": false, "properties": { - "FilterName": { - "markdownDescription": "The name of the metric filter.", - "title": "FilterName", + "Capacity": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Capacity", + "markdownDescription": "The connector's compute capacity settings.", + "title": "Capacity" + }, + "ConnectorConfiguration": { + "additionalProperties": true, + "markdownDescription": "The configuration of the connector.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "ConnectorConfiguration", + "type": "object" + }, + "ConnectorDescription": { + "markdownDescription": "The description of the connector.", + "title": "ConnectorDescription", "type": "string" }, - "FilterPattern": { - "markdownDescription": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", + "ConnectorName": { + "markdownDescription": "The name of the connector.\n\nThe connector name must be unique and can include up to 128 characters. Valid characters you can include in a connector name are: a-z, A-Z, 0-9, and -.", + "title": "ConnectorName", "type": "string" }, - "LogGroupName": { - "markdownDescription": "The name of an existing log group that you want to associate with this metric filter.", - "title": "LogGroupName", + "KafkaCluster": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaCluster", + "markdownDescription": "The details of the Apache Kafka cluster to which the connector is connected.", + "title": "KafkaCluster" + }, + "KafkaClusterClientAuthentication": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication", + "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used.", + "title": "KafkaClusterClientAuthentication" + }, + "KafkaClusterEncryptionInTransit": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit", + "markdownDescription": "Details of encryption in transit to the Apache Kafka cluster.", + "title": "KafkaClusterEncryptionInTransit" + }, + "KafkaConnectVersion": { + "markdownDescription": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.", + "title": "KafkaConnectVersion", "type": "string" }, - "MetricTransformations": { + "LogDelivery": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.LogDelivery", + "markdownDescription": "The settings for delivering connector logs to Amazon CloudWatch Logs.", + "title": "LogDelivery" + }, + "Plugins": { "items": { - "$ref": "#/definitions/AWS::Logs::MetricFilter.MetricTransformation" + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Plugin" }, - "markdownDescription": "The metric transformations.", - "title": "MetricTransformations", + "markdownDescription": "Specifies which plugin to use for the connector. You must specify a single-element list. Amazon MSK Connect does not currently support specifying multiple plugins.", + "title": "Plugins", + "type": "array" + }, + "ServiceExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon Web Services resources.", + "title": "ServiceExecutionRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", "type": "array" + }, + "WorkerConfiguration": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerConfiguration", + "markdownDescription": "The worker configurations that are in use with the connector.", + "title": "WorkerConfiguration" } }, "required": [ - "FilterPattern", - "LogGroupName", - "MetricTransformations" + "Capacity", + "ConnectorConfiguration", + "ConnectorName", + "KafkaCluster", + "KafkaClusterClientAuthentication", + "KafkaClusterEncryptionInTransit", + "KafkaConnectVersion", + "Plugins", + "ServiceExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Logs::MetricFilter" + "AWS::KafkaConnect::Connector" ], "type": "string" }, @@ -150109,319 +159787,347 @@ ], "type": "object" }, - "AWS::Logs::MetricFilter.Dimension": { + "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name for the CloudWatch metric dimension that the metric filter creates.\n\nDimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:).", - "title": "Key", + "BootstrapServers": { + "markdownDescription": "The bootstrap servers of the cluster.", + "title": "BootstrapServers", "type": "string" }, - "Value": { - "markdownDescription": "The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, `$.eventType` for JSON log events, or `$server` for space-delimited log events.", - "title": "Value", - "type": "string" + "Vpc": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.Vpc", + "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", + "title": "Vpc" } }, "required": [ - "Key", - "Value" + "BootstrapServers", + "Vpc" ], "type": "object" }, - "AWS::Logs::MetricFilter.MetricTransformation": { + "AWS::KafkaConnect::Connector.AutoScaling": { "additionalProperties": false, "properties": { - "DefaultValue": { - "markdownDescription": "(Optional) The value to emit when a filter pattern does not match a log event. This value can be null.", - "title": "DefaultValue", + "MaxWorkerCount": { + "markdownDescription": "The maximum number of workers allocated to the connector.", + "title": "MaxWorkerCount", "type": "number" }, - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::Logs::MetricFilter.Dimension" - }, - "markdownDescription": "The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.\n\n> Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as `IPAddress` or `requestID` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric.\n> \n> CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.\n> \n> You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated AWS Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html) .", - "title": "Dimensions", - "type": "array" - }, - "MetricName": { - "markdownDescription": "The name of the CloudWatch metric.", - "title": "MetricName", - "type": "string" + "McuCount": { + "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", + "title": "McuCount", + "type": "number" }, - "MetricNamespace": { - "markdownDescription": "A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", - "title": "MetricNamespace", - "type": "string" + "MinWorkerCount": { + "markdownDescription": "The minimum number of workers allocated to the connector.", + "title": "MinWorkerCount", + "type": "number" }, - "MetricValue": { - "markdownDescription": "The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like `Error` , specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as `$.size` .", - "title": "MetricValue", - "type": "string" + "ScaleInPolicy": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleInPolicy", + "markdownDescription": "The sacle-in policy for the connector.", + "title": "ScaleInPolicy" }, - "Unit": { - "markdownDescription": "The unit to assign to the metric. If you omit this, the unit is set as `None` .", - "title": "Unit", - "type": "string" + "ScaleOutPolicy": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleOutPolicy", + "markdownDescription": "The sacle-out policy for the connector.", + "title": "ScaleOutPolicy" } }, "required": [ - "MetricName", - "MetricNamespace", - "MetricValue" + "MaxWorkerCount", + "McuCount", + "MinWorkerCount", + "ScaleInPolicy", + "ScaleOutPolicy" ], "type": "object" }, - "AWS::Logs::QueryDefinition": { + "AWS::KafkaConnect::Connector.Capacity": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "Use this parameter if you want the query to query only certain log groups.", - "title": "LogGroupNames", - "type": "array" - }, - "Name": { - "markdownDescription": "A name for the query definition.\n\n> You can use the name to create a folder structure for your queries. To create a folder, use a forward slash (/) to prefix your desired query name with your desired folder name. For example, `*folder-name* / *query-name*` .", - "title": "Name", - "type": "string" - }, - "QueryString": { - "markdownDescription": "The query string to use for this query definition. For more information, see [CloudWatch Logs Insights Query Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html) .", - "title": "QueryString", - "type": "string" - } - }, - "required": [ - "Name", - "QueryString" - ], - "type": "object" + "AutoScaling": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.AutoScaling", + "markdownDescription": "Information about the auto scaling parameters for the connector.", + "title": "AutoScaling" }, - "Type": { - "enum": [ - "AWS::Logs::QueryDefinition" - ], - "type": "string" + "ProvisionedCapacity": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ProvisionedCapacity", + "markdownDescription": "Details about a fixed capacity allocated to a connector.", + "title": "ProvisionedCapacity" + } + }, + "type": "object" + }, + "AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Whether log delivery to Amazon CloudWatch Logs is enabled.", + "title": "Enabled", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LogGroup": { + "markdownDescription": "The name of the CloudWatch log group that is the destination for log delivery.", + "title": "LogGroup", "type": "string" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::Logs::ResourcePolicy": { + "AWS::KafkaConnect::Connector.CustomPlugin": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "The details of the policy. It must be formatted in JSON, and you must use backslashes to escape characters that need to be escaped in JSON strings, such as double quote marks.", - "title": "PolicyDocument", - "type": "string" - }, - "PolicyName": { - "markdownDescription": "The name of the resource policy.", - "title": "PolicyName", - "type": "string" - } - }, - "required": [ - "PolicyDocument", - "PolicyName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Logs::ResourcePolicy" - ], + "CustomPluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the custom plugin.", + "title": "CustomPluginArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Revision": { + "markdownDescription": "The revision of the custom plugin.", + "title": "Revision", + "type": "number" } }, "required": [ - "Type", - "Properties" + "CustomPluginArn", + "Revision" ], "type": "object" }, - "AWS::Logs::SubscriptionFilter": { + "AWS::KafkaConnect::Connector.FirehoseLogDelivery": { "additionalProperties": false, "properties": { - "Condition": { + "DeliveryStream": { + "markdownDescription": "The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.", + "title": "DeliveryStream", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Enabled": { + "markdownDescription": "Specifies whether connector logs get delivered to Amazon Kinesis Data Firehose.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.KafkaCluster": { + "additionalProperties": false, + "properties": { + "ApacheKafkaCluster": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.ApacheKafkaCluster", + "markdownDescription": "The Apache Kafka cluster to which the connector is connected.", + "title": "ApacheKafkaCluster" + } + }, + "required": [ + "ApacheKafkaCluster" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used.", + "title": "AuthenticationType", + "type": "string" + } + }, + "required": [ + "AuthenticationType" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit": { + "additionalProperties": false, + "properties": { + "EncryptionType": { + "markdownDescription": "The type of encryption in transit to the Apache Kafka cluster.", + "title": "EncryptionType", "type": "string" + } + }, + "required": [ + "EncryptionType" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.LogDelivery": { + "additionalProperties": false, + "properties": { + "WorkerLogDelivery": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerLogDelivery", + "markdownDescription": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations.", + "title": "WorkerLogDelivery" + } + }, + "required": [ + "WorkerLogDelivery" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.Plugin": { + "additionalProperties": false, + "properties": { + "CustomPlugin": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.CustomPlugin", + "markdownDescription": "Details about a custom plugin.", + "title": "CustomPlugin" + } + }, + "required": [ + "CustomPlugin" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.ProvisionedCapacity": { + "additionalProperties": false, + "properties": { + "McuCount": { + "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", + "title": "McuCount", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "WorkerCount": { + "markdownDescription": "The number of workers that are allocated to the connector.", + "title": "WorkerCount", + "type": "number" + } + }, + "required": [ + "WorkerCount" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.S3LogDelivery": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that is the destination for log delivery.", + "title": "Bucket", + "type": "string" }, - "Metadata": { - "type": "object" + "Enabled": { + "markdownDescription": "Specifies whether connector logs get sent to the specified Amazon S3 destination.", + "title": "Enabled", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination.", - "title": "DestinationArn", - "type": "string" - }, - "Distribution": { - "markdownDescription": "The method used to distribute log data to the destination, which can be either random or grouped by log stream.", - "title": "Distribution", - "type": "string" - }, - "FilterName": { - "markdownDescription": "The name of the subscription filter.", - "title": "FilterName", - "type": "string" - }, - "FilterPattern": { - "markdownDescription": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", - "title": "FilterPattern", - "type": "string" - }, - "LogGroupName": { - "markdownDescription": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", - "title": "LogGroupName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.", - "title": "RoleArn", - "type": "string" - } + "Prefix": { + "markdownDescription": "The S3 prefix that is the destination for log delivery.", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.ScaleInPolicy": { + "additionalProperties": false, + "properties": { + "CpuUtilizationPercentage": { + "markdownDescription": "Specifies the CPU utilization percentage threshold at which you want connector scale in to be triggered.", + "title": "CpuUtilizationPercentage", + "type": "number" + } + }, + "required": [ + "CpuUtilizationPercentage" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.ScaleOutPolicy": { + "additionalProperties": false, + "properties": { + "CpuUtilizationPercentage": { + "markdownDescription": "The CPU utilization percentage threshold at which you want connector scale out to be triggered.", + "title": "CpuUtilizationPercentage", + "type": "number" + } + }, + "required": [ + "CpuUtilizationPercentage" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.Vpc": { + "additionalProperties": false, + "properties": { + "SecurityGroups": { + "items": { + "type": "string" }, - "required": [ - "DestinationArn", - "FilterPattern", - "LogGroupName" - ], - "type": "object" + "markdownDescription": "The security group IDs for the connector.", + "title": "SecurityGroups", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Logs::SubscriptionFilter" - ], - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnets for the connector.", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroups", + "Subnets" + ], + "type": "object" + }, + "AWS::KafkaConnect::Connector.WorkerConfiguration": { + "additionalProperties": false, + "properties": { + "Revision": { + "markdownDescription": "The revision of the worker configuration.", + "title": "Revision", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "WorkerConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the worker configuration.", + "title": "WorkerConfigurationArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "Revision", + "WorkerConfigurationArn" ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler": { + "AWS::KafkaConnect::Connector.WorkerLogDelivery": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery", + "markdownDescription": "Details about delivering logs to Amazon CloudWatch Logs.", + "title": "CloudWatchLogs" + }, + "Firehose": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.FirehoseLogDelivery", + "markdownDescription": "Details about delivering logs to Amazon Kinesis Data Firehose.", + "title": "Firehose" + }, + "S3": { + "$ref": "#/definitions/AWS::KafkaConnect::Connector.S3LogDelivery", + "markdownDescription": "Details about delivering logs to Amazon S3.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::KafkaConnect::CustomPlugin": { "additionalProperties": false, "properties": { "Condition": { @@ -150456,67 +160162,45 @@ "Properties": { "additionalProperties": false, "properties": { - "DataDelayOffsetInMinutes": { - "markdownDescription": "A period of time (in minutes) by which inference on the data is delayed after the data starts. For instance, if an offset delay time of five minutes was selected, inference will not begin on the data until the first data measurement after the five minute mark. For example, if five minutes is selected, the inference scheduler will wake up at the configured frequency with the additional five minute delay time to check the customer S3 bucket. The customer can upload data at the same frequency and they don't need to stop and restart the scheduler when uploading new data.", - "title": "DataDelayOffsetInMinutes", - "type": "number" - }, - "DataInputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration", - "markdownDescription": "Specifies configuration information for the input data for the inference scheduler, including delimiter, format, and dataset location.", - "title": "DataInputConfiguration" - }, - "DataOutputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration", - "markdownDescription": "Specifies configuration information for the output results for the inference scheduler, including the Amazon S3 location for the output.", - "title": "DataOutputConfiguration" - }, - "DataUploadFrequency": { - "markdownDescription": "How often data is uploaded to the source S3 bucket for the input data. This value is the length of time between data uploads. For instance, if you select 5 minutes, Amazon Lookout for Equipment will upload the real-time data to the source bucket once every 5 minutes. This frequency also determines how often Amazon Lookout for Equipment starts a scheduled inference on your data. In this example, it starts once every 5 minutes.", - "title": "DataUploadFrequency", - "type": "string" - }, - "InferenceSchedulerName": { - "markdownDescription": "The name of the inference scheduler.", - "title": "InferenceSchedulerName", + "ContentType": { + "markdownDescription": "The format of the plugin file.", + "title": "ContentType", "type": "string" }, - "ModelName": { - "markdownDescription": "The name of the machine learning model used for the inference scheduler.", - "title": "ModelName", + "Description": { + "markdownDescription": "The description of the custom plugin.", + "title": "Description", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source being used for the inference.", - "title": "RoleArn", - "type": "string" + "Location": { + "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.CustomPluginLocation", + "markdownDescription": "Information about the location of the custom plugin.", + "title": "Location" }, - "ServerSideKmsKeyId": { - "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt inference scheduler data by Amazon Lookout for Equipment .", - "title": "ServerSideKmsKeyId", + "Name": { + "markdownDescription": "The name of the custom plugin.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Any tags associated with the inference scheduler.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "DataInputConfiguration", - "DataOutputConfiguration", - "DataUploadFrequency", - "ModelName", - "RoleArn" + "ContentType", + "Location", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutEquipment::InferenceScheduler" + "AWS::KafkaConnect::CustomPlugin" ], "type": "string" }, @@ -150535,104 +160219,62 @@ ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration": { + "AWS::KafkaConnect::CustomPlugin.CustomPluginFileDescription": { "additionalProperties": false, "properties": { - "InferenceInputNameConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration", - "markdownDescription": "", - "title": "InferenceInputNameConfiguration" - }, - "InputTimeZoneOffset": { - "markdownDescription": "", - "title": "InputTimeZoneOffset", + "FileMd5": { + "markdownDescription": "The hex-encoded MD5 checksum of the custom plugin file. You can use it to validate the file.", + "title": "FileMd5", "type": "string" }, - "S3InputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration", - "markdownDescription": "", - "title": "S3InputConfiguration" + "FileSize": { + "markdownDescription": "The size in bytes of the custom plugin file. You can use it to validate the file.", + "title": "FileSize", + "type": "number" } }, - "required": [ - "S3InputConfiguration" - ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration": { + "AWS::KafkaConnect::CustomPlugin.CustomPluginLocation": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "", - "title": "KmsKeyId", - "type": "string" - }, - "S3OutputConfiguration": { - "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration", - "markdownDescription": "", - "title": "S3OutputConfiguration" + "S3Location": { + "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.S3Location", + "markdownDescription": "The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3.", + "title": "S3Location" } }, "required": [ - "S3OutputConfiguration" + "S3Location" ], "type": "object" }, - "AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration": { - "additionalProperties": false, - "properties": { - "ComponentTimestampDelimiter": { - "markdownDescription": "", - "title": "ComponentTimestampDelimiter", - "type": "string" - }, - "TimestampFormat": { - "markdownDescription": "", - "title": "TimestampFormat", - "type": "string" - } - }, - "type": "object" - }, - "AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration": { + "AWS::KafkaConnect::CustomPlugin.S3Location": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "", - "title": "Bucket", + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an S3 bucket.", + "title": "BucketArn", "type": "string" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "Bucket" - ], - "type": "object" - }, - "AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "", - "title": "Bucket", + "FileKey": { + "markdownDescription": "The file key for an object in an S3 bucket.", + "title": "FileKey", "type": "string" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", + "ObjectVersion": { + "markdownDescription": "The version of an object in an S3 bucket.", + "title": "ObjectVersion", "type": "string" } }, "required": [ - "Bucket" + "BucketArn", + "FileKey" ], "type": "object" }, - "AWS::LookoutMetrics::Alert": { + "AWS::KafkaConnect::WorkerConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -150667,42 +160309,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.Action", - "markdownDescription": "Action that will be triggered when there is an alert.", - "title": "Action" - }, - "AlertDescription": { - "markdownDescription": "A description of the alert.", - "title": "AlertDescription", + "Description": { + "markdownDescription": "The description of a worker configuration.", + "title": "Description", "type": "string" }, - "AlertName": { - "markdownDescription": "The name of the alert.", - "title": "AlertName", + "Name": { + "markdownDescription": "The name of the worker configuration.", + "title": "Name", "type": "string" }, - "AlertSensitivityThreshold": { - "markdownDescription": "An integer from 0 to 100 specifying the alert sensitivity threshold.", - "title": "AlertSensitivityThreshold", - "type": "number" - }, - "AnomalyDetectorArn": { - "markdownDescription": "The ARN of the detector to which the alert is attached.", - "title": "AnomalyDetectorArn", + "PropertiesFileContent": { + "markdownDescription": "Base64 encoded contents of the connect-distributed.properties file.", + "title": "PropertiesFileContent", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "Action", - "AlertSensitivityThreshold", - "AnomalyDetectorArn" + "Name", + "PropertiesFileContent" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutMetrics::Alert" + "AWS::KafkaConnect::WorkerConfiguration" ], "type": "string" }, @@ -150721,63 +160360,7 @@ ], "type": "object" }, - "AWS::LookoutMetrics::Alert.Action": { - "additionalProperties": false, - "properties": { - "LambdaConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.LambdaConfiguration", - "markdownDescription": "A configuration for an AWS Lambda channel.", - "title": "LambdaConfiguration" - }, - "SNSConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::Alert.SNSConfiguration", - "markdownDescription": "A configuration for an Amazon SNS channel.", - "title": "SNSConfiguration" - } - }, - "type": "object" - }, - "AWS::LookoutMetrics::Alert.LambdaConfiguration": { - "additionalProperties": false, - "properties": { - "LambdaArn": { - "markdownDescription": "The ARN of the Lambda function.", - "title": "LambdaArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of an IAM role that has permission to invoke the Lambda function.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "LambdaArn", - "RoleArn" - ], - "type": "object" - }, - "AWS::LookoutMetrics::Alert.SNSConfiguration": { - "additionalProperties": false, - "properties": { - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that has access to the target SNS topic.", - "title": "RoleArn", - "type": "string" - }, - "SnsTopicArn": { - "markdownDescription": "The ARN of the target SNS topic.", - "title": "SnsTopicArn", - "type": "string" - } - }, - "required": [ - "RoleArn", - "SnsTopicArn" - ], - "type": "object" - }, - "AWS::LookoutMetrics::AnomalyDetector": { + "AWS::Kendra::DataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -150812,44 +160395,70 @@ "Properties": { "additionalProperties": false, "properties": { - "AnomalyDetectorConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig", - "markdownDescription": "Contains information about the configuration of the anomaly detector.", - "title": "AnomalyDetectorConfig" + "CustomDocumentEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration", + "markdownDescription": "Configuration information for altering document metadata and content during the document ingestion process.", + "title": "CustomDocumentEnrichmentConfiguration" }, - "AnomalyDetectorDescription": { - "markdownDescription": "A description of the detector.", - "title": "AnomalyDetectorDescription", + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceConfiguration", + "markdownDescription": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources.", + "title": "DataSourceConfiguration" + }, + "Description": { + "markdownDescription": "A description for the data source connector.", + "title": "Description", "type": "string" }, - "AnomalyDetectorName": { - "markdownDescription": "The name of the detector.", - "title": "AnomalyDetectorName", + "IndexId": { + "markdownDescription": "The identifier of the index you want to use with the data source connector.", + "title": "IndexId", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key to use to encrypt your data.", - "title": "KmsKeyArn", + "LanguageCode": { + "markdownDescription": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", + "title": "LanguageCode", "type": "string" }, - "MetricSetList": { + "Name": { + "markdownDescription": "The name of the data source.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources.", + "title": "RoleArn", + "type": "string" + }, + "Schedule": { + "markdownDescription": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index.", + "title": "Schedule", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSet" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The detector's dataset.", - "title": "MetricSetList", + "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of the data source.", + "title": "Type", + "type": "string" } }, "required": [ - "AnomalyDetectorConfig", - "MetricSetList" + "IndexId", + "Name", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::LookoutMetrics::AnomalyDetector" + "AWS::Kendra::DataSource" ], "type": "string" }, @@ -150868,1640 +160477,1606 @@ ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig": { + "AWS::Kendra::DataSource.AccessControlListConfiguration": { "additionalProperties": false, "properties": { - "AnomalyDetectorFrequency": { - "markdownDescription": "The frequency at which the detector analyzes its source data.", - "title": "AnomalyDetectorFrequency", + "KeyPath": { + "markdownDescription": "Path to the AWS S3 bucket that contains the access control list files.", + "title": "KeyPath", "type": "string" } }, - "required": [ - "AnomalyDetectorFrequency" - ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig": { + "AWS::Kendra::DataSource.AclConfiguration": { "additionalProperties": false, "properties": { - "FlowName": { - "markdownDescription": "name of the flow.", - "title": "FlowName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access the flow.", - "title": "RoleArn", + "AllowedGroupsColumnName": { + "markdownDescription": "A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation.", + "title": "AllowedGroupsColumnName", "type": "string" } }, "required": [ - "FlowName", - "RoleArn" + "AllowedGroupsColumnName" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig": { + "AWS::Kendra::DataSource.ColumnConfiguration": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access data in Amazon CloudWatch.", - "title": "RoleArn", + "ChangeDetectingColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "One to five columns that indicate when a document in the database has changed.", + "title": "ChangeDetectingColumns", + "type": "array" + }, + "DocumentDataColumnName": { + "markdownDescription": "The column that contains the contents of the document.", + "title": "DocumentDataColumnName", + "type": "string" + }, + "DocumentIdColumnName": { + "markdownDescription": "The column that provides the document's identifier.", + "title": "DocumentIdColumnName", + "type": "string" + }, + "DocumentTitleColumnName": { + "markdownDescription": "The column that contains the title of the document.", + "title": "DocumentTitleColumnName", "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation.", + "title": "FieldMappings", + "type": "array" } }, "required": [ - "RoleArn" + "ChangeDetectingColumns", + "DocumentDataColumnName", + "DocumentIdColumnName" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor": { + "AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration": { "additionalProperties": false, "properties": { - "Charset": { - "markdownDescription": "The character set in which the source CSV file is written.", - "title": "Charset", - "type": "string" - }, - "ContainsHeader": { - "markdownDescription": "Whether or not the source CSV file contains a header.", - "title": "ContainsHeader", - "type": "boolean" - }, - "Delimiter": { - "markdownDescription": "The character used to delimit the source CSV file.", - "title": "Delimiter", - "type": "string" - }, - "FileCompression": { - "markdownDescription": "The level of compression of the source CSV file.", - "title": "FileCompression", - "type": "string" - }, - "HeaderList": { + "AttachmentFieldMappings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping" }, - "markdownDescription": "A list of the source CSV file's headers, if any.", - "title": "HeaderList", + "markdownDescription": "Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping.", + "title": "AttachmentFieldMappings", "type": "array" }, - "QuoteSymbol": { - "markdownDescription": "The character used as a quote character.", - "title": "QuoteSymbol", - "type": "string" + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments of pages and blogs in Confluence.", + "title": "CrawlAttachments", + "type": "boolean" } }, "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor": { + "AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping": { "additionalProperties": false, "properties": { - "CsvFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor", - "markdownDescription": "Contains information about how a source CSV data file should be analyzed.", - "title": "CsvFormatDescriptor" + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.\n\nYou must first create the index field using the `UpdateIndex` API.", + "title": "DataSourceFieldName", + "type": "string" }, - "JsonFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor", - "markdownDescription": "Contains information about how a source JSON data file should be analyzed.", - "title": "JsonFormatDescriptor" + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" + }, + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", + "type": "string" } }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor": { + "AWS::Kendra::DataSource.ConfluenceBlogConfiguration": { "additionalProperties": false, "properties": { - "Charset": { - "markdownDescription": "The character set in which the source JSON file is written.", - "title": "Charset", - "type": "string" - }, - "FileCompression": { - "markdownDescription": "The level of compression of the source CSV file.", - "title": "FileCompression", - "type": "string" + "BlogFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping.", + "title": "BlogFieldMappings", + "type": "array" } }, "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.Metric": { + "AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The function with which the metric is calculated.", - "title": "AggregationFunction", + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", "type": "string" }, - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", "type": "string" }, - "Namespace": { - "markdownDescription": "The namespace for the metric.", - "title": "Namespace", + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", "type": "string" } }, "required": [ - "AggregationFunction", - "MetricName" + "DataSourceFieldName", + "IndexFieldName" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.MetricSet": { + "AWS::Kendra::DataSource.ConfluenceConfiguration": { "additionalProperties": false, "properties": { - "DimensionList": { + "AttachmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration", + "markdownDescription": "Configuration information for indexing attachments to Confluence blogs and pages.", + "title": "AttachmentConfiguration" + }, + "BlogConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogConfiguration", + "markdownDescription": "Configuration information for indexing Confluence blogs.", + "title": "BlogConfiguration" + }, + "ExclusionPatterns": { "items": { "type": "string" }, - "markdownDescription": "A list of the fields you want to treat as dimensions.", - "title": "DimensionList", + "markdownDescription": "A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", + "title": "ExclusionPatterns", "type": "array" }, - "MetricList": { + "InclusionPatterns": { "items": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.Metric" + "type": "string" }, - "markdownDescription": "A list of metrics that the dataset will contain.", - "title": "MetricList", + "markdownDescription": "A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", + "title": "InclusionPatterns", "type": "array" }, - "MetricSetDescription": { - "markdownDescription": "A description of the dataset you are creating.", - "title": "MetricSetDescription", - "type": "string" + "PageConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageConfiguration", + "markdownDescription": "Configuration information for indexing Confluence pages.", + "title": "PageConfiguration" }, - "MetricSetFrequency": { - "markdownDescription": "The frequency with which the source data will be analyzed for anomalies.", - "title": "MetricSetFrequency", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password.\n\nYou can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) .", + "title": "SecretArn", "type": "string" }, - "MetricSetName": { - "markdownDescription": "The name of the dataset.", - "title": "MetricSetName", + "ServerUrl": { + "markdownDescription": "The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* .", + "title": "ServerUrl", "type": "string" }, - "MetricSource": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSource", - "markdownDescription": "Contains information about how the source data should be interpreted.", - "title": "MetricSource" - }, - "Offset": { - "markdownDescription": "After an interval ends, the amount of seconds that the detector waits before importing data. Offset is only supported for S3, Redshift, Athena and datasources.", - "title": "Offset", - "type": "number" - }, - "TimestampColumn": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.TimestampColumn", - "markdownDescription": "Contains information about the column used for tracking time in your source data.", - "title": "TimestampColumn" + "SpaceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceConfiguration", + "markdownDescription": "Configuration information for indexing Confluence spaces.", + "title": "SpaceConfiguration" }, - "Timezone": { - "markdownDescription": "The time zone in which your source data was recorded.", - "title": "Timezone", + "Version": { + "markdownDescription": "The version or the type of Confluence installation to connect to.", + "title": "Version", "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) .", + "title": "VpcConfiguration" } }, "required": [ - "MetricList", - "MetricSetName", - "MetricSource" + "SecretArn", + "ServerUrl", + "Version" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.MetricSource": { + "AWS::Kendra::DataSource.ConfluencePageConfiguration": { "additionalProperties": false, "properties": { - "AppFlowConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig", - "markdownDescription": "Details about an AppFlow datasource.", - "title": "AppFlowConfig" - }, - "CloudwatchConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig", - "markdownDescription": "Details about an Amazon CloudWatch monitoring datasource.", - "title": "CloudwatchConfig" - }, - "RDSSourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig", - "markdownDescription": "Details about an Amazon Relational Database Service (RDS) datasource.", - "title": "RDSSourceConfig" - }, - "RedshiftSourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig", - "markdownDescription": "Details about an Amazon Redshift database datasource.", - "title": "RedshiftSourceConfig" - }, - "S3SourceConfig": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig", - "markdownDescription": "Contains information about the configuration of the S3 bucket that contains source files.", - "title": "S3SourceConfig" + "PageFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `PageFieldMappings` parameter, you must specify at least one field mapping.", + "title": "PageFieldMappings", + "type": "array" } }, "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig": { + "AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping": { "additionalProperties": false, "properties": { - "DBInstanceIdentifier": { - "markdownDescription": "A string identifying the database instance.", - "title": "DBInstanceIdentifier", + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", "type": "string" }, - "DatabaseHost": { - "markdownDescription": "The host name of the database.", - "title": "DatabaseHost", + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the RDS database.", - "title": "DatabaseName", + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", "type": "string" + } + }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], + "type": "object" + }, + "AWS::Kendra::DataSource.ConfluenceSpaceConfiguration": { + "additionalProperties": false, + "properties": { + "CrawlArchivedSpaces": { + "markdownDescription": "`TRUE` to index archived spaces.", + "title": "CrawlArchivedSpaces", + "type": "boolean" }, - "DatabasePort": { - "markdownDescription": "The port number where the database can be accessed.", - "title": "DatabasePort", - "type": "number" + "CrawlPersonalSpaces": { + "markdownDescription": "`TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) .", + "title": "CrawlPersonalSpaces", + "type": "boolean" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role.", - "title": "RoleArn", - "type": "string" + "ExcludeSpaces": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded.", + "title": "ExcludeSpaces", + "type": "array" }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", - "title": "SecretManagerArn", + "IncludeSpaces": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded.", + "title": "IncludeSpaces", + "type": "array" + }, + "SpaceFieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping.", + "title": "SpaceFieldMappings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping": { + "additionalProperties": false, + "properties": { + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source.", + "title": "DataSourceFieldName", "type": "string" }, - "TableName": { - "markdownDescription": "The name of the table in the database.", - "title": "TableName", + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", "type": "string" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", - "markdownDescription": "An object containing information about the Amazon Virtual Private Cloud (VPC) configuration.", - "title": "VpcConfiguration" + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", + "title": "IndexFieldName", + "type": "string" } }, "required": [ - "DBInstanceIdentifier", - "DatabaseHost", - "DatabaseName", - "DatabasePort", - "RoleArn", - "SecretManagerArn", - "TableName", - "VpcConfiguration" + "DataSourceFieldName", + "IndexFieldName" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig": { + "AWS::Kendra::DataSource.ConnectionConfiguration": { "additionalProperties": false, "properties": { - "ClusterIdentifier": { - "markdownDescription": "A string identifying the Redshift cluster.", - "title": "ClusterIdentifier", - "type": "string" - }, "DatabaseHost": { - "markdownDescription": "The name of the database host.", + "markdownDescription": "The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address.", "title": "DatabaseHost", "type": "string" }, "DatabaseName": { - "markdownDescription": "The Redshift database name.", + "markdownDescription": "The name of the database containing the document data.", "title": "DatabaseName", "type": "string" }, "DatabasePort": { - "markdownDescription": "The port number where the database can be accessed.", + "markdownDescription": "The port that the database uses for connections.", "title": "DatabasePort", "type": "number" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role providing access to the database.", - "title": "RoleArn", - "type": "string" - }, - "SecretManagerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", - "title": "SecretManagerArn", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide.", + "title": "SecretArn", "type": "string" }, "TableName": { - "markdownDescription": "The table name of the Redshift database.", + "markdownDescription": "The name of the table that contains the document data.", "title": "TableName", "type": "string" - }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", - "markdownDescription": "Contains information about the Amazon Virtual Private Cloud (VPC) configuration.", - "title": "VpcConfiguration" } }, "required": [ - "ClusterIdentifier", "DatabaseHost", "DatabaseName", "DatabasePort", - "RoleArn", - "SecretManagerArn", - "TableName", - "VpcConfiguration" + "SecretArn", + "TableName" ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig": { + "AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "FileFormatDescriptor": { - "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor", - "markdownDescription": "Contains information about a source file's formatting.", - "title": "FileFormatDescriptor" - }, - "HistoricalDataPathList": { + "InlineConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration" }, - "markdownDescription": "A list of paths to the historical data files.", - "title": "HistoricalDataPathList", + "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra.", + "title": "InlineConfigurations", "type": "array" }, + "PostExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", + "title": "PostExtractionHookConfiguration" + }, + "PreExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", + "title": "PreExtractionHookConfiguration" + }, "RoleArn": { - "markdownDescription": "The ARN of an IAM role that has read and write access permissions to the source S3 bucket.", + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", "title": "RoleArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::Kendra::DataSource.DataSourceConfiguration": { + "additionalProperties": false, + "properties": { + "ConfluenceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceConfiguration", + "markdownDescription": "Provides the configuration information to connect to Confluence as your data source.", + "title": "ConfluenceConfiguration" }, - "TemplatedPathList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of templated paths to the source files.", - "title": "TemplatedPathList", - "type": "array" + "DatabaseConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DatabaseConfiguration", + "markdownDescription": "Provides the configuration information to connect to a database as your data source.", + "title": "DatabaseConfiguration" + }, + "GoogleDriveConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.GoogleDriveConfiguration", + "markdownDescription": "Provides the configuration information to connect to Google Drive as your data source.", + "title": "GoogleDriveConfiguration" + }, + "OneDriveConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveConfiguration", + "markdownDescription": "Provides the configuration information to connect to Microsoft OneDrive as your data source.", + "title": "OneDriveConfiguration" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3DataSourceConfiguration", + "markdownDescription": "Provides the configuration information to connect to an Amazon S3 bucket as your data source.\n\n> Amazon Kendra now supports an upgraded Amazon S3 connector.\n> \n> You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.\n> \n> Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.\n> \n> We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024.", + "title": "S3Configuration" + }, + "SalesforceConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceConfiguration", + "markdownDescription": "Provides the configuration information to connect to Salesforce as your data source.", + "title": "SalesforceConfiguration" + }, + "ServiceNowConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowConfiguration", + "markdownDescription": "Provides the configuration information to connect to ServiceNow as your data source.", + "title": "ServiceNowConfiguration" + }, + "SharePointConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SharePointConfiguration", + "markdownDescription": "Provides the configuration information to connect to Microsoft SharePoint as your data source.", + "title": "SharePointConfiguration" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.TemplateConfiguration", + "markdownDescription": "Provides a template for the configuration information to connect to your data source.", + "title": "TemplateConfiguration" + }, + "WebCrawlerConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerConfiguration", + "markdownDescription": "Provides the configuration information required for Amazon Kendra Web Crawler.", + "title": "WebCrawlerConfiguration" + }, + "WorkDocsConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WorkDocsConfiguration", + "markdownDescription": "Provides the configuration information to connect to Amazon WorkDocs as your data source.", + "title": "WorkDocsConfiguration" } }, - "required": [ - "FileFormatDescriptor", - "RoleArn" - ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.TimestampColumn": { + "AWS::Kendra::DataSource.DataSourceToIndexFieldMapping": { "additionalProperties": false, "properties": { - "ColumnFormat": { - "markdownDescription": "The format of the timestamp column.", - "title": "ColumnFormat", + "DataSourceFieldName": { + "markdownDescription": "The name of the field in the data source. You must first create the index field using the `UpdateIndex` API.", + "title": "DataSourceFieldName", "type": "string" }, - "ColumnName": { - "markdownDescription": "The name of the timestamp column.", - "title": "ColumnName", + "DateFieldFormat": { + "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field, you must specify the date format. If the field is not a date field, an exception is thrown.", + "title": "DateFieldFormat", + "type": "string" + }, + "IndexFieldName": { + "markdownDescription": "The name of the index field to map to the data source field. The index field type must match the data source field type.", + "title": "IndexFieldName", "type": "string" } }, + "required": [ + "DataSourceFieldName", + "IndexFieldName" + ], "type": "object" }, - "AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration": { + "AWS::Kendra::DataSource.DataSourceVpcConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroupIdList": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "An array of strings containing the list of security groups.", - "title": "SecurityGroupIdList", + "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source.", + "title": "SecurityGroupIds", "type": "array" }, - "SubnetIdList": { + "SubnetIds": { "items": { "type": "string" }, - "markdownDescription": "An array of strings containing the Amazon VPC subnet IDs (e.g., `subnet-0bb1c79de3EXAMPLE` .", - "title": "SubnetIdList", + "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", + "title": "SubnetIds", "type": "array" } }, "required": [ - "SecurityGroupIdList", - "SubnetIdList" + "SecurityGroupIds", + "SubnetIds" ], "type": "object" }, - "AWS::LookoutVision::Project": { + "AWS::Kendra::DataSource.DatabaseConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AclConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.AclConfiguration", + "markdownDescription": "Information about the database column that provides information for user context filtering.", + "title": "AclConfiguration" }, - "Metadata": { - "type": "object" + "ColumnConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ColumnConfiguration", + "markdownDescription": "Information about where the index should get the document information from the database.", + "title": "ColumnConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ProjectName": { - "markdownDescription": "The name of the project.", - "title": "ProjectName", - "type": "string" - } - }, - "required": [ - "ProjectName" - ], - "type": "object" + "ConnectionConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ConnectionConfiguration", + "markdownDescription": "Configuration information that's required to connect to a database.", + "title": "ConnectionConfiguration" }, - "Type": { - "enum": [ - "AWS::LookoutVision::Project" - ], + "DatabaseEngineType": { + "markdownDescription": "The type of database engine that runs the database.", + "title": "DatabaseEngineType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SqlConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SqlConfiguration", + "markdownDescription": "Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source.", + "title": "SqlConfiguration" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Provides information for connecting to an Amazon VPC.", + "title": "VpcConfiguration" } }, "required": [ - "Type", - "Properties" + "ColumnConfiguration", + "ConnectionConfiguration", + "DatabaseEngineType" ], "type": "object" }, - "AWS::M2::Application": { + "AWS::Kendra::DataSource.DocumentAttributeCondition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ConditionDocumentAttributeKey": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Kendra currently does not support `_document_body` as an attribute key used for the condition.", + "title": "ConditionDocumentAttributeKey", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Definition": { - "$ref": "#/definitions/AWS::M2::Application.Definition", - "markdownDescription": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) .", - "title": "Definition" - }, - "Description": { - "markdownDescription": "The description of the application.", - "title": "Description", - "type": "string" - }, - "EngineType": { - "markdownDescription": "The type of the target platform for this application.", - "title": "EngineType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of a customer managed key.", - "title": "KmsKeyId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role associated with the application.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "Definition", - "EngineType", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::M2::Application" - ], - "type": "string" + "ConditionOnValue": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", + "markdownDescription": "The value used by the operator.\n\nFor example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value.", + "title": "ConditionOnValue" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Operator": { + "markdownDescription": "The condition operator.\n\nFor example, you can use 'Contains' to partially match a string.", + "title": "Operator", "type": "string" } }, "required": [ - "Type", - "Properties" + "ConditionDocumentAttributeKey", + "Operator" ], "type": "object" }, - "AWS::M2::Application.Definition": { + "AWS::Kendra::DataSource.DocumentAttributeTarget": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content of the application definition. This is a JSON object that contains the resource configuration/definitions that identify an application.", - "title": "Content", + "TargetDocumentAttributeKey": { + "markdownDescription": "The identifier of the target document attribute or metadata field.\n\nFor example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", + "title": "TargetDocumentAttributeKey", "type": "string" }, - "S3Location": { - "markdownDescription": "The S3 bucket that contains the application definition.", - "title": "S3Location", - "type": "string" + "TargetDocumentAttributeValue": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", + "markdownDescription": "The target value you want to create for the target attribute.\n\nFor example, 'Finance' could be the target value for the target attribute key 'Department'.", + "title": "TargetDocumentAttributeValue" + }, + "TargetDocumentAttributeValueDeletion": { + "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` . To create a target value ( `TargetDocumentAttributeValue` ), set this to `FALSE` .", + "title": "TargetDocumentAttributeValueDeletion", + "type": "boolean" } }, + "required": [ + "TargetDocumentAttributeKey" + ], "type": "object" }, - "AWS::M2::Environment": { + "AWS::Kendra::DataSource.DocumentAttributeValue": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the runtime environment.", - "title": "Description", - "type": "string" - }, - "EngineType": { - "markdownDescription": "The target platform for the runtime environment.", - "title": "EngineType", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version of the runtime engine.", - "title": "EngineVersion", - "type": "string" - }, - "HighAvailabilityConfig": { - "$ref": "#/definitions/AWS::M2::Environment.HighAvailabilityConfig", - "markdownDescription": "Defines the details of a high availability configuration.", - "title": "HighAvailabilityConfig" - }, - "InstanceType": { - "markdownDescription": "The instance type of the runtime environment.", - "title": "InstanceType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of a customer managed key.", - "title": "KmsKeyId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the runtime environment.", - "title": "Name", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. The following two examples are valid maintenance windows: `sun:23:45-mon:00:15` or `sat:01:00-sat:03:00` .\n\nIf you do not provide a value, a random system-generated value will be assigned.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "Specifies whether the runtime environment is publicly accessible.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of security groups for the VPC associated with this runtime environment.", - "title": "SecurityGroupIds", - "type": "array" - }, - "StorageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::M2::Environment.StorageConfiguration" - }, - "markdownDescription": "Defines the storage configuration for a runtime environment.", - "title": "StorageConfigurations", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets associated with the VPC for this runtime environment.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "StringListValue": { + "items": { + "type": "string" }, - "required": [ - "EngineType", - "InstanceType", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::M2::Environment" - ], - "type": "string" + "markdownDescription": "A list of strings. The default maximum length or number of strings is 10.", + "title": "StringListValue", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StringValue": { + "markdownDescription": "A string, such as \"department\".", + "title": "StringValue", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::M2::Environment.EfsStorageConfiguration": { + "AWS::Kendra::DataSource.DocumentsMetadataConfiguration": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The file system identifier.", - "title": "FileSystemId", - "type": "string" - }, - "MountPoint": { - "markdownDescription": "The mount point for the file system.", - "title": "MountPoint", + "S3Prefix": { + "markdownDescription": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files.", + "title": "S3Prefix", "type": "string" } }, - "required": [ - "FileSystemId", - "MountPoint" - ], "type": "object" }, - "AWS::M2::Environment.FsxStorageConfiguration": { + "AWS::Kendra::DataSource.GoogleDriveConfiguration": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The file system identifier.", - "title": "FileSystemId", - "type": "string" + "ExcludeMimeTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded.\n\nFor a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", + "title": "ExcludeMimeTypes", + "type": "array" }, - "MountPoint": { - "markdownDescription": "The mount point for the file system.", - "title": "MountPoint", + "ExcludeSharedDrives": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded.", + "title": "ExcludeSharedDrives", + "type": "array" + }, + "ExcludeUserAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way.", + "title": "ExcludeUserAccounts", + "type": "array" + }, + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "ExclusionPatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "InclusionPatterns", + "type": "array" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", + "title": "SecretArn", "type": "string" } }, "required": [ - "FileSystemId", - "MountPoint" + "SecretArn" ], "type": "object" }, - "AWS::M2::Environment.HighAvailabilityConfig": { + "AWS::Kendra::DataSource.HookConfiguration": { "additionalProperties": false, "properties": { - "DesiredCapacity": { - "markdownDescription": "The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100.", - "title": "DesiredCapacity", - "type": "number" + "InvocationCondition": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", + "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time.", + "title": "InvocationCondition" + }, + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", + "title": "LambdaArn", + "type": "string" + }, + "S3Bucket": { + "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) .", + "title": "S3Bucket", + "type": "string" } }, "required": [ - "DesiredCapacity" + "LambdaArn", + "S3Bucket" ], "type": "object" }, - "AWS::M2::Environment.StorageConfiguration": { + "AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "Efs": { - "$ref": "#/definitions/AWS::M2::Environment.EfsStorageConfiguration", - "markdownDescription": "Defines the storage configuration for an Amazon EFS file system.", - "title": "Efs" + "Condition": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", + "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Kendra.", + "title": "Condition" }, - "Fsx": { - "$ref": "#/definitions/AWS::M2::Environment.FsxStorageConfiguration", - "markdownDescription": "Defines the storage configuration for an Amazon FSx file system.", - "title": "Fsx" + "DocumentContentDeletion": { + "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", + "title": "DocumentContentDeletion", + "type": "boolean" + }, + "Target": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeTarget", + "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Kendra. You can also include a value.", + "title": "Target" } }, "type": "object" }, - "AWS::MSK::BatchScramSecret": { + "AWS::Kendra::DataSource.OneDriveConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DisableLocalGroups": { + "markdownDescription": "`TRUE` to disable local groups information.", + "title": "DisableLocalGroups", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", + "title": "ExclusionPatterns", + "type": "array" }, - "Metadata": { - "type": "object" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata.", + "title": "FieldMappings", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", - "title": "ClusterArn", - "type": "string" - }, - "SecretArnList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of Amazon Resource Name (ARN)s of Secrets Manager secrets.", - "title": "SecretArnList", - "type": "array" - } + "InclusionPatterns": { + "items": { + "type": "string" }, - "required": [ - "ClusterArn" - ], - "type": "object" + "markdownDescription": "A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", + "title": "InclusionPatterns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MSK::BatchScramSecret" - ], + "OneDriveUsers": { + "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveUsers", + "markdownDescription": "A list of user accounts whose documents should be indexed.", + "title": "OneDriveUsers" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application.", + "title": "SecretArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TenantDomain": { + "markdownDescription": "The Azure Active Directory domain of the organization.", + "title": "TenantDomain", "type": "string" } }, "required": [ - "Type", - "Properties" + "OneDriveUsers", + "SecretArn", + "TenantDomain" ], "type": "object" }, - "AWS::MSK::Cluster": { + "AWS::Kendra::DataSource.OneDriveUsers": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BrokerNodeGroupInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.BrokerNodeGroupInfo", - "markdownDescription": "Information about the broker nodes in the cluster.", - "title": "BrokerNodeGroupInfo" - }, - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::Cluster.ClientAuthentication", - "markdownDescription": "Includes all client authentication related information.", - "title": "ClientAuthentication" - }, - "ClusterName": { - "markdownDescription": "The name of the cluster.", - "title": "ClusterName", - "type": "string" - }, - "ConfigurationInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.ConfigurationInfo", - "markdownDescription": "Represents the configuration that you want MSK to use for the cluster.", - "title": "ConfigurationInfo" - }, - "CurrentVersion": { - "markdownDescription": "The version of the cluster that you want to update.", - "title": "CurrentVersion", - "type": "string" - }, - "EncryptionInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInfo", - "markdownDescription": "Includes all encryption-related information.", - "title": "EncryptionInfo" - }, - "EnhancedMonitoring": { - "markdownDescription": "Specifies the level of monitoring for the MSK cluster.", - "title": "EnhancedMonitoring", - "type": "string" - }, - "KafkaVersion": { - "markdownDescription": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use [supported Apache Kafka versions](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) .", - "title": "KafkaVersion", - "type": "string" - }, - "LoggingInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.LoggingInfo", - "markdownDescription": "Logging info details for the cluster.", - "title": "LoggingInfo" - }, - "NumberOfBrokerNodes": { - "markdownDescription": "The number of broker nodes in the cluster.", - "title": "NumberOfBrokerNodes", - "type": "number" - }, - "OpenMonitoring": { - "$ref": "#/definitions/AWS::MSK::Cluster.OpenMonitoring", - "markdownDescription": "The settings for open monitoring.", - "title": "OpenMonitoring" - }, - "StorageMode": { - "markdownDescription": "This controls storage mode for supported storage tiers.", - "title": "StorageMode", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "OneDriveUserList": { + "items": { + "type": "string" }, - "required": [ - "BrokerNodeGroupInfo", - "ClusterName", - "KafkaVersion", - "NumberOfBrokerNodes" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MSK::Cluster" - ], - "type": "string" + "markdownDescription": "A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users.", + "title": "OneDriveUserList", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "OneDriveUserS3Path": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", + "markdownDescription": "The S3 bucket location of a file containing a list of users whose documents should be indexed.", + "title": "OneDriveUserS3Path" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MSK::Cluster.BrokerLogs": { + "AWS::Kendra::DataSource.ProxyConfiguration": { "additionalProperties": false, "properties": { - "CloudWatchLogs": { - "$ref": "#/definitions/AWS::MSK::Cluster.CloudWatchLogs", - "markdownDescription": "", - "title": "CloudWatchLogs" + "Credentials": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nThe credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials.", + "title": "Credentials", + "type": "string" }, - "Firehose": { - "$ref": "#/definitions/AWS::MSK::Cluster.Firehose", - "markdownDescription": "Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.", - "title": "Firehose" + "Host": { + "markdownDescription": "The name of the website host you want to connect to via a web proxy server.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", + "title": "Host", + "type": "string" }, - "S3": { - "$ref": "#/definitions/AWS::MSK::Cluster.S3", - "markdownDescription": "Details of the Amazon S3 destination for broker logs.", - "title": "S3" + "Port": { + "markdownDescription": "The port number of the website host you want to connect to via a web proxy server.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", + "title": "Port", + "type": "number" } }, + "required": [ + "Host", + "Port" + ], "type": "object" }, - "AWS::MSK::Cluster.BrokerNodeGroupInfo": { + "AWS::Kendra::DataSource.S3DataSourceConfiguration": { "additionalProperties": false, "properties": { - "BrokerAZDistribution": { - "markdownDescription": "This parameter is currently not in use.", - "title": "BrokerAZDistribution", + "AccessControlListConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.AccessControlListConfiguration", + "markdownDescription": "Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) .", + "title": "AccessControlListConfiguration" + }, + "BucketName": { + "markdownDescription": "The name of the bucket that contains the documents.", + "title": "BucketName", "type": "string" }, - "ClientSubnets": { + "DocumentsMetadataConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentsMetadataConfiguration", + "markdownDescription": "Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document.", + "title": "DocumentsMetadataConfiguration" + }, + "ExclusionPatterns": { "items": { "type": "string" }, - "markdownDescription": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", - "title": "ClientSubnets", + "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", + "title": "ExclusionPatterns", "type": "array" }, - "ConnectivityInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.ConnectivityInfo", - "markdownDescription": "Information about the cluster's connectivity setting.", - "title": "ConnectivityInfo" - }, - "InstanceType": { - "markdownDescription": "The type of Amazon EC2 instances to use for brokers. Depending on the [broker type](https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html) , Amazon MSK supports the following broker sizes:\n\n*Standard broker sizes*\n\n- kafka.t3.small\n\n> You can't select the kafka.t3.small instance type when the metadata mode is KRaft.\n- kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge\n- kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge\n\n*Express broker sizes*\n\n- express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge\n\n> Some broker sizes might not be available in certian AWS Regions. See the updated [Pricing tools](https://docs.aws.amazon.com/msk/pricing/) section on the Amazon MSK pricing page for the latest list of available instances by Region.", - "title": "InstanceType", - "type": "string" - }, - "SecurityGroups": { + "InclusionPatterns": { "items": { "type": "string" }, - "markdownDescription": "The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", - "title": "SecurityGroups", + "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", + "title": "InclusionPatterns", "type": "array" }, - "StorageInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.StorageInfo", - "markdownDescription": "Contains information about storage volumes attached to Amazon MSK broker nodes.", - "title": "StorageInfo" + "InclusionPrefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of S3 prefixes for the documents that should be included in the index.", + "title": "InclusionPrefixes", + "type": "array" } }, "required": [ - "ClientSubnets", - "InstanceType" + "BucketName" ], "type": "object" }, - "AWS::MSK::Cluster.ClientAuthentication": { + "AWS::Kendra::DataSource.S3Path": { "additionalProperties": false, "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::Cluster.Sasl", - "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", - "title": "Sasl" - }, - "Tls": { - "$ref": "#/definitions/AWS::MSK::Cluster.Tls", - "markdownDescription": "Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` .", - "title": "Tls" + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", + "type": "string" }, - "Unauthenticated": { - "$ref": "#/definitions/AWS::MSK::Cluster.Unauthenticated", - "markdownDescription": "Details for ClientAuthentication using no authentication.", - "title": "Unauthenticated" + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", + "type": "string" } }, + "required": [ + "Bucket", + "Key" + ], "type": "object" }, - "AWS::MSK::Cluster.CloudWatchLogs": { + "AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether broker logs get sent to the specified CloudWatch Logs destination.", - "title": "Enabled", - "type": "boolean" + "DocumentDataFieldName": { + "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column.", + "title": "DocumentDataFieldName", + "type": "string" }, - "LogGroup": { - "markdownDescription": "The CloudWatch log group that is the destination for broker logs.", - "title": "LogGroup", + "DocumentTitleFieldName": { + "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column.", + "title": "DocumentTitleFieldName", "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps fields from a Salesforce chatter feed into Amazon Kendra index fields.", + "title": "FieldMappings", + "type": "array" + }, + "IncludeFilterTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both.", + "title": "IncludeFilterTypes", + "type": "array" } }, "required": [ - "Enabled" + "DocumentDataFieldName" ], "type": "object" }, - "AWS::MSK::Cluster.ConfigurationInfo": { + "AWS::Kendra::DataSource.SalesforceConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "ARN of the configuration to use.", - "title": "Arn", - "type": "string" - }, - "Revision": { - "markdownDescription": "The revision of the configuration to use.", - "title": "Revision", - "type": "number" + "ChatterFeedConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration", + "markdownDescription": "Configuration information for Salesforce chatter feeds.", + "title": "ChatterFeedConfiguration" + }, + "CrawlAttachments": { + "markdownDescription": "Indicates whether Amazon Kendra should index attachments to Salesforce objects.", + "title": "CrawlAttachments", + "type": "boolean" + }, + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" + }, + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" + }, + "KnowledgeArticleConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration", + "markdownDescription": "Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both.", + "title": "KnowledgeArticleConfiguration" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys:\n\n- authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token.\n- consumerKey - The application public key generated when you created your Salesforce application.\n- consumerSecret - The application private key generated when you created your Salesforce application.\n- password - The password associated with the user logging in to the Salesforce instance.\n- securityToken - The token associated with the user logging in to the Salesforce instance.\n- username - The user name of the user logging in to the Salesforce instance.", + "title": "SecretArn", + "type": "string" + }, + "ServerUrl": { + "markdownDescription": "The instance URL for the Salesforce site that you want to index.", + "title": "ServerUrl", + "type": "string" + }, + "StandardObjectAttachmentConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration", + "markdownDescription": "Configuration information for processing attachments to Salesforce standard objects.", + "title": "StandardObjectAttachmentConfiguration" + }, + "StandardObjectConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration" + }, + "markdownDescription": "Configuration of the Salesforce standard objects that Amazon Kendra indexes.", + "title": "StandardObjectConfigurations", + "type": "array" } }, "required": [ - "Arn", - "Revision" + "SecretArn", + "ServerUrl" ], "type": "object" }, - "AWS::MSK::Cluster.ConnectivityInfo": { + "AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration": { "additionalProperties": false, "properties": { - "PublicAccess": { - "$ref": "#/definitions/AWS::MSK::Cluster.PublicAccess", - "markdownDescription": "Access control settings for the cluster's brokers.", - "title": "PublicAccess" + "DocumentDataFieldName": { + "markdownDescription": "The name of the field in the custom knowledge article that contains the document data to index.", + "title": "DocumentDataFieldName", + "type": "string" }, - "VpcConnectivity": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivity", - "markdownDescription": "VPC connection control settings for brokers.", - "title": "VpcConnectivity" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EBSStorageInfo": { - "additionalProperties": false, - "properties": { - "ProvisionedThroughput": { - "$ref": "#/definitions/AWS::MSK::Cluster.ProvisionedThroughput", - "markdownDescription": "EBS volume provisioned throughput information.", - "title": "ProvisionedThroughput" + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field in the custom knowledge article that contains the document title.", + "title": "DocumentTitleFieldName", + "type": "string" }, - "VolumeSize": { - "markdownDescription": "The size in GiB of the EBS volume for the data drive on each broker node.", - "title": "VolumeSize", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionAtRest": { - "additionalProperties": false, - "properties": { - "DataVolumeKMSKeyId": { - "markdownDescription": "The ARN of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.", - "title": "DataVolumeKMSKeyId", + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the custom knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the configuration.", + "title": "Name", "type": "string" } }, "required": [ - "DataVolumeKMSKeyId" + "DocumentDataFieldName", + "Name" ], "type": "object" }, - "AWS::MSK::Cluster.EncryptionInTransit": { + "AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration": { "additionalProperties": false, "properties": { - "ClientBroker": { - "markdownDescription": "Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.\n\n- `TLS` : Indicates that client-broker communication is enabled with TLS only.\n- `TLS_PLAINTEXT` : Indicates that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.\n- `PLAINTEXT` : Indicates that client-broker communication is enabled in plaintext only.\n\nThe default value is `TLS` .", - "title": "ClientBroker", - "type": "string" + "CustomKnowledgeArticleTypeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration" + }, + "markdownDescription": "Configuration information for custom Salesforce knowledge articles.", + "title": "CustomKnowledgeArticleTypeConfigurations", + "type": "array" }, - "InCluster": { - "markdownDescription": "When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.\n\nThe default value is true.", - "title": "InCluster", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.EncryptionInfo": { - "additionalProperties": false, - "properties": { - "EncryptionAtRest": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionAtRest", - "markdownDescription": "The data-volume encryption details.", - "title": "EncryptionAtRest" + "IncludedStates": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state.", + "title": "IncludedStates", + "type": "array" }, - "EncryptionInTransit": { - "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInTransit", - "markdownDescription": "The details for encryption in transit.", - "title": "EncryptionInTransit" + "StandardKnowledgeArticleTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration", + "markdownDescription": "Configuration information for standard Salesforce knowledge articles.", + "title": "StandardKnowledgeArticleTypeConfiguration" } }, + "required": [ + "IncludedStates" + ], "type": "object" }, - "AWS::MSK::Cluster.Firehose": { + "AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration": { "additionalProperties": false, "properties": { - "DeliveryStream": { - "markdownDescription": "The Kinesis Data Firehose delivery stream that is the destination for broker logs.", - "title": "DeliveryStream", + "DocumentDataFieldName": { + "markdownDescription": "The name of the field that contains the document data to index.", + "title": "DocumentDataFieldName", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream.", - "title": "Enabled", - "type": "boolean" + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field that contains the document title.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" } }, "required": [ - "Enabled" + "DocumentDataFieldName" ], "type": "object" }, - "AWS::MSK::Cluster.Iam": { + "AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field used for the document title.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "One or more objects that map fields in attachments to Amazon Kendra index fields.", + "title": "FieldMappings", + "type": "array" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::MSK::Cluster.JmxExporter": { + "AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration": { "additionalProperties": false, "properties": { - "EnabledInBroker": { - "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", - "title": "EnabledInBroker", - "type": "boolean" + "DocumentDataFieldName": { + "markdownDescription": "The name of the field in the standard object table that contains the document contents.", + "title": "DocumentDataFieldName", + "type": "string" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The name of the field in the standard object table that contains the document title.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of the standard object to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the standard object.", + "title": "Name", + "type": "string" } }, "required": [ - "EnabledInBroker" + "DocumentDataFieldName", + "Name" ], "type": "object" }, - "AWS::MSK::Cluster.LoggingInfo": { + "AWS::Kendra::DataSource.ServiceNowConfiguration": { "additionalProperties": false, "properties": { - "BrokerLogs": { - "$ref": "#/definitions/AWS::MSK::Cluster.BrokerLogs", - "markdownDescription": "You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.", - "title": "BrokerLogs" + "AuthenticationType": { + "markdownDescription": "The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password.\n\nWhen you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", + "title": "AuthenticationType", + "type": "string" + }, + "HostUrl": { + "markdownDescription": "The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.*", + "title": "HostUrl", + "type": "string" + }, + "KnowledgeArticleConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration", + "markdownDescription": "Configuration information for crawling knowledge articles in the ServiceNow site.", + "title": "KnowledgeArticleConfiguration" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", + "title": "SecretArn", + "type": "string" + }, + "ServiceCatalogConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration", + "markdownDescription": "Configuration information for crawling service catalogs in the ServiceNow site.", + "title": "ServiceCatalogConfiguration" + }, + "ServiceNowBuildVersion": { + "markdownDescription": "The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` .", + "title": "ServiceNowBuildVersion", + "type": "string" } }, "required": [ - "BrokerLogs" + "HostUrl", + "SecretArn", + "ServiceNowBuildVersion" ], "type": "object" }, - "AWS::MSK::Cluster.NodeExporter": { + "AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration": { "additionalProperties": false, "properties": { - "EnabledInBroker": { - "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", - "title": "EnabledInBroker", + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments to knowledge articles.", + "title": "CrawlAttachments", "type": "boolean" + }, + "DocumentDataFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", + "title": "DocumentDataFieldName", + "type": "string" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "FilterQuery": { + "markdownDescription": "A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private.\n\nThe query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) .", + "title": "FilterQuery", + "type": "string" + }, + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" } }, "required": [ - "EnabledInBroker" + "DocumentDataFieldName" ], "type": "object" }, - "AWS::MSK::Cluster.OpenMonitoring": { + "AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration": { "additionalProperties": false, "properties": { - "Prometheus": { - "$ref": "#/definitions/AWS::MSK::Cluster.Prometheus", - "markdownDescription": "Prometheus exporter settings.", - "title": "Prometheus" + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index attachments to service catalog items.", + "title": "CrawlAttachments", + "type": "boolean" + }, + "DocumentDataFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", + "title": "DocumentDataFieldName", + "type": "string" + }, + "DocumentTitleFieldName": { + "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", + "title": "DocumentTitleFieldName", + "type": "string" + }, + "ExcludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", + "title": "ExcludeAttachmentFilePatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", + "title": "FieldMappings", + "type": "array" + }, + "IncludeAttachmentFilePatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", + "title": "IncludeAttachmentFilePatterns", + "type": "array" } }, "required": [ - "Prometheus" + "DocumentDataFieldName" ], "type": "object" }, - "AWS::MSK::Cluster.Prometheus": { + "AWS::Kendra::DataSource.SharePointConfiguration": { "additionalProperties": false, "properties": { - "JmxExporter": { - "$ref": "#/definitions/AWS::MSK::Cluster.JmxExporter", - "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", - "title": "JmxExporter" + "CrawlAttachments": { + "markdownDescription": "`TRUE` to index document attachments.", + "title": "CrawlAttachments", + "type": "boolean" }, - "NodeExporter": { - "$ref": "#/definitions/AWS::MSK::Cluster.NodeExporter", - "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", - "title": "NodeExporter" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.ProvisionedThroughput": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Provisioned throughput is on or off.", - "title": "Enabled", + "DisableLocalGroups": { + "markdownDescription": "`TRUE` to disable local groups information.", + "title": "DisableLocalGroups", "type": "boolean" }, - "VolumeThroughput": { - "markdownDescription": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.", - "title": "VolumeThroughput", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.PublicAccess": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.", - "title": "Type", + "DocumentTitleFieldName": { + "markdownDescription": "The Microsoft SharePoint attribute field that contains the title of the document.", + "title": "DocumentTitleFieldName", "type": "string" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.S3": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket that is the destination for broker logs.", - "title": "Bucket", + }, + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index.\n\nThe regex is applied to the display URL of the SharePoint document.", + "title": "ExclusionPatterns", + "type": "array" + }, + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) .", + "title": "FieldMappings", + "type": "array" + }, + "InclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe regex applies to the display URL of the SharePoint document.", + "title": "InclusionPatterns", + "type": "array" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) .", + "title": "SecretArn", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether broker logs get sent to the specified Amazon S3 destination.", - "title": "Enabled", + "SharePointVersion": { + "markdownDescription": "The version of Microsoft SharePoint that you use.", + "title": "SharePointVersion", + "type": "string" + }, + "SslCertificateS3Path": { + "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", + "markdownDescription": "Information required to find a specific file in an Amazon S3 bucket.", + "title": "SslCertificateS3Path" + }, + "Urls": { + "items": { + "type": "string" + }, + "markdownDescription": "The Microsoft SharePoint site URLs for the documents you want to index.", + "title": "Urls", + "type": "array" + }, + "UseChangeLog": { + "markdownDescription": "`TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint.", + "title": "UseChangeLog", "type": "boolean" }, - "Prefix": { - "markdownDescription": "The S3 prefix that is the destination for broker logs.", - "title": "Prefix", - "type": "string" + "VpcConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Provides information for connecting to an Amazon VPC.", + "title": "VpcConfiguration" } }, "required": [ - "Enabled" + "SecretArn", + "SharePointVersion", + "Urls" ], "type": "object" }, - "AWS::MSK::Cluster.Sasl": { + "AWS::Kendra::DataSource.SqlConfiguration": { "additionalProperties": false, "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::Cluster.Iam", - "markdownDescription": "Details for ClientAuthentication using IAM.", - "title": "Iam" - }, - "Scram": { - "$ref": "#/definitions/AWS::MSK::Cluster.Scram", - "markdownDescription": "Details for SASL/SCRAM client authentication.", - "title": "Scram" + "QueryIdentifiersEnclosingOption": { + "markdownDescription": "Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (\") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` .\n\nBy default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes.\n\nPostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case.\n\nFor MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` .", + "title": "QueryIdentifiersEnclosingOption", + "type": "string" } }, "type": "object" }, - "AWS::MSK::Cluster.Scram": { + "AWS::Kendra::DataSource.TemplateConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "SASL/SCRAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "Template": { + "markdownDescription": "The template schema used for the data source, where templates schemas are supported.\n\nSee [Data source template schemas](https://docs.aws.amazon.com/kendra/latest/dg/ds-schemas.html) .", + "title": "Template", + "type": "object" } }, "required": [ - "Enabled" + "Template" ], "type": "object" }, - "AWS::MSK::Cluster.StorageInfo": { - "additionalProperties": false, - "properties": { - "EBSStorageInfo": { - "$ref": "#/definitions/AWS::MSK::Cluster.EBSStorageInfo", - "markdownDescription": "EBS volume information.", - "title": "EBSStorageInfo" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.Tls": { + "AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration": { "additionalProperties": false, "properties": { - "CertificateAuthorityArnList": { + "BasicAuthentication": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerBasicAuthentication" }, - "markdownDescription": "List of AWS Private CA ARNs.", - "title": "CertificateAuthorityArnList", + "markdownDescription": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host.", + "title": "BasicAuthentication", "type": "array" - }, - "Enabled": { - "markdownDescription": "TLS authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" } }, "type": "object" }, - "AWS::MSK::Cluster.Unauthenticated": { + "AWS::Kendra::DataSource.WebCrawlerBasicAuthentication": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Unauthenticated is enabled or not.", - "title": "Enabled", - "type": "boolean" + "Credentials": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nYou use a secret if basic authentication credentials are required to connect to a website. The secret stores your credentials of user name and password.", + "title": "Credentials", + "type": "string" + }, + "Host": { + "markdownDescription": "The name of the website host you want to connect to using authentication credentials.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port number of the website host you want to connect to using authentication credentials.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", + "title": "Port", + "type": "number" } }, "required": [ - "Enabled" + "Credentials", + "Host", + "Port" ], "type": "object" }, - "AWS::MSK::Cluster.VpcConnectivity": { - "additionalProperties": false, - "properties": { - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityClientAuthentication", - "markdownDescription": "VPC connection control settings for brokers.", - "title": "ClientAuthentication" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityClientAuthentication": { + "AWS::Kendra::DataSource.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivitySasl", - "markdownDescription": "Details for VpcConnectivity ClientAuthentication using SASL.", - "title": "Sasl" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration", + "markdownDescription": "Configuration information required to connect to websites using authentication.\n\nYou can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.", + "title": "AuthenticationConfiguration" }, - "Tls": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityTls", - "markdownDescription": "Details for VpcConnectivity ClientAuthentication using TLS.", - "title": "Tls" - } - }, - "type": "object" - }, - "AWS::MSK::Cluster.VpcConnectivityIam": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "CrawlDepth": { + "markdownDescription": "The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2.", + "title": "CrawlDepth", + "type": "number" + }, + "MaxContentSizePerPageInMegaBytes": { + "markdownDescription": "The maximum size (in MB) of a web page or attachment to crawl.\n\nFiles larger than this size (in MB) are skipped/not crawled.\n\nThe default maximum size of a web page or attachment is set to 50 MB.", + "title": "MaxContentSizePerPageInMegaBytes", + "type": "number" + }, + "MaxLinksPerPage": { + "markdownDescription": "The maximum number of URLs on a web page to include when crawling a website. This number is per web page.\n\nAs a website\u2019s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance.\n\nThe default maximum links per page is 100.", + "title": "MaxLinksPerPage", + "type": "number" + }, + "MaxUrlsPerMinuteCrawlRate": { + "markdownDescription": "The maximum number of URLs crawled per website host per minute.\n\nA minimum of one URL is required.\n\nThe default maximum number of URLs crawled per website host per minute is 300.", + "title": "MaxUrlsPerMinuteCrawlRate", + "type": "number" + }, + "ProxyConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.ProxyConfiguration", + "markdownDescription": "Configuration information required to connect to your internal websites via a web proxy.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.\n\nWeb proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) .", + "title": "ProxyConfiguration" + }, + "UrlExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", + "title": "UrlExclusionPatterns", + "type": "array" + }, + "UrlInclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", + "title": "UrlInclusionPatterns", + "type": "array" + }, + "Urls": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerUrls", + "markdownDescription": "Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl.\n\nYou can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs.\n\nYou can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling.\n\n*When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.*", + "title": "Urls" } }, "required": [ - "Enabled" + "Urls" ], "type": "object" }, - "AWS::MSK::Cluster.VpcConnectivitySasl": { + "AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration": { "additionalProperties": false, "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityIam", - "markdownDescription": "Details for ClientAuthentication using IAM for VpcConnectivity.", - "title": "Iam" + "SeedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of seed or starting point URLs of the websites you want to crawl.\n\nThe list can include a maximum of 100 seed URLs.", + "title": "SeedUrls", + "type": "array" }, - "Scram": { - "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityScram", - "markdownDescription": "Details for SASL/SCRAM client authentication for VpcConnectivity.", - "title": "Scram" + "WebCrawlerMode": { + "markdownDescription": "You can choose one of the following modes:\n\n- `HOST_ONLY` \u2014crawl only the website host names. For example, if the seed URL is \"abc.example.com\", then only URLs with host name \"abc.example.com\" are crawled.\n- `SUBDOMAINS` \u2014crawl the website host names with subdomains. For example, if the seed URL is \"abc.example.com\", then \"a.abc.example.com\" and \"b.abc.example.com\" are also crawled.\n- `EVERYTHING` \u2014crawl the website host names with subdomains and other domains that the web pages link to.\n\nThe default mode is set to `HOST_ONLY` .", + "title": "WebCrawlerMode", + "type": "string" } }, + "required": [ + "SeedUrls" + ], "type": "object" }, - "AWS::MSK::Cluster.VpcConnectivityScram": { + "AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "SASL/SCRAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "SiteMaps": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of sitemap URLs of the websites you want to crawl.\n\nThe list can include a maximum of three sitemap URLs.", + "title": "SiteMaps", + "type": "array" } }, "required": [ - "Enabled" + "SiteMaps" ], "type": "object" }, - "AWS::MSK::Cluster.VpcConnectivityTls": { + "AWS::Kendra::DataSource.WebCrawlerUrls": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "TLS authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" + "SeedUrlConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration", + "markdownDescription": "Configuration of the seed or starting point URLs of the websites you want to crawl.\n\nYou can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to.\n\nYou can list up to 100 seed URLs.", + "title": "SeedUrlConfiguration" + }, + "SiteMapsConfiguration": { + "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration", + "markdownDescription": "Configuration of the sitemap URLs of the websites you want to crawl.\n\nOnly URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs.", + "title": "SiteMapsConfiguration" } }, - "required": [ - "Enabled" - ], "type": "object" }, - "AWS::MSK::ClusterPolicy": { + "AWS::Kendra::DataSource.WorkDocsConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CrawlComments": { + "markdownDescription": "`TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on.\n\nThe default is set to `FALSE` .", + "title": "CrawlComments", + "type": "boolean" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExclusionPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of regular expression patterns to exclude certain files in your Amazon WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don\u2019t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", + "title": "ExclusionPatterns", + "type": "array" }, - "Metadata": { - "type": "object" + "FieldMappings": { + "items": { + "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" + }, + "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Amazon WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Amazon WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Amazon WorkDocs data source field names must exist in your Amazon WorkDocs custom metadata.", + "title": "FieldMappings", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", - "title": "ClusterArn", - "type": "string" - }, - "Policy": { - "markdownDescription": "Resource policy for the cluster.", - "title": "Policy", - "type": "object" - } + "InclusionPatterns": { + "items": { + "type": "string" }, - "required": [ - "ClusterArn", - "Policy" - ], - "type": "object" + "markdownDescription": "A list of regular expression patterns to include certain files in your Amazon WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", + "title": "InclusionPatterns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MSK::ClusterPolicy" - ], + "OrganizationId": { + "markdownDescription": "The identifier of the directory corresponding to your Amazon WorkDocs site repository.\n\nYou can find the organization ID in the [AWS Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your Amazon WorkDocs site directory has an ID, which is the organization ID. You can also set up a new Amazon WorkDocs directory in the AWS Directory Service console and enable a Amazon WorkDocs site for the directory in the Amazon WorkDocs console.", + "title": "OrganizationId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "UseChangeLog": { + "markdownDescription": "`TRUE` to use the Amazon WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in Amazon WorkDocs.", + "title": "UseChangeLog", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "OrganizationId" ], "type": "object" }, - "AWS::MSK::Configuration": { + "AWS::Kendra::Faq": { "additionalProperties": false, "properties": { "Condition": { @@ -152537,43 +162112,60 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the configuration.", + "markdownDescription": "A description for the FAQ.", "title": "Description", "type": "string" }, - "KafkaVersionsList": { - "items": { - "type": "string" - }, - "markdownDescription": "The [versions of Apache Kafka](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) with which you can use this MSK configuration.\n\nWhen you update the `KafkaVersionsList` property, AWS CloudFormation recreates a new configuration with the updated property before deleting the old configuration. Such an update requires a [resource replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) . To successfully update `KafkaVersionsList` , you must also update the `Name` property in the same operation.\n\nIf your configuration is attached with any clusters created using the AWS Management Console or AWS CLI , you'll need to manually delete the old configuration from the console after the update completes.\n\nFor more information, see [Can\u2019t update KafkaVersionsList in MSK configuration](https://docs.aws.amazon.com/msk/latest/developerguide/troubleshooting.html#troubleshoot-kafkaversionslist-cfn-update-failure) in the *Amazon MSK Developer Guide* .", - "title": "KafkaVersionsList", - "type": "array" + "FileFormat": { + "markdownDescription": "The format of the input file. You can choose between a basic CSV format, a CSV format that includes customs attributes in a header, and a JSON format that includes custom attributes.\n\nThe format must match the format of the file stored in the S3 bucket identified in the S3Path parameter.\n\nValid values are:\n\n- `CSV`\n- `CSV_WITH_HEADER`\n- `JSON`", + "title": "FileFormat", + "type": "string" }, - "LatestRevision": { - "$ref": "#/definitions/AWS::MSK::Configuration.LatestRevision", - "markdownDescription": "Latest revision of the MSK configuration.", - "title": "LatestRevision" + "IndexId": { + "markdownDescription": "The identifier of the index that contains the FAQ.", + "title": "IndexId", + "type": "string" + }, + "LanguageCode": { + "markdownDescription": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", + "title": "LanguageCode", + "type": "string" }, "Name": { - "markdownDescription": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\".", + "markdownDescription": "The name that you assigned the FAQ when you created or updated the FAQ.", "title": "Name", "type": "string" }, - "ServerProperties": { - "markdownDescription": "Contents of the `server.properties` file. When using the console, the SDK, or the AWS CLI , the contents of `server.properties` can be in plaintext.", - "title": "ServerProperties", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQ.", + "title": "RoleArn", "type": "string" + }, + "S3Path": { + "$ref": "#/definitions/AWS::Kendra::Faq.S3Path", + "markdownDescription": "The Amazon Simple Storage Service (Amazon S3) location of the FAQ input data.", + "title": "S3Path" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ + "IndexId", "Name", - "ServerProperties" + "RoleArn", + "S3Path" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Configuration" + "AWS::Kendra::Faq" ], "type": "string" }, @@ -152592,28 +162184,27 @@ ], "type": "object" }, - "AWS::MSK::Configuration.LatestRevision": { + "AWS::Kendra::Faq.S3Path": { "additionalProperties": false, "properties": { - "CreationTime": { - "markdownDescription": "The time when the configuration revision was created.", - "title": "CreationTime", + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", "type": "string" }, - "Description": { - "markdownDescription": "The description of the configuration revision.", - "title": "Description", + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", "type": "string" - }, - "Revision": { - "markdownDescription": "The revision number.", - "title": "Revision", - "type": "number" } }, + "required": [ + "Bucket", + "Key" + ], "type": "object" }, - "AWS::MSK::Replicator": { + "AWS::Kendra::Index": { "additionalProperties": false, "properties": { "Condition": { @@ -152648,60 +162239,76 @@ "Properties": { "additionalProperties": false, "properties": { - "CurrentVersion": { - "type": "string" + "CapacityUnits": { + "$ref": "#/definitions/AWS::Kendra::Index.CapacityUnitsConfiguration", + "markdownDescription": "Specifies additional capacity units configured for your Enterprise Edition index. You can add and remove capacity units to fit your usage requirements.", + "title": "CapacityUnits" }, "Description": { - "markdownDescription": "A summary description of the replicator.", + "markdownDescription": "A description for the index.", "title": "Description", "type": "string" }, - "KafkaClusters": { + "DocumentMetadataConfigurations": { "items": { - "$ref": "#/definitions/AWS::MSK::Replicator.KafkaCluster" + "$ref": "#/definitions/AWS::Kendra::Index.DocumentMetadataConfiguration" }, - "markdownDescription": "Kafka Clusters to use in setting up sources / targets for replication.", - "title": "KafkaClusters", + "markdownDescription": "Specifies the properties of an index field. You can add either a custom or a built-in field. You can add and remove built-in fields at any time. When a built-in field is removed it's configuration reverts to the default for the field. Custom fields can't be removed from an index after they are added.", + "title": "DocumentMetadataConfigurations", "type": "array" }, - "ReplicationInfoList": { - "items": { - "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationInfo" - }, - "markdownDescription": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.", - "title": "ReplicationInfoList", - "type": "array" + "Edition": { + "markdownDescription": "Indicates whether the index is a Enterprise Edition index, a Developer Edition index, or a GenAI Enterprise Edition index.", + "title": "Edition", + "type": "string" }, - "ReplicatorName": { - "markdownDescription": "The name of the replicator. Alpha-numeric characters with '-' are allowed.", - "title": "ReplicatorName", + "Name": { + "markdownDescription": "The name of the index.", + "title": "Name", "type": "string" }, - "ServiceExecutionRoleArn": { - "markdownDescription": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters)", - "title": "ServiceExecutionRoleArn", + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket.", + "title": "RoleArn", "type": "string" }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.ServerSideEncryptionConfiguration", + "markdownDescription": "The identifier of the AWS KMS customer managed key (CMK) to use to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs.", + "title": "ServerSideEncryptionConfiguration" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "List of tags to attach to created Replicator.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "UserContextPolicy": { + "markdownDescription": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable.", + "title": "UserContextPolicy", + "type": "string" + }, + "UserTokenConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.UserTokenConfiguration" + }, + "markdownDescription": "Defines the type of user token used for the index.", + "title": "UserTokenConfigurations", + "type": "array" } }, "required": [ - "KafkaClusters", - "ReplicationInfoList", - "ReplicatorName", - "ServiceExecutionRoleArn" + "Edition", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::Replicator" + "AWS::Kendra::Index" ], "type": "string" }, @@ -152720,195 +162327,224 @@ ], "type": "object" }, - "AWS::MSK::Replicator.AmazonMskCluster": { + "AWS::Kendra::Index.CapacityUnitsConfiguration": { "additionalProperties": false, "properties": { - "MskClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon MSK cluster.", - "title": "MskClusterArn", - "type": "string" + "QueryCapacityUnits": { + "markdownDescription": "The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity.\n\nA single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units.\n\n`GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second).", + "title": "QueryCapacityUnits", + "type": "number" + }, + "StorageCapacityUnits": { + "markdownDescription": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units.", + "title": "StorageCapacityUnits", + "type": "number" } }, "required": [ - "MskClusterArn" + "QueryCapacityUnits", + "StorageCapacityUnits" ], "type": "object" }, - "AWS::MSK::Replicator.ConsumerGroupReplication": { + "AWS::Kendra::Index.DocumentMetadataConfiguration": { "additionalProperties": false, "properties": { - "ConsumerGroupsToExclude": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the consumer groups that should not be replicated.", - "title": "ConsumerGroupsToExclude", - "type": "array" + "Name": { + "markdownDescription": "The name of the index field.", + "title": "Name", + "type": "string" }, - "ConsumerGroupsToReplicate": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the consumer groups to copy.", - "title": "ConsumerGroupsToReplicate", - "type": "array" + "Relevance": { + "$ref": "#/definitions/AWS::Kendra::Index.Relevance", + "markdownDescription": "Provides tuning parameters to determine how the field affects the search results.", + "title": "Relevance" }, - "DetectAndCopyNewConsumerGroups": { - "markdownDescription": "Enables synchronization of consumer groups to target cluster.", - "title": "DetectAndCopyNewConsumerGroups", - "type": "boolean" + "Search": { + "$ref": "#/definitions/AWS::Kendra::Index.Search", + "markdownDescription": "Provides information about how the field is used during a search.", + "title": "Search" }, - "SynchroniseConsumerGroupOffsets": { - "markdownDescription": "Enables synchronization of consumer group offsets to target cluster. The translated offsets will be written to topic __consumer_offsets.", - "title": "SynchroniseConsumerGroupOffsets", - "type": "boolean" + "Type": { + "markdownDescription": "The data type of the index field.", + "title": "Type", + "type": "string" } }, "required": [ - "ConsumerGroupsToReplicate" + "Name", + "Type" ], "type": "object" }, - "AWS::MSK::Replicator.KafkaCluster": { + "AWS::Kendra::Index.JsonTokenTypeConfiguration": { "additionalProperties": false, "properties": { - "AmazonMskCluster": { - "$ref": "#/definitions/AWS::MSK::Replicator.AmazonMskCluster", - "markdownDescription": "Details of an Amazon MSK Cluster.", - "title": "AmazonMskCluster" + "GroupAttributeField": { + "markdownDescription": "The group attribute field.", + "title": "GroupAttributeField", + "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::MSK::Replicator.KafkaClusterClientVpcConfig", - "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", - "title": "VpcConfig" + "UserNameAttributeField": { + "markdownDescription": "The user name attribute field.", + "title": "UserNameAttributeField", + "type": "string" } }, "required": [ - "AmazonMskCluster", - "VpcConfig" + "GroupAttributeField", + "UserNameAttributeField" ], "type": "object" }, - "AWS::MSK::Replicator.KafkaClusterClientVpcConfig": { + "AWS::Kendra::Index.JwtTokenTypeConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", - "title": "SecurityGroupIds", - "type": "array" + "ClaimRegex": { + "markdownDescription": "The regular expression that identifies the claim.", + "title": "ClaimRegex", + "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets in the client VPC to connect to.", - "title": "SubnetIds", - "type": "array" - } - }, - "required": [ - "SubnetIds" - ], - "type": "object" - }, - "AWS::MSK::Replicator.ReplicationInfo": { - "additionalProperties": false, - "properties": { - "ConsumerGroupReplication": { - "$ref": "#/definitions/AWS::MSK::Replicator.ConsumerGroupReplication", - "markdownDescription": "Configuration relating to consumer group replication.", - "title": "ConsumerGroupReplication" + "GroupAttributeField": { + "markdownDescription": "The group attribute field.", + "title": "GroupAttributeField", + "type": "string" }, - "SourceKafkaClusterArn": { - "markdownDescription": "The ARN of the source Kafka cluster.", - "title": "SourceKafkaClusterArn", + "Issuer": { + "markdownDescription": "The issuer of the token.", + "title": "Issuer", "type": "string" }, - "TargetCompressionType": { - "markdownDescription": "The compression type to use when producing records to target cluster.", - "title": "TargetCompressionType", + "KeyLocation": { + "markdownDescription": "The location of the key.", + "title": "KeyLocation", "type": "string" }, - "TargetKafkaClusterArn": { - "markdownDescription": "The ARN of the target Kafka cluster.", - "title": "TargetKafkaClusterArn", + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (arn) of the secret.", + "title": "SecretManagerArn", "type": "string" }, - "TopicReplication": { - "$ref": "#/definitions/AWS::MSK::Replicator.TopicReplication", - "markdownDescription": "Configuration relating to topic replication.", - "title": "TopicReplication" + "URL": { + "markdownDescription": "The signing key URL.", + "title": "URL", + "type": "string" + }, + "UserNameAttributeField": { + "markdownDescription": "The user name attribute field.", + "title": "UserNameAttributeField", + "type": "string" } }, "required": [ - "ConsumerGroupReplication", - "SourceKafkaClusterArn", - "TargetCompressionType", - "TargetKafkaClusterArn", - "TopicReplication" + "KeyLocation" ], "type": "object" }, - "AWS::MSK::Replicator.ReplicationStartingPosition": { + "AWS::Kendra::Index.Relevance": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of replication starting position.", - "title": "Type", + "Duration": { + "markdownDescription": "Specifies the time period that the boost applies to. For example, to make the boost apply to documents with the field value within the last month, you would use \"2628000s\". Once the field value is beyond the specified range, the effect of the boost drops off. The higher the importance, the faster the effect drops off. If you don't specify a value, the default is 3 months. The value of the field is a numeric string followed by the character \"s\", for example \"86400s\" for one day, or \"604800s\" for one week.\n\nOnly applies to `DATE` fields.", + "title": "Duration", + "type": "string" + }, + "Freshness": { + "markdownDescription": "Indicates that this field determines how \"fresh\" a document is. For example, if document 1 was created on November 5, and document 2 was created on October 31, document 1 is \"fresher\" than document 2. Only applies to `DATE` fields.", + "title": "Freshness", + "type": "boolean" + }, + "Importance": { + "markdownDescription": "The relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers.", + "title": "Importance", + "type": "number" + }, + "RankOrder": { + "markdownDescription": "Determines how values should be interpreted.\n\nWhen the `RankOrder` field is `ASCENDING` , higher numbers are better. For example, a document with a rating score of 10 is higher ranking than a document with a rating score of 1.\n\nWhen the `RankOrder` field is `DESCENDING` , lower numbers are better. For example, in a task tracking application, a priority 1 task is more important than a priority 5 task.\n\nOnly applies to `LONG` fields.", + "title": "RankOrder", "type": "string" + }, + "ValueImportanceItems": { + "items": { + "$ref": "#/definitions/AWS::Kendra::Index.ValueImportanceItem" + }, + "markdownDescription": "An array of key-value pairs for different boosts when they appear in the search result list. For example, if you want to boost query terms that match the \"department\" field in the result, query terms that match this field are boosted in the result. You can add entries from the department field to boost documents with those values higher.\n\nFor example, you can add entries to the map with names of departments. If you add \"HR\", 5 and \"Legal\",3 those departments are given special attention when they appear in the metadata of a document.", + "title": "ValueImportanceItems", + "type": "array" } }, "type": "object" }, - "AWS::MSK::Replicator.TopicReplication": { + "AWS::Kendra::Index.Search": { "additionalProperties": false, "properties": { - "CopyAccessControlListsForTopics": { - "markdownDescription": "Whether to periodically configure remote topic ACLs to match their corresponding upstream topics.", - "title": "CopyAccessControlListsForTopics", + "Displayable": { + "markdownDescription": "Determines whether the field is returned in the query response. The default is `true` .", + "title": "Displayable", "type": "boolean" }, - "CopyTopicConfigurations": { - "markdownDescription": "Whether to periodically configure remote topics to match their corresponding upstream topics.", - "title": "CopyTopicConfigurations", + "Facetable": { + "markdownDescription": "Indicates that the field can be used to create search facets, a count of results for each value in the field. The default is `false` .", + "title": "Facetable", "type": "boolean" }, - "DetectAndCopyNewTopics": { - "markdownDescription": "Whether to periodically check for new topics and partitions.", - "title": "DetectAndCopyNewTopics", + "Searchable": { + "markdownDescription": "Determines whether the field is used in the search. If the `Searchable` field is `true` , you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for string fields and `false` for number and date fields.", + "title": "Searchable", "type": "boolean" }, - "StartingPosition": { - "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationStartingPosition", - "markdownDescription": "Specifies the position in the topics to start replicating from.", - "title": "StartingPosition" + "Sortable": { + "markdownDescription": "Determines whether the field can be used to sort the results of a query. The default is `false` .", + "title": "Sortable", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::Kendra::Index.ServerSideEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys.", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Kendra::Index.UserTokenConfiguration": { + "additionalProperties": false, + "properties": { + "JsonTokenTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.JsonTokenTypeConfiguration", + "markdownDescription": "Information about the JSON token type configuration.", + "title": "JsonTokenTypeConfiguration" }, - "TopicsToExclude": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the topics that should not be replicated.", - "title": "TopicsToExclude", - "type": "array" + "JwtTokenTypeConfiguration": { + "$ref": "#/definitions/AWS::Kendra::Index.JwtTokenTypeConfiguration", + "markdownDescription": "Information about the JWT token type configuration.", + "title": "JwtTokenTypeConfiguration" + } + }, + "type": "object" + }, + "AWS::Kendra::Index.ValueImportanceItem": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The document metadata value used for the search boost.", + "title": "Key", + "type": "string" }, - "TopicsToReplicate": { - "items": { - "type": "string" - }, - "markdownDescription": "List of regular expression patterns indicating the topics to copy.", - "title": "TopicsToReplicate", - "type": "array" + "Value": { + "markdownDescription": "The boost value for a document when the key is part of the metadata of a document.", + "title": "Value", + "type": "number" } }, - "required": [ - "TopicsToReplicate" - ], "type": "object" }, - "AWS::MSK::ServerlessCluster": { + "AWS::KendraRanking::ExecutionPlan": { "additionalProperties": false, "properties": { "Condition": { @@ -152943,46 +162579,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientAuthentication": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.ClientAuthentication", - "markdownDescription": "Includes all client authentication related information.", - "title": "ClientAuthentication" + "CapacityUnits": { + "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration", + "markdownDescription": "You can set additional capacity units to meet the needs of your rescore execution plan. You are given a single capacity unit by default. If you want to use the default capacity, you don't set additional capacity units. For more information on the default capacity and additional capacity units, see [Adjusting capacity](https://docs.aws.amazon.com/kendra/latest/dg/adjusting-capacity.html) .", + "title": "CapacityUnits" }, - "ClusterName": { - "markdownDescription": "The name of the cluster.", - "title": "ClusterName", + "Description": { + "markdownDescription": "A description for the rescore execution plan.", + "title": "Description", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "Name": { + "markdownDescription": "A name for the rescore execution plan.", + "title": "Name", + "type": "string" }, - "VpcConfigs": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.VpcConfig" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "VPC configuration information for the serverless cluster.", - "title": "VpcConfigs", + "markdownDescription": "A list of key-value pairs that identify or categorize your rescore execution plan. You can also use tags to help control access to the rescore execution plan. Tag keys and values can consist of Unicode letters, digits, white space. They can also consist of underscore, period, colon, equal, plus, and asperand.", + "title": "Tags", "type": "array" } }, "required": [ - "ClientAuthentication", - "ClusterName", - "VpcConfigs" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::ServerlessCluster" + "AWS::KendraRanking::ExecutionPlan" ], "type": "string" }, @@ -153001,74 +162629,21 @@ ], "type": "object" }, - "AWS::MSK::ServerlessCluster.ClientAuthentication": { - "additionalProperties": false, - "properties": { - "Sasl": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Sasl", - "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", - "title": "Sasl" - } - }, - "required": [ - "Sasl" - ], - "type": "object" - }, - "AWS::MSK::ServerlessCluster.Iam": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "SASL/IAM authentication is enabled or not.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "Enabled" - ], - "type": "object" - }, - "AWS::MSK::ServerlessCluster.Sasl": { - "additionalProperties": false, - "properties": { - "Iam": { - "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Iam", - "markdownDescription": "Details for ClientAuthentication using IAM.", - "title": "Iam" - } - }, - "required": [ - "Iam" - ], - "type": "object" - }, - "AWS::MSK::ServerlessCluster.VpcConfig": { + "AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "SecurityGroups", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "SubnetIds", - "type": "array" + "RescoreCapacityUnits": { + "markdownDescription": "The amount of extra capacity for your rescore execution plan.\n\nA single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units.", + "title": "RescoreCapacityUnits", + "type": "number" } }, "required": [ - "SubnetIds" + "RescoreCapacityUnits" ], "type": "object" }, - "AWS::MSK::VpcConnection": { + "AWS::Kinesis::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -153103,61 +162678,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Authentication": { - "markdownDescription": "The type of private link authentication.", - "title": "Authentication", + "ResourceArn": { + "markdownDescription": "This is the name for the resource policy.", + "title": "ResourceArn", "type": "string" }, - "ClientSubnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnets in the client VPC to connect to.", - "title": "ClientSubnets", - "type": "array" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", - "title": "SecurityGroups", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An arbitrary set of tags (key-value pairs) you specify while creating the VPC connection.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", + "ResourcePolicy": { + "markdownDescription": "This is the description for the resource policy.", + "title": "ResourcePolicy", "type": "object" - }, - "TargetClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster.", - "title": "TargetClusterArn", - "type": "string" - }, - "VpcId": { - "markdownDescription": "The VPC ID of the remote client.", - "title": "VpcId", - "type": "string" } }, "required": [ - "Authentication", - "ClientSubnets", - "SecurityGroups", - "TargetClusterArn", - "VpcId" + "ResourceArn", + "ResourcePolicy" ], "type": "object" }, "Type": { "enum": [ - "AWS::MSK::VpcConnection" + "AWS::Kinesis::ResourcePolicy" ], "type": "string" }, @@ -153176,7 +162716,7 @@ ], "type": "object" }, - "AWS::MWAA::Environment": { + "AWS::Kinesis::Stream": { "additionalProperties": false, "properties": { "Condition": { @@ -153211,130 +162751,53 @@ "Properties": { "additionalProperties": false, "properties": { - "AirflowConfigurationOptions": { - "markdownDescription": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", - "title": "AirflowConfigurationOptions", - "type": "object" - }, - "AirflowVersion": { - "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` | `2.8.1` | `2.9.2` | `2.10.1` (latest)", - "title": "AirflowVersion", - "type": "string" - }, - "DagS3Path": { - "markdownDescription": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", - "title": "DagS3Path", - "type": "string" - }, - "EndpointManagement": { - "markdownDescription": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", - "title": "EndpointManagement", - "type": "string" - }, - "EnvironmentClass": { - "markdownDescription": "The environment class type. Valid values: `mw1.micro` , `mw1.small` , `mw1.medium` , `mw1.large` , `mw1.1large` , and `mw1.2large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", - "title": "EnvironmentClass", - "type": "string" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", - "title": "ExecutionRoleArn", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", - "title": "KmsKey", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::MWAA::Environment.LoggingConfiguration", - "markdownDescription": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` .", - "title": "LoggingConfiguration" - }, - "MaxWorkers": { - "markdownDescription": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` .", - "title": "MaxWorkers", - "type": "number" - }, - "MinWorkers": { - "markdownDescription": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` .", - "title": "MinWorkers", - "type": "number" + "DesiredShardLevelMetrics": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of shard-level metrics in properties to enable enhanced monitoring mode.", + "title": "DesiredShardLevelMetrics", + "type": "array" }, "Name": { - "markdownDescription": "The name of your Amazon MWAA environment.", + "markdownDescription": "The name of the Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "Name", "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::MWAA::Environment.NetworkConfiguration", - "markdownDescription": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", - "title": "NetworkConfiguration" - }, - "PluginsS3ObjectVersion": { - "markdownDescription": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", - "title": "PluginsS3ObjectVersion", - "type": "string" - }, - "PluginsS3Path": { - "markdownDescription": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", - "title": "PluginsS3Path", - "type": "string" - }, - "RequirementsS3ObjectVersion": { - "markdownDescription": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", - "title": "RequirementsS3ObjectVersion", - "type": "string" - }, - "RequirementsS3Path": { - "markdownDescription": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", - "title": "RequirementsS3Path", - "type": "string" - }, - "Schedulers": { - "markdownDescription": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - For environments larger than mw1.micro, accepts values from 2 to 5. Defaults to 2 for all environment sizes except mw1.micro, which defaults to 1.\n- *v1* - Accepts 1.", - "title": "Schedulers", + "RetentionPeriodHours": { + "markdownDescription": "The number of hours for the data records that are stored in shards to remain accessible. The default value is 24. For more information about the stream retention period, see [Changing the Data Retention Period](https://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html) in the Amazon Kinesis Developer Guide.", + "title": "RetentionPeriodHours", "type": "number" }, - "SourceBucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) .", - "title": "SourceBucketArn", - "type": "string" + "ShardCount": { + "markdownDescription": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", + "title": "ShardCount", + "type": "number" }, - "StartupScriptS3ObjectVersion": { - "markdownDescription": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", - "title": "StartupScriptS3ObjectVersion", - "type": "string" + "StreamEncryption": { + "$ref": "#/definitions/AWS::Kinesis::Stream.StreamEncryption", + "markdownDescription": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption.", + "title": "StreamEncryption" }, - "StartupScriptS3Path": { - "markdownDescription": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", - "title": "StartupScriptS3Path", - "type": "string" + "StreamModeDetails": { + "$ref": "#/definitions/AWS::Kinesis::Stream.StreamModeDetails", + "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", + "title": "StreamModeDetails" }, "Tags": { - "markdownDescription": "The key-value tag pairs associated to your environment. For example, `\"Environment\": \"Staging\"` . To learn more, see [Tagging](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .\n\nIf you specify new tags for an existing environment, the update requires service interruption before taking effect.", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the Kinesis stream. For information about constraints for this property, see [Tag Restrictions](https://docs.aws.amazon.com/streams/latest/dev/tagging.html#tagging-restrictions) in the *Amazon Kinesis Developer Guide* .", "title": "Tags", - "type": "object" - }, - "WebserverAccessMode": { - "markdownDescription": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` .", - "title": "WebserverAccessMode", - "type": "string" - }, - "WeeklyMaintenanceWindowStart": { - "markdownDescription": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)", - "title": "WeeklyMaintenanceWindowStart", - "type": "string" + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::MWAA::Environment" + "AWS::Kinesis::Stream" ], "type": "string" }, @@ -153348,86 +162811,45 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::MWAA::Environment.LoggingConfiguration": { - "additionalProperties": false, - "properties": { - "DagProcessingLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the processing logs sent to CloudWatch Logs and the logging level to send.", - "title": "DagProcessingLogs" - }, - "SchedulerLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the scheduler logs sent to CloudWatch Logs and the logging level to send.", - "title": "SchedulerLogs" - }, - "TaskLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the task logs sent to CloudWatch Logs and the logging level to send.", - "title": "TaskLogs" - }, - "WebserverLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the web server logs sent to CloudWatch Logs and the logging level to send.", - "title": "WebserverLogs" - }, - "WorkerLogs": { - "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", - "markdownDescription": "Defines the worker logs sent to CloudWatch Logs and the logging level to send.", - "title": "WorkerLogs" - } - }, - "type": "object" - }, - "AWS::MWAA::Environment.ModuleLoggingConfiguration": { + "AWS::Kinesis::Stream.StreamEncryption": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupArn": { - "markdownDescription": "The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled.\n\n> `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA.", - "title": "CloudWatchLogGroupArn", + "EncryptionType": { + "markdownDescription": "The encryption type to use. The only valid value is `KMS` .", + "title": "EncryptionType", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs.", - "title": "Enabled", - "type": "boolean" - }, - "LogLevel": { - "markdownDescription": "Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` .", - "title": "LogLevel", + "KeyId": { + "markdownDescription": "The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias `aws/kinesis` .\n\n- Key ARN example: `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`\n- Alias ARN example: `arn:aws:kms:us-east-1:123456789012:alias/MyAliasName`\n- Globally unique key ID example: `12345678-1234-1234-1234-123456789012`\n- Alias name example: `alias/MyAliasName`\n- Master key owned by Kinesis Data Streams: `alias/aws/kinesis`", + "title": "KeyId", "type": "string" } }, + "required": [ + "EncryptionType", + "KeyId" + ], "type": "object" }, - "AWS::MWAA::Environment.NetworkConfiguration": { + "AWS::Kinesis::Stream.StreamModeDetails": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of one or more security group IDs. Accepts up to 5 security group IDs. A security group must be attached to the same VPC as the subnets. To learn more, see [Security in your VPC on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-security.html) .", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs. *Required* to create an environment. Must be private subnets in two different availability zones. A subnet must be attached to the same VPC as the security group. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", - "title": "SubnetIds", - "type": "array" + "StreamMode": { + "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", + "title": "StreamMode", + "type": "string" } }, + "required": [ + "StreamMode" + ], "type": "object" }, - "AWS::Macie::AllowList": { + "AWS::Kinesis::StreamConsumer": { "additionalProperties": false, "properties": { "Condition": { @@ -153462,39 +162884,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Criteria": { - "$ref": "#/definitions/AWS::Macie::AllowList.Criteria", - "markdownDescription": "The criteria that specify the text or text pattern to ignore. The criteria can be the location and name of an Amazon S3 object that lists specific text to ignore ( `S3WordsList` ), or a regular expression ( `Regex` ) that defines a text pattern to ignore.", - "title": "Criteria" - }, - "Description": { - "markdownDescription": "A custom description of the allow list. The description can contain 1-512 characters.", - "title": "Description", + "ConsumerName": { + "markdownDescription": "The name of the consumer is something you choose when you register the consumer.", + "title": "ConsumerName", "type": "string" }, - "Name": { - "markdownDescription": "A custom name for the allow list. The name can contain 1-128 characters.", - "title": "Name", + "StreamARN": { + "markdownDescription": "The ARN of the stream with which you registered the consumer.", + "title": "StreamARN", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to the allow list.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of tags to be added to a specified Kinesis resource. A tag consists of a required key and an optional value. You can specify up to 50 tag key-value pairs.", "title": "Tags", "type": "array" } }, "required": [ - "Criteria", - "Name" + "ConsumerName", + "StreamARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::Macie::AllowList" + "AWS::Kinesis::StreamConsumer" ], "type": "string" }, @@ -153513,43 +162930,7 @@ ], "type": "object" }, - "AWS::Macie::AllowList.Criteria": { - "additionalProperties": false, - "properties": { - "Regex": { - "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to ignore. The expression can contain 1-512 characters.", - "title": "Regex", - "type": "string" - }, - "S3WordsList": { - "$ref": "#/definitions/AWS::Macie::AllowList.S3WordsList", - "markdownDescription": "The location and name of an Amazon S3 object that lists specific text to ignore.", - "title": "S3WordsList" - } - }, - "type": "object" - }, - "AWS::Macie::AllowList.S3WordsList": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The full name of the S3 bucket that contains the object. This value correlates to the `Name` field of a bucket's properties in Amazon S3 .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", - "title": "BucketName", - "type": "string" - }, - "ObjectKey": { - "markdownDescription": "The full name of the S3 object. This value correlates to the `Key` field of an object's properties in Amazon S3 . If the name includes a path, include the complete path. For example, `AllowLists/Macie/MyList.txt` .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", - "title": "ObjectKey", - "type": "string" - } - }, - "required": [ - "BucketName", - "ObjectKey" - ], - "type": "object" - }, - "AWS::Macie::CustomDataIdentifier": { + "AWS::KinesisAnalytics::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -153584,60 +162965,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A custom description of the custom data identifier. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Description", + "ApplicationCode": { + "markdownDescription": "One or more SQL statements that read input data, transform it, and generate output. For example, you can write a SQL statement that reads data from one in-application stream, generates a running average of the number of advertisement clicks by vendor, and insert resulting rows in another in-application stream using pumps. For more information about the typical pattern, see [Application Code](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-app-code.html) .\n\nYou can provide such series of SQL statements, where output of one statement can be used as the input for the next statement. You store intermediate results by creating in-application streams and pumps.\n\nNote that the application code must create the streams with names specified in the `Outputs` . For example, if your `Outputs` defines output streams named `ExampleOutputStream1` and `ExampleOutputStream2` , then your application code must create these streams.", + "title": "ApplicationCode", "type": "string" }, - "IgnoreWords": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of character sequences ( *ignore words* ) to exclude from the results. If text matches the regular expression ( `Regex` ) but it contains a string in this array, Amazon Macie ignores the text and doesn't include it in the results.\n\nThe array can contain 1-10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.", - "title": "IgnoreWords", - "type": "array" - }, - "Keywords": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of character sequences ( *keywords* ), one of which must precede and be in proximity ( `MaximumMatchDistance` ) of the regular expression ( `Regex` ) to match.\n\nThe array can contain 1-50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.", - "title": "Keywords", - "type": "array" - }, - "MaximumMatchDistance": { - "markdownDescription": "The maximum number of characters that can exist between the end of at least one complete character sequence specified by the `Keywords` array and the end of text that matches the regular expression ( `Regex` ). If a complete keyword precedes all the text that matches the regular expression and the keyword is within the specified distance, Amazon Macie includes the result.\n\nThe distance can be 1-300 characters. The default value is 50.", - "title": "MaximumMatchDistance", - "type": "number" - }, - "Name": { - "markdownDescription": "A custom name for the custom data identifier. The name can contain 1-128 characters.\n\nAvoid including sensitive data in the name of a custom data identifier. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Name", + "ApplicationDescription": { + "markdownDescription": "Summary description of the application.", + "title": "ApplicationDescription", "type": "string" }, - "Regex": { - "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to match. The expression can contain 1-512 characters.", - "title": "Regex", + "ApplicationName": { + "markdownDescription": "Name of your Amazon Kinesis Analytics application (for example, `sample-app` ).", + "title": "ApplicationName", "type": "string" }, - "Tags": { + "Inputs": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.Input" }, - "markdownDescription": "An array of key-value pairs to apply to the custom data identifier.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "Use this parameter to configure the application input.\n\nYou can configure your application to receive input from a single streaming source. In this configuration, you map this streaming source to an in-application stream that is created. Your application code can then query the in-application stream like a table (you can think of it as a constantly updating table).\n\nFor the streaming source, you provide its Amazon Resource Name (ARN) and format of data on the stream (for example, JSON, CSV, etc.). You also must provide an IAM role that Amazon Kinesis Analytics can assume to read this stream on your behalf.\n\nTo create the in-application stream, you need to specify a schema to transform your data into a schematized version used in SQL. In the schema, you provide the necessary mapping of the data elements in the streaming source to record columns in the in-app stream.", + "title": "Inputs", "type": "array" } }, "required": [ - "Name", - "Regex" + "Inputs" ], "type": "object" }, "Type": { "enum": [ - "AWS::Macie::CustomDataIdentifier" + "AWS::KinesisAnalytics::Application" ], "type": "string" }, @@ -153656,162 +163015,251 @@ ], "type": "object" }, - "AWS::Macie::FindingsFilter": { + "AWS::KinesisAnalytics::Application.CSVMappingParameters": { "additionalProperties": false, "properties": { - "Condition": { + "RecordColumnDelimiter": { + "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RecordRowDelimiter": { + "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" + } + }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.Input": { + "additionalProperties": false, + "properties": { + "InputParallelism": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputParallelism", + "markdownDescription": "Describes the number of in-application streams to create.\n\nData from your source is routed to these in-application input streams.\n\nSee [Configuring Application Input](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-input.html) .", + "title": "InputParallelism" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputProcessingConfiguration", + "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputprocessingconfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) .", + "title": "InputProcessingConfiguration" }, - "Metadata": { - "type": "object" + "InputSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", + "title": "InputSchema" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The action to perform on findings that match the filter criteria ( `FindingCriteria` ). Valid values are:\n\n- `ARCHIVE` - Suppress (automatically archive) the findings.\n- `NOOP` - Don't perform any action on the findings.", - "title": "Action", - "type": "string" - }, - "Description": { - "markdownDescription": "A custom description of the findings filter. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Description", - "type": "string" - }, - "FindingCriteria": { - "$ref": "#/definitions/AWS::Macie::FindingsFilter.FindingCriteria", - "markdownDescription": "The criteria to use to filter findings.", - "title": "FindingCriteria" - }, - "Name": { - "markdownDescription": "A custom name for the findings filter. The name can contain 3-64 characters.\n\nAvoid including sensitive data in the name. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", - "title": "Name", - "type": "string" - }, - "Position": { - "markdownDescription": "The position of the findings filter in the list of saved filter rules on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to findings.", - "title": "Position", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to the findings filter.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "FindingCriteria", - "Name" - ], - "type": "object" + "KinesisFirehoseInput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisFirehoseInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis Firehose delivery stream, identifies the delivery stream's ARN and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", + "title": "KinesisFirehoseInput" }, - "Type": { - "enum": [ - "AWS::Macie::FindingsFilter" - ], + "KinesisStreamsInput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisStreamsInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis stream, identifies the stream's Amazon Resource Name (ARN) and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", + "title": "KinesisStreamsInput" + }, + "NamePrefix": { + "markdownDescription": "Name prefix to use when creating an in-application stream. Suppose that you specify a prefix \"MyInApplicationStream.\" Amazon Kinesis Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with names \"MyInApplicationStream_001,\" \"MyInApplicationStream_002,\" and so on.", + "title": "NamePrefix", + "type": "string" + } + }, + "required": [ + "InputSchema", + "NamePrefix" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputLambdaProcessor": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the [AWS Lambda](https://docs.aws.amazon.com/lambda/) function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleARN": { + "markdownDescription": "The ARN of the IAM role that is used to access the AWS Lambda function.", + "title": "RoleARN", "type": "string" } }, "required": [ - "Type", - "Properties" + "ResourceARN", + "RoleARN" ], "type": "object" }, - "AWS::Macie::FindingsFilter.CriterionAdditionalProperties": { + "AWS::KinesisAnalytics::Application.InputParallelism": { "additionalProperties": false, "properties": { - "eq": { + "Count": { + "markdownDescription": "Number of in-application streams to create. For more information, see [Limits](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/limits.html) .", + "title": "Count", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "InputLambdaProcessor": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputLambdaProcessor", + "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) that is used to preprocess the records in the stream before being processed by your application code.", + "title": "InputLambdaProcessor" + } + }, + "type": "object" + }, + "AWS::KinesisAnalytics::Application.InputSchema": { + "additionalProperties": false, + "properties": { + "RecordColumns": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordColumn" }, - "markdownDescription": "The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", - "title": "eq", + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", "type": "array" }, - "gt": { - "markdownDescription": "The value for the specified property is greater than the specified value.", - "title": "gt", - "type": "number" + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", + "type": "string" }, - "gte": { - "markdownDescription": "The value for the specified property is greater than or equal to the specified value.", - "title": "gte", - "type": "number" + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" + } + }, + "required": [ + "RecordColumns", + "RecordFormat" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.JSONMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordRowPath": { + "markdownDescription": "Path to the top-level parent that contains the records.", + "title": "RecordRowPath", + "type": "string" + } + }, + "required": [ + "RecordRowPath" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.KinesisFirehoseInput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "ARN of the input delivery stream.", + "title": "ResourceARN", + "type": "string" }, - "lt": { - "markdownDescription": "The value for the specified property is less than the specified value.", - "title": "lt", - "type": "number" + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to make sure that the role has the necessary permissions to access the stream.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.KinesisStreamsInput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "ARN of the input Amazon Kinesis stream to read.", + "title": "ResourceARN", + "type": "string" }, - "lte": { - "markdownDescription": "The value for the specified property is less than or equal to the specified value.", - "title": "lte", - "type": "number" + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::Application.MappingParameters": { + "additionalProperties": false, + "properties": { + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "neq": { - "items": { - "type": "string" - }, - "markdownDescription": "The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", - "title": "neq", - "type": "array" + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::Macie::FindingsFilter.FindingCriteria": { + "AWS::KinesisAnalytics::Application.RecordColumn": { "additionalProperties": false, "properties": { - "Criterion": { - "additionalProperties": false, - "markdownDescription": "Specifies a condition that defines the property, operator, and one or more values to use to filter the results.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Macie::FindingsFilter.CriterionAdditionalProperties" - } - }, - "title": "Criterion", - "type": "object" + "Mapping": { + "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", + "title": "Mapping", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the column created in the in-application input stream or reference table.", + "title": "Name", + "type": "string" + }, + "SqlType": { + "markdownDescription": "Type of column created in the in-application input stream or reference table.", + "title": "SqlType", + "type": "string" } }, + "required": [ + "Name", + "SqlType" + ], "type": "object" }, - "AWS::Macie::Session": { + "AWS::KinesisAnalytics::Application.RecordFormat": { + "additionalProperties": false, + "properties": { + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::Application.MappingParameters", + "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" + }, + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", + "type": "string" + } + }, + "required": [ + "RecordFormatType" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput": { "additionalProperties": false, "properties": { "Condition": { @@ -153846,22 +163294,26 @@ "Properties": { "additionalProperties": false, "properties": { - "FindingPublishingFrequency": { - "markdownDescription": "Specifies how often Amazon Macie publishes updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events ). Valid values are:\n\n- FIFTEEN_MINUTES\n- ONE_HOUR\n- SIX_HOURS", - "title": "FindingPublishingFrequency", + "ApplicationName": { + "markdownDescription": "Name of the application to which you want to add the output configuration.", + "title": "ApplicationName", "type": "string" }, - "Status": { - "markdownDescription": "The status of Amazon Macie for the account. Valid values are: `ENABLED` , start or resume Macie activities for the account; and, `PAUSED` , suspend Macie activities for the account.", - "title": "Status", - "type": "string" - } - }, + "Output": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.Output", + "markdownDescription": "An array of objects, each describing one output configuration. In the output configuration, you specify the name of an in-application stream, a destination (that is, an Amazon Kinesis stream, an Amazon Kinesis Firehose delivery stream, or an AWS Lambda function), and record the formation to use when writing to the destination.", + "title": "Output" + } + }, + "required": [ + "ApplicationName", + "Output" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Macie::Session" + "AWS::KinesisAnalytics::ApplicationOutput" ], "type": "string" }, @@ -153875,91 +163327,117 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ManagedBlockchain::Accessor": { + "AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema": { "additionalProperties": false, "properties": { - "Condition": { + "RecordFormatType": { + "markdownDescription": "Specifies the format of the records on the output stream.", + "title": "RecordFormatType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "ARN of the destination Amazon Kinesis Firehose delivery stream to write to.", + "title": "ResourceARN", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "ARN of the destination Amazon Kinesis stream to write to.", + "title": "ResourceARN", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", + "type": "string" }, - "Metadata": { - "type": "object" + "RoleARN": { + "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination function on your behalf. You need to grant the necessary permissions to this role.", + "title": "RoleARN", + "type": "string" + } + }, + "required": [ + "ResourceARN", + "RoleARN" + ], + "type": "object" + }, + "AWS::KinesisAnalytics::ApplicationOutput.Output": { + "additionalProperties": false, + "properties": { + "DestinationSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema", + "markdownDescription": "Describes the data format when records are written to the destination. For more information, see [Configuring Application Output](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-output.html) .", + "title": "DestinationSchema" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessorType": { - "markdownDescription": "The type of the accessor.\n\n> Currently, accessor type is restricted to `BILLING_TOKEN` .", - "title": "AccessorType", - "type": "string" - }, - "NetworkType": { - "markdownDescription": "The blockchain network that the `Accessor` token is created for.\n\n> We recommend using the appropriate `networkType` value for the blockchain network that you are creating the `Accessor` token for. You cannot use the value `ETHEREUM_MAINNET_AND_GOERLI` to specify a `networkType` for your Accessor token.\n> \n> The default value of `ETHEREUM_MAINNET_AND_GOERLI` is only applied:\n> \n> - when the `CreateAccessor` action does not set a `networkType` .\n> - to all existing `Accessor` tokens that were created before the `networkType` property was introduced.", - "title": "NetworkType", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the Accessor.\n\nFor more information about tags, see [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/tagging-resources.html) in the *Amazon Managed Blockchain Ethereum Developer Guide* , or [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/tagging-resources.html) in the *Amazon Managed Blockchain Hyperledger Fabric Developer Guide* .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "AccessorType" - ], - "type": "object" + "KinesisFirehoseOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput", + "markdownDescription": "Identifies an Amazon Kinesis Firehose delivery stream as the destination.", + "title": "KinesisFirehoseOutput" }, - "Type": { - "enum": [ - "AWS::ManagedBlockchain::Accessor" - ], - "type": "string" + "KinesisStreamsOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput", + "markdownDescription": "Identifies an Amazon Kinesis stream as the destination.", + "title": "KinesisStreamsOutput" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LambdaOutput": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput", + "markdownDescription": "Identifies an AWS Lambda function as the destination.", + "title": "LambdaOutput" + }, + "Name": { + "markdownDescription": "Name of the in-application stream.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "DestinationSchema" ], "type": "object" }, - "AWS::ManagedBlockchain::Member": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -153994,35 +163472,26 @@ "Properties": { "additionalProperties": false, "properties": { - "InvitationId": { - "markdownDescription": "The unique identifier of the invitation to join the network sent to the account that creates the member.", - "title": "InvitationId", + "ApplicationName": { + "markdownDescription": "Name of an existing application.", + "title": "ApplicationName", "type": "string" }, - "MemberConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberConfiguration", - "markdownDescription": "Configuration properties of the member.", - "title": "MemberConfiguration" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkConfiguration", - "markdownDescription": "Configuration properties of the network to which the member belongs.", - "title": "NetworkConfiguration" - }, - "NetworkId": { - "markdownDescription": "The unique identifier of the network to which the member belongs.", - "title": "NetworkId", - "type": "string" + "ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource", + "markdownDescription": "The reference data source can be an object in your Amazon S3 bucket. Amazon Kinesis Analytics reads the object and copies the data into the in-application table that is created. You provide an S3 bucket, object key name, and the resulting in-application table that is created. You must also provide an IAM role with the necessary permissions that Amazon Kinesis Analytics can assume to read the object from your S3 bucket on your behalf.", + "title": "ReferenceDataSource" } }, "required": [ - "MemberConfiguration" + "ApplicationName", + "ReferenceDataSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::ManagedBlockchain::Member" + "AWS::KinesisAnalytics::ApplicationReferenceDataSource" ], "type": "string" }, @@ -154041,259 +163510,179 @@ ], "type": "object" }, - "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { - "additionalProperties": false, - "properties": { - "ProposalDurationInHours": { - "markdownDescription": "The duration from the time that a proposal is created until it expires. If members cast neither the required number of `YES` votes to approve the proposal nor the number of `NO` votes required to reject it before the duration expires, the proposal is `EXPIRED` and `ProposalActions` aren't carried out.", - "title": "ProposalDurationInHours", - "type": "number" - }, - "ThresholdComparator": { - "markdownDescription": "Determines whether the vote percentage must be greater than the `ThresholdPercentage` or must be greater than or equal to the `ThresholdPercentage` to be approved.", - "title": "ThresholdComparator", - "type": "string" - }, - "ThresholdPercentage": { - "markdownDescription": "The percentage of votes among all members that must be `YES` for a proposal to be approved. For example, a `ThresholdPercentage` value of `50` indicates 50%. The `ThresholdComparator` determines the precise comparison. If a `ThresholdPercentage` value of `50` is specified on a network with 10 members, along with a `ThresholdComparator` value of `GREATER_THAN` , this indicates that 6 `YES` votes are required for the proposal to be approved.", - "title": "ThresholdPercentage", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ManagedBlockchain::Member.MemberConfiguration": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "An optional description of the member.", - "title": "Description", + "RecordColumnDelimiter": { + "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "MemberFrameworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration", - "markdownDescription": "Configuration properties of the blockchain framework relevant to the member.", - "title": "MemberFrameworkConfiguration" - }, - "Name": { - "markdownDescription": "The name of the member.", - "title": "Name", + "RecordRowDelimiter": { + "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" } }, "required": [ - "Name" + "RecordColumnDelimiter", + "RecordRowDelimiter" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberFabricConfiguration": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters": { "additionalProperties": false, "properties": { - "AdminPassword": { - "markdownDescription": "The password for the member's initial administrative user. The `AdminPassword` must be at least 8 characters long and no more than 32 characters. It must contain at least one uppercase letter, one lowercase letter, and one digit. It cannot have a single quotation mark (\u2018), a double quotation marks (\u201c), a forward slash(/), a backward slash(\\), @, or a space.", - "title": "AdminPassword", - "type": "string" - }, - "AdminUsername": { - "markdownDescription": "The user name for the member's initial administrative user.", - "title": "AdminUsername", + "RecordRowPath": { + "markdownDescription": "Path to the top-level parent that contains the records.", + "title": "RecordRowPath", "type": "string" } }, "required": [ - "AdminPassword", - "AdminUsername" + "RecordRowPath" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters": { "additionalProperties": false, "properties": { - "MemberFabricConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFabricConfiguration", - "markdownDescription": "Configuration properties for Hyperledger Fabric.", - "title": "MemberFabricConfiguration" + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" + }, + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, "type": "object" }, - "AWS::ManagedBlockchain::Member.NetworkConfiguration": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Attributes of the blockchain framework for the network.", - "title": "Description", - "type": "string" - }, - "Framework": { - "markdownDescription": "The blockchain framework that the network uses.", - "title": "Framework", - "type": "string" - }, - "FrameworkVersion": { - "markdownDescription": "The version of the blockchain framework that the network uses.", - "title": "FrameworkVersion", + "Mapping": { + "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", + "title": "Mapping", "type": "string" }, "Name": { - "markdownDescription": "The name of the network.", + "markdownDescription": "Name of the column created in the in-application input stream or reference table.", "title": "Name", "type": "string" }, - "NetworkFrameworkConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration", - "markdownDescription": "Configuration properties relevant to the network for the blockchain framework that the network uses.", - "title": "NetworkFrameworkConfiguration" - }, - "VotingPolicy": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.VotingPolicy", - "markdownDescription": "The voting rules that the network uses to decide if a proposal is accepted.", - "title": "VotingPolicy" + "SqlType": { + "markdownDescription": "Type of column created in the in-application input stream or reference table.", + "title": "SqlType", + "type": "string" } }, "required": [ - "Framework", - "FrameworkVersion", "Name", - "VotingPolicy" + "SqlType" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.NetworkFabricConfiguration": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat": { "additionalProperties": false, "properties": { - "Edition": { - "markdownDescription": "The edition of Amazon Managed Blockchain that the network uses. Valid values are `standard` and `starter` . For more information, see [Amazon Managed Blockchain Pricing](https://docs.aws.amazon.com/managed-blockchain/pricing/)", - "title": "Edition", + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters", + "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" + }, + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" } }, "required": [ - "Edition" + "RecordFormatType" ], "type": "object" }, - "AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration": { - "additionalProperties": false, - "properties": { - "NetworkFabricConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFabricConfiguration", - "markdownDescription": "Configuration properties for Hyperledger Fabric for a member in a Managed Blockchain network that is using the Hyperledger Fabric framework.", - "title": "NetworkFabricConfiguration" - } - }, - "type": "object" - }, - "AWS::ManagedBlockchain::Member.VotingPolicy": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource": { "additionalProperties": false, "properties": { - "ApprovalThresholdPolicy": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy", - "markdownDescription": "Defines the rules for the network for voting on proposals, such as the percentage of `YES` votes required for the proposal to be approved and the duration of the proposal. The policy applies to all proposals and is specified when the network is created.", - "title": "ApprovalThresholdPolicy" + "ReferenceSchema": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", + "title": "ReferenceSchema" + }, + "S3ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource", + "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. Also identifies the IAM role Amazon Kinesis Analytics can assume to read this object on your behalf. An Amazon Kinesis Analytics application loads reference data only once. If the data changes, you call the `UpdateApplication` operation to trigger reloading of data into your application.", + "title": "S3ReferenceDataSource" + }, + "TableName": { + "markdownDescription": "Name of the in-application table to create.", + "title": "TableName", + "type": "string" } }, + "required": [ + "ReferenceSchema" + ], "type": "object" }, - "AWS::ManagedBlockchain::Node": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "MemberId": { - "markdownDescription": "The unique identifier of the member to which the node belongs. Applies only to Hyperledger Fabric.", - "title": "MemberId", - "type": "string" - }, - "NetworkId": { - "markdownDescription": "The unique identifier of the network for the node.\n\nEthereum public networks have the following `NetworkId` s:\n\n- `n-ethereum-mainnet`", - "title": "NetworkId", - "type": "string" - }, - "NodeConfiguration": { - "$ref": "#/definitions/AWS::ManagedBlockchain::Node.NodeConfiguration", - "markdownDescription": "Configuration properties of a peer node.", - "title": "NodeConfiguration" - } + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn" }, - "required": [ - "NetworkId", - "NodeConfiguration" - ], - "type": "object" + "markdownDescription": "A list of RecordColumn objects.", + "title": "RecordColumns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::ManagedBlockchain::Node" - ], + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the reference source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat", + "markdownDescription": "Specifies the format of the records on the reference source.", + "title": "RecordFormat" } }, "required": [ - "Type", - "Properties" + "RecordColumns", + "RecordFormat" ], "type": "object" }, - "AWS::ManagedBlockchain::Node.NodeConfiguration": { + "AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone in which the node exists. Required for Ethereum nodes.", - "title": "AvailabilityZone", + "BucketARN": { + "markdownDescription": "Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", "type": "string" }, - "InstanceType": { - "markdownDescription": "The Amazon Managed Blockchain instance type for the node.", - "title": "InstanceType", + "FileKey": { + "markdownDescription": "Object key name containing reference data.", + "title": "FileKey", + "type": "string" + }, + "ReferenceRoleARN": { + "markdownDescription": "ARN of the IAM role that the service can assume to read data on your behalf. This role must have permission for the `s3:GetObject` action on the object and trust policy that allows Amazon Kinesis Analytics service principal to assume this role.", + "title": "ReferenceRoleARN", "type": "string" } }, "required": [ - "AvailabilityZone", - "InstanceType" + "BucketARN", + "FileKey", + "ReferenceRoleARN" ], "type": "object" }, - "AWS::MediaConnect::Bridge": { + "AWS::KinesisAnalyticsV2::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -154328,58 +163717,64 @@ "Properties": { "additionalProperties": false, "properties": { - "EgressGatewayBridge": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.EgressGatewayBridge", - "markdownDescription": "An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises.", - "title": "EgressGatewayBridge" + "ApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration", + "markdownDescription": "Use this parameter to configure the application.", + "title": "ApplicationConfiguration" }, - "IngressGatewayBridge": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.IngressGatewayBridge", - "markdownDescription": "An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud.", - "title": "IngressGatewayBridge" + "ApplicationDescription": { + "markdownDescription": "The description of the application.", + "title": "ApplicationDescription", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the bridge. This name can not be modified after the bridge is created.", - "title": "Name", + "ApplicationMaintenanceConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration", + "markdownDescription": "Specifies the maintenance window parameters for a Kinesis Data Analytics application.", + "title": "ApplicationMaintenanceConfiguration" + }, + "ApplicationMode": { + "markdownDescription": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE` . However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional.", + "title": "ApplicationMode", "type": "string" }, - "Outputs": { - "items": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeOutput" - }, - "markdownDescription": "The outputs that you want to add to this bridge.", - "title": "Outputs", - "type": "array" + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", + "type": "string" }, - "PlacementArn": { - "markdownDescription": "The bridge placement Amazon Resource Number (ARN).", - "title": "PlacementArn", + "RunConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RunConfiguration", + "markdownDescription": "Describes the starting parameters for an Managed Service for Apache Flink application.", + "title": "RunConfiguration" + }, + "RuntimeEnvironment": { + "markdownDescription": "The runtime environment for the application.", + "title": "RuntimeEnvironment", "type": "string" }, - "SourceFailoverConfig": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.FailoverConfig", - "markdownDescription": "The settings for source failover.", - "title": "SourceFailoverConfig" + "ServiceExecutionRole": { + "markdownDescription": "Specifies the IAM role that the application uses to access external resources.", + "title": "ServiceExecutionRole", + "type": "string" }, - "Sources": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeSource" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The sources that you want to add to this bridge.", - "title": "Sources", + "markdownDescription": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50.", + "title": "Tags", "type": "array" } }, "required": [ - "Name", - "PlacementArn", - "Sources" + "RuntimeEnvironment", + "ServiceExecutionRole" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::Bridge" + "AWS::KinesisAnalyticsV2::Application" ], "type": "string" }, @@ -154398,796 +163793,760 @@ ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeFlowSource": { + "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { "additionalProperties": false, "properties": { - "FlowArn": { - "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", - "title": "FlowArn", - "type": "string" - }, - "FlowVpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this source.", - "title": "FlowVpcInterfaceAttachment" + "CodeContent": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CodeContent", + "markdownDescription": "The location and type of the application code.", + "title": "CodeContent" }, - "Name": { - "markdownDescription": "The name of the flow source.", - "title": "Name", + "CodeContentType": { + "markdownDescription": "Specifies whether the code content is in text or zip format.", + "title": "CodeContentType", "type": "string" } }, "required": [ - "FlowArn", - "Name" + "CodeContent", + "CodeContentType" ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeNetworkOutput": { + "AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration": { "additionalProperties": false, "properties": { - "IpAddress": { - "markdownDescription": "The network output IP address.", - "title": "IpAddress", - "type": "string" + "ApplicationCodeConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration", + "markdownDescription": "The code location and type parameters for a Managed Service for Apache Flink application.", + "title": "ApplicationCodeConfiguration" }, - "Name": { - "markdownDescription": "The network output name.", - "title": "Name", - "type": "string" + "ApplicationSnapshotConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration", + "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", + "title": "ApplicationSnapshotConfiguration" }, - "NetworkName": { - "markdownDescription": "The network output's gateway network name.", - "title": "NetworkName", - "type": "string" + "ApplicationSystemRollbackConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSystemRollbackConfiguration", + "markdownDescription": "Describes whether system rollbacks are enabled for a Managed Service for Apache Flink application.", + "title": "ApplicationSystemRollbackConfiguration" }, - "Port": { - "markdownDescription": "The network output's port.", - "title": "Port", - "type": "number" + "EnvironmentProperties": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.EnvironmentProperties", + "markdownDescription": "Describes execution properties for a Managed Service for Apache Flink application.", + "title": "EnvironmentProperties" }, - "Protocol": { - "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" + "FlinkApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration", + "markdownDescription": "The creation and update parameters for a Managed Service for Apache Flink application.", + "title": "FlinkApplicationConfiguration" }, - "Ttl": { - "markdownDescription": "The network output TTL.", - "title": "Ttl", - "type": "number" + "SqlApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration", + "markdownDescription": "The creation and update parameters for a SQL-based Kinesis Data Analytics application.", + "title": "SqlApplicationConfiguration" + }, + "VpcConfigurations": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.VpcConfiguration" + }, + "markdownDescription": "The array of descriptions of VPC configurations available to the application.", + "title": "VpcConfigurations", + "type": "array" + }, + "ZeppelinApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration", + "markdownDescription": "The configuration parameters for a Kinesis Data Analytics Studio notebook.", + "title": "ZeppelinApplicationConfiguration" } }, - "required": [ - "IpAddress", - "Name", - "NetworkName", - "Port", - "Protocol", - "Ttl" - ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeNetworkSource": { + "AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration": { "additionalProperties": false, "properties": { - "MulticastIp": { - "markdownDescription": "The network source multicast IP.", - "title": "MulticastIp", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the network source.", - "title": "Name", - "type": "string" - }, - "NetworkName": { - "markdownDescription": "The network source's gateway network name.", - "title": "NetworkName", - "type": "string" - }, - "Port": { - "markdownDescription": "The network source port.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "ApplicationMaintenanceWindowStartTime": { + "markdownDescription": "", + "title": "ApplicationMaintenanceWindowStartTime", "type": "string" } }, "required": [ - "MulticastIp", - "Name", - "NetworkName", - "Port", - "Protocol" + "ApplicationMaintenanceWindowStartTime" ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeOutput": { + "AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration": { "additionalProperties": false, "properties": { - "NetworkOutput": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkOutput", - "markdownDescription": "The output of the bridge. A network output is delivered to your premises.", - "title": "NetworkOutput" + "ApplicationRestoreType": { + "markdownDescription": "Specifies how the application should be restored.", + "title": "ApplicationRestoreType", + "type": "string" + }, + "SnapshotName": { + "markdownDescription": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if `RESTORE_FROM_CUSTOM_SNAPSHOT` is specified for the `ApplicationRestoreType` .", + "title": "SnapshotName", + "type": "string" } }, + "required": [ + "ApplicationRestoreType" + ], "type": "object" }, - "AWS::MediaConnect::Bridge.BridgeSource": { + "AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration": { "additionalProperties": false, "properties": { - "FlowSource": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeFlowSource", - "markdownDescription": "The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow.", - "title": "FlowSource" - }, - "NetworkSource": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkSource", - "markdownDescription": "The source of the bridge. A network source originates at your premises.", - "title": "NetworkSource" + "SnapshotsEnabled": { + "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", + "title": "SnapshotsEnabled", + "type": "boolean" } }, + "required": [ + "SnapshotsEnabled" + ], "type": "object" }, - "AWS::MediaConnect::Bridge.EgressGatewayBridge": { + "AWS::KinesisAnalyticsV2::Application.ApplicationSystemRollbackConfiguration": { "additionalProperties": false, "properties": { - "MaxBitrate": { - "markdownDescription": "The maximum expected bitrate (in bps) of the egress bridge.", - "title": "MaxBitrate", - "type": "number" + "RollbackEnabled": { + "markdownDescription": "Describes whether system rollbacks are enabled for a Managed Service for Apache Flink application.", + "title": "RollbackEnabled", + "type": "boolean" } }, "required": [ - "MaxBitrate" + "RollbackEnabled" ], "type": "object" }, - "AWS::MediaConnect::Bridge.FailoverConfig": { + "AWS::KinesisAnalyticsV2::Application.CSVMappingParameters": { "additionalProperties": false, "properties": { - "FailoverMode": { - "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams.", - "title": "FailoverMode", + "RecordColumnDelimiter": { + "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "SourcePriority": { - "$ref": "#/definitions/AWS::MediaConnect::Bridge.SourcePriority", - "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", - "title": "SourcePriority" - }, - "State": { - "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", - "title": "State", + "RecordRowDelimiter": { + "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" } }, "required": [ - "FailoverMode" + "RecordColumnDelimiter", + "RecordRowDelimiter" ], "type": "object" }, - "AWS::MediaConnect::Bridge.IngressGatewayBridge": { + "AWS::KinesisAnalyticsV2::Application.CatalogConfiguration": { "additionalProperties": false, "properties": { - "MaxBitrate": { - "markdownDescription": "The maximum expected bitrate (in bps) of the ingress bridge.", - "title": "MaxBitrate", - "type": "number" - }, - "MaxOutputs": { - "markdownDescription": "The maximum number of outputs on the ingress bridge.", - "title": "MaxOutputs", - "type": "number" + "GlueDataCatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration", + "markdownDescription": "The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook.", + "title": "GlueDataCatalogConfiguration" } }, - "required": [ - "MaxBitrate", - "MaxOutputs" - ], "type": "object" }, - "AWS::MediaConnect::Bridge.SourcePriority": { + "AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration": { "additionalProperties": false, "properties": { - "PrimarySource": { - "markdownDescription": "The name of the source you choose as the primary source for this flow.", - "title": "PrimarySource", + "CheckpointInterval": { + "markdownDescription": "Describes the interval in milliseconds between checkpoint operations.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointInterval` value of 60000, even if this value is set to another value using this API or in application code.", + "title": "CheckpointInterval", + "type": "number" + }, + "CheckpointingEnabled": { + "markdownDescription": "Describes whether checkpointing is enabled for a Managed Service for Apache Flink application.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointingEnabled` value of `true` , even if this value is set to another value using this API or in application code.", + "title": "CheckpointingEnabled", + "type": "boolean" + }, + "ConfigurationType": { + "markdownDescription": "Describes whether the application uses Managed Service for Apache Flink' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled` , `CheckpointInterval` , or `MinPauseBetweenCheckpoints` parameters.\n\n> If this value is set to `DEFAULT` , the application will use the following values, even if they are set to other values using APIs or application code:\n> \n> - *CheckpointingEnabled:* true\n> - *CheckpointInterval:* 60000\n> - *MinPauseBetweenCheckpoints:* 5000", + "title": "ConfigurationType", "type": "string" + }, + "MinPauseBetweenCheckpoints": { + "markdownDescription": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the `CheckpointInterval` , the application otherwise performs continual checkpoint operations. For more information, see [Tuning Checkpointing](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/large_state_tuning/#tuning-checkpointing) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `MinPauseBetweenCheckpoints` value of 5000, even if this value is set using this API or in application code.", + "title": "MinPauseBetweenCheckpoints", + "type": "number" } }, + "required": [ + "ConfigurationType" + ], "type": "object" }, - "AWS::MediaConnect::Bridge.VpcInterfaceAttachment": { + "AWS::KinesisAnalyticsV2::Application.CodeContent": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", + "markdownDescription": "Information about the Amazon S3 bucket that contains the application code.", + "title": "S3ContentLocation" + }, + "TextContent": { + "markdownDescription": "The text-format code for a Managed Service for Apache Flink application.", + "title": "TextContent", + "type": "string" + }, + "ZipFileContent": { + "markdownDescription": "The zip-format code for a Managed Service for Apache Flink application.", + "title": "ZipFileContent", "type": "string" } }, "type": "object" }, - "AWS::MediaConnect::BridgeOutput": { + "AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ArtifactType": { + "markdownDescription": "Set this to either `UDF` or `DEPENDENCY_JAR` . `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket.", + "title": "ArtifactType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BridgeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bridge that you want to update.", - "title": "BridgeArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The network output name. This name is used to reference the output and must be unique among outputs in this bridge.", - "title": "Name", - "type": "string" - }, - "NetworkOutput": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput", - "markdownDescription": "The network output of the bridge. A network output is delivered to your premises.", - "title": "NetworkOutput" - } - }, - "required": [ - "BridgeArn", - "Name", - "NetworkOutput" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaConnect::BridgeOutput" - ], - "type": "string" + "MavenReference": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MavenReference", + "markdownDescription": "The parameters required to fully specify a Maven reference.", + "title": "MavenReference" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", + "markdownDescription": "The location of the custom artifacts.", + "title": "S3ContentLocation" } }, "required": [ - "Type", - "Properties" + "ArtifactType" ], "type": "object" }, - "AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput": { + "AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration": { "additionalProperties": false, "properties": { - "IpAddress": { - "markdownDescription": "The network output IP address.", - "title": "IpAddress", - "type": "string" - }, - "NetworkName": { - "markdownDescription": "The network output's gateway network name.", - "title": "NetworkName", - "type": "string" - }, - "Port": { - "markdownDescription": "The network output's port.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" - }, - "Ttl": { - "markdownDescription": "The network output TTL.", - "title": "Ttl", - "type": "number" + "S3ContentLocation": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation", + "markdownDescription": "The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data.", + "title": "S3ContentLocation" } }, "required": [ - "IpAddress", - "NetworkName", - "Port", - "Protocol", - "Ttl" + "S3ContentLocation" ], "type": "object" }, - "AWS::MediaConnect::BridgeSource": { + "AWS::KinesisAnalyticsV2::Application.EnvironmentProperties": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", - "type": "string" - }, - "FlowSource": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeFlowSource", - "markdownDescription": "The source of the flow.", - "title": "FlowSource" - }, - "Name": { - "markdownDescription": "The name of the flow source. This name is used to reference the source and must be unique among sources in this bridge.", - "title": "Name", - "type": "string" - }, - "NetworkSource": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeNetworkSource", - "markdownDescription": "The source of the network.", - "title": "NetworkSource" - } + "PropertyGroups": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.PropertyGroup" }, - "required": [ - "BridgeArn", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaConnect::BridgeSource" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Describes the execution property groups.", + "title": "PropertyGroups", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.BridgeFlowSource": { + "AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration": { "additionalProperties": false, "properties": { - "FlowArn": { - "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", - "title": "FlowArn", - "type": "string" + "CheckpointConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration", + "markdownDescription": "Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/concepts/programming-model.html#checkpoints-for-fault-tolerance) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) .", + "title": "CheckpointConfiguration" }, - "FlowVpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this source.", - "title": "FlowVpcInterfaceAttachment" + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration", + "markdownDescription": "Describes configuration parameters for Amazon CloudWatch logging for an application.", + "title": "MonitoringConfiguration" + }, + "ParallelismConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration", + "markdownDescription": "Describes parameters for how an application executes multiple tasks simultaneously.", + "title": "ParallelismConfiguration" } }, - "required": [ - "FlowArn" - ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.BridgeNetworkSource": { + "AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration": { "additionalProperties": false, "properties": { - "MulticastIp": { - "markdownDescription": "The network source multicast IP.", - "title": "MulticastIp", - "type": "string" - }, - "NetworkName": { - "markdownDescription": "The network source's gateway network name.", - "title": "NetworkName", + "AllowNonRestoredState": { + "markdownDescription": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. This will happen if the program is updated between snapshots to remove stateful parameters, and state data in the snapshot no longer corresponds to valid application data. For more information, see [Allowing Non-Restored State](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/savepoints/#allowing-non-restored-state) in the [Apache Flink documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> This value defaults to `false` . If you update your application without specifying this parameter, `AllowNonRestoredState` will be set to `false` , even if it was previously set to `true` .", + "title": "AllowNonRestoredState", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database.", + "title": "DatabaseARN", "type": "string" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.Input": { + "additionalProperties": false, + "properties": { + "InputParallelism": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputParallelism", + "markdownDescription": "Describes the number of in-application streams to create.", + "title": "InputParallelism" }, - "Port": { - "markdownDescription": "The network source port.", - "title": "Port", - "type": "number" + "InputProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration", + "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputProcessingConfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) .", + "title": "InputProcessingConfiguration" }, - "Protocol": { - "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", + "InputSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", + "title": "InputSchema" + }, + "KinesisFirehoseInput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN.", + "title": "KinesisFirehoseInput" + }, + "KinesisStreamsInput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput", + "markdownDescription": "If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN).", + "title": "KinesisStreamsInput" + }, + "NamePrefix": { + "markdownDescription": "The name prefix to use when creating an in-application stream. Suppose that you specify a prefix \" `MyInApplicationStream` .\" Kinesis Data Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with the names \" `MyInApplicationStream_001` ,\" \" `MyInApplicationStream_002` ,\" and so on.", + "title": "NamePrefix", "type": "string" } }, "required": [ - "MulticastIp", - "NetworkName", - "Port", - "Protocol" + "InputSchema", + "NamePrefix" ], "type": "object" }, - "AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment": { + "AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "ResourceARN": { + "markdownDescription": "The ARN of the Amazon Lambda function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" } }, + "required": [ + "ResourceARN" + ], "type": "object" }, - "AWS::MediaConnect::Flow": { + "AWS::KinesisAnalyticsV2::Application.InputParallelism": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS Region.", - "title": "AvailabilityZone", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the flow.", - "title": "Name", - "type": "string" - }, - "Source": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.Source", - "markdownDescription": "The settings for the source that you want to use for the new flow.", - "title": "Source" - }, - "SourceFailoverConfig": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.FailoverConfig", - "markdownDescription": "The settings for source failover.", - "title": "SourceFailoverConfig" - } + "Count": { + "markdownDescription": "The number of in-application streams to create.", + "title": "Count", + "type": "number" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration": { + "additionalProperties": false, + "properties": { + "InputLambdaProcessor": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor", + "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) that is used to preprocess the records in the stream before being processed by your application code.", + "title": "InputLambdaProcessor" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.InputSchema": { + "additionalProperties": false, + "properties": { + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordColumn" }, - "required": [ - "Name", - "Source" - ], - "type": "object" + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaConnect::Flow" - ], + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" } }, "required": [ - "Type", - "Properties" + "RecordColumns", + "RecordFormat" ], "type": "object" }, - "AWS::MediaConnect::Flow.Encryption": { + "AWS::KinesisAnalyticsV2::Application.JSONMappingParameters": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", + "RecordRowPath": { + "markdownDescription": "The path to the top-level parent that contains the records.", + "title": "RecordRowPath", "type": "string" - }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", + } + }, + "required": [ + "RecordRowPath" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", + "title": "ResourceARN", "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", + } + }, + "required": [ + "ResourceARN" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the input Kinesis data stream to read.", + "title": "ResourceARN", "type": "string" + } + }, + "required": [ + "ResourceARN" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.MappingParameters": { + "additionalProperties": false, + "properties": { + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.MavenReference": { + "additionalProperties": false, + "properties": { + "ArtifactId": { + "markdownDescription": "The artifact ID of the Maven reference.", + "title": "ArtifactId", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", + "GroupId": { + "markdownDescription": "The group ID of the Maven reference.", + "title": "GroupId", "type": "string" }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", + "Version": { + "markdownDescription": "The version of the Maven reference.", + "title": "Version", "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", + } + }, + "required": [ + "ArtifactId", + "GroupId", + "Version" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationType": { + "markdownDescription": "Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to `CUSTOM` in order to set the `LogLevel` or `MetricsLevel` parameters.", + "title": "ConfigurationType", "type": "string" }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", + "LogLevel": { + "markdownDescription": "Describes the verbosity of the CloudWatch Logs for an application.", + "title": "LogLevel", "type": "string" }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", + "MetricsLevel": { + "markdownDescription": "Describes the granularity of the CloudWatch Logs for an application. The `Parallelism` level is not recommended for applications with a Parallelism over 64 due to excessive costs.", + "title": "MetricsLevel", "type": "string" } }, "required": [ - "RoleArn" + "ConfigurationType" ], "type": "object" }, - "AWS::MediaConnect::Flow.FailoverConfig": { + "AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration": { "additionalProperties": false, "properties": { - "FailoverMode": { - "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. The string for this property must be entered as MERGE or FAILOVER. No other string entry is valid.", - "title": "FailoverMode", + "AutoScalingEnabled": { + "markdownDescription": "Describes whether the Managed Service for Apache Flink service can increase the parallelism of the application in response to increased throughput.", + "title": "AutoScalingEnabled", + "type": "boolean" + }, + "ConfigurationType": { + "markdownDescription": "Describes whether the application uses the default parallelism for the Managed Service for Apache Flink service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled` , `Parallelism` , or `ParallelismPerKPU` properties.", + "title": "ConfigurationType", "type": "string" }, - "RecoveryWindow": { - "markdownDescription": "Search window time to look for dash-7 packets.", - "title": "RecoveryWindow", + "Parallelism": { + "markdownDescription": "Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if [ParallelismConfiguration:AutoScalingEnabled](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_ParallelismConfiguration.html#kinesisanalytics-Type-ParallelismConfiguration-AutoScalingEnabled.html) is set to `true` .", + "title": "Parallelism", "type": "number" }, - "SourcePriority": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.SourcePriority", - "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", - "title": "SourcePriority" - }, - "State": { - "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", - "title": "State", - "type": "string" + "ParallelismPerKPU": { + "markdownDescription": "Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see [Amazon Kinesis Data Analytics Pricing](https://docs.aws.amazon.com/kinesis/data-analytics/pricing/) .", + "title": "ParallelismPerKPU", + "type": "number" } }, + "required": [ + "ConfigurationType" + ], "type": "object" }, - "AWS::MediaConnect::Flow.GatewayBridgeSource": { + "AWS::KinesisAnalyticsV2::Application.PropertyGroup": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", + "PropertyGroupId": { + "markdownDescription": "Describes the key of an application execution property key-value pair.", + "title": "PropertyGroupId", "type": "string" }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", - "title": "VpcInterfaceAttachment" + "PropertyMap": { + "additionalProperties": true, + "markdownDescription": "Describes the value of an application execution property key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "PropertyMap", + "type": "object" } }, - "required": [ - "BridgeArn" - ], "type": "object" }, - "AWS::MediaConnect::Flow.Source": { + "AWS::KinesisAnalyticsV2::Application.RecordColumn": { "additionalProperties": false, "properties": { - "Decryption": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.Encryption", - "markdownDescription": "The type of encryption that is used on the content ingested from this source.", - "title": "Decryption" - }, - "Description": { - "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", - "title": "Description", - "type": "string" - }, - "EntitlementArn": { - "markdownDescription": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow.", - "title": "EntitlementArn", - "type": "string" - }, - "GatewayBridgeSource": { - "$ref": "#/definitions/AWS::MediaConnect::Flow.GatewayBridgeSource", - "markdownDescription": "The source configuration for cloud flows receiving a stream from a bridge.", - "title": "GatewayBridgeSource" - }, - "IngestIp": { - "markdownDescription": "The IP address that the flow will be listening on for incoming content.", - "title": "IngestIp", + "Mapping": { + "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", + "title": "Mapping", "type": "string" }, - "IngestPort": { - "markdownDescription": "The port that the flow will be listening on for incoming content.", - "title": "IngestPort", - "type": "number" - }, - "MaxBitrate": { - "markdownDescription": "The maximum bitrate for RIST, RTP, and RTP-FEC streams.", - "title": "MaxBitrate", - "type": "number" - }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds for a RIST or Zixi-based source.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" - }, "Name": { - "markdownDescription": "The name of the source.", + "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", "title": "Name", "type": "string" }, - "Protocol": { - "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" - }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" - }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", + "SqlType": { + "markdownDescription": "The type of column created in the in-application input stream or reference table.", + "title": "SqlType", "type": "string" + } + }, + "required": [ + "Name", + "SqlType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.RecordFormat": { + "additionalProperties": false, + "properties": { + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MappingParameters", + "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" }, - "SourceArn": { - "markdownDescription": "The ARN of the source.", - "title": "SourceArn", + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" + } + }, + "required": [ + "RecordFormatType" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.RunConfiguration": { + "additionalProperties": false, + "properties": { + "ApplicationRestoreConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration", + "markdownDescription": "Describes the restore behavior of a restarting application.", + "title": "ApplicationRestoreConfiguration" }, - "SourceIngestPort": { - "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", - "title": "SourceIngestPort", + "FlinkRunConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration", + "markdownDescription": "Describes the starting parameters for a Managed Service for Apache Flink application.", + "title": "FlinkRunConfiguration" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation": { + "additionalProperties": false, + "properties": { + "BasePath": { + "markdownDescription": "The base path for the S3 bucket.", + "title": "BasePath", "type": "string" }, - "SourceListenerAddress": { - "markdownDescription": "Source IP or domain name for SRT-caller protocol.", - "title": "SourceListenerAddress", + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", "type": "string" - }, - "SourceListenerPort": { - "markdownDescription": "Source port for SRT-caller protocol.", - "title": "SourceListenerPort", - "type": "number" - }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for the transport. This parameter applies only to Zixi-based streams.", - "title": "StreamId", + } + }, + "required": [ + "BucketARN" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.S3ContentLocation": { + "additionalProperties": false, + "properties": { + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) for the S3 bucket containing the application code.", + "title": "BucketARN", "type": "string" }, - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface that is used for this source.", - "title": "VpcInterfaceName", + "FileKey": { + "markdownDescription": "The file key for the object containing the application code.", + "title": "FileKey", "type": "string" }, - "WhitelistCidr": { - "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "WhitelistCidr", + "ObjectVersion": { + "markdownDescription": "The version of the object containing the application code.", + "title": "ObjectVersion", "type": "string" } }, + "required": [ + "BucketARN", + "FileKey" + ], "type": "object" }, - "AWS::MediaConnect::Flow.SourcePriority": { + "AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration": { "additionalProperties": false, "properties": { - "PrimarySource": { - "markdownDescription": "The name of the source you choose as the primary source for this flow.", - "title": "PrimarySource", - "type": "string" + "Inputs": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.Input" + }, + "markdownDescription": "The array of [Input](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_Input.html) objects describing the input streams used by the application.", + "title": "Inputs", + "type": "array" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of [SecurityGroup](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SecurityGroup.html) IDs used by the VPC configuration.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of [Subnet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Subnet.html) IDs used by the VPC configuration.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "PrimarySource" + "SecurityGroupIds", + "SubnetIds" ], "type": "object" }, - "AWS::MediaConnect::Flow.VpcInterfaceAttachment": { + "AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "CatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CatalogConfiguration", + "markdownDescription": "The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook.", + "title": "CatalogConfiguration" + }, + "CustomArtifactsConfiguration": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration" + }, + "markdownDescription": "A list of `CustomArtifactConfiguration` objects.", + "title": "CustomArtifactsConfiguration", + "type": "array" + }, + "DeployAsApplicationConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration", + "markdownDescription": "The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state.", + "title": "DeployAsApplicationConfiguration" + }, + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration", + "markdownDescription": "The monitoring configuration of a Kinesis Data Analytics Studio notebook.", + "title": "MonitoringConfiguration" + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration": { + "additionalProperties": false, + "properties": { + "LogLevel": { + "markdownDescription": "The verbosity of the CloudWatch Logs for an application. You can set it to `INFO` , `WARN` , `ERROR` , or `DEBUG` .", + "title": "LogLevel", "type": "string" } }, "type": "object" }, - "AWS::MediaConnect::FlowEntitlement": { + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption": { "additionalProperties": false, "properties": { "Condition": { @@ -155222,56 +164581,26 @@ "Properties": { "additionalProperties": false, "properties": { - "DataTransferSubscriberFeePercent": { - "markdownDescription": "The percentage of the entitlement data transfer fee that you want the subscriber to be responsible for.", - "title": "DataTransferSubscriberFeePercent", - "type": "number" - }, - "Description": { - "markdownDescription": "A description of the entitlement. This description appears only on the MediaConnect console and is not visible outside of the current AWS account.", - "title": "Description", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowEntitlement.Encryption", - "markdownDescription": "Information about the encryption of the flow.", - "title": "Encryption" - }, - "EntitlementStatus": { - "markdownDescription": "An indication of whether the new entitlement should be enabled or disabled as soon as it is created. If you don\u2019t specify the entitlementStatus field in your request, MediaConnect sets it to ENABLED.", - "title": "EntitlementStatus", - "type": "string" - }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "FlowArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the entitlement. This value must be unique within the current flow.", - "title": "Name", + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", "type": "string" }, - "Subscribers": { - "items": { - "type": "string" - }, - "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", - "title": "Subscribers", - "type": "array" + "CloudWatchLoggingOption": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption", + "markdownDescription": "Provides a description of Amazon CloudWatch logging options, including the log stream Amazon Resource Name (ARN).", + "title": "CloudWatchLoggingOption" } }, "required": [ - "Description", - "FlowArn", - "Name", - "Subscribers" + "ApplicationName", + "CloudWatchLoggingOption" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowEntitlement" + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption" ], "type": "string" }, @@ -155290,62 +164619,21 @@ ], "type": "object" }, - "AWS::MediaConnect::FlowEntitlement.Encryption": { + "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", - "type": "string" - }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" - }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", + "LogStreamARN": { + "markdownDescription": "The ARN of the CloudWatch log to receive application messages.", + "title": "LogStreamARN", "type": "string" } }, "required": [ - "Algorithm", - "RoleArn" + "LogStreamARN" ], "type": "object" }, - "AWS::MediaConnect::FlowOutput": { + "AWS::KinesisAnalyticsV2::ApplicationOutput": { "additionalProperties": false, "properties": { "Condition": { @@ -155380,89 +164668,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CidrAllowList": { - "items": { - "type": "string" - }, - "markdownDescription": "The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "CidrAllowList", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the output. This description appears only on the MediaConnect console and will not be seen by the end user.", - "title": "Description", - "type": "string" - }, - "Destination": { - "markdownDescription": "The IP address where you want to send the output.", - "title": "Destination", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Encryption", - "markdownDescription": "The type of key used for the encryption. If no `keyType` is provided, the service will use the default setting (static-key). Allowable encryption types: static-key.", - "title": "Encryption" - }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow this output is attached to.", - "title": "FlowArn", - "type": "string" - }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the bridge's output.", - "title": "Name", - "type": "string" - }, - "Port": { - "markdownDescription": "The port to use when content is distributed to this output.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol to use for the output.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", - "title": "Protocol", - "type": "string" - }, - "RemoteId": { - "markdownDescription": "The remote ID for the Zixi-pull stream.", - "title": "RemoteId", - "type": "string" - }, - "SmoothingLatency": { - "markdownDescription": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams.", - "title": "SmoothingLatency", - "type": "number" - }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", - "title": "StreamId", + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", "type": "string" }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this output.", - "title": "VpcInterfaceAttachment" + "Output": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.Output", + "markdownDescription": "Describes a SQL-based Kinesis Data Analytics application's output configuration, in which you identify an in-application stream and a destination where you want the in-application stream data to be written. The destination can be a Kinesis data stream or a Kinesis Data Firehose delivery stream.", + "title": "Output" } }, "required": [ - "FlowArn", - "Protocol" + "ApplicationName", + "Output" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowOutput" + "AWS::KinesisAnalyticsV2::ApplicationOutput" ], "type": "string" }, @@ -155481,48 +164706,94 @@ ], "type": "object" }, - "AWS::MediaConnect::FlowOutput.Encryption": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", + "RecordFormatType": { + "markdownDescription": "Specifies the format of the records on the output stream.", + "title": "RecordFormatType", "type": "string" - }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", + } + }, + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the destination delivery stream to write to.", + "title": "ResourceARN", "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", + } + }, + "required": [ + "ResourceARN" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The ARN of the destination Kinesis data stream to write to.", + "title": "ResourceARN", "type": "string" - }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", + } + }, + "required": [ + "ResourceARN" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput": { + "additionalProperties": false, + "properties": { + "ResourceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", + "title": "ResourceARN", "type": "string" } }, "required": [ - "RoleArn", - "SecretArn" + "ResourceARN" ], "type": "object" }, - "AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment": { + "AWS::KinesisAnalyticsV2::ApplicationOutput.Output": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "DestinationSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema", + "markdownDescription": "Describes the data format when records are written to the destination.", + "title": "DestinationSchema" + }, + "KinesisFirehoseOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput", + "markdownDescription": "Identifies a Kinesis Data Firehose delivery stream as the destination.", + "title": "KinesisFirehoseOutput" + }, + "KinesisStreamsOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput", + "markdownDescription": "Identifies a Kinesis data stream as the destination.", + "title": "KinesisStreamsOutput" + }, + "LambdaOutput": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput", + "markdownDescription": "Identifies an Amazon Lambda function as the destination.", + "title": "LambdaOutput" + }, + "Name": { + "markdownDescription": "The name of the in-application stream.", + "title": "Name", "type": "string" } }, + "required": [ + "DestinationSchema" + ], "type": "object" }, - "AWS::MediaConnect::FlowSource": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource": { "additionalProperties": false, "properties": { "Condition": { @@ -155557,106 +164828,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Decryption": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.Encryption", - "markdownDescription": "The type of encryption that is used on the content ingested from this source. Allowable encryption types: static-key.", - "title": "Decryption" - }, - "Description": { - "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", - "title": "Description", - "type": "string" - }, - "EntitlementArn": { - "markdownDescription": "The ARN of the entitlement that allows you to subscribe to this flow. The entitlement is set by the flow originator, and the ARN is generated as part of the originator's flow.", - "title": "EntitlementArn", - "type": "string" - }, - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", - "title": "FlowArn", - "type": "string" - }, - "GatewayBridgeSource": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.GatewayBridgeSource", - "markdownDescription": "The bridge's source.", - "title": "GatewayBridgeSource" - }, - "IngestPort": { - "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", - "title": "IngestPort", - "type": "number" - }, - "MaxBitrate": { - "markdownDescription": "The smoothing max bitrate (in bps) for RIST, RTP, and RTP-FEC streams.", - "title": "MaxBitrate", - "type": "number" - }, - "MaxLatency": { - "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", - "title": "MaxLatency", - "type": "number" - }, - "MinLatency": { - "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", - "title": "MinLatency", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the source.", - "title": "Name", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol that the source uses to deliver the content to MediaConnect. Adding additional sources to an existing flow requires Failover to be enabled. When you enable Failover, the additional source must use the same protocol as the existing source. Only the following protocols support failover: Zixi-push, RTP-FEC, RTP, RIST and SRT protocols.\n\nIf you use failover with SRT caller or listener, the `FailoverMode` property must be set to `FAILOVER` . The `FailoverMode` property\u00a0is found in\u00a0the `FailoverConfig` resource\u00a0of the same flow ARN you used for the source's `FlowArn` property. SRT caller/listener does not support\u00a0merge\u00a0mode failover.", - "title": "Protocol", - "type": "string" - }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" - }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", - "type": "string" - }, - "SourceListenerAddress": { - "markdownDescription": "Source IP or domain name for SRT-caller protocol.", - "title": "SourceListenerAddress", - "type": "string" - }, - "SourceListenerPort": { - "markdownDescription": "Source port for SRT-caller protocol.", - "title": "SourceListenerPort", - "type": "number" - }, - "StreamId": { - "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", - "title": "StreamId", - "type": "string" - }, - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this source.", - "title": "VpcInterfaceName", + "ApplicationName": { + "markdownDescription": "The name of the application.", + "title": "ApplicationName", "type": "string" }, - "WhitelistCidr": { - "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "WhitelistCidr", - "type": "string" + "ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource", + "markdownDescription": "For a SQL-based Kinesis Data Analytics application, describes the reference data source by providing the source information (Amazon S3 bucket name and object key name), the resulting in-application table name that is created, and the necessary schema to map the data elements in the Amazon S3 object to the in-application table.", + "title": "ReferenceDataSource" } }, "required": [ - "Description", - "Name" + "ApplicationName", + "ReferenceDataSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConnect::FlowSource" + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource" ], "type": "string" }, @@ -155675,290 +164866,173 @@ ], "type": "object" }, - "AWS::MediaConnect::FlowSource.Encryption": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", - "title": "Algorithm", + "RecordColumnDelimiter": { + "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", + "title": "RecordColumnDelimiter", "type": "string" }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", + "RecordRowDelimiter": { + "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", + "title": "RecordRowDelimiter", "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", + } + }, + "required": [ + "RecordColumnDelimiter", + "RecordRowDelimiter" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters": { + "additionalProperties": false, + "properties": { + "RecordRowPath": { + "markdownDescription": "The path to the top-level parent that contains the records.", + "title": "RecordRowPath", "type": "string" + } + }, + "required": [ + "RecordRowPath" + ], + "type": "object" + }, + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters": { + "additionalProperties": false, + "properties": { + "CSVMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters", + "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", + "title": "CSVMappingParameters" }, - "KeyType": { - "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", - "title": "KeyType", - "type": "string" - }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", - "title": "RoleArn", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", - "title": "SecretArn", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" + "JSONMappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters", + "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", + "title": "JSONMappingParameters" } }, - "required": [ - "RoleArn" - ], "type": "object" }, - "AWS::MediaConnect::FlowSource.GatewayBridgeSource": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn": { "additionalProperties": false, "properties": { - "BridgeArn": { - "markdownDescription": "The ARN of the bridge feeding this flow.", - "title": "BridgeArn", + "Mapping": { + "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", + "title": "Mapping", "type": "string" }, - "VpcInterfaceAttachment": { - "$ref": "#/definitions/AWS::MediaConnect::FlowSource.VpcInterfaceAttachment", - "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", - "title": "VpcInterfaceAttachment" + "Name": { + "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", + "title": "Name", + "type": "string" + }, + "SqlType": { + "markdownDescription": "The type of column created in the in-application input stream or reference table.", + "title": "SqlType", + "type": "string" } }, "required": [ - "BridgeArn" + "Name", + "SqlType" ], "type": "object" }, - "AWS::MediaConnect::FlowSource.VpcInterfaceAttachment": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat": { "additionalProperties": false, "properties": { - "VpcInterfaceName": { - "markdownDescription": "The name of the VPC interface to use for this resource.", - "title": "VpcInterfaceName", + "MappingParameters": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters", + "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", + "title": "MappingParameters" + }, + "RecordFormatType": { + "markdownDescription": "The type of record format.", + "title": "RecordFormatType", "type": "string" } }, + "required": [ + "RecordFormatType" + ], "type": "object" }, - "AWS::MediaConnect::FlowVpcInterface": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "FlowArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", - "title": "FlowArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the VPC interface. This name must be unique within the flow.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created when you set up MediaConnect as a trusted service.", - "title": "RoleArn", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A virtual firewall to control inbound and outbound traffic.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The subnet IDs that you want to use for your VPC interface. A range of IP addresses in your VPC. When you create your VPC, you specify a range of IPv4 addresses for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. This is the primary CIDR block for your VPC. When you create a subnet for your VPC, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. The subnets that you use across all VPC interfaces on the flow must be in the same Availability Zone as the flow.", - "title": "SubnetId", - "type": "string" - } - }, - "required": [ - "FlowArn", - "Name", - "RoleArn", - "SecurityGroupIds", - "SubnetId" - ], - "type": "object" + "ReferenceSchema": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema", + "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", + "title": "ReferenceSchema" }, - "Type": { - "enum": [ - "AWS::MediaConnect::FlowVpcInterface" - ], - "type": "string" + "S3ReferenceDataSource": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource", + "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. A Kinesis Data Analytics application loads reference data only once. If the data changes, you call the [UpdateApplication](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_UpdateApplication.html) operation to trigger reloading of data into your application.", + "title": "S3ReferenceDataSource" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableName": { + "markdownDescription": "The name of the in-application table to create.", + "title": "TableName", "type": "string" } }, "required": [ - "Type", - "Properties" + "ReferenceSchema" ], "type": "object" }, - "AWS::MediaConnect::Gateway": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "EgressCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The range of IP addresses that are allowed to contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "EgressCidrBlocks", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the gateway. This name can not be modified after the gateway is created.", - "title": "Name", - "type": "string" - }, - "Networks": { - "items": { - "$ref": "#/definitions/AWS::MediaConnect::Gateway.GatewayNetwork" - }, - "markdownDescription": "The list of networks in the gateway.", - "title": "Networks", - "type": "array" - } + "RecordColumns": { + "items": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn" }, - "required": [ - "EgressCidrBlocks", - "Name", - "Networks" - ], - "type": "object" + "markdownDescription": "A list of `RecordColumn` objects.", + "title": "RecordColumns", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaConnect::Gateway" - ], + "RecordEncoding": { + "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", + "title": "RecordEncoding", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RecordFormat": { + "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat", + "markdownDescription": "Specifies the format of the records on the streaming source.", + "title": "RecordFormat" } }, "required": [ - "Type", - "Properties" + "RecordColumns", + "RecordFormat" ], "type": "object" }, - "AWS::MediaConnect::Gateway.GatewayNetwork": { + "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource": { "additionalProperties": false, "properties": { - "CidrBlock": { - "markdownDescription": "A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", - "title": "CidrBlock", + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", + "title": "BucketARN", "type": "string" }, - "Name": { - "markdownDescription": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway.", - "title": "Name", + "FileKey": { + "markdownDescription": "The object key name containing the reference data.", + "title": "FileKey", "type": "string" } }, "required": [ - "CidrBlock", - "Name" + "BucketARN", + "FileKey" ], "type": "object" }, - "AWS::MediaConvert::JobTemplate": { + "AWS::KinesisFirehose::DeliveryStream": { "additionalProperties": false, "properties": { "Condition": { @@ -155993,68 +165067,105 @@ "Properties": { "additionalProperties": false, "properties": { - "AccelerationSettings": { - "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.AccelerationSettings", - "markdownDescription": "Accelerated transcoding can significantly speed up jobs with long, visually complex content. Outputs that use this feature incur pro-tier pricing. For information about feature limitations, For more information, see [Job Limitations for Accelerated Transcoding in AWS Elemental MediaConvert](https://docs.aws.amazon.com/mediaconvert/latest/ug/job-requirements.html) in the *AWS Elemental MediaConvert User Guide* .", - "title": "AccelerationSettings" + "AmazonOpenSearchServerlessDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service.", + "title": "AmazonOpenSearchServerlessDestinationConfiguration" }, - "Category": { - "markdownDescription": "Optional. A category for the job template you are creating", - "title": "Category", + "AmazonopensearchserviceDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration", + "markdownDescription": "The destination in Amazon OpenSearch Service. You can specify only one destination.", + "title": "AmazonopensearchserviceDestinationConfiguration" + }, + "DatabaseSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceConfiguration", + "markdownDescription": "The top level object for configuring streams with database as a source.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceConfiguration" + }, + "DeliveryStreamEncryptionConfigurationInput": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput", + "markdownDescription": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE).", + "title": "DeliveryStreamEncryptionConfigurationInput" + }, + "DeliveryStreamName": { + "markdownDescription": "The name of the Firehose stream.", + "title": "DeliveryStreamName", "type": "string" }, - "Description": { - "markdownDescription": "Optional. A description of the job template you are creating.", - "title": "Description", + "DeliveryStreamType": { + "markdownDescription": "The Firehose stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the Firehose stream directly.\n- `KinesisStreamAsSource` : The Firehose stream uses a Kinesis data stream as a source.", + "title": "DeliveryStreamType", "type": "string" }, - "HopDestinations": { - "items": { - "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.HopDestination" - }, - "markdownDescription": "Optional. Configuration for a destination queue to which the job can hop once a customer-defined minimum wait time has passed. For more information, see [Setting Up Queue Hopping to Avoid Long Waits](https://docs.aws.amazon.com/mediaconvert/latest/ug/setting-up-queue-hopping-to-avoid-long-waits.html) in the *AWS Elemental MediaConvert User Guide* .", - "title": "HopDestinations", - "type": "array" + "DirectPutSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DirectPutSourceConfiguration", + "markdownDescription": "The structure that configures parameters such as `ThroughputHintInMBs` for a stream configured with Direct PUT as a source.", + "title": "DirectPutSourceConfiguration" }, - "Name": { - "markdownDescription": "Name of the output group", - "title": "Name", - "type": "string" + "ElasticsearchDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration", + "markdownDescription": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "ElasticsearchDestinationConfiguration" }, - "Priority": { - "markdownDescription": "Specify the relative priority for this job. In any given queue, the service begins processing the job with the highest value first. When more than one job has the same priority, the service begins processing the job that you submitted first. If you don't specify a priority, the service uses the default value 0. Minimum: -50 Maximum: 50", - "title": "Priority", - "type": "number" + "ExtendedS3DestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration", + "markdownDescription": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "ExtendedS3DestinationConfiguration" }, - "Queue": { - "markdownDescription": "Optional. The queue that jobs created from this template are assigned to. Specify the Amazon Resource Name (ARN) of the queue. For example, arn:aws:mediaconvert:us-west-2:505474453218:queues/Default. If you don't specify this, jobs will go to the default queue.", - "title": "Queue", - "type": "string" + "HttpEndpointDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration", + "markdownDescription": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination.", + "title": "HttpEndpointDestinationConfiguration" }, - "SettingsJson": { - "markdownDescription": "Specify, in JSON format, the transcoding job settings for this job template. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert job templates, see [Working with AWS Elemental MediaConvert Job Templates](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-job-templates.html) in the ** .", - "title": "SettingsJson", - "type": "object" + "IcebergDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.IcebergDestinationConfiguration", + "markdownDescription": "Specifies the destination configure settings for Apache Iceberg Table.", + "title": "IcebergDestinationConfiguration" }, - "StatusUpdateInterval": { - "markdownDescription": "Specify how often MediaConvert sends STATUS_UPDATE events to Amazon CloudWatch Events. Set the interval, in seconds, between status updates. MediaConvert sends an update at this interval from the time the service begins processing your job to the time it completes the transcode or encounters an error.\n\nSpecify one of the following enums:\n\nSECONDS_10\n\nSECONDS_12\n\nSECONDS_15\n\nSECONDS_20\n\nSECONDS_30\n\nSECONDS_60\n\nSECONDS_120\n\nSECONDS_180\n\nSECONDS_240\n\nSECONDS_300\n\nSECONDS_360\n\nSECONDS_420\n\nSECONDS_480\n\nSECONDS_540\n\nSECONDS_600", - "title": "StatusUpdateInterval", - "type": "string" + "KinesisStreamSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration", + "markdownDescription": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream.", + "title": "KinesisStreamSourceConfiguration" + }, + "MSKSourceConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration", + "markdownDescription": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream.", + "title": "MSKSourceConfiguration" + }, + "RedshiftDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration", + "markdownDescription": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "RedshiftDestinationConfiguration" + }, + "S3DestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", + "title": "S3DestinationConfiguration" + }, + "SnowflakeDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration", + "markdownDescription": "Configure Snowflake destination", + "title": "SnowflakeDestinationConfiguration" + }, + "SplunkDestinationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration", + "markdownDescription": "The configuration of a destination in Splunk for the delivery stream.", + "title": "SplunkDestinationConfiguration" }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags to assign to the Firehose stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the Firehose stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a Firehose stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)", "title": "Tags", - "type": "object" + "type": "array" } }, - "required": [ - "SettingsJson" - ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaConvert::JobTemplate" + "AWS::KinesisFirehose::DeliveryStream" ], "type": "string" }, @@ -156068,4977 +165179,5094 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::MediaConvert::JobTemplate.AccelerationSettings": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "Specify the conditions when the service will run your job with accelerated transcoding.", - "title": "Mode", - "type": "string" - } - }, - "required": [ - "Mode" + "Type" ], "type": "object" }, - "AWS::MediaConvert::JobTemplate.HopDestination": { + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Optional. When you set up a job to use queue hopping, you can specify a different relative priority for the job in the destination queue. If you don't specify, the relative priority will remain the same as in the previous queue.", - "title": "Priority", + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", + "title": "IntervalInSeconds", "type": "number" }, - "Queue": { - "markdownDescription": "Optional unless the job is submitted on the default queue. When you set up a job to use queue hopping, you can specify a destination queue. This queue cannot be the original queue to which the job is submitted. If the original queue isn't the default queue and you don't specify the destination queue, the job will move to the default queue.", - "title": "Queue", - "type": "string" - }, - "WaitMinutes": { - "markdownDescription": "Required for setting up a job to use queue hopping. Minimum wait time in minutes until the job can hop to the destination queue. Valid range is 1 to 4320 minutes, inclusive.", - "title": "WaitMinutes", + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n\nWe recommend setting this parameter to a value greater than the amount of data you typically ingest into the Firehose stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", + "title": "SizeInMBs", "type": "number" } }, "type": "object" }, - "AWS::MediaConvert::Preset": { + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", + "title": "BufferingHints" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "", + "title": "CloudWatchLoggingOptions" + }, + "CollectionEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.", + "title": "CollectionEndpoint", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "IndexName": { + "markdownDescription": "The Serverless offering for Amazon OpenSearch Service index name.", + "title": "IndexName", + "type": "string" }, - "Metadata": { - "type": "object" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "", + "title": "ProcessingConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Category": { - "markdownDescription": "The new category for the preset, if you are changing it.", - "title": "Category", - "type": "string" - }, - "Description": { - "markdownDescription": "The new description for the preset, if you are changing it.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the preset that you are modifying.", - "title": "Name", - "type": "string" - }, - "SettingsJson": { - "markdownDescription": "Specify, in JSON format, the transcoding job settings for this output preset. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert output presets, see [Working with AWS Elemental MediaConvert Output Presets](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-presets.html) in the ** .", - "title": "SettingsJson", - "type": "object" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - } - }, - "required": [ - "SettingsJson" - ], - "type": "object" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes).", + "title": "RetryOptions" }, - "Type": { - "enum": [ - "AWS::MediaConvert::Preset" - ], + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents.", + "title": "RoleARN", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.", + "title": "S3BackupMode", "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "", + "title": "S3Configuration" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", + "markdownDescription": "", + "title": "VpcConfiguration" } }, "required": [ - "Type", - "Properties" + "IndexName", + "RoleARN", + "S3Configuration" ], "type": "object" }, - "AWS::MediaConvert::Queue": { + "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Optional. A description of the queue that you are creating.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the queue that you are creating.", - "title": "Name", - "type": "string" - }, - "PricingPlan": { - "markdownDescription": "When you use AWS CloudFormation , you can create only on-demand queues. Therefore, always set `PricingPlan` to the value \"ON_DEMAND\" when declaring an AWS::MediaConvert::Queue in your AWS CloudFormation template.\n\nTo create a reserved queue, use the AWS Elemental MediaConvert console at https://console.aws.amazon.com/mediaconvert to set up a contract. For more information, see [Working with AWS Elemental MediaConvert Queues](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-queues.html) in the ** .", - "title": "PricingPlan", - "type": "string" - }, - "Status": { - "markdownDescription": "Initial state of the queue. Queues can be either ACTIVE or PAUSED. If you create a paused queue, then jobs that you send to that queue won't begin.", - "title": "Status", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaConvert::Queue" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", + "title": "DurationInSeconds", + "type": "number" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::MediaLive::Channel": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CdiInputSpecification": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CdiInputSpecification", - "markdownDescription": "Specification of CDI inputs for this channel.", - "title": "CdiInputSpecification" - }, - "ChannelClass": { - "markdownDescription": "The class for this channel. For a channel with two pipelines, the class is STANDARD. For a channel with one pipeline, the class is SINGLE_PIPELINE.", - "title": "ChannelClass", - "type": "string" - }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestination" - }, - "markdownDescription": "The settings that identify the destination for the outputs in this MediaLive output package.", - "title": "Destinations", - "type": "array" - }, - "EncoderSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EncoderSettings", - "markdownDescription": "The encoding configuration for the output content.", - "title": "EncoderSettings" - }, - "InputAttachments": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" - }, - "markdownDescription": "The list of input attachments for the channel.", - "title": "InputAttachments", - "type": "array" - }, - "InputSpecification": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputSpecification", - "markdownDescription": "The input specification for this channel. It specifies the key characteristics of the inputs for this channel: the maximum bitrate, the resolution, and the codec.", - "title": "InputSpecification" - }, - "LogLevel": { - "markdownDescription": "The verbosity for logging activity for this channel. Charges for logging (which are generated through Amazon CloudWatch Logging) are higher for higher verbosities.", - "title": "LogLevel", - "type": "string" - }, - "Maintenance": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MaintenanceCreateSettings", - "markdownDescription": "Maintenance settings for this channel.", - "title": "Maintenance" - }, - "Name": { - "markdownDescription": "Name of channel.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM role for MediaLive to assume when running this channel. The role is identified by its ARN.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "markdownDescription": "A collection of tags for this channel. Each tag is a key-value pair.", - "title": "Tags", - "type": "object" - }, - "Vpc": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VpcOutputSettings", - "markdownDescription": "Settings to enable VPC mode in the channel, so that the endpoints for all outputs are in your VPC.", - "title": "Vpc" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaLive::Channel" - ], - "type": "string" + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", + "title": "IntervalInSeconds", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", + "title": "SizeInMBs", + "type": "number" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::MediaLive::Channel.AacSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid values depend on the rate control mode and profile.", - "title": "Bitrate", - "type": "number" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", + "title": "BufferingHints" }, - "CodingMode": { - "markdownDescription": "Mono, stereo, or 5.1 channel layout. Valid values depend on the rate control mode and profile. The adReceiverMix setting receives a stereo description plus control track, and emits a mono AAC encode of the description track, with control data emitted in the PES header as per ETSI TS 101 154 Annex E.", - "title": "CodingMode", - "type": "string" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", + "title": "CloudWatchLoggingOptions" }, - "InputType": { - "markdownDescription": "Set to broadcasterMixedAd when the input contains pre-mixed main audio + AD (narration) as a stereo pair. The Audio Type field (audioType) will be set to 3, which signals to downstream systems that this stream contains broadcaster mixed AD. Note that the input received by the encoder must contain pre-mixed audio; MediaLive does not perform the mixing. The values in audioTypeControl and audioType (in AudioDescription) are ignored when set to broadcasterMixedAd. Leave this set to normal when the input does not contain pre-mixed audio + AD.", - "title": "InputType", + "ClusterEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field.", + "title": "ClusterEndpoint", "type": "string" }, - "Profile": { - "markdownDescription": "The AAC profile.", - "title": "Profile", - "type": "string" + "DocumentIdOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", + "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", + "title": "DocumentIdOptions" }, - "RateControlMode": { - "markdownDescription": "The rate control mode.", - "title": "RateControlMode", + "DomainARN": { + "markdownDescription": "The ARN of the Amazon OpenSearch Service domain.", + "title": "DomainARN", "type": "string" }, - "RawFormat": { - "markdownDescription": "Sets the LATM/LOAS AAC output for raw containers.", - "title": "RawFormat", + "IndexName": { + "markdownDescription": "The Amazon OpenSearch Service index name.", + "title": "IndexName", "type": "string" }, - "SampleRate": { - "markdownDescription": "The sample rate in Hz. Valid values depend on the rate control mode and profile.", - "title": "SampleRate", - "type": "number" - }, - "Spec": { - "markdownDescription": "Uses MPEG-2 AAC audio instead of MPEG-4 AAC audio for raw or MPEG-2 Transport Stream containers.", - "title": "Spec", + "IndexRotationPeriod": { + "markdownDescription": "The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data.", + "title": "IndexRotationPeriod", "type": "string" }, - "VbrQuality": { - "markdownDescription": "The VBR quality level. This is used only if rateControlMode is VBR.", - "title": "VbrQuality", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Ac3Settings": { - "additionalProperties": false, - "properties": { - "AttenuationControl": { - "markdownDescription": "", - "title": "AttenuationControl", - "type": "string" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "Describes a data processing configuration.", + "title": "ProcessingConfiguration" }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", - "title": "Bitrate", - "type": "number" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions", + "markdownDescription": "The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes).", + "title": "RetryOptions" }, - "BitstreamMode": { - "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream. For more information about these values, see ATSC A/52-2012.", - "title": "BitstreamMode", + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents.", + "title": "RoleARN", "type": "string" }, - "CodingMode": { - "markdownDescription": "The Dolby Digital coding mode. This determines the number of channels.", - "title": "CodingMode", + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3.", + "title": "S3BackupMode", "type": "string" }, - "Dialnorm": { - "markdownDescription": "Sets the dialnorm for the output. If excluded and the input audio is Dolby Digital, dialnorm is passed through.", - "title": "Dialnorm", - "type": "number" - }, - "DrcProfile": { - "markdownDescription": "If set to filmStandard, adds dynamic range compression signaling to the output bitstream as defined in the Dolby Digital specification.", - "title": "DrcProfile", - "type": "string" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in Amazon S3.", + "title": "S3Configuration" }, - "LfeFilter": { - "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. This is valid only in codingMode32Lfe mode.", - "title": "LfeFilter", + "TypeName": { + "markdownDescription": "The Amazon OpenSearch Service type name.", + "title": "TypeName", "type": "string" }, - "MetadataControl": { - "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is supplied from one of these streams, the static metadata settings are used.", - "title": "MetadataControl", - "type": "string" + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", + "markdownDescription": "The details of the VPC of the Amazon OpenSearch Service destination.", + "title": "VpcConfiguration" } }, + "required": [ + "IndexName", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.AncillarySourceSettings": { + "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions": { "additionalProperties": false, "properties": { - "SourceAncillaryChannelNumber": { - "markdownDescription": "Specifies the number (1 to 4) of the captions channel you want to extract from the ancillary captions. If you plan to convert the ancillary captions to another format, complete this field. If you plan to choose Embedded as the captions destination in the output (to pass through all the channels in the ancillary captions), leave this field blank because MediaLive ignores the field.", - "title": "SourceAncillaryChannelNumber", + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", + "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.ArchiveCdnSettings": { + "AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration": { "additionalProperties": false, "properties": { - "ArchiveS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this Archive output.", - "title": "ArchiveS3Settings" + "Connectivity": { + "markdownDescription": "The type of connectivity used to access the Amazon MSK cluster.", + "title": "Connectivity", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "The ARN of the role used to access the Amazon MSK cluster.", + "title": "RoleARN", + "type": "string" } }, + "required": [ + "Connectivity", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.ArchiveContainerSettings": { + "AWS::KinesisFirehose::DeliveryStream.BufferingHints": { "additionalProperties": false, "properties": { - "M2tsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", - "markdownDescription": "The settings for the M2TS in the archive output.", - "title": "M2tsSettings" + "IntervalInSeconds": { + "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "IntervalInSeconds", + "type": "number" }, - "RawSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RawSettings", - "markdownDescription": "The settings for Raw archive output type.", - "title": "RawSettings" + "SizeInMBs": { + "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "SizeInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.ArchiveGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.CatalogConfiguration": { "additionalProperties": false, "properties": { - "ArchiveCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveCdnSettings", - "markdownDescription": "Settings to configure the destination of an Archive output.", - "title": "ArchiveCdnSettings" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "A directory and base file name where archive files should be written.", - "title": "Destination" + "CatalogArn": { + "markdownDescription": "Specifies the Glue catalog ARN identifier of the destination Apache Iceberg Tables. You must specify the ARN in the format `arn:aws:glue:region:account-id:catalog` .", + "title": "CatalogArn", + "type": "string" }, - "RolloverInterval": { - "markdownDescription": "The number of seconds to write to an archive file before closing and starting a new one.", - "title": "RolloverInterval", - "type": "number" + "WarehouseLocation": { + "markdownDescription": "The warehouse location for Apache Iceberg tables. You must configure this when schema evolution and table creation is enabled.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "WarehouseLocation", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.ArchiveOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions": { "additionalProperties": false, "properties": { - "ContainerSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveContainerSettings", - "markdownDescription": "The settings that are specific to the container type of the file.", - "title": "ContainerSettings" + "Enabled": { + "markdownDescription": "Indicates whether CloudWatch Logs logging is enabled.", + "title": "Enabled", + "type": "boolean" }, - "Extension": { - "markdownDescription": "The output file extension. If excluded, this is auto-selected from the container type.", - "title": "Extension", + "LogGroupName": { + "markdownDescription": "The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use.\n\nConditional. If you enable logging, you must specify this property.", + "title": "LogGroupName", "type": "string" }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. The string is required for multiple outputs of the same type.", - "title": "NameModifier", + "LogStreamName": { + "markdownDescription": "The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery.\n\nConditional. If you enable logging, you must specify this property.", + "title": "LogStreamName", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.ArchiveS3Settings": { + "AWS::KinesisFirehose::DeliveryStream.CopyCommand": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", + "CopyOptions": { + "markdownDescription": "Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "CopyOptions", + "type": "string" + }, + "DataTableColumns": { + "markdownDescription": "A comma-separated list of column names.", + "title": "DataTableColumns", + "type": "string" + }, + "DataTableName": { + "markdownDescription": "The name of the target table. The table must already exist in the database.", + "title": "DataTableName", "type": "string" } }, + "required": [ + "DataTableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.AribDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.AribSourceSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.AudioChannelMapping": { + "AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration": { "additionalProperties": false, "properties": { - "InputChannelLevels": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputChannelLevel" - }, - "markdownDescription": "The indices and gain values for each input channel that should be remixed into this output channel.", - "title": "InputChannelLevels", - "type": "array" + "Enabled": { + "markdownDescription": "Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details.", + "title": "Enabled", + "type": "boolean" }, - "OutputChannel": { - "markdownDescription": "The index of the output channel that is being produced.", - "title": "OutputChannel", - "type": "number" + "InputFormatConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration", + "markdownDescription": "Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true.", + "title": "InputFormatConfiguration" + }, + "OutputFormatConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration", + "markdownDescription": "Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true.", + "title": "OutputFormatConfiguration" + }, + "SchemaConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration", + "markdownDescription": "Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true.", + "title": "SchemaConfiguration" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioCodecSettings": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseColumns": { "additionalProperties": false, "properties": { - "AacSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AacSettings", - "markdownDescription": "The setup of the AAC audio codec in the output.", - "title": "AacSettings" - }, - "Ac3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Ac3Settings", - "markdownDescription": "The setup of an AC3 audio codec in the output.", - "title": "Ac3Settings" - }, - "Eac3AtmosSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3AtmosSettings", + "Exclude": { + "items": { + "type": "string" + }, "markdownDescription": "", - "title": "Eac3AtmosSettings" - }, - "Eac3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3Settings", - "markdownDescription": "The setup of an EAC3 audio codec in the output.", - "title": "Eac3Settings" - }, - "Mp2Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mp2Settings", - "markdownDescription": "The setup of an MP2 audio codec in the output.", - "title": "Mp2Settings" - }, - "PassThroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.PassThroughSettings", - "markdownDescription": "The setup to pass through the Dolby audio codec to the output.", - "title": "PassThroughSettings" + "title": "Exclude", + "type": "array" }, - "WavSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.WavSettings", - "markdownDescription": "Settings for audio encoded with the WAV codec.", - "title": "WavSettings" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioDescription": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceAuthenticationConfiguration": { "additionalProperties": false, "properties": { - "AudioDashRoles": { - "items": { - "type": "string" - }, + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", "markdownDescription": "", - "title": "AudioDashRoles", - "type": "array" - }, - "AudioNormalizationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioNormalizationSettings", - "markdownDescription": "The advanced audio normalization settings.", - "title": "AudioNormalizationSettings" - }, - "AudioSelectorName": { - "markdownDescription": "The name of the AudioSelector that is used as the source for this AudioDescription.", - "title": "AudioSelectorName", - "type": "string" - }, - "AudioType": { - "markdownDescription": "Applies only if audioTypeControl is useConfigured. The values for audioType are defined in ISO-IEC 13818-1.", - "title": "AudioType", + "title": "SecretsManagerConfiguration" + } + }, + "required": [ + "SecretsManagerConfiguration" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceConfiguration": { + "additionalProperties": false, + "properties": { + "Columns": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseColumns", + "markdownDescription": "The list of column patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Columns" + }, + "DatabaseSourceAuthenticationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceAuthenticationConfiguration", + "markdownDescription": "The structure to configure the authentication methods for Firehose to connect to source database endpoint.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceAuthenticationConfiguration" + }, + "DatabaseSourceVPCConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseSourceVPCConfiguration", + "markdownDescription": "The details of the VPC Endpoint Service which Firehose uses to create a PrivateLink to the database.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "DatabaseSourceVPCConfiguration" + }, + "Databases": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Databases", + "markdownDescription": "The list of database patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Databases" + }, + "Digest": { + "markdownDescription": "", + "title": "Digest", "type": "string" }, - "AudioTypeControl": { - "markdownDescription": "Determines how audio type is determined. followInput: If the input contains an ISO 639 audioType, then that value is passed through to the output. If the input contains no ISO 639 audioType, the value in Audio Type is included in the output. useConfigured: The value in Audio Type is included in the output. Note that this field and audioType are both ignored if inputType is broadcasterMixedAd.", - "title": "AudioTypeControl", + "Endpoint": { + "markdownDescription": "The endpoint of the database server.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Endpoint", "type": "string" }, - "AudioWatermarkingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioWatermarkSettings", - "markdownDescription": "Settings to configure one or more solutions that insert audio watermarks in the audio encode", - "title": "AudioWatermarkingSettings" - }, - "CodecSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioCodecSettings", - "markdownDescription": "The audio codec settings.", - "title": "CodecSettings" + "Port": { + "markdownDescription": "The port of the database. This can be one of the following values.\n\n- 3306 for MySQL database type\n- 5432 for PostgreSQL database type\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Port", + "type": "number" }, - "DvbDashAccessibility": { + "PublicCertificate": { "markdownDescription": "", - "title": "DvbDashAccessibility", + "title": "PublicCertificate", "type": "string" }, - "LanguageCode": { - "markdownDescription": "Indicates the language of the audio output track. Used only if languageControlMode is useConfigured, or there is no ISO 639 language code specified in the input.", - "title": "LanguageCode", + "SSLMode": { + "markdownDescription": "The mode to enable or disable SSL when Firehose connects to the database endpoint.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SSLMode", "type": "string" }, - "LanguageCodeControl": { - "markdownDescription": "Choosing followInput causes the ISO 639 language code of the output to follow the ISO 639 language code of the input. The languageCode setting is used when useConfigured is set, or when followInput is selected but there is no ISO 639 language code specified by the input.", - "title": "LanguageCodeControl", + "SnapshotWatermarkTable": { + "markdownDescription": "The fully qualified name of the table in source database endpoint that Firehose uses to track snapshot progress.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SnapshotWatermarkTable", "type": "string" }, - "Name": { - "markdownDescription": "The name of this AudioDescription. Outputs use this name to uniquely identify this AudioDescription. Description names should be unique within this channel.", - "title": "Name", - "type": "string" + "SurrogateKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The optional list of table and column names used as unique key columns when taking snapshot if the tables don\u2019t have primary keys configured.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SurrogateKeys", + "type": "array" }, - "RemixSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RemixSettings", - "markdownDescription": "The settings that control how input audio channels are remixed into the output audio channels.", - "title": "RemixSettings" + "Tables": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DatabaseTables", + "markdownDescription": "The list of table patterns in source database endpoint for Firehose to read from.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Tables" }, - "StreamName": { - "markdownDescription": "Used for Microsoft Smooth and Apple HLS outputs. Indicates the name displayed by the player (for example, English or Director Commentary).", - "title": "StreamName", + "Type": { + "markdownDescription": "The type of database engine. This can be one of the following values.\n\n- MySQL\n- PostgreSQL\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Type", "type": "string" } }, + "required": [ + "DatabaseSourceAuthenticationConfiguration", + "DatabaseSourceVPCConfiguration", + "Databases", + "Endpoint", + "Port", + "SnapshotWatermarkTable", + "Tables", + "Type" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioDolbyEDecode": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseSourceVPCConfiguration": { "additionalProperties": false, "properties": { - "ProgramSelection": { - "markdownDescription": "", - "title": "ProgramSelection", + "VpcEndpointServiceName": { + "markdownDescription": "The VPC endpoint service name which Firehose uses to create a PrivateLink to the database. The endpoint service must have the Firehose service principle `firehose.amazonaws.com` as an allowed principal on the VPC endpoint service. The VPC endpoint service name is a string that looks like `com.amazonaws.vpce..` .\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "VpcEndpointServiceName", "type": "string" } }, + "required": [ + "VpcEndpointServiceName" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioHlsRenditionSelection": { + "AWS::KinesisFirehose::DeliveryStream.DatabaseTables": { "additionalProperties": false, "properties": { - "GroupId": { - "markdownDescription": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.", - "title": "GroupId", - "type": "string" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "Name": { - "markdownDescription": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.", - "title": "Name", - "type": "string" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioLanguageSelection": { + "AWS::KinesisFirehose::DeliveryStream.Databases": { "additionalProperties": false, "properties": { - "LanguageCode": { - "markdownDescription": "Selects a specific three-letter language code from within an audio source.", - "title": "LanguageCode", - "type": "string" + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Exclude", + "type": "array" }, - "LanguageSelectionPolicy": { - "markdownDescription": "When set to \"strict,\" the transport stream demux strictly identifies audio streams by their language descriptor. If a PMT update occurs such that an audio stream matching the initially selected language is no longer present, then mute is encoded until the language returns. If set to \"loose,\" then on a PMT update the demux chooses another audio stream in the program with the same stream type if it can't find one with the same language.", - "title": "LanguageSelectionPolicy", - "type": "string" + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Include", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioNormalizationSettings": { + "AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "The audio normalization algorithm to use. itu17701 conforms to the CALM Act specification. itu17702 conforms to the EBU R-128 specification.", - "title": "Algorithm", + "KeyARN": { + "markdownDescription": "If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK.", + "title": "KeyARN", "type": "string" }, - "AlgorithmControl": { - "markdownDescription": "When set to correctAudio, the output audio is corrected using the chosen algorithm. If set to measureOnly, the audio is measured but not adjusted.", - "title": "AlgorithmControl", + "KeyType": { + "markdownDescription": "Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) .\n\nYou can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams.\n\n> To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide.", + "title": "KeyType", "type": "string" - }, - "TargetLkfs": { - "markdownDescription": "The Target LKFS(loudness) to adjust volume to. If no value is entered, a default value is used according to the chosen algorithm. The CALM Act (1770-1) recommends a target of -24 LKFS. The EBU R-128 specification (1770-2) recommends a target of -23 LKFS.", - "title": "TargetLkfs", - "type": "number" } }, + "required": [ + "KeyType" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioOnlyHlsSettings": { + "AWS::KinesisFirehose::DeliveryStream.Deserializer": { "additionalProperties": false, "properties": { - "AudioGroupId": { - "markdownDescription": "Specifies the group that the audio rendition belongs to.", - "title": "AudioGroupId", - "type": "string" - }, - "AudioOnlyImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "Used with an audio-only stream. It must be a .jpg or .png file. If given, this image is used as the cover art for the audio-only output. Ideally, it should be formatted for an iPhone screen for two reasons. The iPhone does not resize the image; instead, it crops a centered image on the top/bottom and left/right. Additionally, this image file gets saved bit-for-bit into every 10-second segment file, so it increases bandwidth by {image file size} * {segment count} * {user count.}.", - "title": "AudioOnlyImage" - }, - "AudioTrackType": { - "markdownDescription": "Four types of audio-only tracks are supported: Audio-Only Variant Stream The client can play back this audio-only stream instead of video in low-bandwidth scenarios. Represented as an EXT-X-STREAM-INF in the HLS manifest. Alternate Audio, Auto Select, Default Alternate rendition that the client should try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=YES, AUTOSELECT=YES Alternate Audio, Auto Select, Not Default Alternate rendition that the client might try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=YES Alternate Audio, not Auto Select Alternate rendition that the client will not try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=NO.", - "title": "AudioTrackType", - "type": "string" + "HiveJsonSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe", + "markdownDescription": "The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.", + "title": "HiveJsonSerDe" }, - "SegmentType": { - "markdownDescription": "Specifies the segment type.", - "title": "SegmentType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.AudioPidSelection": { - "additionalProperties": false, - "properties": { - "Pid": { - "markdownDescription": "Select the audio by this PID.", - "title": "Pid", - "type": "number" + "OpenXJsonSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe", + "markdownDescription": "The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.", + "title": "OpenXJsonSerDe" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioSelector": { + "AWS::KinesisFirehose::DeliveryStream.DestinationTableConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A name for this AudioSelector.", - "title": "Name", + "DestinationDatabaseName": { + "markdownDescription": "The name of the Apache Iceberg database.", + "title": "DestinationDatabaseName", "type": "string" }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelectorSettings", - "markdownDescription": "Information about the specific audio to extract from the input.", - "title": "SelectorSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.AudioSelectorSettings": { - "additionalProperties": false, - "properties": { - "AudioHlsRenditionSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioHlsRenditionSelection", - "markdownDescription": "Selector for HLS audio rendition.", - "title": "AudioHlsRenditionSelection" + "DestinationTableName": { + "markdownDescription": "Specifies the name of the Apache Iceberg Table.", + "title": "DestinationTableName", + "type": "string" }, - "AudioLanguageSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioLanguageSelection", - "markdownDescription": "The language code of the audio to select.", - "title": "AudioLanguageSelection" + "PartitionSpec": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.PartitionSpec", + "markdownDescription": "The partition spec configuration for a table that is used by automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "PartitionSpec" }, - "AudioPidSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioPidSelection", - "markdownDescription": "The PID of the audio to select.", - "title": "AudioPidSelection" + "S3ErrorOutputPrefix": { + "markdownDescription": "The table specific S3 error output prefix. All the errors that occurred while delivering to this table will be prefixed with this value in S3 destination.", + "title": "S3ErrorOutputPrefix", + "type": "string" }, - "AudioTrackSelection": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrackSelection", - "markdownDescription": "Information about the audio track to extract.", - "title": "AudioTrackSelection" + "UniqueKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of unique keys for a given Apache Iceberg table. Firehose will use these for running Create, Update, or Delete operations on the given Iceberg table.", + "title": "UniqueKeys", + "type": "array" } }, + "required": [ + "DestinationDatabaseName", + "DestinationTableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioSilenceFailoverSettings": { + "AWS::KinesisFirehose::DeliveryStream.DirectPutSourceConfiguration": { "additionalProperties": false, "properties": { - "AudioSelectorName": { - "markdownDescription": "The name of the audio selector in the input that MediaLive should monitor to detect silence. Select your most important rendition. If you didn't create an audio selector in this input, leave blank.", - "title": "AudioSelectorName", - "type": "string" - }, - "AudioSilenceThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that the active input must be silent before automatic input failover occurs. Silence is defined as audio loss or audio quieter than -50 dBFS.", - "title": "AudioSilenceThresholdMsec", + "ThroughputHintInMBs": { + "markdownDescription": "The value that you configure for this parameter is for information purpose only and does not affect Firehose delivery throughput limit. You can use the [Firehose Limits form](https://docs.aws.amazon.com/https://support.console.aws.amazon.com/support/home#/case/create%3FissueType=service-limit-increase%26limitType=kinesis-firehose-limits) to request a throughput limit increase.", + "title": "ThroughputHintInMBs", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioTrack": { + "AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions": { "additionalProperties": false, "properties": { - "Track": { - "markdownDescription": "1-based integer value that maps to a specific audio track", - "title": "Track", - "type": "number" + "DefaultDocumentIdFormat": { + "markdownDescription": "When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs.\n\nWhen the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance.", + "title": "DefaultDocumentIdFormat", + "type": "string" } }, + "required": [ + "DefaultDocumentIdFormat" + ], "type": "object" }, - "AWS::MediaLive::Channel.AudioTrackSelection": { + "AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration": { "additionalProperties": false, "properties": { - "DolbyEDecode": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDolbyEDecode", - "markdownDescription": "", - "title": "DolbyEDecode" + "Enabled": { + "markdownDescription": "Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream.", + "title": "Enabled", + "type": "boolean" }, - "Tracks": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrack" - }, - "markdownDescription": "Selects one or more unique audio tracks from within a source.", - "title": "Tracks", - "type": "array" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.", + "title": "RetryOptions" } }, "type": "object" }, - "AWS::MediaLive::Channel.AudioWatermarkSettings": { + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints": { "additionalProperties": false, "properties": { - "NielsenWatermarksSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenWatermarksSettings", - "markdownDescription": "Settings to configure Nielsen Watermarks in the audio encode", - "title": "NielsenWatermarksSettings" + "IntervalInSeconds": { + "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "IntervalInSeconds", + "type": "number" + }, + "SizeInMBs": { + "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "SizeInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.AutomaticInputFailoverSettings": { + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration": { "additionalProperties": false, "properties": { - "ErrorClearTimeMsec": { - "markdownDescription": "This clear time defines the requirement a recovered input must meet to be considered healthy. The input must have no failover conditions for this length of time. Enter a time in milliseconds. This value is particularly important if the input_preference for the failover pair is set to PRIMARY_INPUT_PREFERRED, because after this time, MediaLive will switch back to the primary input.", - "title": "ErrorClearTimeMsec", - "type": "number" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints", + "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain.", + "title": "BufferingHints" }, - "FailoverConditions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverCondition" - }, - "markdownDescription": "A list of failover conditions. If any of these conditions occur, MediaLive will perform a failover to the other input.", - "title": "FailoverConditions", - "type": "array" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch Logs logging options for the delivery stream.", + "title": "CloudWatchLoggingOptions" }, - "InputPreference": { - "markdownDescription": "Input preference when deciding which input to make active when a previously failed input has recovered.", - "title": "InputPreference", + "ClusterEndpoint": { + "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field.", + "title": "ClusterEndpoint", "type": "string" }, - "SecondaryInputId": { - "markdownDescription": "The input ID of the secondary input in the automatic input failover pair.", - "title": "SecondaryInputId", + "DocumentIdOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", + "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", + "title": "DocumentIdOptions" + }, + "DomainARN": { + "markdownDescription": "The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* .\n\nSpecify either `ClusterEndpoint` or `DomainARN` .", + "title": "DomainARN", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.AvailBlanking": { - "additionalProperties": false, - "properties": { - "AvailBlankingImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The blanking image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", - "title": "AvailBlankingImage" }, - "State": { - "markdownDescription": "When set to enabled, the video, audio, and captions are blanked when insertion metadata is added.", - "title": "State", + "IndexName": { + "markdownDescription": "The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing.", + "title": "IndexName", + "type": "string" + }, + "IndexRotationPeriod": { + "markdownDescription": "The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "IndexRotationPeriod", + "type": "string" + }, + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions", + "markdownDescription": "The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES.", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) .", + "title": "RoleARN", + "type": "string" + }, + "S3BackupMode": { + "markdownDescription": "The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "S3BackupMode", + "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The S3 bucket where Kinesis Data Firehose backs up incoming data.", + "title": "S3Configuration" + }, + "TypeName": { + "markdownDescription": "The Elasticsearch type name that Amazon ES adds to documents when indexing data.", + "title": "TypeName", "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", + "markdownDescription": "The details of the VPC of the Amazon ES destination.", + "title": "VpcConfiguration" } }, + "required": [ + "IndexName", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.AvailConfiguration": { + "AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions": { "additionalProperties": false, "properties": { - "AvailSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailSettings", - "markdownDescription": "The setup of ad avail handling in the output.", - "title": "AvailSettings" + "DurationInSeconds": { + "markdownDescription": "After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.AvailSettings": { + "AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "Esam": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Esam", - "markdownDescription": "", - "title": "Esam" - }, - "Scte35SpliceInsert": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35SpliceInsert", - "markdownDescription": "The setup for SCTE-35 splice insert handling.", - "title": "Scte35SpliceInsert" + "KMSEncryptionConfig": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig", + "markdownDescription": "The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data.", + "title": "KMSEncryptionConfig" }, - "Scte35TimeSignalApos": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35TimeSignalApos", - "markdownDescription": "The setup for SCTE-35 time signal APOS handling.", - "title": "Scte35TimeSignalApos" + "NoEncryptionConfig": { + "markdownDescription": "Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "NoEncryptionConfig", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.BlackoutSlate": { + "AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration": { "additionalProperties": false, "properties": { - "BlackoutSlateImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The blackout slate image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", - "title": "BlackoutSlateImage" - }, - "NetworkEndBlackout": { - "markdownDescription": "Setting to enabled causes MediaLive to blackout the video, audio, and captions, and raise the \"Network Blackout Image\" slate when an SCTE104/35 Network End Segmentation Descriptor is encountered. The blackout is lifted when the Network Start Segmentation Descriptor is encountered. The Network End and Network Start descriptors must contain a network ID that matches the value entered in Network ID.", - "title": "NetworkEndBlackout", + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "BucketARN", "type": "string" }, - "NetworkEndBlackoutImage": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The path to the local file to use as the Network End Blackout image. The image is scaled to fill the entire output raster.", - "title": "NetworkEndBlackoutImage" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "The buffering option.", + "title": "BufferingHints" }, - "NetworkId": { - "markdownDescription": "Provides a Network ID that matches EIDR ID format (for example, \"10.XXXX/XXXX-XXXX-XXXX-XXXX-XXXX-C\").", - "title": "NetworkId", - "type": "string" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" }, - "State": { - "markdownDescription": "When set to enabled, this causes video, audio, and captions to be blanked when indicated by program metadata.", - "title": "State", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.BurnInDestinationSettings": { - "additionalProperties": false, - "properties": { - "Alignment": { - "markdownDescription": "If no explicit xPosition or yPosition is provided, setting alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. All burn-in and DVB-Sub font settings must match.", - "title": "Alignment", + "CompressionFormat": { + "markdownDescription": "The compression format. If no value is specified, the default is `UNCOMPRESSED` .", + "title": "CompressionFormat", "type": "string" }, - "BackgroundColor": { - "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundColor", + "CustomTimeZone": { + "markdownDescription": "The time zone you prefer. UTC is the default.", + "title": "CustomTimeZone", "type": "string" }, - "BackgroundOpacity": { - "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundOpacity", - "type": "number" - }, - "Font": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", - "title": "Font" - }, - "FontColor": { - "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "FontColor", - "type": "string" + "DataFormatConversionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration", + "markdownDescription": "The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3.", + "title": "DataFormatConversionConfiguration" }, - "FontOpacity": { - "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", - "title": "FontOpacity", - "type": "number" + "DynamicPartitioningConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration", + "markdownDescription": "The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys.", + "title": "DynamicPartitioningConfiguration" }, - "FontResolution": { - "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", - "title": "FontResolution", - "type": "number" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", + "markdownDescription": "The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` .", + "title": "EncryptionConfiguration" }, - "FontSize": { - "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", - "title": "FontSize", + "ErrorOutputPrefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", + "title": "ErrorOutputPrefix", "type": "string" }, - "OutlineColor": { - "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineColor", + "FileExtension": { + "markdownDescription": "Specify a file extension. It will override the default file extension", + "title": "FileExtension", "type": "string" }, - "OutlineSize": { - "markdownDescription": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineSize", - "type": "number" - }, - "ShadowColor": { - "markdownDescription": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowColor", + "Prefix": { + "markdownDescription": "The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "Prefix", "type": "string" }, - "ShadowOpacity": { - "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "ShadowOpacity", - "type": "number" - }, - "ShadowXOffset": { - "markdownDescription": "Specifies the horizontal offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowXOffset", - "type": "number" - }, - "ShadowYOffset": { - "markdownDescription": "Specifies the vertical offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowYOffset", - "type": "number" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" }, - "TeletextGridControl": { - "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies only to Teletext inputs and DVB-Sub/Burn-in outputs.", - "title": "TeletextGridControl", + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "RoleARN", "type": "string" }, - "XPosition": { - "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. All burn-in and DVB-Sub font settings must match.", - "title": "XPosition", - "type": "number" + "S3BackupConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for backup in Amazon S3.", + "title": "S3BackupConfiguration" }, - "YPosition": { - "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. All burn-in and DVB-Sub font settings must match.", - "title": "YPosition", - "type": "number" + "S3BackupMode": { + "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", + "title": "S3BackupMode", + "type": "string" } }, + "required": [ + "BucketARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionDescription": { + "AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe": { "additionalProperties": false, "properties": { - "Accessibility": { - "markdownDescription": "", - "title": "Accessibility", - "type": "string" - }, - "CaptionDashRoles": { + "TimestampFormats": { "items": { "type": "string" }, - "markdownDescription": "", - "title": "CaptionDashRoles", + "markdownDescription": "Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default.", + "title": "TimestampFormats", "type": "array" - }, - "CaptionSelectorName": { - "markdownDescription": "Specifies which input captions selector to use as a captions source when generating output captions. This field should match a captionSelector name.", - "title": "CaptionSelectorName", - "type": "string" - }, - "DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDestinationSettings", - "markdownDescription": "Additional settings for a captions destination that depend on the destination type.", - "title": "DestinationSettings" - }, - "DvbDashAccessibility": { - "markdownDescription": "", - "title": "DvbDashAccessibility", + } + }, + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "markdownDescription": "The name of the HTTP endpoint common attribute.", + "title": "AttributeName", "type": "string" }, - "LanguageCode": { - "markdownDescription": "An ISO 639-2 three-digit code. For more information, see http://www.loc.gov/standards/iso639-2/.", - "title": "LanguageCode", + "AttributeValue": { + "markdownDescription": "The value of the HTTP endpoint common attribute.", + "title": "AttributeValue", "type": "string" - }, - "LanguageDescription": { - "markdownDescription": "Human-readable information to indicate the captions that are available for players (for example, English or Spanish).", - "title": "LanguageDescription", + } + }, + "required": [ + "AttributeName", + "AttributeValue" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration": { + "additionalProperties": false, + "properties": { + "AccessKey": { + "markdownDescription": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.", + "title": "AccessKey", "type": "string" }, "Name": { - "markdownDescription": "The name of the captions description. The name is used to associate a captions description with an output. Names must be unique within a channel.", + "markdownDescription": "The name of the HTTP endpoint selected as the destination.", "title": "Name", "type": "string" + }, + "Url": { + "markdownDescription": "The URL of the HTTP endpoint selected as the destination.", + "title": "Url", + "type": "string" } }, + "required": [ + "Url" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionDestinationSettings": { + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration": { "additionalProperties": false, "properties": { - "AribDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AribDestinationSettings", - "markdownDescription": "The configuration of one ARIB captions encode in the output.", - "title": "AribDestinationSettings" - }, - "BurnInDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.BurnInDestinationSettings", - "markdownDescription": "The configuration of one burn-in captions encode in the output.", - "title": "BurnInDestinationSettings" - }, - "DvbSubDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubDestinationSettings", - "markdownDescription": "The configuration of one DVB Sub captions encode in the output.", - "title": "DvbSubDestinationSettings" - }, - "EbuTtDDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EbuTtDDestinationSettings", - "markdownDescription": "Settings for EBU-TT captions in the output.", - "title": "EbuTtDDestinationSettings" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other.", + "title": "BufferingHints" }, - "EmbeddedDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedDestinationSettings", - "markdownDescription": "The configuration of one embedded captions encode in the output.", - "title": "EmbeddedDestinationSettings" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", + "title": "CloudWatchLoggingOptions" }, - "EmbeddedPlusScte20DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings", - "markdownDescription": "The configuration of one embedded plus SCTE-20 captions encode in the output.", - "title": "EmbeddedPlusScte20DestinationSettings" + "EndpointConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration", + "markdownDescription": "The configuration of the HTTP endpoint selected as the destination.", + "title": "EndpointConfiguration" }, - "RtmpCaptionInfoDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings", - "markdownDescription": "The configuration of one RTMPCaptionInfo captions encode in the output.", - "title": "RtmpCaptionInfoDestinationSettings" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "Describes the data processing configuration.", + "title": "ProcessingConfiguration" }, - "Scte20PlusEmbeddedDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings", - "markdownDescription": "The configuration of one SCTE20 plus embedded captions encode in the output.", - "title": "Scte20PlusEmbeddedDestinationSettings" + "RequestConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration", + "markdownDescription": "The configuration of the request sent to the HTTP endpoint specified as the destination.", + "title": "RequestConfiguration" }, - "Scte27DestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27DestinationSettings", - "markdownDescription": "The configuration of one SCTE-27 captions encode in the output.", - "title": "Scte27DestinationSettings" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination.", + "title": "RetryOptions" }, - "SmpteTtDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.SmpteTtDestinationSettings", - "markdownDescription": "The configuration of one SMPTE-TT captions encode in the output.", - "title": "SmpteTtDestinationSettings" + "RoleARN": { + "markdownDescription": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs.", + "title": "RoleARN", + "type": "string" }, - "TeletextDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextDestinationSettings", - "markdownDescription": "The configuration of one Teletext captions encode in the output.", - "title": "TeletextDestinationSettings" + "S3BackupMode": { + "markdownDescription": "Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly).", + "title": "S3BackupMode", + "type": "string" }, - "TtmlDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TtmlDestinationSettings", - "markdownDescription": "The configuration of one TTML captions encode in the output.", - "title": "TtmlDestinationSettings" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "Describes the configuration of a destination in Amazon S3.", + "title": "S3Configuration" }, - "WebvttDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.WebvttDestinationSettings", - "markdownDescription": "The configuration of one WebVTT captions encode in the output.", - "title": "WebvttDestinationSettings" + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for HTTP Endpoint destination.", + "title": "SecretsManagerConfiguration" } }, + "required": [ + "EndpointConfiguration", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.CaptionLanguageMapping": { + "AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration": { "additionalProperties": false, "properties": { - "CaptionChannel": { - "markdownDescription": "The closed caption channel being described by this CaptionLanguageMapping. Each channel mapping must have a unique channel number (maximum of 4).", - "title": "CaptionChannel", - "type": "number" - }, - "LanguageCode": { - "markdownDescription": "A three-character ISO 639-2 language code (see http://www.loc.gov/standards/iso639-2).", - "title": "LanguageCode", - "type": "string" + "CommonAttributes": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute" + }, + "markdownDescription": "Describes the metadata sent to the HTTP endpoint destination.", + "title": "CommonAttributes", + "type": "array" }, - "LanguageDescription": { - "markdownDescription": "The textual description of language.", - "title": "LanguageDescription", + "ContentEncoding": { + "markdownDescription": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation.", + "title": "ContentEncoding", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.CaptionRectangle": { + "AWS::KinesisFirehose::DeliveryStream.IcebergDestinationConfiguration": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "See the description in leftOffset.\n\nFor height, specify the entire height of the rectangle as a percentage of the underlying frame height. For example, \\\"80\\\" means the rectangle height is 80% of the underlying frame height. The topOffset and rectangleHeight must add up to 100% or less. This field corresponds to tts:extent - Y in the TTML standard.", - "title": "Height", - "type": "number" + "AppendOnly": { + "markdownDescription": "Describes whether all incoming data for this delivery stream will be append only (inserts only and not for updates and deletes) for Iceberg delivery. This feature is only applicable for Apache Iceberg Tables.\n\nThe default value is false. If you set this value to true, Firehose automatically increases the throughput limit of a stream based on the throttling levels of the stream. If you set this parameter to true for a stream with updates and deletes, you will see out of order delivery.", + "title": "AppendOnly", + "type": "boolean" }, - "LeftOffset": { - "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. (Make sure to leave the default if you don't have either of these formats in the output.) You can define a display rectangle for the captions that is smaller than the underlying video frame. You define the rectangle by specifying the position of the left edge, top edge, bottom edge, and right edge of the rectangle, all within the underlying video frame. The units for the measurements are percentages. If you specify a value for one of these fields, you must specify a value for all of them.\n\nFor leftOffset, specify the position of the left edge of the rectangle, as a percentage of the underlying frame width, and relative to the left edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame width. The rectangle left edge starts at that position from the left edge of the frame. This field corresponds to tts:origin - X in the TTML standard.", - "title": "LeftOffset", - "type": "number" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "", + "title": "BufferingHints" }, - "TopOffset": { - "markdownDescription": "See the description in leftOffset.\n\nFor topOffset, specify the position of the top edge of the rectangle, as a percentage of the underlying frame height, and relative to the top edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame height. The rectangle top edge starts at that position from the top edge of the frame. This field corresponds to tts:origin - Y in the TTML standard.", - "title": "TopOffset", - "type": "number" + "CatalogConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CatalogConfiguration", + "markdownDescription": "Configuration describing where the destination Apache Iceberg Tables are persisted.", + "title": "CatalogConfiguration" }, - "Width": { - "markdownDescription": "See the description in leftOffset.\n\nFor width, specify the entire width of the rectangle as a percentage of the underlying frame width. For example, \\\"80\\\" means the rectangle width is 80% of the underlying frame width. The leftOffset and rectangleWidth must add up to 100% or less. This field corresponds to tts:extent - X in the TTML standard.", - "title": "Width", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.CaptionSelector": { - "additionalProperties": false, - "properties": { - "LanguageCode": { - "markdownDescription": "When specified, this field indicates the three-letter language code of the captions track to extract from the source.", - "title": "LanguageCode", - "type": "string" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "", + "title": "CloudWatchLoggingOptions" }, - "Name": { - "markdownDescription": "The name identifier for a captions selector. This name is used to associate this captions selector with one or more captions descriptions. Names must be unique within a channel.", - "title": "Name", - "type": "string" + "DestinationTableConfigurationList": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DestinationTableConfiguration" + }, + "markdownDescription": "Provides a list of `DestinationTableConfigurations` which Firehose uses to deliver data to Apache Iceberg Tables. Firehose will write data with insert if table specific configuration is not provided here.", + "title": "DestinationTableConfigurationList", + "type": "array" }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelectorSettings", - "markdownDescription": "Information about the specific audio to extract from the input.", - "title": "SelectorSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.CaptionSelectorSettings": { - "additionalProperties": false, - "properties": { - "AncillarySourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AncillarySourceSettings", - "markdownDescription": "Information about the ancillary captions to extract from the input.", - "title": "AncillarySourceSettings" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "", + "title": "ProcessingConfiguration" }, - "AribSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AribSourceSettings", - "markdownDescription": "Information about the ARIB captions to extract from the input.", - "title": "AribSourceSettings" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", + "markdownDescription": "", + "title": "RetryOptions" }, - "DvbSubSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubSourceSettings", - "markdownDescription": "Information about the DVB Sub captions to extract from the input.", - "title": "DvbSubSourceSettings" + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling Apache Iceberg Tables.", + "title": "RoleARN", + "type": "string" }, - "EmbeddedSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedSourceSettings", - "markdownDescription": "Information about the embedded captions to extract from the input.", - "title": "EmbeddedSourceSettings" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "", + "title": "S3Configuration" }, - "Scte20SourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20SourceSettings", - "markdownDescription": "Information about the SCTE-20 captions to extract from the input.", - "title": "Scte20SourceSettings" + "SchemaEvolutionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaEvolutionConfiguration", + "markdownDescription": "The configuration to enable automatic schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SchemaEvolutionConfiguration" }, - "Scte27SourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27SourceSettings", - "markdownDescription": "Information about the SCTE-27 captions to extract from the input.", - "title": "Scte27SourceSettings" + "TableCreationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.TableCreationConfiguration", + "markdownDescription": "The configuration to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "TableCreationConfiguration" }, - "TeletextSourceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextSourceSettings", - "markdownDescription": "Information about the Teletext captions to extract from the input.", - "title": "TeletextSourceSettings" + "s3BackupMode": { + "markdownDescription": "Describes how Firehose will backup records. Currently,S3 backup only supports `FailedDataOnly` .", + "title": "s3BackupMode", + "type": "string" } }, + "required": [ + "CatalogConfiguration", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.CdiInputSpecification": { + "AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration": { "additionalProperties": false, "properties": { - "Resolution": { - "markdownDescription": "Maximum CDI input resolution", - "title": "Resolution", - "type": "string" + "Deserializer": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Deserializer", + "markdownDescription": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request.", + "title": "Deserializer" } }, "type": "object" }, - "AWS::MediaLive::Channel.CmafIngestGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "", - "title": "Destination" - }, - "NielsenId3Behavior": { - "markdownDescription": "", - "title": "NielsenId3Behavior", - "type": "string" - }, - "Scte35Type": { - "markdownDescription": "", - "title": "Scte35Type", - "type": "string" - }, - "SegmentLength": { - "markdownDescription": "", - "title": "SegmentLength", - "type": "number" - }, - "SegmentLengthUnits": { - "markdownDescription": "", - "title": "SegmentLengthUnits", + "AWSKMSKeyARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.", + "title": "AWSKMSKeyARN", "type": "string" - }, - "SendDelayMs": { - "markdownDescription": "", - "title": "SendDelayMs", - "type": "number" } }, + "required": [ + "AWSKMSKeyARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.CmafIngestOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration": { "additionalProperties": false, "properties": { - "NameModifier": { - "markdownDescription": "", - "title": "NameModifier", + "KinesisStreamARN": { + "markdownDescription": "The ARN of the source Kinesis data stream.", + "title": "KinesisStreamARN", + "type": "string" + }, + "RoleARN": { + "markdownDescription": "The ARN of the role that provides access to the source Kinesis data stream.", + "title": "RoleARN", "type": "string" } }, + "required": [ + "KinesisStreamARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.ColorCorrection": { + "AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration": { "additionalProperties": false, "properties": { - "InputColorSpace": { - "markdownDescription": "", - "title": "InputColorSpace", + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration", + "markdownDescription": "The authentication configuration of the Amazon MSK cluster.", + "title": "AuthenticationConfiguration" + }, + "MSKClusterARN": { + "markdownDescription": "The ARN of the Amazon MSK cluster.", + "title": "MSKClusterARN", "type": "string" }, - "OutputColorSpace": { - "markdownDescription": "", - "title": "OutputColorSpace", + "ReadFromTimestamp": { + "markdownDescription": "The start date and time in UTC for the offset position within your MSK topic from where Firehose begins to read. By default, this is set to timestamp when Firehose becomes Active.\n\nIf you want to create a Firehose stream with Earliest start position from SDK or CLI, you need to set the `ReadFromTimestamp` parameter to Epoch (1970-01-01T00:00:00Z).", + "title": "ReadFromTimestamp", "type": "string" }, - "Uri": { - "markdownDescription": "", - "title": "Uri", + "TopicName": { + "markdownDescription": "The topic name within the Amazon MSK cluster.", + "title": "TopicName", "type": "string" } }, + "required": [ + "AuthenticationConfiguration", + "MSKClusterARN", + "TopicName" + ], "type": "object" }, - "AWS::MediaLive::Channel.ColorCorrectionSettings": { + "AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe": { "additionalProperties": false, "properties": { - "GlobalColorCorrections": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrection" + "CaseInsensitive": { + "markdownDescription": "When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them.", + "title": "CaseInsensitive", + "type": "boolean" + }, + "ColumnToJsonKeyMappings": { + "additionalProperties": true, + "markdownDescription": "Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{\"ts\": \"timestamp\"}` to map this key to a column named `ts` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "", - "title": "GlobalColorCorrections", - "type": "array" + "title": "ColumnToJsonKeyMappings", + "type": "object" + }, + "ConvertDotsInJsonKeysToUnderscores": { + "markdownDescription": "When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option.\n\nThe default is `false` .", + "title": "ConvertDotsInJsonKeysToUnderscores", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.ColorSpacePassthroughSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.DolbyVision81Settings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.DvbNitSettings": { + "AWS::KinesisFirehose::DeliveryStream.OrcSerDe": { "additionalProperties": false, "properties": { - "NetworkId": { - "markdownDescription": "The numeric value placed in the Network Information Table (NIT).", - "title": "NetworkId", + "BlockSizeBytes": { + "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", + "title": "BlockSizeBytes", "type": "number" }, - "NetworkName": { - "markdownDescription": "The network name text placed in the networkNameDescriptor inside the Network Information Table (NIT). The maximum length is 256 characters.", - "title": "NetworkName", + "BloomFilterColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "The column names for which you want Firehose to create bloom filters. The default is `null` .", + "title": "BloomFilterColumns", + "type": "array" + }, + "BloomFilterFalsePositiveProbability": { + "markdownDescription": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1.", + "title": "BloomFilterFalsePositiveProbability", + "type": "number" + }, + "Compression": { + "markdownDescription": "The compression code to use over data blocks. The default is `SNAPPY` .", + "title": "Compression", "type": "string" }, - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", + "DictionaryKeyThreshold": { + "markdownDescription": "Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1.", + "title": "DictionaryKeyThreshold", + "type": "number" + }, + "EnablePadding": { + "markdownDescription": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` .", + "title": "EnablePadding", + "type": "boolean" + }, + "FormatVersion": { + "markdownDescription": "The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` .", + "title": "FormatVersion", + "type": "string" + }, + "PaddingTolerance": { + "markdownDescription": "A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.\n\nFor the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.\n\nKinesis Data Firehose ignores this parameter when `EnablePadding` is `false` .", + "title": "PaddingTolerance", + "type": "number" + }, + "RowIndexStride": { + "markdownDescription": "The number of rows between index entries. The default is 10,000 and the minimum is 1,000.", + "title": "RowIndexStride", + "type": "number" + }, + "StripeSizeBytes": { + "markdownDescription": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.", + "title": "StripeSizeBytes", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.DvbSdtSettings": { + "AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration": { "additionalProperties": false, "properties": { - "OutputSdt": { - "markdownDescription": "Selects a method of inserting SDT information into an output stream. The sdtFollow setting copies SDT information from input stream to output stream. The sdtFollowIfPresent setting copies SDT information from input stream to output stream if SDT information is present in the input. Otherwise, it falls back on the user-defined values. The sdtManual setting means that the user will enter the SDT information. The sdtNone setting means that the output stream will not contain SDT information.", - "title": "OutputSdt", - "type": "string" - }, - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", - "type": "number" - }, - "ServiceName": { - "markdownDescription": "The service name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", - "title": "ServiceName", - "type": "string" - }, - "ServiceProviderName": { - "markdownDescription": "The service provider name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", - "title": "ServiceProviderName", - "type": "string" + "Serializer": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Serializer", + "markdownDescription": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request.", + "title": "Serializer" } }, "type": "object" }, - "AWS::MediaLive::Channel.DvbSubDestinationSettings": { + "AWS::KinesisFirehose::DeliveryStream.ParquetSerDe": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "If no explicit xPosition or yPosition is provided, setting the alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. This option is not valid for source captions that are STL or 608/embedded. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "Alignment", - "type": "string" - }, - "BackgroundColor": { - "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundColor", - "type": "string" - }, - "BackgroundOpacity": { - "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "BackgroundOpacity", - "type": "number" - }, - "Font": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", - "title": "Font" - }, - "FontColor": { - "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "FontColor", - "type": "string" - }, - "FontOpacity": { - "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", - "title": "FontOpacity", - "type": "number" - }, - "FontResolution": { - "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", - "title": "FontResolution", - "type": "number" - }, - "FontSize": { - "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", - "title": "FontSize", - "type": "string" - }, - "OutlineColor": { - "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineColor", - "type": "string" - }, - "OutlineSize": { - "markdownDescription": "Specifies the font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "OutlineSize", + "BlockSizeBytes": { + "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", + "title": "BlockSizeBytes", "type": "number" }, - "ShadowColor": { - "markdownDescription": "Specifies the color of the shadow that is cast by the captions. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowColor", + "Compression": { + "markdownDescription": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.", + "title": "Compression", "type": "string" }, - "ShadowOpacity": { - "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", - "title": "ShadowOpacity", - "type": "number" + "EnableDictionaryCompression": { + "markdownDescription": "Indicates whether to enable dictionary compression.", + "title": "EnableDictionaryCompression", + "type": "boolean" }, - "ShadowXOffset": { - "markdownDescription": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowXOffset", + "MaxPaddingBytes": { + "markdownDescription": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0.", + "title": "MaxPaddingBytes", "type": "number" }, - "ShadowYOffset": { - "markdownDescription": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", - "title": "ShadowYOffset", + "PageSizeBytes": { + "markdownDescription": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", + "title": "PageSizeBytes", "type": "number" }, - "TeletextGridControl": { - "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies to only Teletext inputs and DVB-Sub/Burn-in outputs.", - "title": "TeletextGridControl", + "WriterVersion": { + "markdownDescription": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` .", + "title": "WriterVersion", "type": "string" - }, - "XPosition": { - "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "XPosition", - "type": "number" - }, - "YPosition": { - "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", - "title": "YPosition", - "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.DvbSubSourceSettings": { + "AWS::KinesisFirehose::DeliveryStream.PartitionField": { "additionalProperties": false, "properties": { - "OcrLanguage": { - "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", - "title": "OcrLanguage", + "SourceName": { + "markdownDescription": "The column name to be configured in partition spec.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "SourceName", "type": "string" - }, - "Pid": { - "markdownDescription": "When using DVB-Sub with burn-in or SMPTE-TT, use this PID for the source content. It is unused for DVB-Sub passthrough. All DVB-Sub content is passed through, regardless of selectors.", - "title": "Pid", - "type": "number" } }, + "required": [ + "SourceName" + ], "type": "object" }, - "AWS::MediaLive::Channel.DvbTdtSettings": { + "AWS::KinesisFirehose::DeliveryStream.PartitionSpec": { "additionalProperties": false, "properties": { - "RepInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", - "title": "RepInterval", - "type": "number" + "Identity": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.PartitionField" + }, + "markdownDescription": "List of identity [transforms](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#partition-transforms) that performs an identity transformation. The transform takes the source value, and does not modify it. Result type is the source type.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Identity", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.Eac3AtmosSettings": { + "AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "", - "title": "Bitrate", - "type": "number" - }, - "CodingMode": { - "markdownDescription": "", - "title": "CodingMode", - "type": "string" - }, - "Dialnorm": { - "markdownDescription": "", - "title": "Dialnorm", - "type": "number" - }, - "DrcLine": { - "markdownDescription": "", - "title": "DrcLine", - "type": "string" - }, - "DrcRf": { - "markdownDescription": "", - "title": "DrcRf", - "type": "string" - }, - "HeightTrim": { - "markdownDescription": "", - "title": "HeightTrim", - "type": "number" + "Enabled": { + "markdownDescription": "Indicates whether data processing is enabled (true) or disabled (false).", + "title": "Enabled", + "type": "boolean" }, - "SurroundTrim": { - "markdownDescription": "", - "title": "SurroundTrim", - "type": "number" + "Processors": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Processor" + }, + "markdownDescription": "The data processors.", + "title": "Processors", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.Eac3Settings": { + "AWS::KinesisFirehose::DeliveryStream.Processor": { "additionalProperties": false, "properties": { - "AttenuationControl": { - "markdownDescription": "When set to attenuate3Db, applies a 3 dB attenuation to the surround channels. Used only for the 3/2 coding mode.", - "title": "AttenuationControl", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", - "title": "Bitrate", - "type": "number" - }, - "BitstreamMode": { - "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted E-AC-3 stream. For more information, see ATSC A/52-2012 (Annex E).", - "title": "BitstreamMode", - "type": "string" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessorParameter" + }, + "markdownDescription": "The processor parameters.", + "title": "Parameters", + "type": "array" }, - "CodingMode": { - "markdownDescription": "The Dolby Digital Plus coding mode. This mode determines the number of channels.", - "title": "CodingMode", + "Type": { + "markdownDescription": "The type of processor. Valid values: `Lambda` .", + "title": "Type", "type": "string" - }, - "DcFilter": { - "markdownDescription": "When set to enabled, activates a DC highpass filter for all input channels.", - "title": "DcFilter", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.ProcessorParameter": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.", + "title": "ParameterName", "type": "string" }, - "Dialnorm": { - "markdownDescription": "Sets the dialnorm for the output. If blank and the input audio is Dolby Digital Plus, dialnorm will be passed through.", - "title": "Dialnorm", - "type": "number" - }, - "DrcLine": { - "markdownDescription": "Sets the Dolby dynamic range compression profile.", - "title": "DrcLine", + "ParameterValue": { + "markdownDescription": "The parameter value.", + "title": "ParameterValue", "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" }, - "DrcRf": { - "markdownDescription": "Sets the profile for heavy Dolby dynamic range compression, ensuring that the instantaneous signal peaks do not exceed specified levels.", - "title": "DrcRf", + "ClusterJDBCURL": { + "markdownDescription": "The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster.", + "title": "ClusterJDBCURL", "type": "string" }, - "LfeControl": { - "markdownDescription": "When encoding 3/2 audio, setting to lfe enables the LFE channel.", - "title": "LfeControl", - "type": "string" + "CopyCommand": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CopyCommand", + "markdownDescription": "Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket.", + "title": "CopyCommand" }, - "LfeFilter": { - "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. Valid only with a codingMode32 coding mode.", - "title": "LfeFilter", + "Password": { + "markdownDescription": "The password for the Amazon Redshift user that you specified in the `Username` property.", + "title": "Password", "type": "string" }, - "LoRoCenterMixLevel": { - "markdownDescription": "The Left only/Right only center mix level. Used only for the 3/2 coding mode.", - "title": "LoRoCenterMixLevel", - "type": "number" - }, - "LoRoSurroundMixLevel": { - "markdownDescription": "The Left only/Right only surround mix level. Used only for a 3/2 coding mode.", - "title": "LoRoSurroundMixLevel", - "type": "number" - }, - "LtRtCenterMixLevel": { - "markdownDescription": "The Left total/Right total center mix level. Used only for a 3/2 coding mode.", - "title": "LtRtCenterMixLevel", - "type": "number" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", + "title": "ProcessingConfiguration" }, - "LtRtSurroundMixLevel": { - "markdownDescription": "The Left total/Right total surround mix level. Used only for the 3/2 coding mode.", - "title": "LtRtSurroundMixLevel", - "type": "number" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).", + "title": "RetryOptions" }, - "MetadataControl": { - "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is not supplied from one of these streams, then the static metadata settings are used.", - "title": "MetadataControl", + "RoleARN": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "RoleARN", "type": "string" }, - "PassthroughControl": { - "markdownDescription": "When set to whenPossible, input DD+ audio will be passed through if it is present on the input. This detection is dynamic over the life of the transcode. Inputs that alternate between DD+ and non-DD+ content will have a consistent DD+ output as the system alternates between passthrough and encoding.", - "title": "PassthroughControl", - "type": "string" + "S3BackupConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for backup in Amazon S3.", + "title": "S3BackupConfiguration" }, - "PhaseControl": { - "markdownDescription": "When set to shift90Degrees, applies a 90-degree phase shift to the surround channels. Used only for a 3/2 coding mode.", - "title": "PhaseControl", + "S3BackupMode": { + "markdownDescription": "The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it.", + "title": "S3BackupMode", "type": "string" }, - "StereoDownmix": { - "markdownDescription": "A stereo downmix preference. Used only for the 3/2 coding mode.", - "title": "StereoDownmix", - "type": "string" + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them.", + "title": "S3Configuration" }, - "SurroundExMode": { - "markdownDescription": "When encoding 3/2 audio, sets whether an extra center back surround channel is matrix encoded into the left and right surround channels.", - "title": "SurroundExMode", - "type": "string" + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Amazon Redshift.", + "title": "SecretsManagerConfiguration" }, - "SurroundMode": { - "markdownDescription": "When encoding 2/0 audio, sets whether Dolby Surround is matrix-encoded into the two channels.", - "title": "SurroundMode", + "Username": { + "markdownDescription": "The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster.", + "title": "Username", "type": "string" } }, + "required": [ + "ClusterJDBCURL", + "CopyCommand", + "RoleARN", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.EbuTtDDestinationSettings": { + "AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions": { "additionalProperties": false, "properties": { - "CopyrightHolder": { - "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. Complete this field if you want to include the name of the copyright holder in the copyright metadata tag in the TTML", - "title": "CopyrightHolder", - "type": "string" - }, - "FillLineGap": { - "markdownDescription": "Specifies how to handle the gap between the lines (in multi-line captions). - enabled: Fill with the captions background color (as specified in the input captions).\n- disabled: Leave the gap unfilled.", - "title": "FillLineGap", - "type": "string" - }, - "FontFamily": { - "markdownDescription": "Specifies the font family to include in the font data attached to the EBU-TT captions. Valid only if styleControl is set to include. If you leave this field empty, the font family is set to \"monospaced\". (If styleControl is set to exclude, the font family is always set to \"monospaced\".) You specify only the font family. All other style information (color, bold, position and so on) is copied from the input captions. The size is always set to 100% to allow the downstream player to choose the size. - Enter a list of font families, as a comma-separated list of font names, in order of preference. The name can be a font family (such as \u201cArial\u201d), or a generic font family (such as \u201cserif\u201d), or \u201cdefault\u201d (to let the downstream player choose the font).\n- Leave blank to set the family to \u201cmonospace\u201d.", - "title": "FontFamily", - "type": "string" - }, - "StyleControl": { - "markdownDescription": "Specifies the style information (font color, font position, and so on) to include in the font data that is attached to the EBU-TT captions. - include: Take the style information (font color, font position, and so on) from the source captions and include that information in the font data attached to the EBU-TT captions. This option is valid only if the source captions are Embedded or Teletext.\n- exclude: In the font data attached to the EBU-TT captions, set the font family to \"monospaced\". Do not include any other style information.", - "title": "StyleControl", - "type": "string" + "DurationInSeconds": { + "markdownDescription": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value.", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.EmbeddedDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.EmbeddedSourceSettings": { + "AWS::KinesisFirehose::DeliveryStream.RetryOptions": { "additionalProperties": false, "properties": { - "Convert608To708": { - "markdownDescription": "If this is upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. If 708 data is present in the source content, it is discarded.", - "title": "Convert608To708", - "type": "string" - }, - "Scte20Detection": { - "markdownDescription": "Set to \"auto\" to handle streams with intermittent or non-aligned SCTE-20 and embedded captions.", - "title": "Scte20Detection", - "type": "string" - }, - "Source608ChannelNumber": { - "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions. This is unused for passthrough.", - "title": "Source608ChannelNumber", - "type": "number" - }, - "Source608TrackNumber": { - "markdownDescription": "This field is unused and deprecated.", - "title": "Source608TrackNumber", + "DurationInSeconds": { + "markdownDescription": "The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt.", + "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.EncoderSettings": { + "AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration": { "additionalProperties": false, "properties": { - "AudioDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDescription" - }, - "markdownDescription": "The encoding information for output audio.", - "title": "AudioDescriptions", - "type": "array" - }, - "AvailBlanking": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailBlanking", - "markdownDescription": "The settings for ad avail blanking.", - "title": "AvailBlanking" - }, - "AvailConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AvailConfiguration", - "markdownDescription": "The configuration settings for the ad avail handling.", - "title": "AvailConfiguration" - }, - "BlackoutSlate": { - "$ref": "#/definitions/AWS::MediaLive::Channel.BlackoutSlate", - "markdownDescription": "The settings for the blackout slate.", - "title": "BlackoutSlate" - }, - "CaptionDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDescription" - }, - "markdownDescription": "The encoding information for output captions.", - "title": "CaptionDescriptions", - "type": "array" - }, - "ColorCorrectionSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrectionSettings", - "markdownDescription": "", - "title": "ColorCorrectionSettings" - }, - "FeatureActivations": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FeatureActivations", - "markdownDescription": "Settings to enable specific features.", - "title": "FeatureActivations" - }, - "GlobalConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.GlobalConfiguration", - "markdownDescription": "The configuration settings that apply to the entire channel.", - "title": "GlobalConfiguration" + "BucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to.", + "title": "BucketARN", + "type": "string" }, - "MotionGraphicsConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsConfiguration", - "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsConfiguration" + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", + "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket.", + "title": "BufferingHints" }, - "NielsenConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenConfiguration", - "markdownDescription": "The settings to configure Nielsen watermarks.", - "title": "NielsenConfiguration" + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" }, - "OutputGroups": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroup" - }, - "markdownDescription": "The settings for the output groups in the channel.", - "title": "OutputGroups", - "type": "array" + "CompressionFormat": { + "markdownDescription": "The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", + "title": "CompressionFormat", + "type": "string" }, - "ThumbnailConfiguration": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ThumbnailConfiguration", - "markdownDescription": "", - "title": "ThumbnailConfiguration" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", + "markdownDescription": "Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket.", + "title": "EncryptionConfiguration" }, - "TimecodeConfig": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeConfig", - "markdownDescription": "Contains settings used to acquire and adjust timecode information from the inputs.", - "title": "TimecodeConfig" + "ErrorOutputPrefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", + "title": "ErrorOutputPrefix", + "type": "string" }, - "VideoDescriptions": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoDescription" - }, - "markdownDescription": "The encoding information for output videos.", - "title": "VideoDescriptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.EpochLockingSettings": { - "additionalProperties": false, - "properties": { - "CustomEpoch": { - "markdownDescription": "", - "title": "CustomEpoch", + "Prefix": { + "markdownDescription": "A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered.", + "title": "Prefix", "type": "string" }, - "JamSyncTime": { - "markdownDescription": "", - "title": "JamSyncTime", + "RoleARN": { + "markdownDescription": "The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* .", + "title": "RoleARN", "type": "string" } }, + "required": [ + "BucketARN", + "RoleARN" + ], "type": "object" }, - "AWS::MediaLive::Channel.Esam": { + "AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration": { "additionalProperties": false, "properties": { - "AcquisitionPointId": { - "markdownDescription": "", - "title": "AcquisitionPointId", + "CatalogId": { + "markdownDescription": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.", + "title": "CatalogId", "type": "string" }, - "AdAvailOffset": { - "markdownDescription": "", - "title": "AdAvailOffset", - "type": "number" + "DatabaseName": { + "markdownDescription": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified.", + "title": "DatabaseName", + "type": "string" }, - "PasswordParam": { - "markdownDescription": "", - "title": "PasswordParam", + "Region": { + "markdownDescription": "If you don't specify an AWS Region, the default is the current Region.", + "title": "Region", "type": "string" }, - "PoisEndpoint": { - "markdownDescription": "", - "title": "PoisEndpoint", + "RoleARN": { + "markdownDescription": "The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified.", + "title": "RoleARN", "type": "string" }, - "Username": { - "markdownDescription": "", - "title": "Username", + "TableName": { + "markdownDescription": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", + "title": "TableName", "type": "string" }, - "ZoneIdentity": { - "markdownDescription": "", - "title": "ZoneIdentity", + "VersionId": { + "markdownDescription": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up.", + "title": "VersionId", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.FailoverCondition": { + "AWS::KinesisFirehose::DeliveryStream.SchemaEvolutionConfiguration": { "additionalProperties": false, "properties": { - "FailoverConditionSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverConditionSettings", - "markdownDescription": "Settings for a specific failover condition.", - "title": "FailoverConditionSettings" + "Enabled": { + "markdownDescription": "Specify whether you want to enable schema evolution.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.FailoverConditionSettings": { + "AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration": { "additionalProperties": false, "properties": { - "AudioSilenceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSilenceFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if the specified audio selector is silent for the specified period.", - "title": "AudioSilenceSettings" + "Enabled": { + "markdownDescription": "Specifies whether you want to use the secrets manager feature. When set as `True` the secrets manager configuration overwrites the existing secrets in the destination configuration. When it's set to `False` Firehose falls back to the credentials in the destination configuration.", + "title": "Enabled", + "type": "boolean" }, - "InputLossSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if content is not detected in this input for the specified period.", - "title": "InputLossSettings" + "RoleARN": { + "markdownDescription": "Specifies the role that Firehose assumes when calling the Secrets Manager API operation. When you provide the role, it overrides any destination specific role defined in the destination configuration. If you do not provide the then we use the destination specific role. This parameter is required for Splunk.", + "title": "RoleARN", + "type": "string" }, - "VideoBlackSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoBlackFailoverSettings", - "markdownDescription": "MediaLive will perform a failover if content is considered black for the specified period.", - "title": "VideoBlackSettings" + "SecretARN": { + "markdownDescription": "The ARN of the secret that stores your credentials. It must be in the same region as the Firehose stream and the role. The secret ARN can reside in a different account than the Firehose stream and role as Firehose supports cross-account secret access. This parameter is required when *Enabled* is set to `True` .", + "title": "SecretARN", + "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::MediaLive::Channel.FeatureActivations": { + "AWS::KinesisFirehose::DeliveryStream.Serializer": { "additionalProperties": false, "properties": { - "InputPrepareScheduleActions": { - "markdownDescription": "Enables the Input Prepare feature. You can create Input Prepare actions in the schedule only if this feature is enabled.\nIf you disable the feature on an existing schedule, make sure that you first delete all input prepare actions from the schedule.", - "title": "InputPrepareScheduleActions", - "type": "string" + "OrcSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OrcSerDe", + "markdownDescription": "A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) .", + "title": "OrcSerDe" }, - "OutputStaticImageOverlayScheduleActions": { - "markdownDescription": "", - "title": "OutputStaticImageOverlayScheduleActions", - "type": "string" + "ParquetSerDe": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ParquetSerDe", + "markdownDescription": "A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/docs/contribution-guidelines/) .", + "title": "ParquetSerDe" } }, "type": "object" }, - "AWS::MediaLive::Channel.FecOutputSettings": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeBufferingHints": { "additionalProperties": false, "properties": { - "ColumnDepth": { - "markdownDescription": "The parameter D from SMPTE 2022-1. The height of the FEC protection matrix. The number of transport stream packets per column error correction packet. The number must be between 4 and 20, inclusive.", - "title": "ColumnDepth", + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 0.", + "title": "IntervalInSeconds", "type": "number" }, - "IncludeFec": { - "markdownDescription": "Enables column only or column and row-based FEC.", - "title": "IncludeFec", - "type": "string" - }, - "RowLength": { - "markdownDescription": "The parameter L from SMPTE 2022-1. The width of the FEC protection matrix. Must be between 1 and 20, inclusive. If only Column FEC is used, then larger values increase robustness. If Row FEC is used, then this is the number of transport stream packets per row error correction packet, and the value must be between 4 and 20, inclusive, if includeFec is columnAndRow. If includeFec is column, this value must be 1 to 20, inclusive.", - "title": "RowLength", + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 128.", + "title": "SizeInMBs", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.Fmp4HlsSettings": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration": { "additionalProperties": false, "properties": { - "AudioRenditionSets": { - "markdownDescription": "List all the audio groups that are used with the video output stream. Input all the audio GROUP-IDs that are associated to the video, separate by ','.", - "title": "AudioRenditionSets", + "AccountUrl": { + "markdownDescription": "URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional.", + "title": "AccountUrl", "type": "string" }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeBufferingHints", + "markdownDescription": "Describes the buffering to perform before delivering data to the Snowflake destination. If you do not specify any value, Firehose uses the default values.", + "title": "BufferingHints" + }, + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "", + "title": "CloudWatchLoggingOptions" + }, + "ContentColumnName": { + "markdownDescription": "The name of the record content column.", + "title": "ContentColumnName", "type": "string" }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", + "DataLoadingOption": { + "markdownDescription": "Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column.", + "title": "DataLoadingOption", + "type": "string" + }, + "Database": { + "markdownDescription": "All data in Snowflake is maintained in databases.", + "title": "Database", + "type": "string" + }, + "KeyPassphrase": { + "markdownDescription": "Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", + "title": "KeyPassphrase", + "type": "string" + }, + "MetaDataColumnName": { + "markdownDescription": "Specify a column name in the table, where the metadata information has to be loaded. When you enable this field, you will see the following column in the snowflake table, which differs based on the source type.\n\nFor Direct PUT as source\n\n`{ \"firehoseDeliveryStreamName\" : \"streamname\", \"IngestionTime\" : \"timestamp\" }`\n\nFor Kinesis Data Stream as source\n\n`\"kinesisStreamName\" : \"streamname\", \"kinesisShardId\" : \"Id\", \"kinesisPartitionKey\" : \"key\", \"kinesisSequenceNumber\" : \"1234\", \"subsequenceNumber\" : \"2334\", \"IngestionTime\" : \"timestamp\" }`", + "title": "MetaDataColumnName", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", + "title": "PrivateKey", + "type": "string" + }, + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "", + "title": "ProcessingConfiguration" + }, + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions", + "markdownDescription": "The time period where Firehose will retry sending data to the chosen HTTP endpoint.", + "title": "RetryOptions" + }, + "RoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Snowflake role", + "title": "RoleARN", + "type": "string" + }, + "S3BackupMode": { + "markdownDescription": "Choose an S3 backup mode", + "title": "S3BackupMode", + "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "", + "title": "S3Configuration" + }, + "Schema": { + "markdownDescription": "Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views", + "title": "Schema", + "type": "string" + }, + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Snowflake.", + "title": "SecretsManagerConfiguration" + }, + "SnowflakeRoleConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration", + "markdownDescription": "Optionally configure a Snowflake role. Otherwise the default user role will be used.", + "title": "SnowflakeRoleConfiguration" + }, + "SnowflakeVpcConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration", + "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", + "title": "SnowflakeVpcConfiguration" + }, + "Table": { + "markdownDescription": "All data in Snowflake is stored in database tables, logically structured as collections of columns and rows.", + "title": "Table", + "type": "string" + }, + "User": { + "markdownDescription": "User login name for the Snowflake account.", + "title": "User", "type": "string" } }, + "required": [ + "AccountUrl", + "Database", + "RoleARN", + "S3Configuration", + "Schema", + "Table" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureCdnSettings": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions": { "additionalProperties": false, "properties": { - "FrameCaptureS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this Frame Capture output.", - "title": "FrameCaptureS3Settings" + "DurationInSeconds": { + "markdownDescription": "the time period where Firehose will retry sending data to the chosen HTTP endpoint.", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureGroupSettings": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The destination for the frame capture files. The destination is either the URI for an Amazon S3 bucket and object, plus a file name prefix (for example, s3ssl://sportsDelivery/highlights/20180820/curling_) or the URI for a MediaStore container, plus a file name prefix (for example, mediastoressl://sportsDelivery/20180820/curling_). The final file names consist of the prefix from the destination field (for example, \"curling_\") + name modifier + the counter (5 digits, starting from 00001) + extension (which is always .jpg). For example, curlingLow.00001.jpg.", - "title": "Destination" + "Enabled": { + "markdownDescription": "Enable Snowflake role", + "title": "Enabled", + "type": "boolean" }, - "FrameCaptureCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureCdnSettings", - "markdownDescription": "Settings to configure the destination of a Frame Capture output.", - "title": "FrameCaptureCdnSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.FrameCaptureHlsSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.FrameCaptureOutputSettings": { - "additionalProperties": false, - "properties": { - "NameModifier": { - "markdownDescription": "Required if the output group contains more than one output. This modifier forms part of the output file name.", - "title": "NameModifier", + "SnowflakeRole": { + "markdownDescription": "The Snowflake role you wish to configure", + "title": "SnowflakeRole", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureS3Settings": { + "AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", + "PrivateLinkVpceId": { + "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", + "title": "PrivateLinkVpceId", "type": "string" } }, + "required": [ + "PrivateLinkVpceId" + ], "type": "object" }, - "AWS::MediaLive::Channel.FrameCaptureSettings": { + "AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints": { "additionalProperties": false, "properties": { - "CaptureInterval": { - "markdownDescription": "The frequency, in seconds, for capturing frames for inclusion in the output. For example, \"10\" means capture a frame every 10 seconds.", - "title": "CaptureInterval", + "IntervalInSeconds": { + "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute).", + "title": "IntervalInSeconds", "type": "number" }, - "CaptureIntervalUnits": { - "markdownDescription": "Unit for the frame capture interval.", - "title": "CaptureIntervalUnits", - "type": "string" - }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" + "SizeInMBs": { + "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.", + "title": "SizeInMBs", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.GlobalConfiguration": { + "AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration": { "additionalProperties": false, "properties": { - "InitialAudioGain": { - "markdownDescription": "The value to set the initial audio gain for the channel.", - "title": "InitialAudioGain", + "BufferingHints": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints", + "markdownDescription": "The buffering options. If no value is specified, the default values for Splunk are used.", + "title": "BufferingHints" + }, + "CloudWatchLoggingOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", + "markdownDescription": "The Amazon CloudWatch logging options for your Firehose stream.", + "title": "CloudWatchLoggingOptions" + }, + "HECAcknowledgmentTimeoutInSeconds": { + "markdownDescription": "The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings.", + "title": "HECAcknowledgmentTimeoutInSeconds", "type": "number" }, - "InputEndAction": { - "markdownDescription": "Indicates the action to take when the current input completes (for example, end-of-file). When switchAndLoopInputs is configured, MediaLive restarts at the beginning of the first input. When \"none\" is configured, MediaLive transcodes either black, a solid color, or a user-specified slate images per the \"Input Loss Behavior\" configuration until the next input switch occurs (which is controlled through the Channel Schedule API).", - "title": "InputEndAction", + "HECEndpoint": { + "markdownDescription": "The HTTP Event Collector (HEC) endpoint to which Firehose sends your data.", + "title": "HECEndpoint", "type": "string" }, - "InputLossBehavior": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossBehavior", - "markdownDescription": "The settings for system actions when the input is lost.", - "title": "InputLossBehavior" + "HECEndpointType": { + "markdownDescription": "This type can be either `Raw` or `Event` .", + "title": "HECEndpointType", + "type": "string" }, - "OutputLockingMode": { - "markdownDescription": "Indicates how MediaLive pipelines are synchronized. PIPELINELOCKING - MediaLive attempts to synchronize the output of each pipeline to the other. EPOCHLOCKING - MediaLive attempts to synchronize the output of each pipeline to the Unix epoch.", - "title": "OutputLockingMode", + "HECToken": { + "markdownDescription": "This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.", + "title": "HECToken", "type": "string" }, - "OutputLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLockingSettings", - "markdownDescription": "", - "title": "OutputLockingSettings" + "ProcessingConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", + "markdownDescription": "The data processing configuration.", + "title": "ProcessingConfiguration" }, - "OutputTimingSource": { - "markdownDescription": "Indicates whether the rate of frames emitted by the Live encoder should be paced by its system clock (which optionally might be locked to another source through NTP) or should be locked to the clock of the source that is providing the input stream.", - "title": "OutputTimingSource", - "type": "string" + "RetryOptions": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions", + "markdownDescription": "The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk.", + "title": "RetryOptions" }, - "SupportLowFramerateInputs": { - "markdownDescription": "Adjusts the video input buffer for streams with very low video frame rates. This is commonly set to enabled for music channels with less than one video frame per second.", - "title": "SupportLowFramerateInputs", + "S3BackupMode": { + "markdownDescription": "Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` .\n\nYou can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` .", + "title": "S3BackupMode", "type": "string" + }, + "S3Configuration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", + "markdownDescription": "The configuration for the backup Amazon S3 location.", + "title": "S3Configuration" + }, + "SecretsManagerConfiguration": { + "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SecretsManagerConfiguration", + "markdownDescription": "The configuration that defines how you access secrets for Splunk.", + "title": "SecretsManagerConfiguration" } }, + "required": [ + "HECEndpoint", + "HECEndpointType", + "S3Configuration" + ], "type": "object" }, - "AWS::MediaLive::Channel.H264ColorSpaceSettings": { + "AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions": { "additionalProperties": false, "properties": { - "ColorSpacePassthroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", - "markdownDescription": "Passthrough applies no color space conversion to the output.", - "title": "ColorSpacePassthroughSettings" - }, - "Rec601Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", - "markdownDescription": "Settings to configure the handling of Rec601 color space.", - "title": "Rec601Settings" - }, - "Rec709Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", - "markdownDescription": "Settings to configure the handling of Rec709 color space.", - "title": "Rec709Settings" + "DurationInSeconds": { + "markdownDescription": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt.", + "title": "DurationInSeconds", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.H264FilterSettings": { + "AWS::KinesisFirehose::DeliveryStream.TableCreationConfiguration": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "Enabled": { + "markdownDescription": "Specify whether you want to enable automatic table creation.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaLive::Channel.H264Settings": { + "AWS::KinesisFirehose::DeliveryStream.VpcConfiguration": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "The adaptive quantization. This allows intra-frame quantizers to vary to improve visual quality.", - "title": "AdaptiveQuantization", - "type": "string" - }, - "AfdSignaling": { - "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is auto, the system tries to preserve the input AFD value (in cases where multiple AFD values are valid). If set to fixed, the AFD value is the value configured in the fixedAfd parameter.", - "title": "AfdSignaling", + "RoleARN": { + "markdownDescription": "The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:\n\n- `ec2:DescribeVpcs`\n- `ec2:DescribeVpcAttribute`\n- `ec2:DescribeSubnets`\n- `ec2:DescribeSecurityGroups`\n- `ec2:DescribeNetworkInterfaces`\n- `ec2:CreateNetworkInterface`\n- `ec2:CreateNetworkInterfacePermission`\n- `ec2:DeleteNetworkInterface`\n\nIf you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.", + "title": "RoleARN", "type": "string" }, - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second. This is required when the rate control mode is VBR or CBR. It isn't used for QVBR. In a Microsoft Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", - "title": "Bitrate", - "type": "number" - }, - "BufFillPct": { - "markdownDescription": "The percentage of the buffer that should initially be filled (HRD buffer model).", - "title": "BufFillPct", - "type": "number" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic.", + "title": "SecurityGroupIds", + "type": "array" }, - "BufSize": { - "markdownDescription": "The size of the buffer (HRD buffer model) in bits/second.", - "title": "BufSize", - "type": "number" - }, - "ColorMetadata": { - "markdownDescription": "Includes color space metadata in the output.", - "title": "ColorMetadata", - "type": "string" - }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264ColorSpaceSettings", - "markdownDescription": "Settings to configure the color space handling for the video.", - "title": "ColorSpaceSettings" - }, - "EntropyEncoding": { - "markdownDescription": "The entropy encoding mode. Use cabac (must be in Main or High profile) or cavlc.", - "title": "EntropyEncoding", - "type": "string" - }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264FilterSettings", - "markdownDescription": "Optional filters that you can apply to an encode.", - "title": "FilterSettings" - }, - "FixedAfd": { - "markdownDescription": "A four-bit AFD value to write on all frames of video in the output stream. Valid only when afdSignaling is set to Fixed.", - "title": "FixedAfd", - "type": "string" - }, - "FlickerAq": { - "markdownDescription": "If set to enabled, adjusts the quantization within each frame to reduce flicker or pop on I-frames.", - "title": "FlickerAq", - "type": "string" - }, - "ForceFieldPictures": { - "markdownDescription": "This setting applies only when scan type is \"interlaced.\" It controls whether coding is performed on a field basis or on a frame basis. (When the video is progressive, the coding is always performed on a frame basis.)\nenabled: Force MediaLive to code on a field basis, so that odd and even sets of fields are coded separately.\ndisabled: Code the two sets of fields separately (on a field basis) or together (on a frame basis using PAFF), depending on what is most appropriate for the content.", - "title": "ForceFieldPictures", - "type": "string" - }, - "FramerateControl": { - "markdownDescription": "Indicates how the output video frame rate is specified. If you select \"specified,\" the output video frame rate is determined by framerateNumerator and framerateDenominator. If you select \"initializeFromSource,\" the output video frame rate is set equal to the input video frame rate of the first input.", - "title": "FramerateControl", + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.\n\nThe number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here.", + "title": "SubnetIds", + "type": "array" + } + }, + "required": [ + "RoleARN", + "SecurityGroupIds", + "SubnetIds" + ], + "type": "object" + }, + "AWS::KinesisVideo::SignalingChannel": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "FramerateDenominator": { - "markdownDescription": "The frame rate denominator.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "The frame rate numerator. The frame rate is a fraction, for example, 24000/1001 = 23.976 fps.", - "title": "FramerateNumerator", - "type": "number" - }, - "GopBReference": { - "markdownDescription": "If enabled, uses reference B frames for GOP structures that have B frames > 1.", - "title": "GopBReference", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "GopClosedCadence": { - "markdownDescription": "The frequency of closed GOPs. In streaming applications, we recommend that you set this to 1 so that a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", - "title": "GopClosedCadence", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "GopNumBFrames": { - "markdownDescription": "The number of B-frames between reference frames.", - "title": "GopNumBFrames", - "type": "number" + "Metadata": { + "type": "object" }, - "GopSize": { - "markdownDescription": "The GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits. The value must be greater than zero.", - "title": "GopSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "MessageTtlSeconds": { + "markdownDescription": "The period of time (in seconds) a signaling channel retains undelivered messages before they are discarded. Use `API_UpdateSignalingChannel` to update this value.", + "title": "MessageTtlSeconds", + "type": "number" + }, + "Name": { + "markdownDescription": "A name for the signaling channel that you are creating. It must be unique for each AWS account and AWS Region .", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "A type of the signaling channel that you are creating. Currently, `SINGLE_MASTER` is the only supported channel type.", + "title": "Type", + "type": "string" + } + }, + "type": "object" }, - "GopSizeUnits": { - "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds, the system converts the gopSize into a frame count at runtime.", - "title": "GopSizeUnits", + "Type": { + "enum": [ + "AWS::KinesisVideo::SignalingChannel" + ], "type": "string" }, - "Level": { - "markdownDescription": "The H.264 level.", - "title": "Level", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "LookAheadRateControl": { - "markdownDescription": "The amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", - "title": "LookAheadRateControl", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::KinesisVideo::Stream": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "MaxBitrate": { - "markdownDescription": "For QVBR: See the tooltip for Quality level. For VBR: Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.", - "title": "MaxBitrate", - "type": "number" - }, - "MinIInterval": { - "markdownDescription": "Meaningful only if sceneChangeDetect is set to enabled. This setting enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting the I-interval. The normal cadence resumes for the next GOP. Note that the maximum GOP stretch = GOP size + Min-I-interval - 1.", - "title": "MinIInterval", - "type": "number" - }, - "NumRefFrames": { - "markdownDescription": "The number of reference frames to use. The encoder might use more than requested if you use B-frames or interlaced encoding.", - "title": "NumRefFrames", - "type": "number" - }, - "ParControl": { - "markdownDescription": "Indicates how the output pixel aspect ratio is specified. If \"specified\" is selected, the output video pixel aspect ratio is determined by parNumerator and parDenominator. If \"initializeFromSource\" is selected, the output pixels aspect ratio will be set equal to the input video pixel aspect ratio of the first input.", - "title": "ParControl", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ParDenominator": { - "markdownDescription": "The Pixel Aspect Ratio denominator.", - "title": "ParDenominator", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParNumerator": { - "markdownDescription": "The Pixel Aspect Ratio numerator.", - "title": "ParNumerator", - "type": "number" + "Metadata": { + "type": "object" }, - "Profile": { - "markdownDescription": "An H.264 profile.", - "title": "Profile", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DataRetentionInHours": { + "markdownDescription": "How long the stream retains data, in hours.", + "title": "DataRetentionInHours", + "type": "number" + }, + "DeviceName": { + "markdownDescription": "The name of the device that is associated with the stream.", + "title": "DeviceName", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key that Kinesis Video Streams uses to encrypt data on the stream.", + "title": "KmsKeyId", + "type": "string" + }, + "MediaType": { + "markdownDescription": "The `MediaType` of the stream.", + "title": "MediaType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the stream.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "QualityLevel": { - "markdownDescription": "Leave as STANDARD_QUALITY or choose a different value (which might result in additional costs to run the channel).\n- ENHANCED_QUALITY: Produces a slightly better video quality without an increase in the bitrate. Has an effect only when the Rate control mode is QVBR or CBR. If this channel is in a MediaLive multiplex, the value must be ENHANCED_QUALITY.\n- STANDARD_QUALITY: Valid for any Rate control mode.", - "title": "QualityLevel", + "Type": { + "enum": [ + "AWS::KinesisVideo::Stream" + ], "type": "string" }, - "QvbrQualityLevel": { - "markdownDescription": "Controls the target quality for the video encode. This applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are: - Primary screen: Quality level: 8 to 10. Max bitrate: 4M - PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M - Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M.", - "title": "QvbrQualityLevel", - "type": "number" - }, - "RateControlMode": { - "markdownDescription": "The rate control mode. QVBR: The quality will match the specified quality level except when it is constrained by the maximum bitrate. We recommend this if you or your viewers pay for bandwidth. VBR: The quality and bitrate vary, depending on the video complexity. We recommend this instead of QVBR if you want to maintain a specific average bitrate over the duration of the channel. CBR: The quality varies, depending on the video complexity. We recommend this only if you distribute your assets to devices that can't handle variable bitrates.", - "title": "RateControlMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ScanType": { - "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", - "title": "ScanType", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::LakeFormation::DataCellsFilter": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "SceneChangeDetect": { - "markdownDescription": "The scene change detection. On: inserts I-frames when the scene change is detected. Off: does not force an I-frame when the scene change is detected.", - "title": "SceneChangeDetect", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Slices": { - "markdownDescription": "The number of slices per picture. The number must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures. This field is optional. If you don't specify a value, MediaLive chooses the number of slices based on the encode resolution.", - "title": "Slices", - "type": "number" - }, - "Softness": { - "markdownDescription": "Softness. Selects a quantizer matrix. Larger values reduce high-frequency content in the encoded image.", - "title": "Softness", - "type": "number" - }, - "SpatialAq": { - "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the spatial variation of content complexity.", - "title": "SpatialAq", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SubgopLength": { - "markdownDescription": "If set to fixed, uses gopNumBFrames B-frames per sub-GOP. If set to dynamic, optimizes the number of B-frames used for each sub-GOP to improve visual quality.", - "title": "SubgopLength", - "type": "string" + "Metadata": { + "type": "object" }, - "Syntax": { - "markdownDescription": "Produces a bitstream that is compliant with SMPTE RP-2027.", - "title": "Syntax", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of UTF-8 strings. A list of column names.", + "title": "ColumnNames", + "type": "array" + }, + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.ColumnWildcard", + "markdownDescription": "A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .", + "title": "ColumnWildcard" + }, + "DatabaseName": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA database in the Data Catalog .", + "title": "DatabaseName", + "type": "string" + }, + "Name": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe name given by the user to the data filter cell.", + "title": "Name", + "type": "string" + }, + "RowFilter": { + "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.RowFilter", + "markdownDescription": "A PartiQL predicate.", + "title": "RowFilter" + }, + "TableCatalogId": { + "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe ID of the catalog to which the table belongs.", + "title": "TableCatalogId", + "type": "string" + }, + "TableName": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA table in the database.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "Name", + "TableCatalogId", + "TableName" + ], + "type": "object" }, - "TemporalAq": { - "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the temporal variation of content complexity.", - "title": "TemporalAq", + "Type": { + "enum": [ + "AWS::LakeFormation::DataCellsFilter" + ], "type": "string" }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" - }, - "TimecodeInsertion": { - "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream. disabled: don't include timecodes. picTimingSei: pass through picture timing SEI messages from the source specified in Timecode Config.", - "title": "TimecodeInsertion", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.H265ColorSpaceSettings": { + "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { "additionalProperties": false, "properties": { - "ColorSpacePassthroughSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", - "markdownDescription": "Passthrough applies no color space conversion to the output.", - "title": "ColorSpacePassthroughSettings" - }, - "DolbyVision81Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DolbyVision81Settings", - "markdownDescription": "", - "title": "DolbyVision81Settings" - }, - "Hdr10Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", - "markdownDescription": "Settings to configure the handling of HDR10 color space.", - "title": "Hdr10Settings" - }, - "Rec601Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", - "markdownDescription": "Settings to configure the handling of Rec601 color space.", - "title": "Rec601Settings" - }, - "Rec709Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", - "markdownDescription": "Settings to configure the handling of Rec709 color space.", - "title": "Rec709Settings" + "ExcludedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.H265FilterSettings": { + "AWS::LakeFormation::DataCellsFilter.RowFilter": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "AllRowsWildcard": { + "markdownDescription": "A wildcard for all rows.", + "title": "AllRowsWildcard", + "type": "object" + }, + "FilterExpression": { + "markdownDescription": "A filter expression.", + "title": "FilterExpression", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.H265Settings": { + "AWS::LakeFormation::DataLakeSettings": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "Adaptive quantization. Allows intra-frame quantizers to vary to improve visual quality.", - "title": "AdaptiveQuantization", - "type": "string" - }, - "AfdSignaling": { - "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is \"auto\", the system will try to preserve the input AFD value (in cases where multiple AFD values are valid). If set to \"fixed\", the AFD value will be the value configured in the fixedAfd parameter.", - "title": "AfdSignaling", - "type": "string" - }, - "AlternativeTransferFunction": { - "markdownDescription": "Whether or not EML should insert an Alternative Transfer Function SEI message to support backwards compatibility with non-HDR decoders and displays.", - "title": "AlternativeTransferFunction", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "Average bitrate in bits/second. Required when the rate control mode is VBR or CBR. Not used for QVBR. In an MS Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", - "title": "Bitrate", - "type": "number" - }, - "BufSize": { - "markdownDescription": "Size of buffer (HRD buffer model) in bits.", - "title": "BufSize", - "type": "number" - }, - "ColorMetadata": { - "markdownDescription": "Includes colorspace metadata in the output.", - "title": "ColorMetadata", - "type": "string" - }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265ColorSpaceSettings", - "markdownDescription": "Color Space settings", - "title": "ColorSpaceSettings" - }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265FilterSettings", - "markdownDescription": "Optional filters that you can apply to an encode.", - "title": "FilterSettings" - }, - "FixedAfd": { - "markdownDescription": "Four bit AFD value to write on all frames of video in the output stream. Only valid when afdSignaling is set to 'Fixed'.", - "title": "FixedAfd", - "type": "string" - }, - "FlickerAq": { - "markdownDescription": "If set to enabled, adjust quantization within each frame to reduce flicker or 'pop' on I-frames.", - "title": "FlickerAq", - "type": "string" - }, - "FramerateDenominator": { - "markdownDescription": "Framerate denominator.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "Framerate numerator - framerate is a fraction, e.g. 24000 / 1001 = 23.976 fps.", - "title": "FramerateNumerator", - "type": "number" - }, - "GopClosedCadence": { - "markdownDescription": "Frequency of closed GOPs. In streaming applications, it is recommended that this be set to 1 so a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", - "title": "GopClosedCadence", - "type": "number" - }, - "GopSize": { - "markdownDescription": "GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits.\nIf gopSizeUnits is frames, gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, gopSize must be greater than 0, but need not be an integer.", - "title": "GopSize", - "type": "number" - }, - "GopSizeUnits": { - "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds the system will convert the gopSize into a frame count at run time.", - "title": "GopSizeUnits", - "type": "string" - }, - "Level": { - "markdownDescription": "H.265 Level.", - "title": "Level", - "type": "string" - }, - "LookAheadRateControl": { - "markdownDescription": "Amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", - "title": "LookAheadRateControl", + "Condition": { "type": "string" }, - "MaxBitrate": { - "markdownDescription": "For QVBR: See the tooltip for Quality level", - "title": "MaxBitrate", - "type": "number" - }, - "MinIInterval": { - "markdownDescription": "Only meaningful if sceneChangeDetect is set to enabled. Defaults to 5 if multiplex rate control is used. Enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk and/or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting I-interval. The normal cadence resumes for the next GOP. Note: Maximum GOP stretch = GOP size + Min-I-interval - 1", - "title": "MinIInterval", - "type": "number" - }, - "MvOverPictureBoundaries": { - "markdownDescription": "", - "title": "MvOverPictureBoundaries", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MvTemporalPredictor": { - "markdownDescription": "", - "title": "MvTemporalPredictor", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParDenominator": { - "markdownDescription": "Pixel Aspect Ratio denominator.", - "title": "ParDenominator", - "type": "number" + "Metadata": { + "type": "object" }, - "ParNumerator": { - "markdownDescription": "Pixel Aspect Ratio numerator.", - "title": "ParNumerator", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Admins": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.Admins", + "markdownDescription": "A list of AWS Lake Formation principals.", + "title": "Admins" + }, + "AllowExternalDataFiltering": { + "markdownDescription": "Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation .\n\nIf set to true, you allow Amazon EMR clusters or other third-party engines to access data in Amazon S3 locations that are registered with Lake Formation .\n\nIf false or null, no third-party query engines will be able to access data in Amazon S3 locations that are registered with Lake Formation.\n\nFor more information, see [External data filtering setting](https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter) .", + "title": "AllowExternalDataFiltering", + "type": "boolean" + }, + "AllowFullTableExternalDataAccess": { + "markdownDescription": "Specifies whether query engines and applications can get credentials without IAM session tags if the user has full table access. It provides query engines and applications performance benefits as well as simplifies data access. Amazon EMR on Amazon EC2 is able to leverage this setting.\n\nFor more information, see [](https://docs.aws.amazon.com/lake-formation/latest/dg/using-cred-vending.html)", + "title": "AllowFullTableExternalDataAccess", + "type": "boolean" + }, + "AuthorizedSessionTagValueList": { + "items": { + "type": "string" + }, + "markdownDescription": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = \"LakeFormationTrustedCaller\" and value = \"TRUE\" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation 's administrative API operations.", + "title": "AuthorizedSessionTagValueList", + "type": "array" + }, + "CreateDatabaseDefaultPermissions": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions", + "markdownDescription": "Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicates that the user's IAM permissions determine the access to the database. This is referred to as the setting \"Use only IAM access control,\" and is to support backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", + "title": "CreateDatabaseDefaultPermissions" + }, + "CreateTableDefaultPermissions": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions", + "markdownDescription": "Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicate that the user's IAM permissions determine the access to the table. This is referred to as the setting \"Use only IAM access control,\" and is to support the backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` permissions to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", + "title": "CreateTableDefaultPermissions" + }, + "ExternalDataFilteringAllowList": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList", + "markdownDescription": "A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering.", + "title": "ExternalDataFilteringAllowList" + }, + "MutationType": { + "markdownDescription": "Specifies whether the data lake settings are updated by adding new values to the current settings ( `APPEND` ) or by replacing the current settings with new settings ( `REPLACE` ).\n\n> If you choose `REPLACE` , your current data lake settings will be replaced with the new values in your template.", + "title": "MutationType", + "type": "string" + }, + "Parameters": { + "markdownDescription": "A key-value map that provides an additional configuration on your data lake. `CrossAccountVersion` is the key you can configure in the `Parameters` field. Accepted values for the `CrossAccountVersion` key are 1, 2, 3, and 4.", + "title": "Parameters", + "type": "object" + }, + "TrustedResourceOwners": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of UTF-8 strings.\n\nA list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.", + "title": "TrustedResourceOwners", + "type": "array" + } + }, + "type": "object" }, - "Profile": { - "markdownDescription": "H.265 Profile.", - "title": "Profile", + "Type": { + "enum": [ + "AWS::LakeFormation::DataLakeSettings" + ], "type": "string" }, - "QvbrQualityLevel": { - "markdownDescription": "Controls the target quality for the video encode. Applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are:\n- Primary screen: Quality level: 8 to 10. Max bitrate: 4M\n- PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M\n- Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M", - "title": "QvbrQualityLevel", - "type": "number" - }, - "RateControlMode": { - "markdownDescription": "Rate control mode. QVBR: Quality will match the specified quality level except when it is constrained by the\nmaximum bitrate. Recommended if you or your viewers pay for bandwidth. CBR: Quality varies, depending on the video complexity. Recommended only if you distribute\nyour assets to devices that cannot handle variable bitrates. Multiplex: This rate control mode is only supported (and is required) when the video is being\ndelivered to a MediaLive Multiplex in which case the rate control configuration is controlled\nby the properties within the Multiplex Program.", - "title": "RateControlMode", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ScanType": { - "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", - "title": "ScanType", + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.Admins": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.DataLakePrincipal": { + "additionalProperties": false, + "properties": { + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" + } + }, + "required": [ + "DataLakePrincipalIdentifier" + ], + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::DataLakeSettings.PrincipalPermissions": { + "additionalProperties": false, + "properties": { + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions that are granted to the principal.", + "title": "Permissions", + "type": "array" }, - "SceneChangeDetect": { - "markdownDescription": "Scene change detection.", - "title": "SceneChangeDetect", + "Principal": { + "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.DataLakePrincipal", + "markdownDescription": "The principal who is granted permissions.", + "title": "Principal" + } + }, + "required": [ + "Permissions", + "Principal" + ], + "type": "object" + }, + "AWS::LakeFormation::Permissions": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Slices": { - "markdownDescription": "Number of slices per picture. Must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures.\nThis field is optional; when no value is specified the encoder will choose the number of slices based on encode resolution.", - "title": "Slices", - "type": "number" - }, - "Tier": { - "markdownDescription": "H.265 Tier.", - "title": "Tier", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TileHeight": { - "markdownDescription": "", - "title": "TileHeight", - "type": "number" - }, - "TilePadding": { - "markdownDescription": "", - "title": "TilePadding", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TileWidth": { - "markdownDescription": "", - "title": "TileWidth", - "type": "number" + "Metadata": { + "type": "object" }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" + "Properties": { + "additionalProperties": false, + "properties": { + "DataLakePrincipal": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLakePrincipal", + "markdownDescription": "The AWS Lake Formation principal.", + "title": "DataLakePrincipal" + }, + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions granted or revoked.", + "title": "Permissions", + "type": "array" + }, + "PermissionsWithGrantOption": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", + "title": "PermissionsWithGrantOption", + "type": "array" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.Resource", + "markdownDescription": "A structure for the resource.", + "title": "Resource" + } + }, + "required": [ + "DataLakePrincipal", + "Resource" + ], + "type": "object" }, - "TimecodeInsertion": { - "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream.\n- 'disabled': Do not include timecodes\n- 'picTimingSei': Pass through picture timing SEI messages from the source specified in Timecode Config", - "title": "TimecodeInsertion", + "Type": { + "enum": [ + "AWS::LakeFormation::Permissions" + ], "type": "string" }, - "TreeblockSize": { - "markdownDescription": "", - "title": "TreeblockSize", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.Hdr10Settings": { + "AWS::LakeFormation::Permissions.ColumnWildcard": { "additionalProperties": false, "properties": { - "MaxCll": { - "markdownDescription": "Maximum Content Light Level\nAn integer metadata value defining the maximum light level, in nits,\nof any single pixel within an encoded HDR video stream or file.", - "title": "MaxCll", - "type": "number" - }, - "MaxFall": { - "markdownDescription": "Maximum Frame Average Light Level\nAn integer metadata value defining the maximum average light level, in nits,\nfor any single frame within an encoded HDR video stream or file.", - "title": "MaxFall", - "type": "number" + "ExcludedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsAkamaiSettings": { + "AWS::LakeFormation::Permissions.DataLakePrincipal": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "HttpTransferMode": { - "markdownDescription": "Specifies whether to use chunked transfer encoding to Akamai. To enable this feature, contact Akamai.", - "title": "HttpTransferMode", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LakeFormation::Permissions.DataLocationResource": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that will be made before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" - }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" - }, - "Salt": { - "markdownDescription": "The salt for authenticated Akamai.", - "title": "Salt", + "S3Resource": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", + "title": "S3Resource", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LakeFormation::Permissions.DatabaseResource": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "Token": { - "markdownDescription": "The token parameter for authenticated Akamai. If this is not specified, _gda_ is used.", - "title": "Token", + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsBasicPutSettings": { + "AWS::LakeFormation::Permissions.Resource": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" + "DataLocationResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLocationResource", + "markdownDescription": "A structure for a data location object where permissions are granted or revoked.", + "title": "DataLocationResource" }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" + "DatabaseResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.DatabaseResource", + "markdownDescription": "A structure for the database object.", + "title": "DatabaseResource" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that MediaLive makes before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" + "TableResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableResource", + "markdownDescription": "A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "TableResource" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "TableWithColumnsResource": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWithColumnsResource", + "markdownDescription": "A structure for a table with columns object. This object is only used when granting a SELECT permission.", + "title": "TableWithColumnsResource" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsCdnSettings": { + "AWS::LakeFormation::Permissions.TableResource": { "additionalProperties": false, "properties": { - "HlsAkamaiSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsAkamaiSettings", - "markdownDescription": "Sets up Akamai as the downstream system for the HLS output group.", - "title": "HlsAkamaiSettings" - }, - "HlsBasicPutSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsBasicPutSettings", - "markdownDescription": "The settings for Basic Put for the HLS output.", - "title": "HlsBasicPutSettings" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", + "type": "string" }, - "HlsMediaStoreSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsMediaStoreSettings", - "markdownDescription": "Sets up MediaStore as the destination for the HLS output.", - "title": "HlsMediaStoreSettings" + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" }, - "HlsS3Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsS3Settings", - "markdownDescription": "Sets up Amazon S3 as the destination for this HLS output.", - "title": "HlsS3Settings" + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", + "type": "string" }, - "HlsWebdavSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsWebdavSettings", - "markdownDescription": "The settings for Web VTT captions in the HLS output group.\n\nThe parent of this entity is HlsGroupSettings.", - "title": "HlsWebdavSettings" + "TableWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWildcard", + "markdownDescription": "An empty object representing all tables under a database. If this field is specified instead of the `Name` field, all tables under `DatabaseName` will have permission changes applied.", + "title": "TableWildcard" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsGroupSettings": { + "AWS::LakeFormation::Permissions.TableWildcard": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::LakeFormation::Permissions.TableWithColumnsResource": { "additionalProperties": false, "properties": { - "AdMarkers": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", + "type": "string" + }, + "ColumnNames": { "items": { "type": "string" }, - "markdownDescription": "Chooses one or more ad marker types to pass SCTE35 signals through to this group of Apple HLS outputs.", - "title": "AdMarkers", + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", "type": "array" }, - "BaseUrlContent": { - "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", - "title": "BaseUrlContent", - "type": "string" - }, - "BaseUrlContent1": { - "markdownDescription": "Optional. One value per output group. This field is required only if you are completing Base URL content A, and the downstream system has notified you that the media files for pipeline 1 of all outputs are in a location different from the media files for pipeline 0.", - "title": "BaseUrlContent1", - "type": "string" - }, - "BaseUrlManifest": { - "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", - "title": "BaseUrlManifest", - "type": "string" - }, - "BaseUrlManifest1": { - "markdownDescription": "Optional. One value per output group. Complete this field only if you are completing Base URL manifest A, and the downstream system has notified you that the child manifest files for pipeline 1 of all outputs are in a location different from the child manifest files for pipeline 0.", - "title": "BaseUrlManifest1", - "type": "string" - }, - "CaptionLanguageMappings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" - }, - "markdownDescription": "A mapping of up to 4 captions channels to captions languages. This is meaningful only if captionLanguageSetting is set to \"insert.\"", - "title": "CaptionLanguageMappings", - "type": "array" - }, - "CaptionLanguageSetting": { - "markdownDescription": "Applies only to 608 embedded output captions. Insert: Include CLOSED-CAPTIONS lines in the manifest. Specify at least one language in the CC1 Language Code field. One CLOSED-CAPTION line is added for each Language Code that you specify. Make sure to specify the languages in the order in which they appear in the original source (if the source is embedded format) or the order of the captions selectors (if the source is other than embedded). Otherwise, languages in the manifest will not match properly with the output captions. None: Include the CLOSED-CAPTIONS=NONE line in the manifest. Omit: Omit any CLOSED-CAPTIONS line from the manifest.", - "title": "CaptionLanguageSetting", - "type": "string" - }, - "ClientCache": { - "markdownDescription": "When set to \"disabled,\" sets the #EXT-X-ALLOW-CACHE:no tag in the manifest, which prevents clients from saving media segments for later replay.", - "title": "ClientCache", - "type": "string" - }, - "CodecSpecification": { - "markdownDescription": "The specification to use (RFC-6381 or the default RFC-4281) during m3u8 playlist generation.", - "title": "CodecSpecification", - "type": "string" - }, - "ConstantIv": { - "markdownDescription": "Used with encryptionType. This is a 128-bit, 16-byte hex value that is represented by a 32-character text string. If ivSource is set to \"explicit,\" this parameter is required and is used as the IV for encryption.", - "title": "ConstantIv", - "type": "string" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "A directory or HTTP destination for the HLS segments, manifest files, and encryption keys (if enabled).", - "title": "Destination" - }, - "DirectoryStructure": { - "markdownDescription": "Places segments in subdirectories.", - "title": "DirectoryStructure", - "type": "string" - }, - "DiscontinuityTags": { - "markdownDescription": "Specifies whether to insert EXT-X-DISCONTINUITY tags in the HLS child manifests for this output group.\nTypically, choose Insert because these tags are required in the manifest (according to the HLS specification) and serve an important purpose.\nChoose Never Insert only if the downstream system is doing real-time failover (without using the MediaLive automatic failover feature) and only if that downstream system has advised you to exclude the tags.", - "title": "DiscontinuityTags", - "type": "string" - }, - "EncryptionType": { - "markdownDescription": "Encrypts the segments with the specified encryption scheme. Exclude this parameter if you don't want encryption.", - "title": "EncryptionType", - "type": "string" - }, - "HlsCdnSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsCdnSettings", - "markdownDescription": "The parameters that control interactions with the CDN.", - "title": "HlsCdnSettings" - }, - "HlsId3SegmentTagging": { - "markdownDescription": "State of HLS ID3 Segment Tagging", - "title": "HlsId3SegmentTagging", - "type": "string" - }, - "IFrameOnlyPlaylists": { - "markdownDescription": "DISABLED: Don't create an I-frame-only manifest, but do create the master and media manifests (according to the Output Selection field). STANDARD: Create an I-frame-only manifest for each output that contains video, as well as the other manifests (according to the Output Selection field). The I-frame manifest contains a #EXT-X-I-FRAMES-ONLY tag to indicate it is I-frame only, and one or more #EXT-X-BYTERANGE entries identifying the I-frame position. For example, #EXT-X-BYTERANGE:160364@1461888\".", - "title": "IFrameOnlyPlaylists", - "type": "string" - }, - "IncompleteSegmentBehavior": { - "markdownDescription": "Specifies whether to include the final (incomplete) segment in the media output when the pipeline stops producing output because of a channel stop, a channel pause or a loss of input to the pipeline.\nAuto means that MediaLive decides whether to include the final segment, depending on the channel class and the types of output groups.\nSuppress means to never include the incomplete segment. We recommend you choose Auto and let MediaLive control the behavior.", - "title": "IncompleteSegmentBehavior", - "type": "string" - }, - "IndexNSegments": { - "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the maximum number of segments in the media manifest file. After this maximum, older segments are removed from the media manifest. This number must be less than or equal to the Keep Segments field.", - "title": "IndexNSegments", - "type": "number" - }, - "InputLossAction": { - "markdownDescription": "A parameter that controls output group behavior on an input loss.", - "title": "InputLossAction", - "type": "string" - }, - "IvInManifest": { - "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If set to \"include,\" the IV is listed in the manifest. Otherwise, the IV is not in the manifest.", - "title": "IvInManifest", - "type": "string" - }, - "IvSource": { - "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If this setting is \"followsSegmentNumber,\" it causes the IV to change every segment (to match the segment number). If this is set to \"explicit,\" you must enter a constantIv value.", - "title": "IvSource", - "type": "string" - }, - "KeepSegments": { - "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the number of media segments (.ts files) to retain in the destination directory.", - "title": "KeepSegments", - "type": "number" + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::Permissions.ColumnWildcard", + "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnWildcard" }, - "KeyFormat": { - "markdownDescription": "Specifies how the key is represented in the resource identified by the URI. If the parameter is absent, an implicit value of \"identity\" is used. A reverse DNS string can also be specified.", - "title": "KeyFormat", + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", "type": "string" }, - "KeyFormatVersions": { - "markdownDescription": "Either a single positive integer version value or a slash-delimited list of version values (1/2/3).", - "title": "KeyFormatVersions", + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", "type": "string" - }, - "KeyProviderSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.KeyProviderSettings", - "markdownDescription": "The key provider settings.", - "title": "KeyProviderSettings" - }, - "ManifestCompression": { - "markdownDescription": "When set to gzip, compresses HLS playlist.", - "title": "ManifestCompression", + } + }, + "type": "object" + }, + "AWS::LakeFormation::PrincipalPermissions": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "ManifestDurationFormat": { - "markdownDescription": "Indicates whether the output manifest should use a floating point or integer values for segment duration.", - "title": "ManifestDurationFormat", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MinSegmentLength": { - "markdownDescription": "When set, minimumSegmentLength is enforced by looking ahead and back within the specified range for a nearby avail and extending the segment size if needed.", - "title": "MinSegmentLength", - "type": "number" - }, - "Mode": { - "markdownDescription": "If \"vod,\" all segments are indexed and kept permanently in the destination and manifest. If \"live,\" only the number segments specified in keepSegments and indexNSegments are kept. Newer segments replace older segments, which might prevent players from rewinding all the way to the beginning of the channel. VOD mode uses HLS EXT-X-PLAYLIST-TYPE of EVENT while the channel is running, converting it to a \"VOD\" type manifest on completion of the stream.", - "title": "Mode", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "OutputSelection": { - "markdownDescription": "MANIFESTSANDSEGMENTS: Generates manifests (the master manifest, if applicable, and media manifests) for this output group. SEGMENTSONLY: Doesn't generate any manifests for this output group.", - "title": "OutputSelection", - "type": "string" + "Metadata": { + "type": "object" }, - "ProgramDateTime": { - "markdownDescription": "Includes or excludes the EXT-X-PROGRAM-DATE-TIME tag in .m3u8 manifest files. The value is calculated as follows: Either the program date and time are initialized using the input timecode source, or the time is initialized using the input timecode source and the date is initialized using the timestampOffset.", - "title": "ProgramDateTime", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", + "title": "Catalog", + "type": "string" + }, + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "The permissions granted or revoked.", + "title": "Permissions", + "type": "array" + }, + "PermissionsWithGrantOption": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", + "title": "PermissionsWithGrantOption", + "type": "array" + }, + "Principal": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal", + "markdownDescription": "The principal to be granted a permission.", + "title": "Principal" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.Resource", + "markdownDescription": "The resource to be granted or revoked permissions.", + "title": "Resource" + } + }, + "required": [ + "Permissions", + "PermissionsWithGrantOption", + "Principal", + "Resource" + ], + "type": "object" }, - "ProgramDateTimeClock": { - "markdownDescription": "Specifies the algorithm used to drive the HLS EXT-X-PROGRAM-DATE-TIME clock. Options include: INITIALIZE_FROM_OUTPUT_TIMECODE: The PDT clock is initialized as a function of the first output timecode, then incremented by the EXTINF duration of each encoded segment. SYSTEM_CLOCK: The PDT clock is initialized as a function of the UTC wall clock, then incremented by the EXTINF duration of each encoded segment. If the PDT clock diverges from the wall clock by more than 500ms, it is resynchronized to the wall clock.", - "title": "ProgramDateTimeClock", + "Type": { + "enum": [ + "AWS::LakeFormation::PrincipalPermissions" + ], "type": "string" }, - "ProgramDateTimePeriod": { - "markdownDescription": "The period of insertion of the EXT-X-PROGRAM-DATE-TIME entry, in seconds.", - "title": "ProgramDateTimePeriod", - "type": "number" - }, - "RedundantManifest": { - "markdownDescription": "ENABLED: The master manifest (.m3u8 file) for each pipeline includes information about both pipelines: first its own media files, then the media files of the other pipeline. This feature allows a playout device that supports stale manifest detection to switch from one manifest to the other, when the current manifest seems to be stale. There are still two destinations and two master manifests, but both master manifests reference the media files from both pipelines. DISABLED: The master manifest (.m3u8 file) for each pipeline includes information about its own pipeline only. For an HLS output group with MediaPackage as the destination, the DISABLED behavior is always followed. MediaPackage regenerates the manifests it serves to players, so a redundant manifest from MediaLive is irrelevant.", - "title": "RedundantManifest", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SegmentLength": { - "markdownDescription": "The length of the MPEG-2 Transport Stream segments to create, in seconds. Note that segments will end on the next keyframe after this number of seconds, so the actual segment length might be longer.", - "title": "SegmentLength", - "type": "number" - }, - "SegmentationMode": { - "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", - "title": "SegmentationMode", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::LakeFormation::PrincipalPermissions.ColumnWildcard": { + "additionalProperties": false, + "properties": { + "ExcludedColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "Excludes column names. Any column with this name will be excluded.", + "title": "ExcludedColumnNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "A database in the Data Catalog .", + "title": "DatabaseName", "type": "string" }, - "SegmentsPerSubdirectory": { - "markdownDescription": "The number of segments to write to a subdirectory before starting a new one. For this setting to have an effect, directoryStructure must be subdirectoryPerStream.", - "title": "SegmentsPerSubdirectory", - "type": "number" - }, - "StreamInfResolution": { - "markdownDescription": "The include or exclude RESOLUTION attribute for a video in the EXT-X-STREAM-INF tag of a variant manifest.", - "title": "StreamInfResolution", + "Name": { + "markdownDescription": "The name given by the user to the data filter cell.", + "title": "Name", "type": "string" }, - "TimedMetadataId3Frame": { - "markdownDescription": "Indicates the ID3 frame that has the timecode.", - "title": "TimedMetadataId3Frame", + "TableCatalogId": { + "markdownDescription": "The ID of the catalog to which the table belongs.", + "title": "TableCatalogId", "type": "string" }, - "TimedMetadataId3Period": { - "markdownDescription": "The timed metadata interval, in seconds.", - "title": "TimedMetadataId3Period", - "type": "number" - }, - "TimestampDeltaMilliseconds": { - "markdownDescription": "Provides an extra millisecond delta offset to fine tune the timestamps.", - "title": "TimestampDeltaMilliseconds", - "type": "number" - }, - "TsFileMode": { - "markdownDescription": "SEGMENTEDFILES: Emits the program as segments -multiple .ts media files. SINGLEFILE: Applies only if the Mode field is VOD. Emits the program as a single .ts media file. The media manifest includes #EXT-X-BYTERANGE tags to index segments for playback. A typical use for this value is when sending the output to AWS Elemental MediaConvert, which can accept only a single media file. Playback while the channel is running is not guaranteed due to HTTP server caching.", - "title": "TsFileMode", + "TableName": { + "markdownDescription": "The name of the table.", + "title": "TableName", "type": "string" } }, + "required": [ + "DatabaseName", + "Name", + "TableCatalogId", + "TableName" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsInputSettings": { + "AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal": { "additionalProperties": false, "properties": { - "Bandwidth": { - "markdownDescription": "When specified, the HLS stream with the m3u8 bandwidth that most closely matches this value is chosen. Otherwise, the highest bandwidth stream in the m3u8 is chosen. The bitrate is specified in bits per second, as in an HLS manifest.", - "title": "Bandwidth", - "type": "number" - }, - "BufferSegments": { - "markdownDescription": "When specified, reading of the HLS input begins this many buffer segments from the end (most recently written segment). When not specified, the HLS input begins with the first segment specified in the m3u8.", - "title": "BufferSegments", - "type": "number" - }, - "Retries": { - "markdownDescription": "The number of consecutive times that attempts to read a manifest or segment must fail before the input is considered unavailable.", - "title": "Retries", - "type": "number" - }, - "RetryInterval": { - "markdownDescription": "The number of seconds between retries when an attempt to read a manifest or segment fails.", - "title": "RetryInterval", - "type": "number" - }, - "Scte35Source": { - "markdownDescription": "Identifies the source for the SCTE-35 messages that MediaLive will ingest. Messages can be ingested from the content segments (in the stream) or from tags in the playlist (the HLS manifest). MediaLive ignores SCTE-35 information in the source that is not selected.", - "title": "Scte35Source", + "DataLakePrincipalIdentifier": { + "markdownDescription": "An identifier for the AWS Lake Formation principal.", + "title": "DataLakePrincipalIdentifier", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsMediaStoreSettings": { + "AWS::LakeFormation::PrincipalPermissions.DataLocationResource": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "MediaStoreStorageClass": { - "markdownDescription": "When set to temporal, output files are stored in non-persistent memory for faster reading and writing.", - "title": "MediaStoreStorageClass", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", + "title": "CatalogId", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" - }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", + "title": "ResourceArn", + "type": "string" } }, + "required": [ + "CatalogId", + "ResourceArn" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsOutputSettings": { + "AWS::LakeFormation::PrincipalPermissions.DatabaseResource": { "additionalProperties": false, "properties": { - "H265PackagingType": { - "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", - "title": "H265PackagingType", - "type": "string" - }, - "HlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsSettings", - "markdownDescription": "The settings regarding the underlying stream. These settings are different for audio-only outputs.", - "title": "HlsSettings" - }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. Accepts \\\"Format Identifiers\\\":#formatIdentifierParameters.", - "title": "NameModifier", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "SegmentModifier": { - "markdownDescription": "A string that is concatenated to the end of segment file names.", - "title": "SegmentModifier", + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", "type": "string" } }, + "required": [ + "CatalogId", + "Name" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsS3Settings": { + "AWS::LakeFormation::PrincipalPermissions.LFTag": { "additionalProperties": false, "properties": { - "CannedAcl": { - "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", - "title": "CannedAcl", + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", "type": "string" + }, + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.HlsSettings": { + "AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource": { "additionalProperties": false, "properties": { - "AudioOnlyHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioOnlyHlsSettings", - "markdownDescription": "The settings for an audio-only output.", - "title": "AudioOnlyHlsSettings" - }, - "Fmp4HlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Fmp4HlsSettings", - "markdownDescription": "The settings for an fMP4 container.", - "title": "Fmp4HlsSettings" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with Data Catalog .", + "title": "CatalogId", + "type": "string" }, - "FrameCaptureHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureHlsSettings", - "markdownDescription": "Settings for a frame capture output in an HLS output group.", - "title": "FrameCaptureHlsSettings" + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", + "type": "string" }, - "StandardHlsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.StandardHlsSettings", - "markdownDescription": "The settings for a standard output (an output that is not audio-only).", - "title": "StandardHlsSettings" + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values for the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" } }, + "required": [ + "CatalogId", + "TagKey", + "TagValues" + ], "type": "object" }, - "AWS::MediaLive::Channel.HlsWebdavSettings": { + "AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource": { "additionalProperties": false, "properties": { - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "HttpTransferMode": { - "markdownDescription": "Specifies whether to use chunked transfer encoding to WebDAV.", - "title": "HttpTransferMode", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "CatalogId", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", - "title": "NumRetries", - "type": "number" + "Expression": { + "items": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTag" + }, + "markdownDescription": "A list of LF-tag conditions that apply to the resource's LF-tag policy.", + "title": "Expression", + "type": "array" }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" + "ResourceType": { + "markdownDescription": "The resource type for which the LF-tag policy applies.", + "title": "ResourceType", + "type": "string" } }, + "required": [ + "CatalogId", + "Expression", + "ResourceType" + ], "type": "object" }, - "AWS::MediaLive::Channel.HtmlMotionGraphicsSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.InputAttachment": { + "AWS::LakeFormation::PrincipalPermissions.Resource": { "additionalProperties": false, "properties": { - "AutomaticInputFailoverSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AutomaticInputFailoverSettings", - "markdownDescription": "Settings to implement automatic input failover in this input.", - "title": "AutomaticInputFailoverSettings" + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "Catalog", + "type": "object" }, - "InputAttachmentName": { - "markdownDescription": "A name for the attachment. This is required if you want to use this input in an input switch action.", - "title": "InputAttachmentName", - "type": "string" + "DataCellsFilter": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource", + "markdownDescription": "A data cell filter.", + "title": "DataCellsFilter" }, - "InputId": { - "markdownDescription": "The ID of the input to attach.", - "title": "InputId", - "type": "string" + "DataLocation": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLocationResource", + "markdownDescription": "The location of an Amazon S3 path where permissions are granted or revoked.", + "title": "DataLocation" }, - "InputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputSettings", - "markdownDescription": "Information about the content to extract from the input and about the general handling of the content.", - "title": "InputSettings" + "Database": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DatabaseResource", + "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", + "title": "Database" + }, + "LFTag": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource", + "markdownDescription": "The LF-tag key and values attached to a resource.", + "title": "LFTag" + }, + "LFTagPolicy": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource", + "markdownDescription": "A list of LF-tag conditions that define a resource's LF-tag policy.", + "title": "LFTagPolicy" + }, + "Table": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableResource", + "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Table" + }, + "TableWithColumns": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource", + "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", + "title": "TableWithColumns" } }, "type": "object" }, - "AWS::MediaLive::Channel.InputChannelLevel": { + "AWS::LakeFormation::PrincipalPermissions.TableResource": { "additionalProperties": false, "properties": { - "Gain": { - "markdownDescription": "The remixing value. Units are in dB, and acceptable values are within the range from -60 (mute) to 6 dB.", - "title": "Gain", - "type": "number" + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", + "title": "CatalogId", + "type": "string" }, - "InputChannel": { - "markdownDescription": "The index of the input channel that is used as a source.", - "title": "InputChannel", - "type": "number" + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", + "type": "string" + }, + "TableWildcard": { + "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", + "title": "TableWildcard", + "type": "object" } }, + "required": [ + "CatalogId", + "DatabaseName" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputLocation": { + "AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource": { "additionalProperties": false, "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This applies only if the downstream system requires credentials.", - "title": "PasswordParam", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", + "title": "CatalogId", "type": "string" }, - "Uri": { - "markdownDescription": "The URI should be a path to a file that is accessible to the Live system (for example, an http:// URI) depending on the output type. For example, an RTMP destination should have a URI similar to rtmp://fmsserver/live.", - "title": "Uri", + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", + "type": "array" + }, + "ColumnWildcard": { + "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.ColumnWildcard", + "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnWildcard" + }, + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", "type": "string" }, - "Username": { - "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", - "title": "Username", + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", "type": "string" } }, + "required": [ + "CatalogId", + "DatabaseName", + "Name" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputLossBehavior": { + "AWS::LakeFormation::Resource": { "additionalProperties": false, "properties": { - "BlackFrameMsec": { - "markdownDescription": "On input loss, the number of milliseconds to substitute black into the output before switching to the frame specified by inputLossImageType. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", - "title": "BlackFrameMsec", - "type": "number" + "Condition": { + "type": "string" }, - "InputLossImageColor": { - "markdownDescription": "When the input loss image type is \"color,\" this field specifies the color to use. Value: 6 hex characters that represent the values of RGB.", - "title": "InputLossImageColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "InputLossImageSlate": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "When the input loss image type is \"slate,\" these fields specify the parameters for accessing the slate.", - "title": "InputLossImageSlate" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InputLossImageType": { - "markdownDescription": "Indicates whether to substitute a solid color or a slate into the output after the input loss exceeds blackFrameMsec.", - "title": "InputLossImageType", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HybridAccessEnabled": { + "markdownDescription": "Indicates whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.", + "title": "HybridAccessEnabled", + "type": "boolean" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "ResourceArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role that registered a resource.", + "title": "RoleArn", + "type": "string" + }, + "UseServiceLinkedRole": { + "markdownDescription": "Designates a trusted caller, an IAM principal, by registering this caller with the Data Catalog .", + "title": "UseServiceLinkedRole", + "type": "boolean" + }, + "WithFederation": { + "markdownDescription": "Allows Lake Formation to assume a role to access tables in a federated database.", + "title": "WithFederation", + "type": "boolean" + } + }, + "required": [ + "ResourceArn", + "UseServiceLinkedRole" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::LakeFormation::Resource" + ], "type": "string" }, - "RepeatFrameMsec": { - "markdownDescription": "On input loss, the number of milliseconds to repeat the previous picture before substituting black into the output. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", - "title": "RepeatFrameMsec", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputLossFailoverSettings": { + "AWS::LakeFormation::Tag": { "additionalProperties": false, "properties": { - "InputLossThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that no input is detected. After that time, an input failover will occur.", - "title": "InputLossThresholdMsec", - "type": "number" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "CatalogId", + "type": "string" + }, + "TagKey": { + "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe key-name for the LF-tag.", + "title": "TagKey", + "type": "string" + }, + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of UTF-8 strings, not less than 1 or more than 50 strings.\n\nA list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" + } + }, + "required": [ + "TagKey", + "TagValues" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::LakeFormation::Tag" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputSettings": { + "AWS::LakeFormation::TagAssociation": { "additionalProperties": false, "properties": { - "AudioSelectors": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelector" - }, - "markdownDescription": "Information about the specific audio to extract from the input.\n\nThe parent of this entity is InputSettings.", - "title": "AudioSelectors", - "type": "array" - }, - "CaptionSelectors": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelector" - }, - "markdownDescription": "Information about the specific captions to extract from the input.", - "title": "CaptionSelectors", - "type": "array" - }, - "DeblockFilter": { - "markdownDescription": "Enables or disables the deblock filter when filtering.", - "title": "DeblockFilter", + "Condition": { "type": "string" }, - "DenoiseFilter": { - "markdownDescription": "Enables or disables the denoise filter when filtering.", - "title": "DenoiseFilter", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FilterStrength": { - "markdownDescription": "Adjusts the magnitude of filtering from 1 (minimal) to 5 (strongest).", - "title": "FilterStrength", - "type": "number" - }, - "InputFilter": { - "markdownDescription": "Turns on the filter for this input. MPEG-2 inputs have the deblocking filter enabled by default. 1) auto - filtering is applied depending on input type/quality 2) disabled - no filtering is applied to the input 3) forced - filtering is applied regardless of the input type.", - "title": "InputFilter", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NetworkInputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NetworkInputSettings", - "markdownDescription": "Information about how to connect to the upstream system.", - "title": "NetworkInputSettings" + "Metadata": { + "type": "object" }, - "Scte35Pid": { - "markdownDescription": "", - "title": "Scte35Pid", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "LFTags": { + "items": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.LFTagPair" + }, + "markdownDescription": "A structure containing an LF-tag key-value pair.", + "title": "LFTags", + "type": "array" + }, + "Resource": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.Resource", + "markdownDescription": "UTF-8 string (valid values: `DATABASE | TABLE` ).\n\nThe resource for which the LF-tag policy applies.", + "title": "Resource" + } + }, + "required": [ + "LFTags", + "Resource" + ], + "type": "object" }, - "Smpte2038DataPreference": { - "markdownDescription": "Specifies whether to extract applicable ancillary data from a SMPTE-2038 source in this input. Applicable data types are captions, timecode, AFD, and SCTE-104 messages.\n- PREFER: Extract from SMPTE-2038 if present in this input, otherwise extract from another source (if any).\n- IGNORE: Never extract any ancillary data from SMPTE-2038.", - "title": "Smpte2038DataPreference", + "Type": { + "enum": [ + "AWS::LakeFormation::TagAssociation" + ], "type": "string" }, - "SourceEndBehavior": { - "markdownDescription": "The loop input if it is a file.", - "title": "SourceEndBehavior", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "VideoSelector": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelector", - "markdownDescription": "Information about one video to extract from the input.", - "title": "VideoSelector" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.InputSpecification": { + "AWS::LakeFormation::TagAssociation.DatabaseResource": { "additionalProperties": false, "properties": { - "Codec": { - "markdownDescription": "The codec to include in the input specification for this channel.", - "title": "Codec", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it should be the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "MaximumBitrate": { - "markdownDescription": "The maximum input bitrate for any input attached to this channel.", - "title": "MaximumBitrate", + "Name": { + "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "CatalogId", + "Name" + ], + "type": "object" + }, + "AWS::LakeFormation::TagAssociation.LFTagPair": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "Resolution": { - "markdownDescription": "The resolution for any input attached to this channel.", - "title": "Resolution", + "TagKey": { + "markdownDescription": "The key-name for the LF-tag.", + "title": "TagKey", "type": "string" + }, + "TagValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", + "title": "TagValues", + "type": "array" } }, + "required": [ + "CatalogId", + "TagKey", + "TagValues" + ], "type": "object" }, - "AWS::MediaLive::Channel.KeyProviderSettings": { + "AWS::LakeFormation::TagAssociation.Resource": { "additionalProperties": false, "properties": { - "StaticKeySettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.StaticKeySettings", - "markdownDescription": "The configuration of static key settings.", - "title": "StaticKeySettings" + "Catalog": { + "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", + "title": "Catalog", + "type": "object" + }, + "Database": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.DatabaseResource", + "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", + "title": "Database" + }, + "Table": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableResource", + "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Table" + }, + "TableWithColumns": { + "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableWithColumnsResource", + "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", + "title": "TableWithColumns" } }, "type": "object" }, - "AWS::MediaLive::Channel.M2tsSettings": { + "AWS::LakeFormation::TagAssociation.TableResource": { "additionalProperties": false, "properties": { - "AbsentInputAudioBehavior": { - "markdownDescription": "When set to drop, the output audio streams are removed from the program if the selected input audio stream is removed from the input. This allows the output audio configuration to dynamically change based on the input configuration. If this is set to encodeSilence, all output audio streams will output encoded silence when not connected to an active input stream.", - "title": "AbsentInputAudioBehavior", - "type": "string" - }, - "Arib": { - "markdownDescription": "When set to enabled, uses ARIB-compliant field muxing and removes video descriptor.", - "title": "Arib", + "CatalogId": { + "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", + "title": "CatalogId", "type": "string" }, - "AribCaptionsPid": { - "markdownDescription": "The PID for ARIB Captions in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "AribCaptionsPid", + "DatabaseName": { + "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", "type": "string" }, - "AribCaptionsPidControl": { - "markdownDescription": "If set to auto, The PID number used for ARIB Captions will be auto-selected from unused PIDs. If set to useConfigured, ARIB captions will be on the configured PID number.", - "title": "AribCaptionsPidControl", + "Name": { + "markdownDescription": "The name of the table.", + "title": "Name", "type": "string" }, - "AudioBufferModel": { - "markdownDescription": "When set to dvb, uses the DVB buffer model for Dolby Digital audio. When set to atsc, the ATSC model is used.", - "title": "AudioBufferModel", - "type": "string" - }, - "AudioFramesPerPes": { - "markdownDescription": "The number of audio frames to insert for each PES packet.", - "title": "AudioFramesPerPes", - "type": "number" - }, - "AudioPids": { - "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "AudioPids", - "type": "string" - }, - "AudioStreamType": { - "markdownDescription": "When set to atsc, uses stream type = 0x81 for AC3 and stream type = 0x87 for EAC3. When set to dvb, uses stream type = 0x06.", - "title": "AudioStreamType", - "type": "string" - }, - "Bitrate": { - "markdownDescription": "The output bitrate of the transport stream in bits per second. Setting to 0 lets the muxer automatically determine the appropriate bitrate.", - "title": "Bitrate", - "type": "number" - }, - "BufferModel": { - "markdownDescription": "If set to multiplex, uses the multiplex buffer model for accurate interleaving. Setting to bufferModel to none can lead to lower latency, but low-memory devices might not be able to play back the stream without interruptions.", - "title": "BufferModel", - "type": "string" - }, - "CcDescriptor": { - "markdownDescription": "When set to enabled, generates captionServiceDescriptor in PMT.", - "title": "CcDescriptor", + "TableWildcard": { + "markdownDescription": "A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", + "title": "TableWildcard", + "type": "object" + } + }, + "required": [ + "CatalogId", + "DatabaseName" + ], + "type": "object" + }, + "AWS::LakeFormation::TagAssociation.TableWithColumnsResource": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of TableResource$Name or TableResource$TableWildcard is required.", + "title": "CatalogId", "type": "string" }, - "DvbNitSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbNitSettings", - "markdownDescription": "Inserts a DVB Network Information Table (NIT) at the specified table repetition interval.", - "title": "DvbNitSettings" - }, - "DvbSdtSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSdtSettings", - "markdownDescription": "Inserts a DVB Service Description Table (SDT) at the specified table repetition interval.", - "title": "DvbSdtSettings" + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", + "title": "ColumnNames", + "type": "array" }, - "DvbSubPids": { - "markdownDescription": "The PID for the input source DVB Subtitle data to this output. Multiple values are accepted, and can be entered in ranges and/or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "DvbSubPids", + "DatabaseName": { + "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", + "title": "DatabaseName", "type": "string" }, - "DvbTdtSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.DvbTdtSettings", - "markdownDescription": "Inserts DVB Time and Date Table (TDT) at the specified table repetition interval.", - "title": "DvbTdtSettings" - }, - "DvbTeletextPid": { - "markdownDescription": "The PID for the input source DVB Teletext data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "DvbTeletextPid", + "Name": { + "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", + "title": "Name", "type": "string" - }, - "Ebif": { - "markdownDescription": "If set to passthrough, passes any EBIF data from the input source to this output.", - "title": "Ebif", + } + }, + "required": [ + "CatalogId", + "ColumnNames", + "DatabaseName", + "Name" + ], + "type": "object" + }, + "AWS::Lambda::Alias": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "EbpAudioInterval": { - "markdownDescription": "When videoAndFixedIntervals is selected, audio EBP markers are added to partitions 3 and 4. The interval between these additional markers is fixed, and is slightly shorter than the video EBP marker interval. This is only available when EBP Cablelabs segmentation markers are selected. Partitions 1 and 2 always follow the video interval.", - "title": "EbpAudioInterval", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "EbpLookaheadMs": { - "markdownDescription": "When set, enforces that Encoder Boundary Points do not come within the specified time interval of each other by looking ahead at input video. If another EBP is going to come in within the specified time interval, the current EBP is not emitted, and the segment is \"stretched\" to the next marker. The lookahead value does not add latency to the system. The channel must be configured elsewhere to create sufficient latency to make the lookahead accurate.", - "title": "EbpLookaheadMs", - "type": "number" - }, - "EbpPlacement": { - "markdownDescription": "Controls placement of EBP on audio PIDs. If set to videoAndAudioPids, EBP markers are placed on the video PID and all audio PIDs. If set to videoPid, EBP markers are placed on only the video PID.", - "title": "EbpPlacement", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "EcmPid": { - "markdownDescription": "This field is unused and deprecated.", - "title": "EcmPid", - "type": "string" + "Metadata": { + "type": "object" }, - "EsRateInPes": { - "markdownDescription": "Includes or excludes the ES Rate field in the PES header.", - "title": "EsRateInPes", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the alias.", + "title": "Description", + "type": "string" + }, + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" + }, + "FunctionVersion": { + "markdownDescription": "The function version that the alias invokes.", + "title": "FunctionVersion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the alias.", + "title": "Name", + "type": "string" + }, + "ProvisionedConcurrencyConfig": { + "$ref": "#/definitions/AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration", + "markdownDescription": "Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.", + "title": "ProvisionedConcurrencyConfig" + }, + "RoutingConfig": { + "$ref": "#/definitions/AWS::Lambda::Alias.AliasRoutingConfiguration", + "markdownDescription": "The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.", + "title": "RoutingConfig" + } + }, + "required": [ + "FunctionName", + "FunctionVersion", + "Name" + ], + "type": "object" }, - "EtvPlatformPid": { - "markdownDescription": "The PID for the input source ETV Platform data to this output. You can enter it as a decimal or hexadecimal value. Valid values are 32 (or 0x20) to 8182 (or 0x1ff6).", - "title": "EtvPlatformPid", + "Type": { + "enum": [ + "AWS::Lambda::Alias" + ], "type": "string" }, - "EtvSignalPid": { - "markdownDescription": "The PID for input source ETV Signal data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "EtvSignalPid", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "FragmentTime": { - "markdownDescription": "The length in seconds of each fragment. This is used only with EBP markers.", - "title": "FragmentTime", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Lambda::Alias.AliasRoutingConfiguration": { + "additionalProperties": false, + "properties": { + "AdditionalVersionWeights": { + "items": { + "$ref": "#/definitions/AWS::Lambda::Alias.VersionWeight" + }, + "markdownDescription": "The second version, and the percentage of traffic that's routed to it.", + "title": "AdditionalVersionWeights", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration": { + "additionalProperties": false, + "properties": { + "ProvisionedConcurrentExecutions": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the alias.", + "title": "ProvisionedConcurrentExecutions", "type": "number" - }, - "Klv": { - "markdownDescription": "If set to passthrough, passes any KLV data from the input source to this output.", - "title": "Klv", - "type": "string" - }, - "KlvDataPids": { - "markdownDescription": "The PID for the input source KLV data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "KlvDataPids", - "type": "string" - }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", + } + }, + "required": [ + "ProvisionedConcurrentExecutions" + ], + "type": "object" + }, + "AWS::Lambda::Alias.VersionWeight": { + "additionalProperties": false, + "properties": { + "FunctionVersion": { + "markdownDescription": "The qualifier of the second version.", + "title": "FunctionVersion", "type": "string" }, - "NullPacketBitrate": { - "markdownDescription": "The value, in bits per second, of extra null packets to insert into the transport stream. This can be used if a downstream encryption system requires periodic null packets.", - "title": "NullPacketBitrate", - "type": "number" - }, - "PatInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", - "title": "PatInterval", + "FunctionWeight": { + "markdownDescription": "The percentage of traffic that the alias routes to the second version.", + "title": "FunctionWeight", "type": "number" - }, - "PcrControl": { - "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", - "title": "PcrControl", + } + }, + "required": [ + "FunctionVersion", + "FunctionWeight" + ], + "type": "object" + }, + "AWS::Lambda::CodeSigningConfig": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "PcrPeriod": { - "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", - "title": "PcrPeriod", - "type": "number" - }, - "PcrPid": { - "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "PcrPid", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PmtInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", - "title": "PmtInterval", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PmtPid": { - "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "PmtPid", - "type": "string" + "Metadata": { + "type": "object" }, - "ProgramNum": { - "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", - "title": "ProgramNum", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "AllowedPublishers": { + "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.AllowedPublishers", + "markdownDescription": "List of allowed publishers.", + "title": "AllowedPublishers" + }, + "CodeSigningPolicies": { + "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.CodeSigningPolicies", + "markdownDescription": "The code signing policy controls the validation failure action for signature mismatch or expiry.", + "title": "CodeSigningPolicies" + }, + "Description": { + "markdownDescription": "Code signing configuration description.", + "title": "Description", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the code signing configuration.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AllowedPublishers" + ], + "type": "object" }, - "RateMode": { - "markdownDescription": "When VBR, does not insert null packets into the transport stream to fill the specified bitrate. The bitrate setting acts as the maximum bitrate when VBR is set.", - "title": "RateMode", + "Type": { + "enum": [ + "AWS::Lambda::CodeSigningConfig" + ], "type": "string" }, - "Scte27Pids": { - "markdownDescription": "The PID for the input source SCTE-27 data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "Scte27Pids", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "Scte35Control": { - "markdownDescription": "Optionally passes SCTE-35 signals from the input source to this output.", - "title": "Scte35Control", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Lambda::CodeSigningConfig.AllowedPublishers": { + "additionalProperties": false, + "properties": { + "SigningProfileVersionArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.", + "title": "SigningProfileVersionArns", + "type": "array" + } + }, + "required": [ + "SigningProfileVersionArns" + ], + "type": "object" + }, + "AWS::Lambda::CodeSigningConfig.CodeSigningPolicies": { + "additionalProperties": false, + "properties": { + "UntrustedArtifactOnDeployment": { + "markdownDescription": "Code signing configuration policy for deployment validation failure. If you set the policy to `Enforce` , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to `Warn` , Lambda allows the deployment and creates a CloudWatch log.\n\nDefault value: `Warn`", + "title": "UntrustedArtifactOnDeployment", "type": "string" - }, - "Scte35Pid": { - "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "Scte35Pid", + } + }, + "required": [ + "UntrustedArtifactOnDeployment" + ], + "type": "object" + }, + "AWS::Lambda::EventInvokeConfig": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Scte35PrerollPullupMilliseconds": { - "markdownDescription": "", - "title": "Scte35PrerollPullupMilliseconds", - "type": "number" - }, - "SegmentationMarkers": { - "markdownDescription": "Inserts segmentation markers at each segmentationTime period. raiSegstart sets the Random Access Indicator bit in the adaptation field. raiAdapt sets the RAI bit and adds the current timecode in the private data bytes. psiSegstart inserts PAT and PMT tables at the start of segments. ebp adds Encoder Boundary Point information to the adaptation field as per OpenCable specification OC-SP-EBP-I01-130118. ebpLegacy adds Encoder Boundary Point information to the adaptation field using a legacy proprietary format.", - "title": "SegmentationMarkers", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SegmentationStyle": { - "markdownDescription": "The segmentation style parameter controls how segmentation markers are inserted into the transport stream. With avails, it is possible that segments might be truncated, which can influence where future segmentation markers are inserted. When a segmentation style of resetCadence is selected and a segment is truncated due to an avail, we will reset the segmentation cadence. This means the subsequent segment will have a duration of $segmentationTime seconds. When a segmentation style of maintainCadence is selected and a segment is truncated due to an avail, we will not reset the segmentation cadence. This means the subsequent segment will likely be truncated as well. However, all segments after that will have a duration of $segmentationTime seconds. Note that EBP lookahead is a slight exception to this rule.", - "title": "SegmentationStyle", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SegmentationTime": { - "markdownDescription": "The length, in seconds, of each segment. This is required unless markers is set to None_.", - "title": "SegmentationTime", - "type": "number" + "Metadata": { + "type": "object" }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DestinationConfig": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.DestinationConfig", + "markdownDescription": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Bucket* - The ARN of an Amazon S3 bucket.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus.\n\n> S3 buckets are supported only for on-failure destinations. To retain records of successful invocations, use another destination type.", + "title": "DestinationConfig" + }, + "FunctionName": { + "markdownDescription": "The name of the Lambda function.\n\n*Minimum* : `1`\n\n*Maximum* : `64`\n\n*Pattern* : `([a-zA-Z0-9-_]+)`", + "title": "FunctionName", + "type": "string" + }, + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum age of a request that Lambda sends to a function for processing.", + "title": "MaximumEventAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of times to retry when the function returns an error.", + "title": "MaximumRetryAttempts", + "type": "number" + }, + "Qualifier": { + "markdownDescription": "The identifier of a version or alias.\n\n- *Version* - A version number.\n- *Alias* - An alias name.\n- *Latest* - To specify the unpublished version, use `$LATEST` .", + "title": "Qualifier", + "type": "string" + } + }, + "required": [ + "FunctionName", + "Qualifier" + ], + "type": "object" }, - "TimedMetadataPid": { - "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "TimedMetadataPid", + "Type": { + "enum": [ + "AWS::Lambda::EventInvokeConfig" + ], "type": "string" }, - "TransportStreamId": { - "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", - "title": "TransportStreamId", - "type": "number" - }, - "VideoPid": { - "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "VideoPid", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.M3u8Settings": { + "AWS::Lambda::EventInvokeConfig.DestinationConfig": { "additionalProperties": false, "properties": { - "AudioFramesPerPes": { - "markdownDescription": "The number of audio frames to insert for each PES packet.", - "title": "AudioFramesPerPes", - "type": "number" - }, - "AudioPids": { - "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value.", - "title": "AudioPids", - "type": "string" - }, - "EcmPid": { - "markdownDescription": "This parameter is unused and deprecated.", - "title": "EcmPid", - "type": "string" - }, - "KlvBehavior": { - "markdownDescription": "", - "title": "KlvBehavior", - "type": "string" - }, - "KlvDataPids": { - "markdownDescription": "", - "title": "KlvDataPids", - "type": "string" + "OnFailure": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnFailure", + "markdownDescription": "The destination configuration for failed invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", + "title": "OnFailure" }, - "NielsenId3Behavior": { - "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", - "title": "NielsenId3Behavior", + "OnSuccess": { + "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnSuccess", + "markdownDescription": "The destination configuration for successful invocations.\n\n> When using an Amazon SQS queue as a destination, FIFO queues cannot be used.", + "title": "OnSuccess" + } + }, + "type": "object" + }, + "AWS::Lambda::EventInvokeConfig.OnFailure": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", + "title": "Destination", "type": "string" - }, - "PatInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", - "title": "PatInterval", - "type": "number" - }, - "PcrControl": { - "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", - "title": "PcrControl", + } + }, + "required": [ + "Destination" + ], + "type": "object" + }, + "AWS::Lambda::EventInvokeConfig.OnSuccess": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.", + "title": "Destination", "type": "string" - }, - "PcrPeriod": { - "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", - "title": "PcrPeriod", - "type": "number" - }, - "PcrPid": { - "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value.", - "title": "PcrPid", + } + }, + "required": [ + "Destination" + ], + "type": "object" + }, + "AWS::Lambda::EventSourceMapping": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "PmtInterval": { - "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", - "title": "PmtInterval", - "type": "number" - }, - "PmtPid": { - "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "PmtPid", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ProgramNum": { - "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", - "title": "ProgramNum", - "type": "number" - }, - "Scte35Behavior": { - "markdownDescription": "If set to passthrough, passes any SCTE-35 signals from the input source to this output.", - "title": "Scte35Behavior", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Scte35Pid": { - "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "Scte35Pid", - "type": "string" + "Metadata": { + "type": "object" }, - "TimedMetadataBehavior": { - "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", - "title": "TimedMetadataBehavior", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AmazonManagedKafkaEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig", + "markdownDescription": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", + "title": "AmazonManagedKafkaEventSourceConfig" + }, + "BatchSize": { + "markdownDescription": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", + "title": "BatchSize", + "type": "number" + }, + "BisectBatchOnFunctionError": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.\n\n> When using `BisectBatchOnFunctionError` , check the `BatchSize` parameter in the `OnFailure` destination message's metadata. The `BatchSize` could be greater than 1 since Lambda consolidates failed messages metadata when writing to the `OnFailure` destination.", + "title": "BisectBatchOnFunctionError", + "type": "boolean" + }, + "DestinationConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DestinationConfig", + "markdownDescription": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.", + "title": "DestinationConfig" + }, + "DocumentDBEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig", + "markdownDescription": "Specific configuration settings for a DocumentDB event source.", + "title": "DocumentDBEventSourceConfig" + }, + "Enabled": { + "markdownDescription": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n\nDefault: True", + "title": "Enabled", + "type": "boolean" + }, + "EventSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the event source.\n\n- *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n- *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n- *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc) ).\n- *Amazon MQ* \u2013 The ARN of the broker.\n- *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.", + "title": "EventSourceArn", + "type": "string" + }, + "FilterCriteria": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.FilterCriteria", + "markdownDescription": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", + "title": "FilterCriteria" + }, + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* \u2013 `MyFunction` .\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Version or Alias ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD` .\n- *Partial ARN* \u2013 `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" + }, + "FunctionResponseTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "(Kinesis, DynamoDB Streams, and SQS) A list of current response type enums applied to the event source mapping.\n\nValid Values: `ReportBatchItemFailures`", + "title": "FunctionResponseTypes", + "type": "array" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that Lambda uses to encrypt your function's [filter criteria](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-basics) .", + "title": "KmsKeyArn", + "type": "string" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ , Amazon DocumentDB event sources)* : 500 ms\n\n*Related setting:* For Amazon SQS event sources, when you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "MaximumRecordAgeInSeconds": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1,\nwhich sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n\n> The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed", + "title": "MaximumRecordAgeInSeconds", + "type": "number" + }, + "MaximumRetryAttempts": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1,\nwhich sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" + }, + "MetricsConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.MetricsConfig", + "markdownDescription": "The metrics configuration for your event source. For more information, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics) .", + "title": "MetricsConfig" + }, + "ParallelizationFactor": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" + }, + "ProvisionedPollerConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ProvisionedPollerConfig", + "markdownDescription": "(Amazon MSK and self-managed Apache Kafka only) The provisioned mode configuration for the event source. For more information, see [provisioned mode](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#invocation-eventsourcemapping-provisioned-mode) .", + "title": "ProvisionedPollerConfig" + }, + "Queues": { + "items": { + "type": "string" + }, + "markdownDescription": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.", + "title": "Queues", + "type": "array" + }, + "ScalingConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ScalingConfig", + "markdownDescription": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency) .", + "title": "ScalingConfig" + }, + "SelfManagedEventSource": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedEventSource", + "markdownDescription": "The self-managed Apache Kafka cluster for your event source.", + "title": "SelfManagedEventSource" + }, + "SelfManagedKafkaEventSourceConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig", + "markdownDescription": "Specific configuration settings for a self-managed Apache Kafka event source.", + "title": "SelfManagedKafkaEventSourceConfig" + }, + "SourceAccessConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SourceAccessConfiguration" + }, + "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.", + "title": "SourceAccessConfigurations", + "type": "array" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n\n- *LATEST* - Read only new records.\n- *TRIM_HORIZON* - Process all available records.\n- *AT_TIMESTAMP* - Specify a time from which to start reading records.", + "title": "StartingPosition", + "type": "string" + }, + "StartingPositionTimestamp": { + "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds. `StartingPositionTimestamp` cannot be in the future.", + "title": "StartingPositionTimestamp", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the event source mapping.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "title": "Tags", + "type": "array" + }, + "Topics": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the Kafka topic.", + "title": "Topics", + "type": "array" + }, + "TumblingWindowInSeconds": { + "markdownDescription": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.", + "title": "TumblingWindowInSeconds", + "type": "number" + } + }, + "required": [ + "FunctionName" + ], + "type": "object" }, - "TimedMetadataPid": { - "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", - "title": "TimedMetadataPid", + "Type": { + "enum": [ + "AWS::Lambda::EventSourceMapping" + ], "type": "string" }, - "TransportStreamId": { - "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", - "title": "TransportStreamId", - "type": "number" - }, - "VideoPid": { - "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", - "title": "VideoPid", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.MaintenanceCreateSettings": { + "AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig": { "additionalProperties": false, "properties": { - "MaintenanceDay": { - "markdownDescription": "Choose one day of the week for maintenance. The chosen day is used for all future maintenance windows.", - "title": "MaintenanceDay", + "ConsumerGroupId": { + "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", + "title": "ConsumerGroupId", "type": "string" }, - "MaintenanceStartTime": { - "markdownDescription": "Choose the hour that maintenance will start. The chosen time is used for all future maintenance windows.", - "title": "MaintenanceStartTime", - "type": "string" + "SchemaRegistryConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", + "markdownDescription": "Specific configuration settings for a Kafka schema registry.", + "title": "SchemaRegistryConfig" } }, "type": "object" }, - "AWS::MediaLive::Channel.MaintenanceUpdateSettings": { + "AWS::Lambda::EventSourceMapping.DestinationConfig": { "additionalProperties": false, "properties": { - "MaintenanceDay": { + "OnFailure": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.OnFailure", + "markdownDescription": "The destination configuration for failed invocations.", + "title": "OnFailure" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig": { + "additionalProperties": false, + "properties": { + "CollectionName": { + "markdownDescription": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.", + "title": "CollectionName", "type": "string" }, - "MaintenanceScheduledDate": { + "DatabaseName": { + "markdownDescription": "The name of the database to consume within the DocumentDB cluster.", + "title": "DatabaseName", "type": "string" }, - "MaintenanceStartTime": { + "FullDocument": { + "markdownDescription": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.", + "title": "FullDocument", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageGroupSettings": { + "AWS::Lambda::EventSourceMapping.Endpoints": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The MediaPackage channel destination.", - "title": "Destination" + "KafkaBootstrapServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", + "title": "KafkaBootstrapServers", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings": { + "AWS::Lambda::EventSourceMapping.Filter": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The ID of the channel in MediaPackage that is the destination for this output group. You don't need to specify the individual inputs in MediaPackage; MediaLive handles the connection of the two MediaLive pipelines to the two MediaPackage inputs. The MediaPackage channel and MediaLive channel must be in the same Region.", - "title": "ChannelId", + "Pattern": { + "markdownDescription": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax) .", + "title": "Pattern", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MediaPackageOutputSettings": { + "AWS::Lambda::EventSourceMapping.FilterCriteria": { "additionalProperties": false, - "properties": {}, + "properties": { + "Filters": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Filter" + }, + "markdownDescription": "A list of filters.", + "title": "Filters", + "type": "array" + } + }, "type": "object" }, - "AWS::MediaLive::Channel.MotionGraphicsConfiguration": { + "AWS::Lambda::EventSourceMapping.MetricsConfig": { "additionalProperties": false, "properties": { - "MotionGraphicsInsertion": { - "markdownDescription": "Enables or disables the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsInsertion", - "type": "string" - }, - "MotionGraphicsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsSettings", - "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", - "title": "MotionGraphicsSettings" + "Metrics": { + "items": { + "type": "string" + }, + "markdownDescription": "The metrics you want your event source mapping to produce. Include `EventCount` to receive event source mapping metrics related to the number of events processed by your event source mapping. For more information about these metrics, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics) .", + "title": "Metrics", + "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.MotionGraphicsSettings": { + "AWS::Lambda::EventSourceMapping.OnFailure": { "additionalProperties": false, "properties": { - "HtmlMotionGraphicsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HtmlMotionGraphicsSettings", - "markdownDescription": "Settings to configure the motion graphics overlay to use an HTML asset.", - "title": "HtmlMotionGraphicsSettings" + "Destination": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", + "title": "Destination", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.Mp2Settings": { + "AWS::Lambda::EventSourceMapping.ProvisionedPollerConfig": { "additionalProperties": false, "properties": { - "Bitrate": { - "markdownDescription": "The average bitrate in bits/second.", - "title": "Bitrate", + "MaximumPollers": { + "markdownDescription": "The maximum number of event pollers this event source can scale up to.", + "title": "MaximumPollers", "type": "number" }, - "CodingMode": { - "markdownDescription": "The MPEG2 Audio coding mode. Valid values are codingMode10 (for mono) or codingMode20 (for stereo).", - "title": "CodingMode", - "type": "string" - }, - "SampleRate": { - "markdownDescription": "The sample rate in Hz.", - "title": "SampleRate", + "MinimumPollers": { + "markdownDescription": "The minimum number of event pollers this event source can scale down to.", + "title": "MinimumPollers", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.Mpeg2FilterSettings": { + "AWS::Lambda::EventSourceMapping.ScalingConfig": { "additionalProperties": false, "properties": { - "TemporalFilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", - "markdownDescription": "Settings for applying the temporal filter to the video.", - "title": "TemporalFilterSettings" + "MaximumConcurrency": { + "markdownDescription": "Limits the number of concurrent instances that the Amazon SQS event source can invoke.", + "title": "MaximumConcurrency", + "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.Mpeg2Settings": { + "AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig": { "additionalProperties": false, "properties": { - "AdaptiveQuantization": { - "markdownDescription": "Choose Off to disable adaptive quantization. Or choose another value to enable the quantizer and set its strength. The strengths are: Auto, Off, Low, Medium, High. When you enable this field, MediaLive allows intra-frame quantizers to vary, which might improve visual quality.", - "title": "AdaptiveQuantization", + "Type": { + "markdownDescription": "The type of authentication Lambda uses to access your schema registry.", + "title": "Type", "type": "string" }, - "AfdSignaling": { - "markdownDescription": "Indicates the AFD values that MediaLive will write into the video encode. If you do not know what AFD signaling is, or if your downstream system has not given you guidance, choose AUTO.\nAUTO: MediaLive will try to preserve the input AFD value (in cases where multiple AFD values are valid).\nFIXED: MediaLive will use the value you specify in fixedAFD.", - "title": "AfdSignaling", + "URI": { + "markdownDescription": "The URI of the secret (Secrets Manager secret ARN) to authenticate with your schema registry.", + "title": "URI", "type": "string" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SchemaRegistryConfig": { + "additionalProperties": false, + "properties": { + "AccessConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryAccessConfig" + }, + "markdownDescription": "An array of access configuration objects that tell Lambda how to authenticate with your schema registry.", + "title": "AccessConfigs", + "type": "array" }, - "ColorMetadata": { - "markdownDescription": "Specifies whether to include the color space metadata. The metadata describes the color space that applies to the video (the colorSpace field). We recommend that you insert the metadata.", - "title": "ColorMetadata", + "EventRecordFormat": { + "markdownDescription": "The record format that Lambda delivers to your function after schema validation.\n\n- Choose `JSON` to have Lambda deliver the record to your function as a standard JSON object.\n- Choose `SOURCE` to have Lambda deliver the record to your function in its original source format. Lambda removes all schema metadata, such as the schema ID, before sending the record to your function.", + "title": "EventRecordFormat", "type": "string" }, - "ColorSpace": { - "markdownDescription": "Choose the type of color space conversion to apply to the output. For detailed information on setting up both the input and the output to obtain the desired color space in the output, see the section on \\\"MediaLive Features - Video - color space\\\" in the MediaLive User Guide.\nPASSTHROUGH: Keep the color space of the input content - do not convert it.\nAUTO:Convert all content that is SD to rec 601, and convert all content that is HD to rec 709.", - "title": "ColorSpace", + "SchemaRegistryURI": { + "markdownDescription": "The URI for your schema registry. The correct URI format depends on the type of schema registry you're using.\n\n- For AWS Glue schema registries, use the ARN of the registry.\n- For Confluent schema registries, use the URL of the registry.", + "title": "SchemaRegistryURI", "type": "string" }, - "DisplayAspectRatio": { - "markdownDescription": "Sets the pixel aspect ratio for the encode.", - "title": "DisplayAspectRatio", + "SchemaValidationConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaValidationConfig" + }, + "markdownDescription": "An array of schema validation configuration objects, which tell Lambda the message attributes you want to validate and filter using your schema registry.", + "title": "SchemaValidationConfigs", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SchemaValidationConfig": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "The attributes you want your schema registry to validate and filter for. If you selected `JSON` as the `EventRecordFormat` , Lambda also deserializes the selected message attributes.", + "title": "Attribute", "type": "string" - }, - "FilterSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2FilterSettings", - "markdownDescription": "Optionally specify a noise reduction filter, which can improve quality of compressed content. If you do not choose a filter, no filter will be applied.\nTEMPORAL: This filter is useful for both source content that is noisy (when it has excessive digital artifacts) and source content that is clean.\nWhen the content is noisy, the filter cleans up the source content before the encoding phase, with these two effects: First, it improves the output video quality because the content has been cleaned up. Secondly, it decreases the bandwidth because MediaLive does not waste bits on encoding noise.\nWhen the content is reasonably clean, the filter tends to decrease the bitrate.", - "title": "FilterSettings" - }, - "FixedAfd": { - "markdownDescription": "Complete this field only when afdSignaling is set to FIXED. Enter the AFD value (4 bits) to write on all frames of the video encode.", - "title": "FixedAfd", + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SelfManagedEventSource": { + "additionalProperties": false, + "properties": { + "Endpoints": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Endpoints", + "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", + "title": "Endpoints" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig": { + "additionalProperties": false, + "properties": { + "ConsumerGroupId": { + "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add) .", + "title": "ConsumerGroupId", "type": "string" }, - "FramerateDenominator": { - "markdownDescription": "description\": \"The framerate denominator. For example, 1001. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", - "title": "FramerateDenominator", - "type": "number" - }, - "FramerateNumerator": { - "markdownDescription": "The framerate numerator. For example, 24000. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", - "title": "FramerateNumerator", - "type": "number" - }, - "GopClosedCadence": { - "markdownDescription": "MPEG2: default is open GOP.", - "title": "GopClosedCadence", - "type": "number" - }, - "GopNumBFrames": { - "markdownDescription": "Relates to the GOP structure. The number of B-frames between reference frames. If you do not know what a B-frame is, use the default.", - "title": "GopNumBFrames", - "type": "number" - }, - "GopSize": { - "markdownDescription": "Relates to the GOP structure. The GOP size (keyframe interval) in the units specified in gopSizeUnits. If you do not know what GOP is, use the default.\nIf gopSizeUnits is frames, then the gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, the gopSize must be greater than 0, but does not need to be an integer.", - "title": "GopSize", - "type": "number" - }, - "GopSizeUnits": { - "markdownDescription": "Relates to the GOP structure. Specifies whether the gopSize is specified in frames or seconds. If you do not plan to change the default gopSize, leave the default. If you specify SECONDS, MediaLive will internally convert the gop size to a frame count.", - "title": "GopSizeUnits", - "type": "string" - }, - "ScanType": { - "markdownDescription": "Set the scan type of the output to PROGRESSIVE or INTERLACED (top field first).", - "title": "ScanType", - "type": "string" - }, - "SubgopLength": { - "markdownDescription": "Relates to the GOP structure. If you do not know what GOP is, use the default.\nFIXED: Set the number of B-frames in each sub-GOP to the value in gopNumBFrames.\nDYNAMIC: Let MediaLive optimize the number of B-frames in each sub-GOP, to improve visual quality.", - "title": "SubgopLength", + "SchemaRegistryConfig": { + "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SchemaRegistryConfig", + "markdownDescription": "Specific configuration settings for a Kafka schema registry.", + "title": "SchemaRegistryConfig" + } + }, + "type": "object" + }, + "AWS::Lambda::EventSourceMapping.SourceAccessConfiguration": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: `\"Type\":\"SASL_SCRAM_512_AUTH\"` .\n\n- `BASIC_AUTH` \u2013 (Amazon MQ) The AWS Secrets Manager secret that stores your broker credentials.\n- `BASIC_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n- `VPC_SUBNET` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n- `VPC_SECURITY_GROUP` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_256_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_512_AUTH` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n- `VIRTUAL_HOST` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n- `CLIENT_CERTIFICATE_TLS_AUTH` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n- `SERVER_ROOT_CA_CERTIFICATE` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.", + "title": "Type", "type": "string" }, - "TimecodeBurninSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", - "markdownDescription": "", - "title": "TimecodeBurninSettings" - }, - "TimecodeInsertion": { - "markdownDescription": "Determines how MediaLive inserts timecodes in the output video. For detailed information about setting up the input and the output for a timecode, see the section on \\\"MediaLive Features - Timecode configuration\\\" in the MediaLive User Guide.\nDISABLED: do not include timecodes.\nGOP_TIMECODE: Include timecode metadata in the GOP header.", - "title": "TimecodeInsertion", + "URI": { + "markdownDescription": "The value for your chosen configuration in `Type` . For example: `\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"` .", + "title": "URI", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MsSmoothGroupSettings": { + "AWS::Lambda::Function": { "additionalProperties": false, "properties": { - "AcquisitionPointId": { - "markdownDescription": "The value of the Acquisition Point Identity element that is used in each message placed in the sparse track. Enabled only if sparseTrackType is not \"none.\"", - "title": "AcquisitionPointId", - "type": "string" - }, - "AudioOnlyTimecodeControl": { - "markdownDescription": "If set to passthrough for an audio-only Microsoft Smooth output, the fragment absolute time is set to the current timecode. This option does not write timecodes to the audio elementary stream.", - "title": "AudioOnlyTimecodeControl", + "Condition": { "type": "string" }, - "CertificateMode": { - "markdownDescription": "If set to verifyAuthenticity, verifies the HTTPS certificate chain to a trusted certificate authority (CA). This causes HTTPS outputs to self-signed certificates to fail.", - "title": "CertificateMode", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying the connection to the IIS server if the connection is lost. Content is cached during this time, and the cache is delivered to the IIS server after the connection is re-established.", - "title": "ConnectionRetryInterval", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The Smooth Streaming publish point on an IIS server. MediaLive acts as a \"Push\" encoder to IIS.", - "title": "Destination" + "Metadata": { + "type": "object" }, - "EventId": { - "markdownDescription": "The Microsoft Smooth channel ID that is sent to the IIS server. Specify the ID only if eventIdMode is set to useConfigured.", - "title": "EventId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Architectures": { + "items": { + "type": "string" + }, + "markdownDescription": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is `x86_64` .", + "title": "Architectures", + "type": "array" + }, + "Code": { + "$ref": "#/definitions/AWS::Lambda::Function.Code", + "markdownDescription": "The code for the function. You can define your function code in multiple ways:\n\n- For .zip deployment packages, you can specify the Amazon S3 location of the .zip file in the `S3Bucket` , `S3Key` , and `S3ObjectVersion` properties.\n- For .zip deployment packages, you can alternatively define the function code inline in the `ZipFile` property. This method works only for Node.js and Python functions.\n- For container images, specify the URI of your container image in the Amazon ECR registry in the `ImageUri` property.", + "title": "Code" + }, + "CodeSigningConfigArn": { + "markdownDescription": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration\nincludes a set of signing profiles, which define the trusted publishers for this function.", + "title": "CodeSigningConfigArn", + "type": "string" + }, + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.DeadLetterConfig", + "markdownDescription": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq) .", + "title": "DeadLetterConfig" + }, + "Description": { + "markdownDescription": "A description of the function.", + "title": "Description", + "type": "string" + }, + "Environment": { + "$ref": "#/definitions/AWS::Lambda::Function.Environment", + "markdownDescription": "Environment variables that are accessible from function code during execution.", + "title": "Environment" + }, + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", + "markdownDescription": "The size of the function's `/tmp` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", + "title": "EphemeralStorage" + }, + "FileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::Lambda::Function.FileSystemConfig" + }, + "markdownDescription": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a `DependsOn` attribute to ensure that the mount target is created or updated before the function.\n\nFor more information about using the `DependsOn` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", + "title": "FileSystemConfigs", + "type": "array" + }, + "FunctionName": { + "markdownDescription": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, AWS CloudFormation generates one.\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "FunctionName", + "type": "string" + }, + "Handler": { + "markdownDescription": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html) .", + "title": "Handler", + "type": "string" + }, + "ImageConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.ImageConfig", + "markdownDescription": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) .", + "title": "ImageConfig" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt the following resources:\n\n- The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption) .\n- The function's [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) snapshots.\n- When used with `SourceKMSKeyArn` , the unzipped version of the .zip deployment package that's used for function invocations. For more information, see [Specifying a customer managed key for Lambda](https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption) .\n- The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see [Function lifecycle](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle) .\n\nIf you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) or an [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", + "title": "KmsKeyArn", + "type": "string" + }, + "Layers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", + "title": "Layers", + "type": "array" + }, + "LoggingConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.LoggingConfig", + "markdownDescription": "The function's Amazon CloudWatch Logs configuration settings.", + "title": "LoggingConfig" + }, + "MemorySize": { + "markdownDescription": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.", + "title": "MemorySize", + "type": "number" + }, + "PackageType": { + "markdownDescription": "The type of deployment package. Set to `Image` for container image and set `Zip` for .zip file archive.", + "title": "PackageType", + "type": "string" + }, + "RecursiveLoop": { + "markdownDescription": "The status of your function's recursive loop detection configuration.\n\nWhen this value is set to `Allow` and Lambda detects your function being invoked as part of a recursive loop, it doesn't take any action.\n\nWhen this value is set to `Terminate` and Lambda detects your function being invoked as part of a recursive loop, it stops your function being invoked and notifies you.", + "title": "RecursiveLoop", + "type": "string" + }, + "ReservedConcurrentExecutions": { + "markdownDescription": "The number of simultaneous executions to reserve for the function.", + "title": "ReservedConcurrentExecutions", + "type": "number" + }, + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the function's execution role.", + "title": "Role", + "type": "string" + }, + "Runtime": { + "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels) .\n\nFor a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported) .", + "title": "Runtime", + "type": "string" + }, + "RuntimeManagementConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.RuntimeManagementConfig", + "markdownDescription": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) .", + "title": "RuntimeManagementConfig" + }, + "SnapStart": { + "$ref": "#/definitions/AWS::Lambda::Function.SnapStart", + "markdownDescription": "The function's [AWS Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", + "title": "SnapStart" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.\n\n> You must have the `lambda:TagResource` , `lambda:UntagResource` , and `lambda:ListTags` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", + "title": "Tags", + "type": "array" + }, + "Timeout": { + "markdownDescription": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) .", + "title": "Timeout", + "type": "number" + }, + "TracingConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.TracingConfig", + "markdownDescription": "Set `Mode` to `Active` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) .", + "title": "TracingConfig" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::Lambda::Function.VpcConfig", + "markdownDescription": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html) .", + "title": "VpcConfig" + } + }, + "required": [ + "Code", + "Role" + ], + "type": "object" }, - "EventIdMode": { - "markdownDescription": "Specifies whether to send a channel ID to the IIS server. If no channel ID is sent and the same channel is used without changing the publishing point, clients might see cached video from the previous run. Options: - \"useConfigured\" - use the value provided in eventId - \"useTimestamp\" - generate and send a channel ID based on the current timestamp - \"noEventId\" - do not send a channel ID to the IIS server.", - "title": "EventIdMode", + "Type": { + "enum": [ + "AWS::Lambda::Function" + ], "type": "string" }, - "EventStopBehavior": { - "markdownDescription": "When set to sendEos, sends an EOS signal to an IIS server when stopping the channel.", - "title": "EventStopBehavior", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "FilecacheDuration": { - "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", - "title": "FilecacheDuration", - "type": "number" - }, - "FragmentLength": { - "markdownDescription": "The length, in seconds, of mp4 fragments to generate. The fragment length must be compatible with GOP size and frame rate.", - "title": "FragmentLength", - "type": "number" - }, - "InputLossAction": { - "markdownDescription": "A parameter that controls output group behavior on an input loss.", - "title": "InputLossAction", + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Lambda::Function.Code": { + "additionalProperties": false, + "properties": { + "ImageUri": { + "markdownDescription": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.", + "title": "ImageUri", "type": "string" }, - "NumRetries": { - "markdownDescription": "The number of retry attempts.", - "title": "NumRetries", - "type": "number" - }, - "RestartDelay": { - "markdownDescription": "The number of seconds before initiating a restart due to output failure, due to exhausting the numRetries on one segment, or exceeding filecacheDuration.", - "title": "RestartDelay", - "type": "number" - }, - "SegmentationMode": { - "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", - "title": "SegmentationMode", + "S3Bucket": { + "markdownDescription": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account .", + "title": "S3Bucket", "type": "string" }, - "SendDelayMs": { - "markdownDescription": "The number of milliseconds to delay the output from the second pipeline.", - "title": "SendDelayMs", - "type": "number" - }, - "SparseTrackType": { - "markdownDescription": "If set to scte35, uses incoming SCTE-35 messages to generate a sparse track in this group of Microsoft Smooth outputs.", - "title": "SparseTrackType", + "S3Key": { + "markdownDescription": "The Amazon S3 key of the deployment package.", + "title": "S3Key", "type": "string" }, - "StreamManifestBehavior": { - "markdownDescription": "When set to send, sends a stream manifest so that the publishing point doesn't start until all streams start.", - "title": "StreamManifestBehavior", + "S3ObjectVersion": { + "markdownDescription": "For versioned objects, the version of the deployment package object to use.", + "title": "S3ObjectVersion", "type": "string" }, - "TimestampOffset": { - "markdownDescription": "The timestamp offset for the channel. Used only if timestampOffsetMode is set to useConfiguredOffset.", - "title": "TimestampOffset", + "SourceKMSKeyArn": { + "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt your function's .zip deployment package. If you don't provide a customer managed key, Lambda uses an [AWS owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) .", + "title": "SourceKMSKeyArn", "type": "string" }, - "TimestampOffsetMode": { - "markdownDescription": "The type of timestamp date offset to use. - useEventStartDate: Use the date the channel was started as the offset - useConfiguredOffset: Use an explicitly configured date as the offset.", - "title": "TimestampOffsetMode", + "ZipFile": { + "markdownDescription": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named `index` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) . This zip file cannot exceed 4MB. For the `Handler` property, the first part of the handler identifier must be `index` . For example, `index.handler` .\n\n> When you specify source code inline for a Node.js function, the `index` file that AWS CloudFormation creates uses the extension `.js` . This means that Lambda treats the file as a CommonJS module. ES modules aren't supported for inline functions. \n\nFor JSON, you must escape quotes and special characters such as newline ( `\\n` ) with a backslash.\n\nIf you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( [cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html) ) that simplifies sending responses. See [Using AWS Lambda with AWS CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.", + "title": "ZipFile", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MsSmoothOutputSettings": { + "AWS::Lambda::Function.DeadLetterConfig": { "additionalProperties": false, "properties": { - "H265PackagingType": { - "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", - "title": "H265PackagingType", - "type": "string" - }, - "NameModifier": { - "markdownDescription": "A string that is concatenated to the end of the destination file name. This is required for multiple outputs of the same type.", - "title": "NameModifier", + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", + "title": "TargetArn", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.MultiplexGroupSettings": { + "AWS::Lambda::Function.Environment": { "additionalProperties": false, - "properties": {}, + "properties": { + "Variables": { + "additionalProperties": true, + "markdownDescription": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html) .\n\nIf the value of the environment variable is a time or a duration, enclose the value in quotes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Variables", + "type": "object" + } + }, "type": "object" }, - "AWS::MediaLive::Channel.MultiplexOutputSettings": { + "AWS::Lambda::Function.EphemeralStorage": { "additionalProperties": false, "properties": { - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "Destination is a Multiplex.", - "title": "Destination" + "Size": { + "markdownDescription": "The size of the function's `/tmp` directory.", + "title": "Size", + "type": "number" } }, + "required": [ + "Size" + ], "type": "object" }, - "AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings": { + "AWS::Lambda::Function.FileSystemConfig": { "additionalProperties": false, "properties": { - "MultiplexId": { - "markdownDescription": "The ID of the Multiplex that the encoder is providing output to. You do not need to specify the individual inputs to the Multiplex; MediaLive will handle the connection of the two MediaLive pipelines to the two Multiplex instances.\nThe Multiplex must be in the same region as the Channel.", - "title": "MultiplexId", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.", + "title": "Arn", "type": "string" }, - "ProgramName": { - "markdownDescription": "The program name of the Multiplex program that the encoder is providing output to.", - "title": "ProgramName", + "LocalMountPath": { + "markdownDescription": "The path where the function can access the file system, starting with `/mnt/` .", + "title": "LocalMountPath", "type": "string" } }, + "required": [ + "Arn", + "LocalMountPath" + ], "type": "object" }, - "AWS::MediaLive::Channel.NetworkInputSettings": { + "AWS::Lambda::Function.ImageConfig": { "additionalProperties": false, "properties": { - "HlsInputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsInputSettings", - "markdownDescription": "Information about how to connect to the upstream system.", - "title": "HlsInputSettings" + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.", + "title": "Command", + "type": "array" }, - "ServerValidation": { - "markdownDescription": "Checks HTTPS server certificates. When set to checkCryptographyOnly, cryptography in the certificate is checked, but not the server's name. Certain subdomains (notably S3 buckets that use dots in the bucket name) don't strictly match the corresponding certificate's wildcard pattern and would otherwise cause the channel to error. This setting is ignored for protocols that do not use HTTPS.", - "title": "ServerValidation", + "EntryPoint": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.", + "title": "EntryPoint", + "type": "array" + }, + "WorkingDirectory": { + "markdownDescription": "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.", + "title": "WorkingDirectory", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.NielsenCBET": { + "AWS::Lambda::Function.LoggingConfig": { "additionalProperties": false, "properties": { - "CbetCheckDigitString": { - "markdownDescription": "Enter the CBET check digits to use in the watermark.", - "title": "CbetCheckDigitString", + "ApplicationLogLevel": { + "markdownDescription": "Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where `TRACE` is the highest level and `FATAL` is the lowest.", + "title": "ApplicationLogLevel", "type": "string" }, - "CbetStepaside": { - "markdownDescription": "Determines the method of CBET insertion mode when prior encoding is detected on the same layer.", - "title": "CbetStepaside", + "LogFormat": { + "markdownDescription": "The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON.", + "title": "LogFormat", "type": "string" }, - "Csid": { - "markdownDescription": "Enter the CBET Source ID (CSID) to use in the watermark", - "title": "Csid", + "LogGroup": { + "markdownDescription": "The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named `/aws/lambda/` . To use a different log group, enter an existing log group or enter a new log group name.", + "title": "LogGroup", + "type": "string" + }, + "SystemLogLevel": { + "markdownDescription": "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where `DEBUG` is the highest level and `WARN` is the lowest.", + "title": "SystemLogLevel", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.NielsenConfiguration": { + "AWS::Lambda::Function.RuntimeManagementConfig": { "additionalProperties": false, "properties": { - "DistributorId": { - "markdownDescription": "Enter the Distributor ID assigned to your organization by Nielsen.", - "title": "DistributorId", + "RuntimeVersionArn": { + "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", + "title": "RuntimeVersionArn", "type": "string" }, - "NielsenPcmToId3Tagging": { - "markdownDescription": "Enables Nielsen PCM to ID3 tagging", - "title": "NielsenPcmToId3Tagging", + "UpdateRuntimeOn": { + "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", + "title": "UpdateRuntimeOn", "type": "string" } }, + "required": [ + "UpdateRuntimeOn" + ], "type": "object" }, - "AWS::MediaLive::Channel.NielsenNaesIiNw": { + "AWS::Lambda::Function.SnapStart": { "additionalProperties": false, "properties": { - "CheckDigitString": { - "markdownDescription": "Enter the check digit string for the watermark", - "title": "CheckDigitString", - "type": "string" - }, - "Sid": { - "markdownDescription": "Enter the Nielsen Source ID (SID) to include in the watermark", - "title": "Sid", - "type": "number" - }, - "Timezone": { - "markdownDescription": "", - "title": "Timezone", + "ApplyOn": { + "markdownDescription": "Set `ApplyOn` to `PublishedVersions` to create a snapshot of the initialized execution environment when you publish a function version.", + "title": "ApplyOn", "type": "string" } }, + "required": [ + "ApplyOn" + ], "type": "object" }, - "AWS::MediaLive::Channel.NielsenWatermarksSettings": { + "AWS::Lambda::Function.SnapStartResponse": { "additionalProperties": false, "properties": { - "NielsenCbetSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenCBET", - "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen CBET", - "title": "NielsenCbetSettings" - }, - "NielsenDistributionType": { - "markdownDescription": "Choose the distribution types that you want to assign to the watermarks:\n- PROGRAM_CONTENT\n- FINAL_DISTRIBUTOR", - "title": "NielsenDistributionType", + "ApplyOn": { + "markdownDescription": "When set to `PublishedVersions` , Lambda creates a snapshot of the execution environment when you publish a function version.", + "title": "ApplyOn", "type": "string" }, - "NielsenNaesIiNwSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenNaesIiNw", - "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen NAES II (N2) and Nielsen NAES VI (NW).", - "title": "NielsenNaesIiNwSettings" + "OptimizationStatus": { + "markdownDescription": "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using) , this response element indicates whether SnapStart is activated for the specified function version.", + "title": "OptimizationStatus", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.Output": { + "AWS::Lambda::Function.TracingConfig": { "additionalProperties": false, "properties": { - "AudioDescriptionNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the audio descriptions that are used as audio sources for this output.", - "title": "AudioDescriptionNames", - "type": "array" - }, - "CaptionDescriptionNames": { - "items": { - "type": "string" - }, - "markdownDescription": "The names of the caption descriptions that are used as captions sources for this output.", - "title": "CaptionDescriptionNames", - "type": "array" - }, - "OutputName": { - "markdownDescription": "The name that is used to identify an output.", - "title": "OutputName", - "type": "string" - }, - "OutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputSettings", - "markdownDescription": "The output type-specific settings.", - "title": "OutputSettings" - }, - "VideoDescriptionName": { - "markdownDescription": "The name of the VideoDescription that is used as the source for this output.", - "title": "VideoDescriptionName", + "Mode": { + "markdownDescription": "The tracing mode.", + "title": "Mode", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Channel.OutputDestination": { + "AWS::Lambda::Function.VpcConfig": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The ID for this destination.", - "title": "Id", - "type": "string" + "Ipv6AllowedForDualStack": { + "markdownDescription": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.", + "title": "Ipv6AllowedForDualStack", + "type": "boolean" }, - "MediaPackageSettings": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings" + "type": "string" }, - "markdownDescription": "The destination settings for a MediaPackage output.", - "title": "MediaPackageSettings", + "markdownDescription": "A list of VPC security group IDs.", + "title": "SecurityGroupIds", "type": "array" }, - "MultiplexSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings", - "markdownDescription": "Destination settings for a Multiplex output; one destination for both encoders.", - "title": "MultiplexSettings" - }, - "Settings": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestinationSettings" + "type": "string" }, - "markdownDescription": "The destination settings for an output.", - "title": "Settings", + "markdownDescription": "A list of VPC subnet IDs.", + "title": "SubnetIds", "type": "array" } }, "type": "object" }, - "AWS::MediaLive::Channel.OutputDestinationSettings": { + "AWS::Lambda::LayerVersion": { "additionalProperties": false, "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This password parameter applies only if the downstream system requires credentials.", - "title": "PasswordParam", + "Condition": { "type": "string" }, - "StreamName": { - "markdownDescription": "The stream name for the content. This applies only to RTMP outputs.", - "title": "StreamName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Url": { - "markdownDescription": "The URL for the destination.", - "title": "Url", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CompatibleArchitectures": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .", + "title": "CompatibleArchitectures", + "type": "array" + }, + "CompatibleRuntimes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .", + "title": "CompatibleRuntimes", + "type": "array" + }, + "Content": { + "$ref": "#/definitions/AWS::Lambda::LayerVersion.Content", + "markdownDescription": "The function layer archive.", + "title": "Content" + }, + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", + "type": "string" + }, + "LayerName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", + "title": "LayerName", + "type": "string" + }, + "LicenseInfo": { + "markdownDescription": "The layer's software license. It can be any of the following:\n\n- An [SPDX license identifier](https://docs.aws.amazon.com/https://spdx.org/licenses/) . For example, `MIT` .\n- The URL of a license hosted on the internet. For example, `https://opensource.org/licenses/MIT` .\n- The full text of the license.", + "title": "LicenseInfo", + "type": "string" + } + }, + "required": [ + "Content" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Lambda::LayerVersion" + ], "type": "string" }, - "Username": { - "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", - "title": "Username", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputGroup": { + "AWS::Lambda::LayerVersion.Content": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A custom output group name that you can optionally define. Only letters, numbers, and the underscore character are allowed. The maximum length is 32 characters.", - "title": "Name", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket of the layer archive.", + "title": "S3Bucket", "type": "string" }, - "OutputGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroupSettings", - "markdownDescription": "The settings associated with the output group.", - "title": "OutputGroupSettings" + "S3Key": { + "markdownDescription": "The Amazon S3 key of the layer archive.", + "title": "S3Key", + "type": "string" }, - "Outputs": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Output" - }, - "markdownDescription": "The settings for the outputs in the output group.", - "title": "Outputs", - "type": "array" + "S3ObjectVersion": { + "markdownDescription": "For versioned objects, the version of the layer archive object to use.", + "title": "S3ObjectVersion", + "type": "string" } }, + "required": [ + "S3Bucket", + "S3Key" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputGroupSettings": { + "AWS::Lambda::LayerVersionPermission": { "additionalProperties": false, "properties": { - "ArchiveGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveGroupSettings", - "markdownDescription": "The configuration of an archive output group.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "ArchiveGroupSettings" - }, - "CmafIngestGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestGroupSettings", - "markdownDescription": "", - "title": "CmafIngestGroupSettings" - }, - "FrameCaptureGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureGroupSettings", - "markdownDescription": "The configuration of a frame capture output group.", - "title": "FrameCaptureGroupSettings" - }, - "HlsGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsGroupSettings", - "markdownDescription": "The configuration of an HLS output group.", - "title": "HlsGroupSettings" + "Condition": { + "type": "string" }, - "MediaPackageGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageGroupSettings", - "markdownDescription": "The configuration of a MediaPackage output group.", - "title": "MediaPackageGroupSettings" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MsSmoothGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothGroupSettings", - "markdownDescription": "The configuration of a Microsoft Smooth output group.", - "title": "MsSmoothGroupSettings" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MultiplexGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexGroupSettings", - "markdownDescription": "The settings for a Multiplex output group.", - "title": "MultiplexGroupSettings" + "Metadata": { + "type": "object" }, - "RtmpGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpGroupSettings", - "markdownDescription": "The configuration of an RTMP output group.", - "title": "RtmpGroupSettings" + "Properties": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The API action that grants access to the layer. For example, `lambda:GetLayerVersion` .", + "title": "Action", + "type": "string" + }, + "LayerVersionArn": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", + "title": "LayerVersionArn", + "type": "string" + }, + "OrganizationId": { + "markdownDescription": "With the principal set to `*` , grant permission to all accounts in the specified organization.", + "title": "OrganizationId", + "type": "string" + }, + "Principal": { + "markdownDescription": "An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified). For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Action", + "LayerVersionArn", + "Principal" + ], + "type": "object" }, - "UdpGroupSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpGroupSettings", - "markdownDescription": "The configuration of a UDP output group.", - "title": "UdpGroupSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.OutputLocationRef": { - "additionalProperties": false, - "properties": { - "DestinationRefId": { - "markdownDescription": "A reference ID for this destination.", - "title": "DestinationRefId", + "Type": { + "enum": [ + "AWS::Lambda::LayerVersionPermission" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.OutputLockingSettings": { - "additionalProperties": false, - "properties": { - "EpochLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.EpochLockingSettings", - "markdownDescription": "", - "title": "EpochLockingSettings" }, - "PipelineLockingSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.PipelineLockingSettings", - "markdownDescription": "", - "title": "PipelineLockingSettings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.OutputSettings": { + "AWS::Lambda::Permission": { "additionalProperties": false, "properties": { - "ArchiveOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveOutputSettings", - "markdownDescription": "The settings for an archive output.", - "title": "ArchiveOutputSettings" - }, - "CmafIngestOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestOutputSettings", - "markdownDescription": "", - "title": "CmafIngestOutputSettings" - }, - "FrameCaptureOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureOutputSettings", - "markdownDescription": "The settings for a frame capture output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "FrameCaptureOutputSettings" + "Condition": { + "type": "string" }, - "HlsOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.HlsOutputSettings", - "markdownDescription": "The settings for an HLS output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "HlsOutputSettings" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MediaPackageOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputSettings", - "markdownDescription": "The settings for a MediaPackage output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "MediaPackageOutputSettings" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MsSmoothOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothOutputSettings", - "markdownDescription": "The settings for a Microsoft Smooth output.", - "title": "MsSmoothOutputSettings" + "Metadata": { + "type": "object" }, - "MultiplexOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexOutputSettings", - "markdownDescription": "Configuration of a Multiplex output.", - "title": "MultiplexOutputSettings" + "Properties": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action that the principal can use on the function. For example, `lambda:InvokeFunction` or `lambda:GetFunction` .", + "title": "Action", + "type": "string" + }, + "EventSourceToken": { + "markdownDescription": "For Alexa Smart Home functions, a token that the invoker must supply.", + "title": "EventSourceToken", + "type": "string" + }, + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function, version, or alias.\n\n**Name formats** - *Function name* \u2013 `my-function` (name-only), `my-function:v1` (with alias).\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:my-function` .\n- *Partial ARN* \u2013 `123456789012:function:my-function` .\n\nYou can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", + "type": "string" + }, + "FunctionUrlAuthType": { + "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", + "title": "FunctionUrlAuthType", + "type": "string" + }, + "Principal": { + "markdownDescription": "The AWS service , AWS account , IAM user, or IAM role that invokes the function. If you specify a service, use `SourceArn` or `SourceAccount` to limit who can invoke the function through that service.", + "title": "Principal", + "type": "string" + }, + "PrincipalOrgID": { + "markdownDescription": "The identifier for your organization in AWS Organizations . Use this to grant permissions to all the AWS accounts under this organization.", + "title": "PrincipalOrgID", + "type": "string" + }, + "SourceAccount": { + "markdownDescription": "For AWS service , the ID of the AWS account that owns the resource. Use this together with `SourceArn` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.", + "title": "SourceAccount", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "For AWS services , the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n\nNote that Lambda configures the comparison using the `StringLike` operator.", + "title": "SourceArn", + "type": "string" + } + }, + "required": [ + "Action", + "FunctionName", + "Principal" + ], + "type": "object" }, - "RtmpOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpOutputSettings", - "markdownDescription": "The settings for an RTMP output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "RtmpOutputSettings" + "Type": { + "enum": [ + "AWS::Lambda::Permission" + ], + "type": "string" }, - "UdpOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpOutputSettings", - "markdownDescription": "The settings for a UDP output.\n\nThe parent of this entity is OutputGroupSettings.", - "title": "UdpOutputSettings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.PassThroughSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.PipelineLockingSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RawSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Rec601Settings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Rec709Settings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RemixSettings": { + "AWS::Lambda::Url": { "additionalProperties": false, "properties": { - "ChannelMappings": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Channel.AudioChannelMapping" - }, - "markdownDescription": "A mapping of input channels to output channels, with appropriate gain adjustments.", - "title": "ChannelMappings", - "type": "array" + "Condition": { + "type": "string" }, - "ChannelsIn": { - "markdownDescription": "The number of input channels to be used.", - "title": "ChannelsIn", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ChannelsOut": { - "markdownDescription": "The number of output channels to be produced. Valid values: 1, 2, 4, 6, 8.", - "title": "ChannelsOut", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.RtmpGroupSettings": { - "additionalProperties": false, - "properties": { - "AdMarkers": { - "items": { - "type": "string" - }, - "markdownDescription": "Choose the ad marker type for this output group. MediaLive will create a message based on the content of each SCTE-35 message, format it for that marker type, and insert it in the datastream.", - "title": "AdMarkers", - "type": "array" - }, - "AuthenticationScheme": { - "markdownDescription": "An authentication scheme to use when connecting with a CDN.", - "title": "AuthenticationScheme", - "type": "string" - }, - "CacheFullBehavior": { - "markdownDescription": "Controls behavior when the content cache fills up. If a remote origin server stalls the RTMP connection and doesn't accept content fast enough, the media cache fills up. When the cache reaches the duration specified by cacheLength, the cache stops accepting new content. If set to disconnectImmediately, the RTMP output forces a disconnect. Clear the media cache, and reconnect after restartDelay seconds. If set to waitForServer, the RTMP output waits up to 5 minutes to allow the origin server to begin accepting data again.", - "title": "CacheFullBehavior", - "type": "string" - }, - "CacheLength": { - "markdownDescription": "The cache length, in seconds, that is used to calculate buffer size.", - "title": "CacheLength", - "type": "number" - }, - "CaptionData": { - "markdownDescription": "Controls the types of data that pass to onCaptionInfo outputs. If set to all, 608 and 708 carried DTVCC data is passed. If set to field1AndField2608, DTVCC data is stripped out, but 608 data from both fields is passed. If set to field1608, only the data carried in 608 from field 1 video is passed.", - "title": "CaptionData", - "type": "string" - }, - "IncludeFillerNalUnits": { - "markdownDescription": "", - "title": "IncludeFillerNalUnits", - "type": "string" - }, - "InputLossAction": { - "markdownDescription": "Controls the behavior of this RTMP group if the input becomes unavailable. emitOutput: Emit a slate until the input returns. pauseOutput: Stop transmitting data until the input returns. This does not close the underlying RTMP connection.", - "title": "InputLossAction", - "type": "string" - }, - "RestartDelay": { - "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", - "title": "RestartDelay", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.RtmpOutputSettings": { - "additionalProperties": false, - "properties": { - "CertificateMode": { - "markdownDescription": "If set to verifyAuthenticity, verifies the TLS certificate chain to a trusted certificate authority (CA). This causes RTMPS outputs with self-signed certificates to fail.", - "title": "CertificateMode", - "type": "string" - }, - "ConnectionRetryInterval": { - "markdownDescription": "The number of seconds to wait before retrying a connection to the Flash Media server if the connection is lost.", - "title": "ConnectionRetryInterval", - "type": "number" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The RTMP endpoint excluding the stream name (for example, rtmp://host/appname).", - "title": "Destination" - }, - "NumRetries": { - "markdownDescription": "The number of retry attempts.", - "title": "NumRetries", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte20SourceSettings": { - "additionalProperties": false, - "properties": { - "Convert608To708": { - "markdownDescription": "If upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. Any 708 data present in the source content is discarded.", - "title": "Convert608To708", - "type": "string" - }, - "Source608ChannelNumber": { - "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions.", - "title": "Source608ChannelNumber", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte27DestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte27SourceSettings": { - "additionalProperties": false, - "properties": { - "OcrLanguage": { - "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", - "title": "OcrLanguage", - "type": "string" - }, - "Pid": { - "markdownDescription": "The PID field is used in conjunction with the captions selector languageCode field as follows: Specify PID and Language: Extracts captions from that PID; the language is \"informational.\" Specify PID and omit Language: Extracts the specified PID. Omit PID and specify Language: Extracts the specified language, whichever PID that happens to be. Omit PID and omit Language: Valid only if source is DVB-Sub that is being passed through; all languages are passed through.", - "title": "Pid", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte35SpliceInsert": { - "additionalProperties": false, - "properties": { - "AdAvailOffset": { - "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", - "title": "AdAvailOffset", - "type": "number" - }, - "NoRegionalBlackoutFlag": { - "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "NoRegionalBlackoutFlag", - "type": "string" - }, - "WebDeliveryAllowedFlag": { - "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "WebDeliveryAllowedFlag", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.Scte35TimeSignalApos": { - "additionalProperties": false, - "properties": { - "AdAvailOffset": { - "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", - "title": "AdAvailOffset", - "type": "number" - }, - "NoRegionalBlackoutFlag": { - "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "NoRegionalBlackoutFlag", - "type": "string" - }, - "WebDeliveryAllowedFlag": { - "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", - "title": "WebDeliveryAllowedFlag", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.SmpteTtDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.StandardHlsSettings": { - "additionalProperties": false, - "properties": { - "AudioRenditionSets": { - "markdownDescription": "Lists all the audio groups that are used with the video output stream. This inputs all the audio GROUP-IDs that are associated with the video, separated by a comma (,).", - "title": "AudioRenditionSets", - "type": "string" - }, - "M3u8Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M3u8Settings", - "markdownDescription": "Settings for the M3U8 container.", - "title": "M3u8Settings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.StaticKeySettings": { - "additionalProperties": false, - "properties": { - "KeyProviderServer": { - "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", - "markdownDescription": "The URL of the license server that is used for protecting content.", - "title": "KeyProviderServer" - }, - "StaticKeyValue": { - "markdownDescription": "The static key value as a 32 character hexadecimal string.", - "title": "StaticKeyValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TeletextDestinationSettings": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::MediaLive::Channel.TeletextSourceSettings": { - "additionalProperties": false, - "properties": { - "OutputRectangle": { - "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionRectangle", - "markdownDescription": "Settings to configure the caption rectangle for an output captions that will be created using this Teletext source captions.", - "title": "OutputRectangle" - }, - "PageNumber": { - "markdownDescription": "Specifies the Teletext page number within the data stream from which to extract captions. The range is 0x100 (256) to 0x8FF (2303). This is unused for passthrough. It should be specified as a hexadecimal string with no \"0x\" prefix.", - "title": "PageNumber", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TemporalFilterSettings": { - "additionalProperties": false, - "properties": { - "PostFilterSharpening": { - "markdownDescription": "If you enable this filter, the results are the following:\n- If the source content is noisy (it contains excessive digital artifacts), the filter cleans up the source.\n- If the source content is already clean, the filter tends to decrease the bitrate, especially when the rate control mode is QVBR.", - "title": "PostFilterSharpening", - "type": "string" - }, - "Strength": { - "markdownDescription": "Choose a filter strength. We recommend a strength of 1 or 2. A higher strength might take out good information, resulting in an image that is overly soft.", - "title": "Strength", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.ThumbnailConfiguration": { - "additionalProperties": false, - "properties": { - "State": { - "markdownDescription": "", - "title": "State", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TimecodeBurninSettings": { - "additionalProperties": false, - "properties": { - "FontSize": { - "markdownDescription": "", - "title": "FontSize", - "type": "string" - }, - "Position": { - "markdownDescription": "", - "title": "Position", - "type": "string" - }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TimecodeConfig": { - "additionalProperties": false, - "properties": { - "Source": { - "markdownDescription": "Identifies the source for the timecode that will be associated with the channel outputs. Embedded (embedded): Initialize the output timecode with timecode from the source. If no embedded timecode is detected in the source, the system falls back to using \"Start at 0\" (zerobased). System Clock (systemclock): Use the UTC time. Start at 0 (zerobased): The time of the first frame of the channel will be 00:00:00:00.", - "title": "Source", - "type": "string" - }, - "SyncThreshold": { - "markdownDescription": "The threshold in frames beyond which output timecode is resynchronized to the input timecode. Discrepancies below this threshold are permitted to avoid unnecessary discontinuities in the output timecode. There is no timecode sync when this is not specified.", - "title": "SyncThreshold", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.TtmlDestinationSettings": { - "additionalProperties": false, - "properties": { - "StyleControl": { - "markdownDescription": "When set to passthrough, passes through style and position information from a TTML-like input source (TTML, SMPTE-TT, CFF-TT) to the CFF-TT output or TTML output.", - "title": "StyleControl", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.UdpContainerSettings": { - "additionalProperties": false, - "properties": { - "M2tsSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", - "markdownDescription": "The M2TS configuration for this UDP output.", - "title": "M2tsSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.UdpGroupSettings": { - "additionalProperties": false, - "properties": { - "InputLossAction": { - "markdownDescription": "Specifies the behavior of the last resort when the input video is lost, and no more backup inputs are available. When dropTs is selected, the entire transport stream stops emitting. When dropProgram is selected, the program can be dropped from the transport stream (and replaced with null packets to meet the TS bitrate requirement). Or when emitProgram is selected, the transport stream continues to be produced normally with repeat frames, black frames, or slate frames substituted for the absent input video.", - "title": "InputLossAction", - "type": "string" - }, - "TimedMetadataId3Frame": { - "markdownDescription": "Indicates the ID3 frame that has the timecode.", - "title": "TimedMetadataId3Frame", - "type": "string" - }, - "TimedMetadataId3Period": { - "markdownDescription": "The timed metadata interval in seconds.", - "title": "TimedMetadataId3Period", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.UdpOutputSettings": { - "additionalProperties": false, - "properties": { - "BufferMsec": { - "markdownDescription": "The UDP output buffering in milliseconds. Larger values increase latency through the transcoder but simultaneously assist the transcoder in maintaining a constant, low-jitter UDP/RTP output while accommodating clock recovery, input switching, input disruptions, picture reordering, and so on.", - "title": "BufferMsec", - "type": "number" - }, - "ContainerSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", - "markdownDescription": "The settings for the UDP output.", - "title": "ContainerSettings" - }, - "Destination": { - "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", - "markdownDescription": "The destination address and port number for RTP or UDP packets. These can be unicast or multicast RTP or UDP (for example, rtp://239.10.10.10:5001 or udp://10.100.100.100:5002).", - "title": "Destination" - }, - "FecOutputSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FecOutputSettings", - "markdownDescription": "The settings for enabling and adjusting Forward Error Correction on UDP outputs.", - "title": "FecOutputSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoBlackFailoverSettings": { - "additionalProperties": false, - "properties": { - "BlackDetectThreshold": { - "markdownDescription": "A value used in calculating the threshold below which MediaLive considers a pixel to be 'black'. For the input to be considered black, every pixel in a frame must be below this threshold. The threshold is calculated as a percentage (expressed as a decimal) of white. Therefore .1 means 10% white (or 90% black). Note how the formula works for any color depth. For example, if you set this field to 0.1 in 10-bit color depth: (1023*0.1=102.3), which means a pixel value of 102 or less is 'black'. If you set this field to .1 in an 8-bit color depth: (255*0.1=25.5), which means a pixel value of 25 or less is 'black'. The range is 0.0 to 1.0, with any number of decimal places.", - "title": "BlackDetectThreshold", - "type": "number" - }, - "VideoBlackThresholdMsec": { - "markdownDescription": "The amount of time (in milliseconds) that the active input must be black before automatic input failover occurs.", - "title": "VideoBlackThresholdMsec", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoCodecSettings": { - "additionalProperties": false, - "properties": { - "FrameCaptureSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureSettings", - "markdownDescription": "The settings for the video codec in a frame capture output.", - "title": "FrameCaptureSettings" - }, - "H264Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H264Settings", - "markdownDescription": "The settings for the H.264 codec in the output.", - "title": "H264Settings" - }, - "H265Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.H265Settings", - "markdownDescription": "Settings for video encoded with the H265 codec.", - "title": "H265Settings" - }, - "Mpeg2Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2Settings", - "markdownDescription": "Settings for video encoded with the MPEG-2 codec.", - "title": "Mpeg2Settings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoDescription": { - "additionalProperties": false, - "properties": { - "CodecSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoCodecSettings", - "markdownDescription": "The video codec settings.", - "title": "CodecSettings" - }, - "Height": { - "markdownDescription": "The output video height, in pixels. This must be an even number. For most codecs, you can keep this field and width blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", - "title": "Height", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of this VideoDescription. Outputs use this name to uniquely identify this description. Description names should be unique within this channel.", - "title": "Name", - "type": "string" - }, - "RespondToAfd": { - "markdownDescription": "Indicates how to respond to the AFD values in the input stream. RESPOND causes input video to be clipped, depending on the AFD value, input display aspect ratio, and output display aspect ratio, and (except for the FRAMECAPTURE codec) includes the values in the output. PASSTHROUGH (does not apply to FRAMECAPTURE codec) ignores the AFD values and includes the values in the output, so input video is not clipped. NONE ignores the AFD values and does not include the values through to the output, so input video is not clipped.", - "title": "RespondToAfd", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ScalingBehavior": { - "markdownDescription": "STRETCHTOOUTPUT configures the output position to stretch the video to the specified output resolution (height and width). This option overrides any position value. DEFAULT might insert black boxes (pillar boxes or letter boxes) around the video to provide the specified output resolution.", - "title": "ScalingBehavior", - "type": "string" + "Metadata": { + "type": "object" }, - "Sharpness": { - "markdownDescription": "Changes the strength of the anti-alias filter used for scaling. 0 is the softest setting, and 100 is the sharpest. We recommend a setting of 50 for most content.", - "title": "Sharpness", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", + "title": "AuthType", + "type": "string" + }, + "Cors": { + "$ref": "#/definitions/AWS::Lambda::Url.Cors", + "markdownDescription": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.", + "title": "Cors" + }, + "InvokeMode": { + "markdownDescription": "Use one of the following options:\n\n- `BUFFERED` \u2013 This is the default option. Lambda invokes your function using the `Invoke` API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.\n- `RESPONSE_STREAM` \u2013 Your function streams payload results as they become available. Lambda invokes your function using the `InvokeWithResponseStream` API operation. The maximum response payload size is 20 MB, however, you can [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) .", + "title": "InvokeMode", + "type": "string" + }, + "Qualifier": { + "markdownDescription": "The alias name.", + "title": "Qualifier", + "type": "string" + }, + "TargetFunctionArn": { + "markdownDescription": "The name of the Lambda function.\n\n**Name formats** - *Function name* - `my-function` .\n- *Function ARN* - `lambda: : :function:my-function` .\n- *Partial ARN* - `:function:my-function` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "TargetFunctionArn", + "type": "string" + } + }, + "required": [ + "AuthType", + "TargetFunctionArn" + ], + "type": "object" }, - "Width": { - "markdownDescription": "The output video width, in pixels. It must be an even number. For most codecs, you can keep this field and height blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", - "title": "Width", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelector": { - "additionalProperties": false, - "properties": { - "ColorSpace": { - "markdownDescription": "Specifies the color space of an input. This setting works in tandem with colorSpaceConversion to determine if MediaLive will perform any conversion.", - "title": "ColorSpace", + "Type": { + "enum": [ + "AWS::Lambda::Url" + ], "type": "string" }, - "ColorSpaceSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings", - "markdownDescription": "Settings to configure color space settings in the incoming video.", - "title": "ColorSpaceSettings" - }, - "ColorSpaceUsage": { - "markdownDescription": "Applies only if colorSpace is a value other than Follow. This field controls how the value in the colorSpace field is used. Fallback means that when the input does include color space data, that data is used, but when the input has no color space data, the value in colorSpace is used. Choose fallback if your input is sometimes missing color space data, but when it does have color space data, that data is correct. Force means to always use the value in colorSpace. Choose force if your input usually has no color space data or might have unreliable color space data.", - "title": "ColorSpaceUsage", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "SelectorSettings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorSettings", - "markdownDescription": "Information about the video to select from the content.", - "title": "SelectorSettings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings": { - "additionalProperties": false, - "properties": { - "Hdr10Settings": { - "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", - "markdownDescription": "Settings to configure color space settings in the incoming video.", - "title": "Hdr10Settings" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelectorPid": { - "additionalProperties": false, - "properties": { - "Pid": { - "markdownDescription": "Selects a specific PID from within a video source.", - "title": "Pid", - "type": "number" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VideoSelectorProgramId": { - "additionalProperties": false, - "properties": { - "ProgramId": { - "markdownDescription": "Selects a specific program from within a multi-program transport stream. If the program doesn't exist, MediaLive selects the first program within the transport stream by default.", - "title": "ProgramId", - "type": "number" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::MediaLive::Channel.VideoSelectorSettings": { + "AWS::Lambda::Url.Cors": { "additionalProperties": false, "properties": { - "VideoSelectorPid": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorPid", - "markdownDescription": "Used to extract video by PID.", - "title": "VideoSelectorPid" + "AllowCredentials": { + "markdownDescription": "Whether you want to allow cookies or other credentials in requests to your function URL. The default is `false` .", + "title": "AllowCredentials", + "type": "boolean" }, - "VideoSelectorProgramId": { - "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorProgramId", - "markdownDescription": "Used to extract video by program ID.", - "title": "VideoSelectorProgramId" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.VpcOutputSettings": { - "additionalProperties": false, - "properties": { - "PublicAddressAllocationIds": { + "AllowHeaders": { "items": { "type": "string" }, - "markdownDescription": "List of public address allocation IDs to associate with ENIs that will be created in Output VPC. Must specify one for SINGLE_PIPELINE, two for STANDARD channels", - "title": "PublicAddressAllocationIds", + "markdownDescription": "The HTTP headers that origins can include in requests to your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", + "title": "AllowHeaders", "type": "array" }, - "SecurityGroupIds": { + "AllowMethods": { "items": { "type": "string" }, - "markdownDescription": "A list of up to 5 EC2 VPC security group IDs to attach to the Output VPC network interfaces.\nIf none are specified then the VPC default security group will be used", - "title": "SecurityGroupIds", + "markdownDescription": "The HTTP methods that are allowed when calling your function URL. For example: `GET` , `POST` , `DELETE` , or the wildcard character ( `*` ).", + "title": "AllowMethods", "type": "array" }, - "SubnetIds": { + "AllowOrigins": { "items": { "type": "string" }, - "markdownDescription": "A list of VPC subnet IDs from the same VPC.\nIf STANDARD channel, subnet IDs must be mapped to two unique availability zones (AZ).", - "title": "SubnetIds", + "markdownDescription": "The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example: `https://www.example.com` , `http://localhost:60905` .\n\nAlternatively, you can grant access to all origins with the wildcard character ( `*` ).", + "title": "AllowOrigins", "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaLive::Channel.WavSettings": { - "additionalProperties": false, - "properties": { - "BitDepth": { - "markdownDescription": "Bits per sample.", - "title": "BitDepth", - "type": "number" }, - "CodingMode": { - "markdownDescription": "The audio coding mode for the WAV audio. The mode determines the number of channels in the audio.", - "title": "CodingMode", - "type": "string" + "ExposeHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "The HTTP headers in your function response that you want to expose to origins that call your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", + "title": "ExposeHeaders", + "type": "array" }, - "SampleRate": { - "markdownDescription": "Sample rate in Hz.", - "title": "SampleRate", + "MaxAge": { + "markdownDescription": "The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results.", + "title": "MaxAge", "type": "number" } }, "type": "object" }, - "AWS::MediaLive::Channel.WebvttDestinationSettings": { - "additionalProperties": false, - "properties": { - "StyleControl": { - "markdownDescription": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO_STYLE_DATA - Don't pass through the style. The output captions will not contain any font styling information.", - "title": "StyleControl", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input": { + "AWS::Lambda::Version": { "additionalProperties": false, "properties": { "Condition": { @@ -161073,77 +170301,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputDestinationRequest" - }, - "markdownDescription": "Settings that apply only if the input is a push type of input.", - "title": "Destinations", - "type": "array" - }, - "InputDevices": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputDeviceSettings" - }, - "markdownDescription": "Settings that apply only if the input is an Elemental Link input.", - "title": "InputDevices", - "type": "array" - }, - "InputSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of input security groups (referenced by IDs) to attach to the input if the input is a push type.", - "title": "InputSecurityGroups", - "type": "array" - }, - "MediaConnectFlows": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.MediaConnectFlowRequest" - }, - "markdownDescription": "Settings that apply only if the input is a MediaConnect input.", - "title": "MediaConnectFlows", - "type": "array" - }, - "Name": { - "markdownDescription": "A name for the input.", - "title": "Name", + "CodeSha256": { + "markdownDescription": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.", + "title": "CodeSha256", "type": "string" }, - "RoleArn": { - "markdownDescription": "The IAM role for MediaLive to assume when creating a MediaConnect input or Amazon VPC input. This doesn't apply to other types of inputs. The role is identified by its ARN.", - "title": "RoleArn", + "Description": { + "markdownDescription": "A description for the version to override the description in the function configuration. Updates are not supported for this property.", + "title": "Description", "type": "string" }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputSourceRequest" - }, - "markdownDescription": "Settings that apply only if the input is a pull type of input.", - "title": "Sources", - "type": "array" - }, - "Tags": { - "markdownDescription": "A collection of tags for this input. Each tag is a key-value pair.", - "title": "Tags", - "type": "object" - }, - "Type": { - "markdownDescription": "The type for this input.", - "title": "Type", + "FunctionName": { + "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "title": "FunctionName", "type": "string" }, - "Vpc": { - "$ref": "#/definitions/AWS::MediaLive::Input.InputVpcRequest", - "markdownDescription": "Settings that apply only if the input is an push input where the source is on Amazon VPC.", - "title": "Vpc" + "ProvisionedConcurrencyConfig": { + "$ref": "#/definitions/AWS::Lambda::Version.ProvisionedConcurrencyConfiguration", + "markdownDescription": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.", + "title": "ProvisionedConcurrencyConfig" + }, + "RuntimePolicy": { + "$ref": "#/definitions/AWS::Lambda::Version.RuntimePolicy", + "markdownDescription": "", + "title": "RuntimePolicy" } }, + "required": [ + "FunctionName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::Input" + "AWS::Lambda::Version" ], "type": "string" }, @@ -161157,96 +170348,45 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaLive::Input.InputDestinationRequest": { - "additionalProperties": false, - "properties": { - "StreamName": { - "markdownDescription": "The stream name (application name/application instance) for the location the RTMP source content will be pushed to in MediaLive.", - "title": "StreamName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.InputDeviceRequest": { - "additionalProperties": false, - "properties": { - "Id": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.InputDeviceSettings": { + "AWS::Lambda::Version.ProvisionedConcurrencyConfiguration": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The unique ID for the device.", - "title": "Id", - "type": "string" + "ProvisionedConcurrentExecutions": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the version.", + "title": "ProvisionedConcurrentExecutions", + "type": "number" } }, + "required": [ + "ProvisionedConcurrentExecutions" + ], "type": "object" }, - "AWS::MediaLive::Input.InputSourceRequest": { + "AWS::Lambda::Version.RuntimePolicy": { "additionalProperties": false, "properties": { - "PasswordParam": { - "markdownDescription": "The password parameter that holds the password for accessing the upstream system. The password parameter applies only if the upstream system requires credentials.", - "title": "PasswordParam", - "type": "string" - }, - "Url": { - "markdownDescription": "For a pull input, the URL where MediaLive pulls the source content from.", - "title": "Url", - "type": "string" - }, - "Username": { - "markdownDescription": "The user name to connect to the upstream system. The user name applies only if the upstream system requires credentials.", - "title": "Username", + "RuntimeVersionArn": { + "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", + "title": "RuntimeVersionArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.InputVpcRequest": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of up to five VPC security group IDs to attach to the input VPC network interfaces. The security groups require subnet IDs. If none are specified, MediaLive uses the VPC default security group.", - "title": "SecurityGroupIds", - "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of two VPC subnet IDs from the same VPC. You must associate subnet IDs to two unique Availability Zones.", - "title": "SubnetIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::MediaLive::Input.MediaConnectFlowRequest": { - "additionalProperties": false, - "properties": { - "FlowArn": { - "markdownDescription": "The ARN of one or two MediaConnect flows that are the sources for this MediaConnect input.", - "title": "FlowArn", + "UpdateRuntimeOn": { + "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", + "title": "UpdateRuntimeOn", "type": "string" } }, + "required": [ + "UpdateRuntimeOn" + ], "type": "object" }, - "AWS::MediaLive::InputSecurityGroup": { + "AWS::LaunchWizard::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -161281,25 +170421,51 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "markdownDescription": "A collection of tags for this input security group. Each tag is a key-value pair.", - "title": "Tags", + "DeploymentPatternName": { + "markdownDescription": "The name of the deployment pattern.", + "title": "DeploymentPatternName", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the deployment.", + "title": "Name", + "type": "string" + }, + "Specifications": { + "additionalProperties": true, + "markdownDescription": "The settings specified for the deployment. These settings define how to deploy and configure your resources created by the deployment. For more information about the specifications required for creating a deployment for a SAP workload, see [SAP deployment specifications](https://docs.aws.amazon.com/launchwizard/latest/APIReference/launch-wizard-specifications-sap.html) . To retrieve the specifications required to create a deployment for other workloads, use the [`GetWorkloadDeploymentPattern`](https://docs.aws.amazon.com/launchwizard/latest/APIReference/API_GetWorkloadDeploymentPattern.html) operation.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Specifications", "type": "object" }, - "WhitelistRules": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr" + "$ref": "#/definitions/AWS::LaunchWizard::Deployment.Tags" }, - "markdownDescription": "The list of IPv4 CIDR addresses to include in the input security group as \"allowed\" addresses.", - "title": "WhitelistRules", + "markdownDescription": "Information about the tags attached to a deployment.", + "title": "Tags", "type": "array" + }, + "WorkloadName": { + "markdownDescription": "The name of the workload.", + "title": "WorkloadName", + "type": "string" } }, + "required": [ + "DeploymentPatternName", + "Name", + "WorkloadName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::InputSecurityGroup" + "AWS::LaunchWizard::Deployment" ], "type": "string" }, @@ -161313,22 +170479,31 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr": { + "AWS::LaunchWizard::Deployment.Tags": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "An IPv4 CIDR range to include in this input security group.", - "title": "Cidr", + "Key": { + "markdownDescription": "The key name of the tag.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the tag.", + "title": "Value", "type": "string" } }, + "required": [ + "Key" + ], "type": "object" }, - "AWS::MediaLive::Multiplex": { + "AWS::Lex::Bot": { "additionalProperties": false, "properties": { "Condition": { @@ -161363,51 +170538,87 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityZones": { + "AutoBuildBotLocales": { + "markdownDescription": "Indicates whether Amazon Lex V2 should automatically build the locales for the bot after a change.", + "title": "AutoBuildBotLocales", + "type": "boolean" + }, + "BotFileS3Location": { + "$ref": "#/definitions/AWS::Lex::Bot.S3Location", + "markdownDescription": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*", + "title": "BotFileS3Location" + }, + "BotLocales": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.BotLocale" }, - "markdownDescription": "A list of availability zones for the multiplex.", - "title": "AvailabilityZones", + "markdownDescription": "A list of locales for the bot.", + "title": "BotLocales", "type": "array" }, - "Destinations": { + "BotTags": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexOutputDestination" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of the multiplex output destinations.", - "title": "Destinations", + "markdownDescription": "A list of tags to add to the bot. You can only add tags when you import a bot. You can't use the `UpdateBot` operation to update tags. To update tags, use the `TagResource` operation.", + "title": "BotTags", "type": "array" }, - "MultiplexSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexSettings", - "markdownDescription": "Configuration for a multiplex event.", - "title": "MultiplexSettings" + "DataPrivacy": { + "$ref": "#/definitions/AWS::Lex::Bot.DataPrivacy", + "markdownDescription": "By default, data stored by Amazon Lex is encrypted. The `DataPrivacy` structure provides settings that determine how Amazon Lex handles special cases of securing the data for your bot.", + "title": "DataPrivacy" + }, + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", + "type": "string" + }, + "IdleSessionTTLInSeconds": { + "markdownDescription": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Lex deletes any data provided before the timeout.\n\nYou can specify between 60 (1 minute) and 86,400 (24 hours) seconds.", + "title": "IdleSessionTTLInSeconds", + "type": "number" }, "Name": { - "markdownDescription": "The name of the multiplex.", + "markdownDescription": "The name of the bot locale.", "title": "Name", "type": "string" }, - "Tags": { + "Replication": { + "$ref": "#/definitions/AWS::Lex::Bot.Replication", + "markdownDescription": "", + "title": "Replication" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot.", + "title": "RoleArn", + "type": "string" + }, + "TestBotAliasSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.TestBotAliasSettings", + "markdownDescription": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values.", + "title": "TestBotAliasSettings" + }, + "TestBotAliasTags": { "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.Tags" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A collection of key-value pairs.", - "title": "Tags", + "markdownDescription": "A list of tags to add to the test alias for a bot. You can only add tags when you import a bot. You can't use the `UpdateAlias` operation to update tags. To update tags on the test alias, use the `TagResource` operation.", + "title": "TestBotAliasTags", "type": "array" } }, "required": [ - "AvailabilityZones", - "MultiplexSettings", - "Name" + "DataPrivacy", + "IdleSessionTTLInSeconds", + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaLive::Multiplex" + "AWS::Lex::Bot" ], "type": "string" }, @@ -161426,3203 +170637,2550 @@ ], "type": "object" }, - "AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings": { + "AWS::Lex::Bot.AdvancedRecognitionSetting": { "additionalProperties": false, "properties": { - "EntitlementArn": { - "markdownDescription": "The MediaConnect entitlement ARN available as a Flow source.", - "title": "EntitlementArn", + "AudioRecognitionStrategy": { + "markdownDescription": "Enables using the slot values as a custom vocabulary for recognizing user utterances.", + "title": "AudioRecognitionStrategy", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Multiplex.MultiplexOutputDestination": { + "AWS::Lex::Bot.AllowedInputTypes": { "additionalProperties": false, "properties": { - "MultiplexMediaConnectOutputDestinationSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings", - "markdownDescription": "", - "title": "MultiplexMediaConnectOutputDestinationSettings" + "AllowAudioInput": { + "markdownDescription": "Indicates whether audio input is allowed.", + "title": "AllowAudioInput", + "type": "boolean" + }, + "AllowDTMFInput": { + "markdownDescription": "Indicates whether DTMF input is allowed.", + "title": "AllowDTMFInput", + "type": "boolean" } }, + "required": [ + "AllowAudioInput", + "AllowDTMFInput" + ], "type": "object" }, - "AWS::MediaLive::Multiplex.MultiplexSettings": { + "AWS::Lex::Bot.AudioAndDTMFInputSpecification": { "additionalProperties": false, "properties": { - "MaximumVideoBufferDelayMilliseconds": { - "markdownDescription": "Maximum video buffer delay in milliseconds.", - "title": "MaximumVideoBufferDelayMilliseconds", - "type": "number" - }, - "TransportStreamBitrate": { - "markdownDescription": "Transport stream bit rate.", - "title": "TransportStreamBitrate", - "type": "number" + "AudioSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioSpecification", + "markdownDescription": "Specifies the settings on audio input.", + "title": "AudioSpecification" }, - "TransportStreamId": { - "markdownDescription": "Transport stream ID.", - "title": "TransportStreamId", - "type": "number" + "DTMFSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.DTMFSpecification", + "markdownDescription": "Specifies the settings on DTMF input.", + "title": "DTMFSpecification" }, - "TransportStreamReservedBitrate": { - "markdownDescription": "Transport stream reserved bit rate.", - "title": "TransportStreamReservedBitrate", + "StartTimeoutMs": { + "markdownDescription": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.", + "title": "StartTimeoutMs", "type": "number" } }, "required": [ - "TransportStreamBitrate", - "TransportStreamId" + "StartTimeoutMs" ], "type": "object" }, - "AWS::MediaLive::Multiplex.Tags": { + "AWS::Lex::Bot.AudioLogDestination": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "string" + "S3Bucket": { + "$ref": "#/definitions/AWS::Lex::Bot.S3BucketLogDestination", + "markdownDescription": "Specifies the Amazon S3 bucket where the audio files are stored.", + "title": "S3Bucket" } }, + "required": [ + "S3Bucket" + ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram": { + "AWS::Lex::Bot.AudioLogSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioLogDestination", + "markdownDescription": "Specifies the location of the audio log files collected when conversation logging is enabled for a bot.", + "title": "Destination" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelId": { - "type": "string" - }, - "MultiplexId": { - "markdownDescription": "The unique id of the multiplex.", - "title": "MultiplexId", - "type": "string" - }, - "MultiplexProgramSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings", - "markdownDescription": "Multiplex Program settings configuration.", - "title": "MultiplexProgramSettings" - }, - "PacketIdentifiersMap": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap", - "markdownDescription": "", - "title": "PacketIdentifiersMap" - }, - "PipelineDetails": { - "items": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail" - }, - "markdownDescription": "", - "title": "PipelineDetails", - "type": "array" - }, - "PreferredChannelPipeline": { - "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.\nIf set to \\\"PIPELINE_0\\\" or \\\"PIPELINE_1\\\" and an unhealthy ingest causes the multiplex to switch to the non-preferred pipeline,\nit will switch back once that ingest is healthy again. If set to \\\"CURRENTLY_ACTIVE\\\",\nit will not switch back to the other pipeline based on it recovering to a healthy state,\nit will only switch if the active pipeline becomes unhealthy.", - "title": "PreferredChannelPipeline", - "type": "string" - }, - "ProgramName": { - "markdownDescription": "", - "title": "ProgramName", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaLive::Multiplexprogram" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Determines whether audio logging in enabled for the bot.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type" + "Destination", + "Enabled" ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap": { + "AWS::Lex::Bot.AudioSpecification": { "additionalProperties": false, "properties": { - "AudioPids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "AudioPids", - "type": "array" - }, - "DvbSubPids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "DvbSubPids", - "type": "array" - }, - "DvbTeletextPid": { - "markdownDescription": "", - "title": "DvbTeletextPid", - "type": "number" - }, - "EtvPlatformPid": { - "markdownDescription": "", - "title": "EtvPlatformPid", - "type": "number" - }, - "EtvSignalPid": { - "markdownDescription": "", - "title": "EtvSignalPid", - "type": "number" - }, - "KlvDataPids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "KlvDataPids", - "type": "array" - }, - "PcrPid": { - "markdownDescription": "", - "title": "PcrPid", - "type": "number" - }, - "PmtPid": { - "markdownDescription": "", - "title": "PmtPid", - "type": "number" - }, - "PrivateMetadataPid": { - "markdownDescription": "", - "title": "PrivateMetadataPid", - "type": "number" - }, - "Scte27Pids": { - "items": { - "type": "number" - }, - "markdownDescription": "", - "title": "Scte27Pids", - "type": "array" - }, - "Scte35Pid": { - "markdownDescription": "", - "title": "Scte35Pid", + "EndTimeoutMs": { + "markdownDescription": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.", + "title": "EndTimeoutMs", "type": "number" }, - "TimedMetadataPid": { - "markdownDescription": "", - "title": "TimedMetadataPid", + "MaxLengthMs": { + "markdownDescription": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.", + "title": "MaxLengthMs", "type": "number" - }, - "VideoPid": { + } + }, + "required": [ + "EndTimeoutMs", + "MaxLengthMs" + ], + "type": "object" + }, + "AWS::Lex::Bot.BKBExactResponseFields": { + "additionalProperties": false, + "properties": { + "AnswerField": { "markdownDescription": "", - "title": "VideoPid", - "type": "number" + "title": "AnswerField", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail": { + "AWS::Lex::Bot.BedrockAgentConfiguration": { "additionalProperties": false, "properties": { - "ActiveChannelPipeline": { - "markdownDescription": "Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex.", - "title": "ActiveChannelPipeline", + "BedrockAgentAliasId": { + "markdownDescription": "", + "title": "BedrockAgentAliasId", "type": "string" }, - "PipelineId": { - "markdownDescription": "Identifies a specific pipeline in the multiplex.", - "title": "PipelineId", + "BedrockAgentId": { + "markdownDescription": "", + "title": "BedrockAgentId", "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor": { + "AWS::Lex::Bot.BedrockAgentIntentConfiguration": { "additionalProperties": false, "properties": { - "ProviderName": { - "markdownDescription": "Name of the provider.", - "title": "ProviderName", - "type": "string" + "BedrockAgentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentConfiguration", + "markdownDescription": "", + "title": "BedrockAgentConfiguration" }, - "ServiceName": { - "markdownDescription": "Name of the service.", - "title": "ServiceName", - "type": "string" + "BedrockAgentIntentKnowledgeBaseConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentIntentKnowledgeBaseConfiguration", + "markdownDescription": "", + "title": "BedrockAgentIntentKnowledgeBaseConfiguration" } }, - "required": [ - "ProviderName", - "ServiceName" - ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings": { + "AWS::Lex::Bot.BedrockAgentIntentKnowledgeBaseConfiguration": { "additionalProperties": false, "properties": { - "PreferredChannelPipeline": { - "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.", - "title": "PreferredChannelPipeline", + "BedrockKnowledgeBaseArn": { + "markdownDescription": "", + "title": "BedrockKnowledgeBaseArn", "type": "string" }, - "ProgramNumber": { - "markdownDescription": "Unique program number.", - "title": "ProgramNumber", - "type": "number" - }, - "ServiceDescriptor": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor", - "markdownDescription": "Transport stream service descriptor configuration for the Multiplex program.", - "title": "ServiceDescriptor" - }, - "VideoSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings", - "markdownDescription": "Program video settings configuration.", - "title": "VideoSettings" + "BedrockModelConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelConfiguration" } }, "required": [ - "ProgramNumber" + "BedrockKnowledgeBaseArn", + "BedrockModelConfiguration" ], "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings": { + "AWS::Lex::Bot.BedrockGuardrailConfiguration": { "additionalProperties": false, "properties": { - "MaximumBitrate": { - "markdownDescription": "Maximum statmux bitrate.", - "title": "MaximumBitrate", - "type": "number" - }, - "MinimumBitrate": { - "markdownDescription": "Minimum statmux bitrate.", - "title": "MinimumBitrate", - "type": "number" + "BedrockGuardrailIdentifier": { + "markdownDescription": "", + "title": "BedrockGuardrailIdentifier", + "type": "string" }, - "Priority": { - "markdownDescription": "The purpose of the priority is to use a combination of the\\nmultiplex rate control algorithm and the QVBR capability of the\\nencoder to prioritize the video quality of some channels in a\\nmultiplex over others. Channels that have a higher priority will\\nget higher video quality at the expense of the video quality of\\nother channels in the multiplex with lower priority.", - "title": "Priority", - "type": "number" + "BedrockGuardrailVersion": { + "markdownDescription": "", + "title": "BedrockGuardrailVersion", + "type": "string" } }, "type": "object" }, - "AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings": { + "AWS::Lex::Bot.BedrockKnowledgeStoreConfiguration": { "additionalProperties": false, "properties": { - "ConstantBitrate": { - "markdownDescription": "The constant bitrate configuration for the video encode.\nWhen this field is defined, StatmuxSettings must be undefined.", - "title": "ConstantBitrate", - "type": "number" + "BKBExactResponseFields": { + "$ref": "#/definitions/AWS::Lex::Bot.BKBExactResponseFields", + "markdownDescription": "", + "title": "BKBExactResponseFields" }, - "StatmuxSettings": { - "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings", - "markdownDescription": "Statmux rate control settings.\nWhen this field is defined, ConstantBitrate must be undefined.", - "title": "StatmuxSettings" + "BedrockKnowledgeBaseArn": { + "markdownDescription": "The base ARN of the knowledge base used.", + "title": "BedrockKnowledgeBaseArn", + "type": "string" + }, + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response, or to return an answer generated by the model, using the fields you specify from the database.", + "title": "ExactResponse", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaPackage::Asset": { + "AWS::Lex::Bot.BedrockModelSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "BedrockGuardrailConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockGuardrailConfiguration", + "markdownDescription": "", + "title": "BedrockGuardrailConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BedrockModelCustomPrompt": { + "markdownDescription": "", + "title": "BedrockModelCustomPrompt", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "EgressEndpoints": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::Asset.EgressEndpoint" - }, - "markdownDescription": "List of playback endpoints that are available for this asset.", - "title": "EgressEndpoints", - "type": "array" - }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the asset.", - "title": "Id", - "type": "string" - }, - "PackagingGroupId": { - "markdownDescription": "The ID of the packaging group associated with this asset.", - "title": "PackagingGroupId", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "Unique identifier for this asset, as it's configured in the key provider service.", - "title": "ResourceId", - "type": "string" - }, - "SourceArn": { - "markdownDescription": "The ARN for the source content in Amazon S3.", - "title": "SourceArn", - "type": "string" - }, - "SourceRoleArn": { - "markdownDescription": "The ARN for the IAM role that provides AWS Elemental MediaPackage access to the Amazon S3 bucket where the source content is stored. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "SourceRoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the asset.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Id", - "PackagingGroupId", - "SourceArn", - "SourceRoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackage::Asset" - ], + "BedrockTraceStatus": { + "markdownDescription": "", + "title": "BedrockTraceStatus", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelArn": { + "markdownDescription": "The ARN of the foundation model used in descriptive bot building.", + "title": "ModelArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "ModelArn" ], "type": "object" }, - "AWS::MediaPackage::Asset.EgressEndpoint": { + "AWS::Lex::Bot.BotAliasLocaleSettings": { "additionalProperties": false, "properties": { - "PackagingConfigurationId": { - "markdownDescription": "The ID of a packaging configuration that's applied to this asset.", - "title": "PackagingConfigurationId", - "type": "string" + "CodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.CodeHookSpecification", + "markdownDescription": "Specifies the Lambda function that should be used in the locale.", + "title": "CodeHookSpecification" }, - "Url": { - "markdownDescription": "The URL that's used to request content from this endpoint.", - "title": "Url", - "type": "string" + "Enabled": { + "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "PackagingConfigurationId", - "Url" + "Enabled" ], "type": "object" }, - "AWS::MediaPackage::Channel": { + "AWS::Lex::Bot.BotAliasLocaleSettingsItem": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "BotAliasLocaleSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettings", + "markdownDescription": "Specifies locale settings for a locale.", + "title": "BotAliasLocaleSetting" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocaleId": { + "markdownDescription": "Specifies the locale that the settings apply to.", + "title": "LocaleId", "type": "string" + } + }, + "required": [ + "BotAliasLocaleSetting", + "LocaleId" + ], + "type": "object" + }, + "AWS::Lex::Bot.BotLocale": { + "additionalProperties": false, + "properties": { + "CustomVocabulary": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabulary", + "markdownDescription": "Specifies a custom vocabulary to use with a specific locale.", + "title": "CustomVocabulary" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Description": { + "markdownDescription": "A description of the bot locale. Use this to help identify the bot locale in lists.", + "title": "Description", + "type": "string" }, - "Metadata": { - "type": "object" + "GenerativeAISettings": { + "$ref": "#/definitions/AWS::Lex::Bot.GenerativeAISettings", + "markdownDescription": "", + "title": "GenerativeAISettings" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Any descriptive information that you want to add to the channel for future identification purposes.", - "title": "Description", - "type": "string" - }, - "EgressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", - "markdownDescription": "Configures egress access logs.", - "title": "EgressAccessLogs" - }, - "HlsIngest": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.HlsIngest", - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "HlsIngest" - }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the channel.", - "title": "Id", - "type": "string" - }, - "IngressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", - "markdownDescription": "Configures ingress access logs.", - "title": "IngressAccessLogs" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the channel.", - "title": "Tags", - "type": "array" - } + "Intents": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Intent" }, - "required": [ - "Id" - ], - "type": "object" + "markdownDescription": "One or more intents defined for the locale.", + "title": "Intents", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaPackage::Channel" - ], + "LocaleId": { + "markdownDescription": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales.", + "title": "LocaleId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "NluConfidenceThreshold": { + "markdownDescription": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot.", + "title": "NluConfidenceThreshold", + "type": "number" + }, + "SlotTypes": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotType" + }, + "markdownDescription": "One or more slot types defined for the locale.", + "title": "SlotTypes", + "type": "array" + }, + "VoiceSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.VoiceSettings", + "markdownDescription": "Defines settings for using an Amazon Polly voice to communicate with a user.\n\nValid values include:\n\n- `standard`\n- `neural`\n- `long-form`\n- `generative`", + "title": "VoiceSettings" } }, "required": [ - "Type", - "Properties" + "LocaleId", + "NluConfidenceThreshold" ], "type": "object" }, - "AWS::MediaPackage::Channel.HlsIngest": { + "AWS::Lex::Bot.BuildtimeSettings": { "additionalProperties": false, "properties": { - "ingestEndpoints": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::Channel.IngestEndpoint" - }, - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "ingestEndpoints", - "type": "array" + "DescriptiveBotBuilderSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.DescriptiveBotBuilderSpecification", + "markdownDescription": "", + "title": "DescriptiveBotBuilderSpecification" + }, + "SampleUtteranceGenerationSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtteranceGenerationSpecification", + "markdownDescription": "", + "title": "SampleUtteranceGenerationSpecification" } }, "type": "object" }, - "AWS::MediaPackage::Channel.IngestEndpoint": { + "AWS::Lex::Bot.Button": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The endpoint identifier.", - "title": "Id", + "Text": { + "markdownDescription": "The text that appears on the button. Use this to tell the user what value is returned when they choose this button.", + "title": "Text", "type": "string" }, - "Password": { - "markdownDescription": "The system-generated password for WebDAV input authentication.", - "title": "Password", + "Value": { + "markdownDescription": "The value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.", + "title": "Value", "type": "string" - }, - "Url": { - "markdownDescription": "The input URL where the source stream should be sent.", - "title": "Url", + } + }, + "required": [ + "Text", + "Value" + ], + "type": "object" + }, + "AWS::Lex::Bot.CloudWatchLogGroupLogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "Username": { - "markdownDescription": "The system-generated username for WebDAV input authentication.", - "title": "Username", + "LogPrefix": { + "markdownDescription": "The prefix of the log stream name within the log group that you specified", + "title": "LogPrefix", "type": "string" } }, "required": [ - "Id", - "Password", - "Url", - "Username" + "CloudWatchLogGroupArn", + "LogPrefix" ], "type": "object" }, - "AWS::MediaPackage::Channel.LogConfiguration": { + "AWS::Lex::Bot.CodeHookSpecification": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "Sets a custom Amazon CloudWatch log group name.", - "title": "LogGroupName", - "type": "string" + "LambdaCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.LambdaCodeHook", + "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", + "title": "LambdaCodeHook" } }, + "required": [ + "LambdaCodeHook" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint": { + "AWS::Lex::Bot.CompositeSlotTypeSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Authorization": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.Authorization", - "markdownDescription": "Parameters for CDN authorization.", - "title": "Authorization" - }, - "ChannelId": { - "markdownDescription": "The ID of the channel associated with this endpoint.", - "title": "ChannelId", - "type": "string" - }, - "CmafPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafPackage", - "markdownDescription": "Parameters for Common Media Application Format (CMAF) packaging.", - "title": "CmafPackage" - }, - "DashPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashPackage", - "markdownDescription": "Parameters for DASH packaging.", - "title": "DashPackage" - }, - "Description": { - "markdownDescription": "Any descriptive information that you want to add to the endpoint for future identification purposes.", - "title": "Description", - "type": "string" - }, - "HlsPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsPackage", - "markdownDescription": "Parameters for Apple HLS packaging.", - "title": "HlsPackage" - }, - "Id": { - "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", - "title": "Id", - "type": "string" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint.", - "title": "ManifestName", - "type": "string" - }, - "MssPackage": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssPackage", - "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", - "title": "MssPackage" - }, - "Origination": { - "markdownDescription": "Controls video origination from this endpoint.\n\nValid values:\n\n- `ALLOW` - enables this endpoint to serve content to requesting devices.\n- `DENY` - prevents this endpoint from serving content. Denying origination is helpful for harvesting live-to-VOD assets. For more information about harvesting and origination, see [Live-to-VOD Requirements](https://docs.aws.amazon.com/mediapackage/latest/ug/ltov-reqmts.html) .", - "title": "Origination", - "type": "string" - }, - "StartoverWindowSeconds": { - "markdownDescription": "Maximum duration (seconds) of content to retain for startover playback. Omit this attribute or enter `0` to indicate that startover playback is disabled for this endpoint.", - "title": "StartoverWindowSeconds", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the endpoint.", - "title": "Tags", - "type": "array" - }, - "TimeDelaySeconds": { - "markdownDescription": "Minimum duration (seconds) of delay to enforce on the playback of live content. Omit this attribute or enter `0` to indicate that there is no time delay in effect for this endpoint.", - "title": "TimeDelaySeconds", - "type": "number" - }, - "Whitelist": { - "items": { - "type": "string" - }, - "markdownDescription": "The IP addresses that can access this endpoint.", - "title": "Whitelist", - "type": "array" - } + "SubSlots": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotTypeComposition" }, - "required": [ - "ChannelId", - "Id" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackage::OriginEndpoint" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Subslots in the composite slot.", + "title": "SubSlots", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.Authorization": { + "AWS::Lex::Bot.Condition": { "additionalProperties": false, "properties": { - "CdnIdentifierSecret": { - "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that your Content Delivery Network (CDN) uses for authorization to access your endpoint.", - "title": "CdnIdentifierSecret", - "type": "string" - }, - "SecretsRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", - "title": "SecretsRoleArn", + "ExpressionString": { + "markdownDescription": "The expression string that is evaluated.", + "title": "ExpressionString", "type": "string" } }, "required": [ - "CdnIdentifierSecret", - "SecretsRoleArn" + "ExpressionString" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.CmafEncryption": { + "AWS::Lex::Bot.ConditionalBranch": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then AWS Elemental MediaPackage creates the constant initialization vector (IV).", - "title": "ConstantInitializationVector", - "type": "string" + "Condition": { + "$ref": "#/definitions/AWS::Lex::Bot.Condition", + "markdownDescription": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken.", + "title": "Condition" }, - "EncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "EncryptionMethod", + "Name": { + "markdownDescription": "The name of the branch.", + "title": "Name", "type": "string" }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "Response": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "Response" } }, "required": [ - "SpekeKeyProvider" + "Condition", + "Name", + "NextStep" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.CmafPackage": { + "AWS::Lex::Bot.ConditionalSpecification": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "HlsManifests": { + "ConditionalBranches": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsManifest" + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalBranch" }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", + "markdownDescription": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true.", + "title": "ConditionalBranches", "type": "array" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source segment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentPrefix": { - "markdownDescription": "An optional custom string that is prepended to the name of each segment. If not specified, the segment prefix defaults to the ChannelId.", - "title": "SegmentPrefix", - "type": "string" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" - } - }, - "type": "object" - }, - "AWS::MediaPackage::OriginEndpoint.DashEncryption": { - "additionalProperties": false, - "properties": { - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", - "type": "number" + "DefaultBranch": { + "$ref": "#/definitions/AWS::Lex::Bot.DefaultConditionalBranch", + "markdownDescription": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step.", + "title": "DefaultBranch" }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "IsActive": { + "markdownDescription": "Determines whether a conditional branch is active. When `IsActive` is false, the conditions are not evaluated.", + "title": "IsActive", + "type": "boolean" } }, "required": [ - "SpekeKeyProvider" + "ConditionalBranches", + "DefaultBranch", + "IsActive" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.DashPackage": { + "AWS::Lex::Bot.ConversationLogSettings": { "additionalProperties": false, "properties": { - "AdTriggers": { + "AudioLogSettings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.AudioLogSetting" }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_ADVERTISEMENT` .\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_PLACEMENT_OPPORTUNITY` .\n- `SPLICE_INSERT` .", - "title": "AdTriggers", + "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", + "title": "AudioLogSettings", "type": "array" }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestLayout": { - "markdownDescription": "Determines the position of some tags in the manifest.\n\nValid values:\n\n- `FULL` - Elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` .\n- `COMPACT` - Duplicate elements are combined and presented at the `AdaptationSet` level.", - "title": "ManifestLayout", - "type": "string" - }, - "ManifestWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each manifest.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", - "title": "MinBufferTimeSeconds", - "type": "number" - }, - "MinUpdatePeriodSeconds": { - "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", - "title": "MinUpdatePeriodSeconds", - "type": "number" - }, - "PeriodTriggers": { + "TextLogSettings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.TextLogSetting" }, - "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", - "title": "PeriodTriggers", + "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", + "title": "TextLogSettings", "type": "array" - }, - "Profile": { - "markdownDescription": "The DASH profile for the output.\n\nValid values:\n\n- `NONE` - The output doesn't use a DASH profile.\n- `HBBTV_1_5` - The output is compliant with HbbTV v1.5.\n- `DVB_DASH_2014` - The output is compliant with DVB-DASH 2014.", - "title": "Profile", - "type": "string" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentTemplateFormat": { - "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValid values:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .\n- `NUMBER_WITH_DURATION` - The `$Number$` variable is used in the `media` URL and a `duration` attribute is added to the segment template. The `SegmentTimeline` object is removed from the representation.\n- `TIME_WITH_TIMELINE` - The `$Time$` variable is used in the `media` URL. The value of this variable is the timestamp of when the segment starts. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", - "title": "SegmentTemplateFormat", - "type": "string" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" - }, - "SuggestedPresentationDelaySeconds": { - "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest.", - "title": "SuggestedPresentationDelaySeconds", - "type": "number" - }, - "UtcTiming": { - "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", - "title": "UtcTiming", - "type": "string" - }, - "UtcTimingUri": { - "markdownDescription": "Specifies the value attribute of the UTC timing field when utcTiming is set to HTTP-ISO or HTTP-HEAD.", - "title": "UtcTimingUri", + } + }, + "type": "object" + }, + "AWS::Lex::Bot.CustomPayload": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The string that is sent to your application.", + "title": "Value", "type": "string" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration": { + "AWS::Lex::Bot.CustomVocabulary": { "additionalProperties": false, - "properties": {}, + "properties": { + "CustomVocabularyItems": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabularyItem" + }, + "markdownDescription": "Specifies a list of words that you expect to be used during a conversation with your bot.", + "title": "CustomVocabularyItems", + "type": "array" + } + }, + "required": [ + "CustomVocabularyItems" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.HlsEncryption": { + "AWS::Lex::Bot.CustomVocabularyItem": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks.", - "title": "ConstantInitializationVector", + "DisplayAs": { + "markdownDescription": "The DisplayAs value for the custom vocabulary item from the custom vocabulary list.", + "title": "DisplayAs", "type": "string" }, - "EncryptionMethod": { - "markdownDescription": "HLS encryption type.", - "title": "EncryptionMethod", + "Phrase": { + "markdownDescription": "Specifies 1 - 4 words that should be recognized.", + "title": "Phrase", "type": "string" }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", - "title": "KeyRotationIntervalSeconds", + "Weight": { + "markdownDescription": "Specifies the degree to which the phrase recognition is boosted. The default value is 1.", + "title": "Weight", "type": "number" - }, - "RepeatExtXKey": { - "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", - "title": "RepeatExtXKey", - "type": "boolean" - }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" } }, "required": [ - "SpekeKeyProvider" + "Phrase" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.HlsManifest": { + "AWS::Lex::Bot.DTMFSpecification": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", - "type": "string" - }, - "AdTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", - "title": "AdTriggers", - "type": "array" - }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", - "type": "string" - }, - "Id": { - "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", - "title": "Id", - "type": "string" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Applies to stream sets with a single video track only. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint. The manifestName on the HLSManifest object overrides the manifestName that you provided on the originEndpoint object.", - "title": "ManifestName", + "DeletionCharacter": { + "markdownDescription": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.", + "title": "DeletionCharacter", "type": "string" }, - "PlaylistType": { - "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", - "title": "PlaylistType", + "EndCharacter": { + "markdownDescription": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.", + "title": "EndCharacter", "type": "string" }, - "PlaylistWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each parent manifest.", - "title": "PlaylistWindowSeconds", + "EndTimeoutMs": { + "markdownDescription": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.", + "title": "EndTimeoutMs", "type": "number" }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", + "MaxLength": { + "markdownDescription": "The maximum number of DTMF digits allowed in an utterance.", + "title": "MaxLength", "type": "number" - }, - "Url": { - "markdownDescription": "The URL that's used to request this manifest from this endpoint.", - "title": "Url", - "type": "string" } }, "required": [ - "Id" + "DeletionCharacter", + "EndCharacter", + "EndTimeoutMs", + "MaxLength" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.HlsPackage": { + "AWS::Lex::Bot.DataPrivacy": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", - "type": "string" - }, - "AdTriggers": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", - "title": "AdTriggers", - "type": "array" - }, - "AdsOnDeliveryRestrictions": { - "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", - "title": "AdsOnDeliveryRestrictions", - "type": "string" - }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "IncludeDvbSubtitles": { - "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", - "title": "IncludeDvbSubtitles", - "type": "boolean" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Only applies to stream sets with a single video track. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" - }, - "PlaylistType": { - "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", - "title": "PlaylistType", - "type": "string" - }, - "PlaylistWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each parent manifest.", - "title": "PlaylistWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" - }, - "UseAudioRenditionGroup": { - "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", - "title": "UseAudioRenditionGroup", + "ChildDirected": { + "markdownDescription": "For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) .", + "title": "ChildDirected", "type": "boolean" } }, + "required": [ + "ChildDirected" + ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.MssEncryption": { + "AWS::Lex::Bot.DataSourceConfiguration": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "BedrockKnowledgeStoreConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockKnowledgeStoreConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon Bedrock knowledge base used for the `AMAZON.QnAIntent` . To set up a knowledge base, follow the steps at [Building a knowledge base](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base.html) .", + "title": "BedrockKnowledgeStoreConfiguration" + }, + "KendraConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QnAKendraConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon Kendra index used for the `AMAZON.QnAIntent` . To create a Amazon Kendra index, follow the steps at [Creating an index](https://docs.aws.amazon.com/kendra/latest/dg/create-index.html) .", + "title": "KendraConfiguration" + }, + "OpensearchConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.OpensearchConfiguration", + "markdownDescription": "Contains details about the configuration of the Amazon OpenSearch Service database used for the `AMAZON.QnAIntent` . To create a domain, follow the steps at [Creating and managing Amazon OpenSearch Service domains](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html) .", + "title": "OpensearchConfiguration" } }, - "required": [ - "SpekeKeyProvider" - ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.MssPackage": { + "AWS::Lex::Bot.DefaultConditionalBranch": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "ManifestWindowSeconds": { - "markdownDescription": "Time window (in seconds) contained in each manifest.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" + "Response": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "Response" } }, "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider": { + "AWS::Lex::Bot.DescriptiveBotBuilderSpecification": { "additionalProperties": false, "properties": { - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption.", - "title": "CertificateArn", - "type": "string" - }, - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration", - "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", - "title": "EncryptionContractConfiguration" - }, - "ResourceId": { - "markdownDescription": "Unique identifier for this endpoint, as it is configured in the key provider service.", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. This role must have a trust policy that allows AWS Elemental MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "RoleArn", - "type": "string" - }, - "SystemIds": { - "items": { - "type": "string" - }, - "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", - "title": "SystemIds", - "type": "array" + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "An object containing information about the Amazon Bedrock model used to interpret the prompt used in descriptive bot building.", + "title": "BedrockModelSpecification" }, - "Url": { - "markdownDescription": "URL for the key provider\u2019s key retrieval API endpoint. Must start with https://.", - "title": "Url", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether the descriptive bot building feature is activated or not.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "ResourceId", - "RoleArn", - "SystemIds", - "Url" + "Enabled" ], "type": "object" }, - "AWS::MediaPackage::OriginEndpoint.StreamSelection": { + "AWS::Lex::Bot.DialogAction": { "additionalProperties": false, "properties": { - "MaxVideoBitsPerSecond": { - "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", - "title": "MaxVideoBitsPerSecond", - "type": "number" + "SlotToElicit": { + "markdownDescription": "If the dialog action is `ElicitSlot` , defines the slot to elicit from the user.", + "title": "SlotToElicit", + "type": "string" }, - "MinVideoBitsPerSecond": { - "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", - "title": "MinVideoBitsPerSecond", - "type": "number" + "SuppressNextMessage": { + "markdownDescription": "When true the next message for the intent is not used.", + "title": "SuppressNextMessage", + "type": "boolean" }, - "StreamOrder": { - "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", - "title": "StreamOrder", + "Type": { + "markdownDescription": "The action that the bot should execute.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration": { + "AWS::Lex::Bot.DialogCodeHookInvocationSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "EnableCodeHookInvocation": { + "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", + "title": "EnableCodeHookInvocation", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InvocationLabel": { + "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", + "title": "InvocationLabel", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CmafPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafPackage", - "markdownDescription": "Parameters for CMAF packaging.", - "title": "CmafPackage" - }, - "DashPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashPackage", - "markdownDescription": "Parameters for DASH-ISO packaging.", - "title": "DashPackage" - }, - "HlsPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsPackage", - "markdownDescription": "Parameters for Apple HLS packaging.", - "title": "HlsPackage" - }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the packaging configuration.", - "title": "Id", - "type": "string" - }, - "MssPackage": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssPackage", - "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", - "title": "MssPackage" - }, - "PackagingGroupId": { - "markdownDescription": "The ID of the packaging group associated with this packaging configuration.", - "title": "PackagingGroupId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the packaging configuration.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Id", - "PackagingGroupId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackage::PackagingConfiguration" - ], - "type": "string" + "IsActive": { + "markdownDescription": "Determines whether a dialog code hook is used when the intent is activated.", + "title": "IsActive", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "PostCodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification", + "markdownDescription": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete.", + "title": "PostCodeHookSpecification" } }, "required": [ - "Type", - "Properties" + "EnableCodeHookInvocation", + "IsActive", + "PostCodeHookSpecification" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.CmafEncryption": { + "AWS::Lex::Bot.DialogCodeHookSetting": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "Enabled": { + "markdownDescription": "Enables the dialog code hook so that it processes user requests.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "SpekeKeyProvider" + "Enabled" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.CmafPackage": { + "AWS::Lex::Bot.DialogState": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "DialogAction": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogAction", + "markdownDescription": "Defines the action that the bot executes at runtime when the conversation reaches this step.", + "title": "DialogAction" }, - "HlsManifests": { + "Intent": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentOverride", + "markdownDescription": "Override settings to configure the intent state.", + "title": "Intent" + }, + "SessionAttributes": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" + "$ref": "#/definitions/AWS::Lex::Bot.SessionAttribute" }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", + "markdownDescription": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.", + "title": "SessionAttributes", "type": "array" - }, - "IncludeEncoderConfigurationInSegments": { - "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", - "title": "IncludeEncoderConfigurationInSegments", - "type": "boolean" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" } }, - "required": [ - "HlsManifests" - ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.DashEncryption": { + "AWS::Lex::Bot.ElicitationCodeHookInvocationSetting": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "EnableCodeHookInvocation": { + "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", + "title": "EnableCodeHookInvocation", + "type": "boolean" + }, + "InvocationLabel": { + "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", + "title": "InvocationLabel", + "type": "string" } }, "required": [ - "SpekeKeyProvider" + "EnableCodeHookInvocation" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.DashManifest": { + "AWS::Lex::Bot.ExactResponseFields": { "additionalProperties": false, "properties": { - "ManifestLayout": { - "markdownDescription": "Determines the position of some tags in the Media Presentation Description (MPD). When set to `FULL` , elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` . When set to `COMPACT` , duplicate elements are combined and presented at the AdaptationSet level.", - "title": "ManifestLayout", - "type": "string" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", - "type": "string" - }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", - "title": "MinBufferTimeSeconds", - "type": "number" - }, - "Profile": { - "markdownDescription": "The DASH profile type. When set to `HBBTV_1_5` , the content is compliant with HbbTV 1.5.", - "title": "Profile", + "AnswerField": { + "markdownDescription": "The name of the field that contains the answer to the query made to the OpenSearch Service database.", + "title": "AnswerField", "type": "string" }, - "ScteMarkersSource": { - "markdownDescription": "The source of scte markers used.\n\nValue description:\n\n- `SEGMENTS` - The scte markers are sourced from the segments of the ingested content.\n- `MANIFEST` - the scte markers are sourced from the manifest of the ingested content. The MANIFEST value is compatible with source HLS playlists using the SCTE-35 Enhanced syntax ( `EXT-OATCLS-SCTE35` tags). SCTE-35 Elemental and SCTE-35 Daterange syntaxes are not supported with this option.", - "title": "ScteMarkersSource", + "QuestionField": { + "markdownDescription": "The name of the field that contains the query made to the OpenSearch Service database.", + "title": "QuestionField", "type": "string" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", - "title": "StreamSelection" } }, "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.DashPackage": { + "AWS::Lex::Bot.ExternalSourceSetting": { "additionalProperties": false, "properties": { - "DashManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashManifest" - }, - "markdownDescription": "A list of DASH manifest configurations that are available from this endpoint.", - "title": "DashManifests", - "type": "array" + "GrammarSlotTypeSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSetting", + "markdownDescription": "Settings required for a slot type based on a grammar that you provide.", + "title": "GrammarSlotTypeSetting" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.FulfillmentCodeHookSetting": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether a Lambda function should be invoked to fulfill a specific intent.", + "title": "Enabled", + "type": "boolean" }, - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "FulfillmentUpdatesSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdatesSpecification", + "markdownDescription": "Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations.", + "title": "FulfillmentUpdatesSpecification" }, - "IncludeEncoderConfigurationInSegments": { - "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", - "title": "IncludeEncoderConfigurationInSegments", + "IsActive": { + "markdownDescription": "Determines whether the fulfillment code hook is used. When `active` is false, the code hook doesn't run.", + "title": "IsActive", "type": "boolean" }, - "IncludeIframeOnlyStream": { - "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", - "title": "IncludeIframeOnlyStream", + "PostFulfillmentStatusSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PostFulfillmentStatusSpecification", + "markdownDescription": "Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations.", + "title": "PostFulfillmentStatusSpecification" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.FulfillmentStartResponseSpecification": { + "additionalProperties": false, + "properties": { + "AllowInterrupt": { + "markdownDescription": "Determines whether the user can interrupt the start message while it is playing.", + "title": "AllowInterrupt", "type": "boolean" }, - "PeriodTriggers": { + "DelayInSeconds": { + "markdownDescription": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.", + "title": "DelayInSeconds", + "type": "number" + }, + "MessageGroups": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", - "title": "PeriodTriggers", + "markdownDescription": "1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user.", + "title": "MessageGroups", "type": "array" - }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentTemplateFormat": { - "markdownDescription": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to `NUMBER_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to `TIME_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to `NUMBER_WITH_DURATION` , only a duration is included in each SegmentTemplate, with $Number$ media URLs.", - "title": "SegmentTemplateFormat", - "type": "string" } }, "required": [ - "DashManifests" + "DelayInSeconds", + "MessageGroups" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration": { + "AWS::Lex::Bot.FulfillmentUpdateResponseSpecification": { "additionalProperties": false, "properties": { - "PresetSpeke20Audio": { - "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", - "title": "PresetSpeke20Audio", - "type": "string" + "AllowInterrupt": { + "markdownDescription": "Determines whether the user can interrupt an update message while it is playing.", + "title": "AllowInterrupt", + "type": "boolean" }, - "PresetSpeke20Video": { - "markdownDescription": "A collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", - "title": "PresetSpeke20Video", - "type": "string" + "FrequencyInSeconds": { + "markdownDescription": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.", + "title": "FrequencyInSeconds", + "type": "number" + }, + "MessageGroups": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + }, + "markdownDescription": "1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.", + "title": "MessageGroups", + "type": "array" } }, "required": [ - "PresetSpeke20Audio", - "PresetSpeke20Video" + "FrequencyInSeconds", + "MessageGroups" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsEncryption": { + "AWS::Lex::Bot.FulfillmentUpdatesSpecification": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks. If you don't specify a constant initialization vector (IV), AWS Elemental MediaPackage periodically rotates the IV.", - "title": "ConstantInitializationVector", - "type": "string" + "Active": { + "markdownDescription": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.\n\nIf the `active` field is set to true, the `startResponse` , `updateResponse` , and `timeoutInSeconds` fields are required.", + "title": "Active", + "type": "boolean" }, - "EncryptionMethod": { - "markdownDescription": "HLS encryption type.", - "title": "EncryptionMethod", - "type": "string" + "StartResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentStartResponseSpecification", + "markdownDescription": "Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running.", + "title": "StartResponse" }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "TimeoutInSeconds": { + "markdownDescription": "The length of time that the fulfillment Lambda function should run before it times out.", + "title": "TimeoutInSeconds", + "type": "number" + }, + "UpdateResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdateResponseSpecification", + "markdownDescription": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running.", + "title": "UpdateResponse" } }, "required": [ - "SpekeKeyProvider" + "Active" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsManifest": { + "AWS::Lex::Bot.GenerativeAISettings": { "additionalProperties": false, "properties": { - "AdMarkers": { - "markdownDescription": "This setting controls ad markers in the packaged content.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", - "title": "AdMarkers", - "type": "string" - }, - "IncludeIframeOnlyStream": { - "markdownDescription": "Applies to stream sets with a single video track only. When enabled, the output includes an additional I-frame only stream, along with the other tracks.", - "title": "IncludeIframeOnlyStream", - "type": "boolean" + "BuildtimeSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.BuildtimeSettings", + "markdownDescription": "", + "title": "BuildtimeSettings" }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", + "RuntimeSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.RuntimeSettings", + "markdownDescription": "", + "title": "RuntimeSettings" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.GrammarSlotTypeSetting": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSource", + "markdownDescription": "The source of the grammar used to create the slot type.", + "title": "Source" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.GrammarSlotTypeSource": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The AWS KMS key required to decrypt the contents of the grammar, if any.", + "title": "KmsKeyArn", "type": "string" }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "RepeatExtXKey": { - "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", - "title": "RepeatExtXKey", - "type": "boolean" + "S3BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket that contains the grammar source.", + "title": "S3BucketName", + "type": "string" }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", - "title": "StreamSelection" + "S3ObjectKey": { + "markdownDescription": "The path to the grammar in the Amazon S3 bucket.", + "title": "S3ObjectKey", + "type": "string" } }, + "required": [ + "S3BucketName", + "S3ObjectKey" + ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.HlsPackage": { + "AWS::Lex::Bot.ImageResponseCard": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" - }, - "HlsManifests": { + "Buttons": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" + "$ref": "#/definitions/AWS::Lex::Bot.Button" }, - "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", - "title": "HlsManifests", + "markdownDescription": "A list of buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button.", + "title": "Buttons", "type": "array" }, - "IncludeDvbSubtitles": { - "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", - "title": "IncludeDvbSubtitles", - "type": "boolean" + "ImageUrl": { + "markdownDescription": "The URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.", + "title": "ImageUrl", + "type": "string" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" + "Subtitle": { + "markdownDescription": "The subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.", + "title": "Subtitle", + "type": "string" }, - "UseAudioRenditionGroup": { - "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", - "title": "UseAudioRenditionGroup", - "type": "boolean" + "Title": { + "markdownDescription": "The title to display on the response card. The format of the title is determined by the platform displaying the response card.", + "title": "Title", + "type": "string" } }, "required": [ - "HlsManifests" + "Title" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssEncryption": { + "AWS::Lex::Bot.InitialResponseSetting": { "additionalProperties": false, "properties": { - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", - "markdownDescription": "Parameters for the SPEKE key provider.", - "title": "SpekeKeyProvider" + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.", + "title": "CodeHook" + }, + "Conditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", + "title": "Conditional" + }, + "InitialResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "InitialResponse" + }, + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step in the conversation.", + "title": "NextStep" } }, - "required": [ - "SpekeKeyProvider" - ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssManifest": { + "AWS::Lex::Bot.InputContext": { "additionalProperties": false, "properties": { - "ManifestName": { - "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", - "title": "ManifestName", + "Name": { + "markdownDescription": "The name of the context.", + "title": "Name", "type": "string" - }, - "StreamSelection": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", - "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", - "title": "StreamSelection" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.MssPackage": { + "AWS::Lex::Bot.Intent": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssEncryption", - "markdownDescription": "Parameters for encrypting content.", - "title": "Encryption" + "BedrockAgentIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockAgentIntentConfiguration", + "markdownDescription": "", + "title": "BedrockAgentIntentConfiguration" }, - "MssManifests": { + "Description": { + "markdownDescription": "A description of the intent. Use the description to help identify the intent in lists.", + "title": "Description", + "type": "string" + }, + "DialogCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookSetting", + "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction.", + "title": "DialogCodeHook" + }, + "FulfillmentCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentCodeHookSetting", + "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user.", + "title": "FulfillmentCodeHook" + }, + "InitialResponseSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.InitialResponseSetting", + "markdownDescription": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.", + "title": "InitialResponseSetting" + }, + "InputContexts": { "items": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssManifest" + "$ref": "#/definitions/AWS::Lex::Bot.InputContext" }, - "markdownDescription": "A list of Microsoft Smooth manifest configurations that are available from this endpoint.", - "title": "MssManifests", + "markdownDescription": "A list of contexts that must be active for this intent to be considered by Amazon Lex .", + "title": "InputContexts", "type": "array" }, - "SegmentDurationSeconds": { - "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", - "title": "SegmentDurationSeconds", - "type": "number" - } - }, - "required": [ - "MssManifests" - ], - "type": "object" - }, - "AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider": { - "additionalProperties": false, - "properties": { - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration", - "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", - "title": "EncryptionContractConfiguration" + "IntentClosingSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentClosingSetting", + "markdownDescription": "Sets the response that Amazon Lex sends to the user when the intent is closed.", + "title": "IntentClosingSetting" }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name}", - "title": "RoleArn", + "IntentConfirmationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.IntentConfirmationSetting", + "markdownDescription": "Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers \"no,\" the settings contain a statement that is sent to the user to end the intent.", + "title": "IntentConfirmationSetting" + }, + "KendraConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.KendraConfiguration", + "markdownDescription": "Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance.", + "title": "KendraConfiguration" + }, + "Name": { + "markdownDescription": "The name of the intent. Intent names must be unique within the locale that contains the intent and can't match the name of any built-in intent.", + "title": "Name", "type": "string" }, - "SystemIds": { + "OutputContexts": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.OutputContext" }, - "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", - "title": "SystemIds", + "markdownDescription": "A list of contexts that the intent activates when it is fulfilled.", + "title": "OutputContexts", "type": "array" }, - "Url": { - "markdownDescription": "URL for the key provider's key retrieval API endpoint. Must start with https://.", - "title": "Url", + "ParentIntentSignature": { + "markdownDescription": "A unique identifier for the built-in intent to base this intent on.", + "title": "ParentIntentSignature", "type": "string" + }, + "QInConnectIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QInConnectIntentConfiguration", + "markdownDescription": "", + "title": "QInConnectIntentConfiguration" + }, + "QnAIntentConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QnAIntentConfiguration", + "markdownDescription": "", + "title": "QnAIntentConfiguration" + }, + "SampleUtterances": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + }, + "markdownDescription": "A list of utterances that a user might say to signal the intent.", + "title": "SampleUtterances", + "type": "array" + }, + "SlotPriorities": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotPriority" + }, + "markdownDescription": "Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order.", + "title": "SlotPriorities", + "type": "array" + }, + "Slots": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Slot" + }, + "markdownDescription": "A list of slots that the intent requires for fulfillment.", + "title": "Slots", + "type": "array" } }, "required": [ - "RoleArn", - "SystemIds", - "Url" + "Name" ], "type": "object" }, - "AWS::MediaPackage::PackagingConfiguration.StreamSelection": { + "AWS::Lex::Bot.IntentClosingSetting": { "additionalProperties": false, "properties": { - "MaxVideoBitsPerSecond": { - "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", - "title": "MaxVideoBitsPerSecond", - "type": "number" + "ClosingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to the user when the intent is complete.", + "title": "ClosingResponse" }, - "MinVideoBitsPerSecond": { - "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", - "title": "MinVideoBitsPerSecond", - "type": "number" + "Conditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches associated with the intent's closing response. These branches are executed when the `nextStep` attribute is set to `EvalutateConditional` .", + "title": "Conditional" }, - "StreamOrder": { - "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", - "title": "StreamOrder", - "type": "string" + "IsActive": { + "markdownDescription": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "NextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes after playing the intent's closing response.", + "title": "NextStep" } }, "type": "object" }, - "AWS::MediaPackage::PackagingGroup": { + "AWS::Lex::Bot.IntentConfirmationSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "The `DialogCodeHookInvocationSetting` object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `InvokeDialogCodeHook` .", + "title": "CodeHook" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ConfirmationConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the intent is closed.", + "title": "ConfirmationConditional" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ConfirmationNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes when the customer confirms the intent.", + "title": "ConfirmationNextStep" }, - "Metadata": { - "type": "object" + "ConfirmationResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "ConfirmationResponse" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Authorization": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.Authorization", - "markdownDescription": "Parameters for CDN authorization.", - "title": "Authorization" - }, - "EgressAccessLogs": { - "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.LogConfiguration", - "markdownDescription": "The configuration parameters for egress access logging.", - "title": "EgressAccessLogs" - }, - "Id": { - "markdownDescription": "Unique identifier that you assign to the packaging group.", - "title": "Id", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the packaging group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Id" - ], - "type": "object" + "DeclinationConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the intent is declined.", + "title": "DeclinationConditional" }, - "Type": { - "enum": [ - "AWS::MediaPackage::PackagingGroup" - ], - "type": "string" + "DeclinationNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot executes when the customer declines the intent.", + "title": "DeclinationNextStep" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DeclinationResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "When the user answers \"no\" to the question defined in `promptSpecification` , Amazon Lex responds with this response to acknowledge that the intent was canceled.", + "title": "DeclinationResponse" + }, + "ElicitationCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", + "markdownDescription": "The `DialogCodeHookInvocationSetting` used when the code hook is invoked during confirmation prompt retries.", + "title": "ElicitationCodeHook" + }, + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", + "title": "FailureConditional" + }, + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "The next step to take in the conversation if the confirmation step fails.", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the intent confirmation fails.", + "title": "FailureResponse" + }, + "IsActive": { + "markdownDescription": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "Prompts the user to confirm the intent. This question should have a yes or no answer.\n\nAmazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. For example, with the `OrderPizza` intent, you might want to confirm that the order is correct before placing it. For other intents, such as intents that simply respond to user questions, you might not need to ask the user for confirmation before providing the information.", + "title": "PromptSpecification" } }, "required": [ - "Type", - "Properties" + "PromptSpecification" ], "type": "object" }, - "AWS::MediaPackage::PackagingGroup.Authorization": { + "AWS::Lex::Bot.IntentOverride": { "additionalProperties": false, "properties": { - "CdnIdentifierSecret": { - "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization.", - "title": "CdnIdentifierSecret", + "Name": { + "markdownDescription": "The name of the intent. Only required when you're switching intents.", + "title": "Name", "type": "string" }, - "SecretsRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", - "title": "SecretsRoleArn", + "Slots": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverrideMap" + }, + "markdownDescription": "A map of all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden.", + "title": "Slots", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.KendraConfiguration": { + "additionalProperties": false, + "properties": { + "KendraIndex": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot.", + "title": "KendraIndex", + "type": "string" + }, + "QueryFilterString": { + "markdownDescription": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) .", + "title": "QueryFilterString", "type": "string" + }, + "QueryFilterStringEnabled": { + "markdownDescription": "Determines whether the `AMAZON.KendraSearchIntent` intent uses a custom query string to query the Amazon Kendra index.", + "title": "QueryFilterStringEnabled", + "type": "boolean" } }, "required": [ - "CdnIdentifierSecret", - "SecretsRoleArn" + "KendraIndex" ], "type": "object" }, - "AWS::MediaPackage::PackagingGroup.LogConfiguration": { + "AWS::Lex::Bot.LambdaCodeHook": { "additionalProperties": false, "properties": { - "LogGroupName": { - "markdownDescription": "Sets a custom Amazon CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/EgressAccessLogs.", - "title": "LogGroupName", + "CodeHookInterfaceVersion": { + "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", + "title": "CodeHookInterfaceVersion", + "type": "string" + }, + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", + "title": "LambdaArn", "type": "string" } }, + "required": [ + "CodeHookInterfaceVersion", + "LambdaArn" + ], "type": "object" }, - "AWS::MediaPackageV2::Channel": { + "AWS::Lex::Bot.Message": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CustomPayload": { + "$ref": "#/definitions/AWS::Lex::Bot.CustomPayload", + "markdownDescription": "A message in a custom format defined by the client application.", + "title": "CustomPayload" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ImageResponseCard": { + "$ref": "#/definitions/AWS::Lex::Bot.ImageResponseCard", + "markdownDescription": "A message that defines a response card that the client application can show to the user.", + "title": "ImageResponseCard" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PlainTextMessage": { + "$ref": "#/definitions/AWS::Lex::Bot.PlainTextMessage", + "markdownDescription": "A message in plain text format.", + "title": "PlainTextMessage" }, - "Metadata": { - "type": "object" + "SSMLMessage": { + "$ref": "#/definitions/AWS::Lex::Bot.SSMLMessage", + "markdownDescription": "A message in Speech Synthesis Markup Language (SSML).", + "title": "SSMLMessage" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.MessageGroup": { + "additionalProperties": false, + "properties": { + "Message": { + "$ref": "#/definitions/AWS::Lex::Bot.Message", + "markdownDescription": "The primary message that Amazon Lex should send to the user.", + "title": "Message" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the channel configuration.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the channel.", - "title": "Description", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the channel.", - "title": "Tags", - "type": "array" - } + "Variations": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.Message" }, - "required": [ - "ChannelGroupName", - "ChannelName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::Channel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user.", + "title": "Variations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Message" ], "type": "object" }, - "AWS::MediaPackageV2::Channel.IngestEndpoint": { + "AWS::Lex::Bot.MultipleValuesSetting": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The identifier associated with the ingest endpoint of the channel.", - "title": "Id", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL associated with the ingest endpoint of the channel.", - "title": "Url", - "type": "string" + "AllowMultipleValues": { + "markdownDescription": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` .", + "title": "AllowMultipleValues", + "type": "boolean" } }, "type": "object" }, - "AWS::MediaPackageV2::ChannelGroup": { + "AWS::Lex::Bot.NluImprovementSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group.", - "title": "ChannelGroupName", - "type": "string" - }, - "Description": { - "markdownDescription": "The configuration for a MediaPackage V2 channel group.", - "title": "Description", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the channel group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ChannelGroupName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::ChannelGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Enabled": { + "markdownDescription": "Determines whether the Assisted NLU feature is enabled for the bot. When set to `true` , Amazon Lex uses advanced models to improve intent recognition and slot resolution, with the default being `false` .", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Type", - "Properties" + "Enabled" ], "type": "object" }, - "AWS::MediaPackageV2::ChannelPolicy": { + "AWS::Lex::Bot.ObfuscationSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the channel policy.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The name of the channel associated with the channel policy.", - "title": "ChannelName", - "type": "string" - }, - "Policy": { - "markdownDescription": "The policy associated with the channel.", - "title": "Policy", - "type": "object" - } - }, - "required": [ - "ChannelGroupName", - "ChannelName", - "Policy" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::ChannelPolicy" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObfuscationSettingType": { + "markdownDescription": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.", + "title": "ObfuscationSettingType", "type": "string" } }, "required": [ - "Type", - "Properties" + "ObfuscationSettingType" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint": { + "AWS::Lex::Bot.OpensearchConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DomainEndpoint": { + "markdownDescription": "The endpoint of the Amazon OpenSearch Service domain.", + "title": "DomainEndpoint", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response or to return an answer generated by the model using the fields you specify from the database.", + "title": "ExactResponse", + "type": "boolean" }, - "Metadata": { - "type": "object" + "ExactResponseFields": { + "$ref": "#/definitions/AWS::Lex::Bot.ExactResponseFields", + "markdownDescription": "Contains the names of the fields used for an exact response to the user.", + "title": "ExactResponseFields" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the origin endpoint configuration.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The channel name associated with the origin endpoint.", - "title": "ChannelName", - "type": "string" - }, - "ContainerType": { - "markdownDescription": "The container type associated with the origin endpoint configuration.", - "title": "ContainerType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description associated with the origin endpoint.", - "title": "Description", - "type": "string" - }, - "HlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration" - }, - "markdownDescription": "The HLS manifests associated with the origin endpoint configuration.", - "title": "HlsManifests", - "type": "array" - }, - "LowLatencyHlsManifests": { - "items": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration" - }, - "markdownDescription": "The low-latency HLS (LL-HLS) manifests associated with the origin endpoint.", - "title": "LowLatencyHlsManifests", - "type": "array" - }, - "OriginEndpointName": { - "markdownDescription": "The name of the origin endpoint associated with the origin endpoint configuration.", - "title": "OriginEndpointName", - "type": "string" - }, - "Segment": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Segment", - "markdownDescription": "The segment associated with the origin endpoint.", - "title": "Segment" - }, - "StartoverWindowSeconds": { - "markdownDescription": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", - "title": "StartoverWindowSeconds", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the origin endpoint.", - "title": "Tags", - "type": "array" - } + "IncludeFields": { + "items": { + "type": "string" }, - "required": [ - "ChannelGroupName", - "ChannelName", - "OriginEndpointName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::OriginEndpoint" - ], - "type": "string" + "markdownDescription": "Contains a list of fields from the Amazon OpenSearch Service that the model can use to generate the answer to the query.", + "title": "IncludeFields", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IndexName": { + "markdownDescription": "The name of the Amazon OpenSearch Service index.", + "title": "IndexName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.Encryption": { + "AWS::Lex::Bot.OutputContext": { "additionalProperties": false, "properties": { - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).", - "title": "ConstantInitializationVector", + "Name": { + "markdownDescription": "The name of the output context.", + "title": "Name", "type": "string" }, - "EncryptionMethod": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod", - "markdownDescription": "The encryption method to use.", - "title": "EncryptionMethod" - }, - "KeyRotationIntervalSeconds": { - "markdownDescription": "The interval, in seconds, to rotate encryption keys for the origin endpoint.", - "title": "KeyRotationIntervalSeconds", + "TimeToLiveInSeconds": { + "markdownDescription": "The amount of time, in seconds, that the output context should remain active. The time is figured from the first time the context is sent to the user.", + "title": "TimeToLiveInSeconds", "type": "number" }, - "SpekeKeyProvider": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider", - "markdownDescription": "The SPEKE key provider to use for encryption.", - "title": "SpekeKeyProvider" + "TurnsToLive": { + "markdownDescription": "The number of conversation turns that the output context should remain active. The number of turns is counted from the first time that the context is sent to the user.", + "title": "TurnsToLive", + "type": "number" } }, "required": [ - "EncryptionMethod", - "SpekeKeyProvider" + "Name", + "TimeToLiveInSeconds", + "TurnsToLive" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration": { + "AWS::Lex::Bot.PlainTextMessage": { "additionalProperties": false, "properties": { - "PresetSpeke20Audio": { - "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", - "title": "PresetSpeke20Audio", - "type": "string" - }, - "PresetSpeke20Video": { - "markdownDescription": "The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint.\n\nA collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", - "title": "PresetSpeke20Video", + "Value": { + "markdownDescription": "The message to send to the user.", + "title": "Value", "type": "string" } }, "required": [ - "PresetSpeke20Audio", - "PresetSpeke20Video" + "Value" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod": { + "AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification": { "additionalProperties": false, "properties": { - "CmafEncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "CmafEncryptionMethod", - "type": "string" + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureConditional" }, - "TsEncryptionMethod": { - "markdownDescription": "The encryption method to use.", - "title": "TsEncryptionMethod", - "type": "string" + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the code hook fails.", + "title": "FailureResponse" + }, + "SuccessConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook finishes successfully.", + "title": "SuccessConditional" + }, + "SuccessNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifics the next step the bot runs after the dialog code hook finishes successfully.", + "title": "SuccessNextStep" + }, + "SuccessResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the code hook succeeds.", + "title": "SuccessResponse" + }, + "TimeoutConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate if the code hook times out.", + "title": "TimeoutConditional" + }, + "TimeoutNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the code hook times out.", + "title": "TimeoutNextStep" + }, + "TimeoutResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond to the user input when the code hook times out.", + "title": "TimeoutResponse" } }, "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration": { + "AWS::Lex::Bot.PostFulfillmentStatusSpecification": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.", - "title": "End", - "type": "string" + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureConditional" }, - "ManifestFilter": { - "markdownDescription": "Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.", - "title": "ManifestFilter", - "type": "string" + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", + "title": "FailureNextStep" }, - "Start": { - "markdownDescription": "Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.", - "title": "Start", - "type": "string" + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't successful.", + "title": "FailureResponse" }, - "TimeDelaySeconds": { - "markdownDescription": "Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.", - "title": "TimeDelaySeconds", - "type": "number" + "SuccessConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully.", + "title": "SuccessConditional" + }, + "SuccessNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully.", + "title": "SuccessNextStep" + }, + "SuccessResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the fulfillment is successful.", + "title": "SuccessResponse" + }, + "TimeoutConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate if the fulfillment code hook times out.", + "title": "TimeoutConditional" + }, + "TimeoutNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the fulfillment code hook times out.", + "title": "TimeoutNextStep" + }, + "TimeoutResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't completed within the timeout period.", + "title": "TimeoutResponse" } }, "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration": { + "AWS::Lex::Bot.PromptAttemptSpecification": { "additionalProperties": false, "properties": { - "ChildManifestName": { - "markdownDescription": "The name of the child manifest associated with the HLS manifest configuration.", - "title": "ChildManifestName", - "type": "string" + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech prompt attempt from the bot.", + "title": "AllowInterrupt", + "type": "boolean" }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", - "markdownDescription": "", - "title": "FilterConfiguration" + "AllowedInputTypes": { + "$ref": "#/definitions/AWS::Lex::Bot.AllowedInputTypes", + "markdownDescription": "Indicates the allowed input types of the prompt attempt.", + "title": "AllowedInputTypes" }, - "ManifestName": { - "markdownDescription": "The name of the manifest associated with the HLS manifest configuration.", - "title": "ManifestName", - "type": "string" + "AudioAndDTMFInputSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.AudioAndDTMFInputSpecification", + "markdownDescription": "Specifies the settings on audio and DTMF input.", + "title": "AudioAndDTMFInputSpecification" }, - "ManifestWindowSeconds": { - "markdownDescription": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", - "title": "ManifestWindowSeconds", - "type": "number" + "TextInputSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.TextInputSpecification", + "markdownDescription": "Specifies the settings on text input.", + "title": "TextInputSpecification" + } + }, + "required": [ + "AllowedInputTypes" + ], + "type": "object" + }, + "AWS::Lex::Bot.PromptSpecification": { + "additionalProperties": false, + "properties": { + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech prompt from the bot.", + "title": "AllowInterrupt", + "type": "boolean" }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", - "title": "ProgramDateTimeIntervalSeconds", + "MaxRetries": { + "markdownDescription": "The maximum number of times the bot tries to elicit a response from the user using this prompt.", + "title": "MaxRetries", "type": "number" }, - "ScteHls": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", - "markdownDescription": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", - "title": "ScteHls" + "MessageGroupsList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + }, + "markdownDescription": "A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime.", + "title": "MessageGroupsList", + "type": "array" }, - "Url": { - "markdownDescription": "The URL of the HLS manifest configuration.", - "title": "Url", + "MessageSelectionStrategy": { + "markdownDescription": "Indicates how a message is selected from a message group among retries.", + "title": "MessageSelectionStrategy", "type": "string" + }, + "PromptAttemptsSpecification": { + "additionalProperties": false, + "markdownDescription": "Specifies the advanced settings on each attempt of the prompt.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptAttemptSpecification" + } + }, + "title": "PromptAttemptsSpecification", + "type": "object" } }, "required": [ - "ManifestName" + "MaxRetries", + "MessageGroupsList" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration": { + "AWS::Lex::Bot.QInConnectAssistantConfiguration": { "additionalProperties": false, "properties": { - "ChildManifestName": { - "markdownDescription": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "ChildManifestName", - "type": "string" - }, - "FilterConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "AssistantArn": { "markdownDescription": "", - "title": "FilterConfiguration" - }, - "ManifestName": { - "markdownDescription": "A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", - "title": "ManifestName", - "type": "string" - }, - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of the manifest's content.", - "title": "ManifestWindowSeconds", - "type": "number" - }, - "ProgramDateTimeIntervalSeconds": { - "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", - "title": "ProgramDateTimeIntervalSeconds", - "type": "number" - }, - "ScteHls": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", - "markdownDescription": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "ScteHls" - }, - "Url": { - "markdownDescription": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", - "title": "Url", + "title": "AssistantArn", "type": "string" } }, "required": [ - "ManifestName" + "AssistantArn" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.Scte": { + "AWS::Lex::Bot.QInConnectIntentConfiguration": { "additionalProperties": false, "properties": { - "ScteFilter": { - "items": { - "type": "string" - }, - "markdownDescription": "The filter associated with the SCTE-35 configuration.", - "title": "ScteFilter", - "type": "array" + "QInConnectAssistantConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.QInConnectAssistantConfiguration", + "markdownDescription": "", + "title": "QInConnectAssistantConfiguration" } }, "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.ScteHls": { + "AWS::Lex::Bot.QnAIntentConfiguration": { "additionalProperties": false, "properties": { - "AdMarkerHls": { - "markdownDescription": "The SCTE-35 HLS ad-marker configuration.", - "title": "AdMarkerHls", - "type": "string" + "BedrockModelConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelConfiguration" + }, + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Lex::Bot.DataSourceConfiguration", + "markdownDescription": "Contains details about the configuration of the data source used for the `AMAZON.QnAIntent` .", + "title": "DataSourceConfiguration" } }, + "required": [ + "BedrockModelConfiguration", + "DataSourceConfiguration" + ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.Segment": { + "AWS::Lex::Bot.QnAKendraConfiguration": { "additionalProperties": false, "properties": { - "Encryption": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Encryption", - "markdownDescription": "Whether to use encryption for the segment.", - "title": "Encryption" - }, - "IncludeIframeOnlyStreams": { - "markdownDescription": "Whether the segment includes I-frame-only streams.", - "title": "IncludeIframeOnlyStreams", + "ExactResponse": { + "markdownDescription": "Specifies whether to return an exact response from the Amazon Kendra index or to let the Amazon Bedrock model you select generate a response based on the results. To use this feature, you must first add FAQ questions to your index by following the steps at [Adding frequently asked questions (FAQs) to an index](https://docs.aws.amazon.com/kendra/latest/dg/in-creating-faq.html) .", + "title": "ExactResponse", "type": "boolean" }, - "Scte": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Scte", - "markdownDescription": "The SCTE-35 configuration associated with the segment.", - "title": "Scte" - }, - "SegmentDurationSeconds": { - "markdownDescription": "The duration of the segment, in seconds.", - "title": "SegmentDurationSeconds", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment associated with the origin endpoint.", - "title": "SegmentName", + "KendraIndex": { + "markdownDescription": "The ARN of the Amazon Kendra index to use.", + "title": "KendraIndex", "type": "string" }, - "TsIncludeDvbSubtitles": { - "markdownDescription": "Whether the segment includes DVB subtitles.", - "title": "TsIncludeDvbSubtitles", - "type": "boolean" + "QueryFilterString": { + "markdownDescription": "Contains the Amazon Kendra filter string to use if enabled. For more information on the Amazon Kendra search filter JSON format, see [Using document attributes to filter search results](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html#search-filtering) .", + "title": "QueryFilterString", + "type": "string" }, - "TsUseAudioRenditionGroup": { - "markdownDescription": "Whether the segment is an audio rendition group.", - "title": "TsUseAudioRenditionGroup", + "QueryFilterStringEnabled": { + "markdownDescription": "Specifies whether to enable an Amazon Kendra filter string or not.", + "title": "QueryFilterStringEnabled", "type": "boolean" } }, + "required": [ + "ExactResponse", + "KendraIndex", + "QueryFilterStringEnabled" + ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider": { + "AWS::Lex::Bot.Replication": { "additionalProperties": false, "properties": { - "DrmSystems": { + "ReplicaRegions": { "items": { "type": "string" }, - "markdownDescription": "The DRM solution provider you're using to protect your content during distribution.", - "title": "DrmSystems", + "markdownDescription": "", + "title": "ReplicaRegions", "type": "array" - }, - "EncryptionContractConfiguration": { - "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration", - "markdownDescription": "The encryption contract configuration associated with the SPEKE key provider.", - "title": "EncryptionContractConfiguration" - }, - "ResourceId": { - "markdownDescription": "The unique identifier for the content. The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.\n\nThe following example shows a resource ID: `MovieNight20171126093045`", - "title": "ResourceId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.\n\nValid format: `arn:aws:iam::{accountID}:role/{name}` . The following example shows a role ARN: `arn:aws:iam::444455556666:role/SpekeAccess`", - "title": "RoleArn", - "type": "string" - }, - "Url": { - "markdownDescription": "The URL of the SPEKE key provider.", - "title": "Url", - "type": "string" } }, "required": [ - "DrmSystems", - "EncryptionContractConfiguration", - "ResourceId", - "RoleArn", - "Url" + "ReplicaRegions" ], "type": "object" }, - "AWS::MediaPackageV2::OriginEndpointPolicy": { + "AWS::Lex::Bot.ResponseSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "AllowInterrupt": { + "markdownDescription": "Indicates whether the user can interrupt a speech response from Amazon Lex.", + "title": "AllowInterrupt", + "type": "boolean" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelGroupName": { - "markdownDescription": "The name of the channel group associated with the origin endpoint policy.", - "title": "ChannelGroupName", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The channel name associated with the origin endpoint policy.", - "title": "ChannelName", - "type": "string" - }, - "OriginEndpointName": { - "markdownDescription": "The name of the origin endpoint associated with the origin endpoint policy.", - "title": "OriginEndpointName", - "type": "string" - }, - "Policy": { - "markdownDescription": "The policy associated with the origin endpoint.", - "title": "Policy", - "type": "object" - } + "MessageGroupsList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, - "required": [ - "ChannelGroupName", - "ChannelName", - "OriginEndpointName", - "Policy" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaPackageV2::OriginEndpointPolicy" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime.", + "title": "MessageGroupsList", + "type": "array" } }, "required": [ - "Type", - "Properties" + "MessageGroupsList" ], "type": "object" }, - "AWS::MediaStore::Container": { + "AWS::Lex::Bot.RuntimeSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "NluImprovementSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.NluImprovementSpecification", + "markdownDescription": "", + "title": "NluImprovementSpecification" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SlotResolutionImprovementSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotResolutionImprovementSpecification", + "markdownDescription": "", + "title": "SlotResolutionImprovementSpecification" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.S3BucketLogDestination": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", + "title": "KmsKeyArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessLoggingEnabled": { - "markdownDescription": "The state of access logging on the container. This value is `false` by default, indicating that AWS Elemental MediaStore does not send access logs to Amazon CloudWatch Logs. When you enable access logging on the container, MediaStore changes this value to `true` , indicating that the service delivers access logs for objects stored in that container to CloudWatch Logs.", - "title": "AccessLoggingEnabled", - "type": "boolean" - }, - "ContainerName": { - "markdownDescription": "The name for the container. The name must be from 1 to 255 characters. Container names must be unique to your AWS account within a specific region. As an example, you could create a container named `movies` in every region, as long as you don\u2019t have an existing container with that name.", - "title": "ContainerName", - "type": "string" - }, - "CorsPolicy": { - "items": { - "$ref": "#/definitions/AWS::MediaStore::Container.CorsRule" - }, - "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nSets the cross-origin resource sharing (CORS) configuration on a container so that the container can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com to access your AWS Elemental MediaStore container at my.example.container.com by using the browser's XMLHttpRequest capability.\n\nTo enable CORS on a container, you attach a CORS policy to the container. In the CORS policy, you configure rules that identify origins and the HTTP methods that can be executed on your container. The policy can contain up to 398,000 characters. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.\n\nTo learn more about CORS, see [Cross-Origin Resource Sharing (CORS) in AWS Elemental MediaStore](https://docs.aws.amazon.com/mediastore/latest/ug/cors-policy.html) .", - "title": "CorsPolicy", - "type": "array" - }, - "LifecyclePolicy": { - "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nWrites an object lifecycle policy to a container. If the container already has an object lifecycle policy, the service replaces the existing policy with the new policy. It takes up to 20 minutes for the change to take effect.\n\nFor information about how to construct an object lifecycle policy, see [Components of an Object Lifecycle Policy](https://docs.aws.amazon.com/mediastore/latest/ug/policies-object-lifecycle-components.html) .", - "title": "LifecyclePolicy", - "type": "string" - }, - "MetricPolicy": { - "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicy", - "markdownDescription": "The metric policy that is associated with the container. A metric policy allows AWS Elemental MediaStore to send metrics to Amazon CloudWatch. In the policy, you must indicate whether you want MediaStore to send container-level metrics. You can also include rules to define groups of objects that you want MediaStore to send object-level metrics for.\n\nTo view examples of how to construct a metric policy for your use case, see [Example Metric Policies](https://docs.aws.amazon.com/mediastore/latest/ug/policies-metric-examples.html) .", - "title": "MetricPolicy" - }, - "Policy": { - "markdownDescription": "Creates an access policy for the specified container to restrict the users and clients that can access it. For information about the data that is included in an access policy, see the [AWS Identity and Access Management User Guide](https://docs.aws.amazon.com/iam/) .\n\nFor this release of the REST API, you can create only one policy for a container. If you enter `PutContainerPolicy` twice, the second command modifies the existing policy.", - "title": "Policy", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ContainerName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaStore::Container" - ], + "LogPrefix": { + "markdownDescription": "The S3 prefix to assign to audio log files.", + "title": "LogPrefix", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", + "title": "S3BucketArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "LogPrefix", + "S3BucketArn" ], "type": "object" }, - "AWS::MediaStore::Container.CorsRule": { + "AWS::Lex::Bot.S3Location": { "additionalProperties": false, "properties": { - "AllowedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies which headers are allowed in a preflight `OPTIONS` request through the `Access-Control-Request-Headers` header. Each header name that is specified in `Access-Control-Request-Headers` must have a corresponding entry in the rule. Only the headers that were requested are sent back.\n\nThis element can contain only one wildcard character (*).", - "title": "AllowedHeaders", - "type": "array" - }, - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.\n\nEach CORS rule must contain at least one `AllowedMethods` and one `AllowedOrigins` element.", - "title": "AllowedMethods", - "type": "array" - }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nEach CORS rule must have at least one `AllowedOrigins` element. The string value can include only one wildcard character (*), for example, http://*.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.", - "title": "AllowedOrigins", - "type": "array" + "S3Bucket": { + "markdownDescription": "The S3 bucket name.", + "title": "S3Bucket", + "type": "string" }, - "ExposeHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nThis element is optional for each rule.", - "title": "ExposeHeaders", - "type": "array" + "S3ObjectKey": { + "markdownDescription": "The path and file name to the object in the S3 bucket.", + "title": "S3ObjectKey", + "type": "string" }, - "MaxAgeSeconds": { - "markdownDescription": "The time in seconds that your browser caches the preflight response for the specified resource.\n\nA CORS rule can have only one `MaxAgeSeconds` element.", - "title": "MaxAgeSeconds", - "type": "number" + "S3ObjectVersion": { + "markdownDescription": "The version of the object in the S3 bucket.", + "title": "S3ObjectVersion", + "type": "string" } }, + "required": [ + "S3Bucket", + "S3ObjectKey" + ], "type": "object" }, - "AWS::MediaStore::Container.MetricPolicy": { + "AWS::Lex::Bot.SSMLMessage": { "additionalProperties": false, "properties": { - "ContainerLevelMetrics": { - "markdownDescription": "A setting to enable or disable metrics at the container level.", - "title": "ContainerLevelMetrics", + "Value": { + "markdownDescription": "The SSML text that defines the prompt.", + "title": "Value", "type": "string" - }, - "MetricPolicyRules": { - "items": { - "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicyRule" - }, - "markdownDescription": "A parameter that holds an array of rules that enable metrics at the object level. This parameter is optional, but if you choose to include it, you must also include at least one rule. By default, you can include up to five rules. You can also [request a quota increase](https://docs.aws.amazon.com/servicequotas/home?region=us-east-1#!/services/mediastore/quotas) to allow up to 300 rules per policy.", - "title": "MetricPolicyRules", - "type": "array" } }, "required": [ - "ContainerLevelMetrics" + "Value" ], "type": "object" }, - "AWS::MediaStore::Container.MetricPolicyRule": { + "AWS::Lex::Bot.SampleUtterance": { "additionalProperties": false, "properties": { - "ObjectGroup": { - "markdownDescription": "A path or file name that defines which objects to include in the group. Wildcards (*) are acceptable.", - "title": "ObjectGroup", - "type": "string" - }, - "ObjectGroupName": { - "markdownDescription": "A name that allows you to refer to the object group.", - "title": "ObjectGroupName", + "Utterance": { + "markdownDescription": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.", + "title": "Utterance", "type": "string" } }, "required": [ - "ObjectGroup", - "ObjectGroupName" + "Utterance" ], "type": "object" }, - "AWS::MediaTailor::Channel": { + "AWS::Lex::Bot.SampleUtteranceGenerationSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "", + "title": "BedrockModelSpecification" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Enabled": { + "markdownDescription": "Specifies whether to enable sample utterance generation or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.SampleValue": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The value that can be used for a slot type.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::Lex::Bot.SentimentAnalysisSettings": { + "additionalProperties": false, + "properties": { + "DetectSentiment": { + "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", + "title": "DetectSentiment", + "type": "boolean" + } + }, + "required": [ + "DetectSentiment" + ], + "type": "object" + }, + "AWS::Lex::Bot.SessionAttribute": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the session attribute.", + "title": "Key", + "type": "string" }, - "Metadata": { - "type": "object" + "Value": { + "markdownDescription": "The session-specific context information for the session attribute.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + }, + "AWS::Lex::Bot.Slot": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the slot.", + "title": "Description", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Audiences": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of audiences defined in channel.", - "title": "Audiences", - "type": "array" - }, - "ChannelName": { - "markdownDescription": "The name of the channel.", - "title": "ChannelName", - "type": "string" - }, - "FillerSlate": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.SlateSource", - "markdownDescription": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` .", - "title": "FillerSlate" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.LogConfigurationForChannel", - "markdownDescription": "The log configuration.", - "title": "LogConfiguration" - }, - "Outputs": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.RequestOutputItem" - }, - "markdownDescription": "The channel's output properties.", - "title": "Outputs", - "type": "array" - }, - "PlaybackMode": { - "markdownDescription": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule.", - "title": "PlaybackMode", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to assign to the channel. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - }, - "Tier": { - "markdownDescription": "The tier for this channel. STANDARD tier channels can contain live programs.", - "title": "Tier", - "type": "string" - }, - "TimeShiftConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.TimeShiftConfiguration", - "markdownDescription": "The configuration for time-shifted viewing.", - "title": "TimeShiftConfiguration" - } - }, - "required": [ - "ChannelName", - "Outputs", - "PlaybackMode" - ], - "type": "object" + "MultipleValuesSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.MultipleValuesSetting", + "markdownDescription": "Indicates whether a slot can return multiple values.", + "title": "MultipleValuesSetting" }, - "Type": { - "enum": [ - "AWS::MediaTailor::Channel" - ], + "Name": { + "markdownDescription": "The name given to the slot.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObfuscationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.ObfuscationSetting", + "markdownDescription": "Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs.", + "title": "ObfuscationSetting" + }, + "SlotTypeName": { + "markdownDescription": "The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot.", + "title": "SlotTypeName", "type": "string" + }, + "SubSlotSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotSetting", + "markdownDescription": "", + "title": "SubSlotSetting" + }, + "ValueElicitationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueElicitationSetting", + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value.\n- TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ValueElicitationSetting" } }, "required": [ - "Type", - "Properties" + "Name", + "SlotTypeName", + "ValueElicitationSetting" ], "type": "object" }, - "AWS::MediaTailor::Channel.DashPlaylistSettings": { + "AWS::Lex::Bot.SlotCaptureSetting": { "additionalProperties": false, "properties": { - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", - "title": "ManifestWindowSeconds", - "type": "number" + "CaptureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate after the slot value is captured.", + "title": "CaptureConditional" }, - "MinBufferTimeSeconds": { - "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "MinBufferTimeSeconds", - "type": "number" + "CaptureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out.", + "title": "CaptureNextStep" }, - "MinUpdatePeriodSeconds": { - "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "MinUpdatePeriodSeconds", - "type": "number" + "CaptureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", + "title": "CaptureResponse" }, - "SuggestedPresentationDelaySeconds": { - "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", - "title": "SuggestedPresentationDelaySeconds", + "CodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", + "markdownDescription": "Code hook called after Amazon Lex successfully captures a slot value.", + "title": "CodeHook" + }, + "ElicitationCodeHook": { + "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", + "markdownDescription": "Code hook called when Amazon Lex doesn't capture a slot value.", + "title": "ElicitationCodeHook" + }, + "FailureConditional": { + "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", + "markdownDescription": "A list of conditional branches to evaluate when the slot value isn't captured.", + "title": "FailureConditional" + }, + "FailureNextStep": { + "$ref": "#/definitions/AWS::Lex::Bot.DialogState", + "markdownDescription": "Specifies the next step that the bot runs when the slot value code is not recognized.", + "title": "FailureNextStep" + }, + "FailureResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the slot fails to be captured.", + "title": "FailureResponse" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValue": { + "markdownDescription": "The default value to use when a user doesn't provide a value for a slot.", + "title": "DefaultValue", + "type": "string" + } + }, + "required": [ + "DefaultValue" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotDefaultValueSpecification": { + "additionalProperties": false, + "properties": { + "DefaultValueList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValue" + }, + "markdownDescription": "A list of default values. Amazon Lex chooses the default value to use in the order that they are presented in the list.", + "title": "DefaultValueList", + "type": "array" + } + }, + "required": [ + "DefaultValueList" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotPriority": { + "additionalProperties": false, + "properties": { + "Priority": { + "markdownDescription": "The priority that Amazon Lex should apply to the slot.", + "title": "Priority", "type": "number" + }, + "SlotName": { + "markdownDescription": "The name of the slot.", + "title": "SlotName", + "type": "string" } }, + "required": [ + "Priority", + "SlotName" + ], "type": "object" }, - "AWS::MediaTailor::Channel.HlsPlaylistSettings": { + "AWS::Lex::Bot.SlotResolutionImprovementSpecification": { "additionalProperties": false, "properties": { - "AdMarkupType": { + "BedrockModelSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.BedrockModelSpecification", + "markdownDescription": "An object containing information about the Amazon Bedrock model used to assist slot resolution.", + "title": "BedrockModelSpecification" + }, + "Enabled": { + "markdownDescription": "Specifies whether assisted slot resolution is turned on or off.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.SlotType": { + "additionalProperties": false, + "properties": { + "CompositeSlotTypeSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.CompositeSlotTypeSetting", + "markdownDescription": "", + "title": "CompositeSlotTypeSetting" + }, + "Description": { + "markdownDescription": "A description of the slot type. Use the description to help identify the slot type in lists.", + "title": "Description", + "type": "string" + }, + "ExternalSourceSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.ExternalSourceSetting", + "markdownDescription": "Sets the type of external information used to create the slot type.", + "title": "ExternalSourceSetting" + }, + "Name": { + "markdownDescription": "The name of the slot type. A slot type name must be unique withing the account.", + "title": "Name", + "type": "string" + }, + "ParentSlotTypeSignature": { + "markdownDescription": "The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type.\n\nOnly `AMAZON.AlphaNumeric` is supported.", + "title": "ParentSlotTypeSignature", + "type": "string" + }, + "SlotTypeValues": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.SlotTypeValue" }, - "markdownDescription": "Determines the type of SCTE 35 tags to use in ad markup. Specify `DATERANGE` to use `DATERANGE` tags (for live or VOD content). Specify `SCTE35_ENHANCED` to use `EXT-X-CUE-OUT` and `EXT-X-CUE-IN` tags (for VOD content only).", - "title": "AdMarkupType", + "markdownDescription": "A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot.", + "title": "SlotTypeValues", "type": "array" }, - "ManifestWindowSeconds": { - "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", - "title": "ManifestWindowSeconds", - "type": "number" + "ValueSelectionSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueSelectionSetting", + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ValueSelectionSetting" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::MediaTailor::Channel.LogConfigurationForChannel": { + "AWS::Lex::Bot.SlotTypeValue": { "additionalProperties": false, "properties": { - "LogTypes": { + "SampleValue": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleValue", + "markdownDescription": "The value of the slot type entry.", + "title": "SampleValue" + }, + "Synonyms": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lex::Bot.SampleValue" }, - "markdownDescription": "The log types.", - "title": "LogTypes", + "markdownDescription": "Additional values related to the slot type entry.", + "title": "Synonyms", "type": "array" } }, + "required": [ + "SampleValue" + ], "type": "object" }, - "AWS::MediaTailor::Channel.RequestOutputItem": { + "AWS::Lex::Bot.SlotValue": { "additionalProperties": false, "properties": { - "DashPlaylistSettings": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.DashPlaylistSettings", - "markdownDescription": "DASH manifest configuration parameters.", - "title": "DashPlaylistSettings" + "InterpretedValue": { + "markdownDescription": "The value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the `resolvedValues` list.", + "title": "InterpretedValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueElicitationSetting": { + "additionalProperties": false, + "properties": { + "DefaultValueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", + "markdownDescription": "A list of default values for a slot. Default values are used when Amazon Lex hasn't determined a value for a slot. You can specify default values from context variables, session attributes, and defined values.", + "title": "DefaultValueSpecification" }, - "HlsPlaylistSettings": { - "$ref": "#/definitions/AWS::MediaTailor::Channel.HlsPlaylistSettings", - "markdownDescription": "HLS playlist configuration parameters.", - "title": "HlsPlaylistSettings" + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "The prompt that Amazon Lex uses to elicit the slot value from the user.", + "title": "PromptSpecification" }, - "ManifestName": { - "markdownDescription": "The name of the manifest for the channel. The name appears in the `PlaybackUrl` .", - "title": "ManifestName", - "type": "string" + "SampleUtterances": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + }, + "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This is optional. In most cases, Amazon Lex is capable of understanding user utterances.", + "title": "SampleUtterances", + "type": "array" }, - "SourceGroup": { - "markdownDescription": "A string used to match which `HttpPackageConfiguration` is used for each `VodSource` .", - "title": "SourceGroup", + "SlotCaptureSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotCaptureSetting", + "markdownDescription": "Specifies the settings that Amazon Lex uses when a slot value is successfully entered by a user.", + "title": "SlotCaptureSetting" + }, + "SlotConstraint": { + "markdownDescription": "Specifies whether the slot is required or optional.", + "title": "SlotConstraint", "type": "string" + }, + "WaitAndContinueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", + "markdownDescription": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input.", + "title": "WaitAndContinueSpecification" } }, "required": [ - "ManifestName", - "SourceGroup" + "SlotConstraint" ], "type": "object" }, - "AWS::MediaTailor::Channel.SlateSource": { + "AWS::Lex::Bot.SlotValueOverride": { "additionalProperties": false, "properties": { - "SourceLocationName": { - "markdownDescription": "The name of the source location where the slate VOD source is stored.", - "title": "SourceLocationName", + "Shape": { + "markdownDescription": "When the shape value is `List` , it indicates that the `values` field contains a list of slot values. When the value is `Scalar` , it indicates that the `value` field contains a single value.", + "title": "Shape", "type": "string" }, - "VodSourceName": { - "markdownDescription": "The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.", - "title": "VodSourceName", + "Value": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValue", + "markdownDescription": "The current value of the slot.", + "title": "Value" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride" + }, + "markdownDescription": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\"", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SlotValueOverrideMap": { + "additionalProperties": false, + "properties": { + "SlotName": { + "markdownDescription": "The name of the slot.", + "title": "SlotName", "type": "string" + }, + "SlotValueOverride": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride", + "markdownDescription": "The SlotValueOverride object to which the slot name will be mapped.", + "title": "SlotValueOverride" } }, "type": "object" }, - "AWS::MediaTailor::Channel.TimeShiftConfiguration": { + "AWS::Lex::Bot.SlotValueRegexFilter": { "additionalProperties": false, "properties": { - "MaxTimeDelaySeconds": { - "markdownDescription": "The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).", - "title": "MaxTimeDelaySeconds", - "type": "number" + "Pattern": { + "markdownDescription": "A regular expression used to validate the value of a slot.\n\nUse a standard regular expression. Amazon Lex supports the following characters in the regular expression:\n\n- A-Z, a-z\n- 0-9\n- Unicode characters (\"\\\u2060u\")\n\nRepresent Unicode characters with four digits, for example \"\\\u2060u0041\" or \"\\\u2060u005A\".\n\nThe following regular expression operators are not supported:\n\n- Infinite repeaters: *, +, or {x,} with no upper bound.\n- Wild card (.)", + "title": "Pattern", + "type": "string" } }, "required": [ - "MaxTimeDelaySeconds" + "Pattern" ], "type": "object" }, - "AWS::MediaTailor::ChannelPolicy": { + "AWS::Lex::Bot.SlotValueSelectionSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AdvancedRecognitionSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.AdvancedRecognitionSetting", + "markdownDescription": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances.", + "title": "AdvancedRecognitionSetting" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RegexFilter": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotValueRegexFilter", + "markdownDescription": "A regular expression used to validate the value of a slot.", + "title": "RegexFilter" + }, + "ResolutionStrategy": { + "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", + "title": "ResolutionStrategy", + "type": "string" + } + }, + "required": [ + "ResolutionStrategy" + ], + "type": "object" + }, + "AWS::Lex::Bot.Specifications": { + "additionalProperties": false, + "properties": { + "SlotTypeId": { + "markdownDescription": "The unique identifier assigned to the slot type.", + "title": "SlotTypeId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ValueElicitationSetting": { + "$ref": "#/definitions/AWS::Lex::Bot.SubSlotValueElicitationSetting", + "markdownDescription": "Specifies the elicitation setting details for constituent sub slots of a composite slot.", + "title": "ValueElicitationSetting" + } + }, + "required": [ + "SlotTypeId", + "ValueElicitationSetting" + ], + "type": "object" + }, + "AWS::Lex::Bot.StillWaitingResponseSpecification": { + "additionalProperties": false, + "properties": { + "AllowInterrupt": { + "markdownDescription": "Indicates that the user can interrupt the response by speaking while the message is being played.", + "title": "AllowInterrupt", + "type": "boolean" }, - "Metadata": { - "type": "object" + "FrequencyInSeconds": { + "markdownDescription": "How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes.", + "title": "FrequencyInSeconds", + "type": "number" }, - "Properties": { + "MessageGroupsList": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" + }, + "markdownDescription": "One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user.", + "title": "MessageGroupsList", + "type": "array" + }, + "TimeoutInSeconds": { + "markdownDescription": "If Amazon Lex waits longer than this length of time for a response, it will stop sending messages.", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "required": [ + "FrequencyInSeconds", + "MessageGroupsList", + "TimeoutInSeconds" + ], + "type": "object" + }, + "AWS::Lex::Bot.SubSlotSetting": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression text for defining the constituent sub slots in the composite slot using logical AND and OR operators.", + "title": "Expression", + "type": "string" + }, + "SlotSpecifications": { "additionalProperties": false, - "properties": { - "ChannelName": { - "markdownDescription": "The name of the channel associated with this Channel Policy.", - "title": "ChannelName", - "type": "string" - }, - "Policy": { - "markdownDescription": "The IAM policy for the channel. IAM policies are used to control access to your channel.", - "title": "Policy", - "type": "object" + "markdownDescription": "Specifications for the constituent sub slots of a composite slot.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Lex::Bot.Specifications" } }, - "required": [ - "ChannelName", - "Policy" - ], + "title": "SlotSpecifications", "type": "object" - }, - "Type": { - "enum": [ - "AWS::MediaTailor::ChannelPolicy" - ], + } + }, + "type": "object" + }, + "AWS::Lex::Bot.SubSlotTypeComposition": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of a constituent sub slot inside a composite slot.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SlotTypeId": { + "markdownDescription": "The unique identifier assigned to a slot type. This refers to either a built-in slot type or the unique slotTypeId of a custom slot type.", + "title": "SlotTypeId", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name", + "SlotTypeId" ], "type": "object" }, - "AWS::MediaTailor::LiveSource": { + "AWS::Lex::Bot.SubSlotValueElicitationSetting": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DefaultValueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", + "markdownDescription": "", + "title": "DefaultValueSpecification" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "PromptSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", + "markdownDescription": "", + "title": "PromptSpecification" }, - "Metadata": { - "type": "object" + "SampleUtterances": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" + }, + "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a sub slot value, you can provide those utterances to improve accuracy. This is optional. In most cases Amazon Lex is capable of understanding user utterances. This is similar to `SampleUtterances` for slots.", + "title": "SampleUtterances", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "HttpPackageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::LiveSource.HttpPackageConfiguration" - }, - "markdownDescription": "The HTTP package configurations for the live source.", - "title": "HttpPackageConfigurations", - "type": "array" - }, - "LiveSourceName": { - "markdownDescription": "The name that's used to refer to a live source.", - "title": "LiveSourceName", - "type": "string" - }, - "SourceLocationName": { - "markdownDescription": "The name of the source location.", - "title": "SourceLocationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the live source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" - } + "WaitAndContinueSpecification": { + "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", + "markdownDescription": "", + "title": "WaitAndContinueSpecification" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.TestBotAliasSettings": { + "additionalProperties": false, + "properties": { + "BotAliasLocaleSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettingsItem" }, - "required": [ - "HttpPackageConfigurations", - "LiveSourceName", - "SourceLocationName" - ], - "type": "object" + "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale.", + "title": "BotAliasLocaleSettings", + "type": "array" }, - "Type": { - "enum": [ - "AWS::MediaTailor::LiveSource" - ], - "type": "string" + "ConversationLogSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.ConversationLogSettings", + "markdownDescription": "Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users.", + "title": "ConversationLogSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Description": { + "markdownDescription": "Specifies a description for the test bot alias.", + "title": "Description", "type": "string" + }, + "SentimentAnalysisSettings": { + "$ref": "#/definitions/AWS::Lex::Bot.SentimentAnalysisSettings", + "markdownDescription": "Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", + "title": "SentimentAnalysisSettings" + } + }, + "type": "object" + }, + "AWS::Lex::Bot.TextInputSpecification": { + "additionalProperties": false, + "properties": { + "StartTimeoutMs": { + "markdownDescription": "Time for which a bot waits before re-prompting a customer for text input.", + "title": "StartTimeoutMs", + "type": "number" } }, "required": [ - "Type", - "Properties" + "StartTimeoutMs" ], "type": "object" }, - "AWS::MediaTailor::LiveSource.HttpPackageConfiguration": { + "AWS::Lex::Bot.TextLogDestination": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", - "title": "Path", - "type": "string" + "CloudWatch": { + "$ref": "#/definitions/AWS::Lex::Bot.CloudWatchLogGroupLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", + "title": "CloudWatch" + } + }, + "required": [ + "CloudWatch" + ], + "type": "object" + }, + "AWS::Lex::Bot.TextLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::Bot.TextLogDestination", + "markdownDescription": "Specifies the Amazon CloudWatch Logs destination log group for conversation text logs.", + "title": "Destination" }, - "SourceGroup": { - "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", - "title": "SourceGroup", + "Enabled": { + "markdownDescription": "Determines whether conversation logs should be stored for an alias.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::Bot.VoiceSettings": { + "additionalProperties": false, + "properties": { + "Engine": { + "markdownDescription": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the [`engine` parameter of the `SynthesizeSpeech` operation](https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html#polly-SynthesizeSpeech-request-Engine) in the *Amazon Polly developer guide* .\n\nIf you do not specify a value, the default is `standard` .", + "title": "Engine", "type": "string" }, - "Type": { - "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", - "title": "Type", + "VoiceId": { + "markdownDescription": "The identifier of the Amazon Polly voice to use.", + "title": "VoiceId", "type": "string" } }, "required": [ - "Path", - "SourceGroup", - "Type" + "VoiceId" ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration": { + "AWS::Lex::Bot.WaitAndContinueSpecification": { + "additionalProperties": false, + "properties": { + "ContinueResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation.", + "title": "ContinueResponse" + }, + "IsActive": { + "markdownDescription": "Specifies whether the bot will wait for a user to respond. When this field is false, wait and continue responses for a slot aren't used. If the `IsActive` field isn't specified, the default is true.", + "title": "IsActive", + "type": "boolean" + }, + "StillWaitingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.StillWaitingResponseSpecification", + "markdownDescription": "A response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user.", + "title": "StillWaitingResponse" + }, + "WaitingResponse": { + "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", + "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue.", + "title": "WaitingResponse" + } + }, + "required": [ + "ContinueResponse", + "WaitingResponse" + ], + "type": "object" + }, + "AWS::Lex::BotAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -164657,101 +173215,62 @@ "Properties": { "additionalProperties": false, "properties": { - "AdDecisionServerUrl": { - "markdownDescription": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters.", - "title": "AdDecisionServerUrl", - "type": "string" - }, - "AvailSuppression": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AvailSuppression", - "markdownDescription": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see [Ad Suppression](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", - "title": "AvailSuppression" - }, - "Bumper": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.Bumper", - "markdownDescription": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see [Bumpers](https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html) .", - "title": "Bumper" - }, - "CdnConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration", - "markdownDescription": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management.", - "title": "CdnConfiguration" - }, - "ConfigurationAliases": { - "additionalProperties": true, - "markdownDescription": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see [Domain Variables](https://docs.aws.amazon.com/mediatailor/latest/ug/variables-domain.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "object" - } + "BotAliasLocaleSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettingsItem" }, - "title": "ConfigurationAliases", - "type": "object" - }, - "DashConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.DashConfiguration", - "markdownDescription": "The configuration for a DASH source.", - "title": "DashConfiguration" - }, - "HlsConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration", - "markdownDescription": "The configuration for HLS content.", - "title": "HlsConfiguration" - }, - "LivePreRollConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration", - "markdownDescription": "The configuration for pre-roll ad insertion.", - "title": "LivePreRollConfiguration" - }, - "ManifestProcessingRules": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules", - "markdownDescription": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor.", - "title": "ManifestProcessingRules" - }, - "Name": { - "markdownDescription": "The identifier for the playback configuration.", - "title": "Name", - "type": "string" - }, - "PersonalizationThresholdSeconds": { - "markdownDescription": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to *ad replacement* in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see [Ad Behavior in AWS Elemental MediaTailor](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", - "title": "PersonalizationThresholdSeconds", - "type": "number" + "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale.", + "title": "BotAliasLocaleSettings", + "type": "array" }, - "SlateAdUrl": { - "markdownDescription": "The URL for a video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID playback configurations. For VPAID, the slate is required because MediaTailor provides it in the slots designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video.", - "title": "SlateAdUrl", + "BotAliasName": { + "markdownDescription": "The name of the bot alias.", + "title": "BotAliasName", "type": "string" }, - "Tags": { + "BotAliasTags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to assign to the playback configuration. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nYou can only add tags when you specify an alias.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "BotAliasTags", "type": "array" }, - "TranscodeProfileName": { - "markdownDescription": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support.", - "title": "TranscodeProfileName", + "BotId": { + "markdownDescription": "The unique identifier of the bot.", + "title": "BotId", "type": "string" }, - "VideoContentSourceUrl": { - "markdownDescription": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters.", - "title": "VideoContentSourceUrl", + "BotVersion": { + "markdownDescription": "The version of the bot that the bot alias references.", + "title": "BotVersion", + "type": "string" + }, + "ConversationLogSettings": { + "$ref": "#/definitions/AWS::Lex::BotAlias.ConversationLogSettings", + "markdownDescription": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 .", + "title": "ConversationLogSettings" + }, + "Description": { + "markdownDescription": "The description of the bot alias.", + "title": "Description", "type": "string" + }, + "SentimentAnalysisSettings": { + "$ref": "#/definitions/AWS::Lex::BotAlias.SentimentAnalysisSettings", + "markdownDescription": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", + "title": "SentimentAnalysisSettings" } }, "required": [ - "AdDecisionServerUrl", - "Name", - "VideoContentSourceUrl" + "BotAliasName", + "BotId" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaTailor::PlaybackConfiguration" + "AWS::Lex::BotAlias" ], "type": "string" }, @@ -164770,125 +173289,229 @@ ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { + "AWS::Lex::BotAlias.AudioLogDestination": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Enables ad marker passthrough for your configuration.", - "title": "Enabled", - "type": "boolean" + "S3Bucket": { + "$ref": "#/definitions/AWS::Lex::BotAlias.S3BucketLogDestination", + "markdownDescription": "The S3 bucket location where audio logs are stored.", + "title": "S3Bucket" } }, + "required": [ + "S3Bucket" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.AvailSuppression": { + "AWS::Lex::BotAlias.AudioLogSetting": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to `BEHIND_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to `AFTER_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value.", - "title": "Mode", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogDestination", + "markdownDescription": "The location of audio log files collected when conversation logging is enabled for a bot.", + "title": "Destination" }, - "Value": { - "markdownDescription": "A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge.", - "title": "Value", - "type": "string" + "Enabled": { + "markdownDescription": "Determines whether audio logging in enabled for the bot.", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Destination", + "Enabled" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.Bumper": { + "AWS::Lex::BotAlias.BotAliasLocaleSettings": { "additionalProperties": false, "properties": { - "EndUrl": { - "markdownDescription": "The URL for the end bumper asset.", - "title": "EndUrl", - "type": "string" + "CodeHookSpecification": { + "$ref": "#/definitions/AWS::Lex::BotAlias.CodeHookSpecification", + "markdownDescription": "Specifies the Lambda function that should be used in the locale.", + "title": "CodeHookSpecification" }, - "StartUrl": { - "markdownDescription": "The URL for the start bumper asset.", - "title": "StartUrl", - "type": "string" + "Enabled": { + "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", + "title": "Enabled", + "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration": { + "AWS::Lex::BotAlias.BotAliasLocaleSettingsItem": { "additionalProperties": false, "properties": { - "AdSegmentUrlPrefix": { - "markdownDescription": "A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor. ** .amazonaws.com. Then specify the rule's name in this `AdSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments.", - "title": "AdSegmentUrlPrefix", - "type": "string" + "BotAliasLocaleSetting": { + "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettings", + "markdownDescription": "Specifies settings that are unique to a locale.", + "title": "BotAliasLocaleSetting" }, - "ContentSegmentUrlPrefix": { - "markdownDescription": "A content delivery network (CDN) to cache content segments, so that content requests don\u2019t always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this `ContentSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments.", - "title": "ContentSegmentUrlPrefix", + "LocaleId": { + "markdownDescription": "The unique identifier of the locale.", + "title": "LocaleId", "type": "string" } }, + "required": [ + "BotAliasLocaleSetting", + "LocaleId" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.DashConfiguration": { + "AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination": { "additionalProperties": false, "properties": { - "ManifestEndpointPrefix": { - "markdownDescription": "The URL generated by MediaTailor to initiate a playback session. The session uses server-side reporting. This setting is ignored in PUT operations.", - "title": "ManifestEndpointPrefix", - "type": "string" - }, - "MpdLocation": { - "markdownDescription": "The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are `DISABLED` and `EMT_DEFAULT` . The `EMT_DEFAULT` setting enables the inclusion of the tag and is the default value.", - "title": "MpdLocation", + "CloudWatchLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "OriginManifestType": { - "markdownDescription": "The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to `SINGLE_PERIOD` . The default setting is `MULTI_PERIOD` . For multi-period manifests, omit this setting or set it to `MULTI_PERIOD` .", - "title": "OriginManifestType", + "LogPrefix": { + "markdownDescription": "The prefix of the log stream name within the log group that you specified", + "title": "LogPrefix", "type": "string" } }, + "required": [ + "CloudWatchLogGroupArn", + "LogPrefix" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration": { + "AWS::Lex::BotAlias.CodeHookSpecification": { "additionalProperties": false, "properties": { - "ManifestEndpointPrefix": { - "markdownDescription": "The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting.", - "title": "ManifestEndpointPrefix", + "LambdaCodeHook": { + "$ref": "#/definitions/AWS::Lex::BotAlias.LambdaCodeHook", + "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", + "title": "LambdaCodeHook" + } + }, + "required": [ + "LambdaCodeHook" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.ConversationLogSettings": { + "additionalProperties": false, + "properties": { + "AudioLogSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogSetting" + }, + "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", + "title": "AudioLogSettings", + "type": "array" + }, + "TextLogSettings": { + "items": { + "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogSetting" + }, + "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", + "title": "TextLogSettings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lex::BotAlias.LambdaCodeHook": { + "additionalProperties": false, + "properties": { + "CodeHookInterfaceVersion": { + "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", + "title": "CodeHookInterfaceVersion", + "type": "string" + }, + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", + "title": "LambdaArn", "type": "string" } }, + "required": [ + "CodeHookInterfaceVersion", + "LambdaArn" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration": { + "AWS::Lex::BotAlias.S3BucketLogDestination": { "additionalProperties": false, "properties": { - "AdDecisionServerUrl": { - "markdownDescription": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters.", - "title": "AdDecisionServerUrl", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", + "title": "KmsKeyArn", "type": "string" }, - "MaxDurationSeconds": { - "markdownDescription": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns.", - "title": "MaxDurationSeconds", - "type": "number" + "LogPrefix": { + "markdownDescription": "The S3 prefix to assign to audio log files.", + "title": "LogPrefix", + "type": "string" + }, + "S3BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", + "title": "S3BucketArn", + "type": "string" } }, + "required": [ + "LogPrefix", + "S3BucketArn" + ], "type": "object" }, - "AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules": { + "AWS::Lex::BotAlias.SentimentAnalysisSettings": { "additionalProperties": false, "properties": { - "AdMarkerPassthrough": { - "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough", - "markdownDescription": "For HLS, when set to `true` , MediaTailor passes through `EXT-X-CUE-IN` , `EXT-X-CUE-OUT` , and `EXT-X-SPLICEPOINT-SCTE35` ad markers from the origin manifest to the MediaTailor personalized manifest.\n\nNo logic is applied to these ad markers. For example, if `EXT-X-CUE-OUT` has a value of `60` , but no ads are filled for that ad break, MediaTailor will not set the value to `0` .", - "title": "AdMarkerPassthrough" + "DetectSentiment": { + "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", + "title": "DetectSentiment", + "type": "boolean" } }, + "required": [ + "DetectSentiment" + ], "type": "object" }, - "AWS::MediaTailor::SourceLocation": { + "AWS::Lex::BotAlias.TextLogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatch": { + "$ref": "#/definitions/AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", + "title": "CloudWatch" + } + }, + "required": [ + "CloudWatch" + ], + "type": "object" + }, + "AWS::Lex::BotAlias.TextLogSetting": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogDestination", + "markdownDescription": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Determines whether conversation logs should be stored for an alias.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Destination", + "Enabled" + ], + "type": "object" + }, + "AWS::Lex::BotVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -164923,52 +173546,34 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.AccessConfiguration", - "markdownDescription": "The access configuration for the source location.", - "title": "AccessConfiguration" - }, - "DefaultSegmentDeliveryConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration", - "markdownDescription": "The default segment delivery configuration.", - "title": "DefaultSegmentDeliveryConfiguration" - }, - "HttpConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.HttpConfiguration", - "markdownDescription": "The HTTP configuration for the source location.", - "title": "HttpConfiguration" + "BotId": { + "markdownDescription": "The unique identifier of the bot.", + "title": "BotId", + "type": "string" }, - "SegmentDeliveryConfigurations": { + "BotVersionLocaleSpecification": { "items": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration" + "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleSpecification" }, - "markdownDescription": "The segment delivery configurations for the source location.", - "title": "SegmentDeliveryConfigurations", + "markdownDescription": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.", + "title": "BotVersionLocaleSpecification", "type": "array" }, - "SourceLocationName": { - "markdownDescription": "The name of the source location.", - "title": "SourceLocationName", + "Description": { + "markdownDescription": "The description of the version.", + "title": "Description", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the source location. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" } }, "required": [ - "HttpConfiguration", - "SourceLocationName" + "BotId", + "BotVersionLocaleSpecification" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaTailor::SourceLocation" + "AWS::Lex::BotVersion" ], "type": "string" }, @@ -164987,85 +173592,41 @@ ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.AccessConfiguration": { - "additionalProperties": false, - "properties": { - "AccessType": { - "markdownDescription": "The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` .\n\n`S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name.\n\nBefore you can use `S3_SIGV4` , you must meet these requirements:\n\n\u2022 You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide.\n\n\u2022 The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations.\n\n\u2022 The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations.", - "title": "AccessType", - "type": "string" - }, - "SecretsManagerAccessTokenConfiguration": { - "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration", - "markdownDescription": "AWS Secrets Manager access token configuration parameters.", - "title": "SecretsManagerAccessTokenConfiguration" - } - }, - "type": "object" - }, - "AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration": { - "additionalProperties": false, - "properties": { - "BaseUrl": { - "markdownDescription": "The hostname of the server that will be used to serve segments. This string must include the protocol, such as *https://* .", - "title": "BaseUrl", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaTailor::SourceLocation.HttpConfiguration": { + "AWS::Lex::BotVersion.BotVersionLocaleDetails": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The base URL for the source location host server. This string must include the protocol, such as *https://* .", - "title": "BaseUrl", + "SourceBotVersion": { + "markdownDescription": "The version of a bot used for a bot locale.", + "title": "SourceBotVersion", "type": "string" } }, "required": [ - "BaseUrl" + "SourceBotVersion" ], "type": "object" }, - "AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration": { - "additionalProperties": false, - "properties": { - "HeaderName": { - "markdownDescription": "The name of the HTTP header used to supply the access token in requests to the source location.", - "title": "HeaderName", - "type": "string" - }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.", - "title": "SecretArn", - "type": "string" - }, - "SecretStringKey": { - "markdownDescription": "The AWS Secrets Manager [SecretString](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html#SecretsManager-CreateSecret-request-SecretString.html) key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.", - "title": "SecretStringKey", - "type": "string" - } - }, - "type": "object" - }, - "AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration": { + "AWS::Lex::BotVersion.BotVersionLocaleSpecification": { "additionalProperties": false, "properties": { - "BaseUrl": { - "markdownDescription": "The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as `https://example.com/some/path` . To use a relative URL specify the relative path, such as `/some/path*` .", - "title": "BaseUrl", - "type": "string" + "BotVersionLocaleDetails": { + "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleDetails", + "markdownDescription": "The version of a bot used for a bot locale.", + "title": "BotVersionLocaleDetails" }, - "Name": { - "markdownDescription": "A unique identifier used to distinguish between multiple segment delivery configurations in a source location.", - "title": "Name", + "LocaleId": { + "markdownDescription": "The identifier of the locale to add to the version.", + "title": "LocaleId", "type": "string" } }, + "required": [ + "BotVersionLocaleDetails", + "LocaleId" + ], "type": "object" }, - "AWS::MediaTailor::VodSource": { + "AWS::Lex::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -165100,43 +173661,26 @@ "Properties": { "additionalProperties": false, "properties": { - "HttpPackageConfigurations": { - "items": { - "$ref": "#/definitions/AWS::MediaTailor::VodSource.HttpPackageConfiguration" - }, - "markdownDescription": "The HTTP package configurations for the VOD source.", - "title": "HttpPackageConfigurations", - "type": "array" - }, - "SourceLocationName": { - "markdownDescription": "The name of the source location that the VOD source is associated with.", - "title": "SourceLocationName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the VOD source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", - "title": "Tags", - "type": "array" + "Policy": { + "markdownDescription": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception.", + "title": "Policy", + "type": "object" }, - "VodSourceName": { - "markdownDescription": "The name of the VOD source.", - "title": "VodSourceName", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to.", + "title": "ResourceArn", "type": "string" } }, "required": [ - "HttpPackageConfigurations", - "SourceLocationName", - "VodSourceName" + "Policy", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::MediaTailor::VodSource" + "AWS::Lex::ResourcePolicy" ], "type": "string" }, @@ -165155,33 +173699,7 @@ ], "type": "object" }, - "AWS::MediaTailor::VodSource.HttpPackageConfiguration": { - "additionalProperties": false, - "properties": { - "Path": { - "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", - "title": "Path", - "type": "string" - }, - "SourceGroup": { - "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", - "title": "SourceGroup", - "type": "string" - }, - "Type": { - "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Path", - "SourceGroup", - "Type" - ], - "type": "object" - }, - "AWS::MemoryDB::ACL": { + "AWS::LicenseManager::Grant": { "additionalProperties": false, "properties": { "Condition": { @@ -165216,36 +173734,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ACLName": { - "markdownDescription": "The name of the Access Control List.", - "title": "ACLName", - "type": "string" - }, - "Tags": { + "AllowedOperations": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "Allowed operations for the grant.", + "title": "AllowedOperations", "type": "array" }, - "UserNames": { + "GrantName": { + "markdownDescription": "Grant name.", + "title": "GrantName", + "type": "string" + }, + "HomeRegion": { + "markdownDescription": "Home Region of the grant.", + "title": "HomeRegion", + "type": "string" + }, + "LicenseArn": { + "markdownDescription": "License ARN.", + "title": "LicenseArn", + "type": "string" + }, + "Principals": { "items": { "type": "string" }, - "markdownDescription": "The list of users that belong to the Access Control List.", - "title": "UserNames", + "markdownDescription": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization.", + "title": "Principals", "type": "array" + }, + "Status": { + "markdownDescription": "Granted license status.", + "title": "Status", + "type": "string" } }, - "required": [ - "ACLName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::ACL" + "AWS::LicenseManager::Grant" ], "type": "string" }, @@ -165259,12 +173789,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::MemoryDB::Cluster": { + "AWS::LicenseManager::License": { "additionalProperties": false, "properties": { "Condition": { @@ -165299,151 +173828,82 @@ "Properties": { "additionalProperties": false, "properties": { - "ACLName": { - "markdownDescription": "The name of the Access Control List to associate with the cluster .", - "title": "ACLName", - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "When set to true, the cluster will automatically receive minor engine version upgrades after launch.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "ClusterEndpoint": { - "$ref": "#/definitions/AWS::MemoryDB::Cluster.Endpoint", - "markdownDescription": "The cluster 's configuration endpoint.", - "title": "ClusterEndpoint" - }, - "ClusterName": { - "markdownDescription": "The name of the cluster .", - "title": "ClusterName", - "type": "string" - }, - "DataTiering": { - "markdownDescription": "Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html) .", - "title": "DataTiering", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the cluster .", - "title": "Description", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The Redis engine version used by the cluster .", - "title": "EngineVersion", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.", - "title": "FinalSnapshotName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the KMS key used to encrypt the cluster .", - "title": "KmsKeyId", - "type": "string" - }, - "MaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n*Pattern* : `ddd:hh24:mi-ddd:hh24:mi`", - "title": "MaintenanceWindow", - "type": "string" - }, - "NodeType": { - "markdownDescription": "The cluster 's node type.", - "title": "NodeType", - "type": "string" - }, - "NumReplicasPerShard": { - "markdownDescription": "The number of replicas to apply to each shard.\n\n*Default value* : `1`\n\n*Maximum value* : `5`", - "title": "NumReplicasPerShard", - "type": "number" - }, - "NumShards": { - "markdownDescription": "The number of shards in the cluster .", - "title": "NumShards", - "type": "number" - }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group used by the cluster .", - "title": "ParameterGroupName", + "Beneficiary": { + "markdownDescription": "License beneficiary.", + "title": "Beneficiary", "type": "string" }, - "Port": { - "markdownDescription": "The port used by the cluster .", - "title": "Port", - "type": "number" + "ConsumptionConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.ConsumptionConfiguration", + "markdownDescription": "Configuration for consumption of the license.", + "title": "ConsumptionConfiguration" }, - "SecurityGroupIds": { + "Entitlements": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::LicenseManager::License.Entitlement" }, - "markdownDescription": "A list of security group names to associate with this cluster .", - "title": "SecurityGroupIds", + "markdownDescription": "License entitlements.", + "title": "Entitlements", "type": "array" }, - "SnapshotArns": { + "HomeRegion": { + "markdownDescription": "Home Region of the license.", + "title": "HomeRegion", + "type": "string" + }, + "Issuer": { + "$ref": "#/definitions/AWS::LicenseManager::License.IssuerData", + "markdownDescription": "License issuer.", + "title": "Issuer" + }, + "LicenseMetadata": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::LicenseManager::License.Metadata" }, - "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster . The Amazon S3 object name in the ARN cannot contain any commas.", - "title": "SnapshotArns", + "markdownDescription": "License metadata.", + "title": "LicenseMetadata", "type": "array" }, - "SnapshotName": { - "markdownDescription": "The name of a snapshot from which to restore data into the new cluster . The snapshot status changes to restoring while the new cluster is being created.", - "title": "SnapshotName", - "type": "string" - }, - "SnapshotRetentionLimit": { - "markdownDescription": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted.", - "title": "SnapshotRetentionLimit", - "type": "number" - }, - "SnapshotWindow": { - "markdownDescription": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: 05:00-09:00 If you do not specify this parameter, MemoryDB automatically chooses an appropriate time range.", - "title": "SnapshotWindow", + "LicenseName": { + "markdownDescription": "License name.", + "title": "LicenseName", "type": "string" }, - "SnsTopicArn": { - "markdownDescription": "When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the ARN of the SNS topic, such as `arn:aws:memorydb:us-east-1:123456789012:mySNSTopic`", - "title": "SnsTopicArn", + "ProductName": { + "markdownDescription": "Product name.", + "title": "ProductName", "type": "string" }, - "SnsTopicStatus": { - "markdownDescription": "The SNS topic must be in Active status to receive notifications.", - "title": "SnsTopicStatus", + "ProductSKU": { + "markdownDescription": "Product SKU.", + "title": "ProductSKU", "type": "string" }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group used by the cluster .", - "title": "SubnetGroupName", + "Status": { + "markdownDescription": "License status.", + "title": "Status", "type": "string" }, - "TLSEnabled": { - "markdownDescription": "A flag to indicate if In-transit encryption is enabled.", - "title": "TLSEnabled", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "Validity": { + "$ref": "#/definitions/AWS::LicenseManager::License.ValidityDateFormat", + "markdownDescription": "Date and time range during which the license is valid, in ISO8601-UTC format.", + "title": "Validity" } }, "required": [ - "ACLName", - "ClusterName", - "NodeType" + "ConsumptionConfiguration", + "Entitlements", + "HomeRegion", + "Issuer", + "LicenseName", + "ProductName", + "Validity" ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::Cluster" + "AWS::LicenseManager::License" ], "type": "string" }, @@ -165462,23 +173922,161 @@ ], "type": "object" }, - "AWS::MemoryDB::Cluster.Endpoint": { + "AWS::LicenseManager::License.BorrowConfiguration": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The DNS hostname of the node.", - "title": "Address", + "AllowEarlyCheckIn": { + "markdownDescription": "Indicates whether early check-ins are allowed.", + "title": "AllowEarlyCheckIn", + "type": "boolean" + }, + "MaxTimeToLiveInMinutes": { + "markdownDescription": "Maximum time for the borrow configuration, in minutes.", + "title": "MaxTimeToLiveInMinutes", + "type": "number" + } + }, + "required": [ + "AllowEarlyCheckIn", + "MaxTimeToLiveInMinutes" + ], + "type": "object" + }, + "AWS::LicenseManager::License.ConsumptionConfiguration": { + "additionalProperties": false, + "properties": { + "BorrowConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.BorrowConfiguration", + "markdownDescription": "Details about a borrow configuration.", + "title": "BorrowConfiguration" + }, + "ProvisionalConfiguration": { + "$ref": "#/definitions/AWS::LicenseManager::License.ProvisionalConfiguration", + "markdownDescription": "Details about a provisional configuration.", + "title": "ProvisionalConfiguration" + }, + "RenewType": { + "markdownDescription": "Renewal frequency.", + "title": "RenewType", "type": "string" + } + }, + "type": "object" + }, + "AWS::LicenseManager::License.Entitlement": { + "additionalProperties": false, + "properties": { + "AllowCheckIn": { + "markdownDescription": "Indicates whether check-ins are allowed.", + "title": "AllowCheckIn", + "type": "boolean" }, - "Port": { - "markdownDescription": "The port number that the engine is listening on.", - "title": "Port", + "MaxCount": { + "markdownDescription": "Maximum entitlement count. Use if the unit is not None.", + "title": "MaxCount", "type": "number" + }, + "Name": { + "markdownDescription": "Entitlement name.", + "title": "Name", + "type": "string" + }, + "Overage": { + "markdownDescription": "Indicates whether overages are allowed.", + "title": "Overage", + "type": "boolean" + }, + "Unit": { + "markdownDescription": "Entitlement unit.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "Entitlement resource. Use only if the unit is None.", + "title": "Value", + "type": "string" } }, + "required": [ + "Name", + "Unit" + ], "type": "object" }, - "AWS::MemoryDB::ParameterGroup": { + "AWS::LicenseManager::License.IssuerData": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Issuer name.", + "title": "Name", + "type": "string" + }, + "SignKey": { + "markdownDescription": "Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm.", + "title": "SignKey", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::LicenseManager::License.Metadata": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The key name.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::LicenseManager::License.ProvisionalConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTimeToLiveInMinutes": { + "markdownDescription": "Maximum time for the provisional configuration, in minutes.", + "title": "MaxTimeToLiveInMinutes", + "type": "number" + } + }, + "required": [ + "MaxTimeToLiveInMinutes" + ], + "type": "object" + }, + "AWS::LicenseManager::License.ValidityDateFormat": { + "additionalProperties": false, + "properties": { + "Begin": { + "markdownDescription": "Start of the time range.", + "title": "Begin", + "type": "string" + }, + "End": { + "markdownDescription": "End of the time range.", + "title": "End", + "type": "string" + } + }, + "required": [ + "Begin", + "End" + ], + "type": "object" + }, + "AWS::Lightsail::Alarm": { "additionalProperties": false, "properties": { "Condition": { @@ -165513,44 +174111,81 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the parameter group.", - "title": "Description", + "AlarmName": { + "markdownDescription": "The name of the alarm.", + "title": "AlarmName", "type": "string" }, - "Family": { - "markdownDescription": "The name of the parameter group family that this parameter group is compatible with.", - "title": "Family", + "ComparisonOperator": { + "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold.", + "title": "ComparisonOperator", "type": "string" }, - "ParameterGroupName": { - "markdownDescription": "The name of the parameter group.", - "title": "ParameterGroupName", + "ContactProtocols": { + "items": { + "type": "string" + }, + "markdownDescription": "The contact protocols for the alarm, such as `Email` , `SMS` (text messaging), or both.\n\n*Allowed Values* : `Email` | `SMS`", + "title": "ContactProtocols", + "type": "array" + }, + "DatapointsToAlarm": { + "markdownDescription": "The number of data points within the evaluation periods that must be breaching to cause the alarm to go to the `ALARM` state.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold.", + "title": "EvaluationPeriods", + "type": "number" + }, + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm.", + "title": "MetricName", "type": "string" }, - "Parameters": { - "markdownDescription": "Returns the detailed parameter list for the parameter group.", - "title": "Parameters", - "type": "object" + "MonitoredResourceName": { + "markdownDescription": "The name of the Lightsail resource that the alarm monitors.", + "title": "MonitoredResourceName", + "type": "string" }, - "Tags": { + "NotificationEnabled": { + "markdownDescription": "A Boolean value indicating whether the alarm is enabled.", + "title": "NotificationEnabled", + "type": "boolean" + }, + "NotificationTriggers": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", + "markdownDescription": "The alarm states that trigger a notification.\n\n> To specify the `OK` and `INSUFFICIENT_DATA` values, you must also specify `ContactProtocols` values. Otherwise, the `OK` and `INSUFFICIENT_DATA` values will not take effect and the stack will drift. \n\n*Allowed Values* : `OK` | `ALARM` | `INSUFFICIENT_DATA`", + "title": "NotificationTriggers", "type": "array" + }, + "Threshold": { + "markdownDescription": "The value against which the specified statistic is compared.", + "title": "Threshold", + "type": "number" + }, + "TreatMissingData": { + "markdownDescription": "Specifies how the alarm handles missing data points.\n\nAn alarm can treat missing data in the following ways:\n\n- `breaching` - Assumes the missing data is not within the threshold. Missing data counts towards the number of times that the metric is not within the threshold.\n- `notBreaching` - Assumes the missing data is within the threshold. Missing data does not count towards the number of times that the metric is not within the threshold.\n- `ignore` - Ignores the missing data. Maintains the current alarm state.\n- `missing` - Missing data is treated as missing.", + "title": "TreatMissingData", + "type": "string" } }, "required": [ - "Family", - "ParameterGroupName" + "AlarmName", + "ComparisonOperator", + "EvaluationPeriods", + "MetricName", + "MonitoredResourceName", + "Threshold" ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::ParameterGroup" + "AWS::Lightsail::Alarm" ], "type": "string" }, @@ -165569,7 +174204,7 @@ ], "type": "object" }, - "AWS::MemoryDB::SubnetGroup": { + "AWS::Lightsail::Bucket": { "additionalProperties": false, "properties": { "Condition": { @@ -165604,42 +174239,60 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the subnet group.", - "title": "Description", + "AccessRules": { + "$ref": "#/definitions/AWS::Lightsail::Bucket.AccessRules", + "markdownDescription": "An object that describes the access rules for the bucket.", + "title": "AccessRules" + }, + "BucketName": { + "markdownDescription": "The name of the bucket.", + "title": "BucketName", "type": "string" }, - "SubnetGroupName": { - "markdownDescription": "The name of the subnet group to be used for the cluster .", - "title": "SubnetGroupName", + "BundleId": { + "markdownDescription": "The bundle ID for the bucket (for example, `small_1_0` ).\n\nA bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket.", + "title": "BundleId", "type": "string" }, - "SubnetIds": { + "ObjectVersioning": { + "markdownDescription": "Indicates whether object versioning is enabled for the bucket.\n\nThe following options can be configured:\n\n- `Enabled` - Object versioning is enabled.\n- `Suspended` - Object versioning was previously enabled but is currently suspended. Existing object versions are retained.\n- `NeverEnabled` - Object versioning has never been enabled.", + "title": "ObjectVersioning", + "type": "boolean" + }, + "ReadOnlyAccessAccounts": { "items": { "type": "string" }, - "markdownDescription": "A list of Amazon VPC subnet IDs for the subnet group.", - "title": "SubnetIds", + "markdownDescription": "An array of AWS account IDs that have read-only access to the bucket.", + "title": "ReadOnlyAccessAccounts", + "type": "array" + }, + "ResourcesReceivingAccess": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Lightsail instances that have access to the bucket.", + "title": "ResourcesReceivingAccess", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ - "SubnetGroupName", - "SubnetIds" + "BucketName", + "BundleId" ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::SubnetGroup" + "AWS::Lightsail::Bucket" ], "type": "string" }, @@ -165658,7 +174311,23 @@ ], "type": "object" }, - "AWS::MemoryDB::User": { + "AWS::Lightsail::Bucket.AccessRules": { + "additionalProperties": false, + "properties": { + "AllowPublicOverrides": { + "markdownDescription": "A Boolean value indicating whether the access control list (ACL) permissions that are applied to individual objects override the `GetObject` option that is currently specified.\n\nWhen this is true, you can use the [PutObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html) Amazon S3 API operation to set individual objects to public (read-only) or private, using either the `public-read` ACL or the `private` ACL.", + "title": "AllowPublicOverrides", + "type": "boolean" + }, + "GetObject": { + "markdownDescription": "Specifies the anonymous access to all objects in a bucket.\n\nThe following options can be specified:\n\n- `public` - Sets all objects in the bucket to public (read-only), making them readable by everyone on the internet.\n\nIf the `GetObject` value is set to `public` , then all objects in the bucket default to public regardless of the `allowPublicOverrides` value.\n- `private` - Sets all objects in the bucket to private, making them readable only by you and anyone that you grant access to.\n\nIf the `GetObject` value is set to `private` , and the `allowPublicOverrides` value is set to `true` , then all objects in the bucket default to private unless they are configured with a `public-read` ACL. Individual objects with a `public-read` ACL are readable by everyone on the internet.", + "title": "GetObject", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -165693,38 +174362,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessString": { - "markdownDescription": "Access permissions string used for this user.", - "title": "AccessString", + "CertificateName": { + "markdownDescription": "The name of the certificate.", + "title": "CertificateName", "type": "string" }, - "AuthenticationMode": { - "$ref": "#/definitions/AWS::MemoryDB::User.AuthenticationMode", - "markdownDescription": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* &* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`", - "title": "AuthenticationMode" + "DomainName": { + "markdownDescription": "The domain name of the certificate.", + "title": "DomainName", + "type": "string" + }, + "SubjectAlternativeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings that specify the alternate domains (such as `example.org` ) and subdomains (such as `blog.example.com` ) of the certificate.", + "title": "SubjectAlternativeNames", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" - }, - "UserName": { - "markdownDescription": "The name of the user.", - "title": "UserName", - "type": "string" } }, "required": [ - "UserName" + "CertificateName", + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::MemoryDB::User" + "AWS::Lightsail::Certificate" ], "type": "string" }, @@ -165743,26 +174416,7 @@ ], "type": "object" }, - "AWS::MemoryDB::User.AuthenticationMode": { - "additionalProperties": false, - "properties": { - "Passwords": { - "items": { - "type": "string" - }, - "markdownDescription": "The password(s) used for authentication", - "title": "Passwords", - "type": "array" - }, - "Type": { - "markdownDescription": "Indicates whether the user requires a password to authenticate. All newly-created users require a password.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Neptune::DBCluster": { + "AWS::Lightsail::Container": { "additionalProperties": false, "properties": { "Condition": { @@ -165797,152 +174451,63 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::Neptune::DBCluster.DBClusterRole" - }, - "markdownDescription": "Provides a list of the Amazon Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon services on your behalf.", - "title": "AssociatedRoles", - "type": "array" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in.", - "title": "AvailabilityZones", - "type": "array" - }, - "BackupRetentionPeriod": { - "markdownDescription": "Specifies the number of days for which automatic DB snapshots are retained.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", - "title": "BackupRetentionPeriod", - "type": "number" + "ContainerServiceDeployment": { + "$ref": "#/definitions/AWS::Lightsail::Container.ContainerServiceDeployment", + "markdownDescription": "An object that describes the current container deployment of the container service.", + "title": "ContainerServiceDeployment" }, - "CopyTagsToSnapshot": { - "markdownDescription": "*If set to `true` , tags are copied to any snapshot of the DB cluster that is created.*", - "title": "CopyTagsToSnapshot", + "IsDisabled": { + "markdownDescription": "A Boolean value indicating whether the container service is disabled.", + "title": "IsDisabled", "type": "boolean" }, - "DBClusterIdentifier": { - "markdownDescription": "Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "Provides the name of the DB cluster parameter group.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBInstanceParameterGroupName": { - "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major engine version upgrade request\n\nNote that when you apply a parameter group using `DBInstanceParameterGroupName` , parameter changes are applied immediately, not during the next maintenance window.\n\n**Constraints** - The DB parameter group must be in the same DB parameter group family as the target DB cluster version.\n- The `DBInstanceParameterGroupName` parameter is only valid for major engine version upgrades.", - "title": "DBInstanceParameterGroupName", - "type": "string" - }, - "DBPort": { - "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nIf not specified, the default port used is `8182` .\n\n> The `Port` property will soon be deprecated. Please update existing templates to use the new `DBPort` property that has the same functionality.", - "title": "DBPort", - "type": "number" - }, - "DBSubnetGroupName": { - "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", - "title": "DBSubnetGroupName", + "Power": { + "markdownDescription": "The power specification of the container service.\n\nThe power specifies the amount of RAM, the number of vCPUs, and the base price of the container service.", + "title": "Power", "type": "string" }, - "DeletionProtection": { - "markdownDescription": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" + "PrivateRegistryAccess": { + "$ref": "#/definitions/AWS::Lightsail::Container.PrivateRegistryAccess", + "markdownDescription": "An object that describes the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry ( Amazon ECR ) private repositories.\n\nFor more information, see [Configuring access to an Amazon ECR private repository for an Amazon Lightsail container service](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-container-service-ecr-private-repo-access) in the *Amazon Lightsail Developer Guide* .", + "title": "PrivateRegistryAccess" }, - "EnableCloudwatchLogsExports": { + "PublicDomainNames": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lightsail::Container.PublicDomainName" }, - "markdownDescription": "Specifies a list of log types that are enabled for export to CloudWatch Logs.", - "title": "EnableCloudwatchLogsExports", + "markdownDescription": "The public domain name of the container service, such as `example.com` and `www.example.com` .\n\nYou can specify up to four public domain names for a container service. The domain names that you specify are used when you create a deployment with a container that is configured as the public endpoint of your container service.\n\nIf you don't specify public domain names, then you can use the default domain of the container service.\n\n> You must create and validate an SSL/TLS certificate before you can use public domain names with your container service. Use the [AWS::Lightsail::Certificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-certificate.html) resource to create a certificate for the public domain names that you want to use with your container service.", + "title": "PublicDomainNames", "type": "array" }, - "EngineVersion": { - "markdownDescription": "Indicates the database engine version.", - "title": "EngineVersion", - "type": "string" - }, - "IamAuthEnabled": { - "markdownDescription": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.", - "title": "IamAuthEnabled", - "type": "boolean" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .", - "title": "KmsKeyId", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the `BackupRetentionPeriod` .\n\nAn update may require some interruption.", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "RestoreType", - "type": "string" - }, - "ServerlessScalingConfiguration": { - "$ref": "#/definitions/AWS::Neptune::DBCluster.ServerlessScalingConfiguration", - "markdownDescription": "", - "title": "ServerlessScalingConfiguration" - }, - "SnapshotIdentifier": { - "markdownDescription": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a `SnapshotIdentifier` , you must specify the same `SnapshotIdentifier` for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the `SnapshotIdentifier` , an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the `SnapshotIdentifier` , and the original DB cluster is deleted.", - "title": "SnapshotIdentifier", - "type": "string" + "Scale": { + "markdownDescription": "The scale specification of the container service.\n\nThe scale specifies the allocated compute nodes of the container service.", + "title": "Scale", + "type": "number" }, - "SourceDBClusterIdentifier": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "SourceDBClusterIdentifier", + "ServiceName": { + "markdownDescription": "The name of the container service.", + "title": "ServiceName", "type": "string" }, - "StorageEncrypted": { - "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption and set this property to `true` .\n\nIf you enable the `StorageEncrypted` property but don't specify the `KmsKeyId` property, then the default KMS key is used. If you specify the `KmsKeyId` property, then that KMS key is used to encrypt the database instances in the DB cluster.\n\nIf you specify the `SourceDBClusterIdentifier` property, and don't specify this property or disable it, the value is inherited from the source DB cluster. If the source DB cluster is encrypted, the `KmsKeyId` property from the source cluster is used.\n\nIf you specify the `DBSnapshotIdentifier` and don't specify this property or disable it, the value is inherited from the snapshot and the specified `KmsKeyId` property from the snapshot is used.", - "title": "StorageEncrypted", - "type": "boolean" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to this cluster.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Provides a list of VPC security groups that the DB cluster belongs to.", - "title": "VpcSecurityGroupIds", - "type": "array" } }, + "required": [ + "Power", + "Scale", + "ServiceName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Neptune::DBCluster" + "AWS::Lightsail::Container" ], "type": "string" }, @@ -165956,142 +174521,206 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Neptune::DBCluster.DBClusterRole": { + "AWS::Lightsail::Container.Container": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see [DescribeDBEngineVersions](https://docs.aws.amazon.com/neptune/latest/userguide/api-other-apis.html#DescribeDBEngineVersions) .", - "title": "FeatureName", + "Command": { + "items": { + "type": "string" + }, + "markdownDescription": "The launch command for the container.", + "title": "Command", + "type": "array" + }, + "ContainerName": { + "markdownDescription": "The name of the container.", + "title": "ContainerName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", - "title": "RoleArn", + "Environment": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.EnvironmentVariable" + }, + "markdownDescription": "The environment variables of the container.", + "title": "Environment", + "type": "array" + }, + "Image": { + "markdownDescription": "The name of the image used for the container.\n\nContainer images that are sourced from (registered and stored on) your container service start with a colon ( `:` ). For example, if your container service name is `container-service-1` , the container image label is `mystaticsite` , and you want to use the third version ( `3` ) of the registered container image, then you should specify `:container-service-1.mystaticsite.3` . To use the latest version of a container image, specify `latest` instead of a version number (for example, `:container-service-1.mystaticsite.latest` ). Your container service will automatically use the highest numbered version of the registered container image.\n\nContainer images that are sourced from a public registry like Docker Hub don\u2019t start with a colon. For example, `nginx:latest` or `nginx` .", + "title": "Image", "type": "string" + }, + "Ports": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.PortInfo" + }, + "markdownDescription": "An object that describes the open firewall ports and protocols of the container.", + "title": "Ports", + "type": "array" } }, - "required": [ - "RoleArn" - ], "type": "object" }, - "AWS::Neptune::DBCluster.ServerlessScalingConfiguration": { + "AWS::Lightsail::Container.ContainerServiceDeployment": { "additionalProperties": false, "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on.", - "title": "MaxCapacity", - "type": "number" + "Containers": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Container.Container" + }, + "markdownDescription": "An object that describes the configuration for the containers of the deployment.", + "title": "Containers", + "type": "array" }, - "MinCapacity": { - "markdownDescription": "The minimum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on.", - "title": "MinCapacity", - "type": "number" + "PublicEndpoint": { + "$ref": "#/definitions/AWS::Lightsail::Container.PublicEndpoint", + "markdownDescription": "An object that describes the endpoint of the deployment.", + "title": "PublicEndpoint" } }, - "required": [ - "MaxCapacity", - "MinCapacity" - ], "type": "object" }, - "AWS::Neptune::DBClusterParameterGroup": { + "AWS::Lightsail::Container.EcrImagePullerRole": { "additionalProperties": false, "properties": { - "Condition": { + "IsActive": { + "markdownDescription": "A boolean value that indicates whether the `ECRImagePullerRole` is active.", + "title": "IsActive", + "type": "boolean" + }, + "PrincipalArn": { + "markdownDescription": "The principle Amazon Resource Name (ARN) of the role. This property is read-only.", + "title": "PrincipalArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.EnvironmentVariable": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The environment variable value.", + "title": "Value", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Variable": { + "markdownDescription": "The environment variable key.", + "title": "Variable", "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.HealthCheckConfig": { + "additionalProperties": false, + "properties": { + "HealthyThreshold": { + "markdownDescription": "The number of consecutive health check successes required before moving the container to the `Healthy` state. The default value is `2` .", + "title": "HealthyThreshold", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "IntervalSeconds": { + "markdownDescription": "The approximate interval, in seconds, between health checks of an individual container. You can specify between `5` and `300` seconds. The default value is `5` .", + "title": "IntervalSeconds", + "type": "number" }, - "Metadata": { - "type": "object" + "Path": { + "markdownDescription": "The path on the container on which to perform the health check. The default value is `/` .", + "title": "Path", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB cluster parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", - "title": "Family", - "type": "string" - }, - "Name": { - "markdownDescription": "Provides the name of the DB cluster parameter group.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters to set for this DB cluster parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nIf you update the parameters, some interruption may occur depending on which parameters you update.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags that you want to attach to this parameter group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "Family", - "Parameters" - ], - "type": "object" + "SuccessCodes": { + "markdownDescription": "The HTTP codes to use when checking for a successful response from a container. You can specify values between `200` and `499` . You can specify multiple values (for example, `200,202` ) or a range of values (for example, `200-299` ).", + "title": "SuccessCodes", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Neptune::DBClusterParameterGroup" - ], + "TimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check. You can specify between `2` and `60` seconds. The default value is `2` .", + "title": "TimeoutSeconds", + "type": "number" + }, + "UnhealthyThreshold": { + "markdownDescription": "The number of consecutive health check failures required before moving the container to the `Unhealthy` state. The default value is `2` .", + "title": "UnhealthyThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.PortInfo": { + "additionalProperties": false, + "properties": { + "Port": { + "markdownDescription": "The open firewall ports of the container.", + "title": "Port", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Protocol": { + "markdownDescription": "The protocol name for the open ports.\n\n*Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP`", + "title": "Protocol", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Neptune::DBInstance": { + "AWS::Lightsail::Container.PrivateRegistryAccess": { + "additionalProperties": false, + "properties": { + "EcrImagePullerRole": { + "$ref": "#/definitions/AWS::Lightsail::Container.EcrImagePullerRole", + "markdownDescription": "An object that describes the activation status of the role that you can use to grant a Lightsail container service access to Amazon ECR private repositories. If the role is activated, the Amazon Resource Name (ARN) of the role is also listed.", + "title": "EcrImagePullerRole" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.PublicDomainName": { + "additionalProperties": false, + "properties": { + "CertificateName": { + "markdownDescription": "The name of the certificate for the public domains.", + "title": "CertificateName", + "type": "string" + }, + "DomainNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The public domain names to use with the container service.", + "title": "DomainNames", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lightsail::Container.PublicEndpoint": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "markdownDescription": "The name of the container entry of the deployment that the endpoint configuration applies to.", + "title": "ContainerName", + "type": "string" + }, + "ContainerPort": { + "markdownDescription": "The port of the specified container to which traffic is forwarded to.", + "title": "ContainerPort", + "type": "number" + }, + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::Lightsail::Container.HealthCheckConfig", + "markdownDescription": "An object that describes the health check configuration of the container.", + "title": "HealthCheckConfig" + } + }, + "type": "object" + }, + "AWS::Lightsail::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -166126,71 +174755,100 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowMajorVersionUpgrade": { - "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. This parameter must be set to true when specifying a value for the EngineVersion parameter that is a different major version than the DB instance's current version.\n\nWhen you change this parameter for an existing DB cluster, CloudFormation will replace your existing DB cluster with a new, empty one that uses the engine version you specified.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "Indicates that minor version patches are applied automatically.\n\nWhen updating this property, some interruptions may occur.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, "AvailabilityZone": { - "markdownDescription": "Specifies the name of the Availability Zone the DB instance is located in.", + "markdownDescription": "The Availability Zone for the database.", "title": "AvailabilityZone", "type": "string" }, - "DBClusterIdentifier": { - "markdownDescription": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.", - "title": "DBClusterIdentifier", - "type": "string" + "BackupRetention": { + "markdownDescription": "A Boolean value indicating whether automated backup retention is enabled for the database. Data Import Mode is enabled when `BackupRetention` is set to `false` , and is disabled when `BackupRetention` is set to `true` .", + "title": "BackupRetention", + "type": "boolean" }, - "DBInstanceClass": { - "markdownDescription": "Contains the name of the compute and memory capacity class of the DB instance.\n\nIf you update this property, some interruptions may occur.", - "title": "DBInstanceClass", + "CaCertificateIdentifier": { + "markdownDescription": "The certificate associated with the database.", + "title": "CaCertificateIdentifier", "type": "string" }, - "DBInstanceIdentifier": { - "markdownDescription": "Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.", - "title": "DBInstanceIdentifier", + "MasterDatabaseName": { + "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n*MySQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, no database is created in the database resource.\n\nConstraints:\n\n- Must contain 1-64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in MySQL, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , and [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, a database named `postgres` is created in the database resource.\n\nConstraints:\n\n- Must contain 1-63 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in PostgreSQL, see the SQL Key Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", + "title": "MasterDatabaseName", "type": "string" }, - "DBParameterGroupName": { - "markdownDescription": "The name of an existing DB parameter group or a reference to an AWS::Neptune::DBParameterGroup resource created in the template. If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.", - "title": "DBParameterGroupName", + "MasterUserPassword": { + "markdownDescription": "The password for the primary user of the database. The password can include any printable ASCII character except the following: /, \", or @. It cannot contain spaces.\n\n> The `MasterUserPassword` and `RotateMasterUserPassword` parameters cannot be used together in the same template. \n\n*MySQL*\n\nConstraints: Must contain 8-41 characters.\n\n*PostgreSQL*\n\nConstraints: Must contain 8-128 characters.", + "title": "MasterUserPassword", "type": "string" }, - "DBSnapshotIdentifier": { + "MasterUsername": { + "markdownDescription": "The name for the primary user.\n\n*MySQL*\n\nConstraints:\n\n- Required for MySQL.\n- Must be 1-16 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , or [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nConstraints:\n\n- Required for PostgreSQL.\n- Must be 1-63 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", + "title": "MasterUsername", "type": "string" }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new virtual private cloud (VPC).", - "title": "DBSubnetGroupName", + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created for the database (for example, `16:00-16:30` ).", + "title": "PreferredBackupWindow", "type": "string" }, "PreferredMaintenanceWindow": { - "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", + "markdownDescription": "The weekly time range during which system maintenance can occur for the database, formatted as follows: `ddd:hh24:mi-ddd:hh24:mi` . For example, `Tue:17:00-Tue:17:30` .", "title": "PreferredMaintenanceWindow", "type": "string" }, + "PubliclyAccessible": { + "markdownDescription": "A Boolean value indicating whether the database is accessible to anyone on the internet.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "RelationalDatabaseBlueprintId": { + "markdownDescription": "The blueprint ID for the database (for example, `mysql_8_0` ).", + "title": "RelationalDatabaseBlueprintId", + "type": "string" + }, + "RelationalDatabaseBundleId": { + "markdownDescription": "The bundle ID for the database (for example, `medium_1_0` ).", + "title": "RelationalDatabaseBundleId", + "type": "string" + }, + "RelationalDatabaseName": { + "markdownDescription": "The name of the instance.", + "title": "RelationalDatabaseName", + "type": "string" + }, + "RelationalDatabaseParameters": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Database.RelationalDatabaseParameter" + }, + "markdownDescription": "An array of parameters for the database.", + "title": "RelationalDatabaseParameters", + "type": "array" + }, + "RotateMasterUserPassword": { + "markdownDescription": "A Boolean value indicating whether to change the primary user password to a new, strong password generated by Lightsail .\n\n> The `RotateMasterUserPassword` and `MasterUserPassword` parameters cannot be used together in the same template.", + "title": "RotateMasterUserPassword", + "type": "boolean" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for this DB instance.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ - "DBInstanceClass" + "MasterDatabaseName", + "MasterUsername", + "RelationalDatabaseBlueprintId", + "RelationalDatabaseBundleId", + "RelationalDatabaseName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Neptune::DBInstance" + "AWS::Lightsail::Database" ], "type": "string" }, @@ -166209,99 +174867,53 @@ ], "type": "object" }, - "AWS::Neptune::DBParameterGroup": { + "AWS::Lightsail::Database.RelationalDatabaseParameter": { "additionalProperties": false, "properties": { - "Condition": { + "AllowedValues": { + "markdownDescription": "The valid range of values for the parameter.", + "title": "AllowedValues", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ApplyMethod": { + "markdownDescription": "Indicates when parameter updates are applied.\n\nCan be `immediate` or `pending-reboot` .", + "title": "ApplyMethod", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ApplyType": { + "markdownDescription": "Specifies the engine-specific parameter type.", + "title": "ApplyType", + "type": "string" }, - "Metadata": { - "type": "object" + "DataType": { + "markdownDescription": "The valid data type of the parameter.", + "title": "DataType", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", - "title": "Family", - "type": "string" - }, - "Name": { - "markdownDescription": "Provides the name of the DB parameter group.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags that you want to attach to this parameter group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "Family", - "Parameters" - ], - "type": "object" + "Description": { + "markdownDescription": "A description of the parameter.", + "title": "Description", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Neptune::DBParameterGroup" - ], + "IsModifiable": { + "markdownDescription": "A Boolean value indicating whether the parameter can be modified.", + "title": "IsModifiable", + "type": "boolean" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter.", + "title": "ParameterName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ParameterValue": { + "markdownDescription": "The value for the parameter.", + "title": "ParameterValue", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Neptune::DBSubnetGroup": { + "AWS::Lightsail::Disk": { "additionalProperties": false, "properties": { "Condition": { @@ -166336,42 +174948,52 @@ "Properties": { "additionalProperties": false, "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "Provides the description of the DB subnet group.", - "title": "DBSubnetGroupDescription", + "AddOns": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Disk.AddOn" + }, + "markdownDescription": "An array of add-ons for the disk.\n\n> If the disk has an add-on enabled when performing a delete disk request, the add-on is automatically disabled before the disk is deleted.", + "title": "AddOns", + "type": "array" + }, + "AvailabilityZone": { + "markdownDescription": "The AWS Region and Availability Zone location for the disk (for example, `us-east-1a` ).", + "title": "AvailabilityZone", "type": "string" }, - "DBSubnetGroupName": { - "markdownDescription": "The name of the DB subnet group.", - "title": "DBSubnetGroupName", + "DiskName": { + "markdownDescription": "The name of the disk.", + "title": "DiskName", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 subnet IDs for the DB subnet group.", - "title": "SubnetIds", - "type": "array" + "Location": { + "$ref": "#/definitions/AWS::Lightsail::Disk.Location", + "markdownDescription": "The AWS Region and Availability Zone where the disk is located.", + "title": "Location" + }, + "SizeInGb": { + "markdownDescription": "The size of the disk in GB.", + "title": "SizeInGb", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags that you want to attach to the DB subnet group.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ - "DBSubnetGroupDescription", - "SubnetIds" + "DiskName", + "SizeInGb" ], "type": "object" }, "Type": { "enum": [ - "AWS::Neptune::DBSubnetGroup" + "AWS::Lightsail::Disk" ], "type": "string" }, @@ -166390,7 +175012,58 @@ ], "type": "object" }, - "AWS::NeptuneGraph::Graph": { + "AWS::Lightsail::Disk.AddOn": { + "additionalProperties": false, + "properties": { + "AddOnType": { + "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for a disk.", + "title": "AddOnType", + "type": "string" + }, + "AutoSnapshotAddOnRequest": { + "$ref": "#/definitions/AWS::Lightsail::Disk.AutoSnapshotAddOn", + "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", + "title": "AutoSnapshotAddOnRequest" + }, + "Status": { + "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", + "title": "Status", + "type": "string" + } + }, + "required": [ + "AddOnType" + ], + "type": "object" + }, + "AWS::Lightsail::Disk.AutoSnapshotAddOn": { + "additionalProperties": false, + "properties": { + "SnapshotTimeOfDay": { + "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", + "title": "SnapshotTimeOfDay", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Disk.Location": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone where the disk is located.", + "title": "AvailabilityZone", + "type": "string" + }, + "RegionName": { + "markdownDescription": "The AWS Region where the disk is located.", + "title": "RegionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution": { "additionalProperties": false, "properties": { "Condition": { @@ -166425,53 +175098,74 @@ "Properties": { "additionalProperties": false, "properties": { - "DeletionProtection": { - "markdownDescription": "A value that indicates whether the graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" + "BundleId": { + "markdownDescription": "The ID of the bundle applied to the distribution.", + "title": "BundleId", + "type": "string" }, - "GraphName": { - "markdownDescription": "The graph name. For example: `my-graph-1` .\n\nThe name must contain from 1 to 63 letters, numbers, or hyphens, and its first character must be a letter. It cannot end with a hyphen or contain two consecutive hyphens.\n\nIf you don't specify a graph name, a unique graph name is generated for you using the prefix `graph-for` , followed by a combination of `Stack Name` and a `UUID` .", - "title": "GraphName", + "CacheBehaviorSettings": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheSettings", + "markdownDescription": "An object that describes the cache behavior settings of the distribution.", + "title": "CacheBehaviorSettings" + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehaviorPerPath" + }, + "markdownDescription": "An array of objects that describe the per-path cache behavior of the distribution.", + "title": "CacheBehaviors", + "type": "array" + }, + "CertificateName": { + "markdownDescription": "The name of the SSL/TLS certificate attached to the distribution.", + "title": "CertificateName", "type": "string" }, - "ProvisionedMemory": { - "markdownDescription": "The provisioned memory-optimized Neptune Capacity Units (m-NCUs) to use for the graph.\n\nMin = 16", - "title": "ProvisionedMemory", - "type": "number" + "DefaultCacheBehavior": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehavior", + "markdownDescription": "An object that describes the default cache behavior of the distribution.", + "title": "DefaultCacheBehavior" }, - "PublicConnectivity": { - "markdownDescription": "Specifies whether or not the graph can be reachable over the internet. All access to graphs is IAM authenticated.\n\nWhen the graph is publicly available, its domain name system (DNS) endpoint resolves to the public IP address from the internet. When the graph isn't publicly available, you need to create a `PrivateGraphEndpoint` in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\nDefault: If not specified, the default value is false.\n\n> If enabling public connectivity for the first time, there will be a delay while it is enabled.", - "title": "PublicConnectivity", + "DistributionName": { + "markdownDescription": "The name of the distribution", + "title": "DistributionName", + "type": "string" + }, + "IpAddressType": { + "markdownDescription": "The IP address type of the distribution.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for IPv4 and IPv6.", + "title": "IpAddressType", + "type": "string" + }, + "IsEnabled": { + "markdownDescription": "A Boolean value indicating whether the distribution is enabled.", + "title": "IsEnabled", "type": "boolean" }, - "ReplicaCount": { - "markdownDescription": "The number of replicas in other AZs.\n\nDefault: If not specified, the default value is 1.", - "title": "ReplicaCount", - "type": "number" + "Origin": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.InputOrigin", + "markdownDescription": "An object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer.\n\nThe distribution pulls, caches, and serves content from the origin.", + "title": "Origin" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Adds metadata tags to the new graph. These tags can also be used with cost allocation reporting, or used in a Condition statement in an IAM policy.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" - }, - "VectorSearchConfiguration": { - "$ref": "#/definitions/AWS::NeptuneGraph::Graph.VectorSearchConfiguration", - "markdownDescription": "Specifies the number of dimensions for vector embeddings that will be loaded into the graph. The value is specified as `dimension=` value. Max = 65,535", - "title": "VectorSearchConfiguration" } }, "required": [ - "ProvisionedMemory" + "BundleId", + "DefaultCacheBehavior", + "DistributionName", + "Origin" ], "type": "object" }, "Type": { "enum": [ - "AWS::NeptuneGraph::Graph" + "AWS::Lightsail::Distribution" ], "type": "string" }, @@ -166490,110 +175184,158 @@ ], "type": "object" }, - "AWS::NeptuneGraph::Graph.VectorSearchConfiguration": { + "AWS::Lightsail::Distribution.CacheBehavior": { "additionalProperties": false, "properties": { - "VectorSearchDimension": { - "markdownDescription": "The number of dimensions.", - "title": "VectorSearchDimension", - "type": "number" + "Behavior": { + "markdownDescription": "The cache behavior of the distribution.\n\nThe following cache behaviors can be specified:\n\n- *`cache`* - This option is best for static sites. When specified, your distribution caches and serves your entire website as static content. This behavior is ideal for websites with static content that doesn't change depending on who views it, or for websites that don't use cookies, headers, or query strings to personalize content.\n- *`dont-cache`* - This option is best for sites that serve a mix of static and dynamic content. When specified, your distribution caches and serves only the content that is specified in the distribution\u2019s `CacheBehaviorPerPath` parameter. This behavior is ideal for websites or web applications that use cookies, headers, and query strings to personalize content for individual users.", + "title": "Behavior", + "type": "string" } }, - "required": [ - "VectorSearchDimension" - ], "type": "object" }, - "AWS::NeptuneGraph::PrivateGraphEndpoint": { + "AWS::Lightsail::Distribution.CacheBehaviorPerPath": { "additionalProperties": false, "properties": { - "Condition": { + "Behavior": { + "markdownDescription": "The cache behavior for the specified path.\n\nYou can specify one of the following per-path cache behaviors:\n\n- *`cache`* - This behavior caches the specified path.\n- *`dont-cache`* - This behavior doesn't cache the specified path.", + "title": "Behavior", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Path": { + "markdownDescription": "The path to a directory or file to cache, or not cache. Use an asterisk symbol to specify wildcard directories ( `path/to/assets/*` ), and file types ( `*.html` , `*jpg` , `*js` ). Directories and file paths are case-sensitive.\n\nExamples:\n\n- Specify the following to cache all files in the document root of an Apache web server running on a instance.\n\n`var/www/html/`\n- Specify the following file to cache only the index page in the document root of an Apache web server.\n\n`var/www/html/index.html`\n- Specify the following to cache only the .html files in the document root of an Apache web server.\n\n`var/www/html/*.html`\n- Specify the following to cache only the .jpg, .png, and .gif files in the images sub-directory of the document root of an Apache web server.\n\n`var/www/html/images/*.jpg`\n\n`var/www/html/images/*.png`\n\n`var/www/html/images/*.gif`\n\nSpecify the following to cache all files in the images subdirectory of the document root of an Apache web server.\n\n`var/www/html/images/`", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.CacheSettings": { + "additionalProperties": false, + "properties": { + "AllowedHTTPMethods": { + "markdownDescription": "The HTTP methods that are processed and forwarded to the distribution's origin.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution forwards the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution forwards the `GET` , `HEAD` , and `OPTIONS` methods.\n- `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` - The distribution forwards the `GET` , `HEAD` , `OPTIONS` , `PUT` , `PATCH` , `POST` , and `DELETE` methods.\n\nIf you specify `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` , you might need to restrict access to your distribution's origin so users can't perform operations that you don't want them to. For example, you might not want users to have permission to delete objects from your origin.", + "title": "AllowedHTTPMethods", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CachedHTTPMethods": { + "markdownDescription": "The HTTP method responses that are cached by your distribution.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution caches responses to the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution caches responses to the `GET` , `HEAD` , and `OPTIONS` methods.", + "title": "CachedHTTPMethods", + "type": "string" }, - "Metadata": { - "type": "object" + "DefaultTTL": { + "markdownDescription": "The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.\n\n> The value specified applies only when the origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", + "title": "DefaultTTL", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "GraphIdentifier": { - "markdownDescription": "The unique identifier of the Neptune Analytics graph.", - "title": "GraphIdentifier", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Security groups to be attached to the private graph endpoint..", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Subnets in which private graph endpoint ENIs are created.", - "title": "SubnetIds", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The VPC in which the private graph endpoint needs to be created.", - "title": "VpcId", - "type": "string" - } + "ForwardedCookies": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.CookieObject", + "markdownDescription": "An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded.", + "title": "ForwardedCookies" + }, + "ForwardedHeaders": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.HeaderObject", + "markdownDescription": "An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded.", + "title": "ForwardedHeaders" + }, + "ForwardedQueryStrings": { + "$ref": "#/definitions/AWS::Lightsail::Distribution.QueryStringObject", + "markdownDescription": "An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded.", + "title": "ForwardedQueryStrings" + }, + "MaximumTTL": { + "markdownDescription": "The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nThe value specified applies only when the origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", + "title": "MaximumTTL", + "type": "number" + }, + "MinimumTTL": { + "markdownDescription": "The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nA value of `0` must be specified for `minimumTTL` if the distribution is configured to forward all headers to the origin.", + "title": "MinimumTTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.CookieObject": { + "additionalProperties": false, + "properties": { + "CookiesAllowList": { + "items": { + "type": "string" }, - "required": [ - "GraphIdentifier", - "VpcId" - ], - "type": "object" + "markdownDescription": "The specific cookies to forward to your distribution's origin.", + "title": "CookiesAllowList", + "type": "array" }, - "Type": { - "enum": [ - "AWS::NeptuneGraph::PrivateGraphEndpoint" - ], + "Option": { + "markdownDescription": "Specifies which cookies to forward to the distribution's origin for a cache behavior.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all cookies to your origin.\n- *`none`* - Doesn\u2019t forward cookies to your origin.\n- *`allow-list`* - Forwards only the cookies that you specify using the `CookiesAllowList` parameter.", + "title": "Option", "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.HeaderObject": { + "additionalProperties": false, + "properties": { + "HeadersAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific headers to forward to your distribution's origin.", + "title": "HeadersAllowList", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Option": { + "markdownDescription": "The headers that you want your distribution to forward to your origin. Your distribution caches your content based on these headers.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all headers to your origin..\n- *`none`* - Forwards only the default headers.\n- *`allow-list`* - Forwards only the headers that you specify using the `HeadersAllowList` parameter.", + "title": "Option", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::NetworkFirewall::Firewall": { + "AWS::Lightsail::Distribution.InputOrigin": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the origin resource.", + "title": "Name", + "type": "string" + }, + "ProtocolPolicy": { + "markdownDescription": "The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.", + "title": "ProtocolPolicy", + "type": "string" + }, + "RegionName": { + "markdownDescription": "The AWS Region name of the origin resource.", + "title": "RegionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Distribution.QueryStringObject": { + "additionalProperties": false, + "properties": { + "Option": { + "markdownDescription": "Indicates whether the distribution forwards and caches based on query strings.", + "title": "Option", + "type": "boolean" + }, + "QueryStringsAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific query strings that the distribution forwards to the origin.\n\nYour distribution caches content based on the specified query strings.\n\nIf the `option` parameter is true, then your distribution forwards all query strings, regardless of what you specify using the `QueryStringsAllowList` parameter.", + "title": "QueryStringsAllowList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Lightsail::Instance": { "additionalProperties": false, "properties": { "Condition": { @@ -166628,69 +175370,83 @@ "Properties": { "additionalProperties": false, "properties": { - "DeleteProtection": { - "markdownDescription": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` .", - "title": "DeleteProtection", - "type": "boolean" + "AddOns": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Instance.AddOn" + }, + "markdownDescription": "An array of add-ons for the instance.\n\n> If the instance has an add-on enabled when performing a delete instance request, the add-on is automatically disabled before the instance is deleted.", + "title": "AddOns", + "type": "array" }, - "Description": { - "markdownDescription": "A description of the firewall.", - "title": "Description", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", "type": "string" }, - "FirewallName": { - "markdownDescription": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", - "title": "FirewallName", + "BlueprintId": { + "markdownDescription": "The blueprint ID for the instance (for example, `os_amlinux_2016_03` ).", + "title": "BlueprintId", "type": "string" }, - "FirewallPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.", - "title": "FirewallPolicyArn", + "BundleId": { + "markdownDescription": "The bundle ID for the instance (for example, `micro_1_0` ).", + "title": "BundleId", "type": "string" }, - "FirewallPolicyChangeProtection": { - "markdownDescription": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", - "title": "FirewallPolicyChangeProtection", - "type": "boolean" + "Hardware": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Hardware", + "markdownDescription": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n> The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", + "title": "Hardware" }, - "SubnetChangeProtection": { - "markdownDescription": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", - "title": "SubnetChangeProtection", - "type": "boolean" + "InstanceName": { + "markdownDescription": "The name of the instance.", + "title": "InstanceName", + "type": "string" }, - "SubnetMappings": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::Firewall.SubnetMapping" - }, - "markdownDescription": "The primary public subnets that Network Firewall is using for the firewall. Network Firewall creates a firewall endpoint in each subnet. Create a subnet mapping for each Availability Zone where you want to use the firewall.\n\nThese subnets are all defined for a single, primary VPC, and each must belong to a different Availability Zone. Each of these subnets establishes the availability of the firewall in its Availability Zone.\n\nIn addition to these subnets, you can define other endpoints for the firewall in `VpcEndpointAssociation` resources. You can define these additional endpoints for any VPC, and for any of the Availability Zones where the firewall resource already has a subnet mapping. VPC endpoint associations give you the ability to protect multiple VPCs using a single firewall, and to define multiple firewall endpoints for a VPC in a single Availability Zone.", - "title": "SubnetMappings", - "type": "array" + "KeyPairName": { + "markdownDescription": "The name of the key pair to use for the instance.\n\nIf no key pair name is specified, the Regional Lightsail default key pair is used.", + "title": "KeyPairName", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Location", + "markdownDescription": "The location for the instance, such as the AWS Region and Availability Zone.\n\n> The `Location` property is read-only and should not be specified in a create instance or update instance request.", + "title": "Location" + }, + "Networking": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Networking", + "markdownDescription": "The public ports and the monthly amount of data transfer allocated for the instance.", + "title": "Networking" + }, + "State": { + "$ref": "#/definitions/AWS::Lightsail::Instance.State", + "markdownDescription": "The status code and the state (for example, `running` ) of the instance.\n\n> The `State` property is read-only and should not be specified in a create instance or update instance request.", + "title": "State" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" }, - "VpcId": { - "markdownDescription": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall.", - "title": "VpcId", + "UserData": { + "markdownDescription": "The optional launch script for the instance.\n\nSpecify a launch script to configure an instance with additional user data. For example, you might want to specify `apt-get -y update` as a launch script.\n\n> Depending on the blueprint of your instance, the command to get software on your instance varies. Amazon Linux and CentOS use `yum` , Debian and Ubuntu use `apt-get` , and FreeBSD uses `pkg` .", + "title": "UserData", "type": "string" } }, "required": [ - "FirewallName", - "FirewallPolicyArn", - "SubnetMappings", - "VpcId" + "BlueprintId", + "BundleId", + "InstanceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkFirewall::Firewall" + "AWS::Lightsail::Instance" ], "type": "string" }, @@ -166709,349 +175465,549 @@ ], "type": "object" }, - "AWS::NetworkFirewall::Firewall.SubnetMapping": { + "AWS::Lightsail::Instance.AddOn": { "additionalProperties": false, "properties": { - "IPAddressType": { - "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", - "title": "IPAddressType", + "AddOnType": { + "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for an instance.", + "title": "AddOnType", "type": "string" }, - "SubnetId": { - "markdownDescription": "The unique identifier for the subnet.", - "title": "SubnetId", + "AutoSnapshotAddOnRequest": { + "$ref": "#/definitions/AWS::Lightsail::Instance.AutoSnapshotAddOn", + "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", + "title": "AutoSnapshotAddOnRequest" + }, + "Status": { + "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", + "title": "Status", "type": "string" } }, "required": [ - "SubnetId" + "AddOnType" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy": { + "AWS::Lightsail::Instance.AutoSnapshotAddOn": { "additionalProperties": false, "properties": { - "Condition": { + "SnapshotTimeOfDay": { + "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", + "title": "SnapshotTimeOfDay", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Lightsail::Instance.Disk": { + "additionalProperties": false, + "properties": { + "AttachedTo": { + "markdownDescription": "The resources to which the disk is attached.", + "title": "AttachedTo", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttachmentState": { + "markdownDescription": "(Deprecated) The attachment state of the disk.\n\n> In releases prior to November 14, 2017, this parameter returned `attached` for system disks in the API response. It is now deprecated, but still included in the response. Use `isAttached` instead.", + "title": "AttachmentState", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DiskName": { + "markdownDescription": "The unique name of the disk.", + "title": "DiskName", + "type": "string" }, - "Metadata": { - "type": "object" + "IOPS": { + "markdownDescription": "The input/output operations per second (IOPS) of the disk.", + "title": "IOPS", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the firewall policy.", - "title": "Description", - "type": "string" - }, - "FirewallPolicy": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy", - "markdownDescription": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", - "title": "FirewallPolicy" - }, - "FirewallPolicyName": { - "markdownDescription": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", - "title": "FirewallPolicyName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "FirewallPolicy", - "FirewallPolicyName" - ], - "type": "object" + "IsSystemDisk": { + "markdownDescription": "A Boolean value indicating whether this disk is a system disk (has an operating system loaded on it).", + "title": "IsSystemDisk", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::NetworkFirewall::FirewallPolicy" - ], + "Path": { + "markdownDescription": "The disk path.", + "title": "Path", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SizeInGb": { + "markdownDescription": "The size of the disk in GB.", + "title": "SizeInGb", "type": "string" } }, "required": [ - "Type", - "Properties" + "DiskName", + "Path" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.ActionDefinition": { + "AWS::Lightsail::Instance.Hardware": { "additionalProperties": false, "properties": { - "PublishMetricAction": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction", - "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", - "title": "PublishMetricAction" + "CpuCount": { + "markdownDescription": "The number of vCPUs the instance has.\n\n> The `CpuCount` property is read-only and should not be specified in a create instance or update instance request.", + "title": "CpuCount", + "type": "number" + }, + "Disks": { + "items": { + "$ref": "#/definitions/AWS::Lightsail::Instance.Disk" + }, + "markdownDescription": "The disks attached to the instance.\n\nThe instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", + "title": "Disks", + "type": "array" + }, + "RamSizeInGb": { + "markdownDescription": "The amount of RAM in GB on the instance (for example, `1.0` ).\n\n> The `RamSizeInGb` property is read-only and should not be specified in a create instance or update instance request.", + "title": "RamSizeInGb", + "type": "number" } }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.CustomAction": { + "AWS::Lightsail::Instance.Location": { "additionalProperties": false, "properties": { - "ActionDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.ActionDefinition", - "markdownDescription": "The custom action associated with the action name.", - "title": "ActionDefinition" + "AvailabilityZone": { + "markdownDescription": "The Availability Zone for the instance.", + "title": "AvailabilityZone", + "type": "string" }, - "ActionName": { - "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", - "title": "ActionName", + "RegionName": { + "markdownDescription": "The name of the AWS Region for the instance.", + "title": "RegionName", "type": "string" } }, - "required": [ - "ActionDefinition", - "ActionName" - ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.Dimension": { + "AWS::Lightsail::Instance.MonthlyTransfer": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to use in the custom metric dimension.", - "title": "Value", + "GbPerMonthAllocated": { + "markdownDescription": "The amount of allocated monthly data transfer (in GB) for an instance.", + "title": "GbPerMonthAllocated", "type": "string" } }, - "required": [ - "Value" - ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy": { + "AWS::Lightsail::Instance.Networking": { "additionalProperties": false, "properties": { - "PolicyVariables": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PolicyVariables", - "markdownDescription": "Contains variables that you can use to override default Suricata settings in your firewall policy.", - "title": "PolicyVariables" + "MonthlyTransfer": { + "$ref": "#/definitions/AWS::Lightsail::Instance.MonthlyTransfer", + "markdownDescription": "The monthly amount of data transfer, in GB, allocated for the instance", + "title": "MonthlyTransfer" }, - "StatefulDefaultActions": { + "Ports": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Lightsail::Instance.Port" }, - "markdownDescription": "The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.\n\nValid values of the stateful default action:\n\n- aws:drop_strict\n- aws:drop_established\n- aws:alert_strict\n- aws:alert_established\n\nFor more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "StatefulDefaultActions", + "markdownDescription": "An array of ports to open on the instance.", + "title": "Ports", "type": "array" + } + }, + "required": [ + "Ports" + ], + "type": "object" + }, + "AWS::Lightsail::Instance.Port": { + "additionalProperties": false, + "properties": { + "AccessDirection": { + "markdownDescription": "The access direction ( `inbound` or `outbound` ).\n\n> Lightsail currently supports only `inbound` access direction.", + "title": "AccessDirection", + "type": "string" }, - "StatefulEngineOptions": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions", - "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.", - "title": "StatefulEngineOptions" - }, - "StatefulRuleGroupReferences": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference" - }, - "markdownDescription": "References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.", - "title": "StatefulRuleGroupReferences", - "type": "array" + "AccessFrom": { + "markdownDescription": "The location from which access is allowed. For example, `Anywhere (0.0.0.0/0)` , or `Custom` if a specific IP address or range of IP addresses is allowed.", + "title": "AccessFrom", + "type": "string" }, - "StatelessCustomActions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.CustomAction" - }, - "markdownDescription": "The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.", - "title": "StatelessCustomActions", - "type": "array" + "AccessType": { + "markdownDescription": "The type of access ( `Public` or `Private` ).", + "title": "AccessType", + "type": "string" }, - "StatelessDefaultActions": { + "CidrListAliases": { "items": { "type": "string" }, - "markdownDescription": "The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", - "title": "StatelessDefaultActions", + "markdownDescription": "An alias that defines access for a preconfigured range of IP addresses.\n\nThe only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance.", + "title": "CidrListAliases", "type": "array" }, - "StatelessFragmentDefaultActions": { + "Cidrs": { "items": { "type": "string" }, - "markdownDescription": "The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", - "title": "StatelessFragmentDefaultActions", + "markdownDescription": "The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.\n\n> The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. \n\nExamples:\n\n- To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` .\n- To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` .", + "title": "Cidrs", "type": "array" }, - "StatelessRuleGroupReferences": { + "CommonName": { + "markdownDescription": "The common name of the port information.", + "title": "CommonName", + "type": "string" + }, + "FromPort": { + "markdownDescription": "The first port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP type for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP type for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", + "title": "FromPort", + "type": "number" + }, + "Ipv6Cidrs": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference" + "type": "string" }, - "markdownDescription": "References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.", - "title": "StatelessRuleGroupReferences", + "markdownDescription": "The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used.\n\n> The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance.", + "title": "Ipv6Cidrs", "type": "array" }, - "TLSInspectionConfigurationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the TLS inspection configuration.", - "title": "TLSInspectionConfigurationArn", + "Protocol": { + "markdownDescription": "The IP protocol name.\n\nThe name can be one of the following:\n\n- `tcp` - Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of streamed data between applications running on hosts communicating by an IP network. If you have an application that doesn't require reliable data stream service, use UDP instead.\n- `all` - All transport layer protocol types.\n- `udp` - With User Datagram Protocol (UDP), computer applications can send messages (or datagrams) to other hosts on an Internet Protocol (IP) network. Prior communications are not required to set up transmission channels or data paths. Applications that don't require reliable data stream service can use UDP, which provides a connectionless datagram service that emphasizes reduced latency over reliability. If you do require reliable data stream service, use TCP instead.\n- `icmp` - Internet Control Message Protocol (ICMP) is used to send error messages and operational information indicating success or failure when communicating with an instance. For example, an error is indicated when an instance could not be reached. When you specify `icmp` as the `protocol` , you must specify the ICMP type using the `fromPort` parameter, and ICMP code using the `toPort` parameter.", + "title": "Protocol", "type": "string" + }, + "ToPort": { + "markdownDescription": "The last port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP code for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP code for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", + "title": "ToPort", + "type": "number" } }, - "required": [ - "StatelessDefaultActions", - "StatelessFragmentDefaultActions" - ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.IPSet": { + "AWS::Lightsail::Instance.State": { "additionalProperties": false, "properties": { - "Definition": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", - "title": "Definition", - "type": "array" + "Code": { + "markdownDescription": "The status code of the instance.", + "title": "Code", + "type": "number" + }, + "Name": { + "markdownDescription": "The state of the instance (for example, `running` or `pending` ).", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.PolicyVariables": { + "AWS::Lightsail::InstanceSnapshot": { "additionalProperties": false, "properties": { - "RuleVariables": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { "additionalProperties": false, - "markdownDescription": "The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata `HOME_NET` variable. If your firewall uses an inspection VPC, you might want to override the `HOME_NET` variable with the CIDRs of your home networks. If you don't override `HOME_NET` with your own CIDRs, Network Firewall by default uses the CIDR of your inspection VPC.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.IPSet" + "properties": { + "InstanceName": { + "markdownDescription": "The name the user gave the instance ( `Amazon_Linux_2023-1` ).", + "title": "InstanceName", + "type": "string" + }, + "InstanceSnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "InstanceSnapshotName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tag keys and optional values for the resource. For more information about tags in Lightsail, see the [Amazon Lightsail Developer Guide](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-tags) .", + "title": "Tags", + "type": "array" } }, - "title": "RuleVariables", + "required": [ + "InstanceName", + "InstanceSnapshotName" + ], "type": "object" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction": { - "additionalProperties": false, - "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.Dimension" - }, - "markdownDescription": "", - "title": "Dimensions", - "type": "array" + }, + "Type": { + "enum": [ + "AWS::Lightsail::InstanceSnapshot" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Dimensions" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions": { + "AWS::Lightsail::InstanceSnapshot.Location": { "additionalProperties": false, "properties": { - "RuleOrder": { - "markdownDescription": "Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "RuleOrder", + "AvailabilityZone": { + "markdownDescription": "", + "title": "AvailabilityZone", "type": "string" }, - "StreamExceptionPolicy": { - "markdownDescription": "Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.\n\n- `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.\n- `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent\u2014a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action.\n- `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.", - "title": "StreamExceptionPolicy", + "RegionName": { + "markdownDescription": "", + "title": "RegionName", "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride": { + "AWS::Lightsail::LoadBalancer": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups.", - "title": "Action", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference": { - "additionalProperties": false, - "properties": { - "Override": { - "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride", - "markdownDescription": "The action that allows the policy owner to override the behavior of the rule group within a policy.", - "title": "Override" }, - "Priority": { - "markdownDescription": "An integer setting that indicates the order in which to run the stateful rule groups in a single `FirewallPolicy` . This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings.\n\nNetwork Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.\n\nYou can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.", - "title": "Priority", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the stateful rule group.", - "title": "ResourceArn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AttachedInstances": { + "items": { + "type": "string" + }, + "markdownDescription": "The Lightsail instances to attach to the load balancer.", + "title": "AttachedInstances", + "type": "array" + }, + "HealthCheckPath": { + "markdownDescription": "The path on the attached instance where the health check will be performed. If no path is specified, the load balancer tries to make a request to the default (root) page ( `/index.html` ).", + "title": "HealthCheckPath", + "type": "string" + }, + "InstancePort": { + "markdownDescription": "The port that the load balancer uses to direct traffic to your Lightsail instances. For HTTP traffic, specify port `80` . For HTTPS traffic, specify port `443` .", + "title": "InstancePort", + "type": "number" + }, + "IpAddressType": { + "markdownDescription": "The IP address type of the load balancer.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for both IPv4 and IPv6.", + "title": "IpAddressType", + "type": "string" + }, + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer.", + "title": "LoadBalancerName", + "type": "string" + }, + "SessionStickinessEnabled": { + "markdownDescription": "A Boolean value indicating whether session stickiness is enabled.\n\nEnable session stickiness (also known as *session affinity* ) to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.", + "title": "SessionStickinessEnabled", + "type": "boolean" + }, + "SessionStickinessLBCookieDurationSeconds": { + "markdownDescription": "The time period, in seconds, after which the load balancer session stickiness cookie should be considered stale. If you do not specify this parameter, the default value is 0, which indicates that the sticky session should last for the duration of the browser session.", + "title": "SessionStickinessLBCookieDurationSeconds", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", + "title": "Tags", + "type": "array" + }, + "TlsPolicyName": { + "markdownDescription": "The name of the TLS security policy for the load balancer.", + "title": "TlsPolicyName", + "type": "string" + } + }, + "required": [ + "InstancePort", + "LoadBalancerName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Lightsail::LoadBalancer" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ResourceArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference": { + "AWS::Lightsail::LoadBalancerTlsCertificate": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "An integer setting that indicates the order in which to run the stateless rule groups in a single `FirewallPolicy` . Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.", - "title": "Priority", - "type": "number" + "Condition": { + "type": "string" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the stateless rule group.", - "title": "ResourceArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAlternativeNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of alternative domain names and subdomain names for your SSL/TLS certificate.\n\nIn addition to the primary domain name, you can have up to nine alternative domain names. Wildcards (such as `*.example.com` ) are not supported.", + "title": "CertificateAlternativeNames", + "type": "array" + }, + "CertificateDomainName": { + "markdownDescription": "The domain name for the SSL/TLS certificate. For example, `example.com` or `www.example.com` .", + "title": "CertificateDomainName", + "type": "string" + }, + "CertificateName": { + "markdownDescription": "The name of the SSL/TLS certificate.", + "title": "CertificateName", + "type": "string" + }, + "HttpsRedirectionEnabled": { + "markdownDescription": "A Boolean value indicating whether HTTPS redirection is enabled for the load balancer that the TLS certificate is attached to.", + "title": "HttpsRedirectionEnabled", + "type": "boolean" + }, + "IsAttached": { + "markdownDescription": "A Boolean value indicating whether the SSL/TLS certificate is attached to a Lightsail load balancer.", + "title": "IsAttached", + "type": "boolean" + }, + "LoadBalancerName": { + "markdownDescription": "The name of the load balancer that the SSL/TLS certificate is attached to.", + "title": "LoadBalancerName", + "type": "string" + } + }, + "required": [ + "CertificateDomainName", + "CertificateName", + "LoadBalancerName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Lightsail::LoadBalancerTlsCertificate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Priority", - "ResourceArn" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration": { + "AWS::Lightsail::StaticIp": { "additionalProperties": false, "properties": { "Condition": { @@ -167086,31 +176042,25 @@ "Properties": { "additionalProperties": false, "properties": { - "FirewallArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", - "title": "FirewallArn", + "AttachedTo": { + "markdownDescription": "The instance that the static IP is attached to.", + "title": "AttachedTo", "type": "string" }, - "FirewallName": { - "markdownDescription": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", - "title": "FirewallName", + "StaticIpName": { + "markdownDescription": "The name of the static IP.", + "title": "StaticIpName", "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration", - "markdownDescription": "Defines how AWS Network Firewall performs logging for a `Firewall` .", - "title": "LoggingConfiguration" } }, "required": [ - "FirewallArn", - "LoggingConfiguration" + "StaticIpName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkFirewall::LoggingConfiguration" + "AWS::Lightsail::StaticIp" ], "type": "string" }, @@ -167129,56 +176079,147 @@ ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig": { + "AWS::Location::APIKey": { "additionalProperties": false, "properties": { - "LogDestination": { - "additionalProperties": true, - "markdownDescription": "The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.\n\n- For an Amazon S3 bucket, provide the name of the bucket, with key `bucketName` , and optionally provide a prefix, with key `prefix` .\n\nThe following example specifies an Amazon S3 bucket named `DOC-EXAMPLE-BUCKET` and the prefix `alerts` :\n\n`\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }`\n- For a CloudWatch log group, provide the name of the CloudWatch log group, with key `logGroup` . The following example specifies a log group named `alert-log-group` :\n\n`\"LogDestination\": { \"logGroup\": \"alert-log-group\" }`\n- For a Firehose delivery stream, provide the name of the delivery stream, with key `deliveryStream` . The following example specifies a delivery stream named `alert-delivery-stream` :\n\n`\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }`", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Updates the description for the API key resource.", + "title": "Description", + "type": "string" + }, + "ExpireTime": { + "markdownDescription": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) .", + "title": "ExpireTime", + "type": "string" + }, + "ForceDelete": { + "markdownDescription": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n> This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use.", + "title": "ForceDelete", + "type": "boolean" + }, + "ForceUpdate": { + "markdownDescription": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred.", + "title": "ForceUpdate", + "type": "boolean" + }, + "KeyName": { + "markdownDescription": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` .", + "title": "KeyName", "type": "string" + }, + "NoExpiry": { + "markdownDescription": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time.", + "title": "NoExpiry", + "type": "boolean" + }, + "Restrictions": { + "$ref": "#/definitions/AWS::Location::APIKey.ApiKeyRestrictions", + "markdownDescription": "The API key restrictions for the API key resource.", + "title": "Restrictions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair that helps manage, identify, search, and filter your resources by labelling them.", + "title": "Tags", + "type": "array" } }, - "title": "LogDestination", + "required": [ + "KeyName", + "Restrictions" + ], "type": "object" }, - "LogDestinationType": { - "markdownDescription": "The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.", - "title": "LogDestinationType", + "Type": { + "enum": [ + "AWS::Location::APIKey" + ], "type": "string" }, - "LogType": { - "markdownDescription": "The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.\n\n- `ALERT` - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the `StatefulRule` property.\n- `FLOW` - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.\n- `TLS` - Logs for events that are related to TLS inspection. For more information, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-configurations.html) in the *Network Firewall Developer Guide* .", - "title": "LogType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "LogDestination", - "LogDestinationType", - "LogType" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration": { + "AWS::Location::APIKey.ApiKeyRestrictions": { "additionalProperties": false, "properties": { - "LogDestinationConfigs": { + "AllowActions": { "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig" + "type": "string" }, - "markdownDescription": "Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups.", - "title": "LogDestinationConfigs", + "markdownDescription": "A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action.\n\nThe following are valid values for the actions.\n\n- *Map actions*\n\n- `geo:GetMap*` - Allows all actions needed for map rendering.\n- *Enhanced Maps actions*\n\n- `geo-maps:GetTile` - Allows getting map tiles for rendering.\n- `geo-maps:GetStaticMap` - Allows getting static map images.\n- *Place actions*\n\n- `geo:SearchPlaceIndexForText` - Allows finding geo coordinates of a known place.\n- `geo:SearchPlaceIndexForPosition` - Allows getting nearest address to geo coordinates.\n- `geo:SearchPlaceIndexForSuggestions` - Allows suggestions based on an incomplete or misspelled query.\n- `geo:GetPlace` - Allows getting details of a place.\n- *Enhanced Places actions*\n\n- `geo-places:Autcomplete` - Allows auto-completion of search text.\n- `geo-places:Geocode` - Allows finding geo coordinates of a known place.\n- `geo-places:GetPlace` - Allows getting details of a place.\n- `geo-places:ReverseGeocode` - Allows getting nearest address to geo coordinates.\n- `geo-places:SearchNearby` - Allows category based places search around geo coordinates.\n- `geo-places:SearchText` - Allows place or address search based on free-form text.\n- `geo-places:Suggest` - Allows suggestions based on an incomplete or misspelled query.\n- *Route actions*\n\n- `geo:CalculateRoute` - Allows point to point routing.\n- `geo:CalculateRouteMatrix` - Allows matrix routing.\n- *Enhanced Routes actions*\n\n- `geo-routes:CalculateIsolines` - Allows isoline calculation.\n- `geo-routes:CalculateRoutes` - Allows point to point routing.\n- `geo-routes:CalculateRouteMatrix` - Allows matrix routing.\n- `geo-routes:OptimizeWaypoints` - Allows computing the best sequence of waypoints.\n- `geo-routes:SnapToRoads` - Allows snapping GPS points to a likely route.\n\n> You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `[\"geo:GetMap*\"]` is valid but `[\"geo:GetTile\"]` is not. Similarly, you cannot use `[\"geo:SearchPlaceIndexFor*\"]` - you must list each of the Place actions separately.", + "title": "AllowActions", + "type": "array" + }, + "AllowReferers": { + "items": { + "type": "string" + }, + "markdownDescription": "An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) or any symbols in this list `$\\-._+!*`(),;/?:@=&`\n- May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes.\n- May contain wildcard characters question mark (?) and asterisk (*).\n\nQuestion mark (?) will replace any single character (including hexadecimal digits).\n\nAsterisk (*) will replace any multiple characters (including multiple hexadecimal digits).\n- No spaces allowed. For example, `https://example.com` .", + "title": "AllowReferers", + "type": "array" + }, + "AllowResources": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of allowed resource ARNs that a API key bearer can perform actions on.\n\n- The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type.\n- The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created.\n- Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:).\n- No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` .\n\nFor more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) .", + "title": "AllowResources", "type": "array" } }, "required": [ - "LogDestinationConfigs" + "AllowActions", + "AllowResources" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup": { + "AWS::Location::GeofenceCollection": { "additionalProperties": false, "properties": { "Condition": { @@ -167213,50 +176254,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Capacity": { - "markdownDescription": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.", - "title": "Capacity", - "type": "number" + "CollectionName": { + "markdownDescription": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` .", + "title": "CollectionName", + "type": "string" }, "Description": { - "markdownDescription": "A description of the rule group.", + "markdownDescription": "An optional description for the geofence collection.", "title": "Description", "type": "string" }, - "RuleGroup": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleGroup", - "markdownDescription": "An object that defines the rule group rules.", - "title": "RuleGroup" - }, - "RuleGroupName": { - "markdownDescription": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", - "title": "RuleGroupName", + "KmsKeyId": { + "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", + "title": "KmsKeyId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "Applies one or more tags to the geofence collection. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules.", - "title": "Type", - "type": "string" } }, "required": [ - "Capacity", - "RuleGroupName", - "Type" + "CollectionName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkFirewall::RuleGroup" + "AWS::Location::GeofenceCollection" ], "type": "string" }, @@ -167275,534 +176304,236 @@ ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.ActionDefinition": { - "additionalProperties": false, - "properties": { - "PublishMetricAction": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PublishMetricAction", - "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", - "title": "PublishMetricAction" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.Address": { + "AWS::Location::Map": { "additionalProperties": false, "properties": { - "AddressDefinition": { - "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "AddressDefinition", + "Condition": { "type": "string" - } - }, - "required": [ - "AddressDefinition" - ], - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.CustomAction": { - "additionalProperties": false, - "properties": { - "ActionDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ActionDefinition", - "markdownDescription": "The custom action associated with the action name.", - "title": "ActionDefinition" }, - "ActionName": { - "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", - "title": "ActionName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::Location::Map.MapConfiguration", + "markdownDescription": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource.", + "title": "Configuration" + }, + "Description": { + "markdownDescription": "An optional description for the map resource.", + "title": "Description", + "type": "string" + }, + "MapName": { + "markdownDescription": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` .", + "title": "MapName", + "type": "string" + }, + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Configuration", + "MapName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Location::Map" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ActionDefinition", - "ActionName" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.Dimension": { + "AWS::Location::Map.MapConfiguration": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value to use in the custom metric dimension.", - "title": "Value", + "CustomLayers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style.\n\n> Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) .", + "title": "CustomLayers", + "type": "array" + }, + "PoliticalView": { + "markdownDescription": "Specifies the map political view selected from an available data provider.", + "title": "PoliticalView", + "type": "string" + }, + "Style": { + "markdownDescription": "Specifies the map style selected from an available data provider.\n\nValid [Esri map styles](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) :\n\n- `VectorEsriDarkGrayCanvas` \u2013 The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `RasterEsriImagery` \u2013 The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide.\n- `VectorEsriLightGrayCanvas` \u2013 The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `VectorEsriTopographic` \u2013 The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style.\n- `VectorEsriStreets` \u2013 The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map.\n- `VectorEsriNavigation` \u2013 The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices.\n\nValid [HERE Technologies map styles](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) :\n\n- `VectorHereContrast` \u2013 The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering.\n\n> The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it.\n- `VectorHereExplore` \u2013 A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan.\n- `VectorHereExploreTruck` \u2013 A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics.\n- `RasterHereExploreSatellite` \u2013 A global map containing high resolution satellite imagery.\n- `HybridHereExploreSatellite` \u2013 A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved.\n\n> Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved.\n\nValid [GrabMaps map styles](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) :\n\n- `VectorGrabStandardLight` \u2013 The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia.\n- `VectorGrabStandardDark` \u2013 The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia.\n\n> Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) . \n\nValid [Open Data map styles](https://docs.aws.amazon.com/location/previous/developerguide/open-data.html) :\n\n- `VectorOpenDataStandardLight` \u2013 The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataStandardDark` \u2013 Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataVisualizationLight` \u2013 The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data.\n- `VectorOpenDataVisualizationDark` \u2013 The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data.", + "title": "Style", "type": "string" } }, "required": [ - "Value" + "Style" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.Header": { + "AWS::Location::PlaceIndex": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "Destination", + "Condition": { "type": "string" }, - "DestinationPort": { - "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", - "title": "DestinationPort", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Direction": { - "markdownDescription": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination.", - "title": "Direction", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Protocol": { - "markdownDescription": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP.", - "title": "Protocol", - "type": "string" + "Metadata": { + "type": "object" }, - "Source": { - "markdownDescription": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "Source", + "Properties": { + "additionalProperties": false, + "properties": { + "DataSource": { + "markdownDescription": "Specifies the geospatial data provider for the new place index.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` \u2013 Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n> If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS service terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service developer guide* .", + "title": "DataSource", + "type": "string" + }, + "DataSourceConfiguration": { + "$ref": "#/definitions/AWS::Location::PlaceIndex.DataSourceConfiguration", + "markdownDescription": "Specifies the data storage option requesting Places.", + "title": "DataSourceConfiguration" + }, + "Description": { + "markdownDescription": "The optional description for the place index resource.", + "title": "Description", + "type": "string" + }, + "IndexName": { + "markdownDescription": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` .", + "title": "IndexName", + "type": "string" + }, + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DataSource", + "IndexName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Location::PlaceIndex" + ], "type": "string" }, - "SourcePort": { - "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", - "title": "SourcePort", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Destination", - "DestinationPort", - "Direction", - "Protocol", - "Source", - "SourcePort" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.IPSet": { - "additionalProperties": false, - "properties": { - "Definition": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", - "title": "Definition", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.IPSetReference": { + "AWS::Location::PlaceIndex.DataSourceConfiguration": { "additionalProperties": false, "properties": { - "ReferenceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to include in the `RuleGroup.IPSetReference` .", - "title": "ReferenceArn", + "IntendedUse": { + "markdownDescription": "Specifies how the results of an operation will be stored by the caller.\n\nValid values include:\n\n- `SingleUse` specifies that the results won't be stored.\n- `Storage` specifies that the result can be cached or stored in a database.\n\nDefault value: `SingleUse`", + "title": "IntendedUse", "type": "string" } }, "type": "object" }, - "AWS::NetworkFirewall::RuleGroup.MatchAttributes": { + "AWS::Location::RouteCalculator": { "additionalProperties": false, "properties": { - "DestinationPorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" - }, - "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", - "title": "DestinationPorts", - "type": "array" - }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" - }, - "markdownDescription": "The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.", - "title": "Destinations", - "type": "array" - }, - "Protocols": { - "items": { - "type": "number" - }, - "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.", - "title": "Protocols", - "type": "array" - }, - "SourcePorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" - }, - "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nIf not specified, this matches with any source port.\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", - "title": "SourcePorts", - "type": "array" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" - }, - "markdownDescription": "The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.", - "title": "Sources", - "type": "array" - }, - "TCPFlags": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.TCPFlagField" - }, - "markdownDescription": "The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).", - "title": "TCPFlags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.PortRange": { - "additionalProperties": false, - "properties": { - "FromPort": { - "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", - "title": "FromPort", - "type": "number" - }, - "ToPort": { - "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", - "title": "ToPort", - "type": "number" - } - }, - "required": [ - "FromPort", - "ToPort" - ], - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.PortSet": { - "additionalProperties": false, - "properties": { - "Definition": { - "items": { - "type": "string" - }, - "markdownDescription": "The set of port ranges.", - "title": "Definition", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.PublishMetricAction": { - "additionalProperties": false, - "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Dimension" - }, - "markdownDescription": "", - "title": "Dimensions", - "type": "array" - } - }, - "required": [ - "Dimensions" - ], - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.ReferenceSets": { - "additionalProperties": false, - "properties": { - "IPSetReferences": { - "additionalProperties": false, - "markdownDescription": "The IP set references to use in the stateful rule group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSetReference" - } - }, - "title": "IPSetReferences", - "type": "object" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.RuleDefinition": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions.\n\n> Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the `FirewallPolicy` . \n\nFor every rule, you must specify exactly one of the following standard actions.\n\n- *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination.\n- *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination.\n- *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection.\n\nAdditionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting.\n\nTo provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `[\u201caws:pass\u201d, \u201cMyMetricsAction\u201d]` .", - "title": "Actions", - "type": "array" - }, - "MatchAttributes": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.MatchAttributes", - "markdownDescription": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.", - "title": "MatchAttributes" - } - }, - "required": [ - "Actions", - "MatchAttributes" - ], - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.RuleGroup": { - "additionalProperties": false, - "properties": { - "ReferenceSets": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ReferenceSets", - "markdownDescription": "The reference sets for the stateful rule group.", - "title": "ReferenceSets" - }, - "RuleVariables": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleVariables", - "markdownDescription": "Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.", - "title": "RuleVariables" - }, - "RulesSource": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSource", - "markdownDescription": "The stateful rules or stateless rules for the rule group.", - "title": "RulesSource" - }, - "StatefulRuleOptions": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions", - "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* .", - "title": "StatefulRuleOptions" - } - }, - "required": [ - "RulesSource" - ], - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.RuleOption": { - "additionalProperties": false, - "properties": { - "Keyword": { - "markdownDescription": "The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", - "title": "Keyword", - "type": "string" - }, - "Settings": { - "items": { - "type": "string" - }, - "markdownDescription": "The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", - "title": "Settings", - "type": "array" - } - }, - "required": [ - "Keyword" - ], - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.RuleVariables": { - "additionalProperties": false, - "properties": { - "IPSets": { - "additionalProperties": false, - "markdownDescription": "A list of IP addresses and address ranges, in CIDR notation.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSet" - } - }, - "title": "IPSets", - "type": "object" - }, - "PortSets": { - "additionalProperties": false, - "markdownDescription": "A list of port ranges.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortSet" - } - }, - "title": "PortSets", - "type": "object" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.RulesSource": { - "additionalProperties": false, - "properties": { - "RulesSourceList": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSourceList", - "markdownDescription": "Stateful inspection criteria for a domain list rule group.", - "title": "RulesSourceList" - }, - "RulesString": { - "markdownDescription": "Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.\n\nThese rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.\n\n> You can't use the `priority` keyword if the `RuleOrder` option in `StatefulRuleOptions` is set to `STRICT_ORDER` .", - "title": "RulesString", - "type": "string" - }, - "StatefulRules": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRule" - }, - "markdownDescription": "An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-7.0.3/rules/intro.html) .", - "title": "StatefulRules", - "type": "array" - }, - "StatelessRulesAndCustomActions": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions", - "markdownDescription": "Stateless inspection criteria to be used in a stateless rule group.", - "title": "StatelessRulesAndCustomActions" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.RulesSourceList": { - "additionalProperties": false, - "properties": { - "GeneratedRulesType": { - "markdownDescription": "Whether you want to allow or deny access to the domains in your target list.", - "title": "GeneratedRulesType", - "type": "string" - }, - "TargetTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` .", - "title": "TargetTypes", - "type": "array" - }, - "Targets": { - "items": { - "type": "string" - }, - "markdownDescription": "The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:\n\n- Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` .\n- Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` .", - "title": "Targets", - "type": "array" - } - }, - "required": [ - "GeneratedRulesType", - "TargetTypes", - "Targets" - ], - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.StatefulRule": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.\n\nThe actions for a stateful rule are defined as follows:\n\n- *PASS* - Permits the packets to go to the intended destination.\n- *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n- *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic.\n- *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\nYou can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` .\n- *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\n`REJECT` isn't currently available for use with IMAP and FTP protocols.", - "title": "Action", - "type": "string" - }, - "Header": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Header", - "markdownDescription": "The stateful inspection criteria for this rule, used to inspect traffic flows.", - "title": "Header" - }, - "RuleOptions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleOption" - }, - "markdownDescription": "Additional settings for a stateful rule, provided as keywords and settings.", - "title": "RuleOptions", - "type": "array" - } - }, - "required": [ - "Action", - "Header", - "RuleOptions" - ], - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions": { - "additionalProperties": false, - "properties": { - "RuleOrder": { - "markdownDescription": "Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", - "title": "RuleOrder", - "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.StatelessRule": { - "additionalProperties": false, - "properties": { - "Priority": { - "markdownDescription": "Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.\n\nEach stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object.\n\nYou can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on.", - "title": "Priority", - "type": "number" - }, - "RuleDefinition": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleDefinition", - "markdownDescription": "Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria.", - "title": "RuleDefinition" - } - }, - "required": [ - "Priority", - "RuleDefinition" - ], - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions": { - "additionalProperties": false, - "properties": { - "CustomActions": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.CustomAction" - }, - "markdownDescription": "Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule `RuleGroup.RuleDefinition` `Actions` specification.", - "title": "CustomActions", - "type": "array" - }, - "StatelessRules": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRule" - }, - "markdownDescription": "Defines the set of stateless rules for use in a stateless rule group.", - "title": "StatelessRules", - "type": "array" - } - }, - "required": [ - "StatelessRules" - ], - "type": "object" - }, - "AWS::NetworkFirewall::RuleGroup.TCPFlagField": { - "additionalProperties": false, - "properties": { - "Flags": { - "items": { - "type": "string" - }, - "markdownDescription": "Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting.\n\nFor the flags that are specified in the masks setting, the following must be true for the packet to match:\n\n- The ones that are set in this flags setting must be set in the packet.\n- The ones that are not set in this flags setting must also not be set in the packet.", - "title": "Flags", - "type": "array" - }, - "Masks": { - "items": { - "type": "string" - }, - "markdownDescription": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting.", - "title": "Masks", - "type": "array" - } - }, - "required": [ - "Flags" - ], - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "Condition": { + "type": "string" }, "DeletionPolicy": { "enum": [ @@ -167833,39 +176564,44 @@ "Properties": { "additionalProperties": false, "properties": { + "CalculatorName": { + "markdownDescription": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` .", + "title": "CalculatorName", + "type": "string" + }, + "DataSource": { + "markdownDescription": "Specifies the data provider of traffic and road network data.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` \u2013 Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/previous/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", + "title": "DataSource", + "type": "string" + }, "Description": { - "markdownDescription": "A description of the TLS inspection configuration.", + "markdownDescription": "The optional description for the route calculator resource.", "title": "Description", "type": "string" }, - "TLSInspectionConfiguration": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration", - "markdownDescription": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", - "title": "TLSInspectionConfiguration" - }, - "TLSInspectionConfigurationName": { - "markdownDescription": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it.", - "title": "TLSInspectionConfigurationName", + "PricingPlan": { + "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", + "title": "PricingPlan", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The key:value pairs to associate with the resource.", + "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ - "TLSInspectionConfiguration", - "TLSInspectionConfigurationName" + "CalculatorName", + "DataSource" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkFirewall::TLSInspectionConfiguration" + "AWS::Location::RouteCalculator" ], "type": "string" }, @@ -167884,160 +176620,7 @@ ], "type": "object" }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.Address": { - "additionalProperties": false, - "properties": { - "AddressDefinition": { - "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", - "title": "AddressDefinition", - "type": "string" - } - }, - "required": [ - "AddressDefinition" - ], - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus": { - "additionalProperties": false, - "properties": { - "RevokedStatusAction": { - "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has a revoked status.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", - "title": "RevokedStatusAction", - "type": "string" - }, - "UnknownStatusAction": { - "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has an unknown status, or a status that cannot be determined for any other reason, including when the service is unable to connect to the OCSP and CRL endpoints for the certificate.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", - "title": "UnknownStatusAction", - "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange": { - "additionalProperties": false, - "properties": { - "FromPort": { - "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", - "title": "FromPort", - "type": "number" - }, - "ToPort": { - "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", - "title": "ToPort", - "type": "number" - } - }, - "required": [ - "FromPort", - "ToPort" - ], - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.", - "title": "ResourceArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration": { - "additionalProperties": false, - "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", - "title": "CertificateAuthorityArn", - "type": "string" - }, - "CheckCertificateRevocationStatus": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus", - "markdownDescription": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .", - "title": "CheckCertificateRevocationStatus" - }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope" - }, - "markdownDescription": "A list of scopes.", - "title": "Scopes", - "type": "array" - }, - "ServerCertificates": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate" - }, - "markdownDescription": "The list of server certificates to use for inbound SSL/TLS inspection.", - "title": "ServerCertificates", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope": { - "additionalProperties": false, - "properties": { - "DestinationPorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" - }, - "markdownDescription": "The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", - "title": "DestinationPorts", - "type": "array" - }, - "Destinations": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" - }, - "markdownDescription": "The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any destination address.", - "title": "Destinations", - "type": "array" - }, - "Protocols": { - "items": { - "type": "number" - }, - "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.\n\nNetwork Firewall currently supports only TCP.", - "title": "Protocols", - "type": "array" - }, - "SourcePorts": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" - }, - "markdownDescription": "The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", - "title": "SourcePorts", - "type": "array" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" - }, - "markdownDescription": "The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any source address.", - "title": "Sources", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration": { - "additionalProperties": false, - "properties": { - "ServerCertificateConfigurations": { - "items": { - "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration" - }, - "markdownDescription": "Lists the server certificate configurations that are associated with the TLS configuration.", - "title": "ServerCertificateConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::ConnectAttachment": { + "AWS::Location::Tracker": { "additionalProperties": false, "properties": { "Condition": { @@ -168072,51 +176655,53 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "The ID of the core network where the Connect attachment is located.", - "title": "CoreNetworkId", + "Description": { + "markdownDescription": "An optional description for the tracker resource.", + "title": "Description", "type": "string" }, - "EdgeLocation": { - "markdownDescription": "The Region where the edge is located.", - "title": "EdgeLocation", - "type": "string" + "EventBridgeEnabled": { + "markdownDescription": "", + "title": "EventBridgeEnabled", + "type": "boolean" }, - "Options": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions", - "markdownDescription": "Options for connecting an attachment.", - "title": "Options" + "KmsKeyEnableGeospatialQueries": { + "markdownDescription": "", + "title": "KmsKeyEnableGeospatialQueries", + "type": "boolean" }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" + "KmsKeyId": { + "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", + "title": "KmsKeyId", + "type": "string" + }, + "PositionFiltering": { + "markdownDescription": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` .", + "title": "PositionFiltering", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with the Connect attachment.", + "markdownDescription": "", "title": "Tags", "type": "array" }, - "TransportAttachmentId": { - "markdownDescription": "The ID of the transport attachment.", - "title": "TransportAttachmentId", + "TrackerName": { + "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", + "title": "TrackerName", "type": "string" } }, "required": [ - "CoreNetworkId", - "EdgeLocation", - "Options", - "TransportAttachmentId" + "TrackerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::ConnectAttachment" + "AWS::Location::Tracker" ], "type": "string" }, @@ -168135,42 +176720,7 @@ ], "type": "object" }, - "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { - "additionalProperties": false, - "properties": { - "Protocol": { - "markdownDescription": "The protocol used for the attachment connection.", - "title": "Protocol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange": { - "additionalProperties": false, - "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::ConnectPeer": { + "AWS::Location::TrackerConsumer": { "additionalProperties": false, "properties": { "Condition": { @@ -168205,57 +176755,26 @@ "Properties": { "additionalProperties": false, "properties": { - "BgpOptions": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.BgpOptions", - "markdownDescription": "Describes the BGP options.", - "title": "BgpOptions" - }, - "ConnectAttachmentId": { - "markdownDescription": "The ID of the attachment to connect.", - "title": "ConnectAttachmentId", - "type": "string" - }, - "CoreNetworkAddress": { - "markdownDescription": "The IP address of a core network.", - "title": "CoreNetworkAddress", - "type": "string" - }, - "InsideCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", - "title": "InsideCidrBlocks", - "type": "array" - }, - "PeerAddress": { - "markdownDescription": "The IP address of the Connect peer.", - "title": "PeerAddress", + "ConsumerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`", + "title": "ConsumerArn", "type": "string" }, - "SubnetArn": { - "markdownDescription": "The subnet ARN of the Connect peer.", - "title": "SubnetArn", + "TrackerName": { + "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", + "title": "TrackerName", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags associated with the Connect peer.", - "title": "Tags", - "type": "array" } }, "required": [ - "ConnectAttachmentId", - "PeerAddress" + "ConsumerArn", + "TrackerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::ConnectPeer" + "AWS::Location::TrackerConsumer" ], "type": "string" }, @@ -168274,81 +176793,7 @@ ], "type": "object" }, - "AWS::NetworkManager::ConnectPeer.BgpOptions": { - "additionalProperties": false, - "properties": { - "PeerAsn": { - "markdownDescription": "The Peer ASN of the BGP.", - "title": "PeerAsn", - "type": "number" - } - }, - "type": "object" - }, - "AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration": { - "additionalProperties": false, - "properties": { - "CoreNetworkAddress": { - "markdownDescription": "The address of a core network.", - "title": "CoreNetworkAddress", - "type": "string" - }, - "CoreNetworkAsn": { - "markdownDescription": "The ASN of the Coret Network.", - "title": "CoreNetworkAsn", - "type": "number" - }, - "PeerAddress": { - "markdownDescription": "The address of a core network Connect peer.", - "title": "PeerAddress", - "type": "string" - }, - "PeerAsn": { - "markdownDescription": "The ASN of the Connect peer.", - "title": "PeerAsn", - "type": "number" - } - }, - "type": "object" - }, - "AWS::NetworkManager::ConnectPeer.ConnectPeerConfiguration": { - "additionalProperties": false, - "properties": { - "BgpConfigurations": { - "items": { - "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration" - }, - "markdownDescription": "The Connect peer BGP configurations.", - "title": "BgpConfigurations", - "type": "array" - }, - "CoreNetworkAddress": { - "markdownDescription": "The IP address of a core network.", - "title": "CoreNetworkAddress", - "type": "string" - }, - "InsideCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", - "title": "InsideCidrBlocks", - "type": "array" - }, - "PeerAddress": { - "markdownDescription": "The IP address of the Connect peer.", - "title": "PeerAddress", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocol used for a Connect peer configuration.", - "title": "Protocol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkManager::CoreNetwork": { + "AWS::Logs::AccountPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -168383,38 +176828,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of a core network.", - "title": "Description", + "PolicyDocument": { + "markdownDescription": "Specify the policy, in JSON.\n\n*Data protection policy*\n\nA data protection policy must include two JSON blocks:\n\n- The first block must include both a `DataIdentifer` array and an `Operation` property with an `Audit` action. The `DataIdentifer` array lists the types of sensitive data that you want to mask. For more information about the available options, see [Types of data that you can mask](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html) .\n\nThe `Operation` property with an `Audit` action is required to find the sensitive data terms. This `Audit` action must contain a `FindingsDestination` object. You can optionally use that `FindingsDestination` object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Firehose streams, and S3 buckets, they must already exist.\n- The second block must include both a `DataIdentifer` array and an `Operation` property with an `Deidentify` action. The `DataIdentifer` array must exactly match the `DataIdentifer` array in the first block of the policy.\n\nThe `Operation` property with the `Deidentify` action is what actually masks the data, and it must contain the `\"MaskConfig\": {}` object. The `\"MaskConfig\": {}` object must be empty.\n\n> The contents of the two `DataIdentifer` arrays must match exactly. \n\nIn addition to the two JSON blocks, the `policyDocument` can also include `Name` , `Description` , and `Version` fields. The `Name` is different than the operation's `policyName` parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch .\n\nThe JSON specified in `policyDocument` can be up to 30,720 characters long.\n\n*Subscription filter policy*\n\nA subscription filter policy can include the following attributes in a JSON block:\n\n- *DestinationArn* The ARN of the destination to deliver log events to. Supported destinations are:\n\n- An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.\n- An Firehose data stream in the same account as the subscription policy, for same-account delivery.\n- A Lambda function in the same account as the subscription policy, for same-account delivery.\n- A logical destination in a different account created with [PutDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html) , for cross-account delivery. Kinesis Data Streams and Firehose are supported as logical destinations.\n- *RoleArn* The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.\n- *FilterPattern* A filter pattern for subscribing to a filtered stream of log events.\n- *Distribution* The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to `Random` for a more even distribution. This property is only applicable when the destination is an Kinesis Data Streams data stream.\n\n*Field index policy*\n\nA field index filter policy can include the following attribute in a JSON block:\n\n- *Fields* The array of field indexes to create.\n\nThe following is an example of an index policy document that creates two indexes, `RequestId` and `TransactionId` .\n\n`\"policyDocument\": \"{ \\\"Fields\\\": [ \\\"RequestId\\\", \\\"TransactionId\\\" ] }\"`\n\n*Transformer policy*\n\nA transformer policy must include one JSON block with the array of processors and their configurations. For more information about available processors, see [Processors that you can use](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors) .", + "title": "PolicyDocument", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network that your core network is a part of.", - "title": "GlobalNetworkId", + "PolicyName": { + "markdownDescription": "A name for the policy. This must be unique within the account.", + "title": "PolicyName", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "Describes a core network policy. For more information, see [Core network policies](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) .\n\nIf you update the policy document, CloudFormation will apply the core network change set generated from the updated policy document, and then set it as the LIVE policy.", - "title": "PolicyDocument", - "type": "object" + "PolicyType": { + "markdownDescription": "The type of policy that you're creating or updating.", + "title": "PolicyType", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags associated with a core network.", - "title": "Tags", - "type": "array" + "Scope": { + "markdownDescription": "Currently the only valid value for this parameter is `ALL` , which specifies that the policy applies to all log groups in the account. If you omit this parameter, the default of `ALL` is used. To scope down a subscription filter policy to a subset of log groups, use the `SelectionCriteria` parameter.", + "title": "Scope", + "type": "string" + }, + "SelectionCriteria": { + "markdownDescription": "Use this parameter to apply the new policy to a subset of log groups in the account.\n\nYou need to specify `SelectionCriteria` only when you specify `SUBSCRIPTION_FILTER_POLICY` , `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` for `PolicyType` .\n\nIf `PolicyType` is `SUBSCRIPTION_FILTER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupName NOT IN []`\n\nIf `PolicyType` is `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY` , the only supported `SelectionCriteria` filter is `LogGroupNamePrefix`\n\nThe `SelectionCriteria` string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.\n\nUsing the `SelectionCriteria` parameter with `SUBSCRIPTION_FILTER_POLICY` is useful to help prevent infinite loops. For more information, see [Log recursion prevention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html) .", + "title": "SelectionCriteria", + "type": "string" } }, "required": [ - "GlobalNetworkId" + "PolicyDocument", + "PolicyName", + "PolicyType" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::CoreNetwork" + "AWS::Logs::AccountPolicy" ], "type": "string" }, @@ -168433,58 +176882,7 @@ ], "type": "object" }, - "AWS::NetworkManager::CoreNetwork.CoreNetworkEdge": { - "additionalProperties": false, - "properties": { - "Asn": { - "markdownDescription": "The ASN of a core network edge.", - "title": "Asn", - "type": "number" - }, - "EdgeLocation": { - "markdownDescription": "The Region where a core network edge is located.", - "title": "EdgeLocation", - "type": "string" - }, - "InsideCidrBlocks": { - "items": { - "type": "string" - }, - "markdownDescription": "The inside IP addresses used for core network edges.", - "title": "InsideCidrBlocks", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::CoreNetwork.CoreNetworkSegment": { - "additionalProperties": false, - "properties": { - "EdgeLocations": { - "items": { - "type": "string" - }, - "markdownDescription": "The Regions where the edges are located.", - "title": "EdgeLocations", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of a core network segment.", - "title": "Name", - "type": "string" - }, - "SharedSegments": { - "items": { - "type": "string" - }, - "markdownDescription": "The shared segments of a core network.", - "title": "SharedSegments", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::CustomerGatewayAssociation": { + "AWS::Logs::Delivery": { "additionalProperties": false, "properties": { "Condition": { @@ -168519,37 +176917,57 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomerGatewayArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the customer gateway.", - "title": "CustomerGatewayArn", + "DeliveryDestinationArn": { + "markdownDescription": "The ARN of the delivery destination that is associated with this delivery.", + "title": "DeliveryDestinationArn", "type": "string" }, - "DeviceId": { - "markdownDescription": "The ID of the device.", - "title": "DeviceId", + "DeliverySourceName": { + "markdownDescription": "The name of the delivery source that is associated with this delivery.", + "title": "DeliverySourceName", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "FieldDelimiter": { + "markdownDescription": "The field delimiter that is used between record fields when the final output format of a delivery is in `Plain` , `W3C` , or `Raw` format.", + "title": "FieldDelimiter", "type": "string" }, - "LinkId": { - "markdownDescription": "The ID of the link.", - "title": "LinkId", + "RecordFields": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of record fields to be delivered to the destination, in order. If the delivery's log source has mandatory fields, they must be included in this list.", + "title": "RecordFields", + "type": "array" + }, + "S3EnableHiveCompatiblePath": { + "markdownDescription": "Use this parameter to cause the S3 objects that contain delivered logs to use a prefix structure that allows for integration with Apache Hive.", + "title": "S3EnableHiveCompatiblePath", + "type": "boolean" + }, + "S3SuffixPath": { + "markdownDescription": "Use this to reconfigure the S3 object prefix to contain either static or variable sections. The valid variables to use in the suffix path will vary by each log source. To find the values supported for the suffix path for each log source, use the [DescribeConfigurationTemplates](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeConfigurationTemplates.html) operation and check the `allowedSuffixPathFields` field in the response.", + "title": "S3SuffixPath", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the delivery.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "CustomerGatewayArn", - "DeviceId", - "GlobalNetworkId" + "DeliveryDestinationArn", + "DeliverySourceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::CustomerGatewayAssociation" + "AWS::Logs::Delivery" ], "type": "string" }, @@ -168568,7 +176986,7 @@ ], "type": "object" }, - "AWS::NetworkManager::Device": { + "AWS::Logs::DeliveryDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -168603,68 +177021,43 @@ "Properties": { "additionalProperties": false, "properties": { - "AWSLocation": { - "$ref": "#/definitions/AWS::NetworkManager::Device.AWSLocation", - "markdownDescription": "The AWS location of the device.", - "title": "AWSLocation" - }, - "Description": { - "markdownDescription": "A description of the device.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", - "type": "string" - }, - "Location": { - "$ref": "#/definitions/AWS::NetworkManager::Device.Location", - "markdownDescription": "The site location.", - "title": "Location" + "DeliveryDestinationPolicy": { + "$ref": "#/definitions/AWS::Logs::DeliveryDestination.DestinationPolicy", + "markdownDescription": "An IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. For examples of this policy, see [Examples](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html#API_PutDeliveryDestinationPolicy_Examples) in the CloudWatch Logs API Reference.", + "title": "DeliveryDestinationPolicy" }, - "Model": { - "markdownDescription": "The model of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "Model", + "DestinationResourceArn": { + "markdownDescription": "The ARN of the AWS destination that this delivery destination represents. That AWS destination can be a log group in CloudWatch Logs , an Amazon S3 bucket, or a Firehose stream.", + "title": "DestinationResourceArn", "type": "string" }, - "SerialNumber": { - "markdownDescription": "The serial number of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "SerialNumber", + "Name": { + "markdownDescription": "The name of this delivery destination.", + "title": "Name", "type": "string" }, - "SiteId": { - "markdownDescription": "The site ID.", - "title": "SiteId", + "OutputFormat": { + "markdownDescription": "The format of the logs that are sent to this delivery destination.", + "title": "OutputFormat", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the device.", + "markdownDescription": "An array of key-value pairs to apply to the delivery destination.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "Type": { - "markdownDescription": "The device type.", - "title": "Type", - "type": "string" - }, - "Vendor": { - "markdownDescription": "The vendor of the device.\n\nConstraints: Maximum length of 128 characters.", - "title": "Vendor", - "type": "string" } }, "required": [ - "GlobalNetworkId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::Device" + "AWS::Logs::DeliveryDestination" ], "type": "string" }, @@ -168683,44 +177076,23 @@ ], "type": "object" }, - "AWS::NetworkManager::Device.AWSLocation": { - "additionalProperties": false, - "properties": { - "SubnetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the subnet that the device is located in.", - "title": "SubnetArn", - "type": "string" - }, - "Zone": { - "markdownDescription": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost.", - "title": "Zone", - "type": "string" - } - }, - "type": "object" - }, - "AWS::NetworkManager::Device.Location": { + "AWS::Logs::DeliveryDestination.DestinationPolicy": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The physical address.", - "title": "Address", - "type": "string" - }, - "Latitude": { - "markdownDescription": "The latitude.", - "title": "Latitude", + "DeliveryDestinationName": { + "markdownDescription": "", + "title": "DeliveryDestinationName", "type": "string" }, - "Longitude": { - "markdownDescription": "The longitude.", - "title": "Longitude", - "type": "string" + "DeliveryDestinationPolicy": { + "markdownDescription": "", + "title": "DeliveryDestinationPolicy", + "type": "object" } }, "type": "object" }, - "AWS::NetworkManager::GlobalNetwork": { + "AWS::Logs::DeliverySource": { "additionalProperties": false, "properties": { "Condition": { @@ -168755,35 +177127,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CreatedAt": { - "markdownDescription": "The date and time that the global network was created.", - "title": "CreatedAt", + "LogType": { + "markdownDescription": "The type of log that the source is sending. For valid values for this parameter, see the documentation for the source service.", + "title": "LogType", "type": "string" }, - "Description": { - "markdownDescription": "A description of the global network.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", + "Name": { + "markdownDescription": "The unique name of the delivery source.", + "title": "Name", "type": "string" }, - "State": { - "markdownDescription": "The state of the global network.", - "title": "State", + "ResourceArn": { + "markdownDescription": "The ARN of the AWS resource that is generating and sending logs. For example, `arn:aws:workmail:us-east-1:123456789012:organization/m-1234EXAMPLEabcd1234abcd1234abcd1234`", + "title": "ResourceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags for the global network.", + "markdownDescription": "An array of key-value pairs to apply to the delivery source.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::GlobalNetwork" + "AWS::Logs::DeliverySource" ], "type": "string" }, @@ -168797,11 +177172,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::NetworkManager::Link": { + "AWS::Logs::Destination": { "additionalProperties": false, "properties": { "Condition": { @@ -168836,55 +177212,37 @@ "Properties": { "additionalProperties": false, "properties": { - "Bandwidth": { - "$ref": "#/definitions/AWS::NetworkManager::Link.Bandwidth", - "markdownDescription": "The bandwidth for the link.", - "title": "Bandwidth" - }, - "Description": { - "markdownDescription": "A description of the link.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "DestinationName": { + "markdownDescription": "The name of the destination.", + "title": "DestinationName", "type": "string" }, - "Provider": { - "markdownDescription": "The provider of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", - "title": "Provider", + "DestinationPolicy": { + "markdownDescription": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination.", + "title": "DestinationPolicy", "type": "string" }, - "SiteId": { - "markdownDescription": "The ID of the site.", - "title": "SiteId", + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource.", + "title": "RoleArn", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the link.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", - "title": "Type", + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the physical target where the log events are delivered (for example, a Kinesis stream).", + "title": "TargetArn", "type": "string" } }, "required": [ - "Bandwidth", - "GlobalNetworkId", - "SiteId" + "DestinationName", + "RoleArn", + "TargetArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::Link" + "AWS::Logs::Destination" ], "type": "string" }, @@ -168903,23 +177261,7 @@ ], "type": "object" }, - "AWS::NetworkManager::Link.Bandwidth": { - "additionalProperties": false, - "properties": { - "DownloadSpeed": { - "markdownDescription": "Download speed in Mbps.", - "title": "DownloadSpeed", - "type": "number" - }, - "UploadSpeed": { - "markdownDescription": "Upload speed in Mbps.", - "title": "UploadSpeed", - "type": "number" - } - }, - "type": "object" - }, - "AWS::NetworkManager::LinkAssociation": { + "AWS::Logs::Integration": { "additionalProperties": false, "properties": { "Condition": { @@ -168954,32 +177296,32 @@ "Properties": { "additionalProperties": false, "properties": { - "DeviceId": { - "markdownDescription": "The device ID for the link association.", - "title": "DeviceId", + "IntegrationName": { + "markdownDescription": "The name of this integration.", + "title": "IntegrationName", "type": "string" }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "IntegrationType": { + "markdownDescription": "The type of integration. Integrations with OpenSearch Service have the type `OPENSEARCH` .", + "title": "IntegrationType", "type": "string" }, - "LinkId": { - "markdownDescription": "The ID of the link.", - "title": "LinkId", - "type": "string" + "ResourceConfig": { + "$ref": "#/definitions/AWS::Logs::Integration.ResourceConfig", + "markdownDescription": "This structure contains configuration details about an integration between CloudWatch Logs and another entity.", + "title": "ResourceConfig" } }, "required": [ - "DeviceId", - "GlobalNetworkId", - "LinkId" + "IntegrationName", + "IntegrationType", + "ResourceConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::LinkAssociation" + "AWS::Logs::Integration" ], "type": "string" }, @@ -168998,113 +177340,56 @@ ], "type": "object" }, - "AWS::NetworkManager::Site": { + "AWS::Logs::Integration.OpenSearchResourceConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ApplicationARN": { + "markdownDescription": "If you want to use an existing OpenSearch Service application for your integration with OpenSearch Service, specify it here. If you omit this, a new application will be created.", + "title": "ApplicationARN", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of your site.\n\nConstraints: Maximum length of 256 characters.", - "title": "Description", - "type": "string" - }, - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", - "type": "string" - }, - "Location": { - "$ref": "#/definitions/AWS::NetworkManager::Site.Location", - "markdownDescription": "The site location. This information is used for visualization in the Network Manager console. If you specify the address, the latitude and longitude are automatically calculated.\n\n- `Address` : The physical address of the site.\n- `Latitude` : The latitude of the site.\n- `Longitude` : The longitude of the site.", - "title": "Location" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the site.", - "title": "Tags", - "type": "array" - } + "DashboardViewerPrincipals": { + "items": { + "type": "string" }, - "required": [ - "GlobalNetworkId" - ], - "type": "object" + "markdownDescription": "Specify the ARNs of IAM roles and IAM users who you want to grant permission to for viewing the dashboards.\n\n> In addition to specifying these users here, you must also grant them the *CloudWatchOpenSearchDashboardAccess* IAM policy. For more information, see [IAM policies for users](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/OpenSearch-Dashboards-UserRoles.html) .", + "title": "DashboardViewerPrincipals", + "type": "array" }, - "Type": { - "enum": [ - "AWS::NetworkManager::Site" - ], + "DataSourceRoleArn": { + "markdownDescription": "Specify the ARN of an IAM role that CloudWatch Logs will use to create the integration. This role must have the permissions necessary to access the OpenSearch Service collection to be able to create the dashboards. For more information about the permissions needed, see [Permissions that the integration needs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/OpenSearch-Dashboards-CreateRole.html) in the CloudWatch Logs User Guide.", + "title": "DataSourceRoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KmsKeyArn": { + "markdownDescription": "To have the vended dashboard data encrypted with AWS KMS instead of the CloudWatch Logs default encryption method, specify the ARN of the AWS KMS key that you want to use.", + "title": "KmsKeyArn", "type": "string" + }, + "RetentionDays": { + "markdownDescription": "Specify how many days that you want the data derived by OpenSearch Service to be retained in the index that the dashboard refers to. This also sets the maximum time period that you can choose when viewing data in the dashboard. Choosing a longer time frame will incur additional costs.", + "title": "RetentionDays", + "type": "number" } }, "required": [ - "Type", - "Properties" + "DashboardViewerPrincipals", + "DataSourceRoleArn" ], "type": "object" }, - "AWS::NetworkManager::Site.Location": { + "AWS::Logs::Integration.ResourceConfig": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The physical address.", - "title": "Address", - "type": "string" - }, - "Latitude": { - "markdownDescription": "The latitude.", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "The longitude.", - "title": "Longitude", - "type": "string" + "OpenSearchResourceConfig": { + "$ref": "#/definitions/AWS::Logs::Integration.OpenSearchResourceConfig", + "markdownDescription": "This structure contains configuration details about an integration between CloudWatch Logs and OpenSearch Service.", + "title": "OpenSearchResourceConfig" } }, "type": "object" }, - "AWS::NetworkManager::SiteToSiteVpnAttachment": { + "AWS::Logs::LogAnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -169139,39 +177424,50 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "", - "title": "CoreNetworkId", + "AccountId": { + "markdownDescription": "The ID of the account to create the anomaly detector in.", + "title": "AccountId", "type": "string" }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" + "AnomalyVisibilityTime": { + "markdownDescription": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly.", + "title": "AnomalyVisibilityTime", + "type": "number" }, - "Tags": { + "DetectorName": { + "markdownDescription": "A name for this anomaly detector.", + "title": "DetectorName", + "type": "string" + }, + "EvaluationFrequency": { + "markdownDescription": "Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for `EvaluationFrequency` .", + "title": "EvaluationFrequency", + "type": "string" + }, + "FilterPattern": { + "markdownDescription": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds.\n\nFor more information about using a AWS KMS key and to see the required IAM policy, see [Use a AWS KMS key with an anomaly detector](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/LogsAnomalyDetection-KMS.html) .", + "title": "KmsKeyId", + "type": "string" + }, + "LogGroupArnList": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "The tags associated with the Site-to-Site VPN attachment.", - "title": "Tags", + "markdownDescription": "The ARN of the log group that is associated with this anomaly detector. You can specify only one log group ARN.", + "title": "LogGroupArnList", "type": "array" - }, - "VpnConnectionArn": { - "markdownDescription": "The ARN of the site-to-site VPN attachment.", - "title": "VpnConnectionArn", - "type": "string" } }, - "required": [ - "CoreNetworkId", - "VpnConnectionArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::SiteToSiteVpnAttachment" + "AWS::Logs::LogAnomalyDetector" ], "type": "string" }, @@ -169185,36 +177481,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange": { - "additionalProperties": false, - "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::TransitGatewayPeering": { + "AWS::Logs::LogGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -169249,34 +177520,53 @@ "Properties": { "additionalProperties": false, "properties": { - "CoreNetworkId": { - "markdownDescription": "The ID of the core network.", - "title": "CoreNetworkId", + "DataProtectionPolicy": { + "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n\nFor more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html) .", + "title": "DataProtectionPolicy", + "type": "object" + }, + "FieldIndexPolicies": { + "items": { + "type": "object" + }, + "markdownDescription": "Creates or updates a *field index policy* for the specified log group. Only log groups in the Standard log class support field index policies. For more information about log classes, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html) .\n\nYou can use field index policies to create *field indexes* on fields found in log events in the log group. Creating field indexes lowers the costs for CloudWatch Logs Insights queries that reference those field indexes, because these queries attempt to skip the processing of log events that are known to not match the indexed field. Good fields to index are fields that you often need to query for and fields that have high cardinality of values Common examples of indexes include request ID, session ID, userID, and instance IDs. For more information, see [Create field indexes to improve query performance and reduce costs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html) .\n\nCurrently, this array supports only one field index policy object.", + "title": "FieldIndexPolicies", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use when encrypting log data.\n\nTo associate an AWS KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs . This enables CloudWatch Logs to decrypt this data whenever it is requested.\n\nIf you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an `InvalidParameterException` error.\n\nLog group data is always encrypted in CloudWatch Logs . If you omit this key, the encryption does not use AWS KMS . For more information, see [Encrypt log data in CloudWatch Logs using AWS Key Management Service](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)", + "title": "KmsKeyId", + "type": "string" + }, + "LogGroupClass": { + "markdownDescription": "Specifies the log group class for this log group. There are two classes:\n\n- The `Standard` log class supports all CloudWatch Logs features.\n- The `Infrequent Access` log class supports a subset of CloudWatch Logs features and incurs lower costs.\n\nFor details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)", + "title": "LogGroupClass", "type": "string" }, + "LogGroupName": { + "markdownDescription": "The name of the log group. If you don't specify a name, AWS CloudFormation generates a unique ID for the log group.", + "title": "LogGroupName", + "type": "string" + }, + "RetentionInDays": { + "markdownDescription": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n\nTo set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html) .", + "title": "RetentionInDays", + "type": "number" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value tags associated with the peering.", + "markdownDescription": "An array of key-value pairs to apply to the log group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "TransitGatewayArn": { - "markdownDescription": "The ARN of the transit gateway.", - "title": "TransitGatewayArn", - "type": "string" } }, - "required": [ - "CoreNetworkId", - "TransitGatewayArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::TransitGatewayPeering" + "AWS::Logs::LogGroup" ], "type": "string" }, @@ -169290,12 +177580,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRegistration": { + "AWS::Logs::LogStream": { "additionalProperties": false, "properties": { "Condition": { @@ -169330,26 +177619,25 @@ "Properties": { "additionalProperties": false, "properties": { - "GlobalNetworkId": { - "markdownDescription": "The ID of the global network.", - "title": "GlobalNetworkId", + "LogGroupName": { + "markdownDescription": "The name of the log group where the log stream is created.", + "title": "LogGroupName", "type": "string" }, - "TransitGatewayArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the transit gateway.", - "title": "TransitGatewayArn", + "LogStreamName": { + "markdownDescription": "The name of the log stream. The name must be unique within the log group.", + "title": "LogStreamName", "type": "string" } }, "required": [ - "GlobalNetworkId", - "TransitGatewayArn" + "LogGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::TransitGatewayRegistration" + "AWS::Logs::LogStream" ], "type": "string" }, @@ -169368,7 +177656,7 @@ ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRouteTableAttachment": { + "AWS::Logs::MetricFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -169403,39 +177691,45 @@ "Properties": { "additionalProperties": false, "properties": { - "PeeringId": { - "markdownDescription": "The ID of the transit gateway peering.", - "title": "PeeringId", + "ApplyOnTransformedLogs": { + "markdownDescription": "This parameter is valid only for log groups that have an active log transformer. For more information about log transformers, see [PutTransformer](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html) .\n\nIf this value is `true` , the metric filter is applied on the transformed version of the log events instead of the original ingested log events.", + "title": "ApplyOnTransformedLogs", + "type": "boolean" + }, + "FilterName": { + "markdownDescription": "The name of the metric filter.", + "title": "FilterName", "type": "string" }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange", - "markdownDescription": "This property is read-only. Values can't be assigned to it.", - "title": "ProposedSegmentChange" + "FilterPattern": { + "markdownDescription": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", + "type": "string" }, - "Tags": { + "LogGroupName": { + "markdownDescription": "The name of an existing log group that you want to associate with this metric filter.", + "title": "LogGroupName", + "type": "string" + }, + "MetricTransformations": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Logs::MetricFilter.MetricTransformation" }, - "markdownDescription": "The list of key-value pairs associated with the transit gateway route table attachment.", - "title": "Tags", + "markdownDescription": "The metric transformations.", + "title": "MetricTransformations", "type": "array" - }, - "TransitGatewayRouteTableArn": { - "markdownDescription": "The ARN of the transit gateway attachment route table. For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` .", - "title": "TransitGatewayRouteTableArn", - "type": "string" } }, "required": [ - "PeeringId", - "TransitGatewayRouteTableArn" + "FilterPattern", + "LogGroupName", + "MetricTransformations" ], "type": "object" }, "Type": { "enum": [ - "AWS::NetworkManager::TransitGatewayRouteTableAttachment" + "AWS::Logs::MetricFilter" ], "type": "string" }, @@ -169454,171 +177748,71 @@ ], "type": "object" }, - "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { - "additionalProperties": false, - "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", - "type": "number" - }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::VpcAttachment": { + "AWS::Logs::MetricFilter.Dimension": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CoreNetworkId": { - "markdownDescription": "The core network ID.", - "title": "CoreNetworkId", - "type": "string" - }, - "Options": { - "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.VpcOptions", - "markdownDescription": "Options for creating the VPC attachment.", - "title": "Options" - }, - "ProposedSegmentChange": { - "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedSegmentChange", - "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", - "title": "ProposedSegmentChange" - }, - "SubnetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The subnet ARNs.", - "title": "SubnetArns", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the VPC attachment.", - "title": "Tags", - "type": "array" - }, - "VpcArn": { - "markdownDescription": "The ARN of the VPC attachment.", - "title": "VpcArn", - "type": "string" - } - }, - "required": [ - "CoreNetworkId", - "SubnetArns", - "VpcArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::NetworkManager::VpcAttachment" - ], + "Key": { + "markdownDescription": "The name for the CloudWatch metric dimension that the metric filter creates.\n\nDimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:).", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, `$.eventType` for JSON log events, or `$server` for space-delimited log events.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key", + "Value" ], "type": "object" }, - "AWS::NetworkManager::VpcAttachment.ProposedSegmentChange": { + "AWS::Logs::MetricFilter.MetricTransformation": { "additionalProperties": false, "properties": { - "AttachmentPolicyRuleNumber": { - "markdownDescription": "The rule number in the policy document that applies to this change.", - "title": "AttachmentPolicyRuleNumber", + "DefaultValue": { + "markdownDescription": "(Optional) The value to emit when a filter pattern does not match a log event. This value can be null.", + "title": "DefaultValue", "type": "number" }, - "SegmentName": { - "markdownDescription": "The name of the segment to change.", - "title": "SegmentName", - "type": "string" - }, - "Tags": { + "Dimensions": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Logs::MetricFilter.Dimension" }, - "markdownDescription": "The list of key-value tags that changed for the segment.", - "title": "Tags", + "markdownDescription": "The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.\n\n> Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as `IPAddress` or `requestID` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric.\n> \n> CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.\n> \n> You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated AWS Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html) .", + "title": "Dimensions", "type": "array" - } - }, - "type": "object" - }, - "AWS::NetworkManager::VpcAttachment.VpcOptions": { - "additionalProperties": false, - "properties": { - "ApplianceModeSupport": { - "markdownDescription": "Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is `false` .", - "title": "ApplianceModeSupport", - "type": "boolean" }, - "Ipv6Support": { - "markdownDescription": "Indicates whether IPv6 is supported.", - "title": "Ipv6Support", - "type": "boolean" + "MetricName": { + "markdownDescription": "The name of the CloudWatch metric.", + "title": "MetricName", + "type": "string" + }, + "MetricNamespace": { + "markdownDescription": "A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", + "title": "MetricNamespace", + "type": "string" + }, + "MetricValue": { + "markdownDescription": "The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like `Error` , specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as `$.size` .", + "title": "MetricValue", + "type": "string" + }, + "Unit": { + "markdownDescription": "The unit to assign to the metric. If you omit this, the unit is set as `None` .", + "title": "Unit", + "type": "string" } }, + "required": [ + "MetricName", + "MetricNamespace", + "MetricValue" + ], "type": "object" }, - "AWS::NimbleStudio::LaunchProfile": { + "AWS::Logs::QueryDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -169653,59 +177847,39 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "type": "string" - }, - "Ec2SubnetIds": { - "items": { - "type": "string" - }, - "type": "array" - }, - "LaunchProfileProtocolVersions": { + "LogGroupNames": { "items": { "type": "string" }, + "markdownDescription": "Use this parameter if you want the query to query only certain log groups.", + "title": "LogGroupNames", "type": "array" }, "Name": { + "markdownDescription": "A name for the query definition.\n\n> You can use the name to create a folder structure for your queries. To create a folder, use a forward slash (/) to prefix your desired query name with your desired folder name. For example, `*folder-name* / *query-name*` .", + "title": "Name", "type": "string" }, - "StreamConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfiguration" - }, - "StudioComponentIds": { - "items": { - "type": "string" - }, - "type": "array" - }, - "StudioId": { + "QueryLanguage": { + "markdownDescription": "The query language used for this query. For more information about the query languages that CloudWatch Logs supports, see [Supported query languages](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData_Languages.html) .", + "title": "QueryLanguage", "type": "string" }, - "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "type": "object" + "QueryString": { + "markdownDescription": "The query string to use for this query definition. For more information, see [CloudWatch Logs Insights Query Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html) .", + "title": "QueryString", + "type": "string" } }, "required": [ - "Ec2SubnetIds", - "LaunchProfileProtocolVersions", "Name", - "StreamConfiguration", - "StudioComponentIds", - "StudioId" + "QueryString" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::LaunchProfile" + "AWS::Logs::QueryDefinition" ], "type": "string" }, @@ -169724,111 +177898,7 @@ ], "type": "object" }, - "AWS::NimbleStudio::LaunchProfile.StreamConfiguration": { - "additionalProperties": false, - "properties": { - "AutomaticTerminationMode": { - "type": "string" - }, - "ClipboardMode": { - "type": "string" - }, - "Ec2InstanceTypes": { - "items": { - "type": "string" - }, - "type": "array" - }, - "MaxSessionLengthInMinutes": { - "type": "number" - }, - "MaxStoppedSessionLengthInMinutes": { - "type": "number" - }, - "SessionBackup": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionBackup" - }, - "SessionPersistenceMode": { - "type": "string" - }, - "SessionStorage": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage" - }, - "StreamingImageIds": { - "items": { - "type": "string" - }, - "type": "array" - }, - "VolumeConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.VolumeConfiguration" - } - }, - "required": [ - "ClipboardMode", - "Ec2InstanceTypes", - "StreamingImageIds" - ], - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionBackup": { - "additionalProperties": false, - "properties": { - "MaxBackupsToRetain": { - "type": "number" - }, - "Mode": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage": { - "additionalProperties": false, - "properties": { - "Mode": { - "items": { - "type": "string" - }, - "type": "array" - }, - "Root": { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamingSessionStorageRoot" - } - }, - "required": [ - "Mode" - ], - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.StreamingSessionStorageRoot": { - "additionalProperties": false, - "properties": { - "Linux": { - "type": "string" - }, - "Windows": { - "type": "string" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::LaunchProfile.VolumeConfiguration": { - "additionalProperties": false, - "properties": { - "Iops": { - "type": "number" - }, - "Size": { - "type": "number" - }, - "Throughput": { - "type": "number" - } - }, - "type": "object" - }, - "AWS::NimbleStudio::StreamingImage": { + "AWS::Logs::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -169863,38 +177933,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "type": "string" - }, - "Ec2ImageId": { - "type": "string" - }, - "Name": { + "PolicyDocument": { + "markdownDescription": "The details of the policy. It must be formatted in JSON, and you must use backslashes to escape characters that need to be escaped in JSON strings, such as double quote marks.", + "title": "PolicyDocument", "type": "string" }, - "StudioId": { + "PolicyName": { + "markdownDescription": "The name of the resource policy.", + "title": "PolicyName", "type": "string" - }, - "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "type": "object" } }, "required": [ - "Ec2ImageId", - "Name", - "StudioId" + "PolicyDocument", + "PolicyName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::StreamingImage" + "AWS::Logs::ResourcePolicy" ], "type": "string" }, @@ -169913,22 +177971,7 @@ ], "type": "object" }, - "AWS::NimbleStudio::StreamingImage.StreamingImageEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "type": "string" - }, - "KeyType": { - "type": "string" - } - }, - "required": [ - "KeyType" - ], - "type": "object" - }, - "AWS::NimbleStudio::Studio": { + "AWS::Logs::SubscriptionFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -169963,42 +178006,52 @@ "Properties": { "additionalProperties": false, "properties": { - "AdminRoleArn": { + "ApplyOnTransformedLogs": { + "markdownDescription": "This parameter is valid only for log groups that have an active log transformer. For more information about log transformers, see [PutTransformer](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html) .\n\nIf this value is `true` , the subscription filter is applied on the transformed version of the log events instead of the original ingested log events.", + "title": "ApplyOnTransformedLogs", + "type": "boolean" + }, + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination.", + "title": "DestinationArn", "type": "string" }, - "DisplayName": { + "Distribution": { + "markdownDescription": "The method used to distribute log data to the destination, which can be either random or grouped by log stream.", + "title": "Distribution", "type": "string" }, - "StudioEncryptionConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::Studio.StudioEncryptionConfiguration" + "FilterName": { + "markdownDescription": "The name of the subscription filter.", + "title": "FilterName", + "type": "string" }, - "StudioName": { + "FilterPattern": { + "markdownDescription": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", + "title": "FilterPattern", "type": "string" }, - "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "type": "object" + "LogGroupName": { + "markdownDescription": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", + "title": "LogGroupName", + "type": "string" }, - "UserRoleArn": { + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.", + "title": "RoleArn", "type": "string" } }, "required": [ - "AdminRoleArn", - "DisplayName", - "StudioName", - "UserRoleArn" + "DestinationArn", + "FilterPattern", + "LogGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::Studio" + "AWS::Logs::SubscriptionFilter" ], "type": "string" }, @@ -170017,22 +178070,7 @@ ], "type": "object" }, - "AWS::NimbleStudio::Studio.StudioEncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "KeyArn": { - "type": "string" - }, - "KeyType": { - "type": "string" - } - }, - "required": [ - "KeyType" - ], - "type": "object" - }, - "AWS::NimbleStudio::StudioComponent": { + "AWS::Logs::Transformer": { "additionalProperties": false, "properties": { "Condition": { @@ -170067,62 +178105,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.StudioComponentConfiguration" - }, - "Description": { - "type": "string" - }, - "Ec2SecurityGroupIds": { - "items": { - "type": "string" - }, - "type": "array" - }, - "InitializationScripts": { - "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.StudioComponentInitializationScript" - }, - "type": "array" - }, - "Name": { + "LogGroupIdentifier": { + "markdownDescription": "Specify either the name or ARN of the log group to create the transformer for.", + "title": "LogGroupIdentifier", "type": "string" }, - "ScriptParameters": { + "TransformerConfig": { "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ScriptParameterKeyValue" + "$ref": "#/definitions/AWS::Logs::Transformer.Processor" }, + "markdownDescription": "This structure is an array that contains the configuration of this log transformer. A log transformer is an array of processors, where each processor applies one type of transformation to the log events that are ingested.", + "title": "TransformerConfig", "type": "array" - }, - "StudioId": { - "type": "string" - }, - "Subtype": { - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "type": "string" } }, "required": [ - "Name", - "StudioId", - "Type" + "LogGroupIdentifier", + "TransformerConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::NimbleStudio::StudioComponent" + "AWS::Logs::Transformer" ], "type": "string" }, @@ -170141,839 +178146,755 @@ ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent.ActiveDirectoryComputerAttribute": { + "AWS::Logs::Transformer.AddKeyEntry": { "additionalProperties": false, "properties": { - "Name": { + "Key": { + "markdownDescription": "The key of the new entry to be added to the log event", + "title": "Key", "type": "string" }, + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the key already exists in the log event. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" + }, "Value": { + "markdownDescription": "The value of the new entry to be added to the log event", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent.ActiveDirectoryConfiguration": { + "AWS::Logs::Transformer.AddKeys": { "additionalProperties": false, "properties": { - "ComputerAttributes": { + "Entries": { "items": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ActiveDirectoryComputerAttribute" + "$ref": "#/definitions/AWS::Logs::Transformer.AddKeyEntry" }, + "markdownDescription": "An array of objects, where each object contains the information about one key to add to the log event.", + "title": "Entries", "type": "array" - }, - "DirectoryId": { - "type": "string" - }, - "OrganizationalUnitDistinguishedName": { - "type": "string" } }, + "required": [ + "Entries" + ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent.ComputeFarmConfiguration": { + "AWS::Logs::Transformer.CopyValue": { "additionalProperties": false, "properties": { - "ActiveDirectoryUser": { - "type": "string" - }, - "Endpoint": { - "type": "string" + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.CopyValueEntry" + }, + "markdownDescription": "An array of `CopyValueEntry` objects, where each object contains the information about one field value to copy.", + "title": "Entries", + "type": "array" } }, + "required": [ + "Entries" + ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent.LicenseServiceConfiguration": { + "AWS::Logs::Transformer.CopyValueEntry": { "additionalProperties": false, "properties": { - "Endpoint": { + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" + }, + "Source": { + "markdownDescription": "The key to copy.", + "title": "Source", + "type": "string" + }, + "Target": { + "markdownDescription": "The key of the field to copy the value to.", + "title": "Target", "type": "string" } }, + "required": [ + "Source", + "Target" + ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent.ScriptParameterKeyValue": { + "AWS::Logs::Transformer.Csv": { "additionalProperties": false, "properties": { - "Key": { + "Columns": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of names to use for the columns in the transformed log event.\n\nIf you omit this, default column names ( `[column_1, column_2 ...]` ) are used.", + "title": "Columns", + "type": "array" + }, + "Delimiter": { + "markdownDescription": "The character used to separate each column in the original comma-separated value log event. If you omit this, the processor looks for the comma `,` character as the delimiter.", + "title": "Delimiter", "type": "string" }, - "Value": { + "QuoteCharacter": { + "markdownDescription": "The character used used as a text qualifier for a single column of data. If you omit this, the double quotation mark `\"` character is used.", + "title": "QuoteCharacter", + "type": "string" + }, + "Source": { + "markdownDescription": "The path to the field in the log event that has the comma separated values to be parsed. If you omit this value, the whole log message is processed.", + "title": "Source", "type": "string" } }, "type": "object" }, - "AWS::NimbleStudio::StudioComponent.SharedFileSystemConfiguration": { + "AWS::Logs::Transformer.DateTimeConverter": { "additionalProperties": false, "properties": { - "Endpoint": { + "Locale": { + "markdownDescription": "The locale of the source field. If you omit this, the default of `locale.ROOT` is used.", + "title": "Locale", "type": "string" }, - "FileSystemId": { + "MatchPatterns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of patterns to match against the `source` field.", + "title": "MatchPatterns", + "type": "array" + }, + "Source": { + "markdownDescription": "The key to apply the date conversion to.", + "title": "Source", "type": "string" }, - "LinuxMountPoint": { + "SourceTimezone": { + "markdownDescription": "The time zone of the source field. If you omit this, the default used is the UTC zone.", + "title": "SourceTimezone", "type": "string" }, - "ShareName": { + "Target": { + "markdownDescription": "The JSON field to store the result in.", + "title": "Target", + "type": "string" + }, + "TargetFormat": { + "markdownDescription": "The datetime format to use for the converted data in the target field.\n\nIf you omit this, the default of `yyyy-MM-dd'T'HH:mm:ss.SSS'Z` is used.", + "title": "TargetFormat", "type": "string" }, - "WindowsMountDrive": { + "TargetTimezone": { + "markdownDescription": "The time zone of the target field. If you omit this, the default used is the UTC zone.", + "title": "TargetTimezone", "type": "string" } }, + "required": [ + "MatchPatterns", + "Source", + "Target" + ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent.StudioComponentConfiguration": { + "AWS::Logs::Transformer.DeleteKeys": { "additionalProperties": false, "properties": { - "ActiveDirectoryConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ActiveDirectoryConfiguration" - }, - "ComputeFarmConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ComputeFarmConfiguration" - }, - "LicenseServiceConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.LicenseServiceConfiguration" - }, - "SharedFileSystemConfiguration": { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.SharedFileSystemConfiguration" + "WithKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of keys to delete.", + "title": "WithKeys", + "type": "array" } }, + "required": [ + "WithKeys" + ], "type": "object" }, - "AWS::NimbleStudio::StudioComponent.StudioComponentInitializationScript": { + "AWS::Logs::Transformer.Grok": { "additionalProperties": false, "properties": { - "LaunchProfileProtocolVersion": { - "type": "string" - }, - "Platform": { - "type": "string" - }, - "RunContext": { + "Match": { + "markdownDescription": "The grok pattern to match against the log event. For a list of supported grok patterns, see [Supported grok patterns](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#Grok-Patterns) .", + "title": "Match", "type": "string" }, - "Script": { + "Source": { + "markdownDescription": "The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.", + "title": "Source", "type": "string" } }, + "required": [ + "Match" + ], "type": "object" }, - "AWS::OSIS::Pipeline": { + "AWS::Logs::Transformer.ListToMap": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Flatten": { + "markdownDescription": "A Boolean value to indicate whether the list will be flattened into single items. Specify `true` to flatten the list. The default is `false`", + "title": "Flatten", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FlattenedElement": { + "markdownDescription": "If you set `flatten` to `true` , use `flattenedElement` to specify which element, `first` or `last` , to keep.\n\nYou must specify this parameter if `flatten` is `true`", + "title": "FlattenedElement", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Key": { + "markdownDescription": "The key of the field to be extracted as keys in the generated map", + "title": "Key", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BufferOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.BufferOptions", - "markdownDescription": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) .", - "title": "BufferOptions" - }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.EncryptionAtRestOptions", - "markdownDescription": "Options to control how OpenSearch encrypts buffer data.", - "title": "EncryptionAtRestOptions" - }, - "LogPublishingOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.LogPublishingOptions", - "markdownDescription": "Key-value pairs that represent log publishing settings.", - "title": "LogPublishingOptions" - }, - "MaxUnits": { - "markdownDescription": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).", - "title": "MaxUnits", - "type": "number" - }, - "MinUnits": { - "markdownDescription": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).", - "title": "MinUnits", - "type": "number" - }, - "PipelineConfigurationBody": { - "markdownDescription": "The Data Prepper pipeline configuration in YAML format.", - "title": "PipelineConfigurationBody", - "type": "string" - }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "List of tags to add to the pipeline upon creation.", - "title": "Tags", - "type": "array" - }, - "VpcOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", - "markdownDescription": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint.", - "title": "VpcOptions" - } - }, - "required": [ - "MaxUnits", - "MinUnits", - "PipelineConfigurationBody", - "PipelineName" - ], - "type": "object" + "Source": { + "markdownDescription": "The key in the log event that has a list of objects that will be converted to a map.", + "title": "Source", + "type": "string" }, - "Type": { - "enum": [ - "AWS::OSIS::Pipeline" - ], + "Target": { + "markdownDescription": "The key of the field that will hold the generated map", + "title": "Target", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ValueKey": { + "markdownDescription": "If this is specified, the values that you specify in this parameter will be extracted from the `source` objects and put into the values of the generated map. Otherwise, original objects in the source list will be put into the values of the generated map.", + "title": "ValueKey", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key", + "Source" ], "type": "object" }, - "AWS::OSIS::Pipeline.BufferOptions": { + "AWS::Logs::Transformer.LowerCaseString": { "additionalProperties": false, "properties": { - "PersistentBufferEnabled": { - "markdownDescription": "Whether persistent buffering should be enabled.", - "title": "PersistentBufferEnabled", - "type": "boolean" + "WithKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The array caontaining the keys of the fields to convert to lowercase.", + "title": "WithKeys", + "type": "array" } }, "required": [ - "PersistentBufferEnabled" + "WithKeys" ], "type": "object" }, - "AWS::OSIS::Pipeline.CloudWatchLogDestination": { + "AWS::Logs::Transformer.MoveKeyEntry": { "additionalProperties": false, "properties": { - "LogGroup": { - "markdownDescription": "The name of the CloudWatch Logs group to send pipeline logs to. You can specify an existing log group or create a new one. For example, `/aws/vendedlogs/OpenSearchService/pipelines` .", - "title": "LogGroup", + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" + }, + "Source": { + "markdownDescription": "The key to move.", + "title": "Source", + "type": "string" + }, + "Target": { + "markdownDescription": "The key to move to.", + "title": "Target", "type": "string" } }, "required": [ - "LogGroup" + "Source", + "Target" ], "type": "object" }, - "AWS::OSIS::Pipeline.EncryptionAtRestOptions": { + "AWS::Logs::Transformer.MoveKeys": { "additionalProperties": false, "properties": { - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key used to encrypt buffer data. By default, data is encrypted using an AWS owned key.", - "title": "KmsKeyArn", - "type": "string" + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.MoveKeyEntry" + }, + "markdownDescription": "An array of objects, where each object contains the information about one key to move.", + "title": "Entries", + "type": "array" } }, "required": [ - "KmsKeyArn" + "Entries" ], "type": "object" }, - "AWS::OSIS::Pipeline.LogPublishingOptions": { + "AWS::Logs::Transformer.ParseCloudfront": { "additionalProperties": false, "properties": { - "CloudWatchLogDestination": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.CloudWatchLogDestination", - "markdownDescription": "The destination for OpenSearch Ingestion logs sent to Amazon CloudWatch Logs. This parameter is required if `IsLoggingEnabled` is set to `true` .", - "title": "CloudWatchLogDestination" + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseJSON": { + "additionalProperties": false, + "properties": { + "Destination": { + "markdownDescription": "The location to put the parsed key value pair into. If you omit this parameter, it is placed under the root node.", + "title": "Destination", + "type": "string" }, - "IsLoggingEnabled": { - "markdownDescription": "Whether logs should be published.", - "title": "IsLoggingEnabled", - "type": "boolean" + "Source": { + "markdownDescription": "Path to the field in the log event that will be parsed. Use dot notation to access child fields. For example, `store.book`", + "title": "Source", + "type": "string" } }, "type": "object" }, - "AWS::OSIS::Pipeline.VpcEndpoint": { + "AWS::Logs::Transformer.ParseKeyValue": { "additionalProperties": false, "properties": { - "VpcEndpointId": { - "markdownDescription": "The unique identifier of the endpoint.", - "title": "VpcEndpointId", + "Destination": { + "markdownDescription": "The destination field to put the extracted key-value pairs into", + "title": "Destination", "type": "string" }, - "VpcId": { - "markdownDescription": "The ID for your VPC. AWS PrivateLink generates this value when you create a VPC.", - "title": "VpcId", + "FieldDelimiter": { + "markdownDescription": "The field delimiter string that is used between key-value pairs in the original log events. If you omit this, the ampersand `&` character is used.", + "title": "FieldDelimiter", "type": "string" }, - "VpcOptions": { - "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", - "markdownDescription": "Information about the VPC, including associated subnets and security groups.", - "title": "VpcOptions" + "KeyPrefix": { + "markdownDescription": "If you want to add a prefix to all transformed keys, specify it here.", + "title": "KeyPrefix", + "type": "string" + }, + "KeyValueDelimiter": { + "markdownDescription": "The delimiter string to use between the key and value in each pair in the transformed log event.\n\nIf you omit this, the equal `=` character is used.", + "title": "KeyValueDelimiter", + "type": "string" + }, + "NonMatchValue": { + "markdownDescription": "A value to insert into the value field in the result, when a key-value pair is not successfully split.", + "title": "NonMatchValue", + "type": "string" + }, + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the value if the destination key already exists. If you omit this, the default is `false` .", + "title": "OverwriteIfExists", + "type": "boolean" + }, + "Source": { + "markdownDescription": "Path to the field in the log event that will be parsed. Use dot notation to access child fields. For example, `store.book`", + "title": "Source", + "type": "string" } }, "type": "object" }, - "AWS::OSIS::Pipeline.VpcOptions": { + "AWS::Logs::Transformer.ParsePostgres": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups associated with the VPC endpoint.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs associated with the VPC endpoint.", - "title": "SubnetIds", - "type": "array" + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" } }, - "required": [ - "SubnetIds" - ], "type": "object" }, - "AWS::Oam::Link": { + "AWS::Logs::Transformer.ParseRoute53": { "additionalProperties": false, "properties": { - "Condition": { + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.ParseToOCSF": { + "additionalProperties": false, + "properties": { + "EventSource": { + "markdownDescription": "Specify the service or process that produces the log events that will be converted with this processor.", + "title": "EventSource", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "LabelTemplate": { - "markdownDescription": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`\n\n> In the and Regions, the only supported option is to use custom labels, and the `$AccountName` , `$AccountEmail` , and `$AccountEmailNoDomain` variables all resolve as *account-id* instead of the specified variable.", - "title": "LabelTemplate", - "type": "string" - }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkConfiguration", - "markdownDescription": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account.", - "title": "LinkConfiguration" - }, - "ResourceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` .", - "title": "ResourceTypes", - "type": "array" - }, - "SinkIdentifier": { - "markdownDescription": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks.", - "title": "SinkIdentifier", - "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to the link.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "ResourceTypes", - "SinkIdentifier" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Oam::Link" - ], + "OcsfVersion": { + "markdownDescription": "Specify which version of the OCSF schema to use for the transformed log events.", + "title": "OcsfVersion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Source": { + "markdownDescription": "The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.", + "title": "Source", "type": "string" } }, "required": [ - "Type", - "Properties" + "EventSource", + "OcsfVersion" ], "type": "object" }, - "AWS::Oam::Link.LinkConfiguration": { + "AWS::Logs::Transformer.ParseVPC": { "additionalProperties": false, "properties": { - "LogGroupConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", - "markdownDescription": "Use this structure to filter which log groups are to share log events from this source account to the monitoring account.", - "title": "LogGroupConfiguration" - }, - "MetricConfiguration": { - "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", - "markdownDescription": "Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account.", - "title": "MetricConfiguration" + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", + "type": "string" } }, "type": "object" }, - "AWS::Oam::Link.LinkFilter": { + "AWS::Logs::Transformer.ParseWAF": { "additionalProperties": false, "properties": { - "Filter": { - "markdownDescription": "When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account\n\nWhen used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.\n\nUse single quotation marks (') around log group names and metric namespaces.\n\nThe matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .\n\n- `=` and `!=`\n- `AND`\n- `OR`\n- `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.\n- `IN` and `NOT IN` , using parentheses `( )`\n\nExamples:\n\n- `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.\n- `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.\n- `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.\n- `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .\n- `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .\n- `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .\n\n> If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account.", - "title": "Filter", + "Source": { + "markdownDescription": "Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` .", + "title": "Source", "type": "string" } }, - "required": [ - "Filter" - ], "type": "object" }, - "AWS::Oam::Sink": { + "AWS::Logs::Transformer.Processor": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AddKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.AddKeys", + "markdownDescription": "Use this parameter to include the [addKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-addKeys) processor in your transformer.", + "title": "AddKeys" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CopyValue": { + "$ref": "#/definitions/AWS::Logs::Transformer.CopyValue", + "markdownDescription": "Use this parameter to include the [copyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-copyValue) processor in your transformer.", + "title": "CopyValue" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Csv": { + "$ref": "#/definitions/AWS::Logs::Transformer.Csv", + "markdownDescription": "Use this parameter to include the [CSV](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-CSV) processor in your transformer.", + "title": "Csv" }, - "Metadata": { - "type": "object" + "DateTimeConverter": { + "$ref": "#/definitions/AWS::Logs::Transformer.DateTimeConverter", + "markdownDescription": "Use this parameter to include the [datetimeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-datetimeConverter) processor in your transformer.", + "title": "DateTimeConverter" + }, + "DeleteKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.DeleteKeys", + "markdownDescription": "Use this parameter to include the [deleteKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-deleteKeys) processor in your transformer.", + "title": "DeleteKeys" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A name for the sink.", - "title": "Name", - "type": "string" - }, - "Policy": { - "markdownDescription": "The IAM policy that grants permissions to source accounts to link to this sink. The policy can grant permission in the following ways:\n\n- Include organization IDs or organization paths to permit all accounts in an organization\n- Include account IDs to permit the specified accounts", - "title": "Policy", - "type": "object" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to the sink.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "Name" - ], - "type": "object" + "Grok": { + "$ref": "#/definitions/AWS::Logs::Transformer.Grok", + "markdownDescription": "Use this parameter to include the [grok](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-grok) processor in your transformer.", + "title": "Grok" }, - "Type": { - "enum": [ - "AWS::Oam::Sink" - ], + "ListToMap": { + "$ref": "#/definitions/AWS::Logs::Transformer.ListToMap", + "markdownDescription": "Use this parameter to include the [listToMap](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-listToMap) processor in your transformer.", + "title": "ListToMap" + }, + "LowerCaseString": { + "$ref": "#/definitions/AWS::Logs::Transformer.LowerCaseString", + "markdownDescription": "Use this parameter to include the [lowerCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-lowerCaseString) processor in your transformer.", + "title": "LowerCaseString" + }, + "MoveKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.MoveKeys", + "markdownDescription": "Use this parameter to include the [moveKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-moveKeys) processor in your transformer.", + "title": "MoveKeys" + }, + "ParseCloudfront": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseCloudfront", + "markdownDescription": "Use this parameter to include the [parseCloudfront](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseCloudfront) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseCloudfront" + }, + "ParseJSON": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseJSON", + "markdownDescription": "Use this parameter to include the [parseJSON](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseJSON) processor in your transformer.", + "title": "ParseJSON" + }, + "ParseKeyValue": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseKeyValue", + "markdownDescription": "Use this parameter to include the [parseKeyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseKeyValue) processor in your transformer.", + "title": "ParseKeyValue" + }, + "ParsePostgres": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParsePostgres", + "markdownDescription": "Use this parameter to include the [parsePostGres](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parsePostGres) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParsePostgres" + }, + "ParseRoute53": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseRoute53", + "markdownDescription": "Use this parameter to include the [parseRoute53](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseRoute53) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseRoute53" + }, + "ParseToOCSF": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseToOCSF", + "markdownDescription": "Use this parameter to convert logs into Open Cybersecurity Schema (OCSF) format.", + "title": "ParseToOCSF" + }, + "ParseVPC": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseVPC", + "markdownDescription": "Use this parameter to include the [parseVPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseVPC) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseVPC" + }, + "ParseWAF": { + "$ref": "#/definitions/AWS::Logs::Transformer.ParseWAF", + "markdownDescription": "Use this parameter to include the [parseWAF](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseWAF) processor in your transformer.\n\nIf you use this processor, it must be the first processor in your transformer.", + "title": "ParseWAF" + }, + "RenameKeys": { + "$ref": "#/definitions/AWS::Logs::Transformer.RenameKeys", + "markdownDescription": "Use this parameter to include the [renameKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-renameKeys) processor in your transformer.", + "title": "RenameKeys" + }, + "SplitString": { + "$ref": "#/definitions/AWS::Logs::Transformer.SplitString", + "markdownDescription": "Use this parameter to include the [splitString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-splitString) processor in your transformer.", + "title": "SplitString" + }, + "SubstituteString": { + "$ref": "#/definitions/AWS::Logs::Transformer.SubstituteString", + "markdownDescription": "Use this parameter to include the [substituteString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-substituteString) processor in your transformer.", + "title": "SubstituteString" + }, + "TrimString": { + "$ref": "#/definitions/AWS::Logs::Transformer.TrimString", + "markdownDescription": "Use this parameter to include the [trimString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-trimString) processor in your transformer.", + "title": "TrimString" + }, + "TypeConverter": { + "$ref": "#/definitions/AWS::Logs::Transformer.TypeConverter", + "markdownDescription": "Use this parameter to include the [typeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-typeConverter) processor in your transformer.", + "title": "TypeConverter" + }, + "UpperCaseString": { + "$ref": "#/definitions/AWS::Logs::Transformer.UpperCaseString", + "markdownDescription": "Use this parameter to include the [upperCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-upperCaseString) processor in your transformer.", + "title": "UpperCaseString" + } + }, + "type": "object" + }, + "AWS::Logs::Transformer.RenameKeyEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key to rename", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OverwriteIfExists": { + "markdownDescription": "Specifies whether to overwrite the existing value if the destination key already exists. The default is `false`", + "title": "OverwriteIfExists", + "type": "boolean" + }, + "RenameTo": { + "markdownDescription": "The string to use for the new key name", + "title": "RenameTo", "type": "string" } }, "required": [ - "Type", - "Properties" + "Key", + "RenameTo" ], "type": "object" }, - "AWS::Omics::AnnotationStore": { + "AWS::Logs::Transformer.RenameKeys": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the Annotation Store.", - "title": "Name", - "type": "string" - }, - "Reference": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.ReferenceItem", - "markdownDescription": "The genome reference for the store's annotations.", - "title": "Reference" - }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.SseConfig", - "markdownDescription": "The store's server-side encryption (SSE) settings.", - "title": "SseConfig" - }, - "StoreFormat": { - "markdownDescription": "The annotation file format of the store.", - "title": "StoreFormat", - "type": "string" - }, - "StoreOptions": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.StoreOptions", - "markdownDescription": "File parsing options for the annotation store.", - "title": "StoreOptions" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.RenameKeyEntry" }, - "required": [ - "Name", - "StoreFormat" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Omics::AnnotationStore" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "An array of `RenameKeyEntry` objects, where each object contains the information about a single key to rename.", + "title": "Entries", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Entries" ], "type": "object" }, - "AWS::Omics::AnnotationStore.ReferenceItem": { + "AWS::Logs::Transformer.SplitString": { "additionalProperties": false, "properties": { - "ReferenceArn": { - "markdownDescription": "The reference's ARN.", - "title": "ReferenceArn", - "type": "string" + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.SplitStringEntry" + }, + "markdownDescription": "An array of `SplitStringEntry` objects, where each object contains the information about one field to split.", + "title": "Entries", + "type": "array" } }, "required": [ - "ReferenceArn" + "Entries" ], "type": "object" }, - "AWS::Omics::AnnotationStore.SseConfig": { + "AWS::Logs::Transformer.SplitStringEntry": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", + "Delimiter": { + "markdownDescription": "The separator characters to split the string entry on.", + "title": "Delimiter", "type": "string" }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", + "Source": { + "markdownDescription": "The key of the field to split.", + "title": "Source", "type": "string" } }, "required": [ - "Type" + "Delimiter", + "Source" ], "type": "object" }, - "AWS::Omics::AnnotationStore.StoreOptions": { + "AWS::Logs::Transformer.SubstituteString": { "additionalProperties": false, "properties": { - "TsvStoreOptions": { - "$ref": "#/definitions/AWS::Omics::AnnotationStore.TsvStoreOptions", - "markdownDescription": "Formatting options for a TSV file.", - "title": "TsvStoreOptions" + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.SubstituteStringEntry" + }, + "markdownDescription": "An array of objects, where each object contains the information about one key to match and replace.", + "title": "Entries", + "type": "array" } }, "required": [ - "TsvStoreOptions" + "Entries" ], "type": "object" }, - "AWS::Omics::AnnotationStore.TsvStoreOptions": { + "AWS::Logs::Transformer.SubstituteStringEntry": { "additionalProperties": false, "properties": { - "AnnotationType": { - "markdownDescription": "The store's annotation type.", - "title": "AnnotationType", + "From": { + "markdownDescription": "The regular expression string to be replaced. Special regex characters such as [ and ] must be escaped using \\\\ when using double quotes and with \\ when using single quotes. For more information, see [Class Pattern](https://docs.aws.amazon.com/https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/util/regex/Pattern.html) on the Oracle web site.", + "title": "From", "type": "string" }, - "FormatToHeader": { - "additionalProperties": true, - "markdownDescription": "The store's header key to column name mapping.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "FormatToHeader", - "type": "object" + "Source": { + "markdownDescription": "The key to modify", + "title": "Source", + "type": "string" }, - "Schema": { - "markdownDescription": "The schema of an annotation store.", - "title": "Schema", - "type": "object" + "To": { + "markdownDescription": "The string to be substituted for each match of `from`", + "title": "To", + "type": "string" } }, + "required": [ + "From", + "Source", + "To" + ], "type": "object" }, - "AWS::Omics::ReferenceStore": { + "AWS::Logs::Transformer.TrimString": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", - "type": "string" - }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::ReferenceStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } + "WithKeys": { + "items": { + "type": "string" }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Omics::ReferenceStore" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The array containing the keys of the fields to trim.", + "title": "WithKeys", + "type": "array" } }, "required": [ - "Type", - "Properties" + "WithKeys" ], "type": "object" }, - "AWS::Omics::ReferenceStore.SseConfig": { + "AWS::Logs::Transformer.TypeConverter": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", + "Entries": { + "items": { + "$ref": "#/definitions/AWS::Logs::Transformer.TypeConverterEntry" + }, + "markdownDescription": "An array of `TypeConverterEntry` objects, where each object contains the information about one field to change the type of.", + "title": "Entries", + "type": "array" + } + }, + "required": [ + "Entries" + ], + "type": "object" + }, + "AWS::Logs::Transformer.TypeConverterEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key with the value that is to be converted to a different type.", + "title": "Key", "type": "string" }, "Type": { - "markdownDescription": "The encryption type.", + "markdownDescription": "The type to convert the field value to. Valid values are `integer` , `double` , `string` and `boolean` .", "title": "Type", "type": "string" } }, "required": [ + "Key", "Type" ], "type": "object" }, - "AWS::Omics::RunGroup": { + "AWS::Logs::Transformer.UpperCaseString": { + "additionalProperties": false, + "properties": { + "WithKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The array of containing the keys of the field to convert to uppercase.", + "title": "WithKeys", + "type": "array" + } + }, + "required": [ + "WithKeys" + ], + "type": "object" + }, + "AWS::LookoutEquipment::InferenceScheduler": { "additionalProperties": false, "properties": { "Condition": { @@ -171008,48 +178929,67 @@ "Properties": { "additionalProperties": false, "properties": { - "MaxCpus": { - "markdownDescription": "The group's maximum CPU count setting.", - "title": "MaxCpus", + "DataDelayOffsetInMinutes": { + "markdownDescription": "A period of time (in minutes) by which inference on the data is delayed after the data starts. For instance, if an offset delay time of five minutes was selected, inference will not begin on the data until the first data measurement after the five minute mark. For example, if five minutes is selected, the inference scheduler will wake up at the configured frequency with the additional five minute delay time to check the customer S3 bucket. The customer can upload data at the same frequency and they don't need to stop and restart the scheduler when uploading new data.", + "title": "DataDelayOffsetInMinutes", "type": "number" }, - "MaxDuration": { - "markdownDescription": "The group's maximum duration setting in minutes.", - "title": "MaxDuration", - "type": "number" + "DataInputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration", + "markdownDescription": "Specifies configuration information for the input data for the inference scheduler, including delimiter, format, and dataset location.", + "title": "DataInputConfiguration" }, - "MaxGpus": { - "markdownDescription": "The maximum GPUs that can be used by a run group.", - "title": "MaxGpus", - "type": "number" + "DataOutputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration", + "markdownDescription": "Specifies configuration information for the output results for the inference scheduler, including the Amazon S3 location for the output.", + "title": "DataOutputConfiguration" }, - "MaxRuns": { - "markdownDescription": "The group's maximum concurrent run setting.", - "title": "MaxRuns", - "type": "number" + "DataUploadFrequency": { + "markdownDescription": "How often data is uploaded to the source S3 bucket for the input data. This value is the length of time between data uploads. For instance, if you select 5 minutes, Amazon Lookout for Equipment will upload the real-time data to the source bucket once every 5 minutes. This frequency also determines how often Amazon Lookout for Equipment starts a scheduled inference on your data. In this example, it starts once every 5 minutes.", + "title": "DataUploadFrequency", + "type": "string" }, - "Name": { - "markdownDescription": "The group's name.", - "title": "Name", + "InferenceSchedulerName": { + "markdownDescription": "The name of the inference scheduler.", + "title": "InferenceSchedulerName", + "type": "string" + }, + "ModelName": { + "markdownDescription": "The name of the machine learning model used for the inference scheduler.", + "title": "ModelName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source being used for the inference.", + "title": "RoleArn", + "type": "string" + }, + "ServerSideKmsKeyId": { + "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt inference scheduler data by Amazon Lookout for Equipment .", + "title": "ServerSideKmsKeyId", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Any tags associated with the inference scheduler.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "object" + "type": "array" } }, + "required": [ + "DataInputConfiguration", + "DataOutputConfiguration", + "DataUploadFrequency", + "ModelName", + "RoleArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::RunGroup" + "AWS::LookoutEquipment::InferenceScheduler" ], "type": "string" }, @@ -171063,123 +179003,109 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Omics::SequenceStore": { + "AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InferenceInputNameConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration", + "markdownDescription": "", + "title": "InferenceInputNameConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputTimeZoneOffset": { + "markdownDescription": "", + "title": "InputTimeZoneOffset", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "S3InputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration", + "markdownDescription": "", + "title": "S3InputConfiguration" + } + }, + "required": [ + "S3InputConfiguration" + ], + "type": "object" + }, + "AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "", + "title": "KmsKeyId", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", - "type": "string" - }, - "FallbackLocation": { - "markdownDescription": "An S3 location that is used to store files that have failed a direct upload.", - "title": "FallbackLocation", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", - "type": "string" - }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::SequenceStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "Name" - ], - "type": "object" + "S3OutputConfiguration": { + "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration", + "markdownDescription": "", + "title": "S3OutputConfiguration" + } + }, + "required": [ + "S3OutputConfiguration" + ], + "type": "object" + }, + "AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration": { + "additionalProperties": false, + "properties": { + "ComponentTimestampDelimiter": { + "markdownDescription": "", + "title": "ComponentTimestampDelimiter", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Omics::SequenceStore" - ], + "TimestampFormat": { + "markdownDescription": "", + "title": "TimestampFormat", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "", + "title": "Bucket", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Prefix": { + "markdownDescription": "", + "title": "Prefix", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket" ], "type": "object" }, - "AWS::Omics::SequenceStore.SseConfig": { + "AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", + "Bucket": { + "markdownDescription": "", + "title": "Bucket", "type": "string" }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", + "Prefix": { + "markdownDescription": "", + "title": "Prefix", "type": "string" } }, "required": [ - "Type" + "Bucket" ], "type": "object" }, - "AWS::Omics::VariantStore": { + "AWS::LookoutMetrics::Alert": { "additionalProperties": false, "properties": { "Condition": { @@ -171214,47 +179140,42 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the store.", - "title": "Description", - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.Action", + "markdownDescription": "Action that will be triggered when there is an alert.", + "title": "Action" }, - "Name": { - "markdownDescription": "A name for the store.", - "title": "Name", + "AlertDescription": { + "markdownDescription": "A description of the alert.", + "title": "AlertDescription", "type": "string" }, - "Reference": { - "$ref": "#/definitions/AWS::Omics::VariantStore.ReferenceItem", - "markdownDescription": "The genome reference for the store's variants.", - "title": "Reference" + "AlertName": { + "markdownDescription": "The name of the alert.", + "title": "AlertName", + "type": "string" }, - "SseConfig": { - "$ref": "#/definitions/AWS::Omics::VariantStore.SseConfig", - "markdownDescription": "Server-side encryption (SSE) settings for the store.", - "title": "SseConfig" + "AlertSensitivityThreshold": { + "markdownDescription": "An integer from 0 to 100 specifying the alert sensitivity threshold.", + "title": "AlertSensitivityThreshold", + "type": "number" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the store.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "AnomalyDetectorArn": { + "markdownDescription": "The ARN of the detector to which the alert is attached.", + "title": "AnomalyDetectorArn", + "type": "string" } }, "required": [ - "Name", - "Reference" + "Action", + "AlertSensitivityThreshold", + "AnomalyDetectorArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::VariantStore" + "AWS::LookoutMetrics::Alert" ], "type": "string" }, @@ -171273,40 +179194,63 @@ ], "type": "object" }, - "AWS::Omics::VariantStore.ReferenceItem": { + "AWS::LookoutMetrics::Alert.Action": { "additionalProperties": false, "properties": { - "ReferenceArn": { - "markdownDescription": "The reference's ARN.", - "title": "ReferenceArn", + "LambdaConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.LambdaConfiguration", + "markdownDescription": "A configuration for an AWS Lambda channel.", + "title": "LambdaConfiguration" + }, + "SNSConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::Alert.SNSConfiguration", + "markdownDescription": "A configuration for an Amazon SNS channel.", + "title": "SNSConfiguration" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::Alert.LambdaConfiguration": { + "additionalProperties": false, + "properties": { + "LambdaArn": { + "markdownDescription": "The ARN of the Lambda function.", + "title": "LambdaArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that has permission to invoke the Lambda function.", + "title": "RoleArn", "type": "string" } }, "required": [ - "ReferenceArn" + "LambdaArn", + "RoleArn" ], "type": "object" }, - "AWS::Omics::VariantStore.SseConfig": { + "AWS::LookoutMetrics::Alert.SNSConfiguration": { "additionalProperties": false, "properties": { - "KeyArn": { - "markdownDescription": "An encryption key ARN.", - "title": "KeyArn", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that has access to the target SNS topic.", + "title": "RoleArn", "type": "string" }, - "Type": { - "markdownDescription": "The encryption type.", - "title": "Type", + "SnsTopicArn": { + "markdownDescription": "The ARN of the target SNS topic.", + "title": "SnsTopicArn", "type": "string" } }, "required": [ - "Type" + "RoleArn", + "SnsTopicArn" ], "type": "object" }, - "AWS::Omics::Workflow": { + "AWS::LookoutMetrics::AnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { @@ -171341,69 +179285,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Accelerators": { - "markdownDescription": "", - "title": "Accelerators", - "type": "string" - }, - "DefinitionUri": { - "markdownDescription": "The URI of a definition for the workflow.", - "title": "DefinitionUri", - "type": "string" - }, - "Description": { - "markdownDescription": "The parameter's description.", - "title": "Description", - "type": "string" + "AnomalyDetectorConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig", + "markdownDescription": "Contains information about the configuration of the anomaly detector.", + "title": "AnomalyDetectorConfig" }, - "Engine": { - "markdownDescription": "An engine for the workflow.", - "title": "Engine", + "AnomalyDetectorDescription": { + "markdownDescription": "A description of the detector.", + "title": "AnomalyDetectorDescription", "type": "string" }, - "Main": { - "markdownDescription": "The path of the main definition file for the workflow.", - "title": "Main", + "AnomalyDetectorName": { + "markdownDescription": "The name of the detector.", + "title": "AnomalyDetectorName", "type": "string" }, - "Name": { - "markdownDescription": "The workflow's name.", - "title": "Name", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key to use to encrypt your data.", + "title": "KmsKeyArn", "type": "string" }, - "ParameterTemplate": { - "additionalProperties": false, - "markdownDescription": "The workflow's parameter template.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::Omics::Workflow.WorkflowParameter" - } - }, - "title": "ParameterTemplate", - "type": "object" - }, - "StorageCapacity": { - "markdownDescription": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version.", - "title": "StorageCapacity", - "type": "number" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags for the workflow.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "MetricSetList": { + "items": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSet" }, - "title": "Tags", - "type": "object" + "markdownDescription": "The detector's dataset.", + "title": "MetricSetList", + "type": "array" } }, + "required": [ + "AnomalyDetectorConfig", + "MetricSetList" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Omics::Workflow" + "AWS::LookoutMetrics::AnomalyDetector" ], "type": "string" }, @@ -171417,48 +179336,460 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Omics::Workflow.WorkflowParameter": { + "AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The parameter's description.", - "title": "Description", + "AnomalyDetectorFrequency": { + "markdownDescription": "The frequency at which the detector analyzes its source data.", + "title": "AnomalyDetectorFrequency", "type": "string" - }, - "Optional": { - "markdownDescription": "Whether the parameter is optional.", - "title": "Optional", - "type": "boolean" } }, + "required": [ + "AnomalyDetectorFrequency" + ], "type": "object" }, - "AWS::OpenSearchServerless::AccessPolicy": { + "AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig": { "additionalProperties": false, "properties": { - "Condition": { + "FlowName": { + "markdownDescription": "name of the flow.", + "title": "FlowName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access the flow.", + "title": "RoleArn", "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { + } + }, + "required": [ + "FlowName", + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access data in Amazon CloudWatch.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor": { + "additionalProperties": false, + "properties": { + "Charset": { + "markdownDescription": "The character set in which the source CSV file is written.", + "title": "Charset", + "type": "string" + }, + "ContainsHeader": { + "markdownDescription": "Whether or not the source CSV file contains a header.", + "title": "ContainsHeader", + "type": "boolean" + }, + "Delimiter": { + "markdownDescription": "The character used to delimit the source CSV file.", + "title": "Delimiter", + "type": "string" + }, + "FileCompression": { + "markdownDescription": "The level of compression of the source CSV file.", + "title": "FileCompression", + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the source CSV file's headers, if any.", + "title": "HeaderList", + "type": "array" + }, + "QuoteSymbol": { + "markdownDescription": "The character used as a quote character.", + "title": "QuoteSymbol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor": { + "additionalProperties": false, + "properties": { + "CsvFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor", + "markdownDescription": "Contains information about how a source CSV data file should be analyzed.", + "title": "CsvFormatDescriptor" + }, + "JsonFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor", + "markdownDescription": "Contains information about how a source JSON data file should be analyzed.", + "title": "JsonFormatDescriptor" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor": { + "additionalProperties": false, + "properties": { + "Charset": { + "markdownDescription": "The character set in which the source JSON file is written.", + "title": "Charset", + "type": "string" + }, + "FileCompression": { + "markdownDescription": "The level of compression of the source CSV file.", + "title": "FileCompression", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.Metric": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The function with which the metric is calculated.", + "title": "AggregationFunction", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace for the metric.", + "title": "Namespace", + "type": "string" + } + }, + "required": [ + "AggregationFunction", + "MetricName" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.MetricSet": { + "additionalProperties": false, + "properties": { + "DimensionList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the fields you want to treat as dimensions.", + "title": "DimensionList", + "type": "array" + }, + "MetricList": { + "items": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.Metric" + }, + "markdownDescription": "A list of metrics that the dataset will contain.", + "title": "MetricList", + "type": "array" + }, + "MetricSetDescription": { + "markdownDescription": "A description of the dataset you are creating.", + "title": "MetricSetDescription", + "type": "string" + }, + "MetricSetFrequency": { + "markdownDescription": "The frequency with which the source data will be analyzed for anomalies.", + "title": "MetricSetFrequency", + "type": "string" + }, + "MetricSetName": { + "markdownDescription": "The name of the dataset.", + "title": "MetricSetName", + "type": "string" + }, + "MetricSource": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSource", + "markdownDescription": "Contains information about how the source data should be interpreted.", + "title": "MetricSource" + }, + "Offset": { + "markdownDescription": "After an interval ends, the amount of seconds that the detector waits before importing data. Offset is only supported for S3, Redshift, Athena and datasources.", + "title": "Offset", + "type": "number" + }, + "TimestampColumn": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.TimestampColumn", + "markdownDescription": "Contains information about the column used for tracking time in your source data.", + "title": "TimestampColumn" + }, + "Timezone": { + "markdownDescription": "The time zone in which your source data was recorded.", + "title": "Timezone", + "type": "string" + } + }, + "required": [ + "MetricList", + "MetricSetName", + "MetricSource" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.MetricSource": { + "additionalProperties": false, + "properties": { + "AppFlowConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig", + "markdownDescription": "Details about an AppFlow datasource.", + "title": "AppFlowConfig" + }, + "CloudwatchConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig", + "markdownDescription": "Details about an Amazon CloudWatch monitoring datasource.", + "title": "CloudwatchConfig" + }, + "RDSSourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig", + "markdownDescription": "Details about an Amazon Relational Database Service (RDS) datasource.", + "title": "RDSSourceConfig" + }, + "RedshiftSourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig", + "markdownDescription": "Details about an Amazon Redshift database datasource.", + "title": "RedshiftSourceConfig" + }, + "S3SourceConfig": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig", + "markdownDescription": "Contains information about the configuration of the S3 bucket that contains source files.", + "title": "S3SourceConfig" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig": { + "additionalProperties": false, + "properties": { + "DBInstanceIdentifier": { + "markdownDescription": "A string identifying the database instance.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DatabaseHost": { + "markdownDescription": "The host name of the database.", + "title": "DatabaseHost", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the RDS database.", + "title": "DatabaseName", + "type": "string" + }, + "DatabasePort": { + "markdownDescription": "The port number where the database can be accessed.", + "title": "DatabasePort", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role.", + "title": "RoleArn", + "type": "string" + }, + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", + "title": "SecretManagerArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the table in the database.", + "title": "TableName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", + "markdownDescription": "An object containing information about the Amazon Virtual Private Cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "required": [ + "DBInstanceIdentifier", + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "RoleArn", + "SecretManagerArn", + "TableName", + "VpcConfiguration" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig": { + "additionalProperties": false, + "properties": { + "ClusterIdentifier": { + "markdownDescription": "A string identifying the Redshift cluster.", + "title": "ClusterIdentifier", + "type": "string" + }, + "DatabaseHost": { + "markdownDescription": "The name of the database host.", + "title": "DatabaseHost", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The Redshift database name.", + "title": "DatabaseName", + "type": "string" + }, + "DatabasePort": { + "markdownDescription": "The port number where the database can be accessed.", + "title": "DatabasePort", + "type": "number" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role providing access to the database.", + "title": "RoleArn", + "type": "string" + }, + "SecretManagerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", + "title": "SecretManagerArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The table name of the Redshift database.", + "title": "TableName", + "type": "string" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", + "markdownDescription": "Contains information about the Amazon Virtual Private Cloud (VPC) configuration.", + "title": "VpcConfiguration" + } + }, + "required": [ + "ClusterIdentifier", + "DatabaseHost", + "DatabaseName", + "DatabasePort", + "RoleArn", + "SecretManagerArn", + "TableName", + "VpcConfiguration" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig": { + "additionalProperties": false, + "properties": { + "FileFormatDescriptor": { + "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor", + "markdownDescription": "Contains information about a source file's formatting.", + "title": "FileFormatDescriptor" + }, + "HistoricalDataPathList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of paths to the historical data files.", + "title": "HistoricalDataPathList", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role that has read and write access permissions to the source S3 bucket.", + "title": "RoleArn", + "type": "string" + }, + "TemplatedPathList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of templated paths to the source files.", + "title": "TemplatedPathList", + "type": "array" + } + }, + "required": [ + "FileFormatDescriptor", + "RoleArn" + ], + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.TimestampColumn": { + "additionalProperties": false, + "properties": { + "ColumnFormat": { + "markdownDescription": "The format of the timestamp column.", + "title": "ColumnFormat", + "type": "string" + }, + "ColumnName": { + "markdownDescription": "The name of the timestamp column.", + "title": "ColumnName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings containing the list of security groups.", + "title": "SecurityGroupIdList", + "type": "array" + }, + "SubnetIdList": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings containing the Amazon VPC subnet IDs (e.g., `subnet-0bb1c79de3EXAMPLE` .", + "title": "SubnetIdList", + "type": "array" + } + }, + "required": [ + "SecurityGroupIdList", + "SubnetIdList" + ], + "type": "object" + }, + "AWS::LookoutVision::Project": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, @@ -171472,37 +179803,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the policy.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the policy.", - "title": "Name", - "type": "string" - }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of access policy. Currently the only option is `data` .", - "title": "Type", + "ProjectName": { + "markdownDescription": "The name of the project.", + "title": "ProjectName", "type": "string" } }, "required": [ - "Name", - "Policy", - "Type" + "ProjectName" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::AccessPolicy" + "AWS::LookoutVision::Project" ], "type": "string" }, @@ -171521,7 +179835,7 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::Collection": { + "AWS::M2::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -171556,43 +179870,57 @@ "Properties": { "additionalProperties": false, "properties": { + "Definition": { + "$ref": "#/definitions/AWS::M2::Application.Definition", + "markdownDescription": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) .", + "title": "Definition" + }, "Description": { - "markdownDescription": "A description of the collection.", + "markdownDescription": "The description of the application.", "title": "Description", "type": "string" }, + "EngineType": { + "markdownDescription": "The type of the target platform for this application.", + "title": "EngineType", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of a customer managed key.", + "title": "KmsKeyId", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the collection.\n\nCollection names must meet the following criteria:\n\n- Starts with a lowercase letter\n- Unique to your account and AWS Region\n- Contains between 3 and 28 characters\n- Contains only lowercase letters a-z, the numbers 0-9, and the hyphen (-)", + "markdownDescription": "The name of the application.", "title": "Name", "type": "string" }, - "StandbyReplicas": { - "markdownDescription": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value.", - "title": "StandbyReplicas", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role associated with the application.", + "title": "RoleArn", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the collection.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", - "title": "Type", - "type": "string" + "type": "object" } }, "required": [ + "EngineType", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::Collection" + "AWS::M2::Application" ], "type": "string" }, @@ -171611,7 +179939,23 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::LifecyclePolicy": { + "AWS::M2::Application.Definition": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content of the application definition. This is a JSON object that contains the resource configuration/definitions that identify an application.", + "title": "Content", + "type": "string" + }, + "S3Location": { + "markdownDescription": "The S3 bucket that contains the application definition.", + "title": "S3Location", + "type": "string" + } + }, + "type": "object" + }, + "AWS::M2::Deployment": { "additionalProperties": false, "properties": { "Condition": { @@ -171646,37 +179990,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the lifecycle policy.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the lifecycle policy.", - "title": "Name", + "ApplicationId": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationId", "type": "string" }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", - "type": "string" + "ApplicationVersion": { + "markdownDescription": "The version of the application.", + "title": "ApplicationVersion", + "type": "number" }, - "Type": { - "markdownDescription": "The type of lifecycle policy.", - "title": "Type", + "EnvironmentId": { + "markdownDescription": "The unique identifier of the runtime environment.", + "title": "EnvironmentId", "type": "string" } }, "required": [ - "Name", - "Policy", - "Type" + "ApplicationId", + "ApplicationVersion", + "EnvironmentId" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::LifecyclePolicy" + "AWS::M2::Deployment" ], "type": "string" }, @@ -171695,7 +180034,7 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityConfig": { + "AWS::M2::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -171731,31 +180070,101 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the security configuration.", + "markdownDescription": "The description of the runtime environment.", "title": "Description", "type": "string" }, + "EngineType": { + "markdownDescription": "The target platform for the runtime environment.", + "title": "EngineType", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version of the runtime engine.", + "title": "EngineVersion", + "type": "string" + }, + "HighAvailabilityConfig": { + "$ref": "#/definitions/AWS::M2::Environment.HighAvailabilityConfig", + "markdownDescription": "Defines the details of a high availability configuration.", + "title": "HighAvailabilityConfig" + }, + "InstanceType": { + "markdownDescription": "The instance type of the runtime environment.", + "title": "InstanceType", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The identifier of a customer managed key.", + "title": "KmsKeyId", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the security configuration.", + "markdownDescription": "The name of the runtime environment.", "title": "Name", "type": "string" }, - "SamlOptions": { - "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions", - "markdownDescription": "SAML options for the security configuration in the form of a key-value map.", - "title": "SamlOptions" + "NetworkType": { + "markdownDescription": "The network type supported by the runtime environment.", + "title": "NetworkType", + "type": "string" }, - "Type": { - "markdownDescription": "The type of security configuration. Currently the only option is `saml` .", - "title": "Type", + "PreferredMaintenanceWindow": { + "markdownDescription": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. The following two examples are valid maintenance windows: `sun:23:45-mon:00:15` or `sat:01:00-sat:03:00` .\n\nIf you do not provide a value, a random system-generated value will be assigned.", + "title": "PreferredMaintenanceWindow", "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the runtime environment is publicly accessible.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security groups for the VPC associated with this runtime environment.", + "title": "SecurityGroupIds", + "type": "array" + }, + "StorageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::M2::Environment.StorageConfiguration" + }, + "markdownDescription": "Defines the storage configuration for a runtime environment.", + "title": "StorageConfigurations", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets associated with the VPC for this runtime environment.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, + "required": [ + "EngineType", + "InstanceType", + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::SecurityConfig" + "AWS::M2::Environment" ], "type": "string" }, @@ -171769,40 +180178,82 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions": { + "AWS::M2::Environment.EfsStorageConfiguration": { "additionalProperties": false, "properties": { - "GroupAttribute": { - "markdownDescription": "The group attribute for this SAML integration.", - "title": "GroupAttribute", + "FileSystemId": { + "markdownDescription": "The file system identifier.", + "title": "FileSystemId", "type": "string" }, - "Metadata": { - "markdownDescription": "The XML IdP metadata file generated from your identity provider.", - "title": "Metadata", + "MountPoint": { + "markdownDescription": "The mount point for the file system.", + "title": "MountPoint", + "type": "string" + } + }, + "required": [ + "FileSystemId", + "MountPoint" + ], + "type": "object" + }, + "AWS::M2::Environment.FsxStorageConfiguration": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The file system identifier.", + "title": "FileSystemId", "type": "string" }, - "SessionTimeout": { - "markdownDescription": "The session timeout, in minutes. Default is 60 minutes (12 hours).", - "title": "SessionTimeout", - "type": "number" - }, - "UserAttribute": { - "markdownDescription": "A user attribute for this SAML integration.", - "title": "UserAttribute", + "MountPoint": { + "markdownDescription": "The mount point for the file system.", + "title": "MountPoint", "type": "string" } }, "required": [ - "Metadata" + "FileSystemId", + "MountPoint" ], "type": "object" }, - "AWS::OpenSearchServerless::SecurityPolicy": { + "AWS::M2::Environment.HighAvailabilityConfig": { + "additionalProperties": false, + "properties": { + "DesiredCapacity": { + "markdownDescription": "The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100.", + "title": "DesiredCapacity", + "type": "number" + } + }, + "required": [ + "DesiredCapacity" + ], + "type": "object" + }, + "AWS::M2::Environment.StorageConfiguration": { + "additionalProperties": false, + "properties": { + "Efs": { + "$ref": "#/definitions/AWS::M2::Environment.EfsStorageConfiguration", + "markdownDescription": "Defines the storage configuration for an Amazon EFS file system.", + "title": "Efs" + }, + "Fsx": { + "$ref": "#/definitions/AWS::M2::Environment.FsxStorageConfiguration", + "markdownDescription": "Defines the storage configuration for an Amazon FSx file system.", + "title": "Fsx" + } + }, + "type": "object" + }, + "AWS::MPA::ApprovalTeam": { "additionalProperties": false, "properties": { "Condition": { @@ -171837,37 +180288,58 @@ "Properties": { "additionalProperties": false, "properties": { + "ApprovalStrategy": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.ApprovalStrategy", + "markdownDescription": "Contains details for how an approval team grants approval.", + "title": "ApprovalStrategy" + }, + "Approvers": { + "items": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.Approver" + }, + "markdownDescription": "Contains details for an approver.", + "title": "Approvers", + "type": "array" + }, "Description": { - "markdownDescription": "The description of the security policy.", + "markdownDescription": "Description for the team.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the policy.", + "markdownDescription": "Name of the team.", "title": "Name", "type": "string" }, - "Policy": { - "markdownDescription": "The JSON policy document without any whitespaces.", - "title": "Policy", - "type": "string" + "Policies": { + "items": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.Policy" + }, + "markdownDescription": "Contains details for a policy. Policies define what operations a team that define the permissions for team resources.", + "title": "Policies", + "type": "array" }, - "Type": { - "markdownDescription": "The type of security policy. Can be either `encryption` or `network` .", - "title": "Type", - "type": "string" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags that you have added to the specified resource.", + "title": "Tags", + "type": "array" } }, "required": [ + "ApprovalStrategy", + "Approvers", + "Description", "Name", - "Policy", - "Type" + "Policies" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::SecurityPolicy" + "AWS::MPA::ApprovalTeam" ], "type": "string" }, @@ -171886,7 +180358,84 @@ ], "type": "object" }, - "AWS::OpenSearchServerless::VpcEndpoint": { + "AWS::MPA::ApprovalTeam.ApprovalStrategy": { + "additionalProperties": false, + "properties": { + "MofN": { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam.MofNApprovalStrategy", + "markdownDescription": "Minimum number of approvals (M) required for a total number of approvers (N).", + "title": "MofN" + } + }, + "required": [ + "MofN" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.Approver": { + "additionalProperties": false, + "properties": { + "ApproverId": { + "markdownDescription": "ID for the approver.", + "title": "ApproverId", + "type": "string" + }, + "PrimaryIdentityId": { + "markdownDescription": "ID for the user.", + "title": "PrimaryIdentityId", + "type": "string" + }, + "PrimaryIdentitySourceArn": { + "markdownDescription": "Amazon Resource Name (ARN) for the identity source. The identity source manages the user authentication for approvers.", + "title": "PrimaryIdentitySourceArn", + "type": "string" + }, + "PrimaryIdentityStatus": { + "markdownDescription": "Status for the identity source. For example, if an approver has accepted a team invitation with a user authentication method managed by the identity source.", + "title": "PrimaryIdentityStatus", + "type": "string" + }, + "ResponseTime": { + "markdownDescription": "Timestamp when the approver responded to an approval team invitation.", + "title": "ResponseTime", + "type": "string" + } + }, + "required": [ + "PrimaryIdentityId", + "PrimaryIdentitySourceArn" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.MofNApprovalStrategy": { + "additionalProperties": false, + "properties": { + "MinApprovalsRequired": { + "markdownDescription": "Minimum number of approvals (M) required for a total number of approvers (N).", + "title": "MinApprovalsRequired", + "type": "number" + } + }, + "required": [ + "MinApprovalsRequired" + ], + "type": "object" + }, + "AWS::MPA::ApprovalTeam.Policy": { + "additionalProperties": false, + "properties": { + "PolicyArn": { + "markdownDescription": "", + "title": "PolicyArn", + "type": "string" + } + }, + "required": [ + "PolicyArn" + ], + "type": "object" + }, + "AWS::MPA::IdentitySource": { "additionalProperties": false, "properties": { "Condition": { @@ -171921,43 +180470,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the endpoint.", - "title": "Name", - "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", - "title": "SecurityGroupIds", - "type": "array" + "IdentitySourceParameters": { + "$ref": "#/definitions/AWS::MPA::IdentitySource.IdentitySourceParameters", + "markdownDescription": "A `IdentitySourceParameters` object. Contains details for the resource that provides identities to the identity source. For example, an IAM Identity Center instance.", + "title": "IdentitySourceParameters" }, - "SubnetIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The ID of the subnets from which you access OpenSearch Serverless.", - "title": "SubnetIds", + "markdownDescription": "Tags that you have added to the specified resource.", + "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC from which you access OpenSearch Serverless.", - "title": "VpcId", - "type": "string" } }, "required": [ - "Name", - "SubnetIds", - "VpcId" + "IdentitySourceParameters" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchServerless::VpcEndpoint" + "AWS::MPA::IdentitySource" ], "type": "string" }, @@ -171976,7 +180510,46 @@ ], "type": "object" }, - "AWS::OpenSearchService::Domain": { + "AWS::MPA::IdentitySource.IamIdentityCenter": { + "additionalProperties": false, + "properties": { + "ApprovalPortalUrl": { + "markdownDescription": "", + "title": "ApprovalPortalUrl", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "Amazon Resource Name (ARN) for the IAM Identity Center instance.", + "title": "InstanceArn", + "type": "string" + }, + "Region": { + "markdownDescription": "AWS Region where the IAM Identity Center instance is located.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "InstanceArn", + "Region" + ], + "type": "object" + }, + "AWS::MPA::IdentitySource.IdentitySourceParameters": { + "additionalProperties": false, + "properties": { + "IamIdentityCenter": { + "$ref": "#/definitions/AWS::MPA::IdentitySource.IamIdentityCenter", + "markdownDescription": "AWS IAM Identity Center credentials.", + "title": "IamIdentityCenter" + } + }, + "required": [ + "IamIdentityCenter" + ], + "type": "object" + }, + "AWS::MSK::BatchScramSecret": { "additionalProperties": false, "properties": { "Condition": { @@ -172011,117 +180584,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessPolicies": { - "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "AccessPolicies", - "type": "object" - }, - "AdvancedOptions": { - "additionalProperties": true, - "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdvancedOptions", - "type": "object" - }, - "AdvancedSecurityOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput", - "markdownDescription": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain.", - "title": "AdvancedSecurityOptions" - }, - "ClusterConfig": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ClusterConfig", - "markdownDescription": "Container for the cluster configuration of a domain.", - "title": "ClusterConfig" - }, - "CognitoOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.CognitoOptions", - "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", - "title": "CognitoOptions" - }, - "DomainEndpointOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", - "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", - "title": "DomainEndpointOptions" - }, - "DomainName": { - "markdownDescription": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DomainName", - "type": "string" - }, - "EBSOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.EBSOptions", - "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", - "title": "EBSOptions" - }, - "EncryptionAtRestOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.EncryptionAtRestOptions", - "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "EncryptionAtRestOptions" - }, - "EngineVersion": { - "markdownDescription": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", - "title": "EngineVersion", - "type": "string" - }, - "IPAddressType": { - "markdownDescription": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later.", - "title": "IPAddressType", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", + "title": "ClusterArn", "type": "string" }, - "LogPublishingOptions": { - "additionalProperties": false, - "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.LogPublishingOption" - } - }, - "title": "LogPublishingOptions", - "type": "object" - }, - "NodeToNodeEncryptionOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions", - "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", - "title": "NodeToNodeEncryptionOptions" - }, - "OffPeakWindowOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindowOptions", - "markdownDescription": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.", - "title": "OffPeakWindowOptions" - }, - "SnapshotOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SnapshotOptions", - "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes.", - "title": "SnapshotOptions" - }, - "SoftwareUpdateOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SoftwareUpdateOptions", - "markdownDescription": "Service software update options for the domain.", - "title": "SoftwareUpdateOptions" - }, - "Tags": { + "SecretArnList": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", - "title": "Tags", + "markdownDescription": "List of Amazon Resource Name (ARN)s of Secrets Manager secrets.", + "title": "SecretArnList", "type": "array" - }, - "VPCOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.VPCOptions", - "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint.", - "title": "VPCOptions" } }, + "required": [ + "ClusterArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::OpenSearchService::Domain" + "AWS::MSK::BatchScramSecret" ], "type": "string" }, @@ -172135,485 +180619,668 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { + "AWS::MSK::Cluster": { "additionalProperties": false, "properties": { - "AnonymousAuthDisableDate": { - "markdownDescription": "Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", - "title": "AnonymousAuthDisableDate", + "Condition": { "type": "string" }, - "AnonymousAuthEnabled": { - "markdownDescription": "True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", - "title": "AnonymousAuthEnabled", - "type": "boolean" - }, - "Enabled": { - "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) .", - "title": "Enabled", - "type": "boolean" - }, - "InternalUserDatabaseEnabled": { - "markdownDescription": "True to enable the internal user database.", - "title": "InternalUserDatabaseEnabled", - "type": "boolean" - }, - "MasterUserOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.MasterUserOptions", - "markdownDescription": "Specifies information about the master user.", - "title": "MasterUserOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SAMLOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.SAMLOptions", - "markdownDescription": "Container for information about the SAML configuration for OpenSearch Dashboards.", - "title": "SAMLOptions" - } - }, - "type": "object" - }, - "AWS::OpenSearchService::Domain.ClusterConfig": { - "additionalProperties": false, - "properties": { - "ColdStorageOptions": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ColdStorageOptions", - "markdownDescription": "Container for cold storage configuration options.", - "title": "ColdStorageOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DedicatedMasterCount": { - "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property.", - "title": "DedicatedMasterCount", - "type": "number" + "Metadata": { + "type": "object" }, - "DedicatedMasterEnabled": { - "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", - "title": "DedicatedMasterEnabled", - "type": "boolean" + "Properties": { + "additionalProperties": false, + "properties": { + "BrokerNodeGroupInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.BrokerNodeGroupInfo", + "markdownDescription": "Information about the broker nodes in the cluster.", + "title": "BrokerNodeGroupInfo" + }, + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::Cluster.ClientAuthentication", + "markdownDescription": "Includes all client authentication related information.", + "title": "ClientAuthentication" + }, + "ClusterName": { + "markdownDescription": "The name of the cluster.", + "title": "ClusterName", + "type": "string" + }, + "ConfigurationInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.ConfigurationInfo", + "markdownDescription": "Represents the configuration that you want MSK to use for the cluster.", + "title": "ConfigurationInfo" + }, + "CurrentVersion": { + "markdownDescription": "The version of the cluster that you want to update.", + "title": "CurrentVersion", + "type": "string" + }, + "EncryptionInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInfo", + "markdownDescription": "Includes all encryption-related information.", + "title": "EncryptionInfo" + }, + "EnhancedMonitoring": { + "markdownDescription": "Specifies the level of monitoring for the MSK cluster.", + "title": "EnhancedMonitoring", + "type": "string" + }, + "KafkaVersion": { + "markdownDescription": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use [supported Apache Kafka versions](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) .", + "title": "KafkaVersion", + "type": "string" + }, + "LoggingInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.LoggingInfo", + "markdownDescription": "Logging info details for the cluster.", + "title": "LoggingInfo" + }, + "NumberOfBrokerNodes": { + "markdownDescription": "The number of broker nodes in the cluster.", + "title": "NumberOfBrokerNodes", + "type": "number" + }, + "OpenMonitoring": { + "$ref": "#/definitions/AWS::MSK::Cluster.OpenMonitoring", + "markdownDescription": "The settings for open monitoring.", + "title": "OpenMonitoring" + }, + "StorageMode": { + "markdownDescription": "This controls storage mode for supported storage tiers.", + "title": "StorageMode", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "BrokerNodeGroupInfo", + "ClusterName", + "KafkaVersion", + "NumberOfBrokerNodes" + ], + "type": "object" }, - "DedicatedMasterType": { - "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "DedicatedMasterType", + "Type": { + "enum": [ + "AWS::MSK::Cluster" + ], "type": "string" }, - "InstanceCount": { - "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", - "title": "InstanceType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::MSK::Cluster.BrokerLogs": { + "additionalProperties": false, + "properties": { + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::MSK::Cluster.CloudWatchLogs", + "markdownDescription": "", + "title": "CloudWatchLogs" }, - "MultiAZWithStandbyEnabled": { - "markdownDescription": "Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) .", - "title": "MultiAZWithStandbyEnabled", - "type": "boolean" + "Firehose": { + "$ref": "#/definitions/AWS::MSK::Cluster.Firehose", + "markdownDescription": "Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.", + "title": "Firehose" }, - "WarmCount": { - "markdownDescription": "The number of warm nodes in the cluster.", - "title": "WarmCount", - "type": "number" + "S3": { + "$ref": "#/definitions/AWS::MSK::Cluster.S3", + "markdownDescription": "Details of the Amazon S3 destination for broker logs.", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.BrokerNodeGroupInfo": { + "additionalProperties": false, + "properties": { + "BrokerAZDistribution": { + "markdownDescription": "This parameter is currently not in use.", + "title": "BrokerAZDistribution", + "type": "string" }, - "WarmEnabled": { - "markdownDescription": "Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) .", - "title": "WarmEnabled", - "type": "boolean" + "ClientSubnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", + "title": "ClientSubnets", + "type": "array" }, - "WarmType": { - "markdownDescription": "The instance type for the cluster's warm nodes.", - "title": "WarmType", + "ConnectivityInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.ConnectivityInfo", + "markdownDescription": "Information about the cluster's connectivity setting.", + "title": "ConnectivityInfo" + }, + "InstanceType": { + "markdownDescription": "The type of Amazon EC2 instances to use for brokers. Depending on the [broker type](https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html) , Amazon MSK supports the following broker sizes:\n\n*Standard broker sizes*\n\n- kafka.t3.small\n\n> You can't select the kafka.t3.small instance type when the metadata mode is KRaft.\n- kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge\n- kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge\n\n*Express broker sizes*\n\n- express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge\n\n> Some broker sizes might not be available in certian AWS Regions. See the updated [Pricing tools](https://docs.aws.amazon.com/msk/pricing/) section on the Amazon MSK pricing page for the latest list of available instances by Region.", + "title": "InstanceType", "type": "string" }, - "ZoneAwarenessConfig": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.ZoneAwarenessConfig", - "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", - "title": "ZoneAwarenessConfig" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", + "title": "SecurityGroups", + "type": "array" }, - "ZoneAwarenessEnabled": { - "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", - "title": "ZoneAwarenessEnabled", - "type": "boolean" + "StorageInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.StorageInfo", + "markdownDescription": "Contains information about storage volumes attached to Amazon MSK broker nodes.", + "title": "StorageInfo" } }, + "required": [ + "ClientSubnets", + "InstanceType" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.CognitoOptions": { + "AWS::MSK::Cluster.ClientAuthentication": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", - "title": "Enabled", - "type": "boolean" - }, - "IdentityPoolId": { - "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "IdentityPoolId", - "type": "string" + "Sasl": { + "$ref": "#/definitions/AWS::MSK::Cluster.Sasl", + "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", + "title": "Sasl" }, - "RoleArn": { - "markdownDescription": "The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "RoleArn", - "type": "string" + "Tls": { + "$ref": "#/definitions/AWS::MSK::Cluster.Tls", + "markdownDescription": "Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` .", + "title": "Tls" }, - "UserPoolId": { - "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", - "title": "UserPoolId", - "type": "string" + "Unauthenticated": { + "$ref": "#/definitions/AWS::MSK::Cluster.Unauthenticated", + "markdownDescription": "Details for ClientAuthentication using no authentication.", + "title": "Unauthenticated" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.ColdStorageOptions": { + "AWS::MSK::Cluster.CloudWatchLogs": { "additionalProperties": false, "properties": { "Enabled": { - "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage.", + "markdownDescription": "Specifies whether broker logs get sent to the specified CloudWatch Logs destination.", "title": "Enabled", "type": "boolean" + }, + "LogGroup": { + "markdownDescription": "The CloudWatch log group that is the destination for broker logs.", + "title": "LogGroup", + "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.DomainEndpointOptions": { + "AWS::MSK::Cluster.ConfigurationInfo": { "additionalProperties": false, "properties": { - "CustomEndpoint": { - "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpoint", - "type": "string" - }, - "CustomEndpointCertificateArn": { - "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", - "title": "CustomEndpointCertificateArn", + "Arn": { + "markdownDescription": "ARN of the configuration to use.", + "title": "Arn", "type": "string" }, - "CustomEndpointEnabled": { - "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", - "title": "CustomEndpointEnabled", - "type": "boolean" - }, - "EnforceHTTPS": { - "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "EnforceHTTPS", - "type": "boolean" - }, - "TLSSecurityPolicy": { - "markdownDescription": "The minimum TLS version required for traffic to the domain. The policy can be one of the following values:\n\n- *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2\n- *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2\n- *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites", - "title": "TLSSecurityPolicy", - "type": "string" + "Revision": { + "markdownDescription": "The revision of the configuration to use.", + "title": "Revision", + "type": "number" } }, + "required": [ + "Arn", + "Revision" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.EBSOptions": { + "AWS::MSK::Cluster.ConnectivityInfo": { "additionalProperties": false, "properties": { - "EBSEnabled": { - "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", - "title": "EBSEnabled", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types.", - "title": "Iops", - "type": "number" + "PublicAccess": { + "$ref": "#/definitions/AWS::MSK::Cluster.PublicAccess", + "markdownDescription": "Access control settings for the cluster's brokers.", + "title": "PublicAccess" }, - "Throughput": { - "markdownDescription": "The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type.", - "title": "Throughput", - "type": "number" + "VpcConnectivity": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivity", + "markdownDescription": "VPC connection control settings for brokers.", + "title": "VpcConnectivity" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.EBSStorageInfo": { + "additionalProperties": false, + "properties": { + "ProvisionedThroughput": { + "$ref": "#/definitions/AWS::MSK::Cluster.ProvisionedThroughput", + "markdownDescription": "EBS volume provisioned throughput information.", + "title": "ProvisionedThroughput" }, "VolumeSize": { - "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "markdownDescription": "The size in GiB of the EBS volume for the data drive on each broker node.", "title": "VolumeSize", "type": "number" - }, - "VolumeType": { - "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", - "title": "VolumeType", + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.EncryptionAtRest": { + "additionalProperties": false, + "properties": { + "DataVolumeKMSKeyId": { + "markdownDescription": "The ARN of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.", + "title": "DataVolumeKMSKeyId", "type": "string" } }, + "required": [ + "DataVolumeKMSKeyId" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.EncryptionAtRestOptions": { + "AWS::MSK::Cluster.EncryptionInTransit": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "Enabled", + "ClientBroker": { + "markdownDescription": "Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.\n\n- `TLS` : Indicates that client-broker communication is enabled with TLS only.\n- `TLS_PLAINTEXT` : Indicates that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.\n- `PLAINTEXT` : Indicates that client-broker communication is enabled in plaintext only.\n\nThe default value is `TLS` .", + "title": "ClientBroker", + "type": "string" + }, + "InCluster": { + "markdownDescription": "When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.\n\nThe default value is true.", + "title": "InCluster", "type": "boolean" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.EncryptionInfo": { + "additionalProperties": false, + "properties": { + "EncryptionAtRest": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionAtRest", + "markdownDescription": "The data-volume encryption details.", + "title": "EncryptionAtRest" }, - "KmsKeyId": { - "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", - "title": "KmsKeyId", - "type": "string" + "EncryptionInTransit": { + "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInTransit", + "markdownDescription": "The details for encryption in transit.", + "title": "EncryptionInTransit" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.Idp": { + "AWS::MSK::Cluster.Firehose": { "additionalProperties": false, "properties": { - "EntityId": { - "markdownDescription": "The unique entity ID of the application in the SAML identity provider.", - "title": "EntityId", + "DeliveryStream": { + "markdownDescription": "The Kinesis Data Firehose delivery stream that is the destination for broker logs.", + "title": "DeliveryStream", "type": "string" }, - "MetadataContent": { - "markdownDescription": "The metadata of the SAML application, in XML format.", - "title": "MetadataContent", - "type": "string" + "Enabled": { + "markdownDescription": "Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "EntityId", - "MetadataContent" + "Enabled" ], "type": "object" }, - "AWS::OpenSearchService::Domain.LogPublishingOption": { + "AWS::MSK::Cluster.Iam": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing.", - "title": "CloudWatchLogsLogGroupArn", - "type": "string" - }, "Enabled": { - "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", + "markdownDescription": "SASL/IAM authentication is enabled or not.", "title": "Enabled", "type": "boolean" } }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.JmxExporter": { + "additionalProperties": false, + "properties": { + "EnabledInBroker": { + "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", + "title": "EnabledInBroker", + "type": "boolean" + } + }, + "required": [ + "EnabledInBroker" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.MasterUserOptions": { + "AWS::MSK::Cluster.LoggingInfo": { "additionalProperties": false, "properties": { - "MasterUserARN": { - "markdownDescription": "Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "MasterUserARN", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", - "title": "MasterUserName", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", - "title": "MasterUserPassword", - "type": "string" + "BrokerLogs": { + "$ref": "#/definitions/AWS::MSK::Cluster.BrokerLogs", + "markdownDescription": "You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.", + "title": "BrokerLogs" } }, + "required": [ + "BrokerLogs" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions": { + "AWS::MSK::Cluster.NodeExporter": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", - "title": "Enabled", + "EnabledInBroker": { + "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", + "title": "EnabledInBroker", "type": "boolean" } }, + "required": [ + "EnabledInBroker" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.OffPeakWindow": { + "AWS::MSK::Cluster.OpenMonitoring": { "additionalProperties": false, "properties": { - "WindowStartTime": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.WindowStartTime", - "markdownDescription": "The desired start time for an off-peak maintenance window.", - "title": "WindowStartTime" + "Prometheus": { + "$ref": "#/definitions/AWS::MSK::Cluster.Prometheus", + "markdownDescription": "Prometheus exporter settings.", + "title": "Prometheus" } }, + "required": [ + "Prometheus" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.OffPeakWindowOptions": { + "AWS::MSK::Cluster.Prometheus": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether off-peak window settings are enabled for the domain.", - "title": "Enabled", - "type": "boolean" + "JmxExporter": { + "$ref": "#/definitions/AWS::MSK::Cluster.JmxExporter", + "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", + "title": "JmxExporter" }, - "OffPeakWindow": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindow", - "markdownDescription": "Off-peak window settings for the domain.", - "title": "OffPeakWindow" + "NodeExporter": { + "$ref": "#/definitions/AWS::MSK::Cluster.NodeExporter", + "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", + "title": "NodeExporter" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.SAMLOptions": { + "AWS::MSK::Cluster.ProvisionedThroughput": { "additionalProperties": false, "properties": { "Enabled": { - "markdownDescription": "True to enable SAML authentication for a domain.", + "markdownDescription": "Provisioned throughput is on or off.", "title": "Enabled", "type": "boolean" }, - "Idp": { - "$ref": "#/definitions/AWS::OpenSearchService::Domain.Idp", - "markdownDescription": "The SAML Identity Provider's information.", - "title": "Idp" - }, - "MasterBackendRole": { - "markdownDescription": "The backend role that the SAML master user is mapped to.", - "title": "MasterBackendRole", - "type": "string" - }, - "MasterUserName": { - "markdownDescription": "The SAML master user name, which is stored in the domain's internal user database.", - "title": "MasterUserName", - "type": "string" - }, - "RolesKey": { - "markdownDescription": "Element of the SAML assertion to use for backend roles. Default is `roles` .", - "title": "RolesKey", - "type": "string" - }, - "SessionTimeoutMinutes": { - "markdownDescription": "The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.", - "title": "SessionTimeoutMinutes", + "VolumeThroughput": { + "markdownDescription": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.", + "title": "VolumeThroughput", "type": "number" - }, - "SubjectKey": { - "markdownDescription": "Element of the SAML assertion to use for the user name. Default is `NameID` .", - "title": "SubjectKey", - "type": "string" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.ServiceSoftwareOptions": { + "AWS::MSK::Cluster.PublicAccess": { "additionalProperties": false, "properties": { - "AutomatedUpdateDate": { - "markdownDescription": "The timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software.", - "title": "AutomatedUpdateDate", - "type": "string" - }, - "Cancellable": { - "markdownDescription": "True if you're able to cancel your service software version update. False if you can't cancel your service software update.", - "title": "Cancellable", - "type": "boolean" - }, - "CurrentVersion": { - "markdownDescription": "The current service software version present on the domain.", - "title": "CurrentVersion", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the service software update status.", - "title": "Description", + "Type": { + "markdownDescription": "DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.", + "title": "Type", "type": "string" - }, - "NewVersion": { - "markdownDescription": "The new service software version, if one is available.", - "title": "NewVersion", + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.S3": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket that is the destination for broker logs.", + "title": "Bucket", "type": "string" }, - "OptionalDeployment": { - "markdownDescription": "True if a service software is never automatically updated. False if a service software is automatically updated after the automated update date.", - "title": "OptionalDeployment", - "type": "boolean" - }, - "UpdateAvailable": { - "markdownDescription": "True if you're able to update your service software version. False if you can't update your service software version.", - "title": "UpdateAvailable", + "Enabled": { + "markdownDescription": "Specifies whether broker logs get sent to the specified Amazon S3 destination.", + "title": "Enabled", "type": "boolean" }, - "UpdateStatus": { - "markdownDescription": "The status of your service software update.", - "title": "UpdateStatus", + "Prefix": { + "markdownDescription": "The S3 prefix that is the destination for broker logs.", + "title": "Prefix", "type": "string" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.SnapshotOptions": { + "AWS::MSK::Cluster.Sasl": { "additionalProperties": false, "properties": { - "AutomatedSnapshotStartHour": { - "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", - "title": "AutomatedSnapshotStartHour", - "type": "number" + "Iam": { + "$ref": "#/definitions/AWS::MSK::Cluster.Iam", + "markdownDescription": "Details for ClientAuthentication using IAM.", + "title": "Iam" + }, + "Scram": { + "$ref": "#/definitions/AWS::MSK::Cluster.Scram", + "markdownDescription": "Details for SASL/SCRAM client authentication.", + "title": "Scram" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.SoftwareUpdateOptions": { + "AWS::MSK::Cluster.Scram": { "additionalProperties": false, "properties": { - "AutoSoftwareUpdateEnabled": { - "markdownDescription": "Specifies whether automatic service software updates are enabled for the domain.", - "title": "AutoSoftwareUpdateEnabled", + "Enabled": { + "markdownDescription": "SASL/SCRAM authentication is enabled or not.", + "title": "Enabled", "type": "boolean" } }, + "required": [ + "Enabled" + ], "type": "object" }, - "AWS::OpenSearchService::Domain.VPCOptions": { + "AWS::MSK::Cluster.StorageInfo": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { + "EBSStorageInfo": { + "$ref": "#/definitions/AWS::MSK::Cluster.EBSStorageInfo", + "markdownDescription": "EBS volume information.", + "title": "EBSStorageInfo" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.Tls": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArnList": { "items": { "type": "string" }, - "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", + "markdownDescription": "List of AWS Private CA ARNs.", + "title": "CertificateAuthorityArnList", "type": "array" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nIf you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error \"You must specify exactly one subnet\" during template creation.", - "title": "SubnetIds", - "type": "array" + "Enabled": { + "markdownDescription": "TLS authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::OpenSearchService::Domain.WindowStartTime": { + "AWS::MSK::Cluster.Unauthenticated": { "additionalProperties": false, "properties": { - "Hours": { - "markdownDescription": "The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23.", - "title": "Hours", - "type": "number" + "Enabled": { + "markdownDescription": "Unauthenticated is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivity": { + "additionalProperties": false, + "properties": { + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityClientAuthentication", + "markdownDescription": "VPC connection control settings for brokers.", + "title": "ClientAuthentication" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityClientAuthentication": { + "additionalProperties": false, + "properties": { + "Sasl": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivitySasl", + "markdownDescription": "Details for VpcConnectivity ClientAuthentication using SASL.", + "title": "Sasl" }, - "Minutes": { - "markdownDescription": "The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59.", - "title": "Minutes", - "type": "number" + "Tls": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityTls", + "markdownDescription": "Details for VpcConnectivity ClientAuthentication using TLS.", + "title": "Tls" + } + }, + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityIam": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/IAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Hours", - "Minutes" + "Enabled" ], "type": "object" }, - "AWS::OpenSearchService::Domain.ZoneAwarenessConfig": { + "AWS::MSK::Cluster.VpcConnectivitySasl": { "additionalProperties": false, "properties": { - "AvailabilityZoneCount": { - "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", - "title": "AvailabilityZoneCount", - "type": "number" + "Iam": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityIam", + "markdownDescription": "Details for ClientAuthentication using IAM for VpcConnectivity.", + "title": "Iam" + }, + "Scram": { + "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityScram", + "markdownDescription": "Details for SASL/SCRAM client authentication for VpcConnectivity.", + "title": "Scram" } }, "type": "object" }, - "AWS::OpsWorks::App": { + "AWS::MSK::Cluster.VpcConnectivityScram": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "SASL/SCRAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::Cluster.VpcConnectivityTls": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "TLS authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "AWS::MSK::ClusterPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -172648,92 +181315,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AppSource": { - "$ref": "#/definitions/AWS::OpsWorks::App.Source", - "markdownDescription": "A `Source` object that specifies the app repository.", - "title": "AppSource" - }, - "Attributes": { - "additionalProperties": true, - "markdownDescription": "One or more user-defined key/value pairs to be added to the stack attributes.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "DataSources": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::App.DataSource" - }, - "markdownDescription": "The app's data source.", - "title": "DataSources", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the app.", - "title": "Description", - "type": "string" - }, - "Domains": { - "items": { - "type": "string" - }, - "markdownDescription": "The app virtual host settings, with multiple domains separated by commas. For example: `'www.example.com, example.com'`", - "title": "Domains", - "type": "array" - }, - "EnableSsl": { - "markdownDescription": "Whether to enable SSL for the app.", - "title": "EnableSsl", - "type": "boolean" - }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::App.EnvironmentVariable" - }, - "markdownDescription": "An array of `EnvironmentVariable` objects that specify environment variables to be associated with the app. After you deploy the app, these variables are defined on the associated app server instance. For more information, see [Environment Variables](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html#workingapps-creating-environment) .\n\nThere is no specific limit on the number of environment variables. However, the size of the associated data structure - which includes the variables' names, values, and protected flag values - cannot exceed 20 KB. This limit should accommodate most if not all use cases. Exceeding it will cause an exception with the message, \"Environment: is too large (maximum is 20KB).\"\n\n> If you have specified one or more environment variables, you cannot modify the stack's Chef version.", - "title": "Environment", - "type": "array" - }, - "Name": { - "markdownDescription": "The app name.", - "title": "Name", - "type": "string" - }, - "Shortname": { - "markdownDescription": "The app's short name.", - "title": "Shortname", - "type": "string" - }, - "SslConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::App.SslConfiguration", - "markdownDescription": "An `SslConfiguration` object with the SSL configuration.", - "title": "SslConfiguration" - }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", + "title": "ClusterArn", "type": "string" }, - "Type": { - "markdownDescription": "The app type. Each supported type is associated with a particular layer. For example, PHP applications are associated with a PHP layer. AWS OpsWorks Stacks deploys an application to those instances that are members of the corresponding layer. If your app isn't one of the standard types, or you prefer to implement your own Deploy recipes, specify `other` .", - "title": "Type", - "type": "string" + "Policy": { + "markdownDescription": "Resource policy for the cluster.", + "title": "Policy", + "type": "object" } }, "required": [ - "Name", - "StackId", - "Type" + "ClusterArn", + "Policy" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::App" + "AWS::MSK::ClusterPolicy" ], "type": "string" }, @@ -172752,110 +181353,7 @@ ], "type": "object" }, - "AWS::OpsWorks::App.DataSource": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The data source's ARN.", - "title": "Arn", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The database name.", - "title": "DatabaseName", - "type": "string" - }, - "Type": { - "markdownDescription": "The data source's type, `AutoSelectOpsworksMysqlInstance` , `OpsworksMysqlInstance` , `RdsDbInstance` , or `None` .", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::App.EnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "(Required) The environment variable's name, which can consist of up to 64 characters and must be specified. The name can contain upper- and lowercase letters, numbers, and underscores (_), but it must start with a letter or underscore.", - "title": "Key", - "type": "string" - }, - "Secure": { - "markdownDescription": "(Optional) Whether the variable's value is returned by the `DescribeApps` action. To hide an environment variable's value, set `Secure` to `true` . `DescribeApps` returns `*****FILTERED*****` instead of the actual value. The default value for `Secure` is `false` .", - "title": "Secure", - "type": "boolean" - }, - "Value": { - "markdownDescription": "(Optional) The environment variable's value, which can be left empty. If you specify a value, it can contain up to 256 characters, which must all be printable.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::OpsWorks::App.Source": { - "additionalProperties": false, - "properties": { - "Password": { - "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "Password", - "type": "string" - }, - "Revision": { - "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", - "title": "Revision", - "type": "string" - }, - "SshKey": { - "markdownDescription": "In requests, the repository's SSH key.\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "SshKey", - "type": "string" - }, - "Type": { - "markdownDescription": "The repository type.", - "title": "Type", - "type": "string" - }, - "Url": { - "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", - "title": "Url", - "type": "string" - }, - "Username": { - "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", - "title": "Username", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::App.SslConfiguration": { - "additionalProperties": false, - "properties": { - "Certificate": { - "markdownDescription": "The contents of the certificate's domain.crt file.", - "title": "Certificate", - "type": "string" - }, - "Chain": { - "markdownDescription": "Optional. Can be used to specify an intermediate certificate authority key or client authentication.", - "title": "Chain", - "type": "string" - }, - "PrivateKey": { - "markdownDescription": "The private key; the contents of the certificate's domain.kex file.", - "title": "PrivateKey", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::ElasticLoadBalancerAttachment": { + "AWS::MSK::Configuration": { "additionalProperties": false, "properties": { "Condition": { @@ -172890,26 +181388,44 @@ "Properties": { "additionalProperties": false, "properties": { - "ElasticLoadBalancerName": { - "markdownDescription": "The Elastic Load Balancing instance name.", - "title": "ElasticLoadBalancerName", + "Description": { + "markdownDescription": "The description of the configuration.", + "title": "Description", "type": "string" }, - "LayerId": { - "markdownDescription": "The AWS OpsWorks layer ID to which the Elastic Load Balancing load balancer is attached.", - "title": "LayerId", + "KafkaVersionsList": { + "items": { + "type": "string" + }, + "markdownDescription": "The [versions of Apache Kafka](https://docs.aws.amazon.com/msk/latest/developerguide/supported-kafka-versions.html) with which you can use this MSK configuration.\n\nWhen you update the `KafkaVersionsList` property, AWS CloudFormation recreates a new configuration with the updated property before deleting the old configuration. Such an update requires a [resource replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) . To successfully update `KafkaVersionsList` , you must also update the `Name` property in the same operation.\n\nIf your configuration is attached with any clusters created using the AWS Management Console or AWS CLI , you'll need to manually delete the old configuration from the console after the update completes.\n\nFor more information, see [Can\u2019t update KafkaVersionsList in MSK configuration](https://docs.aws.amazon.com/msk/latest/developerguide/troubleshooting.html#troubleshoot-kafkaversionslist-cfn-update-failure) in the *Amazon MSK Developer Guide* .", + "title": "KafkaVersionsList", + "type": "array" + }, + "LatestRevision": { + "$ref": "#/definitions/AWS::MSK::Configuration.LatestRevision", + "markdownDescription": "Latest revision of the MSK configuration.", + "title": "LatestRevision" + }, + "Name": { + "markdownDescription": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\".", + "title": "Name", + "type": "string" + }, + "ServerProperties": { + "markdownDescription": "Contents of the `server.properties` file. When using the console, the SDK, or the AWS CLI , the contents of `server.properties` can be in plaintext.", + "title": "ServerProperties", "type": "string" } }, "required": [ - "ElasticLoadBalancerName", - "LayerId" + "Name", + "ServerProperties" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::ElasticLoadBalancerAttachment" + "AWS::MSK::Configuration" ], "type": "string" }, @@ -172928,7 +181444,28 @@ ], "type": "object" }, - "AWS::OpsWorks::Instance": { + "AWS::MSK::Configuration.LatestRevision": { + "additionalProperties": false, + "properties": { + "CreationTime": { + "markdownDescription": "The time when the configuration revision was created.", + "title": "CreationTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the configuration revision.", + "title": "Description", + "type": "string" + }, + "Revision": { + "markdownDescription": "The revision number.", + "title": "Revision", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MSK::Replicator": { "additionalProperties": false, "properties": { "Condition": { @@ -172963,134 +181500,57 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentVersion": { - "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- `INHERIT` - Use the stack's default agent version setting.\n- *version_number* - Use the specified agent version. This value overrides the stack's default setting. To update the agent version, edit the instance configuration and specify a new version. AWS OpsWorks Stacks installs that version on the instance.\n\nThe default setting is `INHERIT` . To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.", - "title": "AgentVersion", - "type": "string" - }, - "AmiId": { - "markdownDescription": "A custom AMI ID to be used to create the instance. The AMI should be based on one of the supported operating systems. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\n> If you specify a custom AMI, you must set `Os` to `Custom` .", - "title": "AmiId", - "type": "string" - }, - "Architecture": { - "markdownDescription": "The instance architecture. The default option is `x86_64` . Instance types do not necessarily support both architectures. For a list of the architectures that are supported by the different instance types, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) .", - "title": "Architecture", - "type": "string" - }, - "AutoScalingType": { - "markdownDescription": "For load-based or time-based instances, the type. Windows stacks can use only time-based instances.", - "title": "AutoScalingType", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone of the AWS OpsWorks instance, such as `us-east-2a` .", - "title": "AvailabilityZone", + "Description": { + "markdownDescription": "A summary description of the replicator.", + "title": "Description", "type": "string" }, - "BlockDeviceMappings": { + "KafkaClusters": { "items": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.BlockDeviceMapping" + "$ref": "#/definitions/AWS::MSK::Replicator.KafkaCluster" }, - "markdownDescription": "An array of `BlockDeviceMapping` objects that specify the instance's block devices. For more information, see [Block Device Mapping](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) . Note that block device mappings are not supported for custom AMIs.", - "title": "BlockDeviceMappings", + "markdownDescription": "Kafka Clusters to use in setting up sources / targets for replication.", + "title": "KafkaClusters", "type": "array" }, - "EbsOptimized": { - "markdownDescription": "Whether to create an Amazon EBS-optimized instance.", - "title": "EbsOptimized", - "type": "boolean" - }, - "ElasticIps": { + "ReplicationInfoList": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationInfo" }, - "markdownDescription": "A list of Elastic IP addresses to associate with the instance.", - "title": "ElasticIps", + "markdownDescription": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow.", + "title": "ReplicationInfoList", "type": "array" }, - "Hostname": { - "markdownDescription": "The instance host name. The following are character limits for instance host names.\n\n- Linux-based instances: 63 characters\n- Windows-based instances: 15 characters", - "title": "Hostname", + "ReplicatorName": { + "markdownDescription": "The name of the replicator. Alpha-numeric characters with '-' are allowed.", + "title": "ReplicatorName", "type": "string" }, - "InstallUpdatesOnBoot": { - "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> We strongly recommend using the default value of `true` to ensure that your instances have the latest security updates.", - "title": "InstallUpdatesOnBoot", - "type": "boolean" - }, - "InstanceType": { - "markdownDescription": "The instance type, such as `t2.micro` . For a list of supported instance types, open the stack in the console, choose *Instances* , and choose *+ Instance* . The *Size* list contains the currently supported types. For more information, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) . The parameter values that you use to specify the various types are in the *API Name* column of the *Available Instance Types* table.", - "title": "InstanceType", - "type": "string" - }, - "LayerIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array that contains the instance's layer IDs.", - "title": "LayerIds", - "type": "array" - }, - "Os": { - "markdownDescription": "The instance's operating system, which must be set to one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` .\n\nNot all operating systems are supported with all versions of Chef. For more information about the supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .\n\nThe default option is the current Amazon Linux version. If you set this parameter to `Custom` , you must use the `CreateInstance` action's AmiId parameter to specify the custom AMI that you want to use. Block device mappings are not supported if the value is `Custom` . For more information about how to use custom AMIs with AWS OpsWorks Stacks, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .", - "title": "Os", - "type": "string" - }, - "RootDeviceType": { - "markdownDescription": "The instance root device type. For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", - "title": "RootDeviceType", - "type": "string" - }, - "SshKeyName": { - "markdownDescription": "The instance's Amazon EC2 key-pair name.", - "title": "SshKeyName", - "type": "string" - }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the instance's subnet. If the stack is running in a VPC, you can use this parameter to override the stack's default subnet ID value and direct AWS OpsWorks Stacks to launch the instance in a different subnet.", - "title": "SubnetId", - "type": "string" - }, - "Tenancy": { - "markdownDescription": "The instance's tenancy option. The default option is no tenancy, or if the instance is running in a VPC, inherit tenancy settings from the VPC. The following are valid values for this parameter: `dedicated` , `default` , or `host` . Because there are costs associated with changes in tenancy options, we recommend that you research tenancy options before choosing them for your instances. For more information about dedicated hosts, see [Dedicated Hosts Overview](https://docs.aws.amazon.com/ec2/dedicated-hosts/) and [Amazon EC2 Dedicated Hosts](https://docs.aws.amazon.com/ec2/dedicated-hosts/) . For more information about dedicated instances, see [Dedicated Instances](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html) and [Amazon EC2 Dedicated Instances](https://docs.aws.amazon.com/ec2/purchasing-options/dedicated-instances/) .", - "title": "Tenancy", - "type": "string" - }, - "TimeBasedAutoScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.TimeBasedAutoScaling", - "markdownDescription": "The time-based scaling configuration for the instance.", - "title": "TimeBasedAutoScaling" - }, - "VirtualizationType": { - "markdownDescription": "The instance's virtualization type, `paravirtual` or `hvm` .", - "title": "VirtualizationType", + "ServiceExecutionRoleArn": { + "markdownDescription": "The ARN of the IAM role used by the replicator to access resources in the customer's account (e.g source and target clusters)", + "title": "ServiceExecutionRoleArn", "type": "string" }, - "Volumes": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of AWS OpsWorks volume IDs to associate with the instance. For more information, see [`AWS::OpsWorks::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-volume.html) .", - "title": "Volumes", + "markdownDescription": "List of tags to attach to created Replicator.", + "title": "Tags", "type": "array" } }, "required": [ - "InstanceType", - "LayerIds", - "StackId" + "KafkaClusters", + "ReplicationInfoList", + "ReplicatorName", + "ServiceExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Instance" + "AWS::MSK::Replicator" ], "type": "string" }, @@ -173109,499 +181569,211 @@ ], "type": "object" }, - "AWS::OpsWorks::Instance.BlockDeviceMapping": { + "AWS::MSK::Replicator.AmazonMskCluster": { "additionalProperties": false, "properties": { - "DeviceName": { - "markdownDescription": "The device name that is exposed to the instance, such as `/dev/sdh` . For the root device, you can use the explicit device name or you can set this parameter to `ROOT_DEVICE` and AWS OpsWorks Stacks will provide the correct device name.", - "title": "DeviceName", - "type": "string" - }, - "Ebs": { - "$ref": "#/definitions/AWS::OpsWorks::Instance.EbsBlockDevice", - "markdownDescription": "An `EBSBlockDevice` that defines how to configure an Amazon EBS volume when the instance is launched. You can specify either the `VirtualName` or `Ebs` , but not both.", - "title": "Ebs" - }, - "NoDevice": { - "markdownDescription": "Suppresses the specified device included in the AMI's block device mapping.", - "title": "NoDevice", - "type": "string" - }, - "VirtualName": { - "markdownDescription": "The virtual device name. For more information, see [BlockDeviceMapping](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html) . You can specify either the `VirtualName` or `Ebs` , but not both.", - "title": "VirtualName", + "MskClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon MSK cluster.", + "title": "MskClusterArn", "type": "string" } }, + "required": [ + "MskClusterArn" + ], "type": "object" }, - "AWS::OpsWorks::Instance.EbsBlockDevice": { + "AWS::MSK::Replicator.ConsumerGroupReplication": { "additionalProperties": false, "properties": { - "DeleteOnTermination": { - "markdownDescription": "Whether the volume is deleted on instance termination.", - "title": "DeleteOnTermination", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", - "title": "Iops", - "type": "number" + "ConsumerGroupsToExclude": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the consumer groups that should not be replicated.", + "title": "ConsumerGroupsToExclude", + "type": "array" }, - "SnapshotId": { - "markdownDescription": "The snapshot ID.", - "title": "SnapshotId", - "type": "string" + "ConsumerGroupsToReplicate": { + "items": { + "type": "string" + }, + "markdownDescription": "List of regular expression patterns indicating the consumer groups to copy.", + "title": "ConsumerGroupsToReplicate", + "type": "array" }, - "VolumeSize": { - "markdownDescription": "The volume size, in GiB. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", - "title": "VolumeSize", - "type": "number" + "DetectAndCopyNewConsumerGroups": { + "markdownDescription": "Enables synchronization of consumer groups to target cluster.", + "title": "DetectAndCopyNewConsumerGroups", + "type": "boolean" }, - "VolumeType": { - "markdownDescription": "The volume type. `gp2` for General Purpose (SSD) volumes, `io1` for Provisioned IOPS (SSD) volumes, `st1` for Throughput Optimized hard disk drives (HDD), `sc1` for Cold HDD,and `standard` for Magnetic volumes.\n\nIf you specify the `io1` volume type, you must also specify a value for the `Iops` attribute. The maximum ratio of provisioned IOPS to requested volume size (in GiB) is 50:1. AWS uses the default volume size (in GiB) specified in the AMI attributes to set IOPS to 50 x (volume size).", - "title": "VolumeType", - "type": "string" + "SynchroniseConsumerGroupOffsets": { + "markdownDescription": "Enables synchronization of consumer group offsets to target cluster. The translated offsets will be written to topic __consumer_offsets.", + "title": "SynchroniseConsumerGroupOffsets", + "type": "boolean" } }, + "required": [ + "ConsumerGroupsToReplicate" + ], "type": "object" }, - "AWS::OpsWorks::Instance.TimeBasedAutoScaling": { + "AWS::MSK::Replicator.KafkaCluster": { "additionalProperties": false, "properties": { - "Friday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Friday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Friday", - "type": "object" - }, - "Monday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Monday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Monday", - "type": "object" - }, - "Saturday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Saturday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Saturday", - "type": "object" - }, - "Sunday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Sunday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Sunday", - "type": "object" - }, - "Thursday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Thursday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Thursday", - "type": "object" - }, - "Tuesday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Tuesday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tuesday", - "type": "object" + "AmazonMskCluster": { + "$ref": "#/definitions/AWS::MSK::Replicator.AmazonMskCluster", + "markdownDescription": "Details of an Amazon MSK Cluster.", + "title": "AmazonMskCluster" }, - "Wednesday": { - "additionalProperties": true, - "markdownDescription": "The schedule for Wednesday.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Wednesday", - "type": "object" + "VpcConfig": { + "$ref": "#/definitions/AWS::MSK::Replicator.KafkaClusterClientVpcConfig", + "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", + "title": "VpcConfig" } }, + "required": [ + "AmazonMskCluster", + "VpcConfig" + ], "type": "object" }, - "AWS::OpsWorks::Layer": { + "AWS::MSK::Replicator.KafkaClusterClientVpcConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Attributes": { - "additionalProperties": true, - "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.\n\nTo create a cluster layer, set the `EcsClusterArn` attribute to the cluster's ARN.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Attributes", - "type": "object" - }, - "AutoAssignElasticIps": { - "markdownDescription": "Whether to automatically assign an [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", - "title": "AutoAssignElasticIps", - "type": "boolean" - }, - "AutoAssignPublicIps": { - "markdownDescription": "For stacks that are running in a VPC, whether to automatically assign a public IP address to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", - "title": "AutoAssignPublicIps", - "type": "boolean" - }, - "CustomInstanceProfileArn": { - "markdownDescription": "The ARN of an IAM profile to be used for the layer's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "CustomInstanceProfileArn", - "type": "string" - }, - "CustomJson": { - "markdownDescription": "A JSON-formatted string containing custom stack configuration and deployment attributes to be installed on the layer's instances. For more information, see [Using Custom JSON](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-json-override.html) . This feature is supported as of version 1.7.42 of the AWS CLI .", - "title": "CustomJson", - "type": "object" - }, - "CustomRecipes": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.Recipes", - "markdownDescription": "A `LayerCustomRecipes` object that specifies the layer custom recipes.", - "title": "CustomRecipes" - }, - "CustomSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array containing the layer custom security group IDs.", - "title": "CustomSecurityGroupIds", - "type": "array" - }, - "EnableAutoHealing": { - "markdownDescription": "Whether to disable auto healing for the layer.", - "title": "EnableAutoHealing", - "type": "boolean" - }, - "InstallUpdatesOnBoot": { - "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> To ensure that your instances have the latest security updates, we strongly recommend using the default value of `true` .", - "title": "InstallUpdatesOnBoot", - "type": "boolean" - }, - "LifecycleEventConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.LifecycleEventConfiguration", - "markdownDescription": "A `LifeCycleEventConfiguration` object that you can use to configure the Shutdown event to specify an execution timeout and enable or disable Elastic Load Balancer connection draining.", - "title": "LifecycleEventConfiguration" - }, - "LoadBasedAutoScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.LoadBasedAutoScaling", - "markdownDescription": "The load-based scaling configuration for the AWS OpsWorks layer.", - "title": "LoadBasedAutoScaling" - }, - "Name": { - "markdownDescription": "The layer name, which is used by the console. Layer names can be a maximum of 32 characters.", - "title": "Name", - "type": "string" - }, - "Packages": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of `Package` objects that describes the layer packages.", - "title": "Packages", - "type": "array" - }, - "Shortname": { - "markdownDescription": "For custom layers only, use this parameter to specify the layer's short name, which is used internally by AWS OpsWorks Stacks and by Chef recipes. The short name is also used as the name for the directory where your app files are installed. It can have a maximum of 32 characters, which are limited to the alphanumeric characters, '-', '_', and '.'.\n\nBuilt-in layer short names are defined by AWS OpsWorks Stacks. For more information, see the [Layer Reference](https://docs.aws.amazon.com/opsworks/latest/userguide/layers.html) .", - "title": "Shortname", - "type": "string" - }, - "StackId": { - "markdownDescription": "The layer stack ID.", - "title": "StackId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies one or more sets of tags (key\u2013value pairs) to associate with this AWS OpsWorks layer. Use tags to manage your resources.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The layer type. A stack cannot have more than one built-in layer of the same type. It can have any number of custom layers. Built-in layers are not available in Chef 12 stacks.", - "title": "Type", - "type": "string" - }, - "UseEbsOptimizedInstances": { - "markdownDescription": "Whether to use Amazon EBS-optimized instances.", - "title": "UseEbsOptimizedInstances", - "type": "boolean" - }, - "VolumeConfigurations": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.VolumeConfiguration" - }, - "markdownDescription": "A `VolumeConfigurations` object that describes the layer's Amazon EBS volumes.", - "title": "VolumeConfigurations", - "type": "array" - } + "SecurityGroupIds": { + "items": { + "type": "string" }, - "required": [ - "AutoAssignElasticIps", - "AutoAssignPublicIps", - "EnableAutoHealing", - "Name", - "Shortname", - "StackId", - "Type" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::OpsWorks::Layer" - ], - "type": "string" + "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", + "title": "SecurityGroupIds", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets in the client VPC to connect to.", + "title": "SubnetIds", + "type": "array" } }, "required": [ - "Type", - "Properties" + "SubnetIds" ], "type": "object" }, - "AWS::OpsWorks::Layer.AutoScalingThresholds": { + "AWS::MSK::Replicator.ReplicationInfo": { "additionalProperties": false, "properties": { - "CpuThreshold": { - "markdownDescription": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.", - "title": "CpuThreshold", - "type": "number" - }, - "IgnoreMetricsTime": { - "markdownDescription": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events. For example, AWS OpsWorks Stacks adds new instances following an upscaling event but the instances won't start reducing the load until they have been booted and configured. There is no point in raising additional scaling events during that operation, which typically takes several minutes. `IgnoreMetricsTime` allows you to direct AWS OpsWorks Stacks to suppress scaling events long enough to get the new instances online.", - "title": "IgnoreMetricsTime", - "type": "number" + "ConsumerGroupReplication": { + "$ref": "#/definitions/AWS::MSK::Replicator.ConsumerGroupReplication", + "markdownDescription": "Configuration relating to consumer group replication.", + "title": "ConsumerGroupReplication" }, - "InstanceCount": { - "markdownDescription": "The number of instances to add or remove when the load exceeds a threshold.", - "title": "InstanceCount", - "type": "number" + "SourceKafkaClusterArn": { + "markdownDescription": "The ARN of the source Kafka cluster.", + "title": "SourceKafkaClusterArn", + "type": "string" }, - "LoadThreshold": { - "markdownDescription": "The load threshold. A value of -1 disables the threshold. For more information about how load is computed, see [Load (computing)](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Load_%28computing%29) .", - "title": "LoadThreshold", - "type": "number" + "TargetCompressionType": { + "markdownDescription": "The compression type to use when producing records to target cluster.", + "title": "TargetCompressionType", + "type": "string" }, - "MemoryThreshold": { - "markdownDescription": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.", - "title": "MemoryThreshold", - "type": "number" + "TargetKafkaClusterArn": { + "markdownDescription": "The ARN of the target Kafka cluster.", + "title": "TargetKafkaClusterArn", + "type": "string" }, - "ThresholdsWaitTime": { - "markdownDescription": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.", - "title": "ThresholdsWaitTime", - "type": "number" + "TopicReplication": { + "$ref": "#/definitions/AWS::MSK::Replicator.TopicReplication", + "markdownDescription": "Configuration relating to topic replication.", + "title": "TopicReplication" } }, + "required": [ + "ConsumerGroupReplication", + "SourceKafkaClusterArn", + "TargetCompressionType", + "TargetKafkaClusterArn", + "TopicReplication" + ], "type": "object" }, - "AWS::OpsWorks::Layer.LifecycleEventConfiguration": { + "AWS::MSK::Replicator.ReplicationStartingPosition": { "additionalProperties": false, "properties": { - "ShutdownEventConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.ShutdownEventConfiguration", - "markdownDescription": "The Shutdown event configuration.", - "title": "ShutdownEventConfiguration" + "Type": { + "markdownDescription": "The type of replication starting position.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::OpsWorks::Layer.LoadBasedAutoScaling": { + "AWS::MSK::Replicator.ReplicationTopicNameConfiguration": { "additionalProperties": false, "properties": { - "DownScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", - "markdownDescription": "An `AutoScalingThresholds` object that describes the downscaling configuration, which defines how and when AWS OpsWorks Stacks reduces the number of instances.", - "title": "DownScaling" - }, - "Enable": { - "markdownDescription": "Whether load-based auto scaling is enabled for the layer.", - "title": "Enable", - "type": "boolean" - }, - "UpScaling": { - "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", - "markdownDescription": "An `AutoScalingThresholds` object that describes the upscaling configuration, which defines how and when AWS OpsWorks Stacks increases the number of instances.", - "title": "UpScaling" + "Type": { + "markdownDescription": "The type of replication topic name configuration, identical to upstream topic name or prefixed with source cluster alias.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::OpsWorks::Layer.Recipes": { + "AWS::MSK::Replicator.TopicReplication": { "additionalProperties": false, "properties": { - "Configure": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `configure` event.", - "title": "Configure", - "type": "array" + "CopyAccessControlListsForTopics": { + "markdownDescription": "Whether to periodically configure remote topic ACLs to match their corresponding upstream topics.", + "title": "CopyAccessControlListsForTopics", + "type": "boolean" }, - "Deploy": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `deploy` event.", - "title": "Deploy", - "type": "array" + "CopyTopicConfigurations": { + "markdownDescription": "Whether to periodically configure remote topics to match their corresponding upstream topics.", + "title": "CopyTopicConfigurations", + "type": "boolean" }, - "Setup": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of custom recipe names to be run following a `setup` event.", - "title": "Setup", - "type": "array" + "DetectAndCopyNewTopics": { + "markdownDescription": "Whether to periodically check for new topics and partitions.", + "title": "DetectAndCopyNewTopics", + "type": "boolean" }, - "Shutdown": { + "StartingPosition": { + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationStartingPosition", + "markdownDescription": "Specifies the position in the topics to start replicating from.", + "title": "StartingPosition" + }, + "TopicNameConfiguration": { + "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationTopicNameConfiguration", + "markdownDescription": "Configuration for specifying replicated topic names will be the same as their corresponding upstream topics or prefixed with source cluster alias.", + "title": "TopicNameConfiguration" + }, + "TopicsToExclude": { "items": { "type": "string" }, - "markdownDescription": "An array of custom recipe names to be run following a `shutdown` event.", - "title": "Shutdown", + "markdownDescription": "List of regular expression patterns indicating the topics that should not be replicated.", + "title": "TopicsToExclude", "type": "array" }, - "Undeploy": { + "TopicsToReplicate": { "items": { "type": "string" }, - "markdownDescription": "An array of custom recipe names to be run following a `undeploy` event.", - "title": "Undeploy", + "markdownDescription": "List of regular expression patterns indicating the topics to copy.", + "title": "TopicsToReplicate", "type": "array" } }, + "required": [ + "TopicsToReplicate" + ], "type": "object" }, - "AWS::OpsWorks::Layer.ShutdownEventConfiguration": { - "additionalProperties": false, - "properties": { - "DelayUntilElbConnectionsDrained": { - "markdownDescription": "Whether to enable Elastic Load Balancing connection draining. For more information, see [Connection Draining](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#conn-drain)", - "title": "DelayUntilElbConnectionsDrained", - "type": "boolean" - }, - "ExecutionTimeout": { - "markdownDescription": "The time, in seconds, that AWS OpsWorks Stacks waits after triggering a Shutdown event before shutting down an instance.", - "title": "ExecutionTimeout", - "type": "number" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Layer.VolumeConfiguration": { - "additionalProperties": false, - "properties": { - "Encrypted": { - "markdownDescription": "Specifies whether an Amazon EBS volume is encrypted. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) .", - "title": "Encrypted", - "type": "boolean" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) to provision for the volume. For PIOPS volumes, the IOPS per disk.\n\nIf you specify `io1` for the volume type, you must specify this property.", - "title": "Iops", - "type": "number" - }, - "MountPoint": { - "markdownDescription": "The volume mount point. For example \"/dev/sdh\".", - "title": "MountPoint", - "type": "string" - }, - "NumberOfDisks": { - "markdownDescription": "The number of disks in the volume.", - "title": "NumberOfDisks", - "type": "number" - }, - "RaidLevel": { - "markdownDescription": "The volume [RAID level](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Standard_RAID_levels) .", - "title": "RaidLevel", - "type": "number" - }, - "Size": { - "markdownDescription": "The volume size.", - "title": "Size", - "type": "number" - }, - "VolumeType": { - "markdownDescription": "The volume type. For more information, see [Amazon EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) .\n\n- `standard` - Magnetic. Magnetic volumes must have a minimum size of 1 GiB and a maximum size of 1024 GiB.\n- `io1` - Provisioned IOPS (SSD). PIOPS volumes must have a minimum size of 4 GiB and a maximum size of 16384 GiB.\n- `gp2` - General Purpose (SSD). General purpose volumes must have a minimum size of 1 GiB and a maximum size of 16384 GiB.\n- `st1` - Throughput Optimized hard disk drive (HDD). Throughput optimized HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.\n- `sc1` - Cold HDD. Cold HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.", - "title": "VolumeType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Stack": { + "AWS::MSK::ServerlessCluster": { "additionalProperties": false, "properties": { "Condition": { @@ -173636,160 +181808,46 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentVersion": { - "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- Auto-update - Set this parameter to `LATEST` . AWS OpsWorks Stacks automatically installs new agent versions on the stack's instances as soon as they are available.\n- Fixed version - Set this parameter to your preferred agent version. To update the agent version, you must edit the stack configuration and specify a new version. AWS OpsWorks Stacks installs that version on the stack's instances.\n\nThe default setting is the most recent release of the agent. To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.\n\n> You can also specify an agent version when you create or update an instance, which overrides the stack's default setting.", - "title": "AgentVersion", + "ClientAuthentication": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.ClientAuthentication", + "markdownDescription": "Includes all client authentication related information.", + "title": "ClientAuthentication" + }, + "ClusterName": { + "markdownDescription": "The name of the cluster.", + "title": "ClusterName", "type": "string" }, - "Attributes": { + "Tags": { "additionalProperties": true, - "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.", + "markdownDescription": "An arbitrary set of tags (key-value pairs) for the cluster.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, - "title": "Attributes", - "type": "object" - }, - "ChefConfiguration": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.ChefConfiguration", - "markdownDescription": "A `ChefConfiguration` object that specifies whether to enable Berkshelf and the Berkshelf version on Chef 11.10 stacks. For more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", - "title": "ChefConfiguration" - }, - "CloneAppIds": { - "items": { - "type": "string" - }, - "markdownDescription": "If you're cloning an AWS OpsWorks stack, a list of AWS OpsWorks application stack IDs from the source stack to include in the cloned stack.", - "title": "CloneAppIds", - "type": "array" - }, - "ClonePermissions": { - "markdownDescription": "If you're cloning an AWS OpsWorks stack, indicates whether to clone the source stack's permissions.", - "title": "ClonePermissions", - "type": "boolean" - }, - "ConfigurationManager": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.StackConfigurationManager", - "markdownDescription": "The configuration manager. When you create a stack we recommend that you use the configuration manager to specify the Chef version: 12, 11.10, or 11.4 for Linux stacks, or 12.2 for Windows stacks. The default value for Linux stacks is currently 12.", - "title": "ConfigurationManager" - }, - "CustomCookbooksSource": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.Source", - "markdownDescription": "Contains the information required to retrieve an app or cookbook from a repository. For more information, see [Adding Apps](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html) or [Cookbooks and Recipes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook.html) .", - "title": "CustomCookbooksSource" - }, - "CustomJson": { - "markdownDescription": "A string that contains user-defined, custom JSON. It can be used to override the corresponding default stack configuration attribute values or to pass data to recipes. The string should be in the following format:\n\n`\"{\\\"key1\\\": \\\"value1\\\", \\\"key2\\\": \\\"value2\\\",...}\"`\n\nFor more information about custom JSON, see [Use Custom JSON to Modify the Stack Configuration Attributes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-json.html) .", - "title": "CustomJson", + "title": "Tags", "type": "object" }, - "DefaultAvailabilityZone": { - "markdownDescription": "The stack's default Availability Zone, which must be in the specified region. For more information, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html) . If you also specify a value for `DefaultSubnetId` , the subnet must be in the same zone. For more information, see the `VpcId` parameter description.", - "title": "DefaultAvailabilityZone", - "type": "string" - }, - "DefaultInstanceProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM profile that is the default profile for all of the stack's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "DefaultInstanceProfileArn", - "type": "string" - }, - "DefaultOs": { - "markdownDescription": "The stack's default operating system, which is installed on every instance unless you specify a different operating system when you create the instance. You can specify one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` . You specify the custom AMI you want to use when you create instances. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\nThe default option is the current Amazon Linux version. Not all operating systems are supported with all versions of Chef. For more information about supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .", - "title": "DefaultOs", - "type": "string" - }, - "DefaultRootDeviceType": { - "markdownDescription": "The default root device type. This value is the default for all instances in the stack, but you can override it when you create an instance. The default option is `instance-store` . For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", - "title": "DefaultRootDeviceType", - "type": "string" - }, - "DefaultSshKeyName": { - "markdownDescription": "A default Amazon EC2 key pair name. The default value is none. If you specify a key pair name, AWS OpsWorks installs the public key on the instance and you can use the private key with an SSH client to log in to the instance. For more information, see [Using SSH to Communicate with an Instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-ssh.html) and [Managing SSH Access](https://docs.aws.amazon.com/opsworks/latest/userguide/security-ssh-access.html) . You can override this setting by specifying a different key pair, or no key pair, when you [create an instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-add.html) .", - "title": "DefaultSshKeyName", - "type": "string" - }, - "DefaultSubnetId": { - "markdownDescription": "The stack's default subnet ID. All instances are launched into this subnet unless you specify another subnet ID when you create the instance. This parameter is required if you specify a value for the `VpcId` parameter. If you also specify a value for `DefaultAvailabilityZone` , the subnet must be in that zone.", - "title": "DefaultSubnetId", - "type": "string" - }, - "EcsClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Elastic Container Service ( Amazon ECS ) cluster to register with the AWS OpsWorks stack.\n\n> If you specify a cluster that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the cluster.", - "title": "EcsClusterArn", - "type": "string" - }, - "ElasticIps": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.ElasticIp" - }, - "markdownDescription": "A list of Elastic IP addresses to register with the AWS OpsWorks stack.\n\n> If you specify an IP address that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the IP address.", - "title": "ElasticIps", - "type": "array" - }, - "HostnameTheme": { - "markdownDescription": "The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. By default, `HostnameTheme` is set to `Layer_Dependent` , which creates host names by appending integers to the layer's short name. The other themes are:\n\n- `Baked_Goods`\n- `Clouds`\n- `Europe_Cities`\n- `Fruits`\n- `Greek_Deities_and_Titans`\n- `Legendary_creatures_from_Japan`\n- `Planets_and_Moons`\n- `Roman_Deities`\n- `Scottish_Islands`\n- `US_Cities`\n- `Wild_Cats`\n\nTo obtain a generated host name, call `GetHostNameSuggestion` , which returns a host name based on the current theme.", - "title": "HostnameTheme", - "type": "string" - }, - "Name": { - "markdownDescription": "The stack name. Stack names can be a maximum of 64 characters.", - "title": "Name", - "type": "string" - }, - "RdsDbInstances": { - "items": { - "$ref": "#/definitions/AWS::OpsWorks::Stack.RdsDbInstance" - }, - "markdownDescription": "The Amazon Relational Database Service ( Amazon RDS ) database instance to register with the AWS OpsWorks stack.\n\n> If you specify a database instance that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the database instance.", - "title": "RdsDbInstances", - "type": "array" - }, - "ServiceRoleArn": { - "markdownDescription": "The stack's IAM role, which allows AWS OpsWorks Stacks to work with AWS resources on your behalf. You must set this parameter to the Amazon Resource Name (ARN) for an existing IAM role. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", - "title": "ServiceRoleArn", - "type": "string" - }, - "SourceStackId": { - "markdownDescription": "If you're cloning an AWS OpsWorks stack, the stack ID of the source AWS OpsWorks stack to clone.", - "title": "SourceStackId", - "type": "string" - }, - "Tags": { + "VpcConfigs": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.VpcConfig" }, - "markdownDescription": "A map that contains tag keys and tag values that are attached to a stack or layer.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- Leading and trailing white spaces are trimmed from both the key and value.\n- A maximum of 40 tags is allowed for any resource.", - "title": "Tags", + "markdownDescription": "VPC configuration information for the serverless cluster.", + "title": "VpcConfigs", "type": "array" - }, - "UseCustomCookbooks": { - "markdownDescription": "Whether the stack uses custom cookbooks.", - "title": "UseCustomCookbooks", - "type": "boolean" - }, - "UseOpsworksSecurityGroups": { - "markdownDescription": "Whether to associate the AWS OpsWorks Stacks built-in security groups with the stack's layers.\n\nAWS OpsWorks Stacks provides a standard set of built-in security groups, one for each layer, which are associated with layers by default. With `UseOpsworksSecurityGroups` you can instead provide your own custom security groups. `UseOpsworksSecurityGroups` has the following settings:\n\n- True - AWS OpsWorks Stacks automatically associates the appropriate built-in security group with each layer (default setting). You can associate additional security groups with a layer after you create it, but you cannot delete the built-in security group.\n- False - AWS OpsWorks Stacks does not associate built-in security groups with layers. You must create appropriate EC2 security groups and associate a security group with each layer that you create. However, you can still manually associate a built-in security group with a layer on creation; custom security groups are required only for those layers that need custom settings.\n\nFor more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", - "title": "UseOpsworksSecurityGroups", - "type": "boolean" - }, - "VpcId": { - "markdownDescription": "The ID of the VPC that the stack is to be launched into. The VPC must be in the stack's region. All instances are launched into this VPC. You cannot change the ID later.\n\n- If your account supports EC2-Classic, the default value is `no VPC` .\n- If your account does not support EC2-Classic, the default value is the default VPC for the specified region.\n\nIf the VPC ID corresponds to a default VPC and you have specified either the `DefaultAvailabilityZone` or the `DefaultSubnetId` parameter only, AWS OpsWorks Stacks infers the value of the other parameter. If you specify neither parameter, AWS OpsWorks Stacks sets these parameters to the first valid Availability Zone for the specified region and the corresponding default VPC subnet ID, respectively.\n\nIf you specify a nondefault VPC ID, note the following:\n\n- It must belong to a VPC in your account that is in the specified region.\n- You must specify a value for `DefaultSubnetId` .\n\nFor more information about how to use AWS OpsWorks Stacks with a VPC, see [Running a Stack in a VPC](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-vpc.html) . For more information about default VPC and EC2-Classic, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", - "title": "VpcId", - "type": "string" } }, "required": [ - "DefaultInstanceProfileArn", - "Name", - "ServiceRoleArn" + "ClientAuthentication", + "ClusterName", + "VpcConfigs" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::Stack" + "AWS::MSK::ServerlessCluster" ], "type": "string" }, @@ -173808,120 +181866,74 @@ ], "type": "object" }, - "AWS::OpsWorks::Stack.ChefConfiguration": { - "additionalProperties": false, - "properties": { - "BerkshelfVersion": { - "markdownDescription": "The Berkshelf version.", - "title": "BerkshelfVersion", - "type": "string" - }, - "ManageBerkshelf": { - "markdownDescription": "Whether to enable Berkshelf.", - "title": "ManageBerkshelf", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::OpsWorks::Stack.ElasticIp": { + "AWS::MSK::ServerlessCluster.ClientAuthentication": { "additionalProperties": false, "properties": { - "Ip": { - "markdownDescription": "The IP address.", - "title": "Ip", - "type": "string" - }, - "Name": { - "markdownDescription": "The name, which can be a maximum of 32 characters.", - "title": "Name", - "type": "string" + "Sasl": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Sasl", + "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", + "title": "Sasl" } }, "required": [ - "Ip" + "Sasl" ], "type": "object" }, - "AWS::OpsWorks::Stack.RdsDbInstance": { + "AWS::MSK::ServerlessCluster.Iam": { "additionalProperties": false, "properties": { - "DbPassword": { - "markdownDescription": "AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "DbPassword", - "type": "string" - }, - "DbUser": { - "markdownDescription": "The master user name.", - "title": "DbUser", - "type": "string" - }, - "RdsDbInstanceArn": { - "markdownDescription": "The instance's ARN.", - "title": "RdsDbInstanceArn", - "type": "string" + "Enabled": { + "markdownDescription": "SASL/IAM authentication is enabled or not.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "DbPassword", - "DbUser", - "RdsDbInstanceArn" + "Enabled" ], "type": "object" }, - "AWS::OpsWorks::Stack.Source": { + "AWS::MSK::ServerlessCluster.Sasl": { "additionalProperties": false, "properties": { - "Password": { - "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", - "title": "Password", - "type": "string" - }, - "Revision": { - "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", - "title": "Revision", - "type": "string" - }, - "SshKey": { - "markdownDescription": "The repository's SSH key. For more information, see [Using Git Repository SSH Keys](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-deploykeys.html) in the *AWS OpsWorks User Guide* . To pass in an SSH key as a parameter, see the following example:\n\n`\"Parameters\" : { \"GitSSHKey\" : { \"Description\" : \"Change SSH key newlines to commas.\", \"Type\" : \"CommaDelimitedList\", \"NoEcho\" : \"true\" }, ... \"CustomCookbooksSource\": { \"Revision\" : { \"Ref\": \"GitRevision\"}, \"SshKey\" : { \"Fn::Join\" : [ \"\\n\", { \"Ref\": \"GitSSHKey\"} ] }, \"Type\": \"git\", \"Url\": { \"Ref\": \"GitURL\"} } ...`", - "title": "SshKey", - "type": "string" - }, - "Type": { - "markdownDescription": "The repository type.", - "title": "Type", - "type": "string" - }, - "Url": { - "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", - "title": "Url", - "type": "string" - }, - "Username": { - "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", - "title": "Username", - "type": "string" + "Iam": { + "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Iam", + "markdownDescription": "Details for ClientAuthentication using IAM.", + "title": "Iam" } }, + "required": [ + "Iam" + ], "type": "object" }, - "AWS::OpsWorks::Stack.StackConfigurationManager": { + "AWS::MSK::ServerlessCluster.VpcConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name. This parameter must be set to `Chef` .", - "title": "Name", - "type": "string" + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SecurityGroups", + "type": "array" }, - "Version": { - "markdownDescription": "The Chef version. This parameter must be set to 12, 11.10, or 11.4 for Linux stacks, and to 12.2 for Windows stacks. The default value for Linux stacks is 12.", - "title": "Version", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SubnetIds", + "type": "array" } }, + "required": [ + "SubnetIds" + ], "type": "object" }, - "AWS::OpsWorks::UserProfile": { + "AWS::MSK::VpcConnection": { "additionalProperties": false, "properties": { "Condition": { @@ -173956,35 +181968,61 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowSelfManagement": { - "markdownDescription": "Whether users can specify their own SSH public key through the My Settings page. For more information, see [Managing User Permissions](https://docs.aws.amazon.com/opsworks/latest/userguide/security-settingsshkey.html) .", - "title": "AllowSelfManagement", - "type": "boolean" - }, - "IamUserArn": { - "markdownDescription": "The user's IAM ARN.", - "title": "IamUserArn", + "Authentication": { + "markdownDescription": "The type of private link authentication.", + "title": "Authentication", "type": "string" }, - "SshPublicKey": { - "markdownDescription": "The user's SSH public key.", - "title": "SshPublicKey", + "ClientSubnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnets in the client VPC to connect to.", + "title": "ClientSubnets", + "type": "array" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", + "title": "SecurityGroups", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An arbitrary set of tags (key-value pairs) you specify while creating the VPC connection.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TargetClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster.", + "title": "TargetClusterArn", "type": "string" }, - "SshUsername": { - "markdownDescription": "The user's SSH user name.", - "title": "SshUsername", + "VpcId": { + "markdownDescription": "The VPC ID of the remote client.", + "title": "VpcId", "type": "string" } }, "required": [ - "IamUserArn" + "Authentication", + "ClientSubnets", + "SecurityGroups", + "TargetClusterArn", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorks::UserProfile" + "AWS::MSK::VpcConnection" ], "type": "string" }, @@ -174003,7 +182041,7 @@ ], "type": "object" }, - "AWS::OpsWorks::Volume": { + "AWS::MWAA::Environment": { "additionalProperties": false, "properties": { "Condition": { @@ -174038,212 +182076,145 @@ "Properties": { "additionalProperties": false, "properties": { - "Ec2VolumeId": { - "markdownDescription": "The Amazon EC2 volume ID.", - "title": "Ec2VolumeId", + "AirflowConfigurationOptions": { + "markdownDescription": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", + "title": "AirflowConfigurationOptions", + "type": "object" + }, + "AirflowVersion": { + "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` | `2.8.1` | `2.9.2` | `2.10.1` (latest)", + "title": "AirflowVersion", "type": "string" }, - "MountPoint": { - "markdownDescription": "The volume mount point. For example, \"/mnt/disk1\".", - "title": "MountPoint", + "DagS3Path": { + "markdownDescription": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", + "title": "DagS3Path", + "type": "string" + }, + "EndpointManagement": { + "markdownDescription": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", + "title": "EndpointManagement", + "type": "string" + }, + "EnvironmentClass": { + "markdownDescription": "The environment class type. Valid values: `mw1.micro` , `mw1.small` , `mw1.medium` , `mw1.large` , `mw1.1large` , and `mw1.2large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", + "title": "EnvironmentClass", + "type": "string" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", + "title": "ExecutionRoleArn", "type": "string" }, + "KmsKey": { + "markdownDescription": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", + "title": "KmsKey", + "type": "string" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::MWAA::Environment.LoggingConfiguration", + "markdownDescription": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` .", + "title": "LoggingConfiguration" + }, + "MaxWebservers": { + "markdownDescription": "The maximum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. For example, in scenarios where your workload requires network calls to the Apache Airflow REST API with a high transaction-per-second (TPS) rate, Amazon MWAA will increase the number of web servers up to the number set in `MaxWebserers` . As TPS rates decrease Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: For environments larger than mw1.micro, accepts values from `2` to `5` . Defaults to `2` for all environment sizes except mw1.micro, which defaults to `1` .", + "title": "MaxWebservers", + "type": "number" + }, + "MaxWorkers": { + "markdownDescription": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` .", + "title": "MaxWorkers", + "type": "number" + }, + "MinWebservers": { + "markdownDescription": "The minimum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. As the transaction-per-second rate, and the network load, decrease, Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: For environments larger than mw1.micro, accepts values from `2` to `5` . Defaults to `2` for all environment sizes except mw1.micro, which defaults to `1` .", + "title": "MinWebservers", + "type": "number" + }, + "MinWorkers": { + "markdownDescription": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` .", + "title": "MinWorkers", + "type": "number" + }, "Name": { - "markdownDescription": "The volume name. Volume names are a maximum of 128 characters.", + "markdownDescription": "The name of your Amazon MWAA environment.", "title": "Name", "type": "string" }, - "StackId": { - "markdownDescription": "The stack ID.", - "title": "StackId", - "type": "string" - } - }, - "required": [ - "Ec2VolumeId", - "StackId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::OpsWorks::Volume" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::OpsWorksCM::Server": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AssociatePublicIpAddress": { - "markdownDescription": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` .", - "title": "AssociatePublicIpAddress", - "type": "boolean" - }, - "BackupId": { - "markdownDescription": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId.", - "title": "BackupId", - "type": "string" - }, - "BackupRetentionCount": { - "markdownDescription": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` .", - "title": "BackupRetentionCount", - "type": "number" - }, - "CustomCertificate": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate\u2019s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` .", - "title": "CustomCertificate", + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::MWAA::Environment.NetworkConfiguration", + "markdownDescription": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", + "title": "NetworkConfiguration" + }, + "PluginsS3ObjectVersion": { + "markdownDescription": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", + "title": "PluginsS3ObjectVersion", "type": "string" }, - "CustomDomain": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` .", - "title": "CustomDomain", + "PluginsS3Path": { + "markdownDescription": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", + "title": "PluginsS3Path", "type": "string" }, - "CustomPrivateKey": { - "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` .", - "title": "CustomPrivateKey", + "RequirementsS3ObjectVersion": { + "markdownDescription": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", + "title": "RequirementsS3ObjectVersion", "type": "string" }, - "DisableAutomatedBackup": { - "markdownDescription": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` .", - "title": "DisableAutomatedBackup", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` .", - "title": "Engine", + "RequirementsS3Path": { + "markdownDescription": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", + "title": "RequirementsS3Path", "type": "string" }, - "EngineAttributes": { - "items": { - "$ref": "#/definitions/AWS::OpsWorksCM::Server.EngineAttribute" - }, - "markdownDescription": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^&+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key.", - "title": "EngineAttributes", - "type": "array" - }, - "EngineModel": { - "markdownDescription": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef.", - "title": "EngineModel", - "type": "string" + "Schedulers": { + "markdownDescription": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - For environments larger than mw1.micro, accepts values from 2 to 5. Defaults to 2 for all environment sizes except mw1.micro, which defaults to 1.\n- *v1* - Accepts 1.", + "title": "Schedulers", + "type": "number" }, - "EngineVersion": { - "markdownDescription": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` .", - "title": "EngineVersion", + "SourceBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) .", + "title": "SourceBucketArn", "type": "string" }, - "InstanceProfileArn": { - "markdownDescription": "The ARN of the instance profile that your Amazon EC2 instances use.", - "title": "InstanceProfileArn", + "StartupScriptS3ObjectVersion": { + "markdownDescription": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", + "title": "StartupScriptS3ObjectVersion", "type": "string" }, - "InstanceType": { - "markdownDescription": "The Amazon EC2 instance type to use. For example, `m5.large` .", - "title": "InstanceType", + "StartupScriptS3Path": { + "markdownDescription": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", + "title": "StartupScriptS3Path", "type": "string" }, - "KeyPair": { - "markdownDescription": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH.", - "title": "KeyPair", - "type": "string" + "Tags": { + "markdownDescription": "The key-value tag pairs associated to your environment. For example, `\"Environment\": \"Staging\"` . To learn more, see [Tagging](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .\n\nIf you specify new tags for an existing environment, the update requires service interruption before taking effect.", + "title": "Tags", + "type": "object" }, - "PreferredBackupWindow": { - "markdownDescription": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", - "title": "PreferredBackupWindow", + "WebserverAccessMode": { + "markdownDescription": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` .", + "title": "WebserverAccessMode", "type": "string" }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", - "title": "PreferredMaintenanceWindow", + "WeeklyMaintenanceWindowStart": { + "markdownDescription": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)", + "title": "WeeklyMaintenanceWindowStart", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServiceRoleArn": { - "markdownDescription": "The service role that the AWS OpsWorks CM service backend uses to work with your account. Although the AWS OpsWorks management console typically creates the service role for you, if you are using the AWS CLI or API commands, run the service-role-creation.yaml AWS CloudFormation template, located at https://s3.amazonaws.com/opsworks-cm-us-east-1-prod-default-assets/misc/opsworks-cm-roles.yaml. This template creates a CloudFormation stack that includes the service role and instance profile that you need.", - "title": "ServiceRoleArn", + "WorkerReplacementStrategy": { + "markdownDescription": "", + "title": "WorkerReplacementStrategy", "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server.", - "title": "Tags", - "type": "array" } }, "required": [ - "InstanceProfileArn", - "InstanceType", - "ServiceRoleArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::OpsWorksCM::Server" + "AWS::MWAA::Environment" ], "type": "string" }, @@ -174262,23 +182233,81 @@ ], "type": "object" }, - "AWS::OpsWorksCM::Server.EngineAttribute": { + "AWS::MWAA::Environment.LoggingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the engine attribute.\n\n*Attribute name for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_ADMIN_PASSWORD`\n\n*Attribute names for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD`\n- `PUPPET_R10K_REMOTE`\n- `PUPPET_R10K_PRIVATE_KEY`", - "title": "Name", + "DagProcessingLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the processing logs sent to CloudWatch Logs and the logging level to send.", + "title": "DagProcessingLogs" + }, + "SchedulerLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the scheduler logs sent to CloudWatch Logs and the logging level to send.", + "title": "SchedulerLogs" + }, + "TaskLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the task logs sent to CloudWatch Logs and the logging level to send.", + "title": "TaskLogs" + }, + "WebserverLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the web server logs sent to CloudWatch Logs and the logging level to send.", + "title": "WebserverLogs" + }, + "WorkerLogs": { + "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", + "markdownDescription": "Defines the worker logs sent to CloudWatch Logs and the logging level to send.", + "title": "WorkerLogs" + } + }, + "type": "object" + }, + "AWS::MWAA::Environment.ModuleLoggingConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchLogGroupArn": { + "markdownDescription": "The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled.\n\n> `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA.", + "title": "CloudWatchLogGroupArn", "type": "string" }, - "Value": { - "markdownDescription": "The value of the engine attribute.\n\n*Attribute value for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers.\n\n`openssl genrsa -out *pivotal_key_file_name* .pem 2048`\n\nOn Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com.\n\n*Attribute values for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key.", - "title": "Value", + "Enabled": { + "markdownDescription": "Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs.", + "title": "Enabled", + "type": "boolean" + }, + "LogLevel": { + "markdownDescription": "Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` .", + "title": "LogLevel", "type": "string" } }, "type": "object" }, - "AWS::Organizations::Account": { + "AWS::MWAA::Environment.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more security group IDs. Accepts up to 5 security group IDs. A security group must be attached to the same VPC as the subnets. To learn more, see [Security in your VPC on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-security.html) .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs. *Required* to create an environment. Must be private subnets in two different availability zones. A subnet must be attached to the same VPC as the security group. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", + "title": "SubnetIds", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Macie::AllowList": { "additionalProperties": false, "properties": { "Condition": { @@ -174313,47 +182342,39 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountName": { - "markdownDescription": "The account name given to the account when it was created.", - "title": "AccountName", - "type": "string" + "Criteria": { + "$ref": "#/definitions/AWS::Macie::AllowList.Criteria", + "markdownDescription": "The criteria that specify the text or text pattern to ignore. The criteria can be the location and name of an Amazon S3 object that lists specific text to ignore ( `S3WordsList` ), or a regular expression ( `Regex` ) that defines a text pattern to ignore.", + "title": "Criteria" }, - "Email": { - "markdownDescription": "The email address associated with the AWS account.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for this parameter is a string of characters that represents a standard internet email address.", - "title": "Email", + "Description": { + "markdownDescription": "A custom description of the allow list. The description can contain 1-512 characters.", + "title": "Description", "type": "string" }, - "ParentIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The unique identifier (ID) of the root or organizational unit (OU) that you want to create the new account in. If you don't specify this parameter, the `ParentId` defaults to the root ID.\n\nThis parameter only accepts a string array with one string value.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "ParentIds", - "type": "array" - }, - "RoleName": { - "markdownDescription": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.\n\nIf you don't specify this parameter, the role name defaults to `OrganizationAccountAccessRole` .\n\nFor more information about how to use this role to access the member account, see the following links:\n\n- [Creating the OrganizationAccountAccessRole in an invited member account](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) in the *AWS Organizations User Guide*\n- Steps 2 and 3 in [IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) in the *IAM User Guide*\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-", - "title": "RoleName", + "Name": { + "markdownDescription": "A custom name for the allow list. The name can contain 1-128 characters.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the maximum allowed number of tags for an account, then the entire request fails and the account is not created.", + "markdownDescription": "An array of key-value pairs to apply to the allow list.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "AccountName", - "Email" + "Criteria", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::Account" + "AWS::Macie::AllowList" ], "type": "string" }, @@ -174372,70 +182393,43 @@ ], "type": "object" }, - "AWS::Organizations::Organization": { + "AWS::Macie::AllowList.Criteria": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Regex": { + "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to ignore. The expression can contain 1-512 characters.", + "title": "Regex", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "FeatureSet": { - "markdownDescription": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.\n\n- `ALL` In addition to all the features supported by the consolidated billing feature set, the management account gains access to advanced features that give you more control over accounts in your organization. For more information, see [All features](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all) in the *AWS Organizations User Guide* .\n- `CONSOLIDATED_BILLING` All member accounts have their bills consolidated to and paid by the management account. For more information, see [Consolidated billing](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only) in the *AWS Organizations User Guide* .\n\n> The consolidated billing feature feature set isn't available for organizations in the AWS GovCloud (US) Region.\n\nIf you don't specify this property, the default value is `ALL` .", - "title": "FeatureSet", - "type": "string" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Organizations::Organization" - ], + "S3WordsList": { + "$ref": "#/definitions/AWS::Macie::AllowList.S3WordsList", + "markdownDescription": "The location and name of an Amazon S3 object that lists specific text to ignore.", + "title": "S3WordsList" + } + }, + "type": "object" + }, + "AWS::Macie::AllowList.S3WordsList": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The full name of the S3 bucket that contains the object. This value correlates to the `Name` field of a bucket's properties in Amazon S3 .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", + "title": "BucketName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectKey": { + "markdownDescription": "The full name of the S3 object. This value correlates to the `Key` field of an object's properties in Amazon S3 . If the name includes a path, include the complete path. For example, `AllowLists/Macie/MyList.txt` .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", + "title": "ObjectKey", "type": "string" } }, "required": [ - "Type" + "BucketName", + "ObjectKey" ], "type": "object" }, - "AWS::Organizations::OrganizationalUnit": { + "AWS::Macie::CustomDataIdentifier": { "additionalProperties": false, "properties": { "Condition": { @@ -174470,34 +182464,60 @@ "Properties": { "additionalProperties": false, "properties": { + "Description": { + "markdownDescription": "A custom description of the custom data identifier. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", + "title": "Description", + "type": "string" + }, + "IgnoreWords": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of character sequences ( *ignore words* ) to exclude from the results. If text matches the regular expression ( `Regex` ) but it contains a string in this array, Amazon Macie ignores the text and doesn't include it in the results.\n\nThe array can contain 1-10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.", + "title": "IgnoreWords", + "type": "array" + }, + "Keywords": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of character sequences ( *keywords* ), one of which must precede and be in proximity ( `MaximumMatchDistance` ) of the regular expression ( `Regex` ) to match.\n\nThe array can contain 1-50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.", + "title": "Keywords", + "type": "array" + }, + "MaximumMatchDistance": { + "markdownDescription": "The maximum number of characters that can exist between the end of at least one complete character sequence specified by the `Keywords` array and the end of text that matches the regular expression ( `Regex` ). If a complete keyword precedes all the text that matches the regular expression and the keyword is within the specified distance, Amazon Macie includes the result.\n\nThe distance can be 1-300 characters. The default value is 50.", + "title": "MaximumMatchDistance", + "type": "number" + }, "Name": { - "markdownDescription": "The friendly name of this OU.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "markdownDescription": "A custom name for the custom data identifier. The name can contain 1-128 characters.\n\nAvoid including sensitive data in the name of a custom data identifier. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Name", "type": "string" }, - "ParentId": { - "markdownDescription": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in.\n\n> To update the `ParentId` parameter value, you must first remove all accounts attached to the organizational unit (OU). OUs can't be moved within the organization with accounts still attached. \n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "ParentId", + "Regex": { + "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to match. The expression can contain 1-512 characters.", + "title": "Regex", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that you want to attach to the newly created OU. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for an OU, then the entire request fails and the OU is not created.", + "markdownDescription": "An array of key-value pairs to apply to the custom data identifier.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Name", - "ParentId" + "Regex" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::OrganizationalUnit" + "AWS::Macie::CustomDataIdentifier" ], "type": "string" }, @@ -174516,7 +182536,7 @@ ], "type": "object" }, - "AWS::Organizations::Policy": { + "AWS::Macie::FindingsFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -174551,53 +182571,49 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The policy text content. You can specify the policy content as a JSON object or a JSON string.\n\n> When you specify the policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the policy content as a JSON object instead. \n\nThe text that you supply must adhere to the rules of the policy type you specify in the `Type` parameter. The following AWS Organizations quotas are enforced for the maximum size of a policy document:\n\n- Service control policies: 5,120 characters\n- Resource control policies: 5,120 characters\n- Declarative policies: 10,000 characters\n- Backup policies: 10,000 characters\n- Tag policies: 10,000 characters\n- Chat applications policies: 10,000 characters\n- AI services opt-out policies: 2,500 characters\n\nFor more information about Organizations service quotas, see [Quotas for AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) in the *AWS Organizations User Guide* .", - "title": "Content", - "type": "object" + "Action": { + "markdownDescription": "The action to perform on findings that match the filter criteria ( `FindingCriteria` ). Valid values are:\n\n- `ARCHIVE` - Suppress (automatically archive) the findings.\n- `NOOP` - Don't perform any action on the findings.", + "title": "Action", + "type": "string" }, "Description": { - "markdownDescription": "Human readable description of the policy.", + "markdownDescription": "A custom description of the findings filter. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Description", "type": "string" }, + "FindingCriteria": { + "$ref": "#/definitions/AWS::Macie::FindingsFilter.FindingCriteria", + "markdownDescription": "The criteria to use to filter findings.", + "title": "FindingCriteria" + }, "Name": { - "markdownDescription": "Name of the policy.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "markdownDescription": "A custom name for the findings filter. The name can contain 3-64 characters.\n\nAvoid including sensitive data in the name. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Name", "type": "string" }, + "Position": { + "markdownDescription": "The position of the findings filter in the list of saved filter rules on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to findings.", + "title": "Position", + "type": "number" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for a policy, then the entire request fails and the policy is not created.", + "markdownDescription": "An array of key-value pairs to apply to the findings filter.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "TargetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to. You can get the ID by calling the [ListRoots](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html) , [ListOrganizationalUnitsForParent](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html) , or [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) operations. If you don't specify this parameter, the policy is created but not attached to any organization resource.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a target ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Account* - A string that consists of exactly 12 digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", - "title": "TargetIds", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of policy to create.", - "title": "Type", - "type": "string" } }, "required": [ - "Content", - "Name", - "Type" + "FindingCriteria", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::Policy" + "AWS::Macie::FindingsFilter" ], "type": "string" }, @@ -174616,7 +182632,66 @@ ], "type": "object" }, - "AWS::Organizations::ResourcePolicy": { + "AWS::Macie::FindingsFilter.CriterionAdditionalProperties": { + "additionalProperties": false, + "properties": { + "eq": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", + "title": "eq", + "type": "array" + }, + "gt": { + "markdownDescription": "The value for the specified property is greater than the specified value.", + "title": "gt", + "type": "number" + }, + "gte": { + "markdownDescription": "The value for the specified property is greater than or equal to the specified value.", + "title": "gte", + "type": "number" + }, + "lt": { + "markdownDescription": "The value for the specified property is less than the specified value.", + "title": "lt", + "type": "number" + }, + "lte": { + "markdownDescription": "The value for the specified property is less than or equal to the specified value.", + "title": "lte", + "type": "number" + }, + "neq": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", + "title": "neq", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Macie::FindingsFilter.FindingCriteria": { + "additionalProperties": false, + "properties": { + "Criterion": { + "additionalProperties": false, + "markdownDescription": "Specifies a condition that defines the property, operator, and one or more values to use to filter the results.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Macie::FindingsFilter.CriterionAdditionalProperties" + } + }, + "title": "Criterion", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Macie::Session": { "additionalProperties": false, "properties": { "Condition": { @@ -174651,28 +182726,22 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The policy text of the organization resource policy. You can specify the resource policy content as a JSON object or a JSON string.\n\n> When you specify the resource policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the resource policy content as a JSON object instead.", - "title": "Content", - "type": "object" + "FindingPublishingFrequency": { + "markdownDescription": "Specifies how often Amazon Macie publishes updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events ). Valid values are:\n\n- FIFTEEN_MINUTES\n- ONE_HOUR\n- SIX_HOURS", + "title": "FindingPublishingFrequency", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags that you want to attach to the newly created resource policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the *AWS Organizations User Guide* .\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for the resource policy, then the entire request fails and the resource policy is not created.", - "title": "Tags", - "type": "array" + "Status": { + "markdownDescription": "The status of Amazon Macie for the account. Valid values are: `ENABLED` , start or resume Macie activities for the account; and, `PAUSED` , suspend Macie activities for the account.", + "title": "Status", + "type": "string" } }, - "required": [ - "Content" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Organizations::ResourcePolicy" + "AWS::Macie::Session" ], "type": "string" }, @@ -174686,12 +182755,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::PCAConnectorAD::Connector": { + "AWS::ManagedBlockchain::Accessor": { "additionalProperties": false, "properties": { "Condition": { @@ -174726,43 +182794,33 @@ "Properties": { "additionalProperties": false, "properties": { - "CertificateAuthorityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority being used.", - "title": "CertificateAuthorityArn", + "AccessorType": { + "markdownDescription": "The type of the accessor.\n\n> Currently, accessor type is restricted to `BILLING_TOKEN` .", + "title": "AccessorType", "type": "string" }, - "DirectoryId": { - "markdownDescription": "The identifier of the Active Directory.", - "title": "DirectoryId", + "NetworkType": { + "markdownDescription": "The blockchain network that the `Accessor` token is created for.\n\n> We recommend using the appropriate `networkType` value for the blockchain network that you are creating the `Accessor` token for. You cannot use the value `ETHEREUM_MAINNET_AND_GOERLI` to specify a `networkType` for your Accessor token.\n> \n> The default value of `ETHEREUM_MAINNET_AND_GOERLI` is only applied:\n> \n> - when the `CreateAccessor` action does not set a `networkType` .\n> - to all existing `Accessor` tokens that were created before the `networkType` property was introduced.", + "title": "NetworkType", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a connector consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "The tags assigned to the Accessor.\n\nFor more information about tags, see [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/tagging-resources.html) in the *Amazon Managed Blockchain Ethereum Developer Guide* , or [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/tagging-resources.html) in the *Amazon Managed Blockchain Hyperledger Fabric Developer Guide* .", "title": "Tags", - "type": "object" - }, - "VpcInformation": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Connector.VpcInformation", - "markdownDescription": "Information of the VPC and security group(s) used with the connector.", - "title": "VpcInformation" + "type": "array" } }, "required": [ - "CertificateAuthorityArn", - "DirectoryId", - "VpcInformation" + "AccessorType" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::Connector" + "AWS::ManagedBlockchain::Accessor" ], "type": "string" }, @@ -174781,24 +182839,7 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::Connector.VpcInformation": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups used with the connector. You can use a maximum of 4 security groups with a connector.", - "title": "SecurityGroupIds", - "type": "array" - } - }, - "required": [ - "SecurityGroupIds" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::DirectoryRegistration": { + "AWS::ManagedBlockchain::Member": { "additionalProperties": false, "properties": { "Condition": { @@ -174833,31 +182874,35 @@ "Properties": { "additionalProperties": false, "properties": { - "DirectoryId": { - "markdownDescription": "The identifier of the Active Directory.", - "title": "DirectoryId", + "InvitationId": { + "markdownDescription": "The unique identifier of the invitation to join the network sent to the account that creates the member.", + "title": "InvitationId", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a directory registration consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "MemberConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberConfiguration", + "markdownDescription": "Configuration properties of the member.", + "title": "MemberConfiguration" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkConfiguration", + "markdownDescription": "Configuration properties of the network to which the member belongs.", + "title": "NetworkConfiguration" + }, + "NetworkId": { + "markdownDescription": "The unique identifier of the network to which the member belongs.", + "title": "NetworkId", + "type": "string" } }, "required": [ - "DirectoryId" + "MemberConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::DirectoryRegistration" + "AWS::ManagedBlockchain::Member" ], "type": "string" }, @@ -174876,7 +182921,161 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::ServicePrincipalName": { + "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { + "additionalProperties": false, + "properties": { + "ProposalDurationInHours": { + "markdownDescription": "The duration from the time that a proposal is created until it expires. If members cast neither the required number of `YES` votes to approve the proposal nor the number of `NO` votes required to reject it before the duration expires, the proposal is `EXPIRED` and `ProposalActions` aren't carried out.", + "title": "ProposalDurationInHours", + "type": "number" + }, + "ThresholdComparator": { + "markdownDescription": "Determines whether the vote percentage must be greater than the `ThresholdPercentage` or must be greater than or equal to the `ThresholdPercentage` to be approved.", + "title": "ThresholdComparator", + "type": "string" + }, + "ThresholdPercentage": { + "markdownDescription": "The percentage of votes among all members that must be `YES` for a proposal to be approved. For example, a `ThresholdPercentage` value of `50` indicates 50%. The `ThresholdComparator` determines the precise comparison. If a `ThresholdPercentage` value of `50` is specified on a network with 10 members, along with a `ThresholdComparator` value of `GREATER_THAN` , this indicates that 6 `YES` votes are required for the proposal to be approved.", + "title": "ThresholdPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.MemberConfiguration": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "An optional description of the member.", + "title": "Description", + "type": "string" + }, + "MemberFrameworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration", + "markdownDescription": "Configuration properties of the blockchain framework relevant to the member.", + "title": "MemberFrameworkConfiguration" + }, + "Name": { + "markdownDescription": "The name of the member.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.MemberFabricConfiguration": { + "additionalProperties": false, + "properties": { + "AdminPassword": { + "markdownDescription": "The password for the member's initial administrative user. The `AdminPassword` must be at least 8 characters long and no more than 32 characters. It must contain at least one uppercase letter, one lowercase letter, and one digit. It cannot have a single quotation mark (\u2018), a double quotation marks (\u201c), a forward slash(/), a backward slash(\\), @, or a space.", + "title": "AdminPassword", + "type": "string" + }, + "AdminUsername": { + "markdownDescription": "The user name for the member's initial administrative user.", + "title": "AdminUsername", + "type": "string" + } + }, + "required": [ + "AdminPassword", + "AdminUsername" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration": { + "additionalProperties": false, + "properties": { + "MemberFabricConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFabricConfiguration", + "markdownDescription": "Configuration properties for Hyperledger Fabric.", + "title": "MemberFabricConfiguration" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Attributes of the blockchain framework for the network.", + "title": "Description", + "type": "string" + }, + "Framework": { + "markdownDescription": "The blockchain framework that the network uses.", + "title": "Framework", + "type": "string" + }, + "FrameworkVersion": { + "markdownDescription": "The version of the blockchain framework that the network uses.", + "title": "FrameworkVersion", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the network.", + "title": "Name", + "type": "string" + }, + "NetworkFrameworkConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration", + "markdownDescription": "Configuration properties relevant to the network for the blockchain framework that the network uses.", + "title": "NetworkFrameworkConfiguration" + }, + "VotingPolicy": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.VotingPolicy", + "markdownDescription": "The voting rules that the network uses to decide if a proposal is accepted.", + "title": "VotingPolicy" + } + }, + "required": [ + "Framework", + "FrameworkVersion", + "Name", + "VotingPolicy" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.NetworkFabricConfiguration": { + "additionalProperties": false, + "properties": { + "Edition": { + "markdownDescription": "The edition of Amazon Managed Blockchain that the network uses. Valid values are `standard` and `starter` . For more information, see [Amazon Managed Blockchain Pricing](https://docs.aws.amazon.com/managed-blockchain/pricing/)", + "title": "Edition", + "type": "string" + } + }, + "required": [ + "Edition" + ], + "type": "object" + }, + "AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration": { + "additionalProperties": false, + "properties": { + "NetworkFabricConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFabricConfiguration", + "markdownDescription": "Configuration properties for Hyperledger Fabric for a member in a Managed Blockchain network that is using the Hyperledger Fabric framework.", + "title": "NetworkFabricConfiguration" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Member.VotingPolicy": { + "additionalProperties": false, + "properties": { + "ApprovalThresholdPolicy": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy", + "markdownDescription": "Defines the rules for the network for voting on proposals, such as the percentage of `YES` votes required for the proposal to be approved and the duration of the proposal. The policy applies to all proposals and is specified when the network is created.", + "title": "ApprovalThresholdPolicy" + } + }, + "type": "object" + }, + "AWS::ManagedBlockchain::Node": { "additionalProperties": false, "properties": { "Condition": { @@ -174911,22 +183110,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", - "title": "ConnectorArn", + "MemberId": { + "markdownDescription": "The unique identifier of the member to which the node belongs. Applies only to Hyperledger Fabric.", + "title": "MemberId", "type": "string" }, - "DirectoryRegistrationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) .", - "title": "DirectoryRegistrationArn", + "NetworkId": { + "markdownDescription": "The unique identifier of the network for the node.\n\nEthereum public networks have the following `NetworkId` s:\n\n- `n-ethereum-mainnet`", + "title": "NetworkId", "type": "string" + }, + "NodeConfiguration": { + "$ref": "#/definitions/AWS::ManagedBlockchain::Node.NodeConfiguration", + "markdownDescription": "Configuration properties of a peer node.", + "title": "NodeConfiguration" } }, + "required": [ + "NetworkId", + "NodeConfiguration" + ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::ServicePrincipalName" + "AWS::ManagedBlockchain::Node" ], "type": "string" }, @@ -174940,11 +183148,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::PCAConnectorAD::Template": { + "AWS::ManagedBlockchain::Node.NodeConfiguration": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone in which the node exists. Required for Ethereum nodes.", + "title": "AvailabilityZone", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The Amazon Managed Blockchain instance type for the node.", + "title": "InstanceType", + "type": "string" + } + }, + "required": [ + "AvailabilityZone", + "InstanceType" + ], + "type": "object" + }, + "AWS::MediaConnect::Bridge": { "additionalProperties": false, "properties": { "Condition": { @@ -174979,48 +183208,58 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectorArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", - "title": "ConnectorArn", - "type": "string" + "EgressGatewayBridge": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.EgressGatewayBridge", + "markdownDescription": "An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises.", + "title": "EgressGatewayBridge" }, - "Definition": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateDefinition", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "Definition" + "IngressGatewayBridge": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.IngressGatewayBridge", + "markdownDescription": "An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud.", + "title": "IngressGatewayBridge" }, "Name": { - "markdownDescription": "Name of the templates. Template names must be unique.", + "markdownDescription": "The name of the bridge. This name can not be modified after the bridge is created.", "title": "Name", "type": "string" }, - "ReenrollAllCertificateHolders": { - "markdownDescription": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template.", - "title": "ReenrollAllCertificateHolders", - "type": "boolean" + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeOutput" + }, + "markdownDescription": "The outputs that you want to add to this bridge.", + "title": "Outputs", + "type": "array" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Metadata assigned to a template consisting of a key-value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "PlacementArn": { + "markdownDescription": "The bridge placement Amazon Resource Number (ARN).", + "title": "PlacementArn", + "type": "string" + }, + "SourceFailoverConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.FailoverConfig", + "markdownDescription": "The settings for source failover.", + "title": "SourceFailoverConfig" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeSource" }, - "title": "Tags", - "type": "object" + "markdownDescription": "The sources that you want to add to this bridge.", + "title": "Sources", + "type": "array" } }, "required": [ - "ConnectorArn", - "Definition", - "Name" + "Name", + "PlacementArn", + "Sources" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::Template" + "AWS::MediaConnect::Bridge" ], "type": "string" }, @@ -175039,942 +183278,237 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ApplicationPolicies": { + "AWS::MediaConnect::Bridge.BridgeFlowSource": { "additionalProperties": false, "properties": { - "Critical": { - "markdownDescription": "Marks the application policy extension as critical.", - "title": "Critical", - "type": "boolean" + "FlowArn": { + "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", + "title": "FlowArn", + "type": "string" }, - "Policies": { - "items": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicy" - }, - "markdownDescription": "Application policies describe what the certificate can be used for.", - "title": "Policies", - "type": "array" + "FlowVpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this source.", + "title": "FlowVpcInterfaceAttachment" + }, + "Name": { + "markdownDescription": "The name of the flow source.", + "title": "Name", + "type": "string" } }, "required": [ - "Policies" + "FlowArn", + "Name" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ApplicationPolicy": { + "AWS::MediaConnect::Bridge.BridgeNetworkOutput": { "additionalProperties": false, "properties": { - "PolicyObjectIdentifier": { - "markdownDescription": "The object identifier (OID) of an application policy.", - "title": "PolicyObjectIdentifier", + "IpAddress": { + "markdownDescription": "The network output IP address.", + "title": "IpAddress", "type": "string" }, - "PolicyType": { - "markdownDescription": "The type of application policy", - "title": "PolicyType", + "Name": { + "markdownDescription": "The network output name.", + "title": "Name", + "type": "string" + }, + "NetworkName": { + "markdownDescription": "The network output's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network output's port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" + }, + "Ttl": { + "markdownDescription": "The network output TTL.", + "title": "Ttl", + "type": "number" } }, + "required": [ + "IpAddress", + "Name", + "NetworkName", + "Port", + "Protocol", + "Ttl" + ], "type": "object" }, - "AWS::PCAConnectorAD::Template.CertificateValidity": { + "AWS::MediaConnect::Bridge.BridgeNetworkSource": { "additionalProperties": false, "properties": { - "RenewalPeriod": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", - "markdownDescription": "Renewal period is the period of time before certificate expiration when a new certificate will be requested.", - "title": "RenewalPeriod" + "MulticastIp": { + "markdownDescription": "The network source multicast IP.", + "title": "MulticastIp", + "type": "string" }, - "ValidityPeriod": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", - "markdownDescription": "Information describing the end of the validity period of the certificate. This parameter sets the \u201cNot After\u201d date for the certificate. Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280. This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.", - "title": "ValidityPeriod" + "MulticastSourceSettings": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.MulticastSourceSettings", + "markdownDescription": "The settings related to the multicast source.", + "title": "MulticastSourceSettings" + }, + "Name": { + "markdownDescription": "The name of the network source.", + "title": "Name", + "type": "string" + }, + "NetworkName": { + "markdownDescription": "The network source's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network source port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" } }, "required": [ - "RenewalPeriod", - "ValidityPeriod" + "MulticastIp", + "Name", + "NetworkName", + "Port", + "Protocol" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV2": { + "AWS::MediaConnect::Bridge.BridgeOutput": { "additionalProperties": false, "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" - }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" - }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV3": { - "additionalProperties": false, - "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" - }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" - }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.EnrollmentFlagsV4": { - "additionalProperties": false, - "properties": { - "EnableKeyReuseOnNtTokenKeysetStorageFull": { - "markdownDescription": "Allow renewal using the same key.", - "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", - "type": "boolean" - }, - "IncludeSymmetricAlgorithms": { - "markdownDescription": "Include symmetric algorithms allowed by the subject.", - "title": "IncludeSymmetricAlgorithms", - "type": "boolean" - }, - "NoSecurityExtension": { - "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", - "title": "NoSecurityExtension", - "type": "boolean" - }, - "RemoveInvalidCertificateFromPersonalStore": { - "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", - "title": "RemoveInvalidCertificateFromPersonalStore", - "type": "boolean" - }, - "UserInteractionRequired": { - "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", - "title": "UserInteractionRequired", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.ExtensionsV2": { - "additionalProperties": false, - "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" - }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", - "title": "KeyUsage" - } - }, - "required": [ - "KeyUsage" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.ExtensionsV3": { - "additionalProperties": false, - "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" - }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", - "title": "KeyUsage" - } - }, - "required": [ - "KeyUsage" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.ExtensionsV4": { - "additionalProperties": false, - "properties": { - "ApplicationPolicies": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", - "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", - "title": "ApplicationPolicies" - }, - "KeyUsage": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", - "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.", - "title": "KeyUsage" - } - }, - "required": [ - "KeyUsage" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV2": { - "additionalProperties": false, - "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" - }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users.", - "title": "MachineType", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV3": { - "additionalProperties": false, - "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" - }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", - "title": "MachineType", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.GeneralFlagsV4": { - "additionalProperties": false, - "properties": { - "AutoEnrollment": { - "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", - "title": "AutoEnrollment", - "type": "boolean" - }, - "MachineType": { - "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", - "title": "MachineType", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.KeyUsage": { - "additionalProperties": false, - "properties": { - "Critical": { - "markdownDescription": "Sets the key usage extension to critical.", - "title": "Critical", - "type": "boolean" - }, - "UsageFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageFlags", - "markdownDescription": "The key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.", - "title": "UsageFlags" - } - }, - "required": [ - "UsageFlags" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.KeyUsageFlags": { - "additionalProperties": false, - "properties": { - "DataEncipherment": { - "markdownDescription": "DataEncipherment is asserted when the subject public key is used for directly enciphering raw user data without the use of an intermediate symmetric cipher.", - "title": "DataEncipherment", - "type": "boolean" - }, - "DigitalSignature": { - "markdownDescription": "The digitalSignature is asserted when the subject public key is used for verifying digital signatures.", - "title": "DigitalSignature", - "type": "boolean" - }, - "KeyAgreement": { - "markdownDescription": "KeyAgreement is asserted when the subject public key is used for key agreement.", - "title": "KeyAgreement", - "type": "boolean" - }, - "KeyEncipherment": { - "markdownDescription": "KeyEncipherment is asserted when the subject public key is used for enciphering private or secret keys, i.e., for key transport.", - "title": "KeyEncipherment", - "type": "boolean" - }, - "NonRepudiation": { - "markdownDescription": "NonRepudiation is asserted when the subject public key is used to verify digital signatures.", - "title": "NonRepudiation", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.KeyUsageProperty": { - "additionalProperties": false, - "properties": { - "PropertyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags", - "markdownDescription": "You can specify key usage for encryption, key agreement, and signature. You can use property flags or property type but not both.", - "title": "PropertyFlags" - }, - "PropertyType": { - "markdownDescription": "You can specify all key usages using property type ALL. You can use property type or property flags but not both.", - "title": "PropertyType", - "type": "string" + "NetworkOutput": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkOutput", + "markdownDescription": "The output of the bridge. A network output is delivered to your premises.", + "title": "NetworkOutput" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags": { + "AWS::MediaConnect::Bridge.BridgeSource": { "additionalProperties": false, "properties": { - "Decrypt": { - "markdownDescription": "Allows key for encryption and decryption.", - "title": "Decrypt", - "type": "boolean" - }, - "KeyAgreement": { - "markdownDescription": "Allows key exchange without encryption.", - "title": "KeyAgreement", - "type": "boolean" + "FlowSource": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeFlowSource", + "markdownDescription": "The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow.", + "title": "FlowSource" }, - "Sign": { - "markdownDescription": "Allow key use for digital signature.", - "title": "Sign", - "type": "boolean" + "NetworkSource": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkSource", + "markdownDescription": "The source of the bridge. A network source originates at your premises.", + "title": "NetworkSource" } }, "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2": { + "AWS::MediaConnect::Bridge.EgressGatewayBridge": { "additionalProperties": false, "properties": { - "CryptoProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", - "type": "array" - }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", - "type": "string" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", + "MaxBitrate": { + "markdownDescription": "The maximum expected bitrate (in bps) of the egress bridge.", + "title": "MaxBitrate", "type": "number" } }, "required": [ - "KeySpec", - "MinimalKeyLength" + "MaxBitrate" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3": { + "AWS::MediaConnect::Bridge.FailoverConfig": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "Defines the algorithm used to generate the private key.", - "title": "Algorithm", + "FailoverMode": { + "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams.", + "title": "FailoverMode", "type": "string" }, - "CryptoProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", - "type": "array" + "SourcePriority": { + "$ref": "#/definitions/AWS::MediaConnect::Bridge.SourcePriority", + "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", + "title": "SourcePriority" }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", + "State": { + "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", + "title": "State", "type": "string" - }, - "KeyUsageProperty": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", - "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", - "title": "KeyUsageProperty" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", - "type": "number" } }, "required": [ - "Algorithm", - "KeySpec", - "KeyUsageProperty", - "MinimalKeyLength" + "FailoverMode" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4": { + "AWS::MediaConnect::Bridge.IngressGatewayBridge": { "additionalProperties": false, "properties": { - "Algorithm": { - "markdownDescription": "Defines the algorithm used to generate the private key.", - "title": "Algorithm", - "type": "string" - }, - "CryptoProviders": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines the cryptographic providers used to generate the private key.", - "title": "CryptoProviders", - "type": "array" - }, - "KeySpec": { - "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", - "title": "KeySpec", - "type": "string" - }, - "KeyUsageProperty": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", - "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", - "title": "KeyUsageProperty" - }, - "MinimalKeyLength": { - "markdownDescription": "Set the minimum key length of the private key.", - "title": "MinimalKeyLength", + "MaxBitrate": { + "markdownDescription": "The maximum expected bitrate (in bps) of the ingress bridge.", + "title": "MaxBitrate", "type": "number" - } - }, - "required": [ - "KeySpec", - "MinimalKeyLength" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2": { - "additionalProperties": false, - "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", - "type": "string" - }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" - }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Require user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", - "type": "boolean" - } - }, - "required": [ - "ClientVersion" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3": { - "additionalProperties": false, - "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", - "type": "string" - }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" - }, - "RequireAlternateSignatureAlgorithm": { - "markdownDescription": "Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", - "title": "RequireAlternateSignatureAlgorithm", - "type": "boolean" - }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Requirer user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", - "type": "boolean" - } - }, - "required": [ - "ClientVersion" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4": { - "additionalProperties": false, - "properties": { - "ClientVersion": { - "markdownDescription": "Defines the minimum client compatibility.", - "title": "ClientVersion", - "type": "string" - }, - "ExportableKey": { - "markdownDescription": "Allows the private key to be exported.", - "title": "ExportableKey", - "type": "boolean" - }, - "RequireAlternateSignatureAlgorithm": { - "markdownDescription": "Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", - "title": "RequireAlternateSignatureAlgorithm", - "type": "boolean" - }, - "RequireSameKeyRenewal": { - "markdownDescription": "Renew certificate using the same private key.", - "title": "RequireSameKeyRenewal", - "type": "boolean" - }, - "StrongKeyProtectionRequired": { - "markdownDescription": "Require user input when using the private key for enrollment.", - "title": "StrongKeyProtectionRequired", - "type": "boolean" - }, - "UseLegacyProvider": { - "markdownDescription": "Specifies the cryptographic service provider category used to generate private keys. Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.", - "title": "UseLegacyProvider", - "type": "boolean" - } - }, - "required": [ - "ClientVersion" - ], - "type": "object" - }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV2": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV3": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.SubjectNameFlagsV4": { - "additionalProperties": false, - "properties": { - "RequireCommonName": { - "markdownDescription": "Include the common name in the subject name.", - "title": "RequireCommonName", - "type": "boolean" - }, - "RequireDirectoryPath": { - "markdownDescription": "Include the directory path in the subject name.", - "title": "RequireDirectoryPath", - "type": "boolean" - }, - "RequireDnsAsCn": { - "markdownDescription": "Include the DNS as common name in the subject name.", - "title": "RequireDnsAsCn", - "type": "boolean" - }, - "RequireEmail": { - "markdownDescription": "Include the subject's email in the subject name.", - "title": "RequireEmail", - "type": "boolean" - }, - "SanRequireDirectoryGuid": { - "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", - "title": "SanRequireDirectoryGuid", - "type": "boolean" - }, - "SanRequireDns": { - "markdownDescription": "Include the DNS in the subject alternate name.", - "title": "SanRequireDns", - "type": "boolean" - }, - "SanRequireDomainDns": { - "markdownDescription": "Include the domain DNS in the subject alternate name.", - "title": "SanRequireDomainDns", - "type": "boolean" - }, - "SanRequireEmail": { - "markdownDescription": "Include the subject's email in the subject alternate name.", - "title": "SanRequireEmail", - "type": "boolean" - }, - "SanRequireSpn": { - "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", - "title": "SanRequireSpn", - "type": "boolean" - }, - "SanRequireUpn": { - "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", - "title": "SanRequireUpn", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.TemplateDefinition": { - "additionalProperties": false, - "properties": { - "TemplateV2": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV2", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV2" - }, - "TemplateV3": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV3", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV3" - }, - "TemplateV4": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV4", - "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", - "title": "TemplateV4" - } - }, - "type": "object" - }, - "AWS::PCAConnectorAD::Template.TemplateV2": { - "additionalProperties": false, - "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV2", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV2", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV2", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2", - "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, and cryptographic providers for the private key of a certificate for v2 templates. V2 templates allow you to use Legacy Cryptographic Service Providers.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2", - "markdownDescription": "Private key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV2", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" }, - "SupersededTemplates": { - "items": { - "type": "string" - }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", - "type": "array" + "MaxOutputs": { + "markdownDescription": "The maximum number of outputs on the ingress bridge.", + "title": "MaxOutputs", + "type": "number" } }, "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" + "MaxBitrate", + "MaxOutputs" ], "type": "object" }, - "AWS::PCAConnectorAD::Template.TemplateV3": { + "AWS::MediaConnect::Bridge.MulticastSourceSettings": { "additionalProperties": false, "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV3", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV3", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV3", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "HashAlgorithm": { - "markdownDescription": "Specifies the hash algorithm used to hash the private key.", - "title": "HashAlgorithm", + "MulticastSourceIp": { + "markdownDescription": "The IP address of the source for source-specific multicast (SSM).", + "title": "MulticastSourceIp", "type": "string" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3", - "markdownDescription": "Private key attributes allow you to specify the algorithm, minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v3 templates. V3 templates allow you to use Key Storage Providers.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3", - "markdownDescription": "Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV3", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" - }, - "SupersededTemplates": { - "items": { - "type": "string" - }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", - "type": "array" } }, - "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "HashAlgorithm", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.TemplateV4": { + "AWS::MediaConnect::Bridge.SourcePriority": { "additionalProperties": false, "properties": { - "CertificateValidity": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", - "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", - "title": "CertificateValidity" - }, - "EnrollmentFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV4", - "markdownDescription": "Enrollment flags describe the enrollment settings for certificates using the existing private key and deleting expired or revoked certificates.", - "title": "EnrollmentFlags" - }, - "Extensions": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV4", - "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", - "title": "Extensions" - }, - "GeneralFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV4", - "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", - "title": "GeneralFlags" - }, - "HashAlgorithm": { - "markdownDescription": "Specifies the hash algorithm used to hash the private key. Hash algorithm can only be specified when using Key Storage Providers.", - "title": "HashAlgorithm", + "PrimarySource": { + "markdownDescription": "The name of the source you choose as the primary source for this flow.", + "title": "PrimarySource", "type": "string" - }, - "PrivateKeyAttributes": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4", - "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v4 templates. V4 templates allow you to use either Key Storage Providers or Legacy Cryptographic Service Providers. You specify the cryptography provider category in private key flags.", - "title": "PrivateKeyAttributes" - }, - "PrivateKeyFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4", - "markdownDescription": "Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.", - "title": "PrivateKeyFlags" - }, - "SubjectNameFlags": { - "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV4", - "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", - "title": "SubjectNameFlags" - }, - "SupersededTemplates": { - "items": { - "type": "string" - }, - "markdownDescription": "List of templates in Active Directory that are superseded by this template.", - "title": "SupersededTemplates", - "type": "array" } }, - "required": [ - "CertificateValidity", - "EnrollmentFlags", - "Extensions", - "GeneralFlags", - "PrivateKeyAttributes", - "PrivateKeyFlags", - "SubjectNameFlags" - ], "type": "object" }, - "AWS::PCAConnectorAD::Template.ValidityPeriod": { + "AWS::MediaConnect::Bridge.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { - "Period": { - "markdownDescription": "The numeric value for the validity period.", - "title": "Period", - "type": "number" - }, - "PeriodType": { - "markdownDescription": "The unit of time. You can select hours, days, weeks, months, and years.", - "title": "PeriodType", + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", "type": "string" } }, - "required": [ - "Period", - "PeriodType" - ], "type": "object" }, - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry": { + "AWS::MediaConnect::BridgeOutput": { "additionalProperties": false, "properties": { "Condition": { @@ -176009,36 +183543,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRights": { - "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights", - "markdownDescription": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.", - "title": "AccessRights" - }, - "GroupDisplayName": { - "markdownDescription": "Name of the Active Directory group. This name does not need to match the group name in Active Directory.", - "title": "GroupDisplayName", + "BridgeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bridge that you want to update.", + "title": "BridgeArn", "type": "string" }, - "GroupSecurityIdentifier": { - "markdownDescription": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\".", - "title": "GroupSecurityIdentifier", + "Name": { + "markdownDescription": "The network output name. This name is used to reference the output and must be unique among outputs in this bridge.", + "title": "Name", "type": "string" }, - "TemplateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .", - "title": "TemplateArn", - "type": "string" + "NetworkOutput": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput", + "markdownDescription": "The network output of the bridge. A network output is delivered to your premises.", + "title": "NetworkOutput" } }, "required": [ - "AccessRights", - "GroupDisplayName" + "BridgeArn", + "Name", + "NetworkOutput" ], "type": "object" }, "Type": { "enum": [ - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" + "AWS::MediaConnect::BridgeOutput" ], "type": "string" }, @@ -176057,23 +183587,45 @@ ], "type": "object" }, - "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights": { + "AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput": { "additionalProperties": false, "properties": { - "AutoEnroll": { - "markdownDescription": "Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment", - "title": "AutoEnroll", + "IpAddress": { + "markdownDescription": "The network output IP address.", + "title": "IpAddress", "type": "string" }, - "Enroll": { - "markdownDescription": "Allow or deny an Active Directory group from enrolling certificates issued against a template.", - "title": "Enroll", + "NetworkName": { + "markdownDescription": "The network output's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network output's port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network output protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" + }, + "Ttl": { + "markdownDescription": "The network output TTL.", + "title": "Ttl", + "type": "number" } }, + "required": [ + "IpAddress", + "NetworkName", + "Port", + "Protocol", + "Ttl" + ], "type": "object" }, - "AWS::Panorama::ApplicationInstance": { + "AWS::MediaConnect::BridgeSource": { "additionalProperties": false, "properties": { "Condition": { @@ -176108,59 +183660,36 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationInstanceIdToReplace": { - "markdownDescription": "The ID of an application instance to replace with the new instance.", - "title": "ApplicationInstanceIdToReplace", - "type": "string" - }, - "DefaultRuntimeContextDevice": { - "markdownDescription": "The device's ID.", - "title": "DefaultRuntimeContextDevice", - "type": "string" - }, - "Description": { - "markdownDescription": "A description for the application instance.", - "title": "Description", + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", "type": "string" }, - "ManifestOverridesPayload": { - "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestOverridesPayload", - "markdownDescription": "Setting overrides for the application manifest.", - "title": "ManifestOverridesPayload" - }, - "ManifestPayload": { - "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestPayload", - "markdownDescription": "The application's manifest document.", - "title": "ManifestPayload" + "FlowSource": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeFlowSource", + "markdownDescription": "The source of the flow.", + "title": "FlowSource" }, "Name": { - "markdownDescription": "A name for the application instance.", + "markdownDescription": "The name of the flow source. This name is used to reference the source and must be unique among sources in this bridge.", "title": "Name", "type": "string" }, - "RuntimeRoleArn": { - "markdownDescription": "The ARN of a runtime role for the application instance.", - "title": "RuntimeRoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags for the application instance.", - "title": "Tags", - "type": "array" + "NetworkSource": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeNetworkSource", + "markdownDescription": "The source of the network.", + "title": "NetworkSource" } }, "required": [ - "DefaultRuntimeContextDevice", - "ManifestPayload" + "BridgeArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Panorama::ApplicationInstance" + "AWS::MediaConnect::BridgeSource" ], "type": "string" }, @@ -176179,29 +183708,85 @@ ], "type": "object" }, - "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { + "AWS::MediaConnect::BridgeSource.BridgeFlowSource": { "additionalProperties": false, "properties": { - "PayloadData": { - "markdownDescription": "The overrides document.", - "title": "PayloadData", + "FlowArn": { + "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", + "title": "FlowArn", "type": "string" + }, + "FlowVpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this source.", + "title": "FlowVpcInterfaceAttachment" } }, + "required": [ + "FlowArn" + ], "type": "object" }, - "AWS::Panorama::ApplicationInstance.ManifestPayload": { + "AWS::MediaConnect::BridgeSource.BridgeNetworkSource": { "additionalProperties": false, "properties": { - "PayloadData": { - "markdownDescription": "The application manifest.", - "title": "PayloadData", + "MulticastIp": { + "markdownDescription": "The network source multicast IP.", + "title": "MulticastIp", + "type": "string" + }, + "MulticastSourceSettings": { + "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.MulticastSourceSettings", + "markdownDescription": "The settings related to the multicast source.", + "title": "MulticastSourceSettings" + }, + "NetworkName": { + "markdownDescription": "The network source's gateway network name.", + "title": "NetworkName", + "type": "string" + }, + "Port": { + "markdownDescription": "The network source port.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The network source protocol.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", "type": "string" } }, + "required": [ + "MulticastIp", + "NetworkName", + "Port", + "Protocol" + ], "type": "object" }, - "AWS::Panorama::Package": { + "AWS::MediaConnect::BridgeSource.MulticastSourceSettings": { + "additionalProperties": false, + "properties": { + "MulticastSourceIp": { + "markdownDescription": "The IP address of the source for source-specific multicast (SSM).", + "title": "MulticastSourceIp", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow": { "additionalProperties": false, "properties": { "Condition": { @@ -176236,33 +183821,72 @@ "Properties": { "additionalProperties": false, "properties": { - "PackageName": { - "markdownDescription": "A name for the package.", - "title": "PackageName", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS Region.", + "title": "AvailabilityZone", "type": "string" }, - "StorageLocation": { - "$ref": "#/definitions/AWS::Panorama::Package.StorageLocation", - "markdownDescription": "A storage location.", - "title": "StorageLocation" + "FlowSize": { + "markdownDescription": "Determines the processing capacity and feature set of the flow. Set this optional parameter to LARGE if you want to enable NDI outputs on the flow.", + "title": "FlowSize", + "type": "string" }, - "Tags": { + "Maintenance": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Maintenance", + "markdownDescription": "The maintenance settings you want to use for the flow.", + "title": "Maintenance" + }, + "MediaStreams": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStream" }, - "markdownDescription": "Tags for the package.", - "title": "Tags", + "markdownDescription": "The media streams that are associated with the flow. After you associate a media stream with a source, you can also associate it with outputs on the flow.", + "title": "MediaStreams", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the flow.", + "title": "Name", + "type": "string" + }, + "NdiConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.NdiConfig", + "markdownDescription": "Specifies the configuration settings for NDI outputs. Required when the flow includes NDI outputs.", + "title": "NdiConfig" + }, + "Source": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Source", + "markdownDescription": "The settings for the source that you want to use for the new flow.", + "title": "Source" + }, + "SourceFailoverConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.FailoverConfig", + "markdownDescription": "The settings for source failover.", + "title": "SourceFailoverConfig" + }, + "SourceMonitoringConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SourceMonitoringConfig", + "markdownDescription": "The settings for source monitoring.", + "title": "SourceMonitoringConfig" + }, + "VpcInterfaces": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterface" + }, + "markdownDescription": "The VPC Interfaces for this flow.", + "title": "VpcInterfaces", "type": "array" } }, "required": [ - "PackageName" + "Name", + "Source" ], "type": "object" }, "Type": { "enum": [ - "AWS::Panorama::Package" + "AWS::MediaConnect::Flow" ], "type": "string" }, @@ -176281,378 +183905,644 @@ ], "type": "object" }, - "AWS::Panorama::Package.StorageLocation": { + "AWS::MediaConnect::Flow.AudioMonitoringSetting": { "additionalProperties": false, "properties": { - "BinaryPrefixLocation": { - "markdownDescription": "The location's binary prefix.", - "title": "BinaryPrefixLocation", + "SilentAudio": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SilentAudio", + "markdownDescription": "Detects periods of silence.", + "title": "SilentAudio" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.BlackFrames": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Indicates whether the `BlackFrames` metric is enabled or disabled..", + "title": "State", "type": "string" }, - "Bucket": { - "markdownDescription": "The location's bucket.", - "title": "Bucket", + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of black frames that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.Encryption": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", "type": "string" }, - "GeneratedPrefixLocation": { - "markdownDescription": "The location's generated prefix.", - "title": "GeneratedPrefixLocation", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", "type": "string" }, - "ManifestPrefixLocation": { - "markdownDescription": "The location's manifest prefix.", - "title": "ManifestPrefixLocation", + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", "type": "string" }, - "RepoPrefixLocation": { - "markdownDescription": "The location's repo prefix.", - "title": "RepoPrefixLocation", + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::Panorama::PackageVersion": { + "AWS::MediaConnect::Flow.FailoverConfig": { "additionalProperties": false, "properties": { - "Condition": { + "FailoverMode": { + "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. The string for this property must be entered as MERGE or FAILOVER. No other string entry is valid.", + "title": "FailoverMode", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RecoveryWindow": { + "markdownDescription": "Search window time to look for dash-7 packets.", + "title": "RecoveryWindow", + "type": "number" + }, + "SourcePriority": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.SourcePriority", + "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams.", + "title": "SourcePriority" + }, + "State": { + "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", + "title": "State", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.Fmtp": { + "additionalProperties": false, + "properties": { + "ChannelOrder": { + "markdownDescription": "The format of the audio channel.", + "title": "ChannelOrder", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Colorimetry": { + "markdownDescription": "The format used for the representation of color.", + "title": "Colorimetry", + "type": "string" }, - "Metadata": { - "type": "object" + "ExactFramerate": { + "markdownDescription": "The frame rate for the video stream, in frames/second. For example: 60000/1001.", + "title": "ExactFramerate", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MarkLatest": { - "markdownDescription": "Whether to mark the new version as the latest version.", - "title": "MarkLatest", - "type": "boolean" - }, - "OwnerAccount": { - "markdownDescription": "An owner account.", - "title": "OwnerAccount", - "type": "string" - }, - "PackageId": { - "markdownDescription": "A package ID.", - "title": "PackageId", - "type": "string" - }, - "PackageVersion": { - "markdownDescription": "A package version.", - "title": "PackageVersion", - "type": "string" - }, - "PatchVersion": { - "markdownDescription": "A patch version.", - "title": "PatchVersion", - "type": "string" - }, - "UpdatedLatestPatchVersion": { - "markdownDescription": "If the version was marked latest, the new version to maker as latest.", - "title": "UpdatedLatestPatchVersion", - "type": "string" - } - }, - "required": [ - "PackageId", - "PackageVersion", - "PatchVersion" - ], - "type": "object" + "Par": { + "markdownDescription": "The pixel aspect ratio (PAR) of the video.", + "title": "Par", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Panorama::PackageVersion" - ], + "Range": { + "markdownDescription": "The encoding range of the video.", + "title": "Range", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ScanMode": { + "markdownDescription": "The type of compression that was used to smooth the video\u2019s appearance.", + "title": "ScanMode", + "type": "string" + }, + "Tcs": { + "markdownDescription": "The transfer characteristic system (TCS) that is used in the video.", + "title": "Tcs", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.FrozenFrames": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "Indicates whether the `FrozenFrames` metric is enabled or disabled.", + "title": "State", + "type": "string" + }, + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of a static image that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.GatewayBridgeSource": { + "additionalProperties": false, + "properties": { + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", "type": "string" + }, + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", + "title": "VpcInterfaceAttachment" } }, "required": [ - "Type", - "Properties" + "BridgeArn" ], "type": "object" }, - "AWS::PaymentCryptography::Alias": { + "AWS::MediaConnect::Flow.InputConfiguration": { "additionalProperties": false, "properties": { - "Condition": { + "InputPort": { + "markdownDescription": "The port that the flow listens on for an incoming media stream.", + "title": "InputPort", + "type": "number" + }, + "Interface": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Interface", + "markdownDescription": "The VPC interface where the media stream comes in from.", + "title": "Interface" + } + }, + "required": [ + "InputPort", + "Interface" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.Interface": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the VPC interface.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.Maintenance": { + "additionalProperties": false, + "properties": { + "MaintenanceDay": { + "markdownDescription": "A day of a week when the maintenance will happen. Use Monday/Tuesday/Wednesday/Thursday/Friday/Saturday/Sunday.", + "title": "MaintenanceDay", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MaintenanceStartHour": { + "markdownDescription": "UTC time when the maintenance will happen. Use 24-hour HH:MM format. Minutes must be 00. Example: 13:00. The default value is 02:00.", + "title": "MaintenanceStartHour", "type": "string" + } + }, + "required": [ + "MaintenanceDay", + "MaintenanceStartHour" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.MediaStream": { + "additionalProperties": false, + "properties": { + "Attributes": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStreamAttributes", + "markdownDescription": "Attributes that are related to the media stream.", + "title": "Attributes" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ClockRate": { + "markdownDescription": "The sample rate for the stream. This value is measured in Hz.", + "title": "ClockRate", + "type": "number" }, - "Metadata": { - "type": "object" + "Description": { + "markdownDescription": "A description that can help you quickly identify what your media stream is used for.", + "title": "Description", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AliasName": { - "markdownDescription": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n> Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output.", - "title": "AliasName", - "type": "string" - }, - "KeyArn": { - "markdownDescription": "The `KeyARN` of the key associated with the alias.", - "title": "KeyArn", - "type": "string" - } - }, - "required": [ - "AliasName" - ], - "type": "object" + "Fmt": { + "markdownDescription": "The format type number (sometimes referred to as RTP payload type) of the media stream. MediaConnect assigns this value to the media stream. For ST 2110 JPEG XS outputs, you need to provide this value to the receiver.", + "title": "Fmt", + "type": "number" }, - "Type": { - "enum": [ - "AWS::PaymentCryptography::Alias" - ], + "MediaStreamId": { + "markdownDescription": "A unique identifier for the media stream.", + "title": "MediaStreamId", + "type": "number" + }, + "MediaStreamName": { + "markdownDescription": "A name that helps you distinguish one media stream from another.", + "title": "MediaStreamName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MediaStreamType": { + "markdownDescription": "The type of media stream.", + "title": "MediaStreamType", + "type": "string" + }, + "VideoFormat": { + "markdownDescription": "The resolution of the video.", + "title": "VideoFormat", "type": "string" } }, "required": [ - "Type", - "Properties" + "MediaStreamId", + "MediaStreamName", + "MediaStreamType" ], "type": "object" }, - "AWS::PaymentCryptography::Key": { + "AWS::MediaConnect::Flow.MediaStreamAttributes": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Fmtp": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Fmtp", + "markdownDescription": "The settings that you want to use to define the media stream.", + "title": "Fmtp" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Lang": { + "markdownDescription": "The audio language, in a format that is recognized by the receiver.", + "title": "Lang", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.MediaStreamSourceConfiguration": { + "additionalProperties": false, + "properties": { + "EncodingName": { + "markdownDescription": "The format that was used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video, 2110 streams, set the encoding name to raw. For video, JPEG XS streams, set the encoding name to jxsv.", + "title": "EncodingName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.InputConfiguration" + }, + "markdownDescription": "The media streams that you want to associate with the source.", + "title": "InputConfigurations", + "type": "array" }, - "Metadata": { - "type": "object" + "MediaStreamName": { + "markdownDescription": "A name that helps you distinguish one media stream from another.", + "title": "MediaStreamName", + "type": "string" + } + }, + "required": [ + "EncodingName", + "MediaStreamName" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.NdiConfig": { + "additionalProperties": false, + "properties": { + "MachineName": { + "markdownDescription": "A prefix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect generates a unique 12-character ID as the prefix.", + "title": "MachineName", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Specifies whether the key is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Exportable": { - "markdownDescription": "Specifies whether the key is exportable. This data is immutable after the key is created.", - "title": "Exportable", - "type": "boolean" - }, - "KeyAttributes": { - "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyAttributes", - "markdownDescription": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.", - "title": "KeyAttributes" - }, - "KeyCheckValueAlgorithm": { - "markdownDescription": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.", - "title": "KeyCheckValueAlgorithm", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } + "NdiDiscoveryServers": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.NdiDiscoveryServerConfig" }, - "required": [ - "Exportable", - "KeyAttributes" - ], - "type": "object" + "markdownDescription": "A list of up to three NDI discovery server configurations. While not required by the API, this configuration is necessary for NDI functionality to work properly.", + "title": "NdiDiscoveryServers", + "type": "array" }, - "Type": { - "enum": [ - "AWS::PaymentCryptography::Key" - ], + "NdiState": { + "markdownDescription": "A setting that controls whether NDI outputs can be used in the flow. Must be ENABLED to add NDI outputs. Default is DISABLED.", + "title": "NdiState", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.NdiDiscoveryServerConfig": { + "additionalProperties": false, + "properties": { + "DiscoveryServerAddress": { + "markdownDescription": "The unique network address of the NDI discovery server.", + "title": "DiscoveryServerAddress", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "DiscoveryServerPort": { + "markdownDescription": "The port for the NDI discovery server. Defaults to 5959 if a custom port isn't specified.", + "title": "DiscoveryServerPort", + "type": "number" + }, + "VpcInterfaceAdapter": { + "markdownDescription": "The identifier for the Virtual Private Cloud (VPC) network interface used by the flow.", + "title": "VpcInterfaceAdapter", "type": "string" } }, "required": [ - "Type", - "Properties" + "DiscoveryServerAddress", + "VpcInterfaceAdapter" ], "type": "object" }, - "AWS::PaymentCryptography::Key.KeyAttributes": { + "AWS::MediaConnect::Flow.SilentAudio": { "additionalProperties": false, "properties": { - "KeyAlgorithm": { - "markdownDescription": "The key algorithm to be use during creation of an AWS Payment Cryptography key.\n\nFor symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms.", - "title": "KeyAlgorithm", + "State": { + "markdownDescription": "Indicates whether the `SilentAudio` metric is enabled or disabled.", + "title": "State", "type": "string" }, - "KeyClass": { - "markdownDescription": "The type of AWS Payment Cryptography key to create, which determines the classi\ufb01cation of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.", - "title": "KeyClass", + "ThresholdSeconds": { + "markdownDescription": "Specifies the number of consecutive seconds of silence that triggers an event or alert.", + "title": "ThresholdSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.Source": { + "additionalProperties": false, + "properties": { + "Decryption": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.Encryption", + "markdownDescription": "The type of encryption that is used on the content ingested from this source.", + "title": "Decryption" + }, + "Description": { + "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", + "title": "Description", "type": "string" }, - "KeyModesOfUse": { - "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyModesOfUse", - "markdownDescription": "The list of cryptographic operations that you can perform using the key.", - "title": "KeyModesOfUse" + "EntitlementArn": { + "markdownDescription": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow.", + "title": "EntitlementArn", + "type": "string" }, - "KeyUsage": { - "markdownDescription": "The cryptographic usage of an AWS Payment Cryptography key as de\ufb01ned in section A.5.2 of the TR-31 spec.", - "title": "KeyUsage", + "GatewayBridgeSource": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.GatewayBridgeSource", + "markdownDescription": "The source configuration for cloud flows receiving a stream from a bridge.", + "title": "GatewayBridgeSource" + }, + "IngestIp": { + "markdownDescription": "The IP address that the flow will be listening on for incoming content.", + "title": "IngestIp", + "type": "string" + }, + "IngestPort": { + "markdownDescription": "The port that the flow will be listening on for incoming content.", + "title": "IngestPort", + "type": "number" + }, + "MaxBitrate": { + "markdownDescription": "The maximum bitrate for RIST, RTP, and RTP-FEC streams.", + "title": "MaxBitrate", + "type": "number" + }, + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds for a RIST or Zixi-based source.", + "title": "MaxLatency", + "type": "number" + }, + "MaxSyncBuffer": { + "markdownDescription": "The size of the buffer (in milliseconds) to use to sync incoming source data.", + "title": "MaxSyncBuffer", + "type": "number" + }, + "MediaStreamSourceConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.MediaStreamSourceConfiguration" + }, + "markdownDescription": "The media streams that are associated with the source, and the parameters for those associations.", + "title": "MediaStreamSourceConfigurations", + "type": "array" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the source.", + "title": "Name", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" + }, + "SenderControlPort": { + "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", + "title": "SenderControlPort", + "type": "number" + }, + "SenderIpAddress": { + "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", + "title": "SenderIpAddress", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN of the source.", + "title": "SourceArn", + "type": "string" + }, + "SourceIngestPort": { + "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", + "title": "SourceIngestPort", + "type": "string" + }, + "SourceListenerAddress": { + "markdownDescription": "Source IP or domain name for SRT-caller protocol.", + "title": "SourceListenerAddress", + "type": "string" + }, + "SourceListenerPort": { + "markdownDescription": "Source port for SRT-caller protocol.", + "title": "SourceListenerPort", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for the transport. This parameter applies only to Zixi-based streams.", + "title": "StreamId", + "type": "string" + }, + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface that is used for this source.", + "title": "VpcInterfaceName", + "type": "string" + }, + "WhitelistCidr": { + "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "WhitelistCidr", "type": "string" } }, - "required": [ - "KeyAlgorithm", - "KeyClass", - "KeyModesOfUse", - "KeyUsage" - ], "type": "object" }, - "AWS::PaymentCryptography::Key.KeyModesOfUse": { + "AWS::MediaConnect::Flow.SourceMonitoringConfig": { "additionalProperties": false, "properties": { - "Decrypt": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to decrypt data.", - "title": "Decrypt", - "type": "boolean" + "AudioMonitoringSettings": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.AudioMonitoringSetting" + }, + "markdownDescription": "Contains the settings for audio stream metrics monitoring.", + "title": "AudioMonitoringSettings", + "type": "array" }, - "DeriveKey": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to derive new keys.", - "title": "DeriveKey", - "type": "boolean" + "ContentQualityAnalysisState": { + "markdownDescription": "Indicates whether content quality analysis is enabled or disabled.", + "title": "ContentQualityAnalysisState", + "type": "string" }, - "Encrypt": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to encrypt data.", - "title": "Encrypt", - "type": "boolean" + "ThumbnailState": { + "markdownDescription": "The current state of the thumbnail monitoring.\n\n- If you don't explicitly specify a value when creating a flow, no thumbnail state will be set.\n- If you update an existing flow and remove a previously set thumbnail state, the value will change to `DISABLED` .", + "title": "ThumbnailState", + "type": "string" }, - "Generate": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.", - "title": "Generate", - "type": "boolean" + "VideoMonitoringSettings": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.VideoMonitoringSetting" + }, + "markdownDescription": "Contains the settings for video stream metrics monitoring.", + "title": "VideoMonitoringSettings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.SourcePriority": { + "additionalProperties": false, + "properties": { + "PrimarySource": { + "markdownDescription": "The name of the source you choose as the primary source for this flow.", + "title": "PrimarySource", + "type": "string" + } + }, + "required": [ + "PrimarySource" + ], + "type": "object" + }, + "AWS::MediaConnect::Flow.VideoMonitoringSetting": { + "additionalProperties": false, + "properties": { + "BlackFrames": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.BlackFrames", + "markdownDescription": "Detects video frames that are black.", + "title": "BlackFrames" }, - "NoRestrictions": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` .", - "title": "NoRestrictions", - "type": "boolean" + "FrozenFrames": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.FrozenFrames", + "markdownDescription": "Detects video frames that have not changed.", + "title": "FrozenFrames" + } + }, + "type": "object" + }, + "AWS::MediaConnect::Flow.VpcInterface": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Immutable and has to be a unique against other VpcInterfaces in this Flow.", + "title": "Name", + "type": "string" }, - "Sign": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used for signing.", - "title": "Sign", - "type": "boolean" + "NetworkInterfaceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "IDs of the network interfaces created in customer's account by MediaConnect .", + "title": "NetworkInterfaceIds", + "type": "array" }, - "Unwrap": { - "markdownDescription": "", - "title": "Unwrap", - "type": "boolean" + "NetworkInterfaceType": { + "markdownDescription": "The type of network interface.", + "title": "NetworkInterfaceType", + "type": "string" }, - "Verify": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to verify signatures.", - "title": "Verify", - "type": "boolean" + "RoleArn": { + "markdownDescription": "A role Arn MediaConnect can assume to create ENIs in your account.", + "title": "RoleArn", + "type": "string" }, - "Wrap": { - "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to wrap other keys.", - "title": "Wrap", - "type": "boolean" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Security Group IDs to be used on ENI.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "Subnet must be in the AZ of the Flow.", + "title": "SubnetId", + "type": "string" } }, + "required": [ + "Name", + "RoleArn", + "SecurityGroupIds", + "SubnetId" + ], "type": "object" }, - "AWS::Personalize::Dataset": { + "AWS::MediaConnect::Flow.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::FlowEntitlement": { "additionalProperties": false, "properties": { "Condition": { @@ -176687,43 +184577,56 @@ "Properties": { "additionalProperties": false, "properties": { - "DatasetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group.", - "title": "DatasetGroupArn", + "DataTransferSubscriberFeePercent": { + "markdownDescription": "The percentage of the entitlement data transfer fee that you want the subscriber to be responsible for.", + "title": "DataTransferSubscriberFeePercent", + "type": "number" + }, + "Description": { + "markdownDescription": "A description of the entitlement. This description appears only on the MediaConnect console and is not visible outside of the current AWS account.", + "title": "Description", "type": "string" }, - "DatasetImportJob": { - "$ref": "#/definitions/AWS::Personalize::Dataset.DatasetImportJob", - "markdownDescription": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required.", - "title": "DatasetImportJob" + "Encryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowEntitlement.Encryption", + "markdownDescription": "Information about the encryption of the flow.", + "title": "Encryption" }, - "DatasetType": { - "markdownDescription": "One of the following values:\n\n- Interactions\n- Items\n- Users\n\n> You can't use CloudFormation to create an Action Interactions or Actions dataset.", - "title": "DatasetType", + "EntitlementStatus": { + "markdownDescription": "An indication of whether the new entitlement should be enabled or disabled as soon as it is created. If you don\u2019t specify the entitlementStatus field in your request, MediaConnect sets it to ENABLED.", + "title": "EntitlementStatus", + "type": "string" + }, + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "FlowArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the dataset.", + "markdownDescription": "The name of the entitlement. This value must be unique within the current flow.", "title": "Name", "type": "string" }, - "SchemaArn": { - "markdownDescription": "The ARN of the associated schema.", - "title": "SchemaArn", - "type": "string" + "Subscribers": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", + "title": "Subscribers", + "type": "array" } }, "required": [ - "DatasetGroupArn", - "DatasetType", + "Description", + "FlowArn", "Name", - "SchemaArn" + "Subscribers" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::Dataset" + "AWS::MediaConnect::FlowEntitlement" ], "type": "string" }, @@ -176742,49 +184645,62 @@ ], "type": "object" }, - "AWS::Personalize::Dataset.DataSource": { + "AWS::MediaConnect::FlowEntitlement.Encryption": { "additionalProperties": false, "properties": { - "DataLocation": { - "markdownDescription": "For dataset import jobs, the path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. For data deletion jobs, the path to the Amazon S3 bucket that stores the list of records to delete.\n\nFor example:\n\n`s3://bucket-name/folder-name/fileName.csv`\n\nIf your CSV files are in a folder in your Amazon S3 bucket and you want your import job or data deletion job to consider multiple files, you can specify the path to the folder. With a data deletion job, Amazon Personalize uses all files in the folder and any sub folder. Use the following syntax with a `/` after the folder name:\n\n`s3://bucket-name/folder-name/`", - "title": "DataLocation", + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", "type": "string" - } - }, - "type": "object" - }, - "AWS::Personalize::Dataset.DatasetImportJob": { - "additionalProperties": false, - "properties": { - "DataSource": { - "$ref": "#/definitions/AWS::Personalize::Dataset.DataSource", - "markdownDescription": "The Amazon S3 bucket that contains the training data to import.", - "title": "DataSource" }, - "DatasetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that receives the imported data.", - "title": "DatasetArn", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", "type": "string" }, - "DatasetImportJobArn": { - "markdownDescription": "The ARN of the dataset import job.", - "title": "DatasetImportJobArn", + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", "type": "string" }, - "JobName": { - "markdownDescription": "The name of the import job.", - "title": "JobName", + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" + }, + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", "type": "string" }, "RoleArn": { - "markdownDescription": "The ARN of the IAM role that has permissions to read from the Amazon S3 data source.", + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", + "type": "string" } }, + "required": [ + "Algorithm", + "RoleArn" + ], "type": "object" }, - "AWS::Personalize::DatasetGroup": { + "AWS::MediaConnect::FlowOutput": { "additionalProperties": false, "properties": { "Condition": { @@ -176819,35 +184735,112 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of a Domain dataset group.", - "title": "Domain", + "CidrAllowList": { + "items": { + "type": "string" + }, + "markdownDescription": "The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "CidrAllowList", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the output. This description appears only on the MediaConnect console and will not be seen by the end user.", + "title": "Description", "type": "string" }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key used to encrypt the datasets.", - "title": "KmsKeyArn", + "Destination": { + "markdownDescription": "The IP address where you want to send the output.", + "title": "Destination", "type": "string" }, + "Encryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Encryption", + "markdownDescription": "The type of key used for the encryption. If no `keyType` is provided, the service will use the default setting (static-key). Allowable encryption types: static-key.", + "title": "Encryption" + }, + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow this output is attached to.", + "title": "FlowArn", + "type": "string" + }, + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", + "title": "MaxLatency", + "type": "number" + }, + "MediaStreamOutputConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.MediaStreamOutputConfiguration" + }, + "markdownDescription": "The media streams that are associated with the output, and the parameters for those associations.", + "title": "MediaStreamOutputConfigurations", + "type": "array" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" + }, "Name": { - "markdownDescription": "The name of the dataset group.", + "markdownDescription": "The name of the bridge's output.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key.", - "title": "RoleArn", + "NdiProgramName": { + "markdownDescription": "A suffix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect uses the output name.", + "title": "NdiProgramName", + "type": "string" + }, + "NdiSpeedHqQuality": { + "markdownDescription": "A quality setting for the NDI Speed HQ encoder.", + "title": "NdiSpeedHqQuality", + "type": "number" + }, + "OutputStatus": { + "markdownDescription": "", + "title": "OutputStatus", + "type": "string" + }, + "Port": { + "markdownDescription": "The port to use when content is distributed to this output.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol to use for the output.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", + "title": "Protocol", + "type": "string" + }, + "RemoteId": { + "markdownDescription": "The remote ID for the Zixi-pull stream.", + "title": "RemoteId", + "type": "string" + }, + "SmoothingLatency": { + "markdownDescription": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams.", + "title": "SmoothingLatency", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", + "title": "StreamId", "type": "string" + }, + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this output.", + "title": "VpcInterfaceAttachment" } }, "required": [ - "Name" + "FlowArn", + "Protocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::DatasetGroup" + "AWS::MediaConnect::FlowOutput" ], "type": "string" }, @@ -176866,7 +184859,140 @@ ], "type": "object" }, - "AWS::Personalize::Schema": { + "AWS::MediaConnect::FlowOutput.DestinationConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationIp": { + "markdownDescription": "The IP address where you want MediaConnect to send contents of the media stream.", + "title": "DestinationIp", + "type": "string" + }, + "DestinationPort": { + "markdownDescription": "The port that you want MediaConnect to use when it distributes the media stream to the output.", + "title": "DestinationPort", + "type": "number" + }, + "Interface": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Interface", + "markdownDescription": "The VPC interface that you want to use for the media stream associated with the output.", + "title": "Interface" + } + }, + "required": [ + "DestinationIp", + "DestinationPort", + "Interface" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput.EncodingParameters": { + "additionalProperties": false, + "properties": { + "CompressionFactor": { + "markdownDescription": "A value that is used to calculate compression for an output. The bitrate of the output is calculated as follows: Output bitrate = (1 / compressionFactor) * (source bitrate) This property only applies to outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol. Valid values are floating point numbers in the range of 3.0 to 10.0, inclusive.", + "title": "CompressionFactor", + "type": "number" + }, + "EncoderProfile": { + "markdownDescription": "A setting on the encoder that drives compression settings. This property only applies to video media streams associated with outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol.", + "title": "EncoderProfile", + "type": "string" + } + }, + "required": [ + "CompressionFactor" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput.Encryption": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", + "type": "string" + }, + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", + "type": "string" + } + }, + "required": [ + "RoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput.Interface": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the VPC interface.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput.MediaStreamOutputConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.DestinationConfiguration" + }, + "markdownDescription": "The transport parameters that are associated with each outbound media stream.", + "title": "DestinationConfigurations", + "type": "array" + }, + "EncodingName": { + "markdownDescription": "The format that was used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video, 2110 streams, set the encoding name to raw. For video, JPEG XS streams, set the encoding name to jxsv.", + "title": "EncodingName", + "type": "string" + }, + "EncodingParameters": { + "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.EncodingParameters", + "markdownDescription": "A collection of parameters that determine how MediaConnect will convert the content. These fields only apply to outputs on flows that have a CDI source.", + "title": "EncodingParameters" + }, + "MediaStreamName": { + "markdownDescription": "The name of the media stream.", + "title": "MediaStreamName", + "type": "string" + } + }, + "required": [ + "EncodingName", + "MediaStreamName" + ], + "type": "object" + }, + "AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaConnect::FlowSource": { "additionalProperties": false, "properties": { "Condition": { @@ -176901,129 +185027,106 @@ "Properties": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of a schema that you created for a dataset in a Domain dataset group.", - "title": "Domain", - "type": "string" + "Decryption": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.Encryption", + "markdownDescription": "The type of encryption that is used on the content ingested from this source. Allowable encryption types: static-key.", + "title": "Decryption" }, - "Name": { - "markdownDescription": "The name of the schema.", - "title": "Name", + "Description": { + "markdownDescription": "A description for the source. This value is not used or seen outside of the current MediaConnect account.", + "title": "Description", "type": "string" }, - "Schema": { - "markdownDescription": "The schema.", - "title": "Schema", - "type": "string" - } - }, - "required": [ - "Name", - "Schema" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Personalize::Schema" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Personalize::Solution": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "EntitlementArn": { + "markdownDescription": "The ARN of the entitlement that allows you to subscribe to this flow. The entitlement is set by the flow originator, and the ARN is generated as part of the originator's flow.", + "title": "EntitlementArn", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatasetGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group that provides the training data.", - "title": "DatasetGroupArn", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", + "title": "FlowArn", "type": "string" }, - "EventType": { - "markdownDescription": "The event type (for example, 'click' or 'like') that is used for training the model. If no `eventType` is provided, Amazon Personalize uses all interactions for training with equal weight regardless of type.", - "title": "EventType", - "type": "string" + "GatewayBridgeSource": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.GatewayBridgeSource", + "markdownDescription": "The bridge's source.", + "title": "GatewayBridgeSource" + }, + "IngestPort": { + "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", + "title": "IngestPort", + "type": "number" + }, + "MaxBitrate": { + "markdownDescription": "The smoothing max bitrate (in bps) for RIST, RTP, and RTP-FEC streams.", + "title": "MaxBitrate", + "type": "number" + }, + "MaxLatency": { + "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams.", + "title": "MaxLatency", + "type": "number" + }, + "MinLatency": { + "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", + "title": "MinLatency", + "type": "number" }, "Name": { - "markdownDescription": "The name of the solution.", + "markdownDescription": "The name of the source.", "title": "Name", "type": "string" }, - "PerformAutoML": { - "markdownDescription": "> We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see [Determining your use case.](https://docs.aws.amazon.com/personalize/latest/dg/determining-use-case.html) \n\nWhen true, Amazon Personalize performs a search for the best USER_PERSONALIZATION recipe from the list specified in the solution configuration ( `recipeArn` must not be specified). When false (the default), Amazon Personalize uses `recipeArn` for training.", - "title": "PerformAutoML", - "type": "boolean" + "Protocol": { + "markdownDescription": "The protocol that the source uses to deliver the content to MediaConnect. Adding additional sources to an existing flow requires Failover to be enabled. When you enable Failover, the additional source must use the same protocol as the existing source. Only the following protocols support failover: Zixi-push, RTP-FEC, RTP, RIST and SRT protocols.\n\nIf you use failover with SRT caller or listener, the `FailoverMode` property must be set to `FAILOVER` . The `FailoverMode` property\u00a0is found in\u00a0the `FailoverConfig` resource\u00a0of the same flow ARN you used for the source's `FlowArn` property. SRT caller/listener does not support\u00a0merge\u00a0mode failover.", + "title": "Protocol", + "type": "string" }, - "PerformHPO": { - "markdownDescription": "Whether to perform hyperparameter optimization (HPO) on the chosen recipe. The default is `false` .", - "title": "PerformHPO", - "type": "boolean" + "SenderControlPort": { + "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", + "title": "SenderControlPort", + "type": "number" }, - "RecipeArn": { - "markdownDescription": "The ARN of the recipe used to create the solution. This is required when `performAutoML` is false.", - "title": "RecipeArn", + "SenderIpAddress": { + "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", + "title": "SenderIpAddress", "type": "string" }, - "SolutionConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.SolutionConfig", - "markdownDescription": "Describes the configuration properties for the solution.", - "title": "SolutionConfig" + "SourceListenerAddress": { + "markdownDescription": "Source IP or domain name for SRT-caller protocol.", + "title": "SourceListenerAddress", + "type": "string" + }, + "SourceListenerPort": { + "markdownDescription": "Source port for SRT-caller protocol.", + "title": "SourceListenerPort", + "type": "number" + }, + "StreamId": { + "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", + "title": "StreamId", + "type": "string" + }, + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this source.", + "title": "VpcInterfaceName", + "type": "string" + }, + "WhitelistCidr": { + "markdownDescription": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "WhitelistCidr", + "type": "string" } }, "required": [ - "DatasetGroupArn", + "Description", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Personalize::Solution" + "AWS::MediaConnect::FlowSource" ], "type": "string" }, @@ -177042,218 +185145,91 @@ ], "type": "object" }, - "AWS::Personalize::Solution.AlgorithmHyperParameterRanges": { - "additionalProperties": false, - "properties": { - "CategoricalHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.CategoricalHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of a categorical hyperparameter.", - "title": "CategoricalHyperParameterRanges", - "type": "array" - }, - "ContinuousHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.ContinuousHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of a continuous hyperparameter.", - "title": "ContinuousHyperParameterRanges", - "type": "array" - }, - "IntegerHyperParameterRanges": { - "items": { - "$ref": "#/definitions/AWS::Personalize::Solution.IntegerHyperParameterRange" - }, - "markdownDescription": "Provides the name and range of an integer-valued hyperparameter.", - "title": "IntegerHyperParameterRanges", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.AutoMLConfig": { + "AWS::MediaConnect::FlowSource.Encryption": { "additionalProperties": false, "properties": { - "MetricName": { - "markdownDescription": "The metric to optimize.", - "title": "MetricName", + "Algorithm": { + "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", + "title": "Algorithm", "type": "string" }, - "RecipeList": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of candidate recipes.", - "title": "RecipeList", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.CategoricalHyperParameterRange": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", + "title": "ConstantInitializationVector", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the categories for the hyperparameter.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.ContinuousHyperParameterRange": { - "additionalProperties": false, - "properties": { - "MaxValue": { - "markdownDescription": "The maximum allowable value for the hyperparameter.", - "title": "MaxValue", - "type": "number" - }, - "MinValue": { - "markdownDescription": "The minimum allowable value for the hyperparameter.", - "title": "MinValue", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", + "DeviceId": { + "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "DeviceId", "type": "string" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.HpoConfig": { - "additionalProperties": false, - "properties": { - "AlgorithmHyperParameterRanges": { - "$ref": "#/definitions/AWS::Personalize::Solution.AlgorithmHyperParameterRanges", - "markdownDescription": "The hyperparameters and their allowable ranges.", - "title": "AlgorithmHyperParameterRanges" }, - "HpoObjective": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoObjective", - "markdownDescription": "The metric to optimize during HPO.\n\n> Amazon Personalize doesn't support configuring the `hpoObjective` at this time.", - "title": "HpoObjective" + "KeyType": { + "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", + "title": "KeyType", + "type": "string" }, - "HpoResourceConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoResourceConfig", - "markdownDescription": "Describes the resource configuration for HPO.", - "title": "HpoResourceConfig" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.HpoObjective": { - "additionalProperties": false, - "properties": { - "MetricName": { - "markdownDescription": "The name of the metric.", - "title": "MetricName", + "Region": { + "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Region", "type": "string" }, - "MetricRegex": { - "markdownDescription": "A regular expression for finding the metric in the training job logs.", - "title": "MetricRegex", + "ResourceId": { + "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "ResourceId", "type": "string" }, - "Type": { - "markdownDescription": "The type of the metric. Valid values are `Maximize` and `Minimize` .", - "title": "Type", + "RoleArn": { + "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", + "title": "RoleArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::Personalize::Solution.HpoResourceConfig": { - "additionalProperties": false, - "properties": { - "MaxNumberOfTrainingJobs": { - "markdownDescription": "The maximum number of training jobs when you create a solution version. The maximum value for `maxNumberOfTrainingJobs` is `40` .", - "title": "MaxNumberOfTrainingJobs", + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", + "title": "SecretArn", "type": "string" }, - "MaxParallelTrainingJobs": { - "markdownDescription": "The maximum number of parallel training jobs when you create a solution version. The maximum value for `maxParallelTrainingJobs` is `10` .", - "title": "MaxParallelTrainingJobs", + "Url": { + "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", + "title": "Url", "type": "string" } }, + "required": [ + "RoleArn" + ], "type": "object" }, - "AWS::Personalize::Solution.IntegerHyperParameterRange": { + "AWS::MediaConnect::FlowSource.GatewayBridgeSource": { "additionalProperties": false, "properties": { - "MaxValue": { - "markdownDescription": "The maximum allowable value for the hyperparameter.", - "title": "MaxValue", - "type": "number" - }, - "MinValue": { - "markdownDescription": "The minimum allowable value for the hyperparameter.", - "title": "MinValue", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of the hyperparameter.", - "title": "Name", + "BridgeArn": { + "markdownDescription": "The ARN of the bridge feeding this flow.", + "title": "BridgeArn", "type": "string" + }, + "VpcInterfaceAttachment": { + "$ref": "#/definitions/AWS::MediaConnect::FlowSource.VpcInterfaceAttachment", + "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", + "title": "VpcInterfaceAttachment" } }, + "required": [ + "BridgeArn" + ], "type": "object" }, - "AWS::Personalize::Solution.SolutionConfig": { + "AWS::MediaConnect::FlowSource.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { - "AlgorithmHyperParameters": { - "additionalProperties": true, - "markdownDescription": "Lists the algorithm hyperparameters and their values.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AlgorithmHyperParameters", - "type": "object" - }, - "AutoMLConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.AutoMLConfig", - "markdownDescription": "The [AutoMLConfig](https://docs.aws.amazon.com/personalize/latest/dg/API_AutoMLConfig.html) object containing a list of recipes to search when AutoML is performed.", - "title": "AutoMLConfig" - }, - "EventValueThreshold": { - "markdownDescription": "Only events with a value greater than or equal to this threshold are used for training a model.", - "title": "EventValueThreshold", + "VpcInterfaceName": { + "markdownDescription": "The name of the VPC interface to use for this resource.", + "title": "VpcInterfaceName", "type": "string" - }, - "FeatureTransformationParameters": { - "additionalProperties": true, - "markdownDescription": "Lists the feature transformation parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "FeatureTransformationParameters", - "type": "object" - }, - "HpoConfig": { - "$ref": "#/definitions/AWS::Personalize::Solution.HpoConfig", - "markdownDescription": "Describes the properties for hyperparameter optimization (HPO).", - "title": "HpoConfig" } }, "type": "object" }, - "AWS::Pinpoint::ADMChannel": { + "AWS::MediaConnect::FlowVpcInterface": { "additionalProperties": false, "properties": { "Condition": { @@ -177288,37 +185264,47 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the ADM channel applies to.", - "title": "ApplicationId", + "FlowArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", + "title": "FlowArn", "type": "string" }, - "ClientId": { - "markdownDescription": "The Client ID that you received from Amazon to send messages by using ADM.", - "title": "ClientId", + "Name": { + "markdownDescription": "The name for the VPC interface. This name must be unique within the flow.", + "title": "Name", "type": "string" }, - "ClientSecret": { - "markdownDescription": "The Client Secret that you received from Amazon to send messages by using ADM.", - "title": "ClientSecret", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created when you set up MediaConnect as a trusted service.", + "title": "RoleArn", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the ADM channel for the application.", - "title": "Enabled", - "type": "boolean" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A virtual firewall to control inbound and outbound traffic.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The subnet IDs that you want to use for your VPC interface. A range of IP addresses in your VPC. When you create your VPC, you specify a range of IPv4 addresses for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. This is the primary CIDR block for your VPC. When you create a subnet for your VPC, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. The subnets that you use across all VPC interfaces on the flow must be in the same Availability Zone as the flow.", + "title": "SubnetId", + "type": "string" } }, "required": [ - "ApplicationId", - "ClientId", - "ClientSecret" + "FlowArn", + "Name", + "RoleArn", + "SecurityGroupIds", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::ADMChannel" + "AWS::MediaConnect::FlowVpcInterface" ], "type": "string" }, @@ -177337,7 +185323,7 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSChannel": { + "AWS::MediaConnect::Gateway": { "additionalProperties": false, "properties": { "Condition": { @@ -177372,60 +185358,38 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", - "type": "string" - }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", - "type": "string" + "EgressCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The range of IP addresses that are allowed to contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "EgressCidrBlocks", + "type": "array" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", + "Name": { + "markdownDescription": "The name of the gateway. This name can not be modified after the gateway is created.", + "title": "Name", "type": "string" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "Networks": { + "items": { + "$ref": "#/definitions/AWS::MediaConnect::Gateway.GatewayNetwork" + }, + "markdownDescription": "The list of networks in the gateway.", + "title": "Networks", + "type": "array" } }, "required": [ - "ApplicationId" + "EgressCidrBlocks", + "Name", + "Networks" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSChannel" + "AWS::MediaConnect::Gateway" ], "type": "string" }, @@ -177444,7 +185408,27 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSSandboxChannel": { + "AWS::MediaConnect::Gateway.GatewayNetwork": { + "additionalProperties": false, + "properties": { + "CidrBlock": { + "markdownDescription": "A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "title": "CidrBlock", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "CidrBlock", + "Name" + ], + "type": "object" + }, + "AWS::MediaConvert::JobTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -177479,60 +185463,68 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs sandbox channel applies to.", - "title": "ApplicationId", - "type": "string" + "AccelerationSettings": { + "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.AccelerationSettings", + "markdownDescription": "Accelerated transcoding can significantly speed up jobs with long, visually complex content. Outputs that use this feature incur pro-tier pricing. For information about feature limitations, For more information, see [Job Limitations for Accelerated Transcoding in AWS Elemental MediaConvert](https://docs.aws.amazon.com/mediaconvert/latest/ug/job-requirements.html) in the *AWS Elemental MediaConvert User Guide* .", + "title": "AccelerationSettings" }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", + "Category": { + "markdownDescription": "Optional. A category for the job template you are creating", + "title": "Category", "type": "string" }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", + "Description": { + "markdownDescription": "Optional. A description of the job template you are creating.", + "title": "Description", "type": "string" }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", + "HopDestinations": { + "items": { + "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.HopDestination" + }, + "markdownDescription": "Optional. Configuration for a destination queue to which the job can hop once a customer-defined minimum wait time has passed. For more information, see [Setting Up Queue Hopping to Avoid Long Waits](https://docs.aws.amazon.com/mediaconvert/latest/ug/setting-up-queue-hopping-to-avoid-long-waits.html) in the *AWS Elemental MediaConvert User Guide* .", + "title": "HopDestinations", + "type": "array" + }, + "Name": { + "markdownDescription": "Name of the output group", + "title": "Name", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs Sandbox channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" + "Priority": { + "markdownDescription": "Specify the relative priority for this job. In any given queue, the service begins processing the job with the highest value first. When more than one job has the same priority, the service begins processing the job that you submitted first. If you don't specify a priority, the service uses the default value 0. Minimum: -50 Maximum: 50", + "title": "Priority", + "type": "number" }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", + "Queue": { + "markdownDescription": "Optional. The queue that jobs created from this template are assigned to. Specify the Amazon Resource Name (ARN) of the queue. For example, arn:aws:mediaconvert:us-west-2:505474453218:queues/Default. If you don't specify this, jobs will go to the default queue.", + "title": "Queue", "type": "string" }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", - "type": "string" + "SettingsJson": { + "markdownDescription": "Specify, in JSON format, the transcoding job settings for this job template. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert job templates, see [Working with AWS Elemental MediaConvert Job Templates](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-job-templates.html) in the ** .", + "title": "SettingsJson", + "type": "object" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", + "StatusUpdateInterval": { + "markdownDescription": "Specify how often MediaConvert sends STATUS_UPDATE events to Amazon CloudWatch Events. Set the interval, in seconds, between status updates. MediaConvert sends an update at this interval from the time the service begins processing your job to the time it completes the transcode or encounters an error.\n\nSpecify one of the following enums:\n\nSECONDS_10\n\nSECONDS_12\n\nSECONDS_15\n\nSECONDS_20\n\nSECONDS_30\n\nSECONDS_60\n\nSECONDS_120\n\nSECONDS_180\n\nSECONDS_240\n\nSECONDS_300\n\nSECONDS_360\n\nSECONDS_420\n\nSECONDS_480\n\nSECONDS_540\n\nSECONDS_600", + "title": "StatusUpdateInterval", "type": "string" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" } }, "required": [ - "ApplicationId" + "SettingsJson" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSSandboxChannel" + "AWS::MediaConvert::JobTemplate" ], "type": "string" }, @@ -177551,7 +185543,42 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSVoipChannel": { + "AWS::MediaConvert::JobTemplate.AccelerationSettings": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "Specify the conditions when the service will run your job with accelerated transcoding.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::MediaConvert::JobTemplate.HopDestination": { + "additionalProperties": false, + "properties": { + "Priority": { + "markdownDescription": "Optional. When you set up a job to use queue hopping, you can specify a different relative priority for the job in the destination queue. If you don't specify, the relative priority will remain the same as in the previous queue.", + "title": "Priority", + "type": "number" + }, + "Queue": { + "markdownDescription": "Optional unless the job is submitted on the default queue. When you set up a job to use queue hopping, you can specify a destination queue. This queue cannot be the original queue to which the job is submitted. If the original queue isn't the default queue and you don't specify the destination queue, the job will move to the default queue.", + "title": "Queue", + "type": "string" + }, + "WaitMinutes": { + "markdownDescription": "Required for setting up a job to use queue hopping. Minimum wait time in minutes until the job can hop to the destination queue. Valid range is 1 to 4320 minutes, inclusive.", + "title": "WaitMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaConvert::Preset": { "additionalProperties": false, "properties": { "Condition": { @@ -177586,60 +185613,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs VoIP channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", - "title": "Certificate", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", + "Category": { + "markdownDescription": "The new category for the preset, if you are changing it.", + "title": "Category", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the APNs VoIP channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", - "title": "PrivateKey", + "Description": { + "markdownDescription": "The new description for the preset, if you are changing it.", + "title": "Description", "type": "string" }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", - "title": "TeamId", + "Name": { + "markdownDescription": "The name of the preset that you are modifying.", + "title": "Name", "type": "string" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", - "type": "string" + "SettingsJson": { + "markdownDescription": "Specify, in JSON format, the transcoding job settings for this output preset. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert output presets, see [Working with AWS Elemental MediaConvert Output Presets](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-presets.html) in the ** .", + "title": "SettingsJson", + "type": "object" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" } }, "required": [ - "ApplicationId" + "SettingsJson" ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSVoipChannel" + "AWS::MediaConvert::Preset" ], "type": "string" }, @@ -177658,7 +185665,7 @@ ], "type": "object" }, - "AWS::Pinpoint::APNSVoipSandboxChannel": { + "AWS::MediaConvert::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -177693,60 +185700,42 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the application that the APNs VoIP sandbox channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "BundleId": { - "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", - "title": "BundleId", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using an APNs certificate.", - "title": "Certificate", - "type": "string" + "ConcurrentJobs": { + "markdownDescription": "Specify the maximum number of jobs your queue can process concurrently. For on-demand queues, the value you enter is constrained by your service quotas for Maximum concurrent jobs, per on-demand queue and Maximum concurrent jobs, per account. For reserved queues, specify the number of jobs you can process concurrently in your reservation plan instead.", + "title": "ConcurrentJobs", + "type": "number" }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", - "title": "DefaultAuthenticationMethod", + "Description": { + "markdownDescription": "Optional. A description of the queue that you are creating.", + "title": "Description", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the APNs VoIP sandbox channel is enabled for the application.", - "title": "Enabled", - "type": "boolean" - }, - "PrivateKey": { - "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with the APNs sandbox environment.", - "title": "PrivateKey", + "Name": { + "markdownDescription": "The name of the queue that you are creating.", + "title": "Name", "type": "string" }, - "TeamId": { - "markdownDescription": "The identifier that's assigned to your Apple developer account team. This identifier is used for APNs tokens.", - "title": "TeamId", + "PricingPlan": { + "markdownDescription": "When you use AWS CloudFormation , you can create only on-demand queues. Therefore, always set `PricingPlan` to the value \"ON_DEMAND\" when declaring an AWS::MediaConvert::Queue in your AWS CloudFormation template.\n\nTo create a reserved queue, use the AWS Elemental MediaConvert console at https://console.aws.amazon.com/mediaconvert to set up a contract. For more information, see [Working with AWS Elemental MediaConvert Queues](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-queues.html) in the ** .", + "title": "PricingPlan", "type": "string" }, - "TokenKey": { - "markdownDescription": "The authentication key to use for APNs tokens.", - "title": "TokenKey", + "Status": { + "markdownDescription": "Initial state of the queue. Queues can be either ACTIVE or PAUSED. If you create a paused queue, then jobs that you send to that queue won't begin.", + "title": "Status", "type": "string" }, - "TokenKeyId": { - "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using APNs tokens.", - "title": "TokenKeyId", - "type": "string" + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" } }, - "required": [ - "ApplicationId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::APNSVoipSandboxChannel" + "AWS::MediaConvert::Queue" ], "type": "string" }, @@ -177760,12 +185749,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Pinpoint::App": { + "AWS::MediaLive::Channel": { "additionalProperties": false, "properties": { "Condition": { @@ -177800,25 +185788,93 @@ "Properties": { "additionalProperties": false, "properties": { + "AnywhereSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AnywhereSettings", + "markdownDescription": "", + "title": "AnywhereSettings" + }, + "CdiInputSpecification": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CdiInputSpecification", + "markdownDescription": "Specification of CDI inputs for this channel.", + "title": "CdiInputSpecification" + }, + "ChannelClass": { + "markdownDescription": "The class for this channel. For a channel with two pipelines, the class is STANDARD. For a channel with one pipeline, the class is SINGLE_PIPELINE.", + "title": "ChannelClass", + "type": "string" + }, + "ChannelEngineVersion": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ChannelEngineVersionRequest", + "markdownDescription": "", + "title": "ChannelEngineVersion" + }, + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestination" + }, + "markdownDescription": "The settings that identify the destination for the outputs in this MediaLive output package.", + "title": "Destinations", + "type": "array" + }, + "DryRun": { + "markdownDescription": "", + "title": "DryRun", + "type": "boolean" + }, + "EncoderSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EncoderSettings", + "markdownDescription": "The encoding configuration for the output content.", + "title": "EncoderSettings" + }, + "InputAttachments": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" + }, + "markdownDescription": "The list of input attachments for the channel.", + "title": "InputAttachments", + "type": "array" + }, + "InputSpecification": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputSpecification", + "markdownDescription": "The input specification for this channel. It specifies the key characteristics of the inputs for this channel: the maximum bitrate, the resolution, and the codec.", + "title": "InputSpecification" + }, + "LogLevel": { + "markdownDescription": "The verbosity for logging activity for this channel. Charges for logging (which are generated through Amazon CloudWatch Logging) are higher for higher verbosities.", + "title": "LogLevel", + "type": "string" + }, + "Maintenance": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MaintenanceCreateSettings", + "markdownDescription": "Maintenance settings for this channel.", + "title": "Maintenance" + }, "Name": { - "markdownDescription": "The display name of the application.", + "markdownDescription": "Name of channel.", "title": "Name", "type": "string" }, + "RoleArn": { + "markdownDescription": "The IAM role for MediaLive to assume when running this channel. The role is identified by its ARN.", + "title": "RoleArn", + "type": "string" + }, "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A collection of tags for this channel. Each tag is a key-value pair.", "title": "Tags", "type": "object" + }, + "Vpc": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VpcOutputSettings", + "markdownDescription": "Settings to enable VPC mode in the channel, so that the endpoints for all outputs are in your VPC.", + "title": "Vpc" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Pinpoint::App" + "AWS::MediaLive::Channel" ], "type": "string" }, @@ -177832,17395 +185888,20950 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Pinpoint::ApplicationSettings": { + "AWS::MediaLive::Channel.AacSettings": { "additionalProperties": false, "properties": { - "Condition": { + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid values depend on the rate control mode and profile.", + "title": "Bitrate", + "type": "number" + }, + "CodingMode": { + "markdownDescription": "Mono, stereo, or 5.1 channel layout. Valid values depend on the rate control mode and profile. The adReceiverMix setting receives a stereo description plus control track, and emits a mono AAC encode of the description track, with control data emitted in the PES header as per ETSI TS 101 154 Annex E.", + "title": "CodingMode", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputType": { + "markdownDescription": "Set to broadcasterMixedAd when the input contains pre-mixed main audio + AD (narration) as a stereo pair. The Audio Type field (audioType) will be set to 3, which signals to downstream systems that this stream contains broadcaster mixed AD. Note that the input received by the encoder must contain pre-mixed audio; MediaLive does not perform the mixing. The values in audioTypeControl and audioType (in AudioDescription) are ignored when set to broadcasterMixedAd. Leave this set to normal when the input does not contain pre-mixed audio + AD.", + "title": "InputType", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Profile": { + "markdownDescription": "The AAC profile.", + "title": "Profile", + "type": "string" }, - "Metadata": { - "type": "object" + "RateControlMode": { + "markdownDescription": "The rate control mode.", + "title": "RateControlMode", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application.", - "title": "ApplicationId", - "type": "string" - }, - "CampaignHook": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.CampaignHook", - "markdownDescription": "The settings for the Lambda function to use by default as a code hook for campaigns in the application. To override these settings for a specific campaign, use the Campaign resource to define custom Lambda function settings for the campaign.", - "title": "CampaignHook" - }, - "CloudWatchMetricsEnabled": { - "markdownDescription": "", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" - }, - "Limits": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.Limits", - "markdownDescription": "The default sending limits for campaigns in the application. To override these limits for a specific campaign, use the Campaign resource to define custom limits for the campaign.", - "title": "Limits" - }, - "QuietTime": { - "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.QuietTime", - "markdownDescription": "The default quiet time for campaigns in the application. Quiet time is a specific time range when campaigns don't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the application (or a campaign that has custom quiet time settings).\n\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the application (or a campaign that has custom quiet time settings).\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from a campaign, even if quiet time is enabled.\n\nTo override the default quiet time settings for a specific campaign, use the Campaign resource to define a custom quiet time for the campaign.", - "title": "QuietTime" - } - }, - "required": [ - "ApplicationId" - ], - "type": "object" + "RawFormat": { + "markdownDescription": "Sets the LATM/LOAS AAC output for raw containers.", + "title": "RawFormat", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Pinpoint::ApplicationSettings" - ], + "SampleRate": { + "markdownDescription": "The sample rate in Hz. Valid values depend on the rate control mode and profile.", + "title": "SampleRate", + "type": "number" + }, + "Spec": { + "markdownDescription": "Uses MPEG-2 AAC audio instead of MPEG-4 AAC audio for raw or MPEG-2 Transport Stream containers.", + "title": "Spec", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VbrQuality": { + "markdownDescription": "The VBR quality level. This is used only if rateControlMode is VBR.", + "title": "VbrQuality", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::ApplicationSettings.CampaignHook": { + "AWS::MediaLive::Channel.Ac3Settings": { "additionalProperties": false, "properties": { - "LambdaFunctionName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to send messages for campaigns in the application.", - "title": "LambdaFunctionName", + "AttenuationControl": { + "markdownDescription": "", + "title": "AttenuationControl", "type": "string" }, - "Mode": { - "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", - "title": "Mode", + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", + "title": "Bitrate", + "type": "number" + }, + "BitstreamMode": { + "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream. For more information about these values, see ATSC A/52-2012.", + "title": "BitstreamMode", "type": "string" }, - "WebUrl": { - "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", - "title": "WebUrl", + "CodingMode": { + "markdownDescription": "The Dolby Digital coding mode. This determines the number of channels.", + "title": "CodingMode", + "type": "string" + }, + "Dialnorm": { + "markdownDescription": "Sets the dialnorm for the output. If excluded and the input audio is Dolby Digital, dialnorm is passed through.", + "title": "Dialnorm", + "type": "number" + }, + "DrcProfile": { + "markdownDescription": "If set to filmStandard, adds dynamic range compression signaling to the output bitstream as defined in the Dolby Digital specification.", + "title": "DrcProfile", + "type": "string" + }, + "LfeFilter": { + "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. This is valid only in codingMode32Lfe mode.", + "title": "LfeFilter", + "type": "string" + }, + "MetadataControl": { + "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is supplied from one of these streams, the static metadata settings are used.", + "title": "MetadataControl", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::ApplicationSettings.Limits": { + "AWS::MediaLive::Channel.AncillarySourceSettings": { "additionalProperties": false, "properties": { - "Daily": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", - "title": "Daily", - "type": "number" - }, - "MaximumDuration": { - "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", - "title": "MaximumDuration", - "type": "number" - }, - "MessagesPerSecond": { - "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", - "title": "MessagesPerSecond", - "type": "number" - }, - "Total": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", - "title": "Total", + "SourceAncillaryChannelNumber": { + "markdownDescription": "Specifies the number (1 to 4) of the captions channel you want to extract from the ancillary captions. If you plan to convert the ancillary captions to another format, complete this field. If you plan to choose Embedded as the captions destination in the output (to pass through all the channels in the ancillary captions), leave this field blank because MediaLive ignores the field.", + "title": "SourceAncillaryChannelNumber", "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::ApplicationSettings.QuietTime": { + "AWS::MediaLive::Channel.AnywhereSettings": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "End", + "ChannelPlacementGroupId": { + "markdownDescription": "", + "title": "ChannelPlacementGroupId", "type": "string" }, - "Start": { - "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "Start", + "ClusterId": { + "markdownDescription": "", + "title": "ClusterId", "type": "string" } }, - "required": [ - "End", - "Start" - ], "type": "object" }, - "AWS::Pinpoint::BaiduChannel": { + "AWS::MediaLive::Channel.ArchiveCdnSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApiKey": { - "markdownDescription": "The API key that you received from the Baidu Cloud Push service to communicate with the service.", - "title": "ApiKey", - "type": "string" - }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're configuring the Baidu channel for.", - "title": "ApplicationId", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the Baidu channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "SecretKey": { - "markdownDescription": "The secret key that you received from the Baidu Cloud Push service to communicate with the service.", - "title": "SecretKey", - "type": "string" - } - }, - "required": [ - "ApiKey", - "ApplicationId", - "SecretKey" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::BaiduChannel" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ArchiveS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this Archive output.", + "title": "ArchiveS3Settings" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::Campaign": { + "AWS::MediaLive::Channel.ArchiveContainerSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "M2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", + "markdownDescription": "The settings for the M2TS in the archive output.", + "title": "M2tsSettings" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "RawSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RawSettings", + "markdownDescription": "The settings for Raw archive output type.", + "title": "RawSettings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.ArchiveGroupSettings": { + "additionalProperties": false, + "properties": { + "ArchiveCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveCdnSettings", + "markdownDescription": "Settings to configure the destination of an Archive output.", + "title": "ArchiveCdnSettings" }, - "Metadata": { - "type": "object" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "A directory and base file name where archive files should be written.", + "title": "Destination" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdditionalTreatments": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.WriteTreatmentResource" - }, - "markdownDescription": "An array of requests that defines additional treatments for the campaign, in addition to the default treatment for the campaign.", - "title": "AdditionalTreatments", - "type": "array" - }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the campaign is associated with.", - "title": "ApplicationId", - "type": "string" - }, - "CampaignHook": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignHook", - "markdownDescription": "Specifies the Lambda function to use as a code hook for a campaign.", - "title": "CampaignHook" - }, - "CustomDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", - "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", - "title": "CustomDeliveryConfiguration" - }, - "Description": { - "markdownDescription": "A custom description of the campaign.", - "title": "Description", - "type": "string" - }, - "HoldoutPercent": { - "markdownDescription": "The allocated percentage of users (segment members) who shouldn't receive messages from the campaign.", - "title": "HoldoutPercent", - "type": "number" - }, - "IsPaused": { - "markdownDescription": "Specifies whether to pause the campaign. A paused campaign doesn't run unless you resume it by changing this value to `false` . If you restart a campaign, the campaign restarts from the beginning and not at the point you paused it. If a campaign is running it will complete and then pause. Pause only pauses or skips the next run for a recurring future scheduled campaign. A campaign scheduled for immediate can't be paused.", - "title": "IsPaused", - "type": "boolean" - }, - "Limits": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Limits", - "markdownDescription": "The messaging limits for the campaign.", - "title": "Limits" - }, - "MessageConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", - "markdownDescription": "The message configuration settings for the treatment.", - "title": "MessageConfiguration" - }, - "Name": { - "markdownDescription": "The name of the campaign.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "An integer between 1 and 5, inclusive, that represents the priority of the in-app message campaign, where 1 is the highest priority and 5 is the lowest. If there are multiple messages scheduled to be displayed at the same time, the priority determines the order in which those messages are displayed.", - "title": "Priority", - "type": "number" - }, - "Schedule": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", - "markdownDescription": "The schedule settings for the treatment.", - "title": "Schedule" - }, - "SegmentId": { - "markdownDescription": "The unique identifier for the segment to associate with the campaign.", - "title": "SegmentId", - "type": "string" - }, - "SegmentVersion": { - "markdownDescription": "The version of the segment to associate with the campaign.", - "title": "SegmentVersion", - "type": "number" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", - "markdownDescription": "The message template to use for the treatment.", - "title": "TemplateConfiguration" - }, - "TreatmentDescription": { - "markdownDescription": "A custom description of the treatment.", - "title": "TreatmentDescription", - "type": "string" - }, - "TreatmentName": { - "markdownDescription": "A custom name for the treatment.", - "title": "TreatmentName", - "type": "string" - } - }, - "required": [ - "ApplicationId", - "Name", - "Schedule", - "SegmentId" - ], - "type": "object" + "RolloverInterval": { + "markdownDescription": "The number of seconds to write to an archive file before closing and starting a new one.", + "title": "RolloverInterval", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.ArchiveOutputSettings": { + "additionalProperties": false, + "properties": { + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveContainerSettings", + "markdownDescription": "The settings that are specific to the container type of the file.", + "title": "ContainerSettings" }, - "Type": { - "enum": [ - "AWS::Pinpoint::Campaign" - ], + "Extension": { + "markdownDescription": "The output file extension. If excluded, this is auto-selected from the container type.", + "title": "Extension", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. The string is required for multiple outputs of the same type.", + "title": "NameModifier", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::Campaign.AttributeDimension": { + "AWS::MediaLive::Channel.ArchiveS3Settings": { "additionalProperties": false, "properties": { - "AttributeType": { + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", "type": "string" - }, - "Values": { + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.AribDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.AribSourceSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.AudioChannelMapping": { + "additionalProperties": false, + "properties": { + "InputChannelLevels": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MediaLive::Channel.InputChannelLevel" }, + "markdownDescription": "The indices and gain values for each input channel that should be remixed into this output channel.", + "title": "InputChannelLevels", "type": "array" + }, + "OutputChannel": { + "markdownDescription": "The index of the output channel that is being produced.", + "title": "OutputChannel", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignCustomMessage": { + "AWS::MediaLive::Channel.AudioCodecSettings": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "The raw, JSON-formatted string to use as the payload for the message. The maximum size is 5 KB.", - "title": "Data", - "type": "string" + "AacSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AacSettings", + "markdownDescription": "The setup of the AAC audio codec in the output.", + "title": "AacSettings" + }, + "Ac3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Ac3Settings", + "markdownDescription": "The setup of an AC3 audio codec in the output.", + "title": "Ac3Settings" + }, + "Eac3AtmosSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3AtmosSettings", + "markdownDescription": "", + "title": "Eac3AtmosSettings" + }, + "Eac3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3Settings", + "markdownDescription": "The setup of an EAC3 audio codec in the output.", + "title": "Eac3Settings" + }, + "Mp2Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mp2Settings", + "markdownDescription": "The setup of an MP2 audio codec in the output.", + "title": "Mp2Settings" + }, + "PassThroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.PassThroughSettings", + "markdownDescription": "The setup to pass through the Dolby audio codec to the output.", + "title": "PassThroughSettings" + }, + "WavSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.WavSettings", + "markdownDescription": "Settings for audio encoded with the WAV codec.", + "title": "WavSettings" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignEmailMessage": { + "AWS::MediaLive::Channel.AudioDescription": { "additionalProperties": false, "properties": { - "Body": { - "markdownDescription": "The body of the email for recipients whose email clients don't render HTML content.", - "title": "Body", + "AudioDashRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "AudioDashRoles", + "type": "array" + }, + "AudioNormalizationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioNormalizationSettings", + "markdownDescription": "The advanced audio normalization settings.", + "title": "AudioNormalizationSettings" + }, + "AudioSelectorName": { + "markdownDescription": "The name of the AudioSelector that is used as the source for this AudioDescription.", + "title": "AudioSelectorName", "type": "string" }, - "FromAddress": { - "markdownDescription": "The verified email address to send the email from. The default address is the `FromAddress` specified for the email channel for the application.", - "title": "FromAddress", + "AudioType": { + "markdownDescription": "Applies only if audioTypeControl is useConfigured. The values for audioType are defined in ISO-IEC 13818-1.", + "title": "AudioType", "type": "string" }, - "HtmlBody": { - "markdownDescription": "The body of the email, in HTML format, for recipients whose email clients render HTML content.", - "title": "HtmlBody", + "AudioTypeControl": { + "markdownDescription": "Determines how audio type is determined. followInput: If the input contains an ISO 639 audioType, then that value is passed through to the output. If the input contains no ISO 639 audioType, the value in Audio Type is included in the output. useConfigured: The value in Audio Type is included in the output. Note that this field and audioType are both ignored if inputType is broadcasterMixedAd.", + "title": "AudioTypeControl", "type": "string" }, - "Title": { - "markdownDescription": "The subject line, or title, of the email.", - "title": "Title", + "AudioWatermarkingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioWatermarkSettings", + "markdownDescription": "Settings to configure one or more solutions that insert audio watermarks in the audio encode", + "title": "AudioWatermarkingSettings" + }, + "CodecSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioCodecSettings", + "markdownDescription": "The audio codec settings.", + "title": "CodecSettings" + }, + "DvbDashAccessibility": { + "markdownDescription": "", + "title": "DvbDashAccessibility", + "type": "string" + }, + "LanguageCode": { + "markdownDescription": "Indicates the language of the audio output track. Used only if languageControlMode is useConfigured, or there is no ISO 639 language code specified in the input.", + "title": "LanguageCode", + "type": "string" + }, + "LanguageCodeControl": { + "markdownDescription": "Choosing followInput causes the ISO 639 language code of the output to follow the ISO 639 language code of the input. The languageCode setting is used when useConfigured is set, or when followInput is selected but there is no ISO 639 language code specified by the input.", + "title": "LanguageCodeControl", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of this AudioDescription. Outputs use this name to uniquely identify this AudioDescription. Description names should be unique within this channel.", + "title": "Name", + "type": "string" + }, + "RemixSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RemixSettings", + "markdownDescription": "The settings that control how input audio channels are remixed into the output audio channels.", + "title": "RemixSettings" + }, + "StreamName": { + "markdownDescription": "Used for Microsoft Smooth and Apple HLS outputs. Indicates the name displayed by the player (for example, English or Director Commentary).", + "title": "StreamName", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignEventFilter": { + "AWS::MediaLive::Channel.AudioDolbyEDecode": { "additionalProperties": false, "properties": { - "Dimensions": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.EventDimensions", - "markdownDescription": "The dimension settings of the event filter for the campaign.", - "title": "Dimensions" - }, - "FilterType": { - "markdownDescription": "The type of event that causes the campaign to be sent. Valid values are: `SYSTEM` , sends the campaign when a system event occurs; and, `ENDPOINT` , sends the campaign when an endpoint event (Events resource) occurs.", - "title": "FilterType", + "ProgramSelection": { + "markdownDescription": "", + "title": "ProgramSelection", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignHook": { + "AWS::MediaLive::Channel.AudioHlsRenditionSelection": { "additionalProperties": false, "properties": { - "LambdaFunctionName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to customize a segment for a campaign.", - "title": "LambdaFunctionName", - "type": "string" - }, - "Mode": { - "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", - "title": "Mode", + "GroupId": { + "markdownDescription": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.", + "title": "GroupId", "type": "string" }, - "WebUrl": { - "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", - "title": "WebUrl", + "Name": { + "markdownDescription": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignInAppMessage": { + "AWS::MediaLive::Channel.AudioLanguageSelection": { "additionalProperties": false, "properties": { - "Content": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageContent" - }, - "markdownDescription": "An array that contains configurtion information about the in-app message for the campaign, including title and body text, text colors, background colors, image URLs, and button configurations.", - "title": "Content", - "type": "array" - }, - "CustomConfig": { - "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", - "title": "CustomConfig", - "type": "object" + "LanguageCode": { + "markdownDescription": "Selects a specific three-letter language code from within an audio source.", + "title": "LanguageCode", + "type": "string" }, - "Layout": { - "markdownDescription": "A string that describes how the in-app message will appear. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", - "title": "Layout", + "LanguageSelectionPolicy": { + "markdownDescription": "When set to \"strict,\" the transport stream demux strictly identifies audio streams by their language descriptor. If a PMT update occurs such that an audio stream matching the initially selected language is no longer present, then mute is encoded until the language returns. If set to \"loose,\" then on a PMT update the demux chooses another audio stream in the program with the same stream type if it can't find one with the same language.", + "title": "LanguageSelectionPolicy", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CampaignSmsMessage": { + "AWS::MediaLive::Channel.AudioNormalizationSettings": { "additionalProperties": false, "properties": { - "Body": { - "markdownDescription": "The body of the SMS message.", - "title": "Body", + "Algorithm": { + "markdownDescription": "The audio normalization algorithm to use. itu17701 conforms to the CALM Act specification. itu17702 conforms to the EBU R-128 specification.", + "title": "Algorithm", "type": "string" }, - "EntityId": { - "markdownDescription": "The entity ID or Principal Entity (PE) id received from the regulatory body for sending SMS in your country.", - "title": "EntityId", + "AlgorithmControl": { + "markdownDescription": "When set to correctAudio, the output audio is corrected using the chosen algorithm. If set to measureOnly, the audio is measured but not adjusted.", + "title": "AlgorithmControl", "type": "string" }, - "MessageType": { - "markdownDescription": "The SMS message type. Valid values are `TRANSACTIONAL` (for messages that are critical or time-sensitive, such as a one-time passwords) and `PROMOTIONAL` (for messsages that aren't critical or time-sensitive, such as marketing messages).", - "title": "MessageType", + "TargetLkfs": { + "markdownDescription": "The Target LKFS(loudness) to adjust volume to. If no value is entered, a default value is used according to the chosen algorithm. The CALM Act (1770-1) recommends a target of -24 LKFS. The EBU R-128 specification (1770-2) recommends a target of -23 LKFS.", + "title": "TargetLkfs", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.AudioOnlyHlsSettings": { + "additionalProperties": false, + "properties": { + "AudioGroupId": { + "markdownDescription": "Specifies the group that the audio rendition belongs to.", + "title": "AudioGroupId", "type": "string" }, - "OriginationNumber": { - "markdownDescription": "The long code to send the SMS message from. This value should be one of the dedicated long codes that's assigned to your AWS account. Although it isn't required, we recommend that you specify the long code using an E.164 format to ensure prompt and accurate delivery of the message. For example, +12065550100.", - "title": "OriginationNumber", - "type": "string" + "AudioOnlyImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "Used with an audio-only stream. It must be a .jpg or .png file. If given, this image is used as the cover art for the audio-only output. Ideally, it should be formatted for an iPhone screen for two reasons. The iPhone does not resize the image; instead, it crops a centered image on the top/bottom and left/right. Additionally, this image file gets saved bit-for-bit into every 10-second segment file, so it increases bandwidth by {image file size} * {segment count} * {user count.}.", + "title": "AudioOnlyImage" }, - "SenderId": { - "markdownDescription": "The alphabetic Sender ID to display as the sender of the message on a recipient's device. Support for sender IDs varies by country or region. To specify a phone number as the sender, omit this parameter and use `OriginationNumber` instead. For more information about support for Sender ID by country, see the [Amazon Pinpoint User Guide](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) .", - "title": "SenderId", + "AudioTrackType": { + "markdownDescription": "Four types of audio-only tracks are supported: Audio-Only Variant Stream The client can play back this audio-only stream instead of video in low-bandwidth scenarios. Represented as an EXT-X-STREAM-INF in the HLS manifest. Alternate Audio, Auto Select, Default Alternate rendition that the client should try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=YES, AUTOSELECT=YES Alternate Audio, Auto Select, Not Default Alternate rendition that the client might try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=YES Alternate Audio, not Auto Select Alternate rendition that the client will not try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=NO.", + "title": "AudioTrackType", "type": "string" }, - "TemplateId": { - "markdownDescription": "The template ID received from the regulatory body for sending SMS in your country.", - "title": "TemplateId", + "SegmentType": { + "markdownDescription": "Specifies the segment type.", + "title": "SegmentType", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.CustomDeliveryConfiguration": { + "AWS::MediaLive::Channel.AudioPidSelection": { "additionalProperties": false, "properties": { - "DeliveryUri": { - "markdownDescription": "The destination to send the campaign or treatment to. This value can be one of the following:\n\n- The name or Amazon Resource Name (ARN) of an AWS Lambda function to invoke to handle delivery of the campaign or treatment.\n- The URL for a web application or service that supports HTTPS and can receive the message. The URL has to be a full URL, including the HTTPS protocol.", - "title": "DeliveryUri", - "type": "string" - }, - "EndpointTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of endpoints to send the campaign or treatment to. Each valid value maps to a type of channel that you can associate with an endpoint by using the `ChannelType` property of an endpoint.", - "title": "EndpointTypes", - "type": "array" + "Pid": { + "markdownDescription": "Select the audio by this PID.", + "title": "Pid", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.DefaultButtonConfiguration": { + "AWS::MediaLive::Channel.AudioSelector": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" - }, - "BorderRadius": { - "markdownDescription": "The border radius of a button.", - "title": "BorderRadius", - "type": "number" - }, - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" - }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", - "type": "string" - }, - "Text": { - "markdownDescription": "The text that appears on a button in an in-app message.", - "title": "Text", + "Name": { + "markdownDescription": "A name for this AudioSelector.", + "title": "Name", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", - "type": "string" + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelectorSettings", + "markdownDescription": "Information about the specific audio to extract from the input.", + "title": "SelectorSettings" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.EventDimensions": { + "AWS::MediaLive::Channel.AudioSelectorSettings": { "additionalProperties": false, "properties": { - "Attributes": { - "markdownDescription": "One or more custom attributes that your application reports to Amazon Pinpoint. You can use these attributes as selection criteria when you create an event filter.", - "title": "Attributes", - "type": "object" + "AudioHlsRenditionSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioHlsRenditionSelection", + "markdownDescription": "Selector for HLS audio rendition.", + "title": "AudioHlsRenditionSelection" }, - "EventType": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.SetDimension", - "markdownDescription": "The name of the event that causes the campaign to be sent or the journey activity to be performed. This can be a standard event that Amazon Pinpoint generates, such as `_email.delivered` or `_custom.delivered` . For campaigns, this can also be a custom event that's specific to your application. For information about standard events, see [Streaming Amazon Pinpoint Events](https://docs.aws.amazon.com/pinpoint/latest/developerguide/event-streams.html) in the *Amazon Pinpoint Developer Guide* .", - "title": "EventType" + "AudioLanguageSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioLanguageSelection", + "markdownDescription": "The language code of the audio to select.", + "title": "AudioLanguageSelection" }, - "Metrics": { - "markdownDescription": "One or more custom metrics that your application reports to Amazon Pinpoint . You can use these metrics as selection criteria when you create an event filter.", - "title": "Metrics", - "type": "object" + "AudioPidSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioPidSelection", + "markdownDescription": "The PID of the audio to select.", + "title": "AudioPidSelection" + }, + "AudioTrackSelection": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrackSelection", + "markdownDescription": "Information about the audio track to extract.", + "title": "AudioTrackSelection" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageBodyConfig": { + "AWS::MediaLive::Channel.AudioSilenceFailoverSettings": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" - }, - "Body": { - "markdownDescription": "The main body text of the message.", - "title": "Body", + "AudioSelectorName": { + "markdownDescription": "The name of the audio selector in the input that MediaLive should monitor to detect silence. Select your most important rendition. If you didn't create an audio selector in this input, leave blank.", + "title": "AudioSelectorName", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", - "title": "TextColor", - "type": "string" + "AudioSilenceThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that the active input must be silent before automatic input failover occurs. Silence is defined as audio loss or audio quieter than -50 dBFS.", + "title": "AudioSilenceThresholdMsec", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageButton": { + "AWS::MediaLive::Channel.AudioTrack": { "additionalProperties": false, "properties": { - "Android": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to Android.", - "title": "Android" - }, - "DefaultConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.DefaultButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in an in-app message.", - "title": "DefaultConfig" - }, - "IOS": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to iOS devices.", - "title": "IOS" - }, - "Web": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", - "markdownDescription": "An object that defines the default behavior for a button in in-app messages for web applications.", - "title": "Web" + "Track": { + "markdownDescription": "1-based integer value that maps to a specific audio track", + "title": "Track", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageContent": { + "AWS::MediaLive::Channel.AudioTrackSelection": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" - }, - "BodyConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageBodyConfig", - "markdownDescription": "Specifies the configuration of main body text in an in-app message template.", - "title": "BodyConfig" - }, - "HeaderConfig": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageHeaderConfig", - "markdownDescription": "Specifies the configuration and content of the header or title text of the in-app message.", - "title": "HeaderConfig" - }, - "ImageUrl": { - "markdownDescription": "The URL of the image that appears on an in-app message banner.", - "title": "ImageUrl", - "type": "string" - }, - "PrimaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", - "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", - "title": "PrimaryBtn" + "DolbyEDecode": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDolbyEDecode", + "markdownDescription": "", + "title": "DolbyEDecode" }, - "SecondaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", - "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", - "title": "SecondaryBtn" + "Tracks": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrack" + }, + "markdownDescription": "Selects one or more unique audio tracks from within a source.", + "title": "Tracks", + "type": "array" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.InAppMessageHeaderConfig": { + "AWS::MediaLive::Channel.AudioWatermarkSettings": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" + "NielsenWatermarksSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenWatermarksSettings", + "markdownDescription": "Settings to configure Nielsen Watermarks in the audio encode", + "title": "NielsenWatermarksSettings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.AutomaticInputFailoverSettings": { + "additionalProperties": false, + "properties": { + "ErrorClearTimeMsec": { + "markdownDescription": "This clear time defines the requirement a recovered input must meet to be considered healthy. The input must have no failover conditions for this length of time. Enter a time in milliseconds. This value is particularly important if the input_preference for the failover pair is set to PRIMARY_INPUT_PREFERRED, because after this time, MediaLive will switch back to the primary input.", + "title": "ErrorClearTimeMsec", + "type": "number" }, - "Header": { - "markdownDescription": "The header or title text of the in-app message.", - "title": "Header", + "FailoverConditions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverCondition" + }, + "markdownDescription": "A list of failover conditions. If any of these conditions occur, MediaLive will perform a failover to the other input.", + "title": "FailoverConditions", + "type": "array" + }, + "InputPreference": { + "markdownDescription": "Input preference when deciding which input to make active when a previously failed input has recovered.", + "title": "InputPreference", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", - "title": "TextColor", + "SecondaryInputId": { + "markdownDescription": "The input ID of the secondary input in the automatic input failover pair.", + "title": "SecondaryInputId", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.Limits": { + "AWS::MediaLive::Channel.Av1ColorSpaceSettings": { "additionalProperties": false, "properties": { - "Daily": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", - "title": "Daily", - "type": "number" - }, - "MaximumDuration": { - "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", - "title": "MaximumDuration", - "type": "number" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "", + "title": "ColorSpacePassthroughSettings" }, - "MessagesPerSecond": { - "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", - "title": "MessagesPerSecond", - "type": "number" + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "", + "title": "Hdr10Settings" }, - "Session": { - "markdownDescription": "The maximum number of messages that the campaign can send per user session.", - "title": "Session", - "type": "number" + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "", + "title": "Rec601Settings" }, - "Total": { - "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", - "title": "Total", - "type": "number" + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "", + "title": "Rec709Settings" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.Message": { + "AWS::MediaLive::Channel.Av1Settings": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps the push notification. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of iOS and Android.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", + "AfdSignaling": { + "markdownDescription": "", + "title": "AfdSignaling", "type": "string" }, - "Body": { - "markdownDescription": "The body of the notification message. The maximum number of characters is 200.", - "title": "Body", - "type": "string" + "Bitrate": { + "markdownDescription": "", + "title": "Bitrate", + "type": "number" }, - "ImageIconUrl": { - "markdownDescription": "The URL of the image to display as the push notification icon, such as the icon for the app.", - "title": "ImageIconUrl", - "type": "string" + "BufSize": { + "markdownDescription": "", + "title": "BufSize", + "type": "number" }, - "ImageSmallIconUrl": { - "markdownDescription": "The URL of the image to display as the small, push notification icon, such as a small version of the icon for the app.", - "title": "ImageSmallIconUrl", - "type": "string" + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Av1ColorSpaceSettings", + "markdownDescription": "", + "title": "ColorSpaceSettings" }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display in the push notification.", - "title": "ImageUrl", + "FixedAfd": { + "markdownDescription": "", + "title": "FixedAfd", "type": "string" }, - "JsonBody": { - "markdownDescription": "The JSON payload to use for a silent push notification.", - "title": "JsonBody", + "FramerateDenominator": { + "markdownDescription": "", + "title": "FramerateDenominator", + "type": "number" + }, + "FramerateNumerator": { + "markdownDescription": "", + "title": "FramerateNumerator", + "type": "number" + }, + "GopSize": { + "markdownDescription": "", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "", + "title": "GopSizeUnits", "type": "string" }, - "MediaUrl": { - "markdownDescription": "The URL of the image or video to display in the push notification.", - "title": "MediaUrl", + "Level": { + "markdownDescription": "", + "title": "Level", "type": "string" }, - "RawContent": { - "markdownDescription": "The raw, JSON-formatted string to use as the payload for the notification message. If specified, this value overrides all other content for the message.", - "title": "RawContent", + "LookAheadRateControl": { + "markdownDescription": "", + "title": "LookAheadRateControl", "type": "string" }, - "SilentPush": { - "markdownDescription": "Specifies whether the notification is a silent push notification, which is a push notification that doesn't display on a recipient's device. Silent push notifications can be used for cases such as updating an app's configuration, displaying messages in an in-app message center, or supporting phone home functionality.", - "title": "SilentPush", - "type": "boolean" + "MaxBitrate": { + "markdownDescription": "", + "title": "MaxBitrate", + "type": "number" }, - "TimeToLive": { - "markdownDescription": "The number of seconds that the push notification service should keep the message, if the service is unable to deliver the notification the first time. This value is converted to an expiration value when it's sent to a push notification service. If this value is `0` , the service treats the notification as if it expires immediately and the service doesn't store or try to deliver the notification again.\n\nThis value doesn't apply to messages that are sent through the Amazon Device Messaging (ADM) service.", - "title": "TimeToLive", + "MinIInterval": { + "markdownDescription": "", + "title": "MinIInterval", "type": "number" }, - "Title": { - "markdownDescription": "The title to display above the notification message on a recipient's device.", - "title": "Title", + "ParDenominator": { + "markdownDescription": "", + "title": "ParDenominator", + "type": "number" + }, + "ParNumerator": { + "markdownDescription": "", + "title": "ParNumerator", + "type": "number" + }, + "QvbrQualityLevel": { + "markdownDescription": "", + "title": "QvbrQualityLevel", + "type": "number" + }, + "RateControlMode": { + "markdownDescription": "", + "title": "RateControlMode", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps the push notification and the value of the `Action` property is `URL` .", - "title": "Url", + "SceneChangeDetect": { + "markdownDescription": "", + "title": "SceneChangeDetect", "type": "string" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.MessageConfiguration": { + "AWS::MediaLive::Channel.AvailBlanking": { "additionalProperties": false, "properties": { - "ADMMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the ADM (Amazon Device Messaging) channel. If specified, this message overrides the default message.", - "title": "ADMMessage" - }, - "APNSMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the APNs (Apple Push Notification service) channel. If specified, this message overrides the default message.", - "title": "APNSMessage" - }, - "BaiduMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the Baidu (Baidu Cloud Push) channel. If specified, this message overrides the default message.", - "title": "BaiduMessage" - }, - "CustomMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignCustomMessage", - "markdownDescription": "The message that the campaign sends through a custom channel, as specified by the delivery configuration ( `CustomDeliveryConfiguration` ) settings for the campaign. If specified, this message overrides the default message.", - "title": "CustomMessage" - }, - "DefaultMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The default message that the campaign sends through all the channels that are configured for the campaign.", - "title": "DefaultMessage" - }, - "EmailMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEmailMessage", - "markdownDescription": "The message that the campaign sends through the email channel. If specified, this message overrides the default message.\n\n> The maximum email message size is 200 KB. You can use email templates to send larger email messages.", - "title": "EmailMessage" - }, - "GCMMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", - "markdownDescription": "The message that the campaign sends through the GCM channel, which enables Amazon Pinpoint to send push notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. If specified, this message overrides the default message.", - "title": "GCMMessage" - }, - "InAppMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignInAppMessage", - "markdownDescription": "The default message for the in-app messaging channel. This message overrides the default message ( `DefaultMessage` ).", - "title": "InAppMessage" + "AvailBlankingImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The blanking image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", + "title": "AvailBlankingImage" }, - "SMSMessage": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignSmsMessage", - "markdownDescription": "The message that the campaign sends through the SMS channel. If specified, this message overrides the default message.", - "title": "SMSMessage" + "State": { + "markdownDescription": "When set to enabled, the video, audio, and captions are blanked when insertion metadata is added.", + "title": "State", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.MetricDimension": { + "AWS::MediaLive::Channel.AvailConfiguration": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "type": "string" + "AvailSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailSettings", + "markdownDescription": "The setup of ad avail handling in the output.", + "title": "AvailSettings" }, - "Value": { - "type": "number" + "Scte35SegmentationScope": { + "markdownDescription": "", + "title": "Scte35SegmentationScope", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.OverrideButtonConfiguration": { + "AWS::MediaLive::Channel.AvailSettings": { "additionalProperties": false, "properties": { - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", - "type": "string" + "Esam": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Esam", + "markdownDescription": "", + "title": "Esam" }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", - "type": "string" + "Scte35SpliceInsert": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35SpliceInsert", + "markdownDescription": "The setup for SCTE-35 splice insert handling.", + "title": "Scte35SpliceInsert" + }, + "Scte35TimeSignalApos": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35TimeSignalApos", + "markdownDescription": "The setup for SCTE-35 time signal APOS handling.", + "title": "Scte35TimeSignalApos" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.QuietTime": { + "AWS::MediaLive::Channel.BandwidthReductionFilterSettings": { "additionalProperties": false, "properties": { - "End": { - "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "End", + "PostFilterSharpening": { + "markdownDescription": "", + "title": "PostFilterSharpening", "type": "string" }, - "Start": { - "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", - "title": "Start", + "Strength": { + "markdownDescription": "", + "title": "Strength", "type": "string" } }, - "required": [ - "End", - "Start" - ], "type": "object" }, - "AWS::Pinpoint::Campaign.Schedule": { + "AWS::MediaLive::Channel.BlackoutSlate": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "The scheduled time, in ISO 8601 format, when the campaign ended or will end.", - "title": "EndTime", + "BlackoutSlateImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The blackout slate image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", + "title": "BlackoutSlateImage" + }, + "NetworkEndBlackout": { + "markdownDescription": "Setting to enabled causes MediaLive to blackout the video, audio, and captions, and raise the \"Network Blackout Image\" slate when an SCTE104/35 Network End Segmentation Descriptor is encountered. The blackout is lifted when the Network Start Segmentation Descriptor is encountered. The Network End and Network Start descriptors must contain a network ID that matches the value entered in Network ID.", + "title": "NetworkEndBlackout", "type": "string" }, - "EventFilter": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEventFilter", - "markdownDescription": "The type of event that causes the campaign to be sent, if the value of the `Frequency` property is `EVENT` .", - "title": "EventFilter" + "NetworkEndBlackoutImage": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The path to the local file to use as the Network End Blackout image. The image is scaled to fill the entire output raster.", + "title": "NetworkEndBlackoutImage" }, - "Frequency": { - "markdownDescription": "Specifies how often the campaign is sent or whether the campaign is sent in response to a specific event.", - "title": "Frequency", + "NetworkId": { + "markdownDescription": "Provides a Network ID that matches EIDR ID format (for example, \"10.XXXX/XXXX-XXXX-XXXX-XXXX-XXXX-C\").", + "title": "NetworkId", "type": "string" }, - "IsLocalTime": { - "markdownDescription": "Specifies whether the start and end times for the campaign schedule use each recipient's local time. To base the schedule on each recipient's local time, set this value to `true` .", - "title": "IsLocalTime", - "type": "boolean" - }, - "QuietTime": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.QuietTime", - "markdownDescription": "The default quiet time for the campaign. Quiet time is a specific time range when a campaign doesn't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the campaign.\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the campaign.\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from the campaign, even if quiet time is enabled.", - "title": "QuietTime" - }, - "StartTime": { - "markdownDescription": "The scheduled time when the campaign began or will begin. Valid values are: `IMMEDIATE` , to start the campaign immediately; or, a specific time in ISO 8601 format.", - "title": "StartTime", - "type": "string" - }, - "TimeZone": { - "markdownDescription": "The starting UTC offset for the campaign schedule, if the value of the `IsLocalTime` property is `true` . Valid values are: `UTC, UTC+01, UTC+02, UTC+03, UTC+03:30, UTC+04, UTC+04:30, UTC+05, UTC+05:30, UTC+05:45, UTC+06, UTC+06:30, UTC+07, UTC+08, UTC+09, UTC+09:30, UTC+10, UTC+10:30, UTC+11, UTC+12, UTC+13, UTC-02, UTC-03, UTC-04, UTC-05, UTC-06, UTC-07, UTC-08, UTC-09, UTC-10,` and `UTC-11` .", - "title": "TimeZone", + "State": { + "markdownDescription": "When set to enabled, this causes video, audio, and captions to be blanked when indicated by program metadata.", + "title": "State", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Campaign.SetDimension": { + "AWS::MediaLive::Channel.BurnInDestinationSettings": { "additionalProperties": false, "properties": { - "DimensionType": { - "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", - "title": "DimensionType", + "Alignment": { + "markdownDescription": "If no explicit xPosition or yPosition is provided, setting alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. All burn-in and DVB-Sub font settings must match.", + "title": "Alignment", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.Template": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "Name", + "BackgroundColor": { + "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundColor", "type": "string" }, - "Version": { - "markdownDescription": "The unique identifier for the version of the message template to use for the message. If specified, this value must match the identifier for an existing template version. To retrieve a list of versions and version identifiers for a template, use the [Template Versions](https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html) resource.\n\nIf you don't specify a value for this property, Amazon Pinpoint uses the *active version* of the template. The *active version* is typically the version of a template that's been most recently reviewed and approved for use, depending on your workflow. It isn't necessarily the latest version of a template.", - "title": "Version", + "BackgroundOpacity": { + "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundOpacity", + "type": "number" + }, + "Font": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", + "title": "Font" + }, + "FontColor": { + "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "FontColor", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.TemplateConfiguration": { - "additionalProperties": false, - "properties": { - "EmailTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The email template to use for the message.", - "title": "EmailTemplate" }, - "PushTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The push notification template to use for the message.", - "title": "PushTemplate" + "FontOpacity": { + "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", + "title": "FontOpacity", + "type": "number" }, - "SMSTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The SMS template to use for the message.", - "title": "SMSTemplate" + "FontResolution": { + "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", + "title": "FontResolution", + "type": "number" }, - "VoiceTemplate": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", - "markdownDescription": "The voice template to use for the message. This object isn't supported for campaigns.", - "title": "VoiceTemplate" - } - }, - "type": "object" - }, - "AWS::Pinpoint::Campaign.WriteTreatmentResource": { - "additionalProperties": false, - "properties": { - "CustomDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", - "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", - "title": "CustomDeliveryConfiguration" + "FontSize": { + "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", + "title": "FontSize", + "type": "string" }, - "MessageConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", - "markdownDescription": "The message configuration settings for the treatment.", - "title": "MessageConfiguration" + "OutlineColor": { + "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineColor", + "type": "string" }, - "Schedule": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", - "markdownDescription": "The schedule settings for the treatment.", - "title": "Schedule" + "OutlineSize": { + "markdownDescription": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineSize", + "type": "number" }, - "SizePercent": { - "markdownDescription": "The allocated percentage of users (segment members) to send the treatment to.", - "title": "SizePercent", + "ShadowColor": { + "markdownDescription": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowColor", + "type": "string" + }, + "ShadowOpacity": { + "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "ShadowOpacity", "type": "number" }, - "TemplateConfiguration": { - "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", - "markdownDescription": "The message template to use for the treatment.", - "title": "TemplateConfiguration" + "ShadowXOffset": { + "markdownDescription": "Specifies the horizontal offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowXOffset", + "type": "number" }, - "TreatmentDescription": { - "markdownDescription": "A custom description of the treatment.", - "title": "TreatmentDescription", - "type": "string" + "ShadowYOffset": { + "markdownDescription": "Specifies the vertical offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowYOffset", + "type": "number" }, - "TreatmentName": { - "markdownDescription": "A custom name for the treatment.", - "title": "TreatmentName", + "TeletextGridControl": { + "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies only to Teletext inputs and DVB-Sub/Burn-in outputs.", + "title": "TeletextGridControl", "type": "string" + }, + "XPosition": { + "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. All burn-in and DVB-Sub font settings must match.", + "title": "XPosition", + "type": "number" + }, + "YPosition": { + "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. All burn-in and DVB-Sub font settings must match.", + "title": "YPosition", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::EmailChannel": { + "AWS::MediaLive::Channel.CaptionDescription": { "additionalProperties": false, "properties": { - "Condition": { + "Accessibility": { + "markdownDescription": "", + "title": "Accessibility", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CaptionDashRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "CaptionDashRoles", + "type": "array" + }, + "CaptionSelectorName": { + "markdownDescription": "Specifies which input captions selector to use as a captions source when generating output captions. This field should match a captionSelector name.", + "title": "CaptionSelectorName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDestinationSettings", + "markdownDescription": "Additional settings for a captions destination that depend on the destination type.", + "title": "DestinationSettings" }, - "Metadata": { - "type": "object" + "DvbDashAccessibility": { + "markdownDescription": "", + "title": "DvbDashAccessibility", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're specifying the email channel for.", - "title": "ApplicationId", - "type": "string" - }, - "ConfigurationSet": { - "markdownDescription": "The [Amazon SES configuration set](https://docs.aws.amazon.com/ses/latest/APIReference/API_ConfigurationSet.html) that you want to apply to messages that you send through the channel.", - "title": "ConfigurationSet", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the email channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "FromAddress": { - "markdownDescription": "The verified email address that you want to send email from when you send email through the channel.", - "title": "FromAddress", - "type": "string" - }, - "Identity": { - "markdownDescription": "The Amazon Resource Name (ARN) of the identity, verified with Amazon Simple Email Service (Amazon SES), that you want to use when you send email through the channel.", - "title": "Identity", - "type": "string" - }, - "OrchestrationSendingRoleArn": { - "markdownDescription": "The ARN of an IAM role for Amazon Pinpoint to use to send email from your campaigns or journeys through Amazon SES .", - "title": "OrchestrationSendingRoleArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that you want Amazon Pinpoint to use when it submits email-related event data for the channel.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "ApplicationId", - "FromAddress", - "Identity" - ], - "type": "object" + "LanguageCode": { + "markdownDescription": "An ISO 639-2 three-digit code. For more information, see http://www.loc.gov/standards/iso639-2/.", + "title": "LanguageCode", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Pinpoint::EmailChannel" - ], + "LanguageDescription": { + "markdownDescription": "Human-readable information to indicate the captions that are available for players (for example, English or Spanish).", + "title": "LanguageDescription", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the captions description. The name is used to associate a captions description with an output. Names must be unique within a channel.", + "title": "Name", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::EmailTemplate": { + "AWS::MediaLive::Channel.CaptionDestinationSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AribDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AribDestinationSettings", + "markdownDescription": "The configuration of one ARIB captions encode in the output.", + "title": "AribDestinationSettings" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BurnInDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BurnInDestinationSettings", + "markdownDescription": "The configuration of one burn-in captions encode in the output.", + "title": "BurnInDestinationSettings" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DvbSubDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubDestinationSettings", + "markdownDescription": "The configuration of one DVB Sub captions encode in the output.", + "title": "DvbSubDestinationSettings" }, - "Metadata": { - "type": "object" + "EbuTtDDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EbuTtDDestinationSettings", + "markdownDescription": "Settings for EBU-TT captions in the output.", + "title": "EbuTtDDestinationSettings" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", - "type": "string" - }, - "HtmlPart": { - "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", - "title": "HtmlPart", - "type": "string" - }, - "Subject": { - "markdownDescription": "The subject line, or title, to use in email messages that are based on the message template.", - "title": "Subject", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the message template.", - "title": "TemplateName", - "type": "string" - }, - "TextPart": { - "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", - "title": "TextPart", - "type": "string" - } - }, - "required": [ - "Subject", - "TemplateName" - ], - "type": "object" + "EmbeddedDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedDestinationSettings", + "markdownDescription": "The configuration of one embedded captions encode in the output.", + "title": "EmbeddedDestinationSettings" }, - "Type": { - "enum": [ - "AWS::Pinpoint::EmailTemplate" - ], - "type": "string" + "EmbeddedPlusScte20DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings", + "markdownDescription": "The configuration of one embedded plus SCTE-20 captions encode in the output.", + "title": "EmbeddedPlusScte20DestinationSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "RtmpCaptionInfoDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings", + "markdownDescription": "The configuration of one RTMPCaptionInfo captions encode in the output.", + "title": "RtmpCaptionInfoDestinationSettings" + }, + "Scte20PlusEmbeddedDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings", + "markdownDescription": "The configuration of one SCTE20 plus embedded captions encode in the output.", + "title": "Scte20PlusEmbeddedDestinationSettings" + }, + "Scte27DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27DestinationSettings", + "markdownDescription": "The configuration of one SCTE-27 captions encode in the output.", + "title": "Scte27DestinationSettings" + }, + "SmpteTtDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SmpteTtDestinationSettings", + "markdownDescription": "The configuration of one SMPTE-TT captions encode in the output.", + "title": "SmpteTtDestinationSettings" + }, + "TeletextDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextDestinationSettings", + "markdownDescription": "The configuration of one Teletext captions encode in the output.", + "title": "TeletextDestinationSettings" + }, + "TtmlDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TtmlDestinationSettings", + "markdownDescription": "The configuration of one TTML captions encode in the output.", + "title": "TtmlDestinationSettings" + }, + "WebvttDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.WebvttDestinationSettings", + "markdownDescription": "The configuration of one WebVTT captions encode in the output.", + "title": "WebvttDestinationSettings" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::EventStream": { + "AWS::MediaLive::Channel.CaptionLanguageMapping": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you want to export data from.", - "title": "ApplicationId", - "type": "string" - }, - "DestinationStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Stream or Amazon Data Firehose delivery stream that you want to publish event data to.\n\nFor a Kinesis Data Stream, the ARN format is: `arn:aws:kinesis: region : account-id :stream/ stream_name`\n\nFor a Firehose delivery stream, the ARN format is: `arn:aws:firehose: region : account-id :deliverystream/ stream_name`", - "title": "DestinationStreamArn", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The AWS Identity and Access Management (IAM) role that authorizes Amazon Pinpoint to publish event data to the stream in your AWS account.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "ApplicationId", - "DestinationStreamArn", - "RoleArn" - ], - "type": "object" + "CaptionChannel": { + "markdownDescription": "The closed caption channel being described by this CaptionLanguageMapping. Each channel mapping must have a unique channel number (maximum of 4).", + "title": "CaptionChannel", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Pinpoint::EventStream" - ], + "LanguageCode": { + "markdownDescription": "A three-character ISO 639-2 language code (see http://www.loc.gov/standards/iso639-2).", + "title": "LanguageCode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LanguageDescription": { + "markdownDescription": "The textual description of language.", + "title": "LanguageDescription", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::GCMChannel": { + "AWS::MediaLive::Channel.CaptionRectangle": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Height": { + "markdownDescription": "See the description in leftOffset.\n\nFor height, specify the entire height of the rectangle as a percentage of the underlying frame height. For example, \\\"80\\\" means the rectangle height is 80% of the underlying frame height. The topOffset and rectangleHeight must add up to 100% or less. This field corresponds to tts:extent - Y in the TTML standard.", + "title": "Height", + "type": "number" }, - "Metadata": { - "type": "object" + "LeftOffset": { + "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. (Make sure to leave the default if you don't have either of these formats in the output.) You can define a display rectangle for the captions that is smaller than the underlying video frame. You define the rectangle by specifying the position of the left edge, top edge, bottom edge, and right edge of the rectangle, all within the underlying video frame. The units for the measurements are percentages. If you specify a value for one of these fields, you must specify a value for all of them.\n\nFor leftOffset, specify the position of the left edge of the rectangle, as a percentage of the underlying frame width, and relative to the left edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame width. The rectangle left edge starts at that position from the left edge of the frame. This field corresponds to tts:origin - X in the TTML standard.", + "title": "LeftOffset", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApiKey": { - "markdownDescription": "The Web API key, also called the *server key* , that you received from Google to communicate with Google services.", - "title": "ApiKey", - "type": "string" - }, - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the GCM channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "DefaultAuthenticationMethod": { - "markdownDescription": "The default authentication method used for GCM. Values are either \"TOKEN\" or \"KEY\". Defaults to \"KEY\".", - "title": "DefaultAuthenticationMethod", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the GCM channel for the Amazon Pinpoint application.", - "title": "Enabled", - "type": "boolean" - }, - "ServiceJson": { - "markdownDescription": "The contents of the JSON file provided by Google during registration in order to generate an access token for authentication. For more information see [Migrate from legacy FCM APIs to HTTP v1](https://docs.aws.amazon.com/https://firebase.google.com/docs/cloud-messaging/migrate-v1) .", - "title": "ServiceJson", - "type": "string" - } - }, - "required": [ - "ApplicationId" - ], - "type": "object" + "TopOffset": { + "markdownDescription": "See the description in leftOffset.\n\nFor topOffset, specify the position of the top edge of the rectangle, as a percentage of the underlying frame height, and relative to the top edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame height. The rectangle top edge starts at that position from the top edge of the frame. This field corresponds to tts:origin - Y in the TTML standard.", + "title": "TopOffset", + "type": "number" }, - "Type": { - "enum": [ - "AWS::Pinpoint::GCMChannel" - ], + "Width": { + "markdownDescription": "See the description in leftOffset.\n\nFor width, specify the entire width of the rectangle as a percentage of the underlying frame width. For example, \\\"80\\\" means the rectangle width is 80% of the underlying frame width. The leftOffset and rectangleWidth must add up to 100% or less. This field corresponds to tts:extent - X in the TTML standard.", + "title": "Width", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.CaptionSelector": { + "additionalProperties": false, + "properties": { + "LanguageCode": { + "markdownDescription": "When specified, this field indicates the three-letter language code of the captions track to extract from the source.", + "title": "LanguageCode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name identifier for a captions selector. This name is used to associate this captions selector with one or more captions descriptions. Names must be unique within a channel.", + "title": "Name", "type": "string" + }, + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelectorSettings", + "markdownDescription": "Information about the specific audio to extract from the input.", + "title": "SelectorSettings" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::InAppTemplate": { + "AWS::MediaLive::Channel.CaptionSelectorSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AncillarySourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AncillarySourceSettings", + "markdownDescription": "Information about the ancillary captions to extract from the input.", + "title": "AncillarySourceSettings" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "AribSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AribSourceSettings", + "markdownDescription": "Information about the ARIB captions to extract from the input.", + "title": "AribSourceSettings" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DvbSubSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubSourceSettings", + "markdownDescription": "Information about the DVB Sub captions to extract from the input.", + "title": "DvbSubSourceSettings" }, - "Metadata": { - "type": "object" + "EmbeddedSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedSourceSettings", + "markdownDescription": "Information about the embedded captions to extract from the input.", + "title": "EmbeddedSourceSettings" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Content": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.InAppMessageContent" - }, - "markdownDescription": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors.", - "title": "Content", - "type": "array" - }, - "CustomConfig": { - "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", - "title": "CustomConfig", - "type": "object" - }, - "Layout": { - "markdownDescription": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", - "title": "Layout", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "An optional description of the in-app template.", - "title": "TemplateDescription", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the in-app message template.", - "title": "TemplateName", - "type": "string" - } - }, - "required": [ - "TemplateName" - ], - "type": "object" + "Scte20SourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20SourceSettings", + "markdownDescription": "Information about the SCTE-20 captions to extract from the input.", + "title": "Scte20SourceSettings" }, - "Type": { - "enum": [ - "AWS::Pinpoint::InAppTemplate" - ], - "type": "string" + "Scte27SourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27SourceSettings", + "markdownDescription": "Information about the SCTE-27 captions to extract from the input.", + "title": "Scte27SourceSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TeletextSourceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextSourceSettings", + "markdownDescription": "Information about the Teletext captions to extract from the input.", + "title": "TeletextSourceSettings" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::InAppTemplate.BodyConfig": { + "AWS::MediaLive::Channel.CdiInputSpecification": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", - "type": "string" - }, - "Body": { - "markdownDescription": "The main body text of the message.", - "title": "Body", + "Resolution": { + "markdownDescription": "Maximum CDI input resolution", + "title": "Resolution", "type": "string" - }, - "TextColor": { - "markdownDescription": "The color of the body text, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.ChannelEngineVersionRequest": { + "additionalProperties": false, + "properties": { + "Version": { + "markdownDescription": "", + "title": "Version", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.ButtonConfig": { + "AWS::MediaLive::Channel.CmafIngestCaptionLanguageMapping": { "additionalProperties": false, "properties": { - "Android": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration.", - "title": "Android" - }, - "DefaultConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration", - "markdownDescription": "Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users.", - "title": "DefaultConfig" - }, - "IOS": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration.", - "title": "IOS" + "CaptionChannel": { + "markdownDescription": "", + "title": "CaptionChannel", + "type": "number" }, - "Web": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", - "markdownDescription": "Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration.", - "title": "Web" + "LanguageCode": { + "markdownDescription": "", + "title": "LanguageCode", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration": { + "AWS::MediaLive::Channel.CmafIngestGroupSettings": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", + "CaptionLanguageMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestCaptionLanguageMapping" + }, + "markdownDescription": "", + "title": "CaptionLanguageMappings", + "type": "array" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "", + "title": "Destination" + }, + "Id3Behavior": { + "markdownDescription": "", + "title": "Id3Behavior", "type": "string" }, - "BorderRadius": { - "markdownDescription": "The border radius of a button.", - "title": "BorderRadius", - "type": "number" + "Id3NameModifier": { + "markdownDescription": "", + "title": "Id3NameModifier", + "type": "string" }, - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", + "KlvBehavior": { + "markdownDescription": "", + "title": "KlvBehavior", "type": "string" }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", + "KlvNameModifier": { + "markdownDescription": "", + "title": "KlvNameModifier", "type": "string" }, - "Text": { - "markdownDescription": "The text that appears on a button in an in-app message.", - "title": "Text", + "NielsenId3Behavior": { + "markdownDescription": "", + "title": "NielsenId3Behavior", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", + "NielsenId3NameModifier": { + "markdownDescription": "", + "title": "NielsenId3NameModifier", + "type": "string" + }, + "Scte35NameModifier": { + "markdownDescription": "", + "title": "Scte35NameModifier", + "type": "string" + }, + "Scte35Type": { + "markdownDescription": "", + "title": "Scte35Type", + "type": "string" + }, + "SegmentLength": { + "markdownDescription": "", + "title": "SegmentLength", + "type": "number" + }, + "SegmentLengthUnits": { + "markdownDescription": "", + "title": "SegmentLengthUnits", + "type": "string" + }, + "SendDelayMs": { + "markdownDescription": "", + "title": "SendDelayMs", + "type": "number" + }, + "TimedMetadataId3Frame": { + "markdownDescription": "", + "title": "TimedMetadataId3Frame", + "type": "string" + }, + "TimedMetadataId3Period": { + "markdownDescription": "", + "title": "TimedMetadataId3Period", + "type": "number" + }, + "TimedMetadataPassthrough": { + "markdownDescription": "", + "title": "TimedMetadataPassthrough", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.HeaderConfig": { + "AWS::MediaLive::Channel.CmafIngestOutputSettings": { "additionalProperties": false, "properties": { - "Alignment": { - "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", - "title": "Alignment", + "NameModifier": { + "markdownDescription": "", + "title": "NameModifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.ColorCorrection": { + "additionalProperties": false, + "properties": { + "InputColorSpace": { + "markdownDescription": "", + "title": "InputColorSpace", "type": "string" }, - "Header": { - "markdownDescription": "The title text of the in-app message.", - "title": "Header", + "OutputColorSpace": { + "markdownDescription": "", + "title": "OutputColorSpace", "type": "string" }, - "TextColor": { - "markdownDescription": "The color of the title text, expressed as a hex color code (such as #000000 for black).", - "title": "TextColor", + "Uri": { + "markdownDescription": "", + "title": "Uri", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.InAppMessageContent": { + "AWS::MediaLive::Channel.ColorCorrectionSettings": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", - "title": "BackgroundColor", - "type": "string" - }, - "BodyConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.BodyConfig", - "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", - "title": "BodyConfig" - }, - "HeaderConfig": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.HeaderConfig", - "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", - "title": "HeaderConfig" + "GlobalColorCorrections": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrection" + }, + "markdownDescription": "", + "title": "GlobalColorCorrections", + "type": "array" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.ColorSpacePassthroughSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.DolbyVision81Settings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.DvbNitSettings": { + "additionalProperties": false, + "properties": { + "NetworkId": { + "markdownDescription": "The numeric value placed in the Network Information Table (NIT).", + "title": "NetworkId", + "type": "number" }, - "ImageUrl": { - "markdownDescription": "The URL of the image that appears on an in-app message banner.", - "title": "ImageUrl", + "NetworkName": { + "markdownDescription": "The network name text placed in the networkNameDescriptor inside the Network Information Table (NIT). The maximum length is 256 characters.", + "title": "NetworkName", "type": "string" }, - "PrimaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", - "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", - "title": "PrimaryBtn" - }, - "SecondaryBtn": { - "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", - "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", - "title": "SecondaryBtn" + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration": { + "AWS::MediaLive::Channel.DvbSdtSettings": { "additionalProperties": false, "properties": { - "ButtonAction": { - "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", - "title": "ButtonAction", + "OutputSdt": { + "markdownDescription": "Selects a method of inserting SDT information into an output stream. The sdtFollow setting copies SDT information from input stream to output stream. The sdtFollowIfPresent setting copies SDT information from input stream to output stream if SDT information is present in the input. Otherwise, it falls back on the user-defined values. The sdtManual setting means that the user will enter the SDT information. The sdtNone setting means that the output stream will not contain SDT information.", + "title": "OutputSdt", "type": "string" }, - "Link": { - "markdownDescription": "The destination (such as a URL) for a button.", - "title": "Link", + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", + "type": "number" + }, + "ServiceName": { + "markdownDescription": "The service name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", + "title": "ServiceName", + "type": "string" + }, + "ServiceProviderName": { + "markdownDescription": "The service provider name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", + "title": "ServiceProviderName", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::PushTemplate": { + "AWS::MediaLive::Channel.DvbSubDestinationSettings": { "additionalProperties": false, "properties": { - "Condition": { + "Alignment": { + "markdownDescription": "If no explicit xPosition or yPosition is provided, setting the alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. This option is not valid for source captions that are STL or 608/embedded. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "Alignment", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BackgroundColor": { + "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundColor", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BackgroundOpacity": { + "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "BackgroundOpacity", + "type": "number" }, - "Metadata": { - "type": "object" + "Font": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", + "title": "Font" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ADM": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the ADM (Amazon Device Messaging) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "ADM" - }, - "APNS": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate", - "markdownDescription": "The message template to use for the APNs (Apple Push Notification service) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "APNS" - }, - "Baidu": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the Baidu (Baidu Cloud Push) channel. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "Baidu" - }, - "Default": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate", - "markdownDescription": "The default message template to use for push notification channels.", - "title": "Default" - }, - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", - "type": "string" - }, - "GCM": { - "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", - "markdownDescription": "The message template to use for the GCM channel, which is used to send notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. This message template overrides the default template for push notification channels ( `Default` ).", - "title": "GCM" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "TemplateName", - "type": "string" - } - }, - "required": [ - "TemplateName" - ], - "type": "object" + "FontColor": { + "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "FontColor", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Pinpoint::PushTemplate" - ], + "FontOpacity": { + "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", + "title": "FontOpacity", + "type": "number" + }, + "FontResolution": { + "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", + "title": "FontResolution", + "type": "number" + }, + "FontSize": { + "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", + "title": "FontSize", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OutlineColor": { + "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineColor", + "type": "string" + }, + "OutlineSize": { + "markdownDescription": "Specifies the font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "OutlineSize", + "type": "number" + }, + "ShadowColor": { + "markdownDescription": "Specifies the color of the shadow that is cast by the captions. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowColor", + "type": "string" + }, + "ShadowOpacity": { + "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", + "title": "ShadowOpacity", + "type": "number" + }, + "ShadowXOffset": { + "markdownDescription": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowXOffset", + "type": "number" + }, + "ShadowYOffset": { + "markdownDescription": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", + "title": "ShadowYOffset", + "type": "number" + }, + "TeletextGridControl": { + "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies to only Teletext inputs and DVB-Sub/Burn-in outputs.", + "title": "TeletextGridControl", "type": "string" + }, + "XPosition": { + "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "XPosition", + "type": "number" + }, + "YPosition": { + "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", + "title": "YPosition", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate": { + "AWS::MediaLive::Channel.DvbSubSourceSettings": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", + "OcrLanguage": { + "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", + "title": "OcrLanguage", "type": "string" }, - "Body": { - "markdownDescription": "The message body to use in push notifications that are based on the message template.", - "title": "Body", - "type": "string" + "Pid": { + "markdownDescription": "When using DVB-Sub with burn-in or SMPTE-TT, use this PID for the source content. It is unused for DVB-Sub passthrough. All DVB-Sub content is passed through, regardless of selectors.", + "title": "Pid", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.DvbTdtSettings": { + "additionalProperties": false, + "properties": { + "RepInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", + "title": "RepInterval", + "type": "number" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.Eac3AtmosSettings": { + "additionalProperties": false, + "properties": { + "Bitrate": { + "markdownDescription": "", + "title": "Bitrate", + "type": "number" }, - "MediaUrl": { - "markdownDescription": "The URL of an image or video to display in push notifications that are based on the message template.", - "title": "MediaUrl", + "CodingMode": { + "markdownDescription": "", + "title": "CodingMode", "type": "string" }, - "Sound": { - "markdownDescription": "The key for the sound to play when the recipient receives a push notification that's based on the message template. The value for this key is the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", - "title": "Sound", - "type": "string" + "Dialnorm": { + "markdownDescription": "", + "title": "Dialnorm", + "type": "number" }, - "Title": { - "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", + "DrcLine": { + "markdownDescription": "", + "title": "DrcLine", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in the recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", + "DrcRf": { + "markdownDescription": "", + "title": "DrcRf", "type": "string" + }, + "HeightTrim": { + "markdownDescription": "", + "title": "HeightTrim", + "type": "number" + }, + "SurroundTrim": { + "markdownDescription": "", + "title": "SurroundTrim", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate": { + "AWS::MediaLive::Channel.Eac3Settings": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This action uses the deep-linking features of the Android platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", + "AttenuationControl": { + "markdownDescription": "When set to attenuate3Db, applies a 3 dB attenuation to the surround channels. Used only for the 3/2 coding mode.", + "title": "AttenuationControl", "type": "string" }, - "Body": { - "markdownDescription": "The message body to use in a push notification that's based on the message template.", - "title": "Body", + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", + "title": "Bitrate", + "type": "number" + }, + "BitstreamMode": { + "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted E-AC-3 stream. For more information, see ATSC A/52-2012 (Annex E).", + "title": "BitstreamMode", "type": "string" }, - "ImageIconUrl": { - "markdownDescription": "The URL of the large icon image to display in the content view of a push notification that's based on the message template.", - "title": "ImageIconUrl", + "CodingMode": { + "markdownDescription": "The Dolby Digital Plus coding mode. This mode determines the number of channels.", + "title": "CodingMode", "type": "string" }, - "ImageUrl": { - "markdownDescription": "The URL of an image to display in a push notification that's based on the message template.", - "title": "ImageUrl", + "DcFilter": { + "markdownDescription": "When set to enabled, activates a DC highpass filter for all input channels.", + "title": "DcFilter", "type": "string" }, - "SmallImageIconUrl": { - "markdownDescription": "The URL of the small icon image to display in the status bar and the content view of a push notification that's based on the message template.", - "title": "SmallImageIconUrl", + "Dialnorm": { + "markdownDescription": "Sets the dialnorm for the output. If blank and the input audio is Dolby Digital Plus, dialnorm will be passed through.", + "title": "Dialnorm", + "type": "number" + }, + "DrcLine": { + "markdownDescription": "Sets the Dolby dynamic range compression profile.", + "title": "DrcLine", "type": "string" }, - "Sound": { - "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .", - "title": "Sound", + "DrcRf": { + "markdownDescription": "Sets the profile for heavy Dolby dynamic range compression, ensuring that the instantaneous signal peaks do not exceed specified levels.", + "title": "DrcRf", "type": "string" }, - "Title": { - "markdownDescription": "The title to use in a push notification that's based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", + "LfeControl": { + "markdownDescription": "When encoding 3/2 audio, setting to lfe enables the LFE channel.", + "title": "LfeControl", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", + "LfeFilter": { + "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. Valid only with a codingMode32 coding mode.", + "title": "LfeFilter", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate": { - "additionalProperties": false, - "properties": { - "Action": { - "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS and Android platforms.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", - "title": "Action", + }, + "LoRoCenterMixLevel": { + "markdownDescription": "The Left only/Right only center mix level. Used only for the 3/2 coding mode.", + "title": "LoRoCenterMixLevel", + "type": "number" + }, + "LoRoSurroundMixLevel": { + "markdownDescription": "The Left only/Right only surround mix level. Used only for a 3/2 coding mode.", + "title": "LoRoSurroundMixLevel", + "type": "number" + }, + "LtRtCenterMixLevel": { + "markdownDescription": "The Left total/Right total center mix level. Used only for a 3/2 coding mode.", + "title": "LtRtCenterMixLevel", + "type": "number" + }, + "LtRtSurroundMixLevel": { + "markdownDescription": "The Left total/Right total surround mix level. Used only for the 3/2 coding mode.", + "title": "LtRtSurroundMixLevel", + "type": "number" + }, + "MetadataControl": { + "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is not supplied from one of these streams, then the static metadata settings are used.", + "title": "MetadataControl", "type": "string" }, - "Body": { - "markdownDescription": "The message body to use in push notifications that are based on the message template.", - "title": "Body", + "PassthroughControl": { + "markdownDescription": "When set to whenPossible, input DD+ audio will be passed through if it is present on the input. This detection is dynamic over the life of the transcode. Inputs that alternate between DD+ and non-DD+ content will have a consistent DD+ output as the system alternates between passthrough and encoding.", + "title": "PassthroughControl", "type": "string" }, - "Sound": { - "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .\n\nFor an iOS platform, this value is the key for the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", - "title": "Sound", + "PhaseControl": { + "markdownDescription": "When set to shift90Degrees, applies a 90-degree phase shift to the surround channels. Used only for a 3/2 coding mode.", + "title": "PhaseControl", "type": "string" }, - "Title": { - "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", - "title": "Title", + "StereoDownmix": { + "markdownDescription": "A stereo downmix preference. Used only for the 3/2 coding mode.", + "title": "StereoDownmix", "type": "string" }, - "Url": { - "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", - "title": "Url", + "SurroundExMode": { + "markdownDescription": "When encoding 3/2 audio, sets whether an extra center back surround channel is matrix encoded into the left and right surround channels.", + "title": "SurroundExMode", + "type": "string" + }, + "SurroundMode": { + "markdownDescription": "When encoding 2/0 audio, sets whether Dolby Surround is matrix-encoded into the two channels.", + "title": "SurroundMode", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::SMSChannel": { + "AWS::MediaLive::Channel.EbuTtDDestinationSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CopyrightHolder": { + "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. Complete this field if you want to include the name of the copyright holder in the copyright metadata tag in the TTML", + "title": "CopyrightHolder", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "DefaultFontSize": { + "markdownDescription": "", + "title": "DefaultFontSize", + "type": "number" }, - "Metadata": { - "type": "object" + "DefaultLineHeight": { + "markdownDescription": "", + "title": "DefaultLineHeight", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the SMS channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the SMS channel for the application.", - "title": "Enabled", - "type": "boolean" - }, - "SenderId": { - "markdownDescription": "The identity that you want to display on recipients' devices when they receive messages from the SMS channel.\n\n> SenderIDs are only supported in certain countries and regions. For more information, see [Supported Countries and Regions](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) in the *Amazon Pinpoint User Guide* .", - "title": "SenderId", - "type": "string" - }, - "ShortCode": { - "markdownDescription": "The registered short code that you want to use when you send messages through the SMS channel.\n\n> For information about obtaining a dedicated short code for sending SMS messages, see [Requesting Dedicated Short Codes for SMS Messaging with Amazon Pinpoint](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-awssupport-short-code.html) in the *Amazon Pinpoint User Guide* .", - "title": "ShortCode", - "type": "string" - } - }, - "required": [ - "ApplicationId" - ], - "type": "object" + "FillLineGap": { + "markdownDescription": "Specifies how to handle the gap between the lines (in multi-line captions). - enabled: Fill with the captions background color (as specified in the input captions).\n- disabled: Leave the gap unfilled.", + "title": "FillLineGap", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Pinpoint::SMSChannel" - ], + "FontFamily": { + "markdownDescription": "Specifies the font family to include in the font data attached to the EBU-TT captions. Valid only if styleControl is set to include. If you leave this field empty, the font family is set to \"monospaced\". (If styleControl is set to exclude, the font family is always set to \"monospaced\".) You specify only the font family. All other style information (color, bold, position and so on) is copied from the input captions. The size is always set to 100% to allow the downstream player to choose the size. - Enter a list of font families, as a comma-separated list of font names, in order of preference. The name can be a font family (such as \u201cArial\u201d), or a generic font family (such as \u201cserif\u201d), or \u201cdefault\u201d (to let the downstream player choose the font).\n- Leave blank to set the family to \u201cmonospace\u201d.", + "title": "FontFamily", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StyleControl": { + "markdownDescription": "Specifies the style information (font color, font position, and so on) to include in the font data that is attached to the EBU-TT captions. - include: Take the style information (font color, font position, and so on) from the source captions and include that information in the font data attached to the EBU-TT captions. This option is valid only if the source captions are Embedded or Teletext.\n- exclude: In the font data attached to the EBU-TT captions, set the font family to \"monospaced\". Do not include any other style information.", + "title": "StyleControl", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::Segment": { + "AWS::MediaLive::Channel.EmbeddedDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.EmbeddedSourceSettings": { "additionalProperties": false, "properties": { - "Condition": { + "Convert608To708": { + "markdownDescription": "If this is upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. If 708 data is present in the source content, it is discarded.", + "title": "Convert608To708", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Scte20Detection": { + "markdownDescription": "Set to \"auto\" to handle streams with intermittent or non-aligned SCTE-20 and embedded captions.", + "title": "Scte20Detection", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the segment is associated with.", - "title": "ApplicationId", - "type": "string" - }, - "Dimensions": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions", - "markdownDescription": "An array that defines the dimensions for the segment.", - "title": "Dimensions" - }, - "Name": { - "markdownDescription": "The name of the segment.\n\n> A segment must have a name otherwise it will not appear in the Amazon Pinpoint console.", - "title": "Name", - "type": "string" - }, - "SegmentGroups": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentGroups", - "markdownDescription": "The segment group to use and the dimensions to apply to the group's base segments in order to build the segment. A segment group can consist of zero or more base segments. Your request can include only one segment group.", - "title": "SegmentGroups" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - } - }, - "required": [ - "ApplicationId", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::Segment" - ], - "type": "string" + "Source608ChannelNumber": { + "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions. This is unused for passthrough.", + "title": "Source608ChannelNumber", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Source608TrackNumber": { + "markdownDescription": "This field is unused and deprecated.", + "title": "Source608TrackNumber", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::Segment.AttributeDimension": { + "AWS::MediaLive::Channel.EncoderSettings": { "additionalProperties": false, "properties": { - "AttributeType": { - "type": "string" + "AudioDescriptions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDescription" + }, + "markdownDescription": "The encoding information for output audio.", + "title": "AudioDescriptions", + "type": "array" }, - "Values": { + "AvailBlanking": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailBlanking", + "markdownDescription": "The settings for ad avail blanking.", + "title": "AvailBlanking" + }, + "AvailConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AvailConfiguration", + "markdownDescription": "The configuration settings for the ad avail handling.", + "title": "AvailConfiguration" + }, + "BlackoutSlate": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BlackoutSlate", + "markdownDescription": "The settings for the blackout slate.", + "title": "BlackoutSlate" + }, + "CaptionDescriptions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDescription" + }, + "markdownDescription": "The encoding information for output captions.", + "title": "CaptionDescriptions", + "type": "array" + }, + "ColorCorrectionSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrectionSettings", + "markdownDescription": "", + "title": "ColorCorrectionSettings" + }, + "FeatureActivations": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FeatureActivations", + "markdownDescription": "Settings to enable specific features.", + "title": "FeatureActivations" + }, + "GlobalConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.GlobalConfiguration", + "markdownDescription": "The configuration settings that apply to the entire channel.", + "title": "GlobalConfiguration" + }, + "MotionGraphicsConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsConfiguration", + "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsConfiguration" + }, + "NielsenConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenConfiguration", + "markdownDescription": "The settings to configure Nielsen watermarks.", + "title": "NielsenConfiguration" + }, + "OutputGroups": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroup" + }, + "markdownDescription": "The settings for the output groups in the channel.", + "title": "OutputGroups", + "type": "array" + }, + "ThumbnailConfiguration": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ThumbnailConfiguration", + "markdownDescription": "", + "title": "ThumbnailConfiguration" + }, + "TimecodeConfig": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeConfig", + "markdownDescription": "Contains settings used to acquire and adjust timecode information from the inputs.", + "title": "TimecodeConfig" + }, + "VideoDescriptions": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoDescription" }, + "markdownDescription": "The encoding information for output videos.", + "title": "VideoDescriptions", "type": "array" } }, "type": "object" }, - "AWS::Pinpoint::Segment.Behavior": { + "AWS::MediaLive::Channel.EpochLockingSettings": { "additionalProperties": false, "properties": { - "Recency": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Recency", - "markdownDescription": "Specifies how recently segment members were active.", - "title": "Recency" + "CustomEpoch": { + "markdownDescription": "", + "title": "CustomEpoch", + "type": "string" + }, + "JamSyncTime": { + "markdownDescription": "", + "title": "JamSyncTime", + "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Segment.Coordinates": { + "AWS::MediaLive::Channel.Esam": { "additionalProperties": false, "properties": { - "Latitude": { - "markdownDescription": "The latitude coordinate of the location.", - "title": "Latitude", - "type": "number" + "AcquisitionPointId": { + "markdownDescription": "", + "title": "AcquisitionPointId", + "type": "string" }, - "Longitude": { - "markdownDescription": "The longitude coordinate of the location.", - "title": "Longitude", + "AdAvailOffset": { + "markdownDescription": "", + "title": "AdAvailOffset", "type": "number" + }, + "PasswordParam": { + "markdownDescription": "", + "title": "PasswordParam", + "type": "string" + }, + "PoisEndpoint": { + "markdownDescription": "", + "title": "PoisEndpoint", + "type": "string" + }, + "Username": { + "markdownDescription": "", + "title": "Username", + "type": "string" + }, + "ZoneIdentity": { + "markdownDescription": "", + "title": "ZoneIdentity", + "type": "string" } }, - "required": [ - "Latitude", - "Longitude" - ], "type": "object" }, - "AWS::Pinpoint::Segment.Demographic": { + "AWS::MediaLive::Channel.FailoverCondition": { "additionalProperties": false, "properties": { - "AppVersion": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The app version criteria for the segment.", - "title": "AppVersion" - }, - "Channel": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The channel criteria for the segment.", - "title": "Channel" - }, - "DeviceType": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device type criteria for the segment.", - "title": "DeviceType" - }, - "Make": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device make criteria for the segment.", - "title": "Make" - }, - "Model": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device model criteria for the segment.", - "title": "Model" - }, - "Platform": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The device platform criteria for the segment.", - "title": "Platform" + "FailoverConditionSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverConditionSettings", + "markdownDescription": "Settings for a specific failover condition.", + "title": "FailoverConditionSettings" } }, "type": "object" }, - "AWS::Pinpoint::Segment.GPSPoint": { + "AWS::MediaLive::Channel.FailoverConditionSettings": { "additionalProperties": false, "properties": { - "Coordinates": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Coordinates", - "markdownDescription": "The GPS coordinates to measure distance from.", - "title": "Coordinates" + "AudioSilenceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSilenceFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if the specified audio selector is silent for the specified period.", + "title": "AudioSilenceSettings" }, - "RangeInKilometers": { - "markdownDescription": "The range, in kilometers, from the GPS coordinates.", - "title": "RangeInKilometers", - "type": "number" + "InputLossSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if content is not detected in this input for the specified period.", + "title": "InputLossSettings" + }, + "VideoBlackSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoBlackFailoverSettings", + "markdownDescription": "MediaLive will perform a failover if content is considered black for the specified period.", + "title": "VideoBlackSettings" } }, - "required": [ - "Coordinates", - "RangeInKilometers" - ], "type": "object" }, - "AWS::Pinpoint::Segment.Groups": { + "AWS::MediaLive::Channel.FeatureActivations": { "additionalProperties": false, "properties": { - "Dimensions": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions" - }, - "markdownDescription": "An array that defines the dimensions to include or exclude from the segment.", - "title": "Dimensions", - "type": "array" - }, - "SourceSegments": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SourceSegments" - }, - "markdownDescription": "The base segment to build the segment on. A base segment, also called a *source segment* , defines the initial population of endpoints for a segment. When you add dimensions to the segment, Amazon Pinpoint filters the base segment by using the dimensions that you specify.\n\nYou can specify more than one dimensional segment or only one imported segment. If you specify an imported segment, the segment size estimate that displays on the Amazon Pinpoint console indicates the size of the imported segment without any filters applied to it.", - "title": "SourceSegments", - "type": "array" - }, - "SourceType": { - "markdownDescription": "Specifies how to handle multiple base segments for the segment. For example, if you specify three base segments for the segment, whether the resulting segment is based on all, any, or none of the base segments.", - "title": "SourceType", + "InputPrepareScheduleActions": { + "markdownDescription": "Enables the Input Prepare feature. You can create Input Prepare actions in the schedule only if this feature is enabled.\nIf you disable the feature on an existing schedule, make sure that you first delete all input prepare actions from the schedule.", + "title": "InputPrepareScheduleActions", "type": "string" }, - "Type": { - "markdownDescription": "Specifies how to handle multiple dimensions for the segment. For example, if you specify three dimensions for the segment, whether the resulting segment includes endpoints that match all, any, or none of the dimensions.", - "title": "Type", + "OutputStaticImageOverlayScheduleActions": { + "markdownDescription": "", + "title": "OutputStaticImageOverlayScheduleActions", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Segment.Location": { + "AWS::MediaLive::Channel.FecOutputSettings": { "additionalProperties": false, "properties": { - "Country": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", - "markdownDescription": "The country or region code, in ISO 3166-1 alpha-2 format, for the segment.", - "title": "Country" + "ColumnDepth": { + "markdownDescription": "The parameter D from SMPTE 2022-1. The height of the FEC protection matrix. The number of transport stream packets per column error correction packet. The number must be between 4 and 20, inclusive.", + "title": "ColumnDepth", + "type": "number" }, - "GPSPoint": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.GPSPoint", - "markdownDescription": "The GPS point dimension for the segment.", - "title": "GPSPoint" + "IncludeFec": { + "markdownDescription": "Enables column only or column and row-based FEC.", + "title": "IncludeFec", + "type": "string" + }, + "RowLength": { + "markdownDescription": "The parameter L from SMPTE 2022-1. The width of the FEC protection matrix. Must be between 1 and 20, inclusive. If only Column FEC is used, then larger values increase robustness. If Row FEC is used, then this is the number of transport stream packets per row error correction packet, and the value must be between 4 and 20, inclusive, if includeFec is columnAndRow. If includeFec is column, this value must be 1 to 20, inclusive.", + "title": "RowLength", + "type": "number" } }, "type": "object" }, - "AWS::Pinpoint::Segment.Recency": { + "AWS::MediaLive::Channel.Fmp4HlsSettings": { "additionalProperties": false, "properties": { - "Duration": { - "markdownDescription": "The duration to use when determining which users have been active or inactive with your app.\n\nPossible values: `HR_24` | `DAY_7` | `DAY_14` | `DAY_30` .", - "title": "Duration", + "AudioRenditionSets": { + "markdownDescription": "List all the audio groups that are used with the video output stream. Input all the audio GROUP-IDs that are associated to the video, separate by ','.", + "title": "AudioRenditionSets", "type": "string" }, - "RecencyType": { - "markdownDescription": "The type of recency dimension to use for the segment. Valid values are: `ACTIVE` and `INACTIVE` . If the value is `ACTIVE` , the segment includes users who have used your app within the specified duration are included in the segment. If the value is `INACTIVE` , the segment includes users who haven't used your app within the specified duration are included in the segment.", - "title": "RecencyType", + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", + "type": "string" + }, + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", "type": "string" } }, - "required": [ - "Duration", - "RecencyType" - ], "type": "object" }, - "AWS::Pinpoint::Segment.SegmentDimensions": { + "AWS::MediaLive::Channel.FrameCaptureCdnSettings": { "additionalProperties": false, "properties": { - "Attributes": { - "markdownDescription": "One or more custom attributes to use as criteria for the segment. For more information see [AttributeDimension](https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#apps-application-id-segments-model-attributedimension)", - "title": "Attributes", - "type": "object" - }, - "Behavior": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Behavior", - "markdownDescription": "The behavior-based criteria, such as how recently users have used your app, for the segment.", - "title": "Behavior" - }, - "Demographic": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Demographic", - "markdownDescription": "The demographic-based criteria, such as device platform, for the segment.", - "title": "Demographic" - }, - "Location": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Location", - "markdownDescription": "The location-based criteria, such as region or GPS coordinates, for the segment.", - "title": "Location" - }, - "Metrics": { - "markdownDescription": "One or more custom metrics to use as criteria for the segment.", - "title": "Metrics", - "type": "object" - }, - "UserAttributes": { - "markdownDescription": "One or more custom user attributes to use as criteria for the segment.", - "title": "UserAttributes", - "type": "object" + "FrameCaptureS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this Frame Capture output.", + "title": "FrameCaptureS3Settings" } }, "type": "object" }, - "AWS::Pinpoint::Segment.SegmentGroups": { + "AWS::MediaLive::Channel.FrameCaptureGroupSettings": { "additionalProperties": false, "properties": { - "Groups": { - "items": { - "$ref": "#/definitions/AWS::Pinpoint::Segment.Groups" - }, - "markdownDescription": "Specifies the set of segment criteria to evaluate when handling segment groups for the segment.", - "title": "Groups", - "type": "array" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The destination for the frame capture files. The destination is either the URI for an Amazon S3 bucket and object, plus a file name prefix (for example, s3ssl://sportsDelivery/highlights/20180820/curling_) or the URI for a MediaStore container, plus a file name prefix (for example, mediastoressl://sportsDelivery/20180820/curling_). The final file names consist of the prefix from the destination field (for example, \"curling_\") + name modifier + the counter (5 digits, starting from 00001) + extension (which is always .jpg). For example, curlingLow.00001.jpg.", + "title": "Destination" }, - "Include": { - "markdownDescription": "Specifies how to handle multiple segment groups for the segment. For example, if the segment includes three segment groups, whether the resulting segment includes endpoints that match all, any, or none of the segment groups.", - "title": "Include", + "FrameCaptureCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureCdnSettings", + "markdownDescription": "Settings to configure the destination of a Frame Capture output.", + "title": "FrameCaptureCdnSettings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.FrameCaptureHlsSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.FrameCaptureOutputSettings": { + "additionalProperties": false, + "properties": { + "NameModifier": { + "markdownDescription": "Required if the output group contains more than one output. This modifier forms part of the output file name.", + "title": "NameModifier", "type": "string" } }, "type": "object" }, - "AWS::Pinpoint::Segment.SetDimension": { + "AWS::MediaLive::Channel.FrameCaptureS3Settings": { "additionalProperties": false, "properties": { - "DimensionType": { - "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", - "title": "DimensionType", + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", - "title": "Values", - "type": "array" } }, "type": "object" }, - "AWS::Pinpoint::Segment.SourceSegments": { + "AWS::MediaLive::Channel.FrameCaptureSettings": { "additionalProperties": false, "properties": { - "Id": { - "markdownDescription": "The unique identifier for the source segment.", - "title": "Id", + "CaptureInterval": { + "markdownDescription": "The frequency, in seconds, for capturing frames for inclusion in the output. For example, \"10\" means capture a frame every 10 seconds.", + "title": "CaptureInterval", + "type": "number" + }, + "CaptureIntervalUnits": { + "markdownDescription": "Unit for the frame capture interval.", + "title": "CaptureIntervalUnits", "type": "string" }, - "Version": { - "markdownDescription": "The version number of the source segment.", - "title": "Version", - "type": "number" + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" } }, - "required": [ - "Id" - ], "type": "object" }, - "AWS::Pinpoint::SmsTemplate": { + "AWS::MediaLive::Channel.GlobalConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "InitialAudioGain": { + "markdownDescription": "The value to set the initial audio gain for the channel.", + "title": "InitialAudioGain", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InputEndAction": { + "markdownDescription": "Indicates the action to take when the current input completes (for example, end-of-file). When switchAndLoopInputs is configured, MediaLive restarts at the beginning of the first input. When \"none\" is configured, MediaLive transcodes either black, a solid color, or a user-specified slate images per the \"Input Loss Behavior\" configuration until the next input switch occurs (which is controlled through the Channel Schedule API).", + "title": "InputEndAction", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InputLossBehavior": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossBehavior", + "markdownDescription": "The settings for system actions when the input is lost.", + "title": "InputLossBehavior" }, - "Metadata": { - "type": "object" + "OutputLockingMode": { + "markdownDescription": "Indicates how MediaLive pipelines are synchronized. PIPELINELOCKING - MediaLive attempts to synchronize the output of each pipeline to the other. EPOCHLOCKING - MediaLive attempts to synchronize the output of each pipeline to the Unix epoch.", + "title": "OutputLockingMode", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Body": { - "markdownDescription": "The message body to use in text messages that are based on the message template.", - "title": "Body", - "type": "string" - }, - "DefaultSubstitutions": { - "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", - "title": "DefaultSubstitutions", - "type": "string" - }, - "Tags": { - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "object" - }, - "TemplateDescription": { - "markdownDescription": "A custom description of the message template.", - "title": "TemplateDescription", - "type": "string" - }, - "TemplateName": { - "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", - "title": "TemplateName", - "type": "string" - } - }, - "required": [ - "Body", - "TemplateName" - ], - "type": "object" + "OutputLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLockingSettings", + "markdownDescription": "", + "title": "OutputLockingSettings" }, - "Type": { - "enum": [ - "AWS::Pinpoint::SmsTemplate" - ], + "OutputTimingSource": { + "markdownDescription": "Indicates whether the rate of frames emitted by the Live encoder should be paced by its system clock (which optionally might be locked to another source through NTP) or should be locked to the clock of the source that is providing the input stream.", + "title": "OutputTimingSource", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SupportLowFramerateInputs": { + "markdownDescription": "Adjusts the video input buffer for streams with very low video frame rates. This is commonly set to enabled for music channels with less than one video frame per second.", + "title": "SupportLowFramerateInputs", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Pinpoint::VoiceChannel": { + "AWS::MediaLive::Channel.H264ColorSpaceSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "Passthrough applies no color space conversion to the output.", + "title": "ColorSpacePassthroughSettings" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "Settings to configure the handling of Rec601 color space.", + "title": "Rec601Settings" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationId": { - "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the voice channel applies to.", - "title": "ApplicationId", - "type": "string" - }, - "Enabled": { - "markdownDescription": "Specifies whether to enable the voice channel for the application.", - "title": "Enabled", - "type": "boolean" - } - }, - "required": [ - "ApplicationId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Pinpoint::VoiceChannel" - ], - "type": "string" + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "Settings to configure the handling of Rec709 color space.", + "title": "Rec709Settings" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.H264FilterSettings": { + "additionalProperties": false, + "properties": { + "BandwidthReductionFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BandwidthReductionFilterSettings", + "markdownDescription": "", + "title": "BandwidthReductionFilterSettings" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet": { + "AWS::MediaLive::Channel.H264Settings": { "additionalProperties": false, "properties": { - "Condition": { + "AdaptiveQuantization": { + "markdownDescription": "The adaptive quantization. This allows intra-frame quantizers to vary to improve visual quality.", + "title": "AdaptiveQuantization", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AfdSignaling": { + "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is auto, the system tries to preserve the input AFD value (in cases where multiple AFD values are valid). If set to fixed, the AFD value is the value configured in the fixedAfd parameter.", + "title": "AfdSignaling", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second. This is required when the rate control mode is VBR or CBR. It isn't used for QVBR. In a Microsoft Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", + "title": "Bitrate", + "type": "number" }, - "Metadata": { - "type": "object" + "BufFillPct": { + "markdownDescription": "The percentage of the buffer that should initially be filled (HRD buffer model).", + "title": "BufFillPct", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeliveryOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.DeliveryOptions", - "markdownDescription": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.", - "title": "DeliveryOptions" - }, - "Name": { - "markdownDescription": "The name of the configuration set.", - "title": "Name", - "type": "string" - }, - "ReputationOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.ReputationOptions", - "markdownDescription": "An object that defines whether or not Amazon Pinpoint collects reputation metrics for the emails that you send that use the configuration set.", - "title": "ReputationOptions" - }, - "SendingOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.SendingOptions", - "markdownDescription": "An object that defines whether or not Amazon Pinpoint can send email that you send using the configuration set.", - "title": "SendingOptions" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the configuration set.", - "title": "Tags", - "type": "array" - }, - "TrackingOptions": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.TrackingOptions", - "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", - "title": "TrackingOptions" - } - }, - "required": [ - "Name" - ], - "type": "object" + "BufSize": { + "markdownDescription": "The size of the buffer (HRD buffer model) in bits/second.", + "title": "BufSize", + "type": "number" }, - "Type": { - "enum": [ - "AWS::PinpointEmail::ConfigurationSet" - ], + "ColorMetadata": { + "markdownDescription": "Includes color space metadata in the output.", + "title": "ColorMetadata", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264ColorSpaceSettings", + "markdownDescription": "Settings to configure the color space handling for the video.", + "title": "ColorSpaceSettings" + }, + "EntropyEncoding": { + "markdownDescription": "The entropy encoding mode. Use cabac (must be in Main or High profile) or cavlc.", + "title": "EntropyEncoding", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { - "additionalProperties": false, - "properties": { - "SendingPoolName": { - "markdownDescription": "The name of the dedicated IP pool that you want to associate with the configuration set.", - "title": "SendingPoolName", + }, + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264FilterSettings", + "markdownDescription": "Optional filters that you can apply to an encode.", + "title": "FilterSettings" + }, + "FixedAfd": { + "markdownDescription": "A four-bit AFD value to write on all frames of video in the output stream. Valid only when afdSignaling is set to Fixed.", + "title": "FixedAfd", + "type": "string" + }, + "FlickerAq": { + "markdownDescription": "If set to enabled, adjusts the quantization within each frame to reduce flicker or pop on I-frames.", + "title": "FlickerAq", + "type": "string" + }, + "ForceFieldPictures": { + "markdownDescription": "This setting applies only when scan type is \"interlaced.\" It controls whether coding is performed on a field basis or on a frame basis. (When the video is progressive, the coding is always performed on a frame basis.)\nenabled: Force MediaLive to code on a field basis, so that odd and even sets of fields are coded separately.\ndisabled: Code the two sets of fields separately (on a field basis) or together (on a frame basis using PAFF), depending on what is most appropriate for the content.", + "title": "ForceFieldPictures", + "type": "string" + }, + "FramerateControl": { + "markdownDescription": "Indicates how the output video frame rate is specified. If you select \"specified,\" the output video frame rate is determined by framerateNumerator and framerateDenominator. If you select \"initializeFromSource,\" the output video frame rate is set equal to the input video frame rate of the first input.", + "title": "FramerateControl", + "type": "string" + }, + "FramerateDenominator": { + "markdownDescription": "The frame rate denominator.", + "title": "FramerateDenominator", + "type": "number" + }, + "FramerateNumerator": { + "markdownDescription": "The frame rate numerator. The frame rate is a fraction, for example, 24000/1001 = 23.976 fps.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopBReference": { + "markdownDescription": "If enabled, uses reference B frames for GOP structures that have B frames > 1.", + "title": "GopBReference", + "type": "string" + }, + "GopClosedCadence": { + "markdownDescription": "The frequency of closed GOPs. In streaming applications, we recommend that you set this to 1 so that a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopNumBFrames": { + "markdownDescription": "The number of B-frames between reference frames.", + "title": "GopNumBFrames", + "type": "number" + }, + "GopSize": { + "markdownDescription": "The GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits. The value must be greater than zero.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds, the system converts the gopSize into a frame count at runtime.", + "title": "GopSizeUnits", + "type": "string" + }, + "Level": { + "markdownDescription": "The H.264 level.", + "title": "Level", + "type": "string" + }, + "LookAheadRateControl": { + "markdownDescription": "The amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", + "title": "LookAheadRateControl", + "type": "string" + }, + "MaxBitrate": { + "markdownDescription": "For QVBR: See the tooltip for Quality level. For VBR: Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.", + "title": "MaxBitrate", + "type": "number" + }, + "MinIInterval": { + "markdownDescription": "Meaningful only if sceneChangeDetect is set to enabled. This setting enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting the I-interval. The normal cadence resumes for the next GOP. Note that the maximum GOP stretch = GOP size + Min-I-interval - 1.", + "title": "MinIInterval", + "type": "number" + }, + "MinQp": { + "markdownDescription": "", + "title": "MinQp", + "type": "number" + }, + "NumRefFrames": { + "markdownDescription": "The number of reference frames to use. The encoder might use more than requested if you use B-frames or interlaced encoding.", + "title": "NumRefFrames", + "type": "number" + }, + "ParControl": { + "markdownDescription": "Indicates how the output pixel aspect ratio is specified. If \"specified\" is selected, the output video pixel aspect ratio is determined by parNumerator and parDenominator. If \"initializeFromSource\" is selected, the output pixels aspect ratio will be set equal to the input video pixel aspect ratio of the first input.", + "title": "ParControl", + "type": "string" + }, + "ParDenominator": { + "markdownDescription": "The Pixel Aspect Ratio denominator.", + "title": "ParDenominator", + "type": "number" + }, + "ParNumerator": { + "markdownDescription": "The Pixel Aspect Ratio numerator.", + "title": "ParNumerator", + "type": "number" + }, + "Profile": { + "markdownDescription": "An H.264 profile.", + "title": "Profile", + "type": "string" + }, + "QualityLevel": { + "markdownDescription": "Leave as STANDARD_QUALITY or choose a different value (which might result in additional costs to run the channel).\n- ENHANCED_QUALITY: Produces a slightly better video quality without an increase in the bitrate. Has an effect only when the Rate control mode is QVBR or CBR. If this channel is in a MediaLive multiplex, the value must be ENHANCED_QUALITY.\n- STANDARD_QUALITY: Valid for any Rate control mode.", + "title": "QualityLevel", + "type": "string" + }, + "QvbrQualityLevel": { + "markdownDescription": "Controls the target quality for the video encode. This applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are: - Primary screen: Quality level: 8 to 10. Max bitrate: 4M - PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M - Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M.", + "title": "QvbrQualityLevel", + "type": "number" + }, + "RateControlMode": { + "markdownDescription": "The rate control mode. QVBR: The quality will match the specified quality level except when it is constrained by the maximum bitrate. We recommend this if you or your viewers pay for bandwidth. VBR: The quality and bitrate vary, depending on the video complexity. We recommend this instead of QVBR if you want to maintain a specific average bitrate over the duration of the channel. CBR: The quality varies, depending on the video complexity. We recommend this only if you distribute your assets to devices that can't handle variable bitrates.", + "title": "RateControlMode", + "type": "string" + }, + "ScanType": { + "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", + "title": "ScanType", + "type": "string" + }, + "SceneChangeDetect": { + "markdownDescription": "The scene change detection. On: inserts I-frames when the scene change is detected. Off: does not force an I-frame when the scene change is detected.", + "title": "SceneChangeDetect", + "type": "string" + }, + "Slices": { + "markdownDescription": "The number of slices per picture. The number must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures. This field is optional. If you don't specify a value, MediaLive chooses the number of slices based on the encode resolution.", + "title": "Slices", + "type": "number" + }, + "Softness": { + "markdownDescription": "Softness. Selects a quantizer matrix. Larger values reduce high-frequency content in the encoded image.", + "title": "Softness", + "type": "number" + }, + "SpatialAq": { + "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the spatial variation of content complexity.", + "title": "SpatialAq", + "type": "string" + }, + "SubgopLength": { + "markdownDescription": "If set to fixed, uses gopNumBFrames B-frames per sub-GOP. If set to dynamic, optimizes the number of B-frames used for each sub-GOP to improve visual quality.", + "title": "SubgopLength", + "type": "string" + }, + "Syntax": { + "markdownDescription": "Produces a bitstream that is compliant with SMPTE RP-2027.", + "title": "Syntax", + "type": "string" + }, + "TemporalAq": { + "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the temporal variation of content complexity.", + "title": "TemporalAq", + "type": "string" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" + }, + "TimecodeInsertion": { + "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream. disabled: don't include timecodes. picTimingSei: pass through picture timing SEI messages from the source specified in Timecode Config.", + "title": "TimecodeInsertion", "type": "string" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.ReputationOptions": { + "AWS::MediaLive::Channel.H265ColorSpaceSettings": { "additionalProperties": false, "properties": { - "ReputationMetricsEnabled": { - "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", - "title": "ReputationMetricsEnabled", - "type": "boolean" + "ColorSpacePassthroughSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", + "markdownDescription": "Passthrough applies no color space conversion to the output.", + "title": "ColorSpacePassthroughSettings" + }, + "DolbyVision81Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DolbyVision81Settings", + "markdownDescription": "", + "title": "DolbyVision81Settings" + }, + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "Settings to configure the handling of HDR10 color space.", + "title": "Hdr10Settings" + }, + "Rec601Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", + "markdownDescription": "Settings to configure the handling of Rec601 color space.", + "title": "Rec601Settings" + }, + "Rec709Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", + "markdownDescription": "Settings to configure the handling of Rec709 color space.", + "title": "Rec709Settings" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.SendingOptions": { + "AWS::MediaLive::Channel.H265FilterSettings": { "additionalProperties": false, "properties": { - "SendingEnabled": { - "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", - "title": "SendingEnabled", - "type": "boolean" + "BandwidthReductionFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.BandwidthReductionFilterSettings", + "markdownDescription": "", + "title": "BandwidthReductionFilterSettings" + }, + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, "type": "object" }, - "AWS::PinpointEmail::ConfigurationSet.Tags": { + "AWS::MediaLive::Channel.H265Settings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the configuration set, then this value is required.", - "title": "Key", + "AdaptiveQuantization": { + "markdownDescription": "Adaptive quantization. Allows intra-frame quantizers to vary to improve visual quality.", + "title": "AdaptiveQuantization", "type": "string" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::PinpointEmail::ConfigurationSet.TrackingOptions": { - "additionalProperties": false, - "properties": { - "CustomRedirectDomain": { - "markdownDescription": "The domain that you want to use for tracking open and click events.", - "title": "CustomRedirectDomain", + "AfdSignaling": { + "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is \"auto\", the system will try to preserve the input AFD value (in cases where multiple AFD values are valid). If set to \"fixed\", the AFD value will be the value configured in the fixedAfd parameter.", + "title": "AfdSignaling", "type": "string" - } - }, - "type": "object" - }, - "AWS::PinpointEmail::ConfigurationSetEventDestination": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "AlternativeTransferFunction": { + "markdownDescription": "Whether or not EML should insert an Alternative Transfer Function SEI message to support backwards compatibility with non-HDR decoders and displays.", + "title": "AlternativeTransferFunction", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Bitrate": { + "markdownDescription": "Average bitrate in bits/second. Required when the rate control mode is VBR or CBR. Not used for QVBR. In an MS Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", + "title": "Bitrate", + "type": "number" + }, + "BufSize": { + "markdownDescription": "Size of buffer (HRD buffer model) in bits.", + "title": "BufSize", + "type": "number" + }, + "ColorMetadata": { + "markdownDescription": "Includes colorspace metadata in the output.", + "title": "ColorMetadata", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265ColorSpaceSettings", + "markdownDescription": "Color Space settings", + "title": "ColorSpaceSettings" }, - "Metadata": { - "type": "object" + "Deblocking": { + "markdownDescription": "", + "title": "Deblocking", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ConfigurationSetName": { - "markdownDescription": "The name of the configuration set that contains the event destination that you want to modify.", - "title": "ConfigurationSetName", - "type": "string" - }, - "EventDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination", - "markdownDescription": "An object that defines the event destination.", - "title": "EventDestination" - }, - "EventDestinationName": { - "markdownDescription": "The name of the event destination that you want to modify.", - "title": "EventDestinationName", - "type": "string" - } - }, - "required": [ - "ConfigurationSetName", - "EventDestinationName" - ], - "type": "object" + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265FilterSettings", + "markdownDescription": "Optional filters that you can apply to an encode.", + "title": "FilterSettings" }, - "Type": { - "enum": [ - "AWS::PinpointEmail::ConfigurationSetEventDestination" - ], + "FixedAfd": { + "markdownDescription": "Four bit AFD value to write on all frames of video in the output stream. Only valid when afdSignaling is set to 'Fixed'.", + "title": "FixedAfd", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FlickerAq": { + "markdownDescription": "If set to enabled, adjust quantization within each frame to reduce flicker or 'pop' on I-frames.", + "title": "FlickerAq", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination": { - "additionalProperties": false, - "properties": { - "DimensionConfigurations": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration" - }, - "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", - "title": "DimensionConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration": { - "additionalProperties": false, - "properties": { - "DefaultDimensionValue": { - "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DefaultDimensionValue", + }, + "FramerateDenominator": { + "markdownDescription": "Framerate denominator.", + "title": "FramerateDenominator", + "type": "number" + }, + "FramerateNumerator": { + "markdownDescription": "Framerate numerator - framerate is a fraction, e.g. 24000 / 1001 = 23.976 fps.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopClosedCadence": { + "markdownDescription": "Frequency of closed GOPs. In streaming applications, it is recommended that this be set to 1 so a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopSize": { + "markdownDescription": "GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits.\nIf gopSizeUnits is frames, gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, gopSize must be greater than 0, but need not be an integer.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds the system will convert the gopSize into a frame count at run time.", + "title": "GopSizeUnits", "type": "string" }, - "DimensionName": { - "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DimensionName", + "Level": { + "markdownDescription": "H.265 Level.", + "title": "Level", "type": "string" }, - "DimensionValueSource": { - "markdownDescription": "The location where Amazon Pinpoint finds the value of a dimension to publish to Amazon CloudWatch. Acceptable values: `MESSAGE_TAG` , `EMAIL_HEADER` , and `LINK_TAG` .\n\nIf you want Amazon Pinpoint to use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` API, choose `MESSAGE_TAG` . If you want Amazon Pinpoint to use your own email headers, choose `EMAIL_HEADER` . If you want Amazon Pinpoint to use tags that are specified in your links, choose `LINK_TAG` .", - "title": "DimensionValueSource", + "LookAheadRateControl": { + "markdownDescription": "Amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", + "title": "LookAheadRateControl", "type": "string" - } - }, - "required": [ - "DefaultDimensionValue", - "DimensionName", - "DimensionValueSource" - ], - "type": "object" - }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination": { - "additionalProperties": false, - "properties": { - "CloudWatchDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination", - "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", - "title": "CloudWatchDestination" }, - "Enabled": { - "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", - "title": "Enabled", - "type": "boolean" + "MaxBitrate": { + "markdownDescription": "For QVBR: See the tooltip for Quality level", + "title": "MaxBitrate", + "type": "number" }, - "KinesisFirehoseDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination", - "markdownDescription": "An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift.", - "title": "KinesisFirehoseDestination" + "MinIInterval": { + "markdownDescription": "Only meaningful if sceneChangeDetect is set to enabled. Defaults to 5 if multiplex rate control is used. Enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk and/or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting I-interval. The normal cadence resumes for the next GOP. Note: Maximum GOP stretch = GOP size + Min-I-interval - 1", + "title": "MinIInterval", + "type": "number" }, - "MatchingEventTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of events that Amazon Pinpoint sends to the specified event destinations. Acceptable values: `SEND` , `REJECT` , `BOUNCE` , `COMPLAINT` , `DELIVERY` , `OPEN` , `CLICK` , and `RENDERING_FAILURE` .", - "title": "MatchingEventTypes", - "type": "array" + "MinQp": { + "markdownDescription": "", + "title": "MinQp", + "type": "number" }, - "PinpointDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination", - "markdownDescription": "An object that defines a Amazon Pinpoint destination for email events. You can use Amazon Pinpoint events to create attributes in Amazon Pinpoint projects. You can use these attributes to create segments for your campaigns.", - "title": "PinpointDestination" + "MvOverPictureBoundaries": { + "markdownDescription": "", + "title": "MvOverPictureBoundaries", + "type": "string" }, - "SnsDestination": { - "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination", - "markdownDescription": "An object that defines an Amazon SNS destination for email events. You can use Amazon SNS to send notification when certain email events occur.", - "title": "SnsDestination" - } - }, - "required": [ - "MatchingEventTypes" - ], - "type": "object" - }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination": { - "additionalProperties": false, - "properties": { - "DeliveryStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Firehose stream that Amazon Pinpoint sends email events to.", - "title": "DeliveryStreamArn", + "MvTemporalPredictor": { + "markdownDescription": "", + "title": "MvTemporalPredictor", "type": "string" }, - "IamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that Amazon Pinpoint uses when sending email events to the Amazon Kinesis Data Firehose stream.", - "title": "IamRoleArn", + "ParDenominator": { + "markdownDescription": "Pixel Aspect Ratio denominator.", + "title": "ParDenominator", + "type": "number" + }, + "ParNumerator": { + "markdownDescription": "Pixel Aspect Ratio numerator.", + "title": "ParNumerator", + "type": "number" + }, + "Profile": { + "markdownDescription": "H.265 Profile.", + "title": "Profile", "type": "string" - } - }, - "required": [ - "DeliveryStreamArn", - "IamRoleArn" - ], - "type": "object" - }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination": { - "additionalProperties": false, - "properties": { - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Pinpoint project that you want to send email events to.", - "title": "ApplicationArn", + }, + "QvbrQualityLevel": { + "markdownDescription": "Controls the target quality for the video encode. Applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are:\n- Primary screen: Quality level: 8 to 10. Max bitrate: 4M\n- PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M\n- Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M", + "title": "QvbrQualityLevel", + "type": "number" + }, + "RateControlMode": { + "markdownDescription": "Rate control mode. QVBR: Quality will match the specified quality level except when it is constrained by the\nmaximum bitrate. Recommended if you or your viewers pay for bandwidth. CBR: Quality varies, depending on the video complexity. Recommended only if you distribute\nyour assets to devices that cannot handle variable bitrates. Multiplex: This rate control mode is only supported (and is required) when the video is being\ndelivered to a MediaLive Multiplex in which case the rate control configuration is controlled\nby the properties within the Multiplex Program.", + "title": "RateControlMode", "type": "string" - } - }, - "type": "object" - }, - "AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination": { - "additionalProperties": false, - "properties": { - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic that you want to publish email events to. For more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + }, + "ScanType": { + "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", + "title": "ScanType", "type": "string" - } - }, - "required": [ - "TopicArn" - ], - "type": "object" - }, - "AWS::PinpointEmail::DedicatedIpPool": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "SceneChangeDetect": { + "markdownDescription": "Scene change detection.", + "title": "SceneChangeDetect", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Slices": { + "markdownDescription": "Number of slices per picture. Must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures.\nThis field is optional; when no value is specified the encoder will choose the number of slices based on encode resolution.", + "title": "Slices", + "type": "number" + }, + "Tier": { + "markdownDescription": "H.265 Tier.", + "title": "Tier", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "TileHeight": { + "markdownDescription": "", + "title": "TileHeight", + "type": "number" }, - "Metadata": { - "type": "object" + "TilePadding": { + "markdownDescription": "", + "title": "TilePadding", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PoolName": { - "markdownDescription": "The name of the dedicated IP pool.", - "title": "PoolName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::DedicatedIpPool.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the dedicated IP pool.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "TileWidth": { + "markdownDescription": "", + "title": "TileWidth", + "type": "number" }, - "Type": { - "enum": [ - "AWS::PinpointEmail::DedicatedIpPool" - ], + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" + }, + "TimecodeInsertion": { + "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream.\n- 'disabled': Do not include timecodes\n- 'picTimingSei': Pass through picture timing SEI messages from the source specified in Timecode Config", + "title": "TimecodeInsertion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TreeblockSize": { + "markdownDescription": "", + "title": "TreeblockSize", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::PinpointEmail::DedicatedIpPool.Tags": { + "AWS::MediaLive::Channel.Hdr10Settings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the dedicated IP pool, then this value is required.", - "title": "Key", - "type": "string" + "MaxCll": { + "markdownDescription": "Maximum Content Light Level\nAn integer metadata value defining the maximum light level, in nits,\nof any single pixel within an encoded HDR video stream or file.", + "title": "MaxCll", + "type": "number" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", - "type": "string" + "MaxFall": { + "markdownDescription": "Maximum Frame Average Light Level\nAn integer metadata value defining the maximum average light level, in nits,\nfor any single frame within an encoded HDR video stream or file.", + "title": "MaxFall", + "type": "number" } }, "type": "object" }, - "AWS::PinpointEmail::Identity": { + "AWS::MediaLive::Channel.HlsAkamaiSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "HttpTransferMode": { + "markdownDescription": "Specifies whether to use chunked transfer encoding to Akamai. To enable this feature, contact Akamai.", + "title": "HttpTransferMode", + "type": "string" }, - "Metadata": { - "type": "object" + "NumRetries": { + "markdownDescription": "The number of retry attempts that will be made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DkimSigningEnabled": { - "markdownDescription": "For domain identities, this attribute is used to enable or disable DomainKeys Identified Mail (DKIM) signing for the domain.\n\nIf the value is `true` , then the messages that you send from the domain are signed using both the DKIM keys for your domain, as well as the keys for the `amazonses.com` domain. If the value is `false` , then the messages that you send are only signed using the DKIM keys for the `amazonses.com` domain.", - "title": "DkimSigningEnabled", - "type": "boolean" - }, - "FeedbackForwardingEnabled": { - "markdownDescription": "Used to enable or disable feedback forwarding for an identity. This setting determines what happens when an identity is used to send an email that results in a bounce or complaint event.\n\nWhen you enable feedback forwarding, Amazon Pinpoint sends you email notifications when bounce or complaint events occur. Amazon Pinpoint sends this notification to the address that you specified in the Return-Path header of the original email.\n\nWhen you disable feedback forwarding, Amazon Pinpoint sends notifications through other mechanisms, such as by notifying an Amazon SNS topic. You're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications, Amazon Pinpoint sends an email notification when these events occur (even if this setting is disabled).", - "title": "FeedbackForwardingEnabled", - "type": "boolean" - }, - "MailFromAttributes": { - "$ref": "#/definitions/AWS::PinpointEmail::Identity.MailFromAttributes", - "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", - "title": "MailFromAttributes" - }, - "Name": { - "markdownDescription": "The address or domain of the identity, such as *sender@example.com* or *example.co.uk* .", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::PinpointEmail::Identity.Tags" - }, - "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the email identity.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" }, - "Type": { - "enum": [ - "AWS::PinpointEmail::Identity" - ], + "Salt": { + "markdownDescription": "The salt for authenticated Akamai.", + "title": "Salt", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Token": { + "markdownDescription": "The token parameter for authenticated Akamai. If this is not specified, _gda_ is used.", + "title": "Token", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::PinpointEmail::Identity.MailFromAttributes": { + "AWS::MediaLive::Channel.HlsBasicPutSettings": { "additionalProperties": false, "properties": { - "BehaviorOnMxFailure": { - "markdownDescription": "The action that Amazon Pinpoint to takes if it can't read the required MX record for a custom MAIL FROM domain. When you set this value to `UseDefaultValue` , Amazon Pinpoint uses *amazonses.com* as the MAIL FROM domain. When you set this value to `RejectMessage` , Amazon Pinpoint returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.", - "title": "BehaviorOnMxFailure", - "type": "string" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "MailFromDomain": { - "markdownDescription": "The name of a domain that an email identity uses as a custom MAIL FROM domain.", - "title": "MailFromDomain", - "type": "string" + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts that MediaLive makes before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, "type": "object" }, - "AWS::PinpointEmail::Identity.Tags": { + "AWS::MediaLive::Channel.HlsCdnSettings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the identity, then this value is required.", - "title": "Key", - "type": "string" + "HlsAkamaiSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsAkamaiSettings", + "markdownDescription": "Sets up Akamai as the downstream system for the HLS output group.", + "title": "HlsAkamaiSettings" }, - "Value": { - "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", - "title": "Value", - "type": "string" + "HlsBasicPutSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsBasicPutSettings", + "markdownDescription": "The settings for Basic Put for the HLS output.", + "title": "HlsBasicPutSettings" + }, + "HlsMediaStoreSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsMediaStoreSettings", + "markdownDescription": "Sets up MediaStore as the destination for the HLS output.", + "title": "HlsMediaStoreSettings" + }, + "HlsS3Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsS3Settings", + "markdownDescription": "Sets up Amazon S3 as the destination for this HLS output.", + "title": "HlsS3Settings" + }, + "HlsWebdavSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsWebdavSettings", + "markdownDescription": "The settings for Web VTT captions in the HLS output group.\n\nThe parent of this entity is HlsGroupSettings.", + "title": "HlsWebdavSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe": { + "AWS::MediaLive::Channel.HlsGroupSettings": { "additionalProperties": false, "properties": { - "Condition": { + "AdMarkers": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses one or more ad marker types to pass SCTE35 signals through to this group of Apple HLS outputs.", + "title": "AdMarkers", + "type": "array" + }, + "BaseUrlContent": { + "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", + "title": "BaseUrlContent", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BaseUrlContent1": { + "markdownDescription": "Optional. One value per output group. This field is required only if you are completing Base URL content A, and the downstream system has notified you that the media files for pipeline 1 of all outputs are in a location different from the media files for pipeline 0.", + "title": "BaseUrlContent1", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "BaseUrlManifest": { + "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", + "title": "BaseUrlManifest", + "type": "string" }, - "Metadata": { - "type": "object" + "BaseUrlManifest1": { + "markdownDescription": "Optional. One value per output group. Complete this field only if you are completing Base URL manifest A, and the downstream system has notified you that the child manifest files for pipeline 1 of all outputs are in a location different from the child manifest files for pipeline 0.", + "title": "BaseUrlManifest1", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the pipe.", - "title": "Description", - "type": "string" - }, - "DesiredState": { - "markdownDescription": "The state the pipe should be in.", - "title": "DesiredState", - "type": "string" - }, - "Enrichment": { - "markdownDescription": "The ARN of the enrichment resource.", - "title": "Enrichment", - "type": "string" - }, - "EnrichmentParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentParameters", - "markdownDescription": "The parameters required to set up enrichment on your pipe.", - "title": "EnrichmentParameters" - }, - "LogConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeLogConfiguration", - "markdownDescription": "The logging configuration settings for the pipe.", - "title": "LogConfiguration" - }, - "Name": { - "markdownDescription": "The name of the pipe.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the role that allows the pipe to send data to the target.", - "title": "RoleArn", - "type": "string" - }, - "Source": { - "markdownDescription": "The ARN of the source resource.", - "title": "Source", - "type": "string" - }, - "SourceParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceParameters", - "markdownDescription": "The parameters required to set up a source for your pipe.", - "title": "SourceParameters" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The list of key-value pairs to associate with the pipe.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "Target": { - "markdownDescription": "The ARN of the target resource.", - "title": "Target", - "type": "string" - }, - "TargetParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetParameters", - "markdownDescription": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* .", - "title": "TargetParameters" - } + "CaptionLanguageMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" }, - "required": [ - "RoleArn", - "Source", - "Target" - ], - "type": "object" + "markdownDescription": "A mapping of up to 4 captions channels to captions languages. This is meaningful only if captionLanguageSetting is set to \"insert.\"", + "title": "CaptionLanguageMappings", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Pipes::Pipe" - ], + "CaptionLanguageSetting": { + "markdownDescription": "Applies only to 608 embedded output captions. Insert: Include CLOSED-CAPTIONS lines in the manifest. Specify at least one language in the CC1 Language Code field. One CLOSED-CAPTION line is added for each Language Code that you specify. Make sure to specify the languages in the order in which they appear in the original source (if the source is embedded format) or the order of the captions selectors (if the source is other than embedded). Otherwise, languages in the manifest will not match properly with the output captions. None: Include the CLOSED-CAPTIONS=NONE line in the manifest. Omit: Omit any CLOSED-CAPTIONS line from the manifest.", + "title": "CaptionLanguageSetting", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ClientCache": { + "markdownDescription": "When set to \"disabled,\" sets the #EXT-X-ALLOW-CACHE:no tag in the manifest, which prevents clients from saving media segments for later replay.", + "title": "ClientCache", "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.AwsVpcConfiguration": { - "additionalProperties": false, - "properties": { - "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", - "title": "AssignPublicIp", + }, + "CodecSpecification": { + "markdownDescription": "The specification to use (RFC-6381 or the default RFC-4281) during m3u8 playlist generation.", + "title": "CodecSpecification", "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", - "title": "SecurityGroups", - "type": "array" + "ConstantIv": { + "markdownDescription": "Used with encryptionType. This is a 128-bit, 16-byte hex value that is represented by a 32-character text string. If ivSource is set to \"explicit,\" this parameter is required and is used as the IV for encryption.", + "title": "ConstantIv", + "type": "string" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.BatchArrayProperties": { - "additionalProperties": false, - "properties": { - "Size": { - "markdownDescription": "The size of the array, if this is an array batch job.", - "title": "Size", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.BatchContainerOverrides": { - "additionalProperties": false, - "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition.", - "title": "Command", - "type": "array" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "A directory or HTTP destination for the HLS segments, manifest files, and encryption keys (if enabled).", + "title": "Destination" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchEnvironmentVariable" - }, - "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition.\n\n> Environment variables cannot start with \" `AWS Batch` \". This naming convention is reserved for variables that AWS Batch sets.", - "title": "Environment", - "type": "array" + "DirectoryStructure": { + "markdownDescription": "Places segments in subdirectories.", + "title": "DirectoryStructure", + "type": "string" }, - "InstanceType": { - "markdownDescription": "The instance type to use for a multi-node parallel job.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", - "title": "InstanceType", + "DiscontinuityTags": { + "markdownDescription": "Specifies whether to insert EXT-X-DISCONTINUITY tags in the HLS child manifests for this output group.\nTypically, choose Insert because these tags are required in the manifest (according to the HLS specification) and serve an important purpose.\nChoose Never Insert only if the downstream system is doing real-time failover (without using the MediaLive automatic failover feature) and only if that downstream system has advised you to exclude the tags.", + "title": "DiscontinuityTags", "type": "string" }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchResourceRequirement" - }, - "markdownDescription": "The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", - "title": "ResourceRequirements", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.BatchEnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", + "EncryptionType": { + "markdownDescription": "Encrypts the segments with the specified encryption scheme. Exclude this parameter if you don't want encryption.", + "title": "EncryptionType", "type": "string" }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", + "HlsCdnSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsCdnSettings", + "markdownDescription": "The parameters that control interactions with the CDN.", + "title": "HlsCdnSettings" + }, + "HlsId3SegmentTagging": { + "markdownDescription": "State of HLS ID3 Segment Tagging", + "title": "HlsId3SegmentTagging", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.BatchJobDependency": { - "additionalProperties": false, - "properties": { - "JobId": { - "markdownDescription": "The job ID of the AWS Batch job that's associated with this dependency.", - "title": "JobId", + }, + "IFrameOnlyPlaylists": { + "markdownDescription": "DISABLED: Don't create an I-frame-only manifest, but do create the master and media manifests (according to the Output Selection field). STANDARD: Create an I-frame-only manifest for each output that contains video, as well as the other manifests (according to the Output Selection field). The I-frame manifest contains a #EXT-X-I-FRAMES-ONLY tag to indicate it is I-frame only, and one or more #EXT-X-BYTERANGE entries identifying the I-frame position. For example, #EXT-X-BYTERANGE:160364@1461888\".", + "title": "IFrameOnlyPlaylists", "type": "string" }, - "Type": { - "markdownDescription": "The type of the job dependency.", - "title": "Type", + "IncompleteSegmentBehavior": { + "markdownDescription": "Specifies whether to include the final (incomplete) segment in the media output when the pipeline stops producing output because of a channel stop, a channel pause or a loss of input to the pipeline.\nAuto means that MediaLive decides whether to include the final segment, depending on the channel class and the types of output groups.\nSuppress means to never include the incomplete segment. We recommend you choose Auto and let MediaLive control the behavior.", + "title": "IncompleteSegmentBehavior", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.BatchResourceRequirement": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", - "title": "Type", + }, + "IndexNSegments": { + "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the maximum number of segments in the media manifest file. After this maximum, older segments are removed from the media manifest. This number must be less than or equal to the Keep Segments field.", + "title": "IndexNSegments", + "type": "number" + }, + "InputLossAction": { + "markdownDescription": "A parameter that controls output group behavior on an input loss.", + "title": "InputLossAction", "type": "string" }, - "Value": { - "markdownDescription": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n> GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, 4, or 8\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880", - "title": "Value", + "IvInManifest": { + "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If set to \"include,\" the IV is listed in the manifest. Otherwise, the IV is not in the manifest.", + "title": "IvInManifest", "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.BatchRetryStrategy": { - "additionalProperties": false, - "properties": { - "Attempts": { - "markdownDescription": "The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value.", - "title": "Attempts", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.CapacityProviderStrategyItem": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", - "title": "Base", - "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", + "IvSource": { + "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If this setting is \"followsSegmentNumber,\" it causes the IV to change every segment (to match the segment number). If this is set to \"explicit,\" you must enter a constantIv value.", + "title": "IvSource", "type": "string" }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", + "KeepSegments": { + "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the number of media segments (.ts files) to retain in the destination directory.", + "title": "KeepSegments", "type": "number" - } - }, - "required": [ - "CapacityProvider" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.CloudwatchLogsLogDestination": { - "additionalProperties": false, - "properties": { - "LogGroupArn": { - "markdownDescription": "The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records.", - "title": "LogGroupArn", + }, + "KeyFormat": { + "markdownDescription": "Specifies how the key is represented in the resource identified by the URI. If the parameter is absent, an implicit value of \"identity\" is used. A reverse DNS string can also be specified.", + "title": "KeyFormat", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.DeadLetterConfig": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The ARN of the specified target for the dead-letter queue.\n\nFor Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN.", - "title": "Arn", + }, + "KeyFormatVersions": { + "markdownDescription": "Either a single positive integer version value or a slash-delimited list of version values (1/2/3).", + "title": "KeyFormatVersions", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.EcsContainerOverride": { - "additionalProperties": false, - "properties": { - "Command": { - "items": { - "type": "string" - }, - "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.", - "title": "Command", - "type": "array" }, - "Cpu": { - "markdownDescription": "The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name.", - "title": "Cpu", - "type": "number" + "KeyProviderSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.KeyProviderSettings", + "markdownDescription": "The key provider settings.", + "title": "KeyProviderSettings" }, - "Environment": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentVariable" - }, - "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name.", - "title": "Environment", - "type": "array" + "ManifestCompression": { + "markdownDescription": "When set to gzip, compresses HLS playlist.", + "title": "ManifestCompression", + "type": "string" }, - "EnvironmentFiles": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentFile" - }, - "markdownDescription": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition.", - "title": "EnvironmentFiles", - "type": "array" + "ManifestDurationFormat": { + "markdownDescription": "Indicates whether the output manifest should use a floating point or integer values for segment duration.", + "title": "ManifestDurationFormat", + "type": "string" }, - "Memory": { - "markdownDescription": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.", - "title": "Memory", + "MinSegmentLength": { + "markdownDescription": "When set, minimumSegmentLength is enforced by looking ahead and back within the specified range for a nearby avail and extending the segment size if needed.", + "title": "MinSegmentLength", "type": "number" }, - "MemoryReservation": { - "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name.", - "title": "MemoryReservation", + "Mode": { + "markdownDescription": "If \"vod,\" all segments are indexed and kept permanently in the destination and manifest. If \"live,\" only the number segments specified in keepSegments and indexNSegments are kept. Newer segments replace older segments, which might prevent players from rewinding all the way to the beginning of the channel. VOD mode uses HLS EXT-X-PLAYLIST-TYPE of EVENT while the channel is running, converting it to a \"VOD\" type manifest on completion of the stream.", + "title": "Mode", + "type": "string" + }, + "OutputSelection": { + "markdownDescription": "MANIFESTSANDSEGMENTS: Generates manifests (the master manifest, if applicable, and media manifests) for this output group. SEGMENTSONLY: Doesn't generate any manifests for this output group.", + "title": "OutputSelection", + "type": "string" + }, + "ProgramDateTime": { + "markdownDescription": "Includes or excludes the EXT-X-PROGRAM-DATE-TIME tag in .m3u8 manifest files. The value is calculated as follows: Either the program date and time are initialized using the input timecode source, or the time is initialized using the input timecode source and the date is initialized using the timestampOffset.", + "title": "ProgramDateTime", + "type": "string" + }, + "ProgramDateTimeClock": { + "markdownDescription": "Specifies the algorithm used to drive the HLS EXT-X-PROGRAM-DATE-TIME clock. Options include: INITIALIZE_FROM_OUTPUT_TIMECODE: The PDT clock is initialized as a function of the first output timecode, then incremented by the EXTINF duration of each encoded segment. SYSTEM_CLOCK: The PDT clock is initialized as a function of the UTC wall clock, then incremented by the EXTINF duration of each encoded segment. If the PDT clock diverges from the wall clock by more than 500ms, it is resynchronized to the wall clock.", + "title": "ProgramDateTimeClock", + "type": "string" + }, + "ProgramDateTimePeriod": { + "markdownDescription": "The period of insertion of the EXT-X-PROGRAM-DATE-TIME entry, in seconds.", + "title": "ProgramDateTimePeriod", "type": "number" }, - "Name": { - "markdownDescription": "The name of the container that receives the override. This parameter is required if any override is specified.", - "title": "Name", + "RedundantManifest": { + "markdownDescription": "ENABLED: The master manifest (.m3u8 file) for each pipeline includes information about both pipelines: first its own media files, then the media files of the other pipeline. This feature allows a playout device that supports stale manifest detection to switch from one manifest to the other, when the current manifest seems to be stale. There are still two destinations and two master manifests, but both master manifests reference the media files from both pipelines. DISABLED: The master manifest (.m3u8 file) for each pipeline includes information about its own pipeline only. For an HLS output group with MediaPackage as the destination, the DISABLED behavior is always followed. MediaPackage regenerates the manifests it serves to players, so a redundant manifest from MediaLive is irrelevant.", + "title": "RedundantManifest", "type": "string" }, - "ResourceRequirements": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsResourceRequirement" - }, - "markdownDescription": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU.", - "title": "ResourceRequirements", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.EcsEnvironmentFile": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The file type to use. The only supported value is `s3` .", - "title": "Type", + "SegmentLength": { + "markdownDescription": "The length of the MPEG-2 Transport Stream segments to create, in seconds. Note that segments will end on the next keyframe after this number of seconds, so the actual segment length might be longer.", + "title": "SegmentLength", + "type": "number" + }, + "SegmentationMode": { + "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", + "title": "SegmentationMode", "type": "string" }, - "Value": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", - "title": "Value", + "SegmentsPerSubdirectory": { + "markdownDescription": "The number of segments to write to a subdirectory before starting a new one. For this setting to have an effect, directoryStructure must be subdirectoryPerStream.", + "title": "SegmentsPerSubdirectory", + "type": "number" + }, + "StreamInfResolution": { + "markdownDescription": "The include or exclude RESOLUTION attribute for a video in the EXT-X-STREAM-INF tag of a variant manifest.", + "title": "StreamInfResolution", "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.EcsEnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", - "title": "Name", + }, + "TimedMetadataId3Frame": { + "markdownDescription": "Indicates the ID3 frame that has the timecode.", + "title": "TimedMetadataId3Frame", "type": "string" }, - "Value": { - "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", - "title": "Value", + "TimedMetadataId3Period": { + "markdownDescription": "The timed metadata interval, in seconds.", + "title": "TimedMetadataId3Period", + "type": "number" + }, + "TimestampDeltaMilliseconds": { + "markdownDescription": "Provides an extra millisecond delta offset to fine tune the timestamps.", + "title": "TimestampDeltaMilliseconds", + "type": "number" + }, + "TsFileMode": { + "markdownDescription": "SEGMENTEDFILES: Emits the program as segments -multiple .ts media files. SINGLEFILE: Applies only if the Mode field is VOD. Emits the program as a single .ts media file. The media manifest includes #EXT-X-BYTERANGE tags to index segments for playback. A typical use for this value is when sending the output to AWS Elemental MediaConvert, which can accept only a single media file. Playback while the channel is running is not guaranteed due to HTTP server caching.", + "title": "TsFileMode", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.EcsEphemeralStorage": { + "AWS::MediaLive::Channel.HlsInputSettings": { "additionalProperties": false, "properties": { - "SizeInGiB": { - "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", - "title": "SizeInGiB", + "Bandwidth": { + "markdownDescription": "When specified, the HLS stream with the m3u8 bandwidth that most closely matches this value is chosen. Otherwise, the highest bandwidth stream in the m3u8 is chosen. The bitrate is specified in bits per second, as in an HLS manifest.", + "title": "Bandwidth", "type": "number" - } - }, - "required": [ - "SizeInGiB" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride": { - "additionalProperties": false, - "properties": { - "DeviceName": { - "markdownDescription": "The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition.", - "title": "DeviceName", - "type": "string" }, - "DeviceType": { - "markdownDescription": "The Elastic Inference accelerator type to use.", - "title": "DeviceType", + "BufferSegments": { + "markdownDescription": "When specified, reading of the HLS input begins this many buffer segments from the end (most recently written segment). When not specified, the HLS input begins with the first segment specified in the m3u8.", + "title": "BufferSegments", + "type": "number" + }, + "Retries": { + "markdownDescription": "The number of consecutive times that attempts to read a manifest or segment must fail before the input is considered unavailable.", + "title": "Retries", + "type": "number" + }, + "RetryInterval": { + "markdownDescription": "The number of seconds between retries when an attempt to read a manifest or segment fails.", + "title": "RetryInterval", + "type": "number" + }, + "Scte35Source": { + "markdownDescription": "Identifies the source for the SCTE-35 messages that MediaLive will ingest. Messages can be ingested from the content segments (in the stream) or from tags in the playlist (the HLS manifest). MediaLive ignores SCTE-35 information in the source that is not selected.", + "title": "Scte35Source", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.EcsResourceRequirement": { + "AWS::MediaLive::Channel.HlsMediaStoreSettings": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` .", - "title": "Type", - "type": "string" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" }, - "Value": { - "markdownDescription": "The value for the specified resource type.\n\nIf the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nIf the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition.", - "title": "Value", + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "MediaStoreStorageClass": { + "markdownDescription": "When set to temporal, output files are stored in non-persistent memory for faster reading and writing.", + "title": "MediaStoreStorageClass", "type": "string" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, - "required": [ - "Type", - "Value" - ], "type": "object" }, - "AWS::Pipes::Pipe.EcsTaskOverride": { + "AWS::MediaLive::Channel.HlsOutputSettings": { "additionalProperties": false, "properties": { - "ContainerOverrides": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsContainerOverride" - }, - "markdownDescription": "One or more container overrides that are sent to a task.", - "title": "ContainerOverrides", - "type": "array" - }, - "Cpu": { - "markdownDescription": "The cpu override for the task.", - "title": "Cpu", - "type": "string" - }, - "EphemeralStorage": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEphemeralStorage", - "markdownDescription": "The ephemeral storage setting override for the task.\n\n> This parameter is only supported for tasks hosted on Fargate that use the following platform versions:\n> \n> - Linux platform version `1.4.0` or later.\n> - Windows platform version `1.0.0` or later.", - "title": "EphemeralStorage" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "ExecutionRoleArn", + "H265PackagingType": { + "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", + "title": "H265PackagingType", "type": "string" }, - "InferenceAcceleratorOverrides": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride" - }, - "markdownDescription": "The Elastic Inference accelerator override for the task.", - "title": "InferenceAcceleratorOverrides", - "type": "array" + "HlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsSettings", + "markdownDescription": "The settings regarding the underlying stream. These settings are different for audio-only outputs.", + "title": "HlsSettings" }, - "Memory": { - "markdownDescription": "The memory override for the task.", - "title": "Memory", + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. Accepts \\\"Format Identifiers\\\":#formatIdentifierParameters.", + "title": "NameModifier", "type": "string" }, - "TaskRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "TaskRoleArn", + "SegmentModifier": { + "markdownDescription": "A string that is concatenated to the end of segment file names.", + "title": "SegmentModifier", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.Filter": { + "AWS::MediaLive::Channel.HlsS3Settings": { "additionalProperties": false, "properties": { - "Pattern": { - "markdownDescription": "The event pattern.", - "title": "Pattern", + "CannedAcl": { + "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", + "title": "CannedAcl", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.FilterCriteria": { + "AWS::MediaLive::Channel.HlsSettings": { "additionalProperties": false, "properties": { - "Filters": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.Filter" - }, - "markdownDescription": "The event patterns.", - "title": "Filters", - "type": "array" + "AudioOnlyHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioOnlyHlsSettings", + "markdownDescription": "The settings for an audio-only output.", + "title": "AudioOnlyHlsSettings" + }, + "Fmp4HlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Fmp4HlsSettings", + "markdownDescription": "The settings for an fMP4 container.", + "title": "Fmp4HlsSettings" + }, + "FrameCaptureHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureHlsSettings", + "markdownDescription": "Settings for a frame capture output in an HLS output group.", + "title": "FrameCaptureHlsSettings" + }, + "StandardHlsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.StandardHlsSettings", + "markdownDescription": "The settings for a standard output (an output that is not audio-only).", + "title": "StandardHlsSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.FirehoseLogDestination": { + "AWS::MediaLive::Channel.HlsWebdavSettings": { "additionalProperties": false, "properties": { - "DeliveryStreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records.", - "title": "DeliveryStreamArn", + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" + }, + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "HttpTransferMode": { + "markdownDescription": "Specifies whether to use chunked transfer encoding to WebDAV.", + "title": "HttpTransferMode", "type": "string" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.MQBrokerAccessCredentials": { + "AWS::MediaLive::Channel.HtmlMotionGraphicsSettings": { "additionalProperties": false, - "properties": { - "BasicAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "BasicAuth", - "type": "string" - } - }, - "required": [ - "BasicAuth" - ], + "properties": {}, "type": "object" }, - "AWS::Pipes::Pipe.MSKAccessCredentials": { + "AWS::MediaLive::Channel.InputAttachment": { "additionalProperties": false, "properties": { - "ClientCertificateTlsAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "ClientCertificateTlsAuth", + "AutomaticInputFailoverSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AutomaticInputFailoverSettings", + "markdownDescription": "Settings to implement automatic input failover in this input.", + "title": "AutomaticInputFailoverSettings" + }, + "InputAttachmentName": { + "markdownDescription": "A name for the attachment. This is required if you want to use this input in an input switch action.", + "title": "InputAttachmentName", "type": "string" }, - "SaslScram512Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram512Auth", + "InputId": { + "markdownDescription": "The ID of the input to attach.", + "title": "InputId", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.AwsVpcConfiguration", - "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", - "title": "AwsvpcConfiguration" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeEnrichmentHttpParameters": { - "additionalProperties": false, - "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" }, - "PathParameterValues": { + "InputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputSettings", + "markdownDescription": "Information about the content to extract from the input and about the general handling of the content.", + "title": "InputSettings" + }, + "LogicalInterfaceNames": { "items": { "type": "string" }, - "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", + "markdownDescription": "", + "title": "LogicalInterfaceNames", "type": "array" - }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", - "type": "object" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeEnrichmentParameters": { + "AWS::MediaLive::Channel.InputChannelLevel": { "additionalProperties": false, "properties": { - "HttpParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentHttpParameters", - "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", - "title": "HttpParameters" + "Gain": { + "markdownDescription": "The remixing value. Units are in dB, and acceptable values are within the range from -60 (mute) to 6 dB.", + "title": "Gain", + "type": "number" }, - "InputTemplate": { - "markdownDescription": "Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", - "title": "InputTemplate", - "type": "string" + "InputChannel": { + "markdownDescription": "The index of the input channel that is used as a source.", + "title": "InputChannel", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeLogConfiguration": { + "AWS::MediaLive::Channel.InputLocation": { "additionalProperties": false, "properties": { - "CloudwatchLogsLogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.CloudwatchLogsLogDestination", - "markdownDescription": "The logging configuration settings for the pipe.", - "title": "CloudwatchLogsLogDestination" - }, - "FirehoseLogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.FirehoseLogDestination", - "markdownDescription": "The Amazon Data Firehose logging configuration settings for the pipe.", - "title": "FirehoseLogDestination" - }, - "IncludeExecutionData": { - "items": { - "type": "string" - }, - "markdownDescription": "Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe.\n\nThis applies to all log destinations for the pipe.\n\nFor more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* .\n\n*Allowed values:* `ALL`", - "title": "IncludeExecutionData", - "type": "array" + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This applies only if the downstream system requires credentials.", + "title": "PasswordParam", + "type": "string" }, - "Level": { - "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the pipe.", - "title": "Level", + "Uri": { + "markdownDescription": "The URI should be a path to a file that is accessible to the Live system (for example, an http:// URI) depending on the output type. For example, an RTMP destination should have a URI similar to rtmp://fmsserver/live.", + "title": "Uri", "type": "string" }, - "S3LogDestination": { - "$ref": "#/definitions/AWS::Pipes::Pipe.S3LogDestination", - "markdownDescription": "The Amazon S3 logging configuration settings for the pipe.", - "title": "S3LogDestination" + "Username": { + "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", + "title": "Username", + "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters": { + "AWS::MediaLive::Channel.InputLossBehavior": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", + "BlackFrameMsec": { + "markdownDescription": "On input loss, the number of milliseconds to substitute black into the output before switching to the frame specified by inputLossImageType. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", + "title": "BlackFrameMsec", "type": "number" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" + "InputLossImageColor": { + "markdownDescription": "When the input loss image type is \"color,\" this field specifies the color to use. Value: 6 hex characters that represent the values of RGB.", + "title": "InputLossImageColor", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "InputLossImageSlate": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "When the input loss image type is \"slate,\" these fields specify the parameters for accessing the slate.", + "title": "InputLossImageSlate" }, - "QueueName": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "QueueName", + "InputLossImageType": { + "markdownDescription": "Indicates whether to substitute a solid color or a slate into the output after the input loss exceeds blackFrameMsec.", + "title": "InputLossImageType", "type": "string" + }, + "RepeatFrameMsec": { + "markdownDescription": "On input loss, the number of milliseconds to repeat the previous picture before substituting black into the output. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", + "title": "RepeatFrameMsec", + "type": "number" } }, - "required": [ - "Credentials", - "QueueName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters": { + "AWS::MediaLive::Channel.InputLossFailoverSettings": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" - }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", - "markdownDescription": "Define the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" - }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", - "title": "MaximumRecordAgeInSeconds", - "type": "number" - }, - "MaximumRetryAttempts": { - "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", - "type": "number" - }, - "OnPartialBatchItemFailure": { - "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", - "title": "OnPartialBatchItemFailure", - "type": "string" - }, - "ParallelizationFactor": { - "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", + "InputLossThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that no input is detected. After that time, an input failover will occur.", + "title": "InputLossThresholdMsec", "type": "number" - }, - "StartingPosition": { - "markdownDescription": "(Streams only) The position in a stream from which to start reading.\n\n*Valid values* : `TRIM_HORIZON | LATEST`", - "title": "StartingPosition", - "type": "string" } }, - "required": [ - "StartingPosition" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters": { + "AWS::MediaLive::Channel.InputSettings": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" + "AudioSelectors": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelector" + }, + "markdownDescription": "Information about the specific audio to extract from the input.\n\nThe parent of this entity is InputSettings.", + "title": "AudioSelectors", + "type": "array" }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", - "markdownDescription": "Define the target queue to send dead-letter queue events to.", - "title": "DeadLetterConfig" + "CaptionSelectors": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelector" + }, + "markdownDescription": "Information about the specific captions to extract from the input.", + "title": "CaptionSelectors", + "type": "array" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" + "DeblockFilter": { + "markdownDescription": "Enables or disables the deblock filter when filtering.", + "title": "DeblockFilter", + "type": "string" }, - "MaximumRecordAgeInSeconds": { - "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", - "title": "MaximumRecordAgeInSeconds", - "type": "number" + "DenoiseFilter": { + "markdownDescription": "Enables or disables the denoise filter when filtering.", + "title": "DenoiseFilter", + "type": "string" }, - "MaximumRetryAttempts": { - "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", - "title": "MaximumRetryAttempts", + "FilterStrength": { + "markdownDescription": "Adjusts the magnitude of filtering from 1 (minimal) to 5 (strongest).", + "title": "FilterStrength", "type": "number" }, - "OnPartialBatchItemFailure": { - "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", - "title": "OnPartialBatchItemFailure", + "InputFilter": { + "markdownDescription": "Turns on the filter for this input. MPEG-2 inputs have the deblocking filter enabled by default. 1) auto - filtering is applied depending on input type/quality 2) disabled - no filtering is applied to the input 3) forced - filtering is applied regardless of the input type.", + "title": "InputFilter", "type": "string" }, - "ParallelizationFactor": { - "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", - "title": "ParallelizationFactor", + "NetworkInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NetworkInputSettings", + "markdownDescription": "Information about how to connect to the upstream system.", + "title": "NetworkInputSettings" + }, + "Scte35Pid": { + "markdownDescription": "", + "title": "Scte35Pid", "type": "number" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "Smpte2038DataPreference": { + "markdownDescription": "Specifies whether to extract applicable ancillary data from a SMPTE-2038 source in this input. Applicable data types are captions, timecode, AFD, and SCTE-104 messages.\n- PREFER: Extract from SMPTE-2038 if present in this input, otherwise extract from another source (if any).\n- IGNORE: Never extract any ancillary data from SMPTE-2038.", + "title": "Smpte2038DataPreference", "type": "string" }, - "StartingPositionTimestamp": { - "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds.", - "title": "StartingPositionTimestamp", + "SourceEndBehavior": { + "markdownDescription": "The loop input if it is a file.", + "title": "SourceEndBehavior", "type": "string" + }, + "VideoSelector": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelector", + "markdownDescription": "Information about one video to extract from the input.", + "title": "VideoSelector" } }, - "required": [ - "StartingPosition" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters": { + "AWS::MediaLive::Channel.InputSpecification": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", - "type": "number" - }, - "ConsumerGroupID": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "ConsumerGroupID", + "Codec": { + "markdownDescription": "The codec to include in the input specification for this channel.", + "title": "Codec", "type": "string" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MSKAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" - }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", - "type": "number" - }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "MaximumBitrate": { + "markdownDescription": "The maximum input bitrate for any input attached to this channel.", + "title": "MaximumBitrate", "type": "string" }, - "TopicName": { - "markdownDescription": "The name of the topic that the pipe will read from.", - "title": "TopicName", + "Resolution": { + "markdownDescription": "The resolution for any input attached to this channel.", + "title": "Resolution", "type": "string" } }, - "required": [ - "TopicName" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceParameters": { + "AWS::MediaLive::Channel.KeyProviderSettings": { "additionalProperties": false, "properties": { - "ActiveMQBrokerParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters", - "markdownDescription": "The parameters for using an Active MQ broker as a source.", - "title": "ActiveMQBrokerParameters" - }, - "DynamoDBStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters", - "markdownDescription": "The parameters for using a DynamoDB stream as a source.", - "title": "DynamoDBStreamParameters" - }, - "FilterCriteria": { - "$ref": "#/definitions/AWS::Pipes::Pipe.FilterCriteria", - "markdownDescription": "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects.\n\nFor more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* .", - "title": "FilterCriteria" - }, - "KinesisStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters", - "markdownDescription": "The parameters for using a Kinesis stream as a source.", - "title": "KinesisStreamParameters" - }, - "ManagedStreamingKafkaParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters", - "markdownDescription": "The parameters for using an MSK stream as a source.", - "title": "ManagedStreamingKafkaParameters" - }, - "RabbitMQBrokerParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters", - "markdownDescription": "The parameters for using a Rabbit MQ broker as a source.", - "title": "RabbitMQBrokerParameters" - }, - "SelfManagedKafkaParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters", - "markdownDescription": "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* .", - "title": "SelfManagedKafkaParameters" - }, - "SqsQueueParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSqsQueueParameters", - "markdownDescription": "The parameters for using a Amazon SQS stream as a source.", - "title": "SqsQueueParameters" + "StaticKeySettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.StaticKeySettings", + "markdownDescription": "The configuration of static key settings.", + "title": "StaticKeySettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters": { + "AWS::MediaLive::Channel.M2tsSettings": { "additionalProperties": false, "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", + "AbsentInputAudioBehavior": { + "markdownDescription": "When set to drop, the output audio streams are removed from the program if the selected input audio stream is removed from the input. This allows the output audio configuration to dynamically change based on the input configuration. If this is set to encodeSilence, all output audio streams will output encoded silence when not connected to an active input stream.", + "title": "AbsentInputAudioBehavior", + "type": "string" + }, + "Arib": { + "markdownDescription": "When set to enabled, uses ARIB-compliant field muxing and removes video descriptor.", + "title": "Arib", + "type": "string" + }, + "AribCaptionsPid": { + "markdownDescription": "The PID for ARIB Captions in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "AribCaptionsPid", + "type": "string" + }, + "AribCaptionsPidControl": { + "markdownDescription": "If set to auto, The PID number used for ARIB Captions will be auto-selected from unused PIDs. If set to useConfigured, ARIB captions will be on the configured PID number.", + "title": "AribCaptionsPidControl", + "type": "string" + }, + "AudioBufferModel": { + "markdownDescription": "When set to dvb, uses the DVB buffer model for Dolby Digital audio. When set to atsc, the ATSC model is used.", + "title": "AudioBufferModel", + "type": "string" + }, + "AudioFramesPerPes": { + "markdownDescription": "The number of audio frames to insert for each PES packet.", + "title": "AudioFramesPerPes", "type": "number" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" + "AudioPids": { + "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "AudioPids", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", + "AudioStreamType": { + "markdownDescription": "When set to atsc, uses stream type = 0x81 for AC3 and stream type = 0x87 for EAC3. When set to dvb, uses stream type = 0x06.", + "title": "AudioStreamType", + "type": "string" + }, + "Bitrate": { + "markdownDescription": "The output bitrate of the transport stream in bits per second. Setting to 0 lets the muxer automatically determine the appropriate bitrate.", + "title": "Bitrate", "type": "number" }, - "QueueName": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "QueueName", + "BufferModel": { + "markdownDescription": "If set to multiplex, uses the multiplex buffer model for accurate interleaving. Setting to bufferModel to none can lead to lower latency, but low-memory devices might not be able to play back the stream without interruptions.", + "title": "BufferModel", "type": "string" }, - "VirtualHost": { - "markdownDescription": "The name of the virtual host associated with the source broker.", - "title": "VirtualHost", + "CcDescriptor": { + "markdownDescription": "When set to enabled, generates captionServiceDescriptor in PMT.", + "title": "CcDescriptor", "type": "string" - } - }, - "required": [ - "Credentials", - "QueueName" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters": { - "additionalProperties": false, - "properties": { - "AdditionalBootstrapServers": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of server URLs.", - "title": "AdditionalBootstrapServers", - "type": "array" }, - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", + "DvbNitSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbNitSettings", + "markdownDescription": "Inserts a DVB Network Information Table (NIT) at the specified table repetition interval.", + "title": "DvbNitSettings" + }, + "DvbSdtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSdtSettings", + "markdownDescription": "Inserts a DVB Service Description Table (SDT) at the specified table repetition interval.", + "title": "DvbSdtSettings" + }, + "DvbSubPids": { + "markdownDescription": "The PID for the input source DVB Subtitle data to this output. Multiple values are accepted, and can be entered in ranges and/or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "DvbSubPids", + "type": "string" + }, + "DvbTdtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.DvbTdtSettings", + "markdownDescription": "Inserts DVB Time and Date Table (TDT) at the specified table repetition interval.", + "title": "DvbTdtSettings" + }, + "DvbTeletextPid": { + "markdownDescription": "The PID for the input source DVB Teletext data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "DvbTeletextPid", + "type": "string" + }, + "Ebif": { + "markdownDescription": "If set to passthrough, passes any EBIF data from the input source to this output.", + "title": "Ebif", + "type": "string" + }, + "EbpAudioInterval": { + "markdownDescription": "When videoAndFixedIntervals is selected, audio EBP markers are added to partitions 3 and 4. The interval between these additional markers is fixed, and is slightly shorter than the video EBP marker interval. This is only available when EBP Cablelabs segmentation markers are selected. Partitions 1 and 2 always follow the video interval.", + "title": "EbpAudioInterval", + "type": "string" + }, + "EbpLookaheadMs": { + "markdownDescription": "When set, enforces that Encoder Boundary Points do not come within the specified time interval of each other by looking ahead at input video. If another EBP is going to come in within the specified time interval, the current EBP is not emitted, and the segment is \"stretched\" to the next marker. The lookahead value does not add latency to the system. The channel must be configured elsewhere to create sufficient latency to make the lookahead accurate.", + "title": "EbpLookaheadMs", "type": "number" }, - "ConsumerGroupID": { - "markdownDescription": "The name of the destination queue to consume.", - "title": "ConsumerGroupID", + "EbpPlacement": { + "markdownDescription": "Controls placement of EBP on audio PIDs. If set to videoAndAudioPids, EBP markers are placed on the video PID and all audio PIDs. If set to videoPid, EBP markers are placed on only the video PID.", + "title": "EbpPlacement", "type": "string" }, - "Credentials": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials", - "markdownDescription": "The credentials needed to access the resource.", - "title": "Credentials" + "EcmPid": { + "markdownDescription": "This field is unused and deprecated.", + "title": "EcmPid", + "type": "string" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", + "EsRateInPes": { + "markdownDescription": "Includes or excludes the ES Rate field in the PES header.", + "title": "EsRateInPes", + "type": "string" + }, + "EtvPlatformPid": { + "markdownDescription": "The PID for the input source ETV Platform data to this output. You can enter it as a decimal or hexadecimal value. Valid values are 32 (or 0x20) to 8182 (or 0x1ff6).", + "title": "EtvPlatformPid", + "type": "string" + }, + "EtvSignalPid": { + "markdownDescription": "The PID for input source ETV Signal data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "EtvSignalPid", + "type": "string" + }, + "FragmentTime": { + "markdownDescription": "The length in seconds of each fragment. This is used only with EBP markers.", + "title": "FragmentTime", "type": "number" }, - "ServerRootCaCertificate": { - "markdownDescription": "The ARN of the Secrets Manager secret used for certification.", - "title": "ServerRootCaCertificate", + "Klv": { + "markdownDescription": "If set to passthrough, passes any KLV data from the input source to this output.", + "title": "Klv", "type": "string" }, - "StartingPosition": { - "markdownDescription": "The position in a stream from which to start reading.", - "title": "StartingPosition", + "KlvDataPids": { + "markdownDescription": "The PID for the input source KLV data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "KlvDataPids", "type": "string" }, - "TopicName": { - "markdownDescription": "The name of the topic that the pipe will read from.", - "title": "TopicName", + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", "type": "string" }, - "Vpc": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc", - "markdownDescription": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used.", - "title": "Vpc" - } - }, - "required": [ - "TopicName" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeSourceSqsQueueParameters": { - "additionalProperties": false, - "properties": { - "BatchSize": { - "markdownDescription": "The maximum number of records to include in each batch.", - "title": "BatchSize", + "NullPacketBitrate": { + "markdownDescription": "The value, in bits per second, of extra null packets to insert into the transport stream. This can be used if a downstream encryption system requires periodic null packets.", + "title": "NullPacketBitrate", "type": "number" }, - "MaximumBatchingWindowInSeconds": { - "markdownDescription": "The maximum length of a time to wait for events.", - "title": "MaximumBatchingWindowInSeconds", + "PatInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", + "title": "PatInterval", "type": "number" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetBatchJobParameters": { - "additionalProperties": false, - "properties": { - "ArrayProperties": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchArrayProperties", - "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", - "title": "ArrayProperties" }, - "ContainerOverrides": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchContainerOverrides", - "markdownDescription": "The overrides that are sent to a container.", - "title": "ContainerOverrides" + "PcrControl": { + "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", + "title": "PcrControl", + "type": "string" }, - "DependsOn": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchJobDependency" - }, - "markdownDescription": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin.", - "title": "DependsOn", - "type": "array" + "PcrPeriod": { + "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", + "title": "PcrPeriod", + "type": "number" }, - "JobDefinition": { - "markdownDescription": "The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used.", - "title": "JobDefinition", + "PcrPid": { + "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "PcrPid", "type": "string" }, - "JobName": { - "markdownDescription": "The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", - "title": "JobName", + "PmtInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", + "title": "PmtInterval", + "type": "number" + }, + "PmtPid": { + "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "PmtPid", "type": "string" }, - "Parameters": { - "additionalProperties": true, - "markdownDescription": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Parameters", - "type": "object" + "ProgramNum": { + "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", + "title": "ProgramNum", + "type": "number" }, - "RetryStrategy": { - "$ref": "#/definitions/AWS::Pipes::Pipe.BatchRetryStrategy", - "markdownDescription": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition.", - "title": "RetryStrategy" - } - }, - "required": [ - "JobDefinition", - "JobName" - ], - "type": "object" - }, - "AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters": { - "additionalProperties": false, - "properties": { - "LogStreamName": { - "markdownDescription": "The name of the log stream.", - "title": "LogStreamName", + "RateMode": { + "markdownDescription": "When VBR, does not insert null packets into the transport stream to fill the specified bitrate. The bitrate setting acts as the maximum bitrate when VBR is set.", + "title": "RateMode", "type": "string" }, - "Timestamp": { - "markdownDescription": "A [dynamic path parameter](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) to a field in the payload containing the time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.\n\nThe value cannot be a static timestamp as the provided timestamp would be applied to all events delivered by the Pipe, regardless of when they are actually delivered.\n\nIf no dynamic path parameter is provided, the default value is the time the invocation is processed by the Pipe.", - "title": "Timestamp", + "Scte27Pids": { + "markdownDescription": "The PID for the input source SCTE-27 data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "Scte27Pids", + "type": "string" + }, + "Scte35Control": { + "markdownDescription": "Optionally passes SCTE-35 signals from the input source to this output.", + "title": "Scte35Control", + "type": "string" + }, + "Scte35Pid": { + "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "Scte35Pid", + "type": "string" + }, + "Scte35PrerollPullupMilliseconds": { + "markdownDescription": "", + "title": "Scte35PrerollPullupMilliseconds", + "type": "number" + }, + "SegmentationMarkers": { + "markdownDescription": "Inserts segmentation markers at each segmentationTime period. raiSegstart sets the Random Access Indicator bit in the adaptation field. raiAdapt sets the RAI bit and adds the current timecode in the private data bytes. psiSegstart inserts PAT and PMT tables at the start of segments. ebp adds Encoder Boundary Point information to the adaptation field as per OpenCable specification OC-SP-EBP-I01-130118. ebpLegacy adds Encoder Boundary Point information to the adaptation field using a legacy proprietary format.", + "title": "SegmentationMarkers", + "type": "string" + }, + "SegmentationStyle": { + "markdownDescription": "The segmentation style parameter controls how segmentation markers are inserted into the transport stream. With avails, it is possible that segments might be truncated, which can influence where future segmentation markers are inserted. When a segmentation style of resetCadence is selected and a segment is truncated due to an avail, we will reset the segmentation cadence. This means the subsequent segment will have a duration of $segmentationTime seconds. When a segmentation style of maintainCadence is selected and a segment is truncated due to an avail, we will not reset the segmentation cadence. This means the subsequent segment will likely be truncated as well. However, all segments after that will have a duration of $segmentationTime seconds. Note that EBP lookahead is a slight exception to this rule.", + "title": "SegmentationStyle", + "type": "string" + }, + "SegmentationTime": { + "markdownDescription": "The length, in seconds, of each segment. This is required unless markers is set to None_.", + "title": "SegmentationTime", + "type": "number" + }, + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", + "type": "string" + }, + "TimedMetadataPid": { + "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "TimedMetadataPid", + "type": "string" + }, + "TransportStreamId": { + "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", + "title": "TransportStreamId", + "type": "number" + }, + "VideoPid": { + "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "VideoPid", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetEcsTaskParameters": { + "AWS::MediaLive::Channel.M3u8Settings": { "additionalProperties": false, "properties": { - "CapacityProviderStrategy": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.CapacityProviderStrategyItem" - }, - "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", - "title": "CapacityProviderStrategy", - "type": "array" + "AudioFramesPerPes": { + "markdownDescription": "The number of audio frames to insert for each PES packet.", + "title": "AudioFramesPerPes", + "type": "number" }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "EnableECSManagedTags", - "type": "boolean" + "AudioPids": { + "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value.", + "title": "AudioPids", + "type": "string" }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", - "type": "boolean" + "EcmPid": { + "markdownDescription": "This parameter is unused and deprecated.", + "title": "EcmPid", + "type": "string" }, - "Group": { - "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", + "KlvBehavior": { + "markdownDescription": "", + "title": "KlvBehavior", "type": "string" }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "LaunchType", + "KlvDataPids": { + "markdownDescription": "", + "title": "KlvDataPids", "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Pipes::Pipe.NetworkConfiguration", - "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", - "title": "NetworkConfiguration" + "NielsenId3Behavior": { + "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", + "title": "NielsenId3Behavior", + "type": "string" }, - "Overrides": { - "$ref": "#/definitions/AWS::Pipes::Pipe.EcsTaskOverride", - "markdownDescription": "The overrides that are associated with a task.", - "title": "Overrides" + "PatInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", + "title": "PatInterval", + "type": "number" }, - "PlacementConstraints": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementConstraint" - }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", - "type": "array" + "PcrControl": { + "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", + "title": "PcrControl", + "type": "string" }, - "PlacementStrategy": { - "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementStrategy" - }, - "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", - "title": "PlacementStrategy", - "type": "array" + "PcrPeriod": { + "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", + "title": "PcrPeriod", + "type": "number" }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", - "title": "PlatformVersion", + "PcrPid": { + "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value.", + "title": "PcrPid", "type": "string" }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action.", - "title": "PropagateTags", + "PmtInterval": { + "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", + "title": "PmtInterval", + "type": "number" + }, + "PmtPid": { + "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "PmtPid", "type": "string" }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", + "ProgramNum": { + "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", + "title": "ProgramNum", + "type": "number" + }, + "Scte35Behavior": { + "markdownDescription": "If set to passthrough, passes any SCTE-35 signals from the input source to this output.", + "title": "Scte35Behavior", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", - "title": "Tags", - "type": "array" + "Scte35Pid": { + "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "Scte35Pid", + "type": "string" }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", - "title": "TaskCount", + "TimedMetadataBehavior": { + "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", + "title": "TimedMetadataBehavior", + "type": "string" + }, + "TimedMetadataPid": { + "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", + "title": "TimedMetadataPid", + "type": "string" + }, + "TransportStreamId": { + "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", + "title": "TransportStreamId", "type": "number" }, - "TaskDefinitionArn": { - "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", + "VideoPid": { + "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", + "title": "VideoPid", "type": "string" } }, - "required": [ - "TaskDefinitionArn" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters": { + "AWS::MediaLive::Channel.MaintenanceCreateSettings": { "additionalProperties": false, "properties": { - "DetailType": { - "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", - "title": "DetailType", - "type": "string" - }, - "EndpointId": { - "markdownDescription": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` .", - "title": "EndpointId", - "type": "string" - }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present.", - "title": "Resources", - "type": "array" - }, - "Source": { - "markdownDescription": "The source of the event.", - "title": "Source", + "MaintenanceDay": { + "markdownDescription": "Choose one day of the week for maintenance. The chosen day is used for all future maintenance windows.", + "title": "MaintenanceDay", "type": "string" }, - "Time": { - "markdownDescription": "The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used.", - "title": "Time", + "MaintenanceStartTime": { + "markdownDescription": "Choose the hour that maintenance will start. The chosen time is used for all future maintenance windows.", + "title": "MaintenanceStartTime", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetHttpParameters": { + "AWS::MediaLive::Channel.MaintenanceUpdateSettings": { "additionalProperties": false, "properties": { - "HeaderParameters": { - "additionalProperties": true, - "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "HeaderParameters", - "type": "object" + "MaintenanceDay": { + "type": "string" }, - "PathParameterValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", - "title": "PathParameterValues", - "type": "array" + "MaintenanceScheduledDate": { + "type": "string" }, - "QueryStringParameters": { - "additionalProperties": true, - "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "QueryStringParameters", - "type": "object" + "MaintenanceStartTime": { + "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters": { + "AWS::MediaLive::Channel.MediaPackageGroupSettings": { "additionalProperties": false, "properties": { - "PartitionKey": { - "markdownDescription": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.", - "title": "PartitionKey", - "type": "string" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The MediaPackage channel destination.", + "title": "Destination" + }, + "MediapackageV2GroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageV2GroupSettings" } }, - "required": [ - "PartitionKey" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters": { + "AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings": { "additionalProperties": false, "properties": { - "InvocationType": { - "markdownDescription": "Specify whether to invoke the function synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n- `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", - "title": "InvocationType", + "ChannelGroup": { + "markdownDescription": "", + "title": "ChannelGroup", + "type": "string" + }, + "ChannelId": { + "markdownDescription": "The ID of the channel in MediaPackage that is the destination for this output group. You don't need to specify the individual inputs in MediaPackage; MediaLive handles the connection of the two MediaLive pipelines to the two MediaPackage inputs. The MediaPackage channel and MediaLive channel must be in the same Region.", + "title": "ChannelId", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "", + "title": "ChannelName", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetParameters": { + "AWS::MediaLive::Channel.MediaPackageOutputSettings": { "additionalProperties": false, "properties": { - "BatchJobParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetBatchJobParameters", - "markdownDescription": "The parameters for using an AWS Batch job as a target.", - "title": "BatchJobParameters" - }, - "CloudWatchLogsParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters", - "markdownDescription": "The parameters for using an CloudWatch Logs log stream as a target.", - "title": "CloudWatchLogsParameters" - }, - "EcsTaskParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEcsTaskParameters", - "markdownDescription": "The parameters for using an Amazon ECS task as a target.", - "title": "EcsTaskParameters" - }, - "EventBridgeEventBusParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters", - "markdownDescription": "The parameters for using an EventBridge event bus as a target.", - "title": "EventBridgeEventBusParameters" - }, - "HttpParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetHttpParameters", - "markdownDescription": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations.", - "title": "HttpParameters" - }, - "InputTemplate": { - "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", - "title": "InputTemplate", - "type": "string" - }, - "KinesisStreamParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters", - "markdownDescription": "The parameters for using a Kinesis stream as a target.", - "title": "KinesisStreamParameters" - }, - "LambdaFunctionParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters", - "markdownDescription": "The parameters for using a Lambda function as a target.", - "title": "LambdaFunctionParameters" - }, - "RedshiftDataParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters", - "markdownDescription": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement.", - "title": "RedshiftDataParameters" - }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters", - "markdownDescription": "The parameters for using a SageMaker AI pipeline as a target.", - "title": "SageMakerPipelineParameters" - }, - "SqsQueueParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSqsQueueParameters", - "markdownDescription": "The parameters for using a Amazon SQS stream as a target.", - "title": "SqsQueueParameters" - }, - "StepFunctionStateMachineParameters": { - "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetStateMachineParameters", - "markdownDescription": "The parameters for using a Step Functions state machine as a target.", - "title": "StepFunctionStateMachineParameters" + "MediaPackageV2DestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageV2DestinationSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters": { + "AWS::MediaLive::Channel.MediaPackageV2DestinationSettings": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", - "title": "Database", + "AudioGroupId": { "type": "string" }, - "DbUser": { - "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", - "title": "DbUser", + "AudioRenditionSets": { "type": "string" }, - "SecretManagerArn": { - "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using Secrets Manager.", - "title": "SecretManagerArn", + "HlsAutoSelect": { "type": "string" }, - "Sqls": { - "items": { - "type": "string" - }, - "markdownDescription": "The SQL statement text to run.", - "title": "Sqls", - "type": "array" - }, - "StatementName": { - "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", - "title": "StatementName", + "HlsDefault": { "type": "string" - }, - "WithEvent": { - "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", - "title": "WithEvent", - "type": "boolean" } }, - "required": [ - "Database", - "Sqls" - ], "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters": { + "AWS::MediaLive::Channel.MediaPackageV2GroupSettings": { "additionalProperties": false, "properties": { - "PipelineParameterList": { + "CaptionLanguageMappings": { "items": { - "$ref": "#/definitions/AWS::Pipes::Pipe.SageMakerPipelineParameter" + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" }, - "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", - "title": "PipelineParameterList", "type": "array" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetSqsQueueParameters": { + "AWS::MediaLive::Channel.MotionGraphicsConfiguration": { "additionalProperties": false, "properties": { - "MessageDeduplicationId": { - "markdownDescription": "This parameter applies only to FIFO (first-in-first-out) queues.\n\nThe token used for deduplication of sent messages.", - "title": "MessageDeduplicationId", + "MotionGraphicsInsertion": { + "markdownDescription": "Enables or disables the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsInsertion", "type": "string" }, - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", - "type": "string" + "MotionGraphicsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsSettings", + "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", + "title": "MotionGraphicsSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PipeTargetStateMachineParameters": { + "AWS::MediaLive::Channel.MotionGraphicsSettings": { "additionalProperties": false, "properties": { - "InvocationType": { - "markdownDescription": "Specify whether to invoke the Step Functions state machine synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* .\n\n> `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows.\n- `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* .\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", - "title": "InvocationType", - "type": "string" + "HtmlMotionGraphicsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HtmlMotionGraphicsSettings", + "markdownDescription": "Settings to configure the motion graphics overlay to use an HTML asset.", + "title": "HtmlMotionGraphicsSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.PlacementConstraint": { + "AWS::MediaLive::Channel.Mp2Settings": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", - "title": "Expression", - "type": "string" + "Bitrate": { + "markdownDescription": "The average bitrate in bits/second.", + "title": "Bitrate", + "type": "number" }, - "Type": { - "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", - "title": "Type", + "CodingMode": { + "markdownDescription": "The MPEG2 Audio coding mode. Valid values are codingMode10 (for mono) or codingMode20 (for stereo).", + "title": "CodingMode", "type": "string" + }, + "SampleRate": { + "markdownDescription": "The sample rate in Hz.", + "title": "SampleRate", + "type": "number" } }, "type": "object" }, - "AWS::Pipes::Pipe.PlacementStrategy": { + "AWS::MediaLive::Channel.Mpeg2FilterSettings": { "additionalProperties": false, "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", - "title": "Field", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", - "title": "Type", - "type": "string" + "TemporalFilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", + "markdownDescription": "Settings for applying the temporal filter to the video.", + "title": "TemporalFilterSettings" } }, "type": "object" }, - "AWS::Pipes::Pipe.S3LogDestination": { + "AWS::MediaLive::Channel.Mpeg2Settings": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", - "title": "BucketName", + "AdaptiveQuantization": { + "markdownDescription": "Choose Off to disable adaptive quantization. Or choose another value to enable the quantizer and set its strength. The strengths are: Auto, Off, Low, Medium, High. When you enable this field, MediaLive allows intra-frame quantizers to vary, which might improve visual quality.", + "title": "AdaptiveQuantization", "type": "string" }, - "BucketOwner": { - "markdownDescription": "The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", - "title": "BucketOwner", + "AfdSignaling": { + "markdownDescription": "Indicates the AFD values that MediaLive will write into the video encode. If you do not know what AFD signaling is, or if your downstream system has not given you guidance, choose AUTO.\nAUTO: MediaLive will try to preserve the input AFD value (in cases where multiple AFD values are valid).\nFIXED: MediaLive will use the value you specify in fixedAFD.", + "title": "AfdSignaling", "type": "string" }, - "OutputFormat": { - "markdownDescription": "The format EventBridge uses for the log records.\n\nEventBridge currently only supports `json` formatting.", - "title": "OutputFormat", + "ColorMetadata": { + "markdownDescription": "Specifies whether to include the color space metadata. The metadata describes the color space that applies to the video (the colorSpace field). We recommend that you insert the metadata.", + "title": "ColorMetadata", "type": "string" }, - "Prefix": { - "markdownDescription": "The prefix text with which to begin Amazon S3 log object names.\n\nFor more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "Prefix", + "ColorSpace": { + "markdownDescription": "Choose the type of color space conversion to apply to the output. For detailed information on setting up both the input and the output to obtain the desired color space in the output, see the section on \\\"MediaLive Features - Video - color space\\\" in the MediaLive User Guide.\nPASSTHROUGH: Keep the color space of the input content - do not convert it.\nAUTO:Convert all content that is SD to rec 601, and convert all content that is HD to rec 709.", + "title": "ColorSpace", "type": "string" - } - }, - "type": "object" - }, - "AWS::Pipes::Pipe.SageMakerPipelineParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Name", + }, + "DisplayAspectRatio": { + "markdownDescription": "Sets the pixel aspect ratio for the encode.", + "title": "DisplayAspectRatio", "type": "string" }, - "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", - "title": "Value", + "FilterSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2FilterSettings", + "markdownDescription": "Optionally specify a noise reduction filter, which can improve quality of compressed content. If you do not choose a filter, no filter will be applied.\nTEMPORAL: This filter is useful for both source content that is noisy (when it has excessive digital artifacts) and source content that is clean.\nWhen the content is noisy, the filter cleans up the source content before the encoding phase, with these two effects: First, it improves the output video quality because the content has been cleaned up. Secondly, it decreases the bandwidth because MediaLive does not waste bits on encoding noise.\nWhen the content is reasonably clean, the filter tends to decrease the bitrate.", + "title": "FilterSettings" + }, + "FixedAfd": { + "markdownDescription": "Complete this field only when afdSignaling is set to FIXED. Enter the AFD value (4 bits) to write on all frames of the video encode.", + "title": "FixedAfd", + "type": "string" + }, + "FramerateDenominator": { + "markdownDescription": "description\": \"The framerate denominator. For example, 1001. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", + "title": "FramerateDenominator", + "type": "number" + }, + "FramerateNumerator": { + "markdownDescription": "The framerate numerator. For example, 24000. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", + "title": "FramerateNumerator", + "type": "number" + }, + "GopClosedCadence": { + "markdownDescription": "MPEG2: default is open GOP.", + "title": "GopClosedCadence", + "type": "number" + }, + "GopNumBFrames": { + "markdownDescription": "Relates to the GOP structure. The number of B-frames between reference frames. If you do not know what a B-frame is, use the default.", + "title": "GopNumBFrames", + "type": "number" + }, + "GopSize": { + "markdownDescription": "Relates to the GOP structure. The GOP size (keyframe interval) in the units specified in gopSizeUnits. If you do not know what GOP is, use the default.\nIf gopSizeUnits is frames, then the gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, the gopSize must be greater than 0, but does not need to be an integer.", + "title": "GopSize", + "type": "number" + }, + "GopSizeUnits": { + "markdownDescription": "Relates to the GOP structure. Specifies whether the gopSize is specified in frames or seconds. If you do not plan to change the default gopSize, leave the default. If you specify SECONDS, MediaLive will internally convert the gop size to a frame count.", + "title": "GopSizeUnits", + "type": "string" + }, + "ScanType": { + "markdownDescription": "Set the scan type of the output to PROGRESSIVE or INTERLACED (top field first).", + "title": "ScanType", + "type": "string" + }, + "SubgopLength": { + "markdownDescription": "Relates to the GOP structure. If you do not know what GOP is, use the default.\nFIXED: Set the number of B-frames in each sub-GOP to the value in gopNumBFrames.\nDYNAMIC: Let MediaLive optimize the number of B-frames in each sub-GOP, to improve visual quality.", + "title": "SubgopLength", + "type": "string" + }, + "TimecodeBurninSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", + "markdownDescription": "", + "title": "TimecodeBurninSettings" + }, + "TimecodeInsertion": { + "markdownDescription": "Determines how MediaLive inserts timecodes in the output video. For detailed information about setting up the input and the output for a timecode, see the section on \\\"MediaLive Features - Timecode configuration\\\" in the MediaLive User Guide.\nDISABLED: do not include timecodes.\nGOP_TIMECODE: Include timecode metadata in the GOP header.", + "title": "TimecodeInsertion", "type": "string" } }, - "required": [ - "Name", - "Value" - ], "type": "object" }, - "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials": { + "AWS::MediaLive::Channel.MsSmoothGroupSettings": { "additionalProperties": false, "properties": { - "BasicAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "BasicAuth", + "AcquisitionPointId": { + "markdownDescription": "The value of the Acquisition Point Identity element that is used in each message placed in the sparse track. Enabled only if sparseTrackType is not \"none.\"", + "title": "AcquisitionPointId", "type": "string" }, - "ClientCertificateTlsAuth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "ClientCertificateTlsAuth", + "AudioOnlyTimecodeControl": { + "markdownDescription": "If set to passthrough for an audio-only Microsoft Smooth output, the fragment absolute time is set to the current timecode. This option does not write timecodes to the audio elementary stream.", + "title": "AudioOnlyTimecodeControl", "type": "string" }, - "SaslScram256Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram256Auth", + "CertificateMode": { + "markdownDescription": "If set to verifyAuthenticity, verifies the HTTPS certificate chain to a trusted certificate authority (CA). This causes HTTPS outputs to self-signed certificates to fail.", + "title": "CertificateMode", "type": "string" }, - "SaslScram512Auth": { - "markdownDescription": "The ARN of the Secrets Manager secret.", - "title": "SaslScram512Auth", + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying the connection to the IIS server if the connection is lost. Content is cached during this time, and the cache is delivered to the IIS server after the connection is re-established.", + "title": "ConnectionRetryInterval", + "type": "number" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The Smooth Streaming publish point on an IIS server. MediaLive acts as a \"Push\" encoder to IIS.", + "title": "Destination" + }, + "EventId": { + "markdownDescription": "The Microsoft Smooth channel ID that is sent to the IIS server. Specify the ID only if eventIdMode is set to useConfigured.", + "title": "EventId", + "type": "string" + }, + "EventIdMode": { + "markdownDescription": "Specifies whether to send a channel ID to the IIS server. If no channel ID is sent and the same channel is used without changing the publishing point, clients might see cached video from the previous run. Options: - \"useConfigured\" - use the value provided in eventId - \"useTimestamp\" - generate and send a channel ID based on the current timestamp - \"noEventId\" - do not send a channel ID to the IIS server.", + "title": "EventIdMode", + "type": "string" + }, + "EventStopBehavior": { + "markdownDescription": "When set to sendEos, sends an EOS signal to an IIS server when stopping the channel.", + "title": "EventStopBehavior", + "type": "string" + }, + "FilecacheDuration": { + "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", + "title": "FilecacheDuration", + "type": "number" + }, + "FragmentLength": { + "markdownDescription": "The length, in seconds, of mp4 fragments to generate. The fragment length must be compatible with GOP size and frame rate.", + "title": "FragmentLength", + "type": "number" + }, + "InputLossAction": { + "markdownDescription": "A parameter that controls output group behavior on an input loss.", + "title": "InputLossAction", + "type": "string" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts.", + "title": "NumRetries", + "type": "number" + }, + "RestartDelay": { + "markdownDescription": "The number of seconds before initiating a restart due to output failure, due to exhausting the numRetries on one segment, or exceeding filecacheDuration.", + "title": "RestartDelay", + "type": "number" + }, + "SegmentationMode": { + "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", + "title": "SegmentationMode", + "type": "string" + }, + "SendDelayMs": { + "markdownDescription": "The number of milliseconds to delay the output from the second pipeline.", + "title": "SendDelayMs", + "type": "number" + }, + "SparseTrackType": { + "markdownDescription": "If set to scte35, uses incoming SCTE-35 messages to generate a sparse track in this group of Microsoft Smooth outputs.", + "title": "SparseTrackType", + "type": "string" + }, + "StreamManifestBehavior": { + "markdownDescription": "When set to send, sends a stream manifest so that the publishing point doesn't start until all streams start.", + "title": "StreamManifestBehavior", + "type": "string" + }, + "TimestampOffset": { + "markdownDescription": "The timestamp offset for the channel. Used only if timestampOffsetMode is set to useConfiguredOffset.", + "title": "TimestampOffset", + "type": "string" + }, + "TimestampOffsetMode": { + "markdownDescription": "The type of timestamp date offset to use. - useEventStartDate: Use the date the channel was started as the offset - useConfiguredOffset: Use an explicitly configured date as the offset.", + "title": "TimestampOffsetMode", "type": "string" } }, "type": "object" }, - "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc": { + "AWS::MediaLive::Channel.MsSmoothOutputSettings": { "additionalProperties": false, "properties": { - "SecurityGroup": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the security groups associated with the stream. These security groups must all be in the same VPC. You can specify as many as five security groups.", - "title": "SecurityGroup", - "type": "array" + "H265PackagingType": { + "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", + "title": "H265PackagingType", + "type": "string" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the subnets associated with the stream. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", - "type": "array" + "NameModifier": { + "markdownDescription": "A string that is concatenated to the end of the destination file name. This is required for multiple outputs of the same type.", + "title": "NameModifier", + "type": "string" } }, "type": "object" }, - "AWS::Proton::EnvironmentAccountConnection": { + "AWS::MediaLive::Channel.MulticastInputSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CodebuildRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account.", - "title": "CodebuildRoleArn", - "type": "string" - }, - "ComponentRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account.\n\nThe environment account connection must have a `componentRoleArn` to allow directly defined components to be associated with any environments running in the account.\n\nFor more information about components, see [AWS Proton components](https://docs.aws.amazon.com/proton/latest/userguide/ag-components.html) in the *AWS Proton User Guide* .", - "title": "ComponentRoleArn", - "type": "string" - }, - "EnvironmentAccountId": { - "markdownDescription": "The environment account that's connected to the environment account connection.", - "title": "EnvironmentAccountId", - "type": "string" - }, - "EnvironmentName": { - "markdownDescription": "The name of the environment that's associated with the environment account connection.", - "title": "EnvironmentName", - "type": "string" - }, - "ManagementAccountId": { - "markdownDescription": "The ID of the management account that's connected to the environment account connection.", - "title": "ManagementAccountId", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The IAM service role that's associated with the environment account connection.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment account connection. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Proton::EnvironmentAccountConnection" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SourceIpAddress": { + "markdownDescription": "", + "title": "SourceIpAddress", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Proton::EnvironmentTemplate": { + "AWS::MediaLive::Channel.MultiplexContainerSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the environment template.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The name of the environment template as displayed in the developer interface.", - "title": "DisplayName", - "type": "string" - }, - "EncryptionKey": { - "markdownDescription": "The customer provided encryption key for the environment template.", - "title": "EncryptionKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment template.", - "title": "Name", - "type": "string" - }, - "Provisioning": { - "markdownDescription": "When included, indicates that the environment template is for customer provisioned and managed infrastructure.", - "title": "Provisioning", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment template. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Proton::EnvironmentTemplate" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "MultiplexM2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexM2tsSettings", + "markdownDescription": "", + "title": "MultiplexM2tsSettings" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::Proton::ServiceTemplate": { + "AWS::MediaLive::Channel.MultiplexGroupSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.MultiplexM2tsSettings": { "additionalProperties": false, "properties": { - "Condition": { + "AbsentInputAudioBehavior": { + "markdownDescription": "", + "title": "AbsentInputAudioBehavior", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Arib": { + "markdownDescription": "", + "title": "Arib", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AudioBufferModel": { + "markdownDescription": "", + "title": "AudioBufferModel", + "type": "string" }, - "Metadata": { - "type": "object" + "AudioFramesPerPes": { + "markdownDescription": "", + "title": "AudioFramesPerPes", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the service template.", - "title": "Description", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The service template name as displayed in the developer interface.", - "title": "DisplayName", - "type": "string" - }, - "EncryptionKey": { - "markdownDescription": "The customer provided service template encryption key that's used to encrypt data.", - "title": "EncryptionKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the service template.", - "title": "Name", - "type": "string" - }, - "PipelineProvisioning": { - "markdownDescription": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template.", - "title": "PipelineProvisioning", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An object that includes the template bundle S3 bucket path and name for the new version of a service template.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "AudioStreamType": { + "markdownDescription": "", + "title": "AudioStreamType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Proton::ServiceTemplate" - ], + "CcDescriptor": { + "markdownDescription": "", + "title": "CcDescriptor", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Ebif": { + "markdownDescription": "", + "title": "Ebif", "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::QLDB::Ledger": { - "additionalProperties": false, - "properties": { - "Condition": { + }, + "EsRateInPes": { + "markdownDescription": "", + "title": "EsRateInPes", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Klv": { + "markdownDescription": "", + "title": "Klv", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NielsenId3Behavior": { + "markdownDescription": "", + "title": "NielsenId3Behavior", + "type": "string" }, - "Metadata": { - "type": "object" + "PcrControl": { + "markdownDescription": "", + "title": "PcrControl", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeletionProtection": { - "markdownDescription": "Specifies whether the ledger is protected from being deleted by any user. If not defined during ledger creation, this feature is enabled ( `true` ) by default.\n\nIf deletion protection is enabled, you must first disable it before you can delete the ledger. You can disable it by calling the `UpdateLedger` operation to set this parameter to `false` .", - "title": "DeletionProtection", - "type": "boolean" - }, - "KmsKey": { - "markdownDescription": "The key in AWS Key Management Service ( AWS KMS ) to use for encryption of data at rest in the ledger. For more information, see [Encryption at rest](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html) in the *Amazon QLDB Developer Guide* .\n\nUse one of the following options to specify this parameter:\n\n- `AWS_OWNED_KMS_KEY` : Use an AWS KMS key that is owned and managed by AWS on your behalf.\n- *Undefined* : By default, use an AWS owned KMS key.\n- *A valid symmetric customer managed KMS key* : Use the specified symmetric encryption KMS key in your account that you create, own, and manage.\n\nAmazon QLDB does not support asymmetric keys. For more information, see [Using symmetric and asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .\n\nTo specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with `\"alias/\"` . To specify a key in a different AWS account , you must use the key ARN or alias ARN.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`\n\nFor more information, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKey", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the ledger that you want to create. The name must be unique among all of the ledgers in your AWS account in the current Region.\n\nNaming constraints for ledger names are defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", - "title": "Name", - "type": "string" - }, - "PermissionsMode": { - "markdownDescription": "The permissions mode to assign to the ledger that you want to create. This parameter can have one of the following values:\n\n- `ALLOW_ALL` : A legacy permissions mode that enables access control with API-level granularity for ledgers.\n\nThis mode allows users who have the `SendCommand` API permission for this ledger to run all PartiQL commands (hence, `ALLOW_ALL` ) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.\n- `STANDARD` : ( *Recommended* ) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.\n\nBy default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the `SendCommand` API permission for the ledger. For information, see [Getting started with the standard permissions mode](https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html) in the *Amazon QLDB Developer Guide* .\n\n> We strongly recommend using the `STANDARD` permissions mode to maximize the security of your ledger data.", - "title": "PermissionsMode", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "PermissionsMode" - ], - "type": "object" + "PcrPeriod": { + "markdownDescription": "", + "title": "PcrPeriod", + "type": "number" }, - "Type": { - "enum": [ - "AWS::QLDB::Ledger" - ], + "Scte35Control": { + "markdownDescription": "", + "title": "Scte35Control", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Scte35PrerollPullupMilliseconds": { + "markdownDescription": "", + "title": "Scte35PrerollPullupMilliseconds", + "type": "number" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::QLDB::Stream": { + "AWS::MediaLive::Channel.MultiplexOutputSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ExclusiveEndTime": { - "markdownDescription": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .", - "title": "ExclusiveEndTime", - "type": "string" - }, - "InclusiveStartTime": { - "markdownDescription": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` .", - "title": "InclusiveStartTime", - "type": "string" - }, - "KinesisConfiguration": { - "$ref": "#/definitions/AWS::QLDB::Stream.KinesisConfiguration", - "markdownDescription": "The configuration settings of the Kinesis Data Streams destination for your stream request.", - "title": "KinesisConfiguration" - }, - "LedgerName": { - "markdownDescription": "The name of the ledger.", - "title": "LedgerName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests.", - "title": "RoleArn", - "type": "string" - }, - "StreamName": { - "markdownDescription": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", - "title": "StreamName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "InclusiveStartTime", - "KinesisConfiguration", - "LedgerName", - "RoleArn", - "StreamName" - ], - "type": "object" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexContainerSettings", + "markdownDescription": "", + "title": "ContainerSettings" }, - "Type": { - "enum": [ - "AWS::QLDB::Stream" - ], + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "Destination is a Multiplex.", + "title": "Destination" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings": { + "additionalProperties": false, + "properties": { + "MultiplexId": { + "markdownDescription": "The ID of the Multiplex that the encoder is providing output to. You do not need to specify the individual inputs to the Multiplex; MediaLive will handle the connection of the two MediaLive pipelines to the two Multiplex instances.\nThe Multiplex must be in the same region as the Channel.", + "title": "MultiplexId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ProgramName": { + "markdownDescription": "The program name of the Multiplex program that the encoder is providing output to.", + "title": "ProgramName", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::QLDB::Stream.KinesisConfiguration": { + "AWS::MediaLive::Channel.NetworkInputSettings": { "additionalProperties": false, "properties": { - "AggregationEnabled": { - "markdownDescription": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call.\n\nDefault: `True`\n\n> Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* .", - "title": "AggregationEnabled", - "type": "boolean" + "HlsInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsInputSettings", + "markdownDescription": "Information about how to connect to the upstream system.", + "title": "HlsInputSettings" }, - "StreamArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.", - "title": "StreamArn", + "MulticastInputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MulticastInputSettings", + "markdownDescription": "", + "title": "MulticastInputSettings" + }, + "ServerValidation": { + "markdownDescription": "Checks HTTPS server certificates. When set to checkCryptographyOnly, cryptography in the certificate is checked, but not the server's name. Certain subdomains (notably S3 buckets that use dots in the bucket name) don't strictly match the corresponding certificate's wildcard pattern and would otherwise cause the channel to error. This setting is ignored for protocols that do not use HTTPS.", + "title": "ServerValidation", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis": { + "AWS::MediaLive::Channel.NielsenCBET": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CbetCheckDigitString": { + "markdownDescription": "Enter the CBET check digits to use in the watermark.", + "title": "CbetCheckDigitString", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AnalysisId": { - "markdownDescription": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", - "title": "AnalysisId", - "type": "string" - }, - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you are creating an analysis.", - "title": "AwsAccountId", - "type": "string" - }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefinition", - "markdownDescription": "", - "title": "Definition" - }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisError" - }, - "markdownDescription": "Errors associated with the analysis.", - "title": "Errors", - "type": "array" - }, - "Name": { - "markdownDescription": "A descriptive name for the analysis that you're creating. This name displays for the analysis in the Amazon QuickSight console.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Parameters", - "markdownDescription": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values.", - "title": "Parameters" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ResourcePermission" - }, - "markdownDescription": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` .", - "title": "Permissions", - "type": "array" - }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Sheet" - }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", - "type": "array" - }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceEntity", - "markdownDescription": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", - "title": "SourceEntity" - }, - "Status": { - "markdownDescription": "Status associated with the analysis.", - "title": "Status", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis.", - "title": "Tags", - "type": "array" - }, - "ThemeArn": { - "markdownDescription": "The ARN for the theme to apply to the analysis that you're creating. To see the theme in the Amazon QuickSight console, make sure that you have access to it.", - "title": "ThemeArn", - "type": "string" - }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" - } - }, - "required": [ - "AnalysisId", - "AwsAccountId", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::QuickSight::Analysis" - ], + "CbetStepaside": { + "markdownDescription": "Determines the method of CBET insertion mode when prior encoding is detected on the same layer.", + "title": "CbetStepaside", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Csid": { + "markdownDescription": "Enter the CBET Source ID (CSID) to use in the watermark", + "title": "Csid", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AggregationFunction": { + "AWS::MediaLive::Channel.NielsenConfiguration": { "additionalProperties": false, "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" - }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", + "DistributorId": { + "markdownDescription": "Enter the Distributor ID assigned to your organization by Nielsen.", + "title": "DistributorId", "type": "string" }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", + "NielsenPcmToId3Tagging": { + "markdownDescription": "Enables Nielsen PCM to ID3 tagging", + "title": "NielsenPcmToId3Tagging", "type": "string" - }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AggregationSortConfiguration": { + "AWS::MediaLive::Channel.NielsenNaesIiNw": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" + "CheckDigitString": { + "markdownDescription": "Enter the check digit string for the watermark", + "title": "CheckDigitString", + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" + "Sid": { + "markdownDescription": "Enter the Nielsen Source ID (SID) to include in the watermark", + "title": "Sid", + "type": "number" }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", + "Timezone": { + "markdownDescription": "", + "title": "Timezone", "type": "string" } }, - "required": [ - "Column", - "SortDirection" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisDefaults": { + "AWS::MediaLive::Channel.NielsenWatermarksSettings": { "additionalProperties": false, "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" + "NielsenCbetSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenCBET", + "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen CBET", + "title": "NielsenCbetSettings" + }, + "NielsenDistributionType": { + "markdownDescription": "Choose the distribution types that you want to assign to the watermarks:\n- PROGRAM_CONTENT\n- FINAL_DISTRIBUTOR", + "title": "NielsenDistributionType", + "type": "string" + }, + "NielsenNaesIiNwSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenNaesIiNw", + "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen NAES II (N2) and Nielsen NAES VI (NW).", + "title": "NielsenNaesIiNwSettings" } }, - "required": [ - "DefaultNewSheetConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisDefinition": { + "AWS::MediaLive::Channel.Output": { "additionalProperties": false, "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefaults", - "markdownDescription": "", - "title": "AnalysisDefaults" - }, - "CalculatedFields": { + "AudioDescriptionNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedField" + "type": "string" }, - "markdownDescription": "An array of calculated field definitions for the analysis.", - "title": "CalculatedFields", + "markdownDescription": "The names of the audio descriptions that are used as audio sources for this output.", + "title": "AudioDescriptionNames", "type": "array" }, - "ColumnConfigurations": { + "CaptionDescriptionNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnConfiguration" + "type": "string" }, - "markdownDescription": "An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis.", - "title": "ColumnConfigurations", + "markdownDescription": "The names of the caption descriptions that are used as captions sources for this output.", + "title": "CaptionDescriptionNames", "type": "array" }, - "DataSetIdentifierDeclarations": { + "OutputName": { + "markdownDescription": "The name that is used to identify an output.", + "title": "OutputName", + "type": "string" + }, + "OutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputSettings", + "markdownDescription": "The output type-specific settings.", + "title": "OutputSettings" + }, + "VideoDescriptionName": { + "markdownDescription": "The name of the VideoDescription that is used as the source for this output.", + "title": "VideoDescriptionName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaLive::Channel.OutputDestination": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID for this destination.", + "title": "Id", + "type": "string" + }, + "LogicalInterfaceNames": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetIdentifierDeclaration" + "type": "string" }, - "markdownDescription": "An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures.", - "title": "DataSetIdentifierDeclarations", + "markdownDescription": "", + "title": "LogicalInterfaceNames", "type": "array" }, - "FilterGroups": { + "MediaPackageSettings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterGroup" + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings" }, - "markdownDescription": "Filter definitions for an analysis.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", + "markdownDescription": "The destination settings for a MediaPackage output.", + "title": "MediaPackageSettings", "type": "array" }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AssetOptions", - "markdownDescription": "An array of option definitions for an analysis.", - "title": "Options" + "MultiplexSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings", + "markdownDescription": "Destination settings for a Multiplex output; one destination for both encoders.", + "title": "MultiplexSettings" }, - "ParameterDeclarations": { + "Settings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDeclaration" + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestinationSettings" }, - "markdownDescription": "An array of parameter declarations for an analysis.\n\nParameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", + "markdownDescription": "The destination settings for an output.", + "title": "Settings", "type": "array" }, - "Sheets": { + "SrtSettings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetDefinition" + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtOutputDestinationSettings" }, - "markdownDescription": "An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis.", - "title": "Sheets", + "markdownDescription": "", + "title": "SrtSettings", "type": "array" } }, - "required": [ - "DataSetIdentifierDeclarations" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisError": { + "AWS::MediaLive::Channel.OutputDestinationSettings": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "The message associated with the analysis error.", - "title": "Message", + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This password parameter applies only if the downstream system requires credentials.", + "title": "PasswordParam", "type": "string" }, - "Type": { - "markdownDescription": "The type of the analysis error.", - "title": "Type", + "StreamName": { + "markdownDescription": "The stream name for the content. This applies only to RTMP outputs.", + "title": "StreamName", "type": "string" }, - "ViolatedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Entity" - }, - "markdownDescription": "Lists the violated entities that caused the analysis error", - "title": "ViolatedEntities", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AnalysisSourceEntity": { - "additionalProperties": false, - "properties": { - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceTemplate", - "markdownDescription": "The source template for the source entity of the analysis.", - "title": "SourceTemplate" + "Url": { + "markdownDescription": "The URL for the destination.", + "title": "Url", + "type": "string" + }, + "Username": { + "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", + "title": "Username", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AnalysisSourceTemplate": { + "AWS::MediaLive::Channel.OutputGroup": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source template of an analysis.", - "title": "Arn", + "Name": { + "markdownDescription": "A custom output group name that you can optionally define. Only letters, numbers, and the underscore character are allowed. The maximum length is 32 characters.", + "title": "Name", "type": "string" }, - "DataSetReferences": { + "OutputGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroupSettings", + "markdownDescription": "The settings associated with the output group.", + "title": "OutputGroupSettings" + }, + "Outputs": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetReference" + "$ref": "#/definitions/AWS::MediaLive::Channel.Output" }, - "markdownDescription": "The dataset references of the source template of an analysis.", - "title": "DataSetReferences", + "markdownDescription": "The settings for the outputs in the output group.", + "title": "Outputs", "type": "array" } }, - "required": [ - "Arn", - "DataSetReferences" - ], "type": "object" }, - "AWS::QuickSight::Analysis.AnchorDateConfiguration": { + "AWS::MediaLive::Channel.OutputGroupSettings": { "additionalProperties": false, "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", - "type": "string" + "ArchiveGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveGroupSettings", + "markdownDescription": "The configuration of an archive output group.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "ArchiveGroupSettings" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ArcAxisConfiguration": { - "additionalProperties": false, - "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" + "CmafIngestGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestGroupSettings", + "markdownDescription": "", + "title": "CmafIngestGroupSettings" }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ArcAxisDisplayRange": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", - "type": "number" + "FrameCaptureGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureGroupSettings", + "markdownDescription": "The configuration of a frame capture output group.", + "title": "FrameCaptureGroupSettings" }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ArcConfiguration": { - "additionalProperties": false, - "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", - "type": "number" + "HlsGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsGroupSettings", + "markdownDescription": "The configuration of an HLS output group.", + "title": "HlsGroupSettings" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" + "MediaPackageGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageGroupSettings", + "markdownDescription": "The configuration of a MediaPackage output group.", + "title": "MediaPackageGroupSettings" + }, + "MsSmoothGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothGroupSettings", + "markdownDescription": "The configuration of a Microsoft Smooth output group.", + "title": "MsSmoothGroupSettings" + }, + "MultiplexGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexGroupSettings", + "markdownDescription": "The settings for a Multiplex output group.", + "title": "MultiplexGroupSettings" + }, + "RtmpGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpGroupSettings", + "markdownDescription": "The configuration of an RTMP output group.", + "title": "RtmpGroupSettings" + }, + "SrtGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtGroupSettings", + "markdownDescription": "", + "title": "SrtGroupSettings" + }, + "UdpGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpGroupSettings", + "markdownDescription": "The configuration of a UDP output group.", + "title": "UdpGroupSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ArcOptions": { + "AWS::MediaLive::Channel.OutputLocationRef": { "additionalProperties": false, "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", + "DestinationRefId": { + "markdownDescription": "A reference ID for this destination.", + "title": "DestinationRefId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AssetOptions": { + "AWS::MediaLive::Channel.OutputLockingSettings": { "additionalProperties": false, "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", - "type": "string" + "EpochLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.EpochLockingSettings", + "markdownDescription": "", + "title": "EpochLockingSettings" }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", - "type": "string" + "PipelineLockingSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.PipelineLockingSettings", + "markdownDescription": "", + "title": "PipelineLockingSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AttributeAggregationFunction": { + "AWS::MediaLive::Channel.OutputSettings": { "additionalProperties": false, "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", - "type": "string" + "ArchiveOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveOutputSettings", + "markdownDescription": "The settings for an archive output.", + "title": "ArchiveOutputSettings" }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.AxisDataOptions": { - "additionalProperties": false, - "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" + "CmafIngestOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestOutputSettings", + "markdownDescription": "", + "title": "CmafIngestOutputSettings" }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" + "FrameCaptureOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureOutputSettings", + "markdownDescription": "The settings for a frame capture output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "FrameCaptureOutputSettings" + }, + "HlsOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.HlsOutputSettings", + "markdownDescription": "The settings for an HLS output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "HlsOutputSettings" + }, + "MediaPackageOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputSettings", + "markdownDescription": "The settings for a MediaPackage output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "MediaPackageOutputSettings" + }, + "MsSmoothOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothOutputSettings", + "markdownDescription": "The settings for a Microsoft Smooth output.", + "title": "MsSmoothOutputSettings" + }, + "MultiplexOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexOutputSettings", + "markdownDescription": "Configuration of a Multiplex output.", + "title": "MultiplexOutputSettings" + }, + "RtmpOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpOutputSettings", + "markdownDescription": "The settings for an RTMP output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "RtmpOutputSettings" + }, + "SrtOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.SrtOutputSettings", + "markdownDescription": "", + "title": "SrtOutputSettings" + }, + "UdpOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpOutputSettings", + "markdownDescription": "The settings for a UDP output.\n\nThe parent of this entity is OutputGroupSettings.", + "title": "UdpOutputSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDisplayMinMaxRange": { + "AWS::MediaLive::Channel.PassThroughSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.PipelineLockingSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.RawSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.Rec601Settings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.Rec709Settings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.RemixSettings": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", + "ChannelMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Channel.AudioChannelMapping" + }, + "markdownDescription": "A mapping of input channels to output channels, with appropriate gain adjustments.", + "title": "ChannelMappings", + "type": "array" + }, + "ChannelsIn": { + "markdownDescription": "The number of input channels to be used.", + "title": "ChannelsIn", "type": "number" }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", + "ChannelsOut": { + "markdownDescription": "The number of output channels to be produced. Valid values: 1, 2, 4, 6, 8.", + "title": "ChannelsOut", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDisplayOptions": { + "AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.RtmpGroupSettings": { "additionalProperties": false, "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", + "AdMarkers": { + "items": { + "type": "string" + }, + "markdownDescription": "Choose the ad marker type for this output group. MediaLive will create a message based on the content of each SCTE-35 message, format it for that marker type, and insert it in the datastream.", + "title": "AdMarkers", + "type": "array" + }, + "AuthenticationScheme": { + "markdownDescription": "An authentication scheme to use when connecting with a CDN.", + "title": "AuthenticationScheme", "type": "string" }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", + "CacheFullBehavior": { + "markdownDescription": "Controls behavior when the content cache fills up. If a remote origin server stalls the RTMP connection and doesn't accept content fast enough, the media cache fills up. When the cache reaches the duration specified by cacheLength, the cache stops accepting new content. If set to disconnectImmediately, the RTMP output forces a disconnect. Clear the media cache, and reconnect after restartDelay seconds. If set to waitForServer, the RTMP output waits up to 5 minutes to allow the origin server to begin accepting data again.", + "title": "CacheFullBehavior", "type": "string" }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" + "CacheLength": { + "markdownDescription": "The cache length, in seconds, that is used to calculate buffer size.", + "title": "CacheLength", + "type": "number" }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", + "CaptionData": { + "markdownDescription": "Controls the types of data that pass to onCaptionInfo outputs. If set to all, 608 and 708 carried DTVCC data is passed. If set to field1AndField2608, DTVCC data is stripped out, but 608 data from both fields is passed. If set to field1608, only the data carried in 608 from field 1 video is passed.", + "title": "CaptionData", "type": "string" }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" + "IncludeFillerNalUnits": { + "markdownDescription": "", + "title": "IncludeFillerNalUnits", + "type": "string" }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" + "InputLossAction": { + "markdownDescription": "Controls the behavior of this RTMP group if the input becomes unavailable. emitOutput: Emit a slate until the input returns. pauseOutput: Stop transmitting data until the input returns. This does not close the underlying RTMP connection.", + "title": "InputLossAction", + "type": "string" + }, + "RestartDelay": { + "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", + "title": "RestartDelay", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisDisplayRange": { + "AWS::MediaLive::Channel.RtmpOutputSettings": { "additionalProperties": false, "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", - "type": "object" + "CertificateMode": { + "markdownDescription": "If set to verifyAuthenticity, verifies the TLS certificate chain to a trusted certificate authority (CA). This causes RTMPS outputs with self-signed certificates to fail.", + "title": "CertificateMode", + "type": "string" }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" + "ConnectionRetryInterval": { + "markdownDescription": "The number of seconds to wait before retrying a connection to the Flash Media server if the connection is lost.", + "title": "ConnectionRetryInterval", + "type": "number" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The RTMP endpoint excluding the stream name (for example, rtmp://host/appname).", + "title": "Destination" + }, + "NumRetries": { + "markdownDescription": "The number of retry attempts.", + "title": "NumRetries", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLabelOptions": { + "AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.Scte20SourceSettings": { "additionalProperties": false, "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" - }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", + "Convert608To708": { + "markdownDescription": "If upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. Any 708 data present in the source content is discarded.", + "title": "Convert608To708", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" + "Source608ChannelNumber": { + "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions.", + "title": "Source608ChannelNumber", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLabelReferenceOptions": { + "AWS::MediaLive::Channel.Scte27DestinationSettings": { "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", - "title": "FieldId", - "type": "string" - } - }, - "required": [ - "Column", - "FieldId" - ], + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLinearScale": { + "AWS::MediaLive::Channel.Scte27SourceSettings": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", - "type": "number" + "OcrLanguage": { + "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", + "title": "OcrLanguage", + "type": "string" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", + "Pid": { + "markdownDescription": "The PID field is used in conjunction with the captions selector languageCode field as follows: Specify PID and Language: Extracts captions from that PID; the language is \"informational.\" Specify PID and omit Language: Extracts the specified PID. Omit PID and specify Language: Extracts the specified language, whichever PID that happens to be. Omit PID and omit Language: Valid only if source is DVB-Sub that is being passed through; all languages are passed through.", + "title": "Pid", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisLogarithmicScale": { + "AWS::MediaLive::Channel.Scte35SpliceInsert": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", + "AdAvailOffset": { + "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", + "title": "AdAvailOffset", "type": "number" + }, + "NoRegionalBlackoutFlag": { + "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "NoRegionalBlackoutFlag", + "type": "string" + }, + "WebDeliveryAllowedFlag": { + "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "WebDeliveryAllowedFlag", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisScale": { + "AWS::MediaLive::Channel.Scte35TimeSignalApos": { "additionalProperties": false, "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" + "AdAvailOffset": { + "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", + "title": "AdAvailOffset", + "type": "number" }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" + "NoRegionalBlackoutFlag": { + "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "NoRegionalBlackoutFlag", + "type": "string" + }, + "WebDeliveryAllowedFlag": { + "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", + "title": "WebDeliveryAllowedFlag", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.AxisTickLabelOptions": { + "AWS::MediaLive::Channel.SmpteTtDestinationSettings": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::MediaLive::Channel.SrtGroupSettings": { "additionalProperties": false, "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" - }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" + "InputLossAction": { + "markdownDescription": "", + "title": "InputLossAction", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartAggregatedFieldWells": { + "AWS::MediaLive::Channel.SrtOutputDestinationSettings": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", - "type": "array" + "EncryptionPassphraseSecretArn": { + "markdownDescription": "", + "title": "EncryptionPassphraseSecretArn", + "type": "string" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", - "type": "array" + "StreamId": { + "markdownDescription": "", + "title": "StreamId", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", - "title": "Values", - "type": "array" + "Url": { + "markdownDescription": "", + "title": "Url", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartConfiguration": { + "AWS::MediaLive::Channel.SrtOutputSettings": { "additionalProperties": false, "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" - }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "BufferMsec": { + "markdownDescription": "", + "title": "BufferMsec", + "type": "number" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", + "markdownDescription": "", + "title": "ContainerSettings" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "", + "title": "Destination" }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", + "EncryptionType": { + "markdownDescription": "", + "title": "EncryptionType", "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", - "title": "ValueLabelOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "Latency": { + "markdownDescription": "", + "title": "Latency", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartFieldWells": { + "AWS::MediaLive::Channel.StandardHlsSettings": { "additionalProperties": false, "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" + "AudioRenditionSets": { + "markdownDescription": "Lists all the audio groups that are used with the video output stream. This inputs all the audio GROUP-IDs that are associated with the video, separated by a comma (,).", + "title": "AudioRenditionSets", + "type": "string" + }, + "M3u8Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M3u8Settings", + "markdownDescription": "Settings for the M3U8 container.", + "title": "M3u8Settings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartSortConfiguration": { + "AWS::MediaLive::Channel.StaticKeySettings": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of category fields.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", - "type": "array" - }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "KeyProviderServer": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", + "markdownDescription": "The URL of the license server that is used for protecting content.", + "title": "KeyProviderServer" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "StaticKeyValue": { + "markdownDescription": "The static key value as a 32 character hexadecimal string.", + "title": "StaticKeyValue", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BarChartVisual": { + "AWS::MediaLive::Channel.TeletextDestinationSettings": { "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" - } - }, - "required": [ - "VisualId" - ], + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.BinCountOptions": { + "AWS::MediaLive::Channel.TeletextSourceSettings": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" + "OutputRectangle": { + "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionRectangle", + "markdownDescription": "Settings to configure the caption rectangle for an output captions that will be created using this Teletext source captions.", + "title": "OutputRectangle" + }, + "PageNumber": { + "markdownDescription": "Specifies the Teletext page number within the data stream from which to extract captions. The range is 0x100 (256) to 0x8FF (2303). This is unused for passthrough. It should be specified as a hexadecimal string with no \"0x\" prefix.", + "title": "PageNumber", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BinWidthOptions": { + "AWS::MediaLive::Channel.TemporalFilterSettings": { "additionalProperties": false, "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" + "PostFilterSharpening": { + "markdownDescription": "If you enable this filter, the results are the following:\n- If the source content is noisy (it contains excessive digital artifacts), the filter cleans up the source.\n- If the source content is already clean, the filter tends to decrease the bitrate, especially when the rate control mode is QVBR.", + "title": "PostFilterSharpening", + "type": "string" }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", - "type": "number" + "Strength": { + "markdownDescription": "Choose a filter strength. We recommend a strength of 1 or 2. A higher strength might take out good information, resulting in an image that is overly soft.", + "title": "Strength", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BodySectionConfiguration": { + "AWS::MediaLive::Channel.ThumbnailConfiguration": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" - }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" - }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", + "State": { + "markdownDescription": "", + "title": "State", "type": "string" - }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" } }, - "required": [ - "Content", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.BodySectionContent": { + "AWS::MediaLive::Channel.TimecodeBurninSettings": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" + "FontSize": { + "markdownDescription": "", + "title": "FontSize", + "type": "string" + }, + "Position": { + "markdownDescription": "", + "title": "Position", + "type": "string" + }, + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells": { + "AWS::MediaLive::Channel.TimecodeConfig": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", - "type": "array" + "Source": { + "markdownDescription": "Identifies the source for the timecode that will be associated with the channel outputs. Embedded (embedded): Initialize the output timecode with timecode from the source. If no embedded timecode is detected in the source, the system falls back to using \"Start at 0\" (zerobased). System Clock (systemclock): Use the UTC time. Start at 0 (zerobased): The time of the first frame of the channel will be 00:00:00:00.", + "title": "Source", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "SyncThreshold": { + "markdownDescription": "The threshold in frames beyond which output timecode is resynchronized to the input timecode. Discrepancies below this threshold are permitted to avoid unnecessary discontinuities in the output timecode. There is no timecode sync when this is not specified.", + "title": "SyncThreshold", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotChartConfiguration": { + "AWS::MediaLive::Channel.TtmlDestinationSettings": { "additionalProperties": false, "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "StyleControl": { + "markdownDescription": "When set to passthrough, passes through style and position information from a TTML-like input source (TTML, SMPTE-TT, CFF-TT) to the CFF-TT output or TTML output.", + "title": "StyleControl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotFieldWells": { + "AWS::MediaLive::Channel.UdpContainerSettings": { "additionalProperties": false, "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" + "M2tsSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", + "markdownDescription": "The M2TS configuration for this UDP output.", + "title": "M2tsSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotOptions": { + "AWS::MediaLive::Channel.UdpGroupSettings": { "additionalProperties": false, "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", + "InputLossAction": { + "markdownDescription": "Specifies the behavior of the last resort when the input video is lost, and no more backup inputs are available. When dropTs is selected, the entire transport stream stops emitting. When dropProgram is selected, the program can be dropped from the transport stream (and replaced with null packets to meet the TS bitrate requirement). Or when emitProgram is selected, the transport stream continues to be produced normally with repeat frames, black frames, or slate frames substituted for the absent input video.", + "title": "InputLossAction", "type": "string" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "TimedMetadataId3Frame": { + "markdownDescription": "Indicates the ID3 frame that has the timecode.", + "title": "TimedMetadataId3Frame", "type": "string" }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" + "TimedMetadataId3Period": { + "markdownDescription": "The timed metadata interval in seconds.", + "title": "TimedMetadataId3Period", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotSortConfiguration": { + "AWS::MediaLive::Channel.UdpOutputSettings": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "BufferMsec": { + "markdownDescription": "The UDP output buffering in milliseconds. Larger values increase latency through the transcoder but simultaneously assist the transcoder in maintaining a constant, low-jitter UDP/RTP output while accommodating clock recovery, input switching, input disruptions, picture reordering, and so on.", + "title": "BufferMsec", + "type": "number" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" + "ContainerSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", + "markdownDescription": "The settings for the UDP output.", + "title": "ContainerSettings" + }, + "Destination": { + "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", + "markdownDescription": "The destination address and port number for RTP or UDP packets. These can be unicast or multicast RTP or UDP (for example, rtp://239.10.10.10:5001 or udp://10.100.100.100:5002).", + "title": "Destination" + }, + "FecOutputSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FecOutputSettings", + "markdownDescription": "The settings for enabling and adjusting Forward Error Correction on UDP outputs.", + "title": "FecOutputSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotStyleOptions": { + "AWS::MediaLive::Channel.VideoBlackFailoverSettings": { "additionalProperties": false, "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", - "type": "string" + "BlackDetectThreshold": { + "markdownDescription": "A value used in calculating the threshold below which MediaLive considers a pixel to be 'black'. For the input to be considered black, every pixel in a frame must be below this threshold. The threshold is calculated as a percentage (expressed as a decimal) of white. Therefore .1 means 10% white (or 90% black). Note how the formula works for any color depth. For example, if you set this field to 0.1 in 10-bit color depth: (1023*0.1=102.3), which means a pixel value of 102 or less is 'black'. If you set this field to .1 in an 8-bit color depth: (255*0.1=25.5), which means a pixel value of 25 or less is 'black'. The range is 0.0 to 1.0, with any number of decimal places.", + "title": "BlackDetectThreshold", + "type": "number" + }, + "VideoBlackThresholdMsec": { + "markdownDescription": "The amount of time (in milliseconds) that the active input must be black before automatic input failover occurs.", + "title": "VideoBlackThresholdMsec", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.BoxPlotVisual": { + "AWS::MediaLive::Channel.VideoCodecSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Av1Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Av1Settings", + "markdownDescription": "", + "title": "Av1Settings" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "FrameCaptureSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureSettings", + "markdownDescription": "The settings for the video codec in a frame capture output.", + "title": "FrameCaptureSettings" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "H264Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H264Settings", + "markdownDescription": "The settings for the H.264 codec in the output.", + "title": "H264Settings" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "H265Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.H265Settings", + "markdownDescription": "Settings for video encoded with the H265 codec.", + "title": "H265Settings" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "Mpeg2Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2Settings", + "markdownDescription": "Settings for video encoded with the MPEG-2 codec.", + "title": "Mpeg2Settings" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CalculatedField": { + "AWS::MediaLive::Channel.VideoDescription": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", - "type": "string" + "CodecSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoCodecSettings", + "markdownDescription": "The video codec settings.", + "title": "CodecSettings" }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", - "type": "string" + "Height": { + "markdownDescription": "The output video height, in pixels. This must be an even number. For most codecs, you can keep this field and width blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", + "title": "Height", + "type": "number" }, "Name": { - "markdownDescription": "The name of the calculated field.", + "markdownDescription": "The name of this VideoDescription. Outputs use this name to uniquely identify this description. Description names should be unique within this channel.", "title": "Name", "type": "string" + }, + "RespondToAfd": { + "markdownDescription": "Indicates how to respond to the AFD values in the input stream. RESPOND causes input video to be clipped, depending on the AFD value, input display aspect ratio, and output display aspect ratio, and (except for the FRAMECAPTURE codec) includes the values in the output. PASSTHROUGH (does not apply to FRAMECAPTURE codec) ignores the AFD values and includes the values in the output, so input video is not clipped. NONE ignores the AFD values and does not include the values through to the output, so input video is not clipped.", + "title": "RespondToAfd", + "type": "string" + }, + "ScalingBehavior": { + "markdownDescription": "STRETCHTOOUTPUT configures the output position to stretch the video to the specified output resolution (height and width). This option overrides any position value. DEFAULT might insert black boxes (pillar boxes or letter boxes) around the video to provide the specified output resolution.", + "title": "ScalingBehavior", + "type": "string" + }, + "Sharpness": { + "markdownDescription": "Changes the strength of the anti-alias filter used for scaling. 0 is the softest setting, and 100 is the sharpest. We recommend a setting of 50 for most content.", + "title": "Sharpness", + "type": "number" + }, + "Width": { + "markdownDescription": "The output video width, in pixels. It must be an even number. For most codecs, you can keep this field and height blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", + "title": "Width", + "type": "number" } }, - "required": [ - "DataSetIdentifier", - "Expression", - "Name" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CalculatedMeasureField": { + "AWS::MediaLive::Channel.VideoSelector": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", + "ColorSpace": { + "markdownDescription": "Specifies the color space of an input. This setting works in tandem with colorSpaceConversion to determine if MediaLive will perform any conversion.", + "title": "ColorSpace", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "ColorSpaceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings", + "markdownDescription": "Settings to configure color space settings in the incoming video.", + "title": "ColorSpaceSettings" + }, + "ColorSpaceUsage": { + "markdownDescription": "Applies only if colorSpace is a value other than Follow. This field controls how the value in the colorSpace field is used. Fallback means that when the input does include color space data, that data is used, but when the input has no color space data, the value in colorSpace is used. Choose fallback if your input is sometimes missing color space data, but when it does have color space data, that data is correct. Force means to always use the value in colorSpace. Choose force if your input usually has no color space data or might have unreliable color space data.", + "title": "ColorSpaceUsage", "type": "string" + }, + "SelectorSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorSettings", + "markdownDescription": "Information about the video to select from the content.", + "title": "SelectorSettings" } }, - "required": [ - "Expression", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CascadingControlConfiguration": { + "AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings": { "additionalProperties": false, "properties": { - "SourceControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlSource" - }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", - "type": "array" + "Hdr10Settings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", + "markdownDescription": "Settings to configure color space settings in the incoming video.", + "title": "Hdr10Settings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CascadingControlSource": { + "AWS::MediaLive::Channel.VideoSelectorPid": { "additionalProperties": false, "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" - }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", - "type": "string" + "Pid": { + "markdownDescription": "Selects a specific PID from within a video source.", + "title": "Pid", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CategoricalDimensionField": { + "AWS::MediaLive::Channel.VideoSelectorProgramId": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" + "ProgramId": { + "markdownDescription": "Selects a specific program from within a multi-program transport stream. If the program doesn't exist, MediaLive selects the first program within the transport stream by default.", + "title": "ProgramId", + "type": "number" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoricalMeasureField": { + "AWS::MediaLive::Channel.VideoSelectorSettings": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", - "type": "string" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "VideoSelectorPid": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorPid", + "markdownDescription": "Used to extract video by PID.", + "title": "VideoSelectorPid" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "VideoSelectorProgramId": { + "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorProgramId", + "markdownDescription": "Used to extract video by program ID.", + "title": "VideoSelectorProgramId" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoryDrillDownFilter": { + "AWS::MediaLive::Channel.VpcOutputSettings": { "additionalProperties": false, "properties": { - "CategoryValues": { + "PublicAddressAllocationIds": { "items": { "type": "string" }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", + "markdownDescription": "List of public address allocation IDs to associate with ENIs that will be created in Output VPC. Must specify one for SINGLE_PIPELINE, two for STANDARD channels", + "title": "PublicAddressAllocationIds", "type": "array" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - } - }, - "required": [ - "CategoryValues", - "Column" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CategoryFilter": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of up to 5 EC2 VPC security group IDs to attach to the Output VPC network interfaces.\nIf none are specified then the VPC default security group will be used", + "title": "SecurityGroupIds", + "type": "array" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs from the same VPC.\nIf STANDARD channel, subnet IDs must be mapped to two unique availability zones (AZ).", + "title": "SubnetIds", + "type": "array" } }, - "required": [ - "Column", - "Configuration", - "FilterId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CategoryFilterConfiguration": { + "AWS::MediaLive::Channel.WavSettings": { "additionalProperties": false, "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" + "BitDepth": { + "markdownDescription": "Bits per sample.", + "title": "BitDepth", + "type": "number" }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "CodingMode": { + "markdownDescription": "The audio coding mode for the WAV audio. The mode determines the number of channels in the audio.", + "title": "CodingMode", + "type": "string" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" + "SampleRate": { + "markdownDescription": "Sample rate in Hz.", + "title": "SampleRate", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ChartAxisLabelOptions": { + "AWS::MediaLive::Channel.WebvttDestinationSettings": { "additionalProperties": false, "properties": { - "AxisLabelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelOptions" - }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", - "type": "array" - }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", + "StyleControl": { + "markdownDescription": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO_STYLE_DATA - Don't pass through the style. The output captions will not contain any font styling information.", + "title": "StyleControl", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ClusterMarker": { + "AWS::MediaLive::ChannelPlacementGroup": { "additionalProperties": false, "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterId": { + "markdownDescription": "", + "title": "ClusterId", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Nodes": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Nodes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::ChannelPlacementGroup.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::ChannelPlacementGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ClusterMarkerConfiguration": { + "AWS::MediaLive::ChannelPlacementGroup.Tags": { "additionalProperties": false, "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ColorScale": { + "AWS::MediaLive::CloudWatchAlarmTemplate": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", + "Condition": { "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ComparisonOperator": { + "markdownDescription": "The comparison operator used to compare the specified statistic and the threshold.", + "title": "ComparisonOperator", + "type": "string" + }, + "DatapointsToAlarm": { + "markdownDescription": "The number of datapoints within the evaluation period that must be breaching to trigger the alarm.", + "title": "DatapointsToAlarm", + "type": "number" + }, + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "EvaluationPeriods": { + "markdownDescription": "The number of periods over which data is compared to the specified threshold.", + "title": "EvaluationPeriods", + "type": "number" + }, + "GroupIdentifier": { + "markdownDescription": "A cloudwatch alarm template group's identifier. Can be either be its id or current name.", + "title": "GroupIdentifier", + "type": "string" + }, + "MetricName": { + "markdownDescription": "The name of the metric associated with the alarm. Must be compatible with targetResourceType.", + "title": "MetricName", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Period": { + "markdownDescription": "The period, in seconds, over which the specified statistic is applied.", + "title": "Period", + "type": "number" + }, + "Statistic": { + "markdownDescription": "The statistic to apply to the alarm's metric data.", + "title": "Statistic", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TargetResourceType": { + "markdownDescription": "The resource type this template should dynamically generate CloudWatch metric alarms for.", + "title": "TargetResourceType", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The threshold value to compare with the specified statistic.", + "title": "Threshold", + "type": "number" + }, + "TreatMissingData": { + "markdownDescription": "Specifies how missing data points are treated when evaluating the alarm's condition.", + "title": "TreatMissingData", + "type": "string" + } }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", - "type": "array" + "required": [ + "ComparisonOperator", + "EvaluationPeriods", + "MetricName", + "Name", + "Period", + "Statistic", + "TargetResourceType", + "Threshold", + "TreatMissingData" + ], + "type": "object" }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" + "Type": { + "enum": [ + "AWS::MediaLive::CloudWatchAlarmTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ColorFillType", - "Colors" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ColorsConfiguration": { + "AWS::MediaLive::CloudWatchAlarmTemplateGroup": { "additionalProperties": false, "properties": { - "CustomColors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomColor" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", - "type": "array" + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::CloudWatchAlarmTemplateGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ColumnConfiguration": { + "AWS::MediaLive::Cluster": { "additionalProperties": false, "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterType": { + "markdownDescription": "", + "title": "ClusterType", + "type": "string" + }, + "InstanceRoleArn": { + "markdownDescription": "", + "title": "InstanceRoleArn", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "NetworkSettings": { + "$ref": "#/definitions/AWS::MediaLive::Cluster.ClusterNetworkSettings", + "markdownDescription": "", + "title": "NetworkSettings" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Cluster.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.ColumnHierarchy": { + "AWS::MediaLive::Cluster.ClusterNetworkSettings": { "additionalProperties": false, "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" - }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" + "DefaultRoute": { + "markdownDescription": "", + "title": "DefaultRoute", + "type": "string" }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" + "InterfaceMappings": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Cluster.InterfaceMapping" + }, + "markdownDescription": "", + "title": "InterfaceMappings", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ColumnIdentifier": { + "AWS::MediaLive::Cluster.InterfaceMapping": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "LogicalInterfaceName": { + "markdownDescription": "", + "title": "LogicalInterfaceName", "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", + "NetworkId": { + "markdownDescription": "", + "title": "NetworkId", "type": "string" } }, - "required": [ - "ColumnName", - "DataSetIdentifier" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ColumnSort": { + "AWS::MediaLive::Cluster.Tags": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" - }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "Value": { "markdownDescription": "", - "title": "SortBy" + "title": "Value", + "type": "string" } }, - "required": [ - "Direction", - "SortBy" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ColumnTooltipItem": { + "AWS::MediaLive::EventBridgeRuleTemplate": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "EventTargets": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplate.EventBridgeRuleTemplateTarget" + }, + "markdownDescription": "The destinations that will receive the event notifications.", + "title": "EventTargets", + "type": "array" + }, + "EventType": { + "markdownDescription": "The type of event to match with the rule.", + "title": "EventType", + "type": "string" + }, + "GroupIdentifier": { + "markdownDescription": "An eventbridge rule template group's identifier. Can be either be its id or current name.", + "title": "GroupIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "EventType", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::EventBridgeRuleTemplate" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells": { + "AWS::MediaLive::EventBridgeRuleTemplate.EventBridgeRuleTemplateTarget": { "additionalProperties": false, "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" - }, - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated category field wells of a combo chart.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", - "type": "array" - }, - "LineValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", - "type": "array" + "Arn": { + "markdownDescription": "Target ARNs must be either an SNS topic or CloudWatch log group.", + "title": "Arn", + "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartConfiguration": { + "AWS::MediaLive::EventBridgeRuleTemplateGroup": { "additionalProperties": false, "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" - }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", + "Condition": { "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", - "title": "SortConfiguration" + "required": [ + "Name" + ], + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" + "Type": { + "enum": [ + "AWS::MediaLive::EventBridgeRuleTemplateGroup" + ], + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ComboChartFieldWells": { - "additionalProperties": false, - "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartSortConfiguration": { + "AWS::MediaLive::Input": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", - "title": "CategoryItemsLimit" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", - "title": "CategorySort", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputDestinationRequest" + }, + "markdownDescription": "Settings that apply only if the input is a push type of input.", + "title": "Destinations", + "type": "array" + }, + "InputDevices": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputDeviceSettings" + }, + "markdownDescription": "Settings that apply only if the input is an Elemental Link input.", + "title": "InputDevices", + "type": "array" + }, + "InputNetworkLocation": { + "markdownDescription": "", + "title": "InputNetworkLocation", + "type": "string" + }, + "InputSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of input security groups (referenced by IDs) to attach to the input if the input is a push type.", + "title": "InputSecurityGroups", + "type": "array" + }, + "MediaConnectFlows": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MediaConnectFlowRequest" + }, + "markdownDescription": "Settings that apply only if the input is a MediaConnect input.", + "title": "MediaConnectFlows", + "type": "array" + }, + "MulticastSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSettingsCreateRequest", + "markdownDescription": "", + "title": "MulticastSettings" + }, + "Name": { + "markdownDescription": "A name for the input.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM role for MediaLive to assume when creating a MediaConnect input or Amazon VPC input. This doesn't apply to other types of inputs. The role is identified by its ARN.", + "title": "RoleArn", + "type": "string" + }, + "SdiSources": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SdiSources", + "type": "array" + }, + "Smpte2110ReceiverGroupSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroupSettings", + "markdownDescription": "", + "title": "Smpte2110ReceiverGroupSettings" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSourceRequest" + }, + "markdownDescription": "Settings that apply only if the input is a pull type of input.", + "title": "Sources", + "type": "array" + }, + "SrtSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.SrtSettingsRequest", + "markdownDescription": "", + "title": "SrtSettings" + }, + "Tags": { + "markdownDescription": "A collection of tags for this input. Each tag is a key-value pair.", + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The type for this input.", + "title": "Type", + "type": "string" + }, + "Vpc": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputVpcRequest", + "markdownDescription": "Settings that apply only if the input is an push input where the source is on Amazon VPC.", + "title": "Vpc" + } }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Input" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ComboChartVisual": { + "AWS::MediaLive::Input.InputDestinationRequest": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Network": { + "markdownDescription": "", + "title": "Network", + "type": "string" }, - "ColumnHierarchies": { + "NetworkRoutes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "$ref": "#/definitions/AWS::MediaLive::Input.InputRequestDestinationRoute" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "", + "title": "NetworkRoutes", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "StaticIpAddress": { + "markdownDescription": "", + "title": "StaticIpAddress", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "StreamName": { + "markdownDescription": "The stream name (application name/application instance) for the location the RTMP source content will be pushed to in MediaLive.", + "title": "StreamName", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ComparisonConfiguration": { + "AWS::MediaLive::Input.InputDeviceRequest": { "additionalProperties": false, "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" - }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", + "Id": { "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ComparisonFormatConfiguration": { + "AWS::MediaLive::Input.InputDeviceSettings": { "additionalProperties": false, "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" - }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" + "Id": { + "markdownDescription": "The unique ID for the device.", + "title": "Id", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.Computation": { + "AWS::MediaLive::Input.InputRequestDestinationRoute": { "additionalProperties": false, "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" - }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" - }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" - }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" - }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" - }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" - }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" - }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" - }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" + "Cidr": { + "markdownDescription": "", + "title": "Cidr", + "type": "string" }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" + "Gateway": { + "markdownDescription": "", + "title": "Gateway", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingColor": { + "AWS::MediaLive::Input.InputSdpLocation": { "additionalProperties": false, "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" + "MediaIndex": { + "markdownDescription": "", + "title": "MediaIndex", + "type": "number" }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" + "SdpUrl": { + "markdownDescription": "", + "title": "SdpUrl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition": { + "AWS::MediaLive::Input.InputSourceRequest": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", + "PasswordParam": { + "markdownDescription": "The password parameter that holds the password for accessing the upstream system. The password parameter applies only if the upstream system requires credentials.", + "title": "PasswordParam", "type": "string" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" - }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", + "Url": { + "markdownDescription": "For a pull input, the URL where MediaLive pulls the source content from.", + "title": "Url", "type": "string" }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" + "Username": { + "markdownDescription": "The user name to connect to the upstream system. The user name applies only if the upstream system requires credentials.", + "title": "Username", + "type": "string" } }, - "required": [ - "Expression", - "IconOptions" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions": { + "AWS::MediaLive::Input.InputVpcRequest": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of up to five VPC security group IDs to attach to the input VPC network interfaces. The security groups require subnet IDs. If none are specified, MediaLive uses the VPC default security group.", + "title": "SecurityGroupIds", + "type": "array" }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of two VPC subnet IDs from the same VPC. You must associate subnet IDs to two unique Availability Zones.", + "title": "SubnetIds", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingGradientColor": { + "AWS::MediaLive::Input.MediaConnectFlowRequest": { "additionalProperties": false, "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" - }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", + "FlowArn": { + "markdownDescription": "The ARN of one or two MediaConnect flows that are the sources for this MediaConnect input.", + "title": "FlowArn", "type": "string" } }, - "required": [ - "Color", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIcon": { + "AWS::MediaLive::Input.MulticastSettingsCreateRequest": { "additionalProperties": false, "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" - }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSourceCreateRequest" + }, + "markdownDescription": "", + "title": "Sources", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration": { + "AWS::MediaLive::Input.MulticastSettingsUpdateRequest": { "additionalProperties": false, "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", - "type": "string" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.MulticastSourceUpdateRequest" + }, + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingIconSet": { + "AWS::MediaLive::Input.MulticastSourceCreateRequest": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", + "SourceIp": { + "markdownDescription": "", + "title": "SourceIp", "type": "string" }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", + "Url": { + "markdownDescription": "", + "title": "Url", "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ConditionalFormattingSolidColor": { + "AWS::MediaLive::Input.MulticastSourceUpdateRequest": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "SourceIp": { "type": "string" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", + "Url": { "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ContributionAnalysisDefault": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroup": { "additionalProperties": false, "properties": { - "ContributorDimensions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" - }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", - "type": "array" - }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", - "type": "string" + "SdpSettings": { + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroupSdpSettings", + "markdownDescription": "", + "title": "SdpSettings" } }, - "required": [ - "ContributorDimensions", - "MeasureFieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroupSdpSettings": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", - "type": "string" - }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", - "type": "string" + "AncillarySdps": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation" + }, + "markdownDescription": "", + "title": "AncillarySdps", + "type": "array" }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomActionFilterOperation": { - "additionalProperties": false, - "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" + "AudioSdps": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation" + }, + "markdownDescription": "", + "title": "AudioSdps", + "type": "array" }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" - } - }, - "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomActionNavigationOperation": { - "additionalProperties": false, - "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" + "VideoSdp": { + "$ref": "#/definitions/AWS::MediaLive::Input.InputSdpLocation", + "markdownDescription": "", + "title": "VideoSdp" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CustomActionSetParametersOperation": { + "AWS::MediaLive::Input.Smpte2110ReceiverGroupSettings": { "additionalProperties": false, "properties": { - "ParameterValueConfigurations": { + "Smpte2110ReceiverGroups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SetParameterValueConfiguration" + "$ref": "#/definitions/AWS::MediaLive::Input.Smpte2110ReceiverGroup" }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", + "markdownDescription": "", + "title": "Smpte2110ReceiverGroups", "type": "array" } }, - "required": [ - "ParameterValueConfigurations" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomActionURLOperation": { + "AWS::MediaLive::Input.SrtCallerDecryptionRequest": { "additionalProperties": false, "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", + "Algorithm": { + "markdownDescription": "", + "title": "Algorithm", "type": "string" }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", + "PassphraseSecretArn": { + "markdownDescription": "", + "title": "PassphraseSecretArn", "type": "string" } }, - "required": [ - "URLTarget", - "URLTemplate" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomColor": { + "AWS::MediaLive::Input.SrtCallerSourceRequest": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", - "type": "string" + "Decryption": { + "$ref": "#/definitions/AWS::MediaLive::Input.SrtCallerDecryptionRequest", + "markdownDescription": "", + "title": "Decryption" }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", - "type": "string" + "MinimumLatency": { + "markdownDescription": "", + "title": "MinimumLatency", + "type": "number" }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", - "type": "string" - } - }, - "required": [ - "Color" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.CustomContentConfiguration": { - "additionalProperties": false, - "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", + "SrtListenerAddress": { + "markdownDescription": "", + "title": "SrtListenerAddress", "type": "string" }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", + "SrtListenerPort": { + "markdownDescription": "", + "title": "SrtListenerPort", "type": "string" }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", + "StreamId": { + "markdownDescription": "", + "title": "StreamId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CustomContentVisual": { + "AWS::MediaLive::Input.SrtSettingsRequest": { "additionalProperties": false, "properties": { - "Actions": { + "SrtCallerSources": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::MediaLive::Input.SrtCallerSourceRequest" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "", + "title": "SrtCallerSources", "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", - "title": "ChartConfiguration" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", - "type": "string" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" } }, - "required": [ - "DataSetIdentifier", - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomFilterConfiguration": { + "AWS::MediaLive::InputSecurityGroup": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", + "Condition": { "type": "string" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "markdownDescription": "A collection of tags for this input security group. Each tag is a key-value pair.", + "title": "Tags", + "type": "object" + }, + "WhitelistRules": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr" + }, + "markdownDescription": "The list of IPv4 CIDR addresses to include in the input security group as \"allowed\" addresses.", + "title": "WhitelistRules", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::InputSecurityGroup" + ], "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MatchOperator", - "NullOption" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomFilterListConfiguration": { + "AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "Cidr": { + "markdownDescription": "An IPv4 CIDR range to include in this input security group.", + "title": "Cidr", "type": "string" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomNarrativeOptions": { + "AWS::MediaLive::Multiplex": { "additionalProperties": false, "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of availability zones for the multiplex.", + "title": "AvailabilityZones", + "type": "array" + }, + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexOutputDestination" + }, + "markdownDescription": "A list of the multiplex output destinations.", + "title": "Destinations", + "type": "array" + }, + "MultiplexSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexSettings", + "markdownDescription": "Configuration for a multiplex event.", + "title": "MultiplexSettings" + }, + "Name": { + "markdownDescription": "The name of the multiplex.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.Tags" + }, + "markdownDescription": "A collection of key-value pairs.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AvailabilityZones", + "MultiplexSettings", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Multiplex" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Narrative" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.CustomParameterValues": { + "AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings": { "additionalProperties": false, "properties": { - "DateTimeValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", - "type": "array" - }, - "DecimalValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", - "type": "array" - }, - "IntegerValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", - "type": "array" - }, - "StringValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", - "type": "array" + "EntitlementArn": { + "markdownDescription": "The MediaConnect entitlement ARN available as a Flow source.", + "title": "EntitlementArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.CustomValuesConfiguration": { + "AWS::MediaLive::Multiplex.MultiplexOutputDestination": { "additionalProperties": false, "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomParameterValues", + "MultiplexMediaConnectOutputDestinationSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings", "markdownDescription": "", - "title": "CustomValues" - }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", - "type": "boolean" + "title": "MultiplexMediaConnectOutputDestinationSettings" } }, - "required": [ - "CustomValues" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataBarsOptions": { + "AWS::MediaLive::Multiplex.MultiplexSettings": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", - "type": "string" + "MaximumVideoBufferDelayMilliseconds": { + "markdownDescription": "Maximum video buffer delay in milliseconds.", + "title": "MaximumVideoBufferDelayMilliseconds", + "type": "number" }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", - "type": "string" + "TransportStreamBitrate": { + "markdownDescription": "Transport stream bit rate.", + "title": "TransportStreamBitrate", + "type": "number" }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", - "type": "string" + "TransportStreamId": { + "markdownDescription": "Transport stream ID.", + "title": "TransportStreamId", + "type": "number" + }, + "TransportStreamReservedBitrate": { + "markdownDescription": "Transport stream reserved bit rate.", + "title": "TransportStreamReservedBitrate", + "type": "number" } }, "required": [ - "FieldId" + "TransportStreamBitrate", + "TransportStreamId" ], "type": "object" }, - "AWS::QuickSight::Analysis.DataColor": { + "AWS::MediaLive::Multiplex.Tags": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", - "type": "number" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataFieldSeriesItem": { + "AWS::MediaLive::Multiplexprogram": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MultiplexId": { + "markdownDescription": "The unique id of the multiplex.", + "title": "MultiplexId", + "type": "string" + }, + "MultiplexProgramSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings", + "markdownDescription": "Multiplex Program settings configuration.", + "title": "MultiplexProgramSettings" + }, + "PacketIdentifiersMap": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap", + "markdownDescription": "", + "title": "PacketIdentifiersMap" + }, + "PipelineDetails": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail" + }, + "markdownDescription": "", + "title": "PipelineDetails", + "type": "array" + }, + "PreferredChannelPipeline": { + "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.\nIf set to \\\"PIPELINE_0\\\" or \\\"PIPELINE_1\\\" and an unhealthy ingest causes the multiplex to switch to the non-preferred pipeline,\nit will switch back once that ingest is healthy again. If set to \\\"CURRENTLY_ACTIVE\\\",\nit will not switch back to the other pipeline based on it recovering to a healthy state,\nit will only switch if the active pipeline becomes unhealthy.", + "title": "PreferredChannelPipeline", + "type": "string" + }, + "ProgramName": { + "markdownDescription": "", + "title": "ProgramName", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Multiplexprogram" + ], "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "AxisBinding", - "FieldId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.DataLabelOptions": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", - "type": "string" + "AudioPids": { + "items": { + "type": "number" + }, + "markdownDescription": "", + "title": "AudioPids", + "type": "array" }, - "DataLabelTypes": { + "DvbSubPids": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelType" + "type": "number" }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", + "markdownDescription": "", + "title": "DvbSubPids", "type": "array" }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", - "type": "string" + "DvbTeletextPid": { + "markdownDescription": "", + "title": "DvbTeletextPid", + "type": "number" }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", - "type": "string" + "EtvPlatformPid": { + "markdownDescription": "", + "title": "EtvPlatformPid", + "type": "number" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" + "EtvSignalPid": { + "markdownDescription": "", + "title": "EtvSignalPid", + "type": "number" }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "KlvDataPids": { + "items": { + "type": "number" + }, + "markdownDescription": "", + "title": "KlvDataPids", + "type": "array" }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", - "type": "string" + "PcrPid": { + "markdownDescription": "", + "title": "PcrPid", + "type": "number" }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", - "type": "string" + "PmtPid": { + "markdownDescription": "", + "title": "PmtPid", + "type": "number" }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", - "type": "string" + "PrivateMetadataPid": { + "markdownDescription": "", + "title": "PrivateMetadataPid", + "type": "number" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", - "type": "string" + "Scte27Pids": { + "items": { + "type": "number" + }, + "markdownDescription": "", + "title": "Scte27Pids", + "type": "array" + }, + "Scte35Pid": { + "markdownDescription": "", + "title": "Scte35Pid", + "type": "number" + }, + "TimedMetadataPid": { + "markdownDescription": "", + "title": "TimedMetadataPid", + "type": "number" + }, + "VideoPid": { + "markdownDescription": "", + "title": "VideoPid", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataLabelType": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail": { "additionalProperties": false, "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" - }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" - }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" - }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" + "ActiveChannelPipeline": { + "markdownDescription": "Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex.", + "title": "ActiveChannelPipeline", + "type": "string" }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" + "PipelineId": { + "markdownDescription": "Identifies a specific pipeline in the multiplex.", + "title": "PipelineId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataPathColor": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", + "ProviderName": { + "markdownDescription": "Name of the provider.", + "title": "ProviderName", "type": "string" }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" - }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", + "ServiceName": { + "markdownDescription": "Name of the service.", + "title": "ServiceName", "type": "string" } }, "required": [ - "Color", - "Element" + "ProviderName", + "ServiceName" ], "type": "object" }, - "AWS::QuickSight::Analysis.DataPathLabelType": { + "AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", + "PreferredChannelPipeline": { + "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.", + "title": "PreferredChannelPipeline", "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", - "type": "string" + "ProgramNumber": { + "markdownDescription": "Unique program number.", + "title": "ProgramNumber", + "type": "number" }, - "Visibility": { - "markdownDescription": "The visibility of the data label.", - "title": "Visibility", - "type": "string" + "ServiceDescriptor": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor", + "markdownDescription": "Transport stream service descriptor configuration for the Multiplex program.", + "title": "ServiceDescriptor" + }, + "VideoSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings", + "markdownDescription": "Program video settings configuration.", + "title": "VideoSettings" } }, + "required": [ + "ProgramNumber" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DataPathSort": { + "AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", - "type": "string" + "MaximumBitrate": { + "markdownDescription": "Maximum statmux bitrate.", + "title": "MaximumBitrate", + "type": "number" }, - "SortPaths": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" - }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", - "type": "array" + "MinimumBitrate": { + "markdownDescription": "Minimum statmux bitrate.", + "title": "MinimumBitrate", + "type": "number" + }, + "Priority": { + "markdownDescription": "The purpose of the priority is to use a combination of the\\nmultiplex rate control algorithm and the QVBR capability of the\\nencoder to prioritize the video quality of some channels in a\\nmultiplex over others. Channels that have a higher priority will\\nget higher video quality at the expense of the video quality of\\nother channels in the multiplex with lower priority.", + "title": "Priority", + "type": "number" } }, - "required": [ - "Direction", - "SortPaths" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DataPathType": { + "AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings": { "additionalProperties": false, "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", - "type": "string" + "ConstantBitrate": { + "markdownDescription": "The constant bitrate configuration for the video encode.\nWhen this field is defined, StatmuxSettings must be undefined.", + "title": "ConstantBitrate", + "type": "number" + }, + "StatmuxSettings": { + "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings", + "markdownDescription": "Statmux rate control settings.\nWhen this field is defined, ConstantBitrate must be undefined.", + "title": "StatmuxSettings" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DataPathValue": { + "AWS::MediaLive::Network": { "additionalProperties": false, "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" + "Condition": { + "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DataSetIdentifierDeclaration": { - "additionalProperties": false, - "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", - "title": "DataSetArn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IpPools": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.IpPool" + }, + "markdownDescription": "", + "title": "IpPools", + "type": "array" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Routes": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.Route" + }, + "markdownDescription": "", + "title": "Routes", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::Network.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "IpPools", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::Network" + ], "type": "string" }, - "Identifier": { - "markdownDescription": "The identifier of the data set, typically the data set's name.", - "title": "Identifier", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSetArn", - "Identifier" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.DataSetReference": { + "AWS::MediaLive::Network.IpPool": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", - "type": "string" - }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", + "Cidr": { + "markdownDescription": "", + "title": "Cidr", "type": "string" } }, - "required": [ - "DataSetArn", - "DataSetPlaceholder" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateAxisOptions": { + "AWS::MediaLive::Network.Route": { "additionalProperties": false, "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", + "Cidr": { + "markdownDescription": "", + "title": "Cidr", + "type": "string" + }, + "Gateway": { + "markdownDescription": "", + "title": "Gateway", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DateDimensionField": { + "AWS::MediaLive::Network.Tags": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" - }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Key": { + "markdownDescription": "", + "title": "Key", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Value": { + "markdownDescription": "", + "title": "Value", "type": "string" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateMeasureField": { + "AWS::MediaLive::SdiSource": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "Condition": { "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "", + "title": "Mode", + "type": "string" + }, + "Name": { + "markdownDescription": "", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SdiSource.Tags" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaLive::SdiSource" + ], "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeDefaultValues": { + "AWS::MediaLive::SdiSource.Tags": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", - "title": "StaticValues", - "type": "array" + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeFormatConfiguration": { + "AWS::MediaLive::SignalMap": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", + "Condition": { "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DateTimeHierarchy": { - "additionalProperties": false, - "properties": { - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CloudWatchAlarmTemplateGroupIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A cloudwatch alarm template group's identifier. Can be either be its id or current name.", + "title": "CloudWatchAlarmTemplateGroupIdentifiers", + "type": "array" + }, + "Description": { + "markdownDescription": "A resource's optional description.", + "title": "Description", + "type": "string" + }, + "DiscoveryEntryPointArn": { + "markdownDescription": "A top-level supported Amazon Web Services resource ARN to discover a signal map from.", + "title": "DiscoveryEntryPointArn", + "type": "string" + }, + "EventBridgeRuleTemplateGroupIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "An eventbridge rule template group's identifier. Can be either be its id or current name.", + "title": "EventBridgeRuleTemplateGroupIdentifiers", + "type": "array" + }, + "ForceRediscovery": { + "markdownDescription": "If true, will force a rediscovery of a signal map if an unchanged discoveryEntryPointArn is provided.", + "title": "ForceRediscovery", + "type": "boolean" + }, + "Name": { + "markdownDescription": "A resource's name. Names must be unique within the scope of a resource type in a specific region.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "required": [ + "DiscoveryEntryPointArn", + "Name" + ], + "type": "object" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", + "Type": { + "enum": [ + "AWS::MediaLive::SignalMap" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "HierarchyId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeParameter": { + "AWS::MediaLive::SignalMap.MediaResource": { "additionalProperties": false, "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::MediaLive::SignalMap.MediaResourceNeighbor" + }, + "markdownDescription": "A direct destination neighbor to an Amazon Web Services media resource.", + "title": "Destinations", + "type": "array" + }, "Name": { - "markdownDescription": "A display name for the date-time parameter.", + "markdownDescription": "The logical name of an Amazon Web Services media resource.", "title": "Name", "type": "string" }, - "Values": { + "Sources": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::MediaLive::SignalMap.MediaResourceNeighbor" }, - "markdownDescription": "The values for the date-time parameter.", - "title": "Values", + "markdownDescription": "A direct source neighbor to an Amazon Web Services media resource.", + "title": "Sources", "type": "array" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeParameterDeclaration": { + "AWS::MediaLive::SignalMap.MediaResourceNeighbor": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "Arn": { + "markdownDescription": "The ARN of a resource used in Amazon Web Services media workflows.", + "title": "Arn", + "type": "string" }, "Name": { - "markdownDescription": "The name of the parameter that is being declared.", + "markdownDescription": "The logical name of an Amazon Web Services media resource.", "title": "Name", "type": "string" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, "required": [ - "Name" + "Arn" ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions": { + "AWS::MediaLive::SignalMap.MonitorDeployment": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", + "DetailsUri": { + "markdownDescription": "URI associated with a signal map's monitor deployment.", + "title": "DetailsUri", "type": "string" }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "ErrorMessage": { + "markdownDescription": "Error message associated with a failed monitor deployment of a signal map.", + "title": "ErrorMessage", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Status": { + "markdownDescription": "The signal map monitor deployment status.", + "title": "Status", + "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration": { + "AWS::MediaLive::SignalMap.SuccessfulMonitorDeployment": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "DetailsUri": { + "markdownDescription": "URI associated with a signal map's monitor deployment.", + "title": "DetailsUri", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "Status": { + "markdownDescription": "A signal map's monitor deployment status.", + "title": "Status", "type": "string" } }, + "required": [ + "DetailsUri", + "Status" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalDefaultValues": { + "AWS::MediaPackage::Asset": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Condition": { + "type": "string" }, - "StaticValues": { - "items": { - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EgressEndpoints": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::Asset.EgressEndpoint" + }, + "markdownDescription": "List of playback endpoints that are available for this asset.", + "title": "EgressEndpoints", + "type": "array" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the asset.", + "title": "Id", + "type": "string" + }, + "PackagingGroupId": { + "markdownDescription": "The ID of the packaging group associated with this asset.", + "title": "PackagingGroupId", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "Unique identifier for this asset, as it's configured in the key provider service.", + "title": "ResourceId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The ARN for the source content in Amazon S3.", + "title": "SourceArn", + "type": "string" + }, + "SourceRoleArn": { + "markdownDescription": "The ARN for the IAM role that provides AWS Elemental MediaPackage access to the Amazon S3 bucket where the source content is stored. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "SourceRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the asset.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "required": [ + "Id", + "PackagingGroupId", + "SourceArn", + "SourceRoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::Asset" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalParameter": { + "AWS::MediaPackage::Asset.EgressEndpoint": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the decimal parameter.", - "title": "Name", + "PackagingConfigurationId": { + "markdownDescription": "The ID of a packaging configuration that's applied to this asset.", + "title": "PackagingConfigurationId", "type": "string" }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the decimal parameter.", - "title": "Values", - "type": "array" + "Url": { + "markdownDescription": "The URL that's used to request content from this endpoint.", + "title": "Url", + "type": "string" } }, "required": [ - "Name", - "Values" + "PackagingConfigurationId", + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalParameterDeclaration": { + "AWS::MediaPackage::Channel": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Condition": { + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Any descriptive information that you want to add to the channel for future identification purposes.", + "title": "Description", + "type": "string" + }, + "EgressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", + "markdownDescription": "Configures egress access logs.", + "title": "EgressAccessLogs" + }, + "HlsIngest": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.HlsIngest", + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "HlsIngest" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the channel.", + "title": "Id", + "type": "string" + }, + "IngressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", + "markdownDescription": "Configures ingress access logs.", + "title": "IngressAccessLogs" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the channel.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "required": [ + "Id" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Type": { + "enum": [ + "AWS::MediaPackage::Channel" + ], "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, "required": [ - "Name", - "ParameterValueType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalPlacesConfiguration": { + "AWS::MediaPackage::Channel.HlsIngest": { "additionalProperties": false, "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", - "type": "number" + "ingestEndpoints": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::Channel.IngestEndpoint" + }, + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "ingestEndpoints", + "type": "array" } }, - "required": [ - "DecimalPlaces" - ], "type": "object" }, - "AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration": { + "AWS::MediaPackage::Channel.IngestEndpoint": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" + "Id": { + "markdownDescription": "The endpoint identifier.", + "title": "Id", + "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "Password": { + "markdownDescription": "The system-generated password for WebDAV input authentication.", + "title": "Password", + "type": "string" + }, + "Url": { + "markdownDescription": "The input URL where the source stream should be sent.", + "title": "Url", + "type": "string" + }, + "Username": { + "markdownDescription": "The system-generated username for WebDAV input authentication.", + "title": "Username", "type": "string" } }, + "required": [ + "Id", + "Password", + "Url", + "Username" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions": { + "AWS::MediaPackage::Channel.LogConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", + "LogGroupName": { + "markdownDescription": "Sets a custom Amazon CloudWatch log group name.", + "title": "LogGroupName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterControlConfiguration": { + "AWS::MediaPackage::OriginEndpoint": { "additionalProperties": false, "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" + "Condition": { + "type": "string" }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Authorization": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.Authorization", + "markdownDescription": "Parameters for CDN authorization.", + "title": "Authorization" + }, + "ChannelId": { + "markdownDescription": "The ID of the channel associated with this endpoint.", + "title": "ChannelId", + "type": "string" + }, + "CmafPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafPackage", + "markdownDescription": "Parameters for Common Media Application Format (CMAF) packaging.", + "title": "CmafPackage" + }, + "DashPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashPackage", + "markdownDescription": "Parameters for DASH packaging.", + "title": "DashPackage" + }, + "Description": { + "markdownDescription": "Any descriptive information that you want to add to the endpoint for future identification purposes.", + "title": "Description", + "type": "string" + }, + "HlsPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsPackage", + "markdownDescription": "Parameters for Apple HLS packaging.", + "title": "HlsPackage" + }, + "Id": { + "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", + "title": "Id", + "type": "string" + }, + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint.", + "title": "ManifestName", + "type": "string" + }, + "MssPackage": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssPackage", + "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", + "title": "MssPackage" + }, + "Origination": { + "markdownDescription": "Controls video origination from this endpoint.\n\nValid values:\n\n- `ALLOW` - enables this endpoint to serve content to requesting devices.\n- `DENY` - prevents this endpoint from serving content. Denying origination is helpful for harvesting live-to-VOD assets. For more information about harvesting and origination, see [Live-to-VOD Requirements](https://docs.aws.amazon.com/mediapackage/latest/ug/ltov-reqmts.html) .", + "title": "Origination", + "type": "string" + }, + "StartoverWindowSeconds": { + "markdownDescription": "Maximum duration (seconds) of content to retain for startover playback. Omit this attribute or enter `0` to indicate that startover playback is disabled for this endpoint.", + "title": "StartoverWindowSeconds", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the endpoint.", + "title": "Tags", + "type": "array" + }, + "TimeDelaySeconds": { + "markdownDescription": "Minimum duration (seconds) of delay to enforce on the playback of live content. Omit this attribute or enter `0` to indicate that there is no time delay in effect for this endpoint.", + "title": "TimeDelaySeconds", + "type": "number" + }, + "Whitelist": { + "items": { + "type": "string" + }, + "markdownDescription": "The IP addresses that can access this endpoint.", + "title": "Whitelist", + "type": "array" + } + }, + "required": [ + "ChannelId", + "Id" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::OriginEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ControlOptions", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterControlOptions": { + "AWS::MediaPackage::OriginEndpoint.Authorization": { "additionalProperties": false, "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" - }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" - }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" - }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" - }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" - }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" + "CdnIdentifierSecret": { + "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that your Content Delivery Network (CDN) uses for authorization to access your endpoint.", + "title": "CdnIdentifierSecret", + "type": "string" }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" + "SecretsRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", + "title": "SecretsRoleArn", + "type": "string" } }, + "required": [ + "CdnIdentifierSecret", + "SecretsRoleArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions": { + "AWS::MediaPackage::OriginEndpoint.CmafEncryption": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "ConstantInitializationVector": { + "markdownDescription": "An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then AWS Elemental MediaPackage creates the constant initialization vector (IV).", + "title": "ConstantInitializationVector", + "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "EncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "EncryptionMethod", "type": "string" + }, + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFilterListControlOptions": { + "AWS::MediaPackage::OriginEndpoint.CmafPackage": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "HlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsManifest" + }, + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", + "type": "array" }, - "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source segment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "SegmentPrefix": { + "markdownDescription": "An optional custom string that is prepended to the name of each segment. If not specified, the segment prefix defaults to the ChannelId.", + "title": "SegmentPrefix", "type": "string" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration": { + "AWS::MediaPackage::OriginEndpoint.DashEncryption": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "CanvasSizeOptions" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration": { + "AWS::MediaPackage::OriginEndpoint.DashPackage": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" - } - }, - "required": [ - "CanvasSizeOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" + "AdTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_ADVERTISEMENT` .\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_PLACEMENT_OPPORTUNITY` .\n- `SPLICE_INSERT` .", + "title": "AdTriggers", + "type": "array" }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultNewSheetConfiguration": { - "additionalProperties": false, - "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", + "type": "string" }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", + "IncludeIframeOnlyStream": { + "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "ManifestLayout": { + "markdownDescription": "Determines the position of some tags in the manifest.\n\nValid values:\n\n- `FULL` - Elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` .\n- `COMPACT` - Duplicate elements are combined and presented at the `AdaptationSet` level.", + "title": "ManifestLayout", + "type": "string" + }, + "ManifestWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each manifest.", + "title": "ManifestWindowSeconds", + "type": "number" + }, + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" + }, + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", + "title": "MinUpdatePeriodSeconds", + "type": "number" + }, + "PeriodTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", + "title": "PeriodTriggers", + "type": "array" + }, + "Profile": { + "markdownDescription": "The DASH profile for the output.\n\nValid values:\n\n- `NONE` - The output doesn't use a DASH profile.\n- `HBBTV_1_5` - The output is compliant with HbbTV v1.5.\n- `DVB_DASH_2014` - The output is compliant with DVB-DASH 2014.", + "title": "Profile", + "type": "string" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValid values:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .\n- `NUMBER_WITH_DURATION` - The `$Number$` variable is used in the `media` URL and a `duration` attribute is added to the segment template. The `SegmentTimeline` object is removed from the representation.\n- `TIME_WITH_TIMELINE` - The `$Time$` variable is used in the `media` URL. The value of this variable is the timestamp of when the segment starts. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", + "title": "SegmentTemplateFormat", + "type": "string" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" + }, + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest.", + "title": "SuggestedPresentationDelaySeconds", + "type": "number" + }, + "UtcTiming": { + "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", + "title": "UtcTiming", + "type": "string" + }, + "UtcTimingUri": { + "markdownDescription": "Specifies the value attribute of the UTC timing field when utcTiming is set to HTTP-ISO or HTTP-HEAD.", + "title": "UtcTimingUri", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions": { + "AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration": { "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, + "properties": {}, "type": "object" }, - "AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration": { + "AWS::MediaPackage::OriginEndpoint.HlsEncryption": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks.", + "title": "ConstantInitializationVector", + "type": "string" + }, + "EncryptionMethod": { + "markdownDescription": "HLS encryption type.", + "title": "EncryptionMethod", + "type": "string" + }, + "KeyRotationIntervalSeconds": { + "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", + "title": "KeyRotationIntervalSeconds", + "type": "number" + }, + "RepeatExtXKey": { + "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", + "title": "RepeatExtXKey", + "type": "boolean" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "CanvasSizeOptions" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultSliderControlOptions": { + "AWS::MediaPackage::OriginEndpoint.HlsManifest": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "AdMarkers": { + "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", + "type": "string" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "AdTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", + "title": "AdTriggers", + "type": "array" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", + "type": "string" + }, + "Id": { + "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", + "title": "Id", + "type": "string" + }, + "IncludeIframeOnlyStream": { + "markdownDescription": "Applies to stream sets with a single video track only. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint. The manifestName on the HLSManifest object overrides the manifestName that you provided on the originEndpoint object.", + "title": "ManifestName", + "type": "string" + }, + "PlaylistType": { + "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", + "title": "PlaylistType", + "type": "string" + }, + "PlaylistWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each parent manifest.", + "title": "PlaylistWindowSeconds", "type": "number" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", "type": "number" }, - "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "Url": { + "markdownDescription": "The URL that's used to request this manifest from this endpoint.", + "title": "Url", "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" + "Id" ], "type": "object" }, - "AWS::QuickSight::Analysis.DefaultTextAreaControlOptions": { + "AWS::MediaPackage::OriginEndpoint.HlsPackage": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "AdMarkers": { + "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DefaultTextFieldControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.DestinationParameterValueConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" + "AdTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", + "title": "AdTriggers", + "type": "array" }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", + "AdsOnDeliveryRestrictions": { + "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", + "title": "AdsOnDeliveryRestrictions", "type": "string" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", - "type": "string" + "IncludeDvbSubtitles": { + "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", + "title": "IncludeDvbSubtitles", + "type": "boolean" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", + "IncludeIframeOnlyStream": { + "markdownDescription": "Only applies to stream sets with a single video track. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "PlaylistType": { + "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", + "title": "PlaylistType", "type": "string" + }, + "PlaylistWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each parent manifest.", + "title": "PlaylistWindowSeconds", + "type": "number" + }, + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" + }, + "UseAudioRenditionGroup": { + "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", + "title": "UseAudioRenditionGroup", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DimensionField": { + "AWS::MediaPackage::OriginEndpoint.MssEncryption": { "additionalProperties": false, "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" - }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" - }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DonutCenterOptions": { + "AWS::MediaPackage::OriginEndpoint.MssPackage": { "additionalProperties": false, "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", - "type": "string" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "ManifestWindowSeconds": { + "markdownDescription": "Time window (in seconds) contained in each manifest.", + "title": "ManifestWindowSeconds", + "type": "number" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DonutOptions": { + "AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption.", + "title": "CertificateArn", + "type": "string" }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration", + "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", + "title": "EncryptionContractConfiguration" + }, + "ResourceId": { + "markdownDescription": "Unique identifier for this endpoint, as it is configured in the key provider service.", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. This role must have a trust policy that allows AWS Elemental MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "RoleArn", + "type": "string" + }, + "SystemIds": { + "items": { + "type": "string" + }, + "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", + "title": "SystemIds", + "type": "array" + }, + "Url": { + "markdownDescription": "URL for the key provider\u2019s key retrieval API endpoint. Must start with https://.", + "title": "Url", + "type": "string" } }, + "required": [ + "ResourceId", + "RoleArn", + "SystemIds", + "Url" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DrillDownFilter": { + "AWS::MediaPackage::OriginEndpoint.StreamSelection": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" + "MaxVideoBitsPerSecond": { + "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", + "title": "MaxVideoBitsPerSecond", + "type": "number" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" + "MinVideoBitsPerSecond": { + "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", + "title": "MinVideoBitsPerSecond", + "type": "number" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" + "StreamOrder": { + "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", + "title": "StreamOrder", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.DropDownControlDisplayOptions": { + "AWS::MediaPackage::PackagingConfiguration": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Condition": { + "type": "string" }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CmafPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafPackage", + "markdownDescription": "Parameters for CMAF packaging.", + "title": "CmafPackage" + }, + "DashPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashPackage", + "markdownDescription": "Parameters for DASH-ISO packaging.", + "title": "DashPackage" + }, + "HlsPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsPackage", + "markdownDescription": "Parameters for Apple HLS packaging.", + "title": "HlsPackage" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the packaging configuration.", + "title": "Id", + "type": "string" + }, + "MssPackage": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssPackage", + "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", + "title": "MssPackage" + }, + "PackagingGroupId": { + "markdownDescription": "The ID of the packaging group associated with this packaging configuration.", + "title": "PackagingGroupId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the packaging configuration.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id", + "PackagingGroupId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::PackagingConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.DynamicDefaultValue": { + "AWS::MediaPackage::PackagingConfiguration.CmafEncryption": { "additionalProperties": false, "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" - }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" - }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, "required": [ - "DefaultValueColumn" + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.EmptyVisual": { + "AWS::MediaPackage::PackagingConfiguration.CmafPackage": { "additionalProperties": false, "properties": { - "Actions": { + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "HlsManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", "type": "array" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", - "title": "DataSetIdentifier", - "type": "string" + "IncludeEncoderConfigurationInSegments": { + "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", + "title": "IncludeEncoderConfigurationInSegments", + "type": "boolean" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "HlsManifests" ], "type": "object" }, - "AWS::QuickSight::Analysis.Entity": { + "AWS::MediaPackage::PackagingConfiguration.DashEncryption": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", - "type": "string" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ExcludePeriodConfiguration": { + "AWS::MediaPackage::PackagingConfiguration.DashManifest": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", + "ManifestLayout": { + "markdownDescription": "Determines the position of some tags in the Media Presentation Description (MPD). When set to `FULL` , elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` . When set to `COMPACT` , duplicate elements are combined and presented at the AdaptationSet level.", + "title": "ManifestLayout", + "type": "string" + }, + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", + "type": "string" + }, + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", "type": "number" }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", + "Profile": { + "markdownDescription": "The DASH profile type. When set to `HBBTV_1_5` , the content is compliant with HbbTV 1.5.", + "title": "Profile", "type": "string" }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", + "ScteMarkersSource": { + "markdownDescription": "The source of scte markers used.\n\nValue description:\n\n- `SEGMENTS` - The scte markers are sourced from the segments of the ingested content.\n- `MANIFEST` - the scte markers are sourced from the manifest of the ingested content. The MANIFEST value is compatible with source HLS playlists using the SCTE-35 Enhanced syntax ( `EXT-OATCLS-SCTE35` tags). SCTE-35 Elemental and SCTE-35 Daterange syntaxes are not supported with this option.", + "title": "ScteMarkersSource", "type": "string" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", + "title": "StreamSelection" } }, - "required": [ - "Amount", - "Granularity" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ExplicitHierarchy": { + "AWS::MediaPackage::PackagingConfiguration.DashPackage": { "additionalProperties": false, "properties": { - "Columns": { + "DashManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashManifest" }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", + "markdownDescription": "A list of DASH manifest configurations that are available from this endpoint.", + "title": "DashManifests", "type": "array" }, - "DrillDownFilters": { + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" + }, + "IncludeEncoderConfigurationInSegments": { + "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", + "title": "IncludeEncoderConfigurationInSegments", + "type": "boolean" + }, + "IncludeIframeOnlyStream": { + "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "PeriodTriggers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + "type": "string" }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", + "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", + "title": "PeriodTriggers", "type": "array" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to `NUMBER_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to `TIME_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to `NUMBER_WITH_DURATION` , only a duration is included in each SegmentTemplate, with $Number$ media URLs.", + "title": "SegmentTemplateFormat", "type": "string" } }, "required": [ - "Columns", - "HierarchyId" + "DashManifests" ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldBasedTooltip": { + "AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration": { "additionalProperties": false, "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", + "PresetSpeke20Audio": { + "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", + "title": "PresetSpeke20Audio", "type": "string" }, - "TooltipFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipItem" - }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", - "type": "array" - }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", + "PresetSpeke20Video": { + "markdownDescription": "A collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", + "title": "PresetSpeke20Video", "type": "string" } }, + "required": [ + "PresetSpeke20Audio", + "PresetSpeke20Video" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldLabelType": { + "AWS::MediaPackage::PackagingConfiguration.HlsEncryption": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks. If you don't specify a constant initialization vector (IV), AWS Elemental MediaPackage periodically rotates the IV.", + "title": "ConstantInitializationVector", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the field label.", - "title": "Visibility", + "EncryptionMethod": { + "markdownDescription": "HLS encryption type.", + "title": "EncryptionMethod", "type": "string" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldSeriesItem": { + "AWS::MediaPackage::PackagingConfiguration.HlsManifest": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "AdMarkers": { + "markdownDescription": "This setting controls ad markers in the packaged content.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", + "title": "AdMarkers", "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", + "IncludeIframeOnlyStream": { + "markdownDescription": "Applies to stream sets with a single video track only. When enabled, the output includes an additional I-frame only stream, along with the other tracks.", + "title": "IncludeIframeOnlyStream", + "type": "boolean" + }, + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" + }, + "RepeatExtXKey": { + "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", + "title": "RepeatExtXKey", + "type": "boolean" + }, + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", + "title": "StreamSelection" } }, - "required": [ - "AxisBinding", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldSort": { + "AWS::MediaPackage::PackagingConfiguration.HlsPackage": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", - "type": "string" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "FieldId": { - "markdownDescription": "The sort configuration target field.", - "title": "FieldId", - "type": "string" + "HlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" + }, + "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", + "title": "HlsManifests", + "type": "array" + }, + "IncludeDvbSubtitles": { + "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", + "title": "IncludeDvbSubtitles", + "type": "boolean" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "UseAudioRenditionGroup": { + "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", + "title": "UseAudioRenditionGroup", + "type": "boolean" } }, "required": [ - "Direction", - "FieldId" + "HlsManifests" ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldSortOptions": { + "AWS::MediaPackage::PackagingConfiguration.MssEncryption": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" - }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", + "markdownDescription": "Parameters for the SPEKE key provider.", + "title": "SpekeKeyProvider" } }, + "required": [ + "SpekeKeyProvider" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FieldTooltipItem": { + "AWS::MediaPackage::PackagingConfiguration.MssManifest": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", - "title": "FieldId", - "type": "string" - }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "ManifestName": { + "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", + "title": "ManifestName", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", - "type": "string" + "StreamSelection": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", + "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", + "title": "StreamSelection" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells": { + "AWS::MediaPackage::PackagingConfiguration.MssPackage": { "additionalProperties": false, "properties": { - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", - "type": "array" + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssEncryption", + "markdownDescription": "Parameters for encrypting content.", + "title": "Encryption" }, - "Values": { + "MssManifests": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssManifest" }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", - "title": "Values", + "markdownDescription": "A list of Microsoft Smooth manifest configurations that are available from this endpoint.", + "title": "MssManifests", "type": "array" + }, + "SegmentDurationSeconds": { + "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", + "title": "SegmentDurationSeconds", + "type": "number" } }, + "required": [ + "MssManifests" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapConditionalFormatting": { + "AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration", + "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", + "title": "EncryptionContractConfiguration" + }, + "RoleArn": { + "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name}", + "title": "RoleArn", + "type": "string" + }, + "SystemIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption" + "type": "string" }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", + "title": "SystemIds", "type": "array" + }, + "Url": { + "markdownDescription": "URL for the key provider's key retrieval API endpoint. Must start with https://.", + "title": "Url", + "type": "string" } }, "required": [ - "ConditionalFormattingOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" - } - }, - "required": [ - "Shape" + "RoleArn", + "SystemIds", + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapConfiguration": { + "AWS::MediaPackage::PackagingConfiguration.StreamSelection": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" + "MaxVideoBitsPerSecond": { + "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", + "title": "MaxVideoBitsPerSecond", + "type": "number" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "MinVideoBitsPerSecond": { + "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", + "title": "MinVideoBitsPerSecond", + "type": "number" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FilledMapFieldWells": { - "additionalProperties": false, - "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" + "StreamOrder": { + "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", + "title": "StreamOrder", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting": { + "AWS::MediaPackage::PackagingGroup": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", - "title": "FieldId", + "Condition": { "type": "string" }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" - } - }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Authorization": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.Authorization", + "markdownDescription": "Parameters for CDN authorization.", + "title": "Authorization" + }, + "EgressAccessLogs": { + "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.LogConfiguration", + "markdownDescription": "The configuration parameters for egress access logging.", + "title": "EgressAccessLogs" + }, + "Id": { + "markdownDescription": "Unique identifier that you assign to the packaging group.", + "title": "Id", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the packaging group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaPackage::PackagingGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapSortConfiguration": { + "AWS::MediaPackage::PackagingGroup.Authorization": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the location fields.", - "title": "CategorySort", - "type": "array" + "CdnIdentifierSecret": { + "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization.", + "title": "CdnIdentifierSecret", + "type": "string" + }, + "SecretsRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", + "title": "SecretsRoleArn", + "type": "string" + } + }, + "required": [ + "CdnIdentifierSecret", + "SecretsRoleArn" + ], + "type": "object" + }, + "AWS::MediaPackage::PackagingGroup.LogConfiguration": { + "additionalProperties": false, + "properties": { + "LogGroupName": { + "markdownDescription": "Sets a custom Amazon CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/EgressAccessLogs.", + "title": "LogGroupName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilledMapVisual": { + "AWS::MediaPackageV2::Channel": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the channel configuration.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the channel.", + "title": "Description", + "type": "string" + }, + "InputSwitchConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::Channel.InputSwitchConfiguration", + "markdownDescription": "The configuration for input switching based on the media quality confidence score (MQCS) as provided from AWS Elemental MediaLive.", + "title": "InputSwitchConfiguration" + }, + "InputType": { + "markdownDescription": "The input type will be an immutable field which will be used to define whether the channel will allow CMAF ingest or HLS ingest. If unprovided, it will default to HLS to preserve current behavior.\n\nThe allowed values are:\n\n- `HLS` - The HLS streaming specification (which defines M3U8 manifests and TS segments).\n- `CMAF` - The DASH-IF CMAF Ingest specification (which defines CMAF segments with optional DASH manifests).", + "title": "InputType", + "type": "string" + }, + "OutputHeaderConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::Channel.OutputHeaderConfiguration", + "markdownDescription": "The settings for what common media server data (CMSD) headers AWS Elemental MediaPackage includes in responses to the CDN.", + "title": "OutputHeaderConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::MediaPackageV2::Channel" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.Filter": { + "AWS::MediaPackageV2::Channel.IngestEndpoint": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" - }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" - }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" - }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" + "Id": { + "markdownDescription": "The identifier associated with the ingest endpoint of the channel.", + "title": "Id", + "type": "string" }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" + "Url": { + "markdownDescription": "The URL associated with the ingest endpoint of the channel.", + "title": "Url", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilterControl": { + "AWS::MediaPackageV2::Channel.InputSwitchConfiguration": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", - "title": "List" - }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" - }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" - }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" - }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "MQCSInputSwitching": { + "markdownDescription": "When true, AWS Elemental MediaPackage performs input switching based on the MQCS. Default is true. This setting is valid only when `InputType` is `CMAF` .", + "title": "MQCSInputSwitching", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilterCrossSheetControl": { + "AWS::MediaPackageV2::Channel.OutputHeaderConfiguration": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", - "type": "string" + "PublishMQCS": { + "markdownDescription": "When true, AWS Elemental MediaPackage includes the MQCS in responses to the CDN. This setting is valid only when `InputType` is `CMAF` .", + "title": "PublishMQCS", + "type": "boolean" } }, - "required": [ - "FilterControlId", - "SourceFilterId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterDateTimePickerControl": { + "AWS::MediaPackageV2::ChannelGroup": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", + "Condition": { "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", - "title": "Title", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group.", + "title": "ChannelGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "The configuration for a MediaPackage V2 channel group.", + "title": "Description", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the channel group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ChannelGroupName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::MediaPackageV2::ChannelGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterDropDownControl": { + "AWS::MediaPackageV2::ChannelPolicy": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the channel policy.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The name of the channel associated with the channel policy.", + "title": "ChannelName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The policy associated with the channel.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName", + "Policy" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::MediaPackageV2::ChannelPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterGroup": { + "AWS::MediaPackageV2::OriginEndpoint": { "additionalProperties": false, "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", + "Condition": { "type": "string" }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Filter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the origin endpoint configuration.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The channel name associated with the origin endpoint.", + "title": "ChannelName", + "type": "string" + }, + "ContainerType": { + "markdownDescription": "The container type associated with the origin endpoint configuration.", + "title": "ContainerType", + "type": "string" + }, + "DashManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashManifestConfiguration" + }, + "markdownDescription": "A DASH manifest configuration.", + "title": "DashManifests", + "type": "array" + }, + "Description": { + "markdownDescription": "The description associated with the origin endpoint.", + "title": "Description", + "type": "string" + }, + "ForceEndpointErrorConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ForceEndpointErrorConfiguration", + "markdownDescription": "The failover settings for the endpoint.", + "title": "ForceEndpointErrorConfiguration" + }, + "HlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration" + }, + "markdownDescription": "The HLS manifests associated with the origin endpoint configuration.", + "title": "HlsManifests", + "type": "array" + }, + "LowLatencyHlsManifests": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration" + }, + "markdownDescription": "The low-latency HLS (LL-HLS) manifests associated with the origin endpoint.", + "title": "LowLatencyHlsManifests", + "type": "array" + }, + "OriginEndpointName": { + "markdownDescription": "The name of the origin endpoint associated with the origin endpoint configuration.", + "title": "OriginEndpointName", + "type": "string" + }, + "Segment": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Segment", + "markdownDescription": "The segment associated with the origin endpoint.", + "title": "Segment" + }, + "StartoverWindowSeconds": { + "markdownDescription": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", + "title": "StartoverWindowSeconds", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the origin endpoint.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", - "type": "array" + "required": [ + "ChannelGroupName", + "ChannelName", + "ContainerType", + "OriginEndpointName" + ], + "type": "object" }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" + "Type": { + "enum": [ + "AWS::MediaPackageV2::OriginEndpoint" + ], + "type": "string" }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterListConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashBaseUrl": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" + "DvbPriority": { + "markdownDescription": "For use with DVB-DASH profiles only. The priority of this location for servings segments. The lower the number, the higher the priority.", + "title": "DvbPriority", + "type": "number" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "DvbWeight": { + "markdownDescription": "For use with DVB-DASH profiles only. The weighting for source locations that have the same priority.", + "title": "DvbWeight", + "type": "number" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "ServiceLocation": { + "markdownDescription": "The name of the source location.", + "title": "ServiceLocation", "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "Url": { + "markdownDescription": "A source location for segments.", + "title": "Url", "type": "string" } }, "required": [ - "MatchOperator" + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterListControl": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbFontDownload": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", + "FontFamily": { + "markdownDescription": "The `fontFamily` name for subtitles, as described in [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) .", + "title": "FontFamily", "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", + "MimeType": { + "markdownDescription": "The `mimeType` of the resource that's at the font download URL.\n\nFor information about font MIME types, see the [MPEG-DASH Profile for Transport of ISO BMFF Based DVB Services over IP Based Networks](https://docs.aws.amazon.com/https://dvb.org/wp-content/uploads/2021/06/A168r4_MPEG-DASH-Profile-for-Transport-of-ISO-BMFF-Based-DVB-Services_Draft-ts_103-285-v140_November_2021.pdf) document.", + "title": "MimeType", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterListControl` .", - "title": "Title", + "Url": { + "markdownDescription": "The URL for downloading fonts for subtitles.", + "title": "Url", "type": "string" + } + }, + "type": "object" + }, + "AWS::MediaPackageV2::OriginEndpoint.DashDvbMetricsReporting": { + "additionalProperties": false, + "properties": { + "Probability": { + "markdownDescription": "The number of playback devices per 1000 that will send error reports to the reporting URL. This represents the probability that a playback device will be a reporting player for this session.", + "title": "Probability", + "type": "number" }, - "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "ReportingUrl": { + "markdownDescription": "The URL where playback devices send error reports.", + "title": "ReportingUrl", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "ReportingUrl" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashDvbSettings": { "additionalProperties": false, "properties": { - "SelectedColumns": { + "ErrorMetrics": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbMetricsReporting" }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", + "markdownDescription": "Playback device error reporting settings.", + "title": "ErrorMetrics", "type": "array" }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", - "type": "string" - }, - "SelectedFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", - "type": "array" + "FontDownload": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbFontDownload", + "markdownDescription": "Subtitle font settings.", + "title": "FontDownload" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashManifestConfiguration": { "additionalProperties": false, "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" + "BaseUrls": { + "items": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashBaseUrl" + }, + "markdownDescription": "The base URLs to use for retrieving segments.", + "title": "BaseUrls", + "type": "array" + }, + "Compactness": { + "markdownDescription": "The layout of the DASH manifest that MediaPackage produces. `STANDARD` indicates a default manifest, which is compacted. `NONE` indicates a full manifest.\n\nFor information about compactness, see [DASH manifest compactness](https://docs.aws.amazon.com/mediapackage/latest/userguide/compacted.html) in the *AWS Elemental MediaPackage v2 User Guide* .", + "title": "Compactness", + "type": "string" + }, + "DrmSignaling": { + "markdownDescription": "Determines how the DASH manifest signals the DRM content.", + "title": "DrmSignaling", + "type": "string" + }, + "DvbSettings": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashDvbSettings", + "markdownDescription": "For endpoints that use the DVB-DASH profile only. The font download and error reporting information that you want MediaPackage to pass through to the manifest.", + "title": "DvbSettings" + }, + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" + }, + "ManifestName": { + "markdownDescription": "A short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint.", + "title": "ManifestName", + "type": "string" + }, + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of the manifest's content.", + "title": "ManifestWindowSeconds", + "type": "number" + }, + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (in seconds) that a player must keep available in the buffer.", + "title": "MinBufferTimeSeconds", + "type": "number" + }, + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", + "title": "MinUpdatePeriodSeconds", + "type": "number" + }, + "PeriodTriggers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of triggers that controls when AWS Elemental MediaPackage separates the MPEG-DASH manifest into multiple periods. Type `ADS` to indicate that AWS Elemental MediaPackage must create periods in the output manifest that correspond to SCTE-35 ad markers in the input source. Leave this value empty to indicate that the manifest is contained all in one period. For more information about periods in the DASH manifest, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/userguide/multi-period.html) .", + "title": "PeriodTriggers", + "type": "array" + }, + "Profiles": { + "items": { + "type": "string" + }, + "markdownDescription": "The profile that the output is compliant with.", + "title": "Profiles", + "type": "array" + }, + "ProgramInformation": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashProgramInformation", + "markdownDescription": "Details about the content that you want MediaPackage to pass through in the manifest to the playback device.", + "title": "ProgramInformation" + }, + "ScteDash": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteDash", + "markdownDescription": "The SCTE configuration.", + "title": "ScteDash" + }, + "SegmentTemplateFormat": { + "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValue description:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", + "title": "SegmentTemplateFormat", + "type": "string" + }, + "SubtitleConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashSubtitleConfiguration", + "markdownDescription": "The configuration for DASH subtitles.", + "title": "SubtitleConfiguration" + }, + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "The amount of time (in seconds) that the player should be from the end of the manifest.", + "title": "SuggestedPresentationDelaySeconds", + "type": "number" + }, + "UtcTiming": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashUtcTiming", + "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", + "title": "UtcTiming" } }, + "required": [ + "ManifestName" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterRelativeDateTimeControl": { + "AWS::MediaPackageV2::OriginEndpoint.DashProgramInformation": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Copyright": { + "markdownDescription": "A copyright statement about the content.", + "title": "Copyright", + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "LanguageCode": { + "markdownDescription": "The language code for this manifest.", + "title": "LanguageCode", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "MoreInformationUrl": { + "markdownDescription": "An absolute URL that contains more information about this content.", + "title": "MoreInformationUrl", + "type": "string" + }, + "Source": { + "markdownDescription": "Information about the content provider.", + "title": "Source", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", + "markdownDescription": "The title for the manifest.", "title": "Title", "type": "string" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterScopeConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.DashSubtitleConfiguration": { "additionalProperties": false, "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" - }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" + "TtmlConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.DashTtmlConfiguration", + "markdownDescription": "Settings for TTML subtitles.", + "title": "TtmlConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FilterSelectableValues": { + "AWS::MediaPackageV2::OriginEndpoint.DashTtmlConfiguration": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", - "title": "Values", - "type": "array" + "TtmlProfile": { + "markdownDescription": "The profile that MediaPackage uses when signaling subtitles in the manifest. `IMSC` is the default profile. `EBU-TT-D` produces subtitles that are compliant with the EBU-TT-D TTML profile. MediaPackage passes through subtitle styles to the manifest. For more information about EBU-TT-D subtitles, see [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) .", + "title": "TtmlProfile", + "type": "string" } }, + "required": [ + "TtmlProfile" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterSliderControl": { + "AWS::MediaPackageV2::OriginEndpoint.DashUtcTiming": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", - "type": "string" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", - "type": "string" - }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" - }, - "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", - "title": "Title", + "TimingMode": { + "markdownDescription": "The UTC timing mode.", + "title": "TimingMode", "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "TimingSource": { + "markdownDescription": "The the method that the player uses to synchronize to coordinated universal time (UTC) wall clock time.", + "title": "TimingSource", "type": "string" } }, - "required": [ - "FilterControlId", - "MaximumValue", - "MinimumValue", - "SourceFilterId", - "StepSize", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterTextAreaControl": { + "AWS::MediaPackageV2::OriginEndpoint.Encryption": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "ConstantInitializationVector": { + "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).", + "title": "ConstantInitializationVector", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", - "type": "string" + "EncryptionMethod": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod", + "markdownDescription": "The encryption method to use.", + "title": "EncryptionMethod" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", - "type": "string" + "KeyRotationIntervalSeconds": { + "markdownDescription": "The interval, in seconds, to rotate encryption keys for the origin endpoint.", + "title": "KeyRotationIntervalSeconds", + "type": "number" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", - "type": "string" + "SpekeKeyProvider": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider", + "markdownDescription": "The SPEKE key provider to use for encryption.", + "title": "SpekeKeyProvider" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "EncryptionMethod", + "SpekeKeyProvider" ], "type": "object" }, - "AWS::QuickSight::Analysis.FilterTextFieldControl": { + "AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", + "PresetSpeke20Audio": { + "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", + "title": "PresetSpeke20Audio", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", - "title": "Title", + "PresetSpeke20Video": { + "markdownDescription": "The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint.\n\nA collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", + "title": "PresetSpeke20Video", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "PresetSpeke20Audio", + "PresetSpeke20Video" ], "type": "object" }, - "AWS::QuickSight::Analysis.FontConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", - "type": "string" - }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", + "CmafEncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "CmafEncryptionMethod", "type": "string" }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" - }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", + "TsEncryptionMethod": { + "markdownDescription": "The encryption method to use.", + "title": "TsEncryptionMethod", "type": "string" - }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FontSize": { + "AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration": { "additionalProperties": false, "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", + "ClipStartTime": { + "markdownDescription": "Optionally specify the clip start time for all of your manifest egress requests. When you include clip start time, note that you cannot use clip start time query parameters for this manifest's endpoint URL.", + "title": "ClipStartTime", + "type": "string" + }, + "End": { + "markdownDescription": "Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.", + "title": "End", + "type": "string" + }, + "ManifestFilter": { + "markdownDescription": "Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.", + "title": "ManifestFilter", + "type": "string" + }, + "Start": { + "markdownDescription": "Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.", + "title": "Start", "type": "string" + }, + "TimeDelaySeconds": { + "markdownDescription": "Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.", + "title": "TimeDelaySeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FontWeight": { + "AWS::MediaPackageV2::OriginEndpoint.ForceEndpointErrorConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", - "title": "Name", - "type": "string" + "EndpointErrorConditions": { + "items": { + "type": "string" + }, + "markdownDescription": "The failover conditions for the endpoint. The options are:\n\n- `STALE_MANIFEST` - The manifest stalled and there are no new segments or parts.\n- `INCOMPLETE_MANIFEST` - There is a gap in the manifest.\n- `MISSING_DRM_KEY` - Key rotation is enabled but we're unable to fetch the key for the current key period.\n- `SLATE_INPUT` - The segments which contain slate content are considered to be missing content.", + "title": "EndpointErrorConditions", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ForecastComputation": { + "AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "ChildManifestName": { + "markdownDescription": "The name of the child manifest associated with the HLS manifest configuration.", + "title": "ChildManifestName", "type": "string" }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" - }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "ManifestName": { + "markdownDescription": "The name of the manifest associated with the HLS manifest configuration.", + "title": "ManifestName", "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", + "ManifestWindowSeconds": { + "markdownDescription": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", + "title": "ManifestWindowSeconds", "type": "number" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", + "title": "ProgramDateTimeIntervalSeconds", "type": "number" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", - "type": "string" + "ScteHls": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", + "markdownDescription": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", + "title": "ScteHls" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "StartTag": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.StartTag", + "markdownDescription": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", + "title": "StartTag" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "Url": { + "markdownDescription": "The URL of the HLS manifest configuration.", + "title": "Url", + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UrlEncodeChildManifest": { + "markdownDescription": "When enabled, MediaPackage URL-encodes the query string for API requests for HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* .", + "title": "UrlEncodeChildManifest", + "type": "boolean" } }, "required": [ - "ComputationId" + "ManifestName" ], "type": "object" }, - "AWS::QuickSight::Analysis.ForecastConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration": { "additionalProperties": false, "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" + "ChildManifestName": { + "markdownDescription": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "ChildManifestName", + "type": "string" }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ForecastScenario": { - "additionalProperties": false, - "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" + "FilterConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", + "markdownDescription": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.", + "title": "FilterConfiguration" }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FormatConfiguration": { - "additionalProperties": false, - "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" + "ManifestName": { + "markdownDescription": "A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", + "title": "ManifestName", + "type": "string" }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of the manifest's content.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FreeFormLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "ProgramDateTimeIntervalSeconds": { + "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", + "title": "ProgramDateTimeIntervalSeconds", + "type": "number" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", - "type": "array" + "ScteHls": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", + "markdownDescription": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "ScteHls" + }, + "StartTag": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.StartTag", + "markdownDescription": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.", + "title": "StartTag" + }, + "Url": { + "markdownDescription": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", + "title": "Url", + "type": "string" + }, + "UrlEncodeChildManifest": { + "markdownDescription": "When enabled, MediaPackage URL-encodes the query string for API requests for LL-HLS child manifests to comply with AWS Signature Version 4 (SigV4) signature signing protocol. For more information, see [AWS Signature Version 4 for API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html) in *AWS Identity and Access Management User Guide* .", + "title": "UrlEncodeChildManifest", + "type": "boolean" } }, "required": [ - "Elements" + "ManifestName" ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElement": { + "AWS::MediaPackageV2::OriginEndpoint.Scte": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" - }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", - "type": "string" - }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" - }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", - "type": "string" - }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" - }, - "RenderingRules": { + "ScteFilter": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementRenderingRule" + "type": "string" }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", + "markdownDescription": "The filter associated with the SCTE-35 configuration.", + "title": "ScteFilter", "type": "array" - }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" - }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", - "type": "string" - }, - "Width": { - "markdownDescription": "The width of an element within a free-form layout.", - "title": "Width", - "type": "string" - }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", - "type": "string" - }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", - "type": "string" } }, - "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle": { + "AWS::MediaPackageV2::OriginEndpoint.ScteDash": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", + "AdMarkerDash": { + "markdownDescription": "Choose how ad markers are included in the packaged content. If you include ad markers in the content stream in your upstream encoders, then you need to inform MediaPackage what to do with the ad markers in the output.\n\nValue description:\n\n- `Binary` - The SCTE-35 marker is expressed as a hex-string (Base64 string) rather than full XML.\n- `XML` - The SCTE marker is expressed fully in XML.", + "title": "AdMarkerDash", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle": { + "AWS::MediaPackageV2::OriginEndpoint.ScteHls": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", + "AdMarkerHls": { + "markdownDescription": "The SCTE-35 HLS ad-marker configuration.", + "title": "AdMarkerHls", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions": { + "AWS::MediaPackageV2::OriginEndpoint.Segment": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "Encryption": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Encryption", + "markdownDescription": "Whether to use encryption for the segment.", + "title": "Encryption" + }, + "IncludeIframeOnlyStreams": { + "markdownDescription": "Whether the segment includes I-frame-only streams.", + "title": "IncludeIframeOnlyStreams", + "type": "boolean" + }, + "Scte": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Scte", + "markdownDescription": "The SCTE-35 configuration associated with the segment.", + "title": "Scte" + }, + "SegmentDurationSeconds": { + "markdownDescription": "The duration of the segment, in seconds.", + "title": "SegmentDurationSeconds", + "type": "number" + }, + "SegmentName": { + "markdownDescription": "The name of the segment associated with the origin endpoint.", + "title": "SegmentName", "type": "string" + }, + "TsIncludeDvbSubtitles": { + "markdownDescription": "Whether the segment includes DVB subtitles.", + "title": "TsIncludeDvbSubtitles", + "type": "boolean" + }, + "TsUseAudioRenditionGroup": { + "markdownDescription": "Whether the segment is an audio rendition group.", + "title": "TsUseAudioRenditionGroup", + "type": "boolean" } }, - "required": [ - "OptimizedViewPortWidth" - ], "type": "object" }, - "AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration": { + "AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider": { "additionalProperties": false, "properties": { - "Elements": { + "DrmSystems": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" + "type": "string" }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", + "markdownDescription": "The DRM solution provider you're using to protect your content during distribution.", + "title": "DrmSystems", "type": "array" + }, + "EncryptionContractConfiguration": { + "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration", + "markdownDescription": "The encryption contract configuration associated with the SPEKE key provider.", + "title": "EncryptionContractConfiguration" + }, + "ResourceId": { + "markdownDescription": "The unique identifier for the content. The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.\n\nThe following example shows a resource ID: `MovieNight20171126093045`", + "title": "ResourceId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.\n\nValid format: `arn:aws:iam::{accountID}:role/{name}` . The following example shows a role ARN: `arn:aws:iam::444455556666:role/SpekeAccess`", + "title": "RoleArn", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL of the SPEKE key provider.", + "title": "Url", + "type": "string" } }, "required": [ - "Elements" + "DrmSystems", + "EncryptionContractConfiguration", + "ResourceId", + "RoleArn", + "Url" ], "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells": { + "AWS::MediaPackageV2::OriginEndpoint.StartTag": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" + "Precise": { + "markdownDescription": "Specify the value for PRECISE within your EXT-X-START tag. Leave blank, or choose false, to use the default value NO. Choose yes to use the value YES.", + "title": "Precise", + "type": "boolean" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "TimeOffset": { + "markdownDescription": "Specify the value for TIME-OFFSET within your EXT-X-START tag. Enter a signed floating point value which, if positive, must be less than the configured manifest duration minus three times the configured segment target duration. If negative, the absolute value must be larger than three times the configured segment target duration, and the absolute value must be smaller than the configured manifest duration.", + "title": "TimeOffset", + "type": "number" } }, + "required": [ + "TimeOffset" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartConfiguration": { + "AWS::MediaPackageV2::OriginEndpointPolicy": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", - "title": "CategoryLabelOptions" + "Condition": { + "type": "string" }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FieldWells" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelGroupName": { + "markdownDescription": "The name of the channel group associated with the origin endpoint policy.", + "title": "ChannelGroupName", + "type": "string" + }, + "ChannelName": { + "markdownDescription": "The channel name associated with the origin endpoint policy.", + "title": "ChannelName", + "type": "string" + }, + "OriginEndpointName": { + "markdownDescription": "The name of the origin endpoint associated with the origin endpoint policy.", + "title": "OriginEndpointName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The policy associated with the origin endpoint.", + "title": "Policy", + "type": "object" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName", + "OriginEndpointName", + "Policy" + ], + "type": "object" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", - "title": "ValueLabelOptions" + "Type": { + "enum": [ + "AWS::MediaPackageV2::OriginEndpointPolicy" + ], + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", - "title": "VisualPalette" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartDataLabelOptions": { + "AWS::MediaStore::Container": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", + "Condition": { "type": "string" }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", - "type": "string" + "Metadata": { + "type": "object" }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLoggingEnabled": { + "markdownDescription": "The state of access logging on the container. This value is `false` by default, indicating that AWS Elemental MediaStore does not send access logs to Amazon CloudWatch Logs. When you enable access logging on the container, MediaStore changes this value to `true` , indicating that the service delivers access logs for objects stored in that container to CloudWatch Logs.", + "title": "AccessLoggingEnabled", + "type": "boolean" + }, + "ContainerName": { + "markdownDescription": "The name for the container. The name must be from 1 to 255 characters. Container names must be unique to your AWS account within a specific region. As an example, you could create a container named `movies` in every region, as long as you don\u2019t have an existing container with that name.", + "title": "ContainerName", + "type": "string" + }, + "CorsPolicy": { + "items": { + "$ref": "#/definitions/AWS::MediaStore::Container.CorsRule" + }, + "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nSets the cross-origin resource sharing (CORS) configuration on a container so that the container can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com to access your AWS Elemental MediaStore container at my.example.container.com by using the browser's XMLHttpRequest capability.\n\nTo enable CORS on a container, you attach a CORS policy to the container. In the CORS policy, you configure rules that identify origins and the HTTP methods that can be executed on your container. The policy can contain up to 398,000 characters. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.\n\nTo learn more about CORS, see [Cross-Origin Resource Sharing (CORS) in AWS Elemental MediaStore](https://docs.aws.amazon.com/mediastore/latest/ug/cors-policy.html) .", + "title": "CorsPolicy", + "type": "array" + }, + "LifecyclePolicy": { + "markdownDescription": "> End of support notice: On November 13, 2025, AWS will discontinue support for AWS Elemental MediaStore. After November 13, 2025, you will no longer be able to access the AWS Elemental MediaStore console or AWS Elemental MediaStore resources. For more information, visit this [blog post](https://docs.aws.amazon.com/media/support-for-aws-elemental-mediastore-ending-soon/) . \n\nWrites an object lifecycle policy to a container. If the container already has an object lifecycle policy, the service replaces the existing policy with the new policy. It takes up to 20 minutes for the change to take effect.\n\nFor information about how to construct an object lifecycle policy, see [Components of an Object Lifecycle Policy](https://docs.aws.amazon.com/mediastore/latest/ug/policies-object-lifecycle-components.html) .", + "title": "LifecyclePolicy", + "type": "string" + }, + "MetricPolicy": { + "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicy", + "markdownDescription": "The metric policy that is associated with the container. A metric policy allows AWS Elemental MediaStore to send metrics to Amazon CloudWatch. In the policy, you must indicate whether you want MediaStore to send container-level metrics. You can also include rules to define groups of objects that you want MediaStore to send object-level metrics for.\n\nTo view examples of how to construct a metric policy for your use case, see [Example Metric Policies](https://docs.aws.amazon.com/mediastore/latest/ug/policies-metric-examples.html) .", + "title": "MetricPolicy" + }, + "Policy": { + "markdownDescription": "Creates an access policy for the specified container to restrict the users and clients that can access it. For information about the data that is included in an access policy, see the [AWS Identity and Access Management User Guide](https://docs.aws.amazon.com/iam/) .\n\nFor this release of the REST API, you can create only one policy for a container. If you enter `PutContainerPolicy` twice, the second command modifies the existing policy.", + "title": "Policy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ContainerName" + ], + "type": "object" }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", + "Type": { + "enum": [ + "AWS::MediaStore::Container" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.FunnelChartFieldWells": { - "additionalProperties": false, - "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FunnelChartSortConfiguration": { + "AWS::MediaStore::Container.CorsRule": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { + "AllowedHeaders": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "Specifies which headers are allowed in a preflight `OPTIONS` request through the `Access-Control-Request-Headers` header. Each header name that is specified in `Access-Control-Request-Headers` must have a corresponding entry in the rule. Only the headers that were requested are sent back.\n\nThis element can contain only one wildcard character (*).", + "title": "AllowedHeaders", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.FunnelChartVisual": { - "additionalProperties": false, - "properties": { - "Actions": { + }, + "AllowedMethods": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.\n\nEach CORS rule must contain at least one `AllowedMethods` and one `AllowedOrigins` element.", + "title": "AllowedMethods", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "AllowedOrigins": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nEach CORS rule must have at least one `AllowedOrigins` element. The string value can include only one wildcard character (*), for example, http://*.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.", + "title": "AllowedOrigins", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "ExposeHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nThis element is optional for each rule.", + "title": "ExposeHeaders", + "type": "array" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" + "MaxAgeSeconds": { + "markdownDescription": "The time in seconds that your browser caches the preflight response for the specified resource.\n\nA CORS rule can have only one `MaxAgeSeconds` element.", + "title": "MaxAgeSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartConditionalFormatting": { + "AWS::MediaStore::Container.MetricPolicy": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "ContainerLevelMetrics": { + "markdownDescription": "A setting to enable or disable metrics at the container level.", + "title": "ContainerLevelMetrics", + "type": "string" + }, + "MetricPolicyRules": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption" + "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicyRule" }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "A parameter that holds an array of rules that enable metrics at the object level. This parameter is optional, but if you choose to include it, you must also include at least one rule. By default, you can include up to five rules. You can also [request a quota increase](https://docs.aws.amazon.com/servicequotas/home?region=us-east-1#!/services/mediastore/quotas) to allow up to 300 rules per policy.", + "title": "MetricPolicyRules", "type": "array" } }, + "required": [ + "ContainerLevelMetrics" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption": { + "AWS::MediaStore::Container.MetricPolicyRule": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" + "ObjectGroup": { + "markdownDescription": "A path or file name that defines which objects to include in the group. Wildcards (*) are acceptable.", + "title": "ObjectGroup", + "type": "string" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" + "ObjectGroupName": { + "markdownDescription": "A name that allows you to refer to the object group.", + "title": "ObjectGroupName", + "type": "string" } }, + "required": [ + "ObjectGroup", + "ObjectGroupName" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartConfiguration": { + "AWS::MediaTailor::Channel": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" + "Metadata": { + "type": "object" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GaugeChartFieldWells": { - "additionalProperties": false, - "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "Properties": { + "additionalProperties": false, + "properties": { + "Audiences": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of audiences defined in channel.", + "title": "Audiences", + "type": "array" + }, + "ChannelName": { + "markdownDescription": "The name of the channel.", + "title": "ChannelName", + "type": "string" + }, + "FillerSlate": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.SlateSource", + "markdownDescription": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` .", + "title": "FillerSlate" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.LogConfigurationForChannel", + "markdownDescription": "The log configuration.", + "title": "LogConfiguration" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.RequestOutputItem" + }, + "markdownDescription": "The channel's output properties.", + "title": "Outputs", + "type": "array" + }, + "PlaybackMode": { + "markdownDescription": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule.", + "title": "PlaybackMode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the channel. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "Tier": { + "markdownDescription": "The tier for this channel. STANDARD tier channels can contain live programs.", + "title": "Tier", + "type": "string" + }, + "TimeShiftConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.TimeShiftConfiguration", + "markdownDescription": "The configuration for time-shifted viewing.", + "title": "TimeShiftConfiguration" + } }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", - "type": "array" + "required": [ + "ChannelName", + "Outputs", + "PlaybackMode" + ], + "type": "object" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", - "title": "Values", - "type": "array" + "Type": { + "enum": [ + "AWS::MediaTailor::Channel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartOptions": { + "AWS::MediaTailor::Channel.DashPlaylistSettings": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" - }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", + "title": "ManifestWindowSeconds", + "type": "number" }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" + "MinBufferTimeSeconds": { + "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "MinBufferTimeSeconds", + "type": "number" }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", - "type": "string" + "MinUpdatePeriodSeconds": { + "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "MinUpdatePeriodSeconds", + "type": "number" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "SuggestedPresentationDelaySeconds": { + "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", + "title": "SuggestedPresentationDelaySeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::MediaTailor::Channel.HlsPlaylistSettings": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" + "AdMarkupType": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the type of SCTE 35 tags to use in ad markup. Specify `DATERANGE` to use `DATERANGE` tags (for live or VOD content). Specify `SCTE35_ENHANCED` to use `EXT-X-CUE-OUT` and `EXT-X-CUE-IN` tags (for VOD content only).", + "title": "AdMarkupType", + "type": "array" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" + "ManifestWindowSeconds": { + "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", + "title": "ManifestWindowSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GaugeChartVisual": { + "AWS::MediaTailor::Channel.LogConfigurationForChannel": { "additionalProperties": false, "properties": { - "Actions": { + "LogTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The log types.", + "title": "LogTypes", "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialCoordinateBounds": { + "AWS::MediaTailor::Channel.RequestOutputItem": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", - "type": "number" + "DashPlaylistSettings": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.DashPlaylistSettings", + "markdownDescription": "DASH manifest configuration parameters.", + "title": "DashPlaylistSettings" }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", - "type": "number" + "HlsPlaylistSettings": { + "$ref": "#/definitions/AWS::MediaTailor::Channel.HlsPlaylistSettings", + "markdownDescription": "HLS playlist configuration parameters.", + "title": "HlsPlaylistSettings" }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", - "type": "number" + "ManifestName": { + "markdownDescription": "The name of the manifest for the channel. The name appears in the `PlaybackUrl` .", + "title": "ManifestName", + "type": "string" }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", - "type": "number" + "SourceGroup": { + "markdownDescription": "A string used to match which `HttpPackageConfiguration` is used for each `VodSource` .", + "title": "SourceGroup", + "type": "string" } }, "required": [ - "East", - "North", - "South", - "West" + "ManifestName", + "SourceGroup" ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapColorScale": { + "AWS::MediaTailor::Channel.SlateSource": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapDataColor" - }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", - "type": "array" + "SourceLocationName": { + "markdownDescription": "The name of the source location where the slate VOD source is stored.", + "title": "SourceLocationName", + "type": "string" + }, + "VodSourceName": { + "markdownDescription": "The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.", + "title": "VodSourceName", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration": { + "AWS::MediaTailor::Channel.TimeShiftConfiguration": { "additionalProperties": false, "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" + "MaxTimeDelaySeconds": { + "markdownDescription": "The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).", + "title": "MaxTimeDelaySeconds", + "type": "number" } }, + "required": [ + "MaxTimeDelaySeconds" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialHeatmapDataColor": { + "AWS::MediaTailor::ChannelPolicy": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", + "Condition": { "type": "string" - } - }, - "required": [ - "Color" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", - "type": "array" }, - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelName": { + "markdownDescription": "The name of the channel associated with this Channel Policy.", + "title": "ChannelName", + "type": "string" + }, + "Policy": { + "markdownDescription": "The IAM policy for the channel. IAM policies are used to control access to your channel.", + "title": "Policy", + "type": "object" + } }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", - "title": "Values", - "type": "array" + "required": [ + "ChannelName", + "Policy" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MediaTailor::ChannelPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapConfiguration": { + "AWS::MediaTailor::LiveSource": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "HttpPackageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::LiveSource.HttpPackageConfiguration" + }, + "markdownDescription": "The HTTP package configurations for the live source.", + "title": "HttpPackageConfigurations", + "type": "array" + }, + "LiveSourceName": { + "markdownDescription": "The name that's used to refer to a live source.", + "title": "LiveSourceName", + "type": "string" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the live source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HttpPackageConfigurations", + "LiveSourceName", + "SourceLocationName" + ], + "type": "object" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "", - "title": "VisualPalette" + "Type": { + "enum": [ + "AWS::MediaTailor::LiveSource" + ], + "type": "string" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GeospatialMapFieldWells": { - "additionalProperties": false, - "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapStyleOptions": { + "AWS::MediaTailor::LiveSource.HttpPackageConfiguration": { "additionalProperties": false, "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", + "Path": { + "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", + "title": "Path", + "type": "string" + }, + "SourceGroup": { + "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", + "title": "SourceGroup", + "type": "string" + }, + "Type": { + "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", + "title": "Type", "type": "string" } }, + "required": [ + "Path", + "SourceGroup", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialMapVisual": { + "AWS::MediaTailor::PlaybackConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "AdConditioningConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdConditioningConfiguration", + "markdownDescription": "The setting that indicates what conditioning MediaTailor will perform on ads that the ad decision server (ADS) returns, and what priority MediaTailor uses when inserting ads.", + "title": "AdConditioningConfiguration" + }, + "AdDecisionServerUrl": { + "markdownDescription": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters.", + "title": "AdDecisionServerUrl", + "type": "string" + }, + "AvailSuppression": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AvailSuppression", + "markdownDescription": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see [Ad Suppression](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", + "title": "AvailSuppression" + }, + "Bumper": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.Bumper", + "markdownDescription": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see [Bumpers](https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html) .", + "title": "Bumper" + }, + "CdnConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration", + "markdownDescription": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management.", + "title": "CdnConfiguration" + }, + "ConfigurationAliases": { + "additionalProperties": true, + "markdownDescription": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see [Domain Variables](https://docs.aws.amazon.com/mediatailor/latest/ug/variables-domain.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "ConfigurationAliases", + "type": "object" + }, + "DashConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.DashConfiguration", + "markdownDescription": "The configuration for a DASH source.", + "title": "DashConfiguration" + }, + "HlsConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration", + "markdownDescription": "The configuration for HLS content.", + "title": "HlsConfiguration" + }, + "InsertionMode": { + "markdownDescription": "The setting that controls whether players can use stitched or guided ad insertion. The default, `STITCHED_ONLY` , forces all player sessions to use stitched (server-side) ad insertion. Choosing `PLAYER_SELECT` allows players to select either stitched or guided ad insertion at session-initialization time. The default for players that do not specify an insertion mode is stitched.", + "title": "InsertionMode", + "type": "string" + }, + "LivePreRollConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration", + "markdownDescription": "The configuration for pre-roll ad insertion.", + "title": "LivePreRollConfiguration" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LogConfiguration", + "markdownDescription": "Defines where AWS Elemental MediaTailor sends logs for the playback configuration.", + "title": "LogConfiguration" + }, + "ManifestProcessingRules": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules", + "markdownDescription": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor.", + "title": "ManifestProcessingRules" + }, + "Name": { + "markdownDescription": "The identifier for the playback configuration.", + "title": "Name", + "type": "string" + }, + "PersonalizationThresholdSeconds": { + "markdownDescription": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to *ad replacement* in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see [Ad Behavior in AWS Elemental MediaTailor](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", + "title": "PersonalizationThresholdSeconds", + "type": "number" + }, + "SlateAdUrl": { + "markdownDescription": "The URL for a video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID playback configurations. For VPAID, the slate is required because MediaTailor provides it in the slots designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video.", + "title": "SlateAdUrl", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to assign to the playback configuration. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "TranscodeProfileName": { + "markdownDescription": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support.", + "title": "TranscodeProfileName", + "type": "string" + }, + "VideoContentSourceUrl": { + "markdownDescription": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters.", + "title": "VideoContentSourceUrl", + "type": "string" + } + }, + "required": [ + "AdDecisionServerUrl", + "Name", + "VideoContentSourceUrl" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaTailor::PlaybackConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialPointStyleOptions": { + "AWS::MediaTailor::PlaybackConfiguration.AdConditioningConfiguration": { "additionalProperties": false, "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" - }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" - }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", + "StreamingMediaFileConditioning": { + "markdownDescription": "For ads that have media files with streaming delivery and supported file extensions, indicates what transcoding action MediaTailor takes when it first receives these ads from the ADS. `TRANSCODE` indicates that MediaTailor must transcode the ads. `NONE` indicates that you have already transcoded the ads outside of MediaTailor and don't need them transcoded as part of the ad insertion workflow. For more information about ad conditioning see [Using preconditioned ads](https://docs.aws.amazon.com/mediatailor/latest/ug/precondition-ads.html) in the AWS Elemental MediaTailor user guide.", + "title": "StreamingMediaFileConditioning", "type": "string" } }, + "required": [ + "StreamingMediaFileConditioning" + ], "type": "object" }, - "AWS::QuickSight::Analysis.GeospatialWindowOptions": { + "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" - }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", - "type": "string" + "Enabled": { + "markdownDescription": "Enables ad marker passthrough for your configuration.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GlobalTableBorderOptions": { + "AWS::MediaTailor::PlaybackConfiguration.AdsInteractionLog": { "additionalProperties": false, "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" + "ExcludeEventTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration.", + "title": "ExcludeEventTypes", + "type": "array" }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.GradientColor": { - "additionalProperties": false, - "properties": { - "Stops": { + "PublishOptInEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientStop" + "type": "string" }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", + "markdownDescription": "Indicates that MediaTailor emits `RAW_ADS_RESPONSE` logs for playback sessions that are initialized with this configuration.", + "title": "PublishOptInEventTypes", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GradientStop": { + "AWS::MediaTailor::PlaybackConfiguration.AvailSuppression": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "FillPolicy": { + "markdownDescription": "Defines the policy to apply to the avail suppression mode. `BEHIND_LIVE_EDGE` will always use the full avail suppression policy. `AFTER_LIVE_EDGE` mode can be used to invoke partial ad break fills when a session starts mid-break.", + "title": "FillPolicy", "type": "string" }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", - "type": "number" + "Mode": { + "markdownDescription": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to `BEHIND_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to `AFTER_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value.", + "title": "Mode", + "type": "string" }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", - "type": "number" - } - }, - "required": [ - "GradientOffset" - ], - "type": "object" - }, - "AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" + "Value": { + "markdownDescription": "A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.Bumper": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "EndUrl": { + "markdownDescription": "The URL for the end bumper asset.", + "title": "EndUrl", + "type": "string" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutElement" - }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", - "type": "array" + "StartUrl": { + "markdownDescription": "The URL for the start bumper asset.", + "title": "StartUrl", + "type": "string" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutElement": { + "AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration": { "additionalProperties": false, "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", - "type": "number" - }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", + "AdSegmentUrlPrefix": { + "markdownDescription": "A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor. ** .amazonaws.com. Then specify the rule's name in this `AdSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments.", + "title": "AdSegmentUrlPrefix", "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "ContentSegmentUrlPrefix": { + "markdownDescription": "A content delivery network (CDN) to cache content segments, so that content requests don\u2019t always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this `ContentSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments.", + "title": "ContentSegmentUrlPrefix", "type": "string" - }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" - }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", - "type": "number" } }, - "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions": { + "AWS::MediaTailor::PlaybackConfiguration.DashConfiguration": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "ManifestEndpointPrefix": { + "markdownDescription": "The URL generated by MediaTailor to initiate a playback session. The session uses server-side reporting. This setting is ignored in PUT operations.", + "title": "ManifestEndpointPrefix", "type": "string" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", + "MpdLocation": { + "markdownDescription": "The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are `DISABLED` and `EMT_DEFAULT` . The `EMT_DEFAULT` setting enables the inclusion of the tag and is the default value.", + "title": "MpdLocation", + "type": "string" + }, + "OriginManifestType": { + "markdownDescription": "The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to `SINGLE_PERIOD` . The default setting is `MULTI_PERIOD` . For multi-period manifests, omit this setting or set it to `MULTI_PERIOD` .", + "title": "OriginManifestType", "type": "string" } }, - "required": [ - "ResizeOption" - ], "type": "object" }, - "AWS::QuickSight::Analysis.GrowthRateComputation": { + "AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "ManifestEndpointPrefix": { + "markdownDescription": "The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting.", + "title": "ManifestEndpointPrefix", "type": "string" - }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" - }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", + "AdDecisionServerUrl": { + "markdownDescription": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters.", + "title": "AdDecisionServerUrl", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" + "MaxDurationSeconds": { + "markdownDescription": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns.", + "title": "MaxDurationSeconds", + "type": "number" } }, - "required": [ - "Layout", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells": { + "AWS::MediaTailor::PlaybackConfiguration.LogConfiguration": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", - "type": "array" - }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", - "type": "array" + "AdsInteractionLog": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdsInteractionLog", + "markdownDescription": "Settings for customizing what events are included in logs for interactions with the ad decision server (ADS).", + "title": "AdsInteractionLog" }, - "Values": { + "EnabledLoggingStrategies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The values field well of a heat map.", - "title": "Values", + "markdownDescription": "The method used for collecting logs from AWS Elemental MediaTailor. `LEGACY_CLOUDWATCH` indicates that MediaTailor is sending logs directly to Amazon CloudWatch Logs. `VENDED_LOGS` indicates that MediaTailor is sending logs to CloudWatch, which then vends the logs to your destination of choice. Supported destinations are CloudWatch Logs log group, Amazon S3 bucket, and Amazon Data Firehose stream.", + "title": "EnabledLoggingStrategies", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.HeatMapConfiguration": { - "additionalProperties": false, - "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" - }, - "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", - "title": "SortConfiguration" + "ManifestServiceInteractionLog": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestServiceInteractionLog", + "markdownDescription": "Settings for customizing what events are included in logs for interactions with the origin server.", + "title": "ManifestServiceInteractionLog" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "PercentEnabled": { + "markdownDescription": "The percentage of session logs that MediaTailor sends to your configured log destination. For example, if your playback configuration has 1000 sessions and `percentEnabled` is set to `60` , MediaTailor sends logs for 600 of the sessions to CloudWatch Logs. MediaTailor decides at random which of the playback configuration sessions to send logs for. If you want to view logs for a specific session, you can use the [debug log mode](https://docs.aws.amazon.com/mediatailor/latest/ug/debug-log-mode.html) .\n\nValid values: `0` - `100`", + "title": "PercentEnabled", + "type": "number" } }, + "required": [ + "PercentEnabled" + ], "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapFieldWells": { + "AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules": { "additionalProperties": false, "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "AdMarkerPassthrough": { + "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough", + "markdownDescription": "For HLS, when set to `true` , MediaTailor passes through `EXT-X-CUE-IN` , `EXT-X-CUE-OUT` , and `EXT-X-SPLICEPOINT-SCTE35` ad markers from the origin manifest to the MediaTailor personalized manifest.\n\nNo logic is applied to these ad markers. For example, if `EXT-X-CUE-OUT` has a value of `60` , but no ads are filled for that ad break, MediaTailor will not set the value to `0` .", + "title": "AdMarkerPassthrough" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapSortConfiguration": { + "AWS::MediaTailor::PlaybackConfiguration.ManifestServiceInteractionLog": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" - }, - "HeatMapColumnSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", - "type": "array" - }, - "HeatMapRowItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" - }, - "HeatMapRowSort": { + "ExcludeEventTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", + "markdownDescription": "Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration.", + "title": "ExcludeEventTypes", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HeatMapVisual": { + "AWS::MediaTailor::SourceLocation": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "AccessConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.AccessConfiguration", + "markdownDescription": "The access configuration for the source location.", + "title": "AccessConfiguration" + }, + "DefaultSegmentDeliveryConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration", + "markdownDescription": "The default segment delivery configuration.", + "title": "DefaultSegmentDeliveryConfiguration" + }, + "HttpConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.HttpConfiguration", + "markdownDescription": "The HTTP configuration for the source location.", + "title": "HttpConfiguration" + }, + "SegmentDeliveryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration" + }, + "markdownDescription": "The segment delivery configurations for the source location.", + "title": "SegmentDeliveryConfigurations", + "type": "array" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the source location. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "HttpConfiguration", + "SourceLocationName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaTailor::SourceLocation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.HistogramAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.HistogramBinOptions": { + "AWS::MediaTailor::SourceLocation.AccessConfiguration": { "additionalProperties": false, "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" - }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" - }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", + "AccessType": { + "markdownDescription": "The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` .\n\n`S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name.\n\nBefore you can use `S3_SIGV4` , you must meet these requirements:\n\n\u2022 You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide.\n\n\u2022 The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations.\n\n\u2022 The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations.", + "title": "AccessType", "type": "string" }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", - "type": "number" + "SecretsManagerAccessTokenConfiguration": { + "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration", + "markdownDescription": "AWS Secrets Manager access token configuration parameters.", + "title": "SecretsManagerAccessTokenConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HistogramConfiguration": { + "AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration": { "additionalProperties": false, "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "FieldWells" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" - }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "YAxisDisplayOptions" + "BaseUrl": { + "markdownDescription": "The hostname of the server that will be used to serve segments. This string must include the protocol, such as *https://* .", + "title": "BaseUrl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.HistogramFieldWells": { + "AWS::MediaTailor::SourceLocation.HttpConfiguration": { "additionalProperties": false, "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" + "BaseUrl": { + "markdownDescription": "The base URL for the source location host server. This string must include the protocol, such as *https://* .", + "title": "BaseUrl", + "type": "string" } }, + "required": [ + "BaseUrl" + ], "type": "object" }, - "AWS::QuickSight::Analysis.HistogramVisual": { + "AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", - "title": "ChartConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "HeaderName": { + "markdownDescription": "The name of the HTTP header used to supply the access token in requests to the source location.", + "title": "HeaderName", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.", + "title": "SecretArn", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "SecretStringKey": { + "markdownDescription": "The AWS Secrets Manager [SecretString](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html#SecretsManager-CreateSecret-request-SecretString.html) key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.", + "title": "SecretStringKey", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.InsightConfiguration": { + "AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration": { "additionalProperties": false, "properties": { - "Computations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Computation" - }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", - "type": "array" + "BaseUrl": { + "markdownDescription": "The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as `https://example.com/some/path` . To use a relative URL specify the relative path, such as `/some/path*` .", + "title": "BaseUrl", + "type": "string" }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" + "Name": { + "markdownDescription": "A unique identifier used to distinguish between multiple segment delivery configurations in a source location.", + "title": "Name", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.InsightVisual": { + "AWS::MediaTailor::VodSource": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "HttpPackageConfigurations": { + "items": { + "$ref": "#/definitions/AWS::MediaTailor::VodSource.HttpPackageConfiguration" + }, + "markdownDescription": "The HTTP package configurations for the VOD source.", + "title": "HttpPackageConfigurations", + "type": "array" + }, + "SourceLocationName": { + "markdownDescription": "The name of the source location that the VOD source is associated with.", + "title": "SourceLocationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the VOD source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", + "title": "Tags", + "type": "array" + }, + "VodSourceName": { + "markdownDescription": "The name of the VOD source.", + "title": "VodSourceName", + "type": "string" + } + }, + "required": [ + "HttpPackageConfigurations", + "SourceLocationName", + "VodSourceName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::MediaTailor::VodSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.IntegerDefaultValues": { + "AWS::MediaTailor::VodSource.HttpPackageConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Path": { + "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", + "title": "Path", + "type": "string" }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.IntegerParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the integer parameter.", - "title": "Name", + "SourceGroup": { + "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", + "title": "SourceGroup", "type": "string" }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the integer parameter.", - "title": "Values", - "type": "array" + "Type": { + "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", + "title": "Type", + "type": "string" } }, "required": [ - "Name", - "Values" + "Path", + "SourceGroup", + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.IntegerParameterDeclaration": { + "AWS::MemoryDB::ACL": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Condition": { + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ACLName": { + "markdownDescription": "The name of the Access Control List.", + "title": "ACLName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of users that belong to the Access Control List.", + "title": "UserNames", + "type": "array" + } }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "required": [ + "ACLName" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Type": { + "enum": [ + "AWS::MemoryDB::ACL" + ], "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" } }, "required": [ - "Name", - "ParameterValueType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration": { + "AWS::MemoryDB::Cluster": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" + "Condition": { + "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ItemsLimitConfiguration": { - "additionalProperties": false, - "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", - "type": "number" }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ACLName": { + "markdownDescription": "The name of the Access Control List to associate with the cluster .", + "title": "ACLName", + "type": "string" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "When set to true, the cluster will automatically receive minor engine version upgrades after launch.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "ClusterEndpoint": { + "$ref": "#/definitions/AWS::MemoryDB::Cluster.Endpoint", + "markdownDescription": "The cluster 's configuration endpoint.", + "title": "ClusterEndpoint" + }, + "ClusterName": { + "markdownDescription": "The name of the cluster .", + "title": "ClusterName", + "type": "string" + }, + "DataTiering": { + "markdownDescription": "Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html) .", + "title": "DataTiering", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the cluster .", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The name of the engine used by the cluster.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The Redis engine version used by the cluster .", + "title": "EngineVersion", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.", + "title": "FinalSnapshotName", + "type": "string" + }, + "IpDiscovery": { + "markdownDescription": "The mechanism that the cluster uses to discover IP addresses. Returns 'ipv4' when DNS endpoints resolve to IPv4 addresses, or 'ipv6' when DNS endpoints resolve to IPv6 addresses.", + "title": "IpDiscovery", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the KMS key used to encrypt the cluster .", + "title": "KmsKeyId", + "type": "string" + }, + "MaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n*Pattern* : `ddd:hh24:mi-ddd:hh24:mi`", + "title": "MaintenanceWindow", + "type": "string" + }, + "MultiRegionClusterName": { + "markdownDescription": "The name of the multi-Region cluster that this cluster belongs to.", + "title": "MultiRegionClusterName", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The IP address type for the cluster. Returns 'ipv4' for IPv4 only, 'ipv6' for IPv6 only, or 'dual-stack' if the cluster supports both IPv4 and IPv6 addressing.", + "title": "NetworkType", + "type": "string" + }, + "NodeType": { + "markdownDescription": "The cluster 's node type.", + "title": "NodeType", + "type": "string" + }, + "NumReplicasPerShard": { + "markdownDescription": "The number of replicas to apply to each shard.\n\n*Default value* : `1`\n\n*Maximum value* : `5`", + "title": "NumReplicasPerShard", + "type": "number" + }, + "NumShards": { + "markdownDescription": "The number of shards in the cluster .", + "title": "NumShards", + "type": "number" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group used by the cluster .", + "title": "ParameterGroupName", + "type": "string" + }, + "Port": { + "markdownDescription": "The port used by the cluster .", + "title": "Port", + "type": "number" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group names to associate with this cluster .", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster . The Amazon S3 object name in the ARN cannot contain any commas.", + "title": "SnapshotArns", + "type": "array" + }, + "SnapshotName": { + "markdownDescription": "The name of a snapshot from which to restore data into the new cluster . The snapshot status changes to restoring while the new cluster is being created.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotRetentionLimit": { + "markdownDescription": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted.", + "title": "SnapshotRetentionLimit", + "type": "number" + }, + "SnapshotWindow": { + "markdownDescription": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: 05:00-09:00 If you do not specify this parameter, MemoryDB automatically chooses an appropriate time range.", + "title": "SnapshotWindow", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the ARN of the SNS topic, such as `arn:aws:memorydb:us-east-1:123456789012:mySNSTopic`", + "title": "SnsTopicArn", + "type": "string" + }, + "SnsTopicStatus": { + "markdownDescription": "The SNS topic must be in Active status to receive notifications.", + "title": "SnsTopicStatus", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group used by the cluster .", + "title": "SubnetGroupName", + "type": "string" + }, + "TLSEnabled": { + "markdownDescription": "A flag to indicate if In-transit encryption is enabled.", + "title": "TLSEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ACLName", + "ClusterName", + "NodeType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::MemoryDB::Cluster" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting": { - "additionalProperties": false, - "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting": { + "AWS::MemoryDB::Cluster.Endpoint": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" + "Address": { + "markdownDescription": "The DNS hostname of the node.", + "title": "Address", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormattingOption" - }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", - "type": "array" + "Port": { + "markdownDescription": "The port number that the engine is listening on.", + "title": "Port", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.KPIConditionalFormattingOption": { + "AWS::MemoryDB::MultiRegionCluster": { "additionalProperties": false, "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" - }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" + "Condition": { + "type": "string" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIConfiguration": { - "additionalProperties": false, - "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" + "Metadata": { + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIFieldWells": { - "additionalProperties": false, - "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the multi-Region cluster.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The name of the engine used by the multi-Region cluster.", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version of the engine used by the multi-Region cluster.", + "title": "EngineVersion", + "type": "string" + }, + "MultiRegionClusterNameSuffix": { + "markdownDescription": "A suffix to be added to the Multi-Region cluster name. Amazon MemoryDB automatically applies a prefix to the Multi-Region cluster Name when it is created. Each Amazon Region has its own prefix. For instance, a Multi-Region cluster Name created in the US-West-1 region will begin with \"virxk\", along with the suffix name you provide. The suffix guarantees uniqueness of the Multi-Region cluster name across multiple regions.", + "title": "MultiRegionClusterNameSuffix", + "type": "string" + }, + "MultiRegionParameterGroupName": { + "markdownDescription": "The name of the multi-Region parameter group associated with the cluster.", + "title": "MultiRegionParameterGroupName", + "type": "string" + }, + "NodeType": { + "markdownDescription": "The node type used by the multi-Region cluster.", + "title": "NodeType", + "type": "string" + }, + "NumShards": { + "markdownDescription": "The number of shards in the multi-Region cluster.", + "title": "NumShards", + "type": "number" + }, + "TLSEnabled": { + "markdownDescription": "Indiciates if the multi-Region cluster is TLS enabled.", + "title": "TLSEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to be applied to the multi-Region cluster.", + "title": "Tags", + "type": "array" + }, + "UpdateStrategy": { + "markdownDescription": "The strategy to use for the update operation. Supported values are \"coordinated\" or \"uncoordinated\".", + "title": "UpdateStrategy", + "type": "string" + } }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", - "type": "array" + "required": [ + "NodeType" + ], + "type": "object" }, - "TrendGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", - "type": "array" + "Type": { + "enum": [ + "AWS::MemoryDB::MultiRegionCluster" + ], + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The value field wells of a KPI visual.", - "title": "Values", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIOptions": { + "AWS::MemoryDB::ParameterGroup": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "Condition": { "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" - }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" - }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" + "Metadata": { + "type": "object" }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The name of the parameter group family that this parameter group is compatible with.", + "title": "Family", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the parameter group.", + "title": "ParameterGroupName", + "type": "string" + }, + "Parameters": { + "markdownDescription": "Returns the detailed parameter list for the parameter group.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Family", + "ParameterGroupName" + ], + "type": "object" }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting": { - "additionalProperties": false, - "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" + "Type": { + "enum": [ + "AWS::MemoryDB::ParameterGroup" + ], + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPISortConfiguration": { - "additionalProperties": false, - "properties": { - "TrendGroupSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.KPISparklineOptions": { + "AWS::MemoryDB::SubnetGroup": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", + "Condition": { "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the subnet group.", + "title": "Description", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The name of the subnet group to be used for the cluster .", + "title": "SubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon VPC subnet IDs for the subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SubnetGroupName", + "SubnetIds" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", + "enum": [ + "AWS::MemoryDB::SubnetGroup" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the sparkline.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIVisual": { + "AWS::MemoryDB::User": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "AccessString": { + "markdownDescription": "Access permissions string used for this user.", + "title": "AccessString", + "type": "string" + }, + "AuthenticationMode": { + "$ref": "#/definitions/AWS::MemoryDB::User.AuthenticationMode", + "markdownDescription": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* &* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`", + "title": "AuthenticationMode" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserName": { + "markdownDescription": "The name of the user.", + "title": "UserName", + "type": "string" + } + }, + "required": [ + "UserName" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::MemoryDB::User" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.KPIVisualLayoutOptions": { - "additionalProperties": false, - "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.KPIVisualStandardLayout": { + "AWS::MemoryDB::User.AuthenticationMode": { "additionalProperties": false, "properties": { + "Passwords": { + "items": { + "type": "string" + }, + "markdownDescription": "The password(s) used for authentication", + "title": "Passwords", + "type": "array" + }, "Type": { - "markdownDescription": "The standard layout type.", + "markdownDescription": "Indicates whether the user requires a password to authenticate. All newly-created users require a password.", "title": "Type", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::QuickSight::Analysis.LabelOptions": { + "AWS::Neptune::DBCluster": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The text for the label.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the label.", - "title": "FontConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", - "title": "Visibility", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::Neptune::DBCluster.DBClusterRole" + }, + "markdownDescription": "Provides a list of the Amazon Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon services on your behalf.", + "title": "AssociatedRoles", + "type": "array" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in.", + "title": "AvailabilityZones", + "type": "array" + }, + "BackupRetentionPeriod": { + "markdownDescription": "Specifies the number of days for which automatic DB snapshots are retained.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "*If set to `true` , tags are copied to any snapshot of the DB cluster that is created.*", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterParameterGroupName": { + "markdownDescription": "Provides the name of the DB cluster parameter group.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "DBInstanceParameterGroupName": { + "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major engine version upgrade request\n\nNote that when you apply a parameter group using `DBInstanceParameterGroupName` , parameter changes are applied immediately, not during the next maintenance window.\n\n**Constraints** - The DB parameter group must be in the same DB parameter group family as the target DB cluster version.\n- The `DBInstanceParameterGroupName` parameter is only valid for major engine version upgrades.", + "title": "DBInstanceParameterGroupName", + "type": "string" + }, + "DBPort": { + "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nIf not specified, the default port used is `8182` .\n\n> The `Port` property will soon be deprecated. Please update existing templates to use the new `DBPort` property that has the same functionality.", + "title": "DBPort", + "type": "number" + }, + "DBSubnetGroupName": { + "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DeletionProtection": { + "markdownDescription": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies a list of log types that are enabled for export to CloudWatch Logs.", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EngineVersion": { + "markdownDescription": "Indicates the database engine version.", + "title": "EngineVersion", + "type": "string" + }, + "IamAuthEnabled": { + "markdownDescription": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.", + "title": "IamAuthEnabled", + "type": "boolean" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .", + "title": "KmsKeyId", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the `BackupRetentionPeriod` .\n\nAn update may require some interruption.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "RestoreType", + "type": "string" + }, + "ServerlessScalingConfiguration": { + "$ref": "#/definitions/AWS::Neptune::DBCluster.ServerlessScalingConfiguration", + "markdownDescription": "", + "title": "ServerlessScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a `SnapshotIdentifier` , you must specify the same `SnapshotIdentifier` for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the `SnapshotIdentifier` , an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the `SnapshotIdentifier` , and the original DB cluster is deleted.", + "title": "SnapshotIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption and set this property to `true` .\n\nIf you enable the `StorageEncrypted` property but don't specify the `KmsKeyId` property, then the default KMS key is used. If you specify the `KmsKeyId` property, then that KMS key is used to encrypt the database instances in the DB cluster.\n\nIf you specify the `SourceDBClusterIdentifier` property, and don't specify this property or disable it, the value is inherited from the source DB cluster. If the source DB cluster is encrypted, the `KmsKeyId` property from the source cluster is used.\n\nIf you specify the `DBSnapshotIdentifier` and don't specify this property or disable it, the value is inherited from the snapshot and the specified `KmsKeyId` property from the snapshot is used.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to this cluster.", + "title": "Tags", + "type": "array" + }, + "UseLatestRestorableTime": { + "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Provides a list of VPC security groups that the DB cluster belongs to.", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.Layout": { + "AWS::Neptune::DBCluster.DBClusterRole": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" + "FeatureName": { + "markdownDescription": "The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see [DescribeDBEngineVersions](https://docs.aws.amazon.com/neptune/latest/userguide/api-other-apis.html#DescribeDBEngineVersions) .", + "title": "FeatureName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "Configuration" + "RoleArn" ], "type": "object" }, - "AWS::QuickSight::Analysis.LayoutConfiguration": { + "AWS::Neptune::DBCluster.ServerlessScalingConfiguration": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" - }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" + "MaxCapacity": { + "markdownDescription": "The maximum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on.", + "title": "MaxCapacity", + "type": "number" }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" + "MinCapacity": { + "markdownDescription": "The minimum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on.", + "title": "MinCapacity", + "type": "number" } }, + "required": [ + "MaxCapacity", + "MinCapacity" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LegendOptions": { + "AWS::Neptune::DBClusterParameterGroup": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", + "Condition": { "type": "string" }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The custom title for the legend.", - "title": "Title" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB cluster parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", + "title": "Family", + "type": "string" + }, + "Name": { + "markdownDescription": "Provides the name of the DB cluster parameter group.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters to set for this DB cluster parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nIf you update the parameters, some interruption may occur depending on which parameters you update.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to this parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBClusterParameterGroup" + ], "type": "string" }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartAggregatedFieldWells": { + "AWS::Neptune::DBInstance": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" + "Condition": { + "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowMajorVersionUpgrade": { + "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. This parameter must be set to true when specifying a value for the EngineVersion parameter that is a different major version than the DB instance's current version.\n\nWhen you change this parameter for an existing DB cluster, CloudFormation will replace your existing DB cluster with a new, empty one that uses the engine version you specified.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "Indicates that minor version patches are applied automatically.\n\nWhen updating this property, some interruptions may occur.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZone": { + "markdownDescription": "Specifies the name of the Availability Zone the DB instance is located in.", + "title": "AvailabilityZone", + "type": "string" + }, + "DBClusterIdentifier": { + "markdownDescription": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBInstanceClass": { + "markdownDescription": "Contains the name of the compute and memory capacity class of the DB instance.\n\nIf you update this property, some interruptions may occur.", + "title": "DBInstanceClass", + "type": "string" + }, + "DBInstanceIdentifier": { + "markdownDescription": "Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DBParameterGroupName": { + "markdownDescription": "The name of an existing DB parameter group or a reference to an AWS::Neptune::DBParameterGroup resource created in the template. If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.", + "title": "DBParameterGroupName", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new virtual private cloud (VPC).", + "title": "DBSubnetGroupName", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key-value pairs) for this DB instance.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "required": [ + "DBInstanceClass" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartConfiguration": { + "AWS::Neptune::DBParameterGroup": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" - }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", - "title": "DataLabels" - }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "FieldWells" - }, - "ForecastConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastConfiguration" - }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", - "type": "array" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "Condition": { + "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" - }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "Series": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SeriesItem" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", + "title": "Family", + "type": "string" + }, + "Name": { + "markdownDescription": "Provides the name of the DB parameter group.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "markdownDescription": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to this parameter group.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", - "title": "Tooltip" + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" }, "Type": { - "markdownDescription": "Determines the type of the line chart.", - "title": "Type", + "enum": [ + "AWS::Neptune::DBParameterGroup" + ], "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings": { - "additionalProperties": false, - "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.LineChartFieldWells": { - "additionalProperties": false, - "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartLineStyleSettings": { + "AWS::Neptune::DBSubnetGroup": { "additionalProperties": false, "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", + "Condition": { "type": "string" }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBSubnetGroupDescription": { + "markdownDescription": "Provides the description of the DB subnet group.", + "title": "DBSubnetGroupDescription", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "The name of the DB subnet group.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 subnet IDs for the DB subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you want to attach to the DB subnet group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSubnetGroupDescription", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::DBSubnetGroup" + ], "type": "string" }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartMarkerStyleSettings": { + "AWS::Neptune::EventSubscription": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", + "Condition": { "type": "string" }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A Boolean value indicating if the subscription is enabled. True indicates the subscription is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The topic ARN of the event notification subscription.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The source type for the event notification subscription.", + "title": "SourceType", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Neptune::EventSubscription" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.LineChartSeriesSettings": { - "additionalProperties": false, - "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartSortConfiguration": { + "AWS::NeptuneGraph::Graph": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "Metadata": { + "type": "object" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "A value that indicates whether the graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "GraphName": { + "markdownDescription": "The graph name. For example: `my-graph-1` .\n\nThe name must contain from 1 to 63 letters, numbers, or hyphens, and its first character must be a letter. It cannot end with a hyphen or contain two consecutive hyphens.\n\nIf you don't specify a graph name, a unique graph name is generated for you using the prefix `graph-for` , followed by a combination of `Stack Name` and a `UUID` .", + "title": "GraphName", + "type": "string" + }, + "ProvisionedMemory": { + "markdownDescription": "The provisioned memory-optimized Neptune Capacity Units (m-NCUs) to use for the graph.\n\nMin = 16", + "title": "ProvisionedMemory", + "type": "number" + }, + "PublicConnectivity": { + "markdownDescription": "Specifies whether or not the graph can be reachable over the internet. All access to graphs is IAM authenticated.\n\nWhen the graph is publicly available, its domain name system (DNS) endpoint resolves to the public IP address from the internet. When the graph isn't publicly available, you need to create a `PrivateGraphEndpoint` in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\nDefault: If not specified, the default value is false.\n\n> If enabling public connectivity for the first time, there will be a delay while it is enabled.", + "title": "PublicConnectivity", + "type": "boolean" + }, + "ReplicaCount": { + "markdownDescription": "The number of replicas in other AZs.\n\nDefault: If not specified, the default value is 1.", + "title": "ReplicaCount", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Adds metadata tags to the new graph. These tags can also be used with cost allocation reporting, or used in a Condition statement in an IAM policy.", + "title": "Tags", + "type": "array" + }, + "VectorSearchConfiguration": { + "$ref": "#/definitions/AWS::NeptuneGraph::Graph.VectorSearchConfiguration", + "markdownDescription": "Specifies the number of dimensions for vector embeddings that will be loaded into the graph. The value is specified as `dimension=` value. Max = 65,535", + "title": "VectorSearchConfiguration" + } }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "required": [ + "ProvisionedMemory" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NeptuneGraph::Graph" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LineChartVisual": { + "AWS::NeptuneGraph::Graph.VectorSearchConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "VectorSearchDimension": { + "markdownDescription": "The number of dimensions.", + "title": "VectorSearchDimension", + "type": "number" } }, "required": [ - "VisualId" + "VectorSearchDimension" ], "type": "object" }, - "AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions": { + "AWS::NeptuneGraph::PrivateGraphEndpoint": { "additionalProperties": false, "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" + "Condition": { + "type": "string" }, - "MissingDataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MissingDataConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GraphIdentifier": { + "markdownDescription": "The unique identifier of the Neptune Analytics graph.", + "title": "GraphIdentifier", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Security groups to be attached to the private graph endpoint..", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "Subnets in which private graph endpoint ENIs are created.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The VPC in which the private graph endpoint needs to be created.", + "title": "VpcId", + "type": "string" + } }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", - "type": "array" + "required": [ + "GraphIdentifier", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NeptuneGraph::PrivateGraphEndpoint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ListControlDisplayOptions": { + "AWS::NetworkFirewall::Firewall": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Condition": { + "type": "string" }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ListControlSearchOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", - "title": "Visibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeleteProtection": { + "markdownDescription": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` .", + "title": "DeleteProtection", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description of the firewall.", + "title": "Description", + "type": "string" + }, + "EnabledAnalysisTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "An optional setting indicating the specific traffic analysis types to enable on the firewall.", + "title": "EnabledAnalysisTypes", + "type": "array" + }, + "FirewallName": { + "markdownDescription": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", + "title": "FirewallName", + "type": "string" + }, + "FirewallPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.", + "title": "FirewallPolicyArn", + "type": "string" + }, + "FirewallPolicyChangeProtection": { + "markdownDescription": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", + "title": "FirewallPolicyChangeProtection", + "type": "boolean" + }, + "SubnetChangeProtection": { + "markdownDescription": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", + "title": "SubnetChangeProtection", + "type": "boolean" + }, + "SubnetMappings": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::Firewall.SubnetMapping" + }, + "markdownDescription": "The primary public subnets that Network Firewall is using for the firewall. Network Firewall creates a firewall endpoint in each subnet. Create a subnet mapping for each Availability Zone where you want to use the firewall.\n\nThese subnets are all defined for a single, primary VPC, and each must belong to a different Availability Zone. Each of these subnets establishes the availability of the firewall in its Availability Zone.\n\nIn addition to these subnets, you can define other endpoints for the firewall in `VpcEndpointAssociation` resources. You can define these additional endpoints for any VPC, and for any of the Availability Zones where the firewall resource already has a subnet mapping. VPC endpoint associations give you the ability to protect multiple VPCs using a single firewall, and to define multiple firewall endpoints for a VPC in a single Availability Zone.", + "title": "SubnetMappings", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "FirewallName", + "FirewallPolicyArn", + "SubnetMappings", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::Firewall" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ListControlSelectAllOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", - "title": "Visibility", + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.LoadingAnimation": { + "AWS::NetworkFirewall::Firewall.SubnetMapping": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", - "title": "Visibility", + "IPAddressType": { + "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", + "title": "IPAddressType", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.LocalNavigationConfiguration": { - "additionalProperties": false, - "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", + }, + "SubnetId": { + "markdownDescription": "The unique identifier for the subnet.", + "title": "SubnetId", "type": "string" } }, "required": [ - "TargetSheetId" + "SubnetId" ], "type": "object" }, - "AWS::QuickSight::Analysis.LongFormatText": { + "AWS::NetworkFirewall::FirewallPolicy": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "Condition": { "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.MappedDataSetParameter": { - "additionalProperties": false, - "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the firewall policy.", + "title": "Description", + "type": "string" + }, + "FirewallPolicy": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy", + "markdownDescription": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", + "title": "FirewallPolicy" + }, + "FirewallPolicyName": { + "markdownDescription": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", + "title": "FirewallPolicyName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "FirewallPolicy", + "FirewallPolicyName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::FirewallPolicy" + ], "type": "string" }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSetIdentifier", - "DataSetParameterName" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.MaximumLabelType": { + "AWS::NetworkFirewall::FirewallPolicy.ActionDefinition": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the maximum label.", - "title": "Visibility", - "type": "string" + "PublishMetricAction": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction", + "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", + "title": "PublishMetricAction" } }, "type": "object" }, - "AWS::QuickSight::Analysis.MaximumMinimumComputation": { + "AWS::NetworkFirewall::FirewallPolicy.CustomAction": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "ActionDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.ActionDefinition", + "markdownDescription": "The custom action associated with the action name.", + "title": "ActionDefinition" }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", + "ActionName": { + "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", + "title": "ActionName", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId", - "Type" + "ActionDefinition", + "ActionName" ], "type": "object" }, - "AWS::QuickSight::Analysis.MeasureField": { + "AWS::NetworkFirewall::FirewallPolicy.Dimension": { "additionalProperties": false, "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" - }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" - }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" - }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "Value": { + "markdownDescription": "The value to use in the custom metric dimension.", + "title": "Value", + "type": "string" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::QuickSight::Analysis.MetricComparisonComputation": { + "AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "PolicyVariables": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PolicyVariables", + "markdownDescription": "Contains variables that you can use to override default Suricata settings in your firewall policy.", + "title": "PolicyVariables" }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" + "StatefulDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.\n\nValid values of the stateful default action:\n\n- aws:drop_strict\n- aws:drop_established\n- aws:alert_strict\n- aws:alert_established\n\nFor more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "StatefulDefaultActions", + "type": "array" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "StatefulEngineOptions": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions", + "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.", + "title": "StatefulEngineOptions" }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" + "StatefulRuleGroupReferences": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference" + }, + "markdownDescription": "References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.", + "title": "StatefulRuleGroupReferences", + "type": "array" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "StatelessCustomActions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.CustomAction" + }, + "markdownDescription": "The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.", + "title": "StatelessCustomActions", + "type": "array" + }, + "StatelessDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", + "title": "StatelessDefaultActions", + "type": "array" + }, + "StatelessFragmentDefaultActions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", + "title": "StatelessFragmentDefaultActions", + "type": "array" + }, + "StatelessRuleGroupReferences": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference" + }, + "markdownDescription": "References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.", + "title": "StatelessRuleGroupReferences", + "type": "array" + }, + "TLSInspectionConfigurationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the TLS inspection configuration.", + "title": "TLSInspectionConfigurationArn", + "type": "string" } }, "required": [ - "ComputationId" + "StatelessDefaultActions", + "StatelessFragmentDefaultActions" ], "type": "object" }, - "AWS::QuickSight::Analysis.MinimumLabelType": { + "AWS::NetworkFirewall::FirewallPolicy.FlowTimeouts": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the minimum label.", - "title": "Visibility", - "type": "string" + "TcpIdleTimeoutSeconds": { + "markdownDescription": "The number of seconds that can pass without any TCP traffic sent through the firewall before the firewall determines that the connection is idle. After the idle timeout passes, data packets are dropped, however, the next TCP SYN packet is considered a new flow and is processed by the firewall. Clients or targets can use TCP keepalive packets to reset the idle timeout.\n\nYou can define the `TcpIdleTimeoutSeconds` value to be between 60 and 6000 seconds. If no value is provided, it defaults to 350 seconds.", + "title": "TcpIdleTimeoutSeconds", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.MissingDataConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.IPSet": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", - "type": "string" + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", + "title": "Definition", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NegativeValueConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.PolicyVariables": { "additionalProperties": false, "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", - "type": "string" + "RuleVariables": { + "additionalProperties": false, + "markdownDescription": "The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata `HOME_NET` variable. If your firewall uses an inspection VPC, you might want to override the `HOME_NET` variable with the CIDRs of your home networks. If you don't override `HOME_NET` with your own CIDRs, Network Firewall by default uses the CIDR of your inspection VPC.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.IPSet" + } + }, + "title": "RuleVariables", + "type": "object" } }, - "required": [ - "DisplayMode" - ], "type": "object" }, - "AWS::QuickSight::Analysis.NullValueFormatConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction": { "additionalProperties": false, "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", - "type": "string" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.Dimension" + }, + "markdownDescription": "", + "title": "Dimensions", + "type": "array" } }, "required": [ - "NullString" + "Dimensions" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", - "type": "string" + "FlowTimeouts": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FlowTimeouts", + "markdownDescription": "Configures the amount of time that can pass without any traffic sent through the firewall before the firewall determines that the connection is idle.", + "title": "FlowTimeouts" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", + "RuleOrder": { + "markdownDescription": "Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "RuleOrder", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", + "StreamExceptionPolicy": { + "markdownDescription": "Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.\n\n- `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.\n- `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent\u2014a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action.\n- `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.", + "title": "StreamExceptionPolicy", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumberFormatConfiguration": { + "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" + "Action": { + "markdownDescription": "The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups.", + "title": "Action", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumericAxisOptions": { + "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" + "Override": { + "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride", + "markdownDescription": "The action that allows the policy owner to override the behavior of the rule group within a policy.", + "title": "Override" }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "Priority": { + "markdownDescription": "An integer setting that indicates the order in which to run the stateful rule groups in a single `FirewallPolicy` . This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings.\n\nNetwork Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.\n\nYou can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.", + "title": "Priority", + "type": "number" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the stateful rule group.", + "title": "ResourceArn", + "type": "string" } }, + "required": [ + "ResourceArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter": { + "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", - "title": "Value", + "Priority": { + "markdownDescription": "An integer setting that indicates the order in which to run the stateless rule groups in a single `FirewallPolicy` . Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.", + "title": "Priority", "type": "number" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the stateless rule group.", + "title": "ResourceArn", + "type": "string" } }, "required": [ - "Column", - "Value" + "Priority", + "ResourceArn" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericEqualityFilter": { + "AWS::NetworkFirewall::LoggingConfiguration": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "EnableMonitoringDashboard": { + "markdownDescription": "", + "title": "EnableMonitoringDashboard", + "type": "boolean" + }, + "FirewallArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", + "title": "FirewallArn", + "type": "string" + }, + "FirewallName": { + "markdownDescription": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", + "title": "FirewallName", + "type": "string" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration", + "markdownDescription": "Defines how AWS Network Firewall performs logging for a `Firewall` .", + "title": "LoggingConfiguration" + } + }, + "required": [ + "FirewallArn", + "LoggingConfiguration" + ], + "type": "object" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "Type": { + "enum": [ + "AWS::NetworkFirewall::LoggingConfiguration" + ], "type": "string" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig": { + "additionalProperties": false, + "properties": { + "LogDestination": { + "additionalProperties": true, + "markdownDescription": "The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.\n\n- For an Amazon S3 bucket, provide the name of the bucket, with key `bucketName` , and optionally provide a prefix, with key `prefix` .\n\nThe following example specifies an Amazon S3 bucket named `DOC-EXAMPLE-BUCKET` and the prefix `alerts` :\n\n`\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }`\n- For a CloudWatch log group, provide the name of the CloudWatch log group, with key `logGroup` . The following example specifies a log group named `alert-log-group` :\n\n`\"LogDestination\": { \"logGroup\": \"alert-log-group\" }`\n- For a Firehose delivery stream, provide the name of the delivery stream, with key `deliveryStream` . The following example specifies a delivery stream named `alert-delivery-stream` :\n\n`\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }`", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "LogDestination", + "type": "object" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "LogDestinationType": { + "markdownDescription": "The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.", + "title": "LogDestinationType", "type": "string" }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" + "LogType": { + "markdownDescription": "The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.\n\n- `ALERT` - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the `StatefulRule` property.\n- `FLOW` - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.\n- `TLS` - Logs for events that are related to TLS inspection. For more information, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-configurations.html) in the *Network Firewall Developer Guide* .", + "title": "LogType", + "type": "string" } }, "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" + "LogDestination", + "LogDestinationType", + "LogType" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericFormatConfiguration": { + "AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" - }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" - }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" + "LogDestinationConfigs": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig" + }, + "markdownDescription": "Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups.", + "title": "LogDestinationConfigs", + "type": "array" } }, + "required": [ + "LogDestinationConfigs" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericRangeFilter": { + "AWS::NetworkFirewall::RuleGroup": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "Metadata": { + "type": "object" }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" + "Properties": { + "additionalProperties": false, + "properties": { + "Capacity": { + "markdownDescription": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.", + "title": "Capacity", + "type": "number" + }, + "Description": { + "markdownDescription": "A description of the rule group.", + "title": "Description", + "type": "string" + }, + "RuleGroup": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleGroup", + "markdownDescription": "An object that defines the rule group rules.", + "title": "RuleGroup" + }, + "RuleGroupName": { + "markdownDescription": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", + "title": "RuleGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Capacity", + "RuleGroupName", + "Type" + ], + "type": "object" }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" + "Type": { + "enum": [ + "AWS::NetworkFirewall::RuleGroup" + ], + "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericRangeFilterValue": { + "AWS::NetworkFirewall::RuleGroup.ActionDefinition": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", - "type": "string" - }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", - "type": "number" + "PublishMetricAction": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PublishMetricAction", + "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", + "title": "PublishMetricAction" } }, "type": "object" }, - "AWS::QuickSight::Analysis.NumericSeparatorConfiguration": { + "AWS::NetworkFirewall::RuleGroup.Address": { "additionalProperties": false, "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + "AddressDefinition": { + "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "AddressDefinition", "type": "string" - }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" } }, + "required": [ + "AddressDefinition" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericalAggregationFunction": { + "AWS::NetworkFirewall::RuleGroup.CustomAction": { "additionalProperties": false, "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" + "ActionDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ActionDefinition", + "markdownDescription": "The custom action associated with the action name.", + "title": "ActionDefinition" }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", + "ActionName": { + "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", + "title": "ActionName", "type": "string" } }, + "required": [ + "ActionDefinition", + "ActionName" + ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericalDimensionField": { + "AWS::NetworkFirewall::RuleGroup.Dimension": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Value": { + "markdownDescription": "The value to use in the custom metric dimension.", + "title": "Value", "type": "string" } }, "required": [ - "Column", - "FieldId" + "Value" ], "type": "object" }, - "AWS::QuickSight::Analysis.NumericalMeasureField": { + "AWS::NetworkFirewall::RuleGroup.Header": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" + "Destination": { + "markdownDescription": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "Destination", + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" + "DestinationPort": { + "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", + "title": "DestinationPort", + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Direction": { + "markdownDescription": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination.", + "title": "Direction", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Protocol": { + "markdownDescription": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP.", + "title": "Protocol", + "type": "string" + }, + "Source": { + "markdownDescription": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "Source", + "type": "string" + }, + "SourcePort": { + "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", + "title": "SourcePort", + "type": "string" } }, "required": [ - "Column", - "FieldId" + "Destination", + "DestinationPort", + "Direction", + "Protocol", + "Source", + "SourcePort" ], "type": "object" }, - "AWS::QuickSight::Analysis.PaginationConfiguration": { + "AWS::NetworkFirewall::RuleGroup.IPSet": { "additionalProperties": false, "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", - "type": "number" - }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", - "type": "number" + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", + "title": "Definition", + "type": "array" } }, - "required": [ - "PageNumber", - "PageSize" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PanelConfiguration": { + "AWS::NetworkFirewall::RuleGroup.IPSetReference": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", - "title": "BackgroundColor", - "type": "string" - }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", - "type": "string" - }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", - "type": "string" - }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", + "ReferenceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to include in the `RuleGroup.IPSetReference` .", + "title": "ReferenceArn", "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.MatchAttributes": { + "additionalProperties": false, + "properties": { + "DestinationPorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" + }, + "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", + "title": "DestinationPorts", + "type": "array" }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" + }, + "markdownDescription": "The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.", + "title": "Destinations", + "type": "array" }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", - "type": "string" + "Protocols": { + "items": { + "type": "number" + }, + "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.", + "title": "Protocols", + "type": "array" }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", - "type": "string" + "SourcePorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" + }, + "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .\n\nIf not specified, this matches with any source port.\n\nThis setting is only used for protocols 6 (TCP) and 17 (UDP).", + "title": "SourcePorts", + "type": "array" }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", - "type": "string" + "Sources": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" + }, + "markdownDescription": "The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.", + "title": "Sources", + "type": "array" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" + "TCPFlags": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.TCPFlagField" + }, + "markdownDescription": "The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).", + "title": "TCPFlags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PanelTitleOptions": { + "AWS::NetworkFirewall::RuleGroup.PortRange": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "", - "title": "FontConfiguration" - }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", - "type": "string" + "FromPort": { + "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", + "title": "FromPort", + "type": "number" }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", - "type": "string" + "ToPort": { + "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", + "title": "ToPort", + "type": "number" } }, + "required": [ + "FromPort", + "ToPort" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterControl": { + "AWS::NetworkFirewall::RuleGroup.PortSet": { "additionalProperties": false, "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" - }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" - }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" - }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" + "Definition": { + "items": { + "type": "string" + }, + "markdownDescription": "The set of port ranges.", + "title": "Definition", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDateTimePickerControl": { + "AWS::NetworkFirewall::RuleGroup.PublishMetricAction": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", - "type": "string" + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Dimension" + }, + "markdownDescription": "", + "title": "Dimensions", + "type": "array" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Dimensions" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDeclaration": { + "AWS::NetworkFirewall::RuleGroup.ReferenceSets": { "additionalProperties": false, "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" - }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" - }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" - }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" + "IPSetReferences": { + "additionalProperties": false, + "markdownDescription": "The IP set references to use in the stateful rule group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSetReference" + } + }, + "title": "IPSetReferences", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ParameterDropDownControl": { + "AWS::NetworkFirewall::RuleGroup.RuleDefinition": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", - "type": "string" + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions.\n\n> Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the `FirewallPolicy` . \n\nFor every rule, you must specify exactly one of the following standard actions.\n\n- *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination.\n- *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination.\n- *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection.\n\nAdditionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting.\n\nTo provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `[\u201caws:pass\u201d, \u201cMyMetricsAction\u201d]` .", + "title": "Actions", + "type": "array" }, - "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", - "type": "string" + "MatchAttributes": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.MatchAttributes", + "markdownDescription": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.", + "title": "MatchAttributes" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Actions", + "MatchAttributes" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterListControl": { + "AWS::NetworkFirewall::RuleGroup.RuleGroup": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "ReferenceSets": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ReferenceSets", + "markdownDescription": "The reference sets for the stateful rule group.", + "title": "ReferenceSets" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", - "type": "string" + "RuleVariables": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleVariables", + "markdownDescription": "Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.", + "title": "RuleVariables" }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", - "type": "string" + "RulesSource": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSource", + "markdownDescription": "The stateful rules or stateless rules for the rule group.", + "title": "RulesSource" }, - "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", - "type": "string" + "StatefulRuleOptions": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions", + "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* .", + "title": "StatefulRuleOptions" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "RulesSource" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterSelectableValues": { + "AWS::NetworkFirewall::RuleGroup.RuleOption": { "additionalProperties": false, "properties": { - "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" + "Keyword": { + "markdownDescription": "The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", + "title": "Keyword", + "type": "string" }, - "Values": { + "Settings": { "items": { "type": "string" }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", + "markdownDescription": "The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", + "title": "Settings", "type": "array" } }, + "required": [ + "Keyword" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterSliderControl": { + "AWS::NetworkFirewall::RuleGroup.RuleVariables": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "IPSets": { + "additionalProperties": false, + "markdownDescription": "A list of IP addresses and address ranges, in CIDR notation.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSet" + } + }, + "title": "IPSets", + "type": "object" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "PortSets": { + "additionalProperties": false, + "markdownDescription": "A list of port ranges.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortSet" + } + }, + "title": "PortSets", + "type": "object" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.RulesSource": { + "additionalProperties": false, + "properties": { + "RulesSourceList": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSourceList", + "markdownDescription": "Stateful inspection criteria for a domain list rule group.", + "title": "RulesSourceList" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", + "RulesString": { + "markdownDescription": "Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.\n\nThese rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.\n\n> You can't use the `priority` keyword if the `RuleOrder` option in `StatefulRuleOptions` is set to `STRICT_ORDER` .", + "title": "RulesString", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", + "StatefulRules": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRule" + }, + "markdownDescription": "An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-7.0.3/rules/intro.html) .", + "title": "StatefulRules", + "type": "array" + }, + "StatelessRulesAndCustomActions": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions", + "markdownDescription": "Stateless inspection criteria to be used in a stateless rule group.", + "title": "StatelessRulesAndCustomActions" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.RulesSourceList": { + "additionalProperties": false, + "properties": { + "GeneratedRulesType": { + "markdownDescription": "Whether you want to allow or deny access to the domains in your target list.", + "title": "GeneratedRulesType", "type": "string" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "TargetTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` .", + "title": "TargetTypes", + "type": "array" }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", - "type": "string" + "Targets": { + "items": { + "type": "string" + }, + "markdownDescription": "The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:\n\n- Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` .\n- Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` .", + "title": "Targets", + "type": "array" } }, "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" + "GeneratedRulesType", + "TargetTypes", + "Targets" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterTextAreaControl": { + "AWS::NetworkFirewall::RuleGroup.StatefulRule": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", - "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", + "Action": { + "markdownDescription": "Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.\n\nThe actions for a stateful rule are defined as follows:\n\n- *PASS* - Permits the packets to go to the intended destination.\n- *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n- *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic.\n- *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\nYou can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` .\n- *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\n`REJECT` isn't currently available for use with IMAP and FTP protocols.", + "title": "Action", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", - "type": "string" + "Header": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Header", + "markdownDescription": "The stateful inspection criteria for this rule, used to inspect traffic flows.", + "title": "Header" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", - "type": "string" + "RuleOptions": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleOption" + }, + "markdownDescription": "Additional settings for a stateful rule, provided as keywords and settings.", + "title": "RuleOptions", + "type": "array" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Action", + "Header", + "RuleOptions" ], "type": "object" }, - "AWS::QuickSight::Analysis.ParameterTextFieldControl": { + "AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", + "RuleOrder": { + "markdownDescription": "Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", + "title": "RuleOrder", "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.StatelessRule": { + "additionalProperties": false, + "properties": { + "Priority": { + "markdownDescription": "Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.\n\nEach stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object.\n\nYou can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on.", + "title": "Priority", + "type": "number" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", - "type": "string" + "RuleDefinition": { + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleDefinition", + "markdownDescription": "Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria.", + "title": "RuleDefinition" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Priority", + "RuleDefinition" ], "type": "object" }, - "AWS::QuickSight::Analysis.Parameters": { + "AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions": { "additionalProperties": false, "properties": { - "DateTimeParameters": { + "CustomActions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameter" + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.CustomAction" }, - "markdownDescription": "The parameters that have a data type of date-time.", - "title": "DateTimeParameters", + "markdownDescription": "Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule `RuleGroup.RuleDefinition` `Actions` specification.", + "title": "CustomActions", "type": "array" }, - "DecimalParameters": { + "StatelessRules": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameter" + "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRule" }, - "markdownDescription": "The parameters that have a data type of decimal.", - "title": "DecimalParameters", + "markdownDescription": "Defines the set of stateless rules for use in a stateless rule group.", + "title": "StatelessRules", "type": "array" - }, - "IntegerParameters": { + } + }, + "required": [ + "StatelessRules" + ], + "type": "object" + }, + "AWS::NetworkFirewall::RuleGroup.TCPFlagField": { + "additionalProperties": false, + "properties": { + "Flags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameter" + "type": "string" }, - "markdownDescription": "The parameters that have a data type of integer.", - "title": "IntegerParameters", + "markdownDescription": "Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting.\n\nFor the flags that are specified in the masks setting, the following must be true for the packet to match:\n\n- The ones that are set in this flags setting must be set in the packet.\n- The ones that are not set in this flags setting must also not be set in the packet.", + "title": "Flags", "type": "array" }, - "StringParameters": { + "Masks": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameter" + "type": "string" }, - "markdownDescription": "The parameters that have a data type of string.", - "title": "StringParameters", + "markdownDescription": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting.", + "title": "Masks", "type": "array" } }, + "required": [ + "Flags" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PercentVisibleRange": { + "AWS::NetworkFirewall::TLSInspectionConfiguration": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" + "Condition": { + "type": "string" }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration": { - "additionalProperties": false, - "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "Metadata": { + "type": "object" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the TLS inspection configuration.", + "title": "Description", + "type": "string" + }, + "TLSInspectionConfiguration": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration", + "markdownDescription": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", + "title": "TLSInspectionConfiguration" + }, + "TLSInspectionConfigurationName": { + "markdownDescription": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it.", + "title": "TLSInspectionConfigurationName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key:value pairs to associate with the resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "TLSInspectionConfiguration", + "TLSInspectionConfigurationName" + ], + "type": "object" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "Type": { + "enum": [ + "AWS::NetworkFirewall::TLSInspectionConfiguration" + ], + "type": "string" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PercentileAggregation": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.Address": { "additionalProperties": false, "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", - "type": "number" + "AddressDefinition": { + "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", + "title": "AddressDefinition", + "type": "string" } }, + "required": [ + "AddressDefinition" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PeriodOverPeriodComputation": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "RevokedStatusAction": { + "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has a revoked status.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", + "title": "RevokedStatusAction", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "UnknownStatusAction": { + "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has an unknown status, or a status that cannot be determined for any other reason, including when the service is unable to connect to the OCSP and CRL endpoints for the certificate.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", + "title": "UnknownStatusAction", "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange": { + "additionalProperties": false, + "properties": { + "FromPort": { + "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", + "title": "FromPort", + "type": "number" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "ToPort": { + "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", + "title": "ToPort", + "type": "number" } }, "required": [ - "ComputationId" + "FromPort", + "ToPort" ], "type": "object" }, - "AWS::QuickSight::Analysis.PeriodToDateComputation": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.", + "title": "ResourceArn", "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PieChartAggregatedFieldWells": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", - "type": "array" + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", + "title": "CertificateAuthorityArn", + "type": "string" }, - "SmallMultiples": { + "CheckCertificateRevocationStatus": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus", + "markdownDescription": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .", + "title": "CheckCertificateRevocationStatus" + }, + "Scopes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope" }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", + "markdownDescription": "A list of scopes.", + "title": "Scopes", "type": "array" }, - "Values": { + "ServerCertificates": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate" }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "The list of server certificates to use for inbound SSL/TLS inspection.", + "title": "ServerCertificates", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PieChartConfiguration": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" - }, - "ContributionAnalysisDefaults": { + "DestinationPorts": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", + "markdownDescription": "The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", + "title": "DestinationPorts", "type": "array" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PieChartFieldWells": { - "additionalProperties": false, - "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PieChartSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" + }, + "markdownDescription": "The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any destination address.", + "title": "Destinations", + "type": "array" }, - "CategorySort": { + "Protocols": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "type": "number" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.\n\nNetwork Firewall currently supports only TCP.", + "title": "Protocols", "type": "array" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "SourcePorts": { + "items": { + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" + }, + "markdownDescription": "The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", + "title": "SourcePorts", + "type": "array" }, - "SmallMultiplesSort": { + "Sources": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any source address.", + "title": "Sources", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PieChartVisual": { + "AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration": { "additionalProperties": false, "properties": { - "Actions": { + "ServerCertificateConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "Lists the server certificate configurations that are associated with the TLS configuration.", + "title": "ServerCertificateConfigurations", "type": "array" + } + }, + "type": "object" + }, + "AWS::NetworkFirewall::VpcEndpointAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Metadata": { + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the VPC endpoint association.", + "title": "Description", + "type": "string" + }, + "FirewallArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the firewall.", + "title": "FirewallArn", + "type": "string" + }, + "SubnetMapping": { + "$ref": "#/definitions/AWS::NetworkFirewall::VpcEndpointAssociation.SubnetMapping", + "markdownDescription": "The ID for a subnet that's used in an association with a firewall. This is used in `CreateFirewall` , `AssociateSubnets` , and `CreateVpcEndpointAssociation` . AWS Network Firewall creates an instance of the associated firewall in each subnet that you specify, to filter traffic in the subnet's Availability Zone.", + "title": "SubnetMapping" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The key:value pairs to associate with the resource.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC for the endpoint association.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "FirewallArn", + "SubnetMapping", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkFirewall::VpcEndpointAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotFieldSortOptions": { + "AWS::NetworkFirewall::VpcEndpointAssociation.SubnetMapping": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "IPAddressType": { + "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", + "title": "IPAddressType", "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" + "SubnetId": { + "markdownDescription": "The unique identifier for the subnet.", + "title": "SubnetId", + "type": "string" } }, "required": [ - "FieldId", - "SortBy" + "SubnetId" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells": { + "AWS::NetworkManager::ConnectAttachment": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", - "type": "array" + "Condition": { + "type": "string" }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The ID of the core network where the Connect attachment is located.", + "title": "CoreNetworkId", + "type": "string" + }, + "EdgeLocation": { + "markdownDescription": "The Region where the edge is located.", + "title": "EdgeLocation", + "type": "string" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Options": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions", + "markdownDescription": "Options for connecting an attachment.", + "title": "Options" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the Connect attachment.", + "title": "Tags", + "type": "array" + }, + "TransportAttachmentId": { + "markdownDescription": "The ID of the transport attachment.", + "title": "TransportAttachmentId", + "type": "string" + } }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", - "type": "array" + "required": [ + "CoreNetworkId", + "EdgeLocation", + "Options", + "TransportAttachmentId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::ConnectAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting": { + "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "Protocol": { + "markdownDescription": "The protocol used for the attachment connection.", + "title": "Protocol", "type": "string" + } + }, + "type": "object" + }, + "AWS::NetworkManager::ConnectAttachment.ProposedNetworkFunctionGroupChange": { + "additionalProperties": false, + "properties": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" }, - "Scopes": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", "type": "array" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormatting": { + "AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption": { + "AWS::NetworkManager::ConnectPeer": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BgpOptions": { + "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.BgpOptions", + "markdownDescription": "Describes the BGP options.", + "title": "BgpOptions" + }, + "ConnectAttachmentId": { + "markdownDescription": "The ID of the attachment to connect.", + "title": "ConnectAttachmentId", + "type": "string" + }, + "CoreNetworkAddress": { + "markdownDescription": "The IP address of a core network.", + "title": "CoreNetworkAddress", + "type": "string" + }, + "InsideCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", + "title": "InsideCidrBlocks", + "type": "array" + }, + "PeerAddress": { + "markdownDescription": "The IP address of the Connect peer.", + "title": "PeerAddress", + "type": "string" + }, + "SubnetArn": { + "markdownDescription": "The subnet ARN of the Connect peer.", + "title": "SubnetArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with the Connect peer.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ConnectAttachmentId", + "PeerAddress" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::ConnectPeer" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope": { + "AWS::NetworkManager::ConnectPeer.BgpOptions": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", - "type": "string" + "PeerAsn": { + "markdownDescription": "The Peer ASN of the BGP.", + "title": "PeerAsn", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableConfiguration": { + "AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" + "CoreNetworkAddress": { + "markdownDescription": "The address of a core network.", + "title": "CoreNetworkAddress", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" + "CoreNetworkAsn": { + "markdownDescription": "The ASN of the Coret Network.", + "title": "CoreNetworkAsn", + "type": "number" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "PeerAddress": { + "markdownDescription": "The address of a core network Connect peer.", + "title": "PeerAddress", + "type": "string" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" + "PeerAsn": { + "markdownDescription": "The ASN of the Connect peer.", + "title": "PeerAsn", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableDataPathOption": { + "AWS::NetworkManager::ConnectPeer.ConnectPeerConfiguration": { "additionalProperties": false, "properties": { - "DataPathList": { + "BgpConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration" }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", + "markdownDescription": "The Connect peer BGP configurations.", + "title": "BgpConfigurations", "type": "array" }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", + "CoreNetworkAddress": { + "markdownDescription": "The IP address of a core network.", + "title": "CoreNetworkAddress", + "type": "string" + }, + "InsideCidrBlocks": { + "items": { + "type": "string" + }, + "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", + "title": "InsideCidrBlocks", + "type": "array" + }, + "PeerAddress": { + "markdownDescription": "The IP address of the Connect peer.", + "title": "PeerAddress", + "type": "string" + }, + "Protocol": { + "markdownDescription": "The protocol used for a Connect peer configuration.", + "title": "Protocol", "type": "string" } }, - "required": [ - "DataPathList" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption": { + "AWS::NetworkManager::CoreNetwork": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", + "Condition": { "type": "string" }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of a core network.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network that your core network is a part of.", + "title": "GlobalNetworkId", + "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "Describes a core network policy. For more information, see [Core network policies](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) .\n\nIf you update the policy document, CloudFormation will apply the core network change set generated from the updated policy document, and then set it as the LIVE policy.", + "title": "PolicyDocument", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with a core network.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "GlobalNetworkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::CoreNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Target" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget": { + "AWS::NetworkManager::CoreNetwork.CoreNetworkEdge": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { + "Asn": { + "markdownDescription": "The ASN of a core network edge.", + "title": "Asn", + "type": "number" + }, + "EdgeLocation": { + "markdownDescription": "The Region where a core network edge is located.", + "title": "EdgeLocation", + "type": "string" + }, + "InsideCidrBlocks": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + "type": "string" }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", + "markdownDescription": "The inside IP addresses used for core network edges.", + "title": "InsideCidrBlocks", "type": "array" - }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", - "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldOption": { + "AWS::NetworkManager::CoreNetwork.CoreNetworkNetworkFunctionGroup": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", - "type": "string" + "EdgeLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "The core network edge locations.", + "title": "EdgeLocations", + "type": "array" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", + "Name": { + "markdownDescription": "The name of the network function group.", + "title": "Name", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", - "type": "string" + "Segments": { + "$ref": "#/definitions/AWS::NetworkManager::CoreNetwork.Segments", + "markdownDescription": "The segments associated with the network function group.", + "title": "Segments" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldOptions": { + "AWS::NetworkManager::CoreNetwork.CoreNetworkSegment": { "additionalProperties": false, "properties": { - "CollapseStateOptions": { + "EdgeLocations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption" + "type": "string" }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", + "markdownDescription": "The Regions where the edges are located.", + "title": "EdgeLocations", "type": "array" }, - "DataPathOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableDataPathOption" - }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", - "type": "array" + "Name": { + "markdownDescription": "The name of a core network segment.", + "title": "Name", + "type": "string" }, - "SelectedFieldOptions": { + "SharedSegments": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOption" + "type": "string" }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", + "markdownDescription": "The shared segments of a core network.", + "title": "SharedSegments", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.PivotTableFieldWells": { + "AWS::NetworkManager::CoreNetwork.Segments": { "additionalProperties": false, "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" + "SendTo": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SendTo", + "type": "array" + }, + "SendVia": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SendVia", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableOptions": { + "AWS::NetworkManager::CustomerGatewayAssociation": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" + "Condition": { + "type": "string" }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", - "type": "string" + "Metadata": { + "type": "object" }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CustomerGatewayArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the customer gateway.", + "title": "CustomerGatewayArn", + "type": "string" + }, + "DeviceId": { + "markdownDescription": "The ID of the device.", + "title": "DeviceId", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "LinkId": { + "markdownDescription": "The ID of the link.", + "title": "LinkId", + "type": "string" + } + }, + "required": [ + "CustomerGatewayArn", + "DeviceId", + "GlobalNetworkId" + ], + "type": "object" }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", + "Type": { + "enum": [ + "AWS::NetworkManager::CustomerGatewayAssociation" + ], "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::NetworkManager::Device": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" + "Metadata": { + "type": "object" }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AWSLocation": { + "$ref": "#/definitions/AWS::NetworkManager::Device.AWSLocation", + "markdownDescription": "The AWS location of the device.", + "title": "AWSLocation" + }, + "Description": { + "markdownDescription": "A description of the device.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::NetworkManager::Device.Location", + "markdownDescription": "The site location.", + "title": "Location" + }, + "Model": { + "markdownDescription": "The model of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "Model", + "type": "string" + }, + "SerialNumber": { + "markdownDescription": "The serial number of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "SerialNumber", + "type": "string" + }, + "SiteId": { + "markdownDescription": "The site ID.", + "title": "SiteId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the device.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The device type.", + "title": "Type", + "type": "string" + }, + "Vendor": { + "markdownDescription": "The vendor of the device.\n\nConstraints: Maximum length of 128 characters.", + "title": "Vendor", + "type": "string" + } + }, + "required": [ + "GlobalNetworkId" + ], + "type": "object" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", + "Type": { + "enum": [ + "AWS::NetworkManager::Device" + ], "type": "string" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions": { + "AWS::NetworkManager::Device.AWSLocation": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "SubnetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the subnet that the device is located in.", + "title": "SubnetArn", "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "Zone": { + "markdownDescription": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost.", + "title": "Zone", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableRowsLabelOptions": { + "AWS::NetworkManager::Device.Location": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", + "Address": { + "markdownDescription": "The physical address.", + "title": "Address", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", + "Latitude": { + "markdownDescription": "The latitude.", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "The longitude.", + "title": "Longitude", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableSortBy": { + "AWS::NetworkManager::DirectConnectGatewayAttachment": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", - "title": "Column" + "Condition": { + "type": "string" }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "", + "title": "CoreNetworkId", + "type": "string" + }, + "DirectConnectGatewayArn": { + "markdownDescription": "The Direct Connect gateway attachment ARN.", + "title": "DirectConnectGatewayArn", + "type": "string" + }, + "EdgeLocations": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "EdgeLocations", + "type": "array" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "CoreNetworkId", + "DirectConnectGatewayArn", + "EdgeLocations" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::DirectConnectGatewayAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableSortConfiguration": { + "AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "FieldSortOptions": { + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotFieldSortOptions" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableTotalOptions": { + "AWS::NetworkManager::DirectConnectGatewayAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" - }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.PivotTableVisual": { + "AWS::NetworkManager::GlobalNetwork": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "CreatedAt": { + "markdownDescription": "The date and time that the global network was created.", + "title": "CreatedAt", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the global network.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "State": { + "markdownDescription": "The state of the global network.", + "title": "State", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the global network.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::NetworkManager::GlobalNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.PivotTotalOptions": { + "AWS::NetworkManager::Link": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation options for each value field.", - "title": "TotalAggregationOptions", - "type": "array" + "Metadata": { + "type": "object" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", - "title": "TotalCellStyle" + "Properties": { + "additionalProperties": false, + "properties": { + "Bandwidth": { + "$ref": "#/definitions/AWS::NetworkManager::Link.Bandwidth", + "markdownDescription": "The bandwidth for the link.", + "title": "Bandwidth" + }, + "Description": { + "markdownDescription": "A description of the link.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Provider": { + "markdownDescription": "The provider of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", + "title": "Provider", + "type": "string" + }, + "SiteId": { + "markdownDescription": "The ID of the site.", + "title": "SiteId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the link.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Bandwidth", + "GlobalNetworkId", + "SiteId" + ], + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "Type": { + "enum": [ + "AWS::NetworkManager::Link" + ], "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.PredefinedHierarchy": { + "AWS::NetworkManager::Link.Bandwidth": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" - }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "DownloadSpeed": { + "markdownDescription": "Download speed in Mbps.", + "title": "DownloadSpeed", + "type": "number" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", - "type": "string" + "UploadSpeed": { + "markdownDescription": "Upload speed in Mbps.", + "title": "UploadSpeed", + "type": "number" } }, - "required": [ - "Columns", - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ProgressBarOptions": { + "AWS::NetworkManager::LinkAssociation": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the progress bar.", - "title": "Visibility", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeviceId": { + "markdownDescription": "The device ID for the link association.", + "title": "DeviceId", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "LinkId": { + "markdownDescription": "The ID of the link.", + "title": "LinkId", + "type": "string" + } + }, + "required": [ + "DeviceId", + "GlobalNetworkId", + "LinkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::LinkAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells": { + "AWS::NetworkManager::Site": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The aggregated field well categories of a radar chart.", - "title": "Category", - "type": "array" + "Condition": { + "type": "string" }, - "Color": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of your site.\n\nConstraints: Maximum length of 256 characters.", + "title": "Description", + "type": "string" + }, + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "Location": { + "$ref": "#/definitions/AWS::NetworkManager::Site.Location", + "markdownDescription": "The site location. This information is used for visualization in the Network Manager console. If you specify the address, the latitude and longitude are automatically calculated.\n\n- `Address` : The physical address of the site.\n- `Latitude` : The latitude of the site.\n- `Longitude` : The longitude of the site.", + "title": "Location" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the site.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", - "title": "Values", - "type": "array" + "required": [ + "GlobalNetworkId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::Site" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartAreaStyleSettings": { + "AWS::NetworkManager::Site.Location": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", + "Address": { + "markdownDescription": "The physical address.", + "title": "Address", + "type": "string" + }, + "Latitude": { + "markdownDescription": "The latitude.", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "The longitude.", + "title": "Longitude", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartConfiguration": { + "AWS::NetworkManager::SiteToSiteVpnAttachment": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" - }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" - }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", + "Condition": { "type": "string" }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", - "title": "CategoryLabelOptions" - }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", - "title": "ColorLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", - "title": "FieldWells" + "Metadata": { + "type": "object" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "", + "title": "CoreNetworkId", + "type": "string" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the Site-to-Site VPN attachment.", + "title": "Tags", + "type": "array" + }, + "VpnConnectionArn": { + "markdownDescription": "The ARN of the site-to-site VPN attachment.", + "title": "VpnConnectionArn", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "VpnConnectionArn" + ], + "type": "object" }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", + "Type": { + "enum": [ + "AWS::NetworkManager::SiteToSiteVpnAttachment" + ], "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", - "title": "SortConfiguration" - }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.RadarChartFieldWells": { - "additionalProperties": false, - "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartSeriesSettings": { + "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" + }, + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartSortConfiguration": { + "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The category sort options of a radar chart.", - "title": "CategorySort", - "type": "array" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", - "title": "ColorItemsLimit" + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" }, - "ColorSort": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The color sort configuration of a radar chart.", - "title": "ColorSort", + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RadarChartVisual": { + "AWS::NetworkManager::TransitGatewayPeering": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The ID of the core network.", + "title": "CoreNetworkId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags associated with the peering.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayArn": { + "markdownDescription": "The ARN of the transit gateway.", + "title": "TransitGatewayArn", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "TransitGatewayArn" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayPeering" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.RangeEndsLabelType": { + "AWS::NetworkManager::TransitGatewayRegistration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the range ends label.", - "title": "Visibility", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ReferenceLine": { - "additionalProperties": false, - "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "GlobalNetworkId": { + "markdownDescription": "The ID of the global network.", + "title": "GlobalNetworkId", + "type": "string" + }, + "TransitGatewayArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the transit gateway.", + "title": "TransitGatewayArn", + "type": "string" + } + }, + "required": [ + "GlobalNetworkId", + "TransitGatewayArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayRegistration" + ], "type": "string" }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DataConfiguration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration": { + "AWS::NetworkManager::TransitGatewayRouteTableAttachment": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "NetworkFunctionGroupName": { + "markdownDescription": "The name of the network function group.", + "title": "NetworkFunctionGroupName", + "type": "string" + }, + "PeeringId": { + "markdownDescription": "The ID of the transit gateway peering.", + "title": "PeeringId", + "type": "string" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange", + "markdownDescription": "This property is read-only. Values can't be assigned to it.", + "title": "ProposedSegmentChange" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value pairs associated with the transit gateway route table attachment.", + "title": "Tags", + "type": "array" + }, + "TransitGatewayRouteTableArn": { + "markdownDescription": "The ARN of the transit gateway attachment route table. For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` .", + "title": "TransitGatewayRouteTableArn", + "type": "string" + } + }, + "required": [ + "PeeringId", + "TransitGatewayRouteTableArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::TransitGatewayRouteTableAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CustomLabel" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineDataConfiguration": { + "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", - "type": "string" - }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", "type": "string" }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration": { + "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", + "type": "string" }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Calculation", - "Column" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration": { + "AWS::NetworkManager::VpcAttachment": { "additionalProperties": false, "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" - }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", + "Condition": { "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" - }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CoreNetworkId": { + "markdownDescription": "The core network ID.", + "title": "CoreNetworkId", + "type": "string" + }, + "Options": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.VpcOptions", + "markdownDescription": "Options for creating the VPC attachment.", + "title": "Options" + }, + "ProposedNetworkFunctionGroupChange": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedNetworkFunctionGroupChange", + "markdownDescription": "Describes proposed changes to a network function group.", + "title": "ProposedNetworkFunctionGroupChange" + }, + "ProposedSegmentChange": { + "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedSegmentChange", + "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", + "title": "ProposedSegmentChange" + }, + "SubnetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The subnet ARNs.", + "title": "SubnetArns", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the VPC attachment.", + "title": "Tags", + "type": "array" + }, + "VpcArn": { + "markdownDescription": "The ARN of the VPC attachment.", + "title": "VpcArn", + "type": "string" + } + }, + "required": [ + "CoreNetworkId", + "SubnetArns", + "VpcArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::NetworkManager::VpcAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" } }, "required": [ - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration": { + "AWS::NetworkManager::VpcAttachment.ProposedNetworkFunctionGroupChange": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", - "type": "string" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The proposed new attachment policy rule number for the network function group.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "NetworkFunctionGroupName": { + "markdownDescription": "The proposed name change for the network function group name.", + "title": "NetworkFunctionGroupName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of proposed changes to the key-value tags associated with the network function group.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration": { + "AWS::NetworkManager::VpcAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" + "AttachmentPolicyRuleNumber": { + "markdownDescription": "The rule number in the policy document that applies to this change.", + "title": "AttachmentPolicyRuleNumber", + "type": "number" }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", + "SegmentName": { + "markdownDescription": "The name of the segment to change.", + "title": "SegmentName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value tags that changed for the segment.", + "title": "Tags", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions": { + "AWS::NetworkManager::VpcAttachment.VpcOptions": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" + "ApplianceModeSupport": { + "markdownDescription": "Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is `false` .", + "title": "ApplianceModeSupport", + "type": "boolean" }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "DnsSupport": { + "markdownDescription": "Indicates whether DNS is supported.", + "title": "DnsSupport", + "type": "boolean" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Ipv6Support": { + "markdownDescription": "Indicates whether IPv6 is supported.", + "title": "Ipv6Support", + "type": "boolean" + }, + "SecurityGroupReferencingSupport": { + "markdownDescription": "Indicates whether security group referencing is enabled for this VPC attachment. The default is `true` . However, at the core network policy-level the default is set to `false` .", + "title": "SecurityGroupReferencingSupport", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.RelativeDatesFilter": { + "AWS::Notifications::ChannelAssociation": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "Metadata": { + "type": "object" }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `Channel` .", + "title": "Arn", + "type": "string" + }, + "NotificationConfigurationArn": { + "markdownDescription": "The ARN of the `NotificationConfiguration` associated with the `Channel` .", + "title": "NotificationConfigurationArn", + "type": "string" + } + }, + "required": [ + "Arn", + "NotificationConfigurationArn" + ], + "type": "object" }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", - "type": "number" + "Type": { + "enum": [ + "AWS::Notifications::ChannelAssociation" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ResourcePermission": { + "AWS::Notifications::EventRule": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EventPattern": { + "markdownDescription": "An additional event pattern used to further filter the events this `EventRule` receives.\n\nFor more information, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) in the *Amazon EventBridge User Guide.*", + "title": "EventPattern", + "type": "string" + }, + "EventType": { + "markdownDescription": "The event type this rule should match with the EventBridge events. It must match with atleast one of the valid EventBridge event types. For example, Amazon EC2 Instance State change Notification and Amazon CloudWatch State Change. For more information, see [Event delivery from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-delivery-level) in the *Amazon EventBridge User Guide* .", + "title": "EventType", + "type": "string" + }, + "NotificationConfigurationArn": { + "markdownDescription": "The ARN for the `NotificationConfiguration` associated with this `EventRule` .", + "title": "NotificationConfigurationArn", + "type": "string" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS Regions that send events to this `EventRule` .", + "title": "Regions", + "type": "array" + }, + "Source": { + "markdownDescription": "The event source this rule should match with the EventBridge event sources. It must match with atleast one of the valid EventBridge event sources. Only AWS service sourced events are supported. For example, `aws.ec2` and `aws.cloudwatch` . For more information, see [Event delivery from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-delivery-level) in the *Amazon EventBridge User Guide* .", + "title": "Source", + "type": "string" + } }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" + "required": [ + "EventType", + "NotificationConfigurationArn", + "Regions", + "Source" + ], + "type": "object" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "Type": { + "enum": [ + "AWS::Notifications::EventRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Actions", - "Principal" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.RollingDateConfiguration": { + "AWS::Notifications::EventRule.EventRuleStatusSummary": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "Reason": { + "markdownDescription": "A human-readable reason for `EventRuleStatus` .", + "title": "Reason", "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", - "title": "Expression", + "Status": { + "markdownDescription": "The status of the `EventRule` .\n\n- Values:\n\n- `ACTIVE`\n\n- The `EventRule` can process events.\n- `INACTIVE`\n\n- The `EventRule` may be unable to process events.\n- `CREATING`\n\n- The `EventRule` is being created.\n\nOnly `GET` and `LIST` calls can be run.\n- `UPDATING`\n\n- The `EventRule` is being updated.\n\nOnly `GET` and `LIST` calls can be run.\n- `DELETING`\n\n- The `EventRule` is being deleted.\n\nOnly `GET` and `LIST` calls can be run.", + "title": "Status", "type": "string" } }, "required": [ - "Expression" + "Reason", + "Status" ], "type": "object" }, - "AWS::QuickSight::Analysis.RowAlternateColorOptions": { + "AWS::Notifications::ManagedNotificationAccountContactAssociation": { "additionalProperties": false, "properties": { - "RowAlternateColors": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactIdentifier": { + "markdownDescription": "The unique identifier of the notification contact associated with the AWS account. For more information about the contact types associated with an account, see the [Account Management Reference Guide](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-contact-alternate.html#manage-acct-update-contact-alternate-orgs) .", + "title": "ContactIdentifier", + "type": "string" + }, + "ManagedNotificationConfigurationArn": { + "markdownDescription": "The ARN of the `ManagedNotificationConfiguration` to be associated with the `Channel` .", + "title": "ManagedNotificationConfigurationArn", + "type": "string" + } }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", - "type": "array" + "required": [ + "ContactIdentifier", + "ManagedNotificationConfigurationArn" + ], + "type": "object" }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", + "Type": { + "enum": [ + "AWS::Notifications::ManagedNotificationAccountContactAssociation" + ], "type": "string" }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration": { + "AWS::Notifications::ManagedNotificationAdditionalChannelAssociation": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", + "Condition": { "type": "string" }, - "TargetVisuals": { - "items": { - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelArn": { + "markdownDescription": "The ARN of the `Channel` .", + "title": "ChannelArn", + "type": "string" + }, + "ManagedNotificationConfigurationArn": { + "markdownDescription": "The ARN of the `ManagedNotificationAdditionalChannelAssociation` associated with the `Channel` .", + "title": "ManagedNotificationConfigurationArn", + "type": "string" + } }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", - "type": "array" + "required": [ + "ChannelArn", + "ManagedNotificationConfigurationArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::ManagedNotificationAdditionalChannelAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells": { + "AWS::Notifications::NotificationConfiguration": { "additionalProperties": false, "properties": { - "Destination": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", - "type": "array" + "Condition": { + "type": "string" }, - "Source": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Weight": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AggregationDuration": { + "markdownDescription": "The aggregation preference of the `NotificationConfiguration` .\n\n- Values:\n\n- `LONG`\n\n- Aggregate notifications for long periods of time (12 hours).\n- `SHORT`\n\n- Aggregate notifications for short periods of time (5 minutes).\n- `NONE`\n\n- Don't aggregate notifications.", + "title": "AggregationDuration", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the `NotificationConfiguration` .", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `NotificationConfiguration` . Supports RFC 3986's unreserved characters.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of tags assigned to a `NotificationConfiguration` .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", - "type": "array" + "required": [ + "Description", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::NotificationConfiguration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration": { + "AWS::Notifications::NotificationHub": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", - "title": "DataLabels" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", - "title": "SortConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Region": { + "markdownDescription": "The `NotificationHub` Region.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Notifications::NotificationHub" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramFieldWells": { + "AWS::Notifications::NotificationHub.NotificationHubStatusSummary": { "additionalProperties": false, "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" + "NotificationHubStatus": { + "markdownDescription": "Indicates the current status of the `NotificationHub` .", + "title": "NotificationHubStatus", + "type": "string" + }, + "NotificationHubStatusReason": { + "markdownDescription": "An explanation for the current status.", + "title": "NotificationHubStatusReason", + "type": "string" } }, + "required": [ + "NotificationHubStatus", + "NotificationHubStatusReason" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration": { + "AWS::NotificationsContacts::EmailContact": { "additionalProperties": false, "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" + "Condition": { + "type": "string" }, - "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "WeightSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SankeyDiagramVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", - "title": "ChartConfiguration" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "EmailAddress": { + "markdownDescription": "The email address of the contact. The activation and notification emails are sent here.", + "title": "EmailAddress", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the contact.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to apply to the email contact.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "EmailAddress", + "Name" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::NotificationsContacts::EmailContact" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::NotificationsContacts::EmailContact.EmailContact": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" + "Address": { + "markdownDescription": "The email address of the contact.", + "title": "Address", + "type": "string" }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "Arn", + "type": "string" }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" + "CreationTime": { + "markdownDescription": "The creation time of the `EmailContact` .", + "title": "CreationTime", + "type": "string" }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", - "type": "array" + "Name": { + "markdownDescription": "The name of the contact.", + "title": "Name", + "type": "string" }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", - "type": "array" + "Status": { + "markdownDescription": "The status of the contact. Only activated contacts receive emails.", + "title": "Status", + "type": "string" + }, + "UpdateTime": { + "markdownDescription": "The time the `EmailContact` was last updated.", + "title": "UpdateTime", + "type": "string" } }, + "required": [ + "Address", + "Arn", + "CreationTime", + "Name", + "Status", + "UpdateTime" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotConfiguration": { + "AWS::ODB::CloudAutonomousVmCluster": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" + "Condition": { + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" + "Metadata": { + "type": "object" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "AutonomousDataStorageSizeInTBs": { + "markdownDescription": "The data storage size allocated for Autonomous Databases in the Autonomous VM cluster, in TB.\n\nRequired when creating an Autonomous VM cluster.", + "title": "AutonomousDataStorageSizeInTBs", + "type": "number" + }, + "CloudExadataInfrastructureId": { + "markdownDescription": "The unique identifier of the Cloud Exadata Infrastructure containing this Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "CloudExadataInfrastructureId", + "type": "string" + }, + "CpuCoreCountPerNode": { + "markdownDescription": "The number of CPU cores enabled per node in the Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "CpuCoreCountPerNode", + "type": "number" + }, + "DbServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of database servers associated with the Autonomous VM cluster.", + "title": "DbServers", + "type": "array" + }, + "Description": { + "markdownDescription": "The user-provided description of the Autonomous VM cluster.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "DisplayName", + "type": "string" + }, + "IsMtlsEnabledVmCluster": { + "markdownDescription": "Specifies whether mutual TLS (mTLS) authentication is enabled for the Autonomous VM cluster.", + "title": "IsMtlsEnabledVmCluster", + "type": "boolean" + }, + "LicenseModel": { + "markdownDescription": "The Oracle license model that applies to the Autonomous VM cluster. Valid values are `LICENSE_INCLUDED` or `BRING_YOUR_OWN_LICENSE` .", + "title": "LicenseModel", + "type": "string" + }, + "MaintenanceWindow": { + "$ref": "#/definitions/AWS::ODB::CloudAutonomousVmCluster.MaintenanceWindow", + "markdownDescription": "The scheduling details for the maintenance window. Patching and system updates take place during the maintenance window.", + "title": "MaintenanceWindow" + }, + "MemoryPerOracleComputeUnitInGBs": { + "markdownDescription": "The amount of memory allocated per Oracle Compute Unit, in GB.\n\nRequired when creating an Autonomous VM cluster.", + "title": "MemoryPerOracleComputeUnitInGBs", + "type": "number" + }, + "OdbNetworkId": { + "markdownDescription": "The unique identifier of the ODB network associated with this Autonomous VM cluster.\n\nRequired when creating an Autonomous VM cluster.", + "title": "OdbNetworkId", + "type": "string" + }, + "ScanListenerPortNonTls": { + "markdownDescription": "The SCAN listener port for non-TLS (TCP) protocol. The default is 1521.", + "title": "ScanListenerPortNonTls", + "type": "number" + }, + "ScanListenerPortTls": { + "markdownDescription": "The SCAN listener port for TLS (TCP) protocol. The default is 2484.", + "title": "ScanListenerPortTls", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Autonomous Vm Cluster.", + "title": "Tags", + "type": "array" + }, + "TimeZone": { + "markdownDescription": "The time zone of the Autonomous VM cluster.", + "title": "TimeZone", + "type": "string" + }, + "TotalContainerDatabases": { + "markdownDescription": "The total number of Autonomous Container Databases that can be created with the allocated local storage.\n\nRequired when creating an Autonomous VM cluster.", + "title": "TotalContainerDatabases", + "type": "number" + } + }, + "type": "object" }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ScatterPlotFieldWells": { - "additionalProperties": false, - "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" + "Type": { + "enum": [ + "AWS::ODB::CloudAutonomousVmCluster" + ], + "type": "string" }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells": { + "AWS::ODB::CloudAutonomousVmCluster.MaintenanceWindow": { "additionalProperties": false, "properties": { - "Category": { + "DaysOfWeek": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", + "markdownDescription": "The days of the week when maintenance can be performed.", + "title": "DaysOfWeek", "type": "array" }, - "Label": { + "HoursOfDay": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "number" }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", + "markdownDescription": "The hours of the day when maintenance can be performed.", + "title": "HoursOfDay", "type": "array" }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" + "LeadTimeInWeeks": { + "markdownDescription": "The lead time in weeks before the maintenance window.", + "title": "LeadTimeInWeeks", + "type": "number" }, - "XAxis": { + "Months": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", + "markdownDescription": "The months when maintenance can be performed.", + "title": "Months", "type": "array" }, - "YAxis": { + "Preference": { + "markdownDescription": "The preference for the maintenance window scheduling.", + "title": "Preference", + "type": "string" + }, + "WeeksOfMonth": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "number" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", + "markdownDescription": "The weeks of the month when maintenance can be performed.", + "title": "WeeksOfMonth", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.ScatterPlotVisual": { + "AWS::ODB::CloudExadataInfrastructure": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Condition": { + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Metadata": { + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The name of the Availability Zone (AZ) where the Exadata infrastructure is located.\n\nRequired when creating an Exadata infrastructure. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the infrastructure.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the AZ where the Exadata infrastructure is located.\n\nRequired when creating an Exadata infrastructure. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the infrastructure.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "ComputeCount": { + "markdownDescription": "The number of database servers for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "ComputeCount", + "type": "number" + }, + "CustomerContactsToSendToOCI": { + "items": { + "$ref": "#/definitions/AWS::ODB::CloudExadataInfrastructure.CustomerContact" + }, + "markdownDescription": "The email addresses of contacts to receive notification from Oracle about maintenance updates for the Exadata infrastructure.", + "title": "CustomerContactsToSendToOCI", + "type": "array" + }, + "DatabaseServerType": { + "markdownDescription": "The database server model type of the Exadata infrastructure. For the list of valid model names, use the `ListDbSystemShapes` operation.", + "title": "DatabaseServerType", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "DisplayName", + "type": "string" + }, + "Shape": { + "markdownDescription": "The model name of the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "Shape", + "type": "string" + }, + "StorageCount": { + "markdownDescription": "The number of storage servers that are activated for the Exadata infrastructure.\n\nRequired when creating an Exadata infrastructure.", + "title": "StorageCount", + "type": "number" + }, + "StorageServerType": { + "markdownDescription": "The storage server model type of the Exadata infrastructure. For the list of valid model names, use the `ListDbSystemShapes` operation.", + "title": "StorageServerType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Exadata Infrastructure.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::CloudExadataInfrastructure" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.ScrollBarOptions": { + "AWS::ODB::CloudExadataInfrastructure.CustomerContact": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", + "Email": { + "markdownDescription": "The email address of the contact.", + "title": "Email", "type": "string" - }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SecondaryValueOptions": { + "AWS::ODB::CloudVmCluster": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SectionAfterPageBreak": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", - "title": "Status", + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CloudExadataInfrastructureId": { + "markdownDescription": "The unique identifier of the Exadata infrastructure that this VM cluster belongs to.\n\nRequired when creating a VM cluster.", + "title": "CloudExadataInfrastructureId", + "type": "string" + }, + "ClusterName": { + "markdownDescription": "The name of the Grid Infrastructure (GI) cluster.", + "title": "ClusterName", + "type": "string" + }, + "CpuCoreCount": { + "markdownDescription": "The number of CPU cores enabled on the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "CpuCoreCount", + "type": "number" + }, + "DataCollectionOptions": { + "$ref": "#/definitions/AWS::ODB::CloudVmCluster.DataCollectionOptions", + "markdownDescription": "The set of diagnostic collection options enabled for the VM cluster.", + "title": "DataCollectionOptions" + }, + "DataStorageSizeInTBs": { + "markdownDescription": "The size of the data disk group, in terabytes (TB), that's allocated for the VM cluster.", + "title": "DataStorageSizeInTBs", + "type": "number" + }, + "DbNodeStorageSizeInGBs": { + "markdownDescription": "The amount of local node storage, in gigabytes (GB), that's allocated for the VM cluster.", + "title": "DbNodeStorageSizeInGBs", + "type": "number" + }, + "DbServers": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of database servers for the VM cluster.", + "title": "DbServers", + "type": "array" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "DisplayName", + "type": "string" + }, + "GiVersion": { + "markdownDescription": "The software version of the Oracle Grid Infrastructure (GI) for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "GiVersion", + "type": "string" + }, + "Hostname": { + "markdownDescription": "The host name for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "Hostname", + "type": "string" + }, + "IsLocalBackupEnabled": { + "markdownDescription": "Specifies whether database backups to local Exadata storage are enabled for the VM cluster.", + "title": "IsLocalBackupEnabled", + "type": "boolean" + }, + "IsSparseDiskgroupEnabled": { + "markdownDescription": "Specifies whether the VM cluster is configured with a sparse disk group.", + "title": "IsSparseDiskgroupEnabled", + "type": "boolean" + }, + "LicenseModel": { + "markdownDescription": "The Oracle license model applied to the VM cluster.", + "title": "LicenseModel", + "type": "string" + }, + "MemorySizeInGBs": { + "markdownDescription": "The amount of memory, in gigabytes (GB), that's allocated for the VM cluster.", + "title": "MemorySizeInGBs", + "type": "number" + }, + "OdbNetworkId": { + "markdownDescription": "The unique identifier of the ODB network for the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "OdbNetworkId", + "type": "string" + }, + "ScanListenerPortTcp": { + "markdownDescription": "The port number for TCP connections to the single client access name (SCAN) listener.\n\nValid values: `1024\u20138999` with the following exceptions: `2484` , `6100` , `6200` , `7060` , `7070` , `7085` , and `7879`\n\nDefault: `1521`", + "title": "ScanListenerPortTcp", + "type": "number" + }, + "SshPublicKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The public key portion of one or more key pairs used for SSH access to the VM cluster.\n\nRequired when creating a VM cluster.", + "title": "SshPublicKeys", + "type": "array" + }, + "SystemVersion": { + "markdownDescription": "The operating system version of the image chosen for the VM cluster.", + "title": "SystemVersion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Vm Cluster.", + "title": "Tags", + "type": "array" + }, + "TimeZone": { + "markdownDescription": "The time zone of the VM cluster.", + "title": "TimeZone", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::CloudVmCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions": { + "AWS::ODB::CloudVmCluster.DataCollectionOptions": { "additionalProperties": false, "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" + "IsDiagnosticsEventsEnabled": { + "markdownDescription": "Specifies whether diagnostic collection is enabled for the VM cluster.", + "title": "IsDiagnosticsEventsEnabled", + "type": "boolean" + }, + "IsHealthMonitoringEnabled": { + "markdownDescription": "Specifies whether health monitoring is enabled for the VM cluster.", + "title": "IsHealthMonitoringEnabled", + "type": "boolean" + }, + "IsIncidentLogsEnabled": { + "markdownDescription": "Specifies whether incident logs are enabled for the VM cluster.", + "title": "IsIncidentLogsEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration": { + "AWS::ODB::OdbNetwork": { "additionalProperties": false, "properties": { - "BodySections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionConfiguration" - }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", - "type": "array" + "Condition": { + "type": "string" }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FooterSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HeaderSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone (AZ) where the ODB network is located.\n\nRequired when creating an ODB network. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the network.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneId": { + "markdownDescription": "The AZ ID of the AZ where the ODB network is located.\n\nRequired when creating an ODB network. Specify either AvailabilityZone or AvailabilityZoneId to define the location of the network.", + "title": "AvailabilityZoneId", + "type": "string" + }, + "BackupSubnetCidr": { + "markdownDescription": "The CIDR range of the backup subnet in the ODB network.", + "title": "BackupSubnetCidr", + "type": "string" + }, + "ClientSubnetCidr": { + "markdownDescription": "The CIDR range of the client subnet in the ODB network.\n\nRequired when creating an ODB network.", + "title": "ClientSubnetCidr", + "type": "string" + }, + "DefaultDnsPrefix": { + "markdownDescription": "The DNS prefix to the default DNS domain name. The default DNS domain name is oraclevcn.com.", + "title": "DefaultDnsPrefix", + "type": "string" + }, + "DeleteAssociatedResources": { + "markdownDescription": "Specifies whether to delete associated OCI networking resources along with the ODB network.\n\nRequired when creating an ODB network.", + "title": "DeleteAssociatedResources", + "type": "boolean" + }, + "DisplayName": { + "markdownDescription": "The user-friendly name of the ODB network.\n\nRequired when creating an ODB network.", + "title": "DisplayName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the Odb Network.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ODB::OdbNetwork" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions": { + "AWS::OSIS::Pipeline": { "additionalProperties": false, "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" + "Condition": { + "type": "string" }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BufferOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.BufferOptions", + "markdownDescription": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) .", + "title": "BufferOptions" + }, + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.EncryptionAtRestOptions", + "markdownDescription": "Options to control how OpenSearch encrypts buffer data.", + "title": "EncryptionAtRestOptions" + }, + "LogPublishingOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.LogPublishingOptions", + "markdownDescription": "Key-value pairs that represent log publishing settings.", + "title": "LogPublishingOptions" + }, + "MaxUnits": { + "markdownDescription": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).", + "title": "MaxUnits", + "type": "number" + }, + "MinUnits": { + "markdownDescription": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).", + "title": "MinUnits", + "type": "number" + }, + "PipelineConfigurationBody": { + "markdownDescription": "The Data Prepper pipeline configuration in YAML format.", + "title": "PipelineConfigurationBody", + "type": "string" + }, + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "List of tags to add to the pipeline upon creation.", + "title": "Tags", + "type": "array" + }, + "VpcOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", + "markdownDescription": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint.", + "title": "VpcOptions" + } + }, + "required": [ + "MaxUnits", + "MinUnits", + "PipelineConfigurationBody", + "PipelineName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OSIS::Pipeline" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionLayoutConfiguration": { + "AWS::OSIS::Pipeline.BufferOptions": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" + "PersistentBufferEnabled": { + "markdownDescription": "Whether persistent buffering should be enabled.", + "title": "PersistentBufferEnabled", + "type": "boolean" } }, "required": [ - "FreeFormLayout" + "PersistentBufferEnabled" ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionPageBreakConfiguration": { + "AWS::OSIS::Pipeline.CloudWatchLogDestination": { "additionalProperties": false, "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" + "LogGroup": { + "markdownDescription": "The name of the CloudWatch Logs group to send pipeline logs to. You can specify an existing log group or create a new one. For example, `/aws/vendedlogs/OpenSearchService/pipelines` .", + "title": "LogGroup", + "type": "string" } }, + "required": [ + "LogGroup" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SectionStyle": { + "AWS::OSIS::Pipeline.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key used to encrypt buffer data. By default, data is encrypted using an AWS owned key.", + "title": "KmsKeyArn", "type": "string" - }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" } }, + "required": [ + "KmsKeyArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration": { + "AWS::OSIS::Pipeline.LogPublishingOptions": { "additionalProperties": false, "properties": { - "SheetVisualScopingConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetVisualScopingConfiguration" - }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", - "type": "array" + "CloudWatchLogDestination": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.CloudWatchLogDestination", + "markdownDescription": "The destination for OpenSearch Ingestion logs sent to Amazon CloudWatch Logs. This parameter is required if `IsLoggingEnabled` is set to `true` .", + "title": "CloudWatchLogDestination" + }, + "IsLoggingEnabled": { + "markdownDescription": "Whether logs should be published.", + "title": "IsLoggingEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SeriesItem": { + "AWS::OSIS::Pipeline.VpcAttachmentOptions": { "additionalProperties": false, "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" + "AttachToVpc": { + "markdownDescription": "Whether a VPC is attached to the pipeline.", + "title": "AttachToVpc", + "type": "boolean" }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" + "CidrBlock": { + "markdownDescription": "The CIDR block to be reserved for OpenSearch Ingestion to create elastic network interfaces (ENIs).", + "title": "CidrBlock", + "type": "string" } }, + "required": [ + "AttachToVpc", + "CidrBlock" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SetParameterValueConfiguration": { + "AWS::OSIS::Pipeline.VpcEndpoint": { "additionalProperties": false, "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", + "VpcEndpointId": { + "markdownDescription": "The unique identifier of the endpoint.", + "title": "VpcEndpointId", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" + "VpcId": { + "markdownDescription": "The ID for your VPC. AWS PrivateLink generates this value when you create a VPC.", + "title": "VpcId", + "type": "string" + }, + "VpcOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", + "markdownDescription": "Information about the VPC, including associated subnets and security groups.", + "title": "VpcOptions" } }, - "required": [ - "DestinationParameterName", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ShapeConditionalFormat": { + "AWS::OSIS::Pipeline.VpcOptions": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security groups associated with the VPC endpoint.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs associated with the VPC endpoint.", + "title": "SubnetIds", + "type": "array" + }, + "VpcAttachmentOptions": { + "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcAttachmentOptions", + "markdownDescription": "Options for attaching a VPC to a pipeline.", + "title": "VpcAttachmentOptions" + }, + "VpcEndpointManagement": { + "markdownDescription": "Defines whether you or Amazon OpenSearch Ingestion service create and manage the VPC endpoint configured for the pipeline.", + "title": "VpcEndpointManagement", + "type": "string" } }, "required": [ - "BackgroundColor" + "SubnetIds" ], "type": "object" }, - "AWS::QuickSight::Analysis.Sheet": { + "AWS::Oam::Link": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "Condition": { "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LabelTemplate": { + "markdownDescription": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`\n\n> In the and Regions, the only supported option is to use custom labels, and the `$AccountName` , `$AccountEmail` , and `$AccountEmailNoDomain` variables all resolve as *account-id* instead of the specified variable.", + "title": "LabelTemplate", + "type": "string" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkConfiguration", + "markdownDescription": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account.", + "title": "LinkConfiguration" + }, + "ResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` .", + "title": "ResourceTypes", + "type": "array" + }, + "SinkIdentifier": { + "markdownDescription": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks.", + "title": "SinkIdentifier", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to the link.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ResourceTypes", + "SinkIdentifier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Oam::Link" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions": { + "AWS::Oam::Link.LinkConfiguration": { "additionalProperties": false, "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", - "type": "string" + "LogGroupConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", + "markdownDescription": "Use this structure to filter which log groups are to share log events from this source account to the monitoring account.", + "title": "LogGroupConfiguration" }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", - "type": "string" + "MetricConfiguration": { + "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", + "markdownDescription": "Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account.", + "title": "MetricConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Analysis.SheetControlLayout": { + "AWS::Oam::Link.LinkFilter": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" + "Filter": { + "markdownDescription": "When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account\n\nWhen used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.\n\nUse single quotation marks (') around log group names and metric namespaces.\n\nThe matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .\n\n- `=` and `!=`\n- `AND`\n- `OR`\n- `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.\n- `IN` and `NOT IN` , using parentheses `( )`\n\nExamples:\n\n- `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.\n- `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.\n- `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.\n- `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .\n- `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .\n- `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .\n\n> If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account.", + "title": "Filter", + "type": "string" } }, "required": [ - "Configuration" + "Filter" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetControlLayoutConfiguration": { + "AWS::Oam::Sink": { "additionalProperties": false, "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A name for the sink.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The IAM policy that grants permissions to source accounts to link to this sink. The policy can grant permission in the following ways:\n\n- Include organization IDs or organization paths to permit all accounts in an organization\n- Include account IDs to permit the specified accounts", + "title": "Policy", + "type": "object" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "An array of key-value pairs to apply to the sink.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Oam::Sink" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetDefinition": { + "AWS::Omics::AnnotationStore": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", + "Condition": { "type": "string" }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FilterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterControl" - }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", - "type": "array" - }, - "Layouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Layout" - }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterControl" - }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", - "type": "array" + "Metadata": { + "type": "object" }, - "SheetControlLayouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayout" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the Annotation Store.", + "title": "Name", + "type": "string" + }, + "Reference": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.ReferenceItem", + "markdownDescription": "The genome reference for the store's annotations.", + "title": "Reference" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.SseConfig", + "markdownDescription": "The store's server-side encryption (SSE) settings.", + "title": "SseConfig" + }, + "StoreFormat": { + "markdownDescription": "The annotation file format of the store.", + "title": "StoreFormat", + "type": "string" + }, + "StoreOptions": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.StoreOptions", + "markdownDescription": "File parsing options for the annotation store.", + "title": "StoreOptions" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", - "type": "array" + "required": [ + "Name", + "StoreFormat" + ], + "type": "object" }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", + "Type": { + "enum": [ + "AWS::Omics::AnnotationStore" + ], "type": "string" }, - "TextBoxes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetTextBox" - }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", - "type": "array" - }, - "Title": { - "markdownDescription": "The title of the sheet.", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "Visuals": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.Visual" - }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", - "type": "array" } }, "required": [ - "SheetId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetElementConfigurationOverrides": { + "AWS::Omics::AnnotationStore.ReferenceItem": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", + "ReferenceArn": { + "markdownDescription": "The reference's ARN.", + "title": "ReferenceArn", "type": "string" } }, + "required": [ + "ReferenceArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetElementRenderingRule": { + "AWS::Omics::AnnotationStore.SseConfig": { "additionalProperties": false, "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", "type": "string" } }, "required": [ - "ConfigurationOverrides", - "Expression" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetTextBox": { + "AWS::Omics::AnnotationStore.StoreOptions": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", - "type": "string" - }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", - "type": "string" + "TsvStoreOptions": { + "$ref": "#/definitions/AWS::Omics::AnnotationStore.TsvStoreOptions", + "markdownDescription": "Formatting options for a TSV file.", + "title": "TsvStoreOptions" } }, "required": [ - "SheetTextBoxId" + "TsvStoreOptions" ], "type": "object" }, - "AWS::QuickSight::Analysis.SheetVisualScopingConfiguration": { + "AWS::Omics::AnnotationStore.TsvStoreOptions": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", - "type": "string" - }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", + "AnnotationType": { + "markdownDescription": "The store's annotation type.", + "title": "AnnotationType", "type": "string" }, - "VisualIds": { - "items": { - "type": "string" + "FormatToHeader": { + "additionalProperties": true, + "markdownDescription": "The store's header key to column name mapping.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", - "type": "array" + "title": "FormatToHeader", + "type": "object" + }, + "Schema": { + "markdownDescription": "The schema of an annotation store.", + "title": "Schema", + "type": "object" } }, - "required": [ - "Scope", - "SheetId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ShortFormatText": { + "AWS::Omics::ReferenceStore": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "Condition": { "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SimpleClusterMarker": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SliderControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.SmallMultiplesAxisProperties": { - "additionalProperties": false, - "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::ReferenceStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::ReferenceStore" + ], "type": "string" }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SmallMultiplesOptions": { + "AWS::Omics::ReferenceStore.SseConfig": { "additionalProperties": false, "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", - "type": "number" - }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", - "type": "number" - }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" - }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", + "type": "string" }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.Spacing": { + "AWS::Omics::RunGroup": { "additionalProperties": false, "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", + "Condition": { "type": "string" }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.StringDefaultValues": { - "additionalProperties": false, - "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Metadata": { + "type": "object" }, - "StaticValues": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "MaxCpus": { + "markdownDescription": "The group's maximum CPU count setting.", + "title": "MaxCpus", + "type": "number" + }, + "MaxDuration": { + "markdownDescription": "The group's maximum duration setting in minutes.", + "title": "MaxDuration", + "type": "number" + }, + "MaxGpus": { + "markdownDescription": "The maximum GPUs that can be used by a run group.", + "title": "MaxGpus", + "type": "number" + }, + "MaxRuns": { + "markdownDescription": "The group's maximum concurrent run setting.", + "title": "MaxRuns", + "type": "number" + }, + "Name": { + "markdownDescription": "The group's name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.StringFormatConfiguration": { - "additionalProperties": false, - "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "type": "object" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.StringParameter": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A display name for a string parameter.", - "title": "Name", + "Type": { + "enum": [ + "AWS::Omics::RunGroup" + ], "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values of a string parameter.", - "title": "Values", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "Values" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.StringParameterDeclaration": { + "AWS::Omics::SequenceStore": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Condition": { + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessLogLocation": { + "markdownDescription": "Location of the access logs.", + "title": "AccessLogLocation", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "ETagAlgorithmFamily": { + "markdownDescription": "The algorithm family of the ETag.", + "title": "ETagAlgorithmFamily", + "type": "string" + }, + "FallbackLocation": { + "markdownDescription": "An S3 location that is used to store files that have failed a direct upload.", + "title": "FallbackLocation", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "PropagatedSetLevelTags": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "PropagatedSetLevelTags", + "type": "array" + }, + "S3AccessPolicy": { + "markdownDescription": "", + "title": "S3AccessPolicy", + "type": "object" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::SequenceStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "required": [ + "Name" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Type": { + "enum": [ + "AWS::Omics::SequenceStore" + ], "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, "required": [ - "Name", - "ParameterValueType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration": { + "AWS::Omics::SequenceStore.SseConfig": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.SubtotalOptions": { + "AWS::Omics::VariantStore": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldLevelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions" - }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" + "Metadata": { + "type": "object" }, - "StyleTargets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableStyleTarget" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the store.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the store.", + "title": "Name", + "type": "string" + }, + "Reference": { + "$ref": "#/definitions/AWS::Omics::VariantStore.ReferenceItem", + "markdownDescription": "The genome reference for the store's variants.", + "title": "Reference" + }, + "SseConfig": { + "$ref": "#/definitions/AWS::Omics::VariantStore.SseConfig", + "markdownDescription": "Server-side encryption (SSE) settings for the store.", + "title": "SseConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the store.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" + "required": [ + "Name", + "Reference" + ], + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", + "Type": { + "enum": [ + "AWS::Omics::VariantStore" + ], "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableAggregatedFieldWells": { + "AWS::Omics::VariantStore.ReferenceItem": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "ReferenceArn": { + "markdownDescription": "The reference's ARN.", + "title": "ReferenceArn", + "type": "string" } }, + "required": [ + "ReferenceArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableBorderOptions": { + "AWS::Omics::VariantStore.SseConfig": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", + "KeyArn": { + "markdownDescription": "An encryption key ARN.", + "title": "KeyArn", "type": "string" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", + "Type": { + "markdownDescription": "The encryption type.", + "title": "Type", "type": "string" - }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", - "type": "number" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableCellConditionalFormatting": { + "AWS::Omics::Workflow": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "Condition": { "type": "string" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Accelerators": { + "markdownDescription": "", + "title": "Accelerators", + "type": "string" + }, + "DefinitionUri": { + "markdownDescription": "The URI of a definition for the workflow.", + "title": "DefinitionUri", + "type": "string" + }, + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "An engine for the workflow.", + "title": "Engine", + "type": "string" + }, + "Main": { + "markdownDescription": "The path of the main definition file for the workflow.", + "title": "Main", + "type": "string" + }, + "Name": { + "markdownDescription": "The workflow's name.", + "title": "Name", + "type": "string" + }, + "ParameterTemplate": { + "additionalProperties": false, + "markdownDescription": "The workflow's parameter template.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Omics::Workflow.WorkflowParameter" + } + }, + "title": "ParameterTemplate", + "type": "object" + }, + "StorageCapacity": { + "markdownDescription": "The default static storage capacity (in gibibytes) for runs that use this workflow or workflow version. The `storageCapacity` can be overwritten at run time. The storage capacity is not required for runs with a `DYNAMIC` storage type.", + "title": "StorageCapacity", + "type": "number" + }, + "StorageType": { + "markdownDescription": "", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags for the workflow.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Omics::Workflow" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FieldId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableCellImageSizingConfiguration": { + "AWS::Omics::Workflow.WorkflowParameter": { "additionalProperties": false, "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", "type": "string" + }, + "Optional": { + "markdownDescription": "Whether the parameter is optional.", + "title": "Optional", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableCellStyle": { + "AWS::Omics::WorkflowVersion": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", - "title": "BackgroundColor", + "Condition": { "type": "string" }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", - "type": "string" + "Metadata": { + "type": "object" }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Accelerators": { + "markdownDescription": "", + "title": "Accelerators", + "type": "string" + }, + "DefinitionUri": { + "markdownDescription": "", + "title": "DefinitionUri", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the workflow version.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "", + "title": "Engine", + "type": "string" + }, + "Main": { + "markdownDescription": "", + "title": "Main", + "type": "string" + }, + "ParameterTemplate": { + "additionalProperties": false, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::Omics::WorkflowVersion.WorkflowParameter" + } + }, + "title": "ParameterTemplate", + "type": "object" + }, + "StorageCapacity": { + "markdownDescription": "", + "title": "StorageCapacity", + "type": "number" + }, + "StorageType": { + "markdownDescription": "", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "VersionName": { + "markdownDescription": "The name of the workflow version.", + "title": "VersionName", + "type": "string" + }, + "WorkflowBucketOwnerId": { + "markdownDescription": "", + "title": "WorkflowBucketOwnerId", + "type": "string" + }, + "WorkflowId": { + "markdownDescription": "The workflow's ID.", + "title": "WorkflowId", + "type": "string" + } + }, + "required": [ + "VersionName", + "WorkflowId" + ], + "type": "object" }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", + "Type": { + "enum": [ + "AWS::Omics::WorkflowVersion" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableConditionalFormattingOption": { + "AWS::Omics::WorkflowVersion.WorkflowParameter": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" + "Description": { + "markdownDescription": "The parameter's description.", + "title": "Description", + "type": "string" }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" + "Optional": { + "markdownDescription": "Whether the parameter is optional.", + "title": "Optional", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableConfiguration": { + "AWS::OpenSearchServerless::AccessPolicy": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "TableInlineVisualizations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableInlineVisualization" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of access policy. Currently the only option is `data` .", + "title": "Type", + "type": "string" + } }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", - "type": "array" - }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldCustomIconContent": { - "additionalProperties": false, - "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", + "Type": { + "enum": [ + "AWS::OpenSearchServerless::AccessPolicy" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldCustomTextContent": { - "additionalProperties": false, - "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" }, - "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FontConfiguration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldImageConfiguration": { - "additionalProperties": false, - "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldLinkConfiguration": { + "AWS::OpenSearchServerless::Collection": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" + "Condition": { + "type": "string" }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the collection.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the collection.\n\nCollection names must meet the following criteria:\n\n- Starts with a lowercase letter\n- Unique to your account and AWS Region\n- Contains between 3 and 28 characters\n- Contains only lowercase letters a-z, the numbers 0-9, and the hyphen (-)", + "title": "Name", + "type": "string" + }, + "StandbyReplicas": { + "markdownDescription": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value.", + "title": "StandbyReplicas", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the collection.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::Collection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Content", - "Target" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration": { - "additionalProperties": false, - "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" - }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldOption": { + "AWS::OpenSearchServerless::Index": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CollectionEndpoint": { + "markdownDescription": "The endpoint for the collection.", + "title": "CollectionEndpoint", + "type": "string" + }, + "IndexName": { + "markdownDescription": "The name of the OpenSearch Serverless index.", + "title": "IndexName", + "type": "string" + }, + "Mappings": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Mappings", + "markdownDescription": "Index mappings for the OpenSearch Serverless index.", + "title": "Mappings" + }, + "Settings": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.IndexSettings", + "markdownDescription": "Index settings for the OpenSearch Serverless index.", + "title": "Settings" + } + }, + "required": [ + "CollectionEndpoint", + "IndexName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::Index" + ], "type": "string" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldOptions": { + "AWS::OpenSearchServerless::Index.Index": { "additionalProperties": false, "properties": { - "Order": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", - "type": "array" - }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" + "Knn": { + "markdownDescription": "Enable or disable k-nearest neighbor search capability.", + "title": "Knn", + "type": "boolean" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOption" - }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableFieldURLConfiguration": { - "additionalProperties": false, - "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" + "KnnAlgoParamEfSearch": { + "markdownDescription": "The size of the dynamic list for the nearest neighbors.", + "title": "KnnAlgoParamEfSearch", + "type": "number" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" + "RefreshInterval": { + "markdownDescription": "How often to perform a refresh operation. For example, 1s or 5s.", + "title": "RefreshInterval", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableFieldWells": { + "AWS::OpenSearchServerless::Index.IndexSettings": { "additionalProperties": false, "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" - }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" + "Index": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Index", + "markdownDescription": "Index settings.", + "title": "Index" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableInlineVisualization": { + "AWS::OpenSearchServerless::Index.Mappings": { "additionalProperties": false, "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" + "Properties": { + "additionalProperties": false, + "markdownDescription": "Nested fields within an object or nested field type.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.PropertyMapping" + } + }, + "title": "Properties", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableOptions": { + "AWS::OpenSearchServerless::Index.Method": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" - }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" - }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", + "Engine": { + "markdownDescription": "The k-NN search engine to use", + "title": "Engine", "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TablePaginatedReportOptions": { - "additionalProperties": false, - "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "Name": { + "markdownDescription": "The algorithm name for k-NN search.", + "title": "Name", "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "Parameters": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Parameters", + "markdownDescription": "Additional parameters for the k-NN algorithm.", + "title": "Parameters" + }, + "SpaceType": { + "markdownDescription": "The distance function used for k-NN search.", + "title": "SpaceType", "type": "string" } }, + "required": [ + "Engine", + "Name" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TablePinnedFieldOptions": { - "additionalProperties": false, - "properties": { - "PinnedLeftFields": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableRowConditionalFormatting": { + "AWS::OpenSearchServerless::Index.Parameters": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" + "EfConstruction": { + "markdownDescription": "The size of the dynamic list used during k-NN graph creation.", + "title": "EfConstruction", + "type": "number" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" + "M": { + "markdownDescription": "Number of neighbors to consider during k-NN search.", + "title": "M", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TableSideBorderOptions": { + "AWS::OpenSearchServerless::Index.PropertyMapping": { "additionalProperties": false, "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" + "Dimension": { + "markdownDescription": "Dimension size for vector fields, defines the number of dimensions in the vector.", + "title": "Dimension", + "type": "number" }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" + "Index": { + "markdownDescription": "Whether a field should be indexed.", + "title": "Index", + "type": "boolean" }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" + "Method": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.Method", + "markdownDescription": "Configuration for k-NN search method.", + "title": "Method" }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" + "Properties": { + "additionalProperties": false, + "markdownDescription": "Defines the fields within the mapping, including their types and configurations.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index.PropertyMapping" + } + }, + "title": "Properties", + "type": "object" }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" + "Type": { + "markdownDescription": "The field data type. Must be a valid OpenSearch field type.", + "title": "Type", + "type": "string" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" + "Value": { + "markdownDescription": "Default value for the field when not specified in a document.", + "title": "Value", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TableSortConfiguration": { + "AWS::OpenSearchServerless::LifecyclePolicy": { "additionalProperties": false, "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" + "Condition": { + "type": "string" }, - "RowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the lifecycle policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the lifecycle policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of lifecycle policy.", + "title": "Type", + "type": "string" + } }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableStyleTarget": { - "additionalProperties": false, - "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::LifecyclePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CellType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TableUnaggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" - }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TableVisual": { + "AWS::OpenSearchServerless::SecurityConfig": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the security configuration.", + "title": "Description", + "type": "string" + }, + "IamIdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.IamIdentityCenterConfigOptions", + "markdownDescription": "Describes IAM Identity Center options in the form of a key-value map.", + "title": "IamIdentityCenterOptions" + }, + "Name": { + "markdownDescription": "The name of the security configuration.", + "title": "Name", + "type": "string" + }, + "SamlOptions": { + "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions", + "markdownDescription": "SAML options for the security configuration in the form of a key-value map.", + "title": "SamlOptions" + }, + "Type": { + "markdownDescription": "The type of security configuration. Currently the only option is `saml` .", + "title": "Type", + "type": "string" + } + }, + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::OpenSearchServerless::SecurityConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.TextAreaControlDisplayOptions": { + "AWS::OpenSearchServerless::SecurityConfig.IamIdentityCenterConfigOptions": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "ApplicationArn": { + "markdownDescription": "The ARN of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationArn", + "type": "string" }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" + "ApplicationDescription": { + "markdownDescription": "The description of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationDescription", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TextConditionalFormat": { - "additionalProperties": false, - "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" + "ApplicationName": { + "markdownDescription": "The name of the IAM Identity Center application used to integrate with OpenSearch Serverless.", + "title": "ApplicationName", + "type": "string" }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" + "GroupAttribute": { + "markdownDescription": "The group attribute for this IAM Identity Center integration. Defaults to `GroupId` .", + "title": "GroupAttribute", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TextControlPlaceholderOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless.", + "title": "InstanceArn", + "type": "string" + }, + "UserAttribute": { + "markdownDescription": "The user attribute for this IAM Identity Center integration. Defaults to `UserId`", + "title": "UserAttribute", "type": "string" } }, + "required": [ + "InstanceArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TextFieldControlDisplayOptions": { + "AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "GroupAttribute": { + "markdownDescription": "The group attribute for this SAML integration.", + "title": "GroupAttribute", + "type": "string" }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "Metadata": { + "markdownDescription": "The XML IdP metadata file generated from your identity provider.", + "title": "Metadata", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.ThousandSeparatorOptions": { - "additionalProperties": false, - "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", + "OpenSearchServerlessEntityId": { + "markdownDescription": "Custom entity id attribute to override default entity id for this saml integration.", + "title": "OpenSearchServerlessEntityId", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", + "SessionTimeout": { + "markdownDescription": "The session timeout, in minutes. Default is 60 minutes (12 hours).", + "title": "SessionTimeout", + "type": "number" + }, + "UserAttribute": { + "markdownDescription": "A user attribute for this SAML integration.", + "title": "UserAttribute", "type": "string" } }, + "required": [ + "Metadata" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeBasedForecastProperties": { + "AWS::OpenSearchServerless::SecurityPolicy": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" + "Condition": { + "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" + "Metadata": { + "type": "object" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the security policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the policy.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The JSON policy document without any whitespaces.", + "title": "Policy", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of security policy. Can be either `encryption` or `network` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Policy", + "Type" + ], + "type": "object" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "Type": { + "enum": [ + "AWS::OpenSearchServerless::SecurityPolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeEqualityFilter": { + "AWS::OpenSearchServerless::VpcEndpoint": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the endpoint.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets from which you access OpenSearch Serverless.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC from which you access OpenSearch Serverless.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "Name", + "SubnetIds", + "VpcId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::VpcEndpoint" + ], "type": "string" }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeDrillDownFilter": { + "AWS::OpenSearchService::Application": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Condition": { + "type": "string" }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AppConfigs": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.AppConfig" + }, + "markdownDescription": "", + "title": "AppConfigs", + "type": "array" + }, + "DataSources": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.DataSource" + }, + "markdownDescription": "", + "title": "DataSources", + "type": "array" + }, + "Endpoint": { + "markdownDescription": "The endpoint URL of an OpenSearch application.", + "title": "Endpoint", + "type": "string" + }, + "IamIdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Application.IamIdentityCenterOptions", + "markdownDescription": "Settings container for integrating IAM Identity Center with OpenSearch UI applications, which enables enabling secure user authentication and access control across multiple data sources. This setup supports single sign-on (SSO) through IAM Identity Center, allowing centralized user management.", + "title": "IamIdentityCenterOptions" + }, + "Name": { + "markdownDescription": "The name of an OpenSearch application.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchService::Application" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeFilter": { + "AWS::OpenSearchService::Application.AppConfig": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "Key": { + "markdownDescription": "The configuration item to set, such as the admin role for the OpenSearch application.", + "title": "Key", "type": "string" }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" - }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Value": { + "markdownDescription": "The value assigned to the configuration key, such as an IAM user ARN.", + "title": "Value", "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "Key", + "Value" ], "type": "object" }, - "AWS::QuickSight::Analysis.TimeRangeFilterValue": { + "AWS::OpenSearchService::Application.DataSource": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", + "DataSourceArn": { + "markdownDescription": "", + "title": "DataSourceArn", "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" - }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", + "DataSourceDescription": { + "markdownDescription": "Detailed description of a data source.", + "title": "DataSourceDescription", "type": "string" } }, + "required": [ + "DataSourceArn" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TooltipItem": { - "additionalProperties": false, - "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" - }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TooltipOptions": { + "AWS::OpenSearchService::Application.IamIdentityCenterOptions": { "additionalProperties": false, "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" + "Enabled": { + "markdownDescription": "Indicates whether IAM Identity Center is enabled for the OpenSearch application.", + "title": "Enabled", + "type": "boolean" }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", + "IamIdentityCenterInstanceArn": { + "markdownDescription": "", + "title": "IamIdentityCenterInstanceArn", "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", + "IamRoleForIdentityCenterApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role assigned to the IAM Identity Center application for the OpenSearch application.", + "title": "IamRoleForIdentityCenterApplicationArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomFilter": { + "AWS::OpenSearchService::Domain": { "additionalProperties": false, "properties": { - "AggregationSortConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationSortConfiguration" - }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", - "type": "array" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "AccessPolicies": { + "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "AccessPolicies", + "type": "object" + }, + "AdvancedOptions": { + "additionalProperties": true, + "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdvancedOptions", + "type": "object" + }, + "AdvancedSecurityOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput", + "markdownDescription": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain.", + "title": "AdvancedSecurityOptions" + }, + "ClusterConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ClusterConfig", + "markdownDescription": "Container for the cluster configuration of a domain.", + "title": "ClusterConfig" + }, + "CognitoOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.CognitoOptions", + "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", + "title": "CognitoOptions" + }, + "DomainEndpointOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", + "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", + "title": "DomainEndpointOptions" + }, + "DomainName": { + "markdownDescription": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DomainName", + "type": "string" + }, + "EBSOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.EBSOptions", + "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "EBSOptions" + }, + "EncryptionAtRestOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.EncryptionAtRestOptions", + "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "EncryptionAtRestOptions" + }, + "EngineVersion": { + "markdownDescription": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", + "title": "EngineVersion", + "type": "string" + }, + "IPAddressType": { + "markdownDescription": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later.", + "title": "IPAddressType", + "type": "string" + }, + "IdentityCenterOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.IdentityCenterOptions", + "markdownDescription": "Configuration options for controlling IAM Identity Center integration within a domain.", + "title": "IdentityCenterOptions" + }, + "LogPublishingOptions": { + "additionalProperties": false, + "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.LogPublishingOption" + } + }, + "title": "LogPublishingOptions", + "type": "object" + }, + "NodeToNodeEncryptionOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions", + "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", + "title": "NodeToNodeEncryptionOptions" + }, + "OffPeakWindowOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindowOptions", + "markdownDescription": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.", + "title": "OffPeakWindowOptions" + }, + "SkipShardMigrationWait": { + "markdownDescription": "", + "title": "SkipShardMigrationWait", + "type": "boolean" + }, + "SnapshotOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SnapshotOptions", + "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes.", + "title": "SnapshotOptions" + }, + "SoftwareUpdateOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SoftwareUpdateOptions", + "markdownDescription": "Service software update options for the domain.", + "title": "SoftwareUpdateOptions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", + "title": "Tags", + "type": "array" + }, + "VPCOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.VPCOptions", + "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint.", + "title": "VPCOptions" + } + }, + "type": "object" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "Type": { + "enum": [ + "AWS::OpenSearchService::Domain" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomMoversComputation": { + "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "AnonymousAuthDisableDate": { + "markdownDescription": "Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", + "title": "AnonymousAuthDisableDate", "type": "string" }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", - "type": "number" + "AnonymousAuthEnabled": { + "markdownDescription": "True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", + "title": "AnonymousAuthEnabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "Enabled": { + "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) .", + "title": "Enabled", + "type": "boolean" }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", - "type": "string" + "InternalUserDatabaseEnabled": { + "markdownDescription": "True to enable the internal user database.", + "title": "InternalUserDatabaseEnabled", + "type": "boolean" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "JWTOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.JWTOptions", + "markdownDescription": "Container for information about the JWT configuration of the Amazon OpenSearch Service.", + "title": "JWTOptions" }, - "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", - "title": "Type", - "type": "string" + "MasterUserOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.MasterUserOptions", + "markdownDescription": "Specifies information about the master user.", + "title": "MasterUserOptions" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "SAMLOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.SAMLOptions", + "markdownDescription": "Container for information about the SAML configuration for OpenSearch Dashboards.", + "title": "SAMLOptions" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TopBottomRankedComputation": { + "AWS::OpenSearchService::Domain.ClusterConfig": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" + "ColdStorageOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ColdStorageOptions", + "markdownDescription": "Container for cold storage configuration options.", + "title": "ColdStorageOptions" }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "DedicatedMasterCount": { + "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property.", + "title": "DedicatedMasterCount", + "type": "number" + }, + "DedicatedMasterEnabled": { + "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", + "title": "DedicatedMasterEnabled", + "type": "boolean" + }, + "DedicatedMasterType": { + "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "DedicatedMasterType", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "InstanceCount": { + "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", + "title": "InstanceType", "type": "string" }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", + "MultiAZWithStandbyEnabled": { + "markdownDescription": "Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) .", + "title": "MultiAZWithStandbyEnabled", + "type": "boolean" + }, + "NodeOptions": { + "items": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeOption" + }, + "markdownDescription": "List of node options for the domain.", + "title": "NodeOptions", + "type": "array" + }, + "WarmCount": { + "markdownDescription": "The number of warm nodes in the cluster.", + "title": "WarmCount", "type": "number" }, - "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", + "WarmEnabled": { + "markdownDescription": "Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) .", + "title": "WarmEnabled", + "type": "boolean" + }, + "WarmType": { + "markdownDescription": "The instance type for the cluster's warm nodes.", + "title": "WarmType", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "ZoneAwarenessConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.ZoneAwarenessConfig", + "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", + "title": "ZoneAwarenessConfig" + }, + "ZoneAwarenessEnabled": { + "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", + "title": "ZoneAwarenessEnabled", + "type": "boolean" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationComputation": { + "AWS::OpenSearchService::Domain.CognitoOptions": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Enabled": { + "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", + "title": "Enabled", + "type": "boolean" + }, + "IdentityPoolId": { + "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "IdentityPoolId", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "RoleArn": { + "markdownDescription": "The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "RoleArn", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UserPoolId": { + "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", + "title": "UserPoolId", + "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationFunction": { + "AWS::OpenSearchService::Domain.ColdStorageOptions": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", - "type": "string" + "Enabled": { + "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage.", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TotalAggregationOption": { + "AWS::OpenSearchService::Domain.DomainEndpointOptions": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", + "CustomEndpoint": { + "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpoint", "type": "string" }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" + "CustomEndpointCertificateArn": { + "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", + "title": "CustomEndpointCertificateArn", + "type": "string" + }, + "CustomEndpointEnabled": { + "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", + "title": "CustomEndpointEnabled", + "type": "boolean" + }, + "EnforceHTTPS": { + "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "EnforceHTTPS", + "type": "boolean" + }, + "TLSSecurityPolicy": { + "markdownDescription": "The minimum TLS version required for traffic to the domain. The policy can be one of the following values:\n\n- *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2\n- *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2\n- *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites", + "title": "TLSSecurityPolicy", + "type": "string" } }, - "required": [ - "FieldId", - "TotalAggregationFunction" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TotalOptions": { + "AWS::OpenSearchService::Domain.EBSOptions": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", - "type": "string" + "EBSEnabled": { + "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", + "title": "EBSEnabled", + "type": "boolean" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", - "type": "string" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types.", + "title": "Iops", + "type": "number" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", - "type": "array" + "Throughput": { + "markdownDescription": "The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type.", + "title": "Throughput", + "type": "number" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" + "VolumeSize": { + "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", + "title": "VolumeSize", + "type": "number" }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "VolumeType": { + "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", + "title": "VolumeType", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells": { + "AWS::OpenSearchService::Domain.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", - "type": "array" - }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", - "type": "array" + "Enabled": { + "markdownDescription": "Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "Enabled", + "type": "boolean" }, - "Sizes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", - "type": "array" + "KmsKeyId": { + "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", + "title": "KmsKeyId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapConfiguration": { + "AWS::OpenSearchService::Domain.IdentityCenterOptions": { "additionalProperties": false, "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" - }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "EnabledAPIAccess": { + "markdownDescription": "Indicates whether IAM Identity Center is enabled for the application.", + "title": "EnabledAPIAccess", + "type": "boolean" }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" + "IdentityCenterApplicationARN": { + "markdownDescription": "The ARN of the IAM Identity Center application that integrates with Amazon OpenSearch Service.", + "title": "IdentityCenterApplicationARN", + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "IdentityCenterInstanceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance.", + "title": "IdentityCenterInstanceARN", + "type": "string" }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" + "IdentityStoreId": { + "markdownDescription": "The identifier of the IAM Identity Store.", + "title": "IdentityStoreId", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", - "title": "SortConfiguration" + "RolesKey": { + "markdownDescription": "Specifies the attribute that contains the backend role identifier (such as group name or group ID) in IAM Identity Center.", + "title": "RolesKey", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.TreeMapFieldWells": { - "additionalProperties": false, - "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" + "SubjectKey": { + "markdownDescription": "Specifies the attribute that contains the subject identifier (such as username, user ID, or email) in IAM Identity Center.", + "title": "SubjectKey", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapSortConfiguration": { + "AWS::OpenSearchService::Domain.Idp": { "additionalProperties": false, "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" + "EntityId": { + "markdownDescription": "The unique entity ID of the application in the SAML identity provider.", + "title": "EntityId", + "type": "string" }, - "TreeMapSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", - "type": "array" + "MetadataContent": { + "markdownDescription": "The metadata of the SAML application, in XML format.", + "title": "MetadataContent", + "type": "string" } }, + "required": [ + "EntityId", + "MetadataContent" + ], "type": "object" }, - "AWS::QuickSight::Analysis.TreeMapVisual": { + "AWS::OpenSearchService::Domain.JWTOptions": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "Enabled": { + "markdownDescription": "", + "title": "Enabled", + "type": "boolean" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "PublicKey": { + "markdownDescription": "", + "title": "PublicKey", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "RolesKey": { + "markdownDescription": "", + "title": "RolesKey", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "SubjectKey": { + "markdownDescription": "", + "title": "SubjectKey", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.TrendArrowOptions": { + "AWS::OpenSearchService::Domain.LogPublishingOption": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", - "title": "Visibility", + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing.", + "title": "CloudWatchLogsLogGroupArn", "type": "string" + }, + "Enabled": { + "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.UnaggregatedField": { + "AWS::OpenSearchService::Domain.MasterUserOptions": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" + "MasterUserARN": { + "markdownDescription": "Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "MasterUserARN", + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "MasterUserName": { + "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", + "title": "MasterUserName", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "MasterUserPassword": { + "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", + "title": "MasterUserPassword", + "type": "string" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.UniqueValuesComputation": { + "AWS::OpenSearchService::Domain.NodeConfig": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" + "Count": { + "markdownDescription": "The number of nodes of a specific type within the cluster.", + "title": "Count", + "type": "number" }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "Enabled": { + "markdownDescription": "A boolean value indicating whether a specific node type is active or inactive.", + "title": "Enabled", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Type": { + "markdownDescription": "The instance type of a particular node within the cluster.", + "title": "Type", "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Analysis.ValidationStrategy": { + "AWS::OpenSearchService::Domain.NodeOption": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", + "NodeConfig": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeConfig", + "markdownDescription": "Configuration options for defining the setup of any node type.", + "title": "NodeConfig" + }, + "NodeType": { + "markdownDescription": "Defines the type of node, such as coordinating nodes.", + "title": "NodeType", "type": "string" } }, - "required": [ - "Mode" - ], "type": "object" }, - "AWS::QuickSight::Analysis.VisibleRangeOptions": { + "AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions": { "additionalProperties": false, "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" + "Enabled": { + "markdownDescription": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", + "title": "Enabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.Visual": { + "AWS::OpenSearchService::Domain.OffPeakWindow": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" - }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" - }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" - }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" - }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" - }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" - }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" - }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" - }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" - }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" - }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" - }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" - }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" - }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" - }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" - }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" - }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" - }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" - }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" - }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" - }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "WindowStartTime": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.WindowStartTime", + "markdownDescription": "The desired start time for an off-peak maintenance window.", + "title": "WindowStartTime" + } + }, + "type": "object" + }, + "AWS::OpenSearchService::Domain.OffPeakWindowOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether off-peak window settings are enabled for the domain.", + "title": "Enabled", + "type": "boolean" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" + "OffPeakWindow": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindow", + "markdownDescription": "Off-peak window settings for the domain.", + "title": "OffPeakWindow" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualCustomAction": { + "AWS::OpenSearchService::Domain.SAMLOptions": { "additionalProperties": false, "properties": { - "ActionOperations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomActionOperation" - }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", - "type": "array" + "Enabled": { + "markdownDescription": "True to enable SAML authentication for a domain.", + "title": "Enabled", + "type": "boolean" }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", + "Idp": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.Idp", + "markdownDescription": "The SAML Identity Provider's information.", + "title": "Idp" + }, + "MasterBackendRole": { + "markdownDescription": "The backend role that the SAML master user is mapped to.", + "title": "MasterBackendRole", "type": "string" }, - "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", - "title": "Name", + "MasterUserName": { + "markdownDescription": "The SAML master user name, which is stored in the domain's internal user database.", + "title": "MasterUserName", "type": "string" }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", + "RolesKey": { + "markdownDescription": "Element of the SAML assertion to use for backend roles. Default is `roles` .", + "title": "RolesKey", "type": "string" }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", + "SessionTimeoutMinutes": { + "markdownDescription": "The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.", + "title": "SessionTimeoutMinutes", + "type": "number" + }, + "SubjectKey": { + "markdownDescription": "Element of the SAML assertion to use for the user name. Default is `NameID` .", + "title": "SubjectKey", "type": "string" } }, - "required": [ - "ActionOperations", - "CustomActionId", - "Name", - "Trigger" - ], "type": "object" }, - "AWS::QuickSight::Analysis.VisualCustomActionOperation": { + "AWS::OpenSearchService::Domain.ServiceSoftwareOptions": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" + "AutomatedUpdateDate": { + "markdownDescription": "The timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software.", + "title": "AutomatedUpdateDate", + "type": "string" }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" + "Cancellable": { + "markdownDescription": "True if you're able to cancel your service software version update. False if you can't cancel your service software update.", + "title": "Cancellable", + "type": "boolean" }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" + "CurrentVersion": { + "markdownDescription": "The current service software version present on the domain.", + "title": "CurrentVersion", + "type": "string" }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.VisualPalette": { - "additionalProperties": false, - "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", + "Description": { + "markdownDescription": "A description of the service software update status.", + "title": "Description", "type": "string" }, - "ColorMap": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathColor" - }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", - "type": "array" + "NewVersion": { + "markdownDescription": "The new service software version, if one is available.", + "title": "NewVersion", + "type": "string" + }, + "OptionalDeployment": { + "markdownDescription": "True if a service software is never automatically updated. False if a service software is automatically updated after the automated update date.", + "title": "OptionalDeployment", + "type": "boolean" + }, + "UpdateAvailable": { + "markdownDescription": "True if you're able to update your service software version. False if you can't update your service software version.", + "title": "UpdateAvailable", + "type": "boolean" + }, + "UpdateStatus": { + "markdownDescription": "The status of your service software update.", + "title": "UpdateStatus", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualSubtitleLabelOptions": { + "AWS::OpenSearchService::Domain.SnapshotOptions": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" - }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", - "type": "string" + "AutomatedSnapshotStartHour": { + "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", + "title": "AutomatedSnapshotStartHour", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.VisualTitleLabelOptions": { + "AWS::OpenSearchService::Domain.SoftwareUpdateOptions": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" - }, - "Visibility": { - "markdownDescription": "The visibility of the title label.", - "title": "Visibility", - "type": "string" + "AutoSoftwareUpdateEnabled": { + "markdownDescription": "Specifies whether automatic service software updates are enabled for the domain.", + "title": "AutoSoftwareUpdateEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells": { + "AWS::OpenSearchService::Domain.VPCOptions": { "additionalProperties": false, "properties": { - "Breakdowns": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + "type": "string" }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", - "type": "array" - }, - "Categories": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", + "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", "type": "array" }, - "Values": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a waterfall visual.", - "title": "Values", + "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nIf you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error \"You must specify exactly one subnet\" during template creation.", + "title": "SubnetIds", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartConfiguration": { + "AWS::OpenSearchService::Domain.WindowStartTime": { "additionalProperties": false, "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" - }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", - "title": "SortConfiguration" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", - "title": "VisualPalette" + "Hours": { + "markdownDescription": "The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23.", + "title": "Hours", + "type": "number" }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" + "Minutes": { + "markdownDescription": "The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59.", + "title": "Minutes", + "type": "number" } }, + "required": [ + "Hours", + "Minutes" + ], "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartFieldWells": { + "AWS::OpenSearchService::Domain.ZoneAwarenessConfig": { "additionalProperties": false, "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" + "AvailabilityZoneCount": { + "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", + "title": "AvailabilityZoneCount", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WaterfallChartOptions": { + "AWS::OpsWorks::App": { "additionalProperties": false, "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.WaterfallChartSortConfiguration": { - "additionalProperties": false, - "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.WaterfallVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", - "title": "ChartConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "AppSource": { + "$ref": "#/definitions/AWS::OpsWorks::App.Source", + "markdownDescription": "A `Source` object that specifies the app repository.", + "title": "AppSource" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key/value pairs to be added to the stack attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "DataSources": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::App.DataSource" + }, + "markdownDescription": "The app's data source.", + "title": "DataSources", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the app.", + "title": "Description", + "type": "string" + }, + "Domains": { + "items": { + "type": "string" + }, + "markdownDescription": "The app virtual host settings, with multiple domains separated by commas. For example: `'www.example.com, example.com'`", + "title": "Domains", + "type": "array" + }, + "EnableSsl": { + "markdownDescription": "Whether to enable SSL for the app.", + "title": "EnableSsl", + "type": "boolean" + }, + "Environment": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::App.EnvironmentVariable" + }, + "markdownDescription": "An array of `EnvironmentVariable` objects that specify environment variables to be associated with the app. After you deploy the app, these variables are defined on the associated app server instance. For more information, see [Environment Variables](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html#workingapps-creating-environment) .\n\nThere is no specific limit on the number of environment variables. However, the size of the associated data structure - which includes the variables' names, values, and protected flag values - cannot exceed 20 KB. This limit should accommodate most if not all use cases. Exceeding it will cause an exception with the message, \"Environment: is too large (maximum is 20KB).\"\n\n> If you have specified one or more environment variables, you cannot modify the stack's Chef version.", + "title": "Environment", + "type": "array" + }, + "Name": { + "markdownDescription": "The app name.", + "title": "Name", + "type": "string" + }, + "Shortname": { + "markdownDescription": "The app's short name.", + "title": "Shortname", + "type": "string" + }, + "SslConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::App.SslConfiguration", + "markdownDescription": "An `SslConfiguration` object with the SSL configuration.", + "title": "SslConfiguration" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + }, + "Type": { + "markdownDescription": "The app type. Each supported type is associated with a particular layer. For example, PHP applications are associated with a PHP layer. AWS OpsWorks Stacks deploys an application to those instances that are members of the corresponding layer. If your app isn't one of the standard types, or you prefer to implement your own Deploy recipes, specify `other` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "StackId", + "Type" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::OpsWorks::App" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Analysis.WhatIfPointScenario": { + "AWS::OpsWorks::App.DataSource": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", + "Arn": { + "markdownDescription": "The data source's ARN.", + "title": "Arn", "type": "string" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", - "title": "Value", - "type": "number" + "DatabaseName": { + "markdownDescription": "The database name.", + "title": "DatabaseName", + "type": "string" + }, + "Type": { + "markdownDescription": "The data source's type, `AutoSelectOpsworksMysqlInstance` , `OpsworksMysqlInstance` , `RdsDbInstance` , or `None` .", + "title": "Type", + "type": "string" } }, - "required": [ - "Date", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Analysis.WhatIfRangeScenario": { + "AWS::OpsWorks::App.EnvironmentVariable": { "additionalProperties": false, "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", + "Key": { + "markdownDescription": "(Required) The environment variable's name, which can consist of up to 64 characters and must be specified. The name can contain upper- and lowercase letters, numbers, and underscores (_), but it must start with a letter or underscore.", + "title": "Key", "type": "string" }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", - "type": "string" + "Secure": { + "markdownDescription": "(Optional) Whether the variable's value is returned by the `DescribeApps` action. To hide an environment variable's value, set `Secure` to `true` . `DescribeApps` returns `*****FILTERED*****` instead of the actual value. The default value for `Secure` is `false` .", + "title": "Secure", + "type": "boolean" }, "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", + "markdownDescription": "(Optional) The environment variable's value, which can be left empty. If you specify a value, it can contain up to 256 characters, which must all be printable.", "title": "Value", - "type": "number" + "type": "string" } }, "required": [ - "EndDate", - "StartDate", + "Key", "Value" ], "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" - }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" - }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.WordCloudChartConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", - "title": "SortConfiguration" - }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.WordCloudFieldWells": { - "additionalProperties": false, - "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Analysis.WordCloudOptions": { + "AWS::OpsWorks::App.Source": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", + "Password": { + "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "Password", "type": "string" }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" + "Revision": { + "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", + "title": "Revision", + "type": "string" }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", + "SshKey": { + "markdownDescription": "In requests, the repository's SSH key.\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "SshKey", "type": "string" }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", + "Type": { + "markdownDescription": "The repository type.", + "title": "Type", "type": "string" }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", + "Url": { + "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", + "title": "Url", "type": "string" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", + "Username": { + "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", + "title": "Username", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudSortConfiguration": { + "AWS::OpsWorks::App.SslConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" + "Certificate": { + "markdownDescription": "The contents of the certificate's domain.crt file.", + "title": "Certificate", + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "CategorySort", - "type": "array" + "Chain": { + "markdownDescription": "Optional. Can be used to specify an intermediate certificate authority key or client authentication.", + "title": "Chain", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The private key; the contents of the certificate's domain.kex file.", + "title": "PrivateKey", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Analysis.WordCloudVisual": { + "AWS::OpsWorks::ElasticLoadBalancerAttachment": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "ElasticLoadBalancerName": { + "markdownDescription": "The Elastic Load Balancing instance name.", + "title": "ElasticLoadBalancerName", + "type": "string" + }, + "LayerId": { + "markdownDescription": "The AWS OpsWorks layer ID to which the Elastic Load Balancing load balancer is attached.", + "title": "LayerId", + "type": "string" + } + }, + "required": [ + "ElasticLoadBalancerName", + "LayerId" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::OpsWorks::ElasticLoadBalancerAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard": { + "AWS::OpsWorks::Instance": { "additionalProperties": false, "properties": { "Condition": { @@ -195255,96 +206866,134 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you want to create the dashboard.", - "title": "AwsAccountId", + "AgentVersion": { + "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- `INHERIT` - Use the stack's default agent version setting.\n- *version_number* - Use the specified agent version. This value overrides the stack's default setting. To update the agent version, edit the instance configuration and specify a new version. AWS OpsWorks Stacks installs that version on the instance.\n\nThe default setting is `INHERIT` . To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.", + "title": "AgentVersion", "type": "string" }, - "DashboardId": { - "markdownDescription": "The ID for the dashboard, also added to the IAM policy.", - "title": "DashboardId", + "AmiId": { + "markdownDescription": "A custom AMI ID to be used to create the instance. The AMI should be based on one of the supported operating systems. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\n> If you specify a custom AMI, you must set `Os` to `Custom` .", + "title": "AmiId", "type": "string" }, - "DashboardPublishOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardPublishOptions", - "markdownDescription": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default.", - "title": "DashboardPublishOptions" + "Architecture": { + "markdownDescription": "The instance architecture. The default option is `x86_64` . Instance types do not necessarily support both architectures. For a list of the architectures that are supported by the different instance types, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) .", + "title": "Architecture", + "type": "string" }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVersionDefinition", - "markdownDescription": "", - "title": "Definition" + "AutoScalingType": { + "markdownDescription": "For load-based or time-based instances, the type. Windows stacks can use only time-based instances.", + "title": "AutoScalingType", + "type": "string" }, - "LinkEntities": { + "AvailabilityZone": { + "markdownDescription": "The Availability Zone of the AWS OpsWorks instance, such as `us-east-2a` .", + "title": "AvailabilityZone", + "type": "string" + }, + "BlockDeviceMappings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::OpsWorks::Instance.BlockDeviceMapping" }, - "markdownDescription": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard.", - "title": "LinkEntities", + "markdownDescription": "An array of `BlockDeviceMapping` objects that specify the instance's block devices. For more information, see [Block Device Mapping](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) . Note that block device mappings are not supported for custom AMIs.", + "title": "BlockDeviceMappings", "type": "array" }, - "LinkSharingConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LinkSharingConfiguration", - "markdownDescription": "A structure that contains the link sharing configurations that you want to apply overrides to.", - "title": "LinkSharingConfiguration" - }, - "Name": { - "markdownDescription": "The display name of the dashboard.", - "title": "Name", - "type": "string" - }, - "Parameters": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Parameters", - "markdownDescription": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values.", - "title": "Parameters" + "EbsOptimized": { + "markdownDescription": "Whether to create an Amazon EBS-optimized instance.", + "title": "EbsOptimized", + "type": "boolean" }, - "Permissions": { + "ElasticIps": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" + "type": "string" }, - "markdownDescription": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list.", - "title": "Permissions", + "markdownDescription": "A list of Elastic IP addresses to associate with the instance.", + "title": "ElasticIps", "type": "array" }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceEntity", - "markdownDescription": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.", - "title": "SourceEntity" + "Hostname": { + "markdownDescription": "The instance host name. The following are character limits for instance host names.\n\n- Linux-based instances: 63 characters\n- Windows-based instances: 15 characters", + "title": "Hostname", + "type": "string" }, - "Tags": { + "InstallUpdatesOnBoot": { + "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> We strongly recommend using the default value of `true` to ensure that your instances have the latest security updates.", + "title": "InstallUpdatesOnBoot", + "type": "boolean" + }, + "InstanceType": { + "markdownDescription": "The instance type, such as `t2.micro` . For a list of supported instance types, open the stack in the console, choose *Instances* , and choose *+ Instance* . The *Size* list contains the currently supported types. For more information, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) . The parameter values that you use to specify the various types are in the *API Name* column of the *Available Instance Types* table.", + "title": "InstanceType", + "type": "string" + }, + "LayerIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard.", - "title": "Tags", + "markdownDescription": "An array that contains the instance's layer IDs.", + "title": "LayerIds", "type": "array" }, - "ThemeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard.", - "title": "ThemeArn", + "Os": { + "markdownDescription": "The instance's operating system, which must be set to one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` .\n\nNot all operating systems are supported with all versions of Chef. For more information about the supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .\n\nThe default option is the current Amazon Linux version. If you set this parameter to `Custom` , you must use the `CreateInstance` action's AmiId parameter to specify the custom AMI that you want to use. Block device mappings are not supported if the value is `Custom` . For more information about how to use custom AMIs with AWS OpsWorks Stacks, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .", + "title": "Os", "type": "string" }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" + "RootDeviceType": { + "markdownDescription": "The instance root device type. For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", + "title": "RootDeviceType", + "type": "string" }, - "VersionDescription": { - "markdownDescription": "A description for the first version of the dashboard being created.", - "title": "VersionDescription", + "SshKeyName": { + "markdownDescription": "The instance's Amazon EC2 key-pair name.", + "title": "SshKeyName", + "type": "string" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the instance's subnet. If the stack is running in a VPC, you can use this parameter to override the stack's default subnet ID value and direct AWS OpsWorks Stacks to launch the instance in a different subnet.", + "title": "SubnetId", + "type": "string" + }, + "Tenancy": { + "markdownDescription": "The instance's tenancy option. The default option is no tenancy, or if the instance is running in a VPC, inherit tenancy settings from the VPC. The following are valid values for this parameter: `dedicated` , `default` , or `host` . Because there are costs associated with changes in tenancy options, we recommend that you research tenancy options before choosing them for your instances. For more information about dedicated hosts, see [Dedicated Hosts Overview](https://docs.aws.amazon.com/ec2/dedicated-hosts/) and [Amazon EC2 Dedicated Hosts](https://docs.aws.amazon.com/ec2/dedicated-hosts/) . For more information about dedicated instances, see [Dedicated Instances](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html) and [Amazon EC2 Dedicated Instances](https://docs.aws.amazon.com/ec2/purchasing-options/dedicated-instances/) .", + "title": "Tenancy", + "type": "string" + }, + "TimeBasedAutoScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.TimeBasedAutoScaling", + "markdownDescription": "The time-based scaling configuration for the instance.", + "title": "TimeBasedAutoScaling" + }, + "VirtualizationType": { + "markdownDescription": "The instance's virtualization type, `paravirtual` or `hvm` .", + "title": "VirtualizationType", "type": "string" + }, + "Volumes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS OpsWorks volume IDs to associate with the instance. For more information, see [`AWS::OpsWorks::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-volume.html) .", + "title": "Volumes", + "type": "array" } }, "required": [ - "AwsAccountId", - "DashboardId", - "Name" + "InstanceType", + "LayerIds", + "StackId" ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Dashboard" + "AWS::OpsWorks::Instance" ], "type": "string" }, @@ -195363,10998 +207012,14574 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.AdHocFilteringOption": { - "additionalProperties": false, - "properties": { - "AvailabilityStatus": { - "markdownDescription": "Availability status.", - "title": "AvailabilityStatus", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AggregationFunction": { + "AWS::OpsWorks::Instance.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" - }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", - "type": "string" - }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", + "DeviceName": { + "markdownDescription": "The device name that is exposed to the instance, such as `/dev/sdh` . For the root device, you can use the explicit device name or you can set this parameter to `ROOT_DEVICE` and AWS OpsWorks Stacks will provide the correct device name.", + "title": "DeviceName", "type": "string" }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AggregationSortConfiguration": { - "additionalProperties": false, - "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" + "Ebs": { + "$ref": "#/definitions/AWS::OpsWorks::Instance.EbsBlockDevice", + "markdownDescription": "An `EBSBlockDevice` that defines how to configure an Amazon EBS volume when the instance is launched. You can specify either the `VirtualName` or `Ebs` , but not both.", + "title": "Ebs" }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", - "type": "string" - } - }, - "required": [ - "Column", - "SortDirection" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.AnalysisDefaults": { - "additionalProperties": false, - "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" - } - }, - "required": [ - "DefaultNewSheetConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.AnchorDateConfiguration": { - "additionalProperties": false, - "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", + "NoDevice": { + "markdownDescription": "Suppresses the specified device included in the AMI's block device mapping.", + "title": "NoDevice", "type": "string" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", + "VirtualName": { + "markdownDescription": "The virtual device name. For more information, see [BlockDeviceMapping](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html) . You can specify either the `VirtualName` or `Ebs` , but not both.", + "title": "VirtualName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ArcAxisConfiguration": { + "AWS::OpsWorks::Instance.EbsBlockDevice": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" + "DeleteOnTermination": { + "markdownDescription": "Whether the volume is deleted on instance termination.", + "title": "DeleteOnTermination", + "type": "boolean" }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ArcAxisDisplayRange": { - "additionalProperties": false, - "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", + "title": "Iops", "type": "number" }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ArcConfiguration": { - "additionalProperties": false, - "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", + "SnapshotId": { + "markdownDescription": "The snapshot ID.", + "title": "SnapshotId", + "type": "string" + }, + "VolumeSize": { + "markdownDescription": "The volume size, in GiB. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", + "title": "VolumeSize", "type": "number" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ArcOptions": { - "additionalProperties": false, - "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", + "VolumeType": { + "markdownDescription": "The volume type. `gp2` for General Purpose (SSD) volumes, `io1` for Provisioned IOPS (SSD) volumes, `st1` for Throughput Optimized hard disk drives (HDD), `sc1` for Cold HDD,and `standard` for Magnetic volumes.\n\nIf you specify the `io1` volume type, you must also specify a value for the `Iops` attribute. The maximum ratio of provisioned IOPS to requested volume size (in GiB) is 50:1. AWS uses the default volume size (in GiB) specified in the AMI attributes to set IOPS to 50 x (volume size).", + "title": "VolumeType", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AssetOptions": { + "AWS::OpsWorks::Instance.TimeBasedAutoScaling": { "additionalProperties": false, "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", - "type": "string" + "Friday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Friday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Friday", + "type": "object" }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AttributeAggregationFunction": { - "additionalProperties": false, - "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", - "type": "string" + "Monday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Monday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Monday", + "type": "object" }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisDataOptions": { - "additionalProperties": false, - "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" + "Saturday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Saturday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Saturday", + "type": "object" }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", - "type": "number" + "Sunday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Sunday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Sunday", + "type": "object" }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", - "type": "number" + "Thursday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Thursday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Thursday", + "type": "object" + }, + "Tuesday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Tuesday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tuesday", + "type": "object" + }, + "Wednesday": { + "additionalProperties": true, + "markdownDescription": "The schedule for Wednesday.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Wednesday", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisDisplayOptions": { + "AWS::OpsWorks::Layer": { "additionalProperties": false, "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", + "Condition": { "type": "string" }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" - }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" + "Metadata": { + "type": "object" }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisDisplayRange": { - "additionalProperties": false, - "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", + "Properties": { + "additionalProperties": false, + "properties": { + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.\n\nTo create a cluster layer, set the `EcsClusterArn` attribute to the cluster's ARN.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "AutoAssignElasticIps": { + "markdownDescription": "Whether to automatically assign an [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", + "title": "AutoAssignElasticIps", + "type": "boolean" + }, + "AutoAssignPublicIps": { + "markdownDescription": "For stacks that are running in a VPC, whether to automatically assign a public IP address to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", + "title": "AutoAssignPublicIps", + "type": "boolean" + }, + "CustomInstanceProfileArn": { + "markdownDescription": "The ARN of an IAM profile to be used for the layer's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "CustomInstanceProfileArn", + "type": "string" + }, + "CustomJson": { + "markdownDescription": "A JSON-formatted string containing custom stack configuration and deployment attributes to be installed on the layer's instances. For more information, see [Using Custom JSON](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-json-override.html) . This feature is supported as of version 1.7.42 of the AWS CLI .", + "title": "CustomJson", + "type": "object" + }, + "CustomRecipes": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.Recipes", + "markdownDescription": "A `LayerCustomRecipes` object that specifies the layer custom recipes.", + "title": "CustomRecipes" + }, + "CustomSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array containing the layer custom security group IDs.", + "title": "CustomSecurityGroupIds", + "type": "array" + }, + "EnableAutoHealing": { + "markdownDescription": "Whether to disable auto healing for the layer.", + "title": "EnableAutoHealing", + "type": "boolean" + }, + "InstallUpdatesOnBoot": { + "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> To ensure that your instances have the latest security updates, we strongly recommend using the default value of `true` .", + "title": "InstallUpdatesOnBoot", + "type": "boolean" + }, + "LifecycleEventConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.LifecycleEventConfiguration", + "markdownDescription": "A `LifeCycleEventConfiguration` object that you can use to configure the Shutdown event to specify an execution timeout and enable or disable Elastic Load Balancer connection draining.", + "title": "LifecycleEventConfiguration" + }, + "LoadBasedAutoScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.LoadBasedAutoScaling", + "markdownDescription": "The load-based scaling configuration for the AWS OpsWorks layer.", + "title": "LoadBasedAutoScaling" + }, + "Name": { + "markdownDescription": "The layer name, which is used by the console. Layer names can be a maximum of 32 characters.", + "title": "Name", + "type": "string" + }, + "Packages": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of `Package` objects that describes the layer packages.", + "title": "Packages", + "type": "array" + }, + "Shortname": { + "markdownDescription": "For custom layers only, use this parameter to specify the layer's short name, which is used internally by AWS OpsWorks Stacks and by Chef recipes. The short name is also used as the name for the directory where your app files are installed. It can have a maximum of 32 characters, which are limited to the alphanumeric characters, '-', '_', and '.'.\n\nBuilt-in layer short names are defined by AWS OpsWorks Stacks. For more information, see the [Layer Reference](https://docs.aws.amazon.com/opsworks/latest/userguide/layers.html) .", + "title": "Shortname", + "type": "string" + }, + "StackId": { + "markdownDescription": "The layer stack ID.", + "title": "StackId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies one or more sets of tags (key\u2013value pairs) to associate with this AWS OpsWorks layer. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The layer type. A stack cannot have more than one built-in layer of the same type. It can have any number of custom layers. Built-in layers are not available in Chef 12 stacks.", + "title": "Type", + "type": "string" + }, + "UseEbsOptimizedInstances": { + "markdownDescription": "Whether to use Amazon EBS-optimized instances.", + "title": "UseEbsOptimizedInstances", + "type": "boolean" + }, + "VolumeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.VolumeConfiguration" + }, + "markdownDescription": "A `VolumeConfigurations` object that describes the layer's Amazon EBS volumes.", + "title": "VolumeConfigurations", + "type": "array" + } + }, + "required": [ + "AutoAssignElasticIps", + "AutoAssignPublicIps", + "EnableAutoHealing", + "Name", + "Shortname", + "StackId", + "Type" + ], "type": "object" }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisLabelOptions": { - "additionalProperties": false, - "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" - }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", + "Type": { + "enum": [ + "AWS::OpsWorks::Layer" + ], "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisLabelReferenceOptions": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", - "title": "FieldId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.AxisLinearScale": { + "AWS::OpsWorks::Layer.AutoScalingThresholds": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", + "CpuThreshold": { + "markdownDescription": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.", + "title": "CpuThreshold", "type": "number" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", + "IgnoreMetricsTime": { + "markdownDescription": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events. For example, AWS OpsWorks Stacks adds new instances following an upscaling event but the instances won't start reducing the load until they have been booted and configured. There is no point in raising additional scaling events during that operation, which typically takes several minutes. `IgnoreMetricsTime` allows you to direct AWS OpsWorks Stacks to suppress scaling events long enough to get the new instances online.", + "title": "IgnoreMetricsTime", "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.AxisLogarithmicScale": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", + }, + "InstanceCount": { + "markdownDescription": "The number of instances to add or remove when the load exceeds a threshold.", + "title": "InstanceCount", + "type": "number" + }, + "LoadThreshold": { + "markdownDescription": "The load threshold. A value of -1 disables the threshold. For more information about how load is computed, see [Load (computing)](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Load_%28computing%29) .", + "title": "LoadThreshold", + "type": "number" + }, + "MemoryThreshold": { + "markdownDescription": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.", + "title": "MemoryThreshold", + "type": "number" + }, + "ThresholdsWaitTime": { + "markdownDescription": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.", + "title": "ThresholdsWaitTime", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisScale": { + "AWS::OpsWorks::Layer.LifecycleEventConfiguration": { "additionalProperties": false, "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" - }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" + "ShutdownEventConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.ShutdownEventConfiguration", + "markdownDescription": "The Shutdown event configuration.", + "title": "ShutdownEventConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.AxisTickLabelOptions": { + "AWS::OpsWorks::Layer.LoadBasedAutoScaling": { "additionalProperties": false, "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" + "DownScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", + "markdownDescription": "An `AutoScalingThresholds` object that describes the downscaling configuration, which defines how and when AWS OpsWorks Stacks reduces the number of instances.", + "title": "DownScaling" }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" + "Enable": { + "markdownDescription": "Whether load-based auto scaling is enabled for the layer.", + "title": "Enable", + "type": "boolean" + }, + "UpScaling": { + "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", + "markdownDescription": "An `AutoScalingThresholds` object that describes the upscaling configuration, which defines how and when AWS OpsWorks Stacks increases the number of instances.", + "title": "UpScaling" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells": { + "AWS::OpsWorks::Layer.Recipes": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", - "title": "Category", - "type": "array" - }, - "Colors": { + "Configure": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "type": "string" }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", + "markdownDescription": "An array of custom recipe names to be run following a `configure` event.", + "title": "Configure", "type": "array" }, - "SmallMultiples": { + "Deploy": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "type": "string" }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", + "markdownDescription": "An array of custom recipe names to be run following a `deploy` event.", + "title": "Deploy", "type": "array" }, - "Values": { + "Setup": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", - "title": "Values", + "markdownDescription": "An array of custom recipe names to be run following a `setup` event.", + "title": "Setup", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BarChartConfiguration": { - "additionalProperties": false, - "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" - }, - "ContributionAnalysisDefaults": { + "Shutdown": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + "type": "string" }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", + "markdownDescription": "An array of custom recipe names to be run following a `shutdown` event.", + "title": "Shutdown", "type": "array" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", - "type": "string" - }, - "ReferenceLines": { + "Undeploy": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + "type": "string" }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", + "markdownDescription": "An array of custom recipe names to be run following a `undeploy` event.", + "title": "Undeploy", "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", - "title": "ValueLabelOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartFieldWells": { + "AWS::OpsWorks::Layer.ShutdownEventConfiguration": { "additionalProperties": false, "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" + "DelayUntilElbConnectionsDrained": { + "markdownDescription": "Whether to enable Elastic Load Balancing connection draining. For more information, see [Connection Draining](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#conn-drain)", + "title": "DelayUntilElbConnectionsDrained", + "type": "boolean" + }, + "ExecutionTimeout": { + "markdownDescription": "The time, in seconds, that AWS OpsWorks Stacks waits after triggering a Shutdown event before shutting down an instance.", + "title": "ExecutionTimeout", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartSortConfiguration": { + "AWS::OpsWorks::Layer.VolumeConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", - "title": "CategoryItemsLimit" + "Encrypted": { + "markdownDescription": "Specifies whether an Amazon EBS volume is encrypted. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) .", + "title": "Encrypted", + "type": "boolean" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of category fields.", - "title": "CategorySort", - "type": "array" + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) to provision for the volume. For PIOPS volumes, the IOPS per disk.\n\nIf you specify `io1` for the volume type, you must specify this property.", + "title": "Iops", + "type": "number" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" + "MountPoint": { + "markdownDescription": "The volume mount point. For example \"/dev/sdh\".", + "title": "MountPoint", + "type": "string" }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", - "type": "array" + "NumberOfDisks": { + "markdownDescription": "The number of disks in the volume.", + "title": "NumberOfDisks", + "type": "number" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "RaidLevel": { + "markdownDescription": "The volume [RAID level](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Standard_RAID_levels) .", + "title": "RaidLevel", + "type": "number" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "Size": { + "markdownDescription": "The volume size.", + "title": "Size", + "type": "number" + }, + "VolumeType": { + "markdownDescription": "The volume type. For more information, see [Amazon EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) .\n\n- `standard` - Magnetic. Magnetic volumes must have a minimum size of 1 GiB and a maximum size of 1024 GiB.\n- `io1` - Provisioned IOPS (SSD). PIOPS volumes must have a minimum size of 4 GiB and a maximum size of 16384 GiB.\n- `gp2` - General Purpose (SSD). General purpose volumes must have a minimum size of 1 GiB and a maximum size of 16384 GiB.\n- `st1` - Throughput Optimized hard disk drive (HDD). Throughput optimized HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.\n- `sc1` - Cold HDD. Cold HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.", + "title": "VolumeType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BarChartVisual": { + "AWS::OpsWorks::Stack": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "AgentVersion": { + "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- Auto-update - Set this parameter to `LATEST` . AWS OpsWorks Stacks automatically installs new agent versions on the stack's instances as soon as they are available.\n- Fixed version - Set this parameter to your preferred agent version. To update the agent version, you must edit the stack configuration and specify a new version. AWS OpsWorks Stacks installs that version on the stack's instances.\n\nThe default setting is the most recent release of the agent. To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.\n\n> You can also specify an agent version when you create or update an instance, which overrides the stack's default setting.", + "title": "AgentVersion", + "type": "string" + }, + "Attributes": { + "additionalProperties": true, + "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Attributes", + "type": "object" + }, + "ChefConfiguration": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.ChefConfiguration", + "markdownDescription": "A `ChefConfiguration` object that specifies whether to enable Berkshelf and the Berkshelf version on Chef 11.10 stacks. For more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", + "title": "ChefConfiguration" + }, + "CloneAppIds": { + "items": { + "type": "string" + }, + "markdownDescription": "If you're cloning an AWS OpsWorks stack, a list of AWS OpsWorks application stack IDs from the source stack to include in the cloned stack.", + "title": "CloneAppIds", + "type": "array" + }, + "ClonePermissions": { + "markdownDescription": "If you're cloning an AWS OpsWorks stack, indicates whether to clone the source stack's permissions.", + "title": "ClonePermissions", + "type": "boolean" + }, + "ConfigurationManager": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.StackConfigurationManager", + "markdownDescription": "The configuration manager. When you create a stack we recommend that you use the configuration manager to specify the Chef version: 12, 11.10, or 11.4 for Linux stacks, or 12.2 for Windows stacks. The default value for Linux stacks is currently 12.", + "title": "ConfigurationManager" + }, + "CustomCookbooksSource": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.Source", + "markdownDescription": "Contains the information required to retrieve an app or cookbook from a repository. For more information, see [Adding Apps](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html) or [Cookbooks and Recipes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook.html) .", + "title": "CustomCookbooksSource" + }, + "CustomJson": { + "markdownDescription": "A string that contains user-defined, custom JSON. It can be used to override the corresponding default stack configuration attribute values or to pass data to recipes. The string should be in the following format:\n\n`\"{\\\"key1\\\": \\\"value1\\\", \\\"key2\\\": \\\"value2\\\",...}\"`\n\nFor more information about custom JSON, see [Use Custom JSON to Modify the Stack Configuration Attributes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-json.html) .", + "title": "CustomJson", + "type": "object" + }, + "DefaultAvailabilityZone": { + "markdownDescription": "The stack's default Availability Zone, which must be in the specified region. For more information, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html) . If you also specify a value for `DefaultSubnetId` , the subnet must be in the same zone. For more information, see the `VpcId` parameter description.", + "title": "DefaultAvailabilityZone", + "type": "string" + }, + "DefaultInstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM profile that is the default profile for all of the stack's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "DefaultInstanceProfileArn", + "type": "string" + }, + "DefaultOs": { + "markdownDescription": "The stack's default operating system, which is installed on every instance unless you specify a different operating system when you create the instance. You can specify one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` . You specify the custom AMI you want to use when you create instances. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\nThe default option is the current Amazon Linux version. Not all operating systems are supported with all versions of Chef. For more information about supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .", + "title": "DefaultOs", + "type": "string" + }, + "DefaultRootDeviceType": { + "markdownDescription": "The default root device type. This value is the default for all instances in the stack, but you can override it when you create an instance. The default option is `instance-store` . For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", + "title": "DefaultRootDeviceType", + "type": "string" + }, + "DefaultSshKeyName": { + "markdownDescription": "A default Amazon EC2 key pair name. The default value is none. If you specify a key pair name, AWS OpsWorks installs the public key on the instance and you can use the private key with an SSH client to log in to the instance. For more information, see [Using SSH to Communicate with an Instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-ssh.html) and [Managing SSH Access](https://docs.aws.amazon.com/opsworks/latest/userguide/security-ssh-access.html) . You can override this setting by specifying a different key pair, or no key pair, when you [create an instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-add.html) .", + "title": "DefaultSshKeyName", + "type": "string" + }, + "DefaultSubnetId": { + "markdownDescription": "The stack's default subnet ID. All instances are launched into this subnet unless you specify another subnet ID when you create the instance. This parameter is required if you specify a value for the `VpcId` parameter. If you also specify a value for `DefaultAvailabilityZone` , the subnet must be in that zone.", + "title": "DefaultSubnetId", + "type": "string" + }, + "EcsClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Elastic Container Service ( Amazon ECS ) cluster to register with the AWS OpsWorks stack.\n\n> If you specify a cluster that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the cluster.", + "title": "EcsClusterArn", + "type": "string" + }, + "ElasticIps": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.ElasticIp" + }, + "markdownDescription": "A list of Elastic IP addresses to register with the AWS OpsWorks stack.\n\n> If you specify an IP address that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the IP address.", + "title": "ElasticIps", + "type": "array" + }, + "HostnameTheme": { + "markdownDescription": "The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. By default, `HostnameTheme` is set to `Layer_Dependent` , which creates host names by appending integers to the layer's short name. The other themes are:\n\n- `Baked_Goods`\n- `Clouds`\n- `Europe_Cities`\n- `Fruits`\n- `Greek_Deities_and_Titans`\n- `Legendary_creatures_from_Japan`\n- `Planets_and_Moons`\n- `Roman_Deities`\n- `Scottish_Islands`\n- `US_Cities`\n- `Wild_Cats`\n\nTo obtain a generated host name, call `GetHostNameSuggestion` , which returns a host name based on the current theme.", + "title": "HostnameTheme", + "type": "string" + }, + "Name": { + "markdownDescription": "The stack name. Stack names can be a maximum of 64 characters.", + "title": "Name", + "type": "string" + }, + "RdsDbInstances": { + "items": { + "$ref": "#/definitions/AWS::OpsWorks::Stack.RdsDbInstance" + }, + "markdownDescription": "The Amazon Relational Database Service ( Amazon RDS ) database instance to register with the AWS OpsWorks stack.\n\n> If you specify a database instance that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the database instance.", + "title": "RdsDbInstances", + "type": "array" + }, + "ServiceRoleArn": { + "markdownDescription": "The stack's IAM role, which allows AWS OpsWorks Stacks to work with AWS resources on your behalf. You must set this parameter to the Amazon Resource Name (ARN) for an existing IAM role. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", + "title": "ServiceRoleArn", + "type": "string" + }, + "SourceStackId": { + "markdownDescription": "If you're cloning an AWS OpsWorks stack, the stack ID of the source AWS OpsWorks stack to clone.", + "title": "SourceStackId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values that are attached to a stack or layer.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- Leading and trailing white spaces are trimmed from both the key and value.\n- A maximum of 40 tags is allowed for any resource.", + "title": "Tags", + "type": "array" + }, + "UseCustomCookbooks": { + "markdownDescription": "Whether the stack uses custom cookbooks.", + "title": "UseCustomCookbooks", + "type": "boolean" + }, + "UseOpsworksSecurityGroups": { + "markdownDescription": "Whether to associate the AWS OpsWorks Stacks built-in security groups with the stack's layers.\n\nAWS OpsWorks Stacks provides a standard set of built-in security groups, one for each layer, which are associated with layers by default. With `UseOpsworksSecurityGroups` you can instead provide your own custom security groups. `UseOpsworksSecurityGroups` has the following settings:\n\n- True - AWS OpsWorks Stacks automatically associates the appropriate built-in security group with each layer (default setting). You can associate additional security groups with a layer after you create it, but you cannot delete the built-in security group.\n- False - AWS OpsWorks Stacks does not associate built-in security groups with layers. You must create appropriate EC2 security groups and associate a security group with each layer that you create. However, you can still manually associate a built-in security group with a layer on creation; custom security groups are required only for those layers that need custom settings.\n\nFor more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", + "title": "UseOpsworksSecurityGroups", + "type": "boolean" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC that the stack is to be launched into. The VPC must be in the stack's region. All instances are launched into this VPC. You cannot change the ID later.\n\n- If your account supports EC2-Classic, the default value is `no VPC` .\n- If your account does not support EC2-Classic, the default value is the default VPC for the specified region.\n\nIf the VPC ID corresponds to a default VPC and you have specified either the `DefaultAvailabilityZone` or the `DefaultSubnetId` parameter only, AWS OpsWorks Stacks infers the value of the other parameter. If you specify neither parameter, AWS OpsWorks Stacks sets these parameters to the first valid Availability Zone for the specified region and the corresponding default VPC subnet ID, respectively.\n\nIf you specify a nondefault VPC ID, note the following:\n\n- It must belong to a VPC in your account that is in the specified region.\n- You must specify a value for `DefaultSubnetId` .\n\nFor more information about how to use AWS OpsWorks Stacks with a VPC, see [Running a Stack in a VPC](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-vpc.html) . For more information about default VPC and EC2-Classic, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "DefaultInstanceProfileArn", + "Name", + "ServiceRoleArn" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::OpsWorks::Stack" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.BinCountOptions": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BinWidthOptions": { + "AWS::OpsWorks::Stack.ChefConfiguration": { "additionalProperties": false, "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" + "BerkshelfVersion": { + "markdownDescription": "The Berkshelf version.", + "title": "BerkshelfVersion", + "type": "string" }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", - "type": "number" + "ManageBerkshelf": { + "markdownDescription": "Whether to enable Berkshelf.", + "title": "ManageBerkshelf", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BodySectionConfiguration": { + "AWS::OpsWorks::Stack.ElasticIp": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" - }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" - }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", + "Ip": { + "markdownDescription": "The IP address.", + "title": "Ip", "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" + "Name": { + "markdownDescription": "The name, which can be a maximum of 32 characters.", + "title": "Name", + "type": "string" } }, "required": [ - "Content", - "SectionId" + "Ip" ], "type": "object" }, - "AWS::QuickSight::Dashboard.BodySectionContent": { - "additionalProperties": false, - "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells": { + "AWS::OpsWorks::Stack.RdsDbInstance": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", - "type": "array" + "DbPassword": { + "markdownDescription": "AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "DbPassword", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" + "DbUser": { + "markdownDescription": "The master user name.", + "title": "DbUser", + "type": "string" + }, + "RdsDbInstanceArn": { + "markdownDescription": "The instance's ARN.", + "title": "RdsDbInstanceArn", + "type": "string" } }, + "required": [ + "DbPassword", + "DbUser", + "RdsDbInstanceArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotChartConfiguration": { + "AWS::OpsWorks::Stack.Source": { "additionalProperties": false, "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" + "Password": { + "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", + "title": "Password", + "type": "string" }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" + "Revision": { + "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", + "title": "Revision", + "type": "string" }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "SshKey": { + "markdownDescription": "The repository's SSH key. For more information, see [Using Git Repository SSH Keys](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-deploykeys.html) in the *AWS OpsWorks User Guide* . To pass in an SSH key as a parameter, see the following example:\n\n`\"Parameters\" : { \"GitSSHKey\" : { \"Description\" : \"Change SSH key newlines to commas.\", \"Type\" : \"CommaDelimitedList\", \"NoEcho\" : \"true\" }, ... \"CustomCookbooksSource\": { \"Revision\" : { \"Ref\": \"GitRevision\"}, \"SshKey\" : { \"Fn::Join\" : [ \"\\n\", { \"Ref\": \"GitSSHKey\"} ] }, \"Type\": \"git\", \"Url\": { \"Ref\": \"GitURL\"} } ...`", + "title": "SshKey", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" + "Type": { + "markdownDescription": "The repository type.", + "title": "Type", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Url": { + "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", + "title": "Url", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "Username": { + "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", + "title": "Username", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotFieldWells": { + "AWS::OpsWorks::Stack.StackConfigurationManager": { "additionalProperties": false, "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" + "Name": { + "markdownDescription": "The name. This parameter must be set to `Chef` .", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The Chef version. This parameter must be set to 12, 11.10, or 11.4 for Linux stacks, and to 12.2 for Windows stacks. The default value for Linux stacks is 12.", + "title": "Version", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotOptions": { + "AWS::OpsWorks::UserProfile": { "additionalProperties": false, "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", + "Condition": { "type": "string" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BoxPlotSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowSelfManagement": { + "markdownDescription": "Whether users can specify their own SSH public key through the My Settings page. For more information, see [Managing User Permissions](https://docs.aws.amazon.com/opsworks/latest/userguide/security-settingsshkey.html) .", + "title": "AllowSelfManagement", + "type": "boolean" + }, + "IamUserArn": { + "markdownDescription": "The user's IAM ARN.", + "title": "IamUserArn", + "type": "string" + }, + "SshPublicKey": { + "markdownDescription": "The user's SSH public key.", + "title": "SshPublicKey", + "type": "string" + }, + "SshUsername": { + "markdownDescription": "The user's SSH user name.", + "title": "SshUsername", + "type": "string" + } }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "required": [ + "IamUserArn" + ], + "type": "object" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.BoxPlotStyleOptions": { - "additionalProperties": false, - "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", + "Type": { + "enum": [ + "AWS::OpsWorks::UserProfile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.BoxPlotVisual": { + "AWS::OpsWorks::Volume": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "Ec2VolumeId": { + "markdownDescription": "The Amazon EC2 volume ID.", + "title": "Ec2VolumeId", + "type": "string" + }, + "MountPoint": { + "markdownDescription": "The volume mount point. For example, \"/mnt/disk1\".", + "title": "MountPoint", + "type": "string" + }, + "Name": { + "markdownDescription": "The volume name. Volume names are a maximum of 128 characters.", + "title": "Name", + "type": "string" + }, + "StackId": { + "markdownDescription": "The stack ID.", + "title": "StackId", + "type": "string" + } + }, + "required": [ + "Ec2VolumeId", + "StackId" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::OpsWorks::Volume" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CalculatedField": { + "AWS::OpsWorksCM::Server": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", + "Condition": { "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Name": { - "markdownDescription": "The name of the calculated field.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "DataSetIdentifier", - "Expression", - "Name" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.CalculatedMeasureField": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssociatePublicIpAddress": { + "markdownDescription": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` .", + "title": "AssociatePublicIpAddress", + "type": "boolean" + }, + "BackupId": { + "markdownDescription": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId.", + "title": "BackupId", + "type": "string" + }, + "BackupRetentionCount": { + "markdownDescription": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` .", + "title": "BackupRetentionCount", + "type": "number" + }, + "CustomCertificate": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate\u2019s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` .", + "title": "CustomCertificate", + "type": "string" + }, + "CustomDomain": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` .", + "title": "CustomDomain", + "type": "string" + }, + "CustomPrivateKey": { + "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` .", + "title": "CustomPrivateKey", + "type": "string" + }, + "DisableAutomatedBackup": { + "markdownDescription": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` .", + "title": "DisableAutomatedBackup", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` .", + "title": "Engine", + "type": "string" + }, + "EngineAttributes": { + "items": { + "$ref": "#/definitions/AWS::OpsWorksCM::Server.EngineAttribute" + }, + "markdownDescription": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^&+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key.", + "title": "EngineAttributes", + "type": "array" + }, + "EngineModel": { + "markdownDescription": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef.", + "title": "EngineModel", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` .", + "title": "EngineVersion", + "type": "string" + }, + "InstanceProfileArn": { + "markdownDescription": "The ARN of the instance profile that your Amazon EC2 instances use.", + "title": "InstanceProfileArn", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The Amazon EC2 instance type to use. For example, `m5.large` .", + "title": "InstanceType", + "type": "string" + }, + "KeyPair": { + "markdownDescription": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH.", + "title": "KeyPair", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServerName": { + "markdownDescription": "The name of the server. The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters.", + "title": "ServerName", + "type": "string" + }, + "ServiceRoleArn": { + "markdownDescription": "The service role that the AWS OpsWorks CM service backend uses to work with your account.", + "title": "ServiceRoleArn", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "InstanceProfileArn", + "InstanceType", + "ServiceRoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpsWorksCM::Server" + ], "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Expression", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CascadingControlConfiguration": { - "additionalProperties": false, - "properties": { - "SourceControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlSource" - }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.CascadingControlSource": { + "AWS::OpsWorksCM::Server.EngineAttribute": { "additionalProperties": false, "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" + "Name": { + "markdownDescription": "The name of the engine attribute.\n\n*Attribute name for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_ADMIN_PASSWORD`\n\n*Attribute names for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD`\n- `PUPPET_R10K_REMOTE`\n- `PUPPET_R10K_PRIVATE_KEY`", + "title": "Name", + "type": "string" }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", + "Value": { + "markdownDescription": "The value of the engine attribute.\n\n*Attribute value for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers.\n\n`openssl genrsa -out *pivotal_key_file_name* .pem 2048`\n\nOn Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com.\n\n*Attribute values for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CategoricalDimensionField": { + "AWS::Organizations::Account": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" + "Condition": { + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountName": { + "markdownDescription": "The account name given to the account when it was created.", + "title": "AccountName", + "type": "string" + }, + "Email": { + "markdownDescription": "The email address associated with the AWS account.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for this parameter is a string of characters that represents a standard internet email address.", + "title": "Email", + "type": "string" + }, + "ParentIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique identifier (ID) of the root or organizational unit (OU) that you want to create the new account in. If you don't specify this parameter, the `ParentId` defaults to the root ID.\n\nThis parameter only accepts a string array with one string value.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "ParentIds", + "type": "array" + }, + "RoleName": { + "markdownDescription": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.\n\nIf you don't specify this parameter, the role name defaults to `OrganizationAccountAccessRole` .\n\nFor more information about how to use this role to access the member account, see the following links:\n\n- [Creating the OrganizationAccountAccessRole in an invited member account](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) in the *AWS Organizations User Guide*\n- Steps 2 and 3 in [IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) in the *IAM User Guide*\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-", + "title": "RoleName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the maximum allowed number of tags for an account, then the entire request fails and the account is not created.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AccountName", + "Email" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Account" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoricalMeasureField": { + "AWS::Organizations::Organization": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "Condition": { "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "FeatureSet": { + "markdownDescription": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.\n\n- `ALL` In addition to all the features supported by the consolidated billing feature set, the management account gains access to advanced features that give you more control over accounts in your organization. For more information, see [All features](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all) in the *AWS Organizations User Guide* .\n- `CONSOLIDATED_BILLING` All member accounts have their bills consolidated to and paid by the management account. For more information, see [Consolidated billing](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only) in the *AWS Organizations User Guide* .\n\n> The consolidated billing feature feature set isn't available for organizations in the AWS GovCloud (US) Region.\n\nIf you don't specify this property, the default value is `ALL` .", + "title": "FeatureSet", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Organization" + ], "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryDrillDownFilter": { + "AWS::Organizations::OrganizationalUnit": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The friendly name of this OU.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "title": "Name", + "type": "string" + }, + "ParentId": { + "markdownDescription": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in.\n\n> To update the `ParentId` parameter value, you must first remove all accounts attached to the organizational unit (OU). OUs can't be moved within the organization with accounts still attached. \n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "ParentId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created OU. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for an OU, then the entire request fails and the OU is not created.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", - "type": "array" + "required": [ + "Name", + "ParentId" + ], + "type": "object" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Type": { + "enum": [ + "AWS::Organizations::OrganizationalUnit" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "CategoryValues", - "Column" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryFilter": { + "AWS::Organizations::Policy": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Condition": { + "type": "string" }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The policy text content. You can specify the policy content as a JSON object or a JSON string.\n\n> When you specify the policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the policy content as a JSON object instead. \n\nThe text that you supply must adhere to the rules of the policy type you specify in the `Type` parameter. The following AWS Organizations quotas are enforced for the maximum size of a policy document:\n\n- Service control policies: 5,120 characters\n- Resource control policies: 5,120 characters\n- Declarative policies: 10,000 characters\n- Backup policies: 10,000 characters\n- Tag policies: 10,000 characters\n- Chat applications policies: 10,000 characters\n- AI services opt-out policies: 2,500 characters\n\nFor more information about Organizations service quotas, see [Quotas for AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) in the *AWS Organizations User Guide* .", + "title": "Content", + "type": "object" + }, + "Description": { + "markdownDescription": "Human readable description of the policy.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the policy.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for a policy, then the entire request fails and the policy is not created.", + "title": "Tags", + "type": "array" + }, + "TargetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to. You can get the ID by calling the [ListRoots](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html) , [ListOrganizationalUnitsForParent](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html) , or [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) operations. If you don't specify this parameter, the policy is created but not attached to any organization resource.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a target ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Account* - A string that consists of exactly 12 digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "title": "TargetIds", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of policy to create.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Content", + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Organizations::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "Configuration", - "FilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CategoryFilterConfiguration": { + "AWS::Organizations::ResourcePolicy": { "additionalProperties": false, "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" + "Condition": { + "type": "string" }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ChartAxisLabelOptions": { - "additionalProperties": false, - "properties": { - "AxisLabelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The policy text of the organization resource policy. You can specify the resource policy content as a JSON object or a JSON string.\n\n> When you specify the resource policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the resource policy content as a JSON object instead.", + "title": "Content", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags that you want to attach to the newly created resource policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the *AWS Organizations User Guide* .\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for the resource policy, then the entire request fails and the resource policy is not created.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", - "type": "array" + "required": [ + "Content" + ], + "type": "object" }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", + "Type": { + "enum": [ + "AWS::Organizations::ResourcePolicy" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ClusterMarker": { - "additionalProperties": false, - "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ClusterMarkerConfiguration": { - "additionalProperties": false, - "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ColorScale": { + "AWS::PCAConnectorAD::Connector": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", + "Condition": { "type": "string" }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority being used.", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "DirectoryId": { + "markdownDescription": "The identifier of the Active Directory.", + "title": "DirectoryId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a connector consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "VpcInformation": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Connector.VpcInformation", + "markdownDescription": "Information of the VPC and security group(s) used with the connector.", + "title": "VpcInformation" + } }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", - "type": "array" + "required": [ + "CertificateAuthorityArn", + "DirectoryId", + "VpcInformation" + ], + "type": "object" }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" + "Type": { + "enum": [ + "AWS::PCAConnectorAD::Connector" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ColorFillType", - "Colors" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColorsConfiguration": { + "AWS::PCAConnectorAD::Connector.VpcInformation": { "additionalProperties": false, "properties": { - "CustomColors": { + "IpAddressType": { + "markdownDescription": "The VPC IP address type.", + "title": "IpAddressType", + "type": "string" + }, + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomColor" + "type": "string" }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", + "markdownDescription": "The security groups used with the connector. You can use a maximum of 4 security groups with a connector.", + "title": "SecurityGroupIds", "type": "array" } }, + "required": [ + "SecurityGroupIds" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnConfiguration": { + "AWS::PCAConnectorAD::DirectoryRegistration": { "additionalProperties": false, "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" + "Condition": { + "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", - "type": "string" - } - }, - "required": [ - "Column" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.ColumnHierarchy": { - "additionalProperties": false, - "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" + "Metadata": { + "type": "object" }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" + "Properties": { + "additionalProperties": false, + "properties": { + "DirectoryId": { + "markdownDescription": "The identifier of the Active Directory.", + "title": "DirectoryId", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a directory registration consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "DirectoryId" + ], + "type": "object" }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ColumnIdentifier": { - "additionalProperties": false, - "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "Type": { + "enum": [ + "AWS::PCAConnectorAD::DirectoryRegistration" + ], "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ColumnName", - "DataSetIdentifier" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ColumnSort": { + "AWS::PCAConnectorAD::ServicePrincipalName": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" + "Condition": { + "type": "string" }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "", - "title": "SortBy" - } - }, - "required": [ - "Direction", - "SortBy" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.ColumnTooltipItem": { - "additionalProperties": false, - "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" + "Metadata": { + "type": "object" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "DirectoryRegistrationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) .", + "title": "DirectoryRegistrationArn", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::ServicePrincipalName" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" - }, - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The aggregated category field wells of a combo chart.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", - "type": "array" - }, - "LineValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ComboChartConfiguration": { + "AWS::PCAConnectorAD::Template": { "additionalProperties": false, "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" - }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", + "Condition": { "type": "string" }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", - "title": "CategoryLabelOptions" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", - "title": "SortConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ComboChartFieldWells": { - "additionalProperties": false, - "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ComboChartSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", - "title": "CategoryItemsLimit" + "Metadata": { + "type": "object" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", + "title": "ConnectorArn", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateDefinition", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "Definition" + }, + "Name": { + "markdownDescription": "Name of the templates. Template names must be unique.", + "title": "Name", + "type": "string" + }, + "ReenrollAllCertificateHolders": { + "markdownDescription": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template.", + "title": "ReenrollAllCertificateHolders", + "type": "boolean" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Metadata assigned to a template consisting of a key-value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", - "title": "CategorySort", - "type": "array" + "required": [ + "ConnectorArn", + "Definition", + "Name" + ], + "type": "object" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" + "Type": { + "enum": [ + "AWS::PCAConnectorAD::Template" + ], + "type": "string" }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComboChartVisual": { + "AWS::PCAConnectorAD::Template.ApplicationPolicies": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Critical": { + "markdownDescription": "Marks the application policy extension as critical.", + "title": "Critical", + "type": "boolean" }, - "ColumnHierarchies": { + "Policies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicy" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "Application policies describe what the certificate can be used for.", + "title": "Policies", "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" } }, "required": [ - "VisualId" + "Policies" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ComparisonConfiguration": { + "AWS::PCAConnectorAD::Template.ApplicationPolicy": { "additionalProperties": false, "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" + "PolicyObjectIdentifier": { + "markdownDescription": "The object identifier (OID) of an application policy.", + "title": "PolicyObjectIdentifier", + "type": "string" }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", + "PolicyType": { + "markdownDescription": "The type of application policy", + "title": "PolicyType", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ComparisonFormatConfiguration": { + "AWS::PCAConnectorAD::Template.CertificateValidity": { "additionalProperties": false, "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" + "RenewalPeriod": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", + "markdownDescription": "Renewal period is the period of time before certificate expiration when a new certificate will be requested.", + "title": "RenewalPeriod" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" + "ValidityPeriod": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", + "markdownDescription": "Information describing the end of the validity period of the certificate. This parameter sets the \u201cNot After\u201d date for the certificate. Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280. This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.", + "title": "ValidityPeriod" } }, + "required": [ + "RenewalPeriod", + "ValidityPeriod" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.Computation": { + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV2": { "additionalProperties": false, "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" - }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" - }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" - }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" - }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" - }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingColor": { + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV3": { "additionalProperties": false, "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" + }, + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" + }, + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" + }, + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition": { + "AWS::PCAConnectorAD::Template.EnrollmentFlagsV4": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", - "type": "string" + "EnableKeyReuseOnNtTokenKeysetStorageFull": { + "markdownDescription": "Allow renewal using the same key.", + "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", + "type": "boolean" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" + "IncludeSymmetricAlgorithms": { + "markdownDescription": "Include symmetric algorithms allowed by the subject.", + "title": "IncludeSymmetricAlgorithms", + "type": "boolean" }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", - "type": "string" + "NoSecurityExtension": { + "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", + "title": "NoSecurityExtension", + "type": "boolean" }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" + "RemoveInvalidCertificateFromPersonalStore": { + "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", + "title": "RemoveInvalidCertificateFromPersonalStore", + "type": "boolean" + }, + "UserInteractionRequired": { + "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", + "title": "UserInteractionRequired", + "type": "boolean" } }, - "required": [ - "Expression", - "IconOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions": { + "AWS::PCAConnectorAD::Template.ExtensionsV2": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", - "type": "string" + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", - "type": "string" + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", + "title": "KeyUsage" } }, + "required": [ + "KeyUsage" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor": { + "AWS::PCAConnectorAD::Template.ExtensionsV3": { "additionalProperties": false, "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", - "type": "string" + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", + "title": "KeyUsage" } }, "required": [ - "Color", - "Expression" + "KeyUsage" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIcon": { + "AWS::PCAConnectorAD::Template.ExtensionsV4": { "additionalProperties": false, "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" + "ApplicationPolicies": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", + "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", + "title": "ApplicationPolicies" }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" + "KeyUsage": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", + "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.", + "title": "KeyUsage" } }, + "required": [ + "KeyUsage" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration": { + "AWS::PCAConnectorAD::Template.GeneralFlagsV2": { "additionalProperties": false, "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", - "type": "string" + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" + }, + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users.", + "title": "MachineType", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingIconSet": { + "AWS::PCAConnectorAD::Template.GeneralFlagsV3": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", - "type": "string" + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", - "type": "string" + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", + "title": "MachineType", + "type": "boolean" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor": { + "AWS::PCAConnectorAD::Template.GeneralFlagsV4": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", - "type": "string" + "AutoEnrollment": { + "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", + "title": "AutoEnrollment", + "type": "boolean" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", - "type": "string" + "MachineType": { + "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", + "title": "MachineType", + "type": "boolean" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ContributionAnalysisDefault": { + "AWS::PCAConnectorAD::Template.KeyUsage": { "additionalProperties": false, "properties": { - "ContributorDimensions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", - "type": "array" + "Critical": { + "markdownDescription": "Sets the key usage extension to critical.", + "title": "Critical", + "type": "boolean" }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", - "type": "string" + "UsageFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageFlags", + "markdownDescription": "The key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.", + "title": "UsageFlags" } }, "required": [ - "ContributorDimensions", - "MeasureFieldId" + "UsageFlags" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration": { + "AWS::PCAConnectorAD::Template.KeyUsageFlags": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", - "type": "string" + "DataEncipherment": { + "markdownDescription": "DataEncipherment is asserted when the subject public key is used for directly enciphering raw user data without the use of an intermediate symmetric cipher.", + "title": "DataEncipherment", + "type": "boolean" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", - "type": "string" + "DigitalSignature": { + "markdownDescription": "The digitalSignature is asserted when the subject public key is used for verifying digital signatures.", + "title": "DigitalSignature", + "type": "boolean" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "KeyAgreement": { + "markdownDescription": "KeyAgreement is asserted when the subject public key is used for key agreement.", + "title": "KeyAgreement", + "type": "boolean" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", - "type": "string" + "KeyEncipherment": { + "markdownDescription": "KeyEncipherment is asserted when the subject public key is used for enciphering private or secret keys, i.e., for key transport.", + "title": "KeyEncipherment", + "type": "boolean" }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", - "type": "string" + "NonRepudiation": { + "markdownDescription": "NonRepudiation is asserted when the subject public key is used to verify digital signatures.", + "title": "NonRepudiation", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionFilterOperation": { + "AWS::PCAConnectorAD::Template.KeyUsageProperty": { "additionalProperties": false, "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" + "PropertyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags", + "markdownDescription": "You can specify key usage for encryption, key agreement, and signature. You can use property flags or property type but not both.", + "title": "PropertyFlags" }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" + "PropertyType": { + "markdownDescription": "You can specify all key usages using property type ALL. You can use property type or property flags but not both.", + "title": "PropertyType", + "type": "string" } }, - "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionNavigationOperation": { + "AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags": { "additionalProperties": false, "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" + "Decrypt": { + "markdownDescription": "Allows key for encryption and decryption.", + "title": "Decrypt", + "type": "boolean" + }, + "KeyAgreement": { + "markdownDescription": "Allows key exchange without encryption.", + "title": "KeyAgreement", + "type": "boolean" + }, + "Sign": { + "markdownDescription": "Allow key use for digital signature.", + "title": "Sign", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionSetParametersOperation": { + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2": { "additionalProperties": false, "properties": { - "ParameterValueConfigurations": { + "CryptoProviders": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SetParameterValueConfiguration" + "type": "string" }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", "type": "array" + }, + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", + "type": "string" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" } }, "required": [ - "ParameterValueConfigurations" + "KeySpec", + "MinimalKeyLength" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomActionURLOperation": { + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3": { "additionalProperties": false, "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", + "Algorithm": { + "markdownDescription": "Defines the algorithm used to generate the private key.", + "title": "Algorithm", "type": "string" }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", + "CryptoProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", + "type": "array" + }, + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", "type": "string" + }, + "KeyUsageProperty": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", + "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", + "title": "KeyUsageProperty" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" } }, "required": [ - "URLTarget", - "URLTemplate" + "Algorithm", + "KeySpec", + "KeyUsageProperty", + "MinimalKeyLength" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomColor": { + "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "Algorithm": { + "markdownDescription": "Defines the algorithm used to generate the private key.", + "title": "Algorithm", "type": "string" }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", - "type": "string" + "CryptoProviders": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines the cryptographic providers used to generate the private key.", + "title": "CryptoProviders", + "type": "array" }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", + "KeySpec": { + "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", + "title": "KeySpec", "type": "string" + }, + "KeyUsageProperty": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", + "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", + "title": "KeyUsageProperty" + }, + "MinimalKeyLength": { + "markdownDescription": "Set the minimum key length of the private key.", + "title": "MinimalKeyLength", + "type": "number" } }, "required": [ - "Color" + "KeySpec", + "MinimalKeyLength" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomContentConfiguration": { + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", "type": "string" }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", - "type": "string" + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", - "type": "string" + "StrongKeyProtectionRequired": { + "markdownDescription": "Require user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" } }, + "required": [ + "ClientVersion" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomContentVisual": { + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", - "title": "ChartConfiguration" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "RequireAlternateSignatureAlgorithm": { + "markdownDescription": "Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", + "title": "RequireAlternateSignatureAlgorithm", + "type": "boolean" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "StrongKeyProtectionRequired": { + "markdownDescription": "Requirer user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "ClientVersion" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomFilterConfiguration": { + "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", + "ClientVersion": { + "markdownDescription": "Defines the minimum client compatibility.", + "title": "ClientVersion", "type": "string" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "ExportableKey": { + "markdownDescription": "Allows the private key to be exported.", + "title": "ExportableKey", + "type": "boolean" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "RequireAlternateSignatureAlgorithm": { + "markdownDescription": "Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", + "title": "RequireAlternateSignatureAlgorithm", + "type": "boolean" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", - "type": "string" + "RequireSameKeyRenewal": { + "markdownDescription": "Renew certificate using the same private key.", + "title": "RequireSameKeyRenewal", + "type": "boolean" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "StrongKeyProtectionRequired": { + "markdownDescription": "Require user input when using the private key for enrollment.", + "title": "StrongKeyProtectionRequired", + "type": "boolean" + }, + "UseLegacyProvider": { + "markdownDescription": "Specifies the cryptographic service provider category used to generate private keys. Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.", + "title": "UseLegacyProvider", + "type": "boolean" } }, "required": [ - "MatchOperator", - "NullOption" + "ClientVersion" ], "type": "object" }, - "AWS::QuickSight::Dashboard.CustomFilterListConfiguration": { + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV2": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" - } - }, - "required": [ - "MatchOperator", - "NullOption" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomNarrativeOptions": { - "additionalProperties": false, - "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", - "type": "string" - } - }, - "required": [ - "Narrative" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomParameterValues": { - "additionalProperties": false, - "properties": { - "DateTimeValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", - "type": "array" + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" }, - "DecimalValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", - "type": "array" + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" }, - "IntegerValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", - "type": "array" + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" }, - "StringValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.CustomValuesConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomParameterValues", - "markdownDescription": "", - "title": "CustomValues" + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" + }, + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" + }, + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", "type": "boolean" } }, - "required": [ - "CustomValues" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardError": { + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV3": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Message.", - "title": "Message", - "type": "string" + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" }, - "Type": { - "markdownDescription": "Type.", - "title": "Type", - "type": "string" + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" }, - "ViolatedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Entity" - }, - "markdownDescription": "Lists the violated entities that caused the dashboard error.", - "title": "ViolatedEntities", - "type": "array" + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" + }, + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" + }, + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" + }, + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" + }, + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" + }, + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" + }, + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" + }, + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardPublishOptions": { + "AWS::PCAConnectorAD::Template.SubjectNameFlagsV4": { "additionalProperties": false, "properties": { - "AdHocFilteringOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AdHocFilteringOption", - "markdownDescription": "Ad hoc (one-time) filtering option.", - "title": "AdHocFilteringOption" - }, - "DataPointDrillUpDownOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointDrillUpDownOption", - "markdownDescription": "The drill-down options of data points in a dashboard.", - "title": "DataPointDrillUpDownOption" + "RequireCommonName": { + "markdownDescription": "Include the common name in the subject name.", + "title": "RequireCommonName", + "type": "boolean" }, - "DataPointMenuLabelOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointMenuLabelOption", - "markdownDescription": "The data point menu label options of a dashboard.", - "title": "DataPointMenuLabelOption" + "RequireDirectoryPath": { + "markdownDescription": "Include the directory path in the subject name.", + "title": "RequireDirectoryPath", + "type": "boolean" }, - "DataPointTooltipOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointTooltipOption", - "markdownDescription": "The data point tool tip options of a dashboard.", - "title": "DataPointTooltipOption" + "RequireDnsAsCn": { + "markdownDescription": "Include the DNS as common name in the subject name.", + "title": "RequireDnsAsCn", + "type": "boolean" }, - "ExportToCSVOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportToCSVOption", - "markdownDescription": "Export to .csv option.", - "title": "ExportToCSVOption" + "RequireEmail": { + "markdownDescription": "Include the subject's email in the subject name.", + "title": "RequireEmail", + "type": "boolean" }, - "ExportWithHiddenFieldsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption", - "markdownDescription": "Determines if hidden fields are exported with a dashboard.", - "title": "ExportWithHiddenFieldsOption" + "SanRequireDirectoryGuid": { + "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", + "title": "SanRequireDirectoryGuid", + "type": "boolean" }, - "SheetControlsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlsOption", - "markdownDescription": "Sheet controls option.", - "title": "SheetControlsOption" + "SanRequireDns": { + "markdownDescription": "Include the DNS in the subject alternate name.", + "title": "SanRequireDns", + "type": "boolean" }, - "SheetLayoutElementMaximizationOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption", - "markdownDescription": "The sheet layout maximization options of a dashbaord.", - "title": "SheetLayoutElementMaximizationOption" + "SanRequireDomainDns": { + "markdownDescription": "Include the domain DNS in the subject alternate name.", + "title": "SanRequireDomainDns", + "type": "boolean" }, - "VisualAxisSortOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualAxisSortOption", - "markdownDescription": "The axis sort options of a dashboard.", - "title": "VisualAxisSortOption" + "SanRequireEmail": { + "markdownDescription": "Include the subject's email in the subject alternate name.", + "title": "SanRequireEmail", + "type": "boolean" }, - "VisualMenuOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", - "markdownDescription": "The menu options of a visual in a dashboard.", - "title": "VisualMenuOption" + "SanRequireSpn": { + "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", + "title": "SanRequireSpn", + "type": "boolean" }, - "VisualPublishOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVisualPublishOptions", - "markdownDescription": "The visual publish options of a visual in a dashboard.", - "title": "VisualPublishOptions" + "SanRequireUpn": { + "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", + "title": "SanRequireUpn", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardSourceEntity": { + "AWS::PCAConnectorAD::Template.TemplateDefinition": { "additionalProperties": false, "properties": { - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceTemplate", - "markdownDescription": "Source template.", - "title": "SourceTemplate" + "TemplateV2": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV2", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV2" + }, + "TemplateV3": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV3", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV3" + }, + "TemplateV4": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV4", + "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", + "title": "TemplateV4" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardSourceTemplate": { + "AWS::PCAConnectorAD::Template.TemplateV2": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" }, - "DataSetReferences": { + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV2", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" + }, + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV2", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" + }, + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV2", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" + }, + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2", + "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, and cryptographic providers for the private key of a certificate for v2 templates. V2 templates allow you to use Legacy Cryptographic Service Providers.", + "title": "PrivateKeyAttributes" + }, + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2", + "markdownDescription": "Private key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.", + "title": "PrivateKeyFlags" + }, + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV2", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetReference" + "type": "string" }, - "markdownDescription": "Dataset references.", - "title": "DataSetReferences", + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", "type": "array" } }, "required": [ - "Arn", - "DataSetReferences" + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVersion": { + "AWS::PCAConnectorAD::Template.TemplateV3": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", - "type": "string" + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" }, - "CreatedTime": { - "markdownDescription": "The time that this dashboard version was created.", - "title": "CreatedTime", - "type": "string" + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV3", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" }, - "DataSetArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Numbers (ARNs) for the datasets that are associated with this version of the dashboard.", - "title": "DataSetArns", - "type": "array" + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV3", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" }, - "Description": { - "markdownDescription": "Description.", - "title": "Description", + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV3", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" + }, + "HashAlgorithm": { + "markdownDescription": "Specifies the hash algorithm used to hash the private key.", + "title": "HashAlgorithm", "type": "string" }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardError" - }, - "markdownDescription": "Errors associated with this dashboard version.", - "title": "Errors", - "type": "array" + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3", + "markdownDescription": "Private key attributes allow you to specify the algorithm, minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v3 templates. V3 templates allow you to use Key Storage Providers.", + "title": "PrivateKeyAttributes" }, - "Sheets": { + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3", + "markdownDescription": "Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.", + "title": "PrivateKeyFlags" + }, + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV3", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Sheet" + "type": "string" }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", "type": "array" - }, - "SourceEntityArn": { - "markdownDescription": "Source entity ARN.", - "title": "SourceEntityArn", - "type": "string" - }, - "Status": { - "markdownDescription": "The HTTP status of the request.", - "title": "Status", - "type": "string" - }, - "ThemeArn": { - "markdownDescription": "The ARN of the theme associated with a version of the dashboard.", - "title": "ThemeArn", - "type": "string" - }, - "VersionNumber": { - "markdownDescription": "Version number for this version of the dashboard.", - "title": "VersionNumber", - "type": "number" } }, + "required": [ + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "HashAlgorithm", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVersionDefinition": { + "AWS::PCAConnectorAD::Template.TemplateV4": { "additionalProperties": false, "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnalysisDefaults", - "markdownDescription": "", - "title": "AnalysisDefaults" + "CertificateValidity": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", + "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", + "title": "CertificateValidity" }, - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedField" - }, - "markdownDescription": "An array of calculated field definitions for the dashboard.", - "title": "CalculatedFields", - "type": "array" + "EnrollmentFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV4", + "markdownDescription": "Enrollment flags describe the enrollment settings for certificates using the existing private key and deleting expired or revoked certificates.", + "title": "EnrollmentFlags" }, - "ColumnConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnConfiguration" - }, - "markdownDescription": "An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard.", - "title": "ColumnConfigurations", - "type": "array" + "Extensions": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV4", + "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", + "title": "Extensions" }, - "DataSetIdentifierDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration" - }, - "markdownDescription": "An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures.", - "title": "DataSetIdentifierDeclarations", - "type": "array" + "GeneralFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV4", + "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", + "title": "GeneralFlags" }, - "FilterGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterGroup" - }, - "markdownDescription": "The filter definitions for a dashboard.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", - "type": "array" + "HashAlgorithm": { + "markdownDescription": "Specifies the hash algorithm used to hash the private key. Hash algorithm can only be specified when using Key Storage Providers.", + "title": "HashAlgorithm", + "type": "string" }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AssetOptions", - "markdownDescription": "An array of option definitions for a dashboard.", - "title": "Options" + "PrivateKeyAttributes": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4", + "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v4 templates. V4 templates allow you to use either Key Storage Providers or Legacy Cryptographic Service Providers. You specify the cryptography provider category in private key flags.", + "title": "PrivateKeyAttributes" }, - "ParameterDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDeclaration" - }, - "markdownDescription": "The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", - "type": "array" + "PrivateKeyFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4", + "markdownDescription": "Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.", + "title": "PrivateKeyFlags" }, - "Sheets": { + "SubjectNameFlags": { + "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV4", + "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", + "title": "SubjectNameFlags" + }, + "SupersededTemplates": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetDefinition" + "type": "string" }, - "markdownDescription": "An array of sheet definitions for a dashboard.", - "title": "Sheets", + "markdownDescription": "List of templates in Active Directory that are superseded by this template.", + "title": "SupersededTemplates", "type": "array" } }, "required": [ - "DataSetIdentifierDeclarations" + "CertificateValidity", + "EnrollmentFlags", + "Extensions", + "GeneralFlags", + "PrivateKeyAttributes", + "PrivateKeyFlags", + "SubjectNameFlags" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DashboardVisualPublishOptions": { + "AWS::PCAConnectorAD::Template.ValidityPeriod": { "additionalProperties": false, "properties": { - "ExportHiddenFieldsOption": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportHiddenFieldsOption", - "markdownDescription": "Determines if hidden fields are included in an exported dashboard.", - "title": "ExportHiddenFieldsOption" + "Period": { + "markdownDescription": "The numeric value for the validity period.", + "title": "Period", + "type": "number" + }, + "PeriodType": { + "markdownDescription": "The unit of time. You can select hours, days, weeks, months, and years.", + "title": "PeriodType", + "type": "string" } }, + "required": [ + "Period", + "PeriodType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataBarsOptions": { + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", + "Condition": { "type": "string" }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccessRights": { + "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights", + "markdownDescription": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.", + "title": "AccessRights" + }, + "GroupDisplayName": { + "markdownDescription": "Name of the Active Directory group. This name does not need to match the group name in Active Directory.", + "title": "GroupDisplayName", + "type": "string" + }, + "GroupSecurityIdentifier": { + "markdownDescription": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\".", + "title": "GroupSecurityIdentifier", + "type": "string" + }, + "TemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .", + "title": "TemplateArn", + "type": "string" + } + }, + "required": [ + "AccessRights", + "GroupDisplayName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataColor": { + "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", + "AutoEnroll": { + "markdownDescription": "Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment", + "title": "AutoEnroll", "type": "string" }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", - "type": "number" + "Enroll": { + "markdownDescription": "Allow or deny an Active Directory group from enrolling certificates issued against a template.", + "title": "Enroll", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataFieldSeriesItem": { + "AWS::PCAConnectorSCEP::Challenge": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectorArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the connector.", + "title": "ConnectorArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ConnectorArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCAConnectorSCEP::Challenge" + ], "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "AxisBinding", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataLabelOptions": { + "AWS::PCAConnectorSCEP::Connector": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "DataLabelTypes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelType" - }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", - "type": "array" - }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", + "Condition": { "type": "string" }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" - }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", - "type": "string" + "Metadata": { + "type": "object" }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "CertificateAuthorityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority associated with the connector.", + "title": "CertificateAuthorityArn", + "type": "string" + }, + "MobileDeviceManagement": { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector.MobileDeviceManagement", + "markdownDescription": "Contains settings relevant to the mobile device management system that you chose for the connector. If you didn't configure `MobileDeviceManagement` , then the connector is for general-purpose use and this object is empty.", + "title": "MobileDeviceManagement" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "CertificateAuthorityArn" + ], + "type": "object" }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", + "Type": { + "enum": [ + "AWS::PCAConnectorSCEP::Connector" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataLabelType": { + "AWS::PCAConnectorSCEP::Connector.IntuneConfiguration": { "additionalProperties": false, "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" - }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" - }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" - }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" + "AzureApplicationId": { + "markdownDescription": "The directory (tenant) ID from your Microsoft Entra ID app registration.", + "title": "AzureApplicationId", + "type": "string" }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" + "Domain": { + "markdownDescription": "The primary domain from your Microsoft Entra ID app registration.", + "title": "Domain", + "type": "string" } }, + "required": [ + "AzureApplicationId", + "Domain" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathColor": { + "AWS::PCAConnectorSCEP::Connector.MobileDeviceManagement": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", - "type": "string" - }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" - }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", - "type": "string" + "Intune": { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector.IntuneConfiguration", + "markdownDescription": "Configuration settings for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see [Using Connector for SCEP for Microsoft Intune](https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlconnector-for-scep-intune.html) .", + "title": "Intune" } }, "required": [ - "Color", - "Element" + "Intune" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathLabelType": { + "AWS::PCAConnectorSCEP::Connector.OpenIdConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", + "Audience": { + "markdownDescription": "The audience value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Audience", "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", + "Issuer": { + "markdownDescription": "The issuer value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Issuer", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the data label.", - "title": "Visibility", + "Subject": { + "markdownDescription": "The subject value to copy into your Microsoft Entra app registration's OIDC.", + "title": "Subject", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathSort": { + "AWS::PCS::Cluster": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", + "Condition": { "type": "string" }, - "SortPaths": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name that identifies the cluster.", + "title": "Name", + "type": "string" + }, + "Networking": { + "$ref": "#/definitions/AWS::PCS::Cluster.Networking", + "markdownDescription": "The networking configuration for the cluster's control plane.", + "title": "Networking" + }, + "Scheduler": { + "$ref": "#/definitions/AWS::PCS::Cluster.Scheduler", + "markdownDescription": "The cluster management and job scheduling software associated with the cluster.", + "title": "Scheduler" + }, + "Size": { + "markdownDescription": "The size of the cluster.", + "title": "Size", + "type": "string" + }, + "SlurmConfiguration": { + "$ref": "#/definitions/AWS::PCS::Cluster.SlurmConfiguration", + "markdownDescription": "Additional options related to the Slurm scheduler.", + "title": "SlurmConfiguration" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", - "type": "array" + "required": [ + "Networking", + "Scheduler", + "Size" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::Cluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Direction", - "SortPaths" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathType": { + "AWS::PCS::Cluster.Accounting": { "additionalProperties": false, "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", + "DefaultPurgeTimeInDays": { + "markdownDescription": "The default value for all purge settings for `slurmdbd.conf` . For more information, see the [slurmdbd.conf documentation at SchedMD](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurmdbd.conf.html) .\n\nThe default value `-1` means there is no purge time and records persist as long as the cluster exists.\n\n> `0` isn't a valid value.", + "title": "DefaultPurgeTimeInDays", + "type": "number" + }, + "Mode": { + "markdownDescription": "The default value for `mode` is `STANDARD` . A value of `STANDARD` means Slurm accounting is enabled.", + "title": "Mode", "type": "string" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPathValue": { + "AWS::PCS::Cluster.AuthKey": { "additionalProperties": false, "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" - }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the shared Slurm key.", + "title": "SecretArn", "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", + "SecretVersion": { + "markdownDescription": "The version of the shared Slurm key.", + "title": "SecretVersion", "type": "string" } }, + "required": [ + "SecretArn", + "SecretVersion" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPointDrillUpDownOption": { + "AWS::PCS::Cluster.Endpoint": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the drill down options of data points.", - "title": "AvailabilityStatus", + "Port": { + "markdownDescription": "The endpoint's connection port number.", + "title": "Port", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The endpoint's private IP address.", + "title": "PrivateIpAddress", + "type": "string" + }, + "PublicIpAddress": { + "markdownDescription": "The endpoint's public IP address.", + "title": "PublicIpAddress", + "type": "string" + }, + "Type": { + "markdownDescription": "Indicates the type of endpoint running at the specific IP address.", + "title": "Type", "type": "string" } }, + "required": [ + "Port", + "PrivateIpAddress", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataPointMenuLabelOption": { + "AWS::PCS::Cluster.ErrorInfo": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the data point menu options.", - "title": "AvailabilityStatus", + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "The detailed error information.", + "title": "Message", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataPointTooltipOption": { + "AWS::PCS::Cluster.Networking": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the data point tool tip options.", - "title": "AvailabilityStatus", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of security group IDs associated with the Elastic Network Interface (ENI) created in subnets.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnet IDs where AWS PCS creates an Elastic Network Interface (ENI) to enable communication between managed controllers and AWS PCS resources. The subnet must have an available IP address, cannot reside in AWS Outposts, AWS Wavelength, or an AWS Local Zone. AWS PCS currently supports only 1 subnet in this list.", + "title": "SubnetIds", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration": { + "AWS::PCS::Cluster.Scheduler": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", - "title": "DataSetArn", + "Type": { + "markdownDescription": "The software AWS PCS uses to manage cluster scaling and job scheduling.", + "title": "Type", "type": "string" }, - "Identifier": { - "markdownDescription": "The identifier of the data set, typically the data set's name.", - "title": "Identifier", + "Version": { + "markdownDescription": "The version of the specified scheduling software that AWS PCS uses to manage cluster scaling and job scheduling.", + "title": "Version", "type": "string" } }, "required": [ - "DataSetArn", - "Identifier" + "Type", + "Version" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DataSetReference": { + "AWS::PCS::Cluster.SlurmConfiguration": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", - "type": "string" + "Accounting": { + "$ref": "#/definitions/AWS::PCS::Cluster.Accounting", + "markdownDescription": "The accounting configuration includes configurable settings for Slurm accounting.", + "title": "Accounting" }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", - "type": "string" + "AuthKey": { + "$ref": "#/definitions/AWS::PCS::Cluster.AuthKey", + "markdownDescription": "The shared Slurm key for authentication, also known as the cluster secret.", + "title": "AuthKey" + }, + "ScaleDownIdleTimeInSeconds": { + "markdownDescription": "The time before an idle node is scaled down.", + "title": "ScaleDownIdleTimeInSeconds", + "type": "number" + }, + "SlurmCustomSettings": { + "items": { + "$ref": "#/definitions/AWS::PCS::Cluster.SlurmCustomSetting" + }, + "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", + "title": "SlurmCustomSettings", + "type": "array" } }, - "required": [ - "DataSetArn", - "DataSetPlaceholder" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateAxisOptions": { + "AWS::PCS::Cluster.SlurmCustomSetting": { "additionalProperties": false, "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", + "ParameterName": { + "markdownDescription": "AWS PCS supports configuration of the following Slurm parameters:\n\n- For *clusters*\n\n- [`Prolog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Prolog_1)\n- [`Epilog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Epilog_1)\n- [`SelectTypeParameters`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_SelectTypeParameters)\n- For *compute node groups*\n\n- [`Weight`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)\n- [`RealMemory`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The values for the configured Slurm settings.", + "title": "ParameterValue", "type": "string" } }, + "required": [ + "ParameterName", + "ParameterValue" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateDimensionField": { + "AWS::PCS::ComputeNodeGroup": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" - }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmiId": { + "markdownDescription": "The ID of the Amazon Machine Image (AMI) that AWS PCS uses to launch instances. If not provided, AWS PCS uses the AMI ID specified in the custom launch template.", + "title": "AmiId", + "type": "string" + }, + "ClusterId": { + "markdownDescription": "The ID of the cluster of the compute node group.", + "title": "ClusterId", + "type": "string" + }, + "CustomLaunchTemplate": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate", + "markdownDescription": "An Amazon EC2 launch template AWS PCS uses to launch compute nodes.", + "title": "CustomLaunchTemplate" + }, + "IamInstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have pcs:RegisterComputeNodeGroupInstance permissions attached to provision instances correctly.", + "title": "IamInstanceProfileArn", + "type": "string" + }, + "InstanceConfigs": { + "items": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.InstanceConfig" + }, + "markdownDescription": "A list of EC2 instance configurations that AWS PCS can provision in the compute node group.", + "title": "InstanceConfigs", + "type": "array" + }, + "Name": { + "markdownDescription": "The name that identifies the compute node group.", + "title": "Name", + "type": "string" + }, + "PurchaseOption": { + "markdownDescription": "Specifies how EC2 instances are purchased on your behalf. AWS PCS supports On-Demand and Spot instances. For more information, see Instance purchasing options in the Amazon Elastic Compute Cloud User Guide. If you don't provide this option, it defaults to On-Demand.", + "title": "PurchaseOption", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.ScalingConfiguration", + "markdownDescription": "Specifies the boundaries of the compute node group auto scaling.", + "title": "ScalingConfiguration" + }, + "SlurmConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmConfiguration", + "markdownDescription": "Additional options related to the Slurm scheduler.", + "title": "SlurmConfiguration" + }, + "SpotOptions": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SpotOptions", + "markdownDescription": "Additional configuration when you specify `SPOT` as the `purchaseOption` .", + "title": "SpotOptions" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnet IDs where instances are provisioned by the compute node group. The subnets must be in the same VPC as the cluster.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ClusterId", + "CustomLaunchTemplate", + "IamInstanceProfileArn", + "InstanceConfigs", + "ScalingConfiguration", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::ComputeNodeGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateMeasureField": { + "AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", + "TemplateId": { + "markdownDescription": "The ID of the EC2 launch template to use to provision instances.", + "title": "TemplateId", "type": "string" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Version": { + "markdownDescription": "The version of the EC2 launch template to use to provision instances.", + "title": "Version", "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" } }, "required": [ - "Column", - "FieldId" + "Version" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeDefaultValues": { + "AWS::PCS::ComputeNodeGroup.ErrorInfo": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" }, - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", - "title": "StaticValues", - "type": "array" + "Message": { + "markdownDescription": "The detailed error information.", + "title": "Message", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeFormatConfiguration": { + "AWS::PCS::ComputeNodeGroup.InstanceConfig": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", + "InstanceType": { + "markdownDescription": "The EC2 instance type that AWS PCS can provision in the compute node group.\n\nExample: `t2.xlarge`", + "title": "InstanceType", "type": "string" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeHierarchy": { + "AWS::PCS::ComputeNodeGroup.ScalingConfiguration": { "additionalProperties": false, "properties": { - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "MaxInstanceCount": { + "markdownDescription": "The upper bound of the number of instances allowed in the compute fleet.", + "title": "MaxInstanceCount", + "type": "number" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", - "type": "string" + "MinInstanceCount": { + "markdownDescription": "The lower bound of the number of instances allowed in the compute fleet.", + "title": "MinInstanceCount", + "type": "number" } }, "required": [ - "HierarchyId" + "MaxInstanceCount", + "MinInstanceCount" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeParameter": { + "AWS::PCS::ComputeNodeGroup.SlurmConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the date-time parameter.", - "title": "Name", - "type": "string" - }, - "Values": { + "SlurmCustomSettings": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmCustomSetting" }, - "markdownDescription": "The values for the date-time parameter.", - "title": "Values", + "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", + "title": "SlurmCustomSettings", "type": "array" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeParameterDeclaration": { + "AWS::PCS::ComputeNodeGroup.SlurmCustomSetting": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "ParameterName": { + "markdownDescription": "AWS PCS supports configuration of the following Slurm parameters:\n\n- For *clusters*\n\n- [`Prolog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Prolog_1)\n- [`Epilog`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Epilog_1)\n- [`SelectTypeParameters`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_SelectTypeParameters)\n- For *compute node groups*\n\n- [`Weight`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)\n- [`RealMemory`](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurm.conf.html#OPT_Weight)", + "title": "ParameterName", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "ParameterValue": { + "markdownDescription": "The values for the configured Slurm settings.", + "title": "ParameterValue", "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, "required": [ - "Name" + "ParameterName", + "ParameterValue" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions": { + "AWS::PCS::ComputeNodeGroup.SpotOptions": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", + "AllocationStrategy": { + "markdownDescription": "The Amazon EC2 allocation strategy AWS PCS uses to provision EC2 instances. AWS PCS supports lowest price, capacity optimized, and price capacity optimized. If you don't provide this option, it defaults to price capacity optimized.", + "title": "AllocationStrategy", "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration": { + "AWS::PCS::Queue": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "Condition": { "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterId": { + "markdownDescription": "The ID of the cluster of the queue.", + "title": "ClusterId", + "type": "string" + }, + "ComputeNodeGroupConfigurations": { + "items": { + "$ref": "#/definitions/AWS::PCS::Queue.ComputeNodeGroupConfiguration" + }, + "markdownDescription": "The list of compute node group configurations associated with the queue. Queues assign jobs to associated compute node groups.", + "title": "ComputeNodeGroupConfigurations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name that identifies the queue.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ClusterId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::Queue" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalDefaultValues": { + "AWS::PCS::Queue.ComputeNodeGroupConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" - }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", - "type": "array" + "ComputeNodeGroupId": { + "markdownDescription": "The compute node group ID for the compute node group configuration.", + "title": "ComputeNodeGroupId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalParameter": { + "AWS::PCS::Queue.ErrorInfo": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for the decimal parameter.", - "title": "Name", + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", "type": "string" }, - "Values": { - "items": { - "type": "number" - }, - "markdownDescription": "The values for the decimal parameter.", - "title": "Values", - "type": "array" + "Message": { + "markdownDescription": "TBDThe detailed error information.", + "title": "Message", + "type": "string" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalParameterDeclaration": { + "AWS::Panorama::ApplicationInstance": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Condition": { + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationInstanceIdToReplace": { + "markdownDescription": "The ID of an application instance to replace with the new instance.", + "title": "ApplicationInstanceIdToReplace", + "type": "string" + }, + "DefaultRuntimeContextDevice": { + "markdownDescription": "The device's ID.", + "title": "DefaultRuntimeContextDevice", + "type": "string" + }, + "Description": { + "markdownDescription": "A description for the application instance.", + "title": "Description", + "type": "string" + }, + "ManifestOverridesPayload": { + "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestOverridesPayload", + "markdownDescription": "Setting overrides for the application manifest.", + "title": "ManifestOverridesPayload" + }, + "ManifestPayload": { + "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestPayload", + "markdownDescription": "The application's manifest document.", + "title": "ManifestPayload" + }, + "Name": { + "markdownDescription": "A name for the application instance.", + "title": "Name", + "type": "string" + }, + "RuntimeRoleArn": { + "markdownDescription": "The ARN of a runtime role for the application instance.", + "title": "RuntimeRoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags for the application instance.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "required": [ + "DefaultRuntimeContextDevice", + "ManifestPayload" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Type": { + "enum": [ + "AWS::Panorama::ApplicationInstance" + ], "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", - "title": "ValueWhenUnset" } }, "required": [ - "Name", - "ParameterValueType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalPlacesConfiguration": { + "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { "additionalProperties": false, "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", - "type": "number" + "PayloadData": { + "markdownDescription": "The overrides document.", + "title": "PayloadData", + "type": "string" } }, - "required": [ - "DecimalPlaces" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration": { + "AWS::Panorama::ApplicationInstance.ManifestPayload": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" - }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "PayloadData": { + "markdownDescription": "The application manifest.", + "title": "PayloadData", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions": { + "AWS::Panorama::Package": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PackageName": { + "markdownDescription": "A name for the package.", + "title": "PackageName", + "type": "string" + }, + "StorageLocation": { + "$ref": "#/definitions/AWS::Panorama::Package.StorageLocation", + "markdownDescription": "A storage location.", + "title": "StorageLocation" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags for the package.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "PackageName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", + "enum": [ + "AWS::Panorama::Package" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration": { - "additionalProperties": false, - "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ControlOptions", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultFilterControlOptions": { + "AWS::Panorama::Package.StorageLocation": { "additionalProperties": false, "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" - }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" - }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" + "BinaryPrefixLocation": { + "markdownDescription": "The location's binary prefix.", + "title": "BinaryPrefixLocation", + "type": "string" }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" + "Bucket": { + "markdownDescription": "The location's bucket.", + "title": "Bucket", + "type": "string" }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" + "GeneratedPrefixLocation": { + "markdownDescription": "The location's generated prefix.", + "title": "GeneratedPrefixLocation", + "type": "string" }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" + "ManifestPrefixLocation": { + "markdownDescription": "The location's manifest prefix.", + "title": "ManifestPrefixLocation", + "type": "string" }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" + "RepoPrefixLocation": { + "markdownDescription": "The location's repo prefix.", + "title": "RepoPrefixLocation", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions": { + "AWS::Panorama::PackageVersion": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "MarkLatest": { + "markdownDescription": "Whether to mark the new version as the latest version.", + "title": "MarkLatest", + "type": "boolean" + }, + "OwnerAccount": { + "markdownDescription": "An owner account.", + "title": "OwnerAccount", + "type": "string" + }, + "PackageId": { + "markdownDescription": "A package ID.", + "title": "PackageId", + "type": "string" + }, + "PackageVersion": { + "markdownDescription": "A package version.", + "title": "PackageVersion", + "type": "string" + }, + "PatchVersion": { + "markdownDescription": "A patch version.", + "title": "PatchVersion", + "type": "string" + }, + "UpdatedLatestPatchVersion": { + "markdownDescription": "If the version was marked latest, the new version to maker as latest.", + "title": "UpdatedLatestPatchVersion", + "type": "string" + } + }, + "required": [ + "PackageId", + "PackageVersion", + "PatchVersion" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::Panorama::PackageVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultFilterListControlOptions": { + "AWS::PaymentCryptography::Alias": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AliasName": { + "markdownDescription": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n> Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output.", + "title": "AliasName", + "type": "string" + }, + "KeyArn": { + "markdownDescription": "The `KeyARN` of the key associated with the alias.", + "title": "KeyArn", + "type": "string" + } + }, + "required": [ + "AliasName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "enum": [ + "AWS::PaymentCryptography::Alias" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" } }, "required": [ - "CanvasSizeOptions" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration": { + "AWS::PaymentCryptography::Key": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeriveKeyUsage": { + "markdownDescription": "The cryptographic usage of an ECDH derived key as de\ufb01ned in section A.5.2 of the TR-31 spec.", + "title": "DeriveKeyUsage", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the key is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Exportable": { + "markdownDescription": "Specifies whether the key is exportable. This data is immutable after the key is created.", + "title": "Exportable", + "type": "boolean" + }, + "KeyAttributes": { + "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyAttributes", + "markdownDescription": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.", + "title": "KeyAttributes" + }, + "KeyCheckValueAlgorithm": { + "markdownDescription": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.", + "title": "KeyCheckValueAlgorithm", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Exportable", + "KeyAttributes" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PaymentCryptography::Key" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "CanvasSizeOptions" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration": { + "AWS::PaymentCryptography::Key.KeyAttributes": { "additionalProperties": false, "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" + "KeyAlgorithm": { + "markdownDescription": "The key algorithm to be use during creation of an AWS Payment Cryptography key.\n\nFor symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms.", + "title": "KeyAlgorithm", + "type": "string" }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" + "KeyClass": { + "markdownDescription": "The type of AWS Payment Cryptography key to create, which determines the classi\ufb01cation of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.", + "title": "KeyClass", + "type": "string" + }, + "KeyModesOfUse": { + "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyModesOfUse", + "markdownDescription": "The list of cryptographic operations that you can perform using the key.", + "title": "KeyModesOfUse" + }, + "KeyUsage": { + "markdownDescription": "The cryptographic usage of an AWS Payment Cryptography key as de\ufb01ned in section A.5.2 of the TR-31 spec.", + "title": "KeyUsage", + "type": "string" } }, + "required": [ + "KeyAlgorithm", + "KeyClass", + "KeyModesOfUse", + "KeyUsage" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration": { + "AWS::PaymentCryptography::Key.KeyModesOfUse": { "additionalProperties": false, "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" + "Decrypt": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to decrypt data.", + "title": "Decrypt", + "type": "boolean" }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" + "DeriveKey": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to derive new keys.", + "title": "DeriveKey", + "type": "boolean" }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" + "Encrypt": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to encrypt data.", + "title": "Encrypt", + "type": "boolean" + }, + "Generate": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.", + "title": "Generate", + "type": "boolean" + }, + "NoRestrictions": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` .", + "title": "NoRestrictions", + "type": "boolean" + }, + "Sign": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used for signing.", + "title": "Sign", + "type": "boolean" + }, + "Unwrap": { + "markdownDescription": "", + "title": "Unwrap", + "type": "boolean" + }, + "Verify": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to verify signatures.", + "title": "Verify", + "type": "boolean" + }, + "Wrap": { + "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to wrap other keys.", + "title": "Wrap", + "type": "boolean" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultSliderControlOptions": { + "AWS::Personalize::Dataset": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatasetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group.", + "title": "DatasetGroupArn", + "type": "string" + }, + "DatasetImportJob": { + "$ref": "#/definitions/AWS::Personalize::Dataset.DatasetImportJob", + "markdownDescription": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required.", + "title": "DatasetImportJob" + }, + "DatasetType": { + "markdownDescription": "One of the following values:\n\n- Interactions\n- Items\n- Users\n\n> You can't use CloudFormation to create an Action Interactions or Actions dataset.", + "title": "DatasetType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the dataset.", + "title": "Name", + "type": "string" + }, + "SchemaArn": { + "markdownDescription": "The ARN of the associated schema.", + "title": "SchemaArn", + "type": "string" + } + }, + "required": [ + "DatasetGroupArn", + "DatasetType", + "Name", + "SchemaArn" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "enum": [ + "AWS::Personalize::Dataset" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions": { + "AWS::Personalize::Dataset.DataSource": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "DataLocation": { + "markdownDescription": "For dataset import jobs, the path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. For data deletion jobs, the path to the Amazon S3 bucket that stores the list of records to delete.\n\nFor example:\n\n`s3://bucket-name/folder-name/fileName.csv`\n\nIf your CSV files are in a folder in your Amazon S3 bucket and you want your import job or data deletion job to consider multiple files, you can specify the path to the folder. With a data deletion job, Amazon Personalize uses all files in the folder and any sub folder. Use the following syntax with a `/` after the folder name:\n\n`s3://bucket-name/folder-name/`", + "title": "DataLocation", "type": "string" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration": { + "AWS::Personalize::Dataset.DatasetImportJob": { "additionalProperties": false, "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" + "DataSource": { + "$ref": "#/definitions/AWS::Personalize::Dataset.DataSource", + "markdownDescription": "The Amazon S3 bucket that contains the training data to import.", + "title": "DataSource" }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", + "DatasetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that receives the imported data.", + "title": "DatasetArn", "type": "string" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" - }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", + "DatasetImportJobArn": { + "markdownDescription": "The ARN of the dataset import job.", + "title": "DatasetImportJobArn", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", + "JobName": { + "markdownDescription": "The name of the import job.", + "title": "JobName", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DimensionField": { - "additionalProperties": false, - "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" - }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DonutCenterOptions": { - "additionalProperties": false, - "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that has permissions to read from the Amazon S3 data source.", + "title": "RoleArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.DonutOptions": { - "additionalProperties": false, - "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" - }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DrillDownFilter": { + "AWS::Personalize::DatasetGroup": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" + "Condition": { + "type": "string" }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DropDownControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" + "Metadata": { + "type": "object" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.DynamicDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" + "Properties": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of a Domain dataset group.", + "title": "Domain", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key used to encrypt the datasets.", + "title": "KmsKeyArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the dataset group.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" + "Type": { + "enum": [ + "AWS::Personalize::DatasetGroup" + ], + "type": "string" }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DefaultValueColumn" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.EmptyVisual": { + "AWS::Personalize::Schema": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of a schema that you created for a dataset in a Domain dataset group.", + "title": "Domain", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the schema.", + "title": "Name", + "type": "string" + }, + "Schema": { + "markdownDescription": "The schema.", + "title": "Schema", + "type": "string" + } }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "required": [ + "Name", + "Schema" + ], + "type": "object" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", - "title": "DataSetIdentifier", + "Type": { + "enum": [ + "AWS::Personalize::Schema" + ], "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.Entity": { + "AWS::Personalize::Solution": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ExcludePeriodConfiguration": { - "additionalProperties": false, - "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", - "type": "number" }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatasetGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group that provides the training data.", + "title": "DatasetGroupArn", + "type": "string" + }, + "EventType": { + "markdownDescription": "The event type (for example, 'click' or 'like') that is used for training the model. If no `eventType` is provided, Amazon Personalize uses all interactions for training with equal weight regardless of type.", + "title": "EventType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the solution.", + "title": "Name", + "type": "string" + }, + "PerformAutoML": { + "markdownDescription": "> We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see [Determining your use case.](https://docs.aws.amazon.com/personalize/latest/dg/determining-use-case.html) \n\nWhen true, Amazon Personalize performs a search for the best USER_PERSONALIZATION recipe from the list specified in the solution configuration ( `recipeArn` must not be specified). When false (the default), Amazon Personalize uses `recipeArn` for training.", + "title": "PerformAutoML", + "type": "boolean" + }, + "PerformHPO": { + "markdownDescription": "Whether to perform hyperparameter optimization (HPO) on the chosen recipe. The default is `false` .", + "title": "PerformHPO", + "type": "boolean" + }, + "RecipeArn": { + "markdownDescription": "The ARN of the recipe used to create the solution. This is required when `performAutoML` is false.", + "title": "RecipeArn", + "type": "string" + }, + "SolutionConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.SolutionConfig", + "markdownDescription": "Describes the configuration properties for the solution.", + "title": "SolutionConfig" + } + }, + "required": [ + "DatasetGroupArn", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Personalize::Solution" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Amount", - "Granularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ExplicitHierarchy": { + "AWS::Personalize::Solution.AlgorithmHyperParameterRanges": { "additionalProperties": false, "properties": { - "Columns": { + "CategoricalHyperParameterRanges": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + "$ref": "#/definitions/AWS::Personalize::Solution.CategoricalHyperParameterRange" }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", + "markdownDescription": "Provides the name and range of a categorical hyperparameter.", + "title": "CategoricalHyperParameterRanges", "type": "array" }, - "DrillDownFilters": { + "ContinuousHyperParameterRanges": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + "$ref": "#/definitions/AWS::Personalize::Solution.ContinuousHyperParameterRange" }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", + "markdownDescription": "Provides the name and range of a continuous hyperparameter.", + "title": "ContinuousHyperParameterRanges", "type": "array" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", - "type": "string" - } - }, - "required": [ - "Columns", - "HierarchyId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.ExportHiddenFieldsOption": { - "additionalProperties": false, - "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the export hidden fields options of a dashbaord.", - "title": "AvailabilityStatus", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ExportToCSVOption": { - "additionalProperties": false, - "properties": { - "AvailabilityStatus": { - "markdownDescription": "Availability status.", - "title": "AvailabilityStatus", - "type": "string" + "IntegerHyperParameterRanges": { + "items": { + "$ref": "#/definitions/AWS::Personalize::Solution.IntegerHyperParameterRange" + }, + "markdownDescription": "Provides the name and range of an integer-valued hyperparameter.", + "title": "IntegerHyperParameterRanges", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption": { + "AWS::Personalize::Solution.AutoMLConfig": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the export with hidden fields options.", - "title": "AvailabilityStatus", + "MetricName": { + "markdownDescription": "The metric to optimize.", + "title": "MetricName", "type": "string" + }, + "RecipeList": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of candidate recipes.", + "title": "RecipeList", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FieldBasedTooltip": { + "AWS::Personalize::Solution.CategoricalHyperParameterRange": { "additionalProperties": false, "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", "type": "string" }, - "TooltipFields": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipItem" + "type": "string" }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", + "markdownDescription": "A list of the categories for the hyperparameter.", + "title": "Values", "type": "array" - }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", - "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FieldLabelType": { + "AWS::Personalize::Solution.ContinuousHyperParameterRange": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", - "type": "string" + "MaxValue": { + "markdownDescription": "The maximum allowable value for the hyperparameter.", + "title": "MaxValue", + "type": "number" }, - "Visibility": { - "markdownDescription": "The visibility of the field label.", - "title": "Visibility", + "MinValue": { + "markdownDescription": "The minimum allowable value for the hyperparameter.", + "title": "MinValue", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FieldSeriesItem": { + "AWS::Personalize::Solution.HpoConfig": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", - "type": "string" + "AlgorithmHyperParameterRanges": { + "$ref": "#/definitions/AWS::Personalize::Solution.AlgorithmHyperParameterRanges", + "markdownDescription": "The hyperparameters and their allowable ranges.", + "title": "AlgorithmHyperParameterRanges" }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", - "type": "string" + "HpoObjective": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoObjective", + "markdownDescription": "The metric to optimize during HPO.\n\n> Amazon Personalize doesn't support configuring the `hpoObjective` at this time.", + "title": "HpoObjective" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "HpoResourceConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoResourceConfig", + "markdownDescription": "Describes the resource configuration for HPO.", + "title": "HpoResourceConfig" } }, - "required": [ - "AxisBinding", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldSort": { + "AWS::Personalize::Solution.HpoObjective": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", + "MetricName": { + "markdownDescription": "The name of the metric.", + "title": "MetricName", "type": "string" }, - "FieldId": { - "markdownDescription": "The sort configuration target field.", - "title": "FieldId", + "MetricRegex": { + "markdownDescription": "A regular expression for finding the metric in the training job logs.", + "title": "MetricRegex", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the metric. Valid values are `Maximize` and `Minimize` .", + "title": "Type", "type": "string" } }, - "required": [ - "Direction", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FieldSortOptions": { + "AWS::Personalize::Solution.HpoResourceConfig": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" + "MaxNumberOfTrainingJobs": { + "markdownDescription": "The maximum number of training jobs when you create a solution version. The maximum value for `maxNumberOfTrainingJobs` is `40` .", + "title": "MaxNumberOfTrainingJobs", + "type": "string" }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" + "MaxParallelTrainingJobs": { + "markdownDescription": "The maximum number of parallel training jobs when you create a solution version. The maximum value for `maxParallelTrainingJobs` is `10` .", + "title": "MaxParallelTrainingJobs", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FieldTooltipItem": { + "AWS::Personalize::Solution.IntegerHyperParameterRange": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", - "title": "FieldId", - "type": "string" + "MaxValue": { + "markdownDescription": "The maximum allowable value for the hyperparameter.", + "title": "MaxValue", + "type": "number" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", - "type": "string" + "MinValue": { + "markdownDescription": "The minimum allowable value for the hyperparameter.", + "title": "MinValue", + "type": "number" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", + "Name": { + "markdownDescription": "The name of the hyperparameter.", + "title": "Name", "type": "string" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells": { + "AWS::Personalize::Solution.SolutionConfig": { "additionalProperties": false, "properties": { - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "AlgorithmHyperParameters": { + "additionalProperties": true, + "markdownDescription": "Lists the algorithm hyperparameters and their values.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", - "type": "array" + "title": "AlgorithmHyperParameters", + "type": "object" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilledMapConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption" + "AutoMLConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.AutoMLConfig", + "markdownDescription": "The [AutoMLConfig](https://docs.aws.amazon.com/personalize/latest/dg/API_AutoMLConfig.html) object containing a list of recipes to search when AutoML is performed.", + "title": "AutoMLConfig" + }, + "EventValueThreshold": { + "markdownDescription": "Only events with a value greater than or equal to this threshold are used for training a model.", + "title": "EventValueThreshold", + "type": "string" + }, + "FeatureTransformationParameters": { + "additionalProperties": true, + "markdownDescription": "Lists the feature transformation parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "required": [ - "ConditionalFormattingOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" + "title": "FeatureTransformationParameters", + "type": "object" + }, + "HpoConfig": { + "$ref": "#/definitions/AWS::Personalize::Solution.HpoConfig", + "markdownDescription": "Describes the properties for hyperparameter optimization (HPO).", + "title": "HpoConfig" } }, - "required": [ - "Shape" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapConfiguration": { + "AWS::Pinpoint::ADMChannel": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the ADM channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "ClientId": { + "markdownDescription": "The Client ID that you received from Amazon to send messages by using ADM.", + "title": "ClientId", + "type": "string" + }, + "ClientSecret": { + "markdownDescription": "The Client Secret that you received from Amazon to send messages by using ADM.", + "title": "ClientSecret", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the ADM channel for the application.", + "title": "Enabled", + "type": "boolean" + } + }, + "required": [ + "ApplicationId", + "ClientId", + "ClientSecret" + ], + "type": "object" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilledMapFieldWells": { - "additionalProperties": false, - "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", - "title": "FieldId", + "Type": { + "enum": [ + "AWS::Pinpoint::ADMChannel" + ], "type": "string" }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilledMapSortConfiguration": { + "AWS::Pinpoint::APNSChannel": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the location fields.", - "title": "CategorySort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilledMapVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::Pinpoint::APNSChannel" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.Filter": { - "additionalProperties": false, - "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" - }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" - }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" - }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" - }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterControl": { + "AWS::Pinpoint::APNSSandboxChannel": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", - "title": "List" + "Condition": { + "type": "string" }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "Metadata": { + "type": "object" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterCrossSheetControl": { - "additionalProperties": false, - "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs sandbox channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs Sandbox channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", + "Type": { + "enum": [ + "AWS::Pinpoint::APNSSandboxChannel" + ], "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterDateTimePickerControl": { + "AWS::Pinpoint::APNSVoipChannel": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", + "Condition": { "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", - "title": "Title", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs VoIP channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the APNs VoIP channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::Pinpoint::APNSVoipChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterDropDownControl": { + "AWS::Pinpoint::APNSVoipSandboxChannel": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the application that the APNs VoIP sandbox channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "BundleId": { + "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", + "title": "BundleId", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using an APNs certificate.", + "title": "Certificate", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the APNs VoIP sandbox channel is enabled for the application.", + "title": "Enabled", + "type": "boolean" + }, + "PrivateKey": { + "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with the APNs sandbox environment.", + "title": "PrivateKey", + "type": "string" + }, + "TeamId": { + "markdownDescription": "The identifier that's assigned to your Apple developer account team. This identifier is used for APNs tokens.", + "title": "TeamId", + "type": "string" + }, + "TokenKey": { + "markdownDescription": "The authentication key to use for APNs tokens.", + "title": "TokenKey", + "type": "string" + }, + "TokenKeyId": { + "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using APNs tokens.", + "title": "TokenKeyId", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "enum": [ + "AWS::Pinpoint::APNSVoipSandboxChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterGroup": { + "AWS::Pinpoint::App": { "additionalProperties": false, "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", + "Condition": { "type": "string" }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Filter" - }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" + "Metadata": { + "type": "object" }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", - "type": "string" - } - }, - "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterListConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryValues": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The display name of the application.", + "title": "Name", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "required": [ + "Name" + ], + "type": "object" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "Type": { + "enum": [ + "AWS::Pinpoint::App" + ], "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MatchOperator" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterListControl": { + "AWS::Pinpoint::ApplicationSettings": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `FilterListControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application.", + "title": "ApplicationId", + "type": "string" + }, + "CampaignHook": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.CampaignHook", + "markdownDescription": "The settings for the Lambda function to use by default as a code hook for campaigns in the application. To override these settings for a specific campaign, use the Campaign resource to define custom Lambda function settings for the campaign.", + "title": "CampaignHook" + }, + "CloudWatchMetricsEnabled": { + "markdownDescription": "", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" + }, + "Limits": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.Limits", + "markdownDescription": "The default sending limits for campaigns in the application. To override these limits for a specific campaign, use the Campaign resource to define custom limits for the campaign.", + "title": "Limits" + }, + "QuietTime": { + "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.QuietTime", + "markdownDescription": "The default quiet time for campaigns in the application. Quiet time is a specific time range when campaigns don't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the application (or a campaign that has custom quiet time settings).\n\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the application (or a campaign that has custom quiet time settings).\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from a campaign, even if quiet time is enabled.\n\nTo override the default quiet time settings for a specific campaign, use the Campaign resource to define a custom quiet time for the campaign.", + "title": "QuietTime" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "enum": [ + "AWS::Pinpoint::ApplicationSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration": { + "AWS::Pinpoint::ApplicationSettings.CampaignHook": { "additionalProperties": false, "properties": { - "SelectedColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", - "type": "array" + "LambdaFunctionName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to send messages for campaigns in the application.", + "title": "LambdaFunctionName", + "type": "string" }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", + "Mode": { + "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", + "title": "Mode", "type": "string" }, - "SelectedFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", - "type": "array" + "WebUrl": { + "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", + "title": "WebUrl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration": { + "AWS::Pinpoint::ApplicationSettings.Limits": { "additionalProperties": false, "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" + "Daily": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", + "title": "Daily", + "type": "number" + }, + "MaximumDuration": { + "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", + "title": "MaximumDuration", + "type": "number" + }, + "MessagesPerSecond": { + "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", + "title": "MessagesPerSecond", + "type": "number" + }, + "Total": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", + "title": "Total", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl": { + "AWS::Pinpoint::ApplicationSettings.QuietTime": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "End": { + "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "End", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", + "Start": { + "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "Start", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "End", + "Start" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterScopeConfiguration": { - "additionalProperties": false, - "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" - }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterSelectableValues": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterSliderControl": { + "AWS::Pinpoint::BaiduChannel": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", + "Condition": { "type": "string" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ApiKey": { + "markdownDescription": "The API key that you received from the Baidu Cloud Push service to communicate with the service.", + "title": "ApiKey", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're configuring the Baidu channel for.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the Baidu channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "SecretKey": { + "markdownDescription": "The secret key that you received from the Baidu Cloud Push service to communicate with the service.", + "title": "SecretKey", + "type": "string" + } + }, + "required": [ + "ApiKey", + "ApplicationId", + "SecretKey" + ], + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", - "title": "Title", + "Type": { + "enum": [ + "AWS::Pinpoint::BaiduChannel" + ], "type": "string" }, - "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "MaximumValue", - "MinimumValue", - "SourceFilterId", - "StepSize", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FilterTextAreaControl": { + "AWS::Pinpoint::Campaign": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "Condition": { "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", - "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.FilterTextFieldControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Metadata": { + "type": "object" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalTreatments": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.WriteTreatmentResource" + }, + "markdownDescription": "An array of requests that defines additional treatments for the campaign, in addition to the default treatment for the campaign.", + "title": "AdditionalTreatments", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the campaign is associated with.", + "title": "ApplicationId", + "type": "string" + }, + "CampaignHook": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignHook", + "markdownDescription": "Specifies the Lambda function to use as a code hook for a campaign.", + "title": "CampaignHook" + }, + "CustomDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", + "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", + "title": "CustomDeliveryConfiguration" + }, + "Description": { + "markdownDescription": "A custom description of the campaign.", + "title": "Description", + "type": "string" + }, + "HoldoutPercent": { + "markdownDescription": "The allocated percentage of users (segment members) who shouldn't receive messages from the campaign.", + "title": "HoldoutPercent", + "type": "number" + }, + "IsPaused": { + "markdownDescription": "Specifies whether to pause the campaign. A paused campaign doesn't run unless you resume it by changing this value to `false` . If you restart a campaign, the campaign restarts from the beginning and not at the point you paused it. If a campaign is running it will complete and then pause. Pause only pauses or skips the next run for a recurring future scheduled campaign. A campaign scheduled for immediate can't be paused.", + "title": "IsPaused", + "type": "boolean" + }, + "Limits": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Limits", + "markdownDescription": "The messaging limits for the campaign.", + "title": "Limits" + }, + "MessageConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", + "markdownDescription": "The message configuration settings for the treatment.", + "title": "MessageConfiguration" + }, + "Name": { + "markdownDescription": "The name of the campaign.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "An integer between 1 and 5, inclusive, that represents the priority of the in-app message campaign, where 1 is the highest priority and 5 is the lowest. If there are multiple messages scheduled to be displayed at the same time, the priority determines the order in which those messages are displayed.", + "title": "Priority", + "type": "number" + }, + "Schedule": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", + "markdownDescription": "The schedule settings for the treatment.", + "title": "Schedule" + }, + "SegmentId": { + "markdownDescription": "The unique identifier for the segment to associate with the campaign.", + "title": "SegmentId", + "type": "string" + }, + "SegmentVersion": { + "markdownDescription": "The version of the segment to associate with the campaign.", + "title": "SegmentVersion", + "type": "number" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", + "markdownDescription": "The message template to use for the treatment.", + "title": "TemplateConfiguration" + }, + "TreatmentDescription": { + "markdownDescription": "A custom description of the treatment.", + "title": "TreatmentDescription", + "type": "string" + }, + "TreatmentName": { + "markdownDescription": "A custom name for the treatment.", + "title": "TreatmentName", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "Name", + "Schedule", + "SegmentId" + ], + "type": "object" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", + "Type": { + "enum": [ + "AWS::Pinpoint::Campaign" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.FontConfiguration": { + "AWS::Pinpoint::Campaign.AttributeDimension": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", - "type": "string" - }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", - "type": "string" - }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" - }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", + "AttributeType": { "type": "string" }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FontSize": { - "additionalProperties": false, - "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FontWeight": { + "AWS::Pinpoint::Campaign.CampaignCustomMessage": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", - "title": "Name", + "Data": { + "markdownDescription": "The raw, JSON-formatted string to use as the payload for the message. The maximum size is 5 KB.", + "title": "Data", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastComputation": { + "AWS::Pinpoint::Campaign.CampaignEmailMessage": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Body": { + "markdownDescription": "The body of the email for recipients whose email clients don't render HTML content.", + "title": "Body", "type": "string" }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" - }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "FromAddress": { + "markdownDescription": "The verified email address to send the email from. The default address is the `FromAddress` specified for the email channel for the application.", + "title": "FromAddress", "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" - }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" - }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", + "HtmlBody": { + "markdownDescription": "The body of the email, in HTML format, for recipients whose email clients render HTML content.", + "title": "HtmlBody", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Title": { + "markdownDescription": "The subject line, or title, of the email.", + "title": "Title", + "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastConfiguration": { + "AWS::Pinpoint::Campaign.CampaignEventFilter": { "additionalProperties": false, "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" + "Dimensions": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.EventDimensions", + "markdownDescription": "The dimension settings of the event filter for the campaign.", + "title": "Dimensions" }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" + "FilterType": { + "markdownDescription": "The type of event that causes the campaign to be sent. Valid values are: `SYSTEM` , sends the campaign when a system event occurs; and, `ENDPOINT` , sends the campaign when an endpoint event (Events resource) occurs.", + "title": "FilterType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ForecastScenario": { + "AWS::Pinpoint::Campaign.CampaignHook": { "additionalProperties": false, "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" + "LambdaFunctionName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to customize a segment for a campaign.", + "title": "LambdaFunctionName", + "type": "string" }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" + "Mode": { + "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", + "title": "Mode", + "type": "string" + }, + "WebUrl": { + "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", + "title": "WebUrl", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FormatConfiguration": { + "AWS::Pinpoint::Campaign.CampaignInAppMessage": { "additionalProperties": false, "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" + "Content": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageContent" + }, + "markdownDescription": "An array that contains configurtion information about the in-app message for the campaign, including title and body text, text colors, background colors, image URLs, and button configurations.", + "title": "Content", + "type": "array" }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" + "CustomConfig": { + "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", + "title": "CustomConfig", + "type": "object" }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" + "Layout": { + "markdownDescription": "A string that describes how the in-app message will appear. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", + "title": "Layout", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions": { + "AWS::Pinpoint::Campaign.CampaignSmsMessage": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" + "Body": { + "markdownDescription": "The body of the SMS message.", + "title": "Body", + "type": "string" + }, + "EntityId": { + "markdownDescription": "The entity ID or Principal Entity (PE) id received from the regulatory body for sending SMS in your country.", + "title": "EntityId", + "type": "string" + }, + "MessageType": { + "markdownDescription": "The SMS message type. Valid values are `TRANSACTIONAL` (for messages that are critical or time-sensitive, such as a one-time passwords) and `PROMOTIONAL` (for messsages that aren't critical or time-sensitive, such as marketing messages).", + "title": "MessageType", + "type": "string" + }, + "OriginationNumber": { + "markdownDescription": "The long code to send the SMS message from. This value should be one of the dedicated long codes that's assigned to your AWS account. Although it isn't required, we recommend that you specify the long code using an E.164 format to ensure prompt and accurate delivery of the message. For example, +12065550100.", + "title": "OriginationNumber", + "type": "string" + }, + "SenderId": { + "markdownDescription": "The alphabetic Sender ID to display as the sender of the message on a recipient's device. Support for sender IDs varies by country or region. To specify a phone number as the sender, omit this parameter and use `OriginationNumber` instead. For more information about support for Sender ID by country, see the [Amazon Pinpoint User Guide](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) .", + "title": "SenderId", + "type": "string" + }, + "TemplateId": { + "markdownDescription": "The template ID received from the regulatory body for sending SMS in your country.", + "title": "TemplateId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration": { + "AWS::Pinpoint::Campaign.CustomDeliveryConfiguration": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "DeliveryUri": { + "markdownDescription": "The destination to send the campaign or treatment to. This value can be one of the following:\n\n- The name or Amazon Resource Name (ARN) of an AWS Lambda function to invoke to handle delivery of the campaign or treatment.\n- The URL for a web application or service that supports HTTPS and can receive the message. The URL has to be a full URL, including the HTTPS protocol.", + "title": "DeliveryUri", + "type": "string" }, - "Elements": { + "EndpointTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + "type": "string" }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", + "markdownDescription": "The types of endpoints to send the campaign or treatment to. Each valid value maps to a type of channel that you can associate with an endpoint by using the `ChannelType` property of an endpoint.", + "title": "EndpointTypes", "type": "array" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElement": { + "AWS::Pinpoint::Campaign.DefaultButtonConfiguration": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" - }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", - "type": "string" - }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" - }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", + "BackgroundColor": { + "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", "type": "string" }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" - }, - "RenderingRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementRenderingRule" - }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", - "type": "array" - }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" + "BorderRadius": { + "markdownDescription": "The border radius of a button.", + "title": "BorderRadius", + "type": "number" }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", "type": "string" }, - "Width": { - "markdownDescription": "The width of an element within a free-form layout.", - "title": "Width", + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", "type": "string" }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", + "Text": { + "markdownDescription": "The text that appears on a button in an in-app message.", + "title": "Text", "type": "string" }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", + "TextColor": { + "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", "type": "string" } }, - "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle": { + "AWS::Pinpoint::Campaign.EventDimensions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", - "type": "string" + "Attributes": { + "markdownDescription": "One or more custom attributes that your application reports to Amazon Pinpoint. You can use these attributes as selection criteria when you create an event filter.", + "title": "Attributes", + "type": "object" }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", - "type": "string" + "EventType": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.SetDimension", + "markdownDescription": "The name of the event that causes the campaign to be sent or the journey activity to be performed. This can be a standard event that Amazon Pinpoint generates, such as `_email.delivered` or `_custom.delivered` . For campaigns, this can also be a custom event that's specific to your application. For information about standard events, see [Streaming Amazon Pinpoint Events](https://docs.aws.amazon.com/pinpoint/latest/developerguide/event-streams.html) in the *Amazon Pinpoint Developer Guide* .", + "title": "EventType" + }, + "Metrics": { + "markdownDescription": "One or more custom metrics that your application reports to Amazon Pinpoint . You can use these metrics as selection criteria when you create an event filter.", + "title": "Metrics", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle": { + "AWS::Pinpoint::Campaign.InAppMessageBodyConfig": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", + "Alignment": { + "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", "type": "string" }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", + "Body": { + "markdownDescription": "The main body text of the message.", + "title": "Body", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", + "title": "TextColor", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions": { + "AWS::Pinpoint::Campaign.InAppMessageButton": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", - "type": "string" + "Android": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to Android.", + "title": "Android" + }, + "DefaultConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.DefaultButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in an in-app message.", + "title": "DefaultConfig" + }, + "IOS": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to iOS devices.", + "title": "IOS" + }, + "Web": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", + "markdownDescription": "An object that defines the default behavior for a button in in-app messages for web applications.", + "title": "Web" } }, - "required": [ - "OptimizedViewPortWidth" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration": { + "AWS::Pinpoint::Campaign.InAppMessageContent": { "additionalProperties": false, "properties": { - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", - "type": "array" + "BackgroundColor": { + "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" + }, + "BodyConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageBodyConfig", + "markdownDescription": "Specifies the configuration of main body text in an in-app message template.", + "title": "BodyConfig" + }, + "HeaderConfig": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageHeaderConfig", + "markdownDescription": "Specifies the configuration and content of the header or title text of the in-app message.", + "title": "HeaderConfig" + }, + "ImageUrl": { + "markdownDescription": "The URL of the image that appears on an in-app message banner.", + "title": "ImageUrl", + "type": "string" + }, + "PrimaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", + "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", + "title": "PrimaryBtn" + }, + "SecondaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", + "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", + "title": "SecondaryBtn" } }, - "required": [ - "Elements" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells": { + "AWS::Pinpoint::Campaign.InAppMessageHeaderConfig": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" + "Alignment": { + "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", - "title": "Values", - "type": "array" + "Header": { + "markdownDescription": "The header or title text of the in-app message.", + "title": "Header", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", + "title": "TextColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartConfiguration": { + "AWS::Pinpoint::Campaign.Limits": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", - "title": "CategoryLabelOptions" - }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FieldWells" + "Daily": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", + "title": "Daily", + "type": "number" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", - "title": "SortConfiguration" + "MaximumDuration": { + "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", + "title": "MaximumDuration", + "type": "number" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", - "title": "Tooltip" + "MessagesPerSecond": { + "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", + "title": "MessagesPerSecond", + "type": "number" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", - "title": "ValueLabelOptions" + "Session": { + "markdownDescription": "The maximum number of messages that the campaign can send per user session.", + "title": "Session", + "type": "number" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", - "title": "VisualPalette" + "Total": { + "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", + "title": "Total", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions": { + "AWS::Pinpoint::Campaign.Message": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", + "Action": { + "markdownDescription": "The action to occur if a recipient taps the push notification. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of iOS and Android.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", "type": "string" }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", + "Body": { + "markdownDescription": "The body of the notification message. The maximum number of characters is 200.", + "title": "Body", "type": "string" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" + "ImageIconUrl": { + "markdownDescription": "The URL of the image to display as the push notification icon, such as the icon for the app.", + "title": "ImageIconUrl", + "type": "string" }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", + "ImageSmallIconUrl": { + "markdownDescription": "The URL of the image to display as the small, push notification icon, such as a small version of the icon for the app.", + "title": "ImageSmallIconUrl", "type": "string" }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", + "ImageUrl": { + "markdownDescription": "The URL of an image to display in the push notification.", + "title": "ImageUrl", "type": "string" }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", + "JsonBody": { + "markdownDescription": "The JSON payload to use for a silent push notification.", + "title": "JsonBody", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", - "title": "Visibility", + "MediaUrl": { + "markdownDescription": "The URL of the image or video to display in the push notification.", + "title": "MediaUrl", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FunnelChartFieldWells": { - "additionalProperties": false, - "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.FunnelChartSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", - "title": "CategoryItemsLimit" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "RawContent": { + "markdownDescription": "The raw, JSON-formatted string to use as the payload for the notification message. If specified, this value overrides all other content for the message.", + "title": "RawContent", + "type": "string" + }, + "SilentPush": { + "markdownDescription": "Specifies whether the notification is a silent push notification, which is a push notification that doesn't display on a recipient's device. Silent push notifications can be used for cases such as updating an app's configuration, displaying messages in an in-app message center, or supporting phone home functionality.", + "title": "SilentPush", + "type": "boolean" + }, + "TimeToLive": { + "markdownDescription": "The number of seconds that the push notification service should keep the message, if the service is unable to deliver the notification the first time. This value is converted to an expiration value when it's sent to a push notification service. If this value is `0` , the service treats the notification as if it expires immediately and the service doesn't store or try to deliver the notification again.\n\nThis value doesn't apply to messages that are sent through the Amazon Device Messaging (ADM) service.", + "title": "TimeToLive", + "type": "number" + }, + "Title": { + "markdownDescription": "The title to display above the notification message on a recipient's device.", + "title": "Title", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps the push notification and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.FunnelChartVisual": { + "AWS::Pinpoint::Campaign.MessageConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "ADMMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the ADM (Amazon Device Messaging) channel. If specified, this message overrides the default message.", + "title": "ADMMessage" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", - "title": "ChartConfiguration" + "APNSMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the APNs (Apple Push Notification service) channel. If specified, this message overrides the default message.", + "title": "APNSMessage" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "BaiduMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the Baidu (Baidu Cloud Push) channel. If specified, this message overrides the default message.", + "title": "BaiduMessage" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "CustomMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignCustomMessage", + "markdownDescription": "The message that the campaign sends through a custom channel, as specified by the delivery configuration ( `CustomDeliveryConfiguration` ) settings for the campaign. If specified, this message overrides the default message.", + "title": "CustomMessage" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "DefaultMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The default message that the campaign sends through all the channels that are configured for the campaign.", + "title": "DefaultMessage" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "EmailMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEmailMessage", + "markdownDescription": "The message that the campaign sends through the email channel. If specified, this message overrides the default message.\n\n> The maximum email message size is 200 KB. You can use email templates to send larger email messages.", + "title": "EmailMessage" + }, + "GCMMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", + "markdownDescription": "The message that the campaign sends through the GCM channel, which enables Amazon Pinpoint to send push notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. If specified, this message overrides the default message.", + "title": "GCMMessage" + }, + "InAppMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignInAppMessage", + "markdownDescription": "The default message for the in-app messaging channel. This message overrides the default message ( `DefaultMessage` ).", + "title": "InAppMessage" + }, + "SMSMessage": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignSmsMessage", + "markdownDescription": "The message that the campaign sends through the SMS channel. If specified, this message overrides the default message.", + "title": "SMSMessage" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting": { + "AWS::Pinpoint::Campaign.MetricDimension": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" + "ComparisonOperator": { + "type": "string" + }, + "Value": { + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting": { + "AWS::Pinpoint::Campaign.OverrideButtonConfiguration": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", + "type": "string" + }, + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption": { + "AWS::Pinpoint::Campaign.QuietTime": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" + "End": { + "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "End", + "type": "string" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" + "Start": { + "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", + "title": "Start", + "type": "string" } }, + "required": [ + "End", + "Start" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartConfiguration": { + "AWS::Pinpoint::Campaign.Schedule": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" + "EndTime": { + "markdownDescription": "The scheduled time, in ISO 8601 format, when the campaign ended or will end.", + "title": "EndTime", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" + "EventFilter": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEventFilter", + "markdownDescription": "The type of event that causes the campaign to be sent, if the value of the `Frequency` property is `EVENT` .", + "title": "EventFilter" }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" + "Frequency": { + "markdownDescription": "Specifies how often the campaign is sent or whether the campaign is sent in response to a specific event.", + "title": "Frequency", + "type": "string" }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" + "IsLocalTime": { + "markdownDescription": "Specifies whether the start and end times for the campaign schedule use each recipient's local time. To base the schedule on each recipient's local time, set this value to `true` .", + "title": "IsLocalTime", + "type": "boolean" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" + "QuietTime": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.QuietTime", + "markdownDescription": "The default quiet time for the campaign. Quiet time is a specific time range when a campaign doesn't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the campaign.\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the campaign.\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from the campaign, even if quiet time is enabled.", + "title": "QuietTime" + }, + "StartTime": { + "markdownDescription": "The scheduled time when the campaign began or will begin. Valid values are: `IMMEDIATE` , to start the campaign immediately; or, a specific time in ISO 8601 format.", + "title": "StartTime", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The starting UTC offset for the campaign schedule, if the value of the `IsLocalTime` property is `true` . Valid values are: `UTC, UTC+01, UTC+02, UTC+03, UTC+03:30, UTC+04, UTC+04:30, UTC+05, UTC+05:30, UTC+05:45, UTC+06, UTC+06:30, UTC+07, UTC+08, UTC+09, UTC+09:30, UTC+10, UTC+10:30, UTC+11, UTC+12, UTC+13, UTC-02, UTC-03, UTC-04, UTC-05, UTC-06, UTC-07, UTC-08, UTC-09, UTC-10,` and `UTC-11` .", + "title": "TimeZone", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartFieldWells": { + "AWS::Pinpoint::Campaign.SetDimension": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", - "type": "array" + "DimensionType": { + "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", + "title": "DimensionType", + "type": "string" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartOptions": { + "AWS::Pinpoint::Campaign.Template": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" - }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" - }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "Name": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "Name", "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "Version": { + "markdownDescription": "The unique identifier for the version of the message template to use for the message. If specified, this value must match the identifier for an existing template version. To retrieve a list of versions and version identifiers for a template, use the [Template Versions](https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html) resource.\n\nIf you don't specify a value for this property, Amazon Pinpoint uses the *active version* of the template. The *active version* is typically the version of a template that's been most recently reviewed and approved for use, depending on your workflow. It isn't necessarily the latest version of a template.", + "title": "Version", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::Pinpoint::Campaign.TemplateConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" + "EmailTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The email template to use for the message.", + "title": "EmailTemplate" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" + "PushTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The push notification template to use for the message.", + "title": "PushTemplate" + }, + "SMSTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The SMS template to use for the message.", + "title": "SMSTemplate" + }, + "VoiceTemplate": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", + "markdownDescription": "The voice template to use for the message. This object isn't supported for campaigns.", + "title": "VoiceTemplate" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GaugeChartVisual": { + "AWS::Pinpoint::Campaign.WriteTreatmentResource": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "CustomDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", + "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", + "title": "CustomDeliveryConfiguration" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", - "title": "ChartConfiguration" + "MessageConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", + "markdownDescription": "The message configuration settings for the treatment.", + "title": "MessageConfiguration" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", - "title": "ConditionalFormatting" + "Schedule": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", + "markdownDescription": "The schedule settings for the treatment.", + "title": "Schedule" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "SizePercent": { + "markdownDescription": "The allocated percentage of users (segment members) to send the treatment to.", + "title": "SizePercent", + "type": "number" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", + "markdownDescription": "The message template to use for the treatment.", + "title": "TemplateConfiguration" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "TreatmentDescription": { + "markdownDescription": "A custom description of the treatment.", + "title": "TreatmentDescription", + "type": "string" + }, + "TreatmentName": { + "markdownDescription": "A custom name for the treatment.", + "title": "TreatmentName", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialCoordinateBounds": { + "AWS::Pinpoint::EmailChannel": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", - "type": "number" + "Condition": { + "type": "string" }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", - "type": "number" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're specifying the email channel for.", + "title": "ApplicationId", + "type": "string" + }, + "ConfigurationSet": { + "markdownDescription": "The [Amazon SES configuration set](https://docs.aws.amazon.com/ses/latest/APIReference/API_ConfigurationSet.html) that you want to apply to messages that you send through the channel.", + "title": "ConfigurationSet", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the email channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "FromAddress": { + "markdownDescription": "The verified email address that you want to send email from when you send email through the channel.", + "title": "FromAddress", + "type": "string" + }, + "Identity": { + "markdownDescription": "The Amazon Resource Name (ARN) of the identity, verified with Amazon Simple Email Service (Amazon SES), that you want to use when you send email through the channel.", + "title": "Identity", + "type": "string" + }, + "OrchestrationSendingRoleArn": { + "markdownDescription": "The ARN of an IAM role for Amazon Pinpoint to use to send email from your campaigns or journeys through Amazon SES .", + "title": "OrchestrationSendingRoleArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that you want Amazon Pinpoint to use when it submits email-related event data for the channel.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "FromAddress", + "Identity" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EmailChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "East", - "North", - "South", - "West" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale": { + "AWS::Pinpoint::EmailTemplate": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "HtmlPart": { + "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", + "title": "HtmlPart", + "type": "string" + }, + "Subject": { + "markdownDescription": "The subject line, or title, to use in email messages that are based on the message template.", + "title": "Subject", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template.", + "title": "TemplateName", + "type": "string" + }, + "TextPart": { + "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", + "title": "TextPart", + "type": "string" + } }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration": { - "additionalProperties": false, - "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", + "required": [ + "Subject", + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EmailTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Color" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells": { + "AWS::Pinpoint::EventStream": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", - "type": "array" + "Condition": { + "type": "string" }, - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you want to export data from.", + "title": "ApplicationId", + "type": "string" + }, + "DestinationStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Stream or Amazon Data Firehose delivery stream that you want to publish event data to.\n\nFor a Kinesis Data Stream, the ARN format is: `arn:aws:kinesis: region : account-id :stream/ stream_name`\n\nFor a Firehose delivery stream, the ARN format is: `arn:aws:firehose: region : account-id :deliverystream/ stream_name`", + "title": "DestinationStreamArn", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The AWS Identity and Access Management (IAM) role that authorizes Amazon Pinpoint to publish event data to the stream in your AWS account.", + "title": "RoleArn", + "type": "string" + } }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", - "title": "Values", - "type": "array" + "required": [ + "ApplicationId", + "DestinationStreamArn", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::EventStream" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapConfiguration": { + "AWS::Pinpoint::GCMChannel": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "ApiKey": { + "markdownDescription": "The Web API key, also called the *server key* , that you received from Google to communicate with Google services.", + "title": "ApiKey", + "type": "string" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the GCM channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "DefaultAuthenticationMethod": { + "markdownDescription": "The default authentication method used for GCM. Values are either \"TOKEN\" or \"KEY\". Defaults to \"KEY\".", + "title": "DefaultAuthenticationMethod", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the GCM channel for the Amazon Pinpoint application.", + "title": "Enabled", + "type": "boolean" + }, + "ServiceJson": { + "markdownDescription": "The contents of the JSON file provided by Google during registration in order to generate an access token for authentication. For more information see [Migrate from legacy FCM APIs to HTTP v1](https://docs.aws.amazon.com/https://firebase.google.com/docs/cloud-messaging/migrate-v1) .", + "title": "ServiceJson", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "", - "title": "VisualPalette" + "Type": { + "enum": [ + "AWS::Pinpoint::GCMChannel" + ], + "type": "string" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialMapFieldWells": { - "additionalProperties": false, - "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.GeospatialMapStyleOptions": { - "additionalProperties": false, - "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialMapVisual": { + "AWS::Pinpoint::InAppTemplate": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "Content": { + "items": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.InAppMessageContent" + }, + "markdownDescription": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors.", + "title": "Content", + "type": "array" + }, + "CustomConfig": { + "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", + "title": "CustomConfig", + "type": "object" + }, + "Layout": { + "markdownDescription": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", + "title": "Layout", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "An optional description of the in-app template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the in-app message template.", + "title": "TemplateName", + "type": "string" + } + }, + "required": [ + "TemplateName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::Pinpoint::InAppTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialPointStyleOptions": { + "AWS::Pinpoint::InAppTemplate.BodyConfig": { "additionalProperties": false, "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" + "Alignment": { + "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" + "Body": { + "markdownDescription": "The main body text of the message.", + "title": "Body", + "type": "string" }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", + "TextColor": { + "markdownDescription": "The color of the body text, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GeospatialWindowOptions": { + "AWS::Pinpoint::InAppTemplate.ButtonConfig": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" + "Android": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration.", + "title": "Android" }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", - "type": "string" + "DefaultConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration", + "markdownDescription": "Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users.", + "title": "DefaultConfig" + }, + "IOS": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration.", + "title": "IOS" + }, + "Web": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", + "markdownDescription": "Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration.", + "title": "Web" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GlobalTableBorderOptions": { + "AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration": { "additionalProperties": false, "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" + "BackgroundColor": { + "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", + "type": "string" }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" + "BorderRadius": { + "markdownDescription": "The border radius of a button.", + "title": "BorderRadius", + "type": "number" + }, + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", + "type": "string" + }, + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" + }, + "Text": { + "markdownDescription": "The text that appears on a button in an in-app message.", + "title": "Text", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GradientColor": { + "AWS::Pinpoint::InAppTemplate.HeaderConfig": { "additionalProperties": false, "properties": { - "Stops": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientStop" - }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", - "type": "array" + "Alignment": { + "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", + "title": "Alignment", + "type": "string" + }, + "Header": { + "markdownDescription": "The title text of the in-app message.", + "title": "Header", + "type": "string" + }, + "TextColor": { + "markdownDescription": "The color of the title text, expressed as a hex color code (such as #000000 for black).", + "title": "TextColor", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GradientStop": { + "AWS::Pinpoint::InAppTemplate.InAppMessageContent": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", + "BackgroundColor": { + "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", + "title": "BackgroundColor", "type": "string" }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", - "type": "number" + "BodyConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.BodyConfig", + "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", + "title": "BodyConfig" }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", - "type": "number" + "HeaderConfig": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.HeaderConfig", + "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", + "title": "HeaderConfig" + }, + "ImageUrl": { + "markdownDescription": "The URL of the image that appears on an in-app message banner.", + "title": "ImageUrl", + "type": "string" + }, + "PrimaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", + "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", + "title": "PrimaryBtn" + }, + "SecondaryBtn": { + "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", + "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", + "title": "SecondaryBtn" } }, - "required": [ - "GradientOffset" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions": { + "AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration": { "additionalProperties": false, "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" + "ButtonAction": { + "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", + "title": "ButtonAction", + "type": "string" + }, + "Link": { + "markdownDescription": "The destination (such as a URL) for a button.", + "title": "Link", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutConfiguration": { + "AWS::Pinpoint::PushTemplate": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" + "Condition": { + "type": "string" }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutElement" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ADM": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the ADM (Amazon Device Messaging) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "ADM" + }, + "APNS": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate", + "markdownDescription": "The message template to use for the APNs (Apple Push Notification service) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "APNS" + }, + "Baidu": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the Baidu (Baidu Cloud Push) channel. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "Baidu" + }, + "Default": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate", + "markdownDescription": "The default message template to use for push notification channels.", + "title": "Default" + }, + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "GCM": { + "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", + "markdownDescription": "The message template to use for the GCM channel, which is used to send notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. This message template overrides the default template for push notification channels ( `Default` ).", + "title": "GCM" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "TemplateName", + "type": "string" + } }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", - "type": "array" + "required": [ + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::PushTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Elements" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutElement": { + "AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate": { "additionalProperties": false, "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", - "type": "number" + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", + "type": "string" }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" + "Body": { + "markdownDescription": "The message body to use in push notifications that are based on the message template.", + "title": "Body", + "type": "string" }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", + "MediaUrl": { + "markdownDescription": "The URL of an image or video to display in push notifications that are based on the message template.", + "title": "MediaUrl", "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "Sound": { + "markdownDescription": "The key for the sound to play when the recipient receives a push notification that's based on the message template. The value for this key is the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", + "title": "Sound", "type": "string" }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" + "Title": { + "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", + "type": "string" }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", - "type": "number" + "Url": { + "markdownDescription": "The URL to open in the recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" } }, - "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions": { + "AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate": { "additionalProperties": false, "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This action uses the deep-linking features of the Android platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", "type": "string" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", + "Body": { + "markdownDescription": "The message body to use in a push notification that's based on the message template.", + "title": "Body", + "type": "string" + }, + "ImageIconUrl": { + "markdownDescription": "The URL of the large icon image to display in the content view of a push notification that's based on the message template.", + "title": "ImageIconUrl", + "type": "string" + }, + "ImageUrl": { + "markdownDescription": "The URL of an image to display in a push notification that's based on the message template.", + "title": "ImageUrl", + "type": "string" + }, + "SmallImageIconUrl": { + "markdownDescription": "The URL of the small icon image to display in the status bar and the content view of a push notification that's based on the message template.", + "title": "SmallImageIconUrl", + "type": "string" + }, + "Sound": { + "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .", + "title": "Sound", + "type": "string" + }, + "Title": { + "markdownDescription": "The title to use in a push notification that's based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", + "type": "string" + }, + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", "type": "string" } }, - "required": [ - "ResizeOption" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.GrowthRateComputation": { + "AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Action": { + "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS and Android platforms.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", + "title": "Action", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Body": { + "markdownDescription": "The message body to use in push notifications that are based on the message template.", + "title": "Body", "type": "string" }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" + "Sound": { + "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .\n\nFor an iOS platform, this value is the key for the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", + "title": "Sound", + "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Title": { + "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", + "title": "Title", + "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Url": { + "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", + "title": "Url", + "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration": { + "AWS::Pinpoint::SMSChannel": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" - }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", + "Condition": { "type": "string" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the SMS channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the SMS channel for the application.", + "title": "Enabled", + "type": "boolean" + }, + "SenderId": { + "markdownDescription": "The identity that you want to display on recipients' devices when they receive messages from the SMS channel.\n\n> SenderIDs are only supported in certain countries and regions. For more information, see [Supported Countries and Regions](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) in the *Amazon Pinpoint User Guide* .", + "title": "SenderId", + "type": "string" + }, + "ShortCode": { + "markdownDescription": "The registered short code that you want to use when you send messages through the SMS channel.\n\n> For information about obtaining a dedicated short code for sending SMS messages, see [Requesting Dedicated Short Codes for SMS Messaging with Amazon Pinpoint](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-awssupport-short-code.html) in the *Amazon Pinpoint User Guide* .", + "title": "ShortCode", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::SMSChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Layout", - "SectionId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells": { + "AWS::Pinpoint::Segment": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", - "type": "array" + "Condition": { + "type": "string" }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the segment is associated with.", + "title": "ApplicationId", + "type": "string" + }, + "Dimensions": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions", + "markdownDescription": "An array that defines the dimensions for the segment.", + "title": "Dimensions" + }, + "Name": { + "markdownDescription": "The name of the segment.\n\n> A segment must have a name otherwise it will not appear in the Amazon Pinpoint console.", + "title": "Name", + "type": "string" + }, + "SegmentGroups": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentGroups", + "markdownDescription": "The segment group to use and the dimensions to apply to the group's base segments in order to build the segment. A segment group can consist of zero or more base segments. Your request can include only one segment group.", + "title": "SegmentGroups" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", - "type": "array" + "required": [ + "ApplicationId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::Segment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Pinpoint::Segment.AttributeDimension": { + "additionalProperties": false, + "properties": { + "AttributeType": { + "type": "string" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The values field well of a heat map.", - "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapConfiguration": { + "AWS::Pinpoint::Segment.Behavior": { "additionalProperties": false, "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" - }, - "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Recency": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Recency", + "markdownDescription": "Specifies how recently segment members were active.", + "title": "Recency" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapFieldWells": { + "AWS::Pinpoint::Segment.Coordinates": { "additionalProperties": false, "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "Latitude": { + "markdownDescription": "The latitude coordinate of the location.", + "title": "Latitude", + "type": "number" + }, + "Longitude": { + "markdownDescription": "The longitude coordinate of the location.", + "title": "Longitude", + "type": "number" } }, + "required": [ + "Latitude", + "Longitude" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapSortConfiguration": { + "AWS::Pinpoint::Segment.Demographic": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" + "AppVersion": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The app version criteria for the segment.", + "title": "AppVersion" }, - "HeatMapColumnSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", - "type": "array" + "Channel": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The channel criteria for the segment.", + "title": "Channel" }, - "HeatMapRowItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" + "DeviceType": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device type criteria for the segment.", + "title": "DeviceType" }, - "HeatMapRowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", - "type": "array" + "Make": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device make criteria for the segment.", + "title": "Make" + }, + "Model": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device model criteria for the segment.", + "title": "Model" + }, + "Platform": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The device platform criteria for the segment.", + "title": "Platform" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HeatMapVisual": { + "AWS::Pinpoint::Segment.GPSPoint": { "additionalProperties": false, "properties": { - "Actions": { + "Coordinates": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Coordinates", + "markdownDescription": "The GPS coordinates to measure distance from.", + "title": "Coordinates" + }, + "RangeInKilometers": { + "markdownDescription": "The range, in kilometers, from the GPS coordinates.", + "title": "RangeInKilometers", + "type": "number" + } + }, + "required": [ + "Coordinates", + "RangeInKilometers" + ], + "type": "object" + }, + "AWS::Pinpoint::Segment.Groups": { + "additionalProperties": false, + "properties": { + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "An array that defines the dimensions to include or exclude from the segment.", + "title": "Dimensions", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "SourceSegments": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::Pinpoint::Segment.SourceSegments" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The base segment to build the segment on. A base segment, also called a *source segment* , defines the initial population of endpoints for a segment. When you add dimensions to the segment, Amazon Pinpoint filters the base segment by using the dimensions that you specify.\n\nYou can specify more than one dimensional segment or only one imported segment. If you specify an imported segment, the segment size estimate that displays on the Amazon Pinpoint console indicates the size of the imported segment without any filters applied to it.", + "title": "SourceSegments", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "SourceType": { + "markdownDescription": "Specifies how to handle multiple base segments for the segment. For example, if you specify three base segments for the segment, whether the resulting segment is based on all, any, or none of the base segments.", + "title": "SourceType", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "markdownDescription": "Specifies how to handle multiple dimensions for the segment. For example, if you specify three dimensions for the segment, whether the resulting segment includes endpoints that match all, any, or none of the dimensions.", + "title": "Type", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells": { + "AWS::Pinpoint::Segment.Location": { "additionalProperties": false, "properties": { - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", - "title": "Values", - "type": "array" + "Country": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", + "markdownDescription": "The country or region code, in ISO 3166-1 alpha-2 format, for the segment.", + "title": "Country" + }, + "GPSPoint": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.GPSPoint", + "markdownDescription": "The GPS point dimension for the segment.", + "title": "GPSPoint" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramBinOptions": { + "AWS::Pinpoint::Segment.Recency": { "additionalProperties": false, "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" - }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" - }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", + "Duration": { + "markdownDescription": "The duration to use when determining which users have been active or inactive with your app.\n\nPossible values: `HR_24` | `DAY_7` | `DAY_14` | `DAY_30` .", + "title": "Duration", "type": "string" }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", - "type": "number" + "RecencyType": { + "markdownDescription": "The type of recency dimension to use for the segment. Valid values are: `ACTIVE` and `INACTIVE` . If the value is `ACTIVE` , the segment includes users who have used your app within the specified duration are included in the segment. If the value is `INACTIVE` , the segment includes users who haven't used your app within the specified duration are included in the segment.", + "title": "RecencyType", + "type": "string" } }, + "required": [ + "Duration", + "RecencyType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramConfiguration": { + "AWS::Pinpoint::Segment.SegmentDimensions": { "additionalProperties": false, "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "FieldWells" + "Attributes": { + "markdownDescription": "One or more custom attributes to use as criteria for the segment. For more information see [AttributeDimension](https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#apps-application-id-segments-model-attributedimension)", + "title": "Attributes", + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", - "title": "Tooltip" + "Behavior": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Behavior", + "markdownDescription": "The behavior-based criteria, such as how recently users have used your app, for the segment.", + "title": "Behavior" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", - "title": "VisualPalette" + "Demographic": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Demographic", + "markdownDescription": "The demographic-based criteria, such as device platform, for the segment.", + "title": "Demographic" }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" + "Location": { + "$ref": "#/definitions/AWS::Pinpoint::Segment.Location", + "markdownDescription": "The location-based criteria, such as region or GPS coordinates, for the segment.", + "title": "Location" }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "Metrics": { + "markdownDescription": "One or more custom metrics to use as criteria for the segment.", + "title": "Metrics", + "type": "object" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "YAxisDisplayOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.HistogramFieldWells": { - "additionalProperties": false, - "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" + "UserAttributes": { + "markdownDescription": "One or more custom user attributes to use as criteria for the segment.", + "title": "UserAttributes", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.HistogramVisual": { + "AWS::Pinpoint::Segment.SegmentGroups": { "additionalProperties": false, "properties": { - "Actions": { + "Groups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::Pinpoint::Segment.Groups" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "Specifies the set of segment criteria to evaluate when handling segment groups for the segment.", + "title": "Groups", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", - "title": "ChartConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Include": { + "markdownDescription": "Specifies how to handle multiple segment groups for the segment. For example, if the segment includes three segment groups, whether the resulting segment includes endpoints that match all, any, or none of the segment groups.", + "title": "Include", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.InsightConfiguration": { + "AWS::Pinpoint::Segment.SetDimension": { "additionalProperties": false, "properties": { - "Computations": { + "DimensionType": { + "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", + "title": "DimensionType", + "type": "string" + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Computation" + "type": "string" }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", + "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", + "title": "Values", "type": "array" - }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.InsightVisual": { + "AWS::Pinpoint::Segment.SourceSegments": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", + "Id": { + "markdownDescription": "The unique identifier for the source segment.", + "title": "Id", "type": "string" }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "Version": { + "markdownDescription": "The version number of the source segment.", + "title": "Version", + "type": "number" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Id" ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerDefaultValues": { + "AWS::Pinpoint::SmsTemplate": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "Condition": { + "type": "string" }, - "StaticValues": { - "items": { - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Body": { + "markdownDescription": "The message body to use in text messages that are based on the message template.", + "title": "Body", + "type": "string" + }, + "DefaultSubstitutions": { + "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", + "title": "DefaultSubstitutions", + "type": "string" + }, + "Tags": { + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "object" + }, + "TemplateDescription": { + "markdownDescription": "A custom description of the message template.", + "title": "TemplateDescription", + "type": "string" + }, + "TemplateName": { + "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", + "title": "TemplateName", + "type": "string" + } }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", - "type": "array" + "required": [ + "Body", + "TemplateName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::SmsTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerParameter": { + "AWS::Pinpoint::VoiceChannel": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the integer parameter.", - "title": "Name", + "Condition": { "type": "string" }, - "Values": { - "items": { - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the voice channel applies to.", + "title": "ApplicationId", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether to enable the voice channel for the application.", + "title": "Enabled", + "type": "boolean" + } }, - "markdownDescription": "The values for the integer parameter.", - "title": "Values", - "type": "array" + "required": [ + "ApplicationId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pinpoint::VoiceChannel" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "Values" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerParameterDeclaration": { + "AWS::PinpointEmail::ConfigurationSet": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Condition": { + "type": "string" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeliveryOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.DeliveryOptions", + "markdownDescription": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.", + "title": "DeliveryOptions" + }, + "Name": { + "markdownDescription": "The name of the configuration set.", + "title": "Name", + "type": "string" + }, + "ReputationOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.ReputationOptions", + "markdownDescription": "An object that defines whether or not Amazon Pinpoint collects reputation metrics for the emails that you send that use the configuration set.", + "title": "ReputationOptions" + }, + "SendingOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.SendingOptions", + "markdownDescription": "An object that defines whether or not Amazon Pinpoint can send email that you send using the configuration set.", + "title": "SendingOptions" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the configuration set.", + "title": "Tags", + "type": "array" + }, + "TrackingOptions": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.TrackingOptions", + "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", + "title": "TrackingOptions" + } }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "required": [ + "Name" + ], + "type": "object" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "Type": { + "enum": [ + "AWS::PinpointEmail::ConfigurationSet" + ], "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" } }, "required": [ - "Name", - "ParameterValueType" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration": { + "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" - }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "SendingPoolName": { + "markdownDescription": "The name of the dedicated IP pool that you want to associate with the configuration set.", + "title": "SendingPoolName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ItemsLimitConfiguration": { + "AWS::PinpointEmail::ConfigurationSet.ReputationOptions": { "additionalProperties": false, "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", - "type": "number" - }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", - "type": "string" + "ReputationMetricsEnabled": { + "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", + "title": "ReputationMetricsEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting": { + "AWS::PinpointEmail::ConfigurationSet.SendingOptions": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" - }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" + "SendingEnabled": { + "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", + "title": "SendingEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting": { + "AWS::PinpointEmail::ConfigurationSet.Tags": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the configuration set, then this value is required.", + "title": "Key", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIConditionalFormatting": { + "AWS::PinpointEmail::ConfigurationSet.TrackingOptions": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormattingOption" - }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", - "type": "array" + "CustomRedirectDomain": { + "markdownDescription": "The domain that you want to use for tracking open and click events.", + "title": "CustomRedirectDomain", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIConditionalFormattingOption": { + "AWS::PinpointEmail::ConfigurationSetEventDestination": { "additionalProperties": false, "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" + "Condition": { + "type": "string" }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.KPIConfiguration": { - "additionalProperties": false, - "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" + "Metadata": { + "type": "object" }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "ConfigurationSetName": { + "markdownDescription": "The name of the configuration set that contains the event destination that you want to modify.", + "title": "ConfigurationSetName", + "type": "string" + }, + "EventDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination", + "markdownDescription": "An object that defines the event destination.", + "title": "EventDestination" + }, + "EventDestinationName": { + "markdownDescription": "The name of the event destination that you want to modify.", + "title": "EventDestinationName", + "type": "string" + } + }, + "required": [ + "ConfigurationSetName", + "EventDestinationName" + ], + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" + "Type": { + "enum": [ + "AWS::PinpointEmail::ConfigurationSetEventDestination" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIFieldWells": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination": { "additionalProperties": false, "properties": { - "TargetValues": { + "DimensionConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", - "type": "array" - }, - "TrendGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration" }, - "markdownDescription": "The value field wells of a KPI visual.", - "title": "Values", + "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", + "title": "DimensionConfigurations", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIOptions": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "DefaultDimensionValue": { + "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DefaultDimensionValue", "type": "string" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" - }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" - }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" - }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" - }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" - }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" + "DimensionName": { + "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DimensionName", + "type": "string" }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" + "DimensionValueSource": { + "markdownDescription": "The location where Amazon Pinpoint finds the value of a dimension to publish to Amazon CloudWatch. Acceptable values: `MESSAGE_TAG` , `EMAIL_HEADER` , and `LINK_TAG` .\n\nIf you want Amazon Pinpoint to use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` API, choose `MESSAGE_TAG` . If you want Amazon Pinpoint to use your own email headers, choose `EMAIL_HEADER` . If you want Amazon Pinpoint to use tags that are specified in your links, choose `LINK_TAG` .", + "title": "DimensionValueSource", + "type": "string" } }, + "required": [ + "DefaultDimensionValue", + "DimensionName", + "DimensionValueSource" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" + "CloudWatchDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination", + "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", + "title": "CloudWatchDestination" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" + "Enabled": { + "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", + "title": "Enabled", + "type": "boolean" + }, + "KinesisFirehoseDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination", + "markdownDescription": "An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift.", + "title": "KinesisFirehoseDestination" + }, + "MatchingEventTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of events that Amazon Pinpoint sends to the specified event destinations. Acceptable values: `SEND` , `REJECT` , `BOUNCE` , `COMPLAINT` , `DELIVERY` , `OPEN` , `CLICK` , and `RENDERING_FAILURE` .", + "title": "MatchingEventTypes", + "type": "array" + }, + "PinpointDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination", + "markdownDescription": "An object that defines a Amazon Pinpoint destination for email events. You can use Amazon Pinpoint events to create attributes in Amazon Pinpoint projects. You can use these attributes to create segments for your campaigns.", + "title": "PinpointDestination" + }, + "SnsDestination": { + "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination", + "markdownDescription": "An object that defines an Amazon SNS destination for email events. You can use Amazon SNS to send notification when certain email events occur.", + "title": "SnsDestination" } }, + "required": [ + "MatchingEventTypes" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" + "DeliveryStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Firehose stream that Amazon Pinpoint sends email events to.", + "title": "DeliveryStreamArn", + "type": "string" + }, + "IamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that Amazon Pinpoint uses when sending email events to the Amazon Kinesis Data Firehose stream.", + "title": "IamRoleArn", + "type": "string" } }, + "required": [ + "DeliveryStreamArn", + "IamRoleArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPISortConfiguration": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination": { "additionalProperties": false, "properties": { - "TrendGroupSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", - "type": "array" + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Pinpoint project that you want to send email events to.", + "title": "ApplicationArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPISparklineOptions": { + "AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", - "type": "string" - }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the sparkline.", - "title": "Visibility", + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic that you want to publish email events to. For more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", "type": "string" } }, "required": [ - "Type" + "TopicArn" ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisual": { + "AWS::PinpointEmail::DedicatedIpPool": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" + "Metadata": { + "type": "object" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Properties": { + "additionalProperties": false, + "properties": { + "PoolName": { + "markdownDescription": "The name of the dedicated IP pool.", + "title": "PoolName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::DedicatedIpPool.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the dedicated IP pool.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::PinpointEmail::DedicatedIpPool" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisualLayoutOptions": { + "AWS::PinpointEmail::DedicatedIpPool.Tags": { "additionalProperties": false, "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the dedicated IP pool, then this value is required.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.KPIVisualStandardLayout": { + "AWS::PinpointEmail::Identity": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DkimSigningEnabled": { + "markdownDescription": "For domain identities, this attribute is used to enable or disable DomainKeys Identified Mail (DKIM) signing for the domain.\n\nIf the value is `true` , then the messages that you send from the domain are signed using both the DKIM keys for your domain, as well as the keys for the `amazonses.com` domain. If the value is `false` , then the messages that you send are only signed using the DKIM keys for the `amazonses.com` domain.", + "title": "DkimSigningEnabled", + "type": "boolean" + }, + "FeedbackForwardingEnabled": { + "markdownDescription": "Used to enable or disable feedback forwarding for an identity. This setting determines what happens when an identity is used to send an email that results in a bounce or complaint event.\n\nWhen you enable feedback forwarding, Amazon Pinpoint sends you email notifications when bounce or complaint events occur. Amazon Pinpoint sends this notification to the address that you specified in the Return-Path header of the original email.\n\nWhen you disable feedback forwarding, Amazon Pinpoint sends notifications through other mechanisms, such as by notifying an Amazon SNS topic. You're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications, Amazon Pinpoint sends an email notification when these events occur (even if this setting is disabled).", + "title": "FeedbackForwardingEnabled", + "type": "boolean" + }, + "MailFromAttributes": { + "$ref": "#/definitions/AWS::PinpointEmail::Identity.MailFromAttributes", + "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", + "title": "MailFromAttributes" + }, + "Name": { + "markdownDescription": "The address or domain of the identity, such as *sender@example.com* or *example.co.uk* .", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::PinpointEmail::Identity.Tags" + }, + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the email identity.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The standard layout type.", - "title": "Type", + "enum": [ + "AWS::PinpointEmail::Identity" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.LabelOptions": { + "AWS::PinpointEmail::Identity.MailFromAttributes": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The text for the label.", - "title": "CustomLabel", + "BehaviorOnMxFailure": { + "markdownDescription": "The action that Amazon Pinpoint to takes if it can't read the required MX record for a custom MAIL FROM domain. When you set this value to `UseDefaultValue` , Amazon Pinpoint uses *amazonses.com* as the MAIL FROM domain. When you set this value to `RejectMessage` , Amazon Pinpoint returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.", + "title": "BehaviorOnMxFailure", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the label.", - "title": "FontConfiguration" - }, - "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", - "title": "Visibility", + "MailFromDomain": { + "markdownDescription": "The name of a domain that an email identity uses as a custom MAIL FROM domain.", + "title": "MailFromDomain", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.Layout": { - "additionalProperties": false, - "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" - } - }, - "required": [ - "Configuration" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.LayoutConfiguration": { + "AWS::PinpointEmail::Identity.Tags": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" - }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" + "Key": { + "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the identity, then this value is required.", + "title": "Key", + "type": "string" }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" + "Value": { + "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LegendOptions": { + "AWS::Pipes::Pipe": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", + "Condition": { "type": "string" }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The custom title for the legend.", - "title": "Title" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the pipe.", + "title": "Description", + "type": "string" + }, + "DesiredState": { + "markdownDescription": "The state the pipe should be in.", + "title": "DesiredState", + "type": "string" + }, + "Enrichment": { + "markdownDescription": "The ARN of the enrichment resource.", + "title": "Enrichment", + "type": "string" + }, + "EnrichmentParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentParameters", + "markdownDescription": "The parameters required to set up enrichment on your pipe.", + "title": "EnrichmentParameters" + }, + "KmsKeyIdentifier": { + "markdownDescription": "The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt pipe data. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.\n\nTo update a pipe that is using the default AWS owned key to use a customer managed key instead, or update a pipe that is using a customer managed key to use a different customer managed key, specify a customer managed key identifier.\n\nTo update a pipe that is using a customer managed key to use the default AWS owned key , specify an empty string.\n\nFor more information, see [Managing keys](https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyIdentifier", + "type": "string" + }, + "LogConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeLogConfiguration", + "markdownDescription": "The logging configuration settings for the pipe.", + "title": "LogConfiguration" + }, + "Name": { + "markdownDescription": "The name of the pipe.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the role that allows the pipe to send data to the target.", + "title": "RoleArn", + "type": "string" + }, + "Source": { + "markdownDescription": "The ARN of the source resource.", + "title": "Source", + "type": "string" + }, + "SourceParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceParameters", + "markdownDescription": "The parameters required to set up a source for your pipe.", + "title": "SourceParameters" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The list of key-value pairs to associate with the pipe.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Target": { + "markdownDescription": "The ARN of the target resource.", + "title": "Target", + "type": "string" + }, + "TargetParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetParameters", + "markdownDescription": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* .", + "title": "TargetParameters" + } + }, + "required": [ + "RoleArn", + "Source", + "Target" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Pipes::Pipe" + ], "type": "string" }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells": { + "AWS::Pipes::Pipe.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", - "type": "array" + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", + "type": "string" }, - "SmallMultiples": { + "SecurityGroups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "type": "string" }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", "type": "array" }, - "Values": { + "Subnets": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", "type": "array" } }, + "required": [ + "Subnets" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartConfiguration": { + "AWS::Pipes::Pipe.BatchArrayProperties": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" - }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", - "title": "DataLabels" - }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "FieldWells" - }, - "ForecastConfigurations": { + "Size": { + "markdownDescription": "The size of the array, if this is an array batch job.", + "title": "Size", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.BatchContainerOverrides": { + "additionalProperties": false, + "properties": { + "Command": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastConfiguration" + "type": "string" }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", + "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition.", + "title": "Command", "type": "array" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { + "Environment": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchEnvironmentVariable" }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", + "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition.\n\n> Environment variables cannot start with \" `AWS Batch` \". This naming convention is reserved for variables that AWS Batch sets.", + "title": "Environment", "type": "array" }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" + "InstanceType": { + "markdownDescription": "The instance type to use for a multi-node parallel job.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", + "title": "InstanceType", + "type": "string" }, - "Series": { + "ResourceRequirements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SeriesItem" + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchResourceRequirement" }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", + "markdownDescription": "The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "ResourceRequirements", "type": "array" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.BatchEnvironmentVariable": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", + "type": "string" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", - "title": "Tooltip" + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.BatchJobDependency": { + "additionalProperties": false, + "properties": { + "JobId": { + "markdownDescription": "The job ID of the AWS Batch job that's associated with this dependency.", + "title": "JobId", + "type": "string" }, "Type": { - "markdownDescription": "Determines the type of the line chart.", + "markdownDescription": "The type of the job dependency.", "title": "Type", "type": "string" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings": { + "AWS::Pipes::Pipe.BatchResourceRequirement": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", + "Type": { + "markdownDescription": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", + "title": "Type", "type": "string" }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" + "Value": { + "markdownDescription": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n> GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, 4, or 8\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880", + "title": "Value", + "type": "string" } }, + "required": [ + "Type", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartFieldWells": { + "AWS::Pipes::Pipe.BatchRetryStrategy": { "additionalProperties": false, "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" + "Attempts": { + "markdownDescription": "The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value.", + "title": "Attempts", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartLineStyleSettings": { + "AWS::Pipes::Pipe.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", - "type": "string" - }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", - "type": "string" + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", + "title": "Base", + "type": "number" }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", "type": "string" }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", - "type": "string" + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", + "type": "number" } }, + "required": [ + "CapacityProvider" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings": { + "AWS::Pipes::Pipe.CloudwatchLogsLogDestination": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", - "type": "string" - }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", - "type": "string" - }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", - "type": "string" - }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", + "LogGroupArn": { + "markdownDescription": "The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records.", + "title": "LogGroupArn", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartSeriesSettings": { + "AWS::Pipes::Pipe.DeadLetterConfig": { "additionalProperties": false, "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "Arn": { + "markdownDescription": "The ARN of the specified target for the dead-letter queue.\n\nFor Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN.", + "title": "Arn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartSortConfiguration": { + "AWS::Pipes::Pipe.DimensionMapping": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" + "DimensionName": { + "markdownDescription": "The metadata attributes of the time series. For example, the name and Availability Zone of an Amazon EC2 instance or the name of the manufacturer of a wind turbine are dimensions.", + "title": "DimensionName", + "type": "string" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "DimensionValue": { + "markdownDescription": "Dynamic path to the dimension value in the source event.", + "title": "DimensionValue", + "type": "string" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "DimensionValueType": { + "markdownDescription": "The data type of the dimension for the time-series data.", + "title": "DimensionValueType", + "type": "string" } }, + "required": [ + "DimensionName", + "DimensionValue", + "DimensionValueType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.LineChartVisual": { + "AWS::Pipes::Pipe.EcsContainerOverride": { "additionalProperties": false, "properties": { - "Actions": { + "Command": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "type": "string" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.", + "title": "Command", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", - "title": "ChartConfiguration" + "Cpu": { + "markdownDescription": "The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name.", + "title": "Cpu", + "type": "number" }, - "ColumnHierarchies": { + "Environment": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentVariable" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name.", + "title": "Environment", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "EnvironmentFiles": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentFile" + }, + "markdownDescription": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition.", + "title": "EnvironmentFiles", + "type": "array" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Memory": { + "markdownDescription": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.", + "title": "Memory", + "type": "number" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "MemoryReservation": { + "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name.", + "title": "MemoryReservation", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of the container that receives the override. This parameter is required if any override is specified.", + "title": "Name", "type": "string" - } - }, - "required": [ - "VisualId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions": { - "additionalProperties": false, - "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" }, - "MissingDataConfigurations": { + "ResourceRequirements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MissingDataConfiguration" + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsResourceRequirement" }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", + "markdownDescription": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU.", + "title": "ResourceRequirements", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LinkSharingConfiguration": { + "AWS::Pipes::Pipe.EcsEnvironmentFile": { "additionalProperties": false, "properties": { - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" - }, - "markdownDescription": "A structure that contains the permissions of a shareable link.", - "title": "Permissions", - "type": "array" + "Type": { + "markdownDescription": "The file type to use. The only supported value is `s3` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", + "title": "Value", + "type": "string" } }, + "required": [ + "Type", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ListControlDisplayOptions": { + "AWS::Pipes::Pipe.EcsEnvironmentVariable": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" - }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" + "Name": { + "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", + "title": "Name", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Value": { + "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", + "title": "Value", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ListControlSearchOptions": { + "AWS::Pipes::Pipe.EcsEphemeralStorage": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", - "title": "Visibility", - "type": "string" + "SizeInGiB": { + "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", + "title": "SizeInGiB", + "type": "number" } }, + "required": [ + "SizeInGiB" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ListControlSelectAllOptions": { + "AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", - "title": "Visibility", + "DeviceName": { + "markdownDescription": "The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition.", + "title": "DeviceName", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.LoadingAnimation": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", - "title": "Visibility", + }, + "DeviceType": { + "markdownDescription": "The Elastic Inference accelerator type to use.", + "title": "DeviceType", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.LocalNavigationConfiguration": { + "AWS::Pipes::Pipe.EcsResourceRequirement": { "additionalProperties": false, "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", + "Type": { + "markdownDescription": "The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the specified resource type.\n\nIf the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nIf the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition.", + "title": "Value", "type": "string" } }, "required": [ - "TargetSheetId" + "Type", + "Value" ], "type": "object" }, - "AWS::QuickSight::Dashboard.LongFormatText": { + "AWS::Pipes::Pipe.EcsTaskOverride": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "ContainerOverrides": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsContainerOverride" + }, + "markdownDescription": "One or more container overrides that are sent to a task.", + "title": "ContainerOverrides", + "type": "array" + }, + "Cpu": { + "markdownDescription": "The cpu override for the task.", + "title": "Cpu", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "EphemeralStorage": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEphemeralStorage", + "markdownDescription": "The ephemeral storage setting override for the task.\n\n> This parameter is only supported for tasks hosted on Fargate that use the following platform versions:\n> \n> - Linux platform version `1.4.0` or later.\n> - Windows platform version `1.0.0` or later.", + "title": "EphemeralStorage" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "ExecutionRoleArn", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.MappedDataSetParameter": { - "additionalProperties": false, - "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", + }, + "InferenceAcceleratorOverrides": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride" + }, + "markdownDescription": "The Elastic Inference accelerator override for the task.", + "title": "InferenceAcceleratorOverrides", + "type": "array" + }, + "Memory": { + "markdownDescription": "The memory override for the task.", + "title": "Memory", "type": "string" }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", + "TaskRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "TaskRoleArn", "type": "string" } }, - "required": [ - "DataSetIdentifier", - "DataSetParameterName" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.MaximumLabelType": { + "AWS::Pipes::Pipe.Filter": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the maximum label.", - "title": "Visibility", + "Pattern": { + "markdownDescription": "The event pattern.", + "title": "Pattern", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MaximumMinimumComputation": { + "AWS::Pipes::Pipe.FilterCriteria": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Filters": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.Filter" + }, + "markdownDescription": "The event patterns.", + "title": "Filters", + "type": "array" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.MeasureField": { + "AWS::Pipes::Pipe.FirehoseLogDestination": { "additionalProperties": false, "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" - }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" - }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" - }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "DeliveryStreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records.", + "title": "DeliveryStreamArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MetricComparisonComputation": { + "AWS::Pipes::Pipe.MQBrokerAccessCredentials": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "BasicAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "BasicAuth", "type": "string" - }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" } }, "required": [ - "ComputationId" + "BasicAuth" ], "type": "object" }, - "AWS::QuickSight::Dashboard.MinimumLabelType": { + "AWS::Pipes::Pipe.MSKAccessCredentials": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the minimum label.", - "title": "Visibility", + "ClientCertificateTlsAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "ClientCertificateTlsAuth", + "type": "string" + }, + "SaslScram512Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram512Auth", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.MissingDataConfiguration": { + "AWS::Pipes::Pipe.MultiMeasureAttributeMapping": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", + "MeasureValue": { + "markdownDescription": "Dynamic path to the measurement attribute in the source event.", + "title": "MeasureValue", + "type": "string" + }, + "MeasureValueType": { + "markdownDescription": "Data type of the measurement attribute in the source event.", + "title": "MeasureValueType", + "type": "string" + }, + "MultiMeasureAttributeName": { + "markdownDescription": "Target measure name to be used.", + "title": "MultiMeasureAttributeName", "type": "string" } }, + "required": [ + "MeasureValue", + "MeasureValueType", + "MultiMeasureAttributeName" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.NegativeValueConfiguration": { + "AWS::Pipes::Pipe.MultiMeasureMapping": { "additionalProperties": false, "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", + "MultiMeasureAttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MultiMeasureAttributeMapping" + }, + "markdownDescription": "Mappings that represent multiple source event fields mapped to measures in the same Timestream for LiveAnalytics record.", + "title": "MultiMeasureAttributeMappings", + "type": "array" + }, + "MultiMeasureName": { + "markdownDescription": "The name of the multiple measurements per record (multi-measure).", + "title": "MultiMeasureName", "type": "string" } }, "required": [ - "DisplayMode" + "MultiMeasureAttributeMappings", + "MultiMeasureName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NullValueFormatConfiguration": { + "AWS::Pipes::Pipe.NetworkConfiguration": { "additionalProperties": false, "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", - "type": "string" + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.AwsVpcConfiguration", + "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", + "title": "AwsvpcConfiguration" } }, - "required": [ - "NullString" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration": { + "AWS::Pipes::Pipe.PipeEnrichmentHttpParameters": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", - "type": "string" + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", - "type": "string" + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumberFormatConfiguration": { + "AWS::Pipes::Pipe.PipeEnrichmentParameters": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" + "HttpParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentHttpParameters", + "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", + "title": "HttpParameters" + }, + "InputTemplate": { + "markdownDescription": "Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", + "title": "InputTemplate", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericAxisOptions": { + "AWS::Pipes::Pipe.PipeLogConfiguration": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" + "CloudwatchLogsLogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.CloudwatchLogsLogDestination", + "markdownDescription": "The logging configuration settings for the pipe.", + "title": "CloudwatchLogsLogDestination" }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "FirehoseLogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.FirehoseLogDestination", + "markdownDescription": "The Amazon Data Firehose logging configuration settings for the pipe.", + "title": "FirehoseLogDestination" + }, + "IncludeExecutionData": { + "items": { + "type": "string" + }, + "markdownDescription": "Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe.\n\nThis applies to all log destinations for the pipe.\n\nFor more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* .\n\n*Allowed values:* `ALL`", + "title": "IncludeExecutionData", + "type": "array" + }, + "Level": { + "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the pipe.", + "title": "Level", + "type": "string" + }, + "S3LogDestination": { + "$ref": "#/definitions/AWS::Pipes::Pipe.S3LogDestination", + "markdownDescription": "The Amazon S3 logging configuration settings for the pipe.", + "title": "S3LogDestination" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter": { + "AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", - "title": "Value", + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", "type": "number" + }, + "QueueName": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "QueueName", + "type": "string" } }, "required": [ - "Column", - "Value" + "Credentials", + "QueueName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericEqualityFilter": { + "AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", + "markdownDescription": "Define the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "MaximumRecordAgeInSeconds": { + "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", + "title": "MaximumRecordAgeInSeconds", + "type": "number" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "MaximumRetryAttempts": { + "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "OnPartialBatchItemFailure": { + "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", + "title": "OnPartialBatchItemFailure", "type": "string" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "ParallelizationFactor": { + "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "StartingPosition": { + "markdownDescription": "(Streams only) The position in a stream from which to start reading.\n\n*Valid values* : `TRIM_HORIZON | LATEST`", + "title": "StartingPosition", "type": "string" - }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" } }, "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" + "StartingPosition" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericFormatConfiguration": { + "AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", + "markdownDescription": "Define the target queue to send dead-letter queue events to.", + "title": "DeadLetterConfig" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.NumericRangeFilter": { - "additionalProperties": false, - "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "MaximumRecordAgeInSeconds": { + "markdownDescription": "Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", + "title": "MaximumRecordAgeInSeconds", + "type": "number" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "MaximumRetryAttempts": { + "markdownDescription": "Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", + "title": "MaximumRetryAttempts", + "type": "number" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "OnPartialBatchItemFailure": { + "markdownDescription": "Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", + "title": "OnPartialBatchItemFailure", "type": "string" }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" + "ParallelizationFactor": { + "markdownDescription": "The number of batches to process concurrently from each shard. The default value is 1.", + "title": "ParallelizationFactor", + "type": "number" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", "type": "string" }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" - }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "StartingPositionTimestamp": { + "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds.", + "title": "StartingPositionTimestamp", "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "StartingPosition" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericRangeFilterValue": { + "AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" + }, + "ConsumerGroupID": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "ConsumerGroupID", "type": "string" }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MSKAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.NumericSeparatorConfiguration": { - "additionalProperties": false, - "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", "type": "string" }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" + "TopicName": { + "markdownDescription": "The name of the topic that the pipe will read from.", + "title": "TopicName", + "type": "string" } }, + "required": [ + "TopicName" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalAggregationFunction": { + "AWS::Pipes::Pipe.PipeSourceParameters": { "additionalProperties": false, "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" + "ActiveMQBrokerParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters", + "markdownDescription": "The parameters for using an Active MQ broker as a source.", + "title": "ActiveMQBrokerParameters" }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", - "type": "string" + "DynamoDBStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters", + "markdownDescription": "The parameters for using a DynamoDB stream as a source.", + "title": "DynamoDBStreamParameters" + }, + "FilterCriteria": { + "$ref": "#/definitions/AWS::Pipes::Pipe.FilterCriteria", + "markdownDescription": "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects.\n\nFor more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* .", + "title": "FilterCriteria" + }, + "KinesisStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters", + "markdownDescription": "The parameters for using a Kinesis stream as a source.", + "title": "KinesisStreamParameters" + }, + "ManagedStreamingKafkaParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters", + "markdownDescription": "The parameters for using an MSK stream as a source.", + "title": "ManagedStreamingKafkaParameters" + }, + "RabbitMQBrokerParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters", + "markdownDescription": "The parameters for using a Rabbit MQ broker as a source.", + "title": "RabbitMQBrokerParameters" + }, + "SelfManagedKafkaParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters", + "markdownDescription": "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* .", + "title": "SelfManagedKafkaParameters" + }, + "SqsQueueParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSqsQueueParameters", + "markdownDescription": "The parameters for using a Amazon SQS stream as a source.", + "title": "SqsQueueParameters" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalDimensionField": { + "AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "QueueName": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "QueueName", + "type": "string" + }, + "VirtualHost": { + "markdownDescription": "The name of the virtual host associated with the source broker.", + "title": "VirtualHost", "type": "string" } }, "required": [ - "Column", - "FieldId" + "Credentials", + "QueueName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.NumericalMeasureField": { + "AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" + "AdditionalBootstrapServers": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of server URLs.", + "title": "AdditionalBootstrapServers", + "type": "array" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", + "type": "number" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "ConsumerGroupID": { + "markdownDescription": "The name of the destination queue to consume.", + "title": "ConsumerGroupID", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Credentials": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials", + "markdownDescription": "The credentials needed to access the resource.", + "title": "Credentials" + }, + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", + "type": "number" + }, + "ServerRootCaCertificate": { + "markdownDescription": "The ARN of the Secrets Manager secret used for certification.", + "title": "ServerRootCaCertificate", + "type": "string" + }, + "StartingPosition": { + "markdownDescription": "The position in a stream from which to start reading.", + "title": "StartingPosition", + "type": "string" + }, + "TopicName": { + "markdownDescription": "The name of the topic that the pipe will read from.", + "title": "TopicName", + "type": "string" + }, + "Vpc": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc", + "markdownDescription": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used.", + "title": "Vpc" } }, "required": [ - "Column", - "FieldId" + "TopicName" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PaginationConfiguration": { + "AWS::Pipes::Pipe.PipeSourceSqsQueueParameters": { "additionalProperties": false, "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", + "BatchSize": { + "markdownDescription": "The maximum number of records to include in each batch.", + "title": "BatchSize", "type": "number" }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", + "MaximumBatchingWindowInSeconds": { + "markdownDescription": "The maximum length of a time to wait for events.", + "title": "MaximumBatchingWindowInSeconds", "type": "number" } }, - "required": [ - "PageNumber", - "PageSize" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PanelConfiguration": { + "AWS::Pipes::Pipe.PipeTargetBatchJobParameters": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", - "title": "BackgroundColor", - "type": "string" - }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", - "type": "string" - }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", - "type": "string" + "ArrayProperties": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchArrayProperties", + "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", + "title": "ArrayProperties" }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", - "type": "string" + "ContainerOverrides": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchContainerOverrides", + "markdownDescription": "The overrides that are sent to a container.", + "title": "ContainerOverrides" }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" + "DependsOn": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchJobDependency" + }, + "markdownDescription": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin.", + "title": "DependsOn", + "type": "array" }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", + "JobDefinition": { + "markdownDescription": "The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used.", + "title": "JobDefinition", "type": "string" }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", + "JobName": { + "markdownDescription": "The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", + "title": "JobName", "type": "string" }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", - "type": "string" + "Parameters": { + "additionalProperties": true, + "markdownDescription": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Parameters", + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" + "RetryStrategy": { + "$ref": "#/definitions/AWS::Pipes::Pipe.BatchRetryStrategy", + "markdownDescription": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition.", + "title": "RetryStrategy" } }, + "required": [ + "JobDefinition", + "JobName" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PanelTitleOptions": { + "AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "", - "title": "FontConfiguration" - }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", + "LogStreamName": { + "markdownDescription": "The name of the log stream.", + "title": "LogStreamName", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", + "Timestamp": { + "markdownDescription": "A [dynamic path parameter](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) to a field in the payload containing the time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.\n\nThe value cannot be a static timestamp as the provided timestamp would be applied to all events delivered by the Pipe, regardless of when they are actually delivered.\n\nIf no dynamic path parameter is provided, the default value is the time the invocation is processed by the Pipe.", + "title": "Timestamp", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterControl": { + "AWS::Pipes::Pipe.PipeTargetEcsTaskParameters": { "additionalProperties": false, "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", + "title": "CapacityProviderStrategy", + "type": "array" }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "EnableECSManagedTags", + "type": "boolean" }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" + "Group": { + "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", + "type": "string" }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "LaunchType", + "type": "string" }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ParameterDateTimePickerControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Pipes::Pipe.NetworkConfiguration", + "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", + "title": "NetworkConfiguration" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", + "Overrides": { + "$ref": "#/definitions/AWS::Pipes::Pipe.EcsTaskOverride", + "markdownDescription": "The overrides that are associated with a task.", + "title": "Overrides" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", + "type": "array" + }, + "PlacementStrategy": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementStrategy" + }, + "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", + "title": "PlacementStrategy", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", + "title": "PlatformVersion", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action.", + "title": "PropagateTags", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", + "title": "Tags", + "type": "array" + }, + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", + "title": "TaskCount", + "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "TaskDefinitionArn" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDeclaration": { + "AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters": { "additionalProperties": false, "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" + "DetailType": { + "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", + "title": "DetailType", + "type": "string" }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" + "EndpointId": { + "markdownDescription": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` .", + "title": "EndpointId", + "type": "string" }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present.", + "title": "Resources", + "type": "array" }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" + "Source": { + "markdownDescription": "The source of the event.", + "title": "Source", + "type": "string" + }, + "Time": { + "markdownDescription": "The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used.", + "title": "Time", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterDropDownControl": { + "AWS::Pipes::Pipe.PipeTargetHttpParameters": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", - "type": "string" + "HeaderParameters": { + "additionalProperties": true, + "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "HeaderParameters", + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", - "type": "string" + "PathParameterValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", + "title": "PathParameterValues", + "type": "array" }, - "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", - "type": "string" + "QueryStringParameters": { + "additionalProperties": true, + "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "QueryStringParameters", + "type": "object" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterListControl": { + "AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", + "PartitionKey": { + "markdownDescription": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.", + "title": "PartitionKey", "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "PartitionKey" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterSelectableValues": { + "AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters": { "additionalProperties": false, "properties": { - "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", - "type": "array" + "InvocationType": { + "markdownDescription": "Specify whether to invoke the function synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n- `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", + "title": "InvocationType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterSliderControl": { + "AWS::Pipes::Pipe.PipeTargetParameters": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "BatchJobParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetBatchJobParameters", + "markdownDescription": "The parameters for using an AWS Batch job as a target.", + "title": "BatchJobParameters" }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" + "CloudWatchLogsParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters", + "markdownDescription": "The parameters for using an CloudWatch Logs log stream as a target.", + "title": "CloudWatchLogsParameters" }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" + "EcsTaskParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEcsTaskParameters", + "markdownDescription": "The parameters for using an Amazon ECS task as a target.", + "title": "EcsTaskParameters" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", - "type": "string" + "EventBridgeEventBusParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters", + "markdownDescription": "The parameters for using an EventBridge event bus as a target.", + "title": "EventBridgeEventBusParameters" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", + "HttpParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetHttpParameters", + "markdownDescription": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations.", + "title": "HttpParameters" + }, + "InputTemplate": { + "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", + "title": "InputTemplate", "type": "string" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" + "KinesisStreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters", + "markdownDescription": "The parameters for using a Kinesis stream as a target.", + "title": "KinesisStreamParameters" }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", - "type": "string" + "LambdaFunctionParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters", + "markdownDescription": "The parameters for using a Lambda function as a target.", + "title": "LambdaFunctionParameters" + }, + "RedshiftDataParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters", + "markdownDescription": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement.", + "title": "RedshiftDataParameters" + }, + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters", + "markdownDescription": "The parameters for using a SageMaker AI pipeline as a target.", + "title": "SageMakerPipelineParameters" + }, + "SqsQueueParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSqsQueueParameters", + "markdownDescription": "The parameters for using a Amazon SQS stream as a target.", + "title": "SqsQueueParameters" + }, + "StepFunctionStateMachineParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetStateMachineParameters", + "markdownDescription": "The parameters for using a Step Functions state machine as a target.", + "title": "StepFunctionStateMachineParameters" + }, + "TimestreamParameters": { + "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetTimestreamParameters", + "markdownDescription": "The parameters for using a Timestream for LiveAnalytics table as a target.", + "title": "TimestreamParameters" } }, - "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterTextAreaControl": { + "AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "Database": { + "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", + "title": "Database", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", + "DbUser": { + "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", + "title": "DbUser", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", + "SecretManagerArn": { + "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using Secrets Manager.", + "title": "SecretManagerArn", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", + "Sqls": { + "items": { + "type": "string" + }, + "markdownDescription": "The SQL statement text to run.", + "title": "Sqls", + "type": "array" + }, + "StatementName": { + "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", + "title": "StatementName", "type": "string" + }, + "WithEvent": { + "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", + "title": "WithEvent", + "type": "boolean" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Database", + "Sqls" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ParameterTextFieldControl": { + "AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", + "PipelineParameterList": { + "items": { + "$ref": "#/definitions/AWS::Pipes::Pipe.SageMakerPipelineParameter" + }, + "markdownDescription": "List of Parameter names and values for SageMaker AI Model Building Pipeline execution.", + "title": "PipelineParameterList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetSqsQueueParameters": { + "additionalProperties": false, + "properties": { + "MessageDeduplicationId": { + "markdownDescription": "This parameter applies only to FIFO (first-in-first-out) queues.\n\nThe token used for deduplication of sent messages.", + "title": "MessageDeduplicationId", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", + } + }, + "type": "object" + }, + "AWS::Pipes::Pipe.PipeTargetStateMachineParameters": { + "additionalProperties": false, + "properties": { + "InvocationType": { + "markdownDescription": "Specify whether to invoke the Step Functions state machine synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* .\n\n> `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows.\n- `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* .\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", + "title": "InvocationType", "type": "string" } }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.Parameters": { + "AWS::Pipes::Pipe.PipeTargetTimestreamParameters": { "additionalProperties": false, "properties": { - "DateTimeParameters": { + "DimensionMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameter" + "$ref": "#/definitions/AWS::Pipes::Pipe.DimensionMapping" }, - "markdownDescription": "The parameters that have a data type of date-time.", - "title": "DateTimeParameters", + "markdownDescription": "Map source data to dimensions in the target Timestream for LiveAnalytics table.\n\nFor more information, see [Amazon Timestream for LiveAnalytics concepts](https://docs.aws.amazon.com/timestream/latest/developerguide/concepts.html)", + "title": "DimensionMappings", "type": "array" }, - "DecimalParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameter" - }, - "markdownDescription": "The parameters that have a data type of decimal.", - "title": "DecimalParameters", - "type": "array" + "EpochTimeUnit": { + "markdownDescription": "The granularity of the time units used. Default is `MILLISECONDS` .\n\nRequired if `TimeFieldType` is specified as `EPOCH` .", + "title": "EpochTimeUnit", + "type": "string" }, - "IntegerParameters": { + "MultiMeasureMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameter" + "$ref": "#/definitions/AWS::Pipes::Pipe.MultiMeasureMapping" }, - "markdownDescription": "The parameters that have a data type of integer.", - "title": "IntegerParameters", + "markdownDescription": "Maps multiple measures from the source event to the same record in the specified Timestream for LiveAnalytics table.", + "title": "MultiMeasureMappings", "type": "array" }, - "StringParameters": { + "SingleMeasureMappings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameter" + "$ref": "#/definitions/AWS::Pipes::Pipe.SingleMeasureMapping" }, - "markdownDescription": "The parameters that have a data type of string.", - "title": "StringParameters", + "markdownDescription": "Mappings of single source data fields to individual records in the specified Timestream for LiveAnalytics table.", + "title": "SingleMeasureMappings", "type": "array" + }, + "TimeFieldType": { + "markdownDescription": "The type of time value used.\n\nThe default is `EPOCH` .", + "title": "TimeFieldType", + "type": "string" + }, + "TimeValue": { + "markdownDescription": "Dynamic path to the source data field that represents the time value for your data.", + "title": "TimeValue", + "type": "string" + }, + "TimestampFormat": { + "markdownDescription": "How to format the timestamps. For example, `yyyy-MM-dd'T'HH:mm:ss'Z'` .\n\nRequired if `TimeFieldType` is specified as `TIMESTAMP_FORMAT` .", + "title": "TimestampFormat", + "type": "string" + }, + "VersionValue": { + "markdownDescription": "64 bit version value or source data field that represents the version value for your data.\n\nWrite requests with a higher version number will update the existing measure values of the record and version. In cases where the measure value is the same, the version will still be updated.\n\nDefault value is 1.\n\nTimestream for LiveAnalytics does not support updating partial measure values in a record.\n\nWrite requests for duplicate data with a higher version number will update the existing measure value and version. In cases where the measure value is the same, `Version` will still be updated. Default value is `1` .\n\n> `Version` must be `1` or greater, or you will receive a `ValidationException` error.", + "title": "VersionValue", + "type": "string" } }, + "required": [ + "DimensionMappings", + "TimeValue", + "VersionValue" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PercentVisibleRange": { + "AWS::Pipes::Pipe.PlacementConstraint": { "additionalProperties": false, "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", + "title": "Expression", + "type": "string" }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", - "type": "number" + "Type": { + "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration": { + "AWS::Pipes::Pipe.PlacementStrategy": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", + "title": "Field", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PercentileAggregation": { + "AWS::Pipes::Pipe.S3LogDestination": { "additionalProperties": false, "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", - "type": "number" + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", + "title": "BucketName", + "type": "string" + }, + "BucketOwner": { + "markdownDescription": "The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", + "title": "BucketOwner", + "type": "string" + }, + "OutputFormat": { + "markdownDescription": "The format EventBridge uses for the log records.\n\nEventBridge currently only supports `json` formatting.", + "title": "OutputFormat", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix text with which to begin Amazon S3 log object names.\n\nFor more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "Prefix", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PeriodOverPeriodComputation": { + "AWS::Pipes::Pipe.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of a computation.", + "markdownDescription": "Name of parameter to start execution of a SageMaker AI Model Building Pipeline.", "title": "Name", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "markdownDescription": "Value of parameter to start execution of a SageMaker AI Model Building Pipeline.", + "title": "Value", + "type": "string" } }, "required": [ - "ComputationId" + "Name", + "Value" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PeriodToDateComputation": { + "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "BasicAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "BasicAuth", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "ClientCertificateTlsAuth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "ClientCertificateTlsAuth", "type": "string" }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", + "SaslScram256Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram256Auth", "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "SaslScram512Auth": { + "markdownDescription": "The ARN of the Secrets Manager secret.", + "title": "SaslScram512Auth", + "type": "string" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells": { + "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", - "type": "array" - }, - "SmallMultiples": { + "SecurityGroup": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "type": "string" }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", + "markdownDescription": "Specifies the security groups associated with the stream. These security groups must all be in the same VPC. You can specify as many as five security groups.", + "title": "SecurityGroup", "type": "array" }, - "Values": { + "Subnets": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "Specifies the subnets associated with the stream. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartConfiguration": { + "AWS::Pipes::Pipe.SingleMeasureMapping": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" - }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "MeasureName": { + "markdownDescription": "Target measure name for the measurement attribute in the Timestream table.", + "title": "MeasureName", + "type": "string" }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" + "MeasureValue": { + "markdownDescription": "Dynamic path of the source field to map to the measure in the record.", + "title": "MeasureValue", + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "MeasureValueType": { + "markdownDescription": "Data type of the source field.", + "title": "MeasureValueType", + "type": "string" + } + }, + "required": [ + "MeasureName", + "MeasureValue", + "MeasureValueType" + ], + "type": "object" + }, + "AWS::Proton::EnvironmentAccountConnection": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "CodebuildRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account.", + "title": "CodebuildRoleArn", + "type": "string" + }, + "ComponentRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account.\n\nThe environment account connection must have a `componentRoleArn` to allow directly defined components to be associated with any environments running in the account.\n\nFor more information about components, see [AWS Proton components](https://docs.aws.amazon.com/proton/latest/userguide/ag-components.html) in the *AWS Proton User Guide* .", + "title": "ComponentRoleArn", + "type": "string" + }, + "EnvironmentAccountId": { + "markdownDescription": "The environment account that's connected to the environment account connection.", + "title": "EnvironmentAccountId", + "type": "string" + }, + "EnvironmentName": { + "markdownDescription": "The name of the environment that's associated with the environment account connection.", + "title": "EnvironmentName", + "type": "string" + }, + "ManagementAccountId": { + "markdownDescription": "The ID of the management account that's connected to the environment account connection.", + "title": "ManagementAccountId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The IAM service role that's associated with the environment account connection.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment account connection. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" + "Type": { + "enum": [ + "AWS::Proton::EnvironmentAccountConnection" + ], + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartFieldWells": { + "AWS::Proton::EnvironmentTemplate": { "additionalProperties": false, "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the environment template.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the environment template as displayed in the developer interface.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer provided encryption key for the environment template.", + "title": "EncryptionKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment template.", + "title": "Name", + "type": "string" + }, + "Provisioning": { + "markdownDescription": "When included, indicates that the environment template is for customer provisioned and managed infrastructure.", + "title": "Provisioning", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment template. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Proton::EnvironmentTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartSortConfiguration": { + "AWS::Proton::ServiceTemplate": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the service template.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The service template name as displayed in the developer interface.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionKey": { + "markdownDescription": "The customer provided service template encryption key that's used to encrypt data.", + "title": "EncryptionKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the service template.", + "title": "Name", + "type": "string" + }, + "PipelineProvisioning": { + "markdownDescription": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template.", + "title": "PipelineProvisioning", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An object that includes the template bundle S3 bucket path and name for the new version of a service template.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Proton::ServiceTemplate" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PieChartVisual": { + "AWS::QBusiness::Application": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "AttachmentsConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.AttachmentsConfiguration", + "markdownDescription": "Configuration information for the file upload during chat feature.", + "title": "AttachmentsConfiguration" + }, + "AutoSubscriptionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.AutoSubscriptionConfiguration", + "markdownDescription": "Subscription configuration information for an Amazon Q Business application using IAM identity federation for user management.", + "title": "AutoSubscriptionConfiguration" + }, + "ClientIdsForOIDC": { + "items": { + "type": "string" + }, + "markdownDescription": "The OIDC client ID for a Amazon Q Business application.", + "title": "ClientIdsForOIDC", + "type": "array" + }, + "Description": { + "markdownDescription": "A description for the Amazon Q Business application.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the Amazon Q Business application.", + "title": "DisplayName", + "type": "string" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.EncryptionConfiguration", + "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt data indexed by Amazon Q Business. Amazon Q Business doesn't support asymmetric keys.", + "title": "EncryptionConfiguration" + }, + "IamIdentityProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an identity provider being used by an Amazon Q Business application.", + "title": "IamIdentityProviderArn", + "type": "string" + }, + "IdentityCenterInstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center instance you are either creating for\u2014or connecting to\u2014your Amazon Q Business application.\n\n*Required* : `Yes`", + "title": "IdentityCenterInstanceArn", + "type": "string" + }, + "IdentityType": { + "markdownDescription": "The authentication type being used by a Amazon Q Business application.", + "title": "IdentityType", + "type": "string" + }, + "PersonalizationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.PersonalizationConfiguration", + "markdownDescription": "Configuration information about chat response personalization. For more information, see [Personalizing chat responses](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/personalizing-chat-responses.html) .", + "title": "PersonalizationConfiguration" + }, + "QAppsConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.QAppsConfiguration", + "markdownDescription": "Configuration information about Amazon Q Apps.", + "title": "QAppsConfiguration" + }, + "QuickSightConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Application.QuickSightConfiguration", + "markdownDescription": "The Amazon QuickSight configuration for an Amazon Q Business application that uses QuickSight as the identity provider.", + "title": "QuickSightConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permissions to access your Amazon CloudWatch logs and metrics. If this property is not specified, Amazon Q Business will create a [service linked role (SLR)](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/using-service-linked-roles.html#slr-permissions) and use it as the application's role.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize your Amazon Q Business application. You can also use tags to help control access to the application. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DisplayName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::QBusiness::Application" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotFieldSortOptions": { + "AWS::QBusiness::Application.AttachmentsConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "AttachmentsControlMode": { + "markdownDescription": "Status information about whether file upload functionality is activated or deactivated for your end user.", + "title": "AttachmentsControlMode", "type": "string" - }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" } }, "required": [ - "FieldId", - "SortBy" + "AttachmentsControlMode" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells": { + "AWS::QBusiness::Application.AutoSubscriptionConfiguration": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", - "type": "array" + "AutoSubscribe": { + "markdownDescription": "Describes whether automatic subscriptions are enabled for an Amazon Q Business application using IAM identity federation for user management.", + "title": "AutoSubscribe", + "type": "string" }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", - "type": "array" - }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", - "type": "array" + "DefaultSubscriptionType": { + "markdownDescription": "Describes the default subscription type assigned to an Amazon Q Business application using IAM identity federation for user management. If the value for `autoSubscribe` is set to `ENABLED` you must select a value for this field.", + "title": "DefaultSubscriptionType", + "type": "string" } }, + "required": [ + "AutoSubscribe" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting": { + "AWS::QBusiness::Application.EncryptionConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key. Amazon Q Business doesn't support asymmetric keys.", + "title": "KmsKeyId", "type": "string" - }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" - }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope" - }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", - "type": "array" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormatting": { + "AWS::QBusiness::Application.PersonalizationConfiguration": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "PersonalizationControlMode": { + "markdownDescription": "An option to allow Amazon Q Business to customize chat responses using user specific metadata\u2014specifically, location and job information\u2014in your IAM Identity Center instance.", + "title": "PersonalizationControlMode", + "type": "string" } }, + "required": [ + "PersonalizationControlMode" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption": { + "AWS::QBusiness::Application.QAppsConfiguration": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" + "QAppsControlMode": { + "markdownDescription": "Status information about whether end users can create and use Amazon Q Apps in the web experience.", + "title": "QAppsControlMode", + "type": "string" } }, + "required": [ + "QAppsControlMode" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope": { + "AWS::QBusiness::Application.QuickSightConfiguration": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", + "ClientNamespace": { + "markdownDescription": "The Amazon QuickSight namespace that is used as the identity provider. For more information about QuickSight namespaces, see [Namespace operations](https://docs.aws.amazon.com/quicksight/latest/developerguide/namespace-operations.html) .", + "title": "ClientNamespace", "type": "string" } }, + "required": [ + "ClientNamespace" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableConfiguration": { + "AWS::QBusiness::DataAccessor": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "ActionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.ActionConfiguration" + }, + "markdownDescription": "A list of action configurations specifying the allowed actions and any associated filters.", + "title": "ActionConfigurations", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application.", + "title": "ApplicationId", + "type": "string" + }, + "AuthenticationDetail": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorAuthenticationDetail", + "markdownDescription": "The authentication configuration details for the data accessor. This specifies how the ISV authenticates when accessing data through this data accessor.", + "title": "AuthenticationDetail" + }, + "DisplayName": { + "markdownDescription": "The friendly name of the data accessor.", + "title": "DisplayName", + "type": "string" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the ISV associated with this data accessor.", + "title": "Principal", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the data accessor.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ActionConfigurations", + "ApplicationId", + "DisplayName", + "Principal" + ], + "type": "object" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" + "Type": { + "enum": [ + "AWS::QBusiness::DataAccessor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableDataPathOption": { + "AWS::QBusiness::DataAccessor.ActionConfiguration": { "additionalProperties": false, "properties": { - "DataPathList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" - }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", - "type": "array" - }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", + "Action": { + "markdownDescription": "The Amazon Q Business action that is allowed.", + "title": "Action", "type": "string" + }, + "FilterConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.ActionFilterConfiguration", + "markdownDescription": "The filter configuration for the action, if any.", + "title": "FilterConfiguration" } }, "required": [ - "DataPathList" + "Action" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption": { + "AWS::QBusiness::DataAccessor.ActionFilterConfiguration": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", - "type": "string" - }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" + "DocumentAttributeFilter": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter", + "markdownDescription": "Enables filtering of responses based on document attributes or metadata fields.", + "title": "DocumentAttributeFilter" } }, "required": [ - "Target" + "DocumentAttributeFilter" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget": { + "AWS::QBusiness::DataAccessor.AttributeFilter": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { + "AndAllFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter" }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", + "markdownDescription": "Performs a logical `AND` operation on all supplied filters.", + "title": "AndAllFilters", "type": "array" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", - "type": "string" + "ContainsAll": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Returns `true` when a document contains all the specified document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `stringListValue` .", + "title": "ContainsAll" + }, + "ContainsAny": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Returns `true` when a document contains any of the specified document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `stringListValue` .", + "title": "ContainsAny" + }, + "EqualsTo": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs an equals operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` , `longValue` , `stringListValue` and `stringValue` .", + "title": "EqualsTo" + }, + "GreaterThan": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a greater than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "GreaterThan" + }, + "GreaterThanOrEquals": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a greater or equals than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "GreaterThanOrEquals" + }, + "LessThan": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a less than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "LessThan" + }, + "LessThanOrEquals": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttribute", + "markdownDescription": "Performs a less than or equals operation on two document attributes or metadata fields.Supported for the following [document attribute value type](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` .", + "title": "LessThanOrEquals" + }, + "NotFilter": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter", + "markdownDescription": "Performs a logical `NOT` operation on all supplied filters.", + "title": "NotFilter" + }, + "OrAllFilters": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.AttributeFilter" + }, + "markdownDescription": "Performs a logical `OR` operation on all supplied filters.", + "title": "OrAllFilters", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldOption": { + "AWS::QBusiness::DataAccessor.DataAccessorAuthenticationConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", - "type": "string" + "IdcTrustedTokenIssuerConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorIdcTrustedTokenIssuerConfiguration", + "markdownDescription": "Configuration for IAM Identity Center Trusted Token Issuer (TTI) authentication used when the authentication type is `AWS_IAM_IDC_TTI` .", + "title": "IdcTrustedTokenIssuerConfiguration" } }, "required": [ - "FieldId" + "IdcTrustedTokenIssuerConfiguration" ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldOptions": { + "AWS::QBusiness::DataAccessor.DataAccessorAuthenticationDetail": { "additionalProperties": false, "properties": { - "CollapseStateOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption" - }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", - "type": "array" + "AuthenticationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DataAccessorAuthenticationConfiguration", + "markdownDescription": "The specific authentication configuration based on the authentication type.", + "title": "AuthenticationConfiguration" }, - "DataPathOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableDataPathOption" - }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", - "type": "array" + "AuthenticationType": { + "markdownDescription": "The type of authentication to use for the data accessor. This determines how the ISV authenticates when accessing data. You can use one of two authentication types:\n\n- `AWS_IAM_IDC_TTI` - Authentication using IAM Identity Center Trusted Token Issuer (TTI). This authentication type allows the ISV to use a trusted token issuer to generate tokens for accessing the data.\n- `AWS_IAM_IDC_AUTH_CODE` - Authentication using IAM Identity Center authorization code flow. This authentication type uses the standard OAuth 2.0 authorization code flow for authentication.", + "title": "AuthenticationType", + "type": "string" }, - "SelectedFieldOptions": { + "ExternalIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOption" + "type": "string" }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", + "markdownDescription": "A list of external identifiers associated with this authentication configuration. These are used to correlate the data accessor with external systems.", + "title": "ExternalIds", "type": "array" } }, + "required": [ + "AuthenticationType" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions": { + "AWS::QBusiness::DataAccessor.DataAccessorIdcTrustedTokenIssuerConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", + "IdcTrustedTokenIssuerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Identity Center Trusted Token Issuer that will be used for authentication.", + "title": "IdcTrustedTokenIssuerArn", "type": "string" } }, + "required": [ + "IdcTrustedTokenIssuerArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableFieldWells": { + "AWS::QBusiness::DataAccessor.DocumentAttribute": { "additionalProperties": false, "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" + "Name": { + "markdownDescription": "The identifier for the attribute.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor.DocumentAttributeValue", + "markdownDescription": "The value of the attribute.", + "title": "Value" } }, + "required": [ + "Name", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableOptions": { + "AWS::QBusiness::DataAccessor.DocumentAttributeValue": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" - }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt's important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", "type": "string" }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", + "type": "number" }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", - "type": "string" + "StringListValue": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings.", + "title": "StringListValue", + "type": "array" }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", + "StringValue": { + "markdownDescription": "A string.", + "title": "StringValue", "type": "string" - }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", + } + }, + "type": "object" + }, + "AWS::QBusiness::DataSource": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" - }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" + "Metadata": { + "type": "object" }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application the data source will be attached to.", + "title": "ApplicationId", + "type": "string" + }, + "Configuration": { + "markdownDescription": "Use this property to specify a JSON or YAML schema with configuration properties specific to your data source connector to connect your data source repository to Amazon Q Business . You must use the JSON or YAML schema provided by Amazon Q .\n\nThe following links have the configuration properties and schemas for AWS CloudFormation for the following connectors:\n\n- [Amazon Simple Storage Service](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/s3-cfn.html)\n- [Amazon Q Web Crawler](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/web-crawler-cfn.html)\n\nSimilarly, you can find configuration templates and properties for your specific data source using the following steps:\n\n- Navigate to the [Supported connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connectors-list.html) page in the Amazon Q Business User Guide, and select the data source connector of your choice.\n- Then, from that specific data source connector's page, choose the topic containing *Using AWS CloudFormation* to find the schemas for your data source connector, including configuration parameter descriptions and examples.", + "title": "Configuration", + "type": "object" + }, + "Description": { + "markdownDescription": "A description for the data source connector.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the Amazon Q Business data source.", + "title": "DisplayName", + "type": "string" + }, + "DocumentEnrichmentConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentEnrichmentConfiguration", + "markdownDescription": "Provides the configuration information for altering document metadata and content during the document ingestion process.\n\nFor more information, see [Custom document enrichment](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/custom-document-enrichment.html) .", + "title": "DocumentEnrichmentConfiguration" + }, + "IndexId": { + "markdownDescription": "The identifier of the index the data source is attached to.", + "title": "IndexId", + "type": "string" + }, + "MediaExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.MediaExtractionConfiguration", + "markdownDescription": "The configuration for extracting information from media in documents.", + "title": "MediaExtractionConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to access the data source and required resources.", + "title": "RoleArn", + "type": "string" + }, + "SyncSchedule": { + "markdownDescription": "Sets the frequency for Amazon Q Business to check the documents in your data source repository and update your index. If you don't set a schedule, Amazon Q Business won't periodically update the index.\n\nSpecify a `cron-` format schedule string or an empty string to indicate that the index is updated on demand. You can't specify the `Schedule` parameter when the `Type` parameter is set to `CUSTOM` . If you do, you receive a `ValidationException` exception.", + "title": "SyncSchedule", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DataSourceVpcConfiguration", + "markdownDescription": "Configuration information for an Amazon VPC (Virtual Private Cloud) to connect to your data source. For more information, see [Using Amazon VPC with Amazon Q Business connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connector-vpc.html) .", + "title": "VpcConfiguration" + } + }, + "required": [ + "ApplicationId", + "Configuration", + "DisplayName", + "IndexId" + ], + "type": "object" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", + "Type": { + "enum": [ + "AWS::QBusiness::DataSource" + ], "type": "string" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions": { + "AWS::QBusiness::DataSource.AudioExtractionConfiguration": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", - "type": "string" - }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "AudioExtractionStatus": { + "markdownDescription": "The status of audio extraction (ENABLED or DISABLED) for processing audio content from files.", + "title": "AudioExtractionStatus", "type": "string" } }, + "required": [ + "AudioExtractionStatus" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions": { + "AWS::QBusiness::DataSource.DataSourceVpcConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Q Business to connect to the data source.", + "title": "SecurityGroupIds", + "type": "array" }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", - "type": "string" + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", + "title": "SubnetIds", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableSortBy": { + "AWS::QBusiness::DataSource.DocumentAttributeCondition": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", - "title": "Column" + "Key": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Q Business currently doesn't support `_document_body` as an attribute key used for the condition.", + "title": "Key", + "type": "string" }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "Operator": { + "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Q Business currently does not support `_document_body` as an attribute key used for the condition.", + "title": "Operator", + "type": "string" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeValue", + "markdownDescription": "The value of a document attribute. You can only provide one value for a document attribute.", + "title": "Value" } }, + "required": [ + "Key", + "Operator" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableSortConfiguration": { + "AWS::QBusiness::DataSource.DocumentAttributeTarget": { "additionalProperties": false, "properties": { - "FieldSortOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotFieldSortOptions" - }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", - "type": "array" + "AttributeValueOperator": { + "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` .", + "title": "AttributeValueOperator", + "type": "string" + }, + "Key": { + "markdownDescription": "The identifier of the target document attribute or metadata field. For example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", + "title": "Key", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeValue", + "markdownDescription": "The value of a document attribute. You can only provide one value for a document attribute.", + "title": "Value" } }, + "required": [ + "Key" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableTotalOptions": { + "AWS::QBusiness::DataSource.DocumentAttributeValue": { "additionalProperties": false, "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" + "DateValue": { + "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt's important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", + "title": "DateValue", + "type": "string" }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" + "LongValue": { + "markdownDescription": "A long integer value.", + "title": "LongValue", + "type": "number" }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" + "StringListValue": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of strings.", + "title": "StringListValue", + "type": "array" }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" + "StringValue": { + "markdownDescription": "A string.", + "title": "StringValue", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTableVisual": { + "AWS::QBusiness::DataSource.DocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "Actions": { + "InlineConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::QBusiness::DataSource.InlineDocumentEnrichmentConfiguration" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Q Business.", + "title": "InlineConfigurations", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "PostExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) .", + "title": "PostExtractionHookConfiguration" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "PreExtractionHookConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.HookConfiguration", + "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) .", + "title": "PreExtractionHookConfiguration" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.PivotTotalOptions": { + "AWS::QBusiness::DataSource.HookConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" + "InvocationCondition": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeCondition", + "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Q Business should invoke a function that inserts the current date-time.", + "title": "InvocationCondition" }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "LambdaArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function during ingestion. For more information, see [Using Lambda functions for Amazon Q Business document enrichment](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/cde-lambda-operations.html) .", + "title": "LambdaArn", "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process.", + "title": "RoleArn", "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation options for each value field.", - "title": "TotalAggregationOptions", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "S3BucketName": { + "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html#cde-lambda-operations-data-contracts) .", + "title": "S3BucketName", "type": "string" - }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.PredefinedHierarchy": { + "AWS::QBusiness::DataSource.ImageExtractionConfiguration": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" - }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", - "type": "array" - }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", + "ImageExtractionStatus": { + "markdownDescription": "Specify whether to extract semantic meaning from images and visuals from documents.", + "title": "ImageExtractionStatus", "type": "string" } }, "required": [ - "Columns", - "HierarchyId" + "ImageExtractionStatus" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ProgressBarOptions": { + "AWS::QBusiness::DataSource.InlineDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the progress bar.", - "title": "Visibility", + "Condition": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeCondition", + "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Q Business .", + "title": "Condition" + }, + "DocumentContentOperator": { + "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", + "title": "DocumentContentOperator", "type": "string" + }, + "Target": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.DocumentAttributeTarget", + "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Q Business . You can also include a value.", + "title": "Target" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells": { + "AWS::QBusiness::DataSource.MediaExtractionConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The aggregated field well categories of a radar chart.", - "title": "Category", - "type": "array" + "AudioExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.AudioExtractionConfiguration", + "markdownDescription": "Configuration settings for extracting and processing audio content from media files.", + "title": "AudioExtractionConfiguration" }, - "Color": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", - "type": "array" + "ImageExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.ImageExtractionConfiguration", + "markdownDescription": "The configuration for extracting semantic meaning from images in documents. For more information, see [Extracting semantic meaning from images and visuals](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/extracting-meaning-from-images.html) .", + "title": "ImageExtractionConfiguration" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", - "title": "Values", - "type": "array" + "VideoExtractionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::DataSource.VideoExtractionConfiguration", + "markdownDescription": "Configuration settings for extracting and processing video content from media files.", + "title": "VideoExtractionConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings": { + "AWS::QBusiness::DataSource.VideoExtractionConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", + "VideoExtractionStatus": { + "markdownDescription": "The status of video extraction (ENABLED or DISABLED) for processing video content from files.", + "title": "VideoExtractionStatus", "type": "string" } }, + "required": [ + "VideoExtractionStatus" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartConfiguration": { + "AWS::QBusiness::Index": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" - }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" - }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", + "Condition": { "type": "string" }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", - "title": "CategoryLabelOptions" - }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", - "title": "ColorLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", - "title": "FieldWells" + "Metadata": { + "type": "object" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application using the index.", + "title": "ApplicationId", + "type": "string" + }, + "CapacityConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Index.IndexCapacityConfiguration", + "markdownDescription": "The capacity units you want to provision for your index. You can add and remove capacity to fit your usage needs.", + "title": "CapacityConfiguration" + }, + "Description": { + "markdownDescription": "A description for the Amazon Q Business index.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the index.", + "title": "DisplayName", + "type": "string" + }, + "DocumentAttributeConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::Index.DocumentAttributeConfiguration" + }, + "markdownDescription": "Configuration information for document attributes. Document attributes are metadata or fields associated with your documents. For example, the company department name associated with each document.\n\nFor more information, see [Understanding document attributes](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/doc-attributes.html) .", + "title": "DocumentAttributeConfigurations", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the index. You can also use tags to help control access to the index. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The index type that's suitable for your needs. For more information on what's included in each type of index, see [Amazon Q Business tiers](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/tiers.html#index-tiers) .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "DisplayName" + ], + "type": "object" }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", + "Type": { + "enum": [ + "AWS::QBusiness::Index" + ], "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", - "title": "SortConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QBusiness::Index.DocumentAttributeConfiguration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the document attribute.", + "title": "Name", + "type": "string" }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" + "Search": { + "markdownDescription": "Information about whether the document attribute can be used by an end user to search for information on their web experience.", + "title": "Search", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "Type": { + "markdownDescription": "The type of document attribute.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartFieldWells": { + "AWS::QBusiness::Index.IndexCapacityConfiguration": { "additionalProperties": false, "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" + "Units": { + "markdownDescription": "The number of storage units configured for an Amazon Q Business index.", + "title": "Units", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartSeriesSettings": { + "AWS::QBusiness::Index.IndexStatistics": { "additionalProperties": false, "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "TextDocumentStatistics": { + "$ref": "#/definitions/AWS::QBusiness::Index.TextDocumentStatistics", + "markdownDescription": "The number of documents indexed.", + "title": "TextDocumentStatistics" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartSortConfiguration": { + "AWS::QBusiness::Index.TextDocumentStatistics": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The category sort options of a radar chart.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", - "title": "ColorItemsLimit" + "IndexedTextBytes": { + "markdownDescription": "The total size, in bytes, of the indexed documents.", + "title": "IndexedTextBytes", + "type": "number" }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The color sort configuration of a radar chart.", - "title": "ColorSort", - "type": "array" + "IndexedTextDocumentCount": { + "markdownDescription": "The number of text documents indexed.", + "title": "IndexedTextDocumentCount", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.RadarChartVisual": { + "AWS::QBusiness::Permission": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Amazon Q Business actions that the ISV is allowed to perform.", + "title": "Actions", + "type": "array" + }, + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application.", + "title": "ApplicationId", + "type": "string" + }, + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::QBusiness::Permission.Condition" + }, + "markdownDescription": "", + "title": "Conditions", + "type": "array" + }, + "Principal": { + "markdownDescription": "Provides user and group information used for filtering documents to use for generating Amazon Q Business conversation responses.", + "title": "Principal", + "type": "string" + }, + "StatementId": { + "markdownDescription": "A unique identifier for the policy statement.", + "title": "StatementId", + "type": "string" + } + }, + "required": [ + "Actions", + "ApplicationId", + "Principal", + "StatementId" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::QBusiness::Permission" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.RangeEndsLabelType": { + "AWS::QBusiness::Permission.Condition": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the range ends label.", - "title": "Visibility", + "ConditionKey": { + "markdownDescription": "", + "title": "ConditionKey", "type": "string" + }, + "ConditionOperator": { + "markdownDescription": "", + "title": "ConditionOperator", + "type": "string" + }, + "ConditionValues": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "ConditionValues", + "type": "array" } }, + "required": [ + "ConditionKey", + "ConditionOperator", + "ConditionValues" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLine": { + "AWS::QBusiness::Plugin": { "additionalProperties": false, "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" + "Condition": { + "type": "string" }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the application that will contain the plugin.", + "title": "ApplicationId", + "type": "string" + }, + "AuthConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.PluginAuthConfiguration", + "markdownDescription": "Authentication configuration information for an Amazon Q Business plugin.", + "title": "AuthConfiguration" + }, + "CustomPluginConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.CustomPluginConfiguration", + "markdownDescription": "Configuration information required to create a custom plugin.", + "title": "CustomPluginConfiguration" + }, + "DisplayName": { + "markdownDescription": "The name of the plugin.", + "title": "DisplayName", + "type": "string" + }, + "ServerUrl": { + "markdownDescription": "The plugin server URL used for configuration.", + "title": "ServerUrl", + "type": "string" + }, + "State": { + "markdownDescription": "The current status of the plugin.", + "title": "State", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the plugin.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "AuthConfiguration", + "DisplayName", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Plugin" + ], "type": "string" }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DataConfiguration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration": { + "AWS::QBusiness::Plugin.APISchema": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", + "Payload": { + "markdownDescription": "The JSON or YAML-formatted payload defining the OpenAPI schema for a custom plugin.", + "title": "Payload", "type": "string" + }, + "S3": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.S3", + "markdownDescription": "Contains details about the S3 object containing the OpenAPI schema for a custom plugin. The schema could be in either JSON or YAML format.", + "title": "S3" } }, - "required": [ - "CustomLabel" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration": { + "AWS::QBusiness::Plugin.BasicAuthConfiguration": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the basic authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", "type": "string" }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" - }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", + "SecretArn": { + "markdownDescription": "The ARN of the Secrets Manager secret that stores the basic authentication credentials used for plugin configuration..", + "title": "SecretArn", "type": "string" - }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" } }, + "required": [ + "RoleArn", + "SecretArn" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration": { + "AWS::QBusiness::Plugin.CustomPluginConfiguration": { "additionalProperties": false, "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" + "ApiSchema": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.APISchema", + "markdownDescription": "Contains either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema.", + "title": "ApiSchema" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" + "ApiSchemaType": { + "markdownDescription": "The type of OpenAPI schema to use.", + "title": "ApiSchemaType", + "type": "string" }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" + "Description": { + "markdownDescription": "A description for your custom plugin configuration.", + "title": "Description", + "type": "string" } }, "required": [ - "Calculation", - "Column" + "ApiSchema", + "ApiSchemaType", + "Description" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration": { + "AWS::QBusiness::Plugin.OAuth2ClientCredentialConfiguration": { "additionalProperties": false, "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" + "AuthorizationUrl": { + "markdownDescription": "The redirect URL required by the OAuth 2.0 protocol for Amazon Q Business to authenticate a plugin user through a third party authentication server.", + "title": "AuthorizationUrl", + "type": "string" }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the OAuth 2.0 authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" + "SecretArn": { + "markdownDescription": "The ARN of the Secrets Manager secret that stores the OAuth 2.0 credentials/token used for plugin configuration.", + "title": "SecretArn", + "type": "string" }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", + "TokenUrl": { + "markdownDescription": "The URL required by the OAuth 2.0 protocol to exchange an end user authorization code for an access token.", + "title": "TokenUrl", "type": "string" + } + }, + "required": [ + "RoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::QBusiness::Plugin.PluginAuthConfiguration": { + "additionalProperties": false, + "properties": { + "BasicAuthConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.BasicAuthConfiguration", + "markdownDescription": "Information about the basic authentication credentials used to configure a plugin.", + "title": "BasicAuthConfiguration" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" + "NoAuthConfiguration": { + "markdownDescription": "Information about invoking a custom plugin without any authentication.", + "title": "NoAuthConfiguration", + "type": "object" }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", - "type": "string" + "OAuth2ClientCredentialConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Plugin.OAuth2ClientCredentialConfiguration", + "markdownDescription": "Information about the OAuth 2.0 authentication credential/token used to configure a plugin.", + "title": "OAuth2ClientCredentialConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration": { + "AWS::QBusiness::Plugin.S3": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" + "Bucket": { + "markdownDescription": "The name of the S3 bucket that contains the file.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name of the file.", + "title": "Key", + "type": "string" } }, "required": [ - "Value" + "Bucket", + "Key" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration": { + "AWS::QBusiness::Retriever": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", + "Condition": { "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business application using the retriever.", + "title": "ApplicationId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.RetrieverConfiguration", + "markdownDescription": "Provides information on how the retriever used for your Amazon Q Business application is configured.", + "title": "Configuration" + }, + "DisplayName": { + "markdownDescription": "The name of your retriever.", + "title": "DisplayName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of an IAM role used by Amazon Q Business to access the basic authentication credentials stored in a Secrets Manager secret.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize the retriever. You can also use tags to help control access to the retriever. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of your retriever.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ApplicationId", + "Configuration", + "DisplayName", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QBusiness::Retriever" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration": { + "AWS::QBusiness::Retriever.KendraIndexConfiguration": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" - }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", + "IndexId": { + "markdownDescription": "The identifier of the Amazon Kendra index.", + "title": "IndexId", "type": "string" } }, + "required": [ + "IndexId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions": { + "AWS::QBusiness::Retriever.NativeIndexConfiguration": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", + "IndexId": { + "markdownDescription": "The identifier for the Amazon Q Business index.", + "title": "IndexId", "type": "string" - }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" } }, + "required": [ + "IndexId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.RelativeDatesFilter": { + "AWS::QBusiness::Retriever.RetrieverConfiguration": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" + "KendraIndexConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.KendraIndexConfiguration", + "markdownDescription": "Provides information on how the Amazon Kendra index used as a retriever for your Amazon Q Business application is configured.", + "title": "KendraIndexConfiguration" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "NativeIndexConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::Retriever.NativeIndexConfiguration", + "markdownDescription": "Provides information on how a Amazon Q Business index used as a retriever for your Amazon Q Business application is configured.", + "title": "NativeIndexConfiguration" + } + }, + "type": "object" + }, + "AWS::QBusiness::WebExperience": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "Metadata": { + "type": "object" }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationId": { + "markdownDescription": "The identifier of the Amazon Q Business web experience.", + "title": "ApplicationId", + "type": "string" + }, + "BrowserExtensionConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.BrowserExtensionConfiguration", + "markdownDescription": "The container for browser extension configuration for an Amazon Q Business web experience.", + "title": "BrowserExtensionConfiguration" + }, + "CustomizationConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.CustomizationConfiguration", + "markdownDescription": "Contains the configuration information to customize the logo, font, and color of an Amazon Q Business web experience with individual files for each property or a CSS file for them all.", + "title": "CustomizationConfiguration" + }, + "IdentityProviderConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.IdentityProviderConfiguration", + "markdownDescription": "Provides information about the identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "IdentityProviderConfiguration" + }, + "Origins": { + "items": { + "type": "string" + }, + "markdownDescription": "Sets the website domain origins that are allowed to embed the Amazon Q Business web experience. The *domain origin* refers to the base URL for accessing a website including the protocol ( `http/https` ), the domain name, and the port number (if specified).\n\n> You must only submit a *base URL* and not a full path. For example, `https://docs.aws.amazon.com` .", + "title": "Origins", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the service role attached to your web experience.\n\n> You must provide this value if you're using IAM Identity Center to manage end user access to your application. If you're using legacy identity management to manage user access, you don't need to provide this value.", + "title": "RoleArn", + "type": "string" + }, + "SamplePromptsControlMode": { + "markdownDescription": "Determines whether sample prompts are enabled in the web experience for an end user.", + "title": "SamplePromptsControlMode", + "type": "string" + }, + "Subtitle": { + "markdownDescription": "A subtitle to personalize your Amazon Q Business web experience.", + "title": "Subtitle", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs that identify or categorize your Amazon Q Business web experience. You can also use tags to help control access to the web experience. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.", + "title": "Tags", + "type": "array" + }, + "Title": { + "markdownDescription": "The title for your Amazon Q Business web experience.", + "title": "Title", + "type": "string" + }, + "WelcomeMessage": { + "markdownDescription": "A message in an Amazon Q Business web experience.", + "title": "WelcomeMessage", + "type": "string" + } + }, + "required": [ + "ApplicationId" + ], + "type": "object" }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", - "type": "number" + "Type": { + "enum": [ + "AWS::QBusiness::WebExperience" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ResourcePermission": { + "AWS::QBusiness::WebExperience.BrowserExtensionConfiguration": { "additionalProperties": false, "properties": { - "Actions": { + "EnabledBrowserExtensions": { "items": { "type": "string" }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", + "markdownDescription": "Specify the browser extensions allowed for your Amazon Q web experience.\n\n- `CHROME` \u2014 Enables the extension for Chromium-based browsers (Google Chrome, Microsoft Edge, Opera, etc.).\n- `FIREFOX` \u2014 Enables the extension for Mozilla Firefox.\n- `CHROME` and `FIREFOX` \u2014 Enable the extension for Chromium-based browsers and Mozilla Firefox.", + "title": "EnabledBrowserExtensions", "type": "array" - }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", - "type": "string" } }, "required": [ - "Actions", - "Principal" + "EnabledBrowserExtensions" ], "type": "object" }, - "AWS::QuickSight::Dashboard.RollingDateConfiguration": { + "AWS::QBusiness::WebExperience.CustomizationConfiguration": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "CustomCSSUrl": { + "markdownDescription": "Provides the URL where the custom CSS file is hosted for an Amazon Q web experience.", + "title": "CustomCSSUrl", "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", - "title": "Expression", + "FaviconUrl": { + "markdownDescription": "Provides the URL where the custom favicon file is hosted for an Amazon Q web experience.", + "title": "FaviconUrl", + "type": "string" + }, + "FontUrl": { + "markdownDescription": "Provides the URL where the custom font file is hosted for an Amazon Q web experience.", + "title": "FontUrl", + "type": "string" + }, + "LogoUrl": { + "markdownDescription": "Provides the URL where the custom logo file is hosted for an Amazon Q web experience.", + "title": "LogoUrl", "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.RowAlternateColorOptions": { + "AWS::QBusiness::WebExperience.IdentityProviderConfiguration": { "additionalProperties": false, "properties": { - "RowAlternateColors": { - "items": { - "type": "string" - }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", - "type": "array" + "OpenIDConnectConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.OpenIDConnectProviderConfiguration", + "markdownDescription": "The OIDC-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "OpenIDConnectConfiguration" }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", + "SamlConfiguration": { + "$ref": "#/definitions/AWS::QBusiness::WebExperience.SamlProviderConfiguration", + "markdownDescription": "The SAML 2.0-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.", + "title": "SamlConfiguration" + } + }, + "type": "object" + }, + "AWS::QBusiness::WebExperience.OpenIDConnectProviderConfiguration": { + "additionalProperties": false, + "properties": { + "SecretsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a Secrets Manager secret containing the OIDC client secret.", + "title": "SecretsArn", "type": "string" }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", + "SecretsRole": { + "markdownDescription": "An IAM role with permissions to access AWS KMS to decrypt the Secrets Manager secret containing your OIDC client secret.", + "title": "SecretsRole", "type": "string" } }, + "required": [ + "SecretsArn", + "SecretsRole" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration": { + "AWS::QBusiness::WebExperience.SamlProviderConfiguration": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", + "AuthenticationUrl": { + "markdownDescription": "The URL where Amazon Q Business end users will be redirected for authentication.", + "title": "AuthenticationUrl", "type": "string" - }, - "TargetVisuals": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", - "type": "array" } }, + "required": [ + "AuthenticationUrl" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells": { + "AWS::QLDB::Ledger": { "additionalProperties": false, "properties": { - "Destination": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", - "type": "array" + "Condition": { + "type": "string" }, - "Source": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Weight": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "Specifies whether the ledger is protected from being deleted by any user. If not defined during ledger creation, this feature is enabled ( `true` ) by default.\n\nIf deletion protection is enabled, you must first disable it before you can delete the ledger. You can disable it by calling the `UpdateLedger` operation to set this parameter to `false` .", + "title": "DeletionProtection", + "type": "boolean" + }, + "KmsKey": { + "markdownDescription": "The key in AWS Key Management Service ( AWS KMS ) to use for encryption of data at rest in the ledger. For more information, see [Encryption at rest](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html) in the *Amazon QLDB Developer Guide* .\n\nUse one of the following options to specify this parameter:\n\n- `AWS_OWNED_KMS_KEY` : Use an AWS KMS key that is owned and managed by AWS on your behalf.\n- *Undefined* : By default, use an AWS owned KMS key.\n- *A valid symmetric customer managed KMS key* : Use the specified symmetric encryption KMS key in your account that you create, own, and manage.\n\nAmazon QLDB does not support asymmetric keys. For more information, see [Using symmetric and asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .\n\nTo specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with `\"alias/\"` . To specify a key in a different AWS account , you must use the key ARN or alias ARN.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`\n\nFor more information, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKey", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the ledger that you want to create. The name must be unique among all of the ledgers in your AWS account in the current Region.\n\nNaming constraints for ledger names are defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", + "title": "Name", + "type": "string" + }, + "PermissionsMode": { + "markdownDescription": "The permissions mode to assign to the ledger that you want to create. This parameter can have one of the following values:\n\n- `ALLOW_ALL` : A legacy permissions mode that enables access control with API-level granularity for ledgers.\n\nThis mode allows users who have the `SendCommand` API permission for this ledger to run all PartiQL commands (hence, `ALLOW_ALL` ) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.\n- `STANDARD` : ( *Recommended* ) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.\n\nBy default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the `SendCommand` API permission for the ledger. For information, see [Getting started with the standard permissions mode](https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html) in the *Amazon QLDB Developer Guide* .\n\n> We strongly recommend using the `STANDARD` permissions mode to maximize the security of your ledger data.", + "title": "PermissionsMode", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", - "type": "array" + "required": [ + "PermissionsMode" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QLDB::Ledger" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration": { + "AWS::QLDB::Stream": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", - "title": "DataLabels" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", - "title": "SortConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ExclusiveEndTime": { + "markdownDescription": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .", + "title": "ExclusiveEndTime", + "type": "string" + }, + "InclusiveStartTime": { + "markdownDescription": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` .", + "title": "InclusiveStartTime", + "type": "string" + }, + "KinesisConfiguration": { + "$ref": "#/definitions/AWS::QLDB::Stream.KinesisConfiguration", + "markdownDescription": "The configuration settings of the Kinesis Data Streams destination for your stream request.", + "title": "KinesisConfiguration" + }, + "LedgerName": { + "markdownDescription": "The name of the ledger.", + "title": "LedgerName", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests.", + "title": "RoleArn", + "type": "string" + }, + "StreamName": { + "markdownDescription": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", + "title": "StreamName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "InclusiveStartTime", + "KinesisConfiguration", + "LedgerName", + "RoleArn", + "StreamName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QLDB::Stream" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramFieldWells": { + "AWS::QLDB::Stream.KinesisConfiguration": { "additionalProperties": false, "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" + "AggregationEnabled": { + "markdownDescription": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call.\n\nDefault: `True`\n\n> Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* .", + "title": "AggregationEnabled", + "type": "boolean" + }, + "StreamArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.", + "title": "StreamArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration": { + "AWS::QuickSight::Analysis": { "additionalProperties": false, "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" + "Condition": { + "type": "string" }, - "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "WeightSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AnalysisId": { + "markdownDescription": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", + "title": "AnalysisId", + "type": "string" + }, + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you are creating an analysis.", + "title": "AwsAccountId", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisError" + }, + "markdownDescription": "Errors associated with the analysis.", + "title": "Errors", + "type": "array" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A descriptive name for the analysis that you're creating. This name displays for the analysis in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Parameters", + "markdownDescription": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values.", + "title": "Parameters" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ResourcePermission" + }, + "markdownDescription": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` .", + "title": "Permissions", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceEntity", + "markdownDescription": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", + "title": "SourceEntity" + }, + "Status": { + "markdownDescription": "Status associated with the analysis.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis.", + "title": "Tags", + "type": "array" + }, + "ThemeArn": { + "markdownDescription": "The ARN for the theme to apply to the analysis that you're creating. To see the theme in the Amazon QuickSight console, make sure that you have access to it.", + "title": "ThemeArn", + "type": "string" + }, + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + } }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", - "type": "array" + "required": [ + "AnalysisId", + "AwsAccountId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Analysis" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SankeyDiagramVisual": { + "AWS::QuickSight::Analysis.AggregationFunction": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", - "title": "ChartConfiguration" + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.AggregationSortConfiguration": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" + }, + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", "type": "string" } }, "required": [ - "VisualId" + "Column", + "SortDirection" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::QuickSight::Analysis.AnalysisDefaults": { "additionalProperties": false, "properties": { - "Category": { + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" + } + }, + "required": [ + "DefaultNewSheetConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.AnalysisDefinition": { + "additionalProperties": false, + "properties": { + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" + }, + "CalculatedFields": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedField" }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", + "markdownDescription": "An array of calculated field definitions for the analysis.", + "title": "CalculatedFields", "type": "array" }, - "Label": { + "ColumnConfigurations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnConfiguration" }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", + "markdownDescription": "An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis.", + "title": "ColumnConfigurations", "type": "array" }, - "Size": { + "DataSetIdentifierDeclarations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetIdentifierDeclaration" }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", + "markdownDescription": "An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures.", + "title": "DataSetIdentifierDeclarations", "type": "array" }, - "XAxis": { + "FilterGroups": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterGroup" }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", + "markdownDescription": "Filter definitions for an analysis.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", "type": "array" }, - "YAxis": { + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AssetOptions", + "markdownDescription": "An array of option definitions for an analysis.", + "title": "Options" + }, + "ParameterDeclarations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDeclaration" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ScatterPlotConfiguration": { - "additionalProperties": false, - "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" - }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" - }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" - }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ScatterPlotFieldWells": { - "additionalProperties": false, - "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" - }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", + "markdownDescription": "An array of parameter declarations for an analysis.\n\nParameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", "type": "array" }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" + "QueryExecutionOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.QueryExecutionOptions", + "markdownDescription": "", + "title": "QueryExecutionOptions" }, - "XAxis": { + "Sheets": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetDefinition" }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", + "markdownDescription": "An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis.", + "title": "Sheets", "type": "array" }, - "YAxis": { + "StaticFiles": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFile" }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", + "markdownDescription": "The static files for the definition.", + "title": "StaticFiles", "type": "array" } }, + "required": [ + "DataSetIdentifierDeclarations" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScatterPlotVisual": { + "AWS::QuickSight::Analysis.AnalysisError": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Message": { + "markdownDescription": "The message associated with the analysis error.", + "title": "Message", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Type": { + "markdownDescription": "The type of the analysis error.", + "title": "Type", + "type": "string" }, - "ColumnHierarchies": { + "ViolatedEntities": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.Entity" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "Lists the violated entities that caused the analysis error", + "title": "ViolatedEntities", "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ScrollBarOptions": { + "AWS::QuickSight::Analysis.AnalysisSourceEntity": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", - "type": "string" - }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceTemplate", + "markdownDescription": "The source template for the source entity of the analysis.", + "title": "SourceTemplate" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SecondaryValueOptions": { + "AWS::QuickSight::Analysis.AnalysisSourceTemplate": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source template of an analysis.", + "title": "Arn", "type": "string" + }, + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetReference" + }, + "markdownDescription": "The dataset references of the source template of an analysis.", + "title": "DataSetReferences", + "type": "array" } }, + "required": [ + "Arn", + "DataSetReferences" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionAfterPageBreak": { + "AWS::QuickSight::Analysis.AnchorDateConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", - "title": "Status", + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions": { + "AWS::QuickSight::Analysis.ArcAxisConfiguration": { "additionalProperties": false, "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" + }, + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration": { + "AWS::QuickSight::Analysis.ArcAxisDisplayRange": { "additionalProperties": false, "properties": { - "BodySections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionConfiguration" - }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", - "type": "array" - }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" - }, - "FooterSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", - "type": "array" + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", + "type": "number" }, - "HeaderSections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" - }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", - "type": "array" + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", + "type": "number" } }, - "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions": { + "AWS::QuickSight::Analysis.ArcConfiguration": { "additionalProperties": false, "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" - }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", - "type": "string" + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", + "type": "number" }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionLayoutConfiguration": { + "AWS::QuickSight::Analysis.ArcOptions": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" } }, - "required": [ - "FreeFormLayout" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SectionPageBreakConfiguration": { + "AWS::QuickSight::Analysis.AssetOptions": { "additionalProperties": false, "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", + "type": "string" + }, + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SectionStyle": { + "AWS::QuickSight::Analysis.AttributeAggregationFunction": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", "type": "string" }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration": { + "AWS::QuickSight::Analysis.AxisDataOptions": { "additionalProperties": false, "properties": { - "SheetVisualScopingConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration" - }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", - "type": "array" + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" + }, + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SeriesItem": { + "AWS::QuickSight::Analysis.AxisDisplayMinMaxRange": { "additionalProperties": false, "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", + "type": "number" }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SetParameterValueConfiguration": { + "AWS::QuickSight::Analysis.AxisDisplayOptions": { "additionalProperties": false, "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", + "type": "string" + }, + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" + }, + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", + "type": "string" + }, + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" + }, + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" } }, - "required": [ - "DestinationParameterName", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.ShapeConditionalFormat": { + "AWS::QuickSight::Analysis.AxisDisplayRange": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" + }, + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" } }, - "required": [ - "BackgroundColor" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.Sheet": { + "AWS::QuickSight::Analysis.AxisLabelOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", - "type": "string" + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions": { + "AWS::QuickSight::Analysis.AxisLabelReferenceOptions": { "additionalProperties": false, "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", + "FieldId": { + "markdownDescription": "The field that the axis label is targeted to.", + "title": "FieldId", "type": "string" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlLayout": { + "AWS::QuickSight::Analysis.AxisLinearScale": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" } }, - "required": [ - "Configuration" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration": { + "AWS::QuickSight::Analysis.AxisLogarithmicScale": { "additionalProperties": false, "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetControlsOption": { + "AWS::QuickSight::Analysis.AxisScale": { "additionalProperties": false, "properties": { - "VisibilityState": { - "markdownDescription": "Visibility state.", - "title": "VisibilityState", - "type": "string" + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" + }, + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetDefinition": { + "AWS::QuickSight::Analysis.AxisTickLabelOptions": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", - "type": "string" + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" }, - "FilterControls": { + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterControl" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", "type": "array" }, - "Layouts": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Layout" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", "type": "array" }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", - "type": "string" - }, - "ParameterControls": { + "SmallMultiples": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterControl" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", "type": "array" }, - "SheetControlLayouts": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayout" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "title": "Values", "type": "array" - }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BarChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", "type": "string" }, - "TextBoxes": { + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" + }, + "ContributionAnalysisDefaults": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetTextBox" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", "type": "array" }, - "Title": { - "markdownDescription": "The title of the sheet.", - "title": "Title", + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", "type": "string" }, - "Visuals": { + "ReferenceLines": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.Visual" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", "type": "array" - } - }, - "required": [ - "SheetId" - ], - "type": "object" - }, - "AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.SheetElementRenderingRule": { - "additionalProperties": false, - "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", - "type": "string" + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, - "required": [ - "ConfigurationOverrides", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption": { + "AWS::QuickSight::Analysis.BarChartFieldWells": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The status of the sheet layout maximization options of a dashbaord.", - "title": "AvailabilityStatus", - "type": "string" + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SheetTextBox": { + "AWS::QuickSight::Analysis.BarChartSortConfiguration": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", - "type": "string" + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", - "type": "string" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, - "required": [ - "SheetTextBoxId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration": { + "AWS::QuickSight::Analysis.BarChartVisual": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "VisualIds": { + "ColumnHierarchies": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "Scope", - "SheetId" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ShortFormatText": { + "AWS::QuickSight::Analysis.BinCountOptions": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", - "type": "string" - }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", - "type": "string" + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SimpleClusterMarker": { + "AWS::QuickSight::Analysis.BinWidthOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", - "type": "string" + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", + "type": "number" + }, + "Value": { + "markdownDescription": "The options that determine the bin width value.", + "title": "Value", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SliderControlDisplayOptions": { + "AWS::QuickSight::Analysis.BodySectionConfiguration": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" + }, + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" + }, + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" } }, + "required": [ + "Content", + "SectionId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties": { + "AWS::QuickSight::Analysis.BodySectionContent": { "additionalProperties": false, "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", - "type": "string" - }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", - "type": "string" + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SmallMultiplesOptions": { + "AWS::QuickSight::Analysis.BodySectionDynamicCategoryDimensionConfiguration": { "additionalProperties": false, "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", - "type": "number" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", "type": "number" }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" - }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" - }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" } }, + "required": [ + "Column" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.Spacing": { + "AWS::QuickSight::Analysis.BodySectionDynamicNumericDimensionConfiguration": { "additionalProperties": false, "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", - "type": "string" - }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", - "type": "string" + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", - "type": "string" + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" } }, + "required": [ + "Column" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.StringDefaultValues": { + "AWS::QuickSight::Analysis.BodySectionRepeatConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" }, - "StaticValues": { + "NonRepeatingVisuals": { "items": { "type": "string" }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.StringFormatConfiguration": { + "AWS::QuickSight::Analysis.BodySectionRepeatDimensionConfiguration": { "additionalProperties": false, "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.StringParameter": { + "AWS::QuickSight::Analysis.BodySectionRepeatPageBreakConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A display name for a string parameter.", - "title": "Name", - "type": "string" + "After": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", + "title": "GroupBy", + "type": "array" }, "Values": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The values of a string parameter.", + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", "title": "Values", "type": "array" } }, - "required": [ - "Name", - "Values" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.StringParameterDeclaration": { + "AWS::QuickSight::Analysis.BoxPlotChartConfiguration": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", + "title": "CategoryLabelOptions" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, - "required": [ - "Name", - "ParameterValueType" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.BoxPlotFieldWells": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "string" - }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.SubtotalOptions": { + "AWS::QuickSight::Analysis.BoxPlotOptions": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", "type": "string" }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", "type": "string" }, - "FieldLevelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions" - }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", - "type": "array" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" - }, - "StyleTargets": { + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableStyleTarget" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", + "markdownDescription": "The sort configuration of a group by fields.", + "title": "CategorySort", "type": "array" }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.BoxPlotStyleOptions": { + "additionalProperties": false, + "properties": { + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", "type": "string" - }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableAggregatedFieldWells": { + "AWS::QuickSight::Analysis.BoxPlotVisual": { "additionalProperties": false, "properties": { - "GroupBy": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "Values": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableBorderOptions": { + "AWS::QuickSight::Analysis.CalculatedField": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", "type": "string" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", "type": "string" }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", - "type": "number" + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", + "type": "string" } }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellConditionalFormatting": { + "AWS::QuickSight::Analysis.CalculatedMeasureField": { "additionalProperties": false, "properties": { + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", + "type": "string" + }, "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", + "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" } }, "required": [ + "Expression", "FieldId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration": { + "AWS::QuickSight::Analysis.CascadingControlConfiguration": { "additionalProperties": false, "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", - "type": "string" + "SourceControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlSource" + }, + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableCellStyle": { + "AWS::QuickSight::Analysis.CascadingControlSource": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", - "title": "BackgroundColor", - "type": "string" - }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" - }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", - "type": "number" + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.CategoricalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", + "title": "Column" }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", "type": "string" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableConditionalFormatting": { + "AWS::QuickSight::Analysis.CategoricalMeasureField": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableConditionalFormattingOption": { + "AWS::QuickSight::Analysis.CategoryDrillDownFilter": { "additionalProperties": false, "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", + "type": "array" }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" } }, + "required": [ + "CategoryValues", + "Column" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableConfiguration": { + "AWS::QuickSight::Analysis.CategoryFilter": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "TableInlineVisualizations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableInlineVisualization" - }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", - "type": "array" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" } }, + "required": [ + "Column", + "Configuration", + "FilterId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldCustomIconContent": { + "AWS::QuickSight::Analysis.CategoryFilterConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", - "type": "string" + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" + }, + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" + }, + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldCustomTextContent": { + "AWS::QuickSight::Analysis.CategoryInnerFilter": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" }, - "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", - "title": "Value", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" } }, "required": [ - "FontConfiguration" + "Column", + "Configuration" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldImageConfiguration": { + "AWS::QuickSight::Analysis.ChartAxisLabelOptions": { "additionalProperties": false, "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" + "AxisLabelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelOptions" + }, + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", + "type": "array" + }, + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldLinkConfiguration": { + "AWS::QuickSight::Analysis.ClusterMarker": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" - }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", - "type": "string" + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" } }, - "required": [ - "Content", - "Target" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration": { + "AWS::QuickSight::Analysis.ClusterMarkerConfiguration": { "additionalProperties": false, "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" - }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldOption": { + "AWS::QuickSight::Analysis.ColorScale": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", - "type": "string" - }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", "type": "string" }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" - }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", - "type": "string" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor" + }, + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", + "type": "array" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", - "type": "string" + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" } }, "required": [ - "FieldId" + "ColorFillType", + "Colors" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldOptions": { + "AWS::QuickSight::Analysis.ColorsConfiguration": { "additionalProperties": false, "properties": { - "Order": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", - "type": "array" - }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" - }, - "SelectedFieldOptions": { + "CustomColors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomColor" }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldURLConfiguration": { + "AWS::QuickSight::Analysis.ColumnConfiguration": { "additionalProperties": false, "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column.", + "title": "Column" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" + }, + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", + "type": "string" } }, + "required": [ + "Column" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableFieldWells": { + "AWS::QuickSight::Analysis.ColumnHierarchy": { "additionalProperties": false, "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" + }, + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableInlineVisualization": { + "AWS::QuickSight::Analysis.ColumnIdentifier": { "additionalProperties": false, "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", + "type": "string" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", + "type": "string" } }, + "required": [ + "ColumnName", + "DataSetIdentifier" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableOptions": { + "AWS::QuickSight::Analysis.ColumnSort": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" - }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" } }, + "required": [ + "Direction", + "SortBy" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TablePaginatedReportOptions": { + "AWS::QuickSight::Analysis.ColumnTooltipItem": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", "type": "string" } }, + "required": [ + "Column" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TablePinnedFieldOptions": { + "AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "PinnedLeftFields": { + "BarValues": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableRowConditionalFormatting": { - "additionalProperties": false, - "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The aggregated category field wells of a combo chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", + "type": "array" + }, + "LineValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableSideBorderOptions": { + "AWS::QuickSight::Analysis.ComboChartConfiguration": { "additionalProperties": false, "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", + "type": "string" }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", + "title": "CategoryAxis" }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "title": "CategoryLabelOptions" }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", + "title": "ColorLabelOptions" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TableSortConfiguration": { - "additionalProperties": false, - "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "RowSort": { + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableStyleTarget": { + "AWS::QuickSight::Analysis.ComboChartFieldWells": { "additionalProperties": false, "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", - "type": "string" + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" } }, - "required": [ - "CellType" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells": { + "AWS::QuickSight::Analysis.ComboChartSortConfiguration": { "additionalProperties": false, "properties": { - "Values": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", + "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the color field well in a combo chart.", + "title": "ColorSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TableVisual": { + "AWS::QuickSight::Analysis.ComboChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } @@ -206364,4624 +221589,4081 @@ ], "type": "object" }, - "AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions": { + "AWS::QuickSight::Analysis.ComparisonConfiguration": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TextConditionalFormat": { + "AWS::QuickSight::Analysis.ComparisonFormatConfiguration": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" - }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TextControlPlaceholderOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", - "type": "string" + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions": { + "AWS::QuickSight::Analysis.Computation": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.ThousandSeparatorOptions": { - "additionalProperties": false, - "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", - "type": "string" + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", - "type": "string" + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" + }, + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" + }, + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" + }, + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TimeBasedForecastProperties": { + "AWS::QuickSight::Analysis.ConditionalFormattingColor": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" - }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" - }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", - "type": "number" + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TimeEqualityFilter": { + "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", "type": "string" }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", - "type": "string" + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" } }, "required": [ - "Column", - "FilterId" + "Expression", + "IconOptions" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter": { + "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", - "type": "string" - }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", "type": "string" } }, - "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeFilter": { + "AWS::QuickSight::Analysis.ConditionalFormattingGradientColor": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" - }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "Color", + "Expression" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TimeRangeFilterValue": { + "AWS::QuickSight::Analysis.ConditionalFormattingIcon": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", - "type": "string" - }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", - "type": "string" + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TooltipItem": { + "AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration": { "additionalProperties": false, "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" - }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TooltipOptions": { + "AWS::QuickSight::Analysis.ConditionalFormattingIconSet": { "additionalProperties": false, "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" - }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", "type": "string" } }, + "required": [ + "Expression" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomFilter": { + "AWS::QuickSight::Analysis.ConditionalFormattingSolidColor": { "additionalProperties": false, "properties": { - "AggregationSortConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationSortConfiguration" - }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for solid color.", + "title": "Expression", "type": "string" } }, "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" + "Expression" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomMoversComputation": { + "AWS::QuickSight::Analysis.ContextMenuOption": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ContributionAnalysisDefault": { + "additionalProperties": false, + "properties": { + "ContributorDimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + }, + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", + "type": "array" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", - "title": "Type", + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId", - "Type" + "ContributorDimensions", + "MeasureFieldId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TopBottomRankedComputation": { + "AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", "type": "string" }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", - "type": "number" + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" }, - "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", + "type": "string" } }, - "required": [ - "ComputationId", - "Type" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationComputation": { + "AWS::QuickSight::Analysis.CustomActionFilterOperation": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" } }, "required": [ - "ComputationId" + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationFunction": { + "AWS::QuickSight::Analysis.CustomActionNavigationOperation": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", - "type": "string" + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TotalAggregationOption": { + "AWS::QuickSight::Analysis.CustomActionSetParametersOperation": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", - "type": "string" - }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" + "ParameterValueConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SetParameterValueConfiguration" + }, + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", + "type": "array" } }, "required": [ - "FieldId", - "TotalAggregationFunction" + "ParameterValueConfigurations" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TotalOptions": { + "AWS::QuickSight::Analysis.CustomActionURLOperation": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", - "type": "string" - }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", "type": "string" } }, + "required": [ + "URLTarget", + "URLTemplate" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.CustomColor": { "additionalProperties": false, "properties": { - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", - "type": "array" + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" }, - "Groups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", - "type": "array" + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", + "type": "string" }, - "Sizes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", - "type": "array" + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", + "type": "string" } }, + "required": [ + "Color" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapConfiguration": { + "AWS::QuickSight::Analysis.CustomContentConfiguration": { "additionalProperties": false, "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" - }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", - "title": "SortConfiguration" + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TreeMapFieldWells": { - "additionalProperties": false, - "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.TreeMapSortConfiguration": { - "additionalProperties": false, - "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", + "type": "string" }, - "TreeMapSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.TreeMapVisual": { + "AWS::QuickSight::Analysis.CustomContentVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", "title": "ChartConfiguration" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ + "DataSetIdentifier", "VisualId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.TrendArrowOptions": { + "AWS::QuickSight::Analysis.CustomFilterConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", - "title": "Visibility", + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.UnaggregatedField": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" } }, "required": [ - "Column", - "FieldId" + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Dashboard.UniqueValuesComputation": { + "AWS::QuickSight::Analysis.CustomFilterListConfiguration": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "ComputationId" + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Dashboard.ValidationStrategy": { + "AWS::QuickSight::Analysis.CustomNarrativeOptions": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", "type": "string" } }, "required": [ - "Mode" + "Narrative" ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisibleRangeOptions": { - "additionalProperties": false, - "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.Visual": { + "AWS::QuickSight::Analysis.CustomParameterValues": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" - }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" - }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" - }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" - }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" - }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" - }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" - }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" - }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" - }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" - }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" - }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" - }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" - }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" - }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" - }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" - }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" - }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" - }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" + "DateTimeValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", + "type": "array" }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" + "DecimalValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", + "type": "array" }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "IntegerValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", + "type": "array" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" + "StringValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualAxisSortOption": { + "AWS::QuickSight::Analysis.CustomValuesConfiguration": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availaiblity status of a visual's axis sort options.", - "title": "AvailabilityStatus", - "type": "string" + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" + }, + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" } }, + "required": [ + "CustomValues" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualCustomAction": { + "AWS::QuickSight::Analysis.DataBarsOptions": { "additionalProperties": false, "properties": { - "ActionOperations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomActionOperation" - }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", - "type": "array" - }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", - "title": "Name", + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", "type": "string" }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", "type": "string" }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", "type": "string" } }, "required": [ - "ActionOperations", - "CustomActionId", - "Name", - "Trigger" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualCustomActionOperation": { + "AWS::QuickSight::Analysis.DataColor": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" - }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" - }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.VisualMenuOption": { + "AWS::QuickSight::Analysis.DataFieldSeriesItem": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availaiblity status of a visual's menu options.", - "title": "AvailabilityStatus", + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, + "required": [ + "AxisBinding", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.VisualPalette": { + "AWS::QuickSight::Analysis.DataLabelOptions": { "additionalProperties": false, "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", "type": "string" }, - "ColorMap": { + "DataLabelTypes": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathColor" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelType" }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions": { - "additionalProperties": false, - "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", + "type": "string" + }, + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", + "type": "string" + }, + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.VisualTitleLabelOptions": { - "additionalProperties": false, - "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" }, "Visibility": { - "markdownDescription": "The visibility of the title label.", + "markdownDescription": "Determines the visibility of the data labels.", "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.DataLabelType": { "additionalProperties": false, "properties": { - "Breakdowns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", - "type": "array" + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" }, - "Categories": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", - "type": "array" + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The value field wells of a waterfall visual.", - "title": "Values", - "type": "array" + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" + }, + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" + }, + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartConfiguration": { + "AWS::QuickSight::Analysis.DataPathColor": { "additionalProperties": false, "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" - }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", - "title": "Legend" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", - "title": "SortConfiguration" + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", - "title": "VisualPalette" + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", + "type": "string" } }, + "required": [ + "Color", + "Element" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartFieldWells": { + "AWS::QuickSight::Analysis.DataPathLabelType": { "additionalProperties": false, "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartOptions": { + "AWS::QuickSight::Analysis.DataPathSort": { "additionalProperties": false, "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", "type": "string" + }, + "SortPaths": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" + }, + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", + "type": "array" } }, + "required": [ + "Direction", + "SortPaths" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration": { + "AWS::QuickSight::Analysis.DataPathType": { "additionalProperties": false, "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WaterfallVisual": { + "AWS::QuickSight::Analysis.DataPathValue": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Dashboard.WhatIfPointScenario": { + "AWS::QuickSight::Analysis.DataSetIdentifierDeclaration": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", + "DataSetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", + "title": "DataSetArn", "type": "string" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", - "title": "Value", - "type": "number" + "Identifier": { + "markdownDescription": "The identifier of the data set, typically the data set's name.", + "title": "Identifier", + "type": "string" } }, "required": [ - "Date", - "Value" + "DataSetArn", + "Identifier" ], "type": "object" }, - "AWS::QuickSight::Dashboard.WhatIfRangeScenario": { + "AWS::QuickSight::Analysis.DataSetReference": { "additionalProperties": false, "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", "type": "string" }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", "type": "string" - }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", - "title": "Value", - "type": "number" } }, "required": [ - "EndDate", - "StartDate", - "Value" + "DataSetArn", + "DataSetPlaceholder" ], "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells": { + "AWS::QuickSight::Analysis.DateAxisOptions": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" - }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" - }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", - "type": "array" + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudChartConfiguration": { + "AWS::QuickSight::Analysis.DateDimensionField": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", - "title": "CategoryLabelOptions" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", - "title": "SortConfiguration" + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Dashboard.WordCloudFieldWells": { - "additionalProperties": false, - "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudOptions": { + "AWS::QuickSight::Analysis.DateMeasureField": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", - "type": "string" - }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" - }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", "type": "string" }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", "type": "string" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, + "required": [ + "Column", + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudSortConfiguration": { + "AWS::QuickSight::Analysis.DateTimeDefaultValues": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "CategorySort": { + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" + }, + "StaticValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "CategorySort", + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "title": "StaticValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Dashboard.WordCloudVisual": { + "AWS::QuickSight::Analysis.DateTimeFormatConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "ColumnHierarchies": { + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DateTimeHierarchy": { + "additionalProperties": false, + "properties": { + "DrillDownFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "VisualId" + "HierarchyId" ], "type": "object" }, - "AWS::QuickSight::DataSet": { + "AWS::QuickSight::Analysis.DateTimeParameter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "A display name for the date-time parameter.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", - "type": "string" - }, - "ColumnGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnGroup" - }, - "markdownDescription": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.", - "title": "ColumnGroups", - "type": "array" - }, - "ColumnLevelPermissionRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnLevelPermissionRule" - }, - "markdownDescription": "A set of one or more definitions of a `ColumnLevelPermissionRule` .", - "title": "ColumnLevelPermissionRules", - "type": "array" - }, - "DataSetId": { - "markdownDescription": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account.", - "title": "DataSetId", - "type": "string" - }, - "DataSetRefreshProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetRefreshProperties", - "markdownDescription": "The refresh properties of a dataset.", - "title": "DataSetRefreshProperties" - }, - "DataSetUsageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetUsageConfiguration", - "markdownDescription": "The usage configuration to apply to child datasets that reference this dataset as a source.", - "title": "DataSetUsageConfiguration" - }, - "DatasetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DatasetParameter" - }, - "markdownDescription": "The parameters that are declared in a dataset.", - "title": "DatasetParameters", - "type": "array" - }, - "FieldFolders": { - "additionalProperties": false, - "markdownDescription": "The folder that contains fields and nested subfolders for your dataset.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.FieldFolder" - } - }, - "title": "FieldFolders", - "type": "object" - }, - "ImportMode": { - "markdownDescription": "Indicates whether you want to import the data into SPICE.", - "title": "ImportMode", - "type": "string" - }, - "IngestionWaitPolicy": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IngestionWaitPolicy", - "markdownDescription": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours.", - "title": "IngestionWaitPolicy" - }, - "LogicalTableMap": { - "additionalProperties": false, - "markdownDescription": "Configures the combination and transformation of the data from the physical tables.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTable" - } - }, - "title": "LogicalTableMap", - "type": "object" - }, - "Name": { - "markdownDescription": "The display name for the dataset.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions on the dataset.", - "title": "Permissions", - "type": "array" - }, - "PhysicalTableMap": { - "additionalProperties": false, - "markdownDescription": "Declares the physical tables that are available in the underlying data sources.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.PhysicalTable" - } - }, - "title": "PhysicalTableMap", - "type": "object" - }, - "RowLevelPermissionDataSet": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionDataSet", - "markdownDescription": "The row-level security configuration for the data that you want to create.", - "title": "RowLevelPermissionDataSet" - }, - "RowLevelPermissionTagConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration", - "markdownDescription": "The element you can use to define tags for row-level security.", - "title": "RowLevelPermissionTagConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.", - "title": "Tags", - "type": "array" - } + "Values": { + "items": { + "type": "string" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::QuickSight::DataSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The values for the date-time parameter.", + "title": "Values", + "type": "array" } }, "required": [ - "Type" + "Name", + "Values" ], "type": "object" }, - "AWS::QuickSight::DataSet.CalculatedColumn": { + "AWS::QuickSight::Analysis.DateTimeParameterDeclaration": { "additionalProperties": false, "properties": { - "ColumnId": { - "markdownDescription": "A unique ID to identify a calculated column. During a dataset update, if the column ID of a calculated column matches that of an existing calculated column, Amazon QuickSight preserves the existing calculated column.", - "title": "ColumnId", - "type": "string" + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" }, - "ColumnName": { - "markdownDescription": "Column name.", - "title": "ColumnName", + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", "type": "string" }, - "Expression": { - "markdownDescription": "An expression that defines the calculated column.", - "title": "Expression", + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "ColumnId", - "ColumnName", - "Expression" + "Name" ], "type": "object" }, - "AWS::QuickSight::DataSet.CastColumnTypeOperation": { + "AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "Column name.", - "title": "ColumnName", + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", "type": "string" }, - "Format": { - "markdownDescription": "When casting a column from string to datetime type, you can supply a string in a format supported by Amazon QuickSight to denote the source data format.", - "title": "Format", + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", "type": "string" }, - "NewColumnType": { - "markdownDescription": "New column data type.", - "title": "NewColumnType", + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", "type": "string" }, - "SubType": { - "markdownDescription": "The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset.", - "title": "SubType", - "type": "string" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, - "required": [ - "ColumnName", - "NewColumnType" - ], "type": "object" }, - "AWS::QuickSight::DataSet.ColumnDescription": { + "AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The text of a description for a column.", - "title": "Text", + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.ColumnGroup": { - "additionalProperties": false, - "properties": { - "GeoSpatialColumnGroup": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.GeoSpatialColumnGroup", - "markdownDescription": "Geospatial column group that denotes a hierarchy.", - "title": "GeoSpatialColumnGroup" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.ColumnLevelPermissionRule": { + "AWS::QuickSight::Analysis.DecimalDefaultValues": { "additionalProperties": false, "properties": { - "ColumnNames": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of column names.", - "title": "ColumnNames", - "type": "array" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" }, - "Principals": { + "StaticValues": { "items": { - "type": "string" + "type": "number" }, - "markdownDescription": "An array of Amazon Resource Names (ARNs) for QuickSight users or groups.", - "title": "Principals", + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::DataSet.ColumnTag": { + "AWS::QuickSight::Analysis.DecimalParameter": { "additionalProperties": false, "properties": { - "ColumnDescription": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnDescription", - "markdownDescription": "A description for a column.", - "title": "ColumnDescription" - }, - "ColumnGeographicRole": { - "markdownDescription": "A geospatial role for a column.", - "title": "ColumnGeographicRole", + "Name": { + "markdownDescription": "A display name for the decimal parameter.", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSet.CreateColumnsOperation": { - "additionalProperties": false, - "properties": { - "Columns": { + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CalculatedColumn" + "type": "number" }, - "markdownDescription": "Calculated columns to create.", - "title": "Columns", + "markdownDescription": "The values for the decimal parameter.", + "title": "Values", "type": "array" } }, "required": [ - "Columns" + "Name", + "Values" ], "type": "object" }, - "AWS::QuickSight::DataSet.CustomSql": { + "AWS::QuickSight::Analysis.DecimalParameterDeclaration": { "additionalProperties": false, "properties": { - "Columns": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, - "markdownDescription": "The column schema from the SQL query result set.", - "title": "Columns", + "markdownDescription": "", + "title": "MappedDataSetParameters", "type": "array" }, - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the data source.", - "title": "DataSourceArn", - "type": "string" - }, "Name": { - "markdownDescription": "A display name for the SQL query result.", + "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, - "SqlQuery": { - "markdownDescription": "The SQL query.", - "title": "SqlQuery", + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" } }, "required": [ - "Columns", - "DataSourceArn", "Name", - "SqlQuery" + "ParameterValueType" ], "type": "object" }, - "AWS::QuickSight::DataSet.DataSetRefreshProperties": { + "AWS::QuickSight::Analysis.DecimalPlacesConfiguration": { "additionalProperties": false, "properties": { - "RefreshConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshConfiguration", - "markdownDescription": "The refresh configuration for a dataset.", - "title": "RefreshConfiguration" + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" } }, + "required": [ + "DecimalPlaces" + ], "type": "object" }, - "AWS::QuickSight::DataSet.DataSetUsageConfiguration": { + "AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "DisableUseAsDirectQuerySource": { - "markdownDescription": "An option that controls whether a child dataset of a direct query can use this dataset as a source.", - "title": "DisableUseAsDirectQuerySource", - "type": "boolean" + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" }, - "DisableUseAsImportedSource": { - "markdownDescription": "An option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.", - "title": "DisableUseAsImportedSource", - "type": "boolean" + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.DatasetParameter": { + "AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions": { "additionalProperties": false, "properties": { - "DateTimeDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameter", - "markdownDescription": "A date time parameter that is created in the dataset.", - "title": "DateTimeDatasetParameter" - }, - "DecimalDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameter", - "markdownDescription": "A decimal parameter that is created in the dataset.", - "title": "DecimalDatasetParameter" + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" }, - "IntegerDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameter", - "markdownDescription": "An integer parameter that is created in the dataset.", - "title": "IntegerDatasetParameter" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "StringDatasetParameter": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameter", - "markdownDescription": "A string parameter that is created in the dataset.", - "title": "StringDatasetParameter" + "Type": { + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.DateTimeDatasetParameter": { + "AWS::QuickSight::Analysis.DefaultFilterControlConfiguration": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given date time parameter. This structure only accepts static values.", - "title": "DefaultValues" + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" }, - "Id": { - "markdownDescription": "An identifier for the parameter that is created in the dataset.", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the date time parameter that is created in the dataset.", - "title": "Name", - "type": "string" - }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the date time parameter.", - "title": "TimeGranularity", - "type": "string" - }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", "type": "string" } }, "required": [ - "Id", - "Name", - "ValueType" + "ControlOptions", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues": { + "AWS::QuickSight::Analysis.DefaultFilterControlOptions": { "additionalProperties": false, "properties": { - "StaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", - "title": "StaticValues", - "type": "array" + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" + }, + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" + }, + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" + }, + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" + }, + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" + }, + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" + }, + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" } }, "type": "object" }, - "AWS::QuickSight::DataSet.DecimalDatasetParameter": { + "AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given decimal parameter. This structure only accepts static values.", - "title": "DefaultValues" - }, - "Id": { - "markdownDescription": "An identifier for the decimal parameter created in the dataset.", - "title": "Id", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", "type": "string" }, - "Name": { - "markdownDescription": "The name of the decimal parameter that is created in the dataset.", - "title": "Name", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", "type": "string" } }, - "required": [ - "Id", - "Name", - "ValueType" - ], - "type": "object" - }, - "AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues": { - "additionalProperties": false, - "properties": { - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of static default values for a given decimal parameter.", - "title": "StaticValues", - "type": "array" - } - }, "type": "object" }, - "AWS::QuickSight::DataSet.FieldFolder": { + "AWS::QuickSight::Analysis.DefaultFilterListControlOptions": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "type": "string" - }, - "markdownDescription": "A folder has a list of columns. A column can only be in one folder.", - "title": "Columns", - "type": "array" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "Description": { - "markdownDescription": "The description for a field folder.", - "title": "Description", + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.FilterOperation": { + "AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { - "ConditionExpression": { - "markdownDescription": "An expression that must evaluate to a Boolean value. Rows for which the expression evaluates to true are kept in the dataset.", - "title": "ConditionExpression", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" } }, "required": [ - "ConditionExpression" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::QuickSight::DataSet.GeoSpatialColumnGroup": { + "AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "type": "string" - }, - "markdownDescription": "Columns in this hierarchy.", - "title": "Columns", - "type": "array" - }, - "CountryCode": { - "markdownDescription": "Country code.", - "title": "CountryCode", - "type": "string" - }, - "Name": { - "markdownDescription": "A display name for the hierarchy.", - "title": "Name", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" } }, "required": [ - "Columns", - "Name" + "CanvasSizeOptions" ], "type": "object" }, - "AWS::QuickSight::DataSet.IncrementalRefresh": { + "AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration": { "additionalProperties": false, "properties": { - "LookbackWindow": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LookbackWindow", - "markdownDescription": "The lookback window setup for an incremental refresh configuration.", - "title": "LookbackWindow" + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" + }, + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" } }, "type": "object" }, - "AWS::QuickSight::DataSet.IngestionWaitPolicy": { + "AWS::QuickSight::Analysis.DefaultNewSheetConfiguration": { "additionalProperties": false, "properties": { - "IngestionWaitTimeInHours": { - "markdownDescription": "The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. Applicable only when `DataSetImportMode` mode is set to SPICE and `WaitForSpiceIngestion` is set to true.", - "title": "IngestionWaitTimeInHours", - "type": "number" + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" }, - "WaitForSpiceIngestion": { - "markdownDescription": "Wait for SPICE ingestion to finish to mark dataset creation or update as successful. Default (true). Applicable only when `DataSetImportMode` mode is set to SPICE.", - "title": "WaitForSpiceIngestion", - "type": "boolean" + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" + }, + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.InputColumn": { + "AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of this column in the underlying data source.", - "title": "Name", - "type": "string" - }, - "SubType": { - "markdownDescription": "The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset.", - "title": "SubType", - "type": "string" - }, - "Type": { - "markdownDescription": "The data type of the column.", - "title": "Type", - "type": "string" + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" } }, - "required": [ - "Name", - "Type" - ], "type": "object" }, - "AWS::QuickSight::DataSet.IntegerDatasetParameter": { + "AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given integer parameter. This structure only accepts static values.", - "title": "DefaultValues" - }, - "Id": { - "markdownDescription": "An identifier for the integer parameter created in the dataset.", - "title": "Id", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the integer parameter that is created in the dataset.", - "title": "Name", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", "type": "string" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, - "required": [ - "Id", - "Name", - "ValueType" - ], "type": "object" }, - "AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues": { + "AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of static default values for a given integer parameter.", - "title": "StaticValues", - "type": "array" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" } }, + "required": [ + "CanvasSizeOptions" + ], "type": "object" }, - "AWS::QuickSight::DataSet.JoinInstruction": { + "AWS::QuickSight::Analysis.DefaultSliderControlOptions": { "additionalProperties": false, "properties": { - "LeftJoinKeyProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", - "markdownDescription": "Join key properties of the left operand.", - "title": "LeftJoinKeyProperties" - }, - "LeftOperand": { - "markdownDescription": "The operand on the left side of a join.", - "title": "LeftOperand", - "type": "string" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "OnClause": { - "markdownDescription": "The join instructions provided in the `ON` clause of a join.", - "title": "OnClause", - "type": "string" + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" }, - "RightJoinKeyProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", - "markdownDescription": "Join key properties of the right operand.", - "title": "RightJoinKeyProperties" + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" }, - "RightOperand": { - "markdownDescription": "The operand on the right side of a join.", - "title": "RightOperand", - "type": "string" + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" }, "Type": { - "markdownDescription": "The type of join that it is.", + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", "title": "Type", "type": "string" } }, "required": [ - "LeftOperand", - "OnClause", - "RightOperand", - "Type" + "MaximumValue", + "MinimumValue", + "StepSize" ], "type": "object" }, - "AWS::QuickSight::DataSet.JoinKeyProperties": { + "AWS::QuickSight::Analysis.DefaultTextAreaControlOptions": { "additionalProperties": false, "properties": { - "UniqueKey": { - "markdownDescription": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by QuickSight to optimize query performance.", - "title": "UniqueKey", - "type": "boolean" + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::DataSet.LogicalTable": { + "AWS::QuickSight::Analysis.DefaultTextFieldControlOptions": { "additionalProperties": false, "properties": { - "Alias": { - "markdownDescription": "A display name for the logical table.", - "title": "Alias", - "type": "string" - }, - "DataTransforms": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.TransformOperation" - }, - "markdownDescription": "Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null.", - "title": "DataTransforms", - "type": "array" - }, - "Source": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTableSource", - "markdownDescription": "Source of this logical table.", - "title": "Source" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" } }, - "required": [ - "Alias", - "Source" - ], "type": "object" }, - "AWS::QuickSight::DataSet.LogicalTableSource": { + "AWS::QuickSight::Analysis.DestinationParameterValueConfiguration": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "The Amazon Resource Number (ARN) of the parent dataset.", - "title": "DataSetArn", + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" + }, + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", "type": "string" }, - "JoinInstruction": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinInstruction", - "markdownDescription": "Specifies the result of a join of two logical tables.", - "title": "JoinInstruction" + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" }, - "PhysicalTableId": { - "markdownDescription": "Physical table ID.", - "title": "PhysicalTableId", + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.LookbackWindow": { + "AWS::QuickSight::Analysis.DimensionField": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the lookback window column.", - "title": "ColumnName", - "type": "string" + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" }, - "Size": { - "markdownDescription": "The lookback window column size.", - "title": "Size", - "type": "number" + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" }, - "SizeUnit": { - "markdownDescription": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` .", - "title": "SizeUnit", + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.DonutCenterOptions": { + "additionalProperties": false, + "properties": { + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.NewDefaultValues": { + "AWS::QuickSight::Analysis.DonutOptions": { "additionalProperties": false, "properties": { - "DateTimeStaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", - "title": "DateTimeStaticValues", - "type": "array" - }, - "DecimalStaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of static default values for a given decimal parameter.", - "title": "DecimalStaticValues", - "type": "array" - }, - "IntegerStaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "A list of static default values for a given integer parameter.", - "title": "IntegerStaticValues", - "type": "array" + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" }, - "StringStaticValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of static default values for a given string parameter.", - "title": "StringStaticValues", - "type": "array" + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" } }, "type": "object" }, - "AWS::QuickSight::DataSet.OutputColumn": { + "AWS::QuickSight::Analysis.DrillDownFilter": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for a column.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The display name of the column..", - "title": "Name", - "type": "string" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" }, - "SubType": { - "markdownDescription": "The sub data type of the column.", - "title": "SubType", - "type": "string" + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" }, - "Type": { - "markdownDescription": "The data type of the column.", - "title": "Type", - "type": "string" + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" } }, "type": "object" }, - "AWS::QuickSight::DataSet.OverrideDatasetParameterOperation": { + "AWS::QuickSight::Analysis.DropDownControlDisplayOptions": { "additionalProperties": false, "properties": { - "NewDefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.NewDefaultValues", - "markdownDescription": "The new default values for the parameter.", - "title": "NewDefaultValues" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "NewParameterName": { - "markdownDescription": "The new name for the parameter.", - "title": "NewParameterName", - "type": "string" + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" }, - "ParameterName": { - "markdownDescription": "The name of the parameter to be overridden with different values.", - "title": "ParameterName", - "type": "string" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, - "required": [ - "ParameterName" - ], "type": "object" }, - "AWS::QuickSight::DataSet.PhysicalTable": { + "AWS::QuickSight::Analysis.DynamicDefaultValue": { "additionalProperties": false, "properties": { - "CustomSql": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CustomSql", - "markdownDescription": "A physical table type built from the results of the custom SQL query.", - "title": "CustomSql" + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" }, - "RelationalTable": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RelationalTable", - "markdownDescription": "A physical table type for relational data sources.", - "title": "RelationalTable" + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" }, - "S3Source": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.S3Source", - "markdownDescription": "A physical table type for as S3 data source.", - "title": "S3Source" + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" } }, + "required": [ + "DefaultValueColumn" + ], "type": "object" }, - "AWS::QuickSight::DataSet.ProjectOperation": { + "AWS::QuickSight::Analysis.EmptyVisual": { "additionalProperties": false, "properties": { - "ProjectedColumns": { + "Actions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, - "markdownDescription": "Projected columns.", - "title": "ProjectedColumns", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "ProjectedColumns" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::QuickSight::DataSet.RefreshConfiguration": { + "AWS::QuickSight::Analysis.Entity": { "additionalProperties": false, "properties": { - "IncrementalRefresh": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.IncrementalRefresh", - "markdownDescription": "The incremental refresh for the dataset.", - "title": "IncrementalRefresh" + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::DataSet.RelationalTable": { + "AWS::QuickSight::Analysis.ExcludePeriodConfiguration": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog associated with a table.", - "title": "Catalog", - "type": "string" - }, - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", - "title": "DataSourceArn", - "type": "string" - }, - "InputColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" - }, - "markdownDescription": "The column schema of the table.", - "title": "InputColumns", - "type": "array" + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", + "type": "number" }, - "Name": { - "markdownDescription": "The name of the relational table.", - "title": "Name", + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", "type": "string" }, - "Schema": { - "markdownDescription": "The schema name. This name applies to certain relational database engines.", - "title": "Schema", + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", "type": "string" } }, "required": [ - "DataSourceArn", - "InputColumns", - "Name" + "Amount", + "Granularity" ], "type": "object" }, - "AWS::QuickSight::DataSet.RenameColumnOperation": { + "AWS::QuickSight::Analysis.ExplicitHierarchy": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column to be renamed.", - "title": "ColumnName", - "type": "string" + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", + "type": "array" }, - "NewColumnName": { - "markdownDescription": "The new name for the column.", - "title": "NewColumnName", + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "ColumnName", - "NewColumnName" + "Columns", + "HierarchyId" ], "type": "object" }, - "AWS::QuickSight::DataSet.ResourcePermission": { + "AWS::QuickSight::Analysis.FieldBasedTooltip": { "additionalProperties": false, "properties": { - "Actions": { + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", + "type": "string" + }, + "TooltipFields": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipItem" }, - "markdownDescription": "The IAM action to grant or revoke permisions on", - "title": "Actions", + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", "type": "array" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", "type": "string" } }, - "required": [ - "Actions", - "Principal" - ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionDataSet": { + "AWS::QuickSight::Analysis.FieldLabelType": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.", - "title": "Arn", - "type": "string" - }, - "FormatVersion": { - "markdownDescription": "The user or group rules associated with the dataset that contains permissions for RLS.\n\nBy default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist.", - "title": "FormatVersion", - "type": "string" - }, - "Namespace": { - "markdownDescription": "The namespace associated with the dataset that contains permissions for RLS.", - "title": "Namespace", - "type": "string" - }, - "PermissionPolicy": { - "markdownDescription": "The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only.", - "title": "PermissionPolicy", + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", "type": "string" }, - "Status": { - "markdownDescription": "The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", - "title": "Status", + "Visibility": { + "markdownDescription": "The visibility of the field label.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Arn", - "PermissionPolicy" - ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration": { + "AWS::QuickSight::Analysis.FieldSeriesItem": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", - "title": "Status", + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", "type": "string" }, - "TagRuleConfigurations": { - "markdownDescription": "The configuration of tags on a dataset to set row-level security.", - "title": "TagRuleConfigurations", - "type": "object" + "FieldId": { + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", + "title": "FieldId", + "type": "string" }, - "TagRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagRule" - }, - "markdownDescription": "A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.", - "title": "TagRules", - "type": "array" + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" } }, "required": [ - "TagRules" + "AxisBinding", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSet.RowLevelPermissionTagRule": { + "AWS::QuickSight::Analysis.FieldSort": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The column name that a tag key is assigned to.", - "title": "ColumnName", - "type": "string" - }, - "MatchAllValue": { - "markdownDescription": "A string that you want to use to filter by all the values in a column in the dataset and don\u2019t want to list the values one by one. For example, you can use an asterisk as your match all value.", - "title": "MatchAllValue", - "type": "string" - }, - "TagKey": { - "markdownDescription": "The unique key for a tag.", - "title": "TagKey", + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", "type": "string" }, - "TagMultiValueDelimiter": { - "markdownDescription": "A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.", - "title": "TagMultiValueDelimiter", + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", "type": "string" } }, "required": [ - "ColumnName", - "TagKey" + "Direction", + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSet.S3Source": { + "AWS::QuickSight::Analysis.FieldSortOptions": { "additionalProperties": false, "properties": { - "DataSourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", - "title": "DataSourceArn", - "type": "string" - }, - "InputColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" - }, - "markdownDescription": "A physical table type for an S3 data source.\n\n> For files that aren't JSON, only `STRING` data types are supported in input columns.", - "title": "InputColumns", - "type": "array" + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" }, - "UploadSettings": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.UploadSettings", - "markdownDescription": "Information about the format for the S3 source file or files.", - "title": "UploadSettings" + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" } }, - "required": [ - "DataSourceArn", - "InputColumns" - ], "type": "object" }, - "AWS::QuickSight::DataSet.StringDatasetParameter": { + "AWS::QuickSight::Analysis.FieldTooltipItem": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues", - "markdownDescription": "A list of default values for a given string dataset parameter type. This structure only accepts static values.", - "title": "DefaultValues" + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", + "type": "string" }, - "Id": { - "markdownDescription": "An identifier for the string parameter that is created in the dataset.", - "title": "Id", + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", "type": "string" }, - "Name": { - "markdownDescription": "The name of the string parameter that is created in the dataset.", - "title": "Name", + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", "type": "string" }, - "ValueType": { - "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", - "title": "ValueType", + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", "type": "string" } }, "required": [ - "Id", - "Name", - "ValueType" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues": { + "AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "StaticValues": { + "Geospatial": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "A list of static default values for a given string parameter.", - "title": "StaticValues", + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::DataSet.TagColumnOperation": { + "AWS::QuickSight::Analysis.FilledMapConditionalFormatting": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The column that this operation acts on.", - "title": "ColumnName", - "type": "string" - }, - "Tags": { + "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnTag" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption" }, - "markdownDescription": "The dataset column tag, currently only used for geospatial type tagging.\n\n> This is not tags for the AWS tagging feature.", - "title": "Tags", + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", "type": "array" } }, "required": [ - "ColumnName", - "Tags" + "ConditionalFormattingOptions" ], "type": "object" }, - "AWS::QuickSight::DataSet.TransformOperation": { + "AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption": { "additionalProperties": false, "properties": { - "CastColumnTypeOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CastColumnTypeOperation", - "markdownDescription": "A transform operation that casts a column to a different type.", - "title": "CastColumnTypeOperation" + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" + } + }, + "required": [ + "Shape" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" }, - "CreateColumnsOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.CreateColumnsOperation", - "markdownDescription": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure.", - "title": "CreateColumnsOperation" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.FilterOperation", - "markdownDescription": "An operation that filters rows based on some condition.", - "title": "FilterOperation" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, - "OverrideDatasetParameterOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.OverrideDatasetParameterOperation", - "markdownDescription": "A transform operation that overrides the dataset parameter values that are defined in another dataset.", - "title": "OverrideDatasetParameterOperation" + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" }, - "ProjectOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.ProjectOperation", - "markdownDescription": "An operation that projects columns. Operations that come after a projection can only refer to projected columns.", - "title": "ProjectOperation" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", + "title": "SortConfiguration" }, - "RenameColumnOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.RenameColumnOperation", - "markdownDescription": "An operation that renames a column.", - "title": "RenameColumnOperation" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" }, - "TagColumnOperation": { - "$ref": "#/definitions/AWS::QuickSight::DataSet.TagColumnOperation", - "markdownDescription": "An operation that tags a column with additional information.", - "title": "TagColumnOperation" + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" } }, "type": "object" }, - "AWS::QuickSight::DataSet.UploadSettings": { + "AWS::QuickSight::Analysis.FilledMapFieldWells": { "additionalProperties": false, "properties": { - "ContainsHeader": { - "markdownDescription": "Whether the file has a header row, or the files each have a header row.", - "title": "ContainsHeader", - "type": "boolean" - }, - "Delimiter": { - "markdownDescription": "The delimiter between values in the file.", - "title": "Delimiter", + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", "type": "string" }, "Format": { - "markdownDescription": "File format.", - "title": "Format", - "type": "string" - }, - "StartFromRow": { - "markdownDescription": "A row number to start reading data from.", - "title": "StartFromRow", - "type": "number" - }, - "TextQualifier": { - "markdownDescription": "Text qualifier.", - "title": "TextQualifier", - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" } }, + "required": [ + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::DataSource": { + "AWS::QuickSight::Analysis.FilledMapSortConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the location fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FilledMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Metadata": { - "type": "object" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AlternateDataSourceParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" - }, - "markdownDescription": "A set of alternate data source parameters that you want to share for the credentials stored with this data source. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the credentials from this existing data source. If the `AlternateDataSourceParameters` list is null, the `Credentials` originally used with this `DataSourceParameters` are automatically allowed.", - "title": "AlternateDataSourceParameters", - "type": "array" - }, - "AwsAccountId": { - "markdownDescription": "The AWS account ID.", - "title": "AwsAccountId", - "type": "string" - }, - "Credentials": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceCredentials", - "markdownDescription": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported.", - "title": "Credentials" - }, - "DataSourceId": { - "markdownDescription": "An ID for the data source. This ID is unique per AWS Region for each AWS account.", - "title": "DataSourceId", - "type": "string" - }, - "DataSourceParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters", - "markdownDescription": "The parameters that Amazon QuickSight uses to connect to your underlying source.", - "title": "DataSourceParameters" - }, - "ErrorInfo": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceErrorInfo", - "markdownDescription": "Error information from the last update or the creation of the data source.", - "title": "ErrorInfo" - }, - "Name": { - "markdownDescription": "A display name for the data source.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions on the data source.", - "title": "Permissions", - "type": "array" - }, - "SslProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SslProperties", - "markdownDescription": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source.", - "title": "SslProperties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service.", - "title": "Type", - "type": "string" - }, - "VpcConnectionProperties": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", - "markdownDescription": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source.", - "title": "VpcConnectionProperties" - } - }, - "type": "object" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Type": { - "enum": [ - "AWS::QuickSight::DataSource" - ], + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Type" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::DataSource.AmazonElasticsearchParameters": { + "AWS::QuickSight::Analysis.Filter": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The OpenSearch domain.", - "title": "Domain", - "type": "string" + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" + }, + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" + }, + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" + }, + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" + }, + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" } }, - "required": [ - "Domain" - ], "type": "object" }, - "AWS::QuickSight::DataSource.AmazonOpenSearchParameters": { + "AWS::QuickSight::Analysis.FilterControl": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The OpenSearch domain.", - "title": "Domain", - "type": "string" + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" + }, + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" } }, - "required": [ - "Domain" - ], "type": "object" }, - "AWS::QuickSight::DataSource.AthenaParameters": { + "AWS::QuickSight::Analysis.FilterCrossSheetControl": { "additionalProperties": false, "properties": { - "RoleArn": { - "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", - "title": "RoleArn", + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", "type": "string" }, - "WorkGroup": { - "markdownDescription": "The workgroup that Amazon Athena uses.", - "title": "WorkGroup", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId" + ], "type": "object" }, - "AWS::QuickSight::DataSource.AuroraParameters": { + "AWS::QuickSight::Analysis.FilterDateTimePickerControl": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" } }, "required": [ - "Database", - "Host", - "Port" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSource.AuroraPostgreSqlParameters": { + "AWS::QuickSight::Analysis.FilterDropDownControl": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "The Amazon Aurora PostgreSQL database to connect to.", - "title": "Database", + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", "type": "string" }, - "Host": { - "markdownDescription": "The Amazon Aurora PostgreSQL-Compatible host to connect to.", - "title": "Host", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", "type": "string" }, - "Port": { - "markdownDescription": "The port that Amazon Aurora PostgreSQL is listening on.", - "title": "Port", - "type": "number" + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" } }, "required": [ - "Database", - "Host", - "Port" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSource.CredentialPair": { + "AWS::QuickSight::Analysis.FilterGroup": { "additionalProperties": false, "properties": { - "AlternateDataSourceParameters": { + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", + "type": "string" + }, + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", + "type": "string" + }, + "Filters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" + "$ref": "#/definitions/AWS::QuickSight::Analysis.Filter" }, - "markdownDescription": "A set of alternate data source parameters that you want to share for these credentials. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the new data source with the existing credentials. If the `AlternateDataSourceParameters` list is null, the `DataSourceParameters` originally used with these `Credentials` is automatically allowed.", - "title": "AlternateDataSourceParameters", + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", "type": "array" }, - "Password": { - "markdownDescription": "Password.", - "title": "Password", - "type": "string" + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" }, - "Username": { - "markdownDescription": "User name.", - "title": "Username", + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", "type": "string" } }, "required": [ - "Password", - "Username" + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" ], "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceCredentials": { + "AWS::QuickSight::Analysis.FilterListConfiguration": { "additionalProperties": false, "properties": { - "CopySourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use. When `CopySourceArn` is not null, the credential pair from the data source in the ARN is used as the credentials for the `DataSourceCredentials` structure.", - "title": "CopySourceArn", - "type": "string" - }, - "CredentialPair": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.CredentialPair", - "markdownDescription": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` .", - "title": "CredentialPair" + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret associated with the data source in AWS Secrets Manager .", - "title": "SecretArn", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::DataSource.DataSourceErrorInfo": { - "additionalProperties": false, - "properties": { - "Message": { - "markdownDescription": "Error message.", - "title": "Message", + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" }, - "Type": { - "markdownDescription": "Error type.", - "title": "Type", + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, + "required": [ + "MatchOperator" + ], "type": "object" }, - "AWS::QuickSight::DataSource.DataSourceParameters": { + "AWS::QuickSight::Analysis.FilterListControl": { "additionalProperties": false, "properties": { - "AmazonElasticsearchParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonElasticsearchParameters", - "markdownDescription": "The parameters for OpenSearch.", - "title": "AmazonElasticsearchParameters" - }, - "AmazonOpenSearchParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonOpenSearchParameters", - "markdownDescription": "The parameters for OpenSearch.", - "title": "AmazonOpenSearchParameters" - }, - "AthenaParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AthenaParameters", - "markdownDescription": "The parameters for Amazon Athena.", - "title": "AthenaParameters" - }, - "AuroraParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraParameters", - "markdownDescription": "The parameters for Amazon Aurora MySQL.", - "title": "AuroraParameters" - }, - "AuroraPostgreSqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraPostgreSqlParameters", - "markdownDescription": "The parameters for Amazon Aurora.", - "title": "AuroraPostgreSqlParameters" - }, - "DatabricksParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.DatabricksParameters", - "markdownDescription": "The required parameters that are needed to connect to a Databricks data source.", - "title": "DatabricksParameters" - }, - "MariaDbParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.MariaDbParameters", - "markdownDescription": "The parameters for MariaDB.", - "title": "MariaDbParameters" - }, - "MySqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.MySqlParameters", - "markdownDescription": "The parameters for MySQL.", - "title": "MySqlParameters" - }, - "OracleParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.OracleParameters", - "markdownDescription": "Oracle parameters.", - "title": "OracleParameters" - }, - "PostgreSqlParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.PostgreSqlParameters", - "markdownDescription": "The parameters for PostgreSQL.", - "title": "PostgreSqlParameters" - }, - "PrestoParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.PrestoParameters", - "markdownDescription": "The parameters for Presto.", - "title": "PrestoParameters" - }, - "RdsParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.RdsParameters", - "markdownDescription": "The parameters for Amazon RDS.", - "title": "RdsParameters" - }, - "RedshiftParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftParameters", - "markdownDescription": "The parameters for Amazon Redshift.", - "title": "RedshiftParameters" - }, - "S3Parameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.S3Parameters", - "markdownDescription": "The parameters for S3.", - "title": "S3Parameters" + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" }, - "SnowflakeParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SnowflakeParameters", - "markdownDescription": "The parameters for Snowflake.", - "title": "SnowflakeParameters" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "SparkParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SparkParameters", - "markdownDescription": "The parameters for Spark.", - "title": "SparkParameters" + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", + "type": "string" }, - "SqlServerParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.SqlServerParameters", - "markdownDescription": "The parameters for SQL Server.", - "title": "SqlServerParameters" + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" }, - "StarburstParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.StarburstParameters", - "markdownDescription": "The parameters that are required to connect to a Starburst data source.", - "title": "StarburstParameters" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", + "type": "string" }, - "TeradataParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.TeradataParameters", - "markdownDescription": "The parameters for Teradata.", - "title": "TeradataParameters" + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" }, - "TrinoParameters": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.TrinoParameters", - "markdownDescription": "The parameters that are required to connect to a Trino data source.", - "title": "TrinoParameters" + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" } }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], "type": "object" }, - "AWS::QuickSight::DataSource.DatabricksParameters": { + "AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "The host name of the Databricks data source.", - "title": "Host", - "type": "string" - }, - "Port": { - "markdownDescription": "The port for the Databricks data source.", - "title": "Port", - "type": "number" + "SelectedColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" + }, + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", + "type": "array" }, - "SqlEndpointPath": { - "markdownDescription": "The HTTP path of the Databricks data source.", - "title": "SqlEndpointPath", + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", "type": "string" + }, + "SelectedFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", + "type": "array" } }, - "required": [ - "Host", - "Port", - "SqlEndpointPath" - ], "type": "object" }, - "AWS::QuickSight::DataSource.ManifestFileLocation": { + "AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "Amazon S3 bucket.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "Amazon S3 key that identifies an object.", - "title": "Key", - "type": "string" + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" } }, - "required": [ - "Bucket", - "Key" - ], "type": "object" }, - "AWS::QuickSight::DataSource.MariaDbParameters": { + "AWS::QuickSight::Analysis.FilterRelativeDateTimeControl": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" } }, "required": [ - "Database", - "Host", - "Port" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSource.MySqlParameters": { + "AWS::QuickSight::Analysis.FilterScopeConfiguration": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" - }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.OracleParameters": { + "AWS::QuickSight::Analysis.FilterSelectableValues": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" - }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" - }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", + "type": "array" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.PostgreSqlParameters": { + "AWS::QuickSight::Analysis.FilterSliderControl": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" } }, "required": [ - "Database", - "Host", - "Port" + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSource.PrestoParameters": { + "AWS::QuickSight::Analysis.FilterTextAreaControl": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "Catalog.", - "title": "Catalog", + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", "type": "string" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" } }, "required": [ - "Catalog", - "Host", - "Port" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSource.RdsParameters": { + "AWS::QuickSight::Analysis.FilterTextFieldControl": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", "type": "string" }, - "InstanceId": { - "markdownDescription": "Instance ID.", - "title": "InstanceId", + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", "type": "string" } }, "required": [ - "Database", - "InstanceId" + "FilterControlId", + "SourceFilterId", + "Title" ], "type": "object" }, - "AWS::QuickSight::DataSource.RedshiftParameters": { + "AWS::QuickSight::Analysis.FontConfiguration": { "additionalProperties": false, "properties": { - "ClusterId": { - "markdownDescription": "Cluster ID. This field can be blank if the `Host` and `Port` are provided.", - "title": "ClusterId", + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", "type": "string" }, - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", "type": "string" }, - "Host": { - "markdownDescription": "Host. This field can be blank if `ClusterId` is provided.", - "title": "Host", + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", "type": "string" }, - "Port": { - "markdownDescription": "Port. This field can be blank if the `ClusterId` is provided.", - "title": "Port", - "type": "number" + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" + }, + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", + "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" } }, - "required": [ - "Database" - ], "type": "object" }, - "AWS::QuickSight::DataSource.ResourcePermission": { + "AWS::QuickSight::Analysis.FontSize": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", + "type": "string" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", "type": "string" } }, - "required": [ - "Actions", - "Principal" - ], "type": "object" }, - "AWS::QuickSight::DataSource.S3Parameters": { + "AWS::QuickSight::Analysis.FontWeight": { "additionalProperties": false, "properties": { - "ManifestFileLocation": { - "$ref": "#/definitions/AWS::QuickSight::DataSource.ManifestFileLocation", - "markdownDescription": "Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Amazon QuickSight.", - "title": "ManifestFileLocation" - }, - "RoleArn": { - "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.", - "title": "RoleArn", + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", "type": "string" } }, - "required": [ - "ManifestFileLocation" - ], "type": "object" }, - "AWS::QuickSight::DataSource.SnowflakeParameters": { + "AWS::QuickSight::Analysis.ForecastComputation": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", + "type": "number" + }, + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "Warehouse": { - "markdownDescription": "Warehouse.", - "title": "Warehouse", + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "Database", - "Host", - "Warehouse" + "ComputationId" ], "type": "object" }, - "AWS::QuickSight::DataSource.SparkParameters": { + "AWS::QuickSight::Analysis.ForecastConfiguration": { "additionalProperties": false, "properties": { - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" } }, - "required": [ - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.SqlServerParameters": { + "AWS::QuickSight::Analysis.ForecastScenario": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", - "type": "string" - }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", - "type": "string" + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.SslProperties": { + "AWS::QuickSight::Analysis.FormatConfiguration": { "additionalProperties": false, "properties": { - "DisableSsl": { - "markdownDescription": "A Boolean option to control whether SSL should be disabled.", - "title": "DisableSsl", - "type": "boolean" + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" + }, + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" + }, + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::DataSource.StarburstParameters": { + "AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog name for the Starburst data source.", - "title": "Catalog", + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.FreeFormLayoutElement": { + "additionalProperties": false, + "properties": { + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" + }, + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", "type": "string" }, - "Host": { - "markdownDescription": "The host name of the Starburst data source.", - "title": "Host", + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", "type": "string" }, - "Port": { - "markdownDescription": "The port for the Starburst data source.", - "title": "Port", - "type": "number" + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", + "type": "string" }, - "ProductType": { - "markdownDescription": "The product type for the Starburst data source.", - "title": "ProductType", + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" + }, + "RenderingRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementRenderingRule" + }, + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", + "type": "array" + }, + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" + }, + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", + "type": "string" + }, + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" + }, + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", "type": "string" } }, "required": [ - "Catalog", - "Host", - "Port" + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" ], "type": "object" }, - "AWS::QuickSight::DataSource.TeradataParameters": { + "AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle": { "additionalProperties": false, "properties": { - "Database": { - "markdownDescription": "Database.", - "title": "Database", + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", "type": "string" }, - "Host": { - "markdownDescription": "Host.", - "title": "Host", + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", "type": "string" - }, - "Port": { - "markdownDescription": "Port.", - "title": "Port", - "type": "number" } }, - "required": [ - "Database", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.TrinoParameters": { + "AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle": { "additionalProperties": false, "properties": { - "Catalog": { - "markdownDescription": "The catalog name for the Trino data source.", - "title": "Catalog", + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", "type": "string" }, - "Host": { - "markdownDescription": "The host name of the Trino data source.", - "title": "Host", + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", "type": "string" - }, - "Port": { - "markdownDescription": "The port for the Trino data source.", - "title": "Port", - "type": "number" } }, - "required": [ - "Catalog", - "Host", - "Port" - ], "type": "object" }, - "AWS::QuickSight::DataSource.VpcConnectionProperties": { + "AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { - "VpcConnectionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the VPC connection.", - "title": "VpcConnectionArn", + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", "type": "string" } }, "required": [ - "VpcConnectionArn" + "OptimizedViewPortWidth" ], "type": "object" }, - "AWS::QuickSight::RefreshSchedule": { + "AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account ID of the account that you are creating a schedule in.", - "title": "AwsAccountId", - "type": "string" - }, - "DataSetId": { - "markdownDescription": "The ID of the dataset that you are creating a refresh schedule for.", - "title": "DataSetId", - "type": "string" - }, - "Schedule": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshScheduleMap", - "markdownDescription": "The refresh schedule of a dataset.", - "title": "Schedule" - } + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::QuickSight::RefreshSchedule" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" } }, "required": [ - "Type" + "Elements" ], "type": "object" }, - "AWS::QuickSight::RefreshSchedule.RefreshOnDay": { + "AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month that you want your dataset to refresh. This value is required for monthly refresh intervals.", - "title": "DayOfMonth", - "type": "string" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" }, - "DayOfWeek": { - "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", - "title": "DayOfWeek", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::RefreshSchedule.RefreshScheduleMap": { + "AWS::QuickSight::Analysis.FunnelChartConfiguration": { "additionalProperties": false, "properties": { - "RefreshType": { - "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *QuickSight User Guide* .", - "title": "RefreshType", - "type": "string" + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", + "title": "CategoryLabelOptions" }, - "ScheduleFrequency": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.ScheduleFrequency", - "markdownDescription": "The frequency for the refresh schedule.", - "title": "ScheduleFrequency" + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" }, - "ScheduleId": { - "markdownDescription": "An identifier for the refresh schedule.", - "title": "ScheduleId", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FieldWells" }, - "StartAfterDateTime": { - "markdownDescription": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format.", - "title": "StartAfterDateTime", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::RefreshSchedule.ScheduleFrequency": { + "AWS::QuickSight::Analysis.FunnelChartDataLabelOptions": { "additionalProperties": false, "properties": { - "Interval": { - "markdownDescription": "The interval between scheduled refreshes. Valid values are as follows:\n\n- `MINUTE15` : The dataset refreshes every 15 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `MINUTE30` : The dataset refreshes every 30 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `HOURLY` : The dataset refreshes every hour. This interval can only be used for one schedule per dataset.\n- `DAILY` : The dataset refreshes every day.\n- `WEEKLY` : The dataset refreshes every week.\n- `MONTHLY` : The dataset refreshes every month.", - "title": "Interval", + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", "type": "string" }, - "RefreshOnDay": { - "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshOnDay", - "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", - "title": "RefreshOnDay" + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", + "type": "string" }, - "TimeOfTheDay": { - "markdownDescription": "The time of day that you want the dataset to refresh. This value is expressed in HH:MM format. This field is not required for schedules that refresh hourly.", - "title": "TimeOfTheDay", + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", "type": "string" }, - "TimeZone": { - "markdownDescription": "The timezone that you want the refresh schedule to use. The timezone ID must match a corresponding ID found on `java.util.time.getAvailableIDs()` .", - "title": "TimeZone", + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template": { + "AWS::QuickSight::Analysis.FunnelChartFieldWells": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FunnelChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed.", + "title": "CategoryItemsLimit" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.FunnelChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "Metadata": { - "type": "object" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", + "title": "ChartConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", - "title": "AwsAccountId", - "type": "string" - }, - "Definition": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateVersionDefinition", - "markdownDescription": "", - "title": "Definition" - }, - "Name": { - "markdownDescription": "A display name for the template.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ResourcePermission" - }, - "markdownDescription": "A list of resource permissions to be set on the template.", - "title": "Permissions", - "type": "array" - }, - "SourceEntity": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceEntity", - "markdownDescription": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", - "title": "SourceEntity" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource.", - "title": "Tags", - "type": "array" - }, - "TemplateId": { - "markdownDescription": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account.", - "title": "TemplateId", - "type": "string" - }, - "ValidationStrategy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ValidationStrategy", - "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", - "title": "ValidationStrategy" - }, - "VersionDescription": { - "markdownDescription": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field.", - "title": "VersionDescription", - "type": "string" - } + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, - "required": [ - "AwsAccountId", - "TemplateId" - ], - "type": "object" + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "Type": { - "enum": [ - "AWS::QuickSight::Template" - ], + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", "type": "string" } }, "required": [ - "Type", - "Properties" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.AggregationFunction": { + "AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting": { "additionalProperties": false, "properties": { - "AttributeAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AttributeAggregationFunction", - "markdownDescription": "Aggregation for attributes.", - "title": "AttributeAggregationFunction" - }, - "CategoricalAggregationFunction": { - "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", - "title": "CategoricalAggregationFunction", - "type": "string" - }, - "DateAggregationFunction": { - "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", - "title": "DateAggregationFunction", - "type": "string" - }, - "NumericalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", - "markdownDescription": "Aggregation for numerical values.", - "title": "NumericalAggregationFunction" + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" } }, "type": "object" }, - "AWS::QuickSight::Template.AggregationSortConfiguration": { + "AWS::QuickSight::Analysis.GaugeChartColorConfiguration": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The function that aggregates the values in `Column` .", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that determines the sort order of aggregated values.", - "title": "Column" + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", + "type": "string" }, - "SortDirection": { - "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", - "title": "SortDirection", + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", "type": "string" } }, - "required": [ - "Column", - "SortDirection" - ], "type": "object" }, - "AWS::QuickSight::Template.AnalysisDefaults": { + "AWS::QuickSight::Analysis.GaugeChartConditionalFormatting": { "additionalProperties": false, "properties": { - "DefaultNewSheetConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultNewSheetConfiguration", - "markdownDescription": "The configuration for default new sheet settings.", - "title": "DefaultNewSheetConfiguration" + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" } }, - "required": [ - "DefaultNewSheetConfiguration" - ], "type": "object" }, - "AWS::QuickSight::Template.AnchorDateConfiguration": { + "AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption": { "additionalProperties": false, "properties": { - "AnchorOption": { - "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", - "title": "AnchorOption", - "type": "string" + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" }, - "ParameterName": { - "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", - "title": "ParameterName", - "type": "string" + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" } }, "type": "object" }, - "AWS::QuickSight::Template.ArcAxisConfiguration": { + "AWS::QuickSight::Analysis.GaugeChartConfiguration": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisDisplayRange", - "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", - "title": "Range" + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" }, - "ReserveRange": { - "markdownDescription": "The reserved range of the arc axis.", - "title": "ReserveRange", - "type": "number" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", + "title": "FieldWells" + }, + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "TooltipOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.ArcAxisDisplayRange": { + "AWS::QuickSight::Analysis.GaugeChartFieldWells": { "additionalProperties": false, "properties": { - "Max": { - "markdownDescription": "The maximum value of the arc axis range.", - "title": "Max", - "type": "number" + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" }, - "Min": { - "markdownDescription": "The minimum value of the arc axis range.", - "title": "Min", - "type": "number" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ArcConfiguration": { + "AWS::QuickSight::Analysis.GaugeChartOptions": { "additionalProperties": false, "properties": { - "ArcAngle": { - "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", - "title": "ArcAngle", - "type": "number" + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" }, - "ArcThickness": { - "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" + }, + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.ArcOptions": { + "AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "ArcThickness": { - "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", - "title": "ArcThickness", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" } }, "type": "object" }, - "AWS::QuickSight::Template.AssetOptions": { + "AWS::QuickSight::Analysis.GaugeChartVisual": { "additionalProperties": false, "properties": { - "Timezone": { - "markdownDescription": "Determines the timezone for the analysis.", - "title": "Timezone", + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "WeekStart": { - "markdownDescription": "Determines the week start day for an analysis.", - "title": "WeekStart", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Template.AttributeAggregationFunction": { + "AWS::QuickSight::Analysis.GeospatialCategoricalColor": { "additionalProperties": false, "properties": { - "SimpleAttributeAggregation": { - "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", - "title": "SimpleAttributeAggregation", - "type": "string" + "CategoryDataColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCategoricalDataColor" + }, + "markdownDescription": "A list of categorical data colors for each category.", + "title": "CategoryDataColors", + "type": "array" }, - "ValueForMultipleValues": { - "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", - "title": "ValueForMultipleValues", + "DefaultOpacity": { + "markdownDescription": "The default opacity of a categorical color.", + "title": "DefaultOpacity", + "type": "number" + }, + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", "type": "string" } }, + "required": [ + "CategoryDataColors" + ], "type": "object" }, - "AWS::QuickSight::Template.AxisDataOptions": { + "AWS::QuickSight::Analysis.GeospatialCategoricalDataColor": { "additionalProperties": false, "properties": { - "DateAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateAxisOptions", - "markdownDescription": "The options for an axis with a date field.", - "title": "DateAxisOptions" + "Color": { + "markdownDescription": "The color and opacity values for the category data color.", + "title": "Color", + "type": "string" }, - "NumericAxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericAxisOptions", - "markdownDescription": "The options for an axis with a numeric field.", - "title": "NumericAxisOptions" + "DataValue": { + "markdownDescription": "The data value for the category data color.", + "title": "DataValue", + "type": "string" } }, + "required": [ + "Color", + "DataValue" + ], "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayMinMaxRange": { + "AWS::QuickSight::Analysis.GeospatialCircleRadius": { "additionalProperties": false, "properties": { - "Maximum": { - "markdownDescription": "The maximum setup for an axis display range.", - "title": "Maximum", - "type": "number" - }, - "Minimum": { - "markdownDescription": "The minimum setup for an axis display range.", - "title": "Minimum", + "Radius": { + "markdownDescription": "The positive value for the radius of a circle.", + "title": "Radius", "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayOptions": { + "AWS::QuickSight::Analysis.GeospatialCircleSymbolStyle": { "additionalProperties": false, "properties": { - "AxisLineVisibility": { - "markdownDescription": "Determines whether or not the axis line is visible.", - "title": "AxisLineVisibility", - "type": "string" - }, - "AxisOffset": { - "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", - "title": "AxisOffset", - "type": "string" - }, - "DataOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDataOptions", - "markdownDescription": "The data options for an axis.", - "title": "DataOptions" + "CircleRadius": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCircleRadius", + "markdownDescription": "The radius of the circle.", + "title": "CircleRadius" }, - "GridLineVisibility": { - "markdownDescription": "Determines whether or not the grid line is visible.", - "title": "GridLineVisibility", - "type": "string" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" }, - "ScrollbarOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScrollBarOptions", - "markdownDescription": "The scroll bar options for an axis.", - "title": "ScrollbarOptions" + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" }, - "TickLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisTickLabelOptions", - "markdownDescription": "The tick label options of an axis.", - "title": "TickLabelOptions" + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width of the stroke (border).", + "title": "StrokeWidth" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisDisplayRange": { + "AWS::QuickSight::Analysis.GeospatialColor": { "additionalProperties": false, "properties": { - "DataDriven": { - "markdownDescription": "The data-driven setup of an axis display range.", - "title": "DataDriven", - "type": "object" + "Categorical": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCategoricalColor", + "markdownDescription": "The visualization properties for the categorical color.", + "title": "Categorical" }, - "MinMax": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayMinMaxRange", - "markdownDescription": "The minimum and maximum setup of an axis display range.", - "title": "MinMax" + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialGradientColor", + "markdownDescription": "The visualization properties for the gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialSolidColor", + "markdownDescription": "The visualization properties for the solid color.", + "title": "Solid" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisLabelOptions": { + "AWS::QuickSight::Analysis.GeospatialCoordinateBounds": { "additionalProperties": false, "properties": { - "ApplyTo": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelReferenceOptions", - "markdownDescription": "The options that indicate which field the label belongs to.", - "title": "ApplyTo" + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" }, - "CustomLabel": { - "markdownDescription": "The text for the axis label.", - "title": "CustomLabel", - "type": "string" + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the axis label.", - "title": "FontConfiguration" + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" + }, + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" + } + }, + "required": [ + "East", + "North", + "South", + "West" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialDataSourceItem": { + "additionalProperties": false, + "properties": { + "StaticFileDataSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialStaticFileSource", + "markdownDescription": "The static file data source properties for the geospatial data.", + "title": "StaticFileDataSource" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisLabelReferenceOptions": { + "AWS::QuickSight::Analysis.GeospatialGradientColor": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the axis label is targeted to.", - "title": "Column" + "DefaultOpacity": { + "markdownDescription": "The default opacity for the gradient color.", + "title": "DefaultOpacity", + "type": "number" }, - "FieldId": { - "markdownDescription": "The field that the axis label is targeted to.", - "title": "FieldId", + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", "type": "string" + }, + "StepColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialGradientStepColor" + }, + "markdownDescription": "A list of gradient step colors for the gradient.", + "title": "StepColors", + "type": "array" } }, "required": [ - "Column", - "FieldId" + "StepColors" ], "type": "object" }, - "AWS::QuickSight::Template.AxisLinearScale": { + "AWS::QuickSight::Analysis.GeospatialGradientStepColor": { "additionalProperties": false, "properties": { - "StepCount": { - "markdownDescription": "The step count setup of a linear axis.", - "title": "StepCount", - "type": "number" + "Color": { + "markdownDescription": "The color and opacity values for the gradient step color.", + "title": "Color", + "type": "string" }, - "StepSize": { - "markdownDescription": "The step size setup of a linear axis.", - "title": "StepSize", + "DataValue": { + "markdownDescription": "The data value for the gradient step color.", + "title": "DataValue", "type": "number" } }, + "required": [ + "Color", + "DataValue" + ], "type": "object" }, - "AWS::QuickSight::Template.AxisLogarithmicScale": { + "AWS::QuickSight::Analysis.GeospatialHeatmapColorScale": { "additionalProperties": false, "properties": { - "Base": { - "markdownDescription": "The base setup of a logarithmic axis scale.", - "title": "Base", - "type": "number" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapDataColor" + }, + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisScale": { + "AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration": { "additionalProperties": false, "properties": { - "Linear": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLinearScale", - "markdownDescription": "The linear axis scale setup.", - "title": "Linear" - }, - "Logarithmic": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLogarithmicScale", - "markdownDescription": "The logarithmic axis scale setup.", - "title": "Logarithmic" + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" } }, "type": "object" }, - "AWS::QuickSight::Template.AxisTickLabelOptions": { + "AWS::QuickSight::Analysis.GeospatialHeatmapDataColor": { "additionalProperties": false, "properties": { - "LabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "Determines whether or not the axis ticks are visible.", - "title": "LabelOptions" - }, - "RotationAngle": { - "markdownDescription": "The rotation angle of the axis tick labels.", - "title": "RotationAngle", - "type": "number" + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", + "type": "string" } }, + "required": [ + "Color" + ], "type": "object" }, - "AWS::QuickSight::Template.BarChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.GeospatialLayerColorField": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category (y-axis) field well of a bar chart.", - "title": "Category", - "type": "array" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The color (group/color) field well of a bar chart.", - "title": "Colors", - "type": "array" - }, - "SmallMultiples": { + "ColorDimensionsFields": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The small multiples field well of a bar chart.", - "title": "SmallMultiples", + "markdownDescription": "A list of color dimension fields.", + "title": "ColorDimensionsFields", "type": "array" }, - "Values": { + "ColorValuesFields": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", - "title": "Values", + "markdownDescription": "A list of color measure fields.", + "title": "ColorValuesFields", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartConfiguration": { + "AWS::QuickSight::Analysis.GeospatialLayerDefinition": { "additionalProperties": false, "properties": { - "BarsArrangement": { - "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", - "title": "CategoryLabelOptions" + "LineLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineLayer", + "markdownDescription": "The definition for a line layer.", + "title": "LineLayer" }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", - "title": "ColorLabelOptions" + "PointLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointLayer", + "markdownDescription": "The definition for a point layer.", + "title": "PointLayer" }, - "ContributionAnalysisDefaults": { + "PolygonLayer": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonLayer", + "markdownDescription": "The definition for a polygon layer.", + "title": "PolygonLayer" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.GeospatialLayerItem": { + "additionalProperties": false, + "properties": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerCustomAction" }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", + "markdownDescription": "A list of custom actions for a layer.", + "title": "Actions", "type": "array" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "DataSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialDataSourceItem", + "markdownDescription": "The data source for the layer.", + "title": "DataSource" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "JoinDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerJoinDefinition", + "markdownDescription": "The join definition properties for a layer.", + "title": "JoinDefinition" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Label": { + "markdownDescription": "The label that is displayed for the layer.", + "title": "Label", + "type": "string" }, - "Orientation": { - "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", - "title": "Orientation", - "type": "string" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "LayerDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerDefinition", + "markdownDescription": "The definition properties for a layer.", + "title": "LayerDefinition" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "LayerId": { + "markdownDescription": "The ID of the layer.", + "title": "LayerId", + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `BarChartVisual` .", - "title": "SortConfiguration" + "LayerType": { + "markdownDescription": "The layer type.", + "title": "LayerType", + "type": "string" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "", "title": "Tooltip" }, - "ValueAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", - "title": "ValueAxis" - }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", - "title": "ValueLabelOptions" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.BarChartFieldWells": { - "additionalProperties": false, - "properties": { - "BarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a bar chart.", - "title": "BarChartAggregatedFieldWells" + "Visibility": { + "markdownDescription": "The state of visibility for the layer.", + "title": "Visibility", + "type": "string" } }, + "required": [ + "LayerId" + ], "type": "object" }, - "AWS::QuickSight::Template.BarChartSortConfiguration": { + "AWS::QuickSight::Analysis.GeospatialLayerJoinDefinition": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed in a bar chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of category fields.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of values displayed in a bar chart.", - "title": "ColorItemsLimit" - }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of color fields in a bar chart.", - "title": "ColorSort", - "type": "array" + "ColorField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerColorField", + "markdownDescription": "The geospatial color field for the join definition.", + "title": "ColorField" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "DatasetKeyField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField", + "markdownDescription": "", + "title": "DatasetKeyField" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "ShapeKeyField": { + "markdownDescription": "The name of the field or property in the geospatial data source.", + "title": "ShapeKeyField", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.BarChartVisual": { + "AWS::QuickSight::Analysis.GeospatialLayerMapConfiguration": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "", + "title": "Interactions" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "", + "title": "Legend" }, - "ColumnHierarchies": { + "MapLayers": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerItem" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The geospatial layers to visualize on the map.", + "title": "MapLayers", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "MapState": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapState", + "markdownDescription": "The map state properties for the map.", + "title": "MapState" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "MapStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyle", + "markdownDescription": "The map style properties for the map.", + "title": "MapStyle" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Template.BinCountOptions": { + "AWS::QuickSight::Analysis.GeospatialLineLayer": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The options that determine the bin count value.", - "title": "Value", - "type": "number" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineStyle", + "markdownDescription": "The visualization style for a line layer.", + "title": "Style" } }, + "required": [ + "Style" + ], "type": "object" }, - "AWS::QuickSight::Template.BinWidthOptions": { + "AWS::QuickSight::Analysis.GeospatialLineStyle": { "additionalProperties": false, "properties": { - "BinCountLimit": { - "markdownDescription": "The options that determine the bin count limit.", - "title": "BinCountLimit", - "type": "number" - }, - "Value": { - "markdownDescription": "The options that determine the bin width value.", - "title": "Value", - "type": "number" + "LineSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineSymbolStyle", + "markdownDescription": "The symbol style for a line style.", + "title": "LineSymbolStyle" } }, "type": "object" }, - "AWS::QuickSight::Template.BodySectionConfiguration": { + "AWS::QuickSight::Analysis.GeospatialLineSymbolStyle": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionContent", - "markdownDescription": "The configuration of content in a body section.", - "title": "Content" - }, - "PageBreakConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionPageBreakConfiguration", - "markdownDescription": "The configuration of a page break for a section.", - "title": "PageBreakConfiguration" - }, - "SectionId": { - "markdownDescription": "The unique identifier of a body section.", - "title": "SectionId", - "type": "string" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", - "markdownDescription": "The style options of a body section.", - "title": "Style" + "LineWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width value for a line.", + "title": "LineWidth" } }, - "required": [ - "Content", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Template.BodySectionContent": { + "AWS::QuickSight::Analysis.GeospatialLineWidth": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of a body section.", - "title": "Layout" + "LineWidth": { + "markdownDescription": "The positive value for the width of a line.", + "title": "LineWidth", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotAggregatedFieldWells": { + "AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "GroupBy": { + "Colors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", - "title": "GroupBy", + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", + "type": "array" + }, + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", "type": "array" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotChartConfiguration": { + "AWS::QuickSight::Analysis.GeospatialMapConfiguration": { "additionalProperties": false, "properties": { - "BoxPlotOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotOptions", - "markdownDescription": "The box plot chart options for a box plot visual", - "title": "BoxPlotOptions" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", - "title": "CategoryLabelOptions" - }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotSortConfiguration", - "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", - "title": "SortConfiguration" + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "", "title": "VisualPalette" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotFieldWells": { + "AWS::QuickSight::Analysis.GeospatialMapFieldWells": { "additionalProperties": false, "properties": { - "BoxPlotAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a box plot.", - "title": "BoxPlotAggregatedFieldWells" + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotOptions": { + "AWS::QuickSight::Analysis.GeospatialMapState": { "additionalProperties": false, "properties": { - "AllDataPointsVisibility": { - "markdownDescription": "Determines the visibility of all data points of the box plot.", - "title": "AllDataPointsVisibility", - "type": "string" + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", + "markdownDescription": "", + "title": "Bounds" }, - "OutlierVisibility": { - "markdownDescription": "Determines the visibility of the outlier in a box plot.", - "title": "OutlierVisibility", + "MapNavigation": { + "markdownDescription": "Enables or disables map navigation for a map.", + "title": "MapNavigation", "type": "string" - }, - "StyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotStyleOptions", - "markdownDescription": "The style options of the box plot.", - "title": "StyleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotSortConfiguration": { + "AWS::QuickSight::Analysis.GeospatialMapStyle": { "additionalProperties": false, "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of a group by fields.", - "title": "CategorySort", - "type": "array" + "BackgroundColor": { + "markdownDescription": "The background color and opacity values for a map.", + "title": "BackgroundColor", + "type": "string" }, - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", - "markdownDescription": "The pagination configuration of a table visual or box plot.", - "title": "PaginationConfiguration" + "BaseMapStyle": { + "markdownDescription": "The selected base map style.", + "title": "BaseMapStyle", + "type": "string" + }, + "BaseMapVisibility": { + "markdownDescription": "The state of visibility for the base map.", + "title": "BaseMapVisibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotStyleOptions": { + "AWS::QuickSight::Analysis.GeospatialMapStyleOptions": { "additionalProperties": false, "properties": { - "FillStyle": { - "markdownDescription": "The fill styles (solid, transparent) of the box plot.", - "title": "FillStyle", + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.BoxPlotVisual": { + "AWS::QuickSight::Analysis.GeospatialMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotChartConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", @@ -210993,684 +225675,552 @@ ], "type": "object" }, - "AWS::QuickSight::Template.CalculatedField": { + "AWS::QuickSight::Analysis.GeospatialNullDataSettings": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in this calculated field.", - "title": "DataSetIdentifier", - "type": "string" - }, - "Expression": { - "markdownDescription": "The expression of the calculated field.", - "title": "Expression", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the calculated field.", - "title": "Name", - "type": "string" + "SymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialNullSymbolStyle", + "markdownDescription": "The symbol style for null data.", + "title": "SymbolStyle" } }, "required": [ - "DataSetIdentifier", - "Expression", - "Name" + "SymbolStyle" ], "type": "object" }, - "AWS::QuickSight::Template.CalculatedMeasureField": { + "AWS::QuickSight::Analysis.GeospatialNullSymbolStyle": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression in the table calculation.", - "title": "Expression", + "FillColor": { + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "StrokeColor": { + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor", "type": "string" - } - }, - "required": [ - "Expression", - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Template.CascadingControlConfiguration": { - "additionalProperties": false, - "properties": { - "SourceControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlSource" - }, - "markdownDescription": "A list of source controls that determine the values that are used in the current control.", - "title": "SourceControls", - "type": "array" + }, + "StrokeWidth": { + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.CascadingControlSource": { + "AWS::QuickSight::Analysis.GeospatialPointLayer": { "additionalProperties": false, "properties": { - "ColumnToMatch": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", - "title": "ColumnToMatch" - }, - "SourceSheetControlId": { - "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", - "title": "SourceSheetControlId", - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyle", + "markdownDescription": "The visualization style for a point layer.", + "title": "Style" } }, + "required": [ + "Style" + ], "type": "object" }, - "AWS::QuickSight::Template.CategoricalDimensionField": { + "AWS::QuickSight::Analysis.GeospatialPointStyle": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", - "type": "string" + "CircleSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCircleSymbolStyle", + "markdownDescription": "The circle symbol style for a point layer.", + "title": "CircleSymbolStyle" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.CategoricalMeasureField": { + "AWS::QuickSight::Analysis.GeospatialPointStyleOptions": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", - "type": "string" + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", - "title": "Column" + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.CategoryDrillDownFilter": { + "AWS::QuickSight::Analysis.GeospatialPolygonLayer": { "additionalProperties": false, "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", - "title": "CategoryValues", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonStyle", + "markdownDescription": "The visualization style for a polygon layer.", + "title": "Style" } }, "required": [ - "CategoryValues", - "Column" + "Style" ], "type": "object" }, - "AWS::QuickSight::Template.CategoryFilter": { + "AWS::QuickSight::Analysis.GeospatialPolygonStyle": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", - "markdownDescription": "The configuration for a `CategoryFilter` .", - "title": "Configuration" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "PolygonSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPolygonSymbolStyle", + "markdownDescription": "The polygon symbol style for a polygon layer.", + "title": "PolygonSymbolStyle" } }, - "required": [ - "Column", - "Configuration", - "FilterId" - ], "type": "object" }, - "AWS::QuickSight::Template.CategoryFilterConfiguration": { + "AWS::QuickSight::Analysis.GeospatialPolygonSymbolStyle": { "additionalProperties": false, "properties": { - "CustomFilterConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterConfiguration", - "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", - "title": "CustomFilterConfiguration" + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" }, - "CustomFilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterListConfiguration", - "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", - "title": "CustomFilterListConfiguration" + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" }, - "FilterListConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterListConfiguration", - "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", - "title": "FilterListConfiguration" + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLineWidth", + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth" } }, "type": "object" }, - "AWS::QuickSight::Template.ChartAxisLabelOptions": { + "AWS::QuickSight::Analysis.GeospatialSolidColor": { "additionalProperties": false, "properties": { - "AxisLabelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelOptions" - }, - "markdownDescription": "The label options for a chart axis.", - "title": "AxisLabelOptions", - "type": "array" - }, - "SortIconVisibility": { - "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", - "title": "SortIconVisibility", + "Color": { + "markdownDescription": "The color and opacity values for the color.", + "title": "Color", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", - "title": "Visibility", + "State": { + "markdownDescription": "Enables and disables the view state of the color.", + "title": "State", "type": "string" } }, + "required": [ + "Color" + ], "type": "object" }, - "AWS::QuickSight::Template.ClusterMarker": { + "AWS::QuickSight::Analysis.GeospatialStaticFileSource": { "additionalProperties": false, "properties": { - "SimpleClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Template.SimpleClusterMarker", - "markdownDescription": "The simple cluster marker of the cluster marker.", - "title": "SimpleClusterMarker" + "StaticFileId": { + "markdownDescription": "The ID of the static file.", + "title": "StaticFileId", + "type": "string" } }, + "required": [ + "StaticFileId" + ], "type": "object" }, - "AWS::QuickSight::Template.ClusterMarkerConfiguration": { + "AWS::QuickSight::Analysis.GeospatialWindowOptions": { "additionalProperties": false, "properties": { - "ClusterMarker": { - "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarker", - "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", - "title": "ClusterMarker" + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" + }, + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ColorScale": { + "AWS::QuickSight::Analysis.GlobalTableBorderOptions": { "additionalProperties": false, "properties": { - "ColorFillType": { - "markdownDescription": "Determines the color fill type.", - "title": "ColorFillType", - "type": "string" - }, - "Colors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataColor" - }, - "markdownDescription": "Determines the list of colors that are applied to the visual.", - "title": "Colors", - "type": "array" + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" }, - "NullValueColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataColor", - "markdownDescription": "Determines the color that is applied to null values.", - "title": "NullValueColor" + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" } }, - "required": [ - "ColorFillType", - "Colors" - ], "type": "object" }, - "AWS::QuickSight::Template.ColorsConfiguration": { + "AWS::QuickSight::Analysis.GradientColor": { "additionalProperties": false, "properties": { - "CustomColors": { + "Stops": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomColor" + "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientStop" }, - "markdownDescription": "A list of up to 50 custom colors.", - "title": "CustomColors", + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ColumnConfiguration": { + "AWS::QuickSight::Analysis.GradientStop": { "additionalProperties": false, "properties": { - "ColorsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorsConfiguration", - "markdownDescription": "The color configurations of the column.", - "title": "ColorsConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column.", - "title": "Column" + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", - "markdownDescription": "The format configuration of a column.", - "title": "FormatConfiguration" + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", + "type": "number" }, - "Role": { - "markdownDescription": "The role of the column.", - "title": "Role", - "type": "string" + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", + "type": "number" } }, "required": [ - "Column" + "GradientOffset" ], "type": "object" }, - "AWS::QuickSight::Template.ColumnGroupColumnSchema": { + "AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the column group's column schema.", - "title": "Name", - "type": "string" + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ColumnGroupSchema": { + "AWS::QuickSight::Analysis.GridLayoutConfiguration": { "additionalProperties": false, "properties": { - "ColumnGroupColumnSchemaList": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupColumnSchema" + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutElement" }, - "markdownDescription": "A structure containing the list of schemas for column group columns.", - "title": "ColumnGroupColumnSchemaList", + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", "type": "array" - }, - "Name": { - "markdownDescription": "The name of the column group schema.", - "title": "Name", - "type": "string" } }, + "required": [ + "Elements" + ], "type": "object" }, - "AWS::QuickSight::Template.ColumnHierarchy": { + "AWS::QuickSight::Analysis.GridLayoutElement": { "additionalProperties": false, "properties": { - "DateTimeHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeHierarchy", - "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", - "title": "DateTimeHierarchy" + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" }, - "ExplicitHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExplicitHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", - "title": "ExplicitHierarchy" + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" }, - "PredefinedHierarchy": { - "$ref": "#/definitions/AWS::QuickSight::Template.PredefinedHierarchy", - "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", - "title": "PredefinedHierarchy" + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" + }, + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" } }, + "required": [ + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" + ], "type": "object" }, - "AWS::QuickSight::Template.ColumnIdentifier": { + "AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that the column belongs to.", - "title": "DataSetIdentifier", + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", "type": "string" } }, "required": [ - "ColumnName", - "DataSetIdentifier" + "ResizeOption" ], "type": "object" }, - "AWS::QuickSight::Template.ColumnSchema": { + "AWS::QuickSight::Analysis.GrowthRateComputation": { "additionalProperties": false, "properties": { - "DataType": { - "markdownDescription": "The data type of the column schema.", - "title": "DataType", - "type": "string" - }, - "GeographicRole": { - "markdownDescription": "The geographic role of the column schema.", - "title": "GeographicRole", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, "Name": { - "markdownDescription": "The name of the column schema.", + "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ColumnSort": { - "additionalProperties": false, - "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function that is defined in the column sort.", - "title": "AggregationFunction" }, - "Direction": { - "markdownDescription": "The sort direction.", - "title": "Direction", - "type": "string" + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", + "type": "number" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "", - "title": "SortBy" + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "Direction", - "SortBy" + "ComputationId" ], "type": "object" }, - "AWS::QuickSight::Template.ColumnTooltipItem": { + "AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration": { "additionalProperties": false, "properties": { - "Aggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function of the column tooltip item.", - "title": "Aggregation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The target column of the tooltip item.", - "title": "Column" + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", - "type": "string" + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" } }, "required": [ - "Column" + "Layout", + "SectionId" ], "type": "object" }, - "AWS::QuickSight::Template.ComboChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells": { "additionalProperties": false, "properties": { - "BarValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", - "title": "BarValues", - "type": "array" - }, - "Category": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The aggregated category field wells of a combo chart.", - "title": "Category", + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", "type": "array" }, - "Colors": { + "Rows": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The aggregated colors field well of a combo chart.", - "title": "Colors", + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", "type": "array" }, - "LineValues": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", - "title": "LineValues", + "markdownDescription": "The values field well of a heat map.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartConfiguration": { + "AWS::QuickSight::Analysis.HeatMapConfiguration": { "additionalProperties": false, "properties": { - "BarDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", - "title": "BarDataLabels" - }, - "BarsArrangement": { - "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", - "title": "BarsArrangement", - "type": "string" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The category axis of a combo chart.", - "title": "CategoryAxis" + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", - "title": "CategoryLabelOptions" + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", - "title": "ColorLabelOptions" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartFieldWells", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "LineDataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", - "title": "LineDataLabels" - }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" - }, - "markdownDescription": "The reference line setup of the visual.", - "title": "ReferenceLines", - "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", - "title": "SecondaryYAxisLabelOptions" + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartSortConfiguration", - "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartFieldWells": { + "AWS::QuickSight::Analysis.HeatMapFieldWells": { "additionalProperties": false, "properties": { - "ComboChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", - "title": "ComboChartAggregatedFieldWells" + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartSortConfiguration": { + "AWS::QuickSight::Analysis.HeatMapSortConfiguration": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration for the category field well of a combo chart.", - "title": "CategoryItemsLimit" + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" }, - "CategorySort": { + "HeatMapColumnSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The sort configuration of the category field well in a combo chart.", - "title": "CategorySort", + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", "type": "array" }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The item limit configuration of the color field well in a combo chart.", - "title": "ColorItemsLimit" + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" }, - "ColorSort": { + "HeatMapRowSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The sort configuration of the color field well in a combo chart.", - "title": "ColorSort", + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ComboChartVisual": { + "AWS::QuickSight::Analysis.HeatMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -211682,2483 +226232,2282 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ComparisonConfiguration": { + "AWS::QuickSight::Analysis.HistogramAggregatedFieldWells": { "additionalProperties": false, "properties": { - "ComparisonFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonFormatConfiguration", - "markdownDescription": "The format of the comparison.", - "title": "ComparisonFormat" - }, - "ComparisonMethod": { - "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", - "title": "ComparisonMethod", - "type": "string" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.ComparisonFormatConfiguration": { + "AWS::QuickSight::Analysis.HistogramBinOptions": { "additionalProperties": false, "properties": { - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", - "markdownDescription": "The number display format.", - "title": "NumberDisplayFormatConfiguration" + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", - "markdownDescription": "The percentage display format.", - "title": "PercentageDisplayFormatConfiguration" + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" + }, + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.Computation": { + "AWS::QuickSight::Analysis.HistogramConfiguration": { "additionalProperties": false, "properties": { - "Forecast": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastComputation", - "markdownDescription": "The forecast computation configuration.", - "title": "Forecast" - }, - "GrowthRate": { - "$ref": "#/definitions/AWS::QuickSight::Template.GrowthRateComputation", - "markdownDescription": "The growth rate computation configuration.", - "title": "GrowthRate" + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" }, - "MaximumMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Template.MaximumMinimumComputation", - "markdownDescription": "The maximum and minimum computation configuration.", - "title": "MaximumMinimum" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" }, - "MetricComparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.MetricComparisonComputation", - "markdownDescription": "The metric comparison computation configuration.", - "title": "MetricComparison" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" }, - "PeriodOverPeriod": { - "$ref": "#/definitions/AWS::QuickSight::Template.PeriodOverPeriodComputation", - "markdownDescription": "The period over period computation configuration.", - "title": "PeriodOverPeriod" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "PeriodToDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.PeriodToDateComputation", - "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", - "title": "PeriodToDate" + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" }, - "TopBottomMovers": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomMoversComputation", - "markdownDescription": "The top movers and bottom movers computation configuration.", - "title": "TopBottomMovers" + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" }, - "TopBottomRanked": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomRankedComputation", - "markdownDescription": "The top ranked and bottom ranked computation configuration.", - "title": "TopBottomRanked" + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" }, - "TotalAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationComputation", - "markdownDescription": "The total aggregation computation configuration.", - "title": "TotalAggregation" + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" }, - "UniqueValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.UniqueValuesComputation", - "markdownDescription": "The unique values computation configuration.", - "title": "UniqueValues" + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingColor": { + "AWS::QuickSight::Analysis.HistogramFieldWells": { "additionalProperties": false, "properties": { - "Gradient": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingGradientColor", - "markdownDescription": "Formatting configuration for gradient color.", - "title": "Gradient" - }, - "Solid": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingSolidColor", - "markdownDescription": "Formatting configuration for solid color.", - "title": "Solid" + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition": { + "AWS::QuickSight::Analysis.HistogramVisual": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color of the icon.", - "title": "Color", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "DisplayConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration", - "markdownDescription": "Determines the icon display configuration.", - "title": "DisplayConfiguration" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" }, - "Expression": { - "markdownDescription": "The expression that determines the condition of the icon set.", - "title": "Expression", + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "IconOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions", - "markdownDescription": "Custom icon options for an icon set.", - "title": "IconOptions" + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "Expression", - "IconOptions" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions": { + "AWS::QuickSight::Analysis.ImageCustomAction": { "additionalProperties": false, "properties": { - "Icon": { - "markdownDescription": "Determines the type of icon.", - "title": "Icon", + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", "type": "string" }, - "UnicodeIcon": { - "markdownDescription": "Determines the Unicode icon type.", - "title": "UnicodeIcon", + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", "type": "string" } }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingGradientColor": { + "AWS::QuickSight::Analysis.ImageCustomActionOperation": { "additionalProperties": false, "properties": { - "Color": { - "$ref": "#/definitions/AWS::QuickSight::Template.GradientColor", - "markdownDescription": "Determines the color.", - "title": "Color" + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for gradient color.", - "title": "Expression", - "type": "string" + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" } }, - "required": [ - "Color", - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingIcon": { + "AWS::QuickSight::Analysis.ImageInteractionOptions": { "additionalProperties": false, "properties": { - "CustomCondition": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition", - "markdownDescription": "Determines the custom condition for an icon set.", - "title": "CustomCondition" - }, - "IconSet": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconSet", - "markdownDescription": "Formatting configuration for icon set.", - "title": "IconSet" + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration": { + "AWS::QuickSight::Analysis.ImageMenuOption": { "additionalProperties": false, "properties": { - "IconDisplayOption": { - "markdownDescription": "Determines the icon display configuration.", - "title": "IconDisplayOption", + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingIconSet": { + "AWS::QuickSight::Analysis.ImageStaticFile": { "additionalProperties": false, "properties": { - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for the icon set.", - "title": "Expression", - "type": "string" + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileSource", + "markdownDescription": "The source of the image static file.", + "title": "Source" }, - "IconSetType": { - "markdownDescription": "Determines the icon set type.", - "title": "IconSetType", + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains an image.", + "title": "StaticFileId", "type": "string" } }, "required": [ - "Expression" + "StaticFileId" ], "type": "object" }, - "AWS::QuickSight::Template.ConditionalFormattingSolidColor": { + "AWS::QuickSight::Analysis.InnerFilter": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", - "type": "string" - }, - "Expression": { - "markdownDescription": "The expression that determines the formatting configuration for solid color.", - "title": "Expression", - "type": "string" + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Template.ContributionAnalysisDefault": { + "AWS::QuickSight::Analysis.InsightConfiguration": { "additionalProperties": false, "properties": { - "ContributorDimensions": { + "Computations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + "$ref": "#/definitions/AWS::QuickSight::Analysis.Computation" }, - "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", - "title": "ContributorDimensions", + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", "type": "array" }, - "MeasureFieldId": { - "markdownDescription": "The measure field that is used in the contribution analysis.", - "title": "MeasureFieldId", - "type": "string" + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" } }, - "required": [ - "ContributorDimensions", - "MeasureFieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration": { + "AWS::QuickSight::Analysis.InsightVisual": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "NumberScale": { - "markdownDescription": "Determines the number scale value for the currency format.", - "title": "NumberScale", + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", "type": "string" }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the currency format.", - "title": "Prefix", - "type": "string" + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the currency format.", - "title": "Suffix", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "Symbol": { - "markdownDescription": "Determines the symbol for the currency format.", - "title": "Symbol", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.CustomActionFilterOperation": { - "additionalProperties": false, - "properties": { - "SelectedFieldsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration", - "markdownDescription": "The configuration that chooses the fields to be filtered.", - "title": "SelectedFieldsConfiguration" }, - "TargetVisualsConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration", - "markdownDescription": "The configuration that chooses the target visuals to be filtered.", - "title": "TargetVisualsConfiguration" + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "SelectedFieldsConfiguration", - "TargetVisualsConfiguration" + "DataSetIdentifier", + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.CustomActionNavigationOperation": { + "AWS::QuickSight::Analysis.IntegerDefaultValues": { "additionalProperties": false, "properties": { - "LocalNavigationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LocalNavigationConfiguration", - "markdownDescription": "The configuration that chooses the navigation target.", - "title": "LocalNavigationConfiguration" + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `IntegerDefaultValues` .", + "title": "StaticValues", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.CustomActionSetParametersOperation": { + "AWS::QuickSight::Analysis.IntegerParameter": { "additionalProperties": false, "properties": { - "ParameterValueConfigurations": { + "Name": { + "markdownDescription": "The name of the integer parameter.", + "title": "Name", + "type": "string" + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SetParameterValueConfiguration" + "type": "number" }, - "markdownDescription": "The parameter that determines the value configuration.", - "title": "ParameterValueConfigurations", + "markdownDescription": "The values for the integer parameter.", + "title": "Values", "type": "array" } }, "required": [ - "ParameterValueConfigurations" + "Name", + "Values" ], "type": "object" }, - "AWS::QuickSight::Template.CustomActionURLOperation": { + "AWS::QuickSight::Analysis.IntegerParameterDeclaration": { "additionalProperties": false, "properties": { - "URLTarget": { - "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", - "title": "URLTarget", + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", "type": "string" }, - "URLTemplate": { - "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", - "title": "URLTemplate", + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "ValueWhenUnset" } }, "required": [ - "URLTarget", - "URLTemplate" + "Name", + "ParameterValueType" ], "type": "object" }, - "AWS::QuickSight::Template.CustomColor": { + "AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", - "type": "string" - }, - "FieldValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "FieldValue", - "type": "string" + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" }, - "SpecialValue": { - "markdownDescription": "The value of a special data value.", - "title": "SpecialValue", + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", "type": "string" } }, - "required": [ - "Color" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomContentConfiguration": { + "AWS::QuickSight::Analysis.ItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", - "title": "ContentType", - "type": "string" - }, - "ContentUrl": { - "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", - "title": "ContentUrl", - "type": "string" + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" }, - "ImageScaling": { - "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", - "title": "ImageScaling", + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.CustomContentVisual": { + "AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentConfiguration", - "markdownDescription": "The configuration of a `CustomContentVisual` .", - "title": "ChartConfiguration" - }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", - "title": "DataSetIdentifier", - "type": "string" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" } }, - "required": [ - "DataSetIdentifier", - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomFilterConfiguration": { + "AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting": { "additionalProperties": false, "properties": { - "CategoryValue": { - "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", - "title": "CategoryValue", - "type": "string" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", - "title": "ParameterName", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomFilterListConfiguration": { + "AWS::QuickSight::Analysis.KPIConditionalFormatting": { "additionalProperties": false, "properties": { - "CategoryValues": { + "ConditionalFormattingOptions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormattingOption" }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPIConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" } }, - "required": [ - "MatchOperator", - "NullOption" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomNarrativeOptions": { + "AWS::QuickSight::Analysis.KPIConfiguration": { "additionalProperties": false, "properties": { - "Narrative": { - "markdownDescription": "The string input of custom narrative.", - "title": "Narrative", - "type": "string" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" } }, - "required": [ - "Narrative" - ], "type": "object" }, - "AWS::QuickSight::Template.CustomParameterValues": { + "AWS::QuickSight::Analysis.KPIFieldWells": { "additionalProperties": false, "properties": { - "DateTimeValues": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of datetime-type parameter values.", - "title": "DateTimeValues", - "type": "array" - }, - "DecimalValues": { + "TargetValues": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "A list of decimal-type parameter values.", - "title": "DecimalValues", + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", "type": "array" }, - "IntegerValues": { + "TrendGroups": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "A list of integer-type parameter values.", - "title": "IntegerValues", + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", "type": "array" }, - "StringValues": { + "Values": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "A list of string-type parameter values.", - "title": "StringValues", + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.CustomValuesConfiguration": { + "AWS::QuickSight::Analysis.KPIOptions": { "additionalProperties": false, "properties": { - "CustomValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomParameterValues", - "markdownDescription": "", - "title": "CustomValues" + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" }, - "IncludeNullValue": { - "markdownDescription": "Includes the null value in custom action parameter values.", - "title": "IncludeNullValue", - "type": "boolean" + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" + }, + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" + }, + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" + }, + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" } }, - "required": [ - "CustomValues" - ], "type": "object" }, - "AWS::QuickSight::Template.DataBarsOptions": { + "AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the data bars options.", - "title": "FieldId", - "type": "string" - }, - "NegativeColor": { - "markdownDescription": "The color of the negative data bar.", - "title": "NegativeColor", - "type": "string" + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" }, - "PositiveColor": { - "markdownDescription": "The color of the positive data bar.", - "title": "PositiveColor", - "type": "string" + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" } }, - "required": [ - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.DataColor": { + "AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that is applied to the data value.", - "title": "Color", - "type": "string" - }, - "DataValue": { - "markdownDescription": "The data value that the color is applied to.", - "title": "DataValue", - "type": "number" + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" } }, "type": "object" }, - "AWS::QuickSight::Template.DataFieldSeriesItem": { + "AWS::QuickSight::Analysis.KPISortConfiguration": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", + "TrendGroupSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.KPISparklineOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the field that you are setting the axis binding to.", - "title": "FieldId", + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", "type": "string" }, - "FieldValue": { - "markdownDescription": "The field value of the field that you are setting the axis binding to.", - "title": "FieldValue", + "Type": { + "markdownDescription": "The type of the sparkline.", + "title": "Type", "type": "string" }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", + "type": "string" } }, "required": [ - "AxisBinding", - "FieldId" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.DataLabelOptions": { + "AWS::QuickSight::Analysis.KPIVisual": { "additionalProperties": false, "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "Determines the visibility of the category field labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "DataLabelTypes": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelType" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, - "markdownDescription": "The option that determines the data label type.", - "title": "DataLabelTypes", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" }, - "LabelColor": { - "markdownDescription": "Determines the color of the data labels.", - "title": "LabelColor", - "type": "string" - }, - "LabelContent": { - "markdownDescription": "Determines the content of the data labels.", - "title": "LabelContent", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "Determines the font configuration of the data labels.", - "title": "LabelFontConfiguration" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, - "MeasureLabelVisibility": { - "markdownDescription": "Determines the visibility of the measure field labels.", - "title": "MeasureLabelVisibility", - "type": "string" + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" }, - "Overlap": { - "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", - "title": "Overlap", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "Position": { - "markdownDescription": "Determines the position of the data labels.", - "title": "Position", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" }, - "TotalsVisibility": { - "markdownDescription": "Determines the visibility of the total.", - "title": "TotalsVisibility", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the data labels.", - "title": "Visibility", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Template.DataLabelType": { + "AWS::QuickSight::Analysis.KPIVisualLayoutOptions": { "additionalProperties": false, "properties": { - "DataPathLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathLabelType", - "markdownDescription": "The option that specifies individual data values for labels.", - "title": "DataPathLabelType" - }, - "FieldLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldLabelType", - "markdownDescription": "Determines the label configuration for the entire field.", - "title": "FieldLabelType" - }, - "MaximumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.MaximumLabelType", - "markdownDescription": "Determines the label configuration for the maximum value in a visual.", - "title": "MaximumLabelType" - }, - "MinimumLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.MinimumLabelType", - "markdownDescription": "Determines the label configuration for the minimum value in a visual.", - "title": "MinimumLabelType" - }, - "RangeEndsLabelType": { - "$ref": "#/definitions/AWS::QuickSight::Template.RangeEndsLabelType", - "markdownDescription": "Determines the label configuration for range end value in a visual.", - "title": "RangeEndsLabelType" + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" } }, "type": "object" }, - "AWS::QuickSight::Template.DataPathColor": { + "AWS::QuickSight::Analysis.KPIVisualStandardLayout": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color that needs to be applied to the element.", - "title": "Color", - "type": "string" - }, - "Element": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue", - "markdownDescription": "The element that the color needs to be applied to.", - "title": "Element" - }, - "TimeGranularity": { - "markdownDescription": "The time granularity of the field that the color needs to be applied to.", - "title": "TimeGranularity", + "Type": { + "markdownDescription": "The standard layout type.", + "title": "Type", "type": "string" } }, "required": [ - "Color", - "Element" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.DataPathLabelType": { + "AWS::QuickSight::Analysis.LabelOptions": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the field that the data label needs to be applied to.", - "title": "FieldId", + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that is labeled.", - "title": "FieldValue", - "type": "string" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" }, "Visibility": { - "markdownDescription": "The visibility of the data label.", + "markdownDescription": "Determines whether or not the label is visible.", "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DataPathSort": { + "AWS::QuickSight::Analysis.LayerCustomAction": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "Determines the sort direction.", - "title": "Direction", - "type": "string" - }, - "SortPaths": { + "ActionOperations": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerCustomActionOperation" }, - "markdownDescription": "The list of data paths that need to be sorted.", - "title": "SortPaths", + "markdownDescription": "A list of `LayerCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `LayerCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `LayerCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" } }, "required": [ - "Direction", - "SortPaths" + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" ], "type": "object" }, - "AWS::QuickSight::Template.DataPathType": { + "AWS::QuickSight::Analysis.LayerCustomActionOperation": { "additionalProperties": false, "properties": { - "PivotTableDataPathType": { - "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", - "title": "PivotTableDataPathType", - "type": "string" + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", + "markdownDescription": "", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" } }, "type": "object" }, - "AWS::QuickSight::Template.DataPathValue": { + "AWS::QuickSight::Analysis.LayerMapVisual": { "additionalProperties": false, "properties": { - "DataPathType": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathType", - "markdownDescription": "The type configuration of the field.", - "title": "DataPathType" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialLayerMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "FieldId": { - "markdownDescription": "The field ID of the field that needs to be sorted.", - "title": "FieldId", + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the layer map visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", "type": "string" }, - "FieldValue": { - "markdownDescription": "The actual value of the field that needs to be sorted.", - "title": "FieldValue", + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DataSetConfiguration": { - "additionalProperties": false, - "properties": { - "ColumnGroupSchemaList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupSchema" - }, - "markdownDescription": "A structure containing the list of column group schemas.", - "title": "ColumnGroupSchemaList", - "type": "array" - }, - "DataSetSchema": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetSchema", - "markdownDescription": "Dataset schema.", - "title": "DataSetSchema" }, - "Placeholder": { - "markdownDescription": "Placeholder.", - "title": "Placeholder", + "VisualId": { + "markdownDescription": "The ID of the visual.", + "title": "VisualId", "type": "string" } }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Template.DataSetReference": { + "AWS::QuickSight::Analysis.Layout": { "additionalProperties": false, "properties": { - "DataSetArn": { - "markdownDescription": "Dataset Amazon Resource Name (ARN).", - "title": "DataSetArn", - "type": "string" - }, - "DataSetPlaceholder": { - "markdownDescription": "Dataset placeholder.", - "title": "DataSetPlaceholder", - "type": "string" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" } }, "required": [ - "DataSetArn", - "DataSetPlaceholder" + "Configuration" ], "type": "object" }, - "AWS::QuickSight::Template.DataSetSchema": { + "AWS::QuickSight::Analysis.LayoutConfiguration": { "additionalProperties": false, "properties": { - "ColumnSchemaList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSchema" - }, - "markdownDescription": "A structure containing the list of column schemas.", - "title": "ColumnSchemaList", - "type": "array" + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" + }, + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" } }, "type": "object" }, - "AWS::QuickSight::Template.DateAxisOptions": { + "AWS::QuickSight::Analysis.LegendOptions": { "additionalProperties": false, "properties": { - "MissingDateVisibility": { - "markdownDescription": "Determines whether or not missing dates are displayed.", - "title": "MissingDateVisibility", + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DateDimensionField": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateDimensionField` .", - "title": "Column" }, - "DateGranularity": { - "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", - "title": "DateGranularity", + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", "type": "string" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "Visibility": { + "markdownDescription": "Determines whether or not the legend is visible.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", "type": "string" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.DateMeasureField": { + "AWS::QuickSight::Analysis.LineChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction", - "type": "string" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `DateMeasureField` .", - "title": "Column" + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", + "type": "array" }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" } }, - "required": [ - "Column", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.DateTimeDefaultValues": { + "AWS::QuickSight::Analysis.LineChartConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + }, + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", - "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", - "title": "RollingDate" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" }, - "StaticValues": { + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" + }, + "ForecastConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastConfiguration" }, - "markdownDescription": "The static values of the `DataTimeDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", + "type": "array" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" + }, + "Type": { + "markdownDescription": "Determines the type of the line chart.", + "title": "Type", + "type": "string" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DateTimeFormatConfiguration": { + "AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateTimeFormat", + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", "type": "string" }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", - "title": "NumericFormatConfiguration" + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" } }, "type": "object" }, - "AWS::QuickSight::Template.DateTimeHierarchy": { + "AWS::QuickSight::Analysis.LineChartFieldWells": { "additionalProperties": false, "properties": { - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", - "title": "DrillDownFilters", - "type": "array" - }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", - "title": "HierarchyId", - "type": "string" + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" } }, - "required": [ - "HierarchyId" - ], "type": "object" }, - "AWS::QuickSight::Template.DateTimeParameterDeclaration": { + "AWS::QuickSight::Analysis.LineChartLineStyleSettings": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", + "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::QuickSight::Template.DateTimePickerControlDisplayOptions": { + "AWS::QuickSight::Analysis.LineChartMarkerStyleSettings": { "additionalProperties": false, "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", "type": "string" }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", + "type": "string" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", + "type": "string" + }, + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.LineChartSeriesSettings": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "string" + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" } }, "type": "object" }, - "AWS::QuickSight::Template.DecimalDefaultValues": { + "AWS::QuickSight::Analysis.LineChartSortConfiguration": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" }, - "StaticValues": { + "CategorySort": { "items": { - "type": "number" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.DecimalParameterDeclaration": { + "AWS::QuickSight::Analysis.LineChartVisual": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "MappedDataSetParameters": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", "type": "array" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", - "title": "ValueWhenUnset" + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" } }, "required": [ - "Name", - "ParameterValueType" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.DecimalPlacesConfiguration": { + "AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions": { "additionalProperties": false, "properties": { - "DecimalPlaces": { - "markdownDescription": "The values of the decimal places.", - "title": "DecimalPlaces", - "type": "number" + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" + }, + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MissingDataConfiguration" + }, + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" } }, - "required": [ - "DecimalPlaces" - ], "type": "object" }, - "AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.ListControlDisplayOptions": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", - "type": "string" + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultDateTimePickerControlOptions": { + "AWS::QuickSight::Analysis.ListControlSearchOptions": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "Type": { - "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", - "title": "Type", + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterControlConfiguration": { + "AWS::QuickSight::Analysis.ListControlSelectAllOptions": { "additionalProperties": false, "properties": { - "ControlOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlOptions", - "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", - "title": "ControlOptions" - }, - "Title": { - "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", - "title": "Title", + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", "type": "string" } }, - "required": [ - "ControlOptions", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterControlOptions": { + "AWS::QuickSight::Analysis.LoadingAnimation": { "additionalProperties": false, "properties": { - "DefaultDateTimePickerOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultDateTimePickerControlOptions", - "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", - "title": "DefaultDateTimePickerOptions" - }, - "DefaultDropdownOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterDropDownControlOptions", - "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", - "title": "DefaultDropdownOptions" - }, - "DefaultListOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterListControlOptions", - "markdownDescription": "The default options that correspond to the `List` filter control type.", - "title": "DefaultListOptions" - }, - "DefaultRelativeDateTimeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions", - "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", - "title": "DefaultRelativeDateTimeOptions" - }, - "DefaultSliderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSliderControlOptions", - "markdownDescription": "The default options that correspond to the `Slider` filter control type.", - "title": "DefaultSliderOptions" - }, - "DefaultTextAreaOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextAreaControlOptions", - "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", - "title": "DefaultTextAreaOptions" - }, - "DefaultTextFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextFieldControlOptions", - "markdownDescription": "The default options that correspond to the `TextField` filter control type.", - "title": "DefaultTextFieldOptions" + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterDropDownControlOptions": { + "AWS::QuickSight::Analysis.LocalNavigationConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", "type": "string" } }, + "required": [ + "TargetSheetId" + ], "type": "object" }, - "AWS::QuickSight::Template.DefaultFilterListControlOptions": { + "AWS::QuickSight::Analysis.LongFormatText": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" }, - "Type": { - "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", - "title": "Type", + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration": { + "AWS::QuickSight::Analysis.MappedDataSetParameter": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a free-form layout.", - "title": "CanvasSizeOptions" + "DataSetIdentifier": { + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", + "title": "DataSetIdentifier", + "type": "string" + }, + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", + "type": "string" } }, "required": [ - "CanvasSizeOptions" + "DataSetIdentifier", + "DataSetParameterName" ], "type": "object" }, - "AWS::QuickSight::Template.DefaultGridLayoutConfiguration": { + "AWS::QuickSight::Analysis.MaximumLabelType": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a grid layout.", - "title": "CanvasSizeOptions" + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", + "type": "string" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration": { + "AWS::QuickSight::Analysis.MaximumMinimumComputation": { "additionalProperties": false, "properties": { - "FreeForm": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration", - "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", - "title": "FreeForm" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" }, - "Grid": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultGridLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a grid layout configuration.", - "title": "Grid" + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, + "required": [ + "ComputationId", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.DefaultNewSheetConfiguration": { + "AWS::QuickSight::Analysis.MeasureField": { "additionalProperties": false, "properties": { - "InteractiveLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for interactive layout configuration.", - "title": "InteractiveLayoutConfiguration" + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" }, - "PaginatedLayoutConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", - "title": "PaginatedLayoutConfiguration" + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" }, - "SheetContentType": { - "markdownDescription": "The option that determines the sheet content type.", - "title": "SheetContentType", - "type": "string" + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" + }, + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration": { + "AWS::QuickSight::Analysis.MetricComparisonComputation": { "additionalProperties": false, "properties": { - "SectionBased": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration", - "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", - "title": "SectionBased" + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" } }, + "required": [ + "ComputationId" + ], "type": "object" }, - "AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions": { + "AWS::QuickSight::Analysis.MinimumLabelType": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Visibility": { + "markdownDescription": "The visibility of the minimum label.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration": { + "AWS::QuickSight::Analysis.MissingDataConfiguration": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "Determines the screen canvas size options for a section-based layout.", - "title": "CanvasSizeOptions" + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", + "type": "string" } }, - "required": [ - "CanvasSizeOptions" - ], "type": "object" }, - "AWS::QuickSight::Template.DefaultSliderControlOptions": { + "AWS::QuickSight::Analysis.NegativeValueConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" - }, - "Type": { - "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", "type": "string" } }, "required": [ - "MaximumValue", - "MinimumValue", - "StepSize" + "DisplayMode" ], "type": "object" }, - "AWS::QuickSight::Template.DefaultTextAreaControlOptions": { + "AWS::QuickSight::Analysis.NestedFilter": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" } }, + "required": [ + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" + ], "type": "object" }, - "AWS::QuickSight::Template.DefaultTextFieldControlOptions": { + "AWS::QuickSight::Analysis.NullValueFormatConfiguration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", + "type": "string" } }, + "required": [ + "NullString" + ], "type": "object" }, - "AWS::QuickSight::Template.DestinationParameterValueConfiguration": { + "AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "CustomValuesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomValuesConfiguration", - "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", - "title": "CustomValuesConfiguration" + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" }, - "SelectAllValueOptions": { - "markdownDescription": "The configuration that selects all options.", - "title": "SelectAllValueOptions", - "type": "string" + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" }, - "SourceColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "A column of a data set.", - "title": "SourceColumn" + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" }, - "SourceField": { - "markdownDescription": "The source field ID of the destination parameter.", - "title": "SourceField", + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the destination parameter.", - "title": "SourceParameterName", + "Prefix": { + "markdownDescription": "Determines the prefix value of the number format.", + "title": "Prefix", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DimensionField": { - "additionalProperties": false, - "properties": { - "CategoricalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalDimensionField", - "markdownDescription": "The dimension type field with categorical type columns.", - "title": "CategoricalDimensionField" }, - "DateDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateDimensionField", - "markdownDescription": "The dimension type field with date type columns.", - "title": "DateDimensionField" + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" }, - "NumericalDimensionField": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalDimensionField", - "markdownDescription": "The dimension type field with numerical type columns.", - "title": "NumericalDimensionField" + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.DonutCenterOptions": { + "AWS::QuickSight::Analysis.NumberFormatConfiguration": { "additionalProperties": false, "properties": { - "LabelVisibility": { - "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", - "title": "LabelVisibility", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.DonutOptions": { + "AWS::QuickSight::Analysis.NumericAxisOptions": { "additionalProperties": false, "properties": { - "ArcOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcOptions", - "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", - "title": "ArcOptions" + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" }, - "DonutCenterOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DonutCenterOptions", - "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", - "title": "DonutCenterOptions" + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" } }, "type": "object" }, - "AWS::QuickSight::Template.DrillDownFilter": { + "AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryDrillDownFilter", - "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityDrillDownFilter", - "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", - "title": "NumericEqualityFilter" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeDrillDownFilter", - "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", - "title": "TimeRangeFilter" + "Value": { + "markdownDescription": "The value of the double input numeric drill down filter.", + "title": "Value", + "type": "number" } }, + "required": [ + "Column", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Template.DropDownControlDisplayOptions": { + "AWS::QuickSight::Analysis.NumericEqualityFilter": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", - "title": "SelectAllOptions" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.DynamicDefaultValue": { - "additionalProperties": false, - "properties": { - "DefaultValueColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that contains the default value of each user or group.", - "title": "DefaultValueColumn" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "GroupNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that contains the group name.", - "title": "GroupNameColumn" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "UserNameColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that contains the username.", - "title": "UserNameColumn" - } - }, - "required": [ - "DefaultValueColumn" - ], - "type": "object" - }, - "AWS::QuickSight::Template.EmptyVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" }, - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", - "title": "DataSetIdentifier", + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" + }, + "Value": { + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" } }, "required": [ - "DataSetIdentifier", - "VisualId" + "Column", + "FilterId", + "MatchOperator", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Template.Entity": { + "AWS::QuickSight::Analysis.NumericFormatConfiguration": { "additionalProperties": false, "properties": { - "Path": { - "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", - "title": "Path", - "type": "string" + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" + }, + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.ExcludePeriodConfiguration": { + "AWS::QuickSight::Analysis.NumericRangeFilter": { "additionalProperties": false, "properties": { - "Amount": { - "markdownDescription": "The amount or number of the exclude period.", - "title": "Amount", - "type": "number" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" }, - "Granularity": { - "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", - "title": "Granularity", + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", "type": "string" }, - "Status": { - "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", - "title": "Status", + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", "type": "string" - } - }, - "required": [ - "Amount", - "Granularity" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ExplicitHierarchy": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the explicit hierarchy.", - "title": "Columns", - "type": "array" }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the explicit hierarchy.", - "title": "HierarchyId", + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", "type": "string" } }, "required": [ - "Columns", - "HierarchyId" + "Column", + "FilterId", + "NullOption" ], "type": "object" }, - "AWS::QuickSight::Template.FieldBasedTooltip": { + "AWS::QuickSight::Analysis.NumericRangeFilterValue": { "additionalProperties": false, "properties": { - "AggregationVisibility": { - "markdownDescription": "The visibility of `Show aggregations` .", - "title": "AggregationVisibility", + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", "type": "string" }, - "TooltipFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipItem" - }, - "markdownDescription": "The fields configuration in the tooltip.", - "title": "TooltipFields", - "type": "array" - }, - "TooltipTitleType": { - "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", - "title": "TooltipTitleType", - "type": "string" + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.FieldLabelType": { + "AWS::QuickSight::Analysis.NumericSeparatorConfiguration": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "Indicates the field that is targeted by the field label.", - "title": "FieldId", + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the field label.", - "title": "Visibility", - "type": "string" + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" } }, "type": "object" }, - "AWS::QuickSight::Template.FieldSeriesItem": { + "AWS::QuickSight::Analysis.NumericalAggregationFunction": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis that you are binding the field to.", - "title": "AxisBinding", - "type": "string" + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" }, - "FieldId": { - "markdownDescription": "The field ID of the field for which you are setting the axis binding.", - "title": "FieldId", + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", "type": "string" - }, - "Settings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", - "markdownDescription": "The options that determine the presentation of line series associated to the field.", - "title": "Settings" } }, - "required": [ - "AxisBinding", - "FieldId" - ], "type": "object" }, - "AWS::QuickSight::Template.FieldSort": { + "AWS::QuickSight::Analysis.NumericalDimensionField": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", - "title": "Direction", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" }, "FieldId": { - "markdownDescription": "The sort configuration target field.", + "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" } }, "required": [ - "Direction", + "Column", "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.FieldSortOptions": { + "AWS::QuickSight::Analysis.NumericalMeasureField": { "additionalProperties": false, "properties": { - "ColumnSort": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", - "markdownDescription": "The sort configuration for a column that is not used in a field well.", - "title": "ColumnSort" + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" }, - "FieldSort": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", - "markdownDescription": "The sort configuration for a field in a field well.", - "title": "FieldSort" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FieldTooltipItem": { - "additionalProperties": false, - "properties": { "FieldId": { - "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, - "Label": { - "markdownDescription": "The label of the tooltip item.", - "title": "Label", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility of the tooltip item.", - "title": "Visibility", - "type": "string" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" } }, "required": [ + "Column", "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.PaginationConfiguration": { "additionalProperties": false, "properties": { - "Geospatial": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", - "title": "Geospatial", - "type": "array" + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", + "type": "number" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilledMapConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "required": [ - "ConditionalFormattingOptions" - ], - "type": "object" - }, - "AWS::QuickSight::Template.FilledMapConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Shape": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapShapeConditionalFormatting", - "markdownDescription": "The conditional formatting that determines the shape of the filled map.", - "title": "Shape" + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", + "type": "number" } }, "required": [ - "Shape" + "PageNumber", + "PageSize" ], "type": "object" }, - "AWS::QuickSight::Template.FilledMapConfiguration": { + "AWS::QuickSight::Analysis.PanelConfiguration": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the filled map visual.", - "title": "MapStyleOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapSortConfiguration", - "markdownDescription": "The sort configuration of a `FilledMapVisual` .", - "title": "SortConfiguration" + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "string" }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", - "markdownDescription": "The window options of the filled map visual.", - "title": "WindowOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilledMapFieldWells": { - "additionalProperties": false, - "properties": { - "FilledMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well of the filled map.", - "title": "FilledMapAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilledMapShapeConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the filled map shape.", - "title": "FieldId", + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", "type": "string" }, - "Format": { - "$ref": "#/definitions/AWS::QuickSight::Template.ShapeConditionalFormat", - "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", - "title": "Format" - } - }, - "required": [ - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Template.FilledMapSortConfiguration": { - "additionalProperties": false, - "properties": { - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the location fields.", - "title": "CategorySort", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilledMapVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "string" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormatting", - "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", - "title": "ConditionalFormatting" + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", + "type": "string" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Template.Filter": { + "AWS::QuickSight::Analysis.PanelTitleOptions": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilter", - "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", - "title": "CategoryFilter" - }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityFilter", - "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", - "title": "NumericEqualityFilter" - }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilter", - "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", - "title": "NumericRangeFilter" - }, - "RelativeDatesFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDatesFilter", - "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", - "title": "RelativeDatesFilter" - }, - "TimeEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeEqualityFilter", - "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", - "title": "TimeEqualityFilter" + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" }, - "TimeRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilter", - "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", - "title": "TimeRangeFilter" + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", + "type": "string" }, - "TopBottomFilter": { - "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomFilter", - "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", - "title": "TopBottomFilter" + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterControl": { + "AWS::QuickSight::Analysis.ParameterControl": { "additionalProperties": false, "properties": { - "CrossSheet": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterCrossSheetControl", - "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", - "title": "CrossSheet" - }, "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterDateTimePickerControl", - "markdownDescription": "A control from a date filter that is used to specify date and time.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", "title": "DateTimePicker" }, "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterDropDownControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDropDownControl", "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", "title": "Dropdown" }, "List": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterListControl", - "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", "title": "List" }, - "RelativeDateTime": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterRelativeDateTimeControl", - "markdownDescription": "A control from a date filter that is used to specify the relative date.", - "title": "RelativeDateTime" - }, "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSliderControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSliderControl", "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", "title": "Slider" }, "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextAreaControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextAreaControl", "markdownDescription": "A control to display a text box that is used to enter multiple entries.", "title": "TextArea" }, "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextFieldControl", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextFieldControl", "markdownDescription": "A control to display a text box that is used to enter a single entry.", "title": "TextField" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterCrossSheetControl": { + "AWS::QuickSight::Analysis.ParameterDateTimePickerControl": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterCrossSheetControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", + "title": "Title", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId" + "ParameterControlId", + "SourceParameterName", + "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FilterDateTimePickerControl": { + "AWS::QuickSight::Analysis.ParameterDeclaration": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", - "title": "FilterControlId", - "type": "string" + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", - "title": "SourceFilterId", - "type": "string" + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" }, - "Title": { - "markdownDescription": "The title of the `FilterDateTimePickerControl` .", - "title": "Title", - "type": "string" + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" }, - "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", - "title": "Type", - "type": "string" + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" } }, - "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.FilterDropDownControl": { + "AWS::QuickSight::Analysis.ParameterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", - "markdownDescription": "The display options of the `FilterDropDownControl` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterDropDownControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", "type": "string" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterDropDownControl` .", + "markdownDescription": "The title of the `ParameterDropDownControl` .", "title": "Title", "type": "string" }, "Type": { - "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", "title": "Type", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FilterGroup": { - "additionalProperties": false, - "properties": { - "CrossDataset": { - "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", - "title": "CrossDataset", - "type": "string" - }, - "FilterGroupId": { - "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", - "title": "FilterGroupId", - "type": "string" - }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Filter" - }, - "markdownDescription": "The list of filters that are present in a `FilterGroup` .", - "title": "Filters", - "type": "array" - }, - "ScopeConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterScopeConfiguration", - "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ScopeConfiguration" - }, - "Status": { - "markdownDescription": "The status of the `FilterGroup` .", - "title": "Status", - "type": "string" - } - }, - "required": [ - "CrossDataset", - "FilterGroupId", - "Filters", - "ScopeConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Template.FilterListConfiguration": { - "additionalProperties": false, - "properties": { - "CategoryValues": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of category values for the filter.", - "title": "CategoryValues", - "type": "array" - }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", - "type": "string" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", - "type": "string" - } - }, - "required": [ - "MatchOperator" - ], - "type": "object" - }, - "AWS::QuickSight::Template.FilterListControl": { + "AWS::QuickSight::Analysis.ParameterListControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterListControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", "type": "string" }, "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterListControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterListControl` .", + "markdownDescription": "The title of the `ParameterListControl` .", "title": "Title", "type": "string" }, "Type": { - "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "markdownDescription": "The type of `ParameterListControl` .", "title": "Type", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration": { - "additionalProperties": false, - "properties": { - "SelectedColumns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The selected columns of a dataset.", - "title": "SelectedColumns", - "type": "array" - }, - "SelectedFieldOptions": { - "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", - "title": "SelectedFieldOptions", - "type": "string" - }, - "SelectedFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", - "title": "SelectedFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration": { - "additionalProperties": false, - "properties": { - "SameSheetTargetVisualConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SameSheetTargetVisualConfiguration", - "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", - "title": "SameSheetTargetVisualConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilterRelativeDateTimeControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", - "type": "string" - }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", - "type": "string" - }, - "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", - "title": "Title", - "type": "string" - } - }, - "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FilterScopeConfiguration": { + "AWS::QuickSight::Analysis.ParameterSelectableValues": { "additionalProperties": false, "properties": { - "AllSheets": { - "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", - "title": "AllSheets", - "type": "object" + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" }, - "SelectedSheets": { - "$ref": "#/definitions/AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration", - "markdownDescription": "The configuration for applying a filter to specific sheets.", - "title": "SelectedSheets" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FilterSelectableValues": { - "additionalProperties": false, - "properties": { "Values": { "items": { "type": "string" }, - "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.FilterSliderControl": { + "AWS::QuickSight::Analysis.ParameterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterSliderControl` .", - "title": "FilterControlId", - "type": "string" - }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", @@ -214169,9 +228518,14 @@ "title": "MinimumValue", "type": "number" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterSliderControl` .", - "title": "SourceFilterId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", "type": "string" }, "StepSize": { @@ -214180,27 +228534,22 @@ "type": "number" }, "Title": { - "markdownDescription": "The title of the `FilterSliderControl` .", + "markdownDescription": "The title of the `ParameterSliderControl` .", "title": "Title", "type": "string" - }, - "Type": { - "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", - "title": "Type", - "type": "string" } }, "required": [ - "FilterControlId", "MaximumValue", "MinimumValue", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "StepSize", "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FilterTextAreaControl": { + "AWS::QuickSight::Analysis.ParameterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { @@ -214209,118 +228558,166 @@ "type": "string" }, "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextAreaControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterTextAreaControl` .", + "markdownDescription": "The title of the `ParameterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FilterTextFieldControl": { + "AWS::QuickSight::Analysis.ParameterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, - "FilterControlId": { - "markdownDescription": "The ID of the `FilterTextFieldControl` .", - "title": "FilterControlId", + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", "type": "string" }, - "SourceFilterId": { - "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", - "title": "SourceFilterId", + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", "type": "string" }, "Title": { - "markdownDescription": "The title of the `FilterTextFieldControl` .", + "markdownDescription": "The title of the `ParameterTextFieldControl` .", "title": "Title", "type": "string" } }, "required": [ - "FilterControlId", - "SourceFilterId", + "ParameterControlId", + "SourceParameterName", "Title" ], "type": "object" }, - "AWS::QuickSight::Template.FontConfiguration": { + "AWS::QuickSight::Analysis.Parameters": { "additionalProperties": false, "properties": { - "FontColor": { - "markdownDescription": "Determines the color of the text.", - "title": "FontColor", - "type": "string" - }, - "FontDecoration": { - "markdownDescription": "Determines the appearance of decorative lines on the text.", - "title": "FontDecoration", - "type": "string" + "DateTimeParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameter" + }, + "markdownDescription": "The parameters that have a data type of date-time.", + "title": "DateTimeParameters", + "type": "array" }, - "FontSize": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontSize", - "markdownDescription": "The option that determines the text display size.", - "title": "FontSize" + "DecimalParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameter" + }, + "markdownDescription": "The parameters that have a data type of decimal.", + "title": "DecimalParameters", + "type": "array" }, - "FontStyle": { - "markdownDescription": "Determines the text display face that is inherited by the given font family.", - "title": "FontStyle", - "type": "string" + "IntegerParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameter" + }, + "markdownDescription": "The parameters that have a data type of integer.", + "title": "IntegerParameters", + "type": "array" }, - "FontWeight": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontWeight", - "markdownDescription": "The option that determines the text display weight, or boldness.", - "title": "FontWeight" + "StringParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameter" + }, + "markdownDescription": "The parameters that have a data type of string.", + "title": "StringParameters", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.FontSize": { + "AWS::QuickSight::Analysis.PercentVisibleRange": { "additionalProperties": false, "properties": { - "Relative": { - "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", - "title": "Relative", - "type": "string" + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.FontWeight": { + "AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The lexical name for the level of boldness of the text display.", - "title": "Name", + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ForecastComputation": { + "AWS::QuickSight::Analysis.PercentileAggregation": { + "additionalProperties": false, + "properties": { + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PeriodOverPeriodComputation": { "additionalProperties": false, "properties": { "ComputationId": { @@ -214328,53 +228725,18 @@ "title": "ComputationId", "type": "string" }, - "CustomSeasonalityValue": { - "markdownDescription": "The custom seasonality value setup of a forecast computation.", - "title": "CustomSeasonalityValue", - "type": "number" - }, - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" - }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" - }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", - "title": "Seasonality", - "type": "string" - }, "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" - }, "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } @@ -214384,402 +228746,223 @@ ], "type": "object" }, - "AWS::QuickSight::Template.ForecastConfiguration": { - "additionalProperties": false, - "properties": { - "ForecastProperties": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeBasedForecastProperties", - "markdownDescription": "The forecast properties setup of a forecast in the line chart.", - "title": "ForecastProperties" - }, - "Scenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastScenario", - "markdownDescription": "The forecast scenario of a forecast in the line chart.", - "title": "Scenario" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ForecastScenario": { - "additionalProperties": false, - "properties": { - "WhatIfPointScenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfPointScenario", - "markdownDescription": "The what-if analysis forecast setup with the target date.", - "title": "WhatIfPointScenario" - }, - "WhatIfRangeScenario": { - "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfRangeScenario", - "markdownDescription": "The what-if analysis forecast setup with the date range.", - "title": "WhatIfRangeScenario" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FormatConfiguration": { - "additionalProperties": false, - "properties": { - "DateTimeFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", - "markdownDescription": "Formatting configuration for `DateTime` fields.", - "title": "DateTimeFormatConfiguration" - }, - "NumberFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", - "markdownDescription": "Formatting configuration for number fields.", - "title": "NumberFormatConfiguration" - }, - "StringFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", - "markdownDescription": "Formatting configuration for string fields.", - "title": "StringFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", - "title": "ScreenCanvasSizeOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FreeFormLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" - }, - "Elements": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" - }, - "markdownDescription": "The elements that are included in a free-form layout.", - "title": "Elements", - "type": "array" - } - }, - "required": [ - "Elements" - ], - "type": "object" - }, - "AWS::QuickSight::Template.FreeFormLayoutElement": { + "AWS::QuickSight::Analysis.PeriodToDateComputation": { "additionalProperties": false, "properties": { - "BackgroundStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle", - "markdownDescription": "The background style configuration of a free-form layout element.", - "title": "BackgroundStyle" - }, - "BorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element.", - "title": "BorderStyle" - }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a free-form layout.", - "title": "ElementId", - "type": "string" - }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", - "type": "string" - }, - "Height": { - "markdownDescription": "The height of an element within a free-form layout.", - "title": "Height", - "type": "string" - }, - "LoadingAnimation": { - "$ref": "#/definitions/AWS::QuickSight::Template.LoadingAnimation", - "markdownDescription": "The loading animation configuration of a free-form layout element.", - "title": "LoadingAnimation" - }, - "RenderingRules": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementRenderingRule" - }, - "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", - "title": "RenderingRules", - "type": "array" - }, - "SelectedBorderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", - "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", - "title": "SelectedBorderStyle" - }, - "Visibility": { - "markdownDescription": "The visibility of an element within a free-form layout.", - "title": "Visibility", - "type": "string" - }, - "Width": { - "markdownDescription": "The width of an element within a free-form layout.", - "title": "Width", + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", "type": "string" }, - "XAxisLocation": { - "markdownDescription": "The x-axis coordinate of the element.", - "title": "XAxisLocation", + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", "type": "string" }, - "YAxisLocation": { - "markdownDescription": "The y-axis coordinate of the element.", - "title": "YAxisLocation", - "type": "string" - } - }, - "required": [ - "ElementId", - "ElementType", - "Height", - "Width", - "XAxisLocation", - "YAxisLocation" - ], - "type": "object" - }, - "AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The background color of a free-form layout element.", - "title": "Color", + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", "type": "string" }, - "Visibility": { - "markdownDescription": "The background visibility of a free-form layout element.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The border color of a free-form layout element.", - "title": "Color", - "type": "string" + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" }, - "Visibility": { - "markdownDescription": "The border visibility of a free-form layout element.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" } }, "required": [ - "OptimizedViewPortWidth" + "ComputationId" ], "type": "object" }, - "AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration": { + "AWS::QuickSight::Analysis.PieChartAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Elements": { + "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The elements that are included in the free-form layout.", - "title": "Elements", + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", "type": "array" - } - }, - "required": [ - "Elements" - ], - "type": "object" - }, - "AWS::QuickSight::Template.FunnelChartAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Category": { + }, + "SmallMultiples": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", - "title": "Category", + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", "type": "array" }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartConfiguration": { + "AWS::QuickSight::Analysis.PieChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", "title": "CategoryLabelOptions" }, - "DataLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartDataLabelOptions", - "markdownDescription": "The options that determine the presentation of the data labels.", - "title": "DataLabelOptions" + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartFieldWells", + "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartSortConfiguration", - "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", "title": "ValueLabelOptions" }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartDataLabelOptions": { - "additionalProperties": false, - "properties": { - "CategoryLabelVisibility": { - "markdownDescription": "The visibility of the category labels within the data labels.", - "title": "CategoryLabelVisibility", - "type": "string" - }, - "LabelColor": { - "markdownDescription": "The color of the data label text.", - "title": "LabelColor", - "type": "string" - }, - "LabelFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", - "title": "LabelFontConfiguration" - }, - "MeasureDataLabelStyle": { - "markdownDescription": "Determines the style of the metric labels.", - "title": "MeasureDataLabelStyle", - "type": "string" - }, - "MeasureLabelVisibility": { - "markdownDescription": "The visibility of the measure labels within the data labels.", - "title": "MeasureLabelVisibility", - "type": "string" - }, - "Position": { - "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", - "title": "Position", - "type": "string" - }, - "Visibility": { - "markdownDescription": "The visibility option that determines if data labels are displayed.", - "title": "Visibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.FunnelChartFieldWells": { + "AWS::QuickSight::Analysis.PieChartFieldWells": { "additionalProperties": false, "properties": { - "FunnelChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", - "title": "FunnelChartAggregatedFieldWells" + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartSortConfiguration": { + "AWS::QuickSight::Analysis.PieChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories displayed.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.FunnelChartVisual": { + "AWS::QuickSight::Analysis.PieChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartConfiguration", - "markdownDescription": "The configuration of a `FunnelChartVisual` .", + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } @@ -214789,990 +228972,1004 @@ ], "type": "object" }, - "AWS::QuickSight::Template.GaugeChartArcConditionalFormatting": { + "AWS::QuickSight::Analysis.PivotFieldSortOptions": { "additionalProperties": false, "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the arc foreground color.", - "title": "ForegroundColor" + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" } }, + "required": [ + "FieldId", + "SortBy" + ], "type": "object" }, - "AWS::QuickSight::Template.GaugeChartConditionalFormatting": { + "AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormattingOption" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", - "title": "ConditionalFormattingOptions", + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.GaugeChartConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartArcConditionalFormatting", - "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", - "title": "Arc" }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", - "title": "PrimaryValue" + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartConfiguration": { + "AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartFieldWells", - "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", - "title": "FieldWells" + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" }, - "GaugeChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartOptions", - "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", - "title": "GaugeChartOptions" + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" }, - "TooltipOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", - "title": "TooltipOptions" + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope" + }, + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", + "type": "array" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", - "title": "VisualPalette" + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" } }, + "required": [ + "FieldId" + ], "type": "object" }, - "AWS::QuickSight::Template.GaugeChartFieldWells": { + "AWS::QuickSight::Analysis.PivotTableConditionalFormatting": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", - "title": "TargetValues", - "type": "array" - }, - "Values": { + "ConditionalFormattingOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption" }, - "markdownDescription": "The value field wells of a `GaugeChartVisual` .", - "title": "Values", + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartOptions": { + "AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption": { "additionalProperties": false, "properties": { - "Arc": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcConfiguration", - "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", - "title": "Arc" - }, - "ArcAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisConfiguration", - "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", - "title": "ArcAxis" - }, - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", - "title": "Comparison" - }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope": { + "additionalProperties": false, + "properties": { + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", "type": "string" - }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting": { + "AWS::QuickSight::Analysis.PivotTableConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value icon.", - "title": "Icon" + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value text color.", - "title": "TextColor" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", + "title": "SortConfiguration" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.GaugeChartVisual": { + "AWS::QuickSight::Analysis.PivotTableDataPathOption": { "additionalProperties": false, "properties": { - "Actions": { + "DataPathList": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConfiguration", - "markdownDescription": "The configuration of a `GaugeChartVisual` .", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormatting", - "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Width": { + "markdownDescription": "The width of the data path option.", + "title": "Width", "type": "string" } }, "required": [ - "VisualId" + "DataPathList" ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialCoordinateBounds": { + "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption": { "additionalProperties": false, "properties": { - "East": { - "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", - "title": "East", - "type": "number" - }, - "North": { - "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", - "title": "North", - "type": "number" - }, - "South": { - "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", - "title": "South", - "type": "number" + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", + "type": "string" }, - "West": { - "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", - "title": "West", - "type": "number" + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" } }, "required": [ - "East", - "North", - "South", - "West" + "Target" ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialHeatmapColorScale": { + "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget": { "additionalProperties": false, "properties": { - "Colors": { + "FieldDataPathValues": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapDataColor" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" }, - "markdownDescription": "The list of colors to be used in heatmap point style.", - "title": "Colors", + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", "type": "array" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialHeatmapConfiguration": { - "additionalProperties": false, - "properties": { - "HeatmapColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapColorScale", - "markdownDescription": "The color scale specification for the heatmap point style.", - "title": "HeatmapColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.GeospatialHeatmapDataColor": { + "AWS::QuickSight::Analysis.PivotTableFieldOption": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color to be used in the heatmap point style.", - "title": "Color", + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", "type": "string" } }, "required": [ - "Color" + "FieldId" ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.PivotTableFieldOptions": { "additionalProperties": false, "properties": { - "Colors": { + "CollapseStateOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption" }, - "markdownDescription": "The color field wells of a geospatial map.", - "title": "Colors", + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", "type": "array" }, - "Geospatial": { + "DataPathOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableDataPathOption" }, - "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", - "title": "Geospatial", + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", "type": "array" }, - "Values": { + "SelectedFieldOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOption" }, - "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", - "title": "Values", + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapConfiguration": { + "AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "MapStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", - "markdownDescription": "The map style options of the geospatial map.", - "title": "MapStyleOptions" - }, - "PointStyleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialPointStyleOptions", - "markdownDescription": "The point style options of the geospatial map.", - "title": "PointStyleOptions" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "", - "title": "VisualPalette" - }, - "WindowOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", - "markdownDescription": "The window options of the geospatial map.", - "title": "WindowOptions" + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapFieldWells": { + "AWS::QuickSight::Analysis.PivotTableFieldWells": { "additionalProperties": false, "properties": { - "GeospatialMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells", - "markdownDescription": "The aggregated field well for a geospatial map.", - "title": "GeospatialMapAggregatedFieldWells" + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialMapStyleOptions": { + "AWS::QuickSight::Analysis.PivotTableOptions": { "additionalProperties": false, "properties": { - "BaseMapStyle": { - "markdownDescription": "The base map style of the geospatial map.", - "title": "BaseMapStyle", + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" + }, + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.GeospatialMapVisual": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", + "type": "string" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" + }, + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" + }, + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", + "type": "string" + }, + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "string" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Template.GeospatialPointStyleOptions": { + "AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions": { "additionalProperties": false, "properties": { - "ClusterMarkerConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarkerConfiguration", - "markdownDescription": "The cluster marker configuration of the geospatial point style.", - "title": "ClusterMarkerConfiguration" - }, - "HeatmapConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapConfiguration", - "markdownDescription": "The heatmap configuration of the geospatial point style.", - "title": "HeatmapConfiguration" + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" }, - "SelectedPointStyle": { - "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", - "title": "SelectedPointStyle", + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.GeospatialWindowOptions": { + "AWS::QuickSight::Analysis.PivotTableRowsLabelOptions": { "additionalProperties": false, "properties": { - "Bounds": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialCoordinateBounds", - "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", - "title": "Bounds" - }, - "MapZoomMode": { - "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", - "title": "MapZoomMode", + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the rows label.", + "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.GlobalTableBorderOptions": { + "AWS::QuickSight::Analysis.PivotTableSortBy": { "additionalProperties": false, "properties": { - "SideSpecificBorder": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableSideBorderOptions", - "markdownDescription": "Determines the options for side specific border.", - "title": "SideSpecificBorder" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" }, - "UniformBorder": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "Determines the options for uniform border.", - "title": "UniformBorder" + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" + }, + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" } }, "type": "object" }, - "AWS::QuickSight::Template.GradientColor": { + "AWS::QuickSight::Analysis.PivotTableSortConfiguration": { "additionalProperties": false, "properties": { - "Stops": { + "FieldSortOptions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GradientStop" + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotFieldSortOptions" }, - "markdownDescription": "The list of gradient color stops.", - "title": "Stops", + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.GradientStop": { + "AWS::QuickSight::Analysis.PivotTableTotalOptions": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "Determines the color.", - "title": "Color", - "type": "string" + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" }, - "DataValue": { - "markdownDescription": "Determines the data value.", - "title": "DataValue", - "type": "number" + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" }, - "GradientOffset": { - "markdownDescription": "Determines gradient offset value.", - "title": "GradientOffset", - "type": "number" - } - }, - "required": [ - "GradientOffset" - ], - "type": "object" - }, - "AWS::QuickSight::Template.GridLayoutCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "ScreenCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions", - "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", - "title": "ScreenCanvasSizeOptions" + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.GridLayoutConfiguration": { + "AWS::QuickSight::Analysis.PivotTableVisual": { "additionalProperties": false, "properties": { - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", - "markdownDescription": "", - "title": "CanvasSizeOptions" - }, - "Elements": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutElement" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, - "markdownDescription": "The elements that are included in a grid layout.", - "title": "Elements", + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" } }, "required": [ - "Elements" + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.GridLayoutElement": { + "AWS::QuickSight::Analysis.PivotTotalOptions": { "additionalProperties": false, "properties": { - "ColumnIndex": { - "markdownDescription": "The column index for the upper left corner of an element.", - "title": "ColumnIndex", - "type": "number" + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" }, - "ColumnSpan": { - "markdownDescription": "The width of a grid element expressed as a number of grid columns.", - "title": "ColumnSpan", - "type": "number" + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" }, - "ElementId": { - "markdownDescription": "A unique identifier for an element within a grid layout.", - "title": "ElementId", + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", "type": "string" }, - "ElementType": { - "markdownDescription": "The type of element.", - "title": "ElementType", + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", "type": "string" }, - "RowIndex": { - "markdownDescription": "The row index for the upper left corner of an element.", - "title": "RowIndex", - "type": "number" + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", + "type": "array" }, - "RowSpan": { - "markdownDescription": "The height of a grid element expressed as a number of grid rows.", - "title": "RowSpan", - "type": "number" - } - }, - "required": [ - "ColumnSpan", - "ElementId", - "ElementType", - "RowSpan" - ], - "type": "object" - }, - "AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "OptimizedViewPortWidth": { - "markdownDescription": "The width that the view port will be optimized for when the layout renders.", - "title": "OptimizedViewPortWidth", - "type": "string" + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" }, - "ResizeOption": { - "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", - "title": "ResizeOption", + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" } }, - "required": [ - "ResizeOption" - ], "type": "object" }, - "AWS::QuickSight::Template.GrowthRateComputation": { + "AWS::QuickSight::Analysis.PluginVisual": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", "type": "string" }, - "PeriodSize": { - "markdownDescription": "The period size setup of a growth rate computation.", - "title": "PeriodSize", - "type": "number" + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual that you want to use.", + "title": "VisualId", + "type": "string" } }, "required": [ - "ComputationId" + "PluginArn", + "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.HeaderFooterSectionConfiguration": { + "AWS::QuickSight::Analysis.PluginVisualConfiguration": { "additionalProperties": false, "properties": { - "Layout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", - "markdownDescription": "The layout configuration of the header or footer section.", - "title": "Layout" + "FieldWells": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualFieldWell" + }, + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", + "type": "array" }, - "SectionId": { - "markdownDescription": "The unique identifier of the header or footer section.", - "title": "SectionId", - "type": "string" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" }, - "Style": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", - "markdownDescription": "The style options of a header or footer section.", - "title": "Style" + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" } }, - "required": [ - "Layout", - "SectionId" - ], "type": "object" }, - "AWS::QuickSight::Template.HeatMapAggregatedFieldWells": { + "AWS::QuickSight::Analysis.PluginVisualFieldWell": { "additionalProperties": false, "properties": { - "Columns": { + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" + }, + "Dimensions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The columns field well of a heat map.", - "title": "Columns", + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", "type": "array" }, - "Rows": { + "Measures": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The rows field well of a heat map.", - "title": "Rows", + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", "type": "array" }, - "Values": { + "Unaggregated": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" }, - "markdownDescription": "The values field well of a heat map.", - "title": "Values", + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapConfiguration": { + "AWS::QuickSight::Analysis.PluginVisualItemsLimitConfiguration": { "additionalProperties": false, "properties": { - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", - "title": "ColorScale" - }, - "ColumnLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the column that is displayed in a heat map.", - "title": "ColumnLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "RowLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the row that is displayed in a `heat map` .", - "title": "RowLabelOptions" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapSortConfiguration", - "markdownDescription": "The sort configuration of a heat map.", - "title": "SortConfiguration" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapFieldWells": { + "AWS::QuickSight::Analysis.PluginVisualOptions": { "additionalProperties": false, "properties": { - "HeatMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a heat map.", - "title": "HeatMapAggregatedFieldWells" + "VisualProperties": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualProperty" + }, + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapSortConfiguration": { + "AWS::QuickSight::Analysis.PluginVisualProperty": { "additionalProperties": false, "properties": { - "HeatMapColumnItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", - "title": "HeatMapColumnItemsLimitConfiguration" - }, - "HeatMapColumnSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", - "title": "HeatMapColumnSort", - "type": "array" + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" }, - "HeatMapRowItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", - "title": "HeatMapRowItemsLimitConfiguration" + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualSortConfiguration": { + "additionalProperties": false, + "properties": { + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.PluginVisualTableQuerySort": { + "additionalProperties": false, + "properties": { + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" }, - "HeatMapRowSort": { + "RowSort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The field sort configuration of the rows fields.", - "title": "HeatMapRowSort", + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.HeatMapVisual": { + "AWS::QuickSight::Analysis.PredefinedHierarchy": { "additionalProperties": false, "properties": { - "Actions": { + "Columns": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", "type": "array" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapConfiguration", - "markdownDescription": "The configuration of a heat map.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "DrillDownFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", "type": "array" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", "type": "string" } }, "required": [ - "VisualId" + "Columns", + "HierarchyId" ], "type": "object" }, - "AWS::QuickSight::Template.HistogramAggregatedFieldWells": { + "AWS::QuickSight::Analysis.ProgressBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.QueryExecutionOptions": { + "additionalProperties": false, + "properties": { + "QueryExecutionMode": { + "markdownDescription": "A structure that describes the query execution mode.", + "title": "QueryExecutionMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", + "type": "array" + }, + "Color": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", + "type": "array" + }, "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramBinOptions": { + "AWS::QuickSight::Analysis.RadarChartAreaStyleSettings": { "additionalProperties": false, "properties": { - "BinCount": { - "$ref": "#/definitions/AWS::QuickSight::Template.BinCountOptions", - "markdownDescription": "The options that determine the bin count of a histogram.", - "title": "BinCount" - }, - "BinWidth": { - "$ref": "#/definitions/AWS::QuickSight::Template.BinWidthOptions", - "markdownDescription": "The options that determine the bin width of a histogram.", - "title": "BinWidth" - }, - "SelectedBinType": { - "markdownDescription": "The options that determine the selected bin type.", - "title": "SelectedBinType", + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", "type": "string" - }, - "StartValue": { - "markdownDescription": "The options that determine the bin start value.", - "title": "StartValue", - "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramConfiguration": { + "AWS::QuickSight::Analysis.RadarChartConfiguration": { "additionalProperties": false, "properties": { - "BinOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramBinOptions", - "markdownDescription": "The options that determine the presentation of histogram bins.", - "title": "BinOptions" + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "string" }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a histogram.", - "title": "DataLabels" + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", + "type": "string" + }, + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" + }, + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" + }, + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" + }, + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramFieldWells", - "markdownDescription": "The field well configuration of a histogram.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", "title": "FieldWells" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a histogram.", - "title": "Tooltip" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a histogram.", - "title": "VisualPalette" + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", - "title": "XAxisDisplayOptions" + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", - "title": "XAxisLabelOptions" + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "title": "SortConfiguration" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "YAxisDisplayOptions" + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramFieldWells": { + "AWS::QuickSight::Analysis.RadarChartFieldWells": { "additionalProperties": false, "properties": { - "HistogramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a histogram.", - "title": "HistogramAggregatedFieldWells" + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.HistogramVisual": { + "AWS::QuickSight::Analysis.RadarChartSeriesSettings": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramConfiguration", - "markdownDescription": "The configuration for a `HistogramVisual` .", - "title": "ChartConfiguration" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Template.InsightConfiguration": { + "AWS::QuickSight::Analysis.RadarChartSortConfiguration": { "additionalProperties": false, "properties": { - "Computations": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Computation" + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, - "markdownDescription": "The computations configurations of the insight visual", - "title": "Computations", + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", "type": "array" }, - "CustomNarrative": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomNarrativeOptions", - "markdownDescription": "The custom narrative of the insight visual.", - "title": "CustomNarrative" + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.InsightVisual": { + "AWS::QuickSight::Analysis.RadarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, - "DataSetIdentifier": { - "markdownDescription": "The dataset that is used in the insight visual.", - "title": "DataSetIdentifier", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" }, - "InsightConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.InsightConfiguration", - "markdownDescription": "The configuration of an insight visual.", - "title": "InsightConfiguration" + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -215780,828 +229977,724 @@ } }, "required": [ - "DataSetIdentifier", "VisualId" ], "type": "object" }, - "AWS::QuickSight::Template.IntegerDefaultValues": { + "AWS::QuickSight::Analysis.RangeEndsLabelType": { "additionalProperties": false, "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", - "title": "DynamicValue" - }, - "StaticValues": { - "items": { - "type": "number" - }, - "markdownDescription": "The static values of the `IntegerDefaultValues` .", - "title": "StaticValues", - "type": "array" + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.IntegerParameterDeclaration": { + "AWS::QuickSight::Analysis.ReferenceLine": { "additionalProperties": false, "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" - }, - "MappedDataSetParameters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" - }, - "markdownDescription": "", - "title": "MappedDataSetParameters", - "type": "array" + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", - "type": "string" + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "ValueWhenUnset" + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" } }, "required": [ - "Name", - "ParameterValueType" + "DataConfiguration" ], "type": "object" }, - "AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration": { "additionalProperties": false, "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", - "type": "number" - }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "CustomLabel": { + "markdownDescription": "The string text of the custom label.", + "title": "CustomLabel", "type": "string" } }, + "required": [ + "CustomLabel" + ], "type": "object" }, - "AWS::QuickSight::Template.ItemsLimitConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineDataConfiguration": { "additionalProperties": false, "properties": { - "ItemsLimit": { - "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", - "title": "ItemsLimit", - "type": "number" + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", + "type": "string" }, - "OtherCategories": { - "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", - "title": "OtherCategories", + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" + }, + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", "type": "string" + }, + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIActualValueConditionalFormatting": { + "AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the actual value's icon.", - "title": "Icon" + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the actual value's text color.", - "title": "TextColor" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" + }, + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" } }, + "required": [ + "Calculation", + "Column" + ], "type": "object" }, - "AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting": { + "AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration": { "additionalProperties": false, "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the comparison value's icon.", - "title": "Icon" + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the comparison value's text color.", - "title": "TextColor" + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", + "title": "FontConfiguration" + }, + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", + "type": "string" + }, + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" + }, + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIConditionalFormatting": { + "AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration": { "additionalProperties": false, "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormattingOption" - }, - "markdownDescription": "The conditional formatting options of a KPI visual.", - "title": "ConditionalFormattingOptions", - "type": "array" + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", + "type": "number" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::QuickSight::Template.KPIConditionalFormattingOption": { + "AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration": { "additionalProperties": false, "properties": { - "ActualValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIActualValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", - "title": "ActualValue" - }, - "ComparisonValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", - "title": "ComparisonValue" - }, - "PrimaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting", - "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", - "title": "PrimaryValue" + "Color": { + "markdownDescription": "The hex color of the reference line.", + "title": "Color", + "type": "string" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIProgressBarConditionalFormatting", - "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", - "title": "ProgressBar" + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIConfiguration": { + "AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration": { "additionalProperties": false, "properties": { - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIFieldWells", - "markdownDescription": "The field well configuration of a KPI visual.", - "title": "FieldWells" - }, - "KPIOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIOptions", - "markdownDescription": "The options that determine the presentation of a KPI visual.", - "title": "KPIOptions" + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPISortConfiguration", - "markdownDescription": "The sort configuration of a KPI visual.", - "title": "SortConfiguration" + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIFieldWells": { + "AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions": { "additionalProperties": false, "properties": { - "TargetValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The target value field wells of a KPI visual.", - "title": "TargetValues", - "type": "array" + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" }, - "TrendGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The trend group field wells of a KPI visual.", - "title": "TrendGroups", - "type": "array" + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The value field wells of a KPI visual.", - "title": "Values", - "type": "array" + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIOptions": { + "AWS::QuickSight::Analysis.RelativeDatesFilter": { "additionalProperties": false, "properties": { - "Comparison": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", - "markdownDescription": "The comparison configuration of a KPI visual.", - "title": "Comparison" + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" }, - "PrimaryValueDisplayType": { - "markdownDescription": "The options that determine the primary value display type.", - "title": "PrimaryValueDisplayType", - "type": "string" + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" }, - "PrimaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The options that determine the primary value font configuration.", - "title": "PrimaryValueFontConfiguration" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" }, - "ProgressBar": { - "$ref": "#/definitions/AWS::QuickSight::Template.ProgressBarOptions", - "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", - "title": "ProgressBar" + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" }, - "SecondaryValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.SecondaryValueOptions", - "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", - "title": "SecondaryValue" + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" }, - "SecondaryValueFontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The options that determine the secondary value font configuration.", - "title": "SecondaryValueFontConfiguration" + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", + "type": "string" }, - "Sparkline": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPISparklineOptions", - "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", - "title": "Sparkline" + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" }, - "TrendArrows": { - "$ref": "#/definitions/AWS::QuickSight::Template.TrendArrowOptions", - "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", - "title": "TrendArrows" + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" }, - "VisualLayoutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualLayoutOptions", - "markdownDescription": "The options that determine the layout a KPI visual.", - "title": "VisualLayoutOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting": { - "additionalProperties": false, - "properties": { - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting of the primary value's icon.", - "title": "Icon" + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the primary value's text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.KPIProgressBarConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ForegroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting of the progress bar's foreground color.", - "title": "ForegroundColor" + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", + "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" } }, + "required": [ + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" + ], "type": "object" }, - "AWS::QuickSight::Template.KPISortConfiguration": { + "AWS::QuickSight::Analysis.ResourcePermission": { "additionalProperties": false, "properties": { - "TrendGroupSort": { + "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of the trend group fields.", - "title": "TrendGroupSort", + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" } }, + "required": [ + "Actions", + "Principal" + ], "type": "object" }, - "AWS::QuickSight::Template.KPISparklineOptions": { + "AWS::QuickSight::Analysis.RollingDateConfiguration": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The color of the sparkline.", - "title": "Color", - "type": "string" - }, - "TooltipVisibility": { - "markdownDescription": "The tooltip visibility of the sparkline.", - "title": "TooltipVisibility", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the sparkline.", - "title": "Type", + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the sparkline.", - "title": "Visibility", + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", "type": "string" } }, "required": [ - "Type" + "Expression" ], "type": "object" }, - "AWS::QuickSight::Template.KPIVisual": { + "AWS::QuickSight::Analysis.RowAlternateColorOptions": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConfiguration", - "markdownDescription": "The configuration of a KPI visual.", - "title": "ChartConfiguration" - }, - "ColumnHierarchies": { + "RowAlternateColors": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "type": "string" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", "type": "array" }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormatting", - "markdownDescription": "The conditional formatting of a KPI visual.", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", "type": "string" } }, - "required": [ - "VisualId" - ], "type": "object" }, - "AWS::QuickSight::Template.KPIVisualLayoutOptions": { + "AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration": { "additionalProperties": false, "properties": { - "StandardLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualStandardLayout", - "markdownDescription": "The standard layout of the KPI visual.", - "title": "StandardLayout" + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" + }, + "TargetVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.KPIVisualStandardLayout": { + "AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The standard layout type.", - "title": "Type", - "type": "string" + "Destination": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", + "type": "array" + }, + "Source": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", + "type": "array" + }, + "Weight": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::QuickSight::Template.LabelOptions": { + "AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The text for the label.", - "title": "CustomLabel", - "type": "string" + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a sankey diagram.", + "title": "DataLabels" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the label.", - "title": "FontConfiguration" + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "FieldWells" }, - "Visibility": { - "markdownDescription": "Determines whether or not the label is visible.", - "title": "Visibility", - "type": "string" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", + "title": "SortConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.Layout": { + "AWS::QuickSight::Analysis.SankeyDiagramFieldWells": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LayoutConfiguration", - "markdownDescription": "The configuration that determines what the type of layout for a sheet.", - "title": "Configuration" + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" } }, - "required": [ - "Configuration" - ], "type": "object" }, - "AWS::QuickSight::Template.LayoutConfiguration": { + "AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration": { "additionalProperties": false, "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutConfiguration", - "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", - "title": "FreeFormLayout" + "DestinationItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" }, - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", - "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", - "title": "GridLayout" + "SourceItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" }, - "SectionBasedLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutConfiguration", - "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", - "title": "SectionBasedLayout" + "WeightSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.LegendOptions": { + "AWS::QuickSight::Analysis.SankeyDiagramVisual": { "additionalProperties": false, "properties": { - "Height": { - "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", - "title": "Height", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" }, - "Position": { - "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", - "title": "Position", - "type": "string" + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The custom title for the legend.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, - "Visibility": { - "markdownDescription": "Determines whether or not the legend is visible.", - "title": "Visibility", + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", "type": "string" }, - "Width": { - "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", - "title": "Width", + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", "type": "string" } }, + "required": [ + "VisualId" + ], "type": "object" }, - "AWS::QuickSight::Template.LineChartAggregatedFieldWells": { + "AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "markdownDescription": "The category field well of a scatter plot.", "title": "Category", "type": "array" }, - "Colors": { + "Label": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", - "title": "Colors", + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", "type": "array" }, - "SmallMultiples": { + "Size": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The small multiples field well of a line chart.", - "title": "SmallMultiples", + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", "type": "array" }, - "Values": { + "XAxis": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, - "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartConfiguration": { + "AWS::QuickSight::Analysis.ScatterPlotConfiguration": { "additionalProperties": false, "properties": { - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" - }, - "markdownDescription": "The default configuration of a line chart's contribution analysis.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, - "DefaultSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartDefaultSeriesSettings", - "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", - "title": "DefaultSeriesSettings" - }, "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartFieldWells", - "markdownDescription": "The field well configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, - "ForecastConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ForecastConfiguration" - }, - "markdownDescription": "The forecast configuration of a line chart.", - "title": "ForecastConfigurations", - "type": "array" + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" }, "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "PrimaryYAxisDisplayOptions" - }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" - }, - "ReferenceLines": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" - }, - "markdownDescription": "The reference lines configuration of a line chart.", - "title": "ReferenceLines", - "type": "array" - }, - "SecondaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", - "markdownDescription": "The series axis configuration of a line chart.", - "title": "SecondaryYAxisDisplayOptions" - }, - "SecondaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", - "title": "SecondaryYAxisLabelOptions" - }, - "Series": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SeriesItem" - }, - "markdownDescription": "The series item configuration of a line chart.", - "title": "Series", - "type": "array" - }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" - }, "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSortConfiguration", - "markdownDescription": "The sort configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", "title": "SortConfiguration" }, "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, - "Type": { - "markdownDescription": "Determines the type of the line chart.", - "title": "Type", - "type": "string" - }, "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" }, "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the x-axis.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the x-axis label.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", "title": "XAxisLabelOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LineChartDefaultSeriesSettings": { - "additionalProperties": false, - "properties": { - "AxisBinding": { - "markdownDescription": "The axis to which you are binding all line series to.", - "title": "AxisBinding", - "type": "string" - }, - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for all line series in the visual.", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for all line series in the visual.", - "title": "MarkerStyleSettings" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LineChartFieldWells": { - "additionalProperties": false, - "properties": { - "LineChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a line chart.", - "title": "LineChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.LineChartLineStyleSettings": { - "additionalProperties": false, - "properties": { - "LineInterpolation": { - "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", - "title": "LineInterpolation", - "type": "string" - }, - "LineStyle": { - "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", - "title": "LineStyle", - "type": "string" }, - "LineVisibility": { - "markdownDescription": "Configuration option that determines whether to show the line for the series.", - "title": "LineVisibility", - "type": "string" + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", + "title": "YAxisDisplayOptions" }, - "LineWidth": { - "markdownDescription": "Width that determines the line thickness.", - "title": "LineWidth", - "type": "string" + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartMarkerStyleSettings": { + "AWS::QuickSight::Analysis.ScatterPlotFieldWells": { "additionalProperties": false, "properties": { - "MarkerColor": { - "markdownDescription": "Color of marker in the series.", - "title": "MarkerColor", - "type": "string" - }, - "MarkerShape": { - "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", - "title": "MarkerShape", - "type": "string" - }, - "MarkerSize": { - "markdownDescription": "Size of marker in the series.", - "title": "MarkerSize", - "type": "string" + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" }, - "MarkerVisibility": { - "markdownDescription": "Configuration option that determines whether to show the markers in the series.", - "title": "MarkerVisibility", - "type": "string" + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartSeriesSettings": { + "AWS::QuickSight::Analysis.ScatterPlotSortConfiguration": { "additionalProperties": false, "properties": { - "LineStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", - "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", - "title": "LineStyleSettings" - }, - "MarkerStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", - "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", - "title": "MarkerStyleSettings" + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartSortConfiguration": { + "AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells": { "additionalProperties": false, "properties": { - "CategoryItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", - "title": "CategoryItemsLimitConfiguration" + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" }, - "CategorySort": { + "Label": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", "type": "array" }, - "ColorItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", - "title": "ColorItemsLimitConfiguration" + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", + "type": "array" }, - "SmallMultiplesSort": { + "YAxis": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.LineChartVisual": { + "AWS::QuickSight::Analysis.ScatterPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartConfiguration", - "markdownDescription": "The configuration of a line chart.", + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", @@ -216613,4171 +230706,41591 @@ ], "type": "object" }, - "AWS::QuickSight::Template.LineSeriesAxisDisplayOptions": { - "additionalProperties": false, - "properties": { - "AxisOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the line series axis.", - "title": "AxisOptions" - }, - "MissingDataConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MissingDataConfiguration" - }, - "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", - "title": "MissingDataConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ListControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "SearchOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSearchOptions", - "markdownDescription": "The configuration of the search options in a list control.", - "title": "SearchOptions" - }, - "SelectAllOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", - "markdownDescription": "The configuration of the `Select all` options in a list control.", - "title": "SelectAllOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ListControlSearchOptions": { + "AWS::QuickSight::Analysis.ScrollBarOptions": { "additionalProperties": false, "properties": { "Visibility": { - "markdownDescription": "The visibility configuration of the search options in a list control.", + "markdownDescription": "The visibility of the data zoom scroll bar.", "title": "Visibility", "type": "string" + }, + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" } }, "type": "object" }, - "AWS::QuickSight::Template.ListControlSelectAllOptions": { + "AWS::QuickSight::Analysis.SecondaryValueOptions": { "additionalProperties": false, "properties": { "Visibility": { - "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "markdownDescription": "Determines the visibility of the secondary value.", "title": "Visibility", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.LoadingAnimation": { + "AWS::QuickSight::Analysis.SectionAfterPageBreak": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of `LoadingAnimation` .", - "title": "Visibility", + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.LocalNavigationConfiguration": { + "AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { - "TargetSheetId": { - "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", - "title": "TargetSheetId", - "type": "string" + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" } }, - "required": [ - "TargetSheetId" - ], "type": "object" }, - "AWS::QuickSight::Template.LongFormatText": { + "AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", - "type": "string" + "BodySections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionConfiguration" + }, + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", + "type": "array" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.MappedDataSetParameter": { - "additionalProperties": false, - "properties": { - "DataSetIdentifier": { - "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", - "title": "DataSetIdentifier", - "type": "string" + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" }, - "DataSetParameterName": { - "markdownDescription": "The name of the dataset parameter.", - "title": "DataSetParameterName", - "type": "string" + "FooterSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", + "type": "array" + }, + "HeaderSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", + "type": "array" } }, "required": [ - "DataSetIdentifier", - "DataSetParameterName" + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" ], "type": "object" }, - "AWS::QuickSight::Template.MaximumLabelType": { + "AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the maximum label.", - "title": "Visibility", + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" + }, + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", + "type": "string" + }, + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.MaximumMinimumComputation": { + "AWS::QuickSight::Analysis.SectionLayoutConfiguration": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Type": { - "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", - "title": "Type", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" } }, "required": [ - "ComputationId", - "Type" + "FreeFormLayout" ], "type": "object" }, - "AWS::QuickSight::Template.MeasureField": { + "AWS::QuickSight::Analysis.SectionPageBreakConfiguration": { "additionalProperties": false, "properties": { - "CalculatedMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedMeasureField", - "markdownDescription": "The calculated measure field only used in pivot tables.", - "title": "CalculatedMeasureField" - }, - "CategoricalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalMeasureField", - "markdownDescription": "The measure type field with categorical type columns.", - "title": "CategoricalMeasureField" - }, - "DateMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateMeasureField", - "markdownDescription": "The measure type field with date type columns.", - "title": "DateMeasureField" - }, - "NumericalMeasureField": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalMeasureField", - "markdownDescription": "The measure type field with numerical type columns.", - "title": "NumericalMeasureField" + "After": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" } }, "type": "object" }, - "AWS::QuickSight::Template.MetricComparisonComputation": { + "AWS::QuickSight::Analysis.SectionStyle": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, - "FromValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The field that is used in a metric comparison from value setup.", - "title": "FromValue" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", "type": "string" }, - "TargetValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The field that is used in a metric comparison to value setup.", - "title": "TargetValue" - }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" } }, - "required": [ - "ComputationId" - ], "type": "object" }, - "AWS::QuickSight::Template.MinimumLabelType": { + "AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the minimum label.", - "title": "Visibility", - "type": "string" + "SheetVisualScopingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetVisualScopingConfiguration" + }, + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.MissingDataConfiguration": { + "AWS::QuickSight::Analysis.SeriesItem": { "additionalProperties": false, "properties": { - "TreatmentOption": { - "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", - "title": "TreatmentOption", - "type": "string" + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" + }, + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" } }, "type": "object" }, - "AWS::QuickSight::Template.NegativeValueConfiguration": { + "AWS::QuickSight::Analysis.SetParameterValueConfiguration": { "additionalProperties": false, "properties": { - "DisplayMode": { - "markdownDescription": "Determines the display mode of the negative value configuration.", - "title": "DisplayMode", + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DestinationParameterValueConfiguration", + "markdownDescription": "", + "title": "Value" } }, "required": [ - "DisplayMode" + "DestinationParameterName", + "Value" ], "type": "object" }, - "AWS::QuickSight::Template.NullValueFormatConfiguration": { + "AWS::QuickSight::Analysis.ShapeConditionalFormat": { "additionalProperties": false, "properties": { - "NullString": { - "markdownDescription": "Determines the null string of null values.", - "title": "NullString", - "type": "string" + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" } }, "required": [ - "NullString" + "BackgroundColor" ], "type": "object" }, - "AWS::QuickSight::Template.NumberDisplayFormatConfiguration": { + "AWS::QuickSight::Analysis.Sheet": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "NumberScale": { - "markdownDescription": "Determines the number scale value of the number format.", - "title": "NumberScale", - "type": "string" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the number format.", - "title": "Prefix", + "Name": { + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the number format.", - "title": "Suffix", + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NumberFormatConfiguration": { + "AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions": { "additionalProperties": false, "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The options that determine the numeric format configuration.", - "title": "FormatConfiguration" + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility configuration of info icon label options.", + "title": "Visibility", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericAxisOptions": { + "AWS::QuickSight::Analysis.SheetControlLayout": { "additionalProperties": false, "properties": { - "Range": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayRange", - "markdownDescription": "The range setup of a numeric axis.", - "title": "Range" - }, - "Scale": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisScale", - "markdownDescription": "The scale setup of a numeric axis.", - "title": "Scale" + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" } }, + "required": [ + "Configuration" + ], "type": "object" }, - "AWS::QuickSight::Template.NumericEqualityDrillDownFilter": { + "AWS::QuickSight::Analysis.SheetControlLayoutConfiguration": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "Value": { - "markdownDescription": "The value of the double input numeric drill down filter.", - "title": "Value", - "type": "number" + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" } }, - "required": [ - "Column", - "Value" - ], "type": "object" }, - "AWS::QuickSight::Template.NumericEqualityFilter": { + "AWS::QuickSight::Analysis.SheetDefinition": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", + "type": "string" + }, + "FilterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterControl" + }, + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", + "type": "array" + }, + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" + }, + "Layouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Layout" + }, + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "ParameterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterControl" + }, + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", + "type": "array" + }, + "SheetControlLayouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayout" + }, + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", + "type": "array" + }, + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", + "type": "string" + }, + "TextBoxes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetTextBox" + }, + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", + "type": "array" + }, + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", + "type": "string" + }, + "Visuals": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.Visual" + }, + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", + "type": "array" + } + }, + "required": [ + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetElementConfigurationOverrides": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetElementRenderingRule": { + "additionalProperties": false, + "properties": { + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" + }, + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "ConfigurationOverrides", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImage": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageCustomAction" + }, + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", + "type": "array" + }, + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" + }, + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" + }, + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" + } + }, + "required": [ + "SheetImageId", + "Source" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageScalingConfiguration": { + "additionalProperties": false, + "properties": { + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageSource": { + "additionalProperties": false, + "properties": { + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageTooltipConfiguration": { + "additionalProperties": false, + "properties": { + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetImageTooltipText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetTextBox": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", + "type": "string" + }, + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", + "type": "string" + } + }, + "required": [ + "SheetTextBoxId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.SheetVisualScopingConfiguration": { + "additionalProperties": false, + "properties": { + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", + "type": "string" + }, + "VisualIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", + "type": "array" + } + }, + "required": [ + "Scope", + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ShortFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SimpleClusterMarker": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SingleAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SliderControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SmallMultiplesAxisProperties": { + "additionalProperties": false, + "properties": { + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", + "type": "string" + }, + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SmallMultiplesOptions": { + "additionalProperties": false, + "properties": { + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" + }, + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", + "type": "number" + }, + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" + }, + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" + }, + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.Spacing": { + "additionalProperties": false, + "properties": { + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", + "type": "string" + }, + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", + "type": "string" + }, + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", + "type": "string" + }, + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SpatialStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileSource", + "markdownDescription": "The source of the spatial static file.", + "title": "Source" + }, + "StaticFileId": { + "markdownDescription": "The ID of the spatial static file.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFile": { + "additionalProperties": false, + "properties": { + "ImageStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ImageStaticFile", + "markdownDescription": "The image static file.", + "title": "ImageStaticFile" + }, + "SpatialStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SpatialStaticFile", + "markdownDescription": "The spacial static file.", + "title": "SpatialStaticFile" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFileS3SourceOptions": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "ObjectKey": { + "markdownDescription": "The identifier of the static file in the Amazon S3 bucket.", + "title": "ObjectKey", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region of the Amazon S3 account that contains the bucket.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "BucketName", + "ObjectKey", + "Region" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFileSource": { + "additionalProperties": false, + "properties": { + "S3Options": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileS3SourceOptions", + "markdownDescription": "The structure that contains the Amazon S3 location to download the static file from.", + "title": "S3Options" + }, + "UrlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StaticFileUrlSourceOptions", + "markdownDescription": "The structure that contains the URL to download the static file from.", + "title": "UrlOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.StaticFileUrlSourceOptions": { + "additionalProperties": false, + "properties": { + "Url": { + "markdownDescription": "The URL to download the static file from.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "Url" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StringDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.StringFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.StringParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for a string parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values of a string parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StringParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.SubtotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", + "type": "string" + }, + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", + "type": "string" + }, + "FieldLevelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions" + }, + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", + "type": "array" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" + }, + "StyleTargets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableStyleTarget" + }, + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", + "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableBorderOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", + "type": "string" + }, + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", + "type": "string" + }, + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableCellImageSizingConfiguration": { + "additionalProperties": false, + "properties": { + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableCellStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color for the table cells.", + "title": "BackgroundColor", + "type": "string" + }, + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" + }, + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" + }, + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", + "type": "string" + }, + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" + }, + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", + "title": "SortConfiguration" + }, + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableInlineVisualization" + }, + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldCustomIconContent": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldCustomTextContent": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" + }, + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "FontConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldImageConfiguration": { + "additionalProperties": false, + "properties": { + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldLinkConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" + }, + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Content", + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration": { + "additionalProperties": false, + "properties": { + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" + }, + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", + "type": "string" + }, + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" + }, + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldOptions": { + "additionalProperties": false, + "properties": { + "Order": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", + "type": "array" + }, + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOption" + }, + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" + }, + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldURLConfiguration": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableFieldWells": { + "additionalProperties": false, + "properties": { + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" + }, + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableInlineVisualization": { + "additionalProperties": false, + "properties": { + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" + }, + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" + }, + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TablePinnedFieldOptions": { + "additionalProperties": false, + "properties": { + "PinnedLeftFields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableRowConditionalFormatting": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableSideBorderOptions": { + "additionalProperties": false, + "properties": { + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" + }, + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" + }, + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" + }, + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" + }, + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" + }, + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableSortConfiguration": { + "additionalProperties": false, + "properties": { + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableStyleTarget": { + "additionalProperties": false, + "properties": { + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", + "type": "string" + } + }, + "required": [ + "CellType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TableUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" + }, + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TextAreaControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TextConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" + }, + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TextControlPlaceholderOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TextFieldControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.ThousandSeparatorOptions": { + "additionalProperties": false, + "properties": { + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeBasedForecastProperties": { + "additionalProperties": false, + "properties": { + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeEqualityFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeRangeDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", + "type": "string" + }, + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeRangeFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TimeRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TooltipItem": { + "additionalProperties": false, + "properties": { + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" + }, + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TooltipOptions": { + "additionalProperties": false, + "properties": { + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" + }, + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TopBottomFilter": { + "additionalProperties": false, + "properties": { + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationSortConfiguration" + }, + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", + "type": "number" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AggregationSortConfigurations", + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TopBottomMoversComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TopBottomRankedComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalAggregationComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalAggregationOption": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", + "type": "string" + }, + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" + } + }, + "required": [ + "FieldId", + "TotalAggregationFunction" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation settings for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", + "markdownDescription": "Cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", + "type": "string" + } + }, + "required": [ + "ColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", + "type": "array" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", + "type": "array" + }, + "Sizes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", + "title": "ColorLabelOptions" + }, + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapFieldWells": { + "additionalProperties": false, + "properties": { + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "TreeMapGroupItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" + }, + "TreeMapSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.TreeMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.TrendArrowOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the trend arrows.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.UnaggregatedField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.UniqueValuesComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.ValidationStrategy": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.VisibleRangeOptions": { + "additionalProperties": false, + "properties": { + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.Visual": { + "additionalProperties": false, + "properties": { + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" + }, + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" + }, + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" + }, + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" + }, + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" + }, + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" + }, + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" + }, + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" + }, + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" + }, + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" + }, + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" + }, + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" + }, + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" + }, + "LayerMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LayerMapVisual", + "markdownDescription": "The properties for a layer map visual", + "title": "LayerMapVisual" + }, + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" + }, + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" + }, + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualInteractionOptions": { + "additionalProperties": false, + "properties": { + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualPalette": { + "additionalProperties": false, + "properties": { + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", + "type": "string" + }, + "ColorMap": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathColor" + }, + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualSubtitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.VisualTitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the title label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Breakdowns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", + "type": "array" + }, + "Categories": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The value field wells of a waterfall visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" + }, + "CategoryAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" + }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", + "markdownDescription": "The data label configuration of a waterfall visual.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", + "markdownDescription": "The legend configuration of a waterfall visual.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", + "title": "SortConfiguration" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", + "markdownDescription": "The visual palette configuration of a waterfall visual.", + "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartFieldWells": { + "additionalProperties": false, + "properties": { + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartGroupColorConfiguration": { + "additionalProperties": false, + "properties": { + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" + }, + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartOptions": { + "additionalProperties": false, + "properties": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WaterfallVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.WhatIfPointScenario": { + "additionalProperties": false, + "properties": { + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Date", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.WhatIfRangeScenario": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "EndDate", + "StartDate", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" + }, + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" + }, + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", + "title": "Size", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" + }, + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudFieldWells": { + "additionalProperties": false, + "properties": { + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudOptions": { + "additionalProperties": false, + "properties": { + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", + "type": "string" + }, + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" + }, + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", + "type": "string" + }, + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", + "type": "string" + }, + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", + "type": "string" + }, + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Analysis.WordCloudVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Analysis.YAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", + "type": "string" + } + }, + "required": [ + "YAxis" + ], + "type": "object" + }, + "AWS::QuickSight::CustomPermissions": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account that contains the custom permission configuration that you want to update.", + "title": "AwsAccountId", + "type": "string" + }, + "Capabilities": { + "$ref": "#/definitions/AWS::QuickSight::CustomPermissions.Capabilities", + "markdownDescription": "A set of actions in the custom permissions profile.", + "title": "Capabilities" + }, + "CustomPermissionsName": { + "markdownDescription": "The name of the custom permissions profile.", + "title": "CustomPermissionsName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to associate with the custom permissions profile.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AwsAccountId", + "CustomPermissionsName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::CustomPermissions" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::CustomPermissions.Capabilities": { + "additionalProperties": false, + "properties": { + "AddOrRunAnomalyDetectionForAnalyses": { + "markdownDescription": "The ability to add or run anomaly detection.", + "title": "AddOrRunAnomalyDetectionForAnalyses", + "type": "string" + }, + "CreateAndUpdateDashboardEmailReports": { + "markdownDescription": "The ability to create and update email reports.", + "title": "CreateAndUpdateDashboardEmailReports", + "type": "string" + }, + "CreateAndUpdateDataSources": { + "markdownDescription": "The ability to create and update data sources.", + "title": "CreateAndUpdateDataSources", + "type": "string" + }, + "CreateAndUpdateDatasets": { + "markdownDescription": "The ability to create and update datasets.", + "title": "CreateAndUpdateDatasets", + "type": "string" + }, + "CreateAndUpdateThemes": { + "markdownDescription": "The ability to export to Create and Update themes.", + "title": "CreateAndUpdateThemes", + "type": "string" + }, + "CreateAndUpdateThresholdAlerts": { + "markdownDescription": "The ability to create and update threshold alerts.", + "title": "CreateAndUpdateThresholdAlerts", + "type": "string" + }, + "CreateSPICEDataset": { + "markdownDescription": "The ability to create a SPICE dataset.", + "title": "CreateSPICEDataset", + "type": "string" + }, + "CreateSharedFolders": { + "markdownDescription": "The ability to create shared folders.", + "title": "CreateSharedFolders", + "type": "string" + }, + "ExportToCsv": { + "markdownDescription": "The ability to export to CSV files from the UI.", + "title": "ExportToCsv", + "type": "string" + }, + "ExportToCsvInScheduledReports": { + "markdownDescription": "The ability to export to CSV files in scheduled email reports.", + "title": "ExportToCsvInScheduledReports", + "type": "string" + }, + "ExportToExcel": { + "markdownDescription": "The ability to export to Excel files from the UI.", + "title": "ExportToExcel", + "type": "string" + }, + "ExportToExcelInScheduledReports": { + "markdownDescription": "The ability to export to Excel files in scheduled email reports.", + "title": "ExportToExcelInScheduledReports", + "type": "string" + }, + "ExportToPdf": { + "markdownDescription": "The ability to export to PDF files from the UI.", + "title": "ExportToPdf", + "type": "string" + }, + "ExportToPdfInScheduledReports": { + "markdownDescription": "The ability to export to PDF files in scheduled email reports.", + "title": "ExportToPdfInScheduledReports", + "type": "string" + }, + "IncludeContentInScheduledReportsEmail": { + "markdownDescription": "The ability to include content in scheduled email reports.", + "title": "IncludeContentInScheduledReportsEmail", + "type": "string" + }, + "PrintReports": { + "markdownDescription": "The ability to print reports.", + "title": "PrintReports", + "type": "string" + }, + "RenameSharedFolders": { + "markdownDescription": "The ability to rename shared folders.", + "title": "RenameSharedFolders", + "type": "string" + }, + "ShareAnalyses": { + "markdownDescription": "The ability to share analyses.", + "title": "ShareAnalyses", + "type": "string" + }, + "ShareDashboards": { + "markdownDescription": "The ability to share dashboards.", + "title": "ShareDashboards", + "type": "string" + }, + "ShareDataSources": { + "markdownDescription": "The ability to share data sources.", + "title": "ShareDataSources", + "type": "string" + }, + "ShareDatasets": { + "markdownDescription": "The ability to share datasets.", + "title": "ShareDatasets", + "type": "string" + }, + "SubscribeDashboardEmailReports": { + "markdownDescription": "The ability to subscribe to email reports.", + "title": "SubscribeDashboardEmailReports", + "type": "string" + }, + "ViewAccountSPICECapacity": { + "markdownDescription": "The ability to view account SPICE capacity.", + "title": "ViewAccountSPICECapacity", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you want to create the dashboard.", + "title": "AwsAccountId", + "type": "string" + }, + "DashboardId": { + "markdownDescription": "The ID for the dashboard, also added to the IAM policy.", + "title": "DashboardId", + "type": "string" + }, + "DashboardPublishOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardPublishOptions", + "markdownDescription": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default.", + "title": "DashboardPublishOptions" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVersionDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "LinkEntities": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard.", + "title": "LinkEntities", + "type": "array" + }, + "LinkSharingConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LinkSharingConfiguration", + "markdownDescription": "A structure that contains the link sharing configurations that you want to apply overrides to.", + "title": "LinkSharingConfiguration" + }, + "Name": { + "markdownDescription": "The display name of the dashboard.", + "title": "Name", + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Parameters", + "markdownDescription": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values.", + "title": "Parameters" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" + }, + "markdownDescription": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list.", + "title": "Permissions", + "type": "array" + }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceEntity", + "markdownDescription": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.", + "title": "SourceEntity" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard.", + "title": "Tags", + "type": "array" + }, + "ThemeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard.", + "title": "ThemeArn", + "type": "string" + }, + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + }, + "VersionDescription": { + "markdownDescription": "A description for the first version of the dashboard being created.", + "title": "VersionDescription", + "type": "string" + } + }, + "required": [ + "AwsAccountId", + "DashboardId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Dashboard" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AdHocFilteringOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "Availability status.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AggregationFunction": { + "additionalProperties": false, + "properties": { + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" + }, + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" + }, + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", + "type": "string" + }, + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AggregationSortConfiguration": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" + }, + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", + "type": "string" + } + }, + "required": [ + "Column", + "SortDirection" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AnalysisDefaults": { + "additionalProperties": false, + "properties": { + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" + } + }, + "required": [ + "DefaultNewSheetConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AnchorDateConfiguration": { + "additionalProperties": false, + "properties": { + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcAxisConfiguration": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" + }, + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcAxisDisplayRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcConfiguration": { + "additionalProperties": false, + "properties": { + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", + "type": "number" + }, + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ArcOptions": { + "additionalProperties": false, + "properties": { + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AssetOptions": { + "additionalProperties": false, + "properties": { + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", + "type": "string" + }, + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AttributeAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", + "type": "string" + }, + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDataOptions": { + "additionalProperties": false, + "properties": { + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" + }, + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", + "type": "number" + }, + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", + "type": "string" + }, + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", + "type": "string" + }, + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" + }, + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", + "type": "string" + }, + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" + }, + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisDisplayRange": { + "additionalProperties": false, + "properties": { + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" + }, + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLabelOptions": { + "additionalProperties": false, + "properties": { + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" + }, + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLabelReferenceOptions": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The field that the axis label is targeted to.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLinearScale": { + "additionalProperties": false, + "properties": { + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisLogarithmicScale": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisScale": { + "additionalProperties": false, + "properties": { + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" + }, + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.AxisTickLabelOptions": { + "additionalProperties": false, + "properties": { + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" + }, + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", + "type": "string" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartFieldWells": { + "additionalProperties": false, + "properties": { + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BinCountOptions": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BinWidthOptions": { + "additionalProperties": false, + "properties": { + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", + "type": "number" + }, + "Value": { + "markdownDescription": "The options that determine the bin width value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" + }, + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" + }, + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" + } + }, + "required": [ + "Content", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionContent": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionDynamicCategoryDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionDynamicNumericDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionRepeatConfiguration": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" + }, + "NonRepeatingVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", + "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionRepeatDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" + }, + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BodySectionRepeatPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotChartConfiguration": { + "additionalProperties": false, + "properties": { + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotFieldWells": { + "additionalProperties": false, + "properties": { + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotOptions": { + "additionalProperties": false, + "properties": { + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", + "type": "string" + }, + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", + "type": "string" + }, + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of a group by fields.", + "title": "CategorySort", + "type": "array" + }, + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotStyleOptions": { + "additionalProperties": false, + "properties": { + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.BoxPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CalculatedField": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CalculatedMeasureField": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Expression", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CascadingControlConfiguration": { + "additionalProperties": false, + "properties": { + "SourceControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlSource" + }, + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CascadingControlSource": { + "additionalProperties": false, + "properties": { + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" + }, + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoricalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoricalMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryDrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + } + }, + "required": [ + "CategoryValues", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + } + }, + "required": [ + "Column", + "Configuration", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" + }, + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" + }, + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CategoryInnerFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" + } + }, + "required": [ + "Column", + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ChartAxisLabelOptions": { + "additionalProperties": false, + "properties": { + "AxisLabelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelOptions" + }, + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", + "type": "array" + }, + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ClusterMarker": { + "additionalProperties": false, + "properties": { + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ClusterMarkerConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColorScale": { + "additionalProperties": false, + "properties": { + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", + "type": "string" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor" + }, + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", + "type": "array" + }, + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" + } + }, + "required": [ + "ColorFillType", + "Colors" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColorsConfiguration": { + "additionalProperties": false, + "properties": { + "CustomColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomColor" + }, + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnConfiguration": { + "additionalProperties": false, + "properties": { + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column.", + "title": "Column" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" + }, + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", + "type": "string" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnHierarchy": { + "additionalProperties": false, + "properties": { + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" + }, + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" + }, + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnIdentifier": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", + "type": "string" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", + "type": "string" + } + }, + "required": [ + "ColumnName", + "DataSetIdentifier" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnSort": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" + }, + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" + } + }, + "required": [ + "Direction", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ColumnTooltipItem": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "BarValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", + "type": "array" + }, + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated category field wells of a combo chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", + "type": "array" + }, + "LineValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" + }, + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartFieldWells": { + "additionalProperties": false, + "properties": { + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the color field well in a combo chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComboChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComparisonConfiguration": { + "additionalProperties": false, + "properties": { + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" + }, + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ComparisonFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.Computation": { + "additionalProperties": false, + "properties": { + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" + }, + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" + }, + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" + }, + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" + }, + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" + }, + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" + }, + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingColor": { + "additionalProperties": false, + "properties": { + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", + "type": "string" + }, + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" + }, + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", + "type": "string" + }, + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" + } + }, + "required": [ + "Expression", + "IconOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", + "type": "string" + }, + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor": { + "additionalProperties": false, + "properties": { + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" + }, + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Color", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingIcon": { + "additionalProperties": false, + "properties": { + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" + }, + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration": { + "additionalProperties": false, + "properties": { + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingIconSet": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", + "type": "string" + }, + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for solid color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ContextMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ContributionAnalysisDefault": { + "additionalProperties": false, + "properties": { + "ContributorDimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", + "type": "array" + }, + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", + "type": "string" + } + }, + "required": [ + "ContributorDimensions", + "MeasureFieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomActionFilterOperation": { + "additionalProperties": false, + "properties": { + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" + }, + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" + } + }, + "required": [ + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomActionNavigationOperation": { + "additionalProperties": false, + "properties": { + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomActionSetParametersOperation": { + "additionalProperties": false, + "properties": { + "ParameterValueConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SetParameterValueConfiguration" + }, + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", + "type": "array" + } + }, + "required": [ + "ParameterValueConfigurations" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomActionURLOperation": { + "additionalProperties": false, + "properties": { + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", + "type": "string" + }, + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", + "type": "string" + } + }, + "required": [ + "URLTarget", + "URLTemplate" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", + "type": "string" + }, + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomContentConfiguration": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", + "type": "string" + }, + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", + "type": "string" + }, + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomContentVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", + "type": "string" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomFilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomNarrativeOptions": { + "additionalProperties": false, + "properties": { + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", + "type": "string" + } + }, + "required": [ + "Narrative" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomParameterValues": { + "additionalProperties": false, + "properties": { + "DateTimeValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", + "type": "array" + }, + "DecimalValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", + "type": "array" + }, + "IntegerValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", + "type": "array" + }, + "StringValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.CustomValuesConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" + }, + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" + } + }, + "required": [ + "CustomValues" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardError": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Message.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "Type.", + "title": "Type", + "type": "string" + }, + "ViolatedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Entity" + }, + "markdownDescription": "Lists the violated entities that caused the dashboard error.", + "title": "ViolatedEntities", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardPublishOptions": { + "additionalProperties": false, + "properties": { + "AdHocFilteringOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AdHocFilteringOption", + "markdownDescription": "Ad hoc (one-time) filtering option.", + "title": "AdHocFilteringOption" + }, + "DataPointDrillUpDownOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointDrillUpDownOption", + "markdownDescription": "The drill-down options of data points in a dashboard.", + "title": "DataPointDrillUpDownOption" + }, + "DataPointMenuLabelOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointMenuLabelOption", + "markdownDescription": "The data point menu label options of a dashboard.", + "title": "DataPointMenuLabelOption" + }, + "DataPointTooltipOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointTooltipOption", + "markdownDescription": "The data point tool tip options of a dashboard.", + "title": "DataPointTooltipOption" + }, + "ExportToCSVOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportToCSVOption", + "markdownDescription": "Export to .csv option.", + "title": "ExportToCSVOption" + }, + "ExportWithHiddenFieldsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption", + "markdownDescription": "Determines if hidden fields are exported with a dashboard.", + "title": "ExportWithHiddenFieldsOption" + }, + "SheetControlsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlsOption", + "markdownDescription": "Sheet controls option.", + "title": "SheetControlsOption" + }, + "SheetLayoutElementMaximizationOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption", + "markdownDescription": "The sheet layout maximization options of a dashbaord.", + "title": "SheetLayoutElementMaximizationOption" + }, + "VisualAxisSortOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualAxisSortOption", + "markdownDescription": "The axis sort options of a dashboard.", + "title": "VisualAxisSortOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", + "markdownDescription": "The menu options of a visual in a dashboard.", + "title": "VisualMenuOption" + }, + "VisualPublishOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVisualPublishOptions", + "markdownDescription": "The visual publish options of a visual in a dashboard.", + "title": "VisualPublishOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardSourceEntity": { + "additionalProperties": false, + "properties": { + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceTemplate", + "markdownDescription": "Source template.", + "title": "SourceTemplate" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardSourceTemplate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetReference" + }, + "markdownDescription": "Dataset references.", + "title": "DataSetReferences", + "type": "array" + } + }, + "required": [ + "Arn", + "DataSetReferences" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardVersion": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "CreatedTime": { + "markdownDescription": "The time that this dashboard version was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSetArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Numbers (ARNs) for the datasets that are associated with this version of the dashboard.", + "title": "DataSetArns", + "type": "array" + }, + "Description": { + "markdownDescription": "Description.", + "title": "Description", + "type": "string" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardError" + }, + "markdownDescription": "Errors associated with this dashboard version.", + "title": "Errors", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, + "SourceEntityArn": { + "markdownDescription": "Source entity ARN.", + "title": "SourceEntityArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The HTTP status of the request.", + "title": "Status", + "type": "string" + }, + "ThemeArn": { + "markdownDescription": "The ARN of the theme associated with a version of the dashboard.", + "title": "ThemeArn", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "Version number for this version of the dashboard.", + "title": "VersionNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardVersionDefinition": { + "additionalProperties": false, + "properties": { + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" + }, + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedField" + }, + "markdownDescription": "An array of calculated field definitions for the dashboard.", + "title": "CalculatedFields", + "type": "array" + }, + "ColumnConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnConfiguration" + }, + "markdownDescription": "An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard.", + "title": "ColumnConfigurations", + "type": "array" + }, + "DataSetIdentifierDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration" + }, + "markdownDescription": "An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures.", + "title": "DataSetIdentifierDeclarations", + "type": "array" + }, + "FilterGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterGroup" + }, + "markdownDescription": "The filter definitions for a dashboard.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AssetOptions", + "markdownDescription": "An array of option definitions for a dashboard.", + "title": "Options" + }, + "ParameterDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDeclaration" + }, + "markdownDescription": "The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for a dashboard.", + "title": "Sheets", + "type": "array" + }, + "StaticFiles": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFile" + }, + "markdownDescription": "The static files for the definition.", + "title": "StaticFiles", + "type": "array" + } + }, + "required": [ + "DataSetIdentifierDeclarations" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DashboardVisualPublishOptions": { + "additionalProperties": false, + "properties": { + "ExportHiddenFieldsOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportHiddenFieldsOption", + "markdownDescription": "Determines if hidden fields are included in an exported dashboard.", + "title": "ExportHiddenFieldsOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataBarsOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", + "type": "string" + }, + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", + "type": "string" + }, + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataFieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataLabelOptions": { + "additionalProperties": false, + "properties": { + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", + "type": "string" + }, + "DataLabelTypes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelType" + }, + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", + "type": "array" + }, + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", + "type": "string" + }, + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", + "type": "string" + }, + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the data labels.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataLabelType": { + "additionalProperties": false, + "properties": { + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" + }, + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" + }, + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" + }, + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" + }, + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", + "type": "string" + }, + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Color", + "Element" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", + "type": "string" + }, + "SortPaths": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + }, + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", + "type": "array" + } + }, + "required": [ + "Direction", + "SortPaths" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathType": { + "additionalProperties": false, + "properties": { + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPathValue": { + "additionalProperties": false, + "properties": { + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPointDrillUpDownOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the drill down options of data points.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPointMenuLabelOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the data point menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataPointTooltipOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the data point tool tip options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", + "title": "DataSetArn", + "type": "string" + }, + "Identifier": { + "markdownDescription": "The identifier of the data set, typically the data set's name.", + "title": "Identifier", + "type": "string" + } + }, + "required": [ + "DataSetArn", + "Identifier" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DataSetReference": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", + "type": "string" + }, + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", + "type": "string" + } + }, + "required": [ + "DataSetArn", + "DataSetPlaceholder" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateAxisOptions": { + "additionalProperties": false, + "properties": { + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" + }, + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", + "type": "string" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeHierarchy": { + "additionalProperties": false, + "properties": { + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for the date-time parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values for the date-time parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", + "type": "string" + }, + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", + "type": "string" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for the decimal parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the decimal parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalPlacesConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" + } + }, + "required": [ + "DecimalPlaces" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "Type": { + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration": { + "additionalProperties": false, + "properties": { + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" + }, + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ControlOptions", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFilterControlOptions": { + "additionalProperties": false, + "properties": { + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" + }, + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" + }, + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" + }, + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" + }, + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" + }, + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" + }, + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFilterListControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" + }, + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration": { + "additionalProperties": false, + "properties": { + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" + }, + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" + }, + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultSliderControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "MaximumValue", + "MinimumValue", + "StepSize" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" + }, + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", + "type": "string" + }, + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" + }, + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DimensionField": { + "additionalProperties": false, + "properties": { + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" + }, + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" + }, + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DonutCenterOptions": { + "additionalProperties": false, + "properties": { + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DonutOptions": { + "additionalProperties": false, + "properties": { + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" + }, + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DropDownControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.DynamicDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" + }, + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" + }, + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" + } + }, + "required": [ + "DefaultValueColumn" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.EmptyVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.Entity": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExcludePeriodConfiguration": { + "additionalProperties": false, + "properties": { + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", + "type": "number" + }, + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Amount", + "Granularity" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExplicitHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExportHiddenFieldsOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the export hidden fields options of a dashbaord.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExportToCSVOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "Availability status.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the export with hidden fields options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldBasedTooltip": { + "additionalProperties": false, + "properties": { + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", + "type": "string" + }, + "TooltipFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipItem" + }, + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", + "type": "array" + }, + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the field label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", + "title": "FieldId", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Direction", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldSortOptions": { + "additionalProperties": false, + "properties": { + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" + }, + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FieldTooltipItem": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", + "type": "string" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "required": [ + "ConditionalFormattingOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" + } + }, + "required": [ + "Shape" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapFieldWells": { + "additionalProperties": false, + "properties": { + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", + "type": "string" + }, + "Format": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the location fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilledMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.Filter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" + }, + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" + }, + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" + }, + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" + }, + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterControl": { + "additionalProperties": false, + "properties": { + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" + }, + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterCrossSheetControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterDropDownControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterGroup": { + "additionalProperties": false, + "properties": { + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", + "type": "string" + }, + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Filter" + }, + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", + "type": "array" + }, + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" + }, + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterListControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration": { + "additionalProperties": false, + "properties": { + "SelectedColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", + "type": "array" + }, + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", + "type": "string" + }, + "SelectedFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration": { + "additionalProperties": false, + "properties": { + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" + }, + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterSelectableValues": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", + "type": "string" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterTextAreaControl": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FilterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FontConfiguration": { + "additionalProperties": false, + "properties": { + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", + "type": "string" + }, + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", + "type": "string" + }, + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", + "type": "string" + }, + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" + }, + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", + "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FontSize": { + "additionalProperties": false, + "properties": { + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", + "type": "string" + }, + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FontWeight": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ForecastComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", + "type": "number" + }, + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ForecastConfiguration": { + "additionalProperties": false, + "properties": { + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" + }, + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ForecastScenario": { + "additionalProperties": false, + "properties": { + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" + }, + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FormatConfiguration": { + "additionalProperties": false, + "properties": { + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" + }, + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" + }, + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutElement": { + "additionalProperties": false, + "properties": { + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" + }, + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", + "type": "string" + }, + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" + }, + "RenderingRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementRenderingRule" + }, + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", + "type": "array" + }, + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" + }, + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", + "type": "string" + }, + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" + }, + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", + "type": "string" + } + }, + "required": [ + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" + } + }, + "required": [ + "OptimizedViewPortWidth" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", + "title": "CategoryLabelOptions" + }, + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions": { + "additionalProperties": false, + "properties": { + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", + "type": "string" + }, + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", + "type": "string" + }, + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartFieldWells": { + "additionalProperties": false, + "properties": { + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.FunnelChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", + "type": "string" + }, + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartConfiguration": { + "additionalProperties": false, + "properties": { + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", + "title": "FieldWells" + }, + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "TooltipOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartOptions": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" + }, + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" + }, + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GaugeChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCategoricalColor": { + "additionalProperties": false, + "properties": { + "CategoryDataColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCategoricalDataColor" + }, + "markdownDescription": "A list of categorical data colors for each category.", + "title": "CategoryDataColors", + "type": "array" + }, + "DefaultOpacity": { + "markdownDescription": "The default opacity of a categorical color.", + "title": "DefaultOpacity", + "type": "number" + }, + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", + "type": "string" + } + }, + "required": [ + "CategoryDataColors" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCategoricalDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the category data color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value for the category data color.", + "title": "DataValue", + "type": "string" + } + }, + "required": [ + "Color", + "DataValue" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCircleRadius": { + "additionalProperties": false, + "properties": { + "Radius": { + "markdownDescription": "The positive value for the radius of a circle.", + "title": "Radius", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCircleSymbolStyle": { + "additionalProperties": false, + "properties": { + "CircleRadius": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCircleRadius", + "markdownDescription": "The radius of the circle.", + "title": "CircleRadius" + }, + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width of the stroke (border).", + "title": "StrokeWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialColor": { + "additionalProperties": false, + "properties": { + "Categorical": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCategoricalColor", + "markdownDescription": "The visualization properties for the categorical color.", + "title": "Categorical" + }, + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialGradientColor", + "markdownDescription": "The visualization properties for the gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialSolidColor", + "markdownDescription": "The visualization properties for the solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialCoordinateBounds": { + "additionalProperties": false, + "properties": { + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" + }, + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" + }, + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" + }, + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" + } + }, + "required": [ + "East", + "North", + "South", + "West" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialDataSourceItem": { + "additionalProperties": false, + "properties": { + "StaticFileDataSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialStaticFileSource", + "markdownDescription": "The static file data source properties for the geospatial data.", + "title": "StaticFileDataSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialGradientColor": { + "additionalProperties": false, + "properties": { + "DefaultOpacity": { + "markdownDescription": "The default opacity for the gradient color.", + "title": "DefaultOpacity", + "type": "number" + }, + "NullDataSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullDataSettings", + "markdownDescription": "The null data visualization settings.", + "title": "NullDataSettings" + }, + "NullDataVisibility": { + "markdownDescription": "The state of visibility for null data.", + "title": "NullDataVisibility", + "type": "string" + }, + "StepColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialGradientStepColor" + }, + "markdownDescription": "A list of gradient step colors for the gradient.", + "title": "StepColors", + "type": "array" + } + }, + "required": [ + "StepColors" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialGradientStepColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the gradient step color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value for the gradient step color.", + "title": "DataValue", + "type": "number" + } + }, + "required": [ + "Color", + "DataValue" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor" + }, + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration": { + "additionalProperties": false, + "properties": { + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLayerColorField": { + "additionalProperties": false, + "properties": { + "ColorDimensionsFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "A list of color dimension fields.", + "title": "ColorDimensionsFields", + "type": "array" + }, + "ColorValuesFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "A list of color measure fields.", + "title": "ColorValuesFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLayerDefinition": { + "additionalProperties": false, + "properties": { + "LineLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineLayer", + "markdownDescription": "The definition for a line layer.", + "title": "LineLayer" + }, + "PointLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointLayer", + "markdownDescription": "The definition for a point layer.", + "title": "PointLayer" + }, + "PolygonLayer": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonLayer", + "markdownDescription": "The definition for a polygon layer.", + "title": "PolygonLayer" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLayerItem": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerCustomAction" + }, + "markdownDescription": "A list of custom actions for a layer.", + "title": "Actions", + "type": "array" + }, + "DataSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialDataSourceItem", + "markdownDescription": "The data source for the layer.", + "title": "DataSource" + }, + "JoinDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerJoinDefinition", + "markdownDescription": "The join definition properties for a layer.", + "title": "JoinDefinition" + }, + "Label": { + "markdownDescription": "The label that is displayed for the layer.", + "title": "Label", + "type": "string" + }, + "LayerDefinition": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerDefinition", + "markdownDescription": "The definition properties for a layer.", + "title": "LayerDefinition" + }, + "LayerId": { + "markdownDescription": "The ID of the layer.", + "title": "LayerId", + "type": "string" + }, + "LayerType": { + "markdownDescription": "The layer type.", + "title": "LayerType", + "type": "string" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "", + "title": "Tooltip" + }, + "Visibility": { + "markdownDescription": "The state of visibility for the layer.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "LayerId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLayerJoinDefinition": { + "additionalProperties": false, + "properties": { + "ColorField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerColorField", + "markdownDescription": "The geospatial color field for the join definition.", + "title": "ColorField" + }, + "DatasetKeyField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField", + "markdownDescription": "", + "title": "DatasetKeyField" + }, + "ShapeKeyField": { + "markdownDescription": "The name of the field or property in the geospatial data source.", + "title": "ShapeKeyField", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLayerMapConfiguration": { + "additionalProperties": false, + "properties": { + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "MapLayers": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerItem" + }, + "markdownDescription": "The geospatial layers to visualize on the map.", + "title": "MapLayers", + "type": "array" + }, + "MapState": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapState", + "markdownDescription": "The map state properties for the map.", + "title": "MapState" + }, + "MapStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyle", + "markdownDescription": "The map style properties for the map.", + "title": "MapStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLineLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineStyle", + "markdownDescription": "The visualization style for a line layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLineStyle": { + "additionalProperties": false, + "properties": { + "LineSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineSymbolStyle", + "markdownDescription": "The symbol style for a line style.", + "title": "LineSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLineSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "LineWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width value for a line.", + "title": "LineWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialLineWidth": { + "additionalProperties": false, + "properties": { + "LineWidth": { + "markdownDescription": "The positive value for the width of a line.", + "title": "LineWidth", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", + "type": "array" + }, + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" + }, + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "", + "title": "VisualPalette" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapFieldWells": { + "additionalProperties": false, + "properties": { + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapState": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", + "markdownDescription": "", + "title": "Bounds" + }, + "MapNavigation": { + "markdownDescription": "Enables or disables map navigation for a map.", + "title": "MapNavigation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color and opacity values for a map.", + "title": "BackgroundColor", + "type": "string" + }, + "BaseMapStyle": { + "markdownDescription": "The selected base map style.", + "title": "BaseMapStyle", + "type": "string" + }, + "BaseMapVisibility": { + "markdownDescription": "The state of visibility for the base map.", + "title": "BaseMapVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapStyleOptions": { + "additionalProperties": false, + "properties": { + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialNullDataSettings": { + "additionalProperties": false, + "properties": { + "SymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialNullSymbolStyle", + "markdownDescription": "The symbol style for null data.", + "title": "SymbolStyle" + } + }, + "required": [ + "SymbolStyle" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialNullSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor", + "type": "string" + }, + "StrokeColor": { + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor", + "type": "string" + }, + "StrokeWidth": { + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPointLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyle", + "markdownDescription": "The visualization style for a point layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPointStyle": { + "additionalProperties": false, + "properties": { + "CircleSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCircleSymbolStyle", + "markdownDescription": "The circle symbol style for a point layer.", + "title": "CircleSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPointStyleOptions": { + "additionalProperties": false, + "properties": { + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" + }, + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" + }, + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPolygonLayer": { + "additionalProperties": false, + "properties": { + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonStyle", + "markdownDescription": "The visualization style for a polygon layer.", + "title": "Style" + } + }, + "required": [ + "Style" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPolygonStyle": { + "additionalProperties": false, + "properties": { + "PolygonSymbolStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPolygonSymbolStyle", + "markdownDescription": "The polygon symbol style for a polygon layer.", + "title": "PolygonSymbolStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialPolygonSymbolStyle": { + "additionalProperties": false, + "properties": { + "FillColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the fill color.", + "title": "FillColor" + }, + "StrokeColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialColor", + "markdownDescription": "The color and opacity values for the stroke color.", + "title": "StrokeColor" + }, + "StrokeWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLineWidth", + "markdownDescription": "The width of the border stroke.", + "title": "StrokeWidth" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialSolidColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color and opacity values for the color.", + "title": "Color", + "type": "string" + }, + "State": { + "markdownDescription": "Enables and disables the view state of the color.", + "title": "State", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GeospatialWindowOptions": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" + }, + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GlobalTableBorderOptions": { + "additionalProperties": false, + "properties": { + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" + }, + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GradientColor": { + "additionalProperties": false, + "properties": { + "Stops": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientStop" + }, + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GradientStop": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", + "type": "number" + }, + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", + "type": "number" + } + }, + "required": [ + "GradientOffset" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.GridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutElement" + }, + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GridLayoutElement": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" + }, + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" + } + }, + "required": [ + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" + }, + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", + "type": "string" + } + }, + "required": [ + "ResizeOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.GrowthRateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", + "type": "number" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" + }, + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" + } + }, + "required": [ + "Layout", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well of a heat map.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" + }, + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapFieldWells": { + "additionalProperties": false, + "properties": { + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" + }, + "HeatMapColumnSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", + "type": "array" + }, + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" + }, + "HeatMapRowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HeatMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramBinOptions": { + "additionalProperties": false, + "properties": { + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" + }, + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" + }, + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramConfiguration": { + "additionalProperties": false, + "properties": { + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramFieldWells": { + "additionalProperties": false, + "properties": { + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.HistogramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageCustomActionOperation": { + "additionalProperties": false, + "properties": { + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageInteractionOptions": { + "additionalProperties": false, + "properties": { + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ImageStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileSource", + "markdownDescription": "The source of the image static file.", + "title": "Source" + }, + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains an image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.InnerFilter": { + "additionalProperties": false, + "properties": { + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.InsightConfiguration": { + "additionalProperties": false, + "properties": { + "Computations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Computation" + }, + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", + "type": "array" + }, + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.InsightVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", + "type": "string" + }, + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.IntegerDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `IntegerDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.IntegerParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the integer parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "markdownDescription": "The values for the integer parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.IntegerParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" + }, + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormattingOption" + }, + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" + }, + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", + "type": "array" + }, + "TrendGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIOptions": { + "additionalProperties": false, + "properties": { + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" + }, + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" + }, + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" + }, + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPISortConfiguration": { + "additionalProperties": false, + "properties": { + "TrendGroupSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPISparklineOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the sparkline.", + "title": "Type", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIVisualLayoutOptions": { + "additionalProperties": false, + "properties": { + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.KPIVisualStandardLayout": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The standard layout type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the label is visible.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayerCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerCustomActionOperation" + }, + "markdownDescription": "A list of `LayerCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `LayerCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `LayerCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayerCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", + "markdownDescription": "", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayerMapVisual": { + "additionalProperties": false, + "properties": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialLayerMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the layer map visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.Layout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" + }, + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LegendOptions": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", + "type": "string" + }, + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" + }, + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the legend is visible.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartConfiguration": { + "additionalProperties": false, + "properties": { + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" + }, + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" + }, + "ForecastConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastConfiguration" + }, + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", + "type": "array" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", + "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" + }, + "Type": { + "markdownDescription": "Determines the type of the line chart.", + "title": "Type", + "type": "string" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", + "type": "string" + }, + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartFieldWells": { + "additionalProperties": false, + "properties": { + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartLineStyleSettings": { + "additionalProperties": false, + "properties": { + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", + "type": "string" + }, + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", + "type": "string" + }, + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", + "type": "string" + }, + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings": { + "additionalProperties": false, + "properties": { + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", + "type": "string" + }, + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", + "type": "string" + }, + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", + "type": "string" + }, + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" + }, + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MissingDataConfiguration" + }, + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LinkSharingConfiguration": { + "additionalProperties": false, + "properties": { + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" + }, + "markdownDescription": "A structure that contains the permissions of a shareable link.", + "title": "Permissions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ListControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ListControlSearchOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ListControlSelectAllOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LoadingAnimation": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.LocalNavigationConfiguration": { + "additionalProperties": false, + "properties": { + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", + "type": "string" + } + }, + "required": [ + "TargetSheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.LongFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.MappedDataSetParameter": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", + "title": "DataSetIdentifier", + "type": "string" + }, + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "DataSetParameterName" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.MaximumLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.MaximumMinimumComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.MeasureField": { + "additionalProperties": false, + "properties": { + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" + }, + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" + }, + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" + }, + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.MetricComparisonComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.MinimumLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the minimum label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.MissingDataConfiguration": { + "additionalProperties": false, + "properties": { + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NegativeValueConfiguration": { + "additionalProperties": false, + "properties": { + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", + "type": "string" + } + }, + "required": [ + "DisplayMode" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NestedFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" + } + }, + "required": [ + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NullValueFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", + "type": "string" + } + }, + "required": [ + "NullString" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the number format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumberFormatConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericAxisOptions": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" + }, + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Value": { + "markdownDescription": "The value of the double input numeric drill down filter.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Column", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericEqualityFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + }, + "Value": { + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Column", + "FilterId", + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericFormatConfiguration": { + "additionalProperties": false, + "properties": { + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" + }, + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericRangeFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" + }, + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", + "type": "string" + }, + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericSeparatorConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericalAggregationFunction": { + "additionalProperties": false, + "properties": { + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" + }, + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.NumericalMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PaginationConfiguration": { + "additionalProperties": false, + "properties": { + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", + "type": "number" + }, + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", + "type": "number" + } + }, + "required": [ + "PageNumber", + "PageSize" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PanelConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", + "type": "string" + }, + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "string" + }, + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", + "type": "string" + }, + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", + "type": "string" + }, + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", + "type": "string" + }, + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "string" + }, + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", + "type": "string" + }, + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", + "title": "Title" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PanelTitleOptions": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" + }, + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterControl": { + "additionalProperties": false, + "properties": { + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", + "title": "List" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" + }, + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" + }, + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" + }, + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterDropDownControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterListControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of `ParameterListControl` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterSelectableValues": { + "additionalProperties": false, + "properties": { + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `ParameterSliderControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "MaximumValue", + "MinimumValue", + "ParameterControlId", + "SourceParameterName", + "StepSize", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterTextAreaControl": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ParameterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextFieldControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.Parameters": { + "additionalProperties": false, + "properties": { + "DateTimeParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameter" + }, + "markdownDescription": "The parameters that have a data type of date-time.", + "title": "DateTimeParameters", + "type": "array" + }, + "DecimalParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameter" + }, + "markdownDescription": "The parameters that have a data type of decimal.", + "title": "DecimalParameters", + "type": "array" + }, + "IntegerParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameter" + }, + "markdownDescription": "The parameters that have a data type of integer.", + "title": "IntegerParameters", + "type": "array" + }, + "StringParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameter" + }, + "markdownDescription": "The parameters that have a data type of string.", + "title": "StringParameters", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PercentVisibleRange": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PercentileAggregation": { + "additionalProperties": false, + "properties": { + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PeriodOverPeriodComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PeriodToDateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", + "title": "CategoryLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartFieldWells": { + "additionalProperties": false, + "properties": { + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PieChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotFieldSortOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" + } + }, + "required": [ + "FieldId", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope" + }, + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", + "type": "array" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope": { + "additionalProperties": false, + "properties": { + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", + "title": "SortConfiguration" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableDataPathOption": { + "additionalProperties": false, + "properties": { + "DataPathList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + }, + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", + "type": "array" + }, + "Width": { + "markdownDescription": "The width of the data path option.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "DataPathList" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", + "type": "string" + }, + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" + } + }, + "required": [ + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget": { + "additionalProperties": false, + "properties": { + "FieldDataPathValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" + }, + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", + "type": "array" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldOptions": { + "additionalProperties": false, + "properties": { + "CollapseStateOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption" + }, + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", + "type": "array" + }, + "DataPathOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableDataPathOption" + }, + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", + "type": "array" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOption" + }, + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableFieldWells": { + "additionalProperties": false, + "properties": { + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" + }, + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", + "type": "string" + }, + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" + }, + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", + "type": "string" + }, + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", + "type": "string" + }, + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" + }, + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" + }, + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", + "type": "string" + }, + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "string" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the rows label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableSortBy": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" + }, + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" + }, + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableSortConfiguration": { + "additionalProperties": false, + "properties": { + "FieldSortOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotFieldSortOptions" + }, + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableTotalOptions": { + "additionalProperties": false, + "properties": { + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" + }, + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" + }, + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PivotTotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisual": { + "additionalProperties": false, + "properties": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" + }, + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual that you want to use.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "PluginArn", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualFieldWell" + }, + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" + }, + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualFieldWell": { + "additionalProperties": false, + "properties": { + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", + "type": "array" + }, + "Measures": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", + "type": "array" + }, + "Unaggregated": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" + }, + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualOptions": { + "additionalProperties": false, + "properties": { + "VisualProperties": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualProperty" + }, + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualProperty": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualSortConfiguration": { + "additionalProperties": false, + "properties": { + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PluginVisualTableQuerySort": { + "additionalProperties": false, + "properties": { + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.PredefinedHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ProgressBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", + "type": "array" + }, + "Color": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartConfiguration": { + "additionalProperties": false, + "properties": { + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "string" + }, + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", + "type": "string" + }, + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" + }, + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" + }, + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" + }, + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "title": "SortConfiguration" + }, + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartFieldWells": { + "additionalProperties": false, + "properties": { + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RadarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.RangeEndsLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLine": { + "additionalProperties": false, + "properties": { + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" + }, + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" + }, + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", + "type": "string" + }, + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" + } + }, + "required": [ + "DataConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The string text of the custom label.", + "title": "CustomLabel", + "type": "string" + } + }, + "required": [ + "CustomLabel" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", + "type": "string" + }, + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" + }, + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", + "type": "string" + }, + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration": { + "additionalProperties": false, + "properties": { + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" + }, + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" + } + }, + "required": [ + "Calculation", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" + }, + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", + "title": "FontConfiguration" + }, + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", + "type": "string" + }, + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" + }, + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color of the reference line.", + "title": "Color", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" + }, + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.RelativeDatesFilter": { + "additionalProperties": false, + "properties": { + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", + "type": "string" + }, + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", + "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.RollingDateConfiguration": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.RowAlternateColorOptions": { + "additionalProperties": false, + "properties": { + "RowAlternateColors": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", + "type": "array" + }, + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", + "type": "string" + }, + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration": { + "additionalProperties": false, + "properties": { + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" + }, + "TargetVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Destination": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", + "type": "array" + }, + "Source": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", + "type": "array" + }, + "Weight": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a sankey diagram.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramFieldWells": { + "additionalProperties": false, + "properties": { + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" + }, + "SourceItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" + }, + "WeightSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SankeyDiagramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" + }, + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", + "title": "YAxisDisplayOptions" + }, + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotFieldWells": { + "additionalProperties": false, + "properties": { + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" + }, + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" + }, + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScatterPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ScrollBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the data zoom scroll bar.", + "title": "Visibility", + "type": "string" + }, + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SecondaryValueOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines the visibility of the secondary value.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionAfterPageBreak": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "BodySections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionConfiguration" + }, + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", + "type": "array" + }, + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" + }, + "FooterSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", + "type": "array" + }, + "HeaderSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", + "type": "array" + } + }, + "required": [ + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" + }, + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", + "type": "string" + }, + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" + } + }, + "required": [ + "FreeFormLayout" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SectionStyle": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", + "type": "string" + }, + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "SheetVisualScopingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration" + }, + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SeriesItem": { + "additionalProperties": false, + "properties": { + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" + }, + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SetParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration", + "markdownDescription": "", + "title": "Value" + } + }, + "required": [ + "DestinationParameterName", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ShapeConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" + } + }, + "required": [ + "BackgroundColor" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.Sheet": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions": { + "additionalProperties": false, + "properties": { + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility configuration of info icon label options.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlLayout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetControlsOption": { + "additionalProperties": false, + "properties": { + "VisibilityState": { + "markdownDescription": "Visibility state.", + "title": "VisibilityState", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetDefinition": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", + "type": "string" + }, + "FilterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterControl" + }, + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", + "type": "array" + }, + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" + }, + "Layouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Layout" + }, + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "ParameterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterControl" + }, + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", + "type": "array" + }, + "SheetControlLayouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayout" + }, + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", + "type": "array" + }, + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", + "type": "string" + }, + "TextBoxes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetTextBox" + }, + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", + "type": "array" + }, + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", + "type": "string" + }, + "Visuals": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.Visual" + }, + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", + "type": "array" + } + }, + "required": [ + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetElementRenderingRule": { + "additionalProperties": false, + "properties": { + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" + }, + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "ConfigurationOverrides", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImage": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageCustomAction" + }, + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", + "type": "array" + }, + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" + }, + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" + }, + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" + } + }, + "required": [ + "SheetImageId", + "Source" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageScalingConfiguration": { + "additionalProperties": false, + "properties": { + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageSource": { + "additionalProperties": false, + "properties": { + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageTooltipConfiguration": { + "additionalProperties": false, + "properties": { + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetImageTooltipText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The status of the sheet layout maximization options of a dashbaord.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetTextBox": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", + "type": "string" + }, + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", + "type": "string" + } + }, + "required": [ + "SheetTextBoxId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration": { + "additionalProperties": false, + "properties": { + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", + "type": "string" + }, + "VisualIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", + "type": "array" + } + }, + "required": [ + "Scope", + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ShortFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SimpleClusterMarker": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SingleAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SliderControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties": { + "additionalProperties": false, + "properties": { + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", + "type": "string" + }, + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SmallMultiplesOptions": { + "additionalProperties": false, + "properties": { + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" + }, + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", + "type": "number" + }, + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" + }, + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" + }, + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.Spacing": { + "additionalProperties": false, + "properties": { + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", + "type": "string" + }, + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", + "type": "string" + }, + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", + "type": "string" + }, + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SpatialStaticFile": { + "additionalProperties": false, + "properties": { + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileSource", + "markdownDescription": "The source of the spatial static file.", + "title": "Source" + }, + "StaticFileId": { + "markdownDescription": "The ID of the spatial static file.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StaticFile": { + "additionalProperties": false, + "properties": { + "ImageStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ImageStaticFile", + "markdownDescription": "The image static file.", + "title": "ImageStaticFile" + }, + "SpatialStaticFile": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SpatialStaticFile", + "markdownDescription": "The spacial static file.", + "title": "SpatialStaticFile" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.StaticFileS3SourceOptions": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "ObjectKey": { + "markdownDescription": "The identifier of the static file in the Amazon S3 bucket.", + "title": "ObjectKey", + "type": "string" + }, + "Region": { + "markdownDescription": "The Region of the Amazon S3 account that contains the bucket.", + "title": "Region", + "type": "string" + } + }, + "required": [ + "BucketName", + "ObjectKey", + "Region" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StaticFileSource": { + "additionalProperties": false, + "properties": { + "S3Options": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileS3SourceOptions", + "markdownDescription": "The structure that contains the Amazon S3 location to download the static file from.", + "title": "S3Options" + }, + "UrlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StaticFileUrlSourceOptions", + "markdownDescription": "The structure that contains the URL to download the static file from.", + "title": "UrlOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.StaticFileUrlSourceOptions": { + "additionalProperties": false, + "properties": { + "Url": { + "markdownDescription": "The URL to download the static file from.", + "title": "Url", + "type": "string" + } + }, + "required": [ + "Url" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "A display name for a string parameter.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values of a string parameter.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Name", + "Values" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.SubtotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", + "type": "string" + }, + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", + "type": "string" + }, + "FieldLevelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions" + }, + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", + "type": "array" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" + }, + "StyleTargets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableStyleTarget" + }, + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", + "type": "string" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableBorderOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", + "type": "string" + }, + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", + "type": "string" + }, + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration": { + "additionalProperties": false, + "properties": { + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableCellStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color for the table cells.", + "title": "BackgroundColor", + "type": "string" + }, + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" + }, + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" + }, + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", + "type": "string" + }, + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" + }, + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", + "title": "SortConfiguration" + }, + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableInlineVisualization" + }, + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldCustomIconContent": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldCustomTextContent": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" + }, + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "FontConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldImageConfiguration": { + "additionalProperties": false, + "properties": { + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldLinkConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" + }, + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Content", + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration": { + "additionalProperties": false, + "properties": { + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" + }, + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", + "type": "string" + }, + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" + }, + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", + "type": "string" + }, + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldOptions": { + "additionalProperties": false, + "properties": { + "Order": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", + "type": "array" + }, + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOption" + }, + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" + }, + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldURLConfiguration": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableFieldWells": { + "additionalProperties": false, + "properties": { + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" + }, + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableInlineVisualization": { + "additionalProperties": false, + "properties": { + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" + }, + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" + }, + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "string" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TablePinnedFieldOptions": { + "additionalProperties": false, + "properties": { + "PinnedLeftFields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableRowConditionalFormatting": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableSideBorderOptions": { + "additionalProperties": false, + "properties": { + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" + }, + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" + }, + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" + }, + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" + }, + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" + }, + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableSortConfiguration": { + "additionalProperties": false, + "properties": { + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableStyleTarget": { + "additionalProperties": false, + "properties": { + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", + "type": "string" + } + }, + "required": [ + "CellType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" + }, + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" + }, + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextControlPlaceholderOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.ThousandSeparatorOptions": { + "additionalProperties": false, + "properties": { + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TimeBasedForecastProperties": { + "additionalProperties": false, + "properties": { + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TimeEqualityFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", + "type": "string" + }, + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TimeRangeFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TimeRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TooltipItem": { + "additionalProperties": false, + "properties": { + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" + }, + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TooltipOptions": { + "additionalProperties": false, + "properties": { + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" + }, + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TopBottomFilter": { + "additionalProperties": false, + "properties": { + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationSortConfiguration" + }, + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", + "type": "number" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AggregationSortConfigurations", + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TopBottomMoversComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TopBottomRankedComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalAggregationComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalAggregationOption": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", + "type": "string" + }, + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" + } + }, + "required": [ + "FieldId", + "TotalAggregationFunction" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation settings for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", + "markdownDescription": "Cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", + "type": "string" + } + }, + "required": [ + "ColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", + "type": "array" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", + "type": "array" + }, + "Sizes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", + "title": "ColorLabelOptions" + }, + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapFieldWells": { + "additionalProperties": false, + "properties": { + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "TreeMapGroupItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" + }, + "TreeMapSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.TreeMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.TrendArrowOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the trend arrows.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.UnaggregatedField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.UniqueValuesComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.ValidationStrategy": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisibleRangeOptions": { + "additionalProperties": false, + "properties": { + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.Visual": { + "additionalProperties": false, + "properties": { + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" + }, + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" + }, + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" + }, + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" + }, + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" + }, + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" + }, + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" + }, + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" + }, + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" + }, + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" + }, + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" + }, + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" + }, + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" + }, + "LayerMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayerMapVisual", + "markdownDescription": "The properties for a layer map visual", + "title": "LayerMapVisual" + }, + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" + }, + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" + }, + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualAxisSortOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's axis sort options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualInteractionOptions": { + "additionalProperties": false, + "properties": { + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualPalette": { + "additionalProperties": false, + "properties": { + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", + "type": "string" + }, + "ColorMap": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathColor" + }, + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.VisualTitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the title label.", + "title": "Visibility", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Breakdowns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", + "type": "array" + }, + "Categories": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The value field wells of a waterfall visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" + }, + "CategoryAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" + }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", + "markdownDescription": "The data label configuration of a waterfall visual.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", + "markdownDescription": "The legend configuration of a waterfall visual.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", + "title": "SortConfiguration" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", + "markdownDescription": "The visual palette configuration of a waterfall visual.", + "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartFieldWells": { + "additionalProperties": false, + "properties": { + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartGroupColorConfiguration": { + "additionalProperties": false, + "properties": { + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" + }, + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartOptions": { + "additionalProperties": false, + "properties": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WaterfallVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.WhatIfPointScenario": { + "additionalProperties": false, + "properties": { + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Date", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.WhatIfRangeScenario": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "EndDate", + "StartDate", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" + }, + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" + }, + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", + "title": "Size", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" + }, + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudFieldWells": { + "additionalProperties": false, + "properties": { + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudOptions": { + "additionalProperties": false, + "properties": { + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", + "type": "string" + }, + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" + }, + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", + "type": "string" + }, + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", + "type": "string" + }, + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", + "type": "string" + }, + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Dashboard.WordCloudVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Dashboard.YAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", + "type": "string" + } + }, + "required": [ + "YAxis" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", + "type": "string" + }, + "ColumnGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnGroup" + }, + "markdownDescription": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.", + "title": "ColumnGroups", + "type": "array" + }, + "ColumnLevelPermissionRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnLevelPermissionRule" + }, + "markdownDescription": "A set of one or more definitions of a `ColumnLevelPermissionRule` .", + "title": "ColumnLevelPermissionRules", + "type": "array" + }, + "DataSetId": { + "markdownDescription": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account.", + "title": "DataSetId", + "type": "string" + }, + "DataSetRefreshProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetRefreshProperties", + "markdownDescription": "The refresh properties of a dataset.", + "title": "DataSetRefreshProperties" + }, + "DataSetUsageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetUsageConfiguration", + "markdownDescription": "The usage configuration to apply to child datasets that reference this dataset as a source.", + "title": "DataSetUsageConfiguration" + }, + "DatasetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DatasetParameter" + }, + "markdownDescription": "The parameters that are declared in a dataset.", + "title": "DatasetParameters", + "type": "array" + }, + "FieldFolders": { + "additionalProperties": false, + "markdownDescription": "The folder that contains fields and nested subfolders for your dataset.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.FieldFolder" + } + }, + "title": "FieldFolders", + "type": "object" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "ImportMode": { + "markdownDescription": "Indicates whether you want to import the data into SPICE.", + "title": "ImportMode", + "type": "string" + }, + "IngestionWaitPolicy": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IngestionWaitPolicy", + "markdownDescription": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours.", + "title": "IngestionWaitPolicy" + }, + "LogicalTableMap": { + "additionalProperties": false, + "markdownDescription": "Configures the combination and transformation of the data from the physical tables.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTable" + } + }, + "title": "LogicalTableMap", + "type": "object" + }, + "Name": { + "markdownDescription": "The display name for the dataset.", + "title": "Name", + "type": "string" + }, + "PerformanceConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.PerformanceConfiguration", + "markdownDescription": "The performance optimization configuration of a dataset.", + "title": "PerformanceConfiguration" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ResourcePermission" + }, + "markdownDescription": "A list of resource permissions on the dataset.", + "title": "Permissions", + "type": "array" + }, + "PhysicalTableMap": { + "additionalProperties": false, + "markdownDescription": "Declares the physical tables that are available in the underlying data sources.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.PhysicalTable" + } + }, + "title": "PhysicalTableMap", + "type": "object" + }, + "RowLevelPermissionDataSet": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionDataSet", + "markdownDescription": "The row-level security configuration for the data that you want to create.", + "title": "RowLevelPermissionDataSet" + }, + "RowLevelPermissionTagConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration", + "markdownDescription": "The element you can use to define tags for row-level security.", + "title": "RowLevelPermissionTagConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.", + "title": "Tags", + "type": "array" + }, + "UseAs": { + "markdownDescription": "The usage of the dataset.", + "title": "UseAs", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::DataSet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.CalculatedColumn": { + "additionalProperties": false, + "properties": { + "ColumnId": { + "markdownDescription": "A unique ID to identify a calculated column. During a dataset update, if the column ID of a calculated column matches that of an existing calculated column, Amazon QuickSight preserves the existing calculated column.", + "title": "ColumnId", + "type": "string" + }, + "ColumnName": { + "markdownDescription": "Column name.", + "title": "ColumnName", + "type": "string" + }, + "Expression": { + "markdownDescription": "An expression that defines the calculated column.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "ColumnId", + "ColumnName", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.CastColumnTypeOperation": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "Column name.", + "title": "ColumnName", + "type": "string" + }, + "Format": { + "markdownDescription": "When casting a column from string to datetime type, you can supply a string in a format supported by Amazon QuickSight to denote the source data format.", + "title": "Format", + "type": "string" + }, + "NewColumnType": { + "markdownDescription": "New column data type.", + "title": "NewColumnType", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset.", + "title": "SubType", + "type": "string" + } + }, + "required": [ + "ColumnName", + "NewColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.ColumnDescription": { + "additionalProperties": false, + "properties": { + "Text": { + "markdownDescription": "The text of a description for a column.", + "title": "Text", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ColumnGroup": { + "additionalProperties": false, + "properties": { + "GeoSpatialColumnGroup": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.GeoSpatialColumnGroup", + "markdownDescription": "Geospatial column group that denotes a hierarchy.", + "title": "GeoSpatialColumnGroup" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ColumnLevelPermissionRule": { + "additionalProperties": false, + "properties": { + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of column names.", + "title": "ColumnNames", + "type": "array" + }, + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of Amazon Resource Names (ARNs) for QuickSight users or groups.", + "title": "Principals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ColumnTag": { + "additionalProperties": false, + "properties": { + "ColumnDescription": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnDescription", + "markdownDescription": "A description for a column.", + "title": "ColumnDescription" + }, + "ColumnGeographicRole": { + "markdownDescription": "A geospatial role for a column.", + "title": "ColumnGeographicRole", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.CreateColumnsOperation": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CalculatedColumn" + }, + "markdownDescription": "Calculated columns to create.", + "title": "Columns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.CustomSql": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + }, + "markdownDescription": "The column schema from the SQL query result set.", + "title": "Columns", + "type": "array" + }, + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the data source.", + "title": "DataSourceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "A display name for the SQL query result.", + "title": "Name", + "type": "string" + }, + "SqlQuery": { + "markdownDescription": "The SQL query.", + "title": "SqlQuery", + "type": "string" + } + }, + "required": [ + "DataSourceArn", + "Name", + "SqlQuery" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.DataSetRefreshProperties": { + "additionalProperties": false, + "properties": { + "FailureConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshFailureConfiguration", + "markdownDescription": "The failure configuration for a dataset.", + "title": "FailureConfiguration" + }, + "RefreshConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshConfiguration", + "markdownDescription": "The refresh configuration for a dataset.", + "title": "RefreshConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.DataSetUsageConfiguration": { + "additionalProperties": false, + "properties": { + "DisableUseAsDirectQuerySource": { + "markdownDescription": "An option that controls whether a child dataset of a direct query can use this dataset as a source.", + "title": "DisableUseAsDirectQuerySource", + "type": "boolean" + }, + "DisableUseAsImportedSource": { + "markdownDescription": "An option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.", + "title": "DisableUseAsImportedSource", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.DatasetParameter": { + "additionalProperties": false, + "properties": { + "DateTimeDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameter", + "markdownDescription": "A date time parameter that is created in the dataset.", + "title": "DateTimeDatasetParameter" + }, + "DecimalDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameter", + "markdownDescription": "A decimal parameter that is created in the dataset.", + "title": "DecimalDatasetParameter" + }, + "IntegerDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameter", + "markdownDescription": "An integer parameter that is created in the dataset.", + "title": "IntegerDatasetParameter" + }, + "StringDatasetParameter": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameter", + "markdownDescription": "A string parameter that is created in the dataset.", + "title": "StringDatasetParameter" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.DateTimeDatasetParameter": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given date time parameter. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the parameter that is created in the dataset.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the date time parameter that is created in the dataset.", + "title": "Name", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the date time parameter.", + "title": "TimeGranularity", + "type": "string" + }, + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "Id", + "Name", + "ValueType" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues": { + "additionalProperties": false, + "properties": { + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.DecimalDatasetParameter": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given decimal parameter. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the decimal parameter created in the dataset.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the decimal parameter that is created in the dataset.", + "title": "Name", + "type": "string" + }, + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "Id", + "Name", + "ValueType" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues": { + "additionalProperties": false, + "properties": { + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given decimal parameter.", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.FieldFolder": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "type": "string" + }, + "markdownDescription": "A folder has a list of columns. A column can only be in one folder.", + "title": "Columns", + "type": "array" + }, + "Description": { + "markdownDescription": "The description for a field folder.", + "title": "Description", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.FilterOperation": { + "additionalProperties": false, + "properties": { + "ConditionExpression": { + "markdownDescription": "An expression that must evaluate to a Boolean value. Rows for which the expression evaluates to true are kept in the dataset.", + "title": "ConditionExpression", + "type": "string" + } + }, + "required": [ + "ConditionExpression" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.GeoSpatialColumnGroup": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "type": "string" + }, + "markdownDescription": "Columns in this hierarchy.", + "title": "Columns", + "type": "array" + }, + "CountryCode": { + "markdownDescription": "Country code.", + "title": "CountryCode", + "type": "string" + }, + "Name": { + "markdownDescription": "A display name for the hierarchy.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Columns", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.IncrementalRefresh": { + "additionalProperties": false, + "properties": { + "LookbackWindow": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LookbackWindow", + "markdownDescription": "The lookback window setup for an incremental refresh configuration.", + "title": "LookbackWindow" + } + }, + "required": [ + "LookbackWindow" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.IngestionWaitPolicy": { + "additionalProperties": false, + "properties": { + "IngestionWaitTimeInHours": { + "markdownDescription": "The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. Applicable only when `DataSetImportMode` mode is set to SPICE and `WaitForSpiceIngestion` is set to true.", + "title": "IngestionWaitTimeInHours", + "type": "number" + }, + "WaitForSpiceIngestion": { + "markdownDescription": "Wait for SPICE ingestion to finish to mark dataset creation or update as successful. Default (true). Applicable only when `DataSetImportMode` mode is set to SPICE.", + "title": "WaitForSpiceIngestion", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.InputColumn": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of this column in the underlying data source.", + "title": "Name", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset.", + "title": "SubType", + "type": "string" + }, + "Type": { + "markdownDescription": "The data type of the column.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.IntegerDatasetParameter": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given integer parameter. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the integer parameter created in the dataset.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the integer parameter that is created in the dataset.", + "title": "Name", + "type": "string" + }, + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "Id", + "Name", + "ValueType" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues": { + "additionalProperties": false, + "properties": { + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given integer parameter.", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.JoinInstruction": { + "additionalProperties": false, + "properties": { + "LeftJoinKeyProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", + "markdownDescription": "Join key properties of the left operand.", + "title": "LeftJoinKeyProperties" + }, + "LeftOperand": { + "markdownDescription": "The operand on the left side of a join.", + "title": "LeftOperand", + "type": "string" + }, + "OnClause": { + "markdownDescription": "The join instructions provided in the `ON` clause of a join.", + "title": "OnClause", + "type": "string" + }, + "RightJoinKeyProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", + "markdownDescription": "Join key properties of the right operand.", + "title": "RightJoinKeyProperties" + }, + "RightOperand": { + "markdownDescription": "The operand on the right side of a join.", + "title": "RightOperand", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of join that it is.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "LeftOperand", + "OnClause", + "RightOperand", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.JoinKeyProperties": { + "additionalProperties": false, + "properties": { + "UniqueKey": { + "markdownDescription": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by QuickSight to optimize query performance.", + "title": "UniqueKey", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.LogicalTable": { + "additionalProperties": false, + "properties": { + "Alias": { + "markdownDescription": "A display name for the logical table.", + "title": "Alias", + "type": "string" + }, + "DataTransforms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.TransformOperation" + }, + "markdownDescription": "Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null.", + "title": "DataTransforms", + "type": "array" + }, + "Source": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTableSource", + "markdownDescription": "Source of this logical table.", + "title": "Source" + } + }, + "required": [ + "Alias" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.LogicalTableSource": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "The Amazon Resource Number (ARN) of the parent dataset.", + "title": "DataSetArn", + "type": "string" + }, + "JoinInstruction": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinInstruction", + "markdownDescription": "Specifies the result of a join of two logical tables.", + "title": "JoinInstruction" + }, + "PhysicalTableId": { + "markdownDescription": "Physical table ID.", + "title": "PhysicalTableId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.LookbackWindow": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the lookback window column.", + "title": "ColumnName", + "type": "string" + }, + "Size": { + "markdownDescription": "The lookback window column size.", + "title": "Size", + "type": "number" + }, + "SizeUnit": { + "markdownDescription": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` .", + "title": "SizeUnit", + "type": "string" + } + }, + "required": [ + "ColumnName", + "Size", + "SizeUnit" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.NewDefaultValues": { + "additionalProperties": false, + "properties": { + "DateTimeStaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", + "title": "DateTimeStaticValues", + "type": "array" + }, + "DecimalStaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given decimal parameter.", + "title": "DecimalStaticValues", + "type": "array" + }, + "IntegerStaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of static default values for a given integer parameter.", + "title": "IntegerStaticValues", + "type": "array" + }, + "StringStaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of static default values for a given string parameter.", + "title": "StringStaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.OutputColumn": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for a column.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The display name of the column..", + "title": "Name", + "type": "string" + }, + "SubType": { + "markdownDescription": "The sub data type of the column.", + "title": "SubType", + "type": "string" + }, + "Type": { + "markdownDescription": "The data type of the column.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.OverrideDatasetParameterOperation": { + "additionalProperties": false, + "properties": { + "NewDefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.NewDefaultValues", + "markdownDescription": "The new default values for the parameter.", + "title": "NewDefaultValues" + }, + "NewParameterName": { + "markdownDescription": "The new name for the parameter.", + "title": "NewParameterName", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter to be overridden with different values.", + "title": "ParameterName", + "type": "string" + } + }, + "required": [ + "ParameterName" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.PerformanceConfiguration": { + "additionalProperties": false, + "properties": { + "UniqueKeys": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UniqueKey" + }, + "markdownDescription": "", + "title": "UniqueKeys", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.PhysicalTable": { + "additionalProperties": false, + "properties": { + "CustomSql": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CustomSql", + "markdownDescription": "A physical table type built from the results of the custom SQL query.", + "title": "CustomSql" + }, + "RelationalTable": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RelationalTable", + "markdownDescription": "A physical table type for relational data sources.", + "title": "RelationalTable" + }, + "S3Source": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.S3Source", + "markdownDescription": "A physical table type for as S3 data source.", + "title": "S3Source" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.ProjectOperation": { + "additionalProperties": false, + "properties": { + "ProjectedColumns": { + "items": { + "type": "string" + }, + "markdownDescription": "Projected columns.", + "title": "ProjectedColumns", + "type": "array" + } + }, + "required": [ + "ProjectedColumns" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RefreshConfiguration": { + "additionalProperties": false, + "properties": { + "IncrementalRefresh": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.IncrementalRefresh", + "markdownDescription": "The incremental refresh for the dataset.", + "title": "IncrementalRefresh" + } + }, + "required": [ + "IncrementalRefresh" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RefreshFailureConfiguration": { + "additionalProperties": false, + "properties": { + "EmailAlert": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshFailureEmailAlert", + "markdownDescription": "The email alert configuration for a dataset refresh failure.", + "title": "EmailAlert" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.RefreshFailureEmailAlert": { + "additionalProperties": false, + "properties": { + "AlertStatus": { + "markdownDescription": "The status value that determines if email alerts are sent.", + "title": "AlertStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.RelationalTable": { + "additionalProperties": false, + "properties": { + "Catalog": { + "markdownDescription": "The catalog associated with a table.", + "title": "Catalog", + "type": "string" + }, + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", + "title": "DataSourceArn", + "type": "string" + }, + "InputColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + }, + "markdownDescription": "The column schema of the table.", + "title": "InputColumns", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the relational table.", + "title": "Name", + "type": "string" + }, + "Schema": { + "markdownDescription": "The schema name. This name applies to certain relational database engines.", + "title": "Schema", + "type": "string" + } + }, + "required": [ + "DataSourceArn", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RenameColumnOperation": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the column to be renamed.", + "title": "ColumnName", + "type": "string" + }, + "NewColumnName": { + "markdownDescription": "The new name for the column.", + "title": "NewColumnName", + "type": "string" + } + }, + "required": [ + "ColumnName" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permisions on", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RowLevelPermissionDataSet": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.", + "title": "Arn", + "type": "string" + }, + "FormatVersion": { + "markdownDescription": "The user or group rules associated with the dataset that contains permissions for RLS.\n\nBy default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist.", + "title": "FormatVersion", + "type": "string" + }, + "Namespace": { + "markdownDescription": "The namespace associated with the dataset that contains permissions for RLS.", + "title": "Namespace", + "type": "string" + }, + "PermissionPolicy": { + "markdownDescription": "The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only.", + "title": "PermissionPolicy", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Arn", + "PermissionPolicy" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", + "title": "Status", + "type": "string" + }, + "TagRuleConfigurations": { + "markdownDescription": "The configuration of tags on a dataset to set row-level security.", + "title": "TagRuleConfigurations", + "type": "object" + }, + "TagRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagRule" + }, + "markdownDescription": "A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.", + "title": "TagRules", + "type": "array" + } + }, + "required": [ + "TagRules" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.RowLevelPermissionTagRule": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The column name that a tag key is assigned to.", + "title": "ColumnName", + "type": "string" + }, + "MatchAllValue": { + "markdownDescription": "A string that you want to use to filter by all the values in a column in the dataset and don\u2019t want to list the values one by one. For example, you can use an asterisk as your match all value.", + "title": "MatchAllValue", + "type": "string" + }, + "TagKey": { + "markdownDescription": "The unique key for a tag.", + "title": "TagKey", + "type": "string" + }, + "TagMultiValueDelimiter": { + "markdownDescription": "A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.", + "title": "TagMultiValueDelimiter", + "type": "string" + } + }, + "required": [ + "ColumnName", + "TagKey" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.S3Source": { + "additionalProperties": false, + "properties": { + "DataSourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", + "title": "DataSourceArn", + "type": "string" + }, + "InputColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" + }, + "markdownDescription": "A physical table type for an S3 data source.\n\n> For files that aren't JSON, only `STRING` data types are supported in input columns.", + "title": "InputColumns", + "type": "array" + }, + "UploadSettings": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UploadSettings", + "markdownDescription": "Information about the format for the S3 source file or files.", + "title": "UploadSettings" + } + }, + "required": [ + "DataSourceArn" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.StringDatasetParameter": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues", + "markdownDescription": "A list of default values for a given string dataset parameter type. This structure only accepts static values.", + "title": "DefaultValues" + }, + "Id": { + "markdownDescription": "An identifier for the string parameter that is created in the dataset.", + "title": "Id", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the string parameter that is created in the dataset.", + "title": "Name", + "type": "string" + }, + "ValueType": { + "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", + "title": "ValueType", + "type": "string" + } + }, + "required": [ + "Id", + "Name", + "ValueType" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues": { + "additionalProperties": false, + "properties": { + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of static default values for a given string parameter.", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.TagColumnOperation": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The column that this operation acts on.", + "title": "ColumnName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnTag" + }, + "markdownDescription": "The dataset column tag, currently only used for geospatial type tagging.\n\n> This is not tags for the AWS tagging feature.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ColumnName", + "Tags" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.TransformOperation": { + "additionalProperties": false, + "properties": { + "CastColumnTypeOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CastColumnTypeOperation", + "markdownDescription": "A transform operation that casts a column to a different type.", + "title": "CastColumnTypeOperation" + }, + "CreateColumnsOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.CreateColumnsOperation", + "markdownDescription": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure.", + "title": "CreateColumnsOperation" + }, + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.FilterOperation", + "markdownDescription": "An operation that filters rows based on some condition.", + "title": "FilterOperation" + }, + "OverrideDatasetParameterOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.OverrideDatasetParameterOperation", + "markdownDescription": "A transform operation that overrides the dataset parameter values that are defined in another dataset.", + "title": "OverrideDatasetParameterOperation" + }, + "ProjectOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.ProjectOperation", + "markdownDescription": "An operation that projects columns. Operations that come after a projection can only refer to projected columns.", + "title": "ProjectOperation" + }, + "RenameColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.RenameColumnOperation", + "markdownDescription": "An operation that renames a column.", + "title": "RenameColumnOperation" + }, + "TagColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.TagColumnOperation", + "markdownDescription": "An operation that tags a column with additional information.", + "title": "TagColumnOperation" + }, + "UntagColumnOperation": { + "$ref": "#/definitions/AWS::QuickSight::DataSet.UntagColumnOperation", + "markdownDescription": "", + "title": "UntagColumnOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSet.UniqueKey": { + "additionalProperties": false, + "properties": { + "ColumnNames": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "ColumnNames", + "type": "array" + } + }, + "required": [ + "ColumnNames" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.UntagColumnOperation": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The column that this operation acts on.", + "title": "ColumnName", + "type": "string" + }, + "TagNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The column tags to remove from this column.", + "title": "TagNames", + "type": "array" + } + }, + "required": [ + "ColumnName", + "TagNames" + ], + "type": "object" + }, + "AWS::QuickSight::DataSet.UploadSettings": { + "additionalProperties": false, + "properties": { + "ContainsHeader": { + "markdownDescription": "Whether the file has a header row, or the files each have a header row.", + "title": "ContainsHeader", + "type": "boolean" + }, + "Delimiter": { + "markdownDescription": "The delimiter between values in the file.", + "title": "Delimiter", + "type": "string" + }, + "Format": { + "markdownDescription": "File format.", + "title": "Format", + "type": "string" + }, + "StartFromRow": { + "markdownDescription": "A row number to start reading data from.", + "title": "StartFromRow", + "type": "number" + }, + "TextQualifier": { + "markdownDescription": "Text qualifier.", + "title": "TextQualifier", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AlternateDataSourceParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" + }, + "markdownDescription": "A set of alternate data source parameters that you want to share for the credentials stored with this data source. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the credentials from this existing data source. If the `AlternateDataSourceParameters` list is null, the `Credentials` originally used with this `DataSourceParameters` are automatically allowed.", + "title": "AlternateDataSourceParameters", + "type": "array" + }, + "AwsAccountId": { + "markdownDescription": "The AWS account ID.", + "title": "AwsAccountId", + "type": "string" + }, + "Credentials": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceCredentials", + "markdownDescription": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported.", + "title": "Credentials" + }, + "DataSourceId": { + "markdownDescription": "An ID for the data source. This ID is unique per AWS Region for each AWS account.", + "title": "DataSourceId", + "type": "string" + }, + "DataSourceParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters", + "markdownDescription": "The parameters that Amazon QuickSight uses to connect to your underlying source.", + "title": "DataSourceParameters" + }, + "ErrorInfo": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceErrorInfo", + "markdownDescription": "Error information from the last update or the creation of the data source.", + "title": "ErrorInfo" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "A display name for the data source.", + "title": "Name", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.ResourcePermission" + }, + "markdownDescription": "A list of resource permissions on the data source.", + "title": "Permissions", + "type": "array" + }, + "SslProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SslProperties", + "markdownDescription": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source.", + "title": "SslProperties" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service.", + "title": "Type", + "type": "string" + }, + "VpcConnectionProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", + "markdownDescription": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source.", + "title": "VpcConnectionProperties" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::DataSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.AmazonElasticsearchParameters": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The OpenSearch domain.", + "title": "Domain", + "type": "string" + } + }, + "required": [ + "Domain" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.AmazonOpenSearchParameters": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The OpenSearch domain.", + "title": "Domain", + "type": "string" + } + }, + "required": [ + "Domain" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.AthenaParameters": { + "additionalProperties": false, + "properties": { + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.IdentityCenterConfiguration", + "markdownDescription": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your workgroup.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center.", + "title": "IdentityCenterConfiguration" + }, + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", + "title": "RoleArn", + "type": "string" + }, + "WorkGroup": { + "markdownDescription": "The workgroup that Amazon Athena uses.", + "title": "WorkGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.AuroraParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.AuroraPostgreSqlParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "The Amazon Aurora PostgreSQL database to connect to.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "The Amazon Aurora PostgreSQL-Compatible host to connect to.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that Amazon Aurora PostgreSQL is listening on.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.CredentialPair": { + "additionalProperties": false, + "properties": { + "AlternateDataSourceParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" + }, + "markdownDescription": "A set of alternate data source parameters that you want to share for these credentials. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the new data source with the existing credentials. If the `AlternateDataSourceParameters` list is null, the `DataSourceParameters` originally used with these `Credentials` is automatically allowed.", + "title": "AlternateDataSourceParameters", + "type": "array" + }, + "Password": { + "markdownDescription": "Password.", + "title": "Password", + "type": "string" + }, + "Username": { + "markdownDescription": "User name.", + "title": "Username", + "type": "string" + } + }, + "required": [ + "Password", + "Username" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.DataSourceCredentials": { + "additionalProperties": false, + "properties": { + "CopySourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use. When `CopySourceArn` is not null, the credential pair from the data source in the ARN is used as the credentials for the `DataSourceCredentials` structure.", + "title": "CopySourceArn", + "type": "string" + }, + "CredentialPair": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.CredentialPair", + "markdownDescription": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` .", + "title": "CredentialPair" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret associated with the data source in AWS Secrets Manager .", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.DataSourceErrorInfo": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Error message.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "Error type.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.DataSourceParameters": { + "additionalProperties": false, + "properties": { + "AmazonElasticsearchParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonElasticsearchParameters", + "markdownDescription": "The parameters for OpenSearch.", + "title": "AmazonElasticsearchParameters" + }, + "AmazonOpenSearchParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonOpenSearchParameters", + "markdownDescription": "The parameters for OpenSearch.", + "title": "AmazonOpenSearchParameters" + }, + "AthenaParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AthenaParameters", + "markdownDescription": "The parameters for Amazon Athena.", + "title": "AthenaParameters" + }, + "AuroraParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraParameters", + "markdownDescription": "The parameters for Amazon Aurora MySQL.", + "title": "AuroraParameters" + }, + "AuroraPostgreSqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraPostgreSqlParameters", + "markdownDescription": "The parameters for Amazon Aurora.", + "title": "AuroraPostgreSqlParameters" + }, + "DatabricksParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.DatabricksParameters", + "markdownDescription": "The required parameters that are needed to connect to a Databricks data source.", + "title": "DatabricksParameters" + }, + "MariaDbParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.MariaDbParameters", + "markdownDescription": "The parameters for MariaDB.", + "title": "MariaDbParameters" + }, + "MySqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.MySqlParameters", + "markdownDescription": "The parameters for MySQL.", + "title": "MySqlParameters" + }, + "OracleParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OracleParameters", + "markdownDescription": "Oracle parameters.", + "title": "OracleParameters" + }, + "PostgreSqlParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.PostgreSqlParameters", + "markdownDescription": "The parameters for PostgreSQL.", + "title": "PostgreSqlParameters" + }, + "PrestoParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.PrestoParameters", + "markdownDescription": "The parameters for Presto.", + "title": "PrestoParameters" + }, + "RdsParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RdsParameters", + "markdownDescription": "The parameters for Amazon RDS.", + "title": "RdsParameters" + }, + "RedshiftParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftParameters", + "markdownDescription": "The parameters for Amazon Redshift.", + "title": "RedshiftParameters" + }, + "S3Parameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.S3Parameters", + "markdownDescription": "The parameters for S3.", + "title": "S3Parameters" + }, + "SnowflakeParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SnowflakeParameters", + "markdownDescription": "The parameters for Snowflake.", + "title": "SnowflakeParameters" + }, + "SparkParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SparkParameters", + "markdownDescription": "The parameters for Spark.", + "title": "SparkParameters" + }, + "SqlServerParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.SqlServerParameters", + "markdownDescription": "The parameters for SQL Server.", + "title": "SqlServerParameters" + }, + "StarburstParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.StarburstParameters", + "markdownDescription": "The parameters that are required to connect to a Starburst data source.", + "title": "StarburstParameters" + }, + "TeradataParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.TeradataParameters", + "markdownDescription": "The parameters for Teradata.", + "title": "TeradataParameters" + }, + "TrinoParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.TrinoParameters", + "markdownDescription": "The parameters that are required to connect to a Trino data source.", + "title": "TrinoParameters" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.DatabricksParameters": { + "additionalProperties": false, + "properties": { + "Host": { + "markdownDescription": "The host name of the Databricks data source.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port for the Databricks data source.", + "title": "Port", + "type": "number" + }, + "SqlEndpointPath": { + "markdownDescription": "The HTTP path of the Databricks data source.", + "title": "SqlEndpointPath", + "type": "string" + } + }, + "required": [ + "Host", + "Port", + "SqlEndpointPath" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.IdentityCenterConfiguration": { + "additionalProperties": false, + "properties": { + "EnableIdentityPropagation": { + "markdownDescription": "A Boolean option that controls whether Trusted Identity Propagation should be used.", + "title": "EnableIdentityPropagation", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.ManifestFileLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "Amazon S3 bucket.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "Amazon S3 key that identifies an object.", + "title": "Key", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.MariaDbParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.MySqlParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.OAuthParameters": { + "additionalProperties": false, + "properties": { + "IdentityProviderResourceUri": { + "markdownDescription": "The resource uri of the identity provider.", + "title": "IdentityProviderResourceUri", + "type": "string" + }, + "IdentityProviderVpcConnectionProperties": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", + "markdownDescription": "", + "title": "IdentityProviderVpcConnectionProperties" + }, + "OAuthScope": { + "markdownDescription": "The OAuth scope.", + "title": "OAuthScope", + "type": "string" + }, + "TokenProviderUrl": { + "markdownDescription": "The token endpoint URL of the identity provider.", + "title": "TokenProviderUrl", + "type": "string" + } + }, + "required": [ + "TokenProviderUrl" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.OracleParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + }, + "UseServiceName": { + "markdownDescription": "A Boolean value that indicates whether the `Database` uses a service name or an SID. If this value is left blank, the default value is `SID` . If this value is set to `false` , the value is `SID` .", + "title": "UseServiceName", + "type": "boolean" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.PostgreSqlParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.PrestoParameters": { + "additionalProperties": false, + "properties": { + "Catalog": { + "markdownDescription": "Catalog.", + "title": "Catalog", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Catalog", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.RdsParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "InstanceId": { + "markdownDescription": "Instance ID.", + "title": "InstanceId", + "type": "string" + } + }, + "required": [ + "Database", + "InstanceId" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.RedshiftIAMParameters": { + "additionalProperties": false, + "properties": { + "AutoCreateDatabaseUser": { + "markdownDescription": "Automatically creates a database user. If your database doesn't have a `DatabaseUser` , set this parameter to `True` . If there is no `DatabaseUser` , Amazon QuickSight can't connect to your cluster. The `RoleArn` that you use for this operation must grant access to `redshift:CreateClusterUser` to successfully create the user.", + "title": "AutoCreateDatabaseUser", + "type": "boolean" + }, + "DatabaseGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of groups whose permissions will be granted to Amazon QuickSight to access the cluster. These permissions are combined with the permissions granted to Amazon QuickSight by the `DatabaseUser` . If you choose to include this parameter, the `RoleArn` must grant access to `redshift:JoinGroup` .", + "title": "DatabaseGroups", + "type": "array" + }, + "DatabaseUser": { + "markdownDescription": "The user whose permissions and group memberships will be used by Amazon QuickSight to access the cluster. If this user already exists in your database, Amazon QuickSight is granted the same permissions that the user has. If the user doesn't exist, set the value of `AutoCreateDatabaseUser` to `True` to create a new user with PUBLIC permissions.", + "title": "DatabaseUser", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to allow Amazon QuickSight to call `redshift:GetClusterCredentials` on your cluster. The calling principal must have `iam:PassRole` access to pass the role to Amazon QuickSight. The role's trust policy must allow the Amazon QuickSight service principal to assume the role.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.RedshiftParameters": { + "additionalProperties": false, + "properties": { + "ClusterId": { + "markdownDescription": "Cluster ID. This field can be blank if the `Host` and `Port` are provided.", + "title": "ClusterId", + "type": "string" + }, + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host. This field can be blank if `ClusterId` is provided.", + "title": "Host", + "type": "string" + }, + "IAMParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftIAMParameters", + "markdownDescription": "An optional parameter that uses IAM authentication to grant Amazon QuickSight access to your cluster. This parameter can be used instead of [DataSourceCredentials](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DataSourceCredentials.html) .", + "title": "IAMParameters" + }, + "IdentityCenterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.IdentityCenterConfiguration", + "markdownDescription": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your cluster.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center.", + "title": "IdentityCenterConfiguration" + }, + "Port": { + "markdownDescription": "Port. This field can be blank if the `ClusterId` is provided.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + }, + "Resource": { + "markdownDescription": "", + "title": "Resource", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.S3Parameters": { + "additionalProperties": false, + "properties": { + "ManifestFileLocation": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.ManifestFileLocation", + "markdownDescription": "Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Amazon QuickSight.", + "title": "ManifestFileLocation" + }, + "RoleArn": { + "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "ManifestFileLocation" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.SnowflakeParameters": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "markdownDescription": "The authentication type that you want to use for your connection. This parameter accepts OAuth and non-OAuth authentication types.", + "title": "AuthenticationType", + "type": "string" + }, + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "DatabaseAccessControlRole": { + "markdownDescription": "The database access control role.", + "title": "DatabaseAccessControlRole", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "OAuthParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OAuthParameters", + "markdownDescription": "An object that contains information needed to create a data source connection between an Amazon QuickSight account and Snowflake.", + "title": "OAuthParameters" + }, + "Warehouse": { + "markdownDescription": "Warehouse.", + "title": "Warehouse", + "type": "string" + } + }, + "required": [ + "Database", + "Host", + "Warehouse" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.SparkParameters": { + "additionalProperties": false, + "properties": { + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.SqlServerParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.SslProperties": { + "additionalProperties": false, + "properties": { + "DisableSsl": { + "markdownDescription": "A Boolean option to control whether SSL should be disabled.", + "title": "DisableSsl", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::DataSource.StarburstParameters": { + "additionalProperties": false, + "properties": { + "AuthenticationType": { + "markdownDescription": "The authentication type that you want to use for your connection. This parameter accepts OAuth and non-OAuth authentication types.", + "title": "AuthenticationType", + "type": "string" + }, + "Catalog": { + "markdownDescription": "The catalog name for the Starburst data source.", + "title": "Catalog", + "type": "string" + }, + "DatabaseAccessControlRole": { + "markdownDescription": "The database access control role.", + "title": "DatabaseAccessControlRole", + "type": "string" + }, + "Host": { + "markdownDescription": "The host name of the Starburst data source.", + "title": "Host", + "type": "string" + }, + "OAuthParameters": { + "$ref": "#/definitions/AWS::QuickSight::DataSource.OAuthParameters", + "markdownDescription": "An object that contains information needed to create a data source connection between an Amazon QuickSight account and Starburst.", + "title": "OAuthParameters" + }, + "Port": { + "markdownDescription": "The port for the Starburst data source.", + "title": "Port", + "type": "number" + }, + "ProductType": { + "markdownDescription": "The product type for the Starburst data source.", + "title": "ProductType", + "type": "string" + } + }, + "required": [ + "Catalog", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.TeradataParameters": { + "additionalProperties": false, + "properties": { + "Database": { + "markdownDescription": "Database.", + "title": "Database", + "type": "string" + }, + "Host": { + "markdownDescription": "Host.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "Port.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Database", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.TrinoParameters": { + "additionalProperties": false, + "properties": { + "Catalog": { + "markdownDescription": "The catalog name for the Trino data source.", + "title": "Catalog", + "type": "string" + }, + "Host": { + "markdownDescription": "The host name of the Trino data source.", + "title": "Host", + "type": "string" + }, + "Port": { + "markdownDescription": "The port for the Trino data source.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Catalog", + "Host", + "Port" + ], + "type": "object" + }, + "AWS::QuickSight::DataSource.VpcConnectionProperties": { + "additionalProperties": false, + "properties": { + "VpcConnectionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the VPC connection.", + "title": "VpcConnectionArn", + "type": "string" + } + }, + "required": [ + "VpcConnectionArn" + ], + "type": "object" + }, + "AWS::QuickSight::Folder": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID for the AWS account where you want to create the folder.", + "title": "AwsAccountId", + "type": "string" + }, + "FolderId": { + "markdownDescription": "The ID of the folder.", + "title": "FolderId", + "type": "string" + }, + "FolderType": { + "markdownDescription": "The type of folder it is.", + "title": "FolderType", + "type": "string" + }, + "Name": { + "markdownDescription": "A display name for the folder.", + "title": "Name", + "type": "string" + }, + "ParentFolderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the folder.", + "title": "ParentFolderArn", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Folder.ResourcePermission" + }, + "markdownDescription": "A structure that describes the principals and the resource-level permissions of a folder.\n\nTo specify no permissions, omit `Permissions` .", + "title": "Permissions", + "type": "array" + }, + "SharingModel": { + "markdownDescription": "The sharing scope of the folder.", + "title": "SharingModel", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags for the folders that you want to apply overrides to.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Folder" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Folder.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::RefreshSchedule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The AWS account ID of the account that you are creating a schedule in.", + "title": "AwsAccountId", + "type": "string" + }, + "DataSetId": { + "markdownDescription": "The ID of the dataset that you are creating a refresh schedule for.", + "title": "DataSetId", + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshScheduleMap", + "markdownDescription": "The refresh schedule of a dataset.", + "title": "Schedule" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::RefreshSchedule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::RefreshSchedule.RefreshOnDay": { + "additionalProperties": false, + "properties": { + "DayOfMonth": { + "markdownDescription": "The day of the month that you want your dataset to refresh. This value is required for monthly refresh intervals.", + "title": "DayOfMonth", + "type": "string" + }, + "DayOfWeek": { + "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", + "title": "DayOfWeek", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::RefreshSchedule.RefreshScheduleMap": { + "additionalProperties": false, + "properties": { + "RefreshType": { + "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *QuickSight User Guide* .", + "title": "RefreshType", + "type": "string" + }, + "ScheduleFrequency": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.ScheduleFrequency", + "markdownDescription": "The frequency for the refresh schedule.", + "title": "ScheduleFrequency" + }, + "ScheduleId": { + "markdownDescription": "An identifier for the refresh schedule.", + "title": "ScheduleId", + "type": "string" + }, + "StartAfterDateTime": { + "markdownDescription": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format.", + "title": "StartAfterDateTime", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::RefreshSchedule.ScheduleFrequency": { + "additionalProperties": false, + "properties": { + "Interval": { + "markdownDescription": "The interval between scheduled refreshes. Valid values are as follows:\n\n- `MINUTE15` : The dataset refreshes every 15 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `MINUTE30` : The dataset refreshes every 30 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `HOURLY` : The dataset refreshes every hour. This interval can only be used for one schedule per dataset.\n- `DAILY` : The dataset refreshes every day.\n- `WEEKLY` : The dataset refreshes every week.\n- `MONTHLY` : The dataset refreshes every month.", + "title": "Interval", + "type": "string" + }, + "RefreshOnDay": { + "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshOnDay", + "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", + "title": "RefreshOnDay" + }, + "TimeOfTheDay": { + "markdownDescription": "The time of day that you want the dataset to refresh. This value is expressed in HH:MM format. This field is not required for schedules that refresh hourly.", + "title": "TimeOfTheDay", + "type": "string" + }, + "TimeZone": { + "markdownDescription": "The timezone that you want the refresh schedule to use. The timezone ID must match a corresponding ID found on `java.util.time.getAvailableIDs()` .", + "title": "TimeZone", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", + "title": "AwsAccountId", + "type": "string" + }, + "Definition": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateVersionDefinition", + "markdownDescription": "", + "title": "Definition" + }, + "Name": { + "markdownDescription": "A display name for the template.", + "title": "Name", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ResourcePermission" + }, + "markdownDescription": "A list of resource permissions to be set on the template.", + "title": "Permissions", + "type": "array" + }, + "SourceEntity": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceEntity", + "markdownDescription": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", + "title": "SourceEntity" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource.", + "title": "Tags", + "type": "array" + }, + "TemplateId": { + "markdownDescription": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account.", + "title": "TemplateId", + "type": "string" + }, + "ValidationStrategy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ValidationStrategy", + "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", + "title": "ValidationStrategy" + }, + "VersionDescription": { + "markdownDescription": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field.", + "title": "VersionDescription", + "type": "string" + } + }, + "required": [ + "AwsAccountId", + "TemplateId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Template" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::Template.AggregationFunction": { + "additionalProperties": false, + "properties": { + "AttributeAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AttributeAggregationFunction", + "markdownDescription": "Aggregation for attributes.", + "title": "AttributeAggregationFunction" + }, + "CategoricalAggregationFunction": { + "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", + "title": "CategoricalAggregationFunction", + "type": "string" + }, + "DateAggregationFunction": { + "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", + "title": "DateAggregationFunction", + "type": "string" + }, + "NumericalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "Aggregation for numerical values.", + "title": "NumericalAggregationFunction" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AggregationSortConfiguration": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The function that aggregates the values in `Column` .", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that determines the sort order of aggregated values.", + "title": "Column" + }, + "SortDirection": { + "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", + "title": "SortDirection", + "type": "string" + } + }, + "required": [ + "Column", + "SortDirection" + ], + "type": "object" + }, + "AWS::QuickSight::Template.AnalysisDefaults": { + "additionalProperties": false, + "properties": { + "DefaultNewSheetConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultNewSheetConfiguration", + "markdownDescription": "The configuration for default new sheet settings.", + "title": "DefaultNewSheetConfiguration" + } + }, + "required": [ + "DefaultNewSheetConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.AnchorDateConfiguration": { + "additionalProperties": false, + "properties": { + "AnchorOption": { + "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", + "title": "AnchorOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", + "title": "ParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcAxisConfiguration": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisDisplayRange", + "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", + "title": "Range" + }, + "ReserveRange": { + "markdownDescription": "The reserved range of the arc axis.", + "title": "ReserveRange", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcAxisDisplayRange": { + "additionalProperties": false, + "properties": { + "Max": { + "markdownDescription": "The maximum value of the arc axis range.", + "title": "Max", + "type": "number" + }, + "Min": { + "markdownDescription": "The minimum value of the arc axis range.", + "title": "Min", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcConfiguration": { + "additionalProperties": false, + "properties": { + "ArcAngle": { + "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", + "title": "ArcAngle", + "type": "number" + }, + "ArcThickness": { + "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ArcOptions": { + "additionalProperties": false, + "properties": { + "ArcThickness": { + "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", + "title": "ArcThickness", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AssetOptions": { + "additionalProperties": false, + "properties": { + "Timezone": { + "markdownDescription": "Determines the timezone for the analysis.", + "title": "Timezone", + "type": "string" + }, + "WeekStart": { + "markdownDescription": "Determines the week start day for an analysis.", + "title": "WeekStart", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AttributeAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleAttributeAggregation": { + "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", + "title": "SimpleAttributeAggregation", + "type": "string" + }, + "ValueForMultipleValues": { + "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", + "title": "ValueForMultipleValues", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisDataOptions": { + "additionalProperties": false, + "properties": { + "DateAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateAxisOptions", + "markdownDescription": "The options for an axis with a date field.", + "title": "DateAxisOptions" + }, + "NumericAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericAxisOptions", + "markdownDescription": "The options for an axis with a numeric field.", + "title": "NumericAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisDisplayMinMaxRange": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The maximum setup for an axis display range.", + "title": "Maximum", + "type": "number" + }, + "Minimum": { + "markdownDescription": "The minimum setup for an axis display range.", + "title": "Minimum", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisLineVisibility": { + "markdownDescription": "Determines whether or not the axis line is visible.", + "title": "AxisLineVisibility", + "type": "object" + }, + "AxisOffset": { + "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", + "title": "AxisOffset", + "type": "string" + }, + "DataOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDataOptions", + "markdownDescription": "The data options for an axis.", + "title": "DataOptions" + }, + "GridLineVisibility": { + "markdownDescription": "Determines whether or not the grid line is visible.", + "title": "GridLineVisibility", + "type": "object" + }, + "ScrollbarOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScrollBarOptions", + "markdownDescription": "The scroll bar options for an axis.", + "title": "ScrollbarOptions" + }, + "TickLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisTickLabelOptions", + "markdownDescription": "The tick label options of an axis.", + "title": "TickLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisDisplayRange": { + "additionalProperties": false, + "properties": { + "DataDriven": { + "markdownDescription": "The data-driven setup of an axis display range.", + "title": "DataDriven", + "type": "object" + }, + "MinMax": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayMinMaxRange", + "markdownDescription": "The minimum and maximum setup of an axis display range.", + "title": "MinMax" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisLabelOptions": { + "additionalProperties": false, + "properties": { + "ApplyTo": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelReferenceOptions", + "markdownDescription": "The options that indicate which field the label belongs to.", + "title": "ApplyTo" + }, + "CustomLabel": { + "markdownDescription": "The text for the axis label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the axis label.", + "title": "FontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisLabelReferenceOptions": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the axis label is targeted to.", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The field that the axis label is targeted to.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.AxisLinearScale": { + "additionalProperties": false, + "properties": { + "StepCount": { + "markdownDescription": "The step count setup of a linear axis.", + "title": "StepCount", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The step size setup of a linear axis.", + "title": "StepSize", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisLogarithmicScale": { + "additionalProperties": false, + "properties": { + "Base": { + "markdownDescription": "The base setup of a logarithmic axis scale.", + "title": "Base", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisScale": { + "additionalProperties": false, + "properties": { + "Linear": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLinearScale", + "markdownDescription": "The linear axis scale setup.", + "title": "Linear" + }, + "Logarithmic": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLogarithmicScale", + "markdownDescription": "The logarithmic axis scale setup.", + "title": "Logarithmic" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.AxisTickLabelOptions": { + "additionalProperties": false, + "properties": { + "LabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "Determines whether or not the axis ticks are visible.", + "title": "LabelOptions" + }, + "RotationAngle": { + "markdownDescription": "The rotation angle of the axis tick labels.", + "title": "RotationAngle", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category (y-axis) field well of a bar chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color (group/color) field well of a bar chart.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a bar chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarsArrangement": { + "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", + "title": "ColorLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Orientation": { + "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", + "title": "Orientation", + "type": "string" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `BarChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", + "title": "ValueAxis" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartFieldWells": { + "additionalProperties": false, + "properties": { + "BarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a bar chart.", + "title": "BarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed in a bar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of values displayed in a bar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of color fields in a bar chart.", + "title": "ColorSort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.BinCountOptions": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The options that determine the bin count value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BinWidthOptions": { + "additionalProperties": false, + "properties": { + "BinCountLimit": { + "markdownDescription": "The options that determine the bin count limit.", + "title": "BinCountLimit", + "type": "number" + }, + "Value": { + "markdownDescription": "The options that determine the bin width value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionContent", + "markdownDescription": "The configuration of content in a body section.", + "title": "Content" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionPageBreakConfiguration", + "markdownDescription": "The configuration of a page break for a section.", + "title": "PageBreakConfiguration" + }, + "RepeatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatConfiguration", + "markdownDescription": "Describes the configurations that are required to declare a section as repeating.", + "title": "RepeatConfiguration" + }, + "SectionId": { + "markdownDescription": "The unique identifier of a body section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", + "markdownDescription": "The style options of a body section.", + "title": "Style" + } + }, + "required": [ + "Content", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionContent": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of a body section.", + "title": "Layout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionDynamicCategoryDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionDynamicNumericDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Limit": { + "markdownDescription": "Number of values to use from the column for repetition.", + "title": "Limit", + "type": "number" + }, + "SortByMetrics": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort" + }, + "markdownDescription": "Sort criteria on the column values that you use for repetition.", + "title": "SortByMetrics", + "type": "array" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionRepeatConfiguration": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatDimensionConfiguration" + }, + "markdownDescription": "List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section.", + "title": "DimensionConfigurations", + "type": "array" + }, + "NonRepeatingVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances.", + "title": "NonRepeatingVisuals", + "type": "array" + }, + "PageBreakConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionRepeatPageBreakConfiguration", + "markdownDescription": "Page break configuration to apply for each repeating instance.", + "title": "PageBreakConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionRepeatDimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DynamicCategoryDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionDynamicCategoryDimensionConfiguration", + "markdownDescription": "Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents.", + "title": "DynamicCategoryDimensionConfiguration" + }, + "DynamicNumericDimensionConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionDynamicNumericDimensionConfiguration", + "markdownDescription": "Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section.", + "title": "DynamicNumericDimensionConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BodySectionRepeatPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", + "markdownDescription": "", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotChartConfiguration": { + "additionalProperties": false, + "properties": { + "BoxPlotOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotOptions", + "markdownDescription": "The box plot chart options for a box plot visual", + "title": "BoxPlotOptions" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotSortConfiguration", + "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotFieldWells": { + "additionalProperties": false, + "properties": { + "BoxPlotAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a box plot.", + "title": "BoxPlotAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotOptions": { + "additionalProperties": false, + "properties": { + "AllDataPointsVisibility": { + "markdownDescription": "Determines the visibility of all data points of the box plot.", + "title": "AllDataPointsVisibility", + "type": "object" + }, + "OutlierVisibility": { + "markdownDescription": "Determines the visibility of the outlier in a box plot.", + "title": "OutlierVisibility", + "type": "object" + }, + "StyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotStyleOptions", + "markdownDescription": "The style options of the box plot.", + "title": "StyleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of a group by fields.", + "title": "CategorySort", + "type": "array" + }, + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", + "markdownDescription": "The pagination configuration of a table visual or box plot.", + "title": "PaginationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotStyleOptions": { + "additionalProperties": false, + "properties": { + "FillStyle": { + "markdownDescription": "The fill styles (solid, transparent) of the box plot.", + "title": "FillStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.BoxPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CalculatedField": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in this calculated field.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the calculated field.", + "title": "Expression", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the calculated field.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "Expression", + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CalculatedMeasureField": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression in the table calculation.", + "title": "Expression", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Expression", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CascadingControlConfiguration": { + "additionalProperties": false, + "properties": { + "SourceControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlSource" + }, + "markdownDescription": "A list of source controls that determine the values that are used in the current control.", + "title": "SourceControls", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CascadingControlSource": { + "additionalProperties": false, + "properties": { + "ColumnToMatch": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", + "title": "ColumnToMatch" + }, + "SourceSheetControlId": { + "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", + "title": "SourceSheetControlId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CategoricalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CategoricalMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CategoryDrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", + "title": "CategoryValues", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + } + }, + "required": [ + "CategoryValues", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CategoryFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", + "markdownDescription": "The configuration for a `CategoryFilter` .", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + } + }, + "required": [ + "Column", + "Configuration", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CategoryFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CustomFilterConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterConfiguration", + "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", + "title": "CustomFilterConfiguration" + }, + "CustomFilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterListConfiguration", + "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", + "title": "CustomFilterListConfiguration" + }, + "FilterListConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterListConfiguration", + "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", + "title": "FilterListConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CategoryInnerFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "Column" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", + "markdownDescription": "", + "title": "Configuration" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "", + "title": "DefaultFilterControlConfiguration" + } + }, + "required": [ + "Column", + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ChartAxisLabelOptions": { + "additionalProperties": false, + "properties": { + "AxisLabelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelOptions" + }, + "markdownDescription": "The label options for a chart axis.", + "title": "AxisLabelOptions", + "type": "array" + }, + "SortIconVisibility": { + "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", + "title": "SortIconVisibility", + "type": "object" + }, + "Visibility": { + "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ClusterMarker": { + "additionalProperties": false, + "properties": { + "SimpleClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Template.SimpleClusterMarker", + "markdownDescription": "The simple cluster marker of the cluster marker.", + "title": "SimpleClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ClusterMarkerConfiguration": { + "additionalProperties": false, + "properties": { + "ClusterMarker": { + "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarker", + "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", + "title": "ClusterMarker" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColorScale": { + "additionalProperties": false, + "properties": { + "ColorFillType": { + "markdownDescription": "Determines the color fill type.", + "title": "ColorFillType", + "type": "string" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataColor" + }, + "markdownDescription": "Determines the list of colors that are applied to the visual.", + "title": "Colors", + "type": "array" + }, + "NullValueColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataColor", + "markdownDescription": "Determines the color that is applied to null values.", + "title": "NullValueColor" + } + }, + "required": [ + "ColorFillType", + "Colors" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ColorsConfiguration": { + "additionalProperties": false, + "properties": { + "CustomColors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomColor" + }, + "markdownDescription": "A list of up to 50 custom colors.", + "title": "CustomColors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnConfiguration": { + "additionalProperties": false, + "properties": { + "ColorsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorsConfiguration", + "markdownDescription": "The color configurations of the column.", + "title": "ColorsConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column.", + "title": "Column" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", + "markdownDescription": "The format configuration of a column.", + "title": "FormatConfiguration" + }, + "Role": { + "markdownDescription": "The role of the column.", + "title": "Role", + "type": "string" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ColumnGroupColumnSchema": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the column group's column schema.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnGroupSchema": { + "additionalProperties": false, + "properties": { + "ColumnGroupColumnSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupColumnSchema" + }, + "markdownDescription": "A structure containing the list of schemas for column group columns.", + "title": "ColumnGroupColumnSchemaList", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the column group schema.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnHierarchy": { + "additionalProperties": false, + "properties": { + "DateTimeHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeHierarchy", + "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", + "title": "DateTimeHierarchy" + }, + "ExplicitHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExplicitHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", + "title": "ExplicitHierarchy" + }, + "PredefinedHierarchy": { + "$ref": "#/definitions/AWS::QuickSight::Template.PredefinedHierarchy", + "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", + "title": "PredefinedHierarchy" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnIdentifier": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", + "type": "string" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that the column belongs to.", + "title": "DataSetIdentifier", + "type": "string" + } + }, + "required": [ + "ColumnName", + "DataSetIdentifier" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ColumnSchema": { + "additionalProperties": false, + "properties": { + "DataType": { + "markdownDescription": "The data type of the column schema.", + "title": "DataType", + "type": "string" + }, + "GeographicRole": { + "markdownDescription": "The geographic role of the column schema.", + "title": "GeographicRole", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the column schema.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ColumnSort": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function that is defined in the column sort.", + "title": "AggregationFunction" + }, + "Direction": { + "markdownDescription": "The sort direction.", + "title": "Direction", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "", + "title": "SortBy" + } + }, + "required": [ + "Direction", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ColumnTooltipItem": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the column tooltip item.", + "title": "Aggregation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The target column of the tooltip item.", + "title": "Column" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the column tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "object" + } + }, + "required": [ + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "BarValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", + "title": "BarValues", + "type": "array" + }, + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated category field wells of a combo chart.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated colors field well of a combo chart.", + "title": "Colors", + "type": "array" + }, + "LineValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", + "title": "LineValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartConfiguration": { + "additionalProperties": false, + "properties": { + "BarDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", + "title": "BarDataLabels" + }, + "BarsArrangement": { + "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", + "title": "BarsArrangement", + "type": "string" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The category axis of a combo chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", + "title": "CategoryLabelOptions" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "LineDataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", + "title": "LineDataLabels" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference line setup of the visual.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", + "title": "SecondaryYAxisLabelOptions" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartSortConfiguration", + "markdownDescription": "The sort configuration of a `ComboChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartFieldWells": { + "additionalProperties": false, + "properties": { + "ComboChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", + "title": "ComboChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration for the category field well of a combo chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category field well in a combo chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The item limit configuration of the color field well in a combo chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the color field well in a combo chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComboChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ComparisonConfiguration": { + "additionalProperties": false, + "properties": { + "ComparisonFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonFormatConfiguration", + "markdownDescription": "The format of the comparison.", + "title": "ComparisonFormat" + }, + "ComparisonMethod": { + "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", + "title": "ComparisonMethod", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ComparisonFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", + "markdownDescription": "The number display format.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", + "markdownDescription": "The percentage display format.", + "title": "PercentageDisplayFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.Computation": { + "additionalProperties": false, + "properties": { + "Forecast": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastComputation", + "markdownDescription": "The forecast computation configuration.", + "title": "Forecast" + }, + "GrowthRate": { + "$ref": "#/definitions/AWS::QuickSight::Template.GrowthRateComputation", + "markdownDescription": "The growth rate computation configuration.", + "title": "GrowthRate" + }, + "MaximumMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Template.MaximumMinimumComputation", + "markdownDescription": "The maximum and minimum computation configuration.", + "title": "MaximumMinimum" + }, + "MetricComparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.MetricComparisonComputation", + "markdownDescription": "The metric comparison computation configuration.", + "title": "MetricComparison" + }, + "PeriodOverPeriod": { + "$ref": "#/definitions/AWS::QuickSight::Template.PeriodOverPeriodComputation", + "markdownDescription": "The period over period computation configuration.", + "title": "PeriodOverPeriod" + }, + "PeriodToDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.PeriodToDateComputation", + "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", + "title": "PeriodToDate" + }, + "TopBottomMovers": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomMoversComputation", + "markdownDescription": "The top movers and bottom movers computation configuration.", + "title": "TopBottomMovers" + }, + "TopBottomRanked": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomRankedComputation", + "markdownDescription": "The top ranked and bottom ranked computation configuration.", + "title": "TopBottomRanked" + }, + "TotalAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationComputation", + "markdownDescription": "The total aggregation computation configuration.", + "title": "TotalAggregation" + }, + "UniqueValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.UniqueValuesComputation", + "markdownDescription": "The unique values computation configuration.", + "title": "UniqueValues" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingColor": { + "additionalProperties": false, + "properties": { + "Gradient": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingGradientColor", + "markdownDescription": "Formatting configuration for gradient color.", + "title": "Gradient" + }, + "Solid": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingSolidColor", + "markdownDescription": "Formatting configuration for solid color.", + "title": "Solid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color of the icon.", + "title": "Color", + "type": "string" + }, + "DisplayConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration", + "markdownDescription": "Determines the icon display configuration.", + "title": "DisplayConfiguration" + }, + "Expression": { + "markdownDescription": "The expression that determines the condition of the icon set.", + "title": "Expression", + "type": "string" + }, + "IconOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions", + "markdownDescription": "Custom icon options for an icon set.", + "title": "IconOptions" + } + }, + "required": [ + "Expression", + "IconOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "Determines the type of icon.", + "title": "Icon", + "type": "string" + }, + "UnicodeIcon": { + "markdownDescription": "Determines the Unicode icon type.", + "title": "UnicodeIcon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingGradientColor": { + "additionalProperties": false, + "properties": { + "Color": { + "$ref": "#/definitions/AWS::QuickSight::Template.GradientColor", + "markdownDescription": "Determines the color.", + "title": "Color" + }, + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for gradient color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Color", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingIcon": { + "additionalProperties": false, + "properties": { + "CustomCondition": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition", + "markdownDescription": "Determines the custom condition for an icon set.", + "title": "CustomCondition" + }, + "IconSet": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconSet", + "markdownDescription": "Formatting configuration for icon set.", + "title": "IconSet" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration": { + "additionalProperties": false, + "properties": { + "IconDisplayOption": { + "markdownDescription": "Determines the icon display configuration.", + "title": "IconDisplayOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingIconSet": { + "additionalProperties": false, + "properties": { + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for the icon set.", + "title": "Expression", + "type": "string" + }, + "IconSetType": { + "markdownDescription": "Determines the icon set type.", + "title": "IconSetType", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ConditionalFormattingSolidColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression that determines the formatting configuration for solid color.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ContextMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ContributionAnalysisDefault": { + "additionalProperties": false, + "properties": { + "ContributorDimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", + "title": "ContributorDimensions", + "type": "array" + }, + "MeasureFieldId": { + "markdownDescription": "The measure field that is used in the contribution analysis.", + "title": "MeasureFieldId", + "type": "string" + } + }, + "required": [ + "ContributorDimensions", + "MeasureFieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value for the currency format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the currency format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the currency format.", + "title": "Suffix", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the symbol for the currency format.", + "title": "Symbol", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomActionFilterOperation": { + "additionalProperties": false, + "properties": { + "SelectedFieldsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration", + "markdownDescription": "The configuration that chooses the fields to be filtered.", + "title": "SelectedFieldsConfiguration" + }, + "TargetVisualsConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration", + "markdownDescription": "The configuration that chooses the target visuals to be filtered.", + "title": "TargetVisualsConfiguration" + } + }, + "required": [ + "SelectedFieldsConfiguration", + "TargetVisualsConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomActionNavigationOperation": { + "additionalProperties": false, + "properties": { + "LocalNavigationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LocalNavigationConfiguration", + "markdownDescription": "The configuration that chooses the navigation target.", + "title": "LocalNavigationConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomActionSetParametersOperation": { + "additionalProperties": false, + "properties": { + "ParameterValueConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SetParameterValueConfiguration" + }, + "markdownDescription": "The parameter that determines the value configuration.", + "title": "ParameterValueConfigurations", + "type": "array" + } + }, + "required": [ + "ParameterValueConfigurations" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomActionURLOperation": { + "additionalProperties": false, + "properties": { + "URLTarget": { + "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", + "title": "URLTarget", + "type": "string" + }, + "URLTemplate": { + "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", + "title": "URLTemplate", + "type": "string" + } + }, + "required": [ + "URLTarget", + "URLTemplate" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "FieldValue", + "type": "string" + }, + "SpecialValue": { + "markdownDescription": "The value of a special data value.", + "title": "SpecialValue", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomContentConfiguration": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", + "title": "ContentType", + "type": "string" + }, + "ContentUrl": { + "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", + "title": "ContentUrl", + "type": "string" + }, + "ImageScaling": { + "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", + "title": "ImageScaling", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomContentVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentConfiguration", + "markdownDescription": "The configuration of a `CustomContentVisual` .", + "title": "ChartConfiguration" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomFilterConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValue": { + "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", + "title": "CategoryValue", + "type": "string" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomFilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomNarrativeOptions": { + "additionalProperties": false, + "properties": { + "Narrative": { + "markdownDescription": "The string input of custom narrative.", + "title": "Narrative", + "type": "string" + } + }, + "required": [ + "Narrative" + ], + "type": "object" + }, + "AWS::QuickSight::Template.CustomParameterValues": { + "additionalProperties": false, + "properties": { + "DateTimeValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of datetime-type parameter values.", + "title": "DateTimeValues", + "type": "array" + }, + "DecimalValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of decimal-type parameter values.", + "title": "DecimalValues", + "type": "array" + }, + "IntegerValues": { + "items": { + "type": "number" + }, + "markdownDescription": "A list of integer-type parameter values.", + "title": "IntegerValues", + "type": "array" + }, + "StringValues": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of string-type parameter values.", + "title": "StringValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.CustomValuesConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomParameterValues", + "markdownDescription": "", + "title": "CustomValues" + }, + "IncludeNullValue": { + "markdownDescription": "Includes the null value in custom action parameter values.", + "title": "IncludeNullValue", + "type": "boolean" + } + }, + "required": [ + "CustomValues" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataBarsOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the data bars options.", + "title": "FieldId", + "type": "string" + }, + "NegativeColor": { + "markdownDescription": "The color of the negative data bar.", + "title": "NegativeColor", + "type": "string" + }, + "PositiveColor": { + "markdownDescription": "The color of the positive data bar.", + "title": "PositiveColor", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that is applied to the data value.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "The data value that the color is applied to.", + "title": "DataValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataFieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that you are setting the axis binding to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The field value of the field that you are setting the axis binding to.", + "title": "FieldValue", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataLabelOptions": { + "additionalProperties": false, + "properties": { + "CategoryLabelVisibility": { + "markdownDescription": "Determines the visibility of the category field labels.", + "title": "CategoryLabelVisibility", + "type": "object" + }, + "DataLabelTypes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelType" + }, + "markdownDescription": "The option that determines the data label type.", + "title": "DataLabelTypes", + "type": "array" + }, + "LabelColor": { + "markdownDescription": "Determines the color of the data labels.", + "title": "LabelColor", + "type": "string" + }, + "LabelContent": { + "markdownDescription": "Determines the content of the data labels.", + "title": "LabelContent", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "Determines the font configuration of the data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureLabelVisibility": { + "markdownDescription": "Determines the visibility of the measure field labels.", + "title": "MeasureLabelVisibility", + "type": "object" + }, + "Overlap": { + "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", + "title": "Overlap", + "type": "string" + }, + "Position": { + "markdownDescription": "Determines the position of the data labels.", + "title": "Position", + "type": "string" + }, + "TotalsVisibility": { + "markdownDescription": "Determines the visibility of the total.", + "title": "TotalsVisibility", + "type": "object" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the data labels.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataLabelType": { + "additionalProperties": false, + "properties": { + "DataPathLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathLabelType", + "markdownDescription": "The option that specifies individual data values for labels.", + "title": "DataPathLabelType" + }, + "FieldLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldLabelType", + "markdownDescription": "Determines the label configuration for the entire field.", + "title": "FieldLabelType" + }, + "MaximumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.MaximumLabelType", + "markdownDescription": "Determines the label configuration for the maximum value in a visual.", + "title": "MaximumLabelType" + }, + "MinimumLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.MinimumLabelType", + "markdownDescription": "Determines the label configuration for the minimum value in a visual.", + "title": "MinimumLabelType" + }, + "RangeEndsLabelType": { + "$ref": "#/definitions/AWS::QuickSight::Template.RangeEndsLabelType", + "markdownDescription": "Determines the label configuration for range end value in a visual.", + "title": "RangeEndsLabelType" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataPathColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color that needs to be applied to the element.", + "title": "Color", + "type": "string" + }, + "Element": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue", + "markdownDescription": "The element that the color needs to be applied to.", + "title": "Element" + }, + "TimeGranularity": { + "markdownDescription": "The time granularity of the field that the color needs to be applied to.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Color", + "Element" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataPathLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the field that the data label needs to be applied to.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that is labeled.", + "title": "FieldValue", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the data label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataPathSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "Determines the sort direction.", + "title": "Direction", + "type": "string" + }, + "SortPaths": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + }, + "markdownDescription": "The list of data paths that need to be sorted.", + "title": "SortPaths", + "type": "array" + } + }, + "required": [ + "Direction", + "SortPaths" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataPathType": { + "additionalProperties": false, + "properties": { + "PivotTableDataPathType": { + "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", + "title": "PivotTableDataPathType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataPathValue": { + "additionalProperties": false, + "properties": { + "DataPathType": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathType", + "markdownDescription": "The type configuration of the field.", + "title": "DataPathType" + }, + "FieldId": { + "markdownDescription": "The field ID of the field that needs to be sorted.", + "title": "FieldId", + "type": "string" + }, + "FieldValue": { + "markdownDescription": "The actual value of the field that needs to be sorted.", + "title": "FieldValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataSetConfiguration": { + "additionalProperties": false, + "properties": { + "ColumnGroupSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupSchema" + }, + "markdownDescription": "A structure containing the list of column group schemas.", + "title": "ColumnGroupSchemaList", + "type": "array" + }, + "DataSetSchema": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetSchema", + "markdownDescription": "Dataset schema.", + "title": "DataSetSchema" + }, + "Placeholder": { + "markdownDescription": "Placeholder.", + "title": "Placeholder", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DataSetReference": { + "additionalProperties": false, + "properties": { + "DataSetArn": { + "markdownDescription": "Dataset Amazon Resource Name (ARN).", + "title": "DataSetArn", + "type": "string" + }, + "DataSetPlaceholder": { + "markdownDescription": "Dataset placeholder.", + "title": "DataSetPlaceholder", + "type": "string" + } + }, + "required": [ + "DataSetArn", + "DataSetPlaceholder" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DataSetSchema": { + "additionalProperties": false, + "properties": { + "ColumnSchemaList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSchema" + }, + "markdownDescription": "A structure containing the list of column schemas.", + "title": "ColumnSchemaList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateAxisOptions": { + "additionalProperties": false, + "properties": { + "MissingDateVisibility": { + "markdownDescription": "Determines whether or not missing dates are displayed.", + "title": "MissingDateVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateDimensionField` .", + "title": "Column" + }, + "DateGranularity": { + "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", + "title": "DateGranularity", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DateMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction", + "type": "string" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `DateMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DateTimeDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", + "title": "RollingDate" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DataTimeDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateTimeFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateTimeFormat", + "type": "string" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateTimeHierarchy": { + "additionalProperties": false, + "properties": { + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DateTimeParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DateTimePickerControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateIconVisibility": { + "markdownDescription": "The date icon visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "DateIconVisibility", + "type": "object" + }, + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "HelperTextVisibility": { + "markdownDescription": "The helper text visibility of the `DateTimePickerControlDisplayOptions` .", + "title": "HelperTextVisibility", + "type": "object" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DecimalDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DecimalParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DecimalPlacesConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlaces": { + "markdownDescription": "The values of the decimal places.", + "title": "DecimalPlaces", + "type": "number" + } + }, + "required": [ + "DecimalPlaces" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultDateTimePickerControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "Type": { + "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultFilterControlConfiguration": { + "additionalProperties": false, + "properties": { + "ControlOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlOptions", + "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", + "title": "ControlOptions" + }, + "Title": { + "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ControlOptions", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DefaultFilterControlOptions": { + "additionalProperties": false, + "properties": { + "DefaultDateTimePickerOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultDateTimePickerControlOptions", + "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", + "title": "DefaultDateTimePickerOptions" + }, + "DefaultDropdownOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterDropDownControlOptions", + "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", + "title": "DefaultDropdownOptions" + }, + "DefaultListOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterListControlOptions", + "markdownDescription": "The default options that correspond to the `List` filter control type.", + "title": "DefaultListOptions" + }, + "DefaultRelativeDateTimeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions", + "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", + "title": "DefaultRelativeDateTimeOptions" + }, + "DefaultSliderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSliderControlOptions", + "markdownDescription": "The default options that correspond to the `Slider` filter control type.", + "title": "DefaultSliderOptions" + }, + "DefaultTextAreaOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextAreaControlOptions", + "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", + "title": "DefaultTextAreaOptions" + }, + "DefaultTextFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextFieldControlOptions", + "markdownDescription": "The default options that correspond to the `TextField` filter control type.", + "title": "DefaultTextFieldOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultFilterDropDownControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultFilterListControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "Type": { + "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a free-form layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DefaultGridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a grid layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeForm": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration", + "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", + "title": "FreeForm" + }, + "Grid": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultGridLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a grid layout configuration.", + "title": "Grid" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultNewSheetConfiguration": { + "additionalProperties": false, + "properties": { + "InteractiveLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for interactive layout configuration.", + "title": "InteractiveLayoutConfiguration" + }, + "PaginatedLayoutConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", + "title": "PaginatedLayoutConfiguration" + }, + "SheetContentType": { + "markdownDescription": "The option that determines the sheet content type.", + "title": "SheetContentType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "SectionBased": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration", + "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", + "title": "SectionBased" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `RelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "Determines the screen canvas size options for a section-based layout.", + "title": "CanvasSizeOptions" + } + }, + "required": [ + "CanvasSizeOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DefaultSliderControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "MaximumValue", + "MinimumValue", + "StepSize" + ], + "type": "object" + }, + "AWS::QuickSight::Template.DefaultTextAreaControlOptions": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DefaultTextFieldControlOptions": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DestinationParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValuesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomValuesConfiguration", + "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", + "title": "CustomValuesConfiguration" + }, + "SelectAllValueOptions": { + "markdownDescription": "The configuration that selects all options.", + "title": "SelectAllValueOptions", + "type": "string" + }, + "SourceColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "A column of a data set.", + "title": "SourceColumn" + }, + "SourceField": { + "markdownDescription": "The source field ID of the destination parameter.", + "title": "SourceField", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the destination parameter.", + "title": "SourceParameterName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DimensionField": { + "additionalProperties": false, + "properties": { + "CategoricalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalDimensionField", + "markdownDescription": "The dimension type field with categorical type columns.", + "title": "CategoricalDimensionField" + }, + "DateDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateDimensionField", + "markdownDescription": "The dimension type field with date type columns.", + "title": "DateDimensionField" + }, + "NumericalDimensionField": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalDimensionField", + "markdownDescription": "The dimension type field with numerical type columns.", + "title": "NumericalDimensionField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DonutCenterOptions": { + "additionalProperties": false, + "properties": { + "LabelVisibility": { + "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", + "title": "LabelVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DonutOptions": { + "additionalProperties": false, + "properties": { + "ArcOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcOptions", + "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", + "title": "ArcOptions" + }, + "DonutCenterOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DonutCenterOptions", + "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", + "title": "DonutCenterOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DrillDownFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryDrillDownFilter", + "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", + "title": "CategoryFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityDrillDownFilter", + "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", + "title": "NumericEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeDrillDownFilter", + "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", + "title": "TimeRangeFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DropDownControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.DynamicDefaultValue": { + "additionalProperties": false, + "properties": { + "DefaultValueColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the default value of each user or group.", + "title": "DefaultValueColumn" + }, + "GroupNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the group name.", + "title": "GroupNameColumn" + }, + "UserNameColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that contains the username.", + "title": "UserNameColumn" + } + }, + "required": [ + "DefaultValueColumn" + ], + "type": "object" + }, + "AWS::QuickSight::Template.EmptyVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", + "title": "DataSetIdentifier", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.Entity": { + "additionalProperties": false, + "properties": { + "Path": { + "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ExcludePeriodConfiguration": { + "additionalProperties": false, + "properties": { + "Amount": { + "markdownDescription": "The amount or number of the exclude period.", + "title": "Amount", + "type": "number" + }, + "Granularity": { + "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", + "title": "Granularity", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Amount", + "Granularity" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ExplicitHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the explicit hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the explicit hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FieldBasedTooltip": { + "additionalProperties": false, + "properties": { + "AggregationVisibility": { + "markdownDescription": "The visibility of `Show aggregations` .", + "title": "AggregationVisibility", + "type": "object" + }, + "TooltipFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipItem" + }, + "markdownDescription": "The fields configuration in the tooltip.", + "title": "TooltipFields", + "type": "array" + }, + "TooltipTitleType": { + "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", + "title": "TooltipTitleType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FieldLabelType": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "Indicates the field that is targeted by the field label.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the field label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FieldSeriesItem": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis that you are binding the field to.", + "title": "AxisBinding", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the field for which you are setting the axis binding.", + "title": "FieldId", + "type": "string" + }, + "Settings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", + "markdownDescription": "The options that determine the presentation of line series associated to the field.", + "title": "Settings" + } + }, + "required": [ + "AxisBinding", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FieldSort": { + "additionalProperties": false, + "properties": { + "Direction": { + "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", + "title": "Direction", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The sort configuration target field.", + "title": "FieldId", + "type": "string" + } + }, + "required": [ + "Direction", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FieldSortOptions": { + "additionalProperties": false, + "properties": { + "ColumnSort": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", + "markdownDescription": "The sort configuration for a column that is not used in a field well.", + "title": "ColumnSort" + }, + "FieldSort": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", + "markdownDescription": "The sort configuration for a field in a field well.", + "title": "FieldSort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FieldTooltipItem": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", + "title": "FieldId", + "type": "string" + }, + "Label": { + "markdownDescription": "The label of the tooltip item.", + "title": "Label", + "type": "string" + }, + "TooltipTarget": { + "markdownDescription": "Determines the target of the field tooltip item in a combo chart visual.", + "title": "TooltipTarget", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip item.", + "title": "Visibility", + "type": "object" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "required": [ + "ConditionalFormattingOptions" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Shape": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapShapeConditionalFormatting", + "markdownDescription": "The conditional formatting that determines the shape of the filled map.", + "title": "Shape" + } + }, + "required": [ + "Shape" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the filled map visual.", + "title": "MapStyleOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapSortConfiguration", + "markdownDescription": "The sort configuration of a `FilledMapVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", + "markdownDescription": "The window options of the filled map visual.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapFieldWells": { + "additionalProperties": false, + "properties": { + "FilledMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well of the filled map.", + "title": "FilledMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapShapeConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the filled map shape.", + "title": "FieldId", + "type": "string" + }, + "Format": { + "$ref": "#/definitions/AWS::QuickSight::Template.ShapeConditionalFormat", + "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", + "title": "Format" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the location fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilledMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormatting", + "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.Filter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilter", + "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", + "title": "CategoryFilter" + }, + "NestedFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NestedFilter", + "markdownDescription": "A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.", + "title": "NestedFilter" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityFilter", + "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilter", + "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", + "title": "NumericRangeFilter" + }, + "RelativeDatesFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDatesFilter", + "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", + "title": "RelativeDatesFilter" + }, + "TimeEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeEqualityFilter", + "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", + "title": "TimeEqualityFilter" + }, + "TimeRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilter", + "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", + "title": "TimeRangeFilter" + }, + "TopBottomFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomFilter", + "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", + "title": "TopBottomFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterControl": { + "additionalProperties": false, + "properties": { + "CrossSheet": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterCrossSheetControl", + "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", + "title": "CrossSheet" + }, + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterDateTimePickerControl", + "markdownDescription": "A control from a date filter that is used to specify date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterListControl", + "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", + "title": "List" + }, + "RelativeDateTime": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterRelativeDateTimeControl", + "markdownDescription": "A control from a date filter that is used to specify the relative date.", + "title": "RelativeDateTime" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterCrossSheetControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterCrossSheetControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", + "title": "SourceFilterId", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configurationof the Apply button on a `DateTimePickerControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDateTimePickerControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterDropDownControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of the `FilterDropDownControl` .", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterDropDownControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterGroup": { + "additionalProperties": false, + "properties": { + "CrossDataset": { + "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", + "title": "CrossDataset", + "type": "string" + }, + "FilterGroupId": { + "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", + "title": "FilterGroupId", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Filter" + }, + "markdownDescription": "The list of filters that are present in a `FilterGroup` .", + "title": "Filters", + "type": "array" + }, + "ScopeConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterScopeConfiguration", + "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ScopeConfiguration" + }, + "Status": { + "markdownDescription": "The status of the `FilterGroup` .", + "title": "Status", + "type": "string" + } + }, + "required": [ + "CrossDataset", + "FilterGroupId", + "Filters", + "ScopeConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterListConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of category values for the filter.", + "title": "CategoryValues", + "type": "array" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "MatchOperator" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterListControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterListControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterListControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration": { + "additionalProperties": false, + "properties": { + "SelectedColumns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The selected columns of a dataset.", + "title": "SelectedColumns", + "type": "array" + }, + "SelectedFieldOptions": { + "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", + "title": "SelectedFieldOptions", + "type": "string" + }, + "SelectedFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", + "title": "SelectedFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration": { + "additionalProperties": false, + "properties": { + "SameSheetTargetVisualConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SameSheetTargetVisualConfiguration", + "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", + "title": "SameSheetTargetVisualConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterRelativeDateTimeControl": { + "additionalProperties": false, + "properties": { + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "AllSheets": { + "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", + "title": "AllSheets", + "type": "object" + }, + "SelectedSheets": { + "$ref": "#/definitions/AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration", + "markdownDescription": "The configuration for applying a filter to specific sheets.", + "title": "SelectedSheets" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterSelectableValues": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in the `FilterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FilterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterSliderControl` .", + "title": "FilterControlId", + "type": "string" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterSliderControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `FilterSliderControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "MaximumValue", + "MinimumValue", + "SourceFilterId", + "StepSize", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterTextAreaControl": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextAreaControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FilterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "FilterControlId": { + "markdownDescription": "The ID of the `FilterTextFieldControl` .", + "title": "FilterControlId", + "type": "string" + }, + "SourceFilterId": { + "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", + "title": "SourceFilterId", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `FilterTextFieldControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "FilterControlId", + "SourceFilterId", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FontConfiguration": { + "additionalProperties": false, + "properties": { + "FontColor": { + "markdownDescription": "Determines the color of the text.", + "title": "FontColor", + "type": "string" + }, + "FontDecoration": { + "markdownDescription": "Determines the appearance of decorative lines on the text.", + "title": "FontDecoration", + "type": "string" + }, + "FontFamily": { + "markdownDescription": "The font family that you want to use.", + "title": "FontFamily", + "type": "string" + }, + "FontSize": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontSize", + "markdownDescription": "The option that determines the text display size.", + "title": "FontSize" + }, + "FontStyle": { + "markdownDescription": "Determines the text display face that is inherited by the given font family.", + "title": "FontStyle", + "type": "string" + }, + "FontWeight": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontWeight", + "markdownDescription": "The option that determines the text display weight, or boldness.", + "title": "FontWeight" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FontSize": { + "additionalProperties": false, + "properties": { + "Absolute": { + "markdownDescription": "The font size that you want to use in px.", + "title": "Absolute", + "type": "string" + }, + "Relative": { + "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", + "title": "Relative", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FontWeight": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The lexical name for the level of boldness of the text display.", + "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ForecastComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "CustomSeasonalityValue": { + "markdownDescription": "The custom seasonality value setup of a forecast computation.", + "title": "CustomSeasonalityValue", + "type": "number" + }, + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", + "title": "Seasonality", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ForecastConfiguration": { + "additionalProperties": false, + "properties": { + "ForecastProperties": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeBasedForecastProperties", + "markdownDescription": "The forecast properties setup of a forecast in the line chart.", + "title": "ForecastProperties" + }, + "Scenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastScenario", + "markdownDescription": "The forecast scenario of a forecast in the line chart.", + "title": "Scenario" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ForecastScenario": { + "additionalProperties": false, + "properties": { + "WhatIfPointScenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfPointScenario", + "markdownDescription": "The what-if analysis forecast setup with the target date.", + "title": "WhatIfPointScenario" + }, + "WhatIfRangeScenario": { + "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfRangeScenario", + "markdownDescription": "The what-if analysis forecast setup with the date range.", + "title": "WhatIfRangeScenario" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FormatConfiguration": { + "additionalProperties": false, + "properties": { + "DateTimeFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", + "markdownDescription": "Formatting configuration for `DateTime` fields.", + "title": "DateTimeFormatConfiguration" + }, + "NumberFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "Formatting configuration for number fields.", + "title": "NumberFormatConfiguration" + }, + "StringFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", + "markdownDescription": "Formatting configuration for string fields.", + "title": "StringFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in a free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutElement": { + "additionalProperties": false, + "properties": { + "BackgroundStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle", + "markdownDescription": "The background style configuration of a free-form layout element.", + "title": "BackgroundStyle" + }, + "BorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element.", + "title": "BorderStyle" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a free-form layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "Height": { + "markdownDescription": "The height of an element within a free-form layout.", + "title": "Height", + "type": "string" + }, + "LoadingAnimation": { + "$ref": "#/definitions/AWS::QuickSight::Template.LoadingAnimation", + "markdownDescription": "The loading animation configuration of a free-form layout element.", + "title": "LoadingAnimation" + }, + "RenderingRules": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementRenderingRule" + }, + "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", + "title": "RenderingRules", + "type": "array" + }, + "SelectedBorderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", + "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", + "title": "SelectedBorderStyle" + }, + "Visibility": { + "markdownDescription": "The visibility of an element within a free-form layout.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width of an element within a free-form layout.", + "title": "Width", + "type": "string" + }, + "XAxisLocation": { + "markdownDescription": "The x-axis coordinate of the element.", + "title": "XAxisLocation", + "type": "string" + }, + "YAxisLocation": { + "markdownDescription": "The y-axis coordinate of the element.", + "title": "YAxisLocation", + "type": "string" + } + }, + "required": [ + "ElementId", + "ElementType", + "Height", + "Width", + "XAxisLocation", + "YAxisLocation" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The background color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The background visibility of a free-form layout element.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The border color of a free-form layout element.", + "title": "Color", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The border visibility of a free-form layout element.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" + } + }, + "required": [ + "OptimizedViewPortWidth" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" + }, + "markdownDescription": "The elements that are included in the free-form layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", + "title": "CategoryLabelOptions" + }, + "DataLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartDataLabelOptions", + "markdownDescription": "The options that determine the presentation of the data labels.", + "title": "DataLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartSortConfiguration", + "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartDataLabelOptions": { + "additionalProperties": false, + "properties": { + "CategoryLabelVisibility": { + "markdownDescription": "The visibility of the category labels within the data labels.", + "title": "CategoryLabelVisibility", + "type": "object" + }, + "LabelColor": { + "markdownDescription": "The color of the data label text.", + "title": "LabelColor", + "type": "string" + }, + "LabelFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", + "title": "LabelFontConfiguration" + }, + "MeasureDataLabelStyle": { + "markdownDescription": "Determines the style of the metric labels.", + "title": "MeasureDataLabelStyle", + "type": "string" + }, + "MeasureLabelVisibility": { + "markdownDescription": "The visibility of the measure labels within the data labels.", + "title": "MeasureLabelVisibility", + "type": "object" + }, + "Position": { + "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", + "title": "Position", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility option that determines if data labels are displayed.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartFieldWells": { + "additionalProperties": false, + "properties": { + "FunnelChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", + "title": "FunnelChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories displayed.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.FunnelChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartConfiguration", + "markdownDescription": "The configuration of a `FunnelChartVisual` .", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartArcConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the arc foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color configuration of a `GaugeChartVisual` .", + "title": "BackgroundColor", + "type": "string" + }, + "ForegroundColor": { + "markdownDescription": "The foreground color configuration of a `GaugeChartVisual` .", + "title": "ForegroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartArcConditionalFormatting", + "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", + "title": "Arc" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", + "title": "PrimaryValue" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartConfiguration": { + "additionalProperties": false, + "properties": { + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartColorConfiguration", + "markdownDescription": "The color configuration of a `GaugeChartVisual` .", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartFieldWells", + "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", + "title": "FieldWells" + }, + "GaugeChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartOptions", + "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", + "title": "GaugeChartOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "TooltipOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", + "title": "TooltipOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", + "title": "TargetValues", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a `GaugeChartVisual` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartOptions": { + "additionalProperties": false, + "properties": { + "Arc": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcConfiguration", + "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", + "title": "Arc" + }, + "ArcAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisConfiguration", + "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", + "title": "ArcAxis" + }, + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GaugeChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConfiguration", + "markdownDescription": "The configuration of a `GaugeChartVisual` .", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormatting", + "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialCoordinateBounds": { + "additionalProperties": false, + "properties": { + "East": { + "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", + "title": "East", + "type": "number" + }, + "North": { + "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", + "title": "North", + "type": "number" + }, + "South": { + "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", + "title": "South", + "type": "number" + }, + "West": { + "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", + "title": "West", + "type": "number" + } + }, + "required": [ + "East", + "North", + "South", + "West" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialHeatmapColorScale": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapDataColor" + }, + "markdownDescription": "The list of colors to be used in heatmap point style.", + "title": "Colors", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialHeatmapConfiguration": { + "additionalProperties": false, + "properties": { + "HeatmapColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapColorScale", + "markdownDescription": "The color scale specification for the heatmap point style.", + "title": "HeatmapColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialHeatmapDataColor": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color to be used in the heatmap point style.", + "title": "Color", + "type": "string" + } + }, + "required": [ + "Color" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color field wells of a geospatial map.", + "title": "Colors", + "type": "array" + }, + "Geospatial": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", + "title": "Geospatial", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "MapStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", + "markdownDescription": "The map style options of the geospatial map.", + "title": "MapStyleOptions" + }, + "PointStyleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialPointStyleOptions", + "markdownDescription": "The point style options of the geospatial map.", + "title": "PointStyleOptions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "", + "title": "VisualPalette" + }, + "WindowOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", + "markdownDescription": "The window options of the geospatial map.", + "title": "WindowOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapFieldWells": { + "additionalProperties": false, + "properties": { + "GeospatialMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells", + "markdownDescription": "The aggregated field well for a geospatial map.", + "title": "GeospatialMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapStyleOptions": { + "additionalProperties": false, + "properties": { + "BaseMapStyle": { + "markdownDescription": "The base map style of the geospatial map.", + "title": "BaseMapStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialPointStyleOptions": { + "additionalProperties": false, + "properties": { + "ClusterMarkerConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarkerConfiguration", + "markdownDescription": "The cluster marker configuration of the geospatial point style.", + "title": "ClusterMarkerConfiguration" + }, + "HeatmapConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapConfiguration", + "markdownDescription": "The heatmap configuration of the geospatial point style.", + "title": "HeatmapConfiguration" + }, + "SelectedPointStyle": { + "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", + "title": "SelectedPointStyle", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GeospatialWindowOptions": { + "additionalProperties": false, + "properties": { + "Bounds": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialCoordinateBounds", + "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", + "title": "Bounds" + }, + "MapZoomMode": { + "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", + "title": "MapZoomMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GlobalTableBorderOptions": { + "additionalProperties": false, + "properties": { + "SideSpecificBorder": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableSideBorderOptions", + "markdownDescription": "Determines the options for side specific border.", + "title": "SideSpecificBorder" + }, + "UniformBorder": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "Determines the options for uniform border.", + "title": "UniformBorder" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GradientColor": { + "additionalProperties": false, + "properties": { + "Stops": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GradientStop" + }, + "markdownDescription": "The list of gradient color stops.", + "title": "Stops", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GradientStop": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "Determines the color.", + "title": "Color", + "type": "string" + }, + "DataValue": { + "markdownDescription": "Determines the data value.", + "title": "DataValue", + "type": "number" + }, + "GradientOffset": { + "markdownDescription": "Determines gradient offset value.", + "title": "GradientOffset", + "type": "number" + } + }, + "required": [ + "GradientOffset" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GridLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "ScreenCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions", + "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", + "title": "ScreenCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.GridLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", + "markdownDescription": "", + "title": "CanvasSizeOptions" + }, + "Elements": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutElement" + }, + "markdownDescription": "The elements that are included in a grid layout.", + "title": "Elements", + "type": "array" + } + }, + "required": [ + "Elements" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GridLayoutElement": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The column index for the upper left corner of an element.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnSpan": { + "markdownDescription": "The width of a grid element expressed as a number of grid columns.", + "title": "ColumnSpan", + "type": "number" + }, + "ElementId": { + "markdownDescription": "A unique identifier for an element within a grid layout.", + "title": "ElementId", + "type": "string" + }, + "ElementType": { + "markdownDescription": "The type of element.", + "title": "ElementType", + "type": "string" + }, + "RowIndex": { + "markdownDescription": "The row index for the upper left corner of an element.", + "title": "RowIndex", + "type": "number" + }, + "RowSpan": { + "markdownDescription": "The height of a grid element expressed as a number of grid rows.", + "title": "RowSpan", + "type": "number" + } + }, + "required": [ + "ColumnSpan", + "ElementId", + "ElementType", + "RowSpan" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "OptimizedViewPortWidth": { + "markdownDescription": "The width that the view port will be optimized for when the layout renders.", + "title": "OptimizedViewPortWidth", + "type": "string" + }, + "ResizeOption": { + "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", + "title": "ResizeOption", + "type": "string" + } + }, + "required": [ + "ResizeOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.GrowthRateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodSize": { + "markdownDescription": "The period size setup of a growth rate computation.", + "title": "PeriodSize", + "type": "number" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.HeaderFooterSectionConfiguration": { + "additionalProperties": false, + "properties": { + "Layout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", + "markdownDescription": "The layout configuration of the header or footer section.", + "title": "Layout" + }, + "SectionId": { + "markdownDescription": "The unique identifier of the header or footer section.", + "title": "SectionId", + "type": "string" + }, + "Style": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", + "markdownDescription": "The style options of a header or footer section.", + "title": "Style" + } + }, + "required": [ + "Layout", + "SectionId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.HeatMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The columns field well of a heat map.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The rows field well of a heat map.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well of a heat map.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HeatMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", + "title": "ColorScale" + }, + "ColumnLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the column that is displayed in a heat map.", + "title": "ColumnLabelOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "RowLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the row that is displayed in a `heat map` .", + "title": "RowLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapSortConfiguration", + "markdownDescription": "The sort configuration of a heat map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HeatMapFieldWells": { + "additionalProperties": false, + "properties": { + "HeatMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a heat map.", + "title": "HeatMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HeatMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "HeatMapColumnItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", + "title": "HeatMapColumnItemsLimitConfiguration" + }, + "HeatMapColumnSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", + "title": "HeatMapColumnSort", + "type": "array" + }, + "HeatMapRowItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", + "title": "HeatMapRowItemsLimitConfiguration" + }, + "HeatMapRowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The field sort configuration of the rows fields.", + "title": "HeatMapRowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HeatMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapConfiguration", + "markdownDescription": "The configuration of a heat map.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.HistogramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HistogramBinOptions": { + "additionalProperties": false, + "properties": { + "BinCount": { + "$ref": "#/definitions/AWS::QuickSight::Template.BinCountOptions", + "markdownDescription": "The options that determine the bin count of a histogram.", + "title": "BinCount" + }, + "BinWidth": { + "$ref": "#/definitions/AWS::QuickSight::Template.BinWidthOptions", + "markdownDescription": "The options that determine the bin width of a histogram.", + "title": "BinWidth" + }, + "SelectedBinType": { + "markdownDescription": "The options that determine the selected bin type.", + "title": "SelectedBinType", + "type": "string" + }, + "StartValue": { + "markdownDescription": "The options that determine the bin start value.", + "title": "StartValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HistogramConfiguration": { + "additionalProperties": false, + "properties": { + "BinOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramBinOptions", + "markdownDescription": "The options that determine the presentation of histogram bins.", + "title": "BinOptions" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a histogram.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a histogram.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a histogram.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "YAxisDisplayOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HistogramFieldWells": { + "additionalProperties": false, + "properties": { + "HistogramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a histogram.", + "title": "HistogramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.HistogramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramConfiguration", + "markdownDescription": "The configuration for a `HistogramVisual` .", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ImageCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageCustomActionOperation" + }, + "markdownDescription": "A list of `ImageCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the custom action.", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the custom action.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the custom action.", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ImageCustomActionOperation": { + "additionalProperties": false, + "properties": { + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", + "markdownDescription": "", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", + "markdownDescription": "", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", + "markdownDescription": "", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ImageInteractionOptions": { + "additionalProperties": false, + "properties": { + "ImageMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageMenuOption", + "markdownDescription": "The menu options for the image.", + "title": "ImageMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ImageMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.InnerFilter": { + "additionalProperties": false, + "properties": { + "CategoryInnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoryInnerFilter", + "markdownDescription": "A `CategoryInnerFilter` filters text values for the `NestedFilter` .", + "title": "CategoryInnerFilter" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.InsightConfiguration": { + "additionalProperties": false, + "properties": { + "Computations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Computation" + }, + "markdownDescription": "The computations configurations of the insight visual", + "title": "Computations", + "type": "array" + }, + "CustomNarrative": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomNarrativeOptions", + "markdownDescription": "The custom narrative of the insight visual.", + "title": "CustomNarrative" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.InsightVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "DataSetIdentifier": { + "markdownDescription": "The dataset that is used in the insight visual.", + "title": "DataSetIdentifier", + "type": "string" + }, + "InsightConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.InsightConfiguration", + "markdownDescription": "The configuration of an insight visual.", + "title": "InsightConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.IntegerDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "number" + }, + "markdownDescription": "The static values of the `IntegerDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.IntegerParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "number" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", + "title": "ItemsLimit", + "type": "number" + }, + "OtherCategories": { + "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", + "title": "OtherCategories", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIActualValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the actual value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the actual value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the comparison value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the comparison value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormattingOption" + }, + "markdownDescription": "The conditional formatting options of a KPI visual.", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "ActualValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIActualValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", + "title": "ActualValue" + }, + "ComparisonValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", + "title": "ComparisonValue" + }, + "PrimaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting", + "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", + "title": "PrimaryValue" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIProgressBarConditionalFormatting", + "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", + "title": "ProgressBar" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIFieldWells", + "markdownDescription": "The field well configuration of a KPI visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "KPIOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIOptions", + "markdownDescription": "The options that determine the presentation of a KPI visual.", + "title": "KPIOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPISortConfiguration", + "markdownDescription": "The sort configuration of a KPI visual.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIFieldWells": { + "additionalProperties": false, + "properties": { + "TargetValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The target value field wells of a KPI visual.", + "title": "TargetValues", + "type": "array" + }, + "TrendGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The trend group field wells of a KPI visual.", + "title": "TrendGroups", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a KPI visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIOptions": { + "additionalProperties": false, + "properties": { + "Comparison": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", + "markdownDescription": "The comparison configuration of a KPI visual.", + "title": "Comparison" + }, + "PrimaryValueDisplayType": { + "markdownDescription": "The options that determine the primary value display type.", + "title": "PrimaryValueDisplayType", + "type": "string" + }, + "PrimaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the primary value font configuration.", + "title": "PrimaryValueFontConfiguration" + }, + "ProgressBar": { + "$ref": "#/definitions/AWS::QuickSight::Template.ProgressBarOptions", + "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", + "title": "ProgressBar" + }, + "SecondaryValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.SecondaryValueOptions", + "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", + "title": "SecondaryValue" + }, + "SecondaryValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The options that determine the secondary value font configuration.", + "title": "SecondaryValueFontConfiguration" + }, + "Sparkline": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPISparklineOptions", + "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", + "title": "Sparkline" + }, + "TrendArrows": { + "$ref": "#/definitions/AWS::QuickSight::Template.TrendArrowOptions", + "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", + "title": "TrendArrows" + }, + "VisualLayoutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualLayoutOptions", + "markdownDescription": "The options that determine the layout a KPI visual.", + "title": "VisualLayoutOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting": { + "additionalProperties": false, + "properties": { + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting of the primary value's icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the primary value's text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIProgressBarConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ForegroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting of the progress bar's foreground color.", + "title": "ForegroundColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPISortConfiguration": { + "additionalProperties": false, + "properties": { + "TrendGroupSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the trend group fields.", + "title": "TrendGroupSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPISparklineOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the sparkline.", + "title": "Color", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "The tooltip visibility of the sparkline.", + "title": "TooltipVisibility", + "type": "object" + }, + "Type": { + "markdownDescription": "The type of the sparkline.", + "title": "Type", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the sparkline.", + "title": "Visibility", + "type": "object" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.KPIVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConfiguration", + "markdownDescription": "The configuration of a KPI visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormatting", + "markdownDescription": "The conditional formatting of a KPI visual.", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.KPIVisualLayoutOptions": { + "additionalProperties": false, + "properties": { + "StandardLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualStandardLayout", + "markdownDescription": "The standard layout of the KPI visual.", + "title": "StandardLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.KPIVisualStandardLayout": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The standard layout type.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.LabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The text for the label.", + "title": "CustomLabel", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the label.", + "title": "FontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the label is visible.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.Layout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LayoutConfiguration", + "markdownDescription": "The configuration that determines what the type of layout for a sheet.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.LayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutConfiguration", + "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", + "title": "FreeFormLayout" + }, + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", + "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", + "title": "GridLayout" + }, + "SectionBasedLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutConfiguration", + "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", + "title": "SectionBasedLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LegendOptions": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", + "title": "Height", + "type": "string" + }, + "Position": { + "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", + "title": "Position", + "type": "string" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The custom title for the legend.", + "title": "Title" + }, + "ValueFontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "", + "title": "ValueFontConfiguration" + }, + "Visibility": { + "markdownDescription": "Determines whether or not the legend is visible.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", + "title": "Width", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", + "title": "Category", + "type": "array" + }, + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", + "title": "Colors", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a line chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartConfiguration": { + "additionalProperties": false, + "properties": { + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The default configuration of a line chart's contribution analysis.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a line chart.", + "title": "DataLabels" + }, + "DefaultSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartDefaultSeriesSettings", + "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", + "title": "DefaultSeriesSettings" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "FieldWells" + }, + "ForecastConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ForecastConfiguration" + }, + "markdownDescription": "The forecast configuration of a line chart.", + "title": "ForecastConfigurations", + "type": "array" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend configuration of a line chart.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "ReferenceLines": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" + }, + "markdownDescription": "The reference lines configuration of a line chart.", + "title": "ReferenceLines", + "type": "array" + }, + "SecondaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", + "markdownDescription": "The series axis configuration of a line chart.", + "title": "SecondaryYAxisDisplayOptions" + }, + "SecondaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", + "title": "SecondaryYAxisLabelOptions" + }, + "Series": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SeriesItem" + }, + "markdownDescription": "The series item configuration of a line chart.", + "title": "Series", + "type": "array" + }, + "SingleAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SingleAxisOptions", + "markdownDescription": "", + "title": "SingleAxisOptions" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSortConfiguration", + "markdownDescription": "The sort configuration of a line chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip configuration of a line chart.", + "title": "Tooltip" + }, + "Type": { + "markdownDescription": "Determines the type of the line chart.", + "title": "Type", + "type": "string" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a line chart.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the x-axis label.", + "title": "XAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartDefaultSeriesSettings": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis to which you are binding all line series to.", + "title": "AxisBinding", + "type": "string" + }, + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for all line series in the visual.", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for all line series in the visual.", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartFieldWells": { + "additionalProperties": false, + "properties": { + "LineChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a line chart.", + "title": "LineChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartLineStyleSettings": { + "additionalProperties": false, + "properties": { + "LineInterpolation": { + "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", + "title": "LineInterpolation", + "type": "string" + }, + "LineStyle": { + "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", + "title": "LineStyle", + "type": "string" + }, + "LineVisibility": { + "markdownDescription": "Configuration option that determines whether to show the line for the series.", + "title": "LineVisibility", + "type": "object" + }, + "LineWidth": { + "markdownDescription": "Width that determines the line thickness.", + "title": "LineWidth", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartMarkerStyleSettings": { + "additionalProperties": false, + "properties": { + "MarkerColor": { + "markdownDescription": "Color of marker in the series.", + "title": "MarkerColor", + "type": "string" + }, + "MarkerShape": { + "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", + "title": "MarkerShape", + "type": "string" + }, + "MarkerSize": { + "markdownDescription": "Size of marker in the series.", + "title": "MarkerSize", + "type": "string" + }, + "MarkerVisibility": { + "markdownDescription": "Configuration option that determines whether to show the markers in the series.", + "title": "MarkerVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "LineStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", + "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", + "title": "LineStyleSettings" + }, + "MarkerStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", + "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", + "title": "MarkerStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", + "title": "CategoryItemsLimitConfiguration" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", + "title": "ColorItemsLimitConfiguration" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LineChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartConfiguration", + "markdownDescription": "The configuration of a line chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.LineSeriesAxisDisplayOptions": { + "additionalProperties": false, + "properties": { + "AxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the line series axis.", + "title": "AxisOptions" + }, + "MissingDataConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MissingDataConfiguration" + }, + "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", + "title": "MissingDataConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ListControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "SearchOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSearchOptions", + "markdownDescription": "The configuration of the search options in a list control.", + "title": "SearchOptions" + }, + "SelectAllOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", + "markdownDescription": "The configuration of the `Select all` options in a list control.", + "title": "SelectAllOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ListControlSearchOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the search options in a list control.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ListControlSelectAllOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LoadingAnimation": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of `LoadingAnimation` .", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.LocalNavigationConfiguration": { + "additionalProperties": false, + "properties": { + "TargetSheetId": { + "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", + "title": "TargetSheetId", + "type": "string" + } + }, + "required": [ + "TargetSheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.LongFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.MappedDataSetParameter": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", + "title": "DataSetIdentifier", + "type": "string" + }, + "DataSetParameterName": { + "markdownDescription": "The name of the dataset parameter.", + "title": "DataSetParameterName", + "type": "string" + } + }, + "required": [ + "DataSetIdentifier", + "DataSetParameterName" + ], + "type": "object" + }, + "AWS::QuickSight::Template.MaximumLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the maximum label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.MaximumMinimumComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.MeasureField": { + "additionalProperties": false, + "properties": { + "CalculatedMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedMeasureField", + "markdownDescription": "The calculated measure field only used in pivot tables.", + "title": "CalculatedMeasureField" + }, + "CategoricalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalMeasureField", + "markdownDescription": "The measure type field with categorical type columns.", + "title": "CategoricalMeasureField" + }, + "DateMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateMeasureField", + "markdownDescription": "The measure type field with date type columns.", + "title": "DateMeasureField" + }, + "NumericalMeasureField": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalMeasureField", + "markdownDescription": "The measure type field with numerical type columns.", + "title": "NumericalMeasureField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.MetricComparisonComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "FromValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The field that is used in a metric comparison from value setup.", + "title": "FromValue" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "TargetValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The field that is used in a metric comparison to value setup.", + "title": "TargetValue" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.MinimumLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the minimum label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.MissingDataConfiguration": { + "additionalProperties": false, + "properties": { + "TreatmentOption": { + "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", + "title": "TreatmentOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NegativeValueConfiguration": { + "additionalProperties": false, + "properties": { + "DisplayMode": { + "markdownDescription": "Determines the display mode of the negative value configuration.", + "title": "DisplayMode", + "type": "string" + } + }, + "required": [ + "DisplayMode" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NestedFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeInnerSet": { + "markdownDescription": "A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter.", + "title": "IncludeInnerSet", + "type": "boolean" + }, + "InnerFilter": { + "$ref": "#/definitions/AWS::QuickSight::Template.InnerFilter", + "markdownDescription": "The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .", + "title": "InnerFilter" + } + }, + "required": [ + "Column", + "FilterId", + "IncludeInnerSet", + "InnerFilter" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NullValueFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullString": { + "markdownDescription": "Determines the null string of null values.", + "title": "NullString", + "type": "string" + } + }, + "required": [ + "NullString" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NumberDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumberScale": { + "markdownDescription": "Determines the number scale value of the number format.", + "title": "NumberScale", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the number format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the number format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumberFormatConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The options that determine the numeric format configuration.", + "title": "FormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericAxisOptions": { + "additionalProperties": false, + "properties": { + "Range": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayRange", + "markdownDescription": "The range setup of a numeric axis.", + "title": "Range" + }, + "Scale": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisScale", + "markdownDescription": "The scale setup of a numeric axis.", + "title": "Scale" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericEqualityDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "Value": { + "markdownDescription": "The value of the double input numeric drill down filter.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Column", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NumericEqualityFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MatchOperator": { + "markdownDescription": "The match operator that is used to determine if a filter should be applied.", + "title": "MatchOperator", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + }, + "Value": { + "markdownDescription": "The input value.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Column", + "FilterId", + "MatchOperator", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NumericFormatConfiguration": { + "additionalProperties": false, + "properties": { + "CurrencyDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration", + "markdownDescription": "The options that determine the currency display format configuration.", + "title": "CurrencyDisplayFormatConfiguration" + }, + "NumberDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", + "markdownDescription": "The options that determine the number display format configuration.", + "title": "NumberDisplayFormatConfiguration" + }, + "PercentageDisplayFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", + "markdownDescription": "The options that determine the percentage display format configuration.", + "title": "PercentageDisplayFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericRangeFilter": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function of the filter.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximum": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum" + }, + "RangeMinimum": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum" + }, + "SelectAllOptions": { + "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", + "title": "SelectAllOptions", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NumericRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter that is used in the numeric range.", + "title": "Parameter", + "type": "string" + }, + "StaticValue": { + "markdownDescription": "The static value of the numeric range filter.", + "title": "StaticValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericSeparatorConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "ThousandsSeparator": { + "$ref": "#/definitions/AWS::QuickSight::Template.ThousandSeparatorOptions", + "markdownDescription": "The options that determine the thousands separator configuration.", + "title": "ThousandsSeparator" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericalAggregationFunction": { + "additionalProperties": false, + "properties": { + "PercentileAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentileAggregation", + "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", + "title": "PercentileAggregation" + }, + "SimpleNumericalAggregation": { + "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", + "title": "SimpleNumericalAggregation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.NumericalDimensionField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalDimensionField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + }, + "HierarchyId": { + "markdownDescription": "The custom hierarchy ID.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.NumericalMeasureField": { + "additionalProperties": false, + "properties": { + "AggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "The aggregation function of the measure field.", + "title": "AggregationFunction" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `NumericalMeasureField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PaginationConfiguration": { + "additionalProperties": false, + "properties": { + "PageNumber": { + "markdownDescription": "Indicates the page number.", + "title": "PageNumber", + "type": "number" + }, + "PageSize": { + "markdownDescription": "Indicates how many items render in one page.", + "title": "PageSize", + "type": "number" + } + }, + "required": [ + "PageNumber", + "PageSize" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PanelConfiguration": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "Sets the background color for each panel.", + "title": "BackgroundColor", + "type": "string" + }, + "BackgroundVisibility": { + "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", + "title": "BackgroundVisibility", + "type": "object" + }, + "BorderColor": { + "markdownDescription": "Sets the line color of panel borders.", + "title": "BorderColor", + "type": "string" + }, + "BorderStyle": { + "markdownDescription": "Sets the line style of panel borders.", + "title": "BorderStyle", + "type": "string" + }, + "BorderThickness": { + "markdownDescription": "Sets the line thickness of panel borders.", + "title": "BorderThickness", + "type": "string" + }, + "BorderVisibility": { + "markdownDescription": "Determines whether or not each panel displays a border.", + "title": "BorderVisibility", + "type": "object" + }, + "GutterSpacing": { + "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", + "title": "GutterSpacing", + "type": "string" + }, + "GutterVisibility": { + "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", + "title": "GutterVisibility", + "type": "object" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.PanelTitleOptions", + "markdownDescription": "Configures the title display within each small multiples panel.", + "title": "Title" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PanelTitleOptions": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "", + "title": "FontConfiguration" + }, + "HorizontalTextAlignment": { + "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines whether or not panel titles are displayed.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ParameterControl": { + "additionalProperties": false, + "properties": { + "DateTimePicker": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDateTimePickerControl", + "markdownDescription": "A control from a date parameter that specifies date and time.", + "title": "DateTimePicker" + }, + "Dropdown": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDropDownControl", + "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", + "title": "Dropdown" + }, + "List": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterListControl", + "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", + "title": "List" + }, + "Slider": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSliderControl", + "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", + "title": "Slider" + }, + "TextArea": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextAreaControl", + "markdownDescription": "A control to display a text box that is used to enter multiple entries.", + "title": "TextArea" + }, + "TextField": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextFieldControl", + "markdownDescription": "A control to display a text box that is used to enter a single entry.", + "title": "TextField" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ParameterDateTimePickerControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DateTimeParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeParameterDeclaration", + "markdownDescription": "A parameter declaration for the `DateTime` data type.", + "title": "DateTimeParameterDeclaration" + }, + "DecimalParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Decimal` data type.", + "title": "DecimalParameterDeclaration" + }, + "IntegerParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.IntegerParameterDeclaration", + "markdownDescription": "A parameter declaration for the `Integer` data type.", + "title": "IntegerParameterDeclaration" + }, + "StringParameterDeclaration": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringParameterDeclaration", + "markdownDescription": "A parameter declaration for the `String` data type.", + "title": "StringParameterDeclaration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ParameterDropDownControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "CommitMode": { + "markdownDescription": "The visibility configuration of the Apply button on a `ParameterDropDownControl` .", + "title": "CommitMode", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterDropDownControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterDropDownControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ParameterListControl": { + "additionalProperties": false, + "properties": { + "CascadingControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", + "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", + "title": "CascadingControlConfiguration" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterListControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SelectableValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", + "markdownDescription": "A list of selectable values that are used in a control.", + "title": "SelectableValues" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterListControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterListControl` .", + "title": "Title", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of `ParameterListControl` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ParameterSelectableValues": { + "additionalProperties": false, + "properties": { + "LinkToDataSetColumn": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column identifier that fetches values from the data set.", + "title": "LinkToDataSetColumn" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values that are used in `ParameterSelectableValues` .", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ParameterSliderControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "MaximumValue": { + "markdownDescription": "The larger value that is displayed at the right of the slider.", + "title": "MaximumValue", + "type": "number" + }, + "MinimumValue": { + "markdownDescription": "The smaller value that is displayed at the left of the slider.", + "title": "MinimumValue", + "type": "number" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterSliderControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "StepSize": { + "markdownDescription": "The number of increments that the slider bar is divided into.", + "title": "StepSize", + "type": "number" + }, + "Title": { + "markdownDescription": "The title of the `ParameterSliderControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "MaximumValue", + "MinimumValue", + "ParameterControlId", + "SourceParameterName", + "StepSize", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ParameterTextAreaControl": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "The delimiter that is used to separate the lines in text.", + "title": "Delimiter", + "type": "string" + }, + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextAreaControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextAreaControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ParameterTextFieldControl": { + "additionalProperties": false, + "properties": { + "DisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", + "markdownDescription": "The display options of a control.", + "title": "DisplayOptions" + }, + "ParameterControlId": { + "markdownDescription": "The ID of the `ParameterTextFieldControl` .", + "title": "ParameterControlId", + "type": "string" + }, + "SourceParameterName": { + "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", + "title": "SourceParameterName", + "type": "string" + }, + "Title": { + "markdownDescription": "The title of the `ParameterTextFieldControl` .", + "title": "Title", + "type": "string" + } + }, + "required": [ + "ParameterControlId", + "SourceParameterName", + "Title" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PercentVisibleRange": { + "additionalProperties": false, + "properties": { + "From": { + "markdownDescription": "The lower bound of the range.", + "title": "From", + "type": "number" + }, + "To": { + "markdownDescription": "The top bound of the range.", + "title": "To", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PercentageDisplayFormatConfiguration": { + "additionalProperties": false, + "properties": { + "DecimalPlacesConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", + "markdownDescription": "The option that determines the decimal places configuration.", + "title": "DecimalPlacesConfiguration" + }, + "NegativeValueConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", + "markdownDescription": "The options that determine the negative value configuration.", + "title": "NegativeValueConfiguration" + }, + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "Prefix": { + "markdownDescription": "Determines the prefix value of the percentage format.", + "title": "Prefix", + "type": "string" + }, + "SeparatorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", + "markdownDescription": "The options that determine the numeric separator configuration.", + "title": "SeparatorConfiguration" + }, + "Suffix": { + "markdownDescription": "Determines the suffix value of the percentage format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PercentileAggregation": { + "additionalProperties": false, + "properties": { + "PercentileValue": { + "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", + "title": "PercentileValue", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PeriodOverPeriodComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PeriodToDateComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "PeriodTimeGranularity": { + "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", + "title": "PeriodTimeGranularity", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PieChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category (group/color) field wells of a pie chart.", + "title": "Category", + "type": "array" + }, + "SmallMultiples": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The small multiples field well of a pie chart.", + "title": "SmallMultiples", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PieChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", + "title": "CategoryLabelOptions" + }, + "ContributionAnalysisDefaults": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" + }, + "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", + "title": "ContributionAnalysisDefaults", + "type": "array" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "DonutOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.DonutOptions", + "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", + "title": "DonutOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SmallMultiplesOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", + "markdownDescription": "The small multiples setup for the visual.", + "title": "SmallMultiplesOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartSortConfiguration", + "markdownDescription": "The sort configuration of a pie chart.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + }, + "ValueLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options for the value that is displayed in a pie chart.", + "title": "ValueLabelOptions" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PieChartFieldWells": { + "additionalProperties": false, + "properties": { + "PieChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a pie chart.", + "title": "PieChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PieChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + }, + "SmallMultiplesLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of small multiples panels that are displayed.", + "title": "SmallMultiplesLimitConfiguration" + }, + "SmallMultiplesSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the small multiples field.", + "title": "SmallMultiplesSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PieChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartConfiguration", + "markdownDescription": "The configuration of a pie chart.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotFieldSortOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID for the field sort options.", + "title": "FieldId", + "type": "string" + }, + "SortBy": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortBy", + "markdownDescription": "The sort by field for the field sort options.", + "title": "SortBy" + } + }, + "required": [ + "FieldId", + "SortBy" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", + "title": "Columns", + "type": "array" + }, + "Rows": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", + "title": "Rows", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope", + "markdownDescription": "The scope of the cell for conditional formatting.", + "title": "Scope" + }, + "Scopes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope" + }, + "markdownDescription": "A list of cell scopes for conditional formatting.", + "title": "Scopes", + "type": "array" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a pivot table.", + "title": "Cell" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConditionalFormattingScope": { + "additionalProperties": false, + "properties": { + "Role": { + "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", + "title": "Role", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOptions", + "markdownDescription": "The field options for a pivot table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a pivot table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortConfiguration", + "markdownDescription": "The sort configuration for a `PivotTableVisual` .", + "title": "SortConfiguration" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableOptions", + "markdownDescription": "The table options for a pivot table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableTotalOptions", + "markdownDescription": "The total options for a pivot table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableDataPathOption": { + "additionalProperties": false, + "properties": { + "DataPathList": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + }, + "markdownDescription": "The list of data path values for the data path options.", + "title": "DataPathList", + "type": "array" + }, + "Width": { + "markdownDescription": "The width of the data path option.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "DataPathList" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldCollapseStateOption": { + "additionalProperties": false, + "properties": { + "State": { + "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", + "title": "State", + "type": "string" + }, + "Target": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget", + "markdownDescription": "A tagged-union object that sets the collapse state.", + "title": "Target" + } + }, + "required": [ + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget": { + "additionalProperties": false, + "properties": { + "FieldDataPathValues": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + }, + "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", + "title": "FieldDataPathValues", + "type": "array" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label of the pivot table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID of the pivot table field.", + "title": "FieldId", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the pivot table field.", + "title": "Visibility", + "type": "object" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldOptions": { + "additionalProperties": false, + "properties": { + "CollapseStateOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateOption" + }, + "markdownDescription": "The collapse state options for the pivot table field options.", + "title": "CollapseStateOptions", + "type": "array" + }, + "DataPathOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableDataPathOption" + }, + "markdownDescription": "The data path options for the pivot table field options.", + "title": "DataPathOptions", + "type": "array" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOption" + }, + "markdownDescription": "The selected field options for the pivot table field options.", + "title": "SelectedFieldOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldSubtotalOptions": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the subtotal options.", + "title": "FieldId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableFieldWells": { + "additionalProperties": false, + "properties": { + "PivotTableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the pivot table.", + "title": "PivotTableAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of cells.", + "title": "CellStyle" + }, + "CollapsedRowDimensionsVisibility": { + "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", + "title": "CollapsedRowDimensionsVisibility", + "type": "object" + }, + "ColumnHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of the column header.", + "title": "ColumnHeaderStyle" + }, + "ColumnNamesVisibility": { + "markdownDescription": "The visibility of the column names.", + "title": "ColumnNamesVisibility", + "type": "object" + }, + "DefaultCellWidth": { + "markdownDescription": "The default cell width of the pivot table.", + "title": "DefaultCellWidth", + "type": "string" + }, + "MetricPlacement": { + "markdownDescription": "The metric placement (row, column) options.", + "title": "MetricPlacement", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors).", + "title": "RowAlternateColorOptions" + }, + "RowFieldNamesStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of row field names.", + "title": "RowFieldNamesStyle" + }, + "RowHeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of the row headers.", + "title": "RowHeaderStyle" + }, + "RowsLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableRowsLabelOptions", + "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", + "title": "RowsLabelOptions" + }, + "RowsLayout": { + "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", + "title": "RowsLayout", + "type": "string" + }, + "SingleMetricVisibility": { + "markdownDescription": "The visibility of the single metric options.", + "title": "SingleMetricVisibility", + "type": "object" + }, + "ToggleButtonsVisibility": { + "markdownDescription": "Determines the visibility of the pivot table.", + "title": "ToggleButtonsVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of the repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "object" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of the printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableRowsLabelOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the rows label.", + "title": "CustomLabel", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the rows label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableSortBy": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", + "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", + "title": "Column" + }, + "DataPath": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathSort", + "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", + "title": "DataPath" + }, + "Field": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", + "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", + "title": "Field" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableSortConfiguration": { + "additionalProperties": false, + "properties": { + "FieldSortOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotFieldSortOptions" + }, + "markdownDescription": "The field sort options for a pivot table sort configuration.", + "title": "FieldSortOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableTotalOptions": { + "additionalProperties": false, + "properties": { + "ColumnSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", + "markdownDescription": "The column subtotal options.", + "title": "ColumnSubtotalOptions" + }, + "ColumnTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", + "markdownDescription": "The column total options.", + "title": "ColumnTotalOptions" + }, + "RowSubtotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", + "markdownDescription": "The row subtotal options.", + "title": "RowSubtotalOptions" + }, + "RowTotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", + "markdownDescription": "The row total options.", + "title": "RowTotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PivotTableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PivotTotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the total of header cells.", + "title": "MetricHeaderCellStyle" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation options for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "object" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the totals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisual": { + "additionalProperties": false, + "properties": { + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualConfiguration", + "markdownDescription": "A description of the plugin field wells and their persisted properties.", + "title": "ChartConfiguration" + }, + "PluginArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that reflects the plugin and version.", + "title": "PluginArn", + "type": "string" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The ID of the visual that you want to use.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "PluginArn", + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualConfiguration": { + "additionalProperties": false, + "properties": { + "FieldWells": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualFieldWell" + }, + "markdownDescription": "The field wells configuration of the plugin visual.", + "title": "FieldWells", + "type": "array" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualSortConfiguration", + "markdownDescription": "The sort configuration of the plugin visual.", + "title": "SortConfiguration" + }, + "VisualOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualOptions", + "markdownDescription": "The persisted properties of the plugin visual.", + "title": "VisualOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualFieldWell": { + "additionalProperties": false, + "properties": { + "AxisName": { + "markdownDescription": "The semantic axis name for the field well.", + "title": "AxisName", + "type": "string" + }, + "Dimensions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "A list of dimensions for the field well.", + "title": "Dimensions", + "type": "array" + }, + "Measures": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "A list of measures that exist in the field well.", + "title": "Measures", + "type": "array" + }, + "Unaggregated": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" + }, + "markdownDescription": "A list of unaggregated fields that exist in the field well.", + "title": "Unaggregated", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualItemsLimitConfiguration": { + "additionalProperties": false, + "properties": { + "ItemsLimit": { + "markdownDescription": "Determines how many values are be fetched at once.", + "title": "ItemsLimit", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualOptions": { + "additionalProperties": false, + "properties": { + "VisualProperties": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualProperty" + }, + "markdownDescription": "The persisted properties and their values.", + "title": "VisualProperties", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualProperty": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the plugin visual property.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the plugin visual property.", + "title": "Value", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualSortConfiguration": { + "additionalProperties": false, + "properties": { + "PluginVisualTableQuerySort": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualTableQuerySort", + "markdownDescription": "The table query sorting options for the plugin visual.", + "title": "PluginVisualTableQuerySort" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PluginVisualTableQuerySort": { + "additionalProperties": false, + "properties": { + "ItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisualItemsLimitConfiguration", + "markdownDescription": "The maximum amount of data to be returned by a query.", + "title": "ItemsLimitConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "Determines how data is sorted in the response.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.PredefinedHierarchy": { + "additionalProperties": false, + "properties": { + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" + }, + "markdownDescription": "The list of columns that define the predefined hierarchy.", + "title": "Columns", + "type": "array" + }, + "DrillDownFilters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" + }, + "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", + "title": "DrillDownFilters", + "type": "array" + }, + "HierarchyId": { + "markdownDescription": "The hierarchy ID of the predefined hierarchy.", + "title": "HierarchyId", + "type": "string" + } + }, + "required": [ + "Columns", + "HierarchyId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ProgressBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the progress bar.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.QueryExecutionOptions": { + "additionalProperties": false, + "properties": { + "QueryExecutionMode": { + "markdownDescription": "A structure that describes the query execution mode.", + "title": "QueryExecutionMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The aggregated field well categories of a radar chart.", + "title": "Category", + "type": "array" + }, + "Color": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", + "title": "Color", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartAreaStyleSettings": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility settings of a radar chart.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartConfiguration": { + "additionalProperties": false, + "properties": { + "AlternateBandColorsVisibility": { + "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", + "title": "AlternateBandColorsVisibility", + "type": "object" + }, + "AlternateBandEvenColor": { + "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", + "title": "AlternateBandEvenColor", + "type": "string" + }, + "AlternateBandOddColor": { + "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", + "title": "AlternateBandOddColor", + "type": "string" + }, + "AxesRangeScale": { + "markdownDescription": "The axis behavior options of a radar chart.", + "title": "AxesRangeScale", + "type": "string" + }, + "BaseSeriesSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSeriesSettings", + "markdownDescription": "The base sreies settings of a radar chart.", + "title": "BaseSeriesSettings" + }, + "CategoryAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The category axis of a radar chart.", + "title": "CategoryAxis" + }, + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The category label options of a radar chart.", + "title": "CategoryLabelOptions" + }, + "ColorAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The color axis of a radar chart.", + "title": "ColorAxis" + }, + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The color label options of a radar chart.", + "title": "ColorLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartFieldWells", + "markdownDescription": "The field well configuration of a `RadarChartVisual` .", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "Shape": { + "markdownDescription": "The shape of the radar chart.", + "title": "Shape", + "type": "string" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSortConfiguration", + "markdownDescription": "The sort configuration of a `RadarChartVisual` .", + "title": "SortConfiguration" + }, + "StartAngle": { + "markdownDescription": "The start angle of a radar chart's axis.", + "title": "StartAngle", + "type": "number" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartFieldWells": { + "additionalProperties": false, + "properties": { + "RadarChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a radar chart visual.", + "title": "RadarChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartSeriesSettings": { + "additionalProperties": false, + "properties": { + "AreaStyleSettings": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAreaStyleSettings", + "markdownDescription": "The area style settings of a radar chart.", + "title": "AreaStyleSettings" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The category items limit for a radar chart.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The category sort options of a radar chart.", + "title": "CategorySort", + "type": "array" + }, + "ColorItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The color items limit of a radar chart.", + "title": "ColorItemsLimit" + }, + "ColorSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The color sort configuration of a radar chart.", + "title": "ColorSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RadarChartVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.RangeEndsLabelType": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the range ends label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLine": { + "additionalProperties": false, + "properties": { + "DataConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDataConfiguration", + "markdownDescription": "The data configuration of the reference line.", + "title": "DataConfiguration" + }, + "LabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineLabelConfiguration", + "markdownDescription": "The label configuration of the reference line.", + "title": "LabelConfiguration" + }, + "Status": { + "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", + "title": "Status", + "type": "string" + }, + "StyleConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStyleConfiguration", + "markdownDescription": "The style configuration of the reference line.", + "title": "StyleConfiguration" + } + }, + "required": [ + "DataConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The string text of the custom label.", + "title": "CustomLabel", + "type": "string" + } + }, + "required": [ + "CustomLabel" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineDataConfiguration": { + "additionalProperties": false, + "properties": { + "AxisBinding": { + "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", + "title": "AxisBinding", + "type": "string" + }, + "DynamicConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration", + "markdownDescription": "The dynamic configuration of the reference line data configuration.", + "title": "DynamicConfiguration" + }, + "SeriesType": { + "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", + "title": "SeriesType", + "type": "string" + }, + "StaticConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration", + "markdownDescription": "The static data configuration of the reference line data configuration.", + "title": "StaticConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration": { + "additionalProperties": false, + "properties": { + "Calculation": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", + "markdownDescription": "The calculation that is used in the dynamic data.", + "title": "Calculation" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the dynamic data targets.", + "title": "Column" + }, + "MeasureAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", + "markdownDescription": "The aggregation function that is used in the dynamic data.", + "title": "MeasureAggregationFunction" + } + }, + "required": [ + "Calculation", + "Column" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineLabelConfiguration": { + "additionalProperties": false, + "properties": { + "CustomLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration", + "markdownDescription": "The custom label configuration of the label in a reference line.", + "title": "CustomLabelConfiguration" + }, + "FontColor": { + "markdownDescription": "The font color configuration of the label in a reference line.", + "title": "FontColor", + "type": "string" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the label in a reference line.", + "title": "FontConfiguration" + }, + "HorizontalPosition": { + "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", + "title": "HorizontalPosition", + "type": "string" + }, + "ValueLabelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration", + "markdownDescription": "The value label configuration of the label in a reference line.", + "title": "ValueLabelConfiguration" + }, + "VerticalPosition": { + "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", + "title": "VerticalPosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration": { + "additionalProperties": false, + "properties": { + "Value": { + "markdownDescription": "The double input of the static data.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineStyleConfiguration": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The hex color of the reference line.", + "title": "Color", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", + "title": "Pattern", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration": { + "additionalProperties": false, + "properties": { + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The format configuration of the value label.", + "title": "FormatConfiguration" + }, + "RelativePosition": { + "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", + "title": "RelativePosition", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "DateTimeFormat": { + "markdownDescription": "Customize how dates are formatted in controls.", + "title": "DateTimeFormat", + "type": "string" + }, + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.RelativeDatesFilter": { + "additionalProperties": false, + "properties": { + "AnchorDateConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.AnchorDateConfiguration", + "markdownDescription": "The date configuration of the filter.", + "title": "AnchorDateConfiguration" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", + "markdownDescription": "The configuration for the exclude period of the filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "MinimumGranularity": { + "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", + "title": "MinimumGranularity", + "type": "string" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "RelativeDateType": { + "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", + "title": "RelativeDateType", + "type": "string" + }, + "RelativeDateValue": { + "markdownDescription": "The date value of the filter.", + "title": "RelativeDateValue", + "type": "number" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AnchorDateConfiguration", + "Column", + "FilterId", + "NullOption", + "RelativeDateType", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::Template.RollingDateConfiguration": { + "additionalProperties": false, + "properties": { + "DataSetIdentifier": { + "markdownDescription": "The data set that is used in the rolling date configuration.", + "title": "DataSetIdentifier", + "type": "string" + }, + "Expression": { + "markdownDescription": "The expression of the rolling date configuration.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.RowAlternateColorOptions": { + "additionalProperties": false, + "properties": { + "RowAlternateColors": { + "items": { + "type": "string" + }, + "markdownDescription": "Determines the list of row alternate colors.", + "title": "RowAlternateColors", + "type": "array" + }, + "Status": { + "markdownDescription": "Determines the widget status.", + "title": "Status", + "type": "string" + }, + "UsePrimaryBackgroundColor": { + "markdownDescription": "The primary background color options for alternate rows.", + "title": "UsePrimaryBackgroundColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SameSheetTargetVisualConfiguration": { + "additionalProperties": false, + "properties": { + "TargetVisualOptions": { + "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", + "title": "TargetVisualOptions", + "type": "string" + }, + "TargetVisuals": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", + "title": "TargetVisuals", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Destination": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The destination field wells of a sankey diagram.", + "title": "Destination", + "type": "array" + }, + "Source": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The source field wells of a sankey diagram.", + "title": "Source", + "type": "array" + }, + "Weight": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The weight field wells of a sankey diagram.", + "title": "Weight", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramChartConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a sankey diagram.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramSortConfiguration", + "markdownDescription": "The sort configuration of a sankey diagram.", + "title": "SortConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramFieldWells": { + "additionalProperties": false, + "properties": { + "SankeyDiagramAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells", + "markdownDescription": "The field well configuration of a sankey diagram.", + "title": "SankeyDiagramAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramSortConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", + "title": "DestinationItemsLimit" + }, + "SourceItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", + "title": "SourceItemsLimit" + }, + "WeightSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the weight fields.", + "title": "WeightSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SankeyDiagramVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramChartConfiguration", + "markdownDescription": "The configuration of a sankey diagram.", + "title": "ChartConfiguration" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" + }, + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotConfiguration": { + "additionalProperties": false, + "properties": { + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotSortConfiguration", + "markdownDescription": "The sort configuration of a scatter plot.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Tooltip" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The palette (chart color) display setup of the visual.", + "title": "VisualPalette" + }, + "XAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", + "title": "XAxisDisplayOptions" + }, + "XAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", + "title": "XAxisLabelOptions" + }, + "YAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", + "title": "YAxisDisplayOptions" + }, + "YAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", + "title": "YAxisLabelOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotFieldWells": { + "additionalProperties": false, + "properties": { + "ScatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", + "title": "ScatterPlotCategoricallyAggregatedFieldWells" + }, + "ScatterPlotUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", + "title": "ScatterPlotUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotSortConfiguration": { + "additionalProperties": false, + "properties": { + "ScatterPlotLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "", + "title": "ScatterPlotLimitConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Category": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field well of a scatter plot.", + "title": "Category", + "type": "array" + }, + "Label": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The label field well of a scatter plot.", + "title": "Label", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a scatter plot.", + "title": "Size", + "type": "array" + }, + "XAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", + "title": "XAxis", + "type": "array" + }, + "YAxis": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", + "title": "YAxis", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ScatterPlotVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ScrollBarOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the data zoom scroll bar.", + "title": "Visibility", + "type": "object" + }, + "VisibleRange": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisibleRangeOptions", + "markdownDescription": "The visibility range for the data zoom scroll bar.", + "title": "VisibleRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SecondaryValueOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines the visibility of the secondary value.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionAfterPageBreak": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "The option that enables or disables a page break at the end of a section.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperCanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions", + "markdownDescription": "The options for a paper canvas of a section-based layout.", + "title": "PaperCanvasSizeOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "BodySections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionConfiguration" + }, + "markdownDescription": "A list of body section configurations.", + "title": "BodySections", + "type": "array" + }, + "CanvasSizeOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", + "markdownDescription": "The options for the canvas of a section-based layout.", + "title": "CanvasSizeOptions" + }, + "FooterSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of footer section configurations.", + "title": "FooterSections", + "type": "array" + }, + "HeaderSections": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + }, + "markdownDescription": "A list of header section configurations.", + "title": "HeaderSections", + "type": "array" + } + }, + "required": [ + "BodySections", + "CanvasSizeOptions", + "FooterSections", + "HeaderSections" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions": { + "additionalProperties": false, + "properties": { + "PaperMargin": { + "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", + "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", + "title": "PaperMargin" + }, + "PaperOrientation": { + "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", + "title": "PaperOrientation", + "type": "string" + }, + "PaperSize": { + "markdownDescription": "The paper size that is used to define canvas dimensions.", + "title": "PaperSize", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "FreeFormLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration", + "markdownDescription": "The free-form layout configuration of a section.", + "title": "FreeFormLayout" + } + }, + "required": [ + "FreeFormLayout" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SectionPageBreakConfiguration": { + "additionalProperties": false, + "properties": { + "After": { + "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", + "markdownDescription": "The configuration of a page break after a section.", + "title": "After" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SectionStyle": { + "additionalProperties": false, + "properties": { + "Height": { + "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", + "title": "Height", + "type": "string" + }, + "Padding": { + "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", + "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", + "title": "Padding" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration": { + "additionalProperties": false, + "properties": { + "SheetVisualScopingConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetVisualScopingConfiguration" + }, + "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", + "title": "SheetVisualScopingConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SeriesItem": { + "additionalProperties": false, + "properties": { + "DataFieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataFieldSeriesItem", + "markdownDescription": "The data field series item configuration of a line chart.", + "title": "DataFieldSeriesItem" + }, + "FieldSeriesItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSeriesItem", + "markdownDescription": "The field series item configuration of a line chart.", + "title": "FieldSeriesItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SetParameterValueConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationParameterName": { + "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", + "title": "DestinationParameterName", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.DestinationParameterValueConfiguration", + "markdownDescription": "", + "title": "Value" + } + }, + "required": [ + "DestinationParameterName", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ShapeConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", + "title": "BackgroundColor" + } + }, + "required": [ + "BackgroundColor" + ], + "type": "object" + }, + "AWS::QuickSight::Template.Sheet": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The unique identifier associated with a sheet.", + "title": "SheetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetControlInfoIconLabelOptions": { + "additionalProperties": false, + "properties": { + "InfoIconText": { + "markdownDescription": "The text content of info icon.", + "title": "InfoIconText", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility configuration of info icon label options.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetControlLayout": { + "additionalProperties": false, + "properties": { + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "Configuration" + } + }, + "required": [ + "Configuration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetControlLayoutConfiguration": { + "additionalProperties": false, + "properties": { + "GridLayout": { + "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", + "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", + "title": "GridLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetDefinition": { + "additionalProperties": false, + "properties": { + "ContentType": { + "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", + "title": "ContentType", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the sheet.", + "title": "Description", + "type": "string" + }, + "FilterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterControl" + }, + "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterControls", + "type": "array" + }, + "Images": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImage" + }, + "markdownDescription": "A list of images on a sheet.", + "title": "Images", + "type": "array" + }, + "Layouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Layout" + }, + "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", + "title": "Layouts", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", + "title": "Name", + "type": "string" + }, + "ParameterControls": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterControl" + }, + "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterControls", + "type": "array" + }, + "SheetControlLayouts": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayout" + }, + "markdownDescription": "The control layouts of the sheet.", + "title": "SheetControlLayouts", + "type": "array" + }, + "SheetId": { + "markdownDescription": "The unique identifier of a sheet.", + "title": "SheetId", + "type": "string" + }, + "TextBoxes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetTextBox" + }, + "markdownDescription": "The text boxes that are on a sheet.", + "title": "TextBoxes", + "type": "array" + }, + "Title": { + "markdownDescription": "The title of the sheet.", + "title": "Title", + "type": "string" + }, + "Visuals": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Visual" + }, + "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", + "title": "Visuals", + "type": "array" + } + }, + "required": [ + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetElementConfigurationOverrides": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetElementRenderingRule": { + "additionalProperties": false, + "properties": { + "ConfigurationOverrides": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementConfigurationOverrides", + "markdownDescription": "The override configuration of the rendering rules of a sheet.", + "title": "ConfigurationOverrides" + }, + "Expression": { + "markdownDescription": "The expression of the rendering rules of a sheet.", + "title": "Expression", + "type": "string" + } + }, + "required": [ + "ConfigurationOverrides", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetImage": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageCustomAction" + }, + "markdownDescription": "A list of custom actions that are configured for an image.", + "title": "Actions", + "type": "array" + }, + "ImageContentAltText": { + "markdownDescription": "The alt text for the image.", + "title": "ImageContentAltText", + "type": "string" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ImageInteractionOptions", + "markdownDescription": "The general image interactions setup for an image.", + "title": "Interactions" + }, + "Scaling": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageScalingConfiguration", + "markdownDescription": "Determines how the image is scaled.", + "title": "Scaling" + }, + "SheetImageId": { + "markdownDescription": "The ID of the sheet image.", + "title": "SheetImageId", + "type": "string" + }, + "Source": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageSource", + "markdownDescription": "The source of the image.", + "title": "Source" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageTooltipConfiguration", + "markdownDescription": "The tooltip to be shown when hovering over the image.", + "title": "Tooltip" + } + }, + "required": [ + "SheetImageId", + "Source" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageScalingConfiguration": { + "additionalProperties": false, + "properties": { + "ScalingType": { + "markdownDescription": "The scaling option to use when fitting the image inside the container.\n\nValid values are defined as follows:\n\n- `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved.\n- `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved.\n- `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved.\n- `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container.", + "title": "ScalingType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageSource": { + "additionalProperties": false, + "properties": { + "SheetImageStaticFileSource": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageStaticFileSource", + "markdownDescription": "The source of the static file that contains the image.", + "title": "SheetImageStaticFileSource" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageStaticFileSource": { + "additionalProperties": false, + "properties": { + "StaticFileId": { + "markdownDescription": "The ID of the static file that contains the image.", + "title": "StaticFileId", + "type": "string" + } + }, + "required": [ + "StaticFileId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageTooltipConfiguration": { + "additionalProperties": false, + "properties": { + "TooltipText": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetImageTooltipText", + "markdownDescription": "The text that appears in the tooltip.", + "title": "TooltipText" + }, + "Visibility": { + "markdownDescription": "The visibility of the tooltip.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetImageTooltipText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "The plain text format.", + "title": "PlainText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SheetTextBox": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content that is displayed in the text box.", + "title": "Content", + "type": "string" + }, + "SheetTextBoxId": { + "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", + "title": "SheetTextBoxId", + "type": "string" + } + }, + "required": [ + "SheetTextBoxId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.SheetVisualScopingConfiguration": { + "additionalProperties": false, + "properties": { + "Scope": { + "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", + "title": "Scope", + "type": "string" + }, + "SheetId": { + "markdownDescription": "The selected sheet that the filter is applied to.", + "title": "SheetId", + "type": "string" + }, + "VisualIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The selected visuals that the filter is applied to.", + "title": "VisualIds", + "type": "array" + } + }, + "required": [ + "Scope", + "SheetId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ShortFormatText": { + "additionalProperties": false, + "properties": { + "PlainText": { + "markdownDescription": "Plain text format.", + "title": "PlainText", + "type": "string" + }, + "RichText": { + "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", + "title": "RichText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SimpleClusterMarker": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of the simple cluster marker.", + "title": "Color", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SingleAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxisOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.YAxisOptions", + "markdownDescription": "The Y axis options of a single axis configuration.", + "title": "YAxisOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SliderControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SmallMultiplesAxisProperties": { + "additionalProperties": false, + "properties": { + "Placement": { + "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", + "title": "Placement", + "type": "string" + }, + "Scale": { + "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", + "title": "Scale", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SmallMultiplesOptions": { + "additionalProperties": false, + "properties": { + "MaxVisibleColumns": { + "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleColumns", + "type": "number" + }, + "MaxVisibleRows": { + "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", + "title": "MaxVisibleRows", + "type": "number" + }, + "PanelConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PanelConfiguration", + "markdownDescription": "Configures the display options for each small multiples panel.", + "title": "PanelConfiguration" + }, + "XAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples X axis.", + "title": "XAxis" + }, + "YAxis": { + "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", + "markdownDescription": "The properties of a small multiples Y axis.", + "title": "YAxis" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.Spacing": { + "additionalProperties": false, + "properties": { + "Bottom": { + "markdownDescription": "Define the bottom spacing.", + "title": "Bottom", + "type": "string" + }, + "Left": { + "markdownDescription": "Define the left spacing.", + "title": "Left", + "type": "string" + }, + "Right": { + "markdownDescription": "Define the right spacing.", + "title": "Right", + "type": "string" + }, + "Top": { + "markdownDescription": "Define the top spacing.", + "title": "Top", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.StringDefaultValues": { + "additionalProperties": false, + "properties": { + "DynamicValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", + "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", + "title": "DynamicValue" + }, + "StaticValues": { + "items": { + "type": "string" + }, + "markdownDescription": "The static values of the `DecimalDefaultValues` .", + "title": "StaticValues", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.StringFormatConfiguration": { + "additionalProperties": false, + "properties": { + "NullValueFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", + "markdownDescription": "The options that determine the null value format configuration.", + "title": "NullValueFormatConfiguration" + }, + "NumericFormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", + "markdownDescription": "The formatting configuration for numeric strings.", + "title": "NumericFormatConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.StringParameterDeclaration": { + "additionalProperties": false, + "properties": { + "DefaultValues": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringDefaultValues", + "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", + "title": "DefaultValues" + }, + "MappedDataSetParameters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + }, + "markdownDescription": "", + "title": "MappedDataSetParameters", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the parameter that is being declared.", + "title": "Name", + "type": "string" + }, + "ParameterValueType": { + "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", + "title": "ParameterValueType", + "type": "string" + }, + "ValueWhenUnset": { + "$ref": "#/definitions/AWS::QuickSight::Template.StringValueWhenUnsetConfiguration", + "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", + "title": "ValueWhenUnset" + } + }, + "required": [ + "Name", + "ParameterValueType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.StringValueWhenUnsetConfiguration": { + "additionalProperties": false, + "properties": { + "CustomValue": { + "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", + "title": "CustomValue", + "type": "string" + }, + "ValueWhenUnsetOption": { + "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", + "title": "ValueWhenUnsetOption", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.SubtotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the subtotal cells.", + "title": "CustomLabel", + "type": "string" + }, + "FieldLevel": { + "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", + "title": "FieldLevel", + "type": "string" + }, + "FieldLevelOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldSubtotalOptions" + }, + "markdownDescription": "The optional configuration of subtotal cells.", + "title": "FieldLevelOptions", + "type": "array" + }, + "MetricHeaderCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of header cells.", + "title": "MetricHeaderCellStyle" + }, + "StyleTargets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableStyleTarget" + }, + "markdownDescription": "The style targets options for subtotals.", + "title": "StyleTargets", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotal cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the subtotal cells.", + "title": "TotalsVisibility", + "type": "object" + }, + "ValueCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The cell styling options for the subtotals of value cells.", + "title": "ValueCellStyle" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableBorderOptions": { + "additionalProperties": false, + "properties": { + "Color": { + "markdownDescription": "The color of a table border.", + "title": "Color", + "type": "string" + }, + "Style": { + "markdownDescription": "The style (none, solid) of a table border.", + "title": "Style", + "type": "string" + }, + "Thickness": { + "markdownDescription": "The thickness of a table border.", + "title": "Thickness", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableCellConditionalFormatting": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field ID of the cell for conditional formatting.", + "title": "FieldId", + "type": "string" + }, + "TextFormat": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", + "markdownDescription": "The text format of the cell for conditional formatting.", + "title": "TextFormat" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableCellImageSizingConfiguration": { + "additionalProperties": false, + "properties": { + "TableCellImageScalingConfiguration": { + "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", + "title": "TableCellImageScalingConfiguration", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableCellStyle": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "markdownDescription": "The background color for the table cells.", + "title": "BackgroundColor", + "type": "string" + }, + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Template.GlobalTableBorderOptions", + "markdownDescription": "The borders for the table cells.", + "title": "Border" + }, + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the table cells.", + "title": "FontConfiguration" + }, + "Height": { + "markdownDescription": "The height color for the table cells.", + "title": "Height", + "type": "number" + }, + "HorizontalTextAlignment": { + "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", + "title": "HorizontalTextAlignment", + "type": "string" + }, + "TextWrap": { + "markdownDescription": "The text wrap (none, wrap) for the table cells.", + "title": "TextWrap", + "type": "string" + }, + "VerticalTextAlignment": { + "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", + "title": "VerticalTextAlignment", + "type": "string" + }, + "Visibility": { + "markdownDescription": "The visibility of the table cells.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableConditionalFormatting": { + "additionalProperties": false, + "properties": { + "ConditionalFormattingOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormattingOption" + }, + "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", + "title": "ConditionalFormattingOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableConditionalFormattingOption": { + "additionalProperties": false, + "properties": { + "Cell": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellConditionalFormatting", + "markdownDescription": "The cell conditional formatting option for a table.", + "title": "Cell" + }, + "Row": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableRowConditionalFormatting", + "markdownDescription": "The row conditional formatting option for a table.", + "title": "Row" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableConfiguration": { + "additionalProperties": false, + "properties": { + "FieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOptions", + "markdownDescription": "The field options for a table visual.", + "title": "FieldOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "PaginatedReportOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TablePaginatedReportOptions", + "markdownDescription": "The paginated report options for a table visual.", + "title": "PaginatedReportOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableSortConfiguration", + "markdownDescription": "The sort configuration for a `TableVisual` .", + "title": "SortConfiguration" + }, + "TableInlineVisualizations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableInlineVisualization" + }, + "markdownDescription": "A collection of inline visualizations to display within a chart.", + "title": "TableInlineVisualizations", + "type": "array" + }, + "TableOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableOptions", + "markdownDescription": "The table options for a table visual.", + "title": "TableOptions" + }, + "TotalOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalOptions", + "markdownDescription": "The total options for a table visual.", + "title": "TotalOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldCustomIconContent": { + "additionalProperties": false, + "properties": { + "Icon": { + "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", + "title": "Icon", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldCustomTextContent": { + "additionalProperties": false, + "properties": { + "FontConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", + "markdownDescription": "The font configuration of the custom text content for the table URL link content.", + "title": "FontConfiguration" + }, + "Value": { + "markdownDescription": "The string value of the custom text content for the table URL link content.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "FontConfiguration" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldImageConfiguration": { + "additionalProperties": false, + "properties": { + "SizingOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellImageSizingConfiguration", + "markdownDescription": "The sizing options for the table image configuration.", + "title": "SizingOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldLinkConfiguration": { + "additionalProperties": false, + "properties": { + "Content": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkContentConfiguration", + "markdownDescription": "The URL content (text, icon) for the table link configuration.", + "title": "Content" + }, + "Target": { + "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", + "title": "Target", + "type": "string" + } + }, + "required": [ + "Content", + "Target" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldLinkContentConfiguration": { + "additionalProperties": false, + "properties": { + "CustomIconContent": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomIconContent", + "markdownDescription": "The custom icon content for the table link content configuration.", + "title": "CustomIconContent" + }, + "CustomTextContent": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomTextContent", + "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", + "title": "CustomTextContent" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldOption": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label for a table field.", + "title": "CustomLabel", + "type": "string" + }, + "FieldId": { + "markdownDescription": "The field ID for a table field.", + "title": "FieldId", + "type": "string" + }, + "URLStyling": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldURLConfiguration", + "markdownDescription": "The URL configuration for a table field.", + "title": "URLStyling" + }, + "Visibility": { + "markdownDescription": "The visibility of a table field.", + "title": "Visibility", + "type": "object" + }, + "Width": { + "markdownDescription": "The width for a table field.", + "title": "Width", + "type": "string" + } + }, + "required": [ + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldOptions": { + "additionalProperties": false, + "properties": { + "Order": { + "items": { + "type": "string" + }, + "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", + "title": "Order", + "type": "array" + }, + "PinnedFieldOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TablePinnedFieldOptions", + "markdownDescription": "The settings for the pinned columns of a table visual.", + "title": "PinnedFieldOptions" + }, + "SelectedFieldOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOption" + }, + "markdownDescription": "The field options to be configured to a table.", + "title": "SelectedFieldOptions", + "type": "array" + }, + "TransposedTableOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TransposedTableOption" + }, + "markdownDescription": "The `TableOptions` of a transposed table.", + "title": "TransposedTableOptions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldURLConfiguration": { + "additionalProperties": false, + "properties": { + "ImageConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldImageConfiguration", + "markdownDescription": "The image configuration of a table field URL.", + "title": "ImageConfiguration" + }, + "LinkConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkConfiguration", + "markdownDescription": "The link configuration of a table field URL.", + "title": "LinkConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableFieldWells": { + "additionalProperties": false, + "properties": { + "TableAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableAggregatedFieldWells", + "markdownDescription": "The aggregated field well for the table.", + "title": "TableAggregatedFieldWells" + }, + "TableUnaggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableUnaggregatedFieldWells", + "markdownDescription": "The unaggregated field well for the table.", + "title": "TableUnaggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableInlineVisualization": { + "additionalProperties": false, + "properties": { + "DataBars": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataBarsOptions", + "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", + "title": "DataBars" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableOptions": { + "additionalProperties": false, + "properties": { + "CellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of table cells.", + "title": "CellStyle" + }, + "HeaderStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "The table cell style of a table header.", + "title": "HeaderStyle" + }, + "Orientation": { + "markdownDescription": "The orientation (vertical, horizontal) for a table.", + "title": "Orientation", + "type": "string" + }, + "RowAlternateColorOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", + "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", + "title": "RowAlternateColorOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TablePaginatedReportOptions": { + "additionalProperties": false, + "properties": { + "OverflowColumnHeaderVisibility": { + "markdownDescription": "The visibility of repeating header rows on each page.", + "title": "OverflowColumnHeaderVisibility", + "type": "object" + }, + "VerticalOverflowVisibility": { + "markdownDescription": "The visibility of printing table overflow across pages.", + "title": "VerticalOverflowVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TablePinnedFieldOptions": { + "additionalProperties": false, + "properties": { + "PinnedLeftFields": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of columns to be pinned to the left of a table visual.", + "title": "PinnedLeftFields", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableRowConditionalFormatting": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", + "title": "BackgroundColor" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableSideBorderOptions": { + "additionalProperties": false, + "properties": { + "Bottom": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the bottom border.", + "title": "Bottom" + }, + "InnerHorizontal": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the inner horizontal border.", + "title": "InnerHorizontal" + }, + "InnerVertical": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the inner vertical border.", + "title": "InnerVertical" + }, + "Left": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the left border.", + "title": "Left" + }, + "Right": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the right border.", + "title": "Right" + }, + "Top": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", + "markdownDescription": "The table border options of the top border.", + "title": "Top" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableSortConfiguration": { + "additionalProperties": false, + "properties": { + "PaginationConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", + "markdownDescription": "The pagination configuration (page size, page number) for the table.", + "title": "PaginationConfiguration" + }, + "RowSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The field sort options for rows in the table.", + "title": "RowSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableStyleTarget": { + "additionalProperties": false, + "properties": { + "CellType": { + "markdownDescription": "The cell type of the table style target.", + "title": "CellType", + "type": "string" + } + }, + "required": [ + "CellType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TableUnaggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" + }, + "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TableVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ConditionalFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormatting", + "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", + "title": "ConditionalFormatting" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TemplateError": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "Description of the error type.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "Type of error.", + "title": "Type", + "type": "string" + }, + "ViolatedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Entity" + }, + "markdownDescription": "An error path that shows which entities caused the template error.", + "title": "ViolatedEntities", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceAnalysis": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "DataSetReferences": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetReference" + }, + "markdownDescription": "A structure containing information about the dataset references used as placeholders in the template.", + "title": "DataSetReferences", + "type": "array" + } + }, + "required": [ + "Arn", + "DataSetReferences" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceEntity": { + "additionalProperties": false, + "properties": { + "SourceAnalysis": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceAnalysis", + "markdownDescription": "The source analysis, if it is based on an analysis.", + "title": "SourceAnalysis" + }, + "SourceTemplate": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceTemplate", + "markdownDescription": "The source template, if it is based on an template.", + "title": "SourceTemplate" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateSourceTemplate": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TemplateVersion": { + "additionalProperties": false, + "properties": { + "CreatedTime": { + "markdownDescription": "The time that this template version was created.", + "title": "CreatedTime", + "type": "string" + }, + "DataSetConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" + }, + "markdownDescription": "Schema of the dataset identified by the placeholder. Any dashboard created from this template should be bound to new datasets matching the same schema described through this API operation.", + "title": "DataSetConfigurations", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the template.", + "title": "Description", + "type": "string" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TemplateError" + }, + "markdownDescription": "Errors associated with this template version.", + "title": "Errors", + "type": "array" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.Sheet" + }, + "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", + "title": "Sheets", + "type": "array" + }, + "SourceEntityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an analysis or template that was used to create this template.", + "title": "SourceEntityArn", + "type": "string" + }, + "Status": { + "markdownDescription": "The status that is associated with the template.\n\n- `CREATION_IN_PROGRESS`\n- `CREATION_SUCCESSFUL`\n- `CREATION_FAILED`\n- `UPDATE_IN_PROGRESS`\n- `UPDATE_SUCCESSFUL`\n- `UPDATE_FAILED`\n- `DELETED`", + "title": "Status", + "type": "string" + }, + "ThemeArn": { + "markdownDescription": "The ARN of the theme associated with this version of the template.", + "title": "ThemeArn", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "The version number of the template version.", + "title": "VersionNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TemplateVersionDefinition": { + "additionalProperties": false, + "properties": { + "AnalysisDefaults": { + "$ref": "#/definitions/AWS::QuickSight::Template.AnalysisDefaults", + "markdownDescription": "", + "title": "AnalysisDefaults" + }, + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedField" + }, + "markdownDescription": "An array of calculated field definitions for the template.", + "title": "CalculatedFields", + "type": "array" + }, + "ColumnConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnConfiguration" + }, + "markdownDescription": "An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template.", + "title": "ColumnConfigurations", + "type": "array" + }, + "DataSetConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" + }, + "markdownDescription": "An array of dataset configurations. These configurations define the required columns for each dataset used within a template.", + "title": "DataSetConfigurations", + "type": "array" + }, + "FilterGroups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilterGroup" + }, + "markdownDescription": "Filter definitions for a template.\n\nFor more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon QuickSight User Guide* .", + "title": "FilterGroups", + "type": "array" + }, + "Options": { + "$ref": "#/definitions/AWS::QuickSight::Template.AssetOptions", + "markdownDescription": "An array of option definitions for a template.", + "title": "Options" + }, + "ParameterDeclarations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDeclaration" + }, + "markdownDescription": "An array of parameter declarations for a template.\n\n*Parameters* are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", + "title": "ParameterDeclarations", + "type": "array" + }, + "QueryExecutionOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.QueryExecutionOptions", + "markdownDescription": "", + "title": "QueryExecutionOptions" + }, + "Sheets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetDefinition" + }, + "markdownDescription": "An array of sheet definitions for a template.", + "title": "Sheets", + "type": "array" + } + }, + "required": [ + "DataSetConfigurations" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TextAreaControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text area control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TextConditionalFormat": { + "additionalProperties": false, + "properties": { + "BackgroundColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text background color.", + "title": "BackgroundColor" + }, + "Icon": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", + "markdownDescription": "The conditional formatting for the icon.", + "title": "Icon" + }, + "TextColor": { + "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", + "markdownDescription": "The conditional formatting for the text color.", + "title": "TextColor" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TextControlPlaceholderOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility configuration of the placeholder options in a text control.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TextFieldControlDisplayOptions": { + "additionalProperties": false, + "properties": { + "InfoIconLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", + "markdownDescription": "The configuration of info icon label options.", + "title": "InfoIconLabelOptions" + }, + "PlaceholderOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", + "markdownDescription": "The configuration of the placeholder options in a text field control.", + "title": "PlaceholderOptions" + }, + "TitleOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", + "markdownDescription": "The options to configure the title visibility, name, and font size.", + "title": "TitleOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.ThousandSeparatorOptions": { + "additionalProperties": false, + "properties": { + "GroupingStyle": { + "markdownDescription": "Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores.", + "title": "GroupingStyle", + "type": "string" + }, + "Symbol": { + "markdownDescription": "Determines the thousands separator symbol.", + "title": "Symbol", + "type": "string" + }, + "Visibility": { + "markdownDescription": "Determines the visibility of the thousands separator.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TimeBasedForecastProperties": { + "additionalProperties": false, + "properties": { + "LowerBoundary": { + "markdownDescription": "The lower boundary setup of a forecast computation.", + "title": "LowerBoundary", + "type": "number" + }, + "PeriodsBackward": { + "markdownDescription": "The periods backward setup of a forecast computation.", + "title": "PeriodsBackward", + "type": "number" + }, + "PeriodsForward": { + "markdownDescription": "The periods forward setup of a forecast computation.", + "title": "PeriodsForward", + "type": "number" + }, + "PredictionInterval": { + "markdownDescription": "The prediction interval setup of a forecast computation.", + "title": "PredictionInterval", + "type": "number" + }, + "Seasonality": { + "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", + "title": "Seasonality", + "type": "number" + }, + "UpperBoundary": { + "markdownDescription": "The upper boundary setup of a forecast computation.", + "title": "UpperBoundary", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TimeEqualityFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", + "title": "ParameterName", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", + "title": "RollingDate" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TimeRangeDrillDownFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "RangeMaximum": { + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximum", + "type": "string" + }, + "RangeMinimum": { + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimum", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "RangeMaximum", + "RangeMinimum", + "TimeGranularity" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TimeRangeFilter": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that the filter is applied to.", + "title": "Column" + }, + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "ExcludePeriodConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", + "markdownDescription": "The exclude period of the time range filter.", + "title": "ExcludePeriodConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "IncludeMaximum": { + "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", + "title": "IncludeMaximum", + "type": "boolean" + }, + "IncludeMinimum": { + "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", + "title": "IncludeMinimum", + "type": "boolean" + }, + "NullOption": { + "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", + "title": "NullOption", + "type": "string" + }, + "RangeMaximumValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", + "markdownDescription": "The maximum value for the filter value range.", + "title": "RangeMaximumValue" + }, + "RangeMinimumValue": { + "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", + "markdownDescription": "The minimum value for the filter value range.", + "title": "RangeMinimumValue" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "Column", + "FilterId", + "NullOption" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TimeRangeFilterValue": { + "additionalProperties": false, + "properties": { + "Parameter": { + "markdownDescription": "The parameter type input value.", + "title": "Parameter", + "type": "string" + }, + "RollingDate": { + "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", + "markdownDescription": "The rolling date input value.", + "title": "RollingDate" + }, + "StaticValue": { + "markdownDescription": "The static input value.", + "title": "StaticValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TooltipItem": { + "additionalProperties": false, + "properties": { + "ColumnTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnTooltipItem", + "markdownDescription": "The tooltip item for the columns that are not part of a field well.", + "title": "ColumnTooltipItem" + }, + "FieldTooltipItem": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldTooltipItem", + "markdownDescription": "The tooltip item for the fields.", + "title": "FieldTooltipItem" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TooltipOptions": { + "additionalProperties": false, + "properties": { + "FieldBasedTooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldBasedTooltip", + "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", + "title": "FieldBasedTooltip" + }, + "SelectedTooltipType": { + "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", + "title": "SelectedTooltipType", + "type": "string" + }, + "TooltipVisibility": { + "markdownDescription": "Determines whether or not the tooltip is visible.", + "title": "TooltipVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TopBottomFilter": { + "additionalProperties": false, + "properties": { + "AggregationSortConfigurations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.AggregationSortConfiguration" + }, + "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", + "title": "AggregationSortConfigurations", + "type": "array" + }, + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DefaultFilterControlConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", + "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", + "title": "DefaultFilterControlConfiguration" + }, + "FilterId": { + "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", + "title": "FilterId", + "type": "string" + }, + "Limit": { + "markdownDescription": "The number of items to include in the top bottom filter results.", + "title": "Limit", + "type": "number" + }, + "ParameterName": { + "markdownDescription": "The parameter whose value should be used for the filter value.", + "title": "ParameterName", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "AggregationSortConfigurations", + "Column", + "FilterId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TopBottomMoversComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "MoverSize": { + "markdownDescription": "The mover size setup of the top and bottom movers computation.", + "title": "MoverSize", + "type": "number" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "SortOrder": { + "markdownDescription": "The sort order setup of the top and bottom movers computation.", + "title": "SortOrder", + "type": "string" + }, + "Time": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The time field that is used in a computation.", + "title": "Time" + }, + "Type": { + "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TopBottomRankedComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "ResultSize": { + "markdownDescription": "The result size of a top and bottom ranked computation.", + "title": "ResultSize", + "type": "number" + }, + "Type": { + "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", + "title": "Type", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId", + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TotalAggregationComputation": { + "additionalProperties": false, + "properties": { + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", + "markdownDescription": "The value field that is used in a computation.", + "title": "Value" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TotalAggregationFunction": { + "additionalProperties": false, + "properties": { + "SimpleTotalAggregationFunction": { + "markdownDescription": "A built in aggregation function for total values.", + "title": "SimpleTotalAggregationFunction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TotalAggregationOption": { + "additionalProperties": false, + "properties": { + "FieldId": { + "markdownDescription": "The field id that's associated with the total aggregation option.", + "title": "FieldId", + "type": "string" + }, + "TotalAggregationFunction": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationFunction", + "markdownDescription": "The total aggregation function that you want to set for a specified field id.", + "title": "TotalAggregationFunction" + } + }, + "required": [ + "FieldId", + "TotalAggregationFunction" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TotalOptions": { + "additionalProperties": false, + "properties": { + "CustomLabel": { + "markdownDescription": "The custom label string for the total cells.", + "title": "CustomLabel", + "type": "string" + }, + "Placement": { + "markdownDescription": "The placement (start, end) for the total cells.", + "title": "Placement", + "type": "string" + }, + "ScrollStatus": { + "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", + "title": "ScrollStatus", + "type": "string" + }, + "TotalAggregationOptions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" + }, + "markdownDescription": "The total aggregation settings for each value field.", + "title": "TotalAggregationOptions", + "type": "array" + }, + "TotalCellStyle": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", + "markdownDescription": "Cell styling options for the total cells.", + "title": "TotalCellStyle" + }, + "TotalsVisibility": { + "markdownDescription": "The visibility configuration for the total cells.", + "title": "TotalsVisibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TransposedTableOption": { + "additionalProperties": false, + "properties": { + "ColumnIndex": { + "markdownDescription": "The index of a columns in a transposed table. The index range is 0-9999.", + "title": "ColumnIndex", + "type": "number" + }, + "ColumnType": { + "markdownDescription": "The column type of the column in a transposed table. Choose one of the following options:\n\n- `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table.\n- `VALUE_COLUMN` : Refers to all value columns in the transposed table.", + "title": "ColumnType", + "type": "string" + }, + "ColumnWidth": { + "markdownDescription": "The width of a column in a transposed table.", + "title": "ColumnWidth", + "type": "string" + } + }, + "required": [ + "ColumnType" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", + "title": "Colors", + "type": "array" + }, + "Groups": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", + "title": "Groups", + "type": "array" + }, + "Sizes": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", + "title": "Sizes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapConfiguration": { + "additionalProperties": false, + "properties": { + "ColorLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", + "title": "ColorLabelOptions" + }, + "ColorScale": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", + "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", + "title": "ColorScale" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The options that determine if visual data labels are displayed.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "GroupLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", + "title": "GroupLabelOptions" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend display setup of the visual.", + "title": "Legend" + }, + "SizeLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", + "title": "SizeLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapSortConfiguration", + "markdownDescription": "The sort configuration of a tree map.", + "title": "SortConfiguration" + }, + "Tooltip": { + "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", + "markdownDescription": "The tooltip display setup of the visual.", + "title": "Tooltip" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapFieldWells": { + "additionalProperties": false, + "properties": { + "TreeMapAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a tree map.", + "title": "TreeMapAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapSortConfiguration": { + "additionalProperties": false, + "properties": { + "TreeMapGroupItemsLimitConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed.", + "title": "TreeMapGroupItemsLimitConfiguration" + }, + "TreeMapSort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "TreeMapSort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.TreeMapVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.TrendArrowOptions": { + "additionalProperties": false, + "properties": { + "Visibility": { + "markdownDescription": "The visibility of the trend arrows.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.UnaggregatedField": { + "additionalProperties": false, + "properties": { + "Column": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", + "markdownDescription": "The column that is used in the `UnaggregatedField` .", + "title": "Column" + }, + "FieldId": { + "markdownDescription": "The custom field ID.", + "title": "FieldId", + "type": "string" + }, + "FormatConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", + "markdownDescription": "The format configuration of the field.", + "title": "FormatConfiguration" + } + }, + "required": [ + "Column", + "FieldId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.UniqueValuesComputation": { + "additionalProperties": false, + "properties": { + "Category": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", + "markdownDescription": "The category field that is used in a computation.", + "title": "Category" + }, + "ComputationId": { + "markdownDescription": "The ID for a computation.", + "title": "ComputationId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a computation.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ComputationId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.ValidationStrategy": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", + "title": "Mode", + "type": "string" + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::QuickSight::Template.VisibleRangeOptions": { + "additionalProperties": false, + "properties": { + "PercentRange": { + "$ref": "#/definitions/AWS::QuickSight::Template.PercentVisibleRange", + "markdownDescription": "The percent range in the visible range.", + "title": "PercentRange" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.Visual": { + "additionalProperties": false, + "properties": { + "BarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.BarChartVisual", + "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "BarChartVisual" + }, + "BoxPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotVisual", + "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", + "title": "BoxPlotVisual" + }, + "ComboChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartVisual", + "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "ComboChartVisual" + }, + "CustomContentVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentVisual", + "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "CustomContentVisual" + }, + "EmptyVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.EmptyVisual", + "markdownDescription": "An empty visual.", + "title": "EmptyVisual" + }, + "FilledMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapVisual", + "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "FilledMapVisual" + }, + "FunnelChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartVisual", + "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", + "title": "FunnelChartVisual" + }, + "GaugeChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartVisual", + "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "GaugeChartVisual" + }, + "GeospatialMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapVisual", + "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", + "title": "GeospatialMapVisual" + }, + "HeatMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapVisual", + "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", + "title": "HeatMapVisual" + }, + "HistogramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.HistogramVisual", + "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "HistogramVisual" + }, + "InsightVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.InsightVisual", + "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", + "title": "InsightVisual" + }, + "KPIVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisual", + "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", + "title": "KPIVisual" + }, + "LineChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.LineChartVisual", + "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", + "title": "LineChartVisual" + }, + "PieChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PieChartVisual", + "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "PieChartVisual" + }, + "PivotTableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableVisual", + "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", + "title": "PivotTableVisual" + }, + "PluginVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.PluginVisual", + "markdownDescription": "The custom plugin visual type.", + "title": "PluginVisual" + }, + "RadarChartVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartVisual", + "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "RadarChartVisual" + }, + "SankeyDiagramVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramVisual", + "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", + "title": "SankeyDiagramVisual" + }, + "ScatterPlotVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotVisual", + "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", + "title": "ScatterPlotVisual" + }, + "TableVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.TableVisual", + "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", + "title": "TableVisual" + }, + "TreeMapVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapVisual", + "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", + "title": "TreeMapVisual" + }, + "WaterfallVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallVisual", + "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", + "title": "WaterfallVisual" + }, + "WordCloudVisual": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudVisual", + "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", + "title": "WordCloudVisual" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualCustomAction": { + "additionalProperties": false, + "properties": { + "ActionOperations": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomActionOperation" + }, + "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", + "title": "ActionOperations", + "type": "array" + }, + "CustomActionId": { + "markdownDescription": "The ID of the `VisualCustomAction` .", + "title": "CustomActionId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the `VisualCustomAction` .", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the `VisualCustomAction` .", + "title": "Status", + "type": "string" + }, + "Trigger": { + "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", + "title": "Trigger", + "type": "string" + } + }, + "required": [ + "ActionOperations", + "CustomActionId", + "Name", + "Trigger" + ], + "type": "object" + }, + "AWS::QuickSight::Template.VisualCustomActionOperation": { + "additionalProperties": false, + "properties": { + "FilterOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionFilterOperation", + "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", + "title": "FilterOperation" + }, + "NavigationOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", + "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", + "title": "NavigationOperation" + }, + "SetParametersOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", + "markdownDescription": "The set parameter operation that sets parameters in custom action.", + "title": "SetParametersOperation" + }, + "URLOperation": { + "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", + "markdownDescription": "The URL operation that opens a link to another webpage.", + "title": "URLOperation" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualInteractionOptions": { + "additionalProperties": false, + "properties": { + "ContextMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.ContextMenuOption", + "markdownDescription": "The context menu options for a visual.", + "title": "ContextMenuOption" + }, + "VisualMenuOption": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualMenuOption", + "markdownDescription": "The on-visual menu options for a visual.", + "title": "VisualMenuOption" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualMenuOption": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availaiblity status of a visual's menu options.", + "title": "AvailabilityStatus", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualPalette": { + "additionalProperties": false, + "properties": { + "ChartColor": { + "markdownDescription": "The chart color options for the visual palette.", + "title": "ChartColor", + "type": "string" + }, + "ColorMap": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataPathColor" + }, + "markdownDescription": "The color map options for the visual palette.", + "title": "ColorMap", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualSubtitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Template.LongFormatText", + "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the subtitle label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.VisualTitleLabelOptions": { + "additionalProperties": false, + "properties": { + "FormatText": { + "$ref": "#/definitions/AWS::QuickSight::Template.ShortFormatText", + "markdownDescription": "The short text format of the title label, such as plain text or rich text.", + "title": "FormatText" + }, + "Visibility": { + "markdownDescription": "The visibility of the title label.", + "title": "Visibility", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "Breakdowns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The breakdown field wells of a waterfall visual.", + "title": "Breakdowns", + "type": "array" + }, + "Categories": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The category field wells of a waterfall visual.", + "title": "Categories", + "type": "array" + }, + "Values": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The value field wells of a waterfall visual.", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartColorConfiguration": { + "additionalProperties": false, + "properties": { + "GroupColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartGroupColorConfiguration", + "markdownDescription": "The color configuration for individual groups within a waterfall visual.", + "title": "GroupColorConfiguration" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the category axis.", + "title": "CategoryAxisDisplayOptions" + }, + "CategoryAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the category axis label.", + "title": "CategoryAxisLabelOptions" + }, + "ColorConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartColorConfiguration", + "markdownDescription": "The color configuration of a waterfall visual.", + "title": "ColorConfiguration" + }, + "DataLabels": { + "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", + "markdownDescription": "The data label configuration of a waterfall visual.", + "title": "DataLabels" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "Legend": { + "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", + "markdownDescription": "The legend configuration of a waterfall visual.", + "title": "Legend" + }, + "PrimaryYAxisDisplayOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", + "markdownDescription": "The options that determine the presentation of the y-axis.", + "title": "PrimaryYAxisDisplayOptions" + }, + "PrimaryYAxisLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The options that determine the presentation of the y-axis label.", + "title": "PrimaryYAxisLabelOptions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartSortConfiguration", + "markdownDescription": "The sort configuration of a waterfall visual.", + "title": "SortConfiguration" + }, + "VisualPalette": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", + "markdownDescription": "The visual palette configuration of a waterfall visual.", + "title": "VisualPalette" + }, + "WaterfallChartOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartOptions", + "markdownDescription": "The options that determine the presentation of a waterfall visual.", + "title": "WaterfallChartOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartFieldWells": { + "additionalProperties": false, + "properties": { + "WaterfallChartAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells", + "markdownDescription": "The field well configuration of a waterfall visual.", + "title": "WaterfallChartAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartGroupColorConfiguration": { + "additionalProperties": false, + "properties": { + "NegativeBarColor": { + "markdownDescription": "Defines the color for the negative bars of a waterfall chart.", + "title": "NegativeBarColor", + "type": "string" + }, + "PositiveBarColor": { + "markdownDescription": "Defines the color for the positive bars of a waterfall chart.", + "title": "PositiveBarColor", + "type": "string" + }, + "TotalBarColor": { + "markdownDescription": "Defines the color for the total bars of a waterfall chart.", + "title": "TotalBarColor", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartOptions": { + "additionalProperties": false, + "properties": { + "TotalBarLabel": { + "markdownDescription": "This option determines the total bar label of a waterfall visual.", + "title": "TotalBarLabel", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallChartSortConfiguration": { + "additionalProperties": false, + "properties": { + "BreakdownItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of bar groups that are displayed.", + "title": "BreakdownItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of the category fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WaterfallVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartConfiguration", + "markdownDescription": "The configuration for a waterfall visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WhatIfPointScenario": { + "additionalProperties": false, + "properties": { + "Date": { + "markdownDescription": "The date that you need the forecast results for.", + "title": "Date", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Date", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WhatIfRangeScenario": { + "additionalProperties": false, + "properties": { + "EndDate": { + "markdownDescription": "The end date in the date range that you need the forecast results for.", + "title": "EndDate", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The start date in the date range that you need the forecast results for.", + "title": "StartDate", + "type": "string" + }, + "Value": { + "markdownDescription": "The target value that you want to meet for the provided date range.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "EndDate", + "StartDate", + "Value" + ], + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudAggregatedFieldWells": { + "additionalProperties": false, + "properties": { + "GroupBy": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + }, + "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", + "title": "GroupBy", + "type": "array" + }, + "Size": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + }, + "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", + "title": "Size", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudChartConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryLabelOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", + "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", + "title": "CategoryLabelOptions" + }, + "FieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudFieldWells", + "markdownDescription": "The field wells of the visual.", + "title": "FieldWells" + }, + "Interactions": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualInteractionOptions", + "markdownDescription": "The general visual interactions setup for a visual.", + "title": "Interactions" + }, + "SortConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudSortConfiguration", + "markdownDescription": "The sort configuration of a word cloud visual.", + "title": "SortConfiguration" + }, + "WordCloudOptions": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudOptions", + "markdownDescription": "The options for a word cloud visual.", + "title": "WordCloudOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudFieldWells": { + "additionalProperties": false, + "properties": { + "WordCloudAggregatedFieldWells": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudAggregatedFieldWells", + "markdownDescription": "The aggregated field wells of a word cloud.", + "title": "WordCloudAggregatedFieldWells" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudOptions": { + "additionalProperties": false, + "properties": { + "CloudLayout": { + "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", + "title": "CloudLayout", + "type": "string" + }, + "MaximumStringLength": { + "markdownDescription": "The length limit of each word from 1-100.", + "title": "MaximumStringLength", + "type": "number" + }, + "WordCasing": { + "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", + "title": "WordCasing", + "type": "string" + }, + "WordOrientation": { + "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", + "title": "WordOrientation", + "type": "string" + }, + "WordPadding": { + "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", + "title": "WordPadding", + "type": "string" + }, + "WordScaling": { + "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", + "title": "WordScaling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudSortConfiguration": { + "additionalProperties": false, + "properties": { + "CategoryItemsLimit": { + "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", + "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", + "title": "CategoryItemsLimit" + }, + "CategorySort": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + }, + "markdownDescription": "The sort configuration of group by fields.", + "title": "CategorySort", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Template.WordCloudVisual": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" + }, + "markdownDescription": "The list of custom actions that are configured for a visual.", + "title": "Actions", + "type": "array" + }, + "ChartConfiguration": { + "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudChartConfiguration", + "markdownDescription": "The configuration settings of the visual.", + "title": "ChartConfiguration" + }, + "ColumnHierarchies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + }, + "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", + "title": "ColumnHierarchies", + "type": "array" + }, + "Subtitle": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", + "markdownDescription": "The subtitle that is displayed on the visual.", + "title": "Subtitle" + }, + "Title": { + "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", + "markdownDescription": "The title that is displayed on the visual.", + "title": "Title" + }, + "VisualContentAltText": { + "markdownDescription": "The alt text for the visual.", + "title": "VisualContentAltText", + "type": "string" + }, + "VisualId": { + "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", + "title": "VisualId", + "type": "string" + } + }, + "required": [ + "VisualId" + ], + "type": "object" + }, + "AWS::QuickSight::Template.YAxisOptions": { + "additionalProperties": false, + "properties": { + "YAxis": { + "markdownDescription": "The Y axis type to be used in the chart.\n\nIf you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart.", + "title": "YAxis", + "type": "string" + } + }, + "required": [ + "YAxis" + ], + "type": "object" + }, + "AWS::QuickSight::Theme": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account where you want to store the new theme.", + "title": "AwsAccountId", + "type": "string" + }, + "BaseThemeId": { + "markdownDescription": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis.", + "title": "BaseThemeId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", + "markdownDescription": "The theme configuration, which contains the theme display properties.", + "title": "Configuration" + }, + "Name": { + "markdownDescription": "A display name for the theme.", + "title": "Name", + "type": "string" + }, + "Permissions": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ResourcePermission" + }, + "markdownDescription": "A valid grouping of resource permissions to apply to the new theme.", + "title": "Permissions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource.", + "title": "Tags", + "type": "array" + }, + "ThemeId": { + "markdownDescription": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account.", + "title": "ThemeId", + "type": "string" + }, + "VersionDescription": { + "markdownDescription": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field.", + "title": "VersionDescription", + "type": "string" + } + }, + "required": [ + "AwsAccountId", + "BaseThemeId", + "Configuration", + "Name", + "ThemeId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Theme" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::QuickSight::Theme.BorderStyle": { + "additionalProperties": false, + "properties": { + "Show": { + "markdownDescription": "The option to enable display of borders for visuals.", + "title": "Show", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.DataColorPalette": { + "additionalProperties": false, + "properties": { + "Colors": { + "items": { + "type": "string" + }, + "markdownDescription": "The hexadecimal codes for the colors.", + "title": "Colors", + "type": "array" + }, + "EmptyFillColor": { + "markdownDescription": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.", + "title": "EmptyFillColor", + "type": "string" + }, + "MinMaxGradient": { + "items": { + "type": "string" + }, + "markdownDescription": "The minimum and maximum hexadecimal codes that describe a color gradient.", + "title": "MinMaxGradient", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.Font": { + "additionalProperties": false, + "properties": { + "FontFamily": { + "markdownDescription": "Determines the font family settings.", + "title": "FontFamily", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.GutterStyle": { + "additionalProperties": false, + "properties": { + "Show": { + "markdownDescription": "This Boolean value controls whether to display a gutter space between sheet tiles.", + "title": "Show", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.MarginStyle": { + "additionalProperties": false, + "properties": { + "Show": { + "markdownDescription": "This Boolean value controls whether to display sheet margins.", + "title": "Show", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ResourcePermission": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "The IAM action to grant or revoke permissions on.", + "title": "Actions", + "type": "array" + }, + "Principal": { + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "Actions", + "Principal" + ], + "type": "object" + }, + "AWS::QuickSight::Theme.SheetStyle": { + "additionalProperties": false, + "properties": { + "Tile": { + "$ref": "#/definitions/AWS::QuickSight::Theme.TileStyle", + "markdownDescription": "The display options for tiles.", + "title": "Tile" + }, + "TileLayout": { + "$ref": "#/definitions/AWS::QuickSight::Theme.TileLayoutStyle", + "markdownDescription": "The layout options for tiles.", + "title": "TileLayout" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ThemeConfiguration": { + "additionalProperties": false, + "properties": { + "DataColorPalette": { + "$ref": "#/definitions/AWS::QuickSight::Theme.DataColorPalette", + "markdownDescription": "Color properties that apply to chart data colors.", + "title": "DataColorPalette" + }, + "Sheet": { + "$ref": "#/definitions/AWS::QuickSight::Theme.SheetStyle", + "markdownDescription": "Display options related to sheets.", + "title": "Sheet" + }, + "Typography": { + "$ref": "#/definitions/AWS::QuickSight::Theme.Typography", + "markdownDescription": "Determines the typography options.", + "title": "Typography" + }, + "UIColorPalette": { + "$ref": "#/definitions/AWS::QuickSight::Theme.UIColorPalette", + "markdownDescription": "Color properties that apply to the UI and to charts, excluding the colors that apply to data.", + "title": "UIColorPalette" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ThemeError": { + "additionalProperties": false, + "properties": { + "Message": { + "markdownDescription": "The error message.", + "title": "Message", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of error.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.ThemeVersion": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "title": "Arn", + "type": "string" + }, + "BaseThemeId": { + "markdownDescription": "The Amazon QuickSight-defined ID of the theme that a custom theme inherits from. All themes initially inherit from a default Amazon QuickSight theme.", + "title": "BaseThemeId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", + "markdownDescription": "The theme configuration, which contains all the theme display properties.", + "title": "Configuration" + }, + "CreatedTime": { + "markdownDescription": "The date and time that this theme version was created.", + "title": "CreatedTime", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the theme.", + "title": "Description", + "type": "string" + }, + "Errors": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeError" + }, + "markdownDescription": "Errors associated with the theme.", + "title": "Errors", + "type": "array" + }, + "Status": { + "markdownDescription": "The status of the theme version.", + "title": "Status", + "type": "string" + }, + "VersionNumber": { + "markdownDescription": "The version number of the theme.", + "title": "VersionNumber", + "type": "number" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.TileLayoutStyle": { + "additionalProperties": false, + "properties": { + "Gutter": { + "$ref": "#/definitions/AWS::QuickSight::Theme.GutterStyle", + "markdownDescription": "The gutter settings that apply between tiles.", + "title": "Gutter" + }, + "Margin": { + "$ref": "#/definitions/AWS::QuickSight::Theme.MarginStyle", + "markdownDescription": "The margin settings that apply around the outside edge of sheets.", + "title": "Margin" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.TileStyle": { + "additionalProperties": false, + "properties": { + "Border": { + "$ref": "#/definitions/AWS::QuickSight::Theme.BorderStyle", + "markdownDescription": "The border around a tile.", + "title": "Border" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.Typography": { + "additionalProperties": false, + "properties": { + "FontFamilies": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Theme.Font" + }, + "markdownDescription": "Determines the list of font families.", + "title": "FontFamilies", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Theme.UIColorPalette": { + "additionalProperties": false, + "properties": { + "Accent": { + "markdownDescription": "This color is that applies to selected states and buttons.", + "title": "Accent", + "type": "string" + }, + "AccentForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the accent color.", + "title": "AccentForeground", + "type": "string" + }, + "Danger": { + "markdownDescription": "The color that applies to error messages.", + "title": "Danger", + "type": "string" + }, + "DangerForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the error color.", + "title": "DangerForeground", + "type": "string" + }, + "Dimension": { + "markdownDescription": "The color that applies to the names of fields that are identified as dimensions.", + "title": "Dimension", + "type": "string" + }, + "DimensionForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the dimension color.", + "title": "DimensionForeground", + "type": "string" + }, + "Measure": { + "markdownDescription": "The color that applies to the names of fields that are identified as measures.", + "title": "Measure", + "type": "string" + }, + "MeasureForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the measure color.", + "title": "MeasureForeground", + "type": "string" + }, + "PrimaryBackground": { + "markdownDescription": "The background color that applies to visuals and other high emphasis UI.", + "title": "PrimaryBackground", + "type": "string" + }, + "PrimaryForeground": { + "markdownDescription": "The color of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.", + "title": "PrimaryForeground", + "type": "string" + }, + "SecondaryBackground": { + "markdownDescription": "The background color that applies to the sheet background and sheet controls.", + "title": "SecondaryBackground", + "type": "string" + }, + "SecondaryForeground": { + "markdownDescription": "The foreground color that applies to any sheet title, sheet control text, or UI that appears over the secondary background.", + "title": "SecondaryForeground", + "type": "string" + }, + "Success": { + "markdownDescription": "The color that applies to success messages, for example the check mark for a successful download.", + "title": "Success", + "type": "string" + }, + "SuccessForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the success color.", + "title": "SuccessForeground", + "type": "string" + }, + "Warning": { + "markdownDescription": "This color that applies to warning and informational messages.", + "title": "Warning", + "type": "string" + }, + "WarningForeground": { + "markdownDescription": "The foreground color that applies to any text or other elements that appear over the warning color.", + "title": "WarningForeground", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AwsAccountId": { + "markdownDescription": "The ID of the AWS account that you want to create a topic in.", + "title": "AwsAccountId", + "type": "string" + }, + "ConfigOptions": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicConfigOptions", + "markdownDescription": "Configuration options for a `Topic` .", + "title": "ConfigOptions" + }, + "DataSets": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DatasetMetadata" + }, + "markdownDescription": "The data sets that the topic is associated with.", + "title": "DataSets", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the topic.", + "title": "Description", + "type": "string" + }, + "FolderArns": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "FolderArns", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the topic.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + }, + "TopicId": { + "markdownDescription": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", + "title": "TopicId", + "type": "string" + }, + "UserExperienceVersion": { + "markdownDescription": "The user experience version of the topic.", + "title": "UserExperienceVersion", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::Topic" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.CellValueSynonym": { + "additionalProperties": false, + "properties": { + "CellValue": { + "markdownDescription": "The cell value.", + "title": "CellValue", + "type": "string" + }, + "Synonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "Other names or aliases for the cell value.", + "title": "Synonyms", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.CollectiveConstant": { + "additionalProperties": false, + "properties": { + "ValueList": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of values for the collective constant.", + "title": "ValueList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.ComparativeOrder": { + "additionalProperties": false, + "properties": { + "SpecifedOrder": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of columns to be used in the ordering.", + "title": "SpecifedOrder", + "type": "array" + }, + "TreatUndefinedSpecifiedValues": { + "markdownDescription": "The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` .", + "title": "TreatUndefinedSpecifiedValues", + "type": "string" + }, + "UseOrdering": { + "markdownDescription": "The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` .", + "title": "UseOrdering", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.DataAggregation": { + "additionalProperties": false, + "properties": { + "DatasetRowDateGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "DatasetRowDateGranularity", + "type": "string" + }, + "DefaultDateColumnName": { + "markdownDescription": "The column name for the default date.", + "title": "DefaultDateColumnName", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.DatasetMetadata": { + "additionalProperties": false, + "properties": { + "CalculatedFields": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCalculatedField" + }, + "markdownDescription": "The list of calculated field definitions.", + "title": "CalculatedFields", + "type": "array" + }, + "Columns": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicColumn" + }, + "markdownDescription": "The list of column definitions.", + "title": "Columns", + "type": "array" + }, + "DataAggregation": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DataAggregation", + "markdownDescription": "The definition of a data aggregation.", + "title": "DataAggregation" + }, + "DatasetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the dataset.", + "title": "DatasetArn", + "type": "string" + }, + "DatasetDescription": { + "markdownDescription": "The description of the dataset.", + "title": "DatasetDescription", + "type": "string" + }, + "DatasetName": { + "markdownDescription": "The name of the dataset.", + "title": "DatasetName", + "type": "string" + }, + "Filters": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicFilter" + }, + "markdownDescription": "The list of filter definitions.", + "title": "Filters", + "type": "array" + }, + "NamedEntities": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNamedEntity" + }, + "markdownDescription": "The list of named entities definitions.", + "title": "NamedEntities", + "type": "array" + } + }, + "required": [ + "DatasetArn" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.DefaultFormatting": { + "additionalProperties": false, + "properties": { + "DisplayFormat": { + "markdownDescription": "The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` .", + "title": "DisplayFormat", + "type": "string" + }, + "DisplayFormatOptions": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DisplayFormatOptions", + "markdownDescription": "The additional options for display formatting.", + "title": "DisplayFormatOptions" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.DisplayFormatOptions": { + "additionalProperties": false, + "properties": { + "BlankCellFormat": { + "markdownDescription": "Determines the blank cell format.", + "title": "BlankCellFormat", + "type": "string" + }, + "CurrencySymbol": { + "markdownDescription": "The currency symbol, such as `USD` .", + "title": "CurrencySymbol", + "type": "string" + }, + "DateFormat": { + "markdownDescription": "Determines the `DateTime` format.", + "title": "DateFormat", + "type": "string" + }, + "DecimalSeparator": { + "markdownDescription": "Determines the decimal separator.", + "title": "DecimalSeparator", + "type": "string" + }, + "FractionDigits": { + "markdownDescription": "Determines the number of fraction digits.", + "title": "FractionDigits", + "type": "number" + }, + "GroupingSeparator": { + "markdownDescription": "Determines the grouping separator.", + "title": "GroupingSeparator", + "type": "string" + }, + "NegativeFormat": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NegativeFormat", + "markdownDescription": "The negative format.", + "title": "NegativeFormat" + }, + "Prefix": { + "markdownDescription": "The prefix value for a display format.", + "title": "Prefix", + "type": "string" + }, + "Suffix": { + "markdownDescription": "The suffix value for a display format.", + "title": "Suffix", + "type": "string" + }, + "UnitScaler": { + "markdownDescription": "The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` .", + "title": "UnitScaler", + "type": "string" + }, + "UseBlankCellFormat": { + "markdownDescription": "A Boolean value that indicates whether to use blank cell format.", + "title": "UseBlankCellFormat", + "type": "boolean" + }, + "UseGrouping": { + "markdownDescription": "A Boolean value that indicates whether to use grouping.", + "title": "UseGrouping", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.NamedEntityDefinition": { + "additionalProperties": false, + "properties": { + "FieldName": { + "markdownDescription": "The name of the entity.", + "title": "FieldName", + "type": "string" + }, + "Metric": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinitionMetric", + "markdownDescription": "The definition of a metric.", + "title": "Metric" + }, + "PropertyName": { + "markdownDescription": "The property name to be used for the named entity.", + "title": "PropertyName", + "type": "string" + }, + "PropertyRole": { + "markdownDescription": "The property role. Valid values for this structure are `PRIMARY` and `ID` .", + "title": "PropertyRole", + "type": "string" + }, + "PropertyUsage": { + "markdownDescription": "The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` .", + "title": "PropertyUsage", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.NamedEntityDefinitionMetric": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` .", + "title": "Aggregation", + "type": "string" + }, + "AggregationFunctionParameters": { + "additionalProperties": true, + "markdownDescription": "The additional parameters for an aggregation function.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AggregationFunctionParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.NegativeFormat": { + "additionalProperties": false, + "properties": { + "Prefix": { + "markdownDescription": "The prefix for a negative format.", + "title": "Prefix", + "type": "string" + }, + "Suffix": { + "markdownDescription": "The suffix for a negative format.", + "title": "Suffix", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.RangeConstant": { + "additionalProperties": false, + "properties": { + "Maximum": { + "markdownDescription": "The maximum value for a range constant.", + "title": "Maximum", + "type": "string" + }, + "Minimum": { + "markdownDescription": "The minimum value for a range constant.", + "title": "Minimum", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.SemanticEntityType": { + "additionalProperties": false, + "properties": { + "SubTypeName": { + "markdownDescription": "The semantic entity sub type name.", + "title": "SubTypeName", + "type": "string" + }, + "TypeName": { + "markdownDescription": "The semantic entity type name.", + "title": "TypeName", + "type": "string" + }, + "TypeParameters": { + "additionalProperties": true, + "markdownDescription": "The semantic entity type parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TypeParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.SemanticType": { + "additionalProperties": false, + "properties": { + "FalseyCellValue": { + "markdownDescription": "The semantic type falsey cell value.", + "title": "FalseyCellValue", + "type": "string" + }, + "FalseyCellValueSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the false cell value.", + "title": "FalseyCellValueSynonyms", + "type": "array" + }, + "SubTypeName": { + "markdownDescription": "The semantic type sub type name.", + "title": "SubTypeName", + "type": "string" + }, + "TruthyCellValue": { + "markdownDescription": "The semantic type truthy cell value.", + "title": "TruthyCellValue", + "type": "string" + }, + "TruthyCellValueSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the true cell value.", + "title": "TruthyCellValueSynonyms", + "type": "array" + }, + "TypeName": { + "markdownDescription": "The semantic type name.", + "title": "TypeName", + "type": "string" + }, + "TypeParameters": { + "additionalProperties": true, + "markdownDescription": "The semantic type parameters.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "TypeParameters", + "type": "object" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicCalculatedField": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", + "title": "Aggregation", + "type": "string" + }, + "AllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "AllowedAggregations", + "type": "array" + }, + "CalculatedFieldDescription": { + "markdownDescription": "The calculated field description.", + "title": "CalculatedFieldDescription", + "type": "string" + }, + "CalculatedFieldName": { + "markdownDescription": "The calculated field name.", + "title": "CalculatedFieldName", + "type": "string" + }, + "CalculatedFieldSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the calculated field.", + "title": "CalculatedFieldSynonyms", + "type": "array" + }, + "CellValueSynonyms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + }, + "markdownDescription": "The other names or aliases for the calculated field cell value.", + "title": "CellValueSynonyms", + "type": "array" + }, + "ColumnDataRole": { + "markdownDescription": "The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` .", + "title": "ColumnDataRole", + "type": "string" + }, + "ComparativeOrder": { + "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", + "markdownDescription": "The order in which data is displayed for the calculated field when it's used in a comparative context.", + "title": "ComparativeOrder" + }, + "DefaultFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", + "markdownDescription": "The default formatting definition.", + "title": "DefaultFormatting" + }, + "DisableIndexing": { + "markdownDescription": "A Boolean value that indicates if a calculated field is visible in the autocomplete.", + "title": "DisableIndexing", + "type": "boolean" + }, + "Expression": { + "markdownDescription": "The calculated field expression.", + "title": "Expression", + "type": "string" + }, + "IsIncludedInTopic": { + "markdownDescription": "A boolean value that indicates if a calculated field is included in the topic.", + "title": "IsIncludedInTopic", + "type": "boolean" + }, + "NeverAggregateInFilter": { + "markdownDescription": "A Boolean value that indicates whether to never aggregate calculated field in filters.", + "title": "NeverAggregateInFilter", + "type": "boolean" + }, + "NonAdditive": { + "markdownDescription": "The non additive for the table style target.", + "title": "NonAdditive", + "type": "boolean" + }, + "NotAllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "NotAllowedAggregations", + "type": "array" + }, + "SemanticType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", + "markdownDescription": "The semantic type.", + "title": "SemanticType" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "CalculatedFieldName", + "Expression" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicCategoryFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilterFunction": { + "markdownDescription": "The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` .", + "title": "CategoryFilterFunction", + "type": "string" + }, + "CategoryFilterType": { + "markdownDescription": "The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter.", + "title": "CategoryFilterType", + "type": "string" + }, + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilterConstant", + "markdownDescription": "The constant used in a category filter.", + "title": "Constant" + }, + "Inverse": { + "markdownDescription": "A Boolean value that indicates if the filter is inverse.", + "title": "Inverse", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicCategoryFilterConstant": { + "additionalProperties": false, + "properties": { + "CollectiveConstant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CollectiveConstant", + "markdownDescription": "A collective constant used in a category filter. This element is used to specify a list of values for the constant.", + "title": "CollectiveConstant" + }, + "ConstantType": { + "markdownDescription": "The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` .", + "title": "ConstantType", + "type": "string" + }, + "SingularConstant": { + "markdownDescription": "A singular constant used in a category filter. This element is used to specify a single value for the constant.", + "title": "SingularConstant", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicColumn": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "The type of aggregation that is performed on the column data when it's queried.", + "title": "Aggregation", + "type": "string" + }, + "AllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "AllowedAggregations", + "type": "array" + }, + "CellValueSynonyms": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + }, + "markdownDescription": "The other names or aliases for the column cell value.", + "title": "CellValueSynonyms", + "type": "array" + }, + "ColumnDataRole": { + "markdownDescription": "The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` .", + "title": "ColumnDataRole", + "type": "string" + }, + "ColumnDescription": { + "markdownDescription": "A description of the column and its contents.", + "title": "ColumnDescription", + "type": "string" + }, + "ColumnFriendlyName": { + "markdownDescription": "A user-friendly name for the column.", + "title": "ColumnFriendlyName", + "type": "string" + }, + "ColumnName": { + "markdownDescription": "The name of the column.", + "title": "ColumnName", + "type": "string" + }, + "ColumnSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the column.", + "title": "ColumnSynonyms", + "type": "array" + }, + "ComparativeOrder": { + "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", + "markdownDescription": "The order in which data is displayed for the column when it's used in a comparative context.", + "title": "ComparativeOrder" + }, + "DefaultFormatting": { + "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", + "markdownDescription": "The default formatting used for values in the column.", + "title": "DefaultFormatting" + }, + "DisableIndexing": { + "markdownDescription": "A Boolean value that indicates whether the column shows in the autocomplete functionality.", + "title": "DisableIndexing", + "type": "boolean" + }, + "IsIncludedInTopic": { + "markdownDescription": "A Boolean value that indicates whether the column is included in the query results.", + "title": "IsIncludedInTopic", + "type": "boolean" + }, + "NeverAggregateInFilter": { + "markdownDescription": "A Boolean value that indicates whether to aggregate the column data when it's used in a filter context.", + "title": "NeverAggregateInFilter", + "type": "boolean" + }, + "NonAdditive": { + "markdownDescription": "The non additive value for the column.", + "title": "NonAdditive", + "type": "boolean" + }, + "NotAllowedAggregations": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", + "title": "NotAllowedAggregations", + "type": "array" + }, + "SemanticType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", + "markdownDescription": "The semantic type of data contained in the column.", + "title": "SemanticType" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "required": [ + "ColumnName" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicConfigOptions": { + "additionalProperties": false, + "properties": { + "QBusinessInsightsEnabled": { + "markdownDescription": "Enables Amazon Q Business Insights for a `Topic` .", + "title": "QBusinessInsightsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicDateRangeFilter": { + "additionalProperties": false, + "properties": { + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", + "markdownDescription": "The constant used in a date range filter.", + "title": "Constant" + }, + "Inclusive": { + "markdownDescription": "A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them.", + "title": "Inclusive", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicFilter": { + "additionalProperties": false, + "properties": { + "CategoryFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilter", + "markdownDescription": "The category filter that is associated with this filter.", + "title": "CategoryFilter" + }, + "DateRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicDateRangeFilter", + "markdownDescription": "The date range filter.", + "title": "DateRangeFilter" + }, + "FilterClass": { + "markdownDescription": "The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` .", + "title": "FilterClass", + "type": "string" + }, + "FilterDescription": { + "markdownDescription": "A description of the filter used to select items for a topic.", + "title": "FilterDescription", + "type": "string" + }, + "FilterName": { + "markdownDescription": "The name of the filter.", + "title": "FilterName", + "type": "string" + }, + "FilterSynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the filter.", + "title": "FilterSynonyms", + "type": "array" + }, + "FilterType": { + "markdownDescription": "The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` .", + "title": "FilterType", + "type": "string" + }, + "NumericEqualityFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericEqualityFilter", + "markdownDescription": "The numeric equality filter.", + "title": "NumericEqualityFilter" + }, + "NumericRangeFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericRangeFilter", + "markdownDescription": "The numeric range filter.", + "title": "NumericRangeFilter" + }, + "OperandFieldName": { + "markdownDescription": "The name of the field that the filter operates on.", + "title": "OperandFieldName", + "type": "string" + }, + "RelativeDateFilter": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRelativeDateFilter", + "markdownDescription": "The relative date filter.", + "title": "RelativeDateFilter" + } + }, + "required": [ + "FilterName", + "OperandFieldName" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicNamedEntity": { + "additionalProperties": false, + "properties": { + "Definition": { + "items": { + "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinition" + }, + "markdownDescription": "The definition of a named entity.", + "title": "Definition", + "type": "array" + }, + "EntityDescription": { + "markdownDescription": "The description of the named entity.", + "title": "EntityDescription", + "type": "string" + }, + "EntityName": { + "markdownDescription": "The name of the named entity.", + "title": "EntityName", + "type": "string" + }, + "EntitySynonyms": { + "items": { + "type": "string" + }, + "markdownDescription": "The other names or aliases for the named entity.", + "title": "EntitySynonyms", + "type": "array" + }, + "SemanticEntityType": { + "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticEntityType", + "markdownDescription": "The type of named entity that a topic represents.", + "title": "SemanticEntityType" + } + }, + "required": [ + "EntityName" + ], + "type": "object" + }, + "AWS::QuickSight::Topic.TopicNumericEqualityFilter": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", + "title": "Aggregation", + "type": "string" + }, + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", + "markdownDescription": "The constant used in a numeric equality filter.", + "title": "Constant" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicNumericRangeFilter": { + "additionalProperties": false, + "properties": { + "Aggregation": { + "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", + "title": "Aggregation", + "type": "string" + }, + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", + "markdownDescription": "The constant used in a numeric range filter.", + "title": "Constant" + }, + "Inclusive": { + "markdownDescription": "A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter.", + "title": "Inclusive", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicRangeFilterConstant": { + "additionalProperties": false, + "properties": { + "ConstantType": { + "markdownDescription": "The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` .", + "title": "ConstantType", + "type": "string" + }, + "RangeConstant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.RangeConstant", + "markdownDescription": "The value of the constant that is used to specify the endpoints of a range filter.", + "title": "RangeConstant" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicRelativeDateFilter": { + "additionalProperties": false, + "properties": { + "Constant": { + "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", + "markdownDescription": "The constant used in a relative date filter.", + "title": "Constant" + }, + "RelativeDateFilterFunction": { + "markdownDescription": "The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` .", + "title": "RelativeDateFilterFunction", + "type": "string" + }, + "TimeGranularity": { + "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", + "title": "TimeGranularity", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::Topic.TopicSingularFilterConstant": { + "additionalProperties": false, + "properties": { + "ConstantType": { + "markdownDescription": "The type of the singular filter constant. Valid values for this structure are `SINGULAR` .", + "title": "ConstantType", + "type": "string" + }, + "SingularConstant": { + "markdownDescription": "The value of the singular filter constant.", + "title": "SingularConstant", + "type": "string" + } + }, + "type": "object" + }, + "AWS::QuickSight::VPCConnection": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityStatus": { + "markdownDescription": "The availability status of the VPC connection.", + "title": "AvailabilityStatus", + "type": "string" + }, + "AwsAccountId": { + "markdownDescription": "The AWS account ID of the account where you want to create a new VPC connection.", + "title": "AwsAccountId", + "type": "string" + }, + "DnsResolvers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IP addresses of DNS resolver endpoints for the VPC connection.", + "title": "DnsResolvers", + "type": "array" + }, + "Name": { + "markdownDescription": "The display name for the VPC connection.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role associated with the VPC connection.", + "title": "RoleArn", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon EC2 security group IDs associated with the VPC connection.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs for the VPC connection.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection.", + "title": "Tags", + "type": "array" + }, + "VPCConnectionId": { + "markdownDescription": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account.", + "title": "VPCConnectionId", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::QuickSight::VPCConnection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::QuickSight::VPCConnection.NetworkInterface": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "markdownDescription": "The availability zone that the network interface resides in.", + "title": "AvailabilityZone", + "type": "string" + }, + "ErrorMessage": { + "markdownDescription": "An error message.", + "title": "ErrorMessage", + "type": "string" + }, + "NetworkInterfaceId": { + "markdownDescription": "The network interface ID.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "Status": { + "markdownDescription": "The status of the network interface.", + "title": "Status", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The subnet ID associated with the network interface.", + "title": "SubnetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RAM::Permission": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Specifies the name of the customer managed permission. The name must be unique within the AWS Region .", + "title": "Name", + "type": "string" + }, + "PolicyTemplate": { + "markdownDescription": "A string in JSON format string that contains the following elements of a resource-based policy:\n\n- *Effect* : must be set to `ALLOW` .\n- *Action* : specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *AWS Identity and Access Management User Guide* .\n- *Condition* : (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) in the *AWS Identity and Access Management User Guide* .\n\nThis template can't include either the `Resource` or `Principal` elements. Those are both filled in by AWS RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.", + "title": "PolicyTemplate", + "type": "object" + }, + "ResourceType": { + "markdownDescription": "Specifies the name of the resource type that this customer managed permission applies to.\n\nThe format is `** : **` and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string `ec2:subnet` . To see the list of valid values for this parameter, query the [ListResourceTypes](https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html) operation.", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies a list of one or more tag key and value pairs to attach to the permission.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "PolicyTemplate", + "ResourceType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RAM::Permission" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RAM::ResourceShare": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowExternalPrincipals": { + "markdownDescription": "Specifies whether principals outside your organization in AWS Organizations can be associated with a resource share. A value of `true` lets you share with individual AWS accounts that are *not* in your organization. A value of `false` only has meaning if your account is a member of an AWS Organization. The default value is `true` .", + "title": "AllowExternalPrincipals", + "type": "boolean" + }, + "Name": { + "markdownDescription": "Specifies the name of the resource share.", + "title": "Name", + "type": "string" + }, + "PermissionArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", + "title": "PermissionArns", + "type": "array" + }, + "Principals": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", + "title": "Principals", + "type": "array" + }, + "ResourceArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", + "title": "ResourceArns", + "type": "array" + }, + "Sources": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies from which source accounts the service principal has access to the resources in this resource share.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RAM::ResourceShare" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::CustomDBEngineVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DatabaseInstallationFilesS3BucketName": { + "markdownDescription": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files` .", + "title": "DatabaseInstallationFilesS3BucketName", + "type": "string" + }, + "DatabaseInstallationFilesS3Prefix": { + "markdownDescription": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1` . If this setting isn't specified, no prefix is assumed.", + "title": "DatabaseInstallationFilesS3Prefix", + "type": "string" + }, + "Description": { + "markdownDescription": "An optional description of your CEV.", + "title": "Description", + "type": "string" + }, + "Engine": { + "markdownDescription": "The database engine to use for your custom engine version (CEV).\n\nValid values:\n\n- `custom-oracle-ee`\n- `custom-oracle-ee-cdb`", + "title": "Engine", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The name of your CEV. The name format is `major version.customized_string` . For example, a valid CEV name is `19.my_cev1` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of `Engine` and `EngineVersion` is unique per customer per Region.\n\n*Constraints:* Minimum length is 1. Maximum length is 60.\n\n*Pattern:* `^[a-z0-9_.-]{1,60$` }", + "title": "EngineVersion", + "type": "string" + }, + "ImageId": { + "markdownDescription": "A value that indicates the ID of the AMI.", + "title": "ImageId", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS.\n\nIf you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in [Creating a symmetric encryption KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk) in the *AWS Key Management Service Developer Guide* .\n\nYou can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.", + "title": "KMSKeyId", + "type": "string" + }, + "Manifest": { + "markdownDescription": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.\n\nThe following JSON fields are valid:\n\n- **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format `YYYY-MM-DD` .\n- **databaseInstallationFileNames** - Ordered list of installation files for the CEV.\n- **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine.\n- **psuRuPatchFileNames** - The PSU and RU patches for this CEV.\n- **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches.\n\nFor more information, see [Creating the CEV manifest](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest) in the *Amazon RDS User Guide* .", + "title": "Manifest", + "type": "string" + }, + "SourceCustomDbEngineVersionIdentifier": { + "markdownDescription": "The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either `Source` or `UseAwsProvidedLatestImage` . You can't specify a different JSON manifest when you specify `SourceCustomDbEngineVersionIdentifier` .", + "title": "SourceCustomDbEngineVersionIdentifier", + "type": "string" + }, + "Status": { + "markdownDescription": "A value that indicates the status of a custom engine version (CEV).", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*", + "title": "Tags", + "type": "array" + }, + "UseAwsProvidedLatestImage": { + "markdownDescription": "Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify `UseAwsProvidedLatestImage` , you can't also specify `ImageId` .", + "title": "UseAwsProvidedLatestImage", + "type": "boolean" + } + }, + "required": [ + "Engine", + "EngineVersion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::CustomDBEngineVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBCluster": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MatchOperator": { - "markdownDescription": "The match operator that is used to determine if a filter should be applied.", - "title": "MatchOperator", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nThis setting is required to create a Multi-AZ DB cluster.", + "title": "AllocatedStorage", + "type": "number" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBCluster.DBClusterRole" + }, + "markdownDescription": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "AssociatedRoles", + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB cluster.\n\nFor more information about automatic minor version upgrades, see [Automatically upgrading the minor engine version](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html#USER_UpgradeDBInstance.Upgrading.AutoMinorVersionUpgrades) .", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "AvailabilityZones", + "type": "array" + }, + "BacktrackWindow": { + "markdownDescription": "The target backtrack window, in seconds. To disable backtracking, set this value to `0` .\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: `0`\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).", + "title": "BacktrackWindow", + "type": "number" + }, + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "ClusterScalabilityType": { + "markdownDescription": "Specifies the scalability mode of the Aurora DB cluster. When set to `limitless` , the cluster operates as an Aurora Limitless Database, allowing you to create a DB shard group for horizontal scaling (sharding) capabilities. When set to `standard` (the default), the cluster uses normal DB instance creation.\n\n*Important:* Automated backup retention isn't supported with Aurora Limitless Database clusters. If you set this property to `limitless` , you cannot set `DeleteAutomatedBackups` to `false` . To create a backup, use manual snapshots instead.", + "title": "ClusterScalabilityType", + "type": "string" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "DBClusterIdentifier": { + "markdownDescription": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterInstanceClass": { + "markdownDescription": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", + "title": "DBClusterInstanceClass", + "type": "string" + }, + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the DB cluster parameter group to associate with this DB cluster.\n\n> If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n> \n> If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. \n\nTo list all of the available DB cluster parameter group names, use the following command:\n\n`aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "DBInstanceParameterGroupName": { + "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster.\n\n> When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. \n\nValid for Cluster Type: Aurora DB clusters only\n\nDefault: The existing name setting\n\nConstraints:\n\n- The DB parameter group must be in the same DB parameter group family as this DB cluster.\n- The `DBInstanceParameterGroupName` parameter is valid in combination with the `AllowMajorVersionUpgrade` parameter for a major version upgrade only.", + "title": "DBInstanceParameterGroupName", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group that you want to associate with this DB cluster.\n\nIf you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DBSystemId": { + "markdownDescription": "Reserved for future use.", + "title": "DBSystemId", + "type": "string" + }, + "DatabaseInsightsMode": { + "markdownDescription": "The mode of Database Insights to enable for the DB cluster.\n\nIf you set this value to `advanced` , you must also set the `PerformanceInsightsEnabled` parameter to `true` and the `PerformanceInsightsRetentionPeriod` parameter to 465.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DatabaseInsightsMode", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DatabaseName", + "type": "string" + }, + "DeleteAutomatedBackups": { + "markdownDescription": "Specifies whether to remove automated backups immediately after the DB cluster is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB cluster is deleted, unless the AWS Backup policy specifies a point-in-time restore rule.", + "title": "DeleteAutomatedBackups", + "type": "boolean" + }, + "DeletionProtection": { + "markdownDescription": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "DeletionProtection", + "type": "boolean" + }, + "Domain": { + "markdownDescription": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "Domain", + "type": "string" + }, + "DomainIAMRoleName": { + "markdownDescription": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", + "title": "DomainIAMRoleName", + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .\n\n*Aurora MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Aurora PostgreSQL*\n\nValid values: `postgresql`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EnableGlobalWriteForwarding": { + "markdownDescription": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EnableGlobalWriteForwarding", + "type": "boolean" + }, + "EnableHttpEndpoint": { + "markdownDescription": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n\nFor more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EnableHttpEndpoint", + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nFor more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", + "title": "EnableIAMDatabaseAuthentication", + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "markdownDescription": "Specifies whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.\n\nValid for: Aurora DB clusters only", + "title": "EnableLocalWriteForwarding", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this DB cluster.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your DB cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the DB cluster will fail if the DB major version is past its end of standard support date. \n\nYou can use this setting to enroll your DB cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB cluster past the end of standard support for that engine version. For more information, see the following sections:\n\n- Amazon Aurora - [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide*\n- Amazon RDS - [Amazon RDS Extended Support with Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineMode": { + "markdownDescription": "The DB engine mode of the DB cluster, either `provisioned` or `serverless` .\n\nThe `serverless` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the `provisioned` engine mode.\n\nFor information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* :\n\n- [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n- [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\nValid for Cluster Type: Aurora DB clusters only", + "title": "EngineMode", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nYou can supply either `5.7` or `8.0` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for MySQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`\n\n*Aurora MySQL*\n\nFor information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide* .\n\n*Aurora PostgreSQL*\n\nFor information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide* .\n\n*MySQL*\n\nFor information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide* .\n\n*PostgreSQL*\n\nFor information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "EngineVersion", + "type": "string" + }, + "GlobalClusterIdentifier": { + "markdownDescription": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.\n\nIf you aren't configuring a global database cluster, don't specify this property.\n\n> To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property. \n\nFor information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", + "title": "GlobalClusterIdentifier", + "type": "string" + }, + "Iops": { + "markdownDescription": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nConstraints:\n\n- Must be a multiple between .5 and 50 of the storage amount for the DB cluster.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .\n\nIf you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set `KmsKeyId` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "KmsKeyId", + "type": "string" + }, + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" + }, + "MasterUserPassword": { + "markdownDescription": "The master password for the DB instance.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/AWS::RDS::DBCluster.MasterUserSecret", + "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\n> When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the `SecretArn` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret. \n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*", + "title": "MasterUserSecret" + }, + "MasterUsername": { + "markdownDescription": "The name of the master user for the DB cluster.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MasterUsername", + "type": "string" + }, + "MonitoringInterval": { + "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than `0` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", + "title": "MonitoringInterval", + "type": "number" + }, + "MonitoringRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , supply a `MonitoringRoleArn` value.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "MonitoringRoleArn", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The network type of the DB cluster.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", + "title": "NetworkType", + "type": "string" + }, + "PerformanceInsightsEnabled": { + "markdownDescription": "Specifies whether to turn on Performance Insights for the DB cluster.\n\nFor more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PerformanceInsightsEnabled", + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PerformanceInsightsKmsKeyId", + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB cluster without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS issues an error.", + "title": "PerformanceInsightsRetentionPeriod", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nDefault:\n\n- When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)\n- When `EngineMode` is `serverless` :\n\n- `3306` when `Engine` is `aurora` or `aurora-mysql`\n- `5432` when `Engine` is `aurora-postgresql`\n\n> The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Port", + "type": "number" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible and you connect from outside of the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) endpoint resolves to the public IP address. When you connect from within the same VPC as the DB cluster, the endpoint resolves to the private IP address. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicationSourceIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n\nValid for: Aurora DB clusters only", + "title": "ReplicationSourceIdentifier", + "type": "string" + }, + "RestoreToTime": { + "markdownDescription": "The date and time to restore the DB cluster to.\n\nValid Values: Value must be a time in Universal Coordinated Time (UTC) format\n\nConstraints:\n\n- Must be before the latest restorable time for the DB instance\n- Must be specified if `UseLatestRestorableTime` parameter isn't provided\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled\n- Can't be specified if the `RestoreType` parameter is `copy-on-write`\n\nThis property must be used with `SourceDBClusterIdentifier` property. The resulting cluster will have the identifier that matches the value of the `DBclusterIdentifier` property.\n\nExample: `2015-03-07T23:45:00Z`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "RestoreToTime", + "type": "string" + }, + "RestoreType": { + "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "RestoreType", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::RDS::DBCluster.ScalingConfiguration", + "markdownDescription": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", + "title": "ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration", + "markdownDescription": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", + "title": "ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "markdownDescription": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "SnapshotIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n- Cannot be specified if `SourceDbClusterResourceId` is specified. You must specify either `SourceDBClusterIdentifier` or `SourceDbClusterResourceId` , but not both.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "SourceRegion": { + "markdownDescription": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", + "title": "SourceRegion", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "title": "Tags", + "type": "array" + }, + "UseLatestRestorableTime": { + "markdownDescription": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of EC2 VPC security groups to associate with this DB cluster.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "title": "VpcSecurityGroupIds", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBCluster" + ], "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::RDS::DBCluster.DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", + "title": "FeatureName", "type": "string" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "AWS::RDS::DBCluster.Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "Specifies the connection endpoint for the primary instance of the DB cluster.", + "title": "Address", + "type": "string" + }, + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBCluster.MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", + "title": "KmsKeyId", + "type": "string" + }, + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values) .", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBCluster.ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The host address of the reader endpoint.", + "title": "Address", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBCluster.ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "markdownDescription": "Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in `serverless` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).\n\n> If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.", + "title": "AutoPause", + "type": "boolean" + }, + "MaxCapacity": { + "markdownDescription": "The maximum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe maximum capacity must be greater than or equal to the minimum capacity.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe minimum capacity must be less than or equal to the maximum capacity.", + "title": "MinCapacity", + "type": "number" + }, + "SecondsBeforeTimeout": { + "markdownDescription": "The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300.\n\nSpecify a value between 60 and 600 seconds.", + "title": "SecondsBeforeTimeout", + "type": "number" + }, + "SecondsUntilAutoPause": { + "markdownDescription": "The time, in seconds, before an Aurora DB cluster in `serverless` mode is paused.\n\nSpecify a value between 300 and 86,400 seconds.", + "title": "SecondsUntilAutoPause", + "type": "number" + }, + "TimeoutAction": { + "markdownDescription": "The action to take when the timeout is reached, either `ForceApplyCapacityChange` or `RollbackCapacityChange` .\n\n`ForceApplyCapacityChange` sets the capacity to the specified value as soon as possible.\n\n`RollbackCapacityChange` , the default, ignores the capacity change if a scaling point isn't found in the timeout period.\n\n> If you specify `ForceApplyCapacityChange` , connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. \n\nFor more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide* .", + "title": "TimeoutAction", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "markdownDescription": "The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.\n\nThe maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide* .\n\nAurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the `ParameterApplyStatus` value for the DB instance changes to `pending-reboot` . You can update the parameter values by rebooting the DB instance after changing the capacity range.", + "title": "MaxCapacity", + "type": "number" + }, + "MinCapacity": { + "markdownDescription": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5.", + "title": "MinCapacity", + "type": "number" + }, + "SecondsUntilAutoPause": { + "markdownDescription": "Specifies the number of seconds an Aurora Serverless v2 DB instance must be idle before Aurora attempts to automatically pause it.\n\nSpecify a value between 300 seconds (five minutes) and 86,400 seconds (one day). The default is 300 seconds.", + "title": "SecondsUntilAutoPause", + "type": "number" + } + }, + "type": "object" + }, + "AWS::RDS::DBClusterParameterGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBClusterParameterGroupName": { + "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing DB cluster parameter group.\n\n> This value is stored as a lowercase string.", + "title": "DBClusterParameterGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description for the DB cluster parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n\n*Aurora MySQL*\n\nExample: `aurora-mysql5.7` , `aurora-mysql8.0`\n\n*Aurora PostgreSQL*\n\nExample: `aurora-postgresql14`\n\n*RDS for MySQL*\n\nExample: `mysql8.0`\n\n*RDS for PostgreSQL*\n\nExample: `postgres13`\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`", + "title": "Family", + "type": "string" + }, + "Parameters": { + "markdownDescription": "Provides a list of parameters for the DB cluster parameter group.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB cluster parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family", + "Parameters" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBClusterParameterGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::RDS::DBInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n\n> If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments). \n\n*Amazon Aurora*\n\nNot applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n\n*Db2*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n\n*MySQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*MariaDB*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*PostgreSQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*Oracle*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 10 to 3072.\n\n*SQL Server*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Provisioned IOPS storage (io1):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Magnetic storage (standard):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 1024.\n- Web and Express editions: Must be an integer from 20 to 1024.", + "title": "AllocatedStorage", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "markdownDescription": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n\nConstraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.", + "title": "AllowMajorVersionUpgrade", + "type": "boolean" + }, + "ApplyImmediately": { + "markdownDescription": "Specifies whether changes to the DB instance and any pending modifications are applied immediately, regardless of the `PreferredMaintenanceWindow` setting. If set to `false` , changes are applied during the next maintenance window. Until RDS applies the changes, the DB instance remains in a drift state. As a result, the configuration doesn't fully reflect the requested modifications and temporarily diverges from the intended state.\n\nIn addition to the settings described in [Modifying a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html) , this property also determines whether the DB instance reboots when a static parameter is modified in the associated DB parameter group.\n\nDefault: `true`", + "title": "ApplyImmediately", + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBInstance.DBInstanceRole" + }, + "markdownDescription": "The AWS Identity and Access Management (IAM) roles associated with the DB instance.\n\n*Amazon Aurora*\n\nNot applicable. The associated roles are managed by the DB cluster.", + "title": "AssociatedRoles", + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.", + "title": "AutoMinorVersionUpgrade", + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region , for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE` .", + "title": "AutomaticBackupReplicationKmsKeyId", + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "markdownDescription": "The AWS Region associated with the automated backup.", + "title": "AutomaticBackupReplicationRegion", + "type": "string" + }, + "AutomaticBackupReplicationRetentionPeriod": { + "markdownDescription": "The retention period for automated backups in a different AWS Region. Use this parameter to set a unique retention period that only applies to cross-Region automated backups. To enable automated backups in a different Region, specify a positive value for the `AutomaticBackupReplicationRegion` parameter.\n\nIf not specified, this parameter defaults to the value of the `BackupRetentionPeriod` parameter. The maximum allowed value is 35.", + "title": "AutomaticBackupReplicationRetentionPeriod", + "type": "number" + }, + "AvailabilityZone": { + "markdownDescription": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", + "title": "AvailabilityZone", + "type": "string" + }, + "BackupRetentionPeriod": { + "markdownDescription": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", + "title": "BackupRetentionPeriod", + "type": "number" + }, + "BackupTarget": { + "markdownDescription": "The location for storing automated backups and manual snapshots.\n\nValid Values:\n\n- `local` (Dedicated Local Zone)\n- `outposts` ( AWS Outposts)\n- `region` ( AWS Region )\n\nDefault: `region`\n\nFor more information, see [Working with Amazon RDS on AWS Outposts](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the *Amazon RDS User Guide* .", + "title": "BackupTarget", + "type": "string" + }, + "CACertificateIdentifier": { + "markdownDescription": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", + "title": "CACertificateIdentifier", + "type": "string" + }, + "CertificateRotationRestart": { + "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "CertificateRotationRestart", + "type": "boolean" + }, + "CharacterSetName": { + "markdownDescription": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", + "title": "CharacterSetName", + "type": "string" + }, + "CopyTagsToSnapshot": { + "markdownDescription": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.", + "title": "CopyTagsToSnapshot", + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "markdownDescription": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n\nThis setting is required for RDS Custom.\n\nConstraints:\n\n- The profile must exist in your account.\n- The profile must have an IAM role that Amazon EC2 has permissions to assume.\n- The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .\n\nFor the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .", + "title": "CustomIAMInstanceProfile", + "type": "string" + }, + "DBClusterIdentifier": { + "markdownDescription": "The identifier of the DB cluster that this DB instance will belong to.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "markdownDescription": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n\nFor more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n- Can't be specified when `DBSnapshotIdentifier` is specified.\n- Must be specified when `DBSnapshotIdentifier` isn't specified.\n- If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.\n- Can't be the identifier of an Aurora DB cluster snapshot.", + "title": "DBClusterSnapshotIdentifier", + "type": "string" + }, + "DBInstanceClass": { + "markdownDescription": "The compute and memory capacity of the DB instance, for example `db.m5.large` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide* .", + "title": "DBInstanceClass", + "type": "string" + }, + "DBInstanceIdentifier": { + "markdownDescription": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "DBInstanceIdentifier", + "type": "string" + }, + "DBName": { + "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n> If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle. \n\n*Amazon Aurora*\n\nNot applicable. The database name is managed by the DB cluster.\n\n*Db2*\n\nThe name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Can't be a word reserved by the specified database engine.\n\n*MySQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*MariaDB*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*PostgreSQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.\n\nConstraints:\n\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Must contain 1 to 63 characters.\n- Can't be a word reserved by the specified database engine\n\n*Oracle*\n\nThe Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .\n\nDefault: `ORCL`\n\nConstraints:\n\n- Can't be longer than 8 characters\n\n*SQL Server*\n\nNot applicable. Must be null.", + "title": "DBName", + "type": "string" + }, + "DBParameterGroupName": { + "markdownDescription": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n\nTo list all of the available DB parameter group names, use the following command:\n\n`aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`\n\n> If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot. \n\nIf you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.", + "title": "DBParameterGroupName", + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n\nIf you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n\n> If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n> \n> - `AllocatedStorage`\n> - `AutoMinorVersionUpgrade`\n> - `AvailabilityZone`\n> - `BackupRetentionPeriod`\n> - `CharacterSetName`\n> - `DBInstanceClass`\n> - `DBName`\n> - `DBParameterGroupName`\n> - `DBSecurityGroups`\n> - `DBSubnetGroupName`\n> - `Engine`\n> - `EngineVersion`\n> - `Iops`\n> - `LicenseModel`\n> - `MasterUsername`\n> - `MasterUserPassword`\n> - `MultiAZ`\n> - `OptionGroupName`\n> - `PreferredBackupWindow`\n> - `PreferredMaintenanceWindow`\n> \n> All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.", + "title": "DBSecurityGroups", + "type": "array" + }, + "DBSnapshotIdentifier": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n\nBy specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n\nSome DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties, and the point-in-time recovery properties `RestoreTime` and `UseLatestRestorableTime` . For information about the properties that you can specify, see the [`RestoreDBInstanceFromDBSnapshot`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html) action in the *Amazon RDS API Reference* .\n\nAfter you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.\n\nIf you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n\n- `CharacterSetName`\n- `DBClusterIdentifier`\n- `DBName`\n- `KmsKeyId`\n- `MasterUsername`\n- `MasterUserPassword`\n- `PromotionTier`\n- `SourceDBInstanceIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an unencrypted snapshot)\n- `Timezone`\n\n*Amazon Aurora*\n\nNot applicable. Snapshot restore is managed by the DB cluster.", + "title": "DBSnapshotIdentifier", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC.\n\nIf you don't specify a DB subnet group, RDS uses the default DB subnet group if one exists. If a default DB subnet group does not exist, and you don't specify a `DBSubnetGroupName` , the DB instance fails to launch.\n\nFor more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", + "title": "DBSubnetGroupName", + "type": "string" + }, + "DBSystemId": { + "markdownDescription": "The Oracle system identifier (SID), which is the name of the Oracle database instance that manages your database files. In this context, the term \"Oracle database instance\" refers exclusively to the system global area (SGA) and Oracle background processes. If you don't specify a SID, the value defaults to `RDSCDB` . The Oracle SID is also the name of your CDB.", + "title": "DBSystemId", + "type": "string" + }, + "DatabaseInsightsMode": { + "markdownDescription": "The mode of Database Insights to enable for the DB instance.\n\n> Aurora DB instances inherit this value from the DB cluster, so you can't change this value.", + "title": "DatabaseInsightsMode", + "type": "string" + }, + "DedicatedLogVolume": { + "markdownDescription": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled.", + "title": "DedicatedLogVolume", + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "markdownDescription": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n\n*Amazon Aurora*\n\nNot applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.", + "title": "DeleteAutomatedBackups", + "type": "boolean" + }, + "DeletionProtection": { + "markdownDescription": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .\n\nThis setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", + "title": "DeletionProtection", + "type": "boolean" + }, + "Domain": { + "markdownDescription": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n\nFor more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .", + "title": "Domain", + "type": "string" + }, + "DomainAuthSecretArn": { + "markdownDescription": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n\nExample: `arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456`", + "title": "DomainAuthSecretArn", + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "markdownDescription": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n\nConstraints:\n\n- Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n\nExample: `123.124.125.126,234.235.236.237`", + "title": "DomainDnsIps", + "type": "array" + }, + "DomainFqdn": { + "markdownDescription": "The fully qualified domain name (FQDN) of an Active Directory domain.\n\nConstraints:\n\n- Can't be longer than 64 characters.\n\nExample: `mymanagedADtest.mymanagedAD.mydomain`", + "title": "DomainFqdn", + "type": "string" + }, + "DomainIAMRoleName": { + "markdownDescription": "The name of the IAM role to use when making API calls to the Directory Service.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (The domain is managed by the DB cluster.)\n- RDS Custom", + "title": "DomainIAMRoleName", + "type": "string" + }, + "DomainOu": { + "markdownDescription": "The Active Directory organizational unit for your DB instance to join.\n\nConstraints:\n\n- Must be in the distinguished name format.\n- Can't be longer than 64 characters.\n\nExample: `OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain`", + "title": "DomainOu", + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. CloudWatch Logs exports are managed by the DB cluster.\n\n*Db2*\n\nValid values: `diag.log` , `notify.log`\n\n*MariaDB*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Microsoft SQL Server*\n\nValid values: `agent` , `error`\n\n*MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Oracle*\n\nValid values: `alert` , `audit` , `listener` , `trace` , `oemagent`\n\n*PostgreSQL*\n\nValid values: `postgresql` , `upgrade`", + "title": "EnableCloudwatchLogsExports", + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nThis property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*\n\n*Amazon Aurora*\n\nNot applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.", + "title": "EnableIAMDatabaseAuthentication", + "type": "boolean" + }, + "EnablePerformanceInsights": { + "markdownDescription": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "EnablePerformanceInsights", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n\nThis property is required when creating a DB instance.\n\n> You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the `Engine` value in your templates from `oracle-ee` to `oracle-ee-cdb` or from `oracle-se2` to `oracle-se2-cdb` . Converting to the CDB architecture requires an interruption. \n\nValid Values:\n\n- `aurora-mysql` (for Aurora MySQL DB instances)\n- `aurora-postgresql` (for Aurora PostgreSQL DB instances)\n- `custom-oracle-ee` (for RDS Custom for Oracle DB instances)\n- `custom-oracle-ee-cdb` (for RDS Custom for Oracle DB instances)\n- `custom-sqlserver-ee` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-se` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-web` (for RDS Custom for SQL Server DB instances)\n- `db2-ae`\n- `db2-se`\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this DB instance.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your DB instance into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the DB instance will fail if the DB major version is past its end of standard support date. \n\nThis setting applies only to RDS for MySQL and RDS for PostgreSQL. For Amazon Aurora DB instances, the life cycle type is managed by the DB cluster.\n\nYou can use this setting to enroll your DB instance into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB instance past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide* .\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The version number of the database engine to use.\n\nFor a list of valid engine versions, use the `DescribeDBEngineVersions` action.\n\nThe following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n\n*Amazon Aurora*\n\nNot applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n\n*Db2*\n\nSee [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*MariaDB*\n\nSee [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Microsoft SQL Server*\n\nSee [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*\n\n*MySQL*\n\nSee [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Oracle*\n\nSee [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*\n\n*PostgreSQL*\n\nSee [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*", + "title": "EngineVersion", + "type": "string" + }, + "Iops": { + "markdownDescription": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000.\n\nIf you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\n> If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property. \n\nConstraints:\n\n- For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n- For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.", + "title": "Iops", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n\nIf you specify the `DBSnapshotIdentifier` property, don't specify this property. The `StorageEncrypted` property value is inherited from the snapshot. If the DB instance is encrypted, the specified `KmsKeyId` property is also inherited from the snapshot.\n\nIf you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The KMS key identifier is managed by the DB cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LicenseModel": { + "markdownDescription": "License model information for this DB instance.\n\nValid Values:\n\n- Aurora MySQL - `general-public-license`\n- Aurora PostgreSQL - `postgresql-license`\n- RDS for Db2 - `bring-your-own-license` . For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.*\n- RDS for MariaDB - `general-public-license`\n- RDS for Microsoft SQL Server - `license-included`\n- RDS for MySQL - `general-public-license`\n- RDS for Oracle - `bring-your-own-license` or `license-included`\n- RDS for PostgreSQL - `postgresql-license`\n\n> If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.", + "title": "LicenseModel", + "type": "string" + }, + "ManageMasterUserPassword": { + "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", + "title": "ManageMasterUserPassword", + "type": "boolean" + }, + "MasterUserPassword": { + "markdownDescription": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n\n*Amazon Aurora*\n\nNot applicable. The password for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nMust contain from 8 to 255 characters.\n\n*RDS for MariaDB*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Microsoft SQL Server*\n\nConstraints: Must contain from 8 to 128 characters.\n\n*RDS for MySQL*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Oracle*\n\nConstraints: Must contain from 8 to 30 characters.\n\n*RDS for PostgreSQL*\n\nConstraints: Must contain from 8 to 128 characters.", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/AWS::RDS::DBInstance.MasterUserSecret", + "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*", + "title": "MasterUserSecret" + }, + "MasterUsername": { + "markdownDescription": "The master user name for the DB instance.\n\n> If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n> \n> When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. \n\n*Amazon Aurora*\n\nNot applicable. The name for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MariaDB*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Microsoft SQL Server*\n\nConstraints:\n\n- Must be 1 to 128 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MySQL*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Oracle*\n\nConstraints:\n\n- Must be 1 to 30 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for PostgreSQL*\n\nConstraints:\n\n- Must be 1 to 63 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.", + "title": "MasterUsername", + "type": "string" + }, + "MaxAllocatedStorage": { + "markdownDescription": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (Storage is managed by the DB cluster.)\n- RDS Custom", + "title": "MaxAllocatedStorage", + "type": "number" + }, + "MonitoringInterval": { + "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than `0` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", + "title": "MonitoringInterval", + "type": "number" + }, + "MonitoringRoleArn": { + "markdownDescription": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , then you must supply a `MonitoringRoleArn` value.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "MonitoringRoleArn", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to Amazon Aurora because the DB instance Availability Zones (AZs) are managed by the DB cluster.", + "title": "MultiAZ", + "type": "boolean" + }, + "NcharCharacterSetName": { + "markdownDescription": "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "NcharCharacterSetName", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The network type of the DB instance.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*", + "title": "NetworkType", + "type": "string" + }, + "OptionGroupName": { + "markdownDescription": "Indicates that the DB instance should be associated with the specified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.", + "title": "OptionGroupName", + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n\nFor information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .", + "title": "PerformanceInsightsKMSKeyId", + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB instance without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS returns an error.", + "title": "PerformanceInsightsRetentionPeriod", + "type": "number" + }, + "Port": { + "markdownDescription": "The port number on which the database accepts connections.\n\nThis setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n\nValid Values: `1150-65535`\n\nDefault:\n\n- RDS for Db2 - `50000`\n- RDS for MariaDB - `3306`\n- RDS for Microsoft SQL Server - `1433`\n- RDS for MySQL - `3306`\n- RDS for Oracle - `1521`\n- RDS for PostgreSQL - `5432`\n\nConstraints:\n\n- For RDS for Microsoft SQL Server, the value can't be `1234` , `1434` , `3260` , `3343` , `3389` , `47001` , or `49152-49156` .", + "title": "Port", + "type": "string" + }, + "PreferredBackupWindow": { + "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\n*Amazon Aurora*\n\nNot applicable. The daily time range for creating automated backups is managed by the DB cluster.", + "title": "PreferredBackupWindow", + "type": "string" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*\n\n> This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately. \n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBInstance.ProcessorFeature" + }, + "markdownDescription": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances.", + "title": "ProcessorFeatures", + "type": "array" + }, + "PromotionTier": { + "markdownDescription": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nDefault: `1`\n\nValid Values: `0 - 15`", + "title": "PromotionTier", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.\n\nThe default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ReplicaMode": { + "markdownDescription": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .\n\nThis setting is only supported in RDS for Oracle.\n\nDefault: `open-read-only`\n\nValid Values: `open-read-only` or `mounted`", + "title": "ReplicaMode", + "type": "string" + }, + "RestoreTime": { + "markdownDescription": "The date and time to restore from. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must be a time in Universal Coordinated Time (UTC) format.\n- Must be before the latest restorable time for the DB instance.\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled.\n\nExample: `2009-09-07T23:45:00Z`", + "title": "RestoreTime", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n\nConstraints:\n\n- Must be the identifier of an existing Multi-AZ DB cluster.\n- Can't be specified if the `SourceDBInstanceIdentifier` parameter is also specified.\n- The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n- The source DB cluster must be in the same AWS Region as the read replica. Cross-Region replication isn't supported.", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .\n\nThis setting doesn't apply to RDS Custom.", + "title": "SourceDBInstanceAutomatedBackupsArn", + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "markdownDescription": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\nThe `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n\nIf you specify the `UseLatestRestorableTime` or `RestoreTime` properties in conjunction with the `SourceDBInstanceIdentifier` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n\n> - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n> - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n> - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.\n> - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n> - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .\n> - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.", + "title": "SourceDBInstanceIdentifier", + "type": "string" + }, + "SourceDbiResourceId": { + "markdownDescription": "The resource ID of the source DB instance from which to restore.", + "title": "SourceDbiResourceId", + "type": "string" + }, + "SourceRegion": { + "markdownDescription": "The ID of the region that contains the source DB instance for the read replica.", + "title": "SourceRegion", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup.\n\nIf you specify `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the snapshot.\n\n*Amazon Aurora*\n\nNot applicable. The encryption for DB instances is managed by the DB cluster.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "StorageThroughput": { + "markdownDescription": "Specifies the storage throughput value, in mebibyte per second (MiBps), for the DB instance. This setting applies only to the `gp3` storage type.\n\nThis setting doesn't apply to RDS Custom or Amazon Aurora.", + "title": "StorageThroughput", + "type": "number" + }, + "StorageType": { + "markdownDescription": "The storage type to associate with the DB instance.\n\nIf you specify `io1` , `io2` , or `gp3` , you must also include a value for the `Iops` parameter.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n\nValid Values: `gp2 | gp3 | io1 | io2 | standard`\n\nDefault: `io1` , if the `Iops` parameter is specified. Otherwise, `gp3` .", + "title": "StorageType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB instance.", + "title": "Tags", + "type": "array" + }, + "Timezone": { + "markdownDescription": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .", + "title": "Timezone", + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "markdownDescription": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n\nThis setting doesn't apply to RDS Custom DB instances.", + "title": "UseDefaultProcessorFeatures", + "type": "boolean" + }, + "UseLatestRestorableTime": { + "markdownDescription": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Can't be specified if the `RestoreTime` parameter is provided.", + "title": "UseLatestRestorableTime", + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nIf you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.\n\n> You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n> \n> - You can't revert to using an RDS security group after you establish a VPC security group membership.\n> - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n> - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property. \n\nTo avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.\n\n*Amazon Aurora*\n\nNot applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", + "title": "VPCSecurityGroups", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBInstance" + ], "type": "string" }, - "Value": { - "markdownDescription": "The input value.", - "title": "Value", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Column", - "FilterId", - "MatchOperator", - "NullOption" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.NumericFormatConfiguration": { + "AWS::RDS::DBInstance.CertificateDetails": { "additionalProperties": false, "properties": { - "CurrencyDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration", - "markdownDescription": "The options that determine the currency display format configuration.", - "title": "CurrencyDisplayFormatConfiguration" - }, - "NumberDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", - "markdownDescription": "The options that determine the number display format configuration.", - "title": "NumberDisplayFormatConfiguration" + "CAIdentifier": { + "markdownDescription": "The CA identifier of the CA certificate used for the DB instance's server certificate.", + "title": "CAIdentifier", + "type": "string" }, - "PercentageDisplayFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", - "markdownDescription": "The options that determine the percentage display format configuration.", - "title": "PercentageDisplayFormatConfiguration" + "ValidTill": { + "markdownDescription": "The expiration date of the DB instance\u2019s server certificate.", + "title": "ValidTill", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericRangeFilter": { + "AWS::RDS::DBInstance.DBInstanceRole": { "additionalProperties": false, "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function of the filter.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", + "FeatureName": { + "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", + "title": "FeatureName", "type": "string" }, - "RangeMaximum": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum" - }, - "RangeMinimum": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum" - }, - "SelectAllOptions": { - "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", - "title": "SelectAllOptions", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "FeatureName", + "RoleArn" ], "type": "object" }, - "AWS::QuickSight::Template.NumericRangeFilterValue": { + "AWS::RDS::DBInstance.Endpoint": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter that is used in the numeric range.", - "title": "Parameter", + "Address": { + "markdownDescription": "Specifies the DNS address of the DB instance.", + "title": "Address", "type": "string" }, - "StaticValue": { - "markdownDescription": "The static value of the numeric range filter.", - "title": "StaticValue", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.NumericSeparatorConfiguration": { - "additionalProperties": false, - "properties": { - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + "HostedZoneId": { + "markdownDescription": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.", + "title": "HostedZoneId", "type": "string" }, - "ThousandsSeparator": { - "$ref": "#/definitions/AWS::QuickSight::Template.ThousandSeparatorOptions", - "markdownDescription": "The options that determine the thousands separator configuration.", - "title": "ThousandsSeparator" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.NumericalAggregationFunction": { - "additionalProperties": false, - "properties": { - "PercentileAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentileAggregation", - "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", - "title": "PercentileAggregation" - }, - "SimpleNumericalAggregation": { - "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", - "title": "SimpleNumericalAggregation", + "Port": { + "markdownDescription": "Specifies the port that the database engine is listening on.", + "title": "Port", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.NumericalDimensionField": { + "AWS::RDS::DBInstance.MasterUserSecret": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalDimensionField` .", - "title": "Column" - }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", - "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - }, - "HierarchyId": { - "markdownDescription": "The custom hierarchy ID.", - "title": "HierarchyId", + "KmsKeyId": { + "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", + "title": "KmsKeyId", "type": "string" - } - }, - "required": [ - "Column", - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Template.NumericalMeasureField": { - "additionalProperties": false, - "properties": { - "AggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", - "markdownDescription": "The aggregation function of the measure field.", - "title": "AggregationFunction" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `NumericalMeasureField` .", - "title": "Column" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values) .", + "title": "SecretArn", "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" - } - }, - "required": [ - "Column", - "FieldId" - ], - "type": "object" - }, - "AWS::QuickSight::Template.PaginationConfiguration": { - "additionalProperties": false, - "properties": { - "PageNumber": { - "markdownDescription": "Indicates the page number.", - "title": "PageNumber", - "type": "number" - }, - "PageSize": { - "markdownDescription": "Indicates how many items render in one page.", - "title": "PageSize", - "type": "number" } }, - "required": [ - "PageNumber", - "PageSize" - ], "type": "object" }, - "AWS::QuickSight::Template.PanelConfiguration": { + "AWS::RDS::DBInstance.ProcessorFeature": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "Sets the background color for each panel.", - "title": "BackgroundColor", - "type": "string" - }, - "BackgroundVisibility": { - "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", - "title": "BackgroundVisibility", - "type": "string" - }, - "BorderColor": { - "markdownDescription": "Sets the line color of panel borders.", - "title": "BorderColor", - "type": "string" - }, - "BorderStyle": { - "markdownDescription": "Sets the line style of panel borders.", - "title": "BorderStyle", - "type": "string" - }, - "BorderThickness": { - "markdownDescription": "Sets the line thickness of panel borders.", - "title": "BorderThickness", - "type": "string" - }, - "BorderVisibility": { - "markdownDescription": "Determines whether or not each panel displays a border.", - "title": "BorderVisibility", - "type": "string" - }, - "GutterSpacing": { - "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", - "title": "GutterSpacing", + "Name": { + "markdownDescription": "The name of the processor feature. Valid names are `coreCount` and `threadsPerCore` .", + "title": "Name", "type": "string" }, - "GutterVisibility": { - "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", - "title": "GutterVisibility", + "Value": { + "markdownDescription": "The value of a processor feature.", + "title": "Value", "type": "string" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.PanelTitleOptions", - "markdownDescription": "Configures the title display within each small multiples panel.", - "title": "Title" } }, "type": "object" }, - "AWS::QuickSight::Template.PanelTitleOptions": { + "AWS::RDS::DBParameterGroup": { "additionalProperties": false, "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "", - "title": "FontConfiguration" - }, - "HorizontalTextAlignment": { - "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", - "title": "HorizontalTextAlignment", + "Condition": { "type": "string" }, - "Visibility": { - "markdownDescription": "Determines whether or not panel titles are displayed.", - "title": "Visibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ParameterControl": { - "additionalProperties": false, - "properties": { - "DateTimePicker": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDateTimePickerControl", - "markdownDescription": "A control from a date parameter that specifies date and time.", - "title": "DateTimePicker" - }, - "Dropdown": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDropDownControl", - "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", - "title": "Dropdown" - }, - "List": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterListControl", - "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", - "title": "List" - }, - "Slider": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSliderControl", - "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", - "title": "Slider" }, - "TextArea": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextAreaControl", - "markdownDescription": "A control to display a text box that is used to enter multiple entries.", - "title": "TextArea" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TextField": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextFieldControl", - "markdownDescription": "A control to display a text box that is used to enter a single entry.", - "title": "TextField" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ParameterDateTimePickerControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Metadata": { + "type": "object" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", - "title": "ParameterControlId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DBParameterGroupName": { + "markdownDescription": "The name of the DB parameter group.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens.\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nIf you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.\n\n> This value is stored as a lowercase string.", + "title": "DBParameterGroupName", + "type": "string" + }, + "Description": { + "markdownDescription": "Provides the customer-specified description for this DB parameter group.", + "title": "Description", + "type": "string" + }, + "Family": { + "markdownDescription": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `db2-ae`\n- `db2-se`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "Family", + "type": "string" + }, + "Parameters": { + "markdownDescription": "A mapping of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n\nFor more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* , or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .\n\n> AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.", + "title": "Parameters", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "Family" + ], + "type": "object" }, - "SourceParameterName": { - "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", - "title": "SourceParameterName", + "Type": { + "enum": [ + "AWS::RDS::DBParameterGroup" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.ParameterDeclaration": { - "additionalProperties": false, - "properties": { - "DateTimeParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeParameterDeclaration", - "markdownDescription": "A parameter declaration for the `DateTime` data type.", - "title": "DateTimeParameterDeclaration" - }, - "DecimalParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Decimal` data type.", - "title": "DecimalParameterDeclaration" - }, - "IntegerParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.IntegerParameterDeclaration", - "markdownDescription": "A parameter declaration for the `Integer` data type.", - "title": "IntegerParameterDeclaration" - }, - "StringParameterDeclaration": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringParameterDeclaration", - "markdownDescription": "A parameter declaration for the `String` data type.", - "title": "StringParameterDeclaration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ParameterDropDownControl": { + "AWS::RDS::DBProxy": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Condition": { + "type": "string" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterDropDownControl` .", - "title": "ParameterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", - "title": "SourceParameterName", - "type": "string" + "Metadata": { + "type": "object" }, - "Title": { - "markdownDescription": "The title of the `ParameterDropDownControl` .", - "title": "Title", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Auth": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxy.AuthFormat" + }, + "markdownDescription": "The authorization mechanism that the proxy uses.", + "title": "Auth", + "type": "array" + }, + "DBProxyName": { + "markdownDescription": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.", + "title": "DBProxyName", + "type": "string" + }, + "DebugLogging": { + "markdownDescription": "Specifies whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.", + "title": "DebugLogging", + "type": "boolean" + }, + "EngineFamily": { + "markdownDescription": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .", + "title": "EngineFamily", + "type": "string" + }, + "IdleClientTimeout": { + "markdownDescription": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.", + "title": "IdleClientTimeout", + "type": "number" + }, + "RequireTLS": { + "markdownDescription": "Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.", + "title": "RequireTLS", + "type": "boolean" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxy.TagFormat" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC security group IDs to associate with the new proxy.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more VPC subnet IDs to associate with the new proxy.", + "title": "VpcSubnetIds", + "type": "array" + } + }, + "required": [ + "Auth", + "DBProxyName", + "EngineFamily", + "RoleArn", + "VpcSubnetIds" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", - "title": "Type", + "enum": [ + "AWS::RDS::DBProxy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.ParameterListControl": { + "AWS::RDS::DBProxy.AuthFormat": { "additionalProperties": false, "properties": { - "CascadingControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", - "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", - "title": "CascadingControlConfiguration" - }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterListControl` .", - "title": "ParameterControlId", + "AuthScheme": { + "markdownDescription": "The type of authentication that the proxy uses for connections from the proxy to the underlying database.", + "title": "AuthScheme", "type": "string" }, - "SelectableValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", - "markdownDescription": "A list of selectable values that are used in a control.", - "title": "SelectableValues" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterListControl` .", - "title": "SourceParameterName", + "ClientPasswordAuthType": { + "markdownDescription": "Specifies the details of authentication used by a proxy to log in as a specific database user.", + "title": "ClientPasswordAuthType", "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterListControl` .", - "title": "Title", + "Description": { + "markdownDescription": "A user-specified description about the authentication used by a proxy to log in as a specific database user.", + "title": "Description", "type": "string" }, - "Type": { - "markdownDescription": "The type of `ParameterListControl` .", - "title": "Type", + "IAMAuth": { + "markdownDescription": "A value that indicates whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. The `ENABLED` value is valid only for proxies with RDS for Microsoft SQL Server.", + "title": "IAMAuth", "type": "string" - } - }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ParameterSelectableValues": { - "additionalProperties": false, - "properties": { - "LinkToDataSetColumn": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column identifier that fetches values from the data set.", - "title": "LinkToDataSetColumn" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The values that are used in `ParameterSelectableValues` .", - "title": "Values", - "type": "array" + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.", + "title": "SecretArn", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ParameterSliderControl": { + "AWS::RDS::DBProxy.TagFormat": { "additionalProperties": false, "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "MaximumValue": { - "markdownDescription": "The larger value that is displayed at the right of the slider.", - "title": "MaximumValue", - "type": "number" - }, - "MinimumValue": { - "markdownDescription": "The smaller value that is displayed at the left of the slider.", - "title": "MinimumValue", - "type": "number" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterSliderControl` .", - "title": "ParameterControlId", - "type": "string" - }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", - "title": "SourceParameterName", + "Key": { + "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Key", "type": "string" }, - "StepSize": { - "markdownDescription": "The number of increments that the slider bar is divided into.", - "title": "StepSize", - "type": "number" - }, - "Title": { - "markdownDescription": "The title of the `ParameterSliderControl` .", - "title": "Title", + "Value": { + "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Value", "type": "string" } }, - "required": [ - "MaximumValue", - "MinimumValue", - "ParameterControlId", - "SourceParameterName", - "StepSize", - "Title" - ], "type": "object" }, - "AWS::QuickSight::Template.ParameterTextAreaControl": { + "AWS::RDS::DBProxyEndpoint": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "The delimiter that is used to separate the lines in text.", - "title": "Delimiter", + "Condition": { "type": "string" }, - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" - }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextAreaControl` .", - "title": "ParameterControlId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", - "title": "SourceParameterName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Title": { - "markdownDescription": "The title of the `ParameterTextAreaControl` .", - "title": "Title", - "type": "string" - } - }, - "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ParameterTextFieldControl": { - "additionalProperties": false, - "properties": { - "DisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", - "markdownDescription": "The display options of a control.", - "title": "DisplayOptions" + "Metadata": { + "type": "object" }, - "ParameterControlId": { - "markdownDescription": "The ID of the `ParameterTextFieldControl` .", - "title": "ParameterControlId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "DBProxyEndpointName": { + "markdownDescription": "The name of the DB proxy endpoint to create.", + "title": "DBProxyEndpointName", + "type": "string" + }, + "DBProxyName": { + "markdownDescription": "The name of the DB proxy associated with the DB proxy endpoint that you create.", + "title": "DBProxyName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBProxyEndpoint.TagFormat" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "title": "Tags", + "type": "array" + }, + "TargetRole": { + "markdownDescription": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.", + "title": "TargetRole", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.", + "title": "VpcSubnetIds", + "type": "array" + } + }, + "required": [ + "DBProxyEndpointName", + "DBProxyName", + "VpcSubnetIds" + ], + "type": "object" }, - "SourceParameterName": { - "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", - "title": "SourceParameterName", + "Type": { + "enum": [ + "AWS::RDS::DBProxyEndpoint" + ], "type": "string" }, - "Title": { - "markdownDescription": "The title of the `ParameterTextFieldControl` .", - "title": "Title", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ParameterControlId", - "SourceParameterName", - "Title" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.PercentVisibleRange": { - "additionalProperties": false, - "properties": { - "From": { - "markdownDescription": "The lower bound of the range.", - "title": "From", - "type": "number" - }, - "To": { - "markdownDescription": "The top bound of the range.", - "title": "To", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PercentageDisplayFormatConfiguration": { + "AWS::RDS::DBProxyEndpoint.TagFormat": { "additionalProperties": false, "properties": { - "DecimalPlacesConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", - "markdownDescription": "The option that determines the decimal places configuration.", - "title": "DecimalPlacesConfiguration" - }, - "NegativeValueConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", - "markdownDescription": "The options that determine the negative value configuration.", - "title": "NegativeValueConfiguration" - }, - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" - }, - "Prefix": { - "markdownDescription": "Determines the prefix value of the percentage format.", - "title": "Prefix", + "Key": { + "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Key", "type": "string" }, - "SeparatorConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", - "markdownDescription": "The options that determine the numeric separator configuration.", - "title": "SeparatorConfiguration" - }, - "Suffix": { - "markdownDescription": "Determines the suffix value of the percentage format.", - "title": "Suffix", + "Value": { + "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PercentileAggregation": { - "additionalProperties": false, - "properties": { - "PercentileValue": { - "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", - "title": "PercentileValue", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PeriodOverPeriodComputation": { + "AWS::RDS::DBProxyTargetGroup": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" - } - }, - "required": [ - "ComputationId" - ], - "type": "object" - }, - "AWS::QuickSight::Template.PeriodToDateComputation": { - "additionalProperties": false, - "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" + "Metadata": { + "type": "object" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionPoolConfigurationInfo": { + "$ref": "#/definitions/AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat", + "markdownDescription": "Displays the settings that control the size and behavior of the connection pool associated with a `DBProxyTarget` .", + "title": "ConnectionPoolConfigurationInfo" + }, + "DBClusterIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more DB cluster identifiers.", + "title": "DBClusterIdentifiers", + "type": "array" + }, + "DBInstanceIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more DB instance identifiers.", + "title": "DBInstanceIdentifiers", + "type": "array" + }, + "DBProxyName": { + "markdownDescription": "The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .", + "title": "DBProxyName", + "type": "string" + }, + "TargetGroupName": { + "markdownDescription": "The identifier for the target group.\n\n> Currently, this property must be set to `default` .", + "title": "TargetGroupName", + "type": "string" + } + }, + "required": [ + "DBProxyName", + "TargetGroupName" + ], + "type": "object" }, - "PeriodTimeGranularity": { - "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", - "title": "PeriodTimeGranularity", + "Type": { + "enum": [ + "AWS::RDS::DBProxyTargetGroup" + ], "type": "string" }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.PieChartAggregatedFieldWells": { + "AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category (group/color) field wells of a pie chart.", - "title": "Category", - "type": "array" + "ConnectionBorrowTimeout": { + "markdownDescription": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. This setting only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.\n\nDefault: `120`\n\nConstraints:\n\n- Must be between 0 and 300.", + "title": "ConnectionBorrowTimeout", + "type": "number" }, - "SmallMultiples": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The small multiples field well of a pie chart.", - "title": "SmallMultiples", - "type": "array" + "InitQuery": { + "markdownDescription": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query\n\n> Since you can access initialization query as part of target group configuration, it is not protected by authentication or cryptographic methods. Anyone with access to view or manage your proxy target group configuration can view the initialization query. You should not add sensitive data, such as passwords or long-lived encryption keys, to this option.", + "title": "InitQuery", + "type": "string" }, - "Values": { + "MaxConnectionsPercent": { + "markdownDescription": "The maximum size of the connection pool for each target in a target group. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.\n\nIf you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.\n\nDefault: `10` for RDS for Microsoft SQL Server, and `100` for all other engines\n\nConstraints:\n\n- Must be between 1 and 100.", + "title": "MaxConnectionsPercent", + "type": "number" + }, + "MaxIdleConnectionsPercent": { + "markdownDescription": "A value that controls how actively the proxy closes idle database connections in the connection pool. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.\n\nIf you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .\n\nDefault: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is `5` , and for all other engines, the default is `50` .\n\nConstraints:\n\n- Must be between 0 and the value of `MaxConnectionsPercent` .", + "title": "MaxIdleConnectionsPercent", + "type": "number" + }, + "SessionPinningFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", - "title": "Values", + "markdownDescription": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior.\n\nDefault: no session pinning filters", + "title": "SessionPinningFilters", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartConfiguration": { + "AWS::RDS::DBSecurityGroup": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", - "title": "CategoryLabelOptions" - }, - "ContributionAnalysisDefaults": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" - }, - "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", - "title": "ContributionAnalysisDefaults", - "type": "array" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "DonutOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.DonutOptions", - "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", - "title": "DonutOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SmallMultiplesOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", - "markdownDescription": "The small multiples setup for the visual.", - "title": "SmallMultiplesOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartSortConfiguration", - "markdownDescription": "The sort configuration of a pie chart.", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "Properties": { + "additionalProperties": false, + "properties": { + "DBSecurityGroupIngress": { + "items": { + "$ref": "#/definitions/AWS::RDS::DBSecurityGroup.Ingress" + }, + "markdownDescription": "Ingress rules to be applied to the DB security group.", + "title": "DBSecurityGroupIngress", + "type": "array" + }, + "EC2VpcId": { + "markdownDescription": "The identifier of an Amazon virtual private cloud (VPC). This property indicates the VPC that this DB security group belongs to.\n\n> This property is included for backwards compatibility and is no longer recommended for providing security information to an RDS DB instance.", + "title": "EC2VpcId", + "type": "string" + }, + "GroupDescription": { + "markdownDescription": "Provides the description of the DB security group.", + "title": "GroupDescription", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBSecurityGroupIngress", + "GroupDescription" + ], + "type": "object" }, - "ValueLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options for the value that is displayed in a pie chart.", - "title": "ValueLabelOptions" + "Type": { + "enum": [ + "AWS::RDS::DBSecurityGroup" + ], + "type": "string" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PieChartFieldWells": { - "additionalProperties": false, - "properties": { - "PieChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a pie chart.", - "title": "PieChartAggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.PieChartSortConfiguration": { + "AWS::RDS::DBSecurityGroup.Ingress": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", - "title": "CategoryItemsLimit" + "CIDRIP": { + "markdownDescription": "The IP range to authorize.", + "title": "CIDRIP", + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "EC2SecurityGroupId": { + "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupId", + "type": "string" }, - "SmallMultiplesLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of small multiples panels that are displayed.", - "title": "SmallMultiplesLimitConfiguration" + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupName", + "type": "string" }, - "SmallMultiplesSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the small multiples field.", - "title": "SmallMultiplesSort", - "type": "array" + "EC2SecurityGroupOwnerId": { + "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PieChartVisual": { + "AWS::RDS::DBSecurityGroupIngress": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartConfiguration", - "markdownDescription": "The configuration of a pie chart.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "CIDRIP": { + "markdownDescription": "The IP range to authorize.", + "title": "CIDRIP", + "type": "string" + }, + "DBSecurityGroupName": { + "markdownDescription": "The name of the DB security group to add authorization to.", + "title": "DBSecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupId": { + "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupId", + "type": "string" + }, + "EC2SecurityGroupName": { + "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupOwnerId": { + "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" + } + }, + "required": [ + "DBSecurityGroupName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::RDS::DBSecurityGroupIngress" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.PivotFieldSortOptions": { + "AWS::RDS::DBShardGroup": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID for the field sort options.", - "title": "FieldId", + "Condition": { "type": "string" }, - "SortBy": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortBy", - "markdownDescription": "The sort by field for the field sort options.", - "title": "SortBy" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ComputeRedundancy": { + "markdownDescription": "Specifies whether to create standby standby DB data access shard for the DB shard group. Valid values are the following:\n\n- 0 - Creates a DB shard group without a standby DB data access shard. This is the default value.\n- 1 - Creates a DB shard group with a standby DB data access shard in a different Availability Zone (AZ).\n- 2 - Creates a DB shard group with two standby DB data access shard in two different AZs.", + "title": "ComputeRedundancy", + "type": "number" + }, + "DBClusterIdentifier": { + "markdownDescription": "The name of the primary DB cluster for the DB shard group.", + "title": "DBClusterIdentifier", + "type": "string" + }, + "DBShardGroupIdentifier": { + "markdownDescription": "The name of the DB shard group.", + "title": "DBShardGroupIdentifier", + "type": "string" + }, + "MaxACU": { + "markdownDescription": "The maximum capacity of the DB shard group in Aurora capacity units (ACUs).", + "title": "MaxACU", + "type": "number" + }, + "MinACU": { + "markdownDescription": "The minimum capacity of the DB shard group in Aurora capacity units (ACUs).", + "title": "MinACU", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Specifies whether the DB shard group is publicly accessible.\n\nWhen the DB shard group is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB shard group's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB shard group's VPC. Access to the DB shard group is ultimately controlled by the security group it uses. That public access is not permitted if the security group assigned to the DB shard group doesn't permit it.\n\nWhen the DB shard group isn't publicly accessible, it is an internal DB shard group with a DNS name that resolves to a private IP address.\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB shard group is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB shard group is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB shard group is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB shard group is public.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the DB shard group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "DBClusterIdentifier", + "MaxACU" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBShardGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FieldId", - "SortBy" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableAggregatedFieldWells": { + "AWS::RDS::DBSubnetGroup": { "additionalProperties": false, "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", - "title": "Columns", - "type": "array" + "Condition": { + "type": "string" }, - "Rows": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", - "title": "Rows", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DBSubnetGroupDescription": { + "markdownDescription": "The description for the DB subnet group.", + "title": "DBSubnetGroupDescription", + "type": "string" + }, + "DBSubnetGroupName": { + "markdownDescription": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints:\n\n- Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n- Must not be default.\n- First character must be a letter.\n\nExample: `mydbsubnetgroup`", + "title": "DBSubnetGroupName", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The EC2 Subnet IDs for the DB subnet group.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the DB subnet group.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", - "title": "Values", - "type": "array" + "required": [ + "DBSubnetGroupDescription", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::DBSubnetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableCellConditionalFormatting": { + "AWS::RDS::EventSubscription": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "Condition": { "type": "string" }, - "Scope": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope", - "markdownDescription": "The scope of the cell for conditional formatting.", - "title": "Scope" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Scopes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.", + "title": "EventCategories", + "type": "array" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n\n> RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide* .", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are supplied, `SourceType` must also be provided.\n- If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.\n- If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.\n- If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.\n- If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.\n- If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.\n- If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.\n- If the source type is an RDS Proxy, a `DBProxyName` value must be supplied.", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to `db-instance` . For RDS Proxy events, specify `db-proxy` . If this value isn't specified, all events are returned.\n\nValid Values: `db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment`", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be less than 255 characters.", + "title": "SubscriptionName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional array of key-value pairs to apply to this subscription.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of cell scopes for conditional formatting.", - "title": "Scopes", - "type": "array" + "required": [ + "SnsTopicArn" + ], + "type": "object" }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" + "Type": { + "enum": [ + "AWS::RDS::EventSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PivotTableConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a pivot table.", - "title": "Cell" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PivotTableConditionalFormattingScope": { + "AWS::RDS::GlobalCluster": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", - "title": "Role", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PivotTableConfiguration": { - "additionalProperties": false, - "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOptions", - "markdownDescription": "The field options for a pivot table visual.", - "title": "FieldOptions" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a pivot table visual.", - "title": "PaginatedReportOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortConfiguration", - "markdownDescription": "The sort configuration for a `PivotTableVisual` .", - "title": "SortConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableOptions", - "markdownDescription": "The table options for a pivot table visual.", - "title": "TableOptions" + "Metadata": { + "type": "object" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableTotalOptions", - "markdownDescription": "The total options for a pivot table visual.", - "title": "TotalOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PivotTableDataPathOption": { - "additionalProperties": false, - "properties": { - "DataPathList": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtection": { + "markdownDescription": "Specifies whether to enable deletion protection for the new global database cluster. The global database can't be deleted when deletion protection is enabled.", + "title": "DeletionProtection", + "type": "boolean" + }, + "Engine": { + "markdownDescription": "The database engine to use for this global database cluster.\n\nValid Values: `aurora-mysql | aurora-postgresql`\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine of the source DB cluster.", + "title": "Engine", + "type": "string" + }, + "EngineLifecycleSupport": { + "markdownDescription": "The life cycle type for this global database cluster.\n\n> By default, this value is set to `open-source-rds-extended-support` , which enrolls your global cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to `open-source-rds-extended-support-disabled` . In this case, creating the global cluster will fail if the DB major version is past its end of standard support date. \n\nThis setting only applies to Aurora PostgreSQL-based global databases.\n\nYou can use this setting to enroll your global cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your global cluster past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* .\n\nValid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`\n\nDefault: `open-source-rds-extended-support`", + "title": "EngineLifecycleSupport", + "type": "string" + }, + "EngineVersion": { + "markdownDescription": "The engine version to use for this global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine version of the source DB cluster.", + "title": "EngineVersion", + "type": "string" + }, + "GlobalClusterIdentifier": { + "markdownDescription": "The cluster identifier for this global database cluster. This parameter is stored as a lowercase string.", + "title": "GlobalClusterIdentifier", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "markdownDescription": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database.\n\nIf you provide a value for this parameter, don't specify values for the following settings because Amazon Aurora uses the values from the specified source DB cluster:\n\n- `DatabaseName`\n- `Engine`\n- `EngineVersion`\n- `StorageEncrypted`", + "title": "SourceDBClusterIdentifier", + "type": "string" + }, + "StorageEncrypted": { + "markdownDescription": "Specifies whether to enable storage encryption for the new global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the setting from the source DB cluster.", + "title": "StorageEncrypted", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The list of data path values for the data path options.", - "title": "DataPathList", - "type": "array" + "type": "object" }, - "Width": { - "markdownDescription": "The width of the data path option.", - "title": "Width", + "Type": { + "enum": [ + "AWS::RDS::GlobalCluster" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "DataPathList" + "Type" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldCollapseStateOption": { + "AWS::RDS::GlobalCluster.GlobalEndpoint": { "additionalProperties": false, "properties": { - "State": { - "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", - "title": "State", + "Address": { + "markdownDescription": "The writer endpoint for the new global database cluster. This endpoint always points to the writer DB instance in the current primary cluster.", + "title": "Address", "type": "string" - }, - "Target": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget", - "markdownDescription": "A tagged-union object that sets the collapse state.", - "title": "Target" } }, - "required": [ - "Target" - ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget": { + "AWS::RDS::Integration": { "additionalProperties": false, "properties": { - "FieldDataPathValues": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *AWS Key Management Service Developer Guide* .\n\nYou can only include this parameter if you specify the `KMSKeyId` parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "DataFilter": { + "markdownDescription": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse.", + "title": "DataFilter", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the integration.", + "title": "Description", + "type": "string" + }, + "IntegrationName": { + "markdownDescription": "The name of the integration.", + "title": "IntegrationName", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS Key Management System ( AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key.", + "title": "KMSKeyId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database to use as the source for replication.", + "title": "SourceArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An optional array of key-value pairs to apply to this integration.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The ARN of the Redshift data warehouse to use as the target for replication.", + "title": "TargetArn", + "type": "string" + } }, - "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", - "title": "FieldDataPathValues", - "type": "array" + "required": [ + "SourceArn", + "TargetArn" + ], + "type": "object" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", - "title": "FieldId", + "Type": { + "enum": [ + "AWS::RDS::Integration" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldOption": { + "AWS::RDS::OptionGroup": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label of the pivot table field.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID of the pivot table field.", - "title": "FieldId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the pivot table field.", - "title": "Visibility", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "EngineName": { + "markdownDescription": "Specifies the name of the engine that this option group should be associated with.\n\nValid Values:\n\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", + "title": "EngineName", + "type": "string" + }, + "MajorEngineVersion": { + "markdownDescription": "Specifies the major version of the engine that this option group should be associated with.", + "title": "MajorEngineVersion", + "type": "string" + }, + "OptionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionConfiguration" + }, + "markdownDescription": "A list of all available options for an option group.", + "title": "OptionConfigurations", + "type": "array" + }, + "OptionGroupDescription": { + "markdownDescription": "The description of the option group.", + "title": "OptionGroupDescription", + "type": "string" + }, + "OptionGroupName": { + "markdownDescription": "The name of the option group to be created.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nExample: `myoptiongroup`\n\nIf you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.\n\n> This value is stored as a lowercase string.", + "title": "OptionGroupName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to assign to the option group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "EngineName", + "MajorEngineVersion", + "OptionGroupDescription" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RDS::OptionGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldOptions": { + "AWS::RDS::OptionGroup.OptionConfiguration": { "additionalProperties": false, "properties": { - "CollapseStateOptions": { + "DBSecurityGroupMemberships": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateOption" + "type": "string" }, - "markdownDescription": "The collapse state options for the pivot table field options.", - "title": "CollapseStateOptions", + "markdownDescription": "A list of DB security groups used for this option.", + "title": "DBSecurityGroupMemberships", "type": "array" }, - "DataPathOptions": { + "OptionName": { + "markdownDescription": "The configuration of options to include in a group.", + "title": "OptionName", + "type": "string" + }, + "OptionSettings": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableDataPathOption" + "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionSetting" }, - "markdownDescription": "The data path options for the pivot table field options.", - "title": "DataPathOptions", + "markdownDescription": "The option settings to include in an option group.", + "title": "OptionSettings", "type": "array" }, - "SelectedFieldOptions": { + "OptionVersion": { + "markdownDescription": "The version for the option.", + "title": "OptionVersion", + "type": "string" + }, + "Port": { + "markdownDescription": "The optional port for the option.", + "title": "Port", + "type": "number" + }, + "VpcSecurityGroupMemberships": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOption" + "type": "string" }, - "markdownDescription": "The selected field options for the pivot table field options.", - "title": "SelectedFieldOptions", + "markdownDescription": "A list of VPC security group names used for this option.", + "title": "VpcSecurityGroupMemberships", "type": "array" } }, + "required": [ + "OptionName" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldSubtotalOptions": { + "AWS::RDS::OptionGroup.OptionSetting": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field ID of the subtotal options.", - "title": "FieldId", + "Name": { + "markdownDescription": "The name of the option that has settings that you can set.", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The current value of the option setting.", + "title": "Value", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableFieldWells": { - "additionalProperties": false, - "properties": { - "PivotTableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the pivot table.", - "title": "PivotTableAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PivotTableOptions": { + "AWS::RUM::AppMonitor": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of cells.", - "title": "CellStyle" - }, - "CollapsedRowDimensionsVisibility": { - "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", - "title": "CollapsedRowDimensionsVisibility", - "type": "string" - }, - "ColumnHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of the column header.", - "title": "ColumnHeaderStyle" - }, - "ColumnNamesVisibility": { - "markdownDescription": "The visibility of the column names.", - "title": "ColumnNamesVisibility", - "type": "string" - }, - "DefaultCellWidth": { - "markdownDescription": "The default cell width of the pivot table.", - "title": "DefaultCellWidth", + "Condition": { "type": "string" }, - "MetricPlacement": { - "markdownDescription": "The metric placement (row, column) options.", - "title": "MetricPlacement", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors).", - "title": "RowAlternateColorOptions" - }, - "RowFieldNamesStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of row field names.", - "title": "RowFieldNamesStyle" - }, - "RowHeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of the row headers.", - "title": "RowHeaderStyle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "RowsLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableRowsLabelOptions", - "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", - "title": "RowsLabelOptions" + "Metadata": { + "type": "object" }, - "RowsLayout": { - "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", - "title": "RowsLayout", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AppMonitorConfiguration": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.AppMonitorConfiguration", + "markdownDescription": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions.", + "title": "AppMonitorConfiguration" + }, + "CustomEvents": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.CustomEvents", + "markdownDescription": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` .", + "title": "CustomEvents" + }, + "CwLogEnabled": { + "markdownDescription": "Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges.\n\nIf you omit this parameter, the default is `false` .", + "title": "CwLogEnabled", + "type": "boolean" + }, + "DeobfuscationConfiguration": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.DeobfuscationConfiguration", + "markdownDescription": "A structure that contains the configuration for how an app monitor can deobfuscate stack traces.", + "title": "DeobfuscationConfiguration" + }, + "Domain": { + "markdownDescription": "The top-level internet domain name for which your application has administrative authority. This parameter or the `DomainList` parameter is required.", + "title": "Domain", + "type": "string" + }, + "DomainList": { + "items": { + "type": "string" + }, + "markdownDescription": "List the domain names for which your application has administrative authority. This parameter or the `Domain` parameter is required.\n\nYou can have a minimum of 1 and a maximum of 5 `Domain` under `DomainList` . Each `Domain` must be a minimum length of 1 and a maximum of 253 characters.", + "title": "DomainList", + "type": "array" + }, + "Name": { + "markdownDescription": "A name for the app monitor. This parameter is required.", + "title": "Name", + "type": "string" + }, + "ResourcePolicy": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.ResourcePolicy", + "markdownDescription": "Use this structure to assign a resource-based policy to a CloudWatch RUM app monitor to control access to it. Each app monitor can have one resource-based policy. The maximum size of the policy is 4 KB. To learn more about using resource policies with RUM, see [Using resource-based policies with CloudWatch RUM](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html) .", + "title": "ResourcePolicy" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "SingleMetricVisibility": { - "markdownDescription": "The visibility of the single metric options.", - "title": "SingleMetricVisibility", + "Type": { + "enum": [ + "AWS::RUM::AppMonitor" + ], "type": "string" }, - "ToggleButtonsVisibility": { - "markdownDescription": "Determines the visibility of the pivot table.", - "title": "ToggleButtonsVisibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.PivotTablePaginatedReportOptions": { + "AWS::RUM::AppMonitor.AppMonitorConfiguration": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of the repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", - "type": "string" + "AllowCookies": { + "markdownDescription": "If you set this to `true` , the CloudWatch RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the CloudWatch RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page.", + "title": "AllowCookies", + "type": "boolean" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of the printing table overflow across pages.", - "title": "VerticalOverflowVisibility", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PivotTableRowsLabelOptions": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the rows label.", - "title": "CustomLabel", + "EnableXRay": { + "markdownDescription": "If you set this to `true` , CloudWatch RUM sends client-side traces to X-Ray for each sampled session. You can then see traces and segments from these user sessions in the RUM dashboard and the CloudWatch ServiceLens console. For more information, see [What is AWS X-Ray ?](https://docs.aws.amazon.com/xray/latest/devguide/aws-xray.html)", + "title": "EnableXRay", + "type": "boolean" + }, + "ExcludedPages": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of URLs in your website or application to exclude from RUM data collection.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", + "title": "ExcludedPages", + "type": "array" + }, + "FavoritePages": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of pages in your application that are to be displayed with a \"favorite\" icon in the CloudWatch RUM console.", + "title": "FavoritePages", + "type": "array" + }, + "GuestRoleArn": { + "markdownDescription": "The ARN of the guest IAM role that is attached to the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", + "title": "GuestRoleArn", "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the rows label.", - "title": "Visibility", + "IdentityPoolId": { + "markdownDescription": "The ID of the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", + "title": "IdentityPoolId", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PivotTableSortBy": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", - "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", - "title": "Column" }, - "DataPath": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathSort", - "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", - "title": "DataPath" + "IncludedPages": { + "items": { + "type": "string" + }, + "markdownDescription": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", + "title": "IncludedPages", + "type": "array" }, - "Field": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", - "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", - "title": "Field" + "MetricDestinations": { + "items": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDestination" + }, + "markdownDescription": "An array of structures that each define a destination that this app monitor will send extended metrics to.", + "title": "MetricDestinations", + "type": "array" + }, + "SessionSampleRate": { + "markdownDescription": "Specifies the portion of user sessions to use for CloudWatch RUM data collection. Choosing a higher portion gives you more data but also incurs more costs.\n\nThe range for this value is 0 to 1 inclusive. Setting this to 1 means that 100% of user sessions are sampled, and setting it to 0.1 means that 10% of user sessions are sampled.\n\nIf you omit this parameter, the default of 0.1 is used, and 10% of sessions will be sampled.", + "title": "SessionSampleRate", + "type": "number" + }, + "Telemetries": { + "items": { + "type": "string" + }, + "markdownDescription": "An array that lists the types of telemetry data that this app monitor is to collect.\n\n- `errors` indicates that RUM collects data about unhandled JavaScript errors raised by your application.\n- `performance` indicates that RUM collects performance data about how your application and its resources are loaded and rendered. This includes Core Web Vitals.\n- `http` indicates that RUM collects data about HTTP errors thrown by your application.", + "title": "Telemetries", + "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableSortConfiguration": { + "AWS::RUM::AppMonitor.CustomEvents": { "additionalProperties": false, "properties": { - "FieldSortOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotFieldSortOptions" - }, - "markdownDescription": "The field sort options for a pivot table sort configuration.", - "title": "FieldSortOptions", - "type": "array" + "Status": { + "markdownDescription": "Set this to `ENABLED` to allow the web client to send custom events for this app monitor.\n\nValid values are `ENABLED` and `DISABLED` .", + "title": "Status", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableTotalOptions": { + "AWS::RUM::AppMonitor.DeobfuscationConfiguration": { "additionalProperties": false, "properties": { - "ColumnSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", - "markdownDescription": "The column subtotal options.", - "title": "ColumnSubtotalOptions" - }, - "ColumnTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", - "markdownDescription": "The column total options.", - "title": "ColumnTotalOptions" - }, - "RowSubtotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", - "markdownDescription": "The row subtotal options.", - "title": "RowSubtotalOptions" - }, - "RowTotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", - "markdownDescription": "The row total options.", - "title": "RowTotalOptions" + "JavaScriptSourceMaps": { + "$ref": "#/definitions/AWS::RUM::AppMonitor.JavaScriptSourceMaps", + "markdownDescription": "A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps.", + "title": "JavaScriptSourceMaps" } }, "type": "object" }, - "AWS::QuickSight::Template.PivotTableVisual": { + "AWS::RUM::AppMonitor.JavaScriptSourceMaps": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "S3Uri": { + "markdownDescription": "The S3Uri of the bucket or folder that stores the source map files. It is required if status is ENABLED.", + "title": "S3Uri", + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Status": { + "markdownDescription": "Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be `DISABLED` .", + "title": "Status", "type": "string" } }, "required": [ - "VisualId" + "Status" ], "type": "object" }, - "AWS::QuickSight::Template.PivotTotalOptions": { + "AWS::RUM::AppMonitor.MetricDefinition": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the total of header cells.", - "title": "MetricHeaderCellStyle" + "DimensionKeys": { + "additionalProperties": true, + "markdownDescription": "This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch . The value of this field is used only if the metric destination is `CloudWatch` . If the metric destination is `Evidently` , the value of `DimensionKeys` is ignored.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "DimensionKeys", + "type": "object" }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "EventPattern": { + "markdownDescription": "The pattern that defines the metric. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination.\n\nIf the metrics destination is `CloudWatch` and the event also matches a value in `DimensionKeys` , then the metric is published with the specified dimensions.", + "title": "EventPattern", "type": "string" }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + "Name": { + "markdownDescription": "The name of the metric that is defined in this structure.", + "title": "Name", "type": "string" }, - "TotalAggregationOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" - }, - "markdownDescription": "The total aggregation options for each value field.", - "title": "TotalAggregationOptions", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", + "Namespace": { + "markdownDescription": "If you are creating a custom metric instead of an extended metrics, use this parameter to define the metric namespace for that custom metric. Do not specify this parameter if you are creating an extended metric.\n\nYou can't use any string that starts with `AWS/` for your namespace.", + "title": "Namespace", "type": "string" }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the totals of value cells.", - "title": "ValueCellStyle" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.PredefinedHierarchy": { - "additionalProperties": false, - "properties": { - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" - }, - "markdownDescription": "The list of columns that define the predefined hierarchy.", - "title": "Columns", - "type": "array" - }, - "DrillDownFilters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" - }, - "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", - "title": "DrillDownFilters", - "type": "array" + "UnitLabel": { + "markdownDescription": "Use this field only if you are sending this metric to CloudWatch . It defines the CloudWatch metric unit that this metric is measured in.", + "title": "UnitLabel", + "type": "string" }, - "HierarchyId": { - "markdownDescription": "The hierarchy ID of the predefined hierarchy.", - "title": "HierarchyId", + "ValueKey": { + "markdownDescription": "The field within the event object that the metric value is sourced from.", + "title": "ValueKey", "type": "string" } }, "required": [ - "Columns", - "HierarchyId" + "Name" ], "type": "object" }, - "AWS::QuickSight::Template.ProgressBarOptions": { + "AWS::RUM::AppMonitor.MetricDestination": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the progress bar.", - "title": "Visibility", + "Destination": { + "markdownDescription": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently` . If you specify `Evidently` , you must also specify the ARN of the CloudWatch Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.", + "title": "Destination", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.RadarChartAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The aggregated field well categories of a radar chart.", - "title": "Category", - "type": "array" }, - "Color": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", - "title": "Color", - "type": "array" + "DestinationArn": { + "markdownDescription": "Use this parameter only if `Destination` is `Evidently` . This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.", + "title": "DestinationArn", + "type": "string" }, - "Values": { + "IamRoleArn": { + "markdownDescription": "This parameter is required if `Destination` is `Evidently` . If `Destination` is `CloudWatch` , do not use this parameter.\n\nThis parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment.", + "title": "IamRoleArn", + "type": "string" + }, + "MetricDefinitions": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDefinition" }, - "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", - "title": "Values", + "markdownDescription": "An array of structures which define the metrics that you want to send.", + "title": "MetricDefinitions", "type": "array" } }, + "required": [ + "Destination" + ], "type": "object" }, - "AWS::QuickSight::Template.RadarChartAreaStyleSettings": { + "AWS::RUM::AppMonitor.ResourcePolicy": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility settings of a radar chart.", - "title": "Visibility", + "PolicyDocument": { + "markdownDescription": "The JSON to use as the resource policy. The document can be up to 4 KB in size. For more information about the contents and syntax for this policy, see [Using resource-based policies with CloudWatch RUM](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html) .", + "title": "PolicyDocument", + "type": "string" + }, + "PolicyRevisionId": { + "markdownDescription": "A string value that you can use to conditionally update your policy. You can provide the revision ID of your existing policy to make mutating requests against that policy.\n\nWhen you assign a policy revision ID, then later requests about that policy will be rejected with an `InvalidPolicyRevisionIdException` error if they don't provide the correct current revision ID.", + "title": "PolicyRevisionId", "type": "string" } }, + "required": [ + "PolicyDocument" + ], "type": "object" }, - "AWS::QuickSight::Template.RadarChartConfiguration": { + "AWS::Rbin::Rule": { "additionalProperties": false, "properties": { - "AlternateBandColorsVisibility": { - "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", - "title": "AlternateBandColorsVisibility", - "type": "string" - }, - "AlternateBandEvenColor": { - "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", - "title": "AlternateBandEvenColor", - "type": "string" - }, - "AlternateBandOddColor": { - "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", - "title": "AlternateBandOddColor", + "Condition": { "type": "string" }, - "AxesRangeScale": { - "markdownDescription": "The axis behavior options of a radar chart.", - "title": "AxesRangeScale", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "BaseSeriesSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSeriesSettings", - "markdownDescription": "The base sreies settings of a radar chart.", - "title": "BaseSeriesSettings" - }, - "CategoryAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The category axis of a radar chart.", - "title": "CategoryAxis" - }, - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The category label options of a radar chart.", - "title": "CategoryLabelOptions" - }, - "ColorAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The color axis of a radar chart.", - "title": "ColorAxis" - }, - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The color label options of a radar chart.", - "title": "ColorLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartFieldWells", - "markdownDescription": "The field well configuration of a `RadarChartVisual` .", - "title": "FieldWells" + "Metadata": { + "type": "object" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The retention rule description.", + "title": "Description", + "type": "string" + }, + "ExcludeResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Rbin::Rule.ResourceTag" + }, + "markdownDescription": "[Region-level retention rules only] Specifies the exclusion tags to use to identify resources that are to be excluded, or ignored, by a Region-level retention rule. Resources that have any of these tags are not retained by the retention rule upon deletion.\n\nYou can't specify exclusion tags for tag-level retention rules.", + "title": "ExcludeResourceTags", + "type": "array" + }, + "LockConfiguration": { + "$ref": "#/definitions/AWS::Rbin::Rule.UnlockDelay", + "markdownDescription": "Information about the retention rule lock configuration.", + "title": "LockConfiguration" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::Rbin::Rule.ResourceTag" + }, + "markdownDescription": "[Tag-level retention rules only] Specifies the resource tags to use to identify resources that are to be retained by a tag-level retention rule. For tag-level retention rules, only deleted resources, of the specified resource type, that have one or more of the specified tag key and value pairs are retained. If a resource is deleted, but it does not have any of the specified tag key and value pairs, it is immediately deleted without being retained by the retention rule.\n\nYou can add the same tag key and value pair to a maximum or five retention rules.\n\nTo create a Region-level retention rule, omit this parameter. A Region-level retention rule does not have any resource tags specified. It retains all deleted resources of the specified resource type in the Region in which the rule is created, even if the resources are not tagged.", + "title": "ResourceTags", + "type": "array" + }, + "ResourceType": { + "markdownDescription": "The resource type to be retained by the retention rule. Currently, only Amazon EBS snapshots and EBS-backed AMIs are supported. To retain snapshots, specify `EBS_SNAPSHOT` . To retain EBS-backed AMIs, specify `EC2_IMAGE` .", + "title": "ResourceType", + "type": "string" + }, + "RetentionPeriod": { + "$ref": "#/definitions/AWS::Rbin::Rule.RetentionPeriod", + "markdownDescription": "Information about the retention period for which the retention rule is to retain resources.", + "title": "RetentionPeriod" + }, + "Status": { + "markdownDescription": "The state of the retention rule. Only retention rules that are in the `available` state retain resources.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Information about the tags to assign to the retention rule.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ResourceType", + "RetentionPeriod" + ], + "type": "object" }, - "Shape": { - "markdownDescription": "The shape of the radar chart.", - "title": "Shape", + "Type": { + "enum": [ + "AWS::Rbin::Rule" + ], "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSortConfiguration", - "markdownDescription": "The sort configuration of a `RadarChartVisual` .", - "title": "SortConfiguration" - }, - "StartAngle": { - "markdownDescription": "The start angle of a radar chart's axis.", - "title": "StartAngle", - "type": "number" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.RadarChartFieldWells": { + "AWS::Rbin::Rule.ResourceTag": { "additionalProperties": false, "properties": { - "RadarChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a radar chart visual.", - "title": "RadarChartAggregatedFieldWells" + "ResourceTagKey": { + "markdownDescription": "The tag key.", + "title": "ResourceTagKey", + "type": "string" + }, + "ResourceTagValue": { + "markdownDescription": "The tag value.", + "title": "ResourceTagValue", + "type": "string" } }, + "required": [ + "ResourceTagKey", + "ResourceTagValue" + ], "type": "object" }, - "AWS::QuickSight::Template.RadarChartSeriesSettings": { + "AWS::Rbin::Rule.RetentionPeriod": { "additionalProperties": false, "properties": { - "AreaStyleSettings": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAreaStyleSettings", - "markdownDescription": "The area style settings of a radar chart.", - "title": "AreaStyleSettings" + "RetentionPeriodUnit": { + "markdownDescription": "The unit of time in which the retention period is measured. Currently, only `DAYS` is supported.", + "title": "RetentionPeriodUnit", + "type": "string" + }, + "RetentionPeriodValue": { + "markdownDescription": "The period value for which the retention rule is to retain resources. The period is measured using the unit specified for *RetentionPeriodUnit* .", + "title": "RetentionPeriodValue", + "type": "number" } }, + "required": [ + "RetentionPeriodUnit", + "RetentionPeriodValue" + ], "type": "object" }, - "AWS::QuickSight::Template.RadarChartSortConfiguration": { + "AWS::Rbin::Rule.UnlockDelay": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The category items limit for a radar chart.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The category sort options of a radar chart.", - "title": "CategorySort", - "type": "array" - }, - "ColorItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The color items limit of a radar chart.", - "title": "ColorItemsLimit" + "UnlockDelayUnit": { + "markdownDescription": "The unit of time in which to measure the unlock delay. Currently, the unlock delay can be measure only in days.", + "title": "UnlockDelayUnit", + "type": "string" }, - "ColorSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The color sort configuration of a radar chart.", - "title": "ColorSort", - "type": "array" + "UnlockDelayValue": { + "markdownDescription": "The unlock delay period, measured in the unit specified for *UnlockDelayUnit* .", + "title": "UnlockDelayValue", + "type": "number" } }, "type": "object" }, - "AWS::QuickSight::Template.RadarChartVisual": { + "AWS::Redshift::Cluster": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowVersionUpgrade": { + "markdownDescription": "If `true` , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster.\n\nWhen a new major version of the Amazon Redshift engine is released, you can request that the service automatically apply upgrades during the maintenance window to the Amazon Redshift engine that is running on your cluster.\n\nDefault: `true`", + "title": "AllowVersionUpgrade", + "type": "boolean" + }, + "AquaConfigurationStatus": { + "markdownDescription": "This parameter is retired. It does not set the AQUA configuration status. Amazon Redshift automatically determines whether to use AQUA (Advanced Query Accelerator).", + "title": "AquaConfigurationStatus", + "type": "string" + }, + "AutomatedSnapshotRetentionPeriod": { + "markdownDescription": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with [CreateClusterSnapshot](https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html) in the *Amazon Redshift API Reference* .\n\nDefault: `1`\n\nConstraints: Must be a value from 0 to 35.", + "title": "AutomatedSnapshotRetentionPeriod", + "type": "number" + }, + "AvailabilityZone": { + "markdownDescription": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n\nDefault: A random, system-chosen Availability Zone in the region that is specified by the endpoint.\n\nExample: `us-east-2d`\n\nConstraint: The specified Availability Zone must be in the same region as the current endpoint.", + "title": "AvailabilityZone", + "type": "string" + }, + "AvailabilityZoneRelocation": { + "markdownDescription": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster is created.", + "title": "AvailabilityZoneRelocation", + "type": "boolean" + }, + "AvailabilityZoneRelocationStatus": { + "markdownDescription": "Describes the status of the Availability Zone relocation operation.", + "title": "AvailabilityZoneRelocationStatus", + "type": "string" + }, + "Classic": { + "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", + "title": "Classic", + "type": "boolean" + }, + "ClusterIdentifier": { + "markdownDescription": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. The identifier also appears in the Amazon Redshift console.\n\nConstraints:\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- Alphabetic characters must be lowercase.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n- Must be unique for all clusters within an AWS account .\n\nExample: `myexamplecluster`", + "title": "ClusterIdentifier", + "type": "string" + }, + "ClusterParameterGroupName": { + "markdownDescription": "The name of the parameter group to be associated with this cluster.\n\nDefault: The default Amazon Redshift cluster parameter group. For information about the default parameter group, go to [Working with Amazon Redshift Parameter Groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n\nConstraints:\n\n- Must be 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "ClusterParameterGroupName", + "type": "string" + }, + "ClusterSecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security groups to be associated with this cluster.\n\nDefault: The default cluster security group for Amazon Redshift.", + "title": "ClusterSecurityGroups", + "type": "array" + }, + "ClusterSubnetGroupName": { + "markdownDescription": "The name of a cluster subnet group to be associated with this cluster.\n\nIf this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).", + "title": "ClusterSubnetGroupName", + "type": "string" + }, + "ClusterType": { + "markdownDescription": "The type of the cluster. When cluster type is specified as\n\n- `single-node` , the *NumberOfNodes* parameter is not required.\n- `multi-node` , the *NumberOfNodes* parameter is required.\n\nValid Values: `multi-node` | `single-node`\n\nDefault: `multi-node`", + "title": "ClusterType", + "type": "string" + }, + "ClusterVersion": { + "markdownDescription": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\n\nThe version selected runs on all the nodes in the cluster.\n\nConstraints: Only version 1.0 is currently available.\n\nExample: `1.0`", + "title": "ClusterVersion", + "type": "string" + }, + "DBName": { + "markdownDescription": "The name of the first database to be created when the cluster is created.\n\nTo create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. For more information, go to [Create a Database](https://docs.aws.amazon.com/redshift/latest/dg/t_creating_database.html) in the Amazon Redshift Database Developer Guide.\n\nDefault: `dev`\n\nConstraints:\n\n- Must contain 1 to 64 alphanumeric characters.\n- Must contain only lowercase letters.\n- Cannot be a word that is reserved by the service. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "DBName", + "type": "string" + }, + "DeferMaintenance": { + "markdownDescription": "A Boolean indicating whether to enable the deferred maintenance window.", + "title": "DeferMaintenance", + "type": "boolean" + }, + "DeferMaintenanceDuration": { + "markdownDescription": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less.", + "title": "DeferMaintenanceDuration", + "type": "number" + }, + "DeferMaintenanceEndTime": { + "markdownDescription": "A timestamp for the end of the time period when we defer maintenance.", + "title": "DeferMaintenanceEndTime", + "type": "string" + }, + "DeferMaintenanceStartTime": { + "markdownDescription": "A timestamp indicating the start time for the deferred maintenance window.", + "title": "DeferMaintenanceStartTime", + "type": "string" + }, + "DestinationRegion": { + "markdownDescription": "The destination region that snapshots are automatically copied to when cross-region snapshot copy is enabled.", + "title": "DestinationRegion", + "type": "string" + }, + "ElasticIp": { + "markdownDescription": "The Elastic IP (EIP) address for the cluster.\n\nConstraints: The cluster must be provisioned in EC2-VPC and publicly-accessible through an Internet gateway. Don't specify the Elastic IP address for a publicly accessible cluster with availability zone relocation turned on. For more information about provisioning clusters in EC2-VPC, go to [Supported Platforms to Launch Your Cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#cluster-platforms) in the Amazon Redshift Cluster Management Guide.", + "title": "ElasticIp", + "type": "string" + }, + "Encrypted": { + "markdownDescription": "If `true` , the data in the cluster is encrypted at rest. If you set the value on this parameter to `false` , the request will fail.\n\nDefault: true", + "title": "Encrypted", + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/AWS::Redshift::Cluster.Endpoint", + "markdownDescription": "The connection endpoint.", + "title": "Endpoint" + }, + "EnhancedVpcRouting": { + "markdownDescription": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see [Enhanced VPC Routing](https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html) in the Amazon Redshift Cluster Management Guide.\n\nIf this option is `true` , enhanced VPC routing is enabled.\n\nDefault: false", + "title": "EnhancedVpcRouting", + "type": "boolean" + }, + "HsmClientCertificateIdentifier": { + "markdownDescription": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.", + "title": "HsmClientCertificateIdentifier", + "type": "string" + }, + "HsmConfigurationIdentifier": { + "markdownDescription": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM.", + "title": "HsmConfigurationIdentifier", + "type": "string" + }, + "IamRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.\n\nThe maximum number of IAM roles that you can associate is subject to a quota. For more information, go to [Quotas and limits](https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html) in the *Amazon Redshift Cluster Management Guide* .", + "title": "IamRoles", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster.", + "title": "KmsKeyId", + "type": "string" + }, + "LoggingProperties": { + "$ref": "#/definitions/AWS::Redshift::Cluster.LoggingProperties", + "markdownDescription": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.", + "title": "LoggingProperties" + }, + "MaintenanceTrackName": { + "markdownDescription": "An optional parameter for the name of the maintenance track for the cluster. If you don't provide a maintenance track name, the cluster is assigned to the `current` track.", + "title": "MaintenanceTrackName", + "type": "string" + }, + "ManageMasterPassword": { + "markdownDescription": "If `true` , Amazon Redshift uses AWS Secrets Manager to manage this cluster's admin credentials. You can't use `MasterUserPassword` if `ManageMasterPassword` is true. If `ManageMasterPassword` is false or not set, Amazon Redshift uses `MasterUserPassword` for the admin user account's password.", + "title": "ManageMasterPassword", + "type": "boolean" + }, + "ManualSnapshotRetentionPeriod": { + "markdownDescription": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots.\n\nThe value must be either -1 or an integer between 1 and 3,653.", + "title": "ManualSnapshotRetentionPeriod", + "type": "number" + }, + "MasterPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if `ManageMasterPassword` is true.", + "title": "MasterPasswordSecretKmsKeyId", + "type": "string" + }, + "MasterUserPassword": { + "markdownDescription": "The password associated with the admin user account for the cluster that is being created.\n\nYou can't use `MasterUserPassword` if `ManageMasterPassword` is `true` .\n\nConstraints:\n\n- Must be between 8 and 64 characters in length.\n- Must contain at least one uppercase letter.\n- Must contain at least one lowercase letter.\n- Must contain one number.\n- Can be any printable ASCII character (ASCII code 33-126) except `'` (single quote), `\"` (double quote), `\\` , `/` , or `@` .", + "title": "MasterUserPassword", + "type": "string" + }, + "MasterUsername": { + "markdownDescription": "The user name associated with the admin user account for the cluster that is being created.\n\nConstraints:\n\n- Must be 1 - 128 alphanumeric characters or hyphens. The user name can't be `PUBLIC` .\n- Must contain only lowercase letters, numbers, underscore, plus sign, period (dot), at symbol (@), or hyphen.\n- The first character must be a letter.\n- Must not contain a colon (:) or a slash (/).\n- Cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "MasterUsername", + "type": "string" + }, + "MultiAZ": { + "markdownDescription": "A boolean indicating whether Amazon Redshift should deploy the cluster in two Availability Zones. The default is false.", + "title": "MultiAZ", + "type": "boolean" + }, + "NamespaceResourcePolicy": { + "markdownDescription": "The policy that is attached to a resource.", + "title": "NamespaceResourcePolicy", + "type": "object" + }, + "NodeType": { + "markdownDescription": "The node type to be provisioned for the cluster. For information about node types, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nValid Values: `dc2.large` | `dc2.8xlarge` | `ra3.large` | `ra3.xlplus` | `ra3.4xlarge` | `ra3.16xlarge`", + "title": "NodeType", + "type": "string" + }, + "NumberOfNodes": { + "markdownDescription": "The number of compute nodes in the cluster. This parameter is required when the *ClusterType* parameter is specified as `multi-node` .\n\nFor information about determining how many nodes you need, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nIf you don't specify this parameter, you get a single-node cluster. When requesting a multi-node cluster, you must specify the number of nodes that you want in the cluster.\n\nDefault: `1`\n\nConstraints: Value must be at least 1 and no more than 100.", + "title": "NumberOfNodes", + "type": "number" + }, + "OwnerAccount": { + "markdownDescription": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.", + "title": "OwnerAccount", + "type": "string" + }, + "Port": { + "markdownDescription": "The port number on which the cluster accepts incoming connections.\n\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections.\n\nDefault: `5439`\n\nValid Values:\n\n- For clusters with ra3 nodes - Select a port within the ranges `5431-5455` or `8191-8215` . (If you have an existing cluster with ra3 nodes, it isn't required that you change the port to these ranges.)\n- For clusters with dc2 nodes - Select a port within the range `1150-65535` .", + "title": "Port", + "type": "number" + }, + "PreferredMaintenanceWindow": { + "markdownDescription": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nDefault: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see [Maintenance Windows](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#rs-maintenance-windows) in Amazon Redshift Cluster Management Guide.\n\nValid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun\n\nConstraints: Minimum 30-minute window.", + "title": "PreferredMaintenanceWindow", + "type": "string" + }, + "PubliclyAccessible": { + "markdownDescription": "If `true` , the cluster can be accessed from a public network.\n\nDefault: false", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "ResourceAction": { + "markdownDescription": "The Amazon Redshift operation to be performed. Supported operations are `pause-cluster` , `resume-cluster` , and `failover-primary-compute` .", + "title": "ResourceAction", + "type": "string" + }, + "RevisionTarget": { + "markdownDescription": "Describes a `RevisionTarget` object.", + "title": "RevisionTarget", + "type": "string" + }, + "RotateEncryptionKey": { + "markdownDescription": "Rotates the encryption keys for a cluster.", + "title": "RotateEncryptionKey", + "type": "boolean" + }, + "SnapshotClusterIdentifier": { + "markdownDescription": "The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", + "title": "SnapshotClusterIdentifier", + "type": "string" + }, + "SnapshotCopyGrantName": { + "markdownDescription": "The name of the snapshot copy grant.", + "title": "SnapshotCopyGrantName", + "type": "string" + }, + "SnapshotCopyManual": { + "markdownDescription": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.", + "title": "SnapshotCopyManual", + "type": "boolean" + }, + "SnapshotCopyRetentionPeriod": { + "markdownDescription": "The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region .\n\nBy default, this only changes the retention period of copied automated snapshots.\n\nIf you decrease the retention period for automated snapshots that are copied to a destination AWS Region , Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.\n\nConstraints: Must be at least 1 and no more than 35 for automated snapshots.\n\nIf you specify the `manual` option, only newly copied manual snapshots will have the new retention period.\n\nIf you specify the value of -1 newly copied manual snapshots are retained indefinitely.\n\nConstraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.", + "title": "SnapshotCopyRetentionPeriod", + "type": "number" + }, + "SnapshotIdentifier": { + "markdownDescription": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. You must specify this parameter or `snapshotArn` , but not both.\n\nExample: `my-snapshot-id`", + "title": "SnapshotIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag instances.", + "title": "Tags", + "type": "array" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n\nDefault: The default VPC security group is associated with the cluster.", + "title": "VpcSecurityGroupIds", + "type": "array" + } }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "required": [ + "ClusterType", + "DBName", + "MasterUsername", + "NodeType" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::Redshift::Cluster" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.RangeEndsLabelType": { + "AWS::Redshift::Cluster.Endpoint": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the range ends label.", - "title": "Visibility", + "Address": { + "markdownDescription": "The DNS address of the cluster. This property is read only.", + "title": "Address", + "type": "string" + }, + "Port": { + "markdownDescription": "The port that the database engine is listening on. This property is read only.", + "title": "Port", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.ReferenceLine": { + "AWS::Redshift::Cluster.LoggingProperties": { "additionalProperties": false, "properties": { - "DataConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDataConfiguration", - "markdownDescription": "The data configuration of the reference line.", - "title": "DataConfiguration" - }, - "LabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineLabelConfiguration", - "markdownDescription": "The label configuration of the reference line.", - "title": "LabelConfiguration" + "BucketName": { + "markdownDescription": "The name of an existing S3 bucket where the log files are to be stored.\n\nConstraints:\n\n- Must be in the same region as the cluster\n- The cluster must have read bucket and put object permissions", + "title": "BucketName", + "type": "string" }, - "Status": { - "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", - "title": "Status", + "LogDestinationType": { + "markdownDescription": "The log destination type. An enum with possible values of `s3` and `cloudwatch` .", + "title": "LogDestinationType", "type": "string" }, - "StyleConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStyleConfiguration", - "markdownDescription": "The style configuration of the reference line.", - "title": "StyleConfiguration" - } - }, - "required": [ - "DataConfiguration" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration": { - "additionalProperties": false, - "properties": { - "CustomLabel": { - "markdownDescription": "The string text of the custom label.", - "title": "CustomLabel", + "LogExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The collection of exported log types. Possible values are `connectionlog` , `useractivitylog` , and `userlog` .", + "title": "LogExports", + "type": "array" + }, + "S3KeyPrefix": { + "markdownDescription": "The prefix applied to the log file names.\n\nValid characters are any letter from any language, any whitespace character, any numeric character, and the following characters: underscore ( `_` ), period ( `.` ), colon ( `:` ), slash ( `/` ), equal ( `=` ), plus ( `+` ), backslash ( `\\` ), hyphen ( `-` ), at symbol ( `@` ).", + "title": "S3KeyPrefix", "type": "string" } }, - "required": [ - "CustomLabel" - ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineDataConfiguration": { + "AWS::Redshift::ClusterParameterGroup": { "additionalProperties": false, "properties": { - "AxisBinding": { - "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", - "title": "AxisBinding", + "Condition": { "type": "string" }, - "DynamicConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration", - "markdownDescription": "The dynamic configuration of the reference line data configuration.", - "title": "DynamicConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SeriesType": { - "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", - "title": "SeriesType", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the parameter group.", + "title": "Description", + "type": "string" + }, + "ParameterGroupFamily": { + "markdownDescription": "The name of the cluster parameter group family that this cluster parameter group is compatible with. You can create a custom parameter group and then associate your cluster with it. For more information, see [Amazon Redshift parameter groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html) .", + "title": "ParameterGroupFamily", + "type": "string" + }, + "ParameterGroupName": { + "markdownDescription": "The name of the cluster parameter group.", + "title": "ParameterGroupName", + "type": "string" + }, + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::Redshift::ClusterParameterGroup.Parameter" + }, + "markdownDescription": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.\n\nFor each parameter to be modified, you must supply at least the parameter name and parameter value; other name-value pairs of the parameter are optional.\n\nFor the workload management (WLM) configuration, you must supply all the name-value pairs in the wlm_json_configuration parameter.", + "title": "Parameters", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags for the cluster parameter group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "ParameterGroupFamily" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterParameterGroup" + ], "type": "string" }, - "StaticConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration", - "markdownDescription": "The static data configuration of the reference line data configuration.", - "title": "StaticConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration": { + "AWS::Redshift::ClusterParameterGroup.Parameter": { "additionalProperties": false, "properties": { - "Calculation": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", - "markdownDescription": "The calculation that is used in the dynamic data.", - "title": "Calculation" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the dynamic data targets.", - "title": "Column" + "ParameterName": { + "markdownDescription": "The name of the parameter.", + "title": "ParameterName", + "type": "string" }, - "MeasureAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", - "markdownDescription": "The aggregation function that is used in the dynamic data.", - "title": "MeasureAggregationFunction" + "ParameterValue": { + "markdownDescription": "The value of the parameter. If `ParameterName` is `wlm_json_configuration` , then the maximum size of `ParameterValue` is 8000 characters.", + "title": "ParameterValue", + "type": "string" } }, "required": [ - "Calculation", - "Column" + "ParameterName", + "ParameterValue" ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineLabelConfiguration": { + "AWS::Redshift::ClusterSecurityGroup": { "additionalProperties": false, "properties": { - "CustomLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration", - "markdownDescription": "The custom label configuration of the label in a reference line.", - "title": "CustomLabelConfiguration" + "Condition": { + "type": "string" }, - "FontColor": { - "markdownDescription": "The font color configuration of the label in a reference line.", - "title": "FontColor", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the label in a reference line.", - "title": "FontConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HorizontalPosition": { - "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", - "title": "HorizontalPosition", - "type": "string" + "Metadata": { + "type": "object" }, - "ValueLabelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration", - "markdownDescription": "The value label configuration of the label in a reference line.", - "title": "ValueLabelConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the security group.", + "title": "Description", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this security group. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description" + ], + "type": "object" }, - "VerticalPosition": { - "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", - "title": "VerticalPosition", + "Type": { + "enum": [ + "AWS::Redshift::ClusterSecurityGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration": { - "additionalProperties": false, - "properties": { - "Value": { - "markdownDescription": "The double input of the static data.", - "title": "Value", - "type": "number" } }, "required": [ - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.ReferenceLineStyleConfiguration": { + "AWS::Redshift::ClusterSecurityGroupIngress": { "additionalProperties": false, "properties": { - "Color": { - "markdownDescription": "The hex color of the reference line.", - "title": "Color", + "Condition": { "type": "string" }, - "Pattern": { - "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", - "title": "Pattern", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration": { - "additionalProperties": false, - "properties": { - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The format configuration of the value label.", - "title": "FormatConfiguration" }, - "RelativePosition": { - "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", - "title": "RelativePosition", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "DateTimeFormat": { - "markdownDescription": "Customize how dates are formatted in controls.", - "title": "DateTimeFormat", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Metadata": { + "type": "object" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "CIDRIP": { + "markdownDescription": "The IP range to be added the Amazon Redshift security group.", + "title": "CIDRIP", + "type": "string" + }, + "ClusterSecurityGroupName": { + "markdownDescription": "The name of the security group to which the ingress rule is added.", + "title": "ClusterSecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupName": { + "markdownDescription": "The EC2 security group to be added the Amazon Redshift security group.", + "title": "EC2SecurityGroupName", + "type": "string" + }, + "EC2SecurityGroupOwnerId": { + "markdownDescription": "The AWS account number of the owner of the security group specified by the *EC2SecurityGroupName* parameter. The AWS Access Key ID is not an acceptable value.\n\nExample: `111122223333`\n\nConditional. If you specify the `EC2SecurityGroupName` property, you must specify this property.", + "title": "EC2SecurityGroupOwnerId", + "type": "string" + } + }, + "required": [ + "ClusterSecurityGroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ClusterSecurityGroupIngress" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.RelativeDatesFilter": { + "AWS::Redshift::ClusterSubnetGroup": { "additionalProperties": false, "properties": { - "AnchorDateConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.AnchorDateConfiguration", - "markdownDescription": "The date configuration of the filter.", - "title": "AnchorDateConfiguration" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", - "markdownDescription": "The configuration for the exclude period of the filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "Condition": { "type": "string" }, - "MinimumGranularity": { - "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", - "title": "MinimumGranularity", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", - "type": "string" + "Metadata": { + "type": "object" }, - "RelativeDateType": { - "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", - "title": "RelativeDateType", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description for the subnet group.", + "title": "Description", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of VPC subnet IDs. A maximum of 20 subnets can be modified in a single request.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this subnet group. Use tags to manage your resources.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Description", + "SubnetIds" + ], + "type": "object" }, - "RelativeDateValue": { - "markdownDescription": "The date value of the filter.", - "title": "RelativeDateValue", - "type": "number" + "Type": { + "enum": [ + "AWS::Redshift::ClusterSubnetGroup" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AnchorDateConfiguration", - "Column", - "FilterId", - "NullOption", - "RelativeDateType", - "TimeGranularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.ResourcePermission": { + "AWS::Redshift::EndpointAccess": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterIdentifier": { + "markdownDescription": "The cluster identifier of the cluster associated with the endpoint.", + "title": "ClusterIdentifier", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "The name of the endpoint.", + "title": "EndpointName", + "type": "string" + }, + "ResourceOwner": { + "markdownDescription": "The AWS account ID of the owner of the cluster.", + "title": "ResourceOwner", + "type": "string" + }, + "SubnetGroupName": { + "markdownDescription": "The subnet group name where Amazon Redshift chooses to deploy the endpoint.", + "title": "SubnetGroupName", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", + "title": "VpcSecurityGroupIds", + "type": "array" + } }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" + "required": [ + "ClusterIdentifier", + "EndpointName", + "SubnetGroupName", + "VpcSecurityGroupIds" + ], + "type": "object" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "Type": { + "enum": [ + "AWS::Redshift::EndpointAccess" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Actions", - "Principal" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.RollingDateConfiguration": { + "AWS::Redshift::EndpointAccess.NetworkInterface": { "additionalProperties": false, "properties": { - "DataSetIdentifier": { - "markdownDescription": "The data set that is used in the rolling date configuration.", - "title": "DataSetIdentifier", + "AvailabilityZone": { + "markdownDescription": "The Availability Zone.", + "title": "AvailabilityZone", "type": "string" }, - "Expression": { - "markdownDescription": "The expression of the rolling date configuration.", - "title": "Expression", + "NetworkInterfaceId": { + "markdownDescription": "The network interface identifier.", + "title": "NetworkInterfaceId", + "type": "string" + }, + "PrivateIpAddress": { + "markdownDescription": "The IPv4 address of the network interface within the subnet.", + "title": "PrivateIpAddress", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The subnet identifier.", + "title": "SubnetId", "type": "string" } }, - "required": [ - "Expression" - ], "type": "object" }, - "AWS::QuickSight::Template.RowAlternateColorOptions": { + "AWS::Redshift::EndpointAccess.VpcEndpoint": { "additionalProperties": false, "properties": { - "RowAlternateColors": { + "NetworkInterfaces": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Redshift::EndpointAccess.NetworkInterface" }, - "markdownDescription": "Determines the list of row alternate colors.", - "title": "RowAlternateColors", + "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", + "title": "NetworkInterfaces", "type": "array" }, - "Status": { - "markdownDescription": "Determines the widget status.", - "title": "Status", + "VpcEndpointId": { + "markdownDescription": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.", + "title": "VpcEndpointId", "type": "string" }, - "UsePrimaryBackgroundColor": { - "markdownDescription": "The primary background color options for alternate rows.", - "title": "UsePrimaryBackgroundColor", + "VpcId": { + "markdownDescription": "The VPC identifier that the endpoint is associated.", + "title": "VpcId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SameSheetTargetVisualConfiguration": { + "AWS::Redshift::EndpointAccess.VpcSecurityGroup": { "additionalProperties": false, "properties": { - "TargetVisualOptions": { - "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", - "title": "TargetVisualOptions", + "Status": { + "markdownDescription": "The status of the endpoint.", + "title": "Status", "type": "string" }, - "TargetVisuals": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", - "title": "TargetVisuals", - "type": "array" + "VpcSecurityGroupId": { + "markdownDescription": "The identifier of the VPC security group.", + "title": "VpcSecurityGroupId", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells": { + "AWS::Redshift::EndpointAuthorization": { "additionalProperties": false, "properties": { - "Destination": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The destination field wells of a sankey diagram.", - "title": "Destination", - "type": "array" + "Condition": { + "type": "string" }, - "Source": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The source field wells of a sankey diagram.", - "title": "Source", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Weight": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Account": { + "markdownDescription": "The AWS account ID of either the cluster owner (grantor) or grantee. If `Grantee` parameter is true, then the `Account` value is of the grantor.", + "title": "Account", + "type": "string" + }, + "ClusterIdentifier": { + "markdownDescription": "The cluster identifier.", + "title": "ClusterIdentifier", + "type": "string" + }, + "Force": { + "markdownDescription": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted.", + "title": "Force", + "type": "boolean" + }, + "VpcIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The virtual private cloud (VPC) identifiers to grant access to.", + "title": "VpcIds", + "type": "array" + } }, - "markdownDescription": "The weight field wells of a sankey diagram.", - "title": "Weight", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SankeyDiagramChartConfiguration": { - "additionalProperties": false, - "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a sankey diagram.", - "title": "DataLabels" + "required": [ + "Account", + "ClusterIdentifier" + ], + "type": "object" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "FieldWells" + "Type": { + "enum": [ + "AWS::Redshift::EndpointAuthorization" + ], + "type": "string" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramSortConfiguration", - "markdownDescription": "The sort configuration of a sankey diagram.", - "title": "SortConfiguration" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramFieldWells": { + "AWS::Redshift::EventSubscription": { "additionalProperties": false, "properties": { - "SankeyDiagramAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells", - "markdownDescription": "The field well configuration of a sankey diagram.", - "title": "SankeyDiagramAggregatedFieldWells" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "A boolean value; set to `true` to activate the subscription, and set to `false` to create the subscription but not activate it.", + "title": "Enabled", + "type": "boolean" + }, + "EventCategories": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the Amazon Redshift event categories to be published by the event notification subscription.\n\nValues: configuration, management, monitoring, security, pending", + "title": "EventCategories", + "type": "array" + }, + "Severity": { + "markdownDescription": "Specifies the Amazon Redshift event severity to be published by the event notification subscription.\n\nValues: ERROR, INFO", + "title": "Severity", + "type": "string" + }, + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", + "title": "SnsTopicArn", + "type": "string" + }, + "SourceIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of one or more identifiers of Amazon Redshift source objects. All of the objects must be of the same type as was specified in the source type parameter. The event subscription will return only events generated by the specified objects. If not specified, then events are returned for all objects within the source type specified.\n\nExample: my-cluster-1, my-cluster-2\n\nExample: my-snapshot-20131010", + "title": "SourceIds", + "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of source that will be generating the events. For example, if you want to be notified of events generated by a cluster, you would set this parameter to cluster. If this value is not specified, events are returned for all Amazon Redshift objects in your AWS account . You must specify a source type in order to specify source IDs.\n\nValid values: cluster, cluster-parameter-group, cluster-security-group, cluster-snapshot, and scheduled-action.", + "title": "SourceType", + "type": "string" + }, + "SubscriptionName": { + "markdownDescription": "The name of the event subscription to be created.\n\nConstraints:\n\n- Cannot be null, empty, or blank.\n- Must contain from 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", + "title": "SubscriptionName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tag instances.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SubscriptionName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::EventSubscription" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramSortConfiguration": { + "AWS::Redshift::Integration": { "additionalProperties": false, "properties": { - "DestinationItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", - "title": "DestinationItemsLimit" + "Condition": { + "type": "string" }, - "SourceItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", - "title": "SourceItemsLimit" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The encryption context for the integration. For more information, see [Encryption context](https://docs.aws.amazon.com/) in the *AWS Key Management Service Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "IntegrationName": { + "markdownDescription": "The name of the integration.", + "title": "IntegrationName", + "type": "string" + }, + "KMSKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key identifier for the key used to encrypt the integration.", + "title": "KMSKeyId", + "type": "string" + }, + "SourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database used as the source for replication.", + "title": "SourceArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags associated with the integration.", + "title": "Tags", + "type": "array" + }, + "TargetArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Redshift data warehouse to use as the target for replication.", + "title": "TargetArn", + "type": "string" + } + }, + "required": [ + "SourceArn", + "TargetArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::Integration" + ], + "type": "string" }, - "WeightSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" - }, - "markdownDescription": "The sort configuration of the weight fields.", - "title": "WeightSort", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.SankeyDiagramVisual": { + "AWS::Redshift::ScheduledAction": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramChartConfiguration", - "markdownDescription": "The configuration of a sankey diagram.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Metadata": { + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Properties": { + "additionalProperties": false, + "properties": { + "Enable": { + "markdownDescription": "If true, the schedule is enabled. If false, the scheduled action does not trigger. For more information about `state` of the scheduled action, see `ScheduledAction` .", + "title": "Enable", + "type": "boolean" + }, + "EndTime": { + "markdownDescription": "The end time in UTC when the schedule is no longer active. After this time, the scheduled action does not trigger.", + "title": "EndTime", + "type": "string" + }, + "IamRole": { + "markdownDescription": "The IAM role to assume to run the scheduled action. This IAM role must have permission to run the Amazon Redshift API operation in the scheduled action. This IAM role must allow the Amazon Redshift scheduler (Principal scheduler.redshift.amazonaws.com) to assume permissions on your behalf. For more information about the IAM role to use with the Amazon Redshift scheduler, see [Using Identity-Based Policies for Amazon Redshift](https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-identity-based.html) in the *Amazon Redshift Cluster Management Guide* .", + "title": "IamRole", + "type": "string" + }, + "Schedule": { + "markdownDescription": "The schedule for a one-time (at format) or recurring (cron format) scheduled action. Schedule invocations must be separated by at least one hour.\n\nFormat of at expressions is \" `at(yyyy-mm-ddThh:mm:ss)` \". For example, \" `at(2016-03-04T17:27:00)` \".\n\nFormat of cron expressions is \" `cron(Minutes Hours Day-of-month Month Day-of-week Year)` \". For example, \" `cron(0 10 ? * MON *)` \". For more information, see [Cron Expressions](https://docs.aws.amazon.com//AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) in the *Amazon CloudWatch Events User Guide* .", + "title": "Schedule", + "type": "string" + }, + "ScheduledActionDescription": { + "markdownDescription": "The description of the scheduled action.", + "title": "ScheduledActionDescription", + "type": "string" + }, + "ScheduledActionName": { + "markdownDescription": "The name of the scheduled action.", + "title": "ScheduledActionName", + "type": "string" + }, + "StartTime": { + "markdownDescription": "The start time in UTC when the schedule is active. Before this time, the scheduled action does not trigger.", + "title": "StartTime", + "type": "string" + }, + "TargetAction": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ScheduledActionType", + "markdownDescription": "A JSON format string of the Amazon Redshift API operation with input parameters.\n\n\" `{\\\"ResizeCluster\\\":{\\\"NodeType\\\":\\\"ra3.4xlarge\\\",\\\"ClusterIdentifier\\\":\\\"my-test-cluster\\\",\\\"NumberOfNodes\\\":3}}` \".", + "title": "TargetAction" + } + }, + "required": [ + "ScheduledActionName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Redshift::ScheduledAction" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells": { + "AWS::Redshift::ScheduledAction.PauseClusterMessage": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" - }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", - "title": "XAxis", - "type": "array" - }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", - "title": "YAxis", - "type": "array" + "ClusterIdentifier": { + "markdownDescription": "The identifier of the cluster to be paused.", + "title": "ClusterIdentifier", + "type": "string" } }, + "required": [ + "ClusterIdentifier" + ], "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotConfiguration": { + "AWS::Redshift::ScheduledAction.ResizeClusterMessage": { "additionalProperties": false, "properties": { - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" - }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Tooltip" - }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The palette (chart color) display setup of the visual.", - "title": "VisualPalette" + "Classic": { + "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", + "title": "Classic", + "type": "boolean" }, - "XAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", - "title": "XAxisDisplayOptions" + "ClusterIdentifier": { + "markdownDescription": "The unique identifier for the cluster to resize.", + "title": "ClusterIdentifier", + "type": "string" }, - "XAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", - "title": "XAxisLabelOptions" + "ClusterType": { + "markdownDescription": "The new cluster type for the specified cluster.", + "title": "ClusterType", + "type": "string" }, - "YAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", - "title": "YAxisDisplayOptions" + "NodeType": { + "markdownDescription": "The new node type for the nodes you are adding. If not specified, the cluster's current node type is used.", + "title": "NodeType", + "type": "string" }, - "YAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", - "title": "YAxisLabelOptions" + "NumberOfNodes": { + "markdownDescription": "The new number of nodes for the cluster. If not specified, the cluster's current number of nodes is used.", + "title": "NumberOfNodes", + "type": "number" } }, + "required": [ + "ClusterIdentifier" + ], "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotFieldWells": { + "AWS::Redshift::ScheduledAction.ResumeClusterMessage": { "additionalProperties": false, "properties": { - "ScatterPlotCategoricallyAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", - "title": "ScatterPlotCategoricallyAggregatedFieldWells" - }, - "ScatterPlotUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", - "title": "ScatterPlotUnaggregatedFieldWells" + "ClusterIdentifier": { + "markdownDescription": "The identifier of the cluster to be resumed.", + "title": "ClusterIdentifier", + "type": "string" } }, + "required": [ + "ClusterIdentifier" + ], "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells": { + "AWS::Redshift::ScheduledAction.ScheduledActionType": { "additionalProperties": false, "properties": { - "Category": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category field well of a scatter plot.", - "title": "Category", - "type": "array" - }, - "Label": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The label field well of a scatter plot.", - "title": "Label", - "type": "array" - }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The size field well of a scatter plot.", - "title": "Size", - "type": "array" + "PauseCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.PauseClusterMessage", + "markdownDescription": "An action that runs a `PauseCluster` API operation.", + "title": "PauseCluster" }, - "XAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", - "title": "XAxis", - "type": "array" + "ResizeCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResizeClusterMessage", + "markdownDescription": "An action that runs a `ResizeCluster` API operation.", + "title": "ResizeCluster" }, - "YAxis": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", - "title": "YAxis", - "type": "array" + "ResumeCluster": { + "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResumeClusterMessage", + "markdownDescription": "An action that runs a `ResumeCluster` API operation.", + "title": "ResumeCluster" } }, "type": "object" }, - "AWS::QuickSight::Template.ScatterPlotVisual": { + "AWS::RedshiftServerless::Namespace": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "AdminPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if `ManageAdminPassword` is `true` .", + "title": "AdminPasswordSecretKmsKeyId", + "type": "string" + }, + "AdminUserPassword": { + "markdownDescription": "The password of the administrator for the primary database created in the namespace.", + "title": "AdminUserPassword", + "type": "string" + }, + "AdminUsername": { + "markdownDescription": "The username of the administrator for the primary database created in the namespace.", + "title": "AdminUsername", + "type": "string" + }, + "DbName": { + "markdownDescription": "The name of the primary database created in the namespace.", + "title": "DbName", + "type": "string" + }, + "DefaultIamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", + "title": "DefaultIamRoleArn", + "type": "string" + }, + "FinalSnapshotName": { + "markdownDescription": "The name of the snapshot to be created before the namespace is deleted.", + "title": "FinalSnapshotName", + "type": "string" + }, + "FinalSnapshotRetentionPeriod": { + "markdownDescription": "How long to retain the final snapshot.", + "title": "FinalSnapshotRetentionPeriod", + "type": "number" + }, + "IamRoles": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IAM roles to associate with the namespace.", + "title": "IamRoles", + "type": "array" + }, + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", + "title": "KmsKeyId", + "type": "string" + }, + "LogExports": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of logs the namespace can export. Available export types are `userlog` , `connectionlog` , and `useractivitylog` .", + "title": "LogExports", + "type": "array" + }, + "ManageAdminPassword": { + "markdownDescription": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use `AdminUserPassword` if `ManageAdminPassword` is true. If `ManageAdminPassword` is `false` or not set, Amazon Redshift uses `AdminUserPassword` for the admin user account's password.", + "title": "ManageAdminPassword", + "type": "boolean" + }, + "NamespaceName": { + "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "NamespaceName", + "type": "string" + }, + "NamespaceResourcePolicy": { + "markdownDescription": "The resource policy that will be attached to the namespace.", + "title": "NamespaceResourcePolicy", + "type": "object" + }, + "RedshiftIdcApplicationArn": { + "markdownDescription": "The ARN for the Redshift application that integrates with IAM Identity Center.", + "title": "RedshiftIdcApplicationArn", + "type": "string" + }, + "SnapshotCopyConfigurations": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration" + }, + "markdownDescription": "", + "title": "SnapshotCopyConfigurations", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The map of the key-value pairs used to tag the namespace.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "NamespaceName" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::RedshiftServerless::Namespace" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.ScrollBarOptions": { + "AWS::RedshiftServerless::Namespace.Namespace": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the data zoom scroll bar.", - "title": "Visibility", + "AdminPasswordSecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the namespace's admin user credentials secret.", + "title": "AdminPasswordSecretArn", "type": "string" }, - "VisibleRange": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisibleRangeOptions", - "markdownDescription": "The visibility range for the data zoom scroll bar.", - "title": "VisibleRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SecondaryValueOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "Determines the visibility of the secondary value.", - "title": "Visibility", + "AdminPasswordSecretKmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret.", + "title": "AdminPasswordSecretKmsKeyId", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SectionAfterPageBreak": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "The option that enables or disables a page break at the end of a section.", - "title": "Status", + }, + "AdminUsername": { + "markdownDescription": "The username of the administrator for the first database created in the namespace.", + "title": "AdminUsername", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "PaperCanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions", - "markdownDescription": "The options for a paper canvas of a section-based layout.", - "title": "PaperCanvasSizeOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SectionBasedLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "BodySections": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionConfiguration" - }, - "markdownDescription": "A list of body section configurations.", - "title": "BodySections", - "type": "array" }, - "CanvasSizeOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", - "markdownDescription": "The options for the canvas of a section-based layout.", - "title": "CanvasSizeOptions" + "CreationDate": { + "markdownDescription": "The date of when the namespace was created.", + "title": "CreationDate", + "type": "string" }, - "FooterSections": { + "DbName": { + "markdownDescription": "The name of the first database created in the namespace.", + "title": "DbName", + "type": "string" + }, + "DefaultIamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", + "title": "DefaultIamRoleArn", + "type": "string" + }, + "IamRoles": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + "type": "string" }, - "markdownDescription": "A list of footer section configurations.", - "title": "FooterSections", + "markdownDescription": "A list of IAM roles to associate with the namespace.", + "title": "IamRoles", "type": "array" }, - "HeaderSections": { + "KmsKeyId": { + "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", + "title": "KmsKeyId", + "type": "string" + }, + "LogExports": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" + "type": "string" }, - "markdownDescription": "A list of header section configurations.", - "title": "HeaderSections", + "markdownDescription": "The types of logs the namespace can export. Available export types are User log, Connection log, and User activity log.", + "title": "LogExports", "type": "array" - } - }, - "required": [ - "BodySections", - "CanvasSizeOptions", - "FooterSections", - "HeaderSections" - ], - "type": "object" - }, - "AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions": { - "additionalProperties": false, - "properties": { - "PaperMargin": { - "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", - "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", - "title": "PaperMargin" }, - "PaperOrientation": { - "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", - "title": "PaperOrientation", + "NamespaceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) associated with a namespace.", + "title": "NamespaceArn", "type": "string" }, - "PaperSize": { - "markdownDescription": "The paper size that is used to define canvas dimensions.", - "title": "PaperSize", + "NamespaceId": { + "markdownDescription": "The unique identifier of a namespace.", + "title": "NamespaceId", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SectionLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "FreeFormLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration", - "markdownDescription": "The free-form layout configuration of a section.", - "title": "FreeFormLayout" - } - }, - "required": [ - "FreeFormLayout" - ], - "type": "object" - }, - "AWS::QuickSight::Template.SectionPageBreakConfiguration": { - "additionalProperties": false, - "properties": { - "After": { - "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", - "markdownDescription": "The configuration of a page break after a section.", - "title": "After" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SectionStyle": { - "additionalProperties": false, - "properties": { - "Height": { - "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", - "title": "Height", + }, + "NamespaceName": { + "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", + "title": "NamespaceName", "type": "string" }, - "Padding": { - "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", - "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", - "title": "Padding" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration": { - "additionalProperties": false, - "properties": { - "SheetVisualScopingConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetVisualScopingConfiguration" - }, - "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", - "title": "SheetVisualScopingConfigurations", - "type": "array" + "Status": { + "markdownDescription": "The status of the namespace.", + "title": "Status", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SeriesItem": { + "AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration": { "additionalProperties": false, "properties": { - "DataFieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataFieldSeriesItem", - "markdownDescription": "The data field series item configuration of a line chart.", - "title": "DataFieldSeriesItem" + "DestinationKmsKeyId": { + "markdownDescription": "The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region .", + "title": "DestinationKmsKeyId", + "type": "string" }, - "FieldSeriesItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSeriesItem", - "markdownDescription": "The field series item configuration of a line chart.", - "title": "FieldSeriesItem" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SetParameterValueConfiguration": { - "additionalProperties": false, - "properties": { - "DestinationParameterName": { - "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", - "title": "DestinationParameterName", + "DestinationRegion": { + "markdownDescription": "The destination AWS Region to copy snapshots to.", + "title": "DestinationRegion", "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.DestinationParameterValueConfiguration", - "markdownDescription": "", - "title": "Value" - } - }, - "required": [ - "DestinationParameterName", - "Value" - ], - "type": "object" - }, - "AWS::QuickSight::Template.ShapeConditionalFormat": { - "additionalProperties": false, - "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", - "title": "BackgroundColor" + "SnapshotRetentionPeriod": { + "markdownDescription": "The retention period of snapshots that are copied to the destination AWS Region .", + "title": "SnapshotRetentionPeriod", + "type": "number" } }, "required": [ - "BackgroundColor" + "DestinationRegion" ], "type": "object" }, - "AWS::QuickSight::Template.Sheet": { + "AWS::RedshiftServerless::Snapshot": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "Condition": { "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier associated with a sheet.", - "title": "SheetId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SheetControlInfoIconLabelOptions": { - "additionalProperties": false, - "properties": { - "InfoIconText": { - "markdownDescription": "The text content of info icon.", - "title": "InfoIconText", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "NamespaceName": { + "markdownDescription": "The name of the namepsace.", + "title": "NamespaceName", + "type": "string" + }, + "RetentionPeriod": { + "markdownDescription": "The retention period of the snapshot created by the scheduled action.", + "title": "RetentionPeriod", + "type": "number" + }, + "SnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "SnapshotName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of [Tag objects](https://docs.aws.amazon.com/redshift-serverless/latest/APIReference/API_Tag.html) to associate with the snapshot.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "SnapshotName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RedshiftServerless::Snapshot" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility configuration of info icon label options.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, - "type": "object" - }, - "AWS::QuickSight::Template.SheetControlLayout": { - "additionalProperties": false, - "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "Configuration" - } - }, "required": [ - "Configuration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.SheetControlLayoutConfiguration": { - "additionalProperties": false, - "properties": { - "GridLayout": { - "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", - "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", - "title": "GridLayout" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SheetDefinition": { + "AWS::RedshiftServerless::Snapshot.Snapshot": { "additionalProperties": false, "properties": { - "ContentType": { - "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", - "title": "ContentType", + "AdminUsername": { + "markdownDescription": "The username of the database within a snapshot.", + "title": "AdminUsername", "type": "string" }, - "Description": { - "markdownDescription": "A description of the sheet.", - "title": "Description", + "KmsKeyId": { + "markdownDescription": "The unique identifier of the KMS key used to encrypt the snapshot.", + "title": "KmsKeyId", "type": "string" }, - "FilterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterControl" - }, - "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterControls", - "type": "array" + "NamespaceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the namespace the snapshot was created from.", + "title": "NamespaceArn", + "type": "string" }, - "Layouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Layout" - }, - "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", - "title": "Layouts", - "type": "array" + "NamespaceName": { + "markdownDescription": "The name of the namepsace.", + "title": "NamespaceName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", - "title": "Name", + "OwnerAccount": { + "markdownDescription": "The owner AWS ; account of the snapshot.", + "title": "OwnerAccount", "type": "string" }, - "ParameterControls": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterControl" - }, - "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterControls", - "type": "array" + "RetentionPeriod": { + "markdownDescription": "", + "title": "RetentionPeriod", + "type": "number" }, - "SheetControlLayouts": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayout" - }, - "markdownDescription": "The control layouts of the sheet.", - "title": "SheetControlLayouts", - "type": "array" + "SnapshotArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the snapshot.", + "title": "SnapshotArn", + "type": "string" }, - "SheetId": { - "markdownDescription": "The unique identifier of a sheet.", - "title": "SheetId", + "SnapshotCreateTime": { + "markdownDescription": "The timestamp of when the snapshot was created.", + "title": "SnapshotCreateTime", "type": "string" }, - "TextBoxes": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetTextBox" - }, - "markdownDescription": "The text boxes that are on a sheet.", - "title": "TextBoxes", - "type": "array" + "SnapshotName": { + "markdownDescription": "The name of the snapshot.", + "title": "SnapshotName", + "type": "string" }, - "Title": { - "markdownDescription": "The title of the sheet.", - "title": "Title", + "Status": { + "markdownDescription": "The status of the snapshot.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::RedshiftServerless::Workgroup": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "Visuals": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Visual" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BaseCapacity": { + "markdownDescription": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs).", + "title": "BaseCapacity", + "type": "number" + }, + "ConfigParameters": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" + }, + "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ConfigParameters", + "type": "array" + }, + "EnhancedVpcRouting": { + "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", + "title": "EnhancedVpcRouting", + "type": "boolean" + }, + "MaxCapacity": { + "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", + "title": "MaxCapacity", + "type": "number" + }, + "NamespaceName": { + "markdownDescription": "The namespace the workgroup is associated with.", + "title": "NamespaceName", + "type": "string" + }, + "Port": { + "markdownDescription": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.", + "title": "Port", + "type": "number" + }, + "PricePerformanceTarget": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.PerformanceTarget", + "markdownDescription": "An object that represents the price performance target settings for the workgroup.", + "title": "PricePerformanceTarget" + }, + "PubliclyAccessible": { + "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "RecoveryPointId": { + "markdownDescription": "The recovery point id to restore from.", + "title": "RecoveryPointId", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security group IDs to associate with the workgroup.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SnapshotArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the snapshot to restore from.", + "title": "SnapshotArn", + "type": "string" + }, + "SnapshotName": { + "markdownDescription": "The snapshot name to restore from.", + "title": "SnapshotName", + "type": "string" + }, + "SnapshotOwnerAccount": { + "markdownDescription": "The Amazon Web Services account that owns the snapshot.", + "title": "SnapshotOwnerAccount", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs the workgroup is associated with.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The map of the key-value pairs used to tag the workgroup.", + "title": "Tags", + "type": "array" + }, + "TrackName": { + "markdownDescription": "An optional parameter for the name of the track for the workgroup. If you don't provide a track name, the workgroup is assigned to the current track.", + "title": "TrackName", + "type": "string" + }, + "Workgroup": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Workgroup", + "markdownDescription": "The collection of computing resources from which an endpoint is created.", + "title": "Workgroup" + }, + "WorkgroupName": { + "markdownDescription": "The name of the workgroup.", + "title": "WorkgroupName", + "type": "string" + } }, - "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", - "title": "Visuals", - "type": "array" - } - }, - "required": [ - "SheetId" - ], - "type": "object" - }, - "AWS::QuickSight::Template.SheetElementConfigurationOverrides": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", - "title": "Visibility", + "required": [ + "WorkgroupName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RedshiftServerless::Workgroup" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SheetElementRenderingRule": { - "additionalProperties": false, - "properties": { - "ConfigurationOverrides": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementConfigurationOverrides", - "markdownDescription": "The override configuration of the rendering rules of a sheet.", - "title": "ConfigurationOverrides" }, - "Expression": { - "markdownDescription": "The expression of the rendering rules of a sheet.", - "title": "Expression", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ConfigurationOverrides", - "Expression" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.SheetTextBox": { + "AWS::RedshiftServerless::Workgroup.ConfigParameter": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The content that is displayed in the text box.", - "title": "Content", + "ParameterKey": { + "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ParameterKey", "type": "string" }, - "SheetTextBoxId": { - "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", - "title": "SheetTextBoxId", + "ParameterValue": { + "markdownDescription": "The value of the parameter to set.", + "title": "ParameterValue", "type": "string" } }, - "required": [ - "SheetTextBoxId" - ], "type": "object" }, - "AWS::QuickSight::Template.SheetVisualScopingConfiguration": { + "AWS::RedshiftServerless::Workgroup.Endpoint": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", - "title": "Scope", + "Address": { + "markdownDescription": "The DNS address of the VPC endpoint.", + "title": "Address", "type": "string" }, - "SheetId": { - "markdownDescription": "The selected sheet that the filter is applied to.", - "title": "SheetId", - "type": "string" + "Port": { + "markdownDescription": "The port that Amazon Redshift Serverless listens on.", + "title": "Port", + "type": "number" }, - "VisualIds": { + "VpcEndpoints": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.VpcEndpoint" }, - "markdownDescription": "The selected visuals that the filter is applied to.", - "title": "VisualIds", + "markdownDescription": "An array of `VpcEndpoint` objects.", + "title": "VpcEndpoints", "type": "array" } }, - "required": [ - "Scope", - "SheetId" - ], "type": "object" }, - "AWS::QuickSight::Template.ShortFormatText": { + "AWS::RedshiftServerless::Workgroup.NetworkInterface": { "additionalProperties": false, "properties": { - "PlainText": { - "markdownDescription": "Plain text format.", - "title": "PlainText", + "AvailabilityZone": { + "markdownDescription": "The availability Zone.", + "title": "AvailabilityZone", "type": "string" }, - "RichText": { - "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", - "title": "RichText", + "NetworkInterfaceId": { + "markdownDescription": "The unique identifier of the network interface.", + "title": "NetworkInterfaceId", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.SimpleClusterMarker": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of the simple cluster marker.", - "title": "Color", + }, + "PrivateIpAddress": { + "markdownDescription": "The IPv4 address of the network interface within the subnet.", + "title": "PrivateIpAddress", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The unique identifier of the subnet.", + "title": "SubnetId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SliderControlDisplayOptions": { + "AWS::RedshiftServerless::Workgroup.PerformanceTarget": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" + "Level": { + "markdownDescription": "The target price performance level for the workgroup. Valid values include 1, 25, 50, 75, and 100. These correspond to the price performance levels LOW_COST, ECONOMICAL, BALANCED, RESOURCEFUL, and HIGH_PERFORMANCE.", + "title": "Level", + "type": "number" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" + "Status": { + "markdownDescription": "Whether the price performance target is enabled for the workgroup.", + "title": "Status", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SmallMultiplesAxisProperties": { + "AWS::RedshiftServerless::Workgroup.VpcEndpoint": { "additionalProperties": false, "properties": { - "Placement": { - "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", - "title": "Placement", + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.NetworkInterface" + }, + "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", + "title": "NetworkInterfaces", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The connection endpoint ID for connecting to Amazon Redshift Serverless.", + "title": "VpcEndpointId", "type": "string" }, - "Scale": { - "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", - "title": "Scale", + "VpcId": { + "markdownDescription": "The VPC identifier that the endpoint is associated with.", + "title": "VpcId", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SmallMultiplesOptions": { + "AWS::RedshiftServerless::Workgroup.Workgroup": { "additionalProperties": false, "properties": { - "MaxVisibleColumns": { - "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleColumns", + "BaseCapacity": { + "markdownDescription": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).", + "title": "BaseCapacity", "type": "number" }, - "MaxVisibleRows": { - "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", - "title": "MaxVisibleRows", - "type": "number" + "ConfigParameters": { + "items": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" + }, + "markdownDescription": "An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", + "title": "ConfigParameters", + "type": "array" }, - "PanelConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PanelConfiguration", - "markdownDescription": "Configures the display options for each small multiples panel.", - "title": "PanelConfiguration" + "CreationDate": { + "markdownDescription": "The creation date of the workgroup.", + "title": "CreationDate", + "type": "string" }, - "XAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples X axis.", - "title": "XAxis" + "Endpoint": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Endpoint", + "markdownDescription": "The endpoint that is created from the workgroup.", + "title": "Endpoint" }, - "YAxis": { - "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", - "markdownDescription": "The properties of a small multiples Y axis.", - "title": "YAxis" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.Spacing": { - "additionalProperties": false, - "properties": { - "Bottom": { - "markdownDescription": "Define the bottom spacing.", - "title": "Bottom", - "type": "string" + "EnhancedVpcRouting": { + "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", + "title": "EnhancedVpcRouting", + "type": "boolean" }, - "Left": { - "markdownDescription": "Define the left spacing.", - "title": "Left", - "type": "string" + "MaxCapacity": { + "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", + "title": "MaxCapacity", + "type": "number" }, - "Right": { - "markdownDescription": "Define the right spacing.", - "title": "Right", + "NamespaceName": { + "markdownDescription": "The namespace the workgroup is associated with.", + "title": "NamespaceName", "type": "string" }, - "Top": { - "markdownDescription": "Define the top spacing.", - "title": "Top", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.StringDefaultValues": { - "additionalProperties": false, - "properties": { - "DynamicValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", - "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", - "title": "DynamicValue" + "PricePerformanceTarget": { + "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.PerformanceTarget", + "markdownDescription": "An object that represents the price performance target settings for the workgroup.", + "title": "PricePerformanceTarget" }, - "StaticValues": { + "PubliclyAccessible": { + "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", + "title": "PubliclyAccessible", + "type": "boolean" + }, + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "The static values of the `DecimalDefaultValues` .", - "title": "StaticValues", + "markdownDescription": "An array of security group IDs to associate with the workgroup.", + "title": "SecurityGroupIds", "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.StringFormatConfiguration": { - "additionalProperties": false, - "properties": { - "NullValueFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", - "markdownDescription": "The options that determine the null value format configuration.", - "title": "NullValueFormatConfiguration" }, - "NumericFormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", - "markdownDescription": "The formatting configuration for numeric strings.", - "title": "NumericFormatConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.StringParameterDeclaration": { - "additionalProperties": false, - "properties": { - "DefaultValues": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringDefaultValues", - "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", - "title": "DefaultValues" + "Status": { + "markdownDescription": "The status of the workgroup.", + "title": "Status", + "type": "string" }, - "MappedDataSetParameters": { + "SubnetIds": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" + "type": "string" }, - "markdownDescription": "", - "title": "MappedDataSetParameters", + "markdownDescription": "An array of subnet IDs the workgroup is associated with.", + "title": "SubnetIds", "type": "array" }, - "Name": { - "markdownDescription": "The name of the parameter that is being declared.", - "title": "Name", + "TrackName": { + "markdownDescription": "The name of the track for the workgroup.", + "title": "TrackName", "type": "string" }, - "ParameterValueType": { - "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", - "title": "ParameterValueType", + "WorkgroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that links to the workgroup.", + "title": "WorkgroupArn", "type": "string" }, - "ValueWhenUnset": { - "$ref": "#/definitions/AWS::QuickSight::Template.StringValueWhenUnsetConfiguration", - "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", - "title": "ValueWhenUnset" - } - }, - "required": [ - "Name", - "ParameterValueType" - ], - "type": "object" - }, - "AWS::QuickSight::Template.StringValueWhenUnsetConfiguration": { - "additionalProperties": false, - "properties": { - "CustomValue": { - "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", - "title": "CustomValue", + "WorkgroupId": { + "markdownDescription": "The unique identifier of the workgroup.", + "title": "WorkgroupId", "type": "string" }, - "ValueWhenUnsetOption": { - "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", - "title": "ValueWhenUnsetOption", + "WorkgroupName": { + "markdownDescription": "The name of the workgroup.", + "title": "WorkgroupName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.SubtotalOptions": { + "AWS::RefactorSpaces::Application": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the subtotal cells.", - "title": "CustomLabel", + "Condition": { "type": "string" }, - "FieldLevel": { - "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", - "title": "FieldLevel", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FieldLevelOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldSubtotalOptions" - }, - "markdownDescription": "The optional configuration of subtotal cells.", - "title": "FieldLevelOptions", - "type": "array" - }, - "MetricHeaderCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of header cells.", - "title": "MetricHeaderCellStyle" - }, - "StyleTargets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableStyleTarget" - }, - "markdownDescription": "The style targets options for subtotals.", - "title": "StyleTargets", - "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotal cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the subtotal cells.", - "title": "TotalsVisibility", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ValueCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The cell styling options for the subtotals of value cells.", - "title": "ValueCellStyle" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableAggregatedFieldWells": { - "additionalProperties": false, - "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" + "Metadata": { + "type": "object" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "Properties": { + "additionalProperties": false, + "properties": { + "ApiGatewayProxy": { + "$ref": "#/definitions/AWS::RefactorSpaces::Application.ApiGatewayProxyInput", + "markdownDescription": "The endpoint URL of the Amazon API Gateway proxy.", + "title": "ApiGatewayProxy" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the application.", + "title": "Name", + "type": "string" + }, + "ProxyType": { + "markdownDescription": "The proxy type of the proxy created within the application.", + "title": "ProxyType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the application.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the virtual private cloud (VPC).", + "title": "VpcId", + "type": "string" + } }, - "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableBorderOptions": { - "additionalProperties": false, - "properties": { - "Color": { - "markdownDescription": "The color of a table border.", - "title": "Color", - "type": "string" + "required": [ + "EnvironmentIdentifier", + "Name", + "ProxyType", + "VpcId" + ], + "type": "object" }, - "Style": { - "markdownDescription": "The style (none, solid) of a table border.", - "title": "Style", + "Type": { + "enum": [ + "AWS::RefactorSpaces::Application" + ], "type": "string" }, - "Thickness": { - "markdownDescription": "The thickness of a table border.", - "title": "Thickness", - "type": "number" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableCellConditionalFormatting": { - "additionalProperties": false, - "properties": { - "FieldId": { - "markdownDescription": "The field ID of the cell for conditional formatting.", - "title": "FieldId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "TextFormat": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", - "markdownDescription": "The text format of the cell for conditional formatting.", - "title": "TextFormat" } }, "required": [ - "FieldId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TableCellImageSizingConfiguration": { + "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { "additionalProperties": false, "properties": { - "TableCellImageScalingConfiguration": { - "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", - "title": "TableCellImageScalingConfiguration", + "EndpointType": { + "markdownDescription": "The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default.\n\nIf the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) .", + "title": "EndpointType", + "type": "string" + }, + "StageName": { + "markdownDescription": "The name of the API Gateway stage. The name defaults to `prod` .", + "title": "StageName", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TableCellStyle": { + "AWS::RefactorSpaces::Environment": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "markdownDescription": "The background color for the table cells.", - "title": "BackgroundColor", + "Condition": { "type": "string" }, - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Template.GlobalTableBorderOptions", - "markdownDescription": "The borders for the table cells.", - "title": "Border" - }, - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the table cells.", - "title": "FontConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Height": { - "markdownDescription": "The height color for the table cells.", - "title": "Height", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HorizontalTextAlignment": { - "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", - "title": "HorizontalTextAlignment", - "type": "string" + "Metadata": { + "type": "object" }, - "TextWrap": { - "markdownDescription": "The text wrap (none, wrap) for the table cells.", - "title": "TextWrap", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the environment.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment.", + "title": "Name", + "type": "string" + }, + "NetworkFabricType": { + "markdownDescription": "The network fabric type of the environment.", + "title": "NetworkFabricType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the environment.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "VerticalTextAlignment": { - "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", - "title": "VerticalTextAlignment", + "Type": { + "enum": [ + "AWS::RefactorSpaces::Environment" + ], "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the table cells.", - "title": "Visibility", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.TableConditionalFormatting": { - "additionalProperties": false, - "properties": { - "ConditionalFormattingOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormattingOption" - }, - "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", - "title": "ConditionalFormattingOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableConditionalFormattingOption": { - "additionalProperties": false, - "properties": { - "Cell": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellConditionalFormatting", - "markdownDescription": "The cell conditional formatting option for a table.", - "title": "Cell" - }, - "Row": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableRowConditionalFormatting", - "markdownDescription": "The row conditional formatting option for a table.", - "title": "Row" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableConfiguration": { + "AWS::RefactorSpaces::Route": { "additionalProperties": false, "properties": { - "FieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOptions", - "markdownDescription": "The field options for a table visual.", - "title": "FieldOptions" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PaginatedReportOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TablePaginatedReportOptions", - "markdownDescription": "The paginated report options for a table visual.", - "title": "PaginatedReportOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableSortConfiguration", - "markdownDescription": "The sort configuration for a `TableVisual` .", - "title": "SortConfiguration" + "Metadata": { + "type": "object" }, - "TableInlineVisualizations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableInlineVisualization" + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationIdentifier": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationIdentifier", + "type": "string" + }, + "DefaultRoute": { + "$ref": "#/definitions/AWS::RefactorSpaces::Route.DefaultRouteInput", + "markdownDescription": "Configuration for the default route type.", + "title": "DefaultRoute" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "RouteType": { + "markdownDescription": "The route type of the route.", + "title": "RouteType", + "type": "string" + }, + "ServiceIdentifier": { + "markdownDescription": "The unique identifier of the service.", + "title": "ServiceIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the route.", + "title": "Tags", + "type": "array" + }, + "UriPathRoute": { + "$ref": "#/definitions/AWS::RefactorSpaces::Route.UriPathRouteInput", + "markdownDescription": "The configuration for the URI path route type.", + "title": "UriPathRoute" + } }, - "markdownDescription": "A collection of inline visualizations to display within a chart.", - "title": "TableInlineVisualizations", - "type": "array" - }, - "TableOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableOptions", - "markdownDescription": "The table options for a table visual.", - "title": "TableOptions" + "required": [ + "ApplicationIdentifier", + "EnvironmentIdentifier", + "RouteType", + "ServiceIdentifier" + ], + "type": "object" }, - "TotalOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalOptions", - "markdownDescription": "The total options for a table visual.", - "title": "TotalOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldCustomIconContent": { - "additionalProperties": false, - "properties": { - "Icon": { - "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", - "title": "Icon", + "Type": { + "enum": [ + "AWS::RefactorSpaces::Route" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldCustomTextContent": { - "additionalProperties": false, - "properties": { - "FontConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", - "markdownDescription": "The font configuration of the custom text content for the table URL link content.", - "title": "FontConfiguration" }, - "Value": { - "markdownDescription": "The string value of the custom text content for the table URL link content.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FontConfiguration" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldImageConfiguration": { - "additionalProperties": false, - "properties": { - "SizingOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellImageSizingConfiguration", - "markdownDescription": "The sizing options for the table image configuration.", - "title": "SizingOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldLinkConfiguration": { + "AWS::RefactorSpaces::Route.DefaultRouteInput": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkContentConfiguration", - "markdownDescription": "The URL content (text, icon) for the table link configuration.", - "title": "Content" - }, - "Target": { - "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", - "title": "Target", + "ActivationState": { + "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", + "title": "ActivationState", "type": "string" } }, "required": [ - "Content", - "Target" + "ActivationState" ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldLinkContentConfiguration": { - "additionalProperties": false, - "properties": { - "CustomIconContent": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomIconContent", - "markdownDescription": "The custom icon content for the table link content configuration.", - "title": "CustomIconContent" - }, - "CustomTextContent": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomTextContent", - "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", - "title": "CustomTextContent" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldOption": { + "AWS::RefactorSpaces::Route.UriPathRouteInput": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label for a table field.", - "title": "CustomLabel", + "ActivationState": { + "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", + "title": "ActivationState", "type": "string" }, - "FieldId": { - "markdownDescription": "The field ID for a table field.", - "title": "FieldId", - "type": "string" + "AppendSourcePath": { + "markdownDescription": "If set to `true` , this option appends the source path to the service URL endpoint.", + "title": "AppendSourcePath", + "type": "boolean" }, - "URLStyling": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldURLConfiguration", - "markdownDescription": "The URL configuration for a table field.", - "title": "URLStyling" + "IncludeChildPaths": { + "markdownDescription": "Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service.", + "title": "IncludeChildPaths", + "type": "boolean" }, - "Visibility": { - "markdownDescription": "The visibility of a table field.", - "title": "Visibility", - "type": "string" + "Methods": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route\u2019s service.", + "title": "Methods", + "type": "array" }, - "Width": { - "markdownDescription": "The width for a table field.", - "title": "Width", + "SourcePath": { + "markdownDescription": "This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'.", + "title": "SourcePath", "type": "string" } }, "required": [ - "FieldId" + "ActivationState" ], "type": "object" }, - "AWS::QuickSight::Template.TableFieldOptions": { + "AWS::RefactorSpaces::Service": { "additionalProperties": false, "properties": { - "Order": { - "items": { - "type": "string" - }, - "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", - "title": "Order", - "type": "array" + "Condition": { + "type": "string" }, - "PinnedFieldOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TablePinnedFieldOptions", - "markdownDescription": "The settings for the pinned columns of a table visual.", - "title": "PinnedFieldOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "SelectedFieldOptions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOption" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationIdentifier": { + "markdownDescription": "The unique identifier of the application.", + "title": "ApplicationIdentifier", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of the service.", + "title": "Description", + "type": "string" + }, + "EndpointType": { + "markdownDescription": "The endpoint type of the service.", + "title": "EndpointType", + "type": "string" + }, + "EnvironmentIdentifier": { + "markdownDescription": "The unique identifier of the environment.", + "title": "EnvironmentIdentifier", + "type": "string" + }, + "LambdaEndpoint": { + "$ref": "#/definitions/AWS::RefactorSpaces::Service.LambdaEndpointInput", + "markdownDescription": "A summary of the configuration for the AWS Lambda endpoint type.", + "title": "LambdaEndpoint" + }, + "Name": { + "markdownDescription": "The name of the service.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags assigned to the service.", + "title": "Tags", + "type": "array" + }, + "UrlEndpoint": { + "$ref": "#/definitions/AWS::RefactorSpaces::Service.UrlEndpointInput", + "markdownDescription": "The summary of the configuration for the URL endpoint type.", + "title": "UrlEndpoint" + }, + "VpcId": { + "markdownDescription": "The ID of the virtual private cloud (VPC).", + "title": "VpcId", + "type": "string" + } }, - "markdownDescription": "The field options to be configured to a table.", - "title": "SelectedFieldOptions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldURLConfiguration": { - "additionalProperties": false, - "properties": { - "ImageConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldImageConfiguration", - "markdownDescription": "The image configuration of a table field URL.", - "title": "ImageConfiguration" + "required": [ + "ApplicationIdentifier", + "EndpointType", + "EnvironmentIdentifier", + "Name" + ], + "type": "object" }, - "LinkConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkConfiguration", - "markdownDescription": "The link configuration of a table field URL.", - "title": "LinkConfiguration" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableFieldWells": { - "additionalProperties": false, - "properties": { - "TableAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableAggregatedFieldWells", - "markdownDescription": "The aggregated field well for the table.", - "title": "TableAggregatedFieldWells" + "Type": { + "enum": [ + "AWS::RefactorSpaces::Service" + ], + "type": "string" }, - "TableUnaggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableUnaggregatedFieldWells", - "markdownDescription": "The unaggregated field well for the table.", - "title": "TableUnaggregatedFieldWells" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TableInlineVisualization": { + "AWS::RefactorSpaces::Service.LambdaEndpointInput": { "additionalProperties": false, "properties": { - "DataBars": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataBarsOptions", - "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", - "title": "DataBars" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function or alias.", + "title": "Arn", + "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::QuickSight::Template.TableOptions": { + "AWS::RefactorSpaces::Service.UrlEndpointInput": { "additionalProperties": false, "properties": { - "CellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of table cells.", - "title": "CellStyle" - }, - "HeaderStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "The table cell style of a table header.", - "title": "HeaderStyle" - }, - "Orientation": { - "markdownDescription": "The orientation (vertical, horizontal) for a table.", - "title": "Orientation", + "HealthUrl": { + "markdownDescription": "The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL.", + "title": "HealthUrl", "type": "string" }, - "RowAlternateColorOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", - "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", - "title": "RowAlternateColorOptions" + "Url": { + "markdownDescription": "The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) .", + "title": "Url", + "type": "string" } }, + "required": [ + "Url" + ], "type": "object" }, - "AWS::QuickSight::Template.TablePaginatedReportOptions": { + "AWS::Rekognition::Collection": { "additionalProperties": false, "properties": { - "OverflowColumnHeaderVisibility": { - "markdownDescription": "The visibility of repeating header rows on each page.", - "title": "OverflowColumnHeaderVisibility", + "Condition": { "type": "string" }, - "VerticalOverflowVisibility": { - "markdownDescription": "The visibility of printing table overflow across pages.", - "title": "VerticalOverflowVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TablePinnedFieldOptions": { - "additionalProperties": false, - "properties": { - "PinnedLeftFields": { - "items": { - "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CollectionId": { + "markdownDescription": "ID for the collection that you are creating.", + "title": "CollectionId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the collection.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of columns to be pinned to the left of a table visual.", - "title": "PinnedLeftFields", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TableRowConditionalFormatting": { - "additionalProperties": false, - "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", - "title": "BackgroundColor" + "required": [ + "CollectionId" + ], + "type": "object" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", - "title": "TextColor" + "Type": { + "enum": [ + "AWS::Rekognition::Collection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TableSideBorderOptions": { + "AWS::Rekognition::Project": { "additionalProperties": false, "properties": { - "Bottom": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the bottom border.", - "title": "Bottom" + "Condition": { + "type": "string" }, - "InnerHorizontal": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the inner horizontal border.", - "title": "InnerHorizontal" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "InnerVertical": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the inner vertical border.", - "title": "InnerVertical" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Left": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the left border.", - "title": "Left" + "Metadata": { + "type": "object" }, - "Right": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the right border.", - "title": "Right" + "Properties": { + "additionalProperties": false, + "properties": { + "ProjectName": { + "markdownDescription": "The name of the project to create.", + "title": "ProjectName", + "type": "string" + } + }, + "required": [ + "ProjectName" + ], + "type": "object" }, - "Top": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", - "markdownDescription": "The table border options of the top border.", - "title": "Top" + "Type": { + "enum": [ + "AWS::Rekognition::Project" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TableSortConfiguration": { + "AWS::Rekognition::StreamProcessor": { "additionalProperties": false, "properties": { - "PaginationConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", - "markdownDescription": "The pagination configuration (page size, page number) for the table.", - "title": "PaginationConfiguration" + "Condition": { + "type": "string" }, - "RowSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BoundingBoxRegionsOfInterest": { + "items": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.BoundingBox" + }, + "markdownDescription": "List of BoundingBox objects, each of which denotes a region of interest on screen. For more information, see the BoundingBox field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", + "title": "BoundingBoxRegionsOfInterest", + "type": "array" + }, + "ConnectedHomeSettings": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.ConnectedHomeSettings", + "markdownDescription": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) .", + "title": "ConnectedHomeSettings" + }, + "DataSharingPreference": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.DataSharingPreference", + "markdownDescription": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) .", + "title": "DataSharingPreference" + }, + "FaceSearchSettings": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.FaceSearchSettings", + "markdownDescription": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) .", + "title": "FaceSearchSettings" + }, + "KinesisDataStream": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisDataStream", + "markdownDescription": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) .", + "title": "KinesisDataStream" + }, + "KinesisVideoStream": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisVideoStream", + "markdownDescription": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) .", + "title": "KinesisVideoStream" + }, + "KmsKeyId": { + "markdownDescription": "The identifier for your Amazon Key Management Service key (Amazon KMS key). Optional parameter for connected home stream processors used to encrypt results and data published to your Amazon S3 bucket. For more information, see the KMSKeyId section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The Name attribute specifies the name of the stream processor and it must be within the constraints described in the Name section of [StreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessor) . If you don't specify a name, Amazon CloudFormation generates a unique ID and uses that ID for the stream processor name.", + "title": "Name", + "type": "string" + }, + "NotificationChannel": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.NotificationChannel", + "markdownDescription": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) .", + "title": "NotificationChannel" + }, + "PolygonRegionsOfInterest": { + "markdownDescription": "A set of ordered lists of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. Each entry of the set contains a polygon denoting a region of interest on the screen. Each polygon is an ordered list of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. For more information, see the Polygon field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", + "title": "PolygonRegionsOfInterest", + "type": "object" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions to the Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a connected home stream processor. This is required for both face search and connected home stream processors. For information about constraints, see the RoleArn section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "RoleArn", + "type": "string" + }, + "S3Destination": { + "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.S3Destination", + "markdownDescription": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) .", + "title": "S3Destination" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the stream processor. For more information, see the Tags section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The field sort options for rows in the table.", - "title": "RowSort", - "type": "array" + "required": [ + "KinesisVideoStream", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Rekognition::StreamProcessor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TableStyleTarget": { + "AWS::Rekognition::StreamProcessor.BoundingBox": { "additionalProperties": false, "properties": { - "CellType": { - "markdownDescription": "The cell type of the table style target.", - "title": "CellType", - "type": "string" + "Height": { + "markdownDescription": "Height of the bounding box as a ratio of the overall image height.", + "title": "Height", + "type": "number" + }, + "Left": { + "markdownDescription": "Left coordinate of the bounding box as a ratio of overall image width.", + "title": "Left", + "type": "number" + }, + "Top": { + "markdownDescription": "Top coordinate of the bounding box as a ratio of overall image height.", + "title": "Top", + "type": "number" + }, + "Width": { + "markdownDescription": "Width of the bounding box as a ratio of the overall image width.", + "title": "Width", + "type": "number" } }, "required": [ - "CellType" + "Height", + "Left", + "Top", + "Width" ], "type": "object" }, - "AWS::QuickSight::Template.TableUnaggregatedFieldWells": { + "AWS::Rekognition::StreamProcessor.ConnectedHomeSettings": { "additionalProperties": false, "properties": { - "Values": { + "Labels": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" + "type": "string" }, - "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", - "title": "Values", + "markdownDescription": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: \"PERSON\", \"PET\", \"PACKAGE\", and \"ALL\".", + "title": "Labels", "type": "array" + }, + "MinConfidence": { + "markdownDescription": "The minimum confidence required to label an object in the video.", + "title": "MinConfidence", + "type": "number" } }, + "required": [ + "Labels" + ], "type": "object" }, - "AWS::QuickSight::Template.TableVisual": { + "AWS::Rekognition::StreamProcessor.DataSharingPreference": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" - }, - "ConditionalFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormatting", - "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", - "title": "ConditionalFormatting" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", - "type": "string" + "OptIn": { + "markdownDescription": "Describes the opt-in status applied to a stream processor's data sharing policy.", + "title": "OptIn", + "type": "boolean" } }, "required": [ - "VisualId" + "OptIn" ], "type": "object" }, - "AWS::QuickSight::Template.TemplateError": { + "AWS::Rekognition::StreamProcessor.FaceSearchSettings": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Description of the error type.", - "title": "Message", - "type": "string" - }, - "Type": { - "markdownDescription": "Type of error.", - "title": "Type", + "CollectionId": { + "markdownDescription": "The ID of a collection that contains faces that you want to search for.", + "title": "CollectionId", "type": "string" }, - "ViolatedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Entity" - }, - "markdownDescription": "An error path that shows which entities caused the template error.", - "title": "ViolatedEntities", - "type": "array" + "FaceMatchThreshold": { + "markdownDescription": "Minimum face match confidence score that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted, and values lower than 80 are set to 80.", + "title": "FaceMatchThreshold", + "type": "number" } }, + "required": [ + "CollectionId" + ], "type": "object" }, - "AWS::QuickSight::Template.TemplateSourceAnalysis": { + "AWS::Rekognition::StreamProcessor.KinesisDataStream": { "additionalProperties": false, "properties": { "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "markdownDescription": "ARN of the output Amazon Kinesis Data Streams stream.", "title": "Arn", "type": "string" - }, - "DataSetReferences": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetReference" - }, - "markdownDescription": "A structure containing information about the dataset references used as placeholders in the template.", - "title": "DataSetReferences", - "type": "array" } }, "required": [ - "Arn", - "DataSetReferences" + "Arn" ], "type": "object" }, - "AWS::QuickSight::Template.TemplateSourceEntity": { + "AWS::Rekognition::StreamProcessor.KinesisVideoStream": { "additionalProperties": false, "properties": { - "SourceAnalysis": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceAnalysis", - "markdownDescription": "The source analysis, if it is based on an analysis.", - "title": "SourceAnalysis" - }, - "SourceTemplate": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceTemplate", - "markdownDescription": "The source template, if it is based on an template.", - "title": "SourceTemplate" + "Arn": { + "markdownDescription": "ARN of the Kinesis video stream stream that streams the source video.", + "title": "Arn", + "type": "string" } }, + "required": [ + "Arn" + ], "type": "object" }, - "AWS::QuickSight::Template.TemplateSourceTemplate": { + "AWS::Rekognition::StreamProcessor.NotificationChannel": { "additionalProperties": false, "properties": { "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", + "markdownDescription": "The ARN of the SNS topic that receives notifications.", "title": "Arn", "type": "string" } @@ -220787,1545 +272300,2207 @@ ], "type": "object" }, - "AWS::QuickSight::Template.TemplateVersion": { + "AWS::Rekognition::StreamProcessor.S3Destination": { "additionalProperties": false, "properties": { - "CreatedTime": { - "markdownDescription": "The time that this template version was created.", - "title": "CreatedTime", - "type": "string" - }, - "DataSetConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" - }, - "markdownDescription": "Schema of the dataset identified by the placeholder. Any dashboard created from this template should be bound to new datasets matching the same schema described through this API operation.", - "title": "DataSetConfigurations", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the template.", - "title": "Description", - "type": "string" - }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TemplateError" - }, - "markdownDescription": "Errors associated with this template version.", - "title": "Errors", - "type": "array" - }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.Sheet" - }, - "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", - "title": "Sheets", - "type": "array" - }, - "SourceEntityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an analysis or template that was used to create this template.", - "title": "SourceEntityArn", - "type": "string" - }, - "Status": { - "markdownDescription": "The status that is associated with the template.\n\n- `CREATION_IN_PROGRESS`\n- `CREATION_SUCCESSFUL`\n- `CREATION_FAILED`\n- `UPDATE_IN_PROGRESS`\n- `UPDATE_SUCCESSFUL`\n- `UPDATE_FAILED`\n- `DELETED`", - "title": "Status", + "BucketName": { + "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) bucket name of a stream processor's exports.", + "title": "BucketName", "type": "string" }, - "ThemeArn": { - "markdownDescription": "The ARN of the theme associated with this version of the template.", - "title": "ThemeArn", + "ObjectKeyPrefix": { + "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) object keys of a stream processor's exports.", + "title": "ObjectKeyPrefix", "type": "string" - }, - "VersionNumber": { - "markdownDescription": "The version number of the template version.", - "title": "VersionNumber", - "type": "number" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::QuickSight::Template.TemplateVersionDefinition": { + "AWS::ResilienceHub::App": { "additionalProperties": false, "properties": { - "AnalysisDefaults": { - "$ref": "#/definitions/AWS::QuickSight::Template.AnalysisDefaults", - "markdownDescription": "", - "title": "AnalysisDefaults" + "Condition": { + "type": "string" }, - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedField" - }, - "markdownDescription": "An array of calculated field definitions for the template.", - "title": "CalculatedFields", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnConfiguration" - }, - "markdownDescription": "An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template.", - "title": "ColumnConfigurations", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DataSetConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" - }, - "markdownDescription": "An array of dataset configurations. These configurations define the required columns for each dataset used within a template.", - "title": "DataSetConfigurations", - "type": "array" + "Metadata": { + "type": "object" }, - "FilterGroups": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilterGroup" + "Properties": { + "additionalProperties": false, + "properties": { + "AppAssessmentSchedule": { + "markdownDescription": "Assessment execution schedule with 'Daily' or 'Disabled' values.", + "title": "AppAssessmentSchedule", + "type": "string" + }, + "AppTemplateBody": { + "markdownDescription": "A JSON string that provides information about your application structure. To learn more about the `appTemplateBody` template, see the sample template in [Sample appTemplateBody template](https://docs.aws.amazon.com//resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html#API_PutDraftAppVersionTemplate_Examples) .\n\nThe `appTemplateBody` JSON string has the following structure:\n\n- *`resources`*\n\nThe list of logical resources that needs to be included in the AWS Resilience Hub application.\n\nType: Array\n\n> Don't add the resources that you want to exclude. \n\nEach `resources` array item includes the following fields:\n\n- *`logicalResourceId`*\n\nThe logical identifier of the resource.\n\nType: Object\n\nEach `logicalResourceId` object includes the following fields:\n\n- `identifier`\n\nIdentifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`type`*\n\nThe type of resource.\n\nType: string\n- *`name`*\n\nName of the resource.\n\nType: String\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`appComponents`*\n\nThe list of Application Components (AppComponent) that this resource belongs to. If an AppComponent is not part of the AWS Resilience Hub application, it will be added.\n\nType: Array\n\nEach `appComponents` array item includes the following fields:\n\n- `name`\n\nName of the AppComponent.\n\nType: String\n- `type`\n\nThe type of AppComponent. For more information about the types of AppComponent, see [Grouping resources in an AppComponent](https://docs.aws.amazon.com/resilience-hub/latest/userguide/AppComponent.grouping.html) .\n\nType: String\n- `resourceNames`\n\nThe list of included resources that are assigned to the AppComponent.\n\nType: Array of strings\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`excludedResources`*\n\nThe list of logical resource identifiers to be excluded from the application.\n\nType: Array\n\n> Don't add the resources that you want to include. \n\nEach `excludedResources` array item includes the following fields:\n\n- *`logicalResourceIds`*\n\nThe logical identifier of the resource.\n\nType: Object\n\n> You can configure only one of the following fields:\n> \n> - `logicalStackName`\n> - `resourceGroupName`\n> - `terraformSourceName`\n> - `eksSourceName` \n\nEach `logicalResourceIds` object includes the following fields:\n\n- `identifier`\n\nThe identifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`version`*\n\nThe AWS Resilience Hub application version.\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`", + "title": "AppTemplateBody", + "type": "string" + }, + "Description": { + "markdownDescription": "Optional description for an application.", + "title": "Description", + "type": "string" + }, + "EventSubscriptions": { + "items": { + "$ref": "#/definitions/AWS::ResilienceHub::App.EventSubscription" + }, + "markdownDescription": "The list of events you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* and *Scheduled assessment failure* events.", + "title": "EventSubscriptions", + "type": "array" + }, + "Name": { + "markdownDescription": "Name for the application.", + "title": "Name", + "type": "string" + }, + "PermissionModel": { + "$ref": "#/definitions/AWS::ResilienceHub::App.PermissionModel", + "markdownDescription": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.", + "title": "PermissionModel" + }, + "ResiliencyPolicyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resiliency policy.", + "title": "ResiliencyPolicyArn", + "type": "string" + }, + "ResourceMappings": { + "items": { + "$ref": "#/definitions/AWS::ResilienceHub::App.ResourceMapping" + }, + "markdownDescription": "An array of `ResourceMapping` objects.", + "title": "ResourceMappings", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "Filter definitions for a template.\n\nFor more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon QuickSight User Guide* .", - "title": "FilterGroups", - "type": "array" - }, - "Options": { - "$ref": "#/definitions/AWS::QuickSight::Template.AssetOptions", - "markdownDescription": "An array of option definitions for a template.", - "title": "Options" + "required": [ + "AppTemplateBody", + "Name", + "ResourceMappings" + ], + "type": "object" }, - "ParameterDeclarations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDeclaration" - }, - "markdownDescription": "An array of parameter declarations for a template.\n\n*Parameters* are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", - "title": "ParameterDeclarations", - "type": "array" + "Type": { + "enum": [ + "AWS::ResilienceHub::App" + ], + "type": "string" }, - "Sheets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetDefinition" - }, - "markdownDescription": "An array of sheet definitions for a template.", - "title": "Sheets", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "DataSetConfigurations" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TextAreaControlDisplayOptions": { - "additionalProperties": false, - "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text area control.", - "title": "PlaceholderOptions" - }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TextConditionalFormat": { + "AWS::ResilienceHub::App.EventSubscription": { "additionalProperties": false, "properties": { - "BackgroundColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text background color.", - "title": "BackgroundColor" + "EventType": { + "markdownDescription": "The type of event you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* ( `DriftDetected` ) and *Scheduled assessment failure* ( `ScheduledAssessmentFailure` ) events.", + "title": "EventType", + "type": "string" }, - "Icon": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", - "markdownDescription": "The conditional formatting for the icon.", - "title": "Icon" + "Name": { + "markdownDescription": "Unique name to identify an event subscription.", + "title": "Name", + "type": "string" }, - "TextColor": { - "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", - "markdownDescription": "The conditional formatting for the text color.", - "title": "TextColor" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TextControlPlaceholderOptions": { - "additionalProperties": false, - "properties": { - "Visibility": { - "markdownDescription": "The visibility configuration of the placeholder options in a text control.", - "title": "Visibility", + "SnsTopicArn": { + "markdownDescription": "Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. The format for this ARN is: `arn:partition:sns:region:account:topic-name` . For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* guide.", + "title": "SnsTopicArn", "type": "string" } }, + "required": [ + "EventType", + "Name" + ], "type": "object" }, - "AWS::QuickSight::Template.TextFieldControlDisplayOptions": { + "AWS::ResilienceHub::App.PermissionModel": { "additionalProperties": false, "properties": { - "InfoIconLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", - "markdownDescription": "The configuration of info icon label options.", - "title": "InfoIconLabelOptions" - }, - "PlaceholderOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", - "markdownDescription": "The configuration of the placeholder options in a text field control.", - "title": "PlaceholderOptions" + "CrossAccountRoleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.\n\n> - These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.\n> - These roles must have a trust policy with `iam:AssumeRole` permission to the invoker role in the primary account.", + "title": "CrossAccountRoleArns", + "type": "array" }, - "TitleOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", - "markdownDescription": "The options to configure the title visibility, name, and font size.", - "title": "TitleOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.ThousandSeparatorOptions": { - "additionalProperties": false, - "properties": { - "Symbol": { - "markdownDescription": "Determines the thousands separator symbol.", - "title": "Symbol", + "InvokerRoleName": { + "markdownDescription": "Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.\n\nIf your IAM role includes a path, you must include the path in the `invokerRoleName` parameter. For example, if your IAM role's ARN is `arn:aws:iam:123456789012:role/my-path/role-name` , you should pass `my-path/role-name` .\n\n> - You must have `iam:passRole` permission for this role while creating or updating the application.\n> - Currently, `invokerRoleName` accepts only `[A-Za-z0-9_+=,.@-]` characters.", + "title": "InvokerRoleName", "type": "string" }, - "Visibility": { - "markdownDescription": "Determines the visibility of the thousands separator.", - "title": "Visibility", + "Type": { + "markdownDescription": "Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.TimeBasedForecastProperties": { + "AWS::ResilienceHub::App.PhysicalResourceId": { "additionalProperties": false, "properties": { - "LowerBoundary": { - "markdownDescription": "The lower boundary setup of a forecast computation.", - "title": "LowerBoundary", - "type": "number" - }, - "PeriodsBackward": { - "markdownDescription": "The periods backward setup of a forecast computation.", - "title": "PeriodsBackward", - "type": "number" - }, - "PeriodsForward": { - "markdownDescription": "The periods forward setup of a forecast computation.", - "title": "PeriodsForward", - "type": "number" + "AwsAccountId": { + "markdownDescription": "The AWS account that owns the physical resource.", + "title": "AwsAccountId", + "type": "string" }, - "PredictionInterval": { - "markdownDescription": "The prediction interval setup of a forecast computation.", - "title": "PredictionInterval", - "type": "number" + "AwsRegion": { + "markdownDescription": "The AWS Region that the physical resource is located in.", + "title": "AwsRegion", + "type": "string" }, - "Seasonality": { - "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", - "title": "Seasonality", - "type": "number" + "Identifier": { + "markdownDescription": "Identifier of the physical resource.", + "title": "Identifier", + "type": "string" }, - "UpperBoundary": { - "markdownDescription": "The upper boundary setup of a forecast computation.", - "title": "UpperBoundary", - "type": "number" + "Type": { + "markdownDescription": "Specifies the type of physical resource identifier.\n\n- **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:\n\n- `AWS::ECS::Service`\n- `AWS::EFS::FileSystem`\n- `AWS::ElasticLoadBalancingV2::LoadBalancer`\n- `AWS::Lambda::Function`\n- `AWS::SNS::Topic`\n- **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:\n\n- `AWS::ApiGateway::RestApi`\n- `AWS::ApiGatewayV2::Api`\n- `AWS::AutoScaling::AutoScalingGroup`\n- `AWS::DocDB::DBCluster`\n- `AWS::DocDB::DBGlobalCluster`\n- `AWS::DocDB::DBInstance`\n- `AWS::DynamoDB::GlobalTable`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::EC2Fleet`\n- `AWS::EC2::Instance`\n- `AWS::EC2::NatGateway`\n- `AWS::EC2::Volume`\n- `AWS::ElasticLoadBalancing::LoadBalancer`\n- `AWS::RDS::DBCluster`\n- `AWS::RDS::DBInstance`\n- `AWS::RDS::GlobalCluster`\n- `AWS::Route53::RecordSet`\n- `AWS::S3::Bucket`\n- `AWS::SQS::Queue`", + "title": "Type", + "type": "string" } }, + "required": [ + "Identifier", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.TimeEqualityFilter": { + "AWS::ResilienceHub::App.ResourceMapping": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "EksSourceName": { + "markdownDescription": "Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` .\n\n> This parameter accepts values in \"eks-cluster/namespace\" format.", + "title": "EksSourceName", + "type": "string" }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", + "LogicalStackName": { + "markdownDescription": "Name of the AWS CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` .", + "title": "LogicalStackName", "type": "string" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", - "title": "ParameterName", + "MappingType": { + "markdownDescription": "Specifies the type of resource mapping.", + "title": "MappingType", "type": "string" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", - "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", - "title": "RollingDate" + "PhysicalResourceId": { + "$ref": "#/definitions/AWS::ResilienceHub::App.PhysicalResourceId", + "markdownDescription": "Identifier of the physical resource.", + "title": "PhysicalResourceId" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "ResourceName": { + "markdownDescription": "Name of the resource that this resource is mapped to when the `mappingType` is `Resource` .", + "title": "ResourceName", "type": "string" }, - "Value": { - "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", - "title": "Value", + "TerraformSourceName": { + "markdownDescription": "Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` .", + "title": "TerraformSourceName", "type": "string" } }, "required": [ - "Column", - "FilterId" + "MappingType", + "PhysicalResourceId" ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeDrillDownFilter": { + "AWS::ResilienceHub::ResiliencyPolicy": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" + "Condition": { + "type": "string" }, - "RangeMaximum": { - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximum", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RangeMinimum": { - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimum", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DataLocationConstraint": { + "markdownDescription": "Specifies a high-level geographical location constraint for where your resilience policy data can be stored.", + "title": "DataLocationConstraint", + "type": "string" + }, + "Policy": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.PolicyMap", + "markdownDescription": "The resiliency policy.", + "title": "Policy" + }, + "PolicyDescription": { + "markdownDescription": "Description of the resiliency policy.", + "title": "PolicyDescription", + "type": "string" + }, + "PolicyName": { + "markdownDescription": "The name of the policy", + "title": "PolicyName", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Tier": { + "markdownDescription": "The tier for this resiliency policy, ranging from the highest severity ( `MissionCritical` ) to lowest ( `NonCritical` ).", + "title": "Tier", + "type": "string" + } + }, + "required": [ + "Policy", + "PolicyName", + "Tier" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResilienceHub::ResiliencyPolicy" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Column", - "RangeMaximum", - "RangeMinimum", - "TimeGranularity" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeFilter": { + "AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy": { "additionalProperties": false, "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" - }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" - }, - "ExcludePeriodConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", - "markdownDescription": "The exclude period of the time range filter.", - "title": "ExcludePeriodConfiguration" - }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" - }, - "IncludeMaximum": { - "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", - "title": "IncludeMaximum", - "type": "boolean" - }, - "IncludeMinimum": { - "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", - "title": "IncludeMinimum", - "type": "boolean" - }, - "NullOption": { - "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", - "title": "NullOption", - "type": "string" - }, - "RangeMaximumValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", - "markdownDescription": "The maximum value for the filter value range.", - "title": "RangeMaximumValue" - }, - "RangeMinimumValue": { - "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", - "markdownDescription": "The minimum value for the filter value range.", - "title": "RangeMinimumValue" + "RpoInSecs": { + "markdownDescription": "Recovery Point Objective (RPO) in seconds.", + "title": "RpoInSecs", + "type": "number" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "RtoInSecs": { + "markdownDescription": "Recovery Time Objective (RTO) in seconds.", + "title": "RtoInSecs", + "type": "number" } }, "required": [ - "Column", - "FilterId", - "NullOption" + "RpoInSecs", + "RtoInSecs" ], "type": "object" }, - "AWS::QuickSight::Template.TimeRangeFilterValue": { + "AWS::ResilienceHub::ResiliencyPolicy.PolicyMap": { "additionalProperties": false, "properties": { - "Parameter": { - "markdownDescription": "The parameter type input value.", - "title": "Parameter", - "type": "string" + "AZ": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for Availability Zone disruption.", + "title": "AZ" }, - "RollingDate": { - "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", - "markdownDescription": "The rolling date input value.", - "title": "RollingDate" + "Hardware": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for hardware disruption.", + "title": "Hardware" }, - "StaticValue": { - "markdownDescription": "The static input value.", - "title": "StaticValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TooltipItem": { - "additionalProperties": false, - "properties": { - "ColumnTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnTooltipItem", - "markdownDescription": "The tooltip item for the columns that are not part of a field well.", - "title": "ColumnTooltipItem" + "Region": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for Regional disruption.", + "title": "Region" }, - "FieldTooltipItem": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldTooltipItem", - "markdownDescription": "The tooltip item for the fields.", - "title": "FieldTooltipItem" + "Software": { + "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", + "markdownDescription": "Defines the RTO and RPO targets for software disruption.", + "title": "Software" } }, + "required": [ + "AZ", + "Hardware", + "Software" + ], "type": "object" }, - "AWS::QuickSight::Template.TooltipOptions": { + "AWS::ResourceExplorer2::DefaultViewAssociation": { "additionalProperties": false, "properties": { - "FieldBasedTooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldBasedTooltip", - "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", - "title": "FieldBasedTooltip" - }, - "SelectedTooltipType": { - "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", - "title": "SelectedTooltipType", + "Condition": { "type": "string" }, - "TooltipVisibility": { - "markdownDescription": "Determines whether or not the tooltip is visible.", - "title": "TooltipVisibility", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.TopBottomFilter": { - "additionalProperties": false, - "properties": { - "AggregationSortConfigurations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.AggregationSortConfiguration" - }, - "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", - "title": "AggregationSortConfigurations", - "type": "array" - }, - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that the filter is applied to.", - "title": "Column" }, - "DefaultFilterControlConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", - "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", - "title": "DefaultFilterControlConfiguration" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "FilterId": { - "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", - "title": "FilterId", - "type": "string" + "Metadata": { + "type": "object" }, - "Limit": { - "markdownDescription": "The number of items to include in the top bottom filter results.", - "title": "Limit", - "type": "number" + "Properties": { + "additionalProperties": false, + "properties": { + "ViewArn": { + "markdownDescription": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region.", + "title": "ViewArn", + "type": "string" + } + }, + "required": [ + "ViewArn" + ], + "type": "object" }, - "ParameterName": { - "markdownDescription": "The parameter whose value should be used for the filter value.", - "title": "ParameterName", + "Type": { + "enum": [ + "AWS::ResourceExplorer2::DefaultViewAssociation" + ], "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AggregationSortConfigurations", - "Column", - "FilterId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TopBottomMoversComputation": { + "AWS::ResourceExplorer2::Index": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "MoverSize": { - "markdownDescription": "The mover size setup of the top and bottom movers computation.", - "title": "MoverSize", - "type": "number" - }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "SortOrder": { - "markdownDescription": "The sort order setup of the top and bottom movers computation.", - "title": "SortOrder", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Time": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The time field that is used in a computation.", - "title": "Time" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "additionalProperties": true, + "markdownDescription": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" }, "Type": { - "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", - "title": "Type", + "enum": [ + "AWS::ResourceExplorer2::Index" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TopBottomRankedComputation": { + "AWS::ResourceExplorer2::View": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" - }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ResultSize": { - "markdownDescription": "The result size of a top and bottom ranked computation.", - "title": "ResultSize", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Filters": { + "$ref": "#/definitions/AWS::ResourceExplorer2::View.SearchFilter", + "markdownDescription": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", + "title": "Filters" + }, + "IncludedProperties": { + "items": { + "$ref": "#/definitions/AWS::ResourceExplorer2::View.IncludedProperty" + }, + "markdownDescription": "A list of fields that provide additional information about the view.", + "title": "IncludedProperties", + "type": "array" + }, + "Scope": { + "markdownDescription": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account.", + "title": "Scope", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Tag key and value pairs that are attached to the view.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "ViewName": { + "markdownDescription": "The name of the new view.", + "title": "ViewName", + "type": "string" + } + }, + "required": [ + "ViewName" + ], + "type": "object" }, "Type": { - "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", - "title": "Type", + "enum": [ + "AWS::ResourceExplorer2::View" + ], "type": "string" }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ComputationId", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationComputation": { + "AWS::ResourceExplorer2::View.IncludedProperty": { "additionalProperties": false, "properties": { - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of a computation.", + "markdownDescription": "The name of the property that is included in this view.", "title": "Name", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", - "markdownDescription": "The value field that is used in a computation.", - "title": "Value" } }, "required": [ - "ComputationId" + "Name" ], "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationFunction": { + "AWS::ResourceExplorer2::View.SearchFilter": { "additionalProperties": false, "properties": { - "SimpleTotalAggregationFunction": { - "markdownDescription": "A built in aggregation function for total values.", - "title": "SimpleTotalAggregationFunction", + "FilterString": { + "markdownDescription": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation.\n\nFor information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", + "title": "FilterString", "type": "string" } }, + "required": [ + "FilterString" + ], "type": "object" }, - "AWS::QuickSight::Template.TotalAggregationOption": { + "AWS::ResourceGroups::Group": { "additionalProperties": false, "properties": { - "FieldId": { - "markdownDescription": "The field id that's associated with the total aggregation option.", - "title": "FieldId", + "Condition": { "type": "string" }, - "TotalAggregationFunction": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationFunction", - "markdownDescription": "The total aggregation function that you want to set for a specified field id.", - "title": "TotalAggregationFunction" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Configuration": { + "items": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationItem" + }, + "markdownDescription": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n> You can include either a `Configuration` or a `ResourceQuery` , but not both.", + "title": "Configuration", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the resource group.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of a resource group. The name must be unique within the AWS Region in which you create the resource. To create multiple resource groups based on the same CloudFormation stack, you must generate unique names for each.", + "title": "Name", + "type": "string" + }, + "ResourceQuery": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ResourceQuery", + "markdownDescription": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n> - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n> - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both.", + "title": "ResourceQuery" + }, + "Resources": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n> - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n> - You can include a `Resources` property only if you also specify a `Configuration` property.", + "title": "Resources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tag key and value pairs that are attached to the resource group.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ResourceGroups::Group" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FieldId", - "TotalAggregationFunction" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TotalOptions": { + "AWS::ResourceGroups::Group.ConfigurationItem": { "additionalProperties": false, "properties": { - "CustomLabel": { - "markdownDescription": "The custom label string for the total cells.", - "title": "CustomLabel", - "type": "string" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationParameter" + }, + "markdownDescription": "A collection of parameters for this configuration item. For the list of parameters that you can use with each configuration item `Type` , see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Parameters", + "type": "array" }, - "Placement": { - "markdownDescription": "The placement (start, end) for the total cells.", - "title": "Placement", + "Type": { + "markdownDescription": "Specifies the type of configuration item. Each item must have a unique value for type. For the list of the types that you can specify for a configuration item, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Type", "type": "string" - }, - "ScrollStatus": { - "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", - "title": "ScrollStatus", + } + }, + "type": "object" + }, + "AWS::ResourceGroups::Group.ConfigurationParameter": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the group configuration parameter. For the list of parameters that you can use with each configuration item type, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", + "title": "Name", "type": "string" }, - "TotalAggregationOptions": { + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" + "type": "string" }, - "markdownDescription": "The total aggregation settings for each value field.", - "title": "TotalAggregationOptions", + "markdownDescription": "The value or values to be used for the specified parameter. For the list of values you can use with each parameter, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) .", + "title": "Values", "type": "array" - }, - "TotalCellStyle": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", - "markdownDescription": "Cell styling options for the total cells.", - "title": "TotalCellStyle" - }, - "TotalsVisibility": { - "markdownDescription": "The visibility configuration for the total cells.", - "title": "TotalsVisibility", - "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.TreeMapAggregatedFieldWells": { + "AWS::ResourceGroups::Group.Query": { "additionalProperties": false, "properties": { - "Colors": { + "ResourceTypeFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", - "title": "Colors", + "markdownDescription": "Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `[\"AWS::EC2::Instance\", \"AWS::DynamoDB::Table\"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `[\"AWS::AllSupported\"]` .", + "title": "ResourceTypeFilters", "type": "array" }, - "Groups": { + "StackIdentifier": { + "markdownDescription": "Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped.\n\nYou can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.`", + "title": "StackIdentifier", + "type": "string" + }, + "TagFilters": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" + "$ref": "#/definitions/AWS::ResourceGroups::Group.TagFilter" }, - "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", - "title": "Groups", + "markdownDescription": "A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` .\n\nA resource must have a tag that matches every filter that is provided in the `TagFilters` list.", + "title": "TagFilters", "type": "array" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::Group.ResourceQuery": { + "additionalProperties": false, + "properties": { + "Query": { + "$ref": "#/definitions/AWS::ResourceGroups::Group.Query", + "markdownDescription": "The query that defines the membership of the group. This is a structure with properties that depend on the `Type` .\n\nThe `Query` structure must be included in the following scenarios:\n\n- When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group.\n- When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing.", + "title": "Query" }, - "Sizes": { + "Type": { + "markdownDescription": "Specifies the type of resource query that determines this group's membership. There are two valid query types:\n\n- `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query.\n- `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::ResourceGroups::Group.TagFilter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group.\n\nThis field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key.", + "title": "Key", + "type": "string" + }, + "Values": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "type": "string" }, - "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", - "title": "Sizes", + "markdownDescription": "A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member.", + "title": "Values", "type": "array" } }, "type": "object" }, - "AWS::QuickSight::Template.TreeMapConfiguration": { + "AWS::ResourceGroups::TagSyncTask": { "additionalProperties": false, "properties": { - "ColorLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", - "title": "ColorLabelOptions" - }, - "ColorScale": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", - "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", - "title": "ColorScale" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The options that determine if visual data labels are displayed.", - "title": "DataLabels" + "Condition": { + "type": "string" }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "GroupLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", - "title": "GroupLabelOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend display setup of the visual.", - "title": "Legend" + "Metadata": { + "type": "object" }, - "SizeLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", - "title": "SizeLabelOptions" + "Properties": { + "additionalProperties": false, + "properties": { + "Group": { + "markdownDescription": "The Amazon resource name (ARN) or name of the application group for which you want to create a tag-sync task.", + "title": "Group", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon resource name (ARN) of the role assumed by the service to tag and untag resources on your behalf.", + "title": "RoleArn", + "type": "string" + }, + "TagKey": { + "markdownDescription": "The tag key.", + "title": "TagKey", + "type": "string" + }, + "TagValue": { + "markdownDescription": "The tag value.", + "title": "TagValue", + "type": "string" + } + }, + "required": [ + "Group", + "RoleArn", + "TagKey", + "TagValue" + ], + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapSortConfiguration", - "markdownDescription": "The sort configuration of a tree map.", - "title": "SortConfiguration" + "Type": { + "enum": [ + "AWS::ResourceGroups::TagSyncTask" + ], + "type": "string" }, - "Tooltip": { - "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", - "markdownDescription": "The tooltip display setup of the visual.", - "title": "Tooltip" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TreeMapFieldWells": { + "AWS::RoboMaker::Fleet": { "additionalProperties": false, "properties": { - "TreeMapAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a tree map.", - "title": "TreeMapAggregatedFieldWells" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the fleet.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The list of all tags added to the fleet.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::Fleet" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Template.TreeMapSortConfiguration": { + "AWS::RoboMaker::Robot": { "additionalProperties": false, "properties": { - "TreeMapGroupItemsLimitConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed.", - "title": "TreeMapGroupItemsLimitConfiguration" + "Condition": { + "type": "string" }, - "TreeMapSort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Architecture": { + "markdownDescription": "The architecture of the robot.", + "title": "Architecture", + "type": "string" + }, + "Fleet": { + "markdownDescription": "The Amazon Resource Name (ARN) of the fleet to which the robot will be registered.", + "title": "Fleet", + "type": "string" + }, + "GreengrassGroupId": { + "markdownDescription": "The Greengrass group associated with the robot.", + "title": "GreengrassGroupId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the robot.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "TreeMapSort", - "type": "array" + "required": [ + "Architecture", + "GreengrassGroupId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::Robot" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.TreeMapVisual": { + "AWS::RoboMaker::RobotApplication": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CurrentRevisionId": { + "markdownDescription": "The current revision id.", + "title": "CurrentRevisionId", + "type": "string" + }, + "Environment": { + "markdownDescription": "The environment of the robot application.", + "title": "Environment", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the robot application.", + "title": "Name", + "type": "string" + }, + "RobotSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.RobotSoftwareSuite", + "markdownDescription": "The robot software suite used by the robot application.", + "title": "RobotSoftwareSuite" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.SourceConfig" + }, + "markdownDescription": "The sources of the robot application.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "required": [ + "RobotSoftwareSuite" + ], + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Type": { + "enum": [ + "AWS::RoboMaker::RobotApplication" + ], + "type": "string" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.TrendArrowOptions": { + "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { "additionalProperties": false, "properties": { - "Visibility": { - "markdownDescription": "The visibility of the trend arrows.", - "title": "Visibility", + "Name": { + "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", + "title": "Name", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.UnaggregatedField": { - "additionalProperties": false, - "properties": { - "Column": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", - "markdownDescription": "The column that is used in the `UnaggregatedField` .", - "title": "Column" }, - "FieldId": { - "markdownDescription": "The custom field ID.", - "title": "FieldId", + "Version": { + "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", + "title": "Version", "type": "string" - }, - "FormatConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", - "markdownDescription": "The format configuration of the field.", - "title": "FormatConfiguration" } }, "required": [ - "Column", - "FieldId" + "Name" ], "type": "object" }, - "AWS::QuickSight::Template.UniqueValuesComputation": { + "AWS::RoboMaker::RobotApplication.SourceConfig": { "additionalProperties": false, "properties": { - "Category": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", - "markdownDescription": "The category field that is used in a computation.", - "title": "Category" + "Architecture": { + "markdownDescription": "The target processor architecture for the application.", + "title": "Architecture", + "type": "string" }, - "ComputationId": { - "markdownDescription": "The ID for a computation.", - "title": "ComputationId", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3Bucket", "type": "string" }, - "Name": { - "markdownDescription": "The name of a computation.", - "title": "Name", + "S3Key": { + "markdownDescription": "The s3 object key.", + "title": "S3Key", "type": "string" } }, "required": [ - "ComputationId" + "Architecture", + "S3Bucket", + "S3Key" ], "type": "object" }, - "AWS::QuickSight::Template.ValidationStrategy": { + "AWS::RoboMaker::RobotApplicationVersion": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", - "title": "Mode", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Application": { + "markdownDescription": "The application information for the robot application.", + "title": "Application", + "type": "string" + }, + "CurrentRevisionId": { + "markdownDescription": "The current revision id for the robot application. If you provide a value and it matches the latest revision ID, a new version will be created.", + "title": "CurrentRevisionId", + "type": "string" + } + }, + "required": [ + "Application" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::RobotApplicationVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Mode" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.VisibleRangeOptions": { - "additionalProperties": false, - "properties": { - "PercentRange": { - "$ref": "#/definitions/AWS::QuickSight::Template.PercentVisibleRange", - "markdownDescription": "The percent range in the visible range.", - "title": "PercentRange" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.Visual": { + "AWS::RoboMaker::SimulationApplication": { "additionalProperties": false, "properties": { - "BarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.BarChartVisual", - "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "BarChartVisual" - }, - "BoxPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotVisual", - "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", - "title": "BoxPlotVisual" - }, - "ComboChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartVisual", - "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "ComboChartVisual" - }, - "CustomContentVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentVisual", - "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "CustomContentVisual" - }, - "EmptyVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.EmptyVisual", - "markdownDescription": "An empty visual.", - "title": "EmptyVisual" - }, - "FilledMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapVisual", - "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "FilledMapVisual" - }, - "FunnelChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartVisual", - "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", - "title": "FunnelChartVisual" - }, - "GaugeChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartVisual", - "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "GaugeChartVisual" - }, - "GeospatialMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapVisual", - "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", - "title": "GeospatialMapVisual" - }, - "HeatMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapVisual", - "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", - "title": "HeatMapVisual" - }, - "HistogramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.HistogramVisual", - "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "HistogramVisual" - }, - "InsightVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.InsightVisual", - "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", - "title": "InsightVisual" - }, - "KPIVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisual", - "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", - "title": "KPIVisual" - }, - "LineChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.LineChartVisual", - "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", - "title": "LineChartVisual" - }, - "PieChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.PieChartVisual", - "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "PieChartVisual" - }, - "PivotTableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableVisual", - "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", - "title": "PivotTableVisual" - }, - "RadarChartVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartVisual", - "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "RadarChartVisual" + "Condition": { + "type": "string" }, - "SankeyDiagramVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramVisual", - "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", - "title": "SankeyDiagramVisual" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ScatterPlotVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotVisual", - "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", - "title": "ScatterPlotVisual" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "TableVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.TableVisual", - "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", - "title": "TableVisual" + "Metadata": { + "type": "object" }, - "TreeMapVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapVisual", - "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", - "title": "TreeMapVisual" + "Properties": { + "additionalProperties": false, + "properties": { + "CurrentRevisionId": { + "markdownDescription": "The current revision id.", + "title": "CurrentRevisionId", + "type": "string" + }, + "Environment": { + "markdownDescription": "The environment of the simulation application.", + "title": "Environment", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the simulation application.", + "title": "Name", + "type": "string" + }, + "RenderingEngine": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RenderingEngine", + "markdownDescription": "The rendering engine for the simulation application.", + "title": "RenderingEngine" + }, + "RobotSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite", + "markdownDescription": "The robot software suite used by the simulation application.", + "title": "RobotSoftwareSuite" + }, + "SimulationSoftwareSuite": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite", + "markdownDescription": "The simulation software suite used by the simulation application.", + "title": "SimulationSoftwareSuite" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SourceConfig" + }, + "markdownDescription": "The sources of the simulation application.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "A map that contains tag keys and tag values that are attached to the simulation application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "RobotSoftwareSuite", + "SimulationSoftwareSuite" + ], + "type": "object" }, - "WaterfallVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallVisual", - "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", - "title": "WaterfallVisual" + "Type": { + "enum": [ + "AWS::RoboMaker::SimulationApplication" + ], + "type": "string" }, - "WordCloudVisual": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudVisual", - "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", - "title": "WordCloudVisual" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.VisualCustomAction": { + "AWS::RoboMaker::SimulationApplication.RenderingEngine": { "additionalProperties": false, "properties": { - "ActionOperations": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomActionOperation" - }, - "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", - "title": "ActionOperations", - "type": "array" - }, - "CustomActionId": { - "markdownDescription": "The ID of the `VisualCustomAction` .", - "title": "CustomActionId", - "type": "string" - }, "Name": { - "markdownDescription": "The name of the `VisualCustomAction` .", + "markdownDescription": "The name of the rendering engine.", "title": "Name", "type": "string" }, - "Status": { - "markdownDescription": "The status of the `VisualCustomAction` .", - "title": "Status", - "type": "string" - }, - "Trigger": { - "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", - "title": "Trigger", + "Version": { + "markdownDescription": "The version of the rendering engine.", + "title": "Version", "type": "string" } }, "required": [ - "ActionOperations", - "CustomActionId", "Name", - "Trigger" + "Version" ], "type": "object" }, - "AWS::QuickSight::Template.VisualCustomActionOperation": { + "AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite": { "additionalProperties": false, "properties": { - "FilterOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionFilterOperation", - "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", - "title": "FilterOperation" - }, - "NavigationOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", - "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", - "title": "NavigationOperation" - }, - "SetParametersOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", - "markdownDescription": "The set parameter operation that sets parameters in custom action.", - "title": "SetParametersOperation" + "Name": { + "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", + "title": "Name", + "type": "string" }, - "URLOperation": { - "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", - "markdownDescription": "The URL operation that opens a link to another webpage.", - "title": "URLOperation" + "Version": { + "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", + "title": "Version", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::QuickSight::Template.VisualPalette": { + "AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite": { "additionalProperties": false, "properties": { - "ChartColor": { - "markdownDescription": "The chart color options for the visual palette.", - "title": "ChartColor", + "Name": { + "markdownDescription": "The name of the simulation software suite. `SimulationRuntime` is the only supported value.", + "title": "Name", "type": "string" }, - "ColorMap": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataPathColor" - }, - "markdownDescription": "The color map options for the visual palette.", - "title": "ColorMap", - "type": "array" + "Version": { + "markdownDescription": "The version of the simulation software suite. Not applicable for `SimulationRuntime` .", + "title": "Version", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::QuickSight::Template.VisualSubtitleLabelOptions": { + "AWS::RoboMaker::SimulationApplication.SourceConfig": { "additionalProperties": false, "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Template.LongFormatText", - "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", - "title": "FormatText" + "Architecture": { + "markdownDescription": "The target processor architecture for the application.", + "title": "Architecture", + "type": "string" }, - "Visibility": { - "markdownDescription": "The visibility of the subtitle label.", - "title": "Visibility", + "S3Bucket": { + "markdownDescription": "The Amazon S3 bucket name.", + "title": "S3Bucket", "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.VisualTitleLabelOptions": { - "additionalProperties": false, - "properties": { - "FormatText": { - "$ref": "#/definitions/AWS::QuickSight::Template.ShortFormatText", - "markdownDescription": "The short text format of the title label, such as plain text or rich text.", - "title": "FormatText" }, - "Visibility": { - "markdownDescription": "The visibility of the title label.", - "title": "Visibility", + "S3Key": { + "markdownDescription": "The s3 object key.", + "title": "S3Key", "type": "string" } }, + "required": [ + "Architecture", + "S3Bucket", + "S3Key" + ], "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells": { + "AWS::RoboMaker::SimulationApplicationVersion": { "additionalProperties": false, "properties": { - "Breakdowns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The breakdown field wells of a waterfall visual.", - "title": "Breakdowns", - "type": "array" + "Condition": { + "type": "string" }, - "Categories": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The category field wells of a waterfall visual.", - "title": "Categories", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Values": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Application": { + "markdownDescription": "The application information for the simulation application.", + "title": "Application", + "type": "string" + }, + "CurrentRevisionId": { + "markdownDescription": "The current revision id for the simulation application. If you provide a value and it matches the latest revision ID, a new version will be created.", + "title": "CurrentRevisionId", + "type": "string" + } }, - "markdownDescription": "The value field wells of a waterfall visual.", - "title": "Values", - "type": "array" + "required": [ + "Application" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RoboMaker::SimulationApplicationVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartConfiguration": { + "AWS::RolesAnywhere::CRL": { "additionalProperties": false, "properties": { - "CategoryAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the category axis.", - "title": "CategoryAxisDisplayOptions" - }, - "CategoryAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the category axis label.", - "title": "CategoryAxisLabelOptions" - }, - "DataLabels": { - "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", - "markdownDescription": "The data label configuration of a waterfall visual.", - "title": "DataLabels" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "FieldWells" + "Condition": { + "type": "string" }, - "Legend": { - "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", - "markdownDescription": "The legend configuration of a waterfall visual.", - "title": "Legend" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "PrimaryYAxisDisplayOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", - "markdownDescription": "The options that determine the presentation of the y-axis.", - "title": "PrimaryYAxisDisplayOptions" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "PrimaryYAxisLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The options that determine the presentation of the y-axis label.", - "title": "PrimaryYAxisLabelOptions" + "Metadata": { + "type": "object" }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartSortConfiguration", - "markdownDescription": "The sort configuration of a waterfall visual.", - "title": "SortConfiguration" + "Properties": { + "additionalProperties": false, + "properties": { + "CrlData": { + "markdownDescription": "The x509 v3 specified certificate revocation list (CRL).", + "title": "CrlData", + "type": "string" + }, + "Enabled": { + "markdownDescription": "Specifies whether the certificate revocation list (CRL) is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the certificate revocation list (CRL).", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to attach to the certificate revocation list (CRL).", + "title": "Tags", + "type": "array" + }, + "TrustAnchorArn": { + "markdownDescription": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.", + "title": "TrustAnchorArn", + "type": "string" + } + }, + "required": [ + "CrlData", + "Name" + ], + "type": "object" }, - "VisualPalette": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", - "markdownDescription": "The visual palette configuration of a waterfall visual.", - "title": "VisualPalette" + "Type": { + "enum": [ + "AWS::RolesAnywhere::CRL" + ], + "type": "string" }, - "WaterfallChartOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartOptions", - "markdownDescription": "The options that determine the presentation of a waterfall visual.", - "title": "WaterfallChartOptions" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.WaterfallChartFieldWells": { - "additionalProperties": false, - "properties": { - "WaterfallChartAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells", - "markdownDescription": "The field well configuration of a waterfall visual.", - "title": "WaterfallChartAggregatedFieldWells" - } - }, - "type": "object" - }, - "AWS::QuickSight::Template.WaterfallChartOptions": { - "additionalProperties": false, - "properties": { - "TotalBarLabel": { - "markdownDescription": "This option determines the total bar label of a waterfall visual.", - "title": "TotalBarLabel", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.WaterfallChartSortConfiguration": { + "AWS::RolesAnywhere::Profile": { "additionalProperties": false, "properties": { - "BreakdownItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of bar groups that are displayed.", - "title": "BreakdownItemsLimit" + "Condition": { + "type": "string" }, - "CategorySort": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptRoleSessionName": { + "markdownDescription": "Used to determine if a custom role session name will be accepted in a temporary credential request.", + "title": "AcceptRoleSessionName", + "type": "boolean" + }, + "AttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::Profile.AttributeMapping" + }, + "markdownDescription": "A mapping applied to the authenticating end-entity certificate.", + "title": "AttributeMappings", + "type": "array" + }, + "DurationSeconds": { + "markdownDescription": "The number of seconds vended session credentials will be valid for", + "title": "DurationSeconds", + "type": "number" + }, + "Enabled": { + "markdownDescription": "The enabled status of the resource.", + "title": "Enabled", + "type": "boolean" + }, + "ManagedPolicyArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", + "title": "ManagedPolicyArns", + "type": "array" + }, + "Name": { + "markdownDescription": "The customer specified name of the resource.", + "title": "Name", + "type": "string" + }, + "RequireInstanceProperties": { + "markdownDescription": "Specifies whether instance properties are required in CreateSession requests with this profile.", + "title": "RequireInstanceProperties", + "type": "boolean" + }, + "RoleArns": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", + "title": "RoleArns", + "type": "array" + }, + "SessionPolicy": { + "markdownDescription": "A session policy that will applied to the trust boundary of the vended session credentials.", + "title": "SessionPolicy", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of Tags.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The sort configuration of the category fields.", - "title": "CategorySort", - "type": "array" + "required": [ + "Name", + "RoleArns" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RolesAnywhere::Profile" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.WaterfallVisual": { + "AWS::RolesAnywhere::Profile.AttributeMapping": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" - }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartConfiguration", - "markdownDescription": "The configuration for a waterfall visual.", - "title": "ChartConfiguration" + "CertificateField": { + "markdownDescription": "Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.", + "title": "CertificateField", + "type": "string" }, - "ColumnHierarchies": { + "MappingRules": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" + "$ref": "#/definitions/AWS::RolesAnywhere::Profile.MappingRule" }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", + "markdownDescription": "A list of mapping entries for every supported specifier or sub-field.", + "title": "MappingRules", "type": "array" - }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" - }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" - }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", - "title": "VisualId", - "type": "string" } }, "required": [ - "VisualId" + "CertificateField", + "MappingRules" ], "type": "object" }, - "AWS::QuickSight::Template.WhatIfPointScenario": { + "AWS::RolesAnywhere::Profile.MappingRule": { "additionalProperties": false, "properties": { - "Date": { - "markdownDescription": "The date that you need the forecast results for.", - "title": "Date", + "Specifier": { + "markdownDescription": "Specifier within a certificate field, such as CN, OU, or UID from the Subject field.", + "title": "Specifier", "type": "string" - }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date.", - "title": "Value", - "type": "number" } }, "required": [ - "Date", - "Value" + "Specifier" ], "type": "object" }, - "AWS::QuickSight::Template.WhatIfRangeScenario": { + "AWS::RolesAnywhere::TrustAnchor": { "additionalProperties": false, "properties": { - "EndDate": { - "markdownDescription": "The end date in the date range that you need the forecast results for.", - "title": "EndDate", + "Condition": { "type": "string" }, - "StartDate": { - "markdownDescription": "The start date in the date range that you need the forecast results for.", - "title": "StartDate", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Value": { - "markdownDescription": "The target value that you want to meet for the provided date range.", - "title": "Value", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether the trust anchor is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the trust anchor.", + "title": "Name", + "type": "string" + }, + "NotificationSettings": { + "items": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.NotificationSetting" + }, + "markdownDescription": "A list of notification settings to be associated to the trust anchor.", + "title": "NotificationSettings", + "type": "array" + }, + "Source": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.Source", + "markdownDescription": "The trust anchor type and its related certificate data.", + "title": "Source" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to attach to the trust anchor.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name", + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::RolesAnywhere::TrustAnchor" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "EndDate", - "StartDate", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudAggregatedFieldWells": { + "AWS::RolesAnywhere::TrustAnchor.NotificationSetting": { "additionalProperties": false, "properties": { - "GroupBy": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" - }, - "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", - "title": "GroupBy", - "type": "array" + "Channel": { + "markdownDescription": "The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and AWS Health Dashboard to notify for an event.\n\n> In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels.", + "title": "Channel", + "type": "string" }, - "Size": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" - }, - "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", - "title": "Size", - "type": "array" + "Enabled": { + "markdownDescription": "Indicates whether the notification setting is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "Event": { + "markdownDescription": "The event to which this notification setting is applied.", + "title": "Event", + "type": "string" + }, + "Threshold": { + "markdownDescription": "The number of days before a notification event. This value is required for a notification setting that is enabled.", + "title": "Threshold", + "type": "number" } }, + "required": [ + "Enabled", + "Event" + ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudChartConfiguration": { + "AWS::RolesAnywhere::TrustAnchor.Source": { "additionalProperties": false, "properties": { - "CategoryLabelOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", - "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", - "title": "CategoryLabelOptions" - }, - "FieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudFieldWells", - "markdownDescription": "The field wells of the visual.", - "title": "FieldWells" - }, - "SortConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudSortConfiguration", - "markdownDescription": "The sort configuration of a word cloud visual.", - "title": "SortConfiguration" + "SourceData": { + "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.SourceData", + "markdownDescription": "A union object representing the data field of the TrustAnchor depending on its type", + "title": "SourceData" }, - "WordCloudOptions": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudOptions", - "markdownDescription": "The options for a word cloud visual.", - "title": "WordCloudOptions" + "SourceType": { + "markdownDescription": "The type of the TrustAnchor.", + "title": "SourceType", + "type": "string" } }, + "required": [ + "SourceData", + "SourceType" + ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudFieldWells": { + "AWS::RolesAnywhere::TrustAnchor.SourceData": { "additionalProperties": false, "properties": { - "WordCloudAggregatedFieldWells": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudAggregatedFieldWells", - "markdownDescription": "The aggregated field wells of a word cloud.", - "title": "WordCloudAggregatedFieldWells" + "AcmPcaArn": { + "markdownDescription": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .\n\n> This field is not supported in your region.", + "title": "AcmPcaArn", + "type": "string" + }, + "X509CertificateData": { + "markdownDescription": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` .", + "title": "X509CertificateData", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Template.WordCloudOptions": { + "AWS::Route53::CidrCollection": { "additionalProperties": false, "properties": { - "CloudLayout": { - "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", - "title": "CloudLayout", + "Condition": { "type": "string" }, - "MaximumStringLength": { - "markdownDescription": "The length limit of each word from 1-100.", - "title": "MaximumStringLength", - "type": "number" - }, - "WordCasing": { - "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", - "title": "WordCasing", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "WordOrientation": { - "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", - "title": "WordOrientation", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "WordPadding": { - "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", - "title": "WordPadding", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "$ref": "#/definitions/AWS::Route53::CidrCollection.Location" + }, + "markdownDescription": "A complex type that contains information about the list of CIDR locations.", + "title": "Locations", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of a CIDR collection.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::CidrCollection" + ], "type": "string" }, - "WordScaling": { - "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", - "title": "WordScaling", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudSortConfiguration": { + "AWS::Route53::CidrCollection.Location": { "additionalProperties": false, "properties": { - "CategoryItemsLimit": { - "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", - "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", - "title": "CategoryItemsLimit" - }, - "CategorySort": { + "CidrList": { "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" + "type": "string" }, - "markdownDescription": "The sort configuration of group by fields.", - "title": "CategorySort", + "markdownDescription": "List of CIDR blocks.", + "title": "CidrList", "type": "array" + }, + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" } }, + "required": [ + "CidrList", + "LocationName" + ], "type": "object" }, - "AWS::QuickSight::Template.WordCloudVisual": { + "AWS::Route53::DNSSEC": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" - }, - "markdownDescription": "The list of custom actions that are configured for a visual.", - "title": "Actions", - "type": "array" + "Condition": { + "type": "string" }, - "ChartConfiguration": { - "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudChartConfiguration", - "markdownDescription": "The configuration settings of the visual.", - "title": "ChartConfiguration" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ColumnHierarchies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" - }, - "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", - "title": "ColumnHierarchies", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Subtitle": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", - "markdownDescription": "The subtitle that is displayed on the visual.", - "title": "Subtitle" + "Metadata": { + "type": "object" }, - "Title": { - "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", - "markdownDescription": "The title that is displayed on the visual.", - "title": "Title" + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneId": { + "markdownDescription": "A unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", + "title": "HostedZoneId", + "type": "string" + } + }, + "required": [ + "HostedZoneId" + ], + "type": "object" }, - "VisualId": { - "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", - "title": "VisualId", + "Type": { + "enum": [ + "AWS::Route53::DNSSEC" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "VisualId" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Theme": { + "AWS::Route53::HealthCheck": { "additionalProperties": false, "properties": { "Condition": { @@ -222360,65 +274535,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account where you want to store the new theme.", - "title": "AwsAccountId", - "type": "string" - }, - "BaseThemeId": { - "markdownDescription": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis.", - "title": "BaseThemeId", - "type": "string" - }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", - "markdownDescription": "The theme configuration, which contains the theme display properties.", - "title": "Configuration" - }, - "Name": { - "markdownDescription": "A display name for the theme.", - "title": "Name", - "type": "string" - }, - "Permissions": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ResourcePermission" - }, - "markdownDescription": "A valid grouping of resource permissions to apply to the new theme.", - "title": "Permissions", - "type": "array" + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckConfig", + "markdownDescription": "A complex type that contains detailed information about one health check.\n\nFor the values to enter for `HealthCheckConfig` , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)", + "title": "HealthCheckConfig" }, - "Tags": { + "HealthCheckTags": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckTag" }, - "markdownDescription": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource.", - "title": "Tags", + "markdownDescription": "The `HealthCheckTags` property describes key-value pairs that are associated with an `AWS::Route53::HealthCheck` resource.", + "title": "HealthCheckTags", "type": "array" - }, - "ThemeId": { - "markdownDescription": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account.", - "title": "ThemeId", - "type": "string" - }, - "VersionDescription": { - "markdownDescription": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field.", - "title": "VersionDescription", - "type": "string" } }, "required": [ - "AwsAccountId", - "BaseThemeId", - "Configuration", - "Name", - "ThemeId" + "HealthCheckConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Theme" + "AWS::Route53::HealthCheck" ], "type": "string" }, @@ -222437,335 +274575,649 @@ ], "type": "object" }, - "AWS::QuickSight::Theme.BorderStyle": { + "AWS::Route53::HealthCheck.AlarmIdentifier": { "additionalProperties": false, "properties": { - "Show": { - "markdownDescription": "The option to enable display of borders for visuals.", - "title": "Show", - "type": "boolean" + "Name": { + "markdownDescription": "The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy.\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in.\n\nFor the current list of CloudWatch regions, see [Amazon CloudWatch endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/cw_region.html) in the *Amazon Web Services General Reference* .", + "title": "Region", + "type": "string" } }, + "required": [ + "Name", + "Region" + ], "type": "object" }, - "AWS::QuickSight::Theme.DataColorPalette": { + "AWS::Route53::HealthCheck.HealthCheckConfig": { "additionalProperties": false, "properties": { - "Colors": { + "AlarmIdentifier": { + "$ref": "#/definitions/AWS::Route53::HealthCheck.AlarmIdentifier", + "markdownDescription": "A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy.", + "title": "AlarmIdentifier" + }, + "ChildHealthChecks": { "items": { "type": "string" }, - "markdownDescription": "The hexadecimal codes for the colors.", - "title": "Colors", + "markdownDescription": "(CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check.", + "title": "ChildHealthChecks", "type": "array" }, - "EmptyFillColor": { - "markdownDescription": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.", - "title": "EmptyFillColor", + "EnableSNI": { + "markdownDescription": "Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate.\n\nSome endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid.\n\nThe SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message.", + "title": "EnableSNI", + "type": "boolean" + }, + "FailureThreshold": { + "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .\n\nIf you don't specify a value for `FailureThreshold` , the default value is three health checks.", + "title": "FailureThreshold", + "type": "number" + }, + "FullyQualifiedDomainName": { + "markdownDescription": "Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` .\n\n*If you specify a value for* `IPAddress` :\n\nAmazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.\n\nWhen Route 53 checks the health of an endpoint, here is how it constructs the `Host` header:\n\n- If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header.\n- If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header.\n- If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header.\n\nIf you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases.\n\n*If you don't specify a value for `IPAddress`* :\n\nRoute 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.\n\n> If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a \"DNS resolution failed\" error. \n\nIf you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com).\n\n> In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. \n\nIn addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header.", + "title": "FullyQualifiedDomainName", "type": "string" }, - "MinMaxGradient": { + "HealthThreshold": { + "markdownDescription": "The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element.\n\nNote the following:\n\n- If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy.\n- If you specify `0` , Route 53 always considers this health check to be healthy.", + "title": "HealthThreshold", + "type": "number" + }, + "IPAddress": { + "markdownDescription": "The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint.\n\nUse one of the following formats for the value of `IPAddress` :\n\n- *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` .\n- *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` .\n\nIf the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change.\n\nFor more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) .\n\nConstraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents:\n\n- [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735)\n- [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598)\n- [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156)\n\nWhen the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` .", + "title": "IPAddress", + "type": "string" + }, + "InsufficientDataHealthStatus": { + "markdownDescription": "When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check:\n\n- `Healthy` : Route 53 considers the health check to be healthy.\n- `Unhealthy` : Route 53 considers the health check to be unhealthy.\n- `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy.", + "title": "InsufficientDataHealthStatus", + "type": "string" + }, + "Inverted": { + "markdownDescription": "Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy.", + "title": "Inverted", + "type": "boolean" + }, + "MeasureLatency": { + "markdownDescription": "Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.\n\n> You can't change the value of `MeasureLatency` after you create a health check.", + "title": "MeasureLatency", + "type": "boolean" + }, + "Port": { + "markdownDescription": "The port on the endpoint that you want Amazon Route 53 to perform health checks on.\n\n> Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` .", + "title": "Port", + "type": "number" + }, + "Regions": { "items": { "type": "string" }, - "markdownDescription": "The minimum and maximum hexadecimal codes that describe a color gradient.", - "title": "MinMaxGradient", + "markdownDescription": "A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint.\n\nIf you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* .\n\nIf you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions).", + "title": "Regions", "type": "array" + }, + "RequestInterval": { + "markdownDescription": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.\n\n> You can't change the value of `RequestInterval` after you create a health check. \n\nIf you don't specify a value for `RequestInterval` , the default value is `30` seconds.", + "title": "RequestInterval", + "type": "number" + }, + "ResourcePath": { + "markdownDescription": "The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp&login=y` .", + "title": "ResourcePath", + "type": "string" + }, + "RoutingControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control.\n\nFor more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) .", + "title": "RoutingControlArn", + "type": "string" + }, + "SearchString": { + "markdownDescription": "If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy.\n\nRoute 53 considers case when searching for `SearchString` in the response body.", + "title": "SearchString", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *TCP* : Route 53 tries to establish a TCP connection.\n- *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` .\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.\n- *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` .\n- *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy.\n\nFor more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Theme.Font": { + "AWS::Route53::HealthCheck.HealthCheckTag": { "additionalProperties": false, "properties": { - "FontFamily": { - "markdownDescription": "Determines the font family settings.", - "title": "FontFamily", + "Key": { + "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", + "title": "Value", "type": "string" } }, + "required": [ + "Key", + "Value" + ], "type": "object" }, - "AWS::QuickSight::Theme.GutterStyle": { + "AWS::Route53::HostedZone": { "additionalProperties": false, "properties": { - "Show": { - "markdownDescription": "This Boolean value controls whether to display a gutter space between sheet tiles.", - "title": "Show", - "type": "boolean" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneConfig": { + "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneConfig", + "markdownDescription": "A complex type that contains an optional comment.\n\nIf you don't want to specify a comment, omit the `HostedZoneConfig` and `Comment` elements.", + "title": "HostedZoneConfig" + }, + "HostedZoneTags": { + "items": { + "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneTag" + }, + "markdownDescription": "Adds, edits, or deletes tags for a health check or a hosted zone.\n\nFor information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *Billing and Cost Management User Guide* .", + "title": "HostedZoneTags", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n\nIf you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of `NameServers` that are returned by the `Fn::GetAtt` intrinsic function.", + "title": "Name", + "type": "string" + }, + "QueryLoggingConfig": { + "$ref": "#/definitions/AWS::Route53::HostedZone.QueryLoggingConfig", + "markdownDescription": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n\nDNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n\n- Route 53 edge location that responded to the DNS query\n- Domain or subdomain that was requested\n- DNS record type, such as A or AAAA\n- DNS response code, such as `NoError` or `ServFail`\n\n- **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.\n\n> If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. \n\n- Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:\n\n- You must create the log group in the us-east-1 region.\n- You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for.\n- When you create log groups for query logging, we recommend that you use a consistent prefix, for example:\n\n`/aws/route53/ *hosted zone name*`\n\nIn the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging.\n- Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of `Resource` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with `*` , for example:\n\n`arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`\n\nTo avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:\n\n- For `aws:SourceArn` , supply the hosted zone ARN used in creating the query logging configuration. For example, `aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID` .\n- For `aws:SourceAccount` , supply the account ID for the account that creates the query logging configuration. For example, `aws:SourceAccount:111111111111` .\n\nFor more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .\n\n> You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI .\n- **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:\n\n- Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location.\n- Begins to send query logs to the applicable log stream.\n\nThe name of each log stream is in the following format:\n\n`*hosted zone ID* / *edge location code*`\n\nThe edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page.\n- **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* .\n- **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* .\n- **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) .\n- **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .", + "title": "QueryLoggingConfig" + }, + "VPCs": { + "items": { + "$ref": "#/definitions/AWS::Route53::HostedZone.VPC" + }, + "markdownDescription": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCs", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::HostedZone" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::QuickSight::Theme.MarginStyle": { + "AWS::Route53::HostedZone.HostedZoneConfig": { "additionalProperties": false, "properties": { - "Show": { - "markdownDescription": "This Boolean value controls whether to display sheet margins.", - "title": "Show", - "type": "boolean" + "Comment": { + "markdownDescription": "Any comments that you want to include about the hosted zone.", + "title": "Comment", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Theme.ResourcePermission": { + "AWS::Route53::HostedZone.HostedZoneTag": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "The IAM action to grant or revoke permissions on.", - "title": "Actions", - "type": "array" + "Key": { + "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", + "title": "Key", + "type": "string" }, - "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", - "title": "Principal", + "Value": { + "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", + "title": "Value", "type": "string" } }, "required": [ - "Actions", - "Principal" + "Key", + "Value" ], "type": "object" }, - "AWS::QuickSight::Theme.SheetStyle": { + "AWS::Route53::HostedZone.QueryLoggingConfig": { "additionalProperties": false, "properties": { - "Tile": { - "$ref": "#/definitions/AWS::QuickSight::Theme.TileStyle", - "markdownDescription": "The display options for tiles.", - "title": "Tile" - }, - "TileLayout": { - "$ref": "#/definitions/AWS::QuickSight::Theme.TileLayoutStyle", - "markdownDescription": "The layout options for tiles.", - "title": "TileLayout" + "CloudWatchLogsLogGroupArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to.", + "title": "CloudWatchLogsLogGroupArn", + "type": "string" } }, + "required": [ + "CloudWatchLogsLogGroupArn" + ], "type": "object" }, - "AWS::QuickSight::Theme.ThemeConfiguration": { + "AWS::Route53::HostedZone.VPC": { "additionalProperties": false, "properties": { - "DataColorPalette": { - "$ref": "#/definitions/AWS::QuickSight::Theme.DataColorPalette", - "markdownDescription": "Color properties that apply to chart data colors.", - "title": "DataColorPalette" - }, - "Sheet": { - "$ref": "#/definitions/AWS::QuickSight::Theme.SheetStyle", - "markdownDescription": "Display options related to sheets.", - "title": "Sheet" - }, - "Typography": { - "$ref": "#/definitions/AWS::QuickSight::Theme.Typography", - "markdownDescription": "Determines the typography options.", - "title": "Typography" + "VPCId": { + "markdownDescription": "*Private hosted zones only:* The ID of an Amazon VPC.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCId", + "type": "string" }, - "UIColorPalette": { - "$ref": "#/definitions/AWS::QuickSight::Theme.UIColorPalette", - "markdownDescription": "Color properties that apply to the UI and to charts, excluding the colors that apply to data.", - "title": "UIColorPalette" + "VPCRegion": { + "markdownDescription": "*Private hosted zones only:* The region that an Amazon VPC was created in.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", + "title": "VPCRegion", + "type": "string" } }, + "required": [ + "VPCId", + "VPCRegion" + ], "type": "object" }, - "AWS::QuickSight::Theme.ThemeError": { + "AWS::Route53::KeySigningKey": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "The error message.", - "title": "Message", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneId": { + "markdownDescription": "The unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", + "title": "HostedZoneId", + "type": "string" + }, + "KeyManagementServiceArn": { + "markdownDescription": "The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The `KeyManagementServiceArn` must be unique for each key-signing key (KSK) in a single hosted zone. For example: `arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111` .", + "title": "KeyManagementServiceArn", + "type": "string" + }, + "Name": { + "markdownDescription": "A string used to identify a key-signing key (KSK). `Name` can include numbers, letters, and underscores (_). `Name` must be unique for each key-signing key in the same hosted zone.", + "title": "Name", + "type": "string" + }, + "Status": { + "markdownDescription": "A string that represents the current key-signing key (KSK) status.\n\nStatus can have one of the following values:\n\n- **ACTIVE** - The KSK is being used for signing.\n- **INACTIVE** - The KSK is not being used for signing.\n- **DELETING** - The KSK is in the process of being deleted.\n- **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed.\n- **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "HostedZoneId", + "KeyManagementServiceArn", + "Name", + "Status" + ], + "type": "object" + }, "Type": { - "markdownDescription": "The type of error.", - "title": "Type", + "enum": [ + "AWS::Route53::KeySigningKey" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Theme.ThemeVersion": { + "AWS::Route53::RecordSet": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", - "title": "Arn", + "Condition": { "type": "string" }, - "BaseThemeId": { - "markdownDescription": "The Amazon QuickSight-defined ID of the theme that a custom theme inherits from. All themes initially inherit from a default Amazon QuickSight theme.", - "title": "BaseThemeId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Configuration": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", - "markdownDescription": "The theme configuration, which contains all the theme display properties.", - "title": "Configuration" - }, - "CreatedTime": { - "markdownDescription": "The date and time that this theme version was created.", - "title": "CreatedTime", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Description": { - "markdownDescription": "The description of the theme.", - "title": "Description", - "type": "string" + "Metadata": { + "type": "object" }, - "Errors": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeError" + "Properties": { + "additionalProperties": false, + "properties": { + "AliasTarget": { + "$ref": "#/definitions/AWS::Route53::RecordSet.AliasTarget", + "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", + "title": "AliasTarget" + }, + "CidrRoutingConfig": { + "$ref": "#/definitions/AWS::Route53::RecordSet.CidrRoutingConfig", + "markdownDescription": "The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.\n\nA `LocationName` with an asterisk \u201c*\u201d can be used to create a default CIDR record. `CollectionId` is still required for default record.", + "title": "CidrRoutingConfig" + }, + "Comment": { + "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", + "title": "Comment", + "type": "string" + }, + "Failover": { + "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", + "title": "Failover", + "type": "string" + }, + "GeoLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSet.GeoLocation", + "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", + "title": "GeoLocation" + }, + "GeoProximityLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSet.GeoProximityLocation", + "markdownDescription": "*GeoproximityLocation resource record sets only:* A complex type that lets you control how Route\u00a053 responds to DNS queries based on the geographic origin of the query and your resources.", + "title": "GeoProximityLocation" + }, + "HealthCheckId": { + "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", + "title": "HealthCheckId", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an AWS::Route53::RecordSet that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "MultiValueAnswer": { + "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", + "title": "MultiValueAnswer", + "type": "boolean" + }, + "Name": { + "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", + "title": "Region", + "type": "string" + }, + "ResourceRecords": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more values that correspond with the value that you specified for the `Type` property. For example, if you specified `A` for `Type` , you specify one or more IP addresses in IPv4 format for `ResourceRecords` . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nNote the following:\n\n- You can specify more than one value for all record types except CNAME and SOA.\n- The maximum length of a value is 4000 characters.\n- If you're creating an alias record, omit `ResourceRecords` .", + "title": "ResourceRecords", + "type": "array" + }, + "SetIdentifier": { + "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", + "title": "SetIdentifier", + "type": "string" + }, + "TTL": { + "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", + "title": "TTL", + "type": "string" + }, + "Type": { + "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "Type", + "type": "string" + }, + "Weight": { + "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Weight", + "type": "number" + } }, - "markdownDescription": "Errors associated with the theme.", - "title": "Errors", - "type": "array" + "required": [ + "Name", + "Type" + ], + "type": "object" }, - "Status": { - "markdownDescription": "The status of the theme version.", - "title": "Status", + "Type": { + "enum": [ + "AWS::Route53::RecordSet" + ], "type": "string" }, - "VersionNumber": { - "markdownDescription": "The version number of the theme.", - "title": "VersionNumber", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Theme.TileLayoutStyle": { + "AWS::Route53::RecordSet.AliasTarget": { "additionalProperties": false, "properties": { - "Gutter": { - "$ref": "#/definitions/AWS::QuickSight::Theme.GutterStyle", - "markdownDescription": "The gutter settings that apply between tiles.", - "title": "Gutter" + "DNSName": { + "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "DNSName", + "type": "string" }, - "Margin": { - "$ref": "#/definitions/AWS::QuickSight::Theme.MarginStyle", - "markdownDescription": "The margin settings that apply around the outside edge of sheets.", - "title": "Margin" + "EvaluateTargetHealth": { + "markdownDescription": "*Applies only to alias, failover alias, geolocation alias, latency alias, and weighted alias resource record sets:* When `EvaluateTargetHealth` is `true` , an alias resource record set inherits the health of the referenced AWS resource, such as an ELB load balancer or another resource record set in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", + "title": "EvaluateTargetHealth", + "type": "boolean" + }, + "HostedZoneId": { + "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing Endpoints and Quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", + "title": "HostedZoneId", + "type": "string" } }, + "required": [ + "DNSName", + "HostedZoneId" + ], "type": "object" }, - "AWS::QuickSight::Theme.TileStyle": { + "AWS::Route53::RecordSet.CidrRoutingConfig": { "additionalProperties": false, "properties": { - "Border": { - "$ref": "#/definitions/AWS::QuickSight::Theme.BorderStyle", - "markdownDescription": "The border around a tile.", - "title": "Border" + "CollectionId": { + "markdownDescription": "The CIDR collection ID.", + "title": "CollectionId", + "type": "string" + }, + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" } }, + "required": [ + "CollectionId", + "LocationName" + ], "type": "object" }, - "AWS::QuickSight::Theme.Typography": { + "AWS::Route53::RecordSet.Coordinates": { "additionalProperties": false, "properties": { - "FontFamilies": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Theme.Font" - }, - "markdownDescription": "Determines the list of font families.", - "title": "FontFamilies", - "type": "array" + "Latitude": { + "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", + "title": "Longitude", + "type": "string" } }, + "required": [ + "Latitude", + "Longitude" + ], "type": "object" }, - "AWS::QuickSight::Theme.UIColorPalette": { + "AWS::Route53::RecordSet.GeoLocation": { "additionalProperties": false, "properties": { - "Accent": { - "markdownDescription": "This color is that applies to selected states and buttons.", - "title": "Accent", - "type": "string" - }, - "AccentForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the accent color.", - "title": "AccentForeground", - "type": "string" - }, - "Danger": { - "markdownDescription": "The color that applies to error messages.", - "title": "Danger", - "type": "string" - }, - "DangerForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the error color.", - "title": "DangerForeground", - "type": "string" - }, - "Dimension": { - "markdownDescription": "The color that applies to the names of fields that are identified as dimensions.", - "title": "Dimension", - "type": "string" - }, - "DimensionForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the dimension color.", - "title": "DimensionForeground", - "type": "string" - }, - "Measure": { - "markdownDescription": "The color that applies to the names of fields that are identified as measures.", - "title": "Measure", - "type": "string" - }, - "MeasureForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the measure color.", - "title": "MeasureForeground", - "type": "string" - }, - "PrimaryBackground": { - "markdownDescription": "The background color that applies to visuals and other high emphasis UI.", - "title": "PrimaryBackground", - "type": "string" - }, - "PrimaryForeground": { - "markdownDescription": "The color of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.", - "title": "PrimaryForeground", + "ContinentCode": { + "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", + "title": "ContinentCode", "type": "string" }, - "SecondaryBackground": { - "markdownDescription": "The background color that applies to the sheet background and sheet controls.", - "title": "SecondaryBackground", + "CountryCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", + "title": "CountryCode", "type": "string" }, - "SecondaryForeground": { - "markdownDescription": "The foreground color that applies to any sheet title, sheet control text, or UI that appears over the secondary background.", - "title": "SecondaryForeground", + "SubdivisionCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", + "title": "SubdivisionCode", "type": "string" - }, - "Success": { - "markdownDescription": "The color that applies to success messages, for example the check mark for a successful download.", - "title": "Success", + } + }, + "type": "object" + }, + "AWS::Route53::RecordSet.GeoProximityLocation": { + "additionalProperties": false, + "properties": { + "AWSRegion": { + "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", + "title": "AWSRegion", "type": "string" }, - "SuccessForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the success color.", - "title": "SuccessForeground", - "type": "string" + "Bias": { + "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", + "title": "Bias", + "type": "number" }, - "Warning": { - "markdownDescription": "This color that applies to warning and informational messages.", - "title": "Warning", - "type": "string" + "Coordinates": { + "$ref": "#/definitions/AWS::Route53::RecordSet.Coordinates", + "markdownDescription": "Contains the longitude and latitude for a geographic region.", + "title": "Coordinates" }, - "WarningForeground": { - "markdownDescription": "The foreground color that applies to any text or other elements that appear over the warning color.", - "title": "WarningForeground", + "LocalZoneGroup": { + "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", + "title": "LocalZoneGroup", "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic": { + "AWS::Route53::RecordSetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -222800,45 +275252,35 @@ "Properties": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "markdownDescription": "The ID of the AWS account that you want to create a topic in.", - "title": "AwsAccountId", - "type": "string" - }, - "DataSets": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DatasetMetadata" - }, - "markdownDescription": "The data sets that the topic is associated with.", - "title": "DataSets", - "type": "array" - }, - "Description": { - "markdownDescription": "The description of the topic.", - "title": "Description", + "Comment": { + "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", + "title": "Comment", "type": "string" }, - "Name": { - "markdownDescription": "The name of the topic.", - "title": "Name", + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneId", "type": "string" }, - "TopicId": { - "markdownDescription": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", - "title": "TopicId", + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", "type": "string" }, - "UserExperienceVersion": { - "markdownDescription": "The user experience version of the topic.", - "title": "UserExperienceVersion", - "type": "string" + "RecordSets": { + "items": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" + }, + "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", + "title": "RecordSets", + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::Topic" + "AWS::Route53::RecordSetGroup" ], "type": "string" }, @@ -222856,852 +275298,894 @@ ], "type": "object" }, - "AWS::QuickSight::Topic.CellValueSynonym": { + "AWS::Route53::RecordSetGroup.AliasTarget": { "additionalProperties": false, "properties": { - "CellValue": { - "markdownDescription": "The cell value.", - "title": "CellValue", + "DNSName": { + "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "DNSName", "type": "string" }, - "Synonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "Other names or aliases for the cell value.", - "title": "Synonyms", - "type": "array" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.CollectiveConstant": { - "additionalProperties": false, - "properties": { - "ValueList": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of values for the collective constant.", - "title": "ValueList", - "type": "array" + "EvaluateTargetHealth": { + "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", + "title": "EvaluateTargetHealth", + "type": "boolean" + }, + "HostedZoneId": { + "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", + "title": "HostedZoneId", + "type": "string" } }, + "required": [ + "DNSName", + "HostedZoneId" + ], "type": "object" }, - "AWS::QuickSight::Topic.ComparativeOrder": { + "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { "additionalProperties": false, "properties": { - "SpecifedOrder": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of columns to be used in the ordering.", - "title": "SpecifedOrder", - "type": "array" - }, - "TreatUndefinedSpecifiedValues": { - "markdownDescription": "The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` .", - "title": "TreatUndefinedSpecifiedValues", + "CollectionId": { + "markdownDescription": "The CIDR collection ID.", + "title": "CollectionId", "type": "string" }, - "UseOrdering": { - "markdownDescription": "The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` .", - "title": "UseOrdering", + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", "type": "string" } }, + "required": [ + "CollectionId", + "LocationName" + ], "type": "object" }, - "AWS::QuickSight::Topic.DataAggregation": { + "AWS::Route53::RecordSetGroup.Coordinates": { "additionalProperties": false, "properties": { - "DatasetRowDateGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "DatasetRowDateGranularity", + "Latitude": { + "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", + "title": "Latitude", "type": "string" }, - "DefaultDateColumnName": { - "markdownDescription": "The column name for the default date.", - "title": "DefaultDateColumnName", + "Longitude": { + "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", + "title": "Longitude", "type": "string" } }, + "required": [ + "Latitude", + "Longitude" + ], "type": "object" }, - "AWS::QuickSight::Topic.DatasetMetadata": { + "AWS::Route53::RecordSetGroup.GeoLocation": { "additionalProperties": false, "properties": { - "CalculatedFields": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCalculatedField" - }, - "markdownDescription": "The list of calculated field definitions.", - "title": "CalculatedFields", - "type": "array" - }, - "Columns": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicColumn" - }, - "markdownDescription": "The list of column definitions.", - "title": "Columns", - "type": "array" - }, - "DataAggregation": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DataAggregation", - "markdownDescription": "The definition of a data aggregation.", - "title": "DataAggregation" - }, - "DatasetArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the dataset.", - "title": "DatasetArn", + "ContinentCode": { + "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", + "title": "ContinentCode", "type": "string" }, - "DatasetDescription": { - "markdownDescription": "The description of the dataset.", - "title": "DatasetDescription", + "CountryCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", + "title": "CountryCode", "type": "string" }, - "DatasetName": { - "markdownDescription": "The name of the dataset.", - "title": "DatasetName", + "SubdivisionCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", + "title": "SubdivisionCode", "type": "string" - }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicFilter" - }, - "markdownDescription": "The list of filter definitions.", - "title": "Filters", - "type": "array" - }, - "NamedEntities": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNamedEntity" - }, - "markdownDescription": "The list of named entities definitions.", - "title": "NamedEntities", - "type": "array" } }, - "required": [ - "DatasetArn" - ], "type": "object" }, - "AWS::QuickSight::Topic.DefaultFormatting": { + "AWS::Route53::RecordSetGroup.GeoProximityLocation": { "additionalProperties": false, "properties": { - "DisplayFormat": { - "markdownDescription": "The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` .", - "title": "DisplayFormat", + "AWSRegion": { + "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", + "title": "AWSRegion", "type": "string" }, - "DisplayFormatOptions": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DisplayFormatOptions", - "markdownDescription": "The additional options for display formatting.", - "title": "DisplayFormatOptions" + "Bias": { + "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", + "title": "Bias", + "type": "number" + }, + "Coordinates": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", + "markdownDescription": "Contains the longitude and latitude for a geographic region.", + "title": "Coordinates" + }, + "LocalZoneGroup": { + "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", + "title": "LocalZoneGroup", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic.DisplayFormatOptions": { + "AWS::Route53::RecordSetGroup.RecordSet": { "additionalProperties": false, "properties": { - "BlankCellFormat": { - "markdownDescription": "Determines the blank cell format.", - "title": "BlankCellFormat", - "type": "string" - }, - "CurrencySymbol": { - "markdownDescription": "The currency symbol, such as `USD` .", - "title": "CurrencySymbol", - "type": "string" + "AliasTarget": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", + "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", + "title": "AliasTarget" }, - "DateFormat": { - "markdownDescription": "Determines the `DateTime` format.", - "title": "DateFormat", - "type": "string" + "CidrRoutingConfig": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", + "markdownDescription": "", + "title": "CidrRoutingConfig" }, - "DecimalSeparator": { - "markdownDescription": "Determines the decimal separator.", - "title": "DecimalSeparator", + "Failover": { + "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", + "title": "Failover", "type": "string" }, - "FractionDigits": { - "markdownDescription": "Determines the number of fraction digits.", - "title": "FractionDigits", - "type": "number" - }, - "GroupingSeparator": { - "markdownDescription": "Determines the grouping separator.", - "title": "GroupingSeparator", - "type": "string" + "GeoLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", + "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", + "title": "GeoLocation" }, - "NegativeFormat": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NegativeFormat", - "markdownDescription": "The negative format.", - "title": "NegativeFormat" + "GeoProximityLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", + "markdownDescription": "A complex type that contains information about a geographic location.", + "title": "GeoProximityLocation" }, - "Prefix": { - "markdownDescription": "The prefix value for a display format.", - "title": "Prefix", + "HealthCheckId": { + "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", + "title": "HealthCheckId", "type": "string" }, - "Suffix": { - "markdownDescription": "The suffix value for a display format.", - "title": "Suffix", + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", + "title": "HostedZoneId", "type": "string" }, - "UnitScaler": { - "markdownDescription": "The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` .", - "title": "UnitScaler", + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", "type": "string" }, - "UseBlankCellFormat": { - "markdownDescription": "A Boolean value that indicates whether to use blank cell format.", - "title": "UseBlankCellFormat", + "MultiValueAnswer": { + "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", + "title": "MultiValueAnswer", "type": "boolean" }, - "UseGrouping": { - "markdownDescription": "A Boolean value that indicates whether to use grouping.", - "title": "UseGrouping", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.NamedEntityDefinition": { - "additionalProperties": false, - "properties": { - "FieldName": { - "markdownDescription": "The name of the entity.", - "title": "FieldName", + "Name": { + "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", + "title": "Name", "type": "string" }, - "Metric": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinitionMetric", - "markdownDescription": "The definition of a metric.", - "title": "Metric" - }, - "PropertyName": { - "markdownDescription": "The property name to be used for the named entity.", - "title": "PropertyName", + "Region": { + "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", + "title": "Region", "type": "string" }, - "PropertyRole": { - "markdownDescription": "The property role. Valid values for this structure are `PRIMARY` and `ID` .", - "title": "PropertyRole", - "type": "string" + "ResourceRecords": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", + "title": "ResourceRecords", + "type": "array" }, - "PropertyUsage": { - "markdownDescription": "The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` .", - "title": "PropertyUsage", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.NamedEntityDefinitionMetric": { - "additionalProperties": false, - "properties": { - "Aggregation": { - "markdownDescription": "The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` .", - "title": "Aggregation", + "SetIdentifier": { + "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", + "title": "SetIdentifier", "type": "string" }, - "AggregationFunctionParameters": { - "additionalProperties": true, - "markdownDescription": "The additional parameters for an aggregation function.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AggregationFunctionParameters", - "type": "object" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.NegativeFormat": { - "additionalProperties": false, - "properties": { - "Prefix": { - "markdownDescription": "The prefix for a negative format.", - "title": "Prefix", + "TTL": { + "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", + "title": "TTL", "type": "string" }, - "Suffix": { - "markdownDescription": "The suffix for a negative format.", - "title": "Suffix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.RangeConstant": { - "additionalProperties": false, - "properties": { - "Maximum": { - "markdownDescription": "The maximum value for a range constant.", - "title": "Maximum", + "Type": { + "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "Type", "type": "string" }, - "Minimum": { - "markdownDescription": "The minimum value for a range constant.", - "title": "Minimum", - "type": "string" + "Weight": { + "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Weight", + "type": "number" } }, + "required": [ + "Name", + "Type" + ], "type": "object" }, - "AWS::QuickSight::Topic.SemanticEntityType": { + "AWS::Route53Profiles::Profile": { "additionalProperties": false, "properties": { - "SubTypeName": { - "markdownDescription": "The semantic entity sub type name.", - "title": "SubTypeName", + "Condition": { "type": "string" }, - "TypeName": { - "markdownDescription": "The semantic entity type name.", - "title": "TypeName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TypeParameters": { - "additionalProperties": true, - "markdownDescription": "The semantic entity type parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "TypeParameters", + ] + }, + "Metadata": { "type": "object" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.SemanticType": { - "additionalProperties": false, - "properties": { - "FalseyCellValue": { - "markdownDescription": "The semantic type falsey cell value.", - "title": "FalseyCellValue", - "type": "string" }, - "FalseyCellValueSynonyms": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the Profile.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of the tag keys and values that you want to associate with the profile.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The other names or aliases for the false cell value.", - "title": "FalseyCellValueSynonyms", - "type": "array" - }, - "SubTypeName": { - "markdownDescription": "The semantic type sub type name.", - "title": "SubTypeName", - "type": "string" + "required": [ + "Name" + ], + "type": "object" }, - "TruthyCellValue": { - "markdownDescription": "The semantic type truthy cell value.", - "title": "TruthyCellValue", + "Type": { + "enum": [ + "AWS::Route53Profiles::Profile" + ], "type": "string" }, - "TruthyCellValueSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the true cell value.", - "title": "TruthyCellValueSynonyms", - "type": "array" - }, - "TypeName": { - "markdownDescription": "The semantic type name.", - "title": "TypeName", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "TypeParameters": { - "additionalProperties": true, - "markdownDescription": "The semantic type parameters.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "TypeParameters", - "type": "object" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicCalculatedField": { + "AWS::Route53Profiles::ProfileAssociation": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", - "title": "Aggregation", + "Condition": { "type": "string" }, - "AllowedAggregations": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "AllowedAggregations", - "type": "array" - }, - "CalculatedFieldDescription": { - "markdownDescription": "The calculated field description.", - "title": "CalculatedFieldDescription", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "CalculatedFieldName": { - "markdownDescription": "The calculated field name.", - "title": "CalculatedFieldName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "CalculatedFieldSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the calculated field.", - "title": "CalculatedFieldSynonyms", - "type": "array" + "Metadata": { + "type": "object" }, - "CellValueSynonyms": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" + "Properties": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the profile association to a VPC.", + "title": "Arn", + "type": "string" + }, + "Name": { + "markdownDescription": "Name of the Profile association.", + "title": "Name", + "type": "string" + }, + "ProfileId": { + "markdownDescription": "ID of the Profile.\n\nUpdate to this property requires update to the `ResourceId` property as well, because you can only associate one Profile per VPC. For more information, see [Route 53 Profiles](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html) .", + "title": "ProfileId", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the VPC.", + "title": "ResourceId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The other names or aliases for the calculated field cell value.", - "title": "CellValueSynonyms", - "type": "array" - }, - "ColumnDataRole": { - "markdownDescription": "The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` .", - "title": "ColumnDataRole", - "type": "string" - }, - "ComparativeOrder": { - "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", - "markdownDescription": "The order in which data is displayed for the calculated field when it's used in a comparative context.", - "title": "ComparativeOrder" - }, - "DefaultFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", - "markdownDescription": "The default formatting definition.", - "title": "DefaultFormatting" + "required": [ + "Name", + "ProfileId", + "ResourceId" + ], + "type": "object" }, - "Expression": { - "markdownDescription": "The calculated field expression.", - "title": "Expression", + "Type": { + "enum": [ + "AWS::Route53Profiles::ProfileAssociation" + ], "type": "string" }, - "IsIncludedInTopic": { - "markdownDescription": "A boolean value that indicates if a calculated field is included in the topic.", - "title": "IsIncludedInTopic", - "type": "boolean" - }, - "NeverAggregateInFilter": { - "markdownDescription": "A Boolean value that indicates whether to never aggregate calculated field in filters.", - "title": "NeverAggregateInFilter", - "type": "boolean" - }, - "NonAdditive": { - "markdownDescription": "The non additive for the table style target.", - "title": "NonAdditive", - "type": "boolean" - }, - "NotAllowedAggregations": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "NotAllowedAggregations", - "type": "array" - }, - "SemanticType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", - "markdownDescription": "The semantic type.", - "title": "SemanticType" - }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "CalculatedFieldName", - "Expression" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicCategoryFilter": { + "AWS::Route53Profiles::ProfileResourceAssociation": { "additionalProperties": false, "properties": { - "CategoryFilterFunction": { - "markdownDescription": "The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` .", - "title": "CategoryFilterFunction", + "Condition": { "type": "string" }, - "CategoryFilterType": { - "markdownDescription": "The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter.", - "title": "CategoryFilterType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilterConstant", - "markdownDescription": "The constant used in a category filter.", - "title": "Constant" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Inverse": { - "markdownDescription": "A Boolean value that indicates if the filter is inverse.", - "title": "Inverse", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.TopicCategoryFilterConstant": { - "additionalProperties": false, - "properties": { - "CollectiveConstant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CollectiveConstant", - "markdownDescription": "A collective constant used in a category filter. This element is used to specify a list of values for the constant.", - "title": "CollectiveConstant" + "Metadata": { + "type": "object" }, - "ConstantType": { - "markdownDescription": "The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` .", - "title": "ConstantType", + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the Profile resource association.", + "title": "Name", + "type": "string" + }, + "ProfileId": { + "markdownDescription": "Profile ID of the Profile that the resources are associated with.", + "title": "ProfileId", + "type": "string" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource association.", + "title": "ResourceArn", + "type": "string" + }, + "ResourceProperties": { + "markdownDescription": "If the DNS resource is a DNS Firewall rule group, this indicates the priority.", + "title": "ResourceProperties", + "type": "string" + } + }, + "required": [ + "Name", + "ProfileId", + "ResourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Profiles::ProfileResourceAssociation" + ], "type": "string" }, - "SingularConstant": { - "markdownDescription": "A singular constant used in a category filter. This element is used to specify a single value for the constant.", - "title": "SingularConstant", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicColumn": { + "AWS::Route53RecoveryControl::Cluster": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "The type of aggregation that is performed on the column data when it's queried.", - "title": "Aggregation", - "type": "string" - }, - "AllowedAggregations": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "AllowedAggregations", - "type": "array" - }, - "CellValueSynonyms": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" - }, - "markdownDescription": "The other names or aliases for the column cell value.", - "title": "CellValueSynonyms", - "type": "array" - }, - "ColumnDataRole": { - "markdownDescription": "The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` .", - "title": "ColumnDataRole", - "type": "string" - }, - "ColumnDescription": { - "markdownDescription": "A description of the column and its contents.", - "title": "ColumnDescription", - "type": "string" - }, - "ColumnFriendlyName": { - "markdownDescription": "A user-friendly name for the column.", - "title": "ColumnFriendlyName", + "Condition": { "type": "string" }, - "ColumnName": { - "markdownDescription": "The name of the column.", - "title": "ColumnName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ColumnSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the column.", - "title": "ColumnSynonyms", - "type": "array" - }, - "ComparativeOrder": { - "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", - "markdownDescription": "The order in which data is displayed for the column when it's used in a comparative context.", - "title": "ComparativeOrder" - }, - "DefaultFormatting": { - "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", - "markdownDescription": "The default formatting used for values in the column.", - "title": "DefaultFormatting" - }, - "IsIncludedInTopic": { - "markdownDescription": "A Boolean value that indicates whether the column is included in the query results.", - "title": "IsIncludedInTopic", - "type": "boolean" - }, - "NeverAggregateInFilter": { - "markdownDescription": "A Boolean value that indicates whether to aggregate the column data when it's used in a filter context.", - "title": "NeverAggregateInFilter", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NonAdditive": { - "markdownDescription": "The non additive value for the column.", - "title": "NonAdditive", - "type": "boolean" + "Metadata": { + "type": "object" }, - "NotAllowedAggregations": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon).", + "title": "Name", + "type": "string" + }, + "NetworkType": { + "markdownDescription": "The network-type can either be IPV4 or DUALSTACK.", + "title": "NetworkType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the cluster.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", - "title": "NotAllowedAggregations", - "type": "array" + "required": [ + "Name" + ], + "type": "object" }, - "SemanticType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", - "markdownDescription": "The semantic type of data contained in the column.", - "title": "SemanticType" + "Type": { + "enum": [ + "AWS::Route53RecoveryControl::Cluster" + ], + "type": "string" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ColumnName" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicDateRangeFilter": { + "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { "additionalProperties": false, "properties": { - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", - "markdownDescription": "The constant used in a date range filter.", - "title": "Constant" + "Endpoint": { + "markdownDescription": "A cluster endpoint URL for one of the five redundant clusters that you specify to set or retrieve a routing control state.", + "title": "Endpoint", + "type": "string" }, - "Inclusive": { - "markdownDescription": "A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them.", - "title": "Inclusive", - "type": "boolean" + "Region": { + "markdownDescription": "The AWS Region for a cluster endpoint.", + "title": "Region", + "type": "string" } }, "type": "object" }, - "AWS::QuickSight::Topic.TopicFilter": { + "AWS::Route53RecoveryControl::ControlPanel": { "additionalProperties": false, "properties": { - "CategoryFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilter", - "markdownDescription": "The category filter that is associated with this filter.", - "title": "CategoryFilter" - }, - "DateRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicDateRangeFilter", - "markdownDescription": "The date range filter.", - "title": "DateRangeFilter" - }, - "FilterClass": { - "markdownDescription": "The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` .", - "title": "FilterClass", - "type": "string" - }, - "FilterDescription": { - "markdownDescription": "A description of the filter used to select items for a topic.", - "title": "FilterDescription", + "Condition": { "type": "string" }, - "FilterName": { - "markdownDescription": "The name of the filter.", - "title": "FilterName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "FilterSynonyms": { - "items": { - "type": "string" - }, - "markdownDescription": "The other names or aliases for the filter.", - "title": "FilterSynonyms", - "type": "array" - }, - "FilterType": { - "markdownDescription": "The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` .", - "title": "FilterType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NumericEqualityFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericEqualityFilter", - "markdownDescription": "The numeric equality filter.", - "title": "NumericEqualityFilter" + "Metadata": { + "type": "object" }, - "NumericRangeFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericRangeFilter", - "markdownDescription": "The numeric range filter.", - "title": "NumericRangeFilter" + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster for the control panel.", + "title": "ClusterArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the control panel. You can use any non-white space character in the name.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the control panel.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" }, - "OperandFieldName": { - "markdownDescription": "The name of the field that the filter operates on.", - "title": "OperandFieldName", + "Type": { + "enum": [ + "AWS::Route53RecoveryControl::ControlPanel" + ], "type": "string" }, - "RelativeDateFilter": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRelativeDateFilter", - "markdownDescription": "The relative date filter.", - "title": "RelativeDateFilter" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "FilterName", - "OperandFieldName" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicNamedEntity": { + "AWS::Route53RecoveryControl::RoutingControl": { "additionalProperties": false, "properties": { - "Definition": { - "items": { - "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinition" - }, - "markdownDescription": "The definition of a named entity.", - "title": "Definition", - "type": "array" - }, - "EntityDescription": { - "markdownDescription": "The description of the named entity.", - "title": "EntityDescription", + "Condition": { "type": "string" }, - "EntityName": { - "markdownDescription": "The name of the named entity.", - "title": "EntityName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "EntitySynonyms": { - "items": { - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the cluster that hosts the routing control.", + "title": "ClusterArn", + "type": "string" + }, + "ControlPanelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control panel that includes the routing control.", + "title": "ControlPanelArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the routing control. You can use any non-white space character in the name.", + "title": "Name", + "type": "string" + } }, - "markdownDescription": "The other names or aliases for the named entity.", - "title": "EntitySynonyms", - "type": "array" + "required": [ + "Name" + ], + "type": "object" }, - "SemanticEntityType": { - "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticEntityType", - "markdownDescription": "The type of named entity that a topic represents.", - "title": "SemanticEntityType" + "Type": { + "enum": [ + "AWS::Route53RecoveryControl::RoutingControl" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "EntityName" + "Type", + "Properties" ], "type": "object" }, - "AWS::QuickSight::Topic.TopicNumericEqualityFilter": { + "AWS::Route53RecoveryControl::SafetyRule": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", - "title": "Aggregation", + "Condition": { "type": "string" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", - "markdownDescription": "The constant used in a numeric equality filter.", - "title": "Constant" - } - }, - "type": "object" - }, - "AWS::QuickSight::Topic.TopicNumericRangeFilter": { - "additionalProperties": false, - "properties": { - "Aggregation": { - "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", - "title": "Aggregation", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", - "markdownDescription": "The constant used in a numeric range filter.", - "title": "Constant" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Inclusive": { - "markdownDescription": "A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter.", - "title": "Inclusive", - "type": "boolean" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssertionRule": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.AssertionRule", + "markdownDescription": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.", + "title": "AssertionRule" + }, + "ControlPanelArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control panel.", + "title": "ControlPanelArn", + "type": "string" + }, + "GatingRule": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.GatingRule", + "markdownDescription": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.", + "title": "GatingRule" + }, + "Name": { + "markdownDescription": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon)", + "title": "Name", + "type": "string" + }, + "RuleConfig": { + "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.RuleConfig", + "markdownDescription": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them.", + "title": "RuleConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags associated with the safety rule.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ControlPanelArn", + "Name", + "RuleConfig" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53RecoveryControl::SafetyRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicRangeFilterConstant": { + "AWS::Route53RecoveryControl::SafetyRule.AssertionRule": { "additionalProperties": false, "properties": { - "ConstantType": { - "markdownDescription": "The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` .", - "title": "ConstantType", - "type": "string" + "AssertedControls": { + "items": { + "type": "string" + }, + "markdownDescription": "The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions.", + "title": "AssertedControls", + "type": "array" }, - "RangeConstant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.RangeConstant", - "markdownDescription": "The value of the constant that is used to specify the endpoints of a range filter.", - "title": "RangeConstant" + "WaitPeriodMs": { + "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", + "title": "WaitPeriodMs", + "type": "number" } }, + "required": [ + "AssertedControls", + "WaitPeriodMs" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicRelativeDateFilter": { + "AWS::Route53RecoveryControl::SafetyRule.GatingRule": { "additionalProperties": false, "properties": { - "Constant": { - "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", - "markdownDescription": "The constant used in a relative date filter.", - "title": "Constant" + "GatingControls": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of gating routing control Amazon Resource Names (ARNs). For a simple on-off switch, specify the ARN for one routing control. The gating routing controls are evaluated by the rule configuration that you specify to determine if the target routing control states can be changed.", + "title": "GatingControls", + "type": "array" }, - "RelativeDateFilterFunction": { - "markdownDescription": "The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` .", - "title": "RelativeDateFilterFunction", - "type": "string" + "TargetControls": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of target routing control Amazon Resource Names (ARNs) for which the states can only be updated if the rule configuration that you specify evaluates to true for the gating routing control. As a simple example, if you have a single gating control, it acts as an overall on-off switch for a set of target routing controls. You can use this to manually override automated failover, for example.", + "title": "TargetControls", + "type": "array" }, - "TimeGranularity": { - "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", - "title": "TimeGranularity", - "type": "string" + "WaitPeriodMs": { + "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", + "title": "WaitPeriodMs", + "type": "number" } }, + "required": [ + "GatingControls", + "TargetControls", + "WaitPeriodMs" + ], "type": "object" }, - "AWS::QuickSight::Topic.TopicSingularFilterConstant": { + "AWS::Route53RecoveryControl::SafetyRule.RuleConfig": { "additionalProperties": false, "properties": { - "ConstantType": { - "markdownDescription": "The type of the singular filter constant. Valid values for this structure are `SINGULAR` .", - "title": "ConstantType", - "type": "string" + "Inverted": { + "markdownDescription": "Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa.", + "title": "Inverted", + "type": "boolean" }, - "SingularConstant": { - "markdownDescription": "The value of the singular filter constant.", - "title": "SingularConstant", + "Threshold": { + "markdownDescription": "The value of N, when you specify an `ATLEAST` rule type. That is, `Threshold` is the number of controls that must be set when you specify an `ATLEAST` type.", + "title": "Threshold", + "type": "number" + }, + "Type": { + "markdownDescription": "A rule can be one of the following: `ATLEAST` , `AND` , or `OR` .", + "title": "Type", "type": "string" } }, + "required": [ + "Inverted", + "Threshold", + "Type" + ], "type": "object" }, - "AWS::QuickSight::VPCConnection": { + "AWS::Route53RecoveryReadiness::Cell": { "additionalProperties": false, "properties": { "Condition": { @@ -223736,69 +276220,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailabilityStatus": { - "markdownDescription": "The availability status of the VPC connection.", - "title": "AvailabilityStatus", - "type": "string" - }, - "AwsAccountId": { - "markdownDescription": "The AWS account ID of the account where you want to create a new VPC connection.", - "title": "AwsAccountId", - "type": "string" - }, - "DnsResolvers": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IP addresses of DNS resolver endpoints for the VPC connection.", - "title": "DnsResolvers", - "type": "array" - }, - "Name": { - "markdownDescription": "The display name for the VPC connection.", - "title": "Name", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role associated with the VPC connection.", - "title": "RoleArn", + "CellName": { + "markdownDescription": "The name of the cell to create.", + "title": "CellName", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon EC2 security group IDs associated with the VPC connection.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { + "Cells": { "items": { "type": "string" }, - "markdownDescription": "A list of subnet IDs for the VPC connection.", - "title": "SubnetIds", + "markdownDescription": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific AWS Regions .", + "title": "Cells", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection.", + "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", "type": "array" - }, - "VPCConnectionId": { - "markdownDescription": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account.", - "title": "VPCConnectionId", - "type": "string" } }, "type": "object" }, "Type": { "enum": [ - "AWS::QuickSight::VPCConnection" + "AWS::Route53RecoveryReadiness::Cell" ], "type": "string" }, @@ -223816,38 +276264,7 @@ ], "type": "object" }, - "AWS::QuickSight::VPCConnection.NetworkInterface": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The availability zone that the network interface resides in.", - "title": "AvailabilityZone", - "type": "string" - }, - "ErrorMessage": { - "markdownDescription": "An error message.", - "title": "ErrorMessage", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface ID.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "Status": { - "markdownDescription": "The status of the network interface.", - "title": "Status", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The subnet ID associated with the network interface.", - "title": "SubnetId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RAM::Permission": { + "AWS::Route53RecoveryReadiness::ReadinessCheck": { "additionalProperties": false, "properties": { "Condition": { @@ -223882,40 +276299,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Specifies the name of the customer managed permission. The name must be unique within the AWS Region .", - "title": "Name", + "ReadinessCheckName": { + "markdownDescription": "The name of the readiness check to create.", + "title": "ReadinessCheckName", "type": "string" }, - "PolicyTemplate": { - "markdownDescription": "A string in JSON format string that contains the following elements of a resource-based policy:\n\n- *Effect* : must be set to `ALLOW` .\n- *Action* : specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *AWS Identity and Access Management User Guide* .\n- *Condition* : (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) in the *AWS Identity and Access Management User Guide* .\n\nThis template can't include either the `Resource` or `Principal` elements. Those are both filled in by AWS RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.", - "title": "PolicyTemplate", - "type": "object" - }, - "ResourceType": { - "markdownDescription": "Specifies the name of the resource type that this customer managed permission applies to.\n\nThe format is `** : **` and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string `ec2:subnet` . To see the list of valid values for this parameter, query the [ListResourceTypes](https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html) operation.", - "title": "ResourceType", + "ResourceSetName": { + "markdownDescription": "The name of the resource set to check.", + "title": "ResourceSetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies a list of one or more tag key and value pairs to attach to the permission.", + "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", "type": "array" } }, - "required": [ - "Name", - "PolicyTemplate", - "ResourceType" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RAM::Permission" + "AWS::Route53RecoveryReadiness::ReadinessCheck" ], "type": "string" }, @@ -223929,12 +276336,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RAM::ResourceShare": { + "AWS::Route53RecoveryReadiness::RecoveryGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -223969,65 +276375,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowExternalPrincipals": { - "markdownDescription": "Specifies whether principals outside your organization in AWS Organizations can be associated with a resource share. A value of `true` lets you share with individual AWS accounts that are *not* in your organization. A value of `false` only has meaning if your account is a member of an AWS Organization. The default value is `true` .", - "title": "AllowExternalPrincipals", - "type": "boolean" - }, - "Name": { - "markdownDescription": "Specifies the name of the resource share.", - "title": "Name", - "type": "string" - }, - "PermissionArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", - "title": "PermissionArns", - "type": "array" - }, - "Principals": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", - "title": "Principals", - "type": "array" - }, - "ResourceArns": { + "Cells": { "items": { "type": "string" }, - "markdownDescription": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", - "title": "ResourceArns", + "markdownDescription": "A list of the cell Amazon Resource Names (ARNs) in the recovery group.", + "title": "Cells", "type": "array" }, - "Sources": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Sources", - "type": "array" + "RecoveryGroupName": { + "markdownDescription": "The name of the recovery group to create.", + "title": "RecoveryGroupName", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.", + "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RAM::ResourceShare" + "AWS::Route53RecoveryReadiness::RecoveryGroup" ], "type": "string" }, @@ -224041,12 +276415,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::CustomDBEngineVersion": { + "AWS::Route53RecoveryReadiness::ResourceSet": { "additionalProperties": false, "properties": { "Condition": { @@ -224081,79 +276454,42 @@ "Properties": { "additionalProperties": false, "properties": { - "DatabaseInstallationFilesS3BucketName": { - "markdownDescription": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files` .", - "title": "DatabaseInstallationFilesS3BucketName", - "type": "string" - }, - "DatabaseInstallationFilesS3Prefix": { - "markdownDescription": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1` . If this setting isn't specified, no prefix is assumed.", - "title": "DatabaseInstallationFilesS3Prefix", - "type": "string" - }, - "Description": { - "markdownDescription": "An optional description of your CEV.", - "title": "Description", - "type": "string" - }, - "Engine": { - "markdownDescription": "The database engine to use for your custom engine version (CEV).\n\nValid values:\n\n- `custom-oracle-ee`\n- `custom-oracle-ee-cdb`", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The name of your CEV. The name format is `major version.customized_string` . For example, a valid CEV name is `19.my_cev1` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of `Engine` and `EngineVersion` is unique per customer per Region.\n\n*Constraints:* Minimum length is 1. Maximum length is 60.\n\n*Pattern:* `^[a-z0-9_.-]{1,60$` }", - "title": "EngineVersion", - "type": "string" - }, - "ImageId": { - "markdownDescription": "A value that indicates the ID of the AMI.", - "title": "ImageId", - "type": "string" - }, - "KMSKeyId": { - "markdownDescription": "The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS.\n\nIf you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in [Creating a symmetric encryption KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk) in the *AWS Key Management Service Developer Guide* .\n\nYou can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.", - "title": "KMSKeyId", - "type": "string" - }, - "Manifest": { - "markdownDescription": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.\n\nThe following JSON fields are valid:\n\n- **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format `YYYY-MM-DD` .\n- **databaseInstallationFileNames** - Ordered list of installation files for the CEV.\n- **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine.\n- **psuRuPatchFileNames** - The PSU and RU patches for this CEV.\n- **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches.\n\nFor more information, see [Creating the CEV manifest](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest) in the *Amazon RDS User Guide* .", - "title": "Manifest", + "ResourceSetName": { + "markdownDescription": "The name of the resource set to create.", + "title": "ResourceSetName", "type": "string" }, - "SourceCustomDbEngineVersionIdentifier": { - "markdownDescription": "The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either `Source` or `UseAwsProvidedLatestImage` . You can't specify a different JSON manifest when you specify `SourceCustomDbEngineVersionIdentifier` .", - "title": "SourceCustomDbEngineVersionIdentifier", + "ResourceSetType": { + "markdownDescription": "The resource type of the resources in the resource set. Enter one of the following values for resource type:\n\nAWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource.\n\nNote that AWS::Route53RecoveryReadiness::DNSTargetResource is only used for this setting. It isn't an actual AWS CloudFormation resource type.", + "title": "ResourceSetType", "type": "string" }, - "Status": { - "markdownDescription": "A value that indicates the status of a custom engine version (CEV).", - "title": "Status", - "type": "string" + "Resources": { + "items": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.Resource" + }, + "markdownDescription": "A list of resource objects in the resource set.", + "title": "Resources", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*", + "markdownDescription": "A tag to associate with the parameters for a resource set.", "title": "Tags", "type": "array" - }, - "UseAwsProvidedLatestImage": { - "markdownDescription": "Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify `UseAwsProvidedLatestImage` , you can't also specify `ImageId` .", - "title": "UseAwsProvidedLatestImage", - "type": "boolean" } }, "required": [ - "Engine", - "EngineVersion" + "ResourceSetType", + "Resources" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::CustomDBEngineVersion" + "AWS::Route53RecoveryReadiness::ResourceSet" ], "type": "string" }, @@ -224172,7 +276508,110 @@ ], "type": "object" }, - "AWS::RDS::DBCluster": { + "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { + "additionalProperties": false, + "properties": { + "DomainName": { + "markdownDescription": "The domain name that acts as an ingress point to a portion of the customer application.", + "title": "DomainName", + "type": "string" + }, + "HostedZoneArn": { + "markdownDescription": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.", + "title": "HostedZoneArn", + "type": "string" + }, + "RecordSetId": { + "markdownDescription": "The Amazon Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.", + "title": "RecordSetId", + "type": "string" + }, + "RecordType": { + "markdownDescription": "The type of DNS record of the target resource.", + "title": "RecordType", + "type": "string" + }, + "TargetResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.TargetResource", + "markdownDescription": "The target resource that the Route 53 record points to.", + "title": "TargetResource" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.NLBResource": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Network Load Balancer resource Amazon Resource Name (ARN).", + "title": "Arn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord": { + "additionalProperties": false, + "properties": { + "DomainName": { + "markdownDescription": "The DNS target domain name.", + "title": "DomainName", + "type": "string" + }, + "RecordSetId": { + "markdownDescription": "The Amazon Route 53 Resource Record Set ID.", + "title": "RecordSetId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.Resource": { + "additionalProperties": false, + "properties": { + "ComponentId": { + "markdownDescription": "The component identifier of the resource, generated when DNS target resource is used.", + "title": "ComponentId", + "type": "string" + }, + "DnsTargetResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource", + "markdownDescription": "A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting.", + "title": "DnsTargetResource" + }, + "ReadinessScopes": { + "items": { + "type": "string" + }, + "markdownDescription": "The recovery group Amazon Resource Name (ARN) or the cell ARN that the readiness checks for this resource set are scoped to.", + "title": "ReadinessScopes", + "type": "array" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS resource. This is a required setting for all `ResourceSet` `ResourceSetType` settings except `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set this when `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` .", + "title": "ResourceArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53RecoveryReadiness::ResourceSet.TargetResource": { + "additionalProperties": false, + "properties": { + "NLBResource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.NLBResource", + "markdownDescription": "The Network Load Balancer resource that a DNS target resource points to.", + "title": "NLBResource" + }, + "R53Resource": { + "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord", + "markdownDescription": "The Route 53 resource that a DNS target resource record points to.", + "title": "R53Resource" + } + }, + "type": "object" + }, + "AWS::Route53Resolver::FirewallDomainList": { "additionalProperties": false, "properties": { "Condition": { @@ -224207,297 +276646,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nThis setting is required to create a Multi-AZ DB cluster.", - "title": "AllocatedStorage", - "type": "number" - }, - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBCluster.DBClusterRole" - }, - "markdownDescription": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "AssociatedRoles", - "type": "array" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB cluster.\n\nFor more information about automatic minor version upgrades, see [Automatically upgrading the minor engine version](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html#USER_UpgradeDBInstance.Upgrading.AutoMinorVersionUpgrades) .", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AvailabilityZones": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "AvailabilityZones", - "type": "array" - }, - "BacktrackWindow": { - "markdownDescription": "The target backtrack window, in seconds. To disable backtracking, set this value to `0` .\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: `0`\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).", - "title": "BacktrackWindow", - "type": "number" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "DBClusterIdentifier": { - "markdownDescription": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterInstanceClass": { - "markdownDescription": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", - "title": "DBClusterInstanceClass", - "type": "string" - }, - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the DB cluster parameter group to associate with this DB cluster.\n\n> If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n> \n> If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. \n\nTo list all of the available DB cluster parameter group names, use the following command:\n\n`aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBClusterParameterGroupName", - "type": "string" - }, - "DBInstanceParameterGroupName": { - "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster.\n\n> When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. \n\nValid for Cluster Type: Aurora DB clusters only\n\nDefault: The existing name setting\n\nConstraints:\n\n- The DB parameter group must be in the same DB parameter group family as this DB cluster.\n- The `DBInstanceParameterGroupName` parameter is valid in combination with the `AllowMajorVersionUpgrade` parameter for a major version upgrade only.", - "title": "DBInstanceParameterGroupName", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group that you want to associate with this DB cluster.\n\nIf you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DBSystemId": { - "markdownDescription": "Reserved for future use.", - "title": "DBSystemId", - "type": "string" - }, - "DatabaseName": { - "markdownDescription": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DatabaseName", - "type": "string" - }, - "DeletionProtection": { - "markdownDescription": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "DeletionProtection", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "Domain", - "type": "string" - }, - "DomainIAMRoleName": { - "markdownDescription": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", - "title": "DomainIAMRoleName", + "DomainFileUrl": { + "markdownDescription": "The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import.\n\nThe file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line.", + "title": "DomainFileUrl", "type": "string" }, - "EnableCloudwatchLogsExports": { + "Domains": { "items": { "type": "string" }, - "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .\n\n*Aurora MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Aurora PostgreSQL*\n\nValid values: `postgresql`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "EnableCloudwatchLogsExports", + "markdownDescription": "A list of the domain lists that you have defined.", + "title": "Domains", "type": "array" }, - "EnableGlobalWriteForwarding": { - "markdownDescription": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EnableGlobalWriteForwarding", - "type": "boolean" - }, - "EnableHttpEndpoint": { - "markdownDescription": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n\nFor more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EnableHttpEndpoint", - "type": "boolean" - }, - "EnableIAMDatabaseAuthentication": { - "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nFor more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", - "title": "EnableIAMDatabaseAuthentication", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "Engine", - "type": "string" - }, - "EngineMode": { - "markdownDescription": "The DB engine mode of the DB cluster, either `provisioned` or `serverless` .\n\nThe `serverless` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the `provisioned` engine mode.\n\nFor information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* :\n\n- [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n- [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\nValid for Cluster Type: Aurora DB clusters only", - "title": "EngineMode", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nYou can supply either `5.7` or `8.0` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for MySQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`\n\n*Aurora MySQL*\n\nFor information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide* .\n\n*Aurora PostgreSQL*\n\nFor information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide* .\n\n*MySQL*\n\nFor information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide* .\n\n*PostgreSQL*\n\nFor information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "EngineVersion", - "type": "string" - }, - "GlobalClusterIdentifier": { - "markdownDescription": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.\n\nIf you aren't configuring a global database cluster, don't specify this property.\n\n> To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property. \n\nFor information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", - "title": "GlobalClusterIdentifier", - "type": "string" - }, - "Iops": { - "markdownDescription": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nConstraints:\n\n- Must be a multiple between .5 and 50 of the storage amount for the DB cluster.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .\n\nIf you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set `KmsKeyId` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "KmsKeyId", - "type": "string" - }, - "ManageMasterUserPassword": { - "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", - "title": "ManageMasterUserPassword", - "type": "boolean" - }, - "MasterUserPassword": { - "markdownDescription": "The master password for the DB instance.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUserSecret": { - "$ref": "#/definitions/AWS::RDS::DBCluster.MasterUserSecret", - "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\n> When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the `SecretArn` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret. \n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*", - "title": "MasterUserSecret" - }, - "MasterUsername": { - "markdownDescription": "The name of the master user for the DB cluster.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MasterUsername", - "type": "string" - }, - "MonitoringInterval": { - "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than `0` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", - "title": "MonitoringInterval", - "type": "number" - }, - "MonitoringRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , supply a `MonitoringRoleArn` value.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "MonitoringRoleArn", - "type": "string" - }, - "NetworkType": { - "markdownDescription": "The network type of the DB cluster.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", - "title": "NetworkType", - "type": "string" - }, - "PerformanceInsightsEnabled": { - "markdownDescription": "Specifies whether to turn on Performance Insights for the DB cluster.\n\nFor more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PerformanceInsightsEnabled", - "type": "boolean" - }, - "PerformanceInsightsKmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PerformanceInsightsKmsKeyId", - "type": "string" - }, - "PerformanceInsightsRetentionPeriod": { - "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB cluster without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS issues an error.", - "title": "PerformanceInsightsRetentionPeriod", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nDefault:\n\n- When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)\n- When `EngineMode` is `serverless` :\n\n- `3306` when `Engine` is `aurora` or `aurora-mysql`\n- `5432` when `Engine` is `aurora-postgresql`\n\n> The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "Port", - "type": "number" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "Specifies whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible and you connect from outside of the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) endpoint resolves to the public IP address. When you connect from within the same VPC as the DB cluster, the endpoint resolves to the private IP address. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicationSourceIdentifier": { - "markdownDescription": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n\nValid for: Aurora DB clusters only", - "title": "ReplicationSourceIdentifier", - "type": "string" - }, - "RestoreToTime": { - "markdownDescription": "The date and time to restore the DB cluster to.\n\nValid Values: Value must be a time in Universal Coordinated Time (UTC) format\n\nConstraints:\n\n- Must be before the latest restorable time for the DB instance\n- Must be specified if `UseLatestRestorableTime` parameter isn't provided\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled\n- Can't be specified if the `RestoreType` parameter is `copy-on-write`\n\nThis property must be used with `SourceDBClusterIdentifier` property. The resulting cluster will have the identifier that matches the value of the `DBclusterIdentifier` property.\n\nExample: `2015-03-07T23:45:00Z`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "RestoreToTime", - "type": "string" - }, - "RestoreType": { - "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "RestoreType", - "type": "string" - }, - "ScalingConfiguration": { - "$ref": "#/definitions/AWS::RDS::DBCluster.ScalingConfiguration", - "markdownDescription": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", - "title": "ScalingConfiguration" - }, - "ServerlessV2ScalingConfiguration": { - "$ref": "#/definitions/AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration", - "markdownDescription": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", - "title": "ServerlessV2ScalingConfiguration" - }, - "SnapshotIdentifier": { - "markdownDescription": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "SnapshotIdentifier", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "SourceRegion": { - "markdownDescription": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", - "title": "SourceRegion", - "type": "string" - }, - "StorageEncrypted": { - "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", - "title": "StorageType", + "Name": { + "markdownDescription": "The name of the domain list.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters", + "markdownDescription": "A list of the tag keys and values that you want to associate with the domain list.", "title": "Tags", "type": "array" - }, - "UseLatestRestorableTime": { - "markdownDescription": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of EC2 VPC security groups to associate with this DB cluster.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", - "title": "VpcSecurityGroupIds", - "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBCluster" + "AWS::Route53Resolver::FirewallDomainList" ], "type": "string" }, @@ -224515,121 +276695,156 @@ ], "type": "object" }, - "AWS::RDS::DBCluster.DBClusterRole": { + "AWS::Route53Resolver::FirewallRuleGroup": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", - "title": "FeatureName", + "Condition": { "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", - "title": "RoleArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "AWS::RDS::DBCluster.Endpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "Specifies the connection endpoint for the primary instance of the DB cluster.", - "title": "Address", + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "FirewallRules": { + "items": { + "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroup.FirewallRule" + }, + "markdownDescription": "A list of the rules that you have defined.", + "title": "FirewallRules", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the rule group.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53Resolver::FirewallRuleGroup" + ], "type": "string" }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::RDS::DBCluster.MasterUserSecret": { + "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", - "title": "KmsKeyId", + "Action": { + "markdownDescription": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advvanced rule:\n\n- `ALLOW` - Permit the request to go through. Not available for DNS Firewall Advanced rules.\n- `ALERT` - Permit the request to go through but send an alert to the logs.\n- `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified.\n\nif `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified:\n\n- `BlockOverrideDnsType`\n- `BlockOverrideDomain`\n- `BlockOverrideTtl`", + "title": "Action", "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values) .", - "title": "SecretArn", + "BlockOverrideDnsType": { + "markdownDescription": "The DNS record's type. This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideDnsType", "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBCluster.ReadEndpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The host address of the reader endpoint.", - "title": "Address", + }, + "BlockOverrideDomain": { + "markdownDescription": "The custom DNS record to send back in response to the query. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideDomain", "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBCluster.ScalingConfiguration": { - "additionalProperties": false, - "properties": { - "AutoPause": { - "markdownDescription": "Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in `serverless` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).\n\n> If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.", - "title": "AutoPause", - "type": "boolean" }, - "MaxCapacity": { - "markdownDescription": "The maximum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe maximum capacity must be greater than or equal to the minimum capacity.", - "title": "MaxCapacity", + "BlockOverrideTtl": { + "markdownDescription": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", + "title": "BlockOverrideTtl", "type": "number" }, - "MinCapacity": { - "markdownDescription": "The minimum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe minimum capacity must be less than or equal to the maximum capacity.", - "title": "MinCapacity", - "type": "number" + "BlockResponse": { + "markdownDescription": "The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` .\n\n- `NODATA` - Respond indicating that the query was successful, but no response is available for it.\n- `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist.\n- `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings.", + "title": "BlockResponse", + "type": "string" }, - "SecondsBeforeTimeout": { - "markdownDescription": "The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300.\n\nSpecify a value between 60 and 600 seconds.", - "title": "SecondsBeforeTimeout", - "type": "number" + "ConfidenceThreshold": { + "markdownDescription": "The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule. The confidence level values mean:\n\n- `LOW` : Provides the highest detection rate for threats, but also increases false positives.\n- `MEDIUM` : Provides a balance between detecting threats and false positives.\n- `HIGH` : Detects only the most well corroborated threats with a low rate of false positives.", + "title": "ConfidenceThreshold", + "type": "string" }, - "SecondsUntilAutoPause": { - "markdownDescription": "The time, in seconds, before an Aurora DB cluster in `serverless` mode is paused.\n\nSpecify a value between 300 and 86,400 seconds.", - "title": "SecondsUntilAutoPause", - "type": "number" + "DnsThreatProtection": { + "markdownDescription": "The type of the DNS Firewall Advanced rule. Valid values are:\n\n- `DGA` : Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains to to launch malware attacks.\n- `DNS_TUNNELING` : DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without making a network connection to the client.", + "title": "DnsThreatProtection", + "type": "string" }, - "TimeoutAction": { - "markdownDescription": "The action to take when the timeout is reached, either `ForceApplyCapacityChange` or `RollbackCapacityChange` .\n\n`ForceApplyCapacityChange` sets the capacity to the specified value as soon as possible.\n\n`RollbackCapacityChange` , the default, ignores the capacity change if a scaling point isn't found in the timeout period.\n\n> If you specify `ForceApplyCapacityChange` , connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. \n\nFor more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide* .", - "title": "TimeoutAction", + "FirewallDomainListId": { + "markdownDescription": "The ID of the domain list that's used in the rule.", + "title": "FirewallDomainListId", "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration": { - "additionalProperties": false, - "properties": { - "MaxCapacity": { - "markdownDescription": "The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.\n\nThe maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide* .\n\nAurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the `ParameterApplyStatus` value for the DB instance changes to `pending-reboot` . You can update the parameter values by rebooting the DB instance after changing the capacity range.", - "title": "MaxCapacity", - "type": "number" }, - "MinCapacity": { - "markdownDescription": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5.", - "title": "MinCapacity", + "FirewallDomainRedirectionAction": { + "markdownDescription": "How you want the the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME, or DNAME.\n\n`Inspect_Redirection_Domain` (Default) inspects all domains in the redirection chain. The individual domains in the redirection chain must be added to the domain list.\n\n`Trust_Redirection_Domain` inspects only the first domain in the redirection chain. You don't need to add the subsequent domains in the domain in the redirection list to the domain list.", + "title": "FirewallDomainRedirectionAction", + "type": "string" + }, + "FirewallThreatProtectionId": { + "markdownDescription": "ID of the DNS Firewall Advanced rule.", + "title": "FirewallThreatProtectionId", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.", + "title": "Priority", "type": "number" + }, + "Qtype": { + "markdownDescription": "The DNS query type you want the rule to evaluate. Allowed values are;\n\n- A: Returns an IPv4 address.\n- AAAA: Returns an Ipv6 address.\n- CAA: Restricts CAs that can create SSL/TLS certifications for the domain.\n- CNAME: Returns another domain name.\n- DS: Record that identifies the DNSSEC signing key of a delegated zone.\n- MX: Specifies mail servers.\n- NAPTR: Regular-expression-based rewriting of domain names.\n- NS: Authoritative name servers.\n- PTR: Maps an IP address to a domain name.\n- SOA: Start of authority record for the zone.\n- SPF: Lists the servers authorized to send emails from a domain.\n- SRV: Application specific values that identify servers.\n- TXT: Verifies email senders and application-specific values.\n- A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPE NUMBER , where the NUMBER can be 1-65334, for example, TYPE28. For more information, see [List of DNS record types](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_DNS_record_types) .", + "title": "Qtype", + "type": "string" } }, + "required": [ + "Action", + "Priority" + ], "type": "object" }, - "AWS::RDS::DBClusterParameterGroup": { + "AWS::Route53Resolver::FirewallRuleGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -224664,45 +276879,50 @@ "Properties": { "additionalProperties": false, "properties": { - "DBClusterParameterGroupName": { - "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing DB cluster parameter group.\n\n> This value is stored as a lowercase string.", - "title": "DBClusterParameterGroupName", + "FirewallRuleGroupId": { + "markdownDescription": "The unique identifier of the firewall rule group.", + "title": "FirewallRuleGroupId", "type": "string" }, - "Description": { - "markdownDescription": "The description for the DB cluster parameter group.", - "title": "Description", + "MutationProtection": { + "markdownDescription": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.", + "title": "MutationProtection", "type": "string" }, - "Family": { - "markdownDescription": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n\n*Aurora MySQL*\n\nExample: `aurora-mysql5.7` , `aurora-mysql8.0`\n\n*Aurora PostgreSQL*\n\nExample: `aurora-postgresql14`\n\n*RDS for MySQL*\n\nExample: `mysql8.0`\n\n*RDS for PostgreSQL*\n\nExample: `postgres13`\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`", - "title": "Family", + "Name": { + "markdownDescription": "The name of the association.", + "title": "Name", "type": "string" }, - "Parameters": { - "markdownDescription": "Provides a list of parameters for the DB cluster parameter group.", - "title": "Parameters", - "type": "object" + "Priority": { + "markdownDescription": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.\n\nYou must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.\n\nThe allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900).", + "title": "Priority", + "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the DB cluster parameter group.", + "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", "title": "Tags", "type": "array" + }, + "VpcId": { + "markdownDescription": "The unique identifier of the VPC that is associated with the rule group.", + "title": "VpcId", + "type": "string" } }, "required": [ - "Description", - "Family", - "Parameters" + "FirewallRuleGroupId", + "Priority", + "VpcId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBClusterParameterGroup" + "AWS::Route53Resolver::FirewallRuleGroupAssociation" ], "type": "string" }, @@ -224721,7 +276941,7 @@ ], "type": "object" }, - "AWS::RDS::DBInstance": { + "AWS::Route53Resolver::OutpostResolver": { "additionalProperties": false, "properties": { "Condition": { @@ -224756,404 +276976,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n\n> If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments). \n\n*Amazon Aurora*\n\nNot applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n\n*Db2*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n\n*MySQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*MariaDB*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*PostgreSQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*Oracle*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 10 to 3072.\n\n*SQL Server*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Provisioned IOPS storage (io1):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Magnetic storage (standard):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 1024.\n- Web and Express editions: Must be an integer from 20 to 1024.", - "title": "AllocatedStorage", - "type": "string" - }, - "AllowMajorVersionUpgrade": { - "markdownDescription": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n\nConstraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.", - "title": "AllowMajorVersionUpgrade", - "type": "boolean" - }, - "AssociatedRoles": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBInstance.DBInstanceRole" - }, - "markdownDescription": "The AWS Identity and Access Management (IAM) roles associated with the DB instance.\n\n*Amazon Aurora*\n\nNot applicable. The associated roles are managed by the DB cluster.", - "title": "AssociatedRoles", - "type": "array" - }, - "AutoMinorVersionUpgrade": { - "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.", - "title": "AutoMinorVersionUpgrade", - "type": "boolean" - }, - "AutomaticBackupReplicationKmsKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region , for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE` .", - "title": "AutomaticBackupReplicationKmsKeyId", - "type": "string" - }, - "AutomaticBackupReplicationRegion": { - "markdownDescription": "The AWS Region associated with the automated backup.", - "title": "AutomaticBackupReplicationRegion", - "type": "string" - }, - "AvailabilityZone": { - "markdownDescription": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", - "title": "AvailabilityZone", - "type": "string" - }, - "BackupRetentionPeriod": { - "markdownDescription": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", - "title": "BackupRetentionPeriod", - "type": "number" - }, - "CACertificateIdentifier": { - "markdownDescription": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", - "title": "CACertificateIdentifier", - "type": "string" - }, - "CertificateDetails": { - "$ref": "#/definitions/AWS::RDS::DBInstance.CertificateDetails" - }, - "CertificateRotationRestart": { - "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "CertificateRotationRestart", - "type": "boolean" - }, - "CharacterSetName": { - "markdownDescription": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", - "title": "CharacterSetName", - "type": "string" - }, - "CopyTagsToSnapshot": { - "markdownDescription": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.", - "title": "CopyTagsToSnapshot", - "type": "boolean" - }, - "CustomIAMInstanceProfile": { - "markdownDescription": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n\nThis setting is required for RDS Custom.\n\nConstraints:\n\n- The profile must exist in your account.\n- The profile must have an IAM role that Amazon EC2 has permissions to assume.\n- The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .\n\nFor the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .", - "title": "CustomIAMInstanceProfile", - "type": "string" - }, - "DBClusterIdentifier": { - "markdownDescription": "The identifier of the DB cluster that this DB instance will belong to.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "DBClusterIdentifier", - "type": "string" - }, - "DBClusterSnapshotIdentifier": { - "markdownDescription": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n\nFor more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n- Can't be specified when `DBSnapshotIdentifier` is specified.\n- Must be specified when `DBSnapshotIdentifier` isn't specified.\n- If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.\n- Can't be the identifier of an Aurora DB cluster snapshot.", - "title": "DBClusterSnapshotIdentifier", - "type": "string" - }, - "DBInstanceClass": { - "markdownDescription": "The compute and memory capacity of the DB instance, for example `db.m5.large` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide* .", - "title": "DBInstanceClass", - "type": "string" - }, - "DBInstanceIdentifier": { - "markdownDescription": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "DBInstanceIdentifier", - "type": "string" - }, - "DBName": { - "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n> If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle. \n\n*Amazon Aurora*\n\nNot applicable. The database name is managed by the DB cluster.\n\n*Db2*\n\nThe name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Can't be a word reserved by the specified database engine.\n\n*MySQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*MariaDB*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*PostgreSQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.\n\nConstraints:\n\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Must contain 1 to 63 characters.\n- Can't be a word reserved by the specified database engine\n\n*Oracle*\n\nThe Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .\n\nDefault: `ORCL`\n\nConstraints:\n\n- Can't be longer than 8 characters\n\n*SQL Server*\n\nNot applicable. Must be null.", - "title": "DBName", - "type": "string" - }, - "DBParameterGroupName": { - "markdownDescription": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n\nTo list all of the available DB parameter group names, use the following command:\n\n`aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`\n\n> If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot. \n\nIf you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.", - "title": "DBParameterGroupName", - "type": "string" - }, - "DBSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n\nIf you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n\n> If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n> \n> - `AllocatedStorage`\n> - `AutoMinorVersionUpgrade`\n> - `AvailabilityZone`\n> - `BackupRetentionPeriod`\n> - `CharacterSetName`\n> - `DBInstanceClass`\n> - `DBName`\n> - `DBParameterGroupName`\n> - `DBSecurityGroups`\n> - `DBSubnetGroupName`\n> - `Engine`\n> - `EngineVersion`\n> - `Iops`\n> - `LicenseModel`\n> - `MasterUsername`\n> - `MasterUserPassword`\n> - `MultiAZ`\n> - `OptionGroupName`\n> - `PreferredBackupWindow`\n> - `PreferredMaintenanceWindow`\n> \n> All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.", - "title": "DBSecurityGroups", - "type": "array" - }, - "DBSnapshotIdentifier": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n\nBy specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n\nSome DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties, and the point-in-time recovery properties `RestoreTime` and `UseLatestRestorableTime` . For information about the properties that you can specify, see the [`RestoreDBInstanceFromDBSnapshot`](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html) action in the *Amazon RDS API Reference* .\n\nAfter you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.\n\nIf you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n\n- `CharacterSetName`\n- `DBClusterIdentifier`\n- `DBName`\n- `KmsKeyId`\n- `MasterUsername`\n- `MasterUserPassword`\n- `PromotionTier`\n- `SourceDBInstanceIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an unencrypted snapshot)\n- `Timezone`\n\n*Amazon Aurora*\n\nNot applicable. Snapshot restore is managed by the DB cluster.", - "title": "DBSnapshotIdentifier", - "type": "string" - }, - "DBSubnetGroupName": { - "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC.\n\nIf you don't specify a DB subnet group, RDS uses the default DB subnet group if one exists. If a default DB subnet group does not exist, and you don't specify a `DBSubnetGroupName` , the DB instance fails to launch.\n\nFor more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", - "title": "DBSubnetGroupName", - "type": "string" - }, - "DedicatedLogVolume": { - "markdownDescription": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled.", - "title": "DedicatedLogVolume", - "type": "boolean" - }, - "DeleteAutomatedBackups": { - "markdownDescription": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n\n*Amazon Aurora*\n\nNot applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.", - "title": "DeleteAutomatedBackups", - "type": "boolean" - }, - "DeletionProtection": { - "markdownDescription": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .\n\nThis setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", - "title": "DeletionProtection", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n\nFor more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .", - "title": "Domain", - "type": "string" - }, - "DomainAuthSecretArn": { - "markdownDescription": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n\nExample: `arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456`", - "title": "DomainAuthSecretArn", - "type": "string" - }, - "DomainDnsIps": { - "items": { - "type": "string" - }, - "markdownDescription": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n\nConstraints:\n\n- Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n\nExample: `123.124.125.126,234.235.236.237`", - "title": "DomainDnsIps", - "type": "array" - }, - "DomainFqdn": { - "markdownDescription": "The fully qualified domain name (FQDN) of an Active Directory domain.\n\nConstraints:\n\n- Can't be longer than 64 characters.\n\nExample: `mymanagedADtest.mymanagedAD.mydomain`", - "title": "DomainFqdn", - "type": "string" - }, - "DomainIAMRoleName": { - "markdownDescription": "The name of the IAM role to use when making API calls to the Directory Service.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (The domain is managed by the DB cluster.)\n- RDS Custom", - "title": "DomainIAMRoleName", - "type": "string" - }, - "DomainOu": { - "markdownDescription": "The Active Directory organizational unit for your DB instance to join.\n\nConstraints:\n\n- Must be in the distinguished name format.\n- Can't be longer than 64 characters.\n\nExample: `OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain`", - "title": "DomainOu", - "type": "string" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. CloudWatch Logs exports are managed by the DB cluster.\n\n*Db2*\n\nValid values: `diag.log` , `notify.log`\n\n*MariaDB*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Microsoft SQL Server*\n\nValid values: `agent` , `error`\n\n*MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Oracle*\n\nValid values: `alert` , `audit` , `listener` , `trace` , `oemagent`\n\n*PostgreSQL*\n\nValid values: `postgresql` , `upgrade`", - "title": "EnableCloudwatchLogsExports", - "type": "array" - }, - "EnableIAMDatabaseAuthentication": { - "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nThis property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*\n\n*Amazon Aurora*\n\nNot applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.", - "title": "EnableIAMDatabaseAuthentication", - "type": "boolean" - }, - "EnablePerformanceInsights": { - "markdownDescription": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "EnablePerformanceInsights", - "type": "boolean" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::RDS::DBInstance.Endpoint" - }, - "Engine": { - "markdownDescription": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n\nThis property is required when creating a DB instance.\n\n> You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the `Engine` value in your templates from `oracle-ee` to `oracle-ee-cdb` or from `oracle-se2` to `oracle-se2-cdb` . Converting to the CDB architecture requires an interruption. \n\nValid Values:\n\n- `aurora-mysql` (for Aurora MySQL DB instances)\n- `aurora-postgresql` (for Aurora PostgreSQL DB instances)\n- `custom-oracle-ee` (for RDS Custom for Oracle DB instances)\n- `custom-oracle-ee-cdb` (for RDS Custom for Oracle DB instances)\n- `custom-sqlserver-ee` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-se` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-web` (for RDS Custom for SQL Server DB instances)\n- `db2-ae`\n- `db2-se`\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The version number of the database engine to use.\n\nFor a list of valid engine versions, use the `DescribeDBEngineVersions` action.\n\nThe following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n\n*Amazon Aurora*\n\nNot applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n\n*Db2*\n\nSee [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*MariaDB*\n\nSee [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Microsoft SQL Server*\n\nSee [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*\n\n*MySQL*\n\nSee [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Oracle*\n\nSee [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*\n\n*PostgreSQL*\n\nSee [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*", - "title": "EngineVersion", - "type": "string" - }, - "Iops": { - "markdownDescription": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000.\n\nIf you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\n> If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property. \n\nConstraints:\n\n- For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n- For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.", - "title": "Iops", - "type": "number" - }, - "KmsKeyId": { - "markdownDescription": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n\nIf you specify the `DBSnapshotIdentifier` property, don't specify this property. The `StorageEncrypted` property value is inherited from the snapshot. If the DB instance is encrypted, the specified `KmsKeyId` property is also inherited from the snapshot.\n\nIf you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The KMS key identifier is managed by the DB cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LicenseModel": { - "markdownDescription": "License model information for this DB instance.\n\nValid Values:\n\n- Aurora MySQL - `general-public-license`\n- Aurora PostgreSQL - `postgresql-license`\n- RDS for Db2 - `bring-your-own-license` . For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.*\n- RDS for MariaDB - `general-public-license`\n- RDS for Microsoft SQL Server - `license-included`\n- RDS for MySQL - `general-public-license`\n- RDS for Oracle - `bring-your-own-license` or `license-included`\n- RDS for PostgreSQL - `postgresql-license`\n\n> If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.", - "title": "LicenseModel", - "type": "string" - }, - "ManageMasterUserPassword": { - "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", - "title": "ManageMasterUserPassword", - "type": "boolean" - }, - "MasterUserPassword": { - "markdownDescription": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n\n*Amazon Aurora*\n\nNot applicable. The password for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nMust contain from 8 to 255 characters.\n\n*RDS for MariaDB*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Microsoft SQL Server*\n\nConstraints: Must contain from 8 to 128 characters.\n\n*RDS for MySQL*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Oracle*\n\nConstraints: Must contain from 8 to 30 characters.\n\n*RDS for PostgreSQL*\n\nConstraints: Must contain from 8 to 128 characters.", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUserSecret": { - "$ref": "#/definitions/AWS::RDS::DBInstance.MasterUserSecret", - "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*", - "title": "MasterUserSecret" - }, - "MasterUsername": { - "markdownDescription": "The master user name for the DB instance.\n\n> If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n> \n> When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. \n\n*Amazon Aurora*\n\nNot applicable. The name for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MariaDB*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Microsoft SQL Server*\n\nConstraints:\n\n- Must be 1 to 128 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MySQL*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Oracle*\n\nConstraints:\n\n- Must be 1 to 30 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for PostgreSQL*\n\nConstraints:\n\n- Must be 1 to 63 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.", - "title": "MasterUsername", - "type": "string" - }, - "MaxAllocatedStorage": { - "markdownDescription": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (Storage is managed by the DB cluster.)\n- RDS Custom", - "title": "MaxAllocatedStorage", - "type": "number" - }, - "MonitoringInterval": { - "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than `0` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", - "title": "MonitoringInterval", - "type": "number" - }, - "MonitoringRoleArn": { - "markdownDescription": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , then you must supply a `MonitoringRoleArn` value.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "MonitoringRoleArn", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to Amazon Aurora because the DB instance Availability Zones (AZs) are managed by the DB cluster.", - "title": "MultiAZ", - "type": "boolean" - }, - "NcharCharacterSetName": { - "markdownDescription": "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "NcharCharacterSetName", - "type": "string" - }, - "NetworkType": { - "markdownDescription": "The network type of the DB instance.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*", - "title": "NetworkType", - "type": "string" - }, - "OptionGroupName": { - "markdownDescription": "Indicates that the DB instance should be associated with the specified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.", - "title": "OptionGroupName", - "type": "string" - }, - "PerformanceInsightsKMSKeyId": { - "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n\nFor information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .", - "title": "PerformanceInsightsKMSKeyId", - "type": "string" - }, - "PerformanceInsightsRetentionPeriod": { - "markdownDescription": "The number of days to retain Performance Insights data. When creating a DB instance without enabling Performance Insights, you can't specify the parameter `PerformanceInsightsRetentionPeriod` .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS returns an error.", - "title": "PerformanceInsightsRetentionPeriod", - "type": "number" - }, - "Port": { - "markdownDescription": "The port number on which the database accepts connections.\n\nThis setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n\nValid Values: `1150-65535`\n\nDefault:\n\n- RDS for Db2 - `50000`\n- RDS for MariaDB - `3306`\n- RDS for Microsoft SQL Server - `1433`\n- RDS for MySQL - `3306`\n- RDS for Oracle - `1521`\n- RDS for PostgreSQL - `5432`\n\nConstraints:\n\n- For RDS for Microsoft SQL Server, the value can't be `1234` , `1434` , `3260` , `3343` , `3389` , `47001` , or `49152-49156` .", - "title": "Port", - "type": "string" - }, - "PreferredBackupWindow": { - "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\n*Amazon Aurora*\n\nNot applicable. The daily time range for creating automated backups is managed by the DB cluster.", - "title": "PreferredBackupWindow", - "type": "string" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*\n\n> This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately. \n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "ProcessorFeatures": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBInstance.ProcessorFeature" - }, - "markdownDescription": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances.", - "title": "ProcessorFeatures", - "type": "array" - }, - "PromotionTier": { - "markdownDescription": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nDefault: `1`\n\nValid Values: `0 - 15`", - "title": "PromotionTier", + "InstanceCount": { + "markdownDescription": "Amazon EC2 instance count for the Resolver on the Outpost.", + "title": "InstanceCount", "type": "number" }, - "PubliclyAccessible": { - "markdownDescription": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.\n\nThe default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ReplicaMode": { - "markdownDescription": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .\n\nThis setting is only supported in RDS for Oracle.\n\nDefault: `open-read-only`\n\nValid Values: `open-read-only` or `mounted`", - "title": "ReplicaMode", - "type": "string" - }, - "RestoreTime": { - "markdownDescription": "The date and time to restore from. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must be a time in Universal Coordinated Time (UTC) format.\n- Must be before the latest restorable time for the DB instance.\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled.\n\nExample: `2009-09-07T23:45:00Z`", - "title": "RestoreTime", - "type": "string" - }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n\nConstraints:\n\n- Must be the identifier of an existing Multi-AZ DB cluster.\n- Can't be specified if the `SourceDBInstanceIdentifier` parameter is also specified.\n- The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n- The source DB cluster must be in the same AWS Region as the read replica. Cross-Region replication isn't supported.", - "title": "SourceDBClusterIdentifier", - "type": "string" - }, - "SourceDBInstanceAutomatedBackupsArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .\n\nThis setting doesn't apply to RDS Custom.", - "title": "SourceDBInstanceAutomatedBackupsArn", - "type": "string" - }, - "SourceDBInstanceIdentifier": { - "markdownDescription": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\nThe `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n\nIf you specify the `UseLatestRestorableTime` or `RestoreTime` properties in conjunction with the `SourceDBInstanceIdentifier` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n\n> - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n> - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n> - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.\n> - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n> - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .\n> - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.", - "title": "SourceDBInstanceIdentifier", - "type": "string" - }, - "SourceDbiResourceId": { - "markdownDescription": "The resource ID of the source DB instance from which to restore.", - "title": "SourceDbiResourceId", + "Name": { + "markdownDescription": "Name of the Resolver.", + "title": "Name", "type": "string" }, - "SourceRegion": { - "markdownDescription": "The ID of the region that contains the source DB instance for the read replica.", - "title": "SourceRegion", + "OutpostArn": { + "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", + "title": "OutpostArn", "type": "string" }, - "StorageEncrypted": { - "markdownDescription": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup.\n\nIf you specify `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the snapshot.\n\n*Amazon Aurora*\n\nNot applicable. The encryption for DB instances is managed by the DB cluster.", - "title": "StorageEncrypted", - "type": "boolean" - }, - "StorageThroughput": { - "markdownDescription": "Specifies the storage throughput value, in mebibyte per second (MiBps), for the DB instance. This setting applies only to the `gp3` storage type.\n\nThis setting doesn't apply to RDS Custom or Amazon Aurora.", - "title": "StorageThroughput", - "type": "number" - }, - "StorageType": { - "markdownDescription": "The storage type to associate with the DB instance.\n\nIf you specify `io1` , `io2` , or `gp3` , you must also include a value for the `Iops` parameter.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n\nValid Values: `gp2 | gp3 | io1 | io2 | standard`\n\nDefault: `io1` , if the `Iops` parameter is specified. Otherwise, `gp3` .", - "title": "StorageType", + "PreferredInstanceType": { + "markdownDescription": "The Amazon EC2 instance type. If you specify this, you must also specify a value for the `OutpostArn` .", + "title": "PreferredInstanceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the DB instance.", + "markdownDescription": "A key value pair that helps you identify a Route\u00a053 Resolver .", "title": "Tags", "type": "array" - }, - "Timezone": { - "markdownDescription": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .", - "title": "Timezone", - "type": "string" - }, - "UseDefaultProcessorFeatures": { - "markdownDescription": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n\nThis setting doesn't apply to RDS Custom DB instances.", - "title": "UseDefaultProcessorFeatures", - "type": "boolean" - }, - "UseLatestRestorableTime": { - "markdownDescription": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Can't be specified if the `RestoreTime` parameter is provided.", - "title": "UseLatestRestorableTime", - "type": "boolean" - }, - "VPCSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nIf you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.\n\n> You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n> \n> - You can't revert to using an RDS security group after you establish a VPC security group membership.\n> - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n> - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property. \n\nTo avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.\n\n*Amazon Aurora*\n\nNot applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", - "title": "VPCSecurityGroups", - "type": "array" } }, + "required": [ + "Name", + "OutpostArn", + "PreferredInstanceType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBInstance" + "AWS::Route53Resolver::OutpostResolver" ], "type": "string" }, @@ -225167,100 +277028,85 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::RDS::DBInstance.CertificateDetails": { + "AWS::Route53Resolver::ResolverConfig": { "additionalProperties": false, "properties": { - "CAIdentifier": { - "markdownDescription": "The CA identifier of the CA certificate used for the DB instance's server certificate.", - "title": "CAIdentifier", + "Condition": { "type": "string" }, - "ValidTill": { - "markdownDescription": "The expiration date of the DB instance\u2019s server certificate.", - "title": "ValidTill", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBInstance.DBInstanceRole": { - "additionalProperties": false, - "properties": { - "FeatureName": { - "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", - "title": "FeatureName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.", - "title": "RoleArn", - "type": "string" - } - }, - "required": [ - "FeatureName", - "RoleArn" - ], - "type": "object" - }, - "AWS::RDS::DBInstance.Endpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "Specifies the DNS address of the DB instance.", - "title": "Address", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "HostedZoneId": { - "markdownDescription": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.", - "title": "HostedZoneId", - "type": "string" + "Metadata": { + "type": "object" }, - "Port": { - "markdownDescription": "Specifies the port that the database engine is listening on.", - "title": "Port", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBInstance.MasterUserSecret": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", - "title": "KmsKeyId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "AutodefinedReverseFlag": { + "markdownDescription": "Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` .", + "title": "AutodefinedReverseFlag", + "type": "string" + }, + "ResourceId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud VPC or a Route 53 Profile that you're configuring Resolver for.", + "title": "ResourceId", + "type": "string" + } + }, + "required": [ + "AutodefinedReverseFlag", + "ResourceId" + ], + "type": "object" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the `Fn::GetAtt` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values) .", - "title": "SecretArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBInstance.ProcessorFeature": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the processor feature. Valid names are `coreCount` and `threadsPerCore` .", - "title": "Name", + "Type": { + "enum": [ + "AWS::Route53Resolver::ResolverConfig" + ], "type": "string" }, - "Value": { - "markdownDescription": "The value of a processor feature.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::RDS::DBParameterGroup": { + "AWS::Route53Resolver::ResolverDNSSECConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -225295,44 +277141,17 @@ "Properties": { "additionalProperties": false, "properties": { - "DBParameterGroupName": { - "markdownDescription": "The name of the DB parameter group.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens.\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nIf you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.\n\n> This value is stored as a lowercase string.", - "title": "DBParameterGroupName", - "type": "string" - }, - "Description": { - "markdownDescription": "Provides the customer-specified description for this DB parameter group.", - "title": "Description", - "type": "string" - }, - "Family": { - "markdownDescription": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n\nTo list all of the available parameter group families for a DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `\n\nFor example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`\n\n> The output contains duplicates. \n\nThe following are the valid DB engine values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `db2-ae`\n- `db2-se`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "Family", + "ResourceId": { + "markdownDescription": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.", + "title": "ResourceId", "type": "string" - }, - "Parameters": { - "markdownDescription": "A mapping of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n\nFor more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* , or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .\n\n> AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.", - "title": "Parameters", - "type": "object" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the DB parameter group.", - "title": "Tags", - "type": "array" } }, - "required": [ - "Description", - "Family" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBParameterGroup" + "AWS::Route53Resolver::ResolverDNSSECConfig" ], "type": "string" }, @@ -225346,12 +277165,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::DBProxy": { + "AWS::Route53Resolver::ResolverEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -225386,81 +277204,74 @@ "Properties": { "additionalProperties": false, "properties": { - "Auth": { + "Direction": { + "markdownDescription": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network\n- `INBOUND_DELEGATION` : Resolver delegates queries to Route 53 private hosted zones from your network.", + "title": "Direction", + "type": "string" + }, + "IpAddresses": { "items": { - "$ref": "#/definitions/AWS::RDS::DBProxy.AuthFormat" + "$ref": "#/definitions/AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest" }, - "markdownDescription": "The authorization mechanism that the proxy uses.", - "title": "Auth", + "markdownDescription": "The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.\n\n> Even though the minimum is 1, Route\u00a053 requires that you create at least two.", + "title": "IpAddresses", "type": "array" }, - "DBProxyName": { - "markdownDescription": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.", - "title": "DBProxyName", + "Name": { + "markdownDescription": "A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.", + "title": "Name", "type": "string" }, - "DebugLogging": { - "markdownDescription": "Specifies whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.", - "title": "DebugLogging", - "type": "boolean" - }, - "EngineFamily": { - "markdownDescription": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .", - "title": "EngineFamily", + "OutpostArn": { + "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", + "title": "OutpostArn", "type": "string" }, - "IdleClientTimeout": { - "markdownDescription": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.", - "title": "IdleClientTimeout", - "type": "number" - }, - "RequireTLS": { - "markdownDescription": "Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.", - "title": "RequireTLS", - "type": "boolean" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.", - "title": "RoleArn", + "PreferredInstanceType": { + "markdownDescription": "The Amazon EC2 instance type.", + "title": "PreferredInstanceType", "type": "string" }, - "Tags": { + "Protocols": { "items": { - "$ref": "#/definitions/AWS::RDS::DBProxy.TagFormat" + "type": "string" }, - "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", - "title": "Tags", + "markdownDescription": "Protocols used for the endpoint. DoH-FIPS is applicable for a default inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor a delegation inbound endpoint you can use Do53 only.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", + "title": "Protocols", "type": "array" }, - "VpcSecurityGroupIds": { + "ResolverEndpointType": { + "markdownDescription": "The Resolver endpoint IP address type.", + "title": "ResolverEndpointType", + "type": "string" + }, + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "One or more VPC security group IDs to associate with the new proxy.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.", - "title": "VpcSecurityGroupIds", + "markdownDescription": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.", + "title": "SecurityGroupIds", "type": "array" }, - "VpcSubnetIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more VPC subnet IDs to associate with the new proxy.", - "title": "VpcSubnetIds", + "markdownDescription": "Route 53 Resolver doesn't support updating tags through CloudFormation.", + "title": "Tags", "type": "array" } }, "required": [ - "Auth", - "DBProxyName", - "EngineFamily", - "RoleArn", - "VpcSubnetIds" + "Direction", + "IpAddresses", + "SecurityGroupIds" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBProxy" + "AWS::Route53Resolver::ResolverEndpoint" ], "type": "string" }, @@ -225479,54 +277290,31 @@ ], "type": "object" }, - "AWS::RDS::DBProxy.AuthFormat": { + "AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest": { "additionalProperties": false, "properties": { - "AuthScheme": { - "markdownDescription": "The type of authentication that the proxy uses for connections from the proxy to the underlying database.", - "title": "AuthScheme", - "type": "string" - }, - "ClientPasswordAuthType": { - "markdownDescription": "Specifies the details of authentication used by a proxy to log in as a specific database user.", - "title": "ClientPasswordAuthType", - "type": "string" - }, - "Description": { - "markdownDescription": "A user-specified description about the authentication used by a proxy to log in as a specific database user.", - "title": "Description", - "type": "string" - }, - "IAMAuth": { - "markdownDescription": "A value that indicates whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. The `ENABLED` value is valid only for proxies with RDS for Microsoft SQL Server.", - "title": "IAMAuth", + "Ip": { + "markdownDescription": "The IPv4 address that you want to use for DNS queries.", + "title": "Ip", "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.", - "title": "SecretArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBProxy.TagFormat": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Key", + "Ipv6": { + "markdownDescription": "The IPv6 address that you want to use for DNS queries.", + "title": "Ipv6", "type": "string" }, - "Value": { - "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Value", + "SubnetId": { + "markdownDescription": "The ID of the subnet that contains the IP address.", + "title": "SubnetId", "type": "string" } }, + "required": [ + "SubnetId" + ], "type": "object" }, - "AWS::RDS::DBProxyEndpoint": { + "AWS::Route53Resolver::ResolverQueryLoggingConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -225561,56 +277349,30 @@ "Properties": { "additionalProperties": false, "properties": { - "DBProxyEndpointName": { - "markdownDescription": "The name of the DB proxy endpoint to create.", - "title": "DBProxyEndpointName", + "DestinationArn": { + "markdownDescription": "The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.", + "title": "DestinationArn", "type": "string" }, - "DBProxyName": { - "markdownDescription": "The name of the DB proxy associated with the DB proxy endpoint that you create.", - "title": "DBProxyName", + "Name": { + "markdownDescription": "The name of the query logging configuration.", + "title": "Name", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::RDS::DBProxyEndpoint.TagFormat" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "markdownDescription": "", "title": "Tags", "type": "array" - }, - "TargetRole": { - "markdownDescription": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.", - "title": "TargetRole", - "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.", - "title": "VpcSecurityGroupIds", - "type": "array" - }, - "VpcSubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.", - "title": "VpcSubnetIds", - "type": "array" } }, - "required": [ - "DBProxyEndpointName", - "DBProxyName", - "VpcSubnetIds" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBProxyEndpoint" + "AWS::Route53Resolver::ResolverQueryLoggingConfig" ], "type": "string" }, @@ -225624,28 +277386,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::DBProxyEndpoint.TagFormat": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").", - "title": "Value", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RDS::DBProxyTargetGroup": { + "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -225680,47 +277425,22 @@ "Properties": { "additionalProperties": false, "properties": { - "ConnectionPoolConfigurationInfo": { - "$ref": "#/definitions/AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat", - "markdownDescription": "Displays the settings that control the size and behavior of the connection pool associated with a `DBProxyTarget` .", - "title": "ConnectionPoolConfigurationInfo" - }, - "DBClusterIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more DB cluster identifiers.", - "title": "DBClusterIdentifiers", - "type": "array" - }, - "DBInstanceIdentifiers": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more DB instance identifiers.", - "title": "DBInstanceIdentifiers", - "type": "array" - }, - "DBProxyName": { - "markdownDescription": "The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .", - "title": "DBProxyName", + "ResolverQueryLogConfigId": { + "markdownDescription": "The ID of the query logging configuration that a VPC is associated with.", + "title": "ResolverQueryLogConfigId", "type": "string" }, - "TargetGroupName": { - "markdownDescription": "The identifier for the target group.\n\n> Currently, this property must be set to `default` .", - "title": "TargetGroupName", + "ResourceId": { + "markdownDescription": "The ID of the Amazon VPC that is associated with the query logging configuration.", + "title": "ResourceId", "type": "string" } }, - "required": [ - "DBProxyName", - "TargetGroupName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBProxyTargetGroup" + "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation" ], "type": "string" }, @@ -225734,46 +277454,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat": { - "additionalProperties": false, - "properties": { - "ConnectionBorrowTimeout": { - "markdownDescription": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. This setting only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions.\n\nDefault: `120`\n\nConstraints:\n\n- Must be between 0 and 300.", - "title": "ConnectionBorrowTimeout", - "type": "number" - }, - "InitQuery": { - "markdownDescription": "Add an initialization query, or modify the current one. You can specify one or more SQL statements for the proxy to run when opening each new database connection. The setting is typically used with `SET` statements to make sure that each connection has identical settings. Make sure the query added here is valid. This is an optional field, so you can choose to leave it empty. For including multiple variables in a single SET statement, use a comma separator.\n\nFor example: `SET variable1=value1, variable2=value2`\n\nDefault: no initialization query\n\n> Since you can access initialization query as part of target group configuration, it is not protected by authentication or cryptographic methods. Anyone with access to view or manage your proxy target group configuration can view the initialization query. You should not add sensitive data, such as passwords or long-lived encryption keys, to this option.", - "title": "InitQuery", - "type": "string" - }, - "MaxConnectionsPercent": { - "markdownDescription": "The maximum size of the connection pool for each target in a target group. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.\n\nIf you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.\n\nDefault: `10` for RDS for Microsoft SQL Server, and `100` for all other engines\n\nConstraints:\n\n- Must be between 1 and 100.", - "title": "MaxConnectionsPercent", - "type": "number" - }, - "MaxIdleConnectionsPercent": { - "markdownDescription": "A value that controls how actively the proxy closes idle database connections in the connection pool. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.\n\nIf you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .\n\nDefault: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is `5` , and for all other engines, the default is `50` .\n\nConstraints:\n\n- Must be between 0 and the value of `MaxConnectionsPercent` .", - "title": "MaxIdleConnectionsPercent", - "type": "number" - }, - "SessionPinningFilters": { - "items": { - "type": "string" - }, - "markdownDescription": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior.\n\nDefault: no session pinning filters", - "title": "SessionPinningFilters", - "type": "array" - } - }, - "type": "object" - }, - "AWS::RDS::DBSecurityGroup": { + "AWS::Route53Resolver::ResolverRule": { "additionalProperties": false, "properties": { "Condition": { @@ -225808,42 +277493,56 @@ "Properties": { "additionalProperties": false, "properties": { - "DBSecurityGroupIngress": { - "items": { - "$ref": "#/definitions/AWS::RDS::DBSecurityGroup.Ingress" - }, - "markdownDescription": "Ingress rules to be applied to the DB security group.", - "title": "DBSecurityGroupIngress", - "type": "array" + "DelegationRecord": { + "markdownDescription": "DNS queries with delegation records that point to this domain name are forwarded to resolvers on your network.", + "title": "DelegationRecord", + "type": "string" }, - "EC2VpcId": { - "markdownDescription": "The identifier of an Amazon virtual private cloud (VPC). This property indicates the VPC that this DB security group belongs to.\n\n> This property is included for backwards compatibility and is no longer recommended for providing security information to an RDS DB instance.", - "title": "EC2VpcId", + "DomainName": { + "markdownDescription": "DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).", + "title": "DomainName", "type": "string" }, - "GroupDescription": { - "markdownDescription": "Provides the description of the DB security group.", - "title": "GroupDescription", + "Name": { + "markdownDescription": "The name for the Resolver rule, which you specified when you created the Resolver rule.", + "title": "Name", + "type": "string" + }, + "ResolverEndpointId": { + "markdownDescription": "The ID of the endpoint that the rule is associated with.", + "title": "ResolverEndpointId", + "type": "string" + }, + "RuleType": { + "markdownDescription": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` or `DELEGATE` . If a query matches multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains the most specific domain name (www.example.com).\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", + "title": "RuleType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide* .", + "markdownDescription": "Tags help organize and categorize your Resolver rules. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" + }, + "TargetIps": { + "items": { + "$ref": "#/definitions/AWS::Route53Resolver::ResolverRule.TargetAddress" + }, + "markdownDescription": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network.", + "title": "TargetIps", + "type": "array" } }, "required": [ - "DBSecurityGroupIngress", - "GroupDescription" + "RuleType" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBSecurityGroup" + "AWS::Route53Resolver::ResolverRule" ], "type": "string" }, @@ -225862,33 +277561,38 @@ ], "type": "object" }, - "AWS::RDS::DBSecurityGroup.Ingress": { + "AWS::Route53Resolver::ResolverRule.TargetAddress": { "additionalProperties": false, "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to authorize.", - "title": "CIDRIP", + "Ip": { + "markdownDescription": "One IPv4 address that you want to forward DNS queries to.", + "title": "Ip", "type": "string" }, - "EC2SecurityGroupId": { - "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupId", + "Ipv6": { + "markdownDescription": "One IPv6 address that you want to forward DNS queries to.", + "title": "Ipv6", "type": "string" }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupName", + "Port": { + "markdownDescription": "The port at `Ip` that you want to forward DNS queries to.", + "title": "Port", "type": "string" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupOwnerId", + "Protocol": { + "markdownDescription": "The protocols for the target address. The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.", + "title": "Protocol", + "type": "string" + }, + "ServerNameIndication": { + "markdownDescription": "The Server Name Indication of the DoH server that you want to forward queries to. This is only used if the Protocol of the `TargetAddress` is `DoH` .", + "title": "ServerNameIndication", "type": "string" } }, "type": "object" }, - "AWS::RDS::DBSecurityGroupIngress": { + "AWS::Route53Resolver::ResolverRuleAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -225923,40 +277627,31 @@ "Properties": { "additionalProperties": false, "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to authorize.", - "title": "CIDRIP", - "type": "string" - }, - "DBSecurityGroupName": { - "markdownDescription": "The name of the DB security group to add authorization to.", - "title": "DBSecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupId": { - "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupId", + "Name": { + "markdownDescription": "The name of an association between a Resolver rule and a VPC.", + "title": "Name", "type": "string" }, - "EC2SecurityGroupName": { - "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupName", + "ResolverRuleId": { + "markdownDescription": "The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` .", + "title": "ResolverRuleId", "type": "string" }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", - "title": "EC2SecurityGroupOwnerId", + "VPCId": { + "markdownDescription": "The ID of the VPC that you associated the Resolver rule with.", + "title": "VPCId", "type": "string" } }, "required": [ - "DBSecurityGroupName" + "ResolverRuleId", + "VPCId" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBSecurityGroupIngress" + "AWS::Route53Resolver::ResolverRuleAssociation" ], "type": "string" }, @@ -225975,7 +277670,7 @@ ], "type": "object" }, - "AWS::RDS::DBSubnetGroup": { + "AWS::S3::AccessGrant": { "additionalProperties": false, "properties": { "Condition": { @@ -226010,42 +277705,55 @@ "Properties": { "additionalProperties": false, "properties": { - "DBSubnetGroupDescription": { - "markdownDescription": "The description for the DB subnet group.", - "title": "DBSubnetGroupDescription", + "AccessGrantsLocationConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessGrant.AccessGrantsLocationConfiguration", + "markdownDescription": "The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.", + "title": "AccessGrantsLocationConfiguration" + }, + "AccessGrantsLocationId": { + "markdownDescription": "The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.", + "title": "AccessGrantsLocationId", "type": "string" }, - "DBSubnetGroupName": { - "markdownDescription": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints:\n\n- Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n- Must not be default.\n- First character must be a letter.\n\nExample: `mydbsubnetgroup`", - "title": "DBSubnetGroupName", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.", + "title": "ApplicationArn", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The EC2 Subnet IDs for the DB subnet group.", - "title": "SubnetIds", - "type": "array" + "Grantee": { + "$ref": "#/definitions/AWS::S3::AccessGrant.Grantee", + "markdownDescription": "The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.", + "title": "Grantee" + }, + "Permission": { + "markdownDescription": "The type of access that you are granting to your S3 data, which can be set to one of the following values:\n\n- `READ` \u2013 Grant read-only access to the S3 data.\n- `WRITE` \u2013 Grant write-only access to the S3 data.\n- `READWRITE` \u2013 Grant both read and write access to the S3 data.", + "title": "Permission", + "type": "string" + }, + "S3PrefixType": { + "markdownDescription": "The type of `S3SubPrefix` . The only possible value is `Object` . Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.", + "title": "S3PrefixType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the DB subnet group.", + "markdownDescription": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", "title": "Tags", "type": "array" } }, "required": [ - "DBSubnetGroupDescription", - "SubnetIds" + "AccessGrantsLocationId", + "Grantee", + "Permission" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::DBSubnetGroup" + "AWS::S3::AccessGrant" ], "type": "string" }, @@ -226064,7 +277772,41 @@ ], "type": "object" }, - "AWS::RDS::EventSubscription": { + "AWS::S3::AccessGrant.AccessGrantsLocationConfiguration": { + "additionalProperties": false, + "properties": { + "S3SubPrefix": { + "markdownDescription": "The `S3SubPrefix` is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default location `s3://` because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default location `s3://` , the `S3SubPrefx` can be a `/*` , so the full grant scope path would be `s3:///*` . Or the `S3SubPrefx` can be `/*` , so the full grant scope path would be `s3:///*` .\n\nIf the `S3SubPrefix` includes a prefix, append the wildcard character `*` after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.", + "title": "S3SubPrefix", + "type": "string" + } + }, + "required": [ + "S3SubPrefix" + ], + "type": "object" + }, + "AWS::S3::AccessGrant.Grantee": { + "additionalProperties": false, + "properties": { + "GranteeIdentifier": { + "markdownDescription": "The unique identifier of the `Grantee` . If the grantee type is `IAM` , the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . You can obtain this UUID from your AWS IAM Identity Center instance.", + "title": "GranteeIdentifier", + "type": "string" + }, + "GranteeType": { + "markdownDescription": "The type of the grantee to which access has been granted. It can be one of the following values:\n\n- `IAM` - An IAM user or role.\n- `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.\n- `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.", + "title": "GranteeType", + "type": "string" + } + }, + "required": [ + "GranteeIdentifier", + "GranteeType" + ], + "type": "object" + }, + "AWS::S3::AccessGrantsInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -226099,59 +277841,25 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.", - "title": "EventCategories", - "type": "array" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n\n> RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide* .", - "title": "SnsTopicArn", - "type": "string" - }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are supplied, `SourceType` must also be provided.\n- If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.\n- If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.\n- If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.\n- If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.\n- If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.\n- If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.\n- If the source type is an RDS Proxy, a `DBProxyName` value must be supplied.", - "title": "SourceIds", - "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to `db-instance` . For RDS Proxy events, specify `db-proxy` . If this value isn't specified, all events are returned.\n\nValid Values: `db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment`", - "title": "SourceType", - "type": "string" - }, - "SubscriptionName": { - "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be less than 255 characters.", - "title": "SubscriptionName", + "IdentityCenterArn": { + "markdownDescription": "If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center.", + "title": "IdentityCenterArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An optional array of key-value pairs to apply to this subscription.", + "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", "title": "Tags", "type": "array" } }, - "required": [ - "SnsTopicArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::EventSubscription" + "AWS::S3::AccessGrantsInstance" ], "type": "string" }, @@ -226165,12 +277873,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RDS::GlobalCluster": { + "AWS::S3::AccessGrantsLocation": { "additionalProperties": false, "properties": { "Condition": { @@ -226205,42 +277912,30 @@ "Properties": { "additionalProperties": false, "properties": { - "DeletionProtection": { - "markdownDescription": "Specifies whether to enable deletion protection for the new global database cluster. The global database can't be deleted when deletion protection is enabled.", - "title": "DeletionProtection", - "type": "boolean" - }, - "Engine": { - "markdownDescription": "The database engine to use for this global database cluster.\n\nValid Values: `aurora-mysql | aurora-postgresql`\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine of the source DB cluster.", - "title": "Engine", - "type": "string" - }, - "EngineVersion": { - "markdownDescription": "The engine version to use for this global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine version of the source DB cluster.", - "title": "EngineVersion", - "type": "string" - }, - "GlobalClusterIdentifier": { - "markdownDescription": "The cluster identifier for this global database cluster. This parameter is stored as a lowercase string.", - "title": "GlobalClusterIdentifier", + "IamRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.", + "title": "IamRoleArn", "type": "string" }, - "SourceDBClusterIdentifier": { - "markdownDescription": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database.\n\nIf you provide a value for this parameter, don't specify values for the following settings because Amazon Aurora uses the values from the specified source DB cluster:\n\n- `DatabaseName`\n- `Engine`\n- `EngineVersion`\n- `StorageEncrypted`", - "title": "SourceDBClusterIdentifier", + "LocationScope": { + "markdownDescription": "The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://` , the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.", + "title": "LocationScope", "type": "string" }, - "StorageEncrypted": { - "markdownDescription": "Specifies whether to enable storage encryption for the new global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the setting from the source DB cluster.", - "title": "StorageEncrypted", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "title": "Tags", + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::RDS::GlobalCluster" + "AWS::S3::AccessGrantsLocation" ], "type": "string" }, @@ -226258,7 +277953,7 @@ ], "type": "object" }, - "AWS::RDS::Integration": { + "AWS::S3::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -226293,65 +277988,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalEncryptionContext": { - "additionalProperties": true, - "markdownDescription": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *AWS Key Management Service Developer Guide* .\n\nYou can only include this parameter if you specify the `KMSKeyId` parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalEncryptionContext", - "type": "object" - }, - "DataFilter": { - "markdownDescription": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse.", - "title": "DataFilter", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the integration.", - "title": "Description", + "Bucket": { + "markdownDescription": "The name of the bucket associated with this access point.", + "title": "Bucket", "type": "string" }, - "IntegrationName": { - "markdownDescription": "The name of the integration.", - "title": "IntegrationName", + "BucketAccountId": { + "markdownDescription": "The AWS account ID associated with the S3 bucket associated with this access point.", + "title": "BucketAccountId", "type": "string" }, - "KMSKeyId": { - "markdownDescription": "The AWS Key Management System ( AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key.", - "title": "KMSKeyId", + "Name": { + "markdownDescription": "The name of this access point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", + "title": "Name", "type": "string" }, - "SourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the database to use as the source for replication.", - "title": "SourceArn", - "type": "string" + "Policy": { + "markdownDescription": "The access point policy associated with this access point.", + "title": "Policy", + "type": "object" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An optional array of key-value pairs to apply to this integration.", - "title": "Tags", - "type": "array" + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", + "title": "PublicAccessBlockConfiguration" }, - "TargetArn": { - "markdownDescription": "The ARN of the Redshift data warehouse to use as the target for replication.", - "title": "TargetArn", - "type": "string" + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3::AccessPoint.VpcConfiguration", + "markdownDescription": "The Virtual Private Cloud (VPC) configuration for this access point, if one exists.", + "title": "VpcConfiguration" } }, "required": [ - "SourceArn", - "TargetArn" + "Bucket" ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::Integration" + "AWS::S3::AccessPoint" ], "type": "string" }, @@ -226370,7 +278045,44 @@ ], "type": "object" }, - "AWS::RDS::OptionGroup": { + "AWS::S3::AccessPoint.PublicAccessBlockConfiguration": { + "additionalProperties": false, + "properties": { + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::AccessPoint.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "If this field is specified, the access point will only allow connections from the specified VPC ID.", + "title": "VpcId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket": { "additionalProperties": false, "properties": { "Condition": { @@ -226405,1911 +278117,1685 @@ "Properties": { "additionalProperties": false, "properties": { - "EngineName": { - "markdownDescription": "Specifies the name of the engine that this option group should be associated with.\n\nValid Values:\n\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", - "title": "EngineName", - "type": "string" + "AccelerateConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.AccelerateConfiguration", + "markdownDescription": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide* .", + "title": "AccelerateConfiguration" }, - "MajorEngineVersion": { - "markdownDescription": "Specifies the major version of the engine that this option group should be associated with.", - "title": "MajorEngineVersion", + "AccessControl": { + "markdownDescription": "> This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide* . \n\nA canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* .\n\nS3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n\nThe majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html) . For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide* .", + "title": "AccessControl", "type": "string" }, - "OptionConfigurations": { + "AnalyticsConfigurations": { "items": { - "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionConfiguration" + "$ref": "#/definitions/AWS::S3::Bucket.AnalyticsConfiguration" }, - "markdownDescription": "A list of all available options for an option group.", - "title": "OptionConfigurations", + "markdownDescription": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", + "title": "AnalyticsConfigurations", "type": "array" }, - "OptionGroupDescription": { - "markdownDescription": "The description of the option group.", - "title": "OptionGroupDescription", - "type": "string" + "BucketEncryption": { + "$ref": "#/definitions/AWS::S3::Bucket.BucketEncryption", + "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide* .", + "title": "BucketEncryption" }, - "OptionGroupName": { - "markdownDescription": "The name of the option group to be created.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nExample: `myoptiongroup`\n\nIf you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.\n\n> This value is stored as a lowercase string.", - "title": "OptionGroupName", + "BucketName": { + "markdownDescription": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", "type": "string" }, + "CorsConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", + "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", + "title": "CorsConfiguration" + }, + "IntelligentTieringConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.IntelligentTieringConfiguration" + }, + "markdownDescription": "Defines how Amazon S3 handles Intelligent-Tiering storage.", + "title": "IntelligentTieringConfigurations", + "type": "array" + }, + "InventoryConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.InventoryConfiguration" + }, + "markdownDescription": "Specifies the S3 Inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", + "title": "InventoryConfigurations", + "type": "array" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.LifecycleConfiguration", + "markdownDescription": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", + "title": "LifecycleConfiguration" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.LoggingConfiguration", + "markdownDescription": "Settings that define where logs are stored.", + "title": "LoggingConfiguration" + }, + "MetadataConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataConfiguration", + "markdownDescription": "The S3 Metadata configuration for a general purpose bucket.", + "title": "MetadataConfiguration" + }, + "MetadataTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableConfiguration", + "markdownDescription": "The metadata table configuration of an Amazon S3 general purpose bucket.", + "title": "MetadataTableConfiguration" + }, + "MetricsConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.MetricsConfiguration" + }, + "markdownDescription": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", + "title": "MetricsConfigurations", + "type": "array" + }, + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationConfiguration", + "markdownDescription": "Configuration that defines how Amazon S3 handles bucket notifications.", + "title": "NotificationConfiguration" + }, + "ObjectLockConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockConfiguration", + "markdownDescription": "> This operation is not supported for directory buckets. \n\nPlaces an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) .\n\n> - The `DefaultRetention` settings require both a mode and a period.\n> - The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time.\n> - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) .", + "title": "ObjectLockConfiguration" + }, + "ObjectLockEnabled": { + "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", + "title": "ObjectLockEnabled", + "type": "boolean" + }, + "OwnershipControls": { + "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControls", + "markdownDescription": "Configuration that defines how Amazon S3 handles Object Ownership rules.", + "title": "OwnershipControls" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.PublicAccessBlockConfiguration", + "markdownDescription": "Configuration that defines how Amazon S3 handles public access.", + "title": "PublicAccessBlockConfiguration" + }, + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationConfiguration", + "markdownDescription": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the `VersioningConfiguration` property.\n\nAmazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.", + "title": "ReplicationConfiguration" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to assign to the option group.", + "markdownDescription": "An arbitrary set of tags (key-value pairs) for this S3 bucket.", "title": "Tags", "type": "array" + }, + "VersioningConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.VersioningConfiguration", + "markdownDescription": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n\n> When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations ( `PUT` or `DELETE` ) on objects in the bucket.", + "title": "VersioningConfiguration" + }, + "WebsiteConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.WebsiteConfiguration", + "markdownDescription": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) .", + "title": "WebsiteConfiguration" } }, - "required": [ - "EngineName", - "MajorEngineVersion", - "OptionGroupDescription" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RDS::OptionGroup" + "AWS::S3::Bucket" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" ], "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::S3::Bucket.AbortIncompleteMultipartUpload": { + "additionalProperties": false, + "properties": { + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.", + "title": "DaysAfterInitiation", + "type": "number" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "AWS::S3::Bucket.AccelerateConfiguration": { + "additionalProperties": false, + "properties": { + "AccelerationStatus": { + "markdownDescription": "Specifies the transfer acceleration status of the bucket.", + "title": "AccelerationStatus", + "type": "string" + } + }, + "required": [ + "AccelerationStatus" + ], + "type": "object" + }, + "AWS::S3::Bucket.AccessControlTranslation": { + "additionalProperties": false, + "properties": { + "Owner": { + "markdownDescription": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference* .", + "title": "Owner", + "type": "string" + } + }, + "required": [ + "Owner" + ], + "type": "object" + }, + "AWS::S3::Bucket.AnalyticsConfiguration": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID that identifies the analytics configuration.", + "title": "Id", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix that an object must have to be included in the analytics results.", + "title": "Prefix", + "type": "string" + }, + "StorageClassAnalysis": { + "$ref": "#/definitions/AWS::S3::Bucket.StorageClassAnalysis", + "markdownDescription": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.", + "title": "StorageClassAnalysis" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "The tags to use when evaluating an analytics filter.\n\nThe analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.", + "title": "TagFilters", + "type": "array" + } + }, + "required": [ + "Id", + "StorageClassAnalysis" + ], + "type": "object" + }, + "AWS::S3::Bucket.BucketEncryption": { + "additionalProperties": false, + "properties": { + "ServerSideEncryptionConfiguration": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionRule" + }, + "markdownDescription": "Specifies the default server-side-encryption configuration.", + "title": "ServerSideEncryptionConfiguration", + "type": "array" + } + }, + "required": [ + "ServerSideEncryptionConfiguration" + ], + "type": "object" + }, + "AWS::S3::Bucket.CorsConfiguration": { + "additionalProperties": false, + "properties": { + "CorsRules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.CorsRule" + }, + "markdownDescription": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.", + "title": "CorsRules", + "type": "array" + } + }, + "required": [ + "CorsRules" + ], + "type": "object" + }, + "AWS::S3::Bucket.CorsRule": { + "additionalProperties": false, + "properties": { + "AllowedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "Headers that are specified in the `Access-Control-Request-Headers` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.", + "title": "AllowedHeaders", + "type": "array" + }, + "AllowedMethods": { + "items": { + "type": "string" + }, + "markdownDescription": "An HTTP method that you allow the origin to run.\n\n*Allowed values* : `GET` | `PUT` | `HEAD` | `POST` | `DELETE`", + "title": "AllowedMethods", + "type": "array" + }, + "AllowedOrigins": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more origins you want customers to be able to access the bucket from.", + "title": "AllowedOrigins", + "type": "array" + }, + "ExposedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).", + "title": "ExposedHeaders", + "type": "array" + }, + "Id": { + "markdownDescription": "A unique identifier for this rule. The value must be no more than 255 characters.", + "title": "Id", + "type": "string" + }, + "MaxAge": { + "markdownDescription": "The time in seconds that your browser is to cache the preflight response for the specified resource.", + "title": "MaxAge", + "type": "number" + } + }, + "required": [ + "AllowedMethods", + "AllowedOrigins" + ], + "type": "object" + }, + "AWS::S3::Bucket.DataExport": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.Destination", + "markdownDescription": "The place to store the data for an analysis.", + "title": "Destination" + }, + "OutputSchemaVersion": { + "markdownDescription": "The version of the output schema to use when exporting data. Must be `V_1` .", + "title": "OutputSchemaVersion", + "type": "string" + } + }, + "required": [ + "Destination", + "OutputSchemaVersion" + ], + "type": "object" + }, + "AWS::S3::Bucket.DefaultRetention": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Days", + "type": "number" + }, + "Mode": { + "markdownDescription": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Mode", + "type": "string" + }, + "Years": { + "markdownDescription": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", + "title": "Years", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.DeleteMarkerReplication": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Indicates whether to replicate delete markers. Disabled by default.", + "title": "Status", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.Destination": { + "additionalProperties": false, + "properties": { + "BucketAccountId": { + "markdownDescription": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n\n> Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.", + "title": "BucketAccountId", + "type": "string" + }, + "BucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bucket to which data is exported.", + "title": "BucketArn", + "type": "string" + }, + "Format": { + "markdownDescription": "Specifies the file format used when exporting data to Amazon S3.\n\n*Allowed values* : `CSV` | `ORC` | `Parquet`", + "title": "Format", + "type": "string" + }, + "Prefix": { + "markdownDescription": "The prefix to use when exporting data. The prefix is prepended to all results.", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "BucketArn", + "Format" + ], + "type": "object" + }, + "AWS::S3::Bucket.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "ReplicaKmsKeyID": { + "markdownDescription": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "ReplicaKmsKeyID", + "type": "string" + } + }, + "required": [ + "ReplicaKmsKeyID" + ], + "type": "object" + }, + "AWS::S3::Bucket.EventBridgeConfiguration": { + "additionalProperties": false, + "properties": { + "EventBridgeEnabled": { + "markdownDescription": "Enables delivery of events to Amazon EventBridge.", + "title": "EventBridgeEnabled", + "type": "boolean" + } + }, + "required": [ + "EventBridgeEnabled" + ], + "type": "object" + }, + "AWS::S3::Bucket.FilterRule": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that the filter searches for in object key names.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::S3::Bucket.IntelligentTieringConfiguration": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID used to identify the S3 Intelligent-Tiering configuration.", + "title": "Id", + "type": "string" + }, + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", + "title": "Prefix", + "type": "string" + }, + "Status": { + "markdownDescription": "Specifies the status of the configuration.", + "title": "Status", + "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "A container for a key-value pair.", + "title": "TagFilters", + "type": "array" + }, + "Tierings": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Tiering" + }, + "markdownDescription": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` .\n\n> You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.", + "title": "Tierings", + "type": "array" + } + }, + "required": [ + "Id", + "Status", + "Tierings" + ], + "type": "object" + }, + "AWS::S3::Bucket.InventoryConfiguration": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.Destination", + "markdownDescription": "Contains information about where to publish the inventory results.", + "title": "Destination" + }, + "Enabled": { + "markdownDescription": "Specifies whether the inventory is enabled or disabled. If set to `True` , an inventory list is generated. If set to `False` , no inventory list is generated.", + "title": "Enabled", + "type": "boolean" + }, + "Id": { + "markdownDescription": "The ID used to identify the inventory configuration.", + "title": "Id", + "type": "string" + }, + "IncludedObjectVersions": { + "markdownDescription": "Object versions to include in the inventory list. If set to `All` , the list includes all the object versions, which adds the version-related fields `VersionId` , `IsLatest` , and `DeleteMarker` to the list. If set to `Current` , the list does not contain these version-related fields.", + "title": "IncludedObjectVersions", + "type": "string" + }, + "OptionalFields": { + "items": { + "type": "string" + }, + "markdownDescription": "Contains the optional fields that are included in the inventory results.", + "title": "OptionalFields", + "type": "array" + }, + "Prefix": { + "markdownDescription": "Specifies the inventory filter prefix.", + "title": "Prefix", + "type": "string" + }, + "ScheduleFrequency": { + "markdownDescription": "Specifies the schedule for generating inventory results.", + "title": "ScheduleFrequency", + "type": "string" + } + }, + "required": [ + "Destination", + "Enabled", + "Id", + "IncludedObjectVersions", + "ScheduleFrequency" + ], + "type": "object" + }, + "AWS::S3::Bucket.InventoryTableConfiguration": { + "additionalProperties": false, + "properties": { + "ConfigurationState": { + "markdownDescription": "The configuration state of the inventory table, indicating whether the inventory table is enabled or disabled.", + "title": "ConfigurationState", + "type": "string" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableEncryptionConfiguration", + "markdownDescription": "The encryption configuration for the inventory table.", + "title": "EncryptionConfiguration" + }, + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the inventory table.", + "title": "TableArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the inventory table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "ConfigurationState" + ], + "type": "object" + }, + "AWS::S3::Bucket.JournalTableConfiguration": { + "additionalProperties": false, + "properties": { + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataTableEncryptionConfiguration", + "markdownDescription": "The encryption configuration for the journal table.", + "title": "EncryptionConfiguration" + }, + "RecordExpiration": { + "$ref": "#/definitions/AWS::S3::Bucket.RecordExpiration", + "markdownDescription": "The journal table record expiration settings for the journal table.", + "title": "RecordExpiration" + }, + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the journal table.", + "title": "TableArn", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the journal table.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "RecordExpiration" + ], + "type": "object" + }, + "AWS::S3::Bucket.LambdaConfiguration": { + "additionalProperties": false, + "properties": { + "Event": { + "markdownDescription": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", + "title": "Filter" + }, + "Function": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.", + "title": "Function", + "type": "string" + } + }, + "required": [ + "Event", + "Function" + ], + "type": "object" + }, + "AWS::S3::Bucket.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Rule" + }, + "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 bucket.", + "title": "Rules", + "type": "array" + }, + "TransitionDefaultMinimumObjectSize": { + "markdownDescription": "Indicates which default minimum object size behavior is applied to the lifecycle configuration.\n\n> This parameter applies to general purpose buckets only. It isn't supported for directory bucket lifecycle configurations. \n\n- `all_storage_classes_128K` - Objects smaller than 128 KB will not transition to any storage class by default.\n- `varies_by_storage_class` - Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes. By default, all other storage classes will prevent transitions smaller than 128 KB.\n\nTo customize the minimum object size for any transition you can add a filter that specifies a custom `ObjectSizeGreaterThan` or `ObjectSizeLessThan` in the body of your transition rule. Custom filters always take precedence over the default transition behavior.", + "title": "TransitionDefaultMinimumObjectSize", + "type": "string" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3::Bucket.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationBucketName": { + "markdownDescription": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the `LoggingConfiguration` property is defined.", + "title": "DestinationBucketName", + "type": "string" + }, + "LogFilePrefix": { + "markdownDescription": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", + "title": "LogFilePrefix", + "type": "string" + }, + "TargetObjectKeyFormat": { + "$ref": "#/definitions/AWS::S3::Bucket.TargetObjectKeyFormat", + "markdownDescription": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.", + "title": "TargetObjectKeyFormat" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.MetadataConfiguration": { + "additionalProperties": false, + "properties": { + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.MetadataDestination", + "markdownDescription": "The destination information for the S3 Metadata configuration.", + "title": "Destination" + }, + "InventoryTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.InventoryTableConfiguration", + "markdownDescription": "The inventory table configuration for a metadata configuration.", + "title": "InventoryTableConfiguration" + }, + "JournalTableConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.JournalTableConfiguration", + "markdownDescription": "The journal table configuration for a metadata configuration.", + "title": "JournalTableConfiguration" + } + }, + "required": [ + "JournalTableConfiguration" + ], + "type": "object" + }, + "AWS::S3::Bucket.MetadataDestination": { + "additionalProperties": false, + "properties": { + "TableBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the table bucket where the metadata configuration is stored.", + "title": "TableBucketArn", + "type": "string" + }, + "TableBucketType": { + "markdownDescription": "The type of the table bucket where the metadata configuration is stored. The `aws` value indicates an AWS managed table bucket, and the `customer` value indicates a customer-managed table bucket. V2 metadata configurations are stored in AWS managed table buckets, and V1 metadata configurations are stored in customer-managed table buckets.", + "title": "TableBucketType", + "type": "string" + }, + "TableNamespace": { + "markdownDescription": "The namespace in the table bucket where the metadata tables for a metadata configuration are stored.", + "title": "TableNamespace", + "type": "string" + } + }, + "required": [ + "TableBucketType" + ], + "type": "object" + }, + "AWS::S3::Bucket.MetadataTableConfiguration": { + "additionalProperties": false, + "properties": { + "S3TablesDestination": { + "$ref": "#/definitions/AWS::S3::Bucket.S3TablesDestination", + "markdownDescription": "The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "S3TablesDestination" + } + }, + "required": [ + "S3TablesDestination" + ], + "type": "object" + }, + "AWS::S3::Bucket.MetadataTableEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "markdownDescription": "If server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS) is specified, you must also specify the KMS key Amazon Resource Name (ARN). You must specify a customer-managed KMS key that's located in the same Region as the general purpose bucket that corresponds to the metadata table configuration.", + "title": "KmsKeyArn", + "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SseAlgorithm": { + "markdownDescription": "The encryption type specified for a metadata table. To specify server-side encryption with AWS Key Management Service ( AWS KMS ) keys (SSE-KMS), use the `aws:kms` value. To specify server-side encryption with Amazon S3 managed keys (SSE-S3), use the `AES256` value.", + "title": "SseAlgorithm", "type": "string" } }, "required": [ - "Type", - "Properties" + "SseAlgorithm" ], "type": "object" }, - "AWS::RDS::OptionGroup.OptionConfiguration": { + "AWS::S3::Bucket.Metrics": { "additionalProperties": false, "properties": { - "DBSecurityGroupMemberships": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of DB security groups used for this option.", - "title": "DBSecurityGroupMemberships", - "type": "array" + "EventThreshold": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", + "markdownDescription": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", + "title": "EventThreshold" }, - "OptionName": { - "markdownDescription": "The configuration of options to include in a group.", - "title": "OptionName", + "Status": { + "markdownDescription": "Specifies whether the replication metrics are enabled.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::S3::Bucket.MetricsConfiguration": { + "additionalProperties": false, + "properties": { + "AccessPointArn": { + "markdownDescription": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.", + "title": "AccessPointArn", "type": "string" }, - "OptionSettings": { - "items": { - "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionSetting" - }, - "markdownDescription": "The option settings to include in an option group.", - "title": "OptionSettings", - "type": "array" - }, - "OptionVersion": { - "markdownDescription": "The version for the option.", - "title": "OptionVersion", + "Id": { + "markdownDescription": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.", + "title": "Id", "type": "string" }, - "Port": { - "markdownDescription": "The optional port for the option.", - "title": "Port", - "type": "number" + "Prefix": { + "markdownDescription": "The prefix that an object must have to be included in the metrics results.", + "title": "Prefix", + "type": "string" }, - "VpcSecurityGroupMemberships": { + "TagFilters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" }, - "markdownDescription": "A list of VPC security group names used for this option.", - "title": "VpcSecurityGroupMemberships", + "markdownDescription": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.", + "title": "TagFilters", "type": "array" } }, "required": [ - "OptionName" + "Id" ], "type": "object" }, - "AWS::RDS::OptionGroup.OptionSetting": { + "AWS::S3::Bucket.NoncurrentVersionExpiration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the option that has settings that you can set.", - "title": "Name", - "type": "string" + "NewerNoncurrentVersions": { + "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", + "title": "NewerNoncurrentVersions", + "type": "number" }, - "Value": { - "markdownDescription": "The current value of the option setting.", - "title": "Value", - "type": "string" + "NoncurrentDays": { + "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", + "title": "NoncurrentDays", + "type": "number" } }, + "required": [ + "NoncurrentDays" + ], "type": "object" }, - "AWS::RUM::AppMonitor": { + "AWS::S3::Bucket.NoncurrentVersionTransition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppMonitorConfiguration": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.AppMonitorConfiguration", - "markdownDescription": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions.", - "title": "AppMonitorConfiguration" - }, - "CustomEvents": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.CustomEvents", - "markdownDescription": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` .", - "title": "CustomEvents" - }, - "CwLogEnabled": { - "markdownDescription": "Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges.\n\nIf you omit this parameter, the default is `false` .", - "title": "CwLogEnabled", - "type": "boolean" - }, - "Domain": { - "markdownDescription": "The top-level internet domain name for which your application has administrative authority. This parameter or the `DomainList` parameter is required.", - "title": "Domain", - "type": "string" - }, - "Name": { - "markdownDescription": "A name for the app monitor. This parameter is required.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Domain", - "Name" - ], - "type": "object" + "NewerNoncurrentVersions": { + "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", + "title": "NewerNoncurrentVersions", + "type": "number" }, - "Type": { - "enum": [ - "AWS::RUM::AppMonitor" - ], + "StorageClass": { + "markdownDescription": "The class of storage used to store the object.", + "title": "StorageClass", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TransitionInDays": { + "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", + "title": "TransitionInDays", + "type": "number" } }, "required": [ - "Type", - "Properties" + "StorageClass", + "TransitionInDays" ], "type": "object" }, - "AWS::RUM::AppMonitor.AppMonitorConfiguration": { + "AWS::S3::Bucket.NotificationConfiguration": { "additionalProperties": false, "properties": { - "AllowCookies": { - "markdownDescription": "If you set this to `true` , the CloudWatch RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the CloudWatch RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page.", - "title": "AllowCookies", - "type": "boolean" - }, - "EnableXRay": { - "markdownDescription": "If you set this to `true` , CloudWatch RUM sends client-side traces to X-Ray for each sampled session. You can then see traces and segments from these user sessions in the RUM dashboard and the CloudWatch ServiceLens console. For more information, see [What is AWS X-Ray ?](https://docs.aws.amazon.com/xray/latest/devguide/aws-xray.html)", - "title": "EnableXRay", - "type": "boolean" - }, - "ExcludedPages": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of URLs in your website or application to exclude from RUM data collection.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", - "title": "ExcludedPages", - "type": "array" - }, - "FavoritePages": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of pages in your application that are to be displayed with a \"favorite\" icon in the CloudWatch RUM console.", - "title": "FavoritePages", - "type": "array" - }, - "GuestRoleArn": { - "markdownDescription": "The ARN of the guest IAM role that is attached to the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", - "title": "GuestRoleArn", - "type": "string" - }, - "IdentityPoolId": { - "markdownDescription": "The ID of the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", - "title": "IdentityPoolId", - "type": "string" + "EventBridgeConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.EventBridgeConfiguration", + "markdownDescription": "Enables delivery of events to Amazon EventBridge.", + "title": "EventBridgeConfiguration" }, - "IncludedPages": { + "LambdaConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::S3::Bucket.LambdaConfiguration" }, - "markdownDescription": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", - "title": "IncludedPages", + "markdownDescription": "Describes the AWS Lambda functions to invoke and the events for which to invoke them.", + "title": "LambdaConfigurations", "type": "array" }, - "MetricDestinations": { + "QueueConfigurations": { "items": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDestination" + "$ref": "#/definitions/AWS::S3::Bucket.QueueConfiguration" }, - "markdownDescription": "An array of structures that each define a destination that this app monitor will send extended metrics to.", - "title": "MetricDestinations", + "markdownDescription": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.", + "title": "QueueConfigurations", "type": "array" }, - "SessionSampleRate": { - "markdownDescription": "Specifies the portion of user sessions to use for CloudWatch RUM data collection. Choosing a higher portion gives you more data but also incurs more costs.\n\nThe range for this value is 0 to 1 inclusive. Setting this to 1 means that 100% of user sessions are sampled, and setting it to 0.1 means that 10% of user sessions are sampled.\n\nIf you omit this parameter, the default of 0.1 is used, and 10% of sessions will be sampled.", - "title": "SessionSampleRate", - "type": "number" - }, - "Telemetries": { + "TopicConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::S3::Bucket.TopicConfiguration" }, - "markdownDescription": "An array that lists the types of telemetry data that this app monitor is to collect.\n\n- `errors` indicates that RUM collects data about unhandled JavaScript errors raised by your application.\n- `performance` indicates that RUM collects performance data about how your application and its resources are loaded and rendered. This includes Core Web Vitals.\n- `http` indicates that RUM collects data about HTTP errors thrown by your application.", - "title": "Telemetries", + "markdownDescription": "The topic to which notifications are sent and the events for which notifications are generated.", + "title": "TopicConfigurations", "type": "array" } }, "type": "object" }, - "AWS::RUM::AppMonitor.CustomEvents": { + "AWS::S3::Bucket.NotificationFilter": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Set this to `ENABLED` to allow the web client to send custom events for this app monitor.\n\nValid values are `ENABLED` and `DISABLED` .", - "title": "Status", - "type": "string" + "S3Key": { + "$ref": "#/definitions/AWS::S3::Bucket.S3KeyFilter", + "markdownDescription": "A container for object key name prefix and suffix filtering rules.", + "title": "S3Key" } }, + "required": [ + "S3Key" + ], "type": "object" }, - "AWS::RUM::AppMonitor.MetricDefinition": { + "AWS::S3::Bucket.ObjectLockConfiguration": { "additionalProperties": false, "properties": { - "DimensionKeys": { - "additionalProperties": true, - "markdownDescription": "This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch . The value of this field is used only if the metric destination is `CloudWatch` . If the metric destination is `Evidently` , the value of `DimensionKeys` is ignored.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "DimensionKeys", - "type": "object" - }, - "EventPattern": { - "markdownDescription": "The pattern that defines the metric. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination.\n\nIf the metrics destination is `CloudWatch` and the event also matches a value in `DimensionKeys` , then the metric is published with the specified dimensions.", - "title": "EventPattern", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the metric that is defined in this structure.", - "title": "Name", - "type": "string" - }, - "Namespace": { - "markdownDescription": "If you are creating a custom metric instead of an extended metrics, use this parameter to define the metric namespace for that custom metric. Do not specify this parameter if you are creating an extended metric.\n\nYou can't use any string that starts with `AWS/` for your namespace.", - "title": "Namespace", - "type": "string" - }, - "UnitLabel": { - "markdownDescription": "Use this field only if you are sending this metric to CloudWatch . It defines the CloudWatch metric unit that this metric is measured in.", - "title": "UnitLabel", + "ObjectLockEnabled": { + "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", + "title": "ObjectLockEnabled", "type": "string" }, - "ValueKey": { - "markdownDescription": "The field within the event object that the metric value is sourced from.", - "title": "ValueKey", - "type": "string" + "Rule": { + "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockRule", + "markdownDescription": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply `ObjectLockConfiguration` to a bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", + "title": "Rule" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::RUM::AppMonitor.MetricDestination": { + "AWS::S3::Bucket.ObjectLockRule": { "additionalProperties": false, "properties": { - "Destination": { - "markdownDescription": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently` . If you specify `Evidently` , you must also specify the ARN of the CloudWatch Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.", - "title": "Destination", - "type": "string" - }, - "DestinationArn": { - "markdownDescription": "Use this parameter only if `Destination` is `Evidently` . This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.", - "title": "DestinationArn", - "type": "string" - }, - "IamRoleArn": { - "markdownDescription": "This parameter is required if `Destination` is `Evidently` . If `Destination` is `CloudWatch` , do not use this parameter.\n\nThis parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment.", - "title": "IamRoleArn", - "type": "string" - }, - "MetricDefinitions": { + "DefaultRetention": { + "$ref": "#/definitions/AWS::S3::Bucket.DefaultRetention", + "markdownDescription": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", + "title": "DefaultRetention" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.OwnershipControls": { + "additionalProperties": false, + "properties": { + "Rules": { "items": { - "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDefinition" + "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControlsRule" }, - "markdownDescription": "An array of structures which define the metrics that you want to send.", - "title": "MetricDefinitions", + "markdownDescription": "Specifies the container element for Object Ownership rules.", + "title": "Rules", "type": "array" } }, "required": [ - "Destination" + "Rules" ], "type": "object" }, - "AWS::Redshift::Cluster": { + "AWS::S3::Bucket.OwnershipControlsRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AllowVersionUpgrade": { - "markdownDescription": "If `true` , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster.\n\nWhen a new major version of the Amazon Redshift engine is released, you can request that the service automatically apply upgrades during the maintenance window to the Amazon Redshift engine that is running on your cluster.\n\nDefault: `true`", - "title": "AllowVersionUpgrade", - "type": "boolean" - }, - "AquaConfigurationStatus": { - "markdownDescription": "This parameter is retired. It does not set the AQUA configuration status. Amazon Redshift automatically determines whether to use AQUA (Advanced Query Accelerator).", - "title": "AquaConfigurationStatus", - "type": "string" - }, - "AutomatedSnapshotRetentionPeriod": { - "markdownDescription": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with [CreateClusterSnapshot](https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html) in the *Amazon Redshift API Reference* .\n\nDefault: `1`\n\nConstraints: Must be a value from 0 to 35.", - "title": "AutomatedSnapshotRetentionPeriod", - "type": "number" - }, - "AvailabilityZone": { - "markdownDescription": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n\nDefault: A random, system-chosen Availability Zone in the region that is specified by the endpoint.\n\nExample: `us-east-2d`\n\nConstraint: The specified Availability Zone must be in the same region as the current endpoint.", - "title": "AvailabilityZone", - "type": "string" - }, - "AvailabilityZoneRelocation": { - "markdownDescription": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster is created.", - "title": "AvailabilityZoneRelocation", - "type": "boolean" - }, - "AvailabilityZoneRelocationStatus": { - "markdownDescription": "Describes the status of the Availability Zone relocation operation.", - "title": "AvailabilityZoneRelocationStatus", - "type": "string" - }, - "Classic": { - "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", - "title": "Classic", - "type": "boolean" - }, - "ClusterIdentifier": { - "markdownDescription": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. The identifier also appears in the Amazon Redshift console.\n\nConstraints:\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- Alphabetic characters must be lowercase.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n- Must be unique for all clusters within an AWS account .\n\nExample: `myexamplecluster`", - "title": "ClusterIdentifier", - "type": "string" - }, - "ClusterParameterGroupName": { - "markdownDescription": "The name of the parameter group to be associated with this cluster.\n\nDefault: The default Amazon Redshift cluster parameter group. For information about the default parameter group, go to [Working with Amazon Redshift Parameter Groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n\nConstraints:\n\n- Must be 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "ClusterParameterGroupName", - "type": "string" - }, - "ClusterSecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups to be associated with this cluster.\n\nDefault: The default cluster security group for Amazon Redshift.", - "title": "ClusterSecurityGroups", - "type": "array" - }, - "ClusterSubnetGroupName": { - "markdownDescription": "The name of a cluster subnet group to be associated with this cluster.\n\nIf this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).", - "title": "ClusterSubnetGroupName", - "type": "string" - }, - "ClusterType": { - "markdownDescription": "The type of the cluster. When cluster type is specified as\n\n- `single-node` , the *NumberOfNodes* parameter is not required.\n- `multi-node` , the *NumberOfNodes* parameter is required.\n\nValid Values: `multi-node` | `single-node`\n\nDefault: `multi-node`", - "title": "ClusterType", - "type": "string" - }, - "ClusterVersion": { - "markdownDescription": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\n\nThe version selected runs on all the nodes in the cluster.\n\nConstraints: Only version 1.0 is currently available.\n\nExample: `1.0`", - "title": "ClusterVersion", - "type": "string" - }, - "DBName": { - "markdownDescription": "The name of the first database to be created when the cluster is created.\n\nTo create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. For more information, go to [Create a Database](https://docs.aws.amazon.com/redshift/latest/dg/t_creating_database.html) in the Amazon Redshift Database Developer Guide.\n\nDefault: `dev`\n\nConstraints:\n\n- Must contain 1 to 64 alphanumeric characters.\n- Must contain only lowercase letters.\n- Cannot be a word that is reserved by the service. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "DBName", - "type": "string" - }, - "DeferMaintenance": { - "markdownDescription": "A Boolean indicating whether to enable the deferred maintenance window.", - "title": "DeferMaintenance", - "type": "boolean" - }, - "DeferMaintenanceDuration": { - "markdownDescription": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less.", - "title": "DeferMaintenanceDuration", - "type": "number" - }, - "DeferMaintenanceEndTime": { - "markdownDescription": "A timestamp for the end of the time period when we defer maintenance.", - "title": "DeferMaintenanceEndTime", - "type": "string" - }, - "DeferMaintenanceStartTime": { - "markdownDescription": "A timestamp indicating the start time for the deferred maintenance window.", - "title": "DeferMaintenanceStartTime", - "type": "string" - }, - "DestinationRegion": { - "markdownDescription": "The destination region that snapshots are automatically copied to when cross-region snapshot copy is enabled.", - "title": "DestinationRegion", - "type": "string" - }, - "ElasticIp": { - "markdownDescription": "The Elastic IP (EIP) address for the cluster.\n\nConstraints: The cluster must be provisioned in EC2-VPC and publicly-accessible through an Internet gateway. Don't specify the Elastic IP address for a publicly accessible cluster with availability zone relocation turned on. For more information about provisioning clusters in EC2-VPC, go to [Supported Platforms to Launch Your Cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#cluster-platforms) in the Amazon Redshift Cluster Management Guide.", - "title": "ElasticIp", - "type": "string" - }, - "Encrypted": { - "markdownDescription": "If `true` , the data in the cluster is encrypted at rest. If you set the value on this parameter to `false` , the request will fail.\n\nDefault: true", - "title": "Encrypted", - "type": "boolean" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::Redshift::Cluster.Endpoint", - "markdownDescription": "The connection endpoint.", - "title": "Endpoint" - }, - "EnhancedVpcRouting": { - "markdownDescription": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see [Enhanced VPC Routing](https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html) in the Amazon Redshift Cluster Management Guide.\n\nIf this option is `true` , enhanced VPC routing is enabled.\n\nDefault: false", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "HsmClientCertificateIdentifier": { - "markdownDescription": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.", - "title": "HsmClientCertificateIdentifier", - "type": "string" - }, - "HsmConfigurationIdentifier": { - "markdownDescription": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM.", - "title": "HsmConfigurationIdentifier", - "type": "string" - }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.\n\nThe maximum number of IAM roles that you can associate is subject to a quota. For more information, go to [Quotas and limits](https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html) in the *Amazon Redshift Cluster Management Guide* .", - "title": "IamRoles", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster.", - "title": "KmsKeyId", - "type": "string" - }, - "LoggingProperties": { - "$ref": "#/definitions/AWS::Redshift::Cluster.LoggingProperties", - "markdownDescription": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.", - "title": "LoggingProperties" - }, - "MaintenanceTrackName": { - "markdownDescription": "An optional parameter for the name of the maintenance track for the cluster. If you don't provide a maintenance track name, the cluster is assigned to the `current` track.", - "title": "MaintenanceTrackName", - "type": "string" - }, - "ManageMasterPassword": { - "markdownDescription": "If `true` , Amazon Redshift uses AWS Secrets Manager to manage this cluster's admin credentials. You can't use `MasterUserPassword` if `ManageMasterPassword` is true. If `ManageMasterPassword` is false or not set, Amazon Redshift uses `MasterUserPassword` for the admin user account's password.", - "title": "ManageMasterPassword", - "type": "boolean" - }, - "ManualSnapshotRetentionPeriod": { - "markdownDescription": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots.\n\nThe value must be either -1 or an integer between 1 and 3,653.", - "title": "ManualSnapshotRetentionPeriod", - "type": "number" - }, - "MasterPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if `ManageMasterPassword` is true.", - "title": "MasterPasswordSecretKmsKeyId", - "type": "string" - }, - "MasterUserPassword": { - "markdownDescription": "The password associated with the admin user account for the cluster that is being created.\n\nYou can't use `MasterUserPassword` if `ManageMasterPassword` is `true` .\n\nConstraints:\n\n- Must be between 8 and 64 characters in length.\n- Must contain at least one uppercase letter.\n- Must contain at least one lowercase letter.\n- Must contain one number.\n- Can be any printable ASCII character (ASCII code 33-126) except `'` (single quote), `\"` (double quote), `\\` , `/` , or `@` .", - "title": "MasterUserPassword", - "type": "string" - }, - "MasterUsername": { - "markdownDescription": "The user name associated with the admin user account for the cluster that is being created.\n\nConstraints:\n\n- Must be 1 - 128 alphanumeric characters or hyphens. The user name can't be `PUBLIC` .\n- Must contain only lowercase letters, numbers, underscore, plus sign, period (dot), at symbol (@), or hyphen.\n- The first character must be a letter.\n- Must not contain a colon (:) or a slash (/).\n- Cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "MasterUsername", - "type": "string" - }, - "MultiAZ": { - "markdownDescription": "A boolean indicating whether Amazon Redshift should deploy the cluster in two Availability Zones. The default is false.", - "title": "MultiAZ", - "type": "boolean" - }, - "NamespaceResourcePolicy": { - "markdownDescription": "The policy that is attached to a resource.", - "title": "NamespaceResourcePolicy", - "type": "object" - }, - "NodeType": { - "markdownDescription": "The node type to be provisioned for the cluster. For information about node types, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nValid Values: `dc2.large` | `dc2.8xlarge` | `ra3.large` | `ra3.xlplus` | `ra3.4xlarge` | `ra3.16xlarge`", - "title": "NodeType", - "type": "string" - }, - "NumberOfNodes": { - "markdownDescription": "The number of compute nodes in the cluster. This parameter is required when the *ClusterType* parameter is specified as `multi-node` .\n\nFor information about determining how many nodes you need, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nIf you don't specify this parameter, you get a single-node cluster. When requesting a multi-node cluster, you must specify the number of nodes that you want in the cluster.\n\nDefault: `1`\n\nConstraints: Value must be at least 1 and no more than 100.", - "title": "NumberOfNodes", - "type": "number" - }, - "OwnerAccount": { - "markdownDescription": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.", - "title": "OwnerAccount", - "type": "string" - }, - "Port": { - "markdownDescription": "The port number on which the cluster accepts incoming connections.\n\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections.\n\nDefault: `5439`\n\nValid Values:\n\n- For clusters with ra3 nodes - Select a port within the ranges `5431-5455` or `8191-8215` . (If you have an existing cluster with ra3 nodes, it isn't required that you change the port to these ranges.)\n- For clusters with dc2 nodes - Select a port within the range `1150-65535` .", - "title": "Port", - "type": "number" - }, - "PreferredMaintenanceWindow": { - "markdownDescription": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nDefault: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see [Maintenance Windows](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#rs-maintenance-windows) in Amazon Redshift Cluster Management Guide.\n\nValid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun\n\nConstraints: Minimum 30-minute window.", - "title": "PreferredMaintenanceWindow", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "If `true` , the cluster can be accessed from a public network.\n\nDefault: false", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "ResourceAction": { - "markdownDescription": "The Amazon Redshift operation to be performed. Supported operations are `pause-cluster` , `resume-cluster` , and `failover-primary-compute` .", - "title": "ResourceAction", - "type": "string" - }, - "RevisionTarget": { - "markdownDescription": "Describes a `RevisionTarget` object.", - "title": "RevisionTarget", - "type": "string" - }, - "RotateEncryptionKey": { - "markdownDescription": "Rotates the encryption keys for a cluster.", - "title": "RotateEncryptionKey", - "type": "boolean" - }, - "SnapshotClusterIdentifier": { - "markdownDescription": "The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", - "title": "SnapshotClusterIdentifier", - "type": "string" - }, - "SnapshotCopyGrantName": { - "markdownDescription": "The name of the snapshot copy grant.", - "title": "SnapshotCopyGrantName", - "type": "string" - }, - "SnapshotCopyManual": { - "markdownDescription": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.", - "title": "SnapshotCopyManual", - "type": "boolean" - }, - "SnapshotCopyRetentionPeriod": { - "markdownDescription": "The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region .\n\nBy default, this only changes the retention period of copied automated snapshots.\n\nIf you decrease the retention period for automated snapshots that are copied to a destination AWS Region , Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.\n\nConstraints: Must be at least 1 and no more than 35 for automated snapshots.\n\nIf you specify the `manual` option, only newly copied manual snapshots will have the new retention period.\n\nIf you specify the value of -1 newly copied manual snapshots are retained indefinitely.\n\nConstraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.", - "title": "SnapshotCopyRetentionPeriod", - "type": "number" - }, - "SnapshotIdentifier": { - "markdownDescription": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. You must specify this parameter or `snapshotArn` , but not both.\n\nExample: `my-snapshot-id`", - "title": "SnapshotIdentifier", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag instances.", - "title": "Tags", - "type": "array" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n\nDefault: The default VPC security group is associated with the cluster.", - "title": "VpcSecurityGroupIds", - "type": "array" - } - }, - "required": [ - "ClusterType", - "DBName", - "MasterUsername", - "NodeType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Redshift::Cluster" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectOwnership": { + "markdownDescription": "Specifies an object ownership rule.", + "title": "ObjectOwnership", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Redshift::Cluster.Endpoint": { + "AWS::S3::Bucket.PartitionedPrefix": { "additionalProperties": false, "properties": { - "Address": { - "markdownDescription": "The DNS address of the cluster. This property is read only.", - "title": "Address", - "type": "string" - }, - "Port": { - "markdownDescription": "The port that the database engine is listening on. This property is read only.", - "title": "Port", + "PartitionDateSource": { + "markdownDescription": "Specifies the partition date source for the partitioned prefix. `PartitionDateSource` can be `EventTime` or `DeliveryTime` .\n\nFor `DeliveryTime` , the time in the log file names corresponds to the delivery time for the log files.\n\nFor `EventTime` , The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.", + "title": "PartitionDateSource", "type": "string" } }, "type": "object" }, - "AWS::Redshift::Cluster.LoggingProperties": { + "AWS::S3::Bucket.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of an existing S3 bucket where the log files are to be stored.\n\nConstraints:\n\n- Must be in the same region as the cluster\n- The cluster must have read bucket and put object permissions", - "title": "BucketName", - "type": "string" + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" }, - "S3KeyPrefix": { - "markdownDescription": "The prefix applied to the log file names.\n\nValid characters are any letter from any language, any whitespace character, any numeric character, and the following characters: underscore ( `_` ), period ( `.` ), colon ( `:` ), slash ( `/` ), equal ( `=` ), plus ( `+` ), backslash ( `\\` ), hyphen ( `-` ), at symbol ( `@` ).", - "title": "S3KeyPrefix", - "type": "string" + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" } }, "type": "object" }, - "AWS::Redshift::ClusterParameterGroup": { + "AWS::S3::Bucket.QueueConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Event": { + "markdownDescription": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the parameter group.", - "title": "Description", - "type": "string" - }, - "ParameterGroupFamily": { - "markdownDescription": "The name of the cluster parameter group family that this cluster parameter group is compatible with. You can create a custom parameter group and then associate your cluster with it. For more information, see [Amazon Redshift parameter groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html) .", - "title": "ParameterGroupFamily", - "type": "string" - }, - "ParameterGroupName": { - "markdownDescription": "The name of the cluster parameter group.", - "title": "ParameterGroupName", - "type": "string" - }, - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::Redshift::ClusterParameterGroup.Parameter" - }, - "markdownDescription": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.\n\nFor each parameter to be modified, you must supply at least the parameter name and parameter value; other name-value pairs of the parameter are optional.\n\nFor the workload management (WLM) configuration, you must supply all the name-value pairs in the wlm_json_configuration parameter.", - "title": "Parameters", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The list of tags for the cluster parameter group.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "ParameterGroupFamily" - ], - "type": "object" + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", + "title": "Filter" }, - "Type": { - "enum": [ - "AWS::Redshift::ClusterParameterGroup" - ], + "Queue": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.", + "title": "Queue", "type": "string" + } + }, + "required": [ + "Event", + "Queue" + ], + "type": "object" + }, + "AWS::S3::Bucket.RecordExpiration": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "If you enable journal table record expiration, you can set the number of days to retain your journal table records. Journal table records must be retained for a minimum of 7 days. To set this value, specify any whole number from `7` to `2147483647` . For example, to retain your journal table records for one year, set this value to `365` .", + "title": "Days", + "type": "number" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Expiration": { + "markdownDescription": "Specifies whether journal table record expiration is enabled or disabled.", + "title": "Expiration", "type": "string" } }, "required": [ - "Type", - "Properties" + "Expiration" ], "type": "object" }, - "AWS::Redshift::ClusterParameterGroup.Parameter": { + "AWS::S3::Bucket.RedirectAllRequestsTo": { "additionalProperties": false, "properties": { - "ParameterName": { - "markdownDescription": "The name of the parameter.", - "title": "ParameterName", + "HostName": { + "markdownDescription": "Name of the host where requests are redirected.", + "title": "HostName", "type": "string" }, - "ParameterValue": { - "markdownDescription": "The value of the parameter. If `ParameterName` is `wlm_json_configuration` , then the maximum size of `ParameterValue` is 8000 characters.", - "title": "ParameterValue", + "Protocol": { + "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", + "title": "Protocol", "type": "string" } }, "required": [ - "ParameterName", - "ParameterValue" + "HostName" ], "type": "object" }, - "AWS::Redshift::ClusterSecurityGroup": { + "AWS::S3::Bucket.RedirectRule": { "additionalProperties": false, "properties": { - "Condition": { + "HostName": { + "markdownDescription": "The host name to use in the redirect request.", + "title": "HostName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HttpRedirectCode": { + "markdownDescription": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.", + "title": "HttpRedirectCode", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the security group.", - "title": "Description", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this security group. Use tags to manage your resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description" - ], - "type": "object" + "Protocol": { + "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", + "title": "Protocol", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Redshift::ClusterSecurityGroup" - ], + "ReplaceKeyPrefixWith": { + "markdownDescription": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix `docs/` (objects in the `docs/` folder) to `documents/` , you can set a condition block with `KeyPrefixEquals` set to `docs/` and in the Redirect set `ReplaceKeyPrefixWith` to `/documents` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "ReplaceKeyPrefixWith", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ReplaceKeyWith": { + "markdownDescription": "The specific object key to use in the redirect request. For example, redirect request to `error.html` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyPrefixWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "ReplaceKeyWith", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.ReplicaModifications": { + "additionalProperties": false, + "properties": { + "Status": { + "markdownDescription": "Specifies whether Amazon S3 replicates modifications on replicas.\n\n*Allowed values* : `Enabled` | `Disabled`", + "title": "Status", "type": "string" } }, "required": [ - "Type", - "Properties" + "Status" ], "type": "object" }, - "AWS::Redshift::ClusterSecurityGroupIngress": { + "AWS::S3::Bucket.ReplicationConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide* .", + "title": "Role", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CIDRIP": { - "markdownDescription": "The IP range to be added the Amazon Redshift security group.", - "title": "CIDRIP", - "type": "string" - }, - "ClusterSecurityGroupName": { - "markdownDescription": "The name of the security group to which the ingress rule is added.", - "title": "ClusterSecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupName": { - "markdownDescription": "The EC2 security group to be added the Amazon Redshift security group.", - "title": "EC2SecurityGroupName", - "type": "string" - }, - "EC2SecurityGroupOwnerId": { - "markdownDescription": "The AWS account number of the owner of the security group specified by the *EC2SecurityGroupName* parameter. The AWS Access Key ID is not an acceptable value.\n\nExample: `111122223333`\n\nConditional. If you specify the `EC2SecurityGroupName` property, you must specify this property.", - "title": "EC2SecurityGroupOwnerId", - "type": "string" - } + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRule" }, - "required": [ - "ClusterSecurityGroupName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Redshift::ClusterSecurityGroupIngress" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.", + "title": "Rules", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Role", + "Rules" ], "type": "object" }, - "AWS::Redshift::ClusterSubnetGroup": { + "AWS::S3::Bucket.ReplicationDestination": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AccessControlTranslation": { + "$ref": "#/definitions/AWS::S3::Bucket.AccessControlTranslation", + "markdownDescription": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.", + "title": "AccessControlTranslation" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Account": { + "markdownDescription": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS account that owns the destination bucket by specifying the `AccessControlTranslation` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide* .\n\nIf you specify the `AccessControlTranslation` property, the `Account` property is required.", + "title": "Account", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Bucket": { + "markdownDescription": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.", + "title": "Bucket", + "type": "string" }, - "Metadata": { - "type": "object" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3::Bucket.EncryptionConfiguration", + "markdownDescription": "Specifies encryption-related information.", + "title": "EncryptionConfiguration" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description for the subnet group.", - "title": "Description", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of VPC subnet IDs. A maximum of 20 subnets can be modified in a single request.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this subnet group. Use tags to manage your resources.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Description", - "SubnetIds" - ], - "type": "object" + "Metrics": { + "$ref": "#/definitions/AWS::S3::Bucket.Metrics", + "markdownDescription": "A container specifying replication metrics-related settings enabling replication metrics and events.", + "title": "Metrics" }, - "Type": { - "enum": [ - "AWS::Redshift::ClusterSubnetGroup" - ], - "type": "string" + "ReplicationTime": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTime", + "markdownDescription": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a `Metrics` block.", + "title": "ReplicationTime" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StorageClass": { + "markdownDescription": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* .\n\n`FSX_OPENZFS` is not an accepted value when replicating objects.", + "title": "StorageClass", "type": "string" } }, "required": [ - "Type", - "Properties" + "Bucket" ], "type": "object" }, - "AWS::Redshift::EndpointAccess": { + "AWS::S3::Bucket.ReplicationRule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DeleteMarkerReplication": { + "$ref": "#/definitions/AWS::S3::Bucket.DeleteMarkerReplication", + "markdownDescription": "Specifies whether Amazon S3 replicates delete markers. If you specify a `Filter` in your replication configuration, you must also include a `DeleteMarkerReplication` element. If your `Filter` includes a `Tag` element, the `DeleteMarkerReplication` `Status` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config) .\n\nFor more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html) .\n\n> If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations) .", + "title": "DeleteMarkerReplication" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Destination": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationDestination", + "markdownDescription": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).", + "title": "Destination" }, - "Metadata": { - "type": "object" + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleFilter", + "markdownDescription": "A filter that identifies the subset of objects to which the replication rule applies. A `Filter` must specify exactly one `Prefix` , `TagFilter` , or an `And` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n\n> V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.", + "title": "Filter" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterIdentifier": { - "markdownDescription": "The cluster identifier of the cluster associated with the endpoint.", - "title": "ClusterIdentifier", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint.", - "title": "EndpointName", - "type": "string" - }, - "ResourceOwner": { - "markdownDescription": "The AWS account ID of the owner of the cluster.", - "title": "ResourceOwner", - "type": "string" - }, - "SubnetGroupName": { - "markdownDescription": "The subnet group name where Amazon Redshift chooses to deploy the endpoint.", - "title": "SubnetGroupName", - "type": "string" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", - "title": "VpcSecurityGroupIds", - "type": "array" - } - }, - "required": [ - "ClusterIdentifier", - "EndpointName", - "SubnetGroupName", - "VpcSecurityGroupIds" - ], - "type": "object" + "Id": { + "markdownDescription": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".", + "title": "Id", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Redshift::EndpointAccess" - ], + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Priority": { + "markdownDescription": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.\n\nFor more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide* .", + "title": "Priority", + "type": "number" + }, + "SourceSelectionCriteria": { + "$ref": "#/definitions/AWS::S3::Bucket.SourceSelectionCriteria", + "markdownDescription": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.", + "title": "SourceSelectionCriteria" + }, + "Status": { + "markdownDescription": "Specifies whether the rule is enabled.", + "title": "Status", "type": "string" } }, "required": [ - "Type", - "Properties" + "Destination", + "Status" ], "type": "object" }, - "AWS::Redshift::EndpointAccess.NetworkInterface": { + "AWS::S3::Bucket.ReplicationRuleAndOperator": { "additionalProperties": false, "properties": { - "AvailabilityZone": { - "markdownDescription": "The Availability Zone.", - "title": "AvailabilityZone", - "type": "string" - }, - "NetworkInterfaceId": { - "markdownDescription": "The network interface identifier.", - "title": "NetworkInterfaceId", - "type": "string" - }, - "PrivateIpAddress": { - "markdownDescription": "The IPv4 address of the network interface within the subnet.", - "title": "PrivateIpAddress", + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", + "title": "Prefix", "type": "string" }, - "SubnetId": { - "markdownDescription": "The subnet identifier.", - "title": "SubnetId", - "type": "string" + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "An array of tags containing key and value pairs.", + "title": "TagFilters", + "type": "array" } }, "type": "object" }, - "AWS::Redshift::EndpointAccess.VpcEndpoint": { + "AWS::S3::Bucket.ReplicationRuleFilter": { "additionalProperties": false, "properties": { - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::Redshift::EndpointAccess.NetworkInterface" - }, - "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", - "title": "NetworkInterfaces", - "type": "array" + "And": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleAndOperator", + "markdownDescription": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:\n\n- If you specify both a `Prefix` and a `TagFilter` , wrap these filters in an `And` tag.\n- If you specify a filter based on multiple tags, wrap the `TagFilter` elements in an `And` tag.", + "title": "And" }, - "VpcEndpointId": { - "markdownDescription": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.", - "title": "VpcEndpointId", + "Prefix": { + "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", "type": "string" }, - "VpcId": { - "markdownDescription": "The VPC identifier that the endpoint is associated.", - "title": "VpcId", - "type": "string" + "TagFilter": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter", + "markdownDescription": "A container for specifying a tag key and value.\n\nThe rule applies only to objects that have the tag in their tag set.", + "title": "TagFilter" } }, "type": "object" }, - "AWS::Redshift::EndpointAccess.VpcSecurityGroup": { + "AWS::S3::Bucket.ReplicationTime": { "additionalProperties": false, "properties": { "Status": { - "markdownDescription": "The status of the endpoint.", + "markdownDescription": "Specifies whether the replication time is enabled.", "title": "Status", "type": "string" }, - "VpcSecurityGroupId": { - "markdownDescription": "The identifier of the VPC security group.", - "title": "VpcSecurityGroupId", - "type": "string" + "Time": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", + "markdownDescription": "A container specifying the time by which replication should be complete for all objects and operations on objects.", + "title": "Time" } }, + "required": [ + "Status", + "Time" + ], "type": "object" }, - "AWS::Redshift::EndpointAuthorization": { + "AWS::S3::Bucket.ReplicationTimeValue": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Account": { - "markdownDescription": "The AWS account ID of either the cluster owner (grantor) or grantee. If `Grantee` parameter is true, then the `Account` value is of the grantor.", - "title": "Account", - "type": "string" - }, - "ClusterIdentifier": { - "markdownDescription": "The cluster identifier.", - "title": "ClusterIdentifier", - "type": "string" - }, - "Force": { - "markdownDescription": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted.", - "title": "Force", - "type": "boolean" - }, - "VpcIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The virtual private cloud (VPC) identifiers to grant access to.", - "title": "VpcIds", - "type": "array" - } - }, - "required": [ - "Account", - "ClusterIdentifier" - ], - "type": "object" + "Minutes": { + "markdownDescription": "Contains an integer specifying time in minutes.\n\nValid value: 15", + "title": "Minutes", + "type": "number" + } + }, + "required": [ + "Minutes" + ], + "type": "object" + }, + "AWS::S3::Bucket.RoutingRule": { + "additionalProperties": false, + "properties": { + "RedirectRule": { + "$ref": "#/definitions/AWS::S3::Bucket.RedirectRule", + "markdownDescription": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.", + "title": "RedirectRule" }, - "Type": { - "enum": [ - "AWS::Redshift::EndpointAuthorization" - ], + "RoutingRuleCondition": { + "$ref": "#/definitions/AWS::S3::Bucket.RoutingRuleCondition", + "markdownDescription": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the `/docs` folder, redirect to the `/documents` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.", + "title": "RoutingRuleCondition" + } + }, + "required": [ + "RedirectRule" + ], + "type": "object" + }, + "AWS::S3::Bucket.RoutingRuleCondition": { + "additionalProperties": false, + "properties": { + "HttpErrorCodeReturnedEquals": { + "markdownDescription": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n\nRequired when parent element `Condition` is specified and sibling `KeyPrefixEquals` is not specified. If both are specified, then both must be true for the redirect to be applied.", + "title": "HttpErrorCodeReturnedEquals", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KeyPrefixEquals": { + "markdownDescription": "The object key name prefix when the redirect is applied. For example, to redirect requests for `ExamplePage.html` , the key prefix will be `ExamplePage.html` . To redirect request for all pages with the prefix `docs/` , the key prefix will be `docs/` , which identifies all objects in the docs/ folder.\n\nRequired when the parent element `Condition` is specified and sibling `HttpErrorCodeReturnedEquals` is not specified. If both conditions are specified, both must be true for the redirect to be applied.", + "title": "KeyPrefixEquals", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Redshift::EventSubscription": { + "AWS::S3::Bucket.Rule": { "additionalProperties": false, "properties": { - "Condition": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3::Bucket.AbortIncompleteMultipartUpload", + "markdownDescription": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.", + "title": "AbortIncompleteMultipartUpload" + }, + "ExpirationDate": { + "markdownDescription": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationDate", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ExpirationInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationInDays", + "type": "number" + }, + "ExpiredObjectDeleteMarker": { + "markdownDescription": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with `ExpirationInDays` , `ExpirationDate` , or `TagFilters` .", + "title": "ExpiredObjectDeleteMarker", + "type": "boolean" + }, + "Id": { + "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", + "title": "Id", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NoncurrentVersionExpiration": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionExpiration", + "markdownDescription": "Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.", + "title": "NoncurrentVersionExpiration" }, - "Metadata": { - "type": "object" + "NoncurrentVersionExpirationInDays": { + "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.", + "title": "NoncurrentVersionExpirationInDays", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "A boolean value; set to `true` to activate the subscription, and set to `false` to create the subscription but not activate it.", - "title": "Enabled", - "type": "boolean" - }, - "EventCategories": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the Amazon Redshift event categories to be published by the event notification subscription.\n\nValues: configuration, management, monitoring, security, pending", - "title": "EventCategories", - "type": "array" - }, - "Severity": { - "markdownDescription": "Specifies the Amazon Redshift event severity to be published by the event notification subscription.\n\nValues: ERROR, INFO", - "title": "Severity", - "type": "string" - }, - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", - "title": "SnsTopicArn", - "type": "string" - }, - "SourceIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of one or more identifiers of Amazon Redshift source objects. All of the objects must be of the same type as was specified in the source type parameter. The event subscription will return only events generated by the specified objects. If not specified, then events are returned for all objects within the source type specified.\n\nExample: my-cluster-1, my-cluster-2\n\nExample: my-snapshot-20131010", - "title": "SourceIds", - "type": "array" - }, - "SourceType": { - "markdownDescription": "The type of source that will be generating the events. For example, if you want to be notified of events generated by a cluster, you would set this parameter to cluster. If this value is not specified, events are returned for all Amazon Redshift objects in your AWS account . You must specify a source type in order to specify source IDs.\n\nValid values: cluster, cluster-parameter-group, cluster-security-group, cluster-snapshot, and scheduled-action.", - "title": "SourceType", - "type": "string" - }, - "SubscriptionName": { - "markdownDescription": "The name of the event subscription to be created.\n\nConstraints:\n\n- Cannot be null, empty, or blank.\n- Must contain from 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", - "title": "SubscriptionName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tag instances.", - "title": "Tags", - "type": "array" - } + "NoncurrentVersionTransition": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition", + "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransitions` property.", + "title": "NoncurrentVersionTransition" + }, + "NoncurrentVersionTransitions": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition" }, - "required": [ - "SubscriptionName" - ], - "type": "object" + "markdownDescription": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransition` property.", + "title": "NoncurrentVersionTransitions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Redshift::EventSubscription" - ], + "ObjectSizeGreaterThan": { + "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeGreaterThan", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ObjectSizeLessThan": { + "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeLessThan", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", + "type": "string" + }, + "Status": { + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", + "title": "Status", "type": "string" + }, + "TagFilters": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + }, + "markdownDescription": "Tags to use to identify a subset of objects to which the lifecycle rule applies.", + "title": "TagFilters", + "type": "array" + }, + "Transition": { + "$ref": "#/definitions/AWS::S3::Bucket.Transition", + "markdownDescription": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transitions` property.", + "title": "Transition" + }, + "Transitions": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.Transition" + }, + "markdownDescription": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transition` property.", + "title": "Transitions", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Status" ], "type": "object" }, - "AWS::Redshift::ScheduledAction": { + "AWS::S3::Bucket.S3KeyFilter": { "additionalProperties": false, "properties": { - "Condition": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.FilterRule" + }, + "markdownDescription": "A list of containers for the key-value pair that defines the criteria for the filter rule.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3::Bucket.S3TablesDestination": { + "additionalProperties": false, + "properties": { + "TableArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the metadata table in the metadata table configuration. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "TableArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableBucketArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the table bucket that's specified as the destination in the metadata table configuration. The destination table bucket must be in the same Region and AWS account as the general purpose bucket.", + "title": "TableBucketArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Enable": { - "markdownDescription": "If true, the schedule is enabled. If false, the scheduled action does not trigger. For more information about `state` of the scheduled action, see `ScheduledAction` .", - "title": "Enable", - "type": "boolean" - }, - "EndTime": { - "markdownDescription": "The end time in UTC when the schedule is no longer active. After this time, the scheduled action does not trigger.", - "title": "EndTime", - "type": "string" - }, - "IamRole": { - "markdownDescription": "The IAM role to assume to run the scheduled action. This IAM role must have permission to run the Amazon Redshift API operation in the scheduled action. This IAM role must allow the Amazon Redshift scheduler (Principal scheduler.redshift.amazonaws.com) to assume permissions on your behalf. For more information about the IAM role to use with the Amazon Redshift scheduler, see [Using Identity-Based Policies for Amazon Redshift](https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-identity-based.html) in the *Amazon Redshift Cluster Management Guide* .", - "title": "IamRole", - "type": "string" - }, - "Schedule": { - "markdownDescription": "The schedule for a one-time (at format) or recurring (cron format) scheduled action. Schedule invocations must be separated by at least one hour.\n\nFormat of at expressions is \" `at(yyyy-mm-ddThh:mm:ss)` \". For example, \" `at(2016-03-04T17:27:00)` \".\n\nFormat of cron expressions is \" `cron(Minutes Hours Day-of-month Month Day-of-week Year)` \". For example, \" `cron(0 10 ? * MON *)` \". For more information, see [Cron Expressions](https://docs.aws.amazon.com//AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) in the *Amazon CloudWatch Events User Guide* .", - "title": "Schedule", - "type": "string" - }, - "ScheduledActionDescription": { - "markdownDescription": "The description of the scheduled action.", - "title": "ScheduledActionDescription", - "type": "string" - }, - "ScheduledActionName": { - "markdownDescription": "The name of the scheduled action.", - "title": "ScheduledActionName", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The start time in UTC when the schedule is active. Before this time, the scheduled action does not trigger.", - "title": "StartTime", - "type": "string" - }, - "TargetAction": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ScheduledActionType", - "markdownDescription": "A JSON format string of the Amazon Redshift API operation with input parameters.\n\n\" `{\\\"ResizeCluster\\\":{\\\"NodeType\\\":\\\"ra3.4xlarge\\\",\\\"ClusterIdentifier\\\":\\\"my-test-cluster\\\",\\\"NumberOfNodes\\\":3}}` \".", - "title": "TargetAction" - } - }, - "required": [ - "ScheduledActionName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Redshift::ScheduledAction" - ], + "TableName": { + "markdownDescription": "The name for the metadata table in your metadata table configuration. The specified metadata table name must be unique within the `aws_s3_metadata` namespace in the destination table bucket.", + "title": "TableName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TableNamespace": { + "markdownDescription": "The table bucket namespace for the metadata table in your metadata table configuration. This value is always `aws_s3_metadata` .", + "title": "TableNamespace", "type": "string" } }, "required": [ - "Type", - "Properties" + "TableBucketArn", + "TableName" ], "type": "object" }, - "AWS::Redshift::ScheduledAction.PauseClusterMessage": { + "AWS::S3::Bucket.ServerSideEncryptionByDefault": { "additionalProperties": false, "properties": { - "ClusterIdentifier": { - "markdownDescription": "The identifier of the cluster to be paused.", - "title": "ClusterIdentifier", + "KMSMasterKeyID": { + "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption.\n\n> - *General purpose buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` or `aws:kms:dsse` .\n> - *Directory buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` . \n\nYou can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key Alias: `alias/alias-name`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy) .\n\n> - *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then AWS KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.\n> - *Directory buckets* - When you specify an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KMSMasterKeyID", + "type": "string" + }, + "SSEAlgorithm": { + "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", + "title": "SSEAlgorithm", "type": "string" } }, "required": [ - "ClusterIdentifier" + "SSEAlgorithm" ], "type": "object" }, - "AWS::Redshift::ScheduledAction.ResizeClusterMessage": { + "AWS::S3::Bucket.ServerSideEncryptionRule": { "additionalProperties": false, "properties": { - "Classic": { - "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", - "title": "Classic", + "BucketKeyEnabled": { + "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the `BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide* .", + "title": "BucketKeyEnabled", "type": "boolean" }, - "ClusterIdentifier": { - "markdownDescription": "The unique identifier for the cluster to resize.", - "title": "ClusterIdentifier", - "type": "string" - }, - "ClusterType": { - "markdownDescription": "The new cluster type for the specified cluster.", - "title": "ClusterType", - "type": "string" - }, - "NodeType": { - "markdownDescription": "The new node type for the nodes you are adding. If not specified, the cluster's current node type is used.", - "title": "NodeType", - "type": "string" + "ServerSideEncryptionByDefault": { + "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionByDefault", + "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", + "title": "ServerSideEncryptionByDefault" + } + }, + "type": "object" + }, + "AWS::S3::Bucket.SourceSelectionCriteria": { + "additionalProperties": false, + "properties": { + "ReplicaModifications": { + "$ref": "#/definitions/AWS::S3::Bucket.ReplicaModifications", + "markdownDescription": "A filter that you can specify for selection for modifications on replicas.", + "title": "ReplicaModifications" }, - "NumberOfNodes": { - "markdownDescription": "The new number of nodes for the cluster. If not specified, the cluster's current number of nodes is used.", - "title": "NumberOfNodes", - "type": "number" + "SseKmsEncryptedObjects": { + "$ref": "#/definitions/AWS::S3::Bucket.SseKmsEncryptedObjects", + "markdownDescription": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.", + "title": "SseKmsEncryptedObjects" } }, - "required": [ - "ClusterIdentifier" - ], "type": "object" }, - "AWS::Redshift::ScheduledAction.ResumeClusterMessage": { + "AWS::S3::Bucket.SseKmsEncryptedObjects": { "additionalProperties": false, "properties": { - "ClusterIdentifier": { - "markdownDescription": "The identifier of the cluster to be resumed.", - "title": "ClusterIdentifier", + "Status": { + "markdownDescription": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.", + "title": "Status", "type": "string" } }, "required": [ - "ClusterIdentifier" + "Status" ], "type": "object" }, - "AWS::Redshift::ScheduledAction.ScheduledActionType": { + "AWS::S3::Bucket.StorageClassAnalysis": { "additionalProperties": false, "properties": { - "PauseCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.PauseClusterMessage", - "markdownDescription": "An action that runs a `PauseCluster` API operation.", - "title": "PauseCluster" - }, - "ResizeCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResizeClusterMessage", - "markdownDescription": "An action that runs a `ResizeCluster` API operation.", - "title": "ResizeCluster" - }, - "ResumeCluster": { - "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResumeClusterMessage", - "markdownDescription": "An action that runs a `ResumeCluster` API operation.", - "title": "ResumeCluster" + "DataExport": { + "$ref": "#/definitions/AWS::S3::Bucket.DataExport", + "markdownDescription": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.", + "title": "DataExport" } }, "type": "object" }, - "AWS::RedshiftServerless::Namespace": { + "AWS::S3::Bucket.TagFilter": { "additionalProperties": false, "properties": { - "Condition": { + "Key": { + "markdownDescription": "The tag key.", + "title": "Key", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The tag value.", + "title": "Value", "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::S3::Bucket.TargetObjectKeyFormat": { + "additionalProperties": false, + "properties": { + "PartitionedPrefix": { + "$ref": "#/definitions/AWS::S3::Bucket.PartitionedPrefix", + "markdownDescription": "Partitioned S3 key for log objects.", + "title": "PartitionedPrefix" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AdminPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if `ManageAdminPassword` is `true` .", - "title": "AdminPasswordSecretKmsKeyId", - "type": "string" - }, - "AdminUserPassword": { - "markdownDescription": "The password of the administrator for the primary database created in the namespace.", - "title": "AdminUserPassword", - "type": "string" - }, - "AdminUsername": { - "markdownDescription": "The username of the administrator for the primary database created in the namespace.", - "title": "AdminUsername", - "type": "string" - }, - "DbName": { - "markdownDescription": "The name of the primary database created in the namespace.", - "title": "DbName", - "type": "string" - }, - "DefaultIamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", - "title": "DefaultIamRoleArn", - "type": "string" - }, - "FinalSnapshotName": { - "markdownDescription": "The name of the snapshot to be created before the namespace is deleted.", - "title": "FinalSnapshotName", - "type": "string" - }, - "FinalSnapshotRetentionPeriod": { - "markdownDescription": "How long to retain the final snapshot.", - "title": "FinalSnapshotRetentionPeriod", - "type": "number" - }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM roles to associate with the namespace.", - "title": "IamRoles", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", - "title": "KmsKeyId", - "type": "string" - }, - "LogExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of logs the namespace can export. Available export types are `userlog` , `connectionlog` , and `useractivitylog` .", - "title": "LogExports", - "type": "array" - }, - "ManageAdminPassword": { - "markdownDescription": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use `AdminUserPassword` if `ManageAdminPassword` is true. If `ManageAdminPassword` is `false` or not set, Amazon Redshift uses `AdminUserPassword` for the admin user account's password.", - "title": "ManageAdminPassword", - "type": "boolean" - }, - "NamespaceName": { - "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "NamespaceName", - "type": "string" - }, - "NamespaceResourcePolicy": { - "markdownDescription": "The resource policy that will be attached to the namespace.", - "title": "NamespaceResourcePolicy", - "type": "object" - }, - "RedshiftIdcApplicationArn": { - "markdownDescription": "The ARN for the Redshift application that integrates with IAM Identity Center.", - "title": "RedshiftIdcApplicationArn", - "type": "string" - }, - "SnapshotCopyConfigurations": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration" - }, - "markdownDescription": "", - "title": "SnapshotCopyConfigurations", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The map of the key-value pairs used to tag the namespace.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "NamespaceName" - ], + "SimplePrefix": { + "markdownDescription": "To use the simple format for S3 keys for log objects. To specify SimplePrefix format, set SimplePrefix to {}.", + "title": "SimplePrefix", "type": "object" - }, - "Type": { - "enum": [ - "AWS::RedshiftServerless::Namespace" - ], + } + }, + "type": "object" + }, + "AWS::S3::Bucket.Tiering": { + "additionalProperties": false, + "properties": { + "AccessTier": { + "markdownDescription": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.", + "title": "AccessTier", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Days": { + "markdownDescription": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).", + "title": "Days", + "type": "number" } }, "required": [ - "Type", - "Properties" + "AccessTier", + "Days" ], "type": "object" }, - "AWS::RedshiftServerless::Namespace.Namespace": { + "AWS::S3::Bucket.TopicConfiguration": { "additionalProperties": false, "properties": { - "AdminPasswordSecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the namespace's admin user credentials secret.", - "title": "AdminPasswordSecretArn", - "type": "string" - }, - "AdminPasswordSecretKmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret.", - "title": "AdminPasswordSecretKmsKeyId", - "type": "string" - }, - "AdminUsername": { - "markdownDescription": "The username of the administrator for the first database created in the namespace.", - "title": "AdminUsername", - "type": "string" - }, - "CreationDate": { - "markdownDescription": "The date of when the namespace was created.", - "title": "CreationDate", - "type": "string" - }, - "DbName": { - "markdownDescription": "The name of the first database created in the namespace.", - "title": "DbName", - "type": "string" - }, - "DefaultIamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", - "title": "DefaultIamRoleArn", - "type": "string" - }, - "IamRoles": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM roles to associate with the namespace.", - "title": "IamRoles", - "type": "array" - }, - "KmsKeyId": { - "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", - "title": "KmsKeyId", + "Event": { + "markdownDescription": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", + "title": "Event", "type": "string" }, - "LogExports": { - "items": { - "type": "string" - }, - "markdownDescription": "The types of logs the namespace can export. Available export types are User log, Connection log, and User activity log.", - "title": "LogExports", - "type": "array" + "Filter": { + "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", + "markdownDescription": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket.", + "title": "Filter" }, - "NamespaceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) associated with a namespace.", - "title": "NamespaceArn", + "Topic": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.", + "title": "Topic", "type": "string" - }, - "NamespaceId": { - "markdownDescription": "The unique identifier of a namespace.", - "title": "NamespaceId", + } + }, + "required": [ + "Event", + "Topic" + ], + "type": "object" + }, + "AWS::S3::Bucket.Transition": { + "additionalProperties": false, + "properties": { + "StorageClass": { + "markdownDescription": "The storage class to which you want the object to transition.", + "title": "StorageClass", "type": "string" }, - "NamespaceName": { - "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", - "title": "NamespaceName", + "TransitionDate": { + "markdownDescription": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.", + "title": "TransitionDate", "type": "string" }, + "TransitionInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is `INTELLIGENT_TIERING` , `GLACIER_IR` , `GLACIER` , or `DEEP_ARCHIVE` , valid values are `0` or positive integers. If the specified storage class is `STANDARD_IA` or `ONEZONE_IA` , valid values are positive integers greater than `30` . Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide* .", + "title": "TransitionInDays", + "type": "number" + } + }, + "required": [ + "StorageClass" + ], + "type": "object" + }, + "AWS::S3::Bucket.VersioningConfiguration": { + "additionalProperties": false, + "properties": { "Status": { - "markdownDescription": "The status of the namespace.", + "markdownDescription": "The versioning state of the bucket.", "title": "Status", "type": "string" } }, + "required": [ + "Status" + ], "type": "object" }, - "AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration": { + "AWS::S3::Bucket.WebsiteConfiguration": { "additionalProperties": false, "properties": { - "DestinationKmsKeyId": { - "markdownDescription": "The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region .", - "title": "DestinationKmsKeyId", + "ErrorDocument": { + "markdownDescription": "The name of the error document for the website.", + "title": "ErrorDocument", "type": "string" }, - "DestinationRegion": { - "markdownDescription": "The destination AWS Region to copy snapshots to.", - "title": "DestinationRegion", + "IndexDocument": { + "markdownDescription": "The name of the index document for the website.", + "title": "IndexDocument", "type": "string" }, - "SnapshotRetentionPeriod": { - "markdownDescription": "The retention period of snapshots that are copied to the destination AWS Region .", - "title": "SnapshotRetentionPeriod", - "type": "number" + "RedirectAllRequestsTo": { + "$ref": "#/definitions/AWS::S3::Bucket.RedirectAllRequestsTo", + "markdownDescription": "The redirect behavior for every request to this bucket's website endpoint.\n\n> If you specify this property, you can't specify any other property.", + "title": "RedirectAllRequestsTo" + }, + "RoutingRules": { + "items": { + "$ref": "#/definitions/AWS::S3::Bucket.RoutingRule" + }, + "markdownDescription": "Rules that define when a redirect is applied and the redirect behavior.", + "title": "RoutingRules", + "type": "array" } }, - "required": [ - "DestinationRegion" - ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup": { + "AWS::S3::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -228344,82 +279830,26 @@ "Properties": { "additionalProperties": false, "properties": { - "BaseCapacity": { - "markdownDescription": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs).", - "title": "BaseCapacity", - "type": "number" - }, - "ConfigParameters": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" - }, - "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ConfigParameters", - "type": "array" - }, - "EnhancedVpcRouting": { - "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "MaxCapacity": { - "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", - "title": "MaxCapacity", - "type": "number" - }, - "NamespaceName": { - "markdownDescription": "The namespace the workgroup is associated with.", - "title": "NamespaceName", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 bucket to which the policy applies.", + "title": "Bucket", "type": "string" }, - "Port": { - "markdownDescription": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.", - "title": "Port", - "type": "number" - }, - "PubliclyAccessible": { - "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security group IDs to associate with the workgroup.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs the workgroup is associated with.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The map of the key-value pairs used to tag the workgroup.", - "title": "Tags", - "type": "array" - }, - "WorkgroupName": { - "markdownDescription": "The name of the workgroup.", - "title": "WorkgroupName", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", + "title": "PolicyDocument", + "type": "object" } }, "required": [ - "WorkgroupName" + "Bucket", + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::RedshiftServerless::Workgroup" + "AWS::S3::BucketPolicy" ], "type": "string" }, @@ -228438,182 +279868,132 @@ ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup.ConfigParameter": { + "AWS::S3::MultiRegionAccessPoint": { "additionalProperties": false, "properties": { - "ParameterKey": { - "markdownDescription": "The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ParameterKey", + "Condition": { "type": "string" }, - "ParameterValue": { - "markdownDescription": "The value of the parameter to set.", - "title": "ParameterValue", - "type": "string" - } - }, - "type": "object" - }, - "AWS::RedshiftServerless::Workgroup.Endpoint": { - "additionalProperties": false, - "properties": { - "Address": { - "markdownDescription": "The DNS address of the VPC endpoint.", - "title": "Address", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port that Amazon Redshift Serverless listens on.", - "title": "Port", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "VpcEndpoints": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.VpcEndpoint" - }, - "markdownDescription": "An array of `VpcEndpoint` objects.", - "title": "VpcEndpoints", - "type": "array" - } - }, - "type": "object" - }, - "AWS::RedshiftServerless::Workgroup.NetworkInterface": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "markdownDescription": "The availability Zone.", - "title": "AvailabilityZone", - "type": "string" + "Metadata": { + "type": "object" }, - "NetworkInterfaceId": { - "markdownDescription": "The unique identifier of the network interface.", - "title": "NetworkInterfaceId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the Multi-Region Access Point.", + "title": "Name", + "type": "string" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers an object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", + "title": "PublicAccessBlockConfiguration" + }, + "Regions": { + "items": { + "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.Region" + }, + "markdownDescription": "A collection of the Regions and buckets associated with the Multi-Region Access Point.", + "title": "Regions", + "type": "array" + } + }, + "required": [ + "Regions" + ], + "type": "object" }, - "PrivateIpAddress": { - "markdownDescription": "The IPv4 address of the network interface within the subnet.", - "title": "PrivateIpAddress", + "Type": { + "enum": [ + "AWS::S3::MultiRegionAccessPoint" + ], "type": "string" }, - "SubnetId": { - "markdownDescription": "The unique identifier of the subnet.", - "title": "SubnetId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::RedshiftServerless::Workgroup.VpcEndpoint": { + "AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { - "NetworkInterfaces": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.NetworkInterface" - }, - "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", - "title": "NetworkInterfaces", - "type": "array" + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" }, - "VpcEndpointId": { - "markdownDescription": "The connection endpoint ID for connecting to Amazon Redshift Serverless.", - "title": "VpcEndpointId", - "type": "string" + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" }, - "VpcId": { - "markdownDescription": "The VPC identifier that the endpoint is associated with.", - "title": "VpcId", - "type": "string" + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" } }, "type": "object" }, - "AWS::RedshiftServerless::Workgroup.Workgroup": { + "AWS::S3::MultiRegionAccessPoint.Region": { "additionalProperties": false, "properties": { - "BaseCapacity": { - "markdownDescription": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).", - "title": "BaseCapacity", - "type": "number" - }, - "ConfigParameters": { - "items": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" - }, - "markdownDescription": "An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", - "title": "ConfigParameters", - "type": "array" - }, - "CreationDate": { - "markdownDescription": "The creation date of the workgroup.", - "title": "CreationDate", - "type": "string" - }, - "Endpoint": { - "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Endpoint", - "markdownDescription": "The endpoint that is created from the workgroup.", - "title": "Endpoint" - }, - "EnhancedVpcRouting": { - "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", - "title": "EnhancedVpcRouting", - "type": "boolean" - }, - "MaxCapacity": { - "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", - "title": "MaxCapacity", - "type": "number" - }, - "NamespaceName": { - "markdownDescription": "The namespace the workgroup is associated with.", - "title": "NamespaceName", - "type": "string" - }, - "PubliclyAccessible": { - "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of security group IDs to associate with the workgroup.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Status": { - "markdownDescription": "The status of the workgroup.", - "title": "Status", - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of subnet IDs the workgroup is associated with.", - "title": "SubnetIds", - "type": "array" - }, - "WorkgroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that links to the workgroup.", - "title": "WorkgroupArn", - "type": "string" - }, - "WorkgroupId": { - "markdownDescription": "The unique identifier of the workgroup.", - "title": "WorkgroupId", + "Bucket": { + "markdownDescription": "The name of the associated bucket for the Region.", + "title": "Bucket", "type": "string" }, - "WorkgroupName": { - "markdownDescription": "The name of the workgroup.", - "title": "WorkgroupName", + "BucketAccountId": { + "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.", + "title": "BucketAccountId", "type": "string" } }, + "required": [ + "Bucket" + ], "type": "object" }, - "AWS::RefactorSpaces::Application": { + "AWS::S3::MultiRegionAccessPointPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -228648,51 +280028,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ApiGatewayProxy": { - "$ref": "#/definitions/AWS::RefactorSpaces::Application.ApiGatewayProxyInput", - "markdownDescription": "The endpoint URL of the Amazon API Gateway proxy.", - "title": "ApiGatewayProxy" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the application.", - "title": "Name", - "type": "string" - }, - "ProxyType": { - "markdownDescription": "The proxy type of the proxy created within the application.", - "title": "ProxyType", + "MrapName": { + "markdownDescription": "The name of the Multi-Region Access Point.", + "title": "MrapName", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the application.", - "title": "Tags", - "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the virtual private cloud (VPC).", - "title": "VpcId", - "type": "string" + "Policy": { + "markdownDescription": "The access policy associated with the Multi-Region Access Point.", + "title": "Policy", + "type": "object" } }, "required": [ - "EnvironmentIdentifier", - "Name", - "ProxyType", - "VpcId" + "MrapName", + "Policy" ], "type": "object" }, "Type": { "enum": [ - "AWS::RefactorSpaces::Application" + "AWS::S3::MultiRegionAccessPointPolicy" ], "type": "string" }, @@ -228711,23 +280066,21 @@ ], "type": "object" }, - "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { + "AWS::S3::MultiRegionAccessPointPolicy.PolicyStatus": { "additionalProperties": false, "properties": { - "EndpointType": { - "markdownDescription": "The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default.\n\nIf the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) .", - "title": "EndpointType", - "type": "string" - }, - "StageName": { - "markdownDescription": "The name of the API Gateway stage. The name defaults to `prod` .", - "title": "StageName", + "IsPublic": { + "markdownDescription": "The policy status for this bucket. `TRUE` indicates that this bucket is public. `FALSE` indicates that the bucket is not public.", + "title": "IsPublic", "type": "string" } }, + "required": [ + "IsPublic" + ], "type": "object" }, - "AWS::RefactorSpaces::Environment": { + "AWS::S3::StorageLens": { "additionalProperties": false, "properties": { "Condition": { @@ -228762,39 +280115,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the environment.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment.", - "title": "Name", - "type": "string" - }, - "NetworkFabricType": { - "markdownDescription": "The network fabric type of the environment.", - "title": "NetworkFabricType", - "type": "string" + "StorageLensConfiguration": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensConfiguration", + "markdownDescription": "This resource contains the details Amazon S3 Storage Lens configuration.", + "title": "StorageLensConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the environment.", + "markdownDescription": "A set of tags (key\u2013value pairs) to associate with the Storage Lens configuration.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "NetworkFabricType" + "StorageLensConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::RefactorSpaces::Environment" + "AWS::S3::StorageLens" ], "type": "string" }, @@ -228813,7 +280155,394 @@ ], "type": "object" }, - "AWS::RefactorSpaces::Route": { + "AWS::S3::StorageLens.AccountLevel": { + "additionalProperties": false, + "properties": { + "ActivityMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", + "markdownDescription": "This property contains the details of account-level activity metrics for S3 Storage Lens.", + "title": "ActivityMetrics" + }, + "AdvancedCostOptimizationMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", + "markdownDescription": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.", + "title": "AdvancedCostOptimizationMetrics" + }, + "AdvancedDataProtectionMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", + "markdownDescription": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.", + "title": "AdvancedDataProtectionMetrics" + }, + "BucketLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketLevel", + "markdownDescription": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens. To enable bucket-level configurations, make sure to also set the same metrics at the account level.", + "title": "BucketLevel" + }, + "DetailedStatusCodesMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", + "markdownDescription": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens.", + "title": "DetailedStatusCodesMetrics" + }, + "StorageLensGroupLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", + "markdownDescription": "This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard.", + "title": "StorageLensGroupLevel" + } + }, + "required": [ + "BucketLevel" + ], + "type": "object" + }, + "AWS::S3::StorageLens.ActivityMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "A property that indicates whether the activity metrics is enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AdvancedCostOptimizationMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether advanced cost optimization metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AdvancedDataProtectionMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether advanced data protection metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.AwsOrg": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "This resource contains the ARN of the AWS Organization.", + "title": "Arn", + "type": "string" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::S3::StorageLens.BucketLevel": { + "additionalProperties": false, + "properties": { + "ActivityMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", + "markdownDescription": "A property for bucket-level activity metrics for S3 Storage Lens.", + "title": "ActivityMetrics" + }, + "AdvancedCostOptimizationMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", + "markdownDescription": "A property for bucket-level advanced cost optimization metrics for S3 Storage Lens.", + "title": "AdvancedCostOptimizationMetrics" + }, + "AdvancedDataProtectionMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", + "markdownDescription": "A property for bucket-level advanced data protection metrics for S3 Storage Lens.", + "title": "AdvancedDataProtectionMetrics" + }, + "DetailedStatusCodesMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", + "markdownDescription": "A property for bucket-level detailed status code metrics for S3 Storage Lens.", + "title": "DetailedStatusCodesMetrics" + }, + "PrefixLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevel", + "markdownDescription": "A property for bucket-level prefix-level storage metrics for S3 Storage Lens.", + "title": "PrefixLevel" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.BucketsAndRegions": { + "additionalProperties": false, + "properties": { + "Buckets": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* .", + "title": "Buckets", + "type": "array" + }, + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains the details of the Regions for the S3 Storage Lens configuration.", + "title": "Regions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.CloudWatchMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "This property identifies whether the CloudWatch publishing option for S3 Storage Lens is enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "required": [ + "IsEnabled" + ], + "type": "object" + }, + "AWS::S3::StorageLens.DataExport": { + "additionalProperties": false, + "properties": { + "CloudWatchMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.CloudWatchMetrics", + "markdownDescription": "This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics.", + "title": "CloudWatchMetrics" + }, + "S3BucketDestination": { + "$ref": "#/definitions/AWS::S3::StorageLens.S3BucketDestination", + "markdownDescription": "This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed.", + "title": "S3BucketDestination" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.DetailedStatusCodesMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "Indicates whether detailed status code metrics are enabled.", + "title": "IsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.Encryption": { + "additionalProperties": false, + "properties": { + "SSEKMS": { + "$ref": "#/definitions/AWS::S3::StorageLens.SSEKMS", + "markdownDescription": "Specifies the use of AWS Key Management Service keys (SSE-KMS) to encrypt the S3 Storage Lens metrics export file.", + "title": "SSEKMS" + }, + "SSES3": { + "markdownDescription": "Specifies the use of an Amazon S3-managed key (SSE-S3) to encrypt the S3 Storage Lens metrics export file.", + "title": "SSES3", + "type": "object" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.PrefixLevel": { + "additionalProperties": false, + "properties": { + "StorageMetrics": { + "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevelStorageMetrics", + "markdownDescription": "A property for the prefix-level storage metrics for Amazon S3 Storage Lens.", + "title": "StorageMetrics" + } + }, + "required": [ + "StorageMetrics" + ], + "type": "object" + }, + "AWS::S3::StorageLens.PrefixLevelStorageMetrics": { + "additionalProperties": false, + "properties": { + "IsEnabled": { + "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", + "title": "IsEnabled", + "type": "boolean" + }, + "SelectionCriteria": { + "$ref": "#/definitions/AWS::S3::StorageLens.SelectionCriteria", + "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", + "title": "SelectionCriteria" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.S3BucketDestination": { + "additionalProperties": false, + "properties": { + "AccountId": { + "markdownDescription": "This property contains the details of the AWS account ID of the S3 Storage Lens export bucket destination.", + "title": "AccountId", + "type": "string" + }, + "Arn": { + "markdownDescription": "This property contains the details of the ARN of the bucket destination of the S3 Storage Lens export.", + "title": "Arn", + "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/AWS::S3::StorageLens.Encryption", + "markdownDescription": "This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export.", + "title": "Encryption" + }, + "Format": { + "markdownDescription": "This property contains the details of the format of the S3 Storage Lens export bucket destination.", + "title": "Format", + "type": "string" + }, + "OutputSchemaVersion": { + "markdownDescription": "This property contains the details of the output schema version of the S3 Storage Lens export bucket destination.", + "title": "OutputSchemaVersion", + "type": "string" + }, + "Prefix": { + "markdownDescription": "This property contains the details of the prefix of the bucket destination of the S3 Storage Lens export .", + "title": "Prefix", + "type": "string" + } + }, + "required": [ + "AccountId", + "Arn", + "Format", + "OutputSchemaVersion" + ], + "type": "object" + }, + "AWS::S3::StorageLens.SSEKMS": { + "additionalProperties": false, + "properties": { + "KeyId": { + "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the customer managed AWS KMS key to use for encrypting the S3 Storage Lens metrics export file. Amazon S3 only supports symmetric encryption keys. For more information, see [Special-purpose keys](https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KeyId", + "type": "string" + } + }, + "required": [ + "KeyId" + ], + "type": "object" + }, + "AWS::S3::StorageLens.SelectionCriteria": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "markdownDescription": "This property contains the details of the S3 Storage Lens delimiter being used.", + "title": "Delimiter", + "type": "string" + }, + "MaxDepth": { + "markdownDescription": "This property contains the details of the max depth that S3 Storage Lens will collect metrics up to.", + "title": "MaxDepth", + "type": "number" + }, + "MinStorageBytesPercentage": { + "markdownDescription": "This property contains the details of the minimum storage bytes percentage threshold that S3 Storage Lens will collect metrics up to.", + "title": "MinStorageBytesPercentage", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.StorageLensConfiguration": { + "additionalProperties": false, + "properties": { + "AccountLevel": { + "$ref": "#/definitions/AWS::S3::StorageLens.AccountLevel", + "markdownDescription": "This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration.", + "title": "AccountLevel" + }, + "AwsOrg": { + "$ref": "#/definitions/AWS::S3::StorageLens.AwsOrg", + "markdownDescription": "This property contains the details of the AWS Organization for the S3 Storage Lens configuration.", + "title": "AwsOrg" + }, + "DataExport": { + "$ref": "#/definitions/AWS::S3::StorageLens.DataExport", + "markdownDescription": "This property contains the details of this S3 Storage Lens configuration's metrics export.", + "title": "DataExport" + }, + "Exclude": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", + "markdownDescription": "This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration.", + "title": "Exclude" + }, + "Id": { + "markdownDescription": "This property contains the details of the ID of the S3 Storage Lens configuration.", + "title": "Id", + "type": "string" + }, + "Include": { + "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", + "markdownDescription": "This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration.", + "title": "Include" + }, + "IsEnabled": { + "markdownDescription": "This property contains the details of whether the Amazon S3 Storage Lens configuration is enabled.", + "title": "IsEnabled", + "type": "boolean" + }, + "StorageLensArn": { + "markdownDescription": "This property contains the details of the ARN of the S3 Storage Lens configuration. This property is read-only.", + "title": "StorageLensArn", + "type": "string" + } + }, + "required": [ + "AccountLevel", + "Id", + "IsEnabled" + ], + "type": "object" + }, + "AWS::S3::StorageLens.StorageLensGroupLevel": { + "additionalProperties": false, + "properties": { + "StorageLensGroupSelectionCriteria": { + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", + "markdownDescription": "This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected.", + "title": "StorageLensGroupSelectionCriteria" + } + }, + "type": "object" + }, + "AWS::S3::StorageLens.StorageLensGroupSelectionCriteria": { + "additionalProperties": false, + "properties": { + "Exclude": { + "items": { + "type": "string" + }, + "markdownDescription": "This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation.", + "title": "Exclude", + "type": "array" + }, + "Include": { + "items": { + "type": "string" + }, + "markdownDescription": "This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation.", + "title": "Include", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -228848,56 +280577,34 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationIdentifier": { - "markdownDescription": "The unique identifier of the application.", - "title": "ApplicationIdentifier", - "type": "string" - }, - "DefaultRoute": { - "$ref": "#/definitions/AWS::RefactorSpaces::Route.DefaultRouteInput", - "markdownDescription": "Configuration for the default route type.", - "title": "DefaultRoute" - }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", - "type": "string" - }, - "RouteType": { - "markdownDescription": "The route type of the route.", - "title": "RouteType", - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.Filter", + "markdownDescription": "This property contains the criteria for the Storage Lens group data that is displayed", + "title": "Filter" }, - "ServiceIdentifier": { - "markdownDescription": "The unique identifier of the service.", - "title": "ServiceIdentifier", + "Name": { + "markdownDescription": "This property contains the Storage Lens group name.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags assigned to the route.", + "markdownDescription": "This property contains the AWS resource tags that you're adding to your Storage Lens group. This parameter is optional.", "title": "Tags", "type": "array" - }, - "UriPathRoute": { - "$ref": "#/definitions/AWS::RefactorSpaces::Route.UriPathRouteInput", - "markdownDescription": "The configuration for the URI path route type.", - "title": "UriPathRoute" } }, "required": [ - "ApplicationIdentifier", - "EnvironmentIdentifier", - "RouteType", - "ServiceIdentifier" + "Filter", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::RefactorSpaces::Route" + "AWS::S3::StorageLensGroup" ], "type": "string" }, @@ -228916,58 +280623,169 @@ ], "type": "object" }, - "AWS::RefactorSpaces::Route.DefaultRouteInput": { + "AWS::S3::StorageLensGroup.And": { "additionalProperties": false, "properties": { - "ActivationState": { - "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", - "title": "ActivationState", - "type": "string" + "MatchAnyPrefix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", + "type": "array" + }, + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" + }, + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" + }, + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days).", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" } }, - "required": [ - "ActivationState" - ], "type": "object" }, - "AWS::RefactorSpaces::Route.UriPathRouteInput": { + "AWS::S3::StorageLensGroup.Filter": { "additionalProperties": false, "properties": { - "ActivationState": { - "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", - "title": "ActivationState", - "type": "string" + "And": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.And", + "markdownDescription": "This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed.", + "title": "And" }, - "AppendSourcePath": { - "markdownDescription": "If set to `true` , this option appends the source path to the service URL endpoint.", - "title": "AppendSourcePath", - "type": "boolean" + "MatchAnyPrefix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", + "type": "array" }, - "IncludeChildPaths": { - "markdownDescription": "Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service.", - "title": "IncludeChildPaths", - "type": "boolean" + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" + }, + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" + }, + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days).", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" + }, + "Or": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.Or", + "markdownDescription": "This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed.", + "title": "Or" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.MatchObjectAge": { + "additionalProperties": false, + "properties": { + "DaysGreaterThan": { + "markdownDescription": "This property indicates the minimum object age in days.", + "title": "DaysGreaterThan", + "type": "number" + }, + "DaysLessThan": { + "markdownDescription": "This property indicates the maximum object age in days.", + "title": "DaysLessThan", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.MatchObjectSize": { + "additionalProperties": false, + "properties": { + "BytesGreaterThan": { + "markdownDescription": "This property specifies the minimum object size in bytes. The value must be a positive number, greater than 0 and less than 5 TB.", + "title": "BytesGreaterThan", + "type": "number" }, - "Methods": { + "BytesLessThan": { + "markdownDescription": "This property specifies the maximum object size in bytes. The value must be a positive number, greater than the minimum object size and less than 5 TB.", + "title": "BytesLessThan", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3::StorageLensGroup.Or": { + "additionalProperties": false, + "properties": { + "MatchAnyPrefix": { "items": { "type": "string" }, - "markdownDescription": "A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route\u2019s service.", - "title": "Methods", + "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", + "title": "MatchAnyPrefix", "type": "array" }, - "SourcePath": { - "markdownDescription": "This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'.", - "title": "SourcePath", - "type": "string" + "MatchAnySuffix": { + "items": { + "type": "string" + }, + "markdownDescription": "This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", + "title": "MatchAnySuffix", + "type": "array" + }, + "MatchAnyTag": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", + "title": "MatchAnyTag", + "type": "array" + }, + "MatchObjectAge": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", + "markdownDescription": "This property filters objects that match the specified object age range.", + "title": "MatchObjectAge" + }, + "MatchObjectSize": { + "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", + "markdownDescription": "This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes).", + "title": "MatchObjectSize" } }, - "required": [ - "ActivationState" - ], "type": "object" }, - "AWS::RefactorSpaces::Service": { + "AWS::S3Express::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -229002,66 +280820,50 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationIdentifier": { - "markdownDescription": "The unique identifier of the application.", - "title": "ApplicationIdentifier", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of the service.", - "title": "Description", - "type": "string" - }, - "EndpointType": { - "markdownDescription": "The endpoint type of the service.", - "title": "EndpointType", + "Bucket": { + "markdownDescription": "The name of the bucket that you want to associate the access point with.", + "title": "Bucket", "type": "string" }, - "EnvironmentIdentifier": { - "markdownDescription": "The unique identifier of the environment.", - "title": "EnvironmentIdentifier", + "BucketAccountId": { + "markdownDescription": "The AWS account ID that owns the bucket associated with this access point.", + "title": "BucketAccountId", "type": "string" }, - "LambdaEndpoint": { - "$ref": "#/definitions/AWS::RefactorSpaces::Service.LambdaEndpointInput", - "markdownDescription": "A summary of the configuration for the AWS Lambda endpoint type.", - "title": "LambdaEndpoint" - }, "Name": { - "markdownDescription": "The name of the service.", + "markdownDescription": "An access point name consists of a base name you provide, followed by the zoneID ( AWS Local Zone) followed by the prefix `--xa-s3` . For example, accesspointname--zoneID--xa-s3.", "title": "Name", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags assigned to the service.", - "title": "Tags", - "type": "array" + "Policy": { + "markdownDescription": "The access point policy associated with the specified access point.", + "title": "Policy", + "type": "object" }, - "UrlEndpoint": { - "$ref": "#/definitions/AWS::RefactorSpaces::Service.UrlEndpointInput", - "markdownDescription": "The summary of the configuration for the URL endpoint type.", - "title": "UrlEndpoint" + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/AWS::S3Express::AccessPoint.PublicAccessBlockConfiguration", + "markdownDescription": "Public access is blocked by default to access points for directory buckets.", + "title": "PublicAccessBlockConfiguration" }, - "VpcId": { - "markdownDescription": "The ID of the virtual private cloud (VPC).", - "title": "VpcId", - "type": "string" + "Scope": { + "$ref": "#/definitions/AWS::S3Express::AccessPoint.Scope", + "markdownDescription": "You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.\n\nFor more information, see [Manage the scope of your access points for directory buckets.](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets-manage-scope.html)", + "title": "Scope" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3Express::AccessPoint.VpcConfiguration", + "markdownDescription": "If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).", + "title": "VpcConfiguration" } }, "required": [ - "ApplicationIdentifier", - "EndpointType", - "EnvironmentIdentifier", - "Name" + "Bucket" ], "type": "object" }, "Type": { "enum": [ - "AWS::RefactorSpaces::Service" + "AWS::S3Express::AccessPoint" ], "type": "string" }, @@ -229080,40 +280882,66 @@ ], "type": "object" }, - "AWS::RefactorSpaces::Service.LambdaEndpointInput": { + "AWS::S3Express::AccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function or alias.", - "title": "Arn", - "type": "string" + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "title": "RestrictPublicBuckets", + "type": "boolean" } }, - "required": [ - "Arn" - ], "type": "object" }, - "AWS::RefactorSpaces::Service.UrlEndpointInput": { + "AWS::S3Express::AccessPoint.Scope": { "additionalProperties": false, "properties": { - "HealthUrl": { - "markdownDescription": "The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL.", - "title": "HealthUrl", - "type": "string" + "Permissions": { + "items": { + "type": "string" + }, + "markdownDescription": "You can include one or more API operations as permissions.", + "title": "Permissions", + "type": "array" }, - "Url": { - "markdownDescription": "The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) .", - "title": "Url", + "Prefixes": { + "items": { + "type": "string" + }, + "markdownDescription": "You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.", + "title": "Prefixes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::S3Express::AccessPoint.VpcConfiguration": { + "additionalProperties": false, + "properties": { + "VpcId": { + "markdownDescription": "If this field is specified, this access point will only allow connections from the specified VPC ID.", + "title": "VpcId", "type": "string" } }, - "required": [ - "Url" - ], "type": "object" }, - "AWS::Rekognition::Collection": { + "AWS::S3Express::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -229148,28 +280976,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "ID for the collection that you are creating.", - "title": "CollectionId", + "Bucket": { + "markdownDescription": "The name of the S3 directory bucket to which the policy applies.", + "title": "Bucket", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the collection.", - "title": "Tags", - "type": "array" + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Policies and Permissions in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", + "title": "PolicyDocument", + "type": "object" } }, "required": [ - "CollectionId" + "Bucket", + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::Rekognition::Collection" + "AWS::S3Express::BucketPolicy" ], "type": "string" }, @@ -229188,7 +281014,7 @@ ], "type": "object" }, - "AWS::Rekognition::Project": { + "AWS::S3Express::DirectoryBucket": { "additionalProperties": false, "properties": { "Condition": { @@ -229223,20 +281049,49 @@ "Properties": { "additionalProperties": false, "properties": { - "ProjectName": { - "markdownDescription": "The name of the project to create.", - "title": "ProjectName", + "BucketEncryption": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.BucketEncryption", + "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). For information about default encryption for directory buckets, see [Setting and monitoring default encryption for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html) in the *Amazon S3 User Guide* .", + "title": "BucketEncryption" + }, + "BucketName": { + "markdownDescription": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Zone (Availability Zone or Local Zone). The bucket name must also follow the format `*bucket_base_name* -- *zone_id* --x-s3` (for example, `*bucket_base_name* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", + "type": "string" + }, + "DataRedundancy": { + "markdownDescription": "The number of Zone (Availability Zone or Local Zone) that's used for redundancy for the bucket.", + "title": "DataRedundancy", + "type": "string" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.LifecycleConfiguration", + "markdownDescription": "Container for lifecycle rules. You can add as many as 1000 rules.\n\nFor more information see, [Creating and managing a lifecycle configuration for directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-lifecycle.html ) in the *Amazon S3 User Guide* .", + "title": "LifecycleConfiguration" + }, + "LocationName": { + "markdownDescription": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` .", + "title": "LocationName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tags that you can apply to the S3 directory bucket. Tags are key-value pairs of metadata used to categorize and organize your buckets, track costs, and control access. For more information, see [Using tags with directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "ProjectName" + "DataRedundancy", + "LocationName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Rekognition::Project" + "AWS::S3Express::DirectoryBucket" ], "type": "string" }, @@ -229255,7 +281110,134 @@ ], "type": "object" }, - "AWS::Rekognition::StreamProcessor": { + "AWS::S3Express::DirectoryBucket.AbortIncompleteMultipartUpload": { + "additionalProperties": false, + "properties": { + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.", + "title": "DaysAfterInitiation", + "type": "number" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.BucketEncryption": { + "additionalProperties": false, + "properties": { + "ServerSideEncryptionConfiguration": { + "items": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.ServerSideEncryptionRule" + }, + "markdownDescription": "Specifies the default server-side-encryption configuration.", + "title": "ServerSideEncryptionConfiguration", + "type": "array" + } + }, + "required": [ + "ServerSideEncryptionConfiguration" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.Rule" + }, + "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 Express bucket.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.Rule": { + "additionalProperties": false, + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.AbortIncompleteMultipartUpload", + "markdownDescription": "Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.", + "title": "AbortIncompleteMultipartUpload" + }, + "ExpirationInDays": { + "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", + "title": "ExpirationInDays", + "type": "number" + }, + "Id": { + "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", + "title": "Id", + "type": "string" + }, + "ObjectSizeGreaterThan": { + "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeGreaterThan", + "type": "string" + }, + "ObjectSizeLessThan": { + "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", + "title": "ObjectSizeLessThan", + "type": "string" + }, + "Prefix": { + "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", + "title": "Prefix", + "type": "string" + }, + "Status": { + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.ServerSideEncryptionByDefault": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyID": { + "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if `SSEAlgorithm` is set to `aws:kms` .\n\nYou can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key. You can\u2019t use the key alias of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html#s3-express-bucket-encryption-update-bucket-policy) .\n\n> Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket for the lifetime of the bucket. [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) ( `aws/s3` ) isn't supported. Also, after you specify a customer managed key for SSE-KMS and upload objects with this configuration, you can't override the customer managed key for your SSE-KMS configuration. To use a new customer manager key for your data, we recommend copying your existing objects to a new directory bucket with a new customer managed key. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KMSMasterKeyID", + "type": "string" + }, + "SSEAlgorithm": { + "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", + "title": "SSEAlgorithm", + "type": "string" + } + }, + "required": [ + "SSEAlgorithm" + ], + "type": "object" + }, + "AWS::S3Express::DirectoryBucket.ServerSideEncryptionRule": { + "additionalProperties": false, + "properties": { + "BucketKeyEnabled": { + "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. S3 Bucket Keys are always enabled for `GET` and `PUT` operations on a directory bucket and can\u2019t be disabled. It's only allowed to set the `BucketKeyEnabled` element to `true` .\n\nS3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through [CopyObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) , [UploadPartCopy](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) , [the Copy operation in Batch Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops) , or [the import jobs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job) . In this case, Amazon S3 makes a call to AWS KMS every time a copy request is made for a KMS-encrypted object.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-UsingKMSEncryption.html#s3-express-sse-kms-bucket-keys) in the *Amazon S3 User Guide* .", + "title": "BucketKeyEnabled", + "type": "boolean" + }, + "ServerSideEncryptionByDefault": { + "$ref": "#/definitions/AWS::S3Express::DirectoryBucket.ServerSideEncryptionByDefault", + "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", + "title": "ServerSideEncryptionByDefault" + } + }, + "type": "object" + }, + "AWS::S3ObjectLambda::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -229290,87 +281272,25 @@ "Properties": { "additionalProperties": false, "properties": { - "BoundingBoxRegionsOfInterest": { - "items": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.BoundingBox" - }, - "markdownDescription": "List of BoundingBox objects, each of which denotes a region of interest on screen. For more information, see the BoundingBox field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", - "title": "BoundingBoxRegionsOfInterest", - "type": "array" - }, - "ConnectedHomeSettings": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.ConnectedHomeSettings", - "markdownDescription": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) .", - "title": "ConnectedHomeSettings" - }, - "DataSharingPreference": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.DataSharingPreference", - "markdownDescription": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) .", - "title": "DataSharingPreference" - }, - "FaceSearchSettings": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.FaceSearchSettings", - "markdownDescription": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) .", - "title": "FaceSearchSettings" - }, - "KinesisDataStream": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisDataStream", - "markdownDescription": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) .", - "title": "KinesisDataStream" - }, - "KinesisVideoStream": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisVideoStream", - "markdownDescription": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) .", - "title": "KinesisVideoStream" - }, - "KmsKeyId": { - "markdownDescription": "The identifier for your Amazon Key Management Service key (Amazon KMS key). Optional parameter for connected home stream processors used to encrypt results and data published to your Amazon S3 bucket. For more information, see the KMSKeyId section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", - "title": "KmsKeyId", - "type": "string" - }, "Name": { - "markdownDescription": "The Name attribute specifies the name of the stream processor and it must be within the constraints described in the Name section of [StreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessor) . If you don't specify a name, Amazon CloudFormation generates a unique ID and uses that ID for the stream processor name.", + "markdownDescription": "The name of this access point.", "title": "Name", "type": "string" }, - "NotificationChannel": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.NotificationChannel", - "markdownDescription": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) .", - "title": "NotificationChannel" - }, - "PolygonRegionsOfInterest": { - "markdownDescription": "A set of ordered lists of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. Each entry of the set contains a polygon denoting a region of interest on the screen. Each polygon is an ordered list of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. For more information, see the Polygon field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", - "title": "PolygonRegionsOfInterest", - "type": "object" - }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions to the Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a connected home stream processor. This is required for both face search and connected home stream processors. For information about constraints, see the RoleArn section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", - "title": "RoleArn", - "type": "string" - }, - "S3Destination": { - "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.S3Destination", - "markdownDescription": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) .", - "title": "S3Destination" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the stream processor. For more information, see the Tags section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", - "title": "Tags", - "type": "array" + "ObjectLambdaConfiguration": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration", + "markdownDescription": "A configuration used when creating an Object Lambda Access Point.", + "title": "ObjectLambdaConfiguration" } }, "required": [ - "KinesisVideoStream", - "RoleArn" + "ObjectLambdaConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Rekognition::StreamProcessor" + "AWS::S3ObjectLambda::AccessPoint" ], "type": "string" }, @@ -229389,155 +281309,144 @@ ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.BoundingBox": { - "additionalProperties": false, - "properties": { - "Height": { - "markdownDescription": "Height of the bounding box as a ratio of the overall image height.", - "title": "Height", - "type": "number" - }, - "Left": { - "markdownDescription": "Left coordinate of the bounding box as a ratio of overall image width.", - "title": "Left", - "type": "number" - }, - "Top": { - "markdownDescription": "Top coordinate of the bounding box as a ratio of overall image height.", - "title": "Top", - "type": "number" - }, - "Width": { - "markdownDescription": "Width of the bounding box as a ratio of the overall image width.", - "title": "Width", - "type": "number" - } - }, - "required": [ - "Height", - "Left", - "Top", - "Width" - ], - "type": "object" - }, - "AWS::Rekognition::StreamProcessor.ConnectedHomeSettings": { + "AWS::S3ObjectLambda::AccessPoint.Alias": { "additionalProperties": false, "properties": { - "Labels": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: \"PERSON\", \"PET\", \"PACKAGE\", and \"ALL\".", - "title": "Labels", - "type": "array" + "Status": { + "markdownDescription": "The status of the Object Lambda Access Point alias. If the status is `PROVISIONING` , the Object Lambda Access Point is provisioning the alias and the alias is not ready for use yet. If the status is `READY` , the Object Lambda Access Point alias is successfully provisioned and ready for use.", + "title": "Status", + "type": "string" }, - "MinConfidence": { - "markdownDescription": "The minimum confidence required to label an object in the video.", - "title": "MinConfidence", - "type": "number" - } - }, - "required": [ - "Labels" - ], - "type": "object" - }, - "AWS::Rekognition::StreamProcessor.DataSharingPreference": { - "additionalProperties": false, - "properties": { - "OptIn": { - "markdownDescription": "Describes the opt-in status applied to a stream processor's data sharing policy.", - "title": "OptIn", - "type": "boolean" + "Value": { + "markdownDescription": "The alias value of the Object Lambda Access Point.", + "title": "Value", + "type": "string" } }, "required": [ - "OptIn" + "Value" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.FaceSearchSettings": { + "AWS::S3ObjectLambda::AccessPoint.AwsLambda": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "The ID of a collection that contains faces that you want to search for.", - "title": "CollectionId", + "FunctionArn": { + "markdownDescription": "", + "title": "FunctionArn", "type": "string" }, - "FaceMatchThreshold": { - "markdownDescription": "Minimum face match confidence score that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted, and values lower than 80 are set to 80.", - "title": "FaceMatchThreshold", - "type": "number" + "FunctionPayload": { + "markdownDescription": "", + "title": "FunctionPayload", + "type": "string" } }, "required": [ - "CollectionId" + "FunctionArn" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.KinesisDataStream": { + "AWS::S3ObjectLambda::AccessPoint.ContentTransformation": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "ARN of the output Amazon Kinesis Data Streams stream.", - "title": "Arn", - "type": "string" + "AwsLambda": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.AwsLambda", + "markdownDescription": "", + "title": "AwsLambda" } }, "required": [ - "Arn" + "AwsLambda" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.KinesisVideoStream": { + "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "ARN of the Kinesis video stream stream that streams the source video.", - "title": "Arn", + "AllowedFeatures": { + "items": { + "type": "string" + }, + "markdownDescription": "A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` .", + "title": "AllowedFeatures", + "type": "array" + }, + "CloudWatchMetricsEnabled": { + "markdownDescription": "A container for whether the CloudWatch metrics configuration is enabled.", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" + }, + "SupportingAccessPoint": { + "markdownDescription": "Standard access point associated with the Object Lambda Access Point.", + "title": "SupportingAccessPoint", "type": "string" + }, + "TransformationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration" + }, + "markdownDescription": "A container for transformation configurations for an Object Lambda Access Point.", + "title": "TransformationConfigurations", + "type": "array" } }, "required": [ - "Arn" + "SupportingAccessPoint", + "TransformationConfigurations" ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.NotificationChannel": { + "AWS::S3ObjectLambda::AccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The ARN of the SNS topic that receives notifications.", - "title": "Arn", - "type": "string" + "BlockPublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:\n\n- `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "BlockPublicAcls", + "type": "boolean" + }, + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "IgnorePublicAcls": { + "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "IgnorePublicAcls", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.\n\nThis property is not supported for Amazon S3 on Outposts.", + "title": "RestrictPublicBuckets", + "type": "boolean" } }, - "required": [ - "Arn" - ], "type": "object" }, - "AWS::Rekognition::StreamProcessor.S3Destination": { + "AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) bucket name of a stream processor's exports.", - "title": "BucketName", - "type": "string" + "Actions": { + "items": { + "type": "string" + }, + "markdownDescription": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` .", + "title": "Actions", + "type": "array" }, - "ObjectKeyPrefix": { - "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) object keys of a stream processor's exports.", - "title": "ObjectKeyPrefix", - "type": "string" + "ContentTransformation": { + "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ContentTransformation", + "markdownDescription": "A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* .", + "title": "ContentTransformation" } }, "required": [ - "BucketName" + "Actions", + "ContentTransformation" ], "type": "object" }, - "AWS::ResilienceHub::App": { + "AWS::S3ObjectLambda::AccessPointPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -229572,74 +281481,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AppAssessmentSchedule": { - "markdownDescription": "Assessment execution schedule with 'Daily' or 'Disabled' values.", - "title": "AppAssessmentSchedule", - "type": "string" - }, - "AppTemplateBody": { - "markdownDescription": "A JSON string that provides information about your application structure. To learn more about the `appTemplateBody` template, see the sample template in [Sample appTemplateBody template](https://docs.aws.amazon.com//resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html#API_PutDraftAppVersionTemplate_Examples) .\n\nThe `appTemplateBody` JSON string has the following structure:\n\n- *`resources`*\n\nThe list of logical resources that needs to be included in the AWS Resilience Hub application.\n\nType: Array\n\n> Don't add the resources that you want to exclude. \n\nEach `resources` array item includes the following fields:\n\n- *`logicalResourceId`*\n\nThe logical identifier of the resource.\n\nType: Object\n\nEach `logicalResourceId` object includes the following fields:\n\n- `identifier`\n\nIdentifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`type`*\n\nThe type of resource.\n\nType: string\n- *`name`*\n\nName of the resource.\n\nType: String\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`appComponents`*\n\nThe list of Application Components (AppComponent) that this resource belongs to. If an AppComponent is not part of the AWS Resilience Hub application, it will be added.\n\nType: Array\n\nEach `appComponents` array item includes the following fields:\n\n- `name`\n\nName of the AppComponent.\n\nType: String\n- `type`\n\nThe type of AppComponent. For more information about the types of AppComponent, see [Grouping resources in an AppComponent](https://docs.aws.amazon.com/resilience-hub/latest/userguide/AppComponent.grouping.html) .\n\nType: String\n- `resourceNames`\n\nThe list of included resources that are assigned to the AppComponent.\n\nType: Array of strings\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`excludedResources`*\n\nThe list of logical resource identifiers to be excluded from the application.\n\nType: Array\n\n> Don't add the resources that you want to include. \n\nEach `excludedResources` array item includes the following fields:\n\n- *`logicalResourceIds`*\n\nThe logical identifier of the resource.\n\nType: Object\n\n> You can configure only one of the following fields:\n> \n> - `logicalStackName`\n> - `resourceGroupName`\n> - `terraformSourceName`\n> - `eksSourceName` \n\nEach `logicalResourceIds` object includes the following fields:\n\n- `identifier`\n\nThe identifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`version`*\n\nThe AWS Resilience Hub application version.\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`", - "title": "AppTemplateBody", - "type": "string" - }, - "Description": { - "markdownDescription": "Optional description for an application.", - "title": "Description", - "type": "string" - }, - "EventSubscriptions": { - "items": { - "$ref": "#/definitions/AWS::ResilienceHub::App.EventSubscription" - }, - "markdownDescription": "The list of events you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* and *Scheduled assessment failure* events.", - "title": "EventSubscriptions", - "type": "array" - }, - "Name": { - "markdownDescription": "Name for the application.", - "title": "Name", - "type": "string" - }, - "PermissionModel": { - "$ref": "#/definitions/AWS::ResilienceHub::App.PermissionModel", - "markdownDescription": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.", - "title": "PermissionModel" - }, - "ResiliencyPolicyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resiliency policy.", - "title": "ResiliencyPolicyArn", + "ObjectLambdaAccessPoint": { + "markdownDescription": "An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.", + "title": "ObjectLambdaAccessPoint", "type": "string" }, - "ResourceMappings": { - "items": { - "$ref": "#/definitions/AWS::ResilienceHub::App.ResourceMapping" - }, - "markdownDescription": "An array of `ResourceMapping` objects.", - "title": "ResourceMappings", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", + "PolicyDocument": { + "markdownDescription": "Object Lambda Access Point resource policy document.", + "title": "PolicyDocument", "type": "object" } }, "required": [ - "AppTemplateBody", - "Name", - "ResourceMappings" + "ObjectLambdaAccessPoint", + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResilienceHub::App" + "AWS::S3ObjectLambda::AccessPointPolicy" ], "type": "string" }, @@ -229658,129 +281519,102 @@ ], "type": "object" }, - "AWS::ResilienceHub::App.EventSubscription": { + "AWS::S3Outposts::AccessPoint": { "additionalProperties": false, "properties": { - "EventType": { - "markdownDescription": "The type of event you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* ( `DriftDetected` ) and *Scheduled assessment failure* ( `ScheduledAssessmentFailure` ) events.", - "title": "EventType", - "type": "string" - }, - "Name": { - "markdownDescription": "Unique name to identify an event subscription.", - "title": "Name", + "Condition": { "type": "string" }, - "SnsTopicArn": { - "markdownDescription": "Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. The format for this ARN is: `arn:partition:sns:region:account:topic-name` . For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* guide.", - "title": "SnsTopicArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "EventType", - "Name" - ], - "type": "object" - }, - "AWS::ResilienceHub::App.PermissionModel": { - "additionalProperties": false, - "properties": { - "CrossAccountRoleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.\n\n> - These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.\n> - These roles must have a trust policy with `iam:AssumeRole` permission to the invoker role in the primary account.", - "title": "CrossAccountRoleArns", - "type": "array" }, - "InvokerRoleName": { - "markdownDescription": "Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.\n\nIf your IAM role includes a path, you must include the path in the `invokerRoleName` parameter. For example, if your IAM role's ARN is `arn:aws:iam:123456789012:role/my-path/role-name` , you should pass `my-path/role-name` .\n\n> - You must have `iam:passRole` permission for this role while creating or updating the application.\n> - Currently, `invokerRoleName` accepts only `[A-Za-z0-9_+=,.@-]` characters.", - "title": "InvokerRoleName", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Type": { - "markdownDescription": "Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ResilienceHub::App.PhysicalResourceId": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "markdownDescription": "The AWS account that owns the physical resource.", - "title": "AwsAccountId", - "type": "string" + "Metadata": { + "type": "object" }, - "AwsRegion": { - "markdownDescription": "The AWS Region that the physical resource is located in.", - "title": "AwsRegion", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The Amazon Resource Name (ARN) of the S3 on Outposts bucket that is associated with this access point.", + "title": "Bucket", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of this access point.", + "title": "Name", + "type": "string" + }, + "Policy": { + "markdownDescription": "The access point policy associated with this access point.", + "title": "Policy", + "type": "object" + }, + "VpcConfiguration": { + "$ref": "#/definitions/AWS::S3Outposts::AccessPoint.VpcConfiguration", + "markdownDescription": "The virtual private cloud (VPC) configuration for this access point, if one exists.", + "title": "VpcConfiguration" + } + }, + "required": [ + "Bucket", + "Name", + "VpcConfiguration" + ], + "type": "object" }, - "Identifier": { - "markdownDescription": "Identifier of the physical resource.", - "title": "Identifier", + "Type": { + "enum": [ + "AWS::S3Outposts::AccessPoint" + ], "type": "string" }, - "Type": { - "markdownDescription": "Specifies the type of physical resource identifier.\n\n- **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:\n\n- `AWS::ECS::Service`\n- `AWS::EFS::FileSystem`\n- `AWS::ElasticLoadBalancingV2::LoadBalancer`\n- `AWS::Lambda::Function`\n- `AWS::SNS::Topic`\n- **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:\n\n- `AWS::ApiGateway::RestApi`\n- `AWS::ApiGatewayV2::Api`\n- `AWS::AutoScaling::AutoScalingGroup`\n- `AWS::DocDB::DBCluster`\n- `AWS::DocDB::DBGlobalCluster`\n- `AWS::DocDB::DBInstance`\n- `AWS::DynamoDB::GlobalTable`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::EC2Fleet`\n- `AWS::EC2::Instance`\n- `AWS::EC2::NatGateway`\n- `AWS::EC2::Volume`\n- `AWS::ElasticLoadBalancing::LoadBalancer`\n- `AWS::RDS::DBCluster`\n- `AWS::RDS::DBInstance`\n- `AWS::RDS::GlobalCluster`\n- `AWS::Route53::RecordSet`\n- `AWS::S3::Bucket`\n- `AWS::SQS::Queue`", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Identifier", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ResilienceHub::App.ResourceMapping": { + "AWS::S3Outposts::AccessPoint.VpcConfiguration": { "additionalProperties": false, "properties": { - "EksSourceName": { - "markdownDescription": "Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` .\n\n> This parameter accepts values in \"eks-cluster/namespace\" format.", - "title": "EksSourceName", - "type": "string" - }, - "LogicalStackName": { - "markdownDescription": "Name of the AWS CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` .", - "title": "LogicalStackName", - "type": "string" - }, - "MappingType": { - "markdownDescription": "Specifies the type of resource mapping.", - "title": "MappingType", - "type": "string" - }, - "PhysicalResourceId": { - "$ref": "#/definitions/AWS::ResilienceHub::App.PhysicalResourceId", - "markdownDescription": "Identifier of the physical resource.", - "title": "PhysicalResourceId" - }, - "ResourceName": { - "markdownDescription": "Name of the resource that this resource is mapped to when the `mappingType` is `Resource` .", - "title": "ResourceName", - "type": "string" - }, - "TerraformSourceName": { - "markdownDescription": "Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` .", - "title": "TerraformSourceName", + "VpcId": { + "markdownDescription": "", + "title": "VpcId", "type": "string" } }, - "required": [ - "MappingType", - "PhysicalResourceId" - ], "type": "object" }, - "AWS::ResilienceHub::ResiliencyPolicy": { + "AWS::S3Outposts::Bucket": { "additionalProperties": false, "properties": { "Condition": { @@ -229815,53 +281649,39 @@ "Properties": { "additionalProperties": false, "properties": { - "DataLocationConstraint": { - "markdownDescription": "Specifies a high-level geographical location constraint for where your resilience policy data can be stored.", - "title": "DataLocationConstraint", + "BucketName": { + "markdownDescription": "A name for the S3 on Outposts bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html) . For more information, see [Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "title": "BucketName", "type": "string" }, - "Policy": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.PolicyMap", - "markdownDescription": "The resiliency policy.", - "title": "Policy" - }, - "PolicyDescription": { - "markdownDescription": "Description of the resiliency policy.", - "title": "PolicyDescription", - "type": "string" + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.LifecycleConfiguration", + "markdownDescription": "Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.", + "title": "LifecycleConfiguration" }, - "PolicyName": { - "markdownDescription": "The name of the policy", - "title": "PolicyName", + "OutpostId": { + "markdownDescription": "The ID of the Outpost of the specified bucket.", + "title": "OutpostId", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) .\n\nUse tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) .\n\n> Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [Using cost allocation and bucket tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html) . \n\nTo use this resource, you must have permissions to perform the `s3-outposts:PutBucketTagging` . The S3 on Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) .", "title": "Tags", - "type": "object" - }, - "Tier": { - "markdownDescription": "The tier for this resiliency policy, ranging from the highest severity ( `MissionCritical` ) to lowest ( `NonCritical` ).", - "title": "Tier", - "type": "string" + "type": "array" } }, "required": [ - "Policy", - "PolicyName", - "Tier" + "BucketName", + "OutpostId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResilienceHub::ResiliencyPolicy" + "AWS::S3Outposts::Bucket" ], "type": "string" }, @@ -229880,58 +281700,140 @@ ], "type": "object" }, - "AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy": { + "AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload": { "additionalProperties": false, "properties": { - "RpoInSecs": { - "markdownDescription": "Recovery Point Objective (RPO) in seconds.", - "title": "RpoInSecs", - "type": "number" - }, - "RtoInSecs": { - "markdownDescription": "Recovery Time Objective (RTO) in seconds.", - "title": "RtoInSecs", + "DaysAfterInitiation": { + "markdownDescription": "Specifies the number of days after initiation that Amazon S3 on Outposts aborts an incomplete multipart upload.", + "title": "DaysAfterInitiation", "type": "number" } }, "required": [ - "RpoInSecs", - "RtoInSecs" + "DaysAfterInitiation" ], "type": "object" }, - "AWS::ResilienceHub::ResiliencyPolicy.PolicyMap": { + "AWS::S3Outposts::Bucket.Filter": { "additionalProperties": false, "properties": { - "AZ": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for Availability Zone disruption.", - "title": "AZ" + "AndOperator": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterAndOperator", + "markdownDescription": "", + "title": "AndOperator" }, - "Hardware": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for hardware disruption.", - "title": "Hardware" + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" }, - "Region": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for Regional disruption.", - "title": "Region" + "Tag": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag", + "markdownDescription": "", + "title": "Tag" + } + }, + "type": "object" + }, + "AWS::S3Outposts::Bucket.FilterAndOperator": { + "additionalProperties": false, + "properties": { + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" }, - "Software": { - "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", - "markdownDescription": "Defines the RTO and RPO targets for software disruption.", - "title": "Software" + "Tags": { + "items": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ - "AZ", - "Hardware", - "Software" + "Tags" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.FilterTag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "items": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.Rule" + }, + "markdownDescription": "The container for the lifecycle configuration rules for the objects stored in the S3 on Outposts bucket.", + "title": "Rules", + "type": "array" + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "AWS::S3Outposts::Bucket.Rule": { + "additionalProperties": false, + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload", + "markdownDescription": "The container for the abort incomplete multipart upload rule.", + "title": "AbortIncompleteMultipartUpload" + }, + "ExpirationDate": { + "markdownDescription": "Specifies the expiration for the lifecycle of the object by specifying an expiry date.", + "title": "ExpirationDate", + "type": "string" + }, + "ExpirationInDays": { + "markdownDescription": "Specifies the expiration for the lifecycle of the object in the form of days that the object has been in the S3 on Outposts bucket.", + "title": "ExpirationInDays", + "type": "number" + }, + "Filter": { + "$ref": "#/definitions/AWS::S3Outposts::Bucket.Filter", + "markdownDescription": "The container for the filter of the lifecycle rule.", + "title": "Filter" + }, + "Id": { + "markdownDescription": "", + "title": "Id", + "type": "string" + }, + "Status": { + "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" ], "type": "object" }, - "AWS::ResourceExplorer2::DefaultViewAssociation": { + "AWS::S3Outposts::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -229966,20 +281868,26 @@ "Properties": { "additionalProperties": false, "properties": { - "ViewArn": { - "markdownDescription": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region.", - "title": "ViewArn", + "Bucket": { + "markdownDescription": "The name of the Amazon S3 Outposts bucket to which the policy applies.", + "title": "Bucket", "type": "string" + }, + "PolicyDocument": { + "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .", + "title": "PolicyDocument", + "type": "object" } }, "required": [ - "ViewArn" + "Bucket", + "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResourceExplorer2::DefaultViewAssociation" + "AWS::S3Outposts::BucketPolicy" ], "type": "string" }, @@ -229998,7 +281906,7 @@ ], "type": "object" }, - "AWS::ResourceExplorer2::Index": { + "AWS::S3Outposts::Endpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -230033,31 +281941,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Tags": { - "additionalProperties": true, - "markdownDescription": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "AccessType": { + "markdownDescription": "The container for the type of connectivity used to access the Amazon S3 on Outposts endpoint. To use the Amazon VPC , choose `Private` . To use the endpoint with an on-premises network, choose `CustomerOwnedIp` . If you choose `CustomerOwnedIp` , you must also provide the customer-owned IP address pool (CoIP pool).\n\n> `Private` is the default access type value.", + "title": "AccessType", + "type": "string" }, - "Type": { - "markdownDescription": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* .", - "title": "Type", + "CustomerOwnedIpv4Pool": { + "markdownDescription": "The ID of the customer-owned IPv4 address pool (CoIP pool) for the endpoint. IP addresses are allocated from this pool for the endpoint.", + "title": "CustomerOwnedIpv4Pool", + "type": "string" + }, + "FailedReason": { + "$ref": "#/definitions/AWS::S3Outposts::Endpoint.FailedReason", + "markdownDescription": "The failure reason, if any, for a create or delete endpoint operation.", + "title": "FailedReason" + }, + "OutpostId": { + "markdownDescription": "The ID of the Outpost.", + "title": "OutpostId", + "type": "string" + }, + "SecurityGroupId": { + "markdownDescription": "The ID of the security group used for the endpoint.", + "title": "SecurityGroupId", + "type": "string" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet used for the endpoint.", + "title": "SubnetId", "type": "string" } }, "required": [ - "Type" + "OutpostId", + "SecurityGroupId", + "SubnetId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResourceExplorer2::Index" + "AWS::S3Outposts::Endpoint" ], "type": "string" }, @@ -230076,7 +282000,37 @@ ], "type": "object" }, - "AWS::ResourceExplorer2::View": { + "AWS::S3Outposts::Endpoint.FailedReason": { + "additionalProperties": false, + "properties": { + "ErrorCode": { + "markdownDescription": "The failure code, if any, for a create or delete endpoint operation.", + "title": "ErrorCode", + "type": "string" + }, + "Message": { + "markdownDescription": "Additional error details describing the endpoint failure and recommended action.", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3Outposts::Endpoint.NetworkInterface": { + "additionalProperties": false, + "properties": { + "NetworkInterfaceId": { + "markdownDescription": "The ID for the network interface.", + "title": "NetworkInterfaceId", + "type": "string" + } + }, + "required": [ + "NetworkInterfaceId" + ], + "type": "object" + }, + "AWS::S3Tables::Namespace": { "additionalProperties": false, "properties": { "Condition": { @@ -230111,49 +282065,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Filters": { - "$ref": "#/definitions/AWS::ResourceExplorer2::View.SearchFilter", - "markdownDescription": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", - "title": "Filters" - }, - "IncludedProperties": { - "items": { - "$ref": "#/definitions/AWS::ResourceExplorer2::View.IncludedProperty" - }, - "markdownDescription": "A list of fields that provide additional information about the view.", - "title": "IncludedProperties", - "type": "array" - }, - "Scope": { - "markdownDescription": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account.", - "title": "Scope", + "Namespace": { + "markdownDescription": "The name of the namespace.", + "title": "Namespace", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Tag key and value pairs that are attached to the view.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - }, - "ViewName": { - "markdownDescription": "The name of the new view.", - "title": "ViewName", + "TableBucketARN": { + "markdownDescription": "", + "title": "TableBucketARN", "type": "string" } }, "required": [ - "ViewName" + "Namespace", + "TableBucketARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResourceExplorer2::View" + "AWS::S3Tables::Namespace" ], "type": "string" }, @@ -230172,35 +282103,7 @@ ], "type": "object" }, - "AWS::ResourceExplorer2::View.IncludedProperty": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the property that is included in this view.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::ResourceExplorer2::View.SearchFilter": { - "additionalProperties": false, - "properties": { - "FilterString": { - "markdownDescription": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation.\n\nFor information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", - "title": "FilterString", - "type": "string" - } - }, - "required": [ - "FilterString" - ], - "type": "object" - }, - "AWS::ResourceGroups::Group": { + "AWS::S3Tables::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -230235,54 +282138,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationItem" - }, - "markdownDescription": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n> You can include either a `Configuration` or a `ResourceQuery` , but not both.", - "title": "Configuration", - "type": "array" + "Compaction": { + "$ref": "#/definitions/AWS::S3Tables::Table.Compaction", + "markdownDescription": "", + "title": "Compaction" }, - "Description": { - "markdownDescription": "The description of the resource group.", - "title": "Description", + "IcebergMetadata": { + "$ref": "#/definitions/AWS::S3Tables::Table.IcebergMetadata", + "markdownDescription": "Contains details about the metadata for an Iceberg table.", + "title": "IcebergMetadata" + }, + "Namespace": { + "markdownDescription": "The name of the namespace.", + "title": "Namespace", "type": "string" }, - "Name": { - "markdownDescription": "The name of a resource group. The name must be unique within the AWS Region in which you create the resource. To create multiple resource groups based on the same CloudFormation stack, you must generate unique names for each.", - "title": "Name", + "OpenTableFormat": { + "markdownDescription": "", + "title": "OpenTableFormat", "type": "string" }, - "ResourceQuery": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ResourceQuery", - "markdownDescription": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n> - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n> - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both.", - "title": "ResourceQuery" + "SnapshotManagement": { + "$ref": "#/definitions/AWS::S3Tables::Table.SnapshotManagement", + "markdownDescription": "", + "title": "SnapshotManagement" }, - "Resources": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n> - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n> - You can include a `Resources` property only if you also specify a `Configuration` property.", - "title": "Resources", - "type": "array" + "TableBucketARN": { + "markdownDescription": "", + "title": "TableBucketARN", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tag key and value pairs that are attached to the resource group.", - "title": "Tags", - "type": "array" + "TableName": { + "markdownDescription": "", + "title": "TableName", + "type": "string" + }, + "WithoutMetadata": { + "markdownDescription": "", + "title": "WithoutMetadata", + "type": "string" } }, "required": [ - "Name" + "Namespace", + "OpenTableFormat", + "TableBucketARN", + "TableName" ], "type": "object" }, "Type": { "enum": [ - "AWS::ResourceGroups::Group" + "AWS::S3Tables::Table" ], "type": "string" }, @@ -230301,107 +282208,100 @@ ], "type": "object" }, - "AWS::ResourceGroups::Group.ConfigurationItem": { + "AWS::S3Tables::Table.Compaction": { "additionalProperties": false, "properties": { - "Parameters": { - "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationParameter" - }, - "markdownDescription": "A collection of parameters for this configuration item. For the list of parameters that you can use with each configuration item `Type` , see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Parameters", - "type": "array" - }, - "Type": { - "markdownDescription": "Specifies the type of configuration item. Each item must have a unique value for type. For the list of the types that you can specify for a configuration item, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Type", + "Status": { + "markdownDescription": "", + "title": "Status", "type": "string" + }, + "TargetFileSizeMB": { + "markdownDescription": "", + "title": "TargetFileSizeMB", + "type": "number" } }, "type": "object" }, - "AWS::ResourceGroups::Group.ConfigurationParameter": { + "AWS::S3Tables::Table.IcebergMetadata": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the group configuration parameter. For the list of parameters that you can use with each configuration item type, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", - "title": "Name", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The value or values to be used for the specified parameter. For the list of values you can use with each parameter, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) .", - "title": "Values", - "type": "array" + "IcebergSchema": { + "$ref": "#/definitions/AWS::S3Tables::Table.IcebergSchema", + "markdownDescription": "", + "title": "IcebergSchema" } }, + "required": [ + "IcebergSchema" + ], "type": "object" }, - "AWS::ResourceGroups::Group.Query": { + "AWS::S3Tables::Table.IcebergSchema": { "additionalProperties": false, "properties": { - "ResourceTypeFilters": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `[\"AWS::EC2::Instance\", \"AWS::DynamoDB::Table\"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `[\"AWS::AllSupported\"]` .", - "title": "ResourceTypeFilters", - "type": "array" - }, - "StackIdentifier": { - "markdownDescription": "Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped.\n\nYou can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.`", - "title": "StackIdentifier", - "type": "string" - }, - "TagFilters": { + "SchemaFieldList": { "items": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.TagFilter" + "$ref": "#/definitions/AWS::S3Tables::Table.SchemaField" }, - "markdownDescription": "A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` .\n\nA resource must have a tag that matches every filter that is provided in the `TagFilters` list.", - "title": "TagFilters", + "markdownDescription": "", + "title": "SchemaFieldList", "type": "array" } }, + "required": [ + "SchemaFieldList" + ], "type": "object" }, - "AWS::ResourceGroups::Group.ResourceQuery": { + "AWS::S3Tables::Table.SchemaField": { "additionalProperties": false, "properties": { - "Query": { - "$ref": "#/definitions/AWS::ResourceGroups::Group.Query", - "markdownDescription": "The query that defines the membership of the group. This is a structure with properties that depend on the `Type` .\n\nThe `Query` structure must be included in the following scenarios:\n\n- When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group.\n- When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing.", - "title": "Query" + "Name": { + "markdownDescription": "The name of the field.", + "title": "Name", + "type": "string" + }, + "Required": { + "markdownDescription": "A Boolean value that specifies whether values are required for each row in this field. By default, this is `false` and null values are allowed in the field. If this is `true` the field does not allow null values.", + "title": "Required", + "type": "boolean" }, "Type": { - "markdownDescription": "Specifies the type of resource query that determines this group's membership. There are two valid query types:\n\n- `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query.\n- `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined.", + "markdownDescription": "The field type. S3 Tables supports all Apache Iceberg primitive types. For more information, see the [Apache Iceberg documentation](https://docs.aws.amazon.com/https://iceberg.apache.org/spec/#primitive-types) .", "title": "Type", "type": "string" } }, + "required": [ + "Name", + "Type" + ], "type": "object" }, - "AWS::ResourceGroups::Group.TagFilter": { + "AWS::S3Tables::Table.SnapshotManagement": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group.\n\nThis field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key.", - "title": "Key", - "type": "string" + "MaxSnapshotAgeHours": { + "markdownDescription": "", + "title": "MaxSnapshotAgeHours", + "type": "number" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member.", - "title": "Values", - "type": "array" + "MinSnapshotsToKeep": { + "markdownDescription": "", + "title": "MinSnapshotsToKeep", + "type": "number" + }, + "Status": { + "markdownDescription": "", + "title": "Status", + "type": "string" } }, "type": "object" }, - "AWS::RoboMaker::Fleet": { + "AWS::S3Tables::TableBucket": { "additionalProperties": false, "properties": { "Condition": { @@ -230436,28 +282336,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the fleet.", - "title": "Name", + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::S3Tables::TableBucket.EncryptionConfiguration", + "markdownDescription": "Configuration specifying how data should be encrypted. This structure defines the encryption algorithm and optional KMS key to be used for server-side encryption.", + "title": "EncryptionConfiguration" + }, + "TableBucketName": { + "markdownDescription": "The name for the table bucket.", + "title": "TableBucketName", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "The list of all tags added to the fleet.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "UnreferencedFileRemoval": { + "$ref": "#/definitions/AWS::S3Tables::TableBucket.UnreferencedFileRemoval", + "markdownDescription": "The unreferenced file removal settings for your table bucket. Unreferenced file removal identifies and deletes all objects that are not referenced by any table snapshots. For more information, see the [*Amazon S3 User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-table-buckets-maintenance.html) .", + "title": "UnreferencedFileRemoval" } }, + "required": [ + "TableBucketName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::Fleet" + "AWS::S3Tables::TableBucket" ], "type": "string" }, @@ -230471,11 +282373,49 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::RoboMaker::Robot": { + "AWS::S3Tables::TableBucket.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KMSKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to use for encryption. This field is required only when `sseAlgorithm` is set to `aws:kms` .", + "title": "KMSKeyArn", + "type": "string" + }, + "SSEAlgorithm": { + "markdownDescription": "The server-side encryption algorithm to use. Valid values are `AES256` for S3-managed encryption keys, or `aws:kms` for AWS KMS-managed encryption keys. If you choose SSE-KMS encryption you must grant the S3 Tables maintenance principal access to your KMS key. For more information, see [Permissions requirements for S3 Tables SSE-KMS encryption](https://docs.aws.amazon.com//AmazonS3/latest/userguide/s3-tables-kms-permissions.html) .", + "title": "SSEAlgorithm", + "type": "string" + } + }, + "type": "object" + }, + "AWS::S3Tables::TableBucket.UnreferencedFileRemoval": { + "additionalProperties": false, + "properties": { + "NoncurrentDays": { + "markdownDescription": "The number of days an object can be noncurrent before Amazon S3 deletes it.", + "title": "NoncurrentDays", + "type": "number" + }, + "Status": { + "markdownDescription": "The status of the unreferenced file removal configuration for your table bucket.", + "title": "Status", + "type": "string" + }, + "UnreferencedDays": { + "markdownDescription": "The number of days an object must be unreferenced by your table before Amazon S3 marks the object as noncurrent.", + "title": "UnreferencedDays", + "type": "number" + } + }, + "type": "object" + }, + "AWS::S3Tables::TableBucketPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -230510,47 +282450,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Architecture": { - "markdownDescription": "The architecture of the robot.", - "title": "Architecture", - "type": "string" - }, - "Fleet": { - "markdownDescription": "The Amazon Resource Name (ARN) of the fleet to which the robot will be registered.", - "title": "Fleet", - "type": "string" - }, - "GreengrassGroupId": { - "markdownDescription": "The Greengrass group associated with the robot.", - "title": "GreengrassGroupId", - "type": "string" + "ResourcePolicy": { + "markdownDescription": "The bucket policy JSON for the table bucket.", + "title": "ResourcePolicy", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the robot.", - "title": "Name", + "TableBucketARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the table bucket.", + "title": "TableBucketARN", "type": "string" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" } }, "required": [ - "Architecture", - "GreengrassGroupId" + "ResourcePolicy", + "TableBucketARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::Robot" + "AWS::S3Tables::TableBucketPolicy" ], "type": "string" }, @@ -230569,7 +282488,7 @@ ], "type": "object" }, - "AWS::RoboMaker::RobotApplication": { + "AWS::S3Tables::TablePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -230604,54 +282523,26 @@ "Properties": { "additionalProperties": false, "properties": { - "CurrentRevisionId": { - "markdownDescription": "The current revision id.", - "title": "CurrentRevisionId", - "type": "string" - }, - "Environment": { - "markdownDescription": "The environment of the robot application.", - "title": "Environment", - "type": "string" + "ResourcePolicy": { + "markdownDescription": "", + "title": "ResourcePolicy", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the robot application.", - "title": "Name", + "TableARN": { + "markdownDescription": "", + "title": "TableARN", "type": "string" - }, - "RobotSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.RobotSoftwareSuite", - "markdownDescription": "The robot software suite used by the robot application.", - "title": "RobotSoftwareSuite" - }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.SourceConfig" - }, - "markdownDescription": "The sources of the robot application.", - "title": "Sources", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" } }, "required": [ - "RobotSoftwareSuite" + "ResourcePolicy", + "TableARN" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::RobotApplication" + "AWS::S3Tables::TablePolicy" ], "type": "string" }, @@ -230670,52 +282561,7 @@ ], "type": "object" }, - "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::RoboMaker::RobotApplication.SourceConfig": { - "additionalProperties": false, - "properties": { - "Architecture": { - "markdownDescription": "The target processor architecture for the application.", - "title": "Architecture", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3Bucket", - "type": "string" - }, - "S3Key": { - "markdownDescription": "The s3 object key.", - "title": "S3Key", - "type": "string" - } - }, - "required": [ - "Architecture", - "S3Bucket", - "S3Key" - ], - "type": "object" - }, - "AWS::RoboMaker::RobotApplicationVersion": { + "AWS::SDB::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -230750,25 +282596,17 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The application information for the robot application.", - "title": "Application", - "type": "string" - }, - "CurrentRevisionId": { - "markdownDescription": "The current revision id for the robot application. If you provide a value and it matches the latest revision ID, a new version will be created.", - "title": "CurrentRevisionId", + "Description": { + "markdownDescription": "Information about the SimpleDB domain.", + "title": "Description", "type": "string" } }, - "required": [ - "Application" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::RobotApplicationVersion" + "AWS::SDB::Domain" ], "type": "string" }, @@ -230782,12 +282620,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication": { + "AWS::SES::ConfigurationSet": { "additionalProperties": false, "properties": { "Condition": { @@ -230822,65 +282659,55 @@ "Properties": { "additionalProperties": false, "properties": { - "CurrentRevisionId": { - "markdownDescription": "The current revision id.", - "title": "CurrentRevisionId", - "type": "string" - }, - "Environment": { - "markdownDescription": "The environment of the simulation application.", - "title": "Environment", - "type": "string" + "DeliveryOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.DeliveryOptions", + "markdownDescription": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS).", + "title": "DeliveryOptions" }, "Name": { - "markdownDescription": "The name of the simulation application.", + "markdownDescription": "The name of the configuration set. The name must meet the following requirements:\n\n- Contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", "title": "Name", "type": "string" }, - "RenderingEngine": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RenderingEngine", - "markdownDescription": "The rendering engine for the simulation application.", - "title": "RenderingEngine" + "ReputationOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.ReputationOptions", + "markdownDescription": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", + "title": "ReputationOptions" }, - "RobotSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite", - "markdownDescription": "The robot software suite used by the simulation application.", - "title": "RobotSoftwareSuite" + "SendingOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.SendingOptions", + "markdownDescription": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", + "title": "SendingOptions" }, - "SimulationSoftwareSuite": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite", - "markdownDescription": "The simulation software suite used by the simulation application.", - "title": "SimulationSoftwareSuite" + "SuppressionOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.SuppressionOptions", + "markdownDescription": "An object that contains information about the suppression list preferences for your account.", + "title": "SuppressionOptions" }, - "Sources": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SourceConfig" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The sources of the simulation application.", - "title": "Sources", + "markdownDescription": "An array of objects that define the tags (keys and values) that are associated with the configuration set.", + "title": "Tags", "type": "array" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "A map that contains tag keys and tag values that are attached to the simulation application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "TrackingOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.TrackingOptions", + "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", + "title": "TrackingOptions" + }, + "VdmOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.VdmOptions", + "markdownDescription": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set.", + "title": "VdmOptions" } }, - "required": [ - "RobotSoftwareSuite", - "SimulationSoftwareSuite" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::SimulationApplication" + "AWS::SES::ConfigurationSet" ], "type": "string" }, @@ -230894,96 +282721,128 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.RenderingEngine": { + "AWS::SES::ConfigurationSet.DashboardOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the rendering engine.", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of the rendering engine.", - "title": "Version", + "EngagementMetrics": { + "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for the configuration set.", + "title": "EngagementMetrics", "type": "string" } }, "required": [ - "Name", - "Version" + "EngagementMetrics" ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite": { + "AWS::SES::ConfigurationSet.DeliveryOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", - "title": "Name", + "MaxDeliverySeconds": { + "markdownDescription": "The maximum amount of time, in seconds, that Amazon SES API v2 will attempt delivery of email. If specified, the value must greater than or equal to 300 seconds (5 minutes) and less than or equal to 50400 seconds (840 minutes).", + "title": "MaxDeliverySeconds", + "type": "number" + }, + "SendingPoolName": { + "markdownDescription": "The name of the dedicated IP pool to associate with the configuration set.", + "title": "SendingPoolName", "type": "string" }, - "Version": { - "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", - "title": "Version", + "TlsPolicy": { + "markdownDescription": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is `REQUIRE` , messages are only delivered if a TLS connection can be established. If the value is `OPTIONAL` , messages can be delivered in plain text if a TLS connection can't be established.\n\nValid Values: `REQUIRE | OPTIONAL`", + "title": "TlsPolicy", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite": { + "AWS::SES::ConfigurationSet.GuardianOptions": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the simulation software suite. `SimulationRuntime` is the only supported value.", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of the simulation software suite. Not applicable for `SimulationRuntime` .", - "title": "Version", + "OptimizedSharedDelivery": { + "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for the configuration set.", + "title": "OptimizedSharedDelivery", "type": "string" } }, "required": [ - "Name" + "OptimizedSharedDelivery" ], "type": "object" }, - "AWS::RoboMaker::SimulationApplication.SourceConfig": { + "AWS::SES::ConfigurationSet.ReputationOptions": { "additionalProperties": false, "properties": { - "Architecture": { - "markdownDescription": "The target processor architecture for the application.", - "title": "Architecture", + "ReputationMetricsEnabled": { + "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", + "title": "ReputationMetricsEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.SendingOptions": { + "additionalProperties": false, + "properties": { + "SendingEnabled": { + "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", + "title": "SendingEnabled", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.SuppressionOptions": { + "additionalProperties": false, + "properties": { + "SuppressedReasons": { + "items": { + "type": "string" + }, + "markdownDescription": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce.", + "title": "SuppressedReasons", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.TrackingOptions": { + "additionalProperties": false, + "properties": { + "CustomRedirectDomain": { + "markdownDescription": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", + "title": "CustomRedirectDomain", "type": "string" }, - "S3Bucket": { - "markdownDescription": "The Amazon S3 bucket name.", - "title": "S3Bucket", + "HttpsPolicy": { + "markdownDescription": "The https policy to use for tracking open and click events.", + "title": "HttpsPolicy", "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSet.VdmOptions": { + "additionalProperties": false, + "properties": { + "DashboardOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.DashboardOptions", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", + "title": "DashboardOptions" }, - "S3Key": { - "markdownDescription": "The s3 object key.", - "title": "S3Key", - "type": "string" + "GuardianOptions": { + "$ref": "#/definitions/AWS::SES::ConfigurationSet.GuardianOptions", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", + "title": "GuardianOptions" } }, - "required": [ - "Architecture", - "S3Bucket", - "S3Key" - ], "type": "object" }, - "AWS::RoboMaker::SimulationApplicationVersion": { + "AWS::SES::ConfigurationSetEventDestination": { "additionalProperties": false, "properties": { "Condition": { @@ -231018,25 +282877,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The application information for the simulation application.", - "title": "Application", + "ConfigurationSetName": { + "markdownDescription": "The name of the configuration set that contains the event destination.", + "title": "ConfigurationSetName", "type": "string" }, - "CurrentRevisionId": { - "markdownDescription": "The current revision id for the simulation application. If you provide a value and it matches the latest revision ID, a new version will be created.", - "title": "CurrentRevisionId", - "type": "string" + "EventDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventDestination", + "markdownDescription": "An object that defines the event destination.", + "title": "EventDestination" } }, "required": [ - "Application" + "ConfigurationSetName", + "EventDestination" ], "type": "object" }, "Type": { "enum": [ - "AWS::RoboMaker::SimulationApplicationVersion" + "AWS::SES::ConfigurationSetEventDestination" ], "type": "string" }, @@ -231055,7 +282915,142 @@ ], "type": "object" }, - "AWS::RolesAnywhere::CRL": { + "AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination": { + "additionalProperties": false, + "properties": { + "DimensionConfigurations": { + "items": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration" + }, + "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", + "title": "DimensionConfigurations", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration": { + "additionalProperties": false, + "properties": { + "DefaultDimensionValue": { + "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- Can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-), at signs (@), and periods (.).\n- It can contain no more than 256 characters.", + "title": "DefaultDimensionValue", + "type": "string" + }, + "DimensionName": { + "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", + "title": "DimensionName", + "type": "string" + }, + "DimensionValueSource": { + "markdownDescription": "The location where the Amazon SES API v2 finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` or `SendRawEmail` API, choose `messageTag` . To use your own email headers, choose `emailHeader` . To use link tags, choose `linkTag` .", + "title": "DimensionValueSource", + "type": "string" + } + }, + "required": [ + "DefaultDimensionValue", + "DimensionName", + "DimensionValueSource" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.EventBridgeDestination": { + "additionalProperties": false, + "properties": { + "EventBusArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EventBridge bus to publish email events to. Only the default bus is supported.", + "title": "EventBusArn", + "type": "string" + } + }, + "required": [ + "EventBusArn" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.EventDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination", + "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", + "title": "CloudWatchDestination" + }, + "Enabled": { + "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", + "title": "Enabled", + "type": "boolean" + }, + "EventBridgeDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventBridgeDestination", + "markdownDescription": "An object that defines an Amazon EventBridge destination for email events. You can use Amazon EventBridge to send notifications when certain email events occur.", + "title": "EventBridgeDestination" + }, + "KinesisFirehoseDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination", + "markdownDescription": "An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination.", + "title": "KinesisFirehoseDestination" + }, + "MatchingEventTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The types of events that Amazon SES sends to the specified event destinations.\n\n- `SEND` - The send request was successful and SES will attempt to deliver the message to the recipient\u2019s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)\n- `REJECT` - SES accepted the email, but determined that it contained a virus and didn\u2019t attempt to deliver it to the recipient\u2019s mail server.\n- `BOUNCE` - ( *Hard bounce* ) The recipient's mail server permanently rejected the email. ( *Soft bounces* are only included when SES fails to deliver the email after retrying for a period of time.)\n- `COMPLAINT` - The email was successfully delivered to the recipient\u2019s mail server, but the recipient marked it as spam.\n- `DELIVERY` - SES successfully delivered the email to the recipient's mail server.\n- `OPEN` - The recipient received the message and opened it in their email client.\n- `CLICK` - The recipient clicked one or more links in the email.\n- `RENDERING_FAILURE` - The email wasn't sent because of a template rendering issue. This event type can occur when template data is missing, or when there is a mismatch between template parameters and data. (This event type only occurs when you send email using the [`SendEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html) or [`SendBulkEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendBulkEmail.html) API operations.)\n- `DELIVERY_DELAY` - The email couldn't be delivered to the recipient\u2019s mail server because a temporary issue occurred. Delivery delays can occur, for example, when the recipient's inbox is full, or when the receiving email server experiences a transient issue.\n- `SUBSCRIPTION` - The email was successfully delivered, but the recipient updated their subscription preferences by clicking on an *unsubscribe* link as part of your [subscription management](https://docs.aws.amazon.com/ses/latest/dg/sending-email-subscription-management.html) .", + "title": "MatchingEventTypes", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the event destination. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" + }, + "SnsDestination": { + "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.SnsDestination", + "markdownDescription": "An object that contains the topic ARN associated with an Amazon Simple Notification Service (Amazon SNS) event destination.", + "title": "SnsDestination" + } + }, + "required": [ + "MatchingEventTypes" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "additionalProperties": false, + "properties": { + "DeliveryStreamARN": { + "markdownDescription": "The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to.", + "title": "DeliveryStreamARN", + "type": "string" + }, + "IAMRoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the Amazon SES API v2 uses to send email events to the Amazon Kinesis Data Firehose stream.", + "title": "IAMRoleARN", + "type": "string" + } + }, + "required": [ + "DeliveryStreamARN", + "IAMRoleARN" + ], + "type": "object" + }, + "AWS::SES::ConfigurationSetEventDestination.SnsDestination": { + "additionalProperties": false, + "properties": { + "TopicARN": { + "markdownDescription": "The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicARN", + "type": "string" + } + }, + "required": [ + "TopicARN" + ], + "type": "object" + }, + "AWS::SES::ContactList": { "additionalProperties": false, "properties": { "Condition": { @@ -231090,44 +283085,38 @@ "Properties": { "additionalProperties": false, "properties": { - "CrlData": { - "markdownDescription": "The x509 v3 specified certificate revocation list (CRL).", - "title": "CrlData", + "ContactListName": { + "markdownDescription": "The name of the contact list.", + "title": "ContactListName", "type": "string" }, - "Enabled": { - "markdownDescription": "Specifies whether the certificate revocation list (CRL) is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the certificate revocation list (CRL).", - "title": "Name", + "Description": { + "markdownDescription": "A description of what the contact list is about.", + "title": "Description", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to attach to the certificate revocation list (CRL).", + "markdownDescription": "The tags associated with a contact list.", "title": "Tags", "type": "array" }, - "TrustAnchorArn": { - "markdownDescription": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.", - "title": "TrustAnchorArn", - "type": "string" + "Topics": { + "items": { + "$ref": "#/definitions/AWS::SES::ContactList.Topic" + }, + "markdownDescription": "An interest group, theme, or label within a list. A contact list can have multiple topics.", + "title": "Topics", + "type": "array" } }, - "required": [ - "CrlData", - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RolesAnywhere::CRL" + "AWS::SES::ContactList" ], "type": "string" }, @@ -231141,12 +283130,42 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RolesAnywhere::Profile": { + "AWS::SES::ContactList.Topic": { + "additionalProperties": false, + "properties": { + "DefaultSubscriptionStatus": { + "markdownDescription": "The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic.", + "title": "DefaultSubscriptionStatus", + "type": "string" + }, + "Description": { + "markdownDescription": "A description of what the topic is about, which the contact will see.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name of the topic the contact will see.", + "title": "DisplayName", + "type": "string" + }, + "TopicName": { + "markdownDescription": "The name of the topic.", + "title": "TopicName", + "type": "string" + } + }, + "required": [ + "DefaultSubscriptionStatus", + "DisplayName", + "TopicName" + ], + "type": "object" + }, + "AWS::SES::DedicatedIpPool": { "additionalProperties": false, "properties": { "Condition": { @@ -231181,65 +283200,30 @@ "Properties": { "additionalProperties": false, "properties": { - "DurationSeconds": { - "markdownDescription": "The number of seconds vended session credentials will be valid for", - "title": "DurationSeconds", - "type": "number" - }, - "Enabled": { - "markdownDescription": "The enabled status of the resource.", - "title": "Enabled", - "type": "boolean" - }, - "ManagedPolicyArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", - "title": "ManagedPolicyArns", - "type": "array" - }, - "Name": { - "markdownDescription": "The customer specified name of the resource.", - "title": "Name", + "PoolName": { + "markdownDescription": "The name of the dedicated IP pool that the IP address is associated with.", + "title": "PoolName", "type": "string" }, - "RequireInstanceProperties": { - "markdownDescription": "Specifies whether instance properties are required in CreateSession requests with this profile.", - "title": "RequireInstanceProperties", - "type": "boolean" - }, - "RoleArns": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", - "title": "RoleArns", - "type": "array" - }, - "SessionPolicy": { - "markdownDescription": "A session policy that will applied to the trust boundary of the vended session credentials.", - "title": "SessionPolicy", + "ScalingMode": { + "markdownDescription": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", + "title": "ScalingMode", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of Tags.", + "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the pool.", "title": "Tags", "type": "array" } }, - "required": [ - "Name", - "RoleArns" - ], "type": "object" }, "Type": { "enum": [ - "AWS::RolesAnywhere::Profile" + "AWS::SES::DedicatedIpPool" ], "type": "string" }, @@ -231253,12 +283237,11 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor": { + "AWS::SES::EmailIdentity": { "additionalProperties": false, "properties": { "Condition": { @@ -231293,47 +283276,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "Indicates whether the trust anchor is enabled.", - "title": "Enabled", - "type": "boolean" + "ConfigurationSetAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.ConfigurationSetAttributes", + "markdownDescription": "Used to associate a configuration set with an email identity.", + "title": "ConfigurationSetAttributes" }, - "Name": { - "markdownDescription": "The name of the trust anchor.", - "title": "Name", + "DkimAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimAttributes", + "markdownDescription": "An object that contains information about the DKIM attributes for the identity.", + "title": "DkimAttributes" + }, + "DkimSigningAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimSigningAttributes", + "markdownDescription": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", + "title": "DkimSigningAttributes" + }, + "EmailIdentity": { + "markdownDescription": "The email address or domain to verify.", + "title": "EmailIdentity", "type": "string" }, - "NotificationSettings": { - "items": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.NotificationSetting" - }, - "markdownDescription": "A list of notification settings to be associated to the trust anchor.", - "title": "NotificationSettings", - "type": "array" + "FeedbackAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.FeedbackAttributes", + "markdownDescription": "Used to enable or disable feedback forwarding for an identity.", + "title": "FeedbackAttributes" }, - "Source": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.Source", - "markdownDescription": "The trust anchor type and its related certificate data.", - "title": "Source" + "MailFromAttributes": { + "$ref": "#/definitions/AWS::SES::EmailIdentity.MailFromAttributes", + "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", + "title": "MailFromAttributes" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to attach to the trust anchor.", + "markdownDescription": "An array of objects that define the tags (keys and values) to associate with the email identity.", "title": "Tags", "type": "array" } }, "required": [ - "Name", - "Source" + "EmailIdentity" ], "type": "object" }, "Type": { "enum": [ - "AWS::RolesAnywhere::TrustAnchor" + "AWS::SES::EmailIdentity" ], "type": "string" }, @@ -231352,69 +283341,77 @@ ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.NotificationSetting": { + "AWS::SES::EmailIdentity.ConfigurationSetAttributes": { "additionalProperties": false, "properties": { - "Channel": { - "markdownDescription": "The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and AWS Health Dashboard to notify for an event.\n\n> In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels.", - "title": "Channel", + "ConfigurationSetName": { + "markdownDescription": "The configuration set to associate with an email identity.", + "title": "ConfigurationSetName", "type": "string" - }, - "Enabled": { - "markdownDescription": "Indicates whether the notification setting is enabled.", - "title": "Enabled", + } + }, + "type": "object" + }, + "AWS::SES::EmailIdentity.DkimAttributes": { + "additionalProperties": false, + "properties": { + "SigningEnabled": { + "markdownDescription": "Sets the DKIM signing configuration for the identity.\n\nWhen you set this value `true` , then the messages that are sent from the identity are signed using DKIM. If you set this value to `false` , your messages are sent without DKIM signing.", + "title": "SigningEnabled", "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SES::EmailIdentity.DkimSigningAttributes": { + "additionalProperties": false, + "properties": { + "DomainSigningPrivateKey": { + "markdownDescription": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature.\n\nThe private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.\n\n> Rather than embedding sensitive information directly in your CFN templates, we recommend you use dynamic parameters in the stack template to reference sensitive information that is stored and managed outside of CFN, such as in the AWS Systems Manager Parameter Store or AWS Secrets Manager.\n> \n> For more information, see the [Do not embed credentials in your templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) best practice.", + "title": "DomainSigningPrivateKey", + "type": "string" }, - "Event": { - "markdownDescription": "The event to which this notification setting is applied.", - "title": "Event", + "DomainSigningSelector": { + "markdownDescription": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain.", + "title": "DomainSigningSelector", "type": "string" }, - "Threshold": { - "markdownDescription": "The number of days before a notification event. This value is required for a notification setting that is enabled.", - "title": "Threshold", - "type": "number" + "NextSigningKeyLength": { + "markdownDescription": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.\n\nValid Values: `RSA_1024_BIT | RSA_2048_BIT`", + "title": "NextSigningKeyLength", + "type": "string" } }, - "required": [ - "Enabled", - "Event" - ], "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.Source": { + "AWS::SES::EmailIdentity.FeedbackAttributes": { "additionalProperties": false, "properties": { - "SourceData": { - "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.SourceData", - "markdownDescription": "A union object representing the data field of the TrustAnchor depending on its type", - "title": "SourceData" - }, - "SourceType": { - "markdownDescription": "The type of the TrustAnchor.", - "title": "SourceType", - "type": "string" + "EmailForwardingEnabled": { + "markdownDescription": "Sets the feedback forwarding configuration for the identity.\n\nIf the value is `true` , you receive email notifications when bounce or complaint events occur. These notifications are sent to the address that you specified in the `Return-Path` header of the original email.\n\nYou're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications (for example, by setting up an event destination), you receive an email notification when these events occur (even if this setting is disabled).", + "title": "EmailForwardingEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::RolesAnywhere::TrustAnchor.SourceData": { + "AWS::SES::EmailIdentity.MailFromAttributes": { "additionalProperties": false, "properties": { - "AcmPcaArn": { - "markdownDescription": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .\n\n> This field is not supported in your region.", - "title": "AcmPcaArn", + "BehaviorOnMxFailure": { + "markdownDescription": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", + "title": "BehaviorOnMxFailure", "type": "string" }, - "X509CertificateData": { - "markdownDescription": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` .", - "title": "X509CertificateData", + "MailFromDomain": { + "markdownDescription": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails.", + "title": "MailFromDomain", "type": "string" } }, "type": "object" }, - "AWS::Route53::CidrCollection": { + "AWS::SES::MailManagerAddonInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -231449,28 +283446,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Locations": { + "AddonSubscriptionId": { + "markdownDescription": "The subscription ID for the instance.", + "title": "AddonSubscriptionId", + "type": "string" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::Route53::CidrCollection.Location" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains information about the list of CIDR locations.", - "title": "Locations", + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", "type": "array" - }, - "Name": { - "markdownDescription": "The name of a CIDR collection.", - "title": "Name", - "type": "string" } }, "required": [ - "Name" + "AddonSubscriptionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::CidrCollection" + "AWS::SES::MailManagerAddonInstance" ], "type": "string" }, @@ -231489,30 +283486,7 @@ ], "type": "object" }, - "AWS::Route53::CidrCollection.Location": { - "additionalProperties": false, - "properties": { - "CidrList": { - "items": { - "type": "string" - }, - "markdownDescription": "List of CIDR blocks.", - "title": "CidrList", - "type": "array" - }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", - "type": "string" - } - }, - "required": [ - "CidrList", - "LocationName" - ], - "type": "object" - }, - "AWS::Route53::DNSSEC": { + "AWS::SES::MailManagerAddonSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -231547,20 +283521,28 @@ "Properties": { "additionalProperties": false, "properties": { - "HostedZoneId": { - "markdownDescription": "A unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", - "title": "HostedZoneId", + "AddonName": { + "markdownDescription": "The name of the Add On to subscribe to. You can only have one subscription for each Add On name.\n\nValid Values: `TRENDMICRO_VSAPI | SPAMHAUS_DBL | ABUSIX_MAIL_INTELLIGENCE`", + "title": "AddonName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" } }, "required": [ - "HostedZoneId" + "AddonName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::DNSSEC" + "AWS::SES::MailManagerAddonSubscription" ], "type": "string" }, @@ -231579,7 +283561,7 @@ ], "type": "object" }, - "AWS::Route53::HealthCheck": { + "AWS::SES::MailManagerAddressList": { "additionalProperties": false, "properties": { "Condition": { @@ -231614,28 +283596,25 @@ "Properties": { "additionalProperties": false, "properties": { - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckConfig", - "markdownDescription": "A complex type that contains detailed information about one health check.\n\nFor the values to enter for `HealthCheckConfig` , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)", - "title": "HealthCheckConfig" + "AddressListName": { + "markdownDescription": "", + "title": "AddressListName", + "type": "string" }, - "HealthCheckTags": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckTag" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The `HealthCheckTags` property describes key-value pairs that are associated with an `AWS::Route53::HealthCheck` resource.", - "title": "HealthCheckTags", + "markdownDescription": "", + "title": "Tags", "type": "array" } }, - "required": [ - "HealthCheckConfig" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::HealthCheck" + "AWS::SES::MailManagerAddressList" ], "type": "string" }, @@ -231649,123 +283628,83 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Route53::HealthCheck.AlarmIdentifier": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy.\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in.\n\nFor the current list of CloudWatch regions, see [Amazon CloudWatch endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/cw_region.html) in the *Amazon Web Services General Reference* .", - "title": "Region", - "type": "string" - } - }, - "required": [ - "Name", - "Region" + "Type" ], "type": "object" }, - "AWS::Route53::HealthCheck.HealthCheckConfig": { + "AWS::SES::MailManagerArchive": { "additionalProperties": false, "properties": { - "AlarmIdentifier": { - "$ref": "#/definitions/AWS::Route53::HealthCheck.AlarmIdentifier", - "markdownDescription": "A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy.", - "title": "AlarmIdentifier" - }, - "ChildHealthChecks": { - "items": { - "type": "string" - }, - "markdownDescription": "(CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check.", - "title": "ChildHealthChecks", - "type": "array" - }, - "EnableSNI": { - "markdownDescription": "Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate.\n\nSome endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid.\n\nThe SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message.", - "title": "EnableSNI", - "type": "boolean" - }, - "FailureThreshold": { - "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .\n\nIf you don't specify a value for `FailureThreshold` , the default value is three health checks.", - "title": "FailureThreshold", - "type": "number" - }, - "FullyQualifiedDomainName": { - "markdownDescription": "Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` .\n\n*If you specify a value for* `IPAddress` :\n\nAmazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.\n\nWhen Route 53 checks the health of an endpoint, here is how it constructs the `Host` header:\n\n- If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header.\n- If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header.\n- If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header.\n\nIf you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases.\n\n*If you don't specify a value for `IPAddress`* :\n\nRoute 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.\n\n> If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a \"DNS resolution failed\" error. \n\nIf you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com).\n\n> In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. \n\nIn addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header.", - "title": "FullyQualifiedDomainName", - "type": "string" - }, - "HealthThreshold": { - "markdownDescription": "The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element.\n\nNote the following:\n\n- If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy.\n- If you specify `0` , Route 53 always considers this health check to be healthy.", - "title": "HealthThreshold", - "type": "number" - }, - "IPAddress": { - "markdownDescription": "The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint.\n\nUse one of the following formats for the value of `IPAddress` :\n\n- *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` .\n- *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` .\n\nIf the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change.\n\nFor more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) .\n\nConstraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents:\n\n- [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735)\n- [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598)\n- [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156)\n\nWhen the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` .", - "title": "IPAddress", + "Condition": { "type": "string" }, - "InsufficientDataHealthStatus": { - "markdownDescription": "When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check:\n\n- `Healthy` : Route 53 considers the health check to be healthy.\n- `Unhealthy` : Route 53 considers the health check to be unhealthy.\n- `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy.", - "title": "InsufficientDataHealthStatus", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Inverted": { - "markdownDescription": "Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy.", - "title": "Inverted", - "type": "boolean" - }, - "MeasureLatency": { - "markdownDescription": "Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.\n\n> You can't change the value of `MeasureLatency` after you create a health check.", - "title": "MeasureLatency", - "type": "boolean" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Port": { - "markdownDescription": "The port on the endpoint that you want Amazon Route 53 to perform health checks on.\n\n> Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` .", - "title": "Port", - "type": "number" + "Metadata": { + "type": "object" }, - "Regions": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ArchiveName": { + "markdownDescription": "A unique name for the new archive.", + "title": "ArchiveName", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key for encrypting emails in the archive.", + "title": "KmsKeyArn", + "type": "string" + }, + "Retention": { + "$ref": "#/definitions/AWS::SES::MailManagerArchive.ArchiveRetention", + "markdownDescription": "The period for retaining emails in the archive before automatic deletion.", + "title": "Retention" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint.\n\nIf you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* .\n\nIf you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions).", - "title": "Regions", - "type": "array" - }, - "RequestInterval": { - "markdownDescription": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.\n\n> You can't change the value of `RequestInterval` after you create a health check. \n\nIf you don't specify a value for `RequestInterval` , the default value is `30` seconds.", - "title": "RequestInterval", - "type": "number" - }, - "ResourcePath": { - "markdownDescription": "The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp&login=y` .", - "title": "ResourcePath", - "type": "string" - }, - "RoutingControlArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control.\n\nFor more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) .", - "title": "RoutingControlArn", - "type": "string" + "type": "object" }, - "SearchString": { - "markdownDescription": "If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy.\n\nRoute 53 considers case when searching for `SearchString` in the response body.", - "title": "SearchString", + "Type": { + "enum": [ + "AWS::SES::MailManagerArchive" + ], "type": "string" }, - "Type": { - "markdownDescription": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *TCP* : Route 53 tries to establish a TCP connection.\n- *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` .\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.\n- *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` .\n- *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy.\n\nFor more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, @@ -231774,27 +283713,21 @@ ], "type": "object" }, - "AWS::Route53::HealthCheck.HealthCheckTag": { + "AWS::SES::MailManagerArchive.ArchiveRetention": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", - "title": "Value", + "RetentionPeriod": { + "markdownDescription": "The enum value sets the period for retaining emails in an archive.", + "title": "RetentionPeriod", "type": "string" } }, "required": [ - "Key", - "Value" + "RetentionPeriod" ], "type": "object" }, - "AWS::Route53::HostedZone": { + "AWS::SES::MailManagerIngressPoint": { "additionalProperties": false, "properties": { "Condition": { @@ -231829,43 +283762,60 @@ "Properties": { "additionalProperties": false, "properties": { - "HostedZoneConfig": { - "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneConfig", - "markdownDescription": "A complex type that contains an optional comment.\n\nIf you don't want to specify a comment, omit the `HostedZoneConfig` and `Comment` elements.", - "title": "HostedZoneConfig" + "IngressPointConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.IngressPointConfiguration", + "markdownDescription": "The configuration of the ingress endpoint resource.", + "title": "IngressPointConfiguration" }, - "HostedZoneTags": { - "items": { - "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneTag" - }, - "markdownDescription": "Adds, edits, or deletes tags for a health check or a hosted zone.\n\nFor information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *Billing and Cost Management User Guide* .", - "title": "HostedZoneTags", - "type": "array" + "IngressPointName": { + "markdownDescription": "A user friendly name for an ingress endpoint resource.", + "title": "IngressPointName", + "type": "string" }, - "Name": { - "markdownDescription": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n\nIf you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of `NameServers` that are returned by the `Fn::GetAtt` intrinsic function.", - "title": "Name", + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.NetworkConfiguration", + "markdownDescription": "The network type (IPv4-only, Dual-Stack, PrivateLink) of the ingress endpoint resource.", + "title": "NetworkConfiguration" + }, + "RuleSetId": { + "markdownDescription": "The identifier of an existing rule set that you attach to an ingress endpoint resource.", + "title": "RuleSetId", "type": "string" }, - "QueryLoggingConfig": { - "$ref": "#/definitions/AWS::Route53::HostedZone.QueryLoggingConfig", - "markdownDescription": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n\nDNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n\n- Route 53 edge location that responded to the DNS query\n- Domain or subdomain that was requested\n- DNS record type, such as A or AAAA\n- DNS response code, such as `NoError` or `ServFail`\n\n- **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.\n\n> If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. \n\n- Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:\n\n- You must create the log group in the us-east-1 region.\n- You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for.\n- When you create log groups for query logging, we recommend that you use a consistent prefix, for example:\n\n`/aws/route53/ *hosted zone name*`\n\nIn the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging.\n- Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of `Resource` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with `*` , for example:\n\n`arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`\n\nTo avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:\n\n- For `aws:SourceArn` , supply the hosted zone ARN used in creating the query logging configuration. For example, `aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID` .\n- For `aws:SourceAccount` , supply the account ID for the account that creates the query logging configuration. For example, `aws:SourceAccount:111111111111` .\n\nFor more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .\n\n> You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI .\n- **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:\n\n- Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location.\n- Begins to send query logs to the applicable log stream.\n\nThe name of each log stream is in the following format:\n\n`*hosted zone ID* / *edge location code*`\n\nThe edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page.\n- **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* .\n- **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* .\n- **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) .\n- **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .", - "title": "QueryLoggingConfig" + "StatusToUpdate": { + "markdownDescription": "The update status of an ingress endpoint.", + "title": "StatusToUpdate", + "type": "string" }, - "VPCs": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::Route53::HostedZone.VPC" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCs", + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", "type": "array" + }, + "TrafficPolicyId": { + "markdownDescription": "The identifier of an existing traffic policy that you attach to an ingress endpoint resource.", + "title": "TrafficPolicyId", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the ingress endpoint to create.", + "title": "Type", + "type": "string" } }, + "required": [ + "RuleSetId", + "TrafficPolicyId", + "Type" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::HostedZone" + "AWS::SES::MailManagerIngressPoint" ], "type": "string" }, @@ -231879,76 +283829,72 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53::HostedZone.HostedZoneConfig": { + "AWS::SES::MailManagerIngressPoint.IngressPointConfiguration": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "Any comments that you want to include about the hosted zone.", - "title": "Comment", + "SecretArn": { + "markdownDescription": "The SecretsManager::Secret ARN of the ingress endpoint resource.", + "title": "SecretArn", + "type": "string" + }, + "SmtpPassword": { + "markdownDescription": "The password of the ingress endpoint resource.", + "title": "SmtpPassword", "type": "string" } }, "type": "object" }, - "AWS::Route53::HostedZone.HostedZoneTag": { + "AWS::SES::MailManagerIngressPoint.NetworkConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", - "title": "Key", - "type": "string" + "PrivateNetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.PrivateNetworkConfiguration", + "markdownDescription": "Specifies the network configuration for the private ingress point.", + "title": "PrivateNetworkConfiguration" }, - "Value": { - "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", - "title": "Value", - "type": "string" + "PublicNetworkConfiguration": { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint.PublicNetworkConfiguration", + "markdownDescription": "Specifies the network configuration for the public ingress point.", + "title": "PublicNetworkConfiguration" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::Route53::HostedZone.QueryLoggingConfig": { + "AWS::SES::MailManagerIngressPoint.PrivateNetworkConfiguration": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroupArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to.", - "title": "CloudWatchLogsLogGroupArn", + "VpcEndpointId": { + "markdownDescription": "The identifier of the VPC endpoint to associate with this private ingress point.", + "title": "VpcEndpointId", "type": "string" } }, "required": [ - "CloudWatchLogsLogGroupArn" + "VpcEndpointId" ], "type": "object" }, - "AWS::Route53::HostedZone.VPC": { + "AWS::SES::MailManagerIngressPoint.PublicNetworkConfiguration": { "additionalProperties": false, "properties": { - "VPCId": { - "markdownDescription": "*Private hosted zones only:* The ID of an Amazon VPC.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCId", - "type": "string" - }, - "VPCRegion": { - "markdownDescription": "*Private hosted zones only:* The region that an Amazon VPC was created in.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", - "title": "VPCRegion", - "type": "string" + "IpType": { + "markdownDescription": "The IP address type for the public ingress point. Valid values are IPV4 and DUAL_STACK.", + "title": "IpType", + "type": "object" } }, "required": [ - "VPCId", - "VPCRegion" + "IpType" ], "type": "object" }, - "AWS::Route53::KeySigningKey": { + "AWS::SES::MailManagerRelay": { "additionalProperties": false, "properties": { "Condition": { @@ -231983,38 +283929,45 @@ "Properties": { "additionalProperties": false, "properties": { - "HostedZoneId": { - "markdownDescription": "The unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", - "title": "HostedZoneId", - "type": "string" + "Authentication": { + "$ref": "#/definitions/AWS::SES::MailManagerRelay.RelayAuthentication", + "markdownDescription": "Authentication for the relay destination server\u2014specify the secretARN where the SMTP credentials are stored.", + "title": "Authentication" }, - "KeyManagementServiceArn": { - "markdownDescription": "The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The `KeyManagementServiceArn` must be unique for each key-signing key (KSK) in a single hosted zone. For example: `arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111` .", - "title": "KeyManagementServiceArn", + "RelayName": { + "markdownDescription": "The unique relay name.", + "title": "RelayName", "type": "string" }, - "Name": { - "markdownDescription": "A string used to identify a key-signing key (KSK). `Name` can include numbers, letters, and underscores (_). `Name` must be unique for each key-signing key in the same hosted zone.", - "title": "Name", + "ServerName": { + "markdownDescription": "The destination relay server address.", + "title": "ServerName", "type": "string" }, - "Status": { - "markdownDescription": "A string that represents the current key-signing key (KSK) status.\n\nStatus can have one of the following values:\n\n- **ACTIVE** - The KSK is being used for signing.\n- **INACTIVE** - The KSK is not being used for signing.\n- **DELETING** - The KSK is in the process of being deleted.\n- **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed.\n- **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.", - "title": "Status", - "type": "string" + "ServerPort": { + "markdownDescription": "The destination relay server port.", + "title": "ServerPort", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" } }, "required": [ - "HostedZoneId", - "KeyManagementServiceArn", - "Name", - "Status" + "Authentication", + "ServerName", + "ServerPort" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::KeySigningKey" + "AWS::SES::MailManagerRelay" ], "type": "string" }, @@ -232033,7 +283986,23 @@ ], "type": "object" }, - "AWS::Route53::RecordSet": { + "AWS::SES::MailManagerRelay.RelayAuthentication": { + "additionalProperties": false, + "properties": { + "NoAuthentication": { + "markdownDescription": "Keep an empty structure if the relay destination server does not require SMTP credential authentication.", + "title": "NoAuthentication", + "type": "object" + }, + "SecretArn": { + "markdownDescription": "The ARN of the secret created in secrets manager where the relay server's SMTP credentials are stored.", + "title": "SecretArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet": { "additionalProperties": false, "properties": { "Condition": { @@ -232068,104 +284037,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AliasTarget": { - "$ref": "#/definitions/AWS::Route53::RecordSet.AliasTarget", - "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", - "title": "AliasTarget" - }, - "CidrRoutingConfig": { - "$ref": "#/definitions/AWS::Route53::RecordSet.CidrRoutingConfig", - "markdownDescription": "The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.\n\nA `LocationName` with an asterisk \u201c*\u201d can be used to create a default CIDR record. `CollectionId` is still required for default record.", - "title": "CidrRoutingConfig" - }, - "Comment": { - "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", - "title": "Comment", - "type": "string" - }, - "Failover": { - "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", - "title": "Failover", - "type": "string" - }, - "GeoLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSet.GeoLocation", - "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", - "title": "GeoLocation" - }, - "GeoProximityLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSet.GeoProximityLocation", - "markdownDescription": "*GeoproximityLocation resource record sets only:* A complex type that lets you control how Route\u00a053 responds to DNS queries based on the geographic origin of the query and your resources.", - "title": "GeoProximityLocation" - }, - "HealthCheckId": { - "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", - "title": "HealthCheckId", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneId", - "type": "string" - }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an AWS::Route53::RecordSet that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", - "type": "string" - }, - "MultiValueAnswer": { - "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", - "title": "MultiValueAnswer", - "type": "boolean" - }, - "Name": { - "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", - "title": "Name", - "type": "string" - }, - "Region": { - "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", - "title": "Region", + "RuleSetName": { + "markdownDescription": "A user-friendly name for the rule set.", + "title": "RuleSetName", "type": "string" }, - "ResourceRecords": { + "Rules": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Rule" }, - "markdownDescription": "One or more values that correspond with the value that you specified for the `Type` property. For example, if you specified `A` for `Type` , you specify one or more IP addresses in IPv4 format for `ResourceRecords` . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nNote the following:\n\n- You can specify more than one value for all record types except CNAME and SOA.\n- The maximum length of a value is 4000 characters.\n- If you're creating an alias record, omit `ResourceRecords` .", - "title": "ResourceRecords", + "markdownDescription": "Conditional rules that are evaluated for determining actions on email.", + "title": "Rules", "type": "array" }, - "SetIdentifier": { - "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", - "title": "SetIdentifier", - "type": "string" - }, - "TTL": { - "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", - "title": "TTL", - "type": "string" - }, - "Type": { - "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "Type", - "type": "string" - }, - "Weight": { - "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Weight", - "type": "number" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name", - "Type" + "Rules" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::RecordSet" + "AWS::SES::MailManagerRuleSet" ], "type": "string" }, @@ -232184,480 +284085,644 @@ ], "type": "object" }, - "AWS::Route53::RecordSet.AliasTarget": { + "AWS::SES::MailManagerRuleSet.AddHeaderAction": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "DNSName", + "HeaderName": { + "markdownDescription": "The name of the header to add to an email. The header must be prefixed with \"X-\". Headers are added regardless of whether the header name pre-existed in the email.", + "title": "HeaderName", "type": "string" }, - "EvaluateTargetHealth": { - "markdownDescription": "*Applies only to alias, failover alias, geolocation alias, latency alias, and weighted alias resource record sets:* When `EvaluateTargetHealth` is `true` , an alias resource record set inherits the health of the referenced AWS resource, such as an ELB load balancer or another resource record set in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", - "title": "EvaluateTargetHealth", - "type": "boolean" - }, - "HostedZoneId": { - "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing Endpoints and Quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", - "title": "HostedZoneId", + "HeaderValue": { + "markdownDescription": "The value of the header to add to the email.", + "title": "HeaderValue", "type": "string" } }, "required": [ - "DNSName", - "HostedZoneId" + "HeaderName", + "HeaderValue" ], "type": "object" }, - "AWS::Route53::RecordSet.CidrRoutingConfig": { + "AWS::SES::MailManagerRuleSet.Analysis": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "The CIDR collection ID.", - "title": "CollectionId", + "Analyzer": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Add On.", + "title": "Analyzer", "type": "string" }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", + "ResultField": { + "markdownDescription": "The returned value from an Add On.", + "title": "ResultField", "type": "string" } }, "required": [ - "CollectionId", - "LocationName" + "Analyzer", + "ResultField" ], "type": "object" }, - "AWS::Route53::RecordSet.Coordinates": { + "AWS::SES::MailManagerRuleSet.ArchiveAction": { "additionalProperties": false, "properties": { - "Latitude": { - "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", - "title": "Latitude", + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified archive has been deleted.", + "title": "ActionFailurePolicy", "type": "string" }, - "Longitude": { - "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", - "title": "Longitude", + "TargetArchive": { + "markdownDescription": "The identifier of the archive to send the email to.", + "title": "TargetArchive", "type": "string" } }, "required": [ - "Latitude", - "Longitude" + "TargetArchive" ], "type": "object" }, - "AWS::Route53::RecordSet.GeoLocation": { + "AWS::SES::MailManagerRuleSet.DeliverToMailboxAction": { "additionalProperties": false, "properties": { - "ContinentCode": { - "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", - "title": "ContinentCode", + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the mailbox ARN is no longer valid.", + "title": "ActionFailurePolicy", "type": "string" }, - "CountryCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", - "title": "CountryCode", + "MailboxArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of a WorkMail organization to deliver the email to.", + "title": "MailboxArn", "type": "string" }, - "SubdivisionCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", - "title": "SubdivisionCode", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role to use to execute this action. The role must have access to the workmail:DeliverToMailbox API.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "MailboxArn", + "RoleArn" + ], "type": "object" }, - "AWS::Route53::RecordSet.GeoProximityLocation": { + "AWS::SES::MailManagerRuleSet.DeliverToQBusinessAction": { "additionalProperties": false, "properties": { - "AWSRegion": { - "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", - "title": "AWSRegion", + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified application has been deleted or the role lacks necessary permissions to call the `qbusiness:BatchPutDocument` API.", + "title": "ActionFailurePolicy", "type": "string" }, - "Bias": { - "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", - "title": "Bias", - "type": "number" + "ApplicationId": { + "markdownDescription": "The unique identifier of the Amazon Q Business application instance where the email content will be delivered.", + "title": "ApplicationId", + "type": "string" }, - "Coordinates": { - "$ref": "#/definitions/AWS::Route53::RecordSet.Coordinates", - "markdownDescription": "Contains the longitude and latitude for a geographic region.", - "title": "Coordinates" + "IndexId": { + "markdownDescription": "The identifier of the knowledge base index within the Amazon Q Business application where the email content will be stored and indexed.", + "title": "IndexId", + "type": "string" }, - "LocalZoneGroup": { - "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", - "title": "LocalZoneGroup", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while delivering to Amazon Q Business. This role must have access to the `qbusiness:BatchPutDocument` API for the given application and index.", + "title": "RoleArn", "type": "string" } }, + "required": [ + "ApplicationId", + "IndexId", + "RoleArn" + ], "type": "object" }, - "AWS::Route53::RecordSetGroup": { + "AWS::SES::MailManagerRuleSet.RelayAction": { "additionalProperties": false, "properties": { - "Condition": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified relay has been deleted.", + "title": "ActionFailurePolicy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MailFrom": { + "markdownDescription": "This action specifies whether to preserve or replace original mail from address while relaying received emails to a destination server.", + "title": "MailFrom", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Relay": { + "markdownDescription": "The identifier of the relay resource to be used when relaying an email.", + "title": "Relay", + "type": "string" + } + }, + "required": [ + "Relay" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.ReplaceRecipientAction": { + "additionalProperties": false, + "properties": { + "ReplaceWith": { + "items": { + "type": "string" + }, + "markdownDescription": "This action specifies the replacement recipient email addresses to insert.", + "title": "ReplaceWith", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.Rule": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleAction" + }, + "markdownDescription": "The list of actions to execute when the conditions match the incoming email, and none of the \"unless conditions\" match.", + "title": "Actions", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Comment": { - "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", - "title": "Comment", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneId", - "type": "string" - }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", - "type": "string" - }, - "RecordSets": { - "items": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" - }, - "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", - "title": "RecordSets", - "type": "array" - } + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleCondition" }, - "type": "object" + "markdownDescription": "The conditions of this rule. All conditions must match the email for the actions to be executed. An empty list of conditions means that all emails match, but are still subject to any \"unless conditions\"", + "title": "Conditions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Route53::RecordSetGroup" - ], + "Name": { + "markdownDescription": "The user-friendly name of the rule.", + "title": "Name", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Unless": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleCondition" + }, + "markdownDescription": "The \"unless conditions\" of this rule. None of the conditions can match the email for the actions to be executed. If any of these conditions do match the email, then the actions are not executed.", + "title": "Unless", + "type": "array" } }, "required": [ - "Type" + "Actions" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.AliasTarget": { + "AWS::SES::MailManagerRuleSet.RuleAction": { "additionalProperties": false, "properties": { - "DNSName": { - "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "DNSName", - "type": "string" + "AddHeader": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.AddHeaderAction", + "markdownDescription": "This action adds a header. This can be used to add arbitrary email headers.", + "title": "AddHeader" }, - "EvaluateTargetHealth": { - "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", - "title": "EvaluateTargetHealth", - "type": "boolean" + "Archive": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.ArchiveAction", + "markdownDescription": "This action archives the email. This can be used to deliver an email to an archive.", + "title": "Archive" }, - "HostedZoneId": { - "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", - "title": "HostedZoneId", + "DeliverToMailbox": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.DeliverToMailboxAction", + "markdownDescription": "This action delivers an email to a WorkMail mailbox.", + "title": "DeliverToMailbox" + }, + "DeliverToQBusiness": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.DeliverToQBusinessAction", + "markdownDescription": "This action delivers an email to an Amazon Q Business application for ingestion into its knowledge base.", + "title": "DeliverToQBusiness" + }, + "Drop": { + "markdownDescription": "This action terminates the evaluation of rules in the rule set.", + "title": "Drop", + "type": "object" + }, + "PublishToSns": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.SnsAction", + "markdownDescription": "This action publishes the email content to an Amazon SNS topic.", + "title": "PublishToSns" + }, + "Relay": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RelayAction", + "markdownDescription": "This action relays the email to another SMTP server.", + "title": "Relay" + }, + "ReplaceRecipient": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.ReplaceRecipientAction", + "markdownDescription": "The action replaces certain or all recipients with a different set of recipients.", + "title": "ReplaceRecipient" + }, + "Send": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.SendAction", + "markdownDescription": "This action sends the email to the internet.", + "title": "Send" + }, + "WriteToS3": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.S3Action", + "markdownDescription": "This action writes the MIME content of the email to an S3 bucket.", + "title": "WriteToS3" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleBooleanExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleBooleanToEvaluate", + "markdownDescription": "The operand on which to perform a boolean condition operation.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a boolean condition expression.", + "title": "Operator", "type": "string" } }, "required": [ - "DNSName", - "HostedZoneId" + "Evaluate", + "Operator" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { + "AWS::SES::MailManagerRuleSet.RuleBooleanToEvaluate": { "additionalProperties": false, "properties": { - "CollectionId": { - "markdownDescription": "The CIDR collection ID.", - "title": "CollectionId", + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a boolean condition expression.", + "title": "Analysis" + }, + "Attribute": { + "markdownDescription": "The boolean type representing the allowed attribute types for an email.", + "title": "Attribute", "type": "string" }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", + "IsInAddressList": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIsInAddressList", + "markdownDescription": "The structure representing the address lists and address list attribute that will be used in evaluation of boolean expression.", + "title": "IsInAddressList" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleCondition": { + "additionalProperties": false, + "properties": { + "BooleanExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleBooleanExpression", + "markdownDescription": "The condition applies to a boolean expression passed in this field.", + "title": "BooleanExpression" + }, + "DmarcExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleDmarcExpression", + "markdownDescription": "The condition applies to a DMARC policy expression passed in this field.", + "title": "DmarcExpression" + }, + "IpExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIpExpression", + "markdownDescription": "The condition applies to an IP address expression passed in this field.", + "title": "IpExpression" + }, + "NumberExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleNumberExpression", + "markdownDescription": "The condition applies to a number expression passed in this field.", + "title": "NumberExpression" + }, + "StringExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleStringExpression", + "markdownDescription": "The condition applies to a string expression passed in this field.", + "title": "StringExpression" + }, + "VerdictExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleVerdictExpression", + "markdownDescription": "The condition applies to a verdict expression passed in this field.", + "title": "VerdictExpression" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleDmarcExpression": { + "additionalProperties": false, + "properties": { + "Operator": { + "markdownDescription": "The operator to apply to the DMARC policy of the incoming email.", + "title": "Operator", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The values to use for the given DMARC policy operator. For the operator EQUALS, if multiple values are given, they are evaluated as an OR. That is, if any of the given values match, the condition is deemed to match. For the operator NOT_EQUALS, if multiple values are given, they are evaluated as an AND. That is, only if the email's DMARC policy is not equal to any of the given values, then the condition is deemed to match.", + "title": "Values", + "type": "array" } }, "required": [ - "CollectionId", - "LocationName" + "Operator", + "Values" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.Coordinates": { + "AWS::SES::MailManagerRuleSet.RuleIpExpression": { "additionalProperties": false, "properties": { - "Latitude": { - "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", - "title": "Latitude", - "type": "string" + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleIpToEvaluate", + "markdownDescription": "The IP address to evaluate in this condition.", + "title": "Evaluate" }, - "Longitude": { - "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", - "title": "Longitude", + "Operator": { + "markdownDescription": "The operator to evaluate the IP address.", + "title": "Operator", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The IP CIDR blocks in format \"x.y.z.w/n\" (eg 10.0.0.0/8) to match with the email's IP address. For the operator CIDR_MATCHES, if multiple values are given, they are evaluated as an OR. That is, if the IP address is contained within any of the given CIDR ranges, the condition is deemed to match. For NOT_CIDR_MATCHES, if multiple CIDR ranges are given, the condition is deemed to match if the IP address is not contained in any of the given CIDR ranges.", + "title": "Values", + "type": "array" } }, "required": [ - "Latitude", - "Longitude" + "Evaluate", + "Operator", + "Values" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.GeoLocation": { + "AWS::SES::MailManagerRuleSet.RuleIpToEvaluate": { "additionalProperties": false, "properties": { - "ContinentCode": { - "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", - "title": "ContinentCode", - "type": "string" - }, - "CountryCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", - "title": "CountryCode", + "Attribute": { + "markdownDescription": "The attribute of the email to evaluate.", + "title": "Attribute", "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleIsInAddressList": { + "additionalProperties": false, + "properties": { + "AddressLists": { + "items": { + "type": "string" + }, + "markdownDescription": "The address lists that will be used for evaluation.", + "title": "AddressLists", + "type": "array" }, - "SubdivisionCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", - "title": "SubdivisionCode", + "Attribute": { + "markdownDescription": "The email attribute that needs to be evaluated against the address list.", + "title": "Attribute", "type": "string" } }, + "required": [ + "AddressLists", + "Attribute" + ], "type": "object" }, - "AWS::Route53::RecordSetGroup.GeoProximityLocation": { + "AWS::SES::MailManagerRuleSet.RuleNumberExpression": { "additionalProperties": false, "properties": { - "AWSRegion": { - "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", - "title": "AWSRegion", + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleNumberToEvaluate", + "markdownDescription": "The number to evaluate in a numeric condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The operator for a numeric condition expression.", + "title": "Operator", "type": "string" }, - "Bias": { - "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", - "title": "Bias", + "Value": { + "markdownDescription": "The value to evaluate in a numeric condition expression.", + "title": "Value", "type": "number" - }, - "Coordinates": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", - "markdownDescription": "Contains the longitude and latitude for a geographic region.", - "title": "Coordinates" - }, - "LocalZoneGroup": { - "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", - "title": "LocalZoneGroup", - "type": "string" } }, + "required": [ + "Evaluate", + "Operator", + "Value" + ], "type": "object" }, - "AWS::Route53::RecordSetGroup.RecordSet": { + "AWS::SES::MailManagerRuleSet.RuleNumberToEvaluate": { "additionalProperties": false, "properties": { - "AliasTarget": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", - "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", - "title": "AliasTarget" - }, - "CidrRoutingConfig": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", - "markdownDescription": "", - "title": "CidrRoutingConfig" - }, - "Failover": { - "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", - "title": "Failover", + "Attribute": { + "markdownDescription": "An email attribute that is used as the number to evaluate.", + "title": "Attribute", "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleStringExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleStringToEvaluate", + "markdownDescription": "The string to evaluate in a string condition expression.", + "title": "Evaluate" }, - "GeoLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", - "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", - "title": "GeoLocation" - }, - "GeoProximityLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", - "markdownDescription": "A complex type that contains information about a geographic location.", - "title": "GeoProximityLocation" - }, - "HealthCheckId": { - "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", - "title": "HealthCheckId", + "Operator": { + "markdownDescription": "The matching operator for a string condition expression.", + "title": "Operator", "type": "string" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", - "title": "HostedZoneId", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The string(s) to be evaluated in a string condition expression. For all operators, except for NOT_EQUALS, if multiple values are given, the values are processed as an OR. That is, if any of the values match the email's string using the given operator, the condition is deemed to match. However, for NOT_EQUALS, the condition is only deemed to match if none of the given strings match the email's string.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleStringToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a string condition expression.", + "title": "Analysis" }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", + "Attribute": { + "markdownDescription": "The email attribute to evaluate in a string condition expression.", + "title": "Attribute", "type": "string" }, - "MultiValueAnswer": { - "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", - "title": "MultiValueAnswer", - "type": "boolean" - }, - "Name": { - "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", - "title": "Name", + "MimeHeaderAttribute": { + "markdownDescription": "The email MIME X-Header attribute to evaluate in a string condition expression.", + "title": "MimeHeaderAttribute", "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleVerdictExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.RuleVerdictToEvaluate", + "markdownDescription": "The verdict to evaluate in a verdict condition expression.", + "title": "Evaluate" }, - "Region": { - "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", - "title": "Region", + "Operator": { + "markdownDescription": "The matching operator for a verdict condition expression.", + "title": "Operator", "type": "string" }, - "ResourceRecords": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", - "title": "ResourceRecords", + "markdownDescription": "The values to match with the email's verdict using the given operator. For the EQUALS operator, if multiple values are given, the condition is deemed to match if any of the given verdicts match that of the email. For the NOT_EQUALS operator, if multiple values are given, the condition is deemed to match of none of the given verdicts match the verdict of the email.", + "title": "Values", "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.RuleVerdictToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet.Analysis", + "markdownDescription": "The Add On ARN and its returned value to evaluate in a verdict condition expression.", + "title": "Analysis" }, - "SetIdentifier": { - "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", - "title": "SetIdentifier", + "Attribute": { + "markdownDescription": "The email verdict attribute to evaluate in a string verdict expression.", + "title": "Attribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.S3Action": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified the bucket has been deleted.", + "title": "ActionFailurePolicy", "type": "string" }, - "TTL": { - "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", - "title": "TTL", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while writing to S3. This role must have access to the s3:PutObject, kms:Encrypt, and kms:GenerateDataKey APIs for the given bucket.", + "title": "RoleArn", "type": "string" }, - "Type": { - "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "Type", + "S3Bucket": { + "markdownDescription": "The bucket name of the S3 bucket to write to.", + "title": "S3Bucket", "type": "string" }, - "Weight": { - "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Weight", - "type": "number" + "S3Prefix": { + "markdownDescription": "The S3 prefix to use for the write to the s3 bucket.", + "title": "S3Prefix", + "type": "string" + }, + "S3SseKmsKeyId": { + "markdownDescription": "The KMS Key ID to use to encrypt the message in S3.", + "title": "S3SseKmsKeyId", + "type": "string" + } + }, + "required": [ + "RoleArn", + "S3Bucket" + ], + "type": "object" + }, + "AWS::SES::MailManagerRuleSet.SendAction": { + "additionalProperties": false, + "properties": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the caller does not have the permissions to call the sendRawEmail API.", + "title": "ActionFailurePolicy", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role to use for this action. This role must have access to the ses:SendRawEmail API.", + "title": "RoleArn", + "type": "string" } }, "required": [ - "Name", - "Type" + "RoleArn" ], "type": "object" }, - "AWS::Route53Profiles::Profile": { + "AWS::SES::MailManagerRuleSet.SnsAction": { "additionalProperties": false, "properties": { - "Condition": { + "ActionFailurePolicy": { + "markdownDescription": "A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, specified SNS topic has been deleted or the role lacks necessary permissions to call the `sns:Publish` API.", + "title": "ActionFailurePolicy", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Encoding": { + "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.", + "title": "Encoding", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the Profile.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the profile.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "PayloadType": { + "markdownDescription": "The expected payload type within the Amazon SNS notification. `CONTENT` attempts to publish the full email content with 20KB of headers content. `HEADERS` extracts up to 100KB of header content to include in the notification, email content will not be included to the notification. The default value is `CONTENT` .", + "title": "PayloadType", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Route53Profiles::Profile" - ], + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM Role to use while writing to Amazon SNS. This role must have access to the `sns:Publish` API for the given topic.", + "title": "RoleArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.", + "title": "TopicArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "RoleArn", + "TopicArn" ], "type": "object" }, - "AWS::Route53Profiles::ProfileAssociation": { + "AWS::SES::MailManagerTrafficPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -232692,45 +284757,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the profile association to a VPC.", - "title": "Arn", - "type": "string" - }, - "Name": { - "markdownDescription": "Name of the Profile association.", - "title": "Name", + "DefaultAction": { + "markdownDescription": "Default action instructs the tra\ufb03c policy to either Allow or Deny (block) messages that fall outside of (or not addressed by) the conditions of your policy statements", + "title": "DefaultAction", "type": "string" }, - "ProfileId": { - "markdownDescription": "ID of the Profile.\n\nUpdate to this property requires update to the `ResourceId` property as well, because you can only associate one Profile per VPC. For more information, see [Route 53 Profiles](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html) .", - "title": "ProfileId", - "type": "string" + "MaxMessageSizeBytes": { + "markdownDescription": "The maximum message size in bytes of email which is allowed in by this traffic policy\u2014anything larger will be blocked.", + "title": "MaxMessageSizeBytes", + "type": "number" }, - "ResourceId": { - "markdownDescription": "The ID of the VPC.", - "title": "ResourceId", - "type": "string" + "PolicyStatements": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.PolicyStatement" + }, + "markdownDescription": "Conditional statements for filtering email traffic.", + "title": "PolicyStatements", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "", + "markdownDescription": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" + }, + "TrafficPolicyName": { + "markdownDescription": "The name of the policy.\n\nThe policy name cannot exceed 64 characters and can only include alphanumeric characters, dashes, and underscores.", + "title": "TrafficPolicyName", + "type": "string" } }, "required": [ - "Name", - "ProfileId", - "ResourceId" + "DefaultAction", + "PolicyStatements" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Profiles::ProfileAssociation" + "AWS::SES::MailManagerTrafficPolicy" ], "type": "string" }, @@ -232749,339 +284816,311 @@ ], "type": "object" }, - "AWS::Route53Profiles::ProfileResourceAssociation": { + "AWS::SES::MailManagerTrafficPolicy.IngressAnalysis": { "additionalProperties": false, "properties": { - "Condition": { + "Analyzer": { + "markdownDescription": "The Amazon Resource Name (ARN) of an Add On.", + "title": "Analyzer", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ResultField": { + "markdownDescription": "The returned value from an Add On.", + "title": "ResultField", "type": "string" + } + }, + "required": [ + "Analyzer", + "ResultField" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressBooleanExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressBooleanToEvaluate", + "markdownDescription": "The operand on which to perform a boolean condition operation.", + "title": "Evaluate" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the Profile resource association.", - "title": "Name", - "type": "string" - }, - "ProfileId": { - "markdownDescription": "Profile ID of the Profile that the resources are associated with.", - "title": "ProfileId", - "type": "string" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource association.", - "title": "ResourceArn", - "type": "string" - }, - "ResourceProperties": { - "markdownDescription": "If the DNS resource is a DNS Firewall rule group, this indicates the priority.", - "title": "ResourceProperties", - "type": "string" - } - }, - "required": [ - "Name", - "ProfileId", - "ResourceArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53Profiles::ProfileResourceAssociation" - ], + "Operator": { + "markdownDescription": "The matching operator for a boolean condition expression.", + "title": "Operator", "type": "string" + } + }, + "required": [ + "Evaluate", + "Operator" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressBooleanToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressAnalysis", + "markdownDescription": "The structure type for a boolean condition stating the Add On ARN and its returned value.", + "title": "Analysis" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IsInAddressList": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIsInAddressList", + "markdownDescription": "", + "title": "IsInAddressList" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpToEvaluate": { + "additionalProperties": false, + "properties": { + "Attribute": { + "markdownDescription": "An enum type representing the allowed attribute types for an IP condition.", + "title": "Attribute", "type": "string" } }, "required": [ - "Type", - "Properties" + "Attribute" ], "type": "object" }, - "AWS::Route53RecoveryControl::Cluster": { + "AWS::SES::MailManagerTrafficPolicy.IngressIpv4Expression": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpToEvaluate", + "markdownDescription": "The left hand side argument of an IP condition expression.", + "title": "Evaluate" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Operator": { + "markdownDescription": "The matching operator for an IP condition expression.", + "title": "Operator", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon).", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the cluster.", - "title": "Tags", - "type": "array" - } + "Values": { + "items": { + "type": "string" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "The right hand side argument of an IP condition expression.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIpv6Expression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv6ToEvaluate", + "markdownDescription": "", + "title": "Evaluate" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::Cluster" - ], + "Operator": { + "markdownDescription": "", + "title": "Operator", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Values", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Evaluate", + "Operator", + "Values" ], "type": "object" }, - "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { + "AWS::SES::MailManagerTrafficPolicy.IngressIpv6ToEvaluate": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "A cluster endpoint URL for one of the five redundant clusters that you specify to set or retrieve a routing control state.", - "title": "Endpoint", + "Attribute": { + "markdownDescription": "", + "title": "Attribute", "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressIsInAddressList": { + "additionalProperties": false, + "properties": { + "AddressLists": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "AddressLists", + "type": "array" }, - "Region": { - "markdownDescription": "The AWS Region for a cluster endpoint.", - "title": "Region", + "Attribute": { + "markdownDescription": "", + "title": "Attribute", "type": "string" } }, + "required": [ + "AddressLists", + "Attribute" + ], "type": "object" }, - "AWS::Route53RecoveryControl::ControlPanel": { + "AWS::SES::MailManagerTrafficPolicy.IngressStringExpression": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressStringToEvaluate", + "markdownDescription": "The left hand side argument of a string condition expression.", + "title": "Evaluate" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Operator": { + "markdownDescription": "", + "title": "Operator", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster for the control panel.", - "title": "ClusterArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the control panel. You can use any non-white space character in the name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the control panel.", - "title": "Tags", - "type": "array" - } + "Values": { + "items": { + "type": "string" }, - "required": [ - "Name" - ], - "type": "object" + "markdownDescription": "The right hand side argument of a string condition expression.", + "title": "Values", + "type": "array" + } + }, + "required": [ + "Evaluate", + "Operator", + "Values" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressStringToEvaluate": { + "additionalProperties": false, + "properties": { + "Analysis": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressAnalysis", + "markdownDescription": "", + "title": "Analysis" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::ControlPanel" - ], + "Attribute": { + "markdownDescription": "The enum type representing the allowed attribute types for a string condition.", + "title": "Attribute", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolExpression": { + "additionalProperties": false, + "properties": { + "Evaluate": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolToEvaluate", + "markdownDescription": "The left hand side argument of a TLS condition expression.", + "title": "Evaluate" + }, + "Operator": { + "markdownDescription": "The matching operator for a TLS condition expression.", + "title": "Operator", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The right hand side argument of a TLS condition expression.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Evaluate", + "Operator", + "Value" ], "type": "object" }, - "AWS::Route53RecoveryControl::RoutingControl": { + "AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolToEvaluate": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Attribute": { + "markdownDescription": "The enum type representing the allowed attribute types for the TLS condition.", + "title": "Attribute", "type": "string" + } + }, + "required": [ + "Attribute" + ], + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.PolicyCondition": { + "additionalProperties": false, + "properties": { + "BooleanExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressBooleanExpression", + "markdownDescription": "This represents a boolean type condition matching on the incoming mail. It performs the boolean operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "BooleanExpression" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "IpExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv4Expression", + "markdownDescription": "This represents an IP based condition matching on the incoming mail. It performs the operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "IpExpression" }, - "Metadata": { - "type": "object" + "Ipv6Expression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressIpv6Expression", + "markdownDescription": "", + "title": "Ipv6Expression" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ClusterArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the cluster that hosts the routing control.", - "title": "ClusterArn", - "type": "string" - }, - "ControlPanelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control panel that includes the routing control.", - "title": "ControlPanelArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the routing control. You can use any non-white space character in the name.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" + "StringExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressStringExpression", + "markdownDescription": "This represents a string based condition matching on the incoming mail. It performs the string operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "StringExpression" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryControl::RoutingControl" - ], + "TlsExpression": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.IngressTlsProtocolExpression", + "markdownDescription": "This represents a TLS based condition matching on the incoming mail. It performs the operation configured in 'Operator' and evaluates the 'Protocol' object against the 'Value'.", + "title": "TlsExpression" + } + }, + "type": "object" + }, + "AWS::SES::MailManagerTrafficPolicy.PolicyStatement": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action that informs a traffic policy resource to either allow or block the email if it matches a condition in the policy statement.", + "title": "Action", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy.PolicyCondition" + }, + "markdownDescription": "The list of conditions to apply to incoming messages for filtering email traffic.", + "title": "Conditions", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Action", + "Conditions" ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule": { + "AWS::SES::ReceiptFilter": { "additionalProperties": false, "properties": { "Condition": { @@ -233116,50 +285155,20 @@ "Properties": { "additionalProperties": false, "properties": { - "AssertionRule": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.AssertionRule", - "markdownDescription": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.", - "title": "AssertionRule" - }, - "ControlPanelArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control panel.", - "title": "ControlPanelArn", - "type": "string" - }, - "GatingRule": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.GatingRule", - "markdownDescription": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.", - "title": "GatingRule" - }, - "Name": { - "markdownDescription": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon)", - "title": "Name", - "type": "string" - }, - "RuleConfig": { - "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.RuleConfig", - "markdownDescription": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them.", - "title": "RuleConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags associated with the safety rule.", - "title": "Tags", - "type": "array" + "Filter": { + "$ref": "#/definitions/AWS::SES::ReceiptFilter.Filter", + "markdownDescription": "A data structure that describes the IP address filter to create, which consists of a name, an IP address range, and whether to allow or block mail from it.", + "title": "Filter" } }, "required": [ - "ControlPanelArn", - "Name", - "RuleConfig" + "Filter" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53RecoveryControl::SafetyRule" + "AWS::SES::ReceiptFilter" ], "type": "string" }, @@ -233178,88 +285187,46 @@ ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.AssertionRule": { - "additionalProperties": false, - "properties": { - "AssertedControls": { - "items": { - "type": "string" - }, - "markdownDescription": "The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions.", - "title": "AssertedControls", - "type": "array" - }, - "WaitPeriodMs": { - "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", - "title": "WaitPeriodMs", - "type": "number" - } - }, - "required": [ - "AssertedControls", - "WaitPeriodMs" - ], - "type": "object" - }, - "AWS::Route53RecoveryControl::SafetyRule.GatingRule": { + "AWS::SES::ReceiptFilter.Filter": { "additionalProperties": false, "properties": { - "GatingControls": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of gating routing control Amazon Resource Names (ARNs). For a simple on-off switch, specify the ARN for one routing control. The gating routing controls are evaluated by the rule configuration that you specify to determine if the target routing control states can be changed.", - "title": "GatingControls", - "type": "array" - }, - "TargetControls": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of target routing control Amazon Resource Names (ARNs) for which the states can only be updated if the rule configuration that you specify evaluates to true for the gating routing control. As a simple example, if you have a single gating control, it acts as an overall on-off switch for a set of target routing controls. You can use this to manually override automated failover, for example.", - "title": "TargetControls", - "type": "array" + "IpFilter": { + "$ref": "#/definitions/AWS::SES::ReceiptFilter.IpFilter", + "markdownDescription": "A structure that provides the IP addresses to block or allow, and whether to block or allow incoming mail from them.", + "title": "IpFilter" }, - "WaitPeriodMs": { - "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", - "title": "WaitPeriodMs", - "type": "number" + "Name": { + "markdownDescription": "The name of the IP address filter. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", + "title": "Name", + "type": "string" } }, "required": [ - "GatingControls", - "TargetControls", - "WaitPeriodMs" + "IpFilter" ], "type": "object" }, - "AWS::Route53RecoveryControl::SafetyRule.RuleConfig": { + "AWS::SES::ReceiptFilter.IpFilter": { "additionalProperties": false, "properties": { - "Inverted": { - "markdownDescription": "Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa.", - "title": "Inverted", - "type": "boolean" - }, - "Threshold": { - "markdownDescription": "The value of N, when you specify an `ATLEAST` rule type. That is, `Threshold` is the number of controls that must be set when you specify an `ATLEAST` type.", - "title": "Threshold", - "type": "number" + "Cidr": { + "markdownDescription": "A single IP address or a range of IP addresses to block or allow, specified in Classless Inter-Domain Routing (CIDR) notation. An example of a single email address is 10.0.0.1. An example of a range of IP addresses is 10.0.0.1/24. For more information about CIDR notation, see [RFC 2317](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2317) .", + "title": "Cidr", + "type": "string" }, - "Type": { - "markdownDescription": "A rule can be one of the following: `ATLEAST` , `AND` , or `OR` .", - "title": "Type", + "Policy": { + "markdownDescription": "Indicates whether to block or allow incoming mail from the specified IP addresses.", + "title": "Policy", "type": "string" } }, "required": [ - "Inverted", - "Threshold", - "Type" + "Cidr", + "Policy" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::Cell": { + "AWS::SES::ReceiptRule": { "additionalProperties": false, "properties": { "Condition": { @@ -233294,33 +285261,31 @@ "Properties": { "additionalProperties": false, "properties": { - "CellName": { - "markdownDescription": "The name of the cell to create.", - "title": "CellName", + "After": { + "markdownDescription": "The name of an existing rule after which the new rule is placed. If this parameter is null, the new rule is inserted at the beginning of the rule list.", + "title": "After", "type": "string" }, - "Cells": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific AWS Regions .", - "title": "Cells", - "type": "array" + "Rule": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.Rule", + "markdownDescription": "A data structure that contains the specified rule's name, actions, recipients, domains, enabled status, scan status, and TLS policy.", + "title": "Rule" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" + "RuleSetName": { + "markdownDescription": "The name of the rule set where the receipt rule is added.", + "title": "RuleSetName", + "type": "string" } }, + "required": [ + "Rule", + "RuleSetName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53RecoveryReadiness::Cell" + "AWS::SES::ReceiptRule" ], "type": "string" }, @@ -233334,358 +285299,288 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ReadinessCheck": { + "AWS::SES::ReceiptRule.Action": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AddHeaderAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.AddHeaderAction", + "markdownDescription": "Adds a header to the received email.", + "title": "AddHeaderAction" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BounceAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.BounceAction", + "markdownDescription": "Rejects the received email by returning a bounce response to the sender and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).", + "title": "BounceAction" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ConnectAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.ConnectAction", + "markdownDescription": "", + "title": "ConnectAction" }, - "Metadata": { - "type": "object" + "LambdaAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.LambdaAction", + "markdownDescription": "Calls an AWS Lambda function, and optionally, publishes a notification to Amazon SNS.", + "title": "LambdaAction" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ReadinessCheckName": { - "markdownDescription": "The name of the readiness check to create.", - "title": "ReadinessCheckName", - "type": "string" - }, - "ResourceSetName": { - "markdownDescription": "The name of the resource set to check.", - "title": "ResourceSetName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "S3Action": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.S3Action", + "markdownDescription": "Saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon SNS.", + "title": "S3Action" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::ReadinessCheck" - ], + "SNSAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.SNSAction", + "markdownDescription": "Publishes the email content within a notification to Amazon SNS.", + "title": "SNSAction" + }, + "StopAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.StopAction", + "markdownDescription": "Terminates the evaluation of the receipt rule set and optionally publishes a notification to Amazon SNS.", + "title": "StopAction" + }, + "WorkmailAction": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.WorkmailAction", + "markdownDescription": "Calls Amazon WorkMail and, optionally, publishes a notification to Amazon SNS.", + "title": "WorkmailAction" + } + }, + "type": "object" + }, + "AWS::SES::ReceiptRule.AddHeaderAction": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "markdownDescription": "The name of the header to add to the incoming message. The name must contain at least one character, and can contain up to 50 characters. It consists of alphanumeric ( `a\u2013z, A\u2013Z, 0\u20139` ) characters and dashes.", + "title": "HeaderName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "HeaderValue": { + "markdownDescription": "The content to include in the header. This value can contain up to 2048 characters. It can't contain newline ( `\\n` ) or carriage return ( `\\r` ) characters.", + "title": "HeaderValue", "type": "string" } }, "required": [ - "Type" + "HeaderName", + "HeaderValue" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::RecoveryGroup": { + "AWS::SES::ReceiptRule.BounceAction": { "additionalProperties": false, "properties": { - "Condition": { + "Message": { + "markdownDescription": "Human-readable text to include in the bounce message.", + "title": "Message", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Sender": { + "markdownDescription": "The email address of the sender of the bounced email. This is the address from which the bounce message is sent.", + "title": "Sender", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Cells": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the cell Amazon Resource Names (ARNs) in the recovery group.", - "title": "Cells", - "type": "array" - }, - "RecoveryGroupName": { - "markdownDescription": "The name of the recovery group to create.", - "title": "RecoveryGroupName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A collection of tags associated with a resource.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "SmtpReplyCode": { + "markdownDescription": "The SMTP reply code, as defined by [RFC 5321](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5321) .", + "title": "SmtpReplyCode", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::RecoveryGroup" - ], + "StatusCode": { + "markdownDescription": "The SMTP enhanced status code, as defined by [RFC 3463](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3463) .", + "title": "StatusCode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the bounce action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", "type": "string" } }, "required": [ - "Type" + "Message", + "Sender", + "SmtpReplyCode" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet": { + "AWS::SES::ReceiptRule.ConnectAction": { "additionalProperties": false, "properties": { - "Condition": { + "IAMRoleARN": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used by Amazon Simple Email Service while starting email contacts to the Amazon Connect instance. This role should have permission to invoke `connect:StartEmailContact` for the given Amazon Connect instance.", + "title": "IAMRoleARN", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InstanceARN": { + "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Connect instance that Amazon SES integrates with for starting email contacts.\n\nFor more information about Amazon Connect instances, see the [Amazon Connect Administrator Guide](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-instances.html)", + "title": "InstanceARN", + "type": "string" + } + }, + "required": [ + "IAMRoleARN", + "InstanceARN" + ], + "type": "object" + }, + "AWS::SES::ReceiptRule.LambdaAction": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function. An example of an AWS Lambda function ARN is `arn:aws:lambda:us-west-2:account-id:function:MyFunction` . For more information about AWS Lambda, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html) .", + "title": "FunctionArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceSetName": { - "markdownDescription": "The name of the resource set to create.", - "title": "ResourceSetName", - "type": "string" - }, - "ResourceSetType": { - "markdownDescription": "The resource type of the resources in the resource set. Enter one of the following values for resource type:\n\nAWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource.\n\nNote that AWS::Route53RecoveryReadiness::DNSTargetResource is only used for this setting. It isn't an actual AWS CloudFormation resource type.", - "title": "ResourceSetType", - "type": "string" - }, - "Resources": { - "items": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.Resource" - }, - "markdownDescription": "A list of resource objects in the resource set.", - "title": "Resources", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A tag to associate with the parameters for a resource set.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ResourceSetType", - "Resources" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Route53RecoveryReadiness::ResourceSet" - ], + "InvocationType": { + "markdownDescription": "The invocation type of the AWS Lambda function. An invocation type of `RequestResponse` means that the execution of the function immediately results in a response, and a value of `Event` means that the function is invoked asynchronously. The default value is `Event` . For information about AWS Lambda invocation types, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html) .\n\n> There is a 30-second timeout on `RequestResponse` invocations. You should use `Event` invocation in most cases. Use `RequestResponse` only to make a mail flow decision, such as whether to stop the receipt rule or the receipt rule set.", + "title": "InvocationType", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the Lambda action is executed. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", "type": "string" } }, "required": [ - "Type", - "Properties" + "FunctionArn" ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { + "AWS::SES::ReceiptRule.Rule": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name that acts as an ingress point to a portion of the customer application.", - "title": "DomainName", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SES::ReceiptRule.Action" + }, + "markdownDescription": "An ordered list of actions to perform on messages that match at least one of the recipient email addresses or domains specified in the receipt rule.", + "title": "Actions", + "type": "array" }, - "HostedZoneArn": { - "markdownDescription": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.", - "title": "HostedZoneArn", - "type": "string" + "Enabled": { + "markdownDescription": "If `true` , the receipt rule is active. The default value is `false` .", + "title": "Enabled", + "type": "boolean" }, - "RecordSetId": { - "markdownDescription": "The Amazon Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.", - "title": "RecordSetId", + "Name": { + "markdownDescription": "The name of the receipt rule. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), dashes (-), or periods (.).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", + "title": "Name", "type": "string" }, - "RecordType": { - "markdownDescription": "The type of DNS record of the target resource.", - "title": "RecordType", - "type": "string" + "Recipients": { + "items": { + "type": "string" + }, + "markdownDescription": "The recipient domains and email addresses that the receipt rule applies to. If this field is not specified, this rule matches all recipients on all verified domains.", + "title": "Recipients", + "type": "array" }, - "TargetResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.TargetResource", - "markdownDescription": "The target resource that the Route 53 record points to.", - "title": "TargetResource" + "ScanEnabled": { + "markdownDescription": "If `true` , then messages that this receipt rule applies to are scanned for spam and viruses. The default value is `false` .", + "title": "ScanEnabled", + "type": "boolean" + }, + "TlsPolicy": { + "markdownDescription": "Specifies whether Amazon SES should require that incoming email is delivered over a connection encrypted with Transport Layer Security (TLS). If this parameter is set to `Require` , Amazon SES bounces emails that are not received over TLS. The default is `Optional` .\n\nValid Values: `Require | Optional`", + "title": "TlsPolicy", + "type": "string" } }, "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.NLBResource": { + "AWS::SES::ReceiptRule.S3Action": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Network Load Balancer resource Amazon Resource Name (ARN).", - "title": "Arn", + "BucketName": { + "markdownDescription": "The name of the Amazon S3 bucket for incoming email.", + "title": "BucketName", + "type": "string" + }, + "IamRoleArn": { + "markdownDescription": "The ARN of the IAM role to be used by Amazon Simple Email Service while writing to the Amazon S3 bucket, optionally encrypting your mail via the provided customer managed key, and publishing to the Amazon SNS topic. This role should have access to the following APIs:\n\n- `s3:PutObject` , `kms:Encrypt` and `kms:GenerateDataKey` for the given Amazon S3 bucket.\n- `kms:GenerateDataKey` for the given AWS KMS customer managed key.\n- `sns:Publish` for the given Amazon SNS topic.\n\n> If an IAM role ARN is provided, the role (and only the role) is used to access all the given resources (Amazon S3 bucket, AWS KMS customer managed key and Amazon SNS topic). Therefore, setting up individual resource access permissions is not required.", + "title": "IamRoleArn", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the AWS managed key or a customer managed key that you created in AWS KMS as follows:\n\n- To use the AWS managed key, provide an ARN in the form of `arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses` . For example, if your AWS account ID is 123456789012 and you want to use the AWS managed key in the US West (Oregon) Region, the ARN of the AWS managed key would be `arn:aws:kms:us-west-2:123456789012:alias/aws/ses` . If you use the AWS managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.\n- To use a customer managed key that you created in AWS KMS, provide the ARN of the customer managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-permissions.html) .\n\nFor more information about key policies, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) . If you do not specify an AWS KMS key, Amazon SES does not encrypt your emails.\n\n> Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your AWS KMS keys for decryption. This encryption client is currently available with the [AWS SDK for Java](https://docs.aws.amazon.com/sdk-for-java/) and [AWS SDK for Ruby](https://docs.aws.amazon.com/sdk-for-ruby/) only. For more information about client-side encryption using AWS KMS managed keys, see the [Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html) .", + "title": "KmsKeyArn", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to store similar data under the same directory in a bucket.", + "title": "ObjectKeyPrefix", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", "type": "string" } }, + "required": [ + "BucketName" + ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord": { + "AWS::SES::ReceiptRule.SNSAction": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The DNS target domain name.", - "title": "DomainName", + "Encoding": { + "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.", + "title": "Encoding", "type": "string" }, - "RecordSetId": { - "markdownDescription": "The Amazon Route 53 Resource Record Set ID.", - "title": "RecordSetId", + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.", + "title": "TopicArn", "type": "string" } }, "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.Resource": { + "AWS::SES::ReceiptRule.StopAction": { "additionalProperties": false, "properties": { - "ComponentId": { - "markdownDescription": "The component identifier of the resource, generated when DNS target resource is used.", - "title": "ComponentId", + "Scope": { + "markdownDescription": "The scope of the StopAction. The only acceptable value is `RuleSet` .", + "title": "Scope", "type": "string" }, - "DnsTargetResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource", - "markdownDescription": "A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting.", - "title": "DnsTargetResource" - }, - "ReadinessScopes": { - "items": { - "type": "string" - }, - "markdownDescription": "The recovery group Amazon Resource Name (ARN) or the cell ARN that the readiness checks for this resource set are scoped to.", - "title": "ReadinessScopes", - "type": "array" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS resource. This is a required setting for all `ResourceSet` `ResourceSetType` settings except `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set this when `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` .", - "title": "ResourceArn", + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the stop action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", "type": "string" } }, + "required": [ + "Scope" + ], "type": "object" }, - "AWS::Route53RecoveryReadiness::ResourceSet.TargetResource": { + "AWS::SES::ReceiptRule.WorkmailAction": { "additionalProperties": false, "properties": { - "NLBResource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.NLBResource", - "markdownDescription": "The Network Load Balancer resource that a DNS target resource points to.", - "title": "NLBResource" + "OrganizationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon WorkMail organization. Amazon WorkMail ARNs use the following format:\n\n`arn:aws:workmail:::organization/`\n\nYou can find the ID of your organization by using the [ListOrganizations](https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListOrganizations.html) operation in Amazon WorkMail. Amazon WorkMail organization IDs begin with \" `m-` \", followed by a string of alphanumeric characters.\n\nFor information about Amazon WorkMail organizations, see the [Amazon WorkMail Administrator Guide](https://docs.aws.amazon.com/workmail/latest/adminguide/organizations_overview.html) .", + "title": "OrganizationArn", + "type": "string" }, - "R53Resource": { - "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord", - "markdownDescription": "The Route 53 resource that a DNS target resource record points to.", - "title": "R53Resource" + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the WorkMail action is called. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", + "title": "TopicArn", + "type": "string" } }, + "required": [ + "OrganizationArn" + ], "type": "object" }, - "AWS::Route53Resolver::FirewallDomainList": { + "AWS::SES::ReceiptRuleSet": { "additionalProperties": false, "properties": { "Condition": { @@ -233720,38 +285615,17 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainFileUrl": { - "markdownDescription": "The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import.\n\nThe file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line.", - "title": "DomainFileUrl", - "type": "string" - }, - "Domains": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the domain lists that you have defined.", - "title": "Domains", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the domain list.", - "title": "Name", + "RuleSetName": { + "markdownDescription": "The name of the receipt rule set to make active. Setting this value to null disables all email receiving.", + "title": "RuleSetName", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the domain list.", - "title": "Tags", - "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::FirewallDomainList" + "AWS::SES::ReceiptRuleSet" ], "type": "string" }, @@ -233769,7 +285643,7 @@ ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroup": { + "AWS::SES::Template": { "additionalProperties": false, "properties": { "Condition": { @@ -233804,33 +285678,17 @@ "Properties": { "additionalProperties": false, "properties": { - "FirewallRules": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroup.FirewallRule" - }, - "markdownDescription": "A list of the rules that you have defined.", - "title": "FirewallRules", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the rule group.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", - "title": "Tags", - "type": "array" + "Template": { + "$ref": "#/definitions/AWS::SES::Template.Template", + "markdownDescription": "The content of the email, composed of a subject line and either an HTML part or a text-only part.", + "title": "Template" } }, "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::FirewallRuleGroup" + "AWS::SES::Template" ], "type": "string" }, @@ -233848,58 +285706,36 @@ ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { + "AWS::SES::Template.Template": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advvanced rule:\n\n- `ALLOW` - Permit the request to go through. Not available for DNS Firewall Advanced rules.\n- `ALERT` - Permit the request to go through but send an alert to the logs.\n- `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified.\n\nif `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified:\n\n- `BlockOverrideDnsType`\n- `BlockOverrideDomain`\n- `BlockOverrideTtl`", - "title": "Action", - "type": "string" - }, - "BlockOverrideDnsType": { - "markdownDescription": "The DNS record's type. This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideDnsType", - "type": "string" - }, - "BlockOverrideDomain": { - "markdownDescription": "The custom DNS record to send back in response to the query. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideDomain", + "HtmlPart": { + "markdownDescription": "The HTML body of the email.", + "title": "HtmlPart", "type": "string" }, - "BlockOverrideTtl": { - "markdownDescription": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", - "title": "BlockOverrideTtl", - "type": "number" - }, - "BlockResponse": { - "markdownDescription": "The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` .\n\n- `NODATA` - Respond indicating that the query was successful, but no response is available for it.\n- `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist.\n- `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings.", - "title": "BlockResponse", + "SubjectPart": { + "markdownDescription": "The subject line of the email.", + "title": "SubjectPart", "type": "string" }, - "FirewallDomainListId": { - "markdownDescription": "The ID of the domain list that's used in the rule.", - "title": "FirewallDomainListId", + "TemplateName": { + "markdownDescription": "The name of the template. You will refer to this name when you send email using the `SendEmail` or `SendBulkEmail` operations.", + "title": "TemplateName", "type": "string" }, - "Priority": { - "markdownDescription": "The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.", - "title": "Priority", - "type": "number" - }, - "Qtype": { - "markdownDescription": "The DNS query type you want the rule to evaluate. Allowed values are;\n\n- A: Returns an IPv4 address.\n- AAAA: Returns an Ipv6 address.\n- CAA: Restricts CAs that can create SSL/TLS certifications for the domain.\n- CNAME: Returns another domain name.\n- DS: Record that identifies the DNSSEC signing key of a delegated zone.\n- MX: Specifies mail servers.\n- NAPTR: Regular-expression-based rewriting of domain names.\n- NS: Authoritative name servers.\n- PTR: Maps an IP address to a domain name.\n- SOA: Start of authority record for the zone.\n- SPF: Lists the servers authorized to send emails from a domain.\n- SRV: Application specific values that identify servers.\n- TXT: Verifies email senders and application-specific values.\n- A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPE NUMBER , where the NUMBER can be 1-65334, for example, TYPE28. For more information, see [List of DNS record types](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_DNS_record_types) .", - "title": "Qtype", + "TextPart": { + "markdownDescription": "The email body that is visible to recipients whose email clients do not display HTML content.", + "title": "TextPart", "type": "string" } }, "required": [ - "Action", - "FirewallDomainListId", - "Priority" + "SubjectPart" ], "type": "object" }, - "AWS::Route53Resolver::FirewallRuleGroupAssociation": { + "AWS::SES::VdmAttributes": { "additionalProperties": false, "properties": { "Condition": { @@ -233934,50 +285770,22 @@ "Properties": { "additionalProperties": false, "properties": { - "FirewallRuleGroupId": { - "markdownDescription": "The unique identifier of the firewall rule group.", - "title": "FirewallRuleGroupId", - "type": "string" - }, - "MutationProtection": { - "markdownDescription": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.", - "title": "MutationProtection", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the association.", - "title": "Name", - "type": "string" - }, - "Priority": { - "markdownDescription": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.\n\nYou must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.\n\nThe allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900).", - "title": "Priority", - "type": "number" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", - "title": "Tags", - "type": "array" + "DashboardAttributes": { + "$ref": "#/definitions/AWS::SES::VdmAttributes.DashboardAttributes", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", + "title": "DashboardAttributes" }, - "VpcId": { - "markdownDescription": "The unique identifier of the VPC that is associated with the rule group.", - "title": "VpcId", - "type": "string" + "GuardianAttributes": { + "$ref": "#/definitions/AWS::SES::VdmAttributes.GuardianAttributes", + "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", + "title": "GuardianAttributes" } }, - "required": [ - "FirewallRuleGroupId", - "Priority", - "VpcId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::FirewallRuleGroupAssociation" + "AWS::SES::VdmAttributes" ], "type": "string" }, @@ -233991,12 +285799,33 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53Resolver::OutpostResolver": { + "AWS::SES::VdmAttributes.DashboardAttributes": { + "additionalProperties": false, + "properties": { + "EngagementMetrics": { + "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for your account.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for your account.", + "title": "EngagementMetrics", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SES::VdmAttributes.GuardianAttributes": { + "additionalProperties": false, + "properties": { + "OptimizedSharedDelivery": { + "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for your account.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for your account.", + "title": "OptimizedSharedDelivery", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SNS::Subscription": { "additionalProperties": false, "properties": { "Condition": { @@ -234031,45 +285860,71 @@ "Properties": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "Amazon EC2 instance count for the Resolver on the Outpost.", - "title": "InstanceCount", - "type": "number" + "DeliveryPolicy": { + "markdownDescription": "The delivery policy JSON assigned to the subscription. Enables the subscriber to define the message delivery retry strategy in the case of an HTTP/S endpoint subscribed to the topic. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message delivery retries](https://docs.aws.amazon.com/sns/latest/dg/sns-message-delivery-retries.html) in the *Amazon SNS Developer Guide* .", + "title": "DeliveryPolicy", + "type": "object" }, - "Name": { - "markdownDescription": "Name of the Resolver.", - "title": "Name", + "Endpoint": { + "markdownDescription": "The subscription's endpoint. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Endpoint", "type": "string" }, - "OutpostArn": { - "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", - "title": "OutpostArn", + "FilterPolicy": { + "markdownDescription": "The filter policy JSON assigned to the subscription. Enables the subscriber to filter out unwanted messages. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message filtering](https://docs.aws.amazon.com/sns/latest/dg/sns-message-filtering.html) in the *Amazon SNS Developer Guide* .", + "title": "FilterPolicy", + "type": "object" + }, + "FilterPolicyScope": { + "markdownDescription": "This attribute lets you choose the filtering scope by using one of the following string value types:\n\n- `MessageAttributes` (default) - The filter is applied on the message attributes.\n- `MessageBody` - The filter is applied on the message body.\n\n> `Null` is not a valid value for `FilterPolicyScope` . To delete a filter policy, delete the `FilterPolicy` property but keep `FilterPolicyScope` property as is.", + "title": "FilterPolicyScope", "type": "string" }, - "PreferredInstanceType": { - "markdownDescription": "The Amazon EC2 instance type. If you specify this, you must also specify a value for the `OutpostArn` .", - "title": "PreferredInstanceType", + "Protocol": { + "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Protocol", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A key value pair that helps you identify a Route\u00a053 Resolver .", - "title": "Tags", - "type": "array" + "RawMessageDelivery": { + "markdownDescription": "When set to `true` , enables raw message delivery. Raw messages don't contain any JSON formatting and can be sent to Amazon SQS and HTTP/S endpoints. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* .", + "title": "RawMessageDelivery", + "type": "boolean" + }, + "RedrivePolicy": { + "markdownDescription": "When specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue. Messages that can't be delivered due to client errors (for example, when the subscribed endpoint is unreachable) or server errors (for example, when the service that powers the subscribed endpoint becomes unavailable) are held in the dead-letter queue for further analysis or reprocessing.\n\nFor more information about the redrive policy and dead-letter queues, see [Amazon SQS dead-letter queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html) in the *Amazon SQS Developer Guide* .", + "title": "RedrivePolicy", + "type": "object" + }, + "Region": { + "markdownDescription": "For cross-region subscriptions, the region in which the topic resides.\n\nIf no region is specified, AWS CloudFormation uses the region of the caller as the default.\n\nIf you perform an update operation that only updates the `Region` property of a `AWS::SNS::Subscription` resource, that operation will fail unless you are either:\n\n- Updating the `Region` from `NULL` to the caller region.\n- Updating the `Region` from the caller region to `NULL` .", + "title": "Region", + "type": "string" + }, + "ReplayPolicy": { + "markdownDescription": "Specifies whether Amazon SNS resends the notification to the subscription when a message's attribute changes.", + "title": "ReplayPolicy", + "type": "object" + }, + "SubscriptionRoleArn": { + "markdownDescription": "This property applies only to Amazon Data Firehose delivery stream subscriptions. Specify the ARN of the IAM role that has the following:\n\n- Permission to write to the Amazon Data Firehose delivery stream\n- Amazon SNS listed as a trusted entity\n\nSpecifying a valid ARN for this attribute is required for Firehose delivery stream subscriptions. For more information, see [Fanout to Amazon Data Firehose delivery streams](https://docs.aws.amazon.com/sns/latest/dg/sns-firehose-as-subscriber.html) in the *Amazon SNS Developer Guide.*", + "title": "SubscriptionRoleArn", + "type": "string" + }, + "TopicArn": { + "markdownDescription": "The ARN of the topic to subscribe to.", + "title": "TopicArn", + "type": "string" } }, "required": [ - "Name", - "OutpostArn", - "PreferredInstanceType" + "Protocol", + "TopicArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::OutpostResolver" + "AWS::SNS::Subscription" ], "type": "string" }, @@ -234088,7 +285943,7 @@ ], "type": "object" }, - "AWS::Route53Resolver::ResolverConfig": { + "AWS::SNS::Topic": { "additionalProperties": false, "properties": { "Condition": { @@ -234123,26 +285978,86 @@ "Properties": { "additionalProperties": false, "properties": { - "AutodefinedReverseFlag": { - "markdownDescription": "Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` .", - "title": "AutodefinedReverseFlag", + "ArchivePolicy": { + "markdownDescription": "The `ArchivePolicy` determines the number of days Amazon SNS retains messages in FIFO topics. You can set a retention period ranging from 1 to 365 days. This property is only applicable to FIFO topics; attempting to use it with standard topics will result in a creation failure.", + "title": "ArchivePolicy", + "type": "object" + }, + "ContentBasedDeduplication": { + "markdownDescription": "`ContentBasedDeduplication` enables deduplication of messages based on their content for FIFO topics. By default, this property is set to false. If you create a FIFO topic with `ContentBasedDeduplication` set to false, you must provide a `MessageDeduplicationId` for each `Publish` action. When set to true, Amazon SNS automatically generates a `MessageDeduplicationId` using a SHA-256 hash of the message body (excluding message attributes). You can optionally override this generated value by specifying a `MessageDeduplicationId` in the `Publish` action. Note that this property only applies to FIFO topics; using it with standard topics will cause the creation to fail.", + "title": "ContentBasedDeduplication", + "type": "boolean" + }, + "DataProtectionPolicy": { + "markdownDescription": "The body of the policy document you want to use for this topic.\n\nYou can only add one policy per topic.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 30,720.", + "title": "DataProtectionPolicy", + "type": "object" + }, + "DeliveryStatusLogging": { + "items": { + "$ref": "#/definitions/AWS::SNS::Topic.LoggingConfig" + }, + "markdownDescription": "The `DeliveryStatusLogging` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:\n\n- HTTP\n- Amazon Kinesis Data Firehose\n- AWS Lambda\n- Platform application endpoint\n- Amazon Simple Queue Service\n\nOnce configured, log entries are sent to Amazon CloudWatch Logs.", + "title": "DeliveryStatusLogging", + "type": "array" + }, + "DisplayName": { + "markdownDescription": "The display name to use for an Amazon SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs.", + "title": "DisplayName", "type": "string" }, - "ResourceId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud VPC or a Route 53 Profile that you're configuring Resolver for.", - "title": "ResourceId", + "FifoThroughputScope": { + "markdownDescription": "Specifies the throughput quota and deduplication behavior to apply for the FIFO topic. Valid values are `Topic` or `MessageGroup` .", + "title": "FifoThroughputScope", + "type": "string" + }, + "FifoTopic": { + "markdownDescription": "Set to true to create a FIFO topic.", + "title": "FifoTopic", + "type": "boolean" + }, + "KmsMasterKeyId": { + "markdownDescription": "The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms) . For more examples, see `[KeyId](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)` in the *AWS Key Management Service API Reference* .\n\nThis property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html) .", + "title": "KmsMasterKeyId", + "type": "string" + }, + "SignatureVersion": { + "markdownDescription": "The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, `SignatureVersion` is set to `1` .", + "title": "SignatureVersion", + "type": "string" + }, + "Subscription": { + "items": { + "$ref": "#/definitions/AWS::SNS::Topic.Subscription" + }, + "markdownDescription": "The Amazon SNS subscriptions (endpoints) for this topic.\n\n> If you specify the `Subscription` property in the `AWS::SNS::Topic` resource and it creates an associated subscription resource, the associated subscription is not deleted when the `AWS::SNS::Topic` resource is deleted.", + "title": "Subscription", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of tags to add to a new topic.\n\n> To be able to tag a topic on creation, you must have the `sns:CreateTopic` and `sns:TagResource` permissions.", + "title": "Tags", + "type": "array" + }, + "TopicName": { + "markdownDescription": "The name of the topic you want to create. Topic names must include only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. FIFO topic names must end with `.fifo` .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the topic name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "TopicName", + "type": "string" + }, + "TracingConfig": { + "markdownDescription": "Tracing mode of an Amazon SNS topic. By default `TracingConfig` is set to `PassThrough` , and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to `Active` , Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true.", + "title": "TracingConfig", "type": "string" } }, - "required": [ - "AutodefinedReverseFlag", - "ResourceId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverConfig" + "AWS::SNS::Topic" ], "type": "string" }, @@ -234156,75 +286071,60 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Route53Resolver::ResolverDNSSECConfig": { + "AWS::SNS::Topic.LoggingConfig": { "additionalProperties": false, "properties": { - "Condition": { + "FailureFeedbackRoleArn": { + "markdownDescription": "The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch.", + "title": "FailureFeedbackRoleArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Protocol": { + "markdownDescription": "Indicates one of the supported protocols for the Amazon SNS topic.\n\n> At least one of the other three `LoggingConfig` properties is recommend along with `Protocol` .", + "title": "Protocol", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceId": { - "markdownDescription": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.", - "title": "ResourceId", - "type": "string" - } - }, - "type": "object" + "SuccessFeedbackRoleArn": { + "markdownDescription": "The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch.", + "title": "SuccessFeedbackRoleArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::Route53Resolver::ResolverDNSSECConfig" - ], + "SuccessFeedbackSampleRate": { + "markdownDescription": "The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100.", + "title": "SuccessFeedbackSampleRate", + "type": "string" + } + }, + "required": [ + "Protocol" + ], + "type": "object" + }, + "AWS::SNS::Topic.Subscription": { + "additionalProperties": false, + "properties": { + "Endpoint": { + "markdownDescription": "The endpoint that receives notifications from the Amazon SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Endpoint", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Protocol": { + "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", + "title": "Protocol", "type": "string" } }, "required": [ - "Type" + "Endpoint", + "Protocol" ], "type": "object" }, - "AWS::Route53Resolver::ResolverEndpoint": { + "AWS::SNS::TopicInlinePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -234259,74 +286159,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Direction": { - "markdownDescription": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network\n- `INBOUND_DELEGATION` : Resolver delegates queries to Route 53 private hosted zones from your network.", - "title": "Direction", - "type": "string" - }, - "IpAddresses": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest" - }, - "markdownDescription": "The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.\n\n> Even though the minimum is 1, Route\u00a053 requires that you create at least two.", - "title": "IpAddresses", - "type": "array" - }, - "Name": { - "markdownDescription": "A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.", - "title": "Name", - "type": "string" - }, - "OutpostArn": { - "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", - "title": "OutpostArn", - "type": "string" - }, - "PreferredInstanceType": { - "markdownDescription": "The Amazon EC2 instance type.", - "title": "PreferredInstanceType", - "type": "string" - }, - "Protocols": { - "items": { - "type": "string" - }, - "markdownDescription": "Protocols used for the endpoint. DoH-FIPS is applicable for a default inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor a delegation inbound endpoint you can use Do53 only.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", - "title": "Protocols", - "type": "array" + "PolicyDocument": { + "markdownDescription": "A policy document that contains permissions to add to the specified Amazon SNS topic.", + "title": "PolicyDocument", + "type": "object" }, - "ResolverEndpointType": { - "markdownDescription": "The Resolver endpoint IP address type.", - "title": "ResolverEndpointType", + "TopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the topic to which you want to add the policy.", + "title": "TopicArn", "type": "string" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Route 53 Resolver doesn't support updating tags through CloudFormation.", - "title": "Tags", - "type": "array" } }, "required": [ - "Direction", - "IpAddresses", - "SecurityGroupIds" + "PolicyDocument", + "TopicArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverEndpoint" + "AWS::SNS::TopicInlinePolicy" ], "type": "string" }, @@ -234345,31 +286197,7 @@ ], "type": "object" }, - "AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest": { - "additionalProperties": false, - "properties": { - "Ip": { - "markdownDescription": "The IPv4 address that you want to use for DNS queries.", - "title": "Ip", - "type": "string" - }, - "Ipv6": { - "markdownDescription": "The IPv6 address that you want to use for DNS queries.", - "title": "Ipv6", - "type": "string" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet that contains the IP address.", - "title": "SubnetId", - "type": "string" - } - }, - "required": [ - "SubnetId" - ], - "type": "object" - }, - "AWS::Route53Resolver::ResolverQueryLoggingConfig": { + "AWS::SNS::TopicPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -234404,22 +286232,29 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.", - "title": "DestinationArn", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A policy document that contains permissions to add to the specified SNS topics.", + "title": "PolicyDocument", + "type": "object" }, - "Name": { - "markdownDescription": "The name of the query logging configuration.", - "title": "Name", - "type": "string" + "Topics": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SNS::Topic](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-topic.html)` resource.", + "title": "Topics", + "type": "array" } }, + "required": [ + "PolicyDocument", + "Topics" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverQueryLoggingConfig" + "AWS::SNS::TopicPolicy" ], "type": "string" }, @@ -234433,11 +286268,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation": { + "AWS::SQS::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -234472,22 +286308,95 @@ "Properties": { "additionalProperties": false, "properties": { - "ResolverQueryLogConfigId": { - "markdownDescription": "The ID of the query logging configuration that a VPC is associated with.", - "title": "ResolverQueryLogConfigId", + "ContentBasedDeduplication": { + "markdownDescription": "For first-in-first-out (FIFO) queues, specifies whether to enable content-based deduplication. During the deduplication interval, Amazon SQS treats messages that are sent with identical content as duplicates and delivers only one copy of the message. For more information, see the `ContentBasedDeduplication` attribute for the `[CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html)` action in the *Amazon SQS API Reference* .", + "title": "ContentBasedDeduplication", + "type": "boolean" + }, + "DeduplicationScope": { + "markdownDescription": "For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. Valid values are `messageGroup` and `queue` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `messageGroup` *and* set the `FifoThroughputLimit` attribute to `perMessageGroupId` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", + "title": "DeduplicationScope", "type": "string" }, - "ResourceId": { - "markdownDescription": "The ID of the Amazon VPC that is associated with the query logging configuration.", - "title": "ResourceId", + "DelaySeconds": { + "markdownDescription": "The time in seconds for which the delivery of all messages in the queue is delayed. You can specify an integer value of `0` to `900` (15 minutes). The default value is `0` .", + "title": "DelaySeconds", + "type": "number" + }, + "FifoQueue": { + "markdownDescription": "If set to true, creates a FIFO queue. If you don't specify this property, Amazon SQS creates a standard queue. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .", + "title": "FifoQueue", + "type": "boolean" + }, + "FifoThroughputLimit": { + "markdownDescription": "For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are `perQueue` and `perMessageGroupId` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `perMessageGroupId` *and* set the `DeduplicationScope` attribute to `messageGroup` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", + "title": "FifoThroughputLimit", + "type": "string" + }, + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "The length of time in seconds for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).\n\n> A shorter time period provides better security, but results in more calls to AWS KMS , which might incur charges after Free Tier. For more information, see [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-how-does-the-data-key-reuse-period-work) in the *Amazon SQS Developer Guide* .", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsMasterKeyId": { + "markdownDescription": "The ID of an AWS Key Management Service (KMS) for Amazon SQS , or a custom KMS. To use the AWS managed KMS for Amazon SQS , specify a (default) alias ARN, alias name (for example `alias/aws/sqs` ), key ARN, or key ID. For more information, see the following:\n\n- [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Amazon SQS Developer Guide*\n- [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *Amazon SQS API Reference*\n- [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *AWS Key Management Service API Reference*\n- The Key Management Service (KMS) section of the [Security best practices for AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) in the *AWS Key Management Service Developer Guide*", + "title": "KmsMasterKeyId", + "type": "string" + }, + "MaximumMessageSize": { + "markdownDescription": "The limit of how many bytes that a message can contain before Amazon SQS rejects it. You can specify an integer value from `1,024` bytes (1 KiB) to `262,144` bytes (256 KiB). The default value is `262,144` (256 KiB).", + "title": "MaximumMessageSize", + "type": "number" + }, + "MessageRetentionPeriod": { + "markdownDescription": "The number of seconds that Amazon SQS retains a message. You can specify an integer value from `60` seconds (1 minute) to `1,209,600` seconds (14 days). The default value is `345,600` seconds (4 days).", + "title": "MessageRetentionPeriod", + "type": "number" + }, + "QueueName": { + "markdownDescription": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the `.fifo` suffix. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *AWS CloudFormation User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "QueueName", "type": "string" + }, + "ReceiveMessageWaitTimeSeconds": { + "markdownDescription": "Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, rather than returning an empty response if a message isn't yet available. You can specify an integer from 1 to 20. Short polling is used as the default or when you specify 0 for this property. For more information, see [Consuming messages using long polling](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-short-and-long-polling.html#sqs-long-polling) in the *Amazon SQS Developer Guide* .", + "title": "ReceiveMessageWaitTimeSeconds", + "type": "number" + }, + "RedriveAllowPolicy": { + "markdownDescription": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n\n- `redrivePermission` : The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n\n- `allowAll` : (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n- `denyAll` : No source queues can specify this queue as the dead-letter queue.\n- `byQueue` : Only queues specified by the `sourceQueueArns` parameter can specify this queue as the dead-letter queue.\n- `sourceQueueArns` : The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the `redrivePermission` parameter is set to `byQueue` . You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the `redrivePermission` parameter to `allowAll` .", + "title": "RedriveAllowPolicy", + "type": "object" + }, + "RedrivePolicy": { + "markdownDescription": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n\n- `deadLetterTargetArn` : The Amazon Resource Name (ARN) of the dead-letter queue to which Amazon SQS moves messages after the value of `maxReceiveCount` is exceeded.\n- `maxReceiveCount` : The number of times a message is received by a consumer of the source queue before being moved to the dead-letter queue. When the `ReceiveCount` for a message exceeds the `maxReceiveCount` for a queue, Amazon SQS moves the message to the dead-letter-queue.\n\n> The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue. \n\n*JSON*\n\n`{ \"deadLetterTargetArn\" : *String* , \"maxReceiveCount\" : *Integer* }`\n\n*YAML*\n\n`deadLetterTargetArn : *String*`\n\n`maxReceiveCount : *Integer*`", + "title": "RedrivePolicy", + "type": "object" + }, + "SqsManagedSseEnabled": { + "markdownDescription": "Enables server-side queue encryption using SQS owned encryption keys. Only one server-side encryption option is supported per queue (for example, [SSE-KMS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sse-existing-queue.html) or [SSE-SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sqs-sse-queue.html) ). When `SqsManagedSseEnabled` is not defined, `SSE-SQS` encryption is enabled by default.", + "title": "SqsManagedSseEnabled", + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags that you attach to this queue. For more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .", + "title": "Tags", + "type": "array" + }, + "VisibilityTimeout": { + "markdownDescription": "The length of time during which a message will be unavailable after a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue.\n\nValues must be from 0 to 43,200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.\n\nFor more information about Amazon SQS queue visibility timeouts, see [Visibility timeout](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html) in the *Amazon SQS Developer Guide* .", + "title": "VisibilityTimeout", + "type": "number" } }, "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation" + "AWS::SQS::Queue" ], "type": "string" }, @@ -234505,7 +286414,7 @@ ], "type": "object" }, - "AWS::Route53Resolver::ResolverRule": { + "AWS::SQS::QueueInlinePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -234540,52 +286449,26 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).", - "title": "DomainName", - "type": "string" - }, - "Name": { - "markdownDescription": "The name for the Resolver rule, which you specified when you created the Resolver rule.", - "title": "Name", - "type": "string" - }, - "ResolverEndpointId": { - "markdownDescription": "The ID of the endpoint that the rule is associated with.", - "title": "ResolverEndpointId", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", + "title": "PolicyDocument", + "type": "object" }, - "RuleType": { - "markdownDescription": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` or `DELEGATE` . If a query matches multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains the most specific domain name (www.example.com).\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", - "title": "RuleType", + "Queue": { + "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html)` resource.", + "title": "Queue", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags help organize and categorize your Resolver rules. Each tag consists of a key and an optional value, both of which you define.", - "title": "Tags", - "type": "array" - }, - "TargetIps": { - "items": { - "$ref": "#/definitions/AWS::Route53Resolver::ResolverRule.TargetAddress" - }, - "markdownDescription": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network.", - "title": "TargetIps", - "type": "array" } }, "required": [ - "DomainName", - "RuleType" + "PolicyDocument", + "Queue" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverRule" + "AWS::SQS::QueueInlinePolicy" ], "type": "string" }, @@ -234604,33 +286487,7 @@ ], "type": "object" }, - "AWS::Route53Resolver::ResolverRule.TargetAddress": { - "additionalProperties": false, - "properties": { - "Ip": { - "markdownDescription": "One IPv4 address that you want to forward DNS queries to.", - "title": "Ip", - "type": "string" - }, - "Ipv6": { - "markdownDescription": "One IPv6 address that you want to forward DNS queries to.", - "title": "Ipv6", - "type": "string" - }, - "Port": { - "markdownDescription": "The port at `Ip` that you want to forward DNS queries to.", - "title": "Port", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The protocols for the target address. The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.", - "title": "Protocol", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Route53Resolver::ResolverRuleAssociation": { + "AWS::SQS::QueuePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -234665,31 +286522,29 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of an association between a Resolver rule and a VPC.", - "title": "Name", - "type": "string" - }, - "ResolverRuleId": { - "markdownDescription": "The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` .", - "title": "ResolverRuleId", - "type": "string" + "PolicyDocument": { + "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", + "title": "PolicyDocument", + "type": "object" }, - "VPCId": { - "markdownDescription": "The ID of the VPC that you associated the Resolver rule with.", - "title": "VPCId", - "type": "string" + "Queues": { + "items": { + "type": "string" + }, + "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queue.html)` resource.", + "title": "Queues", + "type": "array" } }, "required": [ - "ResolverRuleId", - "VPCId" + "PolicyDocument", + "Queues" ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53Resolver::ResolverRuleAssociation" + "AWS::SQS::QueuePolicy" ], "type": "string" }, @@ -234708,7 +286563,7 @@ ], "type": "object" }, - "AWS::S3::AccessGrant": { + "AWS::SSM::Association": { "additionalProperties": false, "properties": { "Condition": { @@ -234743,55 +286598,106 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessGrantsLocationConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessGrant.AccessGrantsLocationConfiguration", - "markdownDescription": "The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.", - "title": "AccessGrantsLocationConfiguration" + "ApplyOnlyAtCronInterval": { + "markdownDescription": "By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.", + "title": "ApplyOnlyAtCronInterval", + "type": "boolean" }, - "AccessGrantsLocationId": { - "markdownDescription": "The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.", - "title": "AccessGrantsLocationId", + "AssociationName": { + "markdownDescription": "Specify a descriptive name for the association.", + "title": "AssociationName", "type": "string" }, - "ApplicationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.", - "title": "ApplicationArn", + "AutomationTargetParameterName": { + "markdownDescription": "Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a tool in AWS Systems Manager .", + "title": "AutomationTargetParameterName", "type": "string" }, - "Grantee": { - "$ref": "#/definitions/AWS::S3::AccessGrant.Grantee", - "markdownDescription": "The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.", - "title": "Grantee" + "CalendarNames": { + "items": { + "type": "string" + }, + "markdownDescription": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) in the *AWS Systems Manager User Guide* .", + "title": "CalendarNames", + "type": "array" }, - "Permission": { - "markdownDescription": "The type of access that you are granting to your S3 data, which can be set to one of the following values:\n\n- `READ` \u2013 Grant read-only access to the S3 data.\n- `WRITE` \u2013 Grant write-only access to the S3 data.\n- `READWRITE` \u2013 Grant both read and write access to the S3 data.", - "title": "Permission", + "ComplianceSeverity": { + "markdownDescription": "The severity level that is assigned to the association.", + "title": "ComplianceSeverity", "type": "string" }, - "S3PrefixType": { - "markdownDescription": "The type of `S3SubPrefix` . The only possible value is `Object` . Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.", - "title": "S3PrefixType", + "DocumentVersion": { + "markdownDescription": "The version of the SSM document to associate with the target.\n\n> Note the following important information.\n> \n> - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the `default` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to `default` .\n> - `DocumentVersion` is not valid for documents owned by AWS , such as `AWS-RunPatchBaseline` or `AWS-UpdateSSMAgent` . If you specify `DocumentVersion` for an AWS document, the system returns the following error: \"Error occurred during operation 'CreateAssociation'.\" (RequestToken: , HandlerErrorCode: GeneralServiceException).", + "title": "DocumentVersion", "type": "string" }, - "Tags": { + "InstanceId": { + "markdownDescription": "> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.\n> \n> Note that in some examples later in this page, `InstanceIds` is used as the tag-key name in a `Targets` filter. `InstanceId` is not used as a parameter. \n\nThe ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.", + "title": "InstanceId", + "type": "string" + }, + "MaxConcurrency": { + "markdownDescription": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` .", + "title": "MaxConcurrency", + "type": "string" + }, + "MaxErrors": { + "markdownDescription": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time.", + "title": "MaxErrors", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the SSM document that contains the configuration information for the instance. You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format:\n\n`arn:partition:ssm:region:account-id:document/document-name`\n\nFor example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`\n\nFor AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, `AWS -ApplyPatchBaseline` or `My-Document` .", + "title": "Name", + "type": "string" + }, + "OutputLocation": { + "$ref": "#/definitions/AWS::SSM::Association.InstanceAssociationOutputLocation", + "markdownDescription": "An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.", + "title": "OutputLocation" + }, + "Parameters": { + "markdownDescription": "The parameters for the runtime configuration of the document.", + "title": "Parameters", + "type": "object" + }, + "ScheduleExpression": { + "markdownDescription": "A cron expression that specifies a schedule when the association runs. The schedule runs in Coordinated Universal Time (UTC).", + "title": "ScheduleExpression", + "type": "string" + }, + "ScheduleOffset": { + "markdownDescription": "Number of days to wait after the scheduled day to run an association.", + "title": "ScheduleOffset", + "type": "number" + }, + "SyncCompliance": { + "markdownDescription": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` .\n\nIn `MANUAL` mode, you must specify the `AssociationId` as a parameter for the `PutComplianceItems` API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the `PutComplianceItems` API action.\n\nBy default, all associations use `AUTO` mode.", + "title": "SyncCompliance", + "type": "string" + }, + "Targets": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::SSM::Association.Target" }, - "markdownDescription": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", - "title": "Tags", + "markdownDescription": "The targets for the association. You must specify the `InstanceId` or `Targets` property. You can target all instances in an AWS account by specifying t he `InstanceIds` key with a value of `*` .\n\nSupported formats include the following.\n\n- `Key=InstanceIds,Values=,,`\n- `Key=tag-key,Values=,`\n\nTo view a JSON and a YAML example that targets all instances, see \"Create an association for all managed instances in an AWS account \" on the Examples page.", + "title": "Targets", "type": "array" + }, + "WaitForSuccessTimeoutSeconds": { + "markdownDescription": "The number of seconds the service should wait for the association status to show \"Success\" before proceeding with the stack execution. If the association status doesn't show \"Success\" after the specified number of seconds, then stack creation fails.\n\n> When you specify a value for the `WaitForSuccessTimeoutSeconds` , [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html) for your AWS CloudFormation stack\u2019s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don\u2019t include `WaitForSuccessTimeoutSeconds` in your template.", + "title": "WaitForSuccessTimeoutSeconds", + "type": "number" } }, "required": [ - "AccessGrantsLocationId", - "Grantee", - "Permission" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::AccessGrant" + "AWS::SSM::Association" ], "type": "string" }, @@ -234810,41 +286716,62 @@ ], "type": "object" }, - "AWS::S3::AccessGrant.AccessGrantsLocationConfiguration": { + "AWS::SSM::Association.InstanceAssociationOutputLocation": { "additionalProperties": false, "properties": { - "S3SubPrefix": { - "markdownDescription": "The `S3SubPrefix` is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default location `s3://` because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default location `s3://` , the `S3SubPrefx` can be a `/*` , so the full grant scope path would be `s3:///*` . Or the `S3SubPrefx` can be `/*` , so the full grant scope path would be `s3:///*` .\n\nIf the `S3SubPrefix` includes a prefix, append the wildcard character `*` after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.", - "title": "S3SubPrefix", - "type": "string" + "S3Location": { + "$ref": "#/definitions/AWS::SSM::Association.S3OutputLocation", + "markdownDescription": "`S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request.", + "title": "S3Location" } }, - "required": [ - "S3SubPrefix" - ], "type": "object" }, - "AWS::S3::AccessGrant.Grantee": { + "AWS::SSM::Association.S3OutputLocation": { "additionalProperties": false, "properties": { - "GranteeIdentifier": { - "markdownDescription": "The unique identifier of the `Grantee` . If the grantee type is `IAM` , the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . You can obtain this UUID from your AWS IAM Identity Center instance.", - "title": "GranteeIdentifier", + "OutputS3BucketName": { + "markdownDescription": "The name of the S3 bucket.", + "title": "OutputS3BucketName", "type": "string" }, - "GranteeType": { - "markdownDescription": "The type of the grantee to which access has been granted. It can be one of the following values:\n\n- `IAM` - An IAM user or role.\n- `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.\n- `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.", - "title": "GranteeType", + "OutputS3KeyPrefix": { + "markdownDescription": "The S3 bucket subfolder.", + "title": "OutputS3KeyPrefix", + "type": "string" + }, + "OutputS3Region": { + "markdownDescription": "The AWS Region of the S3 bucket.", + "title": "OutputS3Region", "type": "string" } }, + "type": "object" + }, + "AWS::SSM::Association.Target": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", + "title": "Key", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", + "title": "Values", + "type": "array" + } + }, "required": [ - "GranteeIdentifier", - "GranteeType" + "Key", + "Values" ], "type": "object" }, - "AWS::S3::AccessGrantsInstance": { + "AWS::SSM::Document": { "additionalProperties": false, "properties": { "Condition": { @@ -234879,25 +286806,74 @@ "Properties": { "additionalProperties": false, "properties": { - "IdentityCenterArn": { - "markdownDescription": "If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center.", - "title": "IdentityCenterArn", + "Attachments": { + "items": { + "$ref": "#/definitions/AWS::SSM::Document.AttachmentsSource" + }, + "markdownDescription": "A list of key-value pairs that describe attachments to a version of a document.", + "title": "Attachments", + "type": "array" + }, + "Content": { + "markdownDescription": "The content for the new SSM document in JSON or YAML. For more information about the schemas for SSM document content, see [SSM document schema features and examples](https://docs.aws.amazon.com/systems-manager/latest/userguide/document-schemas-features.html) in the *AWS Systems Manager User Guide* .\n\n> This parameter also supports `String` data types.", + "title": "Content", + "type": "object" + }, + "DocumentFormat": { + "markdownDescription": "Specify the document format for the request. `JSON` is the default format.", + "title": "DocumentFormat", + "type": "string" + }, + "DocumentType": { + "markdownDescription": "The type of document to create.", + "title": "DocumentType", + "type": "string" + }, + "Name": { + "markdownDescription": "A name for the SSM document.\n\n> You can't use the following strings as document name prefixes. These are reserved by AWS for use as document name prefixes:\n> \n> - `aws`\n> - `amazon`\n> - `amzn`\n> - `AWSEC2`\n> - `AWSConfigRemediation`\n> - `AWSSupport`", + "title": "Name", "type": "string" }, + "Requires": { + "items": { + "$ref": "#/definitions/AWS::SSM::Document.DocumentRequires" + }, + "markdownDescription": "A list of SSM documents required by a document. This parameter is used exclusively by AWS AppConfig . When a user creates an AWS AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an `ApplicationConfiguration` document requires an `ApplicationConfigurationSchema` document for validation purposes. For more information, see [What is AWS AppConfig ?](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .", + "title": "Requires", + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "markdownDescription": "AWS CloudFormation resource tags to apply to the document. Use tags to help you identify and categorize resources.", "title": "Tags", "type": "array" + }, + "TargetType": { + "markdownDescription": "Specify a target type to define the kinds of resources the document can run on. For example, to run a document on EC2 instances, specify the following value: `/AWS::EC2::Instance` . If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) in the *AWS CloudFormation User Guide* .", + "title": "TargetType", + "type": "string" + }, + "UpdateMethod": { + "markdownDescription": "If the document resource you specify in your template already exists, this parameter determines whether a new version of the existing document is created, or the existing document is replaced. `Replace` is the default method. If you specify `NewVersion` for the `UpdateMethod` parameter, and the `Name` of the document does not match an existing resource, a new document is created. When you specify `NewVersion` , the default version of the document is changed to the newly created version.", + "title": "UpdateMethod", + "type": "string" + }, + "VersionName": { + "markdownDescription": "An optional field specifying the version of the artifact you are creating with the document. For example, `Release12.1` . This value is unique across all versions of a document, and can't be changed.", + "title": "VersionName", + "type": "string" } }, + "required": [ + "Content" + ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::AccessGrantsInstance" + "AWS::SSM::Document" ], "type": "string" }, @@ -234911,11 +286887,52 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::AccessGrantsLocation": { + "AWS::SSM::Document.AttachmentsSource": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key of a key-value pair that identifies the location of an attachment to a document.", + "title": "Key", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the document attachment file.", + "title": "Name", + "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The value of a key-value pair that identifies the location of an attachment to a document. The format for *Value* depends on the type of key you specify.\n\n- For the key *SourceUrl* , the value is an S3 bucket location. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix\" ]`\n- For the key *S3FileUrl* , the value is a file in an S3 bucket. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix/my-file.py\" ]`\n- For the key *AttachmentReference* , the value is constructed from the name of another SSM document in your account, a version number of that document, and a file attached to that document version that you want to reuse. For example:\n\n`\"Values\": [ \"MyOtherDocument/3/my-other-file.py\" ]`\n\nHowever, if the SSM document is shared with you from another account, the full SSM document ARN must be specified instead of the document name only. For example:\n\n`\"Values\": [ \"arn:aws:ssm:us-east-2:111122223333:document/OtherAccountDocument/3/their-file.py\" ]`", + "title": "Values", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSM::Document.DocumentRequires": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the required SSM document. The name can be an Amazon Resource Name (ARN).", + "title": "Name", + "type": "string" + }, + "Version": { + "markdownDescription": "The document version required by the current document.", + "title": "Version", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSM::MaintenanceWindow": { "additionalProperties": false, "properties": { "Condition": { @@ -234950,30 +286967,77 @@ "Properties": { "additionalProperties": false, "properties": { - "IamRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.", - "title": "IamRoleArn", + "AllowUnassociatedTargets": { + "markdownDescription": "Enables a maintenance window task to run on managed instances, even if you have not registered those instances as targets. If enabled, then you must specify the unregistered instances (by instance ID) when you register a task with the maintenance window.", + "title": "AllowUnassociatedTargets", + "type": "boolean" + }, + "Cutoff": { + "markdownDescription": "The number of hours before the end of the maintenance window that AWS Systems Manager stops scheduling new tasks for execution.", + "title": "Cutoff", + "type": "number" + }, + "Description": { + "markdownDescription": "A description of the maintenance window.", + "title": "Description", "type": "string" }, - "LocationScope": { - "markdownDescription": "The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://` , the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.", - "title": "LocationScope", + "Duration": { + "markdownDescription": "The duration of the maintenance window in hours.", + "title": "Duration", + "type": "number" + }, + "EndDate": { + "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become inactive.", + "title": "EndDate", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the maintenance window.", + "title": "Name", + "type": "string" + }, + "Schedule": { + "markdownDescription": "The schedule of the maintenance window in the form of a cron or rate expression.", + "title": "Schedule", + "type": "string" + }, + "ScheduleOffset": { + "markdownDescription": "The number of days to wait to run a maintenance window after the scheduled cron expression date and time.", + "title": "ScheduleOffset", + "type": "number" + }, + "ScheduleTimezone": { + "markdownDescription": "The time zone that the scheduled maintenance window executions are based on, in Internet Assigned Numbers Authority (IANA) format.", + "title": "ScheduleTimezone", + "type": "string" + }, + "StartDate": { + "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become active. `StartDate` allows you to delay activation of the maintenance window until the specified future date.", + "title": "StartDate", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a maintenance window to identify the type of tasks it will run, the types of targets, and the environment it will run in.", "title": "Tags", "type": "array" } }, + "required": [ + "AllowUnassociatedTargets", + "Cutoff", + "Duration", + "Name", + "Schedule" + ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::AccessGrantsLocation" + "AWS::SSM::MaintenanceWindow" ], "type": "string" }, @@ -234987,11 +287051,12 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::AccessPoint": { + "AWS::SSM::MaintenanceWindowTarget": { "additionalProperties": false, "properties": { "Condition": { @@ -235026,45 +287091,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the bucket associated with this access point.", - "title": "Bucket", - "type": "string" - }, - "BucketAccountId": { - "markdownDescription": "The AWS account ID associated with the S3 bucket associated with this access point.", - "title": "BucketAccountId", + "Description": { + "markdownDescription": "A description for the target.", + "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of this access point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", + "markdownDescription": "The name for the maintenance window target.", "title": "Name", "type": "string" }, - "Policy": { - "markdownDescription": "The access point policy associated with this access point.", - "title": "Policy", - "type": "object" + "OwnerInformation": { + "markdownDescription": "A user-provided value that will be included in any Amazon CloudWatch Events events that are raised while running tasks for these targets in this maintenance window.", + "title": "OwnerInformation", + "type": "string" }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessPoint.PublicAccessBlockConfiguration", - "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", - "title": "PublicAccessBlockConfiguration" + "ResourceType": { + "markdownDescription": "The type of target that is being registered with the maintenance window.", + "title": "ResourceType", + "type": "string" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::S3::AccessPoint.VpcConfiguration", - "markdownDescription": "The Virtual Private Cloud (VPC) configuration for this access point, if one exists.", - "title": "VpcConfiguration" + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTarget.Targets" + }, + "markdownDescription": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs.\n\nYou must specify targets by using the `WindowTargetIds` parameter.", + "title": "Targets", + "type": "array" + }, + "WindowId": { + "markdownDescription": "The ID of the maintenance window to register the target with.", + "title": "WindowId", + "type": "string" } }, "required": [ - "Bucket" + "ResourceType", + "Targets", + "WindowId" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::AccessPoint" + "AWS::SSM::MaintenanceWindowTarget" ], "type": "string" }, @@ -235083,44 +287153,30 @@ ], "type": "object" }, - "AWS::S3::AccessPoint.PublicAccessBlockConfiguration": { - "additionalProperties": false, - "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", - "title": "BlockPublicAcls", - "type": "boolean" - }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", - "title": "BlockPublicPolicy", - "type": "boolean" - }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "title": "IgnorePublicAcls", - "type": "boolean" - }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3::AccessPoint.VpcConfiguration": { + "AWS::SSM::MaintenanceWindowTarget.Targets": { "additionalProperties": false, "properties": { - "VpcId": { - "markdownDescription": "If this field is specified, the access point will only allow connections from the specified VPC ID.", - "title": "VpcId", + "Key": { + "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", + "title": "Key", "type": "string" + }, + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", + "title": "Values", + "type": "array" } }, + "required": [ + "Key", + "Values" + ], "type": "object" }, - "AWS::S3::Bucket": { + "AWS::SSM::MaintenanceWindowTask": { "additionalProperties": false, "properties": { "Condition": { @@ -235155,127 +287211,91 @@ "Properties": { "additionalProperties": false, "properties": { - "AccelerateConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.AccelerateConfiguration", - "markdownDescription": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide* .", - "title": "AccelerateConfiguration" - }, - "AccessControl": { - "markdownDescription": "> This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide* . \n\nA canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* .\n\nS3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n\nThe majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html) . For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide* .", - "title": "AccessControl", + "CutoffBehavior": { + "markdownDescription": "The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached.", + "title": "CutoffBehavior", "type": "string" }, - "AnalyticsConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.AnalyticsConfiguration" - }, - "markdownDescription": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", - "title": "AnalyticsConfigurations", - "type": "array" + "Description": { + "markdownDescription": "A description of the task.", + "title": "Description", + "type": "string" }, - "BucketEncryption": { - "$ref": "#/definitions/AWS::S3::Bucket.BucketEncryption", - "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide* .", - "title": "BucketEncryption" + "LoggingInfo": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.LoggingInfo", + "markdownDescription": "> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) . \n\nInformation about an Amazon S3 bucket to write Run Command task-level logs to.", + "title": "LoggingInfo" }, - "BucketName": { - "markdownDescription": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", + "MaxConcurrency": { + "markdownDescription": "The maximum number of targets this task can be run for, in parallel.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", + "title": "MaxConcurrency", "type": "string" }, - "CorsConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", - "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", - "title": "CorsConfiguration" - }, - "IntelligentTieringConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.IntelligentTieringConfiguration" - }, - "markdownDescription": "Defines how Amazon S3 handles Intelligent-Tiering storage.", - "title": "IntelligentTieringConfigurations", - "type": "array" + "MaxErrors": { + "markdownDescription": "The maximum number of errors allowed before this task stops being scheduled.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", + "title": "MaxErrors", + "type": "string" }, - "InventoryConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.InventoryConfiguration" - }, - "markdownDescription": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", - "title": "InventoryConfigurations", - "type": "array" + "Name": { + "markdownDescription": "The task name.", + "title": "Name", + "type": "string" }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.LifecycleConfiguration", - "markdownDescription": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", - "title": "LifecycleConfiguration" + "Priority": { + "markdownDescription": "The priority of the task in the maintenance window. The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.", + "title": "Priority", + "type": "number" }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.LoggingConfiguration", - "markdownDescription": "Settings that define where logs are stored.", - "title": "LoggingConfiguration" + "ServiceRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", + "title": "ServiceRoleArn", + "type": "string" }, - "MetricsConfigurations": { + "Targets": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.MetricsConfiguration" + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.Target" }, - "markdownDescription": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", - "title": "MetricsConfigurations", + "markdownDescription": "The targets, either instances or window target IDs.\n\n- Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` .\n- Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` .", + "title": "Targets", "type": "array" }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationConfiguration", - "markdownDescription": "Configuration that defines how Amazon S3 handles bucket notifications.", - "title": "NotificationConfiguration" - }, - "ObjectLockConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockConfiguration", - "markdownDescription": "> This operation is not supported for directory buckets. \n\nPlaces an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) .\n\n> - The `DefaultRetention` settings require both a mode and a period.\n> - The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time.\n> - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) .", - "title": "ObjectLockConfiguration" - }, - "ObjectLockEnabled": { - "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", - "title": "ObjectLockEnabled", - "type": "boolean" - }, - "OwnershipControls": { - "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControls", - "markdownDescription": "Configuration that defines how Amazon S3 handles Object Ownership rules.", - "title": "OwnershipControls" - }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.PublicAccessBlockConfiguration", - "markdownDescription": "Configuration that defines how Amazon S3 handles public access.", - "title": "PublicAccessBlockConfiguration" + "TaskArn": { + "markdownDescription": "The resource that the task uses during execution.\n\nFor `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN).\n\nFor `LAMBDA` tasks, `TaskArn` is the function name or ARN.\n\nFor `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN.", + "title": "TaskArn", + "type": "string" }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationConfiguration", - "markdownDescription": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the `VersioningConfiguration` property.\n\nAmazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.", - "title": "ReplicationConfiguration" + "TaskInvocationParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters", + "markdownDescription": "The parameters to pass to the task when it runs. Populate only the fields that match the task type. All other fields should be empty.\n\n> When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed.", + "title": "TaskInvocationParameters" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An arbitrary set of tags (key-value pairs) for this S3 bucket.", - "title": "Tags", - "type": "array" + "TaskParameters": { + "markdownDescription": "> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) . \n\nThe parameters to pass to the task when it runs.", + "title": "TaskParameters", + "type": "object" }, - "VersioningConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.VersioningConfiguration", - "markdownDescription": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n\n> When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations ( `PUT` or `DELETE` ) on objects in the bucket.", - "title": "VersioningConfiguration" + "TaskType": { + "markdownDescription": "The type of task. Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` .", + "title": "TaskType", + "type": "string" }, - "WebsiteConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.WebsiteConfiguration", - "markdownDescription": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) .", - "title": "WebsiteConfiguration" + "WindowId": { + "markdownDescription": "The ID of the maintenance window where the task is registered.", + "title": "WindowId", + "type": "string" } }, + "required": [ + "Priority", + "TaskArn", + "TaskType", + "WindowId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::Bucket" + "AWS::SSM::MaintenanceWindowTask" ], "type": "string" }, @@ -235284,1353 +287304,814 @@ "Delete", "Retain", "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::S3::Bucket.AbortIncompleteMultipartUpload": { - "additionalProperties": false, - "properties": { - "DaysAfterInitiation": { - "markdownDescription": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.", - "title": "DaysAfterInitiation", - "type": "number" - } - }, - "required": [ - "DaysAfterInitiation" - ], - "type": "object" - }, - "AWS::S3::Bucket.AccelerateConfiguration": { - "additionalProperties": false, - "properties": { - "AccelerationStatus": { - "markdownDescription": "Specifies the transfer acceleration status of the bucket.", - "title": "AccelerationStatus", - "type": "string" - } - }, - "required": [ - "AccelerationStatus" - ], - "type": "object" - }, - "AWS::S3::Bucket.AccessControlTranslation": { - "additionalProperties": false, - "properties": { - "Owner": { - "markdownDescription": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference* .", - "title": "Owner", - "type": "string" - } - }, - "required": [ - "Owner" - ], - "type": "object" - }, - "AWS::S3::Bucket.AnalyticsConfiguration": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID that identifies the analytics configuration.", - "title": "Id", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The prefix that an object must have to be included in the analytics results.", - "title": "Prefix", - "type": "string" - }, - "StorageClassAnalysis": { - "$ref": "#/definitions/AWS::S3::Bucket.StorageClassAnalysis", - "markdownDescription": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.", - "title": "StorageClassAnalysis" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "The tags to use when evaluating an analytics filter.\n\nThe analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.", - "title": "TagFilters", - "type": "array" - } - }, - "required": [ - "Id", - "StorageClassAnalysis" - ], - "type": "object" - }, - "AWS::S3::Bucket.BucketEncryption": { - "additionalProperties": false, - "properties": { - "ServerSideEncryptionConfiguration": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionRule" - }, - "markdownDescription": "Specifies the default server-side-encryption configuration.", - "title": "ServerSideEncryptionConfiguration", - "type": "array" - } - }, - "required": [ - "ServerSideEncryptionConfiguration" - ], - "type": "object" - }, - "AWS::S3::Bucket.CorsConfiguration": { - "additionalProperties": false, - "properties": { - "CorsRules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.CorsRule" - }, - "markdownDescription": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.", - "title": "CorsRules", - "type": "array" - } - }, - "required": [ - "CorsRules" - ], - "type": "object" - }, - "AWS::S3::Bucket.CorsRule": { - "additionalProperties": false, - "properties": { - "AllowedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Headers that are specified in the `Access-Control-Request-Headers` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.", - "title": "AllowedHeaders", - "type": "array" - }, - "AllowedMethods": { - "items": { - "type": "string" - }, - "markdownDescription": "An HTTP method that you allow the origin to run.\n\n*Allowed values* : `GET` | `PUT` | `HEAD` | `POST` | `DELETE`", - "title": "AllowedMethods", - "type": "array" - }, - "AllowedOrigins": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more origins you want customers to be able to access the bucket from.", - "title": "AllowedOrigins", - "type": "array" - }, - "ExposedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).", - "title": "ExposedHeaders", - "type": "array" - }, - "Id": { - "markdownDescription": "A unique identifier for this rule. The value must be no more than 255 characters.", - "title": "Id", - "type": "string" - }, - "MaxAge": { - "markdownDescription": "The time in seconds that your browser is to cache the preflight response for the specified resource.", - "title": "MaxAge", - "type": "number" - } - }, - "required": [ - "AllowedMethods", - "AllowedOrigins" - ], - "type": "object" - }, - "AWS::S3::Bucket.DataExport": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.Destination", - "markdownDescription": "The place to store the data for an analysis.", - "title": "Destination" - }, - "OutputSchemaVersion": { - "markdownDescription": "The version of the output schema to use when exporting data. Must be `V_1` .", - "title": "OutputSchemaVersion", - "type": "string" - } - }, - "required": [ - "Destination", - "OutputSchemaVersion" - ], - "type": "object" - }, - "AWS::S3::Bucket.DefaultRetention": { - "additionalProperties": false, - "properties": { - "Days": { - "markdownDescription": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Days", - "type": "number" - }, - "Mode": { - "markdownDescription": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Mode", - "type": "string" - }, - "Years": { - "markdownDescription": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", - "title": "Years", - "type": "number" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.DeleteMarkerReplication": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Indicates whether to replicate delete markers. Disabled by default.", - "title": "Status", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.Destination": { - "additionalProperties": false, - "properties": { - "BucketAccountId": { - "markdownDescription": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n\n> Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.", - "title": "BucketAccountId", - "type": "string" - }, - "BucketArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bucket to which data is exported.", - "title": "BucketArn", - "type": "string" - }, - "Format": { - "markdownDescription": "Specifies the file format used when exporting data to Amazon S3.\n\n*Allowed values* : `CSV` | `ORC` | `Parquet`", - "title": "Format", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The prefix to use when exporting data. The prefix is prepended to all results.", - "title": "Prefix", - "type": "string" - } - }, - "required": [ - "BucketArn", - "Format" - ], - "type": "object" - }, - "AWS::S3::Bucket.EncryptionConfiguration": { - "additionalProperties": false, - "properties": { - "ReplicaKmsKeyID": { - "markdownDescription": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", - "title": "ReplicaKmsKeyID", - "type": "string" - } - }, - "required": [ - "ReplicaKmsKeyID" - ], - "type": "object" - }, - "AWS::S3::Bucket.EventBridgeConfiguration": { - "additionalProperties": false, - "properties": { - "EventBridgeEnabled": { - "markdownDescription": "Enables delivery of events to Amazon EventBridge.", - "title": "EventBridgeEnabled", - "type": "boolean" - } - }, - "required": [ - "EventBridgeEnabled" - ], - "type": "object" - }, - "AWS::S3::Bucket.FilterRule": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Name", - "type": "string" - }, - "Value": { - "markdownDescription": "The value that the filter searches for in object key names.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::S3::Bucket.IntelligentTieringConfiguration": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID used to identify the S3 Intelligent-Tiering configuration.", - "title": "Id", - "type": "string" - }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", - "title": "Prefix", - "type": "string" - }, - "Status": { - "markdownDescription": "Specifies the status of the configuration.", - "title": "Status", - "type": "string" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "A container for a key-value pair.", - "title": "TagFilters", - "type": "array" - }, - "Tierings": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Tiering" - }, - "markdownDescription": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` .\n\n> You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.", - "title": "Tierings", - "type": "array" - } - }, - "required": [ - "Id", - "Status", - "Tierings" - ], - "type": "object" - }, - "AWS::S3::Bucket.InventoryConfiguration": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.Destination", - "markdownDescription": "Contains information about where to publish the inventory results.", - "title": "Destination" - }, - "Enabled": { - "markdownDescription": "Specifies whether the inventory is enabled or disabled. If set to `True` , an inventory list is generated. If set to `False` , no inventory list is generated.", - "title": "Enabled", - "type": "boolean" - }, - "Id": { - "markdownDescription": "The ID used to identify the inventory configuration.", - "title": "Id", - "type": "string" - }, - "IncludedObjectVersions": { - "markdownDescription": "Object versions to include in the inventory list. If set to `All` , the list includes all the object versions, which adds the version-related fields `VersionId` , `IsLatest` , and `DeleteMarker` to the list. If set to `Current` , the list does not contain these version-related fields.", - "title": "IncludedObjectVersions", - "type": "string" - }, - "OptionalFields": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains the optional fields that are included in the inventory results.", - "title": "OptionalFields", - "type": "array" - }, - "Prefix": { - "markdownDescription": "Specifies the inventory filter prefix.", - "title": "Prefix", - "type": "string" - }, - "ScheduleFrequency": { - "markdownDescription": "Specifies the schedule for generating inventory results.", - "title": "ScheduleFrequency", - "type": "string" - } - }, - "required": [ - "Destination", - "Enabled", - "Id", - "IncludedObjectVersions", - "ScheduleFrequency" - ], - "type": "object" - }, - "AWS::S3::Bucket.LambdaConfiguration": { - "additionalProperties": false, - "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", - "type": "string" - }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", - "title": "Filter" - }, - "Function": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.", - "title": "Function", - "type": "string" - } - }, - "required": [ - "Event", - "Function" - ], - "type": "object" - }, - "AWS::S3::Bucket.LifecycleConfiguration": { - "additionalProperties": false, - "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Rule" - }, - "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 bucket.", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "Rules" - ], - "type": "object" - }, - "AWS::S3::Bucket.LoggingConfiguration": { - "additionalProperties": false, - "properties": { - "DestinationBucketName": { - "markdownDescription": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the `LoggingConfiguration` property is defined.", - "title": "DestinationBucketName", - "type": "string" - }, - "LogFilePrefix": { - "markdownDescription": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", - "title": "LogFilePrefix", - "type": "string" - }, - "TargetObjectKeyFormat": { - "$ref": "#/definitions/AWS::S3::Bucket.TargetObjectKeyFormat", - "markdownDescription": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.", - "title": "TargetObjectKeyFormat" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.Metrics": { - "additionalProperties": false, - "properties": { - "EventThreshold": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", - "markdownDescription": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", - "title": "EventThreshold" - }, - "Status": { - "markdownDescription": "Specifies whether the replication metrics are enabled.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::S3::Bucket.MetricsConfiguration": { - "additionalProperties": false, - "properties": { - "AccessPointArn": { - "markdownDescription": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.", - "title": "AccessPointArn", - "type": "string" - }, - "Id": { - "markdownDescription": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.", - "title": "Id", - "type": "string" - }, - "Prefix": { - "markdownDescription": "The prefix that an object must have to be included in the metrics results.", - "title": "Prefix", - "type": "string" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.", - "title": "TagFilters", - "type": "array" - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "AWS::S3::Bucket.NoncurrentVersionExpiration": { - "additionalProperties": false, - "properties": { - "NewerNoncurrentVersions": { - "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", - "title": "NewerNoncurrentVersions", - "type": "number" - }, - "NoncurrentDays": { - "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", - "title": "NoncurrentDays", - "type": "number" - } - }, - "required": [ - "NoncurrentDays" - ], - "type": "object" - }, - "AWS::S3::Bucket.NoncurrentVersionTransition": { - "additionalProperties": false, - "properties": { - "NewerNoncurrentVersions": { - "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", - "title": "NewerNoncurrentVersions", - "type": "number" - }, - "StorageClass": { - "markdownDescription": "The class of storage used to store the object.", - "title": "StorageClass", - "type": "string" - }, - "TransitionInDays": { - "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", - "title": "TransitionInDays", - "type": "number" - } - }, - "required": [ - "StorageClass", - "TransitionInDays" - ], - "type": "object" - }, - "AWS::S3::Bucket.NotificationConfiguration": { - "additionalProperties": false, - "properties": { - "EventBridgeConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.EventBridgeConfiguration", - "markdownDescription": "Enables delivery of events to Amazon EventBridge.", - "title": "EventBridgeConfiguration" - }, - "LambdaConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.LambdaConfiguration" - }, - "markdownDescription": "Describes the AWS Lambda functions to invoke and the events for which to invoke them.", - "title": "LambdaConfigurations", - "type": "array" - }, - "QueueConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.QueueConfiguration" - }, - "markdownDescription": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.", - "title": "QueueConfigurations", - "type": "array" - }, - "TopicConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TopicConfiguration" - }, - "markdownDescription": "The topic to which notifications are sent and the events for which notifications are generated.", - "title": "TopicConfigurations", - "type": "array" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.NotificationFilter": { - "additionalProperties": false, - "properties": { - "S3Key": { - "$ref": "#/definitions/AWS::S3::Bucket.S3KeyFilter", - "markdownDescription": "A container for object key name prefix and suffix filtering rules.", - "title": "S3Key" - } - }, - "required": [ - "S3Key" - ], - "type": "object" - }, - "AWS::S3::Bucket.ObjectLockConfiguration": { - "additionalProperties": false, - "properties": { - "ObjectLockEnabled": { - "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", - "title": "ObjectLockEnabled", - "type": "string" - }, - "Rule": { - "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockRule", - "markdownDescription": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply `ObjectLockConfiguration` to a bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", - "title": "Rule" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.ObjectLockRule": { - "additionalProperties": false, - "properties": { - "DefaultRetention": { - "$ref": "#/definitions/AWS::S3::Bucket.DefaultRetention", - "markdownDescription": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", - "title": "DefaultRetention" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.OwnershipControls": { - "additionalProperties": false, - "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControlsRule" - }, - "markdownDescription": "Specifies the container element for Object Ownership rules.", - "title": "Rules", - "type": "array" + ], + "type": "string" } }, "required": [ - "Rules" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.OwnershipControlsRule": { - "additionalProperties": false, - "properties": { - "ObjectOwnership": { - "markdownDescription": "Specifies an object ownership rule.", - "title": "ObjectOwnership", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.PartitionedPrefix": { + "AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig": { "additionalProperties": false, "properties": { - "PartitionDateSource": { - "markdownDescription": "Specifies the partition date source for the partitioned prefix. `PartitionDateSource` can be `EventTime` or `DeliveryTime` .\n\nFor `DeliveryTime` , the time in the log file names corresponds to the delivery time for the log files.\n\nFor `EventTime` , The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.", - "title": "PartitionDateSource", + "CloudWatchLogGroupName": { + "markdownDescription": "The name of the CloudWatch Logs log group where you want to send command output. If you don't specify a group name, AWS Systems Manager automatically creates a log group for you. The log group uses the following naming format:\n\n`aws/ssm/ *SystemsManagerDocumentName*`", + "title": "CloudWatchLogGroupName", "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.PublicAccessBlockConfiguration": { - "additionalProperties": false, - "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", - "title": "BlockPublicAcls", - "type": "boolean" - }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", - "title": "BlockPublicPolicy", - "type": "boolean" }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "title": "IgnorePublicAcls", - "type": "boolean" - }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", + "CloudWatchOutputEnabled": { + "markdownDescription": "Enables Systems Manager to send command output to CloudWatch Logs.", + "title": "CloudWatchOutputEnabled", "type": "boolean" } }, "type": "object" }, - "AWS::S3::Bucket.QueueConfiguration": { + "AWS::SSM::MaintenanceWindowTask.LoggingInfo": { "additionalProperties": false, "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", + "Region": { + "markdownDescription": "The AWS Region where the S3 bucket is located.", + "title": "Region", "type": "string" }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", - "title": "Filter" + "S3Bucket": { + "markdownDescription": "The name of an S3 bucket where execution logs are stored.", + "title": "S3Bucket", + "type": "string" }, - "Queue": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.", - "title": "Queue", + "S3Prefix": { + "markdownDescription": "The Amazon S3 bucket subfolder.", + "title": "S3Prefix", "type": "string" } }, "required": [ - "Event", - "Queue" + "Region", + "S3Bucket" ], "type": "object" }, - "AWS::S3::Bucket.RedirectAllRequestsTo": { + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters": { "additionalProperties": false, "properties": { - "HostName": { - "markdownDescription": "Name of the host where requests are redirected.", - "title": "HostName", + "DocumentVersion": { + "markdownDescription": "The version of an Automation runbook to use during task execution.", + "title": "DocumentVersion", "type": "string" }, - "Protocol": { - "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", - "title": "Protocol", - "type": "string" + "Parameters": { + "markdownDescription": "The parameters for the `AUTOMATION` type task.", + "title": "Parameters", + "type": "object" } }, - "required": [ - "HostName" - ], "type": "object" }, - "AWS::S3::Bucket.RedirectRule": { + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters": { "additionalProperties": false, "properties": { - "HostName": { - "markdownDescription": "The host name to use in the redirect request.", - "title": "HostName", - "type": "string" - }, - "HttpRedirectCode": { - "markdownDescription": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.", - "title": "HttpRedirectCode", - "type": "string" - }, - "Protocol": { - "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", - "title": "Protocol", + "ClientContext": { + "markdownDescription": "Client-specific information to pass to the AWS Lambda function that you're invoking. You can then use the `context` variable to process the client information in your AWS Lambda function.", + "title": "ClientContext", "type": "string" }, - "ReplaceKeyPrefixWith": { - "markdownDescription": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix `docs/` (objects in the `docs/` folder) to `documents/` , you can set a condition block with `KeyPrefixEquals` set to `docs/` and in the Redirect set `ReplaceKeyPrefixWith` to `/documents` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "ReplaceKeyPrefixWith", + "Payload": { + "markdownDescription": "JSON to provide to your AWS Lambda function as input.\n\n> Although `Type` is listed as \"String\" for this property, the payload content must be formatted as a Base64-encoded binary data object. \n\n*Length Constraint:* 4096", + "title": "Payload", "type": "string" }, - "ReplaceKeyWith": { - "markdownDescription": "The specific object key to use in the redirect request. For example, redirect request to `error.html` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyPrefixWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "ReplaceKeyWith", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.ReplicaModifications": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Specifies whether Amazon S3 replicates modifications on replicas.\n\n*Allowed values* : `Enabled` | `Disabled`", - "title": "Status", + "Qualifier": { + "markdownDescription": "An AWS Lambda function version or alias name. If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to.", + "title": "Qualifier", "type": "string" } }, - "required": [ - "Status" - ], "type": "object" }, - "AWS::S3::Bucket.ReplicationConfiguration": { + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters": { "additionalProperties": false, "properties": { - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide* .", - "title": "Role", + "CloudWatchOutputConfig": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig", + "markdownDescription": "Configuration options for sending command output to Amazon CloudWatch Logs.", + "title": "CloudWatchOutputConfig" + }, + "Comment": { + "markdownDescription": "Information about the command or commands to run.", + "title": "Comment", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRule" - }, - "markdownDescription": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "Role", - "Rules" - ], - "type": "object" - }, - "AWS::S3::Bucket.ReplicationDestination": { - "additionalProperties": false, - "properties": { - "AccessControlTranslation": { - "$ref": "#/definitions/AWS::S3::Bucket.AccessControlTranslation", - "markdownDescription": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.", - "title": "AccessControlTranslation" + "DocumentHash": { + "markdownDescription": "The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.", + "title": "DocumentHash", + "type": "string" }, - "Account": { - "markdownDescription": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS account that owns the destination bucket by specifying the `AccessControlTranslation` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide* .\n\nIf you specify the `AccessControlTranslation` property, the `Account` property is required.", - "title": "Account", + "DocumentHashType": { + "markdownDescription": "The SHA-256 or SHA-1 hash type. SHA-1 hashes are deprecated.", + "title": "DocumentHashType", "type": "string" }, - "Bucket": { - "markdownDescription": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.", - "title": "Bucket", + "DocumentVersion": { + "markdownDescription": "The AWS Systems Manager document (SSM document) version to use in the request. You can specify `$DEFAULT` , `$LATEST` , or a specific version number. If you run commands by using the AWS CLI, then you must escape the first two options by using a backslash. If you specify a version number, then you don't need to use the backslash. For example:\n\n`--document-version \"\\$DEFAULT\"`\n\n`--document-version \"\\$LATEST\"`\n\n`--document-version \"3\"`", + "title": "DocumentVersion", "type": "string" }, - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::S3::Bucket.EncryptionConfiguration", - "markdownDescription": "Specifies encryption-related information.", - "title": "EncryptionConfiguration" + "NotificationConfig": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.NotificationConfig", + "markdownDescription": "Configurations for sending notifications about command status changes on a per-managed node basis.", + "title": "NotificationConfig" }, - "Metrics": { - "$ref": "#/definitions/AWS::S3::Bucket.Metrics", - "markdownDescription": "A container specifying replication metrics-related settings enabling replication metrics and events.", - "title": "Metrics" + "OutputS3BucketName": { + "markdownDescription": "The name of the Amazon Simple Storage Service (Amazon S3) bucket.", + "title": "OutputS3BucketName", + "type": "string" }, - "ReplicationTime": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTime", - "markdownDescription": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a `Metrics` block.", - "title": "ReplicationTime" + "OutputS3KeyPrefix": { + "markdownDescription": "The S3 bucket subfolder.", + "title": "OutputS3KeyPrefix", + "type": "string" }, - "StorageClass": { - "markdownDescription": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* .\n\n`FSX_OPENZFS` is not an accepted value when replicating objects.", - "title": "StorageClass", + "Parameters": { + "markdownDescription": "The parameters for the `RUN_COMMAND` task execution.\n\nThe supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .", + "title": "Parameters", + "type": "object" + }, + "ServiceRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", + "title": "ServiceRoleArn", "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "If this time is reached and the command hasn't already started running, it doesn't run.", + "title": "TimeoutSeconds", + "type": "number" } }, - "required": [ - "Bucket" - ], "type": "object" }, - "AWS::S3::Bucket.ReplicationRule": { + "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters": { "additionalProperties": false, "properties": { - "DeleteMarkerReplication": { - "$ref": "#/definitions/AWS::S3::Bucket.DeleteMarkerReplication", - "markdownDescription": "Specifies whether Amazon S3 replicates delete markers. If you specify a `Filter` in your replication configuration, you must also include a `DeleteMarkerReplication` element. If your `Filter` includes a `Tag` element, the `DeleteMarkerReplication` `Status` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config) .\n\nFor more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html) .\n\n> If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations) .", - "title": "DeleteMarkerReplication" - }, - "Destination": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationDestination", - "markdownDescription": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).", - "title": "Destination" - }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleFilter", - "markdownDescription": "A filter that identifies the subset of objects to which the replication rule applies. A `Filter` must specify exactly one `Prefix` , `TagFilter` , or an `And` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n\n> V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.", - "title": "Filter" - }, - "Id": { - "markdownDescription": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".", - "title": "Id", - "type": "string" - }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", + "Input": { + "markdownDescription": "The inputs for the `STEP_FUNCTIONS` task.", + "title": "Input", "type": "string" }, - "Priority": { - "markdownDescription": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.\n\nFor more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide* .", - "title": "Priority", - "type": "number" - }, - "SourceSelectionCriteria": { - "$ref": "#/definitions/AWS::S3::Bucket.SourceSelectionCriteria", - "markdownDescription": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.", - "title": "SourceSelectionCriteria" - }, - "Status": { - "markdownDescription": "Specifies whether the rule is enabled.", - "title": "Status", + "Name": { + "markdownDescription": "The name of the `STEP_FUNCTIONS` task.", + "title": "Name", "type": "string" } }, - "required": [ - "Destination", - "Status" - ], "type": "object" }, - "AWS::S3::Bucket.ReplicationRuleAndOperator": { + "AWS::SSM::MaintenanceWindowTask.NotificationConfig": { "additionalProperties": false, "properties": { - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", - "title": "Prefix", + "NotificationArn": { + "markdownDescription": "An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic. Run Command pushes notifications about command status changes to this topic.", + "title": "NotificationArn", "type": "string" }, - "TagFilters": { + "NotificationEvents": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" + "type": "string" }, - "markdownDescription": "An array of tags containing key and value pairs.", - "title": "TagFilters", + "markdownDescription": "The different events that you can receive notifications for. These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* .", + "title": "NotificationEvents", "type": "array" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.ReplicationRuleFilter": { - "additionalProperties": false, - "properties": { - "And": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleAndOperator", - "markdownDescription": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:\n\n- If you specify both a `Prefix` and a `TagFilter` , wrap these filters in an `And` tag.\n- If you specify a filter based on multiple tags, wrap the `TagFilter` elements in an `And` tag.", - "title": "And" - }, - "Prefix": { - "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", - "type": "string" }, - "TagFilter": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter", - "markdownDescription": "A container for specifying a tag key and value.\n\nThe rule applies only to objects that have the tag in their tag set.", - "title": "TagFilter" - } - }, - "type": "object" - }, - "AWS::S3::Bucket.ReplicationTime": { - "additionalProperties": false, - "properties": { - "Status": { - "markdownDescription": "Specifies whether the replication time is enabled.", - "title": "Status", + "NotificationType": { + "markdownDescription": "The notification type.\n\n- `Command` : Receive notification when the status of a command changes.\n- `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.", + "title": "NotificationType", "type": "string" - }, - "Time": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", - "markdownDescription": "A container specifying the time by which replication should be complete for all objects and operations on objects.", - "title": "Time" } }, "required": [ - "Status", - "Time" - ], - "type": "object" - }, - "AWS::S3::Bucket.ReplicationTimeValue": { - "additionalProperties": false, - "properties": { - "Minutes": { - "markdownDescription": "Contains an integer specifying time in minutes.\n\nValid value: 15", - "title": "Minutes", - "type": "number" - } - }, - "required": [ - "Minutes" + "NotificationArn" ], "type": "object" }, - "AWS::S3::Bucket.RoutingRule": { + "AWS::SSM::MaintenanceWindowTask.Target": { "additionalProperties": false, "properties": { - "RedirectRule": { - "$ref": "#/definitions/AWS::S3::Bucket.RedirectRule", - "markdownDescription": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.", - "title": "RedirectRule" + "Key": { + "markdownDescription": "User-defined criteria for sending commands that target instances that meet the criteria. `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", + "title": "Key", + "type": "string" }, - "RoutingRuleCondition": { - "$ref": "#/definitions/AWS::S3::Bucket.RoutingRuleCondition", - "markdownDescription": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the `/docs` folder, redirect to the `/documents` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.", - "title": "RoutingRuleCondition" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", + "title": "Values", + "type": "array" } }, "required": [ - "RedirectRule" + "Key", + "Values" ], "type": "object" }, - "AWS::S3::Bucket.RoutingRuleCondition": { + "AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters": { "additionalProperties": false, "properties": { - "HttpErrorCodeReturnedEquals": { - "markdownDescription": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n\nRequired when parent element `Condition` is specified and sibling `KeyPrefixEquals` is not specified. If both are specified, then both must be true for the redirect to be applied.", - "title": "HttpErrorCodeReturnedEquals", - "type": "string" + "MaintenanceWindowAutomationParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters", + "markdownDescription": "The parameters for an `AUTOMATION` task type.", + "title": "MaintenanceWindowAutomationParameters" }, - "KeyPrefixEquals": { - "markdownDescription": "The object key name prefix when the redirect is applied. For example, to redirect requests for `ExamplePage.html` , the key prefix will be `ExamplePage.html` . To redirect request for all pages with the prefix `docs/` , the key prefix will be `docs/` , which identifies all objects in the docs/ folder.\n\nRequired when the parent element `Condition` is specified and sibling `HttpErrorCodeReturnedEquals` is not specified. If both conditions are specified, both must be true for the redirect to be applied.", - "title": "KeyPrefixEquals", - "type": "string" + "MaintenanceWindowLambdaParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters", + "markdownDescription": "The parameters for a `LAMBDA` task type.", + "title": "MaintenanceWindowLambdaParameters" + }, + "MaintenanceWindowRunCommandParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters", + "markdownDescription": "The parameters for a `RUN_COMMAND` task type.", + "title": "MaintenanceWindowRunCommandParameters" + }, + "MaintenanceWindowStepFunctionsParameters": { + "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters", + "markdownDescription": "The parameters for a `STEP_FUNCTIONS` task type.", + "title": "MaintenanceWindowStepFunctionsParameters" } }, "type": "object" }, - "AWS::S3::Bucket.Rule": { + "AWS::SSM::Parameter": { "additionalProperties": false, "properties": { - "AbortIncompleteMultipartUpload": { - "$ref": "#/definitions/AWS::S3::Bucket.AbortIncompleteMultipartUpload", - "markdownDescription": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.", - "title": "AbortIncompleteMultipartUpload" - }, - "ExpirationDate": { - "markdownDescription": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", - "title": "ExpirationDate", + "Condition": { "type": "string" }, - "ExpirationInDays": { - "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", - "title": "ExpirationInDays", - "type": "number" - }, - "ExpiredObjectDeleteMarker": { - "markdownDescription": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with `ExpirationInDays` , `ExpirationDate` , or `TagFilters` .", - "title": "ExpiredObjectDeleteMarker", - "type": "boolean" - }, - "Id": { - "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", - "title": "Id", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "NoncurrentVersionExpiration": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionExpiration", - "markdownDescription": "Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.", - "title": "NoncurrentVersionExpiration" - }, - "NoncurrentVersionExpirationInDays": { - "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.", - "title": "NoncurrentVersionExpirationInDays", - "type": "number" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "NoncurrentVersionTransition": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition", - "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransitions` property.", - "title": "NoncurrentVersionTransition" + "Metadata": { + "type": "object" }, - "NoncurrentVersionTransitions": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition" + "Properties": { + "additionalProperties": false, + "properties": { + "AllowedPattern": { + "markdownDescription": "A regular expression used to validate the parameter value. For example, for `String` types with values restricted to numbers, you can specify the following: `AllowedPattern=^\\d+$`", + "title": "AllowedPattern", + "type": "string" + }, + "DataType": { + "markdownDescription": "The data type of the parameter, such as `text` or `aws:ec2:image` . The default is `text` .", + "title": "DataType", + "type": "string" + }, + "Description": { + "markdownDescription": "Information about the parameter.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the parameter.\n\n> The reported maximum length of 2048 characters for a parameter name includes 1037 characters that are reserved for internal use by Systems Manager . The maximum length for a parameter name that you specify is 1011 characters.\n> \n> This count of 1011 characters includes the characters in the ARN that precede the name you specify. This ARN length will vary depending on your partition and Region. For example, the following 45 characters count toward the 1011 character maximum for a parameter created in the US East (Ohio) Region: `arn:aws:ssm:us-east-2:111122223333:parameter/` .", + "title": "Name", + "type": "string" + }, + "Policies": { + "markdownDescription": "Information about the policies assigned to a parameter.\n\n[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* .", + "title": "Policies", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Tier": { + "markdownDescription": "The parameter tier.", + "title": "Tier", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of parameter.\n\n> Parameters of type `SecureString` are not supported by AWS CloudFormation .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The parameter value.\n\n> If type is `StringList` , the system returns a comma-separated string with no spaces between commas in the `Value` field.", + "title": "Value", + "type": "string" + } }, - "markdownDescription": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransition` property.", - "title": "NoncurrentVersionTransitions", - "type": "array" - }, - "ObjectSizeGreaterThan": { - "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", - "title": "ObjectSizeGreaterThan", - "type": "string" - }, - "ObjectSizeLessThan": { - "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", - "title": "ObjectSizeLessThan", - "type": "string" + "required": [ + "Type", + "Value" + ], + "type": "object" }, - "Prefix": { - "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", - "title": "Prefix", + "Type": { + "enum": [ + "AWS::SSM::Parameter" + ], "type": "string" }, - "Status": { - "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", - "title": "Status", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - }, - "TagFilters": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" - }, - "markdownDescription": "Tags to use to identify a subset of objects to which the lifecycle rule applies.", - "title": "TagFilters", - "type": "array" - }, - "Transition": { - "$ref": "#/definitions/AWS::S3::Bucket.Transition", - "markdownDescription": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transitions` property.", - "title": "Transition" - }, - "Transitions": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.Transition" - }, - "markdownDescription": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transition` property.", - "title": "Transitions", - "type": "array" } }, "required": [ - "Status" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.S3KeyFilter": { + "AWS::SSM::PatchBaseline": { "additionalProperties": false, "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3::Bucket.FilterRule" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApprovalRules": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.RuleGroup", + "markdownDescription": "A set of rules used to include patches in the baseline.", + "title": "ApprovalRules" + }, + "ApprovedPatches": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of explicitly approved patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", + "title": "ApprovedPatches", + "type": "array" + }, + "ApprovedPatchesComplianceLevel": { + "markdownDescription": "Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` .", + "title": "ApprovedPatchesComplianceLevel", + "type": "string" + }, + "ApprovedPatchesEnableNonSecurity": { + "markdownDescription": "Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. The default value is `false` . Applies to Linux managed nodes only.", + "title": "ApprovedPatchesEnableNonSecurity", + "type": "boolean" + }, + "AvailableSecurityUpdatesComplianceStatus": { + "markdownDescription": "", + "title": "AvailableSecurityUpdatesComplianceStatus", + "type": "string" + }, + "DefaultBaseline": { + "markdownDescription": "Indicates whether this is the default baseline. AWS Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.", + "title": "DefaultBaseline", + "type": "boolean" + }, + "Description": { + "markdownDescription": "A description of the patch baseline.", + "title": "Description", + "type": "string" + }, + "GlobalFilters": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", + "markdownDescription": "A set of global filters used to include patches in the baseline.\n\n> The `GlobalFilters` parameter can be configured only by using the AWS CLI or an AWS SDK. It can't be configured from the Patch Manager console, and its value isn't displayed in the console.", + "title": "GlobalFilters" + }, + "Name": { + "markdownDescription": "The name of the patch baseline.", + "title": "Name", + "type": "string" + }, + "OperatingSystem": { + "markdownDescription": "Defines the operating system the patch baseline applies to. The default value is `WINDOWS` .", + "title": "OperatingSystem", + "type": "string" + }, + "PatchGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The name of the patch group to be registered with the patch baseline.", + "title": "PatchGroups", + "type": "array" + }, + "RejectedPatches": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of explicitly rejected patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", + "title": "RejectedPatches", + "type": "array" + }, + "RejectedPatchesAction": { + "markdownDescription": "The action for Patch Manager to take on patches included in the `RejectedPackages` list.\n\n- **ALLOW_AS_DEPENDENCY** - *Linux and macOS* : A package in the rejected patches list is installed only if it is a dependency of another package. It is considered compliant with the patch baseline, and its status is reported as `INSTALLED_OTHER` . This is the default action if no option is specified.\n\n*Windows Server* : Windows Server doesn't support the concept of package dependencies. If a package in the rejected patches list and already installed on the node, its status is reported as `INSTALLED_OTHER` . Any package not already installed on the node is skipped. This is the default action if no option is specified.\n- **BLOCK** - *All OSs* : Packages in the rejected patches list, and packages that include them as dependencies, aren't installed by Patch Manager under any circumstances. If a package was installed before it was added to the rejected patches list, or is installed outside of Patch Manager afterward, it's considered noncompliant with the patch baseline and its status is reported as `INSTALLED_REJECTED` .", + "title": "RejectedPatchesAction", + "type": "string" + }, + "Sources": { + "items": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchSource" + }, + "markdownDescription": "Information about the patches to use to update the managed nodes, including target operating systems and source repositories. Applies to Linux managed nodes only.", + "title": "Sources", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a patch baseline to identify the severity level of patches it specifies and the operating system family it applies to.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "A list of containers for the key-value pair that defines the criteria for the filter rule.", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "Rules" - ], - "type": "object" - }, - "AWS::S3::Bucket.ServerSideEncryptionByDefault": { - "additionalProperties": false, - "properties": { - "KMSMasterKeyID": { - "markdownDescription": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption.\n\n> - *General purpose buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` or `aws:kms:dsse` .\n> - *Directory buckets* - This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` . \n\nYou can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key Alias: `alias/alias-name`\n\nIf you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy) .\n\n> - *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then AWS KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.\n> - *Directory buckets* - When you specify an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. > Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KMSMasterKeyID", + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::PatchBaseline" + ], "type": "string" }, - "SSEAlgorithm": { - "markdownDescription": "Server-side encryption algorithm to use for the default encryption.\n\n> For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` .", - "title": "SSEAlgorithm", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SSEAlgorithm" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.ServerSideEncryptionRule": { + "AWS::SSM::PatchBaseline.PatchFilter": { "additionalProperties": false, "properties": { - "BucketKeyEnabled": { - "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the `BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide* .", - "title": "BucketKeyEnabled", - "type": "boolean" + "Key": { + "markdownDescription": "The key for the filter.\n\nFor information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", + "title": "Key", + "type": "string" }, - "ServerSideEncryptionByDefault": { - "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionByDefault", - "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", - "title": "ServerSideEncryptionByDefault" + "Values": { + "items": { + "type": "string" + }, + "markdownDescription": "The value for the filter key.\n\nFor information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", + "title": "Values", + "type": "array" } }, "type": "object" }, - "AWS::S3::Bucket.SourceSelectionCriteria": { + "AWS::SSM::PatchBaseline.PatchFilterGroup": { "additionalProperties": false, "properties": { - "ReplicaModifications": { - "$ref": "#/definitions/AWS::S3::Bucket.ReplicaModifications", - "markdownDescription": "A filter that you can specify for selection for modifications on replicas.", - "title": "ReplicaModifications" - }, - "SseKmsEncryptedObjects": { - "$ref": "#/definitions/AWS::S3::Bucket.SseKmsEncryptedObjects", - "markdownDescription": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.", - "title": "SseKmsEncryptedObjects" + "PatchFilters": { + "items": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilter" + }, + "markdownDescription": "The set of patch filters that make up the group.", + "title": "PatchFilters", + "type": "array" } }, "type": "object" }, - "AWS::S3::Bucket.SseKmsEncryptedObjects": { + "AWS::SSM::PatchBaseline.PatchSource": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.", - "title": "Status", + "Configuration": { + "markdownDescription": "The value of the repo configuration.\n\n*Example for yum repositories*\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\nFor information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) on the *man7.org* website.\n\n*Examples for Ubuntu Server and Debian Server*\n\n`deb http://security.ubuntu.com/ubuntu jammy main`\n\n`deb https://site.example.com/debian distribution component1 component2 component3`\n\nRepo information for Ubuntu Server repositories must be specifed in a single line. For more examples and information, see [jammy (5) sources.list.5.gz](https://docs.aws.amazon.com/https://manpages.ubuntu.com/manpages/jammy/man5/sources.list.5.html) on the *Ubuntu Server Manuals* website and [sources.list format](https://docs.aws.amazon.com/https://wiki.debian.org/SourcesList#sources.list_format) on the *Debian Wiki* .", + "title": "Configuration", "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "AWS::S3::Bucket.StorageClassAnalysis": { - "additionalProperties": false, - "properties": { - "DataExport": { - "$ref": "#/definitions/AWS::S3::Bucket.DataExport", - "markdownDescription": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.", - "title": "DataExport" + }, + "Name": { + "markdownDescription": "The name specified to identify the patch source.", + "title": "Name", + "type": "string" + }, + "Products": { + "items": { + "type": "string" + }, + "markdownDescription": "The specific operating system versions a patch repository applies to, such as \"Ubuntu16.04\", \"RedhatEnterpriseLinux7.2\" or \"Suse12.7\". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", + "title": "Products", + "type": "array" } }, "type": "object" }, - "AWS::S3::Bucket.TagFilter": { + "AWS::SSM::PatchBaseline.Rule": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The tag key.", - "title": "Key", + "ApproveAfterDays": { + "markdownDescription": "The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of `7` means that patches are approved seven days after they are released.\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveAfterDays` or `ApproveUntilDate` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", + "title": "ApproveAfterDays", + "type": "number" + }, + "ApproveUntilDate": { + "markdownDescription": "The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically.\n\nEnter dates in the format `YYYY-MM-DD` . For example, `2024-12-31` .\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveUntilDate` or `ApproveAfterDays` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", + "title": "ApproveUntilDate", "type": "string" }, - "Value": { - "markdownDescription": "The tag value.", - "title": "Value", + "ComplianceLevel": { + "markdownDescription": "A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` .", + "title": "ComplianceLevel", "type": "string" + }, + "EnableNonSecurity": { + "markdownDescription": "For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is `false` . Applies to Linux managed nodes only.", + "title": "EnableNonSecurity", + "type": "boolean" + }, + "PatchFilterGroup": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", + "markdownDescription": "The patch filter group that defines the criteria for the rule.", + "title": "PatchFilterGroup" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::S3::Bucket.TargetObjectKeyFormat": { + "AWS::SSM::PatchBaseline.RuleGroup": { "additionalProperties": false, "properties": { - "PartitionedPrefix": { - "$ref": "#/definitions/AWS::S3::Bucket.PartitionedPrefix", - "markdownDescription": "Partitioned S3 key for log objects.", - "title": "PartitionedPrefix" - }, - "SimplePrefix": { - "markdownDescription": "To use the simple format for S3 keys for log objects. To specify SimplePrefix format, set SimplePrefix to {}.", - "title": "SimplePrefix", - "type": "object" + "PatchRules": { + "items": { + "$ref": "#/definitions/AWS::SSM::PatchBaseline.Rule" + }, + "markdownDescription": "The rules that make up the rule group.", + "title": "PatchRules", + "type": "array" } }, "type": "object" }, - "AWS::S3::Bucket.Tiering": { + "AWS::SSM::ResourceDataSync": { "additionalProperties": false, "properties": { - "AccessTier": { - "markdownDescription": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.", - "title": "AccessTier", + "Condition": { "type": "string" }, - "Days": { - "markdownDescription": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).", - "title": "Days", - "type": "number" - } - }, - "required": [ - "AccessTier", - "Days" - ], - "type": "object" - }, - "AWS::S3::Bucket.TopicConfiguration": { - "additionalProperties": false, - "properties": { - "Event": { - "markdownDescription": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", - "title": "Event", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Filter": { - "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", - "markdownDescription": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket.", - "title": "Filter" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Topic": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.", - "title": "Topic", + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", + "title": "BucketName", + "type": "string" + }, + "BucketPrefix": { + "markdownDescription": "An Amazon S3 prefix for the bucket.", + "title": "BucketPrefix", + "type": "string" + }, + "BucketRegion": { + "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", + "title": "BucketRegion", + "type": "string" + }, + "KMSKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key for a destination in Amazon S3 . You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same AWS Region as the destination Amazon S3 bucket.", + "title": "KMSKeyArn", + "type": "string" + }, + "S3Destination": { + "$ref": "#/definitions/AWS::SSM::ResourceDataSync.S3Destination", + "markdownDescription": "Configuration information for the target S3 bucket.", + "title": "S3Destination" + }, + "SyncFormat": { + "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", + "title": "SyncFormat", + "type": "string" + }, + "SyncName": { + "markdownDescription": "A name for the resource data sync.", + "title": "SyncName", + "type": "string" + }, + "SyncSource": { + "$ref": "#/definitions/AWS::SSM::ResourceDataSync.SyncSource", + "markdownDescription": "Information about the source where the data was synchronized.", + "title": "SyncSource" + }, + "SyncType": { + "markdownDescription": "The type of resource data sync. If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions .", + "title": "SyncType", + "type": "string" + } + }, + "required": [ + "SyncName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSM::ResourceDataSync" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Event", - "Topic" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::Bucket.Transition": { + "AWS::SSM::ResourceDataSync.AwsOrganizationsSource": { "additionalProperties": false, "properties": { - "StorageClass": { - "markdownDescription": "The storage class to which you want the object to transition.", - "title": "StorageClass", - "type": "string" - }, - "TransitionDate": { - "markdownDescription": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.", - "title": "TransitionDate", + "OrganizationSourceType": { + "markdownDescription": "If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` . For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization.", + "title": "OrganizationSourceType", "type": "string" }, - "TransitionInDays": { - "markdownDescription": "Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is `INTELLIGENT_TIERING` , `GLACIER_IR` , `GLACIER` , or `DEEP_ARCHIVE` , valid values are `0` or positive integers. If the specified storage class is `STANDARD_IA` or `ONEZONE_IA` , valid values are positive integers greater than `30` . Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide* .", - "title": "TransitionInDays", - "type": "number" + "OrganizationalUnits": { + "items": { + "type": "string" + }, + "markdownDescription": "The AWS Organizations organization units included in the sync.", + "title": "OrganizationalUnits", + "type": "array" } }, "required": [ - "StorageClass" + "OrganizationSourceType" ], "type": "object" }, - "AWS::S3::Bucket.VersioningConfiguration": { + "AWS::SSM::ResourceDataSync.S3Destination": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The versioning state of the bucket.", - "title": "Status", + "BucketName": { + "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", + "title": "BucketName", + "type": "string" + }, + "BucketPrefix": { + "markdownDescription": "An Amazon S3 prefix for the bucket.", + "title": "BucketPrefix", + "type": "string" + }, + "BucketRegion": { + "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", + "title": "BucketRegion", + "type": "string" + }, + "KMSKeyArn": { + "markdownDescription": "The ARN of an encryption key for a destination in Amazon S3. Must belong to the same Region as the destination S3 bucket.", + "title": "KMSKeyArn", + "type": "string" + }, + "SyncFormat": { + "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", + "title": "SyncFormat", "type": "string" } }, "required": [ - "Status" + "BucketName", + "BucketRegion", + "SyncFormat" ], "type": "object" }, - "AWS::S3::Bucket.WebsiteConfiguration": { + "AWS::SSM::ResourceDataSync.SyncSource": { "additionalProperties": false, "properties": { - "ErrorDocument": { - "markdownDescription": "The name of the error document for the website.", - "title": "ErrorDocument", - "type": "string" - }, - "IndexDocument": { - "markdownDescription": "The name of the index document for the website.", - "title": "IndexDocument", - "type": "string" + "AwsOrganizationsSource": { + "$ref": "#/definitions/AWS::SSM::ResourceDataSync.AwsOrganizationsSource", + "markdownDescription": "Information about the AwsOrganizationsSource resource data sync source. A sync source of this type can synchronize data from AWS Organizations .", + "title": "AwsOrganizationsSource" }, - "RedirectAllRequestsTo": { - "$ref": "#/definitions/AWS::S3::Bucket.RedirectAllRequestsTo", - "markdownDescription": "The redirect behavior for every request to this bucket's website endpoint.\n\n> If you specify this property, you can't specify any other property.", - "title": "RedirectAllRequestsTo" + "IncludeFutureRegions": { + "markdownDescription": "Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online.", + "title": "IncludeFutureRegions", + "type": "boolean" }, - "RoutingRules": { + "SourceRegions": { "items": { - "$ref": "#/definitions/AWS::S3::Bucket.RoutingRule" + "type": "string" }, - "markdownDescription": "Rules that define when a redirect is applied and the redirect behavior.", - "title": "RoutingRules", + "markdownDescription": "The `SyncSource` AWS Regions included in the resource data sync.", + "title": "SourceRegions", "type": "array" + }, + "SourceType": { + "markdownDescription": "The type of data source for the resource data sync. `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` .", + "title": "SourceType", + "type": "string" } }, + "required": [ + "SourceRegions", + "SourceType" + ], "type": "object" }, - "AWS::S3::BucketPolicy": { + "AWS::SSM::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -236665,26 +288146,26 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 bucket to which the policy applies.", - "title": "Bucket", - "type": "string" - }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", - "title": "PolicyDocument", + "Policy": { + "markdownDescription": "A policy you want to associate with a resource.", + "title": "Policy", "type": "object" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to which you want to attach a policy.", + "title": "ResourceArn", + "type": "string" } }, "required": [ - "Bucket", - "PolicyDocument" + "Policy", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::BucketPolicy" + "AWS::SSM::ResourcePolicy" ], "type": "string" }, @@ -236703,7 +288184,7 @@ ], "type": "object" }, - "AWS::S3::MultiRegionAccessPoint": { + "AWS::SSMContacts::Contact": { "additionalProperties": false, "properties": { "Condition": { @@ -236738,33 +288219,48 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the Multi-Region Access Point.", - "title": "Name", + "Alias": { + "markdownDescription": "The unique and identifiable alias of the contact or escalation plan.", + "title": "Alias", "type": "string" }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration", - "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers an object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", - "title": "PublicAccessBlockConfiguration" + "DisplayName": { + "markdownDescription": "The full name of the contact or escalation plan.", + "title": "DisplayName", + "type": "string" }, - "Regions": { + "Plan": { "items": { - "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.Region" + "$ref": "#/definitions/AWS::SSMContacts::Contact.Stage" }, - "markdownDescription": "A collection of the Regions and buckets associated with the Multi-Region Access Point.", - "title": "Regions", + "markdownDescription": "A list of stages. A contact has an engagement plan with stages that contact specified contact channels. An escalation plan uses stages that contact specified contacts.", + "title": "Plan", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", "type": "array" + }, + "Type": { + "markdownDescription": "The type of contact.\n\n- `PERSONAL` : A single, individual contact.\n- `ESCALATION` : An escalation plan.\n- `ONCALL_SCHEDULE` : An on-call schedule.", + "title": "Type", + "type": "string" } }, "required": [ - "Regions" + "Alias", + "DisplayName", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::MultiRegionAccessPoint" + "AWS::SSMContacts::Contact" ], "type": "string" }, @@ -236783,52 +288279,90 @@ ], "type": "object" }, - "AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration": { + "AWS::SSMContacts::Contact.ChannelTargetInfo": { "additionalProperties": false, "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", - "title": "BlockPublicAcls", - "type": "boolean" - }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", - "title": "BlockPublicPolicy", - "type": "boolean" - }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "title": "IgnorePublicAcls", - "type": "boolean" + "ChannelId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", + "title": "ChannelId", + "type": "string" }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "title": "RestrictPublicBuckets", - "type": "boolean" + "RetryIntervalInMinutes": { + "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", + "title": "RetryIntervalInMinutes", + "type": "number" } }, + "required": [ + "ChannelId", + "RetryIntervalInMinutes" + ], "type": "object" }, - "AWS::S3::MultiRegionAccessPoint.Region": { + "AWS::SSMContacts::Contact.ContactTargetInfo": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the associated bucket for the Region.", - "title": "Bucket", + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "ContactId", "type": "string" }, - "BucketAccountId": { - "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.", - "title": "BucketAccountId", - "type": "string" + "IsEssential": { + "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", + "title": "IsEssential", + "type": "boolean" } }, "required": [ - "Bucket" + "ContactId", + "IsEssential" ], "type": "object" }, - "AWS::S3::MultiRegionAccessPointPolicy": { + "AWS::SSMContacts::Contact.Stage": { + "additionalProperties": false, + "properties": { + "DurationInMinutes": { + "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", + "title": "DurationInMinutes", + "type": "number" + }, + "RotationIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", + "title": "RotationIds", + "type": "array" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.Targets" + }, + "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", + "title": "Targets", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSMContacts::Contact.Targets": { + "additionalProperties": false, + "properties": { + "ChannelTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.ChannelTargetInfo", + "markdownDescription": "Information about the contact channel that Incident Manager engages.", + "title": "ChannelTargetInfo" + }, + "ContactTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Contact.ContactTargetInfo", + "markdownDescription": "The contact that Incident Manager is engaging during an incident.", + "title": "ContactTargetInfo" + } + }, + "type": "object" + }, + "AWS::SSMContacts::ContactChannel": { "additionalProperties": false, "properties": { "Condition": { @@ -236863,26 +288397,43 @@ "Properties": { "additionalProperties": false, "properties": { - "MrapName": { - "markdownDescription": "The name of the Multi-Region Access Point.", - "title": "MrapName", + "ChannelAddress": { + "markdownDescription": "The details that Incident Manager uses when trying to engage the contact channel.", + "title": "ChannelAddress", "type": "string" }, - "Policy": { - "markdownDescription": "The access policy associated with the Multi-Region Access Point.", - "title": "Policy", - "type": "object" + "ChannelName": { + "markdownDescription": "The name of the contact channel.", + "title": "ChannelName", + "type": "string" + }, + "ChannelType": { + "markdownDescription": "The type of the contact channel. Incident Manager supports three contact methods:\n\n- SMS\n- VOICE\n- EMAIL", + "title": "ChannelType", + "type": "string" + }, + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact you are adding the contact channel to.", + "title": "ContactId", + "type": "string" + }, + "DeferActivation": { + "markdownDescription": "If you want to activate the channel at a later time, you can choose to defer activation. Incident Manager can't engage your contact channel until it has been activated.", + "title": "DeferActivation", + "type": "boolean" } }, "required": [ - "MrapName", - "Policy" + "ChannelAddress", + "ChannelName", + "ChannelType", + "ContactId" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::MultiRegionAccessPointPolicy" + "AWS::SSMContacts::ContactChannel" ], "type": "string" }, @@ -236901,21 +288452,7 @@ ], "type": "object" }, - "AWS::S3::MultiRegionAccessPointPolicy.PolicyStatus": { - "additionalProperties": false, - "properties": { - "IsPublic": { - "markdownDescription": "The policy status for this bucket. `TRUE` indicates that this bucket is public. `FALSE` indicates that the bucket is not public.", - "title": "IsPublic", - "type": "string" - } - }, - "required": [ - "IsPublic" - ], - "type": "object" - }, - "AWS::S3::StorageLens": { + "AWS::SSMContacts::Plan": { "additionalProperties": false, "properties": { "Condition": { @@ -236950,28 +288487,36 @@ "Properties": { "additionalProperties": false, "properties": { - "StorageLensConfiguration": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensConfiguration", - "markdownDescription": "This resource contains the details Amazon S3 Storage Lens configuration.", - "title": "StorageLensConfiguration" + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "ContactId", + "type": "string" }, - "Tags": { + "RotationIds": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "A set of tags (key\u2013value pairs) to associate with the Storage Lens configuration.", - "title": "Tags", + "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", + "title": "RotationIds", + "type": "array" + }, + "Stages": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.Stage" + }, + "markdownDescription": "A list of stages that the escalation plan or engagement plan uses to engage contacts and contact methods.", + "title": "Stages", "type": "array" } }, "required": [ - "StorageLensConfiguration" + "ContactId" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::StorageLens" + "AWS::SSMContacts::Plan" ], "type": "string" }, @@ -236990,394 +288535,555 @@ ], "type": "object" }, - "AWS::S3::StorageLens.AccountLevel": { + "AWS::SSMContacts::Plan.ChannelTargetInfo": { "additionalProperties": false, "properties": { - "ActivityMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", - "markdownDescription": "This property contains the details of account-level activity metrics for S3 Storage Lens.", - "title": "ActivityMetrics" - }, - "AdvancedCostOptimizationMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", - "markdownDescription": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.", - "title": "AdvancedCostOptimizationMetrics" - }, - "AdvancedDataProtectionMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", - "markdownDescription": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.", - "title": "AdvancedDataProtectionMetrics" - }, - "BucketLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketLevel", - "markdownDescription": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens. To enable bucket-level configurations, make sure to also set the same metrics at the account level.", - "title": "BucketLevel" - }, - "DetailedStatusCodesMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", - "markdownDescription": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens.", - "title": "DetailedStatusCodesMetrics" + "ChannelId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", + "title": "ChannelId", + "type": "string" }, - "StorageLensGroupLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", - "markdownDescription": "This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard.", - "title": "StorageLensGroupLevel" + "RetryIntervalInMinutes": { + "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", + "title": "RetryIntervalInMinutes", + "type": "number" } }, "required": [ - "BucketLevel" + "ChannelId", + "RetryIntervalInMinutes" ], "type": "object" }, - "AWS::S3::StorageLens.ActivityMetrics": { + "AWS::SSMContacts::Plan.ContactTargetInfo": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "A property that indicates whether the activity metrics is enabled.", - "title": "IsEnabled", + "ContactId": { + "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", + "title": "ContactId", + "type": "string" + }, + "IsEssential": { + "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", + "title": "IsEssential", "type": "boolean" } }, + "required": [ + "ContactId", + "IsEssential" + ], "type": "object" }, - "AWS::S3::StorageLens.AdvancedCostOptimizationMetrics": { + "AWS::SSMContacts::Plan.Stage": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether advanced cost optimization metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" + "DurationInMinutes": { + "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", + "title": "DurationInMinutes", + "type": "number" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.Targets" + }, + "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", + "title": "Targets", + "type": "array" } }, + "required": [ + "DurationInMinutes" + ], "type": "object" }, - "AWS::S3::StorageLens.AdvancedDataProtectionMetrics": { + "AWS::SSMContacts::Plan.Targets": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether advanced data protection metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" + "ChannelTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.ChannelTargetInfo", + "markdownDescription": "Information about the contact channel that Incident Manager engages.", + "title": "ChannelTargetInfo" + }, + "ContactTargetInfo": { + "$ref": "#/definitions/AWS::SSMContacts::Plan.ContactTargetInfo", + "markdownDescription": "Information about the contact that Incident Manager engages.", + "title": "ContactTargetInfo" } }, "type": "object" }, - "AWS::S3::StorageLens.AwsOrg": { + "AWS::SSMContacts::Rotation": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "This resource contains the ARN of the AWS Organization.", - "title": "Arn", + "Condition": { "type": "string" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::S3::StorageLens.BucketLevel": { - "additionalProperties": false, - "properties": { - "ActivityMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", - "markdownDescription": "A property for bucket-level activity metrics for S3 Storage Lens.", - "title": "ActivityMetrics" }, - "AdvancedCostOptimizationMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", - "markdownDescription": "A property for bucket-level advanced cost optimization metrics for S3 Storage Lens.", - "title": "AdvancedCostOptimizationMetrics" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AdvancedDataProtectionMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", - "markdownDescription": "A property for bucket-level advanced data protection metrics for S3 Storage Lens.", - "title": "AdvancedDataProtectionMetrics" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "DetailedStatusCodesMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", - "markdownDescription": "A property for bucket-level detailed status code metrics for S3 Storage Lens.", - "title": "DetailedStatusCodesMetrics" + "Metadata": { + "type": "object" }, - "PrefixLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevel", - "markdownDescription": "A property for bucket-level prefix-level storage metrics for S3 Storage Lens.", - "title": "PrefixLevel" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.BucketsAndRegions": { - "additionalProperties": false, - "properties": { - "Buckets": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ContactIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Names (ARNs) of the contacts to add to the rotation.\n\n> Only the `PERSONAL` contact type is supported. The contact types `ESCALATION` and `ONCALL_SCHEDULE` are not supported for this operation. \n\nThe order in which you list the contacts is their shift order in the rotation schedule.", + "title": "ContactIds", + "type": "array" + }, + "Name": { + "markdownDescription": "The name for the rotation.", + "title": "Name", + "type": "string" + }, + "Recurrence": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.RecurrenceSettings", + "markdownDescription": "Information about the rule that specifies when shift team members rotate.", + "title": "Recurrence" + }, + "StartTime": { + "markdownDescription": "The date and time the rotation goes into effect.", + "title": "StartTime", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Optional metadata to assign to the rotation. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For more information, see [Tagging Incident Manager resources](https://docs.aws.amazon.com/incident-manager/latest/userguide/tagging.html) in the *Incident Manager User Guide* .", + "title": "Tags", + "type": "array" + }, + "TimeZoneId": { + "markdownDescription": "The time zone to base the rotation\u2019s activity on, in Internet Assigned Numbers Authority (IANA) format. For example: \"America/Los_Angeles\", \"UTC\", or \"Asia/Seoul\". For more information, see the [Time Zone Database](https://docs.aws.amazon.com/https://www.iana.org/time-zones) on the IANA website.\n\n> Designators for time zones that don\u2019t support Daylight Savings Time rules, such as Pacific Standard Time (PST), are not supported.", + "title": "TimeZoneId", + "type": "string" + } }, - "markdownDescription": "This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* .", - "title": "Buckets", - "type": "array" + "required": [ + "ContactIds", + "Name", + "Recurrence", + "StartTime", + "TimeZoneId" + ], + "type": "object" }, - "Regions": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains the details of the Regions for the S3 Storage Lens configuration.", - "title": "Regions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::S3::StorageLens.CloudWatchMetrics": { - "additionalProperties": false, - "properties": { - "IsEnabled": { - "markdownDescription": "This property identifies whether the CloudWatch publishing option for S3 Storage Lens is enabled.", - "title": "IsEnabled", - "type": "boolean" + "Type": { + "enum": [ + "AWS::SSMContacts::Rotation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "IsEnabled" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::StorageLens.DataExport": { + "AWS::SSMContacts::Rotation.CoverageTime": { "additionalProperties": false, "properties": { - "CloudWatchMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.CloudWatchMetrics", - "markdownDescription": "This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics.", - "title": "CloudWatchMetrics" + "EndTime": { + "markdownDescription": "Information about when an on-call rotation shift ends.", + "title": "EndTime", + "type": "string" }, - "S3BucketDestination": { - "$ref": "#/definitions/AWS::S3::StorageLens.S3BucketDestination", - "markdownDescription": "This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed.", - "title": "S3BucketDestination" + "StartTime": { + "markdownDescription": "Information about when an on-call rotation shift begins.", + "title": "StartTime", + "type": "string" } }, + "required": [ + "EndTime", + "StartTime" + ], "type": "object" }, - "AWS::S3::StorageLens.DetailedStatusCodesMetrics": { + "AWS::SSMContacts::Rotation.MonthlySetting": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "Indicates whether detailed status code metrics are enabled.", - "title": "IsEnabled", - "type": "boolean" + "DayOfMonth": { + "markdownDescription": "The day of the month when monthly recurring on-call rotations begin.", + "title": "DayOfMonth", + "type": "number" + }, + "HandOffTime": { + "markdownDescription": "The time of day when a monthly recurring on-call shift rotation begins.", + "title": "HandOffTime", + "type": "string" } }, + "required": [ + "DayOfMonth", + "HandOffTime" + ], "type": "object" }, - "AWS::S3::StorageLens.Encryption": { + "AWS::SSMContacts::Rotation.RecurrenceSettings": { "additionalProperties": false, "properties": { - "SSEKMS": { - "$ref": "#/definitions/AWS::S3::StorageLens.SSEKMS", - "markdownDescription": "Specifies the use of AWS Key Management Service keys (SSE-KMS) to encrypt the S3 Storage Lens metrics export file.", - "title": "SSEKMS" + "DailySettings": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about on-call rotations that recur daily.", + "title": "DailySettings", + "type": "array" }, - "SSES3": { - "markdownDescription": "Specifies the use of an Amazon S3-managed key (SSE-S3) to encrypt the S3 Storage Lens metrics export file.", - "title": "SSES3", - "type": "object" + "MonthlySettings": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.MonthlySetting" + }, + "markdownDescription": "Information about on-call rotations that recur monthly.", + "title": "MonthlySettings", + "type": "array" + }, + "NumberOfOnCalls": { + "markdownDescription": "The number of contacts, or shift team members designated to be on call concurrently during a shift. For example, in an on-call schedule that contains ten contacts, a value of `2` designates that two of them are on call at any given time.", + "title": "NumberOfOnCalls", + "type": "number" + }, + "RecurrenceMultiplier": { + "markdownDescription": "The number of days, weeks, or months a single rotation lasts.", + "title": "RecurrenceMultiplier", + "type": "number" + }, + "ShiftCoverages": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.ShiftCoverage" + }, + "markdownDescription": "Information about the days of the week included in on-call rotation coverage.", + "title": "ShiftCoverages", + "type": "array" + }, + "WeeklySettings": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.WeeklySetting" + }, + "markdownDescription": "Information about on-call rotations that recur weekly.", + "title": "WeeklySettings", + "type": "array" } }, + "required": [ + "NumberOfOnCalls", + "RecurrenceMultiplier" + ], "type": "object" }, - "AWS::S3::StorageLens.PrefixLevel": { + "AWS::SSMContacts::Rotation.ShiftCoverage": { "additionalProperties": false, "properties": { - "StorageMetrics": { - "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevelStorageMetrics", - "markdownDescription": "A property for the prefix-level storage metrics for Amazon S3 Storage Lens.", - "title": "StorageMetrics" + "CoverageTimes": { + "items": { + "$ref": "#/definitions/AWS::SSMContacts::Rotation.CoverageTime" + }, + "markdownDescription": "The start and end times of the shift.", + "title": "CoverageTimes", + "type": "array" + }, + "DayOfWeek": { + "markdownDescription": "A list of days on which the schedule is active.", + "title": "DayOfWeek", + "type": "string" } }, "required": [ - "StorageMetrics" + "CoverageTimes", + "DayOfWeek" ], "type": "object" }, - "AWS::S3::StorageLens.PrefixLevelStorageMetrics": { + "AWS::SSMContacts::Rotation.WeeklySetting": { "additionalProperties": false, "properties": { - "IsEnabled": { - "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", - "title": "IsEnabled", - "type": "boolean" + "DayOfWeek": { + "markdownDescription": "The day of the week when weekly recurring on-call shift rotations begins.", + "title": "DayOfWeek", + "type": "string" }, - "SelectionCriteria": { - "$ref": "#/definitions/AWS::S3::StorageLens.SelectionCriteria", - "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", - "title": "SelectionCriteria" + "HandOffTime": { + "markdownDescription": "The time of day when a weekly recurring on-call shift rotation begins.", + "title": "HandOffTime", + "type": "string" } }, + "required": [ + "DayOfWeek", + "HandOffTime" + ], "type": "object" }, - "AWS::S3::StorageLens.S3BucketDestination": { + "AWS::SSMGuiConnect::Preferences": { "additionalProperties": false, "properties": { - "AccountId": { - "markdownDescription": "This property contains the details of the AWS account ID of the S3 Storage Lens export bucket destination.", - "title": "AccountId", + "Condition": { "type": "string" }, - "Arn": { - "markdownDescription": "This property contains the details of the ARN of the bucket destination of the S3 Storage Lens export.", - "title": "Arn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Encryption": { - "$ref": "#/definitions/AWS::S3::StorageLens.Encryption", - "markdownDescription": "This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export.", - "title": "Encryption" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Format": { - "markdownDescription": "This property contains the details of the format of the S3 Storage Lens export bucket destination.", - "title": "Format", - "type": "string" + "Metadata": { + "type": "object" }, - "OutputSchemaVersion": { - "markdownDescription": "This property contains the details of the output schema version of the S3 Storage Lens export bucket destination.", - "title": "OutputSchemaVersion", + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionRecordingPreferences": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.ConnectionRecordingPreferences", + "markdownDescription": "The set of preferences used for recording RDP connections in the requesting AWS account and AWS Region . This includes details such as which S3 bucket recordings are stored in.", + "title": "ConnectionRecordingPreferences" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SSMGuiConnect::Preferences" + ], "type": "string" }, - "Prefix": { - "markdownDescription": "This property contains the details of the prefix of the bucket destination of the S3 Storage Lens export .", - "title": "Prefix", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AccountId", - "Arn", - "Format", - "OutputSchemaVersion" + "Type" ], "type": "object" }, - "AWS::S3::StorageLens.SSEKMS": { + "AWS::SSMGuiConnect::Preferences.ConnectionRecordingPreferences": { "additionalProperties": false, "properties": { - "KeyId": { - "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the customer managed AWS KMS key to use for encrypting the S3 Storage Lens metrics export file. Amazon S3 only supports symmetric encryption keys. For more information, see [Special-purpose keys](https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KeyId", + "KMSKeyArn": { + "markdownDescription": "The ARN of a AWS KMS key that is used to encrypt data while it is being processed by the service. This key must exist in the same AWS Region as the node you start an RDP connection to.", + "title": "KMSKeyArn", "type": "string" + }, + "RecordingDestinations": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.RecordingDestinations", + "markdownDescription": "Determines where recordings of RDP connections are stored.", + "title": "RecordingDestinations" } }, "required": [ - "KeyId" + "KMSKeyArn", + "RecordingDestinations" ], "type": "object" }, - "AWS::S3::StorageLens.SelectionCriteria": { + "AWS::SSMGuiConnect::Preferences.RecordingDestinations": { "additionalProperties": false, "properties": { - "Delimiter": { - "markdownDescription": "This property contains the details of the S3 Storage Lens delimiter being used.", - "title": "Delimiter", + "S3Buckets": { + "items": { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences.S3Bucket" + }, + "markdownDescription": "The S3 bucket where RDP connection recordings are stored.", + "title": "S3Buckets", + "type": "array" + } + }, + "required": [ + "S3Buckets" + ], + "type": "object" + }, + "AWS::SSMGuiConnect::Preferences.S3Bucket": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of the S3 bucket where RDP connection recordings are stored.", + "title": "BucketName", "type": "string" }, - "MaxDepth": { - "markdownDescription": "This property contains the details of the max depth that S3 Storage Lens will collect metrics up to.", - "title": "MaxDepth", - "type": "number" - }, - "MinStorageBytesPercentage": { - "markdownDescription": "This property contains the details of the minimum storage bytes percentage threshold that S3 Storage Lens will collect metrics up to.", - "title": "MinStorageBytesPercentage", - "type": "number" + "BucketOwner": { + "markdownDescription": "The AWS account number that owns the S3 bucket.", + "title": "BucketOwner", + "type": "string" } }, + "required": [ + "BucketName", + "BucketOwner" + ], "type": "object" }, - "AWS::S3::StorageLens.StorageLensConfiguration": { + "AWS::SSMIncidents::ReplicationSet": { "additionalProperties": false, "properties": { - "AccountLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.AccountLevel", - "markdownDescription": "This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration.", - "title": "AccountLevel" - }, - "AwsOrg": { - "$ref": "#/definitions/AWS::S3::StorageLens.AwsOrg", - "markdownDescription": "This property contains the details of the AWS Organization for the S3 Storage Lens configuration.", - "title": "AwsOrg" + "Condition": { + "type": "string" }, - "DataExport": { - "$ref": "#/definitions/AWS::S3::StorageLens.DataExport", - "markdownDescription": "This property contains the details of this S3 Storage Lens configuration's metrics export.", - "title": "DataExport" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Exclude": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", - "markdownDescription": "This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration.", - "title": "Exclude" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Id": { - "markdownDescription": "This property contains the details of the ID of the S3 Storage Lens configuration.", - "title": "Id", - "type": "string" + "Metadata": { + "type": "object" }, - "Include": { - "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", - "markdownDescription": "This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration.", - "title": "Include" + "Properties": { + "additionalProperties": false, + "properties": { + "DeletionProtected": { + "markdownDescription": "Determines if the replication set deletion protection is enabled or not. If deletion protection is enabled, you can't delete the last Region in the replication set.", + "title": "DeletionProtected", + "type": "boolean" + }, + "Regions": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.ReplicationRegion" + }, + "markdownDescription": "Specifies the Regions of the replication set.", + "title": "Regions", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to add to the replication set.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Regions" + ], + "type": "object" }, - "IsEnabled": { - "markdownDescription": "This property contains the details of whether the Amazon S3 Storage Lens configuration is enabled.", - "title": "IsEnabled", - "type": "boolean" + "Type": { + "enum": [ + "AWS::SSMIncidents::ReplicationSet" + ], + "type": "string" }, - "StorageLensArn": { - "markdownDescription": "This property contains the details of the ARN of the S3 Storage Lens configuration. This property is read-only.", - "title": "StorageLensArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AccountLevel", - "Id", - "IsEnabled" + "Type", + "Properties" ], "type": "object" }, - "AWS::S3::StorageLens.StorageLensGroupLevel": { + "AWS::SSMIncidents::ReplicationSet.RegionConfiguration": { "additionalProperties": false, "properties": { - "StorageLensGroupSelectionCriteria": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", - "markdownDescription": "This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected.", - "title": "StorageLensGroupSelectionCriteria" + "SseKmsKeyId": { + "markdownDescription": "The AWS Key Management Service key ID to use to encrypt your replication set.", + "title": "SseKmsKeyId", + "type": "string" } }, + "required": [ + "SseKmsKeyId" + ], "type": "object" }, - "AWS::S3::StorageLens.StorageLensGroupSelectionCriteria": { + "AWS::SSMIncidents::ReplicationSet.ReplicationRegion": { "additionalProperties": false, "properties": { - "Exclude": { - "items": { - "type": "string" - }, - "markdownDescription": "This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation.", - "title": "Exclude", - "type": "array" + "RegionConfiguration": { + "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.RegionConfiguration", + "markdownDescription": "Specifies the Region configuration.", + "title": "RegionConfiguration" }, - "Include": { - "items": { - "type": "string" - }, - "markdownDescription": "This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation.", - "title": "Include", - "type": "array" + "RegionName": { + "markdownDescription": "Specifies the region name to add to the replication set.", + "title": "RegionName", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLensGroup": { + "AWS::SSMIncidents::ResponsePlan": { "additionalProperties": false, "properties": { "Condition": { @@ -237412,13 +289118,47 @@ "Properties": { "additionalProperties": false, "properties": { - "Filter": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.Filter", - "markdownDescription": "This property contains the criteria for the Storage Lens group data that is displayed", - "title": "Filter" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Action" + }, + "markdownDescription": "The actions that the response plan starts at the beginning of an incident.", + "title": "Actions", + "type": "array" + }, + "ChatChannel": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.ChatChannel", + "markdownDescription": "The chat channel used for collaboration during an incident.", + "title": "ChatChannel" + }, + "DisplayName": { + "markdownDescription": "The human readable name of the response plan.", + "title": "DisplayName", + "type": "string" + }, + "Engagements": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) for the contacts and escalation plans that the response plan engages during an incident.", + "title": "Engagements", + "type": "array" + }, + "IncidentTemplate": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.IncidentTemplate", + "markdownDescription": "Details used to create an incident when using this response plan.", + "title": "IncidentTemplate" + }, + "Integrations": { + "items": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Integration" + }, + "markdownDescription": "Information about third-party services integrated into the response plan.", + "title": "Integrations", + "type": "array" }, "Name": { - "markdownDescription": "This property contains the Storage Lens group name.", + "markdownDescription": "The name of the response plan.", "title": "Name", "type": "string" }, @@ -237426,20 +289166,20 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "This property contains the AWS resource tags that you're adding to your Storage Lens group. This parameter is optional.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "Filter", + "IncidentTemplate", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3::StorageLensGroup" + "AWS::SSMIncidents::ResponsePlan" ], "type": "string" }, @@ -237453,174 +289193,248 @@ } }, "required": [ - "Type", - "Properties" + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.Action": { + "additionalProperties": false, + "properties": { + "SsmAutomation": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmAutomation", + "markdownDescription": "Details about the Systems Manager automation document that will be used as a runbook during an incident.", + "title": "SsmAutomation" + } + }, + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.ChatChannel": { + "additionalProperties": false, + "properties": { + "ChatbotSns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon SNS targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics", + "title": "ChatbotSns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key parameter to use when running the Systems Manager Automation runbook.", + "title": "Key", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue", + "markdownDescription": "The dynamic parameter value.", + "title": "Value" + } + }, + "required": [ + "Key", + "Value" ], "type": "object" }, - "AWS::S3::StorageLensGroup.And": { + "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue": { "additionalProperties": false, "properties": { - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" - }, - "MatchAnySuffix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", - "type": "array" - }, - "MatchAnyTag": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", - "type": "array" - }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days).", - "title": "MatchObjectAge" - }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" + "Variable": { + "markdownDescription": "Variable dynamic parameters. A parameter value is determined when an incident is created.", + "title": "Variable", + "type": "string" } }, "type": "object" }, - "AWS::S3::StorageLensGroup.Filter": { + "AWS::SSMIncidents::ResponsePlan.IncidentTemplate": { "additionalProperties": false, "properties": { - "And": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.And", - "markdownDescription": "This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed.", - "title": "And" + "DedupeString": { + "markdownDescription": "Used to create only one incident record for an incident.", + "title": "DedupeString", + "type": "string" }, - "MatchAnyPrefix": { - "items": { - "type": "string" - }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", - "type": "array" + "Impact": { + "markdownDescription": "Defines the impact to the customers. Providing an impact overwrites the impact provided by a response plan.\n\n**Possible impacts:** - `1` - Critical impact, this typically relates to full application failure that impacts many to all customers.\n- `2` - High impact, partial application failure with impact to many customers.\n- `3` - Medium impact, the application is providing reduced service to customers.\n- `4` - Low impact, customer might aren't impacted by the problem yet.\n- `5` - No impact, customers aren't currently impacted but urgent action is needed to avoid impact.", + "title": "Impact", + "type": "number" }, - "MatchAnySuffix": { + "IncidentTags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", + "markdownDescription": "Tags to assign to the template. When the `StartIncident` API action is called, Incident Manager assigns the tags specified in the template to the incident.", + "title": "IncidentTags", "type": "array" }, - "MatchAnyTag": { + "NotificationTargets": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.NotificationTargetItem" }, - "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", + "markdownDescription": "The Amazon Simple Notification Service ( Amazon SNS ) targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel using the Amazon SNS topics.", + "title": "NotificationTargets", "type": "array" }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days).", - "title": "MatchObjectAge" - }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" + "Summary": { + "markdownDescription": "The summary describes what has happened during the incident.", + "title": "Summary", + "type": "string" }, - "Or": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.Or", - "markdownDescription": "This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed.", - "title": "Or" + "Title": { + "markdownDescription": "The title of the incident is a brief and easily recognizable.", + "title": "Title", + "type": "string" } }, + "required": [ + "Impact", + "Title" + ], "type": "object" }, - "AWS::S3::StorageLensGroup.MatchObjectAge": { + "AWS::SSMIncidents::ResponsePlan.Integration": { "additionalProperties": false, "properties": { - "DaysGreaterThan": { - "markdownDescription": "This property indicates the minimum object age in days.", - "title": "DaysGreaterThan", - "type": "number" - }, - "DaysLessThan": { - "markdownDescription": "This property indicates the maximum object age in days.", - "title": "DaysLessThan", - "type": "number" + "PagerDutyConfiguration": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration", + "markdownDescription": "Information about the PagerDuty service where the response plan creates an incident.", + "title": "PagerDutyConfiguration" } }, + "required": [ + "PagerDutyConfiguration" + ], "type": "object" }, - "AWS::S3::StorageLensGroup.MatchObjectSize": { + "AWS::SSMIncidents::ResponsePlan.NotificationTargetItem": { "additionalProperties": false, "properties": { - "BytesGreaterThan": { - "markdownDescription": "This property specifies the minimum object size in bytes. The value must be a positive number, greater than 0 and less than 5 TB.", - "title": "BytesGreaterThan", - "type": "number" + "SnsTopicArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic.", + "title": "SnsTopicArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the PagerDuty configuration.", + "title": "Name", + "type": "string" }, - "BytesLessThan": { - "markdownDescription": "This property specifies the maximum object size in bytes. The value must be a positive number, greater than the minimum object size and less than 5 TB.", - "title": "BytesLessThan", - "type": "number" + "PagerDutyIncidentConfiguration": { + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration", + "markdownDescription": "Details about the PagerDuty service associated with the configuration.", + "title": "PagerDutyIncidentConfiguration" + }, + "SecretId": { + "markdownDescription": "The ID of the AWS Secrets Manager secret that stores your PagerDuty key, either a General Access REST API Key or User Token REST API Key, and other user credentials.", + "title": "SecretId", + "type": "string" } }, + "required": [ + "Name", + "PagerDutyIncidentConfiguration", + "SecretId" + ], "type": "object" }, - "AWS::S3::StorageLensGroup.Or": { + "AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration": { "additionalProperties": false, "properties": { - "MatchAnyPrefix": { + "ServiceId": { + "markdownDescription": "The ID of the PagerDuty service that the response plan associates with an incident when it launches.", + "title": "ServiceId", + "type": "string" + } + }, + "required": [ + "ServiceId" + ], + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.SsmAutomation": { + "additionalProperties": false, + "properties": { + "DocumentName": { + "markdownDescription": "The automation document's name.", + "title": "DocumentName", + "type": "string" + }, + "DocumentVersion": { + "markdownDescription": "The version of the runbook to use when running.", + "title": "DocumentVersion", + "type": "string" + }, + "DynamicParameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter" }, - "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", - "title": "MatchAnyPrefix", + "markdownDescription": "The key-value pairs to resolve dynamic parameter values when processing a Systems Manager Automation runbook.", + "title": "DynamicParameters", "type": "array" }, - "MatchAnySuffix": { + "Parameters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmParameter" }, - "markdownDescription": "This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", - "title": "MatchAnySuffix", + "markdownDescription": "The key-value pair parameters to use when running the runbook.", + "title": "Parameters", "type": "array" }, - "MatchAnyTag": { + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the role that the automation document will assume when running commands.", + "title": "RoleArn", + "type": "string" + }, + "TargetAccount": { + "markdownDescription": "The account that the automation document will be run in. This can be in either the management account or an application account.", + "title": "TargetAccount", + "type": "string" + } + }, + "required": [ + "DocumentName", + "RoleArn" + ], + "type": "object" + }, + "AWS::SSMIncidents::ResponsePlan.SsmParameter": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The key parameter to use when running the Automation runbook.", + "title": "Key", + "type": "string" + }, + "Values": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", - "title": "MatchAnyTag", + "markdownDescription": "The value parameter to use when running the Automation runbook.", + "title": "Values", "type": "array" - }, - "MatchObjectAge": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", - "markdownDescription": "This property filters objects that match the specified object age range.", - "title": "MatchObjectAge" - }, - "MatchObjectSize": { - "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", - "markdownDescription": "This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes).", - "title": "MatchObjectSize" } }, + "required": [ + "Key", + "Values" + ], "type": "object" }, - "AWS::S3Express::BucketPolicy": { + "AWS::SSMQuickSetup::ConfigurationManager": { "additionalProperties": false, "properties": { "Condition": { @@ -237655,26 +289469,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 directory bucket to which the policy applies.", - "title": "Bucket", + "ConfigurationDefinitions": { + "items": { + "$ref": "#/definitions/AWS::SSMQuickSetup::ConfigurationManager.ConfigurationDefinition" + }, + "markdownDescription": "The definition of the Quick Setup configuration that the configuration manager deploys.", + "title": "ConfigurationDefinitions", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the configuration.", + "title": "Description", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Policies and Permissions in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", - "title": "PolicyDocument", + "Name": { + "markdownDescription": "The name of the configuration", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs of metadata to assign to the configuration manager.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", "type": "object" } }, "required": [ - "Bucket", - "PolicyDocument" + "ConfigurationDefinitions" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Express::BucketPolicy" + "AWS::SSMQuickSetup::ConfigurationManager" ], "type": "string" }, @@ -237693,85 +289525,94 @@ ], "type": "object" }, - "AWS::S3Express::DirectoryBucket": { + "AWS::SSMQuickSetup::ConfigurationManager.ConfigurationDefinition": { "additionalProperties": false, "properties": { - "Condition": { + "LocalDeploymentAdministrationRoleArn": { + "markdownDescription": "The ARN of the IAM role used to administrate local configuration deployments.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only for organizational deployments of types other than `AWSQuickSetupType-PatchPolicy` . A value must be provided when you are running an organizational deployment for a patch policy or running any type of deployment for a single account.", + "title": "LocalDeploymentAdministrationRoleArn", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocalDeploymentExecutionRoleName": { + "markdownDescription": "The name of the IAM role used to deploy local configurations.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only for organizational deployments of types other than `AWSQuickSetupType-PatchPolicy` . A value must be provided when you are running an organizational deployment for a patch policy or running any type of deployment for a single account.", + "title": "LocalDeploymentExecutionRoleName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "Parameters": { + "additionalProperties": true, + "markdownDescription": "The parameters for the configuration definition type. Parameters for configuration definitions vary based the configuration type. The following lists outline the parameters for each configuration type.\n\n- **AWS Config Recording (Type: AWS QuickSetupType-CFGRecording)** - - `RecordAllResources`\n\n- Description: (Optional) A boolean value that determines whether all supported resources are recorded. The default value is \" `true` \".\n- `ResourceTypesToRecord`\n\n- Description: (Optional) A comma separated list of resource types you want to record.\n- `RecordGlobalResourceTypes`\n\n- Description: (Optional) A boolean value that determines whether global resources are recorded with all resource configurations. The default value is \" `false` \".\n- `GlobalResourceTypesRegion`\n\n- Description: (Optional) Determines the AWS Region where global resources are recorded.\n- `UseCustomBucket`\n\n- Description: (Optional) A boolean value that determines whether a custom Amazon S3 bucket is used for delivery. The default value is \" `false` \".\n- `DeliveryBucketName`\n\n- Description: (Optional) The name of the Amazon S3 bucket you want AWS Config to deliver configuration snapshots and configuration history files to.\n- `DeliveryBucketPrefix`\n\n- Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket.\n- `NotificationOptions`\n\n- Description: (Optional) Determines the notification configuration for the recorder. The valid values are `NoStreaming` , `UseExistingTopic` , and `CreateTopic` . The default value is `NoStreaming` .\n- `CustomDeliveryTopicAccountId`\n\n- Description: (Optional) The ID of the AWS account where the Amazon SNS topic you want to use for notifications resides. You must specify a value for this parameter if you use the `UseExistingTopic` notification option.\n- `CustomDeliveryTopicName`\n\n- Description: (Optional) The name of the Amazon SNS topic you want to use for notifications. You must specify a value for this parameter if you use the `UseExistingTopic` notification option.\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(7 days)` , `rate(1 days)` , and `none` . The default value is \" `none` \".\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Change Manager (Type: AWS QuickSetupType-SSMChangeMgr)** - - `DelegatedAccountId`\n\n- Description: (Required) The ID of the delegated administrator account.\n- `JobFunction`\n\n- Description: (Required) The name for the Change Manager job function.\n- `PermissionType`\n\n- Description: (Optional) Specifies whether you want to use default administrator permissions for the job function role, or provide a custom IAM policy. The valid values are `CustomPermissions` and `AdminPermissions` . The default value for the parameter is `CustomerPermissions` .\n- `CustomPermissions`\n\n- Description: (Optional) A JSON string containing the IAM policy you want your job function to use. You must provide a value for this parameter if you specify `CustomPermissions` for the `PermissionType` parameter.\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Conformance Packs (Type: AWS QuickSetupType-CFGCPacks)** - - `DelegatedAccountId`\n\n- Description: (Optional) The ID of the delegated administrator account. This parameter is required for Organization deployments.\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(2 days)` , and `none` . The default value is \" `none` \".\n- `CPackNames`\n\n- Description: (Required) A comma separated list of AWS Config conformance packs.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Default Host Management Configuration (Type: AWS QuickSetupType-DHMC)** - - `UpdateSSMAgent`\n\n- Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is \" `true` \".\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) The AWS Regions to deploy the configuration to. For this type, the parameter only accepts a value of `AllRegions` .\n- **DevOps\u00a0Guru (Type: AWS QuickSetupType-DevOpsGuru)** - - `AnalyseAllResources`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru analyzes all AWS CloudFormation stacks in the account. The default value is \" `false` \".\n- `EnableSnsNotifications`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru sends notifications when an insight is created. The default value is \" `true` \".\n- `EnableSsmOpsItems`\n\n- Description: (Optional) A boolean value that determines whether DevOps\u00a0Guru creates an OpsCenter OpsItem when an insight is created. The default value is \" `true` \".\n- `EnableDriftRemediation`\n\n- Description: (Optional) A boolean value that determines whether a drift remediation schedule is used. The default value is \" `false` \".\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(1 days)` , and `none` . The default value is \" `none` \".\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Distributor (Type: AWS QuickSetupType-Distributor)** - - `PackagesToInstall`\n\n- Description: (Required) A comma separated list of packages you want to install on the target instances. The valid values are `AWSEFSTools` , `AWSCWAgent` , and `AWSEC2LaunchAgent` .\n- `RemediationSchedule`\n\n- Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(2 days)` , and `none` . The default value is \" `rate(30 days)` \".\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Host Management (Type: AWS QuickSetupType-SSMHostMgmt)** - - `UpdateSSMAgent`\n\n- Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is \" `true` \".\n- `UpdateEc2LaunchAgent`\n\n- Description: (Optional) A boolean value that determines whether the EC2 Launch agent is updated on the target instances every month. The default value is \" `false` \".\n- `CollectInventory`\n\n- Description: (Optional) A boolean value that determines whether instance metadata is collected on the target instances every 30 minutes. The default value is \" `true` \".\n- `ScanInstances`\n\n- Description: (Optional) A boolean value that determines whether the target instances are scanned daily for available patches. The default value is \" `true` \".\n- `InstallCloudWatchAgent`\n\n- Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is installed on the target instances. The default value is \" `false` \".\n- `UpdateCloudWatchAgent`\n\n- Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is updated on the target instances every month. The default value is \" `false` \".\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Optional) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Optional) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Optional) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **OpsCenter (Type: AWS QuickSetupType-SSMOpsCenter)** - - `DelegatedAccountId`\n\n- Description: (Required) The ID of the delegated administrator account.\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Patch Policy (Type: AWS QuickSetupType-PatchPolicy)** - - `PatchPolicyName`\n\n- Description: (Required) A name for the patch policy. The value you provide is applied to target Amazon EC2 instances as a tag.\n- `SelectedPatchBaselines`\n\n- Description: (Required) An array of JSON objects containing the information for the patch baselines to include in your patch policy.\n- `PatchBaselineUseDefault`\n\n- Description: (Optional) A value that determines whether the selected patch baselines are all AWS provided. Supported values are `default` and `custom` .\n- `PatchBaselineRegion`\n\n- Description: (Required) The AWS Region where the patch baseline exist.\n- `ConfigurationOptionsPatchOperation`\n\n- Description: (Optional) Determines whether target instances scan for available patches, or scan and install available patches. The valid values are `Scan` and `ScanAndInstall` . The default value for the parameter is `Scan` .\n- `ConfigurationOptionsScanValue`\n\n- Description: (Optional) A cron expression that is used as the schedule for when instances scan for available patches.\n- `ConfigurationOptionsInstallValue`\n\n- Description: (Optional) A cron expression that is used as the schedule for when instances install available patches.\n- `ConfigurationOptionsScanNextInterval`\n\n- Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is \" `false` \".\n- `ConfigurationOptionsInstallNextInterval`\n\n- Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is \" `false` \".\n- `RebootOption`\n\n- Description: (Optional) Determines whether instances are rebooted after patches are installed. Valid values are `RebootIfNeeded` and `NoReboot` .\n- `IsPolicyAttachAllowed`\n\n- Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is \" `false` \".\n- `OutputLogEnableS3`\n\n- Description: (Optional) A boolean value that determines whether command output logs are sent to Amazon S3.\n- `OutputS3Location`\n\n- Description: (Optional) Information about the Amazon S3 bucket where you want to store the output details of the request.\n\n- `OutputBucketRegion`\n\n- Description: (Optional) The AWS Region where the Amazon S3 bucket you want to deliver command output to is located.\n- `OutputS3BucketName`\n\n- Description: (Optional) The name of the Amazon S3 bucket you want to deliver command output to.\n- `OutputS3KeyPrefix`\n\n- Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket.\n- `TargetType`\n\n- Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account.\n- `TargetInstances`\n\n- Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter.\n- `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter.\n- `ResourceGroupName`\n\n- Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Resource Explorer (Type: AWS QuickSetupType-ResourceExplorer)** - - `SelectedAggregatorRegion`\n\n- Description: (Required) The AWS Region where you want to create the aggregator index.\n- `ReplaceExistingAggregator`\n\n- Description: (Required) A boolean value that determines whether to demote an existing aggregator if it is in a Region that differs from the value you specify for the `SelectedAggregatorRegion` .\n- `TargetOrganizationalUnits`\n\n- Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.\n- **Resource Scheduler (Type: AWS QuickSetupType-Scheduler)** - - `TargetTagKey`\n\n- Description: (Required) The tag key assigned to the instances you want to target.\n- `TargetTagValue`\n\n- Description: (Required) The value of the tag key assigned to the instances you want to target.\n- `ICalendarString`\n\n- Description: (Required) An iCalendar formatted string containing the schedule you want Change Manager to use.\n- `TargetAccounts`\n\n- Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` .\n- `TargetOrganizationalUnits`\n\n- Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to.\n- `TargetRegions`\n\n- Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "Parameters", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Zone (Availability Zone or Local Zone). The bucket name must also follow the format `*bucket_base_name* -- *zone_id* --x-s3` (for example, `*bucket_base_name* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", - "type": "string" - }, - "DataRedundancy": { - "markdownDescription": "The number of Zone (Availability Zone or Local Zone) that's used for redundancy for the bucket.", - "title": "DataRedundancy", - "type": "string" - }, - "LocationName": { - "markdownDescription": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the Zone ID of the Availability Zone (AZ) or Local Zone (LZ) where the bucket will be created. An example AZ ID value is `usw2-az1` .", - "title": "LocationName", + "Type": { + "markdownDescription": "The type of the Quick Setup configuration.", + "title": "Type", + "type": "string" + }, + "TypeVersion": { + "markdownDescription": "The version of the Quick Setup type used.", + "title": "TypeVersion", + "type": "string" + }, + "id": { + "markdownDescription": "The ID of the configuration definition.", + "title": "id", + "type": "string" + } + }, + "required": [ + "Parameters", + "Type" + ], + "type": "object" + }, + "AWS::SSMQuickSetup::ConfigurationManager.StatusSummary": { + "additionalProperties": false, + "properties": { + "LastUpdatedAt": { + "markdownDescription": "The datetime stamp when the status was last updated.", + "title": "LastUpdatedAt", + "type": "string" + }, + "Status": { + "markdownDescription": "The current status.", + "title": "Status", + "type": "string" + }, + "StatusDetails": { + "additionalProperties": true, + "markdownDescription": "Details about the status.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "DataRedundancy", - "LocationName" - ], + "title": "StatusDetails", "type": "object" }, - "Type": { - "enum": [ - "AWS::S3Express::DirectoryBucket" - ], + "StatusMessage": { + "markdownDescription": "When applicable, returns an informational message relevant to the current status and status type of the status summary object. We don't recommend implementing parsing logic around this value since the messages returned can vary in format.", + "title": "StatusMessage", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "StatusType": { + "markdownDescription": "The type of a status summary.", + "title": "StatusType", "type": "string" } }, "required": [ - "Type", - "Properties" + "LastUpdatedAt", + "StatusType" ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint": { + "AWS::SSO::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -237806,25 +289647,55 @@ "Properties": { "additionalProperties": false, "properties": { + "ApplicationProviderArn": { + "markdownDescription": "The ARN of the application provider for this application.", + "title": "ApplicationProviderArn", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the application.", + "title": "Description", + "type": "string" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the instance of IAM Identity Center that is configured with this application.", + "title": "InstanceArn", + "type": "string" + }, "Name": { - "markdownDescription": "The name of this access point.", + "markdownDescription": "The name of the application.", "title": "Name", "type": "string" }, - "ObjectLambdaConfiguration": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration", - "markdownDescription": "A configuration used when creating an Object Lambda Access Point.", - "title": "ObjectLambdaConfiguration" + "PortalOptions": { + "$ref": "#/definitions/AWS::SSO::Application.PortalOptionsConfiguration", + "markdownDescription": "A structure that describes the options for the access portal associated with this application.", + "title": "PortalOptions" + }, + "Status": { + "markdownDescription": "The current status of the application in this instance of IAM Identity Center.", + "title": "Status", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Specifies tags to be attached to the application.", + "title": "Tags", + "type": "array" } }, "required": [ - "ObjectLambdaConfiguration" + "ApplicationProviderArn", + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3ObjectLambda::AccessPoint" + "AWS::SSO::Application" ], "type": "string" }, @@ -237843,144 +289714,42 @@ ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.Alias": { + "AWS::SSO::Application.PortalOptionsConfiguration": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of the Object Lambda Access Point alias. If the status is `PROVISIONING` , the Object Lambda Access Point is provisioning the alias and the alias is not ready for use yet. If the status is `READY` , the Object Lambda Access Point alias is successfully provisioned and ready for use.", - "title": "Status", - "type": "string" + "SignInOptions": { + "$ref": "#/definitions/AWS::SSO::Application.SignInOptions", + "markdownDescription": "A structure that describes the sign-in options for the access portal.", + "title": "SignInOptions" }, - "Value": { - "markdownDescription": "The alias value of the Object Lambda Access Point.", - "title": "Value", + "Visibility": { + "markdownDescription": "Indicates whether this application is visible in the access portal.", + "title": "Visibility", "type": "string" } }, - "required": [ - "Value" - ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPoint.AwsLambda": { + "AWS::SSO::Application.SignInOptions": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "", - "title": "FunctionArn", - "type": "string" - }, - "FunctionPayload": { - "markdownDescription": "", - "title": "FunctionPayload", + "ApplicationUrl": { + "markdownDescription": "The URL that accepts authentication requests for an application. This is a required parameter if the `Origin` parameter is `APPLICATION` .", + "title": "ApplicationUrl", "type": "string" - } - }, - "required": [ - "FunctionArn" - ], - "type": "object" - }, - "AWS::S3ObjectLambda::AccessPoint.ContentTransformation": { - "additionalProperties": false, - "properties": { - "AwsLambda": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.AwsLambda", - "markdownDescription": "", - "title": "AwsLambda" - } - }, - "required": [ - "AwsLambda" - ], - "type": "object" - }, - "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { - "additionalProperties": false, - "properties": { - "AllowedFeatures": { - "items": { - "type": "string" - }, - "markdownDescription": "A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` .", - "title": "AllowedFeatures", - "type": "array" - }, - "CloudWatchMetricsEnabled": { - "markdownDescription": "A container for whether the CloudWatch metrics configuration is enabled.", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" }, - "SupportingAccessPoint": { - "markdownDescription": "Standard access point associated with the Object Lambda Access Point.", - "title": "SupportingAccessPoint", + "Origin": { + "markdownDescription": "This determines how IAM Identity Center navigates the user to the target application. It can be one of the following values:\n\n- `APPLICATION` : IAM Identity Center redirects the customer to the configured `ApplicationUrl` .\n- `IDENTITY_CENTER` : IAM Identity Center uses SAML identity-provider initiated authentication to sign the customer directly into a SAML-based application.", + "title": "Origin", "type": "string" - }, - "TransformationConfigurations": { - "items": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration" - }, - "markdownDescription": "A container for transformation configurations for an Object Lambda Access Point.", - "title": "TransformationConfigurations", - "type": "array" - } - }, - "required": [ - "SupportingAccessPoint", - "TransformationConfigurations" - ], - "type": "object" - }, - "AWS::S3ObjectLambda::AccessPoint.PublicAccessBlockConfiguration": { - "additionalProperties": false, - "properties": { - "BlockPublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:\n\n- `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "BlockPublicAcls", - "type": "boolean" - }, - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "BlockPublicPolicy", - "type": "boolean" - }, - "IgnorePublicAcls": { - "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "IgnorePublicAcls", - "type": "boolean" - }, - "RestrictPublicBuckets": { - "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.\n\nThis property is not supported for Amazon S3 on Outposts.", - "title": "RestrictPublicBuckets", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration": { - "additionalProperties": false, - "properties": { - "Actions": { - "items": { - "type": "string" - }, - "markdownDescription": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` .", - "title": "Actions", - "type": "array" - }, - "ContentTransformation": { - "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ContentTransformation", - "markdownDescription": "A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* .", - "title": "ContentTransformation" } }, "required": [ - "Actions", - "ContentTransformation" + "Origin" ], "type": "object" }, - "AWS::S3ObjectLambda::AccessPointPolicy": { + "AWS::SSO::ApplicationAssignment": { "additionalProperties": false, "properties": { "Condition": { @@ -238015,26 +289784,32 @@ "Properties": { "additionalProperties": false, "properties": { - "ObjectLambdaAccessPoint": { - "markdownDescription": "An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.", - "title": "ObjectLambdaAccessPoint", + "ApplicationArn": { + "markdownDescription": "The ARN of the application that has principals assigned.", + "title": "ApplicationArn", "type": "string" }, - "PolicyDocument": { - "markdownDescription": "Object Lambda Access Point resource policy document.", - "title": "PolicyDocument", - "type": "object" + "PrincipalId": { + "markdownDescription": "The unique identifier of the principal assigned to the application.", + "title": "PrincipalId", + "type": "string" + }, + "PrincipalType": { + "markdownDescription": "The type of the principal assigned to the application.", + "title": "PrincipalType", + "type": "string" } }, "required": [ - "ObjectLambdaAccessPoint", - "PolicyDocument" + "ApplicationArn", + "PrincipalId", + "PrincipalType" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3ObjectLambda::AccessPointPolicy" + "AWS::SSO::ApplicationAssignment" ], "type": "string" }, @@ -238053,7 +289828,7 @@ ], "type": "object" }, - "AWS::S3Outposts::AccessPoint": { + "AWS::SSO::Assignment": { "additionalProperties": false, "properties": { "Condition": { @@ -238088,37 +289863,50 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The Amazon Resource Name (ARN) of the S3 on Outposts bucket that is associated with this access point.", - "title": "Bucket", + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "InstanceArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of this access point.", - "title": "Name", + "PermissionSetArn": { + "markdownDescription": "The ARN of the permission set.", + "title": "PermissionSetArn", "type": "string" }, - "Policy": { - "markdownDescription": "The access point policy associated with this access point.", - "title": "Policy", - "type": "object" + "PrincipalId": { + "markdownDescription": "An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the [IAM Identity Center Identity Store API Reference](https://docs.aws.amazon.com//singlesignon/latest/IdentityStoreAPIReference/welcome.html) .", + "title": "PrincipalId", + "type": "string" }, - "VpcConfiguration": { - "$ref": "#/definitions/AWS::S3Outposts::AccessPoint.VpcConfiguration", - "markdownDescription": "The virtual private cloud (VPC) configuration for this access point, if one exists.", - "title": "VpcConfiguration" + "PrincipalType": { + "markdownDescription": "The entity type for which the assignment will be created.", + "title": "PrincipalType", + "type": "string" + }, + "TargetId": { + "markdownDescription": "TargetID is an AWS account identifier, (For example, 123456789012).", + "title": "TargetId", + "type": "string" + }, + "TargetType": { + "markdownDescription": "The entity type for which the assignment will be created.", + "title": "TargetType", + "type": "string" } }, "required": [ - "Bucket", - "Name", - "VpcConfiguration" + "InstanceArn", + "PermissionSetArn", + "PrincipalId", + "PrincipalType", + "TargetId", + "TargetType" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::AccessPoint" + "AWS::SSO::Assignment" ], "type": "string" }, @@ -238137,18 +289925,7 @@ ], "type": "object" }, - "AWS::S3Outposts::AccessPoint.VpcConfiguration": { - "additionalProperties": false, - "properties": { - "VpcId": { - "markdownDescription": "", - "title": "VpcId", - "type": "string" - } - }, - "type": "object" - }, - "AWS::S3Outposts::Bucket": { + "AWS::SSO::Instance": { "additionalProperties": false, "properties": { "Condition": { @@ -238183,39 +289960,25 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "A name for the S3 on Outposts bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html) . For more information, see [Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", - "title": "BucketName", - "type": "string" - }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.LifecycleConfiguration", - "markdownDescription": "Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.", - "title": "LifecycleConfiguration" - }, - "OutpostId": { - "markdownDescription": "The ID of the Outpost of the specified bucket.", - "title": "OutpostId", + "Name": { + "markdownDescription": "The name of the Identity Center instance.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) .\n\nUse tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) .\n\n> Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [Using cost allocation and bucket tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html) . \n\nTo use this resource, you must have permissions to perform the `s3-outposts:PutBucketTagging` . The S3 on Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) .", + "markdownDescription": "Specifies tags to be attached to the instance of IAM Identity Center.", "title": "Tags", "type": "array" } }, - "required": [ - "BucketName", - "OutpostId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::Bucket" + "AWS::SSO::Instance" ], "type": "string" }, @@ -238229,145 +289992,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload": { - "additionalProperties": false, - "properties": { - "DaysAfterInitiation": { - "markdownDescription": "Specifies the number of days after initiation that Amazon S3 on Outposts aborts an incomplete multipart upload.", - "title": "DaysAfterInitiation", - "type": "number" - } - }, - "required": [ - "DaysAfterInitiation" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.Filter": { - "additionalProperties": false, - "properties": { - "AndOperator": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterAndOperator", - "markdownDescription": "", - "title": "AndOperator" - }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" - }, - "Tag": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag", - "markdownDescription": "", - "title": "Tag" - } - }, - "type": "object" - }, - "AWS::S3Outposts::Bucket.FilterAndOperator": { - "additionalProperties": false, - "properties": { - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag" - }, - "markdownDescription": "", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "Tags" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.FilterTag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.LifecycleConfiguration": { - "additionalProperties": false, - "properties": { - "Rules": { - "items": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.Rule" - }, - "markdownDescription": "The container for the lifecycle configuration rules for the objects stored in the S3 on Outposts bucket.", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "Rules" - ], - "type": "object" - }, - "AWS::S3Outposts::Bucket.Rule": { - "additionalProperties": false, - "properties": { - "AbortIncompleteMultipartUpload": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload", - "markdownDescription": "The container for the abort incomplete multipart upload rule.", - "title": "AbortIncompleteMultipartUpload" - }, - "ExpirationDate": { - "markdownDescription": "Specifies the expiration for the lifecycle of the object by specifying an expiry date.", - "title": "ExpirationDate", - "type": "string" - }, - "ExpirationInDays": { - "markdownDescription": "Specifies the expiration for the lifecycle of the object in the form of days that the object has been in the S3 on Outposts bucket.", - "title": "ExpirationInDays", - "type": "number" - }, - "Filter": { - "$ref": "#/definitions/AWS::S3Outposts::Bucket.Filter", - "markdownDescription": "The container for the filter of the lifecycle rule.", - "title": "Filter" - }, - "Id": { - "markdownDescription": "", - "title": "Id", - "type": "string" - }, - "Status": { - "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", - "title": "Status", - "type": "string" - } - }, - "required": [ - "Status" + "Type" ], "type": "object" }, - "AWS::S3Outposts::BucketPolicy": { + "AWS::SSO::InstanceAccessControlAttributeConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -238402,26 +290031,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the Amazon S3 Outposts bucket to which the policy applies.", - "title": "Bucket", - "type": "string" + "AccessControlAttributes": { + "items": { + "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute" + }, + "markdownDescription": "Lists the attributes that are configured for ABAC in the specified IAM Identity Center instance.", + "title": "AccessControlAttributes", + "type": "array" }, - "PolicyDocument": { - "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .", - "title": "PolicyDocument", - "type": "object" + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed.", + "title": "InstanceArn", + "type": "string" } }, "required": [ - "Bucket", - "PolicyDocument" + "InstanceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::BucketPolicy" + "AWS::SSO::InstanceAccessControlAttributeConfiguration" ], "type": "string" }, @@ -238440,7 +290071,44 @@ ], "type": "object" }, - "AWS::S3Outposts::Endpoint": { + "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center .", + "title": "Key", + "type": "string" + }, + "Value": { + "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue", + "markdownDescription": "The value used for mapping a specified attribute to an identity source.", + "title": "Value" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue": { + "additionalProperties": false, + "properties": { + "Source": { + "items": { + "type": "string" + }, + "markdownDescription": "The identity source to use when mapping a specified attribute to IAM Identity Center .", + "title": "Source", + "type": "array" + } + }, + "required": [ + "Source" + ], + "type": "object" + }, + "AWS::SSO::PermissionSet": { "additionalProperties": false, "properties": { "Condition": { @@ -238475,47 +290143,75 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessType": { - "markdownDescription": "The container for the type of connectivity used to access the Amazon S3 on Outposts endpoint. To use the Amazon VPC , choose `Private` . To use the endpoint with an on-premises network, choose `CustomerOwnedIp` . If you choose `CustomerOwnedIp` , you must also provide the customer-owned IP address pool (CoIP pool).\n\n> `Private` is the default access type value.", - "title": "AccessType", + "CustomerManagedPolicyReferences": { + "items": { + "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference" + }, + "markdownDescription": "Specifies the names and paths of the customer managed policies that you have attached to your permission set.", + "title": "CustomerManagedPolicyReferences", + "type": "array" + }, + "Description": { + "markdownDescription": "The description of the `PermissionSet` .", + "title": "Description", "type": "string" }, - "CustomerOwnedIpv4Pool": { - "markdownDescription": "The ID of the customer-owned IPv4 address pool (CoIP pool) for the endpoint. IP addresses are allocated from this pool for the endpoint.", - "title": "CustomerOwnedIpv4Pool", + "InlinePolicy": { + "markdownDescription": "The inline policy that is attached to the permission set.\n\n> For `Length Constraints` , if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.", + "title": "InlinePolicy", + "type": "object" + }, + "InstanceArn": { + "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", + "title": "InstanceArn", "type": "string" }, - "FailedReason": { - "$ref": "#/definitions/AWS::S3Outposts::Endpoint.FailedReason", - "markdownDescription": "The failure reason, if any, for a create or delete endpoint operation.", - "title": "FailedReason" + "ManagedPolicies": { + "items": { + "type": "string" + }, + "markdownDescription": "A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.", + "title": "ManagedPolicies", + "type": "array" }, - "OutpostId": { - "markdownDescription": "The ID of the Outpost.", - "title": "OutpostId", + "Name": { + "markdownDescription": "The name of the permission set.", + "title": "Name", "type": "string" }, - "SecurityGroupId": { - "markdownDescription": "The ID of the security group used for the endpoint.", - "title": "SecurityGroupId", + "PermissionsBoundary": { + "$ref": "#/definitions/AWS::SSO::PermissionSet.PermissionsBoundary", + "markdownDescription": "Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\n> Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* .", + "title": "PermissionsBoundary" + }, + "RelayStateType": { + "markdownDescription": "Used to redirect users within the application during the federation authentication process.", + "title": "RelayStateType", "type": "string" }, - "SubnetId": { - "markdownDescription": "The ID of the subnet used for the endpoint.", - "title": "SubnetId", + "SessionDuration": { + "markdownDescription": "The length of time that the application user sessions are valid for in the ISO-8601 standard.", + "title": "SessionDuration", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to attach to the new `PermissionSet` .", + "title": "Tags", + "type": "array" } }, "required": [ - "OutpostId", - "SecurityGroupId", - "SubnetId" + "InstanceArn", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::S3Outposts::Endpoint" + "AWS::SSO::PermissionSet" ], "type": "string" }, @@ -238534,37 +290230,42 @@ ], "type": "object" }, - "AWS::S3Outposts::Endpoint.FailedReason": { + "AWS::SSO::PermissionSet.CustomerManagedPolicyReference": { "additionalProperties": false, "properties": { - "ErrorCode": { - "markdownDescription": "The failure code, if any, for a create or delete endpoint operation.", - "title": "ErrorCode", + "Name": { + "markdownDescription": "The name of the IAM policy that you have configured in each account where you want to deploy your permission set.", + "title": "Name", "type": "string" }, - "Message": { - "markdownDescription": "Additional error details describing the endpoint failure and recommended action.", - "title": "Message", + "Path": { + "markdownDescription": "The path to the IAM policy that you have configured in each account where you want to deploy your permission set. The default is `/` . For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", + "title": "Path", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::S3Outposts::Endpoint.NetworkInterface": { + "AWS::SSO::PermissionSet.PermissionsBoundary": { "additionalProperties": false, "properties": { - "NetworkInterfaceId": { - "markdownDescription": "The ID for the network interface.", - "title": "NetworkInterfaceId", + "CustomerManagedPolicyReference": { + "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference", + "markdownDescription": "Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.", + "title": "CustomerManagedPolicyReference" + }, + "ManagedPolicyArn": { + "markdownDescription": "The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.", + "title": "ManagedPolicyArn", "type": "string" } }, - "required": [ - "NetworkInterfaceId" - ], "type": "object" }, - "AWS::SDB::Domain": { + "AWS::SageMaker::App": { "additionalProperties": false, "properties": { "Condition": { @@ -238599,35 +290300,101 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Information about the SimpleDB domain.", - "title": "Description", + "AppName": { + "markdownDescription": "The name of the app.", + "title": "AppName", + "type": "string" + }, + "AppType": { + "markdownDescription": "The type of app.", + "title": "AppType", + "type": "string" + }, + "DomainId": { + "markdownDescription": "The domain ID.", + "title": "DomainId", + "type": "string" + }, + "RecoveryMode": { + "markdownDescription": "", + "title": "RecoveryMode", + "type": "boolean" + }, + "ResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::App.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "ResourceSpec" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "UserProfileName": { + "markdownDescription": "The user profile name.", + "title": "UserProfileName", "type": "string" } }, + "required": [ + "AppName", + "AppType", + "DomainId", + "UserProfileName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SDB::Domain" + "AWS::SageMaker::App" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" ], "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SageMaker::App.ResourceSpec": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", + "type": "string" + }, + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" + }, + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::SES::ConfigurationSet": { + "AWS::SageMaker::AppImageConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -238662,47 +290429,43 @@ "Properties": { "additionalProperties": false, "properties": { - "DeliveryOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.DeliveryOptions", - "markdownDescription": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS).", - "title": "DeliveryOptions" - }, - "Name": { - "markdownDescription": "The name of the configuration set. The name must meet the following requirements:\n\n- Contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", - "title": "Name", + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig. Must be unique to your account.", + "title": "AppImageConfigName", "type": "string" }, - "ReputationOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.ReputationOptions", - "markdownDescription": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", - "title": "ReputationOptions" - }, - "SendingOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.SendingOptions", - "markdownDescription": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", - "title": "SendingOptions" + "CodeEditorAppImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig", + "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", + "title": "CodeEditorAppImageConfig" }, - "SuppressionOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.SuppressionOptions", - "markdownDescription": "An object that contains information about the suppression list preferences for your account.", - "title": "SuppressionOptions" + "JupyterLabAppImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig", + "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", + "title": "JupyterLabAppImageConfig" }, - "TrackingOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.TrackingOptions", - "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", - "title": "TrackingOptions" + "KernelGatewayImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig", + "markdownDescription": "The configuration for the file system and kernels in the SageMaker AI image.", + "title": "KernelGatewayImageConfig" }, - "VdmOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.VdmOptions", - "markdownDescription": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set.", - "title": "VdmOptions" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, + "required": [ + "AppImageConfigName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::ConfigurationSet" + "AWS::SageMaker::AppImageConfig" ], "type": "string" }, @@ -238716,118 +290479,146 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SES::ConfigurationSet.DashboardOptions": { + "AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig": { "additionalProperties": false, "properties": { - "EngagementMetrics": { - "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for the configuration set.", - "title": "EngagementMetrics", - "type": "string" + "ContainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", + "markdownDescription": "", + "title": "ContainerConfig" } }, - "required": [ - "EngagementMetrics" - ], "type": "object" }, - "AWS::SES::ConfigurationSet.DeliveryOptions": { + "AWS::SageMaker::AppImageConfig.ContainerConfig": { "additionalProperties": false, "properties": { - "SendingPoolName": { - "markdownDescription": "The name of the dedicated IP pool to associate with the configuration set.", - "title": "SendingPoolName", - "type": "string" + "ContainerArguments": { + "items": { + "type": "string" + }, + "markdownDescription": "The arguments for the container when you're running the application.", + "title": "ContainerArguments", + "type": "array" }, - "TlsPolicy": { - "markdownDescription": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is `REQUIRE` , messages are only delivered if a TLS connection can be established. If the value is `OPTIONAL` , messages can be delivered in plain text if a TLS connection can't be established.\n\nValid Values: `REQUIRE | OPTIONAL`", - "title": "TlsPolicy", - "type": "string" + "ContainerEntrypoint": { + "items": { + "type": "string" + }, + "markdownDescription": "The entrypoint used to run the application in the container.", + "title": "ContainerEntrypoint", + "type": "array" + }, + "ContainerEnvironmentVariables": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable" + }, + "markdownDescription": "The environment variables to set in the container", + "title": "ContainerEnvironmentVariables", + "type": "array" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.GuardianOptions": { + "AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable": { "additionalProperties": false, "properties": { - "OptimizedSharedDelivery": { - "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for the configuration set.", - "title": "OptimizedSharedDelivery", + "Key": { + "markdownDescription": "The key that identifies a container environment variable.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the container environment variable.", + "title": "Value", "type": "string" } }, "required": [ - "OptimizedSharedDelivery" + "Key", + "Value" ], "type": "object" }, - "AWS::SES::ConfigurationSet.ReputationOptions": { + "AWS::SageMaker::AppImageConfig.FileSystemConfig": { "additionalProperties": false, "properties": { - "ReputationMetricsEnabled": { - "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", - "title": "ReputationMetricsEnabled", - "type": "boolean" + "DefaultGid": { + "markdownDescription": "The default POSIX group ID (GID). If not specified, defaults to `100` .", + "title": "DefaultGid", + "type": "number" + }, + "DefaultUid": { + "markdownDescription": "The default POSIX user ID (UID). If not specified, defaults to `1000` .", + "title": "DefaultUid", + "type": "number" + }, + "MountPath": { + "markdownDescription": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to */home/sagemaker-user* .", + "title": "MountPath", + "type": "string" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.SendingOptions": { + "AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig": { "additionalProperties": false, "properties": { - "SendingEnabled": { - "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", - "title": "SendingEnabled", - "type": "boolean" + "ContainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", + "markdownDescription": "The configuration used to run the application image container.", + "title": "ContainerConfig" } }, "type": "object" }, - "AWS::SES::ConfigurationSet.SuppressionOptions": { + "AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig": { "additionalProperties": false, "properties": { - "SuppressedReasons": { + "FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.FileSystemConfig", + "markdownDescription": "The Amazon Elastic File System storage configuration for a SageMaker AI image.", + "title": "FileSystemConfig" + }, + "KernelSpecs": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelSpec" }, - "markdownDescription": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce.", - "title": "SuppressedReasons", + "markdownDescription": "The specification of the Jupyter kernels in the image.", + "title": "KernelSpecs", "type": "array" } }, + "required": [ + "KernelSpecs" + ], "type": "object" }, - "AWS::SES::ConfigurationSet.TrackingOptions": { + "AWS::SageMaker::AppImageConfig.KernelSpec": { "additionalProperties": false, "properties": { - "CustomRedirectDomain": { - "markdownDescription": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", - "title": "CustomRedirectDomain", + "DisplayName": { + "markdownDescription": "The display name of the kernel.", + "title": "DisplayName", "type": "string" - } - }, - "type": "object" - }, - "AWS::SES::ConfigurationSet.VdmOptions": { - "additionalProperties": false, - "properties": { - "DashboardOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.DashboardOptions", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", - "title": "DashboardOptions" }, - "GuardianOptions": { - "$ref": "#/definitions/AWS::SES::ConfigurationSet.GuardianOptions", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", - "title": "GuardianOptions" + "Name": { + "markdownDescription": "The name of the Jupyter kernel in the image. This value is case sensitive.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination": { + "AWS::SageMaker::Cluster": { "additionalProperties": false, "properties": { "Condition": { @@ -238862,26 +290653,51 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigurationSetName": { - "markdownDescription": "The name of the configuration set that contains the event destination.", - "title": "ConfigurationSetName", + "ClusterName": { + "markdownDescription": "The name of the SageMaker HyperPod cluster.", + "title": "ClusterName", "type": "string" }, - "EventDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventDestination", - "markdownDescription": "An object that defines the event destination.", - "title": "EventDestination" + "InstanceGroups": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterInstanceGroup" + }, + "markdownDescription": "The instance groups of the SageMaker HyperPod cluster. To delete an instance group, remove it from the array.", + "title": "InstanceGroups", + "type": "array" + }, + "NodeRecovery": { + "markdownDescription": "Specifies whether to enable or disable the automatic node recovery feature of SageMaker HyperPod. Available values are `Automatic` for enabling and `None` for disabling.", + "title": "NodeRecovery", + "type": "string" + }, + "Orchestrator": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.Orchestrator", + "markdownDescription": "The orchestrator type for the SageMaker HyperPod cluster. Currently, `'eks'` is the only available option.", + "title": "Orchestrator" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker AWS resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see [AddTags](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html) .\n\nFor more information on adding metadata to your AWS resources with tagging, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) . For advice on best practices for managing AWS resources with tagging, see [Tagging Best Practices: Implement an Effective AWS Resource Tagging Strategy](https://docs.aws.amazon.com/https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf) .", + "title": "Tags", + "type": "array" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.VpcConfig", + "markdownDescription": "Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC. For more information, see [Give SageMaker Access to Resources in your Amazon VPC](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", + "title": "VpcConfig" } }, "required": [ - "ConfigurationSetName", - "EventDestination" + "InstanceGroups" ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::ConfigurationSetEventDestination" + "AWS::SageMaker::Cluster" ], "type": "string" }, @@ -238900,123 +290716,172 @@ ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination": { + "AWS::SageMaker::Cluster.ClusterEbsVolumeConfig": { "additionalProperties": false, "properties": { - "DimensionConfigurations": { - "items": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration" - }, - "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", - "title": "DimensionConfigurations", - "type": "array" + "VolumeSizeInGB": { + "markdownDescription": "The size in gigabytes (GB) of the additional EBS volume to be attached to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to `/opt/sagemaker` .", + "title": "VolumeSizeInGB", + "type": "number" } }, "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration": { + "AWS::SageMaker::Cluster.ClusterInstanceGroup": { "additionalProperties": false, "properties": { - "DefaultDimensionValue": { - "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- Can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-), at signs (@), and periods (.).\n- It can contain no more than 256 characters.", - "title": "DefaultDimensionValue", - "type": "string" + "CurrentCount": { + "markdownDescription": "The number of instances that are currently in the instance group of a SageMaker HyperPod cluster.", + "title": "CurrentCount", + "type": "number" }, - "DimensionName": { - "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", - "title": "DimensionName", + "ExecutionRole": { + "markdownDescription": "The execution role for the instance group to assume.", + "title": "ExecutionRole", "type": "string" }, - "DimensionValueSource": { - "markdownDescription": "The location where the Amazon SES API v2 finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` or `SendRawEmail` API, choose `messageTag` . To use your own email headers, choose `emailHeader` . To use link tags, choose `linkTag` .", - "title": "DimensionValueSource", + "InstanceCount": { + "markdownDescription": "The number of instances in an instance group of the SageMaker HyperPod cluster.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceGroupName": { + "markdownDescription": "The name of the instance group of a SageMaker HyperPod cluster.", + "title": "InstanceGroupName", "type": "string" - } - }, - "required": [ - "DefaultDimensionValue", - "DimensionName", - "DimensionValueSource" - ], - "type": "object" - }, - "AWS::SES::ConfigurationSetEventDestination.EventDestination": { - "additionalProperties": false, - "properties": { - "CloudWatchDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination", - "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", - "title": "CloudWatchDestination" }, - "Enabled": { - "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", - "title": "Enabled", - "type": "boolean" + "InstanceStorageConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterInstanceStorageConfig" + }, + "markdownDescription": "The configurations of additional storage specified to the instance group where the instance (node) is launched.", + "title": "InstanceStorageConfigs", + "type": "array" }, - "KinesisFirehoseDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination", - "markdownDescription": "An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination.", - "title": "KinesisFirehoseDestination" + "InstanceType": { + "markdownDescription": "The instance type of the instance group of a SageMaker HyperPod cluster.", + "title": "InstanceType", + "type": "string" }, - "MatchingEventTypes": { + "LifeCycleConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterLifeCycleConfig", + "markdownDescription": "The lifecycle configuration for a SageMaker HyperPod cluster.", + "title": "LifeCycleConfig" + }, + "OnStartDeepHealthChecks": { "items": { "type": "string" }, - "markdownDescription": "The types of events that Amazon SES sends to the specified event destinations.\n\n- `SEND` - The send request was successful and SES will attempt to deliver the message to the recipient\u2019s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)\n- `REJECT` - SES accepted the email, but determined that it contained a virus and didn\u2019t attempt to deliver it to the recipient\u2019s mail server.\n- `BOUNCE` - ( *Hard bounce* ) The recipient's mail server permanently rejected the email. ( *Soft bounces* are only included when SES fails to deliver the email after retrying for a period of time.)\n- `COMPLAINT` - The email was successfully delivered to the recipient\u2019s mail server, but the recipient marked it as spam.\n- `DELIVERY` - SES successfully delivered the email to the recipient's mail server.\n- `OPEN` - The recipient received the message and opened it in their email client.\n- `CLICK` - The recipient clicked one or more links in the email.\n- `RENDERING_FAILURE` - The email wasn't sent because of a template rendering issue. This event type can occur when template data is missing, or when there is a mismatch between template parameters and data. (This event type only occurs when you send email using the [`SendEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html) or [`SendBulkEmail`](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendBulkEmail.html) API operations.)\n- `DELIVERY_DELAY` - The email couldn't be delivered to the recipient\u2019s mail server because a temporary issue occurred. Delivery delays can occur, for example, when the recipient's inbox is full, or when the receiving email server experiences a transient issue.\n- `SUBSCRIPTION` - The email was successfully delivered, but the recipient updated their subscription preferences by clicking on an *unsubscribe* link as part of your [subscription management](https://docs.aws.amazon.com/ses/latest/dg/sending-email-subscription-management.html) .", - "title": "MatchingEventTypes", + "markdownDescription": "A flag indicating whether deep health checks should be performed when the HyperPod cluster instance group is created or updated. Deep health checks are comprehensive, invasive tests that validate the health of the underlying hardware and infrastructure components.", + "title": "OnStartDeepHealthChecks", "type": "array" }, - "Name": { - "markdownDescription": "The name of the event destination. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", - "title": "Name", - "type": "string" + "OverrideVpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.VpcConfig", + "markdownDescription": "The customized Amazon VPC configuration at the instance group level that overrides the default Amazon VPC configuration of the SageMaker HyperPod cluster.", + "title": "OverrideVpcConfig" }, - "SnsDestination": { - "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.SnsDestination", - "markdownDescription": "An object that contains the topic ARN associated with an Amazon Simple Notification Service (Amazon SNS) event destination.", - "title": "SnsDestination" + "ThreadsPerCore": { + "markdownDescription": "The number of threads per CPU core you specified under `CreateCluster` .", + "title": "ThreadsPerCore", + "type": "number" } }, "required": [ - "MatchingEventTypes" + "ExecutionRole", + "InstanceCount", + "InstanceGroupName", + "InstanceType", + "LifeCycleConfig" ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination": { + "AWS::SageMaker::Cluster.ClusterInstanceStorageConfig": { "additionalProperties": false, "properties": { - "DeliveryStreamARN": { - "markdownDescription": "The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to.", - "title": "DeliveryStreamARN", + "EbsVolumeConfig": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterEbsVolumeConfig", + "markdownDescription": "Defines the configuration for attaching additional Amazon Elastic Block Store (EBS) volumes to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to `/opt/sagemaker` .", + "title": "EbsVolumeConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::Cluster.ClusterLifeCycleConfig": { + "additionalProperties": false, + "properties": { + "OnCreate": { + "markdownDescription": "The file name of the entrypoint script of lifecycle scripts under `SourceS3Uri` . This entrypoint script runs during cluster creation.", + "title": "OnCreate", "type": "string" }, - "IAMRoleARN": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the Amazon SES API v2 uses to send email events to the Amazon Kinesis Data Firehose stream.", - "title": "IAMRoleARN", + "SourceS3Uri": { + "markdownDescription": "An Amazon S3 bucket path where your lifecycle scripts are stored.\n\n> Make sure that the S3 bucket path starts with `s3://sagemaker-` . The [IAM role for SageMaker HyperPod](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-hyperpod-prerequisites.html#sagemaker-hyperpod-prerequisites-iam-role-for-hyperpod) has the managed [`AmazonSageMakerClusterInstanceRolePolicy`](https://docs.aws.amazon.com/sagemaker/latest/dg/security-iam-awsmanpol-cluster.html) attached, which allows access to S3 buckets with the specific prefix `sagemaker-` .", + "title": "SourceS3Uri", "type": "string" } }, "required": [ - "DeliveryStreamARN", - "IAMRoleARN" + "OnCreate", + "SourceS3Uri" ], "type": "object" }, - "AWS::SES::ConfigurationSetEventDestination.SnsDestination": { + "AWS::SageMaker::Cluster.ClusterOrchestratorEksConfig": { "additionalProperties": false, "properties": { - "TopicARN": { - "markdownDescription": "The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicARN", + "ClusterArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SageMaker HyperPod cluster.", + "title": "ClusterArn", "type": "string" } }, "required": [ - "TopicARN" + "ClusterArn" ], "type": "object" }, - "AWS::SES::ContactList": { + "AWS::SageMaker::Cluster.Orchestrator": { + "additionalProperties": false, + "properties": { + "Eks": { + "$ref": "#/definitions/AWS::SageMaker::Cluster.ClusterOrchestratorEksConfig", + "markdownDescription": "The configuration of the Amazon EKS orchestrator cluster for the SageMaker HyperPod cluster.", + "title": "Eks" + } + }, + "required": [ + "Eks" + ], + "type": "object" + }, + "AWS::SageMaker::Cluster.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::CodeRepository": { "additionalProperties": false, "properties": { "Condition": { @@ -239051,38 +290916,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ContactListName": { - "markdownDescription": "The name of the contact list.", - "title": "ContactListName", + "CodeRepositoryName": { + "markdownDescription": "The name of the Git repository.", + "title": "CodeRepositoryName", "type": "string" }, - "Description": { - "markdownDescription": "A description of what the contact list is about.", - "title": "Description", - "type": "string" + "GitConfig": { + "$ref": "#/definitions/AWS::SageMaker::CodeRepository.GitConfig", + "markdownDescription": "Configuration details for the Git repository, including the URL where it is located and the ARN of the AWS Secrets Manager secret that contains the credentials used to access the repository.", + "title": "GitConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags associated with a contact list.", + "markdownDescription": "List of tags for Code Repository.", "title": "Tags", "type": "array" - }, - "Topics": { - "items": { - "$ref": "#/definitions/AWS::SES::ContactList.Topic" - }, - "markdownDescription": "An interest group, theme, or label within a list. A contact list can have multiple topics.", - "title": "Topics", - "type": "array" } }, + "required": [ + "GitConfig" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::ContactList" + "AWS::SageMaker::CodeRepository" ], "type": "string" }, @@ -239096,42 +290956,36 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SES::ContactList.Topic": { + "AWS::SageMaker::CodeRepository.GitConfig": { "additionalProperties": false, "properties": { - "DefaultSubscriptionStatus": { - "markdownDescription": "The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic.", - "title": "DefaultSubscriptionStatus", - "type": "string" - }, - "Description": { - "markdownDescription": "A description of what the topic is about, which the contact will see.", - "title": "Description", + "Branch": { + "markdownDescription": "The default branch for the Git repository.", + "title": "Branch", "type": "string" }, - "DisplayName": { - "markdownDescription": "The name of the topic the contact will see.", - "title": "DisplayName", + "RepositoryUrl": { + "markdownDescription": "The URL where the Git repository is located.", + "title": "RepositoryUrl", "type": "string" }, - "TopicName": { - "markdownDescription": "The name of the topic.", - "title": "TopicName", + "SecretArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the credentials used to access the git repository. The secret must have a staging label of `AWSCURRENT` and must be in the following format:\n\n`{\"username\": *UserName* , \"password\": *Password* }`", + "title": "SecretArn", "type": "string" } }, "required": [ - "DefaultSubscriptionStatus", - "DisplayName", - "TopicName" + "RepositoryUrl" ], "type": "object" }, - "AWS::SES::DedicatedIpPool": { + "AWS::SageMaker::DataQualityJobDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -239166,22 +291020,77 @@ "Properties": { "additionalProperties": false, "properties": { - "PoolName": { - "markdownDescription": "The name of the dedicated IP pool that the IP address is associated with.", - "title": "PoolName", + "DataQualityAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification", + "markdownDescription": "Specifies the container that runs the monitoring job.", + "title": "DataQualityAppSpecification" + }, + "DataQualityBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig", + "markdownDescription": "Configures the constraints and baselines for the monitoring job.", + "title": "DataQualityBaselineConfig" + }, + "DataQualityJobInput": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput", + "markdownDescription": "A list of inputs for the monitoring job. Currently endpoints are supported as monitoring inputs.", + "title": "DataQualityJobInput" + }, + "DataQualityJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "DataQualityJobOutputConfig" + }, + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", "type": "string" }, - "ScalingMode": { - "markdownDescription": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", - "title": "ScalingMode", + "JobDefinitionName": { + "markdownDescription": "The name for the monitoring job definition.", + "title": "JobDefinitionName", + "type": "string" + }, + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" + }, + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.NetworkConfig", + "markdownDescription": "Specifies networking configuration for the monitoring job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, + "required": [ + "DataQualityAppSpecification", + "DataQualityJobInput", + "DataQualityJobOutputConfig", + "JobResources", + "RoleArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::DedicatedIpPool" + "AWS::SageMaker::DataQualityJobDefinition" ], "type": "string" }, @@ -239195,11 +291104,408 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SES::EmailIdentity": { + "AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput": { + "additionalProperties": false, + "properties": { + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", + "type": "string" + }, + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" + }, + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + } + }, + "required": [ + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.ClusterConfig": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.Csv": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification": { + "additionalProperties": false, + "properties": { + "ContainerArguments": { + "items": { + "type": "string" + }, + "markdownDescription": "The arguments to send to the container that the monitoring job runs.", + "title": "ContainerArguments", + "type": "array" + }, + "ContainerEntrypoint": { + "items": { + "type": "string" + }, + "markdownDescription": "The entrypoint for a container used to run a monitoring job.", + "title": "ContainerEntrypoint", + "type": "array" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "ImageUri": { + "markdownDescription": "The container image that the data quality monitoring job runs.", + "title": "ImageUri", + "type": "string" + }, + "PostAnalyticsProcessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", + "title": "PostAnalyticsProcessorSourceUri", + "type": "string" + }, + "RecordPreprocessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", + "title": "RecordPreprocessorSourceUri", + "type": "string" + } + }, + "required": [ + "ImageUri" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig": { + "additionalProperties": false, + "properties": { + "BaseliningJobName": { + "markdownDescription": "The name of the job that performs baselining for the data quality monitoring job.", + "title": "BaseliningJobName", + "type": "string" + }, + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a monitoring job.", + "title": "ConstraintsResource" + }, + "StatisticsResource": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StatisticsResource", + "markdownDescription": "Configuration for monitoring constraints and monitoring statistics. These baseline resources are compared against the results of the current job from the series of jobs scheduled to collect data periodically.", + "title": "StatisticsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" + }, + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.DatasetFormat": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" + }, + "Json": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Json", + "markdownDescription": "", + "title": "Json" + }, + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.EndpointInput": { + "additionalProperties": false, + "properties": { + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", + "type": "string" + }, + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + } + }, + "required": [ + "EndpointName", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.Json": { + "additionalProperties": false, + "properties": { + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput": { + "additionalProperties": false, + "properties": { + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" + } + }, + "required": [ + "S3Output" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", + "type": "string" + }, + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" + } + }, + "required": [ + "MonitoringOutputs" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.MonitoringResources": { + "additionalProperties": false, + "properties": { + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" + } + }, + "required": [ + "ClusterConfig" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.NetworkConfig": { + "additionalProperties": false, + "properties": { + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" + }, + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.S3Output": { + "additionalProperties": false, + "properties": { + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" + }, + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "LocalPath", + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.StatisticsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the statistics resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.StoppingCondition": { + "additionalProperties": false, + "properties": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" + } + }, + "required": [ + "MaxRuntimeInSeconds" + ], + "type": "object" + }, + "AWS::SageMaker::DataQualityJobDefinition.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], + "type": "object" + }, + "AWS::SageMaker::Device": { "additionalProperties": false, "properties": { "Condition": { @@ -239234,45 +291540,33 @@ "Properties": { "additionalProperties": false, "properties": { - "ConfigurationSetAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.ConfigurationSetAttributes", - "markdownDescription": "Used to associate a configuration set with an email identity.", - "title": "ConfigurationSetAttributes" - }, - "DkimAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimAttributes", - "markdownDescription": "An object that contains information about the DKIM attributes for the identity.", - "title": "DkimAttributes" - }, - "DkimSigningAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimSigningAttributes", - "markdownDescription": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", - "title": "DkimSigningAttributes" + "Device": { + "$ref": "#/definitions/AWS::SageMaker::Device.Device", + "markdownDescription": "Edge device you want to create.", + "title": "Device" }, - "EmailIdentity": { - "markdownDescription": "The email address or domain to verify.", - "title": "EmailIdentity", + "DeviceFleetName": { + "markdownDescription": "The name of the fleet the device belongs to.", + "title": "DeviceFleetName", "type": "string" }, - "FeedbackAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.FeedbackAttributes", - "markdownDescription": "Used to enable or disable feedback forwarding for an identity.", - "title": "FeedbackAttributes" - }, - "MailFromAttributes": { - "$ref": "#/definitions/AWS::SES::EmailIdentity.MailFromAttributes", - "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", - "title": "MailFromAttributes" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your devices. Each tag consists of a key and a value, both of which you define.", + "title": "Tags", + "type": "array" } }, "required": [ - "EmailIdentity" + "DeviceFleetName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::EmailIdentity" + "AWS::SageMaker::Device" ], "type": "string" }, @@ -239291,77 +291585,31 @@ ], "type": "object" }, - "AWS::SES::EmailIdentity.ConfigurationSetAttributes": { - "additionalProperties": false, - "properties": { - "ConfigurationSetName": { - "markdownDescription": "The configuration set to associate with an email identity.", - "title": "ConfigurationSetName", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SES::EmailIdentity.DkimAttributes": { - "additionalProperties": false, - "properties": { - "SigningEnabled": { - "markdownDescription": "Sets the DKIM signing configuration for the identity.\n\nWhen you set this value `true` , then the messages that are sent from the identity are signed using DKIM. If you set this value to `false` , your messages are sent without DKIM signing.", - "title": "SigningEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SES::EmailIdentity.DkimSigningAttributes": { + "AWS::SageMaker::Device.Device": { "additionalProperties": false, "properties": { - "DomainSigningPrivateKey": { - "markdownDescription": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature.\n\nThe private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.\n\n> Rather than embedding sensitive information directly in your CFN templates, we recommend you use dynamic parameters in the stack template to reference sensitive information that is stored and managed outside of CFN, such as in the AWS Systems Manager Parameter Store or AWS Secrets Manager.\n> \n> For more information, see the [Do not embed credentials in your templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) best practice.", - "title": "DomainSigningPrivateKey", - "type": "string" - }, - "DomainSigningSelector": { - "markdownDescription": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain.", - "title": "DomainSigningSelector", + "Description": { + "markdownDescription": "Description of the device.", + "title": "Description", "type": "string" }, - "NextSigningKeyLength": { - "markdownDescription": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.\n\nValid Values: `RSA_1024_BIT | RSA_2048_BIT`", - "title": "NextSigningKeyLength", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SES::EmailIdentity.FeedbackAttributes": { - "additionalProperties": false, - "properties": { - "EmailForwardingEnabled": { - "markdownDescription": "Sets the feedback forwarding configuration for the identity.\n\nIf the value is `true` , you receive email notifications when bounce or complaint events occur. These notifications are sent to the address that you specified in the `Return-Path` header of the original email.\n\nYou're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications (for example, by setting up an event destination), you receive an email notification when these events occur (even if this setting is disabled).", - "title": "EmailForwardingEnabled", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SES::EmailIdentity.MailFromAttributes": { - "additionalProperties": false, - "properties": { - "BehaviorOnMxFailure": { - "markdownDescription": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", - "title": "BehaviorOnMxFailure", + "DeviceName": { + "markdownDescription": "The name of the device.", + "title": "DeviceName", "type": "string" }, - "MailFromDomain": { - "markdownDescription": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails.", - "title": "MailFromDomain", + "IotThingName": { + "markdownDescription": "AWS Internet of Things (IoT) object name.", + "title": "IotThingName", "type": "string" } }, + "required": [ + "DeviceName" + ], "type": "object" }, - "AWS::SES::ReceiptFilter": { + "AWS::SageMaker::DeviceFleet": { "additionalProperties": false, "properties": { "Condition": { @@ -239396,20 +291644,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Filter": { - "$ref": "#/definitions/AWS::SES::ReceiptFilter.Filter", - "markdownDescription": "A data structure that describes the IP address filter to create, which consists of a name, an IP address range, and whether to allow or block mail from it.", - "title": "Filter" + "Description": { + "markdownDescription": "A description of the fleet.", + "title": "Description", + "type": "string" + }, + "DeviceFleetName": { + "markdownDescription": "Name of the device fleet.", + "title": "DeviceFleetName", + "type": "string" + }, + "OutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::DeviceFleet.EdgeOutputConfig", + "markdownDescription": "The output configuration for storing sample data collected by the fleet.", + "title": "OutputConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT).", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your device fleets. Each tag consists of a key and a value, both of which you define.", + "title": "Tags", + "type": "array" } }, "required": [ - "Filter" + "DeviceFleetName", + "OutputConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::ReceiptFilter" + "AWS::SageMaker::DeviceFleet" ], "type": "string" }, @@ -239428,46 +291701,26 @@ ], "type": "object" }, - "AWS::SES::ReceiptFilter.Filter": { - "additionalProperties": false, - "properties": { - "IpFilter": { - "$ref": "#/definitions/AWS::SES::ReceiptFilter.IpFilter", - "markdownDescription": "A structure that provides the IP addresses to block or allow, and whether to block or allow incoming mail from them.", - "title": "IpFilter" - }, - "Name": { - "markdownDescription": "The name of the IP address filter. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "IpFilter" - ], - "type": "object" - }, - "AWS::SES::ReceiptFilter.IpFilter": { + "AWS::SageMaker::DeviceFleet.EdgeOutputConfig": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "A single IP address or a range of IP addresses to block or allow, specified in Classless Inter-Domain Routing (CIDR) notation. An example of a single email address is 10.0.0.1. An example of a range of IP addresses is 10.0.0.1/24. For more information about CIDR notation, see [RFC 2317](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2317) .", - "title": "Cidr", + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume after compilation job. If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account.", + "title": "KmsKeyId", "type": "string" }, - "Policy": { - "markdownDescription": "Indicates whether to block or allow incoming mail from the specified IP addresses.", - "title": "Policy", + "S3OutputLocation": { + "markdownDescription": "The Amazon Simple Storage (S3) bucket URI.", + "title": "S3OutputLocation", "type": "string" } }, "required": [ - "Cidr", - "Policy" + "S3OutputLocation" ], "type": "object" }, - "AWS::SES::ReceiptRule": { + "AWS::SageMaker::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -239502,31 +291755,83 @@ "Properties": { "additionalProperties": false, "properties": { - "After": { - "markdownDescription": "The name of an existing rule after which the new rule is placed. If this parameter is null, the new rule is inserted at the beginning of the rule list.", - "title": "After", + "AppNetworkAccessType": { + "markdownDescription": "Specifies the VPC used for non-EFS traffic. The default value is `PublicInternetOnly` .\n\n- `PublicInternetOnly` - Non-EFS traffic is through a VPC managed by Amazon SageMaker AI , which allows direct internet access\n- `VpcOnly` - All Studio traffic is through the specified VPC and subnets\n\n*Valid Values* : `PublicInternetOnly | VpcOnly`", + "title": "AppNetworkAccessType", "type": "string" }, - "Rule": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.Rule", - "markdownDescription": "A data structure that contains the specified rule's name, actions, recipients, domains, enabled status, scan status, and TLS policy.", - "title": "Rule" + "AppSecurityGroupManagement": { + "markdownDescription": "The entity that creates and manages the required security groups for inter-app communication in `VpcOnly` mode. Required when `CreateDomain.AppNetworkAccessType` is `VpcOnly` and `DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn` is provided. If setting up the domain for use with RStudio, this value must be set to `Service` .\n\n*Allowed Values* : `Service` | `Customer`", + "title": "AppSecurityGroupManagement", + "type": "string" }, - "RuleSetName": { - "markdownDescription": "The name of the rule set where the receipt rule is added.", - "title": "RuleSetName", + "AuthMode": { + "markdownDescription": "The mode of authentication that members use to access the Domain.\n\n*Valid Values* : `SSO | IAM`", + "title": "AuthMode", + "type": "string" + }, + "DefaultSpaceSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceSettings", + "markdownDescription": "The default settings for shared spaces that users create in the domain.\n\nSageMaker applies these settings only to shared spaces. It doesn't apply them to private spaces.", + "title": "DefaultSpaceSettings" + }, + "DefaultUserSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.UserSettings", + "markdownDescription": "The default user settings.", + "title": "DefaultUserSettings" + }, + "DomainName": { + "markdownDescription": "The domain name.", + "title": "DomainName", + "type": "string" + }, + "DomainSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DomainSettings", + "markdownDescription": "A collection of settings that apply to the `SageMaker Domain` . These settings are specified through the `CreateDomain` API call.", + "title": "DomainSettings" + }, + "KmsKeyId": { + "markdownDescription": "SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default. For more control, specify a customer managed CMK.\n\n*Length Constraints* : Maximum length of 2048.\n\n*Pattern* : `.*`", + "title": "KmsKeyId", + "type": "string" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC subnets that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Array members* : Minimum number of 1 item. Maximum number of 16 items.\n\n*Pattern* : `[-0-9a-zA-Z]+`", + "title": "SubnetIds", + "type": "array" + }, + "TagPropagation": { + "markdownDescription": "", + "title": "TagPropagation", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Tags to associated with the Domain. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.\n\nTags that you specify for the Domain are also added to all apps that are launched in the Domain.\n\n*Array members* : Minimum number of 0 items. Maximum number of 50 items.", + "title": "Tags", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Pattern* : `[-0-9a-zA-Z]+`", + "title": "VpcId", "type": "string" } }, "required": [ - "Rule", - "RuleSetName" + "AuthMode", + "DefaultUserSettings", + "DomainName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SES::ReceiptRule" + "AWS::SageMaker::Domain" ], "type": "string" }, @@ -239545,616 +291850,754 @@ ], "type": "object" }, - "AWS::SES::ReceiptRule.Action": { + "AWS::SageMaker::Domain.AppLifecycleManagement": { "additionalProperties": false, "properties": { - "AddHeaderAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.AddHeaderAction", - "markdownDescription": "Adds a header to the received email.", - "title": "AddHeaderAction" - }, - "BounceAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.BounceAction", - "markdownDescription": "Rejects the received email by returning a bounce response to the sender and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).", - "title": "BounceAction" - }, - "LambdaAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.LambdaAction", - "markdownDescription": "Calls an AWS Lambda function, and optionally, publishes a notification to Amazon SNS.", - "title": "LambdaAction" + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.IdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.CodeEditorAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Domain.AppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications.", + "title": "AppLifecycleManagement" }, - "S3Action": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.S3Action", - "markdownDescription": "Saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon SNS.", - "title": "S3Action" + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" }, - "SNSAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.SNSAction", - "markdownDescription": "Publishes the email content within a notification to Amazon SNS.", - "title": "SNSAction" + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", + "title": "CustomImages", + "type": "array" }, - "StopAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.StopAction", - "markdownDescription": "Terminates the evaluation of the receipt rule set and optionally publishes a notification to Amazon SNS.", - "title": "StopAction" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", + "title": "DefaultResourceSpec" }, - "WorkmailAction": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.WorkmailAction", - "markdownDescription": "Calls Amazon WorkMail and, optionally, publishes a notification to Amazon SNS.", - "title": "WorkmailAction" + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", + "title": "LifecycleConfigArns", + "type": "array" } }, "type": "object" }, - "AWS::SES::ReceiptRule.AddHeaderAction": { + "AWS::SageMaker::Domain.CodeRepository": { "additionalProperties": false, "properties": { - "HeaderName": { - "markdownDescription": "The name of the header to add to the incoming message. The name must contain at least one character, and can contain up to 50 characters. It consists of alphanumeric ( `a\u2013z, A\u2013Z, 0\u20139` ) characters and dashes.", - "title": "HeaderName", - "type": "string" - }, - "HeaderValue": { - "markdownDescription": "The content to include in the header. This value can contain up to 2048 characters. It can't contain newline ( `\\n` ) or carriage return ( `\\r` ) characters.", - "title": "HeaderValue", + "RepositoryUrl": { + "markdownDescription": "The URL of the Git repository.", + "title": "RepositoryUrl", "type": "string" } }, "required": [ - "HeaderName", - "HeaderValue" + "RepositoryUrl" ], "type": "object" }, - "AWS::SES::ReceiptRule.BounceAction": { + "AWS::SageMaker::Domain.CustomFileSystemConfig": { "additionalProperties": false, "properties": { - "Message": { - "markdownDescription": "Human-readable text to include in the bounce message.", - "title": "Message", - "type": "string" + "EFSFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.EFSFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon EFS file system.", + "title": "EFSFileSystemConfig" }, - "Sender": { - "markdownDescription": "The email address of the sender of the bounced email. This is the address from which the bounce message is sent.", - "title": "Sender", - "type": "string" + "FSxLustreFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.FSxLustreFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon FSx for Lustre file system.", + "title": "FSxLustreFileSystemConfig" }, - "SmtpReplyCode": { - "markdownDescription": "The SMTP reply code, as defined by [RFC 5321](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5321) .", - "title": "SmtpReplyCode", + "S3FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.S3FileSystemConfig", + "markdownDescription": "Configuration settings for a custom Amazon S3 file system.", + "title": "S3FileSystemConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.CustomImage": { + "additionalProperties": false, + "properties": { + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig.", + "title": "AppImageConfigName", "type": "string" }, - "StatusCode": { - "markdownDescription": "The SMTP enhanced status code, as defined by [RFC 3463](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3463) .", - "title": "StatusCode", + "ImageName": { + "markdownDescription": "The name of the CustomImage. Must be unique to your account.", + "title": "ImageName", "type": "string" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the bounce action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", - "type": "string" + "ImageVersionNumber": { + "markdownDescription": "The version number of the CustomImage.", + "title": "ImageVersionNumber", + "type": "number" } }, "required": [ - "Message", - "Sender", - "SmtpReplyCode" + "AppImageConfigName", + "ImageName" ], "type": "object" }, - "AWS::SES::ReceiptRule.LambdaAction": { + "AWS::SageMaker::Domain.CustomPosixUserConfig": { "additionalProperties": false, "properties": { - "FunctionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function. An example of an AWS Lambda function ARN is `arn:aws:lambda:us-west-2:account-id:function:MyFunction` . For more information about AWS Lambda, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html) .", - "title": "FunctionArn", - "type": "string" + "Gid": { + "markdownDescription": "The POSIX group ID.", + "title": "Gid", + "type": "number" }, - "InvocationType": { - "markdownDescription": "The invocation type of the AWS Lambda function. An invocation type of `RequestResponse` means that the execution of the function immediately results in a response, and a value of `Event` means that the function is invoked asynchronously. The default value is `Event` . For information about AWS Lambda invocation types, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html) .\n\n> There is a 30-second timeout on `RequestResponse` invocations. You should use `Event` invocation in most cases. Use `RequestResponse` only to make a mail flow decision, such as whether to stop the receipt rule or the receipt rule set.", - "title": "InvocationType", - "type": "string" + "Uid": { + "markdownDescription": "The POSIX user ID.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::SageMaker::Domain.DefaultEbsStorageSettings": { + "additionalProperties": false, + "properties": { + "DefaultEbsVolumeSizeInGb": { + "markdownDescription": "The default size of the EBS storage volume for a space.", + "title": "DefaultEbsVolumeSizeInGb", + "type": "number" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the Lambda action is executed. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", - "type": "string" + "MaximumEbsVolumeSizeInGb": { + "markdownDescription": "The maximum size of the EBS storage volume for a space.", + "title": "MaximumEbsVolumeSizeInGb", + "type": "number" } }, "required": [ - "FunctionArn" + "DefaultEbsVolumeSizeInGb", + "MaximumEbsVolumeSizeInGb" ], "type": "object" }, - "AWS::SES::ReceiptRule.Rule": { + "AWS::SageMaker::Domain.DefaultSpaceSettings": { "additionalProperties": false, "properties": { - "Actions": { + "CustomFileSystemConfigs": { "items": { - "$ref": "#/definitions/AWS::SES::ReceiptRule.Action" + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" }, - "markdownDescription": "An ordered list of actions to perform on messages that match at least one of the recipient email addresses or domains specified in the receipt rule.", - "title": "Actions", + "markdownDescription": "The settings for assigning a custom file system to a domain. Permitted users can access this file system in Amazon SageMaker AI Studio.", + "title": "CustomFileSystemConfigs", "type": "array" }, - "Enabled": { - "markdownDescription": "If `true` , the receipt rule is active. The default value is `false` .", - "title": "Enabled", - "type": "boolean" + "CustomPosixUserConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", + "markdownDescription": "", + "title": "CustomPosixUserConfig" }, - "Name": { - "markdownDescription": "The name of the receipt rule. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), dashes (-), or periods (.).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", - "title": "Name", + "ExecutionRole": { + "markdownDescription": "The ARN of the execution role for the space.", + "title": "ExecutionRole", "type": "string" }, - "Recipients": { + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", + "markdownDescription": "", + "title": "JupyterLabAppSettings" + }, + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", + "markdownDescription": "The JupyterServer app settings.", + "title": "JupyterServerAppSettings" + }, + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", + "markdownDescription": "The KernelGateway app settings.", + "title": "KernelGatewayAppSettings" + }, + "SecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "The recipient domains and email addresses that the receipt rule applies to. If this field is not specified, this rule matches all recipients on all verified domains.", - "title": "Recipients", + "markdownDescription": "The security group IDs for the Amazon VPC that the space uses for communication.", + "title": "SecurityGroups", "type": "array" }, - "ScanEnabled": { - "markdownDescription": "If `true` , then messages that this receipt rule applies to are scanned for spam and viruses. The default value is `false` .", - "title": "ScanEnabled", - "type": "boolean" - }, - "TlsPolicy": { - "markdownDescription": "Specifies whether Amazon SES should require that incoming email is delivered over a connection encrypted with Transport Layer Security (TLS). If this parameter is set to `Require` , Amazon SES bounces emails that are not received over TLS. The default is `Optional` .\n\nValid Values: `Require | Optional`", - "title": "TlsPolicy", - "type": "string" + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", + "markdownDescription": "", + "title": "SpaceStorageSettings" } }, + "required": [ + "ExecutionRole" + ], "type": "object" }, - "AWS::SES::ReceiptRule.S3Action": { + "AWS::SageMaker::Domain.DefaultSpaceStorageSettings": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the Amazon S3 bucket for incoming email.", - "title": "BucketName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the AWS managed key or a customer managed key that you created in AWS KMS as follows:\n\n- To use the AWS managed key, provide an ARN in the form of `arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses` . For example, if your AWS account ID is 123456789012 and you want to use the AWS managed key in the US West (Oregon) Region, the ARN of the AWS managed key would be `arn:aws:kms:us-west-2:123456789012:alias/aws/ses` . If you use the AWS managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.\n- To use a customer managed key that you created in AWS KMS, provide the ARN of the customer managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-permissions.html) .\n\nFor more information about key policies, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) . If you do not specify an AWS KMS key, Amazon SES does not encrypt your emails.\n\n> Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your AWS KMS keys for decryption. This encryption client is currently available with the [AWS SDK for Java](https://docs.aws.amazon.com/sdk-for-java/) and [AWS SDK for Ruby](https://docs.aws.amazon.com/sdk-for-ruby/) only. For more information about client-side encryption using AWS KMS managed keys, see the [Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html) .", - "title": "KmsKeyArn", - "type": "string" - }, - "ObjectKeyPrefix": { - "markdownDescription": "The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to store similar data under the same directory in a bucket.", - "title": "ObjectKeyPrefix", + "DefaultEbsStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultEbsStorageSettings", + "markdownDescription": "The default EBS storage settings for a space.", + "title": "DefaultEbsStorageSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.DockerSettings": { + "additionalProperties": false, + "properties": { + "EnableDockerAccess": { + "markdownDescription": "Indicates whether the domain can access Docker.", + "title": "EnableDockerAccess", "type": "string" }, - "TopicArn": { - "markdownDescription": "The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", - "type": "string" + "VpcOnlyTrustedAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of AWS accounts that are trusted when the domain is created in VPC-only mode.", + "title": "VpcOnlyTrustedAccounts", + "type": "array" } }, - "required": [ - "BucketName" - ], "type": "object" }, - "AWS::SES::ReceiptRule.SNSAction": { + "AWS::SageMaker::Domain.DomainSettings": { "additionalProperties": false, "properties": { - "Encoding": { - "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.", - "title": "Encoding", - "type": "string" + "DockerSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DockerSettings", + "markdownDescription": "A collection of settings that configure the domain's Docker interaction.", + "title": "DockerSettings" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.", - "title": "TopicArn", + "ExecutionRoleIdentityConfig": { + "markdownDescription": "The configuration for attaching a SageMaker AI user profile name to the execution role as a [sts:SourceIdentity key](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) .", + "title": "ExecutionRoleIdentityConfig", "type": "string" + }, + "RStudioServerProDomainSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProDomainSettings", + "markdownDescription": "A collection of settings that configure the `RStudioServerPro` Domain-level app.", + "title": "RStudioServerProDomainSettings" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the Amazon Virtual Private Cloud that the `Domain` uses for communication between Domain-level apps and user apps.", + "title": "SecurityGroupIds", + "type": "array" + }, + "UnifiedStudioSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.UnifiedStudioSettings", + "markdownDescription": "The settings that apply to an SageMaker AI domain when you use it in Amazon SageMaker Unified Studio.", + "title": "UnifiedStudioSettings" } }, "type": "object" }, - "AWS::SES::ReceiptRule.StopAction": { + "AWS::SageMaker::Domain.EFSFileSystemConfig": { "additionalProperties": false, "properties": { - "Scope": { - "markdownDescription": "The scope of the StopAction. The only acceptable value is `RuleSet` .", - "title": "Scope", + "FileSystemId": { + "markdownDescription": "The ID of your Amazon EFS file system.", + "title": "FileSystemId", "type": "string" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the stop action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", "type": "string" } }, "required": [ - "Scope" + "FileSystemId" ], "type": "object" }, - "AWS::SES::ReceiptRule.WorkmailAction": { + "AWS::SageMaker::Domain.FSxLustreFileSystemConfig": { "additionalProperties": false, "properties": { - "OrganizationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon WorkMail organization. Amazon WorkMail ARNs use the following format:\n\n`arn:aws:workmail:::organization/`\n\nYou can find the ID of your organization by using the [ListOrganizations](https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListOrganizations.html) operation in Amazon WorkMail. Amazon WorkMail organization IDs begin with \" `m-` \", followed by a string of alphanumeric characters.\n\nFor information about Amazon WorkMail organizations, see the [Amazon WorkMail Administrator Guide](https://docs.aws.amazon.com/workmail/latest/adminguide/organizations_overview.html) .", - "title": "OrganizationArn", + "FileSystemId": { + "markdownDescription": "The globally unique, 17-digit, ID of the file system, assigned by Amazon FSx for Lustre.", + "title": "FileSystemId", "type": "string" }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the WorkMail action is called. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", - "title": "TopicArn", + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", "type": "string" } }, "required": [ - "OrganizationArn" + "FileSystemId" ], "type": "object" }, - "AWS::SES::ReceiptRuleSet": { + "AWS::SageMaker::Domain.HiddenSageMakerImage": { "additionalProperties": false, "properties": { - "Condition": { + "SageMakerImageName": { + "markdownDescription": "The SageMaker image name that you are hiding from the Studio user interface.", + "title": "SageMakerImageName", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VersionAliases": { + "items": { + "type": "string" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "VersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.IdleSettings": { + "additionalProperties": false, + "properties": { + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" + }, + "LifecycleManagement": { + "markdownDescription": "Indicates whether idle shutdown is activated for the application type.", + "title": "LifecycleManagement", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "MaxIdleTimeoutInMinutes": { + "markdownDescription": "The maximum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MaxIdleTimeoutInMinutes", + "type": "number" }, - "Metadata": { - "type": "object" + "MinIdleTimeoutInMinutes": { + "markdownDescription": "The minimum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MinIdleTimeoutInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.JupyterLabAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Domain.AppLifecycleManagement", + "markdownDescription": "Indicates whether idle shutdown is activated for JupyterLab applications.", + "title": "AppLifecycleManagement" }, - "Properties": { - "additionalProperties": false, - "properties": { - "RuleSetName": { - "markdownDescription": "The name of the receipt rule set to make active. Setting this value to null disables all email receiving.", - "title": "RuleSetName", - "type": "string" - } + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", + "type": "string" + }, + "CodeRepositories": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CodeRepository" }, - "type": "object" + "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", + "title": "CodeRepositories", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SES::ReceiptRuleSet" - ], - "type": "string" + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", + "title": "CustomImages", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::SES::Template": { + "AWS::SageMaker::Domain.JupyterServerAppSettings": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", + "title": "DefaultResourceSpec" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.KernelGatewayAppSettings": { + "additionalProperties": false, + "properties": { + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", + "title": "CustomImages", + "type": "array" }, - "Metadata": { - "type": "object" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", + "title": "DefaultResourceSpec" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Template": { - "$ref": "#/definitions/AWS::SES::Template.Template", - "markdownDescription": "The content of the email, composed of a subject line and either an HTML part or a text-only part.", - "title": "Template" - } + "LifecycleConfigArns": { + "items": { + "type": "string" }, - "type": "object" + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.RSessionAppSettings": { + "additionalProperties": false, + "properties": { + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a RSession app.", + "title": "CustomImages", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SES::Template" - ], + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "DefaultResourceSpec" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.RStudioServerProAppSettings": { + "additionalProperties": false, + "properties": { + "AccessStatus": { + "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", + "title": "AccessStatus", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "UserGroup": { + "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", + "title": "UserGroup", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::SES::Template.Template": { + "AWS::SageMaker::Domain.RStudioServerProDomainSettings": { "additionalProperties": false, "properties": { - "HtmlPart": { - "markdownDescription": "The HTML body of the email.", - "title": "HtmlPart", - "type": "string" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", + "markdownDescription": "A collection that defines the default `InstanceType` , `SageMakerImageArn` , and `SageMakerImageVersionArn` for the Domain.", + "title": "DefaultResourceSpec" }, - "SubjectPart": { - "markdownDescription": "The subject line of the email.", - "title": "SubjectPart", + "DomainExecutionRoleArn": { + "markdownDescription": "The ARN of the execution role for the `RStudioServerPro` Domain-level app.", + "title": "DomainExecutionRoleArn", "type": "string" }, - "TemplateName": { - "markdownDescription": "The name of the template. You will refer to this name when you send email using the `SendEmail` or `SendBulkEmail` operations.", - "title": "TemplateName", + "RStudioConnectUrl": { + "markdownDescription": "A URL pointing to an RStudio Connect server.", + "title": "RStudioConnectUrl", "type": "string" }, - "TextPart": { - "markdownDescription": "The email body that is visible to recipients whose email clients do not display HTML content.", - "title": "TextPart", + "RStudioPackageManagerUrl": { + "markdownDescription": "A URL pointing to an RStudio Package Manager server.", + "title": "RStudioPackageManagerUrl", "type": "string" } }, "required": [ - "SubjectPart" + "DomainExecutionRoleArn" ], "type": "object" }, - "AWS::SES::VdmAttributes": { + "AWS::SageMaker::Domain.ResourceSpec": { "additionalProperties": false, "properties": { - "Condition": { + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" }, - "Metadata": { - "type": "object" + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.S3FileSystemConfig": { + "additionalProperties": false, + "properties": { + "MountPath": { + "markdownDescription": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "title": "MountPath", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DashboardAttributes": { - "$ref": "#/definitions/AWS::SES::VdmAttributes.DashboardAttributes", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", - "title": "DashboardAttributes" - }, - "GuardianAttributes": { - "$ref": "#/definitions/AWS::SES::VdmAttributes.GuardianAttributes", - "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", - "title": "GuardianAttributes" - } - }, - "type": "object" + "S3Uri": { + "markdownDescription": "The Amazon S3 URI of the S3 file system configuration.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Domain.SharingSettings": { + "additionalProperties": false, + "properties": { + "NotebookOutputOption": { + "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", + "title": "NotebookOutputOption", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SES::VdmAttributes" - ], + "S3KmsKeyId": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", + "title": "S3KmsKeyId", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3OutputPath": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", + "title": "S3OutputPath", "type": "string" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::SES::VdmAttributes.DashboardAttributes": { + "AWS::SageMaker::Domain.StudioWebPortalSettings": { "additionalProperties": false, "properties": { - "EngagementMetrics": { - "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for your account.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for your account.", - "title": "EngagementMetrics", - "type": "string" + "HiddenAppTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The [Applications supported in Studio](https://docs.aws.amazon.com/sagemaker/latest/dg/studio-updated-apps.html) that are hidden from the Studio left navigation pane.", + "title": "HiddenAppTypes", + "type": "array" + }, + "HiddenInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The instance types you are hiding from the Studio user interface.", + "title": "HiddenInstanceTypes", + "type": "array" + }, + "HiddenMlTools": { + "items": { + "type": "string" + }, + "markdownDescription": "The machine learning tools that are hidden from the Studio left navigation pane.", + "title": "HiddenMlTools", + "type": "array" + }, + "HiddenSageMakerImageVersionAliases": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.HiddenSageMakerImage" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "HiddenSageMakerImageVersionAliases", + "type": "array" } }, "type": "object" }, - "AWS::SES::VdmAttributes.GuardianAttributes": { + "AWS::SageMaker::Domain.UnifiedStudioSettings": { "additionalProperties": false, "properties": { - "OptimizedSharedDelivery": { - "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for your account.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for your account.", - "title": "OptimizedSharedDelivery", + "DomainAccountId": { + "markdownDescription": "The ID of the AWS account that has the Amazon SageMaker Unified Studio domain. The default value, if you don't specify an ID, is the ID of the account that has the Amazon SageMaker AI domain.", + "title": "DomainAccountId", + "type": "string" + }, + "DomainId": { + "markdownDescription": "The ID of the Amazon SageMaker Unified Studio domain associated with this domain.", + "title": "DomainId", + "type": "string" + }, + "DomainRegion": { + "markdownDescription": "The AWS Region where the domain is located in Amazon SageMaker Unified Studio. The default value, if you don't specify a Region, is the Region where the Amazon SageMaker AI domain is located.", + "title": "DomainRegion", + "type": "string" + }, + "EnvironmentId": { + "markdownDescription": "The ID of the environment that Amazon SageMaker Unified Studio associates with the domain.", + "title": "EnvironmentId", + "type": "string" + }, + "ProjectId": { + "markdownDescription": "The ID of the Amazon SageMaker Unified Studio project that corresponds to the domain.", + "title": "ProjectId", + "type": "string" + }, + "ProjectS3Path": { + "markdownDescription": "The location where Amazon S3 stores temporary execution data and other artifacts for the project that corresponds to the domain.", + "title": "ProjectS3Path", + "type": "string" + }, + "SingleSignOnApplicationArn": { + "markdownDescription": "The ARN of the application managed by SageMaker AI and SageMaker Unified Studio in the AWS IAM Identity Center.", + "title": "SingleSignOnApplicationArn", + "type": "string" + }, + "StudioWebPortalAccess": { + "markdownDescription": "Sets whether you can access the domain in Amazon SageMaker Studio:\n\n- **ENABLED** - You can access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it in both studio interfaces.\n- **DISABLED** - You can't access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it only in that studio interface.\n\nTo migrate a domain to Amazon SageMaker Unified Studio, you specify the UnifiedStudioSettings data type when you use the UpdateDomain action.", + "title": "StudioWebPortalAccess", "type": "string" } }, "type": "object" }, - "AWS::SNS::Subscription": { + "AWS::SageMaker::Domain.UserSettings": { "additionalProperties": false, "properties": { - "Condition": { + "AutoMountHomeEFS": { + "markdownDescription": "Indicates whether auto-mounting of an EFS volume is supported for the user profile. The `DefaultAsDomain` value is only supported for user profiles. Do not use the `DefaultAsDomain` value when setting this parameter for a domain.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "AutoMountHomeEFS", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CodeEditorAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CodeEditorAppSettings", + "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CodeEditorAppSettings" + }, + "CustomFileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" + }, + "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomFileSystemConfigs", + "type": "array" + }, + "CustomPosixUserConfig": { + "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", + "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomPosixUserConfig" + }, + "DefaultLandingUri": { + "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", + "title": "DefaultLandingUri", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ExecutionRole": { + "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "ExecutionRole", + "type": "string" }, - "Metadata": { - "type": "object" + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", + "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "JupyterLabAppSettings" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeliveryPolicy": { - "markdownDescription": "The delivery policy JSON assigned to the subscription. Enables the subscriber to define the message delivery retry strategy in the case of an HTTP/S endpoint subscribed to the topic. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message delivery retries](https://docs.aws.amazon.com/sns/latest/dg/sns-message-delivery-retries.html) in the *Amazon SNS Developer Guide* .", - "title": "DeliveryPolicy", - "type": "object" - }, - "Endpoint": { - "markdownDescription": "The subscription's endpoint. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Endpoint", - "type": "string" - }, - "FilterPolicy": { - "markdownDescription": "The filter policy JSON assigned to the subscription. Enables the subscriber to filter out unwanted messages. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message filtering](https://docs.aws.amazon.com/sns/latest/dg/sns-message-filtering.html) in the *Amazon SNS Developer Guide* .", - "title": "FilterPolicy", - "type": "object" - }, - "FilterPolicyScope": { - "markdownDescription": "This attribute lets you choose the filtering scope by using one of the following string value types:\n\n- `MessageAttributes` (default) - The filter is applied on the message attributes.\n- `MessageBody` - The filter is applied on the message body.\n\n> `Null` is not a valid value for `FilterPolicyScope` . To delete a filter policy, delete the `FilterPolicy` property but keep `FilterPolicyScope` property as is.", - "title": "FilterPolicyScope", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Protocol", - "type": "string" - }, - "RawMessageDelivery": { - "markdownDescription": "When set to `true` , enables raw message delivery. Raw messages don't contain any JSON formatting and can be sent to Amazon SQS and HTTP/S endpoints. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* .", - "title": "RawMessageDelivery", - "type": "boolean" - }, - "RedrivePolicy": { - "markdownDescription": "When specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue. Messages that can't be delivered due to client errors (for example, when the subscribed endpoint is unreachable) or server errors (for example, when the service that powers the subscribed endpoint becomes unavailable) are held in the dead-letter queue for further analysis or reprocessing.\n\nFor more information about the redrive policy and dead-letter queues, see [Amazon SQS dead-letter queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html) in the *Amazon SQS Developer Guide* .", - "title": "RedrivePolicy", - "type": "object" - }, - "Region": { - "markdownDescription": "For cross-region subscriptions, the region in which the topic resides.\n\nIf no region is specified, AWS CloudFormation uses the region of the caller as the default.\n\nIf you perform an update operation that only updates the `Region` property of a `AWS::SNS::Subscription` resource, that operation will fail unless you are either:\n\n- Updating the `Region` from `NULL` to the caller region.\n- Updating the `Region` from the caller region to `NULL` .", - "title": "Region", - "type": "string" - }, - "ReplayPolicy": { - "markdownDescription": "Specifies whether Amazon SNS resends the notification to the subscription when a message's attribute changes.", - "title": "ReplayPolicy", - "type": "object" - }, - "SubscriptionRoleArn": { - "markdownDescription": "This property applies only to Amazon Data Firehose delivery stream subscriptions. Specify the ARN of the IAM role that has the following:\n\n- Permission to write to the Amazon Data Firehose delivery stream\n- Amazon SNS listed as a trusted entity\n\nSpecifying a valid ARN for this attribute is required for Firehose delivery stream subscriptions. For more information, see [Fanout to Amazon Data Firehose delivery streams](https://docs.aws.amazon.com/sns/latest/dg/sns-firehose-as-subscriber.html) in the *Amazon SNS Developer Guide.*", - "title": "SubscriptionRoleArn", - "type": "string" - }, - "TopicArn": { - "markdownDescription": "The ARN of the topic to subscribe to.", - "title": "TopicArn", - "type": "string" - } + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", + "markdownDescription": "The Jupyter server's app settings.", + "title": "JupyterServerAppSettings" + }, + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", + "markdownDescription": "The kernel gateway app settings.", + "title": "KernelGatewayAppSettings" + }, + "RSessionAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.RSessionAppSettings", + "markdownDescription": "A collection of settings that configure the `RSessionGateway` app.", + "title": "RSessionAppSettings" + }, + "RStudioServerProAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProAppSettings", + "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", + "title": "RStudioServerProAppSettings" + }, + "SecurityGroups": { + "items": { + "type": "string" }, - "required": [ - "Protocol", - "TopicArn" - ], - "type": "object" + "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SecurityGroups", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SNS::Subscription" - ], + "SharingSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.SharingSettings", + "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", + "title": "SharingSettings" + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", + "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SpaceStorageSettings" + }, + "StudioWebPortal": { + "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", + "title": "StudioWebPortal", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "StudioWebPortalSettings": { + "$ref": "#/definitions/AWS::SageMaker::Domain.StudioWebPortalSettings", + "markdownDescription": "Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level.", + "title": "StudioWebPortalSettings" } }, "required": [ - "Type", - "Properties" + "ExecutionRole" ], "type": "object" }, - "AWS::SNS::Topic": { + "AWS::SageMaker::Endpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -240189,81 +292632,56 @@ "Properties": { "additionalProperties": false, "properties": { - "ArchivePolicy": { - "markdownDescription": "The `ArchivePolicy` determines the number of days Amazon SNS retains messages in FIFO topics. You can set a retention period ranging from 1 to 365 days. This property is only applicable to FIFO topics; attempting to use it with standard topics will result in a creation failure.", - "title": "ArchivePolicy", - "type": "object" + "DeploymentConfig": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.DeploymentConfig", + "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", + "title": "DeploymentConfig" }, - "ContentBasedDeduplication": { - "markdownDescription": "`ContentBasedDeduplication` enables deduplication of messages based on their content for FIFO topics. By default, this property is set to false. If you create a FIFO topic with `ContentBasedDeduplication` set to false, you must provide a `MessageDeduplicationId` for each `Publish` action. When set to true, Amazon SNS automatically generates a `MessageDeduplicationId` using a SHA-256 hash of the message body (excluding message attributes). You can optionally override this generated value by specifying a `MessageDeduplicationId` in the `Publish` action. Note that this property only applies to FIFO topics; using it with standard topics will cause the creation to fail.", - "title": "ContentBasedDeduplication", - "type": "boolean" + "EndpointConfigName": { + "markdownDescription": "The name of the [AWS::SageMaker::EndpointConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html) resource that specifies the configuration for the endpoint. For more information, see [CreateEndpointConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html) .", + "title": "EndpointConfigName", + "type": "string" }, - "DataProtectionPolicy": { - "markdownDescription": "The body of the policy document you want to use for this topic.\n\nYou can only add one policy per topic.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 30,720.", - "title": "DataProtectionPolicy", - "type": "object" + "EndpointName": { + "markdownDescription": "The name of the endpoint. The name must be unique within an AWS Region in your AWS account. The name is case-insensitive in `CreateEndpoint` , but the case is preserved and must be matched in [](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html) .", + "title": "EndpointName", + "type": "string" }, - "DeliveryStatusLogging": { + "ExcludeRetainedVariantProperties": { "items": { - "$ref": "#/definitions/AWS::SNS::Topic.LoggingConfig" + "$ref": "#/definitions/AWS::SageMaker::Endpoint.VariantProperty" }, - "markdownDescription": "The `DeliveryStatusLogging` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:\n\n- HTTP\n- Amazon Kinesis Data Firehose\n- AWS Lambda\n- Platform application endpoint\n- Amazon Simple Queue Service\n\nOnce configured, log entries are sent to Amazon CloudWatch Logs.", - "title": "DeliveryStatusLogging", + "markdownDescription": "When you are updating endpoint resources with [RetainAllVariantProperties](https://docs.aws.amazon.com/sagemaker/latest/dg/API_UpdateEndpoint.html#SageMaker-UpdateEndpoint-request-RetainAllVariantProperties) whose value is set to `true` , `ExcludeRetainedVariantProperties` specifies the list of type [VariantProperty](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-endpoint-variantproperty.html) to override with the values provided by `EndpointConfig` . If you don't specify a value for `ExcludeAllVariantProperties` , no variant properties are overridden. Don't use this property when creating new endpoint resources or when `RetainAllVariantProperties` is set to `false` .", + "title": "ExcludeRetainedVariantProperties", "type": "array" }, - "DisplayName": { - "markdownDescription": "The display name to use for an Amazon SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs.", - "title": "DisplayName", - "type": "string" - }, - "FifoTopic": { - "markdownDescription": "Set to true to create a FIFO topic.", - "title": "FifoTopic", + "RetainAllVariantProperties": { + "markdownDescription": "When updating endpoint resources, enables or disables the retention of variant properties, such as the instance count or the variant weight. To retain the variant properties of an endpoint when updating it, set `RetainAllVariantProperties` to `true` . To use the variant properties specified in a new `EndpointConfig` call when updating an endpoint, set `RetainAllVariantProperties` to `false` . Use this property only when updating endpoint resources, not when creating new endpoint resources.", + "title": "RetainAllVariantProperties", "type": "boolean" }, - "KmsMasterKeyId": { - "markdownDescription": "The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms) . For more examples, see `[KeyId](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)` in the *AWS Key Management Service API Reference* .\n\nThis property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html) .", - "title": "KmsMasterKeyId", - "type": "string" - }, - "SignatureVersion": { - "markdownDescription": "The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, `SignatureVersion` is set to `1` .", - "title": "SignatureVersion", - "type": "string" - }, - "Subscription": { - "items": { - "$ref": "#/definitions/AWS::SNS::Topic.Subscription" - }, - "markdownDescription": "The Amazon SNS subscriptions (endpoints) for this topic.\n\n> If you specify the `Subscription` property in the `AWS::SNS::Topic` resource and it creates an associated subscription resource, the associated subscription is not deleted when the `AWS::SNS::Topic` resource is deleted.", - "title": "Subscription", - "type": "array" + "RetainDeploymentConfig": { + "markdownDescription": "Specifies whether to reuse the last deployment configuration. The default value is false (the configuration is not reused).", + "title": "RetainDeploymentConfig", + "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags to add to a new topic.\n\n> To be able to tag a topic on creation, you must have the `sns:CreateTopic` and `sns:TagResource` permissions.", + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", "title": "Tags", "type": "array" - }, - "TopicName": { - "markdownDescription": "The name of the topic you want to create. Topic names must include only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. FIFO topic names must end with `.fifo` .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the topic name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "TopicName", - "type": "string" - }, - "TracingConfig": { - "markdownDescription": "Tracing mode of an Amazon SNS topic. By default `TracingConfig` is set to `PassThrough` , and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to `Active` , Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true.", - "title": "TracingConfig", - "type": "string" } }, + "required": [ + "EndpointConfigName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SNS::Topic" + "AWS::SageMaker::Endpoint" ], "type": "string" }, @@ -240277,209 +292695,178 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SNS::Topic.LoggingConfig": { + "AWS::SageMaker::Endpoint.Alarm": { "additionalProperties": false, "properties": { - "FailureFeedbackRoleArn": { - "markdownDescription": "The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch.", - "title": "FailureFeedbackRoleArn", - "type": "string" - }, - "Protocol": { - "markdownDescription": "Indicates one of the supported protocols for the Amazon SNS topic.\n\n> At least one of the other three `LoggingConfig` properties is recommend along with `Protocol` .", - "title": "Protocol", - "type": "string" - }, - "SuccessFeedbackRoleArn": { - "markdownDescription": "The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch.", - "title": "SuccessFeedbackRoleArn", - "type": "string" - }, - "SuccessFeedbackSampleRate": { - "markdownDescription": "The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100.", - "title": "SuccessFeedbackSampleRate", + "AlarmName": { + "markdownDescription": "The name of a CloudWatch alarm in your account.", + "title": "AlarmName", "type": "string" } }, "required": [ - "Protocol" + "AlarmName" ], "type": "object" }, - "AWS::SNS::Topic.Subscription": { + "AWS::SageMaker::Endpoint.AutoRollbackConfig": { "additionalProperties": false, "properties": { - "Endpoint": { - "markdownDescription": "The endpoint that receives notifications from the Amazon SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Endpoint", - "type": "string" - }, - "Protocol": { - "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", - "title": "Protocol", - "type": "string" + "Alarms": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.Alarm" + }, + "markdownDescription": "List of CloudWatch alarms in your account that are configured to monitor metrics on an endpoint. If any alarms are tripped during a deployment, SageMaker rolls back the deployment.", + "title": "Alarms", + "type": "array" } }, "required": [ - "Endpoint", - "Protocol" + "Alarms" ], "type": "object" }, - "AWS::SNS::TopicInlinePolicy": { + "AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "MaximumExecutionTimeoutInSeconds": { + "markdownDescription": "Maximum execution timeout for the deployment. Note that the timeout value should be larger than the total waiting time specified in `TerminationWaitInSeconds` and `WaitIntervalInSeconds` .", + "title": "MaximumExecutionTimeoutInSeconds", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains permissions to add to the specified Amazon SNS topic.", - "title": "PolicyDocument", - "type": "object" - }, - "TopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the topic to which you want to add the policy.", - "title": "TopicArn", - "type": "string" - } - }, - "required": [ - "PolicyDocument", - "TopicArn" - ], - "type": "object" + "TerminationWaitInSeconds": { + "markdownDescription": "Additional waiting time in seconds after the completion of an endpoint deployment before terminating the old endpoint fleet. Default is 0.", + "title": "TerminationWaitInSeconds", + "type": "number" }, + "TrafficRoutingConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.TrafficRoutingConfig", + "markdownDescription": "Defines the traffic routing strategy to shift traffic from the old fleet to the new fleet during an endpoint deployment.", + "title": "TrafficRoutingConfiguration" + } + }, + "required": [ + "TrafficRoutingConfiguration" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.CapacitySize": { + "additionalProperties": false, + "properties": { "Type": { - "enum": [ - "AWS::SNS::TopicInlinePolicy" - ], + "markdownDescription": "Specifies the endpoint capacity type.\n\n- `INSTANCE_COUNT` : The endpoint activates based on the number of instances.\n- `CAPACITY_PERCENT` : The endpoint activates based on the specified percentage of capacity.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Value": { + "markdownDescription": "Defines the capacity size, either as a number of instances or a capacity percentage.", + "title": "Value", + "type": "number" } }, "required": [ "Type", - "Properties" + "Value" ], "type": "object" }, - "AWS::SNS::TopicPolicy": { + "AWS::SageMaker::Endpoint.DeploymentConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.AutoRollbackConfig", + "markdownDescription": "Automatic rollback configuration for handling endpoint deployment failures and recovery.", + "title": "AutoRollbackConfiguration" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BlueGreenUpdatePolicy": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy", + "markdownDescription": "Update policy for a blue/green deployment. If this update policy is specified, SageMaker creates a new fleet during the deployment while maintaining the old fleet. SageMaker flips traffic to the new fleet according to the specified traffic routing configuration. Only one update policy should be used in the deployment configuration. If no update policy is specified, SageMaker uses a blue/green deployment strategy with all at once traffic shifting by default.", + "title": "BlueGreenUpdatePolicy" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "RollingUpdatePolicy": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.RollingUpdatePolicy", + "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker endpoint.", + "title": "RollingUpdatePolicy" + } + }, + "type": "object" + }, + "AWS::SageMaker::Endpoint.RollingUpdatePolicy": { + "additionalProperties": false, + "properties": { + "MaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for each rolling step to provision capacity and turn on traffic on the new endpoint fleet, and terminate capacity on the old endpoint fleet. Value must be between 5% to 50% of the variant's total instance count.", + "title": "MaximumBatchSize" }, - "Metadata": { - "type": "object" + "MaximumExecutionTimeoutInSeconds": { + "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", + "title": "MaximumExecutionTimeoutInSeconds", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains permissions to add to the specified SNS topics.", - "title": "PolicyDocument", - "type": "object" - }, - "Topics": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SNS::Topic](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-topic.html)` resource.", - "title": "Topics", - "type": "array" - } - }, - "required": [ - "PolicyDocument", - "Topics" - ], - "type": "object" + "RollbackMaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for rollback to the old endpoint fleet. Each rolling step to provision capacity and turn on traffic on the old endpoint fleet, and terminate capacity on the new endpoint fleet. If this field is absent, the default value will be set to 100% of total capacity which means to bring up the whole capacity of the old fleet at once during rollback.", + "title": "RollbackMaximumBatchSize" + }, + "WaitIntervalInSeconds": { + "markdownDescription": "The length of the baking period, during which SageMaker monitors alarms for each batch on the new fleet.", + "title": "WaitIntervalInSeconds", + "type": "number" + } + }, + "required": [ + "MaximumBatchSize", + "WaitIntervalInSeconds" + ], + "type": "object" + }, + "AWS::SageMaker::Endpoint.TrafficRoutingConfig": { + "additionalProperties": false, + "properties": { + "CanarySize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for the first step to turn on traffic on the new endpoint fleet. `Value` must be less than or equal to 50% of the variant's total instance count.", + "title": "CanarySize" + }, + "LinearStepSize": { + "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", + "markdownDescription": "Batch size for each step to turn on traffic on the new endpoint fleet. `Value` must be 10-50% of the variant's total instance count.", + "title": "LinearStepSize" }, "Type": { - "enum": [ - "AWS::SNS::TopicPolicy" - ], + "markdownDescription": "Traffic routing strategy type.\n\n- `ALL_AT_ONCE` : Endpoint traffic shifts to the new fleet in a single step.\n- `CANARY` : Endpoint traffic shifts to the new fleet in two steps. The first step is the canary, which is a small portion of the traffic. The second step is the remainder of the traffic.\n- `LINEAR` : Endpoint traffic shifts to the new fleet in n steps of a configurable size.", + "title": "Type", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "WaitIntervalInSeconds": { + "markdownDescription": "The waiting time (in seconds) between incremental steps to turn on traffic on the new endpoint fleet.", + "title": "WaitIntervalInSeconds", + "type": "number" } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SQS::Queue": { + "AWS::SageMaker::Endpoint.VariantProperty": { + "additionalProperties": false, + "properties": { + "VariantPropertyType": { + "markdownDescription": "The type of variant property. The supported values are:\n\n- `DesiredInstanceCount` : Overrides the existing variant instance counts using the [InitialInstanceCount](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialInstanceCount) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DesiredWeight` : Overrides the existing variant weights using the [InitialVariantWeight](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialVariantWeight) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DataCaptureConfig` : (Not currently supported.)", + "title": "VariantPropertyType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -240514,95 +292901,73 @@ "Properties": { "additionalProperties": false, "properties": { - "ContentBasedDeduplication": { - "markdownDescription": "For first-in-first-out (FIFO) queues, specifies whether to enable content-based deduplication. During the deduplication interval, Amazon SQS treats messages that are sent with identical content as duplicates and delivers only one copy of the message. For more information, see the `ContentBasedDeduplication` attribute for the `[CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html)` action in the *Amazon SQS API Reference* .", - "title": "ContentBasedDeduplication", - "type": "boolean" - }, - "DeduplicationScope": { - "markdownDescription": "For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. Valid values are `messageGroup` and `queue` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `messageGroup` *and* set the `FifoThroughputLimit` attribute to `perMessageGroupId` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", - "title": "DeduplicationScope", - "type": "string" + "AsyncInferenceConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceConfig", + "markdownDescription": "Specifies configuration for how an endpoint performs asynchronous inference.", + "title": "AsyncInferenceConfig" }, - "DelaySeconds": { - "markdownDescription": "The time in seconds for which the delivery of all messages in the queue is delayed. You can specify an integer value of `0` to `900` (15 minutes). The default value is `0` .", - "title": "DelaySeconds", - "type": "number" + "DataCaptureConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.DataCaptureConfig", + "markdownDescription": "Specifies how to capture endpoint data for model monitor. The data capture configuration applies to all production variants hosted at the endpoint.", + "title": "DataCaptureConfig" }, - "FifoQueue": { - "markdownDescription": "If set to true, creates a FIFO queue. If you don't specify this property, Amazon SQS creates a standard queue. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .", - "title": "FifoQueue", + "EnableNetworkIsolation": { "type": "boolean" }, - "FifoThroughputLimit": { - "markdownDescription": "For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are `perQueue` and `perMessageGroupId` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `perMessageGroupId` *and* set the `DeduplicationScope` attribute to `messageGroup` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", - "title": "FifoThroughputLimit", + "EndpointConfigName": { + "markdownDescription": "The name of the endpoint configuration.", + "title": "EndpointConfigName", "type": "string" }, - "KmsDataKeyReusePeriodSeconds": { - "markdownDescription": "The length of time in seconds for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).\n\n> A shorter time period provides better security, but results in more calls to AWS KMS , which might incur charges after Free Tier. For more information, see [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-how-does-the-data-key-reuse-period-work) in the *Amazon SQS Developer Guide* .", - "title": "KmsDataKeyReusePeriodSeconds", - "type": "number" - }, - "KmsMasterKeyId": { - "markdownDescription": "The ID of an AWS Key Management Service (KMS) for Amazon SQS , or a custom KMS. To use the AWS managed KMS for Amazon SQS , specify a (default) alias ARN, alias name (for example `alias/aws/sqs` ), key ARN, or key ID. For more information, see the following:\n\n- [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Amazon SQS Developer Guide*\n- [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *Amazon SQS API Reference*\n- [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *AWS Key Management Service API Reference*\n- The Key Management Service (KMS) section of the [Security best practices for AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) in the *AWS Key Management Service Developer Guide*", - "title": "KmsMasterKeyId", + "ExecutionRoleArn": { "type": "string" }, - "MaximumMessageSize": { - "markdownDescription": "The limit of how many bytes that a message can contain before Amazon SQS rejects it. You can specify an integer value from `1,024` bytes (1 KiB) to `262,144` bytes (256 KiB). The default value is `262,144` (256 KiB).", - "title": "MaximumMessageSize", - "type": "number" - }, - "MessageRetentionPeriod": { - "markdownDescription": "The number of seconds that Amazon SQS retains a message. You can specify an integer value from `60` seconds (1 minute) to `1,209,600` seconds (14 days). The default value is `345,600` seconds (4 days).", - "title": "MessageRetentionPeriod", - "type": "number" + "ExplainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ExplainerConfig", + "markdownDescription": "A parameter to activate explainers.", + "title": "ExplainerConfig" }, - "QueueName": { - "markdownDescription": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the `.fifo` suffix. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Amazon SQS Developer Guide* .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *AWS CloudFormation User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "QueueName", + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nThe KMS key policy must grant permission to the IAM role that you specify in your `CreateEndpoint` , `UpdateEndpoint` requests. For more information, refer to the AWS Key Management Service section [Using Key Policies in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/key-policies.html)\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `KmsKeyId` when using an instance type with local storage. If any of the models that you specify in the `ProductionVariants` parameter use nitro-based instances with local storage, do not specify a value for the `KmsKeyId` parameter. If you specify a value for `KmsKeyId` when using any nitro-based instances with local storage, the call to `CreateEndpointConfig` fails.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) .", + "title": "KmsKeyId", "type": "string" }, - "ReceiveMessageWaitTimeSeconds": { - "markdownDescription": "Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, rather than returning an empty response if a message isn't yet available. You can specify an integer from 1 to 20. Short polling is used as the default or when you specify 0 for this property. For more information, see [Consuming messages using long polling](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-short-and-long-polling.html#sqs-long-polling) in the *Amazon SQS Developer Guide* .", - "title": "ReceiveMessageWaitTimeSeconds", - "type": "number" - }, - "RedriveAllowPolicy": { - "markdownDescription": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n\n- `redrivePermission` : The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n\n- `allowAll` : (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n- `denyAll` : No source queues can specify this queue as the dead-letter queue.\n- `byQueue` : Only queues specified by the `sourceQueueArns` parameter can specify this queue as the dead-letter queue.\n- `sourceQueueArns` : The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the `redrivePermission` parameter is set to `byQueue` . You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the `redrivePermission` parameter to `allowAll` .", - "title": "RedriveAllowPolicy", - "type": "object" - }, - "RedrivePolicy": { - "markdownDescription": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n\n- `deadLetterTargetArn` : The Amazon Resource Name (ARN) of the dead-letter queue to which Amazon SQS moves messages after the value of `maxReceiveCount` is exceeded.\n- `maxReceiveCount` : The number of times a message is received by a consumer of the source queue before being moved to the dead-letter queue. When the `ReceiveCount` for a message exceeds the `maxReceiveCount` for a queue, Amazon SQS moves the message to the dead-letter-queue.\n\n> The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue. \n\n*JSON*\n\n`{ \"deadLetterTargetArn\" : *String* , \"maxReceiveCount\" : *Integer* }`\n\n*YAML*\n\n`deadLetterTargetArn : *String*`\n\n`maxReceiveCount : *Integer*`", - "title": "RedrivePolicy", - "type": "object" + "ProductionVariants": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" + }, + "markdownDescription": "A list of `ProductionVariant` objects, one for each model that you want to host at this endpoint.", + "title": "ProductionVariants", + "type": "array" }, - "SqsManagedSseEnabled": { - "markdownDescription": "Enables server-side queue encryption using SQS owned encryption keys. Only one server-side encryption option is supported per queue (for example, [SSE-KMS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sse-existing-queue.html) or [SSE-SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sqs-sse-queue.html) ). When `SqsManagedSseEnabled` is not defined, `SSE-SQS` encryption is enabled by default.", - "title": "SqsManagedSseEnabled", - "type": "boolean" + "ShadowProductionVariants": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" + }, + "markdownDescription": "Array of `ProductionVariant` objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on `ProductionVariants` . If you use this field, you can only specify one variant for `ProductionVariants` and one variant for `ShadowProductionVariants` .", + "title": "ShadowProductionVariants", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags that you attach to this queue. For more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .", + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .", "title": "Tags", "type": "array" }, - "VisibilityTimeout": { - "markdownDescription": "The length of time during which a message will be unavailable after a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue.\n\nValues must be from 0 to 43,200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.\n\nFor more information about Amazon SQS queue visibility timeouts, see [Visibility timeout](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html) in the *Amazon SQS Developer Guide* .", - "title": "VisibilityTimeout", - "type": "number" + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.VpcConfig" } }, + "required": [ + "ProductionVariants" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SQS::Queue" + "AWS::SageMaker::EndpointConfig" ], "type": "string" }, @@ -240616,160 +292981,501 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SQS::QueueInlinePolicy": { + "AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig": { "additionalProperties": false, "properties": { - "Condition": { + "MaxConcurrentInvocationsPerInstance": { + "markdownDescription": "The maximum number of concurrent requests sent by the SageMaker client to the model container. If no value is provided, SageMaker will choose an optimal value for you.", + "title": "MaxConcurrentInvocationsPerInstance", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.AsyncInferenceConfig": { + "additionalProperties": false, + "properties": { + "ClientConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig", + "markdownDescription": "Configures the behavior of the client used by SageMaker to interact with the model container during asynchronous inference.", + "title": "ClientConfig" + }, + "OutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig", + "markdownDescription": "Specifies the configuration for asynchronous inference invocation outputs.", + "title": "OutputConfig" + } + }, + "required": [ + "OutputConfig" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig": { + "additionalProperties": false, + "properties": { + "ErrorTopic": { + "markdownDescription": "Amazon SNS topic to post a notification to when an inference fails. If no topic is provided, no notification is sent on failure.", + "title": "ErrorTopic", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "IncludeInferenceResponseIn": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon SNS topics where you want the inference response to be included.\n\n> The inference response is included only if the response size is less than or equal to 128 KB.", + "title": "IncludeInferenceResponseIn", + "type": "array" + }, + "SuccessTopic": { + "markdownDescription": "Amazon SNS topic to post a notification to when an inference completes successfully. If no topic is provided, no notification is sent on success.", + "title": "SuccessTopic", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the asynchronous inference output in Amazon S3.", + "title": "KmsKeyId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "NotificationConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig", + "markdownDescription": "Specifies the configuration for notifications of inference results for asynchronous inference.", + "title": "NotificationConfig" }, - "Metadata": { - "type": "object" + "S3FailurePath": { + "markdownDescription": "The Amazon S3 location to upload failure inference responses to.", + "title": "S3FailurePath", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", - "title": "PolicyDocument", - "type": "object" - }, - "Queue": { - "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html)` resource.", - "title": "Queue", - "type": "string" - } + "S3OutputPath": { + "markdownDescription": "The Amazon S3 location to upload inference responses to.", + "title": "S3OutputPath", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader": { + "additionalProperties": false, + "properties": { + "CsvContentTypes": { + "items": { + "type": "string" }, - "required": [ - "PolicyDocument", - "Queue" - ], - "type": "object" + "markdownDescription": "A list of the CSV content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", + "title": "CsvContentTypes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SQS::QueueInlinePolicy" - ], + "JsonContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the JSON content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", + "title": "JsonContentTypes", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.CaptureOption": { + "additionalProperties": false, + "properties": { + "CaptureMode": { + "markdownDescription": "Specifies whether the endpoint captures input data or output data.", + "title": "CaptureMode", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "CaptureMode" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig": { + "additionalProperties": false, + "properties": { + "EnableExplanations": { + "markdownDescription": "A JMESPath boolean expression used to filter which records to explain. Explanations are activated by default. See [`EnableExplanations`](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-enable) for additional information.", + "title": "EnableExplanations", "type": "string" + }, + "InferenceConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig", + "markdownDescription": "The inference configuration parameter for the model container.", + "title": "InferenceConfig" + }, + "ShapConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapConfig", + "markdownDescription": "The configuration for SHAP analysis.", + "title": "ShapConfig" } }, "required": [ - "Type", - "Properties" + "ShapConfig" ], "type": "object" }, - "AWS::SQS::QueuePolicy": { + "AWS::SageMaker::EndpointConfig.ClarifyFeatureType": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyHeader": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig": { "additionalProperties": false, "properties": { - "Condition": { + "ContentTemplate": { + "markdownDescription": "A template string used to format a JSON record into an acceptable model container input. For example, a `ContentTemplate` string `'{\"myfeatures\":$features}'` will format a list of features `[1,2,3]` into the record string `'{\"myfeatures\":[1,2,3]}'` . Required only when the model container input is in JSON Lines format.", + "title": "ContentTemplate", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FeatureHeaders": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" + }, + "markdownDescription": "The names of the features. If provided, these are included in the endpoint response payload to help readability of the `InvokeEndpoint` output. See the [Response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", + "title": "FeatureHeaders", + "type": "array" + }, + "FeatureTypes": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyFeatureType" + }, + "markdownDescription": "A list of data types of the features (optional). Applicable only to NLP explainability. If provided, `FeatureTypes` must have at least one `'text'` string (for example, `['text']` ). If `FeatureTypes` is not provided, the explainer infers the feature types based on the baseline data. The feature types are included in the endpoint response payload. For additional information see the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", + "title": "FeatureTypes", + "type": "array" + }, + "FeaturesAttribute": { + "markdownDescription": "Provides the JMESPath expression to extract the features from a model container input in JSON Lines format. For example, if `FeaturesAttribute` is the JMESPath expression `'myfeatures'` , it extracts a list of features `[1,2,3]` from request data `'{\"myfeatures\":[1,2,3]}'` .", + "title": "FeaturesAttribute", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "LabelAttribute": { + "markdownDescription": "A JMESPath expression used to locate the list of label headers in the model container output.\n\n*Example* : If the model container output of a batch request is `'{\"labels\":[\"cat\",\"dog\",\"fish\"],\"probability\":[0.6,0.3,0.1]}'` , then set `LabelAttribute` to `'labels'` to extract the list of label headers `[\"cat\",\"dog\",\"fish\"]`", + "title": "LabelAttribute", + "type": "string" }, - "Metadata": { - "type": "object" + "LabelHeaders": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" + }, + "markdownDescription": "For multiclass classification problems, the label headers are the names of the classes. Otherwise, the label header is the name of the predicted label. These are used to help readability for the output of the `InvokeEndpoint` API. See the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information. If there are no label headers in the model container output, provide them manually using this parameter.", + "title": "LabelHeaders", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "PolicyDocument": { - "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", - "title": "PolicyDocument", - "type": "object" - }, - "Queues": { - "items": { - "type": "string" - }, - "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queue.html)` resource.", - "title": "Queues", - "type": "array" - } + "LabelIndex": { + "markdownDescription": "A zero-based index used to extract a label header or list of label headers from model container output in CSV format.\n\n*Example for a multiclass model:* If the model container output consists of label headers followed by probabilities: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `LabelIndex` to `0` to select the label headers `['cat','dog','fish']` .", + "title": "LabelIndex", + "type": "number" + }, + "MaxPayloadInMB": { + "markdownDescription": "The maximum payload size (MB) allowed of a request from the explainer to the model container. Defaults to `6` MB.", + "title": "MaxPayloadInMB", + "type": "number" + }, + "MaxRecordCount": { + "markdownDescription": "The maximum number of records in a request that the model container can process when querying the model container for the predictions of a [synthetic dataset](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-synthetic) . A record is a unit of input data that inference can be made on, for example, a single line in CSV data. If `MaxRecordCount` is `1` , the model container expects one record per request. A value of 2 or greater means that the model expects batch requests, which can reduce overhead and speed up the inferencing process. If this parameter is not provided, the explainer will tune the record count per request according to the model container's capacity at runtime.", + "title": "MaxRecordCount", + "type": "number" + }, + "ProbabilityAttribute": { + "markdownDescription": "A JMESPath expression used to extract the probability (or score) from the model container output if the model container is in JSON Lines format.\n\n*Example* : If the model container output of a single request is `'{\"predicted_label\":1,\"probability\":0.6}'` , then set `ProbabilityAttribute` to `'probability'` .", + "title": "ProbabilityAttribute", + "type": "string" + }, + "ProbabilityIndex": { + "markdownDescription": "A zero-based index used to extract a probability value (score) or list from model container output in CSV format. If this value is not provided, the entire model container output will be treated as a probability value (score) or list.\n\n*Example for a single class model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'1,0.6'` , set `ProbabilityIndex` to `1` to select the probability value `0.6` .\n\n*Example for a multiclass model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `ProbabilityIndex` to `1` to select the probability values `[0.1,0.6,0.3]` .", + "title": "ProbabilityIndex", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig": { + "additionalProperties": false, + "properties": { + "MimeType": { + "markdownDescription": "The MIME type of the baseline data. Choose from `'text/csv'` or `'application/jsonlines'` . Defaults to `'text/csv'` .", + "title": "MimeType", + "type": "string" + }, + "ShapBaseline": { + "markdownDescription": "The inline SHAP baseline data in string format. `ShapBaseline` can have one or multiple records to be used as the baseline dataset. The format of the SHAP baseline file should be the same format as the training dataset. For example, if the training dataset is in CSV format and each record contains four features, and all features are numerical, then the format of the baseline data should also share these characteristics. For natural language processing (NLP) of text columns, the baseline value should be the value used to replace the unit of text specified by the `Granularity` of the `TextConfig` parameter. The size limit for `ShapBasline` is 4 KB. Use the `ShapBaselineUri` parameter if you want to provide more than 4 KB of baseline data.", + "title": "ShapBaseline", + "type": "string" + }, + "ShapBaselineUri": { + "markdownDescription": "The uniform resource identifier (URI) of the S3 bucket where the SHAP baseline file is stored. The format of the SHAP baseline file should be the same format as the format of the training dataset. For example, if the training dataset is in CSV format, and each record in the training dataset has four features, and all features are numerical, then the baseline file should also have this same format. Each record should contain only the features. If you are using a virtual private cloud (VPC), the `ShapBaselineUri` should be accessible to the VPC. For more information about setting up endpoints with Amazon Virtual Private Cloud, see [Give SageMaker access to Resources in your Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", + "title": "ShapBaselineUri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyShapConfig": { + "additionalProperties": false, + "properties": { + "NumberOfSamples": { + "markdownDescription": "The number of samples to be used for analysis by the Kernal SHAP algorithm.\n\n> The number of samples determines the size of the synthetic dataset, which has an impact on latency of explainability requests. For more information, see the *Synthetic data* of [Configure and create an endpoint](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html) .", + "title": "NumberOfSamples", + "type": "number" + }, + "Seed": { + "markdownDescription": "The starting value used to initialize the random number generator in the explainer. Provide a value for this parameter to obtain a deterministic SHAP result.", + "title": "Seed", + "type": "number" + }, + "ShapBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig", + "markdownDescription": "The configuration for the SHAP baseline of the Kernal SHAP algorithm.", + "title": "ShapBaselineConfig" + }, + "TextConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyTextConfig", + "markdownDescription": "A parameter that indicates if text features are treated as text and explanations are provided for individual units of text. Required for natural language processing (NLP) explainability only.", + "title": "TextConfig" + }, + "UseLogit": { + "markdownDescription": "A Boolean toggle to indicate if you want to use the logit function (true) or log-odds units (false) for model predictions. Defaults to false.", + "title": "UseLogit", + "type": "boolean" + } + }, + "required": [ + "ShapBaselineConfig" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ClarifyTextConfig": { + "additionalProperties": false, + "properties": { + "Granularity": { + "markdownDescription": "The unit of granularity for the analysis of text features. For example, if the unit is `'token'` , then each token (like a word in English) of the text is treated as a feature. SHAP values are computed for each unit/feature.", + "title": "Granularity", + "type": "string" + }, + "Language": { + "markdownDescription": "Specifies the language of the text features in [ISO 639-1](https://docs.aws.amazon.com/ https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes) or [ISO 639-3](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_639-3) code of a supported language.\n\n> For a mix of multiple languages, use code `'xx'` .", + "title": "Language", + "type": "string" + } + }, + "required": [ + "Granularity", + "Language" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.DataCaptureConfig": { + "additionalProperties": false, + "properties": { + "CaptureContentTypeHeader": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader", + "markdownDescription": "A list of the JSON and CSV content type that the endpoint captures.", + "title": "CaptureContentTypeHeader" + }, + "CaptureOptions": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureOption" }, - "required": [ - "PolicyDocument", - "Queues" - ], - "type": "object" + "markdownDescription": "Specifies whether the endpoint captures input data to your model, output data from your model, or both.", + "title": "CaptureOptions", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SQS::QueuePolicy" - ], + "DestinationS3Uri": { + "markdownDescription": "The S3 bucket where model monitor stores captured data.", + "title": "DestinationS3Uri", + "type": "string" + }, + "EnableCapture": { + "markdownDescription": "Set to `True` to enable data capture.", + "title": "EnableCapture", + "type": "boolean" + }, + "InitialSamplingPercentage": { + "markdownDescription": "The percentage of data to capture.", + "title": "InitialSamplingPercentage", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the captured data at rest using Amazon S3 server-side encryption. The KmsKeyId can be any of the following formats: Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab Alias name: alias/ExampleAlias Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see KMS-Managed Encryption Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the Amazon Simple Storage Service Developer Guide. The KMS key policy must grant permission to the IAM role that you specify in your CreateModel (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see Using Key Policies in AWS KMS (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the AWS Key Management Service Developer Guide.", + "title": "KmsKeyId", + "type": "string" + } + }, + "required": [ + "CaptureOptions", + "DestinationS3Uri", + "InitialSamplingPercentage" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ExplainerConfig": { + "additionalProperties": false, + "properties": { + "ClarifyExplainerConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig", + "markdownDescription": "A member of `ExplainerConfig` that contains configuration parameters for the SageMaker Clarify explainer.", + "title": "ClarifyExplainerConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ManagedInstanceScaling": { + "additionalProperties": false, + "properties": { + "MaxInstanceCount": { + "type": "number" + }, + "MinInstanceCount": { + "type": "number" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ProductionVariant": { + "additionalProperties": false, + "properties": { + "ContainerStartupHealthCheckTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by SageMaker Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", + "title": "ContainerStartupHealthCheckTimeoutInSeconds", + "type": "number" + }, + "EnableSSMAccess": { + "markdownDescription": "You can use this parameter to turn on native AWS Systems Manager (SSM) access for a production variant behind an endpoint. By default, SSM access is disabled for all production variants behind an endpoint. You can turn on or turn off SSM access for a production variant behind an existing endpoint by creating a new endpoint configuration and calling `UpdateEndpoint` .", + "title": "EnableSSMAccess", + "type": "boolean" + }, + "InferenceAmiVersion": { + "type": "string" + }, + "InitialInstanceCount": { + "markdownDescription": "Number of instances to launch initially.", + "title": "InitialInstanceCount", + "type": "number" + }, + "InitialVariantWeight": { + "markdownDescription": "Determines initial traffic distribution among all of the models that you specify in the endpoint configuration. The traffic to a production variant is determined by the ratio of the `VariantWeight` to the sum of all `VariantWeight` values across all ProductionVariants. If unspecified, it defaults to 1.0.", + "title": "InitialVariantWeight", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type.", + "title": "InstanceType", + "type": "string" + }, + "ManagedInstanceScaling": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ManagedInstanceScaling" + }, + "ModelDataDownloadTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this production variant.", + "title": "ModelDataDownloadTimeoutInSeconds", + "type": "number" + }, + "ModelName": { + "markdownDescription": "The name of the model that you want to host. This is the name that you specified when creating the model.", + "title": "ModelName", + "type": "string" + }, + "RoutingConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.RoutingConfig" + }, + "ServerlessConfig": { + "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ServerlessConfig", + "markdownDescription": "The serverless configuration for an endpoint. Specifies a serverless endpoint configuration instead of an instance-based endpoint configuration.", + "title": "ServerlessConfig" + }, + "VariantName": { + "markdownDescription": "The name of the production variant.", + "title": "VariantName", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size, in GB, of the ML storage volume attached to individual inference instance associated with the production variant. Currently only Amazon EBS gp2 storage volumes are supported.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "VariantName" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.RoutingConfig": { + "additionalProperties": false, + "properties": { + "RoutingStrategy": { "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.ServerlessConfig": { + "additionalProperties": false, + "properties": { + "MaxConcurrency": { + "markdownDescription": "The maximum number of concurrent invocations your serverless endpoint can process.", + "title": "MaxConcurrency", + "type": "number" + }, + "MemorySizeInMB": { + "markdownDescription": "The memory size of your serverless endpoint. Valid values are in 1 GB increments: 1024 MB, 2048 MB, 3072 MB, 4096 MB, 5120 MB, or 6144 MB.", + "title": "MemorySizeInMB", + "type": "number" + }, + "ProvisionedConcurrency": { + "markdownDescription": "The amount of provisioned concurrency to allocate for the serverless endpoint. Should be less than or equal to `MaxConcurrency` .\n\n> This field is not supported for serverless endpoint recommendations for Inference Recommender jobs. For more information about creating an Inference Recommender job, see [CreateInferenceRecommendationsJobs](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html) .", + "title": "ProvisionedConcurrency", + "type": "number" + } + }, + "required": [ + "MaxConcurrency", + "MemorySizeInMB" + ], + "type": "object" + }, + "AWS::SageMaker::EndpointConfig.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "type": "array" } }, "required": [ - "Type", - "Properties" + "SecurityGroupIds", + "Subnets" ], "type": "object" }, - "AWS::SSM::Association": { + "AWS::SageMaker::FeatureGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -240804,106 +293510,74 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplyOnlyAtCronInterval": { - "markdownDescription": "By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.", - "title": "ApplyOnlyAtCronInterval", - "type": "boolean" - }, - "AssociationName": { - "markdownDescription": "Specify a descriptive name for the association.", - "title": "AssociationName", + "Description": { + "markdownDescription": "A free form description of a `FeatureGroup` .", + "title": "Description", "type": "string" }, - "AutomationTargetParameterName": { - "markdownDescription": "Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a tool in AWS Systems Manager .", - "title": "AutomationTargetParameterName", + "EventTimeFeatureName": { + "markdownDescription": "The name of the feature that stores the `EventTime` of a Record in a `FeatureGroup` .\n\nA `EventTime` is point in time when a new event occurs that corresponds to the creation or update of a `Record` in `FeatureGroup` . All `Records` in the `FeatureGroup` must have a corresponding `EventTime` .", + "title": "EventTimeFeatureName", "type": "string" }, - "CalendarNames": { + "FeatureDefinitions": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.FeatureDefinition" }, - "markdownDescription": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) in the *AWS Systems Manager User Guide* .", - "title": "CalendarNames", + "markdownDescription": "A list of `Feature` s. Each `Feature` must include a `FeatureName` and a `FeatureType` .\n\nValid `FeatureType` s are `Integral` , `Fractional` and `String` .\n\n`FeatureName` s cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nYou can create up to 2,500 `FeatureDefinition` s per `FeatureGroup` .", + "title": "FeatureDefinitions", "type": "array" }, - "ComplianceSeverity": { - "markdownDescription": "The severity level that is assigned to the association.", - "title": "ComplianceSeverity", - "type": "string" - }, - "DocumentVersion": { - "markdownDescription": "The version of the SSM document to associate with the target.\n\n> Note the following important information.\n> \n> - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the `default` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to `default` .\n> - `DocumentVersion` is not valid for documents owned by AWS , such as `AWS-RunPatchBaseline` or `AWS-UpdateSSMAgent` . If you specify `DocumentVersion` for an AWS document, the system returns the following error: \"Error occurred during operation 'CreateAssociation'.\" (RequestToken: , HandlerErrorCode: GeneralServiceException).", - "title": "DocumentVersion", - "type": "string" - }, - "InstanceId": { - "markdownDescription": "The ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.\n\n> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.", - "title": "InstanceId", - "type": "string" - }, - "MaxConcurrency": { - "markdownDescription": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` .", - "title": "MaxConcurrency", - "type": "string" - }, - "MaxErrors": { - "markdownDescription": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time.", - "title": "MaxErrors", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the SSM document that contains the configuration information for the instance. You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format:\n\n`arn:partition:ssm:region:account-id:document/document-name`\n\nFor example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`\n\nFor AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, `AWS -ApplyPatchBaseline` or `My-Document` .", - "title": "Name", + "FeatureGroupName": { + "markdownDescription": "The name of the `FeatureGroup` .", + "title": "FeatureGroupName", "type": "string" }, - "OutputLocation": { - "$ref": "#/definitions/AWS::SSM::Association.InstanceAssociationOutputLocation", - "markdownDescription": "An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.", - "title": "OutputLocation" + "OfflineStoreConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OfflineStoreConfig", + "markdownDescription": "The configuration of an `OfflineStore` .", + "title": "OfflineStoreConfig" }, - "Parameters": { - "markdownDescription": "The parameters for the runtime configuration of the document.", - "title": "Parameters", - "type": "object" + "OnlineStoreConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreConfig", + "markdownDescription": "The configuration of an `OnlineStore` .", + "title": "OnlineStoreConfig" }, - "ScheduleExpression": { - "markdownDescription": "A cron expression that specifies a schedule when the association runs. The schedule runs in Coordinated Universal Time (UTC).", - "title": "ScheduleExpression", + "RecordIdentifierFeatureName": { + "markdownDescription": "The name of the `Feature` whose value uniquely identifies a `Record` defined in the `FeatureGroup` `FeatureDefinitions` .", + "title": "RecordIdentifierFeatureName", "type": "string" }, - "ScheduleOffset": { - "markdownDescription": "Number of days to wait after the scheduled day to run an association.", - "title": "ScheduleOffset", - "type": "number" - }, - "SyncCompliance": { - "markdownDescription": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` .\n\nIn `MANUAL` mode, you must specify the `AssociationId` as a parameter for the `PutComplianceItems` API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the `PutComplianceItems` API action.\n\nBy default, all associations use `AUTO` mode.", - "title": "SyncCompliance", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM execution role used to create the feature group.", + "title": "RoleArn", "type": "string" }, - "Targets": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::SSM::Association.Target" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The targets for the association. You must specify the `InstanceId` or `Targets` property. You can target all instances in an AWS account by specifying t he `InstanceIds` key with a value of `*` .\n\nSupported formats include the following.\n\n- `Key=InstanceIds,Values=,,`\n- `Key=tag-key,Values=,`\n\nTo view a JSON and a YAML example that targets all instances, see \"Create an association for all managed instances in an AWS account \" on the Examples page.", - "title": "Targets", + "markdownDescription": "Tags used to define a `FeatureGroup` .", + "title": "Tags", "type": "array" }, - "WaitForSuccessTimeoutSeconds": { - "markdownDescription": "The number of seconds the service should wait for the association status to show \"Success\" before proceeding with the stack execution. If the association status doesn't show \"Success\" after the specified number of seconds, then stack creation fails.\n\n> When you specify a value for the `WaitForSuccessTimeoutSeconds` , [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html) for your AWS CloudFormation stack\u2019s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don\u2019t include `WaitForSuccessTimeoutSeconds` in your template.", - "title": "WaitForSuccessTimeoutSeconds", - "type": "number" + "ThroughputConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.ThroughputConfig", + "markdownDescription": "Used to set feature group throughput configuration. There are two modes: `ON_DEMAND` and `PROVISIONED` . With on-demand mode, you are charged for data reads and writes that your application performs on your feature group. You do not need to specify read and write throughput because Feature Store accommodates your workloads as they ramp up and down. You can switch a feature group to on-demand only once in a 24 hour period. With provisioned throughput mode, you specify the read and write capacity per second that you expect your application to require, and you are billed based on those limits. Exceeding provisioned throughput will result in your requests being throttled.\n\nNote: `PROVISIONED` throughput mode is supported only for feature groups that are offline-only, or use the [`Standard`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) tier online store.", + "title": "ThroughputConfig" } }, "required": [ - "Name" + "EventTimeFeatureName", + "FeatureDefinitions", + "FeatureGroupName", + "RecordIdentifierFeatureName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::Association" + "AWS::SageMaker::FeatureGroup" ], "type": "string" }, @@ -240922,62 +293596,178 @@ ], "type": "object" }, - "AWS::SSM::Association.InstanceAssociationOutputLocation": { + "AWS::SageMaker::FeatureGroup.DataCatalogConfig": { "additionalProperties": false, "properties": { - "S3Location": { - "$ref": "#/definitions/AWS::SSM::Association.S3OutputLocation", - "markdownDescription": "`S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request.", - "title": "S3Location" + "Catalog": { + "markdownDescription": "The name of the Glue table catalog.", + "title": "Catalog", + "type": "string" + }, + "Database": { + "markdownDescription": "The name of the Glue table database.", + "title": "Database", + "type": "string" + }, + "TableName": { + "markdownDescription": "The name of the Glue table.", + "title": "TableName", + "type": "string" } }, + "required": [ + "Catalog", + "Database", + "TableName" + ], "type": "object" }, - "AWS::SSM::Association.S3OutputLocation": { + "AWS::SageMaker::FeatureGroup.FeatureDefinition": { "additionalProperties": false, "properties": { - "OutputS3BucketName": { - "markdownDescription": "The name of the S3 bucket.", - "title": "OutputS3BucketName", + "FeatureName": { + "markdownDescription": "The name of a feature. The type must be a string. `FeatureName` cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nThe name:\n\n- Must start with an alphanumeric character.\n- Can only include alphanumeric characters, underscores, and hyphens. Spaces are not allowed.", + "title": "FeatureName", "type": "string" }, - "OutputS3KeyPrefix": { - "markdownDescription": "The S3 bucket subfolder.", - "title": "OutputS3KeyPrefix", + "FeatureType": { + "markdownDescription": "The value type of a feature. Valid values are Integral, Fractional, or String.", + "title": "FeatureType", "type": "string" + } + }, + "required": [ + "FeatureName", + "FeatureType" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.OfflineStoreConfig": { + "additionalProperties": false, + "properties": { + "DataCatalogConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.DataCatalogConfig", + "markdownDescription": "The meta data of the Glue table that is autogenerated when an `OfflineStore` is created.", + "title": "DataCatalogConfig" }, - "OutputS3Region": { - "markdownDescription": "The AWS Region of the S3 bucket.", - "title": "OutputS3Region", + "DisableGlueTableCreation": { + "markdownDescription": "Set to `True` to disable the automatic creation of an AWS Glue table when configuring an `OfflineStore` . If set to `False` , Feature Store will name the `OfflineStore` Glue table following [Athena's naming recommendations](https://docs.aws.amazon.com/athena/latest/ug/tables-databases-columns-names.html) .\n\nThe default value is `False` .", + "title": "DisableGlueTableCreation", + "type": "boolean" + }, + "S3StorageConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.S3StorageConfig", + "markdownDescription": "The Amazon Simple Storage (Amazon S3) location of `OfflineStore` .", + "title": "S3StorageConfig" + }, + "TableFormat": { + "markdownDescription": "Format for the offline store table. Supported formats are Glue (Default) and [Apache Iceberg](https://docs.aws.amazon.com/https://iceberg.apache.org/) .", + "title": "TableFormat", "type": "string" } }, + "required": [ + "S3StorageConfig" + ], "type": "object" }, - "AWS::SSM::Association.Target": { + "AWS::SageMaker::FeatureGroup.OnlineStoreConfig": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", - "title": "Key", + "EnableOnlineStore": { + "markdownDescription": "Turn `OnlineStore` off by specifying `False` for the `EnableOnlineStore` flag. Turn `OnlineStore` on by specifying `True` for the `EnableOnlineStore` flag.\n\nThe default value is `False` .", + "title": "EnableOnlineStore", + "type": "boolean" + }, + "SecurityConfig": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig", + "markdownDescription": "Use to specify KMS Key ID ( `KMSKeyId` ) for at-rest encryption of your `OnlineStore` .", + "title": "SecurityConfig" + }, + "StorageType": { + "markdownDescription": "Option for different tiers of low latency storage for real-time data retrieval.\n\n- `Standard` : A managed low latency data store for feature groups.\n- `InMemory` : A managed data store for feature groups that supports very low latency retrieval.", + "title": "StorageType", "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", - "title": "Values", - "type": "array" + "TtlDuration": { + "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.TtlDuration", + "markdownDescription": "Time to live duration, where the record is hard deleted after the expiration time is reached; `ExpiresAt` = `EventTime` + `TtlDuration` . For information on HardDelete, see the [DeleteRecord](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html) API in the Amazon SageMaker API Reference guide.", + "title": "TtlDuration" + } + }, + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.\n\nThe caller (either user or IAM role) of `CreateFeatureGroup` must have below permissions to the `OnlineStore` `KmsKeyId` :\n\n- `\"kms:Encrypt\"`\n- `\"kms:Decrypt\"`\n- `\"kms:DescribeKey\"`\n- `\"kms:CreateGrant\"`\n- `\"kms:RetireGrant\"`\n- `\"kms:ReEncryptFrom\"`\n- `\"kms:ReEncryptTo\"`\n- `\"kms:GenerateDataKey\"`\n- `\"kms:ListAliases\"`\n- `\"kms:ListGrants\"`\n- `\"kms:RevokeGrant\"`\n\nThe caller (either user or IAM role) to all DataPlane operations ( `PutRecord` , `GetRecord` , `DeleteRecord` ) must have the following permissions to the `KmsKeyId` :\n\n- `\"kms:Decrypt\"`", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.S3StorageConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service (KMS) key ARN of the key used to encrypt any objects written into the `OfflineStore` S3 location.\n\nThe IAM `roleARN` that is passed as a parameter to `CreateFeatureGroup` must have below permissions to the `KmsKeyId` :\n\n- `\"kms:GenerateDataKey\"`", + "title": "KmsKeyId", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "The S3 URI, or location in Amazon S3, of `OfflineStore` .\n\nS3 URIs have a format similar to the following: `s3://example-bucket/prefix/` .", + "title": "S3Uri", + "type": "string" } }, "required": [ - "Key", - "Values" + "S3Uri" ], "type": "object" }, - "AWS::SSM::Document": { + "AWS::SageMaker::FeatureGroup.ThroughputConfig": { + "additionalProperties": false, + "properties": { + "ProvisionedReadCapacityUnits": { + "markdownDescription": "For provisioned feature groups with online store enabled, this indicates the read throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", + "title": "ProvisionedReadCapacityUnits", + "type": "number" + }, + "ProvisionedWriteCapacityUnits": { + "markdownDescription": "For provisioned feature groups, this indicates the write throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", + "title": "ProvisionedWriteCapacityUnits", + "type": "number" + }, + "ThroughputMode": { + "markdownDescription": "The mode used for your feature group throughput: `ON_DEMAND` or `PROVISIONED` .", + "title": "ThroughputMode", + "type": "string" + } + }, + "required": [ + "ThroughputMode" + ], + "type": "object" + }, + "AWS::SageMaker::FeatureGroup.TtlDuration": { + "additionalProperties": false, + "properties": { + "Unit": { + "markdownDescription": "`TtlDuration` time unit.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "`TtlDuration` time value.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::Image": { "additionalProperties": false, "properties": { "Condition": { @@ -241012,74 +293802,44 @@ "Properties": { "additionalProperties": false, "properties": { - "Attachments": { - "items": { - "$ref": "#/definitions/AWS::SSM::Document.AttachmentsSource" - }, - "markdownDescription": "A list of key-value pairs that describe attachments to a version of a document.", - "title": "Attachments", - "type": "array" - }, - "Content": { - "markdownDescription": "The content for the new SSM document in JSON or YAML. For more information about the schemas for SSM document content, see [SSM document schema features and examples](https://docs.aws.amazon.com/systems-manager/latest/userguide/document-schemas-features.html) in the *AWS Systems Manager User Guide* .\n\n> This parameter also supports `String` data types.", - "title": "Content", - "type": "object" - }, - "DocumentFormat": { - "markdownDescription": "Specify the document format for the request. `JSON` is the default format.", - "title": "DocumentFormat", + "ImageDescription": { + "markdownDescription": "The description of the image.", + "title": "ImageDescription", "type": "string" }, - "DocumentType": { - "markdownDescription": "The type of document to create.", - "title": "DocumentType", + "ImageDisplayName": { + "markdownDescription": "The display name of the image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.\n\n*Pattern* : `^\\S(.*\\S)?$`", + "title": "ImageDisplayName", "type": "string" }, - "Name": { - "markdownDescription": "A name for the SSM document.\n\n> You can't use the following strings as document name prefixes. These are reserved by AWS for use as document name prefixes:\n> \n> - `aws`\n> - `amazon`\n> - `amzn`\n> - `AWSEC2`\n> - `AWSConfigRemediation`\n> - `AWSSupport`", - "title": "Name", + "ImageName": { + "markdownDescription": "The name of the Image. Must be unique by region in your account.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", + "title": "ImageName", "type": "string" }, - "Requires": { - "items": { - "$ref": "#/definitions/AWS::SSM::Document.DocumentRequires" - }, - "markdownDescription": "A list of SSM documents required by a document. This parameter is used exclusively by AWS AppConfig . When a user creates an AWS AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an `ApplicationConfiguration` document requires an `ApplicationConfigurationSchema` document for validation purposes. For more information, see [What is AWS AppConfig ?](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .", - "title": "Requires", - "type": "array" + "ImageRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n\n*Length Constraints* : Minimum length of 20. Maximum length of 2048.\n\n*Pattern* : `^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$`", + "title": "ImageRoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "AWS CloudFormation resource tags to apply to the document. Use tags to help you identify and categorize resources.", + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\n*Array Members* : Minimum number of 0 items. Maximum number of 50 items.", "title": "Tags", "type": "array" - }, - "TargetType": { - "markdownDescription": "Specify a target type to define the kinds of resources the document can run on. For example, to run a document on EC2 instances, specify the following value: `/AWS::EC2::Instance` . If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) in the *AWS CloudFormation User Guide* .", - "title": "TargetType", - "type": "string" - }, - "UpdateMethod": { - "markdownDescription": "If the document resource you specify in your template already exists, this parameter determines whether a new version of the existing document is created, or the existing document is replaced. `Replace` is the default method. If you specify `NewVersion` for the `UpdateMethod` parameter, and the `Name` of the document does not match an existing resource, a new document is created. When you specify `NewVersion` , the default version of the document is changed to the newly created version.", - "title": "UpdateMethod", - "type": "string" - }, - "VersionName": { - "markdownDescription": "An optional field specifying the version of the artifact you are creating with the document. For example, `Release12.1` . This value is unique across all versions of a document, and can't be changed.", - "title": "VersionName", - "type": "string" } }, "required": [ - "Content" + "ImageName", + "ImageRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::Document" + "AWS::SageMaker::Image" ], "type": "string" }, @@ -241098,47 +293858,7 @@ ], "type": "object" }, - "AWS::SSM::Document.AttachmentsSource": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key of a key-value pair that identifies the location of an attachment to a document.", - "title": "Key", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the document attachment file.", - "title": "Name", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The value of a key-value pair that identifies the location of an attachment to a document. The format for *Value* depends on the type of key you specify.\n\n- For the key *SourceUrl* , the value is an S3 bucket location. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix\" ]`\n- For the key *S3FileUrl* , the value is a file in an S3 bucket. For example:\n\n`\"Values\": [ \"s3://amzn-s3-demo-bucket/my-prefix/my-file.py\" ]`\n- For the key *AttachmentReference* , the value is constructed from the name of another SSM document in your account, a version number of that document, and a file attached to that document version that you want to reuse. For example:\n\n`\"Values\": [ \"MyOtherDocument/3/my-other-file.py\" ]`\n\nHowever, if the SSM document is shared with you from another account, the full SSM document ARN must be specified instead of the document name only. For example:\n\n`\"Values\": [ \"arn:aws:ssm:us-east-2:111122223333:document/OtherAccountDocument/3/their-file.py\" ]`", - "title": "Values", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SSM::Document.DocumentRequires": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the required SSM document. The name can be an Amazon Resource Name (ARN).", - "title": "Name", - "type": "string" - }, - "Version": { - "markdownDescription": "The document version required by the current document.", - "title": "Version", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SSM::MaintenanceWindow": { + "AWS::SageMaker::ImageVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -241173,77 +293893,74 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowUnassociatedTargets": { - "markdownDescription": "Enables a maintenance window task to run on managed instances, even if you have not registered those instances as targets. If enabled, then you must specify the unregistered instances (by instance ID) when you register a task with the maintenance window.", - "title": "AllowUnassociatedTargets", - "type": "boolean" + "Alias": { + "markdownDescription": "", + "title": "Alias", + "type": "string" }, - "Cutoff": { - "markdownDescription": "The number of hours before the end of the maintenance window that AWS Systems Manager stops scheduling new tasks for execution.", - "title": "Cutoff", - "type": "number" + "Aliases": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Aliases", + "type": "array" }, - "Description": { - "markdownDescription": "A description of the maintenance window.", - "title": "Description", + "BaseImage": { + "markdownDescription": "The container image that the SageMaker image version is based on.", + "title": "BaseImage", "type": "string" }, - "Duration": { - "markdownDescription": "The duration of the maintenance window in hours.", - "title": "Duration", - "type": "number" + "Horovod": { + "markdownDescription": "", + "title": "Horovod", + "type": "boolean" }, - "EndDate": { - "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become inactive.", - "title": "EndDate", + "ImageName": { + "markdownDescription": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", + "title": "ImageName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the maintenance window.", - "title": "Name", + "JobType": { + "markdownDescription": "", + "title": "JobType", "type": "string" }, - "Schedule": { - "markdownDescription": "The schedule of the maintenance window in the form of a cron or rate expression.", - "title": "Schedule", + "MLFramework": { + "markdownDescription": "", + "title": "MLFramework", "type": "string" }, - "ScheduleOffset": { - "markdownDescription": "The number of days to wait to run a maintenance window after the scheduled cron expression date and time.", - "title": "ScheduleOffset", - "type": "number" + "Processor": { + "markdownDescription": "", + "title": "Processor", + "type": "string" }, - "ScheduleTimezone": { - "markdownDescription": "The time zone that the scheduled maintenance window executions are based on, in Internet Assigned Numbers Authority (IANA) format.", - "title": "ScheduleTimezone", + "ProgrammingLang": { + "markdownDescription": "", + "title": "ProgrammingLang", "type": "string" }, - "StartDate": { - "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become active. `StartDate` allows you to delay activation of the maintenance window until the specified future date.", - "title": "StartDate", + "ReleaseNotes": { + "markdownDescription": "", + "title": "ReleaseNotes", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a maintenance window to identify the type of tasks it will run, the types of targets, and the environment it will run in.", - "title": "Tags", - "type": "array" + "VendorGuidance": { + "markdownDescription": "", + "title": "VendorGuidance", + "type": "string" } }, "required": [ - "AllowUnassociatedTargets", - "Cutoff", - "Duration", - "Name", - "Schedule" + "BaseImage", + "ImageName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::MaintenanceWindow" + "AWS::SageMaker::ImageVersion" ], "type": "string" }, @@ -241262,7 +293979,7 @@ ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTarget": { + "AWS::SageMaker::InferenceComponent": { "additionalProperties": false, "properties": { "Condition": { @@ -241297,50 +294014,59 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the target.", - "title": "Description", - "type": "string" + "DeploymentConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentDeploymentConfig", + "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", + "title": "DeploymentConfig" }, - "Name": { - "markdownDescription": "The name for the maintenance window target.", - "title": "Name", + "EndpointArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the endpoint that hosts the inference component.", + "title": "EndpointArn", "type": "string" }, - "OwnerInformation": { - "markdownDescription": "A user-provided value that will be included in any Amazon CloudWatch Events events that are raised while running tasks for these targets in this maintenance window.", - "title": "OwnerInformation", + "EndpointName": { + "markdownDescription": "The name of the endpoint that hosts the inference component.", + "title": "EndpointName", "type": "string" }, - "ResourceType": { - "markdownDescription": "The type of target that is being registered with the maintenance window.", - "title": "ResourceType", + "InferenceComponentName": { + "markdownDescription": "The name of the inference component.", + "title": "InferenceComponentName", "type": "string" }, - "Targets": { + "RuntimeConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig", + "markdownDescription": "", + "title": "RuntimeConfig" + }, + "Specification": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentSpecification", + "markdownDescription": "", + "title": "Specification" + }, + "Tags": { "items": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTarget.Targets" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs.\n\nYou must specify targets by using the `WindowTargetIds` parameter.", - "title": "Targets", + "markdownDescription": "", + "title": "Tags", "type": "array" }, - "WindowId": { - "markdownDescription": "The ID of the maintenance window to register the target with.", - "title": "WindowId", + "VariantName": { + "markdownDescription": "The name of the production variant that hosts the inference component.", + "title": "VariantName", "type": "string" } }, "required": [ - "ResourceType", - "Targets", - "WindowId" + "EndpointName", + "Specification" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::MaintenanceWindowTarget" + "AWS::SageMaker::InferenceComponent" ], "type": "string" }, @@ -241359,30 +294085,247 @@ ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTarget.Targets": { + "AWS::SageMaker::InferenceComponent.Alarm": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", - "title": "Key", + "AlarmName": { + "markdownDescription": "The name of a CloudWatch alarm in your account.", + "title": "AlarmName", "type": "string" - }, - "Values": { + } + }, + "required": [ + "AlarmName" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.AutoRollbackConfiguration": { + "additionalProperties": false, + "properties": { + "Alarms": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.Alarm" }, - "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", - "title": "Values", + "markdownDescription": "", + "title": "Alarms", "type": "array" } }, "required": [ - "Key", - "Values" + "Alarms" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask": { + "AWS::SageMaker::InferenceComponent.DeployedImage": { + "additionalProperties": false, + "properties": { + "ResolutionTime": { + "markdownDescription": "The date and time when the image path for the model resolved to the `ResolvedImage`", + "title": "ResolutionTime", + "type": "string" + }, + "ResolvedImage": { + "markdownDescription": "The specific digest path of the image hosted in this `ProductionVariant` .", + "title": "ResolvedImage", + "type": "string" + }, + "SpecifiedImage": { + "markdownDescription": "The image path you specified when you created the model.", + "title": "SpecifiedImage", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specifies the endpoint capacity type.\n\n- **COPY_COUNT** - The endpoint activates based on the number of inference component copies.\n- **CAPACITY_PERCENT** - The endpoint activates based on the specified percentage of capacity.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Defines the capacity size, either as a number of inference component copies or a capacity percentage.", + "title": "Value", + "type": "number" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements": { + "additionalProperties": false, + "properties": { + "MaxMemoryRequiredInMb": { + "markdownDescription": "The maximum MB of memory to allocate to run a model that you assign to an inference component.", + "title": "MaxMemoryRequiredInMb", + "type": "number" + }, + "MinMemoryRequiredInMb": { + "markdownDescription": "The minimum MB of memory to allocate to run a model that you assign to an inference component.", + "title": "MinMemoryRequiredInMb", + "type": "number" + }, + "NumberOfAcceleratorDevicesRequired": { + "markdownDescription": "The number of accelerators to allocate to run a model that you assign to an inference component. Accelerators include GPUs and AWS Inferentia.", + "title": "NumberOfAcceleratorDevicesRequired", + "type": "number" + }, + "NumberOfCpuCoresRequired": { + "markdownDescription": "The number of CPU cores to allocate to run a model that you assign to an inference component.", + "title": "NumberOfCpuCoresRequired", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification": { + "additionalProperties": false, + "properties": { + "ArtifactUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", + "title": "ArtifactUrl", + "type": "string" + }, + "DeployedImage": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.DeployedImage", + "markdownDescription": "", + "title": "DeployedImage" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the Environment string-to-string map can have length of up to 1024. We support up to 16 entries in the map.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "Image": { + "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where the Docker image for the model is stored.", + "title": "Image", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentDeploymentConfig": { + "additionalProperties": false, + "properties": { + "AutoRollbackConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.AutoRollbackConfiguration", + "markdownDescription": "", + "title": "AutoRollbackConfiguration" + }, + "RollingUpdatePolicy": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRollingUpdatePolicy", + "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker AI endpoint.", + "title": "RollingUpdatePolicy" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentRollingUpdatePolicy": { + "additionalProperties": false, + "properties": { + "MaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize", + "markdownDescription": "The batch size for each rolling step in the deployment process. For each step, SageMaker AI provisions capacity on the new endpoint fleet, routes traffic to that fleet, and terminates capacity on the old endpoint fleet. The value must be between 5% to 50% of the copy count of the inference component.", + "title": "MaximumBatchSize" + }, + "MaximumExecutionTimeoutInSeconds": { + "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", + "title": "MaximumExecutionTimeoutInSeconds", + "type": "number" + }, + "RollbackMaximumBatchSize": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentCapacitySize", + "markdownDescription": "The batch size for a rollback to the old endpoint fleet. If this field is absent, the value is set to the default, which is 100% of the total capacity. When the default is used, SageMaker AI provisions the entire capacity of the old fleet at once during rollback.", + "title": "RollbackMaximumBatchSize" + }, + "WaitIntervalInSeconds": { + "markdownDescription": "The length of the baking period, during which SageMaker AI monitors alarms for each batch on the new fleet.", + "title": "WaitIntervalInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig": { + "additionalProperties": false, + "properties": { + "CopyCount": { + "markdownDescription": "The number of runtime copies of the model container to deploy with the inference component. Each copy can serve inference requests.", + "title": "CopyCount", + "type": "number" + }, + "CurrentCopyCount": { + "markdownDescription": "", + "title": "CurrentCopyCount", + "type": "number" + }, + "DesiredCopyCount": { + "markdownDescription": "", + "title": "DesiredCopyCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentSpecification": { + "additionalProperties": false, + "properties": { + "BaseInferenceComponentName": { + "markdownDescription": "The name of an existing inference component that is to contain the inference component that you're creating with your request.\n\nSpecify this parameter only if your request is meant to create an adapter inference component. An adapter inference component contains the path to an adapter model. The purpose of the adapter model is to tailor the inference output of a base foundation model, which is hosted by the base inference component. The adapter inference component uses the compute resources that you assigned to the base inference component.\n\nWhen you create an adapter inference component, use the `Container` parameter to specify the location of the adapter artifacts. In the parameter value, use the `ArtifactUrl` parameter of the `InferenceComponentContainerSpecification` data type.\n\nBefore you can create an adapter inference component, you must have an existing inference component that contains the foundation model that you want to adapt.", + "title": "BaseInferenceComponentName", + "type": "string" + }, + "ComputeResourceRequirements": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements", + "markdownDescription": "The compute resources allocated to run the model, plus any adapter models, that you assign to the inference component.\n\nOmit this parameter if your request is meant to create an adapter inference component. An adapter inference component is loaded by a base inference component, and it uses the compute resources of the base inference component.", + "title": "ComputeResourceRequirements" + }, + "Container": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification", + "markdownDescription": "Defines a container that provides the runtime environment for a model that you deploy with an inference component.", + "title": "Container" + }, + "ModelName": { + "markdownDescription": "The name of an existing SageMaker AI model object in your account that you want to deploy with the inference component.", + "title": "ModelName", + "type": "string" + }, + "StartupParameters": { + "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters", + "markdownDescription": "Settings that take effect while the model container starts up.", + "title": "StartupParameters" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters": { + "additionalProperties": false, + "properties": { + "ContainerStartupHealthCheckTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by Amazon S3 Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", + "title": "ContainerStartupHealthCheckTimeoutInSeconds", + "type": "number" + }, + "ModelDataDownloadTimeoutInSeconds": { + "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this inference component.", + "title": "ModelDataDownloadTimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment": { "additionalProperties": false, "properties": { "Condition": { @@ -241417,91 +294360,90 @@ "Properties": { "additionalProperties": false, "properties": { - "CutoffBehavior": { - "markdownDescription": "The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached.", - "title": "CutoffBehavior", - "type": "string" + "DataStorageConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.DataStorageConfig", + "markdownDescription": "The Amazon S3 location and configuration for storing inference request and response data.", + "title": "DataStorageConfig" }, "Description": { - "markdownDescription": "A description of the task.", + "markdownDescription": "The description of the inference experiment.", "title": "Description", "type": "string" }, - "LoggingInfo": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.LoggingInfo", - "markdownDescription": "Information about an Amazon S3 bucket to write Run Command task-level logs to.\n\n> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) .", - "title": "LoggingInfo" - }, - "MaxConcurrency": { - "markdownDescription": "The maximum number of targets this task can be run for, in parallel.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", - "title": "MaxConcurrency", - "type": "string" - }, - "MaxErrors": { - "markdownDescription": "The maximum number of errors allowed before this task stops being scheduled.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", - "title": "MaxErrors", + "DesiredState": { + "markdownDescription": "The desired state of the experiment after stopping. The possible states are the following:\n\n- `Completed` : The experiment completed successfully\n- `Cancelled` : The experiment was canceled", + "title": "DesiredState", "type": "string" }, - "Name": { - "markdownDescription": "The task name.", - "title": "Name", + "EndpointName": { + "markdownDescription": "The name of the endpoint.", + "title": "EndpointName", "type": "string" }, - "Priority": { - "markdownDescription": "The priority of the task in the maintenance window. The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.", - "title": "Priority", - "type": "number" - }, - "ServiceRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", - "title": "ServiceRoleArn", + "KmsKey": { + "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", + "title": "KmsKey", "type": "string" }, - "Targets": { + "ModelVariants": { "items": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.Target" + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelVariantConfig" }, - "markdownDescription": "The targets, either instances or window target IDs.\n\n- Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` .\n- Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` .", - "title": "Targets", + "markdownDescription": "An array of `ModelVariantConfigSummary` objects. There is one for each variant in the inference experiment. Each `ModelVariantConfigSummary` object in the array describes the infrastructure configuration for deploying the corresponding variant.", + "title": "ModelVariants", "type": "array" }, - "TaskArn": { - "markdownDescription": "The resource that the task uses during execution.\n\nFor `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN).\n\nFor `LAMBDA` tasks, `TaskArn` is the function name or ARN.\n\nFor `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN.", - "title": "TaskArn", + "Name": { + "markdownDescription": "The name of the inference experiment.", + "title": "Name", "type": "string" }, - "TaskInvocationParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters", - "markdownDescription": "The parameters to pass to the task when it runs. Populate only the fields that match the task type. All other fields should be empty.\n\n> When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed.", - "title": "TaskInvocationParameters" + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Amazon SageMaker can assume to access model artifacts and container images, and manage Amazon SageMaker Inference endpoints for model deployment.", + "title": "RoleArn", + "type": "string" }, - "TaskParameters": { - "markdownDescription": "The parameters to pass to the task when it runs.\n\n> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) .", - "title": "TaskParameters", - "type": "object" + "Schedule": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule", + "markdownDescription": "The duration for which the inference experiment ran or will run.\n\nThe maximum duration that you can set for an inference experiment is 30 days.", + "title": "Schedule" }, - "TaskType": { - "markdownDescription": "The type of task. Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` .", - "title": "TaskType", + "ShadowModeConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModeConfig", + "markdownDescription": "The configuration of `ShadowMode` inference experiment type, which shows the production variant that takes all the inference requests, and the shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant it also shows the percentage of requests that Amazon SageMaker replicates.", + "title": "ShadowModeConfig" + }, + "StatusReason": { + "markdownDescription": "The error message for the inference experiment status result.", + "title": "StatusReason", "type": "string" }, - "WindowId": { - "markdownDescription": "The ID of the maintenance window where the task is registered.", - "title": "WindowId", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of the inference experiment.", + "title": "Type", "type": "string" } }, "required": [ - "Priority", - "TaskArn", - "TaskType", - "WindowId" + "EndpointName", + "ModelVariants", + "Name", + "RoleArn", + "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::MaintenanceWindowTask" + "AWS::SageMaker::InferenceExperiment" ], "type": "string" }, @@ -241520,238 +294462,202 @@ ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig": { + "AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader": { "additionalProperties": false, "properties": { - "CloudWatchLogGroupName": { - "markdownDescription": "The name of the CloudWatch Logs log group where you want to send command output. If you don't specify a group name, AWS Systems Manager automatically creates a log group for you. The log group uses the following naming format:\n\n`aws/ssm/ *SystemsManagerDocumentName*`", - "title": "CloudWatchLogGroupName", - "type": "string" + "CsvContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of all content type headers that Amazon SageMaker AI will treat as CSV and capture accordingly.", + "title": "CsvContentTypes", + "type": "array" }, - "CloudWatchOutputEnabled": { - "markdownDescription": "Enables Systems Manager to send command output to CloudWatch Logs.", - "title": "CloudWatchOutputEnabled", - "type": "boolean" + "JsonContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of all content type headers that SageMaker AI will treat as JSON and capture accordingly.", + "title": "JsonContentTypes", + "type": "array" } }, "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.LoggingInfo": { + "AWS::SageMaker::InferenceExperiment.DataStorageConfig": { "additionalProperties": false, "properties": { - "Region": { - "markdownDescription": "The AWS Region where the S3 bucket is located.", - "title": "Region", - "type": "string" + "ContentType": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader", + "markdownDescription": "Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data.", + "title": "ContentType" }, - "S3Bucket": { - "markdownDescription": "The name of an S3 bucket where execution logs are stored.", - "title": "S3Bucket", + "Destination": { + "markdownDescription": "The Amazon S3 bucket where the inference request and response data is stored.", + "title": "Destination", "type": "string" }, - "S3Prefix": { - "markdownDescription": "The Amazon S3 bucket subfolder.", - "title": "S3Prefix", + "KmsKey": { + "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", + "title": "KmsKey", "type": "string" } }, "required": [ - "Region", - "S3Bucket" + "Destination" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters": { - "additionalProperties": false, - "properties": { - "DocumentVersion": { - "markdownDescription": "The version of an Automation runbook to use during task execution.", - "title": "DocumentVersion", - "type": "string" - }, - "Parameters": { - "markdownDescription": "The parameters for the `AUTOMATION` type task.", - "title": "Parameters", - "type": "object" - } - }, - "type": "object" - }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters": { - "additionalProperties": false, - "properties": { - "ClientContext": { - "markdownDescription": "Client-specific information to pass to the AWS Lambda function that you're invoking. You can then use the `context` variable to process the client information in your AWS Lambda function.", - "title": "ClientContext", - "type": "string" - }, - "Payload": { - "markdownDescription": "JSON to provide to your AWS Lambda function as input.\n\n> Although `Type` is listed as \"String\" for this property, the payload content must be formatted as a Base64-encoded binary data object. \n\n*Length Constraint:* 4096", - "title": "Payload", - "type": "string" - }, - "Qualifier": { - "markdownDescription": "An AWS Lambda function version or alias name. If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to.", - "title": "Qualifier", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters": { + "AWS::SageMaker::InferenceExperiment.EndpointMetadata": { "additionalProperties": false, "properties": { - "CloudWatchOutputConfig": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig", - "markdownDescription": "Configuration options for sending command output to Amazon CloudWatch Logs.", - "title": "CloudWatchOutputConfig" - }, - "Comment": { - "markdownDescription": "Information about the command or commands to run.", - "title": "Comment", - "type": "string" - }, - "DocumentHash": { - "markdownDescription": "The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.", - "title": "DocumentHash", - "type": "string" - }, - "DocumentHashType": { - "markdownDescription": "The SHA-256 or SHA-1 hash type. SHA-1 hashes are deprecated.", - "title": "DocumentHashType", - "type": "string" - }, - "DocumentVersion": { - "markdownDescription": "The AWS Systems Manager document (SSM document) version to use in the request. You can specify `$DEFAULT` , `$LATEST` , or a specific version number. If you run commands by using the AWS CLI, then you must escape the first two options by using a backslash. If you specify a version number, then you don't need to use the backslash. For example:\n\n`--document-version \"\\$DEFAULT\"`\n\n`--document-version \"\\$LATEST\"`\n\n`--document-version \"3\"`", - "title": "DocumentVersion", - "type": "string" - }, - "NotificationConfig": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.NotificationConfig", - "markdownDescription": "Configurations for sending notifications about command status changes on a per-managed node basis.", - "title": "NotificationConfig" - }, - "OutputS3BucketName": { - "markdownDescription": "The name of the Amazon Simple Storage Service (Amazon S3) bucket.", - "title": "OutputS3BucketName", - "type": "string" - }, - "OutputS3KeyPrefix": { - "markdownDescription": "The S3 bucket subfolder.", - "title": "OutputS3KeyPrefix", + "EndpointConfigName": { + "markdownDescription": "The name of the endpoint configuration.", + "title": "EndpointConfigName", "type": "string" }, - "Parameters": { - "markdownDescription": "The parameters for the `RUN_COMMAND` task execution.\n\nThe supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .", - "title": "Parameters", - "type": "object" - }, - "ServiceRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", - "title": "ServiceRoleArn", + "EndpointName": { + "markdownDescription": "The name of the endpoint.", + "title": "EndpointName", "type": "string" }, - "TimeoutSeconds": { - "markdownDescription": "If this time is reached and the command hasn't already started running, it doesn't run.", - "title": "TimeoutSeconds", - "type": "number" + "EndpointStatus": { + "markdownDescription": "The status of the endpoint. For possible values of the status of an endpoint, see [](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-inferenceexperiment-endpointmetadata.html#cfn-sagemaker-inferenceexperiment-endpointmetadata-endpointstatus) .", + "title": "EndpointStatus", + "type": "string" } }, + "required": [ + "EndpointName" + ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters": { + "AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule": { "additionalProperties": false, "properties": { - "Input": { - "markdownDescription": "The inputs for the `STEP_FUNCTIONS` task.", - "title": "Input", + "EndTime": { + "markdownDescription": "The timestamp at which the inference experiment ended or will end.", + "title": "EndTime", "type": "string" }, - "Name": { - "markdownDescription": "The name of the `STEP_FUNCTIONS` task.", - "title": "Name", + "StartTime": { + "markdownDescription": "The timestamp at which the inference experiment started or will start.", + "title": "StartTime", "type": "string" } }, "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.NotificationConfig": { + "AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig": { "additionalProperties": false, "properties": { - "NotificationArn": { - "markdownDescription": "An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic. Run Command pushes notifications about command status changes to this topic.", - "title": "NotificationArn", + "InfrastructureType": { + "markdownDescription": "The inference option to which to deploy your model. Possible values are the following:\n\n- `RealTime` : Deploy to real-time inference.", + "title": "InfrastructureType", "type": "string" }, - "NotificationEvents": { - "items": { - "type": "string" - }, - "markdownDescription": "The different events that you can receive notifications for. These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* .", - "title": "NotificationEvents", - "type": "array" + "RealTimeInferenceConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig", + "markdownDescription": "The infrastructure configuration for deploying the model to real-time inference.", + "title": "RealTimeInferenceConfig" + } + }, + "required": [ + "InfrastructureType", + "RealTimeInferenceConfig" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.ModelVariantConfig": { + "additionalProperties": false, + "properties": { + "InfrastructureConfig": { + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig", + "markdownDescription": "The configuration for the infrastructure that the model will be deployed to.", + "title": "InfrastructureConfig" }, - "NotificationType": { - "markdownDescription": "The notification type.\n\n- `Command` : Receive notification when the status of a command changes.\n- `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.", - "title": "NotificationType", + "ModelName": { + "markdownDescription": "The name of the Amazon SageMaker Model entity.", + "title": "ModelName", + "type": "string" + }, + "VariantName": { + "markdownDescription": "The name of the variant.", + "title": "VariantName", "type": "string" } }, "required": [ - "NotificationArn" + "InfrastructureConfig", + "ModelName", + "VariantName" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.Target": { + "AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "User-defined criteria for sending commands that target instances that meet the criteria. `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", - "title": "Key", - "type": "string" + "InstanceCount": { + "markdownDescription": "The number of instances of the type specified by `InstanceType` .", + "title": "InstanceCount", + "type": "number" }, - "Values": { + "InstanceType": { + "markdownDescription": "The instance type the model is deployed to.", + "title": "InstanceType", + "type": "string" + } + }, + "required": [ + "InstanceCount", + "InstanceType" + ], + "type": "object" + }, + "AWS::SageMaker::InferenceExperiment.ShadowModeConfig": { + "additionalProperties": false, + "properties": { + "ShadowModelVariants": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig" }, - "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", - "title": "Values", + "markdownDescription": "List of shadow variant configurations.", + "title": "ShadowModelVariants", "type": "array" + }, + "SourceModelVariantName": { + "markdownDescription": "The name of the production variant, which takes all the inference requests.", + "title": "SourceModelVariantName", + "type": "string" } }, "required": [ - "Key", - "Values" + "ShadowModelVariants", + "SourceModelVariantName" ], "type": "object" }, - "AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters": { + "AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig": { "additionalProperties": false, "properties": { - "MaintenanceWindowAutomationParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters", - "markdownDescription": "The parameters for an `AUTOMATION` task type.", - "title": "MaintenanceWindowAutomationParameters" - }, - "MaintenanceWindowLambdaParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters", - "markdownDescription": "The parameters for a `LAMBDA` task type.", - "title": "MaintenanceWindowLambdaParameters" - }, - "MaintenanceWindowRunCommandParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters", - "markdownDescription": "The parameters for a `RUN_COMMAND` task type.", - "title": "MaintenanceWindowRunCommandParameters" + "SamplingPercentage": { + "markdownDescription": "The percentage of inference requests that Amazon SageMaker replicates from the production variant to the shadow variant.", + "title": "SamplingPercentage", + "type": "number" }, - "MaintenanceWindowStepFunctionsParameters": { - "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters", - "markdownDescription": "The parameters for a `STEP_FUNCTIONS` task type.", - "title": "MaintenanceWindowStepFunctionsParameters" + "ShadowModelVariantName": { + "markdownDescription": "The name of the shadow variant.", + "title": "ShadowModelVariantName", + "type": "string" } }, + "required": [ + "SamplingPercentage", + "ShadowModelVariantName" + ], "type": "object" }, - "AWS::SSM::Parameter": { + "AWS::SageMaker::MlflowTrackingServer": { "additionalProperties": false, "properties": { "Condition": { @@ -241786,67 +294692,60 @@ "Properties": { "additionalProperties": false, "properties": { - "AllowedPattern": { - "markdownDescription": "A regular expression used to validate the parameter value. For example, for `String` types with values restricted to numbers, you can specify the following: `AllowedPattern=^\\d+$`", - "title": "AllowedPattern", - "type": "string" - }, - "DataType": { - "markdownDescription": "The data type of the parameter, such as `text` or `aws:ec2:image` . The default is `text` .", - "title": "DataType", + "ArtifactStoreUri": { + "markdownDescription": "", + "title": "ArtifactStoreUri", "type": "string" }, - "Description": { - "markdownDescription": "Information about the parameter.", - "title": "Description", - "type": "string" + "AutomaticModelRegistration": { + "markdownDescription": "", + "title": "AutomaticModelRegistration", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the parameter.\n\n> The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: `arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName`", - "title": "Name", + "MlflowVersion": { + "markdownDescription": "", + "title": "MlflowVersion", "type": "string" }, - "Policies": { - "markdownDescription": "Information about the policies assigned to a parameter.\n\n[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* .", - "title": "Policies", + "RoleArn": { + "markdownDescription": "", + "title": "RoleArn", "type": "string" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "", "title": "Tags", - "type": "object" + "type": "array" }, - "Tier": { - "markdownDescription": "The parameter tier.", - "title": "Tier", + "TrackingServerName": { + "markdownDescription": "", + "title": "TrackingServerName", "type": "string" }, - "Type": { - "markdownDescription": "The type of parameter.\n\n> Parameters of type `SecureString` are not supported by AWS CloudFormation .", - "title": "Type", + "TrackingServerSize": { + "markdownDescription": "", + "title": "TrackingServerSize", "type": "string" }, - "Value": { - "markdownDescription": "The parameter value.\n\n> If type is `StringList` , the system returns a comma-separated string with no spaces between commas in the `Value` field.", - "title": "Value", + "WeeklyMaintenanceWindowStart": { + "markdownDescription": "", + "title": "WeeklyMaintenanceWindowStart", "type": "string" } }, "required": [ - "Type", - "Value" + "ArtifactStoreUri", + "RoleArn", + "TrackingServerName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::Parameter" + "AWS::SageMaker::MlflowTrackingServer" ], "type": "string" }, @@ -241865,7 +294764,7 @@ ], "type": "object" }, - "AWS::SSM::PatchBaseline": { + "AWS::SageMaker::Model": { "additionalProperties": false, "properties": { "Condition": { @@ -241900,100 +294799,58 @@ "Properties": { "additionalProperties": false, "properties": { - "ApprovalRules": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.RuleGroup", - "markdownDescription": "A set of rules used to include patches in the baseline.", - "title": "ApprovalRules" - }, - "ApprovedPatches": { + "Containers": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition" }, - "markdownDescription": "A list of explicitly approved patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", - "title": "ApprovedPatches", + "markdownDescription": "Specifies the containers in the inference pipeline.", + "title": "Containers", "type": "array" }, - "ApprovedPatchesComplianceLevel": { - "markdownDescription": "Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` .", - "title": "ApprovedPatchesComplianceLevel", - "type": "string" - }, - "ApprovedPatchesEnableNonSecurity": { - "markdownDescription": "Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. The default value is `false` . Applies to Linux managed nodes only.", - "title": "ApprovedPatchesEnableNonSecurity", - "type": "boolean" - }, - "DefaultBaseline": { - "markdownDescription": "Indicates whether this is the default baseline. AWS Systems Manager supports creating multiple default patch baselines. For example, you can create a default patch baseline for each operating system.", - "title": "DefaultBaseline", + "EnableNetworkIsolation": { + "markdownDescription": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.", + "title": "EnableNetworkIsolation", "type": "boolean" }, - "Description": { - "markdownDescription": "A description of the patch baseline.", - "title": "Description", - "type": "string" - }, - "GlobalFilters": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", - "markdownDescription": "A set of global filters used to include patches in the baseline.\n\n> The `GlobalFilters` parameter can be configured only by using the AWS CLI or an AWS SDK. It can't be configured from the Patch Manager console, and its value isn't displayed in the console.", - "title": "GlobalFilters" - }, - "Name": { - "markdownDescription": "The name of the patch baseline.", - "title": "Name", - "type": "string" - }, - "OperatingSystem": { - "markdownDescription": "Defines the operating system the patch baseline applies to. The default value is `WINDOWS` .", - "title": "OperatingSystem", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume to access model artifacts and docker image for deployment on ML compute instances or for batch transform jobs. Deploying on ML compute instances is part of model hosting. For more information, see [SageMaker Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker, the caller of this API must have the `iam:PassRole` permission.", + "title": "ExecutionRoleArn", "type": "string" }, - "PatchGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The name of the patch group to be registered with the patch baseline.", - "title": "PatchGroups", - "type": "array" - }, - "RejectedPatches": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of explicitly rejected patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [Package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", - "title": "RejectedPatches", - "type": "array" + "InferenceExecutionConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.InferenceExecutionConfig", + "markdownDescription": "Specifies details of how containers in a multi-container endpoint are called.", + "title": "InferenceExecutionConfig" }, - "RejectedPatchesAction": { - "markdownDescription": "The action for Patch Manager to take on patches included in the `RejectedPackages` list.\n\n- **ALLOW_AS_DEPENDENCY** - *Linux and macOS* : A package in the rejected patches list is installed only if it is a dependency of another package. It is considered compliant with the patch baseline, and its status is reported as `INSTALLED_OTHER` . This is the default action if no option is specified.\n\n*Windows Server* : Windows Server doesn't support the concept of package dependencies. If a package in the rejected patches list and already installed on the node, its status is reported as `INSTALLED_OTHER` . Any package not already installed on the node is skipped. This is the default action if no option is specified.\n- **BLOCK** - *All OSs* : Packages in the rejected patches list, and packages that include them as dependencies, aren't installed by Patch Manager under any circumstances. If a package was installed before it was added to the rejected patches list, or is installed outside of Patch Manager afterward, it's considered noncompliant with the patch baseline and its status is reported as `INSTALLED_REJECTED` .", - "title": "RejectedPatchesAction", + "ModelName": { + "markdownDescription": "The name of the new model.", + "title": "ModelName", "type": "string" }, - "Sources": { - "items": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchSource" - }, - "markdownDescription": "Information about the patches to use to update the managed nodes, including target operating systems and source repositories. Applies to Linux managed nodes only.", - "title": "Sources", - "type": "array" + "PrimaryContainer": { + "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition", + "markdownDescription": "The location of the primary docker image containing inference code, associated artifacts, and custom environment map that the inference code uses when the model is deployed for predictions.", + "title": "PrimaryContainer" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a patch baseline to identify the severity level of patches it specifies and the operating system family it applies to.", + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", "title": "Tags", "type": "array" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.VpcConfig", + "markdownDescription": "A [VpcConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_VpcConfig.html) object that specifies the VPC that you want your model to connect to. Control access to and from your model container by configuring the VPC. `VpcConfig` is used in hosting services and in batch transform. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Data in Batch Transform Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/batch-vpc.html) .", + "title": "VpcConfig" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::PatchBaseline" + "AWS::SageMaker::Model" ], "type": "string" }, @@ -242007,114 +294864,245 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SSM::PatchBaseline.PatchFilter": { + "AWS::SageMaker::Model.AdditionalModelDataSource": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key for the filter.\n\nFor information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", - "title": "Key", + "ChannelName": { "type": "string" }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The value for the filter key.\n\nFor information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", - "title": "Values", - "type": "array" + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource" } }, + "required": [ + "ChannelName", + "S3DataSource" + ], "type": "object" }, - "AWS::SSM::PatchBaseline.PatchFilterGroup": { + "AWS::SageMaker::Model.ContainerDefinition": { "additionalProperties": false, "properties": { - "PatchFilters": { - "items": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilter" - }, - "markdownDescription": "The set of patch filters that make up the group.", - "title": "PatchFilters", - "type": "array" + "ContainerHostname": { + "markdownDescription": "This parameter is ignored for models that contain only a `PrimaryContainer` .\n\nWhen a `ContainerDefinition` is part of an inference pipeline, the value of the parameter uniquely identifies the container for the purposes of logging and metrics. For information, see [Use Logs and Metrics to Monitor an Inference Pipeline](https://docs.aws.amazon.com/sagemaker/latest/dg/inference-pipeline-logs-metrics.html) . If you don't specify a value for this parameter for a `ContainerDefinition` that is part of an inference pipeline, a unique name is automatically assigned based on the position of the `ContainerDefinition` in the pipeline. If you specify a value for the `ContainerHostName` for any `ContainerDefinition` that is part of an inference pipeline, you must specify a value for the `ContainerHostName` parameter of every `ContainerDefinition` in that pipeline.", + "title": "ContainerHostname", + "type": "string" + }, + "Environment": { + "markdownDescription": "The environment variables to set in the Docker container. Don't include any sensitive data in your environment variables.\n\nThe maximum length of each key and value in the `Environment` map is 1024 bytes. The maximum length of all keys and values in the map, combined, is 32 KB. If you pass multiple containers to a `CreateModel` request, then the maximum length of all of their maps, combined, is also 32 KB.", + "title": "Environment", + "type": "object" + }, + "Image": { + "markdownDescription": "The path where inference code is stored. This can be either in Amazon EC2 Container Registry or in a Docker registry that is accessible from the same VPC that you configure for your endpoint. If you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", + "title": "Image", + "type": "string" + }, + "ImageConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.ImageConfig", + "markdownDescription": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For information about storing containers in a private Docker registry, see [Use a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", + "title": "ImageConfig" + }, + "InferenceSpecificationName": { + "markdownDescription": "The inference specification name in the model package version.", + "title": "InferenceSpecificationName", + "type": "string" + }, + "Mode": { + "markdownDescription": "Whether the container hosts a single model or multiple models.", + "title": "Mode", + "type": "string" + }, + "ModelDataSource": { + "$ref": "#/definitions/AWS::SageMaker::Model.ModelDataSource", + "markdownDescription": "Specifies the location of ML model data to deploy.\n\n> Currently you cannot use `ModelDataSource` in conjunction with SageMaker batch transform, SageMaker serverless endpoints, SageMaker multi-model endpoints, and SageMaker Marketplace.", + "title": "ModelDataSource" + }, + "ModelDataUrl": { + "markdownDescription": "The S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). The S3 path is required for SageMaker built-in algorithms, but not if you use your own algorithms. For more information on built-in algorithms, see [Common Parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-algo-docker-registry-paths.html) .\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model or endpoint you are creating. \n\nIf you provide a value for this parameter, SageMaker uses AWS Security Token Service to download model artifacts from the S3 path you provide. AWS STS is activated in your AWS account by default. If you previously deactivated AWS STS for a region, you need to reactivate AWS STS for that region. For more information, see [Activating and Deactivating AWS STS in an AWS Region](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the *AWS Identity and Access Management User Guide* .\n\n> If you use a built-in algorithm to create a model, SageMaker requires that you provide a S3 path to the model artifacts in `ModelDataUrl` .", + "title": "ModelDataUrl", + "type": "string" + }, + "ModelPackageName": { + "markdownDescription": "The name or Amazon Resource Name (ARN) of the model package to use to create the model.", + "title": "ModelPackageName", + "type": "string" + }, + "MultiModelConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.MultiModelConfig", + "markdownDescription": "Specifies additional configuration for multi-model endpoints.", + "title": "MultiModelConfig" } }, "type": "object" }, - "AWS::SSM::PatchBaseline.PatchSource": { + "AWS::SageMaker::Model.HubAccessConfig": { "additionalProperties": false, "properties": { - "Configuration": { - "markdownDescription": "The value of the yum repo configuration. For example:\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\n> For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) .", - "title": "Configuration", + "HubContentArn": { + "markdownDescription": "The ARN of your private model hub content. This should be a `ModelReference` resource type that points to a SageMaker JumpStart public hub model.", + "title": "HubContentArn", "type": "string" - }, - "Name": { - "markdownDescription": "The name specified to identify the patch source.", - "title": "Name", + } + }, + "required": [ + "HubContentArn" + ], + "type": "object" + }, + "AWS::SageMaker::Model.ImageConfig": { + "additionalProperties": false, + "properties": { + "RepositoryAccessMode": { + "markdownDescription": "Set this to one of the following values:\n\n- `Platform` - The model image is hosted in Amazon ECR.\n- `Vpc` - The model image is hosted in a private Docker registry in your VPC.", + "title": "RepositoryAccessMode", "type": "string" }, - "Products": { - "items": { - "type": "string" - }, - "markdownDescription": "The specific operating system versions a patch repository applies to, such as \"Ubuntu16.04\", \"RedhatEnterpriseLinux7.2\" or \"Suse12.7\". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", - "title": "Products", - "type": "array" + "RepositoryAuthConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.RepositoryAuthConfig", + "markdownDescription": "(Optional) Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified `Vpc` as the value for the `RepositoryAccessMode` field, and the private Docker registry where the model image is hosted requires authentication.", + "title": "RepositoryAuthConfig" } }, + "required": [ + "RepositoryAccessMode" + ], "type": "object" }, - "AWS::SSM::PatchBaseline.Rule": { + "AWS::SageMaker::Model.InferenceExecutionConfig": { "additionalProperties": false, "properties": { - "ApproveAfterDays": { - "markdownDescription": "The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of `7` means that patches are approved seven days after they are released.\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveAfterDays` or `ApproveUntilDate` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", - "title": "ApproveAfterDays", - "type": "number" - }, - "ApproveUntilDate": { - "markdownDescription": "The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically.\n\nEnter dates in the format `YYYY-MM-DD` . For example, `2024-12-31` .\n\nThis parameter is marked as `Required: No` , but your request must include a value for either `ApproveUntilDate` or `ApproveAfterDays` .\n\nNot supported for Debian Server or Ubuntu Server.\n\n> Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* .", - "title": "ApproveUntilDate", + "Mode": { + "markdownDescription": "How containers in a multi-container are run. The following values are valid.\n\n- `Serial` - Containers run as a serial pipeline.\n- `Direct` - Only the individual container that you specify is run.", + "title": "Mode", "type": "string" - }, - "ComplianceLevel": { - "markdownDescription": "A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` .", - "title": "ComplianceLevel", + } + }, + "required": [ + "Mode" + ], + "type": "object" + }, + "AWS::SageMaker::Model.ModelAccessConfig": { + "additionalProperties": false, + "properties": { + "AcceptEula": { + "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "AcceptEula", + "type": "boolean" + } + }, + "required": [ + "AcceptEula" + ], + "type": "object" + }, + "AWS::SageMaker::Model.ModelDataSource": { + "additionalProperties": false, + "properties": { + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource", + "markdownDescription": "Specifies the S3 location of ML model data to deploy.", + "title": "S3DataSource" + } + }, + "required": [ + "S3DataSource" + ], + "type": "object" + }, + "AWS::SageMaker::Model.MultiModelConfig": { + "additionalProperties": false, + "properties": { + "ModelCacheSetting": { + "markdownDescription": "Whether to cache models for a multi-model endpoint. By default, multi-model endpoints cache models so that a model does not have to be loaded into memory each time it is invoked. Some use cases do not benefit from model caching. For example, if an endpoint hosts a large number of models that are each invoked infrequently, the endpoint might perform better if you disable model caching. To disable model caching, set the value of this parameter to Disabled.", + "title": "ModelCacheSetting", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::Model.RepositoryAuthConfig": { + "additionalProperties": false, + "properties": { + "RepositoryCredentialsProviderArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the *AWS Lambda Developer Guide* .", + "title": "RepositoryCredentialsProviderArn", + "type": "string" + } + }, + "required": [ + "RepositoryCredentialsProviderArn" + ], + "type": "object" + }, + "AWS::SageMaker::Model.S3DataSource": { + "additionalProperties": false, + "properties": { + "CompressionType": { + "markdownDescription": "", + "title": "CompressionType", "type": "string" }, - "EnableNonSecurity": { - "markdownDescription": "For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is `false` . Applies to Linux managed nodes only.", - "title": "EnableNonSecurity", - "type": "boolean" + "HubAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.HubAccessConfig", + "markdownDescription": "The configuration for a private hub model reference that points to a SageMaker JumpStart public hub model.", + "title": "HubAccessConfig" }, - "PatchFilterGroup": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", - "markdownDescription": "The patch filter group that defines the criteria for the rule.", - "title": "PatchFilterGroup" + "ModelAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::Model.ModelAccessConfig", + "markdownDescription": "", + "title": "ModelAccessConfig" + }, + "S3DataType": { + "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", + "title": "S3DataType", + "type": "string" + }, + "S3Uri": { + "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", + "title": "S3Uri", + "type": "string" } }, + "required": [ + "CompressionType", + "S3DataType", + "S3Uri" + ], "type": "object" }, - "AWS::SSM::PatchBaseline.RuleGroup": { + "AWS::SageMaker::Model.VpcConfig": { "additionalProperties": false, "properties": { - "PatchRules": { + "SecurityGroupIds": { "items": { - "$ref": "#/definitions/AWS::SSM::PatchBaseline.Rule" + "type": "string" }, - "markdownDescription": "The rules that make up the rule group.", - "title": "PatchRules", + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", "type": "array" } }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], "type": "object" }, - "AWS::SSM::ResourceDataSync": { + "AWS::SageMaker::ModelBiasJobDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -242149,60 +295137,77 @@ "Properties": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", - "title": "BucketName", + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "An Amazon S3 prefix for the bucket.", - "title": "BucketPrefix", + "JobDefinitionName": { + "markdownDescription": "The name of the bias job definition. The name must be unique within an AWS Region in the AWS account.", + "title": "JobDefinitionName", "type": "string" }, - "BucketRegion": { - "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", - "title": "BucketRegion", - "type": "string" + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" }, - "KMSKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key for a destination in Amazon S3 . You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same AWS Region as the destination Amazon S3 bucket.", - "title": "KMSKeyArn", - "type": "string" + "ModelBiasAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification", + "markdownDescription": "Configures the model bias job to run a specified Docker container image.", + "title": "ModelBiasAppSpecification" }, - "S3Destination": { - "$ref": "#/definitions/AWS::SSM::ResourceDataSync.S3Destination", - "markdownDescription": "Configuration information for the target S3 bucket.", - "title": "S3Destination" + "ModelBiasBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig", + "markdownDescription": "The baseline configuration for a model bias job.", + "title": "ModelBiasBaselineConfig" }, - "SyncFormat": { - "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", - "title": "SyncFormat", - "type": "string" + "ModelBiasJobInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput", + "markdownDescription": "Inputs for the model bias job.", + "title": "ModelBiasJobInput" }, - "SyncName": { - "markdownDescription": "A name for the resource data sync.", - "title": "SyncName", - "type": "string" + "ModelBiasJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "ModelBiasJobOutputConfig" }, - "SyncSource": { - "$ref": "#/definitions/AWS::SSM::ResourceDataSync.SyncSource", - "markdownDescription": "Information about the source where the data was synchronized.", - "title": "SyncSource" + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig", + "markdownDescription": "Networking options for a model bias job.", + "title": "NetworkConfig" }, - "SyncType": { - "markdownDescription": "The type of resource data sync. If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions .", - "title": "SyncType", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" } }, "required": [ - "SyncName" + "JobResources", + "ModelBiasAppSpecification", + "ModelBiasJobInput", + "ModelBiasJobOutputConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::ResourceDataSync" + "AWS::SageMaker::ModelBiasJobDefinition" ], "type": "string" }, @@ -242221,98 +295226,439 @@ ], "type": "object" }, - "AWS::SSM::ResourceDataSync.AwsOrganizationsSource": { + "AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { - "OrganizationSourceType": { - "markdownDescription": "If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` . For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization.", - "title": "OrganizationSourceType", + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", "type": "string" }, - "OrganizationalUnits": { - "items": { - "type": "string" + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" + }, + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", + "type": "string" + }, + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", + "type": "number" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + }, + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", + "type": "string" + } + }, + "required": [ + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig": { + "additionalProperties": false, + "properties": { + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" + } + }, + "required": [ + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.Csv": { + "additionalProperties": false, + "properties": { + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" + }, + "Json": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Json", + "markdownDescription": "", + "title": "Json" + }, + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.EndpointInput": { + "additionalProperties": false, + "properties": { + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", + "type": "string" + }, + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", + "type": "string" + }, + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", + "type": "number" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" + }, + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", + "type": "string" + } + }, + "required": [ + "EndpointName", + "LocalPath" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.Json": { + "additionalProperties": false, + "properties": { + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification": { + "additionalProperties": false, + "properties": { + "ConfigUri": { + "markdownDescription": "JSON formatted S3 file that defines bias parameters. For more information on this JSON configuration file, see [Configure bias parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-bias-parameters.html) .", + "title": "ConfigUri", + "type": "string" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the Docker container.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "The AWS Organizations organization units included in the sync.", - "title": "OrganizationalUnits", - "type": "array" + "title": "Environment", + "type": "object" + }, + "ImageUri": { + "markdownDescription": "The container image to be run by the model bias job.", + "title": "ImageUri", + "type": "string" } }, "required": [ - "OrganizationSourceType" + "ConfigUri", + "ImageUri" ], "type": "object" }, - "AWS::SSM::ResourceDataSync.S3Destination": { + "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", - "title": "BucketName", + "BaseliningJobName": { + "markdownDescription": "The name of the baseline model bias job.", + "title": "BaseliningJobName", "type": "string" }, - "BucketPrefix": { - "markdownDescription": "An Amazon S3 prefix for the bucket.", - "title": "BucketPrefix", + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a monitoring job.", + "title": "ConstraintsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" + }, + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" + }, + "GroundTruthS3Input": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input", + "markdownDescription": "Location of ground truth labels to use in model bias job.", + "title": "GroundTruthS3Input" + } + }, + "required": [ + "GroundTruthS3Input" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input": { + "additionalProperties": false, + "properties": { + "S3Uri": { + "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", + "title": "S3Uri", + "type": "string" + } + }, + "required": [ + "S3Uri" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput": { + "additionalProperties": false, + "properties": { + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" + } + }, + "required": [ + "S3Output" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", "type": "string" }, - "BucketRegion": { - "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", - "title": "BucketRegion", + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" + } + }, + "required": [ + "MonitoringOutputs" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources": { + "additionalProperties": false, + "properties": { + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" + } + }, + "required": [ + "ClusterConfig" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig": { + "additionalProperties": false, + "properties": { + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" + }, + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.S3Output": { + "additionalProperties": false, + "properties": { + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. `LocalPath` is an absolute path for the output data.", + "title": "LocalPath", "type": "string" }, - "KMSKeyArn": { - "markdownDescription": "The ARN of an encryption key for a destination in Amazon S3. Must belong to the same Region as the destination S3 bucket.", - "title": "KMSKeyArn", + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", "type": "string" }, - "SyncFormat": { - "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", - "title": "SyncFormat", + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", "type": "string" } }, "required": [ - "BucketName", - "BucketRegion", - "SyncFormat" + "LocalPath", + "S3Uri" ], "type": "object" }, - "AWS::SSM::ResourceDataSync.SyncSource": { + "AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition": { "additionalProperties": false, "properties": { - "AwsOrganizationsSource": { - "$ref": "#/definitions/AWS::SSM::ResourceDataSync.AwsOrganizationsSource", - "markdownDescription": "Information about the AwsOrganizationsSource resource data sync source. A sync source of this type can synchronize data from AWS Organizations .", - "title": "AwsOrganizationsSource" - }, - "IncludeFutureRegions": { - "markdownDescription": "Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online.", - "title": "IncludeFutureRegions", - "type": "boolean" - }, - "SourceRegions": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" + } + }, + "required": [ + "MaxRuntimeInSeconds" + ], + "type": "object" + }, + "AWS::SageMaker::ModelBiasJobDefinition.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "The `SyncSource` AWS Regions included in the resource data sync.", - "title": "SourceRegions", + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", "type": "array" }, - "SourceType": { - "markdownDescription": "The type of data source for the resource data sync. `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` .", - "title": "SourceType", - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" } }, "required": [ - "SourceRegions", - "SourceType" + "SecurityGroupIds", + "Subnets" ], "type": "object" }, - "AWS::SSM::ResourcePolicy": { + "AWS::SageMaker::ModelCard": { "additionalProperties": false, "properties": { "Condition": { @@ -242347,26 +295693,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "A policy you want to associate with a resource.", - "title": "Policy", - "type": "object" + "Content": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.Content", + "markdownDescription": "The content of the model card. Content uses the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", + "title": "Content" }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to which you want to attach a policy.", - "title": "ResourceArn", + "CreatedBy": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", + "markdownDescription": "Information about the user who created or modified one or more of the following:\n\n- Experiment\n- Trial\n- Trial component\n- Lineage group\n- Project\n- Model Card", + "title": "CreatedBy" + }, + "LastModifiedBy": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", + "markdownDescription": "", + "title": "LastModifiedBy" + }, + "ModelCardName": { + "markdownDescription": "The unique name of the model card.", + "title": "ModelCardName", + "type": "string" + }, + "ModelCardStatus": { + "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", + "title": "ModelCardStatus", "type": "string" + }, + "SecurityConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.SecurityConfig", + "markdownDescription": "The security configuration used to protect model card data.", + "title": "SecurityConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs used to manage metadata for the model card.", + "title": "Tags", + "type": "array" } }, "required": [ - "Policy", - "ResourceArn" + "Content", + "ModelCardName", + "ModelCardStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSM::ResourcePolicy" + "AWS::SageMaker::ModelCard" ], "type": "string" }, @@ -242385,778 +295760,662 @@ ], "type": "object" }, - "AWS::SSMContacts::Contact": { + "AWS::SageMaker::ModelCard.AdditionalInformation": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CaveatsAndRecommendations": { + "markdownDescription": "Caveats and recommendations for those who might use this model in their applications.", + "title": "CaveatsAndRecommendations", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Alias": { - "markdownDescription": "The unique and identifiable alias of the contact or escalation plan.", - "title": "Alias", - "type": "string" - }, - "DisplayName": { - "markdownDescription": "The full name of the contact or escalation plan.", - "title": "DisplayName", - "type": "string" - }, - "Plan": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.Stage" - }, - "markdownDescription": "A list of stages. A contact has an engagement plan with stages that contact specified contact channels. An escalation plan uses stages that contact specified contacts.", - "title": "Plan", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of contact.\n\n- `PERSONAL` : A single, individual contact.\n- `ESCALATION` : An escalation plan.\n- `ONCALL_SCHEDULE` : An on-call schedule.", - "title": "Type", + "CustomDetails": { + "additionalProperties": true, + "markdownDescription": "Any additional information to document about the model.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "Alias", - "DisplayName", - "Type" - ], + "title": "CustomDetails", "type": "object" }, - "Type": { - "enum": [ - "AWS::SSMContacts::Contact" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EthicalConsiderations": { + "markdownDescription": "Any ethical considerations documented by the model card author.", + "title": "EthicalConsiderations", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSMContacts::Contact.ChannelTargetInfo": { + "AWS::SageMaker::ModelCard.BusinessDetails": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", - "title": "ChannelId", + "BusinessProblem": { + "markdownDescription": "The specific business problem that the model is trying to solve.", + "title": "BusinessProblem", "type": "string" }, - "RetryIntervalInMinutes": { - "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", - "title": "RetryIntervalInMinutes", - "type": "number" + "BusinessStakeholders": { + "markdownDescription": "The relevant stakeholders for the model.", + "title": "BusinessStakeholders", + "type": "string" + }, + "LineOfBusiness": { + "markdownDescription": "The broader business need that the model is serving.", + "title": "LineOfBusiness", + "type": "string" } }, - "required": [ - "ChannelId", - "RetryIntervalInMinutes" - ], "type": "object" }, - "AWS::SSMContacts::Contact.ContactTargetInfo": { + "AWS::SageMaker::ModelCard.Container": { "additionalProperties": false, "properties": { - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", - "title": "ContactId", + "Image": { + "markdownDescription": "", + "title": "Image", "type": "string" }, - "IsEssential": { - "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", - "title": "IsEssential", - "type": "boolean" + "ModelDataUrl": { + "markdownDescription": "", + "title": "ModelDataUrl", + "type": "string" + }, + "NearestModelName": { + "markdownDescription": "", + "title": "NearestModelName", + "type": "string" } }, "required": [ - "ContactId", - "IsEssential" + "Image" ], "type": "object" }, - "AWS::SSMContacts::Contact.Stage": { + "AWS::SageMaker::ModelCard.Content": { "additionalProperties": false, "properties": { - "DurationInMinutes": { - "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", - "title": "DurationInMinutes", - "type": "number" + "AdditionalInformation": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.AdditionalInformation", + "markdownDescription": "Additional information about the model.", + "title": "AdditionalInformation" }, - "RotationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", - "title": "RotationIds", - "type": "array" + "BusinessDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.BusinessDetails", + "markdownDescription": "Information about how the model supports business goals.", + "title": "BusinessDetails" }, - "Targets": { + "EvaluationDetails": { "items": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.Targets" + "$ref": "#/definitions/AWS::SageMaker::ModelCard.EvaluationDetail" }, - "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", - "title": "Targets", + "markdownDescription": "An overview about the model's evaluation.", + "title": "EvaluationDetails", "type": "array" - } - }, - "type": "object" - }, - "AWS::SSMContacts::Contact.Targets": { - "additionalProperties": false, - "properties": { - "ChannelTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.ChannelTargetInfo", - "markdownDescription": "Information about the contact channel that Incident Manager engages.", - "title": "ChannelTargetInfo" }, - "ContactTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Contact.ContactTargetInfo", - "markdownDescription": "The contact that Incident Manager is engaging during an incident.", - "title": "ContactTargetInfo" + "IntendedUses": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.IntendedUses", + "markdownDescription": "The intended usage of the model.", + "title": "IntendedUses" + }, + "ModelOverview": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelOverview", + "markdownDescription": "An overview about the model", + "title": "ModelOverview" + }, + "ModelPackageDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageDetails", + "markdownDescription": "", + "title": "ModelPackageDetails" + }, + "TrainingDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingDetails", + "markdownDescription": "An overview about model training.", + "title": "TrainingDetails" } }, "type": "object" }, - "AWS::SSMContacts::ContactChannel": { + "AWS::SageMaker::ModelCard.EvaluationDetail": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Datasets": { + "items": { + "type": "string" + }, + "markdownDescription": "The location of the datasets used to evaluate the model.", + "title": "Datasets", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "EvaluationJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the evaluation job.", + "title": "EvaluationJobArn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EvaluationObservation": { + "markdownDescription": "Any observations made during the model evaluation.", + "title": "EvaluationObservation", + "type": "string" }, "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ChannelAddress": { - "markdownDescription": "The details that Incident Manager uses when trying to engage the contact channel.", - "title": "ChannelAddress", - "type": "string" - }, - "ChannelName": { - "markdownDescription": "The name of the contact channel.", - "title": "ChannelName", - "type": "string" - }, - "ChannelType": { - "markdownDescription": "The type of the contact channel. Incident Manager supports three contact methods:\n\n- SMS\n- VOICE\n- EMAIL", - "title": "ChannelType", - "type": "string" - }, - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact you are adding the contact channel to.", - "title": "ContactId", + "additionalProperties": true, + "markdownDescription": "Additional attributes associated with the evaluation results.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "DeferActivation": { - "markdownDescription": "If you want to activate the channel at a later time, you can choose to defer activation. Incident Manager can't engage your contact channel until it has been activated.", - "title": "DeferActivation", - "type": "boolean" } }, - "required": [ - "ChannelAddress", - "ChannelName", - "ChannelType", - "ContactId" - ], + "title": "Metadata", "type": "object" }, - "Type": { - "enum": [ - "AWS::SSMContacts::ContactChannel" - ], - "type": "string" + "MetricGroups": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricGroup" + }, + "markdownDescription": "An evaluation Metric Group object.", + "title": "MetricGroups", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The evaluation job name.", + "title": "Name", "type": "string" } }, "required": [ - "Type", - "Properties" + "Name" ], "type": "object" }, - "AWS::SSMContacts::Plan": { + "AWS::SageMaker::ModelCard.Function": { "additionalProperties": false, "properties": { "Condition": { + "markdownDescription": "An optional description of any conditions of your objective function metric.", + "title": "Condition", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Facet": { + "markdownDescription": "The metric of the model's objective function. For example, *loss* or *rmse* . The following list shows examples of the values that you can specify for the metric:\n\n- `ACCURACY`\n- `AUC`\n- `LOSS`\n- `MAE`\n- `RMSE`", + "title": "Facet", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Function": { + "markdownDescription": "The optimization direction of the model's objective function. You must specify one of the following values:\n\n- `Maximize`\n- `Minimize`", + "title": "Function", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.InferenceEnvironment": { + "additionalProperties": false, + "properties": { + "ContainerImage": { + "items": { + "type": "string" + }, + "markdownDescription": "The container used to run the inference environment.", + "title": "ContainerImage", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.InferenceSpecification": { + "additionalProperties": false, + "properties": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.Container" + }, + "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", + "title": "Containers", + "type": "array" + } + }, + "required": [ + "Containers" + ], + "type": "object" + }, + "AWS::SageMaker::ModelCard.IntendedUses": { + "additionalProperties": false, + "properties": { + "ExplanationsForRiskRating": { + "markdownDescription": "An explanation of why your organization categorizes the model with its risk rating.", + "title": "ExplanationsForRiskRating", + "type": "string" }, - "Metadata": { - "type": "object" + "FactorsAffectingModelEfficiency": { + "markdownDescription": "Factors affecting model efficacy.", + "title": "FactorsAffectingModelEfficiency", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", - "title": "ContactId", - "type": "string" - }, - "RotationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", - "title": "RotationIds", - "type": "array" - }, - "Stages": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.Stage" - }, - "markdownDescription": "A list of stages that the escalation plan or engagement plan uses to engage contacts and contact methods.", - "title": "Stages", - "type": "array" - } - }, - "required": [ - "ContactId" - ], - "type": "object" + "IntendedUses": { + "markdownDescription": "The intended use cases for the model.", + "title": "IntendedUses", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SSMContacts::Plan" - ], + "PurposeOfModel": { + "markdownDescription": "The general purpose of the model.", + "title": "PurposeOfModel", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "RiskRating": { + "markdownDescription": "Your organization's risk rating. You can specify one the following values as the risk rating:\n\n- High\n- Medium\n- Low\n- Unknown", + "title": "RiskRating", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSMContacts::Plan.ChannelTargetInfo": { + "AWS::SageMaker::ModelCard.MetricDataItems": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", - "title": "ChannelId", + "Name": { "type": "string" }, - "RetryIntervalInMinutes": { - "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", - "title": "RetryIntervalInMinutes", - "type": "number" + "Notes": { + "type": "string" + }, + "Type": { + "type": "string" + }, + "Value": { + "type": "object" + }, + "XAxisName": { + "items": { + "type": "string" + }, + "type": "array" + }, + "YAxisName": { + "items": { + "type": "string" + }, + "type": "array" } }, "required": [ - "ChannelId", - "RetryIntervalInMinutes" + "Name", + "Type", + "Value" ], "type": "object" }, - "AWS::SSMContacts::Plan.ContactTargetInfo": { + "AWS::SageMaker::ModelCard.MetricGroup": { "additionalProperties": false, "properties": { - "ContactId": { - "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", - "title": "ContactId", - "type": "string" + "MetricData": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricDataItems" + }, + "markdownDescription": "A list of metric objects. The `MetricDataItems` list can have one of the following values:\n\n- `bar_chart_metric`\n- `matrix_metric`\n- `simple_metric`\n- `linear_graph_metric`\n\nFor more information about the metric schema, see the definition section of the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", + "title": "MetricData", + "type": "array" }, - "IsEssential": { - "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", - "title": "IsEssential", - "type": "boolean" + "Name": { + "markdownDescription": "The metric group name.", + "title": "Name", + "type": "string" } }, "required": [ - "ContactId", - "IsEssential" + "MetricData", + "Name" ], "type": "object" }, - "AWS::SSMContacts::Plan.Stage": { + "AWS::SageMaker::ModelCard.ModelOverview": { "additionalProperties": false, "properties": { - "DurationInMinutes": { - "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", - "title": "DurationInMinutes", - "type": "number" + "AlgorithmType": { + "markdownDescription": "The algorithm used to solve the problem.", + "title": "AlgorithmType", + "type": "string" }, - "Targets": { + "InferenceEnvironment": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceEnvironment", + "markdownDescription": "An overview about model inference.", + "title": "InferenceEnvironment" + }, + "ModelArtifact": { "items": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.Targets" + "type": "string" }, - "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", - "title": "Targets", + "markdownDescription": "The location of the model artifact.", + "title": "ModelArtifact", "type": "array" + }, + "ModelCreator": { + "markdownDescription": "The creator of the model.", + "title": "ModelCreator", + "type": "string" + }, + "ModelDescription": { + "markdownDescription": "A description of the model.", + "title": "ModelDescription", + "type": "string" + }, + "ModelId": { + "markdownDescription": "The SageMaker AI Model ARN or non- SageMaker AI Model ID.", + "title": "ModelId", + "type": "string" + }, + "ModelName": { + "markdownDescription": "The name of the model.", + "title": "ModelName", + "type": "string" + }, + "ModelOwner": { + "markdownDescription": "The owner of the model.", + "title": "ModelOwner", + "type": "string" + }, + "ModelVersion": { + "markdownDescription": "The version of the model.", + "title": "ModelVersion", + "type": "number" + }, + "ProblemType": { + "markdownDescription": "The problem being solved with the model.", + "title": "ProblemType", + "type": "string" } }, - "required": [ - "DurationInMinutes" - ], "type": "object" }, - "AWS::SSMContacts::Plan.Targets": { + "AWS::SageMaker::ModelCard.ModelPackageCreator": { "additionalProperties": false, "properties": { - "ChannelTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.ChannelTargetInfo", - "markdownDescription": "Information about the contact channel that Incident Manager engages.", - "title": "ChannelTargetInfo" - }, - "ContactTargetInfo": { - "$ref": "#/definitions/AWS::SSMContacts::Plan.ContactTargetInfo", - "markdownDescription": "Information about the contact that Incident Manager engages.", - "title": "ContactTargetInfo" + "UserProfileName": { + "markdownDescription": "", + "title": "UserProfileName", + "type": "string" } }, "type": "object" }, - "AWS::SSMContacts::Rotation": { + "AWS::SageMaker::ModelCard.ModelPackageDetails": { "additionalProperties": false, "properties": { - "Condition": { + "ApprovalDescription": { + "markdownDescription": "", + "title": "ApprovalDescription", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "CreatedBy": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageCreator", + "markdownDescription": "", + "title": "CreatedBy" + }, + "Domain": { + "markdownDescription": "", + "title": "Domain", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "InferenceSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceSpecification", + "markdownDescription": "", + "title": "InferenceSpecification" }, - "Metadata": { - "type": "object" + "ModelApprovalStatus": { + "markdownDescription": "", + "title": "ModelApprovalStatus", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ContactIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Names (ARNs) of the contacts to add to the rotation.\n\n> Only the `PERSONAL` contact type is supported. The contact types `ESCALATION` and `ONCALL_SCHEDULE` are not supported for this operation. \n\nThe order in which you list the contacts is their shift order in the rotation schedule.", - "title": "ContactIds", - "type": "array" - }, - "Name": { - "markdownDescription": "The name for the rotation.", - "title": "Name", - "type": "string" - }, - "Recurrence": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.RecurrenceSettings", - "markdownDescription": "Information about the rule that specifies when shift team members rotate.", - "title": "Recurrence" - }, - "StartTime": { - "markdownDescription": "The date and time the rotation goes into effect.", - "title": "StartTime", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Optional metadata to assign to the rotation. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For more information, see [Tagging Incident Manager resources](https://docs.aws.amazon.com/incident-manager/latest/userguide/tagging.html) in the *Incident Manager User Guide* .", - "title": "Tags", - "type": "array" - }, - "TimeZoneId": { - "markdownDescription": "The time zone to base the rotation\u2019s activity on, in Internet Assigned Numbers Authority (IANA) format. For example: \"America/Los_Angeles\", \"UTC\", or \"Asia/Seoul\". For more information, see the [Time Zone Database](https://docs.aws.amazon.com/https://www.iana.org/time-zones) on the IANA website.\n\n> Designators for time zones that don\u2019t support Daylight Savings Time rules, such as Pacific Standard Time (PST), are not supported.", - "title": "TimeZoneId", - "type": "string" - } - }, - "required": [ - "ContactIds", - "Name", - "Recurrence", - "StartTime", - "TimeZoneId" - ], - "type": "object" + "ModelPackageArn": { + "markdownDescription": "", + "title": "ModelPackageArn", + "type": "string" }, - "Type": { - "enum": [ - "AWS::SSMContacts::Rotation" - ], + "ModelPackageDescription": { + "markdownDescription": "", + "title": "ModelPackageDescription", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ModelPackageGroupName": { + "markdownDescription": "", + "title": "ModelPackageGroupName", + "type": "string" + }, + "ModelPackageName": { + "markdownDescription": "", + "title": "ModelPackageName", + "type": "string" + }, + "ModelPackageStatus": { + "markdownDescription": "", + "title": "ModelPackageStatus", + "type": "string" + }, + "ModelPackageVersion": { + "markdownDescription": "", + "title": "ModelPackageVersion", + "type": "number" + }, + "SourceAlgorithms": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.SourceAlgorithm" + }, + "markdownDescription": "", + "title": "SourceAlgorithms", + "type": "array" + }, + "Task": { + "markdownDescription": "", + "title": "Task", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSMContacts::Rotation.CoverageTime": { + "AWS::SageMaker::ModelCard.ObjectiveFunction": { "additionalProperties": false, "properties": { - "EndTime": { - "markdownDescription": "Information about when an on-call rotation shift ends.", - "title": "EndTime", - "type": "string" + "Function": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.Function", + "markdownDescription": "A function object that details optimization direction, metric, and additional descriptions.", + "title": "Function" }, - "StartTime": { - "markdownDescription": "Information about when an on-call rotation shift begins.", - "title": "StartTime", + "Notes": { + "markdownDescription": "Notes about the object function, including other considerations for possible objective functions.", + "title": "Notes", "type": "string" } }, - "required": [ - "EndTime", - "StartTime" - ], "type": "object" }, - "AWS::SSMContacts::Rotation.MonthlySetting": { + "AWS::SageMaker::ModelCard.SecurityConfig": { "additionalProperties": false, "properties": { - "DayOfMonth": { - "markdownDescription": "The day of the month when monthly recurring on-call rotations begin.", - "title": "DayOfMonth", - "type": "number" + "KmsKeyId": { + "markdownDescription": "A AWS Key Management Service [key ID](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id) used to encrypt a model card.", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelCard.SourceAlgorithm": { + "additionalProperties": false, + "properties": { + "AlgorithmName": { + "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", + "title": "AlgorithmName", + "type": "string" }, - "HandOffTime": { - "markdownDescription": "The time of day when a monthly recurring on-call shift rotation begins.", - "title": "HandOffTime", + "ModelDataUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", + "title": "ModelDataUrl", "type": "string" } }, "required": [ - "DayOfMonth", - "HandOffTime" + "AlgorithmName" ], "type": "object" }, - "AWS::SSMContacts::Rotation.RecurrenceSettings": { + "AWS::SageMaker::ModelCard.TrainingDetails": { "additionalProperties": false, "properties": { - "DailySettings": { - "items": { - "type": "string" - }, - "markdownDescription": "Information about on-call rotations that recur daily.", - "title": "DailySettings", - "type": "array" - }, - "MonthlySettings": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.MonthlySetting" - }, - "markdownDescription": "Information about on-call rotations that recur monthly.", - "title": "MonthlySettings", - "type": "array" - }, - "NumberOfOnCalls": { - "markdownDescription": "The number of contacts, or shift team members designated to be on call concurrently during a shift. For example, in an on-call schedule that contains ten contacts, a value of `2` designates that two of them are on call at any given time.", - "title": "NumberOfOnCalls", - "type": "number" - }, - "RecurrenceMultiplier": { - "markdownDescription": "The number of days, weeks, or months a single rotation lasts.", - "title": "RecurrenceMultiplier", - "type": "number" + "ObjectiveFunction": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.ObjectiveFunction", + "markdownDescription": "The function that is optimized during model training.", + "title": "ObjectiveFunction" }, - "ShiftCoverages": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.ShiftCoverage" - }, - "markdownDescription": "Information about the days of the week included in on-call rotation coverage.", - "title": "ShiftCoverages", - "type": "array" + "TrainingJobDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingJobDetails", + "markdownDescription": "Details about any associated training jobs.", + "title": "TrainingJobDetails" }, - "WeeklySettings": { - "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.WeeklySetting" - }, - "markdownDescription": "Information about on-call rotations that recur weekly.", - "title": "WeeklySettings", - "type": "array" + "TrainingObservations": { + "markdownDescription": "Any observations about training.", + "title": "TrainingObservations", + "type": "string" } }, - "required": [ - "NumberOfOnCalls", - "RecurrenceMultiplier" - ], "type": "object" }, - "AWS::SSMContacts::Rotation.ShiftCoverage": { + "AWS::SageMaker::ModelCard.TrainingEnvironment": { "additionalProperties": false, "properties": { - "CoverageTimes": { + "ContainerImage": { "items": { - "$ref": "#/definitions/AWS::SSMContacts::Rotation.CoverageTime" + "type": "string" }, - "markdownDescription": "The start and end times of the shift.", - "title": "CoverageTimes", + "markdownDescription": "SageMaker AI inference image URI.", + "title": "ContainerImage", "type": "array" - }, - "DayOfWeek": { - "markdownDescription": "A list of days on which the schedule is active.", - "title": "DayOfWeek", - "type": "string" } }, - "required": [ - "CoverageTimes", - "DayOfWeek" - ], "type": "object" }, - "AWS::SSMContacts::Rotation.WeeklySetting": { + "AWS::SageMaker::ModelCard.TrainingHyperParameter": { "additionalProperties": false, "properties": { - "DayOfWeek": { - "markdownDescription": "The day of the week when weekly recurring on-call shift rotations begins.", - "title": "DayOfWeek", + "Name": { + "markdownDescription": "The name of the hyper parameter.", + "title": "Name", "type": "string" }, - "HandOffTime": { - "markdownDescription": "The time of day when a weekly recurring on-call shift rotation begins.", - "title": "HandOffTime", + "Value": { + "markdownDescription": "The value specified for the hyper parameter.", + "title": "Value", "type": "string" } }, "required": [ - "DayOfWeek", - "HandOffTime" + "Name", + "Value" ], "type": "object" }, - "AWS::SSMIncidents::ReplicationSet": { + "AWS::SageMaker::ModelCard.TrainingJobDetails": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeletionProtected": { - "markdownDescription": "Determines if the replication set deletion protection is enabled or not. If deletion protection is enabled, you can't delete the last Region in the replication set.", - "title": "DeletionProtected", - "type": "boolean" - }, - "Regions": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.ReplicationRegion" - }, - "markdownDescription": "Specifies the Regions of the replication set.", - "title": "Regions", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to add to the replication set.", - "title": "Tags", - "type": "array" - } + "HyperParameters": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" }, - "required": [ - "Regions" - ], - "type": "object" + "markdownDescription": "The hyper parameters used in the training job.", + "title": "HyperParameters", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SSMIncidents::ReplicationSet" - ], + "TrainingArn": { + "markdownDescription": "The SageMaker AI training job Amazon Resource Name (ARN)", + "title": "TrainingArn", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TrainingDatasets": { + "items": { + "type": "string" + }, + "markdownDescription": "The location of the datasets used to train the model.", + "title": "TrainingDatasets", + "type": "array" + }, + "TrainingEnvironment": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingEnvironment", + "markdownDescription": "The SageMaker AI training job image URI.", + "title": "TrainingEnvironment" + }, + "TrainingMetrics": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" + }, + "markdownDescription": "The SageMaker AI training job results.", + "title": "TrainingMetrics", + "type": "array" + }, + "UserProvidedHyperParameters": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" + }, + "markdownDescription": "Additional hyper parameters that you've specified when training the model.", + "title": "UserProvidedHyperParameters", + "type": "array" + }, + "UserProvidedTrainingMetrics": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" + }, + "markdownDescription": "Custom training job results.", + "title": "UserProvidedTrainingMetrics", + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSMIncidents::ReplicationSet.RegionConfiguration": { + "AWS::SageMaker::ModelCard.TrainingMetric": { "additionalProperties": false, "properties": { - "SseKmsKeyId": { - "markdownDescription": "The AWS Key Management Service key ID to use to encrypt your replication set.", - "title": "SseKmsKeyId", + "Name": { + "markdownDescription": "The name of the result from the SageMaker AI training job.", + "title": "Name", + "type": "string" + }, + "Notes": { + "markdownDescription": "Any additional notes describing the result of the training job.", + "title": "Notes", "type": "string" + }, + "Value": { + "markdownDescription": "The value of a result from the SageMaker AI training job.", + "title": "Value", + "type": "number" } }, "required": [ - "SseKmsKeyId" + "Name", + "Value" ], "type": "object" }, - "AWS::SSMIncidents::ReplicationSet.ReplicationRegion": { + "AWS::SageMaker::ModelCard.UserContext": { "additionalProperties": false, "properties": { - "RegionConfiguration": { - "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.RegionConfiguration", - "markdownDescription": "Specifies the Region configuration.", - "title": "RegionConfiguration" + "DomainId": { + "markdownDescription": "The domain associated with the user.", + "title": "DomainId", + "type": "string" }, - "RegionName": { - "markdownDescription": "Specifies the region name to add to the replication set.", - "title": "RegionName", + "UserProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the user's profile.", + "title": "UserProfileArn", + "type": "string" + }, + "UserProfileName": { + "markdownDescription": "The name of the user's profile.", + "title": "UserProfileName", "type": "string" } }, "type": "object" }, - "AWS::SSMIncidents::ResponsePlan": { + "AWS::SageMaker::ModelExplainabilityJobDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -243191,50 +296450,56 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Action" - }, - "markdownDescription": "The actions that the response plan starts at the beginning of an incident.", - "title": "Actions", - "type": "array" - }, - "ChatChannel": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.ChatChannel", - "markdownDescription": "The chat channel used for collaboration during an incident.", - "title": "ChatChannel" + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", + "type": "string" }, - "DisplayName": { - "markdownDescription": "The human readable name of the response plan.", - "title": "DisplayName", + "JobDefinitionName": { + "markdownDescription": "The name of the model explainability job definition. The name must be unique within an AWS Region in the AWS account.", + "title": "JobDefinitionName", "type": "string" }, - "Engagements": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) for the contacts and escalation plans that the response plan engages during an incident.", - "title": "Engagements", - "type": "array" + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" }, - "IncidentTemplate": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.IncidentTemplate", - "markdownDescription": "Details used to create an incident when using this response plan.", - "title": "IncidentTemplate" + "ModelExplainabilityAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification", + "markdownDescription": "Configures the model explainability job to run a specified Docker container image.", + "title": "ModelExplainabilityAppSpecification" }, - "Integrations": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Integration" - }, - "markdownDescription": "Information about third-party services integrated into the response plan.", - "title": "Integrations", - "type": "array" + "ModelExplainabilityBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig", + "markdownDescription": "The baseline configuration for a model explainability job.", + "title": "ModelExplainabilityBaselineConfig" }, - "Name": { - "markdownDescription": "The name of the response plan.", - "title": "Name", + "ModelExplainabilityJobInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput", + "markdownDescription": "Inputs for the model explainability job.", + "title": "ModelExplainabilityJobInput" + }, + "ModelExplainabilityJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "ModelExplainabilityJobOutputConfig" + }, + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig", + "markdownDescription": "Networking options for a model explainability job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", "type": "string" }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -243245,14 +296510,17 @@ } }, "required": [ - "IncidentTemplate", - "Name" + "JobResources", + "ModelExplainabilityAppSpecification", + "ModelExplainabilityJobInput", + "ModelExplainabilityJobOutputConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SSMIncidents::ResponsePlan" + "AWS::SageMaker::ModelExplainabilityJobDefinition" ], "type": "string" }, @@ -243271,452 +296539,387 @@ ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.Action": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { - "SsmAutomation": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmAutomation", - "markdownDescription": "Details about the Systems Manager automation document that will be used as a runbook during an incident.", - "title": "SsmAutomation" + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", + "type": "string" + }, + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" + }, + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" + }, + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", + "type": "string" + }, + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" } }, + "required": [ + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" + ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.ChatChannel": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig": { "additionalProperties": false, "properties": { - "ChatbotSns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon SNS targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics", - "title": "ChatbotSns", - "type": "array" + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" } }, + "required": [ + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" + ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key parameter to use when running the Systems Manager Automation runbook.", - "title": "Key", + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue", - "markdownDescription": "The dynamic parameter value.", - "title": "Value" } }, - "required": [ - "Key", - "Value" - ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.Csv": { "additionalProperties": false, "properties": { - "Variable": { - "markdownDescription": "Variable dynamic parameters. A parameter value is determined when an incident is created.", - "title": "Variable", - "type": "string" + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" } }, "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.IncidentTemplate": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat": { "additionalProperties": false, "properties": { - "DedupeString": { - "markdownDescription": "Used to create only one incident record for an incident.", - "title": "DedupeString", + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" + }, + "Json": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Json", + "markdownDescription": "", + "title": "Json" + }, + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput": { + "additionalProperties": false, + "properties": { + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", "type": "string" }, - "Impact": { - "markdownDescription": "Defines the impact to the customers. Providing an impact overwrites the impact provided by a response plan.\n\n**Possible impacts:** - `1` - Critical impact, this typically relates to full application failure that impacts many to all customers.\n- `2` - High impact, partial application failure with impact to many customers.\n- `3` - Medium impact, the application is providing reduced service to customers.\n- `4` - Low impact, customer might aren't impacted by the problem yet.\n- `5` - No impact, customers aren't currently impacted but urgent action is needed to avoid impact.", - "title": "Impact", - "type": "number" + "FeaturesAttribute": { + "markdownDescription": "The attributes of the input data that are the input features.", + "title": "FeaturesAttribute", + "type": "string" }, - "IncidentTags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags to assign to the template. When the `StartIncident` API action is called, Incident Manager assigns the tags specified in the template to the incident.", - "title": "IncidentTags", - "type": "array" + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", + "type": "string" }, - "NotificationTargets": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.NotificationTargetItem" - }, - "markdownDescription": "The Amazon Simple Notification Service ( Amazon SNS ) targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel using the Amazon SNS topics.", - "title": "NotificationTargets", - "type": "array" + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", + "type": "string" }, - "Summary": { - "markdownDescription": "The summary describes what has happened during the incident.", - "title": "Summary", + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", "type": "string" }, - "Title": { - "markdownDescription": "The title of the incident is a brief and easily recognizable.", - "title": "Title", + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" + }, + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" } }, "required": [ - "Impact", - "Title" + "EndpointName", + "LocalPath" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.Integration": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.Json": { "additionalProperties": false, "properties": { - "PagerDutyConfiguration": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration", - "markdownDescription": "Information about the PagerDuty service where the response plan creates an incident.", - "title": "PagerDutyConfiguration" + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" } }, - "required": [ - "PagerDutyConfiguration" - ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.NotificationTargetItem": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification": { "additionalProperties": false, "properties": { - "SnsTopicArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic.", - "title": "SnsTopicArn", + "ConfigUri": { + "markdownDescription": "JSON formatted Amazon S3 file that defines explainability parameters. For more information on this JSON configuration file, see [Configure model explainability parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-model-explainability-parameters.html) .", + "title": "ConfigUri", + "type": "string" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the Docker container.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "ImageUri": { + "markdownDescription": "The container image to be run by the model explainability job.", + "title": "ImageUri", "type": "string" } }, + "required": [ + "ConfigUri", + "ImageUri" + ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the PagerDuty configuration.", - "title": "Name", + "BaseliningJobName": { + "markdownDescription": "The name of the baseline model explainability job.", + "title": "BaseliningJobName", "type": "string" }, - "PagerDutyIncidentConfiguration": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration", - "markdownDescription": "Details about the PagerDuty service associated with the configuration.", - "title": "PagerDutyIncidentConfiguration" + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a model explainability job.", + "title": "ConstraintsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" }, - "SecretId": { - "markdownDescription": "The ID of the AWS Secrets Manager secret that stores your PagerDuty key, either a General Access REST API Key or User Token REST API Key, and other user credentials.", - "title": "SecretId", - "type": "string" + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" } }, - "required": [ - "Name", - "PagerDutyIncidentConfiguration", - "SecretId" - ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput": { "additionalProperties": false, "properties": { - "ServiceId": { - "markdownDescription": "The ID of the PagerDuty service that the response plan associates with an incident when it launches.", - "title": "ServiceId", - "type": "string" + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" } }, "required": [ - "ServiceId" + "S3Output" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.SsmAutomation": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig": { "additionalProperties": false, "properties": { - "DocumentName": { - "markdownDescription": "The automation document's name.", - "title": "DocumentName", - "type": "string" - }, - "DocumentVersion": { - "markdownDescription": "The version of the runbook to use when running.", - "title": "DocumentVersion", + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", "type": "string" }, - "DynamicParameters": { - "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter" - }, - "markdownDescription": "The key-value pairs to resolve dynamic parameter values when processing a Systems Manager Automation runbook.", - "title": "DynamicParameters", - "type": "array" - }, - "Parameters": { + "MonitoringOutputs": { "items": { - "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmParameter" + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput" }, - "markdownDescription": "The key-value pair parameters to use when running the runbook.", - "title": "Parameters", + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", "type": "array" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the role that the automation document will assume when running commands.", - "title": "RoleArn", - "type": "string" - }, - "TargetAccount": { - "markdownDescription": "The account that the automation document will be run in. This can be in either the management account or an application account.", - "title": "TargetAccount", - "type": "string" } }, "required": [ - "DocumentName", - "RoleArn" + "MonitoringOutputs" ], "type": "object" }, - "AWS::SSMIncidents::ResponsePlan.SsmParameter": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key parameter to use when running the Automation runbook.", - "title": "Key", - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "markdownDescription": "The value parameter to use when running the Automation runbook.", - "title": "Values", - "type": "array" + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" } }, "required": [ - "Key", - "Values" + "ClusterConfig" ], "type": "object" }, - "AWS::SSO::Assignment": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "InstanceArn", - "type": "string" - }, - "PermissionSetArn": { - "markdownDescription": "The ARN of the permission set.", - "title": "PermissionSetArn", - "type": "string" - }, - "PrincipalId": { - "markdownDescription": "An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the [IAM Identity Center Identity Store API Reference](https://docs.aws.amazon.com//singlesignon/latest/IdentityStoreAPIReference/welcome.html) .", - "title": "PrincipalId", - "type": "string" - }, - "PrincipalType": { - "markdownDescription": "The entity type for which the assignment will be created.", - "title": "PrincipalType", - "type": "string" - }, - "TargetId": { - "markdownDescription": "TargetID is an AWS account identifier, (For example, 123456789012).", - "title": "TargetId", - "type": "string" - }, - "TargetType": { - "markdownDescription": "The entity type for which the assignment will be created.", - "title": "TargetType", - "type": "string" - } - }, - "required": [ - "InstanceArn", - "PermissionSetArn", - "PrincipalId", - "PrincipalType", - "TargetId", - "TargetType" - ], - "type": "object" + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" }, - "Type": { - "enum": [ - "AWS::SSO::Assignment" - ], - "type": "string" + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SSO::InstanceAccessControlAttributeConfiguration": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AccessControlAttributes": { - "items": { - "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute" - }, - "markdownDescription": "Lists the attributes that are configured for ABAC in the specified IAM Identity Center instance.", - "title": "AccessControlAttributes", - "type": "array" - }, - "InstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed.", - "title": "InstanceArn", - "type": "string" - } - }, - "required": [ - "InstanceArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSO::InstanceAccessControlAttributeConfiguration" - ], + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", "type": "string" } }, "required": [ - "Type", - "Properties" + "LocalPath", + "S3Uri" ], "type": "object" }, - "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center .", - "title": "Key", - "type": "string" - }, - "Value": { - "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue", - "markdownDescription": "The value used for mapping a specified attribute to an identity source.", - "title": "Value" + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", + "type": "number" } }, "required": [ - "Key", - "Value" + "MaxRuntimeInSeconds" ], "type": "object" }, - "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue": { + "AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig": { "additionalProperties": false, "properties": { - "Source": { + "SecurityGroupIds": { "items": { "type": "string" }, - "markdownDescription": "The identity source to use when mapping a specified attribute to IAM Identity Center .", - "title": "Source", + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", "type": "array" } }, "required": [ - "Source" + "SecurityGroupIds", + "Subnets" ], "type": "object" }, - "AWS::SSO::PermissionSet": { + "AWS::SageMaker::ModelPackage": { "additionalProperties": false, "properties": { "Condition": { @@ -243751,319 +296954,162 @@ "Properties": { "additionalProperties": false, "properties": { - "CustomerManagedPolicyReferences": { + "AdditionalInferenceSpecifications": { "items": { - "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference" + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" }, - "markdownDescription": "Specifies the names and paths of the customer managed policies that you have attached to your permission set.", - "title": "CustomerManagedPolicyReferences", + "markdownDescription": "An array of additional Inference Specification objects.", + "title": "AdditionalInferenceSpecifications", "type": "array" }, - "Description": { - "markdownDescription": "The description of the `PermissionSet` .", - "title": "Description", - "type": "string" - }, - "InlinePolicy": { - "markdownDescription": "The inline policy that is attached to the permission set.\n\n> For `Length Constraints` , if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.", - "title": "InlinePolicy", - "type": "object" - }, - "InstanceArn": { - "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", - "title": "InstanceArn", - "type": "string" - }, - "ManagedPolicies": { + "AdditionalInferenceSpecificationsToAdd": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" }, - "markdownDescription": "A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.", - "title": "ManagedPolicies", + "markdownDescription": "An array of additional Inference Specification objects to be added to the existing array. The total number of additional Inference Specification objects cannot exceed 15. Each additional Inference Specification object specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts.", + "title": "AdditionalInferenceSpecificationsToAdd", "type": "array" }, - "Name": { - "markdownDescription": "The name of the permission set.", - "title": "Name", - "type": "string" - }, - "PermissionsBoundary": { - "$ref": "#/definitions/AWS::SSO::PermissionSet.PermissionsBoundary", - "markdownDescription": "Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\n> Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* .", - "title": "PermissionsBoundary" - }, - "RelayStateType": { - "markdownDescription": "Used to redirect users within the application during the federation authentication process.", - "title": "RelayStateType", + "ApprovalDescription": { + "markdownDescription": "A description provided when the model approval is set.", + "title": "ApprovalDescription", "type": "string" }, - "SessionDuration": { - "markdownDescription": "The length of time that the application user sessions are valid for in the ISO-8601 standard.", - "title": "SessionDuration", - "type": "string" + "CertifyForMarketplace": { + "markdownDescription": "Whether the model package is to be certified to be listed on AWS Marketplace. For information about listing model packages on AWS Marketplace, see [List Your Algorithm or Model Package on AWS Marketplace](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-mkt-list.html) .", + "title": "CertifyForMarketplace", + "type": "boolean" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to attach to the new `PermissionSet` .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "InstanceArn", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SSO::PermissionSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SSO::PermissionSet.CustomerManagedPolicyReference": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the IAM policy that you have configured in each account where you want to deploy your permission set.", - "title": "Name", - "type": "string" - }, - "Path": { - "markdownDescription": "The path to the IAM policy that you have configured in each account where you want to deploy your permission set. The default is `/` . For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", - "title": "Path", - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::SSO::PermissionSet.PermissionsBoundary": { - "additionalProperties": false, - "properties": { - "CustomerManagedPolicyReference": { - "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference", - "markdownDescription": "Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.", - "title": "CustomerManagedPolicyReference" - }, - "ManagedPolicyArn": { - "markdownDescription": "The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.", - "title": "ManagedPolicyArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::App": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "ClientToken": { + "markdownDescription": "A unique token that guarantees that the call to this API is idempotent.", + "title": "ClientToken", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" + "CustomerMetadataProperties": { + "additionalProperties": true, + "markdownDescription": "The metadata properties for the model package.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppName": { - "markdownDescription": "The name of the app.", - "title": "AppName", - "type": "string" - }, - "AppType": { - "markdownDescription": "The type of app.", - "title": "AppType", - "type": "string" + "title": "CustomerMetadataProperties", + "type": "object" }, - "DomainId": { - "markdownDescription": "The domain ID.", - "title": "DomainId", + "Domain": { + "markdownDescription": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing.", + "title": "Domain", "type": "string" }, - "ResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::App.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "ResourceSpec" + "DriftCheckBaselines": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBaselines", + "markdownDescription": "Represents the drift check baselines that can be used when the model monitor is set using the model package.", + "title": "DriftCheckBaselines" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" + "InferenceSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.InferenceSpecification", + "markdownDescription": "Defines how to perform inference generation after a training job is run.", + "title": "InferenceSpecification" }, - "UserProfileName": { - "markdownDescription": "The user profile name.", - "title": "UserProfileName", - "type": "string" - } - }, - "required": [ - "AppName", - "AppType", - "DomainId", - "UserProfileName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::App" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SageMaker::App.ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", - "type": "string" - }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", - "type": "string" - }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::AppImageConfig": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "LastModifiedTime": { + "markdownDescription": "The last time the model package was modified.", + "title": "LastModifiedTime", "type": "string" }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig. Must be unique to your account.", - "title": "AppImageConfigName", + "MetadataProperties": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetadataProperties", + "markdownDescription": "Metadata properties of the tracking entity, trial, or trial component.", + "title": "MetadataProperties" + }, + "ModelApprovalStatus": { + "markdownDescription": "The approval status of the model. This can be one of the following values.\n\n- `APPROVED` - The model is approved\n- `REJECTED` - The model is rejected.\n- `PENDING_MANUAL_APPROVAL` - The model is waiting for manual approval.", + "title": "ModelApprovalStatus", "type": "string" }, - "CodeEditorAppImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig", - "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", - "title": "CodeEditorAppImageConfig" + "ModelCard": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelCard", + "markdownDescription": "An Amazon SageMaker Model Card.", + "title": "ModelCard" }, - "JupyterLabAppImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig", - "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", - "title": "JupyterLabAppImageConfig" + "ModelMetrics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelMetrics", + "markdownDescription": "Metrics for the model.", + "title": "ModelMetrics" }, - "KernelGatewayImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig", - "markdownDescription": "The configuration for the file system and kernels in the SageMaker AI image.", - "title": "KernelGatewayImageConfig" + "ModelPackageDescription": { + "markdownDescription": "The description of the model package.", + "title": "ModelPackageDescription", + "type": "string" + }, + "ModelPackageGroupName": { + "markdownDescription": "The model group to which the model belongs.", + "title": "ModelPackageGroupName", + "type": "string" + }, + "ModelPackageName": { + "markdownDescription": "The name of the model package. The name can be as follows:\n\n- For a versioned model, the name is automatically generated by SageMaker Model Registry and follows the format ' `ModelPackageGroupName/ModelPackageVersion` '.\n- For an unversioned model, you must provide the name.", + "title": "ModelPackageName", + "type": "string" + }, + "ModelPackageStatusDetails": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusDetails", + "markdownDescription": "Specifies the validation and image scan statuses of the model package.", + "title": "ModelPackageStatusDetails" + }, + "ModelPackageVersion": { + "markdownDescription": "The version number of a versioned model.", + "title": "ModelPackageVersion", + "type": "number" + }, + "SamplePayloadUrl": { + "markdownDescription": "The Amazon Simple Storage Service path where the sample payload are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", + "title": "SamplePayloadUrl", + "type": "string" + }, + "SecurityConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SecurityConfig", + "markdownDescription": "", + "title": "SecurityConfig" + }, + "SkipModelValidation": { + "markdownDescription": "Indicates if you want to skip model validation.", + "title": "SkipModelValidation", + "type": "string" + }, + "SourceAlgorithmSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification", + "markdownDescription": "A list of algorithms that were used to create a model package.", + "title": "SourceAlgorithmSpecification" + }, + "SourceUri": { + "markdownDescription": "The URI of the source for the model package.", + "title": "SourceUri", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of the tags associated with the model package. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", "title": "Tags", "type": "array" + }, + "Task": { + "markdownDescription": "The machine learning task your model package accomplishes. Common machine learning tasks include object detection and image classification.", + "title": "Task", + "type": "string" + }, + "ValidationSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationSpecification", + "markdownDescription": "Specifies batch transform jobs that SageMaker runs to validate your model package.", + "title": "ValidationSpecification" } }, - "required": [ - "AppImageConfigName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::AppImageConfig" + "AWS::SageMaker::ModelPackage" ], "type": "string" }, @@ -244077,489 +297123,449 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig": { - "additionalProperties": false, - "properties": { - "ContainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", - "markdownDescription": "", - "title": "ContainerConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::AppImageConfig.ContainerConfig": { + "AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition": { "additionalProperties": false, "properties": { - "ContainerArguments": { + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" + }, + "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", + "title": "Containers", + "type": "array" + }, + "Description": { + "markdownDescription": "A description of the additional Inference specification", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "A unique name to identify the additional inference specification. The name must be unique within the list of your additional inference specifications for a particular model package.", + "title": "Name", + "type": "string" + }, + "SupportedContentTypes": { "items": { "type": "string" }, - "markdownDescription": "The arguments for the container when you're running the application.", - "title": "ContainerArguments", + "markdownDescription": "The supported MIME types for the input data.", + "title": "SupportedContentTypes", "type": "array" }, - "ContainerEntrypoint": { + "SupportedRealtimeInferenceInstanceTypes": { "items": { "type": "string" }, - "markdownDescription": "The entrypoint used to run the application in the container.", - "title": "ContainerEntrypoint", + "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.", + "title": "SupportedRealtimeInferenceInstanceTypes", "type": "array" }, - "ContainerEnvironmentVariables": { + "SupportedResponseMIMETypes": { "items": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable" + "type": "string" }, - "markdownDescription": "The environment variables to set in the container", - "title": "ContainerEnvironmentVariables", + "markdownDescription": "The supported MIME types for the output data.", + "title": "SupportedResponseMIMETypes", + "type": "array" + }, + "SupportedTransformInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.", + "title": "SupportedTransformInstanceTypes", "type": "array" } }, + "required": [ + "Containers", + "Name" + ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable": { + "AWS::SageMaker::ModelPackage.Bias": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The key that identifies a container environment variable.", - "title": "Key", - "type": "string" + "PostTrainingReport": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The post-training bias report for a model.", + "title": "PostTrainingReport" }, - "Value": { - "markdownDescription": "The value of the container environment variable.", - "title": "Value", - "type": "string" + "PreTrainingReport": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The pre-training bias report for a model.", + "title": "PreTrainingReport" + }, + "Report": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The bias report for a model", + "title": "Report" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.DataSource": { + "additionalProperties": false, + "properties": { + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3DataSource", + "markdownDescription": "The S3 location of the data source that is associated with a channel.", + "title": "S3DataSource" } }, "required": [ - "Key", - "Value" + "S3DataSource" ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.FileSystemConfig": { + "AWS::SageMaker::ModelPackage.DriftCheckBaselines": { "additionalProperties": false, "properties": { - "DefaultGid": { - "markdownDescription": "The default POSIX group ID (GID). If not specified, defaults to `100` .", - "title": "DefaultGid", - "type": "number" + "Bias": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBias", + "markdownDescription": "Represents the drift check bias baselines that can be used when the model monitor is set using the model package.", + "title": "Bias" }, - "DefaultUid": { - "markdownDescription": "The default POSIX user ID (UID). If not specified, defaults to `1000` .", - "title": "DefaultUid", - "type": "number" + "Explainability": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckExplainability", + "markdownDescription": "Represents the drift check explainability baselines that can be used when the model monitor is set using the model package.", + "title": "Explainability" }, - "MountPath": { - "markdownDescription": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to */home/sagemaker-user* .", - "title": "MountPath", - "type": "string" + "ModelDataQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality", + "markdownDescription": "Represents the drift check model data quality baselines that can be used when the model monitor is set using the model package.", + "title": "ModelDataQuality" + }, + "ModelQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelQuality", + "markdownDescription": "Represents the drift check model quality baselines that can be used when the model monitor is set using the model package.", + "title": "ModelQuality" } }, "type": "object" }, - "AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig": { + "AWS::SageMaker::ModelPackage.DriftCheckBias": { "additionalProperties": false, "properties": { - "ContainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", - "markdownDescription": "The configuration used to run the application image container.", - "title": "ContainerConfig" + "ConfigFile": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", + "markdownDescription": "The bias config file for a model.", + "title": "ConfigFile" + }, + "PostTrainingConstraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The post-training constraints.", + "title": "PostTrainingConstraints" + }, + "PreTrainingConstraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The pre-training constraints.", + "title": "PreTrainingConstraints" } }, "type": "object" }, - "AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig": { + "AWS::SageMaker::ModelPackage.DriftCheckExplainability": { "additionalProperties": false, "properties": { - "FileSystemConfig": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.FileSystemConfig", - "markdownDescription": "The Amazon Elastic File System storage configuration for a SageMaker AI image.", - "title": "FileSystemConfig" + "ConfigFile": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", + "markdownDescription": "The explainability config file for the model.", + "title": "ConfigFile" }, - "KernelSpecs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelSpec" - }, - "markdownDescription": "The specification of the Jupyter kernels in the image.", - "title": "KernelSpecs", - "type": "array" + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check explainability constraints.", + "title": "Constraints" } }, - "required": [ - "KernelSpecs" - ], "type": "object" }, - "AWS::SageMaker::AppImageConfig.KernelSpec": { + "AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality": { "additionalProperties": false, "properties": { - "DisplayName": { - "markdownDescription": "The display name of the kernel.", - "title": "DisplayName", - "type": "string" + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model data quality constraints.", + "title": "Constraints" }, - "Name": { - "markdownDescription": "The name of the Jupyter kernel in the image. This value is case sensitive.", - "title": "Name", - "type": "string" + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model data quality statistics.", + "title": "Statistics" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::SageMaker::CodeRepository": { + "AWS::SageMaker::ModelPackage.DriftCheckModelQuality": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "CodeRepositoryName": { - "markdownDescription": "The name of the Git repository.", - "title": "CodeRepositoryName", - "type": "string" - }, - "GitConfig": { - "$ref": "#/definitions/AWS::SageMaker::CodeRepository.GitConfig", - "markdownDescription": "Configuration details for the Git repository, including the URL where it is located and the ARN of the AWS Secrets Manager secret that contains the credentials used to access the repository.", - "title": "GitConfig" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "List of tags for Code Repository.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "GitConfig" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::CodeRepository" - ], - "type": "string" + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model quality constraints.", + "title": "Constraints" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The drift check model quality statistics.", + "title": "Statistics" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::SageMaker::CodeRepository.GitConfig": { + "AWS::SageMaker::ModelPackage.Explainability": { "additionalProperties": false, "properties": { - "Branch": { - "markdownDescription": "The default branch for the Git repository.", - "title": "Branch", + "Report": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "The explainability report for a model.", + "title": "Report" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.FileSource": { + "additionalProperties": false, + "properties": { + "ContentDigest": { + "markdownDescription": "The digest of the file source.", + "title": "ContentDigest", "type": "string" }, - "RepositoryUrl": { - "markdownDescription": "The URL where the Git repository is located.", - "title": "RepositoryUrl", + "ContentType": { + "markdownDescription": "The type of content stored in the file source.", + "title": "ContentType", "type": "string" }, - "SecretArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the credentials used to access the git repository. The secret must have a staging label of `AWSCURRENT` and must be in the following format:\n\n`{\"username\": *UserName* , \"password\": *Password* }`", - "title": "SecretArn", + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the file source.", + "title": "S3Uri", "type": "string" } }, "required": [ - "RepositoryUrl" + "S3Uri" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition": { + "AWS::SageMaker::ModelPackage.InferenceSpecification": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Containers": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" + }, + "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", + "title": "Containers", + "type": "array" }, - "Metadata": { - "type": "object" + "SupportedContentTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported MIME types for the input data.", + "title": "SupportedContentTypes", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "DataQualityAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification", - "markdownDescription": "Specifies the container that runs the monitoring job.", - "title": "DataQualityAppSpecification" - }, - "DataQualityBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig", - "markdownDescription": "Configures the constraints and baselines for the monitoring job.", - "title": "DataQualityBaselineConfig" - }, - "DataQualityJobInput": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput", - "markdownDescription": "A list of inputs for the monitoring job. Currently endpoints are supported as monitoring inputs.", - "title": "DataQualityJobInput" - }, - "DataQualityJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "DataQualityJobOutputConfig" - }, - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", - "type": "string" - }, - "JobDefinitionName": { - "markdownDescription": "The name for the monitoring job definition.", - "title": "JobDefinitionName", - "type": "string" - }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.NetworkConfig", - "markdownDescription": "Specifies networking configuration for the monitoring job.", - "title": "NetworkConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", - "type": "string" - }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } + "SupportedRealtimeInferenceInstanceTypes": { + "items": { + "type": "string" }, - "required": [ - "DataQualityAppSpecification", - "DataQualityJobInput", - "DataQualityJobOutputConfig", - "JobResources", - "RoleArn" - ], - "type": "object" + "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.\n\nThis parameter is required for unversioned models, and optional for versioned models.", + "title": "SupportedRealtimeInferenceInstanceTypes", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SageMaker::DataQualityJobDefinition" - ], - "type": "string" + "SupportedResponseMIMETypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The supported MIME types for the output data.", + "title": "SupportedResponseMIMETypes", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SupportedTransformInstanceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.\n\nThis parameter is required for unversioned models, and optional for versioned models.", + "title": "SupportedTransformInstanceTypes", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Containers", + "SupportedContentTypes", + "SupportedResponseMIMETypes" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput": { + "AWS::SageMaker::ModelPackage.MetadataProperties": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", + "CommitId": { + "markdownDescription": "The commit ID.", + "title": "CommitId", "type": "string" }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" + "GeneratedBy": { + "markdownDescription": "The entity this entity was generated by.", + "title": "GeneratedBy", + "type": "string" }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", + "ProjectId": { + "markdownDescription": "The project ID.", + "title": "ProjectId", "type": "string" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", + "Repository": { + "markdownDescription": "The repository.", + "title": "Repository", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.MetricsSource": { + "additionalProperties": false, + "properties": { + "ContentDigest": { + "markdownDescription": "The hash key used for the metrics source.", + "title": "ContentDigest", "type": "string" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "ContentType": { + "markdownDescription": "The metric source content type.", + "title": "ContentType", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "S3Uri": { + "markdownDescription": "The S3 URI for the metrics source.", + "title": "S3Uri", "type": "string" } }, "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" + "ContentType", + "S3Uri" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.ClusterConfig": { + "AWS::SageMaker::ModelPackage.ModelAccessConfig": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", + "AcceptEula": { + "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "AcceptEula", + "type": "boolean" + } + }, + "required": [ + "AcceptEula" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelCard": { + "additionalProperties": false, + "properties": { + "ModelCardContent": { + "markdownDescription": "", + "title": "ModelCardContent", "type": "string" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", + "ModelCardStatus": { + "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", + "title": "ModelCardStatus", "type": "string" - }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" } }, "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" + "ModelCardContent", + "ModelCardStatus" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource": { + "AWS::SageMaker::ModelPackage.ModelDataQuality": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", - "type": "string" + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Data quality constraints for a model.", + "title": "Constraints" + }, + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Data quality statistics for a model.", + "title": "Statistics" } }, "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.Csv": { + "AWS::SageMaker::ModelPackage.ModelDataSource": { "additionalProperties": false, "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" + "S3DataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3ModelDataSource", + "markdownDescription": "Specifies the S3 location of ML model data to deploy.", + "title": "S3DataSource" } }, "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification": { + "AWS::SageMaker::ModelPackage.ModelInput": { "additionalProperties": false, "properties": { - "ContainerArguments": { - "items": { - "type": "string" - }, - "markdownDescription": "The arguments to send to the container that the monitoring job runs.", - "title": "ContainerArguments", - "type": "array" + "DataInputConfig": { + "markdownDescription": "The input configuration object for the model.", + "title": "DataInputConfig", + "type": "string" + } + }, + "required": [ + "DataInputConfig" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelMetrics": { + "additionalProperties": false, + "properties": { + "Bias": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Bias", + "markdownDescription": "Metrics that measure bias in a model.", + "title": "Bias" }, - "ContainerEntrypoint": { - "items": { - "type": "string" - }, - "markdownDescription": "The entrypoint for a container used to run a monitoring job.", - "title": "ContainerEntrypoint", - "type": "array" + "Explainability": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Explainability", + "markdownDescription": "Metrics that help explain a model.", + "title": "Explainability" + }, + "ModelDataQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataQuality", + "markdownDescription": "Metrics that measure the quality of the input data for a model.", + "title": "ModelDataQuality" + }, + "ModelQuality": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelQuality", + "markdownDescription": "Metrics that measure the quality of a model.", + "title": "ModelQuality" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition": { + "additionalProperties": false, + "properties": { + "ContainerHostname": { + "markdownDescription": "The DNS host name for the Docker container.", + "title": "ContainerHostname", + "type": "string" }, "Environment": { "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", + "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the `Environment` string to string map can have length of up to 1024. We support up to 16 entries in the map.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" @@ -244568,383 +297574,387 @@ "title": "Environment", "type": "object" }, - "ImageUri": { - "markdownDescription": "The container image that the data quality monitoring job runs.", - "title": "ImageUri", + "Framework": { + "markdownDescription": "The machine learning framework of the model package container image.", + "title": "Framework", "type": "string" }, - "PostAnalyticsProcessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", - "title": "PostAnalyticsProcessorSourceUri", + "FrameworkVersion": { + "markdownDescription": "The framework version of the Model Package Container Image.", + "title": "FrameworkVersion", "type": "string" }, - "RecordPreprocessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", - "title": "RecordPreprocessorSourceUri", + "Image": { + "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where inference code is stored.\n\nIf you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .", + "title": "Image", + "type": "string" + }, + "ImageDigest": { + "markdownDescription": "An MD5 hash of the training algorithm that identifies the Docker image used for training.", + "title": "ImageDigest", + "type": "string" + }, + "ModelDataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataSource", + "markdownDescription": "Specifies the location of ML model data to deploy during endpoint creation.", + "title": "ModelDataSource" + }, + "ModelDataUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model package.", + "title": "ModelDataUrl", + "type": "string" + }, + "ModelInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelInput", + "markdownDescription": "A structure with Model Input details.", + "title": "ModelInput" + }, + "NearestModelName": { + "markdownDescription": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. You can find a list of benchmarked models by calling `ListModelMetadata` .", + "title": "NearestModelName", "type": "string" } }, "required": [ - "ImageUri" + "Image" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig": { + "AWS::SageMaker::ModelPackage.ModelPackageStatusDetails": { "additionalProperties": false, "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the job that performs baselining for the data quality monitoring job.", - "title": "BaseliningJobName", + "ValidationStatuses": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusItem" + }, + "markdownDescription": "The validation status of the model package.", + "title": "ValidationStatuses", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelPackage.ModelPackageStatusItem": { + "additionalProperties": false, + "properties": { + "FailureReason": { + "markdownDescription": "if the overall status is `Failed` , the reason for the failure.", + "title": "FailureReason", "type": "string" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a monitoring job.", - "title": "ConstraintsResource" + "Name": { + "markdownDescription": "The name of the model package for which the overall status is being reported.", + "title": "Name", + "type": "string" }, - "StatisticsResource": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StatisticsResource", - "markdownDescription": "Configuration for monitoring constraints and monitoring statistics. These baseline resources are compared against the results of the current job from the series of jobs scheduled to collect data periodically.", - "title": "StatisticsResource" + "Status": { + "markdownDescription": "The current status.", + "title": "Status", + "type": "string" } }, + "required": [ + "Name", + "Status" + ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput": { + "AWS::SageMaker::ModelPackage.ModelQuality": { "additionalProperties": false, "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" + "Constraints": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Model quality constraints.", + "title": "Constraints" }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" + "Statistics": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", + "markdownDescription": "Model quality statistics.", + "title": "Statistics" } }, "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.DatasetFormat": { + "AWS::SageMaker::ModelPackage.S3DataSource": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" - }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Json", - "markdownDescription": "", - "title": "Json" + "S3DataType": { + "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", + "title": "S3DataType", + "type": "string" }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" + "S3Uri": { + "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", + "title": "S3Uri", + "type": "string" } }, + "required": [ + "S3DataType", + "S3Uri" + ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.EndpointInput": { + "AWS::SageMaker::ModelPackage.S3ModelDataSource": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" - }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", + "CompressionType": { + "markdownDescription": "Specifies how the ML model data is prepared.\n\nIf you choose `Gzip` and choose `S3Object` as the value of `S3DataType` , `S3Uri` identifies an object that is a gzip-compressed TAR archive. SageMaker will attempt to decompress and untar the object during model deployment.\n\nIf you choose `None` and chooose `S3Object` as the value of `S3DataType` , `S3Uri` identifies an object that represents an uncompressed ML model to deploy.\n\nIf you choose None and choose `S3Prefix` as the value of `S3DataType` , `S3Uri` identifies a key name prefix, under which all objects represents the uncompressed ML model to deploy.\n\nIf you choose None, then SageMaker will follow rules below when creating model data files under /opt/ml/model directory for use by your inference code:\n\n- If you choose `S3Object` as the value of `S3DataType` , then SageMaker will split the key of the S3 object referenced by `S3Uri` by slash (/), and use the last part as the filename of the file holding the content of the S3 object.\n- If you choose `S3Prefix` as the value of `S3DataType` , then for each S3 object under the key name pefix referenced by `S3Uri` , SageMaker will trim its key by the prefix, and use the remainder as the path (relative to `/opt/ml/model` ) of the file holding the content of the S3 object. SageMaker will split the remainder by slash (/), using intermediate parts as directory names and the last part as filename of the file holding the content of the S3 object.\n- Do not use any of the following as file names or directory names:\n\n- An empty or blank string\n- A string which contains null bytes\n- A string longer than 255 bytes\n- A single dot ( `.` )\n- A double dot ( `..` )\n- Ambiguous file names will result in model deployment failure. For example, if your uncompressed ML model consists of two S3 objects `s3://mybucket/model/weights` and `s3://mybucket/model/weights/part1` and you specify `s3://mybucket/model/` as the value of `S3Uri` and `S3Prefix` as the value of `S3DataType` , then it will result in name clash between `/opt/ml/model/weights` (a regular file) and `/opt/ml/model/weights/` (a directory).\n- Do not organize the model artifacts in [S3 console using folders](https://docs.aws.amazon.com//AmazonS3/latest/userguide/using-folders.html) . When you create a folder in S3 console, S3 creates a 0-byte object with a key set to the folder name you provide. They key of the 0-byte object ends with a slash (/) which violates SageMaker restrictions on model artifact file names, leading to model deployment failure.", + "title": "CompressionType", "type": "string" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" + "ModelAccessConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelAccessConfig", + "markdownDescription": "Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the `ModelAccessConfig` . You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", + "title": "ModelAccessConfig" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "S3DataType": { + "markdownDescription": "Specifies the type of ML model data to deploy.\n\nIf you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix as part of the ML model data to deploy. A valid key name prefix identified by `S3Uri` always ends with a forward slash (/).\n\nIf you choose `S3Object` , `S3Uri` identifies an object that is the ML model data to deploy.", + "title": "S3DataType", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "S3Uri": { + "markdownDescription": "Specifies the S3 path of ML model data to deploy.", + "title": "S3Uri", "type": "string" } }, "required": [ - "EndpointName", - "LocalPath" + "CompressionType", + "S3DataType", + "S3Uri" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.Json": { + "AWS::SageMaker::ModelPackage.SecurityConfig": { "additionalProperties": false, "properties": { - "Line": { + "KmsKeyId": { "markdownDescription": "", - "title": "Line", - "type": "boolean" + "title": "KmsKeyId", + "type": "string" } }, + "required": [ + "KmsKeyId" + ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput": { + "AWS::SageMaker::ModelPackage.SourceAlgorithm": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "AlgorithmName": { + "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", + "title": "AlgorithmName", + "type": "string" + }, + "ModelDataUrl": { + "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", + "title": "ModelDataUrl", + "type": "string" } }, "required": [ - "S3Output" + "AlgorithmName" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig": { + "AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", - "type": "string" - }, - "MonitoringOutputs": { + "SourceAlgorithms": { "items": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput" + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithm" }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", + "markdownDescription": "A list of the algorithms that were used to create a model package.", + "title": "SourceAlgorithms", "type": "array" } }, "required": [ - "MonitoringOutputs" + "SourceAlgorithms" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.MonitoringResources": { + "AWS::SageMaker::ModelPackage.TransformInput": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "CompressionType": { + "markdownDescription": "If your transform data is compressed, specify the compression type. Amazon SageMaker automatically decompresses the data for the transform job accordingly. The default value is `None` .", + "title": "CompressionType", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The multipurpose internet mail extension (MIME) type of the data. Amazon SageMaker uses the MIME type with each http call to transfer data to the transform job.", + "title": "ContentType", + "type": "string" + }, + "DataSource": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DataSource", + "markdownDescription": "Describes the location of the channel data, which is, the S3 location of the input data that the model can consume.", + "title": "DataSource" + }, + "SplitType": { + "markdownDescription": "The method to use to split the transform job's data files into smaller batches. Splitting is necessary when the total size of each object is too large to fit in a single request. You can also use data splitting to improve performance by processing multiple concurrent mini-batches. The default value for `SplitType` is `None` , which indicates that input data files are not split, and request payloads contain the entire contents of an input object. Set the value of this parameter to `Line` to split records on a newline character boundary. `SplitType` also supports a number of record-oriented binary data formats. Currently, the supported record formats are:\n\n- RecordIO\n- TFRecord\n\nWhen splitting is enabled, the size of a mini-batch depends on the values of the `BatchStrategy` and `MaxPayloadInMB` parameters. When the value of `BatchStrategy` is `MultiRecord` , Amazon SageMaker sends the maximum number of records in each request, up to the `MaxPayloadInMB` limit. If the value of `BatchStrategy` is `SingleRecord` , Amazon SageMaker sends individual records in each request.\n\n> Some data formats represent a record as a binary payload wrapped with extra padding bytes. When splitting is applied to a binary data format, padding is removed if the value of `BatchStrategy` is set to `SingleRecord` . Padding is not removed if the value of `BatchStrategy` is set to `MultiRecord` .\n> \n> For more information about `RecordIO` , see [Create a Dataset Using RecordIO](https://docs.aws.amazon.com/https://mxnet.apache.org/api/faq/recordio) in the MXNet documentation. For more information about `TFRecord` , see [Consuming TFRecord data](https://docs.aws.amazon.com/https://www.tensorflow.org/guide/data#consuming_tfrecord_data) in the TensorFlow documentation.", + "title": "SplitType", + "type": "string" + } + }, + "required": [ + "DataSource" + ], + "type": "object" + }, + "AWS::SageMaker::ModelPackage.TransformJobDefinition": { + "additionalProperties": false, + "properties": { + "BatchStrategy": { + "markdownDescription": "A string that determines the number of records included in a single mini-batch.\n\n`SingleRecord` means only one record is used per mini-batch. `MultiRecord` means a mini-batch is set to contain as many records that can fit within the `MaxPayloadInMB` limit.", + "title": "BatchStrategy", + "type": "string" + }, + "Environment": { + "additionalProperties": true, + "markdownDescription": "The environment variables to set in the Docker container. We support up to 16 key and values entries in the map.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" + }, + "MaxConcurrentTransforms": { + "markdownDescription": "The maximum number of parallel requests that can be sent to each instance in a transform job. The default value is 1.", + "title": "MaxConcurrentTransforms", + "type": "number" + }, + "MaxPayloadInMB": { + "markdownDescription": "The maximum payload size allowed, in MB. A payload is the data portion of a record (without metadata).", + "title": "MaxPayloadInMB", + "type": "number" + }, + "TransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformInput", + "markdownDescription": "A description of the input source and the way the transform job consumes it.", + "title": "TransformInput" + }, + "TransformOutput": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformOutput", + "markdownDescription": "Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the transform job.", + "title": "TransformOutput" + }, + "TransformResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformResources", + "markdownDescription": "Identifies the ML compute instances for the transform job.", + "title": "TransformResources" } }, "required": [ - "ClusterConfig" + "TransformInput", + "TransformOutput", + "TransformResources" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.NetworkConfig": { + "AWS::SageMaker::ModelPackage.TransformOutput": { "additionalProperties": false, "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" - }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "Accept": { + "markdownDescription": "The MIME type used to specify the output data. Amazon SageMaker uses the MIME type with each http call to transfer data from the transform job.", + "title": "Accept", + "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.S3Output": { - "additionalProperties": false, - "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", + "AssembleWith": { + "markdownDescription": "Defines how to assemble the results of the transform job as a single S3 object. Choose a format that is most convenient to you. To concatenate the results in binary format, specify `None` . To add a newline character at the end of every transformed record, specify `Line` .", + "title": "AssembleWith", "type": "string" }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. The `KmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nIf you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see [KMS-Managed Encryption Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Developer Guide.*\n\nThe KMS key policy must grant permission to the IAM role that you specify in your [CreateModel](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see [Using Key Policies in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyId", "type": "string" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", + "S3OutputPath": { + "markdownDescription": "The Amazon S3 path where you want Amazon SageMaker to store the results of the transform job. For example, `s3://bucket-name/key-name-prefix` .\n\nFor every S3 object used as input for the transform job, batch transform stores the transformed data with an . `out` suffix in a corresponding subfolder in the location in the output prefix. For example, for the input data stored at `s3://bucket-name/input-name-prefix/dataset01/data.csv` , batch transform stores the transformed data at `s3://bucket-name/output-name-prefix/input-name-prefix/data.csv.out` . Batch transform doesn't upload partially processed objects. For an input S3 object that contains multiple records, it creates an . `out` file only if the transform job succeeds on the entire file. When the input contains multiple S3 objects, the batch transform job processes the listed S3 objects and uploads only the output for successfully processed objects. If any object fails in the transform job batch transform marks the job as failed to prompt investigation.", + "title": "S3OutputPath", "type": "string" } }, "required": [ - "LocalPath", - "S3Uri" + "S3OutputPath" ], "type": "object" }, - "AWS::SageMaker::DataQualityJobDefinition.StatisticsResource": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the statistics resource.", - "title": "S3Uri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.StoppingCondition": { + "AWS::SageMaker::ModelPackage.TransformResources": { "additionalProperties": false, "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the transform job. The default value is `1` , and the maximum is `100` . For distributed transform jobs, specify a value greater than `1` .", + "title": "InstanceCount", "type": "number" - } - }, - "required": [ - "MaxRuntimeInSeconds" - ], - "type": "object" - }, - "AWS::SageMaker::DataQualityJobDefinition.VpcConfig": { - "additionalProperties": false, - "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "InstanceType": { + "markdownDescription": "The ML compute instance type for the transform job. If you are using built-in algorithms to transform moderately sized datasets, we recommend using ml.m4.xlarge or `ml.m5.large` instance types.", + "title": "InstanceType", + "type": "string" + }, + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt model data on the storage volume attached to the ML compute instance(s) that run the batch transform job.\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `VolumeKmsKeyId` when using an instance type with local storage.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) . \n\nThe `VolumeKmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`", + "title": "VolumeKmsKeyId", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "InstanceCount", + "InstanceType" ], "type": "object" }, - "AWS::SageMaker::Device": { + "AWS::SageMaker::ModelPackage.ValidationProfile": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Device": { - "$ref": "#/definitions/AWS::SageMaker::Device.Device", - "markdownDescription": "Edge device you want to create.", - "title": "Device" - }, - "DeviceFleetName": { - "markdownDescription": "The name of the fleet the device belongs to.", - "title": "DeviceFleetName", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your devices. Each tag consists of a key and a value, both of which you define.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "DeviceFleetName" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::Device" - ], + "ProfileName": { + "markdownDescription": "The name of the profile for the model package.", + "title": "ProfileName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "TransformJobDefinition": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformJobDefinition", + "markdownDescription": "The `TransformJobDefinition` object that describes the transform job used for the validation of the model package.", + "title": "TransformJobDefinition" } }, "required": [ - "Type", - "Properties" + "ProfileName", + "TransformJobDefinition" ], "type": "object" }, - "AWS::SageMaker::Device.Device": { + "AWS::SageMaker::ModelPackage.ValidationSpecification": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Description of the device.", - "title": "Description", - "type": "string" - }, - "DeviceName": { - "markdownDescription": "The name of the device.", - "title": "DeviceName", - "type": "string" + "ValidationProfiles": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationProfile" + }, + "markdownDescription": "An array of `ModelPackageValidationProfile` objects, each of which specifies a batch transform job that SageMaker runs to validate your model package.", + "title": "ValidationProfiles", + "type": "array" }, - "IotThingName": { - "markdownDescription": "AWS Internet of Things (IoT) object name.", - "title": "IotThingName", + "ValidationRole": { + "markdownDescription": "The IAM roles to be used for the validation of the model package.", + "title": "ValidationRole", "type": "string" } }, "required": [ - "DeviceName" + "ValidationProfiles", + "ValidationRole" ], "type": "object" }, - "AWS::SageMaker::DeviceFleet": { + "AWS::SageMaker::ModelPackageGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -244979,45 +297989,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description of the fleet.", - "title": "Description", + "ModelPackageGroupDescription": { + "markdownDescription": "The description for the model group.", + "title": "ModelPackageGroupDescription", "type": "string" }, - "DeviceFleetName": { - "markdownDescription": "Name of the device fleet.", - "title": "DeviceFleetName", + "ModelPackageGroupName": { + "markdownDescription": "The name of the model group.", + "title": "ModelPackageGroupName", "type": "string" }, - "OutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::DeviceFleet.EdgeOutputConfig", - "markdownDescription": "The output configuration for storing sample data collected by the fleet.", - "title": "OutputConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT).", - "title": "RoleArn", - "type": "string" + "ModelPackageGroupPolicy": { + "markdownDescription": "A resouce policy to control access to a model group. For information about resoure policies, see [Identity-based policies and resource-based policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html) in the *AWS Identity and Access Management User Guide.* .", + "title": "ModelPackageGroupPolicy", + "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your device fleets. Each tag consists of a key and a value, both of which you define.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "DeviceFleetName", - "OutputConfig", - "RoleArn" + "ModelPackageGroupName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::DeviceFleet" + "AWS::SageMaker::ModelPackageGroup" ], "type": "string" }, @@ -245036,26 +298039,7 @@ ], "type": "object" }, - "AWS::SageMaker::DeviceFleet.EdgeOutputConfig": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume after compilation job. If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account.", - "title": "KmsKeyId", - "type": "string" - }, - "S3OutputLocation": { - "markdownDescription": "The Amazon Simple Storage (S3) bucket URI.", - "title": "S3OutputLocation", - "type": "string" - } - }, - "required": [ - "S3OutputLocation" - ], - "type": "object" - }, - "AWS::SageMaker::Domain": { + "AWS::SageMaker::ModelQualityJobDefinition": { "additionalProperties": false, "properties": { "Condition": { @@ -245090,80 +298074,77 @@ "Properties": { "additionalProperties": false, "properties": { - "AppNetworkAccessType": { - "markdownDescription": "Specifies the VPC used for non-EFS traffic. The default value is `PublicInternetOnly` .\n\n- `PublicInternetOnly` - Non-EFS traffic is through a VPC managed by Amazon SageMaker AI , which allows direct internet access\n- `VpcOnly` - All Studio traffic is through the specified VPC and subnets\n\n*Valid Values* : `PublicInternetOnly | VpcOnly`", - "title": "AppNetworkAccessType", + "EndpointName": { + "markdownDescription": "", + "title": "EndpointName", "type": "string" }, - "AppSecurityGroupManagement": { - "markdownDescription": "The entity that creates and manages the required security groups for inter-app communication in `VpcOnly` mode. Required when `CreateDomain.AppNetworkAccessType` is `VpcOnly` and `DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn` is provided. If setting up the domain for use with RStudio, this value must be set to `Service` .\n\n*Allowed Values* : `Service` | `Customer`", - "title": "AppSecurityGroupManagement", + "JobDefinitionName": { + "markdownDescription": "The name of the monitoring job definition.", + "title": "JobDefinitionName", "type": "string" }, - "AuthMode": { - "markdownDescription": "The mode of authentication that members use to access the Domain.\n\n*Valid Values* : `SSO | IAM`", - "title": "AuthMode", - "type": "string" + "JobResources": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources", + "markdownDescription": "Identifies the resources to deploy for a monitoring job.", + "title": "JobResources" }, - "DefaultSpaceSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceSettings", - "markdownDescription": "The default settings for shared spaces that users create in the domain.\n\nSageMaker applies these settings only to shared spaces. It doesn't apply them to private spaces.", - "title": "DefaultSpaceSettings" + "ModelQualityAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification", + "markdownDescription": "Container image configuration object for the monitoring job.", + "title": "ModelQualityAppSpecification" }, - "DefaultUserSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.UserSettings", - "markdownDescription": "The default user settings.", - "title": "DefaultUserSettings" + "ModelQualityBaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig", + "markdownDescription": "Specifies the constraints and baselines for the monitoring job.", + "title": "ModelQualityBaselineConfig" }, - "DomainName": { - "markdownDescription": "The domain name.", - "title": "DomainName", - "type": "string" + "ModelQualityJobInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput", + "markdownDescription": "A list of the inputs that are monitored. Currently endpoints are supported.", + "title": "ModelQualityJobInput" }, - "DomainSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DomainSettings", - "markdownDescription": "A collection of settings that apply to the `SageMaker Domain` . These settings are specified through the `CreateDomain` API call.", - "title": "DomainSettings" + "ModelQualityJobOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig", + "markdownDescription": "The output configuration for monitoring jobs.", + "title": "ModelQualityJobOutputConfig" }, - "KmsKeyId": { - "markdownDescription": "SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default. For more control, specify a customer managed CMK.\n\n*Length Constraints* : Maximum length of 2048.\n\n*Pattern* : `.*`", - "title": "KmsKeyId", + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig", + "markdownDescription": "Specifies the network configuration for the monitoring job.", + "title": "NetworkConfig" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "title": "RoleArn", "type": "string" }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC subnets that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Array members* : Minimum number of 1 item. Maximum number of 16 items.\n\n*Pattern* : `[-0-9a-zA-Z]+`", - "title": "SubnetIds", - "type": "array" + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition", + "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", + "title": "StoppingCondition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Tags to associated with the Domain. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.\n\nTags that you specify for the Domain are also added to all apps that are launched in the Domain.\n\n*Array members* : Minimum number of 0 items. Maximum number of 50 items.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "VpcId": { - "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Pattern* : `[-0-9a-zA-Z]+`", - "title": "VpcId", - "type": "string" } }, "required": [ - "AuthMode", - "DefaultUserSettings", - "DomainName", - "SubnetIds", - "VpcId" + "JobResources", + "ModelQualityAppSpecification", + "ModelQualityJobInput", + "ModelQualityJobOutputConfig", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Domain" + "AWS::SageMaker::ModelQualityJobDefinition" ], "type": "string" }, @@ -245182,759 +298163,455 @@ ], "type": "object" }, - "AWS::SageMaker::Domain.CodeEditorAppSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", - "title": "CustomImages", - "type": "array" + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", + "type": "string" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", - "title": "DefaultResourceSpec" + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" }, - "LifecycleConfigArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", - "title": "LifecycleConfigArns", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.CodeRepository": { - "additionalProperties": false, - "properties": { - "RepositoryUrl": { - "markdownDescription": "The URL of the Git repository.", - "title": "RepositoryUrl", + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", "type": "string" - } - }, - "required": [ - "RepositoryUrl" - ], - "type": "object" - }, - "AWS::SageMaker::Domain.CustomFileSystemConfig": { - "additionalProperties": false, - "properties": { - "EFSFileSystemConfig": { - "$ref": "#/definitions/AWS::SageMaker::Domain.EFSFileSystemConfig", - "markdownDescription": "The settings for a custom Amazon EFS file system.", - "title": "EFSFileSystemConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.CustomImage": { - "additionalProperties": false, - "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig.", - "title": "AppImageConfigName", + }, + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", "type": "string" }, - "ImageName": { - "markdownDescription": "The name of the CustomImage. Must be unique to your account.", - "title": "ImageName", + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", "type": "string" }, - "ImageVersionNumber": { - "markdownDescription": "The version number of the CustomImage.", - "title": "ImageVersionNumber", - "type": "number" - } - }, - "required": [ - "AppImageConfigName", - "ImageName" - ], - "type": "object" - }, - "AWS::SageMaker::Domain.CustomPosixUserConfig": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID.", - "title": "Gid", - "type": "number" + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", + "type": "string" }, - "Uid": { - "markdownDescription": "The POSIX user ID.", - "title": "Uid", - "type": "number" - } - }, - "required": [ - "Gid", - "Uid" - ], - "type": "object" - }, - "AWS::SageMaker::Domain.DefaultEbsStorageSettings": { - "additionalProperties": false, - "properties": { - "DefaultEbsVolumeSizeInGb": { - "markdownDescription": "The default size of the EBS storage volume for a space.", - "title": "DefaultEbsVolumeSizeInGb", + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", "type": "number" }, - "MaximumEbsVolumeSizeInGb": { - "markdownDescription": "The maximum size of the EBS storage volume for a space.", - "title": "MaximumEbsVolumeSizeInGb", - "type": "number" - } - }, - "required": [ - "DefaultEbsVolumeSizeInGb", - "MaximumEbsVolumeSizeInGb" - ], - "type": "object" - }, - "AWS::SageMaker::Domain.DefaultSpaceSettings": { - "additionalProperties": false, - "properties": { - "ExecutionRole": { - "markdownDescription": "The ARN of the execution role for the space.", - "title": "ExecutionRole", + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", "type": "string" }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", - "markdownDescription": "The JupyterServer app settings.", - "title": "JupyterServerAppSettings" - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", - "markdownDescription": "The KernelGateway app settings.", - "title": "KernelGatewayAppSettings" + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", + "type": "string" }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "The security group IDs for the Amazon VPC that the space uses for communication.", - "title": "SecurityGroups", - "type": "array" + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", + "type": "string" } }, "required": [ - "ExecutionRole" + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" ], "type": "object" }, - "AWS::SageMaker::Domain.DefaultSpaceStorageSettings": { - "additionalProperties": false, - "properties": { - "DefaultEbsStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultEbsStorageSettings", - "markdownDescription": "The default EBS storage settings for a space.", - "title": "DefaultEbsStorageSettings" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.DockerSettings": { - "additionalProperties": false, - "properties": { - "EnableDockerAccess": { - "markdownDescription": "Indicates whether the domain can access Docker.", - "title": "EnableDockerAccess", - "type": "string" - }, - "VpcOnlyTrustedAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of AWS accounts that are trusted when the domain is created in VPC-only mode.", - "title": "VpcOnlyTrustedAccounts", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.DomainSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig": { "additionalProperties": false, "properties": { - "DockerSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DockerSettings", - "markdownDescription": "A collection of settings that configure the domain's Docker interaction.", - "title": "DockerSettings" - }, - "RStudioServerProDomainSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProDomainSettings", - "markdownDescription": "A collection of settings that configure the `RStudioServerPro` Domain-level app.", - "title": "RStudioServerProDomainSettings" + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The security groups for the Amazon Virtual Private Cloud that the `Domain` uses for communication between Domain-level apps and user apps.", - "title": "SecurityGroupIds", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.EFSFileSystemConfig": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "markdownDescription": "The ID of your Amazon EFS file system.", - "title": "FileSystemId", + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", "type": "string" }, - "FileSystemPath": { - "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", - "title": "FileSystemPath", + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", "type": "string" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" } }, "required": [ - "FileSystemId" + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" ], "type": "object" }, - "AWS::SageMaker::Domain.JupyterLabAppSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource": { "additionalProperties": false, "properties": { - "CodeRepositories": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CodeRepository" - }, - "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", - "title": "CodeRepositories", - "type": "array" - }, - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", - "title": "CustomImages", - "type": "array" - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", - "title": "DefaultResourceSpec" - }, - "LifecycleConfigArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", - "title": "LifecycleConfigArns", - "type": "array" + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::Domain.JupyterServerAppSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.Csv": { "additionalProperties": false, "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", - "title": "DefaultResourceSpec" + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::Domain.KernelGatewayAppSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat": { "additionalProperties": false, "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", - "title": "CustomImages", - "type": "array" + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Csv", + "markdownDescription": "", + "title": "Csv" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.RSessionAppSettings": { - "additionalProperties": false, - "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a RSession app.", - "title": "CustomImages", - "type": "array" + "Json": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Json", + "markdownDescription": "", + "title": "Json" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "DefaultResourceSpec" + "Parquet": { + "markdownDescription": "", + "title": "Parquet", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::Domain.RStudioServerProAppSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.EndpointInput": { "additionalProperties": false, "properties": { - "AccessStatus": { - "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", - "title": "AccessStatus", + "EndTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "EndTimeOffset", "type": "string" }, - "UserGroup": { - "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", - "title": "UserGroup", + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Domain.RStudioServerProDomainSettings": { - "additionalProperties": false, - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", - "markdownDescription": "A collection that defines the default `InstanceType` , `SageMakerImageArn` , and `SageMakerImageVersionArn` for the Domain.", - "title": "DefaultResourceSpec" }, - "DomainExecutionRoleArn": { - "markdownDescription": "The ARN of the execution role for the `RStudioServerPro` Domain-level app.", - "title": "DomainExecutionRoleArn", + "InferenceAttribute": { + "markdownDescription": "The attribute of the input data that represents the ground truth label.", + "title": "InferenceAttribute", "type": "string" }, - "RStudioConnectUrl": { - "markdownDescription": "A URL pointing to an RStudio Connect server.", - "title": "RStudioConnectUrl", + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", "type": "string" }, - "RStudioPackageManagerUrl": { - "markdownDescription": "A URL pointing to an RStudio Package Manager server.", - "title": "RStudioPackageManagerUrl", - "type": "string" - } - }, - "required": [ - "DomainExecutionRoleArn" - ], - "type": "object" - }, - "AWS::SageMaker::Domain.ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", + "ProbabilityAttribute": { + "markdownDescription": "In a classification problem, the attribute that represents the class probability.", + "title": "ProbabilityAttribute", "type": "string" }, - "LifecycleConfigArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", - "title": "LifecycleConfigArn", + "ProbabilityThresholdAttribute": { + "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", + "title": "ProbabilityThresholdAttribute", + "type": "number" + }, + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", "type": "string" }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", + "StartTimeOffset": { + "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", + "title": "StartTimeOffset", "type": "string" } }, + "required": [ + "EndpointName", + "LocalPath" + ], "type": "object" }, - "AWS::SageMaker::Domain.SharingSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.Json": { "additionalProperties": false, "properties": { - "NotebookOutputOption": { - "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", - "title": "NotebookOutputOption", - "type": "string" - }, - "S3KmsKeyId": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", - "title": "S3KmsKeyId", - "type": "string" - }, - "S3OutputPath": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", - "title": "S3OutputPath", - "type": "string" + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::Domain.UserSettings": { + "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification": { "additionalProperties": false, "properties": { - "CodeEditorAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CodeEditorAppSettings", - "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CodeEditorAppSettings" - }, - "CustomFileSystemConfigs": { + "ContainerArguments": { "items": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" + "type": "string" }, - "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomFileSystemConfigs", + "markdownDescription": "An array of arguments for the container used to run the monitoring job.", + "title": "ContainerArguments", "type": "array" }, - "CustomPosixUserConfig": { - "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", - "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomPosixUserConfig" - }, - "DefaultLandingUri": { - "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", - "title": "DefaultLandingUri", - "type": "string" - }, - "ExecutionRole": { - "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", - "title": "ExecutionRole", - "type": "string" - }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", - "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "JupyterLabAppSettings" - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", - "markdownDescription": "The Jupyter server's app settings.", - "title": "JupyterServerAppSettings" - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", - "markdownDescription": "The kernel gateway app settings.", - "title": "KernelGatewayAppSettings" - }, - "RSessionAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.RSessionAppSettings", - "markdownDescription": "A collection of settings that configure the `RSessionGateway` app.", - "title": "RSessionAppSettings" - }, - "RStudioServerProAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProAppSettings", - "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", - "title": "RStudioServerProAppSettings" - }, - "SecurityGroups": { + "ContainerEntrypoint": { "items": { "type": "string" }, - "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SecurityGroups", + "markdownDescription": "Specifies the entrypoint for a container that the monitoring job runs.", + "title": "ContainerEntrypoint", "type": "array" }, - "SharingSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.SharingSettings", - "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", - "title": "SharingSettings" + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Environment", + "type": "object" }, - "SpaceStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", - "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SpaceStorageSettings" + "ImageUri": { + "markdownDescription": "The address of the container image that the monitoring job runs.", + "title": "ImageUri", + "type": "string" }, - "StudioWebPortal": { - "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", - "title": "StudioWebPortal", + "PostAnalyticsProcessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", + "title": "PostAnalyticsProcessorSourceUri", + "type": "string" + }, + "ProblemType": { + "markdownDescription": "The machine learning problem type of the model that the monitoring job monitors.", + "title": "ProblemType", + "type": "string" + }, + "RecordPreprocessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", + "title": "RecordPreprocessorSourceUri", "type": "string" } }, "required": [ - "ExecutionRole" + "ImageUri", + "ProblemType" ], "type": "object" }, - "AWS::SageMaker::Endpoint": { + "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "BaseliningJobName": { + "markdownDescription": "The name of the job that performs baselining for the monitoring job.", + "title": "BaseliningJobName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DeploymentConfig": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.DeploymentConfig", - "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", - "title": "DeploymentConfig" - }, - "EndpointConfigName": { - "markdownDescription": "The name of the [AWS::SageMaker::EndpointConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html) resource that specifies the configuration for the endpoint. For more information, see [CreateEndpointConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html) .", - "title": "EndpointConfigName", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint. The name must be unique within an AWS Region in your AWS account. The name is case-insensitive in `CreateEndpoint` , but the case is preserved and must be matched in [](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html) .", - "title": "EndpointName", - "type": "string" - }, - "ExcludeRetainedVariantProperties": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.VariantProperty" - }, - "markdownDescription": "When you are updating endpoint resources with [RetainAllVariantProperties](https://docs.aws.amazon.com/sagemaker/latest/dg/API_UpdateEndpoint.html#SageMaker-UpdateEndpoint-request-RetainAllVariantProperties) whose value is set to `true` , `ExcludeRetainedVariantProperties` specifies the list of type [VariantProperty](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-endpoint-variantproperty.html) to override with the values provided by `EndpointConfig` . If you don't specify a value for `ExcludeAllVariantProperties` , no variant properties are overridden. Don't use this property when creating new endpoint resources or when `RetainAllVariantProperties` is set to `false` .", - "title": "ExcludeRetainedVariantProperties", - "type": "array" - }, - "RetainAllVariantProperties": { - "markdownDescription": "When updating endpoint resources, enables or disables the retention of variant properties, such as the instance count or the variant weight. To retain the variant properties of an endpoint when updating it, set `RetainAllVariantProperties` to `true` . To use the variant properties specified in a new `EndpointConfig` call when updating an endpoint, set `RetainAllVariantProperties` to `false` . Use this property only when updating endpoint resources, not when creating new endpoint resources.", - "title": "RetainAllVariantProperties", - "type": "boolean" - }, - "RetainDeploymentConfig": { - "markdownDescription": "Specifies whether to reuse the last deployment configuration. The default value is false (the configuration is not reused).", - "title": "RetainDeploymentConfig", - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "EndpointConfigName" - ], - "type": "object" + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource", + "markdownDescription": "The constraints resource for a monitoring job.", + "title": "ConstraintsResource" + } + }, + "type": "object" + }, + "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput": { + "additionalProperties": false, + "properties": { + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" }, - "Type": { - "enum": [ - "AWS::SageMaker::Endpoint" - ], - "type": "string" + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.EndpointInput", + "markdownDescription": "Input object for the endpoint", + "title": "EndpointInput" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "GroundTruthS3Input": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input", + "markdownDescription": "The ground truth label provided for the model.", + "title": "GroundTruthS3Input" } }, - "required": [ - "Type", - "Properties" + "required": [ + "GroundTruthS3Input" ], "type": "object" }, - "AWS::SageMaker::Endpoint.Alarm": { + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input": { "additionalProperties": false, "properties": { - "AlarmName": { - "markdownDescription": "The name of a CloudWatch alarm in your account.", - "title": "AlarmName", + "S3Uri": { + "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", + "title": "S3Uri", "type": "string" } }, "required": [ - "AlarmName" + "S3Uri" ], "type": "object" }, - "AWS::SageMaker::Endpoint.AutoRollbackConfig": { + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput": { "additionalProperties": false, "properties": { - "Alarms": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.Alarm" - }, - "markdownDescription": "List of CloudWatch alarms in your account that are configured to monitor metrics on an endpoint. If any alarms are tripped during a deployment, SageMaker rolls back the deployment.", - "title": "Alarms", - "type": "array" + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" } }, "required": [ - "Alarms" + "S3Output" ], "type": "object" }, - "AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy": { + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig": { "additionalProperties": false, "properties": { - "MaximumExecutionTimeoutInSeconds": { - "markdownDescription": "Maximum execution timeout for the deployment. Note that the timeout value should be larger than the total waiting time specified in `TerminationWaitInSeconds` and `WaitIntervalInSeconds` .", - "title": "MaximumExecutionTimeoutInSeconds", - "type": "number" - }, - "TerminationWaitInSeconds": { - "markdownDescription": "Additional waiting time in seconds after the completion of an endpoint deployment before terminating the old endpoint fleet. Default is 0.", - "title": "TerminationWaitInSeconds", - "type": "number" + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", + "type": "string" }, - "TrafficRoutingConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.TrafficRoutingConfig", - "markdownDescription": "Defines the traffic routing strategy to shift traffic from the old fleet to the new fleet during an endpoint deployment.", - "title": "TrafficRoutingConfiguration" + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" } }, "required": [ - "TrafficRoutingConfiguration" + "MonitoringOutputs" ], "type": "object" }, - "AWS::SageMaker::Endpoint.CapacitySize": { + "AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Specifies the endpoint capacity type.\n\n- `INSTANCE_COUNT` : The endpoint activates based on the number of instances.\n- `CAPACITY_PERCENT` : The endpoint activates based on the specified percentage of capacity.", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Defines the capacity size, either as a number of instances or a capacity percentage.", - "title": "Value", - "type": "number" + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" } }, "required": [ - "Type", - "Value" + "ClusterConfig" ], "type": "object" }, - "AWS::SageMaker::Endpoint.DeploymentConfig": { + "AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig": { "additionalProperties": false, "properties": { - "AutoRollbackConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.AutoRollbackConfig", - "markdownDescription": "Automatic rollback configuration for handling endpoint deployment failures and recovery.", - "title": "AutoRollbackConfiguration" + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" }, - "BlueGreenUpdatePolicy": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy", - "markdownDescription": "Update policy for a blue/green deployment. If this update policy is specified, SageMaker creates a new fleet during the deployment while maintaining the old fleet. SageMaker flips traffic to the new fleet according to the specified traffic routing configuration. Only one update policy should be used in the deployment configuration. If no update policy is specified, SageMaker uses a blue/green deployment strategy with all at once traffic shifting by default.", - "title": "BlueGreenUpdatePolicy" + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" }, - "RollingUpdatePolicy": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.RollingUpdatePolicy", - "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker endpoint.", - "title": "RollingUpdatePolicy" + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", + "title": "VpcConfig" } }, "type": "object" }, - "AWS::SageMaker::Endpoint.RollingUpdatePolicy": { + "AWS::SageMaker::ModelQualityJobDefinition.S3Output": { "additionalProperties": false, "properties": { - "MaximumBatchSize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for each rolling step to provision capacity and turn on traffic on the new endpoint fleet, and terminate capacity on the old endpoint fleet. Value must be between 5% to 50% of the variant's total instance count.", - "title": "MaximumBatchSize" - }, - "MaximumExecutionTimeoutInSeconds": { - "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", - "title": "MaximumExecutionTimeoutInSeconds", - "type": "number" + "LocalPath": { + "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" }, - "RollbackMaximumBatchSize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for rollback to the old endpoint fleet. Each rolling step to provision capacity and turn on traffic on the old endpoint fleet, and terminate capacity on the new endpoint fleet. If this field is absent, the default value will be set to 100% of total capacity which means to bring up the whole capacity of the old fleet at once during rollback.", - "title": "RollbackMaximumBatchSize" + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", + "type": "string" }, - "WaitIntervalInSeconds": { - "markdownDescription": "The length of the baking period, during which SageMaker monitors alarms for each batch on the new fleet.", - "title": "WaitIntervalInSeconds", - "type": "number" + "S3Uri": { + "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", + "title": "S3Uri", + "type": "string" } }, "required": [ - "MaximumBatchSize", - "WaitIntervalInSeconds" + "LocalPath", + "S3Uri" ], "type": "object" }, - "AWS::SageMaker::Endpoint.TrafficRoutingConfig": { + "AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition": { "additionalProperties": false, "properties": { - "CanarySize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for the first step to turn on traffic on the new endpoint fleet. `Value` must be less than or equal to 50% of the variant's total instance count.", - "title": "CanarySize" - }, - "LinearStepSize": { - "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", - "markdownDescription": "Batch size for each step to turn on traffic on the new endpoint fleet. `Value` must be 10-50% of the variant's total instance count.", - "title": "LinearStepSize" - }, - "Type": { - "markdownDescription": "Traffic routing strategy type.\n\n- `ALL_AT_ONCE` : Endpoint traffic shifts to the new fleet in a single step.\n- `CANARY` : Endpoint traffic shifts to the new fleet in two steps. The first step is the canary, which is a small portion of the traffic. The second step is the remainder of the traffic.\n- `LINEAR` : Endpoint traffic shifts to the new fleet in n steps of a configurable size.", - "title": "Type", - "type": "string" - }, - "WaitIntervalInSeconds": { - "markdownDescription": "The waiting time (in seconds) between incremental steps to turn on traffic on the new endpoint fleet.", - "title": "WaitIntervalInSeconds", + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", "type": "number" } }, "required": [ - "Type" + "MaxRuntimeInSeconds" ], "type": "object" }, - "AWS::SageMaker::Endpoint.VariantProperty": { + "AWS::SageMaker::ModelQualityJobDefinition.VpcConfig": { "additionalProperties": false, "properties": { - "VariantPropertyType": { - "markdownDescription": "The type of variant property. The supported values are:\n\n- `DesiredInstanceCount` : Overrides the existing variant instance counts using the [InitialInstanceCount](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialInstanceCount) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DesiredWeight` : Overrides the existing variant weights using the [InitialVariantWeight](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialVariantWeight) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DataCaptureConfig` : (Not currently supported.)", - "title": "VariantPropertyType", - "type": "string" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" } }, + "required": [ + "SecurityGroupIds", + "Subnets" + ], "type": "object" }, - "AWS::SageMaker::EndpointConfig": { + "AWS::SageMaker::MonitoringSchedule": { "additionalProperties": false, "properties": { "Condition": { @@ -245969,73 +298646,54 @@ "Properties": { "additionalProperties": false, "properties": { - "AsyncInferenceConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceConfig", - "markdownDescription": "Specifies configuration for how an endpoint performs asynchronous inference.", - "title": "AsyncInferenceConfig" - }, - "DataCaptureConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.DataCaptureConfig", - "markdownDescription": "Specifies how to capture endpoint data for model monitor. The data capture configuration applies to all production variants hosted at the endpoint.", - "title": "DataCaptureConfig" - }, - "EnableNetworkIsolation": { - "type": "boolean" - }, - "EndpointConfigName": { - "markdownDescription": "The name of the endpoint configuration.", - "title": "EndpointConfigName", + "EndpointName": { + "markdownDescription": "The name of the endpoint using the monitoring schedule.", + "title": "EndpointName", "type": "string" }, - "ExecutionRoleArn": { + "FailureReason": { + "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", + "title": "FailureReason", "type": "string" }, - "ExplainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ExplainerConfig", - "markdownDescription": "A parameter to activate explainers.", - "title": "ExplainerConfig" + "LastMonitoringExecutionSummary": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary", + "markdownDescription": "Describes metadata on the last execution to run, if there was one.", + "title": "LastMonitoringExecutionSummary" }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nThe KMS key policy must grant permission to the IAM role that you specify in your `CreateEndpoint` , `UpdateEndpoint` requests. For more information, refer to the AWS Key Management Service section [Using Key Policies in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/key-policies.html)\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `KmsKeyId` when using an instance type with local storage. If any of the models that you specify in the `ProductionVariants` parameter use nitro-based instances with local storage, do not specify a value for the `KmsKeyId` parameter. If you specify a value for `KmsKeyId` when using any nitro-based instances with local storage, the call to `CreateEndpointConfig` fails.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) .", - "title": "KmsKeyId", - "type": "string" + "MonitoringScheduleConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig", + "markdownDescription": "The configuration object that specifies the monitoring schedule and defines the monitoring job.", + "title": "MonitoringScheduleConfig" }, - "ProductionVariants": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" - }, - "markdownDescription": "A list of `ProductionVariant` objects, one for each model that you want to host at this endpoint.", - "title": "ProductionVariants", - "type": "array" + "MonitoringScheduleName": { + "markdownDescription": "The name of the monitoring schedule.", + "title": "MonitoringScheduleName", + "type": "string" }, - "ShadowProductionVariants": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" - }, - "markdownDescription": "Array of `ProductionVariant` objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on `ProductionVariants` . If you use this field, you can only specify one variant for `ProductionVariants` and one variant for `ShadowProductionVariants` .", - "title": "ShadowProductionVariants", - "type": "array" + "MonitoringScheduleStatus": { + "markdownDescription": "The status of the monitoring schedule.", + "title": "MonitoringScheduleStatus", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.VpcConfig" } }, "required": [ - "ProductionVariants" + "MonitoringScheduleConfig", + "MonitoringScheduleName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::EndpointConfig" + "AWS::SageMaker::MonitoringSchedule" ], "type": "string" }, @@ -246054,881 +298712,557 @@ ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig": { - "additionalProperties": false, - "properties": { - "MaxConcurrentInvocationsPerInstance": { - "markdownDescription": "The maximum number of concurrent requests sent by the SageMaker client to the model container. If no value is provided, SageMaker will choose an optimal value for you.", - "title": "MaxConcurrentInvocationsPerInstance", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceConfig": { + "AWS::SageMaker::MonitoringSchedule.BaselineConfig": { "additionalProperties": false, "properties": { - "ClientConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig", - "markdownDescription": "Configures the behavior of the client used by SageMaker to interact with the model container during asynchronous inference.", - "title": "ClientConfig" + "ConstraintsResource": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ConstraintsResource", + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "ConstraintsResource" }, - "OutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig", - "markdownDescription": "Specifies the configuration for asynchronous inference invocation outputs.", - "title": "OutputConfig" + "StatisticsResource": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StatisticsResource", + "markdownDescription": "The baseline statistics file in Amazon S3 that the current monitoring job should be validated against.", + "title": "StatisticsResource" } }, - "required": [ - "OutputConfig" - ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig": { + "AWS::SageMaker::MonitoringSchedule.BatchTransformInput": { "additionalProperties": false, "properties": { - "ErrorTopic": { - "markdownDescription": "Amazon SNS topic to post a notification to when an inference fails. If no topic is provided, no notification is sent on failure.", - "title": "ErrorTopic", + "DataCapturedDestinationS3Uri": { + "markdownDescription": "The Amazon S3 location being used to capture the data.", + "title": "DataCapturedDestinationS3Uri", "type": "string" }, - "IncludeInferenceResponseIn": { - "items": { - "type": "string" - }, - "markdownDescription": "The Amazon SNS topics where you want the inference response to be included.\n\n> The inference response is included only if the response size is less than or equal to 128 KB.", - "title": "IncludeInferenceResponseIn", - "type": "array" + "DatasetFormat": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.DatasetFormat", + "markdownDescription": "The dataset format for your batch transform job.", + "title": "DatasetFormat" }, - "SuccessTopic": { - "markdownDescription": "Amazon SNS topic to post a notification to when an inference completes successfully. If no topic is provided, no notification is sent on success.", - "title": "SuccessTopic", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the asynchronous inference output in Amazon S3.", - "title": "KmsKeyId", + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", "type": "string" }, - "NotificationConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig", - "markdownDescription": "Specifies the configuration for notifications of inference results for asynchronous inference.", - "title": "NotificationConfig" - }, - "S3FailurePath": { - "markdownDescription": "The Amazon S3 location to upload failure inference responses to.", - "title": "S3FailurePath", + "LocalPath": { + "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", + "title": "LocalPath", "type": "string" }, - "S3OutputPath": { - "markdownDescription": "The Amazon S3 location to upload inference responses to.", - "title": "S3OutputPath", + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader": { - "additionalProperties": false, - "properties": { - "CsvContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the CSV content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", - "title": "CsvContentTypes", - "type": "array" }, - "JsonContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the JSON content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", - "title": "JsonContentTypes", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.CaptureOption": { - "additionalProperties": false, - "properties": { - "CaptureMode": { - "markdownDescription": "Specifies whether the endpoint captures input data or output data.", - "title": "CaptureMode", + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" } }, "required": [ - "CaptureMode" + "DataCapturedDestinationS3Uri", + "DatasetFormat", + "LocalPath" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig": { + "AWS::SageMaker::MonitoringSchedule.ClusterConfig": { "additionalProperties": false, "properties": { - "EnableExplanations": { - "markdownDescription": "A JMESPath boolean expression used to filter which records to explain. Explanations are activated by default. See [`EnableExplanations`](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-enable) for additional information.", - "title": "EnableExplanations", + "InstanceCount": { + "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", + "title": "InstanceCount", + "type": "number" + }, + "InstanceType": { + "markdownDescription": "The ML compute instance type for the processing job.", + "title": "InstanceType", "type": "string" }, - "InferenceConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig", - "markdownDescription": "The inference configuration parameter for the model container.", - "title": "InferenceConfig" + "VolumeKmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", + "title": "VolumeKmsKeyId", + "type": "string" }, - "ShapConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapConfig", - "markdownDescription": "The configuration for SHAP analysis.", - "title": "ShapConfig" + "VolumeSizeInGB": { + "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", + "title": "VolumeSizeInGB", + "type": "number" } }, "required": [ - "ShapConfig" + "InstanceCount", + "InstanceType", + "VolumeSizeInGB" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyFeatureType": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.ClarifyHeader": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig": { + "AWS::SageMaker::MonitoringSchedule.ConstraintsResource": { "additionalProperties": false, "properties": { - "ContentTemplate": { - "markdownDescription": "A template string used to format a JSON record into an acceptable model container input. For example, a `ContentTemplate` string `'{\"myfeatures\":$features}'` will format a list of features `[1,2,3]` into the record string `'{\"myfeatures\":[1,2,3]}'` . Required only when the model container input is in JSON Lines format.", - "title": "ContentTemplate", - "type": "string" - }, - "FeatureHeaders": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" - }, - "markdownDescription": "The names of the features. If provided, these are included in the endpoint response payload to help readability of the `InvokeEndpoint` output. See the [Response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", - "title": "FeatureHeaders", - "type": "array" - }, - "FeatureTypes": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyFeatureType" - }, - "markdownDescription": "A list of data types of the features (optional). Applicable only to NLP explainability. If provided, `FeatureTypes` must have at least one `'text'` string (for example, `['text']` ). If `FeatureTypes` is not provided, the explainer infers the feature types based on the baseline data. The feature types are included in the endpoint response payload. For additional information see the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", - "title": "FeatureTypes", - "type": "array" - }, - "FeaturesAttribute": { - "markdownDescription": "Provides the JMESPath expression to extract the features from a model container input in JSON Lines format. For example, if `FeaturesAttribute` is the JMESPath expression `'myfeatures'` , it extracts a list of features `[1,2,3]` from request data `'{\"myfeatures\":[1,2,3]}'` .", - "title": "FeaturesAttribute", - "type": "string" - }, - "LabelAttribute": { - "markdownDescription": "A JMESPath expression used to locate the list of label headers in the model container output.\n\n*Example* : If the model container output of a batch request is `'{\"labels\":[\"cat\",\"dog\",\"fish\"],\"probability\":[0.6,0.3,0.1]}'` , then set `LabelAttribute` to `'labels'` to extract the list of label headers `[\"cat\",\"dog\",\"fish\"]`", - "title": "LabelAttribute", - "type": "string" - }, - "LabelHeaders": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" - }, - "markdownDescription": "For multiclass classification problems, the label headers are the names of the classes. Otherwise, the label header is the name of the predicted label. These are used to help readability for the output of the `InvokeEndpoint` API. See the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information. If there are no label headers in the model container output, provide them manually using this parameter.", - "title": "LabelHeaders", - "type": "array" - }, - "LabelIndex": { - "markdownDescription": "A zero-based index used to extract a label header or list of label headers from model container output in CSV format.\n\n*Example for a multiclass model:* If the model container output consists of label headers followed by probabilities: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `LabelIndex` to `0` to select the label headers `['cat','dog','fish']` .", - "title": "LabelIndex", - "type": "number" - }, - "MaxPayloadInMB": { - "markdownDescription": "The maximum payload size (MB) allowed of a request from the explainer to the model container. Defaults to `6` MB.", - "title": "MaxPayloadInMB", - "type": "number" - }, - "MaxRecordCount": { - "markdownDescription": "The maximum number of records in a request that the model container can process when querying the model container for the predictions of a [synthetic dataset](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-synthetic) . A record is a unit of input data that inference can be made on, for example, a single line in CSV data. If `MaxRecordCount` is `1` , the model container expects one record per request. A value of 2 or greater means that the model expects batch requests, which can reduce overhead and speed up the inferencing process. If this parameter is not provided, the explainer will tune the record count per request according to the model container's capacity at runtime.", - "title": "MaxRecordCount", - "type": "number" - }, - "ProbabilityAttribute": { - "markdownDescription": "A JMESPath expression used to extract the probability (or score) from the model container output if the model container is in JSON Lines format.\n\n*Example* : If the model container output of a single request is `'{\"predicted_label\":1,\"probability\":0.6}'` , then set `ProbabilityAttribute` to `'probability'` .", - "title": "ProbabilityAttribute", + "S3Uri": { + "markdownDescription": "The Amazon S3 URI for the constraints resource.", + "title": "S3Uri", "type": "string" - }, - "ProbabilityIndex": { - "markdownDescription": "A zero-based index used to extract a probability value (score) or list from model container output in CSV format. If this value is not provided, the entire model container output will be treated as a probability value (score) or list.\n\n*Example for a single class model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'1,0.6'` , set `ProbabilityIndex` to `1` to select the probability value `0.6` .\n\n*Example for a multiclass model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `ProbabilityIndex` to `1` to select the probability values `[0.1,0.6,0.3]` .", - "title": "ProbabilityIndex", - "type": "number" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig": { + "AWS::SageMaker::MonitoringSchedule.Csv": { "additionalProperties": false, "properties": { - "MimeType": { - "markdownDescription": "The MIME type of the baseline data. Choose from `'text/csv'` or `'application/jsonlines'` . Defaults to `'text/csv'` .", - "title": "MimeType", - "type": "string" - }, - "ShapBaseline": { - "markdownDescription": "The inline SHAP baseline data in string format. `ShapBaseline` can have one or multiple records to be used as the baseline dataset. The format of the SHAP baseline file should be the same format as the training dataset. For example, if the training dataset is in CSV format and each record contains four features, and all features are numerical, then the format of the baseline data should also share these characteristics. For natural language processing (NLP) of text columns, the baseline value should be the value used to replace the unit of text specified by the `Granularity` of the `TextConfig` parameter. The size limit for `ShapBasline` is 4 KB. Use the `ShapBaselineUri` parameter if you want to provide more than 4 KB of baseline data.", - "title": "ShapBaseline", - "type": "string" - }, - "ShapBaselineUri": { - "markdownDescription": "The uniform resource identifier (URI) of the S3 bucket where the SHAP baseline file is stored. The format of the SHAP baseline file should be the same format as the format of the training dataset. For example, if the training dataset is in CSV format, and each record in the training dataset has four features, and all features are numerical, then the baseline file should also have this same format. Each record should contain only the features. If you are using a virtual private cloud (VPC), the `ShapBaselineUri` should be accessible to the VPC. For more information about setting up endpoints with Amazon Virtual Private Cloud, see [Give SageMaker access to Resources in your Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", - "title": "ShapBaselineUri", - "type": "string" + "Header": { + "markdownDescription": "", + "title": "Header", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyShapConfig": { + "AWS::SageMaker::MonitoringSchedule.DatasetFormat": { "additionalProperties": false, "properties": { - "NumberOfSamples": { - "markdownDescription": "The number of samples to be used for analysis by the Kernal SHAP algorithm.\n\n> The number of samples determines the size of the synthetic dataset, which has an impact on latency of explainability requests. For more information, see the *Synthetic data* of [Configure and create an endpoint](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html) .", - "title": "NumberOfSamples", - "type": "number" - }, - "Seed": { - "markdownDescription": "The starting value used to initialize the random number generator in the explainer. Provide a value for this parameter to obtain a deterministic SHAP result.", - "title": "Seed", - "type": "number" - }, - "ShapBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig", - "markdownDescription": "The configuration for the SHAP baseline of the Kernal SHAP algorithm.", - "title": "ShapBaselineConfig" + "Csv": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Csv", + "markdownDescription": "", + "title": "Csv" }, - "TextConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyTextConfig", - "markdownDescription": "A parameter that indicates if text features are treated as text and explanations are provided for individual units of text. Required for natural language processing (NLP) explainability only.", - "title": "TextConfig" + "Json": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Json", + "markdownDescription": "", + "title": "Json" }, - "UseLogit": { - "markdownDescription": "A Boolean toggle to indicate if you want to use the logit function (true) or log-odds units (false) for model predictions. Defaults to false.", - "title": "UseLogit", + "Parquet": { + "markdownDescription": "", + "title": "Parquet", "type": "boolean" } }, - "required": [ - "ShapBaselineConfig" - ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ClarifyTextConfig": { + "AWS::SageMaker::MonitoringSchedule.EndpointInput": { "additionalProperties": false, "properties": { - "Granularity": { - "markdownDescription": "The unit of granularity for the analysis of text features. For example, if the unit is `'token'` , then each token (like a word in English) of the text is treated as a feature. SHAP values are computed for each unit/feature.", - "title": "Granularity", + "EndpointName": { + "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", + "title": "EndpointName", "type": "string" }, - "Language": { - "markdownDescription": "Specifies the language of the text features in [ISO 639-1](https://docs.aws.amazon.com/ https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes) or [ISO 639-3](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_639-3) code of a supported language.\n\n> For a mix of multiple languages, use code `'xx'` .", - "title": "Language", + "ExcludeFeaturesAttribute": { + "markdownDescription": "The attributes of the input data to exclude from the analysis.", + "title": "ExcludeFeaturesAttribute", "type": "string" - } - }, - "required": [ - "Granularity", - "Language" - ], - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.DataCaptureConfig": { - "additionalProperties": false, - "properties": { - "CaptureContentTypeHeader": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader", - "markdownDescription": "A list of the JSON and CSV content type that the endpoint captures.", - "title": "CaptureContentTypeHeader" }, - "CaptureOptions": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureOption" - }, - "markdownDescription": "Specifies whether the endpoint captures input data to your model, output data from your model, or both.", - "title": "CaptureOptions", - "type": "array" - }, - "DestinationS3Uri": { - "markdownDescription": "The S3 bucket where model monitor stores captured data.", - "title": "DestinationS3Uri", + "LocalPath": { + "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", + "title": "LocalPath", "type": "string" }, - "EnableCapture": { - "markdownDescription": "Set to `True` to enable data capture.", - "title": "EnableCapture", - "type": "boolean" - }, - "InitialSamplingPercentage": { - "markdownDescription": "The percentage of data to capture.", - "title": "InitialSamplingPercentage", - "type": "number" + "S3DataDistributionType": { + "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", + "title": "S3DataDistributionType", + "type": "string" }, - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the captured data at rest using Amazon S3 server-side encryption. The KmsKeyId can be any of the following formats: Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab Alias name: alias/ExampleAlias Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see KMS-Managed Encryption Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the Amazon Simple Storage Service Developer Guide. The KMS key policy must grant permission to the IAM role that you specify in your CreateModel (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see Using Key Policies in AWS KMS (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the AWS Key Management Service Developer Guide.", - "title": "KmsKeyId", + "S3InputMode": { + "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", + "title": "S3InputMode", "type": "string" } }, "required": [ - "CaptureOptions", - "DestinationS3Uri", - "InitialSamplingPercentage" + "EndpointName", + "LocalPath" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ExplainerConfig": { + "AWS::SageMaker::MonitoringSchedule.Json": { "additionalProperties": false, "properties": { - "ClarifyExplainerConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig", - "markdownDescription": "A member of `ExplainerConfig` that contains configuration parameters for the SageMaker Clarify explainer.", - "title": "ClarifyExplainerConfig" + "Line": { + "markdownDescription": "", + "title": "Line", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::EndpointConfig.ManagedInstanceScaling": { + "AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification": { "additionalProperties": false, "properties": { - "MaxInstanceCount": { - "type": "number" + "ContainerArguments": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of arguments for the container used to run the monitoring job.", + "title": "ContainerArguments", + "type": "array" }, - "MinInstanceCount": { - "type": "number" + "ContainerEntrypoint": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the entrypoint for a container used to run the monitoring job.", + "title": "ContainerEntrypoint", + "type": "array" }, - "Status": { + "ImageUri": { + "markdownDescription": "The container image to be run by the monitoring job.", + "title": "ImageUri", + "type": "string" + }, + "PostAnalyticsProcessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", + "title": "PostAnalyticsProcessorSourceUri", + "type": "string" + }, + "RecordPreprocessorSourceUri": { + "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", + "title": "RecordPreprocessorSourceUri", "type": "string" } }, + "required": [ + "ImageUri" + ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.ProductionVariant": { + "AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary": { "additionalProperties": false, "properties": { - "AcceleratorType": { - "markdownDescription": "The size of the Elastic Inference (EI) instance to use for the production variant. EI instances provide on-demand GPU computing for inference. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) . For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .", - "title": "AcceleratorType", + "CreationTime": { + "markdownDescription": "The time at which the monitoring job was created.", + "title": "CreationTime", "type": "string" }, - "ContainerStartupHealthCheckTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by SageMaker Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", - "title": "ContainerStartupHealthCheckTimeoutInSeconds", - "type": "number" - }, - "EnableSSMAccess": { - "markdownDescription": "You can use this parameter to turn on native AWS Systems Manager (SSM) access for a production variant behind an endpoint. By default, SSM access is disabled for all production variants behind an endpoint. You can turn on or turn off SSM access for a production variant behind an existing endpoint by creating a new endpoint configuration and calling `UpdateEndpoint` .", - "title": "EnableSSMAccess", - "type": "boolean" - }, - "InitialInstanceCount": { - "markdownDescription": "Number of instances to launch initially.", - "title": "InitialInstanceCount", - "type": "number" - }, - "InitialVariantWeight": { - "markdownDescription": "Determines initial traffic distribution among all of the models that you specify in the endpoint configuration. The traffic to a production variant is determined by the ratio of the `VariantWeight` to the sum of all `VariantWeight` values across all ProductionVariants. If unspecified, it defaults to 1.0.", - "title": "InitialVariantWeight", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The ML compute instance type.", - "title": "InstanceType", + "EndpointName": { + "markdownDescription": "The name of the endpoint used to run the monitoring job.", + "title": "EndpointName", "type": "string" }, - "ManagedInstanceScaling": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ManagedInstanceScaling" - }, - "ModelDataDownloadTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this production variant.", - "title": "ModelDataDownloadTimeoutInSeconds", - "type": "number" - }, - "ModelName": { - "markdownDescription": "The name of the model that you want to host. This is the name that you specified when creating the model.", - "title": "ModelName", + "FailureReason": { + "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", + "title": "FailureReason", "type": "string" }, - "RoutingConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.RoutingConfig" - }, - "ServerlessConfig": { - "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ServerlessConfig", - "markdownDescription": "The serverless configuration for an endpoint. Specifies a serverless endpoint configuration instead of an instance-based endpoint configuration.", - "title": "ServerlessConfig" + "LastModifiedTime": { + "markdownDescription": "A timestamp that indicates the last time the monitoring job was modified.", + "title": "LastModifiedTime", + "type": "string" }, - "VariantName": { - "markdownDescription": "The name of the production variant.", - "title": "VariantName", + "MonitoringExecutionStatus": { + "markdownDescription": "The status of the monitoring job.", + "title": "MonitoringExecutionStatus", "type": "string" }, - "VolumeSizeInGB": { - "markdownDescription": "The size, in GB, of the ML storage volume attached to individual inference instance associated with the production variant. Currently only Amazon EBS gp2 storage volumes are supported.", - "title": "VolumeSizeInGB", - "type": "number" - } - }, - "required": [ - "VariantName" - ], - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.RoutingConfig": { - "additionalProperties": false, - "properties": { - "RoutingStrategy": { + "MonitoringScheduleName": { + "markdownDescription": "The name of the monitoring schedule.", + "title": "MonitoringScheduleName", "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::EndpointConfig.ServerlessConfig": { - "additionalProperties": false, - "properties": { - "MaxConcurrency": { - "markdownDescription": "The maximum number of concurrent invocations your serverless endpoint can process.", - "title": "MaxConcurrency", - "type": "number" }, - "MemorySizeInMB": { - "markdownDescription": "The memory size of your serverless endpoint. Valid values are in 1 GB increments: 1024 MB, 2048 MB, 3072 MB, 4096 MB, 5120 MB, or 6144 MB.", - "title": "MemorySizeInMB", - "type": "number" + "ProcessingJobArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the monitoring job.", + "title": "ProcessingJobArn", + "type": "string" }, - "ProvisionedConcurrency": { - "markdownDescription": "The amount of provisioned concurrency to allocate for the serverless endpoint. Should be less than or equal to `MaxConcurrency` .\n\n> This field is not supported for serverless endpoint recommendations for Inference Recommender jobs. For more information about creating an Inference Recommender job, see [CreateInferenceRecommendationsJobs](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html) .", - "title": "ProvisionedConcurrency", - "type": "number" + "ScheduledTime": { + "markdownDescription": "The time the monitoring job was scheduled.", + "title": "ScheduledTime", + "type": "string" } }, "required": [ - "MaxConcurrency", - "MemorySizeInMB" + "CreationTime", + "LastModifiedTime", + "MonitoringExecutionStatus", + "MonitoringScheduleName", + "ScheduledTime" ], "type": "object" }, - "AWS::SageMaker::EndpointConfig.VpcConfig": { + "AWS::SageMaker::MonitoringSchedule.MonitoringInput": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "type": "array" + "BatchTransformInput": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BatchTransformInput", + "markdownDescription": "Input object for the batch transform job.", + "title": "BatchTransformInput" }, - "Subnets": { - "items": { - "type": "string" - }, - "type": "array" + "EndpointInput": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.EndpointInput", + "markdownDescription": "The endpoint for a monitoring job.", + "title": "EndpointInput" } }, - "required": [ - "SecurityGroupIds", - "Subnets" - ], "type": "object" }, - "AWS::SageMaker::FeatureGroup": { + "AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "BaselineConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BaselineConfig", + "markdownDescription": "Baseline configuration used to validate that the data conforms to the specified constraints and statistics", + "title": "BaselineConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "Environment": { + "additionalProperties": true, + "markdownDescription": "Sets the environment variables in the Docker container.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" } - ] - }, - "Metadata": { + }, + "title": "Environment", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A free form description of a `FeatureGroup` .", - "title": "Description", - "type": "string" - }, - "EventTimeFeatureName": { - "markdownDescription": "The name of the feature that stores the `EventTime` of a Record in a `FeatureGroup` .\n\nA `EventTime` is point in time when a new event occurs that corresponds to the creation or update of a `Record` in `FeatureGroup` . All `Records` in the `FeatureGroup` must have a corresponding `EventTime` .", - "title": "EventTimeFeatureName", - "type": "string" - }, - "FeatureDefinitions": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.FeatureDefinition" - }, - "markdownDescription": "A list of `Feature` s. Each `Feature` must include a `FeatureName` and a `FeatureType` .\n\nValid `FeatureType` s are `Integral` , `Fractional` and `String` .\n\n`FeatureName` s cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nYou can create up to 2,500 `FeatureDefinition` s per `FeatureGroup` .", - "title": "FeatureDefinitions", - "type": "array" - }, - "FeatureGroupName": { - "markdownDescription": "The name of the `FeatureGroup` .", - "title": "FeatureGroupName", - "type": "string" - }, - "OfflineStoreConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OfflineStoreConfig", - "markdownDescription": "The configuration of an `OfflineStore` .", - "title": "OfflineStoreConfig" - }, - "OnlineStoreConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreConfig", - "markdownDescription": "The configuration of an `OnlineStore` .", - "title": "OnlineStoreConfig" - }, - "RecordIdentifierFeatureName": { - "markdownDescription": "The name of the `Feature` whose value uniquely identifies a `Record` defined in the `FeatureGroup` `FeatureDefinitions` .", - "title": "RecordIdentifierFeatureName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM execution role used to create the feature group.", - "title": "RoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Tags used to define a `FeatureGroup` .", - "title": "Tags", - "type": "array" - }, - "ThroughputConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.ThroughputConfig", - "markdownDescription": "Used to set feature group throughput configuration. There are two modes: `ON_DEMAND` and `PROVISIONED` . With on-demand mode, you are charged for data reads and writes that your application performs on your feature group. You do not need to specify read and write throughput because Feature Store accommodates your workloads as they ramp up and down. You can switch a feature group to on-demand only once in a 24 hour period. With provisioned throughput mode, you specify the read and write capacity per second that you expect your application to require, and you are billed based on those limits. Exceeding provisioned throughput will result in your requests being throttled.\n\nNote: `PROVISIONED` throughput mode is supported only for feature groups that are offline-only, or use the [`Standard`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) tier online store.", - "title": "ThroughputConfig" - } + "MonitoringAppSpecification": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification", + "markdownDescription": "Configures the monitoring job to run a specified Docker container image.", + "title": "MonitoringAppSpecification" + }, + "MonitoringInputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringInput" }, - "required": [ - "EventTimeFeatureName", - "FeatureDefinitions", - "FeatureGroupName", - "RecordIdentifierFeatureName" - ], - "type": "object" + "markdownDescription": "The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker AI Endpoint.", + "title": "MonitoringInputs", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SageMaker::FeatureGroup" - ], - "type": "string" + "MonitoringOutputConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig", + "markdownDescription": "The array of outputs from the monitoring job to be uploaded to Amazon S3.", + "title": "MonitoringOutputConfig" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SageMaker::FeatureGroup.DataCatalogConfig": { - "additionalProperties": false, - "properties": { - "Catalog": { - "markdownDescription": "The name of the Glue table catalog.", - "title": "Catalog", - "type": "string" + "MonitoringResources": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringResources", + "markdownDescription": "Identifies the resources, ML compute instances, and ML storage volumes to deploy for a monitoring job. In distributed processing, you specify more than one instance.", + "title": "MonitoringResources" }, - "Database": { - "markdownDescription": "The name of the Glue table database.", - "title": "Database", - "type": "string" + "NetworkConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.NetworkConfig", + "markdownDescription": "Specifies networking options for an monitoring job.", + "title": "NetworkConfig" }, - "TableName": { - "markdownDescription": "The name of the Glue table.", - "title": "TableName", + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can assume to perform tasks on your behalf.", + "title": "RoleArn", "type": "string" + }, + "StoppingCondition": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StoppingCondition", + "markdownDescription": "Specifies a time limit for how long the monitoring job is allowed to run.", + "title": "StoppingCondition" } }, "required": [ - "Catalog", - "Database", - "TableName" + "MonitoringAppSpecification", + "MonitoringInputs", + "MonitoringOutputConfig", + "MonitoringResources", + "RoleArn" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.FeatureDefinition": { + "AWS::SageMaker::MonitoringSchedule.MonitoringOutput": { "additionalProperties": false, "properties": { - "FeatureName": { - "markdownDescription": "The name of a feature. The type must be a string. `FeatureName` cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nThe name:\n\n- Must start with an alphanumeric character.\n- Can only include alphanumeric characters, underscores, and hyphens. Spaces are not allowed.", - "title": "FeatureName", - "type": "string" - }, - "FeatureType": { - "markdownDescription": "The value type of a feature. Valid values are Integral, Fractional, or String.", - "title": "FeatureType", - "type": "string" + "S3Output": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.S3Output", + "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", + "title": "S3Output" } }, "required": [ - "FeatureName", - "FeatureType" + "S3Output" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.OfflineStoreConfig": { + "AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig": { "additionalProperties": false, "properties": { - "DataCatalogConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.DataCatalogConfig", - "markdownDescription": "The meta data of the Glue table that is autogenerated when an `OfflineStore` is created.", - "title": "DataCatalogConfig" - }, - "DisableGlueTableCreation": { - "markdownDescription": "Set to `True` to disable the automatic creation of an AWS Glue table when configuring an `OfflineStore` . If set to `False` , Feature Store will name the `OfflineStore` Glue table following [Athena's naming recommendations](https://docs.aws.amazon.com/athena/latest/ug/tables-databases-columns-names.html) .\n\nThe default value is `False` .", - "title": "DisableGlueTableCreation", - "type": "boolean" - }, - "S3StorageConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.S3StorageConfig", - "markdownDescription": "The Amazon Simple Storage (Amazon S3) location of `OfflineStore` .", - "title": "S3StorageConfig" - }, - "TableFormat": { - "markdownDescription": "Format for the offline store table. Supported formats are Glue (Default) and [Apache Iceberg](https://docs.aws.amazon.com/https://iceberg.apache.org/) .", - "title": "TableFormat", + "KmsKeyId": { + "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", + "title": "KmsKeyId", "type": "string" + }, + "MonitoringOutputs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutput" + }, + "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", + "title": "MonitoringOutputs", + "type": "array" } }, "required": [ - "S3StorageConfig" + "MonitoringOutputs" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.OnlineStoreConfig": { + "AWS::SageMaker::MonitoringSchedule.MonitoringResources": { "additionalProperties": false, "properties": { - "EnableOnlineStore": { - "markdownDescription": "Turn `OnlineStore` off by specifying `False` for the `EnableOnlineStore` flag. Turn `OnlineStore` on by specifying `True` for the `EnableOnlineStore` flag.\n\nThe default value is `False` .", - "title": "EnableOnlineStore", - "type": "boolean" + "ClusterConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ClusterConfig", + "markdownDescription": "The configuration for the cluster resources used to run the processing job.", + "title": "ClusterConfig" + } + }, + "required": [ + "ClusterConfig" + ], + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig": { + "additionalProperties": false, + "properties": { + "MonitoringJobDefinition": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition", + "markdownDescription": "Defines the monitoring job.", + "title": "MonitoringJobDefinition" }, - "SecurityConfig": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig", - "markdownDescription": "Use to specify KMS Key ID ( `KMSKeyId` ) for at-rest encryption of your `OnlineStore` .", - "title": "SecurityConfig" + "MonitoringJobDefinitionName": { + "markdownDescription": "The name of the monitoring job definition to schedule.", + "title": "MonitoringJobDefinitionName", + "type": "string" }, - "StorageType": { - "markdownDescription": "Option for different tiers of low latency storage for real-time data retrieval.\n\n- `Standard` : A managed low latency data store for feature groups.\n- `InMemory` : A managed data store for feature groups that supports very low latency retrieval.", - "title": "StorageType", + "MonitoringType": { + "markdownDescription": "The type of the monitoring job definition to schedule.", + "title": "MonitoringType", "type": "string" }, - "TtlDuration": { - "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.TtlDuration", - "markdownDescription": "Time to live duration, where the record is hard deleted after the expiration time is reached; `ExpiresAt` = `EventTime` + `TtlDuration` . For information on HardDelete, see the [DeleteRecord](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html) API in the Amazon SageMaker API Reference guide.", - "title": "TtlDuration" + "ScheduleConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ScheduleConfig", + "markdownDescription": "Configures the monitoring schedule.", + "title": "ScheduleConfig" } }, "type": "object" }, - "AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig": { + "AWS::SageMaker::MonitoringSchedule.NetworkConfig": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.\n\nThe caller (either user or IAM role) of `CreateFeatureGroup` must have below permissions to the `OnlineStore` `KmsKeyId` :\n\n- `\"kms:Encrypt\"`\n- `\"kms:Decrypt\"`\n- `\"kms:DescribeKey\"`\n- `\"kms:CreateGrant\"`\n- `\"kms:RetireGrant\"`\n- `\"kms:ReEncryptFrom\"`\n- `\"kms:ReEncryptTo\"`\n- `\"kms:GenerateDataKey\"`\n- `\"kms:ListAliases\"`\n- `\"kms:ListGrants\"`\n- `\"kms:RevokeGrant\"`\n\nThe caller (either user or IAM role) to all DataPlane operations ( `PutRecord` , `GetRecord` , `DeleteRecord` ) must have the following permissions to the `KmsKeyId` :\n\n- `\"kms:Decrypt\"`", - "title": "KmsKeyId", - "type": "string" + "EnableInterContainerTrafficEncryption": { + "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", + "title": "EnableInterContainerTrafficEncryption", + "type": "boolean" + }, + "EnableNetworkIsolation": { + "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", + "title": "EnableNetworkIsolation", + "type": "boolean" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.VpcConfig", + "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Training Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html) .", + "title": "VpcConfig" } }, "type": "object" }, - "AWS::SageMaker::FeatureGroup.S3StorageConfig": { + "AWS::SageMaker::MonitoringSchedule.S3Output": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service (KMS) key ARN of the key used to encrypt any objects written into the `OfflineStore` S3 location.\n\nThe IAM `roleARN` that is passed as a parameter to `CreateFeatureGroup` must have below permissions to the `KmsKeyId` :\n\n- `\"kms:GenerateDataKey\"`", - "title": "KmsKeyId", + "LocalPath": { + "markdownDescription": "The local path to the S3 storage location where SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", + "title": "LocalPath", + "type": "string" + }, + "S3UploadMode": { + "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", + "title": "S3UploadMode", "type": "string" }, "S3Uri": { - "markdownDescription": "The S3 URI, or location in Amazon S3, of `OfflineStore` .\n\nS3 URIs have a format similar to the following: `s3://example-bucket/prefix/` .", + "markdownDescription": "A URI that identifies the S3 storage location where SageMaker saves the results of a monitoring job.", "title": "S3Uri", "type": "string" } }, "required": [ + "LocalPath", "S3Uri" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.ThroughputConfig": { + "AWS::SageMaker::MonitoringSchedule.ScheduleConfig": { "additionalProperties": false, "properties": { - "ProvisionedReadCapacityUnits": { - "markdownDescription": "For provisioned feature groups with online store enabled, this indicates the read throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", - "title": "ProvisionedReadCapacityUnits", - "type": "number" + "DataAnalysisEndTime": { + "markdownDescription": "Sets the end time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to end the window one hour before the start of each monitoring job, you would specify: `\"-PT1H\"` .\n\nThe end time that you specify must not follow the start time that you specify by more than 24 hours. You specify the start time with the `DataAnalysisStartTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", + "title": "DataAnalysisEndTime", + "type": "string" }, - "ProvisionedWriteCapacityUnits": { - "markdownDescription": "For provisioned feature groups, this indicates the write throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", - "title": "ProvisionedWriteCapacityUnits", - "type": "number" + "DataAnalysisStartTime": { + "markdownDescription": "Sets the start time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to monitor the five hours of data in your dataset that precede the start of each monitoring job, you would specify: `\"-PT5H\"` .\n\nThe start time that you specify must not precede the end time that you specify by more than 24 hours. You specify the end time with the `DataAnalysisEndTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", + "title": "DataAnalysisStartTime", + "type": "string" }, - "ThroughputMode": { - "markdownDescription": "The mode used for your feature group throughput: `ON_DEMAND` or `PROVISIONED` .", - "title": "ThroughputMode", + "ScheduleExpression": { + "markdownDescription": "A cron expression that describes details about the monitoring schedule.\n\nThe supported cron expressions are:\n\n- If you want to set the job to start every hour, use the following:\n\n`Hourly: cron(0 * ? * * *)`\n- If you want to start the job daily:\n\n`cron(0 [00-23] ? * * *)`\n- If you want to run the job one time, immediately, use the following keyword:\n\n`NOW`\n\nFor example, the following are valid cron expressions:\n\n- Daily at noon UTC: `cron(0 12 ? * * *)`\n- Daily at midnight UTC: `cron(0 0 ? * * *)`\n\nTo support running every 6, 12 hours, the following are also supported:\n\n`cron(0 [00-23]/[01-24] ? * * *)`\n\nFor example, the following are valid cron expressions:\n\n- Every 12 hours, starting at 5pm UTC: `cron(0 17/12 ? * * *)`\n- Every two hours starting at midnight: `cron(0 0/2 ? * * *)`\n\n> - Even though the cron expression is set to start at 5PM UTC, note that there could be a delay of 0-20 minutes from the actual requested time to run the execution.\n> - We recommend that if you would like a daily schedule, you do not provide this parameter. Amazon SageMaker AI will pick a time for running every day. \n\nYou can also specify the keyword `NOW` to run the monitoring job immediately, one time, without recurring.", + "title": "ScheduleExpression", "type": "string" } }, "required": [ - "ThroughputMode" + "ScheduleExpression" ], "type": "object" }, - "AWS::SageMaker::FeatureGroup.TtlDuration": { + "AWS::SageMaker::MonitoringSchedule.StatisticsResource": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "`TtlDuration` time unit.", - "title": "Unit", + "S3Uri": { + "markdownDescription": "The S3 URI for the statistics resource.", + "title": "S3Uri", "type": "string" - }, - "Value": { - "markdownDescription": "`TtlDuration` time value.", - "title": "Value", + } + }, + "type": "object" + }, + "AWS::SageMaker::MonitoringSchedule.StoppingCondition": { + "additionalProperties": false, + "properties": { + "MaxRuntimeInSeconds": { + "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", + "title": "MaxRuntimeInSeconds", "type": "number" } }, + "required": [ + "MaxRuntimeInSeconds" + ], "type": "object" }, - "AWS::SageMaker::Image": { + "AWS::SageMaker::MonitoringSchedule.VpcConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ImageDescription": { - "markdownDescription": "The description of the image.", - "title": "ImageDescription", - "type": "string" - }, - "ImageDisplayName": { - "markdownDescription": "The display name of the image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.\n\n*Pattern* : `^\\S(.*\\S)?$`", - "title": "ImageDisplayName", - "type": "string" - }, - "ImageName": { - "markdownDescription": "The name of the Image. Must be unique by region in your account.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", - "title": "ImageName", - "type": "string" - }, - "ImageRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n\n*Length Constraints* : Minimum length of 20. Maximum length of 2048.\n\n*Pattern* : `^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$`", - "title": "ImageRoleArn", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\n*Array Members* : Minimum number of 0 items. Maximum number of 50 items.", - "title": "Tags", - "type": "array" - } + "SecurityGroupIds": { + "items": { + "type": "string" }, - "required": [ - "ImageName", - "ImageRoleArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SageMaker::Image" - ], - "type": "string" + "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", + "title": "SecurityGroupIds", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", + "title": "Subnets", + "type": "array" } }, "required": [ - "Type", - "Properties" + "SecurityGroupIds", + "Subnets" ], "type": "object" }, - "AWS::SageMaker::ImageVersion": { + "AWS::SageMaker::NotebookInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -246963,74 +299297,108 @@ "Properties": { "additionalProperties": false, "properties": { - "Alias": { - "markdownDescription": "", - "title": "Alias", - "type": "string" + "AcceleratorTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon Elastic Inference (EI) instance types to associate with the notebook instance. Currently, only one instance type can be associated with a notebook instance. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .\n\n*Valid Values:* `ml.eia1.medium | ml.eia1.large | ml.eia1.xlarge | ml.eia2.medium | ml.eia2.large | ml.eia2.xlarge` .", + "title": "AcceleratorTypes", + "type": "array" }, - "Aliases": { + "AdditionalCodeRepositories": { "items": { "type": "string" }, - "markdownDescription": "", - "title": "Aliases", + "markdownDescription": "An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", + "title": "AdditionalCodeRepositories", "type": "array" }, - "BaseImage": { - "markdownDescription": "The container image that the SageMaker image version is based on.", - "title": "BaseImage", + "DefaultCodeRepository": { + "markdownDescription": "The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. When you open a notebook instance, it opens in the directory that contains this repository. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", + "title": "DefaultCodeRepository", "type": "string" }, - "Horovod": { - "markdownDescription": "", - "title": "Horovod", - "type": "boolean" + "DirectInternetAccess": { + "markdownDescription": "Sets whether SageMaker AI provides internet access to the notebook instance. If you set this to `Disabled` this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker AI training and endpoint services unless you configure a NAT Gateway in your VPC.\n\nFor more information, see [Notebook Instances Are Internet-Enabled by Default](https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access) . You can set the value of this parameter to `Disabled` only if you set a value for the `SubnetId` parameter.", + "title": "DirectInternetAccess", + "type": "string" }, - "ImageName": { - "markdownDescription": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", - "title": "ImageName", + "InstanceMetadataServiceConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration", + "markdownDescription": "Information on the IMDS configuration of the notebook instance", + "title": "InstanceMetadataServiceConfiguration" + }, + "InstanceType": { + "markdownDescription": "The type of ML compute instance to launch for the notebook instance.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", + "title": "InstanceType", "type": "string" }, - "JobType": { - "markdownDescription": "", - "title": "JobType", + "KmsKeyId": { + "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Key Management Service key that SageMaker AI uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see [Enabling and Disabling Keys](https://docs.aws.amazon.com/kms/latest/developerguide/enabling-keys.html) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyId", "type": "string" }, - "MLFramework": { - "markdownDescription": "", - "title": "MLFramework", + "LifecycleConfigName": { + "markdownDescription": "The name of a lifecycle configuration to associate with the notebook instance. For information about lifecycle configurations, see [Customize a Notebook Instance](https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html) in the *Amazon SageMaker Developer Guide* .", + "title": "LifecycleConfigName", "type": "string" }, - "Processor": { - "markdownDescription": "", - "title": "Processor", + "NotebookInstanceName": { + "markdownDescription": "The name of the new notebook instance.", + "title": "NotebookInstanceName", "type": "string" }, - "ProgrammingLang": { - "markdownDescription": "", - "title": "ProgrammingLang", + "PlatformIdentifier": { + "markdownDescription": "The platform identifier of the notebook instance runtime environment.", + "title": "PlatformIdentifier", "type": "string" }, - "ReleaseNotes": { - "markdownDescription": "", - "title": "ReleaseNotes", + "RoleArn": { + "markdownDescription": "When you send any requests to AWS resources from the notebook instance, SageMaker AI assumes this role to perform tasks on your behalf. You must grant this role necessary permissions so SageMaker AI can perform these tasks. The policy must allow the SageMaker AI service principal (sagemaker.amazonaws.com) permissions to assume this role. For more information, see [SageMaker AI Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker AI, the caller of this API must have the `iam:PassRole` permission.", + "title": "RoleArn", "type": "string" }, - "VendorGuidance": { - "markdownDescription": "", - "title": "VendorGuidance", + "RootAccess": { + "markdownDescription": "Whether root access is enabled or disabled for users of the notebook instance. The default value is `Enabled` .\n\n> Lifecycle configurations need root access to be able to set up a notebook instance. Because of this, lifecycle configurations associated with a notebook instance always run with root access even if you disable root access for users.", + "title": "RootAccess", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The VPC security group IDs, in the form sg-xxxxxxxx. The security groups must be for the same VPC as specified in the subnet.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in a VPC to which you would like to have a connectivity from your ML compute instance.", + "title": "SubnetId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .\n\nYou can add tags later by using the `CreateTags` API.", + "title": "Tags", + "type": "array" + }, + "VolumeSizeInGB": { + "markdownDescription": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", + "title": "VolumeSizeInGB", + "type": "number" } }, "required": [ - "BaseImage", - "ImageName" + "InstanceType", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ImageVersion" + "AWS::SageMaker::NotebookInstance" ], "type": "string" }, @@ -247049,7 +299417,21 @@ ], "type": "object" }, - "AWS::SageMaker::InferenceComponent": { + "AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration": { + "additionalProperties": false, + "properties": { + "MinimumInstanceMetadataServiceVersion": { + "markdownDescription": "Indicates the minimum IMDS version that the notebook instance supports. When passed as part of `CreateNotebookInstance` , if no value is selected, then it defaults to IMDSv1. This means that both IMDSv1 and IMDSv2 are supported. If passed as part of `UpdateNotebookInstance` , there is no default.", + "title": "MinimumInstanceMetadataServiceVersion", + "type": "string" + } + }, + "required": [ + "MinimumInstanceMetadataServiceVersion" + ], + "type": "object" + }, + "AWS::SageMaker::NotebookInstanceLifecycleConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -247084,56 +299466,33 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the endpoint that hosts the inference component.", - "title": "EndpointArn", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint that hosts the inference component.", - "title": "EndpointName", - "type": "string" - }, - "InferenceComponentName": { - "markdownDescription": "The name of the inference component.", - "title": "InferenceComponentName", + "NotebookInstanceLifecycleConfigName": { + "markdownDescription": "The name of the lifecycle configuration.", + "title": "NotebookInstanceLifecycleConfigName", "type": "string" }, - "RuntimeConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig", - "markdownDescription": "", - "title": "RuntimeConfig" - }, - "Specification": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentSpecification", - "markdownDescription": "", - "title": "Specification" - }, - "Tags": { + "OnCreate": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" }, - "markdownDescription": "", - "title": "Tags", + "markdownDescription": "A shell script that runs only once, when you create a notebook instance. The shell script must be a base64-encoded string.", + "title": "OnCreate", "type": "array" }, - "VariantName": { - "markdownDescription": "The name of the production variant that hosts the inference component.", - "title": "VariantName", - "type": "string" + "OnStart": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" + }, + "markdownDescription": "A shell script that runs every time you start a notebook instance, including when you create the notebook instance. The shell script must be a base64-encoded string.", + "title": "OnStart", + "type": "array" } }, - "required": [ - "EndpointName", - "RuntimeConfig", - "Specification", - "VariantName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::InferenceComponent" + "AWS::SageMaker::NotebookInstanceLifecycleConfig" ], "type": "string" }, @@ -247147,157 +299506,22 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::SageMaker::InferenceComponent.DeployedImage": { - "additionalProperties": false, - "properties": { - "ResolutionTime": { - "markdownDescription": "The date and time when the image path for the model resolved to the `ResolvedImage`", - "title": "ResolutionTime", - "type": "string" - }, - "ResolvedImage": { - "markdownDescription": "The specific digest path of the image hosted in this `ProductionVariant` .", - "title": "ResolvedImage", - "type": "string" - }, - "SpecifiedImage": { - "markdownDescription": "The image path you specified when you created the model.", - "title": "SpecifiedImage", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements": { - "additionalProperties": false, - "properties": { - "MaxMemoryRequiredInMb": { - "markdownDescription": "The maximum MB of memory to allocate to run a model that you assign to an inference component.", - "title": "MaxMemoryRequiredInMb", - "type": "number" - }, - "MinMemoryRequiredInMb": { - "markdownDescription": "The minimum MB of memory to allocate to run a model that you assign to an inference component.", - "title": "MinMemoryRequiredInMb", - "type": "number" - }, - "NumberOfAcceleratorDevicesRequired": { - "markdownDescription": "The number of accelerators to allocate to run a model that you assign to an inference component. Accelerators include GPUs and AWS Inferentia.", - "title": "NumberOfAcceleratorDevicesRequired", - "type": "number" - }, - "NumberOfCpuCoresRequired": { - "markdownDescription": "The number of CPU cores to allocate to run a model that you assign to an inference component.", - "title": "NumberOfCpuCoresRequired", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification": { - "additionalProperties": false, - "properties": { - "ArtifactUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", - "title": "ArtifactUrl", - "type": "string" - }, - "DeployedImage": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.DeployedImage", - "markdownDescription": "", - "title": "DeployedImage" - }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the Environment string-to-string map can have length of up to 1024. We support up to 16 entries in the map.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "Image": { - "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where the Docker image for the model is stored.", - "title": "Image", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig": { - "additionalProperties": false, - "properties": { - "CopyCount": { - "markdownDescription": "The number of runtime copies of the model container to deploy with the inference component. Each copy can serve inference requests.", - "title": "CopyCount", - "type": "number" - }, - "CurrentCopyCount": { - "markdownDescription": "", - "title": "CurrentCopyCount", - "type": "number" - }, - "DesiredCopyCount": { - "markdownDescription": "", - "title": "DesiredCopyCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceComponent.InferenceComponentSpecification": { + "AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook": { "additionalProperties": false, "properties": { - "ComputeResourceRequirements": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements", - "markdownDescription": "The compute resources allocated to run the model, plus any adapter models, that you assign to the inference component.\n\nOmit this parameter if your request is meant to create an adapter inference component. An adapter inference component is loaded by a base inference component, and it uses the compute resources of the base inference component.", - "title": "ComputeResourceRequirements" - }, - "Container": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification", - "markdownDescription": "Defines a container that provides the runtime environment for a model that you deploy with an inference component.", - "title": "Container" - }, - "ModelName": { - "markdownDescription": "The name of an existing SageMaker AI model object in your account that you want to deploy with the inference component.", - "title": "ModelName", + "Content": { + "markdownDescription": "A base64-encoded string that contains a shell script for a notebook instance lifecycle configuration.", + "title": "Content", "type": "string" - }, - "StartupParameters": { - "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters", - "markdownDescription": "Settings that take effect while the model container starts up.", - "title": "StartupParameters" - } - }, - "required": [ - "ComputeResourceRequirements" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters": { - "additionalProperties": false, - "properties": { - "ContainerStartupHealthCheckTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by Amazon S3 Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", - "title": "ContainerStartupHealthCheckTimeoutInSeconds", - "type": "number" - }, - "ModelDataDownloadTimeoutInSeconds": { - "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this inference component.", - "title": "ModelDataDownloadTimeoutInSeconds", - "type": "number" } }, "type": "object" }, - "AWS::SageMaker::InferenceExperiment": { + "AWS::SageMaker::PartnerApp": { "additionalProperties": false, "properties": { "Condition": { @@ -247332,90 +299556,72 @@ "Properties": { "additionalProperties": false, "properties": { - "DataStorageConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.DataStorageConfig", - "markdownDescription": "The Amazon S3 location and configuration for storing inference request and response data.", - "title": "DataStorageConfig" + "ApplicationConfig": { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp.PartnerAppConfig", + "markdownDescription": "Configuration settings for the Partner AI App.", + "title": "ApplicationConfig" }, - "Description": { - "markdownDescription": "The description of the inference experiment.", - "title": "Description", + "AuthType": { + "markdownDescription": "Defines the authentication type used for the Partner AI App.", + "title": "AuthType", "type": "string" }, - "DesiredState": { - "markdownDescription": "The desired state of the experiment after stopping. The possible states are the following:\n\n- `Completed` : The experiment completed successfully\n- `Cancelled` : The experiment was canceled", - "title": "DesiredState", - "type": "string" + "EnableIamSessionBasedIdentity": { + "markdownDescription": "Enables IAM Session based Identity for PartnerApp.", + "title": "EnableIamSessionBasedIdentity", + "type": "boolean" }, - "EndpointName": { - "markdownDescription": "The name of the endpoint.", - "title": "EndpointName", + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role of the user.", + "title": "ExecutionRoleArn", "type": "string" }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", - "title": "KmsKey", + "KmsKeyId": { + "markdownDescription": "The AWS KMS customer managed key used to encrypt the data associated with the PartnerApp.", + "title": "KmsKeyId", "type": "string" }, - "ModelVariants": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelVariantConfig" - }, - "markdownDescription": "An array of `ModelVariantConfigSummary` objects. There is one for each variant in the inference experiment. Each `ModelVariantConfigSummary` object in the array describes the infrastructure configuration for deploying the corresponding variant.", - "title": "ModelVariants", - "type": "array" + "MaintenanceConfig": { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp.PartnerAppMaintenanceConfig", + "markdownDescription": "A collection of settings that specify the maintenance schedule for the PartnerApp.", + "title": "MaintenanceConfig" }, "Name": { - "markdownDescription": "The name of the inference experiment.", + "markdownDescription": "The name of the Partner AI App. This name must be unique within your account and region.", "title": "Name", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Amazon SageMaker can assume to access model artifacts and container images, and manage Amazon SageMaker Inference endpoints for model deployment.", - "title": "RoleArn", - "type": "string" - }, - "Schedule": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule", - "markdownDescription": "The duration for which the inference experiment ran or will run.\n\nThe maximum duration that you can set for an inference experiment is 30 days.", - "title": "Schedule" - }, - "ShadowModeConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModeConfig", - "markdownDescription": "The configuration of `ShadowMode` inference experiment type, which shows the production variant that takes all the inference requests, and the shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant it also shows the percentage of requests that Amazon SageMaker replicates.", - "title": "ShadowModeConfig" - }, - "StatusReason": { - "markdownDescription": "The error message for the inference experiment status result.", - "title": "StatusReason", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of tags to apply to the PartnerApp.", "title": "Tags", "type": "array" }, + "Tier": { + "markdownDescription": "Specifies the tier or level of the Partner AI App. The tier size impacts the speed and capabilities of the application. For more information, see [Set up Partner AI Apps](https://docs.aws.amazon.com/sagemaker/latest/dg/partner-app-onboard.html) .", + "title": "Tier", + "type": "string" + }, "Type": { - "markdownDescription": "The type of the inference experiment.", + "markdownDescription": "Specifies the type of Partner AI App being created.", "title": "Type", "type": "string" } }, "required": [ - "EndpointName", - "ModelVariants", + "AuthType", + "ExecutionRoleArn", "Name", - "RoleArn", + "Tier", "Type" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::InferenceExperiment" + "AWS::SageMaker::PartnerApp" ], "type": "string" }, @@ -247434,202 +299640,46 @@ ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader": { + "AWS::SageMaker::PartnerApp.PartnerAppConfig": { "additionalProperties": false, "properties": { - "CsvContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of all content type headers that Amazon SageMaker AI will treat as CSV and capture accordingly.", - "title": "CsvContentTypes", - "type": "array" - }, - "JsonContentTypes": { + "AdminUsers": { "items": { "type": "string" }, - "markdownDescription": "The list of all content type headers that SageMaker AI will treat as JSON and capture accordingly.", - "title": "JsonContentTypes", + "markdownDescription": "A list of users that will have administrative access to the Partner AI App.", + "title": "AdminUsers", "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.DataStorageConfig": { - "additionalProperties": false, - "properties": { - "ContentType": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader", - "markdownDescription": "Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data.", - "title": "ContentType" - }, - "Destination": { - "markdownDescription": "The Amazon S3 bucket where the inference request and response data is stored.", - "title": "Destination", - "type": "string" - }, - "KmsKey": { - "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", - "title": "KmsKey", - "type": "string" - } - }, - "required": [ - "Destination" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.EndpointMetadata": { - "additionalProperties": false, - "properties": { - "EndpointConfigName": { - "markdownDescription": "The name of the endpoint configuration.", - "title": "EndpointConfigName", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint.", - "title": "EndpointName", - "type": "string" - }, - "EndpointStatus": { - "markdownDescription": "The status of the endpoint. For possible values of the status of an endpoint, see [](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-inferenceexperiment-endpointmetadata.html#cfn-sagemaker-inferenceexperiment-endpointmetadata-endpointstatus) .", - "title": "EndpointStatus", - "type": "string" - } - }, - "required": [ - "EndpointName" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule": { - "additionalProperties": false, - "properties": { - "EndTime": { - "markdownDescription": "The timestamp at which the inference experiment ended or will end.", - "title": "EndTime", - "type": "string" - }, - "StartTime": { - "markdownDescription": "The timestamp at which the inference experiment started or will start.", - "title": "StartTime", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig": { - "additionalProperties": false, - "properties": { - "InfrastructureType": { - "markdownDescription": "The inference option to which to deploy your model. Possible values are the following:\n\n- `RealTime` : Deploy to real-time inference.", - "title": "InfrastructureType", - "type": "string" - }, - "RealTimeInferenceConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig", - "markdownDescription": "The infrastructure configuration for deploying the model to real-time inference.", - "title": "RealTimeInferenceConfig" - } - }, - "required": [ - "InfrastructureType", - "RealTimeInferenceConfig" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.ModelVariantConfig": { - "additionalProperties": false, - "properties": { - "InfrastructureConfig": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig", - "markdownDescription": "The configuration for the infrastructure that the model will be deployed to.", - "title": "InfrastructureConfig" - }, - "ModelName": { - "markdownDescription": "The name of the Amazon SageMaker Model entity.", - "title": "ModelName", - "type": "string" - }, - "VariantName": { - "markdownDescription": "The name of the variant.", - "title": "VariantName", - "type": "string" - } - }, - "required": [ - "InfrastructureConfig", - "ModelName", - "VariantName" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig": { - "additionalProperties": false, - "properties": { - "InstanceCount": { - "markdownDescription": "The number of instances of the type specified by `InstanceType` .", - "title": "InstanceCount", - "type": "number" }, - "InstanceType": { - "markdownDescription": "The instance type the model is deployed to.", - "title": "InstanceType", - "type": "string" - } - }, - "required": [ - "InstanceCount", - "InstanceType" - ], - "type": "object" - }, - "AWS::SageMaker::InferenceExperiment.ShadowModeConfig": { - "additionalProperties": false, - "properties": { - "ShadowModelVariants": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig" + "Arguments": { + "additionalProperties": true, + "markdownDescription": "Additional arguments passed to the Partner AI App during initialization or runtime.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "List of shadow variant configurations.", - "title": "ShadowModelVariants", - "type": "array" - }, - "SourceModelVariantName": { - "markdownDescription": "The name of the production variant, which takes all the inference requests.", - "title": "SourceModelVariantName", - "type": "string" + "title": "Arguments", + "type": "object" } }, - "required": [ - "ShadowModelVariants", - "SourceModelVariantName" - ], "type": "object" }, - "AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig": { + "AWS::SageMaker::PartnerApp.PartnerAppMaintenanceConfig": { "additionalProperties": false, "properties": { - "SamplingPercentage": { - "markdownDescription": "The percentage of inference requests that Amazon SageMaker replicates from the production variant to the shadow variant.", - "title": "SamplingPercentage", - "type": "number" - }, - "ShadowModelVariantName": { - "markdownDescription": "The name of the shadow variant.", - "title": "ShadowModelVariantName", + "MaintenanceWindowStart": { + "markdownDescription": "The maintenance window start day and time for the PartnerApp.", + "title": "MaintenanceWindowStart", "type": "string" } }, "required": [ - "SamplingPercentage", - "ShadowModelVariantName" + "MaintenanceWindowStart" ], "type": "object" }, - "AWS::SageMaker::Model": { + "AWS::SageMaker::Pipeline": { "additionalProperties": false, "properties": { "Condition": { @@ -247664,58 +299714,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition" - }, - "markdownDescription": "Specifies the containers in the inference pipeline.", - "title": "Containers", - "type": "array" + "ParallelismConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Pipeline.ParallelismConfiguration", + "markdownDescription": "The parallelism configuration applied to the pipeline.", + "title": "ParallelismConfiguration" }, - "EnableNetworkIsolation": { - "markdownDescription": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "PipelineDefinition": { + "$ref": "#/definitions/AWS::SageMaker::Pipeline.PipelineDefinition", + "markdownDescription": "The definition of the pipeline. This can be either a JSON string or an Amazon S3 location.", + "title": "PipelineDefinition" }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume to access model artifacts and docker image for deployment on ML compute instances or for batch transform jobs. Deploying on ML compute instances is part of model hosting. For more information, see [SageMaker Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker, the caller of this API must have the `iam:PassRole` permission.", - "title": "ExecutionRoleArn", + "PipelineDescription": { + "markdownDescription": "The description of the pipeline.", + "title": "PipelineDescription", "type": "string" }, - "InferenceExecutionConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.InferenceExecutionConfig", - "markdownDescription": "Specifies details of how containers in a multi-container endpoint are called.", - "title": "InferenceExecutionConfig" + "PipelineDisplayName": { + "markdownDescription": "The display name of the pipeline.", + "title": "PipelineDisplayName", + "type": "string" }, - "ModelName": { - "markdownDescription": "The name of the new model.", - "title": "ModelName", + "PipelineName": { + "markdownDescription": "The name of the pipeline.", + "title": "PipelineName", "type": "string" }, - "PrimaryContainer": { - "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition", - "markdownDescription": "The location of the primary docker image containing inference code, associated artifacts, and custom environment map that the inference code uses when the model is deployed for predictions.", - "title": "PrimaryContainer" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to execute the pipeline.", + "title": "RoleArn", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", + "markdownDescription": "The tags of the pipeline.", "title": "Tags", "type": "array" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.VpcConfig", - "markdownDescription": "A [VpcConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_VpcConfig.html) object that specifies the VPC that you want your model to connect to. Control access to and from your model container by configuring the VPC. `VpcConfig` is used in hosting services and in batch transform. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Data in Batch Transform Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/batch-vpc.html) .", - "title": "VpcConfig" } }, + "required": [ + "PipelineDefinition", + "PipelineName", + "RoleArn" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Model" + "AWS::SageMaker::Pipeline" ], "type": "string" }, @@ -247729,210 +299776,72 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::SageMaker::Model.ContainerDefinition": { - "additionalProperties": false, - "properties": { - "ContainerHostname": { - "markdownDescription": "This parameter is ignored for models that contain only a `PrimaryContainer` .\n\nWhen a `ContainerDefinition` is part of an inference pipeline, the value of the parameter uniquely identifies the container for the purposes of logging and metrics. For information, see [Use Logs and Metrics to Monitor an Inference Pipeline](https://docs.aws.amazon.com/sagemaker/latest/dg/inference-pipeline-logs-metrics.html) . If you don't specify a value for this parameter for a `ContainerDefinition` that is part of an inference pipeline, a unique name is automatically assigned based on the position of the `ContainerDefinition` in the pipeline. If you specify a value for the `ContainerHostName` for any `ContainerDefinition` that is part of an inference pipeline, you must specify a value for the `ContainerHostName` parameter of every `ContainerDefinition` in that pipeline.", - "title": "ContainerHostname", - "type": "string" - }, - "Environment": { - "markdownDescription": "The environment variables to set in the Docker container. Don't include any sensitive data in your environment variables.\n\nThe maximum length of each key and value in the `Environment` map is 1024 bytes. The maximum length of all keys and values in the map, combined, is 32 KB. If you pass multiple containers to a `CreateModel` request, then the maximum length of all of their maps, combined, is also 32 KB.", - "title": "Environment", - "type": "object" - }, - "Image": { - "markdownDescription": "The path where inference code is stored. This can be either in Amazon EC2 Container Registry or in a Docker registry that is accessible from the same VPC that you configure for your endpoint. If you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", - "title": "Image", - "type": "string" - }, - "ImageConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.ImageConfig", - "markdownDescription": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For information about storing containers in a private Docker registry, see [Use a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", - "title": "ImageConfig" - }, - "InferenceSpecificationName": { - "markdownDescription": "The inference specification name in the model package version.", - "title": "InferenceSpecificationName", - "type": "string" - }, - "Mode": { - "markdownDescription": "Whether the container hosts a single model or multiple models.", - "title": "Mode", - "type": "string" - }, - "ModelDataSource": { - "$ref": "#/definitions/AWS::SageMaker::Model.ModelDataSource", - "markdownDescription": "Specifies the location of ML model data to deploy.\n\n> Currently you cannot use `ModelDataSource` in conjunction with SageMaker batch transform, SageMaker serverless endpoints, SageMaker multi-model endpoints, and SageMaker Marketplace.", - "title": "ModelDataSource" - }, - "ModelDataUrl": { - "markdownDescription": "The S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). The S3 path is required for SageMaker built-in algorithms, but not if you use your own algorithms. For more information on built-in algorithms, see [Common Parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-algo-docker-registry-paths.html) .\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model or endpoint you are creating. \n\nIf you provide a value for this parameter, SageMaker uses AWS Security Token Service to download model artifacts from the S3 path you provide. AWS STS is activated in your AWS account by default. If you previously deactivated AWS STS for a region, you need to reactivate AWS STS for that region. For more information, see [Activating and Deactivating AWS STS in an AWS Region](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the *AWS Identity and Access Management User Guide* .\n\n> If you use a built-in algorithm to create a model, SageMaker requires that you provide a S3 path to the model artifacts in `ModelDataUrl` .", - "title": "ModelDataUrl", - "type": "string" - }, - "ModelPackageName": { - "markdownDescription": "The name or Amazon Resource Name (ARN) of the model package to use to create the model.", - "title": "ModelPackageName", - "type": "string" - }, - "MultiModelConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.MultiModelConfig", - "markdownDescription": "Specifies additional configuration for multi-model endpoints.", - "title": "MultiModelConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::Model.ImageConfig": { - "additionalProperties": false, - "properties": { - "RepositoryAccessMode": { - "markdownDescription": "Set this to one of the following values:\n\n- `Platform` - The model image is hosted in Amazon ECR.\n- `Vpc` - The model image is hosted in a private Docker registry in your VPC.", - "title": "RepositoryAccessMode", - "type": "string" - }, - "RepositoryAuthConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.RepositoryAuthConfig", - "markdownDescription": "(Optional) Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified `Vpc` as the value for the `RepositoryAccessMode` field, and the private Docker registry where the model image is hosted requires authentication.", - "title": "RepositoryAuthConfig" - } - }, - "required": [ - "RepositoryAccessMode" - ], - "type": "object" - }, - "AWS::SageMaker::Model.InferenceExecutionConfig": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "How containers in a multi-container are run. The following values are valid.\n\n- `Serial` - Containers run as a serial pipeline.\n- `Direct` - Only the individual container that you specify is run.", - "title": "Mode", - "type": "string" - } - }, - "required": [ - "Mode" - ], - "type": "object" - }, - "AWS::SageMaker::Model.ModelAccessConfig": { - "additionalProperties": false, - "properties": { - "AcceptEula": { - "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", - "title": "AcceptEula", - "type": "boolean" - } - }, - "required": [ - "AcceptEula" - ], - "type": "object" - }, - "AWS::SageMaker::Model.ModelDataSource": { - "additionalProperties": false, - "properties": { - "S3DataSource": { - "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource", - "markdownDescription": "Specifies the S3 location of ML model data to deploy.", - "title": "S3DataSource" - } - }, - "required": [ - "S3DataSource" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::Model.MultiModelConfig": { - "additionalProperties": false, - "properties": { - "ModelCacheSetting": { - "markdownDescription": "Whether to cache models for a multi-model endpoint. By default, multi-model endpoints cache models so that a model does not have to be loaded into memory each time it is invoked. Some use cases do not benefit from model caching. For example, if an endpoint hosts a large number of models that are each invoked infrequently, the endpoint might perform better if you disable model caching. To disable model caching, set the value of this parameter to Disabled.", - "title": "ModelCacheSetting", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Model.RepositoryAuthConfig": { + "AWS::SageMaker::Pipeline.ParallelismConfiguration": { "additionalProperties": false, "properties": { - "RepositoryCredentialsProviderArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the *AWS Lambda Developer Guide* .", - "title": "RepositoryCredentialsProviderArn", - "type": "string" + "MaxParallelExecutionSteps": { + "markdownDescription": "The max number of steps that can be executed in parallel.", + "title": "MaxParallelExecutionSteps", + "type": "number" } }, "required": [ - "RepositoryCredentialsProviderArn" + "MaxParallelExecutionSteps" ], "type": "object" }, - "AWS::SageMaker::Model.S3DataSource": { + "AWS::SageMaker::Pipeline.PipelineDefinition": { "additionalProperties": false, "properties": { - "CompressionType": { - "markdownDescription": "", - "title": "CompressionType", - "type": "string" - }, - "ModelAccessConfig": { - "$ref": "#/definitions/AWS::SageMaker::Model.ModelAccessConfig", - "markdownDescription": "", - "title": "ModelAccessConfig" - }, - "S3DataType": { - "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", - "title": "S3DataType", + "PipelineDefinitionBody": { + "markdownDescription": "The [JSON pipeline definition](https://docs.aws.amazon.com/https://aws-sagemaker-mlops.github.io/sagemaker-model-building-pipeline-definition-JSON-schema/) of the pipeline.", + "title": "PipelineDefinitionBody", "type": "string" }, - "S3Uri": { - "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", - "title": "S3Uri", - "type": "string" + "PipelineDefinitionS3Location": { + "$ref": "#/definitions/AWS::SageMaker::Pipeline.S3Location", + "markdownDescription": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker retrieves the pipeline definition from this location.", + "title": "PipelineDefinitionS3Location" } }, - "required": [ - "CompressionType", - "S3DataType", - "S3Uri" - ], "type": "object" }, - "AWS::SageMaker::Model.VpcConfig": { + "AWS::SageMaker::Pipeline.S3Location": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" + "Bucket": { + "markdownDescription": "The name of the S3 bucket.", + "title": "Bucket", + "type": "string" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "ETag": { + "markdownDescription": "A file checksum of the pipeline definition file.", + "title": "ETag", + "type": "string" + }, + "Key": { + "markdownDescription": "The object key (or key name) which uniquely identifies the object in an S3 bucket.", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "The version ID of the pipeline definition file. If not specified, Amazon SageMaker will retrieve the latest version.", + "title": "Version", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "Bucket", + "Key" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition": { + "AWS::SageMaker::Project": { "additionalProperties": false, "properties": { "Condition": { @@ -247967,77 +299876,51 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", + "ProjectDescription": { + "markdownDescription": "The description of the project.", + "title": "ProjectDescription", "type": "string" }, - "JobDefinitionName": { - "markdownDescription": "The name of the bias job definition. The name must be unique within an AWS Region in the AWS account.", - "title": "JobDefinitionName", + "ProjectName": { + "markdownDescription": "The name of the project.", + "title": "ProjectName", "type": "string" }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" - }, - "ModelBiasAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification", - "markdownDescription": "Configures the model bias job to run a specified Docker container image.", - "title": "ModelBiasAppSpecification" - }, - "ModelBiasBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig", - "markdownDescription": "The baseline configuration for a model bias job.", - "title": "ModelBiasBaselineConfig" - }, - "ModelBiasJobInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput", - "markdownDescription": "Inputs for the model bias job.", - "title": "ModelBiasJobInput" - }, - "ModelBiasJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "ModelBiasJobOutputConfig" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig", - "markdownDescription": "Networking options for a model bias job.", - "title": "NetworkConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", - "type": "string" + "ServiceCatalogProvisionedProductDetails": { + "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails", + "markdownDescription": "Details of a provisioned service catalog product. For information about service catalog, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", + "title": "ServiceCatalogProvisionedProductDetails" }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" + "ServiceCatalogProvisioningDetails": { + "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisioningDetails", + "markdownDescription": "The product ID and provisioning artifact ID to provision a service catalog. For information, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", + "title": "ServiceCatalogProvisioningDetails" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", "title": "Tags", "type": "array" + }, + "TemplateProviderDetails": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Project.TemplateProviderDetail" + }, + "markdownDescription": "An array of template providers associated with the project.", + "title": "TemplateProviderDetails", + "type": "array" } }, "required": [ - "JobResources", - "ModelBiasAppSpecification", - "ModelBiasJobInput", - "ModelBiasJobOutputConfig", - "RoleArn" + "ProjectName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelBiasJobDefinition" + "AWS::SageMaker::Project" ], "type": "string" }, @@ -248056,439 +299939,142 @@ ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput": { + "AWS::SageMaker::Project.CfnStackParameter": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" - }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" - }, - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" - }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", - "type": "string" - }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" - }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" - }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" - }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "Key": { + "markdownDescription": "The name of the CloudFormation parameter.", + "title": "Key", "type": "string" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", + "Value": { + "markdownDescription": "The value of the CloudFormation parameter.", + "title": "Value", "type": "string" } }, "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" + "Key", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig": { + "AWS::SageMaker::Project.CfnTemplateProviderDetail": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" + "Parameters": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Project.CfnStackParameter" + }, + "markdownDescription": "An array of CloudFormation stack parameters.", + "title": "Parameters", + "type": "array" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", + "RoleARN": { + "markdownDescription": "The IAM role used by CloudFormation to create the stack.", + "title": "RoleARN", "type": "string" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", + "TemplateName": { + "markdownDescription": "The unique identifier of the template within the project.", + "title": "TemplateName", "type": "string" }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" + "TemplateURL": { + "markdownDescription": "The Amazon S3 URL of the CloudFormation template.", + "title": "TemplateURL", + "type": "string" } }, "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" + "TemplateName", + "TemplateURL" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.Csv": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat": { - "additionalProperties": false, - "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" - }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Json", - "markdownDescription": "", - "title": "Json" - }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.EndpointInput": { + "AWS::SageMaker::Project.ProvisioningParameter": { "additionalProperties": false, "properties": { - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" - }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", - "type": "string" - }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" - }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" - }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" - }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "Key": { + "markdownDescription": "The key that identifies a provisioning parameter.", + "title": "Key", "type": "string" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", + "Value": { + "markdownDescription": "The value of the provisioning parameter.", + "title": "Value", "type": "string" } }, "required": [ - "EndpointName", - "LocalPath" + "Key", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.Json": { - "additionalProperties": false, - "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification": { + "AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails": { "additionalProperties": false, "properties": { - "ConfigUri": { - "markdownDescription": "JSON formatted S3 file that defines bias parameters. For more information on this JSON configuration file, see [Configure bias parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-bias-parameters.html) .", - "title": "ConfigUri", + "ProvisionedProductId": { + "markdownDescription": "The ID of the provisioned product.", + "title": "ProvisionedProductId", "type": "string" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the Docker container.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "ImageUri": { - "markdownDescription": "The container image to be run by the model bias job.", - "title": "ImageUri", + "ProvisionedProductStatusMessage": { + "markdownDescription": "The current status of the product.\n\n- `AVAILABLE` - Stable state, ready to perform any operation. The most recent operation succeeded and completed.\n- `UNDER_CHANGE` - Transitive state. Operations performed might not have valid results. Wait for an AVAILABLE status before performing operations.\n- `TAINTED` - Stable state, ready to perform any operation. The stack has completed the requested operation but is not exactly what was requested. For example, a request to update to a new version failed and the stack rolled back to the current version.\n- `ERROR` - An unexpected error occurred. The provisioned product exists but the stack is not running. For example, CloudFormation received a parameter value that was not valid and could not launch the stack.\n- `PLAN_IN_PROGRESS` - Transitive state. The plan operations were performed to provision a new product, but resources have not yet been created. After reviewing the list of resources to be created, execute the plan. Wait for an AVAILABLE status before performing operations.", + "title": "ProvisionedProductStatusMessage", "type": "string" } }, - "required": [ - "ConfigUri", - "ImageUri" - ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig": { + "AWS::SageMaker::Project.ServiceCatalogProvisioningDetails": { "additionalProperties": false, "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the baseline model bias job.", - "title": "BaseliningJobName", + "PathId": { + "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path.", + "title": "PathId", "type": "string" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a monitoring job.", - "title": "ConstraintsResource" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput": { - "additionalProperties": false, - "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" - }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" - }, - "GroundTruthS3Input": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input", - "markdownDescription": "Location of ground truth labels to use in model bias job.", - "title": "GroundTruthS3Input" - } - }, - "required": [ - "GroundTruthS3Input" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", - "title": "S3Uri", + "ProductId": { + "markdownDescription": "The ID of the product to provision.", + "title": "ProductId", "type": "string" - } - }, - "required": [ - "S3Uri" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput": { - "additionalProperties": false, - "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" - } - }, - "required": [ - "S3Output" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", + }, + "ProvisioningArtifactId": { + "markdownDescription": "The ID of the provisioning artifact.", + "title": "ProvisioningArtifactId", "type": "string" }, - "MonitoringOutputs": { + "ProvisioningParameters": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput" + "$ref": "#/definitions/AWS::SageMaker::Project.ProvisioningParameter" }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", + "markdownDescription": "A list of key value pairs that you specify when you provision a product.", + "title": "ProvisioningParameters", "type": "array" } }, "required": [ - "MonitoringOutputs" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources": { - "additionalProperties": false, - "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" - } - }, - "required": [ - "ClusterConfig" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig": { - "additionalProperties": false, - "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" - }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.S3Output": { - "additionalProperties": false, - "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. `LocalPath` is an absolute path for the output data.", - "title": "LocalPath", - "type": "string" - }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", - "type": "string" - }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", - "type": "string" - } - }, - "required": [ - "LocalPath", - "S3Uri" - ], - "type": "object" - }, - "AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition": { - "additionalProperties": false, - "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" - } - }, - "required": [ - "MaxRuntimeInSeconds" + "ProductId" ], "type": "object" }, - "AWS::SageMaker::ModelBiasJobDefinition.VpcConfig": { + "AWS::SageMaker::Project.TemplateProviderDetail": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "CfnTemplateProviderDetail": { + "$ref": "#/definitions/AWS::SageMaker::Project.CfnTemplateProviderDetail", + "markdownDescription": "Details about a CloudFormation template provider configuration and associated provisioning information.", + "title": "CfnTemplateProviderDetail" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "CfnTemplateProviderDetail" ], "type": "object" }, - "AWS::SageMaker::ModelCard": { + "AWS::SageMaker::Space": { "additionalProperties": false, "properties": { "Condition": { @@ -248523,55 +300109,54 @@ "Properties": { "additionalProperties": false, "properties": { - "Content": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.Content", - "markdownDescription": "The content of the model card. Content uses the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", - "title": "Content" - }, - "CreatedBy": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", - "markdownDescription": "Information about the user who created or modified one or more of the following:\n\n- Experiment\n- Trial\n- Trial component\n- Lineage group\n- Project\n- Model Card", - "title": "CreatedBy" + "DomainId": { + "markdownDescription": "The ID of the associated domain.", + "title": "DomainId", + "type": "string" }, - "LastModifiedBy": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", - "markdownDescription": "", - "title": "LastModifiedBy" + "OwnershipSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.OwnershipSettings", + "markdownDescription": "The collection of ownership settings for a space.", + "title": "OwnershipSettings" }, - "ModelCardName": { - "markdownDescription": "The unique name of the model card.", - "title": "ModelCardName", + "SpaceDisplayName": { + "markdownDescription": "The name of the space that appears in the Studio UI.", + "title": "SpaceDisplayName", "type": "string" }, - "ModelCardStatus": { - "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", - "title": "ModelCardStatus", + "SpaceName": { + "markdownDescription": "The name of the space.", + "title": "SpaceName", "type": "string" }, - "SecurityConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.SecurityConfig", - "markdownDescription": "The security configuration used to protect model card data.", - "title": "SecurityConfig" + "SpaceSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSettings", + "markdownDescription": "A collection of space settings.", + "title": "SpaceSettings" + }, + "SpaceSharingSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSharingSettings", + "markdownDescription": "A collection of space sharing settings.", + "title": "SpaceSharingSettings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs used to manage metadata for the model card.", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ - "Content", - "ModelCardName", - "ModelCardStatus" + "DomainId", + "SpaceName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelCard" + "AWS::SageMaker::Space" ], "type": "string" }, @@ -248590,662 +300175,434 @@ ], "type": "object" }, - "AWS::SageMaker::ModelCard.AdditionalInformation": { - "additionalProperties": false, - "properties": { - "CaveatsAndRecommendations": { - "markdownDescription": "Caveats and recommendations for those who might use this model in their applications.", - "title": "CaveatsAndRecommendations", - "type": "string" - }, - "CustomDetails": { - "additionalProperties": true, - "markdownDescription": "Any additional information to document about the model.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "CustomDetails", - "type": "object" - }, - "EthicalConsiderations": { - "markdownDescription": "Any ethical considerations documented by the model card author.", - "title": "EthicalConsiderations", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelCard.BusinessDetails": { - "additionalProperties": false, - "properties": { - "BusinessProblem": { - "markdownDescription": "The specific business problem that the model is trying to solve.", - "title": "BusinessProblem", - "type": "string" - }, - "BusinessStakeholders": { - "markdownDescription": "The relevant stakeholders for the model.", - "title": "BusinessStakeholders", - "type": "string" - }, - "LineOfBusiness": { - "markdownDescription": "The broader business need that the model is serving.", - "title": "LineOfBusiness", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelCard.Container": { + "AWS::SageMaker::Space.CodeRepository": { "additionalProperties": false, "properties": { - "Image": { - "markdownDescription": "", - "title": "Image", - "type": "string" - }, - "ModelDataUrl": { - "markdownDescription": "", - "title": "ModelDataUrl", - "type": "string" - }, - "NearestModelName": { - "markdownDescription": "", - "title": "NearestModelName", + "RepositoryUrl": { + "markdownDescription": "The URL of the Git repository.", + "title": "RepositoryUrl", "type": "string" } }, "required": [ - "Image" + "RepositoryUrl" ], "type": "object" }, - "AWS::SageMaker::ModelCard.Content": { + "AWS::SageMaker::Space.CustomFileSystem": { "additionalProperties": false, "properties": { - "AdditionalInformation": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.AdditionalInformation", - "markdownDescription": "Additional information about the model.", - "title": "AdditionalInformation" - }, - "BusinessDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.BusinessDetails", - "markdownDescription": "Information about how the model supports business goals.", - "title": "BusinessDetails" - }, - "EvaluationDetails": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.EvaluationDetail" - }, - "markdownDescription": "An overview about the model's evaluation.", - "title": "EvaluationDetails", - "type": "array" - }, - "IntendedUses": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.IntendedUses", - "markdownDescription": "The intended usage of the model.", - "title": "IntendedUses" - }, - "ModelOverview": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelOverview", - "markdownDescription": "An overview about the model", - "title": "ModelOverview" + "EFSFileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.EFSFileSystem", + "markdownDescription": "A custom file system in Amazon EFS.", + "title": "EFSFileSystem" }, - "ModelPackageDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageDetails", - "markdownDescription": "", - "title": "ModelPackageDetails" + "FSxLustreFileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.FSxLustreFileSystem", + "markdownDescription": "A custom file system in Amazon FSx for Lustre.", + "title": "FSxLustreFileSystem" }, - "TrainingDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingDetails", - "markdownDescription": "An overview about model training.", - "title": "TrainingDetails" + "S3FileSystem": { + "$ref": "#/definitions/AWS::SageMaker::Space.S3FileSystem", + "markdownDescription": "A custom file system in Amazon S3. This is only supported in Amazon SageMaker Unified Studio.", + "title": "S3FileSystem" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.EvaluationDetail": { + "AWS::SageMaker::Space.CustomImage": { "additionalProperties": false, "properties": { - "Datasets": { - "items": { - "type": "string" - }, - "markdownDescription": "The location of the datasets used to evaluate the model.", - "title": "Datasets", - "type": "array" - }, - "EvaluationJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the evaluation job.", - "title": "EvaluationJobArn", + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig.", + "title": "AppImageConfigName", "type": "string" }, - "EvaluationObservation": { - "markdownDescription": "Any observations made during the model evaluation.", - "title": "EvaluationObservation", + "ImageName": { + "markdownDescription": "The name of the CustomImage. Must be unique to your account.", + "title": "ImageName", "type": "string" }, - "Metadata": { - "additionalProperties": true, - "markdownDescription": "Additional attributes associated with the evaluation results.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Metadata", - "type": "object" - }, - "MetricGroups": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricGroup" - }, - "markdownDescription": "An evaluation Metric Group object.", - "title": "MetricGroups", - "type": "array" - }, - "Name": { - "markdownDescription": "The evaluation job name.", - "title": "Name", - "type": "string" + "ImageVersionNumber": { + "markdownDescription": "The version number of the CustomImage.", + "title": "ImageVersionNumber", + "type": "number" } }, "required": [ - "Name" + "AppImageConfigName", + "ImageName" ], "type": "object" }, - "AWS::SageMaker::ModelCard.Function": { + "AWS::SageMaker::Space.EFSFileSystem": { "additionalProperties": false, "properties": { - "Condition": { - "markdownDescription": "An optional description of any conditions of your objective function metric.", - "title": "Condition", - "type": "string" - }, - "Facet": { - "markdownDescription": "The metric of the model's objective function. For example, *loss* or *rmse* . The following list shows examples of the values that you can specify for the metric:\n\n- `ACCURACY`\n- `AUC`\n- `LOSS`\n- `MAE`\n- `RMSE`", - "title": "Facet", - "type": "string" - }, - "Function": { - "markdownDescription": "The optimization direction of the model's objective function. You must specify one of the following values:\n\n- `Maximize`\n- `Minimize`", - "title": "Function", + "FileSystemId": { + "markdownDescription": "The ID of your Amazon EFS file system.", + "title": "FileSystemId", "type": "string" } }, + "required": [ + "FileSystemId" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.InferenceEnvironment": { - "additionalProperties": false, - "properties": { - "ContainerImage": { - "items": { - "type": "string" - }, - "markdownDescription": "The container used to run the inference environment.", - "title": "ContainerImage", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelCard.InferenceSpecification": { + "AWS::SageMaker::Space.EbsStorageSettings": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.Container" - }, - "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", - "title": "Containers", - "type": "array" + "EbsVolumeSizeInGb": { + "markdownDescription": "The size of an EBS storage volume for a space.", + "title": "EbsVolumeSizeInGb", + "type": "number" } }, "required": [ - "Containers" + "EbsVolumeSizeInGb" ], "type": "object" }, - "AWS::SageMaker::ModelCard.IntendedUses": { + "AWS::SageMaker::Space.FSxLustreFileSystem": { "additionalProperties": false, "properties": { - "ExplanationsForRiskRating": { - "markdownDescription": "An explanation of why your organization categorizes the model with its risk rating.", - "title": "ExplanationsForRiskRating", - "type": "string" - }, - "FactorsAffectingModelEfficiency": { - "markdownDescription": "Factors affecting model efficacy.", - "title": "FactorsAffectingModelEfficiency", - "type": "string" - }, - "IntendedUses": { - "markdownDescription": "The intended use cases for the model.", - "title": "IntendedUses", - "type": "string" - }, - "PurposeOfModel": { - "markdownDescription": "The general purpose of the model.", - "title": "PurposeOfModel", - "type": "string" - }, - "RiskRating": { - "markdownDescription": "Your organization's risk rating. You can specify one the following values as the risk rating:\n\n- High\n- Medium\n- Low\n- Unknown", - "title": "RiskRating", + "FileSystemId": { + "markdownDescription": "Amazon FSx for Lustre file system ID.", + "title": "FileSystemId", "type": "string" } }, + "required": [ + "FileSystemId" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.MetricDataItems": { + "AWS::SageMaker::Space.JupyterServerAppSettings": { "additionalProperties": false, "properties": { - "Name": { - "type": "string" - }, - "Notes": { - "type": "string" - }, - "Type": { - "type": "string" - }, - "Value": { - "type": "object" - }, - "XAxisName": { - "items": { - "type": "string" - }, - "type": "array" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the JupyterServer app. If you use the `LifecycleConfigArns` parameter, then this parameter is also required.", + "title": "DefaultResourceSpec" }, - "YAxisName": { + "LifecycleConfigArns": { "items": { "type": "string" }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", "type": "array" } }, - "required": [ - "Name", - "Type", - "Value" - ], "type": "object" }, - "AWS::SageMaker::ModelCard.MetricGroup": { + "AWS::SageMaker::Space.KernelGatewayAppSettings": { "additionalProperties": false, "properties": { - "MetricData": { + "CustomImages": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricDataItems" + "$ref": "#/definitions/AWS::SageMaker::Space.CustomImage" }, - "markdownDescription": "A list of metric objects. The `MetricDataItems` list can have one of the following values:\n\n- `bar_chart_metric`\n- `matrix_metric`\n- `simple_metric`\n- `linear_graph_metric`\n\nFor more information about the metric schema, see the definition section of the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", - "title": "MetricData", + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", + "title": "CustomImages", "type": "array" }, - "Name": { - "markdownDescription": "The metric group name.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "MetricData", - "Name" - ], - "type": "object" - }, - "AWS::SageMaker::ModelCard.ModelOverview": { - "additionalProperties": false, - "properties": { - "AlgorithmType": { - "markdownDescription": "The algorithm used to solve the problem.", - "title": "AlgorithmType", - "type": "string" - }, - "InferenceEnvironment": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceEnvironment", - "markdownDescription": "An overview about model inference.", - "title": "InferenceEnvironment" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", + "title": "DefaultResourceSpec" }, - "ModelArtifact": { + "LifecycleConfigArns": { "items": { "type": "string" }, - "markdownDescription": "The location of the model artifact.", - "title": "ModelArtifact", + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", "type": "array" - }, - "ModelCreator": { - "markdownDescription": "The creator of the model.", - "title": "ModelCreator", - "type": "string" - }, - "ModelDescription": { - "markdownDescription": "A description of the model.", - "title": "ModelDescription", - "type": "string" - }, - "ModelId": { - "markdownDescription": "The SageMaker AI Model ARN or non- SageMaker AI Model ID.", - "title": "ModelId", - "type": "string" - }, - "ModelName": { - "markdownDescription": "The name of the model.", - "title": "ModelName", - "type": "string" - }, - "ModelOwner": { - "markdownDescription": "The owner of the model.", - "title": "ModelOwner", - "type": "string" - }, - "ModelVersion": { - "markdownDescription": "The version of the model.", - "title": "ModelVersion", - "type": "number" - }, - "ProblemType": { - "markdownDescription": "The problem being solved with the model.", - "title": "ProblemType", - "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.ModelPackageCreator": { + "AWS::SageMaker::Space.OwnershipSettings": { "additionalProperties": false, "properties": { - "UserProfileName": { - "markdownDescription": "", - "title": "UserProfileName", + "OwnerUserProfileName": { + "markdownDescription": "The user profile who is the owner of the space.", + "title": "OwnerUserProfileName", "type": "string" } }, + "required": [ + "OwnerUserProfileName" + ], "type": "object" }, - "AWS::SageMaker::ModelCard.ModelPackageDetails": { + "AWS::SageMaker::Space.ResourceSpec": { "additionalProperties": false, "properties": { - "ApprovalDescription": { - "markdownDescription": "", - "title": "ApprovalDescription", - "type": "string" - }, - "CreatedBy": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageCreator", - "markdownDescription": "", - "title": "CreatedBy" - }, - "Domain": { - "markdownDescription": "", - "title": "Domain", - "type": "string" - }, - "InferenceSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceSpecification", - "markdownDescription": "", - "title": "InferenceSpecification" - }, - "ModelApprovalStatus": { - "markdownDescription": "", - "title": "ModelApprovalStatus", - "type": "string" - }, - "ModelPackageArn": { - "markdownDescription": "", - "title": "ModelPackageArn", - "type": "string" - }, - "ModelPackageDescription": { - "markdownDescription": "", - "title": "ModelPackageDescription", - "type": "string" - }, - "ModelPackageGroupName": { - "markdownDescription": "", - "title": "ModelPackageGroupName", - "type": "string" - }, - "ModelPackageName": { - "markdownDescription": "", - "title": "ModelPackageName", + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", "type": "string" }, - "ModelPackageStatus": { - "markdownDescription": "", - "title": "ModelPackageStatus", + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", "type": "string" }, - "ModelPackageVersion": { - "markdownDescription": "", - "title": "ModelPackageVersion", - "type": "number" - }, - "SourceAlgorithms": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.SourceAlgorithm" - }, - "markdownDescription": "", - "title": "SourceAlgorithms", - "type": "array" + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" }, - "Task": { - "markdownDescription": "", - "title": "Task", + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.ObjectiveFunction": { + "AWS::SageMaker::Space.S3FileSystem": { "additionalProperties": false, "properties": { - "Function": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.Function", - "markdownDescription": "A function object that details optimization direction, metric, and additional descriptions.", - "title": "Function" - }, - "Notes": { - "markdownDescription": "Notes about the object function, including other considerations for possible objective functions.", - "title": "Notes", + "S3Uri": { + "markdownDescription": "The Amazon S3 URI that specifies the location in S3 where files are stored, which is mounted within the Studio environment. For example: `s3:////` .", + "title": "S3Uri", "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.SecurityConfig": { + "AWS::SageMaker::Space.SpaceAppLifecycleManagement": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "A AWS Key Management Service [key ID](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id) used to encrypt a model card.", - "title": "KmsKeyId", - "type": "string" + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceIdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.SourceAlgorithm": { + "AWS::SageMaker::Space.SpaceCodeEditorAppSettings": { "additionalProperties": false, "properties": { - "AlgorithmName": { - "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", - "title": "AlgorithmName", - "type": "string" + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceAppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications in a space.", + "title": "AppLifecycleManagement" }, - "ModelDataUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", - "title": "ModelDataUrl", - "type": "string" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "DefaultResourceSpec" } }, - "required": [ - "AlgorithmName" - ], "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingDetails": { + "AWS::SageMaker::Space.SpaceIdleSettings": { "additionalProperties": false, "properties": { - "ObjectiveFunction": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.ObjectiveFunction", - "markdownDescription": "The function that is optimized during model training.", - "title": "ObjectiveFunction" - }, - "TrainingJobDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingJobDetails", - "markdownDescription": "Details about any associated training jobs.", - "title": "TrainingJobDetails" - }, - "TrainingObservations": { - "markdownDescription": "Any observations about training.", - "title": "TrainingObservations", - "type": "string" + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingEnvironment": { + "AWS::SageMaker::Space.SpaceJupyterLabAppSettings": { "additionalProperties": false, "properties": { - "ContainerImage": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceAppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of JupyterLab applications in a space.", + "title": "AppLifecycleManagement" + }, + "CodeRepositories": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SageMaker::Space.CodeRepository" }, - "markdownDescription": "SageMaker AI inference image URI.", - "title": "ContainerImage", + "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", + "title": "CodeRepositories", "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", + "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "title": "DefaultResourceSpec" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingHyperParameter": { + "AWS::SageMaker::Space.SpaceSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the hyper parameter.", - "title": "Name", + "AppType": { + "markdownDescription": "The type of app created within the space.\n\nIf using the [UpdateSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateSpace.html) API, you can't change the app type of your space by specifying a different value for this field.", + "title": "AppType", "type": "string" }, - "Value": { - "markdownDescription": "The value specified for the hyper parameter.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Name", - "Value" - ], - "type": "object" - }, - "AWS::SageMaker::ModelCard.TrainingJobDetails": { - "additionalProperties": false, - "properties": { - "HyperParameters": { + "CodeEditorAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceCodeEditorAppSettings", + "markdownDescription": "The Code Editor application settings.", + "title": "CodeEditorAppSettings" + }, + "CustomFileSystems": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" + "$ref": "#/definitions/AWS::SageMaker::Space.CustomFileSystem" }, - "markdownDescription": "The hyper parameters used in the training job.", - "title": "HyperParameters", + "markdownDescription": "A file system, created by you, that you assign to a space for an Amazon SageMaker AI Domain. Permitted users can access this file system in Amazon SageMaker AI Studio.", + "title": "CustomFileSystems", "type": "array" }, - "TrainingArn": { - "markdownDescription": "The SageMaker AI training job Amazon Resource Name (ARN)", - "title": "TrainingArn", - "type": "string" + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceJupyterLabAppSettings", + "markdownDescription": "The settings for the JupyterLab application.", + "title": "JupyterLabAppSettings" }, - "TrainingDatasets": { - "items": { - "type": "string" - }, - "markdownDescription": "The location of the datasets used to train the model.", - "title": "TrainingDatasets", - "type": "array" + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.JupyterServerAppSettings", + "markdownDescription": "The JupyterServer app settings.", + "title": "JupyterServerAppSettings" }, - "TrainingEnvironment": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingEnvironment", - "markdownDescription": "The SageMaker AI training job image URI.", - "title": "TrainingEnvironment" + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.KernelGatewayAppSettings", + "markdownDescription": "The KernelGateway app settings.", + "title": "KernelGatewayAppSettings" }, - "TrainingMetrics": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" - }, - "markdownDescription": "The SageMaker AI training job results.", - "title": "TrainingMetrics", - "type": "array" + "RemoteAccess": { + "markdownDescription": "A setting that enables or disables remote access for a SageMaker space. When enabled, this allows you to connect to the remote space from your local IDE.", + "title": "RemoteAccess", + "type": "string" }, - "UserProvidedHyperParameters": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" - }, - "markdownDescription": "Additional hyper parameters that you've specified when training the model.", - "title": "UserProvidedHyperParameters", - "type": "array" + "SpaceManagedResources": { + "markdownDescription": "If you enable this option, SageMaker AI creates the following resources on your behalf when you create the space:\n\n- The user profile that possesses the space.\n- The app that the space contains.", + "title": "SpaceManagedResources", + "type": "string" }, - "UserProvidedTrainingMetrics": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" - }, - "markdownDescription": "Custom training job results.", - "title": "UserProvidedTrainingMetrics", - "type": "array" + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.SpaceStorageSettings", + "markdownDescription": "The storage settings for a space.", + "title": "SpaceStorageSettings" } }, "type": "object" }, - "AWS::SageMaker::ModelCard.TrainingMetric": { + "AWS::SageMaker::Space.SpaceSharingSettings": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the result from the SageMaker AI training job.", - "title": "Name", - "type": "string" - }, - "Notes": { - "markdownDescription": "Any additional notes describing the result of the training job.", - "title": "Notes", + "SharingType": { + "markdownDescription": "Specifies the sharing type of the space.", + "title": "SharingType", "type": "string" - }, - "Value": { - "markdownDescription": "The value of a result from the SageMaker AI training job.", - "title": "Value", - "type": "number" } }, "required": [ - "Name", - "Value" + "SharingType" ], "type": "object" }, - "AWS::SageMaker::ModelCard.UserContext": { + "AWS::SageMaker::Space.SpaceStorageSettings": { "additionalProperties": false, "properties": { - "DomainId": { - "markdownDescription": "The domain associated with the user.", - "title": "DomainId", + "EbsStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::Space.EbsStorageSettings", + "markdownDescription": "A collection of EBS storage settings for a space.", + "title": "EbsStorageSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::StudioLifecycleConfig": { + "additionalProperties": false, + "properties": { + "Condition": { "type": "string" }, - "UserProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the user's profile.", - "title": "UserProfileArn", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "UserProfileName": { - "markdownDescription": "The name of the user's profile.", - "title": "UserProfileName", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "StudioLifecycleConfigAppType": { + "markdownDescription": "The App type to which the Lifecycle Configuration is attached.", + "title": "StudioLifecycleConfigAppType", + "type": "string" + }, + "StudioLifecycleConfigContent": { + "markdownDescription": "", + "title": "StudioLifecycleConfigContent", + "type": "string" + }, + "StudioLifecycleConfigName": { + "markdownDescription": "The name of the Amazon SageMaker AI Studio Lifecycle Configuration.", + "title": "StudioLifecycleConfigName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "StudioLifecycleConfigAppType", + "StudioLifecycleConfigContent", + "StudioLifecycleConfigName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::StudioLifecycleConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition": { + "AWS::SageMaker::UserProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -249280,77 +300637,49 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", + "DomainId": { + "markdownDescription": "The domain ID.", + "title": "DomainId", "type": "string" }, - "JobDefinitionName": { - "markdownDescription": "The name of the model explainability job definition. The name must be unique within an AWS Region in the AWS account.", - "title": "JobDefinitionName", + "SingleSignOnUserIdentifier": { + "markdownDescription": "A specifier for the type of value specified in SingleSignOnUserValue. Currently, the only supported value is \"UserName\". If the Domain's AuthMode is IAM Identity Center , this field is required. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", + "title": "SingleSignOnUserIdentifier", "type": "string" }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" - }, - "ModelExplainabilityAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification", - "markdownDescription": "Configures the model explainability job to run a specified Docker container image.", - "title": "ModelExplainabilityAppSpecification" - }, - "ModelExplainabilityBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig", - "markdownDescription": "The baseline configuration for a model explainability job.", - "title": "ModelExplainabilityBaselineConfig" - }, - "ModelExplainabilityJobInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput", - "markdownDescription": "Inputs for the model explainability job.", - "title": "ModelExplainabilityJobInput" - }, - "ModelExplainabilityJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "ModelExplainabilityJobOutputConfig" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig", - "markdownDescription": "Networking options for a model explainability job.", - "title": "NetworkConfig" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", + "SingleSignOnUserValue": { + "markdownDescription": "The username of the associated AWS Single Sign-On User for this UserProfile. If the Domain's AuthMode is IAM Identity Center , this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", + "title": "SingleSignOnUserValue", "type": "string" }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nTags that you specify for the User Profile are also added to all apps that the User Profile launches.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" + }, + "UserProfileName": { + "markdownDescription": "The user profile name.", + "title": "UserProfileName", + "type": "string" + }, + "UserSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.UserSettings", + "markdownDescription": "A collection of settings that apply to users of Amazon SageMaker Studio.", + "title": "UserSettings" } }, "required": [ - "JobResources", - "ModelExplainabilityAppSpecification", - "ModelExplainabilityJobInput", - "ModelExplainabilityJobOutputConfig", - "RoleArn" + "DomainId", + "UserProfileName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelExplainabilityJobDefinition" + "AWS::SageMaker::UserProfile" ], "type": "string" }, @@ -249369,387 +300698,711 @@ ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput": { + "AWS::SageMaker::UserProfile.AppLifecycleManagement": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", + "IdleSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.IdleSettings", + "markdownDescription": "Settings related to idle shutdown of Studio applications.", + "title": "IdleSettings" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.CodeEditorAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.AppLifecycleManagement", + "markdownDescription": "Settings that are used to configure and manage the lifecycle of CodeEditor applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", "type": "string" }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", + "title": "CustomImages", + "type": "array" }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", - "type": "string" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", + "title": "DefaultResourceSpec" }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.CodeRepository": { + "additionalProperties": false, + "properties": { + "RepositoryUrl": { + "markdownDescription": "The URL of the Git repository.", + "title": "RepositoryUrl", "type": "string" + } + }, + "required": [ + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.CustomFileSystemConfig": { + "additionalProperties": false, + "properties": { + "EFSFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.EFSFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon EFS file system.", + "title": "EFSFileSystemConfig" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" + "FSxLustreFileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.FSxLustreFileSystemConfig", + "markdownDescription": "The settings for a custom Amazon FSx for Lustre file system.", + "title": "FSxLustreFileSystemConfig" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", + "S3FileSystemConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.S3FileSystemConfig", + "markdownDescription": "Configuration settings for a custom Amazon S3 file system.", + "title": "S3FileSystemConfig" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.CustomImage": { + "additionalProperties": false, + "properties": { + "AppImageConfigName": { + "markdownDescription": "The name of the AppImageConfig.", + "title": "AppImageConfigName", "type": "string" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "ImageName": { + "markdownDescription": "The name of the CustomImage. Must be unique to your account.", + "title": "ImageName", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "ImageVersionNumber": { + "markdownDescription": "The version number of the CustomImage.", + "title": "ImageVersionNumber", + "type": "number" } }, "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" + "AppImageConfigName", + "ImageName" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig": { + "AWS::SageMaker::UserProfile.CustomPosixUserConfig": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", + "Gid": { + "markdownDescription": "The POSIX group ID.", + "title": "Gid", "type": "number" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", - "type": "string" - }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", - "type": "string" - }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", + "Uid": { + "markdownDescription": "The POSIX user ID.", + "title": "Uid", "type": "number" } }, "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" + "Gid", + "Uid" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource": { + "AWS::SageMaker::UserProfile.DefaultEbsStorageSettings": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", - "type": "string" + "DefaultEbsVolumeSizeInGb": { + "markdownDescription": "The default size of the EBS storage volume for a space.", + "title": "DefaultEbsVolumeSizeInGb", + "type": "number" + }, + "MaximumEbsVolumeSizeInGb": { + "markdownDescription": "The maximum size of the EBS storage volume for a space.", + "title": "MaximumEbsVolumeSizeInGb", + "type": "number" } }, + "required": [ + "DefaultEbsVolumeSizeInGb", + "MaximumEbsVolumeSizeInGb" + ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.Csv": { + "AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings": { "additionalProperties": false, "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" + "DefaultEbsStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultEbsStorageSettings", + "markdownDescription": "The default EBS storage settings for a space.", + "title": "DefaultEbsStorageSettings" } }, "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat": { + "AWS::SageMaker::UserProfile.EFSFileSystemConfig": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" - }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Json", - "markdownDescription": "", - "title": "Json" + "FileSystemId": { + "markdownDescription": "The ID of your Amazon EFS file system.", + "title": "FileSystemId", + "type": "string" }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", + "type": "string" } }, + "required": [ + "FileSystemId" + ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput": { + "AWS::SageMaker::UserProfile.FSxLustreFileSystemConfig": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", + "FileSystemId": { + "markdownDescription": "The globally unique, 17-digit, ID of the file system, assigned by Amazon FSx for Lustre.", + "title": "FileSystemId", "type": "string" }, - "FeaturesAttribute": { - "markdownDescription": "The attributes of the input data that are the input features.", - "title": "FeaturesAttribute", + "FileSystemPath": { + "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.", + "title": "FileSystemPath", "type": "string" - }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "AWS::SageMaker::UserProfile.HiddenSageMakerImage": { + "additionalProperties": false, + "properties": { + "SageMakerImageName": { + "markdownDescription": "The SageMaker image name that you are hiding from the Studio user interface.", + "title": "SageMakerImageName", "type": "string" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" + "VersionAliases": { + "items": { + "type": "string" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "VersionAliases", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.IdleSettings": { + "additionalProperties": false, + "properties": { + "IdleTimeoutInMinutes": { + "markdownDescription": "The time that SageMaker waits after the application becomes idle before shutting it down.", + "title": "IdleTimeoutInMinutes", + "type": "number" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", + "LifecycleManagement": { + "markdownDescription": "Indicates whether idle shutdown is activated for the application type.", + "title": "LifecycleManagement", "type": "string" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "MaxIdleTimeoutInMinutes": { + "markdownDescription": "The maximum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MaxIdleTimeoutInMinutes", + "type": "number" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "MinIdleTimeoutInMinutes": { + "markdownDescription": "The minimum value in minutes that custom idle shutdown can be set to by the user.", + "title": "MinIdleTimeoutInMinutes", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.JupyterLabAppSettings": { + "additionalProperties": false, + "properties": { + "AppLifecycleManagement": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.AppLifecycleManagement", + "markdownDescription": "Indicates whether idle shutdown is activated for JupyterLab applications.", + "title": "AppLifecycleManagement" + }, + "BuiltInLifecycleConfigArn": { + "markdownDescription": "The lifecycle configuration that runs before the default lifecycle configuration. It can override changes made in the default lifecycle configuration.", + "title": "BuiltInLifecycleConfigArn", "type": "string" + }, + "CodeRepositories": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeRepository" + }, + "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", + "title": "CodeRepositories", + "type": "array" + }, + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", + "title": "CustomImages", + "type": "array" + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, - "required": [ - "EndpointName", - "LocalPath" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.Json": { + "AWS::SageMaker::UserProfile.JupyterServerAppSettings": { "additionalProperties": false, "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the JupyterServerApp. If you use this parameter, the `DefaultResourceSpec` parameter is also required.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification": { + "AWS::SageMaker::UserProfile.KernelGatewayAppSettings": { "additionalProperties": false, "properties": { - "ConfigUri": { - "markdownDescription": "JSON formatted Amazon S3 file that defines explainability parameters. For more information on this JSON configuration file, see [Configure model explainability parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-model-explainability-parameters.html) .", - "title": "ConfigUri", - "type": "string" + "CustomImages": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + }, + "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", + "title": "CustomImages", + "type": "array" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the Docker container.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "DefaultResourceSpec": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", + "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", + "title": "DefaultResourceSpec" + }, + "LifecycleConfigArns": { + "items": { + "type": "string" }, - "title": "Environment", - "type": "object" + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configurations attached to the the user profile or domain.\n\n> To remove a Lifecycle Config, you must set `LifecycleConfigArns` to an empty list.", + "title": "LifecycleConfigArns", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SageMaker::UserProfile.RStudioServerProAppSettings": { + "additionalProperties": false, + "properties": { + "AccessStatus": { + "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", + "title": "AccessStatus", + "type": "string" }, - "ImageUri": { - "markdownDescription": "The container image to be run by the model explainability job.", - "title": "ImageUri", + "UserGroup": { + "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", + "title": "UserGroup", "type": "string" } }, - "required": [ - "ConfigUri", - "ImageUri" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig": { + "AWS::SageMaker::UserProfile.ResourceSpec": { "additionalProperties": false, "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the baseline model explainability job.", - "title": "BaseliningJobName", + "InstanceType": { + "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", + "title": "InstanceType", "type": "string" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a model explainability job.", - "title": "ConstraintsResource" + "LifecycleConfigArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", + "title": "LifecycleConfigArn", + "type": "string" + }, + "SageMakerImageArn": { + "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", + "title": "SageMakerImageArn", + "type": "string" + }, + "SageMakerImageVersionArn": { + "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", + "title": "SageMakerImageVersionArn", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput": { + "AWS::SageMaker::UserProfile.S3FileSystemConfig": { "additionalProperties": false, "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" + "MountPath": { + "markdownDescription": "The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment.", + "title": "MountPath", + "type": "string" }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" + "S3Uri": { + "markdownDescription": "The Amazon S3 URI of the S3 file system configuration.", + "title": "S3Uri", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput": { + "AWS::SageMaker::UserProfile.SharingSettings": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "NotebookOutputOption": { + "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", + "title": "NotebookOutputOption", + "type": "string" + }, + "S3KmsKeyId": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", + "title": "S3KmsKeyId", + "type": "string" + }, + "S3OutputPath": { + "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", + "title": "S3OutputPath", + "type": "string" } }, - "required": [ - "S3Output" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig": { + "AWS::SageMaker::UserProfile.StudioWebPortalSettings": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", - "type": "string" + "HiddenAppTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The [Applications supported in Studio](https://docs.aws.amazon.com/sagemaker/latest/dg/studio-updated-apps.html) that are hidden from the Studio left navigation pane.", + "title": "HiddenAppTypes", + "type": "array" }, - "MonitoringOutputs": { + "HiddenInstanceTypes": { "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput" + "type": "string" }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", + "markdownDescription": "The instance types you are hiding from the Studio user interface.", + "title": "HiddenInstanceTypes", + "type": "array" + }, + "HiddenMlTools": { + "items": { + "type": "string" + }, + "markdownDescription": "The machine learning tools that are hidden from the Studio left navigation pane.", + "title": "HiddenMlTools", + "type": "array" + }, + "HiddenSageMakerImageVersionAliases": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.HiddenSageMakerImage" + }, + "markdownDescription": "The version aliases you are hiding from the Studio user interface.", + "title": "HiddenSageMakerImageVersionAliases", "type": "array" } }, - "required": [ - "MonitoringOutputs" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources": { + "AWS::SageMaker::UserProfile.UserSettings": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "AutoMountHomeEFS": { + "markdownDescription": "Indicates whether auto-mounting of an EFS volume is supported for the user profile. The `DefaultAsDomain` value is only supported for user profiles. Do not use the `DefaultAsDomain` value when setting this parameter for a domain.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "AutoMountHomeEFS", + "type": "string" + }, + "CodeEditorAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeEditorAppSettings", + "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CodeEditorAppSettings" + }, + "CustomFileSystemConfigs": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomFileSystemConfig" + }, + "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomFileSystemConfigs", + "type": "array" + }, + "CustomPosixUserConfig": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomPosixUserConfig", + "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "CustomPosixUserConfig" + }, + "DefaultLandingUri": { + "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", + "title": "DefaultLandingUri", + "type": "string" + }, + "ExecutionRole": { + "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", + "title": "ExecutionRole", + "type": "string" + }, + "JupyterLabAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterLabAppSettings", + "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "JupyterLabAppSettings" + }, + "JupyterServerAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterServerAppSettings", + "markdownDescription": "The Jupyter server's app settings.", + "title": "JupyterServerAppSettings" + }, + "KernelGatewayAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.KernelGatewayAppSettings", + "markdownDescription": "The kernel gateway app settings.", + "title": "KernelGatewayAppSettings" + }, + "RStudioServerProAppSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.RStudioServerProAppSettings", + "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", + "title": "RStudioServerProAppSettings" + }, + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SecurityGroups", + "type": "array" + }, + "SharingSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.SharingSettings", + "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", + "title": "SharingSettings" + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings", + "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", + "title": "SpaceStorageSettings" + }, + "StudioWebPortal": { + "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", + "title": "StudioWebPortal", + "type": "string" + }, + "StudioWebPortalSettings": { + "$ref": "#/definitions/AWS::SageMaker::UserProfile.StudioWebPortalSettings", + "markdownDescription": "Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level.", + "title": "StudioWebPortalSettings" } }, - "required": [ - "ClusterConfig" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig": { + "AWS::SageMaker::Workteam": { "additionalProperties": false, "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" + "Condition": { + "type": "string" }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "A description of the work team.", + "title": "Description", + "type": "string" + }, + "MemberDefinitions": { + "items": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.MemberDefinition" + }, + "markdownDescription": "A list of `MemberDefinition` objects that contains objects that identify the workers that make up the work team.\n\nWorkforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use `CognitoMemberDefinition` . For workforces created using your own OIDC identity provider (IdP) use `OidcMemberDefinition` .", + "title": "MemberDefinitions", + "type": "array" + }, + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.NotificationConfiguration", + "markdownDescription": "Configures SNS notifications of available or expiring work items for work teams.", + "title": "NotificationConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs.", + "title": "Tags", + "type": "array" + }, + "WorkforceName": { + "markdownDescription": "The name of the workforce.", + "title": "WorkforceName", + "type": "string" + }, + "WorkteamName": { + "markdownDescription": "The name of the work team.", + "title": "WorkteamName", + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SageMaker::Workteam" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output": { + "AWS::SageMaker::Workteam.CognitoMemberDefinition": { "additionalProperties": false, "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", + "CognitoClientId": { + "markdownDescription": "An identifier for an application client. You must create the app client ID using Amazon Cognito .", + "title": "CognitoClientId", "type": "string" }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", + "CognitoUserGroup": { + "markdownDescription": "An identifier for a user group.", + "title": "CognitoUserGroup", "type": "string" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", + "CognitoUserPool": { + "markdownDescription": "An identifier for a user pool. The user pool must be in the same region as the service that you are calling.", + "title": "CognitoUserPool", "type": "string" } }, "required": [ - "LocalPath", - "S3Uri" + "CognitoClientId", + "CognitoUserGroup", + "CognitoUserPool" ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition": { + "AWS::SageMaker::Workteam.MemberDefinition": { "additionalProperties": false, "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" + "CognitoMemberDefinition": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.CognitoMemberDefinition", + "markdownDescription": "The Amazon Cognito user group that is part of the work team.", + "title": "CognitoMemberDefinition" + }, + "OidcMemberDefinition": { + "$ref": "#/definitions/AWS::SageMaker::Workteam.OidcMemberDefinition", + "markdownDescription": "A list user groups that exist in your OIDC Identity Provider (IdP). One to ten groups can be used to create a single private work team. When you add a user group to the list of `Groups` , you can add that user group to one or more private work teams. If you add a user group to a private work team, all workers in that user group are added to the work team.", + "title": "OidcMemberDefinition" } }, - "required": [ - "MaxRuntimeInSeconds" - ], "type": "object" }, - "AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig": { + "AWS::SageMaker::Workteam.NotificationConfiguration": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { + "NotificationTopicArn": { + "markdownDescription": "The ARN for the Amazon SNS topic to which notifications should be published.", + "title": "NotificationTopicArn", + "type": "string" + } + }, + "required": [ + "NotificationTopicArn" + ], + "type": "object" + }, + "AWS::SageMaker::Workteam.OidcMemberDefinition": { + "additionalProperties": false, + "properties": { + "OidcGroups": { "items": { "type": "string" }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", + "markdownDescription": "", + "title": "OidcGroups", "type": "array" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "OidcGroups" ], "type": "object" }, - "AWS::SageMaker::ModelPackage": { + "AWS::Scheduler::Schedule": { "additionalProperties": false, "properties": { "Condition": { @@ -249784,147 +301437,72 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalInferenceSpecifications": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" - }, - "markdownDescription": "An array of additional Inference Specification objects.", - "title": "AdditionalInferenceSpecifications", - "type": "array" - }, - "AdditionalInferenceSpecificationsToAdd": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" - }, - "markdownDescription": "An array of additional Inference Specification objects to be added to the existing array. The total number of additional Inference Specification objects cannot exceed 15. Each additional Inference Specification object specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts.", - "title": "AdditionalInferenceSpecificationsToAdd", - "type": "array" - }, - "ApprovalDescription": { - "markdownDescription": "A description provided when the model approval is set.", - "title": "ApprovalDescription", - "type": "string" - }, - "CertifyForMarketplace": { - "markdownDescription": "Whether the model package is to be certified to be listed on AWS Marketplace. For information about listing model packages on AWS Marketplace, see [List Your Algorithm or Model Package on AWS Marketplace](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-mkt-list.html) .", - "title": "CertifyForMarketplace", - "type": "boolean" - }, - "ClientToken": { - "markdownDescription": "A unique token that guarantees that the call to this API is idempotent.", - "title": "ClientToken", - "type": "string" - }, - "CustomerMetadataProperties": { - "additionalProperties": true, - "markdownDescription": "The metadata properties for the model package.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "CustomerMetadataProperties", - "type": "object" - }, - "Domain": { - "markdownDescription": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing.", - "title": "Domain", + "Description": { + "markdownDescription": "The description you specify for the schedule.", + "title": "Description", "type": "string" }, - "DriftCheckBaselines": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBaselines", - "markdownDescription": "Represents the drift check baselines that can be used when the model monitor is set using the model package.", - "title": "DriftCheckBaselines" - }, - "InferenceSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.InferenceSpecification", - "markdownDescription": "Defines how to perform inference generation after a training job is run.", - "title": "InferenceSpecification" - }, - "LastModifiedTime": { - "markdownDescription": "The last time the model package was modified.", - "title": "LastModifiedTime", + "EndDate": { + "markdownDescription": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the `EndDate` you specify.\nEventBridge Scheduler ignores `EndDate` for one-time schedules.", + "title": "EndDate", "type": "string" }, - "MetadataProperties": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetadataProperties", - "markdownDescription": "Metadata properties of the tracking entity, trial, or trial component.", - "title": "MetadataProperties" + "FlexibleTimeWindow": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.FlexibleTimeWindow", + "markdownDescription": "Allows you to configure a time window during which EventBridge Scheduler invokes the schedule.", + "title": "FlexibleTimeWindow" }, - "ModelApprovalStatus": { - "markdownDescription": "The approval status of the model. This can be one of the following values.\n\n- `APPROVED` - The model is approved\n- `REJECTED` - The model is rejected.\n- `PENDING_MANUAL_APPROVAL` - The model is waiting for manual approval.", - "title": "ModelApprovalStatus", + "GroupName": { + "markdownDescription": "The name of the schedule group associated with this schedule.", + "title": "GroupName", "type": "string" }, - "ModelMetrics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelMetrics", - "markdownDescription": "Metrics for the model.", - "title": "ModelMetrics" - }, - "ModelPackageDescription": { - "markdownDescription": "The description of the model package.", - "title": "ModelPackageDescription", + "KmsKeyArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the customer managed KMS key that EventBridge Scheduler will use to encrypt and decrypt your data.", + "title": "KmsKeyArn", "type": "string" }, - "ModelPackageGroupName": { - "markdownDescription": "The model group to which the model belongs.", - "title": "ModelPackageGroupName", + "Name": { + "markdownDescription": "The name of the schedule.", + "title": "Name", "type": "string" }, - "ModelPackageName": { - "markdownDescription": "The name of the model package. The name can be as follows:\n\n- For a versioned model, the name is automatically generated by SageMaker Model Registry and follows the format ' `ModelPackageGroupName/ModelPackageVersion` '.\n- For an unversioned model, you must provide the name.", - "title": "ModelPackageName", + "ScheduleExpression": { + "markdownDescription": "The expression that defines when the schedule runs. The following formats are supported.\n\n- `at` expression - `at(yyyy-mm-ddThh:mm:ss)`\n- `rate` expression - `rate(value unit)`\n- `cron` expression - `cron(fields)`\n\nYou can use `at` expressions to create one-time schedules that invoke a target once, at the time and in the time zone, that you specify. You can use `rate` and `cron` expressions to create recurring schedules. Rate-based schedules are useful when you want to invoke a target at regular intervals, such as every 15 minutes or every five days. Cron-based schedules are useful when you want to invoke a target periodically at a specific time, such as at 8:00 am (UTC+0) every 1st day of the month.\n\nA `cron` expression consists of six fields separated by white spaces: `(minutes hours day_of_month month day_of_week year)` .\n\nA `rate` expression consists of a *value* as a positive integer, and a *unit* with the following options: `minute` | `minutes` | `hour` | `hours` | `day` | `days`\n\nFor more information and examples, see [Schedule types on EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html) in the *EventBridge Scheduler User Guide* .", + "title": "ScheduleExpression", "type": "string" }, - "ModelPackageStatusDetails": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusDetails", - "markdownDescription": "Specifies the validation and image scan statuses of the model package.", - "title": "ModelPackageStatusDetails" - }, - "ModelPackageVersion": { - "markdownDescription": "The version number of a versioned model.", - "title": "ModelPackageVersion", - "type": "number" - }, - "SamplePayloadUrl": { - "markdownDescription": "The Amazon Simple Storage Service path where the sample payload are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", - "title": "SamplePayloadUrl", + "ScheduleExpressionTimezone": { + "markdownDescription": "The timezone in which the scheduling expression is evaluated.", + "title": "ScheduleExpressionTimezone", "type": "string" }, - "SkipModelValidation": { - "markdownDescription": "Indicates if you want to skip model validation.", - "title": "SkipModelValidation", + "StartDate": { + "markdownDescription": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the `StartDate` you specify.\nEventBridge Scheduler ignores `StartDate` for one-time schedules.", + "title": "StartDate", "type": "string" }, - "SourceAlgorithmSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification", - "markdownDescription": "A list of algorithms that were used to create a model package.", - "title": "SourceAlgorithmSpecification" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of the tags associated with the model package. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", - "title": "Tags", - "type": "array" - }, - "Task": { - "markdownDescription": "The machine learning task your model package accomplishes. Common machine learning tasks include object detection and image classification.", - "title": "Task", + "State": { + "markdownDescription": "Specifies whether the schedule is enabled or disabled.\n\n*Allowed Values* : `ENABLED` | `DISABLED`", + "title": "State", "type": "string" }, - "ValidationSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationSpecification", - "markdownDescription": "Specifies batch transform jobs that SageMaker runs to validate your model package.", - "title": "ValidationSpecification" + "Target": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.Target", + "markdownDescription": "The schedule's target details.", + "title": "Target" } }, + "required": [ + "FlexibleTimeWindow", + "ScheduleExpression", + "Target" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelPackage" + "AWS::Scheduler::Schedule" ], "type": "string" }, @@ -249938,743 +301516,956 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition": { + "AWS::Scheduler::Schedule.AwsVpcConfiguration": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" - }, - "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", - "title": "Containers", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the additional Inference specification", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "A unique name to identify the additional inference specification. The name must be unique within the list of your additional inference specifications for a particular model package.", - "title": "Name", + "AssignPublicIp": { + "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", + "title": "AssignPublicIp", "type": "string" }, - "SupportedContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The supported MIME types for the input data.", - "title": "SupportedContentTypes", - "type": "array" - }, - "SupportedRealtimeInferenceInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.", - "title": "SupportedRealtimeInferenceInstanceTypes", - "type": "array" - }, - "SupportedResponseMIMETypes": { + "SecurityGroups": { "items": { "type": "string" }, - "markdownDescription": "The supported MIME types for the output data.", - "title": "SupportedResponseMIMETypes", + "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", + "title": "SecurityGroups", "type": "array" }, - "SupportedTransformInstanceTypes": { + "Subnets": { "items": { "type": "string" }, - "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.", - "title": "SupportedTransformInstanceTypes", + "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", + "title": "Subnets", "type": "array" } }, "required": [ - "Containers", - "Name" + "Subnets" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.Bias": { + "AWS::Scheduler::Schedule.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { - "PostTrainingReport": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The post-training bias report for a model.", - "title": "PostTrainingReport" + "Base": { + "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of `0` is used.", + "title": "Base", + "type": "number" }, - "PreTrainingReport": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The pre-training bias report for a model.", - "title": "PreTrainingReport" + "CapacityProvider": { + "markdownDescription": "The short name of the capacity provider.", + "title": "CapacityProvider", + "type": "string" }, - "Report": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The bias report for a model", - "title": "Report" + "Weight": { + "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", + "title": "Weight", + "type": "number" } }, + "required": [ + "CapacityProvider" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.DataSource": { + "AWS::Scheduler::Schedule.DeadLetterConfig": { "additionalProperties": false, "properties": { - "S3DataSource": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3DataSource", - "markdownDescription": "The S3 location of the data source that is associated with a channel.", - "title": "S3DataSource" + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the SQS queue specified as the destination for the dead-letter queue.", + "title": "Arn", + "type": "string" } }, - "required": [ - "S3DataSource" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckBaselines": { + "AWS::Scheduler::Schedule.EcsParameters": { "additionalProperties": false, "properties": { - "Bias": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBias", - "markdownDescription": "Represents the drift check bias baselines that can be used when the model monitor is set using the model package.", - "title": "Bias" + "CapacityProviderStrategy": { + "items": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.CapacityProviderStrategyItem" + }, + "markdownDescription": "The capacity provider strategy to use for the task.", + "title": "CapacityProviderStrategy", + "type": "array" }, - "Explainability": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckExplainability", - "markdownDescription": "Represents the drift check explainability baselines that can be used when the model monitor is set using the model package.", - "title": "Explainability" + "EnableECSManagedTags": { + "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon ECS Developer Guide* .", + "title": "EnableECSManagedTags", + "type": "boolean" }, - "ModelDataQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality", - "markdownDescription": "Represents the drift check model data quality baselines that can be used when the model monitor is set using the model package.", - "title": "ModelDataQuality" + "EnableExecuteCommand": { + "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", + "title": "EnableExecuteCommand", + "type": "boolean" }, - "ModelQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelQuality", - "markdownDescription": "Represents the drift check model quality baselines that can be used when the model monitor is set using the model package.", - "title": "ModelQuality" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelPackage.DriftCheckBias": { - "additionalProperties": false, - "properties": { - "ConfigFile": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", - "markdownDescription": "The bias config file for a model.", - "title": "ConfigFile" + "Group": { + "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", + "title": "Group", + "type": "string" }, - "PostTrainingConstraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The post-training constraints.", - "title": "PostTrainingConstraints" + "LaunchType": { + "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html) in the *Amazon ECS Developer Guide* .", + "title": "LaunchType", + "type": "string" }, - "PreTrainingConstraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The pre-training constraints.", - "title": "PreTrainingConstraints" + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.NetworkConfiguration", + "markdownDescription": "This structure specifies the network configuration for an ECS task.", + "title": "NetworkConfiguration" + }, + "PlacementConstraints": { + "items": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementConstraint" + }, + "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", + "title": "PlacementConstraints", + "type": "array" + }, + "PlacementStrategy": { + "items": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementStrategy" + }, + "markdownDescription": "The task placement strategy for a task or service.", + "title": "PlacementStrategy", + "type": "array" + }, + "PlatformVersion": { + "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .", + "title": "PlatformVersion", + "type": "string" + }, + "PropagateTags": { + "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the Amazon ECS [`TagResource`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.", + "title": "PropagateTags", + "type": "string" + }, + "ReferenceId": { + "markdownDescription": "The reference ID to use for the task.", + "title": "ReferenceId", + "type": "string" + }, + "Tags": { + "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. For more information, see [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) in the *Amazon ECS API Reference* .", + "title": "Tags", + "type": "object" + }, + "TaskCount": { + "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is `1` .", + "title": "TaskCount", + "type": "number" + }, + "TaskDefinitionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the task definition to use if the event target is an Amazon ECS task.", + "title": "TaskDefinitionArn", + "type": "string" } }, + "required": [ + "TaskDefinitionArn" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckExplainability": { + "AWS::Scheduler::Schedule.EventBridgeParameters": { "additionalProperties": false, "properties": { - "ConfigFile": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", - "markdownDescription": "The explainability config file for the model.", - "title": "ConfigFile" + "DetailType": { + "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", + "title": "DetailType", + "type": "string" }, - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check explainability constraints.", - "title": "Constraints" + "Source": { + "markdownDescription": "The source of the event.", + "title": "Source", + "type": "string" } }, + "required": [ + "DetailType", + "Source" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality": { + "AWS::Scheduler::Schedule.FlexibleTimeWindow": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model data quality constraints.", - "title": "Constraints" + "MaximumWindowInMinutes": { + "markdownDescription": "The maximum time window during which a schedule can be invoked.\n\n*Minimum* : `1`\n\n*Maximum* : `1440`", + "title": "MaximumWindowInMinutes", + "type": "number" }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model data quality statistics.", - "title": "Statistics" + "Mode": { + "markdownDescription": "Determines whether the schedule is invoked within a flexible time window. You must use quotation marks when you specify this value in your JSON or YAML template.\n\n*Allowed Values* : `\"OFF\"` | `\"FLEXIBLE\"`", + "title": "Mode", + "type": "string" } }, + "required": [ + "Mode" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.DriftCheckModelQuality": { + "AWS::Scheduler::Schedule.KinesisParameters": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model quality constraints.", - "title": "Constraints" - }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The drift check model quality statistics.", - "title": "Statistics" + "PartitionKey": { + "markdownDescription": "Specifies the shard to which EventBridge Scheduler sends the event. For more information, see [Amazon Kinesis Data Streams terminology and concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html) in the *Amazon Kinesis Streams Developer Guide* .", + "title": "PartitionKey", + "type": "string" } }, + "required": [ + "PartitionKey" + ], "type": "object" }, - "AWS::SageMaker::ModelPackage.Explainability": { + "AWS::Scheduler::Schedule.NetworkConfiguration": { "additionalProperties": false, "properties": { - "Report": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "The explainability report for a model.", - "title": "Report" + "AwsvpcConfiguration": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.AwsVpcConfiguration", + "markdownDescription": "Specifies the Amazon VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode.", + "title": "AwsvpcConfiguration" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.FileSource": { + "AWS::Scheduler::Schedule.PlacementConstraint": { "additionalProperties": false, "properties": { - "ContentDigest": { - "markdownDescription": "The digest of the file source.", - "title": "ContentDigest", - "type": "string" - }, - "ContentType": { - "markdownDescription": "The type of content stored in the file source.", - "title": "ContentType", + "Expression": { + "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/latest/developerguide/cluster-query-language.html) in the *Amazon ECS Developer Guide* .", + "title": "Expression", "type": "string" }, - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the file source.", - "title": "S3Uri", + "Type": { + "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", + "title": "Type", "type": "string" } }, - "required": [ - "S3Uri" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.InferenceSpecification": { + "AWS::Scheduler::Schedule.PlacementStrategy": { "additionalProperties": false, "properties": { - "Containers": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" - }, - "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", - "title": "Containers", - "type": "array" - }, - "SupportedContentTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The supported MIME types for the input data.", - "title": "SupportedContentTypes", - "type": "array" - }, - "SupportedRealtimeInferenceInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.\n\nThis parameter is required for unversioned models, and optional for versioned models.", - "title": "SupportedRealtimeInferenceInstanceTypes", - "type": "array" - }, - "SupportedResponseMIMETypes": { - "items": { - "type": "string" - }, - "markdownDescription": "The supported MIME types for the output data.", - "title": "SupportedResponseMIMETypes", - "type": "array" + "Field": { + "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are `instanceId` (or `instanceId` , which has the same effect), or any platform or custom attribute that is applied to a container instance, such as `attribute:ecs.availability-zone` . For the binpack placement strategy, valid values are `cpu` and `memory` . For the random placement strategy, this field is not used.", + "title": "Field", + "type": "string" }, - "SupportedTransformInstanceTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.\n\nThis parameter is required for unversioned models, and optional for versioned models.", - "title": "SupportedTransformInstanceTypes", - "type": "array" + "Type": { + "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", + "title": "Type", + "type": "string" } }, - "required": [ - "Containers", - "SupportedContentTypes", - "SupportedResponseMIMETypes" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.MetadataProperties": { + "AWS::Scheduler::Schedule.RetryPolicy": { "additionalProperties": false, "properties": { - "CommitId": { - "markdownDescription": "The commit ID.", - "title": "CommitId", - "type": "string" - }, - "GeneratedBy": { - "markdownDescription": "The entity this entity was generated by.", - "title": "GeneratedBy", - "type": "string" - }, - "ProjectId": { - "markdownDescription": "The project ID.", - "title": "ProjectId", - "type": "string" + "MaximumEventAgeInSeconds": { + "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", + "title": "MaximumEventAgeInSeconds", + "type": "number" }, - "Repository": { - "markdownDescription": "The repository.", - "title": "Repository", - "type": "string" + "MaximumRetryAttempts": { + "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts with exponential backoff continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is reached.", + "title": "MaximumRetryAttempts", + "type": "number" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.MetricsSource": { + "AWS::Scheduler::Schedule.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { - "ContentDigest": { - "markdownDescription": "The hash key used for the metrics source.", - "title": "ContentDigest", - "type": "string" - }, - "ContentType": { - "markdownDescription": "The metric source content type.", - "title": "ContentType", + "Name": { + "markdownDescription": "Name of parameter to start execution of a SageMaker Model Building Pipeline.", + "title": "Name", "type": "string" }, - "S3Uri": { - "markdownDescription": "The S3 URI for the metrics source.", - "title": "S3Uri", + "Value": { + "markdownDescription": "Value of parameter to start execution of a SageMaker Model Building Pipeline.", + "title": "Value", "type": "string" } }, "required": [ - "ContentType", - "S3Uri" + "Name", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelDataQuality": { + "AWS::Scheduler::Schedule.SageMakerPipelineParameters": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Data quality constraints for a model.", - "title": "Constraints" - }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Data quality statistics for a model.", - "title": "Statistics" + "PipelineParameterList": { + "items": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameter" + }, + "markdownDescription": "List of parameter names and values to use when executing the SageMaker Model Building Pipeline.", + "title": "PipelineParameterList", + "type": "array" } }, "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelInput": { + "AWS::Scheduler::Schedule.SqsParameters": { "additionalProperties": false, "properties": { - "DataInputConfig": { - "markdownDescription": "The input configuration object for the model.", - "title": "DataInputConfig", + "MessageGroupId": { + "markdownDescription": "The FIFO message group ID to use as the target.", + "title": "MessageGroupId", "type": "string" } }, - "required": [ - "DataInputConfig" - ], - "type": "object" - }, - "AWS::SageMaker::ModelPackage.ModelMetrics": { - "additionalProperties": false, - "properties": { - "Bias": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Bias", - "markdownDescription": "Metrics that measure bias in a model.", - "title": "Bias" - }, - "Explainability": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Explainability", - "markdownDescription": "Metrics that help explain a model.", - "title": "Explainability" - }, - "ModelDataQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataQuality", - "markdownDescription": "Metrics that measure the quality of the input data for a model.", - "title": "ModelDataQuality" - }, - "ModelQuality": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelQuality", - "markdownDescription": "Metrics that measure the quality of a model.", - "title": "ModelQuality" - } - }, "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition": { + "AWS::Scheduler::Schedule.Target": { "additionalProperties": false, "properties": { - "ContainerHostname": { - "markdownDescription": "The DNS host name for the Docker container.", - "title": "ContainerHostname", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the target.", + "title": "Arn", "type": "string" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the `Environment` string to string map can have length of up to 1024. We support up to 16 entries in the map.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" + "DeadLetterConfig": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.DeadLetterConfig", + "markdownDescription": "An object that contains information about an Amazon SQS queue that EventBridge Scheduler uses as a dead-letter queue for your schedule. If specified, EventBridge Scheduler delivers failed events that could not be successfully delivered to a target to the queue.", + "title": "DeadLetterConfig" }, - "Framework": { - "markdownDescription": "The machine learning framework of the model package container image.", - "title": "Framework", - "type": "string" + "EcsParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.EcsParameters", + "markdownDescription": "The templated target type for the Amazon ECS [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API operation.", + "title": "EcsParameters" }, - "FrameworkVersion": { - "markdownDescription": "The framework version of the Model Package Container Image.", - "title": "FrameworkVersion", - "type": "string" + "EventBridgeParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.EventBridgeParameters", + "markdownDescription": "The templated target type for the EventBridge [`PutEvents`](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) API operation.", + "title": "EventBridgeParameters" }, - "Image": { - "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where inference code is stored.\n\nIf you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .", - "title": "Image", + "Input": { + "markdownDescription": "The text, or well-formed JSON, passed to the target. If you are configuring a templated Lambda , AWS Step Functions , or Amazon EventBridge target, the input must be a well-formed JSON. For all other target types, a JSON is not required. If you do not specify anything for this field, Amazon EventBridge Scheduler delivers a default notification to the target.", + "title": "Input", "type": "string" }, - "ImageDigest": { - "markdownDescription": "An MD5 hash of the training algorithm that identifies the Docker image used for training.", - "title": "ImageDigest", - "type": "string" + "KinesisParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.KinesisParameters", + "markdownDescription": "The templated target type for the Amazon Kinesis [`PutRecord`](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html) API operation.", + "title": "KinesisParameters" }, - "ModelDataUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model package.", - "title": "ModelDataUrl", + "RetryPolicy": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.RetryPolicy", + "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings, including the maximum age of an event, and the maximum number of times EventBridge Scheduler will try to deliver the event to a target.", + "title": "RetryPolicy" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that EventBridge Scheduler will use for this target when the schedule is invoked.", + "title": "RoleArn", "type": "string" }, - "ModelInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelInput", - "markdownDescription": "A structure with Model Input details.", - "title": "ModelInput" + "SageMakerPipelineParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameters", + "markdownDescription": "The templated target type for the Amazon SageMaker [`StartPipelineExecution`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) API operation.", + "title": "SageMakerPipelineParameters" }, - "NearestModelName": { - "markdownDescription": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. You can find a list of benchmarked models by calling `ListModelMetadata` .", - "title": "NearestModelName", - "type": "string" + "SqsParameters": { + "$ref": "#/definitions/AWS::Scheduler::Schedule.SqsParameters", + "markdownDescription": "The templated target type for the Amazon SQS [`SendMessage`](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html) API operation. Contains the message group ID to use when the target is a FIFO queue. If you specify an Amazon SQS FIFO queue as a target, the queue must have content-based deduplication enabled. For more information, see [Using the Amazon SQS message deduplication ID](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/using-messagededuplicationid-property.html) in the *Amazon SQS Developer Guide* .", + "title": "SqsParameters" } }, "required": [ - "Image" + "Arn", + "RoleArn" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelPackageStatusDetails": { - "additionalProperties": false, - "properties": { - "ValidationStatuses": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusItem" - }, - "markdownDescription": "The validation status of the model package.", - "title": "ValidationStatuses", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelPackage.ModelPackageStatusItem": { + "AWS::Scheduler::ScheduleGroup": { "additionalProperties": false, "properties": { - "FailureReason": { - "markdownDescription": "if the overall status is `Failed` , the reason for the failure.", - "title": "FailureReason", + "Condition": { "type": "string" }, - "Name": { - "markdownDescription": "The name of the model package for which the overall status is being reported.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "Status": { - "markdownDescription": "The current status.", - "title": "Status", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the schedule group.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Scheduler::ScheduleGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "Status" + "Type" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ModelQuality": { + "AWS::SecretsManager::ResourcePolicy": { "additionalProperties": false, "properties": { - "Constraints": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Model quality constraints.", - "title": "Constraints" + "Condition": { + "type": "string" }, - "Statistics": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", - "markdownDescription": "Model quality statistics.", - "title": "Statistics" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelPackage.S3DataSource": { - "additionalProperties": false, - "properties": { - "S3DataType": { - "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , `S3Uri` identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .\n\nIf you choose `Converse` , `S3Uri` identifies an Amazon S3 location that contains data formatted according to Converse format. This format structures conversational messages with specific roles and content types used for training and fine-tuning foundational models.", - "title": "S3DataType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "S3Uri": { - "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", - "title": "S3Uri", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "BlockPublicPolicy": { + "markdownDescription": "Specifies whether to block resource-based policies that allow broad access to the secret. By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.", + "title": "BlockPublicPolicy", + "type": "boolean" + }, + "ResourcePolicy": { + "markdownDescription": "A JSON-formatted string for an AWS resource-based policy. For example policies, see [Permissions policy examples](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html) .", + "title": "ResourcePolicy", + "type": "object" + }, + "SecretId": { + "markdownDescription": "The ARN or name of the secret to attach the resource-based policy.\n\nFor an ARN, we recommend that you specify a complete ARN rather than a partial ARN.", + "title": "SecretId", + "type": "string" + } + }, + "required": [ + "ResourcePolicy", + "SecretId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecretsManager::ResourcePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "S3DataType", - "S3Uri" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.SourceAlgorithm": { + "AWS::SecretsManager::RotationSchedule": { "additionalProperties": false, "properties": { - "AlgorithmName": { - "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", - "title": "AlgorithmName", + "Condition": { "type": "string" }, - "ModelDataUrl": { - "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", - "title": "ModelDataUrl", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "HostedRotationLambda": { + "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.HostedRotationLambda", + "markdownDescription": "Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) . To use a rotation function that already exists, specify `RotationLambdaARN` instead.\n\nYou must specify `Transform: AWS::SecretsManager-2024-09-16` at the beginning of the CloudFormation template. Transforms are macros hosted by AWS CloudFormation that help you create and manage complex infrastructure. The `Transform: AWS::SecretsManager-2024-09-16` transform automatically extends the CloudFormation stack to include a nested stack (of type `AWS::CloudFormation::Stack` ), which then creates and updates on your behalf during subsequent stack operations, the appropriate rotation Lambda function for your database or service. For general information on transforms, see the [AWS CloudFormation documentation.](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-reference.html)\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .", + "title": "HostedRotationLambda" + }, + "RotateImmediatelyOnUpdate": { + "markdownDescription": "Determines whether to rotate the secret immediately or wait until the next scheduled rotation window when the rotation schedule is updated. The rotation schedule is defined in `RotationRules` .\n\nThe default for `RotateImmediatelyOnUpdate` is `true` . If you don't specify this value, Secrets Manager rotates the secret immediately.\n\nIf you set `RotateImmediatelyOnUpdate` to `false` , Secrets Manager tests the rotation configuration by running the [`testSecret` step](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) of the Lambda rotation function. This test creates an `AWSPENDING` version of the secret and then removes it.\n\n> When changing an existing rotation schedule and setting `RotateImmediatelyOnUpdate` to `false` :\n> \n> - If using `AutomaticallyAfterDays` or a `ScheduleExpression` with `rate()` , the previously scheduled rotation might still occur.\n> - To prevent unintended rotations, use a `ScheduleExpression` with `cron()` for granular control over rotation windows. \n\nRotation is an asynchronous process. For more information, see [How rotation works](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) .", + "title": "RotateImmediatelyOnUpdate", + "type": "boolean" + }, + "RotationLambdaARN": { + "markdownDescription": "The ARN of an existing Lambda rotation function. To specify a rotation function that is also defined in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function.\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .\n\nTo create a new rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) , specify `HostedRotationLambda` instead.", + "title": "RotationLambdaARN", + "type": "string" + }, + "RotationRules": { + "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.RotationRules", + "markdownDescription": "A structure that defines the rotation configuration for this secret.", + "title": "RotationRules" + }, + "SecretId": { + "markdownDescription": "The ARN or name of the secret to rotate. This is unique for each rotation schedule definition.\n\nTo reference a secret also created in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID.", + "title": "SecretId", + "type": "string" + } + }, + "required": [ + "SecretId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecretsManager::RotationSchedule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "AlgorithmName" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification": { + "AWS::SecretsManager::RotationSchedule.HostedRotationLambda": { "additionalProperties": false, "properties": { - "SourceAlgorithms": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithm" - }, - "markdownDescription": "A list of the algorithms that were used to create a model package.", - "title": "SourceAlgorithms", - "type": "array" + "ExcludeCharacters": { + "markdownDescription": "A string of the characters that you don't want in the password.", + "title": "ExcludeCharacters", + "type": "string" + }, + "KmsKeyArn": { + "markdownDescription": "The ARN of the KMS key that Secrets Manager uses to encrypt the secret. If you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.", + "title": "KmsKeyArn", + "type": "string" + }, + "MasterSecretArn": { + "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", + "title": "MasterSecretArn", + "type": "string" + }, + "MasterSecretKmsKeyArn": { + "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", + "title": "MasterSecretKmsKeyArn", + "type": "string" + }, + "RotationLambdaName": { + "markdownDescription": "The name of the Lambda rotation function.", + "title": "RotationLambdaName", + "type": "string" + }, + "RotationType": { + "markdownDescription": "The rotation template to base the rotation function on, one of the following:\n\n- `Db2SingleUser` to use the template [SecretsManagerRDSDb2RotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-singleuser) .\n- `Db2MultiUser` to use the template [SecretsManagerRDSDb2RotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-multiuser) .\n- `MySQLSingleUser` to use the template [SecretsManagerRDSMySQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-singleuser) .\n- `MySQLMultiUser` to use the template [SecretsManagerRDSMySQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-multiuser) .\n- `PostgreSQLSingleUser` to use the template [SecretsManagerRDSPostgreSQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-singleuser)\n- `PostgreSQLMultiUser` to use the template [SecretsManagerRDSPostgreSQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-multiuser) .\n- `OracleSingleUser` to use the template [SecretsManagerRDSOracleRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-singleuser) .\n- `OracleMultiUser` to use the template [SecretsManagerRDSOracleRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-multiuser) .\n- `MariaDBSingleUser` to use the template [SecretsManagerRDSMariaDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-singleuser) .\n- `MariaDBMultiUser` to use the template [SecretsManagerRDSMariaDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-multiuser) .\n- `SQLServerSingleUser` to use the template [SecretsManagerRDSSQLServerRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-singleuser) .\n- `SQLServerMultiUser` to use the template [SecretsManagerRDSSQLServerRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-multiuser) .\n- `RedshiftSingleUser` to use the template [SecretsManagerRedshiftRotationSingleUsr](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-singleuser) .\n- `RedshiftMultiUser` to use the template [SecretsManagerRedshiftRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-multiuser) .\n- `MongoDBSingleUser` to use the template [SecretsManagerMongoDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-singleuser) .\n- `MongoDBMultiUser` to use the template [SecretsManagerMongoDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-multiuser) .", + "title": "RotationType", + "type": "string" + }, + "Runtime": { + "markdownDescription": "> Do not set this value if you are using `Transform: AWS::SecretsManager-2024-09-16` . Over time, the updated rotation lambda artifacts vended by AWS may not be compatible with the code or shared object files defined in the rotation function deployment package.\n> \n> Only define the `Runtime` key if:\n> \n> - You are using `Transform: AWS::SecretsManager-2020-07-23` .\n> - The code or shared object files defined in the rotation function deployment package are incompatible with Python 3.9. \n\nThe Python Runtime version for with the rotation function. By default, CloudFormation deploys Python 3.9 binaries for the rotation function. To use a different version of Python, you must do the following two steps:\n\n- Deploy the matching version Python binaries with your rotation function.\n- Set the version number in this field. For example, for Python 3.7, enter *python3.7* .\n\nIf you only do one of the steps, your rotation function will be incompatible with the binaries. For more information, see [Why did my Lambda rotation function fail with a \"pg module not found\" error](https://docs.aws.amazon.com/https://repost.aws/knowledge-center/secrets-manager-lambda-rotation) .", + "title": "Runtime", + "type": "string" + }, + "SuperuserSecretArn": { + "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", + "title": "SuperuserSecretArn", + "type": "string" + }, + "SuperuserSecretKmsKeyArn": { + "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", + "title": "SuperuserSecretKmsKeyArn", + "type": "string" + }, + "VpcSecurityGroupIds": { + "markdownDescription": "A comma-separated list of security group IDs applied to the target database.\n\nThe template applies the same security groups as on the Lambda rotation function that is created as part of this stack.", + "title": "VpcSecurityGroupIds", + "type": "string" + }, + "VpcSubnetIds": { + "markdownDescription": "A comma separated list of VPC subnet IDs of the target database network. The Lambda rotation function is in the same subnet group.", + "title": "VpcSubnetIds", + "type": "string" } }, "required": [ - "SourceAlgorithms" + "RotationType" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.TransformInput": { + "AWS::SecretsManager::RotationSchedule.RotationRules": { "additionalProperties": false, "properties": { - "CompressionType": { - "markdownDescription": "If your transform data is compressed, specify the compression type. Amazon SageMaker automatically decompresses the data for the transform job accordingly. The default value is `None` .", - "title": "CompressionType", - "type": "string" + "AutomaticallyAfterDays": { + "markdownDescription": "The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.\n\nIn `DescribeSecret` and `ListSecrets` , this value is calculated from the rotation schedule after every successful rotation. In `RotateSecret` , you can set the rotation schedule in `RotationRules` with `AutomaticallyAfterDays` or `ScheduleExpression` , but not both.", + "title": "AutomaticallyAfterDays", + "type": "number" }, - "ContentType": { - "markdownDescription": "The multipurpose internet mail extension (MIME) type of the data. Amazon SageMaker uses the MIME type with each http call to transfer data to the transform job.", - "title": "ContentType", + "Duration": { + "markdownDescription": "The length of the rotation window in hours, for example `3h` for a three hour window. Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the `ScheduleExpression` . If you don't specify a `Duration` , for a `ScheduleExpression` in hours, the window automatically closes after one hour. For a `ScheduleExpression` in days, the window automatically closes at the end of the UTC day. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* .", + "title": "Duration", "type": "string" }, - "DataSource": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DataSource", - "markdownDescription": "Describes the location of the channel data, which is, the S3 location of the input data that the model can consume.", - "title": "DataSource" - }, - "SplitType": { - "markdownDescription": "The method to use to split the transform job's data files into smaller batches. Splitting is necessary when the total size of each object is too large to fit in a single request. You can also use data splitting to improve performance by processing multiple concurrent mini-batches. The default value for `SplitType` is `None` , which indicates that input data files are not split, and request payloads contain the entire contents of an input object. Set the value of this parameter to `Line` to split records on a newline character boundary. `SplitType` also supports a number of record-oriented binary data formats. Currently, the supported record formats are:\n\n- RecordIO\n- TFRecord\n\nWhen splitting is enabled, the size of a mini-batch depends on the values of the `BatchStrategy` and `MaxPayloadInMB` parameters. When the value of `BatchStrategy` is `MultiRecord` , Amazon SageMaker sends the maximum number of records in each request, up to the `MaxPayloadInMB` limit. If the value of `BatchStrategy` is `SingleRecord` , Amazon SageMaker sends individual records in each request.\n\n> Some data formats represent a record as a binary payload wrapped with extra padding bytes. When splitting is applied to a binary data format, padding is removed if the value of `BatchStrategy` is set to `SingleRecord` . Padding is not removed if the value of `BatchStrategy` is set to `MultiRecord` .\n> \n> For more information about `RecordIO` , see [Create a Dataset Using RecordIO](https://docs.aws.amazon.com/https://mxnet.apache.org/api/faq/recordio) in the MXNet documentation. For more information about `TFRecord` , see [Consuming TFRecord data](https://docs.aws.amazon.com/https://www.tensorflow.org/guide/data#consuming_tfrecord_data) in the TensorFlow documentation.", - "title": "SplitType", + "ScheduleExpression": { + "markdownDescription": "A `cron()` or `rate()` expression that defines the schedule for rotating your secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager rotates your secret any time during a rotation window.\n\nSecrets Manager `rate()` expressions represent the interval in hours or days that you want to rotate your secret, for example `rate(12 hours)` or `rate(10 days)` . You can rotate a secret as often as every four hours. If you use a `rate()` expression, the rotation window starts at midnight. For a rate in hours, the default rotation window closes after one hour. For a rate in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.\n\nYou can use a `cron()` expression to create a rotation schedule that is more detailed than a rotation interval. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* . For a cron expression that represents a schedule in hours, the default rotation window closes after one hour. For a cron expression that represents a schedule in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.", + "title": "ScheduleExpression", "type": "string" } }, - "required": [ - "DataSource" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.TransformJobDefinition": { + "AWS::SecretsManager::Secret": { "additionalProperties": false, "properties": { - "BatchStrategy": { - "markdownDescription": "A string that determines the number of records included in a single mini-batch.\n\n`SingleRecord` means only one record is used per mini-batch. `MultiRecord` means a mini-batch is set to contain as many records that can fit within the `MaxPayloadInMB` limit.", - "title": "BatchStrategy", + "Condition": { "type": "string" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "The environment variables to set in the Docker container. We support up to 16 key and values entries in the map.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" } - }, - "title": "Environment", - "type": "object" - }, - "MaxConcurrentTransforms": { - "markdownDescription": "The maximum number of parallel requests that can be sent to each instance in a transform job. The default value is 1.", - "title": "MaxConcurrentTransforms", - "type": "number" + ] }, - "MaxPayloadInMB": { - "markdownDescription": "The maximum payload size allowed, in MB. A payload is the data portion of a record (without metadata).", - "title": "MaxPayloadInMB", - "type": "number" + "Metadata": { + "type": "object" }, - "TransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformInput", - "markdownDescription": "A description of the input source and the way the transform job consumes it.", - "title": "TransformInput" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the secret.", + "title": "Description", + "type": "string" + }, + "GenerateSecretString": { + "$ref": "#/definitions/AWS::SecretsManager::Secret.GenerateSecretString", + "markdownDescription": "A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use `SecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.\n\nWe recommend that you specify the maximum length and include every character type that the system you are generating a password for can support.", + "title": "GenerateSecretString" + }, + "KmsKeyId": { + "markdownDescription": "The ARN, key ID, or alias of the AWS KMS key that Secrets Manager uses to encrypt the secret value in the secret. An alias is always prefixed by `alias/` , for example `alias/aws/secretsmanager` . For more information, see [About aliases](https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html) .\n\nTo use a AWS KMS key in a different account, use the key ARN or the alias ARN.\n\nIf you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If that key doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.\n\nIf the secret is in a different AWS account from the credentials calling the API, then you can't use `aws/secretsmanager` to encrypt the secret, and you must create and use a customer managed AWS KMS key.", + "title": "KmsKeyId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the new secret.\n\nThe secret name can contain ASCII letters, numbers, and the following characters: /_+=.@-\n\nDo not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN.", + "title": "Name", + "type": "string" + }, + "ReplicaRegions": { + "items": { + "$ref": "#/definitions/AWS::SecretsManager::Secret.ReplicaRegion" + }, + "markdownDescription": "A custom type that specifies a `Region` and the `KmsKeyId` for a replica secret.", + "title": "ReplicaRegions", + "type": "array" + }, + "SecretString": { + "markdownDescription": "The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use `GenerateSecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.", + "title": "SecretString", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nStack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret.\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" }, - "TransformOutput": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformOutput", - "markdownDescription": "Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the transform job.", - "title": "TransformOutput" + "Type": { + "enum": [ + "AWS::SecretsManager::Secret" + ], + "type": "string" }, - "TransformResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformResources", - "markdownDescription": "Identifies the ML compute instances for the transform job.", - "title": "TransformResources" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "TransformInput", - "TransformOutput", - "TransformResources" + "Type" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.TransformOutput": { + "AWS::SecretsManager::Secret.GenerateSecretString": { "additionalProperties": false, "properties": { - "Accept": { - "markdownDescription": "The MIME type used to specify the output data. Amazon SageMaker uses the MIME type with each http call to transfer data from the transform job.", - "title": "Accept", + "ExcludeCharacters": { + "markdownDescription": "A string of the characters that you don't want in the password.", + "title": "ExcludeCharacters", "type": "string" }, - "AssembleWith": { - "markdownDescription": "Defines how to assemble the results of the transform job as a single S3 object. Choose a format that is most convenient to you. To concatenate the results in binary format, specify `None` . To add a newline character at the end of every transformed record, specify `Line` .", - "title": "AssembleWith", - "type": "string" + "ExcludeLowercase": { + "markdownDescription": "Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters.", + "title": "ExcludeLowercase", + "type": "boolean" }, - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. The `KmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nIf you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see [KMS-Managed Encryption Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Developer Guide.*\n\nThe KMS key policy must grant permission to the IAM role that you specify in your [CreateModel](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see [Using Key Policies in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKeyId", - "type": "string" + "ExcludeNumbers": { + "markdownDescription": "Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers.", + "title": "ExcludeNumbers", + "type": "boolean" }, - "S3OutputPath": { - "markdownDescription": "The Amazon S3 path where you want Amazon SageMaker to store the results of the transform job. For example, `s3://bucket-name/key-name-prefix` .\n\nFor every S3 object used as input for the transform job, batch transform stores the transformed data with an . `out` suffix in a corresponding subfolder in the location in the output prefix. For example, for the input data stored at `s3://bucket-name/input-name-prefix/dataset01/data.csv` , batch transform stores the transformed data at `s3://bucket-name/output-name-prefix/input-name-prefix/data.csv.out` . Batch transform doesn't upload partially processed objects. For an input S3 object that contains multiple records, it creates an . `out` file only if the transform job succeeds on the entire file. When the input contains multiple S3 objects, the batch transform job processes the listed S3 objects and uploads only the output for successfully processed objects. If any object fails in the transform job batch transform marks the job as failed to prompt investigation.", - "title": "S3OutputPath", + "ExcludePunctuation": { + "markdownDescription": "Specifies whether to exclude the following punctuation characters from the password: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~` . If you don't include this switch, the password can contain punctuation.", + "title": "ExcludePunctuation", + "type": "boolean" + }, + "ExcludeUppercase": { + "markdownDescription": "Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters.", + "title": "ExcludeUppercase", + "type": "boolean" + }, + "GenerateStringKey": { + "markdownDescription": "The JSON key name for the key/value pair, where the value is the generated password. This pair is added to the JSON structure specified by the `SecretStringTemplate` parameter. If you specify this parameter, then you must also specify `SecretStringTemplate` .", + "title": "GenerateStringKey", "type": "string" - } - }, - "required": [ - "S3OutputPath" - ], - "type": "object" - }, - "AWS::SageMaker::ModelPackage.TransformResources": { - "additionalProperties": false, - "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the transform job. The default value is `1` , and the maximum is `100` . For distributed transform jobs, specify a value greater than `1` .", - "title": "InstanceCount", + }, + "IncludeSpace": { + "markdownDescription": "Specifies whether to include the space character. If you include this switch, the password can contain space characters.", + "title": "IncludeSpace", + "type": "boolean" + }, + "PasswordLength": { + "markdownDescription": "The length of the password. If you don't include this parameter, the default length is 32 characters.", + "title": "PasswordLength", "type": "number" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the transform job. If you are using built-in algorithms to transform moderately sized datasets, we recommend using ml.m4.xlarge or `ml.m5.large` instance types.", - "title": "InstanceType", - "type": "string" + "RequireEachIncludedType": { + "markdownDescription": "Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type.", + "title": "RequireEachIncludedType", + "type": "boolean" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt model data on the storage volume attached to the ML compute instance(s) that run the batch transform job.\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `VolumeKmsKeyId` when using an instance type with local storage.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) . \n\nThe `VolumeKmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`", - "title": "VolumeKmsKeyId", + "SecretStringTemplate": { + "markdownDescription": "A template that the generated string must match. When you make a change to this property, a new secret version is created.", + "title": "SecretStringTemplate", "type": "string" } }, - "required": [ - "InstanceCount", - "InstanceType" - ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ValidationProfile": { + "AWS::SecretsManager::Secret.ReplicaRegion": { "additionalProperties": false, "properties": { - "ProfileName": { - "markdownDescription": "The name of the profile for the model package.", - "title": "ProfileName", + "KmsKeyId": { + "markdownDescription": "The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't include this field, Secrets Manager uses `aws/secretsmanager` .", + "title": "KmsKeyId", "type": "string" }, - "TransformJobDefinition": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformJobDefinition", - "markdownDescription": "The `TransformJobDefinition` object that describes the transform job used for the validation of the model package.", - "title": "TransformJobDefinition" + "Region": { + "markdownDescription": "A string that represents a `Region` , for example \"us-east-1\".", + "title": "Region", + "type": "string" } }, "required": [ - "ProfileName", - "TransformJobDefinition" + "Region" ], "type": "object" }, - "AWS::SageMaker::ModelPackage.ValidationSpecification": { + "AWS::SecretsManager::SecretTargetAttachment": { "additionalProperties": false, "properties": { - "ValidationProfiles": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationProfile" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "SecretId": { + "markdownDescription": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition.", + "title": "SecretId", + "type": "string" + }, + "TargetId": { + "markdownDescription": "The ID of the database or cluster.", + "title": "TargetId", + "type": "string" + }, + "TargetType": { + "markdownDescription": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster", + "title": "TargetType", + "type": "string" + } }, - "markdownDescription": "An array of `ModelPackageValidationProfile` objects, each of which specifies a batch transform job that SageMaker runs to validate your model package.", - "title": "ValidationProfiles", - "type": "array" + "required": [ + "SecretId", + "TargetId", + "TargetType" + ], + "type": "object" }, - "ValidationRole": { - "markdownDescription": "The IAM roles to be used for the validation of the model package.", - "title": "ValidationRole", + "Type": { + "enum": [ + "AWS::SecretsManager::SecretTargetAttachment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ValidationProfiles", - "ValidationRole" + "Type", + "Properties" ], "type": "object" }, - "AWS::SageMaker::ModelPackageGroup": { + "AWS::SecurityHub::AggregatorV2": { "additionalProperties": false, "properties": { "Condition": { @@ -250709,38 +302500,40 @@ "Properties": { "additionalProperties": false, "properties": { - "ModelPackageGroupDescription": { - "markdownDescription": "The description for the model group.", - "title": "ModelPackageGroupDescription", - "type": "string" + "LinkedRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of Regions that are linked to the aggregation Region.", + "title": "LinkedRegions", + "type": "array" }, - "ModelPackageGroupName": { - "markdownDescription": "The name of the model group.", - "title": "ModelPackageGroupName", + "RegionLinkingMode": { + "markdownDescription": "Determines how Regions are linked to an Aggregator V2.", + "title": "RegionLinkingMode", "type": "string" }, - "ModelPackageGroupPolicy": { - "markdownDescription": "A resouce policy to control access to a model group. For information about resoure policies, see [Identity-based policies and resource-based policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html) in the *AWS Identity and Access Management User Guide.* .", - "title": "ModelPackageGroupPolicy", - "type": "object" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "A list of key-value pairs to be applied to the AggregatorV2.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "ModelPackageGroupName" + "LinkedRegions", + "RegionLinkingMode" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelPackageGroup" + "AWS::SecurityHub::AggregatorV2" ], "type": "string" }, @@ -250759,7 +302552,7 @@ ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition": { + "AWS::SecurityHub::AutomationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -250794,77 +302587,68 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "", - "title": "EndpointName", - "type": "string" - }, - "JobDefinitionName": { - "markdownDescription": "The name of the monitoring job definition.", - "title": "JobDefinitionName", - "type": "string" - }, - "JobResources": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources", - "markdownDescription": "Identifies the resources to deploy for a monitoring job.", - "title": "JobResources" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesAction" + }, + "markdownDescription": "One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .", + "title": "Actions", + "type": "array" }, - "ModelQualityAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification", - "markdownDescription": "Container image configuration object for the monitoring job.", - "title": "ModelQualityAppSpecification" + "Criteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters", + "markdownDescription": "A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.", + "title": "Criteria" }, - "ModelQualityBaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig", - "markdownDescription": "Specifies the constraints and baselines for the monitoring job.", - "title": "ModelQualityBaselineConfig" + "Description": { + "markdownDescription": "A description of the rule.", + "title": "Description", + "type": "string" }, - "ModelQualityJobInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput", - "markdownDescription": "A list of the inputs that are monitored. Currently endpoints are supported.", - "title": "ModelQualityJobInput" + "IsTerminal": { + "markdownDescription": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.", + "title": "IsTerminal", + "type": "boolean" }, - "ModelQualityJobOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig", - "markdownDescription": "The output configuration for monitoring jobs.", - "title": "ModelQualityJobOutputConfig" + "RuleName": { + "markdownDescription": "The name of the rule.", + "title": "RuleName", + "type": "string" }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig", - "markdownDescription": "Specifies the network configuration for the monitoring job.", - "title": "NetworkConfig" + "RuleOrder": { + "markdownDescription": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.", + "title": "RuleOrder", + "type": "number" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", - "title": "RoleArn", + "RuleStatus": { + "markdownDescription": "Whether the rule is active after it is created. If this parameter is equal to `ENABLED` , Security Hub applies the rule to findings and finding updates after the rule is created.", + "title": "RuleStatus", "type": "string" }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition", - "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", - "title": "StoppingCondition" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "User-defined tags associated with an automation rule.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "JobResources", - "ModelQualityAppSpecification", - "ModelQualityJobInput", - "ModelQualityJobOutputConfig", - "RoleArn" + "Actions", + "Criteria", + "Description", + "RuleName", + "RuleOrder" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::ModelQualityJobDefinition" + "AWS::SecurityHub::AutomationRule" ], "type": "string" }, @@ -250883,455 +302667,559 @@ ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput": { + "AWS::SecurityHub::AutomationRule.AutomationRulesAction": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" - }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" - }, - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" - }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" - }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" - }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" - }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" - }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "FindingFieldsUpdate": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate", + "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", + "title": "FindingFieldsUpdate" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", + "Type": { + "markdownDescription": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.", + "title": "Type", "type": "string" } }, "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" + "FindingFieldsUpdate", + "Type" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig": { + "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", + "Confidence": { + "markdownDescription": "The rule action updates the `Confidence` field of a finding.", + "title": "Confidence", "type": "number" }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", - "type": "string" + "Criticality": { + "markdownDescription": "The rule action updates the `Criticality` field of a finding.", + "title": "Criticality", + "type": "number" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", - "type": "string" + "Note": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NoteUpdate", + "markdownDescription": "The rule action will update the `Note` field of a finding.", + "title": "Note" }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", - "type": "number" - } - }, - "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" - ], - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", + "RelatedFindings": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.RelatedFinding" + }, + "markdownDescription": "The rule action will update the `RelatedFindings` field of a finding.", + "title": "RelatedFindings", + "type": "array" + }, + "Severity": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.SeverityUpdate", + "markdownDescription": "The rule action will update the `Severity` field of a finding.", + "title": "Severity" + }, + "Types": { + "items": { + "type": "string" + }, + "markdownDescription": "The rule action updates the `Types` field of a finding.", + "title": "Types", + "type": "array" + }, + "UserDefinedFields": { + "additionalProperties": true, + "markdownDescription": "The rule action updates the `UserDefinedFields` field of a finding.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "UserDefinedFields", + "type": "object" + }, + "VerificationState": { + "markdownDescription": "The rule action updates the `VerificationState` field of a finding.", + "title": "VerificationState", "type": "string" + }, + "Workflow": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.WorkflowUpdate", + "markdownDescription": "The rule action will update the `Workflow` field of a finding.", + "title": "Workflow" } }, "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.Csv": { - "additionalProperties": false, - "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat": { + "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Csv", - "markdownDescription": "", - "title": "Csv" + "AwsAccountId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The AWS account ID in which a finding was generated.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "AwsAccountId", + "type": "array" }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Json", - "markdownDescription": "", - "title": "Json" + "CompanyName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The name of the company for the product that generated the finding. For control-based findings, the company is AWS .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "CompanyName", + "type": "array" }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.EndpointInput": { - "additionalProperties": false, - "properties": { - "EndTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "EndTimeOffset", - "type": "string" + "ComplianceAssociatedStandardsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ComplianceAssociatedStandardsId", + "type": "array" }, - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" + "ComplianceSecurityControlId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The security control ID for which a finding was generated. Security control IDs are the same across standards.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ComplianceSecurityControlId", + "type": "array" }, - "InferenceAttribute": { - "markdownDescription": "The attribute of the input data that represents the ground truth label.", - "title": "InferenceAttribute", - "type": "string" + "ComplianceStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The result of a security check. This field is only used for findings generated from controls.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ComplianceStatus", + "type": "array" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" + "Confidence": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" + }, + "markdownDescription": "The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. `Confidence` is scored on a 0\u2013100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Confidence", + "type": "array" }, - "ProbabilityAttribute": { - "markdownDescription": "In a classification problem, the attribute that represents the class probability.", - "title": "ProbabilityAttribute", - "type": "string" + "CreatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when this finding record was created.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "CreatedAt", + "type": "array" }, - "ProbabilityThresholdAttribute": { - "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", - "title": "ProbabilityThresholdAttribute", - "type": "number" + "Criticality": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" + }, + "markdownDescription": "The level of importance that is assigned to the resources that are associated with a finding. `Criticality` is scored on a 0\u2013100 basis, using a ratio scale that supports only full integers. A score of `0` means that the underlying resources have no criticality, and a score of `100` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Criticality", + "type": "array" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "Description": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "A finding's description.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Description", + "type": "array" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "FirstObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "FirstObservedAt", + "type": "array" }, - "StartTimeOffset": { - "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", - "title": "StartTimeOffset", - "type": "string" - } - }, - "required": [ - "EndpointName", - "LocalPath" - ], - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.Json": { - "additionalProperties": false, - "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification": { - "additionalProperties": false, - "properties": { - "ContainerArguments": { + "GeneratorId": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, - "markdownDescription": "An array of arguments for the container used to run the monitoring job.", - "title": "ContainerArguments", + "markdownDescription": "The identifier for the solution-specific component that generated a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "GeneratorId", "type": "array" }, - "ContainerEntrypoint": { + "Id": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, - "markdownDescription": "Specifies the entrypoint for a container that the monitoring job runs.", - "title": "ContainerEntrypoint", + "markdownDescription": "The product-specific identifier for a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Id", "type": "array" }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "LastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" }, - "title": "Environment", - "type": "object" + "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "LastObservedAt", + "type": "array" }, - "ImageUri": { - "markdownDescription": "The address of the container image that the monitoring job runs.", - "title": "ImageUri", - "type": "string" + "NoteText": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The text of a user-defined note that's added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "NoteText", + "type": "array" }, - "PostAnalyticsProcessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", - "title": "PostAnalyticsProcessorSourceUri", - "type": "string" + "NoteUpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "The timestamp of when the note was updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "NoteUpdatedAt", + "type": "array" }, - "ProblemType": { - "markdownDescription": "The machine learning problem type of the model that the monitoring job monitors.", - "title": "ProblemType", - "type": "string" + "NoteUpdatedBy": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The principal that created a note.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "NoteUpdatedBy", + "type": "array" }, - "RecordPreprocessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", - "title": "RecordPreprocessorSourceUri", - "type": "string" - } - }, - "required": [ - "ImageUri", - "ProblemType" - ], - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig": { - "additionalProperties": false, - "properties": { - "BaseliningJobName": { - "markdownDescription": "The name of the job that performs baselining for the monitoring job.", - "title": "BaseliningJobName", - "type": "string" + "ProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ProductArn", + "type": "array" }, - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource", - "markdownDescription": "The constraints resource for a monitoring job.", - "title": "ConstraintsResource" - } - }, - "type": "object" - }, - "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput": { - "additionalProperties": false, - "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" + "ProductName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ProductName", + "type": "array" }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.EndpointInput", - "markdownDescription": "Input object for the endpoint", - "title": "EndpointInput" + "RecordState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides the current state of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "RecordState", + "type": "array" }, - "GroundTruthS3Input": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input", - "markdownDescription": "The ground truth label provided for the model.", - "title": "GroundTruthS3Input" + "RelatedFindingsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "RelatedFindingsId", + "type": "array" + }, + "RelatedFindingsProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The ARN for the product that generated a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "RelatedFindingsProductArn", + "type": "array" + }, + "ResourceDetailsOther": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" + }, + "markdownDescription": "Custom fields and values about the resource that a finding pertains to.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourceDetailsOther", + "type": "array" + }, + "ResourceId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non- AWS resources, this is a unique identifier that is associated with the resource.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "ResourceId", + "type": "array" + }, + "ResourcePartition": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions . Each AWS account is scoped to one partition.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourcePartition", + "type": "array" + }, + "ResourceRegion": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The AWS Region where the resource that a finding pertains to is located.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourceRegion", + "type": "array" + }, + "ResourceTags": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" + }, + "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "ResourceTags", + "type": "array" + }, + "ResourceType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "ResourceType", + "type": "array" + }, + "SeverityLabel": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "The severity value of the finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "SeverityLabel", + "type": "array" + }, + "SourceUrl": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides a URL that links to a page about the current finding in the finding product.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "SourceUrl", + "type": "array" + }, + "Title": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", + "title": "Title", + "type": "array" + }, + "Type": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Type", + "type": "array" + }, + "UpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the finding record was most recently updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "UpdatedAt", + "type": "array" + }, + "UserDefinedFields": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" + }, + "markdownDescription": "A list of user-defined name and value string pairs added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "UserDefinedFields", + "type": "array" + }, + "VerificationState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides the veracity of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "VerificationState", + "type": "array" + }, + "WorkflowStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" + }, + "markdownDescription": "Provides information about the status of the investigation into a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "WorkflowStatus", + "type": "array" } }, - "required": [ - "GroundTruthS3Input" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input": { + "AWS::SecurityHub::AutomationRule.DateFilter": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", - "title": "S3Uri", + "DateRange": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateRange", + "markdownDescription": "A date range for the date filter.", + "title": "DateRange" + }, + "End": { + "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "End", + "type": "string" + }, + "Start": { + "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "Start", "type": "string" } }, - "required": [ - "S3Uri" - ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput": { + "AWS::SecurityHub::AutomationRule.DateRange": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "Unit": { + "markdownDescription": "A date range unit for the date filter.", + "title": "Unit", + "type": "string" + }, + "Value": { + "markdownDescription": "A date range value for the date filter.", + "title": "Value", + "type": "number" } }, "required": [ - "S3Output" + "Unit", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig": { + "AWS::SecurityHub::AutomationRule.MapFilter": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", + "Comparison": { + "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", "type": "string" }, - "MonitoringOutputs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput" - }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", - "type": "array" + "Key": { + "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "title": "Value", + "type": "string" } }, "required": [ - "MonitoringOutputs" + "Comparison", + "Key", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources": { + "AWS::SecurityHub::AutomationRule.NoteUpdate": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "Text": { + "markdownDescription": "The updated note text.", + "title": "Text", + "type": "string" + }, + "UpdatedBy": { + "markdownDescription": "The principal that updated the note.", + "title": "UpdatedBy", + "type": "object" } }, "required": [ - "ClusterConfig" + "Text", + "UpdatedBy" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig": { + "AWS::SecurityHub::AutomationRule.NumberFilter": { "additionalProperties": false, "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" + "Eq": { + "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", + "title": "Eq", + "type": "number" }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" + "Gte": { + "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "title": "Gte", + "type": "number" }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", - "title": "VpcConfig" + "Lte": { + "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", + "title": "Lte", + "type": "number" } }, "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.S3Output": { + "AWS::SecurityHub::AutomationRule.RelatedFinding": { "additionalProperties": false, "properties": { - "LocalPath": { - "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", - "type": "string" - }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", - "type": "string" + "Id": { + "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", + "title": "Id", + "type": "object" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", - "title": "S3Uri", + "ProductArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the product that generated a related finding.", + "title": "ProductArn", "type": "string" } }, "required": [ - "LocalPath", - "S3Uri" + "Id", + "ProductArn" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition": { + "AWS::SecurityHub::AutomationRule.SeverityUpdate": { "additionalProperties": false, "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", + "Label": { + "markdownDescription": "The severity value of the finding. The allowed values are the following.\n\n- `INFORMATIONAL` - No issue was found.\n- `LOW` - The issue does not require action on its own.\n- `MEDIUM` - The issue must be addressed but not urgently.\n- `HIGH` - The issue must be addressed as a priority.\n- `CRITICAL` - The issue must be remediated immediately to avoid it escalating.", + "title": "Label", + "type": "string" + }, + "Normalized": { + "markdownDescription": "The normalized severity for the finding. This attribute is to be deprecated in favor of `Label` .\n\nIf you provide `Normalized` and don't provide `Label` , `Label` is set automatically as follows.\n\n- 0 - `INFORMATIONAL`\n- 1\u201339 - `LOW`\n- 40\u201369 - `MEDIUM`\n- 70\u201389 - `HIGH`\n- 90\u2013100 - `CRITICAL`", + "title": "Normalized", + "type": "number" + }, + "Product": { + "markdownDescription": "The native severity as defined by the AWS service or integrated partner product that generated the finding.", + "title": "Product", "type": "number" } }, + "type": "object" + }, + "AWS::SecurityHub::AutomationRule.StringFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" + }, + "Value": { + "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", + "title": "Value", + "type": "string" + } + }, "required": [ - "MaxRuntimeInSeconds" + "Comparison", + "Value" ], "type": "object" }, - "AWS::SageMaker::ModelQualityJobDefinition.VpcConfig": { + "AWS::SecurityHub::AutomationRule.WorkflowUpdate": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "Status": { + "markdownDescription": "The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the same issue.\n\nThe allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets `WorkFlowStatus` from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- The record state changes from `ARCHIVED` to `ACTIVE` .\n- The compliance status changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated.", + "title": "Status", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "Status" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule": { + "AWS::SecurityHub::AutomationRuleV2": { "additionalProperties": false, "properties": { "Condition": { @@ -251366,54 +303254,63 @@ "Properties": { "additionalProperties": false, "properties": { - "EndpointName": { - "markdownDescription": "The name of the endpoint using the monitoring schedule.", - "title": "EndpointName", - "type": "string" - }, - "FailureReason": { - "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", - "title": "FailureReason", - "type": "string" + "Actions": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.AutomationRulesActionV2" + }, + "markdownDescription": "A list of actions to be performed when the rule criteria is met.", + "title": "Actions", + "type": "array" }, - "LastMonitoringExecutionSummary": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary", - "markdownDescription": "Describes metadata on the last execution to run, if there was one.", - "title": "LastMonitoringExecutionSummary" + "Criteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.Criteria", + "markdownDescription": "The filtering type and configuration of the automation rule.", + "title": "Criteria" }, - "MonitoringScheduleConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig", - "markdownDescription": "The configuration object that specifies the monitoring schedule and defines the monitoring job.", - "title": "MonitoringScheduleConfig" + "Description": { + "markdownDescription": "A description of the V2 automation rule.", + "title": "Description", + "type": "string" }, - "MonitoringScheduleName": { - "markdownDescription": "The name of the monitoring schedule.", - "title": "MonitoringScheduleName", + "RuleName": { + "markdownDescription": "The name of the V2 automation rule.", + "title": "RuleName", "type": "string" }, - "MonitoringScheduleStatus": { - "markdownDescription": "The status of the monitoring schedule.", - "title": "MonitoringScheduleStatus", + "RuleOrder": { + "markdownDescription": "The value for the rule priority.", + "title": "RuleOrder", + "type": "number" + }, + "RuleStatus": { + "markdownDescription": "The status of the V2 automation rule.", + "title": "RuleStatus", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "A list of key-value pairs associated with the V2 automation rule.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", - "type": "array" + "type": "object" } }, "required": [ - "MonitoringScheduleConfig", - "MonitoringScheduleName" + "Actions", + "Criteria", + "Description", + "RuleName", + "RuleOrder" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::MonitoringSchedule" + "AWS::SecurityHub::AutomationRuleV2" ], "type": "string" }, @@ -251432,557 +303329,366 @@ ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.BaselineConfig": { - "additionalProperties": false, - "properties": { - "ConstraintsResource": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ConstraintsResource", - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "ConstraintsResource" - }, - "StatisticsResource": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StatisticsResource", - "markdownDescription": "The baseline statistics file in Amazon S3 that the current monitoring job should be validated against.", - "title": "StatisticsResource" - } - }, - "type": "object" - }, - "AWS::SageMaker::MonitoringSchedule.BatchTransformInput": { + "AWS::SecurityHub::AutomationRuleV2.AutomationRulesActionV2": { "additionalProperties": false, "properties": { - "DataCapturedDestinationS3Uri": { - "markdownDescription": "The Amazon S3 location being used to capture the data.", - "title": "DataCapturedDestinationS3Uri", - "type": "string" - }, - "DatasetFormat": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.DatasetFormat", - "markdownDescription": "The dataset format for your batch transform job.", - "title": "DatasetFormat" - }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", - "type": "string" - }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", - "title": "LocalPath", - "type": "string" + "ExternalIntegrationConfiguration": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.ExternalIntegrationConfiguration", + "markdownDescription": "The settings for integrating automation rule actions with external systems or service.", + "title": "ExternalIntegrationConfiguration" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", - "type": "string" + "FindingFieldsUpdate": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.AutomationRulesFindingFieldsUpdateV2", + "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", + "title": "FindingFieldsUpdate" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", + "Type": { + "markdownDescription": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.", + "title": "Type", "type": "string" } }, "required": [ - "DataCapturedDestinationS3Uri", - "DatasetFormat", - "LocalPath" + "Type" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.ClusterConfig": { + "AWS::SecurityHub::AutomationRuleV2.AutomationRulesFindingFieldsUpdateV2": { "additionalProperties": false, "properties": { - "InstanceCount": { - "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", - "title": "InstanceCount", - "type": "number" - }, - "InstanceType": { - "markdownDescription": "The ML compute instance type for the processing job.", - "title": "InstanceType", + "Comment": { + "markdownDescription": "Notes or contextual information for findings that are modified by the automation rule.", + "title": "Comment", "type": "string" }, - "VolumeKmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", - "title": "VolumeKmsKeyId", - "type": "string" + "SeverityId": { + "markdownDescription": "The severity level to be assigned to findings that match the automation rule criteria.", + "title": "SeverityId", + "type": "number" }, - "VolumeSizeInGB": { - "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", - "title": "VolumeSizeInGB", + "StatusId": { + "markdownDescription": "The status to be applied to findings that match automation rule criteria.", + "title": "StatusId", "type": "number" } }, - "required": [ - "InstanceCount", - "InstanceType", - "VolumeSizeInGB" - ], - "type": "object" - }, - "AWS::SageMaker::MonitoringSchedule.ConstraintsResource": { - "additionalProperties": false, - "properties": { - "S3Uri": { - "markdownDescription": "The Amazon S3 URI for the constraints resource.", - "title": "S3Uri", - "type": "string" - } - }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.Csv": { + "AWS::SecurityHub::AutomationRuleV2.BooleanFilter": { "additionalProperties": false, "properties": { - "Header": { - "markdownDescription": "", - "title": "Header", + "Value": { + "markdownDescription": "The value of the boolean.", + "title": "Value", "type": "boolean" } }, + "required": [ + "Value" + ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.DatasetFormat": { + "AWS::SecurityHub::AutomationRuleV2.CompositeFilter": { "additionalProperties": false, "properties": { - "Csv": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Csv", - "markdownDescription": "", - "title": "Csv" - }, - "Json": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Json", - "markdownDescription": "", - "title": "Json" + "BooleanFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfBooleanFilter" + }, + "markdownDescription": "Enables filtering based on boolean field values.", + "title": "BooleanFilters", + "type": "array" }, - "Parquet": { - "markdownDescription": "", - "title": "Parquet", - "type": "boolean" - } - }, - "type": "object" - }, - "AWS::SageMaker::MonitoringSchedule.EndpointInput": { - "additionalProperties": false, - "properties": { - "EndpointName": { - "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", - "title": "EndpointName", - "type": "string" + "DateFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfDateFilter" + }, + "markdownDescription": "Enables filtering based on date and timestamp fields.", + "title": "DateFilters", + "type": "array" }, - "ExcludeFeaturesAttribute": { - "markdownDescription": "The attributes of the input data to exclude from the analysis.", - "title": "ExcludeFeaturesAttribute", - "type": "string" + "MapFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfMapFilter" + }, + "markdownDescription": "Enables the creation of filtering criteria for security findings.", + "title": "MapFilters", + "type": "array" }, - "LocalPath": { - "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", - "title": "LocalPath", - "type": "string" + "NumberFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfNumberFilter" + }, + "markdownDescription": "Enables filtering based on numerical field values.", + "title": "NumberFilters", + "type": "array" }, - "S3DataDistributionType": { - "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", - "title": "S3DataDistributionType", + "Operator": { + "markdownDescription": "The logical operator used to combine multiple filter conditions.", + "title": "Operator", "type": "string" }, - "S3InputMode": { - "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", - "title": "S3InputMode", - "type": "string" + "StringFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfStringFilter" + }, + "markdownDescription": "Enables filtering based on string field values.", + "title": "StringFilters", + "type": "array" } }, - "required": [ - "EndpointName", - "LocalPath" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.Json": { + "AWS::SecurityHub::AutomationRuleV2.Criteria": { "additionalProperties": false, "properties": { - "Line": { - "markdownDescription": "", - "title": "Line", - "type": "boolean" + "OcsfFindingCriteria": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.OcsfFindingFilters", + "markdownDescription": "The filtering conditions that align with OCSF standards.", + "title": "OcsfFindingCriteria" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification": { + "AWS::SecurityHub::AutomationRuleV2.DateFilter": { "additionalProperties": false, "properties": { - "ContainerArguments": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of arguments for the container used to run the monitoring job.", - "title": "ContainerArguments", - "type": "array" - }, - "ContainerEntrypoint": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the entrypoint for a container used to run the monitoring job.", - "title": "ContainerEntrypoint", - "type": "array" - }, - "ImageUri": { - "markdownDescription": "The container image to be run by the monitoring job.", - "title": "ImageUri", - "type": "string" + "DateRange": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.DateRange", + "markdownDescription": "A date range for the date filter.", + "title": "DateRange" }, - "PostAnalyticsProcessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", - "title": "PostAnalyticsProcessorSourceUri", + "End": { + "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "End", "type": "string" }, - "RecordPreprocessorSourceUri": { - "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", - "title": "RecordPreprocessorSourceUri", + "Start": { + "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "Start", "type": "string" } }, - "required": [ - "ImageUri" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary": { + "AWS::SecurityHub::AutomationRuleV2.DateRange": { "additionalProperties": false, "properties": { - "CreationTime": { - "markdownDescription": "The time at which the monitoring job was created.", - "title": "CreationTime", - "type": "string" - }, - "EndpointName": { - "markdownDescription": "The name of the endpoint used to run the monitoring job.", - "title": "EndpointName", - "type": "string" - }, - "FailureReason": { - "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", - "title": "FailureReason", - "type": "string" - }, - "LastModifiedTime": { - "markdownDescription": "A timestamp that indicates the last time the monitoring job was modified.", - "title": "LastModifiedTime", - "type": "string" - }, - "MonitoringExecutionStatus": { - "markdownDescription": "The status of the monitoring job.", - "title": "MonitoringExecutionStatus", - "type": "string" - }, - "MonitoringScheduleName": { - "markdownDescription": "The name of the monitoring schedule.", - "title": "MonitoringScheduleName", - "type": "string" - }, - "ProcessingJobArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the monitoring job.", - "title": "ProcessingJobArn", + "Unit": { + "markdownDescription": "A date range unit for the date filter.", + "title": "Unit", "type": "string" }, - "ScheduledTime": { - "markdownDescription": "The time the monitoring job was scheduled.", - "title": "ScheduledTime", - "type": "string" + "Value": { + "markdownDescription": "A date range value for the date filter.", + "title": "Value", + "type": "number" } }, "required": [ - "CreationTime", - "LastModifiedTime", - "MonitoringExecutionStatus", - "MonitoringScheduleName", - "ScheduledTime" + "Unit", + "Value" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringInput": { + "AWS::SecurityHub::AutomationRuleV2.ExternalIntegrationConfiguration": { "additionalProperties": false, "properties": { - "BatchTransformInput": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BatchTransformInput", - "markdownDescription": "Input object for the batch transform job.", - "title": "BatchTransformInput" - }, - "EndpointInput": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.EndpointInput", - "markdownDescription": "The endpoint for a monitoring job.", - "title": "EndpointInput" + "ConnectorArn": { + "markdownDescription": "The ARN of the connector that establishes the integration.", + "title": "ConnectorArn", + "type": "string" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition": { + "AWS::SecurityHub::AutomationRuleV2.MapFilter": { "additionalProperties": false, "properties": { - "BaselineConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BaselineConfig", - "markdownDescription": "Baseline configuration used to validate that the data conforms to the specified constraints and statistics", - "title": "BaselineConfig" - }, - "Environment": { - "additionalProperties": true, - "markdownDescription": "Sets the environment variables in the Docker container.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Environment", - "type": "object" - }, - "MonitoringAppSpecification": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification", - "markdownDescription": "Configures the monitoring job to run a specified Docker container image.", - "title": "MonitoringAppSpecification" - }, - "MonitoringInputs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringInput" - }, - "markdownDescription": "The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker AI Endpoint.", - "title": "MonitoringInputs", - "type": "array" - }, - "MonitoringOutputConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig", - "markdownDescription": "The array of outputs from the monitoring job to be uploaded to Amazon S3.", - "title": "MonitoringOutputConfig" - }, - "MonitoringResources": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringResources", - "markdownDescription": "Identifies the resources, ML compute instances, and ML storage volumes to deploy for a monitoring job. In distributed processing, you specify more than one instance.", - "title": "MonitoringResources" - }, - "NetworkConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.NetworkConfig", - "markdownDescription": "Specifies networking options for an monitoring job.", - "title": "NetworkConfig" + "Comparison": { + "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can assume to perform tasks on your behalf.", - "title": "RoleArn", + "Key": { + "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "title": "Key", "type": "string" }, - "StoppingCondition": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StoppingCondition", - "markdownDescription": "Specifies a time limit for how long the monitoring job is allowed to run.", - "title": "StoppingCondition" + "Value": { + "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "title": "Value", + "type": "string" } }, "required": [ - "MonitoringAppSpecification", - "MonitoringInputs", - "MonitoringOutputConfig", - "MonitoringResources", - "RoleArn" + "Comparison", + "Key", + "Value" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringOutput": { + "AWS::SecurityHub::AutomationRuleV2.NumberFilter": { "additionalProperties": false, "properties": { - "S3Output": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.S3Output", - "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", - "title": "S3Output" + "Eq": { + "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", + "title": "Eq", + "type": "number" + }, + "Gte": { + "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "title": "Gte", + "type": "number" + }, + "Lte": { + "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", + "title": "Lte", + "type": "number" } }, - "required": [ - "S3Output" - ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig": { + "AWS::SecurityHub::AutomationRuleV2.OcsfBooleanFilter": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker AI uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", - "title": "KmsKeyId", + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", "type": "string" }, - "MonitoringOutputs": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutput" - }, - "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", - "title": "MonitoringOutputs", - "type": "array" + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.BooleanFilter", + "markdownDescription": "Enables filtering of security findings based on boolean field values in OCSF.", + "title": "Filter" } }, "required": [ - "MonitoringOutputs" + "FieldName", + "Filter" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringResources": { + "AWS::SecurityHub::AutomationRuleV2.OcsfDateFilter": { "additionalProperties": false, "properties": { - "ClusterConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ClusterConfig", - "markdownDescription": "The configuration for the cluster resources used to run the processing job.", - "title": "ClusterConfig" + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", + "type": "string" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.DateFilter", + "markdownDescription": "Enables filtering of security findings based on date and timestamp fields in OCSF.", + "title": "Filter" } }, "required": [ - "ClusterConfig" + "FieldName", + "Filter" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig": { + "AWS::SecurityHub::AutomationRuleV2.OcsfFindingFilters": { "additionalProperties": false, "properties": { - "MonitoringJobDefinition": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition", - "markdownDescription": "Defines the monitoring job.", - "title": "MonitoringJobDefinition" - }, - "MonitoringJobDefinitionName": { - "markdownDescription": "The name of the monitoring job definition to schedule.", - "title": "MonitoringJobDefinitionName", - "type": "string" + "CompositeFilters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.CompositeFilter" + }, + "markdownDescription": "Enables the creation of complex filtering conditions by combining filter criteria.", + "title": "CompositeFilters", + "type": "array" }, - "MonitoringType": { - "markdownDescription": "The type of the monitoring job definition to schedule.", - "title": "MonitoringType", + "CompositeOperator": { + "markdownDescription": "The logical operators used to combine the filtering on multiple `CompositeFilters` .", + "title": "CompositeOperator", "type": "string" - }, - "ScheduleConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ScheduleConfig", - "markdownDescription": "Configures the monitoring schedule.", - "title": "ScheduleConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::MonitoringSchedule.NetworkConfig": { - "additionalProperties": false, - "properties": { - "EnableInterContainerTrafficEncryption": { - "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", - "title": "EnableInterContainerTrafficEncryption", - "type": "boolean" - }, - "EnableNetworkIsolation": { - "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", - "title": "EnableNetworkIsolation", - "type": "boolean" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.VpcConfig", - "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Training Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html) .", - "title": "VpcConfig" } }, "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.S3Output": { + "AWS::SecurityHub::AutomationRuleV2.OcsfMapFilter": { "additionalProperties": false, "properties": { - "LocalPath": { - "markdownDescription": "The local path to the S3 storage location where SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", - "title": "LocalPath", - "type": "string" - }, - "S3UploadMode": { - "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", - "title": "S3UploadMode", + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", "type": "string" }, - "S3Uri": { - "markdownDescription": "A URI that identifies the S3 storage location where SageMaker saves the results of a monitoring job.", - "title": "S3Uri", - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.MapFilter", + "markdownDescription": "Enables filtering of security findings based on map field values in OCSF.", + "title": "Filter" } }, "required": [ - "LocalPath", - "S3Uri" + "FieldName", + "Filter" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.ScheduleConfig": { + "AWS::SecurityHub::AutomationRuleV2.OcsfNumberFilter": { "additionalProperties": false, "properties": { - "DataAnalysisEndTime": { - "markdownDescription": "Sets the end time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to end the window one hour before the start of each monitoring job, you would specify: `\"-PT1H\"` .\n\nThe end time that you specify must not follow the start time that you specify by more than 24 hours. You specify the start time with the `DataAnalysisStartTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", - "title": "DataAnalysisEndTime", - "type": "string" - }, - "DataAnalysisStartTime": { - "markdownDescription": "Sets the start time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to monitor the five hours of data in your dataset that precede the start of each monitoring job, you would specify: `\"-PT5H\"` .\n\nThe start time that you specify must not precede the end time that you specify by more than 24 hours. You specify the end time with the `DataAnalysisEndTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", - "title": "DataAnalysisStartTime", + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", "type": "string" }, - "ScheduleExpression": { - "markdownDescription": "A cron expression that describes details about the monitoring schedule.\n\nThe supported cron expressions are:\n\n- If you want to set the job to start every hour, use the following:\n\n`Hourly: cron(0 * ? * * *)`\n- If you want to start the job daily:\n\n`cron(0 [00-23] ? * * *)`\n- If you want to run the job one time, immediately, use the following keyword:\n\n`NOW`\n\nFor example, the following are valid cron expressions:\n\n- Daily at noon UTC: `cron(0 12 ? * * *)`\n- Daily at midnight UTC: `cron(0 0 ? * * *)`\n\nTo support running every 6, 12 hours, the following are also supported:\n\n`cron(0 [00-23]/[01-24] ? * * *)`\n\nFor example, the following are valid cron expressions:\n\n- Every 12 hours, starting at 5pm UTC: `cron(0 17/12 ? * * *)`\n- Every two hours starting at midnight: `cron(0 0/2 ? * * *)`\n\n> - Even though the cron expression is set to start at 5PM UTC, note that there could be a delay of 0-20 minutes from the actual requested time to run the execution.\n> - We recommend that if you would like a daily schedule, you do not provide this parameter. Amazon SageMaker AI will pick a time for running every day. \n\nYou can also specify the keyword `NOW` to run the monitoring job immediately, one time, without recurring.", - "title": "ScheduleExpression", - "type": "string" + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.NumberFilter", + "markdownDescription": "Enables filtering of security findings based on numerical field values in OCSF.", + "title": "Filter" } }, "required": [ - "ScheduleExpression" + "FieldName", + "Filter" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.StatisticsResource": { + "AWS::SecurityHub::AutomationRuleV2.OcsfStringFilter": { "additionalProperties": false, "properties": { - "S3Uri": { - "markdownDescription": "The S3 URI for the statistics resource.", - "title": "S3Uri", + "FieldName": { + "markdownDescription": "The name of the field.", + "title": "FieldName", "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::MonitoringSchedule.StoppingCondition": { - "additionalProperties": false, - "properties": { - "MaxRuntimeInSeconds": { - "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", - "title": "MaxRuntimeInSeconds", - "type": "number" + }, + "Filter": { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2.StringFilter", + "markdownDescription": "Enables filtering of security findings based on string field values in OCSF.", + "title": "Filter" } }, "required": [ - "MaxRuntimeInSeconds" + "FieldName", + "Filter" ], "type": "object" }, - "AWS::SageMaker::MonitoringSchedule.VpcConfig": { + "AWS::SecurityHub::AutomationRuleV2.StringFilter": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", - "title": "SecurityGroupIds", - "type": "array" + "Comparison": { + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", + "type": "string" }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", - "title": "Subnets", - "type": "array" + "Value": { + "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", + "title": "Value", + "type": "string" } }, "required": [ - "SecurityGroupIds", - "Subnets" + "Comparison", + "Value" ], "type": "object" }, - "AWS::SageMaker::NotebookInstance": { + "AWS::SecurityHub::ConfigurationPolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -252017,108 +303723,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceleratorTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon Elastic Inference (EI) instance types to associate with the notebook instance. Currently, only one instance type can be associated with a notebook instance. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .\n\n*Valid Values:* `ml.eia1.medium | ml.eia1.large | ml.eia1.xlarge | ml.eia2.medium | ml.eia2.large | ml.eia2.xlarge` .", - "title": "AcceleratorTypes", - "type": "array" - }, - "AdditionalCodeRepositories": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", - "title": "AdditionalCodeRepositories", - "type": "array" - }, - "DefaultCodeRepository": { - "markdownDescription": "The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. When you open a notebook instance, it opens in the directory that contains this repository. For more information, see [Associating Git Repositories with SageMaker AI Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", - "title": "DefaultCodeRepository", - "type": "string" - }, - "DirectInternetAccess": { - "markdownDescription": "Sets whether SageMaker AI provides internet access to the notebook instance. If you set this to `Disabled` this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker AI training and endpoint services unless you configure a NAT Gateway in your VPC.\n\nFor more information, see [Notebook Instances Are Internet-Enabled by Default](https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access) . You can set the value of this parameter to `Disabled` only if you set a value for the `SubnetId` parameter.", - "title": "DirectInternetAccess", - "type": "string" - }, - "InstanceMetadataServiceConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration", - "markdownDescription": "Information on the IMDS configuration of the notebook instance", - "title": "InstanceMetadataServiceConfiguration" - }, - "InstanceType": { - "markdownDescription": "The type of ML compute instance to launch for the notebook instance.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", - "title": "InstanceType", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Key Management Service key that SageMaker AI uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see [Enabling and Disabling Keys](https://docs.aws.amazon.com/kms/latest/developerguide/enabling-keys.html) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKeyId", - "type": "string" + "ConfigurationPolicy": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.Policy", + "markdownDescription": "An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).", + "title": "ConfigurationPolicy" }, - "LifecycleConfigName": { - "markdownDescription": "The name of a lifecycle configuration to associate with the notebook instance. For information about lifecycle configurations, see [Customize a Notebook Instance](https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html) in the *Amazon SageMaker Developer Guide* .", - "title": "LifecycleConfigName", - "type": "string" - }, - "NotebookInstanceName": { - "markdownDescription": "The name of the new notebook instance.", - "title": "NotebookInstanceName", - "type": "string" - }, - "PlatformIdentifier": { - "markdownDescription": "The platform identifier of the notebook instance runtime environment.", - "title": "PlatformIdentifier", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "When you send any requests to AWS resources from the notebook instance, SageMaker AI assumes this role to perform tasks on your behalf. You must grant this role necessary permissions so SageMaker AI can perform these tasks. The policy must allow the SageMaker AI service principal (sagemaker.amazonaws.com) permissions to assume this role. For more information, see [SageMaker AI Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker AI, the caller of this API must have the `iam:PassRole` permission.", - "title": "RoleArn", - "type": "string" - }, - "RootAccess": { - "markdownDescription": "Whether root access is enabled or disabled for users of the notebook instance. The default value is `Enabled` .\n\n> Lifecycle configurations need root access to be able to set up a notebook instance. Because of this, lifecycle configurations associated with a notebook instance always run with root access even if you disable root access for users.", - "title": "RootAccess", + "Description": { + "markdownDescription": "The description of the configuration policy.", + "title": "Description", "type": "string" }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The VPC security group IDs, in the form sg-xxxxxxxx. The security groups must be for the same VPC as specified in the subnet.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in a VPC to which you would like to have a connectivity from your ML compute instance.", - "title": "SubnetId", + "Name": { + "markdownDescription": "The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted: `-, ., !, *, /` .", + "title": "Name", "type": "string" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "User-defined tags associated with a configuration policy. For more information, see [Tagging AWS Security Hub resources](https://docs.aws.amazon.com/securityhub/latest/userguide/tagging-resources.html) in the *Security Hub user guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .\n\nYou can add tags later by using the `CreateTags` API.", "title": "Tags", - "type": "array" - }, - "VolumeSizeInGB": { - "markdownDescription": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", - "title": "VolumeSizeInGB", - "type": "number" + "type": "object" } }, "required": [ - "InstanceType", - "RoleArn" + "ConfigurationPolicy", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::NotebookInstance" + "AWS::SecurityHub::ConfigurationPolicy" ], "type": "string" }, @@ -252137,111 +303777,168 @@ ], "type": "object" }, - "AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration": { + "AWS::SecurityHub::ConfigurationPolicy.ParameterConfiguration": { "additionalProperties": false, "properties": { - "MinimumInstanceMetadataServiceVersion": { - "markdownDescription": "Indicates the minimum IMDS version that the notebook instance supports. When passed as part of `CreateNotebookInstance` , if no value is selected, then it defaults to IMDSv1. This means that both IMDSv1 and IMDSv2 are supported. If passed as part of `UpdateNotebookInstance` , there is no default.", - "title": "MinimumInstanceMetadataServiceVersion", + "Value": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.ParameterValue", + "markdownDescription": "The current value of a control parameter.", + "title": "Value" + }, + "ValueType": { + "markdownDescription": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.\n\nWhen `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.\n\nWhen `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty.", + "title": "ValueType", "type": "string" } }, "required": [ - "MinimumInstanceMetadataServiceVersion" + "ValueType" ], "type": "object" }, - "AWS::SageMaker::NotebookInstanceLifecycleConfig": { + "AWS::SecurityHub::ConfigurationPolicy.ParameterValue": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Boolean": { + "markdownDescription": "A control parameter that is a boolean.", + "title": "Boolean", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Double": { + "markdownDescription": "A control parameter that is a double.", + "title": "Double", + "type": "number" + }, + "Enum": { + "markdownDescription": "A control parameter that is an enum.", + "title": "Enum", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EnumList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of enums.", + "title": "EnumList", + "type": "array" }, - "Metadata": { - "type": "object" + "Integer": { + "markdownDescription": "A control parameter that is an integer.", + "title": "Integer", + "type": "number" }, - "Properties": { + "IntegerList": { + "items": { + "type": "number" + }, + "markdownDescription": "A control parameter that is a list of integers.", + "title": "IntegerList", + "type": "array" + }, + "String": { + "markdownDescription": "A control parameter that is a string.", + "title": "String", + "type": "string" + }, + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of strings.", + "title": "StringList", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.Policy": { + "additionalProperties": false, + "properties": { + "SecurityHub": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityHubPolicy", + "markdownDescription": "The AWS service that the configuration policy applies to.", + "title": "SecurityHub" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.SecurityControlCustomParameter": { + "additionalProperties": false, + "properties": { + "Parameters": { "additionalProperties": false, - "properties": { - "NotebookInstanceLifecycleConfigName": { - "markdownDescription": "The name of the lifecycle configuration.", - "title": "NotebookInstanceLifecycleConfigName", - "type": "string" - }, - "OnCreate": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" - }, - "markdownDescription": "A shell script that runs only once, when you create a notebook instance. The shell script must be a base64-encoded string.", - "title": "OnCreate", - "type": "array" - }, - "OnStart": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" - }, - "markdownDescription": "A shell script that runs every time you start a notebook instance, including when you create the notebook instance. The shell script must be a base64-encoded string.", - "title": "OnStart", - "type": "array" + "markdownDescription": "An object that specifies parameter values for a control in a configuration policy.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.ParameterConfiguration" } }, + "title": "Parameters", "type": "object" }, - "Type": { - "enum": [ - "AWS::SageMaker::NotebookInstanceLifecycleConfig" - ], + "SecurityControlId": { + "markdownDescription": "The ID of the security control.", + "title": "SecurityControlId", "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityHub::ConfigurationPolicy.SecurityControlsConfiguration": { + "additionalProperties": false, + "properties": { + "DisabledSecurityControlIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security controls that are disabled in the configuration policy.\n\nProvide only one of `EnabledSecurityControlIdentifiers` or `DisabledSecurityControlIdentifiers` .\n\nIf you provide `DisabledSecurityControlIdentifiers` , Security Hub enables all other controls not in the list, and enables [AutoEnableControls](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateSecurityHubConfiguration.html#securityhub-UpdateSecurityHubConfiguration-request-AutoEnableControls) .", + "title": "DisabledSecurityControlIdentifiers", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "EnabledSecurityControlIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security controls that are enabled in the configuration policy.\n\nProvide only one of `EnabledSecurityControlIdentifiers` or `DisabledSecurityControlIdentifiers` .\n\nIf you provide `EnabledSecurityControlIdentifiers` , Security Hub disables all other controls not in the list, and disables [AutoEnableControls](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateSecurityHubConfiguration.html#securityhub-UpdateSecurityHubConfiguration-request-AutoEnableControls) .", + "title": "EnabledSecurityControlIdentifiers", + "type": "array" + }, + "SecurityControlCustomParameters": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityControlCustomParameter" + }, + "markdownDescription": "A list of security controls and control parameter values that are included in a configuration policy.", + "title": "SecurityControlCustomParameters", + "type": "array" } }, - "required": [ - "Type" - ], "type": "object" }, - "AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook": { + "AWS::SecurityHub::ConfigurationPolicy.SecurityHubPolicy": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "A base64-encoded string that contains a shell script for a notebook instance lifecycle configuration.", - "title": "Content", - "type": "string" + "EnabledStandardIdentifiers": { + "items": { + "type": "string" + }, + "markdownDescription": "A list that defines which security standards are enabled in the configuration policy.\n\nThis property is required only if `ServiceEnabled` is set to `true` in your configuration policy.", + "title": "EnabledStandardIdentifiers", + "type": "array" + }, + "SecurityControlsConfiguration": { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy.SecurityControlsConfiguration", + "markdownDescription": "An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.\n\nThis property is required only if `ServiceEnabled` is set to true in your configuration policy.", + "title": "SecurityControlsConfiguration" + }, + "ServiceEnabled": { + "markdownDescription": "Indicates whether Security Hub is enabled in the policy.", + "title": "ServiceEnabled", + "type": "boolean" } }, "type": "object" }, - "AWS::SageMaker::Pipeline": { + "AWS::SecurityHub::DelegatedAdmin": { "additionalProperties": false, "properties": { "Condition": { @@ -252276,55 +303973,20 @@ "Properties": { "additionalProperties": false, "properties": { - "ParallelismConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Pipeline.ParallelismConfiguration", - "markdownDescription": "The parallelism configuration applied to the pipeline.", - "title": "ParallelismConfiguration" - }, - "PipelineDefinition": { - "$ref": "#/definitions/AWS::SageMaker::Pipeline.PipelineDefinition", - "markdownDescription": "The definition of the pipeline. This can be either a JSON string or an Amazon S3 location.", - "title": "PipelineDefinition" - }, - "PipelineDescription": { - "markdownDescription": "The description of the pipeline.", - "title": "PipelineDescription", - "type": "string" - }, - "PipelineDisplayName": { - "markdownDescription": "The display name of the pipeline.", - "title": "PipelineDisplayName", - "type": "string" - }, - "PipelineName": { - "markdownDescription": "The name of the pipeline.", - "title": "PipelineName", - "type": "string" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to execute the pipeline.", - "title": "RoleArn", + "AdminAccountId": { + "markdownDescription": "The AWS account identifier of the account to designate as the Security Hub administrator account.", + "title": "AdminAccountId", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags of the pipeline.", - "title": "Tags", - "type": "array" } }, "required": [ - "PipelineDefinition", - "PipelineName", - "RoleArn" + "AdminAccountId" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Pipeline" + "AWS::SecurityHub::DelegatedAdmin" ], "type": "string" }, @@ -252343,67 +304005,7 @@ ], "type": "object" }, - "AWS::SageMaker::Pipeline.ParallelismConfiguration": { - "additionalProperties": false, - "properties": { - "MaxParallelExecutionSteps": { - "markdownDescription": "The max number of steps that can be executed in parallel.", - "title": "MaxParallelExecutionSteps", - "type": "number" - } - }, - "required": [ - "MaxParallelExecutionSteps" - ], - "type": "object" - }, - "AWS::SageMaker::Pipeline.PipelineDefinition": { - "additionalProperties": false, - "properties": { - "PipelineDefinitionBody": { - "markdownDescription": "The [JSON pipeline definition](https://docs.aws.amazon.com/https://aws-sagemaker-mlops.github.io/sagemaker-model-building-pipeline-definition-JSON-schema/) of the pipeline.", - "title": "PipelineDefinitionBody", - "type": "string" - }, - "PipelineDefinitionS3Location": { - "$ref": "#/definitions/AWS::SageMaker::Pipeline.S3Location", - "markdownDescription": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker retrieves the pipeline definition from this location.", - "title": "PipelineDefinitionS3Location" - } - }, - "type": "object" - }, - "AWS::SageMaker::Pipeline.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket.", - "title": "Bucket", - "type": "string" - }, - "ETag": { - "markdownDescription": "A file checksum of the pipeline definition file.", - "title": "ETag", - "type": "string" - }, - "Key": { - "markdownDescription": "The object key (or key name) which uniquely identifies the object in an S3 bucket.", - "title": "Key", - "type": "string" - }, - "Version": { - "markdownDescription": "The version ID of the pipeline definition file. If not specified, Amazon SageMaker will retrieve the latest version.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Bucket", - "Key" - ], - "type": "object" - }, - "AWS::SageMaker::Project": { + "AWS::SecurityHub::FindingAggregator": { "additionalProperties": false, "properties": { "Condition": { @@ -252438,44 +304040,28 @@ "Properties": { "additionalProperties": false, "properties": { - "ProjectDescription": { - "markdownDescription": "The description of the project.", - "title": "ProjectDescription", - "type": "string" - }, - "ProjectName": { - "markdownDescription": "The name of the project.", - "title": "ProjectName", + "RegionLinkingMode": { + "markdownDescription": "Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.\n\nThe selected option also determines how to use the Regions provided in the Regions list.\n\nIn AWS CloudFormation , the options for this property are as follows:\n\n- `ALL_REGIONS` - Indicates to aggregate findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.\n- `ALL_REGIONS_EXCEPT_SPECIFIED` - Indicates to aggregate findings from all of the Regions where Security Hub is enabled, except for the Regions listed in the `Regions` parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.\n- `SPECIFIED_REGIONS` - Indicates to aggregate findings only from the Regions listed in the `Regions` parameter. Security Hub does not automatically aggregate findings from new Regions.", + "title": "RegionLinkingMode", "type": "string" }, - "ServiceCatalogProvisionedProductDetails": { - "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails", - "markdownDescription": "Details of a provisioned service catalog product. For information about service catalog, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", - "title": "ServiceCatalogProvisionedProductDetails" - }, - "ServiceCatalogProvisioningDetails": { - "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisioningDetails", - "markdownDescription": "The product ID and provisioning artifact ID to provision a service catalog. For information, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", - "title": "ServiceCatalogProvisioningDetails" - }, - "Tags": { + "Regions": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", - "title": "Tags", + "markdownDescription": "If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED` , then this is a space-separated list of Regions that do not aggregate findings to the aggregation Region.\n\nIf `RegionLinkingMode` is `SPECIFIED_REGIONS` , then this is a space-separated list of Regions that do aggregate findings to the aggregation Region.", + "title": "Regions", "type": "array" } }, "required": [ - "ProjectName", - "ServiceCatalogProvisioningDetails" + "RegionLinkingMode" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Project" + "AWS::SecurityHub::FindingAggregator" ], "type": "string" }, @@ -252494,75 +304080,7 @@ ], "type": "object" }, - "AWS::SageMaker::Project.ProvisioningParameter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The key that identifies a provisioning parameter.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the provisioning parameter.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails": { - "additionalProperties": false, - "properties": { - "ProvisionedProductId": { - "markdownDescription": "The ID of the provisioned product.", - "title": "ProvisionedProductId", - "type": "string" - }, - "ProvisionedProductStatusMessage": { - "markdownDescription": "The current status of the product.\n\n- `AVAILABLE` - Stable state, ready to perform any operation. The most recent operation succeeded and completed.\n- `UNDER_CHANGE` - Transitive state. Operations performed might not have valid results. Wait for an AVAILABLE status before performing operations.\n- `TAINTED` - Stable state, ready to perform any operation. The stack has completed the requested operation but is not exactly what was requested. For example, a request to update to a new version failed and the stack rolled back to the current version.\n- `ERROR` - An unexpected error occurred. The provisioned product exists but the stack is not running. For example, CloudFormation received a parameter value that was not valid and could not launch the stack.\n- `PLAN_IN_PROGRESS` - Transitive state. The plan operations were performed to provision a new product, but resources have not yet been created. After reviewing the list of resources to be created, execute the plan. Wait for an AVAILABLE status before performing operations.", - "title": "ProvisionedProductStatusMessage", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Project.ServiceCatalogProvisioningDetails": { - "additionalProperties": false, - "properties": { - "PathId": { - "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path.", - "title": "PathId", - "type": "string" - }, - "ProductId": { - "markdownDescription": "The ID of the product to provision.", - "title": "ProductId", - "type": "string" - }, - "ProvisioningArtifactId": { - "markdownDescription": "The ID of the provisioning artifact.", - "title": "ProvisioningArtifactId", - "type": "string" - }, - "ProvisioningParameters": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Project.ProvisioningParameter" - }, - "markdownDescription": "A list of key value pairs that you specify when you provision a product.", - "title": "ProvisioningParameters", - "type": "array" - } - }, - "required": [ - "ProductId" - ], - "type": "object" - }, - "AWS::SageMaker::Space": { + "AWS::SecurityHub::Hub": { "additionalProperties": false, "properties": { "Condition": { @@ -252597,54 +304115,38 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainId": { - "markdownDescription": "The ID of the associated domain.", - "title": "DomainId", - "type": "string" - }, - "OwnershipSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.OwnershipSettings", - "markdownDescription": "The collection of ownership settings for a space.", - "title": "OwnershipSettings" - }, - "SpaceDisplayName": { - "markdownDescription": "The name of the space that appears in the Studio UI.", - "title": "SpaceDisplayName", - "type": "string" + "AutoEnableControls": { + "markdownDescription": "Whether to automatically enable new controls when they are added to standards that are enabled.\n\nBy default, this is set to `true` , and new controls are enabled automatically. To not automatically enable new controls, set this to `false` .\n\nWhen you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of `DISABLED` . It can take up to several days for Security Hub to process the control release and designate the control as `ENABLED` in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have `AutoEnableControls` set to `true` .", + "title": "AutoEnableControls", + "type": "boolean" }, - "SpaceName": { - "markdownDescription": "The name of the space.", - "title": "SpaceName", + "ControlFindingGenerator": { + "markdownDescription": "Specifies whether an account has consolidated control findings turned on or off. If the value for this field is set to `SECURITY_CONTROL` , Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards.\n\nIf the value for this field is set to `STANDARD_CONTROL` , Security Hub generates separate findings for a control check when the check applies to multiple enabled standards.\n\nThe value for this field in a member account matches the value in the administrator account. For accounts that aren't part of an organization, the default value of this field is `SECURITY_CONTROL` if you enabled Security Hub on or after February 23, 2023.", + "title": "ControlFindingGenerator", "type": "string" }, - "SpaceSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSettings", - "markdownDescription": "A collection of space settings.", - "title": "SpaceSettings" - }, - "SpaceSharingSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSharingSettings", - "markdownDescription": "A collection of space sharing settings.", - "title": "SpaceSharingSettings" + "EnableDefaultStandards": { + "markdownDescription": "Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for `EnableDefaultStandards` , it is set to `true` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set `EnableDefaultStandards` to `false` .\n\nCurrently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).", + "title": "EnableDefaultStandards", + "type": "boolean" }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, + "additionalProperties": true, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, "title": "Tags", - "type": "array" + "type": "object" } }, - "required": [ - "DomainId", - "SpaceName" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::Space" + "AWS::SecurityHub::Hub" ], "type": "string" }, @@ -252658,254 +304160,80 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SageMaker::Space.CodeRepository": { - "additionalProperties": false, - "properties": { - "RepositoryUrl": { - "markdownDescription": "The URL of the Git repository.", - "title": "RepositoryUrl", - "type": "string" - } - }, - "required": [ - "RepositoryUrl" + "Type" ], "type": "object" }, - "AWS::SageMaker::Space.CustomFileSystem": { - "additionalProperties": false, - "properties": { - "EFSFileSystem": { - "$ref": "#/definitions/AWS::SageMaker::Space.EFSFileSystem", - "markdownDescription": "A custom file system in Amazon EFS.", - "title": "EFSFileSystem" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.CustomImage": { + "AWS::SecurityHub::HubV2": { "additionalProperties": false, "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig.", - "title": "AppImageConfigName", - "type": "string" - }, - "ImageName": { - "markdownDescription": "The name of the CustomImage. Must be unique to your account.", - "title": "ImageName", + "Condition": { "type": "string" }, - "ImageVersionNumber": { - "markdownDescription": "The version number of the CustomImage.", - "title": "ImageVersionNumber", - "type": "number" - } - }, - "required": [ - "AppImageConfigName", - "ImageName" - ], - "type": "object" - }, - "AWS::SageMaker::Space.EFSFileSystem": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "markdownDescription": "The ID of your Amazon EFS file system.", - "title": "FileSystemId", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, - "AWS::SageMaker::Space.EbsStorageSettings": { - "additionalProperties": false, - "properties": { - "EbsVolumeSizeInGb": { - "markdownDescription": "The size of an EBS storage volume for a space.", - "title": "EbsVolumeSizeInGb", - "type": "number" - } - }, - "required": [ - "EbsVolumeSizeInGb" - ], - "type": "object" - }, - "AWS::SageMaker::Space.JupyterServerAppSettings": { - "additionalProperties": false, - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the JupyterServer app. If you use the `LifecycleConfigArns` parameter, then this parameter is also required.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.KernelGatewayAppSettings": { - "additionalProperties": false, - "properties": { - "CustomImages": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Space.CustomImage" - }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", - "title": "CustomImages", - "type": "array" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.OwnershipSettings": { - "additionalProperties": false, - "properties": { - "OwnerUserProfileName": { - "markdownDescription": "The user profile who is the owner of the space.", - "title": "OwnerUserProfileName", - "type": "string" - } - }, - "required": [ - "OwnerUserProfileName" - ], - "type": "object" - }, - "AWS::SageMaker::Space.ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", - "type": "string" + "Metadata": { + "type": "object" }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.SpaceCodeEditorAppSettings": { - "additionalProperties": false, - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.SpaceJupyterLabAppSettings": { - "additionalProperties": false, - "properties": { - "CodeRepositories": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Space.CodeRepository" + "Properties": { + "additionalProperties": false, + "properties": { + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags to add to the hub V2 resource when you enable Security Hub.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } }, - "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", - "title": "CodeRepositories", - "type": "array" + "type": "object" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", - "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.SpaceSettings": { - "additionalProperties": false, - "properties": { - "AppType": { - "markdownDescription": "The type of app created within the space.\n\nIf using the [UpdateSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateSpace.html) API, you can't change the app type of your space by specifying a different value for this field.", - "title": "AppType", + "Type": { + "enum": [ + "AWS::SecurityHub::HubV2" + ], "type": "string" }, - "CodeEditorAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceCodeEditorAppSettings", - "markdownDescription": "The Code Editor application settings.", - "title": "CodeEditorAppSettings" - }, - "CustomFileSystems": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Space.CustomFileSystem" - }, - "markdownDescription": "A file system, created by you, that you assign to a space for an Amazon SageMaker AI Domain. Permitted users can access this file system in Amazon SageMaker AI Studio.", - "title": "CustomFileSystems", - "type": "array" - }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceJupyterLabAppSettings", - "markdownDescription": "The settings for the JupyterLab application.", - "title": "JupyterLabAppSettings" - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.JupyterServerAppSettings", - "markdownDescription": "The JupyterServer app settings.", - "title": "JupyterServerAppSettings" - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.KernelGatewayAppSettings", - "markdownDescription": "The KernelGateway app settings.", - "title": "KernelGatewayAppSettings" - }, - "SpaceStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.SpaceStorageSettings", - "markdownDescription": "The storage settings for a space.", - "title": "SpaceStorageSettings" - } - }, - "type": "object" - }, - "AWS::SageMaker::Space.SpaceSharingSettings": { - "additionalProperties": false, - "properties": { - "SharingType": { - "markdownDescription": "Specifies the sharing type of the space.", - "title": "SharingType", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SharingType" + "Type" ], "type": "object" }, - "AWS::SageMaker::Space.SpaceStorageSettings": { - "additionalProperties": false, - "properties": { - "EbsStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::Space.EbsStorageSettings", - "markdownDescription": "A collection of EBS storage settings for a space.", - "title": "EbsStorageSettings" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile": { + "AWS::SecurityHub::Insight": { "additionalProperties": false, "properties": { "Condition": { @@ -252940,49 +304268,32 @@ "Properties": { "additionalProperties": false, "properties": { - "DomainId": { - "markdownDescription": "The domain ID.", - "title": "DomainId", - "type": "string" - }, - "SingleSignOnUserIdentifier": { - "markdownDescription": "A specifier for the type of value specified in SingleSignOnUserValue. Currently, the only supported value is \"UserName\". If the Domain's AuthMode is IAM Identity Center , this field is required. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", - "title": "SingleSignOnUserIdentifier", - "type": "string" + "Filters": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.AwsSecurityFindingFilters", + "markdownDescription": "One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters. You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.", + "title": "Filters" }, - "SingleSignOnUserValue": { - "markdownDescription": "The username of the associated AWS Single Sign-On User for this UserProfile. If the Domain's AuthMode is IAM Identity Center , this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", - "title": "SingleSignOnUserValue", + "GroupByAttribute": { + "markdownDescription": "The grouping attribute for the insight's findings. Indicates how to group the matching findings, and identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.", + "title": "GroupByAttribute", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nTags that you specify for the User Profile are also added to all apps that the User Profile launches.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - }, - "UserProfileName": { - "markdownDescription": "The user profile name.", - "title": "UserProfileName", + "Name": { + "markdownDescription": "The name of a Security Hub insight.", + "title": "Name", "type": "string" - }, - "UserSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.UserSettings", - "markdownDescription": "A collection of settings that apply to users of Amazon SageMaker Studio.", - "title": "UserSettings" } }, "required": [ - "DomainId", - "UserProfileName" + "Filters", + "GroupByAttribute", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::SageMaker::UserProfile" + "AWS::SecurityHub::Insight" ], "type": "string" }, @@ -253001,1159 +304312,949 @@ ], "type": "object" }, - "AWS::SageMaker::UserProfile.CodeEditorAppSettings": { + "AWS::SecurityHub::Insight.AwsSecurityFindingFilters": { "additionalProperties": false, "properties": { - "CustomImages": { + "AwsAccountId": { "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", - "title": "CustomImages", + "markdownDescription": "The AWS account ID in which a finding is generated.", + "title": "AwsAccountId", "type": "array" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", - "title": "DefaultResourceSpec" + "AwsAccountName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the AWS account in which a finding is generated.", + "title": "AwsAccountName", + "type": "array" }, - "LifecycleConfigArns": { + "CompanyName": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", - "title": "LifecycleConfigArns", + "markdownDescription": "The name of the findings provider (company) that owns the solution (product) that generates findings.", + "title": "CompanyName", "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.CodeRepository": { - "additionalProperties": false, - "properties": { - "RepositoryUrl": { - "markdownDescription": "The URL of the Git repository.", - "title": "RepositoryUrl", - "type": "string" - } - }, - "required": [ - "RepositoryUrl" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.CustomFileSystemConfig": { - "additionalProperties": false, - "properties": { - "EFSFileSystemConfig": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.EFSFileSystemConfig", - "markdownDescription": "The settings for a custom Amazon EFS file system.", - "title": "EFSFileSystemConfig" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.CustomImage": { - "additionalProperties": false, - "properties": { - "AppImageConfigName": { - "markdownDescription": "The name of the AppImageConfig.", - "title": "AppImageConfigName", - "type": "string" }, - "ImageName": { - "markdownDescription": "The name of the CustomImage. Must be unique to your account.", - "title": "ImageName", - "type": "string" + "ComplianceAssociatedStandardsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.", + "title": "ComplianceAssociatedStandardsId", + "type": "array" }, - "ImageVersionNumber": { - "markdownDescription": "The version number of the CustomImage.", - "title": "ImageVersionNumber", - "type": "number" - } - }, - "required": [ - "AppImageConfigName", - "ImageName" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.CustomPosixUserConfig": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID.", - "title": "Gid", - "type": "number" + "ComplianceSecurityControlId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The unique identifier of a control across standards. Values for this field typically consist of an AWS service and a number, such as APIGateway.5.", + "title": "ComplianceSecurityControlId", + "type": "array" }, - "Uid": { - "markdownDescription": "The POSIX user ID.", - "title": "Uid", - "type": "number" - } - }, - "required": [ - "Gid", - "Uid" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.DefaultEbsStorageSettings": { - "additionalProperties": false, - "properties": { - "DefaultEbsVolumeSizeInGb": { - "markdownDescription": "The default size of the EBS storage volume for a space.", - "title": "DefaultEbsVolumeSizeInGb", - "type": "number" + "ComplianceSecurityControlParametersName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of a security control parameter.", + "title": "ComplianceSecurityControlParametersName", + "type": "array" }, - "MaximumEbsVolumeSizeInGb": { - "markdownDescription": "The maximum size of the EBS storage volume for a space.", - "title": "MaximumEbsVolumeSizeInGb", - "type": "number" - } - }, - "required": [ - "DefaultEbsVolumeSizeInGb", - "MaximumEbsVolumeSizeInGb" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings": { - "additionalProperties": false, - "properties": { - "DefaultEbsStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultEbsStorageSettings", - "markdownDescription": "The default EBS storage settings for a space.", - "title": "DefaultEbsStorageSettings" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.EFSFileSystemConfig": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "markdownDescription": "The ID of your Amazon EFS file system.", - "title": "FileSystemId", - "type": "string" + "ComplianceSecurityControlParametersValue": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The current value of a security control parameter.", + "title": "ComplianceSecurityControlParametersValue", + "type": "array" }, - "FileSystemPath": { - "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below.", - "title": "FileSystemPath", - "type": "string" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, - "AWS::SageMaker::UserProfile.JupyterLabAppSettings": { - "additionalProperties": false, - "properties": { - "CodeRepositories": { + "ComplianceStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details.", + "title": "ComplianceStatus", + "type": "array" + }, + "Confidence": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", + "title": "Confidence", + "type": "array" + }, + "CreatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "CreatedAt", + "type": "array" + }, + "Criticality": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The level of importance assigned to the resources associated with the finding.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", + "title": "Criticality", + "type": "array" + }, + "Description": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A finding's description.", + "title": "Description", + "type": "array" + }, + "FindingProviderFieldsConfidence": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", + "title": "FindingProviderFieldsConfidence", + "type": "array" + }, + "FindingProviderFieldsCriticality": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The finding provider value for the level of importance assigned to the resources associated with the findings.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", + "title": "FindingProviderFieldsCriticality", + "type": "array" + }, + "FindingProviderFieldsRelatedFindingsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The finding identifier of a related finding that is identified by the finding provider.", + "title": "FindingProviderFieldsRelatedFindingsId", + "type": "array" + }, + "FindingProviderFieldsRelatedFindingsProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN of the solution that generated a related finding that is identified by the finding provider.", + "title": "FindingProviderFieldsRelatedFindingsProductArn", + "type": "array" + }, + "FindingProviderFieldsSeverityLabel": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The finding provider value for the severity label.", + "title": "FindingProviderFieldsSeverityLabel", + "type": "array" + }, + "FindingProviderFieldsSeverityOriginal": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The finding provider's original value for the severity.", + "title": "FindingProviderFieldsSeverityOriginal", + "type": "array" + }, + "FindingProviderFieldsTypes": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "One or more finding types that the finding provider assigned to the finding. Uses the format of `namespace/category/classifier` that classify a finding.\n\nValid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications", + "title": "FindingProviderFieldsTypes", + "type": "array" + }, + "FirstObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "FirstObservedAt", + "type": "array" + }, + "GeneratorId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.", + "title": "GeneratorId", + "type": "array" + }, + "Id": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The security findings provider-specific identifier for a finding.", + "title": "Id", + "type": "array" + }, + "LastObservedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "LastObservedAt", + "type": "array" + }, + "MalwareName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the malware that was observed.", + "title": "MalwareName", + "type": "array" + }, + "MalwarePath": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The filesystem path of the malware that was observed.", + "title": "MalwarePath", + "type": "array" + }, + "MalwareState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The state of the malware that was observed.", + "title": "MalwareState", + "type": "array" + }, + "MalwareType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The type of the malware that was observed.", + "title": "MalwareType", + "type": "array" + }, + "NetworkDestinationDomain": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The destination domain of network-related information about a finding.", + "title": "NetworkDestinationDomain", + "type": "array" + }, + "NetworkDestinationIpV4": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The destination IPv4 address of network-related information about a finding.", + "title": "NetworkDestinationIpV4", + "type": "array" + }, + "NetworkDestinationIpV6": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The destination IPv6 address of network-related information about a finding.", + "title": "NetworkDestinationIpV6", + "type": "array" + }, + "NetworkDestinationPort": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The destination port of network-related information about a finding.", + "title": "NetworkDestinationPort", + "type": "array" + }, + "NetworkDirection": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Indicates the direction of network traffic associated with a finding.", + "title": "NetworkDirection", + "type": "array" + }, + "NetworkProtocol": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The protocol of network-related information about a finding.", + "title": "NetworkProtocol", + "type": "array" + }, + "NetworkSourceDomain": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The source domain of network-related information about a finding.", + "title": "NetworkSourceDomain", + "type": "array" + }, + "NetworkSourceIpV4": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The source IPv4 address of network-related information about a finding.", + "title": "NetworkSourceIpV4", + "type": "array" + }, + "NetworkSourceIpV6": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The source IPv6 address of network-related information about a finding.", + "title": "NetworkSourceIpV6", + "type": "array" + }, + "NetworkSourceMac": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The source media access control (MAC) address of network-related information about a finding.", + "title": "NetworkSourceMac", + "type": "array" + }, + "NetworkSourcePort": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The source port of network-related information about a finding.", + "title": "NetworkSourcePort", + "type": "array" + }, + "NoteText": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The text of a note.", + "title": "NoteText", + "type": "array" + }, + "NoteUpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "The timestamp of when the note was updated.", + "title": "NoteUpdatedAt", + "type": "array" + }, + "NoteUpdatedBy": { "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeRepository" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", - "title": "CodeRepositories", + "markdownDescription": "The principal that created a note.", + "title": "NoteUpdatedBy", "type": "array" }, - "CustomImages": { + "ProcessLaunchedAt": { "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, - "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", - "title": "CustomImages", + "markdownDescription": "A timestamp that identifies when the process was launched.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ProcessLaunchedAt", "type": "array" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", - "title": "DefaultResourceSpec" - }, - "LifecycleConfigArns": { + "ProcessName": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", - "title": "LifecycleConfigArns", + "markdownDescription": "The name of the process.", + "title": "ProcessName", "type": "array" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.JupyterServerAppSettings": { - "additionalProperties": false, - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.KernelGatewayAppSettings": { - "additionalProperties": false, - "properties": { - "CustomImages": { + }, + "ProcessParentPid": { "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" }, - "markdownDescription": "A list of custom SageMaker AI images that are configured to run as a KernelGateway app.\n\nThe maximum number of custom images are as follows.\n\n- On a domain level: 200\n- On a space level: 5\n- On a user profile level: 5", - "title": "CustomImages", + "markdownDescription": "The parent process ID. This field accepts positive integers between `O` and `2147483647` .", + "title": "ProcessParentPid", "type": "array" }, - "DefaultResourceSpec": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", - "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.\n\n> The Amazon SageMaker AI Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", - "title": "DefaultResourceSpec" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.RStudioServerProAppSettings": { - "additionalProperties": false, - "properties": { - "AccessStatus": { - "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", - "title": "AccessStatus", - "type": "string" + "ProcessPath": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The path to the process executable.", + "title": "ProcessPath", + "type": "array" }, - "UserGroup": { - "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", - "title": "UserGroup", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", - "title": "InstanceType", - "type": "string" + "ProcessPid": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" + }, + "markdownDescription": "The process ID.", + "title": "ProcessPid", + "type": "array" }, - "SageMakerImageArn": { - "markdownDescription": "The ARN of the SageMaker AI image that the image version belongs to.", - "title": "SageMakerImageArn", - "type": "string" + "ProcessTerminatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that identifies when the process was terminated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ProcessTerminatedAt", + "type": "array" }, - "SageMakerImageVersionArn": { - "markdownDescription": "The ARN of the image version created on the instance. To clear the value set for `SageMakerImageVersionArn` , pass `None` as the value.", - "title": "SageMakerImageVersionArn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.SharingSettings": { - "additionalProperties": false, - "properties": { - "NotebookOutputOption": { - "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", - "title": "NotebookOutputOption", - "type": "string" + "ProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.", + "title": "ProductArn", + "type": "array" }, - "S3KmsKeyId": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", - "title": "S3KmsKeyId", - "type": "string" + "ProductFields": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + }, + "markdownDescription": "A data type where security findings providers can include additional solution-specific details that aren't part of the defined `AwsSecurityFinding` format.", + "title": "ProductFields", + "type": "array" }, - "S3OutputPath": { - "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", - "title": "S3OutputPath", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::UserProfile.UserSettings": { - "additionalProperties": false, - "properties": { - "CodeEditorAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeEditorAppSettings", - "markdownDescription": "The Code Editor application settings.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CodeEditorAppSettings" + "ProductName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the solution (product) that generates findings.", + "title": "ProductName", + "type": "array" }, - "CustomFileSystemConfigs": { + "RecommendationText": { "items": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomFileSystemConfig" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomFileSystemConfigs", + "markdownDescription": "The recommendation of what to do about the issue described in a finding.", + "title": "RecommendationText", "type": "array" }, - "CustomPosixUserConfig": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomPosixUserConfig", - "markdownDescription": "Details about the POSIX identity that is used for file system operations.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "CustomPosixUserConfig" + "RecordState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The updated record state for the finding.", + "title": "RecordState", + "type": "array" }, - "DefaultLandingUri": { - "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", - "title": "DefaultLandingUri", - "type": "string" + "Region": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The Region from which the finding was generated.", + "title": "Region", + "type": "array" }, - "ExecutionRole": { - "markdownDescription": "The execution role for the user.\n\nSageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.", - "title": "ExecutionRole", - "type": "string" + "RelatedFindingsId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The solution-generated identifier for a related finding.", + "title": "RelatedFindingsId", + "type": "array" }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterLabAppSettings", - "markdownDescription": "The settings for the JupyterLab application.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "JupyterLabAppSettings" + "RelatedFindingsProductArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN of the solution that generated a related finding.", + "title": "RelatedFindingsProductArn", + "type": "array" }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterServerAppSettings", - "markdownDescription": "The Jupyter server's app settings.", - "title": "JupyterServerAppSettings" + "ResourceApplicationArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The ARN of the application that is related to a finding.", + "title": "ResourceApplicationArn", + "type": "array" }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.KernelGatewayAppSettings", - "markdownDescription": "The kernel gateway app settings.", - "title": "KernelGatewayAppSettings" + "ResourceApplicationName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the application that is related to a finding.", + "title": "ResourceApplicationName", + "type": "array" }, - "RStudioServerProAppSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.RStudioServerProAppSettings", - "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", - "title": "RStudioServerProAppSettings" + "ResourceAwsEc2InstanceIamInstanceProfileArn": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The IAM profile ARN of the instance.", + "title": "ResourceAwsEc2InstanceIamInstanceProfileArn", + "type": "array" }, - "SecurityGroups": { + "ResourceAwsEc2InstanceImageId": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SecurityGroups", + "markdownDescription": "The Amazon Machine Image (AMI) ID of the instance.", + "title": "ResourceAwsEc2InstanceImageId", "type": "array" }, - "SharingSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.SharingSettings", - "markdownDescription": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.", - "title": "SharingSettings" + "ResourceAwsEc2InstanceIpV4Addresses": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The IPv4 addresses associated with the instance.", + "title": "ResourceAwsEc2InstanceIpV4Addresses", + "type": "array" }, - "SpaceStorageSettings": { - "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings", - "markdownDescription": "The storage settings for a space.\n\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.", - "title": "SpaceStorageSettings" + "ResourceAwsEc2InstanceIpV6Addresses": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" + }, + "markdownDescription": "The IPv6 addresses associated with the instance.", + "title": "ResourceAwsEc2InstanceIpV6Addresses", + "type": "array" }, - "StudioWebPortal": { - "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", - "title": "StudioWebPortal", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SageMaker::Workteam": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" + "ResourceAwsEc2InstanceKeyName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The key name associated with the instance.", + "title": "ResourceAwsEc2InstanceKeyName", + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ResourceAwsEc2InstanceLaunchedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "The date and time the instance was launched.", + "title": "ResourceAwsEc2InstanceLaunchedAt", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ResourceAwsEc2InstanceSubnetId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The identifier of the subnet that the instance was launched in.", + "title": "ResourceAwsEc2InstanceSubnetId", + "type": "array" }, - "Metadata": { - "type": "object" + "ResourceAwsEc2InstanceType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The instance type of the instance.", + "title": "ResourceAwsEc2InstanceType", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the work team.", - "title": "Description", - "type": "string" - }, - "MemberDefinitions": { - "items": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.MemberDefinition" - }, - "markdownDescription": "A list of `MemberDefinition` objects that contains objects that identify the workers that make up the work team.\n\nWorkforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use `CognitoMemberDefinition` . For workforces created using your own OIDC identity provider (IdP) use `OidcMemberDefinition` .", - "title": "MemberDefinitions", - "type": "array" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.NotificationConfiguration", - "markdownDescription": "Configures SNS notifications of available or expiring work items for work teams.", - "title": "NotificationConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs.", - "title": "Tags", - "type": "array" - }, - "WorkforceName": { - "markdownDescription": "The name of the workforce.", - "title": "WorkforceName", - "type": "string" - }, - "WorkteamName": { - "markdownDescription": "The name of the work team.", - "title": "WorkteamName", - "type": "string" - } + "ResourceAwsEc2InstanceVpcId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "type": "object" + "markdownDescription": "The identifier of the VPC that the instance was launched in.", + "title": "ResourceAwsEc2InstanceVpcId", + "type": "array" }, - "Type": { - "enum": [ - "AWS::SageMaker::Workteam" - ], - "type": "string" + "ResourceAwsIamAccessKeyCreatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "The creation date/time of the IAM access key related to a finding.", + "title": "ResourceAwsIamAccessKeyCreatedAt", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::SageMaker::Workteam.CognitoMemberDefinition": { - "additionalProperties": false, - "properties": { - "CognitoClientId": { - "markdownDescription": "An identifier for an application client. You must create the app client ID using Amazon Cognito .", - "title": "CognitoClientId", - "type": "string" + "ResourceAwsIamAccessKeyPrincipalName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the principal that is associated with an IAM access key.", + "title": "ResourceAwsIamAccessKeyPrincipalName", + "type": "array" }, - "CognitoUserGroup": { - "markdownDescription": "An identifier for a user group.", - "title": "CognitoUserGroup", - "type": "string" + "ResourceAwsIamAccessKeyStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The status of the IAM access key related to a finding.", + "title": "ResourceAwsIamAccessKeyStatus", + "type": "array" }, - "CognitoUserPool": { - "markdownDescription": "An identifier for a user pool. The user pool must be in the same region as the service that you are calling.", - "title": "CognitoUserPool", - "type": "string" - } - }, - "required": [ - "CognitoClientId", - "CognitoUserGroup", - "CognitoUserPool" - ], - "type": "object" - }, - "AWS::SageMaker::Workteam.MemberDefinition": { - "additionalProperties": false, - "properties": { - "CognitoMemberDefinition": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.CognitoMemberDefinition", - "markdownDescription": "The Amazon Cognito user group that is part of the work team.", - "title": "CognitoMemberDefinition" + "ResourceAwsIamUserUserName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of an IAM user.", + "title": "ResourceAwsIamUserUserName", + "type": "array" }, - "OidcMemberDefinition": { - "$ref": "#/definitions/AWS::SageMaker::Workteam.OidcMemberDefinition", - "markdownDescription": "A list user groups that exist in your OIDC Identity Provider (IdP). One to ten groups can be used to create a single private work team. When you add a user group to the list of `Groups` , you can add that user group to one or more private work teams. If you add a user group to a private work team, all workers in that user group are added to the work team.", - "title": "OidcMemberDefinition" - } - }, - "type": "object" - }, - "AWS::SageMaker::Workteam.NotificationConfiguration": { - "additionalProperties": false, - "properties": { - "NotificationTopicArn": { - "markdownDescription": "The ARN for the Amazon SNS topic to which notifications should be published.", - "title": "NotificationTopicArn", - "type": "string" - } - }, - "required": [ - "NotificationTopicArn" - ], - "type": "object" - }, - "AWS::SageMaker::Workteam.OidcMemberDefinition": { - "additionalProperties": false, - "properties": { - "OidcGroups": { + "ResourceAwsS3BucketOwnerId": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "", - "title": "OidcGroups", + "markdownDescription": "The canonical user ID of the owner of the S3 bucket.", + "title": "ResourceAwsS3BucketOwnerId", "type": "array" - } - }, - "required": [ - "OidcGroups" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ResourceAwsS3BucketOwnerName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The display name of the owner of the S3 bucket.", + "title": "ResourceAwsS3BucketOwnerName", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ResourceContainerImageId": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The identifier of the image related to a finding.", + "title": "ResourceContainerImageId", + "type": "array" }, - "Metadata": { - "type": "object" + "ResourceContainerImageName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the image related to a finding.", + "title": "ResourceContainerImageName", + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description you specify for the schedule.", - "title": "Description", - "type": "string" - }, - "EndDate": { - "markdownDescription": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the `EndDate` you specify.\nEventBridge Scheduler ignores `EndDate` for one-time schedules.", - "title": "EndDate", - "type": "string" - }, - "FlexibleTimeWindow": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.FlexibleTimeWindow", - "markdownDescription": "Allows you to configure a time window during which EventBridge Scheduler invokes the schedule.", - "title": "FlexibleTimeWindow" - }, - "GroupName": { - "markdownDescription": "The name of the schedule group associated with this schedule.", - "title": "GroupName", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the customer managed KMS key that EventBridge Scheduler will use to encrypt and decrypt your data.", - "title": "KmsKeyArn", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the schedule.", - "title": "Name", - "type": "string" - }, - "ScheduleExpression": { - "markdownDescription": "The expression that defines when the schedule runs. The following formats are supported.\n\n- `at` expression - `at(yyyy-mm-ddThh:mm:ss)`\n- `rate` expression - `rate(value unit)`\n- `cron` expression - `cron(fields)`\n\nYou can use `at` expressions to create one-time schedules that invoke a target once, at the time and in the time zone, that you specify. You can use `rate` and `cron` expressions to create recurring schedules. Rate-based schedules are useful when you want to invoke a target at regular intervals, such as every 15 minutes or every five days. Cron-based schedules are useful when you want to invoke a target periodically at a specific time, such as at 8:00 am (UTC+0) every 1st day of the month.\n\nA `cron` expression consists of six fields separated by white spaces: `(minutes hours day_of_month month day_of_week year)` .\n\nA `rate` expression consists of a *value* as a positive integer, and a *unit* with the following options: `minute` | `minutes` | `hour` | `hours` | `day` | `days`\n\nFor more information and examples, see [Schedule types on EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html) in the *EventBridge Scheduler User Guide* .", - "title": "ScheduleExpression", - "type": "string" - }, - "ScheduleExpressionTimezone": { - "markdownDescription": "The timezone in which the scheduling expression is evaluated.", - "title": "ScheduleExpressionTimezone", - "type": "string" - }, - "StartDate": { - "markdownDescription": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the `StartDate` you specify.\nEventBridge Scheduler ignores `StartDate` for one-time schedules.", - "title": "StartDate", - "type": "string" - }, - "State": { - "markdownDescription": "Specifies whether the schedule is enabled or disabled.\n\n*Allowed Values* : `ENABLED` | `DISABLED`", - "title": "State", - "type": "string" - }, - "Target": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.Target", - "markdownDescription": "The schedule's target details.", - "title": "Target" - } + "ResourceContainerLaunchedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, - "required": [ - "FlexibleTimeWindow", - "ScheduleExpression", - "Target" - ], - "type": "object" + "markdownDescription": "A timestamp that identifies when the container was started.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ResourceContainerLaunchedAt", + "type": "array" }, - "Type": { - "enum": [ - "AWS::Scheduler::Schedule" - ], - "type": "string" + "ResourceContainerName": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The name of the container related to a finding.", + "title": "ResourceContainerName", + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.AwsVpcConfiguration": { - "additionalProperties": false, - "properties": { - "AssignPublicIp": { - "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", - "title": "AssignPublicIp", - "type": "string" + "ResourceDetailsOther": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + }, + "markdownDescription": "The details of a resource that doesn't have a specific subfield for the resource type defined.", + "title": "ResourceDetailsOther", + "type": "array" }, - "SecurityGroups": { + "ResourceId": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", - "title": "SecurityGroups", + "markdownDescription": "The canonical identifier for the given resource type.", + "title": "ResourceId", "type": "array" }, - "Subnets": { + "ResourcePartition": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", - "title": "Subnets", + "markdownDescription": "The canonical AWS partition name that the Region is assigned to.", + "title": "ResourcePartition", "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.CapacityProviderStrategyItem": { - "additionalProperties": false, - "properties": { - "Base": { - "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of `0` is used.", - "title": "Base", - "type": "number" }, - "CapacityProvider": { - "markdownDescription": "The short name of the capacity provider.", - "title": "CapacityProvider", - "type": "string" + "ResourceRegion": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The canonical AWS external Region name where this resource is located.", + "title": "ResourceRegion", + "type": "array" }, - "Weight": { - "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", - "title": "Weight", - "type": "number" - } - }, - "required": [ - "CapacityProvider" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.DeadLetterConfig": { - "additionalProperties": false, - "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the SQS queue specified as the destination for the dead-letter queue.", - "title": "Arn", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.EcsParameters": { - "additionalProperties": false, - "properties": { - "CapacityProviderStrategy": { + "ResourceTags": { "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.CapacityProviderStrategyItem" + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" }, - "markdownDescription": "The capacity provider strategy to use for the task.", - "title": "CapacityProviderStrategy", + "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.", + "title": "ResourceTags", "type": "array" }, - "EnableECSManagedTags": { - "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon ECS Developer Guide* .", - "title": "EnableECSManagedTags", - "type": "boolean" + "ResourceType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Specifies the type of the resource that details are provided for.", + "title": "ResourceType", + "type": "array" }, - "EnableExecuteCommand": { - "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", - "title": "EnableExecuteCommand", - "type": "boolean" + "Sample": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.BooleanFilter" + }, + "markdownDescription": "Indicates whether or not sample findings are included in the filter results.", + "title": "Sample", + "type": "array" }, - "Group": { - "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", - "title": "Group", - "type": "string" + "SeverityLabel": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The label of a finding's severity.", + "title": "SeverityLabel", + "type": "array" }, - "LaunchType": { - "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html) in the *Amazon ECS Developer Guide* .", - "title": "LaunchType", - "type": "string" + "SourceUrl": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A URL that links to a page about the current finding in the security findings provider's solution.", + "title": "SourceUrl", + "type": "array" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.NetworkConfiguration", - "markdownDescription": "This structure specifies the network configuration for an ECS task.", - "title": "NetworkConfiguration" + "ThreatIntelIndicatorCategory": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The category of a threat intelligence indicator.", + "title": "ThreatIntelIndicatorCategory", + "type": "array" }, - "PlacementConstraints": { + "ThreatIntelIndicatorLastObservedAt": { "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementConstraint" + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, - "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", - "title": "PlacementConstraints", + "markdownDescription": "A timestamp that identifies the last observation of a threat intelligence indicator.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "ThreatIntelIndicatorLastObservedAt", "type": "array" }, - "PlacementStrategy": { + "ThreatIntelIndicatorSource": { "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementStrategy" + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, - "markdownDescription": "The task placement strategy for a task or service.", - "title": "PlacementStrategy", + "markdownDescription": "The source of the threat intelligence.", + "title": "ThreatIntelIndicatorSource", "type": "array" }, - "PlatformVersion": { - "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .", - "title": "PlatformVersion", - "type": "string" + "ThreatIntelIndicatorSourceUrl": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The URL for more details from the source of the threat intelligence.", + "title": "ThreatIntelIndicatorSourceUrl", + "type": "array" }, - "PropagateTags": { - "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the Amazon ECS [`TagResource`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.", - "title": "PropagateTags", - "type": "string" + "ThreatIntelIndicatorType": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The type of a threat intelligence indicator.", + "title": "ThreatIntelIndicatorType", + "type": "array" }, - "ReferenceId": { - "markdownDescription": "The reference ID to use for the task.", - "title": "ReferenceId", - "type": "string" + "ThreatIntelIndicatorValue": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The value of a threat intelligence indicator.", + "title": "ThreatIntelIndicatorValue", + "type": "array" }, - "Tags": { - "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. For more information, see [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) in the *Amazon ECS API Reference* .", - "title": "Tags", - "type": "object" + "Title": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A finding's title.", + "title": "Title", + "type": "array" }, - "TaskCount": { - "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is `1` .", - "title": "TaskCount", - "type": "number" + "Type": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "A finding type in the format of `namespace/category/classifier` that classifies a finding.", + "title": "Type", + "type": "array" }, - "TaskDefinitionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the task definition to use if the event target is an Amazon ECS task.", - "title": "TaskDefinitionArn", - "type": "string" - } - }, - "required": [ - "TaskDefinitionArn" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.EventBridgeParameters": { - "additionalProperties": false, - "properties": { - "DetailType": { - "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", - "title": "DetailType", - "type": "string" + "UpdatedAt": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" + }, + "markdownDescription": "A timestamp that indicates when the security findings provider last updated the finding record.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "UpdatedAt", + "type": "array" }, - "Source": { - "markdownDescription": "The source of the event.", - "title": "Source", - "type": "string" - } - }, - "required": [ - "DetailType", - "Source" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.FlexibleTimeWindow": { - "additionalProperties": false, - "properties": { - "MaximumWindowInMinutes": { - "markdownDescription": "The maximum time window during which a schedule can be invoked.\n\n*Minimum* : `1`\n\n*Maximum* : `1440`", - "title": "MaximumWindowInMinutes", - "type": "number" + "UserDefinedFields": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + }, + "markdownDescription": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.", + "title": "UserDefinedFields", + "type": "array" }, - "Mode": { - "markdownDescription": "Determines whether the schedule is invoked within a flexible time window. You must use quotation marks when you specify this value in your JSON or YAML template.\n\n*Allowed Values* : `\"OFF\"` | `\"FLEXIBLE\"`", - "title": "Mode", - "type": "string" - } - }, - "required": [ - "Mode" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.KinesisParameters": { - "additionalProperties": false, - "properties": { - "PartitionKey": { - "markdownDescription": "Specifies the shard to which EventBridge Scheduler sends the event. For more information, see [Amazon Kinesis Data Streams terminology and concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html) in the *Amazon Kinesis Streams Developer Guide* .", - "title": "PartitionKey", - "type": "string" - } - }, - "required": [ - "PartitionKey" - ], - "type": "object" - }, - "AWS::Scheduler::Schedule.NetworkConfiguration": { - "additionalProperties": false, - "properties": { - "AwsvpcConfiguration": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.AwsVpcConfiguration", - "markdownDescription": "Specifies the Amazon VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode.", - "title": "AwsvpcConfiguration" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.PlacementConstraint": { - "additionalProperties": false, - "properties": { - "Expression": { - "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/latest/developerguide/cluster-query-language.html) in the *Amazon ECS Developer Guide* .", - "title": "Expression", - "type": "string" + "VerificationState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The veracity of a finding.", + "title": "VerificationState", + "type": "array" }, - "Type": { - "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.PlacementStrategy": { - "additionalProperties": false, - "properties": { - "Field": { - "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are `instanceId` (or `instanceId` , which has the same effect), or any platform or custom attribute that is applied to a container instance, such as `attribute:ecs.availability-zone` . For the binpack placement strategy, valid values are `cpu` and `memory` . For the random placement strategy, this field is not used.", - "title": "Field", - "type": "string" + "VulnerabilitiesExploitAvailable": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Indicates whether a software vulnerability in your environment has a known exploit. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", + "title": "VulnerabilitiesExploitAvailable", + "type": "array" }, - "Type": { - "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Scheduler::Schedule.RetryPolicy": { - "additionalProperties": false, - "properties": { - "MaximumEventAgeInSeconds": { - "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", - "title": "MaximumEventAgeInSeconds", - "type": "number" + "VulnerabilitiesFixAvailable": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "Indicates whether a vulnerability is fixed in a newer version of the affected software packages. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", + "title": "VulnerabilitiesFixAvailable", + "type": "array" }, - "MaximumRetryAttempts": { - "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts with exponential backoff continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is reached.", - "title": "MaximumRetryAttempts", - "type": "number" + "WorkflowState": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The workflow state of a finding.\n\nNote that this field is deprecated. To search for a finding based on its workflow status, use `WorkflowStatus` .", + "title": "WorkflowState", + "type": "array" + }, + "WorkflowStatus": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + }, + "markdownDescription": "The status of the investigation into a finding. Allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets the workflow status from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n\nIf one of the following occurs, the workflow status is changed automatically from `NOTIFIED` to `NEW` :\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed.\n\nThe workflow status of a `SUPPRESSED` finding does not change if `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n\nThe finding remains `RESOLVED` unless one of the following occurs:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n\nIn those cases, the workflow status is automatically reset to `NEW` .\n\nFor findings from controls, if `Compliance.Status` is `PASSED` , then Security Hub automatically sets the workflow status to `RESOLVED` .", + "title": "WorkflowStatus", + "type": "array" } }, "type": "object" }, - "AWS::Scheduler::Schedule.SageMakerPipelineParameter": { + "AWS::SecurityHub::Insight.BooleanFilter": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "Name of parameter to start execution of a SageMaker Model Building Pipeline.", - "title": "Name", - "type": "string" - }, "Value": { - "markdownDescription": "Value of parameter to start execution of a SageMaker Model Building Pipeline.", + "markdownDescription": "The value of the boolean.", "title": "Value", - "type": "string" + "type": "boolean" } }, "required": [ - "Name", "Value" ], "type": "object" }, - "AWS::Scheduler::Schedule.SageMakerPipelineParameters": { + "AWS::SecurityHub::Insight.DateFilter": { "additionalProperties": false, "properties": { - "PipelineParameterList": { - "items": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameter" - }, - "markdownDescription": "List of parameter names and values to use when executing the SageMaker Model Building Pipeline.", - "title": "PipelineParameterList", - "type": "array" + "DateRange": { + "$ref": "#/definitions/AWS::SecurityHub::Insight.DateRange", + "markdownDescription": "A date range for the date filter.", + "title": "DateRange" + }, + "End": { + "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "End", + "type": "string" + }, + "Start": { + "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", + "title": "Start", + "type": "string" } }, "type": "object" }, - "AWS::Scheduler::Schedule.SqsParameters": { + "AWS::SecurityHub::Insight.DateRange": { "additionalProperties": false, "properties": { - "MessageGroupId": { - "markdownDescription": "The FIFO message group ID to use as the target.", - "title": "MessageGroupId", + "Unit": { + "markdownDescription": "A date range unit for the date filter.", + "title": "Unit", "type": "string" + }, + "Value": { + "markdownDescription": "A date range value for the date filter.", + "title": "Value", + "type": "number" } }, + "required": [ + "Unit", + "Value" + ], "type": "object" }, - "AWS::Scheduler::Schedule.Target": { + "AWS::SecurityHub::Insight.IpFilter": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the target.", - "title": "Arn", - "type": "string" - }, - "DeadLetterConfig": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.DeadLetterConfig", - "markdownDescription": "An object that contains information about an Amazon SQS queue that EventBridge Scheduler uses as a dead-letter queue for your schedule. If specified, EventBridge Scheduler delivers failed events that could not be successfully delivered to a target to the queue.", - "title": "DeadLetterConfig" - }, - "EcsParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.EcsParameters", - "markdownDescription": "The templated target type for the Amazon ECS [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API operation.", - "title": "EcsParameters" - }, - "EventBridgeParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.EventBridgeParameters", - "markdownDescription": "The templated target type for the EventBridge [`PutEvents`](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) API operation.", - "title": "EventBridgeParameters" - }, - "Input": { - "markdownDescription": "The text, or well-formed JSON, passed to the target. If you are configuring a templated Lambda , AWS Step Functions , or Amazon EventBridge target, the input must be a well-formed JSON. For all other target types, a JSON is not required. If you do not specify anything for this field, Amazon EventBridge Scheduler delivers a default notification to the target.", - "title": "Input", - "type": "string" - }, - "KinesisParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.KinesisParameters", - "markdownDescription": "The templated target type for the Amazon Kinesis [`PutRecord`](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html) API operation.", - "title": "KinesisParameters" - }, - "RetryPolicy": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.RetryPolicy", - "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings, including the maximum age of an event, and the maximum number of times EventBridge Scheduler will try to deliver the event to a target.", - "title": "RetryPolicy" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that EventBridge Scheduler will use for this target when the schedule is invoked.", - "title": "RoleArn", + "Cidr": { + "markdownDescription": "A finding's CIDR value.", + "title": "Cidr", "type": "string" - }, - "SageMakerPipelineParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameters", - "markdownDescription": "The templated target type for the Amazon SageMaker [`StartPipelineExecution`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) API operation.", - "title": "SageMakerPipelineParameters" - }, - "SqsParameters": { - "$ref": "#/definitions/AWS::Scheduler::Schedule.SqsParameters", - "markdownDescription": "The templated target type for the Amazon SQS [`SendMessage`](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html) API operation. Contains the message group ID to use when the target is a FIFO queue. If you specify an Amazon SQS FIFO queue as a target, the queue must have content-based deduplication enabled. For more information, see [Using the Amazon SQS message deduplication ID](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/using-messagededuplicationid-property.html) in the *Amazon SQS Developer Guide* .", - "title": "SqsParameters" } }, "required": [ - "Arn", - "RoleArn" + "Cidr" ], "type": "object" }, - "AWS::Scheduler::ScheduleGroup": { + "AWS::SecurityHub::Insight.MapFilter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Comparison": { + "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the schedule group.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Scheduler::ScheduleGroup" - ], + "Key": { + "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "title": "Key", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "title": "Value", "type": "string" } }, "required": [ - "Type" + "Comparison", + "Key", + "Value" ], "type": "object" }, - "AWS::SecretsManager::ResourcePolicy": { + "AWS::SecurityHub::Insight.NumberFilter": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "Eq": { + "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", + "title": "Eq", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "BlockPublicPolicy": { - "markdownDescription": "Specifies whether to block resource-based policies that allow broad access to the secret. By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.", - "title": "BlockPublicPolicy", - "type": "boolean" - }, - "ResourcePolicy": { - "markdownDescription": "A JSON-formatted string for an AWS resource-based policy. For example policies, see [Permissions policy examples](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html) .", - "title": "ResourcePolicy", - "type": "object" - }, - "SecretId": { - "markdownDescription": "The ARN or name of the secret to attach the resource-based policy.\n\nFor an ARN, we recommend that you specify a complete ARN rather than a partial ARN.", - "title": "SecretId", - "type": "string" - } - }, - "required": [ - "ResourcePolicy", - "SecretId" - ], - "type": "object" + "Gte": { + "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", + "title": "Gte", + "type": "number" }, - "Type": { - "enum": [ - "AWS::SecretsManager::ResourcePolicy" - ], + "Lte": { + "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", + "title": "Lte", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityHub::Insight.StringFilter": { + "additionalProperties": false, + "properties": { + "Comparison": { + "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", + "title": "Comparison", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Value": { + "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", + "title": "Value", "type": "string" } }, "required": [ - "Type", - "Properties" + "Comparison", + "Value" ], "type": "object" }, - "AWS::SecretsManager::RotationSchedule": { + "AWS::SecurityHub::OrganizationConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -254188,40 +305289,30 @@ "Properties": { "additionalProperties": false, "properties": { - "HostedRotationLambda": { - "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.HostedRotationLambda", - "markdownDescription": "Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) . To use a rotation function that already exists, specify `RotationLambdaARN` instead.\n\nYou must specify `Transform: AWS::SecretsManager-2024-09-16` at the beginning of the CloudFormation template. Transforms are macros hosted by AWS CloudFormation that help you create and manage complex infrastructure. The `Transform: AWS::SecretsManager-2024-09-16` transform automatically extends the CloudFormation stack to include a nested stack (of type `AWS::CloudFormation::Stack` ), which then creates and updates on your behalf during subsequent stack operations, the appropriate rotation Lambda function for your database or service. For general information on transforms, see the [AWS CloudFormation documentation.](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-reference.html)\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .", - "title": "HostedRotationLambda" - }, - "RotateImmediatelyOnUpdate": { - "markdownDescription": "Determines whether to rotate the secret immediately or wait until the next scheduled rotation window when the rotation schedule is updated. The rotation schedule is defined in `RotationRules` .\n\nThe default for `RotateImmediatelyOnUpdate` is `true` . If you don't specify this value, Secrets Manager rotates the secret immediately.\n\nIf you set `RotateImmediatelyOnUpdate` to `false` , Secrets Manager tests the rotation configuration by running the [`testSecret` step](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) of the Lambda rotation function. This test creates an `AWSPENDING` version of the secret and then removes it.\n\n> When changing an existing rotation schedule and setting `RotateImmediatelyOnUpdate` to `false` :\n> \n> - If using `AutomaticallyAfterDays` or a `ScheduleExpression` with `rate()` , the previously scheduled rotation might still occur.\n> - To prevent unintended rotations, use a `ScheduleExpression` with `cron()` for granular control over rotation windows. \n\nRotation is an asynchronous process. For more information, see [How rotation works](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) .", - "title": "RotateImmediatelyOnUpdate", + "AutoEnable": { + "markdownDescription": "Whether to automatically enable Security Hub in new member accounts when they join the organization.\n\nIf set to `true` , then Security Hub is automatically enabled in new accounts. If set to `false` , then Security Hub isn't enabled in new accounts automatically. The default value is `false` .\n\nIf the `ConfigurationType` of your organization is set to `CENTRAL` , then this field is set to `false` and can't be changed in the home Region and linked Regions. However, in that case, the delegated administrator can create a configuration policy in which Security Hub is enabled and associate the policy with new organization accounts.", + "title": "AutoEnable", "type": "boolean" }, - "RotationLambdaARN": { - "markdownDescription": "The ARN of an existing Lambda rotation function. To specify a rotation function that is also defined in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function.\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nFor Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .\n\nTo create a new rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) , specify `HostedRotationLambda` instead.", - "title": "RotationLambdaARN", + "AutoEnableStandards": { + "markdownDescription": "Whether to automatically enable Security Hub [default standards](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-enable-disable.html) in new member accounts when they join the organization.\n\nThe default value of this parameter is equal to `DEFAULT` .\n\nIf equal to `DEFAULT` , then Security Hub default standards are automatically enabled for new member accounts. If equal to `NONE` , then default standards are not automatically enabled for new member accounts.\n\nIf the `ConfigurationType` of your organization is set to `CENTRAL` , then this field is set to `NONE` and can't be changed in the home Region and linked Regions. However, in that case, the delegated administrator can create a configuration policy in which specific security standards are enabled and associate the policy with new organization accounts.", + "title": "AutoEnableStandards", "type": "string" }, - "RotationRules": { - "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.RotationRules", - "markdownDescription": "A structure that defines the rotation configuration for this secret.", - "title": "RotationRules" - }, - "SecretId": { - "markdownDescription": "The ARN or name of the secret to rotate. This is unique for each rotation schedule definition.\n\nTo reference a secret also created in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID.", - "title": "SecretId", + "ConfigurationType": { + "markdownDescription": "Indicates whether the organization uses local or central configuration.\n\nIf you use local configuration, the Security Hub delegated administrator can set `AutoEnable` to `true` and `AutoEnableStandards` to `DEFAULT` . This automatically enables Security Hub and default security standards in new organization accounts. These new account settings must be set separately in each AWS Region , and settings may be different in each Region.\n\nIf you use central configuration, the delegated administrator can create configuration policies. Configuration policies can be used to configure Security Hub, security standards, and security controls in multiple accounts and Regions. If you want new organization accounts to use a specific configuration, you can create a configuration policy and associate it with the root or specific organizational units (OUs). New accounts will inherit the policy from the root or their assigned OU.", + "title": "ConfigurationType", "type": "string" } }, "required": [ - "SecretId" + "AutoEnable" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecretsManager::RotationSchedule" + "AWS::SecurityHub::OrganizationConfiguration" ], "type": "string" }, @@ -254240,92 +305331,7 @@ ], "type": "object" }, - "AWS::SecretsManager::RotationSchedule.HostedRotationLambda": { - "additionalProperties": false, - "properties": { - "ExcludeCharacters": { - "markdownDescription": "A string of the characters that you don't want in the password.", - "title": "ExcludeCharacters", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the KMS key that Secrets Manager uses to encrypt the secret. If you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.", - "title": "KmsKeyArn", - "type": "string" - }, - "MasterSecretArn": { - "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", - "title": "MasterSecretArn", - "type": "string" - }, - "MasterSecretKmsKeyArn": { - "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", - "title": "MasterSecretKmsKeyArn", - "type": "string" - }, - "RotationLambdaName": { - "markdownDescription": "The name of the Lambda rotation function.", - "title": "RotationLambdaName", - "type": "string" - }, - "RotationType": { - "markdownDescription": "The rotation template to base the rotation function on, one of the following:\n\n- `Db2SingleUser` to use the template [SecretsManagerRDSDb2RotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-singleuser) .\n- `Db2MultiUser` to use the template [SecretsManagerRDSDb2RotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-multiuser) .\n- `MySQLSingleUser` to use the template [SecretsManagerRDSMySQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-singleuser) .\n- `MySQLMultiUser` to use the template [SecretsManagerRDSMySQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-multiuser) .\n- `PostgreSQLSingleUser` to use the template [SecretsManagerRDSPostgreSQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-singleuser)\n- `PostgreSQLMultiUser` to use the template [SecretsManagerRDSPostgreSQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-multiuser) .\n- `OracleSingleUser` to use the template [SecretsManagerRDSOracleRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-singleuser) .\n- `OracleMultiUser` to use the template [SecretsManagerRDSOracleRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-multiuser) .\n- `MariaDBSingleUser` to use the template [SecretsManagerRDSMariaDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-singleuser) .\n- `MariaDBMultiUser` to use the template [SecretsManagerRDSMariaDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-multiuser) .\n- `SQLServerSingleUser` to use the template [SecretsManagerRDSSQLServerRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-singleuser) .\n- `SQLServerMultiUser` to use the template [SecretsManagerRDSSQLServerRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-multiuser) .\n- `RedshiftSingleUser` to use the template [SecretsManagerRedshiftRotationSingleUsr](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-singleuser) .\n- `RedshiftMultiUser` to use the template [SecretsManagerRedshiftRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-multiuser) .\n- `MongoDBSingleUser` to use the template [SecretsManagerMongoDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-singleuser) .\n- `MongoDBMultiUser` to use the template [SecretsManagerMongoDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-multiuser) .", - "title": "RotationType", - "type": "string" - }, - "Runtime": { - "markdownDescription": "> Do not set this value if you are using `Transform: AWS::SecretsManager-2024-09-16` . Over time, the updated rotation lambda artifacts vended by AWS may not be compatible with the code or shared object files defined in the rotation function deployment package.\n> \n> Only define the `Runtime` key if:\n> \n> - You are using `Transform: AWS::SecretsManager-2020-07-23` .\n> - The code or shared object files defined in the rotation function deployment package are incompatible with Python 3.9. \n\nThe Python Runtime version for with the rotation function. By default, CloudFormation deploys Python 3.9 binaries for the rotation function. To use a different version of Python, you must do the following two steps:\n\n- Deploy the matching version Python binaries with your rotation function.\n- Set the version number in this field. For example, for Python 3.7, enter *python3.7* .\n\nIf you only do one of the steps, your rotation function will be incompatible with the binaries. For more information, see [Why did my Lambda rotation function fail with a \"pg module not found\" error](https://docs.aws.amazon.com/https://repost.aws/knowledge-center/secrets-manager-lambda-rotation) .", - "title": "Runtime", - "type": "string" - }, - "SuperuserSecretArn": { - "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", - "title": "SuperuserSecretArn", - "type": "string" - }, - "SuperuserSecretKmsKeyArn": { - "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", - "title": "SuperuserSecretKmsKeyArn", - "type": "string" - }, - "VpcSecurityGroupIds": { - "markdownDescription": "A comma-separated list of security group IDs applied to the target database.\n\nThe template applies the same security groups as on the Lambda rotation function that is created as part of this stack.", - "title": "VpcSecurityGroupIds", - "type": "string" - }, - "VpcSubnetIds": { - "markdownDescription": "A comma separated list of VPC subnet IDs of the target database network. The Lambda rotation function is in the same subnet group.", - "title": "VpcSubnetIds", - "type": "string" - } - }, - "required": [ - "RotationType" - ], - "type": "object" - }, - "AWS::SecretsManager::RotationSchedule.RotationRules": { - "additionalProperties": false, - "properties": { - "AutomaticallyAfterDays": { - "markdownDescription": "The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.\n\nIn `DescribeSecret` and `ListSecrets` , this value is calculated from the rotation schedule after every successful rotation. In `RotateSecret` , you can set the rotation schedule in `RotationRules` with `AutomaticallyAfterDays` or `ScheduleExpression` , but not both.", - "title": "AutomaticallyAfterDays", - "type": "number" - }, - "Duration": { - "markdownDescription": "The length of the rotation window in hours, for example `3h` for a three hour window. Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the `ScheduleExpression` . If you don't specify a `Duration` , for a `ScheduleExpression` in hours, the window automatically closes after one hour. For a `ScheduleExpression` in days, the window automatically closes at the end of the UTC day. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* .", - "title": "Duration", - "type": "string" - }, - "ScheduleExpression": { - "markdownDescription": "A `cron()` or `rate()` expression that defines the schedule for rotating your secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager rotates your secret any time during a rotation window.\n\nSecrets Manager `rate()` expressions represent the interval in hours or days that you want to rotate your secret, for example `rate(12 hours)` or `rate(10 days)` . You can rotate a secret as often as every four hours. If you use a `rate()` expression, the rotation window starts at midnight. For a rate in hours, the default rotation window closes after one hour. For a rate in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.\n\nYou can use a `cron()` expression to create a rotation schedule that is more detailed than a rotation interval. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* . For a cron expression that represents a schedule in hours, the default rotation window closes after one hour. For a cron expression that represents a schedule in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.", - "title": "ScheduleExpression", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecretsManager::Secret": { + "AWS::SecurityHub::PolicyAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -254360,53 +305366,32 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the secret.", - "title": "Description", - "type": "string" - }, - "GenerateSecretString": { - "$ref": "#/definitions/AWS::SecretsManager::Secret.GenerateSecretString", - "markdownDescription": "A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use `SecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.\n\nWe recommend that you specify the maximum length and include every character type that the system you are generating a password for can support.", - "title": "GenerateSecretString" - }, - "KmsKeyId": { - "markdownDescription": "The ARN, key ID, or alias of the AWS KMS key that Secrets Manager uses to encrypt the secret value in the secret. An alias is always prefixed by `alias/` , for example `alias/aws/secretsmanager` . For more information, see [About aliases](https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html) .\n\nTo use a AWS KMS key in a different account, use the key ARN or the alias ARN.\n\nIf you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If that key doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.\n\nIf the secret is in a different AWS account from the credentials calling the API, then you can't use `aws/secretsmanager` to encrypt the secret, and you must create and use a customer managed AWS KMS key.", - "title": "KmsKeyId", + "ConfigurationPolicyId": { + "markdownDescription": "The universally unique identifier (UUID) of the configuration policy. A self-managed configuration has no UUID. The identifier of a self-managed configuration is `SELF_MANAGED_SECURITY_HUB` .", + "title": "ConfigurationPolicyId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the new secret.\n\nThe secret name can contain ASCII letters, numbers, and the following characters: /_+=.@-\n\nDo not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN.", - "title": "Name", + "TargetId": { + "markdownDescription": "The identifier of the target account, organizational unit, or the root.", + "title": "TargetId", "type": "string" }, - "ReplicaRegions": { - "items": { - "$ref": "#/definitions/AWS::SecretsManager::Secret.ReplicaRegion" - }, - "markdownDescription": "A custom type that specifies a `Region` and the `KmsKeyId` for a replica secret.", - "title": "ReplicaRegions", - "type": "array" - }, - "SecretString": { - "markdownDescription": "The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use `GenerateSecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.", - "title": "SecretString", + "TargetType": { + "markdownDescription": "Specifies whether the target is an AWS account , organizational unit, or the root.", + "title": "TargetType", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nStack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret.\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", - "title": "Tags", - "type": "array" } }, + "required": [ + "ConfigurationPolicyId", + "TargetId", + "TargetType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SecretsManager::Secret" + "AWS::SecurityHub::PolicyAssociation" ], "type": "string" }, @@ -254420,86 +305405,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::SecretsManager::Secret.GenerateSecretString": { - "additionalProperties": false, - "properties": { - "ExcludeCharacters": { - "markdownDescription": "A string of the characters that you don't want in the password.", - "title": "ExcludeCharacters", - "type": "string" - }, - "ExcludeLowercase": { - "markdownDescription": "Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters.", - "title": "ExcludeLowercase", - "type": "boolean" - }, - "ExcludeNumbers": { - "markdownDescription": "Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers.", - "title": "ExcludeNumbers", - "type": "boolean" - }, - "ExcludePunctuation": { - "markdownDescription": "Specifies whether to exclude the following punctuation characters from the password: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~` . If you don't include this switch, the password can contain punctuation.", - "title": "ExcludePunctuation", - "type": "boolean" - }, - "ExcludeUppercase": { - "markdownDescription": "Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters.", - "title": "ExcludeUppercase", - "type": "boolean" - }, - "GenerateStringKey": { - "markdownDescription": "The JSON key name for the key/value pair, where the value is the generated password. This pair is added to the JSON structure specified by the `SecretStringTemplate` parameter. If you specify this parameter, then you must also specify `SecretStringTemplate` .", - "title": "GenerateStringKey", - "type": "string" - }, - "IncludeSpace": { - "markdownDescription": "Specifies whether to include the space character. If you include this switch, the password can contain space characters.", - "title": "IncludeSpace", - "type": "boolean" - }, - "PasswordLength": { - "markdownDescription": "The length of the password. If you don't include this parameter, the default length is 32 characters.", - "title": "PasswordLength", - "type": "number" - }, - "RequireEachIncludedType": { - "markdownDescription": "Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type.", - "title": "RequireEachIncludedType", - "type": "boolean" - }, - "SecretStringTemplate": { - "markdownDescription": "A template that the generated string must match. When you make a change to this property, a new secret version is created.", - "title": "SecretStringTemplate", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecretsManager::Secret.ReplicaRegion": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "markdownDescription": "The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't include this field, Secrets Manager uses `aws/secretsmanager` .", - "title": "KmsKeyId", - "type": "string" - }, - "Region": { - "markdownDescription": "A string that represents a `Region` , for example \"us-east-1\".", - "title": "Region", - "type": "string" - } - }, - "required": [ - "Region" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecretsManager::SecretTargetAttachment": { + "AWS::SecurityHub::ProductSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -254534,32 +305445,20 @@ "Properties": { "additionalProperties": false, "properties": { - "SecretId": { - "markdownDescription": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID. This field is unique for each target attachment definition.", - "title": "SecretId", - "type": "string" - }, - "TargetId": { - "markdownDescription": "The ID of the database or cluster.", - "title": "TargetId", - "type": "string" - }, - "TargetType": { - "markdownDescription": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::RedshiftServerless::Namespace\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster\n- AWS::DocDBElastic::Cluster", - "title": "TargetType", + "ProductArn": { + "markdownDescription": "The ARN of the product to enable the integration for.", + "title": "ProductArn", "type": "string" } }, "required": [ - "SecretId", - "TargetId", - "TargetType" + "ProductArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecretsManager::SecretTargetAttachment" + "AWS::SecurityHub::ProductSubscription" ], "type": "string" }, @@ -254578,7 +305477,7 @@ ], "type": "object" }, - "AWS::SecurityHub::AutomationRule": { + "AWS::SecurityHub::SecurityControl": { "additionalProperties": false, "properties": { "Condition": { @@ -254613,631 +305512,228 @@ "Properties": { "additionalProperties": false, "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesAction" - }, - "markdownDescription": "One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .", - "title": "Actions", - "type": "array" - }, - "Criteria": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters", - "markdownDescription": "A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.", - "title": "Criteria" - }, - "Description": { - "markdownDescription": "A description of the rule.", - "title": "Description", - "type": "string" - }, - "IsTerminal": { - "markdownDescription": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.", - "title": "IsTerminal", - "type": "boolean" - }, - "RuleName": { - "markdownDescription": "The name of the rule.", - "title": "RuleName", - "type": "string" - }, - "RuleOrder": { - "markdownDescription": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.", - "title": "RuleOrder", - "type": "number" - }, - "RuleStatus": { - "markdownDescription": "Whether the rule is active after it is created. If this parameter is equal to `ENABLED` , Security Hub applies the rule to findings and finding updates after the rule is created.", - "title": "RuleStatus", + "LastUpdateReason": { + "markdownDescription": "The most recent reason for updating the customizable properties of a security control. This differs from the `UpdateReason` field of the [`BatchUpdateStandardsControlAssociations`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html) API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.", + "title": "LastUpdateReason", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "User-defined tags associated with an automation rule.", + "Parameters": { + "additionalProperties": false, + "markdownDescription": "An object that identifies the name of a control parameter, its current value, and whether it has been customized.", "patternProperties": { "^[a-zA-Z0-9]+$": { - "type": "string" + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl.ParameterConfiguration" } }, - "title": "Tags", + "title": "Parameters", "type": "object" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::SecurityHub::AutomationRule" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.AutomationRulesAction": { - "additionalProperties": false, - "properties": { - "FindingFieldsUpdate": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate", - "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", - "title": "FindingFieldsUpdate" - }, - "Type": { - "markdownDescription": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "FindingFieldsUpdate", - "Type" - ], - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate": { - "additionalProperties": false, - "properties": { - "Confidence": { - "markdownDescription": "The rule action updates the `Confidence` field of a finding.", - "title": "Confidence", - "type": "number" - }, - "Criticality": { - "markdownDescription": "The rule action updates the `Criticality` field of a finding.", - "title": "Criticality", - "type": "number" - }, - "Note": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NoteUpdate", - "markdownDescription": "The rule action will update the `Note` field of a finding.", - "title": "Note" - }, - "RelatedFindings": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.RelatedFinding" - }, - "markdownDescription": "The rule action will update the `RelatedFindings` field of a finding.", - "title": "RelatedFindings", - "type": "array" - }, - "Severity": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.SeverityUpdate", - "markdownDescription": "The rule action will update the `Severity` field of a finding.", - "title": "Severity" - }, - "Types": { - "items": { - "type": "string" - }, - "markdownDescription": "The rule action updates the `Types` field of a finding.", - "title": "Types", - "type": "array" - }, - "UserDefinedFields": { - "additionalProperties": true, - "markdownDescription": "The rule action updates the `UserDefinedFields` field of a finding.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { + }, + "SecurityControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for a security control across standards, such as `arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1` . This parameter doesn't mention a specific standard.", + "title": "SecurityControlArn", + "type": "string" + }, + "SecurityControlId": { + "markdownDescription": "The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.", + "title": "SecurityControlId", "type": "string" } }, - "title": "UserDefinedFields", - "type": "object" - }, - "VerificationState": { - "markdownDescription": "The rule action updates the `VerificationState` field of a finding.", - "title": "VerificationState", - "type": "string" - }, - "Workflow": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.WorkflowUpdate", - "markdownDescription": "The rule action will update the `Workflow` field of a finding.", - "title": "Workflow" - } - }, - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters": { - "additionalProperties": false, - "properties": { - "AwsAccountId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The AWS account ID in which a finding was generated.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "AwsAccountId", - "type": "array" - }, - "CompanyName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The name of the company for the product that generated the finding. For control-based findings, the company is AWS .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "CompanyName", - "type": "array" - }, - "ComplianceAssociatedStandardsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ComplianceAssociatedStandardsId", - "type": "array" - }, - "ComplianceSecurityControlId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The security control ID for which a finding was generated. Security control IDs are the same across standards.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ComplianceSecurityControlId", - "type": "array" - }, - "ComplianceStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The result of a security check. This field is only used for findings generated from controls.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ComplianceStatus", - "type": "array" - }, - "Confidence": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" - }, - "markdownDescription": "The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. `Confidence` is scored on a 0\u2013100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Confidence", - "type": "array" - }, - "CreatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when this finding record was created.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "CreatedAt", - "type": "array" - }, - "Criticality": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" - }, - "markdownDescription": "The level of importance that is assigned to the resources that are associated with a finding. `Criticality` is scored on a 0\u2013100 basis, using a ratio scale that supports only full integers. A score of `0` means that the underlying resources have no criticality, and a score of `100` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Criticality", - "type": "array" - }, - "Description": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "A finding's description.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Description", - "type": "array" - }, - "FirstObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "FirstObservedAt", - "type": "array" - }, - "GeneratorId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The identifier for the solution-specific component that generated a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "GeneratorId", - "type": "array" - }, - "Id": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The product-specific identifier for a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Id", - "type": "array" - }, - "LastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "LastObservedAt", - "type": "array" - }, - "NoteText": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The text of a user-defined note that's added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "NoteText", - "type": "array" - }, - "NoteUpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "The timestamp of when the note was updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "NoteUpdatedAt", - "type": "array" - }, - "NoteUpdatedBy": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The principal that created a note.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "NoteUpdatedBy", - "type": "array" - }, - "ProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ProductArn", - "type": "array" - }, - "ProductName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ProductName", - "type": "array" - }, - "RecordState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides the current state of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "RecordState", - "type": "array" - }, - "RelatedFindingsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "RelatedFindingsId", - "type": "array" - }, - "RelatedFindingsProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The ARN for the product that generated a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "RelatedFindingsProductArn", - "type": "array" - }, - "ResourceDetailsOther": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" - }, - "markdownDescription": "Custom fields and values about the resource that a finding pertains to.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourceDetailsOther", - "type": "array" - }, - "ResourceId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non- AWS resources, this is a unique identifier that is associated with the resource.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "ResourceId", - "type": "array" - }, - "ResourcePartition": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions . Each AWS account is scoped to one partition.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourcePartition", - "type": "array" - }, - "ResourceRegion": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The AWS Region where the resource that a finding pertains to is located.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourceRegion", - "type": "array" - }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" - }, - "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "ResourceTags", - "type": "array" - }, - "ResourceType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "ResourceType", - "type": "array" - }, - "SeverityLabel": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "The severity value of the finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "SeverityLabel", - "type": "array" - }, - "SourceUrl": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides a URL that links to a page about the current finding in the finding product.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "SourceUrl", - "type": "array" - }, - "Title": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", - "title": "Title", - "type": "array" - }, - "Type": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Type", - "type": "array" - }, - "UpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the finding record was most recently updated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "UpdatedAt", - "type": "array" - }, - "UserDefinedFields": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" - }, - "markdownDescription": "A list of user-defined name and value string pairs added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "UserDefinedFields", - "type": "array" - }, - "VerificationState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides the veracity of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "VerificationState", - "type": "array" - }, - "WorkflowStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" - }, - "markdownDescription": "Provides information about the status of the investigation into a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "WorkflowStatus", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.DateFilter": { - "additionalProperties": false, - "properties": { - "DateRange": { - "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateRange", - "markdownDescription": "A date range for the date filter.", - "title": "DateRange" - }, - "End": { - "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "End", - "type": "string" - }, - "Start": { - "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "Start", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.DateRange": { - "additionalProperties": false, - "properties": { - "Unit": { - "markdownDescription": "A date range unit for the date filter.", - "title": "Unit", - "type": "string" - }, - "Value": { - "markdownDescription": "A date range value for the date filter.", - "title": "Value", - "type": "number" - } - }, - "required": [ - "Unit", - "Value" - ], - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.MapFilter": { - "additionalProperties": false, - "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", - "type": "string" + "required": [ + "Parameters" + ], + "type": "object" }, - "Key": { - "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", - "title": "Key", + "Type": { + "enum": [ + "AWS::SecurityHub::SecurityControl" + ], "type": "string" }, - "Value": { - "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Comparison", - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.NoteUpdate": { + "AWS::SecurityHub::SecurityControl.ParameterConfiguration": { "additionalProperties": false, "properties": { - "Text": { - "markdownDescription": "The updated note text.", - "title": "Text", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl.ParameterValue", + "markdownDescription": "The current value of a control parameter.", + "title": "Value" }, - "UpdatedBy": { - "markdownDescription": "The principal that updated the note.", - "title": "UpdatedBy", - "type": "object" + "ValueType": { + "markdownDescription": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.\n\nWhen `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.\n\nWhen `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty.", + "title": "ValueType", + "type": "string" } }, "required": [ - "Text", - "UpdatedBy" + "ValueType" ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.NumberFilter": { + "AWS::SecurityHub::SecurityControl.ParameterValue": { "additionalProperties": false, "properties": { - "Eq": { - "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", - "title": "Eq", - "type": "number" + "Boolean": { + "markdownDescription": "A control parameter that is a boolean.", + "title": "Boolean", + "type": "boolean" }, - "Gte": { - "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", - "title": "Gte", + "Double": { + "markdownDescription": "A control parameter that is a double.", + "title": "Double", "type": "number" }, - "Lte": { - "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", - "title": "Lte", + "Enum": { + "markdownDescription": "A control parameter that is an enum.", + "title": "Enum", + "type": "string" + }, + "EnumList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of enums.", + "title": "EnumList", + "type": "array" + }, + "Integer": { + "markdownDescription": "A control parameter that is an integer.", + "title": "Integer", "type": "number" - } - }, - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.RelatedFinding": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", - "title": "Id", - "type": "object" }, - "ProductArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the product that generated a related finding.", - "title": "ProductArn", + "IntegerList": { + "items": { + "type": "number" + }, + "markdownDescription": "A control parameter that is a list of integers.", + "title": "IntegerList", + "type": "array" + }, + "String": { + "markdownDescription": "A control parameter that is a string.", + "title": "String", "type": "string" + }, + "StringList": { + "items": { + "type": "string" + }, + "markdownDescription": "A control parameter that is a list of strings.", + "title": "StringList", + "type": "array" } }, - "required": [ - "Id", - "ProductArn" - ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.SeverityUpdate": { + "AWS::SecurityHub::Standard": { "additionalProperties": false, "properties": { - "Label": { - "markdownDescription": "The severity value of the finding. The allowed values are the following.\n\n- `INFORMATIONAL` - No issue was found.\n- `LOW` - The issue does not require action on its own.\n- `MEDIUM` - The issue must be addressed but not urgently.\n- `HIGH` - The issue must be addressed as a priority.\n- `CRITICAL` - The issue must be remediated immediately to avoid it escalating.", - "title": "Label", + "Condition": { "type": "string" }, - "Normalized": { - "markdownDescription": "The normalized severity for the finding. This attribute is to be deprecated in favor of `Label` .\n\nIf you provide `Normalized` and don't provide `Label` , `Label` is set automatically as follows.\n\n- 0 - `INFORMATIONAL`\n- 1\u201339 - `LOW`\n- 40\u201369 - `MEDIUM`\n- 70\u201389 - `HIGH`\n- 90\u2013100 - `CRITICAL`", - "title": "Normalized", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Product": { - "markdownDescription": "The native severity as defined by the AWS service or integrated partner product that generated the finding.", - "title": "Product", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SecurityHub::AutomationRule.StringFilter": { - "additionalProperties": false, - "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DisabledStandardsControls": { + "items": { + "$ref": "#/definitions/AWS::SecurityHub::Standard.StandardsControl" + }, + "markdownDescription": "Specifies which controls are to be disabled in a standard.\n\n*Maximum* : `100`", + "title": "DisabledStandardsControls", + "type": "array" + }, + "StandardsArn": { + "markdownDescription": "The ARN of the standard that you want to enable. To view a list of available Security Hub standards and their ARNs, use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.", + "title": "StandardsArn", + "type": "string" + } + }, + "required": [ + "StandardsArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SecurityHub::Standard" + ], "type": "string" }, - "Value": { - "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", - "title": "Value", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Comparison", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityHub::AutomationRule.WorkflowUpdate": { + "AWS::SecurityHub::Standard.StandardsControl": { "additionalProperties": false, "properties": { - "Status": { - "markdownDescription": "The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the same issue.\n\nThe allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets `WorkFlowStatus` from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- The record state changes from `ARCHIVED` to `ACTIVE` .\n- The compliance status changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated.", - "title": "Status", + "Reason": { + "markdownDescription": "A user-defined reason for changing a control's enablement status in a specified standard. If you are disabling a control, then this property is required.", + "title": "Reason", + "type": "string" + }, + "StandardsControlArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the control.", + "title": "StandardsControlArn", "type": "string" } }, "required": [ - "Status" + "StandardsControlArn" ], "type": "object" }, - "AWS::SecurityHub::DelegatedAdmin": { + "AWS::SecurityLake::AwsLogSource": { "additionalProperties": false, "properties": { "Condition": { @@ -255272,20 +305768,40 @@ "Properties": { "additionalProperties": false, "properties": { - "AdminAccountId": { - "markdownDescription": "The AWS account identifier of the account to designate as the Security Hub administrator account.", - "title": "AdminAccountId", + "Accounts": { + "items": { + "type": "string" + }, + "markdownDescription": "Specify the AWS account information where you want to enable Security Lake.", + "title": "Accounts", + "type": "array" + }, + "DataLakeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", + "title": "DataLakeArn", + "type": "string" + }, + "SourceName": { + "markdownDescription": "The name for a AWS source. This must be a Regionally unique value. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", + "title": "SourceName", + "type": "string" + }, + "SourceVersion": { + "markdownDescription": "The version for a AWS source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide. This must be a Regionally unique value.", + "title": "SourceVersion", "type": "string" } }, "required": [ - "AdminAccountId" + "DataLakeArn", + "SourceName", + "SourceVersion" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::DelegatedAdmin" + "AWS::SecurityLake::AwsLogSource" ], "type": "string" }, @@ -255304,7 +305820,7 @@ ], "type": "object" }, - "AWS::SecurityHub::Hub": { + "AWS::SecurityLake::DataLake": { "additionalProperties": false, "properties": { "Condition": { @@ -255339,38 +305855,40 @@ "Properties": { "additionalProperties": false, "properties": { - "AutoEnableControls": { - "markdownDescription": "Whether to automatically enable new controls when they are added to standards that are enabled.\n\nBy default, this is set to `true` , and new controls are enabled automatically. To not automatically enable new controls, set this to `false` .\n\nWhen you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of `DISABLED` . It can take up to several days for Security Hub to process the control release and designate the control as `ENABLED` in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have `AutoEnableControls` set to `true` .", - "title": "AutoEnableControls", - "type": "boolean" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.EncryptionConfiguration", + "markdownDescription": "Provides encryption details of the Amazon Security Lake object.", + "title": "EncryptionConfiguration" }, - "ControlFindingGenerator": { - "markdownDescription": "Specifies whether an account has consolidated control findings turned on or off. If the value for this field is set to `SECURITY_CONTROL` , Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards.\n\nIf the value for this field is set to `STANDARD_CONTROL` , Security Hub generates separate findings for a control check when the check applies to multiple enabled standards.\n\nThe value for this field in a member account matches the value in the administrator account. For accounts that aren't part of an organization, the default value of this field is `SECURITY_CONTROL` if you enabled Security Hub on or after February 23, 2023.", - "title": "ControlFindingGenerator", + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.LifecycleConfiguration", + "markdownDescription": "You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see [Lifecycle management](https://docs.aws.amazon.com//security-lake/latest/userguide/lifecycle-management.html) in the Amazon Security Lake User Guide.", + "title": "LifecycleConfiguration" + }, + "MetaStoreManagerRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.", + "title": "MetaStoreManagerRoleArn", "type": "string" }, - "EnableDefaultStandards": { - "markdownDescription": "Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for `EnableDefaultStandards` , it is set to `true` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set `EnableDefaultStandards` to `false` .\n\nCurrently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).", - "title": "EnableDefaultStandards", - "type": "boolean" + "ReplicationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.ReplicationConfiguration", + "markdownDescription": "Provides replication details of Amazon Security Lake object.", + "title": "ReplicationConfiguration" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", "title": "Tags", - "type": "object" + "type": "array" } }, "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::Hub" + "AWS::SecurityLake::DataLake" ], "type": "string" }, @@ -255388,7 +305906,83 @@ ], "type": "object" }, - "AWS::SecurityHub::Insight": { + "AWS::SecurityLake::DataLake.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The ID of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.Expiration": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "The number of days before data expires in the Amazon Security Lake object.", + "title": "Days", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Expiration": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.Expiration", + "markdownDescription": "Provides data expiration details of the Amazon Security Lake object.", + "title": "Expiration" + }, + "Transitions": { + "items": { + "$ref": "#/definitions/AWS::SecurityLake::DataLake.Transitions" + }, + "markdownDescription": "Provides data storage transition details of Amazon Security Lake object. By configuring these settings, you can specify your preferred Amazon S3 storage class and the time period for S3 objects to stay in that storage class before they transition to a different storage class.", + "title": "Transitions", + "type": "array" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.ReplicationConfiguration": { + "additionalProperties": false, + "properties": { + "Regions": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the `CreateDataLake` or `UpdateDataLake` operations contributes data to the rollup Region or Regions specified in this parameter.\n\nReplication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.", + "title": "Regions", + "type": "array" + }, + "RoleArn": { + "markdownDescription": "Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake , to ensure the replication setting is correct.", + "title": "RoleArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::DataLake.Transitions": { + "additionalProperties": false, + "properties": { + "Days": { + "markdownDescription": "The number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.", + "title": "Days", + "type": "number" + }, + "StorageClass": { + "markdownDescription": "The list of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads. The default storage class is *S3 Standard* . For information about other storage classes, see [Setting the storage class of an object](https://docs.aws.amazon.com/AmazonS3/latest/userguide/sc-howtoset.html) in the *Amazon S3 User Guide* .", + "title": "StorageClass", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber": { "additionalProperties": false, "properties": { "Condition": { @@ -255423,32 +306017,63 @@ "Properties": { "additionalProperties": false, "properties": { - "Filters": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.AwsSecurityFindingFilters", - "markdownDescription": "One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters. You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.", - "title": "Filters" + "AccessTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "You can choose to notify subscribers of new objects with an Amazon Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the subscriber.\n\nSubscribers can consume data by directly querying AWS Lake Formation tables in your Amazon S3 bucket through services like Amazon Athena. This subscription type is defined as `LAKEFORMATION` .", + "title": "AccessTypes", + "type": "array" }, - "GroupByAttribute": { - "markdownDescription": "The grouping attribute for the insight's findings. Indicates how to group the matching findings, and identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.", - "title": "GroupByAttribute", + "DataLakeArn": { + "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", + "title": "DataLakeArn", "type": "string" }, - "Name": { - "markdownDescription": "The name of a Security Hub insight.", - "title": "Name", + "Sources": { + "items": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.Source" + }, + "markdownDescription": "Amazon Security Lake supports log and event collection for natively supported AWS services . For more information, see the [Amazon Security Lake User Guide](https://docs.aws.amazon.com//security-lake/latest/userguide/source-management.html) .", + "title": "Sources", + "type": "array" + }, + "SubscriberDescription": { + "markdownDescription": "The subscriber descriptions for a subscriber account. The description for a subscriber includes `subscriberName` , `accountID` , `externalID` , and `subscriberId` .", + "title": "SubscriberDescription", + "type": "string" + }, + "SubscriberIdentity": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.SubscriberIdentity", + "markdownDescription": "The AWS identity used to access your data.", + "title": "SubscriberIdentity" + }, + "SubscriberName": { + "markdownDescription": "The name of your Amazon Security Lake subscriber account.", + "title": "SubscriberName", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of objects, one for each tag to associate with the subscriber. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", + "title": "Tags", + "type": "array" } }, "required": [ - "Filters", - "GroupByAttribute", - "Name" + "AccessTypes", + "DataLakeArn", + "Sources", + "SubscriberIdentity", + "SubscriberName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::Insight" + "AWS::SecurityLake::Subscriber" ], "type": "string" }, @@ -255467,949 +306092,970 @@ ], "type": "object" }, - "AWS::SecurityHub::Insight.AwsSecurityFindingFilters": { + "AWS::SecurityLake::Subscriber.AwsLogSource": { "additionalProperties": false, "properties": { - "AwsAccountId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The AWS account ID in which a finding is generated.", - "title": "AwsAccountId", - "type": "array" - }, - "AwsAccountName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the AWS account in which a finding is generated.", - "title": "AwsAccountName", - "type": "array" - }, - "CompanyName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the findings provider (company) that owns the solution (product) that generates findings.", - "title": "CompanyName", - "type": "array" - }, - "ComplianceAssociatedStandardsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.", - "title": "ComplianceAssociatedStandardsId", - "type": "array" - }, - "ComplianceSecurityControlId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The unique identifier of a control across standards. Values for this field typically consist of an AWS service and a number, such as APIGateway.5.", - "title": "ComplianceSecurityControlId", - "type": "array" - }, - "ComplianceSecurityControlParametersName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of a security control parameter.", - "title": "ComplianceSecurityControlParametersName", - "type": "array" - }, - "ComplianceSecurityControlParametersValue": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The current value of a security control parameter.", - "title": "ComplianceSecurityControlParametersValue", - "type": "array" - }, - "ComplianceStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details.", - "title": "ComplianceStatus", - "type": "array" - }, - "Confidence": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", - "title": "Confidence", - "type": "array" - }, - "CreatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "CreatedAt", - "type": "array" - }, - "Criticality": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The level of importance assigned to the resources associated with the finding.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", - "title": "Criticality", - "type": "array" - }, - "Description": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "A finding's description.", - "title": "Description", - "type": "array" - }, - "FindingProviderFieldsConfidence": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", - "title": "FindingProviderFieldsConfidence", - "type": "array" - }, - "FindingProviderFieldsCriticality": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The finding provider value for the level of importance assigned to the resources associated with the findings.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", - "title": "FindingProviderFieldsCriticality", - "type": "array" - }, - "FindingProviderFieldsRelatedFindingsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The finding identifier of a related finding that is identified by the finding provider.", - "title": "FindingProviderFieldsRelatedFindingsId", - "type": "array" - }, - "FindingProviderFieldsRelatedFindingsProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The ARN of the solution that generated a related finding that is identified by the finding provider.", - "title": "FindingProviderFieldsRelatedFindingsProductArn", - "type": "array" - }, - "FindingProviderFieldsSeverityLabel": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The finding provider value for the severity label.", - "title": "FindingProviderFieldsSeverityLabel", - "type": "array" - }, - "FindingProviderFieldsSeverityOriginal": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The finding provider's original value for the severity.", - "title": "FindingProviderFieldsSeverityOriginal", - "type": "array" - }, - "FindingProviderFieldsTypes": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "One or more finding types that the finding provider assigned to the finding. Uses the format of `namespace/category/classifier` that classify a finding.\n\nValid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications", - "title": "FindingProviderFieldsTypes", - "type": "array" - }, - "FirstObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "FirstObservedAt", - "type": "array" - }, - "GeneratorId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.", - "title": "GeneratorId", - "type": "array" - }, - "Id": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The security findings provider-specific identifier for a finding.", - "title": "Id", - "type": "array" - }, - "LastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "LastObservedAt", - "type": "array" - }, - "MalwareName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the malware that was observed.", - "title": "MalwareName", - "type": "array" - }, - "MalwarePath": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The filesystem path of the malware that was observed.", - "title": "MalwarePath", - "type": "array" - }, - "MalwareState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The state of the malware that was observed.", - "title": "MalwareState", - "type": "array" - }, - "MalwareType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The type of the malware that was observed.", - "title": "MalwareType", - "type": "array" - }, - "NetworkDestinationDomain": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The destination domain of network-related information about a finding.", - "title": "NetworkDestinationDomain", - "type": "array" - }, - "NetworkDestinationIpV4": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The destination IPv4 address of network-related information about a finding.", - "title": "NetworkDestinationIpV4", - "type": "array" - }, - "NetworkDestinationIpV6": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The destination IPv6 address of network-related information about a finding.", - "title": "NetworkDestinationIpV6", - "type": "array" - }, - "NetworkDestinationPort": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The destination port of network-related information about a finding.", - "title": "NetworkDestinationPort", - "type": "array" - }, - "NetworkDirection": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Indicates the direction of network traffic associated with a finding.", - "title": "NetworkDirection", - "type": "array" - }, - "NetworkProtocol": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The protocol of network-related information about a finding.", - "title": "NetworkProtocol", - "type": "array" - }, - "NetworkSourceDomain": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The source domain of network-related information about a finding.", - "title": "NetworkSourceDomain", - "type": "array" - }, - "NetworkSourceIpV4": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The source IPv4 address of network-related information about a finding.", - "title": "NetworkSourceIpV4", - "type": "array" - }, - "NetworkSourceIpV6": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The source IPv6 address of network-related information about a finding.", - "title": "NetworkSourceIpV6", - "type": "array" - }, - "NetworkSourceMac": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The source media access control (MAC) address of network-related information about a finding.", - "title": "NetworkSourceMac", - "type": "array" - }, - "NetworkSourcePort": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The source port of network-related information about a finding.", - "title": "NetworkSourcePort", - "type": "array" - }, - "NoteText": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The text of a note.", - "title": "NoteText", - "type": "array" - }, - "NoteUpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "The timestamp of when the note was updated.", - "title": "NoteUpdatedAt", - "type": "array" - }, - "NoteUpdatedBy": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The principal that created a note.", - "title": "NoteUpdatedBy", - "type": "array" - }, - "ProcessLaunchedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that identifies when the process was launched.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ProcessLaunchedAt", - "type": "array" - }, - "ProcessName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the process.", - "title": "ProcessName", - "type": "array" - }, - "ProcessParentPid": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The parent process ID. This field accepts positive integers between `O` and `2147483647` .", - "title": "ProcessParentPid", - "type": "array" - }, - "ProcessPath": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The path to the process executable.", - "title": "ProcessPath", - "type": "array" - }, - "ProcessPid": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" - }, - "markdownDescription": "The process ID.", - "title": "ProcessPid", - "type": "array" - }, - "ProcessTerminatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that identifies when the process was terminated.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ProcessTerminatedAt", - "type": "array" - }, - "ProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.", - "title": "ProductArn", - "type": "array" - }, - "ProductFields": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" - }, - "markdownDescription": "A data type where security findings providers can include additional solution-specific details that aren't part of the defined `AwsSecurityFinding` format.", - "title": "ProductFields", - "type": "array" - }, - "ProductName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the solution (product) that generates findings.", - "title": "ProductName", - "type": "array" - }, - "RecommendationText": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The recommendation of what to do about the issue described in a finding.", - "title": "RecommendationText", - "type": "array" - }, - "RecordState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The updated record state for the finding.", - "title": "RecordState", - "type": "array" - }, - "Region": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The Region from which the finding was generated.", - "title": "Region", - "type": "array" - }, - "RelatedFindingsId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The solution-generated identifier for a related finding.", - "title": "RelatedFindingsId", - "type": "array" - }, - "RelatedFindingsProductArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The ARN of the solution that generated a related finding.", - "title": "RelatedFindingsProductArn", - "type": "array" - }, - "ResourceApplicationArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The ARN of the application that is related to a finding.", - "title": "ResourceApplicationArn", - "type": "array" - }, - "ResourceApplicationName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the application that is related to a finding.", - "title": "ResourceApplicationName", - "type": "array" - }, - "ResourceAwsEc2InstanceIamInstanceProfileArn": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The IAM profile ARN of the instance.", - "title": "ResourceAwsEc2InstanceIamInstanceProfileArn", - "type": "array" - }, - "ResourceAwsEc2InstanceImageId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The Amazon Machine Image (AMI) ID of the instance.", - "title": "ResourceAwsEc2InstanceImageId", - "type": "array" - }, - "ResourceAwsEc2InstanceIpV4Addresses": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The IPv4 addresses associated with the instance.", - "title": "ResourceAwsEc2InstanceIpV4Addresses", - "type": "array" - }, - "ResourceAwsEc2InstanceIpV6Addresses": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" - }, - "markdownDescription": "The IPv6 addresses associated with the instance.", - "title": "ResourceAwsEc2InstanceIpV6Addresses", - "type": "array" - }, - "ResourceAwsEc2InstanceKeyName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The key name associated with the instance.", - "title": "ResourceAwsEc2InstanceKeyName", - "type": "array" - }, - "ResourceAwsEc2InstanceLaunchedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "The date and time the instance was launched.", - "title": "ResourceAwsEc2InstanceLaunchedAt", - "type": "array" - }, - "ResourceAwsEc2InstanceSubnetId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier of the subnet that the instance was launched in.", - "title": "ResourceAwsEc2InstanceSubnetId", - "type": "array" - }, - "ResourceAwsEc2InstanceType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The instance type of the instance.", - "title": "ResourceAwsEc2InstanceType", - "type": "array" - }, - "ResourceAwsEc2InstanceVpcId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier of the VPC that the instance was launched in.", - "title": "ResourceAwsEc2InstanceVpcId", - "type": "array" - }, - "ResourceAwsIamAccessKeyCreatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "The creation date/time of the IAM access key related to a finding.", - "title": "ResourceAwsIamAccessKeyCreatedAt", - "type": "array" - }, - "ResourceAwsIamAccessKeyPrincipalName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the principal that is associated with an IAM access key.", - "title": "ResourceAwsIamAccessKeyPrincipalName", - "type": "array" - }, - "ResourceAwsIamAccessKeyStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The status of the IAM access key related to a finding.", - "title": "ResourceAwsIamAccessKeyStatus", - "type": "array" - }, - "ResourceAwsIamUserUserName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of an IAM user.", - "title": "ResourceAwsIamUserUserName", - "type": "array" - }, - "ResourceAwsS3BucketOwnerId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The canonical user ID of the owner of the S3 bucket.", - "title": "ResourceAwsS3BucketOwnerId", - "type": "array" - }, - "ResourceAwsS3BucketOwnerName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The display name of the owner of the S3 bucket.", - "title": "ResourceAwsS3BucketOwnerName", - "type": "array" - }, - "ResourceContainerImageId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The identifier of the image related to a finding.", - "title": "ResourceContainerImageId", - "type": "array" + "SourceName": { + "markdownDescription": "Source name of the natively supported AWS service that is supported as an Amazon Security Lake source. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", + "title": "SourceName", + "type": "string" }, - "ResourceContainerImageName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the image related to a finding.", - "title": "ResourceContainerImageName", - "type": "array" + "SourceVersion": { + "markdownDescription": "Source version of the natively supported AWS service that is supported as an Amazon Security Lake source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide.", + "title": "SourceVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber.CustomLogSource": { + "additionalProperties": false, + "properties": { + "SourceName": { + "markdownDescription": "The name of the custom log source.", + "title": "SourceName", + "type": "string" }, - "ResourceContainerLaunchedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that identifies when the container was started.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ResourceContainerLaunchedAt", - "type": "array" + "SourceVersion": { + "markdownDescription": "The source version of the custom log source.", + "title": "SourceVersion", + "type": "string" + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber.Source": { + "additionalProperties": false, + "properties": { + "AwsLogSource": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.AwsLogSource", + "markdownDescription": "The natively supported AWS service which is used a Amazon Security Lake source to collect logs and events from.", + "title": "AwsLogSource" }, - "ResourceContainerName": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The name of the container related to a finding.", - "title": "ResourceContainerName", - "type": "array" + "CustomLogSource": { + "$ref": "#/definitions/AWS::SecurityLake::Subscriber.CustomLogSource", + "markdownDescription": "The custom log source AWS which is used a Amazon Security Lake source to collect logs and events from.", + "title": "CustomLogSource" + } + }, + "type": "object" + }, + "AWS::SecurityLake::Subscriber.SubscriberIdentity": { + "additionalProperties": false, + "properties": { + "ExternalId": { + "markdownDescription": "The external ID is a unique identifier that the subscriber provides to you.", + "title": "ExternalId", + "type": "string" }, - "ResourceDetailsOther": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" - }, - "markdownDescription": "The details of a resource that doesn't have a specific subfield for the resource type defined.", - "title": "ResourceDetailsOther", - "type": "array" + "Principal": { + "markdownDescription": "Principals can include accounts, users, roles, federated users, or AWS services.", + "title": "Principal", + "type": "string" + } + }, + "required": [ + "ExternalId", + "Principal" + ], + "type": "object" + }, + "AWS::SecurityLake::SubscriberNotification": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "ResourceId": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The canonical identifier for the given resource type.", - "title": "ResourceId", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ResourcePartition": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The canonical AWS partition name that the Region is assigned to.", - "title": "ResourcePartition", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ResourceRegion": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The canonical AWS external Region name where this resource is located.", - "title": "ResourceRegion", - "type": "array" + "Metadata": { + "type": "object" }, - "ResourceTags": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" + "Properties": { + "additionalProperties": false, + "properties": { + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification.NotificationConfiguration", + "markdownDescription": "Specify the configurations you want to use for subscriber notification. The subscriber is notified when new data is written to the data lake for sources that the subscriber consumes in Security Lake .", + "title": "NotificationConfiguration" + }, + "SubscriberArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the Security Lake subscriber.", + "title": "SubscriberArn", + "type": "string" + } }, - "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.", - "title": "ResourceTags", - "type": "array" + "required": [ + "NotificationConfiguration", + "SubscriberArn" + ], + "type": "object" }, - "ResourceType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Specifies the type of the resource that details are provided for.", - "title": "ResourceType", - "type": "array" + "Type": { + "enum": [ + "AWS::SecurityLake::SubscriberNotification" + ], + "type": "string" }, - "Sample": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.BooleanFilter" - }, - "markdownDescription": "Indicates whether or not sample findings are included in the filter results.", - "title": "Sample", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::SecurityLake::SubscriberNotification.HttpsNotificationConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationApiKeyName": { + "markdownDescription": "The key name for the notification subscription.", + "title": "AuthorizationApiKeyName", + "type": "string" }, - "SeverityLabel": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The label of a finding's severity.", - "title": "SeverityLabel", - "type": "array" + "AuthorizationApiKeyValue": { + "markdownDescription": "The key value for the notification subscription.", + "title": "AuthorizationApiKeyValue", + "type": "string" }, - "SourceUrl": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "A URL that links to a page about the current finding in the security findings provider's solution.", - "title": "SourceUrl", - "type": "array" + "Endpoint": { + "markdownDescription": "The subscription endpoint in Security Lake . If you prefer notification with an HTTPS endpoint, populate this field.", + "title": "Endpoint", + "type": "string" }, - "ThreatIntelIndicatorCategory": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The category of a threat intelligence indicator.", - "title": "ThreatIntelIndicatorCategory", - "type": "array" + "HttpMethod": { + "markdownDescription": "The HTTPS method used for the notification subscription.", + "title": "HttpMethod", + "type": "string" }, - "ThreatIntelIndicatorLastObservedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that identifies the last observation of a threat intelligence indicator.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "ThreatIntelIndicatorLastObservedAt", - "type": "array" + "TargetRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the EventBridge API destinations IAM role that you created. For more information about ARNs and how to use them in policies, see [Managing data access](https://docs.aws.amazon.com///security-lake/latest/userguide/subscriber-data-access.html) and [AWS Managed Policies](https://docs.aws.amazon.com//security-lake/latest/userguide/security-iam-awsmanpol.html) in the *Amazon Security Lake User Guide* .", + "title": "TargetRoleArn", + "type": "string" + } + }, + "required": [ + "Endpoint", + "TargetRoleArn" + ], + "type": "object" + }, + "AWS::SecurityLake::SubscriberNotification.NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "HttpsNotificationConfiguration": { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification.HttpsNotificationConfiguration", + "markdownDescription": "The configurations used for HTTPS subscriber notification.", + "title": "HttpsNotificationConfiguration" }, - "ThreatIntelIndicatorSource": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The source of the threat intelligence.", - "title": "ThreatIntelIndicatorSource", - "type": "array" + "SqsNotificationConfiguration": { + "markdownDescription": "The configurations for SQS subscriber notification. The members of this structure are context-dependent.", + "title": "SqsNotificationConfiguration", + "type": "object" + } + }, + "type": "object" + }, + "AWS::ServiceCatalog::AcceptedPortfolioShare": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "ThreatIntelIndicatorSourceUrl": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The URL for more details from the source of the threat intelligence.", - "title": "ThreatIntelIndicatorSourceUrl", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ThreatIntelIndicatorType": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The type of a threat intelligence indicator.", - "title": "ThreatIntelIndicatorType", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ThreatIntelIndicatorValue": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The value of a threat intelligence indicator.", - "title": "ThreatIntelIndicatorValue", - "type": "array" + "Metadata": { + "type": "object" }, - "Title": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + } }, - "markdownDescription": "A finding's title.", - "title": "Title", - "type": "array" + "required": [ + "PortfolioId" + ], + "type": "object" }, "Type": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "A finding type in the format of `namespace/category/classifier` that classifies a finding.", - "title": "Type", - "type": "array" + "enum": [ + "AWS::ServiceCatalog::AcceptedPortfolioShare" + ], + "type": "string" }, - "UpdatedAt": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" - }, - "markdownDescription": "A timestamp that indicates when the security findings provider last updated the finding record.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "UpdatedAt", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::CloudFormationProduct": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "UserDefinedFields": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" - }, - "markdownDescription": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.", - "title": "UserDefinedFields", - "type": "array" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "VerificationState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The veracity of a finding.", - "title": "VerificationState", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "VulnerabilitiesExploitAvailable": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "Indicates whether a software vulnerability in your environment has a known exploit. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", - "title": "VulnerabilitiesExploitAvailable", - "type": "array" + "Metadata": { + "type": "object" }, - "VulnerabilitiesFixAvailable": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the product.", + "title": "Description", + "type": "string" + }, + "Distributor": { + "markdownDescription": "The distributor of the product.", + "title": "Distributor", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the product.", + "title": "Name", + "type": "string" + }, + "Owner": { + "markdownDescription": "The owner of the product.", + "title": "Owner", + "type": "string" + }, + "ProductType": { + "markdownDescription": "The type of product.", + "title": "ProductType", + "type": "string" + }, + "ProvisioningArtifactParameters": { + "items": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties" + }, + "markdownDescription": "The configuration of the provisioning artifact (also known as a version).", + "title": "ProvisioningArtifactParameters", + "type": "array" + }, + "ReplaceProvisioningArtifacts": { + "markdownDescription": "This property is turned off by default. If turned off, you can update provisioning artifacts or product attributes (such as description, distributor, name, owner, and more) and the associated provisioning artifacts will retain the same unique identifier. Provisioning artifacts are matched within the CloudFormationProduct resource, and only those that have been updated will be changed. Provisioning artifacts are matched by a combinaton of provisioning artifact template URL and name.\n\nIf turned on, provisioning artifacts will be given a new unique identifier when you update the product or provisioning artifacts.", + "title": "ReplaceProvisioningArtifacts", + "type": "boolean" + }, + "SourceConnection": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.SourceConnection", + "markdownDescription": "A top level `ProductViewDetail` response containing details about the product\u2019s connection. AWS Service Catalog returns this field for the `CreateProduct` , `UpdateProduct` , `DescribeProductAsAdmin` , and `SearchProductAsAdmin` APIs. This response contains the same fields as the `ConnectionParameters` request, with the addition of the `LastSync` response.", + "title": "SourceConnection" + }, + "SupportDescription": { + "markdownDescription": "The support information about the product.", + "title": "SupportDescription", + "type": "string" + }, + "SupportEmail": { + "markdownDescription": "The contact email for product support.", + "title": "SupportEmail", + "type": "string" + }, + "SupportUrl": { + "markdownDescription": "The contact URL for product support.\n\n`^https?:\\/\\//` / is the pattern used to validate SupportUrl.", + "title": "SupportUrl", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Indicates whether a vulnerability is fixed in a newer version of the affected software packages. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", - "title": "VulnerabilitiesFixAvailable", - "type": "array" + "required": [ + "Name", + "Owner" + ], + "type": "object" }, - "WorkflowState": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The workflow state of a finding.\n\nNote that this field is deprecated. To search for a finding based on its workflow status, use `WorkflowStatus` .", - "title": "WorkflowState", - "type": "array" + "Type": { + "enum": [ + "AWS::ServiceCatalog::CloudFormationProduct" + ], + "type": "string" }, - "WorkflowStatus": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" - }, - "markdownDescription": "The status of the investigation into a finding. Allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets the workflow status from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n\nIf one of the following occurs, the workflow status is changed automatically from `NOTIFIED` to `NEW` :\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n- `SUPPRESSED` - Indicates that you reviewed the finding and don't believe that any action is needed.\n\nThe workflow status of a `SUPPRESSED` finding does not change if `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n\nThe finding remains `RESOLVED` unless one of the following occurs:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n\nIn those cases, the workflow status is automatically reset to `NEW` .\n\nFor findings from controls, if `Compliance.Status` is `PASSED` , then Security Hub automatically sets the workflow status to `RESOLVED` .", - "title": "WorkflowStatus", - "type": "array" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::SecurityHub::Insight.BooleanFilter": { + "AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters": { "additionalProperties": false, "properties": { - "Value": { - "markdownDescription": "The value of the boolean.", - "title": "Value", - "type": "boolean" + "ArtifactPath": { + "markdownDescription": "The absolute path wehre the artifact resides within the repo and branch, formatted as \"folder/file.json.\"", + "title": "ArtifactPath", + "type": "string" + }, + "Branch": { + "markdownDescription": "The specific branch where the artifact resides.", + "title": "Branch", + "type": "string" + }, + "ConnectionArn": { + "markdownDescription": "The CodeStar ARN, which is the connection between AWS Service Catalog and the external repository.", + "title": "ConnectionArn", + "type": "string" + }, + "Repository": { + "markdownDescription": "The specific repository where the product\u2019s artifact-to-be-synced resides, formatted as \"Account/Repo.\"", + "title": "Repository", + "type": "string" } }, "required": [ - "Value" + "ArtifactPath", + "Branch", + "ConnectionArn", + "Repository" ], "type": "object" }, - "AWS::SecurityHub::Insight.DateFilter": { + "AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters": { "additionalProperties": false, "properties": { - "DateRange": { - "$ref": "#/definitions/AWS::SecurityHub::Insight.DateRange", - "markdownDescription": "A date range for the date filter.", - "title": "DateRange" + "CodeStar": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters", + "markdownDescription": "Provides `ConnectionType` details.", + "title": "CodeStar" + } + }, + "type": "object" + }, + "AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the provisioning artifact, including how it differs from the previous provisioning artifact.", + "title": "Description", + "type": "string" }, - "End": { - "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "End", + "DisableTemplateValidation": { + "markdownDescription": "If set to true, AWS Service Catalog stops validating the specified provisioning artifact even if it is invalid.", + "title": "DisableTemplateValidation", + "type": "boolean" + }, + "Info": { + "markdownDescription": "Specify the template source with one of the following options, but not both. Keys accepted: [ `LoadTemplateFromURL` , `ImportFromPhysicalId` ]\n\nThe URL of the AWS CloudFormation template in Amazon S3 in JSON format. Specify the URL in JSON format as follows:\n\n`\"LoadTemplateFromURL\": \"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/...\"`\n\n`ImportFromPhysicalId` : The physical id of the resource that contains the template. Currently only supports AWS CloudFormation stack arn. Specify the physical id in JSON format as follows: `ImportFromPhysicalId: \u201carn:aws:cloudformation:[us-east-1]:[accountId]:stack/[StackName]/[resourceId]`", + "title": "Info", + "type": "object" + }, + "Name": { + "markdownDescription": "The name of the provisioning artifact (for example, v1 v2beta). No spaces are allowed.", + "title": "Name", "type": "string" }, - "Start": { - "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nFor more information about the validation and formatting of timestamp fields in AWS Security Hub , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .", - "title": "Start", + "Type": { + "markdownDescription": "The type of provisioning artifact.\n\n- `CLOUD_FORMATION_TEMPLATE` - AWS CloudFormation template\n- `TERRAFORM_OPEN_SOURCE` - Terraform Open Source configuration file\n- `TERRAFORM_CLOUD` - Terraform Cloud configuration file\n- `EXTERNAL` - External configuration file", + "title": "Type", "type": "string" } }, + "required": [ + "Info" + ], "type": "object" }, - "AWS::SecurityHub::Insight.DateRange": { + "AWS::ServiceCatalog::CloudFormationProduct.SourceConnection": { "additionalProperties": false, "properties": { - "Unit": { - "markdownDescription": "A date range unit for the date filter.", - "title": "Unit", - "type": "string" + "ConnectionParameters": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters", + "markdownDescription": "The connection details based on the connection `Type` .", + "title": "ConnectionParameters" }, - "Value": { - "markdownDescription": "A date range value for the date filter.", - "title": "Value", - "type": "number" + "Type": { + "markdownDescription": "The only supported `SourceConnection` type is Codestar.", + "title": "Type", + "type": "string" } }, "required": [ - "Unit", - "Value" + "ConnectionParameters", + "Type" ], "type": "object" }, - "AWS::SecurityHub::Insight.IpFilter": { + "AWS::ServiceCatalog::CloudFormationProvisionedProduct": { "additionalProperties": false, "properties": { - "Cidr": { - "markdownDescription": "A finding's CIDR value.", - "title": "Cidr", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "NotificationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "Passed to AWS CloudFormation . The SNS topic ARNs to which to publish stack-related events.", + "title": "NotificationArns", + "type": "array" + }, + "PathId": { + "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", + "title": "PathId", + "type": "string" + }, + "PathName": { + "markdownDescription": "The name of the path. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", + "title": "PathName", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.\n\n> You must specify either the ID or the name of the product, but not both.", + "title": "ProductId", + "type": "string" + }, + "ProductName": { + "markdownDescription": "The name of the Service Catalog product.\n\nEach time a stack is created or updated, if `ProductName` is provided it will successfully resolve to `ProductId` as long as only one product exists in the account or Region with that `ProductName` .\n\n> You must specify either the name or the ID of the product, but not both.", + "title": "ProductName", + "type": "string" + }, + "ProvisionedProductName": { + "markdownDescription": "A user-friendly name for the provisioned product. This value must be unique for the AWS account and cannot be updated after the product is provisioned.", + "title": "ProvisionedProductName", + "type": "string" + }, + "ProvisioningArtifactId": { + "markdownDescription": "The identifier of the provisioning artifact (also known as a version).\n\n> You must specify either the ID or the name of the provisioning artifact, but not both.", + "title": "ProvisioningArtifactId", + "type": "string" + }, + "ProvisioningArtifactName": { + "markdownDescription": "The name of the provisioning artifact (also known as a version) for the product. This name must be unique for the product.\n\n> You must specify either the name or the ID of the provisioning artifact, but not both. You must also specify either the name or the ID of the product, but not both.", + "title": "ProvisioningArtifactName", + "type": "string" + }, + "ProvisioningParameters": { + "items": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter" + }, + "markdownDescription": "Parameters specified by the administrator that are required for provisioning the product.", + "title": "ProvisioningParameters", + "type": "array" + }, + "ProvisioningPreferences": { + "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences", + "markdownDescription": "StackSet preferences that are required for provisioning the product or updating a provisioned product.", + "title": "ProvisioningPreferences" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags.\n\n> Requires the provisioned product to have an [ResourceUpdateConstraint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-resourceupdateconstraint.html) resource with `TagUpdatesOnProvisionedProduct` set to `ALLOWED` to allow tag updates. If `RESOURCE_UPDATE` constraint is not present, tags updates are ignored.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::CloudFormationProvisionedProduct" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Cidr" + "Type" ], "type": "object" }, - "AWS::SecurityHub::Insight.MapFilter": { + "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", - "type": "string" - }, "Key": { - "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", + "markdownDescription": "The parameter key.", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", + "markdownDescription": "The parameter value.", "title": "Value", "type": "string" } }, "required": [ - "Comparison", "Key", "Value" ], "type": "object" }, - "AWS::SecurityHub::Insight.NumberFilter": { + "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences": { "additionalProperties": false, "properties": { - "Eq": { - "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", - "title": "Eq", + "StackSetAccounts": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more AWS accounts where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified accounts should be within the list of accounts from the `STACKSET` constraint. To get the list of accounts in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all acounts from the `STACKSET` constraint.", + "title": "StackSetAccounts", + "type": "array" + }, + "StackSetFailureToleranceCount": { + "markdownDescription": "The number of accounts, per Region, for which this operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.\n\nThe default value is `0` if no value is specified.", + "title": "StackSetFailureToleranceCount", "type": "number" }, - "Gte": { - "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", - "title": "Gte", + "StackSetFailureTolerancePercentage": { + "markdownDescription": "The percentage of accounts, per Region, for which this stack operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.", + "title": "StackSetFailureTolerancePercentage", "type": "number" }, - "Lte": { - "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", - "title": "Lte", + "StackSetMaxConcurrencyCount": { + "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `StackSetFailureToleranceCount` . `StackSetMaxConcurrentCount` is at most one more than the `StackSetFailureToleranceCount` .\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", + "title": "StackSetMaxConcurrencyCount", + "type": "number" + }, + "StackSetMaxConcurrencyPercentage": { + "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, AWS Service Catalog sets the number as `1` instead.\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", + "title": "StackSetMaxConcurrencyPercentage", "type": "number" + }, + "StackSetOperationType": { + "markdownDescription": "Determines what action AWS Service Catalog performs to a stack set or a stack instance represented by the provisioned product. The default value is `UPDATE` if nothing is specified.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\n- **CREATE** - Creates a new stack instance in the stack set represented by the provisioned product. In this case, only new stack instances are created based on accounts and Regions; if new ProductId or ProvisioningArtifactID are passed, they will be ignored.\n- **UPDATE** - Updates the stack set represented by the provisioned product and also its stack instances.\n- **DELETE** - Deletes a stack instance in the stack set represented by the provisioned product.", + "title": "StackSetOperationType", + "type": "string" + }, + "StackSetRegions": { + "items": { + "type": "string" + }, + "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", + "title": "StackSetRegions", + "type": "array" } }, "type": "object" }, - "AWS::SecurityHub::Insight.StringFilter": { + "AWS::ServiceCatalog::LaunchNotificationConstraint": { "additionalProperties": false, "properties": { - "Comparison": { - "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", - "title": "Comparison", + "Condition": { "type": "string" }, - "Value": { - "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", - "title": "Value", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "NotificationArns": { + "items": { + "type": "string" + }, + "markdownDescription": "The notification ARNs.", + "title": "NotificationArns", + "type": "array" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + } + }, + "required": [ + "NotificationArns", + "PortfolioId", + "ProductId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::LaunchNotificationConstraint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::LaunchRoleConstraint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "LocalRoleName": { + "markdownDescription": "You are required to specify either the `RoleArn` or the `LocalRoleName` but can't use both.\n\nIf you specify the `LocalRoleName` property, when an account uses the launch constraint, the IAM role with that name in the account will be used. This allows launch-role constraints to be account-agnostic so the administrator can create fewer resources per shared account.\n\nThe given role name must exist in the account used to create the launch constraint and the account of the user who launches a product with this launch constraint.", + "title": "LocalRoleName", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the launch role.\n\nYou are required to specify `RoleArn` or `LocalRoleName` but can't use both.", + "title": "RoleArn", + "type": "string" + } + }, + "required": [ + "PortfolioId", + "ProductId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::LaunchRoleConstraint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ServiceCatalog::LaunchTemplateConstraint": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "Rules": { + "markdownDescription": "The constraint rules.", + "title": "Rules", + "type": "string" + } + }, + "required": [ + "PortfolioId", + "ProductId", + "Rules" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::LaunchTemplateConstraint" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Comparison", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityHub::ProductSubscription": { + "AWS::ServiceCatalog::Portfolio": { "additionalProperties": false, "properties": { "Condition": { @@ -256444,20 +307090,44 @@ "Properties": { "additionalProperties": false, "properties": { - "ProductArn": { - "markdownDescription": "The ARN of the product to enable the integration for.", - "title": "ProductArn", + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the portfolio.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The name to use for display purposes.", + "title": "DisplayName", "type": "string" + }, + "ProviderName": { + "markdownDescription": "The name of the portfolio provider.", + "title": "ProviderName", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "One or more tags.", + "title": "Tags", + "type": "array" } }, "required": [ - "ProductArn" + "DisplayName", + "ProviderName" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::ProductSubscription" + "AWS::ServiceCatalog::Portfolio" ], "type": "string" }, @@ -256476,7 +307146,7 @@ ], "type": "object" }, - "AWS::SecurityHub::Standard": { + "AWS::ServiceCatalog::PortfolioPrincipalAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -256511,28 +307181,37 @@ "Properties": { "additionalProperties": false, "properties": { - "DisabledStandardsControls": { - "items": { - "$ref": "#/definitions/AWS::SecurityHub::Standard.StandardsControl" - }, - "markdownDescription": "Specifies which controls are to be disabled in a standard.\n\n*Maximum* : `100`", - "title": "DisabledStandardsControls", - "type": "array" + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" }, - "StandardsArn": { - "markdownDescription": "The ARN of the standard that you want to enable. To view a list of available Security Hub standards and their ARNs, use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.", - "title": "StandardsArn", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "PrincipalARN": { + "markdownDescription": "The ARN of the principal ( IAM user, role, or group).", + "title": "PrincipalARN", + "type": "string" + }, + "PrincipalType": { + "markdownDescription": "The principal type. The supported values are `IAM` and `IAM_PATTERN` .", + "title": "PrincipalType", "type": "string" } }, "required": [ - "StandardsArn" + "PortfolioId", + "PrincipalARN", + "PrincipalType" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityHub::Standard" + "AWS::ServiceCatalog::PortfolioPrincipalAssociation" ], "type": "string" }, @@ -256551,26 +307230,7 @@ ], "type": "object" }, - "AWS::SecurityHub::Standard.StandardsControl": { - "additionalProperties": false, - "properties": { - "Reason": { - "markdownDescription": "A user-defined reason for changing a control's enablement status in a specified standard. If you are disabling a control, then this property is required.", - "title": "Reason", - "type": "string" - }, - "StandardsControlArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the control.", - "title": "StandardsControlArn", - "type": "string" - } - }, - "required": [ - "StandardsControlArn" - ], - "type": "object" - }, - "AWS::SecurityLake::AwsLogSource": { + "AWS::ServiceCatalog::PortfolioProductAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -256605,40 +307265,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Accounts": { - "items": { - "type": "string" - }, - "markdownDescription": "Specify the AWS account information where you want to enable Security Lake.", - "title": "Accounts", - "type": "array" + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" }, - "DataLakeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", - "title": "DataLakeArn", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", "type": "string" }, - "SourceName": { - "markdownDescription": "The name for a AWS source. This must be a Regionally unique value. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", - "title": "SourceName", + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", "type": "string" }, - "SourceVersion": { - "markdownDescription": "The version for a AWS source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide. This must be a Regionally unique value.", - "title": "SourceVersion", + "SourcePortfolioId": { + "markdownDescription": "The identifier of the source portfolio.", + "title": "SourcePortfolioId", "type": "string" } }, "required": [ - "DataLakeArn", - "SourceName", - "SourceVersion" + "PortfolioId", + "ProductId" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityLake::AwsLogSource" + "AWS::ServiceCatalog::PortfolioProductAssociation" ], "type": "string" }, @@ -256657,7 +307313,7 @@ ], "type": "object" }, - "AWS::SecurityLake::DataLake": { + "AWS::ServiceCatalog::PortfolioShare": { "additionalProperties": false, "properties": { "Condition": { @@ -256692,40 +307348,36 @@ "Properties": { "additionalProperties": false, "properties": { - "EncryptionConfiguration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.EncryptionConfiguration", - "markdownDescription": "Provides encryption details of the Amazon Security Lake object.", - "title": "EncryptionConfiguration" - }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.LifecycleConfiguration", - "markdownDescription": "You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see [Lifecycle management](https://docs.aws.amazon.com//security-lake/latest/userguide/lifecycle-management.html) in the Amazon Security Lake User Guide.", - "title": "LifecycleConfiguration" + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" }, - "MetaStoreManagerRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.", - "title": "MetaStoreManagerRoleArn", + "AccountId": { + "markdownDescription": "The AWS account ID. For example, `123456789012` .", + "title": "AccountId", "type": "string" }, - "ReplicationConfiguration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.ReplicationConfiguration", - "markdownDescription": "Provides replication details of Amazon Security Lake object.", - "title": "ReplicationConfiguration" + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", - "title": "Tags", - "type": "array" + "ShareTagOptions": { + "markdownDescription": "Indicates whether TagOptions sharing is enabled or disabled for the portfolio share.", + "title": "ShareTagOptions", + "type": "boolean" } }, + "required": [ + "AccountId", + "PortfolioId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityLake::DataLake" + "AWS::ServiceCatalog::PortfolioShare" ], "type": "string" }, @@ -256739,87 +307391,101 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::SecurityLake::DataLake.EncryptionConfiguration": { + "AWS::ServiceCatalog::ResourceUpdateConstraint": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The ID of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.", - "title": "KmsKeyId", + "Condition": { "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.Expiration": { - "additionalProperties": false, - "properties": { - "Days": { - "markdownDescription": "The number of days before data expires in the Amazon Security Lake object.", - "title": "Days", - "type": "number" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.LifecycleConfiguration": { - "additionalProperties": false, - "properties": { - "Expiration": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.Expiration", - "markdownDescription": "Provides data expiration details of the Amazon Security Lake object.", - "title": "Expiration" }, - "Transitions": { - "items": { - "$ref": "#/definitions/AWS::SecurityLake::DataLake.Transitions" - }, - "markdownDescription": "Provides data storage transition details of Amazon Security Lake object. By configuring these settings, you can specify your preferred Amazon S3 storage class and the time period for S3 objects to stay in that storage class before they transition to a different storage class.", - "title": "Transitions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.ReplicationConfiguration": { - "additionalProperties": false, - "properties": { - "Regions": { - "items": { - "type": "string" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" + }, + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", + "type": "string" + }, + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", + "type": "string" + }, + "TagUpdateOnProvisionedProduct": { + "markdownDescription": "If set to `ALLOWED` , lets users change tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.\n\nIf set to `NOT_ALLOWED` , prevents users from changing tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.", + "title": "TagUpdateOnProvisionedProduct", + "type": "string" + } }, - "markdownDescription": "Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the `CreateDataLake` or `UpdateDataLake` operations contributes data to the rollup Region or Regions specified in this parameter.\n\nReplication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.", - "title": "Regions", - "type": "array" + "required": [ + "PortfolioId", + "ProductId", + "TagUpdateOnProvisionedProduct" + ], + "type": "object" }, - "RoleArn": { - "markdownDescription": "Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake , to ensure the replication setting is correct.", - "title": "RoleArn", + "Type": { + "enum": [ + "AWS::ServiceCatalog::ResourceUpdateConstraint" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::DataLake.Transitions": { - "additionalProperties": false, - "properties": { - "Days": { - "markdownDescription": "The number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.", - "title": "Days", - "type": "number" }, - "StorageClass": { - "markdownDescription": "The list of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads. The default storage class is *S3 Standard* . For information about other storage classes, see [Setting the storage class of an object](https://docs.aws.amazon.com/AmazonS3/latest/userguide/sc-howtoset.html) in the *Amazon S3 User Guide* .", - "title": "StorageClass", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::SecurityLake::Subscriber": { + "AWS::ServiceCatalog::ServiceAction": { "additionalProperties": false, "properties": { "Condition": { @@ -256854,63 +307520,45 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessTypes": { - "items": { - "type": "string" - }, - "markdownDescription": "You can choose to notify subscribers of new objects with an Amazon Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the subscriber.\n\nSubscribers can consume data by directly querying AWS Lake Formation tables in your Amazon S3 bucket through services like Amazon Athena. This subscription type is defined as `LAKEFORMATION` .", - "title": "AccessTypes", - "type": "array" - }, - "DataLakeArn": { - "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", - "title": "DataLakeArn", + "AcceptLanguage": { + "markdownDescription": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese", + "title": "AcceptLanguage", "type": "string" }, - "Sources": { + "Definition": { "items": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.Source" + "$ref": "#/definitions/AWS::ServiceCatalog::ServiceAction.DefinitionParameter" }, - "markdownDescription": "Amazon Security Lake supports log and event collection for natively supported AWS services . For more information, see the [Amazon Security Lake User Guide](https://docs.aws.amazon.com//security-lake/latest/userguide/source-management.html) .", - "title": "Sources", + "markdownDescription": "A map that defines the self-service action.", + "title": "Definition", "type": "array" }, - "SubscriberDescription": { - "markdownDescription": "The subscriber descriptions for a subscriber account. The description for a subscriber includes `subscriberName` , `accountID` , `externalID` , and `subscriberId` .", - "title": "SubscriberDescription", + "DefinitionType": { + "markdownDescription": "The self-service action definition type. For example, `SSM_AUTOMATION` .", + "title": "DefinitionType", "type": "string" }, - "SubscriberIdentity": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.SubscriberIdentity", - "markdownDescription": "The AWS identity used to access your data.", - "title": "SubscriberIdentity" - }, - "SubscriberName": { - "markdownDescription": "The name of your Amazon Security Lake subscriber account.", - "title": "SubscriberName", + "Description": { + "markdownDescription": "The self-service action description.", + "title": "Description", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of objects, one for each tag to associate with the subscriber. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", - "title": "Tags", - "type": "array" + "Name": { + "markdownDescription": "The self-service action name.", + "title": "Name", + "type": "string" } }, "required": [ - "AccessTypes", - "DataLakeArn", - "Sources", - "SubscriberIdentity", - "SubscriberName" + "Definition", + "DefinitionType", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::SecurityLake::Subscriber" + "AWS::ServiceCatalog::ServiceAction" ], "type": "string" }, @@ -256929,75 +307577,27 @@ ], "type": "object" }, - "AWS::SecurityLake::Subscriber.AwsLogSource": { - "additionalProperties": false, - "properties": { - "SourceName": { - "markdownDescription": "Source name of the natively supported AWS service that is supported as an Amazon Security Lake source. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", - "title": "SourceName", - "type": "string" - }, - "SourceVersion": { - "markdownDescription": "Source version of the natively supported AWS service that is supported as an Amazon Security Lake source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide.", - "title": "SourceVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::Subscriber.CustomLogSource": { - "additionalProperties": false, - "properties": { - "SourceName": { - "markdownDescription": "The name of the custom log source.", - "title": "SourceName", - "type": "string" - }, - "SourceVersion": { - "markdownDescription": "The source version of the custom log source.", - "title": "SourceVersion", - "type": "string" - } - }, - "type": "object" - }, - "AWS::SecurityLake::Subscriber.Source": { - "additionalProperties": false, - "properties": { - "AwsLogSource": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.AwsLogSource", - "markdownDescription": "The natively supported AWS service which is used a Amazon Security Lake source to collect logs and events from.", - "title": "AwsLogSource" - }, - "CustomLogSource": { - "$ref": "#/definitions/AWS::SecurityLake::Subscriber.CustomLogSource", - "markdownDescription": "The custom log source AWS which is used a Amazon Security Lake source to collect logs and events from.", - "title": "CustomLogSource" - } - }, - "type": "object" - }, - "AWS::SecurityLake::Subscriber.SubscriberIdentity": { + "AWS::ServiceCatalog::ServiceAction.DefinitionParameter": { "additionalProperties": false, "properties": { - "ExternalId": { - "markdownDescription": "The external ID is a unique identifier that the subscriber provides to you.", - "title": "ExternalId", + "Key": { + "markdownDescription": "The parameter key.", + "title": "Key", "type": "string" }, - "Principal": { - "markdownDescription": "Principals can include accounts, users, roles, federated users, or AWS services.", - "title": "Principal", + "Value": { + "markdownDescription": "The value of the parameter.", + "title": "Value", "type": "string" } }, "required": [ - "ExternalId", - "Principal" + "Key", + "Value" ], "type": "object" }, - "AWS::ServiceCatalog::AcceptedPortfolioShare": { + "AWS::ServiceCatalog::ServiceActionAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -257032,25 +307632,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", + "ProductId": { + "markdownDescription": "The product identifier. For example, `prod-abcdzk7xy33qa` .", + "title": "ProductId", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "ProvisioningArtifactId": { + "markdownDescription": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` .", + "title": "ProvisioningArtifactId", + "type": "string" + }, + "ServiceActionId": { + "markdownDescription": "The self-service action identifier. For example, `act-fs7abcd89wxyz` .", + "title": "ServiceActionId", "type": "string" } }, "required": [ - "PortfolioId" + "ProductId", + "ProvisioningArtifactId", + "ServiceActionId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::AcceptedPortfolioShare" + "AWS::ServiceCatalog::ServiceActionAssociation" ], "type": "string" }, @@ -257069,7 +307676,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProduct": { + "AWS::ServiceCatalog::StackSetConstraint": { "additionalProperties": false, "properties": { "Condition": { @@ -257109,82 +307716,68 @@ "title": "AcceptLanguage", "type": "string" }, - "Description": { - "markdownDescription": "The description of the product.", - "title": "Description", - "type": "string" - }, - "Distributor": { - "markdownDescription": "The distributor of the product.", - "title": "Distributor", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the product.", - "title": "Name", - "type": "string" - }, - "Owner": { - "markdownDescription": "The owner of the product.", - "title": "Owner", - "type": "string" - }, - "ProductType": { - "markdownDescription": "The type of product.", - "title": "ProductType", - "type": "string" - }, - "ProvisioningArtifactParameters": { + "AccountList": { "items": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties" + "type": "string" }, - "markdownDescription": "The configuration of the provisioning artifact (also known as a version).", - "title": "ProvisioningArtifactParameters", + "markdownDescription": "One or more AWS accounts that will have access to the provisioned product.", + "title": "AccountList", "type": "array" }, - "ReplaceProvisioningArtifacts": { - "markdownDescription": "This property is turned off by default. If turned off, you can update provisioning artifacts or product attributes (such as description, distributor, name, owner, and more) and the associated provisioning artifacts will retain the same unique identifier. Provisioning artifacts are matched within the CloudFormationProduct resource, and only those that have been updated will be changed. Provisioning artifacts are matched by a combinaton of provisioning artifact template URL and name.\n\nIf turned on, provisioning artifacts will be given a new unique identifier when you update the product or provisioning artifacts.", - "title": "ReplaceProvisioningArtifacts", - "type": "boolean" + "AdminRole": { + "markdownDescription": "AdminRole ARN", + "title": "AdminRole", + "type": "string" }, - "SourceConnection": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.SourceConnection", - "markdownDescription": "A top level `ProductViewDetail` response containing details about the product\u2019s connection. AWS Service Catalog returns this field for the `CreateProduct` , `UpdateProduct` , `DescribeProductAsAdmin` , and `SearchProductAsAdmin` APIs. This response contains the same fields as the `ConnectionParameters` request, with the addition of the `LastSync` response.", - "title": "SourceConnection" + "Description": { + "markdownDescription": "The description of the constraint.", + "title": "Description", + "type": "string" }, - "SupportDescription": { - "markdownDescription": "The support information about the product.", - "title": "SupportDescription", + "ExecutionRole": { + "markdownDescription": "ExecutionRole name", + "title": "ExecutionRole", "type": "string" }, - "SupportEmail": { - "markdownDescription": "The contact email for product support.", - "title": "SupportEmail", + "PortfolioId": { + "markdownDescription": "The portfolio identifier.", + "title": "PortfolioId", "type": "string" }, - "SupportUrl": { - "markdownDescription": "The contact URL for product support.\n\n`^https?:\\/\\//` / is the pattern used to validate SupportUrl.", - "title": "SupportUrl", + "ProductId": { + "markdownDescription": "The product identifier.", + "title": "ProductId", "type": "string" }, - "Tags": { + "RegionList": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "One or more tags.", - "title": "Tags", + "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", + "title": "RegionList", "type": "array" + }, + "StackInstanceControl": { + "markdownDescription": "Permission to create, update, and delete stack instances. Choose from ALLOWED and NOT_ALLOWED.", + "title": "StackInstanceControl", + "type": "string" } }, "required": [ - "Name", - "Owner" + "AccountList", + "AdminRole", + "Description", + "ExecutionRole", + "PortfolioId", + "ProductId", + "RegionList", + "StackInstanceControl" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::CloudFormationProduct" + "AWS::ServiceCatalog::StackSetConstraint" ], "type": "string" }, @@ -257203,104 +307796,158 @@ ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters": { + "AWS::ServiceCatalog::TagOption": { "additionalProperties": false, "properties": { - "ArtifactPath": { - "markdownDescription": "The absolute path wehre the artifact resides within the repo and branch, formatted as \"folder/file.json.\"", - "title": "ArtifactPath", + "Condition": { "type": "string" }, - "Branch": { - "markdownDescription": "The specific branch where the artifact resides.", - "title": "Branch", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ConnectionArn": { - "markdownDescription": "The CodeStar ARN, which is the connection between AWS Service Catalog and the external repository.", - "title": "ConnectionArn", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Active": { + "markdownDescription": "The TagOption active state.", + "title": "Active", + "type": "boolean" + }, + "Key": { + "markdownDescription": "The TagOption key.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The TagOption value.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ServiceCatalog::TagOption" + ], "type": "string" }, - "Repository": { - "markdownDescription": "The specific repository where the product\u2019s artifact-to-be-synced resides, formatted as \"Account/Repo.\"", - "title": "Repository", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ArtifactPath", - "Branch", - "ConnectionArn", - "Repository" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters": { - "additionalProperties": false, - "properties": { - "CodeStar": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters", - "markdownDescription": "Provides `ConnectionType` details.", - "title": "CodeStar" - } - }, - "type": "object" - }, - "AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties": { + "AWS::ServiceCatalog::TagOptionAssociation": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the provisioning artifact, including how it differs from the previous provisioning artifact.", - "title": "Description", + "Condition": { "type": "string" }, - "DisableTemplateValidation": { - "markdownDescription": "If set to true, AWS Service Catalog stops validating the specified provisioning artifact even if it is invalid.", - "title": "DisableTemplateValidation", - "type": "boolean" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "Info": { - "markdownDescription": "Specify the template source with one of the following options, but not both. Keys accepted: [ `LoadTemplateFromURL` , `ImportFromPhysicalId` ]\n\nThe URL of the AWS CloudFormation template in Amazon S3 in JSON format. Specify the URL in JSON format as follows:\n\n`\"LoadTemplateFromURL\": \"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/...\"`\n\n`ImportFromPhysicalId` : The physical id of the resource that contains the template. Currently only supports AWS CloudFormation stack arn. Specify the physical id in JSON format as follows: `ImportFromPhysicalId: \u201carn:aws:cloudformation:[us-east-1]:[accountId]:stack/[StackName]/[resourceId]`", - "title": "Info", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { "type": "object" }, - "Name": { - "markdownDescription": "The name of the provisioning artifact (for example, v1 v2beta). No spaces are allowed.", - "title": "Name", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceId": { + "markdownDescription": "The resource identifier.", + "title": "ResourceId", + "type": "string" + }, + "TagOptionId": { + "markdownDescription": "The TagOption identifier.", + "title": "TagOptionId", + "type": "string" + } + }, + "required": [ + "ResourceId", + "TagOptionId" + ], + "type": "object" }, "Type": { - "markdownDescription": "The type of provisioning artifact.\n\n- `CLOUD_FORMATION_TEMPLATE` - AWS CloudFormation template\n- `TERRAFORM_OPEN_SOURCE` - Terraform Open Source configuration file\n- `TERRAFORM_CLOUD` - Terraform Cloud configuration file\n- `EXTERNAL` - External configuration file", - "title": "Type", + "enum": [ + "AWS::ServiceCatalog::TagOptionAssociation" + ], "type": "string" - } - }, - "required": [ - "Info" - ], - "type": "object" - }, - "AWS::ServiceCatalog::CloudFormationProduct.SourceConnection": { - "additionalProperties": false, - "properties": { - "ConnectionParameters": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters", - "markdownDescription": "The connection details based on the connection `Type` .", - "title": "ConnectionParameters" }, - "Type": { - "markdownDescription": "The only supported `SourceConnection` type is Codestar.", - "title": "Type", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "ConnectionParameters", - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProvisionedProduct": { + "AWS::ServiceCatalogAppRegistry::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -257335,81 +307982,36 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "NotificationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "Passed to AWS CloudFormation . The SNS topic ARNs to which to publish stack-related events.", - "title": "NotificationArns", - "type": "array" - }, - "PathId": { - "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", - "title": "PathId", - "type": "string" - }, - "PathName": { - "markdownDescription": "The name of the path. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", - "title": "PathName", - "type": "string" - }, - "ProductId": { - "markdownDescription": "The product identifier.\n\n> You must specify either the ID or the name of the product, but not both.", - "title": "ProductId", - "type": "string" - }, - "ProductName": { - "markdownDescription": "The name of the Service Catalog product.\n\nEach time a stack is created or updated, if `ProductName` is provided it will successfully resolve to `ProductId` as long as only one product exists in the account or Region with that `ProductName` .\n\n> You must specify either the name or the ID of the product, but not both.", - "title": "ProductName", - "type": "string" - }, - "ProvisionedProductName": { - "markdownDescription": "A user-friendly name for the provisioned product. This value must be unique for the AWS account and cannot be updated after the product is provisioned.", - "title": "ProvisionedProductName", - "type": "string" - }, - "ProvisioningArtifactId": { - "markdownDescription": "The identifier of the provisioning artifact (also known as a version).\n\n> You must specify either the ID or the name of the provisioning artifact, but not both.", - "title": "ProvisioningArtifactId", + "Description": { + "markdownDescription": "The description of the application.", + "title": "Description", "type": "string" }, - "ProvisioningArtifactName": { - "markdownDescription": "The name of the provisioning artifact (also known as a version) for the product. This name must be unique for the product.\n\n> You must specify either the name or the ID of the provisioning artifact, but not both. You must also specify either the name or the ID of the product, but not both.", - "title": "ProvisioningArtifactName", + "Name": { + "markdownDescription": "The name of the application. The name must be unique in the region in which you are creating the application.", + "title": "Name", "type": "string" }, - "ProvisioningParameters": { - "items": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter" - }, - "markdownDescription": "Parameters specified by the administrator that are required for provisioning the product.", - "title": "ProvisioningParameters", - "type": "array" - }, - "ProvisioningPreferences": { - "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences", - "markdownDescription": "StackSet preferences that are required for provisioning the product or updating a provisioned product.", - "title": "ProvisioningPreferences" - }, "Tags": { - "items": { - "$ref": "#/definitions/Tag" + "additionalProperties": true, + "markdownDescription": "Key-value pairs you can use to associate with the application.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "One or more tags.\n\n> Requires the provisioned product to have an [ResourceUpdateConstraint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-resourceupdateconstraint.html) resource with `TagUpdatesOnProvisionedProduct` set to `ALLOWED` to allow tag updates. If `RESOURCE_UPDATE` constraint is not present, tags updates are ignored.", "title": "Tags", - "type": "array" + "type": "object" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::CloudFormationProvisionedProduct" + "AWS::ServiceCatalogAppRegistry::Application" ], "type": "string" }, @@ -257423,78 +308025,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The parameter key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The parameter value.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences": { - "additionalProperties": false, - "properties": { - "StackSetAccounts": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more AWS accounts where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified accounts should be within the list of accounts from the `STACKSET` constraint. To get the list of accounts in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all acounts from the `STACKSET` constraint.", - "title": "StackSetAccounts", - "type": "array" - }, - "StackSetFailureToleranceCount": { - "markdownDescription": "The number of accounts, per Region, for which this operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.\n\nThe default value is `0` if no value is specified.", - "title": "StackSetFailureToleranceCount", - "type": "number" - }, - "StackSetFailureTolerancePercentage": { - "markdownDescription": "The percentage of accounts, per Region, for which this stack operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.", - "title": "StackSetFailureTolerancePercentage", - "type": "number" - }, - "StackSetMaxConcurrencyCount": { - "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `StackSetFailureToleranceCount` . `StackSetMaxConcurrentCount` is at most one more than the `StackSetFailureToleranceCount` .\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", - "title": "StackSetMaxConcurrencyCount", - "type": "number" - }, - "StackSetMaxConcurrencyPercentage": { - "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, AWS Service Catalog sets the number as `1` instead.\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", - "title": "StackSetMaxConcurrencyPercentage", - "type": "number" - }, - "StackSetOperationType": { - "markdownDescription": "Determines what action AWS Service Catalog performs to a stack set or a stack instance represented by the provisioned product. The default value is `UPDATE` if nothing is specified.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\n- **CREATE** - Creates a new stack instance in the stack set represented by the provisioned product. In this case, only new stack instances are created based on accounts and Regions; if new ProductId or ProvisioningArtifactID are passed, they will be ignored.\n- **UPDATE** - Updates the stack set represented by the provisioned product and also its stack instances.\n- **DELETE** - Deletes a stack instance in the stack set represented by the provisioned product.", - "title": "StackSetOperationType", - "type": "string" - }, - "StackSetRegions": { - "items": { - "type": "string" - }, - "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", - "title": "StackSetRegions", - "type": "array" - } - }, - "type": "object" - }, - "AWS::ServiceCatalog::LaunchNotificationConstraint": { + "AWS::ServiceCatalogAppRegistry::AttributeGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -257529,45 +308065,42 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" + "Attributes": { + "markdownDescription": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.", + "title": "Attributes", + "type": "object" }, "Description": { - "markdownDescription": "The description of the constraint.", + "markdownDescription": "The description of the attribute group that the user provides.", "title": "Description", "type": "string" }, - "NotificationArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The notification ARNs.", - "title": "NotificationArns", - "type": "array" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Name": { + "markdownDescription": "The name of the attribute group.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", - "type": "string" + "Tags": { + "additionalProperties": true, + "markdownDescription": "Key-value pairs you can use to associate with the attribute group.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" } }, "required": [ - "NotificationArns", - "PortfolioId", - "ProductId" + "Attributes", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchNotificationConstraint" + "AWS::ServiceCatalogAppRegistry::AttributeGroup" ], "type": "string" }, @@ -257586,7 +308119,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::LaunchRoleConstraint": { + "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -257621,46 +308154,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the constraint.", - "title": "Description", - "type": "string" - }, - "LocalRoleName": { - "markdownDescription": "You are required to specify either the `RoleArn` or the `LocalRoleName` but can't use both.\n\nIf you specify the `LocalRoleName` property, when an account uses the launch constraint, the IAM role with that name in the account will be used. This allows launch-role constraints to be account-agnostic so the administrator can create fewer resources per shared account.\n\nThe given role name must exist in the account used to create the launch constraint and the account of the user who launches a product with this launch constraint.", - "title": "LocalRoleName", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" - }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "Application": { + "markdownDescription": "The name or ID of the application.", + "title": "Application", "type": "string" }, - "RoleArn": { - "markdownDescription": "The ARN of the launch role.\n\nYou are required to specify `RoleArn` or `LocalRoleName` but can't use both.", - "title": "RoleArn", + "AttributeGroup": { + "markdownDescription": "The name or ID of the attribute group which holds the attributes that describe the application.", + "title": "AttributeGroup", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId" + "Application", + "AttributeGroup" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchRoleConstraint" + "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation" ], "type": "string" }, @@ -257679,7 +308192,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::LaunchTemplateConstraint": { + "AWS::ServiceCatalogAppRegistry::ResourceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -257714,42 +308227,32 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the constraint.", - "title": "Description", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Application": { + "markdownDescription": "The name or ID of the application.", + "title": "Application", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "Resource": { + "markdownDescription": "The name or ID of the resource of which the application will be associated.", + "title": "Resource", "type": "string" }, - "Rules": { - "markdownDescription": "The constraint rules.", - "title": "Rules", + "ResourceType": { + "markdownDescription": "The type of resource of which the application will be associated.", + "title": "ResourceType", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId", - "Rules" + "Application", + "Resource", + "ResourceType" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::LaunchTemplateConstraint" + "AWS::ServiceCatalogAppRegistry::ResourceAssociation" ], "type": "string" }, @@ -257768,7 +308271,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::Portfolio": { + "AWS::ServiceDiscovery::HttpNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -257803,44 +308306,33 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the portfolio.", + "markdownDescription": "A description for the namespace.", "title": "Description", "type": "string" }, - "DisplayName": { - "markdownDescription": "The name to use for display purposes.", - "title": "DisplayName", - "type": "string" - }, - "ProviderName": { - "markdownDescription": "The name of the portfolio provider.", - "title": "ProviderName", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace.", + "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more tags.", + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" } }, "required": [ - "DisplayName", - "ProviderName" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::Portfolio" + "AWS::ServiceDiscovery::HttpNamespace" ], "type": "string" }, @@ -257859,7 +308351,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioPrincipalAssociation": { + "AWS::ServiceDiscovery::Instance": { "additionalProperties": false, "properties": { "Condition": { @@ -257894,37 +308386,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" + "InstanceAttributes": { + "markdownDescription": "A string map that contains the following information for the service that you specify in `ServiceId` :\n\n- The attributes that apply to the records that are defined in the service.\n- For each attribute, the applicable value.\n\nSupported attribute keys include the following:\n\n- **AWS_ALIAS_DNS_NAME** - If you want AWS Cloud Map to create a Route\u00a053 alias record that routes traffic to an Elastic Load Balancing load balancer, specify the DNS name that is associated with the load balancer. For information about how to get the DNS name, see [AliasTarget->DNSName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html#Route53-Type-AliasTarget-DNSName) in the *Route\u00a053 API Reference* .\n\nNote the following:\n\n- The configuration for the service that is specified by `ServiceId` must include settings for an `A` record, an `AAAA` record, or both.\n- In the service that is specified by `ServiceId` , the value of `RoutingPolicy` must be `WEIGHTED` .\n- If the service that is specified by `ServiceId` includes `HealthCheckConfig` settings, AWS Cloud Map will create the health check, but it won't associate the health check with the alias record.\n- Auto naming currently doesn't support creating alias records that route traffic to AWS resources other than ELB load balancers.\n- If you specify a value for `AWS_ALIAS_DNS_NAME` , don't specify values for any of the `AWS_INSTANCE` attributes.\n- **AWS_EC2_INSTANCE_ID** - *HTTP namespaces only.* The Amazon EC2 instance ID for the instance. The `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address. When creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) , if the `AWS_EC2_INSTANCE_ID` attribute is specified, the only other attribute that can be specified is `AWS_INIT_HEALTH_STATUS` . After the resource has been created, the `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address.\n- **AWS_INIT_HEALTH_STATUS** - If the service configuration includes `HealthCheckCustomConfig` , when creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) you can optionally use `AWS_INIT_HEALTH_STATUS` to specify the initial status of the custom health check, `HEALTHY` or `UNHEALTHY` . If you don't specify a value for `AWS_INIT_HEALTH_STATUS` , the initial status is `HEALTHY` . This attribute can only be used when creating resources and will not be seen on existing resources.\n- **AWS_INSTANCE_CNAME** - If the service configuration includes a `CNAME` record, the domain name that you want Route\u00a053 to return in response to DNS queries, for example, `example.com` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `CNAME` record.\n- **AWS_INSTANCE_IPV4** - If the service configuration includes an `A` record, the IPv4 address that you want Route\u00a053 to return in response to DNS queries, for example, `192.0.2.44` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `A` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_IPV6** - If the service configuration includes an `AAAA` record, the IPv6 address that you want Route\u00a053 to return in response to DNS queries, for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `AAAA` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_PORT** - If the service includes an `SRV` record, the value that you want Route\u00a053 to return for the port.\n\nIf the service includes `HealthCheckConfig` , the port on the endpoint that you want Route\u00a053 to send requests to.\n\nThis value is required if you specified settings for an `SRV` record or a Route\u00a053 health check when you created the service.", + "title": "InstanceAttributes", + "type": "object" }, - "PrincipalARN": { - "markdownDescription": "The ARN of the principal ( IAM user, role, or group).", - "title": "PrincipalARN", + "InstanceId": { + "markdownDescription": "An identifier that you want to associate with the instance. Note the following:\n\n- If the service that's specified by `ServiceId` includes settings for an `SRV` record, the value of `InstanceId` is automatically included as part of the value for the `SRV` record. For more information, see [DnsRecord > Type](https://docs.aws.amazon.com/cloud-map/latest/api/API_DnsRecord.html#cloudmap-Type-DnsRecord-Type) .\n- You can use this value to update an existing instance.\n- To register a new instance, you must specify a value that's unique among instances that you register by using the same service.\n- If you specify an existing `InstanceId` and `ServiceId` , AWS Cloud Map updates the existing DNS records, if any. If there's also an existing health check, AWS Cloud Map deletes the old health check and creates a new one.\n\n> The health check isn't deleted immediately, so it will still appear for a while if you submit a `ListHealthChecks` request, for example.\n\n> Do not include sensitive information in `InstanceId` if the namespace is discoverable by public DNS queries and any `Type` member of `DnsRecord` for the service contains `SRV` because the `InstanceId` is discoverable by public DNS queries.", + "title": "InstanceId", "type": "string" }, - "PrincipalType": { - "markdownDescription": "The principal type. The supported values are `IAM` and `IAM_PATTERN` .", - "title": "PrincipalType", + "ServiceId": { + "markdownDescription": "The ID of the service that you want to use for settings for the instance.", + "title": "ServiceId", "type": "string" } }, "required": [ - "PortfolioId", - "PrincipalARN", - "PrincipalType" + "InstanceAttributes", + "ServiceId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioPrincipalAssociation" + "AWS::ServiceDiscovery::Instance" ], "type": "string" }, @@ -257943,7 +308429,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioProductAssociation": { + "AWS::ServiceDiscovery::PrivateDnsNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -257978,36 +308464,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", + "Description": { + "markdownDescription": "A description for the namespace.", + "title": "Description", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace. When you create a private DNS namespace, AWS Cloud Map automatically creates an Amazon Route\u00a053 private hosted zone that has the same name as the namespace.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", - "type": "string" + "Properties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.Properties", + "markdownDescription": "Properties for the private DNS namespace.", + "title": "Properties" }, - "SourcePortfolioId": { - "markdownDescription": "The identifier of the source portfolio.", - "title": "SourcePortfolioId", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" + }, + "Vpc": { + "markdownDescription": "The ID of the Amazon VPC that you want to associate the namespace with.", + "title": "Vpc", "type": "string" } }, "required": [ - "PortfolioId", - "ProductId" + "Name", + "Vpc" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioProductAssociation" + "AWS::ServiceDiscovery::PrivateDnsNamespace" ], "type": "string" }, @@ -258026,7 +308520,40 @@ ], "type": "object" }, - "AWS::ServiceCatalog::PortfolioShare": { + "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { + "additionalProperties": false, + "properties": { + "SOA": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.SOA", + "markdownDescription": "Fields for the Start of Authority (SOA) record for the hosted zone for the private DNS namespace.", + "title": "SOA" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PrivateDnsNamespace.Properties": { + "additionalProperties": false, + "properties": { + "DnsProperties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable", + "markdownDescription": "DNS properties for the private DNS namespace.", + "title": "DnsProperties" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PrivateDnsNamespace.SOA": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The time to live (TTL) for purposes of negative caching.", + "title": "TTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace": { "additionalProperties": false, "properties": { "Condition": { @@ -258061,36 +308588,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", + "Description": { + "markdownDescription": "A description for the namespace.", + "title": "Description", "type": "string" }, - "AccountId": { - "markdownDescription": "The AWS account ID. For example, `123456789012` .", - "title": "AccountId", + "Name": { + "markdownDescription": "The name that you want to assign to this namespace.\n\n> Do not include sensitive information in the name. The name is publicly available using DNS queries.", + "title": "Name", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", - "type": "string" + "Properties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.Properties", + "markdownDescription": "Properties for the public DNS namespace.", + "title": "Properties" }, - "ShareTagOptions": { - "markdownDescription": "Indicates whether TagOptions sharing is enabled or disabled for the portfolio share.", - "title": "ShareTagOptions", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" } }, "required": [ - "AccountId", - "PortfolioId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::PortfolioShare" + "AWS::ServiceDiscovery::PublicDnsNamespace" ], "type": "string" }, @@ -258109,7 +308638,40 @@ ], "type": "object" }, - "AWS::ServiceCatalog::ResourceUpdateConstraint": { + "AWS::ServiceDiscovery::PublicDnsNamespace.Properties": { + "additionalProperties": false, + "properties": { + "DnsProperties": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable", + "markdownDescription": "DNS properties for the public DNS namespace.", + "title": "DnsProperties" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable": { + "additionalProperties": false, + "properties": { + "SOA": { + "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.SOA", + "markdownDescription": "Start of Authority (SOA) record for the hosted zone for the public DNS namespace.", + "title": "SOA" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::PublicDnsNamespace.SOA": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The time to live (TTL) for purposes of negative caching.", + "title": "TTL", + "type": "number" + } + }, + "type": "object" + }, + "AWS::ServiceDiscovery::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -258144,42 +308706,60 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, "Description": { - "markdownDescription": "The description of the constraint.", + "markdownDescription": "The description of the service.", "title": "Description", "type": "string" }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "DnsConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsConfig", + "markdownDescription": "A complex type that contains information about the Route\u00a053 DNS records that you want AWS Cloud Map to create when you register an instance.\n\n> The record types of a service can only be changed by deleting the service and recreating it with a new `Dnsconfig` .", + "title": "DnsConfig" + }, + "HealthCheckConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckConfig", + "markdownDescription": "*Public DNS and HTTP namespaces only.* A complex type that contains settings for an optional health check. If you specify settings for a health check, AWS Cloud Map associates the health check with the records that you specify in `DnsConfig` .\n\nFor information about the charges for health checks, see [Amazon Route\u00a053 Pricing](https://docs.aws.amazon.com/route53/pricing/) .", + "title": "HealthCheckConfig" + }, + "HealthCheckCustomConfig": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckCustomConfig", + "markdownDescription": "A complex type that contains information about an optional custom health check.\n\n> If you specify a health check configuration, you can specify either `HealthCheckCustomConfig` or `HealthCheckConfig` but not both.", + "title": "HealthCheckCustomConfig" + }, + "Name": { + "markdownDescription": "The name of the service.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "NamespaceId": { + "markdownDescription": "The ID of the namespace that was used to create the service.\n\n> You must specify a value for `NamespaceId` either for the service properties or for [DnsConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html) . Don't specify a value in both places.", + "title": "NamespaceId", "type": "string" }, - "TagUpdateOnProvisionedProduct": { - "markdownDescription": "If set to `ALLOWED` , lets users change tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.\n\nIf set to `NOT_ALLOWED` , prevents users from changing tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.", - "title": "TagUpdateOnProvisionedProduct", + "ServiceAttributes": { + "markdownDescription": "A string map that contains the following information for the service:\n\n- The attributes that apply to the service\n- For each attribute, the applicable value.\n\nYou can specify a total of 30 attributes.", + "title": "ServiceAttributes", + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP` .", + "title": "Type", "type": "string" } }, - "required": [ - "PortfolioId", - "ProductId", - "TagUpdateOnProvisionedProduct" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ResourceUpdateConstraint" + "AWS::ServiceDiscovery::Service" ], "type": "string" }, @@ -258193,12 +308773,93 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ServiceCatalog::ServiceAction": { + "AWS::ServiceDiscovery::Service.DnsConfig": { + "additionalProperties": false, + "properties": { + "DnsRecords": { + "items": { + "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsRecord" + }, + "markdownDescription": "An array that contains one `DnsRecord` object for each Route\u00a053 DNS record that you want AWS Cloud Map to create when you register an instance.\n\n> The record type of a service can't be updated directly and can only be changed by deleting the service and recreating it with a new `DnsConfig` .", + "title": "DnsRecords", + "type": "array" + }, + "NamespaceId": { + "markdownDescription": "The ID of the namespace to use for DNS configuration.\n\n> You must specify a value for `NamespaceId` either for `DnsConfig` or for the [service properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html) . Don't specify a value in both places.", + "title": "NamespaceId", + "type": "string" + }, + "RoutingPolicy": { + "markdownDescription": "The routing policy that you want to apply to all Route\u00a053 DNS records that AWS Cloud Map creates when you register an instance and specify this service.\n\n> If you want to use this service to register instances that create alias records, specify `WEIGHTED` for the routing policy. \n\nYou can specify the following values:\n\n- **MULTIVALUE** - If you define a health check for the service and the health check is healthy, Route\u00a053 returns the applicable value for up to eight instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with IP addresses for up to eight healthy instances. If fewer than eight instances are healthy, Route\u00a053 responds to every DNS query with the IP addresses for all of the healthy instances.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the values for up to eight instances.\n\nFor more information about the multivalue routing policy, see [Multivalue Answer Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue) in the *Route\u00a053 Developer Guide* .\n- **WEIGHTED** - Route\u00a053 returns the applicable value from one randomly selected instance from among the instances that you registered using the same service. Currently, all records have the same weight, so you can't route more or less traffic to any instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with the IP address for one randomly selected instance from among the healthy instances. If no instances are healthy, Route\u00a053 responds to DNS queries as if all of the instances were healthy.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the applicable value for one randomly selected instance.\n\nFor more information about the weighted routing policy, see [Weighted Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted) in the *Route\u00a053 Developer Guide* .", + "title": "RoutingPolicy", + "type": "string" + } + }, + "required": [ + "DnsRecords" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.DnsRecord": { + "additionalProperties": false, + "properties": { + "TTL": { + "markdownDescription": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this record.\n\n> Alias records don't include a TTL because Route\u00a053 uses the TTL for the AWS resource that an alias record routes traffic to. If you include the `AWS_ALIAS_DNS_NAME` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request, the `TTL` value is ignored. Always specify a TTL for the service; you can use a service to register instances that create either alias or non-alias records.", + "title": "TTL", + "type": "number" + }, + "Type": { + "markdownDescription": "The type of the resource, which indicates the type of value that Route 53 returns in response to DNS queries. You can specify values for `Type` in the following combinations:\n\n- `A`\n- `AAAA`\n- `A` and `AAAA`\n- `SRV`\n- `CNAME`\n\nIf you want AWS Cloud Map to create a Route 53 alias record when you register an instance, specify `A` or `AAAA` for `Type` .\n\nYou specify other settings, such as the IP address for `A` and `AAAA` records, when you register an instance. For more information, see [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n\nThe following values are supported:\n\n- **A** - Route 53 returns the IP address of the resource in IPv4 format, such as 192.0.2.44.\n- **AAAA** - Route 53 returns the IP address of the resource in IPv6 format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345.\n- **CNAME** - Route 53 returns the domain name of the resource, such as www.example.com. Note the following:\n\n- You specify the domain name that you want to route traffic to when you register an instance. For more information, see [Attributes](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#cloudmap-RegisterInstance-request-Attributes) in the topic [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n- You must specify `WEIGHTED` for the value of `RoutingPolicy` .\n- You can't specify both `CNAME` for `Type` and settings for `HealthCheckConfig` . If you do, the request will fail with an `InvalidInput` error.\n- **SRV** - Route 53 returns the value for an `SRV` record. The value for an `SRV` record uses the following values:\n\n`priority weight port service-hostname`\n\nNote the following about the values:\n\n- The values of `priority` and `weight` are both set to `1` and can't be changed.\n- The value of `port` comes from the value that you specify for the `AWS_INSTANCE_PORT` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request.\n- The value of `service-hostname` is a concatenation of the following values:\n\n- The value that you specify for `InstanceId` when you register an instance.\n- The name of the service.\n- The name of the namespace.\n\nFor example, if the value of `InstanceId` is `test` , the name of the service is `backend` , and the name of the namespace is `example.com` , the value of `service-hostname` is:\n\n`test.backend.example.com`\n\nIf you specify settings for an `SRV` record and if you specify values for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both in the `RegisterInstance` request, AWS Cloud Map automatically creates `A` and/or `AAAA` records that have the same name as the value of `service-hostname` in the `SRV` record. You can ignore these records.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "TTL", + "Type" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.HealthCheckConfig": { + "additionalProperties": false, + "properties": { + "FailureThreshold": { + "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Route\u00a053 to change the current status of the endpoint from unhealthy to healthy or the other way around. For more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", + "title": "FailureThreshold", + "type": "number" + }, + "ResourcePath": { + "markdownDescription": "The path that you want Route\u00a053 to request when performing health checks. The path can be any value that your endpoint returns an HTTP status code of a 2xx or 3xx format for when the endpoint is healthy. An example file is `/docs/route53-health-check.html` . Route\u00a053 automatically adds the DNS name for the service. If you don't specify a value for `ResourcePath` , the default value is `/` .\n\nIf you specify `TCP` for `Type` , you must *not* specify a value for `ResourcePath` .", + "title": "ResourcePath", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of health check that you want to create, which indicates how Route\u00a053 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify HTTPS for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *TCP* : Route\u00a053 tries to establish a TCP connection.\n\nIf you specify `TCP` for `Type` , don't specify a value for `ResourcePath` .\n\nFor more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::ServiceDiscovery::Service.HealthCheckCustomConfig": { + "additionalProperties": false, + "properties": { + "FailureThreshold": { + "markdownDescription": "> This parameter is no longer supported and is always set to 1. AWS Cloud Map waits for approximately 30 seconds after receiving an `UpdateInstanceCustomHealthStatus` request before changing the status of the service instance. \n\nThe number of 30-second intervals that you want AWS Cloud Map to wait after receiving an `UpdateInstanceCustomHealthStatus` request before it changes the health status of a service instance.\n\nSending a second or subsequent `UpdateInstanceCustomHealthStatus` request with the same value before 30 seconds has passed doesn't accelerate the change. AWS Cloud Map still waits `30` seconds after the first request to make the change.", + "title": "FailureThreshold", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Shield::DRTAccess": { "additionalProperties": false, "properties": { "Condition": { @@ -258233,45 +308894,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" - }, - "Definition": { + "LogBucketList": { "items": { - "$ref": "#/definitions/AWS::ServiceCatalog::ServiceAction.DefinitionParameter" + "type": "string" }, - "markdownDescription": "A map that defines the self-service action.", - "title": "Definition", + "markdownDescription": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.\n\nUse this to share information with the SRT that's not available in AWS WAF logs.\n\nTo use the services of the SRT, you must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .", + "title": "LogBucketList", "type": "array" }, - "DefinitionType": { - "markdownDescription": "The self-service action definition type. For example, `SSM_AUTOMATION` .", - "title": "DefinitionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The self-service action description.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The self-service action name.", - "title": "Name", + "RoleArn": { + "markdownDescription": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and logs and to create or update AWS WAF rules and web ACLs.\n\nYou can associate only one `RoleArn` with your subscription. If you submit this update for an account that already has an associated role, the new `RoleArn` will replace the existing `RoleArn` .\n\nThis change requires the following:\n\n- You must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .\n- The `AWSShieldDRTAccessPolicy` managed policy must be attached to the role that you specify in the request. You can access this policy in the IAM console at [AWSShieldDRTAccessPolicy](https://docs.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy) . For information, see [Adding and removing IAM identity permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) .\n- The role must trust the service principal `drt.shield.amazonaws.com` . For information, see [IAM JSON policy elements: Principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) .\n\nThe SRT will have access only to your AWS WAF and Shield resources. By submitting this request, you provide permissions to the SRT to inspect your AWS WAF and Shield configuration and logs, and to create and update AWS WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.", + "title": "RoleArn", "type": "string" } }, "required": [ - "Definition", - "DefinitionType", - "Name" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ServiceAction" + "AWS::Shield::DRTAccess" ], "type": "string" }, @@ -258290,27 +308934,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::ServiceAction.DefinitionParameter": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The parameter key.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value of the parameter.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::ServiceCatalog::ServiceActionAssociation": { + "AWS::Shield::ProactiveEngagement": { "additionalProperties": false, "properties": { "Condition": { @@ -258345,32 +308969,29 @@ "Properties": { "additionalProperties": false, "properties": { - "ProductId": { - "markdownDescription": "The product identifier. For example, `prod-abcdzk7xy33qa` .", - "title": "ProductId", - "type": "string" - }, - "ProvisioningArtifactId": { - "markdownDescription": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` .", - "title": "ProvisioningArtifactId", - "type": "string" + "EmergencyContactList": { + "items": { + "$ref": "#/definitions/AWS::Shield::ProactiveEngagement.EmergencyContact" + }, + "markdownDescription": "The list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support, plus any relevant notes.\n\nTo enable proactive engagement, the contact list must include at least one phone number.\n\nIf you provide more than one contact, in the notes, indicate the circumstances under which each contact should be used. Include primary and secondary contact designations, and provide the hours of availability and time zones for each contact.\n\nExample contact notes:\n\n- This is a hotline that's staffed 24x7x365. Please work with the responding analyst and they will get the appropriate person on the call.\n- Please contact the secondary phone number if the hotline doesn't respond within 5 minutes.", + "title": "EmergencyContactList", + "type": "array" }, - "ServiceActionId": { - "markdownDescription": "The self-service action identifier. For example, `act-fs7abcd89wxyz` .", - "title": "ServiceActionId", + "ProactiveEngagementStatus": { + "markdownDescription": "Specifies whether proactive engagement is enabled or disabled.\n\nValid values:\n\n`ENABLED` - The Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n`DISABLED` - The SRT will not proactively notify contacts about escalations or to initiate proactive customer support.", + "title": "ProactiveEngagementStatus", "type": "string" } }, "required": [ - "ProductId", - "ProvisioningArtifactId", - "ServiceActionId" + "EmergencyContactList", + "ProactiveEngagementStatus" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::ServiceActionAssociation" + "AWS::Shield::ProactiveEngagement" ], "type": "string" }, @@ -258389,7 +309010,31 @@ ], "type": "object" }, - "AWS::ServiceCatalog::StackSetConstraint": { + "AWS::Shield::ProactiveEngagement.EmergencyContact": { + "additionalProperties": false, + "properties": { + "ContactNotes": { + "markdownDescription": "Additional notes regarding the contact.", + "title": "ContactNotes", + "type": "string" + }, + "EmailAddress": { + "markdownDescription": "The email address for the contact.", + "title": "EmailAddress", + "type": "string" + }, + "PhoneNumber": { + "markdownDescription": "The phone number for the contact.", + "title": "PhoneNumber", + "type": "string" + } + }, + "required": [ + "EmailAddress" + ], + "type": "object" + }, + "AWS::Shield::Protection": { "additionalProperties": false, "properties": { "Condition": { @@ -258424,73 +309069,47 @@ "Properties": { "additionalProperties": false, "properties": { - "AcceptLanguage": { - "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", - "title": "AcceptLanguage", - "type": "string" + "ApplicationLayerAutomaticResponseConfiguration": { + "$ref": "#/definitions/AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration", + "markdownDescription": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description.", + "title": "ApplicationLayerAutomaticResponseConfiguration" }, - "AccountList": { + "HealthCheckArns": { "items": { "type": "string" }, - "markdownDescription": "One or more AWS accounts that will have access to the provisioned product.", - "title": "AccountList", + "markdownDescription": "The ARN (Amazon Resource Name) of the health check to associate with the protection. Health-based detection provides improved responsiveness and accuracy in attack detection and mitigation.\n\nYou can use this option with any resource type except for Route\u00a053 hosted zones.\n\nFor more information, see [Configuring health-based detection using health checks](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-health-checks.html) in the *AWS Shield Advanced Developer Guide* .", + "title": "HealthCheckArns", "type": "array" }, - "AdminRole": { - "markdownDescription": "AdminRole ARN", - "title": "AdminRole", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the constraint.", - "title": "Description", - "type": "string" - }, - "ExecutionRole": { - "markdownDescription": "ExecutionRole name", - "title": "ExecutionRole", - "type": "string" - }, - "PortfolioId": { - "markdownDescription": "The portfolio identifier.", - "title": "PortfolioId", + "Name": { + "markdownDescription": "The name of the protection. For example, `My CloudFront distributions` .\n\n> If you change the name of an existing protection, Shield Advanced deletes the protection and replaces it with a new one. While this is happening, the protection isn't available on the AWS resource.", + "title": "Name", "type": "string" }, - "ProductId": { - "markdownDescription": "The product identifier.", - "title": "ProductId", + "ResourceArn": { + "markdownDescription": "The ARN (Amazon Resource Name) of the AWS resource that is protected.", + "title": "ResourceArn", "type": "string" }, - "RegionList": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", - "title": "RegionList", + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "title": "Tags", "type": "array" - }, - "StackInstanceControl": { - "markdownDescription": "Permission to create, update, and delete stack instances. Choose from ALLOWED and NOT_ALLOWED.", - "title": "StackInstanceControl", - "type": "string" } }, "required": [ - "AccountList", - "AdminRole", - "Description", - "ExecutionRole", - "PortfolioId", - "ProductId", - "RegionList", - "StackInstanceControl" + "Name", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::StackSetConstraint" + "AWS::Shield::Protection" ], "type": "string" }, @@ -258509,7 +309128,43 @@ ], "type": "object" }, - "AWS::ServiceCatalog::TagOption": { + "AWS::Shield::Protection.Action": { + "additionalProperties": false, + "properties": { + "Block": { + "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Block\": {} }`\n\nExample YAML: `Block: {}`", + "title": "Block", + "type": "object" + }, + "Count": { + "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Count\": {} }`\n\nExample YAML: `Count: {}`", + "title": "Count", + "type": "object" + } + }, + "type": "object" + }, + "AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration": { + "additionalProperties": false, + "properties": { + "Action": { + "$ref": "#/definitions/AWS::Shield::Protection.Action", + "markdownDescription": "Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.", + "title": "Action" + }, + "Status": { + "markdownDescription": "Indicates whether automatic application layer DDoS mitigation is enabled for the protection.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Action", + "Status" + ], + "type": "object" + }, + "AWS::Shield::ProtectionGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -258544,31 +309199,53 @@ "Properties": { "additionalProperties": false, "properties": { - "Active": { - "markdownDescription": "The TagOption active state.", - "title": "Active", - "type": "boolean" + "Aggregation": { + "markdownDescription": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n\n- `Sum` - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n- `Mean` - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n- `Max` - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.", + "title": "Aggregation", + "type": "string" }, - "Key": { - "markdownDescription": "The TagOption key.", - "title": "Key", + "Members": { + "items": { + "type": "string" + }, + "markdownDescription": "The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting.", + "title": "Members", + "type": "array" + }, + "Pattern": { + "markdownDescription": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.", + "title": "Pattern", "type": "string" }, - "Value": { - "markdownDescription": "The TagOption value.", - "title": "Value", + "ProtectionGroupId": { + "markdownDescription": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.", + "title": "ProtectionGroupId", "type": "string" + }, + "ResourceType": { + "markdownDescription": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting.", + "title": "ResourceType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "title": "Tags", + "type": "array" } }, "required": [ - "Key", - "Value" + "Aggregation", + "Pattern", + "ProtectionGroupId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::TagOption" + "AWS::Shield::ProtectionGroup" ], "type": "string" }, @@ -258587,7 +309264,7 @@ ], "type": "object" }, - "AWS::ServiceCatalog::TagOptionAssociation": { + "AWS::Signer::ProfilePermission": { "additionalProperties": false, "properties": { "Condition": { @@ -258622,26 +309299,43 @@ "Properties": { "additionalProperties": false, "properties": { - "ResourceId": { - "markdownDescription": "The resource identifier.", - "title": "ResourceId", + "Action": { + "markdownDescription": "The AWS Signer action permitted as part of cross-account permissions.", + "title": "Action", "type": "string" }, - "TagOptionId": { - "markdownDescription": "The TagOption identifier.", - "title": "TagOptionId", + "Principal": { + "markdownDescription": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID.", + "title": "Principal", + "type": "string" + }, + "ProfileName": { + "markdownDescription": "The human-readable name of the signing profile.", + "title": "ProfileName", + "type": "string" + }, + "ProfileVersion": { + "markdownDescription": "The version of the signing profile.", + "title": "ProfileVersion", + "type": "string" + }, + "StatementId": { + "markdownDescription": "A unique identifier for the cross-account permission statement.", + "title": "StatementId", "type": "string" } }, "required": [ - "ResourceId", - "TagOptionId" + "Action", + "Principal", + "ProfileName", + "StatementId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalog::TagOptionAssociation" + "AWS::Signer::ProfilePermission" ], "type": "string" }, @@ -258660,7 +309354,7 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::Application": { + "AWS::Signer::SigningProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -258695,36 +309389,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the application.", - "title": "Description", + "PlatformId": { + "markdownDescription": "The ID of a platform that is available for use by a signing profile.", + "title": "PlatformId", "type": "string" }, - "Name": { - "markdownDescription": "The name of the application. The name must be unique in the region in which you are creating the application.", - "title": "Name", - "type": "string" + "SignatureValidityPeriod": { + "$ref": "#/definitions/AWS::Signer::SigningProfile.SignatureValidityPeriod", + "markdownDescription": "The validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months.", + "title": "SignatureValidityPeriod" }, "Tags": { - "additionalProperties": true, - "markdownDescription": "Key-value pairs you can use to associate with the application.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of tags associated with the signing profile.", "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "Name" + "PlatformId" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::Application" + "AWS::Signer::SigningProfile" ], "type": "string" }, @@ -258743,7 +309434,23 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::AttributeGroup": { + "AWS::Signer::SigningProfile.SignatureValidityPeriod": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The time unit for signature validity: DAYS | MONTHS | YEARS.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The numerical value of the time unit for signature validity.", + "title": "Value", + "type": "number" + } + }, + "type": "object" + }, + "AWS::SimSpaceWeaver::Simulation": { "additionalProperties": false, "properties": { "Condition": { @@ -258778,42 +309485,41 @@ "Properties": { "additionalProperties": false, "properties": { - "Attributes": { - "markdownDescription": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.", - "title": "Attributes", - "type": "object" - }, - "Description": { - "markdownDescription": "The description of the attribute group that the user provides.", - "title": "Description", + "MaximumDuration": { + "markdownDescription": "The maximum running time of the simulation, specified as a number of minutes (m or M), hours (h or H), or days (d or D). The simulation stops when it reaches this limit. The maximum value is `14D` , or its equivalent in the other units. The default value is `14D` . A value equivalent to `0` makes the simulation immediately transition to `STOPPING` as soon as it reaches `STARTED` .", + "title": "MaximumDuration", "type": "string" }, "Name": { - "markdownDescription": "The name of the attribute group.", + "markdownDescription": "The name of the simulation.", "title": "Name", "type": "string" }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "Key-value pairs you can use to associate with the attribute group.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management ( IAM ) role that the simulation assumes to perform actions. For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* . For more information about IAM roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *AWS Identity and Access Management User Guide* .", + "title": "RoleArn", + "type": "string" + }, + "SchemaS3Location": { + "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", + "markdownDescription": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` .", + "title": "SchemaS3Location" + }, + "SnapshotS3Location": { + "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", + "markdownDescription": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` .", + "title": "SnapshotS3Location" } }, "required": [ - "Attributes", - "Name" + "Name", + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::AttributeGroup" + "AWS::SimSpaceWeaver::Simulation" ], "type": "string" }, @@ -258832,7 +309538,27 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation": { + "AWS::SimSpaceWeaver::Simulation.S3Location": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The name of an Amazon S3 bucket. For more information about buckets, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "BucketName", + "type": "string" + }, + "ObjectKey": { + "markdownDescription": "The key name of an object in Amazon S3. For more information about Amazon S3 objects and object keys, see [Uploading, downloading, and working with objects in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/uploading-downloading-objects.html) in the *Amazon Simple Storage Service User Guide* .", + "title": "ObjectKey", + "type": "string" + } + }, + "required": [ + "BucketName", + "ObjectKey" + ], + "type": "object" + }, + "AWS::StepFunctions::Activity": { "additionalProperties": false, "properties": { "Condition": { @@ -258867,26 +309593,33 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The name or ID of the application.", - "title": "Application", - "type": "string" + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::Activity.EncryptionConfiguration", + "markdownDescription": "Encryption configuration for the activity.\n\nActivity configuration is immutable, and resource names must be unique. To set customer managed keys for encryption, you must create a *new Activity* . If you attempt to change the configuration in your CFN template for an existing activity, you will receive an `ActivityAlreadyExists` exception.\n\nTo update your activity to include customer managed keys, set a new activity name within your AWS CloudFormation template.", + "title": "EncryptionConfiguration" }, - "AttributeGroup": { - "markdownDescription": "The name or ID of the attribute group which holds the attributes that describe the application.", - "title": "AttributeGroup", + "Name": { + "markdownDescription": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` , `U+FFFE-FFFF` )\n- surrogates ( `U+D800-DFFF` )\n- invalid characters ( `U+10FFFF` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::StepFunctions::Activity.TagsEntry" + }, + "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "title": "Tags", + "type": "array" } }, "required": [ - "Application", - "AttributeGroup" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation" + "AWS::StepFunctions::Activity" ], "type": "string" }, @@ -258905,7 +309638,51 @@ ], "type": "object" }, - "AWS::ServiceCatalogAppRegistry::ResourceAssociation": { + "AWS::StepFunctions::Activity.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys.", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN.", + "title": "KmsKeyId", + "type": "string" + }, + "Type": { + "markdownDescription": "Encryption option for an activity.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::StepFunctions::Activity.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The `key` for a key-value pair in a tag entry.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The `value` for a key-value pair in a tag entry.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine": { "additionalProperties": false, "properties": { "Condition": { @@ -258940,32 +309717,79 @@ "Properties": { "additionalProperties": false, "properties": { - "Application": { - "markdownDescription": "The name or ID of the application.", - "title": "Application", + "Definition": { + "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", + "title": "Definition", + "type": "object" + }, + "DefinitionS3Location": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.S3Location", + "markdownDescription": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file.", + "title": "DefinitionS3Location" + }, + "DefinitionString": { + "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", + "title": "DefinitionString", "type": "string" }, - "Resource": { - "markdownDescription": "The name or ID of the resource of which the application will be associated.", - "title": "Resource", + "DefinitionSubstitutions": { + "additionalProperties": true, + "markdownDescription": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "object" + } + }, + "title": "DefinitionSubstitutions", + "type": "object" + }, + "EncryptionConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.EncryptionConfiguration", + "markdownDescription": "Encryption configuration for the state machine.", + "title": "EncryptionConfiguration" + }, + "LoggingConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LoggingConfiguration", + "markdownDescription": "Defines what execution history events are logged and where they are logged.\n\n> By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.", + "title": "LoggingConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.", + "title": "RoleArn", "type": "string" }, - "ResourceType": { - "markdownDescription": "The type of resource of which the application will be associated.", - "title": "ResourceType", + "StateMachineName": { + "markdownDescription": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "title": "StateMachineName", + "type": "string" + }, + "StateMachineType": { + "markdownDescription": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide.", + "title": "StateMachineType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TagsEntry" + }, + "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "title": "Tags", + "type": "array" + }, + "TracingConfiguration": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TracingConfiguration", + "markdownDescription": "Selects whether or not the state machine's AWS X-Ray tracing is enabled.", + "title": "TracingConfiguration" } }, "required": [ - "Application", - "Resource", - "ResourceType" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceCatalogAppRegistry::ResourceAssociation" + "AWS::StepFunctions::StateMachine" ], "type": "string" }, @@ -258978,13 +309802,139 @@ "type": "string" } }, - "required": [ - "Type", - "Properties" - ], + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup": { + "additionalProperties": false, + "properties": { + "LogGroupArn": { + "markdownDescription": "The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*`", + "title": "LogGroupArn", + "type": "string" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachine.EncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsDataKeyReusePeriodSeconds": { + "markdownDescription": "Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys.", + "title": "KmsDataKeyReusePeriodSeconds", + "type": "number" + }, + "KmsKeyId": { + "markdownDescription": "An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN.", + "title": "KmsKeyId", + "type": "string" + }, + "Type": { + "markdownDescription": "Encryption option for a state machine.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.LogDestination": { + "additionalProperties": false, + "properties": { + "CloudWatchLogsLogGroup": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup", + "markdownDescription": "An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the AWS CloudFormation User Guide.", + "title": "CloudWatchLogsLogGroup" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachine.LoggingConfiguration": { + "additionalProperties": false, + "properties": { + "Destinations": { + "items": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LogDestination" + }, + "markdownDescription": "An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` .", + "title": "Destinations", + "type": "array" + }, + "IncludeExecutionData": { + "markdownDescription": "Determines whether execution data is included in your log. When set to `false` , data is excluded.", + "title": "IncludeExecutionData", + "type": "boolean" + }, + "Level": { + "markdownDescription": "Defines which category of execution history events are logged.", + "title": "Level", + "type": "string" + } + }, + "type": "object" + }, + "AWS::StepFunctions::StateMachine.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "The name of the S3 bucket where the state machine definition JSON or YAML file is stored.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name of the state machine definition file (Amazon S3 object name).", + "title": "Key", + "type": "string" + }, + "Version": { + "markdownDescription": "For versioning-enabled buckets, a specific version of the state machine definition.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Bucket", + "Key" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.TagsEntry": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The `key` for a key-value pair in a tag entry.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The `value` for a key-value pair in a tag entry.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachine.TracingConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "When set to `true` , X-Ray tracing is enabled.", + "title": "Enabled", + "type": "boolean" + } + }, "type": "object" }, - "AWS::ServiceDiscovery::HttpNamespace": { + "AWS::StepFunctions::StateMachineAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -259019,33 +309969,35 @@ "Properties": { "additionalProperties": false, "properties": { + "DeploymentPreference": { + "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.DeploymentPreference", + "markdownDescription": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "title": "DeploymentPreference" + }, "Description": { - "markdownDescription": "A description for the namespace.", + "markdownDescription": "An optional description of the state machine alias.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name that you want to assign to this namespace.", + "markdownDescription": "The name of the state machine alias. If you don't provide a name, it uses an automatically generated name based on the logical ID.", "title": "Name", "type": "string" }, - "Tags": { + "RoutingConfiguration": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion" }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", + "markdownDescription": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties.", + "title": "RoutingConfiguration", "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::HttpNamespace" + "AWS::StepFunctions::StateMachineAlias" ], "type": "string" }, @@ -259059,90 +310011,69 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::ServiceDiscovery::Instance": { + "AWS::StepFunctions::StateMachineAlias.DeploymentPreference": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Alarms": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of Amazon CloudWatch alarm names to be monitored during the deployment. The deployment fails and rolls back if any of these alarms go into the `ALARM` state.\n\n> Amazon CloudWatch considers nonexistent alarms to have an `OK` state. If you provide an invalid alarm name or provide the ARN of an alarm instead of its name, your deployment may not roll back correctly.", + "title": "Alarms", + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Interval": { + "markdownDescription": "The time in minutes between each traffic shifting increment.", + "title": "Interval", + "type": "number" }, - "Metadata": { - "type": "object" + "Percentage": { + "markdownDescription": "The percentage of traffic to shift to the new version in each increment.", + "title": "Percentage", + "type": "number" }, - "Properties": { - "additionalProperties": false, - "properties": { - "InstanceAttributes": { - "markdownDescription": "A string map that contains the following information for the service that you specify in `ServiceId` :\n\n- The attributes that apply to the records that are defined in the service.\n- For each attribute, the applicable value.\n\nSupported attribute keys include the following:\n\n- **AWS_ALIAS_DNS_NAME** - If you want AWS Cloud Map to create a Route\u00a053 alias record that routes traffic to an Elastic Load Balancing load balancer, specify the DNS name that is associated with the load balancer. For information about how to get the DNS name, see [AliasTarget->DNSName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html#Route53-Type-AliasTarget-DNSName) in the *Route\u00a053 API Reference* .\n\nNote the following:\n\n- The configuration for the service that is specified by `ServiceId` must include settings for an `A` record, an `AAAA` record, or both.\n- In the service that is specified by `ServiceId` , the value of `RoutingPolicy` must be `WEIGHTED` .\n- If the service that is specified by `ServiceId` includes `HealthCheckConfig` settings, AWS Cloud Map will create the health check, but it won't associate the health check with the alias record.\n- Auto naming currently doesn't support creating alias records that route traffic to AWS resources other than ELB load balancers.\n- If you specify a value for `AWS_ALIAS_DNS_NAME` , don't specify values for any of the `AWS_INSTANCE` attributes.\n- **AWS_EC2_INSTANCE_ID** - *HTTP namespaces only.* The Amazon EC2 instance ID for the instance. The `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address. When creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) , if the `AWS_EC2_INSTANCE_ID` attribute is specified, the only other attribute that can be specified is `AWS_INIT_HEALTH_STATUS` . After the resource has been created, the `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address.\n- **AWS_INIT_HEALTH_STATUS** - If the service configuration includes `HealthCheckCustomConfig` , when creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) you can optionally use `AWS_INIT_HEALTH_STATUS` to specify the initial status of the custom health check, `HEALTHY` or `UNHEALTHY` . If you don't specify a value for `AWS_INIT_HEALTH_STATUS` , the initial status is `HEALTHY` . This attribute can only be used when creating resources and will not be seen on existing resources.\n- **AWS_INSTANCE_CNAME** - If the service configuration includes a `CNAME` record, the domain name that you want Route\u00a053 to return in response to DNS queries, for example, `example.com` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `CNAME` record.\n- **AWS_INSTANCE_IPV4** - If the service configuration includes an `A` record, the IPv4 address that you want Route\u00a053 to return in response to DNS queries, for example, `192.0.2.44` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `A` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_IPV6** - If the service configuration includes an `AAAA` record, the IPv6 address that you want Route\u00a053 to return in response to DNS queries, for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `AAAA` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_PORT** - If the service includes an `SRV` record, the value that you want Route\u00a053 to return for the port.\n\nIf the service includes `HealthCheckConfig` , the port on the endpoint that you want Route\u00a053 to send requests to.\n\nThis value is required if you specified settings for an `SRV` record or a Route\u00a053 health check when you created the service.", - "title": "InstanceAttributes", - "type": "object" - }, - "InstanceId": { - "markdownDescription": "An identifier that you want to associate with the instance. Note the following:\n\n- If the service that's specified by `ServiceId` includes settings for an `SRV` record, the value of `InstanceId` is automatically included as part of the value for the `SRV` record. For more information, see [DnsRecord > Type](https://docs.aws.amazon.com/cloud-map/latest/api/API_DnsRecord.html#cloudmap-Type-DnsRecord-Type) .\n- You can use this value to update an existing instance.\n- To register a new instance, you must specify a value that's unique among instances that you register by using the same service.\n- If you specify an existing `InstanceId` and `ServiceId` , AWS Cloud Map updates the existing DNS records, if any. If there's also an existing health check, AWS Cloud Map deletes the old health check and creates a new one.\n\n> The health check isn't deleted immediately, so it will still appear for a while if you submit a `ListHealthChecks` request, for example.\n\n> Do not include sensitive information in `InstanceId` if the namespace is discoverable by public DNS queries and any `Type` member of `DnsRecord` for the service contains `SRV` because the `InstanceId` is discoverable by public DNS queries.", - "title": "InstanceId", - "type": "string" - }, - "ServiceId": { - "markdownDescription": "The ID of the service that you want to use for settings for the instance.", - "title": "ServiceId", - "type": "string" - } - }, - "required": [ - "InstanceAttributes", - "ServiceId" - ], - "type": "object" + "StateMachineVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete.\n\nWhile performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead.", + "title": "StateMachineVersionArn", + "type": "string" }, "Type": { - "enum": [ - "AWS::ServiceDiscovery::Instance" - ], + "markdownDescription": "The type of deployment you want to perform. You can specify one of the following types:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "title": "Type", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "StateMachineVersionArn", + "Type" + ], + "type": "object" + }, + "AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion": { + "additionalProperties": false, + "properties": { + "StateMachineVersionArn": { + "markdownDescription": "The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration.\n\nIf you specify the ARN of a second version, it must belong to the same state machine as the first version.", + "title": "StateMachineVersionArn", "type": "string" + }, + "Weight": { + "markdownDescription": "The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100.", + "title": "Weight", + "type": "number" } }, "required": [ - "Type", - "Properties" + "StateMachineVersionArn", + "Weight" ], "type": "object" }, - "AWS::ServiceDiscovery::PrivateDnsNamespace": { + "AWS::StepFunctions::StateMachineVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -259178,43 +310109,29 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "A description for the namespace.", + "markdownDescription": "An optional description of the state machine version.", "title": "Description", "type": "string" }, - "Name": { - "markdownDescription": "The name that you want to assign to this namespace. When you create a private DNS namespace, AWS Cloud Map automatically creates an Amazon Route\u00a053 private hosted zone that has the same name as the namespace.", - "title": "Name", + "StateMachineArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the state machine.", + "title": "StateMachineArn", "type": "string" }, - "Properties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.Properties", - "markdownDescription": "Properties for the private DNS namespace.", - "title": "Properties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", - "type": "array" - }, - "Vpc": { - "markdownDescription": "The ID of the Amazon VPC that you want to associate the namespace with.", - "title": "Vpc", + "StateMachineRevisionId": { + "markdownDescription": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine\u2019s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` .", + "title": "StateMachineRevisionId", "type": "string" } }, "required": [ - "Name", - "Vpc" + "StateMachineArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::PrivateDnsNamespace" + "AWS::StepFunctions::StateMachineVersion" ], "type": "string" }, @@ -259233,40 +310150,7 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { - "additionalProperties": false, - "properties": { - "SOA": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.SOA", - "markdownDescription": "Fields for the Start of Authority (SOA) record for the hosted zone for the private DNS namespace.", - "title": "SOA" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.Properties": { - "additionalProperties": false, - "properties": { - "DnsProperties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable", - "markdownDescription": "DNS properties for the private DNS namespace.", - "title": "DnsProperties" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PrivateDnsNamespace.SOA": { - "additionalProperties": false, - "properties": { - "TTL": { - "markdownDescription": "The time to live (TTL) for purposes of negative caching.", - "title": "TTL", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PublicDnsNamespace": { + "AWS::SupportApp::AccountAlias": { "additionalProperties": false, "properties": { "Condition": { @@ -259301,38 +310185,20 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "A description for the namespace.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name that you want to assign to this namespace.\n\n> Do not include sensitive information in the name. The name is publicly available using DNS queries.", - "title": "Name", + "AccountAlias": { + "markdownDescription": "An alias or short name for an AWS account .", + "title": "AccountAlias", "type": "string" - }, - "Properties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.Properties", - "markdownDescription": "Properties for the public DNS namespace.", - "title": "Properties" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", - "type": "array" } }, "required": [ - "Name" + "AccountAlias" ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::PublicDnsNamespace" + "AWS::SupportApp::AccountAlias" ], "type": "string" }, @@ -259351,40 +310217,7 @@ ], "type": "object" }, - "AWS::ServiceDiscovery::PublicDnsNamespace.Properties": { - "additionalProperties": false, - "properties": { - "DnsProperties": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable", - "markdownDescription": "DNS properties for the public DNS namespace.", - "title": "DnsProperties" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable": { - "additionalProperties": false, - "properties": { - "SOA": { - "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.SOA", - "markdownDescription": "Start of Authority (SOA) record for the hosted zone for the public DNS namespace.", - "title": "SOA" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::PublicDnsNamespace.SOA": { - "additionalProperties": false, - "properties": { - "TTL": { - "markdownDescription": "The time to live (TTL) for purposes of negative caching.", - "title": "TTL", - "type": "number" - } - }, - "type": "object" - }, - "AWS::ServiceDiscovery::Service": { + "AWS::SupportApp::SlackChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -259419,55 +310252,58 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the service.", - "title": "Description", + "ChannelId": { + "markdownDescription": "The channel ID in Slack. This ID identifies a channel within a Slack workspace.", + "title": "ChannelId", "type": "string" }, - "DnsConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsConfig", - "markdownDescription": "A complex type that contains information about the Route\u00a053 DNS records that you want AWS Cloud Map to create when you register an instance.\n\n> The record types of a service can only be changed by deleting the service and recreating it with a new `Dnsconfig` .", - "title": "DnsConfig" + "ChannelName": { + "markdownDescription": "The channel name in Slack. This is the channel where you invite the AWS Support App .", + "title": "ChannelName", + "type": "string" }, - "HealthCheckConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckConfig", - "markdownDescription": "*Public DNS and HTTP namespaces only.* A complex type that contains settings for an optional health check. If you specify settings for a health check, AWS Cloud Map associates the health check with the records that you specify in `DnsConfig` .\n\nFor information about the charges for health checks, see [Amazon Route\u00a053 Pricing](https://docs.aws.amazon.com/route53/pricing/) .", - "title": "HealthCheckConfig" + "ChannelRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for this Slack channel configuration. The App uses this role to perform and Service Quotas actions on your behalf.", + "title": "ChannelRoleArn", + "type": "string" }, - "HealthCheckCustomConfig": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckCustomConfig", - "markdownDescription": "A complex type that contains information about an optional custom health check.\n\n> If you specify a health check configuration, you can specify either `HealthCheckCustomConfig` or `HealthCheckConfig` but not both.", - "title": "HealthCheckCustomConfig" + "NotifyOnAddCorrespondenceToCase": { + "markdownDescription": "Whether to get notified when a correspondence is added to your support cases.", + "title": "NotifyOnAddCorrespondenceToCase", + "type": "boolean" }, - "Name": { - "markdownDescription": "The name of the service.", - "title": "Name", + "NotifyOnCaseSeverity": { + "markdownDescription": "The case severity for your support cases that you want to receive notifications. You can specify `none` , `all` , or `high` .", + "title": "NotifyOnCaseSeverity", "type": "string" }, - "NamespaceId": { - "markdownDescription": "The ID of the namespace that was used to create the service.\n\n> You must specify a value for `NamespaceId` either for the service properties or for [DnsConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html) . Don't specify a value in both places.", - "title": "NamespaceId", - "type": "string" + "NotifyOnCreateOrReopenCase": { + "markdownDescription": "Whether to get notified when your support cases are created or reopened", + "title": "NotifyOnCreateOrReopenCase", + "type": "boolean" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", - "title": "Tags", - "type": "array" + "NotifyOnResolveCase": { + "markdownDescription": "Whether to get notified when your support cases are resolved.", + "title": "NotifyOnResolveCase", + "type": "boolean" }, - "Type": { - "markdownDescription": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP` .", - "title": "Type", + "TeamId": { + "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace.", + "title": "TeamId", "type": "string" } }, + "required": [ + "ChannelId", + "ChannelRoleArn", + "NotifyOnCaseSeverity", + "TeamId" + ], "type": "object" }, "Type": { "enum": [ - "AWS::ServiceDiscovery::Service" + "AWS::SupportApp::SlackChannelConfiguration" ], "type": "string" }, @@ -259481,93 +310317,12 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.DnsConfig": { - "additionalProperties": false, - "properties": { - "DnsRecords": { - "items": { - "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsRecord" - }, - "markdownDescription": "An array that contains one `DnsRecord` object for each Route\u00a053 DNS record that you want AWS Cloud Map to create when you register an instance.\n\n> The record type of a service can't be updated directly and can only be changed by deleting the service and recreating it with a new `DnsConfig` .", - "title": "DnsRecords", - "type": "array" - }, - "NamespaceId": { - "markdownDescription": "The ID of the namespace to use for DNS configuration.\n\n> You must specify a value for `NamespaceId` either for `DnsConfig` or for the [service properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html) . Don't specify a value in both places.", - "title": "NamespaceId", - "type": "string" - }, - "RoutingPolicy": { - "markdownDescription": "The routing policy that you want to apply to all Route\u00a053 DNS records that AWS Cloud Map creates when you register an instance and specify this service.\n\n> If you want to use this service to register instances that create alias records, specify `WEIGHTED` for the routing policy. \n\nYou can specify the following values:\n\n- **MULTIVALUE** - If you define a health check for the service and the health check is healthy, Route\u00a053 returns the applicable value for up to eight instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with IP addresses for up to eight healthy instances. If fewer than eight instances are healthy, Route\u00a053 responds to every DNS query with the IP addresses for all of the healthy instances.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the values for up to eight instances.\n\nFor more information about the multivalue routing policy, see [Multivalue Answer Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue) in the *Route\u00a053 Developer Guide* .\n- **WEIGHTED** - Route\u00a053 returns the applicable value from one randomly selected instance from among the instances that you registered using the same service. Currently, all records have the same weight, so you can't route more or less traffic to any instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with the IP address for one randomly selected instance from among the healthy instances. If no instances are healthy, Route\u00a053 responds to DNS queries as if all of the instances were healthy.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the applicable value for one randomly selected instance.\n\nFor more information about the weighted routing policy, see [Weighted Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted) in the *Route\u00a053 Developer Guide* .", - "title": "RoutingPolicy", - "type": "string" - } - }, - "required": [ - "DnsRecords" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.DnsRecord": { - "additionalProperties": false, - "properties": { - "TTL": { - "markdownDescription": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this record.\n\n> Alias records don't include a TTL because Route\u00a053 uses the TTL for the AWS resource that an alias record routes traffic to. If you include the `AWS_ALIAS_DNS_NAME` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request, the `TTL` value is ignored. Always specify a TTL for the service; you can use a service to register instances that create either alias or non-alias records.", - "title": "TTL", - "type": "number" - }, - "Type": { - "markdownDescription": "The type of the resource, which indicates the type of value that Route 53 returns in response to DNS queries. You can specify values for `Type` in the following combinations:\n\n- `A`\n- `AAAA`\n- `A` and `AAAA`\n- `SRV`\n- `CNAME`\n\nIf you want AWS Cloud Map to create a Route 53 alias record when you register an instance, specify `A` or `AAAA` for `Type` .\n\nYou specify other settings, such as the IP address for `A` and `AAAA` records, when you register an instance. For more information, see [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n\nThe following values are supported:\n\n- **A** - Route 53 returns the IP address of the resource in IPv4 format, such as 192.0.2.44.\n- **AAAA** - Route 53 returns the IP address of the resource in IPv6 format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345.\n- **CNAME** - Route 53 returns the domain name of the resource, such as www.example.com. Note the following:\n\n- You specify the domain name that you want to route traffic to when you register an instance. For more information, see [Attributes](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#cloudmap-RegisterInstance-request-Attributes) in the topic [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n- You must specify `WEIGHTED` for the value of `RoutingPolicy` .\n- You can't specify both `CNAME` for `Type` and settings for `HealthCheckConfig` . If you do, the request will fail with an `InvalidInput` error.\n- **SRV** - Route 53 returns the value for an `SRV` record. The value for an `SRV` record uses the following values:\n\n`priority weight port service-hostname`\n\nNote the following about the values:\n\n- The values of `priority` and `weight` are both set to `1` and can't be changed.\n- The value of `port` comes from the value that you specify for the `AWS_INSTANCE_PORT` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request.\n- The value of `service-hostname` is a concatenation of the following values:\n\n- The value that you specify for `InstanceId` when you register an instance.\n- The name of the service.\n- The name of the namespace.\n\nFor example, if the value of `InstanceId` is `test` , the name of the service is `backend` , and the name of the namespace is `example.com` , the value of `service-hostname` is:\n\n`test.backend.example.com`\n\nIf you specify settings for an `SRV` record and if you specify values for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both in the `RegisterInstance` request, AWS Cloud Map automatically creates `A` and/or `AAAA` records that have the same name as the value of `service-hostname` in the `SRV` record. You can ignore these records.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "TTL", - "Type" - ], - "type": "object" - }, - "AWS::ServiceDiscovery::Service.HealthCheckConfig": { - "additionalProperties": false, - "properties": { - "FailureThreshold": { - "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Route\u00a053 to change the current status of the endpoint from unhealthy to healthy or the other way around. For more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", - "title": "FailureThreshold", - "type": "number" - }, - "ResourcePath": { - "markdownDescription": "The path that you want Route\u00a053 to request when performing health checks. The path can be any value that your endpoint returns an HTTP status code of a 2xx or 3xx format for when the endpoint is healthy. An example file is `/docs/route53-health-check.html` . Route\u00a053 automatically adds the DNS name for the service. If you don't specify a value for `ResourcePath` , the default value is `/` .\n\nIf you specify `TCP` for `Type` , you must *not* specify a value for `ResourcePath` .", - "title": "ResourcePath", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of health check that you want to create, which indicates how Route\u00a053 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify HTTPS for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *TCP* : Route\u00a053 tries to establish a TCP connection.\n\nIf you specify `TCP` for `Type` , don't specify a value for `ResourcePath` .\n\nFor more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::ServiceDiscovery::Service.HealthCheckCustomConfig": { - "additionalProperties": false, - "properties": { - "FailureThreshold": { - "markdownDescription": "> This parameter is no longer supported and is always set to 1. AWS Cloud Map waits for approximately 30 seconds after receiving an `UpdateInstanceCustomHealthStatus` request before changing the status of the service instance. \n\nThe number of 30-second intervals that you want AWS Cloud Map to wait after receiving an `UpdateInstanceCustomHealthStatus` request before it changes the health status of a service instance.\n\nSending a second or subsequent `UpdateInstanceCustomHealthStatus` request with the same value before 30 seconds has passed doesn't accelerate the change. AWS Cloud Map still waits `30` seconds after the first request to make the change.", - "title": "FailureThreshold", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Shield::DRTAccess": { + "AWS::SupportApp::SlackWorkspaceConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -259602,28 +310357,25 @@ "Properties": { "additionalProperties": false, "properties": { - "LogBucketList": { - "items": { - "type": "string" - }, - "markdownDescription": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.\n\nUse this to share information with the SRT that's not available in AWS WAF logs.\n\nTo use the services of the SRT, you must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .", - "title": "LogBucketList", - "type": "array" + "TeamId": { + "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace, such as `T012ABCDEFG` .", + "title": "TeamId", + "type": "string" }, - "RoleArn": { - "markdownDescription": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and logs and to create or update AWS WAF rules and web ACLs.\n\nYou can associate only one `RoleArn` with your subscription. If you submit this update for an account that already has an associated role, the new `RoleArn` will replace the existing `RoleArn` .\n\nThis change requires the following:\n\n- You must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .\n- The `AWSShieldDRTAccessPolicy` managed policy must be attached to the role that you specify in the request. You can access this policy in the IAM console at [AWSShieldDRTAccessPolicy](https://docs.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy) . For information, see [Adding and removing IAM identity permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) .\n- The role must trust the service principal `drt.shield.amazonaws.com` . For information, see [IAM JSON policy elements: Principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) .\n\nThe SRT will have access only to your AWS WAF and Shield resources. By submitting this request, you provide permissions to the SRT to inspect your AWS WAF and Shield configuration and logs, and to create and update AWS WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.", - "title": "RoleArn", + "VersionId": { + "markdownDescription": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation , such as `100` .", + "title": "VersionId", "type": "string" } }, "required": [ - "RoleArn" + "TeamId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::DRTAccess" + "AWS::SupportApp::SlackWorkspaceConfiguration" ], "type": "string" }, @@ -259642,7 +310394,7 @@ ], "type": "object" }, - "AWS::Shield::ProactiveEngagement": { + "AWS::Synthetics::Canary": { "additionalProperties": false, "properties": { "Condition": { @@ -259677,29 +310429,111 @@ "Properties": { "additionalProperties": false, "properties": { - "EmergencyContactList": { + "ArtifactConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.ArtifactConfig", + "markdownDescription": "A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.", + "title": "ArtifactConfig" + }, + "ArtifactS3Location": { + "markdownDescription": "The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files. Specify the full location path, including `s3://` at the beginning of the path.", + "title": "ArtifactS3Location", + "type": "string" + }, + "Code": { + "$ref": "#/definitions/AWS::Synthetics::Canary.Code", + "markdownDescription": "Use this structure to input your script code for the canary. This structure contains the Lambda handler with the location where the canary should start running the script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included. If the script is passed into the canary directly, the script code is contained in the value of `Script` .", + "title": "Code" + }, + "DryRunAndUpdate": { + "markdownDescription": "Specifies whether to perform a dry run before updating the canary. If set to `true` , CloudFormation will execute a dry run to validate the changes before applying them to the canary. If the dry run succeeds, the canary will be updated with the changes. If the dry run fails, the CloudFormation deployment will fail with the dry run\u2019s failure reason.\n\nIf set to `false` or omitted, the canary will be updated directly without first performing a dry run. The default value is `false` .\n\nFor more information, see [Performing safe canary updates](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/performing-safe-canary-upgrades.html) .", + "title": "DryRunAndUpdate", + "type": "boolean" + }, + "ExecutionRoleArn": { + "markdownDescription": "The ARN of the IAM role to be used to run the canary. This role must already exist, and must include `lambda.amazonaws.com` as a principal in the trust policy. The role must also have the following permissions:\n\n- `s3:PutObject`\n- `s3:GetBucketLocation`\n- `s3:ListAllMyBuckets`\n- `cloudwatch:PutMetricData`\n- `logs:CreateLogGroup`\n- `logs:CreateLogStream`\n- `logs:PutLogEvents`", + "title": "ExecutionRoleArn", + "type": "string" + }, + "FailureRetentionPeriod": { + "markdownDescription": "The number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", + "title": "FailureRetentionPeriod", + "type": "number" + }, + "Name": { + "markdownDescription": "The name for this canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account.\n\nDo not include secrets or proprietary information in your canary names. The canary name makes up part of the canary ARN, and the ARN is included in outbound calls over the internet. For more information, see [Security Considerations for Synthetics Canaries](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html) .", + "title": "Name", + "type": "string" + }, + "ProvisionedResourceCleanup": { + "markdownDescription": "Specifies whether to also delete the Lambda functions and layers used by this canary when the canary is deleted. If it is `AUTOMATIC` , the Lambda functions and layers will be deleted when the canary is deleted.\n\nIf the value of this parameter is `OFF` , then the value of the `DeleteLambda` parameter of the [DeleteCanary](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DeleteCanary.html) operation determines whether the Lambda functions and layers will be deleted.", + "title": "ProvisionedResourceCleanup", + "type": "string" + }, + "ResourcesToReplicateTags": { "items": { - "$ref": "#/definitions/AWS::Shield::ProactiveEngagement.EmergencyContact" + "type": "string" }, - "markdownDescription": "The list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support, plus any relevant notes.\n\nTo enable proactive engagement, the contact list must include at least one phone number.\n\nIf you provide more than one contact, in the notes, indicate the circumstances under which each contact should be used. Include primary and secondary contact designations, and provide the hours of availability and time zones for each contact.\n\nExample contact notes:\n\n- This is a hotline that's staffed 24x7x365. Please work with the responding analyst and they will get the appropriate person on the call.\n- Please contact the secondary phone number if the hotline doesn't respond within 5 minutes.", - "title": "EmergencyContactList", + "markdownDescription": "To have the tags that you apply to this canary also be applied to the Lambda function that the canary uses, specify this property with the value `lambda-function` . If you do this, CloudWatch Synthetics will keep the tags of the canary and the Lambda function synchronized. Any future changes you make to the canary's tags will also be applied to the function.", + "title": "ResourcesToReplicateTags", "type": "array" }, - "ProactiveEngagementStatus": { - "markdownDescription": "Specifies whether proactive engagement is enabled or disabled.\n\nValid values:\n\n`ENABLED` - The Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n`DISABLED` - The SRT will not proactively notify contacts about escalations or to initiate proactive customer support.", - "title": "ProactiveEngagementStatus", + "RunConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.RunConfig", + "markdownDescription": "A structure that contains input information for a canary run. If you omit this structure, the frequency of the canary is used as canary's timeout value, up to a maximum of 900 seconds.", + "title": "RunConfig" + }, + "RuntimeVersion": { + "markdownDescription": "Specifies the runtime version to use for the canary. For more information about runtime versions, see [Canary Runtime Versions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) .", + "title": "RuntimeVersion", "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::Synthetics::Canary.Schedule", + "markdownDescription": "A structure that contains information about how often the canary is to run, and when these runs are to stop.", + "title": "Schedule" + }, + "StartCanaryAfterCreation": { + "markdownDescription": "Specify TRUE to have the canary start making runs immediately after it is created.\n\nA canary that you create using CloudFormation can't be used to monitor the CloudFormation stack that creates the canary or to roll back that stack if there is a failure.", + "title": "StartCanaryAfterCreation", + "type": "boolean" + }, + "SuccessRetentionPeriod": { + "markdownDescription": "The number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", + "title": "SuccessRetentionPeriod", + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The list of key-value pairs that are associated with the canary.", + "title": "Tags", + "type": "array" + }, + "VPCConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.VPCConfig", + "markdownDescription": "If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see [Running a Canary in a VPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html) .", + "title": "VPCConfig" + }, + "VisualReference": { + "$ref": "#/definitions/AWS::Synthetics::Canary.VisualReference", + "markdownDescription": "If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.", + "title": "VisualReference" } }, "required": [ - "EmergencyContactList", - "ProactiveEngagementStatus" + "ArtifactS3Location", + "Code", + "ExecutionRoleArn", + "Name", + "RuntimeVersion", + "Schedule" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::ProactiveEngagement" + "AWS::Synthetics::Canary" ], "type": "string" }, @@ -259718,161 +310552,228 @@ ], "type": "object" }, - "AWS::Shield::ProactiveEngagement.EmergencyContact": { + "AWS::Synthetics::Canary.ArtifactConfig": { "additionalProperties": false, "properties": { - "ContactNotes": { - "markdownDescription": "Additional notes regarding the contact.", - "title": "ContactNotes", - "type": "string" - }, - "EmailAddress": { - "markdownDescription": "The email address for the contact.", - "title": "EmailAddress", - "type": "string" + "S3Encryption": { + "$ref": "#/definitions/AWS::Synthetics::Canary.S3Encryption", + "markdownDescription": "A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3 . Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see [Encrypting canary artifacts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_artifact_encryption.html) .", + "title": "S3Encryption" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.BaseScreenshot": { + "additionalProperties": false, + "properties": { + "IgnoreCoordinates": { + "items": { + "type": "string" + }, + "markdownDescription": "Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch console to draw the boundaries on the screen. For more information, see [Edit or delete a canary](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/synthetics_canaries_deletion.html) .", + "title": "IgnoreCoordinates", + "type": "array" }, - "PhoneNumber": { - "markdownDescription": "The phone number for the contact.", - "title": "PhoneNumber", + "ScreenshotName": { + "markdownDescription": "The name of the screenshot. This is generated the first time the canary is run after the `UpdateCanary` operation that specified for this canary to perform visual monitoring.", + "title": "ScreenshotName", "type": "string" } }, "required": [ - "EmailAddress" + "ScreenshotName" ], "type": "object" }, - "AWS::Shield::Protection": { + "AWS::Synthetics::Canary.Code": { "additionalProperties": false, "properties": { - "Condition": { + "Handler": { + "markdownDescription": "The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` .", + "title": "Handler", "type": "string" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3Bucket": { + "markdownDescription": "If your canary script is located in S3, specify the bucket name here. The bucket must already exist.", + "title": "S3Bucket", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "S3Key": { + "markdownDescription": "The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .", + "title": "S3Key", + "type": "string" }, - "Metadata": { - "type": "object" + "S3ObjectVersion": { + "markdownDescription": "The Amazon S3 version ID of your script.", + "title": "S3ObjectVersion", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ApplicationLayerAutomaticResponseConfiguration": { - "$ref": "#/definitions/AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration", - "markdownDescription": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description.", - "title": "ApplicationLayerAutomaticResponseConfiguration" - }, - "HealthCheckArns": { - "items": { - "type": "string" - }, - "markdownDescription": "The ARN (Amazon Resource Name) of the health check to associate with the protection. Health-based detection provides improved responsiveness and accuracy in attack detection and mitigation.\n\nYou can use this option with any resource type except for Route\u00a053 hosted zones.\n\nFor more information, see [Configuring health-based detection using health checks](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-health-checks.html) in the *AWS Shield Advanced Developer Guide* .", - "title": "HealthCheckArns", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the protection. For example, `My CloudFront distributions` .\n\n> If you change the name of an existing protection, Shield Advanced deletes the protection and replaces it with a new one. While this is happening, the protection isn't available on the AWS resource.", - "title": "Name", - "type": "string" - }, - "ResourceArn": { - "markdownDescription": "The ARN (Amazon Resource Name) of the AWS resource that is protected.", - "title": "ResourceArn", + "Script": { + "markdownDescription": "If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB.", + "title": "Script", + "type": "string" + }, + "SourceLocationArn": { + "markdownDescription": "The ARN of the Lambda layer where Synthetics stores the canary script code.", + "title": "SourceLocationArn", + "type": "string" + } + }, + "required": [ + "Handler" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.RetryConfig": { + "additionalProperties": false, + "properties": { + "MaxRetries": { + "markdownDescription": "The maximum number of retries. The value must be less than or equal to two.", + "title": "MaxRetries", + "type": "number" + } + }, + "required": [ + "MaxRetries" + ], + "type": "object" + }, + "AWS::Synthetics::Canary.RunConfig": { + "additionalProperties": false, + "properties": { + "ActiveTracing": { + "markdownDescription": "Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see [Canaries and X-Ray tracing](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html) .\n\nYou can enable active tracing only for canaries that use version `syn-nodejs-2.0` or later for their canary runtime.", + "title": "ActiveTracing", + "type": "boolean" + }, + "EnvironmentVariables": { + "additionalProperties": true, + "markdownDescription": "Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:\n\n{ \"key1\" : \"value1\", \"key2\" : \"value2\", ...}\n\nKeys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see [Runtime environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", - "title": "Tags", - "type": "array" } }, - "required": [ - "Name", - "ResourceArn" - ], + "title": "EnvironmentVariables", "type": "object" }, - "Type": { - "enum": [ - "AWS::Shield::Protection" - ], + "EphemeralStorage": { + "markdownDescription": "Specifies the amount of ephemeral storage (in MB) to allocate for the canary run during execution. This temporary storage is used for storing canary run artifacts (which are uploaded to an Amazon S3 bucket at the end of the run), and any canary browser operations. This temporary storage is cleared after the run is completed. Default storage value is 1024 MB.", + "title": "EphemeralStorage", + "type": "number" + }, + "MemoryInMB": { + "markdownDescription": "The maximum amount of memory that the canary can use while running. This value must be a multiple of 64. The range is 960 to 3008.", + "title": "MemoryInMB", + "type": "number" + }, + "TimeoutInSeconds": { + "markdownDescription": "How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.\n\nIf you omit this field, the frequency of the canary is used as this value, up to a maximum of 900 seconds.", + "title": "TimeoutInSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Synthetics::Canary.S3Encryption": { + "additionalProperties": false, + "properties": { + "EncryptionMode": { + "markdownDescription": "The encryption method to use for artifacts created by this canary. Specify `SSE_S3` to use server-side encryption (SSE) with an Amazon S3-managed key. Specify `SSE-KMS` to use server-side encryption with a customer-managed AWS KMS key.\n\nIf you omit this parameter, an AWS -managed AWS KMS key is used.", + "title": "EncryptionMode", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "KmsKeyArn": { + "markdownDescription": "The ARN of the customer-managed AWS KMS key to use, if you specify `SSE-KMS` for `EncryptionMode`", + "title": "KmsKeyArn", "type": "string" } }, + "type": "object" + }, + "AWS::Synthetics::Canary.Schedule": { + "additionalProperties": false, + "properties": { + "DurationInSeconds": { + "markdownDescription": "How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.", + "title": "DurationInSeconds", + "type": "string" + }, + "Expression": { + "markdownDescription": "A `rate` expression or a `cron` expression that defines how often the canary is to run.\n\nFor a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` .\n\nFor example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` .\n\nSpecifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started.\n\nUse `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) .", + "title": "Expression", + "type": "string" + }, + "RetryConfig": { + "$ref": "#/definitions/AWS::Synthetics::Canary.RetryConfig", + "markdownDescription": "The canary's retry configuration information.", + "title": "RetryConfig" + } + }, "required": [ - "Type", - "Properties" + "Expression" ], "type": "object" }, - "AWS::Shield::Protection.Action": { + "AWS::Synthetics::Canary.VPCConfig": { "additionalProperties": false, "properties": { - "Block": { - "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Block\": {} }`\n\nExample YAML: `Block: {}`", - "title": "Block", - "type": "object" + "Ipv6AllowedForDualStack": { + "markdownDescription": "Set this to `true` to allow outbound IPv6 traffic on VPC canaries that are connected to dual-stack subnets. The default is `false` .", + "title": "Ipv6AllowedForDualStack", + "type": "boolean" }, - "Count": { - "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Count\": {} }`\n\nExample YAML: `Count: {}`", - "title": "Count", - "type": "object" + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups for this canary.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the subnets where this canary is to run.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The ID of the VPC where this canary is to run.", + "title": "VpcId", + "type": "string" } }, + "required": [ + "SecurityGroupIds", + "SubnetIds" + ], "type": "object" }, - "AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration": { + "AWS::Synthetics::Canary.VisualReference": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::Shield::Protection.Action", - "markdownDescription": "Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.", - "title": "Action" - }, - "Status": { - "markdownDescription": "Indicates whether automatic application layer DDoS mitigation is enabled for the protection.", - "title": "Status", + "BaseCanaryRunId": { + "markdownDescription": "Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are `nextrun` to use the screenshots from the next run after this update is made, `lastrun` to use the screenshots from the most recent run before this update was made, or the value of `Id` in the [CanaryRun](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CanaryRun.html) from any past run of this canary.", + "title": "BaseCanaryRunId", "type": "string" + }, + "BaseScreenshots": { + "items": { + "$ref": "#/definitions/AWS::Synthetics::Canary.BaseScreenshot" + }, + "markdownDescription": "An array of screenshots that are used as the baseline for comparisons during visual monitoring.", + "title": "BaseScreenshots", + "type": "array" } }, "required": [ - "Action", - "Status" + "BaseCanaryRunId" ], "type": "object" }, - "AWS::Shield::ProtectionGroup": { + "AWS::Synthetics::Group": { "additionalProperties": false, "properties": { "Condition": { @@ -259907,53 +310808,36 @@ "Properties": { "additionalProperties": false, "properties": { - "Aggregation": { - "markdownDescription": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n\n- `Sum` - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n- `Mean` - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n- `Max` - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.", - "title": "Aggregation", + "Name": { + "markdownDescription": "A name for the group. It can include any Unicode characters.\n\nThe names for all groups in your account, across all Regions, must be unique.", + "title": "Name", "type": "string" }, - "Members": { + "ResourceArns": { "items": { "type": "string" }, - "markdownDescription": "The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting.", - "title": "Members", + "markdownDescription": "The ARNs of the canaries that you want to associate with this group.", + "title": "ResourceArns", "type": "array" }, - "Pattern": { - "markdownDescription": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.", - "title": "Pattern", - "type": "string" - }, - "ProtectionGroupId": { - "markdownDescription": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.", - "title": "ProtectionGroupId", - "type": "string" - }, - "ResourceType": { - "markdownDescription": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting.", - "title": "ResourceType", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", + "markdownDescription": "The list of key-value pairs that are associated with the group.", "title": "Tags", "type": "array" } }, "required": [ - "Aggregation", - "Pattern", - "ProtectionGroupId" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Shield::ProtectionGroup" + "AWS::Synthetics::Group" ], "type": "string" }, @@ -259972,7 +310856,7 @@ ], "type": "object" }, - "AWS::Signer::ProfilePermission": { + "AWS::SystemsManagerSAP::Application": { "additionalProperties": false, "properties": { "Condition": { @@ -260007,123 +310891,73 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The AWS Signer action permitted as part of cross-account permissions.", - "title": "Action", + "ApplicationId": { + "markdownDescription": "The ID of the application.", + "title": "ApplicationId", "type": "string" }, - "Principal": { - "markdownDescription": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID.", - "title": "Principal", + "ApplicationType": { + "markdownDescription": "The type of the application.", + "title": "ApplicationType", "type": "string" }, - "ProfileName": { - "markdownDescription": "The human-readable name of the signing profile.", - "title": "ProfileName", - "type": "string" + "ComponentsInfo": { + "items": { + "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.ComponentInfo" + }, + "markdownDescription": "", + "title": "ComponentsInfo", + "type": "array" }, - "ProfileVersion": { - "markdownDescription": "The version of the signing profile.", - "title": "ProfileVersion", - "type": "string" + "Credentials": { + "items": { + "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.Credential" + }, + "markdownDescription": "The credentials of the SAP application.", + "title": "Credentials", + "type": "array" }, - "StatementId": { - "markdownDescription": "A unique identifier for the cross-account permission statement.", - "title": "StatementId", - "type": "string" - } - }, - "required": [ - "Action", - "Principal", - "ProfileName", - "StatementId" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Signer::ProfilePermission" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Signer::SigningProfile": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", + "DatabaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the database.", + "title": "DatabaseArn", "type": "string" }, - { + "Instances": { "items": { - "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, + "markdownDescription": "The Amazon EC2 instances on which your SAP application is running.", + "title": "Instances", "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "PlatformId": { - "markdownDescription": "The ID of a platform that is available for use by a signing profile.", - "title": "PlatformId", + }, + "SapInstanceNumber": { + "markdownDescription": "The SAP instance number of the application.", + "title": "SapInstanceNumber", "type": "string" }, - "SignatureValidityPeriod": { - "$ref": "#/definitions/AWS::Signer::SigningProfile.SignatureValidityPeriod", - "markdownDescription": "The validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months.", - "title": "SignatureValidityPeriod" + "Sid": { + "markdownDescription": "The System ID of the application.", + "title": "Sid", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags associated with the signing profile.", + "markdownDescription": "The tags on the application.", "title": "Tags", "type": "array" } }, "required": [ - "PlatformId" + "ApplicationId", + "ApplicationType" ], "type": "object" }, "Type": { "enum": [ - "AWS::Signer::SigningProfile" + "AWS::SystemsManagerSAP::Application" ], "type": "string" }, @@ -260142,23 +310976,49 @@ ], "type": "object" }, - "AWS::Signer::SigningProfile.SignatureValidityPeriod": { + "AWS::SystemsManagerSAP::Application.ComponentInfo": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "The time unit for signature validity: DAYS | MONTHS | YEARS.", - "title": "Type", + "ComponentType": { + "markdownDescription": "This string is the type of the component.\n\nAccepted value is `WD` .", + "title": "ComponentType", "type": "string" }, - "Value": { - "markdownDescription": "The numerical value of the time unit for signature validity.", - "title": "Value", - "type": "number" + "Ec2InstanceId": { + "markdownDescription": "This is the Amazon EC2 instance on which your SAP component is running.\n\nAccepted values are alphanumeric.", + "title": "Ec2InstanceId", + "type": "string" + }, + "Sid": { + "markdownDescription": "This string is the SAP System ID of the component.\n\nAccepted values are alphanumeric.", + "title": "Sid", + "type": "string" } }, "type": "object" }, - "AWS::SimSpaceWeaver::Simulation": { + "AWS::SystemsManagerSAP::Application.Credential": { + "additionalProperties": false, + "properties": { + "CredentialType": { + "markdownDescription": "The type of the application credentials.", + "title": "CredentialType", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The name of the SAP HANA database.", + "title": "DatabaseName", + "type": "string" + }, + "SecretId": { + "markdownDescription": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application.", + "title": "SecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Timestream::Database": { "additionalProperties": false, "properties": { "Condition": { @@ -260191,43 +311051,32 @@ "type": "object" }, "Properties": { - "additionalProperties": false, - "properties": { - "MaximumDuration": { - "markdownDescription": "The maximum running time of the simulation, specified as a number of minutes (m or M), hours (h or H), or days (d or D). The simulation stops when it reaches this limit. The maximum value is `14D` , or its equivalent in the other units. The default value is `14D` . A value equivalent to `0` makes the simulation immediately transition to `STOPPING` as soon as it reaches `STARTED` .", - "title": "MaximumDuration", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the simulation.", - "title": "Name", + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "The name of the Timestream database.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "DatabaseName", "type": "string" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management ( IAM ) role that the simulation assumes to perform actions. For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* . For more information about IAM roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *AWS Identity and Access Management User Guide* .", - "title": "RoleArn", + "KmsKeyId": { + "markdownDescription": "The identifier of the AWS KMS key used to encrypt the data stored in the database.", + "title": "KmsKeyId", "type": "string" }, - "SchemaS3Location": { - "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", - "markdownDescription": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` .", - "title": "SchemaS3Location" - }, - "SnapshotS3Location": { - "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", - "markdownDescription": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` .", - "title": "SnapshotS3Location" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the database.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Name", - "RoleArn" - ], "type": "object" }, "Type": { "enum": [ - "AWS::SimSpaceWeaver::Simulation" + "AWS::Timestream::Database" ], "type": "string" }, @@ -260241,32 +311090,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::SimSpaceWeaver::Simulation.S3Location": { - "additionalProperties": false, - "properties": { - "BucketName": { - "markdownDescription": "The name of an Amazon S3 bucket. For more information about buckets, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "BucketName", - "type": "string" - }, - "ObjectKey": { - "markdownDescription": "The key name of an object in Amazon S3. For more information about Amazon S3 objects and object keys, see [Uploading, downloading, and working with objects in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/uploading-downloading-objects.html) in the *Amazon Simple Storage Service User Guide* .", - "title": "ObjectKey", - "type": "string" - } - }, - "required": [ - "BucketName", - "ObjectKey" + "Type" ], "type": "object" }, - "AWS::StepFunctions::Activity": { + "AWS::Timestream::InfluxDBInstance": { "additionalProperties": false, "properties": { "Condition": { @@ -260301,28 +311129,106 @@ "Properties": { "additionalProperties": false, "properties": { + "AllocatedStorage": { + "markdownDescription": "The amount of storage to allocate for your DB storage type in GiB (gibibytes).", + "title": "AllocatedStorage", + "type": "number" + }, + "Bucket": { + "markdownDescription": "The name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization.", + "title": "Bucket", + "type": "string" + }, + "DbInstanceType": { + "markdownDescription": "The Timestream for InfluxDB DB instance type to run on.", + "title": "DbInstanceType", + "type": "string" + }, + "DbParameterGroupIdentifier": { + "markdownDescription": "The name or id of the DB parameter group to assign to your DB instance. DB parameter groups specify how the database is configured. For example, DB parameter groups can specify the limit for query concurrency.", + "title": "DbParameterGroupIdentifier", + "type": "string" + }, + "DbStorageType": { + "markdownDescription": "The Timestream for InfluxDB DB storage type to read and write InfluxDB data.\n\nYou can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements:\n\n- Influx IO Included 3000 IOPS\n- Influx IO Included 12000 IOPS\n- Influx IO Included 16000 IOPS", + "title": "DbStorageType", + "type": "string" + }, + "DeploymentType": { + "markdownDescription": "Specifies whether the Timestream for InfluxDB is deployed as Single-AZ or with a MultiAZ Standby for High availability.", + "title": "DeploymentType", + "type": "string" + }, + "LogDeliveryConfiguration": { + "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration", + "markdownDescription": "Configuration for sending InfluxDB engine logs to a specified S3 bucket.", + "title": "LogDeliveryConfiguration" + }, "Name": { - "markdownDescription": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` , `U+FFFE-FFFF` )\n- surrogates ( `U+D800-DFFF` )\n- invalid characters ( `U+10FFFF` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", + "markdownDescription": "The name that uniquely identifies the DB instance when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. DB instance names must be unique per customer and per region.", "title": "Name", "type": "string" }, + "NetworkType": { + "markdownDescription": "", + "title": "NetworkType", + "type": "string" + }, + "Organization": { + "markdownDescription": "The name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users.", + "title": "Organization", + "type": "string" + }, + "Password": { + "markdownDescription": "The password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon SecretManager in your account.", + "title": "Password", + "type": "string" + }, + "Port": { + "markdownDescription": "", + "title": "Port", + "type": "number" + }, + "PubliclyAccessible": { + "markdownDescription": "Configures the DB instance with a public IP to facilitate access.", + "title": "PubliclyAccessible", + "type": "boolean" + }, "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::Activity.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "markdownDescription": "A list of key-value pairs to associate with the DB instance.", "title": "Tags", "type": "array" + }, + "Username": { + "markdownDescription": "The username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. For example, my-user1. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon Secrets Manager in your account.", + "title": "Username", + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC security group IDs to associate with the DB instance.", + "title": "VpcSecurityGroupIds", + "type": "array" + }, + "VpcSubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of VPC subnet IDs to associate with the DB instance. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.", + "title": "VpcSubnetIds", + "type": "array" } }, - "required": [ - "Name" - ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::Activity" + "AWS::Timestream::InfluxDBInstance" ], "type": "string" }, @@ -260336,32 +311242,45 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::StepFunctions::Activity.TagsEntry": { + "AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The `key` for a key-value pair in a tag entry.", - "title": "Key", + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.S3Configuration", + "markdownDescription": "Configuration for S3 bucket log delivery", + "title": "S3Configuration" + } + }, + "required": [ + "S3Configuration" + ], + "type": "object" + }, + "AWS::Timestream::InfluxDBInstance.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name of the customer S3 bucket.", + "title": "BucketName", "type": "string" }, - "Value": { - "markdownDescription": "The `value` for a key-value pair in a tag entry.", - "title": "Value", - "type": "string" + "Enabled": { + "markdownDescription": "Indicates whether log delivery to the S3 bucket is enabled.", + "title": "Enabled", + "type": "boolean" } }, "required": [ - "Key", - "Value" + "BucketName", + "Enabled" ], "type": "object" }, - "AWS::StepFunctions::StateMachine": { + "AWS::Timestream::ScheduledQuery": { "additionalProperties": false, "properties": { "Condition": { @@ -260396,74 +311315,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", - "title": "Definition", - "type": "object" + "ClientToken": { + "markdownDescription": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request.", + "title": "ClientToken", + "type": "string" }, - "DefinitionS3Location": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.S3Location", - "markdownDescription": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file.", - "title": "DefinitionS3Location" + "ErrorReportConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ErrorReportConfiguration", + "markdownDescription": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results.", + "title": "ErrorReportConfiguration" }, - "DefinitionString": { - "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", - "title": "DefinitionString", + "KmsKeyId": { + "markdownDescription": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest.", + "title": "KmsKeyId", "type": "string" }, - "DefinitionSubstitutions": { - "additionalProperties": true, - "markdownDescription": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "object" - } - }, - "title": "DefinitionSubstitutions", - "type": "object" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LoggingConfiguration", - "markdownDescription": "Defines what execution history events are logged and where they are logged.\n\n> By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.", - "title": "LoggingConfiguration" + "NotificationConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.NotificationConfiguration", + "markdownDescription": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it.", + "title": "NotificationConfiguration" }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.", - "title": "RoleArn", + "QueryString": { + "markdownDescription": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query.", + "title": "QueryString", "type": "string" }, - "StateMachineName": { - "markdownDescription": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "title": "StateMachineName", + "ScheduleConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ScheduleConfiguration", + "markdownDescription": "Schedule configuration.", + "title": "ScheduleConfiguration" + }, + "ScheduledQueryExecutionRoleArn": { + "markdownDescription": "The ARN for the IAM role that Timestream will assume when running the scheduled query.", + "title": "ScheduledQueryExecutionRoleArn", "type": "string" }, - "StateMachineType": { - "markdownDescription": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide.", - "title": "StateMachineType", + "ScheduledQueryName": { + "markdownDescription": "A name for the query. Scheduled query names must be unique within each Region.", + "title": "ScheduledQueryName", "type": "string" }, "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TagsEntry" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", + "markdownDescription": "A list of key-value pairs to label the scheduled query.", "title": "Tags", "type": "array" }, - "TracingConfiguration": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TracingConfiguration", - "markdownDescription": "Selects whether or not the state machine's AWS X-Ray tracing is enabled.", - "title": "TracingConfiguration" + "TargetConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TargetConfiguration", + "markdownDescription": "Scheduled query target store configuration.", + "title": "TargetConfiguration" } }, "required": [ - "RoleArn" + "ErrorReportConfiguration", + "NotificationConfiguration", + "QueryString", + "ScheduleConfiguration", + "ScheduledQueryExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachine" + "AWS::Timestream::ScheduledQuery" ], "type": "string" }, @@ -260482,109 +311399,258 @@ ], "type": "object" }, - "AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup": { + "AWS::Timestream::ScheduledQuery.DimensionMapping": { "additionalProperties": false, "properties": { - "LogGroupArn": { - "markdownDescription": "The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*`", - "title": "LogGroupArn", + "DimensionValueType": { + "markdownDescription": "Type for the dimension: VARCHAR", + "title": "DimensionValueType", + "type": "string" + }, + "Name": { + "markdownDescription": "Column name from query result.", + "title": "Name", "type": "string" } }, + "required": [ + "DimensionValueType", + "Name" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.LogDestination": { + "AWS::Timestream::ScheduledQuery.ErrorReportConfiguration": { "additionalProperties": false, "properties": { - "CloudWatchLogsLogGroup": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup", - "markdownDescription": "An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the AWS CloudFormation User Guide.", - "title": "CloudWatchLogsLogGroup" + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.S3Configuration", + "markdownDescription": "The S3 configuration for the error reports.", + "title": "S3Configuration" } }, + "required": [ + "S3Configuration" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.LoggingConfiguration": { + "AWS::Timestream::ScheduledQuery.MixedMeasureMapping": { "additionalProperties": false, "properties": { - "Destinations": { + "MeasureName": { + "markdownDescription": "Refers to the value of measure_name in a result row. This field is required if MeasureNameColumn is provided.", + "title": "MeasureName", + "type": "string" + }, + "MeasureValueType": { + "markdownDescription": "Type of the value that is to be read from sourceColumn. If the mapping is for MULTI, use MeasureValueType.MULTI.", + "title": "MeasureValueType", + "type": "string" + }, + "MultiMeasureAttributeMappings": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LogDestination" + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" }, - "markdownDescription": "An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` .", - "title": "Destinations", + "markdownDescription": "Required when measureValueType is MULTI. Attribute mappings for MULTI value measures.", + "title": "MultiMeasureAttributeMappings", "type": "array" }, - "IncludeExecutionData": { - "markdownDescription": "Determines whether execution data is included in your log. When set to `false` , data is excluded.", - "title": "IncludeExecutionData", - "type": "boolean" + "SourceColumn": { + "markdownDescription": "This field refers to the source column from which measure-value is to be read for result materialization.", + "title": "SourceColumn", + "type": "string" }, - "Level": { - "markdownDescription": "Defines which category of execution history events are logged.", - "title": "Level", + "TargetMeasureName": { + "markdownDescription": "Target measure name to be used. If not provided, the target measure name by default would be measure-name if provided, or sourceColumn otherwise.", + "title": "TargetMeasureName", "type": "string" } }, + "required": [ + "MeasureValueType" + ], "type": "object" }, - "AWS::StepFunctions::StateMachine.S3Location": { + "AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "The name of the S3 bucket where the state machine definition JSON or YAML file is stored.", - "title": "Bucket", + "MeasureValueType": { + "markdownDescription": "Type of the attribute to be read from the source column.", + "title": "MeasureValueType", "type": "string" }, - "Key": { - "markdownDescription": "The name of the state machine definition file (Amazon S3 object name).", - "title": "Key", + "SourceColumn": { + "markdownDescription": "Source column from where the attribute value is to be read.", + "title": "SourceColumn", "type": "string" }, - "Version": { - "markdownDescription": "For versioning-enabled buckets, a specific version of the state machine definition.", - "title": "Version", + "TargetMultiMeasureAttributeName": { + "markdownDescription": "Custom name to be used for attribute name in derived table. If not provided, source column name would be used.", + "title": "TargetMultiMeasureAttributeName", "type": "string" } }, "required": [ - "Bucket", - "Key" + "MeasureValueType", + "SourceColumn" ], "type": "object" }, - "AWS::StepFunctions::StateMachine.TagsEntry": { + "AWS::Timestream::ScheduledQuery.MultiMeasureMappings": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The `key` for a key-value pair in a tag entry.", - "title": "Key", + "MultiMeasureAttributeMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + }, + "markdownDescription": "Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes.", + "title": "MultiMeasureAttributeMappings", + "type": "array" + }, + "TargetMultiMeasureName": { + "markdownDescription": "The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name.", + "title": "TargetMultiMeasureName", + "type": "string" + } + }, + "required": [ + "MultiMeasureAttributeMappings" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.NotificationConfiguration": { + "additionalProperties": false, + "properties": { + "SnsConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.SnsConfiguration", + "markdownDescription": "Details on SNS configuration.", + "title": "SnsConfiguration" + } + }, + "required": [ + "SnsConfiguration" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "Name of the S3 bucket under which error reports will be created.", + "title": "BucketName", "type": "string" }, - "Value": { - "markdownDescription": "The `value` for a key-value pair in a tag entry.", - "title": "Value", + "EncryptionOption": { + "markdownDescription": "Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default.", + "title": "EncryptionOption", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "Prefix for the error report key. Timestream by default adds the following prefix to the error report path.", + "title": "ObjectKeyPrefix", "type": "string" } }, "required": [ - "Key", - "Value" + "BucketName" ], "type": "object" }, - "AWS::StepFunctions::StateMachine.TracingConfiguration": { + "AWS::Timestream::ScheduledQuery.ScheduleConfiguration": { "additionalProperties": false, "properties": { - "Enabled": { - "markdownDescription": "When set to `true` , X-Ray tracing is enabled.", - "title": "Enabled", - "type": "boolean" + "ScheduleExpression": { + "markdownDescription": "An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression.", + "title": "ScheduleExpression", + "type": "string" } }, + "required": [ + "ScheduleExpression" + ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias": { + "AWS::Timestream::ScheduledQuery.SnsConfiguration": { + "additionalProperties": false, + "properties": { + "TopicArn": { + "markdownDescription": "SNS topic ARN that the scheduled query status notifications will be sent to.", + "title": "TopicArn", + "type": "string" + } + }, + "required": [ + "TopicArn" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.TargetConfiguration": { + "additionalProperties": false, + "properties": { + "TimestreamConfiguration": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TimestreamConfiguration", + "markdownDescription": "Configuration needed to write data into the Timestream database and table.", + "title": "TimestreamConfiguration" + } + }, + "required": [ + "TimestreamConfiguration" + ], + "type": "object" + }, + "AWS::Timestream::ScheduledQuery.TimestreamConfiguration": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "markdownDescription": "Name of Timestream database to which the query result will be written.", + "title": "DatabaseName", + "type": "string" + }, + "DimensionMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.DimensionMapping" + }, + "markdownDescription": "This is to allow mapping column(s) from the query result to the dimension in the destination table.", + "title": "DimensionMappings", + "type": "array" + }, + "MeasureNameColumn": { + "markdownDescription": "Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` .", + "title": "MeasureNameColumn", + "type": "string" + }, + "MixedMeasureMappings": { + "items": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MixedMeasureMapping" + }, + "markdownDescription": "Specifies how to map measures to multi-measure records.", + "title": "MixedMeasureMappings", + "type": "array" + }, + "MultiMeasureMappings": { + "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureMappings", + "markdownDescription": "Multi-measure mappings.", + "title": "MultiMeasureMappings" + }, + "TableName": { + "markdownDescription": "Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration.", + "title": "TableName", + "type": "string" + }, + "TimeColumn": { + "markdownDescription": "Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP.", + "title": "TimeColumn", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "DimensionMappings", + "TableName", + "TimeColumn" + ], + "type": "object" + }, + "AWS::Timestream::Table": { "additionalProperties": false, "properties": { "Condition": { @@ -260619,35 +311685,48 @@ "Properties": { "additionalProperties": false, "properties": { - "DeploymentPreference": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.DeploymentPreference", - "markdownDescription": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", - "title": "DeploymentPreference" - }, - "Description": { - "markdownDescription": "An optional description of the state machine alias.", - "title": "Description", + "DatabaseName": { + "markdownDescription": "The name of the Timestream database that contains this table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "DatabaseName", "type": "string" }, - "Name": { - "markdownDescription": "The name of the state machine alias. If you don't provide a name, it uses an automatically generated name based on the logical ID.", - "title": "Name", + "MagneticStoreWriteProperties": { + "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreWriteProperties", + "markdownDescription": "Contains properties to set on the table when enabling magnetic store writes.\n\nThis object has the following attributes:\n\n- *EnableMagneticStoreWrites* : A `boolean` flag to enable magnetic store writes.\n- *MagneticStoreRejectedDataLocation* : The location to write error reports for records rejected, asynchronously, during magnetic store writes. Only `S3Configuration` objects are allowed. The `S3Configuration` object has the following attributes:\n\n- *BucketName* : The name of the S3 bucket.\n- *EncryptionOption* : The encryption option for the S3 location. Valid values are S3 server-side encryption with an S3 managed key ( `SSE_S3` ) or AWS managed key ( `SSE_KMS` ).\n- *KmsKeyId* : The AWS KMS key ID to use when encrypting with an AWS managed key.\n- *ObjectKeyPrefix* : The prefix to use option for the objects stored in S3.\n\nBoth `BucketName` and `EncryptionOption` are *required* when `S3Configuration` is specified. If you specify `SSE_KMS` as your `EncryptionOption` then `KmsKeyId` is *required* .\n\n`EnableMagneticStoreWrites` attribute is *required* when `MagneticStoreWriteProperties` is specified. `MagneticStoreRejectedDataLocation` attribute is *required* when `EnableMagneticStoreWrites` is set to `true` .\n\nSee the following examples:\n\n*JSON*\n\n```json\n{ \"Type\" : AWS::Timestream::Table\", \"Properties\":{ \"DatabaseName\":\"TestDatabase\", \"TableName\":\"TestTable\", \"MagneticStoreWriteProperties\":{ \"EnableMagneticStoreWrites\":true, \"MagneticStoreRejectedDataLocation\":{ \"S3Configuration\":{ \"BucketName\":\" amzn-s3-demo-bucket \", \"EncryptionOption\":\"SSE_KMS\", \"KmsKeyId\":\"1234abcd-12ab-34cd-56ef-1234567890ab\", \"ObjectKeyPrefix\":\"prefix\" } } } }\n}\n```\n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" MagneticStoreWriteProperties: EnableMagneticStoreWrites: true MagneticStoreRejectedDataLocation: S3Configuration: BucketName: \" amzn-s3-demo-bucket \" EncryptionOption: \"SSE_KMS\" KmsKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\" ObjectKeyPrefix: \"prefix\"\n```", + "title": "MagneticStoreWriteProperties" + }, + "RetentionProperties": { + "$ref": "#/definitions/AWS::Timestream::Table.RetentionProperties", + "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", + "title": "RetentionProperties" + }, + "Schema": { + "$ref": "#/definitions/AWS::Timestream::Table.Schema", + "markdownDescription": "The schema of the table.", + "title": "Schema" + }, + "TableName": { + "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", + "title": "TableName", "type": "string" }, - "RoutingConfiguration": { + "Tags": { "items": { - "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties.", - "title": "RoutingConfiguration", + "markdownDescription": "The tags to add to the table", + "title": "Tags", "type": "array" } }, + "required": [ + "DatabaseName" + ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachineAlias" + "AWS::Timestream::Table" ], "type": "string" }, @@ -260661,69 +311740,126 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias.DeploymentPreference": { + "AWS::Timestream::Table.MagneticStoreRejectedDataLocation": { "additionalProperties": false, "properties": { - "Alarms": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of Amazon CloudWatch alarm names to be monitored during the deployment. The deployment fails and rolls back if any of these alarms go into the `ALARM` state.\n\n> Amazon CloudWatch considers nonexistent alarms to have an `OK` state. If you provide an invalid alarm name or provide the ARN of an alarm instead of its name, your deployment may not roll back correctly.", - "title": "Alarms", - "type": "array" - }, - "Interval": { - "markdownDescription": "The time in minutes between each traffic shifting increment.", - "title": "Interval", - "type": "number" + "S3Configuration": { + "$ref": "#/definitions/AWS::Timestream::Table.S3Configuration", + "markdownDescription": "Configuration of an S3 location to write error reports for records rejected, asynchronously, during magnetic store writes.", + "title": "S3Configuration" + } + }, + "type": "object" + }, + "AWS::Timestream::Table.MagneticStoreWriteProperties": { + "additionalProperties": false, + "properties": { + "EnableMagneticStoreWrites": { + "markdownDescription": "A flag to enable magnetic store writes.", + "title": "EnableMagneticStoreWrites", + "type": "boolean" }, - "Percentage": { - "markdownDescription": "The percentage of traffic to shift to the new version in each increment.", - "title": "Percentage", - "type": "number" + "MagneticStoreRejectedDataLocation": { + "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreRejectedDataLocation", + "markdownDescription": "The location to write error reports for records rejected asynchronously during magnetic store writes.", + "title": "MagneticStoreRejectedDataLocation" + } + }, + "required": [ + "EnableMagneticStoreWrites" + ], + "type": "object" + }, + "AWS::Timestream::Table.PartitionKey": { + "additionalProperties": false, + "properties": { + "EnforcementInRecord": { + "markdownDescription": "The level of enforcement for the specification of a dimension key in ingested records. Options are REQUIRED (dimension key must be specified) and OPTIONAL (dimension key does not have to be specified).", + "title": "EnforcementInRecord", + "type": "string" }, - "StateMachineVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete.\n\nWhile performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead.", - "title": "StateMachineVersionArn", + "Name": { + "markdownDescription": "The name of the attribute used for a dimension key.", + "title": "Name", "type": "string" }, "Type": { - "markdownDescription": "The type of deployment you want to perform. You can specify one of the following types:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", + "markdownDescription": "The type of the partition key. Options are DIMENSION (dimension key) and MEASURE (measure key).", "title": "Type", "type": "string" } }, "required": [ - "StateMachineVersionArn", "Type" ], "type": "object" }, - "AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion": { + "AWS::Timestream::Table.RetentionProperties": { "additionalProperties": false, "properties": { - "StateMachineVersionArn": { - "markdownDescription": "The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration.\n\nIf you specify the ARN of a second version, it must belong to the same state machine as the first version.", - "title": "StateMachineVersionArn", + "MagneticStoreRetentionPeriodInDays": { + "markdownDescription": "The duration for which data must be stored in the magnetic store.", + "title": "MagneticStoreRetentionPeriodInDays", "type": "string" }, - "Weight": { - "markdownDescription": "The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100.", - "title": "Weight", - "type": "number" + "MemoryStoreRetentionPeriodInHours": { + "markdownDescription": "The duration for which data must be stored in the memory store.", + "title": "MemoryStoreRetentionPeriodInHours", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Timestream::Table.S3Configuration": { + "additionalProperties": false, + "properties": { + "BucketName": { + "markdownDescription": "The bucket name of the customer S3 bucket.", + "title": "BucketName", + "type": "string" + }, + "EncryptionOption": { + "markdownDescription": "The encryption option for the customer S3 location. Options are S3 server-side encryption with an S3 managed key or AWS managed key.", + "title": "EncryptionOption", + "type": "string" + }, + "KmsKeyId": { + "markdownDescription": "The AWS KMS key ID for the customer S3 location when encrypting with an AWS managed key.", + "title": "KmsKeyId", + "type": "string" + }, + "ObjectKeyPrefix": { + "markdownDescription": "The object key preview for the customer S3 location.", + "title": "ObjectKeyPrefix", + "type": "string" } }, "required": [ - "StateMachineVersionArn", - "Weight" + "BucketName", + "EncryptionOption" ], "type": "object" }, - "AWS::StepFunctions::StateMachineVersion": { + "AWS::Timestream::Table.Schema": { + "additionalProperties": false, + "properties": { + "CompositePartitionKey": { + "items": { + "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" + }, + "markdownDescription": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed.", + "title": "CompositePartitionKey", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Transfer::Agreement": { "additionalProperties": false, "properties": { "Condition": { @@ -260758,30 +311894,76 @@ "Properties": { "additionalProperties": false, "properties": { + "AccessRole": { + "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", + "title": "AccessRole", + "type": "string" + }, + "BaseDirectory": { + "markdownDescription": "The landing directory (folder) for files that are transferred by using the AS2 protocol.", + "title": "BaseDirectory", + "type": "string" + }, + "CustomDirectories": { + "$ref": "#/definitions/AWS::Transfer::Agreement.CustomDirectories", + "markdownDescription": "A `CustomDirectoriesType` structure. This structure specifies custom directories for storing various AS2 message files. You can specify directories for the following types of files.\n\n- Failed files\n- MDN files\n- Payload files\n- Status files\n- Temporary files", + "title": "CustomDirectories" + }, "Description": { - "markdownDescription": "An optional description of the state machine version.", + "markdownDescription": "The name or short description that's used to identify the agreement.", "title": "Description", "type": "string" }, - "StateMachineArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the state machine.", - "title": "StateMachineArn", + "EnforceMessageSigning": { + "markdownDescription": "Determines whether or not unsigned messages from your trading partners will be accepted.\n\n- `ENABLED` : Transfer Family rejects unsigned messages from your trading partner.\n- `DISABLED` (default value): Transfer Family accepts unsigned messages from your trading partner.", + "title": "EnforceMessageSigning", "type": "string" }, - "StateMachineRevisionId": { - "markdownDescription": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine\u2019s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` .", - "title": "StateMachineRevisionId", + "LocalProfileId": { + "markdownDescription": "A unique identifier for the AS2 local profile.", + "title": "LocalProfileId", + "type": "string" + }, + "PartnerProfileId": { + "markdownDescription": "A unique identifier for the partner profile used in the agreement.", + "title": "PartnerProfileId", + "type": "string" + }, + "PreserveFilename": { + "markdownDescription": "Determines whether or not Transfer Family appends a unique string of characters to the end of the AS2 message payload filename when saving it.\n\n- `ENABLED` : the filename provided by your trading parter is preserved when the file is saved.\n- `DISABLED` (default value): when Transfer Family saves the file, the filename is adjusted, as described in [File names and locations](https://docs.aws.amazon.com/transfer/latest/userguide/send-as2-messages.html#file-names-as2) .", + "title": "PreserveFilename", + "type": "string" + }, + "ServerId": { + "markdownDescription": "A system-assigned unique identifier for a server instance. This identifier indicates the specific server that the agreement uses.", + "title": "ServerId", + "type": "string" + }, + "Status": { + "markdownDescription": "The current status of the agreement, either `ACTIVE` or `INACTIVE` .", + "title": "Status", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for agreements.", + "title": "Tags", + "type": "array" } }, "required": [ - "StateMachineArn" + "AccessRole", + "LocalProfileId", + "PartnerProfileId", + "ServerId" ], "type": "object" }, "Type": { "enum": [ - "AWS::StepFunctions::StateMachineVersion" + "AWS::Transfer::Agreement" ], "type": "string" }, @@ -260800,7 +311982,45 @@ ], "type": "object" }, - "AWS::SupportApp::AccountAlias": { + "AWS::Transfer::Agreement.CustomDirectories": { + "additionalProperties": false, + "properties": { + "FailedFilesDirectory": { + "markdownDescription": "", + "title": "FailedFilesDirectory", + "type": "string" + }, + "MdnFilesDirectory": { + "markdownDescription": "", + "title": "MdnFilesDirectory", + "type": "string" + }, + "PayloadFilesDirectory": { + "markdownDescription": "", + "title": "PayloadFilesDirectory", + "type": "string" + }, + "StatusFilesDirectory": { + "markdownDescription": "", + "title": "StatusFilesDirectory", + "type": "string" + }, + "TemporaryFilesDirectory": { + "markdownDescription": "", + "title": "TemporaryFilesDirectory", + "type": "string" + } + }, + "required": [ + "FailedFilesDirectory", + "MdnFilesDirectory", + "PayloadFilesDirectory", + "StatusFilesDirectory", + "TemporaryFilesDirectory" + ], + "type": "object" + }, + "AWS::Transfer::Certificate": { "additionalProperties": false, "properties": { "Condition": { @@ -260835,20 +312055,59 @@ "Properties": { "additionalProperties": false, "properties": { - "AccountAlias": { - "markdownDescription": "An alias or short name for an AWS account .", - "title": "AccountAlias", + "ActiveDate": { + "markdownDescription": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", + "title": "ActiveDate", + "type": "string" + }, + "Certificate": { + "markdownDescription": "The file name for the certificate.", + "title": "Certificate", + "type": "string" + }, + "CertificateChain": { + "markdownDescription": "The list of certificates that make up the chain for the certificate.", + "title": "CertificateChain", + "type": "string" + }, + "Description": { + "markdownDescription": "The name or description that's used to identity the certificate.", + "title": "Description", + "type": "string" + }, + "InactiveDate": { + "markdownDescription": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", + "title": "InactiveDate", + "type": "string" + }, + "PrivateKey": { + "markdownDescription": "The file that contains the private key for the certificate that's being imported.", + "title": "PrivateKey", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for certificates.", + "title": "Tags", + "type": "array" + }, + "Usage": { + "markdownDescription": "Specifies how this certificate is used. It can be used in the following ways:\n\n- `SIGNING` : For signing AS2 messages\n- `ENCRYPTION` : For encrypting AS2 messages\n- `TLS` : For securing AS2 communications sent over HTTPS", + "title": "Usage", "type": "string" } }, "required": [ - "AccountAlias" + "Certificate", + "Usage" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::AccountAlias" + "AWS::Transfer::Certificate" ], "type": "string" }, @@ -260867,7 +312126,7 @@ ], "type": "object" }, - "AWS::SupportApp::SlackChannelConfiguration": { + "AWS::Transfer::Connector": { "additionalProperties": false, "properties": { "Condition": { @@ -260902,58 +312161,54 @@ "Properties": { "additionalProperties": false, "properties": { - "ChannelId": { - "markdownDescription": "The channel ID in Slack. This ID identifies a channel within a Slack workspace.", - "title": "ChannelId", + "AccessRole": { + "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", + "title": "AccessRole", "type": "string" }, - "ChannelName": { - "markdownDescription": "The channel name in Slack. This is the channel where you invite the AWS Support App .", - "title": "ChannelName", - "type": "string" + "As2Config": { + "$ref": "#/definitions/AWS::Transfer::Connector.As2Config", + "markdownDescription": "A structure that contains the parameters for an AS2 connector object.", + "title": "As2Config" }, - "ChannelRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for this Slack channel configuration. The App uses this role to perform and Service Quotas actions on your behalf.", - "title": "ChannelRoleArn", + "LoggingRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.", + "title": "LoggingRole", "type": "string" }, - "NotifyOnAddCorrespondenceToCase": { - "markdownDescription": "Whether to get notified when a correspondence is added to your support cases.", - "title": "NotifyOnAddCorrespondenceToCase", - "type": "boolean" - }, - "NotifyOnCaseSeverity": { - "markdownDescription": "The case severity for your support cases that you want to receive notifications. You can specify `none` , `all` , or `high` .", - "title": "NotifyOnCaseSeverity", + "SecurityPolicyName": { + "markdownDescription": "The text name of the security policy for the specified connector.", + "title": "SecurityPolicyName", "type": "string" }, - "NotifyOnCreateOrReopenCase": { - "markdownDescription": "Whether to get notified when your support cases are created or reopened", - "title": "NotifyOnCreateOrReopenCase", - "type": "boolean" + "SftpConfig": { + "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig", + "markdownDescription": "A structure that contains the parameters for an SFTP connector object.", + "title": "SftpConfig" }, - "NotifyOnResolveCase": { - "markdownDescription": "Whether to get notified when your support cases are resolved.", - "title": "NotifyOnResolveCase", - "type": "boolean" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for connectors.", + "title": "Tags", + "type": "array" }, - "TeamId": { - "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace.", - "title": "TeamId", + "Url": { + "markdownDescription": "The URL of the partner's AS2 or SFTP endpoint.", + "title": "Url", "type": "string" } }, "required": [ - "ChannelId", - "ChannelRoleArn", - "NotifyOnCaseSeverity", - "TeamId" + "AccessRole", + "Url" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::SlackChannelConfiguration" + "AWS::Transfer::Connector" ], "type": "string" }, @@ -260972,7 +312227,87 @@ ], "type": "object" }, - "AWS::SupportApp::SlackWorkspaceConfiguration": { + "AWS::Transfer::Connector.As2Config": { + "additionalProperties": false, + "properties": { + "BasicAuthSecretId": { + "markdownDescription": "Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication, you must provide the name or Amazon Resource Name (ARN) of a secret in AWS Secrets Manager .\n\nThe default value for this parameter is `null` , which indicates that Basic authentication is not enabled for the connector.\n\nIf the connector should use Basic authentication, the secret needs to be in the following format:\n\n`{ \"Username\": \"user-name\", \"Password\": \"user-password\" }`\n\nReplace `user-name` and `user-password` with the credentials for the actual user that is being authenticated.\n\nNote the following:\n\n- You are storing these credentials in Secrets Manager, *not passing them directly* into this API.\n- If you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication. However, if you are using the AWS management console, you can have the system create the secret for you.\n\nIf you have previously enabled Basic authentication for a connector, you can disable it by using the `UpdateConnector` API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:\n\n`update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=\"\"'`", + "title": "BasicAuthSecretId", + "type": "string" + }, + "Compression": { + "markdownDescription": "Specifies whether the AS2 file is compressed.", + "title": "Compression", + "type": "string" + }, + "EncryptionAlgorithm": { + "markdownDescription": "The algorithm that is used to encrypt the file.\n\nNote the following:\n\n- Do not use the `DES_EDE3_CBC` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.\n- You can only specify `NONE` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.", + "title": "EncryptionAlgorithm", + "type": "string" + }, + "LocalProfileId": { + "markdownDescription": "A unique identifier for the AS2 local profile.", + "title": "LocalProfileId", + "type": "string" + }, + "MdnResponse": { + "markdownDescription": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", + "title": "MdnResponse", + "type": "string" + }, + "MdnSigningAlgorithm": { + "markdownDescription": "The signing algorithm for the MDN response.\n\n> If set to DEFAULT (or not set at all), the value for `SigningAlgorithm` is used.", + "title": "MdnSigningAlgorithm", + "type": "string" + }, + "MessageSubject": { + "markdownDescription": "Used as the `Subject` HTTP header attribute in AS2 messages that are being sent with the connector.", + "title": "MessageSubject", + "type": "string" + }, + "PartnerProfileId": { + "markdownDescription": "A unique identifier for the partner profile for the connector.", + "title": "PartnerProfileId", + "type": "string" + }, + "PreserveContentType": { + "markdownDescription": "", + "title": "PreserveContentType", + "type": "string" + }, + "SigningAlgorithm": { + "markdownDescription": "The algorithm that is used to sign the AS2 messages sent with the connector.", + "title": "SigningAlgorithm", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Connector.SftpConfig": { + "additionalProperties": false, + "properties": { + "MaxConcurrentConnections": { + "markdownDescription": "Specify the number of concurrent connections that your connector creates to the remote server. The default value is `1` . The maximum values is `5` .\n\n> If you are using the AWS Management Console , the default value is `5` . \n\nThis parameter specifies the number of active connections that your connector can establish with the remote server at the same time. Increasing this value can enhance connector performance when transferring large file batches by enabling parallel operations.", + "title": "MaxConcurrentConnections", + "type": "number" + }, + "TrustedHostKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\n> `TrustedHostKeys` is optional for `CreateConnector` . If not provided, you can use `TestConnection` to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key. \n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... - Required when creating an SFTP connector\n> - Optional when updating an existing SFTP connector", + "title": "UserSecretId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Profile": { "additionalProperties": false, "properties": { "Condition": { @@ -261007,25 +312342,42 @@ "Properties": { "additionalProperties": false, "properties": { - "TeamId": { - "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace, such as `T012ABCDEFG` .", - "title": "TeamId", + "As2Id": { + "markdownDescription": "The `As2Id` is the *AS2-name* , as defined in the [RFC 4130](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc4130) . For inbound transfers, this is the `AS2-From` header for the AS2 messages sent from the partner. For outbound connectors, this is the `AS2-To` header for the AS2 messages sent to the partner using the `StartFileTransfer` API operation. This ID cannot include spaces.", + "title": "As2Id", "type": "string" }, - "VersionId": { - "markdownDescription": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation , such as `100` .", - "title": "VersionId", + "CertificateIds": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.", + "title": "CertificateIds", + "type": "array" + }, + "ProfileType": { + "markdownDescription": "Indicates whether to list only `LOCAL` type profiles or only `PARTNER` type profiles. If not supplied in the request, the command lists all types of profiles.", + "title": "ProfileType", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for profiles.", + "title": "Tags", + "type": "array" } }, "required": [ - "TeamId" + "As2Id", + "ProfileType" ], "type": "object" }, "Type": { "enum": [ - "AWS::SupportApp::SlackWorkspaceConfiguration" + "AWS::Transfer::Profile" ], "type": "string" }, @@ -261044,7 +312396,7 @@ ], "type": "object" }, - "AWS::Synthetics::Canary": { + "AWS::Transfer::Server": { "additionalProperties": false, "properties": { "Condition": { @@ -261079,93 +312431,106 @@ "Properties": { "additionalProperties": false, "properties": { - "ArtifactConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.ArtifactConfig", - "markdownDescription": "A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.", - "title": "ArtifactConfig" + "Certificate": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. Required when `Protocols` is set to `FTPS` .\n\nTo request a new public certificate, see [Request a public certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html) in the *AWS Certificate Manager User Guide* .\n\nTo import an existing certificate into ACM, see [Importing certificates into ACM](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .\n\nTo request a private certificate to use FTPS through private IP addresses, see [Request a private certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html) in the *AWS Certificate Manager User Guide* .\n\nCertificates with the following cryptographic algorithms and key sizes are supported:\n\n- 2048-bit RSA (RSA_2048)\n- 4096-bit RSA (RSA_4096)\n- Elliptic Prime Curve 256 bit (EC_prime256v1)\n- Elliptic Prime Curve 384 bit (EC_secp384r1)\n- Elliptic Prime Curve 521 bit (EC_secp521r1)\n\n> The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.", + "title": "Certificate", + "type": "string" }, - "ArtifactS3Location": { - "markdownDescription": "The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files. Specify the full location path, including `s3://` at the beginning of the path.", - "title": "ArtifactS3Location", + "Domain": { + "markdownDescription": "Specifies the domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.", + "title": "Domain", + "type": "string" + }, + "EndpointDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.EndpointDetails", + "markdownDescription": "The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.", + "title": "EndpointDetails" + }, + "EndpointType": { + "markdownDescription": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", + "title": "EndpointType", + "type": "string" + }, + "IdentityProviderDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.IdentityProviderDetails", + "markdownDescription": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", + "title": "IdentityProviderDetails" + }, + "IdentityProviderType": { + "markdownDescription": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", + "title": "IdentityProviderType", "type": "string" }, - "Code": { - "$ref": "#/definitions/AWS::Synthetics::Canary.Code", - "markdownDescription": "Use this structure to input your script code for the canary. This structure contains the Lambda handler with the location where the canary should start running the script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included. If the script is passed into the canary directly, the script code is contained in the value of `Script` .", - "title": "Code" + "IpAddressType": { + "markdownDescription": "Specifies whether to use IPv4 only, or to use dual-stack (IPv4 and IPv6) for your AWS Transfer Family endpoint. The default value is `IPV4` .\n\n> The `IpAddressType` parameter has the following limitations:\n> \n> - It cannot be changed while the server is online. You must stop the server before modifying this parameter.\n> - It cannot be updated to `DUALSTACK` if the server has `AddressAllocationIds` specified. > When using `DUALSTACK` as the `IpAddressType` , you cannot set the `AddressAllocationIds` parameter for the [EndpointDetails](https://docs.aws.amazon.com/transfer/latest/APIReference/API_EndpointDetails.html) for the server.", + "title": "IpAddressType", + "type": "string" }, - "ExecutionRoleArn": { - "markdownDescription": "The ARN of the IAM role to be used to run the canary. This role must already exist, and must include `lambda.amazonaws.com` as a principal in the trust policy. The role must also have the following permissions:\n\n- `s3:PutObject`\n- `s3:GetBucketLocation`\n- `s3:ListAllMyBuckets`\n- `cloudwatch:PutMetricData`\n- `logs:CreateLogGroup`\n- `logs:CreateLogStream`\n- `logs:PutLogEvents`", - "title": "ExecutionRoleArn", + "LoggingRole": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", + "title": "LoggingRole", "type": "string" }, - "FailureRetentionPeriod": { - "markdownDescription": "The number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", - "title": "FailureRetentionPeriod", - "type": "number" + "PostAuthenticationLoginBanner": { + "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", + "title": "PostAuthenticationLoginBanner", + "type": "string" }, - "Name": { - "markdownDescription": "The name for this canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account.\n\nDo not include secrets or proprietary information in your canary names. The canary name makes up part of the canary ARN, and the ARN is included in outbound calls over the internet. For more information, see [Security Considerations for Synthetics Canaries](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html) .", - "title": "Name", + "PreAuthenticationLoginBanner": { + "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", + "title": "PreAuthenticationLoginBanner", "type": "string" }, - "RunConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.RunConfig", - "markdownDescription": "A structure that contains input information for a canary run. If you omit this structure, the frequency of the canary is used as canary's timeout value, up to a maximum of 900 seconds.", - "title": "RunConfig" + "ProtocolDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.ProtocolDetails", + "markdownDescription": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", + "title": "ProtocolDetails" }, - "RuntimeVersion": { - "markdownDescription": "Specifies the runtime version to use for the canary. For more information about runtime versions, see [Canary Runtime Versions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) .", - "title": "RuntimeVersion", - "type": "string" + "Protocols": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", + "title": "Protocols", + "type": "array" }, - "Schedule": { - "$ref": "#/definitions/AWS::Synthetics::Canary.Schedule", - "markdownDescription": "A structure that contains information about how often the canary is to run, and when these runs are to stop.", - "title": "Schedule" + "S3StorageOptions": { + "$ref": "#/definitions/AWS::Transfer::Server.S3StorageOptions", + "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", + "title": "S3StorageOptions" }, - "StartCanaryAfterCreation": { - "markdownDescription": "Specify TRUE to have the canary start making runs immediately after it is created.\n\nA canary that you create using CloudFormation can't be used to monitor the CloudFormation stack that creates the canary or to roll back that stack if there is a failure.", - "title": "StartCanaryAfterCreation", - "type": "boolean" + "SecurityPolicyName": { + "markdownDescription": "Specifies the name of the security policy for the server.", + "title": "SecurityPolicyName", + "type": "string" }, - "SuccessRetentionPeriod": { - "markdownDescription": "The number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.\n\nThis setting affects the range of information returned by [GetCanaryRuns](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanaryRuns.html) , as well as the range of information displayed in the Synthetics console.", - "title": "SuccessRetentionPeriod", - "type": "number" + "StructuredLogDestinations": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", + "title": "StructuredLogDestinations", + "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value pairs that are associated with the canary.", + "markdownDescription": "Key-value pairs that can be used to group and search for servers.", "title": "Tags", "type": "array" }, - "VPCConfig": { - "$ref": "#/definitions/AWS::Synthetics::Canary.VPCConfig", - "markdownDescription": "If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see [Running a Canary in a VPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html) .", - "title": "VPCConfig" - }, - "VisualReference": { - "$ref": "#/definitions/AWS::Synthetics::Canary.VisualReference", - "markdownDescription": "If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.", - "title": "VisualReference" + "WorkflowDetails": { + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetails", + "markdownDescription": "Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.\n\nIn addition to a workflow to execute when a file is uploaded completely, `WorkflowDetails` can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.", + "title": "WorkflowDetails" } }, - "required": [ - "ArtifactS3Location", - "Code", - "ExecutionRoleArn", - "Name", - "RuntimeVersion", - "Schedule" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Synthetics::Canary" + "AWS::Transfer::Server" ], "type": "string" }, @@ -261179,204 +312544,164 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::Synthetics::Canary.ArtifactConfig": { - "additionalProperties": false, - "properties": { - "S3Encryption": { - "$ref": "#/definitions/AWS::Synthetics::Canary.S3Encryption", - "markdownDescription": "A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3 . Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see [Encrypting canary artifacts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_artifact_encryption.html) .", - "title": "S3Encryption" - } - }, - "type": "object" - }, - "AWS::Synthetics::Canary.BaseScreenshot": { + "AWS::Transfer::Server.EndpointDetails": { "additionalProperties": false, "properties": { - "IgnoreCoordinates": { + "AddressAllocationIds": { "items": { "type": "string" }, - "markdownDescription": "Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch console to draw the boundaries on the screen. For more information, see [Edit or delete a canary](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/synthetics_canaries_deletion.html) .", - "title": "IgnoreCoordinates", + "markdownDescription": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.\n> - You can't set address allocation IDs for servers that have an `IpAddressType` set to `DUALSTACK` You can only set this property if `IpAddressType` is set to `IPV4` .", + "title": "AddressAllocationIds", "type": "array" }, - "ScreenshotName": { - "markdownDescription": "The name of the screenshot. This is generated the first time the canary is run after the `UpdateCanary` operation that specified for this canary to perform visual monitoring.", - "title": "ScreenshotName", + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of security groups IDs that are available to attach to your server's endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC` .\n> \n> You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "A list of subnet IDs that are required to host your server endpoint in your VPC.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", + "title": "SubnetIds", + "type": "array" + }, + "VpcEndpointId": { + "markdownDescription": "The ID of the VPC endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` .", + "title": "VpcEndpointId", + "type": "string" + }, + "VpcId": { + "markdownDescription": "The VPC ID of the virtual private cloud in which the server's endpoint will be hosted.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", + "title": "VpcId", "type": "string" } }, - "required": [ - "ScreenshotName" - ], "type": "object" }, - "AWS::Synthetics::Canary.Code": { + "AWS::Transfer::Server.IdentityProviderDetails": { "additionalProperties": false, "properties": { - "Handler": { - "markdownDescription": "The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` .", - "title": "Handler", - "type": "string" - }, - "S3Bucket": { - "markdownDescription": "If your canary script is located in S3, specify the bucket name here. The bucket must already exist.", - "title": "S3Bucket", + "DirectoryId": { + "markdownDescription": "The identifier of the AWS Directory Service directory that you want to use as your identity provider.", + "title": "DirectoryId", "type": "string" }, - "S3Key": { - "markdownDescription": "The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .", - "title": "S3Key", + "Function": { + "markdownDescription": "The ARN for a Lambda function to use for the Identity provider.", + "title": "Function", "type": "string" }, - "S3ObjectVersion": { - "markdownDescription": "The Amazon S3 version ID of your script.", - "title": "S3ObjectVersion", + "InvocationRole": { + "markdownDescription": "This parameter is only applicable if your `IdentityProviderType` is `API_GATEWAY` . Provides the type of `InvocationRole` used to authenticate the user account.", + "title": "InvocationRole", "type": "string" }, - "Script": { - "markdownDescription": "If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB.", - "title": "Script", + "SftpAuthenticationMethods": { + "markdownDescription": "For SFTP-enabled servers, and for custom identity providers *only* , you can specify whether to authenticate using a password, SSH key pair, or both.\n\n- `PASSWORD` - users must provide their password to connect.\n- `PUBLIC_KEY` - users must provide their private key to connect.\n- `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either their password or their key. This is the default value.\n- `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private key and their password to connect. The server checks the key first, and then if the key is valid, the system prompts for a password. If the private key provided does not match the public key that is stored, authentication fails.", + "title": "SftpAuthenticationMethods", "type": "string" }, - "SourceLocationArn": { - "markdownDescription": "The ARN of the Lambda layer where Synthetics stores the canary script code.", - "title": "SourceLocationArn", + "Url": { + "markdownDescription": "Provides the location of the service endpoint used to authenticate users.", + "title": "Url", "type": "string" } }, - "required": [ - "Handler" - ], "type": "object" }, - "AWS::Synthetics::Canary.RunConfig": { + "AWS::Transfer::Server.ProtocolDetails": { "additionalProperties": false, "properties": { - "ActiveTracing": { - "markdownDescription": "Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see [Canaries and X-Ray tracing](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html) .\n\nYou can enable active tracing only for canaries that use version `syn-nodejs-2.0` or later for their canary runtime.", - "title": "ActiveTracing", - "type": "boolean" - }, - "EnvironmentVariables": { - "additionalProperties": true, - "markdownDescription": "Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:\n\n{ \"key1\" : \"value1\", \"key2\" : \"value2\", ...}\n\nKeys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see [Runtime environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "As2Transports": { + "items": { + "type": "string" }, - "title": "EnvironmentVariables", - "type": "object" + "markdownDescription": "List of `As2Transport` objects.", + "title": "As2Transports", + "type": "array" }, - "MemoryInMB": { - "markdownDescription": "The maximum amount of memory that the canary can use while running. This value must be a multiple of 64. The range is 960 to 3008.", - "title": "MemoryInMB", - "type": "number" + "PassiveIp": { + "markdownDescription": "Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:\n\n`aws transfer update-server --protocol-details PassiveIp=0.0.0.0`\n\nReplace `0.0.0.0` in the example above with the actual IP address you want to use.\n\n> If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) . \n\n*Special values*\n\nThe `AUTO` and `0.0.0.0` are special values for the `PassiveIp` parameter. The value `PassiveIp=AUTO` is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. `PassiveIp=0.0.0.0` has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the `PassiveIp` parameter. This reduces the effectiveness of having High Availability. In this case, you can specify `PassiveIp=0.0.0.0` . This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the `PassiveIp=0.0.0.0` response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the `PassiveIp=0.0.0.0` response.", + "title": "PassiveIp", + "type": "string" }, - "TimeoutInSeconds": { - "markdownDescription": "How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.\n\nIf you omit this field, the frequency of the canary is used as this value, up to a maximum of 900 seconds.", - "title": "TimeoutInSeconds", - "type": "number" + "SetStatOption": { + "markdownDescription": "Use the `SetStatOption` to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket.\n\nSome SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as `SETSTAT` when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.\n\nSet the value to `ENABLE_NO_OP` to have the Transfer Family server ignore the `SETSTAT` command, and upload files without needing to make any changes to your SFTP client. While the `SetStatOption` `ENABLE_NO_OP` setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a `SETSTAT` call.\n\n> If you want to preserve the original timestamp for your file, and modify other file attributes using `SETSTAT` , you can use Amazon EFS as backend storage with Transfer Family.", + "title": "SetStatOption", + "type": "string" + }, + "TlsSessionResumptionMode": { + "markdownDescription": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients.", + "title": "TlsSessionResumptionMode", + "type": "string" } }, "type": "object" }, - "AWS::Synthetics::Canary.S3Encryption": { + "AWS::Transfer::Server.S3StorageOptions": { "additionalProperties": false, "properties": { - "EncryptionMode": { - "markdownDescription": "The encryption method to use for artifacts created by this canary. Specify `SSE_S3` to use server-side encryption (SSE) with an Amazon S3-managed key. Specify `SSE-KMS` to use server-side encryption with a customer-managed AWS KMS key.\n\nIf you omit this parameter, an AWS -managed AWS KMS key is used.", - "title": "EncryptionMode", - "type": "string" - }, - "KmsKeyArn": { - "markdownDescription": "The ARN of the customer-managed AWS KMS key to use, if you specify `SSE-KMS` for `EncryptionMode`", - "title": "KmsKeyArn", + "DirectoryListingOptimization": { + "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized.\n\n- If using the console, this is enabled by default.\n- If using the API or CLI, this is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", + "title": "DirectoryListingOptimization", "type": "string" } }, "type": "object" }, - "AWS::Synthetics::Canary.Schedule": { + "AWS::Transfer::Server.WorkflowDetail": { "additionalProperties": false, "properties": { - "DurationInSeconds": { - "markdownDescription": "How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.", - "title": "DurationInSeconds", + "ExecutionRole": { + "markdownDescription": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources", + "title": "ExecutionRole", "type": "string" }, - "Expression": { - "markdownDescription": "A `rate` expression or a `cron` expression that defines how often the canary is to run.\n\nFor a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` .\n\nFor example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` .\n\nSpecifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started.\n\nUse `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) .", - "title": "Expression", + "WorkflowId": { + "markdownDescription": "A unique identifier for the workflow.", + "title": "WorkflowId", "type": "string" } }, "required": [ - "Expression" + "ExecutionRole", + "WorkflowId" ], "type": "object" }, - "AWS::Synthetics::Canary.VPCConfig": { + "AWS::Transfer::Server.WorkflowDetails": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups for this canary.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { + "OnPartialUpload": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" }, - "markdownDescription": "The IDs of the subnets where this canary is to run.", - "title": "SubnetIds", + "markdownDescription": "A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload.\n\nA *partial upload* occurs when a file is open when the session disconnects.\n\n> `OnPartialUpload` can contain a maximum of one `WorkflowDetail` object.", + "title": "OnPartialUpload", "type": "array" }, - "VpcId": { - "markdownDescription": "The ID of the VPC where this canary is to run.", - "title": "VpcId", - "type": "string" - } - }, - "required": [ - "SecurityGroupIds", - "SubnetIds" - ], - "type": "object" - }, - "AWS::Synthetics::Canary.VisualReference": { - "additionalProperties": false, - "properties": { - "BaseCanaryRunId": { - "markdownDescription": "Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are `nextrun` to use the screenshots from the next run after this update is made, `lastrun` to use the screenshots from the most recent run before this update was made, or the value of `Id` in the [CanaryRun](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CanaryRun.html) from any past run of this canary.", - "title": "BaseCanaryRunId", - "type": "string" - }, - "BaseScreenshots": { + "OnUpload": { "items": { - "$ref": "#/definitions/AWS::Synthetics::Canary.BaseScreenshot" + "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" }, - "markdownDescription": "An array of screenshots that are used as the baseline for comparisons during visual monitoring.", - "title": "BaseScreenshots", + "markdownDescription": "A trigger that starts a workflow: the workflow begins to execute after a file is uploaded.\n\nTo remove an associated workflow from a server, you can provide an empty `OnUpload` object, as in the following example.\n\n`aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{\"OnUpload\":[]}'`\n\n> `OnUpload` can contain a maximum of one `WorkflowDetail` object.", + "title": "OnUpload", "type": "array" } }, - "required": [ - "BaseCanaryRunId" - ], "type": "object" }, - "AWS::Synthetics::Group": { + "AWS::Transfer::User": { "additionalProperties": false, "properties": { "Condition": { @@ -261411,36 +312736,76 @@ "Properties": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "A name for the group. It can include any Unicode characters.\n\nThe names for all groups in your account, across all Regions, must be unique.", - "title": "Name", + "HomeDirectory": { + "markdownDescription": "The landing directory (folder) for a user when they log in to the server using the client.\n\nA `HomeDirectory` example is `/bucket_name/home/mydirectory` .\n\n> You can use the `HomeDirectory` parameter for `HomeDirectoryType` when it is set to either `PATH` or `LOGICAL` .", + "title": "HomeDirectory", "type": "string" }, - "ResourceArns": { + "HomeDirectoryMappings": { + "items": { + "$ref": "#/definitions/AWS::Transfer::User.HomeDirectoryMapEntry" + }, + "markdownDescription": "Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the `Entry` and `Target` pair, where `Entry` shows how the path is made visible and `Target` is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in `Target` . This value can be set only when `HomeDirectoryType` is set to *LOGICAL* .\n\nThe following is an `Entry` and `Target` pair example.\n\n`[ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`\n\nIn most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (\" `chroot` \"). To do this, you can set `Entry` to `/` and set `Target` to the value the user should see for their home directory when they log in.\n\nThe following is an `Entry` and `Target` pair example for `chroot` .\n\n`[ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`", + "title": "HomeDirectoryMappings", + "type": "array" + }, + "HomeDirectoryType": { + "markdownDescription": "The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to `PATH` , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to `LOGICAL` , you need to provide mappings in the `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon EFS paths visible to your users.\n\n> If `HomeDirectoryType` is `LOGICAL` , you must provide mappings, using the `HomeDirectoryMappings` parameter. If, on the other hand, `HomeDirectoryType` is `PATH` , you provide an absolute path using the `HomeDirectory` parameter. You cannot have both `HomeDirectory` and `HomeDirectoryMappings` in your template.", + "title": "HomeDirectoryType", + "type": "string" + }, + "Policy": { + "markdownDescription": "A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include `${Transfer:UserName}` , `${Transfer:HomeDirectory}` , and `${Transfer:HomeBucket}` .\n\n> For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the `Policy` argument.\n> \n> For an example of a session policy, see [Example session policy](https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html) .\n> \n> For more information, see [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) in the *AWS Security Token Service API Reference* .", + "title": "Policy", + "type": "string" + }, + "PosixProfile": { + "$ref": "#/definitions/AWS::Transfer::User.PosixProfile", + "markdownDescription": "Specifies the full POSIX identity, including user ID ( `Uid` ), group ID ( `Gid` ), and any secondary groups IDs ( `SecondaryGids` ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.", + "title": "PosixProfile" + }, + "Role": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.", + "title": "Role", + "type": "string" + }, + "ServerId": { + "markdownDescription": "A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.", + "title": "ServerId", + "type": "string" + }, + "SshPublicKeys": { "items": { "type": "string" }, - "markdownDescription": "The ARNs of the canaries that you want to associate with this group.", - "title": "ResourceArns", + "markdownDescription": "Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.\n\n> To delete the public key body, set its value to zero keys, as shown here:\n> \n> `SshPublicKeys: []`", + "title": "SshPublicKeys", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The list of key-value pairs that are associated with the group.", + "markdownDescription": "Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.", "title": "Tags", "type": "array" + }, + "UserName": { + "markdownDescription": "A unique string that identifies a user and is associated with a `ServerId` . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.", + "title": "UserName", + "type": "string" } }, "required": [ - "Name" + "Role", + "ServerId", + "UserName" ], "type": "object" }, "Type": { "enum": [ - "AWS::Synthetics::Group" + "AWS::Transfer::User" ], "type": "string" }, @@ -261459,7 +312824,60 @@ ], "type": "object" }, - "AWS::SystemsManagerSAP::Application": { + "AWS::Transfer::User.HomeDirectoryMapEntry": { + "additionalProperties": false, + "properties": { + "Entry": { + "markdownDescription": "Represents an entry for `HomeDirectoryMappings` .", + "title": "Entry", + "type": "string" + }, + "Target": { + "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", + "title": "Target", + "type": "string" + }, + "Type": { + "markdownDescription": "Specifies the type of mapping. Set the type to `FILE` if you want the mapping to point to a file, or `DIRECTORY` for the directory to point to a directory.\n\n> By default, home directory mappings have a `Type` of `DIRECTORY` when you create a Transfer Family server. You would need to explicitly set `Type` to `FILE` if you want a mapping to have a file target.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Entry", + "Target" + ], + "type": "object" + }, + "AWS::Transfer::User.PosixProfile": { + "additionalProperties": false, + "properties": { + "Gid": { + "markdownDescription": "The POSIX group ID used for all EFS operations by this user.", + "title": "Gid", + "type": "number" + }, + "SecondaryGids": { + "items": { + "type": "number" + }, + "markdownDescription": "The secondary POSIX group IDs used for all EFS operations by this user.", + "title": "SecondaryGids", + "type": "array" + }, + "Uid": { + "markdownDescription": "The POSIX user ID used for all EFS operations by this user.", + "title": "Uid", + "type": "number" + } + }, + "required": [ + "Gid", + "Uid" + ], + "type": "object" + }, + "AWS::Transfer::WebApp": { "additionalProperties": false, "properties": { "Condition": { @@ -261494,60 +312912,48 @@ "Properties": { "additionalProperties": false, "properties": { - "ApplicationId": { - "markdownDescription": "The ID of the application.", - "title": "ApplicationId", - "type": "string" - }, - "ApplicationType": { - "markdownDescription": "The type of the application.", - "title": "ApplicationType", + "AccessEndpoint": { + "markdownDescription": "The `AccessEndpoint` is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value.\n\nBefore you enter a custom URL for this parameter, follow the steps described in [Update your access endpoint with a custom URL](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-customize.html) .", + "title": "AccessEndpoint", "type": "string" }, - "Credentials": { - "items": { - "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.Credential" - }, - "markdownDescription": "The credentials of the SAP application.", - "title": "Credentials", - "type": "array" + "IdentityProviderDetails": { + "$ref": "#/definitions/AWS::Transfer::WebApp.IdentityProviderDetails", + "markdownDescription": "You can provide a structure that contains the details for the identity provider to use with your web app.\n\nFor more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) .", + "title": "IdentityProviderDetails" }, - "Instances": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "The Amazon EC2 instances on which your SAP application is running.", - "title": "Instances", + "markdownDescription": "Key-value pairs that can be used to group and search for web apps. Tags are metadata attached to web apps for any purpose.", + "title": "Tags", "type": "array" }, - "SapInstanceNumber": { - "markdownDescription": "The SAP instance number of the application.", - "title": "SapInstanceNumber", - "type": "string" + "WebAppCustomization": { + "$ref": "#/definitions/AWS::Transfer::WebApp.WebAppCustomization", + "markdownDescription": "A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app.", + "title": "WebAppCustomization" }, - "Sid": { - "markdownDescription": "The System ID of the application.", - "title": "Sid", + "WebAppEndpointPolicy": { + "markdownDescription": "Setting for the type of endpoint policy for the web app. The default value is `STANDARD` .\n\nIf your web app was created in an AWS GovCloud (US) Region , the value of this parameter can be `FIPS` , which indicates the web app endpoint is FIPS-compliant.", + "title": "WebAppEndpointPolicy", "type": "string" }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags on the application.", - "title": "Tags", - "type": "array" + "WebAppUnits": { + "$ref": "#/definitions/AWS::Transfer::WebApp.WebAppUnits", + "markdownDescription": "A union that contains the value for number of concurrent connections or the user sessions on your web app.", + "title": "WebAppUnits" } }, "required": [ - "ApplicationId", - "ApplicationType" + "IdentityProviderDetails" ], "type": "object" }, "Type": { "enum": [ - "AWS::SystemsManagerSAP::Application" + "AWS::Transfer::WebApp" ], "type": "string" }, @@ -261566,104 +312972,63 @@ ], "type": "object" }, - "AWS::SystemsManagerSAP::Application.Credential": { + "AWS::Transfer::WebApp.IdentityProviderDetails": { "additionalProperties": false, "properties": { - "CredentialType": { - "markdownDescription": "The type of the application credentials.", - "title": "CredentialType", + "ApplicationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app.", + "title": "ApplicationArn", "type": "string" }, - "DatabaseName": { - "markdownDescription": "The name of the SAP HANA database.", - "title": "DatabaseName", + "InstanceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app.", + "title": "InstanceArn", "type": "string" }, - "SecretId": { - "markdownDescription": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application.", - "title": "SecretId", + "Role": { + "markdownDescription": "The IAM role in IAM Identity Center used for the web app.", + "title": "Role", "type": "string" } }, "type": "object" }, - "AWS::Timestream::Database": { + "AWS::Transfer::WebApp.WebAppCustomization": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FaviconFile": { + "markdownDescription": "Returns an icon file data string (in base64 encoding).", + "title": "FaviconFile", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DatabaseName": { - "markdownDescription": "The name of the Timestream database.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "DatabaseName", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The identifier of the AWS KMS key used to encrypt the data stored in the database.", - "title": "KmsKeyId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags to add to the database.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Timestream::Database" - ], + "LogoFile": { + "markdownDescription": "Returns a logo file data string (in base64 encoding).", + "title": "LogoFile", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Title": { + "markdownDescription": "Returns the page title that you defined for your web app.", + "title": "Title", "type": "string" } }, + "type": "object" + }, + "AWS::Transfer::WebApp.WebAppUnits": { + "additionalProperties": false, + "properties": { + "Provisioned": { + "markdownDescription": "An integer that represents the number of units for your desired number of concurrent connections, or the number of user sessions on your web app at the same time.\n\nEach increment allows an additional 250 concurrent sessions: a value of `1` sets the number of concurrent sessions to 250; `2` sets a value of 500, and so on.", + "title": "Provisioned", + "type": "number" + } + }, "required": [ - "Type" + "Provisioned" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance": { + "AWS::Transfer::Workflow": { "additionalProperties": false, "properties": { "Condition": { @@ -261698,96 +313063,44 @@ "Properties": { "additionalProperties": false, "properties": { - "AllocatedStorage": { - "markdownDescription": "The amount of storage to allocate for your DB storage type in GiB (gibibytes).", - "title": "AllocatedStorage", - "type": "number" - }, - "Bucket": { - "markdownDescription": "The name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization.", - "title": "Bucket", - "type": "string" - }, - "DbInstanceType": { - "markdownDescription": "The Timestream for InfluxDB DB instance type to run on.", - "title": "DbInstanceType", - "type": "string" - }, - "DbParameterGroupIdentifier": { - "markdownDescription": "The name or id of the DB parameter group to assign to your DB instance. DB parameter groups specify how the database is configured. For example, DB parameter groups can specify the limit for query concurrency.", - "title": "DbParameterGroupIdentifier", - "type": "string" - }, - "DbStorageType": { - "markdownDescription": "The Timestream for InfluxDB DB storage type to read and write InfluxDB data.\n\nYou can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements:\n\n- Influx IO Included 3000 IOPS\n- Influx IO Included 12000 IOPS\n- Influx IO Included 16000 IOPS", - "title": "DbStorageType", - "type": "string" - }, - "DeploymentType": { - "markdownDescription": "Specifies whether the Timestream for InfluxDB is deployed as Single-AZ or with a MultiAZ Standby for High availability.", - "title": "DeploymentType", - "type": "string" - }, - "LogDeliveryConfiguration": { - "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration", - "markdownDescription": "Configuration for sending InfluxDB engine logs to a specified S3 bucket.", - "title": "LogDeliveryConfiguration" - }, - "Name": { - "markdownDescription": "The name that uniquely identifies the DB instance when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. DB instance names must be unique per customer and per region.", - "title": "Name", - "type": "string" - }, - "Organization": { - "markdownDescription": "The name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users.", - "title": "Organization", - "type": "string" - }, - "Password": { - "markdownDescription": "The password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon SecretManager in your account.", - "title": "Password", + "Description": { + "markdownDescription": "Specifies the text description for the workflow.", + "title": "Description", "type": "string" }, - "PubliclyAccessible": { - "markdownDescription": "Configures the DB instance with a public IP to facilitate access.", - "title": "PubliclyAccessible", - "type": "boolean" - }, - "Tags": { + "OnExceptionSteps": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" }, - "markdownDescription": "A list of key-value pairs to associate with the DB instance.", - "title": "Tags", + "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", + "title": "OnExceptionSteps", "type": "array" }, - "Username": { - "markdownDescription": "The username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. For example, my-user1. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon Secrets Manager in your account.", - "title": "Username", - "type": "string" - }, - "VpcSecurityGroupIds": { + "Steps": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" }, - "markdownDescription": "A list of VPC security group IDs to associate with the DB instance.", - "title": "VpcSecurityGroupIds", + "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", + "title": "Steps", "type": "array" }, - "VpcSubnetIds": { + "Tags": { "items": { - "type": "string" + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of VPC subnet IDs to associate with the DB instance. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.", - "title": "VpcSubnetIds", + "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", + "title": "Tags", "type": "array" } }, + "required": [ + "Steps" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::InfluxDBInstance" + "AWS::Transfer::Workflow" ], "type": "string" }, @@ -261801,45 +313114,254 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration": { + "AWS::Transfer::Workflow.CopyStepDetails": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.S3Configuration", - "markdownDescription": "Configuration for S3 bucket log delivery", - "title": "S3Configuration" + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", + "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.CustomStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Target": { + "markdownDescription": "The ARN for the Lambda function that is being called.", + "title": "Target", + "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "Timeout, in seconds, for the step.", + "title": "TimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.DecryptStepDetails": { + "additionalProperties": false, + "properties": { + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", + "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", + "title": "Type", + "type": "string" } }, "required": [ - "S3Configuration" + "DestinationFileLocation", + "Type" ], "type": "object" }, - "AWS::Timestream::InfluxDBInstance.S3Configuration": { + "AWS::Transfer::Workflow.DeleteStepDetails": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The bucket name of the customer S3 bucket.", - "title": "BucketName", + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", "type": "string" }, - "Enabled": { - "markdownDescription": "Indicates whether log delivery to the S3 bucket is enabled.", - "title": "Enabled", - "type": "boolean" + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.EfsInputFileLocation": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", + "title": "FileSystemId", + "type": "string" + }, + "Path": { + "markdownDescription": "The pathname for the folder being used by a workflow.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.InputFileLocation": { + "additionalProperties": false, + "properties": { + "EfsFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", + "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", + "title": "EfsFileLocation" + }, + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3FileLocation": { + "additionalProperties": false, + "properties": { + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3InputFileLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "Specifies the S3 bucket for the customer input file.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", + "title": "Key", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name assigned to the tag that you create.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that corresponds to the key.", + "title": "Value", + "type": "string" } }, "required": [ - "BucketName", - "Enabled" + "Key", + "Value" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery": { + "AWS::Transfer::Workflow.TagStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" + }, + "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.WorkflowStep": { + "additionalProperties": false, + "properties": { + "CopyStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", + "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", + "title": "CopyStepDetails" + }, + "CustomStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", + "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", + "title": "CustomStepDetails" + }, + "DecryptStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", + "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", + "title": "DecryptStepDetails" + }, + "DeleteStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", + "markdownDescription": "Details for a step that deletes the file.", + "title": "DeleteStepDetails" + }, + "TagStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", + "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", + "title": "TagStepDetails" + }, + "Type": { + "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource": { "additionalProperties": false, "properties": { "Condition": { @@ -261874,72 +313396,31 @@ "Properties": { "additionalProperties": false, "properties": { - "ClientToken": { - "markdownDescription": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request.", - "title": "ClientToken", - "type": "string" - }, - "ErrorReportConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ErrorReportConfiguration", - "markdownDescription": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results.", - "title": "ErrorReportConfiguration" - }, - "KmsKeyId": { - "markdownDescription": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest.", - "title": "KmsKeyId", - "type": "string" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.NotificationConfiguration", - "markdownDescription": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it.", - "title": "NotificationConfiguration" - }, - "QueryString": { - "markdownDescription": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query.", - "title": "QueryString", - "type": "string" - }, - "ScheduleConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ScheduleConfiguration", - "markdownDescription": "Schedule configuration.", - "title": "ScheduleConfiguration" + "Configuration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration", + "markdownDescription": "Contains configuration information used when creating a new identity source.", + "title": "Configuration" }, - "ScheduledQueryExecutionRoleArn": { - "markdownDescription": "The ARN for the IAM role that Timestream will assume when running the scheduled query.", - "title": "ScheduledQueryExecutionRoleArn", + "PolicyStoreId": { + "markdownDescription": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", + "title": "PolicyStoreId", "type": "string" }, - "ScheduledQueryName": { - "markdownDescription": "A name for the query. Scheduled query names must be unique within each Region.", - "title": "ScheduledQueryName", + "PrincipalEntityType": { + "markdownDescription": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.", + "title": "PrincipalEntityType", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "A list of key-value pairs to label the scheduled query.", - "title": "Tags", - "type": "array" - }, - "TargetConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TargetConfiguration", - "markdownDescription": "Scheduled query target store configuration.", - "title": "TargetConfiguration" } }, "required": [ - "ErrorReportConfiguration", - "NotificationConfiguration", - "QueryString", - "ScheduleConfiguration", - "ScheduledQueryExecutionRoleArn" + "Configuration", + "PolicyStoreId" ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::ScheduledQuery" + "AWS::VerifiedPermissions::IdentitySource" ], "type": "string" }, @@ -261958,258 +313439,320 @@ ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.DimensionMapping": { + "AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration": { "additionalProperties": false, "properties": { - "DimensionValueType": { - "markdownDescription": "Type for the dimension: VARCHAR", - "title": "DimensionValueType", - "type": "string" - }, - "Name": { - "markdownDescription": "Column name from query result.", - "title": "Name", + "GroupEntityType": { + "markdownDescription": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup` .", + "title": "GroupEntityType", "type": "string" } }, "required": [ - "DimensionValueType", - "Name" + "GroupEntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.ErrorReportConfiguration": { + "AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration": { "additionalProperties": false, "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.S3Configuration", - "markdownDescription": "The S3 configuration for the error reports.", - "title": "S3Configuration" + "ClientIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n\nExample: `\"ClientIds\": [\"&ExampleCogClientId;\"]`", + "title": "ClientIds", + "type": "array" + }, + "GroupConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration", + "markdownDescription": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.", + "title": "GroupConfiguration" + }, + "UserPoolArn": { + "markdownDescription": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool that contains the identities to be authorized.", + "title": "UserPoolArn", + "type": "string" } }, "required": [ - "S3Configuration" + "UserPoolArn" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MixedMeasureMapping": { + "AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration": { "additionalProperties": false, "properties": { - "MeasureName": { - "markdownDescription": "Refers to the value of measure_name in a result row. This field is required if MeasureNameColumn is provided.", - "title": "MeasureName", - "type": "string" - }, - "MeasureValueType": { - "markdownDescription": "Type of the value that is to be read from sourceColumn. If the mapping is for MULTI, use MeasureValueType.MULTI.", - "title": "MeasureValueType", - "type": "string" + "CognitoUserPoolConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration", + "markdownDescription": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions .", + "title": "CognitoUserPoolConfiguration" }, - "MultiMeasureAttributeMappings": { + "OpenIdConnectConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectConfiguration", + "markdownDescription": "", + "title": "OpenIdConnectConfiguration" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectAccessTokenConfiguration": { + "additionalProperties": false, + "properties": { + "Audiences": { "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + "type": "string" }, - "markdownDescription": "Required when measureValueType is MULTI. Attribute mappings for MULTI value measures.", - "title": "MultiMeasureAttributeMappings", + "markdownDescription": "The access token `aud` claim values that you want to accept in your policy store. For example, `https://myapp.example.com, https://myapp2.example.com` .", + "title": "Audiences", "type": "array" }, - "SourceColumn": { - "markdownDescription": "This field refers to the source column from which measure-value is to be read for result materialization.", - "title": "SourceColumn", + "PrincipalIdClaim": { + "markdownDescription": "The claim that determines the principal in OIDC access tokens. For example, `sub` .", + "title": "PrincipalIdClaim", + "type": "string" + } + }, + "type": "object" + }, + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectConfiguration": { + "additionalProperties": false, + "properties": { + "EntityIdPrefix": { + "markdownDescription": "A descriptive string that you want to prefix to user entities from your OIDC identity provider. For example, if you set an `entityIdPrefix` of `MyOIDCProvider` , you can reference principals in your policies in the format `MyCorp::User::MyOIDCProvider|Carlos` .", + "title": "EntityIdPrefix", "type": "string" }, - "TargetMeasureName": { - "markdownDescription": "Target measure name to be used. If not provided, the target measure name by default would be measure-name if provided, or sourceColumn otherwise.", - "title": "TargetMeasureName", + "GroupConfiguration": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectGroupConfiguration", + "markdownDescription": "The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to. For example, this object can map the contents of a `groups` claim to `MyCorp::UserGroup` .", + "title": "GroupConfiguration" + }, + "Issuer": { + "markdownDescription": "The issuer URL of an OIDC identity provider. This URL must have an OIDC discovery endpoint at the path `.well-known/openid-configuration` .", + "title": "Issuer", "type": "string" + }, + "TokenSelection": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectTokenSelection", + "markdownDescription": "The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.", + "title": "TokenSelection" } }, "required": [ - "MeasureValueType" + "Issuer", + "TokenSelection" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectGroupConfiguration": { "additionalProperties": false, "properties": { - "MeasureValueType": { - "markdownDescription": "Type of the attribute to be read from the source column.", - "title": "MeasureValueType", - "type": "string" - }, - "SourceColumn": { - "markdownDescription": "Source column from where the attribute value is to be read.", - "title": "SourceColumn", + "GroupClaim": { + "markdownDescription": "The token claim that you want Verified Permissions to interpret as group membership. For example, `groups` .", + "title": "GroupClaim", "type": "string" }, - "TargetMultiMeasureAttributeName": { - "markdownDescription": "Custom name to be used for attribute name in derived table. If not provided, source column name would be used.", - "title": "TargetMultiMeasureAttributeName", + "GroupEntityType": { + "markdownDescription": "The policy store entity type that you want to map your users' group claim to. For example, `MyCorp::UserGroup` . A group entity type is an entity that can have a user entity type as a member.", + "title": "GroupEntityType", "type": "string" } }, "required": [ - "MeasureValueType", - "SourceColumn" + "GroupClaim", + "GroupEntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.MultiMeasureMappings": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectIdentityTokenConfiguration": { "additionalProperties": false, "properties": { - "MultiMeasureAttributeMappings": { + "ClientIds": { "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" + "type": "string" }, - "markdownDescription": "Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes.", - "title": "MultiMeasureAttributeMappings", + "markdownDescription": "The ID token audience, or client ID, claim values that you want to accept in your policy store from an OIDC identity provider. For example, `1example23456789, 2example10111213` .", + "title": "ClientIds", "type": "array" }, - "TargetMultiMeasureName": { - "markdownDescription": "The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name.", - "title": "TargetMultiMeasureName", + "PrincipalIdClaim": { + "markdownDescription": "The claim that determines the principal in OIDC access tokens. For example, `sub` .", + "title": "PrincipalIdClaim", "type": "string" } }, - "required": [ - "MultiMeasureAttributeMappings" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.NotificationConfiguration": { + "AWS::VerifiedPermissions::IdentitySource.OpenIdConnectTokenSelection": { "additionalProperties": false, "properties": { - "SnsConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.SnsConfiguration", - "markdownDescription": "Details on SNS configuration.", - "title": "SnsConfiguration" + "AccessTokenOnly": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectAccessTokenConfiguration", + "markdownDescription": "The OIDC configuration for processing access tokens. Contains allowed audience claims, for example `https://auth.example.com` , and the claim that you want to map to the principal, for example `sub` .", + "title": "AccessTokenOnly" + }, + "IdentityTokenOnly": { + "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.OpenIdConnectIdentityTokenConfiguration", + "markdownDescription": "The OIDC configuration for processing identity (ID) tokens. Contains allowed client ID claims, for example `1example23456789` , and the claim that you want to map to the principal, for example `sub` .", + "title": "IdentityTokenOnly" } }, - "required": [ - "SnsConfiguration" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.S3Configuration": { + "AWS::VerifiedPermissions::Policy": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "Name of the S3 bucket under which error reports will be created.", - "title": "BucketName", + "Condition": { "type": "string" }, - "EncryptionOption": { - "markdownDescription": "Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default.", - "title": "EncryptionOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "ObjectKeyPrefix": { - "markdownDescription": "Prefix for the error report key. Timestream by default adds the following prefix to the error report path.", - "title": "ObjectKeyPrefix", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.PolicyDefinition", + "markdownDescription": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element.", + "title": "Definition" + }, + "PolicyStoreId": { + "markdownDescription": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in.", + "title": "PolicyStoreId", + "type": "string" + } + }, + "required": [ + "Definition", + "PolicyStoreId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::VerifiedPermissions::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "BucketName" + "Type", + "Properties" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.ScheduleConfiguration": { + "AWS::VerifiedPermissions::Policy.EntityIdentifier": { "additionalProperties": false, "properties": { - "ScheduleExpression": { - "markdownDescription": "An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression.", - "title": "ScheduleExpression", + "EntityId": { + "markdownDescription": "The identifier of an entity.\n\n`\"entityId\":\" *identifier* \"`", + "title": "EntityId", + "type": "string" + }, + "EntityType": { + "markdownDescription": "The type of an entity.\n\nExample: `\"entityType\":\" *typeName* \"`", + "title": "EntityType", "type": "string" } }, "required": [ - "ScheduleExpression" + "EntityId", + "EntityType" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.SnsConfiguration": { + "AWS::VerifiedPermissions::Policy.PolicyDefinition": { "additionalProperties": false, "properties": { - "TopicArn": { - "markdownDescription": "SNS topic ARN that the scheduled query status notifications will be sent to.", - "title": "TopicArn", - "type": "string" + "Static": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.StaticPolicyDefinition", + "markdownDescription": "A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.", + "title": "Static" + }, + "TemplateLinked": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition", + "markdownDescription": "A structure that describes a policy that was instantiated from a template. The template can specify placeholders for `principal` and `resource` . When you use [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy.", + "title": "TemplateLinked" } }, - "required": [ - "TopicArn" - ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.TargetConfiguration": { + "AWS::VerifiedPermissions::Policy.StaticPolicyDefinition": { "additionalProperties": false, "properties": { - "TimestreamConfiguration": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TimestreamConfiguration", - "markdownDescription": "Configuration needed to write data into the Timestream database and table.", - "title": "TimestreamConfiguration" + "Description": { + "markdownDescription": "The description of the static policy.", + "title": "Description", + "type": "string" + }, + "Statement": { + "markdownDescription": "The policy content of the static policy, written in the Cedar policy language.", + "title": "Statement", + "type": "string" } }, "required": [ - "TimestreamConfiguration" + "Statement" ], "type": "object" }, - "AWS::Timestream::ScheduledQuery.TimestreamConfiguration": { + "AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "Name of Timestream database to which the query result will be written.", - "title": "DatabaseName", - "type": "string" - }, - "DimensionMappings": { - "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.DimensionMapping" - }, - "markdownDescription": "This is to allow mapping column(s) from the query result to the dimension in the destination table.", - "title": "DimensionMappings", - "type": "array" - }, - "MeasureNameColumn": { - "markdownDescription": "Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` .", - "title": "MeasureNameColumn", + "PolicyTemplateId": { + "markdownDescription": "The unique identifier of the policy template used to create this policy.", + "title": "PolicyTemplateId", "type": "string" }, - "MixedMeasureMappings": { - "items": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MixedMeasureMapping" - }, - "markdownDescription": "Specifies how to map measures to multi-measure records.", - "title": "MixedMeasureMappings", - "type": "array" - }, - "MultiMeasureMappings": { - "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureMappings", - "markdownDescription": "Multi-measure mappings.", - "title": "MultiMeasureMappings" - }, - "TableName": { - "markdownDescription": "Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration.", - "title": "TableName", - "type": "string" + "Principal": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", + "markdownDescription": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the `?principal` placeholder in the policy template when it evaluates an authorization request.", + "title": "Principal" }, - "TimeColumn": { - "markdownDescription": "Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP.", - "title": "TimeColumn", - "type": "string" + "Resource": { + "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", + "markdownDescription": "The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the `?resource` placeholder in the policy template when it evaluates an authorization request.", + "title": "Resource" } }, "required": [ - "DatabaseName", - "DimensionMappings", - "TableName", - "TimeColumn" + "PolicyTemplateId" ], "type": "object" }, - "AWS::Timestream::Table": { + "AWS::VerifiedPermissions::PolicyStore": { "additionalProperties": false, "properties": { "Condition": { @@ -262244,48 +313787,43 @@ "Properties": { "additionalProperties": false, "properties": { - "DatabaseName": { - "markdownDescription": "The name of the Timestream database that contains this table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "DatabaseName", - "type": "string" - }, - "MagneticStoreWriteProperties": { - "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreWriteProperties", - "markdownDescription": "Contains properties to set on the table when enabling magnetic store writes.\n\nThis object has the following attributes:\n\n- *EnableMagneticStoreWrites* : A `boolean` flag to enable magnetic store writes.\n- *MagneticStoreRejectedDataLocation* : The location to write error reports for records rejected, asynchronously, during magnetic store writes. Only `S3Configuration` objects are allowed. The `S3Configuration` object has the following attributes:\n\n- *BucketName* : The name of the S3 bucket.\n- *EncryptionOption* : The encryption option for the S3 location. Valid values are S3 server-side encryption with an S3 managed key ( `SSE_S3` ) or AWS managed key ( `SSE_KMS` ).\n- *KmsKeyId* : The AWS KMS key ID to use when encrypting with an AWS managed key.\n- *ObjectKeyPrefix* : The prefix to use option for the objects stored in S3.\n\nBoth `BucketName` and `EncryptionOption` are *required* when `S3Configuration` is specified. If you specify `SSE_KMS` as your `EncryptionOption` then `KmsKeyId` is *required* .\n\n`EnableMagneticStoreWrites` attribute is *required* when `MagneticStoreWriteProperties` is specified. `MagneticStoreRejectedDataLocation` attribute is *required* when `EnableMagneticStoreWrites` is set to `true` .\n\nSee the following examples:\n\n*JSON*\n\n```json\n{ \"Type\" : AWS::Timestream::Table\", \"Properties\":{ \"DatabaseName\":\"TestDatabase\", \"TableName\":\"TestTable\", \"MagneticStoreWriteProperties\":{ \"EnableMagneticStoreWrites\":true, \"MagneticStoreRejectedDataLocation\":{ \"S3Configuration\":{ \"BucketName\":\" amzn-s3-demo-bucket \", \"EncryptionOption\":\"SSE_KMS\", \"KmsKeyId\":\"1234abcd-12ab-34cd-56ef-1234567890ab\", \"ObjectKeyPrefix\":\"prefix\" } } } }\n}\n```\n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" MagneticStoreWriteProperties: EnableMagneticStoreWrites: true MagneticStoreRejectedDataLocation: S3Configuration: BucketName: \" amzn-s3-demo-bucket \" EncryptionOption: \"SSE_KMS\" KmsKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\" ObjectKeyPrefix: \"prefix\"\n```", - "title": "MagneticStoreWriteProperties" + "DeletionProtection": { + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.DeletionProtection", + "markdownDescription": "Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.\n\nThe default state is `DISABLED` .", + "title": "DeletionProtection" }, - "RetentionProperties": { - "$ref": "#/definitions/AWS::Timestream::Table.RetentionProperties", - "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", - "title": "RetentionProperties" + "Description": { + "markdownDescription": "Descriptive text that you can provide to help with identification of the current policy store.", + "title": "Description", + "type": "string" }, "Schema": { - "$ref": "#/definitions/AWS::Timestream::Table.Schema", - "markdownDescription": "The schema of the table.", + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.SchemaDefinition", + "markdownDescription": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.", "title": "Schema" }, - "TableName": { - "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", - "title": "TableName", - "type": "string" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the table", + "markdownDescription": "The list of key-value pairs to associate with the policy store.", "title": "Tags", "type": "array" + }, + "ValidationSettings": { + "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.ValidationSettings", + "markdownDescription": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n> We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on.", + "title": "ValidationSettings" } }, "required": [ - "DatabaseName" + "ValidationSettings" ], "type": "object" }, "Type": { "enum": [ - "AWS::Timestream::Table" + "AWS::VerifiedPermissions::PolicyStore" ], "type": "string" }, @@ -262304,121 +313842,46 @@ ], "type": "object" }, - "AWS::Timestream::Table.MagneticStoreRejectedDataLocation": { - "additionalProperties": false, - "properties": { - "S3Configuration": { - "$ref": "#/definitions/AWS::Timestream::Table.S3Configuration", - "markdownDescription": "Configuration of an S3 location to write error reports for records rejected, asynchronously, during magnetic store writes.", - "title": "S3Configuration" - } - }, - "type": "object" - }, - "AWS::Timestream::Table.MagneticStoreWriteProperties": { - "additionalProperties": false, - "properties": { - "EnableMagneticStoreWrites": { - "markdownDescription": "A flag to enable magnetic store writes.", - "title": "EnableMagneticStoreWrites", - "type": "boolean" - }, - "MagneticStoreRejectedDataLocation": { - "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreRejectedDataLocation", - "markdownDescription": "The location to write error reports for records rejected asynchronously during magnetic store writes.", - "title": "MagneticStoreRejectedDataLocation" - } - }, - "required": [ - "EnableMagneticStoreWrites" - ], - "type": "object" - }, - "AWS::Timestream::Table.PartitionKey": { + "AWS::VerifiedPermissions::PolicyStore.DeletionProtection": { "additionalProperties": false, "properties": { - "EnforcementInRecord": { - "markdownDescription": "The level of enforcement for the specification of a dimension key in ingested records. Options are REQUIRED (dimension key must be specified) and OPTIONAL (dimension key does not have to be specified).", - "title": "EnforcementInRecord", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the attribute used for a dimension key.", - "title": "Name", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of the partition key. Options are DIMENSION (dimension key) and MEASURE (measure key).", - "title": "Type", + "Mode": { + "markdownDescription": "Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.\n\nThe default state is `DISABLED` .", + "title": "Mode", "type": "string" } }, "required": [ - "Type" + "Mode" ], "type": "object" }, - "AWS::Timestream::Table.RetentionProperties": { + "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { "additionalProperties": false, "properties": { - "MagneticStoreRetentionPeriodInDays": { - "markdownDescription": "The duration for which data must be stored in the magnetic store.", - "title": "MagneticStoreRetentionPeriodInDays", - "type": "string" - }, - "MemoryStoreRetentionPeriodInHours": { - "markdownDescription": "The duration for which data must be stored in the memory store.", - "title": "MemoryStoreRetentionPeriodInHours", + "CedarJson": { + "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", + "title": "CedarJson", "type": "string" } }, "type": "object" }, - "AWS::Timestream::Table.S3Configuration": { + "AWS::VerifiedPermissions::PolicyStore.ValidationSettings": { "additionalProperties": false, "properties": { - "BucketName": { - "markdownDescription": "The bucket name of the customer S3 bucket.", - "title": "BucketName", - "type": "string" - }, - "EncryptionOption": { - "markdownDescription": "The encryption option for the customer S3 location. Options are S3 server-side encryption with an S3 managed key or AWS managed key.", - "title": "EncryptionOption", - "type": "string" - }, - "KmsKeyId": { - "markdownDescription": "The AWS KMS key ID for the customer S3 location when encrypting with an AWS managed key.", - "title": "KmsKeyId", - "type": "string" - }, - "ObjectKeyPrefix": { - "markdownDescription": "The object key preview for the customer S3 location.", - "title": "ObjectKeyPrefix", + "Mode": { + "markdownDescription": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* \u2013 Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* \u2013 Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n> If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n> \n> To submit a static policy or policy template without a schema, you must turn off validation.", + "title": "Mode", "type": "string" } }, "required": [ - "BucketName", - "EncryptionOption" + "Mode" ], "type": "object" }, - "AWS::Timestream::Table.Schema": { - "additionalProperties": false, - "properties": { - "CompositePartitionKey": { - "items": { - "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" - }, - "markdownDescription": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed.", - "title": "CompositePartitionKey", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Transfer::Agreement": { + "AWS::VerifiedPermissions::PolicyTemplate": { "additionalProperties": false, "properties": { "Condition": { @@ -262453,62 +313916,31 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRole": { - "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", - "title": "AccessRole", - "type": "string" - }, - "BaseDirectory": { - "markdownDescription": "The landing directory (folder) for files that are transferred by using the AS2 protocol.", - "title": "BaseDirectory", - "type": "string" - }, "Description": { - "markdownDescription": "The name or short description that's used to identify the agreement.", + "markdownDescription": "The description to attach to the new or updated policy template.", "title": "Description", "type": "string" }, - "LocalProfileId": { - "markdownDescription": "A unique identifier for the AS2 local profile.", - "title": "LocalProfileId", - "type": "string" - }, - "PartnerProfileId": { - "markdownDescription": "A unique identifier for the partner profile used in the agreement.", - "title": "PartnerProfileId", - "type": "string" - }, - "ServerId": { - "markdownDescription": "A system-assigned unique identifier for a server instance. This identifier indicates the specific server that the agreement uses.", - "title": "ServerId", + "PolicyStoreId": { + "markdownDescription": "The unique identifier of the policy store that contains the template.", + "title": "PolicyStoreId", "type": "string" }, - "Status": { - "markdownDescription": "The current status of the agreement, either `ACTIVE` or `INACTIVE` .", - "title": "Status", + "Statement": { + "markdownDescription": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language.", + "title": "Statement", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs that can be used to group and search for agreements.", - "title": "Tags", - "type": "array" } }, "required": [ - "AccessRole", - "BaseDirectory", - "LocalProfileId", - "PartnerProfileId", - "ServerId" + "PolicyStoreId", + "Statement" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Agreement" + "AWS::VerifiedPermissions::PolicyTemplate" ], "type": "string" }, @@ -262527,7 +313959,7 @@ ], "type": "object" }, - "AWS::Transfer::Certificate": { + "AWS::VoiceID::Domain": { "additionalProperties": false, "properties": { "Condition": { @@ -262562,59 +313994,39 @@ "Properties": { "additionalProperties": false, "properties": { - "ActiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", - "title": "ActiveDate", - "type": "string" - }, - "Certificate": { - "markdownDescription": "The file name for the certificate.", - "title": "Certificate", - "type": "string" - }, - "CertificateChain": { - "markdownDescription": "The list of certificates that make up the chain for the certificate.", - "title": "CertificateChain", - "type": "string" - }, "Description": { - "markdownDescription": "The name or description that's used to identity the certificate.", + "markdownDescription": "The description of the domain.", "title": "Description", "type": "string" }, - "InactiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", - "title": "InactiveDate", + "Name": { + "markdownDescription": "The name for the domain.", + "title": "Name", "type": "string" }, - "PrivateKey": { - "markdownDescription": "The file that contains the private key for the certificate that's being imported.", - "title": "PrivateKey", - "type": "string" + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::VoiceID::Domain.ServerSideEncryptionConfiguration", + "markdownDescription": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data.", + "title": "ServerSideEncryptionConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for certificates.", + "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" - }, - "Usage": { - "markdownDescription": "Specifies how this certificate is used. It can be used in the following ways:\n\n- `SIGNING` : For signing AS2 messages\n- `ENCRYPTION` : For encrypting AS2 messages\n- `TLS` : For securing AS2 communications sent over HTTPS", - "title": "Usage", - "type": "string" } }, "required": [ - "Certificate", - "Usage" + "Name", + "ServerSideEncryptionConfiguration" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Certificate" + "AWS::VoiceID::Domain" ], "type": "string" }, @@ -262633,7 +314045,21 @@ ], "type": "object" }, - "AWS::Transfer::Connector": { + "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "markdownDescription": "The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys.", + "title": "KmsKeyId", + "type": "string" + } + }, + "required": [ + "KmsKeyId" + ], + "type": "object" + }, + "AWS::VpcLattice::AccessLogSubscription": { "additionalProperties": false, "properties": { "Condition": { @@ -262668,49 +314094,38 @@ "Properties": { "additionalProperties": false, "properties": { - "AccessRole": { - "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", - "title": "AccessRole", + "DestinationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.", + "title": "DestinationArn", "type": "string" }, - "As2Config": { - "$ref": "#/definitions/AWS::Transfer::Connector.As2Config", - "markdownDescription": "A structure that contains the parameters for an AS2 connector object.", - "title": "As2Config" - }, - "LoggingRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.", - "title": "LoggingRole", + "ResourceIdentifier": { + "markdownDescription": "The ID or ARN of the service network or service.", + "title": "ResourceIdentifier", "type": "string" }, - "SftpConfig": { - "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig", - "markdownDescription": "A structure that contains the parameters for an SFTP connector object.", - "title": "SftpConfig" + "ServiceNetworkLogType": { + "markdownDescription": "Log type of the service network.", + "title": "ServiceNetworkLogType", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for connectors.", + "markdownDescription": "The tags for the access log subscription.", "title": "Tags", "type": "array" - }, - "Url": { - "markdownDescription": "The URL of the partner's AS2 or SFTP endpoint.", - "title": "Url", - "type": "string" } }, "required": [ - "AccessRole", - "Url" + "DestinationArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Connector" + "AWS::VpcLattice::AccessLogSubscription" ], "type": "string" }, @@ -262729,77 +314144,80 @@ ], "type": "object" }, - "AWS::Transfer::Connector.As2Config": { + "AWS::VpcLattice::AuthPolicy": { "additionalProperties": false, "properties": { - "BasicAuthSecretId": { - "markdownDescription": "Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication, you must provide the name or Amazon Resource Name (ARN) of a secret in AWS Secrets Manager .\n\nThe default value for this parameter is `null` , which indicates that Basic authentication is not enabled for the connector.\n\nIf the connector should use Basic authentication, the secret needs to be in the following format:\n\n`{ \"Username\": \"user-name\", \"Password\": \"user-password\" }`\n\nReplace `user-name` and `user-password` with the credentials for the actual user that is being authenticated.\n\nNote the following:\n\n- You are storing these credentials in Secrets Manager, *not passing them directly* into this API.\n- If you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication. However, if you are using the AWS management console, you can have the system create the secret for you.\n\nIf you have previously enabled Basic authentication for a connector, you can disable it by using the `UpdateConnector` API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:\n\n`update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=\"\"'`", - "title": "BasicAuthSecretId", - "type": "string" - }, - "Compression": { - "markdownDescription": "Specifies whether the AS2 file is compressed.", - "title": "Compression", - "type": "string" - }, - "EncryptionAlgorithm": { - "markdownDescription": "The algorithm that is used to encrypt the file.\n\nNote the following:\n\n- Do not use the `DES_EDE3_CBC` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.\n- You can only specify `NONE` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.", - "title": "EncryptionAlgorithm", - "type": "string" - }, - "LocalProfileId": { - "markdownDescription": "A unique identifier for the AS2 local profile.", - "title": "LocalProfileId", + "Condition": { "type": "string" }, - "MdnResponse": { - "markdownDescription": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", - "title": "MdnResponse", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MdnSigningAlgorithm": { - "markdownDescription": "The signing algorithm for the MDN response.\n\n> If set to DEFAULT (or not set at all), the value for `SigningAlgorithm` is used.", - "title": "MdnSigningAlgorithm", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "MessageSubject": { - "markdownDescription": "Used as the `Subject` HTTP header attribute in AS2 messages that are being sent with the connector.", - "title": "MessageSubject", - "type": "string" + "Metadata": { + "type": "object" }, - "PartnerProfileId": { - "markdownDescription": "A unique identifier for the partner profile for the connector.", - "title": "PartnerProfileId", - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "Policy": { + "markdownDescription": "The auth policy.", + "title": "Policy", + "type": "object" + }, + "ResourceIdentifier": { + "markdownDescription": "The ID or ARN of the service network or service for which the policy is created.", + "title": "ResourceIdentifier", + "type": "string" + } + }, + "required": [ + "Policy", + "ResourceIdentifier" + ], + "type": "object" }, - "SigningAlgorithm": { - "markdownDescription": "The algorithm that is used to sign the AS2 messages sent with the connector.", - "title": "SigningAlgorithm", + "Type": { + "enum": [ + "AWS::VpcLattice::AuthPolicy" + ], "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Connector.SftpConfig": { - "additionalProperties": false, - "properties": { - "TrustedHostKeys": { - "items": { - "type": "string" - }, - "markdownDescription": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\n> `TrustedHostKeys` is optional for `CreateConnector` . If not provided, you can use `TestConnection` to retrieve the server host key during the initial connection attempt, and subsequently update the connector with the observed host key. \n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... - Required when creating an SFTP connector\n> - Optional when updating an existing SFTP connector", - "title": "UserSecretId", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Transfer::Profile": { + "AWS::VpcLattice::Listener": { "additionalProperties": false, "properties": { "Condition": { @@ -262834,42 +314252,49 @@ "Properties": { "additionalProperties": false, "properties": { - "As2Id": { - "markdownDescription": "The `As2Id` is the *AS2-name* , as defined in the [RFC 4130](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc4130) . For inbound transfers, this is the `AS2-From` header for the AS2 messages sent from the partner. For outbound connectors, this is the `AS2-To` header for the AS2 messages sent to the partner using the `StartFileTransfer` API operation. This ID cannot include spaces.", - "title": "As2Id", + "DefaultAction": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.DefaultAction", + "markdownDescription": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match.", + "title": "DefaultAction" + }, + "Name": { + "markdownDescription": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" }, - "CertificateIds": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.", - "title": "CertificateIds", - "type": "array" + "Port": { + "markdownDescription": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.", + "title": "Port", + "type": "number" }, - "ProfileType": { - "markdownDescription": "Indicates whether to list only `LOCAL` type profiles or only `PARTNER` type profiles. If not supplied in the request, the command lists all types of profiles.", - "title": "ProfileType", + "Protocol": { + "markdownDescription": "The listener protocol.", + "title": "Protocol", + "type": "string" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for profiles.", + "markdownDescription": "The tags for the listener.", "title": "Tags", "type": "array" } }, "required": [ - "As2Id", - "ProfileType" + "DefaultAction", + "Protocol" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Profile" + "AWS::VpcLattice::Listener" ], "type": "string" }, @@ -262888,7 +314313,73 @@ ], "type": "object" }, - "AWS::Transfer::Server": { + "AWS::VpcLattice::Listener.DefaultAction": { + "additionalProperties": false, + "properties": { + "FixedResponse": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.FixedResponse", + "markdownDescription": "Describes an action that returns a custom HTTP response.", + "title": "FixedResponse" + }, + "Forward": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.Forward", + "markdownDescription": "Describes a forward action. You can use forward actions to route requests to one or more target groups.", + "title": "Forward" + } + }, + "type": "object" + }, + "AWS::VpcLattice::Listener.FixedResponse": { + "additionalProperties": false, + "properties": { + "StatusCode": { + "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", + "title": "StatusCode", + "type": "number" + } + }, + "required": [ + "StatusCode" + ], + "type": "object" + }, + "AWS::VpcLattice::Listener.Forward": { + "additionalProperties": false, + "properties": { + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Listener.WeightedTargetGroup" + }, + "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", + "title": "TargetGroups", + "type": "array" + } + }, + "required": [ + "TargetGroups" + ], + "type": "object" + }, + "AWS::VpcLattice::Listener.WeightedTargetGroup": { + "additionalProperties": false, + "properties": { + "TargetGroupIdentifier": { + "markdownDescription": "The ID of the target group.", + "title": "TargetGroupIdentifier", + "type": "string" + }, + "Weight": { + "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "TargetGroupIdentifier" + ], + "type": "object" + }, + "AWS::VpcLattice::ResourceConfiguration": { "additionalProperties": false, "properties": { "Condition": { @@ -262923,101 +314414,72 @@ "Properties": { "additionalProperties": false, "properties": { - "Certificate": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate. Required when `Protocols` is set to `FTPS` .\n\nTo request a new public certificate, see [Request a public certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html) in the *AWS Certificate Manager User Guide* .\n\nTo import an existing certificate into ACM, see [Importing certificates into ACM](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .\n\nTo request a private certificate to use FTPS through private IP addresses, see [Request a private certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html) in the *AWS Certificate Manager User Guide* .\n\nCertificates with the following cryptographic algorithms and key sizes are supported:\n\n- 2048-bit RSA (RSA_2048)\n- 4096-bit RSA (RSA_4096)\n- Elliptic Prime Curve 256 bit (EC_prime256v1)\n- Elliptic Prime Curve 384 bit (EC_secp384r1)\n- Elliptic Prime Curve 521 bit (EC_secp521r1)\n\n> The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.", - "title": "Certificate", - "type": "string" + "AllowAssociationToSharableServiceNetwork": { + "markdownDescription": "Specifies whether the resource configuration can be associated with a sharable service network.", + "title": "AllowAssociationToSharableServiceNetwork", + "type": "boolean" }, - "Domain": { - "markdownDescription": "Specifies the domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.", - "title": "Domain", + "Name": { + "markdownDescription": "The name of the resource configuration.", + "title": "Name", "type": "string" }, - "EndpointDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.EndpointDetails", - "markdownDescription": "The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.", - "title": "EndpointDetails" + "PortRanges": { + "items": { + "type": "string" + }, + "markdownDescription": "(SINGLE, GROUP, CHILD) The TCP port ranges that a consumer can use to access a resource configuration (for example: 1-65535). You can separate port ranges using commas (for example: 1,2,22-30).", + "title": "PortRanges", + "type": "array" }, - "EndpointType": { - "markdownDescription": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", - "title": "EndpointType", + "ProtocolType": { + "markdownDescription": "(SINGLE, GROUP) The protocol accepted by the resource configuration.", + "title": "ProtocolType", "type": "string" }, - "IdentityProviderDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.IdentityProviderDetails", - "markdownDescription": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", - "title": "IdentityProviderDetails" - }, - "IdentityProviderType": { - "markdownDescription": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", - "title": "IdentityProviderType", + "ResourceConfigurationAuthType": { + "markdownDescription": "The auth type for the resource configuration.", + "title": "ResourceConfigurationAuthType", "type": "string" }, - "LoggingRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", - "title": "LoggingRole", - "type": "string" + "ResourceConfigurationDefinition": { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration.ResourceConfigurationDefinition", + "markdownDescription": "Identifies the resource configuration in one of the following ways:\n\n- *Amazon Resource Name (ARN)* - Supported resource-types that are provisioned by AWS services, such as RDS databases, can be identified by their ARN.\n- *Domain name* - Any domain name that is publicly resolvable.\n- *IP address* - For IPv4 and IPv6, only IP addresses in the VPC are supported.", + "title": "ResourceConfigurationDefinition" }, - "PostAuthenticationLoginBanner": { - "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", - "title": "PostAuthenticationLoginBanner", + "ResourceConfigurationGroupId": { + "markdownDescription": "The ID of the group resource configuration.", + "title": "ResourceConfigurationGroupId", "type": "string" }, - "PreAuthenticationLoginBanner": { - "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", - "title": "PreAuthenticationLoginBanner", + "ResourceConfigurationType": { + "markdownDescription": "The type of resource configuration. A resource configuration can be one of the following types:\n\n- *SINGLE* - A single resource.\n- *GROUP* - A group of resources. You must create a group resource configuration before you create a child resource configuration.\n- *CHILD* - A single resource that is part of a group resource configuration.\n- *ARN* - An AWS resource.", + "title": "ResourceConfigurationType", "type": "string" }, - "ProtocolDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.ProtocolDetails", - "markdownDescription": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", - "title": "ProtocolDetails" - }, - "Protocols": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.Protocol" - }, - "markdownDescription": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", - "title": "Protocols", - "type": "array" - }, - "S3StorageOptions": { - "$ref": "#/definitions/AWS::Transfer::Server.S3StorageOptions", - "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", - "title": "S3StorageOptions" - }, - "SecurityPolicyName": { - "markdownDescription": "Specifies the name of the security policy for the server.", - "title": "SecurityPolicyName", + "ResourceGatewayId": { + "markdownDescription": "The ID of the resource gateway.", + "title": "ResourceGatewayId", "type": "string" }, - "StructuredLogDestinations": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.StructuredLogDestination" - }, - "markdownDescription": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", - "title": "StructuredLogDestinations", - "type": "array" - }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for servers.", + "markdownDescription": "The tags for the resource configuration.", "title": "Tags", "type": "array" - }, - "WorkflowDetails": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetails", - "markdownDescription": "Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.\n\nIn addition to a workflow to execute when a file is uploaded completely, `WorkflowDetails` can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.", - "title": "WorkflowDetails" } }, + "required": [ + "Name", + "ResourceConfigurationType" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Server" + "AWS::VpcLattice::ResourceConfiguration" ], "type": "string" }, @@ -263031,179 +314493,156 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::Transfer::Server.As2Transport": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.EndpointDetails": { + "AWS::VpcLattice::ResourceConfiguration.DnsResource": { "additionalProperties": false, "properties": { - "AddressAllocationIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.\n> - You can't set address allocation IDs for servers that have an `IpAddressType` set to `DUALSTACK` You can only set this property if `IpAddressType` is set to `IPV4` .", - "title": "AddressAllocationIds", - "type": "array" - }, - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of security groups IDs that are available to attach to your server's endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC` .\n> \n> You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.", - "title": "SecurityGroupIds", - "type": "array" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of subnet IDs that are required to host your server endpoint in your VPC.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", - "title": "SubnetIds", - "type": "array" - }, - "VpcEndpointId": { - "markdownDescription": "The ID of the VPC endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` .", - "title": "VpcEndpointId", + "DomainName": { + "markdownDescription": "The domain name of the resource configuration.", + "title": "DomainName", "type": "string" }, - "VpcId": { - "markdownDescription": "The VPC ID of the virtual private cloud in which the server's endpoint will be hosted.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", - "title": "VpcId", + "IpAddressType": { + "markdownDescription": "The IP address type for the resource configuration. Dualstack is not currently supported.", + "title": "IpAddressType", "type": "string" } }, + "required": [ + "DomainName", + "IpAddressType" + ], "type": "object" }, - "AWS::Transfer::Server.IdentityProviderDetails": { + "AWS::VpcLattice::ResourceConfiguration.ResourceConfigurationDefinition": { "additionalProperties": false, "properties": { - "DirectoryId": { - "markdownDescription": "The identifier of the AWS Directory Service directory that you want to use as your identity provider.", - "title": "DirectoryId", - "type": "string" - }, - "Function": { - "markdownDescription": "The ARN for a Lambda function to use for the Identity provider.", - "title": "Function", + "ArnResource": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource configuration. For the ARN syntax and format, see [ARN format](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html#arns-syntax) in the *AWS Identity and Access Management user guide* .", + "title": "ArnResource", "type": "string" }, - "InvocationRole": { - "markdownDescription": "This parameter is only applicable if your `IdentityProviderType` is `API_GATEWAY` . Provides the type of `InvocationRole` used to authenticate the user account.", - "title": "InvocationRole", - "type": "string" - }, - "SftpAuthenticationMethods": { - "markdownDescription": "For SFTP-enabled servers, and for custom identity providers *only* , you can specify whether to authenticate using a password, SSH key pair, or both.\n\n- `PASSWORD` - users must provide their password to connect.\n- `PUBLIC_KEY` - users must provide their private key to connect.\n- `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either their password or their key. This is the default value.\n- `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private key and their password to connect. The server checks the key first, and then if the key is valid, the system prompts for a password. If the private key provided does not match the public key that is stored, authentication fails.", - "title": "SftpAuthenticationMethods", - "type": "string" + "DnsResource": { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration.DnsResource", + "markdownDescription": "The DNS name of the resource configuration.", + "title": "DnsResource" }, - "Url": { - "markdownDescription": "Provides the location of the service endpoint used to authenticate users.", - "title": "Url", + "IpResource": { + "markdownDescription": "The IP address of the resource configuration.", + "title": "IpResource", "type": "string" } }, "type": "object" }, - "AWS::Transfer::Server.Protocol": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.ProtocolDetails": { + "AWS::VpcLattice::ResourceGateway": { "additionalProperties": false, "properties": { - "As2Transports": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.As2Transport" - }, - "markdownDescription": "List of `As2Transport` objects.", - "title": "As2Transports", - "type": "array" - }, - "PassiveIp": { - "markdownDescription": "Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:\n\n`aws transfer update-server --protocol-details PassiveIp=0.0.0.0`\n\nReplace `0.0.0.0` in the example above with the actual IP address you want to use.\n\n> If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) . \n\n*Special values*\n\nThe `AUTO` and `0.0.0.0` are special values for the `PassiveIp` parameter. The value `PassiveIp=AUTO` is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. `PassiveIp=0.0.0.0` has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the `PassiveIp` parameter. This reduces the effectiveness of having High Availability. In this case, you can specify `PassiveIp=0.0.0.0` . This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the `PassiveIp=0.0.0.0` response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the `PassiveIp=0.0.0.0` response.", - "title": "PassiveIp", + "Condition": { "type": "string" }, - "SetStatOption": { - "markdownDescription": "Use the `SetStatOption` to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket.\n\nSome SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as `SETSTAT` when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.\n\nSet the value to `ENABLE_NO_OP` to have the Transfer Family server ignore the `SETSTAT` command, and upload files without needing to make any changes to your SFTP client. While the `SetStatOption` `ENABLE_NO_OP` setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a `SETSTAT` call.\n\n> If you want to preserve the original timestamp for your file, and modify other file attributes using `SETSTAT` , you can use Amazon EFS as backend storage with Transfer Family.", - "title": "SetStatOption", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TlsSessionResumptionMode": { - "markdownDescription": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients.", - "title": "TlsSessionResumptionMode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Server.S3StorageOptions": { - "additionalProperties": false, - "properties": { - "DirectoryListingOptimization": { - "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", - "title": "DirectoryListingOptimization", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Server.StructuredLogDestination": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Server.WorkflowDetail": { - "additionalProperties": false, - "properties": { - "ExecutionRole": { - "markdownDescription": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources", - "title": "ExecutionRole", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "WorkflowId": { - "markdownDescription": "A unique identifier for the workflow.", - "title": "WorkflowId", - "type": "string" - } - }, - "required": [ - "ExecutionRole", - "WorkflowId" - ], - "type": "object" - }, - "AWS::Transfer::Server.WorkflowDetails": { - "additionalProperties": false, - "properties": { - "OnPartialUpload": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IpAddressType": { + "markdownDescription": "The type of IP address used by the resource gateway.", + "title": "IpAddressType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the resource gateway.", + "title": "Name", + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups applied to the resource gateway.", + "title": "SecurityGroupIds", + "type": "array" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the VPC subnets for the resource gateway.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the resource gateway.", + "title": "Tags", + "type": "array" + }, + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC for the resource gateway.", + "title": "VpcIdentifier", + "type": "string" + } }, - "markdownDescription": "A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload.\n\nA *partial upload* occurs when a file is open when the session disconnects.\n\n> `OnPartialUpload` can contain a maximum of one `WorkflowDetail` object.", - "title": "OnPartialUpload", - "type": "array" + "required": [ + "Name", + "SubnetIds", + "VpcIdentifier" + ], + "type": "object" }, - "OnUpload": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" - }, - "markdownDescription": "A trigger that starts a workflow: the workflow begins to execute after a file is uploaded.\n\nTo remove an associated workflow from a server, you can provide an empty `OnUpload` object, as in the following example.\n\n`aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{\"OnUpload\":[]}'`\n\n> `OnUpload` can contain a maximum of one `WorkflowDetail` object.", - "title": "OnUpload", - "type": "array" + "Type": { + "enum": [ + "AWS::VpcLattice::ResourceGateway" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::Transfer::User": { + "AWS::VpcLattice::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { @@ -263238,76 +314677,26 @@ "Properties": { "additionalProperties": false, "properties": { - "HomeDirectory": { - "markdownDescription": "The landing directory (folder) for a user when they log in to the server using the client.\n\nA `HomeDirectory` example is `/bucket_name/home/mydirectory` .\n\n> You can use the `HomeDirectory` parameter for `HomeDirectoryType` when it is set to either `PATH` or `LOGICAL` .", - "title": "HomeDirectory", - "type": "string" - }, - "HomeDirectoryMappings": { - "items": { - "$ref": "#/definitions/AWS::Transfer::User.HomeDirectoryMapEntry" - }, - "markdownDescription": "Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the `Entry` and `Target` pair, where `Entry` shows how the path is made visible and `Target` is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in `Target` . This value can be set only when `HomeDirectoryType` is set to *LOGICAL* .\n\nThe following is an `Entry` and `Target` pair example.\n\n`[ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`\n\nIn most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (\" `chroot` \"). To do this, you can set `Entry` to `/` and set `Target` to the value the user should see for their home directory when they log in.\n\nThe following is an `Entry` and `Target` pair example for `chroot` .\n\n`[ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`", - "title": "HomeDirectoryMappings", - "type": "array" - }, - "HomeDirectoryType": { - "markdownDescription": "The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to `PATH` , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to `LOGICAL` , you need to provide mappings in the `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon EFS paths visible to your users.\n\n> If `HomeDirectoryType` is `LOGICAL` , you must provide mappings, using the `HomeDirectoryMappings` parameter. If, on the other hand, `HomeDirectoryType` is `PATH` , you provide an absolute path using the `HomeDirectory` parameter. You cannot have both `HomeDirectory` and `HomeDirectoryMappings` in your template.", - "title": "HomeDirectoryType", - "type": "string" - }, "Policy": { - "markdownDescription": "A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include `${Transfer:UserName}` , `${Transfer:HomeDirectory}` , and `${Transfer:HomeBucket}` .\n\n> For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the `Policy` argument.\n> \n> For an example of a session policy, see [Example session policy](https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html) .\n> \n> For more information, see [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) in the *AWS Security Token Service API Reference* .", + "markdownDescription": "The Amazon Resource Name (ARN) of the service network or service.", "title": "Policy", - "type": "string" - }, - "PosixProfile": { - "$ref": "#/definitions/AWS::Transfer::User.PosixProfile", - "markdownDescription": "Specifies the full POSIX identity, including user ID ( `Uid` ), group ID ( `Gid` ), and any secondary groups IDs ( `SecondaryGids` ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.", - "title": "PosixProfile" - }, - "Role": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.", - "title": "Role", - "type": "string" - }, - "ServerId": { - "markdownDescription": "A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.", - "title": "ServerId", - "type": "string" - }, - "SshPublicKeys": { - "items": { - "$ref": "#/definitions/AWS::Transfer::User.SshPublicKey" - }, - "markdownDescription": "Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.\n\n> To delete the public key body, set its value to zero keys, as shown here:\n> \n> `SshPublicKeys: []`", - "title": "SshPublicKeys", - "type": "array" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.", - "title": "Tags", - "type": "array" + "type": "object" }, - "UserName": { - "markdownDescription": "A unique string that identifies a user and is associated with a `ServerId` . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.", - "title": "UserName", + "ResourceArn": { + "markdownDescription": "An IAM policy.", + "title": "ResourceArn", "type": "string" } }, "required": [ - "Role", - "ServerId", - "UserName" + "Policy", + "ResourceArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::User" + "AWS::VpcLattice::ResourcePolicy" ], "type": "string" }, @@ -263326,65 +314715,7 @@ ], "type": "object" }, - "AWS::Transfer::User.HomeDirectoryMapEntry": { - "additionalProperties": false, - "properties": { - "Entry": { - "markdownDescription": "Represents an entry for `HomeDirectoryMappings` .", - "title": "Entry", - "type": "string" - }, - "Target": { - "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", - "title": "Target", - "type": "string" - }, - "Type": { - "markdownDescription": "Specifies the type of mapping. Set the type to `FILE` if you want the mapping to point to a file, or `DIRECTORY` for the directory to point to a directory.\n\n> By default, home directory mappings have a `Type` of `DIRECTORY` when you create a Transfer Family server. You would need to explicitly set `Type` to `FILE` if you want a mapping to have a file target.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "Entry", - "Target" - ], - "type": "object" - }, - "AWS::Transfer::User.PosixProfile": { - "additionalProperties": false, - "properties": { - "Gid": { - "markdownDescription": "The POSIX group ID used for all EFS operations by this user.", - "title": "Gid", - "type": "number" - }, - "SecondaryGids": { - "items": { - "type": "number" - }, - "markdownDescription": "The secondary POSIX group IDs used for all EFS operations by this user.", - "title": "SecondaryGids", - "type": "array" - }, - "Uid": { - "markdownDescription": "The POSIX user ID used for all EFS operations by this user.", - "title": "Uid", - "type": "number" - } - }, - "required": [ - "Gid", - "Uid" - ], - "type": "object" - }, - "AWS::Transfer::User.SshPublicKey": { - "additionalProperties": false, - "properties": {}, - "type": "object" - }, - "AWS::Transfer::Workflow": { + "AWS::VpcLattice::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -263419,44 +314750,55 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Specifies the text description for the workflow.", - "title": "Description", + "Action": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Action", + "markdownDescription": "Describes the action for a rule.", + "title": "Action" + }, + "ListenerIdentifier": { + "markdownDescription": "The ID or ARN of the listener.", + "title": "ListenerIdentifier", "type": "string" }, - "OnExceptionSteps": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" - }, - "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", - "title": "OnExceptionSteps", - "type": "array" + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Match", + "markdownDescription": "The rule match.", + "title": "Match" }, - "Steps": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" - }, - "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", - "title": "Steps", - "type": "array" + "Name": { + "markdownDescription": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", + "type": "string" + }, + "Priority": { + "markdownDescription": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.", + "title": "Priority", + "type": "number" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", + "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", + "markdownDescription": "The tags for the rule.", "title": "Tags", "type": "array" } }, "required": [ - "Steps" + "Action", + "Match", + "Priority" ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Workflow" + "AWS::VpcLattice::Rule" ], "type": "string" }, @@ -263475,245 +314817,192 @@ ], "type": "object" }, - "AWS::Transfer::Workflow.CopyStepDetails": { + "AWS::VpcLattice::Rule.Action": { "additionalProperties": false, "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", - "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" + "FixedResponse": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.FixedResponse", + "markdownDescription": "The fixed response action. The rule returns a custom HTTP response.", + "title": "FixedResponse" }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" + "Forward": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.Forward", + "markdownDescription": "The forward action. Traffic that matches the rule is forwarded to the specified target groups.", + "title": "Forward" } }, "type": "object" }, - "AWS::Transfer::Workflow.CustomStepDetails": { + "AWS::VpcLattice::Rule.FixedResponse": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Target": { - "markdownDescription": "The ARN for the Lambda function that is being called.", - "title": "Target", - "type": "string" - }, - "TimeoutSeconds": { - "markdownDescription": "Timeout, in seconds, for the step.", - "title": "TimeoutSeconds", + "StatusCode": { + "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", + "title": "StatusCode", "type": "number" } }, + "required": [ + "StatusCode" + ], "type": "object" }, - "AWS::Transfer::Workflow.DecryptStepDetails": { + "AWS::VpcLattice::Rule.Forward": { "additionalProperties": false, "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", - "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", - "title": "Type", - "type": "string" + "TargetGroups": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.WeightedTargetGroup" + }, + "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", + "title": "TargetGroups", + "type": "array" } }, + "required": [ + "TargetGroups" + ], "type": "object" }, - "AWS::Transfer::Workflow.DeleteStepDetails": { + "AWS::VpcLattice::Rule.HeaderMatch": { "additionalProperties": false, "properties": { + "CaseSensitive": { + "markdownDescription": "Indicates whether the match is case sensitive.", + "title": "CaseSensitive", + "type": "boolean" + }, + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatchType", + "markdownDescription": "The header match type.", + "title": "Match" + }, "Name": { - "markdownDescription": "The name of the step, used as an identifier.", + "markdownDescription": "The name of the header.", "title": "Name", "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" } }, + "required": [ + "Match", + "Name" + ], "type": "object" }, - "AWS::Transfer::Workflow.EfsInputFileLocation": { + "AWS::VpcLattice::Rule.HeaderMatchType": { "additionalProperties": false, "properties": { - "FileSystemId": { - "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", - "title": "FileSystemId", + "Contains": { + "markdownDescription": "A contains type match.", + "title": "Contains", "type": "string" }, - "Path": { - "markdownDescription": "The pathname for the folder being used by a workflow.", - "title": "Path", + "Exact": { + "markdownDescription": "An exact type match.", + "title": "Exact", "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.InputFileLocation": { - "additionalProperties": false, - "properties": { - "EfsFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", - "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", - "title": "EfsFileLocation" }, - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", - "title": "S3FileLocation" + "Prefix": { + "markdownDescription": "A prefix type match. Matches the value with the prefix.", + "title": "Prefix", + "type": "string" } }, "type": "object" }, - "AWS::Transfer::Workflow.S3FileLocation": { + "AWS::VpcLattice::Rule.HttpMatch": { "additionalProperties": false, "properties": { - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", - "title": "S3FileLocation" + "HeaderMatches": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatch" + }, + "markdownDescription": "The header matches. Matches incoming requests with rule based on request header value before applying rule action.", + "title": "HeaderMatches", + "type": "array" + }, + "Method": { + "markdownDescription": "The HTTP method type.", + "title": "Method", + "type": "string" + }, + "PathMatch": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatch", + "markdownDescription": "The path match.", + "title": "PathMatch" } }, "type": "object" }, - "AWS::Transfer::Workflow.S3InputFileLocation": { + "AWS::VpcLattice::Rule.Match": { "additionalProperties": false, "properties": { - "Bucket": { - "markdownDescription": "Specifies the S3 bucket for the customer input file.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", - "title": "Key", - "type": "string" + "HttpMatch": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.HttpMatch", + "markdownDescription": "The HTTP criteria that a rule must match.", + "title": "HttpMatch" } }, + "required": [ + "HttpMatch" + ], "type": "object" }, - "AWS::Transfer::Workflow.S3Tag": { + "AWS::VpcLattice::Rule.PathMatch": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The name assigned to the tag that you create.", - "title": "Key", - "type": "string" + "CaseSensitive": { + "markdownDescription": "Indicates whether the match is case sensitive.", + "title": "CaseSensitive", + "type": "boolean" }, - "Value": { - "markdownDescription": "The value that corresponds to the key.", - "title": "Value", - "type": "string" + "Match": { + "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatchType", + "markdownDescription": "The type of path match.", + "title": "Match" } }, "required": [ - "Key", - "Value" + "Match" ], "type": "object" }, - "AWS::Transfer::Workflow.TagStepDetails": { + "AWS::VpcLattice::Rule.PathMatchType": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", + "Exact": { + "markdownDescription": "An exact match of the path.", + "title": "Exact", "type": "string" }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", + "Prefix": { + "markdownDescription": "A prefix match of the path.", + "title": "Prefix", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" - }, - "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", - "title": "Tags", - "type": "array" } }, "type": "object" }, - "AWS::Transfer::Workflow.WorkflowStep": { + "AWS::VpcLattice::Rule.WeightedTargetGroup": { "additionalProperties": false, "properties": { - "CopyStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", - "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", - "title": "CopyStepDetails" - }, - "CustomStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", - "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", - "title": "CustomStepDetails" - }, - "DecryptStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", - "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", - "title": "DecryptStepDetails" - }, - "DeleteStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", - "markdownDescription": "Details for a step that deletes the file.", - "title": "DeleteStepDetails" - }, - "TagStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", - "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", - "title": "TagStepDetails" - }, - "Type": { - "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", - "title": "Type", + "TargetGroupIdentifier": { + "markdownDescription": "The ID of the target group.", + "title": "TargetGroupIdentifier", "type": "string" + }, + "Weight": { + "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", + "title": "Weight", + "type": "number" } }, + "required": [ + "TargetGroupIdentifier" + ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource": { + "AWS::VpcLattice::Service": { "additionalProperties": false, "properties": { "Condition": { @@ -263748,31 +315037,45 @@ "Properties": { "additionalProperties": false, "properties": { - "Configuration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration", - "markdownDescription": "Contains configuration information used when creating a new identity source.", - "title": "Configuration" + "AuthType": { + "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", + "title": "AuthType", + "type": "string" }, - "PolicyStoreId": { - "markdownDescription": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", - "title": "PolicyStoreId", + "CertificateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", + "title": "CertificateArn", "type": "string" }, - "PrincipalEntityType": { - "markdownDescription": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.", - "title": "PrincipalEntityType", + "CustomDomainName": { + "markdownDescription": "The custom domain name of the service.", + "title": "CustomDomainName", + "type": "string" + }, + "DnsEntry": { + "$ref": "#/definitions/AWS::VpcLattice::Service.DnsEntry", + "markdownDescription": "Describes the DNS information of the service. This field is read-only.", + "title": "DnsEntry" + }, + "Name": { + "markdownDescription": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Configuration", - "PolicyStoreId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::IdentitySource" + "AWS::VpcLattice::Service" ], "type": "string" }, @@ -263786,67 +315089,122 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration": { + "AWS::VpcLattice::Service.DnsEntry": { "additionalProperties": false, "properties": { - "GroupEntityType": { - "markdownDescription": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup` .", - "title": "GroupEntityType", + "DomainName": { + "markdownDescription": "The domain name of the service.", + "title": "DomainName", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone.", + "title": "HostedZoneId", "type": "string" } }, - "required": [ - "GroupEntityType" - ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration": { + "AWS::VpcLattice::ServiceNetwork": { "additionalProperties": false, "properties": { - "ClientIds": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AuthType": { + "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", + "title": "AuthType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", + "type": "string" + }, + "SharingConfig": { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetwork.SharingConfig", + "markdownDescription": "Specify if the service network should be enabled for sharing.", + "title": "SharingConfig" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the service network.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n\nExample: `\"ClientIds\": [\"&ExampleCogClientId;\"]`", - "title": "ClientIds", - "type": "array" + "type": "object" }, - "GroupConfiguration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration", - "markdownDescription": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.", - "title": "GroupConfiguration" + "Type": { + "enum": [ + "AWS::VpcLattice::ServiceNetwork" + ], + "type": "string" }, - "UserPoolArn": { - "markdownDescription": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool that contains the identities to be authorized.", - "title": "UserPoolArn", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "UserPoolArn" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration": { + "AWS::VpcLattice::ServiceNetwork.SharingConfig": { "additionalProperties": false, "properties": { - "CognitoUserPoolConfiguration": { - "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration", - "markdownDescription": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions .", - "title": "CognitoUserPoolConfiguration" + "enabled": { + "markdownDescription": "Specify if the service network should be enabled for sharing.", + "title": "enabled", + "type": "boolean" } }, "required": [ - "CognitoUserPoolConfiguration" + "enabled" ], "type": "object" }, - "AWS::VerifiedPermissions::Policy": { + "AWS::VpcLattice::ServiceNetworkResourceAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -263881,26 +315239,30 @@ "Properties": { "additionalProperties": false, "properties": { - "Definition": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.PolicyDefinition", - "markdownDescription": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element.", - "title": "Definition" + "ResourceConfigurationId": { + "markdownDescription": "The ID of the resource configuration associated with the service network.", + "title": "ResourceConfigurationId", + "type": "string" }, - "PolicyStoreId": { - "markdownDescription": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in.", - "title": "PolicyStoreId", + "ServiceNetworkId": { + "markdownDescription": "The ID of the service network associated with the resource configuration.", + "title": "ServiceNetworkId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "A key-value pair to associate with a resource.", + "title": "Tags", + "type": "array" } }, - "required": [ - "Definition", - "PolicyStoreId" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::Policy" + "AWS::VpcLattice::ServiceNetworkResourceAssociation" ], "type": "string" }, @@ -263914,91 +315276,108 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::Policy.EntityIdentifier": { + "AWS::VpcLattice::ServiceNetworkServiceAssociation": { "additionalProperties": false, "properties": { - "EntityId": { - "markdownDescription": "The identifier of an entity.\n\n`\"entityId\":\" *identifier* \"`", - "title": "EntityId", + "Condition": { "type": "string" }, - "EntityType": { - "markdownDescription": "The type of an entity.\n\nExample: `\"entityType\":\" *typeName* \"`", - "title": "EntityType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" - } - }, - "required": [ - "EntityId", - "EntityType" - ], - "type": "object" - }, - "AWS::VerifiedPermissions::Policy.PolicyDefinition": { - "additionalProperties": false, - "properties": { - "Static": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.StaticPolicyDefinition", - "markdownDescription": "A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.", - "title": "Static" }, - "TemplateLinked": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition", - "markdownDescription": "A structure that describes a policy that was instantiated from a template. The template can specify placeholders for `principal` and `resource` . When you use [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy.", - "title": "TemplateLinked" - } - }, - "type": "object" - }, - "AWS::VerifiedPermissions::Policy.StaticPolicyDefinition": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the static policy.", - "title": "Description", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DnsEntry": { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry", + "markdownDescription": "The DNS information of the service.", + "title": "DnsEntry" + }, + "ServiceIdentifier": { + "markdownDescription": "The ID or ARN of the service.", + "title": "ServiceIdentifier", + "type": "string" + }, + "ServiceNetworkIdentifier": { + "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", + "title": "ServiceNetworkIdentifier", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the association.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::VpcLattice::ServiceNetworkServiceAssociation" + ], "type": "string" }, - "Statement": { - "markdownDescription": "The policy content of the static policy, written in the Cedar policy language.", - "title": "Statement", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Statement" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition": { + "AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry": { "additionalProperties": false, "properties": { - "PolicyTemplateId": { - "markdownDescription": "The unique identifier of the policy template used to create this policy.", - "title": "PolicyTemplateId", + "DomainName": { + "markdownDescription": "The domain name of the service.", + "title": "DomainName", "type": "string" }, - "Principal": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", - "markdownDescription": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the `?principal` placeholder in the policy template when it evaluates an authorization request.", - "title": "Principal" - }, - "Resource": { - "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", - "markdownDescription": "The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the `?resource` placeholder in the policy template when it evaluates an authorization request.", - "title": "Resource" + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone.", + "title": "HostedZoneId", + "type": "string" } }, - "required": [ - "PolicyTemplateId" - ], "type": "object" }, - "AWS::VerifiedPermissions::PolicyStore": { + "AWS::VpcLattice::ServiceNetworkVpcAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -264033,30 +315412,38 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Descriptive text that you can provide to help with identification of the current policy store.", - "title": "Description", + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", + "title": "SecurityGroupIds", + "type": "array" + }, + "ServiceNetworkIdentifier": { + "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", + "title": "ServiceNetworkIdentifier", "type": "string" }, - "Schema": { - "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.SchemaDefinition", - "markdownDescription": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.", - "title": "Schema" + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the association.", + "title": "Tags", + "type": "array" }, - "ValidationSettings": { - "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.ValidationSettings", - "markdownDescription": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n> We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on.", - "title": "ValidationSettings" + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC.", + "title": "VpcIdentifier", + "type": "string" } }, - "required": [ - "ValidationSettings" - ], "type": "object" }, "Type": { "enum": [ - "AWS::VerifiedPermissions::PolicyStore" + "AWS::VpcLattice::ServiceNetworkVpcAssociation" ], "type": "string" }, @@ -264070,37 +315457,11 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { - "additionalProperties": false, - "properties": { - "CedarJson": { - "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", - "title": "CedarJson", - "type": "string" - } - }, - "type": "object" - }, - "AWS::VerifiedPermissions::PolicyStore.ValidationSettings": { - "additionalProperties": false, - "properties": { - "Mode": { - "markdownDescription": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* \u2013 Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* \u2013 Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n> If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n> \n> To submit a static policy or policy template without a schema, you must turn off validation.", - "title": "Mode", - "type": "string" - } - }, - "required": [ - "Mode" + "Type" ], "type": "object" }, - "AWS::VerifiedPermissions::PolicyTemplate": { + "AWS::VpcLattice::TargetGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -264135,50 +315496,195 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description to attach to the new or updated policy template.", - "title": "Description", - "type": "string" + "Config": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.TargetGroupConfig", + "markdownDescription": "The target group configuration.", + "title": "Config" }, - "PolicyStoreId": { - "markdownDescription": "The unique identifier of the policy store that contains the template.", - "title": "PolicyStoreId", + "Name": { + "markdownDescription": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "title": "Name", "type": "string" }, - "Statement": { - "markdownDescription": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language.", - "title": "Statement", + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags for the target group.", + "title": "Tags", + "type": "array" + }, + "Targets": { + "items": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Target" + }, + "markdownDescription": "Describes a target.", + "title": "Targets", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of target group.", + "title": "Type", "type": "string" } }, "required": [ - "PolicyStoreId", - "Statement" + "Type" ], "type": "object" }, - "Type": { - "enum": [ - "AWS::VerifiedPermissions::PolicyTemplate" - ], + "Type": { + "enum": [ + "AWS::VpcLattice::TargetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.HealthCheckConfig": { + "additionalProperties": false, + "properties": { + "Enabled": { + "markdownDescription": "Indicates whether health checking is enabled.", + "title": "Enabled", + "type": "boolean" + }, + "HealthCheckIntervalSeconds": { + "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5\u2013300 seconds. The default is 30 seconds.", + "title": "HealthCheckIntervalSeconds", + "type": "number" + }, + "HealthCheckTimeoutSeconds": { + "markdownDescription": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1\u2013120 seconds. The default is 5 seconds.", + "title": "HealthCheckTimeoutSeconds", + "type": "number" + }, + "HealthyThresholdCount": { + "markdownDescription": "The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2\u201310. The default is 5.", + "title": "HealthyThresholdCount", + "type": "number" + }, + "Matcher": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Matcher", + "markdownDescription": "The codes to use when checking for a successful response from a target.", + "title": "Matcher" + }, + "Path": { + "markdownDescription": "The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI.", + "title": "Path", + "type": "string" + }, + "Port": { + "markdownDescription": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` .", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` .", + "title": "ProtocolVersion", + "type": "string" + }, + "UnhealthyThresholdCount": { + "markdownDescription": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2\u201310. The default is 2.", + "title": "UnhealthyThresholdCount", + "type": "number" + } + }, + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.Matcher": { + "additionalProperties": false, + "properties": { + "HttpCode": { + "markdownDescription": "The HTTP code to use when checking for a successful response from a target.", + "title": "HttpCode", + "type": "string" + } + }, + "required": [ + "HttpCode" + ], + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.Target": { + "additionalProperties": false, + "properties": { + "Id": { + "markdownDescription": "The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer.", + "title": "Id", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.", + "title": "Port", + "type": "number" + } + }, + "required": [ + "Id" + ], + "type": "object" + }, + "AWS::VpcLattice::TargetGroup.TargetGroupConfig": { + "additionalProperties": false, + "properties": { + "HealthCheck": { + "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.HealthCheckConfig", + "markdownDescription": "The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` .", + "title": "HealthCheck" + }, + "IpAddressType": { + "markdownDescription": "The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` .", + "title": "IpAddressType", + "type": "string" + }, + "LambdaEventStructureVersion": { + "markdownDescription": "The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` .", + "title": "LambdaEventStructureVersion", + "type": "string" + }, + "Port": { + "markdownDescription": "The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` .", + "title": "Port", + "type": "number" + }, + "Protocol": { + "markdownDescription": "The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` .", + "title": "Protocol", + "type": "string" + }, + "ProtocolVersion": { + "markdownDescription": "The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` .", + "title": "ProtocolVersion", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "VpcIdentifier": { + "markdownDescription": "The ID of the VPC. Not supported if the target group type is `LAMBDA` .", + "title": "VpcIdentifier", "type": "string" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::VoiceID::Domain": { + "AWS::WAF::ByteMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264213,39 +315719,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "The description of the domain.", - "title": "Description", - "type": "string" + "ByteMatchTuples": { + "items": { + "$ref": "#/definitions/AWS::WAF::ByteMatchSet.ByteMatchTuple" + }, + "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", + "title": "ByteMatchTuples", + "type": "array" }, "Name": { - "markdownDescription": "The name for the domain.", + "markdownDescription": "The name of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", "title": "Name", "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::VoiceID::Domain.ServerSideEncryptionConfiguration", - "markdownDescription": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data.", - "title": "ServerSideEncryptionConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" } }, "required": [ - "Name", - "ServerSideEncryptionConfiguration" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VoiceID::Domain" + "AWS::WAF::ByteMatchSet" ], "type": "string" }, @@ -264264,21 +315759,62 @@ ], "type": "object" }, - "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { + "AWS::WAF::ByteMatchSet.ByteMatchTuple": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys.", - "title": "KmsKeyId", + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::ByteMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "PositionalConstraint": { + "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", + "type": "string" + }, + "TargetString": { + "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", + "title": "TargetString", + "type": "string" + }, + "TargetStringBase64": { + "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", + "title": "TargetStringBase64", + "type": "string" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", "type": "string" } }, "required": [ - "KmsKeyId" + "FieldToMatch", + "PositionalConstraint", + "TextTransformation" ], "type": "object" }, - "AWS::VpcLattice::AccessLogSubscription": { + "AWS::WAF::ByteMatchSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" + }, + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAF::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264313,33 +315849,28 @@ "Properties": { "additionalProperties": false, "properties": { - "DestinationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.", - "title": "DestinationArn", - "type": "string" - }, - "ResourceIdentifier": { - "markdownDescription": "The ID or ARN of the service network or service.", - "title": "ResourceIdentifier", - "type": "string" - }, - "Tags": { + "IPSetDescriptors": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::IPSet.IPSetDescriptor" }, - "markdownDescription": "The tags for the access log subscription.", - "title": "Tags", + "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from. If the `WebACL` is associated with an Amazon CloudFront distribution and the viewer did not use an HTTP proxy or a load balancer to send the request, this is the value of the c-ip field in the CloudFront access logs.", + "title": "IPSetDescriptors", "type": "array" + }, + "Name": { + "markdownDescription": "The name of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "title": "Name", + "type": "string" } }, "required": [ - "DestinationArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::AccessLogSubscription" + "AWS::WAF::IPSet" ], "type": "string" }, @@ -264358,7 +315889,27 @@ ], "type": "object" }, - "AWS::VpcLattice::AuthPolicy": { + "AWS::WAF::IPSet.IPSetDescriptor": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Specify `IPV4` or `IPV6` .", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::WAF::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -264393,26 +315944,34 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "The auth policy.", - "title": "Policy", - "type": "object" + "MetricName": { + "markdownDescription": "The name of the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", + "title": "MetricName", + "type": "string" }, - "ResourceIdentifier": { - "markdownDescription": "The ID or ARN of the service network or service for which the policy is created.", - "title": "ResourceIdentifier", + "Name": { + "markdownDescription": "The friendly name or description for the `Rule` . You can't change the name of a `Rule` after you create it.", + "title": "Name", "type": "string" + }, + "Predicates": { + "items": { + "$ref": "#/definitions/AWS::WAF::Rule.Predicate" + }, + "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", + "title": "Predicates", + "type": "array" } }, "required": [ - "Policy", - "ResourceIdentifier" + "MetricName", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::AuthPolicy" + "AWS::WAF::Rule" ], "type": "string" }, @@ -264431,7 +315990,33 @@ ], "type": "object" }, - "AWS::VpcLattice::Listener": { + "AWS::WAF::Rule.Predicate": { + "additionalProperties": false, + "properties": { + "DataId": { + "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", + "title": "DataId", + "type": "string" + }, + "Negated": { + "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", + "title": "Negated", + "type": "boolean" + }, + "Type": { + "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "DataId", + "Negated", + "Type" + ], + "type": "object" + }, + "AWS::WAF::SizeConstraintSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264466,49 +316051,29 @@ "Properties": { "additionalProperties": false, "properties": { - "DefaultAction": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.DefaultAction", - "markdownDescription": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match.", - "title": "DefaultAction" - }, "Name": { - "markdownDescription": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "The name, if any, of the `SizeConstraintSet` .", "title": "Name", "type": "string" }, - "Port": { - "markdownDescription": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The listener protocol.", - "title": "Protocol", - "type": "string" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "Tags": { + "SizeConstraints": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.SizeConstraint" }, - "markdownDescription": "The tags for the listener.", - "title": "Tags", + "markdownDescription": "The size constraint and the part of the web request to check.", + "title": "SizeConstraints", "type": "array" } }, "required": [ - "DefaultAction", - "Protocol" + "Name", + "SizeConstraints" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Listener" + "AWS::WAF::SizeConstraintSet" ], "type": "string" }, @@ -264527,73 +316092,58 @@ ], "type": "object" }, - "AWS::VpcLattice::Listener.DefaultAction": { + "AWS::WAF::SizeConstraintSet.FieldToMatch": { "additionalProperties": false, "properties": { - "FixedResponse": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.FixedResponse", - "markdownDescription": "Describes an action that returns a custom HTTP response.", - "title": "FixedResponse" + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" }, - "Forward": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.Forward", - "markdownDescription": "Describes a forward action. You can use forward actions to route requests to one or more target groups.", - "title": "Forward" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Listener.FixedResponse": { - "additionalProperties": false, - "properties": { - "StatusCode": { - "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", - "title": "StatusCode", - "type": "number" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::VpcLattice::Listener.Forward": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Listener.WeightedTargetGroup" - }, - "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", - "title": "TargetGroups", - "type": "array" + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" } }, "required": [ - "TargetGroups" + "Type" ], "type": "object" }, - "AWS::VpcLattice::Listener.WeightedTargetGroup": { + "AWS::WAF::SizeConstraintSet.SizeConstraint": { "additionalProperties": false, "properties": { - "TargetGroupIdentifier": { - "markdownDescription": "The ID of the target group.", - "title": "TargetGroupIdentifier", + "ComparisonOperator": { + "markdownDescription": "The type of comparison you want AWS WAF to perform. AWS WAF uses this in combination with the provided `Size` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\n*EQ* : Used to test if the `Size` is equal to the size of the `FieldToMatch`\n\n*NE* : Used to test if the `Size` is not equal to the size of the `FieldToMatch`\n\n*LE* : Used to test if the `Size` is less than or equal to the size of the `FieldToMatch`\n\n*LT* : Used to test if the `Size` is strictly less than the size of the `FieldToMatch`\n\n*GE* : Used to test if the `Size` is greater than or equal to the size of the `FieldToMatch`\n\n*GT* : Used to test if the `Size` is strictly greater than the size of the `FieldToMatch`", + "title": "ComparisonOperator", "type": "string" }, - "Weight": { - "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", - "title": "Weight", + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "Size": { + "markdownDescription": "The size in bytes that you want AWS WAF to compare against the size of the specified `FieldToMatch` . AWS WAF uses this in combination with `ComparisonOperator` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\nValid values for size are 0 - 21474836480 bytes (0 - 20 GB).\n\nIf you specify `URI` for the value of `Type` , the / in the URI path that you specify counts as one character. For example, the URI `/logo.jpg` is nine characters long.", + "title": "Size", "type": "number" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because Amazon CloudFront forwards only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", + "title": "TextTransformation", + "type": "string" } }, "required": [ - "TargetGroupIdentifier" + "ComparisonOperator", + "FieldToMatch", + "Size", + "TextTransformation" ], "type": "object" }, - "AWS::VpcLattice::ResourcePolicy": { + "AWS::WAF::SqlInjectionMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264628,26 +316178,28 @@ "Properties": { "additionalProperties": false, "properties": { - "Policy": { - "markdownDescription": "The Amazon Resource Name (ARN) of the service network or service.", - "title": "Policy", - "type": "object" - }, - "ResourceArn": { - "markdownDescription": "An IAM policy.", - "title": "ResourceArn", + "Name": { + "markdownDescription": "The name, if any, of the `SqlInjectionMatchSet` .", + "title": "Name", "type": "string" + }, + "SqlInjectionMatchTuples": { + "items": { + "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple" + }, + "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", + "title": "SqlInjectionMatchTuples", + "type": "array" } }, "required": [ - "Policy", - "ResourceArn" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ResourcePolicy" + "AWS::WAF::SqlInjectionMatchSet" ], "type": "string" }, @@ -264666,7 +316218,46 @@ ], "type": "object" }, - "AWS::VpcLattice::Rule": { + "AWS::WAF::SqlInjectionMatchSet.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", + "type": "string" + }, + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", + "type": "string" + } + }, + "required": [ + "FieldToMatch", + "TextTransformation" + ], + "type": "object" + }, + "AWS::WAF::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -264701,55 +316292,40 @@ "Properties": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Action", - "markdownDescription": "Describes the action for a rule.", - "title": "Action" + "DefaultAction": { + "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", + "title": "DefaultAction" }, - "ListenerIdentifier": { - "markdownDescription": "The ID or ARN of the listener.", - "title": "ListenerIdentifier", + "MetricName": { + "markdownDescription": "The name of the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", + "title": "MetricName", "type": "string" }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Match", - "markdownDescription": "The rule match.", - "title": "Match" - }, "Name": { - "markdownDescription": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "A friendly name or description of the `WebACL` . You can't change the name of a `WebACL` after you create it.", "title": "Name", "type": "string" }, - "Priority": { - "markdownDescription": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.", - "title": "Priority", - "type": "number" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "Tags": { + "Rules": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::WebACL.ActivatedRule" }, - "markdownDescription": "The tags for the rule.", - "title": "Tags", + "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", + "title": "Rules", "type": "array" } }, "required": [ - "Action", - "Match", - "Priority" + "DefaultAction", + "MetricName", + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Rule" + "AWS::WAF::WebACL" ], "type": "string" }, @@ -264768,192 +316344,46 @@ ], "type": "object" }, - "AWS::VpcLattice::Rule.Action": { + "AWS::WAF::WebACL.ActivatedRule": { "additionalProperties": false, "properties": { - "FixedResponse": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.FixedResponse", - "markdownDescription": "The fixed response action. The rule returns a custom HTTP response.", - "title": "FixedResponse" + "Action": { + "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "markdownDescription": "Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the `Rule` . Valid values for `Action` include the following:\n\n- `ALLOW` : CloudFront responds with the requested object.\n- `BLOCK` : CloudFront responds with an HTTP 403 (Forbidden) status code.\n- `COUNT` : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.\n\n`ActivatedRule|OverrideAction` applies only when updating or adding a `RuleGroup` to a `WebACL` . In this case, you do not use `ActivatedRule|Action` . For all other update requests, `ActivatedRule|Action` is used instead of `ActivatedRule|OverrideAction` .", + "title": "Action" }, - "Forward": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.Forward", - "markdownDescription": "The forward action. Traffic that matches the rule is forwarded to the specified target groups.", - "title": "Forward" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.FixedResponse": { - "additionalProperties": false, - "properties": { - "StatusCode": { - "markdownDescription": "The HTTP response code. Only `404` and `500` status codes are supported.", - "title": "StatusCode", + "Priority": { + "markdownDescription": "Specifies the order in which the `Rules` in a `WebACL` are evaluated. Rules with a lower value for `Priority` are evaluated before `Rules` with a higher value. The value must be a unique integer. If you add multiple `Rules` to a `WebACL` , the values don't need to be consecutive.", + "title": "Priority", "type": "number" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.Forward": { - "additionalProperties": false, - "properties": { - "TargetGroups": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.WeightedTargetGroup" - }, - "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", - "title": "TargetGroups", - "type": "array" - } - }, - "required": [ - "TargetGroups" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.HeaderMatch": { - "additionalProperties": false, - "properties": { - "CaseSensitive": { - "markdownDescription": "Indicates whether the match is case sensitive.", - "title": "CaseSensitive", - "type": "boolean" - }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatchType", - "markdownDescription": "The header match type.", - "title": "Match" - }, - "Name": { - "markdownDescription": "The name of the header.", - "title": "Name", - "type": "string" - } - }, - "required": [ - "Match", - "Name" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.HeaderMatchType": { - "additionalProperties": false, - "properties": { - "Contains": { - "markdownDescription": "A contains type match.", - "title": "Contains", - "type": "string" - }, - "Exact": { - "markdownDescription": "An exact type match.", - "title": "Exact", - "type": "string" - }, - "Prefix": { - "markdownDescription": "A prefix type match. Matches the value with the prefix.", - "title": "Prefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.HttpMatch": { - "additionalProperties": false, - "properties": { - "HeaderMatches": { - "items": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatch" - }, - "markdownDescription": "The header matches. Matches incoming requests with rule based on request header value before applying rule action.", - "title": "HeaderMatches", - "type": "array" }, - "Method": { - "markdownDescription": "The HTTP method type.", - "title": "Method", + "RuleId": { + "markdownDescription": "The `RuleId` for a `Rule` . You use `RuleId` to get more information about a `Rule` , update a `Rule` , insert a `Rule` into a `WebACL` or delete a one from a `WebACL` , or delete a `Rule` from AWS WAF .\n\n`RuleId` is returned by `CreateRule` and by `ListRules` .", + "title": "RuleId", "type": "string" - }, - "PathMatch": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatch", - "markdownDescription": "The path match.", - "title": "PathMatch" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.Match": { - "additionalProperties": false, - "properties": { - "HttpMatch": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.HttpMatch", - "markdownDescription": "The HTTP criteria that a rule must match.", - "title": "HttpMatch" - } - }, - "required": [ - "HttpMatch" - ], - "type": "object" - }, - "AWS::VpcLattice::Rule.PathMatch": { - "additionalProperties": false, - "properties": { - "CaseSensitive": { - "markdownDescription": "Indicates whether the match is case sensitive.", - "title": "CaseSensitive", - "type": "boolean" - }, - "Match": { - "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatchType", - "markdownDescription": "The type of path match.", - "title": "Match" } }, "required": [ - "Match" + "Priority", + "RuleId" ], "type": "object" }, - "AWS::VpcLattice::Rule.PathMatchType": { - "additionalProperties": false, - "properties": { - "Exact": { - "markdownDescription": "An exact match of the path.", - "title": "Exact", - "type": "string" - }, - "Prefix": { - "markdownDescription": "A prefix match of the path.", - "title": "Prefix", - "type": "string" - } - }, - "type": "object" - }, - "AWS::VpcLattice::Rule.WeightedTargetGroup": { + "AWS::WAF::WebACL.WafAction": { "additionalProperties": false, "properties": { - "TargetGroupIdentifier": { - "markdownDescription": "The ID of the target group.", - "title": "TargetGroupIdentifier", + "Type": { + "markdownDescription": "Specifies how you want AWS WAF to respond to requests that match the settings in a `Rule` . Valid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a `WebACL` .", + "title": "Type", "type": "string" - }, - "Weight": { - "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", - "title": "Weight", - "type": "number" } }, "required": [ - "TargetGroupIdentifier" + "Type" ], "type": "object" }, - "AWS::VpcLattice::Service": { + "AWS::WAF::XssMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -264988,45 +316418,29 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", - "title": "AuthType", - "type": "string" - }, - "CertificateArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", - "title": "CertificateArn", - "type": "string" - }, - "CustomDomainName": { - "markdownDescription": "The custom domain name of the service.", - "title": "CustomDomainName", - "type": "string" - }, - "DnsEntry": { - "$ref": "#/definitions/AWS::VpcLattice::Service.DnsEntry", - "markdownDescription": "Describes the DNS information of the service. This field is read-only.", - "title": "DnsEntry" - }, "Name": { - "markdownDescription": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "The name, if any, of the `XssMatchSet` .", "title": "Name", "type": "string" }, - "Tags": { + "XssMatchTuples": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAF::XssMatchSet.XssMatchTuple" }, - "markdownDescription": "The tags for the service.", - "title": "Tags", + "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", + "title": "XssMatchTuples", "type": "array" } }, + "required": [ + "Name", + "XssMatchTuples" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::Service" + "AWS::WAF::XssMatchSet" ], "type": "string" }, @@ -265040,27 +316454,51 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::Service.DnsEntry": { + "AWS::WAF::XssMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name of the service.", - "title": "DomainName", + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", "type": "string" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone.", - "title": "HostedZoneId", + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::VpcLattice::ServiceNetwork": { + "AWS::WAF::XssMatchSet.XssMatchTuple": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAF::XssMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "title": "FieldToMatch" + }, + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", + "type": "string" + } + }, + "required": [ + "FieldToMatch", + "TextTransformation" + ], + "type": "object" + }, + "AWS::WAFRegional::ByteMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265095,30 +316533,28 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthType": { - "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", - "title": "AuthType", - "type": "string" + "ByteMatchTuples": { + "items": { + "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.ByteMatchTuple" + }, + "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", + "title": "ByteMatchTuples", + "type": "array" }, "Name": { - "markdownDescription": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "markdownDescription": "A friendly name or description of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", "title": "Name", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the service network.", - "title": "Tags", - "type": "array" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ServiceNetwork" + "AWS::WAFRegional::ByteMatchSet" ], "type": "string" }, @@ -265132,108 +316568,67 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkServiceAssociation": { + "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", + "title": "FieldToMatch" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "PositionalConstraint": { + "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DnsEntry": { - "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry", - "markdownDescription": "The DNS information of the service.", - "title": "DnsEntry" - }, - "ServiceIdentifier": { - "markdownDescription": "The ID or ARN of the service.", - "title": "ServiceIdentifier", - "type": "string" - }, - "ServiceNetworkIdentifier": { - "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", - "title": "ServiceNetworkIdentifier", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the association.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" + "TargetString": { + "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request.\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", + "title": "TargetString", + "type": "string" }, - "Type": { - "enum": [ - "AWS::VpcLattice::ServiceNetworkServiceAssociation" - ], + "TargetStringBase64": { + "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", + "title": "TargetStringBase64", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "TextTransformation": { + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", + "title": "TextTransformation", "type": "string" } }, "required": [ - "Type" + "FieldToMatch", + "PositionalConstraint", + "TextTransformation" ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry": { + "AWS::WAFRegional::ByteMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { - "DomainName": { - "markdownDescription": "The domain name of the service.", - "title": "DomainName", + "Data": { + "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", + "title": "Data", "type": "string" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone.", - "title": "HostedZoneId", + "Type": { + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "title": "Type", "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::VpcLattice::ServiceNetworkVpcAssociation": { + "AWS::WAFRegional::GeoMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265268,38 +316663,28 @@ "Properties": { "additionalProperties": false, "properties": { - "SecurityGroupIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", - "title": "SecurityGroupIds", - "type": "array" - }, - "ServiceNetworkIdentifier": { - "markdownDescription": "The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.", - "title": "ServiceNetworkIdentifier", - "type": "string" - }, - "Tags": { + "GeoMatchConstraints": { "items": { - "$ref": "#/definitions/Tag" + "$ref": "#/definitions/AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint" }, - "markdownDescription": "The tags for the association.", - "title": "Tags", + "markdownDescription": "An array of `GeoMatchConstraint` objects, which contain the country that you want AWS WAF to search for.", + "title": "GeoMatchConstraints", "type": "array" }, - "VpcIdentifier": { - "markdownDescription": "The ID of the VPC.", - "title": "VpcIdentifier", + "Name": { + "markdownDescription": "A friendly name or description of the `GeoMatchSet` . You can't change the name of an `GeoMatchSet` after you create it.", + "title": "Name", "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, "Type": { "enum": [ - "AWS::VpcLattice::ServiceNetworkVpcAssociation" + "AWS::WAFRegional::GeoMatchSet" ], "type": "string" }, @@ -265313,11 +316698,32 @@ } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::TargetGroup": { + "AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "The type of geographical area you want AWS WAF to search for. Currently `Country` is the only valid value.", + "title": "Type", + "type": "string" + }, + "Value": { + "markdownDescription": "The country that you want AWS WAF to search for.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "AWS::WAFRegional::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265352,195 +316758,67 @@ "Properties": { "additionalProperties": false, "properties": { - "Config": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.TargetGroupConfig", - "markdownDescription": "The target group configuration.", - "title": "Config" - }, - "Name": { - "markdownDescription": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", - "title": "Name", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags for the target group.", - "title": "Tags", - "type": "array" - }, - "Targets": { + "IPSetDescriptors": { "items": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Target" + "$ref": "#/definitions/AWS::WAFRegional::IPSet.IPSetDescriptor" }, - "markdownDescription": "Describes a target.", - "title": "Targets", + "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from.", + "title": "IPSetDescriptors", "type": "array" }, - "Type": { - "markdownDescription": "The type of target group.", - "title": "Type", + "Name": { + "markdownDescription": "A friendly name or description of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" - }, - "Type": { - "enum": [ - "AWS::VpcLattice::TargetGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::VpcLattice::TargetGroup.HealthCheckConfig": { - "additionalProperties": false, - "properties": { - "Enabled": { - "markdownDescription": "Indicates whether health checking is enabled.", - "title": "Enabled", - "type": "boolean" - }, - "HealthCheckIntervalSeconds": { - "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5\u2013300 seconds. The default is 30 seconds.", - "title": "HealthCheckIntervalSeconds", - "type": "number" - }, - "HealthCheckTimeoutSeconds": { - "markdownDescription": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1\u2013120 seconds. The default is 5 seconds.", - "title": "HealthCheckTimeoutSeconds", - "type": "number" - }, - "HealthyThresholdCount": { - "markdownDescription": "The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2\u201310. The default is 5.", - "title": "HealthyThresholdCount", - "type": "number" - }, - "Matcher": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Matcher", - "markdownDescription": "The codes to use when checking for a successful response from a target.", - "title": "Matcher" - }, - "Path": { - "markdownDescription": "The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI.", - "title": "Path", - "type": "string" - }, - "Port": { - "markdownDescription": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` .", - "title": "Protocol", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` .", - "title": "ProtocolVersion", - "type": "string" - }, - "UnhealthyThresholdCount": { - "markdownDescription": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2\u201310. The default is 2.", - "title": "UnhealthyThresholdCount", - "type": "number" - } - }, - "type": "object" - }, - "AWS::VpcLattice::TargetGroup.Matcher": { - "additionalProperties": false, - "properties": { - "HttpCode": { - "markdownDescription": "The HTTP code to use when checking for a successful response from a target.", - "title": "HttpCode", - "type": "string" - } - }, - "required": [ - "HttpCode" - ], - "type": "object" - }, - "AWS::VpcLattice::TargetGroup.Target": { - "additionalProperties": false, - "properties": { - "Id": { - "markdownDescription": "The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer.", - "title": "Id", + }, + "Type": { + "enum": [ + "AWS::WAFRegional::IPSet" + ], "type": "string" }, - "Port": { - "markdownDescription": "The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.", - "title": "Port", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Id" + "Type", + "Properties" ], "type": "object" }, - "AWS::VpcLattice::TargetGroup.TargetGroupConfig": { + "AWS::WAFRegional::IPSet.IPSetDescriptor": { "additionalProperties": false, "properties": { - "HealthCheck": { - "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.HealthCheckConfig", - "markdownDescription": "The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` .", - "title": "HealthCheck" - }, - "IpAddressType": { - "markdownDescription": "The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` .", - "title": "IpAddressType", - "type": "string" - }, - "LambdaEventStructureVersion": { - "markdownDescription": "The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` .", - "title": "LambdaEventStructureVersion", - "type": "string" - }, - "Port": { - "markdownDescription": "The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` .", - "title": "Port", - "type": "number" - }, - "Protocol": { - "markdownDescription": "The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` .", - "title": "Protocol", - "type": "string" - }, - "ProtocolVersion": { - "markdownDescription": "The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` .", - "title": "ProtocolVersion", + "Type": { + "markdownDescription": "Specify `IPV4` or `IPV6` .", + "title": "Type", "type": "string" }, - "VpcIdentifier": { - "markdownDescription": "The ID of the VPC. Not supported if the target group type is `LAMBDA` .", - "title": "VpcIdentifier", + "Value": { + "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", + "title": "Value", "type": "string" } }, + "required": [ + "Type", + "Value" + ], "type": "object" }, - "AWS::WAF::ByteMatchSet": { + "AWS::WAFRegional::RateBasedRule": { "additionalProperties": false, "properties": { "Condition": { @@ -265575,28 +316853,46 @@ "Properties": { "additionalProperties": false, "properties": { - "ByteMatchTuples": { + "MatchPredicates": { "items": { - "$ref": "#/definitions/AWS::WAF::ByteMatchSet.ByteMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::RateBasedRule.Predicate" }, - "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", - "title": "ByteMatchTuples", + "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet>` object that you want to include in a `RateBasedRule` .", + "title": "MatchPredicates", "type": "array" }, + "MetricName": { + "markdownDescription": "A name for the metrics for a `RateBasedRule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change the name of the metric after you create the `RateBasedRule` .", + "title": "MetricName", + "type": "string" + }, "Name": { - "markdownDescription": "The name of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "markdownDescription": "A friendly name or description for a `RateBasedRule` . You can't change the name of a `RateBasedRule` after you create it.", "title": "Name", "type": "string" + }, + "RateKey": { + "markdownDescription": "The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. The only valid value for `RateKey` is `IP` . `IP` indicates that requests arriving from the same IP address are subject to the `RateLimit` that is specified in the `RateBasedRule` .", + "title": "RateKey", + "type": "string" + }, + "RateLimit": { + "markdownDescription": "The maximum number of requests, which have an identical value in the field specified by the `RateKey` , allowed in a five-minute period. If the number of requests exceeds the `RateLimit` and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.", + "title": "RateLimit", + "type": "number" } }, "required": [ - "Name" + "MetricName", + "Name", + "RateKey", + "RateLimit" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::ByteMatchSet" + "AWS::WAFRegional::RateBasedRule" ], "type": "string" }, @@ -265615,62 +316911,33 @@ ], "type": "object" }, - "AWS::WAF::ByteMatchSet.ByteMatchTuple": { + "AWS::WAFRegional::RateBasedRule.Predicate": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::ByteMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", - "title": "FieldToMatch" - }, - "PositionalConstraint": { - "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", - "type": "string" - }, - "TargetString": { - "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", - "title": "TargetString", - "type": "string" - }, - "TargetStringBase64": { - "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", - "title": "TargetStringBase64", + "DataId": { + "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", + "title": "DataId", "type": "string" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", - "type": "string" - } - }, - "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformation" - ], - "type": "object" - }, - "AWS::WAF::ByteMatchSet.FieldToMatch": { - "additionalProperties": false, - "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" + "Negated": { + "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` >. For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", + "title": "Negated", + "type": "boolean" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", "title": "Type", "type": "string" } }, "required": [ + "DataId", + "Negated", "Type" ], "type": "object" }, - "AWS::WAF::IPSet": { + "AWS::WAFRegional::RegexPatternSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265705,28 +316972,29 @@ "Properties": { "additionalProperties": false, "properties": { - "IPSetDescriptors": { - "items": { - "$ref": "#/definitions/AWS::WAF::IPSet.IPSetDescriptor" - }, - "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from. If the `WebACL` is associated with an Amazon CloudFront distribution and the viewer did not use an HTTP proxy or a load balancer to send the request, this is the value of the c-ip field in the CloudFront access logs.", - "title": "IPSetDescriptors", - "type": "array" - }, "Name": { - "markdownDescription": "The name of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "markdownDescription": "A friendly name or description of the `RegexPatternSet` . You can't change `Name` after you create a `RegexPatternSet` .", "title": "Name", "type": "string" + }, + "RegexPatternStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t` .", + "title": "RegexPatternStrings", + "type": "array" } }, "required": [ - "Name" + "Name", + "RegexPatternStrings" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::IPSet" + "AWS::WAFRegional::RegexPatternSet" ], "type": "string" }, @@ -265745,27 +317013,7 @@ ], "type": "object" }, - "AWS::WAF::IPSet.IPSetDescriptor": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "Specify `IPV4` or `IPV6` .", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::WAF::Rule": { + "AWS::WAFRegional::Rule": { "additionalProperties": false, "properties": { "Condition": { @@ -265801,7 +317049,7 @@ "additionalProperties": false, "properties": { "MetricName": { - "markdownDescription": "The name of the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", + "markdownDescription": "A name for the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", "title": "MetricName", "type": "string" }, @@ -265812,7 +317060,7 @@ }, "Predicates": { "items": { - "$ref": "#/definitions/AWS::WAF::Rule.Predicate" + "$ref": "#/definitions/AWS::WAFRegional::Rule.Predicate" }, "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", "title": "Predicates", @@ -265827,7 +317075,7 @@ }, "Type": { "enum": [ - "AWS::WAF::Rule" + "AWS::WAFRegional::Rule" ], "type": "string" }, @@ -265846,7 +317094,7 @@ ], "type": "object" }, - "AWS::WAF::Rule.Predicate": { + "AWS::WAFRegional::Rule.Predicate": { "additionalProperties": false, "properties": { "DataId": { @@ -265872,7 +317120,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet": { + "AWS::WAFRegional::SizeConstraintSet": { "additionalProperties": false, "properties": { "Condition": { @@ -265914,7 +317162,7 @@ }, "SizeConstraints": { "items": { - "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.SizeConstraint" + "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.SizeConstraint" }, "markdownDescription": "The size constraint and the part of the web request to check.", "title": "SizeConstraints", @@ -265922,14 +317170,13 @@ } }, "required": [ - "Name", - "SizeConstraints" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::SizeConstraintSet" + "AWS::WAFRegional::SizeConstraintSet" ], "type": "string" }, @@ -265948,7 +317195,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet.FieldToMatch": { + "AWS::WAFRegional::SizeConstraintSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -265957,7 +317204,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -265967,7 +317214,7 @@ ], "type": "object" }, - "AWS::WAF::SizeConstraintSet.SizeConstraint": { + "AWS::WAFRegional::SizeConstraintSet.SizeConstraint": { "additionalProperties": false, "properties": { "ComparisonOperator": { @@ -265976,8 +317223,8 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "Size": { @@ -265986,7 +317233,7 @@ "type": "number" }, "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because Amazon CloudFront forwards only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting a request for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because the API Gateway API or Application Load Balancer forward only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", "title": "TextTransformation", "type": "string" } @@ -265999,7 +317246,7 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet": { + "AWS::WAFRegional::SqlInjectionMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266041,7 +317288,7 @@ }, "SqlInjectionMatchTuples": { "items": { - "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", "title": "SqlInjectionMatchTuples", @@ -266055,7 +317302,7 @@ }, "Type": { "enum": [ - "AWS::WAF::SqlInjectionMatchSet" + "AWS::WAFRegional::SqlInjectionMatchSet" ], "type": "string" }, @@ -266074,7 +317321,7 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet.FieldToMatch": { + "AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266083,7 +317330,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266093,12 +317340,12 @@ ], "type": "object" }, - "AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple": { + "AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { @@ -266113,7 +317360,7 @@ ], "type": "object" }, - "AWS::WAF::WebACL": { + "AWS::WAFRegional::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -266149,12 +317396,12 @@ "additionalProperties": false, "properties": { "DefaultAction": { - "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", "title": "DefaultAction" }, "MetricName": { - "markdownDescription": "The name of the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", + "markdownDescription": "A name for the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", "title": "MetricName", "type": "string" }, @@ -266165,7 +317412,7 @@ }, "Rules": { "items": { - "$ref": "#/definitions/AWS::WAF::WebACL.ActivatedRule" + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Rule" }, "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", "title": "Rules", @@ -266181,7 +317428,7 @@ }, "Type": { "enum": [ - "AWS::WAF::WebACL" + "AWS::WAFRegional::WebACL" ], "type": "string" }, @@ -266200,46 +317447,120 @@ ], "type": "object" }, - "AWS::WAF::WebACL.ActivatedRule": { + "AWS::WAFRegional::WebACL.Action": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "For actions that are associated with a rule, the action that AWS WAF takes when a web request matches all conditions in a rule.\n\nFor the default action of a web access control list (ACL), the action that AWS WAF takes when a web request doesn't match all conditions in any rule.\n\nValid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a WebACL.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WAFRegional::WebACL.Rule": { "additionalProperties": false, "properties": { "Action": { - "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", - "markdownDescription": "Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the `Rule` . Valid values for `Action` include the following:\n\n- `ALLOW` : CloudFront responds with the requested object.\n- `BLOCK` : CloudFront responds with an HTTP 403 (Forbidden) status code.\n- `COUNT` : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.\n\n`ActivatedRule|OverrideAction` applies only when updating or adding a `RuleGroup` to a `WebACL` . In this case, you do not use `ActivatedRule|Action` . For all other update requests, `ActivatedRule|Action` is used instead of `ActivatedRule|OverrideAction` .", + "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", + "markdownDescription": "The action that AWS WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.", "title": "Action" }, "Priority": { - "markdownDescription": "Specifies the order in which the `Rules` in a `WebACL` are evaluated. Rules with a lower value for `Priority` are evaluated before `Rules` with a higher value. The value must be a unique integer. If you add multiple `Rules` to a `WebACL` , the values don't need to be consecutive.", + "markdownDescription": "The order in which AWS WAF evaluates the rules in a web ACL. AWS WAF evaluates rules with a lower value before rules with a higher value. The value must be a unique integer. If you have multiple rules in a web ACL, the priority numbers do not need to be consecutive.", "title": "Priority", "type": "number" }, "RuleId": { - "markdownDescription": "The `RuleId` for a `Rule` . You use `RuleId` to get more information about a `Rule` , update a `Rule` , insert a `Rule` into a `WebACL` or delete a one from a `WebACL` , or delete a `Rule` from AWS WAF .\n\n`RuleId` is returned by `CreateRule` and by `ListRules` .", + "markdownDescription": "The ID of an AWS WAF Regional rule to associate with a web ACL.", "title": "RuleId", "type": "string" } }, "required": [ + "Action", "Priority", "RuleId" ], "type": "object" }, - "AWS::WAF::WebACL.WafAction": { + "AWS::WAFRegional::WebACLAssociation": { "additionalProperties": false, "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to protect with the web ACL.", + "title": "ResourceArn", + "type": "string" + }, + "WebACLId": { + "markdownDescription": "A unique identifier (ID) for the web ACL.", + "title": "WebACLId", + "type": "string" + } + }, + "required": [ + "ResourceArn", + "WebACLId" + ], + "type": "object" + }, "Type": { - "markdownDescription": "Specifies how you want AWS WAF to respond to requests that match the settings in a `Rule` . Valid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a `WebACL` .", - "title": "Type", + "enum": [ + "AWS::WAFRegional::WebACLAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Type" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAF::XssMatchSet": { + "AWS::WAFRegional::XssMatchSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266281,7 +317602,7 @@ }, "XssMatchTuples": { "items": { - "$ref": "#/definitions/AWS::WAF::XssMatchSet.XssMatchTuple" + "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.XssMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", "title": "XssMatchTuples", @@ -266289,14 +317610,13 @@ } }, "required": [ - "Name", - "XssMatchTuples" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAF::XssMatchSet" + "AWS::WAFRegional::XssMatchSet" ], "type": "string" }, @@ -266315,7 +317635,7 @@ ], "type": "object" }, - "AWS::WAF::XssMatchSet.FieldToMatch": { + "AWS::WAFRegional::XssMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { @@ -266324,7 +317644,7 @@ "type": "string" }, "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", + "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } @@ -266334,12 +317654,12 @@ ], "type": "object" }, - "AWS::WAF::XssMatchSet.XssMatchTuple": { + "AWS::WAFRegional::XssMatchSet.XssMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAF::XssMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.FieldToMatch", + "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specified header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { @@ -266354,7 +317674,7 @@ ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet": { + "AWS::WAFv2::IPSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266389,28 +317709,53 @@ "Properties": { "additionalProperties": false, "properties": { - "ByteMatchTuples": { + "Addresses": { "items": { - "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.ByteMatchTuple" + "type": "string" }, - "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", - "title": "ByteMatchTuples", + "markdownDescription": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want AWS WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all IPv4 and IPv6 CIDR ranges except for `/0` .\n\nExample address strings:\n\n- For requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nExample JSON `Addresses` specifications:\n\n- Empty array: `\"Addresses\": []`\n- Array with one address: `\"Addresses\": [\"192.0.2.44/32\"]`\n- Array with three addresses: `\"Addresses\": [\"192.0.2.44/32\", \"192.0.2.0/24\", \"192.0.0.0/16\"]`\n- INVALID specification: `\"Addresses\": [\"\"]` INVALID", + "title": "Addresses", "type": "array" }, + "Description": { + "markdownDescription": "A description of the IP set that helps with identification.", + "title": "Description", + "type": "string" + }, + "IPAddressVersion": { + "markdownDescription": "The version of the IP addresses, either `IPV4` or `IPV6` .", + "title": "IPAddressVersion", + "type": "string" + }, "Name": { - "markdownDescription": "A friendly name or description of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", + "markdownDescription": "The name of the IP set. You cannot change the name of an `IPSet` after you create it.", "title": "Name", "type": "string" + }, + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "Addresses", + "IPAddressVersion", + "Scope" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFRegional::ByteMatchSet" + "AWS::WAFv2::IPSet" ], "type": "string" }, @@ -266429,62 +317774,232 @@ ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { + "AWS::WAFv2::LoggingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" + "Condition": { + "type": "string" }, - "PositionalConstraint": { - "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "TargetString": { - "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request.\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", - "title": "TargetString", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "LogDestinationConfigs": { + "items": { + "type": "string" + }, + "markdownDescription": "The logging destination configuration that you want to associate with the web ACL.\n\n> You can associate one logging destination to a web ACL.", + "title": "LogDestinationConfigs", + "type": "array" + }, + "LoggingFilter": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LoggingFilter", + "markdownDescription": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", + "title": "LoggingFilter" + }, + "RedactedFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.FieldToMatch" + }, + "markdownDescription": "The parts of the request that you want to keep out of the logs.\n\nFor example, if you redact the `SingleHeader` field, the `HEADER` field in the logs will be `REDACTED` for all rules that use the `SingleHeader` `FieldToMatch` setting.\n\nIf you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs.\n\nRedaction applies only to the component that's specified in the rule's `FieldToMatch` setting, so the `SingleHeader` redaction doesn't apply to rules that use the `Headers` `FieldToMatch` .\n\n> You can specify only the following fields for redaction: `UriPath` , `QueryString` , `SingleHeader` , and `Method` . > This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", + "title": "RedactedFields", + "type": "array" + }, + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with `LogDestinationConfigs` .", + "title": "ResourceArn", + "type": "string" + } + }, + "required": [ + "LogDestinationConfigs", + "ResourceArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WAFv2::LoggingConfiguration" + ], "type": "string" }, - "TargetStringBase64": { - "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", - "title": "TargetStringBase64", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.ActionCondition": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "The action setting that a log record must contain in order to meet the condition. This is the action that AWS WAF applied to the web request.\n\nFor rule groups, this is either the configured rule action setting, or if you've applied a rule action override to the rule, it's the override action. The value `EXCLUDED_AS_COUNT` matches on excluded rules and also on rules that have a rule action override of Count.", + "title": "Action", + "type": "string" + } + }, + "required": [ + "Action" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.Condition": { + "additionalProperties": false, + "properties": { + "ActionCondition": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.ActionCondition", + "markdownDescription": "A single action condition. This is the action setting that a log record must contain in order to meet the condition.", + "title": "ActionCondition" + }, + "LabelNameCondition": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LabelNameCondition", + "markdownDescription": "A single label name condition. This is the fully qualified label name that a log record must contain in order to meet the condition. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", + "title": "LabelNameCondition" + } + }, + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.FieldToMatch": { + "additionalProperties": false, + "properties": { + "Method": { + "markdownDescription": "Redact the indicated HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", + "title": "Method", + "type": "object" + }, + "QueryString": { + "markdownDescription": "Redact the query string. This is the part of a URL that appears after a `?` character, if any.", + "title": "QueryString", + "type": "object" + }, + "SingleHeader": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.SingleHeader", + "markdownDescription": "Redact a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`", + "title": "SingleHeader" + }, + "UriPath": { + "markdownDescription": "Redact the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", + "title": "UriPath", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.Filter": { + "additionalProperties": false, + "properties": { + "Behavior": { + "markdownDescription": "How to handle logs that satisfy the filter's conditions and requirement.", + "title": "Behavior", "type": "string" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "Conditions": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Condition" + }, + "markdownDescription": "Match conditions for the filter.", + "title": "Conditions", + "type": "array" + }, + "Requirement": { + "markdownDescription": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", + "title": "Requirement", "type": "string" } }, "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformation" + "Behavior", + "Conditions", + "Requirement" ], "type": "object" }, - "AWS::WAFRegional::ByteMatchSet.FieldToMatch": { + "AWS::WAFv2::LoggingConfiguration.LabelNameCondition": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", + "LabelName": { + "markdownDescription": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", + "title": "LabelName", + "type": "string" + } + }, + "required": [ + "LabelName" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.LoggingFilter": { + "additionalProperties": false, + "properties": { + "DefaultBehavior": { + "markdownDescription": "Default handling for logs that don't match any of the specified filtering conditions.", + "title": "DefaultBehavior", "type": "string" }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", + "Filters": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Filter" + }, + "markdownDescription": "The filters that you want to apply to the logs.", + "title": "Filters", + "type": "array" + } + }, + "required": [ + "DefaultBehavior", + "Filters" + ], + "type": "object" + }, + "AWS::WAFv2::LoggingConfiguration.SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the query header to inspect.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" }, - "AWS::WAFRegional::GeoMatchSet": { + "AWS::WAFv2::RegexPatternSet": { "additionalProperties": false, "properties": { "Condition": { @@ -266519,28 +318034,47 @@ "Properties": { "additionalProperties": false, "properties": { - "GeoMatchConstraints": { + "Description": { + "markdownDescription": "A description of the set that helps with identification.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the set. You cannot change the name after you create the set.", + "title": "Name", + "type": "string" + }, + "RegularExpressionList": { "items": { - "$ref": "#/definitions/AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint" + "type": "string" }, - "markdownDescription": "An array of `GeoMatchConstraint` objects, which contain the country that you want AWS WAF to search for.", - "title": "GeoMatchConstraints", + "markdownDescription": "The regular expression patterns in the set.", + "title": "RegularExpressionList", "type": "array" }, - "Name": { - "markdownDescription": "A friendly name or description of the `GeoMatchSet` . You can't change the name of an `GeoMatchSet` after you create it.", - "title": "Name", + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" } }, "required": [ - "Name" + "RegularExpressionList", + "Scope" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFRegional::GeoMatchSet" + "AWS::WAFv2::RegexPatternSet" ], "type": "string" }, @@ -266559,27 +318093,7 @@ ], "type": "object" }, - "AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint": { - "additionalProperties": false, - "properties": { - "Type": { - "markdownDescription": "The type of geographical area you want AWS WAF to search for. Currently `Country` is the only valid value.", - "title": "Type", - "type": "string" - }, - "Value": { - "markdownDescription": "The country that you want AWS WAF to search for.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Type", - "Value" - ], - "type": "object" - }, - "AWS::WAFRegional::IPSet": { + "AWS::WAFv2::RuleGroup": { "additionalProperties": false, "properties": { "Condition": { @@ -266614,28 +318128,85 @@ "Properties": { "additionalProperties": false, "properties": { - "IPSetDescriptors": { + "AvailableLabels": { "items": { - "$ref": "#/definitions/AWS::WAFRegional::IPSet.IPSetDescriptor" + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" }, - "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from.", - "title": "IPSetDescriptors", + "markdownDescription": "The labels that one or more rules in this rule group add to matching web requests. These labels are defined in the `RuleLabels` for a `Rule` .", + "title": "AvailableLabels", + "type": "array" + }, + "Capacity": { + "markdownDescription": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.", + "title": "Capacity", + "type": "number" + }, + "ConsumedLabels": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" + }, + "markdownDescription": "The labels that one or more rules in this rule group match against in label match statements. These labels are defined in a `LabelMatchStatement` specification, in the `Statement` definition of a rule.", + "title": "ConsumedLabels", "type": "array" }, + "CustomResponseBodies": { + "additionalProperties": false, + "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponseBody" + } + }, + "title": "CustomResponseBodies", + "type": "object" + }, + "Description": { + "markdownDescription": "A description of the rule group that helps with identification.", + "title": "Description", + "type": "string" + }, "Name": { - "markdownDescription": "A friendly name or description of the `IPSet` . You can't change the name of an `IPSet` after you create it.", + "markdownDescription": "The name of the rule group. You cannot change the name of a rule group after you create it.", "title": "Name", "type": "string" + }, + "Rules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Rule" + }, + "markdownDescription": "The rule statements used to identify the web requests that you want to allow, block, or count. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", + "title": "Rules", + "type": "array" + }, + "Scope": { + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "title": "Scope", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", + "title": "Tags", + "type": "array" + }, + "VisibilityConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", + "title": "VisibilityConfig" } }, "required": [ - "Name" + "Capacity", + "Scope", + "VisibilityConfig" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFRegional::IPSet" + "AWS::WAFv2::RuleGroup" ], "type": "string" }, @@ -266649,1307 +318220,1332 @@ } }, "required": [ - "Type", - "Properties" + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AllowAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AndStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + }, + "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", + "title": "Statements", + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.AsnMatchStatement": { + "additionalProperties": false, + "properties": { + "AsnList": { + "items": { + "type": "number" + }, + "markdownDescription": "Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies.", + "title": "AsnList", + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.", + "title": "ForwardedIPConfig" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.BlockAction": { + "additionalProperties": false, + "properties": { + "CustomResponse": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponse", + "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomResponse" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Body": { + "additionalProperties": false, + "properties": { + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", + "title": "OversizeHandling", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ByteMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" + }, + "PositionalConstraint": { + "markdownDescription": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request.", + "title": "PositionalConstraint", + "type": "string" + }, + "SearchString": { + "markdownDescription": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", + "title": "SearchString", + "type": "string" + }, + "SearchStringBase64": { + "markdownDescription": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", + "title": "SearchStringBase64", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CaptchaAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CaptchaConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", + "title": "ImmunityTimeProperty" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ChallengeAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.ChallengeConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", + "title": "ImmunityTimeProperty" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CookieMatchPattern": { + "additionalProperties": false, + "properties": { + "All": { + "markdownDescription": "Inspect all cookies.", + "title": "All", + "type": "object" + }, + "ExcludedCookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the cookies whose keys don't match any of the strings specified here.", + "title": "ExcludedCookies", + "type": "array" + }, + "IncludedCookies": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the cookies that have a key that matches one of the strings specified here.", + "title": "IncludedCookies", + "type": "array" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Cookies": { + "additionalProperties": false, + "properties": { + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CookieMatchPattern", + "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", + "title": "MatchPattern" + }, + "MatchScope": { + "markdownDescription": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", + "type": "string" + }, + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "OversizeHandling", + "type": "string" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CountAction": { + "additionalProperties": false, + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "title": "CustomRequestHandling" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomHTTPHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` .", + "title": "Name", + "type": "string" + }, + "Value": { + "markdownDescription": "The value of the custom header.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomRequestHandling": { + "additionalProperties": false, + "properties": { + "InsertHeaders": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + }, + "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "InsertHeaders", + "type": "array" + } + }, + "required": [ + "InsertHeaders" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.CustomResponse": { + "additionalProperties": false, + "properties": { + "CustomResponseBodyKey": { + "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", + "title": "CustomResponseBodyKey", + "type": "string" + }, + "ResponseCode": { + "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseCode", + "type": "number" + }, + "ResponseHeaders": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + }, + "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "ResponseHeaders", + "type": "array" + } + }, + "required": [ + "ResponseCode" ], "type": "object" }, - "AWS::WAFRegional::IPSet.IPSetDescriptor": { + "AWS::WAFv2::RuleGroup.CustomResponseBody": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Specify `IPV4` or `IPV6` .", - "title": "Type", + "Content": { + "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "Content", "type": "string" }, - "Value": { - "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", - "title": "Value", + "ContentType": { + "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", + "title": "ContentType", "type": "string" } }, "required": [ - "Type", - "Value" + "Content", + "ContentType" ], "type": "object" }, - "AWS::WAFRegional::RateBasedRule": { + "AWS::WAFv2::RuleGroup.FieldToMatch": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "AllQueryArguments": { + "markdownDescription": "Inspect all query arguments.", + "title": "AllQueryArguments", + "type": "object" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Body": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Body", + "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", + "title": "Body" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "Cookies": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Cookies", + "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "Cookies" }, - "Metadata": { + "Headers": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Headers", + "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", + "title": "Headers" + }, + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA3Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA3Fingerprint" + }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA4Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA4 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA4 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA4Fingerprint" + }, + "JsonBody": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonBody", + "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", + "title": "JsonBody" + }, + "Method": { + "markdownDescription": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", + "title": "Method", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "MatchPredicates": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::RateBasedRule.Predicate" - }, - "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet>` object that you want to include in a `RateBasedRule` .", - "title": "MatchPredicates", - "type": "array" - }, - "MetricName": { - "markdownDescription": "A name for the metrics for a `RateBasedRule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change the name of the metric after you create the `RateBasedRule` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "A friendly name or description for a `RateBasedRule` . You can't change the name of a `RateBasedRule` after you create it.", - "title": "Name", - "type": "string" - }, - "RateKey": { - "markdownDescription": "The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. The only valid value for `RateKey` is `IP` . `IP` indicates that requests arriving from the same IP address are subject to the `RateLimit` that is specified in the `RateBasedRule` .", - "title": "RateKey", - "type": "string" - }, - "RateLimit": { - "markdownDescription": "The maximum number of requests, which have an identical value in the field specified by the `RateKey` , allowed in a five-minute period. If the number of requests exceeds the `RateLimit` and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.", - "title": "RateLimit", - "type": "number" - } - }, - "required": [ - "MetricName", - "Name", - "RateKey", - "RateLimit" - ], + "QueryString": { + "markdownDescription": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.", + "title": "QueryString", "type": "object" }, - "Type": { - "enum": [ - "AWS::WAFRegional::RateBasedRule" - ], - "type": "string" + "SingleHeader": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleHeader", + "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", + "title": "SingleHeader" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "SingleQueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleQueryArgument", + "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", + "title": "SingleQueryArgument" + }, + "UriFragment": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.UriFragment", + "markdownDescription": "Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "UriFragment" + }, + "UriPath": { + "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", + "title": "UriPath", + "type": "object" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::WAFRegional::RateBasedRule.Predicate": { + "AWS::WAFv2::RuleGroup.ForwardedIPConfiguration": { "additionalProperties": false, "properties": { - "DataId": { - "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", - "title": "DataId", + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" }, - "Negated": { - "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` >. For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", - "title": "Negated", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", - "title": "Type", + "HeaderName": { + "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "HeaderName", "type": "string" } }, "required": [ - "DataId", - "Negated", - "Type" + "FallbackBehavior", + "HeaderName" ], "type": "object" }, - "AWS::WAFRegional::RegexPatternSet": { + "AWS::WAFv2::RuleGroup.GeoMatchStatement": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "CountryCodes": { + "items": { + "type": "string" + }, + "markdownDescription": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.", + "title": "CountryCodes", + "type": "array" }, - "Metadata": { + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "ForwardedIPConfig" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.HeaderMatchPattern": { + "additionalProperties": false, + "properties": { + "All": { + "markdownDescription": "Inspect all headers.", + "title": "All", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "A friendly name or description of the `RegexPatternSet` . You can't change `Name` after you create a `RegexPatternSet` .", - "title": "Name", - "type": "string" - }, - "RegexPatternStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t` .", - "title": "RegexPatternStrings", - "type": "array" - } + "ExcludedHeaders": { + "items": { + "type": "string" }, - "required": [ - "Name", - "RegexPatternStrings" - ], - "type": "object" + "markdownDescription": "Inspect only the headers whose keys don't match any of the strings specified here.", + "title": "ExcludedHeaders", + "type": "array" }, - "Type": { - "enum": [ - "AWS::WAFRegional::RegexPatternSet" - ], + "IncludedHeaders": { + "items": { + "type": "string" + }, + "markdownDescription": "Inspect only the headers that have a key that matches one of the strings specified here.", + "title": "IncludedHeaders", + "type": "array" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Headers": { + "additionalProperties": false, + "properties": { + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.HeaderMatchPattern", + "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", + "title": "MatchPattern" + }, + "MatchScope": { + "markdownDescription": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "OversizeHandling", "type": "string" } }, "required": [ - "Type", - "Properties" + "MatchPattern", + "MatchScope", + "OversizeHandling" ], "type": "object" }, - "AWS::WAFRegional::Rule": { + "AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "MetricName": { - "markdownDescription": "A name for the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "The friendly name or description for the `Rule` . You can't change the name of a `Rule` after you create it.", - "title": "Name", - "type": "string" - }, - "Predicates": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::Rule.Predicate" - }, - "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", - "title": "Predicates", - "type": "array" - } - }, - "required": [ - "MetricName", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::Rule" - ], + "HeaderName": { + "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "HeaderName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Position": { + "markdownDescription": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10.", + "title": "Position", "type": "string" } }, "required": [ - "Type", - "Properties" + "FallbackBehavior", + "HeaderName", + "Position" ], "type": "object" }, - "AWS::WAFRegional::Rule.Predicate": { + "AWS::WAFv2::RuleGroup.IPSetReferenceStatement": { "additionalProperties": false, "properties": { - "DataId": { - "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", - "title": "DataId", + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references.", + "title": "Arn", "type": "string" }, - "Negated": { - "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", - "title": "Negated", - "type": "boolean" - }, - "Type": { - "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", - "title": "Type", - "type": "string" + "IPSetForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", + "title": "IPSetForwardedIPConfig" } }, "required": [ - "DataId", - "Negated", - "Type" + "Arn" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet": { + "AWS::WAFv2::RuleGroup.ImmunityTimeProperty": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `SizeConstraintSet` .", - "title": "Name", - "type": "string" - }, - "SizeConstraints": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.SizeConstraint" - }, - "markdownDescription": "The size constraint and the part of the web request to check.", - "title": "SizeConstraints", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::SizeConstraintSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ImmunityTime": { + "markdownDescription": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300.", + "title": "ImmunityTime", + "type": "number" } }, "required": [ - "Type", - "Properties" + "ImmunityTime" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.JA3Fingerprint": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" - }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "Type" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::SizeConstraintSet.SizeConstraint": { + "AWS::WAFv2::RuleGroup.JA4Fingerprint": { "additionalProperties": false, "properties": { - "ComparisonOperator": { - "markdownDescription": "The type of comparison you want AWS WAF to perform. AWS WAF uses this in combination with the provided `Size` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\n*EQ* : Used to test if the `Size` is equal to the size of the `FieldToMatch`\n\n*NE* : Used to test if the `Size` is not equal to the size of the `FieldToMatch`\n\n*LE* : Used to test if the `Size` is less than or equal to the size of the `FieldToMatch`\n\n*LT* : Used to test if the `Size` is strictly less than the size of the `FieldToMatch`\n\n*GE* : Used to test if the `Size` is greater than or equal to the size of the `FieldToMatch`\n\n*GT* : Used to test if the `Size` is strictly greater than the size of the `FieldToMatch`", - "title": "ComparisonOperator", - "type": "string" - }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" - }, - "Size": { - "markdownDescription": "The size in bytes that you want AWS WAF to compare against the size of the specified `FieldToMatch` . AWS WAF uses this in combination with `ComparisonOperator` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\nValid values for size are 0 - 21474836480 bytes (0 - 20 GB).\n\nIf you specify `URI` for the value of `Type` , the / in the URI path that you specify counts as one character. For example, the URI `/logo.jpg` is nine characters long.", - "title": "Size", - "type": "number" - }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting a request for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because the API Gateway API or Application Load Balancer forward only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", - "title": "TextTransformation", + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" } }, "required": [ - "ComparisonOperator", - "FieldToMatch", - "Size", - "TextTransformation" + "FallbackBehavior" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet": { + "AWS::WAFv2::RuleGroup.JsonBody": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "InvalidFallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "InvalidFallbackBehavior", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `SqlInjectionMatchSet` .", - "title": "Name", - "type": "string" - }, - "SqlInjectionMatchTuples": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple" - }, - "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", - "title": "SqlInjectionMatchTuples", - "type": "array" - } - }, - "required": [ - "Name" - ], - "type": "object" + "MatchPattern": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonMatchPattern", + "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", + "title": "MatchPattern" }, - "Type": { - "enum": [ - "AWS::WAFRegional::SqlInjectionMatchSet" - ], + "MatchScope": { + "markdownDescription": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", + "title": "MatchScope", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "OversizeHandling": { + "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", + "title": "OversizeHandling", "type": "string" } }, "required": [ - "Type", - "Properties" + "MatchPattern", + "MatchScope" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.JsonMatchPattern": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", - "type": "string" + "All": { + "markdownDescription": "Match all of the elements. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nYou must specify either this setting or the `IncludedPaths` setting, but not both.", + "title": "All", + "type": "object" }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", + "IncludedPaths": { + "items": { + "type": "string" + }, + "markdownDescription": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n> Don't use this option to include all paths. Instead, use the `All` setting.", + "title": "IncludedPaths", + "type": "array" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.Label": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The label string.", + "title": "Name", "type": "string" } }, "required": [ - "Type" + "Name" ], "type": "object" }, - "AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple": { + "AWS::WAFv2::RuleGroup.LabelMatchStatement": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", - "title": "FieldToMatch" + "Key": { + "markdownDescription": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` .", + "title": "Key", + "type": "string" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "Scope": { + "markdownDescription": "Specify whether you want to match using the label name or just the namespace.", + "title": "Scope", "type": "string" } }, "required": [ - "FieldToMatch", - "TextTransformation" + "Key", + "Scope" ], "type": "object" }, - "AWS::WAFRegional::WebACL": { + "AWS::WAFv2::RuleGroup.LabelSummary": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "DefaultAction": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", - "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", - "title": "DefaultAction" - }, - "MetricName": { - "markdownDescription": "A name for the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", - "title": "MetricName", - "type": "string" - }, - "Name": { - "markdownDescription": "A friendly name or description of the `WebACL` . You can't change the name of a `WebACL` after you create it.", - "title": "Name", - "type": "string" - }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Rule" - }, - "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", - "title": "Rules", - "type": "array" - } - }, - "required": [ - "DefaultAction", - "MetricName", - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::WebACL" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "An individual label specification.", + "title": "Name", "type": "string" } }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.NotStatement": { + "additionalProperties": false, + "properties": { + "Statement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "The statement to negate. You can use any statement that can be nested.", + "title": "Statement" + } + }, "required": [ - "Type", - "Properties" + "Statement" ], "type": "object" }, - "AWS::WAFRegional::WebACL.Action": { + "AWS::WAFv2::RuleGroup.OrStatement": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "For actions that are associated with a rule, the action that AWS WAF takes when a web request matches all conditions in a rule.\n\nFor the default action of a web access control list (ACL), the action that AWS WAF takes when a web request doesn't match all conditions in any rule.\n\nValid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a WebACL.", - "title": "Type", - "type": "string" + "Statements": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + }, + "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", + "title": "Statements", + "type": "array" } }, "required": [ - "Type" + "Statements" ], "type": "object" }, - "AWS::WAFRegional::WebACL.Rule": { + "AWS::WAFv2::RuleGroup.RateBasedStatement": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", - "markdownDescription": "The action that AWS WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.", - "title": "Action" + "AggregateKeyType": { + "markdownDescription": "Setting that indicates how to aggregate the request counts.\n\n> Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` .", + "title": "AggregateKeyType", + "type": "string" }, - "Priority": { - "markdownDescription": "The order in which AWS WAF evaluates the rules in a web ACL. AWS WAF evaluates rules with a lower value before rules with a higher value. The value must be a unique integer. If you have multiple rules in a web ACL, the priority numbers do not need to be consecutive.", - "title": "Priority", + "CustomKeys": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" + }, + "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", + "title": "CustomKeys", + "type": "array" + }, + "EvaluationWindowSec": { + "markdownDescription": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)", + "title": "EvaluationWindowSec", "type": "number" }, - "RuleId": { - "markdownDescription": "The ID of an AWS WAF Regional rule to associate with a web ACL.", - "title": "RuleId", - "type": "string" + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", + "title": "ForwardedIPConfig" + }, + "Limit": { + "markdownDescription": "The limit on requests during the specified evaluation window for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair.", + "title": "Limit", + "type": "number" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", + "title": "ScopeDownStatement" } }, "required": [ - "Action", - "Priority", - "RuleId" + "AggregateKeyType", + "Limit" ], "type": "object" }, - "AWS::WAFRegional::WebACLAssociation": { + "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "ASN": { + "markdownDescription": "Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance.", + "title": "ASN", + "type": "object" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "Cookie": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie", + "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", + "title": "Cookie" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ForwardedIP": { + "markdownDescription": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", + "title": "ForwardedIP", + "type": "object" }, - "Metadata": { + "HTTPMethod": { + "markdownDescription": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", + "title": "HTTPMethod", "type": "object" }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to protect with the web ACL.", - "title": "ResourceArn", - "type": "string" - }, - "WebACLId": { - "markdownDescription": "A unique identifier (ID) for the web ACL.", - "title": "WebACLId", - "type": "string" - } - }, - "required": [ - "ResourceArn", - "WebACLId" - ], + "Header": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader", + "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", + "title": "Header" + }, + "IP": { + "markdownDescription": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` .", + "title": "IP", "type": "object" }, - "Type": { - "enum": [ - "AWS::WAFRegional::WebACLAssociation" - ], - "type": "string" + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitJA3Fingerprint", + "markdownDescription": "Use the request's JA3 fingerprint as an aggregate key. If you use a single JA3 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA3Fingerprint" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitJA4Fingerprint", + "markdownDescription": "Use the request's JA4 fingerprint as an aggregate key. If you use a single JA4 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA4Fingerprint" + }, + "LabelNamespace": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace", + "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", + "title": "LabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument", + "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", + "title": "QueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString", + "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", + "title": "QueryString" + }, + "UriPath": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath", + "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", + "title": "UriPath" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitCookie": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the cookie to use.", + "title": "Name", "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Name", + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet": { + "AWS::WAFv2::RuleGroup.RateLimitHeader": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Name": { + "markdownDescription": "The name of the header to use.", + "title": "Name", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name, if any, of the `XssMatchSet` .", - "title": "Name", - "type": "string" - }, - "XssMatchTuples": { - "items": { - "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.XssMatchTuple" - }, - "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", - "title": "XssMatchTuples", - "type": "array" - } + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "required": [ - "Name" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFRegional::XssMatchSet" - ], + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitJA3Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitJA4Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { + "additionalProperties": false, + "properties": { + "Namespace": { + "markdownDescription": "The namespace to use for aggregation.", + "title": "Namespace", "type": "string" } }, "required": [ - "Type", - "Properties" + "Namespace" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet.FieldToMatch": { + "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { "additionalProperties": false, "properties": { - "Data": { - "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", - "title": "Data", + "Name": { + "markdownDescription": "The name of the query argument to use.", + "title": "Name", "type": "string" }, - "Type": { - "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", - "title": "Type", - "type": "string" + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type" + "Name", + "TextTransformations" ], "type": "object" }, - "AWS::WAFRegional::XssMatchSet.XssMatchTuple": { + "AWS::WAFv2::RuleGroup.RateLimitQueryString": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitUriPath": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", + "title": "TextTransformations", + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RegexMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.FieldToMatch", - "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specified header or a query string.", + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, - "TextTransformation": { - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", - "title": "TextTransformation", + "RegexString": { + "markdownDescription": "The string representing the regular expression.", + "title": "RegexString", "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ "FieldToMatch", - "TextTransformation" + "RegexString", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::IPSet": { + "AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references.", + "title": "Arn", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Addresses": { - "items": { - "type": "string" - }, - "markdownDescription": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want AWS WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all IPv4 and IPv6 CIDR ranges except for `/0` .\n\nExample address strings:\n\n- For requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nExample JSON `Addresses` specifications:\n\n- Empty array: `\"Addresses\": []`\n- Array with one address: `\"Addresses\": [\"192.0.2.44/32\"]`\n- Array with three addresses: `\"Addresses\": [\"192.0.2.44/32\", \"192.0.2.0/24\", \"192.0.0.0/16\"]`\n- INVALID specification: `\"Addresses\": [\"\"]` INVALID", - "title": "Addresses", - "type": "array" - }, - "Description": { - "markdownDescription": "A description of the IP set that helps with identification.", - "title": "Description", - "type": "string" - }, - "IPAddressVersion": { - "markdownDescription": "The version of the IP addresses, either `IPV4` or `IPV6` .", - "title": "IPAddressVersion", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the IP set. You cannot change the name of an `IPSet` after you create it.", - "title": "Name", - "type": "string" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", - "title": "Scope", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - } + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "required": [ - "Addresses", - "IPAddressVersion", - "Scope" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::IPSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "Arn", + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration": { + "AWS::WAFv2::RuleGroup.Rule": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "Action": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RuleAction", + "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting.", + "title": "Action" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "CaptchaConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaConfig", + "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", + "title": "CaptchaConfig" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "ChallengeConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeConfig", + "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", + "title": "ChallengeConfig" }, - "Metadata": { - "type": "object" + "Name": { + "markdownDescription": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name.", + "title": "Name", + "type": "string" }, - "Properties": { - "additionalProperties": false, - "properties": { - "LogDestinationConfigs": { - "items": { - "type": "string" - }, - "markdownDescription": "The logging destination configuration that you want to associate with the web ACL.\n\n> You can associate one logging destination to a web ACL.", - "title": "LogDestinationConfigs", - "type": "array" - }, - "LoggingFilter": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LoggingFilter", - "markdownDescription": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", - "title": "LoggingFilter" - }, - "RedactedFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.FieldToMatch" - }, - "markdownDescription": "The parts of the request that you want to keep out of the logs.\n\nFor example, if you redact the `SingleHeader` field, the `HEADER` field in the logs will be `REDACTED` for all rules that use the `SingleHeader` `FieldToMatch` setting.\n\nIf you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs.\n\nRedaction applies only to the component that's specified in the rule's `FieldToMatch` setting, so the `SingleHeader` redaction doesn't apply to rules that use the `Headers` `FieldToMatch` .\n\n> You can specify only the following fields for redaction: `UriPath` , `QueryString` , `SingleHeader` , and `Method` . > This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", - "title": "RedactedFields", - "type": "array" - }, - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with `LogDestinationConfigs` .", - "title": "ResourceArn", - "type": "string" - } + "Priority": { + "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", + "title": "Priority", + "type": "number" + }, + "RuleLabels": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Label" }, - "required": [ - "LogDestinationConfigs", - "ResourceArn" - ], - "type": "object" + "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", + "title": "RuleLabels", + "type": "array" }, - "Type": { - "enum": [ - "AWS::WAFv2::LoggingConfiguration" - ], - "type": "string" + "Statement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", + "title": "Statement" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "VisibilityConfig": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", + "title": "VisibilityConfig" } }, "required": [ - "Type", - "Properties" + "Name", + "Priority", + "Statement", + "VisibilityConfig" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.ActionCondition": { + "AWS::WAFv2::RuleGroup.RuleAction": { "additionalProperties": false, "properties": { - "Action": { - "markdownDescription": "The action setting that a log record must contain in order to meet the condition. This is the action that AWS WAF applied to the web request.\n\nFor rule groups, this is either the configured rule action setting, or if you've applied a rule action override to the rule, it's the override action. The value `EXCLUDED_AS_COUNT` matches on excluded rules and also on rules that have a rule action override of Count.", - "title": "Action", + "Allow": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AllowAction", + "markdownDescription": "Instructs AWS WAF to allow the web request.", + "title": "Allow" + }, + "Block": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.BlockAction", + "markdownDescription": "Instructs AWS WAF to block the web request.", + "title": "Block" + }, + "Captcha": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaAction", + "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", + "title": "Captcha" + }, + "Challenge": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeAction", + "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", + "title": "Challenge" + }, + "Count": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CountAction", + "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", + "title": "Count" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the query header to inspect.", + "title": "Name", "type": "string" } }, "required": [ - "Action" + "Name" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.Condition": { + "AWS::WAFv2::RuleGroup.SingleQueryArgument": { "additionalProperties": false, "properties": { - "ActionCondition": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.ActionCondition", - "markdownDescription": "A single action condition. This is the action setting that a log record must contain in order to meet the condition.", - "title": "ActionCondition" - }, - "LabelNameCondition": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LabelNameCondition", - "markdownDescription": "A single label name condition. This is the fully qualified label name that a log record must contain in order to meet the condition. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", - "title": "LabelNameCondition" + "Name": { + "markdownDescription": "The name of the query argument to inspect.", + "title": "Name", + "type": "string" } }, + "required": [ + "Name" + ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.FieldToMatch": { + "AWS::WAFv2::RuleGroup.SizeConstraintStatement": { "additionalProperties": false, "properties": { - "Method": { - "markdownDescription": "Redact the indicated HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", - "title": "Method", - "type": "object" + "ComparisonOperator": { + "markdownDescription": "The operator to use to compare the request part to the size setting.", + "title": "ComparisonOperator", + "type": "string" }, - "QueryString": { - "markdownDescription": "Redact the query string. This is the part of a URL that appears after a `?` character, if any.", - "title": "QueryString", - "type": "object" + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.SingleHeader", - "markdownDescription": "Redact a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`", - "title": "SingleHeader" + "Size": { + "markdownDescription": "The size, in byte, to compare to the request part, after any transformations.", + "title": "Size", + "type": "number" }, - "UriPath": { - "markdownDescription": "Redact the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", - "title": "UriPath", - "type": "object" + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, + "required": [ + "ComparisonOperator", + "FieldToMatch", + "Size", + "TextTransformations" + ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.Filter": { + "AWS::WAFv2::RuleGroup.SqliMatchStatement": { "additionalProperties": false, "properties": { - "Behavior": { - "markdownDescription": "How to handle logs that satisfy the filter's conditions and requirement.", - "title": "Behavior", + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" + }, + "SensitivityLevel": { + "markdownDescription": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`", + "title": "SensitivityLevel", "type": "string" }, - "Conditions": { + "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Condition" + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "markdownDescription": "Match conditions for the filter.", - "title": "Conditions", + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", "type": "array" - }, - "Requirement": { - "markdownDescription": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", - "title": "Requirement", - "type": "string" } }, "required": [ - "Behavior", - "Conditions", - "Requirement" + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.LabelNameCondition": { + "AWS::WAFv2::RuleGroup.Statement": { "additionalProperties": false, "properties": { - "LabelName": { - "markdownDescription": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", - "title": "LabelName", - "type": "string" + "AndStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AndStatement", + "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", + "title": "AndStatement" + }, + "AsnMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AsnMatchStatement", + "markdownDescription": "A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.\n\nFor additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "AsnMatchStatement" + }, + "ByteMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ByteMatchStatement", + "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", + "title": "ByteMatchStatement" + }, + "GeoMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.GeoMatchStatement", + "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "GeoMatchStatement" + }, + "IPSetReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetReferenceStatement", + "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", + "title": "IPSetReferenceStatement" + }, + "LabelMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelMatchStatement", + "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", + "title": "LabelMatchStatement" + }, + "NotStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.NotStatement", + "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", + "title": "NotStatement" + }, + "OrStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.OrStatement", + "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", + "title": "OrStatement" + }, + "RateBasedStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatement", + "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", + "title": "RateBasedStatement" + }, + "RegexMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexMatchStatement", + "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", + "title": "RegexMatchStatement" + }, + "RegexPatternSetReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement", + "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", + "title": "RegexPatternSetReferenceStatement" + }, + "SizeConstraintStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SizeConstraintStatement", + "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", + "title": "SizeConstraintStatement" + }, + "SqliMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SqliMatchStatement", + "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", + "title": "SqliMatchStatement" + }, + "XssMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.XssMatchStatement", + "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", + "title": "XssMatchStatement" } }, - "required": [ - "LabelName" - ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.LoggingFilter": { + "AWS::WAFv2::RuleGroup.TextTransformation": { "additionalProperties": false, "properties": { - "DefaultBehavior": { - "markdownDescription": "Default handling for logs that don't match any of the specified filtering conditions.", - "title": "DefaultBehavior", - "type": "string" + "Priority": { + "markdownDescription": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different.", + "title": "Priority", + "type": "number" }, - "Filters": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Filter" - }, - "markdownDescription": "The filters that you want to apply to the logs.", - "title": "Filters", - "type": "array" + "Type": { + "markdownDescription": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* .", + "title": "Type", + "type": "string" } }, "required": [ - "DefaultBehavior", - "Filters" + "Priority", + "Type" ], "type": "object" }, - "AWS::WAFv2::LoggingConfiguration.SingleHeader": { + "AWS::WAFv2::RuleGroup.UriFragment": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the query header to inspect.", - "title": "Name", + "FallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\nExample JSON: `{ \"UriFragment\": { \"FallbackBehavior\": \"MATCH\"} }`\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "FallbackBehavior", "type": "string" } }, - "required": [ - "Name" - ], "type": "object" }, - "AWS::WAFv2::RegexPatternSet": { + "AWS::WAFv2::RuleGroup.VisibilityConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "CloudWatchMetricsEnabled": { + "markdownDescription": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* .", + "title": "CloudWatchMetricsEnabled", + "type": "boolean" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "MetricName": { + "markdownDescription": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` .", + "title": "MetricName", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" + "SampledRequestsEnabled": { + "markdownDescription": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\nIf you configure data protection for the web ACL, the protection applies to the web ACL's sampled web request data.\n\n> Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", + "title": "SampledRequestsEnabled", + "type": "boolean" + } + }, + "required": [ + "CloudWatchMetricsEnabled", + "MetricName", + "SampledRequestsEnabled" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.XssMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", + "title": "FieldToMatch" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "A description of the set that helps with identification.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the set. You cannot change the name after you create the set.", - "title": "Name", - "type": "string" - }, - "RegularExpressionList": { - "items": { - "type": "string" - }, - "markdownDescription": "The regular expression patterns in the set.", - "title": "RegularExpressionList", - "type": "array" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", - "title": "Scope", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - } + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, - "required": [ - "RegularExpressionList", - "Scope" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::RegexPatternSet" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", + "title": "TextTransformations", + "type": "array" } }, "required": [ - "Type", - "Properties" + "FieldToMatch", + "TextTransformations" ], "type": "object" }, - "AWS::WAFv2::RuleGroup": { + "AWS::WAFv2::WebACL": { "additionalProperties": false, "properties": { "Condition": { @@ -267984,58 +319580,67 @@ "Properties": { "additionalProperties": false, "properties": { - "AvailableLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" - }, - "markdownDescription": "The labels that one or more rules in this rule group add to matching web requests. These labels are defined in the `RuleLabels` for a `Rule` .", - "title": "AvailableLabels", - "type": "array" + "AssociationConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AssociationConfig", + "markdownDescription": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", + "title": "AssociationConfig" }, - "Capacity": { - "markdownDescription": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.", - "title": "Capacity", - "type": "number" + "CaptchaConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", + "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .", + "title": "CaptchaConfig" }, - "ConsumedLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" - }, - "markdownDescription": "The labels that one or more rules in this rule group match against in label match statements. These labels are defined in a `LabelMatchStatement` specification, in the `Statement` definition of a rule.", - "title": "ConsumedLabels", - "type": "array" + "ChallengeConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", + "markdownDescription": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .", + "title": "ChallengeConfig" }, "CustomResponseBodies": { "additionalProperties": false, - "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "patternProperties": { "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponseBody" + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponseBody" } }, "title": "CustomResponseBodies", "type": "object" }, + "DataProtectionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DataProtectionConfig", + "markdownDescription": "Specifies data protection to apply to the web request data for the web ACL. This is a web ACL level data protection option.\n\nThe data protection that you configure for the web ACL alters the data that's available for any other data collection activity, including your AWS WAF logging destinations, web ACL request sampling, and Amazon Security Lake data collection and management. Your other option for data protection is in the logging configuration, which only affects logging.", + "title": "DataProtectionConfig" + }, + "DefaultAction": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DefaultAction", + "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match.", + "title": "DefaultAction" + }, "Description": { - "markdownDescription": "A description of the rule group that helps with identification.", + "markdownDescription": "A description of the web ACL that helps with identification.", "title": "Description", "type": "string" }, "Name": { - "markdownDescription": "The name of the rule group. You cannot change the name of a rule group after you create it.", + "markdownDescription": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", "title": "Name", "type": "string" }, + "OnSourceDDoSProtectionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.OnSourceDDoSProtectionConfig", + "markdownDescription": "Configures the level of DDoS protection that applies to web ACLs associated with Application Load Balancers.", + "title": "OnSourceDDoSProtectionConfig" + }, "Rules": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Rule" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Rule" }, - "markdownDescription": "The rule statements used to identify the web requests that you want to allow, block, or count. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", + "markdownDescription": "The rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", "title": "Rules", "type": "array" }, "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", "title": "Scope", "type": "string" }, @@ -268047,14 +319652,22 @@ "title": "Tags", "type": "array" }, + "TokenDomains": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.", + "title": "TokenDomains", + "type": "array" + }, "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", "title": "VisibilityConfig" } }, "required": [ - "Capacity", + "DefaultAction", "Scope", "VisibilityConfig" ], @@ -268062,7 +319675,7 @@ }, "Type": { "enum": [ - "AWS::WAFv2::RuleGroup" + "AWS::WAFv2::WebACL" ], "type": "string" }, @@ -268081,23 +319694,126 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.AllowAction": { + "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { + "additionalProperties": false, + "properties": { + "CreationPath": { + "markdownDescription": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests.\n\nFor example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` .", + "title": "CreationPath", + "type": "string" + }, + "EnableRegexInPath": { + "markdownDescription": "Allow the use of regular expressions in the registration page path and the account creation path.", + "title": "EnableRegexInPath", + "type": "boolean" + }, + "RegistrationPagePath": { + "markdownDescription": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.\n\n> This page must accept `GET` text/html requests. \n\nFor example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` .", + "title": "RegistrationPagePath", + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP", + "markdownDescription": "The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.", + "title": "RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", + "markdownDescription": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.", + "title": "ResponseInspection" + } + }, + "required": [ + "CreationPath", + "RegistrationPagePath", + "RequestInspection" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { + "additionalProperties": false, + "properties": { + "EnableRegexInPath": { + "markdownDescription": "Allow the use of regular expressions in the login page path.", + "title": "EnableRegexInPath", + "type": "boolean" + }, + "LoginPath": { + "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", + "title": "LoginPath", + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspection", + "markdownDescription": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", + "title": "RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", + "markdownDescription": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.", + "title": "ResponseInspection" + } + }, + "required": [ + "LoginPath" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesAntiDDoSRuleSet": { + "additionalProperties": false, + "properties": { + "ClientSideActionConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ClientSideActionConfig", + "markdownDescription": "Configures the request handling that's applied by the managed rule group rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` during a distributed denial of service (DDoS) attack.", + "title": "ClientSideActionConfig" + }, + "SensitivityToBlock": { + "markdownDescription": "The sensitivity that the rule group rule `DDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `DDoSRequests` rule runs.\n\nThe higher the sensitivity, the more levels of labeling that the rule matches:\n\n- Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` .\n- Medium sensitivity causes the rule to match on the medium and high suspicion labels.\n- High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high.\n\nDefault: `LOW`", + "title": "SensitivityToBlock", + "type": "string" + } + }, + "required": [ + "ClientSideActionConfig" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet": { + "additionalProperties": false, + "properties": { + "EnableMachineLearning": { + "markdownDescription": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`", + "title": "EnableMachineLearning", + "type": "boolean" + }, + "InspectionLevel": { + "markdownDescription": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* .", + "title": "InspectionLevel", + "type": "string" + } + }, + "required": [ + "InspectionLevel" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.AllowAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.AndStatement": { + "AWS::WAFv2::WebACL.AndStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" }, "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", "title": "Statements", @@ -268109,18 +319825,54 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.BlockAction": { + "AWS::WAFv2::WebACL.AsnMatchStatement": { + "additionalProperties": false, + "properties": { + "AsnList": { + "items": { + "type": "number" + }, + "markdownDescription": "Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies.", + "title": "AsnList", + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", + "markdownDescription": "The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.", + "title": "ForwardedIPConfig" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.AssociationConfig": { + "additionalProperties": false, + "properties": { + "RequestBody": { + "additionalProperties": false, + "markdownDescription": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig" + } + }, + "title": "RequestBody", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.BlockAction": { "additionalProperties": false, "properties": { "CustomResponse": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponse", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponse", "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomResponse" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Body": { + "AWS::WAFv2::WebACL.Body": { "additionalProperties": false, "properties": { "OversizeHandling": { @@ -268131,11 +319883,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ByteMatchStatement": { + "AWS::WAFv2::WebACL.ByteMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -268156,7 +319908,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -268170,51 +319922,92 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CaptchaAction": { + "AWS::WAFv2::WebACL.CaptchaAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CaptchaConfig": { + "AWS::WAFv2::WebACL.CaptchaConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", "title": "ImmunityTimeProperty" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ChallengeAction": { + "AWS::WAFv2::WebACL.ChallengeAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", + "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ChallengeConfig": { + "AWS::WAFv2::WebACL.ChallengeConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", "title": "ImmunityTimeProperty" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CookieMatchPattern": { + "AWS::WAFv2::WebACL.ClientSideAction": { + "additionalProperties": false, + "properties": { + "ExemptUriRegularExpressions": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.Regex" + }, + "markdownDescription": "The regular expression to match against the web request URI, used to identify requests that can't handle a silent browser challenge. When the `ClientSideAction` setting `UsageOfAction` is enabled, the managed rule group uses this setting to determine which requests to label with `awswaf:managed:aws:anti-ddos:challengeable-request` . If `UsageOfAction` is disabled, this setting has no effect and the managed rule group doesn't add the label to any requests.\n\nThe anti-DDoS managed rule group doesn't evaluate the rules `ChallengeDDoSRequests` or `ChallengeAllDuringEvent` for web requests whose URIs match this regex. This is true regardless of whether you override the rule action for either of the rules in your web ACL configuration.\n\nAWS recommends using a regular expression.\n\nThis setting is required if `UsageOfAction` is set to `ENABLED` . If required, you can provide between 1 and 5 regex objects in the array of settings.\n\nAWS recommends starting with the following setting. Review and update it for your application's needs:\n\n`\\/api\\/|\\.(acc|avi|css|gif|jpe?g|js|mp[34]|ogg|otf|pdf|png|tiff?|ttf|webm|webp|woff2?)$`", + "title": "ExemptUriRegularExpressions", + "type": "array" + }, + "Sensitivity": { + "markdownDescription": "The sensitivity that the rule group rule `ChallengeDDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `ChallengeDDoSRequests` rule runs.\n\nThe higher the sensitivity, the more levels of labeling that the rule matches:\n\n- Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` .\n- Medium sensitivity causes the rule to match on the medium and high suspicion labels.\n- High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high.\n\nDefault: `HIGH`", + "title": "Sensitivity", + "type": "string" + }, + "UsageOfAction": { + "markdownDescription": "Determines whether to use the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the rule group evaluation and the related label `awswaf:managed:aws:anti-ddos:challengeable-request` .\n\n- If usage is enabled:\n\n- The managed rule group adds the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web request whose URL does *NOT* match the regular expressions provided in the `ClientSideAction` setting `ExemptUriRegularExpressions` .\n- The two rules are evaluated against web requests for protected resources that are experiencing a DDoS attack. The two rules only apply their action to matching requests that have the label `awswaf:managed:aws:anti-ddos:challengeable-request` .\n- If usage is disabled:\n\n- The managed rule group doesn't add the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web requests.\n- The two rules are not evaluated.\n- None of the other `ClientSideAction` settings have any effect.\n\n> This setting only enables or disables the use of the two anti-DDOS rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the anti-DDoS managed rule group.\n> \n> This setting doesn't alter the action setting in the two rules. To override the actions used by the rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` , enable this setting, and then override the rule actions in the usual way, in your managed rule group configuration.", + "title": "UsageOfAction", + "type": "string" + } + }, + "required": [ + "UsageOfAction" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ClientSideActionConfig": { + "additionalProperties": false, + "properties": { + "Challenge": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ClientSideAction", + "markdownDescription": "Configuration for the use of the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` .\n\n> This setting isn't related to the configuration of the `Challenge` action itself. It only configures the use of the two anti-DDoS rules named here. \n\nYou can enable or disable the use of these rules, and you can configure how to use them when they are enabled.", + "title": "Challenge" + } + }, + "required": [ + "Challenge" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.CookieMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268241,11 +320034,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Cookies": { + "AWS::WAFv2::WebACL.Cookies": { "additionalProperties": false, "properties": { "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CookieMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CookieMatchPattern", "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", "title": "MatchPattern" }, @@ -268267,18 +320060,18 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CountAction": { + "AWS::WAFv2::WebACL.CountAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomHTTPHeader": { + "AWS::WAFv2::WebACL.CustomHTTPHeader": { "additionalProperties": false, "properties": { "Name": { @@ -268298,12 +320091,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomRequestHandling": { + "AWS::WAFv2::WebACL.CustomRequestHandling": { "additionalProperties": false, "properties": { "InsertHeaders": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" }, "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "InsertHeaders", @@ -268315,7 +320108,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomResponse": { + "AWS::WAFv2::WebACL.CustomResponse": { "additionalProperties": false, "properties": { "CustomResponseBodyKey": { @@ -268330,7 +320123,7 @@ }, "ResponseHeaders": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" + "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" }, "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "ResponseHeaders", @@ -268338,31 +320131,122 @@ } }, "required": [ - "ResponseCode" + "ResponseCode" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.CustomResponseBody": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", + "title": "Content", + "type": "string" + }, + "ContentType": { + "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", + "title": "ContentType", + "type": "string" + } + }, + "required": [ + "Content", + "ContentType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DataProtect": { + "additionalProperties": false, + "properties": { + "Action": { + "markdownDescription": "", + "title": "Action", + "type": "string" + }, + "ExcludeRateBasedDetails": { + "markdownDescription": "", + "title": "ExcludeRateBasedDetails", + "type": "boolean" + }, + "ExcludeRuleMatchDetails": { + "markdownDescription": "", + "title": "ExcludeRuleMatchDetails", + "type": "boolean" + }, + "Field": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToProtect", + "markdownDescription": "", + "title": "Field" + } + }, + "required": [ + "Action", + "Field" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DataProtectionConfig": { + "additionalProperties": false, + "properties": { + "DataProtections": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.DataProtect" + }, + "markdownDescription": "An array of data protection configurations for specific web request field types. This is defined for each web ACL. AWS WAF applies the specified protection to all web requests that the web ACL inspects.", + "title": "DataProtections", + "type": "array" + } + }, + "required": [ + "DataProtections" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.DefaultAction": { + "additionalProperties": false, + "properties": { + "Allow": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", + "markdownDescription": "Specifies that AWS WAF should allow requests by default.", + "title": "Allow" + }, + "Block": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", + "markdownDescription": "Specifies that AWS WAF should block requests by default.", + "title": "Block" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ExcludedRule": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the rule whose action you want to override to `Count` .", + "title": "Name", + "type": "string" + } + }, + "required": [ + "Name" ], "type": "object" }, - "AWS::WAFv2::RuleGroup.CustomResponseBody": { + "AWS::WAFv2::WebACL.FieldIdentifier": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "Content", - "type": "string" - }, - "ContentType": { - "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", - "title": "ContentType", + "Identifier": { + "markdownDescription": "The name of the field.\n\nWhen the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nWhen the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` .\n\nFor more information, see the descriptions for each field type in the request inspection properties.", + "title": "Identifier", "type": "string" } }, "required": [ - "Content", - "ContentType" + "Identifier" ], "type": "object" }, - "AWS::WAFv2::RuleGroup.FieldToMatch": { + "AWS::WAFv2::WebACL.FieldToMatch": { "additionalProperties": false, "properties": { "AllQueryArguments": { @@ -268371,27 +320255,32 @@ "type": "object" }, "Body": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Body", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Body", "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", "title": "Body" }, "Cookies": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Cookies", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Cookies", "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", "title": "Cookies" }, "Headers": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Headers", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Headers", "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", "title": "Headers" }, "JA3Fingerprint": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA3Fingerprint", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JA3Fingerprint", "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", "title": "JA3Fingerprint" }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.JA4Fingerprint", + "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA4 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA4 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", + "title": "JA4Fingerprint" + }, "JsonBody": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonBody", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonBody", "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", "title": "JsonBody" }, @@ -268406,15 +320295,20 @@ "type": "object" }, "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleHeader", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleHeader", "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", "title": "SingleHeader" }, "SingleQueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleQueryArgument", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleQueryArgument", "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", "title": "SingleQueryArgument" }, + "UriFragment": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.UriFragment", + "markdownDescription": "Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", + "title": "UriFragment" + }, "UriPath": { "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", "title": "UriPath", @@ -268423,7 +320317,29 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.ForwardedIPConfiguration": { + "AWS::WAFv2::WebACL.FieldToProtect": { + "additionalProperties": false, + "properties": { + "FieldKeys": { + "items": { + "type": "string" + }, + "markdownDescription": "Specifies the keys to protect for the specified field type. If you don't specify any key, then all keys for the field type are protected.", + "title": "FieldKeys", + "type": "array" + }, + "FieldType": { + "markdownDescription": "Specifies the web request component type to protect.", + "title": "FieldType", + "type": "string" + } + }, + "required": [ + "FieldType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268443,7 +320359,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.GeoMatchStatement": { + "AWS::WAFv2::WebACL.GeoMatchStatement": { "additionalProperties": false, "properties": { "CountryCodes": { @@ -268455,14 +320371,14 @@ "type": "array" }, "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "ForwardedIPConfig" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.HeaderMatchPattern": { + "AWS::WAFv2::WebACL.HeaderMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268489,11 +320405,11 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Headers": { + "AWS::WAFv2::WebACL.Headers": { "additionalProperties": false, "properties": { "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.HeaderMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.HeaderMatchPattern", "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", "title": "MatchPattern" }, @@ -268515,7 +320431,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration": { + "AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268541,7 +320457,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.IPSetReferenceStatement": { + "AWS::WAFv2::WebACL.IPSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { @@ -268550,7 +320466,7 @@ "type": "string" }, "IPSetForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "IPSetForwardedIPConfig" } @@ -268560,7 +320476,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.ImmunityTimeProperty": { + "AWS::WAFv2::WebACL.ImmunityTimeProperty": { "additionalProperties": false, "properties": { "ImmunityTime": { @@ -268574,7 +320490,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JA3Fingerprint": { + "AWS::WAFv2::WebACL.JA3Fingerprint": { "additionalProperties": false, "properties": { "FallbackBehavior": { @@ -268588,7 +320504,21 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JsonBody": { + "AWS::WAFv2::WebACL.JA4Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.JsonBody": { "additionalProperties": false, "properties": { "InvalidFallbackBehavior": { @@ -268597,7 +320527,7 @@ "type": "string" }, "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonMatchPattern", + "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonMatchPattern", "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", "title": "MatchPattern" }, @@ -268618,7 +320548,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.JsonMatchPattern": { + "AWS::WAFv2::WebACL.JsonMatchPattern": { "additionalProperties": false, "properties": { "All": { @@ -268637,7 +320567,7 @@ }, "type": "object" }, - "AWS::WAFv2::RuleGroup.Label": { + "AWS::WAFv2::WebACL.Label": { "additionalProperties": false, "properties": { "Name": { @@ -268651,7 +320581,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.LabelMatchStatement": { + "AWS::WAFv2::WebACL.LabelMatchStatement": { "additionalProperties": false, "properties": { "Key": { @@ -268671,22 +320601,111 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.LabelSummary": { + "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { + "additionalProperties": false, + "properties": { + "AWSManagedRulesACFPRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet", + "markdownDescription": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesACFPRuleSet" + }, + "AWSManagedRulesATPRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", + "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesATPRuleSet" + }, + "AWSManagedRulesAntiDDoSRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesAntiDDoSRuleSet", + "markdownDescription": "Additional configuration for using the anti-DDoS managed rule group, `AWSManagedRulesAntiDDoSRuleSet` . Use this to configure anti-DDoS behavior for the rule group.\n\nFor information about using the anti-DDoS managed rule group, see [AWS WAF Anti-DDoS rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-anti-ddos.html) and [Distributed Denial of Service (DDoS) prevention](https://docs.aws.amazon.com/waf/latest/developerguide/waf-anti-ddos.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesAntiDDoSRuleSet" + }, + "AWSManagedRulesBotControlRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet", + "markdownDescription": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", + "title": "AWSManagedRulesBotControlRuleSet" + }, + "LoginPath": { + "markdownDescription": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", + "title": "LoginPath", + "type": "string" + }, + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "PayloadType", + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", + "title": "UsernameField" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ManagedRuleGroupStatement": { "additionalProperties": false, "properties": { + "ExcludedRules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" + }, + "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", + "title": "ExcludedRules", + "type": "array" + }, + "ManagedRuleGroupConfigs": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupConfig" + }, + "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesAntiDDoSRuleSet` configuration object to configure the anti-DDoS managed rule group. The configuration includes the sensitivity levels to use in the rules that typically block and challenge requests that might be participating in DDoS attacks and the specification to use to indicate whether a request can handle a silent browser challenge.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", + "title": "ManagedRuleGroupConfigs", + "type": "array" + }, "Name": { - "markdownDescription": "An individual label specification.", + "markdownDescription": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.", "title": "Name", "type": "string" + }, + "RuleActionOverrides": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" + }, + "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", + "title": "RuleActionOverrides", + "type": "array" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", + "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", + "title": "ScopeDownStatement" + }, + "VendorName": { + "markdownDescription": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.", + "title": "VendorName", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.", + "title": "Version", + "type": "string" } }, + "required": [ + "Name", + "VendorName" + ], "type": "object" }, - "AWS::WAFv2::RuleGroup.NotStatement": { + "AWS::WAFv2::WebACL.NotStatement": { "additionalProperties": false, "properties": { "Statement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "The statement to negate. You can use any statement that can be nested.", "title": "Statement" } @@ -268696,12 +320715,26 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.OrStatement": { + "AWS::WAFv2::WebACL.OnSourceDDoSProtectionConfig": { + "additionalProperties": false, + "properties": { + "ALBLowReputationMode": { + "markdownDescription": "The level of DDoS protection that applies to web ACLs associated with Application Load Balancers. `ACTIVE_UNDER_DDOS` protection is enabled by default whenever a web ACL is associated with an Application Load Balancer. In the event that an Application Load Balancer experiences high-load conditions or suspected DDoS attacks, the `ACTIVE_UNDER_DDOS` protection automatically rate limits traffic from known low reputation sources without disrupting Application Load Balancer availability. `ALWAYS_ON` protection provides constant, always-on monitoring of known low reputation sources for suspected DDoS attacks. While this provides a higher level of protection, there may be potential impacts on legitimate traffic.", + "title": "ALBLowReputationMode", + "type": "string" + } + }, + "required": [ + "ALBLowReputationMode" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.OrStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" }, "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", "title": "Statements", @@ -268713,7 +320746,23 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateBasedStatement": { + "AWS::WAFv2::WebACL.OverrideAction": { + "additionalProperties": false, + "properties": { + "Count": { + "markdownDescription": "Override the rule group evaluation result to count only.\n\n> This option is usually set to none. It does not affect how the rules in the rule group are evaluated. If you want the rules in the rule group to only count matches, do not use this and instead use the rule action override option, with `Count` action, in your rule group reference statement settings.", + "title": "Count", + "type": "object" + }, + "None": { + "markdownDescription": "Don't override the rule group evaluation result. This is the most common setting.", + "title": "None", + "type": "object" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.RateBasedStatement": { "additionalProperties": false, "properties": { "AggregateKeyType": { @@ -268723,7 +320772,7 @@ }, "CustomKeys": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" }, "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", "title": "CustomKeys", @@ -268735,7 +320784,7 @@ "type": "number" }, "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", "title": "ForwardedIPConfig" }, @@ -268745,7 +320794,7 @@ "type": "number" }, "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", "title": "ScopeDownStatement" } @@ -268756,11 +320805,16 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { + "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { "additionalProperties": false, "properties": { + "ASN": { + "markdownDescription": "Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance.", + "title": "ASN", + "type": "object" + }, "Cookie": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie", "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", "title": "Cookie" }, @@ -268775,7 +320829,7 @@ "type": "object" }, "Header": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader", "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", "title": "Header" }, @@ -268784,30 +320838,40 @@ "title": "IP", "type": "object" }, + "JA3Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitJA3Fingerprint", + "markdownDescription": "Use the request's JA3 fingerprint as an aggregate key. If you use a single JA3 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA3Fingerprint" + }, + "JA4Fingerprint": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitJA4Fingerprint", + "markdownDescription": "Use the request's JA4 fingerprint as an aggregate key. If you use a single JA4 fingerprint as your custom key, then each value fully defines an aggregation instance.", + "title": "JA4Fingerprint" + }, "LabelNamespace": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace", "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", "title": "LabelNamespace" }, "QueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument", "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", "title": "QueryArgument" }, "QueryString": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString", "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", "title": "QueryString" }, "UriPath": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath", "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", "title": "UriPath" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitCookie": { + "AWS::WAFv2::WebACL.RateLimitCookie": { "additionalProperties": false, "properties": { "Name": { @@ -268817,7 +320881,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268830,7 +320894,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitHeader": { + "AWS::WAFv2::WebACL.RateLimitHeader": { "additionalProperties": false, "properties": { "Name": { @@ -268840,7 +320904,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268853,7 +320917,35 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { + "AWS::WAFv2::WebACL.RateLimitJA3Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitJA4Fingerprint": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA4 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", + "title": "FallbackBehavior", + "type": "string" + } + }, + "required": [ + "FallbackBehavior" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { "additionalProperties": false, "properties": { "Namespace": { @@ -268867,7 +320959,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { + "AWS::WAFv2::WebACL.RateLimitQueryArgument": { "additionalProperties": false, "properties": { "Name": { @@ -268877,7 +320969,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268890,12 +320982,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitQueryString": { + "AWS::WAFv2::WebACL.RateLimitQueryString": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268907,12 +320999,12 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RateLimitUriPath": { + "AWS::WAFv2::WebACL.RateLimitUriPath": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", @@ -268924,11 +321016,22 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RegexMatchStatement": { + "AWS::WAFv2::WebACL.Regex": { + "additionalProperties": false, + "properties": { + "RegexString": { + "markdownDescription": "The string representing the regular expression.", + "title": "RegexString", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.RegexMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -268939,7 +321042,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -268953,7 +321056,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement": { + "AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { @@ -268962,13 +321065,13 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -268982,21 +321085,248 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.Rule": { + "AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig": { + "additionalProperties": false, + "properties": { + "DefaultSizeInspectionLimit": { + "markdownDescription": "Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 bytes)`", + "title": "DefaultSizeInspectionLimit", + "type": "string" + } + }, + "required": [ + "DefaultSizeInspectionLimit" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RequestInspection": { + "additionalProperties": false, + "properties": { + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "The payload type for your login endpoint, either JSON or form encoded.", + "title": "PayloadType", + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", + "title": "UsernameField" + } + }, + "required": [ + "PasswordField", + "PayloadType", + "UsernameField" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RequestInspectionACFP": { + "additionalProperties": false, + "properties": { + "AddressFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "markdownDescription": "The names of the fields in the request payload that contain your customer's primary physical address.\n\nOrder the address fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the address fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` .", + "title": "AddressFields", + "type": "array" + }, + "EmailField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's email.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"email\": \"THE_EMAIL\" } }` , the email field specification is `/form/email` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `email1` , the email field specification is `email1` .", + "title": "EmailField" + }, + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", + "title": "PasswordField" + }, + "PayloadType": { + "markdownDescription": "The payload type for your account creation endpoint, either JSON or form encoded.", + "title": "PayloadType", + "type": "string" + }, + "PhoneNumberFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "markdownDescription": "The names of the fields in the request payload that contain your customer's primary phone number.\n\nOrder the phone number fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the phone number fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` .", + "title": "PhoneNumberFields", + "type": "array" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", + "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", + "title": "UsernameField" + } + }, + "required": [ + "PayloadType" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspection": { + "additionalProperties": false, + "properties": { + "BodyContains": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionBodyContains", + "markdownDescription": "Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.", + "title": "BodyContains" + }, + "Header": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionHeader", + "markdownDescription": "Configures inspection of the response header for success and failure indicators.", + "title": "Header" + }, + "Json": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionJson", + "markdownDescription": "Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.", + "title": "Json" + }, + "StatusCode": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionStatusCode", + "markdownDescription": "Configures inspection of the response status code for success and failure indicators.", + "title": "StatusCode" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionBodyContains": { + "additionalProperties": false, + "properties": { + "FailureStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Request failed\" ]`", + "title": "FailureStrings", + "type": "array" + }, + "SuccessStrings": { + "items": { + "type": "string" + }, + "markdownDescription": "Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON examples: `\"SuccessStrings\": [ \"Login successful\" ]` and `\"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]`", + "title": "SuccessStrings", + "type": "array" + } + }, + "required": [ + "FailureStrings", + "SuccessStrings" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionHeader": { + "additionalProperties": false, + "properties": { + "FailureValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]` and `\"FailureValues\": [ \"AccountCreationFailed\" ]`", + "title": "FailureValues", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"RequestResult\" ]`", + "title": "Name", + "type": "string" + }, + "SuccessValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]` and `\"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]`", + "title": "SuccessValues", + "type": "array" + } + }, + "required": [ + "FailureValues", + "Name", + "SuccessValues" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionJson": { + "additionalProperties": false, + "properties": { + "FailureValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`", + "title": "FailureValues", + "type": "array" + }, + "Identifier": { + "markdownDescription": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON examples: `\"Identifier\": [ \"/login/success\" ]` and `\"Identifier\": [ \"/sign-up/success\" ]`", + "title": "Identifier", + "type": "string" + }, + "SuccessValues": { + "items": { + "type": "string" + }, + "markdownDescription": "Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`", + "title": "SuccessValues", + "type": "array" + } + }, + "required": [ + "FailureValues", + "Identifier", + "SuccessValues" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.ResponseInspectionStatusCode": { + "additionalProperties": false, + "properties": { + "FailureCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`", + "title": "FailureCodes", + "type": "array" + }, + "SuccessCodes": { + "items": { + "type": "number" + }, + "markdownDescription": "Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`", + "title": "SuccessCodes", + "type": "array" + } + }, + "required": [ + "FailureCodes", + "SuccessCodes" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.Rule": { "additionalProperties": false, "properties": { "Action": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RuleAction", - "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting.", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", + "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting.\n\nThis is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nYou must set either this `Action` setting or the rule's `OverrideAction` , but not both:\n\n- If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting.\n- If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group.", "title": "Action" }, "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", "title": "CaptchaConfig" }, "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", "title": "ChallengeConfig" }, @@ -269005,6 +321335,11 @@ "title": "Name", "type": "string" }, + "OverrideAction": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.OverrideAction", + "markdownDescription": "The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nSet the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.\n\nYou must set either this `OverrideAction` setting or the `Action` setting, but not both:\n\n- If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting.\n- If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting.", + "title": "OverrideAction" + }, "Priority": { "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", "title": "Priority", @@ -269012,19 +321347,19 @@ }, "RuleLabels": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Label" + "$ref": "#/definitions/AWS::WAFv2::WebACL.Label" }, "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", "title": "RuleLabels", "type": "array" }, "Statement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", "title": "Statement" }, "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", + "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", "title": "VisibilityConfig" } @@ -269037,38 +321372,88 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.RuleAction": { + "AWS::WAFv2::WebACL.RuleAction": { "additionalProperties": false, "properties": { "Allow": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AllowAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", "markdownDescription": "Instructs AWS WAF to allow the web request.", "title": "Allow" }, "Block": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.BlockAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", "markdownDescription": "Instructs AWS WAF to block the web request.", "title": "Block" }, "Captcha": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaAction", "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", "title": "Captcha" }, "Challenge": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeAction", "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", "title": "Challenge" }, "Count": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CountAction", + "$ref": "#/definitions/AWS::WAFv2::WebACL.CountAction", "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", "title": "Count" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.SingleHeader": { + "AWS::WAFv2::WebACL.RuleActionOverride": { + "additionalProperties": false, + "properties": { + "ActionToUse": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", + "markdownDescription": "The override action to use, in place of the configured action of the rule in the rule group.", + "title": "ActionToUse" + }, + "Name": { + "markdownDescription": "The name of the rule to override.", + "title": "Name", + "type": "string" + } + }, + "required": [ + "ActionToUse", + "Name" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RuleGroupReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the entity.", + "title": "Arn", + "type": "string" + }, + "ExcludedRules": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" + }, + "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", + "title": "ExcludedRules", + "type": "array" + }, + "RuleActionOverrides": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" + }, + "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", + "title": "RuleActionOverrides", + "type": "array" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.SingleHeader": { "additionalProperties": false, "properties": { "Name": { @@ -269082,7 +321467,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SingleQueryArgument": { + "AWS::WAFv2::WebACL.SingleQueryArgument": { "additionalProperties": false, "properties": { "Name": { @@ -269096,7 +321481,7 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SizeConstraintStatement": { + "AWS::WAFv2::WebACL.SizeConstraintStatement": { "additionalProperties": false, "properties": { "ComparisonOperator": { @@ -269105,7 +321490,7 @@ "type": "string" }, "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269116,7 +321501,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269131,11 +321516,11 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.SqliMatchStatement": { + "AWS::WAFv2::WebACL.SqliMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, @@ -269146,7 +321531,7 @@ }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269159,78 +321544,93 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.Statement": { + "AWS::WAFv2::WebACL.Statement": { "additionalProperties": false, "properties": { "AndStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AndStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.AndStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", "title": "AndStatement" }, + "AsnMatchStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AsnMatchStatement", + "markdownDescription": "A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address.\n\nFor additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", + "title": "AsnMatchStatement" + }, "ByteMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ByteMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.ByteMatchStatement", "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", "title": "ByteMatchStatement" }, "GeoMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.GeoMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.GeoMatchStatement", "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "GeoMatchStatement" }, "IPSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetReferenceStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetReferenceStatement", "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "IPSetReferenceStatement" }, "LabelMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.LabelMatchStatement", "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", "title": "LabelMatchStatement" }, + "ManagedRuleGroupStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupStatement", + "markdownDescription": "A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` .\n\nYou cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule.\n\n> You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", + "title": "ManagedRuleGroupStatement" + }, "NotStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.NotStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.NotStatement", "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", "title": "NotStatement" }, "OrStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.OrStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.OrStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", "title": "OrStatement" }, "RateBasedStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatement", "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", "title": "RateBasedStatement" }, "RegexMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexMatchStatement", "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", "title": "RegexMatchStatement" }, "RegexPatternSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement", "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "RegexPatternSetReferenceStatement" }, + "RuleGroupReferenceStatement": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleGroupReferenceStatement", + "markdownDescription": "A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.\n\nYou cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL.", + "title": "RuleGroupReferenceStatement" + }, "SizeConstraintStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SizeConstraintStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SizeConstraintStatement", "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", "title": "SizeConstraintStatement" }, "SqliMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SqliMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.SqliMatchStatement", "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", "title": "SqliMatchStatement" }, "XssMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.XssMatchStatement", + "$ref": "#/definitions/AWS::WAFv2::WebACL.XssMatchStatement", "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", "title": "XssMatchStatement" } }, "type": "object" }, - "AWS::WAFv2::RuleGroup.TextTransformation": { + "AWS::WAFv2::WebACL.TextTransformation": { "additionalProperties": false, "properties": { "Priority": { @@ -269250,7 +321650,18 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.VisibilityConfig": { + "AWS::WAFv2::WebACL.UriFragment": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\nExample JSON: `{ \"UriFragment\": { \"FallbackBehavior\": \"MATCH\"} }`\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", + "title": "FallbackBehavior", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.VisibilityConfig": { "additionalProperties": false, "properties": { "CloudWatchMetricsEnabled": { @@ -269276,17 +321687,17 @@ ], "type": "object" }, - "AWS::WAFv2::RuleGroup.XssMatchStatement": { + "AWS::WAFv2::WebACL.XssMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", @@ -269299,7 +321710,7 @@ ], "type": "object" }, - "AWS::WAFv2::WebACL": { + "AWS::WAFv2::WebACLAssociation": { "additionalProperties": false, "properties": { "Condition": { @@ -269334,92 +321745,26 @@ "Properties": { "additionalProperties": false, "properties": { - "AssociationConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AssociationConfig", - "markdownDescription": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", - "title": "AssociationConfig" - }, - "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", - "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .", - "title": "CaptchaConfig" - }, - "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", - "markdownDescription": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .", - "title": "ChallengeConfig" - }, - "CustomResponseBodies": { - "additionalProperties": false, - "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponseBody" - } - }, - "title": "CustomResponseBodies", - "type": "object" - }, - "DefaultAction": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.DefaultAction", - "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match.", - "title": "DefaultAction" - }, - "Description": { - "markdownDescription": "A description of the web ACL that helps with identification.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", - "title": "Name", + "ResourceArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`\n- For an AWS Amplify instance: `arn: *partition* :amplify: *region* : *account-id* :apps/ *app-id*`", + "title": "ResourceArn", "type": "string" }, - "Rules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Rule" - }, - "markdownDescription": "The rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", - "title": "Rules", - "type": "array" - }, - "Scope": { - "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. For an AWS Amplify application, use `CLOUDFRONT` . A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", - "title": "Scope", + "WebACLArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.", + "title": "WebACLArn", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", - "title": "Tags", - "type": "array" - }, - "TokenDomains": { - "items": { - "type": "string" - }, - "markdownDescription": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.", - "title": "TokenDomains", - "type": "array" - }, - "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", - "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", - "title": "VisibilityConfig" } }, "required": [ - "DefaultAction", - "Scope", - "VisibilityConfig" + "ResourceArn", + "WebACLArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::WAFv2::WebACL" + "AWS::WAFv2::WebACLAssociation" ], "type": "string" }, @@ -269438,1937 +321783,2407 @@ ], "type": "object" }, - "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { + "AWS::Wisdom::AIAgent": { "additionalProperties": false, "properties": { - "CreationPath": { - "markdownDescription": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests.\n\nFor example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` .", - "title": "CreationPath", - "type": "string" - }, - "EnableRegexInPath": { - "markdownDescription": "Allow the use of regular expressions in the registration page path and the account creation path.", - "title": "EnableRegexInPath", - "type": "boolean" - }, - "RegistrationPagePath": { - "markdownDescription": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.\n\n> This page must accept `GET` text/html requests. \n\nFor example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` .", - "title": "RegistrationPagePath", + "Condition": { "type": "string" }, - "RequestInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP", - "markdownDescription": "The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.", - "title": "RequestInspection" - }, - "ResponseInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", - "markdownDescription": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.", - "title": "ResponseInspection" - } - }, - "required": [ - "CreationPath", - "RegistrationPagePath", - "RequestInspection" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { - "additionalProperties": false, - "properties": { - "EnableRegexInPath": { - "markdownDescription": "Allow the use of regular expressions in the login page path.", - "title": "EnableRegexInPath", - "type": "boolean" - }, - "LoginPath": { - "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", - "title": "LoginPath", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RequestInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspection", - "markdownDescription": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", - "title": "RequestInspection" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ResponseInspection": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", - "markdownDescription": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.", - "title": "ResponseInspection" - } - }, - "required": [ - "LoginPath" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet": { - "additionalProperties": false, - "properties": { - "EnableMachineLearning": { - "markdownDescription": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`", - "title": "EnableMachineLearning", - "type": "boolean" + "Metadata": { + "type": "object" }, - "InspectionLevel": { - "markdownDescription": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* .", - "title": "InspectionLevel", - "type": "string" - } - }, - "required": [ - "InspectionLevel" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AllowAction": { - "additionalProperties": false, - "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.AndStatement": { - "additionalProperties": false, - "properties": { - "Statements": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" - }, - "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", - "title": "Statements", - "type": "array" - } - }, - "required": [ - "Statements" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.AssociationConfig": { - "additionalProperties": false, - "properties": { - "RequestBody": { + "Properties": { "additionalProperties": false, - "markdownDescription": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig" + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "Configuration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AIAgentConfiguration", + "markdownDescription": "Configuration for the AI Agent.", + "title": "Configuration" + }, + "Description": { + "markdownDescription": "The description of the AI Agent.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Agent.", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "Type": { + "markdownDescription": "The type of the AI Agent.", + "title": "Type", + "type": "string" } }, - "title": "RequestBody", + "required": [ + "AssistantId", + "Configuration", + "Type" + ], "type": "object" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.BlockAction": { - "additionalProperties": false, - "properties": { - "CustomResponse": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponse", - "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomResponse" - } - }, - "type": "object" - }, - "AWS::WAFv2::WebACL.Body": { - "additionalProperties": false, - "properties": { - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", - "title": "OversizeHandling", + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIAgent" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ByteMatchStatement": { + "AWS::Wisdom::AIAgent.AIAgentConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" - }, - "PositionalConstraint": { - "markdownDescription": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request.", - "title": "PositionalConstraint", - "type": "string" - }, - "SearchString": { - "markdownDescription": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", - "title": "SearchString", - "type": "string" + "AnswerRecommendationAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AnswerRecommendationAIAgentConfiguration", + "markdownDescription": "The configuration for AI Agents of type `ANSWER_RECOMMENDATION` .", + "title": "AnswerRecommendationAIAgentConfiguration" }, - "SearchStringBase64": { - "markdownDescription": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", - "title": "SearchStringBase64", - "type": "string" + "ManualSearchAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.ManualSearchAIAgentConfiguration", + "markdownDescription": "The configuration for AI Agents of type `MANUAL_SEARCH` .", + "title": "ManualSearchAIAgentConfiguration" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" + "SelfServiceAIAgentConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.SelfServiceAIAgentConfiguration", + "markdownDescription": "The self-service AI agent configuration.", + "title": "SelfServiceAIAgentConfiguration" } }, - "required": [ - "FieldToMatch", - "PositionalConstraint", - "TextTransformations" - ], "type": "object" }, - "AWS::WAFv2::WebACL.CaptchaAction": { + "AWS::Wisdom::AIAgent.AnswerRecommendationAIAgentConfiguration": { "additionalProperties": false, "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" + "AnswerGenerationAIGuardrailId": { + "markdownDescription": "The ID of the answer generation AI guardrail.", + "title": "AnswerGenerationAIGuardrailId", + "type": "string" + }, + "AnswerGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Answer Generation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "AnswerGenerationAIPromptId", + "type": "string" + }, + "AssociationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" + }, + "markdownDescription": "The association configurations for overriding behavior on this AI Agent.", + "title": "AssociationConfigurations", + "type": "array" + }, + "IntentLabelingGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Intent Labeling prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "IntentLabelingGenerationAIPromptId", + "type": "string" + }, + "Locale": { + "markdownDescription": "The locale to which specifies the language and region settings that determine the response language for [QueryAssistant](https://docs.aws.amazon.com/connect/latest/APIReference/API_amazon-q-connect_QueryAssistant.html) .", + "title": "Locale", + "type": "string" + }, + "QueryReformulationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Query Reformulation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "QueryReformulationAIPromptId", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CaptchaConfig": { + "AWS::Wisdom::AIAgent.AssociationConfiguration": { "additionalProperties": false, "properties": { - "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", - "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", - "title": "ImmunityTimeProperty" + "AssociationConfigurationData": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfigurationData", + "markdownDescription": "A typed union of the data of the configuration for an Amazon Q in Connect Assistant Association.", + "title": "AssociationConfigurationData" + }, + "AssociationId": { + "markdownDescription": "The identifier of the association for this Association Configuration.", + "title": "AssociationId", + "type": "string" + }, + "AssociationType": { + "markdownDescription": "The type of the association for this Association Configuration.", + "title": "AssociationType", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ChallengeAction": { + "AWS::Wisdom::AIAgent.AssociationConfigurationData": { "additionalProperties": false, "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", - "title": "CustomRequestHandling" + "KnowledgeBaseAssociationConfigurationData": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.KnowledgeBaseAssociationConfigurationData", + "markdownDescription": "The data of the configuration for a `KNOWLEDGE_BASE` type Amazon Q in Connect Assistant Association.", + "title": "KnowledgeBaseAssociationConfigurationData" } }, + "required": [ + "KnowledgeBaseAssociationConfigurationData" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ChallengeConfig": { + "AWS::Wisdom::AIAgent.KnowledgeBaseAssociationConfigurationData": { "additionalProperties": false, "properties": { - "ImmunityTimeProperty": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", - "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", - "title": "ImmunityTimeProperty" + "ContentTagFilter": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagFilter", + "markdownDescription": "An object that can be used to specify Tag conditions.", + "title": "ContentTagFilter" + }, + "MaxResults": { + "markdownDescription": "The maximum number of results to return per page.", + "title": "MaxResults", + "type": "number" + }, + "OverrideKnowledgeBaseSearchType": { + "markdownDescription": "", + "title": "OverrideKnowledgeBaseSearchType", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CookieMatchPattern": { + "AWS::Wisdom::AIAgent.ManualSearchAIAgentConfiguration": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Inspect all cookies.", - "title": "All", - "type": "object" + "AnswerGenerationAIGuardrailId": { + "markdownDescription": "The ID of the answer generation AI guardrail.", + "title": "AnswerGenerationAIGuardrailId", + "type": "string" }, - "ExcludedCookies": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the cookies whose keys don't match any of the strings specified here.", - "title": "ExcludedCookies", - "type": "array" + "AnswerGenerationAIPromptId": { + "markdownDescription": "The AI Prompt identifier for the Answer Generation prompt used by the `ANSWER_RECOMMENDATION` AI Agent.", + "title": "AnswerGenerationAIPromptId", + "type": "string" }, - "IncludedCookies": { + "AssociationConfigurations": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" }, - "markdownDescription": "Inspect only the cookies that have a key that matches one of the strings specified here.", - "title": "IncludedCookies", + "markdownDescription": "The association configurations for overriding behavior on this AI Agent.", + "title": "AssociationConfigurations", "type": "array" + }, + "Locale": { + "markdownDescription": "The locale to which specifies the language and region settings that determine the response language for [QueryAssistant](https://docs.aws.amazon.com/connect/latest/APIReference/API_amazon-q-connect_QueryAssistant.html) .", + "title": "Locale", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.Cookies": { + "AWS::Wisdom::AIAgent.OrCondition": { "additionalProperties": false, "properties": { - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CookieMatchPattern", - "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", - "title": "MatchPattern" - }, - "MatchScope": { - "markdownDescription": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", - "type": "string" + "AndConditions": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition" + }, + "markdownDescription": "", + "title": "AndConditions", + "type": "array" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "OversizeHandling", - "type": "string" + "TagCondition": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition", + "markdownDescription": "A leaf node condition which can be used to specify a tag condition.", + "title": "TagCondition" } }, - "required": [ - "MatchPattern", - "MatchScope", - "OversizeHandling" - ], "type": "object" }, - "AWS::WAFv2::WebACL.CountAction": { + "AWS::Wisdom::AIAgent.SelfServiceAIAgentConfiguration": { "additionalProperties": false, "properties": { - "CustomRequestHandling": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", - "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", - "title": "CustomRequestHandling" + "AssociationConfigurations": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.AssociationConfiguration" + }, + "markdownDescription": "The association configuration of the self-service AI agent.", + "title": "AssociationConfigurations", + "type": "array" + }, + "SelfServiceAIGuardrailId": { + "markdownDescription": "The ID of the self-service AI guardrail.", + "title": "SelfServiceAIGuardrailId", + "type": "string" + }, + "SelfServiceAnswerGenerationAIPromptId": { + "markdownDescription": "The ID of the self-service answer generation AI prompt.", + "title": "SelfServiceAnswerGenerationAIPromptId", + "type": "string" + }, + "SelfServicePreProcessingAIPromptId": { + "markdownDescription": "The ID of the self-service preprocessing AI prompt.", + "title": "SelfServicePreProcessingAIPromptId", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.CustomHTTPHeader": { + "AWS::Wisdom::AIAgent.TagCondition": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` .", - "title": "Name", + "Key": { + "markdownDescription": "The tag key in the tag condition.", + "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "The value of the custom header.", + "markdownDescription": "The tag value in the tag condition.", "title": "Value", "type": "string" } }, "required": [ - "Name", - "Value" + "Key" ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomRequestHandling": { + "AWS::Wisdom::AIAgent.TagFilter": { "additionalProperties": false, "properties": { - "InsertHeaders": { + "AndConditions": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition" }, - "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "InsertHeaders", + "markdownDescription": "A list of conditions which would be applied together with an `AND` condition.", + "title": "AndConditions", + "type": "array" + }, + "OrConditions": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.OrCondition" + }, + "markdownDescription": "A list of conditions which would be applied together with an `OR` condition.", + "title": "OrConditions", "type": "array" + }, + "TagCondition": { + "$ref": "#/definitions/AWS::Wisdom::AIAgent.TagCondition", + "markdownDescription": "A leaf node condition which can be used to specify a tag condition.", + "title": "TagCondition" } }, - "required": [ - "InsertHeaders" - ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomResponse": { + "AWS::Wisdom::AIAgentVersion": { "additionalProperties": false, "properties": { - "CustomResponseBodyKey": { - "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", - "title": "CustomResponseBodyKey", + "Condition": { "type": "string" }, - "ResponseCode": { - "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseCode", - "type": "number" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "ResponseHeaders": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIAgentId": { + "markdownDescription": "The identifier of the AI Agent.", + "title": "AIAgentId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The time the AI Agent version was last modified in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } }, - "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "ResponseHeaders", - "type": "array" + "required": [ + "AIAgentId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIAgentVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "ResponseCode" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.CustomResponseBody": { + "AWS::Wisdom::AIGuardrail": { "additionalProperties": false, "properties": { - "Content": { - "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", - "title": "Content", + "Condition": { "type": "string" }, - "ContentType": { - "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", - "title": "ContentType", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "BlockedInputMessaging": { + "markdownDescription": "The message to return when the AI Guardrail blocks a prompt.", + "title": "BlockedInputMessaging", + "type": "string" + }, + "BlockedOutputsMessaging": { + "markdownDescription": "The message to return when the AI Guardrail blocks a model response.", + "title": "BlockedOutputsMessaging", + "type": "string" + }, + "ContentPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailContentPolicyConfig", + "markdownDescription": "Contains details about how to handle harmful content.", + "title": "ContentPolicyConfig" + }, + "ContextualGroundingPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailContextualGroundingPolicyConfig", + "markdownDescription": "The policy configuration details for the AI Guardrail's contextual grounding policy.", + "title": "ContextualGroundingPolicyConfig" + }, + "Description": { + "markdownDescription": "A description of the AI Guardrail.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Guardrail.", + "title": "Name", + "type": "string" + }, + "SensitiveInformationPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailSensitiveInformationPolicyConfig", + "markdownDescription": "Contains details about PII entities and regular expressions to configure for the AI Guardrail.", + "title": "SensitiveInformationPolicyConfig" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TopicPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailTopicPolicyConfig", + "markdownDescription": "Contains details about topics that the AI Guardrail should identify and deny.", + "title": "TopicPolicyConfig" + }, + "WordPolicyConfig": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.AIGuardrailWordPolicyConfig", + "markdownDescription": "Contains details about the word policy to configured for the AI Guardrail.", + "title": "WordPolicyConfig" + } + }, + "required": [ + "AssistantId", + "BlockedInputMessaging", + "BlockedOutputsMessaging" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIGuardrail" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Content", - "ContentType" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.DefaultAction": { + "AWS::Wisdom::AIGuardrail.AIGuardrailContentPolicyConfig": { "additionalProperties": false, "properties": { - "Allow": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", - "markdownDescription": "Specifies that AWS WAF should allow requests by default.", - "title": "Allow" - }, - "Block": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", - "markdownDescription": "Specifies that AWS WAF should block requests by default.", - "title": "Block" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailContentFilterConfig" + }, + "markdownDescription": "List of content filter configurations in a content policy.", + "title": "FiltersConfig", + "type": "array" } }, + "required": [ + "FiltersConfig" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ExcludedRule": { + "AWS::Wisdom::AIGuardrail.AIGuardrailContextualGroundingPolicyConfig": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the rule whose action you want to override to `Count` .", - "title": "Name", - "type": "string" + "FiltersConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailContextualGroundingFilterConfig" + }, + "markdownDescription": "List of contextual grounding filter configs.", + "title": "FiltersConfig", + "type": "array" } }, "required": [ - "Name" + "FiltersConfig" ], "type": "object" }, - "AWS::WAFv2::WebACL.FieldIdentifier": { + "AWS::Wisdom::AIGuardrail.AIGuardrailSensitiveInformationPolicyConfig": { "additionalProperties": false, "properties": { - "Identifier": { - "markdownDescription": "The name of the field.\n\nWhen the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nWhen the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` .\n\nFor more information, see the descriptions for each field type in the request inspection properties.", - "title": "Identifier", - "type": "string" + "PiiEntitiesConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailPiiEntityConfig" + }, + "markdownDescription": "List of entities.", + "title": "PiiEntitiesConfig", + "type": "array" + }, + "RegexesConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailRegexConfig" + }, + "markdownDescription": "List of regex.", + "title": "RegexesConfig", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Wisdom::AIGuardrail.AIGuardrailTopicPolicyConfig": { + "additionalProperties": false, + "properties": { + "TopicsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailTopicConfig" + }, + "markdownDescription": "List of topic configs in topic policy.", + "title": "TopicsConfig", + "type": "array" } }, "required": [ - "Identifier" + "TopicsConfig" ], "type": "object" }, - "AWS::WAFv2::WebACL.FieldToMatch": { + "AWS::Wisdom::AIGuardrail.AIGuardrailWordPolicyConfig": { "additionalProperties": false, "properties": { - "AllQueryArguments": { - "markdownDescription": "Inspect all query arguments.", - "title": "AllQueryArguments", - "type": "object" - }, - "Body": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Body", - "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", - "title": "Body" - }, - "Cookies": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Cookies", - "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", - "title": "Cookies" - }, - "Headers": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Headers", - "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", - "title": "Headers" - }, - "JA3Fingerprint": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JA3Fingerprint", - "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", - "title": "JA3Fingerprint" - }, - "JsonBody": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonBody", - "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", - "title": "JsonBody" - }, - "Method": { - "markdownDescription": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", - "title": "Method", - "type": "object" - }, - "QueryString": { - "markdownDescription": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.", - "title": "QueryString", - "type": "object" - }, - "SingleHeader": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleHeader", - "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", - "title": "SingleHeader" - }, - "SingleQueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleQueryArgument", - "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", - "title": "SingleQueryArgument" + "ManagedWordListsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailManagedWordsConfig" + }, + "markdownDescription": "A config for the list of managed words.", + "title": "ManagedWordListsConfig", + "type": "array" }, - "UriPath": { - "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", - "title": "UriPath", - "type": "object" + "WordsConfig": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail.GuardrailWordConfig" + }, + "markdownDescription": "List of custom word configurations.", + "title": "WordsConfig", + "type": "array" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ForwardedIPConfiguration": { + "AWS::Wisdom::AIGuardrail.GuardrailContentFilterConfig": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "InputStrength": { + "markdownDescription": "The strength of the input for the guardrail content filter.", + "title": "InputStrength", "type": "string" }, - "HeaderName": { - "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "HeaderName", + "OutputStrength": { + "markdownDescription": "The output strength of the guardrail content filter.", + "title": "OutputStrength", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of the guardrail content filter.", + "title": "Type", "type": "string" } }, "required": [ - "FallbackBehavior", - "HeaderName" + "InputStrength", + "OutputStrength", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.GeoMatchStatement": { + "AWS::Wisdom::AIGuardrail.GuardrailContextualGroundingFilterConfig": { "additionalProperties": false, "properties": { - "CountryCodes": { - "items": { - "type": "string" - }, - "markdownDescription": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.", - "title": "CountryCodes", - "type": "array" + "Threshold": { + "markdownDescription": "The threshold for this filter.", + "title": "Threshold", + "type": "number" }, - "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "ForwardedIPConfig" + "Type": { + "markdownDescription": "The type of this filter.", + "title": "Type", + "type": "string" } }, + "required": [ + "Threshold", + "Type" + ], "type": "object" }, - "AWS::WAFv2::WebACL.HeaderMatchPattern": { + "AWS::Wisdom::AIGuardrail.GuardrailManagedWordsConfig": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Inspect all headers.", - "title": "All", - "type": "object" - }, - "ExcludedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the headers whose keys don't match any of the strings specified here.", - "title": "ExcludedHeaders", - "type": "array" - }, - "IncludedHeaders": { - "items": { - "type": "string" - }, - "markdownDescription": "Inspect only the headers that have a key that matches one of the strings specified here.", - "title": "IncludedHeaders", - "type": "array" + "Type": { + "markdownDescription": "The type of guardrail managed words.", + "title": "Type", + "type": "string" } }, + "required": [ + "Type" + ], "type": "object" }, - "AWS::WAFv2::WebACL.Headers": { + "AWS::Wisdom::AIGuardrail.GuardrailPiiEntityConfig": { "additionalProperties": false, "properties": { - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.HeaderMatchPattern", - "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", - "title": "MatchPattern" - }, - "MatchScope": { - "markdownDescription": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", + "Action": { + "markdownDescription": "The action of guardrail PII entity configuration.", + "title": "Action", "type": "string" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "OversizeHandling", + "Type": { + "markdownDescription": "", + "title": "Type", "type": "string" } }, "required": [ - "MatchPattern", - "MatchScope", - "OversizeHandling" + "Action", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration": { + "AWS::Wisdom::AIGuardrail.GuardrailRegexConfig": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "Action": { + "markdownDescription": "The action of the guardrail regex configuration.", + "title": "Action", "type": "string" }, - "HeaderName": { - "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "HeaderName", + "Description": { + "markdownDescription": "The regex description.", + "title": "Description", "type": "string" }, - "Position": { - "markdownDescription": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10.", - "title": "Position", + "Name": { + "markdownDescription": "A regex configuration.", + "title": "Name", + "type": "string" + }, + "Pattern": { + "markdownDescription": "The regex pattern.", + "title": "Pattern", "type": "string" } }, "required": [ - "FallbackBehavior", - "HeaderName", - "Position" + "Action", + "Name", + "Pattern" ], "type": "object" }, - "AWS::WAFv2::WebACL.IPSetReferenceStatement": { + "AWS::Wisdom::AIGuardrail.GuardrailTopicConfig": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references.", - "title": "Arn", + "Definition": { + "markdownDescription": "Definition of topic in topic policy.", + "title": "Definition", "type": "string" }, - "IPSetForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", - "title": "IPSetForwardedIPConfig" + "Examples": { + "items": { + "type": "string" + }, + "markdownDescription": "Text example in topic policy.", + "title": "Examples", + "type": "array" + }, + "Name": { + "markdownDescription": "Name of topic in topic policy.", + "title": "Name", + "type": "string" + }, + "Type": { + "markdownDescription": "Type of topic in a policy.", + "title": "Type", + "type": "string" } }, "required": [ - "Arn" + "Definition", + "Name", + "Type" ], "type": "object" }, - "AWS::WAFv2::WebACL.ImmunityTimeProperty": { + "AWS::Wisdom::AIGuardrail.GuardrailWordConfig": { "additionalProperties": false, "properties": { - "ImmunityTime": { - "markdownDescription": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300.", - "title": "ImmunityTime", - "type": "number" + "Text": { + "markdownDescription": "The custom word text.", + "title": "Text", + "type": "string" } }, "required": [ - "ImmunityTime" + "Text" ], "type": "object" }, - "AWS::WAFv2::WebACL.JA3Fingerprint": { + "AWS::Wisdom::AIGuardrailVersion": { "additionalProperties": false, "properties": { - "FallbackBehavior": { - "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", - "title": "FallbackBehavior", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIGuardrailId": { + "markdownDescription": "The ID of the AI guardrail version.", + "title": "AIGuardrailId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The ID of the AI guardrail version assistant.", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The modified time of the AI guardrail version in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } + }, + "required": [ + "AIGuardrailId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIGuardrailVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "FallbackBehavior" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.JsonBody": { + "AWS::Wisdom::AIPrompt": { "additionalProperties": false, "properties": { - "InvalidFallbackBehavior": { - "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", - "title": "InvalidFallbackBehavior", + "Condition": { "type": "string" }, - "MatchPattern": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonMatchPattern", - "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", - "title": "MatchPattern" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "MatchScope": { - "markdownDescription": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", - "title": "MatchScope", + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApiFormat": { + "markdownDescription": "The API format used for this AI Prompt.", + "title": "ApiFormat", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the AI Prompt.", + "title": "Description", + "type": "string" + }, + "ModelId": { + "markdownDescription": "The identifier of the model used for this AI Prompt. The following model Ids are supported:\n\n- `anthropic.claude-3-haiku--v1:0`\n- `apac.amazon.nova-lite-v1:0`\n- `apac.amazon.nova-micro-v1:0`\n- `apac.amazon.nova-pro-v1:0`\n- `apac.anthropic.claude-3-5-sonnet--v2:0`\n- `apac.anthropic.claude-3-haiku-20240307-v1:0`\n- `eu.amazon.nova-lite-v1:0`\n- `eu.amazon.nova-micro-v1:0`\n- `eu.amazon.nova-pro-v1:0`\n- `eu.anthropic.claude-3-7-sonnet-20250219-v1:0`\n- `eu.anthropic.claude-3-haiku-20240307-v1:0`\n- `us.amazon.nova-lite-v1:0`\n- `us.amazon.nova-micro-v1:0`\n- `us.amazon.nova-pro-v1:0`\n- `us.anthropic.claude-3-5-haiku-20241022-v1:0`\n- `us.anthropic.claude-3-7-sonnet-20250219-v1:0`\n- `us.anthropic.claude-3-haiku-20240307-v1:0`", + "title": "ModelId", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the AI Prompt", + "title": "Name", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + }, + "TemplateConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt.AIPromptTemplateConfiguration", + "markdownDescription": "The configuration of the prompt template for this AI Prompt.", + "title": "TemplateConfiguration" + }, + "TemplateType": { + "markdownDescription": "The type of the prompt template for this AI Prompt.", + "title": "TemplateType", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of this AI Prompt.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "ApiFormat", + "ModelId", + "TemplateConfiguration", + "TemplateType", + "Type" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIPrompt" + ], "type": "string" }, - "OversizeHandling": { - "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n- For AWS Amplify , use the CloudFront limit.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", - "title": "OversizeHandling", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "MatchPattern", - "MatchScope" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.JsonMatchPattern": { + "AWS::Wisdom::AIPrompt.AIPromptTemplateConfiguration": { "additionalProperties": false, "properties": { - "All": { - "markdownDescription": "Match all of the elements. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nYou must specify either this setting or the `IncludedPaths` setting, but not both.", - "title": "All", - "type": "object" - }, - "IncludedPaths": { - "items": { - "type": "string" - }, - "markdownDescription": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n> Don't use this option to include all paths. Instead, use the `All` setting.", - "title": "IncludedPaths", - "type": "array" + "TextFullAIPromptEditTemplateConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt.TextFullAIPromptEditTemplateConfiguration", + "markdownDescription": "The configuration for a prompt template that supports full textual prompt configuration using a YAML prompt.", + "title": "TextFullAIPromptEditTemplateConfiguration" } }, + "required": [ + "TextFullAIPromptEditTemplateConfiguration" + ], "type": "object" }, - "AWS::WAFv2::WebACL.Label": { + "AWS::Wisdom::AIPrompt.TextFullAIPromptEditTemplateConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The label string.", - "title": "Name", + "Text": { + "markdownDescription": "The YAML text for the AI Prompt template.", + "title": "Text", "type": "string" } }, "required": [ - "Name" + "Text" ], "type": "object" }, - "AWS::WAFv2::WebACL.LabelMatchStatement": { + "AWS::Wisdom::AIPromptVersion": { "additionalProperties": false, "properties": { - "Key": { - "markdownDescription": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` .", - "title": "Key", + "Condition": { "type": "string" }, - "Scope": { - "markdownDescription": "Specify whether you want to match using the label name or just the namespace.", - "title": "Scope", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AIPromptId": { + "markdownDescription": "The identifier of the Amazon Q in Connect AI prompt.", + "title": "AIPromptId", + "type": "string" + }, + "AssistantId": { + "markdownDescription": "The identifier of the Amazon Q in Connect assistant. Can be either the ID or the ARN. URLs cannot contain the ARN.", + "title": "AssistantId", + "type": "string" + }, + "ModifiedTimeSeconds": { + "markdownDescription": "The time the AI Prompt version was last modified in seconds.", + "title": "ModifiedTimeSeconds", + "type": "number" + } + }, + "required": [ + "AIPromptId", + "AssistantId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::AIPromptVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Key", - "Scope" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { + "AWS::Wisdom::Assistant": { "additionalProperties": false, "properties": { - "AWSManagedRulesACFPRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet", - "markdownDescription": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesACFPRuleSet" + "Condition": { + "type": "string" }, - "AWSManagedRulesATPRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", - "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesATPRuleSet" + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" }, - "AWSManagedRulesBotControlRuleSet": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet", - "markdownDescription": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", - "title": "AWSManagedRulesBotControlRuleSet" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "LoginPath": { - "markdownDescription": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", - "title": "LoginPath", - "type": "string" + "Metadata": { + "type": "object" }, - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "PasswordField" + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the assistant.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the assistant.", + "title": "Name", + "type": "string" + }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration", + "markdownDescription": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) .", + "title": "ServerSideEncryptionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "Type": { + "markdownDescription": "The type of assistant.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" }, - "PayloadType": { - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "PayloadType", + "Type": { + "enum": [ + "AWS::Wisdom::Assistant" + ], "type": "string" }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", - "title": "UsernameField" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::WAFv2::WebACL.ManagedRuleGroupStatement": { + "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "ExcludedRules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" - }, - "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", - "title": "ExcludedRules", - "type": "array" - }, - "ManagedRuleGroupConfigs": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupConfig" - }, - "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesAntiDDoSRuleSet` configuration object to configure the anti-DDoS managed rule group. The configuration includes the sensitivity levels to use in the rules that typically block and challenge requests that might be participating in DDoS attacks and the specification to use to indicate whether a request can handle a silent browser challenge.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", - "title": "ManagedRuleGroupConfigs", - "type": "array" + "KmsKeyId": { + "markdownDescription": "The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "KmsKeyId", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Wisdom::AssistantAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" }, - "Name": { - "markdownDescription": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "RuleActionOverrides": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" - }, - "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", - "title": "RuleActionOverrides", - "type": "array" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", - "title": "ScopeDownStatement" + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AssistantId": { + "markdownDescription": "The identifier of the Wisdom assistant.", + "title": "AssistantId", + "type": "string" + }, + "Association": { + "$ref": "#/definitions/AWS::Wisdom::AssistantAssociation.AssociationData", + "markdownDescription": "The identifier of the associated resource.", + "title": "Association" + }, + "AssociationType": { + "markdownDescription": "The type of association.", + "title": "AssociationType", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AssistantId", + "Association", + "AssociationType" + ], + "type": "object" }, - "VendorName": { - "markdownDescription": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.", - "title": "VendorName", + "Type": { + "enum": [ + "AWS::Wisdom::AssistantAssociation" + ], "type": "string" }, - "Version": { - "markdownDescription": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.", - "title": "Version", + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "Name", - "VendorName" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.NotStatement": { - "additionalProperties": false, - "properties": { - "Statement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "The statement to negate. You can use any statement that can be nested.", - "title": "Statement" - } - }, - "required": [ - "Statement" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.OrStatement": { + "AWS::Wisdom::AssistantAssociation.AssociationData": { "additionalProperties": false, "properties": { - "Statements": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" - }, - "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", - "title": "Statements", - "type": "array" + "KnowledgeBaseId": { + "markdownDescription": "The identifier of the knowledge base.", + "title": "KnowledgeBaseId", + "type": "string" } }, "required": [ - "Statements" + "KnowledgeBaseId" ], "type": "object" }, - "AWS::WAFv2::WebACL.OverrideAction": { + "AWS::Wisdom::KnowledgeBase": { "additionalProperties": false, "properties": { - "Count": { - "markdownDescription": "Override the rule group evaluation result to count only.\n\n> This option is usually set to none. It does not affect how the rules in the rule group are evaluated. If you want the rules in the rule group to only count matches, do not use this and instead use the rule action override option, with `Count` action, in your rule group reference statement settings.", - "title": "Count", + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { "type": "object" }, - "None": { - "markdownDescription": "Don't override the rule group evaluation result. This is the most common setting.", - "title": "None", + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description.", + "title": "Description", + "type": "string" + }, + "KnowledgeBaseType": { + "markdownDescription": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically.", + "title": "KnowledgeBaseType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the knowledge base.", + "title": "Name", + "type": "string" + }, + "RenderingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.RenderingConfiguration", + "markdownDescription": "Information about how to render the content.", + "title": "RenderingConfiguration" + }, + "ServerSideEncryptionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration", + "markdownDescription": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "title": "ServerSideEncryptionConfiguration" + }, + "SourceConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SourceConfiguration", + "markdownDescription": "The source of the knowledge base content. Only set this argument for EXTERNAL or Managed knowledge bases.", + "title": "SourceConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + }, + "VectorIngestionConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.VectorIngestionConfiguration", + "markdownDescription": "Contains details about how to ingest the documents in a data source.", + "title": "VectorIngestionConfiguration" + } + }, + "required": [ + "KnowledgeBaseType", + "Name" + ], "type": "object" + }, + "Type": { + "enum": [ + "AWS::Wisdom::KnowledgeBase" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, + "required": [ + "Type", + "Properties" + ], "type": "object" }, - "AWS::WAFv2::WebACL.RateBasedStatement": { + "AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration": { "additionalProperties": false, "properties": { - "AggregateKeyType": { - "markdownDescription": "Setting that indicates how to aggregate the request counts.\n\n> Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` .", - "title": "AggregateKeyType", + "AppIntegrationArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the AppIntegrations DataIntegration to use for ingesting content.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` as source fields.\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` as source fields.\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , your AppIntegrations DataIntegration must have an ObjectConfiguration if `objectFields` is not provided, including at least `id` , `title` , `updated_at` , and `draft` as source fields.\n- For [SharePoint](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-net-server-csom-jsom-and-rest-api-index) , your AppIntegrations DataIntegration must have a FileConfiguration, including only file extensions that are among `docx` , `pdf` , `html` , `htm` , and `txt` .\n- For [Amazon S3](https://docs.aws.amazon.com/s3/) , the ObjectConfiguration and FileConfiguration of your AppIntegrations DataIntegration must be null. The `SourceURI` of your DataIntegration must use the following format: `s3://your_s3_bucket_name` .\n\n> The bucket policy of the corresponding S3 bucket must allow the AWS principal `app-integrations.amazonaws.com` to perform `s3:ListBucket` , `s3:GetObject` , and `s3:GetBucketLocation` against the bucket.", + "title": "AppIntegrationArn", "type": "string" }, - "CustomKeys": { + "ObjectFields": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" + "type": "string" }, - "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", - "title": "CustomKeys", + "markdownDescription": "The fields from the source that are made available to your agents in Amazon Q in Connect. Optional if ObjectConfiguration is included in the provided DataIntegration.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , you must include at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` .\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , you must include at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` .\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , you must include at least `id` , `title` , `updated_at` , and `draft` .\n\nMake sure to include additional fields. These fields are indexed and used to source recommendations.", + "title": "ObjectFields", "type": "array" - }, - "EvaluationWindowSec": { - "markdownDescription": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)", - "title": "EvaluationWindowSec", - "type": "number" - }, - "ForwardedIPConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", - "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", - "title": "ForwardedIPConfig" - }, - "Limit": { - "markdownDescription": "The limit on requests during the specified evaluation window for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair.", - "title": "Limit", - "type": "number" - }, - "ScopeDownStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", - "title": "ScopeDownStatement" } }, "required": [ - "AggregateKeyType", - "Limit" + "AppIntegrationArn" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { + "AWS::Wisdom::KnowledgeBase.BedrockFoundationModelConfiguration": { "additionalProperties": false, "properties": { - "Cookie": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie", - "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", - "title": "Cookie" - }, - "ForwardedIP": { - "markdownDescription": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", - "title": "ForwardedIP", - "type": "object" - }, - "HTTPMethod": { - "markdownDescription": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", - "title": "HTTPMethod", - "type": "object" - }, - "Header": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader", - "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", - "title": "Header" - }, - "IP": { - "markdownDescription": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` .", - "title": "IP", - "type": "object" - }, - "LabelNamespace": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace", - "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", - "title": "LabelNamespace" - }, - "QueryArgument": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument", - "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", - "title": "QueryArgument" - }, - "QueryString": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString", - "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", - "title": "QueryString" + "ModelArn": { + "markdownDescription": "The model ARN of the Bedrock foundation model.", + "title": "ModelArn", + "type": "string" }, - "UriPath": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath", - "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", - "title": "UriPath" + "ParsingPrompt": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ParsingPrompt", + "markdownDescription": "The parsing prompt of the Bedrock foundation model configuration.", + "title": "ParsingPrompt" } }, + "required": [ + "ModelArn" + ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitCookie": { + "AWS::Wisdom::KnowledgeBase.ChunkingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the cookie to use.", - "title": "Name", + "ChunkingStrategy": { + "markdownDescription": "Knowledge base can split your source data into chunks. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.", + "title": "ChunkingStrategy", "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "FixedSizeChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.FixedSizeChunkingConfiguration", + "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", + "title": "FixedSizeChunkingConfiguration" + }, + "HierarchicalChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.HierarchicalChunkingConfiguration", + "markdownDescription": "Settings for hierarchical document chunking for a data source. Hierarchical chunking splits documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.", + "title": "HierarchicalChunkingConfiguration" + }, + "SemanticChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SemanticChunkingConfiguration", + "markdownDescription": "Settings for semantic document chunking for a data source. Semantic chunking splits a document into smaller documents based on groups of similar content derived from the text with natural language processing.", + "title": "SemanticChunkingConfiguration" } }, "required": [ - "Name", - "TextTransformations" + "ChunkingStrategy" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitHeader": { + "AWS::Wisdom::KnowledgeBase.CrawlerLimits": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the header to use.", - "title": "Name", - "type": "string" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "RateLimit": { + "markdownDescription": "The limit rate at which the crawler is configured.", + "title": "RateLimit", + "type": "number" } }, - "required": [ - "Name", - "TextTransformations" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { + "AWS::Wisdom::KnowledgeBase.FixedSizeChunkingConfiguration": { "additionalProperties": false, "properties": { - "Namespace": { - "markdownDescription": "The namespace to use for aggregation.", - "title": "Namespace", - "type": "string" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens to include in a chunk.", + "title": "MaxTokens", + "type": "number" + }, + "OverlapPercentage": { + "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", + "title": "OverlapPercentage", + "type": "number" } }, "required": [ - "Namespace" + "MaxTokens", + "OverlapPercentage" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitQueryArgument": { + "AWS::Wisdom::KnowledgeBase.HierarchicalChunkingConfiguration": { "additionalProperties": false, "properties": { - "Name": { - "markdownDescription": "The name of the query argument to use.", - "title": "Name", - "type": "string" - }, - "TextTransformations": { + "LevelConfigurations": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.HierarchicalChunkingLevelConfiguration" }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", + "markdownDescription": "Token settings for each layer.", + "title": "LevelConfigurations", "type": "array" + }, + "OverlapTokens": { + "markdownDescription": "The number of tokens to repeat across chunks in the same layer.", + "title": "OverlapTokens", + "type": "number" } }, "required": [ - "Name", - "TextTransformations" + "LevelConfigurations", + "OverlapTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitQueryString": { + "AWS::Wisdom::KnowledgeBase.HierarchicalChunkingLevelConfiguration": { "additionalProperties": false, "properties": { - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain in this layer.", + "title": "MaxTokens", + "type": "number" } }, "required": [ - "TextTransformations" + "MaxTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.RateLimitUriPath": { + "AWS::Wisdom::KnowledgeBase.ManagedSourceConfiguration": { "additionalProperties": false, "properties": { - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", - "title": "TextTransformations", - "type": "array" + "WebCrawlerConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.WebCrawlerConfiguration", + "markdownDescription": "Configuration data for web crawler data source.", + "title": "WebCrawlerConfiguration" } }, "required": [ - "TextTransformations" + "WebCrawlerConfiguration" ], "type": "object" }, - "AWS::WAFv2::WebACL.RegexMatchStatement": { + "AWS::Wisdom::KnowledgeBase.ParsingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "BedrockFoundationModelConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.BedrockFoundationModelConfiguration", + "markdownDescription": "Settings for a foundation model used to parse documents for a data source.", + "title": "BedrockFoundationModelConfiguration" }, - "RegexString": { - "markdownDescription": "The string representing the regular expression.", - "title": "RegexString", + "ParsingStrategy": { + "markdownDescription": "The parsing strategy for the data source.", + "title": "ParsingStrategy", "type": "string" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" } }, "required": [ - "FieldToMatch", - "RegexString", - "TextTransformations" + "ParsingStrategy" ], "type": "object" }, - "AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement": { + "AWS::Wisdom::KnowledgeBase.ParsingPrompt": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references.", - "title": "Arn", + "ParsingPromptText": { + "markdownDescription": "Instructions for interpreting the contents of a document.", + "title": "ParsingPromptText", "type": "string" - }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" - }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" } }, "required": [ - "Arn", - "FieldToMatch", - "TextTransformations" + "ParsingPromptText" ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig": { + "AWS::Wisdom::KnowledgeBase.RenderingConfiguration": { "additionalProperties": false, "properties": { - "DefaultSizeInspectionLimit": { - "markdownDescription": "Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 bytes)`", - "title": "DefaultSizeInspectionLimit", + "TemplateUri": { + "markdownDescription": "A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following:\n\n- Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted`\n- ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active`\n- Zendesk: `id` , `title` , `updated_at` , or `draft`\n\nThe variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) .", + "title": "TemplateUri", "type": "string" } }, - "required": [ - "DefaultSizeInspectionLimit" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestInspection": { + "AWS::Wisdom::KnowledgeBase.SeedUrl": { "additionalProperties": false, "properties": { - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", - "title": "PasswordField" - }, - "PayloadType": { - "markdownDescription": "The payload type for your login endpoint, either JSON or form encoded.", - "title": "PayloadType", + "Url": { + "markdownDescription": "URL for crawling", + "title": "Url", "type": "string" - }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", - "title": "UsernameField" } }, - "required": [ - "PasswordField", - "PayloadType", - "UsernameField" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RequestInspectionACFP": { + "AWS::Wisdom::KnowledgeBase.SemanticChunkingConfiguration": { "additionalProperties": false, "properties": { - "AddressFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" - }, - "markdownDescription": "The names of the fields in the request payload that contain your customer's primary physical address.\n\nOrder the address fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the address fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` .", - "title": "AddressFields", - "type": "array" - }, - "EmailField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's email.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"email\": \"THE_EMAIL\" } }` , the email field specification is `/form/email` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `email1` , the email field specification is `email1` .", - "title": "EmailField" - }, - "PasswordField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", - "title": "PasswordField" - }, - "PayloadType": { - "markdownDescription": "The payload type for your account creation endpoint, either JSON or form encoded.", - "title": "PayloadType", - "type": "string" + "BreakpointPercentileThreshold": { + "markdownDescription": "The dissimilarity threshold for splitting chunks.", + "title": "BreakpointPercentileThreshold", + "type": "number" }, - "PhoneNumberFields": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" - }, - "markdownDescription": "The names of the fields in the request payload that contain your customer's primary phone number.\n\nOrder the phone number fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the phone number fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` .", - "title": "PhoneNumberFields", - "type": "array" + "BufferSize": { + "markdownDescription": "The buffer size.", + "title": "BufferSize", + "type": "number" }, - "UsernameField": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", - "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", - "title": "UsernameField" + "MaxTokens": { + "markdownDescription": "The maximum number of tokens that a chunk can contain.", + "title": "MaxTokens", + "type": "number" } }, "required": [ - "PayloadType" + "BreakpointPercentileThreshold", + "BufferSize", + "MaxTokens" ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspection": { + "AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { - "BodyContains": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionBodyContains", - "markdownDescription": "Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.", - "title": "BodyContains" - }, - "Header": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionHeader", - "markdownDescription": "Configures inspection of the response header for success and failure indicators.", - "title": "Header" - }, - "Json": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionJson", - "markdownDescription": "Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.", - "title": "Json" - }, - "StatusCode": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionStatusCode", - "markdownDescription": "Configures inspection of the response status code for success and failure indicators.", - "title": "StatusCode" + "KmsKeyId": { + "markdownDescription": "The customer managed key used for encryption.\n\nThis customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom.\n\nFor more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) .", + "title": "KmsKeyId", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionBodyContains": { + "AWS::Wisdom::KnowledgeBase.SourceConfiguration": { "additionalProperties": false, "properties": { - "FailureStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Request failed\" ]`", - "title": "FailureStrings", - "type": "array" + "AppIntegrations": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration", + "markdownDescription": "Configuration information for Amazon AppIntegrations to automatically ingest content.", + "title": "AppIntegrations" }, - "SuccessStrings": { - "items": { - "type": "string" - }, - "markdownDescription": "Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON examples: `\"SuccessStrings\": [ \"Login successful\" ]` and `\"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]`", - "title": "SuccessStrings", - "type": "array" + "ManagedSourceConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ManagedSourceConfiguration", + "markdownDescription": "Source configuration for managed resources.", + "title": "ManagedSourceConfiguration" } }, - "required": [ - "FailureStrings", - "SuccessStrings" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionHeader": { + "AWS::Wisdom::KnowledgeBase.UrlConfiguration": { "additionalProperties": false, "properties": { - "FailureValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]` and `\"FailureValues\": [ \"AccountCreationFailed\" ]`", - "title": "FailureValues", - "type": "array" - }, - "Name": { - "markdownDescription": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"RequestResult\" ]`", - "title": "Name", - "type": "string" - }, - "SuccessValues": { + "SeedUrls": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SeedUrl" }, - "markdownDescription": "Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]` and `\"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]`", - "title": "SuccessValues", + "markdownDescription": "List of URLs for crawling.", + "title": "SeedUrls", "type": "array" } }, - "required": [ - "FailureValues", - "Name", - "SuccessValues" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionJson": { + "AWS::Wisdom::KnowledgeBase.VectorIngestionConfiguration": { "additionalProperties": false, "properties": { - "FailureValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`", - "title": "FailureValues", - "type": "array" - }, - "Identifier": { - "markdownDescription": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON examples: `\"Identifier\": [ \"/login/success\" ]` and `\"Identifier\": [ \"/sign-up/success\" ]`", - "title": "Identifier", - "type": "string" + "ChunkingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ChunkingConfiguration", + "markdownDescription": "Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", + "title": "ChunkingConfiguration" }, - "SuccessValues": { - "items": { - "type": "string" - }, - "markdownDescription": "Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`", - "title": "SuccessValues", - "type": "array" + "ParsingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ParsingConfiguration", + "markdownDescription": "A custom parser for data source documents.", + "title": "ParsingConfiguration" } }, - "required": [ - "FailureValues", - "Identifier", - "SuccessValues" - ], "type": "object" }, - "AWS::WAFv2::WebACL.ResponseInspectionStatusCode": { + "AWS::Wisdom::KnowledgeBase.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { - "FailureCodes": { + "CrawlerLimits": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.CrawlerLimits", + "markdownDescription": "The configuration of crawl limits for the web URLs.", + "title": "CrawlerLimits" + }, + "ExclusionFilters": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`", - "title": "FailureCodes", + "markdownDescription": "A list of one or more exclusion regular expression patterns to exclude certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "ExclusionFilters", "type": "array" }, - "SuccessCodes": { + "InclusionFilters": { "items": { - "type": "number" + "type": "string" }, - "markdownDescription": "Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`", - "title": "SuccessCodes", + "markdownDescription": "A list of one or more inclusion regular expression patterns to include certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn\u2019t crawled.", + "title": "InclusionFilters", "type": "array" + }, + "Scope": { + "markdownDescription": "The scope of what is crawled for your URLs. You can choose to crawl only web pages that belong to the same host or primary domain. For example, only web pages that contain the seed URL `https://docs.aws.amazon.com/bedrock/latest/userguide/` and no other domains. You can choose to include sub domains in addition to the host or primary domain. For example, web pages that contain `aws.amazon.com` can also include sub domain `docs.aws.amazon.com` .", + "title": "Scope", + "type": "string" + }, + "UrlConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.UrlConfiguration", + "markdownDescription": "The configuration of the URL/URLs for the web content that you want to crawl. You should be authorized to crawl the URLs.", + "title": "UrlConfiguration" } }, "required": [ - "FailureCodes", - "SuccessCodes" + "UrlConfiguration" ], "type": "object" }, - "AWS::WAFv2::WebACL.Rule": { + "AWS::Wisdom::MessageTemplate": { "additionalProperties": false, "properties": { - "Action": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", - "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting.\n\nThis is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nYou must set either this `Action` setting or the rule's `OverrideAction` , but not both:\n\n- If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting.\n- If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group.", - "title": "Action" - }, - "CaptchaConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", - "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", - "title": "CaptchaConfig" - }, - "ChallengeConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", - "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", - "title": "ChallengeConfig" + "Condition": { + "type": "string" }, - "Name": { - "markdownDescription": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name.", - "title": "Name", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "OverrideAction": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.OverrideAction", - "markdownDescription": "The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nSet the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.\n\nYou must set either this `OverrideAction` setting or the `Action` setting, but not both:\n\n- If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting.\n- If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting.", - "title": "OverrideAction" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Priority": { - "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", - "title": "Priority", - "type": "number" + "Metadata": { + "type": "object" }, - "RuleLabels": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Label" + "Properties": { + "additionalProperties": false, + "properties": { + "ChannelSubtype": { + "markdownDescription": "The channel subtype this message template applies to.", + "title": "ChannelSubtype", + "type": "string" + }, + "Content": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.Content", + "markdownDescription": "The content of the message template.", + "title": "Content" + }, + "DefaultAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateAttributes", + "markdownDescription": "An object that specifies the default values to use for variables in the message template. This object contains different categories of key-value pairs. Each key defines a variable or placeholder in the message template. The corresponding value defines the default value for that variable.", + "title": "DefaultAttributes" + }, + "Description": { + "markdownDescription": "The description of the message template.", + "title": "Description", + "type": "string" + }, + "GroupingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.GroupingConfiguration", + "markdownDescription": "The configuration information of the external data source.", + "title": "GroupingConfiguration" + }, + "KnowledgeBaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the knowledge base.", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "Language": { + "markdownDescription": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "title": "Language", + "type": "string" + }, + "MessageTemplateAttachments": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateAttachment" + }, + "markdownDescription": "List of message template attachments.", + "title": "MessageTemplateAttachments", + "type": "array" + }, + "Name": { + "markdownDescription": "The name of the message template.", + "title": "Name", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags used to organize, track, or control access for this resource.", + "title": "Tags", + "type": "array" + } }, - "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\n> Any rule that isn't a rule group reference statement or managed rule group statement can add labels to matching web requests. \n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", - "title": "RuleLabels", - "type": "array" + "required": [ + "ChannelSubtype", + "Content", + "KnowledgeBaseArn", + "Name" + ], + "type": "object" }, - "Statement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", - "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", - "title": "Statement" + "Type": { + "enum": [ + "AWS::Wisdom::MessageTemplate" + ], + "type": "string" }, - "VisibilityConfig": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", - "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", - "title": "VisibilityConfig" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "Priority", - "Statement", - "VisibilityConfig" + "Type", + "Properties" ], "type": "object" }, - "AWS::WAFv2::WebACL.RuleAction": { + "AWS::Wisdom::MessageTemplate.AgentAttributes": { "additionalProperties": false, "properties": { - "Allow": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", - "markdownDescription": "Instructs AWS WAF to allow the web request.", - "title": "Allow" - }, - "Block": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", - "markdownDescription": "Instructs AWS WAF to block the web request.", - "title": "Block" - }, - "Captcha": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaAction", - "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", - "title": "Captcha" - }, - "Challenge": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeAction", - "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", - "title": "Challenge" + "FirstName": { + "markdownDescription": "The agent\u2019s first name as entered in their Amazon Connect user account.", + "title": "FirstName", + "type": "string" }, - "Count": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.CountAction", - "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", - "title": "Count" + "LastName": { + "markdownDescription": "The agent\u2019s last name as entered in their Amazon Connect user account.", + "title": "LastName", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.RuleActionOverride": { + "AWS::Wisdom::MessageTemplate.Content": { "additionalProperties": false, "properties": { - "ActionToUse": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", - "markdownDescription": "The override action to use, in place of the configured action of the rule in the rule group.", - "title": "ActionToUse" + "EmailMessageTemplateContent": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateContent", + "markdownDescription": "The content of the message template that applies to the email channel subtype.", + "title": "EmailMessageTemplateContent" }, - "Name": { - "markdownDescription": "The name of the rule to override.", - "title": "Name", - "type": "string" + "SmsMessageTemplateContent": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SmsMessageTemplateContent", + "markdownDescription": "The content of message template that applies to SMS channel subtype.", + "title": "SmsMessageTemplateContent" } }, - "required": [ - "ActionToUse", - "Name" - ], "type": "object" }, - "AWS::WAFv2::WebACL.RuleGroupReferenceStatement": { + "AWS::Wisdom::MessageTemplate.CustomerProfileAttributes": { "additionalProperties": false, "properties": { - "Arn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the entity.", - "title": "Arn", + "AccountNumber": { + "markdownDescription": "A unique account number that you have given to the customer.", + "title": "AccountNumber", "type": "string" }, - "ExcludedRules": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" - }, - "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", - "title": "ExcludedRules", - "type": "array" + "AdditionalInformation": { + "markdownDescription": "Any additional information relevant to the customer's profile.", + "title": "AdditionalInformation", + "type": "string" }, - "RuleActionOverrides": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" - }, - "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\n> Verify the rule names in your overrides carefully. With managed rule groups, AWS WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group. \n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", - "title": "RuleActionOverrides", - "type": "array" - } - }, - "required": [ - "Arn" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SingleHeader": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the query header to inspect.", - "title": "Name", + "Address1": { + "markdownDescription": "The first line of a customer address.", + "title": "Address1", "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SingleQueryArgument": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the query argument to inspect.", - "title": "Name", + }, + "Address2": { + "markdownDescription": "The second line of a customer address.", + "title": "Address2", "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SizeConstraintStatement": { - "additionalProperties": false, - "properties": { - "ComparisonOperator": { - "markdownDescription": "The operator to use to compare the request part to the size setting.", - "title": "ComparisonOperator", + }, + "Address3": { + "markdownDescription": "The third line of a customer address.", + "title": "Address3", "type": "string" }, - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "Address4": { + "markdownDescription": "The fourth line of a customer address.", + "title": "Address4", + "type": "string" }, - "Size": { - "markdownDescription": "The size, in byte, to compare to the request part, after any transformations.", - "title": "Size", - "type": "number" + "BillingAddress1": { + "markdownDescription": "The first line of a customer\u2019s billing address.", + "title": "BillingAddress1", + "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" - }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" - } - }, - "required": [ - "ComparisonOperator", - "FieldToMatch", - "Size", - "TextTransformations" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.SqliMatchStatement": { - "additionalProperties": false, - "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "BillingAddress2": { + "markdownDescription": "The second line of a customer\u2019s billing address.", + "title": "BillingAddress2", + "type": "string" }, - "SensitivityLevel": { - "markdownDescription": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`", - "title": "SensitivityLevel", + "BillingAddress3": { + "markdownDescription": "The third line of a customer\u2019s billing address.", + "title": "BillingAddress3", "type": "string" }, - "TextTransformations": { - "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "BillingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s billing address.", + "title": "BillingAddress4", + "type": "string" + }, + "BillingCity": { + "markdownDescription": "The city of a customer\u2019s billing address.", + "title": "BillingCity", + "type": "string" + }, + "BillingCountry": { + "markdownDescription": "The country of a customer\u2019s billing address.", + "title": "BillingCountry", + "type": "string" + }, + "BillingCounty": { + "markdownDescription": "The county of a customer\u2019s billing address.", + "title": "BillingCounty", + "type": "string" + }, + "BillingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s billing address.", + "title": "BillingPostalCode", + "type": "string" + }, + "BillingProvince": { + "markdownDescription": "The province of a customer\u2019s billing address.", + "title": "BillingProvince", + "type": "string" + }, + "BillingState": { + "markdownDescription": "The state of a customer\u2019s billing address.", + "title": "BillingState", + "type": "string" + }, + "BirthDate": { + "markdownDescription": "The customer's birth date.", + "title": "BirthDate", + "type": "string" + }, + "BusinessEmailAddress": { + "markdownDescription": "The customer's business email address.", + "title": "BusinessEmailAddress", + "type": "string" + }, + "BusinessName": { + "markdownDescription": "The name of the customer's business.", + "title": "BusinessName", + "type": "string" + }, + "BusinessPhoneNumber": { + "markdownDescription": "The customer's business phone number.", + "title": "BusinessPhoneNumber", + "type": "string" + }, + "City": { + "markdownDescription": "The city in which a customer lives.", + "title": "City", + "type": "string" + }, + "Country": { + "markdownDescription": "The country in which a customer lives.", + "title": "Country", + "type": "string" + }, + "County": { + "markdownDescription": "The county in which a customer lives.", + "title": "County", + "type": "string" + }, + "Custom": { + "additionalProperties": true, + "markdownDescription": "The custom attributes in customer profile attributes.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", - "type": "array" - } - }, - "required": [ - "FieldToMatch", - "TextTransformations" - ], - "type": "object" - }, - "AWS::WAFv2::WebACL.Statement": { - "additionalProperties": false, - "properties": { - "AndStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.AndStatement", - "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", - "title": "AndStatement" + "title": "Custom", + "type": "object" }, - "ByteMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ByteMatchStatement", - "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", - "title": "ByteMatchStatement" + "EmailAddress": { + "markdownDescription": "The customer's email address, which has not been specified as a personal or business address.", + "title": "EmailAddress", + "type": "string" }, - "GeoMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.GeoMatchStatement", - "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", - "title": "GeoMatchStatement" + "FirstName": { + "markdownDescription": "The customer's first name.", + "title": "FirstName", + "type": "string" }, - "IPSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetReferenceStatement", - "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", - "title": "IPSetReferenceStatement" + "Gender": { + "markdownDescription": "The customer's gender.", + "title": "Gender", + "type": "string" }, - "LabelMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.LabelMatchStatement", - "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", - "title": "LabelMatchStatement" + "HomePhoneNumber": { + "markdownDescription": "The customer's mobile phone number.", + "title": "HomePhoneNumber", + "type": "string" }, - "ManagedRuleGroupStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupStatement", - "markdownDescription": "A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` .\n\nYou cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule.\n\n> You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", - "title": "ManagedRuleGroupStatement" + "LastName": { + "markdownDescription": "The customer's last name.", + "title": "LastName", + "type": "string" }, - "NotStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.NotStatement", - "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", - "title": "NotStatement" + "MailingAddress1": { + "markdownDescription": "The first line of a customer\u2019s mailing address.", + "title": "MailingAddress1", + "type": "string" }, - "OrStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.OrStatement", - "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", - "title": "OrStatement" + "MailingAddress2": { + "markdownDescription": "The second line of a customer\u2019s mailing address.", + "title": "MailingAddress2", + "type": "string" }, - "RateBasedStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatement", - "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", - "title": "RateBasedStatement" + "MailingAddress3": { + "markdownDescription": "The third line of a customer\u2019s mailing address.", + "title": "MailingAddress3", + "type": "string" }, - "RegexMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexMatchStatement", - "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", - "title": "RegexMatchStatement" + "MailingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s mailing address.", + "title": "MailingAddress4", + "type": "string" }, - "RegexPatternSetReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement", - "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", - "title": "RegexPatternSetReferenceStatement" + "MailingCity": { + "markdownDescription": "The city of a customer\u2019s mailing address.", + "title": "MailingCity", + "type": "string" }, - "RuleGroupReferenceStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleGroupReferenceStatement", - "markdownDescription": "A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.\n\nYou cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL.", - "title": "RuleGroupReferenceStatement" + "MailingCountry": { + "markdownDescription": "The country of a customer\u2019s mailing address.", + "title": "MailingCountry", + "type": "string" }, - "SizeConstraintStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SizeConstraintStatement", - "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", - "title": "SizeConstraintStatement" + "MailingCounty": { + "markdownDescription": "The county of a customer\u2019s mailing address.", + "title": "MailingCounty", + "type": "string" }, - "SqliMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.SqliMatchStatement", - "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", - "title": "SqliMatchStatement" + "MailingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s mailing address.", + "title": "MailingPostalCode", + "type": "string" }, - "XssMatchStatement": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.XssMatchStatement", - "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", - "title": "XssMatchStatement" + "MailingProvince": { + "markdownDescription": "The province of a customer\u2019s mailing address.", + "title": "MailingProvince", + "type": "string" + }, + "MailingState": { + "markdownDescription": "The state of a customer\u2019s mailing address.", + "title": "MailingState", + "type": "string" + }, + "MiddleName": { + "markdownDescription": "The customer's middle name.", + "title": "MiddleName", + "type": "string" + }, + "MobilePhoneNumber": { + "markdownDescription": "The customer's mobile phone number.", + "title": "MobilePhoneNumber", + "type": "string" + }, + "PartyType": { + "markdownDescription": "The customer's party type.", + "title": "PartyType", + "type": "string" + }, + "PhoneNumber": { + "markdownDescription": "The customer's phone number, which has not been specified as a mobile, home, or business number.", + "title": "PhoneNumber", + "type": "string" + }, + "PostalCode": { + "markdownDescription": "The postal code of a customer address.", + "title": "PostalCode", + "type": "string" + }, + "ProfileARN": { + "markdownDescription": "The ARN of a customer profile.", + "title": "ProfileARN", + "type": "string" + }, + "ProfileId": { + "markdownDescription": "The unique identifier of a customer profile.", + "title": "ProfileId", + "type": "string" + }, + "Province": { + "markdownDescription": "The province in which a customer lives.", + "title": "Province", + "type": "string" + }, + "ShippingAddress1": { + "markdownDescription": "The first line of a customer\u2019s shipping address.", + "title": "ShippingAddress1", + "type": "string" + }, + "ShippingAddress2": { + "markdownDescription": "The second line of a customer\u2019s shipping address.", + "title": "ShippingAddress2", + "type": "string" + }, + "ShippingAddress3": { + "markdownDescription": "The third line of a customer\u2019s shipping address.", + "title": "ShippingAddress3", + "type": "string" + }, + "ShippingAddress4": { + "markdownDescription": "The fourth line of a customer\u2019s shipping address.", + "title": "ShippingAddress4", + "type": "string" + }, + "ShippingCity": { + "markdownDescription": "The city of a customer\u2019s shipping address.", + "title": "ShippingCity", + "type": "string" + }, + "ShippingCountry": { + "markdownDescription": "The country of a customer\u2019s shipping address.", + "title": "ShippingCountry", + "type": "string" + }, + "ShippingCounty": { + "markdownDescription": "The county of a customer\u2019s shipping address.", + "title": "ShippingCounty", + "type": "string" + }, + "ShippingPostalCode": { + "markdownDescription": "The postal code of a customer\u2019s shipping address.", + "title": "ShippingPostalCode", + "type": "string" + }, + "ShippingProvince": { + "markdownDescription": "The province of a customer\u2019s shipping address.", + "title": "ShippingProvince", + "type": "string" + }, + "ShippingState": { + "markdownDescription": "The state of a customer\u2019s shipping address.", + "title": "ShippingState", + "type": "string" + }, + "State": { + "markdownDescription": "The state in which a customer lives.", + "title": "State", + "type": "string" } }, "type": "object" }, - "AWS::WAFv2::WebACL.TextTransformation": { + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateContent": { "additionalProperties": false, "properties": { - "Priority": { - "markdownDescription": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different.", - "title": "Priority", - "type": "number" + "Body": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateContentBody", + "markdownDescription": "The body to use in email messages.", + "title": "Body" + }, + "Headers": { + "items": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.EmailMessageTemplateHeader" + }, + "markdownDescription": "The email headers to include in email messages.", + "title": "Headers", + "type": "array" }, - "Type": { - "markdownDescription": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* .", - "title": "Type", + "Subject": { + "markdownDescription": "The subject line, or title, to use in email messages.", + "title": "Subject", "type": "string" } }, "required": [ - "Priority", - "Type" + "Body", + "Headers", + "Subject" ], "type": "object" }, - "AWS::WAFv2::WebACL.VisibilityConfig": { + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateContentBody": { "additionalProperties": false, "properties": { - "CloudWatchMetricsEnabled": { - "markdownDescription": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* .", - "title": "CloudWatchMetricsEnabled", - "type": "boolean" + "Html": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", + "title": "Html" }, - "MetricName": { - "markdownDescription": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` .", - "title": "MetricName", + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", + "title": "PlainText" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.EmailMessageTemplateHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the email header.", + "title": "Name", "type": "string" }, - "SampledRequestsEnabled": { - "markdownDescription": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\nIf you configure data protection for the web ACL, the protection applies to the web ACL's sampled web request data.\n\n> Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.", - "title": "SampledRequestsEnabled", - "type": "boolean" + "Value": { + "markdownDescription": "The value of the email header.", + "title": "Value", + "type": "string" } }, - "required": [ - "CloudWatchMetricsEnabled", - "MetricName", - "SampledRequestsEnabled" - ], "type": "object" }, - "AWS::WAFv2::WebACL.XssMatchStatement": { + "AWS::Wisdom::MessageTemplate.GroupingConfiguration": { "additionalProperties": false, "properties": { - "FieldToMatch": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", - "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", - "title": "FieldToMatch" + "Criteria": { + "markdownDescription": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", + "title": "Criteria", + "type": "string" }, - "TextTransformations": { + "Values": { "items": { - "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + "type": "string" }, - "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", - "title": "TextTransformations", + "markdownDescription": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter.", + "title": "Values", "type": "array" } }, "required": [ - "FieldToMatch", - "TextTransformations" + "Criteria", + "Values" ], "type": "object" }, - "AWS::WAFv2::WebACLAssociation": { + "AWS::Wisdom::MessageTemplate.MessageTemplateAttachment": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "AttachmentId": { + "markdownDescription": "The identifier of the attachment file.", + "title": "AttachmentId", "type": "string" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "ResourceArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`\n- For an AWS Amplify instance: `arn: *partition* :amplify: *region* : *account-id* :apps/ *app-id*`", - "title": "ResourceArn", - "type": "string" - }, - "WebACLArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.", - "title": "WebACLArn", - "type": "string" - } - }, - "required": [ - "ResourceArn", - "WebACLArn" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::WAFv2::WebACLAssociation" - ], + "AttachmentName": { + "markdownDescription": "The name of the attachment file being uploaded. The name should include the file extension.", + "title": "AttachmentName", "type": "string" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "S3PresignedUrl": { + "markdownDescription": "The S3 Presigned URL for the attachment file. When generating the PreSignedUrl, please ensure that the expires-in time is set to 30 minutes. The URL can be generated through the AWS Console or through the AWS CLI. For more information, see [Sharing objects with presigned URLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html) .", + "title": "S3PresignedUrl", "type": "string" } }, "required": [ - "Type", - "Properties" + "AttachmentName", + "S3PresignedUrl" ], "type": "object" }, - "AWS::Wisdom::Assistant": { + "AWS::Wisdom::MessageTemplate.MessageTemplateAttributes": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "AgentAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.AgentAttributes", + "markdownDescription": "The agent attributes that are used with the message template.", + "title": "AgentAttributes" }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "Description": { - "markdownDescription": "The description of the assistant.", - "title": "Description", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the assistant.", - "title": "Name", - "type": "string" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration", - "markdownDescription": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) .", - "title": "ServerSideEncryptionConfiguration" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" - }, - "Type": { - "markdownDescription": "The type of assistant.", - "title": "Type", + "CustomAttributes": { + "additionalProperties": true, + "markdownDescription": "The custom attributes that are used with the message template.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { "type": "string" } }, - "required": [ - "Name", - "Type" - ], + "title": "CustomAttributes", "type": "object" }, - "Type": { - "enum": [ - "AWS::Wisdom::Assistant" - ], - "type": "string" + "CustomerProfileAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.CustomerProfileAttributes", + "markdownDescription": "The customer profile attributes that are used with the message template.", + "title": "CustomerProfileAttributes" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "SystemAttributes": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemAttributes", + "markdownDescription": "The system attributes that are used with the message template.", + "title": "SystemAttributes" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider": { + "additionalProperties": false, + "properties": { + "Content": { + "markdownDescription": "The content of the message template.", + "title": "Content", "type": "string" } }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.SmsMessageTemplateContent": { + "additionalProperties": false, + "properties": { + "Body": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SmsMessageTemplateContentBody", + "markdownDescription": "The body to use in SMS messages.", + "title": "Body" + } + }, "required": [ - "Type", - "Properties" + "Body" ], "type": "object" }, - "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { + "AWS::Wisdom::MessageTemplate.SmsMessageTemplateContentBody": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "KmsKeyId", + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.MessageTemplateBodyContentProvider", + "markdownDescription": "The message body to use in SMS messages.", + "title": "PlainText" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplate.SystemAttributes": { + "additionalProperties": false, + "properties": { + "CustomerEndpoint": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemEndpointAttributes", + "markdownDescription": "The CustomerEndpoint attribute.", + "title": "CustomerEndpoint" + }, + "Name": { + "markdownDescription": "The name of the task.", + "title": "Name", "type": "string" + }, + "SystemEndpoint": { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate.SystemEndpointAttributes", + "markdownDescription": "The SystemEndpoint attribute.", + "title": "SystemEndpoint" } }, "type": "object" }, - "AWS::Wisdom::AssistantAssociation": { + "AWS::Wisdom::MessageTemplate.SystemEndpointAttributes": { + "additionalProperties": false, + "properties": { + "Address": { + "markdownDescription": "The customer's phone number if used with `customerEndpoint` , or the number the customer dialed to call your contact center if used with `systemEndpoint` .", + "title": "Address", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Wisdom::MessageTemplateVersion": { "additionalProperties": false, "properties": { "Condition": { @@ -271403,40 +324218,25 @@ "Properties": { "additionalProperties": false, "properties": { - "AssistantId": { - "markdownDescription": "The identifier of the Wisdom assistant.", - "title": "AssistantId", + "MessageTemplateArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the message template.", + "title": "MessageTemplateArn", "type": "string" }, - "Association": { - "$ref": "#/definitions/AWS::Wisdom::AssistantAssociation.AssociationData", - "markdownDescription": "The identifier of the associated resource.", - "title": "Association" - }, - "AssociationType": { - "markdownDescription": "The type of association.", - "title": "AssociationType", + "MessageTemplateContentSha256": { + "markdownDescription": "The content SHA256 of the message template.", + "title": "MessageTemplateContentSha256", "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "The tags used to organize, track, or control access for this resource.", - "title": "Tags", - "type": "array" } }, "required": [ - "AssistantId", - "Association", - "AssociationType" + "MessageTemplateArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::Wisdom::AssistantAssociation" + "AWS::Wisdom::MessageTemplateVersion" ], "type": "string" }, @@ -271455,21 +324255,7 @@ ], "type": "object" }, - "AWS::Wisdom::AssistantAssociation.AssociationData": { - "additionalProperties": false, - "properties": { - "KnowledgeBaseId": { - "markdownDescription": "The identifier of the knowledge base.", - "title": "KnowledgeBaseId", - "type": "string" - } - }, - "required": [ - "KnowledgeBaseId" - ], - "type": "object" - }, - "AWS::Wisdom::KnowledgeBase": { + "AWS::Wisdom::QuickResponse": { "additionalProperties": false, "properties": { "Condition": { @@ -271504,35 +324290,58 @@ "Properties": { "additionalProperties": false, "properties": { + "Channels": { + "items": { + "type": "string" + }, + "markdownDescription": "The Amazon Connect contact channels this quick response applies to. The supported contact channel types include `Chat` .", + "title": "Channels", + "type": "array" + }, + "Content": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The content of the quick response.", + "title": "Content" + }, + "ContentType": { + "markdownDescription": "The media type of the quick response content.\n\n- Use `application/x.quickresponse;format=plain` for quick response written in plain text.\n- Use `application/x.quickresponse;format=markdown` for quick response written in richtext.", + "title": "ContentType", + "type": "string" + }, "Description": { - "markdownDescription": "The description.", + "markdownDescription": "The description of the quick response.", "title": "Description", "type": "string" }, - "KnowledgeBaseType": { - "markdownDescription": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically.", - "title": "KnowledgeBaseType", + "GroupingConfiguration": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.GroupingConfiguration", + "markdownDescription": "The configuration information of the user groups that the quick response is accessible to.", + "title": "GroupingConfiguration" + }, + "IsActive": { + "markdownDescription": "Whether the quick response is active.", + "title": "IsActive", + "type": "boolean" + }, + "KnowledgeBaseArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the knowledge base.", + "title": "KnowledgeBaseArn", + "type": "string" + }, + "Language": { + "markdownDescription": "The language code value for the language in which the quick response is written. The supported language codes include `de_DE` , `en_US` , `es_ES` , `fr_FR` , `id_ID` , `it_IT` , `ja_JP` , `ko_KR` , `pt_BR` , `zh_CN` , `zh_TW`", + "title": "Language", "type": "string" }, "Name": { - "markdownDescription": "The name of the knowledge base.", + "markdownDescription": "The name of the quick response.", "title": "Name", "type": "string" }, - "RenderingConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.RenderingConfiguration", - "markdownDescription": "Information about how to render the content.", - "title": "RenderingConfiguration" - }, - "ServerSideEncryptionConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration", - "markdownDescription": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", - "title": "ServerSideEncryptionConfiguration" - }, - "SourceConfiguration": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SourceConfiguration", - "markdownDescription": "The source of the knowledge base content. Only set this argument for EXTERNAL or Managed knowledge bases.", - "title": "SourceConfiguration" + "ShortcutKey": { + "markdownDescription": "The shortcut key of the quick response. The value should be unique across the knowledge base.", + "title": "ShortcutKey", + "type": "string" }, "Tags": { "items": { @@ -271544,14 +324353,15 @@ } }, "required": [ - "KnowledgeBaseType", + "Content", + "KnowledgeBaseArn", "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::Wisdom::KnowledgeBase" + "AWS::Wisdom::QuickResponse" ], "type": "string" }, @@ -271570,62 +324380,54 @@ ], "type": "object" }, - "AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration": { + "AWS::Wisdom::QuickResponse.GroupingConfiguration": { "additionalProperties": false, "properties": { - "AppIntegrationArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AppIntegrations DataIntegration to use for ingesting content.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` as source fields.\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` as source fields.\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , your AppIntegrations DataIntegration must have an ObjectConfiguration if `objectFields` is not provided, including at least `id` , `title` , `updated_at` , and `draft` as source fields.\n- For [SharePoint](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-net-server-csom-jsom-and-rest-api-index) , your AppIntegrations DataIntegration must have a FileConfiguration, including only file extensions that are among `docx` , `pdf` , `html` , `htm` , and `txt` .\n- For [Amazon S3](https://docs.aws.amazon.com/s3/) , the ObjectConfiguration and FileConfiguration of your AppIntegrations DataIntegration must be null. The `SourceURI` of your DataIntegration must use the following format: `s3://your_s3_bucket_name` .\n\n> The bucket policy of the corresponding S3 bucket must allow the AWS principal `app-integrations.amazonaws.com` to perform `s3:ListBucket` , `s3:GetObject` , and `s3:GetBucketLocation` against the bucket.", - "title": "AppIntegrationArn", + "Criteria": { + "markdownDescription": "The criteria used for grouping Amazon Q in Connect users.\n\nThe following is the list of supported criteria values.\n\n- `RoutingProfileArn` : Grouping the users by their [Amazon Connect routing profile ARN](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) . User should have [SearchRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_SearchRoutingProfiles.html) and [DescribeRoutingProfile](https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeRoutingProfile.html) permissions when setting criteria to this value.", + "title": "Criteria", "type": "string" }, - "ObjectFields": { + "Values": { "items": { "type": "string" }, - "markdownDescription": "The fields from the source that are made available to your agents in Amazon Q in Connect. Optional if ObjectConfiguration is included in the provided DataIntegration.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , you must include at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` .\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , you must include at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` .\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , you must include at least `id` , `title` , `updated_at` , and `draft` .\n\nMake sure to include additional fields. These fields are indexed and used to source recommendations.", - "title": "ObjectFields", + "markdownDescription": "The list of values that define different groups of Amazon Q in Connect users.\n\n- When setting `criteria` to `RoutingProfileArn` , you need to provide a list of ARNs of [Amazon Connect routing profiles](https://docs.aws.amazon.com/connect/latest/APIReference/API_RoutingProfile.html) as values of this parameter.", + "title": "Values", "type": "array" } }, "required": [ - "AppIntegrationArn" + "Criteria", + "Values" ], "type": "object" }, - "AWS::Wisdom::KnowledgeBase.RenderingConfiguration": { - "additionalProperties": false, - "properties": { - "TemplateUri": { - "markdownDescription": "A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following:\n\n- Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted`\n- ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active`\n- Zendesk: `id` , `title` , `updated_at` , or `draft`\n\nThe variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) .", - "title": "TemplateUri", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration": { + "AWS::Wisdom::QuickResponse.QuickResponseContentProvider": { "additionalProperties": false, "properties": { - "KmsKeyId": { - "markdownDescription": "The customer managed key used for encryption.\n\nThis customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom.\n\nFor more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) .", - "title": "KmsKeyId", + "Content": { + "markdownDescription": "The content of the quick response.", + "title": "Content", "type": "string" } }, "type": "object" }, - "AWS::Wisdom::KnowledgeBase.SourceConfiguration": { + "AWS::Wisdom::QuickResponse.QuickResponseContents": { "additionalProperties": false, "properties": { - "AppIntegrations": { - "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration", - "markdownDescription": "Configuration information for Amazon AppIntegrations to automatically ingest content.", - "title": "AppIntegrations" + "Markdown": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The quick response content in markdown format.", + "title": "Markdown" + }, + "PlainText": { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse.QuickResponseContentProvider", + "markdownDescription": "The quick response content in plaintext format.", + "title": "PlainText" } }, - "required": [ - "AppIntegrations" - ], "type": "object" }, "AWS::WorkSpaces::ConnectionAlias": { @@ -271867,6 +324669,165 @@ }, "type": "object" }, + "AWS::WorkSpaces::WorkspacesPool": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ApplicationSettings": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.ApplicationSettings", + "markdownDescription": "The persistent application settings for users of the pool.", + "title": "ApplicationSettings" + }, + "BundleId": { + "markdownDescription": "The identifier of the bundle used by the pool.", + "title": "BundleId", + "type": "string" + }, + "Capacity": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.Capacity", + "markdownDescription": "Describes the user capacity for the pool.", + "title": "Capacity" + }, + "Description": { + "markdownDescription": "The description of the pool.", + "title": "Description", + "type": "string" + }, + "DirectoryId": { + "markdownDescription": "The identifier of the directory used by the pool.", + "title": "DirectoryId", + "type": "string" + }, + "PoolName": { + "markdownDescription": "The name of the pool.", + "title": "PoolName", + "type": "string" + }, + "RunningMode": { + "markdownDescription": "The running mode of the pool.", + "title": "RunningMode", + "type": "string" + }, + "TimeoutSettings": { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool.TimeoutSettings", + "markdownDescription": "The amount of time that a pool session remains active after users disconnect. If they try to reconnect to the pool session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new pool instance.", + "title": "TimeoutSettings" + } + }, + "required": [ + "BundleId", + "Capacity", + "DirectoryId", + "PoolName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpaces::WorkspacesPool" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.ApplicationSettings": { + "additionalProperties": false, + "properties": { + "SettingsGroup": { + "markdownDescription": "The path prefix for the S3 bucket where users\u2019 persistent application settings are stored.", + "title": "SettingsGroup", + "type": "string" + }, + "Status": { + "markdownDescription": "Enables or disables persistent application settings for users during their pool sessions.", + "title": "Status", + "type": "string" + } + }, + "required": [ + "Status" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.Capacity": { + "additionalProperties": false, + "properties": { + "DesiredUserSessions": { + "markdownDescription": "The desired number of user sessions for the WorkSpaces in the pool.", + "title": "DesiredUserSessions", + "type": "number" + } + }, + "required": [ + "DesiredUserSessions" + ], + "type": "object" + }, + "AWS::WorkSpaces::WorkspacesPool.TimeoutSettings": { + "additionalProperties": false, + "properties": { + "DisconnectTimeoutInSeconds": { + "markdownDescription": "Specifies the amount of time, in seconds, that a streaming session remains active after users disconnect. If users try to reconnect to the streaming session after a disconnection or network interruption within the time set, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance.", + "title": "DisconnectTimeoutInSeconds", + "type": "number" + }, + "IdleDisconnectTimeoutInSeconds": { + "markdownDescription": "The amount of time in seconds a connection will stay active while idle.", + "title": "IdleDisconnectTimeoutInSeconds", + "type": "number" + }, + "MaxUserDurationInSeconds": { + "markdownDescription": "Specifies the maximum amount of time, in seconds, that a streaming session can remain active. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.", + "title": "MaxUserDurationInSeconds", + "type": "number" + } + }, + "type": "object" + }, "AWS::WorkSpacesThinClient::Environment": { "additionalProperties": false, "properties": { @@ -271917,6 +324878,14 @@ "title": "DesktopEndpoint", "type": "string" }, + "DeviceCreationTags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs to apply to the newly created devices for this environment.", + "title": "DeviceCreationTags", + "type": "array" + }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service key used to encrypt the environment.", "title": "KmsKeyArn", @@ -272111,6 +325080,235 @@ ], "type": "object" }, + "AWS::WorkSpacesWeb::DataProtectionSettings": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The additional encryption context of the data protection settings.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "CustomerManagedKey": { + "markdownDescription": "The customer managed key used to encrypt sensitive information in the data protection settings.", + "title": "CustomerManagedKey", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the data protection settings.", + "title": "Description", + "type": "string" + }, + "DisplayName": { + "markdownDescription": "The display name of the data protection settings.", + "title": "DisplayName", + "type": "string" + }, + "InlineRedactionConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionConfiguration", + "markdownDescription": "The inline redaction configuration for the data protection settings.", + "title": "InlineRedactionConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags of the data protection settings.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpacesWeb::DataProtectionSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.CustomPattern": { + "additionalProperties": false, + "properties": { + "KeywordRegex": { + "markdownDescription": "The keyword regex for the customer pattern. After there is a match to the pattern regex, the keyword regex is used to search within the proximity of the match. If there is a keyword match, then the match is confirmed. If no keyword regex is provided, the pattern regex match will automatically be confirmed. The format must follow JavaScript regex format. The pattern must be enclosed between slashes, and can have flags behind the second slash. For example, \u201c/ab+c/gi\u201d", + "title": "KeywordRegex", + "type": "string" + }, + "PatternDescription": { + "markdownDescription": "The pattern description for the customer pattern.", + "title": "PatternDescription", + "type": "string" + }, + "PatternName": { + "markdownDescription": "The pattern name for the custom pattern.", + "title": "PatternName", + "type": "string" + }, + "PatternRegex": { + "markdownDescription": "The pattern regex for the customer pattern. The format must follow JavaScript regex format. The pattern must be enclosed between slashes, and can have flags behind the second slash. For example: \u201c/ab+c/gi\u201d.", + "title": "PatternRegex", + "type": "string" + } + }, + "required": [ + "PatternName", + "PatternRegex" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionConfiguration": { + "additionalProperties": false, + "properties": { + "GlobalConfidenceLevel": { + "markdownDescription": "The global confidence level for the inline redaction configuration. This indicates the certainty of data type matches in the redaction process. Confidence level 3 means high confidence, and requires a formatted text pattern match in order for content to be redacted. Confidence level 2 means medium confidence, and redaction considers both formatted and unformatted text, and adds keyword associate to the logic. Confidence level 1 means low confidence, and redaction is enforced for both formatted pattern + unformatted pattern without keyword. This is applied to patterns that do not have a pattern-level confidence level. Defaults to confidence level 2.", + "title": "GlobalConfidenceLevel", + "type": "number" + }, + "GlobalEnforcedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The global enforced URL configuration for the inline redaction configuration. This is applied to patterns that do not have a pattern-level enforced URL list.", + "title": "GlobalEnforcedUrls", + "type": "array" + }, + "GlobalExemptUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The global exempt URL configuration for the inline redaction configuration. This is applied to patterns that do not have a pattern-level exempt URL list.", + "title": "GlobalExemptUrls", + "type": "array" + }, + "InlineRedactionPatterns": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionPattern" + }, + "markdownDescription": "The inline redaction patterns to be enabled for the inline redaction configuration.", + "title": "InlineRedactionPatterns", + "type": "array" + } + }, + "required": [ + "InlineRedactionPatterns" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.InlineRedactionPattern": { + "additionalProperties": false, + "properties": { + "BuiltInPatternId": { + "markdownDescription": "The built-in pattern from the list of preconfigured patterns. Either a customPattern or builtInPatternId is required. To view the entire list of data types and their corresponding built-in pattern IDs, see [Base inline redaction](https://docs.aws.amazon.com/workspaces-web/latest/adminguide/base-inline-redaction.html) .", + "title": "BuiltInPatternId", + "type": "string" + }, + "ConfidenceLevel": { + "markdownDescription": "The confidence level for inline redaction pattern. This indicates the certainty of data type matches in the redaction process. Confidence level 3 means high confidence, and requires a formatted text pattern match in order for content to be redacted. Confidence level 2 means medium confidence, and redaction considers both formatted and unformatted text, and adds keyword associate to the logic. Confidence level 1 means low confidence, and redaction is enforced for both formatted pattern + unformatted pattern without keyword. This overrides the global confidence level.", + "title": "ConfidenceLevel", + "type": "number" + }, + "CustomPattern": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.CustomPattern", + "markdownDescription": "The configuration for a custom pattern. Either a customPattern or builtInPatternId is required.", + "title": "CustomPattern" + }, + "EnforcedUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The enforced URL configuration for the inline redaction pattern. This will override the global enforced URL configuration.", + "title": "EnforcedUrls", + "type": "array" + }, + "ExemptUrls": { + "items": { + "type": "string" + }, + "markdownDescription": "The exempt URL configuration for the inline redaction pattern. This will override the global exempt URL configuration for the inline redaction pattern.", + "title": "ExemptUrls", + "type": "array" + }, + "RedactionPlaceHolder": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings.RedactionPlaceHolder", + "markdownDescription": "The redaction placeholder that will replace the redacted text in session for the inline redaction pattern.", + "title": "RedactionPlaceHolder" + } + }, + "required": [ + "RedactionPlaceHolder" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::DataProtectionSettings.RedactionPlaceHolder": { + "additionalProperties": false, + "properties": { + "RedactionPlaceHolderText": { + "markdownDescription": "The redaction placeholder text that will replace the redacted text in session for the custom text redaction placeholder type.", + "title": "RedactionPlaceHolderText", + "type": "string" + }, + "RedactionPlaceHolderType": { + "markdownDescription": "The redaction placeholder type that will replace the redacted text in session.", + "title": "RedactionPlaceHolderType", + "type": "string" + } + }, + "required": [ + "RedactionPlaceHolderType" + ], + "type": "object" + }, "AWS::WorkSpacesWeb::IdentityProvider": { "additionalProperties": false, "properties": { @@ -272171,6 +325369,14 @@ "markdownDescription": "The ARN of the identity provider.", "title": "PortalArn", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "", + "title": "Tags", + "type": "array" } }, "required": [ @@ -272478,6 +325684,11 @@ "title": "CustomerManagedKey", "type": "string" }, + "DataProtectionSettingsArn": { + "markdownDescription": "The ARN of the data protection settings.", + "title": "DataProtectionSettingsArn", + "type": "string" + }, "DisplayName": { "markdownDescription": "The name of the web portal.", "title": "DisplayName", @@ -272737,83 +325948,422 @@ "Properties": { "additionalProperties": false, "properties": { - "AdditionalEncryptionContext": { - "additionalProperties": true, - "markdownDescription": "The additional encryption context of the user settings.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "AdditionalEncryptionContext", - "type": "object" - }, - "CookieSynchronizationConfiguration": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration", - "markdownDescription": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.", - "title": "CookieSynchronizationConfiguration" - }, - "CopyAllowed": { - "markdownDescription": "Specifies whether the user can copy text from the streaming session to the local device.", - "title": "CopyAllowed", - "type": "string" - }, - "CustomerManagedKey": { - "markdownDescription": "The customer managed key used to encrypt sensitive information in the user settings.", - "title": "CustomerManagedKey", - "type": "string" - }, - "DisconnectTimeoutInMinutes": { - "markdownDescription": "The amount of time that a streaming session remains active after users disconnect.", - "title": "DisconnectTimeoutInMinutes", - "type": "number" - }, - "DownloadAllowed": { - "markdownDescription": "Specifies whether the user can download files from the streaming session to the local device.", - "title": "DownloadAllowed", - "type": "string" - }, - "IdleDisconnectTimeoutInMinutes": { - "markdownDescription": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins.", - "title": "IdleDisconnectTimeoutInMinutes", - "type": "number" - }, - "PasteAllowed": { - "markdownDescription": "Specifies whether the user can paste text from the local device to the streaming session.", - "title": "PasteAllowed", - "type": "string" - }, - "PrintAllowed": { - "markdownDescription": "Specifies whether the user can print to the local device.", - "title": "PrintAllowed", - "type": "string" + "AdditionalEncryptionContext": { + "additionalProperties": true, + "markdownDescription": "The additional encryption context of the user settings.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "AdditionalEncryptionContext", + "type": "object" + }, + "CookieSynchronizationConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration", + "markdownDescription": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.", + "title": "CookieSynchronizationConfiguration" + }, + "CopyAllowed": { + "markdownDescription": "Specifies whether the user can copy text from the streaming session to the local device.", + "title": "CopyAllowed", + "type": "string" + }, + "CustomerManagedKey": { + "markdownDescription": "The customer managed key used to encrypt sensitive information in the user settings.", + "title": "CustomerManagedKey", + "type": "string" + }, + "DeepLinkAllowed": { + "markdownDescription": "Specifies whether the user can use deep links that open automatically when connecting to a session.", + "title": "DeepLinkAllowed", + "type": "string" + }, + "DisconnectTimeoutInMinutes": { + "markdownDescription": "The amount of time that a streaming session remains active after users disconnect.", + "title": "DisconnectTimeoutInMinutes", + "type": "number" + }, + "DownloadAllowed": { + "markdownDescription": "Specifies whether the user can download files from the streaming session to the local device.", + "title": "DownloadAllowed", + "type": "string" + }, + "IdleDisconnectTimeoutInMinutes": { + "markdownDescription": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins.", + "title": "IdleDisconnectTimeoutInMinutes", + "type": "number" + }, + "PasteAllowed": { + "markdownDescription": "Specifies whether the user can paste text from the local device to the streaming session.", + "title": "PasteAllowed", + "type": "string" + }, + "PrintAllowed": { + "markdownDescription": "Specifies whether the user can print to the local device.", + "title": "PrintAllowed", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The tags to add to the user settings resource. A tag is a key-value pair.", + "title": "Tags", + "type": "array" + }, + "ToolbarConfiguration": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.ToolbarConfiguration", + "markdownDescription": "The configuration of the toolbar. This allows administrators to select the toolbar type and visual mode, set maximum display resolution for sessions, and choose which items are visible to end users during their sessions. If administrators do not modify these settings, end users retain control over their toolbar preferences.", + "title": "ToolbarConfiguration" + }, + "UploadAllowed": { + "markdownDescription": "Specifies whether the user can upload files from the local device to the streaming session.", + "title": "UploadAllowed", + "type": "string" + } + }, + "required": [ + "CopyAllowed", + "DownloadAllowed", + "PasteAllowed", + "PrintAllowed", + "UploadAllowed" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkSpacesWeb::UserSettings" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.CookieSpecification": { + "additionalProperties": false, + "properties": { + "Domain": { + "markdownDescription": "The domain of the cookie.", + "title": "Domain", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the cookie.", + "title": "Name", + "type": "string" + }, + "Path": { + "markdownDescription": "The path of the cookie.", + "title": "Path", + "type": "string" + } + }, + "required": [ + "Domain" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration": { + "additionalProperties": false, + "properties": { + "Allowlist": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + }, + "markdownDescription": "The list of cookie specifications that are allowed to be synchronized to the remote browser.", + "title": "Allowlist", + "type": "array" + }, + "Blocklist": { + "items": { + "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + }, + "markdownDescription": "The list of cookie specifications that are blocked from being synchronized to the remote browser.", + "title": "Blocklist", + "type": "array" + } + }, + "required": [ + "Allowlist" + ], + "type": "object" + }, + "AWS::WorkSpacesWeb::UserSettings.ToolbarConfiguration": { + "additionalProperties": false, + "properties": { + "HiddenToolbarItems": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of toolbar items to be hidden.", + "title": "HiddenToolbarItems", + "type": "array" + }, + "MaxDisplayResolution": { + "markdownDescription": "The maximum display resolution that is allowed for the session.", + "title": "MaxDisplayResolution", + "type": "string" + }, + "ToolbarType": { + "markdownDescription": "The type of toolbar displayed during the session.", + "title": "ToolbarType", + "type": "string" + }, + "VisualMode": { + "markdownDescription": "The visual mode of the toolbar.", + "title": "VisualMode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::Volume": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "Encrypted": { + "type": "boolean" + }, + "Iops": { + "type": "number" + }, + "KmsKeyId": { + "type": "string" + }, + "SizeInGB": { + "type": "number" + }, + "SnapshotId": { + "type": "string" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::Volume.TagSpecification" + }, + "type": "array" + }, + "Throughput": { + "type": "number" + }, + "VolumeType": { + "type": "string" + } + }, + "required": [ + "AvailabilityZone" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkspacesInstances::Volume" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkspacesInstances::Volume.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::VolumeAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Device": { + "type": "string" + }, + "DisassociateMode": { + "type": "string" + }, + "VolumeId": { + "type": "string" + }, + "WorkspaceInstanceId": { + "type": "string" + } + }, + "required": [ + "Device", + "VolumeId", + "WorkspaceInstanceId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::WorkspacesInstances::VolumeAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ManagedInstance": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.ManagedInstance" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The tags to add to the user settings resource. A tag is a key-value pair.", - "title": "Tags", "type": "array" - }, - "UploadAllowed": { - "markdownDescription": "Specifies whether the user can upload files from the local device to the streaming session.", - "title": "UploadAllowed", - "type": "string" } }, - "required": [ - "CopyAllowed", - "DownloadAllowed", - "PasteAllowed", - "PrintAllowed", - "UploadAllowed" - ], "type": "object" }, "Type": { "enum": [ - "AWS::WorkSpacesWeb::UserSettings" + "AWS::WorkspacesInstances::WorkspaceInstance" ], "type": "string" }, @@ -272827,60 +326377,302 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, - "AWS::WorkSpacesWeb::UserSettings.CookieSpecification": { + "AWS::WorkspacesInstances::WorkspaceInstance.BlockDeviceMapping": { "additionalProperties": false, "properties": { - "Domain": { - "markdownDescription": "The domain of the cookie.", - "title": "Domain", + "DeviceName": { + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.EbsBlockDevice" + }, + "NoDevice": { "type": "string" }, + "VirtualName": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.CpuOptionsRequest": { + "additionalProperties": false, + "properties": { + "CoreCount": { + "type": "number" + }, + "ThreadsPerCore": { + "type": "number" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.CreditSpecificationRequest": { + "additionalProperties": false, + "properties": { + "CpuCredits": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EC2ManagedInstance": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EbsBlockDevice": { + "additionalProperties": false, + "properties": { + "Encrypted": { + "type": "boolean" + }, + "Iops": { + "type": "number" + }, + "KmsKeyId": { + "type": "string" + }, + "Throughput": { + "type": "number" + }, + "VolumeSize": { + "type": "number" + }, + "VolumeType": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.EnclaveOptionsRequest": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.HibernationOptionsRequest": { + "additionalProperties": false, + "properties": { + "Configured": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.IamInstanceProfileSpecification": { + "additionalProperties": false, + "properties": { "Name": { - "markdownDescription": "The name of the cookie.", - "title": "Name", + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMaintenanceOptionsRequest": { + "additionalProperties": false, + "properties": { + "AutoRecovery": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMetadataOptionsRequest": { + "additionalProperties": false, + "properties": { + "HttpEndpoint": { "type": "string" }, - "Path": { - "markdownDescription": "The path of the cookie.", - "title": "Path", + "HttpProtocolIpv6": { + "type": "string" + }, + "HttpPutResponseHopLimit": { + "type": "number" + }, + "HttpTokens": { + "type": "string" + }, + "InstanceMetadataTags": { "type": "string" } }, - "required": [ - "Domain" - ], "type": "object" }, - "AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration": { + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkInterfaceSpecification": { "additionalProperties": false, "properties": { - "Allowlist": { + "Description": { + "type": "string" + }, + "DeviceIndex": { + "type": "number" + }, + "Groups": { "items": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + "type": "string" }, - "markdownDescription": "The list of cookie specifications that are allowed to be synchronized to the remote browser.", - "title": "Allowlist", "type": "array" }, - "Blocklist": { + "SubnetId": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkPerformanceOptionsRequest": { + "additionalProperties": false, + "properties": { + "BandwidthWeighting": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.ManagedInstance": { + "additionalProperties": false, + "properties": { + "BlockDeviceMappings": { "items": { - "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.BlockDeviceMapping" }, - "markdownDescription": "The list of cookie specifications that are blocked from being synchronized to the remote browser.", - "title": "Blocklist", "type": "array" + }, + "CpuOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.CpuOptionsRequest" + }, + "CreditSpecification": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.CreditSpecificationRequest" + }, + "DisableApiStop": { + "type": "boolean" + }, + "EbsOptimized": { + "type": "boolean" + }, + "EnclaveOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.EnclaveOptionsRequest" + }, + "HibernationOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.HibernationOptionsRequest" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.IamInstanceProfileSpecification" + }, + "ImageId": { + "type": "string" + }, + "InstanceType": { + "type": "string" + }, + "KeyName": { + "type": "string" + }, + "MaintenanceOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceMaintenanceOptionsRequest" + }, + "MetadataOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceMetadataOptionsRequest" + }, + "Monitoring": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.RunInstancesMonitoringEnabled" + }, + "NetworkInterfaces": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkInterfaceSpecification" + }, + "type": "array" + }, + "NetworkPerformanceOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceNetworkPerformanceOptionsRequest" + }, + "Placement": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.PrivateDnsNameOptionsRequest" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.TagSpecification" + }, + "type": "array" + }, + "UserData": { + "type": "string" } }, "required": [ - "Allowlist" + "ImageId", + "InstanceType" ], "type": "object" }, + "AWS::WorkspacesInstances::WorkspaceInstance.Placement": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "GroupName": { + "type": "string" + }, + "Tenancy": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.PrivateDnsNameOptionsRequest": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "type": "boolean" + }, + "HostnameType": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.RunInstancesMonitoringEnabled": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "AWS::WorkspacesInstances::WorkspaceInstance.TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::XRay::Group": { "additionalProperties": false, "properties": { @@ -273219,6 +327011,69 @@ ], "type": "object" }, + "AWS::XRay::TransactionSearchConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "IndexingPercentage": { + "markdownDescription": "", + "title": "IndexingPercentage", + "type": "number" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::XRay::TransactionSearchConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "Alexa::ASK::Skill": { "additionalProperties": false, "properties": { @@ -273577,6 +327432,9 @@ { "$ref": "#/definitions/AWS::ACMPCA::Permission" }, + { + "$ref": "#/definitions/AWS::AIOps::InvestigationGroup" + }, { "$ref": "#/definitions/AWS::APS::RuleGroupsNamespace" }, @@ -273586,6 +327444,9 @@ { "$ref": "#/definitions/AWS::APS::Workspace" }, + { + "$ref": "#/definitions/AWS::ARCZonalShift::AutoshiftObserverNotificationStatus" + }, { "$ref": "#/definitions/AWS::ARCZonalShift::ZonalAutoshiftConfiguration" }, @@ -273631,6 +327492,9 @@ { "$ref": "#/definitions/AWS::ApiGateway::BasePathMapping" }, + { + "$ref": "#/definitions/AWS::ApiGateway::BasePathMappingV2" + }, { "$ref": "#/definitions/AWS::ApiGateway::ClientCertificate" }, @@ -273646,6 +327510,12 @@ { "$ref": "#/definitions/AWS::ApiGateway::DomainName" }, + { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameAccessAssociation" + }, + { + "$ref": "#/definitions/AWS::ApiGateway::DomainNameV2" + }, { "$ref": "#/definitions/AWS::ApiGateway::GatewayResponse" }, @@ -273709,6 +327579,9 @@ { "$ref": "#/definitions/AWS::ApiGatewayV2::RouteResponse" }, + { + "$ref": "#/definitions/AWS::ApiGatewayV2::RoutingRule" + }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Stage" }, @@ -273832,12 +327705,18 @@ { "$ref": "#/definitions/AWS::AppStream::User" }, + { + "$ref": "#/definitions/AWS::AppSync::Api" + }, { "$ref": "#/definitions/AWS::AppSync::ApiCache" }, { "$ref": "#/definitions/AWS::AppSync::ApiKey" }, + { + "$ref": "#/definitions/AWS::AppSync::ChannelNamespace" + }, { "$ref": "#/definitions/AWS::AppSync::DataSource" }, @@ -273862,6 +327741,9 @@ { "$ref": "#/definitions/AWS::AppSync::SourceApiAssociation" }, + { + "$ref": "#/definitions/AWS::AppTest::TestCase" + }, { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget" }, @@ -273871,6 +327753,12 @@ { "$ref": "#/definitions/AWS::ApplicationInsights::Application" }, + { + "$ref": "#/definitions/AWS::ApplicationSignals::Discovery" + }, + { + "$ref": "#/definitions/AWS::ApplicationSignals::ServiceLevelObjective" + }, { "$ref": "#/definitions/AWS::Athena::CapacityReservation" }, @@ -273937,6 +327825,9 @@ { "$ref": "#/definitions/AWS::Backup::Framework" }, + { + "$ref": "#/definitions/AWS::Backup::LogicallyAirGappedBackupVault" + }, { "$ref": "#/definitions/AWS::Backup::ReportPlan" }, @@ -273952,6 +327843,9 @@ { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment" }, + { + "$ref": "#/definitions/AWS::Batch::ConsumableResource" + }, { "$ref": "#/definitions/AWS::Batch::JobDefinition" }, @@ -273967,15 +327861,48 @@ { "$ref": "#/definitions/AWS::Bedrock::AgentAlias" }, + { + "$ref": "#/definitions/AWS::Bedrock::ApplicationInferenceProfile" + }, + { + "$ref": "#/definitions/AWS::Bedrock::Blueprint" + }, + { + "$ref": "#/definitions/AWS::Bedrock::DataAutomationProject" + }, { "$ref": "#/definitions/AWS::Bedrock::DataSource" }, + { + "$ref": "#/definitions/AWS::Bedrock::Flow" + }, + { + "$ref": "#/definitions/AWS::Bedrock::FlowAlias" + }, + { + "$ref": "#/definitions/AWS::Bedrock::FlowVersion" + }, { "$ref": "#/definitions/AWS::Bedrock::Guardrail" }, + { + "$ref": "#/definitions/AWS::Bedrock::GuardrailVersion" + }, + { + "$ref": "#/definitions/AWS::Bedrock::IntelligentPromptRouter" + }, { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase" }, + { + "$ref": "#/definitions/AWS::Bedrock::Prompt" + }, + { + "$ref": "#/definitions/AWS::Bedrock::PromptVersion" + }, + { + "$ref": "#/definitions/AWS::Billing::BillingView" + }, { "$ref": "#/definitions/AWS::BillingConductor::BillingGroup" }, @@ -274012,12 +327939,18 @@ { "$ref": "#/definitions/AWS::Cassandra::Table" }, + { + "$ref": "#/definitions/AWS::Cassandra::Type" + }, { "$ref": "#/definitions/AWS::CertificateManager::Account" }, { "$ref": "#/definitions/AWS::CertificateManager::Certificate" }, + { + "$ref": "#/definitions/AWS::Chatbot::CustomAction" + }, { "$ref": "#/definitions/AWS::Chatbot::MicrosoftTeamsChannelConfiguration" }, @@ -274036,6 +327969,12 @@ { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation" }, + { + "$ref": "#/definitions/AWS::CleanRooms::IdMappingTable" + }, + { + "$ref": "#/definitions/AWS::CleanRooms::IdNamespaceAssociation" + }, { "$ref": "#/definitions/AWS::CleanRooms::Membership" }, @@ -274051,6 +327990,9 @@ { "$ref": "#/definitions/AWS::CloudFormation::CustomResource" }, + { + "$ref": "#/definitions/AWS::CloudFormation::GuardHook" + }, { "$ref": "#/definitions/AWS::CloudFormation::HookDefaultVersion" }, @@ -274060,6 +328002,9 @@ { "$ref": "#/definitions/AWS::CloudFormation::HookVersion" }, + { + "$ref": "#/definitions/AWS::CloudFormation::LambdaHook" + }, { "$ref": "#/definitions/AWS::CloudFormation::Macro" }, @@ -274096,18 +328041,27 @@ { "$ref": "#/definitions/AWS::CloudFormation::WaitConditionHandle" }, + { + "$ref": "#/definitions/AWS::CloudFront::AnycastIpList" + }, { "$ref": "#/definitions/AWS::CloudFront::CachePolicy" }, { "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity" }, + { + "$ref": "#/definitions/AWS::CloudFront::ConnectionGroup" + }, { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy" }, { "$ref": "#/definitions/AWS::CloudFront::Distribution" }, + { + "$ref": "#/definitions/AWS::CloudFront::DistributionTenant" + }, { "$ref": "#/definitions/AWS::CloudFront::Function" }, @@ -274138,9 +328092,15 @@ { "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution" }, + { + "$ref": "#/definitions/AWS::CloudFront::VpcOrigin" + }, { "$ref": "#/definitions/AWS::CloudTrail::Channel" }, + { + "$ref": "#/definitions/AWS::CloudTrail::Dashboard" + }, { "$ref": "#/definitions/AWS::CloudTrail::EventDataStore" }, @@ -274246,6 +328206,9 @@ { "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration" }, + { + "$ref": "#/definitions/AWS::Cognito::ManagedLoginBranding" + }, { "$ref": "#/definitions/AWS::Cognito::UserPool" }, @@ -274312,6 +328275,9 @@ { "$ref": "#/definitions/AWS::Config::StoredQuery" }, + { + "$ref": "#/definitions/AWS::Connect::AgentStatus" + }, { "$ref": "#/definitions/AWS::Connect::ApprovedOrigin" }, @@ -274321,6 +328287,12 @@ { "$ref": "#/definitions/AWS::Connect::ContactFlowModule" }, + { + "$ref": "#/definitions/AWS::Connect::ContactFlowVersion" + }, + { + "$ref": "#/definitions/AWS::Connect::EmailAddress" + }, { "$ref": "#/definitions/AWS::Connect::EvaluationForm" }, @@ -274375,6 +328347,9 @@ { "$ref": "#/definitions/AWS::Connect::UserHierarchyGroup" }, + { + "$ref": "#/definitions/AWS::Connect::UserHierarchyStructure" + }, { "$ref": "#/definitions/AWS::Connect::View" }, @@ -274384,6 +328359,9 @@ { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign" }, + { + "$ref": "#/definitions/AWS::ConnectCampaignsV2::Campaign" + }, { "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline" }, @@ -274402,12 +328380,18 @@ { "$ref": "#/definitions/AWS::CustomerProfiles::EventStream" }, + { + "$ref": "#/definitions/AWS::CustomerProfiles::EventTrigger" + }, { "$ref": "#/definitions/AWS::CustomerProfiles::Integration" }, { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType" }, + { + "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition" + }, { "$ref": "#/definitions/AWS::DAX::Cluster" }, @@ -274423,6 +328407,9 @@ { "$ref": "#/definitions/AWS::DMS::Certificate" }, + { + "$ref": "#/definitions/AWS::DMS::DataMigration" + }, { "$ref": "#/definitions/AWS::DMS::DataProvider" }, @@ -274450,6 +328437,9 @@ { "$ref": "#/definitions/AWS::DMS::ReplicationTask" }, + { + "$ref": "#/definitions/AWS::DSQL::Cluster" + }, { "$ref": "#/definitions/AWS::DataBrew::Dataset" }, @@ -274508,10 +328498,10 @@ "$ref": "#/definitions/AWS::DataSync::LocationSMB" }, { - "$ref": "#/definitions/AWS::DataSync::StorageSystem" + "$ref": "#/definitions/AWS::DataSync::Task" }, { - "$ref": "#/definitions/AWS::DataSync::Task" + "$ref": "#/definitions/AWS::DataZone::Connection" }, { "$ref": "#/definitions/AWS::DataZone::DataSource" @@ -274519,21 +328509,42 @@ { "$ref": "#/definitions/AWS::DataZone::Domain" }, + { + "$ref": "#/definitions/AWS::DataZone::DomainUnit" + }, { "$ref": "#/definitions/AWS::DataZone::Environment" }, + { + "$ref": "#/definitions/AWS::DataZone::EnvironmentActions" + }, { "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration" }, { "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile" }, + { + "$ref": "#/definitions/AWS::DataZone::GroupProfile" + }, + { + "$ref": "#/definitions/AWS::DataZone::Owner" + }, { "$ref": "#/definitions/AWS::DataZone::Project" }, + { + "$ref": "#/definitions/AWS::DataZone::ProjectMembership" + }, + { + "$ref": "#/definitions/AWS::DataZone::ProjectProfile" + }, { "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget" }, + { + "$ref": "#/definitions/AWS::DataZone::UserProfile" + }, { "$ref": "#/definitions/AWS::Deadline::Farm" }, @@ -274543,9 +328554,15 @@ { "$ref": "#/definitions/AWS::Deadline::LicenseEndpoint" }, + { + "$ref": "#/definitions/AWS::Deadline::Limit" + }, { "$ref": "#/definitions/AWS::Deadline::MeteredProduct" }, + { + "$ref": "#/definitions/AWS::Deadline::Monitor" + }, { "$ref": "#/definitions/AWS::Deadline::Queue" }, @@ -274555,6 +328572,9 @@ { "$ref": "#/definitions/AWS::Deadline::QueueFleetAssociation" }, + { + "$ref": "#/definitions/AWS::Deadline::QueueLimitAssociation" + }, { "$ref": "#/definitions/AWS::Deadline::StorageProfile" }, @@ -274747,6 +328767,21 @@ { "$ref": "#/definitions/AWS::EC2::Route" }, + { + "$ref": "#/definitions/AWS::EC2::RouteServer" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerAssociation" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerEndpoint" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerPeer" + }, + { + "$ref": "#/definitions/AWS::EC2::RouteServerPropagation" + }, { "$ref": "#/definitions/AWS::EC2::RouteTable" }, @@ -274759,6 +328794,9 @@ { "$ref": "#/definitions/AWS::EC2::SecurityGroupIngress" }, + { + "$ref": "#/definitions/AWS::EC2::SecurityGroupVpcAssociation" + }, { "$ref": "#/definitions/AWS::EC2::SnapshotBlockPublicAccess" }, @@ -274831,6 +328869,12 @@ { "$ref": "#/definitions/AWS::EC2::VPC" }, + { + "$ref": "#/definitions/AWS::EC2::VPCBlockPublicAccessExclusion" + }, + { + "$ref": "#/definitions/AWS::EC2::VPCBlockPublicAccessOptions" + }, { "$ref": "#/definitions/AWS::EC2::VPCCidrBlock" }, @@ -274894,6 +328938,9 @@ { "$ref": "#/definitions/AWS::ECR::RegistryPolicy" }, + { + "$ref": "#/definitions/AWS::ECR::RegistryScanningConfiguration" + }, { "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration" }, @@ -274984,6 +329031,9 @@ { "$ref": "#/definitions/AWS::EMRServerless::Application" }, + { + "$ref": "#/definitions/AWS::EVS::Environment" + }, { "$ref": "#/definitions/AWS::ElastiCache::CacheCluster" }, @@ -275137,6 +329187,9 @@ { "$ref": "#/definitions/AWS::FSx::FileSystem" }, + { + "$ref": "#/definitions/AWS::FSx::S3AccessPointAttachment" + }, { "$ref": "#/definitions/AWS::FSx::Snapshot" }, @@ -275182,6 +329235,9 @@ { "$ref": "#/definitions/AWS::GameLift::Build" }, + { + "$ref": "#/definitions/AWS::GameLift::ContainerFleet" + }, { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition" }, @@ -275275,6 +329331,9 @@ { "$ref": "#/definitions/AWS::Glue::Trigger" }, + { + "$ref": "#/definitions/AWS::Glue::UsageProfile" + }, { "$ref": "#/definitions/AWS::Glue::Workflow" }, @@ -275353,12 +329412,18 @@ { "$ref": "#/definitions/AWS::GuardDuty::IPSet" }, + { + "$ref": "#/definitions/AWS::GuardDuty::MalwareProtectionPlan" + }, { "$ref": "#/definitions/AWS::GuardDuty::Master" }, { "$ref": "#/definitions/AWS::GuardDuty::Member" }, + { + "$ref": "#/definitions/AWS::GuardDuty::PublishingDestination" + }, { "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet" }, @@ -275422,12 +329487,18 @@ { "$ref": "#/definitions/AWS::IVS::EncoderConfiguration" }, + { + "$ref": "#/definitions/AWS::IVS::IngestConfiguration" + }, { "$ref": "#/definitions/AWS::IVS::PlaybackKeyPair" }, { "$ref": "#/definitions/AWS::IVS::PlaybackRestrictionPolicy" }, + { + "$ref": "#/definitions/AWS::IVS::PublicKey" + }, { "$ref": "#/definitions/AWS::IVS::RecordingConfiguration" }, @@ -275498,13 +329569,7 @@ "$ref": "#/definitions/AWS::InternetMonitor::Monitor" }, { - "$ref": "#/definitions/AWS::IoT1Click::Device" - }, - { - "$ref": "#/definitions/AWS::IoT1Click::Placement" - }, - { - "$ref": "#/definitions/AWS::IoT1Click::Project" + "$ref": "#/definitions/AWS::Invoicing::InvoiceUnit" }, { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration" @@ -275524,6 +329589,9 @@ { "$ref": "#/definitions/AWS::IoT::CertificateProvider" }, + { + "$ref": "#/definitions/AWS::IoT::Command" + }, { "$ref": "#/definitions/AWS::IoT::CustomMetric" }, @@ -275632,6 +329700,9 @@ { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog" }, + { + "$ref": "#/definitions/AWS::IoTFleetWise::StateTemplate" + }, { "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle" }, @@ -275647,6 +329718,9 @@ { "$ref": "#/definitions/AWS::IoTSiteWise::Dashboard" }, + { + "$ref": "#/definitions/AWS::IoTSiteWise::Dataset" + }, { "$ref": "#/definitions/AWS::IoTSiteWise::Gateway" }, @@ -275737,6 +329811,9 @@ { "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan" }, + { + "$ref": "#/definitions/AWS::Kinesis::ResourcePolicy" + }, { "$ref": "#/definitions/AWS::Kinesis::Stream" }, @@ -275824,6 +329901,9 @@ { "$ref": "#/definitions/AWS::Lambda::Version" }, + { + "$ref": "#/definitions/AWS::LaunchWizard::Deployment" + }, { "$ref": "#/definitions/AWS::Lex::Bot" }, @@ -275866,6 +329946,9 @@ { "$ref": "#/definitions/AWS::Lightsail::Instance" }, + { + "$ref": "#/definitions/AWS::Lightsail::InstanceSnapshot" + }, { "$ref": "#/definitions/AWS::Lightsail::LoadBalancer" }, @@ -275911,6 +329994,9 @@ { "$ref": "#/definitions/AWS::Logs::Destination" }, + { + "$ref": "#/definitions/AWS::Logs::Integration" + }, { "$ref": "#/definitions/AWS::Logs::LogAnomalyDetector" }, @@ -275932,6 +330018,9 @@ { "$ref": "#/definitions/AWS::Logs::SubscriptionFilter" }, + { + "$ref": "#/definitions/AWS::Logs::Transformer" + }, { "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler" }, @@ -275947,9 +330036,18 @@ { "$ref": "#/definitions/AWS::M2::Application" }, + { + "$ref": "#/definitions/AWS::M2::Deployment" + }, { "$ref": "#/definitions/AWS::M2::Environment" }, + { + "$ref": "#/definitions/AWS::MPA::ApprovalTeam" + }, + { + "$ref": "#/definitions/AWS::MPA::IdentitySource" + }, { "$ref": "#/definitions/AWS::MSK::BatchScramSecret" }, @@ -276034,6 +330132,24 @@ { "$ref": "#/definitions/AWS::MediaLive::Channel" }, + { + "$ref": "#/definitions/AWS::MediaLive::ChannelPlacementGroup" + }, + { + "$ref": "#/definitions/AWS::MediaLive::CloudWatchAlarmTemplate" + }, + { + "$ref": "#/definitions/AWS::MediaLive::CloudWatchAlarmTemplateGroup" + }, + { + "$ref": "#/definitions/AWS::MediaLive::Cluster" + }, + { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplate" + }, + { + "$ref": "#/definitions/AWS::MediaLive::EventBridgeRuleTemplateGroup" + }, { "$ref": "#/definitions/AWS::MediaLive::Input" }, @@ -276046,6 +330162,15 @@ { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram" }, + { + "$ref": "#/definitions/AWS::MediaLive::Network" + }, + { + "$ref": "#/definitions/AWS::MediaLive::SdiSource" + }, + { + "$ref": "#/definitions/AWS::MediaLive::SignalMap" + }, { "$ref": "#/definitions/AWS::MediaPackage::Asset" }, @@ -276103,6 +330228,9 @@ { "$ref": "#/definitions/AWS::MemoryDB::Cluster" }, + { + "$ref": "#/definitions/AWS::MemoryDB::MultiRegionCluster" + }, { "$ref": "#/definitions/AWS::MemoryDB::ParameterGroup" }, @@ -276127,6 +330255,9 @@ { "$ref": "#/definitions/AWS::Neptune::DBSubnetGroup" }, + { + "$ref": "#/definitions/AWS::Neptune::EventSubscription" + }, { "$ref": "#/definitions/AWS::NeptuneGraph::Graph" }, @@ -276148,6 +330279,9 @@ { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration" }, + { + "$ref": "#/definitions/AWS::NetworkFirewall::VpcEndpointAssociation" + }, { "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment" }, @@ -276163,6 +330297,9 @@ { "$ref": "#/definitions/AWS::NetworkManager::Device" }, + { + "$ref": "#/definitions/AWS::NetworkManager::DirectConnectGatewayAttachment" + }, { "$ref": "#/definitions/AWS::NetworkManager::GlobalNetwork" }, @@ -276191,16 +330328,37 @@ "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment" }, { - "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile" + "$ref": "#/definitions/AWS::Notifications::ChannelAssociation" + }, + { + "$ref": "#/definitions/AWS::Notifications::EventRule" }, { - "$ref": "#/definitions/AWS::NimbleStudio::StreamingImage" + "$ref": "#/definitions/AWS::Notifications::ManagedNotificationAccountContactAssociation" }, { - "$ref": "#/definitions/AWS::NimbleStudio::Studio" + "$ref": "#/definitions/AWS::Notifications::ManagedNotificationAdditionalChannelAssociation" }, { - "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent" + "$ref": "#/definitions/AWS::Notifications::NotificationConfiguration" + }, + { + "$ref": "#/definitions/AWS::Notifications::NotificationHub" + }, + { + "$ref": "#/definitions/AWS::NotificationsContacts::EmailContact" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudAutonomousVmCluster" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudExadataInfrastructure" + }, + { + "$ref": "#/definitions/AWS::ODB::CloudVmCluster" + }, + { + "$ref": "#/definitions/AWS::ODB::OdbNetwork" }, { "$ref": "#/definitions/AWS::OSIS::Pipeline" @@ -276229,12 +330387,18 @@ { "$ref": "#/definitions/AWS::Omics::Workflow" }, + { + "$ref": "#/definitions/AWS::Omics::WorkflowVersion" + }, { "$ref": "#/definitions/AWS::OpenSearchServerless::AccessPolicy" }, { "$ref": "#/definitions/AWS::OpenSearchServerless::Collection" }, + { + "$ref": "#/definitions/AWS::OpenSearchServerless::Index" + }, { "$ref": "#/definitions/AWS::OpenSearchServerless::LifecyclePolicy" }, @@ -276247,6 +330411,9 @@ { "$ref": "#/definitions/AWS::OpenSearchServerless::VpcEndpoint" }, + { + "$ref": "#/definitions/AWS::OpenSearchService::Application" + }, { "$ref": "#/definitions/AWS::OpenSearchService::Domain" }, @@ -276304,6 +330471,21 @@ { "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" }, + { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Challenge" + }, + { + "$ref": "#/definitions/AWS::PCAConnectorSCEP::Connector" + }, + { + "$ref": "#/definitions/AWS::PCS::Cluster" + }, + { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup" + }, + { + "$ref": "#/definitions/AWS::PCS::Queue" + }, { "$ref": "#/definitions/AWS::Panorama::ApplicationInstance" }, @@ -276412,6 +330594,30 @@ { "$ref": "#/definitions/AWS::Proton::ServiceTemplate" }, + { + "$ref": "#/definitions/AWS::QBusiness::Application" + }, + { + "$ref": "#/definitions/AWS::QBusiness::DataAccessor" + }, + { + "$ref": "#/definitions/AWS::QBusiness::DataSource" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Index" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Permission" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Plugin" + }, + { + "$ref": "#/definitions/AWS::QBusiness::Retriever" + }, + { + "$ref": "#/definitions/AWS::QBusiness::WebExperience" + }, { "$ref": "#/definitions/AWS::QLDB::Ledger" }, @@ -276421,6 +330627,9 @@ { "$ref": "#/definitions/AWS::QuickSight::Analysis" }, + { + "$ref": "#/definitions/AWS::QuickSight::CustomPermissions" + }, { "$ref": "#/definitions/AWS::QuickSight::Dashboard" }, @@ -276430,6 +330639,9 @@ { "$ref": "#/definitions/AWS::QuickSight::DataSource" }, + { + "$ref": "#/definitions/AWS::QuickSight::Folder" + }, { "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule" }, @@ -276481,6 +330693,9 @@ { "$ref": "#/definitions/AWS::RDS::DBSecurityGroupIngress" }, + { + "$ref": "#/definitions/AWS::RDS::DBShardGroup" + }, { "$ref": "#/definitions/AWS::RDS::DBSubnetGroup" }, @@ -276499,6 +330714,9 @@ { "$ref": "#/definitions/AWS::RUM::AppMonitor" }, + { + "$ref": "#/definitions/AWS::Rbin::Rule" + }, { "$ref": "#/definitions/AWS::Redshift::Cluster" }, @@ -276523,12 +330741,18 @@ { "$ref": "#/definitions/AWS::Redshift::EventSubscription" }, + { + "$ref": "#/definitions/AWS::Redshift::Integration" + }, { "$ref": "#/definitions/AWS::Redshift::ScheduledAction" }, { "$ref": "#/definitions/AWS::RedshiftServerless::Namespace" }, + { + "$ref": "#/definitions/AWS::RedshiftServerless::Snapshot" + }, { "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup" }, @@ -276571,6 +330795,9 @@ { "$ref": "#/definitions/AWS::ResourceGroups::Group" }, + { + "$ref": "#/definitions/AWS::ResourceGroups::TagSyncTask" + }, { "$ref": "#/definitions/AWS::RoboMaker::Fleet" }, @@ -276715,6 +330942,9 @@ { "$ref": "#/definitions/AWS::S3::StorageLensGroup" }, + { + "$ref": "#/definitions/AWS::S3Express::AccessPoint" + }, { "$ref": "#/definitions/AWS::S3Express::BucketPolicy" }, @@ -276739,6 +330969,21 @@ { "$ref": "#/definitions/AWS::S3Outposts::Endpoint" }, + { + "$ref": "#/definitions/AWS::S3Tables::Namespace" + }, + { + "$ref": "#/definitions/AWS::S3Tables::Table" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TableBucket" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TableBucketPolicy" + }, + { + "$ref": "#/definitions/AWS::S3Tables::TablePolicy" + }, { "$ref": "#/definitions/AWS::SDB::Domain" }, @@ -276757,6 +331002,30 @@ { "$ref": "#/definitions/AWS::SES::EmailIdentity" }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddonInstance" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddonSubscription" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerAddressList" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerArchive" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerIngressPoint" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerRelay" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerRuleSet" + }, + { + "$ref": "#/definitions/AWS::SES::MailManagerTrafficPolicy" + }, { "$ref": "#/definitions/AWS::SES::ReceiptFilter" }, @@ -276832,15 +331101,30 @@ { "$ref": "#/definitions/AWS::SSMContacts::Rotation" }, + { + "$ref": "#/definitions/AWS::SSMGuiConnect::Preferences" + }, { "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet" }, { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan" }, + { + "$ref": "#/definitions/AWS::SSMQuickSetup::ConfigurationManager" + }, + { + "$ref": "#/definitions/AWS::SSO::Application" + }, + { + "$ref": "#/definitions/AWS::SSO::ApplicationAssignment" + }, { "$ref": "#/definitions/AWS::SSO::Assignment" }, + { + "$ref": "#/definitions/AWS::SSO::Instance" + }, { "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration" }, @@ -276853,6 +331137,9 @@ { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig" }, + { + "$ref": "#/definitions/AWS::SageMaker::Cluster" + }, { "$ref": "#/definitions/AWS::SageMaker::CodeRepository" }, @@ -276889,6 +331176,9 @@ { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment" }, + { + "$ref": "#/definitions/AWS::SageMaker::MlflowTrackingServer" + }, { "$ref": "#/definitions/AWS::SageMaker::Model" }, @@ -276919,6 +331209,9 @@ { "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig" }, + { + "$ref": "#/definitions/AWS::SageMaker::PartnerApp" + }, { "$ref": "#/definitions/AWS::SageMaker::Pipeline" }, @@ -276928,6 +331221,9 @@ { "$ref": "#/definitions/AWS::SageMaker::Space" }, + { + "$ref": "#/definitions/AWS::SageMaker::StudioLifecycleConfig" + }, { "$ref": "#/definitions/AWS::SageMaker::UserProfile" }, @@ -276952,21 +331248,45 @@ { "$ref": "#/definitions/AWS::SecretsManager::SecretTargetAttachment" }, + { + "$ref": "#/definitions/AWS::SecurityHub::AggregatorV2" + }, { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule" }, + { + "$ref": "#/definitions/AWS::SecurityHub::AutomationRuleV2" + }, + { + "$ref": "#/definitions/AWS::SecurityHub::ConfigurationPolicy" + }, { "$ref": "#/definitions/AWS::SecurityHub::DelegatedAdmin" }, + { + "$ref": "#/definitions/AWS::SecurityHub::FindingAggregator" + }, { "$ref": "#/definitions/AWS::SecurityHub::Hub" }, + { + "$ref": "#/definitions/AWS::SecurityHub::HubV2" + }, { "$ref": "#/definitions/AWS::SecurityHub::Insight" }, + { + "$ref": "#/definitions/AWS::SecurityHub::OrganizationConfiguration" + }, + { + "$ref": "#/definitions/AWS::SecurityHub::PolicyAssociation" + }, { "$ref": "#/definitions/AWS::SecurityHub::ProductSubscription" }, + { + "$ref": "#/definitions/AWS::SecurityHub::SecurityControl" + }, { "$ref": "#/definitions/AWS::SecurityHub::Standard" }, @@ -276979,6 +331299,9 @@ { "$ref": "#/definitions/AWS::SecurityLake::Subscriber" }, + { + "$ref": "#/definitions/AWS::SecurityLake::SubscriberNotification" + }, { "$ref": "#/definitions/AWS::ServiceCatalog::AcceptedPortfolioShare" }, @@ -277135,6 +331458,9 @@ { "$ref": "#/definitions/AWS::Transfer::User" }, + { + "$ref": "#/definitions/AWS::Transfer::WebApp" + }, { "$ref": "#/definitions/AWS::Transfer::Workflow" }, @@ -277162,6 +331488,12 @@ { "$ref": "#/definitions/AWS::VpcLattice::Listener" }, + { + "$ref": "#/definitions/AWS::VpcLattice::ResourceConfiguration" + }, + { + "$ref": "#/definitions/AWS::VpcLattice::ResourceGateway" + }, { "$ref": "#/definitions/AWS::VpcLattice::ResourcePolicy" }, @@ -277174,6 +331506,9 @@ { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetwork" }, + { + "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkResourceAssociation" + }, { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation" }, @@ -277255,6 +331590,24 @@ { "$ref": "#/definitions/AWS::WAFv2::WebACLAssociation" }, + { + "$ref": "#/definitions/AWS::Wisdom::AIAgent" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIAgentVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrail" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIGuardrailVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIPrompt" + }, + { + "$ref": "#/definitions/AWS::Wisdom::AIPromptVersion" + }, { "$ref": "#/definitions/AWS::Wisdom::Assistant" }, @@ -277264,18 +331617,33 @@ { "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase" }, + { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplate" + }, + { + "$ref": "#/definitions/AWS::Wisdom::MessageTemplateVersion" + }, + { + "$ref": "#/definitions/AWS::Wisdom::QuickResponse" + }, { "$ref": "#/definitions/AWS::WorkSpaces::ConnectionAlias" }, { "$ref": "#/definitions/AWS::WorkSpaces::Workspace" }, + { + "$ref": "#/definitions/AWS::WorkSpaces::WorkspacesPool" + }, { "$ref": "#/definitions/AWS::WorkSpacesThinClient::Environment" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::BrowserSettings" }, + { + "$ref": "#/definitions/AWS::WorkSpacesWeb::DataProtectionSettings" + }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::IdentityProvider" }, @@ -277297,6 +331665,15 @@ { "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings" }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::Volume" + }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::VolumeAssociation" + }, + { + "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance" + }, { "$ref": "#/definitions/AWS::XRay::Group" }, @@ -277306,6 +331683,9 @@ { "$ref": "#/definitions/AWS::XRay::SamplingRule" }, + { + "$ref": "#/definitions/AWS::XRay::TransactionSearchConfig" + }, { "$ref": "#/definitions/Alexa::ASK::Skill" },